@djangocfg/api 2.1.463 → 2.1.465

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/auth.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/auth/index.ts","../src/auth/constants.ts","../src/auth/context/AuthContext.tsx","../src/_api/generated/helpers/errors.ts","../src/_api/generated/helpers/auth.ts","../src/_api/generated/helpers/logger.ts","../src/auth/utils/env.ts","../src/log-control.ts","../src/auth/hooks/useSession.ts","../src/auth/hooks/useCfgRouter.ts","../src/auth/hooks/useQueryParams.ts","../src/auth/hooks/useAuthFormState.ts","../src/auth/hooks/useAuthValidation.ts","../src/auth/hooks/useAuthForm.ts","../src/auth/utils/logger.ts","../src/auth/hooks/useAutoAuth.ts","../src/auth/utils/path.ts","../src/auth/hooks/useTwoFactorVerify.ts","../src/_api/generated/core/bodySerializer.gen.ts","../src/_api/generated/core/params.gen.ts","../src/_api/generated/core/serverSentEvents.gen.ts","../src/_api/generated/core/pathSerializer.gen.ts","../src/_api/generated/core/utils.gen.ts","../src/_api/generated/core/auth.gen.ts","../src/_api/generated/client/utils.gen.ts","../src/_api/generated/client/client.gen.ts","../src/_api/generated/client.gen.ts","../src/_api/generated/sdk.gen.ts","../src/auth/utils/analytics.ts","../src/auth/hooks/useSessionStorage.ts","../src/auth/hooks/useAuthRedirect.ts","../src/auth/hooks/twoFactor.shared.ts","../src/auth/hooks/useGithubAuth.ts","../src/auth/hooks/useTwoFactorSetup.ts","../src/auth/hooks/useTwoFactorStatus.ts","../src/auth/hooks/useTwoFactor.ts","../src/auth/hooks/useLocalStorage.ts","../src/auth/hooks/useBase64.ts","../src/auth/hooks/useProfileCache.ts","../src/auth/hooks/useDeleteAccount.ts","../src/auth/context/AccountsContext.tsx","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsApiKeyRegenerateCreate.ts","../src/_api/generated/_cfg_accounts/schemas/APIKeyRegenerate.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsApiKeyRetrieve.ts","../src/_api/generated/_cfg_accounts/schemas/APIKey.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsApiKeyRevealCreate.ts","../src/_api/generated/_cfg_accounts/schemas/APIKeyReveal.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsApiKeyTestCreate.ts","../src/_api/generated/_cfg_accounts/schemas/APIKeyTestResult.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsOauthConnectionsList.ts","../src/_api/generated/_cfg_accounts/schemas/cfg_accounts_oauth_connections_response_200_AutoRef.ts","../src/_api/generated/_cfg_accounts/schemas/OAuthConnection.ts","../src/_api/generated/_cfg_accounts/schemas/OAuthProviderEnum.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsOauthDisconnectCreate.ts","../src/_api/generated/_cfg_accounts/schemas/cfg_accounts_oauth_disconnect_response_200_AutoRef.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsOauthGithubAuthorizeCreate.ts","../src/_api/generated/_cfg_accounts/schemas/OAuthAuthorizeResponse.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsOauthGithubCallbackCreate.ts","../src/_api/generated/_cfg_accounts/schemas/OAuthTokenResponse.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsOauthProvidersRetrieve.ts","../src/_api/generated/_cfg_accounts/schemas/OAuthProvidersResponse.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsOtpRequestCreate.ts","../src/_api/generated/_cfg_accounts/schemas/OTPRequestResponse.ts","../src/_api/generated/_cfg_accounts/schemas/WebmailLink.ts","../src/_api/generated/_cfg_accounts/schemas/WebmailLinkProviderEnum.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsOtpVerifyCreate.ts","../src/_api/generated/_cfg_accounts/schemas/OTPVerifyResponse.ts","../src/_api/generated/_cfg_accounts/schemas/User.ts","../src/_api/generated/_cfg_accounts/schemas/CentrifugoToken.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsProfileAvatarCreate.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsProfileDeleteCreate.ts","../src/_api/generated/_cfg_accounts/schemas/AccountDeleteResponse.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsProfilePartialPartialUpdate.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsProfilePartialUpdate.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsProfileRetrieve.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsProfileUpdatePartialUpdate.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsProfileUpdateUpdate.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsTokenBlacklistCreate.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsTokenRefreshCreate.ts","../src/_api/generated/_cfg_accounts/schemas/TokenRefresh.ts","../src/_api/generated/_cfg_accounts/schemas/APIKeyRequest.ts","../src/_api/generated/_cfg_accounts/schemas/APIKeyTestRequest.ts","../src/_api/generated/_cfg_accounts/schemas/CfgUserUpdateRequest.ts","../src/_api/generated/_cfg_accounts/schemas/OAuthAuthorizeRequestRequest.ts","../src/_api/generated/_cfg_accounts/schemas/OAuthCallbackRequestRequest.ts","../src/_api/generated/_cfg_accounts/schemas/OAuthDisconnectRequestRequest.ts","../src/_api/generated/_cfg_accounts/schemas/OAuthError.ts","../src/_api/generated/_cfg_accounts/schemas/OTPErrorResponse.ts","../src/_api/generated/_cfg_accounts/schemas/OTPRequestRequest.ts","../src/_api/generated/_cfg_accounts/schemas/OTPVerifyRequest.ts","../src/_api/generated/_cfg_accounts/schemas/PatchedCfgUserUpdateRequest.ts","../src/_api/generated/_cfg_accounts/schemas/TokenBlacklistRequest.ts","../src/_api/generated/_cfg_accounts/schemas/TokenRefreshRequest.ts","../src/auth/utils/validation.ts","../src/auth/utils/errors.ts","../src/auth/utils/guard.ts"],"sourcesContent":["/**\n * @djangocfg/api/auth\n *\n * Authentication module with contexts, hooks and utilities.\n * Use this entry point in client components.\n *\n * @example\n * ```tsx\n * 'use client';\n * import { AuthProvider, useAuth } from '@djangocfg/api/auth';\n *\n * export function MyApp({ children }) {\n * return (\n * <AuthProvider>\n * {children}\n * </AuthProvider>\n * );\n * }\n *\n * export function Profile() {\n * const { user, logout } = useAuth();\n * return <div>{user?.email}</div>;\n * }\n * ```\n */\n\n// Constants\nexport * from './constants';\n\n// Contexts\nexport * from './context';\n\n// Hooks\nexport * from './hooks';\n\n// Types (single source of truth)\nexport * from './types';\n\n// Utils (validation, errors, analytics)\nexport * from './utils';\n","/**\n * Auth-related constants shared across the frontend.\n * Single source of truth — do not redefine these elsewhere.\n */\n\nexport const AUTH_CONSTANTS = {\n /** Email OTP code length (numeric). */\n EMAIL_OTP_LENGTH: 4,\n /** TOTP code length (RFC 6238 — authenticator apps). */\n TOTP_LENGTH: 6,\n /** Backup code max length. */\n BACKUP_CODE_MAX_LENGTH: 12,\n} as const;\n\n// Route conventions are NOT exported here on purpose. The '/auth' and '/'\n// defaults are applied in exactly one place — AuthProvider's route resolution\n// — and every consumer reads the resolved values from `useAuth().routes`.\n// Exporting route constants invites components to default to them directly,\n// which silently diverges from an app's AuthConfig.routes override.\n","'use client';\n\n/**\n * AuthProvider — thin React layer over the generated auth store.\n *\n * Architecture rule (auth v2): the generated store (`_api/generated/helpers/auth`)\n * is the ONLY auth engine. It owns tokens, JWT-exp semantics, the reactive\n * session snapshot, 401→refresh→retry recovery (cross-store Web-Locks), and\n * the terminal-401 `onSessionExpired` event. React only:\n * 1. subscribes to the snapshot (`useSyncExternalStore`),\n * 2. loads the user profile when a session exists,\n * 3. routes to login when the store says the session died,\n * 4. exposes login/logout actions.\n *\n * Everything that used to live here — authTick, expiry timers, four parallel\n * 401 handlers, presence-vs-exp token checks — is the store's job now.\n */\n\nimport { usePathname } from 'next/navigation';\nimport React, {\n createContext,\n memo,\n useCallback,\n useContext,\n useEffect,\n useMemo,\n useRef,\n useState,\n} from 'react';\n\nimport { auth } from '../../_api/generated/helpers/auth';\nimport { APIError } from '../../_api/generated/helpers';\nimport { applyRoleLogPolicy } from '../../log-control';\nimport { useCfgRouter, useLocalStorage, useQueryParams, useSession } from '../hooks';\nimport { clearProfileCache } from '../hooks/useProfileCache';\nimport { useAuthRedirectManager } from '../hooks/useAuthRedirect';\nimport { Analytics, AnalyticsCategory, AnalyticsEvent } from '../utils/analytics';\nimport { isDev, isBrowser } from '../utils/env';\nimport { authLogger } from '../utils/logger';\nimport { AccountsProvider, useAccountsContext } from './AccountsContext';\n\nimport type { AuthContextType, AuthProviderProps, UserProfile } from './types';\nimport type { OTPRequestResult } from '../types';\n\n// The ONLY place route conventions are declared. '/auth' is the sign-in page\n// convention; the framework has no opinion about where an app's \"home\" is, so\n// the callback default is the site root. Apps override via AuthConfig.routes;\n// everything downstream reads the RESOLVED values from `useAuth().routes`.\nconst defaultRoutes = {\n auth: '/auth',\n defaultCallback: '/',\n defaultAuthCallback: '/auth',\n};\n\n/** Resolve AuthConfig.routes against the conventions — applied exactly once. */\nexport const resolveAuthRoutes = (\n routes?: { auth?: string; defaultCallback?: string; defaultAuthCallback?: string },\n) => ({\n auth: routes?.auth || defaultRoutes.auth,\n defaultCallback: routes?.defaultCallback || defaultRoutes.defaultCallback,\n defaultAuthCallback: routes?.defaultAuthCallback || routes?.auth || defaultRoutes.defaultAuthCallback,\n});\n\nconst EMAIL_STORAGE_KEY = 'auth_email';\n\nconst AuthContext = createContext<AuthContextType | undefined>(undefined);\n\n/** Extract a user-facing message from an APIError response body. */\nconst apiErrorMessage = (error: APIError): string => {\n const body = error.response as\n | { error?: string; detail?: string; message?: string }\n | undefined;\n return body?.error || body?.detail || body?.message || error.errorMessage;\n};\n\nconst AuthProviderInternal: React.FC<AuthProviderProps> = ({ children, config }) => {\n const accounts = useAccountsContext();\n const session = useSession();\n const isAuthenticated = session.status === 'authenticated';\n\n const router = useCfgRouter();\n const pathname = usePathname();\n const queryParams = useQueryParams();\n const [storedEmail, setStoredEmail, clearStoredEmail] = useLocalStorage<string | null>(\n EMAIL_STORAGE_KEY,\n null,\n );\n\n // Resolved once; every consumer below (and, via context, every component)\n // reads these — never the raw config and never a module constant.\n const routes = useMemo(() => resolveAuthRoutes(config?.routes), [config?.routes]);\n const routesRef = useRef(routes);\n useEffect(() => {\n routesRef.current = routes;\n }, [routes]);\n\n const redirectManager = useAuthRedirectManager({\n fallbackUrl: routes.defaultCallback,\n clearOnUse: true,\n });\n\n const configRef = useRef(config);\n useEffect(() => {\n configRef.current = config;\n }, [config]);\n\n const accountsRef = useRef(accounts);\n useEffect(() => {\n accountsRef.current = accounts;\n }, [accounts]);\n\n // Set when a login flow opts out of automatic navigation (verifyOTP with\n // skipRedirect — the AuthLayout success screen owns the final hardPush,\n // including through a 2FA continuation). While set, the \"redirect\n // authenticated users away from /auth\" effect must stand down, otherwise it\n // races the success screen and eats the saved back-url.\n const pendingManualNavRef = useRef(false);\n\n // ── Bootstrap: settle the profile for the current session ─────────────────\n // The session itself needs no async bootstrap — the store answers\n // synchronously from token `exp`. The only async part is the profile fetch,\n // and it re-runs automatically when a session appears later (e.g. iframe\n // token delivery via postMessage → setSession → snapshot flips).\n const [profileSettled, setProfileSettled] = useState(false);\n const hasProfile = Boolean(accounts.profile);\n const profileAttemptedRef = useRef(false);\n\n useEffect(() => {\n if (!isAuthenticated) {\n profileAttemptedRef.current = false;\n // Dead tokens may still sit in storage (access AND refresh both\n // expired). Purge so the login form shows instantly instead of the app\n // firing doomed API calls — the automated \"clear localStorage and the\n // form appears\".\n //\n // CRITICAL: ask the STORE synchronously, never trust the React snapshot\n // here. During hydration useSyncExternalStore serves the SERVER snapshot\n // ('anonymous') for one commit even when perfectly live tokens sit in\n // storage — purging on that stale value nuked fresh logins (user typed\n // OTP → tokens saved → hardPush → hydration commit saw 'anonymous' →\n // tokens cleared → bounced back to /auth).\n const hasTokens = Boolean(auth.getToken() || auth.getRefreshToken());\n if (hasTokens && !auth.isAuthenticated()) {\n authLogger.warn('Dead session in storage — clearing');\n auth.clearSession();\n clearProfileCache();\n }\n setProfileSettled(true);\n return;\n }\n if (hasProfile || profileAttemptedRef.current) {\n setProfileSettled(true);\n return;\n }\n profileAttemptedRef.current = true;\n let cancelled = false;\n accountsRef.current\n .refreshProfile({ callerId: 'AuthProvider:bootstrap' })\n .catch((error: unknown) => {\n // A terminal 401 collapses the session via the store's\n // onSessionExpired funnel below. Anything else (network, 5xx) keeps\n // the session — the user can retry.\n authLogger.warn('Profile load failed (session kept):', error);\n })\n .finally(() => {\n if (!cancelled) setProfileSettled(true);\n });\n return () => {\n cancelled = true;\n };\n }, [isAuthenticated, hasProfile]);\n\n const isLoading = !profileSettled;\n\n // ── The ONE exit: terminal 401 → login ─────────────────────────────────────\n // The store has already cleared the session before this fires (subscribers\n // flipped to 'anonymous'), so the handler only routes. Registration returns\n // its own unsubscribe — StrictMode double-mounts compose instead of racing.\n const expiredHandledRef = useRef(false);\n useEffect(() => {\n const unsubscribe = auth.onSessionExpired(() => {\n if (expiredHandledRef.current) return;\n expiredHandledRef.current = true;\n authLogger.warn('Session expired (terminal 401) — redirecting to login');\n clearProfileCache();\n Analytics.event(AnalyticsEvent.AUTH_SESSION_EXPIRED, {\n category: AnalyticsCategory.AUTH,\n });\n router.hardReplace(routesRef.current.defaultAuthCallback);\n });\n return unsubscribe;\n }, [router]);\n\n // ── Redirect authenticated users away from the auth page ──────────────────\n // Stands down while a login flow on this page owns navigation (success\n // screen / 2FA continuation — see pendingManualNavRef). When it does fire\n // (an already-authenticated user landing on /auth), it honors the saved\n // back-url with the same priority rule as every other consumer.\n useEffect(() => {\n if (!isAuthenticated || pendingManualNavRef.current) return;\n if (pathname === routes.auth && !queryParams.get('flow')) {\n const saved = redirectManager.hasRedirect() ? redirectManager.getRedirect() : null;\n if (saved) redirectManager.clearRedirect();\n router.push(saved || routes.defaultCallback);\n }\n }, [isAuthenticated, pathname, queryParams, routes, router, redirectManager]);\n\n // ── Profile actions (delegated to AccountsContext) ─────────────────────────\n\n const loadCurrentProfile = useCallback(async (callerId?: string): Promise<void> => {\n if (!auth.isAuthenticated()) {\n throw new Error('No valid authentication token');\n }\n await accountsRef.current.refreshProfile({\n callerId: callerId || 'AuthContext.loadCurrentProfile',\n });\n }, []);\n\n const checkAuthAndRedirect = useCallback(async (): Promise<void> => {\n if (auth.isAuthenticated()) {\n try {\n await loadCurrentProfile('checkAuthAndRedirect');\n } catch (error) {\n authLogger.warn('checkAuthAndRedirect: profile load failed', error);\n }\n router.push(routesRef.current.defaultCallback);\n } else {\n router.push(routesRef.current.defaultAuthCallback);\n }\n }, [loadCurrentProfile, router]);\n\n // ── OTP login flow ─────────────────────────────────────────────────────────\n\n const requestOTP = useCallback(\n async (identifier: string, sourceUrl?: string): Promise<OTPRequestResult> => {\n // A login attempt invalidates whatever session was lying around.\n auth.clearSession();\n\n try {\n const result = await accountsRef.current.requestOTP({\n identifier,\n source_url: sourceUrl,\n });\n\n Analytics.event(AnalyticsEvent.AUTH_OTP_REQUEST, {\n category: AnalyticsCategory.AUTH,\n label: 'email',\n });\n\n return {\n success: true,\n message: result.message || 'OTP code sent to your email address',\n webmail: result.webmail ?? null,\n };\n } catch (error) {\n authLogger.error('Request OTP error:', error);\n\n if (error instanceof APIError) {\n const body = error.response as\n | { retry_after?: number; retryAfter?: number }\n | undefined;\n const retryAfter = body?.retry_after ?? body?.retryAfter;\n return {\n success: false,\n statusCode: error.statusCode,\n message: apiErrorMessage(error),\n retryAfter: typeof retryAfter === 'number' ? retryAfter : undefined,\n };\n }\n return { success: false, message: 'Failed to send OTP' };\n }\n },\n [],\n );\n\n const verifyOTP = useCallback(\n async (\n identifier: string,\n otpCode: string,\n sourceUrl?: string,\n redirectUrl?: string,\n skipRedirect?: boolean,\n ): Promise<{\n success: boolean;\n message: string;\n user?: UserProfile;\n requires_2fa?: boolean;\n session_id?: string | null;\n should_prompt_2fa?: boolean;\n }> => {\n try {\n // The caller opting out of redirect commits to handling ALL navigation\n // for this login — including the 2FA continuation and success screen.\n pendingManualNavRef.current = Boolean(skipRedirect);\n\n const result = await accountsRef.current.verifyOTP({\n identifier,\n otp: otpCode,\n source_url: sourceUrl,\n });\n\n if (result.requires_2fa && result.session_id) {\n authLogger.info('2FA required, session:', result.session_id);\n return {\n success: true,\n message: 'OTP verified, 2FA required',\n requires_2fa: true,\n session_id: result.session_id,\n should_prompt_2fa: result.should_prompt_2fa,\n };\n }\n\n if (!result.access || !result.refresh) {\n authLogger.error('Verify OTP returned invalid response:', result);\n return { success: false, message: 'Invalid OTP verification response' };\n }\n\n if (identifier.includes('@')) {\n setStoredEmail(identifier);\n }\n\n Analytics.event(AnalyticsEvent.AUTH_LOGIN_SUCCESS, {\n category: AnalyticsCategory.AUTH,\n label: 'email',\n });\n if (result.user?.id) {\n Analytics.setUser(String(result.user.id));\n }\n\n if (!skipRedirect) {\n // Priority: saved back-url (per-visit intent from the guard) >\n // explicit redirectUrl (static app default) > config default.\n // hardPush = full page load so every context reinitializes cleanly.\n const saved = redirectManager.hasRedirect() ? redirectManager.getRedirect() : null;\n if (saved) redirectManager.clearRedirect();\n const finalRedirectUrl = saved || redirectUrl || routesRef.current.defaultCallback;\n authLogger.info('Redirecting after auth to:', finalRedirectUrl);\n router.hardPush(finalRedirectUrl);\n }\n\n return {\n success: true,\n message: 'Login successful',\n user: result.user as UserProfile,\n should_prompt_2fa: result.should_prompt_2fa,\n };\n } catch (error) {\n authLogger.error('Verify OTP error:', error);\n Analytics.event(AnalyticsEvent.AUTH_OTP_VERIFY_FAIL, {\n category: AnalyticsCategory.AUTH,\n label: 'email',\n });\n if (error instanceof APIError) {\n return { success: false, message: apiErrorMessage(error) };\n }\n return { success: false, message: 'Failed to verify OTP' };\n }\n },\n [setStoredEmail, redirectManager, router],\n );\n\n // ── Session actions ────────────────────────────────────────────────────────\n\n const refreshToken = useCallback(async (): Promise<{ success: boolean; message: string }> => {\n // Same single-flight + Web-Locks path as the 401 interceptor — rotation,\n // dedup and rotated-token persistence come for free.\n const access = await auth.refreshNow();\n if (access) {\n Analytics.event(AnalyticsEvent.AUTH_TOKEN_REFRESH, {\n category: AnalyticsCategory.AUTH,\n });\n return { success: true, message: 'Token refreshed' };\n }\n Analytics.event(AnalyticsEvent.AUTH_TOKEN_REFRESH_FAIL, {\n category: AnalyticsCategory.AUTH,\n });\n return { success: false, message: 'Error refreshing token' };\n }, []);\n\n const logout = useCallback((): void => {\n Analytics.event(AnalyticsEvent.AUTH_LOGOUT, {\n category: AnalyticsCategory.AUTH,\n });\n accountsRef.current.logout(); // clears session + profile + cache\n // hardReplace = full reload + history replace, so contexts reinitialize\n // and Back doesn't return to a protected page.\n router.hardReplace(routesRef.current.defaultAuthCallback);\n }, [router]);\n\n // ── Derived state ──────────────────────────────────────────────────────────\n\n const user = (accounts.profile as UserProfile | undefined) ?? null;\n const isAdminUser = Boolean(user?.is_staff || user?.is_superuser);\n\n // Role-aware console verbosity: admins (and dev) get debug logs, regular\n // users in production get a clean console.\n useEffect(() => {\n applyRoleLogPolicy({ isAdmin: isAdminUser });\n }, [isAdminUser]);\n\n const updateProfile = useCallback(\n async (data: {\n first_name?: string;\n last_name?: string;\n username?: string;\n }): Promise<UserProfile> => {\n const result = await accountsRef.current.partialUpdateProfile(data);\n return result as UserProfile;\n },\n [],\n );\n\n const uploadAvatar = useCallback(async (avatar: File | Blob): Promise<UserProfile> => {\n const result = await accountsRef.current.uploadAvatar(avatar);\n return result as UserProfile;\n }, []);\n\n const value = useMemo<AuthContextType>(\n () => ({\n user,\n isLoading,\n // Reactive: flips via the store snapshot (token writes, refreshes,\n // expiry timer, cross-tab/cross-store sync) — no ticks, no polling.\n isAuthenticated,\n isAdminUser,\n routes,\n loadCurrentProfile,\n checkAuthAndRedirect,\n getToken: () => auth.getToken(),\n getRefreshToken: () => auth.getRefreshToken(),\n getSavedEmail: () => storedEmail,\n saveEmail: setStoredEmail,\n clearSavedEmail: clearStoredEmail,\n requestOTP,\n verifyOTP,\n refreshToken,\n logout,\n saveRedirectUrl: redirectManager.setRedirect,\n getRedirectUrl: redirectManager.getFinalRedirectUrl,\n clearRedirectUrl: redirectManager.clearRedirect,\n hasRedirectUrl: redirectManager.hasRedirect,\n updateProfile,\n uploadAvatar,\n }),\n [\n user,\n isLoading,\n isAuthenticated,\n isAdminUser,\n routes,\n loadCurrentProfile,\n checkAuthAndRedirect,\n storedEmail,\n setStoredEmail,\n clearStoredEmail,\n requestOTP,\n verifyOTP,\n refreshToken,\n logout,\n redirectManager,\n updateProfile,\n uploadAvatar,\n ],\n );\n\n return <AuthContext.Provider value={value}>{children}</AuthContext.Provider>;\n};\n\n/**\n * AuthProvider — wraps AccountsProvider + AuthProviderInternal.\n *\n * Memoised: re-renders only when `config` reference or `children` change.\n */\nfunction AuthProviderRaw({ children, config, enabled = true }: AuthProviderProps) {\n if (!enabled) return <>{children}</>;\n return (\n <AccountsProvider>\n <AuthProviderInternal config={config}>{children}</AuthProviderInternal>\n </AccountsProvider>\n );\n}\n\nexport const AuthProvider = memo(AuthProviderRaw);\n\n/**\n * Default auth state for SSR/outside provider.\n * Safe defaults that read as \"not authenticated, not loading\".\n */\nconst defaultAuthState: AuthContextType = {\n user: null,\n isLoading: false,\n isAuthenticated: false,\n isAdminUser: false,\n routes: resolveAuthRoutes(),\n loadCurrentProfile: async () => {\n authLogger.warn('useAuth: loadCurrentProfile called outside AuthProvider');\n },\n checkAuthAndRedirect: async () => {\n authLogger.warn('useAuth: checkAuthAndRedirect called outside AuthProvider');\n },\n getToken: () => null,\n getRefreshToken: () => null,\n getSavedEmail: () => null,\n saveEmail: () => {\n authLogger.warn('useAuth: saveEmail called outside AuthProvider');\n },\n clearSavedEmail: () => {},\n requestOTP: async () => {\n authLogger.warn('useAuth: requestOTP called outside AuthProvider');\n return { success: false, message: 'AuthProvider not available' };\n },\n verifyOTP: async () => {\n authLogger.warn('useAuth: verifyOTP called outside AuthProvider');\n return { success: false, message: 'AuthProvider not available' };\n },\n refreshToken: async () => {\n authLogger.warn('useAuth: refreshToken called outside AuthProvider');\n return { success: false, message: 'AuthProvider not available' };\n },\n logout: () => {\n authLogger.warn('useAuth: logout called outside AuthProvider');\n },\n saveRedirectUrl: () => {},\n getRedirectUrl: () => '',\n clearRedirectUrl: () => {},\n hasRedirectUrl: () => false,\n updateProfile: async () => {\n authLogger.warn('useAuth: updateProfile called outside AuthProvider');\n return {} as UserProfile;\n },\n uploadAvatar: async () => {\n authLogger.warn('useAuth: uploadAvatar called outside AuthProvider');\n return {} as UserProfile;\n },\n};\n\n/**\n * Hook to access auth context.\n *\n * SSR-safe: returns default unauthenticated state when called outside\n * AuthProvider (e.g. during static page generation).\n */\nexport const useAuth = (): AuthContextType => {\n const context = useContext(AuthContext);\n if (context === undefined) {\n if (isBrowser && isDev) {\n authLogger.debug('useAuth called outside AuthProvider, returning default state');\n }\n return defaultAuthState;\n }\n return context;\n};\n\nexport default AuthContext;\n","// AUTO-GENERATED by django_generator / ts_extras.wrapper\n// Typed error classes with DRF field-error support.\n// DO NOT EDIT — re-run `make gen`.\n\n/**\n * HTTP API Error with DRF field-specific validation errors.\n */\nexport class APIError extends Error {\n constructor(\n public statusCode: number,\n public statusText: string,\n public response: any,\n public url: string,\n message?: string,\n ) {\n super(message || `HTTP ${statusCode}: ${statusText}`);\n this.name = \"APIError\";\n }\n\n get details(): Record<string, any> | null {\n if (typeof this.response === \"object\" && this.response !== null) {\n return this.response;\n }\n return null;\n }\n\n get fieldErrors(): Record<string, string[]> | null {\n const details = this.details;\n if (!details) return null;\n const fieldErrors: Record<string, string[]> = {};\n for (const [key, value] of Object.entries(details)) {\n if (Array.isArray(value)) fieldErrors[key] = value;\n }\n return Object.keys(fieldErrors).length > 0 ? fieldErrors : null;\n }\n\n get errorMessage(): string {\n const details = this.details;\n if (!details) return this.message;\n if (details.detail) {\n return Array.isArray(details.detail) ? details.detail.join(\", \") : String(details.detail);\n }\n if (details.error) return String(details.error);\n if (details.message) return String(details.message);\n const fieldErrors = this.fieldErrors;\n if (fieldErrors) {\n const firstField = Object.keys(fieldErrors)[0];\n if (firstField) return `${firstField}: ${fieldErrors[firstField]?.join(\", \")}`;\n }\n return this.message;\n }\n\n get isValidationError(): boolean { return this.statusCode === 400; }\n get isAuthError(): boolean { return this.statusCode === 401; }\n get isPermissionError(): boolean { return this.statusCode === 403; }\n get isNotFoundError(): boolean { return this.statusCode === 404; }\n get isServerError(): boolean { return this.statusCode >= 500 && this.statusCode < 600; }\n}\n\n/** Network Error (connection failed, timeout, etc.) */\nexport class NetworkError extends Error {\n constructor(\n message: string,\n public url: string,\n public originalError?: Error,\n ) {\n super(message);\n this.name = \"NetworkError\";\n }\n}\n","// AUTO-GENERATED by django_generator / ts_extras.wrapper\n// Global auth store. Wired into the shared `client` from `client.gen.ts`\n// via `installAuthOnClient(client)` — called synchronously by the\n// post-processed bottom of client.gen.ts. No circular import here.\n// DO NOT EDIT — re-run `make gen`.\n\nimport { APIError } from './errors';\n\nconst ACCESS_KEY = 'cfg.access_token';\nconst REFRESH_KEY = 'cfg.refresh_token';\nconst API_KEY_KEY = 'cfg.api_key';\n\nconst isBrowser = typeof window !== 'undefined';\n\nexport type StorageMode = 'localStorage' | 'cookie';\n\n// ── Storage backends (browser-only; server-side reads return null) ─────────\n\ninterface KVStore {\n get(key: string): string | null;\n set(key: string, value: string | null): void;\n}\n\nconst localStorageBackend: KVStore = {\n get(key) {\n if (!isBrowser) return null;\n try { return window.localStorage.getItem(key); } catch { return null; }\n },\n set(key, value) {\n if (!isBrowser) return;\n try {\n if (value === null) window.localStorage.removeItem(key);\n else window.localStorage.setItem(key, value);\n } catch {}\n },\n};\n\n/** 30 days, matches typical refresh-token lifetime. */\nconst COOKIE_MAX_AGE = 60 * 60 * 24 * 30;\n\nconst cookieBackend: KVStore = {\n get(key) {\n if (!isBrowser) return null;\n try {\n const re = new RegExp(`(?:^|;\\\\s*)${encodeURIComponent(key)}=([^;]*)`);\n const m = document.cookie.match(re);\n return m ? decodeURIComponent(m[1]) : null;\n } catch { return null; }\n },\n set(key, value) {\n if (!isBrowser) return;\n try {\n const k = encodeURIComponent(key);\n const secure = window.location.protocol === 'https:' ? '; Secure' : '';\n if (value === null) {\n document.cookie = `${k}=; Path=/; Max-Age=0; SameSite=Lax${secure}`;\n } else {\n const v = encodeURIComponent(value);\n document.cookie = `${k}=${v}; Path=/; Max-Age=${COOKIE_MAX_AGE}; SameSite=Lax${secure}`;\n }\n } catch {}\n },\n};\n\nlet _storage: KVStore = localStorageBackend;\nlet _storageMode: StorageMode = 'localStorage';\n\n/** Detect locale from `NEXT_LOCALE` cookie or `navigator.language`. */\nfunction detectLocale(): string | null {\n try {\n if (typeof document !== 'undefined') {\n const m = document.cookie.match(/(?:^|;\\s*)NEXT_LOCALE=([^;]*)/);\n if (m) return decodeURIComponent(m[1]);\n }\n if (typeof navigator !== 'undefined' && navigator.language) {\n return navigator.language;\n }\n } catch {}\n return null;\n}\n\n/** Default baseUrl.\n *\n * Browser: uses NEXT_PUBLIC_API_PROXY_URL if set (empty string = same-origin\n * Next.js proxy), otherwise falls back to NEXT_PUBLIC_API_URL directly.\n * Set NEXT_PUBLIC_API_PROXY_URL='' in apps that proxy /apix/* via Next.js\n * Route Handler; leave it unset in apps that hit Django directly.\n *\n * Server (SSR / RSC / Edge): use NEXT_PUBLIC_API_URL so server-side fetch\n * reaches Django directly (proxy is a same-origin HTTP round-trip on server).\n */\nfunction defaultBaseUrl(): string {\n if (typeof window !== 'undefined') {\n try {\n if (typeof process !== 'undefined' && process.env) {\n if (process.env.NEXT_PUBLIC_STATIC_BUILD === 'true') return '';\n // NEXT_PUBLIC_API_PROXY_URL='' means same-origin proxy (e.g. /apix/* route handler).\n // Next.js inlines defined vars as their value; undefined means the var was not set.\n if (process.env.NEXT_PUBLIC_API_PROXY_URL !== undefined)\n return process.env.NEXT_PUBLIC_API_PROXY_URL;\n return process.env.NEXT_PUBLIC_API_URL || '';\n }\n } catch {}\n return '';\n }\n try {\n if (typeof process !== 'undefined' && process.env) {\n if (process.env.NEXT_PUBLIC_STATIC_BUILD === 'true') return '';\n return process.env.NEXT_PUBLIC_API_URL || '';\n }\n } catch {}\n return '';\n}\n\n/** Default API key fallback from `NEXT_PUBLIC_API_KEY`.\n *\n * Both browser and server: if NEXT_PUBLIC_API_KEY is set it is used as a\n * global fallback (e.g. a public demo key). When not set, returns null so\n * per-request keys passed via options.headers take effect unobstructed.\n */\nfunction defaultApiKey(): string | null {\n try {\n if (typeof process !== 'undefined' && process.env?.NEXT_PUBLIC_API_KEY) {\n return process.env.NEXT_PUBLIC_API_KEY;\n }\n } catch {}\n return null;\n}\n\n// ── In-memory overrides (win over storage / env) ───────────────────────────\nlet _localeOverride: string | null = null;\nlet _apiKeyOverride: string | null = null;\nlet _baseUrlOverride: string | null = null;\nlet _withCredentials = true;\nlet _onUnauthorized: ((response: Response) => void) | null = null;\n\n/**\n * User-supplied refresh handler. Receives the current refresh token,\n * must return a fresh access (and optional refresh) pair or null on failure.\n * Set once at app bootstrap via `auth.setRefreshHandler(...)`.\n */\ntype RefreshResult = { access: string; refresh?: string } | null;\ntype RefreshHandler = (refreshToken: string) => Promise<RefreshResult>;\nlet _refreshHandler: RefreshHandler | null = null;\n\n/** Single-flight: every concurrent 401 awaits the same refresh. */\nlet _refreshInflight: Promise<string | null> | null = null;\n\n/** Marker header — set on retried requests so we never loop on 401. */\nconst RETRY_MARKER = 'X-Auth-Retry';\n\n// ── Reactive session snapshot ───────────────────────────────────────────────\n//\n// The store is the single source of truth for \"am I logged in\". React (or any\n// listener) subscribes via `auth.subscribe` + `auth.getSnapshot` — designed to\n// plug straight into `useSyncExternalStore`. The snapshot flips automatically\n// on: token writes, refresh success/failure, cross-tab storage events, and an\n// internal timer armed to the next JWT `exp` boundary.\n\nexport type SessionStatus = 'authenticated' | 'anonymous';\n\nexport type SessionSnapshot = {\n /** 'authenticated' = a live access token OR a live refresh token exists. */\n status: SessionStatus;\n /** ms-epoch expiry of the current access token (null: no token / no exp). */\n accessExpiresAt: number | null;\n};\n\n/** Decode a JWT `exp` claim to ms epoch. Null on any malformed input. */\nfunction jwtExpMs(token: string): number | null {\n try {\n const payload = token.split('.')[1];\n if (!payload) return null;\n const json = JSON.parse(atob(payload.replace(/-/g, '+').replace(/_/g, '/')));\n return typeof json.exp === 'number' ? json.exp * 1000 : null;\n } catch { return null; }\n}\n\nfunction computeSnapshot(): SessionSnapshot {\n const access = _storage.get(ACCESS_KEY);\n const refresh = _storage.get(REFRESH_KEY);\n const now = Date.now();\n const accessExp = access ? jwtExpMs(access) : null;\n const accessAlive = access !== null && (accessExp === null || accessExp > now);\n const refreshExp = refresh ? jwtExpMs(refresh) : null;\n const refreshAlive = refresh !== null && (refreshExp === null || refreshExp > now);\n return {\n status: accessAlive || refreshAlive ? 'authenticated' : 'anonymous',\n accessExpiresAt: accessExp,\n };\n}\n\n/** Stable object for SSR — `useSyncExternalStore` needs referential equality. */\nconst SERVER_SNAPSHOT: SessionSnapshot = { status: 'anonymous', accessExpiresAt: null };\n\n/** Same-tab, cross-store sync channel. An app can host several copies of this\n * generated store (separate JS modules) sharing the same storage keys; the\n * `storage` event only fires in OTHER tabs, so a window event bridges them\n * synchronously within the tab (login in one store flips all of them). */\nconst SESSION_SYNC_EVENT = `cfg-auth:changed:${ACCESS_KEY}`;\n\nlet _snapshot: SessionSnapshot = computeSnapshot();\nconst _sessionListeners = new Set<() => void>();\nlet _expiryTimer: ReturnType<typeof setTimeout> | null = null;\nlet _storageListenerInstalled = false;\n\n/** Re-arm the timer that flips the snapshot exactly when a token expires. */\nfunction scheduleExpiryFlip(): void {\n if (!isBrowser) return;\n if (_expiryTimer !== null) { clearTimeout(_expiryTimer); _expiryTimer = null; }\n if (_sessionListeners.size === 0) return;\n const now = Date.now();\n const exps: number[] = [];\n const access = _storage.get(ACCESS_KEY);\n const refresh = _storage.get(REFRESH_KEY);\n const accessExp = access ? jwtExpMs(access) : null;\n const refreshExp = refresh ? jwtExpMs(refresh) : null;\n if (accessExp !== null && accessExp > now) exps.push(accessExp);\n if (refreshExp !== null && refreshExp > now) exps.push(refreshExp);\n if (!exps.length) return;\n // +250ms grace so the token is REALLY expired when we flip; clamp to the\n // max signed-32-bit setTimeout delay (~24.8 days).\n const delay = Math.min(Math.min(...exps) - now + 250, 0x7fffffff);\n _expiryTimer = setTimeout(notifySessionChanged, delay);\n}\n\n/** Recompute the snapshot; notify subscribers only when it actually changed. */\nfunction notifySessionChanged(): void {\n const next = computeSnapshot();\n const changed =\n next.status !== _snapshot.status ||\n next.accessExpiresAt !== _snapshot.accessExpiresAt;\n if (changed) _snapshot = next;\n scheduleExpiryFlip();\n if (!changed) return;\n for (const listener of Array.from(_sessionListeners)) {\n try { listener(); } catch {}\n }\n // Wake sibling stores in this tab. Re-entrant but convergent: a store that\n // recomputes to the SAME snapshot doesn't re-dispatch, so the cascade stops\n // after every store has caught up.\n if (isBrowser) {\n try { window.dispatchEvent(new Event(SESSION_SYNC_EVENT)); } catch {}\n }\n}\n\n/** Cross-tab + cross-store sync — `storage` events only fire in OTHER tabs;\n * the window event covers sibling stores in THIS tab. Either way a login or\n * logout anywhere flips every snapshot reading the same keys. */\nfunction ensureStorageSync(): void {\n if (!isBrowser || _storageListenerInstalled) return;\n _storageListenerInstalled = true;\n window.addEventListener('storage', (e) => {\n if (e.key === null || e.key === ACCESS_KEY || e.key === REFRESH_KEY) {\n notifySessionChanged();\n }\n });\n window.addEventListener(SESSION_SYNC_EVENT, () => notifySessionChanged());\n}\n\n/**\n * Terminal-401 subscribers. Unlike the single `onUnauthorized` slot these\n * compose: each registration returns its own unsubscribe, so StrictMode\n * double-mounts and multiple packages can't clobber each other.\n */\ntype SessionExpiredHandler = (response: Response) => void;\nconst _sessionExpiredHandlers = new Set<SessionExpiredHandler>();\n\n/**\n * Captured reference to the shared Hey API client. Set exactly once by\n * `installAuthOnClient(client)` (called from client.gen.ts). All `auth.set*`\n * methods that mutate transport config (baseUrl / credentials) push through\n * this reference. Until installed, those mutations are silently buffered as\n * in-memory state — the next request after install will pick them up.\n */\ntype HeyClient = {\n setConfig(opts: Record<string, unknown>): void;\n interceptors: {\n request: { use(fn: (req: Request) => Request | Promise<Request>): void };\n response: { use(fn: (res: Response, req: Request) => Response | Promise<Response>): void };\n error: { use(fn: (err: unknown, res: Response | undefined, req: Request | undefined, opts: unknown) => unknown): void };\n };\n};\nlet _client: HeyClient | null = null;\n\nfunction pushClientConfig(): void {\n if (!_client) return;\n _client.setConfig({\n baseUrl: auth.getBaseUrl(),\n credentials: _withCredentials ? 'include' : 'same-origin',\n });\n}\n\n/**\n * Global auth/config store. All getters read live state every call —\n * the interceptor below uses these to attach headers per-request.\n *\n * Default storage backend is `localStorage`. Switch to cookies (e.g.\n * for Next.js SSR cookie access) via `auth.setStorageMode('cookie')`\n * early in the app bootstrap.\n *\n * @example\n * import { auth } from '@your/api';\n * auth.setToken(jwt);\n * auth.clearTokens();\n * auth.setStorageMode('cookie');\n */\nexport const auth = {\n // ── Storage mode ──────────────────────────────────────────────────\n getStorageMode(): StorageMode { return _storageMode; },\n setStorageMode(mode: StorageMode): void {\n _storageMode = mode;\n _storage = mode === 'cookie' ? cookieBackend : localStorageBackend;\n notifySessionChanged();\n },\n\n // ── Bearer token ──────────────────────────────────────────────────\n getToken(): string | null { return _storage.get(ACCESS_KEY); },\n setToken(token: string | null): void {\n _storage.set(ACCESS_KEY, token);\n notifySessionChanged();\n },\n getRefreshToken(): string | null { return _storage.get(REFRESH_KEY); },\n setRefreshToken(token: string | null): void {\n _storage.set(REFRESH_KEY, token);\n notifySessionChanged();\n },\n clearTokens(): void {\n _storage.set(ACCESS_KEY, null);\n _storage.set(REFRESH_KEY, null);\n notifySessionChanged();\n },\n /** Session-aware: token PRESENT and not past its `exp` (or a live refresh\n * token exists that can mint one). Prefer `getSnapshot().status` in React. */\n isAuthenticated(): boolean { return computeSnapshot().status === 'authenticated'; },\n\n // ── Session (the ONE write path for login/logout flows) ──────────\n /**\n * Persist a token pair atomically. Every login flow (OTP verify, 2FA,\n * OAuth callback) and the refresh handler should end here — do NOT\n * scatter `setToken`/`setRefreshToken` pairs through app code.\n * `refresh: undefined` keeps the current refresh token (access-only\n * rotation); `refresh: null` explicitly drops it.\n */\n setSession(tokens: { access: string; refresh?: string | null }): void {\n _storage.set(ACCESS_KEY, tokens.access);\n if (tokens.refresh !== undefined) _storage.set(REFRESH_KEY, tokens.refresh);\n notifySessionChanged();\n },\n clearSession(): void { auth.clearTokens(); },\n\n // ── Reactive snapshot (for useSyncExternalStore) ──────────────────\n /**\n * @example React:\n * const session = useSyncExternalStore(\n * auth.subscribe, auth.getSnapshot, auth.getServerSnapshot,\n * );\n * const isAuthenticated = session.status === 'authenticated';\n */\n getSnapshot(): SessionSnapshot { return _snapshot; },\n getServerSnapshot(): SessionSnapshot { return SERVER_SNAPSHOT; },\n subscribe(listener: () => void): () => void {\n ensureStorageSync();\n _sessionListeners.add(listener);\n // Sync state & arm the expiry timer now that someone is listening.\n notifySessionChanged();\n return () => {\n _sessionListeners.delete(listener);\n if (_sessionListeners.size === 0 && _expiryTimer !== null) {\n clearTimeout(_expiryTimer);\n _expiryTimer = null;\n }\n };\n },\n\n /**\n * Fired on TERMINAL 401 — after the refresh+retry path is exhausted.\n * The store has already cleared the session before calling back, so\n * handlers only need to route to login (no clear-then-redirect\n * ordering to get wrong). Returns an unsubscribe function; multiple\n * handlers compose (unlike the legacy single-slot `onUnauthorized`).\n */\n onSessionExpired(cb: SessionExpiredHandler): () => void {\n _sessionExpiredHandlers.add(cb);\n return () => { _sessionExpiredHandlers.delete(cb); };\n },\n\n // ── API key ───────────────────────────────────────────────────────\n getApiKey(): string | null {\n return _apiKeyOverride ?? _storage.get(API_KEY_KEY) ?? defaultApiKey();\n },\n setApiKey(key: string | null): void { _apiKeyOverride = key; },\n setApiKeyPersist(key: string | null): void {\n _apiKeyOverride = key;\n _storage.set(API_KEY_KEY, key);\n },\n clearApiKey(): void { _apiKeyOverride = null; _storage.set(API_KEY_KEY, null); },\n\n // ── Locale ────────────────────────────────────────────────────────\n getLocale(): string | null { return _localeOverride ?? detectLocale(); },\n setLocale(locale: string | null): void { _localeOverride = locale; },\n\n // ── Base URL ──────────────────────────────────────────────────────\n getBaseUrl(): string {\n const url = (_baseUrlOverride ?? defaultBaseUrl());\n return url.replace(/\\/$/, '');\n },\n setBaseUrl(url: string | null): void {\n _baseUrlOverride = url ? url.replace(/\\/$/, '') : null;\n pushClientConfig();\n },\n\n // ── Credentials toggle ────────────────────────────────────────────\n getWithCredentials(): boolean { return _withCredentials; },\n setWithCredentials(value: boolean): void {\n _withCredentials = value;\n pushClientConfig();\n },\n\n // ── 401 handler ───────────────────────────────────────────────────\n /**\n * Fired when the server returns 401 AND no refresh path recovers it\n * (no refresh token, no refresh handler, refresh failed, or retry\n * still 401). The app should clear local state and redirect to login.\n *\n * NOT fired for 401 that gets transparently recovered by the refresh\n * handler — those are invisible to callers.\n */\n onUnauthorized(cb: ((response: Response) => void) | null): void {\n _onUnauthorized = cb;\n },\n\n /**\n * Register the refresh strategy. The handler receives the current\n * refresh token and must call your refresh endpoint, returning\n * `{ access, refresh? }` on success or `null` on failure.\n *\n * @example\n * auth.setRefreshHandler(async (refresh) => {\n * const { data } = await Auth.tokenRefreshCreate({ body: { refresh } });\n * return data ? { access: data.access, refresh: data.refresh } : null;\n * });\n */\n setRefreshHandler(fn: RefreshHandler | null): void {\n _refreshHandler = fn;\n },\n\n /**\n * Proactively run the registered refresh handler right now, reusing the\n * SAME single-flight promise as the 401-recovery interceptor. Callers\n * (e.g. an expiry timer / focus / reconnect) get token rotation,\n * de-duplication and rotated-token persistence for free — they must NOT\n * re-implement any of it. Returns the fresh access token, or null if\n * there is no handler / no refresh token / the refresh failed.\n */\n refreshNow(): Promise<string | null> {\n return tryRefresh();\n },\n};\n\n/**\n * Run the user-supplied refresh handler, persist the rotated tokens, and\n * return the fresh access token (or null on any failure path).\n *\n * TWO layers of coordination, because a single app can host MULTIPLE copies of\n * this generated store (e.g. `@djangocfg/api` + a locally-generated client +\n * `@djangocfg/monitor`), all sharing the SAME refresh token in storage:\n *\n * 1. Per-store single-flight (`_refreshInflight`) — concurrent 401s WITHIN\n * this module coalesce onto one promise. Fast path, no lock.\n * 2. Cross-store mutex (`navigator.locks`) keyed on the refresh-token storage\n * key — serializes refreshes across EVERY store in the app. The refresh\n * token is re-read INSIDE the lock, so if another store already rotated it\n * (SimpleJWT `ROTATE_REFRESH_TOKENS` blacklists the old one), the loser\n * picks up the fresh access token instead of re-POSTing a blacklisted\n * refresh token and getting a spurious 401 → logout.\n *\n * Web Locks is browser-only; on SSR / older runtimes we degrade gracefully to\n * layer 1 alone (correct whenever at most one store refreshes).\n */\nasync function tryRefresh(): Promise<string | null> {\n if (_refreshInflight) return _refreshInflight;\n if (!_refreshHandler) return null;\n\n // The critical section — re-reads the refresh token every time it runs, so a\n // rotation performed by another store (or by us on a prior attempt) is always\n // observed. Returns the fresh access token, or null on any failure.\n const runRefresh = async (): Promise<string | null> => {\n const refresh = auth.getRefreshToken();\n if (!refresh) return null;\n const result = await _refreshHandler!(refresh);\n if (!result?.access) return null;\n auth.setToken(result.access);\n if (result.refresh) auth.setRefreshToken(result.refresh);\n return result.access;\n };\n\n _refreshInflight = (async () => {\n try {\n // Serialize across all stores in this app when Web Locks is available.\n const locks =\n typeof navigator !== 'undefined'\n ? (navigator as Navigator & { locks?: LockManager }).locks\n : undefined;\n if (locks?.request) {\n return await locks.request(`${REFRESH_KEY}:refresh`, runRefresh);\n }\n return await runRefresh();\n } catch {\n return null;\n } finally {\n _refreshInflight = null;\n }\n })();\n\n return _refreshInflight;\n}\n\n/**\n * Terminal 401 — no refresh path can recover this session. The store clears\n * its own tokens FIRST (subscribers flip to 'anonymous' via the snapshot),\n * then notifies `onSessionExpired` subscribers and the legacy\n * `onUnauthorized` slot. Apps only route to login; they never own the\n * clear-before-redirect ordering.\n */\nfunction expireSession(response: Response): void {\n auth.clearTokens();\n for (const cb of Array.from(_sessionExpiredHandlers)) {\n try { cb(response); } catch {}\n }\n if (_onUnauthorized) {\n try { _onUnauthorized(response); } catch {}\n }\n}\n\n/**\n * Wire the shared client to the global auth store. Called exactly\n * once from `client.gen.ts` (post-processed) right after\n * `createClient()`. Synchronous — no microtask, no TDZ races.\n *\n * Safe to call from server / SSR: storage backends short-circuit on\n * non-browser environments, so headers populated by the interceptor\n * are simply absent server-side (which is the correct behaviour\n * unless the caller explicitly sets a server-side token).\n *\n * ── How API key auth works ────────────────────────────────────────────────\n *\n * There are three ways to supply X-API-Key, in priority order:\n *\n * 1. Per-request header (highest priority, overrides everything):\n * SomeApi.someEndpoint({ headers: { 'X-API-Key': userKey } })\n * Use this in playgrounds or any context where the key comes from\n * user input rather than app config.\n *\n * 2. Global override via auth.setApiKey(key) — applies to every request\n * from this client until cleared. Good for single-user sessions.\n *\n * 3. NEXT_PUBLIC_API_KEY env var — read by defaultApiKey() on every request.\n * Use as a public fallback key (e.g. a shared demo key for unauthenticated\n * visitors). When not set, returns null so per-request keys work freely.\n *\n * ── baseUrl gotcha with proxy packages ───────────────────────────────────\n *\n * If another package (e.g. @carapis/catalog-api/client) calls\n * `auth.setBaseUrl('')` on import, ALL requests from this shared client\n * will go to relative paths (Next.js proxy) instead of hitting Django\n * directly. This is intentional for the public catalog — but breaks any\n * feature that needs to reach Django with a dynamic API key from the\n * browser (e.g. a playground).\n *\n * Fix: pass `baseUrl` explicitly per-call to override the global setting:\n * SomeApi.someEndpoint({\n * baseUrl: process.env.NEXT_PUBLIC_API_URL,\n * headers: { 'X-API-Key': userKey },\n * })\n */\n// ── DPoP (RFC 9449) — sender-constrained tokens ────────────────────────────\n//\n// When NEXT_PUBLIC_DPOP_ENABLED === 'true', the client holds a P-256 keypair\n// whose PRIVATE key is non-extractable (Web Crypto `extractable:false`) and\n// stored in IndexedDB. JS — including XSS — can sign with it but can NEVER read\n// it. Each request carries a fresh `DPoP` proof signed by that key; the backend\n// binds the token to the key (`cnf.jkt`) and rejects any request whose proof key\n// doesn't match. A stolen token is therefore useless to an attacker.\n//\n// Dormant unless the env flag is on — bearer-mode apps are unaffected.\n\nfunction dpopEnabled(): boolean {\n try {\n return typeof process !== 'undefined'\n && process.env?.NEXT_PUBLIC_DPOP_ENABLED === 'true';\n } catch { return false; }\n}\n\nconst _DPOP_DB = 'cfg-auth';\nconst _DPOP_STORE = 'keys';\nconst _DPOP_KEY_ID = 'dpop-ec-p256';\n\nfunction _idbOpen(): Promise<IDBDatabase> {\n return new Promise((resolve, reject) => {\n const req = indexedDB.open(_DPOP_DB, 1);\n req.onupgradeneeded = () => req.result.createObjectStore(_DPOP_STORE);\n req.onsuccess = () => resolve(req.result);\n req.onerror = () => reject(req.error);\n });\n}\n\nfunction _idbGet(key: string): Promise<CryptoKeyPair | undefined> {\n return _idbOpen().then((db) => new Promise((resolve, reject) => {\n const tx = db.transaction(_DPOP_STORE, 'readonly');\n const req = tx.objectStore(_DPOP_STORE).get(key);\n req.onsuccess = () => resolve(req.result);\n req.onerror = () => reject(req.error);\n }));\n}\n\nfunction _idbPut(key: string, value: CryptoKeyPair): Promise<void> {\n return _idbOpen().then((db) => new Promise((resolve, reject) => {\n const tx = db.transaction(_DPOP_STORE, 'readwrite');\n tx.objectStore(_DPOP_STORE).put(value, key);\n tx.oncomplete = () => resolve();\n tx.onerror = () => reject(tx.error);\n }));\n}\n\n/** Single-flight keypair init — the private key is created non-extractable. */\nlet _dpopKeyPromise: Promise<CryptoKeyPair> | null = null;\n\nfunction _getDpopKeyPair(): Promise<CryptoKeyPair> {\n if (_dpopKeyPromise) return _dpopKeyPromise;\n _dpopKeyPromise = (async () => {\n const existing = await _idbGet(_DPOP_KEY_ID).catch(() => undefined);\n if (existing) return existing;\n const pair = await crypto.subtle.generateKey(\n { name: 'ECDSA', namedCurve: 'P-256' },\n false, // extractable:false — JS can sign but never export the private key\n ['sign'],\n );\n // CryptoKey is structured-cloneable; IndexedDB persists it across reloads\n // WITHOUT ever exposing raw key bytes to JS.\n await _idbPut(_DPOP_KEY_ID, pair).catch(() => {});\n return pair;\n })();\n return _dpopKeyPromise;\n}\n\nfunction _b64urlFromBytes(bytes: ArrayBuffer | Uint8Array): string {\n const arr = bytes instanceof Uint8Array ? bytes : new Uint8Array(bytes);\n let s = '';\n for (let i = 0; i < arr.length; i++) s += String.fromCharCode(arr[i]);\n return btoa(s).replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=+$/, '');\n}\n\nfunction _b64urlFromString(str: string): string {\n return _b64urlFromBytes(new TextEncoder().encode(str));\n}\n\n/** ECDSA raw signature (r||s) → JOSE base64url (Web Crypto already returns raw). */\nasync function _publicJwk(pub: CryptoKey): Promise<Record<string, string>> {\n const jwk = await crypto.subtle.exportKey('jwk', pub);\n // Public components only — required RFC 7638 members for EC.\n return { kty: 'EC', crv: 'P-256', x: jwk.x as string, y: jwk.y as string };\n}\n\n/** Build a DPoP proof JWT for this request (htm/htu/iat/jti), signed in-key. */\nasync function _makeDpopProof(method: string, url: string): Promise<string | null> {\n try {\n const pair = await _getDpopKeyPair();\n const jwk = await _publicJwk(pair.publicKey);\n const header = { typ: 'dpop+jwt', alg: 'ES256', jwk };\n // htu = scheme://authority/path without query/fragment.\n const htu = url.split('#')[0].split('?')[0];\n const jti =\n (crypto.randomUUID && crypto.randomUUID()) ||\n _b64urlFromBytes(crypto.getRandomValues(new Uint8Array(16)));\n const payload = { htm: method.toUpperCase(), htu, iat: Math.floor(Date.now() / 1000), jti };\n const signingInput =\n `${_b64urlFromString(JSON.stringify(header))}.${_b64urlFromString(JSON.stringify(payload))}`;\n const sig = await crypto.subtle.sign(\n { name: 'ECDSA', hash: 'SHA-256' },\n pair.privateKey,\n new TextEncoder().encode(signingInput),\n );\n return `${signingInput}.${_b64urlFromBytes(sig)}`;\n } catch {\n return null; // never break a request because proof generation failed\n }\n}\n\nexport function installAuthOnClient(client: HeyClient): void {\n if (_client) return; // idempotent\n _client = client;\n\n client.setConfig({\n baseUrl: auth.getBaseUrl(),\n credentials: _withCredentials ? 'include' : 'same-origin',\n });\n\n client.interceptors.request.use(async (request) => {\n const token = auth.getToken();\n if (token) request.headers.set('Authorization', `Bearer ${token}`);\n\n const locale = auth.getLocale();\n if (locale) request.headers.set('Accept-Language', locale);\n\n // Only set X-API-Key from global store if NOT already present on the\n // request — per-request headers take precedence.\n const apiKey = auth.getApiKey();\n if (apiKey && !request.headers.has('X-API-Key')) request.headers.set('X-API-Key', apiKey);\n\n try {\n const tz = Intl.DateTimeFormat().resolvedOptions().timeZone;\n if (tz) request.headers.set('X-Timezone', tz);\n } catch {}\n request.headers.set('X-Client-Time', new Date().toISOString());\n\n // DPoP proof — sign a fresh per-request proof with the non-extractable key.\n // Only in a browser, only when enabled. Failure is non-fatal (proof null).\n if (dpopEnabled() && typeof window !== 'undefined') {\n const proof = await _makeDpopProof(request.method, request.url);\n if (proof) request.headers.set('DPoP', proof);\n }\n\n return request;\n });\n\n client.interceptors.error.use((err, res, req) => {\n if (err instanceof APIError) return err;\n const url = (req as Request | undefined)?.url ?? '';\n const status = (res as Response | undefined)?.status ?? 0;\n const statusText = (res as Response | undefined)?.statusText ?? '';\n return new APIError(status, statusText, err, url);\n });\n\n\n client.interceptors.response.use(async (response, request) => {\n if (response.status !== 401) return response;\n\n // Already retried once — give up to avoid loops.\n if (request.headers.get(RETRY_MARKER)) {\n expireSession(response);\n return response;\n }\n\n const newToken = await tryRefresh();\n if (!newToken) {\n expireSession(response);\n return response;\n }\n\n // Retry the original request once with the new token. We mutate a\n // clone so the original Request body (already consumed by the\n // failed call) doesn't trip \"body already used\".\n const retry = request.clone();\n retry.headers.set('Authorization', `Bearer ${newToken}`);\n retry.headers.set(RETRY_MARKER, '1');\n // This retry uses raw fetch() and bypasses the request interceptor, so the\n // DPoP proof must be re-attached here or a bound token would 401 on retry.\n if (dpopEnabled() && typeof window !== 'undefined') {\n const proof = await _makeDpopProof(retry.method, retry.url);\n if (proof) retry.headers.set('DPoP', proof);\n }\n try {\n const retried = await fetch(retry);\n if (retried.status === 401) expireSession(retried);\n return retried;\n } catch {\n // Network error on the retry. The refresh SUCCEEDED (we hold a fresh\n // token), so the session is alive — a transient network blip must NOT\n // log the user out. Surface the original 401 to the caller only.\n return response;\n }\n });\n}\n\n// ── Default refresh handler (auto-registered) ──────────────────────────────\n//\n// POSTs straight to the SimpleJWT refresh endpoint so a 401 transparently\n// refreshes and retries. Registered at import time; an app can override it\n// afterwards with `auth.setRefreshHandler(...)` (last write wins). Returns the\n// ROTATED refresh token so the store persists it — `ROTATE_REFRESH_TOKENS`\n// blacklists the old one, so reusing it would 401 on the next refresh.\n//\n// Raw fetch, NOT the SDK: the endpoint exists on the server even when this\n// target's sliced SDK doesn't include the accounts group, and importing\n// sdk.gen here would close the cycle auth.ts → sdk.gen → client.gen → auth.ts.\nconst REFRESH_ENDPOINT = '/cfg/accounts/token/refresh/';\n\nauth.setRefreshHandler(async (refresh) => {\n try {\n const url = `${auth.getBaseUrl()}${REFRESH_ENDPOINT}`;\n const headers: Record<string, string> = { 'Content-Type': 'application/json' };\n // Bound tokens (`cnf.jkt`) require a DPoP proof on the refresh call too.\n if (dpopEnabled() && typeof window !== 'undefined') {\n const proof = await _makeDpopProof('POST', url);\n if (proof) headers['DPoP'] = proof;\n }\n const res = await fetch(url, {\n method: 'POST',\n headers,\n credentials: auth.getWithCredentials() ? 'include' : 'same-origin',\n body: JSON.stringify({ refresh }),\n });\n if (!res.ok) return null;\n const data = (await res.json()) as { access?: string; refresh?: string } | null;\n return data?.access\n ? { access: data.access, refresh: data.refresh ?? refresh }\n : null;\n } catch {\n return null;\n }\n});\n\nexport type Auth = typeof auth;\n","// AUTO-GENERATED by django_generator / ts_extras.wrapper\n// API logger built on consola. Optional dependency — install if you enable logging:\n// npm install consola\n// DO NOT EDIT — re-run `make gen`.\n\nimport { type ConsolaInstance, createConsola } from \"consola\";\n\nexport interface RequestLog {\n method: string;\n url: string;\n headers?: Record<string, string>;\n body?: any;\n timestamp: number;\n}\n\nexport interface ResponseLog {\n status: number;\n statusText: string;\n data?: any;\n duration: number;\n timestamp: number;\n}\n\nexport interface ErrorLog {\n message: string;\n statusCode?: number;\n fieldErrors?: Record<string, string[]>;\n duration: number;\n timestamp: number;\n}\n\nexport interface LoggerConfig {\n enabled: boolean;\n logRequests: boolean;\n logResponses: boolean;\n logErrors: boolean;\n logBodies: boolean;\n logHeaders: boolean;\n consola?: ConsolaInstance;\n}\n\nconst DEFAULT_CONFIG: LoggerConfig = {\n enabled: typeof process !== \"undefined\" && process.env?.NODE_ENV !== \"production\",\n logRequests: true,\n logResponses: true,\n logErrors: true,\n logBodies: true,\n logHeaders: false,\n};\n\nconst SENSITIVE_HEADERS = [\n \"authorization\",\n \"cookie\",\n \"set-cookie\",\n \"x-api-key\",\n \"x-csrf-token\",\n];\n\nexport class APILogger {\n private config: LoggerConfig;\n private consola: ConsolaInstance;\n\n constructor(config: Partial<LoggerConfig> = {}) {\n this.config = { ...DEFAULT_CONFIG, ...config };\n this.consola = config.consola || createConsola({\n level: this.config.enabled ? 4 : 0,\n });\n }\n\n enable(): void { this.config.enabled = true; }\n disable(): void { this.config.enabled = false; }\n setConfig(config: Partial<LoggerConfig>): void {\n this.config = { ...this.config, ...config };\n }\n\n private filterHeaders(headers?: Record<string, string>): Record<string, string> {\n if (!headers) return {};\n const filtered: Record<string, string> = {};\n Object.keys(headers).forEach((key) => {\n filtered[key] = SENSITIVE_HEADERS.includes(key.toLowerCase()) ? \"***\" : (headers[key] || \"\");\n });\n return filtered;\n }\n\n logRequest(request: RequestLog): void {\n if (!this.config.enabled || !this.config.logRequests) return;\n const { method, url, headers, body } = request;\n this.consola.start(`${method} ${url}`);\n if (this.config.logHeaders && headers) this.consola.debug(\"Headers:\", this.filterHeaders(headers));\n if (this.config.logBodies && body) this.consola.debug(\"Body:\", body);\n }\n\n logResponse(request: RequestLog, response: ResponseLog): void {\n if (!this.config.enabled || !this.config.logResponses) return;\n const { method, url } = request;\n const { status, statusText, data, duration } = response;\n this.consola.success(`${method} ${url} ${status} ${statusText} (${duration}ms)`);\n if (this.config.logBodies && data) this.consola.debug(\"Response:\", data);\n }\n\n logError(request: RequestLog, error: ErrorLog): void {\n if (!this.config.enabled || !this.config.logErrors) return;\n const { method, url } = request;\n const { message, statusCode, fieldErrors, duration } = error;\n this.consola.error(`${method} ${url} ${statusCode || \"Network\"} Error (${duration}ms)`);\n this.consola.error(\"Message:\", message);\n if (fieldErrors && Object.keys(fieldErrors).length > 0) {\n this.consola.error(\"Field Errors:\");\n Object.entries(fieldErrors).forEach(([field, errors]) => {\n errors.forEach((err) => this.consola.error(` • ${field}: ${err}`));\n });\n }\n }\n\n info(message: string, ...args: any[]): void { if (this.config.enabled) this.consola.info(message, ...args); }\n warn(message: string, ...args: any[]): void { if (this.config.enabled) this.consola.warn(message, ...args); }\n error(message: string, ...args: any[]): void { if (this.config.enabled) this.consola.error(message, ...args); }\n debug(message: string, ...args: any[]): void { if (this.config.enabled) this.consola.debug(message, ...args); }\n success(message: string, ...args: any[]): void { if (this.config.enabled) this.consola.success(message, ...args); }\n withTag(tag: string): ConsolaInstance { return this.consola.withTag(tag); }\n}\n\nexport const defaultLogger = new APILogger();\n","export const isDev = process.env.NODE_ENV === 'development';\nexport const isProd = !isDev;\nexport const isBrowser = typeof window !== 'undefined';\n\n/**\n * Next.js static-export build (`output: 'export'`). Loggers treat it like dev\n * for visibility; some auth/SSR features behave differently under it.\n */\nexport const isStaticBuild = process.env.NEXT_PUBLIC_STATIC_BUILD === 'true';\n\n/**\n * DPoP (RFC 9449) sender-constrained tokens are enabled for this app.\n *\n * Set by `createBaseNextConfig({ dpop: true })` (inlines\n * `NEXT_PUBLIC_DPOP_ENABLED='true'`). When true: tokens are bound to a\n * non-extractable in-browser key, a copied Bearer token can't be replayed, and\n * the API client signs a per-request DPoP proof. This flag lives in\n * `@djangocfg/api` — the package that implements DPoP — so it is the single\n * source of truth, importable by every higher-level package.\n */\nexport const dpopEnabled = process.env.NEXT_PUBLIC_DPOP_ENABLED === 'true';\n","/**\n * Global runtime log-level control.\n *\n * One mutable level that every `@djangocfg/*` consola wrapper reads, so the\n * whole app's console verbosity can be changed at runtime (e.g. raised for an\n * admin, kept silent for a regular user in production) WITHOUT each package\n * hardcoding `isDev ? 4 : 1`.\n *\n * Lives in `@djangocfg/api` because it's the lowest shared package — api,\n * layouts, centrifugo, ui-core consumers can all import it without a cycle.\n *\n * consola levels: 0 silent · 1 error · 2 warn · 3 info · 4 debug · 5 trace.\n *\n * Default policy (before anyone calls setLogLevel):\n * - dev / static build → 4 (debug)\n * - production → 1 (errors only)\n * App bootstrap should call `applyRoleLogPolicy({ isAdmin, isDev })` once auth\n * is known to raise verbosity for staff/superusers even in production.\n */\n\nimport { isDev, isStaticBuild } from './auth/utils/env';\n\nexport type ConsolaLevel = 0 | 1 | 2 | 3 | 4 | 5;\n\n/** Dev or a static export → show verbose logs by default. */\nconst verboseByDefault = isDev || isStaticBuild;\n\nconst DEFAULT_LEVEL: ConsolaLevel = verboseByDefault ? 4 : 1;\n\nlet _level: ConsolaLevel = DEFAULT_LEVEL;\n\n/** Subscribers (the wrapper loggers) notified when the level changes. */\nconst _subscribers = new Set<(level: ConsolaLevel) => void>();\n\n/** Current global log level. Wrappers read this when constructing/refreshing. */\nexport function getLogLevel(): ConsolaLevel {\n return _level;\n}\n\n/** Set the global log level and notify all live loggers. */\nexport function setLogLevel(level: ConsolaLevel): void {\n _level = level;\n for (const fn of _subscribers) {\n try {\n fn(level);\n } catch {\n /* a bad subscriber must not break logging */\n }\n }\n}\n\n/**\n * Subscribe to level changes. Returns an unsubscribe fn. The callback fires\n * immediately with the current level so a logger can sync on registration.\n */\nexport function onLogLevelChange(fn: (level: ConsolaLevel) => void): () => void {\n _subscribers.add(fn);\n try {\n fn(_level);\n } catch {\n /* ignore */\n }\n return () => _subscribers.delete(fn);\n}\n\n/**\n * Apply the role-aware policy. Call once at bootstrap and whenever auth changes.\n *\n * - admin (is_staff / is_superuser): full verbosity (debug) everywhere, even\n * in production — so support/devs can diagnose live without a redeploy.\n * - dev (non-admin): debug.\n * - production regular user: errors only — a clean console, like big SaaS apps.\n */\nexport function applyRoleLogPolicy(opts: { isAdmin: boolean; isDev?: boolean }): void {\n const devMode = opts.isDev ?? verboseByDefault;\n if (opts.isAdmin || devMode) {\n setLogLevel(4);\n } else {\n setLogLevel(1);\n }\n}\n","'use client';\n\n/**\n * useSession — reactive session snapshot from the generated auth store.\n *\n * The ONE way to answer \"am I logged in\" in React. The store owns the\n * semantics (JWT `exp`-aware, refresh-token-aware) and pushes changes on\n * token writes, refresh success/failure, expiry (internal timer), and\n * cross-tab / cross-store sync. No polling, no ticks.\n */\n\nimport { useSyncExternalStore } from 'react';\n\nimport { auth } from '../../_api/generated/helpers/auth';\n\nimport type { SessionSnapshot, SessionStatus } from '../../_api/generated/helpers/auth';\n\nexport type { SessionSnapshot, SessionStatus };\n\nexport function useSession(): SessionSnapshot {\n return useSyncExternalStore(auth.subscribe, auth.getSnapshot, auth.getServerSnapshot);\n}\n","/**\n * Universal Router Hook with BasePath Support\n *\n * Wrapper around Next.js useRouter that automatically handles basePath\n * for static builds served via iframe or subdirectory\n * \n * IMPORTANT: In Next.js 15 App Router, router.push() does NOT automatically\n * handle basePath (unlike Pages Router). This is a breaking change in App Router.\n * \n * This hook ensures basePath is always included when navigating, especially\n * important for static exports served via iframe where basePath is critical.\n * \n * @see https://nextjs.org/docs/app/building-your-application/upgrading/app-router-migration\n */\n\n'use client';\n\nimport { useRouter as useNextRouter } from 'next/navigation';\nimport { useCallback, useMemo } from 'react';\n\n/**\n * Get base path from environment variable\n */\nfunction getBasePath(): string {\n if (typeof process === 'undefined') {\n return '';\n }\n return process.env.NEXT_PUBLIC_BASE_PATH || '';\n}\n\n/**\n * Add base path to a route path\n */\nfunction withBasePath(path: string, basePath: string): string {\n if (!basePath) {\n return path;\n }\n // Ensure path starts with /\n const normalizedPath = path.startsWith('/') ? path : `/${path}`;\n // Remove trailing slash from basePath\n const normalizedBasePath = basePath.replace(/\\/$/, '');\n return `${normalizedBasePath}${normalizedPath}`;\n}\n\n/**\n * Router with basePath support\n *\n * Automatically adds basePath to all navigation methods when basePath is configured.\n * In Next.js 15 App Router, router.push() doesn't handle basePath automatically,\n * so this hook uses window.location to ensure basePath is always included.\n *\n * @example\n * ```tsx\n * const router = useCfgRouter();\n *\n * // With basePath='/cfg/admin':\n * router.push('/dashboard'); // Client-side navigation to '/cfg/admin/dashboard'\n * router.replace('/auth'); // Client-side replace with '/cfg/admin/auth'\n * router.hardPush('/dashboard'); // Full page reload to '/cfg/admin/dashboard'\n * router.hardReplace('/auth'); // Full page replace with '/cfg/admin/auth'\n * ```\n */\nexport function useCfgRouter() {\n const router = useNextRouter();\n\n // Get basePath and check if we're in static build mode\n const basePath = useMemo(() => getBasePath(), []);\n const isStaticBuild = useMemo(() => {\n return typeof process !== 'undefined' && process.env.NEXT_PUBLIC_STATIC_BUILD === 'true';\n }, []);\n\n const push = useCallback((href: string, options?: { scroll?: boolean }) => {\n if (basePath) {\n // App Router doesn't handle basePath automatically, use window.location\n window.location.href = withBasePath(href, basePath);\n } else {\n // No basePath configured, use standard router\n router.push(href, options);\n }\n }, [router, basePath]);\n\n const replace = useCallback((href: string, options?: { scroll?: boolean }) => {\n if (basePath) {\n // App Router doesn't handle basePath automatically, use window.location\n window.location.replace(withBasePath(href, basePath));\n } else {\n // No basePath configured, use standard router\n router.replace(href, options);\n }\n }, [router, basePath]);\n\n /**\n * Hard push - always uses window.location.href for full page reload\n *\n * Use this for auth redirects where React contexts need to reinitialize.\n * Unlike push(), this ALWAYS triggers a full page reload, ensuring all\n * contexts are reinitialized with fresh state.\n *\n * @example\n * ```tsx\n * // After successful login - contexts need to reload with new auth state\n * router.hardPush('/dashboard');\n * ```\n */\n const hardPush = useCallback((href: string) => {\n window.location.href = withBasePath(href, basePath);\n }, [basePath]);\n\n /**\n * Hard replace - always uses window.location.replace for full page reload\n *\n * Same as hardPush but replaces current history entry.\n * Use for auth redirects where you don't want back button to return to login.\n *\n * @example\n * ```tsx\n * // After logout - replace so back button doesn't go to protected page\n * router.hardReplace('/auth');\n * ```\n */\n const hardReplace = useCallback((href: string) => {\n window.location.replace(withBasePath(href, basePath));\n }, [basePath]);\n\n const prefetch = useCallback((href: string) => {\n // Prefetch doesn't need basePath handling, Next.js handles it\n router.prefetch(href);\n }, [router]);\n\n const back = useCallback(() => {\n router.back();\n }, [router]);\n\n const forward = useCallback(() => {\n router.forward();\n }, [router]);\n\n const refresh = useCallback(() => {\n router.refresh();\n }, [router]);\n\n return {\n push,\n replace,\n hardPush,\n hardReplace,\n prefetch,\n back,\n forward,\n refresh,\n };\n}\n\n","/**\n * useQueryParams Hook\n * \n * Safe hook to access URL query parameters without requiring Suspense boundary.\n * Works on client-side only, returns empty URLSearchParams during SSR/prerendering.\n * \n * @example\n * ```tsx\n * const params = useQueryParams();\n * const flow = params.get('flow');\n * const hasFlow = params.has('flow');\n * const allTags = params.getAll('tags');\n * ```\n */\n\n'use client';\n\nimport { usePathname } from 'next/navigation';\nimport { useEffect, useRef, useState } from 'react';\n\n/**\n * Hook to safely access URL query parameters without useSearchParams()\n * \n * This hook reads query parameters directly from window.location.search,\n * avoiding the need for Suspense boundaries that useSearchParams() requires.\n * \n * Automatically updates when URL changes (navigation, back/forward, etc.)\n * Uses pathname from Next.js to detect route changes and polls for query param changes.\n * \n * Returns a URLSearchParams object with get(), getAll(), has(), etc.\n * \n * @returns URLSearchParams object (empty during SSR)\n */\nexport function useQueryParams(): URLSearchParams {\n const pathname = usePathname();\n const [queryParams, setQueryParams] = useState<URLSearchParams>(() => {\n if (typeof window === 'undefined') {\n return new URLSearchParams();\n }\n return new URLSearchParams(window.location.search);\n });\n const lastSearchRef = useRef<string>('');\n\n useEffect(() => {\n if (typeof window === 'undefined') return;\n\n const updateQueryParams = () => {\n const currentSearch = window.location.search;\n if (currentSearch !== lastSearchRef.current) {\n lastSearchRef.current = currentSearch;\n setQueryParams(new URLSearchParams(currentSearch));\n }\n };\n\n // Sync on mount / pathname change (Next.js navigation).\n updateQueryParams();\n\n // back/forward navigation fires popstate natively.\n window.addEventListener('popstate', updateQueryParams);\n\n // Next.js router.push/replace updates the URL via history.pushState/replaceState,\n // which do NOT emit any event. Patch them to notify us, so we react to query-only\n // changes (same pathname) without polling. This replaces the old setInterval(100ms),\n // whose churning object reference helped drive the OTP auto-submit loop.\n const origPush = window.history.pushState;\n const origReplace = window.history.replaceState;\n window.history.pushState = function (...args) {\n const result = origPush.apply(this, args);\n updateQueryParams();\n return result;\n };\n window.history.replaceState = function (...args) {\n const result = origReplace.apply(this, args);\n updateQueryParams();\n return result;\n };\n\n return () => {\n window.removeEventListener('popstate', updateQueryParams);\n window.history.pushState = origPush;\n window.history.replaceState = origReplace;\n };\n }, [pathname]);\n\n return queryParams;\n}\n\n","\"use client\"\n\nimport { useCallback, useEffect, useRef, useState } from 'react';\n\nimport type { AuthFormState, AuthFormStateHandlers, AuthStep, WebmailLink } from '../types';\n\nconst formatCountdown = (s: number): string => {\n if (s <= 0) return '';\n const m = Math.floor(s / 60);\n return m > 0 ? `${m}:${String(s % 60).padStart(2, '0')}` : `${s}s`;\n};\n\nexport interface UseAuthFormStateReturn extends AuthFormState, AuthFormStateHandlers {}\n\n/**\n * Hook for auth form state management.\n * Pure state - no side effects, no API calls.\n */\nexport const useAuthFormState = (\n initialIdentifier = '',\n): UseAuthFormStateReturn => {\n const [identifier, setIdentifier] = useState(initialIdentifier);\n const [otp, setOtp] = useState('');\n const [isLoading, setIsLoading] = useState(false);\n const [acceptedTerms, setAcceptedTerms] = useState(true);\n const [step, setStep] = useState<AuthStep>('identifier');\n const [error, setError] = useState('');\n const [webmail, setWebmail] = useState<WebmailLink | null>(null);\n\n // 2FA state\n const [twoFactorSessionId, setTwoFactorSessionId] = useState<string | null>(null);\n const [shouldPrompt2FA, setShouldPrompt2FA] = useState(false);\n const [twoFactorCode, setTwoFactorCode] = useState('');\n const [useBackupCode, setUseBackupCode] = useState(false);\n\n // Rate limit countdown\n const [rateLimitSeconds, setRateLimitSeconds] = useState(0);\n const rateLimitTimerRef = useRef<ReturnType<typeof setInterval> | null>(null);\n\n const startRateLimitCountdown = useCallback((seconds: number) => {\n if (rateLimitTimerRef.current) clearInterval(rateLimitTimerRef.current);\n setRateLimitSeconds(seconds);\n rateLimitTimerRef.current = setInterval(() => {\n setRateLimitSeconds((prev) => {\n if (prev <= 1) {\n clearInterval(rateLimitTimerRef.current!);\n rateLimitTimerRef.current = null;\n return 0;\n }\n return prev - 1;\n });\n }, 1000);\n }, []);\n\n useEffect(() => () => {\n if (rateLimitTimerRef.current) clearInterval(rateLimitTimerRef.current);\n }, []);\n\n const clearError = useCallback(() => setError(''), []);\n\n return {\n // State\n identifier,\n otp,\n isLoading,\n acceptedTerms,\n step,\n error,\n twoFactorSessionId,\n shouldPrompt2FA,\n twoFactorCode,\n useBackupCode,\n rateLimitSeconds,\n isRateLimited: rateLimitSeconds > 0,\n rateLimitLabel: formatCountdown(rateLimitSeconds),\n webmail,\n // Handlers\n setIdentifier,\n setOtp,\n setAcceptedTerms,\n setError,\n clearError,\n setStep,\n setIsLoading,\n setTwoFactorSessionId,\n setShouldPrompt2FA,\n setTwoFactorCode,\n setUseBackupCode,\n startRateLimitCountdown,\n setWebmail,\n };\n};\n","\"use client\"\n\nimport { useCallback } from 'react';\n\nimport type { AuthFormValidation } from '../types';\n\nconst EMAIL_REGEX = /^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$/;\n\nexport const useAuthValidation = (): AuthFormValidation => {\n const validateIdentifier = useCallback((id: string): boolean => {\n return EMAIL_REGEX.test(id);\n }, []);\n\n return { validateIdentifier };\n};\n\nexport const validateIdentifier = (id: string): boolean => EMAIL_REGEX.test(id);\n","\"use client\"\n\nimport { useCallback, useEffect, useRef } from 'react';\n\nimport { AUTH_CONSTANTS } from '../constants';\nimport { useAuth } from '../context';\nimport { authLogger } from '../utils/logger';\nimport { useAuthFormState } from './useAuthFormState';\nimport { useAuthValidation } from './useAuthValidation';\nimport { useAutoAuth } from './useAutoAuth';\nimport { useTwoFactorVerify } from './useTwoFactorVerify';\n\nimport type { AuthFormReturn, UseAuthFormOptions } from '../types';\n/**\n * Complete auth form hook.\n * Composes smaller hooks for state, validation, and submission.\n */\nexport const useAuthForm = (options: UseAuthFormOptions): AuthFormReturn => {\n const {\n onIdentifierSuccess,\n onOTPSuccess,\n onError,\n sourceUrl,\n redirectUrl,\n requireTermsAcceptance = false,\n authPath = '/auth',\n } = options;\n\n // Compose smaller hooks\n const formState = useAuthFormState();\n const validation = useAuthValidation();\n\n // Ref to track auto-submit from URL\n const isAutoSubmitFromUrlRef = useRef(false);\n // Remembers the exact `identifier:otp` we already attempted from a magic-link\n // URL. We verify a given code at most ONCE — even if it turns out invalid or\n // expired — so re-renders never re-fire the request. Without this, the auto\n // submit loops and hammers /verify/ until the backend returns 429.\n const processedOtpKeyRef = useRef<string | null>(null);\n\n // Auth context for API calls and storage\n const {\n requestOTP,\n verifyOTP,\n getSavedEmail,\n saveEmail,\n } = useAuth();\n\n // Destructure for convenience\n const {\n identifier,\n otp,\n isLoading,\n acceptedTerms,\n twoFactorSessionId,\n twoFactorCode,\n useBackupCode,\n setIdentifier,\n setOtp,\n setStep,\n setError,\n setIsLoading,\n clearError,\n setTwoFactorSessionId,\n setShouldPrompt2FA,\n setTwoFactorCode,\n setUseBackupCode,\n startRateLimitCountdown,\n setWebmail,\n } = formState;\n\n // 2FA verification hook - skip redirect so we can show success screen\n const twoFactor = useTwoFactorVerify({\n onSuccess: () => {\n authLogger.info('2FA verification successful, showing success screen');\n setStep('success');\n onOTPSuccess?.();\n },\n onError: (error) => {\n setError(error);\n onError?.(error);\n },\n redirectUrl,\n skipRedirect: true, // We handle navigation via success step\n });\n\n const { validateIdentifier } = validation;\n\n // ─────────────────────────────────────────────────────────────────────────\n // Storage Helper\n // ─────────────────────────────────────────────────────────────────────────\n\n const saveIdentifierToStorage = useCallback((id: string) => {\n saveEmail(id);\n }, [saveEmail]);\n\n // ─────────────────────────────────────────────────────────────────────────\n // Effects\n // ─────────────────────────────────────────────────────────────────────────\n\n // Load saved identifier on mount\n useEffect(() => {\n const savedEmail = getSavedEmail();\n if (savedEmail) {\n setIdentifier(savedEmail);\n }\n // eslint-disable-next-line react-hooks/exhaustive-deps\n }, []);\n\n // ─────────────────────────────────────────────────────────────────────────\n // Submit Handlers\n // ─────────────────────────────────────────────────────────────────────────\n\n const handleIdentifierSubmit = useCallback(async (e: React.FormEvent) => {\n e.preventDefault();\n\n if (!identifier) {\n const msg = 'Please enter your email address';\n setError(msg);\n onError?.(msg);\n return;\n }\n\n if (!validateIdentifier(identifier)) {\n const msg = 'Please enter a valid email address';\n setError(msg);\n onError?.(msg);\n return;\n }\n\n if (requireTermsAcceptance && !acceptedTerms) {\n const msg = 'Please accept the Terms of Service and Privacy Policy';\n setError(msg);\n onError?.(msg);\n return;\n }\n\n setIsLoading(true);\n clearError();\n\n try {\n const result = await requestOTP(identifier, sourceUrl);\n\n if (result.success) {\n saveIdentifierToStorage(identifier);\n setWebmail(result.webmail ?? null);\n setStep('otp');\n onIdentifierSuccess?.(identifier);\n } else {\n if (result.retryAfter) {\n startRateLimitCountdown(result.retryAfter);\n clearError();\n } else {\n setError(result.message);\n onError?.(result.message);\n }\n }\n } catch {\n const msg = 'An unexpected error occurred';\n setError(msg);\n onError?.(msg);\n } finally {\n setIsLoading(false);\n }\n }, [\n identifier, acceptedTerms, requireTermsAcceptance,\n validateIdentifier, requestOTP, saveIdentifierToStorage,\n setError, setIsLoading, setStep, clearError, setWebmail,\n startRateLimitCountdown, onIdentifierSuccess, onError, sourceUrl,\n ]);\n\n // Core OTP submit - accepts explicit values to avoid stale closures\n const submitOTP = useCallback(async (\n submitIdentifier: string,\n submitOtp: string,\n ): Promise<boolean> => {\n if (!submitOtp || submitOtp.length < AUTH_CONSTANTS.EMAIL_OTP_LENGTH) {\n const msg = `Please enter the ${AUTH_CONSTANTS.EMAIL_OTP_LENGTH}-digit verification code`;\n setError(msg);\n onError?.(msg);\n return false;\n }\n\n setIsLoading(true);\n clearError();\n\n try {\n // Skip redirect - we'll show success screen first\n const result = await verifyOTP(submitIdentifier, submitOtp, sourceUrl, redirectUrl, true);\n\n // Check if 2FA is required (user has TOTP device)\n if (result.requires_2fa && result.session_id) {\n authLogger.info('2FA required after OTP verification');\n setTwoFactorSessionId(result.session_id);\n setShouldPrompt2FA(result.should_prompt_2fa || false);\n setStep('2fa');\n saveIdentifierToStorage(submitIdentifier);\n return true; // OTP was successful, now need 2FA\n }\n\n if (result.success) {\n saveIdentifierToStorage(submitIdentifier);\n\n // Sign-in only verifies identity. Setting up 2FA is owned by\n // ProfileLayout, so we never branch into a setup prompt here — the\n // backend's `should_prompt_2fa` hint is intentionally ignored.\n authLogger.info('OTP verification successful, showing success screen');\n setStep('success');\n onOTPSuccess?.();\n return true;\n } else {\n setError(result.message);\n onError?.(result.message);\n return false;\n }\n } catch {\n const msg = 'An unexpected error occurred';\n setError(msg);\n onError?.(msg);\n return false;\n } finally {\n setIsLoading(false);\n }\n }, [verifyOTP, saveIdentifierToStorage, setError, setIsLoading, clearError, onOTPSuccess, onError, sourceUrl, redirectUrl, setTwoFactorSessionId, setShouldPrompt2FA, setStep]);\n\n const handleOTPSubmit = useCallback(async (e: React.FormEvent) => {\n e.preventDefault();\n await submitOTP(identifier, otp);\n }, [identifier, otp, submitOTP]);\n\n const handleResendOTP = useCallback(async () => {\n setIsLoading(true);\n clearError();\n\n try {\n const result = await requestOTP(identifier, sourceUrl);\n\n if (result.success) {\n saveIdentifierToStorage(identifier);\n setWebmail(result.webmail ?? null);\n setOtp('');\n } else {\n if (result.retryAfter) {\n startRateLimitCountdown(result.retryAfter);\n clearError(); // countdown in rateLimitLabel is enough feedback\n } else {\n setError(result.message);\n onError?.(result.message);\n }\n }\n } catch {\n const msg = 'Failed to resend verification code';\n setError(msg);\n onError?.(msg);\n } finally {\n setIsLoading(false);\n }\n }, [identifier, requestOTP, saveIdentifierToStorage, setOtp, setError, setIsLoading, clearError, startRateLimitCountdown, setWebmail, onError, sourceUrl]);\n\n const handleBackToIdentifier = useCallback(() => {\n setStep('identifier');\n clearError();\n }, [setStep, clearError]);\n\n const forceOTPStep = useCallback(() => {\n setStep('otp');\n clearError();\n }, [setStep, clearError]);\n\n // ─────────────────────────────────────────────────────────────────────────\n // 2FA Handlers\n // ─────────────────────────────────────────────────────────────────────────\n\n const handle2FASubmit = useCallback(async (e: React.FormEvent) => {\n e.preventDefault();\n\n if (!twoFactorSessionId) {\n const msg = 'Missing 2FA session';\n setError(msg);\n onError?.(msg);\n return;\n }\n\n if (useBackupCode) {\n await twoFactor.verifyBackupCode(twoFactorSessionId, twoFactorCode);\n } else {\n await twoFactor.verifyTOTP(twoFactorSessionId, twoFactorCode);\n }\n }, [twoFactorSessionId, twoFactorCode, useBackupCode, twoFactor, setError, onError]);\n\n const handleUseBackupCode = useCallback(() => {\n setUseBackupCode(true);\n setTwoFactorCode('');\n clearError();\n }, [setUseBackupCode, setTwoFactorCode, clearError]);\n\n const handleUseTOTP = useCallback(() => {\n setUseBackupCode(false);\n setTwoFactorCode('');\n clearError();\n }, [setUseBackupCode, setTwoFactorCode, clearError]);\n\n // ─────────────────────────────────────────────────────────────────────────\n // Auto-auth from URL\n // ─────────────────────────────────────────────────────────────────────────\n\n const handleOTPFromUrl = useCallback((detectedOtp: string, detectedEmail?: string) => {\n // Prefer the email from the magic-link URL (works on a fresh browser/device),\n // fall back to the one saved from a previous request on this browser.\n const autoIdentifier = detectedEmail || getSavedEmail() || '';\n\n if (!autoIdentifier) {\n authLogger.warn('No identifier found for auto-submit (no email in URL or storage)');\n return;\n }\n\n // Verify each magic-link code at most once. A re-render must never re-fire\n // the request — a failed/expired code that retried in a loop is exactly what\n // drove the /verify/ spam and the backend's 429 lockout.\n const otpKey = `${autoIdentifier}:${detectedOtp}`;\n if (processedOtpKeyRef.current === otpKey) return;\n if (isAutoSubmitFromUrlRef.current) return;\n\n processedOtpKeyRef.current = otpKey;\n isAutoSubmitFromUrlRef.current = true;\n\n authLogger.info('OTP detected from URL, auto-submitting');\n\n // Update UI state\n setIdentifier(autoIdentifier);\n setOtp(detectedOtp);\n setStep('otp');\n\n // Submit with explicit values\n setTimeout(async () => {\n try {\n await submitOTP(autoIdentifier, detectedOtp);\n } finally {\n isAutoSubmitFromUrlRef.current = false;\n }\n }, 100);\n }, [getSavedEmail, setIdentifier, setOtp, setStep, submitOTP]);\n\n useAutoAuth({\n allowedPaths: [authPath],\n onOTPDetected: handleOTPFromUrl,\n cleanupUrl: true,\n });\n\n // ─────────────────────────────────────────────────────────────────────────\n // Return\n // ─────────────────────────────────────────────────────────────────────────\n\n return {\n // State\n ...formState,\n\n // Submit handlers\n handleIdentifierSubmit,\n handleOTPSubmit,\n handleResendOTP,\n handleBackToIdentifier,\n forceOTPStep,\n\n // 2FA handlers\n handle2FASubmit,\n handleUseBackupCode,\n handleUseTOTP,\n\n // Validation\n ...validation,\n\n // Auto-submit ref\n isAutoSubmittingFromUrl: isAutoSubmitFromUrlRef,\n\n // 2FA state from hook (for loading indicator)\n is2FALoading: twoFactor.isLoading,\n twoFactorWarning: twoFactor.warning,\n twoFactorAttemptsRemaining: twoFactor.attemptsRemaining,\n };\n};\n\n// Re-export types for convenience\nexport type { AuthFormReturn, UseAuthFormOptions } from '../types';\n","import { createConsola } from 'consola';\n\n/**\n * Universal logger for @djangocfg/api/auth\n * Uses consola for beautiful console logging\n *\n * Log levels:\n * - 0: silent\n * - 1: fatal, error\n * - 2: warn\n * - 3: log, info\n * - 4: debug\n * - 5: trace, verbose\n *\n * The level is driven by the GLOBAL runtime controller (log-control), so an\n * admin can get verbose logs (even in prod) while regular users keep a clean\n * console. `applyRoleLogPolicy(...)` at app bootstrap sets the policy.\n */\nimport { getLogLevel, onLogLevelChange } from '../../log-control';\n\nexport const logger = createConsola({\n level: getLogLevel(),\n}).withTag('api');\n\n// Keep the live logger's level in sync with the global controller.\nonLogLevelChange((level) => {\n logger.level = level;\n});\n\n/**\n * Auth-specific logger\n */\nexport const authLogger = logger.withTag('auth');\n\nexport default logger;\n","'use client';\n\nimport { usePathname } from 'next/navigation';\nimport { useEffect, useRef } from 'react';\n\nimport { AUTH_CONSTANTS } from '../constants';\nimport { authLogger } from '../utils/logger';\nimport { isAllowedAuthPath } from '../utils/path';\nimport { useCfgRouter } from './useCfgRouter';\nimport { useQueryParams } from './useQueryParams';\n\nexport interface UseAutoAuthOptions {\n /** Called with the OTP from the URL, plus the optional `email` query param if present. */\n onOTPDetected?: (otp: string, email?: string) => void;\n cleanupUrl?: boolean;\n /** Paths where auto-auth should be active. Default: ['/auth'] */\n allowedPaths?: string[];\n}\n\n/**\n * Hook for automatic authentication from URL query parameters\n * Detects OTP from URL and triggers callback.\n * (Path normalization / allow-list matching live in ../utils/path so they can\n * be unit-tested independently of the hook.)\n */\nexport const useAutoAuth = (options: UseAutoAuthOptions = {}) => {\n const { onOTPDetected, cleanupUrl = true, allowedPaths = ['/auth'] } = options;\n const queryParams = useQueryParams();\n const pathname = usePathname();\n const router = useCfgRouter();\n\n // Check if current path is in allowed paths, ignoring the locale prefix\n // (next-intl may keep it in the URL, e.g. /ru/auth) and trailing slashes.\n const isAllowedPath = isAllowedAuthPath(pathname, allowedPaths);\n\n const queryOtp = queryParams.get('otp') || '';\n const queryEmail = queryParams.get('email') || undefined;\n const hasOTP = !!queryOtp;\n const isReady = !!pathname && hasOTP && isAllowedPath;\n const otpValid = queryOtp.length === AUTH_CONSTANTS.EMAIL_OTP_LENGTH;\n\n // Keep the latest callback in a ref so its (unstable) identity never lands in\n // the effect deps below. Otherwise a parent that passes an inline function\n // re-runs this effect on every render and re-fires the OTP submission.\n const onOTPDetectedRef = useRef(onOTPDetected);\n onOTPDetectedRef.current = onOTPDetected;\n\n // Detect OTP and notify the parent. Keyed on the OTP *value* (a string), not\n // on the `queryParams` object reference — so the effect fires once per code,\n // not on every poll tick / re-render.\n useEffect(() => {\n if (!isReady || !otpValid) return;\n // Only on allowed paths to avoid conflicts with other pages\n // (e.g., /dashboard/device uses ?otp= for device authorization, not user auth)\n authLogger.info('OTP detected in URL on auth page:', queryOtp);\n onOTPDetectedRef.current?.(queryOtp, queryEmail);\n }, [isReady, otpValid, queryOtp, queryEmail]);\n\n // Clean up URL to remove sensitive params for security. Separate effect so it\n // does not depend on `onOTPDetected` and cannot re-trigger the submission.\n // Use window.location.pathname to preserve the locale prefix (e.g. /ru/auth)\n // because usePathname() strips the locale, and router.push('/auth') would cause\n // next-intl middleware to redirect back to /ru/auth — triggering a full page reload\n // that loses the in-flight OTP submission.\n useEffect(() => {\n if (!isReady || !cleanupUrl || !queryOtp) return;\n const cleanQuery = Object.fromEntries(queryParams.entries());\n delete cleanQuery.otp;\n delete cleanQuery.email;\n const queryString = new URLSearchParams(cleanQuery).toString();\n const realPathname = typeof window !== 'undefined' ? window.location.pathname : pathname;\n router.replace(queryString ? `${realPathname}?${queryString}` : realPathname);\n // eslint-disable-next-line react-hooks/exhaustive-deps\n }, [isReady, cleanupUrl, queryOtp]);\n\n return {\n isReady,\n hasOTP,\n isAllowedPath,\n };\n};\n","/**\n * Path normalization for auth routing.\n *\n * next-intl may keep a 2-letter locale prefix in the URL (e.g. `/ru/auth`), and\n * paths arrive with or without trailing slashes. To match a pathname against a\n * fixed allow-list (like `['/auth']`) reliably, strip the locale segment and\n * trailing slashes first. Extracted from useAutoAuth so it can be unit-tested\n * and reused.\n */\n\n/**\n * Strip a leading 2-letter locale segment and trailing slashes.\n * '/ru/auth/' → '/auth', '/auth' → '/auth', '/' → '/', '' → ''.\n */\nexport const normalizePath = (path: string | null | undefined): string => {\n if (!path) return '';\n const withoutLocale = path.replace(/^\\/[a-z]{2}(?=\\/|$)/, '');\n const trimmed = withoutLocale.replace(/\\/+$/, '');\n return trimmed || '/';\n};\n\n/**\n * True when `pathname` (after locale/slash normalization) is one of the allowed\n * paths, or nested under one of them (`/auth` matches `/auth/callback`).\n */\nexport const isAllowedAuthPath = (\n pathname: string | null | undefined,\n allowedPaths: string[],\n): boolean => {\n const normalized = normalizePath(pathname);\n return allowedPaths.some(\n (p) => normalized === p || normalized.startsWith(p + '/'),\n );\n};\n","'use client';\n\nimport { useCallback, useState } from 'react';\n\nimport { auth } from '../../_api/generated/helpers/auth';\nimport { CfgTotpVerify } from '../../_api/generated/sdk.gen';\nimport { Analytics, AnalyticsCategory, AnalyticsEvent } from '../utils/analytics';\nimport { authLogger } from '../utils/logger';\nimport { consumeSavedRedirect } from './useAuthRedirect';\nimport { useCfgRouter } from './useCfgRouter';\nimport { extractAttemptsRemaining, extractTwoFactorError, isValidTotpCode } from './twoFactor.shared';\n\nexport interface UseTwoFactorVerifyOptions {\n /** Callback on successful 2FA verification */\n onSuccess?: (user: any) => void;\n /** Callback on error */\n onError?: (error: string) => void;\n /** URL to redirect after successful verification */\n redirectUrl?: string;\n /** Skip automatic redirect after success (caller handles navigation) */\n skipRedirect?: boolean;\n}\n\nexport interface UseTwoFactorVerifyReturn {\n /** Loading state */\n isLoading: boolean;\n /** Error message */\n error: string | null;\n /** Warning message (e.g., low backup codes) */\n warning: string | null;\n /** Remaining backup codes (if backup code was used) */\n remainingBackupCodes: number | null;\n /** Remaining verification attempts before lockout */\n attemptsRemaining: number | null;\n /** Verify TOTP code */\n verifyTOTP: (sessionId: string, code: string) => Promise<boolean>;\n /** Verify backup code */\n verifyBackupCode: (sessionId: string, backupCode: string) => Promise<boolean>;\n /** Clear error */\n clearError: () => void;\n}\n\n/**\n * 2FA verification during login (internal — composed by {@link useTwoFactor}).\n *\n * After OTP/OAuth verification returns requires_2fa=true and a session_id,\n * collect the TOTP (or backup) code and call verifyTOTP/verifyBackupCode to\n * complete authentication.\n */\nexport const useTwoFactorVerify = (\n options: UseTwoFactorVerifyOptions = {},\n): UseTwoFactorVerifyReturn => {\n const { onSuccess, onError, redirectUrl, skipRedirect = false } = options;\n const router = useCfgRouter();\n\n const [isLoading, setIsLoading] = useState(false);\n const [error, setError] = useState<string | null>(null);\n const [warning, setWarning] = useState<string | null>(null);\n const [remainingBackupCodes, setRemainingBackupCodes] = useState<number | null>(null);\n const [attemptsRemaining, setAttemptsRemaining] = useState<number | null>(null);\n\n const clearError = useCallback(() => {\n setError(null);\n }, []);\n\n const handleSuccess = useCallback((response: {\n access_token: string;\n refresh_token: string;\n user: any;\n warning?: string;\n remaining_backup_codes?: number;\n }) => {\n // Save tokens — the ONE write path (atomic pair + session notification).\n auth.setSession({ access: response.access_token, refresh: response.refresh_token });\n\n if (response.warning) {\n setWarning(response.warning);\n }\n if (response.remaining_backup_codes !== undefined) {\n setRemainingBackupCodes(response.remaining_backup_codes);\n }\n\n Analytics.event(AnalyticsEvent.AUTH_LOGIN_SUCCESS, {\n category: AnalyticsCategory.AUTH,\n label: '2fa',\n });\n if (response.user?.id) {\n Analytics.setUser(String(response.user.id));\n }\n\n onSuccess?.(response.user);\n\n // Redirect (unless skipRedirect). Priority: saved back-url > option > default.\n if (!skipRedirect) {\n const finalRedirectUrl = consumeSavedRedirect() || redirectUrl || '/';\n authLogger.info('2FA successful, redirecting to:', finalRedirectUrl);\n router.hardPush(finalRedirectUrl);\n }\n }, [onSuccess, redirectUrl, router, skipRedirect]);\n\n const verifyTOTP = useCallback(async (sessionId: string, code: string): Promise<boolean> => {\n if (!sessionId) {\n const msg = 'Missing 2FA session ID';\n setError(msg);\n onError?.(msg);\n return false;\n }\n if (!isValidTotpCode(code)) {\n const msg = 'Please enter a 6-digit code';\n setError(msg);\n onError?.(msg);\n return false;\n }\n\n setIsLoading(true);\n setError(null);\n\n try {\n authLogger.info('Verifying TOTP code...');\n\n const result = await CfgTotpVerify.cfgTotpVerifyCreate({\n body: { session_id: sessionId, code },\n throwOnError: true,\n });\n const response = result.data;\n\n if (!response.access_token || !response.refresh_token) {\n throw new Error('Invalid response from 2FA verification');\n }\n\n handleSuccess(response);\n return true;\n } catch (err) {\n authLogger.error('2FA TOTP verification error:', err);\n const errorMessage = extractTwoFactorError(err, 'Invalid verification code');\n const attempts = extractAttemptsRemaining(err);\n if (attempts !== null) setAttemptsRemaining(attempts);\n setError(errorMessage);\n onError?.(errorMessage);\n\n Analytics.event(AnalyticsEvent.AUTH_OTP_VERIFY_FAIL, {\n category: AnalyticsCategory.AUTH,\n label: '2fa-totp',\n });\n return false;\n } finally {\n setIsLoading(false);\n }\n }, [handleSuccess, onError]);\n\n const verifyBackupCode = useCallback(async (sessionId: string, backupCode: string): Promise<boolean> => {\n if (!sessionId) {\n const msg = 'Missing 2FA session ID';\n setError(msg);\n onError?.(msg);\n return false;\n }\n if (!backupCode || backupCode.length < 8) {\n const msg = 'Please enter your backup code';\n setError(msg);\n onError?.(msg);\n return false;\n }\n\n setIsLoading(true);\n setError(null);\n\n try {\n authLogger.info('Verifying backup code...');\n\n const result = await CfgTotpVerify.cfgTotpVerifyBackupCreate({\n body: {\n session_id: sessionId,\n backup_code: backupCode.replace(/\\s+/g, ''),\n },\n throwOnError: true,\n });\n const response = result.data;\n\n if (!response.access_token || !response.refresh_token) {\n throw new Error('Invalid response from backup code verification');\n }\n\n handleSuccess(response);\n return true;\n } catch (err) {\n authLogger.error('2FA backup code verification error:', err);\n const errorMessage = extractTwoFactorError(err, 'Invalid backup code');\n const attempts = extractAttemptsRemaining(err);\n if (attempts !== null) setAttemptsRemaining(attempts);\n setError(errorMessage);\n onError?.(errorMessage);\n\n Analytics.event(AnalyticsEvent.AUTH_OTP_VERIFY_FAIL, {\n category: AnalyticsCategory.AUTH,\n label: '2fa-backup',\n });\n return false;\n } finally {\n setIsLoading(false);\n }\n }, [handleSuccess, onError]);\n\n return {\n isLoading,\n error,\n warning,\n remainingBackupCodes,\n attemptsRemaining,\n verifyTOTP,\n verifyBackupCode,\n clearError,\n };\n};\n","// This file is auto-generated by @hey-api/openapi-ts\n\nimport type { ArrayStyle, ObjectStyle, SerializerOptions } from './pathSerializer.gen';\n\nexport type QuerySerializer = (query: Record<string, unknown>) => string;\n\nexport type BodySerializer = (body: unknown) => unknown;\n\ntype QuerySerializerOptionsObject = {\n allowReserved?: boolean;\n array?: Partial<SerializerOptions<ArrayStyle>>;\n object?: Partial<SerializerOptions<ObjectStyle>>;\n};\n\nexport type QuerySerializerOptions = QuerySerializerOptionsObject & {\n /**\n * Per-parameter serialization overrides. When provided, these settings\n * override the global array/object settings for specific parameter names.\n */\n parameters?: Record<string, QuerySerializerOptionsObject>;\n};\n\nconst serializeFormDataPair = (data: FormData, key: string, value: unknown): void => {\n if (typeof value === 'string' || value instanceof Blob) {\n data.append(key, value);\n } else if (value instanceof Date) {\n data.append(key, value.toISOString());\n } else {\n data.append(key, JSON.stringify(value));\n }\n};\n\nconst serializeUrlSearchParamsPair = (data: URLSearchParams, key: string, value: unknown): void => {\n if (typeof value === 'string') {\n data.append(key, value);\n } else {\n data.append(key, JSON.stringify(value));\n }\n};\n\nexport const formDataBodySerializer = {\n bodySerializer: (body: unknown): FormData => {\n const data = new FormData();\n\n Object.entries(body as Record<string, unknown>).forEach(([key, value]) => {\n if (value === undefined || value === null) {\n return;\n }\n if (Array.isArray(value)) {\n value.forEach((v) => serializeFormDataPair(data, key, v));\n } else {\n serializeFormDataPair(data, key, value);\n }\n });\n\n return data;\n },\n};\n\nexport const jsonBodySerializer = {\n bodySerializer: (body: unknown): string =>\n JSON.stringify(body, (_key, value) => (typeof value === 'bigint' ? value.toString() : value)),\n};\n\nexport const urlSearchParamsBodySerializer = {\n bodySerializer: (body: unknown): string => {\n const data = new URLSearchParams();\n\n Object.entries(body as Record<string, unknown>).forEach(([key, value]) => {\n if (value === undefined || value === null) {\n return;\n }\n if (Array.isArray(value)) {\n value.forEach((v) => serializeUrlSearchParamsPair(data, key, v));\n } else {\n serializeUrlSearchParamsPair(data, key, value);\n }\n });\n\n return data.toString();\n },\n};\n","// This file is auto-generated by @hey-api/openapi-ts\n\ntype Slot = 'body' | 'headers' | 'path' | 'query';\n\nexport type Field =\n | {\n in: Exclude<Slot, 'body'>;\n /**\n * Field name. This is the name we want the user to see and use.\n */\n key: string;\n /**\n * Field mapped name. This is the name we want to use in the request.\n * If omitted, we use the same value as `key`.\n */\n map?: string;\n }\n | {\n in: Extract<Slot, 'body'>;\n /**\n * Key isn't required for bodies.\n */\n key?: string;\n map?: string;\n }\n | {\n /**\n * Field name. This is the name we want the user to see and use.\n */\n key: string;\n /**\n * Field mapped name. This is the name we want to use in the request.\n * If `in` is omitted, `map` aliases `key` to the transport layer.\n */\n map: Slot;\n };\n\nexport interface Fields {\n allowExtra?: Partial<Record<Slot, boolean>>;\n args?: ReadonlyArray<Field>;\n}\n\nexport type FieldsConfig = ReadonlyArray<Field | Fields>;\n\nconst extraPrefixesMap: Record<string, Slot> = {\n $body_: 'body',\n $headers_: 'headers',\n $path_: 'path',\n $query_: 'query',\n};\nconst extraPrefixes = Object.entries(extraPrefixesMap);\n\ntype KeyMap = Map<\n string,\n | {\n in: Slot;\n map?: string;\n }\n | {\n in?: never;\n map: Slot;\n }\n>;\n\nfunction buildKeyMap(fields: FieldsConfig, map?: KeyMap): KeyMap {\n if (!map) {\n map = new Map();\n }\n\n for (const config of fields) {\n if ('in' in config) {\n if (config.key) {\n map.set(config.key, {\n in: config.in,\n map: config.map,\n });\n }\n } else if ('key' in config) {\n map.set(config.key, {\n map: config.map,\n });\n } else if (config.args) {\n buildKeyMap(config.args, map);\n }\n }\n\n return map;\n}\n\ninterface Params {\n body?: unknown;\n headers: Record<string, unknown>;\n path: Record<string, unknown>;\n query: Record<string, unknown>;\n}\n\nfunction stripEmptySlots(params: Params): void {\n for (const [slot, value] of Object.entries(params)) {\n if (slot === 'body') continue;\n if (value && typeof value === 'object' && !Array.isArray(value) && !Object.keys(value).length) {\n delete params[slot as Slot];\n }\n }\n}\n\nexport function buildClientParams(args: ReadonlyArray<unknown>, fields: FieldsConfig): Params {\n const params: Params = {\n headers: Object.create(null),\n path: Object.create(null),\n query: Object.create(null),\n };\n\n const map = buildKeyMap(fields);\n\n function writeSlot(slot: Slot, key: string, value: unknown): void {\n let record = params[slot] as Record<string, unknown> | undefined;\n if (record === undefined) {\n record = Object.create(null) as Record<string, unknown>;\n params[slot] = record;\n }\n record[key] = value;\n }\n\n let config: FieldsConfig[number] | undefined;\n\n for (const [index, arg] of args.entries()) {\n if (fields[index]) {\n config = fields[index];\n }\n\n if (!config) {\n continue;\n }\n\n if ('in' in config) {\n if (config.key) {\n const field = map.get(config.key)!;\n const name = field.map || config.key;\n if (field.in) {\n writeSlot(field.in, name, arg);\n }\n } else {\n params.body = arg;\n }\n } else {\n for (const [key, value] of Object.entries(arg ?? {})) {\n const field = map.get(key);\n\n if (field) {\n if (field.in) {\n const name = field.map || key;\n writeSlot(field.in, name, value);\n } else {\n params[field.map] = value;\n }\n } else {\n const extra = extraPrefixes.find(([prefix]) => key.startsWith(prefix));\n\n if (extra) {\n const [prefix, slot] = extra;\n writeSlot(slot, key.slice(prefix.length), value);\n } else if ('allowExtra' in config && config.allowExtra) {\n for (const [slot, allowed] of Object.entries(config.allowExtra)) {\n if (allowed) {\n writeSlot(slot as Slot, key, value);\n break;\n }\n }\n }\n }\n }\n }\n }\n\n stripEmptySlots(params);\n\n return params;\n}\n","// This file is auto-generated by @hey-api/openapi-ts\n\nimport type { Config } from './types.gen';\n\nexport type ServerSentEventsOptions<TData = unknown> = Omit<RequestInit, 'method'> &\n Pick<Config, 'method' | 'responseTransformer' | 'responseValidator'> & {\n /**\n * Fetch API implementation. You can use this option to provide a custom\n * fetch instance.\n *\n * @default globalThis.fetch\n */\n fetch?: typeof fetch;\n /**\n * Implementing clients can call request interceptors inside this hook.\n */\n onRequest?: (url: string, init: RequestInit) => Promise<Request>;\n /**\n * Callback invoked when a network or parsing error occurs during streaming.\n *\n * This option applies only if the endpoint returns a stream of events.\n *\n * @param error The error that occurred.\n */\n onSseError?: (error: unknown) => void;\n /**\n * Callback invoked when an event is streamed from the server.\n *\n * This option applies only if the endpoint returns a stream of events.\n *\n * @param event Event streamed from the server.\n * @returns Nothing (void).\n */\n onSseEvent?: (event: StreamEvent<TData>) => void;\n serializedBody?: RequestInit['body'];\n /**\n * Default retry delay in milliseconds.\n *\n * This option applies only if the endpoint returns a stream of events.\n *\n * @default 3000\n */\n sseDefaultRetryDelay?: number;\n /**\n * Maximum number of retry attempts before giving up.\n */\n sseMaxRetryAttempts?: number;\n /**\n * Maximum retry delay in milliseconds.\n *\n * Applies only when exponential backoff is used.\n *\n * This option applies only if the endpoint returns a stream of events.\n *\n * @default 30000\n */\n sseMaxRetryDelay?: number;\n /**\n * Optional sleep function for retry backoff.\n *\n * Defaults to using `setTimeout`.\n */\n sseSleepFn?: (ms: number) => Promise<void>;\n url: string;\n };\n\nexport interface StreamEvent<TData = unknown> {\n data: TData;\n event?: string;\n id?: string;\n retry?: number;\n}\n\nexport type ServerSentEventsResult<TData = unknown, TReturn = void, TNext = unknown> = {\n stream: AsyncGenerator<\n TData extends Record<string, unknown> ? TData[keyof TData] : TData,\n TReturn,\n TNext\n >;\n};\n\nexport function createSseClient<TData = unknown>({\n onRequest,\n onSseError,\n onSseEvent,\n responseTransformer,\n responseValidator,\n sseDefaultRetryDelay,\n sseMaxRetryAttempts,\n sseMaxRetryDelay,\n sseSleepFn,\n url,\n ...options\n}: ServerSentEventsOptions): ServerSentEventsResult<TData> {\n let lastEventId: string | undefined;\n\n const sleep = sseSleepFn ?? ((ms: number) => new Promise((resolve) => setTimeout(resolve, ms)));\n\n const createStream = async function* () {\n let retryDelay: number = sseDefaultRetryDelay ?? 3000;\n let attempt = 0;\n const signal = options.signal ?? new AbortController().signal;\n\n while (true) {\n if (signal.aborted) break;\n\n attempt++;\n\n const headers =\n options.headers instanceof Headers\n ? options.headers\n : new Headers(options.headers as Record<string, string> | undefined);\n\n if (lastEventId !== undefined) {\n headers.set('Last-Event-ID', lastEventId);\n }\n\n try {\n const requestInit: RequestInit = {\n redirect: 'follow',\n ...options,\n body: options.serializedBody,\n headers,\n signal,\n };\n let request = new Request(url, requestInit);\n if (onRequest) {\n request = await onRequest(url, requestInit);\n }\n // fetch must be assigned here, otherwise it would throw the error:\n // TypeError: Failed to execute 'fetch' on 'Window': Illegal invocation\n const _fetch = options.fetch ?? globalThis.fetch;\n const response = await _fetch(request);\n\n if (!response.ok) throw new Error(`SSE failed: ${response.status} ${response.statusText}`);\n\n if (!response.body) throw new Error('No body in SSE response');\n\n const reader = response.body.pipeThrough(new TextDecoderStream()).getReader();\n\n let buffer = '';\n\n const abortHandler = () => {\n try {\n reader.cancel();\n } catch {\n // noop\n }\n };\n\n signal.addEventListener('abort', abortHandler);\n\n try {\n while (true) {\n const { done, value } = await reader.read();\n if (done) break;\n buffer += value;\n buffer = buffer.replace(/\\r\\n?/g, '\\n'); // normalize line endings\n\n const chunks = buffer.split('\\n\\n');\n buffer = chunks.pop() ?? '';\n\n for (const chunk of chunks) {\n const lines = chunk.split('\\n');\n const dataLines: Array<string> = [];\n let eventName: string | undefined;\n\n for (const line of lines) {\n if (line.startsWith('data:')) {\n dataLines.push(line.replace(/^data:\\s*/, ''));\n } else if (line.startsWith('event:')) {\n eventName = line.replace(/^event:\\s*/, '');\n } else if (line.startsWith('id:')) {\n lastEventId = line.replace(/^id:\\s*/, '');\n } else if (line.startsWith('retry:')) {\n const parsed = Number.parseInt(line.replace(/^retry:\\s*/, ''), 10);\n if (!Number.isNaN(parsed)) {\n retryDelay = parsed;\n }\n }\n }\n\n let data: unknown;\n let parsedJson = false;\n\n if (dataLines.length) {\n const rawData = dataLines.join('\\n');\n try {\n data = JSON.parse(rawData);\n parsedJson = true;\n } catch {\n data = rawData;\n }\n }\n\n if (parsedJson) {\n if (responseValidator) {\n await responseValidator(data);\n }\n\n if (responseTransformer) {\n data = await responseTransformer(data);\n }\n }\n\n onSseEvent?.({\n data,\n event: eventName,\n id: lastEventId,\n retry: retryDelay,\n });\n\n if (dataLines.length) {\n yield data as any;\n }\n }\n }\n } finally {\n signal.removeEventListener('abort', abortHandler);\n reader.releaseLock();\n }\n\n break; // exit loop on normal completion\n } catch (error) {\n // connection failed or aborted; retry after delay\n onSseError?.(error);\n\n if (sseMaxRetryAttempts !== undefined && attempt >= sseMaxRetryAttempts) {\n break; // stop after firing error\n }\n\n // exponential backoff: double retry each attempt, cap at 30s\n const backoff = Math.min(retryDelay * 2 ** (attempt - 1), sseMaxRetryDelay ?? 30000);\n await sleep(backoff);\n }\n }\n };\n\n const stream = createStream();\n\n return { stream };\n}\n","// This file is auto-generated by @hey-api/openapi-ts\n\ninterface SerializeOptions<T> extends SerializePrimitiveOptions, SerializerOptions<T> {}\n\ninterface SerializePrimitiveOptions {\n allowReserved?: boolean;\n name: string;\n}\n\nexport interface SerializerOptions<T> {\n /**\n * @default true\n */\n explode: boolean;\n style: T;\n}\n\nexport type ArrayStyle = 'form' | 'spaceDelimited' | 'pipeDelimited';\nexport type ArraySeparatorStyle = ArrayStyle | MatrixStyle;\ntype MatrixStyle = 'label' | 'matrix' | 'simple';\nexport type ObjectStyle = 'form' | 'deepObject';\ntype ObjectSeparatorStyle = ObjectStyle | MatrixStyle;\n\ninterface SerializePrimitiveParam extends SerializePrimitiveOptions {\n value: string;\n}\n\nexport const separatorArrayExplode = (style: ArraySeparatorStyle): '.' | ';' | ',' | '&' => {\n switch (style) {\n case 'label':\n return '.';\n case 'matrix':\n return ';';\n case 'simple':\n return ',';\n default:\n return '&';\n }\n};\n\nexport const separatorArrayNoExplode = (style: ArraySeparatorStyle): ',' | '|' | '%20' => {\n switch (style) {\n case 'form':\n return ',';\n case 'pipeDelimited':\n return '|';\n case 'spaceDelimited':\n return '%20';\n default:\n return ',';\n }\n};\n\nexport const separatorObjectExplode = (style: ObjectSeparatorStyle): '.' | ';' | ',' | '&' => {\n switch (style) {\n case 'label':\n return '.';\n case 'matrix':\n return ';';\n case 'simple':\n return ',';\n default:\n return '&';\n }\n};\n\nexport const serializeArrayParam = ({\n allowReserved,\n explode,\n name,\n style,\n value,\n}: SerializeOptions<ArraySeparatorStyle> & {\n value: unknown[];\n}): string => {\n if (!explode) {\n const joinedValues = (\n allowReserved ? value : value.map((v) => encodeURIComponent(v as string))\n ).join(separatorArrayNoExplode(style));\n switch (style) {\n case 'label':\n return `.${joinedValues}`;\n case 'matrix':\n return `;${name}=${joinedValues}`;\n case 'simple':\n return joinedValues;\n default:\n return `${name}=${joinedValues}`;\n }\n }\n\n const separator = separatorArrayExplode(style);\n const joinedValues = value\n .map((v) => {\n if (style === 'label' || style === 'simple') {\n return allowReserved ? v : encodeURIComponent(v as string);\n }\n\n return serializePrimitiveParam({\n allowReserved,\n name,\n value: v as string,\n });\n })\n .join(separator);\n return style === 'label' || style === 'matrix' ? separator + joinedValues : joinedValues;\n};\n\nexport const serializePrimitiveParam = ({\n allowReserved,\n name,\n value,\n}: SerializePrimitiveParam): string => {\n if (value === undefined || value === null) {\n return '';\n }\n\n if (typeof value === 'object') {\n throw new Error(\n 'Deeply-nested arrays/objects aren’t supported. Provide your own `querySerializer()` to handle these.',\n );\n }\n\n return `${name}=${allowReserved ? value : encodeURIComponent(value)}`;\n};\n\nexport const serializeObjectParam = ({\n allowReserved,\n explode,\n name,\n style,\n value,\n valueOnly,\n}: SerializeOptions<ObjectSeparatorStyle> & {\n value: Record<string, unknown> | Date;\n valueOnly?: boolean;\n}): string => {\n if (value instanceof Date) {\n return valueOnly ? value.toISOString() : `${name}=${value.toISOString()}`;\n }\n\n if (style !== 'deepObject' && !explode) {\n let values: string[] = [];\n Object.entries(value).forEach(([key, v]) => {\n values = [...values, key, allowReserved ? (v as string) : encodeURIComponent(v as string)];\n });\n const joinedValues = values.join(',');\n switch (style) {\n case 'form':\n return `${name}=${joinedValues}`;\n case 'label':\n return `.${joinedValues}`;\n case 'matrix':\n return `;${name}=${joinedValues}`;\n default:\n return joinedValues;\n }\n }\n\n const separator = separatorObjectExplode(style);\n const joinedValues = Object.entries(value)\n .map(([key, v]) =>\n serializePrimitiveParam({\n allowReserved,\n name: style === 'deepObject' ? `${name}[${key}]` : key,\n value: v as string,\n }),\n )\n .join(separator);\n return style === 'label' || style === 'matrix' ? separator + joinedValues : joinedValues;\n};\n","// This file is auto-generated by @hey-api/openapi-ts\n\nimport type { BodySerializer, QuerySerializer } from './bodySerializer.gen';\nimport {\n type ArraySeparatorStyle,\n serializeArrayParam,\n serializeObjectParam,\n serializePrimitiveParam,\n} from './pathSerializer.gen';\n\nexport interface PathSerializer {\n path: Record<string, unknown>;\n url: string;\n}\n\nexport const PATH_PARAM_RE: RegExp = /\\{[^{}]+\\}/g;\n\nexport const defaultPathSerializer = ({ path, url: _url }: PathSerializer): string => {\n let url = _url;\n const matches = _url.match(PATH_PARAM_RE);\n if (matches) {\n for (const match of matches) {\n let explode = false;\n let name = match.substring(1, match.length - 1);\n let style: ArraySeparatorStyle = 'simple';\n\n if (name.endsWith('*')) {\n explode = true;\n name = name.substring(0, name.length - 1);\n }\n\n if (name.startsWith('.')) {\n name = name.substring(1);\n style = 'label';\n } else if (name.startsWith(';')) {\n name = name.substring(1);\n style = 'matrix';\n }\n\n const value = path[name];\n\n if (value === undefined || value === null) {\n continue;\n }\n\n if (Array.isArray(value)) {\n url = url.replace(match, serializeArrayParam({ explode, name, style, value }));\n continue;\n }\n\n if (typeof value === 'object') {\n url = url.replace(\n match,\n serializeObjectParam({\n explode,\n name,\n style,\n value: value as Record<string, unknown>,\n valueOnly: true,\n }),\n );\n continue;\n }\n\n if (style === 'matrix') {\n url = url.replace(\n match,\n `;${serializePrimitiveParam({\n name,\n value: value as string,\n })}`,\n );\n continue;\n }\n\n const replaceValue = encodeURIComponent(\n style === 'label' ? `.${value as string}` : (value as string),\n );\n url = url.replace(match, replaceValue);\n }\n }\n return url;\n};\n\nexport const getUrl = ({\n baseUrl,\n path,\n query,\n querySerializer,\n url: _url,\n}: {\n baseUrl?: string;\n path?: Record<string, unknown>;\n query?: Record<string, unknown>;\n querySerializer: QuerySerializer;\n url: string;\n}): string => {\n const pathUrl = _url.startsWith('/') ? _url : `/${_url}`;\n let url = (baseUrl ?? '') + pathUrl;\n if (path) {\n url = defaultPathSerializer({ path, url });\n }\n let search = query ? querySerializer(query) : '';\n if (search.startsWith('?')) {\n search = search.substring(1);\n }\n if (search) {\n url += `?${search}`;\n }\n return url;\n};\n\nexport function getValidRequestBody(options: {\n body?: unknown;\n bodySerializer?: BodySerializer | null;\n serializedBody?: unknown;\n}): unknown {\n const hasBody = options.body !== undefined;\n const isSerializedBody = hasBody && options.bodySerializer;\n\n if (isSerializedBody) {\n if ('serializedBody' in options) {\n const hasSerializedBody =\n options.serializedBody !== undefined && options.serializedBody !== '';\n\n return hasSerializedBody ? options.serializedBody : null;\n }\n\n // not all clients implement a serializedBody property (i.e., client-axios)\n return options.body !== '' ? options.body : null;\n }\n\n // plain/text body\n if (hasBody) {\n return options.body;\n }\n\n // no body was provided\n return undefined;\n}\n","// This file is auto-generated by @hey-api/openapi-ts\n\nexport type AuthToken = string | undefined;\n\nexport interface Auth {\n /**\n * Which part of the request do we use to send the auth?\n *\n * @default 'header'\n */\n in?: 'header' | 'query' | 'cookie';\n /**\n * A unique identifier for the security scheme.\n *\n * Defined only when there are multiple security schemes whose `Auth`\n * shape would otherwise be identical.\n */\n key?: string;\n /**\n * Header or query parameter name.\n *\n * @default 'Authorization'\n */\n name?: string;\n scheme?: 'basic' | 'bearer';\n type: 'apiKey' | 'http';\n}\n\nexport const getAuthToken = async (\n auth: Auth,\n callback: ((auth: Auth) => Promise<AuthToken> | AuthToken) | AuthToken,\n): Promise<string | undefined> => {\n const token = typeof callback === 'function' ? await callback(auth) : callback;\n\n if (!token) {\n return;\n }\n\n if (auth.scheme === 'bearer') {\n return `Bearer ${token}`;\n }\n\n if (auth.scheme === 'basic') {\n return `Basic ${btoa(token)}`;\n }\n\n return token;\n};\n","// This file is auto-generated by @hey-api/openapi-ts\n\nimport { getAuthToken } from '../core/auth.gen';\nimport type { QuerySerializerOptions } from '../core/bodySerializer.gen';\nimport { jsonBodySerializer } from '../core/bodySerializer.gen';\nimport {\n serializeArrayParam,\n serializeObjectParam,\n serializePrimitiveParam,\n} from '../core/pathSerializer.gen';\nimport { getUrl } from '../core/utils.gen';\nimport type { Client, ClientOptions, Config, RequestOptions } from './types.gen';\n\nexport const createQuerySerializer = <T = unknown>({\n parameters = {},\n ...args\n}: QuerySerializerOptions = {}): ((queryParams: T) => string) => {\n const querySerializer = (queryParams: T): string => {\n const search: string[] = [];\n if (queryParams && typeof queryParams === 'object') {\n for (const name in queryParams) {\n const value = queryParams[name];\n\n if (value === undefined || value === null) {\n continue;\n }\n\n const options = parameters[name] || args;\n\n if (Array.isArray(value)) {\n const serializedArray = serializeArrayParam({\n allowReserved: options.allowReserved,\n explode: true,\n name,\n style: 'form',\n value,\n ...options.array,\n });\n if (serializedArray) search.push(serializedArray);\n } else if (typeof value === 'object') {\n const serializedObject = serializeObjectParam({\n allowReserved: options.allowReserved,\n explode: true,\n name,\n style: 'deepObject',\n value: value as Record<string, unknown>,\n ...options.object,\n });\n if (serializedObject) search.push(serializedObject);\n } else {\n const serializedPrimitive = serializePrimitiveParam({\n allowReserved: options.allowReserved,\n name,\n value: value as string,\n });\n if (serializedPrimitive) search.push(serializedPrimitive);\n }\n }\n }\n return search.join('&');\n };\n return querySerializer;\n};\n\n/**\n * Infers parseAs value from provided Content-Type header.\n */\nexport const getParseAs = (contentType: string | null): Exclude<Config['parseAs'], 'auto'> => {\n if (!contentType) {\n // If no Content-Type header is provided, the best we can do is return the raw response body,\n // which is effectively the same as the 'stream' option.\n return 'stream';\n }\n\n const cleanContent = contentType.split(';')[0]?.trim();\n\n if (!cleanContent) {\n return;\n }\n\n if (cleanContent.startsWith('application/json') || cleanContent.endsWith('+json')) {\n return 'json';\n }\n\n if (cleanContent === 'multipart/form-data') {\n return 'formData';\n }\n\n if (\n ['application/', 'audio/', 'image/', 'video/'].some((type) => cleanContent.startsWith(type))\n ) {\n return 'blob';\n }\n\n if (cleanContent.startsWith('text/')) {\n return 'text';\n }\n\n return;\n};\n\nconst checkForExistence = (\n options: Pick<RequestOptions, 'auth' | 'query'> & {\n headers: Headers;\n },\n name?: string,\n): boolean => {\n if (!name) {\n return false;\n }\n if (\n options.headers.has(name) ||\n options.query?.[name] ||\n options.headers.get('Cookie')?.includes(`${name}=`)\n ) {\n return true;\n }\n return false;\n};\n\nexport async function setAuthParams(\n options: Pick<RequestOptions, 'auth' | 'query' | 'security'> & {\n headers: Headers;\n },\n): Promise<void> {\n for (const auth of options.security ?? []) {\n if (checkForExistence(options, auth.name)) {\n continue;\n }\n\n const token = await getAuthToken(auth, options.auth);\n\n if (!token) {\n continue;\n }\n\n const name = auth.name ?? 'Authorization';\n\n switch (auth.in) {\n case 'query':\n if (!options.query) {\n options.query = {};\n }\n options.query[name] = token;\n break;\n case 'cookie':\n options.headers.append('Cookie', `${name}=${token}`);\n break;\n case 'header':\n default:\n options.headers.set(name, token);\n break;\n }\n }\n}\n\nexport const buildUrl: Client['buildUrl'] = (options) =>\n getUrl({\n baseUrl: options.baseUrl as string,\n path: options.path,\n query: options.query,\n querySerializer:\n typeof options.querySerializer === 'function'\n ? options.querySerializer\n : createQuerySerializer(options.querySerializer),\n url: options.url,\n });\n\nexport const mergeConfigs = (a: Config, b: Config): Config => {\n const config = { ...a, ...b };\n if (config.baseUrl?.endsWith('/')) {\n config.baseUrl = config.baseUrl.substring(0, config.baseUrl.length - 1);\n }\n config.headers = mergeHeaders(a.headers, b.headers);\n return config;\n};\n\nconst headersEntries = (headers: Headers): Array<[string, string]> => {\n const entries: Array<[string, string]> = [];\n headers.forEach((value, key) => {\n entries.push([key, value]);\n });\n return entries;\n};\n\nexport const mergeHeaders = (\n ...headers: Array<Required<Config>['headers'] | undefined>\n): Headers => {\n const mergedHeaders = new Headers();\n for (const header of headers) {\n if (!header) {\n continue;\n }\n\n const iterator = header instanceof Headers ? headersEntries(header) : Object.entries(header);\n\n for (const [key, value] of iterator) {\n if (value === null) {\n mergedHeaders.delete(key);\n } else if (Array.isArray(value)) {\n for (const v of value) {\n mergedHeaders.append(key, v as string);\n }\n } else if (value !== undefined) {\n // assume object headers are meant to be JSON stringified, i.e., their\n // content value in OpenAPI specification is 'application/json'\n mergedHeaders.set(\n key,\n typeof value === 'object' ? JSON.stringify(value) : (value as string),\n );\n }\n }\n }\n return mergedHeaders;\n};\n\ntype ErrInterceptor<Err, Res, Req, Options> = (\n error: Err,\n /** response may be undefined due to a network error where no response object is produced */\n response: Res | undefined,\n /** request may be undefined, because error may be from building the request object itself */\n request: Req | undefined,\n options: Options,\n) => Err | Promise<Err>;\n\ntype ReqInterceptor<Req, Options> = (request: Req, options: Options) => Req | Promise<Req>;\n\ntype ResInterceptor<Res, Req, Options> = (\n response: Res,\n request: Req,\n options: Options,\n) => Res | Promise<Res>;\n\nclass Interceptors<Interceptor> {\n fns: Array<Interceptor | null> = [];\n\n clear(): void {\n this.fns = [];\n }\n\n eject(id: number | Interceptor): void {\n const index = this.getInterceptorIndex(id);\n if (this.fns[index]) {\n this.fns[index] = null;\n }\n }\n\n exists(id: number | Interceptor): boolean {\n const index = this.getInterceptorIndex(id);\n return Boolean(this.fns[index]);\n }\n\n getInterceptorIndex(id: number | Interceptor): number {\n if (typeof id === 'number') {\n return this.fns[id] ? id : -1;\n }\n return this.fns.indexOf(id);\n }\n\n update(id: number | Interceptor, fn: Interceptor): number | Interceptor | false {\n const index = this.getInterceptorIndex(id);\n if (this.fns[index]) {\n this.fns[index] = fn;\n return id;\n }\n return false;\n }\n\n use(fn: Interceptor): number {\n this.fns.push(fn);\n return this.fns.length - 1;\n }\n}\n\nexport interface Middleware<Req, Res, Err, Options> {\n error: Interceptors<ErrInterceptor<Err, Res, Req, Options>>;\n request: Interceptors<ReqInterceptor<Req, Options>>;\n response: Interceptors<ResInterceptor<Res, Req, Options>>;\n}\n\nexport const createInterceptors = <Req, Res, Err, Options>(): Middleware<\n Req,\n Res,\n Err,\n Options\n> => ({\n error: new Interceptors<ErrInterceptor<Err, Res, Req, Options>>(),\n request: new Interceptors<ReqInterceptor<Req, Options>>(),\n response: new Interceptors<ResInterceptor<Res, Req, Options>>(),\n});\n\nconst defaultQuerySerializer = createQuerySerializer({\n allowReserved: false,\n array: {\n explode: true,\n style: 'form',\n },\n object: {\n explode: true,\n style: 'deepObject',\n },\n});\n\nconst defaultHeaders = {\n 'Content-Type': 'application/json',\n};\n\nexport const createConfig = <T extends ClientOptions = ClientOptions>(\n override: Config<Omit<ClientOptions, keyof T> & T> = {},\n): Config<Omit<ClientOptions, keyof T> & T> => ({\n ...jsonBodySerializer,\n headers: defaultHeaders,\n parseAs: 'auto',\n querySerializer: defaultQuerySerializer,\n ...override,\n});\n","// This file is auto-generated by @hey-api/openapi-ts\n\nimport { createSseClient } from '../core/serverSentEvents.gen';\nimport type { HttpMethod } from '../core/types.gen';\nimport { getValidRequestBody } from '../core/utils.gen';\nimport type { Client, Config, RequestOptions, ResolvedRequestOptions } from './types.gen';\nimport {\n buildUrl,\n createConfig,\n createInterceptors,\n getParseAs,\n mergeConfigs,\n mergeHeaders,\n setAuthParams,\n} from './utils.gen';\n\ntype ReqInit = Omit<RequestInit, 'body' | 'headers'> & {\n body?: any;\n headers: ReturnType<typeof mergeHeaders>;\n};\n\nexport const createClient = (config: Config = {}): Client => {\n let _config = mergeConfigs(createConfig(), config);\n\n const getConfig = (): Config => ({ ..._config });\n\n const setConfig = (config: Config): Config => {\n _config = mergeConfigs(_config, config);\n return getConfig();\n };\n\n const interceptors = createInterceptors<Request, Response, unknown, ResolvedRequestOptions>();\n\n const beforeRequest = async <\n TData = unknown,\n TResponseStyle extends 'data' | 'fields' = 'fields',\n ThrowOnError extends boolean = boolean,\n Url extends string = string,\n >(\n options: RequestOptions<TData, TResponseStyle, ThrowOnError, Url>,\n ) => {\n const opts = {\n ..._config,\n ...options,\n fetch: options.fetch ?? _config.fetch ?? globalThis.fetch,\n headers: mergeHeaders(_config.headers, options.headers),\n serializedBody: undefined as string | undefined,\n };\n\n if (opts.security) {\n await setAuthParams(opts);\n }\n\n if (opts.requestValidator) {\n await opts.requestValidator(opts);\n }\n\n if (opts.body !== undefined && opts.bodySerializer) {\n opts.serializedBody = opts.bodySerializer(opts.body) as string | undefined;\n }\n\n // remove Content-Type header if body is empty to avoid sending invalid requests\n if (opts.body === undefined || opts.serializedBody === '') {\n opts.headers.delete('Content-Type');\n }\n\n const resolvedOpts = opts as typeof opts &\n ResolvedRequestOptions<TResponseStyle, ThrowOnError, Url>;\n const url = buildUrl(resolvedOpts);\n\n return { opts: resolvedOpts, url };\n };\n\n const request: Client['request'] = async (options) => {\n const throwOnError = options.throwOnError ?? _config.throwOnError;\n const responseStyle = options.responseStyle ?? _config.responseStyle;\n\n let request: Request | undefined;\n let response: Response | undefined;\n\n try {\n const { opts, url } = await beforeRequest(options);\n const requestInit: ReqInit = {\n redirect: 'follow',\n ...opts,\n body: getValidRequestBody(opts),\n };\n\n request = new Request(url, requestInit);\n\n for (const fn of interceptors.request.fns) {\n if (fn) {\n request = await fn(request, opts);\n }\n }\n\n // fetch must be assigned here, otherwise it would throw the error:\n // TypeError: Failed to execute 'fetch' on 'Window': Illegal invocation\n const _fetch = opts.fetch!;\n\n response = await _fetch(request);\n\n for (const fn of interceptors.response.fns) {\n if (fn) {\n response = await fn(response, request, opts);\n }\n }\n\n const result = {\n request,\n response,\n };\n\n if (response.ok) {\n const parseAs =\n (opts.parseAs === 'auto'\n ? getParseAs(response.headers.get('Content-Type'))\n : opts.parseAs) ?? 'json';\n\n if (response.status === 204 || response.headers.get('Content-Length') === '0') {\n let emptyData: any;\n switch (parseAs) {\n case 'arrayBuffer':\n case 'blob':\n case 'text':\n emptyData = await response[parseAs]();\n break;\n case 'formData':\n emptyData = new FormData();\n break;\n case 'stream':\n emptyData = response.body;\n break;\n case 'json':\n default:\n emptyData = {};\n break;\n }\n return opts.responseStyle === 'data'\n ? emptyData\n : {\n data: emptyData,\n ...result,\n };\n }\n\n let data: any;\n switch (parseAs) {\n case 'arrayBuffer':\n case 'blob':\n case 'formData':\n case 'text':\n data = await response[parseAs]();\n break;\n case 'json': {\n // Some servers return 200 with no Content-Length and empty body.\n // response.json() would throw; read as text and parse if non-empty.\n const text = await response.text();\n data = text ? JSON.parse(text) : {};\n break;\n }\n case 'stream':\n return opts.responseStyle === 'data'\n ? response.body\n : {\n data: response.body,\n ...result,\n };\n }\n\n if (parseAs === 'json') {\n if (opts.responseValidator) {\n await opts.responseValidator(data);\n }\n\n if (opts.responseTransformer) {\n data = await opts.responseTransformer(data);\n }\n }\n\n return opts.responseStyle === 'data'\n ? data\n : {\n data,\n ...result,\n };\n }\n\n const textError = await response.text();\n let jsonError: unknown;\n\n try {\n jsonError = JSON.parse(textError);\n } catch {\n // noop\n }\n\n throw jsonError ?? textError;\n } catch (error) {\n let finalError = error;\n\n for (const fn of interceptors.error.fns) {\n if (fn) {\n finalError = await fn(finalError, response, request, options as ResolvedRequestOptions);\n }\n }\n\n finalError = finalError || {};\n\n if (throwOnError) {\n throw finalError;\n }\n\n // TODO: we probably want to return error and improve types\n return responseStyle === 'data'\n ? undefined\n : {\n error: finalError,\n request,\n response,\n };\n }\n };\n\n const makeMethodFn = (method: Uppercase<HttpMethod>) => (options: RequestOptions) =>\n request({ ...options, method });\n\n const makeSseFn = (method: Uppercase<HttpMethod>) => async (options: RequestOptions) => {\n const { opts, url } = await beforeRequest(options);\n return createSseClient({\n ...opts,\n body: opts.body as BodyInit | null | undefined,\n method,\n onRequest: async (url, init) => {\n let request = new Request(url, init);\n for (const fn of interceptors.request.fns) {\n if (fn) {\n request = await fn(request, opts);\n }\n }\n return request;\n },\n serializedBody: getValidRequestBody(opts) as BodyInit | null | undefined,\n url,\n });\n };\n\n const _buildUrl: Client['buildUrl'] = (options) => buildUrl({ ..._config, ...options });\n\n return {\n buildUrl: _buildUrl,\n connect: makeMethodFn('CONNECT'),\n delete: makeMethodFn('DELETE'),\n get: makeMethodFn('GET'),\n getConfig,\n head: makeMethodFn('HEAD'),\n interceptors,\n options: makeMethodFn('OPTIONS'),\n patch: makeMethodFn('PATCH'),\n post: makeMethodFn('POST'),\n put: makeMethodFn('PUT'),\n request,\n setConfig,\n sse: {\n connect: makeSseFn('CONNECT'),\n delete: makeSseFn('DELETE'),\n get: makeSseFn('GET'),\n head: makeSseFn('HEAD'),\n options: makeSseFn('OPTIONS'),\n patch: makeSseFn('PATCH'),\n post: makeSseFn('POST'),\n put: makeSseFn('PUT'),\n trace: makeSseFn('TRACE'),\n },\n trace: makeMethodFn('TRACE'),\n } as Client;\n};\n","// This file is auto-generated by @hey-api/openapi-ts\n\nimport { type Client, type ClientOptions, type Config, createClient, createConfig } from './client';\nimport type { ClientOptions as ClientOptions2 } from './types.gen';\n\n/**\n * The `createClientConfig()` function will be called on client initialization\n * and the returned object will become the client's initial configuration.\n *\n * You may want to initialize your client this way instead of calling\n * `setConfig()`. This is useful for example if you're using Next.js\n * to ensure your client always has the correct values.\n */\nexport type CreateClientConfig<T extends ClientOptions = ClientOptions2> = (override?: Config<ClientOptions & T>) => Config<Required<ClientOptions> & T>;\n\nexport const client: Client = createClient(createConfig<ClientOptions2>({ baseUrl: 'http://localhost:8000' }));\n\n// auto-init: install auth on client\nimport { installAuthOnClient } from './helpers/auth';\ninstallAuthOnClient(client);\n","// This file is auto-generated by @hey-api/openapi-ts\n\nimport { type Client, type ClientMeta, formDataBodySerializer, type Options as Options2, type RequestResult, type TDataShape } from './client';\nimport { client } from './client.gen';\nimport type { CfgAccountsApiKeyRegenerateCreateData, CfgAccountsApiKeyRegenerateCreateErrors, CfgAccountsApiKeyRegenerateCreateResponses, CfgAccountsApiKeyRetrieveData, CfgAccountsApiKeyRetrieveErrors, CfgAccountsApiKeyRetrieveResponses, CfgAccountsApiKeyRevealCreateData, CfgAccountsApiKeyRevealCreateErrors, CfgAccountsApiKeyRevealCreateResponses, CfgAccountsApiKeyTestCreateData, CfgAccountsApiKeyTestCreateResponses, CfgAccountsOauthConnectionsListData, CfgAccountsOauthConnectionsListResponses, CfgAccountsOauthDisconnectCreateData, CfgAccountsOauthDisconnectCreateErrors, CfgAccountsOauthDisconnectCreateResponses, CfgAccountsOauthGithubAuthorizeCreateData, CfgAccountsOauthGithubAuthorizeCreateErrors, CfgAccountsOauthGithubAuthorizeCreateResponses, CfgAccountsOauthGithubCallbackCreateData, CfgAccountsOauthGithubCallbackCreateErrors, CfgAccountsOauthGithubCallbackCreateResponses, CfgAccountsOauthProvidersRetrieveData, CfgAccountsOauthProvidersRetrieveResponses, CfgAccountsOtpRequestCreateData, CfgAccountsOtpRequestCreateErrors, CfgAccountsOtpRequestCreateResponses, CfgAccountsOtpVerifyCreateData, CfgAccountsOtpVerifyCreateErrors, CfgAccountsOtpVerifyCreateResponses, CfgAccountsProfileAvatarCreateData, CfgAccountsProfileAvatarCreateErrors, CfgAccountsProfileAvatarCreateResponses, CfgAccountsProfileDeleteCreateData, CfgAccountsProfileDeleteCreateErrors, CfgAccountsProfileDeleteCreateResponses, CfgAccountsProfilePartialPartialUpdateData, CfgAccountsProfilePartialPartialUpdateErrors, CfgAccountsProfilePartialPartialUpdateResponses, CfgAccountsProfilePartialUpdateData, CfgAccountsProfilePartialUpdateErrors, CfgAccountsProfilePartialUpdateResponses, CfgAccountsProfileRetrieveData, CfgAccountsProfileRetrieveErrors, CfgAccountsProfileRetrieveResponses, CfgAccountsProfileUpdatePartialUpdateData, CfgAccountsProfileUpdatePartialUpdateErrors, CfgAccountsProfileUpdatePartialUpdateResponses, CfgAccountsProfileUpdateUpdateData, CfgAccountsProfileUpdateUpdateErrors, CfgAccountsProfileUpdateUpdateResponses, CfgAccountsTokenBlacklistCreateData, CfgAccountsTokenBlacklistCreateResponses, CfgAccountsTokenRefreshCreateData, CfgAccountsTokenRefreshCreateResponses, CfgCentrifugoAuthTokenRetrieveData, CfgCentrifugoAuthTokenRetrieveErrors, CfgCentrifugoAuthTokenRetrieveResponses, CfgTotpBackupCodesRegenerateCreateData, CfgTotpBackupCodesRegenerateCreateErrors, CfgTotpBackupCodesRegenerateCreateResponses, CfgTotpBackupCodesRetrieveData, CfgTotpBackupCodesRetrieveResponses, CfgTotpDevicesDestroyData, CfgTotpDevicesDestroyResponses, CfgTotpDevicesRetrieveData, CfgTotpDevicesRetrieveResponses, CfgTotpDisableCreateData, CfgTotpDisableCreateErrors, CfgTotpDisableCreateResponses, CfgTotpSetupConfirmCreateData, CfgTotpSetupConfirmCreateErrors, CfgTotpSetupConfirmCreateResponses, CfgTotpSetupCreateData, CfgTotpSetupCreateErrors, CfgTotpSetupCreateResponses, CfgTotpVerifyBackupCreateData, CfgTotpVerifyBackupCreateErrors, CfgTotpVerifyBackupCreateResponses, CfgTotpVerifyCreateData, CfgTotpVerifyCreateErrors, CfgTotpVerifyCreateResponses } from './types.gen';\n\nexport type Options<TData extends TDataShape = TDataShape, ThrowOnError extends boolean = boolean, TResponse = unknown> = Options2<TData, ThrowOnError, TResponse> & {\n /**\n * You can provide a client instance returned by `createClient()` instead of\n * individual options. This might be also useful if you want to implement a\n * custom client.\n */\n client?: Client;\n /**\n * You can pass arbitrary values through the `meta` object. This can be\n * used to access values that aren't defined as part of the SDK function.\n */\n meta?: keyof ClientMeta extends never ? Record<string, unknown> : ClientMeta;\n};\n\nexport class CfgAccountsApiKey {\n /**\n * Get API key details\n *\n * Retrieve the current user's API key (masked) and metadata.\n */\n public static cfgAccountsApiKeyRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsApiKeyRetrieveData, ThrowOnError>): RequestResult<CfgAccountsApiKeyRetrieveResponses, CfgAccountsApiKeyRetrieveErrors, ThrowOnError> {\n return (options?.client ?? client).get<CfgAccountsApiKeyRetrieveResponses, CfgAccountsApiKeyRetrieveErrors, ThrowOnError>({\n security: [\n { scheme: 'bearer', type: 'http' },\n {\n in: 'cookie',\n name: 'sessionid',\n type: 'apiKey'\n },\n { name: 'X-API-Key', type: 'apiKey' }\n ],\n url: '/cfg/accounts/api-key/',\n ...options\n });\n }\n \n /**\n * Regenerate API key\n *\n * Generate a new API key. The full key is returned only once.\n */\n public static cfgAccountsApiKeyRegenerateCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsApiKeyRegenerateCreateData, ThrowOnError>): RequestResult<CfgAccountsApiKeyRegenerateCreateResponses, CfgAccountsApiKeyRegenerateCreateErrors, ThrowOnError> {\n return (options.client ?? client).post<CfgAccountsApiKeyRegenerateCreateResponses, CfgAccountsApiKeyRegenerateCreateErrors, ThrowOnError>({\n security: [\n { scheme: 'bearer', type: 'http' },\n {\n in: 'cookie',\n name: 'sessionid',\n type: 'apiKey'\n },\n { name: 'X-API-Key', type: 'apiKey' }\n ],\n url: '/cfg/accounts/api-key/regenerate/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options.headers\n }\n });\n }\n \n /**\n * Reveal API key\n *\n * Return the current full API key WITHOUT rotating it. The same durable value every one of the user's agents uses — for the signed-in user to copy and paste into agent onboarding. Default GET stays masked; this is the explicit reveal action.\n */\n public static cfgAccountsApiKeyRevealCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsApiKeyRevealCreateData, ThrowOnError>): RequestResult<CfgAccountsApiKeyRevealCreateResponses, CfgAccountsApiKeyRevealCreateErrors, ThrowOnError> {\n return (options.client ?? client).post<CfgAccountsApiKeyRevealCreateResponses, CfgAccountsApiKeyRevealCreateErrors, ThrowOnError>({\n security: [\n { scheme: 'bearer', type: 'http' },\n {\n in: 'cookie',\n name: 'sessionid',\n type: 'apiKey'\n },\n { name: 'X-API-Key', type: 'apiKey' }\n ],\n url: '/cfg/accounts/api-key/reveal/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options.headers\n }\n });\n }\n \n /**\n * Test API key\n *\n * Test whether an API key is valid without consuming it.\n */\n public static cfgAccountsApiKeyTestCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsApiKeyTestCreateData, ThrowOnError>): RequestResult<CfgAccountsApiKeyTestCreateResponses, unknown, ThrowOnError> {\n return (options.client ?? client).post<CfgAccountsApiKeyTestCreateResponses, unknown, ThrowOnError>({\n security: [\n { scheme: 'bearer', type: 'http' },\n {\n in: 'cookie',\n name: 'sessionid',\n type: 'apiKey'\n },\n { name: 'X-API-Key', type: 'apiKey' }\n ],\n url: '/cfg/accounts/api-key/test/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options.headers\n }\n });\n }\n}\n\nexport class CfgAccountsOauth {\n /**\n * List OAuth connections\n *\n * Get all OAuth connections for the current user.\n */\n public static cfgAccountsOauthConnectionsList<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsOauthConnectionsListData, ThrowOnError>): RequestResult<CfgAccountsOauthConnectionsListResponses, unknown, ThrowOnError> {\n return (options?.client ?? client).get<CfgAccountsOauthConnectionsListResponses, unknown, ThrowOnError>({\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/accounts/oauth/connections/',\n ...options\n });\n }\n \n /**\n * Disconnect OAuth provider\n *\n * Remove OAuth connection for the specified provider.\n */\n public static cfgAccountsOauthDisconnectCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsOauthDisconnectCreateData, ThrowOnError>): RequestResult<CfgAccountsOauthDisconnectCreateResponses, CfgAccountsOauthDisconnectCreateErrors, ThrowOnError> {\n return (options.client ?? client).post<CfgAccountsOauthDisconnectCreateResponses, CfgAccountsOauthDisconnectCreateErrors, ThrowOnError>({\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/accounts/oauth/disconnect/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options.headers\n }\n });\n }\n \n /**\n * Start GitHub OAuth\n *\n * Generate GitHub OAuth authorization URL. Redirect user to this URL to start authentication.\n */\n public static cfgAccountsOauthGithubAuthorizeCreate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsOauthGithubAuthorizeCreateData, ThrowOnError>): RequestResult<CfgAccountsOauthGithubAuthorizeCreateResponses, CfgAccountsOauthGithubAuthorizeCreateErrors, ThrowOnError> {\n return (options?.client ?? client).post<CfgAccountsOauthGithubAuthorizeCreateResponses, CfgAccountsOauthGithubAuthorizeCreateErrors, ThrowOnError>({\n url: '/cfg/accounts/oauth/github/authorize/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options?.headers\n }\n });\n }\n \n /**\n * Complete GitHub OAuth\n *\n * Exchange authorization code for JWT tokens. Call this after GitHub redirects back with code.\n */\n public static cfgAccountsOauthGithubCallbackCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsOauthGithubCallbackCreateData, ThrowOnError>): RequestResult<CfgAccountsOauthGithubCallbackCreateResponses, CfgAccountsOauthGithubCallbackCreateErrors, ThrowOnError> {\n return (options.client ?? client).post<CfgAccountsOauthGithubCallbackCreateResponses, CfgAccountsOauthGithubCallbackCreateErrors, ThrowOnError>({\n url: '/cfg/accounts/oauth/github/callback/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options.headers\n }\n });\n }\n \n /**\n * List OAuth providers\n *\n * Get list of available OAuth providers for authentication.\n */\n public static cfgAccountsOauthProvidersRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsOauthProvidersRetrieveData, ThrowOnError>): RequestResult<CfgAccountsOauthProvidersRetrieveResponses, unknown, ThrowOnError> {\n return (options?.client ?? client).get<CfgAccountsOauthProvidersRetrieveResponses, unknown, ThrowOnError>({ url: '/cfg/accounts/oauth/providers/', ...options });\n }\n}\n\nexport class CfgAccounts {\n /**\n * Request OTP code to email.\n */\n public static cfgAccountsOtpRequestCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsOtpRequestCreateData, ThrowOnError>): RequestResult<CfgAccountsOtpRequestCreateResponses, CfgAccountsOtpRequestCreateErrors, ThrowOnError> {\n return (options.client ?? client).post<CfgAccountsOtpRequestCreateResponses, CfgAccountsOtpRequestCreateErrors, ThrowOnError>({\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/accounts/otp/request/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options.headers\n }\n });\n }\n \n /**\n * Verify OTP code and return JWT tokens or 2FA session.\n *\n * If user has 2FA enabled:\n * - Returns requires_2fa=True with session_id\n * - Client must complete 2FA verification at /cfg/totp/verify/\n *\n * If user has no 2FA:\n * - Returns JWT tokens and user data directly\n */\n public static cfgAccountsOtpVerifyCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsOtpVerifyCreateData, ThrowOnError>): RequestResult<CfgAccountsOtpVerifyCreateResponses, CfgAccountsOtpVerifyCreateErrors, ThrowOnError> {\n return (options.client ?? client).post<CfgAccountsOtpVerifyCreateResponses, CfgAccountsOtpVerifyCreateErrors, ThrowOnError>({\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/accounts/otp/verify/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options.headers\n }\n });\n }\n}\n\nexport class CfgAccountsProfile {\n /**\n * Get current user profile\n *\n * Retrieve the current authenticated user's profile information.\n */\n public static cfgAccountsProfileRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileRetrieveData, ThrowOnError>): RequestResult<CfgAccountsProfileRetrieveResponses, CfgAccountsProfileRetrieveErrors, ThrowOnError> {\n return (options?.client ?? client).get<CfgAccountsProfileRetrieveResponses, CfgAccountsProfileRetrieveErrors, ThrowOnError>({\n security: [{ scheme: 'bearer', type: 'http' }, {\n in: 'cookie',\n name: 'sessionid',\n type: 'apiKey'\n }],\n url: '/cfg/accounts/profile/',\n ...options\n });\n }\n \n /**\n * Upload user avatar\n *\n * Upload avatar image for the current authenticated user. Accepts multipart/form-data with 'avatar' field.\n */\n public static cfgAccountsProfileAvatarCreate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileAvatarCreateData, ThrowOnError>): RequestResult<CfgAccountsProfileAvatarCreateResponses, CfgAccountsProfileAvatarCreateErrors, ThrowOnError> {\n return (options?.client ?? client).post<CfgAccountsProfileAvatarCreateResponses, CfgAccountsProfileAvatarCreateErrors, ThrowOnError>({\n ...formDataBodySerializer,\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/accounts/profile/avatar/',\n ...options,\n headers: {\n 'Content-Type': null,\n ...options?.headers\n }\n });\n }\n \n /**\n * Delete user account\n *\n *\n * Permanently delete the current user's account.\n *\n * This operation:\n * - Deactivates the account (user cannot log in)\n * - Anonymizes personal data (GDPR compliance)\n * - Frees up the email address for re-registration\n * - Preserves audit trail\n *\n * The account can be restored by an administrator if needed.\n *\n */\n public static cfgAccountsProfileDeleteCreate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileDeleteCreateData, ThrowOnError>): RequestResult<CfgAccountsProfileDeleteCreateResponses, CfgAccountsProfileDeleteCreateErrors, ThrowOnError> {\n return (options?.client ?? client).post<CfgAccountsProfileDeleteCreateResponses, CfgAccountsProfileDeleteCreateErrors, ThrowOnError>({\n security: [{ scheme: 'bearer', type: 'http' }, {\n in: 'cookie',\n name: 'sessionid',\n type: 'apiKey'\n }],\n url: '/cfg/accounts/profile/delete/',\n ...options\n });\n }\n \n /**\n * Partial update user profile\n *\n * Partially update the current authenticated user's profile information. Supports avatar upload.\n */\n public static cfgAccountsProfilePartialPartialUpdate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfilePartialPartialUpdateData, ThrowOnError>): RequestResult<CfgAccountsProfilePartialPartialUpdateResponses, CfgAccountsProfilePartialPartialUpdateErrors, ThrowOnError> {\n return (options?.client ?? client).patch<CfgAccountsProfilePartialPartialUpdateResponses, CfgAccountsProfilePartialPartialUpdateErrors, ThrowOnError>({\n security: [{ scheme: 'bearer', type: 'http' }, {\n in: 'cookie',\n name: 'sessionid',\n type: 'apiKey'\n }],\n url: '/cfg/accounts/profile/partial/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options?.headers\n }\n });\n }\n \n /**\n * Partial update user profile\n *\n * Partially update the current authenticated user's profile information. Supports avatar upload.\n */\n public static cfgAccountsProfilePartialUpdate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfilePartialUpdateData, ThrowOnError>): RequestResult<CfgAccountsProfilePartialUpdateResponses, CfgAccountsProfilePartialUpdateErrors, ThrowOnError> {\n return (options?.client ?? client).put<CfgAccountsProfilePartialUpdateResponses, CfgAccountsProfilePartialUpdateErrors, ThrowOnError>({\n security: [{ scheme: 'bearer', type: 'http' }, {\n in: 'cookie',\n name: 'sessionid',\n type: 'apiKey'\n }],\n url: '/cfg/accounts/profile/partial/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options?.headers\n }\n });\n }\n \n /**\n * Update user profile\n *\n * Update the current authenticated user's profile information.\n */\n public static cfgAccountsProfileUpdatePartialUpdate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileUpdatePartialUpdateData, ThrowOnError>): RequestResult<CfgAccountsProfileUpdatePartialUpdateResponses, CfgAccountsProfileUpdatePartialUpdateErrors, ThrowOnError> {\n return (options?.client ?? client).patch<CfgAccountsProfileUpdatePartialUpdateResponses, CfgAccountsProfileUpdatePartialUpdateErrors, ThrowOnError>({\n security: [{ scheme: 'bearer', type: 'http' }, {\n in: 'cookie',\n name: 'sessionid',\n type: 'apiKey'\n }],\n url: '/cfg/accounts/profile/update/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options?.headers\n }\n });\n }\n \n /**\n * Update user profile\n *\n * Update the current authenticated user's profile information.\n */\n public static cfgAccountsProfileUpdateUpdate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileUpdateUpdateData, ThrowOnError>): RequestResult<CfgAccountsProfileUpdateUpdateResponses, CfgAccountsProfileUpdateUpdateErrors, ThrowOnError> {\n return (options?.client ?? client).put<CfgAccountsProfileUpdateUpdateResponses, CfgAccountsProfileUpdateUpdateErrors, ThrowOnError>({\n security: [{ scheme: 'bearer', type: 'http' }, {\n in: 'cookie',\n name: 'sessionid',\n type: 'apiKey'\n }],\n url: '/cfg/accounts/profile/update/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options?.headers\n }\n });\n }\n}\n\nexport class CfgAccountsAuth {\n /**\n * Revoke a refresh token (logout).\n *\n * Blacklists the posted refresh token so it can never mint another access\n * token. Called best-effort by the client's logout — without it, \"logout\"\n * is purely client-side and a stolen refresh token survives until expiry.\n */\n public static cfgAccountsTokenBlacklistCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsTokenBlacklistCreateData, ThrowOnError>): RequestResult<CfgAccountsTokenBlacklistCreateResponses, unknown, ThrowOnError> {\n return (options.client ?? client).post<CfgAccountsTokenBlacklistCreateResponses, unknown, ThrowOnError>({\n url: '/cfg/accounts/token/blacklist/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options.headers\n }\n });\n }\n \n /**\n * Refresh JWT token.\n *\n * DPoP-aware: when the incoming refresh token is key-bound (`cnf.jkt`), the\n * rotated access/refresh in the response are re-stamped with the same `cnf`\n * (stock SimpleJWT drops it from the derived access), and a matching DPoP\n * proof is required on the refresh request — so a stolen refresh token can't\n * be used to mint fresh tokens.\n */\n public static cfgAccountsTokenRefreshCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsTokenRefreshCreateData, ThrowOnError>): RequestResult<CfgAccountsTokenRefreshCreateResponses, unknown, ThrowOnError> {\n return (options.client ?? client).post<CfgAccountsTokenRefreshCreateResponses, unknown, ThrowOnError>({\n url: '/cfg/accounts/token/refresh/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options.headers\n }\n });\n }\n}\n\nexport class CfgCentrifugo {\n /**\n * Get Centrifugo connection token\n *\n * Generate JWT token for WebSocket connection to Centrifugo. Token includes user's allowed channels based on their permissions. Requires authentication.\n */\n public static cfgCentrifugoAuthTokenRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgCentrifugoAuthTokenRetrieveData, ThrowOnError>): RequestResult<CfgCentrifugoAuthTokenRetrieveResponses, CfgCentrifugoAuthTokenRetrieveErrors, ThrowOnError> {\n return (options?.client ?? client).get<CfgCentrifugoAuthTokenRetrieveResponses, CfgCentrifugoAuthTokenRetrieveErrors, ThrowOnError>({\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/centrifugo/auth/token/',\n ...options\n });\n }\n}\n\nexport class CfgTotpBackupCodes {\n /**\n * Get backup codes status for user.\n */\n public static cfgTotpBackupCodesRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgTotpBackupCodesRetrieveData, ThrowOnError>): RequestResult<CfgTotpBackupCodesRetrieveResponses, unknown, ThrowOnError> {\n return (options?.client ?? client).get<CfgTotpBackupCodesRetrieveResponses, unknown, ThrowOnError>({\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/totp/backup-codes/',\n ...options\n });\n }\n \n /**\n * Regenerate backup codes.\n *\n * Requires TOTP code for verification.\n * Invalidates all existing codes.\n */\n public static cfgTotpBackupCodesRegenerateCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpBackupCodesRegenerateCreateData, ThrowOnError>): RequestResult<CfgTotpBackupCodesRegenerateCreateResponses, CfgTotpBackupCodesRegenerateCreateErrors, ThrowOnError> {\n return (options.client ?? client).post<CfgTotpBackupCodesRegenerateCreateResponses, CfgTotpBackupCodesRegenerateCreateErrors, ThrowOnError>({\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/totp/backup-codes/regenerate/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options.headers\n }\n });\n }\n}\n\nexport class CfgTotp {\n /**\n * List all TOTP devices for user.\n */\n public static cfgTotpDevicesRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgTotpDevicesRetrieveData, ThrowOnError>): RequestResult<CfgTotpDevicesRetrieveResponses, unknown, ThrowOnError> {\n return (options?.client ?? client).get<CfgTotpDevicesRetrieveResponses, unknown, ThrowOnError>({\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/totp/devices/',\n ...options\n });\n }\n \n /**\n * Delete a TOTP device.\n *\n * Requires verification code if removing the last/primary device.\n */\n public static cfgTotpDevicesDestroy<ThrowOnError extends boolean = false>(options: Options<CfgTotpDevicesDestroyData, ThrowOnError>): RequestResult<CfgTotpDevicesDestroyResponses, unknown, ThrowOnError> {\n return (options.client ?? client).delete<CfgTotpDevicesDestroyResponses, unknown, ThrowOnError>({\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/totp/devices/{id}/',\n ...options\n });\n }\n \n /**\n * Completely disable 2FA for account.\n *\n * Requires verification code.\n */\n public static cfgTotpDisableCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpDisableCreateData, ThrowOnError>): RequestResult<CfgTotpDisableCreateResponses, CfgTotpDisableCreateErrors, ThrowOnError> {\n return (options.client ?? client).post<CfgTotpDisableCreateResponses, CfgTotpDisableCreateErrors, ThrowOnError>({\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/totp/disable/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options.headers\n }\n });\n }\n}\n\nexport class CfgTotpSetup {\n /**\n * Start 2FA setup process.\n *\n * Creates a new TOTP device and returns QR code for scanning.\n */\n public static cfgTotpSetupCreate<ThrowOnError extends boolean = false>(options?: Options<CfgTotpSetupCreateData, ThrowOnError>): RequestResult<CfgTotpSetupCreateResponses, CfgTotpSetupCreateErrors, ThrowOnError> {\n return (options?.client ?? client).post<CfgTotpSetupCreateResponses, CfgTotpSetupCreateErrors, ThrowOnError>({\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/totp/setup/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options?.headers\n }\n });\n }\n \n /**\n * Confirm 2FA setup with first valid code.\n *\n * Activates the device and generates backup codes.\n */\n public static cfgTotpSetupConfirmCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpSetupConfirmCreateData, ThrowOnError>): RequestResult<CfgTotpSetupConfirmCreateResponses, CfgTotpSetupConfirmCreateErrors, ThrowOnError> {\n return (options.client ?? client).post<CfgTotpSetupConfirmCreateResponses, CfgTotpSetupConfirmCreateErrors, ThrowOnError>({\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/totp/setup/confirm/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options.headers\n }\n });\n }\n}\n\nexport class CfgTotpVerify {\n /**\n * Verify TOTP code for 2FA session.\n *\n * Completes authentication and returns JWT tokens on success.\n */\n public static cfgTotpVerifyCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpVerifyCreateData, ThrowOnError>): RequestResult<CfgTotpVerifyCreateResponses, CfgTotpVerifyCreateErrors, ThrowOnError> {\n return (options.client ?? client).post<CfgTotpVerifyCreateResponses, CfgTotpVerifyCreateErrors, ThrowOnError>({\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/totp/verify/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options.headers\n }\n });\n }\n \n /**\n * Verify backup recovery code for 2FA session.\n *\n * Alternative verification method when TOTP device unavailable.\n */\n public static cfgTotpVerifyBackupCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpVerifyBackupCreateData, ThrowOnError>): RequestResult<CfgTotpVerifyBackupCreateResponses, CfgTotpVerifyBackupCreateErrors, ThrowOnError> {\n return (options.client ?? client).post<CfgTotpVerifyBackupCreateResponses, CfgTotpVerifyBackupCreateErrors, ThrowOnError>({\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/totp/verify/backup/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options.headers\n }\n });\n }\n}\n","import { isDev } from \"./env\";\n/**\n * Analytics stub for @djangocfg/api/auth\n * Provides minimal analytics interface without external dependencies\n *\n * If you need full analytics, install @djangocfg/layouts and use its Analytics module\n */\n\nexport enum AnalyticsEvent {\n AUTH_OTP_REQUEST = 'auth_otp_request',\n AUTH_LOGIN_SUCCESS = 'auth_login_success',\n AUTH_OTP_VERIFY_FAIL = 'auth_otp_verify_fail',\n AUTH_SESSION_EXPIRED = 'auth_session_expired',\n AUTH_TOKEN_REFRESH = 'auth_token_refresh',\n AUTH_TOKEN_REFRESH_FAIL = 'auth_token_refresh_fail',\n AUTH_LOGOUT = 'auth_logout',\n AUTH_OAUTH_START = 'auth_oauth_start',\n AUTH_OAUTH_FAIL = 'auth_oauth_fail',\n}\n\nexport enum AnalyticsCategory {\n AUTH = 'auth',\n}\n\nexport type AnalyticsEventType = `${AnalyticsEvent}`;\nexport type AnalyticsCategoryType = `${AnalyticsCategory}`;\n\ninterface AnalyticsEventParams {\n category?: AnalyticsCategoryType;\n label?: string;\n value?: number;\n [key: string]: any;\n}\n\n/**\n * Minimal analytics implementation\n * Logs to console in development, silent in production\n */\nexport const Analytics = {\n /**\n * Track an analytics event\n */\n event(eventName: AnalyticsEventType, params?: AnalyticsEventParams) {\n if (isDev) {\n console.log('[Analytics]', eventName, params);\n }\n\n // You can extend this to send to your analytics service\n // Example: window.gtag?.('event', eventName, params);\n },\n\n /**\n * Set user ID for tracking\n */\n setUser(userId: string) {\n if (isDev) {\n console.log('[Analytics] Set user:', userId);\n }\n\n // You can extend this to send to your analytics service\n // Example: window.gtag?.('set', { user_id: userId });\n },\n};\n","'use client';\n\nimport { useState } from 'react';\n\nimport { authLogger } from '../utils/logger';\n\n/**\n * Simple sessionStorage hook with better error handling\n * @param key - Storage key\n * @param initialValue - Default value if key doesn't exist\n * @returns [value, setValue, removeValue] - Current value, setter function, and remove function\n */\nexport function useSessionStorage<T>(key: string, initialValue: T) {\n // Get initial value from sessionStorage or use provided initialValue\n const [storedValue, setStoredValue] = useState<T>(() => {\n if (typeof window === 'undefined') {\n return initialValue;\n }\n\n try {\n const item = window.sessionStorage.getItem(key);\n return item ? JSON.parse(item) : initialValue;\n } catch (error) {\n authLogger.error(`Error reading sessionStorage key \"${key}\":`, error);\n return initialValue;\n }\n });\n\n // Check data size and limit\n const checkDataSize = (data: any): boolean => {\n try {\n const jsonString = JSON.stringify(data);\n const sizeInBytes = new Blob([jsonString]).size;\n const sizeInKB = sizeInBytes / 1024;\n \n // Limit to 1MB per item\n if (sizeInKB > 1024) {\n authLogger.warn(`Data size (${sizeInKB.toFixed(2)}KB) exceeds 1MB limit for key \"${key}\"`);\n return false;\n }\n\n return true;\n } catch (error) {\n authLogger.error(`Error checking data size for key \"${key}\":`, error);\n return false;\n }\n };\n\n // Clear old data when sessionStorage is full\n const clearOldData = () => {\n try {\n const keys = Object.keys(sessionStorage).filter(key => key && typeof key === 'string');\n // Remove oldest items if we have more than 50 items\n if (keys.length > 50) {\n const itemsToRemove = Math.ceil(keys.length * 0.2);\n for (let i = 0; i < itemsToRemove; i++) {\n try {\n const key = keys[i];\n if (key) {\n sessionStorage.removeItem(key);\n sessionStorage.removeItem(`${key}_timestamp`);\n }\n } catch {\n // Ignore errors when removing items\n }\n }\n }\n } catch (error) {\n authLogger.error('Error clearing old sessionStorage data:', error);\n }\n };\n\n // Force clear all data if quota is exceeded\n const forceClearAll = () => {\n try {\n const keys = Object.keys(sessionStorage);\n for (const key of keys) {\n try {\n sessionStorage.removeItem(key);\n } catch {\n // Ignore errors when removing items\n }\n }\n } catch (error) {\n authLogger.error('Error force clearing sessionStorage:', error);\n }\n };\n\n // Update sessionStorage when value changes\n const setValue = (value: T | ((val: T) => T)) => {\n try {\n const valueToStore = value instanceof Function ? value(storedValue) : value;\n \n // Check data size before attempting to save\n if (!checkDataSize(valueToStore)) {\n authLogger.warn(`Data size too large for key \"${key}\", removing key`);\n // Remove the key if data is too large\n try {\n window.sessionStorage.removeItem(key);\n window.sessionStorage.removeItem(`${key}_timestamp`);\n } catch {\n // Ignore errors when removing\n }\n // Still update the state\n setStoredValue(valueToStore);\n return;\n }\n \n setStoredValue(valueToStore);\n\n if (typeof window !== 'undefined') {\n // Try to set the value\n try {\n window.sessionStorage.setItem(key, JSON.stringify(valueToStore));\n // Add timestamp for cleanup\n window.sessionStorage.setItem(`${key}_timestamp`, Date.now().toString());\n } catch (storageError: any) {\n // If quota exceeded, clear old data and try again\n if (storageError.name === 'QuotaExceededError' ||\n storageError.code === 22 ||\n storageError.message?.includes('quota')) {\n authLogger.warn('sessionStorage quota exceeded, clearing old data...');\n clearOldData();\n \n // Try again after clearing\n try {\n window.sessionStorage.setItem(key, JSON.stringify(valueToStore));\n window.sessionStorage.setItem(`${key}_timestamp`, Date.now().toString());\n } catch (retryError) {\n authLogger.error(`Failed to set sessionStorage key \"${key}\" after clearing old data:`, retryError);\n // If still fails, force clear all and try one more time\n try {\n forceClearAll();\n window.sessionStorage.setItem(key, JSON.stringify(valueToStore));\n window.sessionStorage.setItem(`${key}_timestamp`, Date.now().toString());\n } catch (finalError) {\n authLogger.error(`Failed to set sessionStorage key \"${key}\" after force clearing:`, finalError);\n // If still fails, just update the state without sessionStorage\n setStoredValue(valueToStore);\n }\n }\n } else {\n throw storageError;\n }\n }\n }\n } catch (error) {\n authLogger.error(`Error setting sessionStorage key \"${key}\":`, error);\n // Still update the state even if sessionStorage fails\n const valueToStore = value instanceof Function ? value(storedValue) : value;\n setStoredValue(valueToStore);\n }\n };\n\n // Remove value from sessionStorage\n const removeValue = () => {\n try {\n setStoredValue(initialValue);\n if (typeof window !== 'undefined') {\n try {\n window.sessionStorage.removeItem(key);\n window.sessionStorage.removeItem(`${key}_timestamp`);\n } catch (removeError: any) {\n // If removal fails due to quota, try to clear some data first\n if (removeError.name === 'QuotaExceededError' ||\n removeError.code === 22 ||\n removeError.message?.includes('quota')) {\n authLogger.warn('sessionStorage quota exceeded during removal, clearing old data...');\n clearOldData();\n \n try {\n window.sessionStorage.removeItem(key);\n window.sessionStorage.removeItem(`${key}_timestamp`);\n } catch (retryError) {\n authLogger.error(`Failed to remove sessionStorage key \"${key}\" after clearing:`, retryError);\n // If still fails, force clear all\n forceClearAll();\n }\n } else {\n throw removeError;\n }\n }\n }\n } catch (error) {\n authLogger.error(`Error removing sessionStorage key \"${key}\":`, error);\n }\n };\n\n return [storedValue, setValue, removeValue] as const;\n}\n","import { useSessionStorage } from './useSessionStorage';\n\nconst AUTH_REDIRECT_KEY = 'auth_redirect_url';\n\nexport interface AuthRedirectOptions {\n fallbackUrl?: string;\n clearOnUse?: boolean;\n}\n\n/**\n * Read redirect URL directly from sessionStorage (bypasses React state)\n * This is needed because different component instances have different React states\n */\nconst getRedirectFromStorage = (): string => {\n if (typeof window === 'undefined') return '';\n try {\n const item = window.sessionStorage.getItem(AUTH_REDIRECT_KEY);\n return item ? JSON.parse(item) : '';\n } catch {\n return '';\n }\n};\n\n/**\n * Clear redirect URL directly from sessionStorage\n */\nconst clearRedirectFromStorage = (): void => {\n if (typeof window === 'undefined') return;\n try {\n window.sessionStorage.removeItem(AUTH_REDIRECT_KEY);\n window.sessionStorage.removeItem(`${AUTH_REDIRECT_KEY}_timestamp`);\n } catch {\n // Ignore errors\n }\n};\n\n/**\n * Read the saved back-url without clearing it. Null when nothing saved —\n * unlike getFinalRedirectUrl, never substitutes a fallback.\n */\nexport const peekSavedRedirect = (): string | null => getRedirectFromStorage() || null;\n\n/**\n * Read AND clear the saved back-url (single-use intent). Null when nothing\n * saved. This is the one primitive every post-auth navigator uses to honor\n * \"return the user to where the guard bounced them from\".\n */\nexport const consumeSavedRedirect = (): string | null => {\n const stored = getRedirectFromStorage();\n if (stored) clearRedirectFromStorage();\n return stored || null;\n};\n\nexport const useAuthRedirectManager = (options: AuthRedirectOptions = {}) => {\n const { fallbackUrl = '/dashboard', clearOnUse = true } = options;\n const [redirectUrl, setRedirectUrl, removeRedirectUrl] = useSessionStorage<string>(AUTH_REDIRECT_KEY, '');\n\n const setRedirect = (url: string) => {\n setRedirectUrl(url);\n };\n\n const getRedirect = () => {\n // Read directly from storage to get latest value across components\n return getRedirectFromStorage() || redirectUrl;\n };\n\n const clearRedirect = () => {\n removeRedirectUrl();\n clearRedirectFromStorage();\n };\n\n const hasRedirect = () => {\n const stored = getRedirectFromStorage();\n return stored.length > 0 || redirectUrl.length > 0;\n };\n\n const getFinalRedirectUrl = () => {\n // Read directly from storage to get latest value across components\n const stored = getRedirectFromStorage();\n return stored || redirectUrl || fallbackUrl;\n };\n\n const useAndClearRedirect = () => {\n // Read directly from storage to ensure we get the latest saved URL\n // even if it was saved by a different component instance\n const stored = getRedirectFromStorage();\n const finalUrl = stored || redirectUrl || fallbackUrl;\n\n if (clearOnUse) {\n clearRedirect();\n }\n return finalUrl;\n };\n\n return {\n redirectUrl,\n setRedirect,\n getRedirect,\n clearRedirect,\n hasRedirect,\n getFinalRedirectUrl,\n useAndClearRedirect\n };\n}; ","'use client';\n\nimport { APIError } from '../../_api/generated/helpers';\n\n/**\n * Shared internals for the 2FA hook family (verify / setup / status).\n *\n * Before consolidation each of the three hooks re-implemented error extraction\n * and 6-digit validation slightly differently — three copies that drifted. This\n * module is the single source for both, so every 2FA verb reports errors and\n * validates codes identically.\n */\n\nconst TOTP_CODE_LENGTH = 6;\n\n/** A 2FA API error body may carry any of these message-ish fields. */\ninterface TwoFactorErrorBody {\n error?: unknown;\n detail?: unknown;\n message?: unknown;\n attempts_remaining?: unknown;\n}\n\n/**\n * Extract a human-readable message from a thrown error, unwrapping the\n * APIError response body (error → detail → message) before falling back.\n */\nexport function extractTwoFactorError(err: unknown, fallback: string): string {\n if (err instanceof APIError) {\n const body = (err.response ?? null) as TwoFactorErrorBody | null;\n if (typeof body?.error === 'string') return body.error;\n if (typeof body?.detail === 'string') return body.detail;\n if (typeof body?.message === 'string') return body.message;\n return err.errorMessage ?? err.message;\n }\n if (err instanceof Error) return err.message;\n return fallback;\n}\n\n/** Pull `attempts_remaining` off an APIError body, or null if absent. */\nexport function extractAttemptsRemaining(err: unknown): number | null {\n if (err instanceof APIError) {\n const body = (err.response ?? null) as TwoFactorErrorBody | null;\n if (typeof body?.attempts_remaining === 'number') return body.attempts_remaining;\n }\n return null;\n}\n\n/** True when `code` is a well-formed 6-digit TOTP code. */\nexport function isValidTotpCode(code: string): boolean {\n return !!code && code.length === TOTP_CODE_LENGTH;\n}\n\nexport { TOTP_CODE_LENGTH };\n","'use client';\n\nimport { useCallback, useState } from 'react';\n\nimport { auth } from '../../_api/generated/helpers/auth';\nimport { CfgAccountsOauth } from '../../_api/generated/sdk.gen';\nimport { Analytics, AnalyticsCategory, AnalyticsEvent } from '../utils/analytics';\nimport { authLogger } from '../utils/logger';\nimport { useCfgRouter } from './useCfgRouter';\n\nexport interface UseGithubAuthOptions {\n sourceUrl?: string;\n onSuccess?: (user: any, isNewUser: boolean) => void;\n onError?: (error: string) => void;\n /** Callback when 2FA is required */\n onRequires2FA?: (sessionId: string, shouldPrompt2FA: boolean) => void;\n redirectUrl?: string;\n /** Skip automatic redirect after success (caller handles navigation) */\n skipRedirect?: boolean;\n}\n\nexport interface UseGithubAuthReturn {\n isLoading: boolean;\n error: string | null;\n startGithubAuth: () => Promise<void>;\n handleGithubCallback: (code: string, state: string) => Promise<void>;\n}\n\n/**\n * Hook for GitHub OAuth authentication flow.\n *\n * Usage:\n * 1. Call startGithubAuth() to redirect user to GitHub\n * 2. After GitHub redirects back, call handleGithubCallback(code, state)\n *\n * @example\n * ```tsx\n * const { isLoading, error, startGithubAuth } = useGithubAuth({\n * onSuccess: (user) => router.push('/dashboard'),\n * onError: (error) => console.error(error),\n * });\n *\n * <Button onClick={startGithubAuth} disabled={isLoading}>\n * Continue with GitHub\n * </Button>\n * ```\n */\nexport const useGithubAuth = (options: UseGithubAuthOptions = {}): UseGithubAuthReturn => {\n const { sourceUrl, onSuccess, onError, onRequires2FA, redirectUrl, skipRedirect = false } = options;\n const router = useCfgRouter();\n\n const [isLoading, setIsLoading] = useState(false);\n const [error, setError] = useState<string | null>(null);\n\n /**\n * Start GitHub OAuth flow - redirects user to GitHub authorization page.\n */\n const startGithubAuth = useCallback(async () => {\n setIsLoading(true);\n setError(null);\n\n try {\n authLogger.info('Starting GitHub OAuth flow...');\n\n // Track OAuth start\n Analytics.event(AnalyticsEvent.AUTH_OAUTH_START, {\n category: AnalyticsCategory.AUTH,\n label: 'github',\n });\n\n // Call API to get authorization URL\n // The API will auto-generate redirect_uri from config if not provided\n const result = await CfgAccountsOauth.cfgAccountsOauthGithubAuthorizeCreate({\n body: {\n source_url: sourceUrl || (typeof window !== 'undefined' ? window.location.href : ''),\n },\n throwOnError: true,\n });\n const response = result.data;\n\n if (!response.authorization_url) {\n throw new Error('Failed to get authorization URL');\n }\n\n authLogger.info('Redirecting to GitHub...', response.authorization_url);\n\n if (typeof window !== 'undefined') {\n sessionStorage.setItem('oauth_state', response.state);\n sessionStorage.setItem('oauth_provider', 'github');\n }\n\n window.location.href = response.authorization_url;\n\n } catch (err) {\n const errorMessage = err instanceof Error ? err.message : 'Failed to start GitHub authentication';\n authLogger.error('GitHub OAuth start error:', err);\n setError(errorMessage);\n onError?.(errorMessage);\n\n // Track OAuth error\n Analytics.event(AnalyticsEvent.AUTH_OAUTH_FAIL, {\n category: AnalyticsCategory.AUTH,\n label: 'github',\n });\n } finally {\n setIsLoading(false);\n }\n }, [sourceUrl, onError]);\n\n /**\n * Handle GitHub OAuth callback - exchanges code for JWT tokens.\n *\n * @param code - Authorization code from GitHub callback\n * @param state - State token for CSRF verification\n */\n const handleGithubCallback = useCallback(async (code: string, state: string) => {\n setIsLoading(true);\n setError(null);\n\n try {\n authLogger.info('Processing GitHub OAuth callback...');\n\n // Verify state matches what we stored\n if (typeof window !== 'undefined') {\n const storedState = sessionStorage.getItem('oauth_state');\n if (storedState && storedState !== state) {\n throw new Error('Invalid OAuth state - possible CSRF attack');\n }\n // Clear stored state\n sessionStorage.removeItem('oauth_state');\n sessionStorage.removeItem('oauth_provider');\n }\n\n const result = await CfgAccountsOauth.cfgAccountsOauthGithubCallbackCreate({\n body: { code, state },\n throwOnError: true,\n });\n const response = result.data;\n\n // Check if 2FA is required\n if (response.requires_2fa && response.session_id) {\n authLogger.info('GitHub OAuth requires 2FA, session:', response.session_id);\n\n // Track 2FA requirement\n Analytics.event(AnalyticsEvent.AUTH_OAUTH_START, {\n category: AnalyticsCategory.AUTH,\n label: 'github-2fa-required',\n });\n\n // Call 2FA callback\n onRequires2FA?.(response.session_id, response.should_prompt_2fa || false);\n return;\n }\n\n if (!response.access || !response.refresh) {\n throw new Error('Invalid response from OAuth callback');\n }\n\n authLogger.info('GitHub OAuth successful, user:', response.user);\n\n // The ONE write path — atomic pair + session notification.\n auth.setSession({ access: response.access, refresh: response.refresh });\n\n // Track successful OAuth\n Analytics.event(AnalyticsEvent.AUTH_LOGIN_SUCCESS, {\n category: AnalyticsCategory.AUTH,\n label: 'github',\n });\n\n // Set user ID for future tracking\n if (response.user?.id) {\n Analytics.setUser(String(response.user.id));\n }\n\n // Call success callback\n onSuccess?.(response.user, response.is_new_user || false);\n\n // Redirect (unless skipRedirect is true)\n if (!skipRedirect) {\n // Use hardPush for full page reload - ensures all React contexts reinitialize\n const finalRedirectUrl = redirectUrl || '/dashboard';\n router.hardPush(finalRedirectUrl);\n }\n\n } catch (err) {\n const errorMessage = err instanceof Error ? err.message : 'GitHub authentication failed';\n authLogger.error('GitHub OAuth callback error:', err);\n setError(errorMessage);\n onError?.(errorMessage);\n\n // Track OAuth error\n Analytics.event(AnalyticsEvent.AUTH_OAUTH_FAIL, {\n category: AnalyticsCategory.AUTH,\n label: 'github',\n });\n } finally {\n setIsLoading(false);\n }\n }, [onSuccess, onError, redirectUrl, router]);\n\n return {\n isLoading,\n error,\n startGithubAuth,\n handleGithubCallback,\n };\n};\n","'use client';\n\nimport { useCallback, useState } from 'react';\n\nimport { CfgTotpSetup } from '../../_api/generated/sdk.gen';\nimport { authLogger } from '../utils/logger';\nimport { extractTwoFactorError, isValidTotpCode } from './twoFactor.shared';\n\nexport interface TwoFactorSetupData {\n /** Device ID to use for confirmation */\n deviceId: string;\n /** Base32-encoded TOTP secret (for manual entry) */\n secret: string;\n /** otpauth:// URI for QR code generation */\n provisioningUri: string;\n /** Base64-encoded QR code image (data URI) */\n qrCodeBase64: string;\n /** Seconds until setup expires */\n expiresIn: number;\n}\n\nexport interface UseTwoFactorSetupOptions {\n /** Callback when setup is confirmed and backup codes are generated */\n onComplete?: (backupCodes: string[]) => void;\n /** Callback on error */\n onError?: (error: string) => void;\n}\n\nexport interface UseTwoFactorSetupReturn {\n /** Loading state */\n isLoading: boolean;\n /** Error message */\n error: string | null;\n /** Setup data (QR code, secret, etc.) */\n setupData: TwoFactorSetupData | null;\n /** Backup codes after confirmation */\n backupCodes: string[] | null;\n /** Warning message about backup codes */\n backupCodesWarning: string | null;\n /** Current setup step */\n setupStep: 'idle' | 'scanning' | 'confirming' | 'complete';\n /** Start 2FA setup - returns QR code data */\n startSetup: (deviceName?: string) => Promise<TwoFactorSetupData | null>;\n /** Confirm setup with TOTP code - returns backup codes */\n confirmSetup: (code: string) => Promise<string[] | null>;\n /** Reset setup state */\n resetSetup: () => void;\n /** Clear error */\n clearError: () => void;\n}\n\n/**\n * 2FA setup — enabling TOTP (internal, composed by {@link useTwoFactor}).\n *\n * Flow: startSetup() → user scans QR → confirmSetup(code) → show backup codes.\n */\nexport const useTwoFactorSetup = (\n options: UseTwoFactorSetupOptions = {},\n): UseTwoFactorSetupReturn => {\n const { onComplete, onError } = options;\n\n const [isLoading, setIsLoading] = useState(false);\n const [error, setError] = useState<string | null>(null);\n const [setupData, setSetupData] = useState<TwoFactorSetupData | null>(null);\n const [backupCodes, setBackupCodes] = useState<string[] | null>(null);\n const [backupCodesWarning, setBackupCodesWarning] = useState<string | null>(null);\n const [setupStep, setSetupStep] = useState<'idle' | 'scanning' | 'confirming' | 'complete'>('idle');\n\n const clearError = useCallback(() => {\n setError(null);\n }, []);\n\n const resetSetup = useCallback(() => {\n setSetupData(null);\n setBackupCodes(null);\n setBackupCodesWarning(null);\n setSetupStep('idle');\n setError(null);\n }, []);\n\n const startSetup = useCallback(async (deviceName?: string): Promise<TwoFactorSetupData | null> => {\n setIsLoading(true);\n setError(null);\n setSetupStep('scanning');\n\n try {\n authLogger.info('Starting 2FA setup...');\n\n const result = await CfgTotpSetup.cfgTotpSetupCreate({\n body: { device_name: deviceName },\n throwOnError: true,\n });\n const response = result.data;\n\n const data: TwoFactorSetupData = {\n deviceId: response.device_id,\n secret: response.secret,\n provisioningUri: response.provisioning_uri,\n qrCodeBase64: response.qr_code_base64,\n expiresIn: response.expires_in,\n };\n\n setSetupData(data);\n authLogger.info('2FA setup initiated, expires in:', data.expiresIn, 'seconds');\n\n return data;\n } catch (err) {\n const errorMessage = extractTwoFactorError(err, 'Failed to start 2FA setup');\n authLogger.error('2FA setup error:', err);\n setError(errorMessage);\n setSetupStep('idle');\n onError?.(errorMessage);\n return null;\n } finally {\n setIsLoading(false);\n }\n }, [onError]);\n\n const confirmSetup = useCallback(async (code: string): Promise<string[] | null> => {\n if (!setupData) {\n const msg = 'Setup not started. Call startSetup() first.';\n setError(msg);\n onError?.(msg);\n return null;\n }\n if (!isValidTotpCode(code)) {\n const msg = 'Please enter a 6-digit code';\n setError(msg);\n onError?.(msg);\n return null;\n }\n\n setIsLoading(true);\n setError(null);\n setSetupStep('confirming');\n\n try {\n authLogger.info('Confirming 2FA setup...');\n\n const result = await CfgTotpSetup.cfgTotpSetupConfirmCreate({\n body: { device_id: setupData.deviceId, code },\n throwOnError: true,\n });\n const response = result.data;\n\n const codes = response.backup_codes;\n setBackupCodes(codes);\n setBackupCodesWarning(response.backup_codes_warning);\n setSetupStep('complete');\n\n authLogger.info('2FA setup confirmed, backup codes generated:', codes.length);\n\n onComplete?.(codes);\n return codes;\n } catch (err) {\n const errorMessage = extractTwoFactorError(err, 'Invalid code. Please try again.');\n authLogger.error('2FA setup confirmation error:', err);\n setError(errorMessage);\n setSetupStep('scanning'); // Go back to scanning step\n onError?.(errorMessage);\n return null;\n } finally {\n setIsLoading(false);\n }\n }, [setupData, onComplete, onError]);\n\n return {\n isLoading,\n error,\n setupData,\n backupCodes,\n backupCodesWarning,\n setupStep,\n startSetup,\n confirmSetup,\n resetSetup,\n clearError,\n };\n};\n","'use client';\n\nimport { useCallback, useState } from 'react';\n\nimport { CfgTotp } from '../../_api/generated/sdk.gen';\nimport { authLogger } from '../utils/logger';\nimport { extractTwoFactorError, isValidTotpCode } from './twoFactor.shared';\n\nexport interface TwoFactorDevice {\n id: string;\n name: string;\n createdAt: string;\n lastUsedAt: string | null;\n isPrimary: boolean;\n}\n\nexport interface UseTwoFactorStatusReturn {\n /** Loading state */\n isLoading: boolean;\n /** Error message */\n error: string | null;\n /** Whether 2FA is enabled for user */\n has2FAEnabled: boolean | null;\n /** List of TOTP devices */\n devices: TwoFactorDevice[];\n /** Fetch 2FA status */\n fetchStatus: () => Promise<void>;\n /** Disable 2FA (requires TOTP code) */\n disable2FA: (code: string) => Promise<boolean>;\n /** Clear error */\n clearError: () => void;\n}\n\n/**\n * Read and manage 2FA status (internal, composed by {@link useTwoFactor}).\n *\n * Fetches the device list / enabled flag and disables 2FA.\n */\nexport const useTwoFactorStatus = (): UseTwoFactorStatusReturn => {\n const [isLoading, setIsLoading] = useState(false);\n const [error, setError] = useState<string | null>(null);\n const [has2FAEnabled, setHas2FAEnabled] = useState<boolean | null>(null);\n const [devices, setDevices] = useState<TwoFactorDevice[]>([]);\n\n const clearError = useCallback(() => {\n setError(null);\n }, []);\n\n const fetchStatus = useCallback(async (): Promise<void> => {\n setIsLoading(true);\n setError(null);\n\n try {\n authLogger.info('Fetching 2FA status...');\n\n // API returns { devices: [...], has_2fa_enabled: bool }\n const result = await CfgTotp.cfgTotpDevicesRetrieve({ throwOnError: true });\n const response = result.data;\n\n const mappedDevices: TwoFactorDevice[] = response.devices.map((device) => ({\n id: device.id,\n name: device.name,\n createdAt: device.created_at,\n lastUsedAt: device.last_used_at ?? null,\n isPrimary: device.is_primary,\n }));\n\n setDevices(mappedDevices);\n setHas2FAEnabled(response.has_2fa_enabled);\n\n authLogger.info('2FA status:', response.has_2fa_enabled ? 'enabled' : 'disabled');\n } catch (err) {\n const errorMessage = extractTwoFactorError(err, 'Failed to fetch 2FA status');\n authLogger.error('Failed to fetch 2FA status:', err);\n setError(errorMessage);\n } finally {\n setIsLoading(false);\n }\n }, []);\n\n const disable2FA = useCallback(async (code: string): Promise<boolean> => {\n if (!isValidTotpCode(code)) {\n setError('Please enter a 6-digit code');\n return false;\n }\n\n setIsLoading(true);\n setError(null);\n\n try {\n authLogger.info('Disabling 2FA...');\n\n await CfgTotp.cfgTotpDisableCreate({ body: { code }, throwOnError: true });\n\n setHas2FAEnabled(false);\n setDevices([]);\n\n authLogger.info('2FA disabled successfully');\n return true;\n } catch (err: unknown) {\n const errorMessage = extractTwoFactorError(err, 'Invalid verification code');\n authLogger.error('Failed to disable 2FA:', err);\n setError(errorMessage);\n return false;\n } finally {\n setIsLoading(false);\n }\n }, []);\n\n return {\n isLoading,\n error,\n has2FAEnabled,\n devices,\n fetchStatus,\n disable2FA,\n clearError,\n };\n};\n","'use client';\n\nimport {\n useTwoFactorVerify,\n type UseTwoFactorVerifyOptions,\n type UseTwoFactorVerifyReturn,\n} from './useTwoFactorVerify';\nimport {\n useTwoFactorSetup,\n type TwoFactorSetupData,\n type UseTwoFactorSetupOptions,\n type UseTwoFactorSetupReturn,\n} from './useTwoFactorSetup';\nimport {\n useTwoFactorStatus,\n type TwoFactorDevice,\n type UseTwoFactorStatusReturn,\n} from './useTwoFactorStatus';\n\nexport interface UseTwoFactorOptions {\n /** Options for the login-time verification namespace */\n verify?: UseTwoFactorVerifyOptions;\n /** Options for the setup (enable) namespace */\n setup?: UseTwoFactorSetupOptions;\n}\n\nexport interface UseTwoFactorReturn {\n /** Verify a 2FA challenge during login (TOTP / backup code). */\n verify: UseTwoFactorVerifyReturn;\n /** Enable 2FA — QR provisioning → confirm → backup codes. */\n setup: UseTwoFactorSetupReturn;\n /** Read device list / enabled flag and disable 2FA. */\n status: UseTwoFactorStatusReturn;\n}\n\n/**\n * Single entry point for all two-factor authentication flows.\n *\n * The three concerns — **verify** (login), **setup** (enable) and **status**\n * (manage/disable) — are distinct verbs over the same `CfgTotp*` API, so each\n * is exposed as its own namespace with an independent loading/error surface:\n *\n * @example\n * ```tsx\n * const two = useTwoFactor({ verify: { redirectUrl: '/dashboard' } });\n *\n * await two.verify.verifyTOTP(sessionId, code); // login\n * await two.setup.startSetup('My iPhone'); // enable\n * await two.status.fetchStatus(); // manage\n * ```\n *\n * Consumers that only need one concern can compose the underlying hooks\n * directly (`useTwoFactorVerify` / `useTwoFactorSetup` / `useTwoFactorStatus`),\n * all re-exported alongside this one, to avoid mounting the others' state.\n */\nexport const useTwoFactor = (options: UseTwoFactorOptions = {}): UseTwoFactorReturn => {\n const verify = useTwoFactorVerify(options.verify);\n const setup = useTwoFactorSetup(options.setup);\n const status = useTwoFactorStatus();\n\n return { verify, setup, status };\n};\n\n// Namespaced sub-hooks — use directly when only one concern is needed.\nexport {\n useTwoFactorVerify,\n useTwoFactorSetup,\n useTwoFactorStatus,\n type UseTwoFactorVerifyOptions,\n type UseTwoFactorVerifyReturn,\n type UseTwoFactorSetupOptions,\n type UseTwoFactorSetupReturn,\n type UseTwoFactorStatusReturn,\n type TwoFactorSetupData,\n type TwoFactorDevice,\n};\n","'use client';\n\nimport { useEffect, useState } from 'react';\n\nimport { authLogger } from '../utils/logger';\n\n/**\n * Simple localStorage hook with better error handling\n * @param key - Storage key\n * @param initialValue - Default value if key doesn't exist\n * @returns [value, setValue, removeValue] - Current value, setter function, and remove function\n */\nexport function useLocalStorage<T>(key: string, initialValue: T) {\n // Get initial value from localStorage or use provided initialValue\n const [storedValue, setStoredValue] = useState<T>(() => {\n if (typeof window === 'undefined') {\n return initialValue;\n }\n\n try {\n const item = window.localStorage.getItem(key);\n if (item === null) {\n return initialValue;\n }\n \n // Try to parse as JSON first, fallback to string\n try {\n return JSON.parse(item);\n } catch {\n // If JSON.parse fails, return as string\n return item as T;\n }\n } catch (error) {\n authLogger.error(`Error reading localStorage key \"${key}\":`, error);\n return initialValue;\n }\n });\n\n // Check data size and limit\n const checkDataSize = (data: any): boolean => {\n try {\n const jsonString = JSON.stringify(data);\n const sizeInBytes = new Blob([jsonString]).size;\n const sizeInKB = sizeInBytes / 1024;\n \n // Limit to 1MB per item\n if (sizeInKB > 1024) {\n authLogger.warn(`Data size (${sizeInKB.toFixed(2)}KB) exceeds 1MB limit for key \"${key}\"`);\n return false;\n }\n\n return true;\n } catch (error) {\n authLogger.error(`Error checking data size for key \"${key}\":`, error);\n return false;\n }\n };\n\n // Clear old data when localStorage is full\n const clearOldData = () => {\n try {\n const keys = Object.keys(localStorage).filter(key => key && typeof key === 'string');\n // Remove oldest items if we have more than 50 items\n if (keys.length > 50) {\n const itemsToRemove = Math.ceil(keys.length * 0.2);\n for (let i = 0; i < itemsToRemove; i++) {\n try {\n const key = keys[i];\n if (key) {\n localStorage.removeItem(key);\n localStorage.removeItem(`${key}_timestamp`);\n }\n } catch {\n // Ignore errors when removing items\n }\n }\n }\n } catch (error) {\n authLogger.error('Error clearing old localStorage data:', error);\n }\n };\n\n // Force clear all data if quota is exceeded\n const forceClearAll = () => {\n try {\n const keys = Object.keys(localStorage);\n for (const key of keys) {\n try {\n localStorage.removeItem(key);\n } catch {\n // Ignore errors when removing items\n }\n }\n } catch (error) {\n authLogger.error('Error force clearing localStorage:', error);\n }\n };\n\n // Update localStorage when value changes\n const setValue = (value: T | ((val: T) => T)) => {\n try {\n const valueToStore = value instanceof Function ? value(storedValue) : value;\n \n // Check data size before attempting to save\n if (!checkDataSize(valueToStore)) {\n authLogger.warn(`Data size too large for key \"${key}\", removing key`);\n // Remove the key if data is too large\n try {\n window.localStorage.removeItem(key);\n window.localStorage.removeItem(`${key}_timestamp`);\n } catch {\n // Ignore errors when removing\n }\n // Still update the state\n setStoredValue(valueToStore);\n return;\n }\n \n setStoredValue(valueToStore);\n\n if (typeof window !== 'undefined') {\n // Try to set the value\n try {\n // For strings, store directly without JSON.stringify\n if (typeof valueToStore === 'string') {\n window.localStorage.setItem(key, valueToStore);\n } else {\n window.localStorage.setItem(key, JSON.stringify(valueToStore));\n }\n // Add timestamp for cleanup\n window.localStorage.setItem(`${key}_timestamp`, Date.now().toString());\n } catch (storageError: any) {\n // If quota exceeded, clear old data and try again\n if (storageError.name === 'QuotaExceededError' ||\n storageError.code === 22 ||\n storageError.message?.includes('quota')) {\n authLogger.warn('localStorage quota exceeded, clearing old data...');\n clearOldData();\n \n // Try again after clearing\n try {\n // For strings, store directly without JSON.stringify\n if (typeof valueToStore === 'string') {\n window.localStorage.setItem(key, valueToStore);\n } else {\n window.localStorage.setItem(key, JSON.stringify(valueToStore));\n }\n window.localStorage.setItem(`${key}_timestamp`, Date.now().toString());\n } catch (retryError) {\n authLogger.error(`Failed to set localStorage key \"${key}\" after clearing old data:`, retryError);\n // If still fails, force clear all and try one more time\n try {\n forceClearAll();\n // For strings, store directly without JSON.stringify\n if (typeof valueToStore === 'string') {\n window.localStorage.setItem(key, valueToStore);\n } else {\n window.localStorage.setItem(key, JSON.stringify(valueToStore));\n }\n window.localStorage.setItem(`${key}_timestamp`, Date.now().toString());\n } catch (finalError) {\n authLogger.error(`Failed to set localStorage key \"${key}\" after force clearing:`, finalError);\n // If still fails, just update the state without localStorage\n setStoredValue(valueToStore);\n }\n }\n } else {\n throw storageError;\n }\n }\n }\n } catch (error) {\n authLogger.error(`Error setting localStorage key \"${key}\":`, error);\n // Still update the state even if localStorage fails\n const valueToStore = value instanceof Function ? value(storedValue) : value;\n setStoredValue(valueToStore);\n }\n };\n\n // Remove value from localStorage\n const removeValue = () => {\n try {\n setStoredValue(initialValue);\n if (typeof window !== 'undefined') {\n try {\n window.localStorage.removeItem(key);\n window.localStorage.removeItem(`${key}_timestamp`);\n } catch (removeError: any) {\n // If removal fails due to quota, try to clear some data first\n if (removeError.name === 'QuotaExceededError' ||\n removeError.code === 22 ||\n removeError.message?.includes('quota')) {\n authLogger.warn('localStorage quota exceeded during removal, clearing old data...');\n clearOldData();\n \n try {\n window.localStorage.removeItem(key);\n window.localStorage.removeItem(`${key}_timestamp`);\n } catch (retryError) {\n authLogger.error(`Failed to remove localStorage key \"${key}\" after clearing:`, retryError);\n // If still fails, force clear all\n forceClearAll();\n }\n } else {\n throw removeError;\n }\n }\n }\n } catch (error) {\n authLogger.error(`Error removing localStorage key \"${key}\":`, error);\n }\n };\n\n return [storedValue, setValue, removeValue] as const;\n}\n","\"use client\"\n\n/**\n * Base64 Encoding/Decoding Hook\n *\n * Provides base64 encoding/decoding with dev mode detection:\n * - In production: encodes data to base64\n * - In development: returns data as-is (no encoding)\n */\n\nimport { isDev } from '../utils/env';\n\n/**\n * Encode string to base64\n * @param data - String data to encode\n * @returns Base64 encoded string (or original in dev mode)\n */\nexport function encodeBase64(data: string): string {\n if (isDev) {\n return data;\n }\n\n try {\n // Browser-safe base64 encoding\n if (typeof window !== 'undefined') {\n return btoa(encodeURIComponent(data).replace(/%([0-9A-F]{2})/g, (_, p1) => {\n return String.fromCharCode(parseInt(p1, 16));\n }));\n }\n // Node.js fallback\n return Buffer.from(data, 'utf-8').toString('base64');\n } catch (error) {\n console.error('Base64 encoding error:', error);\n return data; // Return original on error\n }\n}\n\n/**\n * Decode base64 to string\n * @param encoded - Base64 encoded string\n * @returns Decoded string (or original in dev mode)\n */\nexport function decodeBase64(encoded: string): string {\n if (isDev) {\n return encoded;\n }\n\n try {\n // Browser-safe base64 decoding\n if (typeof window !== 'undefined') {\n const binary = atob(encoded);\n const bytes = new Uint8Array(binary.length);\n for (let i = 0; i < binary.length; i++) {\n bytes[i] = binary.charCodeAt(i);\n }\n return decodeURIComponent(\n Array.from(bytes)\n .map(byte => '%' + ('00' + byte.toString(16)).slice(-2))\n .join('')\n );\n }\n // Node.js fallback\n return Buffer.from(encoded, 'base64').toString('utf-8');\n } catch (error) {\n console.error('Base64 decoding error:', error);\n return encoded; // Return original on error\n }\n}\n\n/**\n * Hook for base64 encoding/decoding\n * @returns Object with encode and decode functions\n */\nexport function useBase64() {\n return {\n encode: encodeBase64,\n decode: decodeBase64,\n isDev,\n };\n}\n","\"use client\"\n\n/**\n * Profile Cache Hook\n *\n * Provides localStorage-based caching for user profile with:\n * - TTL (Time To Live) - default 1 hour\n * - Version control for migrations\n * - Automatic invalidation on expiry\n */\n\nimport type { User } from '../../';\nimport { authLogger as profileLogger } from '../utils/logger';\nimport { decodeBase64, encodeBase64 } from './useBase64';\n\n// Cache configuration\nconst CACHE_KEY = 'user_profile_cache';\nconst CACHE_VERSION = 1;\nconst DEFAULT_TTL = 14400000; // 4 hours in milliseconds (reduced API calls, more resilient)\n\nexport interface ProfileCacheOptions {\n /** Time to live in milliseconds (default: 1 hour) */\n ttl?: number;\n}\n\ninterface CachedProfile {\n version: number;\n data: User;\n timestamp: number;\n ttl: number;\n}\n\n/**\n * Get cached profile from localStorage\n * @returns User profile if valid cache exists, null otherwise\n */\nexport function getCachedProfile(): User | null {\n try {\n if (typeof window === 'undefined') return null;\n\n const cached = localStorage.getItem(CACHE_KEY);\n if (!cached) {\n profileLogger.debug('No cached profile found');\n return null;\n }\n\n // Decode from base64\n const decoded = decodeBase64(cached);\n const cachedData: CachedProfile = JSON.parse(decoded);\n\n // Version check\n if (cachedData.version !== CACHE_VERSION) {\n profileLogger.warn('Cache version mismatch, clearing cache');\n clearProfileCache();\n return null;\n }\n\n // TTL check\n const now = Date.now();\n const age = now - cachedData.timestamp;\n if (age > cachedData.ttl) {\n profileLogger.info('Cache expired, clearing');\n clearProfileCache();\n return null;\n }\n\n profileLogger.debug('Cache hit, age:', Math.round(age / 1000), 'seconds');\n return cachedData.data;\n } catch (error) {\n profileLogger.error('Error reading cache:', error);\n clearProfileCache();\n return null;\n }\n}\n\n/**\n * Save profile to localStorage cache\n * @param profile - User profile to cache\n * @param options - Cache options (TTL)\n */\nexport function setCachedProfile(profile: User, options?: ProfileCacheOptions): void {\n try {\n if (typeof window === 'undefined') return;\n\n const cachedData: CachedProfile = {\n version: CACHE_VERSION,\n data: profile,\n timestamp: Date.now(),\n ttl: options?.ttl || DEFAULT_TTL,\n };\n\n // Encode to base64\n const encoded = encodeBase64(JSON.stringify(cachedData));\n localStorage.setItem(CACHE_KEY, encoded);\n profileLogger.debug('Profile cached, TTL:', cachedData.ttl / 1000, 'seconds');\n } catch (error) {\n profileLogger.error('Error writing cache:', error);\n }\n}\n\n/**\n * Clear profile cache from localStorage\n */\nexport function clearProfileCache(): void {\n try {\n if (typeof window === 'undefined') return;\n localStorage.removeItem(CACHE_KEY);\n profileLogger.debug('Cache cleared');\n } catch (error) {\n profileLogger.error('Error clearing cache:', error);\n }\n}\n\n/**\n * Check if cached profile is valid (exists and not expired)\n */\nexport function hasValidCache(): boolean {\n return getCachedProfile() !== null;\n}\n\n/**\n * Get cache metadata (age, TTL, etc.)\n */\nexport function getCacheMetadata(): {\n exists: boolean;\n age?: number;\n ttl?: number;\n expiresIn?: number;\n} | null {\n try {\n if (typeof window === 'undefined') return null;\n\n const cached = localStorage.getItem(CACHE_KEY);\n if (!cached) return { exists: false };\n\n // Decode from base64\n const decoded = decodeBase64(cached);\n const cachedData: CachedProfile = JSON.parse(decoded);\n const now = Date.now();\n const age = now - cachedData.timestamp;\n const expiresIn = cachedData.ttl - age;\n\n return {\n exists: true,\n age,\n ttl: cachedData.ttl,\n expiresIn: Math.max(0, expiresIn),\n };\n } catch (error) {\n profileLogger.error('Error reading metadata:', error);\n return null;\n }\n}\n","'use client';\n\nimport { useCallback, useState } from 'react';\n\nimport { apiAccounts } from '../../clients';\nimport { CfgAccountsProfile } from '../../_api/generated/sdk.gen';\nimport { useAuth } from '../context';\nimport { authLogger } from '../utils/logger';\n\nexport interface DeleteAccountResult {\n success: boolean;\n message: string;\n}\n\nexport interface UseDeleteAccountReturn {\n /** Loading state */\n isLoading: boolean;\n /** Error message */\n error: string | null;\n /** Delete the account */\n deleteAccount: () => Promise<DeleteAccountResult>;\n /** Clear error */\n clearError: () => void;\n}\n\n/**\n * Hook for deleting user account.\n *\n * This performs a soft delete - deactivates the account and anonymizes personal data.\n * The account can be restored by an administrator if needed.\n *\n * @example\n * ```tsx\n * const { deleteAccount, isLoading, error } = useDeleteAccount();\n *\n * const handleDelete = async () => {\n * const result = await deleteAccount();\n * if (result.success) {\n * // Account deleted, perform logout\n * await logout();\n * }\n * };\n * ```\n */\nexport const useDeleteAccount = (): UseDeleteAccountReturn => {\n const [isLoading, setIsLoading] = useState(false);\n const [error, setError] = useState<string | null>(null);\n const { logout } = useAuth();\n\n const clearError = useCallback(() => {\n setError(null);\n }, []);\n\n /**\n * Delete the user account (soft delete)\n */\n const deleteAccount = useCallback(async (): Promise<DeleteAccountResult> => {\n setIsLoading(true);\n setError(null);\n\n try {\n authLogger.info('Deleting account...');\n\n const result = await CfgAccountsProfile.cfgAccountsProfileDeleteCreate({ throwOnError: true });\n const response = result.data;\n\n if (!response.success) {\n authLogger.error('Failed to delete account:', response.message);\n setError(response.message);\n throw new Error(response.message);\n }\n\n } catch (error) {\n authLogger.error('Failed to delete account:', error);\n throw error;\n } finally {\n setIsLoading(false);\n }\n\n // Return success response\n\n await logout();\n return { success: true, message: 'Account deleted successfully' };\n }, []);\n\n return {\n isLoading,\n error,\n deleteAccount,\n clearError,\n };\n};\n","/**\n * CfgAccounts Context\n *\n * Manages user authentication and profile operations using generated SWR hooks.\n *\n * Features:\n * - OTP-based authentication\n * - User profile management\n * - Avatar upload\n * - Profile updates\n * - localStorage cache with TTL (1 hour)\n */\n\n\"use client\";\n\nimport {\n createContext, memo, ReactNode, useCallback, useContext, useEffect, useMemo, useRef, useState\n} from 'react';\n\nimport { auth } from '../../_api/generated/helpers/auth';\nimport { CfgAccountsAuth, CfgAccountsProfile } from '../../_api/generated/_cfg_accounts/sdk.gen';\nimport {\n useCfgAccountsOtpRequestCreate,\n useCfgAccountsOtpVerifyCreate,\n useCfgAccountsProfileAvatarCreate,\n useCfgAccountsProfilePartialUpdate,\n useCfgAccountsProfileUpdateUpdate,\n} from '../../_api/generated/_cfg_accounts/hooks';\nimport { PatchedCfgUserUpdateRequestSchema } from '../../_api/generated/_cfg_accounts/schemas';\nimport { clearProfileCache, getCachedProfile, setCachedProfile } from '../hooks/useProfileCache';\nimport { authLogger } from '../utils/logger';\n\nimport type {\n User,\n CfgUserUpdateRequest,\n PatchedCfgUserUpdateRequest,\n OtpRequestRequest,\n OtpVerifyRequest,\n OtpRequestResponse,\n OtpVerifyResponse,\n} from '../../_api/generated/_cfg_accounts/types.gen';\n\nexport { PatchedCfgUserUpdateRequestSchema };\nexport type { PatchedCfgUserUpdateRequest, User, CfgUserUpdateRequest as UserProfileUpdateRequest };\n\n// ─────────────────────────────────────────────────────────────────────────\n// Context Type\n// ─────────────────────────────────────────────────────────────────────────\n\nexport interface AccountsContextValue {\n profile?: User;\n isLoadingProfile: boolean;\n profileError: Error | null;\n\n updateProfile: (data: CfgUserUpdateRequest) => Promise<User>;\n partialUpdateProfile: (data: PatchedCfgUserUpdateRequest) => Promise<User>;\n uploadAvatar: (avatar: File | Blob) => Promise<User>;\n refreshProfile: (options?: { callerId?: string; force?: boolean }) => Promise<User | undefined>;\n\n requestOTP: (data: OtpRequestRequest) => Promise<OtpRequestResponse>;\n verifyOTP: (data: OtpVerifyRequest) => Promise<OtpVerifyResponse>;\n logout: () => void;\n}\n\nconst AccountsContext = createContext<AccountsContextValue | undefined>(undefined);\n\ninterface AccountsProviderProps {\n children: ReactNode;\n}\n\nexport function AccountsProvider({ children }: AccountsProviderProps) {\n const [profile, setProfile] = useState<User | undefined>(() => {\n const cached = getCachedProfile() as User | null;\n return cached || undefined;\n });\n const [isLoadingProfile, setIsLoadingProfile] = useState(false);\n const [profileError, setProfileError] = useState<Error | null>(null);\n\n const profileRef = useRef<User | undefined>(profile);\n const isLoadingRef = useRef(false);\n\n useEffect(() => {\n profileRef.current = profile;\n }, [profile]);\n\n useEffect(() => {\n isLoadingRef.current = isLoadingProfile;\n }, [isLoadingProfile]);\n\n const { trigger: triggerProfileUpdate } = useCfgAccountsProfileUpdateUpdate();\n const { trigger: triggerProfilePartialUpdate } = useCfgAccountsProfilePartialUpdate();\n const { trigger: triggerAvatar } = useCfgAccountsProfileAvatarCreate();\n const { trigger: triggerOtpRequest } = useCfgAccountsOtpRequestCreate();\n const { trigger: triggerOtpVerify } = useCfgAccountsOtpVerifyCreate();\n\n const refreshProfile = useCallback(async (options?: { callerId?: string; force?: boolean }): Promise<User | undefined> => {\n const { callerId, force } = options || {};\n\n if (isLoadingRef.current) {\n authLogger.debug(`Profile loading in progress, skipping (caller: ${callerId})`);\n return profileRef.current;\n }\n\n setIsLoadingProfile(true);\n isLoadingRef.current = true;\n setProfileError(null);\n try {\n authLogger.debug(`Fetching profile from API (caller: ${callerId}, force: ${force})`);\n const res = await CfgAccountsProfile.cfgAccountsProfileRetrieve({ throwOnError: true });\n const result = res.data;\n setProfile(result);\n profileRef.current = result;\n setCachedProfile(result);\n return result;\n } catch (error) {\n const err = error instanceof Error ? error : new Error('Failed to fetch profile');\n setProfileError(err);\n throw err;\n } finally {\n setIsLoadingProfile(false);\n isLoadingRef.current = false;\n }\n }, []);\n\n const updateProfile = async (data: CfgUserUpdateRequest): Promise<User> => {\n await triggerProfileUpdate({ body: data });\n const user = await refreshProfile({ callerId: 'updateProfile', force: true });\n return user as User;\n };\n\n const partialUpdateProfile = async (data: PatchedCfgUserUpdateRequest): Promise<User> => {\n await triggerProfilePartialUpdate({ body: data });\n const user = await refreshProfile({ callerId: 'partialUpdateProfile', force: true });\n return user as User;\n };\n\n const uploadAvatar = async (avatar: File | Blob): Promise<User> => {\n await triggerAvatar({ body: { avatar } });\n const user = await refreshProfile({ callerId: 'uploadAvatar', force: true });\n return user as User;\n };\n\n const requestOTP = async (data: OtpRequestRequest): Promise<OtpRequestResponse> => {\n const result = await triggerOtpRequest({ body: data });\n return result as OtpRequestResponse;\n };\n\n const verifyOTP = async (data: OtpVerifyRequest): Promise<OtpVerifyResponse> => {\n const result = (await triggerOtpVerify({ body: data })) as OtpVerifyResponse;\n\n if (result.requires_2fa && result.session_id) {\n authLogger.info('2FA required, session:', result.session_id);\n return result;\n }\n\n if (result.access && result.refresh) {\n // The ONE write path — atomic pair, notifies every session subscriber.\n auth.setSession({ access: result.access, refresh: result.refresh });\n try {\n await refreshProfile({ callerId: 'verifyOTP', force: true });\n } catch (profileError) {\n authLogger.warn('Profile refresh failed after OTP verify (tokens are saved):', profileError);\n }\n }\n\n return result;\n };\n\n const logout = useCallback(() => {\n // Best-effort server-side revocation: without blacklisting, a stolen\n // refresh token survives \"logout\" until it expires. Fire-and-forget —\n // local logout must never block on the network.\n const refresh = auth.getRefreshToken();\n if (refresh) {\n CfgAccountsAuth.cfgAccountsTokenBlacklistCreate({ body: { refresh } }).catch(() => {\n authLogger.warn('Refresh-token blacklist failed (logged out locally anyway)');\n });\n }\n auth.clearSession();\n setProfile(undefined);\n setProfileError(null);\n clearProfileCache();\n }, []);\n\n const value: AccountsContextValue = useMemo(() => ({\n profile,\n isLoadingProfile,\n profileError,\n updateProfile,\n partialUpdateProfile,\n uploadAvatar,\n refreshProfile,\n requestOTP,\n verifyOTP,\n logout,\n }), [\n profile,\n isLoadingProfile,\n profileError,\n updateProfile,\n partialUpdateProfile,\n uploadAvatar,\n refreshProfile,\n requestOTP,\n verifyOTP,\n logout,\n ]);\n\n return (\n <AccountsContext.Provider value={value}>\n {children}\n </AccountsContext.Provider>\n );\n}\n\nexport function useAccountsContext(): AccountsContextValue {\n const context = useContext(AccountsContext);\n if (!context) {\n throw new Error('useAccountsContext must be used within AccountsProvider');\n }\n return context;\n}\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// Regenerate API key\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccountsApiKey } from \"../../sdk.gen\";\nimport type { CfgAccountsApiKeyRegenerateCreateData, CfgAccountsApiKeyRegenerateCreateResponses } from \"../../types.gen\";\nimport { APIKeyRegenerateSchema } from \"../schemas/APIKeyRegenerate\";\n\ntype Args = Omit<CfgAccountsApiKeyRegenerateCreateData, \"url\">;\ntype Result = CfgAccountsApiKeyRegenerateCreateResponses[keyof CfgAccountsApiKeyRegenerateCreateResponses];\n\nexport function useCfgAccountsApiKeyRegenerateCreate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_api_key_regenerate_create\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_api_key_regenerate_create\"], Args>(\n [\"cfg_accounts_api_key_regenerate_create\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccountsApiKey.cfgAccountsApiKeyRegenerateCreate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = APIKeyRegenerateSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_api_key_regenerate_create\",\n method: \"POST\",\n path: \"/cfg/accounts/api-key/regenerate/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_api_key_regenerate_create\",\n method: \"POST\",\n path: \"/cfg/accounts/api-key/regenerate/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const APIKeyRegenerateSchema = z.object({\n key: z.string(),\n reissued_at: z.string().datetime({ offset: true }),\n});\n\nexport type APIKeyRegenerate = z.infer<typeof APIKeyRegenerateSchema>;\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// Get API key details\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWR from \"swr\";\nimport type { SWRConfiguration } from \"swr\";\nimport { CfgAccountsApiKey } from \"../../sdk.gen\";\nimport type { CfgAccountsApiKeyRetrieveData, CfgAccountsApiKeyRetrieveResponses } from \"../../types.gen\";\nimport { APIKeySchema } from \"../schemas/APIKey\";\n\ntype Result = CfgAccountsApiKeyRetrieveResponses[keyof CfgAccountsApiKeyRetrieveResponses];\n\n/**\n * Optional `enabled` flag — when `false`, the SWR key becomes `null` and\n * no request is made. Use for gated endpoints (auth-required, feature\n * flags, \"fetch only when X is selected\"). The flag is stripped before\n * being forwarded to `useSWR` so the underlying SWR config stays pristine.\n */\ntype HookConfig = SWRConfiguration<Result> & { enabled?: boolean };\n\nexport function useCfgAccountsApiKeyRetrieve(\n args?: Omit<CfgAccountsApiKeyRetrieveData, \"url\" | \"body\">,\n config?: HookConfig,\n) {\n const { enabled = true, ...swrConfig } = config ?? {};\n const key = enabled ? [\"cfg_accounts_api_key_retrieve\", args ?? {}] as const : null;\n return useSWR<Result>(\n key,\n async () => {\n const res = await CfgAccountsApiKey.cfgAccountsApiKeyRetrieve({ ...(args ?? {}), throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = APIKeySchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_api_key_retrieve\",\n method: \"GET\",\n path: \"/cfg/accounts/api-key/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_api_key_retrieve\",\n method: \"GET\",\n path: \"/cfg/accounts/api-key/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n swrConfig,\n );\n}\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const APIKeySchema = z.object({\n key: z.string(),\n reissued_at: z.string().datetime({ offset: true }).nullable(),\n created_at: z.string().datetime({ offset: true }),\n});\n\nexport type APIKey = z.infer<typeof APIKeySchema>;\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// Reveal API key\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccountsApiKey } from \"../../sdk.gen\";\nimport type { CfgAccountsApiKeyRevealCreateData, CfgAccountsApiKeyRevealCreateResponses } from \"../../types.gen\";\nimport { APIKeyRevealSchema } from \"../schemas/APIKeyReveal\";\n\ntype Args = Omit<CfgAccountsApiKeyRevealCreateData, \"url\">;\ntype Result = CfgAccountsApiKeyRevealCreateResponses[keyof CfgAccountsApiKeyRevealCreateResponses];\n\nexport function useCfgAccountsApiKeyRevealCreate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_api_key_reveal_create\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_api_key_reveal_create\"], Args>(\n [\"cfg_accounts_api_key_reveal_create\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccountsApiKey.cfgAccountsApiKeyRevealCreate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = APIKeyRevealSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_api_key_reveal_create\",\n method: \"POST\",\n path: \"/cfg/accounts/api-key/reveal/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_api_key_reveal_create\",\n method: \"POST\",\n path: \"/cfg/accounts/api-key/reveal/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const APIKeyRevealSchema = z.object({\n key: z.string(),\n created_at: z.string().datetime({ offset: true }),\n reissued_at: z.string().datetime({ offset: true }).nullable(),\n});\n\nexport type APIKeyReveal = z.infer<typeof APIKeyRevealSchema>;\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// Test API key\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccountsApiKey } from \"../../sdk.gen\";\nimport type { CfgAccountsApiKeyTestCreateData, CfgAccountsApiKeyTestCreateResponses } from \"../../types.gen\";\nimport { APIKeyTestResultSchema } from \"../schemas/APIKeyTestResult\";\n\ntype Args = Omit<CfgAccountsApiKeyTestCreateData, \"url\">;\ntype Result = CfgAccountsApiKeyTestCreateResponses[keyof CfgAccountsApiKeyTestCreateResponses];\n\nexport function useCfgAccountsApiKeyTestCreate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_api_key_test_create\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_api_key_test_create\"], Args>(\n [\"cfg_accounts_api_key_test_create\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccountsApiKey.cfgAccountsApiKeyTestCreate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = APIKeyTestResultSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_api_key_test_create\",\n method: \"POST\",\n path: \"/cfg/accounts/api-key/test/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_api_key_test_create\",\n method: \"POST\",\n path: \"/cfg/accounts/api-key/test/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const APIKeyTestResultSchema = z.object({\n valid: z.boolean(),\n user_id: z.string().nullable(),\n});\n\nexport type APIKeyTestResult = z.infer<typeof APIKeyTestResultSchema>;\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// List OAuth connections\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWR from \"swr\";\nimport type { SWRConfiguration } from \"swr\";\nimport { CfgAccountsOauth } from \"../../sdk.gen\";\nimport type { CfgAccountsOauthConnectionsListData, CfgAccountsOauthConnectionsListResponses } from \"../../types.gen\";\nimport { cfg_accounts_oauth_connections_response_200_AutoRefSchema } from \"../schemas/cfg_accounts_oauth_connections_response_200_AutoRef\";\n\ntype Result = CfgAccountsOauthConnectionsListResponses[keyof CfgAccountsOauthConnectionsListResponses];\n\n/**\n * Optional `enabled` flag — when `false`, the SWR key becomes `null` and\n * no request is made. Use for gated endpoints (auth-required, feature\n * flags, \"fetch only when X is selected\"). The flag is stripped before\n * being forwarded to `useSWR` so the underlying SWR config stays pristine.\n */\ntype HookConfig = SWRConfiguration<Result> & { enabled?: boolean };\n\nexport function useCfgAccountsOauthConnectionsList(\n args?: Omit<CfgAccountsOauthConnectionsListData, \"url\" | \"body\">,\n config?: HookConfig,\n) {\n const { enabled = true, ...swrConfig } = config ?? {};\n const key = enabled ? [\"cfg_accounts_oauth_connections_list\", args ?? {}] as const : null;\n return useSWR<Result>(\n key,\n async () => {\n const res = await CfgAccountsOauth.cfgAccountsOauthConnectionsList({ ...(args ?? {}), throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = cfg_accounts_oauth_connections_response_200_AutoRefSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_oauth_connections_list\",\n method: \"GET\",\n path: \"/cfg/accounts/oauth/connections/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_oauth_connections_list\",\n method: \"GET\",\n path: \"/cfg/accounts/oauth/connections/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n swrConfig,\n );\n}\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\nimport { OAuthConnectionSchema } from \"./OAuthConnection\";\n\nexport const cfg_accounts_oauth_connections_response_200_AutoRefSchema = z.array(OAuthConnectionSchema);\n\nexport type cfg_accounts_oauth_connections_response_200_AutoRef = z.infer<typeof cfg_accounts_oauth_connections_response_200_AutoRefSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\nimport { OAuthProviderEnumSchema } from \"./OAuthProviderEnum\";\n\nexport const OAuthConnectionSchema = z.object({\n id: z.number().int(),\n provider: OAuthProviderEnumSchema,\n provider_display: z.string(),\n provider_username: z.string(),\n provider_email: z.email(),\n provider_avatar_url: z.string(),\n connected_at: z.string().datetime({ offset: true }),\n last_login_at: z.string().datetime({ offset: true }),\n});\n\nexport type OAuthConnection = z.infer<typeof OAuthConnectionSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const OAuthProviderEnumSchema = z.enum([\"github\"]);\n\nexport type OAuthProviderEnum = z.infer<typeof OAuthProviderEnumSchema>;\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// Disconnect OAuth provider\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccountsOauth } from \"../../sdk.gen\";\nimport type { CfgAccountsOauthDisconnectCreateData, CfgAccountsOauthDisconnectCreateResponses } from \"../../types.gen\";\nimport { cfg_accounts_oauth_disconnect_response_200_AutoRefSchema } from \"../schemas/cfg_accounts_oauth_disconnect_response_200_AutoRef\";\n\ntype Args = Omit<CfgAccountsOauthDisconnectCreateData, \"url\">;\ntype Result = CfgAccountsOauthDisconnectCreateResponses[keyof CfgAccountsOauthDisconnectCreateResponses];\n\nexport function useCfgAccountsOauthDisconnectCreate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_oauth_disconnect_create\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_oauth_disconnect_create\"], Args>(\n [\"cfg_accounts_oauth_disconnect_create\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccountsOauth.cfgAccountsOauthDisconnectCreate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = cfg_accounts_oauth_disconnect_response_200_AutoRefSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_oauth_disconnect_create\",\n method: \"POST\",\n path: \"/cfg/accounts/oauth/disconnect/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_oauth_disconnect_create\",\n method: \"POST\",\n path: \"/cfg/accounts/oauth/disconnect/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const cfg_accounts_oauth_disconnect_response_200_AutoRefSchema = z.object({\n message: z.string().optional(),\n});\n\nexport type cfg_accounts_oauth_disconnect_response_200_AutoRef = z.infer<typeof cfg_accounts_oauth_disconnect_response_200_AutoRefSchema>;\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// Start GitHub OAuth\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccountsOauth } from \"../../sdk.gen\";\nimport type { CfgAccountsOauthGithubAuthorizeCreateData, CfgAccountsOauthGithubAuthorizeCreateResponses } from \"../../types.gen\";\nimport { OAuthAuthorizeResponseSchema } from \"../schemas/OAuthAuthorizeResponse\";\n\ntype Args = Omit<CfgAccountsOauthGithubAuthorizeCreateData, \"url\">;\ntype Result = CfgAccountsOauthGithubAuthorizeCreateResponses[keyof CfgAccountsOauthGithubAuthorizeCreateResponses];\n\nexport function useCfgAccountsOauthGithubAuthorizeCreate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_oauth_github_authorize_create\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_oauth_github_authorize_create\"], Args>(\n [\"cfg_accounts_oauth_github_authorize_create\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccountsOauth.cfgAccountsOauthGithubAuthorizeCreate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = OAuthAuthorizeResponseSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_oauth_github_authorize_create\",\n method: \"POST\",\n path: \"/cfg/accounts/oauth/github/authorize/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_oauth_github_authorize_create\",\n method: \"POST\",\n path: \"/cfg/accounts/oauth/github/authorize/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const OAuthAuthorizeResponseSchema = z.object({\n authorization_url: z.string(),\n state: z.string(),\n});\n\nexport type OAuthAuthorizeResponse = z.infer<typeof OAuthAuthorizeResponseSchema>;\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// Complete GitHub OAuth\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccountsOauth } from \"../../sdk.gen\";\nimport type { CfgAccountsOauthGithubCallbackCreateData, CfgAccountsOauthGithubCallbackCreateResponses } from \"../../types.gen\";\nimport { OAuthTokenResponseSchema } from \"../schemas/OAuthTokenResponse\";\n\ntype Args = Omit<CfgAccountsOauthGithubCallbackCreateData, \"url\">;\ntype Result = CfgAccountsOauthGithubCallbackCreateResponses[keyof CfgAccountsOauthGithubCallbackCreateResponses];\n\nexport function useCfgAccountsOauthGithubCallbackCreate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_oauth_github_callback_create\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_oauth_github_callback_create\"], Args>(\n [\"cfg_accounts_oauth_github_callback_create\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccountsOauth.cfgAccountsOauthGithubCallbackCreate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = OAuthTokenResponseSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_oauth_github_callback_create\",\n method: \"POST\",\n path: \"/cfg/accounts/oauth/github/callback/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_oauth_github_callback_create\",\n method: \"POST\",\n path: \"/cfg/accounts/oauth/github/callback/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const OAuthTokenResponseSchema = z.object({\n requires_2fa: z.boolean().default(false).optional(),\n session_id: z.string().regex(/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i).nullable().optional(),\n access: z.string().nullable().optional(),\n refresh: z.string().nullable().optional(),\n user: z.object({}).passthrough().nullable().optional(),\n is_new_user: z.boolean().default(false).optional(),\n is_new_connection: z.boolean().default(false).optional(),\n should_prompt_2fa: z.boolean().optional(),\n});\n\nexport type OAuthTokenResponse = z.infer<typeof OAuthTokenResponseSchema>;\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// List OAuth providers\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWR from \"swr\";\nimport type { SWRConfiguration } from \"swr\";\nimport { CfgAccountsOauth } from \"../../sdk.gen\";\nimport type { CfgAccountsOauthProvidersRetrieveData, CfgAccountsOauthProvidersRetrieveResponses } from \"../../types.gen\";\nimport { OAuthProvidersResponseSchema } from \"../schemas/OAuthProvidersResponse\";\n\ntype Result = CfgAccountsOauthProvidersRetrieveResponses[keyof CfgAccountsOauthProvidersRetrieveResponses];\n\n/**\n * Optional `enabled` flag — when `false`, the SWR key becomes `null` and\n * no request is made. Use for gated endpoints (auth-required, feature\n * flags, \"fetch only when X is selected\"). The flag is stripped before\n * being forwarded to `useSWR` so the underlying SWR config stays pristine.\n */\ntype HookConfig = SWRConfiguration<Result> & { enabled?: boolean };\n\nexport function useCfgAccountsOauthProvidersRetrieve(\n args?: Omit<CfgAccountsOauthProvidersRetrieveData, \"url\" | \"body\">,\n config?: HookConfig,\n) {\n const { enabled = true, ...swrConfig } = config ?? {};\n const key = enabled ? [\"cfg_accounts_oauth_providers_retrieve\", args ?? {}] as const : null;\n return useSWR<Result>(\n key,\n async () => {\n const res = await CfgAccountsOauth.cfgAccountsOauthProvidersRetrieve({ ...(args ?? {}), throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = OAuthProvidersResponseSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_oauth_providers_retrieve\",\n method: \"GET\",\n path: \"/cfg/accounts/oauth/providers/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_oauth_providers_retrieve\",\n method: \"GET\",\n path: \"/cfg/accounts/oauth/providers/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n swrConfig,\n );\n}\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const OAuthProvidersResponseSchema = z.object({\n providers: z.array(z.object({}).passthrough()),\n});\n\nexport type OAuthProvidersResponse = z.infer<typeof OAuthProvidersResponseSchema>;\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// POST /cfg/accounts/otp/request/\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccounts } from \"../../sdk.gen\";\nimport type { CfgAccountsOtpRequestCreateData, CfgAccountsOtpRequestCreateResponses } from \"../../types.gen\";\nimport { OTPRequestResponseSchema } from \"../schemas/OTPRequestResponse\";\n\ntype Args = Omit<CfgAccountsOtpRequestCreateData, \"url\">;\ntype Result = CfgAccountsOtpRequestCreateResponses[keyof CfgAccountsOtpRequestCreateResponses];\n\nexport function useCfgAccountsOtpRequestCreate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_otp_request_create\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_otp_request_create\"], Args>(\n [\"cfg_accounts_otp_request_create\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccounts.cfgAccountsOtpRequestCreate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = OTPRequestResponseSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_otp_request_create\",\n method: \"POST\",\n path: \"/cfg/accounts/otp/request/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_otp_request_create\",\n method: \"POST\",\n path: \"/cfg/accounts/otp/request/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\nimport { WebmailLinkSchema } from \"./WebmailLink\";\n\nexport const OTPRequestResponseSchema = z.object({\n message: z.string(),\n webmail: WebmailLinkSchema.nullable().optional(),\n});\n\nexport type OTPRequestResponse = z.infer<typeof OTPRequestResponseSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\nimport { WebmailLinkProviderEnumSchema } from \"./WebmailLinkProviderEnum\";\n\nexport const WebmailLinkSchema = z.object({\n provider: WebmailLinkProviderEnumSchema,\n provider_name: z.string(),\n url: z.string(),\n is_search: z.boolean(),\n});\n\nexport type WebmailLink = z.infer<typeof WebmailLinkSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const WebmailLinkProviderEnumSchema = z.enum([\"gmail\", \"outlook\", \"yahoo\", \"icloud\", \"proton\", \"zoho\", \"aol\", \"fastmail\", \"gmx\", \"mailcom\", \"mail_ru\", \"yandex\", \"rambler\", \"qq\", \"netease\", \"sina\", \"aliyun\", \"naver\", \"daum\", \"web_de\", \"tonline\", \"seznam\", \"wp_pl\", \"o2_pl\", \"interia\", \"libero\", \"virgilio\", \"orange\", \"laposte\", \"free_fr\", \"sfr\"]);\n\nexport type WebmailLinkProviderEnum = z.infer<typeof WebmailLinkProviderEnumSchema>;\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// POST /cfg/accounts/otp/verify/\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccounts } from \"../../sdk.gen\";\nimport type { CfgAccountsOtpVerifyCreateData, CfgAccountsOtpVerifyCreateResponses } from \"../../types.gen\";\nimport { OTPVerifyResponseSchema } from \"../schemas/OTPVerifyResponse\";\n\ntype Args = Omit<CfgAccountsOtpVerifyCreateData, \"url\">;\ntype Result = CfgAccountsOtpVerifyCreateResponses[keyof CfgAccountsOtpVerifyCreateResponses];\n\nexport function useCfgAccountsOtpVerifyCreate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_otp_verify_create\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_otp_verify_create\"], Args>(\n [\"cfg_accounts_otp_verify_create\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccounts.cfgAccountsOtpVerifyCreate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = OTPVerifyResponseSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_otp_verify_create\",\n method: \"POST\",\n path: \"/cfg/accounts/otp/verify/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_otp_verify_create\",\n method: \"POST\",\n path: \"/cfg/accounts/otp/verify/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\nimport { UserSchema } from \"./User\";\n\nexport const OTPVerifyResponseSchema = z.object({\n requires_2fa: z.boolean().default(false).optional(),\n session_id: z.string().regex(/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i).nullable().optional(),\n refresh: z.string().nullable().optional(),\n access: z.string().nullable().optional(),\n user: UserSchema.nullable().optional(),\n should_prompt_2fa: z.boolean().optional(),\n});\n\nexport type OTPVerifyResponse = z.infer<typeof OTPVerifyResponseSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\nimport { CentrifugoTokenSchema } from \"./CentrifugoToken\";\n\nexport const UserSchema = z.object({\n id: z.number().int(),\n email: z.email(),\n first_name: z.string().max(50).nullable().optional(),\n last_name: z.string().max(50).nullable().optional(),\n full_name: z.string(),\n initials: z.string(),\n display_username: z.string(),\n company: z.string().max(100).nullable().optional(),\n phone: z.string().max(20).nullable().optional(),\n position: z.string().max(100).nullable().optional(),\n language: z.string().max(10).nullable().optional(),\n timezone: z.string().max(64).nullable().optional(),\n avatar: z.string().nullable(),\n is_staff: z.boolean(),\n is_superuser: z.boolean(),\n date_joined: z.string().datetime({ offset: true }),\n last_login: z.string().datetime({ offset: true }).nullable(),\n unanswered_messages_count: z.number().int().default(0),\n centrifugo: CentrifugoTokenSchema.nullable(),\n api_key: z.string().nullable(),\n});\n\nexport type User = z.infer<typeof UserSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const CentrifugoTokenSchema = z.object({\n token: z.string(),\n centrifugo_url: z.string(),\n expires_at: z.string().datetime({ offset: true }),\n channels: z.array(z.string()),\n});\n\nexport type CentrifugoToken = z.infer<typeof CentrifugoTokenSchema>;\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// Upload user avatar\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccountsProfile } from \"../../sdk.gen\";\nimport type { CfgAccountsProfileAvatarCreateData, CfgAccountsProfileAvatarCreateResponses } from \"../../types.gen\";\nimport { UserSchema } from \"../schemas/User\";\n\ntype Args = Omit<CfgAccountsProfileAvatarCreateData, \"url\">;\ntype Result = CfgAccountsProfileAvatarCreateResponses[keyof CfgAccountsProfileAvatarCreateResponses];\n\nexport function useCfgAccountsProfileAvatarCreate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_profile_avatar_create\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_profile_avatar_create\"], Args>(\n [\"cfg_accounts_profile_avatar_create\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccountsProfile.cfgAccountsProfileAvatarCreate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = UserSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_profile_avatar_create\",\n method: \"POST\",\n path: \"/cfg/accounts/profile/avatar/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_profile_avatar_create\",\n method: \"POST\",\n path: \"/cfg/accounts/profile/avatar/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// Delete user account\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccountsProfile } from \"../../sdk.gen\";\nimport type { CfgAccountsProfileDeleteCreateData, CfgAccountsProfileDeleteCreateResponses } from \"../../types.gen\";\nimport { AccountDeleteResponseSchema } from \"../schemas/AccountDeleteResponse\";\n\ntype Args = Omit<CfgAccountsProfileDeleteCreateData, \"url\">;\ntype Result = CfgAccountsProfileDeleteCreateResponses[keyof CfgAccountsProfileDeleteCreateResponses];\n\nexport function useCfgAccountsProfileDeleteCreate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_profile_delete_create\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_profile_delete_create\"], Args>(\n [\"cfg_accounts_profile_delete_create\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccountsProfile.cfgAccountsProfileDeleteCreate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = AccountDeleteResponseSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_profile_delete_create\",\n method: \"POST\",\n path: \"/cfg/accounts/profile/delete/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_profile_delete_create\",\n method: \"POST\",\n path: \"/cfg/accounts/profile/delete/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const AccountDeleteResponseSchema = z.object({\n success: z.boolean(),\n message: z.string(),\n});\n\nexport type AccountDeleteResponse = z.infer<typeof AccountDeleteResponseSchema>;\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// Partial update user profile\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccountsProfile } from \"../../sdk.gen\";\nimport type { CfgAccountsProfilePartialPartialUpdateData, CfgAccountsProfilePartialPartialUpdateResponses } from \"../../types.gen\";\nimport { UserSchema } from \"../schemas/User\";\n\ntype Args = Omit<CfgAccountsProfilePartialPartialUpdateData, \"url\">;\ntype Result = CfgAccountsProfilePartialPartialUpdateResponses[keyof CfgAccountsProfilePartialPartialUpdateResponses];\n\nexport function useCfgAccountsProfilePartialPartialUpdate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_profile_partial_partial_update\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_profile_partial_partial_update\"], Args>(\n [\"cfg_accounts_profile_partial_partial_update\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccountsProfile.cfgAccountsProfilePartialPartialUpdate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = UserSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_profile_partial_partial_update\",\n method: \"PATCH\",\n path: \"/cfg/accounts/profile/partial/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_profile_partial_partial_update\",\n method: \"PATCH\",\n path: \"/cfg/accounts/profile/partial/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// Partial update user profile\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccountsProfile } from \"../../sdk.gen\";\nimport type { CfgAccountsProfilePartialUpdateData, CfgAccountsProfilePartialUpdateResponses } from \"../../types.gen\";\nimport { UserSchema } from \"../schemas/User\";\n\ntype Args = Omit<CfgAccountsProfilePartialUpdateData, \"url\">;\ntype Result = CfgAccountsProfilePartialUpdateResponses[keyof CfgAccountsProfilePartialUpdateResponses];\n\nexport function useCfgAccountsProfilePartialUpdate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_profile_partial_update\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_profile_partial_update\"], Args>(\n [\"cfg_accounts_profile_partial_update\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccountsProfile.cfgAccountsProfilePartialUpdate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = UserSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_profile_partial_update\",\n method: \"PUT\",\n path: \"/cfg/accounts/profile/partial/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_profile_partial_update\",\n method: \"PUT\",\n path: \"/cfg/accounts/profile/partial/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// Get current user profile\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWR from \"swr\";\nimport type { SWRConfiguration } from \"swr\";\nimport { CfgAccountsProfile } from \"../../sdk.gen\";\nimport type { CfgAccountsProfileRetrieveData, CfgAccountsProfileRetrieveResponses } from \"../../types.gen\";\nimport { UserSchema } from \"../schemas/User\";\n\ntype Result = CfgAccountsProfileRetrieveResponses[keyof CfgAccountsProfileRetrieveResponses];\n\n/**\n * Optional `enabled` flag — when `false`, the SWR key becomes `null` and\n * no request is made. Use for gated endpoints (auth-required, feature\n * flags, \"fetch only when X is selected\"). The flag is stripped before\n * being forwarded to `useSWR` so the underlying SWR config stays pristine.\n */\ntype HookConfig = SWRConfiguration<Result> & { enabled?: boolean };\n\nexport function useCfgAccountsProfileRetrieve(\n args?: Omit<CfgAccountsProfileRetrieveData, \"url\" | \"body\">,\n config?: HookConfig,\n) {\n const { enabled = true, ...swrConfig } = config ?? {};\n const key = enabled ? [\"cfg_accounts_profile_retrieve\", args ?? {}] as const : null;\n return useSWR<Result>(\n key,\n async () => {\n const res = await CfgAccountsProfile.cfgAccountsProfileRetrieve({ ...(args ?? {}), throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = UserSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_profile_retrieve\",\n method: \"GET\",\n path: \"/cfg/accounts/profile/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_profile_retrieve\",\n method: \"GET\",\n path: \"/cfg/accounts/profile/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n swrConfig,\n );\n}\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// Update user profile\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccountsProfile } from \"../../sdk.gen\";\nimport type { CfgAccountsProfileUpdatePartialUpdateData, CfgAccountsProfileUpdatePartialUpdateResponses } from \"../../types.gen\";\nimport { UserSchema } from \"../schemas/User\";\n\ntype Args = Omit<CfgAccountsProfileUpdatePartialUpdateData, \"url\">;\ntype Result = CfgAccountsProfileUpdatePartialUpdateResponses[keyof CfgAccountsProfileUpdatePartialUpdateResponses];\n\nexport function useCfgAccountsProfileUpdatePartialUpdate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_profile_update_partial_update\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_profile_update_partial_update\"], Args>(\n [\"cfg_accounts_profile_update_partial_update\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccountsProfile.cfgAccountsProfileUpdatePartialUpdate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = UserSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_profile_update_partial_update\",\n method: \"PATCH\",\n path: \"/cfg/accounts/profile/update/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_profile_update_partial_update\",\n method: \"PATCH\",\n path: \"/cfg/accounts/profile/update/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// Update user profile\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccountsProfile } from \"../../sdk.gen\";\nimport type { CfgAccountsProfileUpdateUpdateData, CfgAccountsProfileUpdateUpdateResponses } from \"../../types.gen\";\nimport { UserSchema } from \"../schemas/User\";\n\ntype Args = Omit<CfgAccountsProfileUpdateUpdateData, \"url\">;\ntype Result = CfgAccountsProfileUpdateUpdateResponses[keyof CfgAccountsProfileUpdateUpdateResponses];\n\nexport function useCfgAccountsProfileUpdateUpdate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_profile_update_update\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_profile_update_update\"], Args>(\n [\"cfg_accounts_profile_update_update\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccountsProfile.cfgAccountsProfileUpdateUpdate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = UserSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_profile_update_update\",\n method: \"PUT\",\n path: \"/cfg/accounts/profile/update/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_profile_update_update\",\n method: \"PUT\",\n path: \"/cfg/accounts/profile/update/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// POST /cfg/accounts/token/blacklist/\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccountsAuth } from \"../../sdk.gen\";\nimport type { CfgAccountsTokenBlacklistCreateData, CfgAccountsTokenBlacklistCreateResponses } from \"../../types.gen\";\n\n\ntype Args = Omit<CfgAccountsTokenBlacklistCreateData, \"url\">;\ntype Result = CfgAccountsTokenBlacklistCreateResponses[keyof CfgAccountsTokenBlacklistCreateResponses];\n\nexport function useCfgAccountsTokenBlacklistCreate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_token_blacklist_create\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_token_blacklist_create\"], Args>(\n [\"cfg_accounts_token_blacklist_create\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccountsAuth.cfgAccountsTokenBlacklistCreate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n return data;\n },\n config,\n );\n}\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// POST /cfg/accounts/token/refresh/\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccountsAuth } from \"../../sdk.gen\";\nimport type { CfgAccountsTokenRefreshCreateData, CfgAccountsTokenRefreshCreateResponses } from \"../../types.gen\";\nimport { TokenRefreshSchema } from \"../schemas/TokenRefresh\";\n\ntype Args = Omit<CfgAccountsTokenRefreshCreateData, \"url\">;\ntype Result = CfgAccountsTokenRefreshCreateResponses[keyof CfgAccountsTokenRefreshCreateResponses];\n\nexport function useCfgAccountsTokenRefreshCreate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_token_refresh_create\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_token_refresh_create\"], Args>(\n [\"cfg_accounts_token_refresh_create\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccountsAuth.cfgAccountsTokenRefreshCreate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = TokenRefreshSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_token_refresh_create\",\n method: \"POST\",\n path: \"/cfg/accounts/token/refresh/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_token_refresh_create\",\n method: \"POST\",\n path: \"/cfg/accounts/token/refresh/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const TokenRefreshSchema = z.object({\n access: z.string(),\n refresh: z.string(),\n});\n\nexport type TokenRefresh = z.infer<typeof TokenRefreshSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const APIKeyRequestSchema = z.object({\n key: z.string().min(1),\n reissued_at: z.string().datetime({ offset: true }).nullable(),\n created_at: z.string().datetime({ offset: true }),\n});\n\nexport type APIKeyRequest = z.infer<typeof APIKeyRequestSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const APIKeyTestRequestSchema = z.object({\n key: z.string().min(1),\n});\n\nexport type APIKeyTestRequest = z.infer<typeof APIKeyTestRequestSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const CfgUserUpdateRequestSchema = z.object({\n first_name: z.string().max(50).optional(),\n last_name: z.string().max(50).optional(),\n company: z.string().max(100).optional(),\n phone: z.string().max(20).optional(),\n position: z.string().max(100).optional(),\n language: z.string().max(10).optional(),\n timezone: z.string().max(64).optional(),\n});\n\nexport type CfgUserUpdateRequest = z.infer<typeof CfgUserUpdateRequestSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const OAuthAuthorizeRequestRequestSchema = z.object({\n redirect_uri: z.string().optional(),\n source_url: z.string().optional(),\n});\n\nexport type OAuthAuthorizeRequestRequest = z.infer<typeof OAuthAuthorizeRequestRequestSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const OAuthCallbackRequestRequestSchema = z.object({\n code: z.string().min(10).max(500),\n state: z.string().min(20).max(100),\n redirect_uri: z.string().optional(),\n});\n\nexport type OAuthCallbackRequestRequest = z.infer<typeof OAuthCallbackRequestRequestSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\nimport { OAuthProviderEnumSchema } from \"./OAuthProviderEnum\";\n\nexport const OAuthDisconnectRequestRequestSchema = z.object({\n provider: OAuthProviderEnumSchema,\n});\n\nexport type OAuthDisconnectRequestRequest = z.infer<typeof OAuthDisconnectRequestRequestSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const OAuthErrorSchema = z.object({\n error: z.string(),\n error_description: z.string().optional(),\n});\n\nexport type OAuthError = z.infer<typeof OAuthErrorSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const OTPErrorResponseSchema = z.object({\n error: z.string(),\n error_code: z.string().nullable().optional(),\n retry_after: z.number().int().nullable().optional(),\n});\n\nexport type OTPErrorResponse = z.infer<typeof OTPErrorResponseSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const OTPRequestRequestSchema = z.object({\n identifier: z.string().min(1),\n source_url: z.string().optional(),\n});\n\nexport type OTPRequestRequest = z.infer<typeof OTPRequestRequestSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const OTPVerifyRequestSchema = z.object({\n identifier: z.string().min(1),\n otp: z.string().min(4).max(4),\n source_url: z.string().optional(),\n});\n\nexport type OTPVerifyRequest = z.infer<typeof OTPVerifyRequestSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const PatchedCfgUserUpdateRequestSchema = z.object({\n first_name: z.string().max(50).optional(),\n last_name: z.string().max(50).optional(),\n company: z.string().max(100).optional(),\n phone: z.string().max(20).optional(),\n position: z.string().max(100).optional(),\n language: z.string().max(10).optional(),\n timezone: z.string().max(64).optional(),\n});\n\nexport type PatchedCfgUserUpdateRequest = z.infer<typeof PatchedCfgUserUpdateRequestSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const TokenBlacklistRequestSchema = z.object({\n refresh: z.string().min(1),\n});\n\nexport type TokenBlacklistRequest = z.infer<typeof TokenBlacklistRequestSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const TokenRefreshRequestSchema = z.object({\n refresh: z.string().min(1),\n});\n\nexport type TokenRefreshRequest = z.infer<typeof TokenRefreshRequestSchema>;\n","/**\n * Email validation utility\n */\nexport const validateEmail = (email: string): boolean => {\n const emailRegex = /^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$/;\n return emailRegex.test(email);\n};\n","/**\n * Format authentication error for display\n */\nexport const formatAuthError = (error: any): string => {\n if (typeof error === 'string') {\n return error;\n }\n\n if (error?.message) {\n return error.message;\n }\n\n if (error?.detail) {\n return error.detail;\n }\n\n if (error?.response?.data?.detail) {\n return error.response.data.detail;\n }\n\n return 'An unexpected error occurred';\n};\n","/**\n * Pure auth-guard state resolution.\n *\n * This is the decision that produced the \"stuck on Authenticating…\" bug: given\n * the auth state, should the UI show a preloader, redirect to login, or render\n * the protected content? Extracted from useAuthGuard (which lives in a package\n * with no test infra) so the branching can be unit-tested in isolation — the\n * hook just wires React state (mounted / isRedirecting) into these functions.\n *\n * Invariant that fixes the bug: once auth is resolved (`authLoading === false`)\n * and the user is unauthenticated, `isLoading` must become false so the guard\n * redirects to the form instead of spinning forever.\n */\n\nexport interface GuardInput {\n /** First client render matches SSR (preloader) until mounted, to avoid hydration mismatch. */\n mounted: boolean;\n /** Whether this route requires authentication. */\n requireAuth: boolean;\n /** AuthContext still resolving initial state. */\n authLoading: boolean;\n /** A redirect to the auth page is in flight. */\n isRedirecting: boolean;\n /** User currently has a (valid-looking) session. */\n isAuthenticated: boolean;\n}\n\n/**\n * True while the guard should render a preloader rather than the protected\n * content. Mirrors useAuthGuard's formula exactly.\n */\nexport function resolveGuardIsLoading(s: GuardInput): boolean {\n if (!s.mounted) return true; // pre-hydration: always preloader\n if (!s.requireAuth) return false; // public route: never blocks\n return s.authLoading || s.isRedirecting || !s.isAuthenticated;\n}\n\n/**\n * Whether the guard should trigger a redirect to the auth page. Only once\n * mounted, on a protected route, after auth resolved, when unauthenticated and\n * not already redirecting. This is the branch that must fire for a dead session.\n */\nexport function shouldRedirectToAuth(s: GuardInput): boolean {\n return (\n s.mounted &&\n s.requireAuth &&\n !s.authLoading &&\n !s.isAuthenticated &&\n !s.isRedirecting\n );\n}\n\n/** The effective authenticated flag the guard exposes to consumers. */\nexport function resolveGuardIsAuthenticated(s: Pick<GuardInput, 'requireAuth' | 'isAuthenticated'>): boolean {\n return !s.requireAuth || s.isAuthenticated;\n}\n\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACKO,IAAM,iBAAiB;AAAA;AAAA,EAE5B,kBAAkB;AAAA;AAAA,EAElB,aAAa;AAAA;AAAA,EAEb,wBAAwB;AAC1B;;;ACMA,IAAAA,qBAA4B;AAC5B,IAAAC,iBASO;;;ACrBA,IAAM,WAAN,cAAuB,MAAM;AAAA,EAClC,YACS,YACA,YACA,UACA,KACP,SACA;AACA,UAAM,WAAW,QAAQ,UAAU,KAAK,UAAU,EAAE;AAN7C;AACA;AACA;AACA;AAIP,SAAK,OAAO;AAAA,EACd;AAAA,EAjBF,OAOoC;AAAA;AAAA;AAAA,EAYlC,IAAI,UAAsC;AACxC,QAAI,OAAO,KAAK,aAAa,YAAY,KAAK,aAAa,MAAM;AAC/D,aAAO,KAAK;AAAA,IACd;AACA,WAAO;AAAA,EACT;AAAA,EAEA,IAAI,cAA+C;AACjD,UAAM,UAAU,KAAK;AACrB,QAAI,CAAC,QAAS,QAAO;AACrB,UAAM,cAAwC,CAAC;AAC/C,eAAW,CAAC,KAAK,KAAK,KAAK,OAAO,QAAQ,OAAO,GAAG;AAClD,UAAI,MAAM,QAAQ,KAAK,EAAG,aAAY,GAAG,IAAI;AAAA,IAC/C;AACA,WAAO,OAAO,KAAK,WAAW,EAAE,SAAS,IAAI,cAAc;AAAA,EAC7D;AAAA,EAEA,IAAI,eAAuB;AACzB,UAAM,UAAU,KAAK;AACrB,QAAI,CAAC,QAAS,QAAO,KAAK;AAC1B,QAAI,QAAQ,QAAQ;AAClB,aAAO,MAAM,QAAQ,QAAQ,MAAM,IAAI,QAAQ,OAAO,KAAK,IAAI,IAAI,OAAO,QAAQ,MAAM;AAAA,IAC1F;AACA,QAAI,QAAQ,MAAO,QAAO,OAAO,QAAQ,KAAK;AAC9C,QAAI,QAAQ,QAAS,QAAO,OAAO,QAAQ,OAAO;AAClD,UAAM,cAAc,KAAK;AACzB,QAAI,aAAa;AACf,YAAM,aAAa,OAAO,KAAK,WAAW,EAAE,CAAC;AAC7C,UAAI,WAAY,QAAO,GAAG,UAAU,KAAK,YAAY,UAAU,GAAG,KAAK,IAAI,CAAC;AAAA,IAC9E;AACA,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,IAAI,oBAA6B;AAAE,WAAO,KAAK,eAAe;AAAA,EAAK;AAAA,EACnE,IAAI,cAAuB;AAAE,WAAO,KAAK,eAAe;AAAA,EAAK;AAAA,EAC7D,IAAI,oBAA6B;AAAE,WAAO,KAAK,eAAe;AAAA,EAAK;AAAA,EACnE,IAAI,kBAA2B;AAAE,WAAO,KAAK,eAAe;AAAA,EAAK;AAAA,EACjE,IAAI,gBAAyB;AAAE,WAAO,KAAK,cAAc,OAAO,KAAK,aAAa;AAAA,EAAK;AACzF;;;ACjDA,IAAM,aAAa;AACnB,IAAM,cAAc;AACpB,IAAM,cAAc;AAEpB,IAAM,YAAY,OAAO,WAAW;AAWpC,IAAM,sBAA+B;AAAA,EACnC,IAAI,KAAK;AACP,QAAI,CAAC,UAAW,QAAO;AACvB,QAAI;AAAE,aAAO,OAAO,aAAa,QAAQ,GAAG;AAAA,IAAG,QAAQ;AAAE,aAAO;AAAA,IAAM;AAAA,EACxE;AAAA,EACA,IAAI,KAAK,OAAO;AACd,QAAI,CAAC,UAAW;AAChB,QAAI;AACF,UAAI,UAAU,KAAM,QAAO,aAAa,WAAW,GAAG;AAAA,UACjD,QAAO,aAAa,QAAQ,KAAK,KAAK;AAAA,IAC7C,QAAQ;AAAA,IAAC;AAAA,EACX;AACF;AAGA,IAAM,iBAAiB,KAAK,KAAK,KAAK;AAEtC,IAAM,gBAAyB;AAAA,EAC7B,IAAI,KAAK;AACP,QAAI,CAAC,UAAW,QAAO;AACvB,QAAI;AACF,YAAM,KAAK,IAAI,OAAO,cAAc,mBAAmB,GAAG,CAAC,UAAU;AACrE,YAAM,IAAI,SAAS,OAAO,MAAM,EAAE;AAClC,aAAO,IAAI,mBAAmB,EAAE,CAAC,CAAC,IAAI;AAAA,IACxC,QAAQ;AAAE,aAAO;AAAA,IAAM;AAAA,EACzB;AAAA,EACA,IAAI,KAAK,OAAO;AACd,QAAI,CAAC,UAAW;AAChB,QAAI;AACF,YAAM,IAAI,mBAAmB,GAAG;AAChC,YAAM,SAAS,OAAO,SAAS,aAAa,WAAW,aAAa;AACpE,UAAI,UAAU,MAAM;AAClB,iBAAS,SAAS,GAAG,CAAC,qCAAqC,MAAM;AAAA,MACnE,OAAO;AACL,cAAM,IAAI,mBAAmB,KAAK;AAClC,iBAAS,SAAS,GAAG,CAAC,IAAI,CAAC,qBAAqB,cAAc,iBAAiB,MAAM;AAAA,MACvF;AAAA,IACF,QAAQ;AAAA,IAAC;AAAA,EACX;AACF;AAEA,IAAI,WAAoB;AACxB,IAAI,eAA4B;AAGhC,SAAS,eAA8B;AACrC,MAAI;AACF,QAAI,OAAO,aAAa,aAAa;AACnC,YAAM,IAAI,SAAS,OAAO,MAAM,+BAA+B;AAC/D,UAAI,EAAG,QAAO,mBAAmB,EAAE,CAAC,CAAC;AAAA,IACvC;AACA,QAAI,OAAO,cAAc,eAAe,UAAU,UAAU;AAC1D,aAAO,UAAU;AAAA,IACnB;AAAA,EACF,QAAQ;AAAA,EAAC;AACT,SAAO;AACT;AAXS;AAuBT,SAAS,iBAAyB;AAChC,MAAI,OAAO,WAAW,aAAa;AACjC,QAAI;AACF,UAAI,OAAO,YAAY,eAAe,QAAQ,KAAK;AACjD,YAAI,QAAQ,IAAI,6BAA6B,OAAQ,QAAO;AAG5D,YAAI,QAAQ,IAAI,8BAA8B;AAC5C,iBAAO,QAAQ,IAAI;AACrB,eAAO,QAAQ,IAAI,uBAAuB;AAAA,MAC5C;AAAA,IACF,QAAQ;AAAA,IAAC;AACT,WAAO;AAAA,EACT;AACA,MAAI;AACF,QAAI,OAAO,YAAY,eAAe,QAAQ,KAAK;AACjD,UAAI,QAAQ,IAAI,6BAA6B,OAAQ,QAAO;AAC5D,aAAO,QAAQ,IAAI,uBAAuB;AAAA,IAC5C;AAAA,EACF,QAAQ;AAAA,EAAC;AACT,SAAO;AACT;AArBS;AA6BT,SAAS,gBAA+B;AACtC,MAAI;AACF,QAAI,OAAO,YAAY,eAAe,QAAQ,KAAK,qBAAqB;AACtE,aAAO,QAAQ,IAAI;AAAA,IACrB;AAAA,EACF,QAAQ;AAAA,EAAC;AACT,SAAO;AACT;AAPS;AAUT,IAAI,kBAAiC;AACrC,IAAI,kBAAiC;AACrC,IAAI,mBAAkC;AACtC,IAAI,mBAAmB;AACvB,IAAI,kBAAyD;AAS7D,IAAI,kBAAyC;AAG7C,IAAI,mBAAkD;AAGtD,IAAM,eAAe;AAoBrB,SAAS,SAAS,OAA8B;AAC9C,MAAI;AACF,UAAM,UAAU,MAAM,MAAM,GAAG,EAAE,CAAC;AAClC,QAAI,CAAC,QAAS,QAAO;AACrB,UAAM,OAAO,KAAK,MAAM,KAAK,QAAQ,QAAQ,MAAM,GAAG,EAAE,QAAQ,MAAM,GAAG,CAAC,CAAC;AAC3E,WAAO,OAAO,KAAK,QAAQ,WAAW,KAAK,MAAM,MAAO;AAAA,EAC1D,QAAQ;AAAE,WAAO;AAAA,EAAM;AACzB;AAPS;AAST,SAAS,kBAAmC;AAC1C,QAAM,SAAS,SAAS,IAAI,UAAU;AACtC,QAAM,UAAU,SAAS,IAAI,WAAW;AACxC,QAAM,MAAM,KAAK,IAAI;AACrB,QAAM,YAAY,SAAS,SAAS,MAAM,IAAI;AAC9C,QAAM,cAAc,WAAW,SAAS,cAAc,QAAQ,YAAY;AAC1E,QAAM,aAAa,UAAU,SAAS,OAAO,IAAI;AACjD,QAAM,eAAe,YAAY,SAAS,eAAe,QAAQ,aAAa;AAC9E,SAAO;AAAA,IACL,QAAQ,eAAe,eAAe,kBAAkB;AAAA,IACxD,iBAAiB;AAAA,EACnB;AACF;AAZS;AAeT,IAAM,kBAAmC,EAAE,QAAQ,aAAa,iBAAiB,KAAK;AAMtF,IAAM,qBAAqB,oBAAoB,UAAU;AAEzD,IAAI,YAA6B,gBAAgB;AACjD,IAAM,oBAAoB,oBAAI,IAAgB;AAC9C,IAAI,eAAqD;AACzD,IAAI,4BAA4B;AAGhC,SAAS,qBAA2B;AAClC,MAAI,CAAC,UAAW;AAChB,MAAI,iBAAiB,MAAM;AAAE,iBAAa,YAAY;AAAG,mBAAe;AAAA,EAAM;AAC9E,MAAI,kBAAkB,SAAS,EAAG;AAClC,QAAM,MAAM,KAAK,IAAI;AACrB,QAAM,OAAiB,CAAC;AACxB,QAAM,SAAS,SAAS,IAAI,UAAU;AACtC,QAAM,UAAU,SAAS,IAAI,WAAW;AACxC,QAAM,YAAY,SAAS,SAAS,MAAM,IAAI;AAC9C,QAAM,aAAa,UAAU,SAAS,OAAO,IAAI;AACjD,MAAI,cAAc,QAAQ,YAAY,IAAK,MAAK,KAAK,SAAS;AAC9D,MAAI,eAAe,QAAQ,aAAa,IAAK,MAAK,KAAK,UAAU;AACjE,MAAI,CAAC,KAAK,OAAQ;AAGlB,QAAM,QAAQ,KAAK,IAAI,KAAK,IAAI,GAAG,IAAI,IAAI,MAAM,KAAK,UAAU;AAChE,iBAAe,WAAW,sBAAsB,KAAK;AACvD;AAjBS;AAoBT,SAAS,uBAA6B;AACpC,QAAM,OAAO,gBAAgB;AAC7B,QAAM,UACJ,KAAK,WAAW,UAAU,UAC1B,KAAK,oBAAoB,UAAU;AACrC,MAAI,QAAS,aAAY;AACzB,qBAAmB;AACnB,MAAI,CAAC,QAAS;AACd,aAAW,YAAY,MAAM,KAAK,iBAAiB,GAAG;AACpD,QAAI;AAAE,eAAS;AAAA,IAAG,QAAQ;AAAA,IAAC;AAAA,EAC7B;AAIA,MAAI,WAAW;AACb,QAAI;AAAE,aAAO,cAAc,IAAI,MAAM,kBAAkB,CAAC;AAAA,IAAG,QAAQ;AAAA,IAAC;AAAA,EACtE;AACF;AAjBS;AAsBT,SAAS,oBAA0B;AACjC,MAAI,CAAC,aAAa,0BAA2B;AAC7C,8BAA4B;AAC5B,SAAO,iBAAiB,WAAW,CAAC,MAAM;AACxC,QAAI,EAAE,QAAQ,QAAQ,EAAE,QAAQ,cAAc,EAAE,QAAQ,aAAa;AACnE,2BAAqB;AAAA,IACvB;AAAA,EACF,CAAC;AACD,SAAO,iBAAiB,oBAAoB,MAAM,qBAAqB,CAAC;AAC1E;AATS;AAiBT,IAAM,0BAA0B,oBAAI,IAA2B;AAiB/D,IAAI,UAA4B;AAEhC,SAAS,mBAAyB;AAChC,MAAI,CAAC,QAAS;AACd,UAAQ,UAAU;AAAA,IAChB,SAAS,KAAK,WAAW;AAAA,IACzB,aAAa,mBAAmB,YAAY;AAAA,EAC9C,CAAC;AACH;AANS;AAsBF,IAAM,OAAO;AAAA;AAAA,EAElB,iBAA8B;AAAE,WAAO;AAAA,EAAc;AAAA,EACrD,eAAe,MAAyB;AACtC,mBAAe;AACf,eAAW,SAAS,WAAW,gBAAgB;AAC/C,yBAAqB;AAAA,EACvB;AAAA;AAAA,EAGA,WAA0B;AAAE,WAAO,SAAS,IAAI,UAAU;AAAA,EAAG;AAAA,EAC7D,SAAS,OAA4B;AACnC,aAAS,IAAI,YAAY,KAAK;AAC9B,yBAAqB;AAAA,EACvB;AAAA,EACA,kBAAiC;AAAE,WAAO,SAAS,IAAI,WAAW;AAAA,EAAG;AAAA,EACrE,gBAAgB,OAA4B;AAC1C,aAAS,IAAI,aAAa,KAAK;AAC/B,yBAAqB;AAAA,EACvB;AAAA,EACA,cAAoB;AAClB,aAAS,IAAI,YAAY,IAAI;AAC7B,aAAS,IAAI,aAAa,IAAI;AAC9B,yBAAqB;AAAA,EACvB;AAAA;AAAA;AAAA,EAGA,kBAA2B;AAAE,WAAO,gBAAgB,EAAE,WAAW;AAAA,EAAiB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUlF,WAAW,QAA2D;AACpE,aAAS,IAAI,YAAY,OAAO,MAAM;AACtC,QAAI,OAAO,YAAY,OAAW,UAAS,IAAI,aAAa,OAAO,OAAO;AAC1E,yBAAqB;AAAA,EACvB;AAAA,EACA,eAAqB;AAAE,SAAK,YAAY;AAAA,EAAG;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAU3C,cAA+B;AAAE,WAAO;AAAA,EAAW;AAAA,EACnD,oBAAqC;AAAE,WAAO;AAAA,EAAiB;AAAA,EAC/D,UAAU,UAAkC;AAC1C,sBAAkB;AAClB,sBAAkB,IAAI,QAAQ;AAE9B,yBAAqB;AACrB,WAAO,MAAM;AACX,wBAAkB,OAAO,QAAQ;AACjC,UAAI,kBAAkB,SAAS,KAAK,iBAAiB,MAAM;AACzD,qBAAa,YAAY;AACzB,uBAAe;AAAA,MACjB;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,iBAAiB,IAAuC;AACtD,4BAAwB,IAAI,EAAE;AAC9B,WAAO,MAAM;AAAE,8BAAwB,OAAO,EAAE;AAAA,IAAG;AAAA,EACrD;AAAA;AAAA,EAGA,YAA2B;AACzB,WAAO,mBAAmB,SAAS,IAAI,WAAW,KAAK,cAAc;AAAA,EACvE;AAAA,EACA,UAAU,KAA0B;AAAE,sBAAkB;AAAA,EAAK;AAAA,EAC7D,iBAAiB,KAA0B;AACzC,sBAAkB;AAClB,aAAS,IAAI,aAAa,GAAG;AAAA,EAC/B;AAAA,EACA,cAAoB;AAAE,sBAAkB;AAAM,aAAS,IAAI,aAAa,IAAI;AAAA,EAAG;AAAA;AAAA,EAG/E,YAA2B;AAAE,WAAO,mBAAmB,aAAa;AAAA,EAAG;AAAA,EACvE,UAAU,QAA6B;AAAE,sBAAkB;AAAA,EAAQ;AAAA;AAAA,EAGnE,aAAqB;AACnB,UAAM,MAAO,oBAAoB,eAAe;AAChD,WAAO,IAAI,QAAQ,OAAO,EAAE;AAAA,EAC9B;AAAA,EACA,WAAW,KAA0B;AACnC,uBAAmB,MAAM,IAAI,QAAQ,OAAO,EAAE,IAAI;AAClD,qBAAiB;AAAA,EACnB;AAAA;AAAA,EAGA,qBAA8B;AAAE,WAAO;AAAA,EAAkB;AAAA,EACzD,mBAAmB,OAAsB;AACvC,uBAAmB;AACnB,qBAAiB;AAAA,EACnB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,eAAe,IAAiD;AAC9D,sBAAkB;AAAA,EACpB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,kBAAkB,IAAiC;AACjD,sBAAkB;AAAA,EACpB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,aAAqC;AACnC,WAAO,WAAW;AAAA,EACpB;AACF;AAsBA,eAAe,aAAqC;AAClD,MAAI,iBAAkB,QAAO;AAC7B,MAAI,CAAC,gBAAiB,QAAO;AAK7B,QAAM,aAAa,mCAAoC;AACrD,UAAM,UAAU,KAAK,gBAAgB;AACrC,QAAI,CAAC,QAAS,QAAO;AACrB,UAAM,SAAS,MAAM,gBAAiB,OAAO;AAC7C,QAAI,CAAC,QAAQ,OAAQ,QAAO;AAC5B,SAAK,SAAS,OAAO,MAAM;AAC3B,QAAI,OAAO,QAAS,MAAK,gBAAgB,OAAO,OAAO;AACvD,WAAO,OAAO;AAAA,EAChB,GARmB;AAUnB,sBAAoB,YAAY;AAC9B,QAAI;AAEF,YAAM,QACJ,OAAO,cAAc,cAChB,UAAkD,QACnD;AACN,UAAI,OAAO,SAAS;AAClB,eAAO,MAAM,MAAM,QAAQ,GAAG,WAAW,YAAY,UAAU;AAAA,MACjE;AACA,aAAO,MAAM,WAAW;AAAA,IAC1B,QAAQ;AACN,aAAO;AAAA,IACT,UAAE;AACA,yBAAmB;AAAA,IACrB;AAAA,EACF,GAAG;AAEH,SAAO;AACT;AApCe;AA6Cf,SAAS,cAAc,UAA0B;AAC/C,OAAK,YAAY;AACjB,aAAW,MAAM,MAAM,KAAK,uBAAuB,GAAG;AACpD,QAAI;AAAE,SAAG,QAAQ;AAAA,IAAG,QAAQ;AAAA,IAAC;AAAA,EAC/B;AACA,MAAI,iBAAiB;AACnB,QAAI;AAAE,sBAAgB,QAAQ;AAAA,IAAG,QAAQ;AAAA,IAAC;AAAA,EAC5C;AACF;AARS;AA8DT,SAAS,cAAuB;AAC9B,MAAI;AACF,WAAO,OAAO,YAAY,eACrB,QAAQ,KAAK,6BAA6B;AAAA,EACjD,QAAQ;AAAE,WAAO;AAAA,EAAO;AAC1B;AALS;AAOT,IAAM,WAAW;AACjB,IAAM,cAAc;AACpB,IAAM,eAAe;AAErB,SAAS,WAAiC;AACxC,SAAO,IAAI,QAAQ,CAAC,SAAS,WAAW;AACtC,UAAM,MAAM,UAAU,KAAK,UAAU,CAAC;AACtC,QAAI,kBAAkB,MAAM,IAAI,OAAO,kBAAkB,WAAW;AACpE,QAAI,YAAY,MAAM,QAAQ,IAAI,MAAM;AACxC,QAAI,UAAU,MAAM,OAAO,IAAI,KAAK;AAAA,EACtC,CAAC;AACH;AAPS;AAST,SAAS,QAAQ,KAAiD;AAChE,SAAO,SAAS,EAAE,KAAK,CAAC,OAAO,IAAI,QAAQ,CAAC,SAAS,WAAW;AAC9D,UAAM,KAAK,GAAG,YAAY,aAAa,UAAU;AACjD,UAAM,MAAM,GAAG,YAAY,WAAW,EAAE,IAAI,GAAG;AAC/C,QAAI,YAAY,MAAM,QAAQ,IAAI,MAAM;AACxC,QAAI,UAAU,MAAM,OAAO,IAAI,KAAK;AAAA,EACtC,CAAC,CAAC;AACJ;AAPS;AAST,SAAS,QAAQ,KAAa,OAAqC;AACjE,SAAO,SAAS,EAAE,KAAK,CAAC,OAAO,IAAI,QAAQ,CAAC,SAAS,WAAW;AAC9D,UAAM,KAAK,GAAG,YAAY,aAAa,WAAW;AAClD,OAAG,YAAY,WAAW,EAAE,IAAI,OAAO,GAAG;AAC1C,OAAG,aAAa,MAAM,QAAQ;AAC9B,OAAG,UAAU,MAAM,OAAO,GAAG,KAAK;AAAA,EACpC,CAAC,CAAC;AACJ;AAPS;AAUT,IAAI,kBAAiD;AAErD,SAAS,kBAA0C;AACjD,MAAI,gBAAiB,QAAO;AAC5B,qBAAmB,YAAY;AAC7B,UAAM,WAAW,MAAM,QAAQ,YAAY,EAAE,MAAM,MAAM,MAAS;AAClE,QAAI,SAAU,QAAO;AACrB,UAAM,OAAO,MAAM,OAAO,OAAO;AAAA,MAC/B,EAAE,MAAM,SAAS,YAAY,QAAQ;AAAA,MACrC;AAAA;AAAA,MACA,CAAC,MAAM;AAAA,IACT;AAGA,UAAM,QAAQ,cAAc,IAAI,EAAE,MAAM,MAAM;AAAA,IAAC,CAAC;AAChD,WAAO;AAAA,EACT,GAAG;AACH,SAAO;AACT;AAhBS;AAkBT,SAAS,iBAAiB,OAAyC;AACjE,QAAM,MAAM,iBAAiB,aAAa,QAAQ,IAAI,WAAW,KAAK;AACtE,MAAI,IAAI;AACR,WAAS,IAAI,GAAG,IAAI,IAAI,QAAQ,IAAK,MAAK,OAAO,aAAa,IAAI,CAAC,CAAC;AACpE,SAAO,KAAK,CAAC,EAAE,QAAQ,OAAO,GAAG,EAAE,QAAQ,OAAO,GAAG,EAAE,QAAQ,OAAO,EAAE;AAC1E;AALS;AAOT,SAAS,kBAAkB,KAAqB;AAC9C,SAAO,iBAAiB,IAAI,YAAY,EAAE,OAAO,GAAG,CAAC;AACvD;AAFS;AAKT,eAAe,WAAW,KAAiD;AACzE,QAAM,MAAM,MAAM,OAAO,OAAO,UAAU,OAAO,GAAG;AAEpD,SAAO,EAAE,KAAK,MAAM,KAAK,SAAS,GAAG,IAAI,GAAa,GAAG,IAAI,EAAY;AAC3E;AAJe;AAOf,eAAe,eAAe,QAAgB,KAAqC;AACjF,MAAI;AACF,UAAM,OAAO,MAAM,gBAAgB;AACnC,UAAM,MAAM,MAAM,WAAW,KAAK,SAAS;AAC3C,UAAM,SAAS,EAAE,KAAK,YAAY,KAAK,SAAS,IAAI;AAEpD,UAAM,MAAM,IAAI,MAAM,GAAG,EAAE,CAAC,EAAE,MAAM,GAAG,EAAE,CAAC;AAC1C,UAAM,MACH,OAAO,cAAc,OAAO,WAAW,KACxC,iBAAiB,OAAO,gBAAgB,IAAI,WAAW,EAAE,CAAC,CAAC;AAC7D,UAAM,UAAU,EAAE,KAAK,OAAO,YAAY,GAAG,KAAK,KAAK,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI,GAAG,IAAI;AAC1F,UAAM,eACJ,GAAG,kBAAkB,KAAK,UAAU,MAAM,CAAC,CAAC,IAAI,kBAAkB,KAAK,UAAU,OAAO,CAAC,CAAC;AAC5F,UAAM,MAAM,MAAM,OAAO,OAAO;AAAA,MAC9B,EAAE,MAAM,SAAS,MAAM,UAAU;AAAA,MACjC,KAAK;AAAA,MACL,IAAI,YAAY,EAAE,OAAO,YAAY;AAAA,IACvC;AACA,WAAO,GAAG,YAAY,IAAI,iBAAiB,GAAG,CAAC;AAAA,EACjD,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAtBe;AAwBR,SAAS,oBAAoBC,SAAyB;AAC3D,MAAI,QAAS;AACb,YAAUA;AAEV,EAAAA,QAAO,UAAU;AAAA,IACf,SAAS,KAAK,WAAW;AAAA,IACzB,aAAa,mBAAmB,YAAY;AAAA,EAC9C,CAAC;AAED,EAAAA,QAAO,aAAa,QAAQ,IAAI,OAAO,YAAY;AACjD,UAAM,QAAQ,KAAK,SAAS;AAC5B,QAAI,MAAO,SAAQ,QAAQ,IAAI,iBAAiB,UAAU,KAAK,EAAE;AAEjE,UAAM,SAAS,KAAK,UAAU;AAC9B,QAAI,OAAQ,SAAQ,QAAQ,IAAI,mBAAmB,MAAM;AAIzD,UAAM,SAAS,KAAK,UAAU;AAC9B,QAAI,UAAU,CAAC,QAAQ,QAAQ,IAAI,WAAW,EAAG,SAAQ,QAAQ,IAAI,aAAa,MAAM;AAExF,QAAI;AACF,YAAM,KAAK,KAAK,eAAe,EAAE,gBAAgB,EAAE;AACnD,UAAI,GAAI,SAAQ,QAAQ,IAAI,cAAc,EAAE;AAAA,IAC9C,QAAQ;AAAA,IAAC;AACT,YAAQ,QAAQ,IAAI,kBAAiB,oBAAI,KAAK,GAAE,YAAY,CAAC;AAI7D,QAAI,YAAY,KAAK,OAAO,WAAW,aAAa;AAClD,YAAM,QAAQ,MAAM,eAAe,QAAQ,QAAQ,QAAQ,GAAG;AAC9D,UAAI,MAAO,SAAQ,QAAQ,IAAI,QAAQ,KAAK;AAAA,IAC9C;AAEA,WAAO;AAAA,EACT,CAAC;AAED,EAAAA,QAAO,aAAa,MAAM,IAAI,CAAC,KAAK,KAAK,QAAQ;AAC/C,QAAI,eAAe,SAAU,QAAO;AACpC,UAAM,MAAO,KAA6B,OAAO;AACjD,UAAM,SAAU,KAA8B,UAAU;AACxD,UAAM,aAAc,KAA8B,cAAc;AAChE,WAAO,IAAI,SAAS,QAAQ,YAAY,KAAK,GAAG;AAAA,EAClD,CAAC;AAGD,EAAAA,QAAO,aAAa,SAAS,IAAI,OAAO,UAAU,YAAY;AAC5D,QAAI,SAAS,WAAW,IAAK,QAAO;AAGpC,QAAI,QAAQ,QAAQ,IAAI,YAAY,GAAG;AACrC,oBAAc,QAAQ;AACtB,aAAO;AAAA,IACT;AAEA,UAAM,WAAW,MAAM,WAAW;AAClC,QAAI,CAAC,UAAU;AACb,oBAAc,QAAQ;AACtB,aAAO;AAAA,IACT;AAKA,UAAM,QAAQ,QAAQ,MAAM;AAC5B,UAAM,QAAQ,IAAI,iBAAiB,UAAU,QAAQ,EAAE;AACvD,UAAM,QAAQ,IAAI,cAAc,GAAG;AAGnC,QAAI,YAAY,KAAK,OAAO,WAAW,aAAa;AAClD,YAAM,QAAQ,MAAM,eAAe,MAAM,QAAQ,MAAM,GAAG;AAC1D,UAAI,MAAO,OAAM,QAAQ,IAAI,QAAQ,KAAK;AAAA,IAC5C;AACA,QAAI;AACF,YAAM,UAAU,MAAM,MAAM,KAAK;AACjC,UAAI,QAAQ,WAAW,IAAK,eAAc,OAAO;AACjD,aAAO;AAAA,IACT,QAAQ;AAIN,aAAO;AAAA,IACT;AAAA,EACF,CAAC;AACH;AApFgB;AAiGhB,IAAM,mBAAmB;AAEzB,KAAK,kBAAkB,OAAO,YAAY;AACxC,MAAI;AACF,UAAM,MAAM,GAAG,KAAK,WAAW,CAAC,GAAG,gBAAgB;AACnD,UAAM,UAAkC,EAAE,gBAAgB,mBAAmB;AAE7E,QAAI,YAAY,KAAK,OAAO,WAAW,aAAa;AAClD,YAAM,QAAQ,MAAM,eAAe,QAAQ,GAAG;AAC9C,UAAI,MAAO,SAAQ,MAAM,IAAI;AAAA,IAC/B;AACA,UAAM,MAAM,MAAM,MAAM,KAAK;AAAA,MAC3B,QAAQ;AAAA,MACR;AAAA,MACA,aAAa,KAAK,mBAAmB,IAAI,YAAY;AAAA,MACrD,MAAM,KAAK,UAAU,EAAE,QAAQ,CAAC;AAAA,IAClC,CAAC;AACD,QAAI,CAAC,IAAI,GAAI,QAAO;AACpB,UAAM,OAAQ,MAAM,IAAI,KAAK;AAC7B,WAAO,MAAM,SACT,EAAE,QAAQ,KAAK,QAAQ,SAAS,KAAK,WAAW,QAAQ,IACxD;AAAA,EACN,QAAQ;AACN,WAAO;AAAA,EACT;AACF,CAAC;;;ACtyBD,qBAAoD;AAoCpD,IAAM,iBAA+B;AAAA,EACnC,SAAS,OAAO,YAAY,eAAe,yBAA0B;AAAA,EACrE,aAAa;AAAA,EACb,cAAc;AAAA,EACd,WAAW;AAAA,EACX,WAAW;AAAA,EACX,YAAY;AACd;AAEA,IAAM,oBAAoB;AAAA,EACxB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AAEO,IAAM,YAAN,MAAgB;AAAA,EA1DvB,OA0DuB;AAAA;AAAA;AAAA,EACb;AAAA,EACA;AAAA,EAER,YAAY,SAAgC,CAAC,GAAG;AAC9C,SAAK,SAAS,EAAE,GAAG,gBAAgB,GAAG,OAAO;AAC7C,SAAK,UAAU,OAAO,eAAW,8BAAc;AAAA,MAC7C,OAAO,KAAK,OAAO,UAAU,IAAI;AAAA,IACnC,CAAC;AAAA,EACH;AAAA,EAEA,SAAe;AAAE,SAAK,OAAO,UAAU;AAAA,EAAM;AAAA,EAC7C,UAAgB;AAAE,SAAK,OAAO,UAAU;AAAA,EAAO;AAAA,EAC/C,UAAU,QAAqC;AAC7C,SAAK,SAAS,EAAE,GAAG,KAAK,QAAQ,GAAG,OAAO;AAAA,EAC5C;AAAA,EAEQ,cAAc,SAA0D;AAC9E,QAAI,CAAC,QAAS,QAAO,CAAC;AACtB,UAAM,WAAmC,CAAC;AAC1C,WAAO,KAAK,OAAO,EAAE,QAAQ,CAAC,QAAQ;AACpC,eAAS,GAAG,IAAI,kBAAkB,SAAS,IAAI,YAAY,CAAC,IAAI,QAAS,QAAQ,GAAG,KAAK;AAAA,IAC3F,CAAC;AACD,WAAO;AAAA,EACT;AAAA,EAEA,WAAW,SAA2B;AACpC,QAAI,CAAC,KAAK,OAAO,WAAW,CAAC,KAAK,OAAO,YAAa;AACtD,UAAM,EAAE,QAAQ,KAAK,SAAS,KAAK,IAAI;AACvC,SAAK,QAAQ,MAAM,GAAG,MAAM,IAAI,GAAG,EAAE;AACrC,QAAI,KAAK,OAAO,cAAc,QAAS,MAAK,QAAQ,MAAM,YAAY,KAAK,cAAc,OAAO,CAAC;AACjG,QAAI,KAAK,OAAO,aAAa,KAAM,MAAK,QAAQ,MAAM,SAAS,IAAI;AAAA,EACrE;AAAA,EAEA,YAAY,SAAqB,UAA6B;AAC5D,QAAI,CAAC,KAAK,OAAO,WAAW,CAAC,KAAK,OAAO,aAAc;AACvD,UAAM,EAAE,QAAQ,IAAI,IAAI;AACxB,UAAM,EAAE,QAAQ,YAAY,MAAM,SAAS,IAAI;AAC/C,SAAK,QAAQ,QAAQ,GAAG,MAAM,IAAI,GAAG,IAAI,MAAM,IAAI,UAAU,KAAK,QAAQ,KAAK;AAC/E,QAAI,KAAK,OAAO,aAAa,KAAM,MAAK,QAAQ,MAAM,aAAa,IAAI;AAAA,EACzE;AAAA,EAEA,SAAS,SAAqB,OAAuB;AACnD,QAAI,CAAC,KAAK,OAAO,WAAW,CAAC,KAAK,OAAO,UAAW;AACpD,UAAM,EAAE,QAAQ,IAAI,IAAI;AACxB,UAAM,EAAE,SAAS,YAAY,aAAa,SAAS,IAAI;AACvD,SAAK,QAAQ,MAAM,GAAG,MAAM,IAAI,GAAG,IAAI,cAAc,SAAS,WAAW,QAAQ,KAAK;AACtF,SAAK,QAAQ,MAAM,YAAY,OAAO;AACtC,QAAI,eAAe,OAAO,KAAK,WAAW,EAAE,SAAS,GAAG;AACtD,WAAK,QAAQ,MAAM,eAAe;AAClC,aAAO,QAAQ,WAAW,EAAE,QAAQ,CAAC,CAAC,OAAO,MAAM,MAAM;AACvD,eAAO,QAAQ,CAAC,QAAQ,KAAK,QAAQ,MAAM,YAAO,KAAK,KAAK,GAAG,EAAE,CAAC;AAAA,MACpE,CAAC;AAAA,IACH;AAAA,EACF;AAAA,EAEA,KAAK,YAAoB,MAAmB;AAAE,QAAI,KAAK,OAAO,QAAS,MAAK,QAAQ,KAAK,SAAS,GAAG,IAAI;AAAA,EAAG;AAAA,EAC5G,KAAK,YAAoB,MAAmB;AAAE,QAAI,KAAK,OAAO,QAAS,MAAK,QAAQ,KAAK,SAAS,GAAG,IAAI;AAAA,EAAG;AAAA,EAC5G,MAAM,YAAoB,MAAmB;AAAE,QAAI,KAAK,OAAO,QAAS,MAAK,QAAQ,MAAM,SAAS,GAAG,IAAI;AAAA,EAAG;AAAA,EAC9G,MAAM,YAAoB,MAAmB;AAAE,QAAI,KAAK,OAAO,QAAS,MAAK,QAAQ,MAAM,SAAS,GAAG,IAAI;AAAA,EAAG;AAAA,EAC9G,QAAQ,YAAoB,MAAmB;AAAE,QAAI,KAAK,OAAO,QAAS,MAAK,QAAQ,QAAQ,SAAS,GAAG,IAAI;AAAA,EAAG;AAAA,EAClH,QAAQ,KAA8B;AAAE,WAAO,KAAK,QAAQ,QAAQ,GAAG;AAAA,EAAG;AAC5E;AAEO,IAAM,gBAAgB,IAAI,UAAU;;;AC1HpC,IAAM,QAAQ,yBAAyB;AAEvC,IAAMC,aAAY,OAAO,WAAW;AAMpC,IAAM,gBAAgB,QAAQ,IAAI,6BAA6B;AAY/D,IAAMC,eAAc,QAAQ,IAAI,6BAA6B;;;ACKpE,IAAM,mBAAmB,SAAS;AAElC,IAAM,gBAA8B,mBAAmB,IAAI;AAE3D,IAAI,SAAuB;AAG3B,IAAM,eAAe,oBAAI,IAAmC;AAGrD,SAAS,cAA4B;AAC1C,SAAO;AACT;AAFgB;AAKT,SAAS,YAAY,OAA2B;AACrD,WAAS;AACT,aAAW,MAAM,cAAc;AAC7B,QAAI;AACF,SAAG,KAAK;AAAA,IACV,QAAQ;AAAA,IAER;AAAA,EACF;AACF;AATgB;AAeT,SAAS,iBAAiB,IAA+C;AAC9E,eAAa,IAAI,EAAE;AACnB,MAAI;AACF,OAAG,MAAM;AAAA,EACX,QAAQ;AAAA,EAER;AACA,SAAO,MAAM,aAAa,OAAO,EAAE;AACrC;AARgB;AAkBT,SAAS,mBAAmB,MAAmD;AACpF,QAAM,UAAU,KAAK,SAAS;AAC9B,MAAI,KAAK,WAAW,SAAS;AAC3B,gBAAY,CAAC;AAAA,EACf,OAAO;AACL,gBAAY,CAAC;AAAA,EACf;AACF;AAPgB;;;AC9DhB,mBAAqC;AAQ9B,SAAS,aAA8B;AAC5C,aAAO,mCAAqB,KAAK,WAAW,KAAK,aAAa,KAAK,iBAAiB;AACtF;AAFgB;;;ACFhB,wBAA2C;AAC3C,IAAAC,gBAAqC;AAKrC,SAAS,cAAsB;AAC7B,MAAI,OAAO,YAAY,aAAa;AAClC,WAAO;AAAA,EACT;AACA,SAAO,QAAQ,IAAI,yBAAyB;AAC9C;AALS;AAUT,SAAS,aAAa,MAAc,UAA0B;AAC5D,MAAI,CAAC,UAAU;AACb,WAAO;AAAA,EACT;AAEA,QAAM,iBAAiB,KAAK,WAAW,GAAG,IAAI,OAAO,IAAI,IAAI;AAE7D,QAAM,qBAAqB,SAAS,QAAQ,OAAO,EAAE;AACrD,SAAO,GAAG,kBAAkB,GAAG,cAAc;AAC/C;AATS;AA6BF,SAAS,eAAe;AAC7B,QAAM,aAAS,kBAAAC,WAAc;AAG7B,QAAM,eAAW,uBAAQ,MAAM,YAAY,GAAG,CAAC,CAAC;AAChD,QAAMC,qBAAgB,uBAAQ,MAAM;AAClC,WAAO,OAAO,YAAY,eAAe,QAAQ,IAAI,6BAA6B;AAAA,EACpF,GAAG,CAAC,CAAC;AAEL,QAAM,WAAO,2BAAY,CAAC,MAAc,YAAmC;AACzE,QAAI,UAAU;AAEZ,aAAO,SAAS,OAAO,aAAa,MAAM,QAAQ;AAAA,IACpD,OAAO;AAEL,aAAO,KAAK,MAAM,OAAO;AAAA,IAC3B;AAAA,EACF,GAAG,CAAC,QAAQ,QAAQ,CAAC;AAErB,QAAM,cAAU,2BAAY,CAAC,MAAc,YAAmC;AAC5E,QAAI,UAAU;AAEZ,aAAO,SAAS,QAAQ,aAAa,MAAM,QAAQ,CAAC;AAAA,IACtD,OAAO;AAEL,aAAO,QAAQ,MAAM,OAAO;AAAA,IAC9B;AAAA,EACF,GAAG,CAAC,QAAQ,QAAQ,CAAC;AAerB,QAAM,eAAW,2BAAY,CAAC,SAAiB;AAC7C,WAAO,SAAS,OAAO,aAAa,MAAM,QAAQ;AAAA,EACpD,GAAG,CAAC,QAAQ,CAAC;AAcb,QAAM,kBAAc,2BAAY,CAAC,SAAiB;AAChD,WAAO,SAAS,QAAQ,aAAa,MAAM,QAAQ,CAAC;AAAA,EACtD,GAAG,CAAC,QAAQ,CAAC;AAEb,QAAM,eAAW,2BAAY,CAAC,SAAiB;AAE7C,WAAO,SAAS,IAAI;AAAA,EACtB,GAAG,CAAC,MAAM,CAAC;AAEX,QAAM,WAAO,2BAAY,MAAM;AAC7B,WAAO,KAAK;AAAA,EACd,GAAG,CAAC,MAAM,CAAC;AAEX,QAAM,cAAU,2BAAY,MAAM;AAChC,WAAO,QAAQ;AAAA,EACjB,GAAG,CAAC,MAAM,CAAC;AAEX,QAAM,cAAU,2BAAY,MAAM;AAChC,WAAO,QAAQ;AAAA,EACjB,GAAG,CAAC,MAAM,CAAC;AAEX,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF;AAzFgB;;;AC7ChB,IAAAC,qBAA4B;AAC5B,IAAAC,gBAA4C;AAerC,SAAS,iBAAkC;AAChD,QAAM,eAAW,gCAAY;AAC7B,QAAM,CAAC,aAAa,cAAc,QAAI,wBAA0B,MAAM;AACpE,QAAI,OAAO,WAAW,aAAa;AACjC,aAAO,IAAI,gBAAgB;AAAA,IAC7B;AACA,WAAO,IAAI,gBAAgB,OAAO,SAAS,MAAM;AAAA,EACnD,CAAC;AACD,QAAM,oBAAgB,sBAAe,EAAE;AAEvC,+BAAU,MAAM;AACd,QAAI,OAAO,WAAW,YAAa;AAEnC,UAAM,oBAAoB,6BAAM;AAC9B,YAAM,gBAAgB,OAAO,SAAS;AACtC,UAAI,kBAAkB,cAAc,SAAS;AAC3C,sBAAc,UAAU;AACxB,uBAAe,IAAI,gBAAgB,aAAa,CAAC;AAAA,MACnD;AAAA,IACF,GAN0B;AAS1B,sBAAkB;AAGlB,WAAO,iBAAiB,YAAY,iBAAiB;AAMrD,UAAM,WAAW,OAAO,QAAQ;AAChC,UAAM,cAAc,OAAO,QAAQ;AACnC,WAAO,QAAQ,YAAY,YAAa,MAAM;AAC5C,YAAM,SAAS,SAAS,MAAM,MAAM,IAAI;AACxC,wBAAkB;AAClB,aAAO;AAAA,IACT;AACA,WAAO,QAAQ,eAAe,YAAa,MAAM;AAC/C,YAAM,SAAS,YAAY,MAAM,MAAM,IAAI;AAC3C,wBAAkB;AAClB,aAAO;AAAA,IACT;AAEA,WAAO,MAAM;AACX,aAAO,oBAAoB,YAAY,iBAAiB;AACxD,aAAO,QAAQ,YAAY;AAC3B,aAAO,QAAQ,eAAe;AAAA,IAChC;AAAA,EACF,GAAG,CAAC,QAAQ,CAAC;AAEb,SAAO;AACT;AApDgB;;;AC/BhB,IAAAC,gBAAyD;AAIzD,IAAM,kBAAkB,wBAAC,MAAsB;AAC7C,MAAI,KAAK,EAAG,QAAO;AACnB,QAAM,IAAI,KAAK,MAAM,IAAI,EAAE;AAC3B,SAAO,IAAI,IAAI,GAAG,CAAC,IAAI,OAAO,IAAI,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,KAAK,GAAG,CAAC;AACjE,GAJwB;AAYjB,IAAM,mBAAmB,wBAC9B,oBAAoB,OACO;AAC3B,QAAM,CAAC,YAAY,aAAa,QAAI,wBAAS,iBAAiB;AAC9D,QAAM,CAAC,KAAK,MAAM,QAAI,wBAAS,EAAE;AACjC,QAAM,CAAC,WAAW,YAAY,QAAI,wBAAS,KAAK;AAChD,QAAM,CAAC,eAAe,gBAAgB,QAAI,wBAAS,IAAI;AACvD,QAAM,CAAC,MAAM,OAAO,QAAI,wBAAmB,YAAY;AACvD,QAAM,CAAC,OAAO,QAAQ,QAAI,wBAAS,EAAE;AACrC,QAAM,CAAC,SAAS,UAAU,QAAI,wBAA6B,IAAI;AAG/D,QAAM,CAAC,oBAAoB,qBAAqB,QAAI,wBAAwB,IAAI;AAChF,QAAM,CAAC,iBAAiB,kBAAkB,QAAI,wBAAS,KAAK;AAC5D,QAAM,CAAC,eAAe,gBAAgB,QAAI,wBAAS,EAAE;AACrD,QAAM,CAAC,eAAe,gBAAgB,QAAI,wBAAS,KAAK;AAGxD,QAAM,CAAC,kBAAkB,mBAAmB,QAAI,wBAAS,CAAC;AAC1D,QAAM,wBAAoB,sBAA8C,IAAI;AAE5E,QAAM,8BAA0B,2BAAY,CAAC,YAAoB;AAC/D,QAAI,kBAAkB,QAAS,eAAc,kBAAkB,OAAO;AACtE,wBAAoB,OAAO;AAC3B,sBAAkB,UAAU,YAAY,MAAM;AAC5C,0BAAoB,CAAC,SAAS;AAC5B,YAAI,QAAQ,GAAG;AACb,wBAAc,kBAAkB,OAAQ;AACxC,4BAAkB,UAAU;AAC5B,iBAAO;AAAA,QACT;AACA,eAAO,OAAO;AAAA,MAChB,CAAC;AAAA,IACH,GAAG,GAAI;AAAA,EACT,GAAG,CAAC,CAAC;AAEL,+BAAU,MAAM,MAAM;AACpB,QAAI,kBAAkB,QAAS,eAAc,kBAAkB,OAAO;AAAA,EACxE,GAAG,CAAC,CAAC;AAEL,QAAM,iBAAa,2BAAY,MAAM,SAAS,EAAE,GAAG,CAAC,CAAC;AAErD,SAAO;AAAA;AAAA,IAEL;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,eAAe,mBAAmB;AAAA,IAClC,gBAAgB,gBAAgB,gBAAgB;AAAA,IAChD;AAAA;AAAA,IAEA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF,GAzEgC;;;AChBhC,IAAAC,gBAA4B;AAI5B,IAAM,cAAc;AAEb,IAAM,oBAAoB,6BAA0B;AACzD,QAAMC,0BAAqB,2BAAY,CAAC,OAAwB;AAC9D,WAAO,YAAY,KAAK,EAAE;AAAA,EAC5B,GAAG,CAAC,CAAC;AAEL,SAAO,EAAE,oBAAAA,oBAAmB;AAC9B,GANiC;AAQ1B,IAAM,qBAAqB,wBAAC,OAAwB,YAAY,KAAK,EAAE,GAA5C;;;ACdlC,IAAAC,gBAA+C;;;ACF/C,IAAAC,kBAA8B;AAoBvB,IAAM,aAAS,+BAAc;AAAA,EAClC,OAAO,YAAY;AACrB,CAAC,EAAE,QAAQ,KAAK;AAGhB,iBAAiB,CAAC,UAAU;AAC1B,SAAO,QAAQ;AACjB,CAAC;AAKM,IAAM,aAAa,OAAO,QAAQ,MAAM;;;AC9B/C,IAAAC,qBAA4B;AAC5B,IAAAC,gBAAkC;;;ACW3B,IAAM,gBAAgB,wBAAC,SAA4C;AACxE,MAAI,CAAC,KAAM,QAAO;AAClB,QAAM,gBAAgB,KAAK,QAAQ,uBAAuB,EAAE;AAC5D,QAAM,UAAU,cAAc,QAAQ,QAAQ,EAAE;AAChD,SAAO,WAAW;AACpB,GAL6B;AAWtB,IAAM,oBAAoB,wBAC/B,UACA,iBACY;AACZ,QAAM,aAAa,cAAc,QAAQ;AACzC,SAAO,aAAa;AAAA,IAClB,CAAC,MAAM,eAAe,KAAK,WAAW,WAAW,IAAI,GAAG;AAAA,EAC1D;AACF,GARiC;;;ADA1B,IAAM,cAAc,wBAAC,UAA8B,CAAC,MAAM;AAC/D,QAAM,EAAE,eAAe,aAAa,MAAM,eAAe,CAAC,OAAO,EAAE,IAAI;AACvE,QAAM,cAAc,eAAe;AACnC,QAAM,eAAW,gCAAY;AAC7B,QAAM,SAAS,aAAa;AAI5B,QAAM,gBAAgB,kBAAkB,UAAU,YAAY;AAE9D,QAAM,WAAW,YAAY,IAAI,KAAK,KAAK;AAC3C,QAAM,aAAa,YAAY,IAAI,OAAO,KAAK;AAC/C,QAAM,SAAS,CAAC,CAAC;AACjB,QAAM,UAAU,CAAC,CAAC,YAAY,UAAU;AACxC,QAAM,WAAW,SAAS,WAAW,eAAe;AAKpD,QAAM,uBAAmB,sBAAO,aAAa;AAC7C,mBAAiB,UAAU;AAK3B,+BAAU,MAAM;AACd,QAAI,CAAC,WAAW,CAAC,SAAU;AAG3B,eAAW,KAAK,qCAAqC,QAAQ;AAC7D,qBAAiB,UAAU,UAAU,UAAU;AAAA,EACjD,GAAG,CAAC,SAAS,UAAU,UAAU,UAAU,CAAC;AAQ5C,+BAAU,MAAM;AACd,QAAI,CAAC,WAAW,CAAC,cAAc,CAAC,SAAU;AAC1C,UAAM,aAAa,OAAO,YAAY,YAAY,QAAQ,CAAC;AAC3D,WAAO,WAAW;AAClB,WAAO,WAAW;AAClB,UAAM,cAAc,IAAI,gBAAgB,UAAU,EAAE,SAAS;AAC7D,UAAM,eAAe,OAAO,WAAW,cAAc,OAAO,SAAS,WAAW;AAChF,WAAO,QAAQ,cAAc,GAAG,YAAY,IAAI,WAAW,KAAK,YAAY;AAAA,EAE9E,GAAG,CAAC,SAAS,YAAY,QAAQ,CAAC;AAElC,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF,GAvD2B;;;AEvB3B,IAAAC,gBAAsC;;;ACoBtC,IAAM,wBAAwB,wBAAC,MAAgB,KAAa,UAAyB;AACnF,MAAI,OAAO,UAAU,YAAY,iBAAiB,MAAM;AACtD,SAAK,OAAO,KAAK,KAAK;AAAA,EACxB,WAAW,iBAAiB,MAAM;AAChC,SAAK,OAAO,KAAK,MAAM,YAAY,CAAC;AAAA,EACtC,OAAO;AACL,SAAK,OAAO,KAAK,KAAK,UAAU,KAAK,CAAC;AAAA,EACxC;AACF,GAR8B;AAkBvB,IAAM,yBAAyB;AAAA,EACpC,gBAAgB,wBAAC,SAA4B;AAC3C,UAAM,OAAO,IAAI,SAAS;AAE1B,WAAO,QAAQ,IAA+B,EAAE,QAAQ,CAAC,CAAC,KAAK,KAAK,MAAM;AACxE,UAAI,UAAU,UAAa,UAAU,MAAM;AACzC;AAAA,MACF;AACA,UAAI,MAAM,QAAQ,KAAK,GAAG;AACxB,cAAM,QAAQ,CAAC,MAAM,sBAAsB,MAAM,KAAK,CAAC,CAAC;AAAA,MAC1D,OAAO;AACL,8BAAsB,MAAM,KAAK,KAAK;AAAA,MACxC;AAAA,IACF,CAAC;AAED,WAAO;AAAA,EACT,GAfgB;AAgBlB;AAEO,IAAM,qBAAqB;AAAA,EAChC,gBAAgB,wBAAC,SACf,KAAK,UAAU,MAAM,CAAC,MAAM,UAAW,OAAO,UAAU,WAAW,MAAM,SAAS,IAAI,KAAM,GAD9E;AAElB;;;AClBA,IAAM,mBAAyC;AAAA,EAC7C,QAAQ;AAAA,EACR,WAAW;AAAA,EACX,QAAQ;AAAA,EACR,SAAS;AACX;AACA,IAAM,gBAAgB,OAAO,QAAQ,gBAAgB;;;AC+B9C,SAAS,gBAAiC;AAAA,EAC/C;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,GAAG;AACL,GAA2D;AACzD,MAAI;AAEJ,QAAM,QAAQ,eAAe,CAAC,OAAe,IAAI,QAAQ,CAAC,YAAY,WAAW,SAAS,EAAE,CAAC;AAE7F,QAAM,eAAe,0CAAmB;AACtC,QAAI,aAAqB,wBAAwB;AACjD,QAAI,UAAU;AACd,UAAM,SAAS,QAAQ,UAAU,IAAI,gBAAgB,EAAE;AAEvD,WAAO,MAAM;AACX,UAAI,OAAO,QAAS;AAEpB;AAEA,YAAM,UACJ,QAAQ,mBAAmB,UACvB,QAAQ,UACR,IAAI,QAAQ,QAAQ,OAA6C;AAEvE,UAAI,gBAAgB,QAAW;AAC7B,gBAAQ,IAAI,iBAAiB,WAAW;AAAA,MAC1C;AAEA,UAAI;AACF,cAAM,cAA2B;AAAA,UAC/B,UAAU;AAAA,UACV,GAAG;AAAA,UACH,MAAM,QAAQ;AAAA,UACd;AAAA,UACA;AAAA,QACF;AACA,YAAI,UAAU,IAAI,QAAQ,KAAK,WAAW;AAC1C,YAAI,WAAW;AACb,oBAAU,MAAM,UAAU,KAAK,WAAW;AAAA,QAC5C;AAGA,cAAM,SAAS,QAAQ,SAAS,WAAW;AAC3C,cAAM,WAAW,MAAM,OAAO,OAAO;AAErC,YAAI,CAAC,SAAS,GAAI,OAAM,IAAI,MAAM,eAAe,SAAS,MAAM,IAAI,SAAS,UAAU,EAAE;AAEzF,YAAI,CAAC,SAAS,KAAM,OAAM,IAAI,MAAM,yBAAyB;AAE7D,cAAM,SAAS,SAAS,KAAK,YAAY,IAAI,kBAAkB,CAAC,EAAE,UAAU;AAE5E,YAAI,SAAS;AAEb,cAAM,eAAe,6BAAM;AACzB,cAAI;AACF,mBAAO,OAAO;AAAA,UAChB,QAAQ;AAAA,UAER;AAAA,QACF,GANqB;AAQrB,eAAO,iBAAiB,SAAS,YAAY;AAE7C,YAAI;AACF,iBAAO,MAAM;AACX,kBAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAAO,KAAK;AAC1C,gBAAI,KAAM;AACV,sBAAU;AACV,qBAAS,OAAO,QAAQ,UAAU,IAAI;AAEtC,kBAAM,SAAS,OAAO,MAAM,MAAM;AAClC,qBAAS,OAAO,IAAI,KAAK;AAEzB,uBAAW,SAAS,QAAQ;AAC1B,oBAAM,QAAQ,MAAM,MAAM,IAAI;AAC9B,oBAAM,YAA2B,CAAC;AAClC,kBAAI;AAEJ,yBAAW,QAAQ,OAAO;AACxB,oBAAI,KAAK,WAAW,OAAO,GAAG;AAC5B,4BAAU,KAAK,KAAK,QAAQ,aAAa,EAAE,CAAC;AAAA,gBAC9C,WAAW,KAAK,WAAW,QAAQ,GAAG;AACpC,8BAAY,KAAK,QAAQ,cAAc,EAAE;AAAA,gBAC3C,WAAW,KAAK,WAAW,KAAK,GAAG;AACjC,gCAAc,KAAK,QAAQ,WAAW,EAAE;AAAA,gBAC1C,WAAW,KAAK,WAAW,QAAQ,GAAG;AACpC,wBAAM,SAAS,OAAO,SAAS,KAAK,QAAQ,cAAc,EAAE,GAAG,EAAE;AACjE,sBAAI,CAAC,OAAO,MAAM,MAAM,GAAG;AACzB,iCAAa;AAAA,kBACf;AAAA,gBACF;AAAA,cACF;AAEA,kBAAI;AACJ,kBAAI,aAAa;AAEjB,kBAAI,UAAU,QAAQ;AACpB,sBAAM,UAAU,UAAU,KAAK,IAAI;AACnC,oBAAI;AACF,yBAAO,KAAK,MAAM,OAAO;AACzB,+BAAa;AAAA,gBACf,QAAQ;AACN,yBAAO;AAAA,gBACT;AAAA,cACF;AAEA,kBAAI,YAAY;AACd,oBAAI,mBAAmB;AACrB,wBAAM,kBAAkB,IAAI;AAAA,gBAC9B;AAEA,oBAAI,qBAAqB;AACvB,yBAAO,MAAM,oBAAoB,IAAI;AAAA,gBACvC;AAAA,cACF;AAEA,2BAAa;AAAA,gBACX;AAAA,gBACA,OAAO;AAAA,gBACP,IAAI;AAAA,gBACJ,OAAO;AAAA,cACT,CAAC;AAED,kBAAI,UAAU,QAAQ;AACpB,sBAAM;AAAA,cACR;AAAA,YACF;AAAA,UACF;AAAA,QACF,UAAE;AACA,iBAAO,oBAAoB,SAAS,YAAY;AAChD,iBAAO,YAAY;AAAA,QACrB;AAEA;AAAA,MACF,SAAS,OAAO;AAEd,qBAAa,KAAK;AAElB,YAAI,wBAAwB,UAAa,WAAW,qBAAqB;AACvE;AAAA,QACF;AAGA,cAAM,UAAU,KAAK,IAAI,aAAa,MAAM,UAAU,IAAI,oBAAoB,GAAK;AACnF,cAAM,MAAM,OAAO;AAAA,MACrB;AAAA,IACF;AAAA,EACF,GA1IqB;AA4IrB,QAAM,SAAS,aAAa;AAE5B,SAAO,EAAE,OAAO;AAClB;AAhKgB;;;ACtDT,IAAM,wBAAwB,wBAAC,UAAsD;AAC1F,UAAQ,OAAO;AAAA,IACb,KAAK;AACH,aAAO;AAAA,IACT,KAAK;AACH,aAAO;AAAA,IACT,KAAK;AACH,aAAO;AAAA,IACT;AACE,aAAO;AAAA,EACX;AACF,GAXqC;AAa9B,IAAM,0BAA0B,wBAAC,UAAkD;AACxF,UAAQ,OAAO;AAAA,IACb,KAAK;AACH,aAAO;AAAA,IACT,KAAK;AACH,aAAO;AAAA,IACT,KAAK;AACH,aAAO;AAAA,IACT;AACE,aAAO;AAAA,EACX;AACF,GAXuC;AAahC,IAAM,yBAAyB,wBAAC,UAAuD;AAC5F,UAAQ,OAAO;AAAA,IACb,KAAK;AACH,aAAO;AAAA,IACT,KAAK;AACH,aAAO;AAAA,IACT,KAAK;AACH,aAAO;AAAA,IACT;AACE,aAAO;AAAA,EACX;AACF,GAXsC;AAa/B,IAAM,sBAAsB,wBAAC;AAAA,EAClC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,MAEc;AACZ,MAAI,CAAC,SAAS;AACZ,UAAMC,iBACJ,gBAAgB,QAAQ,MAAM,IAAI,CAAC,MAAM,mBAAmB,CAAW,CAAC,GACxE,KAAK,wBAAwB,KAAK,CAAC;AACrC,YAAQ,OAAO;AAAA,MACb,KAAK;AACH,eAAO,IAAIA,aAAY;AAAA,MACzB,KAAK;AACH,eAAO,IAAI,IAAI,IAAIA,aAAY;AAAA,MACjC,KAAK;AACH,eAAOA;AAAA,MACT;AACE,eAAO,GAAG,IAAI,IAAIA,aAAY;AAAA,IAClC;AAAA,EACF;AAEA,QAAM,YAAY,sBAAsB,KAAK;AAC7C,QAAM,eAAe,MAClB,IAAI,CAAC,MAAM;AACV,QAAI,UAAU,WAAW,UAAU,UAAU;AAC3C,aAAO,gBAAgB,IAAI,mBAAmB,CAAW;AAAA,IAC3D;AAEA,WAAO,wBAAwB;AAAA,MAC7B;AAAA,MACA;AAAA,MACA,OAAO;AAAA,IACT,CAAC;AAAA,EACH,CAAC,EACA,KAAK,SAAS;AACjB,SAAO,UAAU,WAAW,UAAU,WAAW,YAAY,eAAe;AAC9E,GAxCmC;AA0C5B,IAAM,0BAA0B,wBAAC;AAAA,EACtC;AAAA,EACA;AAAA,EACA;AACF,MAAuC;AACrC,MAAI,UAAU,UAAa,UAAU,MAAM;AACzC,WAAO;AAAA,EACT;AAEA,MAAI,OAAO,UAAU,UAAU;AAC7B,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AAEA,SAAO,GAAG,IAAI,IAAI,gBAAgB,QAAQ,mBAAmB,KAAK,CAAC;AACrE,GAhBuC;AAkBhC,IAAM,uBAAuB,wBAAC;AAAA,EACnC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,MAGc;AACZ,MAAI,iBAAiB,MAAM;AACzB,WAAO,YAAY,MAAM,YAAY,IAAI,GAAG,IAAI,IAAI,MAAM,YAAY,CAAC;AAAA,EACzE;AAEA,MAAI,UAAU,gBAAgB,CAAC,SAAS;AACtC,QAAI,SAAmB,CAAC;AACxB,WAAO,QAAQ,KAAK,EAAE,QAAQ,CAAC,CAAC,KAAK,CAAC,MAAM;AAC1C,eAAS,CAAC,GAAG,QAAQ,KAAK,gBAAiB,IAAe,mBAAmB,CAAW,CAAC;AAAA,IAC3F,CAAC;AACD,UAAMA,gBAAe,OAAO,KAAK,GAAG;AACpC,YAAQ,OAAO;AAAA,MACb,KAAK;AACH,eAAO,GAAG,IAAI,IAAIA,aAAY;AAAA,MAChC,KAAK;AACH,eAAO,IAAIA,aAAY;AAAA,MACzB,KAAK;AACH,eAAO,IAAI,IAAI,IAAIA,aAAY;AAAA,MACjC;AACE,eAAOA;AAAA,IACX;AAAA,EACF;AAEA,QAAM,YAAY,uBAAuB,KAAK;AAC9C,QAAM,eAAe,OAAO,QAAQ,KAAK,EACtC;AAAA,IAAI,CAAC,CAAC,KAAK,CAAC,MACX,wBAAwB;AAAA,MACtB;AAAA,MACA,MAAM,UAAU,eAAe,GAAG,IAAI,IAAI,GAAG,MAAM;AAAA,MACnD,OAAO;AAAA,IACT,CAAC;AAAA,EACH,EACC,KAAK,SAAS;AACjB,SAAO,UAAU,WAAW,UAAU,WAAW,YAAY,eAAe;AAC9E,GA5CoC;;;AC/G7B,IAAM,gBAAwB;AAE9B,IAAM,wBAAwB,wBAAC,EAAE,MAAM,KAAK,KAAK,MAA8B;AACpF,MAAI,MAAM;AACV,QAAM,UAAU,KAAK,MAAM,aAAa;AACxC,MAAI,SAAS;AACX,eAAW,SAAS,SAAS;AAC3B,UAAI,UAAU;AACd,UAAI,OAAO,MAAM,UAAU,GAAG,MAAM,SAAS,CAAC;AAC9C,UAAI,QAA6B;AAEjC,UAAI,KAAK,SAAS,GAAG,GAAG;AACtB,kBAAU;AACV,eAAO,KAAK,UAAU,GAAG,KAAK,SAAS,CAAC;AAAA,MAC1C;AAEA,UAAI,KAAK,WAAW,GAAG,GAAG;AACxB,eAAO,KAAK,UAAU,CAAC;AACvB,gBAAQ;AAAA,MACV,WAAW,KAAK,WAAW,GAAG,GAAG;AAC/B,eAAO,KAAK,UAAU,CAAC;AACvB,gBAAQ;AAAA,MACV;AAEA,YAAM,QAAQ,KAAK,IAAI;AAEvB,UAAI,UAAU,UAAa,UAAU,MAAM;AACzC;AAAA,MACF;AAEA,UAAI,MAAM,QAAQ,KAAK,GAAG;AACxB,cAAM,IAAI,QAAQ,OAAO,oBAAoB,EAAE,SAAS,MAAM,OAAO,MAAM,CAAC,CAAC;AAC7E;AAAA,MACF;AAEA,UAAI,OAAO,UAAU,UAAU;AAC7B,cAAM,IAAI;AAAA,UACR;AAAA,UACA,qBAAqB;AAAA,YACnB;AAAA,YACA;AAAA,YACA;AAAA,YACA;AAAA,YACA,WAAW;AAAA,UACb,CAAC;AAAA,QACH;AACA;AAAA,MACF;AAEA,UAAI,UAAU,UAAU;AACtB,cAAM,IAAI;AAAA,UACR;AAAA,UACA,IAAI,wBAAwB;AAAA,YAC1B;AAAA,YACA;AAAA,UACF,CAAC,CAAC;AAAA,QACJ;AACA;AAAA,MACF;AAEA,YAAM,eAAe;AAAA,QACnB,UAAU,UAAU,IAAI,KAAe,KAAM;AAAA,MAC/C;AACA,YAAM,IAAI,QAAQ,OAAO,YAAY;AAAA,IACvC;AAAA,EACF;AACA,SAAO;AACT,GAjEqC;AAmE9B,IAAM,SAAS,wBAAC;AAAA,EACrB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,KAAK;AACP,MAMc;AACZ,QAAM,UAAU,KAAK,WAAW,GAAG,IAAI,OAAO,IAAI,IAAI;AACtD,MAAI,OAAO,WAAW,MAAM;AAC5B,MAAI,MAAM;AACR,UAAM,sBAAsB,EAAE,MAAM,IAAI,CAAC;AAAA,EAC3C;AACA,MAAI,SAAS,QAAQ,gBAAgB,KAAK,IAAI;AAC9C,MAAI,OAAO,WAAW,GAAG,GAAG;AAC1B,aAAS,OAAO,UAAU,CAAC;AAAA,EAC7B;AACA,MAAI,QAAQ;AACV,WAAO,IAAI,MAAM;AAAA,EACnB;AACA,SAAO;AACT,GA1BsB;AA4Bf,SAAS,oBAAoB,SAIxB;AACV,QAAM,UAAU,QAAQ,SAAS;AACjC,QAAM,mBAAmB,WAAW,QAAQ;AAE5C,MAAI,kBAAkB;AACpB,QAAI,oBAAoB,SAAS;AAC/B,YAAM,oBACJ,QAAQ,mBAAmB,UAAa,QAAQ,mBAAmB;AAErE,aAAO,oBAAoB,QAAQ,iBAAiB;AAAA,IACtD;AAGA,WAAO,QAAQ,SAAS,KAAK,QAAQ,OAAO;AAAA,EAC9C;AAGA,MAAI,SAAS;AACX,WAAO,QAAQ;AAAA,EACjB;AAGA,SAAO;AACT;AA3BgB;;;ACpFT,IAAM,eAAe,8BAC1BC,OACA,aACgC;AAChC,QAAM,QAAQ,OAAO,aAAa,aAAa,MAAM,SAASA,KAAI,IAAI;AAEtE,MAAI,CAAC,OAAO;AACV;AAAA,EACF;AAEA,MAAIA,MAAK,WAAW,UAAU;AAC5B,WAAO,UAAU,KAAK;AAAA,EACxB;AAEA,MAAIA,MAAK,WAAW,SAAS;AAC3B,WAAO,SAAS,KAAK,KAAK,CAAC;AAAA,EAC7B;AAEA,SAAO;AACT,GAnB4B;;;ACfrB,IAAM,wBAAwB,wBAAc;AAAA,EACjD,aAAa,CAAC;AAAA,EACd,GAAG;AACL,IAA4B,CAAC,MAAoC;AAC/D,QAAM,kBAAkB,wBAAC,gBAA2B;AAClD,UAAM,SAAmB,CAAC;AAC1B,QAAI,eAAe,OAAO,gBAAgB,UAAU;AAClD,iBAAW,QAAQ,aAAa;AAC9B,cAAM,QAAQ,YAAY,IAAI;AAE9B,YAAI,UAAU,UAAa,UAAU,MAAM;AACzC;AAAA,QACF;AAEA,cAAM,UAAU,WAAW,IAAI,KAAK;AAEpC,YAAI,MAAM,QAAQ,KAAK,GAAG;AACxB,gBAAM,kBAAkB,oBAAoB;AAAA,YAC1C,eAAe,QAAQ;AAAA,YACvB,SAAS;AAAA,YACT;AAAA,YACA,OAAO;AAAA,YACP;AAAA,YACA,GAAG,QAAQ;AAAA,UACb,CAAC;AACD,cAAI,gBAAiB,QAAO,KAAK,eAAe;AAAA,QAClD,WAAW,OAAO,UAAU,UAAU;AACpC,gBAAM,mBAAmB,qBAAqB;AAAA,YAC5C,eAAe,QAAQ;AAAA,YACvB,SAAS;AAAA,YACT;AAAA,YACA,OAAO;AAAA,YACP;AAAA,YACA,GAAG,QAAQ;AAAA,UACb,CAAC;AACD,cAAI,iBAAkB,QAAO,KAAK,gBAAgB;AAAA,QACpD,OAAO;AACL,gBAAM,sBAAsB,wBAAwB;AAAA,YAClD,eAAe,QAAQ;AAAA,YACvB;AAAA,YACA;AAAA,UACF,CAAC;AACD,cAAI,oBAAqB,QAAO,KAAK,mBAAmB;AAAA,QAC1D;AAAA,MACF;AAAA,IACF;AACA,WAAO,OAAO,KAAK,GAAG;AAAA,EACxB,GA3CwB;AA4CxB,SAAO;AACT,GAjDqC;AAsD9B,IAAM,aAAa,wBAAC,gBAAmE;AAC5F,MAAI,CAAC,aAAa;AAGhB,WAAO;AAAA,EACT;AAEA,QAAM,eAAe,YAAY,MAAM,GAAG,EAAE,CAAC,GAAG,KAAK;AAErD,MAAI,CAAC,cAAc;AACjB;AAAA,EACF;AAEA,MAAI,aAAa,WAAW,kBAAkB,KAAK,aAAa,SAAS,OAAO,GAAG;AACjF,WAAO;AAAA,EACT;AAEA,MAAI,iBAAiB,uBAAuB;AAC1C,WAAO;AAAA,EACT;AAEA,MACE,CAAC,gBAAgB,UAAU,UAAU,QAAQ,EAAE,KAAK,CAAC,SAAS,aAAa,WAAW,IAAI,CAAC,GAC3F;AACA,WAAO;AAAA,EACT;AAEA,MAAI,aAAa,WAAW,OAAO,GAAG;AACpC,WAAO;AAAA,EACT;AAEA;AACF,GAhC0B;AAkC1B,IAAM,oBAAoB,wBACxB,SAGA,SACY;AACZ,MAAI,CAAC,MAAM;AACT,WAAO;AAAA,EACT;AACA,MACE,QAAQ,QAAQ,IAAI,IAAI,KACxB,QAAQ,QAAQ,IAAI,KACpB,QAAQ,QAAQ,IAAI,QAAQ,GAAG,SAAS,GAAG,IAAI,GAAG,GAClD;AACA,WAAO;AAAA,EACT;AACA,SAAO;AACT,GAjB0B;AAmB1B,eAAsB,cACpB,SAGe;AACf,aAAWC,SAAQ,QAAQ,YAAY,CAAC,GAAG;AACzC,QAAI,kBAAkB,SAASA,MAAK,IAAI,GAAG;AACzC;AAAA,IACF;AAEA,UAAM,QAAQ,MAAM,aAAaA,OAAM,QAAQ,IAAI;AAEnD,QAAI,CAAC,OAAO;AACV;AAAA,IACF;AAEA,UAAM,OAAOA,MAAK,QAAQ;AAE1B,YAAQA,MAAK,IAAI;AAAA,MACf,KAAK;AACH,YAAI,CAAC,QAAQ,OAAO;AAClB,kBAAQ,QAAQ,CAAC;AAAA,QACnB;AACA,gBAAQ,MAAM,IAAI,IAAI;AACtB;AAAA,MACF,KAAK;AACH,gBAAQ,QAAQ,OAAO,UAAU,GAAG,IAAI,IAAI,KAAK,EAAE;AACnD;AAAA,MACF,KAAK;AAAA,MACL;AACE,gBAAQ,QAAQ,IAAI,MAAM,KAAK;AAC/B;AAAA,IACJ;AAAA,EACF;AACF;AAlCsB;AAoCf,IAAM,WAA+B,wBAAC,YAC3C,OAAO;AAAA,EACL,SAAS,QAAQ;AAAA,EACjB,MAAM,QAAQ;AAAA,EACd,OAAO,QAAQ;AAAA,EACf,iBACE,OAAO,QAAQ,oBAAoB,aAC/B,QAAQ,kBACR,sBAAsB,QAAQ,eAAe;AAAA,EACnD,KAAK,QAAQ;AACf,CAAC,GAVyC;AAYrC,IAAM,eAAe,wBAAC,GAAW,MAAsB;AAC5D,QAAM,SAAS,EAAE,GAAG,GAAG,GAAG,EAAE;AAC5B,MAAI,OAAO,SAAS,SAAS,GAAG,GAAG;AACjC,WAAO,UAAU,OAAO,QAAQ,UAAU,GAAG,OAAO,QAAQ,SAAS,CAAC;AAAA,EACxE;AACA,SAAO,UAAU,aAAa,EAAE,SAAS,EAAE,OAAO;AAClD,SAAO;AACT,GAP4B;AAS5B,IAAM,iBAAiB,wBAAC,YAA8C;AACpE,QAAM,UAAmC,CAAC;AAC1C,UAAQ,QAAQ,CAAC,OAAO,QAAQ;AAC9B,YAAQ,KAAK,CAAC,KAAK,KAAK,CAAC;AAAA,EAC3B,CAAC;AACD,SAAO;AACT,GANuB;AAQhB,IAAM,eAAe,2BACvB,YACS;AACZ,QAAM,gBAAgB,IAAI,QAAQ;AAClC,aAAW,UAAU,SAAS;AAC5B,QAAI,CAAC,QAAQ;AACX;AAAA,IACF;AAEA,UAAM,WAAW,kBAAkB,UAAU,eAAe,MAAM,IAAI,OAAO,QAAQ,MAAM;AAE3F,eAAW,CAAC,KAAK,KAAK,KAAK,UAAU;AACnC,UAAI,UAAU,MAAM;AAClB,sBAAc,OAAO,GAAG;AAAA,MAC1B,WAAW,MAAM,QAAQ,KAAK,GAAG;AAC/B,mBAAW,KAAK,OAAO;AACrB,wBAAc,OAAO,KAAK,CAAW;AAAA,QACvC;AAAA,MACF,WAAW,UAAU,QAAW;AAG9B,sBAAc;AAAA,UACZ;AAAA,UACA,OAAO,UAAU,WAAW,KAAK,UAAU,KAAK,IAAK;AAAA,QACvD;AAAA,MACF;AAAA,IACF;AAAA,EACF;AACA,SAAO;AACT,GA7B4B;AAgD5B,IAAM,eAAN,MAAgC;AAAA,EAzOhC,OAyOgC;AAAA;AAAA;AAAA,EAC9B,MAAiC,CAAC;AAAA,EAElC,QAAc;AACZ,SAAK,MAAM,CAAC;AAAA,EACd;AAAA,EAEA,MAAM,IAAgC;AACpC,UAAM,QAAQ,KAAK,oBAAoB,EAAE;AACzC,QAAI,KAAK,IAAI,KAAK,GAAG;AACnB,WAAK,IAAI,KAAK,IAAI;AAAA,IACpB;AAAA,EACF;AAAA,EAEA,OAAO,IAAmC;AACxC,UAAM,QAAQ,KAAK,oBAAoB,EAAE;AACzC,WAAO,QAAQ,KAAK,IAAI,KAAK,CAAC;AAAA,EAChC;AAAA,EAEA,oBAAoB,IAAkC;AACpD,QAAI,OAAO,OAAO,UAAU;AAC1B,aAAO,KAAK,IAAI,EAAE,IAAI,KAAK;AAAA,IAC7B;AACA,WAAO,KAAK,IAAI,QAAQ,EAAE;AAAA,EAC5B;AAAA,EAEA,OAAO,IAA0B,IAA+C;AAC9E,UAAM,QAAQ,KAAK,oBAAoB,EAAE;AACzC,QAAI,KAAK,IAAI,KAAK,GAAG;AACnB,WAAK,IAAI,KAAK,IAAI;AAClB,aAAO;AAAA,IACT;AACA,WAAO;AAAA,EACT;AAAA,EAEA,IAAI,IAAyB;AAC3B,SAAK,IAAI,KAAK,EAAE;AAChB,WAAO,KAAK,IAAI,SAAS;AAAA,EAC3B;AACF;AAQO,IAAM,qBAAqB,8BAK5B;AAAA,EACJ,OAAO,IAAI,aAAqD;AAAA,EAChE,SAAS,IAAI,aAA2C;AAAA,EACxD,UAAU,IAAI,aAAgD;AAChE,IATkC;AAWlC,IAAM,yBAAyB,sBAAsB;AAAA,EACnD,eAAe;AAAA,EACf,OAAO;AAAA,IACL,SAAS;AAAA,IACT,OAAO;AAAA,EACT;AAAA,EACA,QAAQ;AAAA,IACN,SAAS;AAAA,IACT,OAAO;AAAA,EACT;AACF,CAAC;AAED,IAAM,iBAAiB;AAAA,EACrB,gBAAgB;AAClB;AAEO,IAAM,eAAe,wBAC1B,WAAqD,CAAC,OACR;AAAA,EAC9C,GAAG;AAAA,EACH,SAAS;AAAA,EACT,SAAS;AAAA,EACT,iBAAiB;AAAA,EACjB,GAAG;AACL,IAR4B;;;AC9RrB,IAAM,eAAe,wBAAC,SAAiB,CAAC,MAAc;AAC3D,MAAI,UAAU,aAAa,aAAa,GAAG,MAAM;AAEjD,QAAM,YAAY,8BAAe,EAAE,GAAG,QAAQ,IAA5B;AAElB,QAAM,YAAY,wBAACC,YAA2B;AAC5C,cAAU,aAAa,SAASA,OAAM;AACtC,WAAO,UAAU;AAAA,EACnB,GAHkB;AAKlB,QAAM,eAAe,mBAAuE;AAE5F,QAAM,gBAAgB,8BAMpB,YACG;AACH,UAAM,OAAO;AAAA,MACX,GAAG;AAAA,MACH,GAAG;AAAA,MACH,OAAO,QAAQ,SAAS,QAAQ,SAAS,WAAW;AAAA,MACpD,SAAS,aAAa,QAAQ,SAAS,QAAQ,OAAO;AAAA,MACtD,gBAAgB;AAAA,IAClB;AAEA,QAAI,KAAK,UAAU;AACjB,YAAM,cAAc,IAAI;AAAA,IAC1B;AAEA,QAAI,KAAK,kBAAkB;AACzB,YAAM,KAAK,iBAAiB,IAAI;AAAA,IAClC;AAEA,QAAI,KAAK,SAAS,UAAa,KAAK,gBAAgB;AAClD,WAAK,iBAAiB,KAAK,eAAe,KAAK,IAAI;AAAA,IACrD;AAGA,QAAI,KAAK,SAAS,UAAa,KAAK,mBAAmB,IAAI;AACzD,WAAK,QAAQ,OAAO,cAAc;AAAA,IACpC;AAEA,UAAM,eAAe;AAErB,UAAM,MAAM,SAAS,YAAY;AAEjC,WAAO,EAAE,MAAM,cAAc,IAAI;AAAA,EACnC,GAtCsB;AAwCtB,QAAM,UAA6B,8BAAO,YAAY;AACpD,UAAM,eAAe,QAAQ,gBAAgB,QAAQ;AACrD,UAAM,gBAAgB,QAAQ,iBAAiB,QAAQ;AAEvD,QAAIC;AACJ,QAAI;AAEJ,QAAI;AACF,YAAM,EAAE,MAAM,IAAI,IAAI,MAAM,cAAc,OAAO;AACjD,YAAM,cAAuB;AAAA,QAC3B,UAAU;AAAA,QACV,GAAG;AAAA,QACH,MAAM,oBAAoB,IAAI;AAAA,MAChC;AAEA,MAAAA,WAAU,IAAI,QAAQ,KAAK,WAAW;AAEtC,iBAAW,MAAM,aAAa,QAAQ,KAAK;AACzC,YAAI,IAAI;AACN,UAAAA,WAAU,MAAM,GAAGA,UAAS,IAAI;AAAA,QAClC;AAAA,MACF;AAIA,YAAM,SAAS,KAAK;AAEpB,iBAAW,MAAM,OAAOA,QAAO;AAE/B,iBAAW,MAAM,aAAa,SAAS,KAAK;AAC1C,YAAI,IAAI;AACN,qBAAW,MAAM,GAAG,UAAUA,UAAS,IAAI;AAAA,QAC7C;AAAA,MACF;AAEA,YAAM,SAAS;AAAA,QACb,SAAAA;AAAA,QACA;AAAA,MACF;AAEA,UAAI,SAAS,IAAI;AACf,cAAM,WACH,KAAK,YAAY,SACd,WAAW,SAAS,QAAQ,IAAI,cAAc,CAAC,IAC/C,KAAK,YAAY;AAEvB,YAAI,SAAS,WAAW,OAAO,SAAS,QAAQ,IAAI,gBAAgB,MAAM,KAAK;AAC7E,cAAI;AACJ,kBAAQ,SAAS;AAAA,YACf,KAAK;AAAA,YACL,KAAK;AAAA,YACL,KAAK;AACH,0BAAY,MAAM,SAAS,OAAO,EAAE;AACpC;AAAA,YACF,KAAK;AACH,0BAAY,IAAI,SAAS;AACzB;AAAA,YACF,KAAK;AACH,0BAAY,SAAS;AACrB;AAAA,YACF,KAAK;AAAA,YACL;AACE,0BAAY,CAAC;AACb;AAAA,UACJ;AACA,iBAAO,KAAK,kBAAkB,SAC1B,YACA;AAAA,YACE,MAAM;AAAA,YACN,GAAG;AAAA,UACL;AAAA,QACN;AAEA,YAAI;AACJ,gBAAQ,SAAS;AAAA,UACf,KAAK;AAAA,UACL,KAAK;AAAA,UACL,KAAK;AAAA,UACL,KAAK;AACH,mBAAO,MAAM,SAAS,OAAO,EAAE;AAC/B;AAAA,UACF,KAAK,QAAQ;AAGX,kBAAM,OAAO,MAAM,SAAS,KAAK;AACjC,mBAAO,OAAO,KAAK,MAAM,IAAI,IAAI,CAAC;AAClC;AAAA,UACF;AAAA,UACA,KAAK;AACH,mBAAO,KAAK,kBAAkB,SAC1B,SAAS,OACT;AAAA,cACE,MAAM,SAAS;AAAA,cACf,GAAG;AAAA,YACL;AAAA,QACR;AAEA,YAAI,YAAY,QAAQ;AACtB,cAAI,KAAK,mBAAmB;AAC1B,kBAAM,KAAK,kBAAkB,IAAI;AAAA,UACnC;AAEA,cAAI,KAAK,qBAAqB;AAC5B,mBAAO,MAAM,KAAK,oBAAoB,IAAI;AAAA,UAC5C;AAAA,QACF;AAEA,eAAO,KAAK,kBAAkB,SAC1B,OACA;AAAA,UACE;AAAA,UACA,GAAG;AAAA,QACL;AAAA,MACN;AAEA,YAAM,YAAY,MAAM,SAAS,KAAK;AACtC,UAAI;AAEJ,UAAI;AACF,oBAAY,KAAK,MAAM,SAAS;AAAA,MAClC,QAAQ;AAAA,MAER;AAEA,YAAM,aAAa;AAAA,IACrB,SAAS,OAAO;AACd,UAAI,aAAa;AAEjB,iBAAW,MAAM,aAAa,MAAM,KAAK;AACvC,YAAI,IAAI;AACN,uBAAa,MAAM,GAAG,YAAY,UAAUA,UAAS,OAAiC;AAAA,QACxF;AAAA,MACF;AAEA,mBAAa,cAAc,CAAC;AAE5B,UAAI,cAAc;AAChB,cAAM;AAAA,MACR;AAGA,aAAO,kBAAkB,SACrB,SACA;AAAA,QACE,OAAO;AAAA,QACP,SAAAA;AAAA,QACA;AAAA,MACF;AAAA,IACN;AAAA,EACF,GArJmC;AAuJnC,QAAM,eAAe,wBAAC,WAAkC,CAAC,YACvD,QAAQ,EAAE,GAAG,SAAS,OAAO,CAAC,GADX;AAGrB,QAAM,YAAY,wBAAC,WAAkC,OAAO,YAA4B;AACtF,UAAM,EAAE,MAAM,IAAI,IAAI,MAAM,cAAc,OAAO;AACjD,WAAO,gBAAgB;AAAA,MACrB,GAAG;AAAA,MACH,MAAM,KAAK;AAAA,MACX;AAAA,MACA,WAAW,8BAAOC,MAAK,SAAS;AAC9B,YAAID,WAAU,IAAI,QAAQC,MAAK,IAAI;AACnC,mBAAW,MAAM,aAAa,QAAQ,KAAK;AACzC,cAAI,IAAI;AACN,YAAAD,WAAU,MAAM,GAAGA,UAAS,IAAI;AAAA,UAClC;AAAA,QACF;AACA,eAAOA;AAAA,MACT,GARW;AAAA,MASX,gBAAgB,oBAAoB,IAAI;AAAA,MACxC;AAAA,IACF,CAAC;AAAA,EACH,GAlBkB;AAoBlB,QAAM,YAAgC,wBAAC,YAAY,SAAS,EAAE,GAAG,SAAS,GAAG,QAAQ,CAAC,GAAhD;AAEtC,SAAO;AAAA,IACL,UAAU;AAAA,IACV,SAAS,aAAa,SAAS;AAAA,IAC/B,QAAQ,aAAa,QAAQ;AAAA,IAC7B,KAAK,aAAa,KAAK;AAAA,IACvB;AAAA,IACA,MAAM,aAAa,MAAM;AAAA,IACzB;AAAA,IACA,SAAS,aAAa,SAAS;AAAA,IAC/B,OAAO,aAAa,OAAO;AAAA,IAC3B,MAAM,aAAa,MAAM;AAAA,IACzB,KAAK,aAAa,KAAK;AAAA,IACvB;AAAA,IACA;AAAA,IACA,KAAK;AAAA,MACH,SAAS,UAAU,SAAS;AAAA,MAC5B,QAAQ,UAAU,QAAQ;AAAA,MAC1B,KAAK,UAAU,KAAK;AAAA,MACpB,MAAM,UAAU,MAAM;AAAA,MACtB,SAAS,UAAU,SAAS;AAAA,MAC5B,OAAO,UAAU,OAAO;AAAA,MACxB,MAAM,UAAU,MAAM;AAAA,MACtB,KAAK,UAAU,KAAK;AAAA,MACpB,OAAO,UAAU,OAAO;AAAA,IAC1B;AAAA,IACA,OAAO,aAAa,OAAO;AAAA,EAC7B;AACF,GA/P4B;;;ACNrB,IAAM,SAAiB,aAAa,aAA6B,EAAE,SAAS,wBAAwB,CAAC,CAAC;AAI7G,oBAAoB,MAAM;;;ACmGnB,IAAM,mBAAN,MAAuB;AAAA,EAtH9B,OAsH8B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAM1B,OAAc,gCAAsE,SAAsJ;AACtO,YAAQ,SAAS,UAAU,QAAQ,IAAqE;AAAA,MACpG,UAAU;AAAA,QACN,EAAE,MAAM,aAAa,MAAM,SAAS;AAAA,QACpC,EAAE,QAAQ,UAAU,MAAM,OAAO;AAAA,QACjC,EAAE,MAAM,iBAAiB,MAAM,SAAS;AAAA,MAC5C;AAAA,MACA,KAAK;AAAA,MACL,GAAG;AAAA,IACP,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAc,iCAAuE,SAAsL;AACvQ,YAAQ,QAAQ,UAAU,QAAQ,KAAsG;AAAA,MACpI,UAAU;AAAA,QACN,EAAE,MAAM,aAAa,MAAM,SAAS;AAAA,QACpC,EAAE,QAAQ,UAAU,MAAM,OAAO;AAAA,QACjC,EAAE,MAAM,iBAAiB,MAAM,SAAS;AAAA,MAC5C;AAAA,MACA,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,QAAQ;AAAA,MACf;AAAA,IACJ,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAc,sCAA4E,SAAsM;AAC5R,YAAQ,SAAS,UAAU,QAAQ,KAAgH;AAAA,MAC/I,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,SAAS;AAAA,MAChB;AAAA,IACJ,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAc,qCAA2E,SAAkM;AACvR,YAAQ,QAAQ,UAAU,QAAQ,KAA8G;AAAA,MAC5I,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,QAAQ;AAAA,MACf;AAAA,IACJ,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAc,kCAAwE,SAA0J;AAC5O,YAAQ,SAAS,UAAU,QAAQ,IAAuE,EAAE,KAAK,kCAAkC,GAAG,QAAQ,CAAC;AAAA,EACnK;AACJ;AAEO,IAAM,cAAN,MAAkB;AAAA,EAvMzB,OAuMyB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAIrB,OAAc,4BAAkE,SAAuK;AACnP,YAAQ,QAAQ,UAAU,QAAQ,KAA4F;AAAA,MAC1H,UAAU;AAAA,QACN,EAAE,MAAM,aAAa,MAAM,SAAS;AAAA,QACpC,EAAE,QAAQ,UAAU,MAAM,OAAO;AAAA,QACjC,EAAE,MAAM,iBAAiB,MAAM,SAAS;AAAA,MAC5C;AAAA,MACA,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,QAAQ;AAAA,MACf;AAAA,IACJ,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,OAAc,2BAAiE,SAAoK;AAC/O,YAAQ,QAAQ,UAAU,QAAQ,KAA0F;AAAA,MACxH,UAAU;AAAA,QACN,EAAE,MAAM,aAAa,MAAM,SAAS;AAAA,QACpC,EAAE,QAAQ,UAAU,MAAM,OAAO;AAAA,QACjC,EAAE,MAAM,iBAAiB,MAAM,SAAS;AAAA,MAC5C;AAAA,MACA,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,QAAQ;AAAA,MACf;AAAA,IACJ,CAAC;AAAA,EACL;AACJ;AAEO,IAAM,qBAAN,MAAyB;AAAA,EAtPhC,OAsPgC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAM5B,OAAc,2BAAiE,SAAqK;AAChP,YAAQ,SAAS,UAAU,QAAQ,IAAyF;AAAA,MACxH,UAAU,CAAC,EAAE,QAAQ,UAAU,MAAM,OAAO,GAAG;AAAA,QACvC,IAAI;AAAA,QACJ,MAAM;AAAA,QACN,MAAM;AAAA,MACV,CAAC;AAAA,MACL,KAAK;AAAA,MACL,GAAG;AAAA,IACP,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAc,+BAAqE,SAAiL;AAChQ,YAAQ,SAAS,UAAU,QAAQ,KAAkG;AAAA,MACjI,GAAG;AAAA,MACH,UAAU;AAAA,QACN,EAAE,MAAM,aAAa,MAAM,SAAS;AAAA,QACpC,EAAE,QAAQ,UAAU,MAAM,OAAO;AAAA,QACjC,EAAE,MAAM,iBAAiB,MAAM,SAAS;AAAA,MAC5C;AAAA,MACA,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,SAAS;AAAA,MAChB;AAAA,IACJ,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAiBA,OAAc,+BAAqE,SAAiL;AAChQ,YAAQ,SAAS,UAAU,QAAQ,KAAkG;AAAA,MACjI,UAAU,CAAC,EAAE,QAAQ,UAAU,MAAM,OAAO,GAAG;AAAA,QACvC,IAAI;AAAA,QACJ,MAAM;AAAA,QACN,MAAM;AAAA,MACV,CAAC;AAAA,MACL,KAAK;AAAA,MACL,GAAG;AAAA,IACP,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAc,uCAA6E,SAAyM;AAChS,YAAQ,SAAS,UAAU,QAAQ,MAAmH;AAAA,MAClJ,UAAU,CAAC,EAAE,QAAQ,UAAU,MAAM,OAAO,GAAG;AAAA,QACvC,IAAI;AAAA,QACJ,MAAM;AAAA,QACN,MAAM;AAAA,MACV,CAAC;AAAA,MACL,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,SAAS;AAAA,MAChB;AAAA,IACJ,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAc,gCAAsE,SAAoL;AACpQ,YAAQ,SAAS,UAAU,QAAQ,IAAmG;AAAA,MAClI,UAAU,CAAC,EAAE,QAAQ,UAAU,MAAM,OAAO,GAAG;AAAA,QACvC,IAAI;AAAA,QACJ,MAAM;AAAA,QACN,MAAM;AAAA,MACV,CAAC;AAAA,MACL,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,SAAS;AAAA,MAChB;AAAA,IACJ,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAc,sCAA4E,SAAsM;AAC5R,YAAQ,SAAS,UAAU,QAAQ,MAAiH;AAAA,MAChJ,UAAU,CAAC,EAAE,QAAQ,UAAU,MAAM,OAAO,GAAG;AAAA,QACvC,IAAI;AAAA,QACJ,MAAM;AAAA,QACN,MAAM;AAAA,MACV,CAAC;AAAA,MACL,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,SAAS;AAAA,MAChB;AAAA,IACJ,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAc,+BAAqE,SAAiL;AAChQ,YAAQ,SAAS,UAAU,QAAQ,IAAiG;AAAA,MAChI,UAAU,CAAC,EAAE,QAAQ,UAAU,MAAM,OAAO,GAAG;AAAA,QACvC,IAAI;AAAA,QACJ,MAAM;AAAA,QACN,MAAM;AAAA,MACV,CAAC;AAAA,MACL,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,SAAS;AAAA,MAChB;AAAA,IACJ,CAAC;AAAA,EACL;AACJ;AAEO,IAAM,kBAAN,MAAsB;AAAA,EA9Y7B,OA8Y6B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQzB,OAAc,gCAAsE,SAAqJ;AACrO,YAAQ,QAAQ,UAAU,QAAQ,KAAsE;AAAA,MACpG,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,QAAQ;AAAA,MACf;AAAA,IACJ,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,OAAc,8BAAoE,SAAiJ;AAC/N,YAAQ,QAAQ,UAAU,QAAQ,KAAoE;AAAA,MAClG,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,QAAQ;AAAA,MACf;AAAA,IACJ,CAAC;AAAA,EACL;AACJ;AA4DO,IAAM,UAAN,MAAc;AAAA,EAhfrB,OAgfqB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAIjB,OAAc,uBAA6D,SAAoI;AAC3M,YAAQ,SAAS,UAAU,QAAQ,IAA4D;AAAA,MAC3F,UAAU;AAAA,QACN,EAAE,MAAM,aAAa,MAAM,SAAS;AAAA,QACpC,EAAE,QAAQ,UAAU,MAAM,OAAO;AAAA,QACjC,EAAE,MAAM,iBAAiB,MAAM,SAAS;AAAA,MAC5C;AAAA,MACA,KAAK;AAAA,MACL,GAAG;AAAA,IACP,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAc,sBAA4D,SAAiI;AACvM,YAAQ,QAAQ,UAAU,QAAQ,OAA8D;AAAA,MAC5F,UAAU;AAAA,QACN,EAAE,MAAM,aAAa,MAAM,SAAS;AAAA,QACpC,EAAE,QAAQ,UAAU,MAAM,OAAO;AAAA,QACjC,EAAE,MAAM,iBAAiB,MAAM,SAAS;AAAA,MAC5C;AAAA,MACA,KAAK;AAAA,MACL,GAAG;AAAA,IACP,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAc,qBAA2D,SAAkJ;AACvN,YAAQ,QAAQ,UAAU,QAAQ,KAA8E;AAAA,MAC5G,UAAU;AAAA,QACN,EAAE,MAAM,aAAa,MAAM,SAAS;AAAA,QACpC,EAAE,QAAQ,UAAU,MAAM,OAAO;AAAA,QACjC,EAAE,MAAM,iBAAiB,MAAM,SAAS;AAAA,MAC5C;AAAA,MACA,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,QAAQ;AAAA,MACf;AAAA,IACJ,CAAC;AAAA,EACL;AACJ;AAEO,IAAM,eAAN,MAAmB;AAAA,EAviB1B,OAuiB0B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAMtB,OAAc,mBAAyD,SAA6I;AAChN,YAAQ,SAAS,UAAU,QAAQ,KAA0E;AAAA,MACzG,UAAU;AAAA,QACN,EAAE,MAAM,aAAa,MAAM,SAAS;AAAA,QACpC,EAAE,QAAQ,UAAU,MAAM,OAAO;AAAA,QACjC,EAAE,MAAM,iBAAiB,MAAM,SAAS;AAAA,MAC5C;AAAA,MACA,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,SAAS;AAAA,MAChB;AAAA,IACJ,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAc,0BAAgE,SAAiK;AAC3O,YAAQ,QAAQ,UAAU,QAAQ,KAAwF;AAAA,MACtH,UAAU;AAAA,QACN,EAAE,MAAM,aAAa,MAAM,SAAS;AAAA,QACpC,EAAE,QAAQ,UAAU,MAAM,OAAO;AAAA,QACjC,EAAE,MAAM,iBAAiB,MAAM,SAAS;AAAA,MAC5C;AAAA,MACA,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,QAAQ;AAAA,MACf;AAAA,IACJ,CAAC;AAAA,EACL;AACJ;AAEO,IAAM,gBAAN,MAAoB;AAAA,EAnlB3B,OAmlB2B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAMvB,OAAc,oBAA0D,SAA+I;AACnN,YAAQ,QAAQ,UAAU,QAAQ,KAA4E;AAAA,MAC1G,UAAU;AAAA,QACN,EAAE,MAAM,aAAa,MAAM,SAAS;AAAA,QACpC,EAAE,QAAQ,UAAU,MAAM,OAAO;AAAA,QACjC,EAAE,MAAM,iBAAiB,MAAM,SAAS;AAAA,MAC5C;AAAA,MACA,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,QAAQ;AAAA,MACf;AAAA,IACJ,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAc,0BAAgE,SAAiK;AAC3O,YAAQ,QAAQ,UAAU,QAAQ,KAAwF;AAAA,MACtH,UAAU;AAAA,QACN,EAAE,MAAM,aAAa,MAAM,SAAS;AAAA,QACpC,EAAE,QAAQ,UAAU,MAAM,OAAO;AAAA,QACjC,EAAE,MAAM,iBAAiB,MAAM,SAAS;AAAA,MAC5C;AAAA,MACA,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,QAAQ;AAAA,MACf;AAAA,IACJ,CAAC;AAAA,EACL;AACJ;;;ACrnBO,IAAK,iBAAL,kBAAKE,oBAAL;AACL,EAAAA,gBAAA,sBAAmB;AACnB,EAAAA,gBAAA,wBAAqB;AACrB,EAAAA,gBAAA,0BAAuB;AACvB,EAAAA,gBAAA,0BAAuB;AACvB,EAAAA,gBAAA,wBAAqB;AACrB,EAAAA,gBAAA,6BAA0B;AAC1B,EAAAA,gBAAA,iBAAc;AACd,EAAAA,gBAAA,sBAAmB;AACnB,EAAAA,gBAAA,qBAAkB;AATR,SAAAA;AAAA,GAAA;AAYL,IAAK,oBAAL,kBAAKC,uBAAL;AACL,EAAAA,mBAAA,UAAO;AADG,SAAAA;AAAA,GAAA;AAkBL,IAAM,YAAY;AAAA;AAAA;AAAA;AAAA,EAIvB,MAAM,WAA+B,QAA+B;AAClE,QAAI,OAAO;AACT,cAAQ,IAAI,eAAe,WAAW,MAAM;AAAA,IAC9C;AAAA,EAIF;AAAA;AAAA;AAAA;AAAA,EAKA,QAAQ,QAAgB;AACtB,QAAI,OAAO;AACT,cAAQ,IAAI,yBAAyB,MAAM;AAAA,IAC7C;AAAA,EAIF;AACF;;;AC5DA,IAAAC,gBAAyB;AAUlB,SAAS,kBAAqB,KAAa,cAAiB;AAEjE,QAAM,CAAC,aAAa,cAAc,QAAI,wBAAY,MAAM;AACtD,QAAI,OAAO,WAAW,aAAa;AACjC,aAAO;AAAA,IACT;AAEA,QAAI;AACF,YAAM,OAAO,OAAO,eAAe,QAAQ,GAAG;AAC9C,aAAO,OAAO,KAAK,MAAM,IAAI,IAAI;AAAA,IACnC,SAAS,OAAO;AACd,iBAAW,MAAM,qCAAqC,GAAG,MAAM,KAAK;AACpE,aAAO;AAAA,IACT;AAAA,EACF,CAAC;AAGD,QAAM,gBAAgB,wBAAC,SAAuB;AAC5C,QAAI;AACF,YAAM,aAAa,KAAK,UAAU,IAAI;AACtC,YAAM,cAAc,IAAI,KAAK,CAAC,UAAU,CAAC,EAAE;AAC3C,YAAM,WAAW,cAAc;AAG/B,UAAI,WAAW,MAAM;AACnB,mBAAW,KAAK,cAAc,SAAS,QAAQ,CAAC,CAAC,kCAAkC,GAAG,GAAG;AACzF,eAAO;AAAA,MACT;AAEA,aAAO;AAAA,IACT,SAAS,OAAO;AACd,iBAAW,MAAM,qCAAqC,GAAG,MAAM,KAAK;AACpE,aAAO;AAAA,IACT;AAAA,EACF,GAjBsB;AAoBtB,QAAM,eAAe,6BAAM;AACzB,QAAI;AACF,YAAM,OAAO,OAAO,KAAK,cAAc,EAAE,OAAO,CAAAC,SAAOA,QAAO,OAAOA,SAAQ,QAAQ;AAErF,UAAI,KAAK,SAAS,IAAI;AACpB,cAAM,gBAAgB,KAAK,KAAK,KAAK,SAAS,GAAG;AACjD,iBAAS,IAAI,GAAG,IAAI,eAAe,KAAK;AACtC,cAAI;AACF,kBAAMA,OAAM,KAAK,CAAC;AAClB,gBAAIA,MAAK;AACP,6BAAe,WAAWA,IAAG;AAC7B,6BAAe,WAAW,GAAGA,IAAG,YAAY;AAAA,YAC9C;AAAA,UACF,QAAQ;AAAA,UAER;AAAA,QACF;AAAA,MACF;AAAA,IACF,SAAS,OAAO;AACd,iBAAW,MAAM,2CAA2C,KAAK;AAAA,IACnE;AAAA,EACF,GArBqB;AAwBrB,QAAM,gBAAgB,6BAAM;AAC1B,QAAI;AACF,YAAM,OAAO,OAAO,KAAK,cAAc;AACvC,iBAAWA,QAAO,MAAM;AACtB,YAAI;AACF,yBAAe,WAAWA,IAAG;AAAA,QAC/B,QAAQ;AAAA,QAER;AAAA,MACF;AAAA,IACF,SAAS,OAAO;AACd,iBAAW,MAAM,wCAAwC,KAAK;AAAA,IAChE;AAAA,EACF,GAbsB;AAgBtB,QAAM,WAAW,wBAAC,UAA+B;AAC/C,QAAI;AACF,YAAM,eAAe,iBAAiB,WAAW,MAAM,WAAW,IAAI;AAGtE,UAAI,CAAC,cAAc,YAAY,GAAG;AAChC,mBAAW,KAAK,gCAAgC,GAAG,iBAAiB;AAEpE,YAAI;AACF,iBAAO,eAAe,WAAW,GAAG;AACpC,iBAAO,eAAe,WAAW,GAAG,GAAG,YAAY;AAAA,QACrD,QAAQ;AAAA,QAER;AAEA,uBAAe,YAAY;AAC3B;AAAA,MACF;AAEA,qBAAe,YAAY;AAE3B,UAAI,OAAO,WAAW,aAAa;AAEjC,YAAI;AACF,iBAAO,eAAe,QAAQ,KAAK,KAAK,UAAU,YAAY,CAAC;AAE/D,iBAAO,eAAe,QAAQ,GAAG,GAAG,cAAc,KAAK,IAAI,EAAE,SAAS,CAAC;AAAA,QACzE,SAAS,cAAmB;AAE1B,cAAI,aAAa,SAAS,wBACtB,aAAa,SAAS,MACtB,aAAa,SAAS,SAAS,OAAO,GAAG;AAC3C,uBAAW,KAAK,qDAAqD;AACrE,yBAAa;AAGb,gBAAI;AACF,qBAAO,eAAe,QAAQ,KAAK,KAAK,UAAU,YAAY,CAAC;AAC/D,qBAAO,eAAe,QAAQ,GAAG,GAAG,cAAc,KAAK,IAAI,EAAE,SAAS,CAAC;AAAA,YACzE,SAAS,YAAY;AACnB,yBAAW,MAAM,qCAAqC,GAAG,8BAA8B,UAAU;AAEjG,kBAAI;AACF,8BAAc;AACd,uBAAO,eAAe,QAAQ,KAAK,KAAK,UAAU,YAAY,CAAC;AAC/D,uBAAO,eAAe,QAAQ,GAAG,GAAG,cAAc,KAAK,IAAI,EAAE,SAAS,CAAC;AAAA,cACzE,SAAS,YAAY;AACnB,2BAAW,MAAM,qCAAqC,GAAG,2BAA2B,UAAU;AAE9F,+BAAe,YAAY;AAAA,cAC7B;AAAA,YACF;AAAA,UACF,OAAO;AACL,kBAAM;AAAA,UACR;AAAA,QACF;AAAA,MACF;AAAA,IACF,SAAS,OAAO;AACd,iBAAW,MAAM,qCAAqC,GAAG,MAAM,KAAK;AAEpE,YAAM,eAAe,iBAAiB,WAAW,MAAM,WAAW,IAAI;AACtE,qBAAe,YAAY;AAAA,IAC7B;AAAA,EACF,GA/DiB;AAkEjB,QAAM,cAAc,6BAAM;AACxB,QAAI;AACF,qBAAe,YAAY;AAC3B,UAAI,OAAO,WAAW,aAAa;AACjC,YAAI;AACF,iBAAO,eAAe,WAAW,GAAG;AACpC,iBAAO,eAAe,WAAW,GAAG,GAAG,YAAY;AAAA,QACrD,SAAS,aAAkB;AAEzB,cAAI,YAAY,SAAS,wBACrB,YAAY,SAAS,MACrB,YAAY,SAAS,SAAS,OAAO,GAAG;AAC1C,uBAAW,KAAK,oEAAoE;AACpF,yBAAa;AAEb,gBAAI;AACF,qBAAO,eAAe,WAAW,GAAG;AACpC,qBAAO,eAAe,WAAW,GAAG,GAAG,YAAY;AAAA,YACrD,SAAS,YAAY;AACnB,yBAAW,MAAM,wCAAwC,GAAG,qBAAqB,UAAU;AAE3F,4BAAc;AAAA,YAChB;AAAA,UACF,OAAO;AACL,kBAAM;AAAA,UACR;AAAA,QACF;AAAA,MACF;AAAA,IACF,SAAS,OAAO;AACd,iBAAW,MAAM,sCAAsC,GAAG,MAAM,KAAK;AAAA,IACvE;AAAA,EACF,GA/BoB;AAiCpB,SAAO,CAAC,aAAa,UAAU,WAAW;AAC5C;AAjLgB;;;ACVhB,IAAM,oBAAoB;AAW1B,IAAM,yBAAyB,6BAAc;AAC3C,MAAI,OAAO,WAAW,YAAa,QAAO;AAC1C,MAAI;AACF,UAAM,OAAO,OAAO,eAAe,QAAQ,iBAAiB;AAC5D,WAAO,OAAO,KAAK,MAAM,IAAI,IAAI;AAAA,EACnC,QAAQ;AACN,WAAO;AAAA,EACT;AACF,GAR+B;AAa/B,IAAM,2BAA2B,6BAAY;AAC3C,MAAI,OAAO,WAAW,YAAa;AACnC,MAAI;AACF,WAAO,eAAe,WAAW,iBAAiB;AAClD,WAAO,eAAe,WAAW,GAAG,iBAAiB,YAAY;AAAA,EACnE,QAAQ;AAAA,EAER;AACF,GARiC;AAc1B,IAAM,oBAAoB,6BAAqB,uBAAuB,KAAK,MAAjD;AAO1B,IAAM,uBAAuB,6BAAqB;AACvD,QAAM,SAAS,uBAAuB;AACtC,MAAI,OAAQ,0BAAyB;AACrC,SAAO,UAAU;AACnB,GAJoC;AAM7B,IAAM,yBAAyB,wBAAC,UAA+B,CAAC,MAAM;AAC3E,QAAM,EAAE,cAAc,cAAc,aAAa,KAAK,IAAI;AAC1D,QAAM,CAAC,aAAa,gBAAgB,iBAAiB,IAAI,kBAA0B,mBAAmB,EAAE;AAExG,QAAM,cAAc,wBAAC,QAAgB;AACnC,mBAAe,GAAG;AAAA,EACpB,GAFoB;AAIpB,QAAM,cAAc,6BAAM;AAExB,WAAO,uBAAuB,KAAK;AAAA,EACrC,GAHoB;AAKpB,QAAM,gBAAgB,6BAAM;AAC1B,sBAAkB;AAClB,6BAAyB;AAAA,EAC3B,GAHsB;AAKtB,QAAM,cAAc,6BAAM;AACxB,UAAM,SAAS,uBAAuB;AACtC,WAAO,OAAO,SAAS,KAAK,YAAY,SAAS;AAAA,EACnD,GAHoB;AAKpB,QAAM,sBAAsB,6BAAM;AAEhC,UAAM,SAAS,uBAAuB;AACtC,WAAO,UAAU,eAAe;AAAA,EAClC,GAJ4B;AAM5B,QAAM,sBAAsB,6BAAM;AAGhC,UAAM,SAAS,uBAAuB;AACtC,UAAM,WAAW,UAAU,eAAe;AAE1C,QAAI,YAAY;AACd,oBAAc;AAAA,IAChB;AACA,WAAO;AAAA,EACT,GAV4B;AAY5B,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF,GAlDsC;;;ACxCtC,IAAM,mBAAmB;AAclB,SAAS,sBAAsB,KAAc,UAA0B;AAC5E,MAAI,eAAe,UAAU;AAC3B,UAAM,OAAQ,IAAI,YAAY;AAC9B,QAAI,OAAO,MAAM,UAAU,SAAU,QAAO,KAAK;AACjD,QAAI,OAAO,MAAM,WAAW,SAAU,QAAO,KAAK;AAClD,QAAI,OAAO,MAAM,YAAY,SAAU,QAAO,KAAK;AACnD,WAAO,IAAI,gBAAgB,IAAI;AAAA,EACjC;AACA,MAAI,eAAe,MAAO,QAAO,IAAI;AACrC,SAAO;AACT;AAVgB;AAaT,SAAS,yBAAyB,KAA6B;AACpE,MAAI,eAAe,UAAU;AAC3B,UAAM,OAAQ,IAAI,YAAY;AAC9B,QAAI,OAAO,MAAM,uBAAuB,SAAU,QAAO,KAAK;AAAA,EAChE;AACA,SAAO;AACT;AANgB;AAST,SAAS,gBAAgB,MAAuB;AACrD,SAAO,CAAC,CAAC,QAAQ,KAAK,WAAW;AACnC;AAFgB;;;AdAT,IAAM,qBAAqB,wBAChC,UAAqC,CAAC,MACT;AAC7B,QAAM,EAAE,WAAW,SAAS,aAAa,eAAe,MAAM,IAAI;AAClE,QAAM,SAAS,aAAa;AAE5B,QAAM,CAAC,WAAW,YAAY,QAAI,wBAAS,KAAK;AAChD,QAAM,CAAC,OAAO,QAAQ,QAAI,wBAAwB,IAAI;AACtD,QAAM,CAAC,SAAS,UAAU,QAAI,wBAAwB,IAAI;AAC1D,QAAM,CAAC,sBAAsB,uBAAuB,QAAI,wBAAwB,IAAI;AACpF,QAAM,CAAC,mBAAmB,oBAAoB,QAAI,wBAAwB,IAAI;AAE9E,QAAM,iBAAa,2BAAY,MAAM;AACnC,aAAS,IAAI;AAAA,EACf,GAAG,CAAC,CAAC;AAEL,QAAM,oBAAgB,2BAAY,CAAC,aAM7B;AAEJ,SAAK,WAAW,EAAE,QAAQ,SAAS,cAAc,SAAS,SAAS,cAAc,CAAC;AAElF,QAAI,SAAS,SAAS;AACpB,iBAAW,SAAS,OAAO;AAAA,IAC7B;AACA,QAAI,SAAS,2BAA2B,QAAW;AACjD,8BAAwB,SAAS,sBAAsB;AAAA,IACzD;AAEA,cAAU,qDAAyC;AAAA,MACjD;AAAA,MACA,OAAO;AAAA,IACT,CAAC;AACD,QAAI,SAAS,MAAM,IAAI;AACrB,gBAAU,QAAQ,OAAO,SAAS,KAAK,EAAE,CAAC;AAAA,IAC5C;AAEA,gBAAY,SAAS,IAAI;AAGzB,QAAI,CAAC,cAAc;AACjB,YAAM,mBAAmB,qBAAqB,KAAK,eAAe;AAClE,iBAAW,KAAK,mCAAmC,gBAAgB;AACnE,aAAO,SAAS,gBAAgB;AAAA,IAClC;AAAA,EACF,GAAG,CAAC,WAAW,aAAa,QAAQ,YAAY,CAAC;AAEjD,QAAM,iBAAa,2BAAY,OAAO,WAAmB,SAAmC;AAC1F,QAAI,CAAC,WAAW;AACd,YAAM,MAAM;AACZ,eAAS,GAAG;AACZ,gBAAU,GAAG;AACb,aAAO;AAAA,IACT;AACA,QAAI,CAAC,gBAAgB,IAAI,GAAG;AAC1B,YAAM,MAAM;AACZ,eAAS,GAAG;AACZ,gBAAU,GAAG;AACb,aAAO;AAAA,IACT;AAEA,iBAAa,IAAI;AACjB,aAAS,IAAI;AAEb,QAAI;AACF,iBAAW,KAAK,wBAAwB;AAExC,YAAM,SAAS,MAAM,cAAc,oBAAoB;AAAA,QACrD,MAAM,EAAE,YAAY,WAAW,KAAK;AAAA,QACpC,cAAc;AAAA,MAChB,CAAC;AACD,YAAM,WAAW,OAAO;AAExB,UAAI,CAAC,SAAS,gBAAgB,CAAC,SAAS,eAAe;AACrD,cAAM,IAAI,MAAM,wCAAwC;AAAA,MAC1D;AAEA,oBAAc,QAAQ;AACtB,aAAO;AAAA,IACT,SAAS,KAAK;AACZ,iBAAW,MAAM,gCAAgC,GAAG;AACpD,YAAM,eAAe,sBAAsB,KAAK,2BAA2B;AAC3E,YAAM,WAAW,yBAAyB,GAAG;AAC7C,UAAI,aAAa,KAAM,sBAAqB,QAAQ;AACpD,eAAS,YAAY;AACrB,gBAAU,YAAY;AAEtB,gBAAU,yDAA2C;AAAA,QACnD;AAAA,QACA,OAAO;AAAA,MACT,CAAC;AACD,aAAO;AAAA,IACT,UAAE;AACA,mBAAa,KAAK;AAAA,IACpB;AAAA,EACF,GAAG,CAAC,eAAe,OAAO,CAAC;AAE3B,QAAM,uBAAmB,2BAAY,OAAO,WAAmB,eAAyC;AACtG,QAAI,CAAC,WAAW;AACd,YAAM,MAAM;AACZ,eAAS,GAAG;AACZ,gBAAU,GAAG;AACb,aAAO;AAAA,IACT;AACA,QAAI,CAAC,cAAc,WAAW,SAAS,GAAG;AACxC,YAAM,MAAM;AACZ,eAAS,GAAG;AACZ,gBAAU,GAAG;AACb,aAAO;AAAA,IACT;AAEA,iBAAa,IAAI;AACjB,aAAS,IAAI;AAEb,QAAI;AACF,iBAAW,KAAK,0BAA0B;AAE1C,YAAM,SAAS,MAAM,cAAc,0BAA0B;AAAA,QAC3D,MAAM;AAAA,UACJ,YAAY;AAAA,UACZ,aAAa,WAAW,QAAQ,QAAQ,EAAE;AAAA,QAC5C;AAAA,QACA,cAAc;AAAA,MAChB,CAAC;AACD,YAAM,WAAW,OAAO;AAExB,UAAI,CAAC,SAAS,gBAAgB,CAAC,SAAS,eAAe;AACrD,cAAM,IAAI,MAAM,gDAAgD;AAAA,MAClE;AAEA,oBAAc,QAAQ;AACtB,aAAO;AAAA,IACT,SAAS,KAAK;AACZ,iBAAW,MAAM,uCAAuC,GAAG;AAC3D,YAAM,eAAe,sBAAsB,KAAK,qBAAqB;AACrE,YAAM,WAAW,yBAAyB,GAAG;AAC7C,UAAI,aAAa,KAAM,sBAAqB,QAAQ;AACpD,eAAS,YAAY;AACrB,gBAAU,YAAY;AAEtB,gBAAU,yDAA2C;AAAA,QACnD;AAAA,QACA,OAAO;AAAA,MACT,CAAC;AACD,aAAO;AAAA,IACT,UAAE;AACA,mBAAa,KAAK;AAAA,IACpB;AAAA,EACF,GAAG,CAAC,eAAe,OAAO,CAAC;AAE3B,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF,GApKkC;;;AJhC3B,IAAM,cAAc,wBAAC,YAAgD;AAC1E,QAAM;AAAA,IACJ;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,yBAAyB;AAAA,IACzB,WAAW;AAAA,EACb,IAAI;AAGJ,QAAM,YAAY,iBAAiB;AACnC,QAAM,aAAa,kBAAkB;AAGrC,QAAM,6BAAyB,sBAAO,KAAK;AAK3C,QAAM,yBAAqB,sBAAsB,IAAI;AAGrD,QAAM;AAAA,IACJ;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,IAAI,QAAQ;AAGZ,QAAM;AAAA,IACJ;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,IAAI;AAGJ,QAAM,YAAY,mBAAmB;AAAA,IACnC,WAAW,6BAAM;AACf,iBAAW,KAAK,qDAAqD;AACrE,cAAQ,SAAS;AACjB,qBAAe;AAAA,IACjB,GAJW;AAAA,IAKX,SAAS,wBAAC,UAAU;AAClB,eAAS,KAAK;AACd,gBAAU,KAAK;AAAA,IACjB,GAHS;AAAA,IAIT;AAAA,IACA,cAAc;AAAA;AAAA,EAChB,CAAC;AAED,QAAM,EAAE,oBAAAC,oBAAmB,IAAI;AAM/B,QAAM,8BAA0B,2BAAY,CAAC,OAAe;AAC1D,cAAU,EAAE;AAAA,EACd,GAAG,CAAC,SAAS,CAAC;AAOd,+BAAU,MAAM;AACd,UAAM,aAAa,cAAc;AACjC,QAAI,YAAY;AACd,oBAAc,UAAU;AAAA,IAC1B;AAAA,EAEF,GAAG,CAAC,CAAC;AAML,QAAM,6BAAyB,2BAAY,OAAO,MAAuB;AACvE,MAAE,eAAe;AAEjB,QAAI,CAAC,YAAY;AACf,YAAM,MAAM;AACZ,eAAS,GAAG;AACZ,gBAAU,GAAG;AACb;AAAA,IACF;AAEA,QAAI,CAACA,oBAAmB,UAAU,GAAG;AACnC,YAAM,MAAM;AACZ,eAAS,GAAG;AACZ,gBAAU,GAAG;AACb;AAAA,IACF;AAEA,QAAI,0BAA0B,CAAC,eAAe;AAC5C,YAAM,MAAM;AACZ,eAAS,GAAG;AACZ,gBAAU,GAAG;AACb;AAAA,IACF;AAEA,iBAAa,IAAI;AACjB,eAAW;AAEX,QAAI;AACF,YAAM,SAAS,MAAM,WAAW,YAAY,SAAS;AAErD,UAAI,OAAO,SAAS;AAClB,gCAAwB,UAAU;AAClC,mBAAW,OAAO,WAAW,IAAI;AACjC,gBAAQ,KAAK;AACb,8BAAsB,UAAU;AAAA,MAClC,OAAO;AACL,YAAI,OAAO,YAAY;AACrB,kCAAwB,OAAO,UAAU;AACzC,qBAAW;AAAA,QACb,OAAO;AACL,mBAAS,OAAO,OAAO;AACvB,oBAAU,OAAO,OAAO;AAAA,QAC1B;AAAA,MACF;AAAA,IACF,QAAQ;AACN,YAAM,MAAM;AACZ,eAAS,GAAG;AACZ,gBAAU,GAAG;AAAA,IACf,UAAE;AACA,mBAAa,KAAK;AAAA,IACpB;AAAA,EACF,GAAG;AAAA,IACD;AAAA,IAAY;AAAA,IAAe;AAAA,IAC3BA;AAAA,IAAoB;AAAA,IAAY;AAAA,IAChC;AAAA,IAAU;AAAA,IAAc;AAAA,IAAS;AAAA,IAAY;AAAA,IAC7C;AAAA,IAAyB;AAAA,IAAqB;AAAA,IAAS;AAAA,EACzD,CAAC;AAGD,QAAM,gBAAY,2BAAY,OAC5B,kBACA,cACqB;AACrB,QAAI,CAAC,aAAa,UAAU,SAAS,eAAe,kBAAkB;AACpE,YAAM,MAAM,oBAAoB,eAAe,gBAAgB;AAC/D,eAAS,GAAG;AACZ,gBAAU,GAAG;AACb,aAAO;AAAA,IACT;AAEA,iBAAa,IAAI;AACjB,eAAW;AAEX,QAAI;AAEF,YAAM,SAAS,MAAM,UAAU,kBAAkB,WAAW,WAAW,aAAa,IAAI;AAGxF,UAAI,OAAO,gBAAgB,OAAO,YAAY;AAC5C,mBAAW,KAAK,qCAAqC;AACrD,8BAAsB,OAAO,UAAU;AACvC,2BAAmB,OAAO,qBAAqB,KAAK;AACpD,gBAAQ,KAAK;AACb,gCAAwB,gBAAgB;AACxC,eAAO;AAAA,MACT;AAEA,UAAI,OAAO,SAAS;AAClB,gCAAwB,gBAAgB;AAKxC,mBAAW,KAAK,qDAAqD;AACrE,gBAAQ,SAAS;AACjB,uBAAe;AACf,eAAO;AAAA,MACT,OAAO;AACL,iBAAS,OAAO,OAAO;AACvB,kBAAU,OAAO,OAAO;AACxB,eAAO;AAAA,MACT;AAAA,IACF,QAAQ;AACN,YAAM,MAAM;AACZ,eAAS,GAAG;AACZ,gBAAU,GAAG;AACb,aAAO;AAAA,IACT,UAAE;AACA,mBAAa,KAAK;AAAA,IACpB;AAAA,EACF,GAAG,CAAC,WAAW,yBAAyB,UAAU,cAAc,YAAY,cAAc,SAAS,WAAW,aAAa,uBAAuB,oBAAoB,OAAO,CAAC;AAE9K,QAAM,sBAAkB,2BAAY,OAAO,MAAuB;AAChE,MAAE,eAAe;AACjB,UAAM,UAAU,YAAY,GAAG;AAAA,EACjC,GAAG,CAAC,YAAY,KAAK,SAAS,CAAC;AAE/B,QAAM,sBAAkB,2BAAY,YAAY;AAC9C,iBAAa,IAAI;AACjB,eAAW;AAEX,QAAI;AACF,YAAM,SAAS,MAAM,WAAW,YAAY,SAAS;AAErD,UAAI,OAAO,SAAS;AAClB,gCAAwB,UAAU;AAClC,mBAAW,OAAO,WAAW,IAAI;AACjC,eAAO,EAAE;AAAA,MACX,OAAO;AACL,YAAI,OAAO,YAAY;AACrB,kCAAwB,OAAO,UAAU;AACzC,qBAAW;AAAA,QACb,OAAO;AACL,mBAAS,OAAO,OAAO;AACvB,oBAAU,OAAO,OAAO;AAAA,QAC1B;AAAA,MACF;AAAA,IACF,QAAQ;AACN,YAAM,MAAM;AACZ,eAAS,GAAG;AACZ,gBAAU,GAAG;AAAA,IACf,UAAE;AACA,mBAAa,KAAK;AAAA,IACpB;AAAA,EACF,GAAG,CAAC,YAAY,YAAY,yBAAyB,QAAQ,UAAU,cAAc,YAAY,yBAAyB,YAAY,SAAS,SAAS,CAAC;AAEzJ,QAAM,6BAAyB,2BAAY,MAAM;AAC/C,YAAQ,YAAY;AACpB,eAAW;AAAA,EACb,GAAG,CAAC,SAAS,UAAU,CAAC;AAExB,QAAM,mBAAe,2BAAY,MAAM;AACrC,YAAQ,KAAK;AACb,eAAW;AAAA,EACb,GAAG,CAAC,SAAS,UAAU,CAAC;AAMxB,QAAM,sBAAkB,2BAAY,OAAO,MAAuB;AAChE,MAAE,eAAe;AAEjB,QAAI,CAAC,oBAAoB;AACvB,YAAM,MAAM;AACZ,eAAS,GAAG;AACZ,gBAAU,GAAG;AACb;AAAA,IACF;AAEA,QAAI,eAAe;AACjB,YAAM,UAAU,iBAAiB,oBAAoB,aAAa;AAAA,IACpE,OAAO;AACL,YAAM,UAAU,WAAW,oBAAoB,aAAa;AAAA,IAC9D;AAAA,EACF,GAAG,CAAC,oBAAoB,eAAe,eAAe,WAAW,UAAU,OAAO,CAAC;AAEnF,QAAM,0BAAsB,2BAAY,MAAM;AAC5C,qBAAiB,IAAI;AACrB,qBAAiB,EAAE;AACnB,eAAW;AAAA,EACb,GAAG,CAAC,kBAAkB,kBAAkB,UAAU,CAAC;AAEnD,QAAM,oBAAgB,2BAAY,MAAM;AACtC,qBAAiB,KAAK;AACtB,qBAAiB,EAAE;AACnB,eAAW;AAAA,EACb,GAAG,CAAC,kBAAkB,kBAAkB,UAAU,CAAC;AAMnD,QAAM,uBAAmB,2BAAY,CAAC,aAAqB,kBAA2B;AAGpF,UAAM,iBAAiB,iBAAiB,cAAc,KAAK;AAE3D,QAAI,CAAC,gBAAgB;AACnB,iBAAW,KAAK,kEAAkE;AAClF;AAAA,IACF;AAKA,UAAM,SAAS,GAAG,cAAc,IAAI,WAAW;AAC/C,QAAI,mBAAmB,YAAY,OAAQ;AAC3C,QAAI,uBAAuB,QAAS;AAEpC,uBAAmB,UAAU;AAC7B,2BAAuB,UAAU;AAEjC,eAAW,KAAK,wCAAwC;AAGxD,kBAAc,cAAc;AAC5B,WAAO,WAAW;AAClB,YAAQ,KAAK;AAGb,eAAW,YAAY;AACrB,UAAI;AACF,cAAM,UAAU,gBAAgB,WAAW;AAAA,MAC7C,UAAE;AACA,+BAAuB,UAAU;AAAA,MACnC;AAAA,IACF,GAAG,GAAG;AAAA,EACR,GAAG,CAAC,eAAe,eAAe,QAAQ,SAAS,SAAS,CAAC;AAE7D,cAAY;AAAA,IACV,cAAc,CAAC,QAAQ;AAAA,IACvB,eAAe;AAAA,IACf,YAAY;AAAA,EACd,CAAC;AAMD,SAAO;AAAA;AAAA,IAEL,GAAG;AAAA;AAAA,IAGH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA;AAAA,IAGA;AAAA,IACA;AAAA,IACA;AAAA;AAAA,IAGA,GAAG;AAAA;AAAA,IAGH,yBAAyB;AAAA;AAAA,IAGzB,cAAc,UAAU;AAAA,IACxB,kBAAkB,UAAU;AAAA,IAC5B,4BAA4B,UAAU;AAAA,EACxC;AACF,GA3W2B;;;AmBf3B,IAAAC,iBAAsC;AA6C/B,IAAM,gBAAgB,wBAAC,UAAgC,CAAC,MAA2B;AACxF,QAAM,EAAE,WAAW,WAAW,SAAS,eAAe,aAAa,eAAe,MAAM,IAAI;AAC5F,QAAM,SAAS,aAAa;AAE5B,QAAM,CAAC,WAAW,YAAY,QAAI,yBAAS,KAAK;AAChD,QAAM,CAAC,OAAO,QAAQ,QAAI,yBAAwB,IAAI;AAKtD,QAAM,sBAAkB,4BAAY,YAAY;AAC9C,iBAAa,IAAI;AACjB,aAAS,IAAI;AAEb,QAAI;AACF,iBAAW,KAAK,+BAA+B;AAG/C,gBAAU,iDAAuC;AAAA,QAC/C;AAAA,QACA,OAAO;AAAA,MACT,CAAC;AAID,YAAM,SAAS,MAAM,iBAAiB,sCAAsC;AAAA,QAC1E,MAAM;AAAA,UACJ,YAAY,cAAc,OAAO,WAAW,cAAc,OAAO,SAAS,OAAO;AAAA,QACnF;AAAA,QACA,cAAc;AAAA,MAChB,CAAC;AACD,YAAM,WAAW,OAAO;AAExB,UAAI,CAAC,SAAS,mBAAmB;AAC/B,cAAM,IAAI,MAAM,iCAAiC;AAAA,MACnD;AAEA,iBAAW,KAAK,4BAA4B,SAAS,iBAAiB;AAEtE,UAAI,OAAO,WAAW,aAAa;AACjC,uBAAe,QAAQ,eAAe,SAAS,KAAK;AACpD,uBAAe,QAAQ,kBAAkB,QAAQ;AAAA,MACnD;AAEA,aAAO,SAAS,OAAO,SAAS;AAAA,IAElC,SAAS,KAAK;AACZ,YAAM,eAAe,eAAe,QAAQ,IAAI,UAAU;AAC1D,iBAAW,MAAM,6BAA6B,GAAG;AACjD,eAAS,YAAY;AACrB,gBAAU,YAAY;AAGtB,gBAAU,+CAAsC;AAAA,QAC9C;AAAA,QACA,OAAO;AAAA,MACT,CAAC;AAAA,IACH,UAAE;AACA,mBAAa,KAAK;AAAA,IACpB;AAAA,EACF,GAAG,CAAC,WAAW,OAAO,CAAC;AAQvB,QAAM,2BAAuB,4BAAY,OAAO,MAAc,UAAkB;AAC9E,iBAAa,IAAI;AACjB,aAAS,IAAI;AAEb,QAAI;AACF,iBAAW,KAAK,qCAAqC;AAGrD,UAAI,OAAO,WAAW,aAAa;AACjC,cAAM,cAAc,eAAe,QAAQ,aAAa;AACxD,YAAI,eAAe,gBAAgB,OAAO;AACxC,gBAAM,IAAI,MAAM,4CAA4C;AAAA,QAC9D;AAEA,uBAAe,WAAW,aAAa;AACvC,uBAAe,WAAW,gBAAgB;AAAA,MAC5C;AAEA,YAAM,SAAS,MAAM,iBAAiB,qCAAqC;AAAA,QACzE,MAAM,EAAE,MAAM,MAAM;AAAA,QACpB,cAAc;AAAA,MAChB,CAAC;AACD,YAAM,WAAW,OAAO;AAGxB,UAAI,SAAS,gBAAgB,SAAS,YAAY;AAChD,mBAAW,KAAK,uCAAuC,SAAS,UAAU;AAG1E,kBAAU,iDAAuC;AAAA,UAC/C;AAAA,UACA,OAAO;AAAA,QACT,CAAC;AAGD,wBAAgB,SAAS,YAAY,SAAS,qBAAqB,KAAK;AACxE;AAAA,MACF;AAEA,UAAI,CAAC,SAAS,UAAU,CAAC,SAAS,SAAS;AACzC,cAAM,IAAI,MAAM,sCAAsC;AAAA,MACxD;AAEA,iBAAW,KAAK,kCAAkC,SAAS,IAAI;AAG/D,WAAK,WAAW,EAAE,QAAQ,SAAS,QAAQ,SAAS,SAAS,QAAQ,CAAC;AAGtE,gBAAU,qDAAyC;AAAA,QACjD;AAAA,QACA,OAAO;AAAA,MACT,CAAC;AAGD,UAAI,SAAS,MAAM,IAAI;AACrB,kBAAU,QAAQ,OAAO,SAAS,KAAK,EAAE,CAAC;AAAA,MAC5C;AAGA,kBAAY,SAAS,MAAM,SAAS,eAAe,KAAK;AAGxD,UAAI,CAAC,cAAc;AAEjB,cAAM,mBAAmB,eAAe;AACxC,eAAO,SAAS,gBAAgB;AAAA,MAClC;AAAA,IAEF,SAAS,KAAK;AACZ,YAAM,eAAe,eAAe,QAAQ,IAAI,UAAU;AAC1D,iBAAW,MAAM,gCAAgC,GAAG;AACpD,eAAS,YAAY;AACrB,gBAAU,YAAY;AAGtB,gBAAU,+CAAsC;AAAA,QAC9C;AAAA,QACA,OAAO;AAAA,MACT,CAAC;AAAA,IACH,UAAE;AACA,mBAAa,KAAK;AAAA,IACpB;AAAA,EACF,GAAG,CAAC,WAAW,SAAS,aAAa,MAAM,CAAC;AAE5C,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF,GA/J6B;;;AC7C7B,IAAAC,iBAAsC;AAsD/B,IAAM,oBAAoB,wBAC/B,UAAoC,CAAC,MACT;AAC5B,QAAM,EAAE,YAAY,QAAQ,IAAI;AAEhC,QAAM,CAAC,WAAW,YAAY,QAAI,yBAAS,KAAK;AAChD,QAAM,CAAC,OAAO,QAAQ,QAAI,yBAAwB,IAAI;AACtD,QAAM,CAAC,WAAW,YAAY,QAAI,yBAAoC,IAAI;AAC1E,QAAM,CAAC,aAAa,cAAc,QAAI,yBAA0B,IAAI;AACpE,QAAM,CAAC,oBAAoB,qBAAqB,QAAI,yBAAwB,IAAI;AAChF,QAAM,CAAC,WAAW,YAAY,QAAI,yBAA0D,MAAM;AAElG,QAAM,iBAAa,4BAAY,MAAM;AACnC,aAAS,IAAI;AAAA,EACf,GAAG,CAAC,CAAC;AAEL,QAAM,iBAAa,4BAAY,MAAM;AACnC,iBAAa,IAAI;AACjB,mBAAe,IAAI;AACnB,0BAAsB,IAAI;AAC1B,iBAAa,MAAM;AACnB,aAAS,IAAI;AAAA,EACf,GAAG,CAAC,CAAC;AAEL,QAAM,iBAAa,4BAAY,OAAO,eAA4D;AAChG,iBAAa,IAAI;AACjB,aAAS,IAAI;AACb,iBAAa,UAAU;AAEvB,QAAI;AACF,iBAAW,KAAK,uBAAuB;AAEvC,YAAM,SAAS,MAAM,aAAa,mBAAmB;AAAA,QACnD,MAAM,EAAE,aAAa,WAAW;AAAA,QAChC,cAAc;AAAA,MAChB,CAAC;AACD,YAAM,WAAW,OAAO;AAExB,YAAM,OAA2B;AAAA,QAC/B,UAAU,SAAS;AAAA,QACnB,QAAQ,SAAS;AAAA,QACjB,iBAAiB,SAAS;AAAA,QAC1B,cAAc,SAAS;AAAA,QACvB,WAAW,SAAS;AAAA,MACtB;AAEA,mBAAa,IAAI;AACjB,iBAAW,KAAK,oCAAoC,KAAK,WAAW,SAAS;AAE7E,aAAO;AAAA,IACT,SAAS,KAAK;AACZ,YAAM,eAAe,sBAAsB,KAAK,2BAA2B;AAC3E,iBAAW,MAAM,oBAAoB,GAAG;AACxC,eAAS,YAAY;AACrB,mBAAa,MAAM;AACnB,gBAAU,YAAY;AACtB,aAAO;AAAA,IACT,UAAE;AACA,mBAAa,KAAK;AAAA,IACpB;AAAA,EACF,GAAG,CAAC,OAAO,CAAC;AAEZ,QAAM,mBAAe,4BAAY,OAAO,SAA2C;AACjF,QAAI,CAAC,WAAW;AACd,YAAM,MAAM;AACZ,eAAS,GAAG;AACZ,gBAAU,GAAG;AACb,aAAO;AAAA,IACT;AACA,QAAI,CAAC,gBAAgB,IAAI,GAAG;AAC1B,YAAM,MAAM;AACZ,eAAS,GAAG;AACZ,gBAAU,GAAG;AACb,aAAO;AAAA,IACT;AAEA,iBAAa,IAAI;AACjB,aAAS,IAAI;AACb,iBAAa,YAAY;AAEzB,QAAI;AACF,iBAAW,KAAK,yBAAyB;AAEzC,YAAM,SAAS,MAAM,aAAa,0BAA0B;AAAA,QAC1D,MAAM,EAAE,WAAW,UAAU,UAAU,KAAK;AAAA,QAC5C,cAAc;AAAA,MAChB,CAAC;AACD,YAAM,WAAW,OAAO;AAExB,YAAM,QAAQ,SAAS;AACvB,qBAAe,KAAK;AACpB,4BAAsB,SAAS,oBAAoB;AACnD,mBAAa,UAAU;AAEvB,iBAAW,KAAK,gDAAgD,MAAM,MAAM;AAE5E,mBAAa,KAAK;AAClB,aAAO;AAAA,IACT,SAAS,KAAK;AACZ,YAAM,eAAe,sBAAsB,KAAK,iCAAiC;AACjF,iBAAW,MAAM,iCAAiC,GAAG;AACrD,eAAS,YAAY;AACrB,mBAAa,UAAU;AACvB,gBAAU,YAAY;AACtB,aAAO;AAAA,IACT,UAAE;AACA,mBAAa,KAAK;AAAA,IACpB;AAAA,EACF,GAAG,CAAC,WAAW,YAAY,OAAO,CAAC;AAEnC,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF,GA1HiC;;;ACtDjC,IAAAC,iBAAsC;AAoC/B,IAAM,qBAAqB,6BAAgC;AAChE,QAAM,CAAC,WAAW,YAAY,QAAI,yBAAS,KAAK;AAChD,QAAM,CAAC,OAAO,QAAQ,QAAI,yBAAwB,IAAI;AACtD,QAAM,CAAC,eAAe,gBAAgB,QAAI,yBAAyB,IAAI;AACvE,QAAM,CAAC,SAAS,UAAU,QAAI,yBAA4B,CAAC,CAAC;AAE5D,QAAM,iBAAa,4BAAY,MAAM;AACnC,aAAS,IAAI;AAAA,EACf,GAAG,CAAC,CAAC;AAEL,QAAM,kBAAc,4BAAY,YAA2B;AACzD,iBAAa,IAAI;AACjB,aAAS,IAAI;AAEb,QAAI;AACF,iBAAW,KAAK,wBAAwB;AAGxC,YAAM,SAAS,MAAM,QAAQ,uBAAuB,EAAE,cAAc,KAAK,CAAC;AAC1E,YAAM,WAAW,OAAO;AAExB,YAAM,gBAAmC,SAAS,QAAQ,IAAI,CAAC,YAAY;AAAA,QACzE,IAAI,OAAO;AAAA,QACX,MAAM,OAAO;AAAA,QACb,WAAW,OAAO;AAAA,QAClB,YAAY,OAAO,gBAAgB;AAAA,QACnC,WAAW,OAAO;AAAA,MACpB,EAAE;AAEF,iBAAW,aAAa;AACxB,uBAAiB,SAAS,eAAe;AAEzC,iBAAW,KAAK,eAAe,SAAS,kBAAkB,YAAY,UAAU;AAAA,IAClF,SAAS,KAAK;AACZ,YAAM,eAAe,sBAAsB,KAAK,4BAA4B;AAC5E,iBAAW,MAAM,+BAA+B,GAAG;AACnD,eAAS,YAAY;AAAA,IACvB,UAAE;AACA,mBAAa,KAAK;AAAA,IACpB;AAAA,EACF,GAAG,CAAC,CAAC;AAEL,QAAM,iBAAa,4BAAY,OAAO,SAAmC;AACvE,QAAI,CAAC,gBAAgB,IAAI,GAAG;AAC1B,eAAS,6BAA6B;AACtC,aAAO;AAAA,IACT;AAEA,iBAAa,IAAI;AACjB,aAAS,IAAI;AAEb,QAAI;AACF,iBAAW,KAAK,kBAAkB;AAElC,YAAM,QAAQ,qBAAqB,EAAE,MAAM,EAAE,KAAK,GAAG,cAAc,KAAK,CAAC;AAEzE,uBAAiB,KAAK;AACtB,iBAAW,CAAC,CAAC;AAEb,iBAAW,KAAK,2BAA2B;AAC3C,aAAO;AAAA,IACT,SAAS,KAAc;AACrB,YAAM,eAAe,sBAAsB,KAAK,2BAA2B;AAC3E,iBAAW,MAAM,0BAA0B,GAAG;AAC9C,eAAS,YAAY;AACrB,aAAO;AAAA,IACT,UAAE;AACA,mBAAa,KAAK;AAAA,IACpB;AAAA,EACF,GAAG,CAAC,CAAC;AAEL,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF,GAhFkC;;;ACiB3B,IAAM,eAAe,wBAAC,UAA+B,CAAC,MAA0B;AACrF,QAAM,SAAS,mBAAmB,QAAQ,MAAM;AAChD,QAAM,QAAQ,kBAAkB,QAAQ,KAAK;AAC7C,QAAM,SAAS,mBAAmB;AAElC,SAAO,EAAE,QAAQ,OAAO,OAAO;AACjC,GAN4B;;;ACrD5B,IAAAC,iBAAoC;AAU7B,SAAS,gBAAmB,KAAa,cAAiB;AAE/D,QAAM,CAAC,aAAa,cAAc,QAAI,yBAAY,MAAM;AACtD,QAAI,OAAO,WAAW,aAAa;AACjC,aAAO;AAAA,IACT;AAEA,QAAI;AACF,YAAM,OAAO,OAAO,aAAa,QAAQ,GAAG;AAC5C,UAAI,SAAS,MAAM;AACjB,eAAO;AAAA,MACT;AAGA,UAAI;AACF,eAAO,KAAK,MAAM,IAAI;AAAA,MACxB,QAAQ;AAEN,eAAO;AAAA,MACT;AAAA,IACF,SAAS,OAAO;AACd,iBAAW,MAAM,mCAAmC,GAAG,MAAM,KAAK;AAClE,aAAO;AAAA,IACT;AAAA,EACF,CAAC;AAGD,QAAM,gBAAgB,wBAAC,SAAuB;AAC5C,QAAI;AACF,YAAM,aAAa,KAAK,UAAU,IAAI;AACtC,YAAM,cAAc,IAAI,KAAK,CAAC,UAAU,CAAC,EAAE;AAC3C,YAAM,WAAW,cAAc;AAG/B,UAAI,WAAW,MAAM;AACnB,mBAAW,KAAK,cAAc,SAAS,QAAQ,CAAC,CAAC,kCAAkC,GAAG,GAAG;AACzF,eAAO;AAAA,MACT;AAEA,aAAO;AAAA,IACT,SAAS,OAAO;AACd,iBAAW,MAAM,qCAAqC,GAAG,MAAM,KAAK;AACpE,aAAO;AAAA,IACT;AAAA,EACF,GAjBsB;AAoBtB,QAAM,eAAe,6BAAM;AACzB,QAAI;AACF,YAAM,OAAO,OAAO,KAAK,YAAY,EAAE,OAAO,CAAAC,SAAOA,QAAO,OAAOA,SAAQ,QAAQ;AAEnF,UAAI,KAAK,SAAS,IAAI;AACpB,cAAM,gBAAgB,KAAK,KAAK,KAAK,SAAS,GAAG;AACjD,iBAAS,IAAI,GAAG,IAAI,eAAe,KAAK;AACtC,cAAI;AACF,kBAAMA,OAAM,KAAK,CAAC;AAClB,gBAAIA,MAAK;AACP,2BAAa,WAAWA,IAAG;AAC3B,2BAAa,WAAW,GAAGA,IAAG,YAAY;AAAA,YAC5C;AAAA,UACF,QAAQ;AAAA,UAER;AAAA,QACF;AAAA,MACF;AAAA,IACF,SAAS,OAAO;AACd,iBAAW,MAAM,yCAAyC,KAAK;AAAA,IACjE;AAAA,EACF,GArBqB;AAwBrB,QAAM,gBAAgB,6BAAM;AAC1B,QAAI;AACF,YAAM,OAAO,OAAO,KAAK,YAAY;AACrC,iBAAWA,QAAO,MAAM;AACtB,YAAI;AACF,uBAAa,WAAWA,IAAG;AAAA,QAC7B,QAAQ;AAAA,QAER;AAAA,MACF;AAAA,IACF,SAAS,OAAO;AACd,iBAAW,MAAM,sCAAsC,KAAK;AAAA,IAC9D;AAAA,EACF,GAbsB;AAgBtB,QAAM,WAAW,wBAAC,UAA+B;AAC/C,QAAI;AACF,YAAM,eAAe,iBAAiB,WAAW,MAAM,WAAW,IAAI;AAGtE,UAAI,CAAC,cAAc,YAAY,GAAG;AAChC,mBAAW,KAAK,gCAAgC,GAAG,iBAAiB;AAEpE,YAAI;AACF,iBAAO,aAAa,WAAW,GAAG;AAClC,iBAAO,aAAa,WAAW,GAAG,GAAG,YAAY;AAAA,QACnD,QAAQ;AAAA,QAER;AAEA,uBAAe,YAAY;AAC3B;AAAA,MACF;AAEA,qBAAe,YAAY;AAE3B,UAAI,OAAO,WAAW,aAAa;AAEjC,YAAI;AAEF,cAAI,OAAO,iBAAiB,UAAU;AACpC,mBAAO,aAAa,QAAQ,KAAK,YAAY;AAAA,UAC/C,OAAO;AACL,mBAAO,aAAa,QAAQ,KAAK,KAAK,UAAU,YAAY,CAAC;AAAA,UAC/D;AAEA,iBAAO,aAAa,QAAQ,GAAG,GAAG,cAAc,KAAK,IAAI,EAAE,SAAS,CAAC;AAAA,QACvE,SAAS,cAAmB;AAE1B,cAAI,aAAa,SAAS,wBACtB,aAAa,SAAS,MACtB,aAAa,SAAS,SAAS,OAAO,GAAG;AAC3C,uBAAW,KAAK,mDAAmD;AACnE,yBAAa;AAGb,gBAAI;AAEF,kBAAI,OAAO,iBAAiB,UAAU;AACpC,uBAAO,aAAa,QAAQ,KAAK,YAAY;AAAA,cAC/C,OAAO;AACL,uBAAO,aAAa,QAAQ,KAAK,KAAK,UAAU,YAAY,CAAC;AAAA,cAC/D;AACA,qBAAO,aAAa,QAAQ,GAAG,GAAG,cAAc,KAAK,IAAI,EAAE,SAAS,CAAC;AAAA,YACvE,SAAS,YAAY;AACnB,yBAAW,MAAM,mCAAmC,GAAG,8BAA8B,UAAU;AAE/F,kBAAI;AACF,8BAAc;AAEd,oBAAI,OAAO,iBAAiB,UAAU;AACpC,yBAAO,aAAa,QAAQ,KAAK,YAAY;AAAA,gBAC/C,OAAO;AACL,yBAAO,aAAa,QAAQ,KAAK,KAAK,UAAU,YAAY,CAAC;AAAA,gBAC/D;AACA,uBAAO,aAAa,QAAQ,GAAG,GAAG,cAAc,KAAK,IAAI,EAAE,SAAS,CAAC;AAAA,cACvE,SAAS,YAAY;AACnB,2BAAW,MAAM,mCAAmC,GAAG,2BAA2B,UAAU;AAE5F,+BAAe,YAAY;AAAA,cAC7B;AAAA,YACF;AAAA,UACF,OAAO;AACL,kBAAM;AAAA,UACR;AAAA,QACF;AAAA,MACF;AAAA,IACF,SAAS,OAAO;AACd,iBAAW,MAAM,mCAAmC,GAAG,MAAM,KAAK;AAElE,YAAM,eAAe,iBAAiB,WAAW,MAAM,WAAW,IAAI;AACtE,qBAAe,YAAY;AAAA,IAC7B;AAAA,EACF,GA9EiB;AAiFjB,QAAM,cAAc,6BAAM;AACxB,QAAI;AACF,qBAAe,YAAY;AAC3B,UAAI,OAAO,WAAW,aAAa;AACjC,YAAI;AACF,iBAAO,aAAa,WAAW,GAAG;AAClC,iBAAO,aAAa,WAAW,GAAG,GAAG,YAAY;AAAA,QACnD,SAAS,aAAkB;AAEzB,cAAI,YAAY,SAAS,wBACrB,YAAY,SAAS,MACrB,YAAY,SAAS,SAAS,OAAO,GAAG;AAC1C,uBAAW,KAAK,kEAAkE;AAClF,yBAAa;AAEb,gBAAI;AACF,qBAAO,aAAa,WAAW,GAAG;AAClC,qBAAO,aAAa,WAAW,GAAG,GAAG,YAAY;AAAA,YACnD,SAAS,YAAY;AACnB,yBAAW,MAAM,sCAAsC,GAAG,qBAAqB,UAAU;AAEzF,4BAAc;AAAA,YAChB;AAAA,UACF,OAAO;AACL,kBAAM;AAAA,UACR;AAAA,QACF;AAAA,MACF;AAAA,IACF,SAAS,OAAO;AACd,iBAAW,MAAM,oCAAoC,GAAG,MAAM,KAAK;AAAA,IACrE;AAAA,EACF,GA/BoB;AAiCpB,SAAO,CAAC,aAAa,UAAU,WAAW;AAC5C;AA1MgB;;;ACKT,SAAS,aAAa,MAAsB;AACjD,MAAI,OAAO;AACT,WAAO;AAAA,EACT;AAEA,MAAI;AAEF,QAAI,OAAO,WAAW,aAAa;AACjC,aAAO,KAAK,mBAAmB,IAAI,EAAE,QAAQ,mBAAmB,CAAC,GAAG,OAAO;AACzE,eAAO,OAAO,aAAa,SAAS,IAAI,EAAE,CAAC;AAAA,MAC7C,CAAC,CAAC;AAAA,IACJ;AAEA,WAAO,OAAO,KAAK,MAAM,OAAO,EAAE,SAAS,QAAQ;AAAA,EACrD,SAAS,OAAO;AACd,YAAQ,MAAM,0BAA0B,KAAK;AAC7C,WAAO;AAAA,EACT;AACF;AAlBgB;AAyBT,SAAS,aAAa,SAAyB;AACpD,MAAI,OAAO;AACT,WAAO;AAAA,EACT;AAEA,MAAI;AAEF,QAAI,OAAO,WAAW,aAAa;AACjC,YAAM,SAAS,KAAK,OAAO;AAC3B,YAAM,QAAQ,IAAI,WAAW,OAAO,MAAM;AAC1C,eAAS,IAAI,GAAG,IAAI,OAAO,QAAQ,KAAK;AACtC,cAAM,CAAC,IAAI,OAAO,WAAW,CAAC;AAAA,MAChC;AACA,aAAO;AAAA,QACL,MAAM,KAAK,KAAK,EACb,IAAI,UAAQ,OAAO,OAAO,KAAK,SAAS,EAAE,GAAG,MAAM,EAAE,CAAC,EACtD,KAAK,EAAE;AAAA,MACZ;AAAA,IACF;AAEA,WAAO,OAAO,KAAK,SAAS,QAAQ,EAAE,SAAS,OAAO;AAAA,EACxD,SAAS,OAAO;AACd,YAAQ,MAAM,0BAA0B,KAAK;AAC7C,WAAO;AAAA,EACT;AACF;AAzBgB;AA+BT,SAAS,YAAY;AAC1B,SAAO;AAAA,IACL,QAAQ;AAAA,IACR,QAAQ;AAAA,IACR;AAAA,EACF;AACF;AANgB;;;ACzDhB,IAAM,YAAY;AAClB,IAAM,gBAAgB;AACtB,IAAM,cAAc;AAkBb,SAAS,mBAAgC;AAC9C,MAAI;AACF,QAAI,OAAO,WAAW,YAAa,QAAO;AAE1C,UAAM,SAAS,aAAa,QAAQ,SAAS;AAC7C,QAAI,CAAC,QAAQ;AACX,iBAAc,MAAM,yBAAyB;AAC7C,aAAO;AAAA,IACT;AAGA,UAAM,UAAU,aAAa,MAAM;AACnC,UAAM,aAA4B,KAAK,MAAM,OAAO;AAGpD,QAAI,WAAW,YAAY,eAAe;AACxC,iBAAc,KAAK,wCAAwC;AAC3D,wBAAkB;AAClB,aAAO;AAAA,IACT;AAGA,UAAM,MAAM,KAAK,IAAI;AACrB,UAAM,MAAM,MAAM,WAAW;AAC7B,QAAI,MAAM,WAAW,KAAK;AACxB,iBAAc,KAAK,yBAAyB;AAC5C,wBAAkB;AAClB,aAAO;AAAA,IACT;AAEA,eAAc,MAAM,mBAAmB,KAAK,MAAM,MAAM,GAAI,GAAG,SAAS;AACxE,WAAO,WAAW;AAAA,EACpB,SAAS,OAAO;AACd,eAAc,MAAM,wBAAwB,KAAK;AACjD,sBAAkB;AAClB,WAAO;AAAA,EACT;AACF;AArCgB;AA4CT,SAAS,iBAAiB,SAAe,SAAqC;AACnF,MAAI;AACF,QAAI,OAAO,WAAW,YAAa;AAEnC,UAAM,aAA4B;AAAA,MAChC,SAAS;AAAA,MACT,MAAM;AAAA,MACN,WAAW,KAAK,IAAI;AAAA,MACpB,KAAK,SAAS,OAAO;AAAA,IACvB;AAGA,UAAM,UAAU,aAAa,KAAK,UAAU,UAAU,CAAC;AACvD,iBAAa,QAAQ,WAAW,OAAO;AACvC,eAAc,MAAM,wBAAwB,WAAW,MAAM,KAAM,SAAS;AAAA,EAC9E,SAAS,OAAO;AACd,eAAc,MAAM,wBAAwB,KAAK;AAAA,EACnD;AACF;AAlBgB;AAuBT,SAAS,oBAA0B;AACxC,MAAI;AACF,QAAI,OAAO,WAAW,YAAa;AACnC,iBAAa,WAAW,SAAS;AACjC,eAAc,MAAM,eAAe;AAAA,EACrC,SAAS,OAAO;AACd,eAAc,MAAM,yBAAyB,KAAK;AAAA,EACpD;AACF;AARgB;AAaT,SAAS,gBAAyB;AACvC,SAAO,iBAAiB,MAAM;AAChC;AAFgB;AAOT,SAAS,mBAKP;AACP,MAAI;AACF,QAAI,OAAO,WAAW,YAAa,QAAO;AAE1C,UAAM,SAAS,aAAa,QAAQ,SAAS;AAC7C,QAAI,CAAC,OAAQ,QAAO,EAAE,QAAQ,MAAM;AAGpC,UAAM,UAAU,aAAa,MAAM;AACnC,UAAM,aAA4B,KAAK,MAAM,OAAO;AACpD,UAAM,MAAM,KAAK,IAAI;AACrB,UAAM,MAAM,MAAM,WAAW;AAC7B,UAAM,YAAY,WAAW,MAAM;AAEnC,WAAO;AAAA,MACL,QAAQ;AAAA,MACR;AAAA,MACA,KAAK,WAAW;AAAA,MAChB,WAAW,KAAK,IAAI,GAAG,SAAS;AAAA,IAClC;AAAA,EACF,SAAS,OAAO;AACd,eAAc,MAAM,2BAA2B,KAAK;AACpD,WAAO;AAAA,EACT;AACF;AA7BgB;;;ACzHhB,IAAAC,iBAAsC;AA0C/B,IAAM,mBAAmB,6BAA8B;AAC5D,QAAM,CAAC,WAAW,YAAY,QAAI,yBAAS,KAAK;AAChD,QAAM,CAAC,OAAO,QAAQ,QAAI,yBAAwB,IAAI;AACtD,QAAM,EAAE,OAAO,IAAI,QAAQ;AAE3B,QAAM,iBAAa,4BAAY,MAAM;AACnC,aAAS,IAAI;AAAA,EACf,GAAG,CAAC,CAAC;AAKL,QAAM,oBAAgB,4BAAY,YAA0C;AAC1E,iBAAa,IAAI;AACjB,aAAS,IAAI;AAEb,QAAI;AACF,iBAAW,KAAK,qBAAqB;AAErC,YAAM,SAAS,MAAM,mBAAmB,+BAA+B,EAAE,cAAc,KAAK,CAAC;AAC7F,YAAM,WAAW,OAAO;AAExB,UAAI,CAAC,SAAS,SAAS;AACrB,mBAAW,MAAM,6BAA6B,SAAS,OAAO;AAC9D,iBAAS,SAAS,OAAO;AACzB,cAAM,IAAI,MAAM,SAAS,OAAO;AAAA,MAClC;AAAA,IAEF,SAASC,QAAO;AACd,iBAAW,MAAM,6BAA6BA,MAAK;AACnD,YAAMA;AAAA,IACR,UAAE;AACA,mBAAa,KAAK;AAAA,IACpB;AAIA,UAAM,OAAO;AACb,WAAO,EAAE,SAAS,MAAM,SAAS,+BAA+B;AAAA,EAClE,GAAG,CAAC,CAAC;AAEL,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF,GA/CgC;;;AC7BhC,IAAAC,iBAEO;;;ACXP,sBAA2B;;;ACF3B,iBAAkB;AAEX,IAAM,yBAAyB,aAAE,OAAO;AAAA,EAC7C,KAAK,aAAE,OAAO;AAAA,EACd,aAAa,aAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,KAAK,CAAC;AACnD,CAAC;;;ACHD,iBAAmB;;;ACFnB,IAAAC,cAAkB;AAEX,IAAM,eAAe,cAAE,OAAO;AAAA,EACnC,KAAK,cAAE,OAAO;AAAA,EACd,aAAa,cAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,KAAK,CAAC,EAAE,SAAS;AAAA,EAC5D,YAAY,cAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,KAAK,CAAC;AAClD,CAAC;;;ACJD,IAAAC,mBAA2B;;;ACF3B,IAAAC,cAAkB;AAEX,IAAM,qBAAqB,cAAE,OAAO;AAAA,EACzC,KAAK,cAAE,OAAO;AAAA,EACd,YAAY,cAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,KAAK,CAAC;AAAA,EAChD,aAAa,cAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,KAAK,CAAC,EAAE,SAAS;AAC9D,CAAC;;;ACJD,IAAAC,mBAA2B;;;ACF3B,IAAAC,cAAkB;AAEX,IAAM,yBAAyB,cAAE,OAAO;AAAA,EAC7C,OAAO,cAAE,QAAQ;AAAA,EACjB,SAAS,cAAE,OAAO,EAAE,SAAS;AAC/B,CAAC;;;ACHD,IAAAC,cAAmB;;;ACFnB,IAAAC,cAAkB;;;ACAlB,IAAAC,cAAkB;;;ACAlB,IAAAC,cAAkB;AAEX,IAAM,0BAA0B,cAAE,KAAK,CAAC,QAAQ,CAAC;;;ADCjD,IAAM,wBAAwB,cAAE,OAAO;AAAA,EAC5C,IAAI,cAAE,OAAO,EAAE,IAAI;AAAA,EACnB,UAAU;AAAA,EACV,kBAAkB,cAAE,OAAO;AAAA,EAC3B,mBAAmB,cAAE,OAAO;AAAA,EAC5B,gBAAgB,cAAE,MAAM;AAAA,EACxB,qBAAqB,cAAE,OAAO;AAAA,EAC9B,cAAc,cAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,KAAK,CAAC;AAAA,EAClD,eAAe,cAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,KAAK,CAAC;AACrD,CAAC;;;ADTM,IAAM,4DAA4D,cAAE,MAAM,qBAAqB;;;AGDtG,IAAAC,mBAA2B;;;ACF3B,IAAAC,cAAkB;AAEX,IAAM,2DAA2D,cAAE,OAAO;AAAA,EAC/E,SAAS,cAAE,OAAO,EAAE,SAAS;AAC/B,CAAC;;;ACFD,IAAAC,mBAA2B;;;ACF3B,IAAAC,cAAkB;AAEX,IAAM,+BAA+B,cAAE,OAAO;AAAA,EACnD,mBAAmB,cAAE,OAAO;AAAA,EAC5B,OAAO,cAAE,OAAO;AAClB,CAAC;;;ACHD,IAAAC,mBAA2B;;;ACF3B,IAAAC,eAAkB;AAEX,IAAM,2BAA2B,eAAE,OAAO;AAAA,EAC/C,cAAc,eAAE,QAAQ,EAAE,QAAQ,KAAK,EAAE,SAAS;AAAA,EAClD,YAAY,eAAE,OAAO,EAAE,MAAM,iEAAiE,EAAE,SAAS,EAAE,SAAS;AAAA,EACpH,QAAQ,eAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,EACvC,SAAS,eAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,EACxC,MAAM,eAAE,OAAO,CAAC,CAAC,EAAE,YAAY,EAAE,SAAS,EAAE,SAAS;AAAA,EACrD,aAAa,eAAE,QAAQ,EAAE,QAAQ,KAAK,EAAE,SAAS;AAAA,EACjD,mBAAmB,eAAE,QAAQ,EAAE,QAAQ,KAAK,EAAE,SAAS;AAAA,EACvD,mBAAmB,eAAE,QAAQ,EAAE,SAAS;AAC1C,CAAC;;;ACTD,IAAAC,cAAmB;;;ACFnB,IAAAC,eAAkB;AAEX,IAAM,+BAA+B,eAAE,OAAO;AAAA,EACnD,WAAW,eAAE,MAAM,eAAE,OAAO,CAAC,CAAC,EAAE,YAAY,CAAC;AAC/C,CAAC;;;ACFD,IAAAC,mBAA2B;;;ACF3B,IAAAC,eAAkB;;;ACAlB,IAAAC,eAAkB;;;ACAlB,IAAAC,eAAkB;AAEX,IAAM,gCAAgC,eAAE,KAAK,CAAC,SAAS,WAAW,SAAS,UAAU,UAAU,QAAQ,OAAO,YAAY,OAAO,WAAW,WAAW,UAAU,WAAW,MAAM,WAAW,QAAQ,UAAU,SAAS,QAAQ,UAAU,WAAW,UAAU,SAAS,SAAS,WAAW,UAAU,YAAY,UAAU,WAAW,WAAW,KAAK,CAAC;;;ADCxV,IAAM,oBAAoB,eAAE,OAAO;AAAA,EACxC,UAAU;AAAA,EACV,eAAe,eAAE,OAAO;AAAA,EACxB,KAAK,eAAE,OAAO;AAAA,EACd,WAAW,eAAE,QAAQ;AACvB,CAAC;;;ADLM,IAAM,2BAA2B,eAAE,OAAO;AAAA,EAC/C,SAAS,eAAE,OAAO;AAAA,EAClB,SAAS,kBAAkB,SAAS,EAAE,SAAS;AACjD,CAAC;;;ADKM,SAAS,+BACd,QACA;AACA,aAAO,iBAAAC;AAAA,IACL,CAAC,iCAAiC;AAAA,IAClC,OAAO,MAAM,EAAE,IAAI,MAAqB;AACtC,YAAM,MAAM,MAAM,YAAY,4BAA4B,EAAE,GAAG,KAAK,cAAc,KAAK,CAAU;AACjG,YAAM,OAAO,IAAI;AACjB,YAAM,SAAS,yBAAyB,UAAU,IAAI;AACtD,UAAI,CAAC,OAAO,SAAS;AAGnB,gBAAQ;AAAA,UACN;AAAA,UACA;AAAA,YACE,WAAW;AAAA,YACX,QAAQ;AAAA,YACR,MAAM;AAAA,YACN,QAAQ,OAAO,MAAM;AAAA,YACrB;AAAA,UACF;AAAA,QACF;AACA,YAAI,OAAO,WAAW,aAAa;AACjC,cAAI;AACF,mBAAO;AAAA,cACL,IAAI,YAAY,wBAAwB;AAAA,gBACtC,QAAQ;AAAA,kBACN,WAAW;AAAA,kBACX,QAAQ;AAAA,kBACR,MAAM;AAAA,kBACN,QAAQ,OAAO,MAAM;AAAA,kBACrB;AAAA,kBACA,WAAW,oBAAI,KAAK;AAAA,gBACtB;AAAA,gBACA,SAAS;AAAA,gBACT,YAAY;AAAA,cACd,CAAC;AAAA,YACH;AAAA,UACF,QAAQ;AAAA,UAER;AAAA,QACF;AACA,eAAO;AAAA,MACT;AACA,aAAO,OAAO;AAAA,IAChB;AAAA,IACA;AAAA,EACF;AACF;AAhDgB;;;AIThB,IAAAC,mBAA2B;;;ACF3B,IAAAC,eAAkB;;;ACAlB,IAAAC,eAAkB;;;ACAlB,IAAAC,eAAkB;AAEX,IAAM,wBAAwB,eAAE,OAAO;AAAA,EAC5C,OAAO,eAAE,OAAO;AAAA,EAChB,gBAAgB,eAAE,OAAO;AAAA,EACzB,YAAY,eAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,KAAK,CAAC;AAAA,EAChD,UAAU,eAAE,MAAM,eAAE,OAAO,CAAC;AAC9B,CAAC;;;ADJM,IAAM,aAAa,eAAE,OAAO;AAAA,EACjC,IAAI,eAAE,OAAO,EAAE,IAAI;AAAA,EACnB,OAAO,eAAE,MAAM;AAAA,EACf,YAAY,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS,EAAE,SAAS;AAAA,EACnD,WAAW,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS,EAAE,SAAS;AAAA,EAClD,WAAW,eAAE,OAAO;AAAA,EACpB,UAAU,eAAE,OAAO;AAAA,EACnB,kBAAkB,eAAE,OAAO;AAAA,EAC3B,SAAS,eAAE,OAAO,EAAE,IAAI,GAAG,EAAE,SAAS,EAAE,SAAS;AAAA,EACjD,OAAO,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS,EAAE,SAAS;AAAA,EAC9C,UAAU,eAAE,OAAO,EAAE,IAAI,GAAG,EAAE,SAAS,EAAE,SAAS;AAAA,EAClD,UAAU,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS,EAAE,SAAS;AAAA,EACjD,UAAU,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS,EAAE,SAAS;AAAA,EACjD,QAAQ,eAAE,OAAO,EAAE,SAAS;AAAA,EAC5B,UAAU,eAAE,QAAQ;AAAA,EACpB,cAAc,eAAE,QAAQ;AAAA,EACxB,aAAa,eAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,KAAK,CAAC;AAAA,EACjD,YAAY,eAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,KAAK,CAAC,EAAE,SAAS;AAAA,EAC3D,2BAA2B,eAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,CAAC;AAAA,EACrD,YAAY,sBAAsB,SAAS;AAAA,EAC3C,SAAS,eAAE,OAAO,EAAE,SAAS;AAC/B,CAAC;;;ADrBM,IAAM,0BAA0B,eAAE,OAAO;AAAA,EAC9C,cAAc,eAAE,QAAQ,EAAE,QAAQ,KAAK,EAAE,SAAS;AAAA,EAClD,YAAY,eAAE,OAAO,EAAE,MAAM,iEAAiE,EAAE,SAAS,EAAE,SAAS;AAAA,EACpH,SAAS,eAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,EACxC,QAAQ,eAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,EACvC,MAAM,WAAW,SAAS,EAAE,SAAS;AAAA,EACrC,mBAAmB,eAAE,QAAQ,EAAE,SAAS;AAC1C,CAAC;;;ADCM,SAAS,8BACd,QACA;AACA,aAAO,iBAAAC;AAAA,IACL,CAAC,gCAAgC;AAAA,IACjC,OAAO,MAAM,EAAE,IAAI,MAAqB;AACtC,YAAM,MAAM,MAAM,YAAY,2BAA2B,EAAE,GAAG,KAAK,cAAc,KAAK,CAAU;AAChG,YAAM,OAAO,IAAI;AACjB,YAAM,SAAS,wBAAwB,UAAU,IAAI;AACrD,UAAI,CAAC,OAAO,SAAS;AAGnB,gBAAQ;AAAA,UACN;AAAA,UACA;AAAA,YACE,WAAW;AAAA,YACX,QAAQ;AAAA,YACR,MAAM;AAAA,YACN,QAAQ,OAAO,MAAM;AAAA,YACrB;AAAA,UACF;AAAA,QACF;AACA,YAAI,OAAO,WAAW,aAAa;AACjC,cAAI;AACF,mBAAO;AAAA,cACL,IAAI,YAAY,wBAAwB;AAAA,gBACtC,QAAQ;AAAA,kBACN,WAAW;AAAA,kBACX,QAAQ;AAAA,kBACR,MAAM;AAAA,kBACN,QAAQ,OAAO,MAAM;AAAA,kBACrB;AAAA,kBACA,WAAW,oBAAI,KAAK;AAAA,gBACtB;AAAA,gBACA,SAAS;AAAA,gBACT,YAAY;AAAA,cACd,CAAC;AAAA,YACH;AAAA,UACF,QAAQ;AAAA,UAER;AAAA,QACF;AACA,eAAO;AAAA,MACT;AACA,aAAO,OAAO;AAAA,IAChB;AAAA,IACA;AAAA,EACF;AACF;AAhDgB;;;AIThB,IAAAC,mBAA2B;AASpB,SAAS,kCACd,QACA;AACA,aAAO,iBAAAC;AAAA,IACL,CAAC,oCAAoC;AAAA,IACrC,OAAO,MAAM,EAAE,IAAI,MAAqB;AACtC,YAAM,MAAM,MAAM,mBAAmB,+BAA+B,EAAE,GAAG,KAAK,cAAc,KAAK,CAAU;AAC3G,YAAM,OAAO,IAAI;AACjB,YAAM,SAAS,WAAW,UAAU,IAAI;AACxC,UAAI,CAAC,OAAO,SAAS;AAGnB,gBAAQ;AAAA,UACN;AAAA,UACA;AAAA,YACE,WAAW;AAAA,YACX,QAAQ;AAAA,YACR,MAAM;AAAA,YACN,QAAQ,OAAO,MAAM;AAAA,YACrB;AAAA,UACF;AAAA,QACF;AACA,YAAI,OAAO,WAAW,aAAa;AACjC,cAAI;AACF,mBAAO;AAAA,cACL,IAAI,YAAY,wBAAwB;AAAA,gBACtC,QAAQ;AAAA,kBACN,WAAW;AAAA,kBACX,QAAQ;AAAA,kBACR,MAAM;AAAA,kBACN,QAAQ,OAAO,MAAM;AAAA,kBACrB;AAAA,kBACA,WAAW,oBAAI,KAAK;AAAA,gBACtB;AAAA,gBACA,SAAS;AAAA,gBACT,YAAY;AAAA,cACd,CAAC;AAAA,YACH;AAAA,UACF,QAAQ;AAAA,UAER;AAAA,QACF;AACA,eAAO;AAAA,MACT;AACA,aAAO,OAAO;AAAA,IAChB;AAAA,IACA;AAAA,EACF;AACF;AAhDgB;;;ACThB,IAAAC,oBAA2B;;;ACF3B,IAAAC,eAAkB;AAEX,IAAM,8BAA8B,eAAE,OAAO;AAAA,EAClD,SAAS,eAAE,QAAQ;AAAA,EACnB,SAAS,eAAE,OAAO;AACpB,CAAC;;;ACHD,IAAAC,oBAA2B;;;ACA3B,IAAAC,oBAA2B;AASpB,SAAS,mCACd,QACA;AACA,aAAO,kBAAAC;AAAA,IACL,CAAC,qCAAqC;AAAA,IACtC,OAAO,MAAM,EAAE,IAAI,MAAqB;AACtC,YAAM,MAAM,MAAM,mBAAmB,gCAAgC,EAAE,GAAG,KAAK,cAAc,KAAK,CAAU;AAC5G,YAAM,OAAO,IAAI;AACjB,YAAM,SAAS,WAAW,UAAU,IAAI;AACxC,UAAI,CAAC,OAAO,SAAS;AAGnB,gBAAQ;AAAA,UACN;AAAA,UACA;AAAA,YACE,WAAW;AAAA,YACX,QAAQ;AAAA,YACR,MAAM;AAAA,YACN,QAAQ,OAAO,MAAM;AAAA,YACrB;AAAA,UACF;AAAA,QACF;AACA,YAAI,OAAO,WAAW,aAAa;AACjC,cAAI;AACF,mBAAO;AAAA,cACL,IAAI,YAAY,wBAAwB;AAAA,gBACtC,QAAQ;AAAA,kBACN,WAAW;AAAA,kBACX,QAAQ;AAAA,kBACR,MAAM;AAAA,kBACN,QAAQ,OAAO,MAAM;AAAA,kBACrB;AAAA,kBACA,WAAW,oBAAI,KAAK;AAAA,gBACtB;AAAA,gBACA,SAAS;AAAA,gBACT,YAAY;AAAA,cACd,CAAC;AAAA,YACH;AAAA,UACF,QAAQ;AAAA,UAER;AAAA,QACF;AACA,eAAO;AAAA,MACT;AACA,aAAO,OAAO;AAAA,IAChB;AAAA,IACA;AAAA,EACF;AACF;AAhDgB;;;ACThB,IAAAC,cAAmB;;;ACAnB,IAAAC,oBAA2B;;;ACA3B,IAAAC,oBAA2B;AASpB,SAAS,kCACd,QACA;AACA,aAAO,kBAAAC;AAAA,IACL,CAAC,oCAAoC;AAAA,IACrC,OAAO,MAAM,EAAE,IAAI,MAAqB;AACtC,YAAM,MAAM,MAAM,mBAAmB,+BAA+B,EAAE,GAAG,KAAK,cAAc,KAAK,CAAU;AAC3G,YAAM,OAAO,IAAI;AACjB,YAAM,SAAS,WAAW,UAAU,IAAI;AACxC,UAAI,CAAC,OAAO,SAAS;AAGnB,gBAAQ;AAAA,UACN;AAAA,UACA;AAAA,YACE,WAAW;AAAA,YACX,QAAQ;AAAA,YACR,MAAM;AAAA,YACN,QAAQ,OAAO,MAAM;AAAA,YACrB;AAAA,UACF;AAAA,QACF;AACA,YAAI,OAAO,WAAW,aAAa;AACjC,cAAI;AACF,mBAAO;AAAA,cACL,IAAI,YAAY,wBAAwB;AAAA,gBACtC,QAAQ;AAAA,kBACN,WAAW;AAAA,kBACX,QAAQ;AAAA,kBACR,MAAM;AAAA,kBACN,QAAQ,OAAO,MAAM;AAAA,kBACrB;AAAA,kBACA,WAAW,oBAAI,KAAK;AAAA,gBACtB;AAAA,gBACA,SAAS;AAAA,gBACT,YAAY;AAAA,cACd,CAAC;AAAA,YACH;AAAA,UACF,QAAQ;AAAA,UAER;AAAA,QACF;AACA,eAAO;AAAA,MACT;AACA,aAAO,OAAO;AAAA,IAChB;AAAA,IACA;AAAA,EACF;AACF;AAhDgB;;;ACThB,IAAAC,oBAA2B;;;ACA3B,IAAAC,oBAA2B;;;ACF3B,IAAAC,eAAkB;AAEX,IAAM,qBAAqB,eAAE,OAAO;AAAA,EACzC,QAAQ,eAAE,OAAO;AAAA,EACjB,SAAS,eAAE,OAAO;AACpB,CAAC;;;ACLD,IAAAC,eAAkB;AAEX,IAAM,sBAAsB,eAAE,OAAO;AAAA,EAC1C,KAAK,eAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EACrB,aAAa,eAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,KAAK,CAAC,EAAE,SAAS;AAAA,EAC5D,YAAY,eAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,KAAK,CAAC;AAClD,CAAC;;;ACND,IAAAC,eAAkB;AAEX,IAAM,0BAA0B,eAAE,OAAO;AAAA,EAC9C,KAAK,eAAE,OAAO,EAAE,IAAI,CAAC;AACvB,CAAC;;;ACJD,IAAAC,eAAkB;AAEX,IAAM,6BAA6B,eAAE,OAAO;AAAA,EACjD,YAAY,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS;AAAA,EACxC,WAAW,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS;AAAA,EACvC,SAAS,eAAE,OAAO,EAAE,IAAI,GAAG,EAAE,SAAS;AAAA,EACtC,OAAO,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS;AAAA,EACnC,UAAU,eAAE,OAAO,EAAE,IAAI,GAAG,EAAE,SAAS;AAAA,EACvC,UAAU,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS;AAAA,EACtC,UAAU,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS;AACxC,CAAC;;;ACVD,IAAAC,eAAkB;AAEX,IAAM,qCAAqC,eAAE,OAAO;AAAA,EACzD,cAAc,eAAE,OAAO,EAAE,SAAS;AAAA,EAClC,YAAY,eAAE,OAAO,EAAE,SAAS;AAClC,CAAC;;;ACLD,IAAAC,eAAkB;AAEX,IAAM,oCAAoC,eAAE,OAAO;AAAA,EACxD,MAAM,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,IAAI,GAAG;AAAA,EAChC,OAAO,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,IAAI,GAAG;AAAA,EACjC,cAAc,eAAE,OAAO,EAAE,SAAS;AACpC,CAAC;;;ACND,IAAAC,eAAkB;AAGX,IAAM,sCAAsC,eAAE,OAAO;AAAA,EAC1D,UAAU;AACZ,CAAC;;;ACLD,IAAAC,eAAkB;AAEX,IAAM,mBAAmB,eAAE,OAAO;AAAA,EACvC,OAAO,eAAE,OAAO;AAAA,EAChB,mBAAmB,eAAE,OAAO,EAAE,SAAS;AACzC,CAAC;;;ACLD,IAAAC,eAAkB;AAEX,IAAM,yBAAyB,eAAE,OAAO;AAAA,EAC7C,OAAO,eAAE,OAAO;AAAA,EAChB,YAAY,eAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,EAC3C,aAAa,eAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS;AACpD,CAAC;;;ACND,IAAAC,eAAkB;AAEX,IAAM,0BAA0B,eAAE,OAAO;AAAA,EAC9C,YAAY,eAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EAC5B,YAAY,eAAE,OAAO,EAAE,SAAS;AAClC,CAAC;;;ACLD,IAAAC,eAAkB;AAEX,IAAM,yBAAyB,eAAE,OAAO;AAAA,EAC7C,YAAY,eAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EAC5B,KAAK,eAAE,OAAO,EAAE,IAAI,CAAC,EAAE,IAAI,CAAC;AAAA,EAC5B,YAAY,eAAE,OAAO,EAAE,SAAS;AAClC,CAAC;;;ACND,IAAAC,eAAkB;AAEX,IAAM,oCAAoC,eAAE,OAAO;AAAA,EACxD,YAAY,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS;AAAA,EACxC,WAAW,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS;AAAA,EACvC,SAAS,eAAE,OAAO,EAAE,IAAI,GAAG,EAAE,SAAS;AAAA,EACtC,OAAO,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS;AAAA,EACnC,UAAU,eAAE,OAAO,EAAE,IAAI,GAAG,EAAE,SAAS;AAAA,EACvC,UAAU,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS;AAAA,EACtC,UAAU,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS;AACxC,CAAC;;;ACVD,IAAAC,eAAkB;AAEX,IAAM,8BAA8B,eAAE,OAAO;AAAA,EAClD,SAAS,eAAE,OAAO,EAAE,IAAI,CAAC;AAC3B,CAAC;;;ACJD,IAAAC,eAAkB;AAEX,IAAM,4BAA4B,eAAE,OAAO;AAAA,EAChD,SAAS,eAAE,OAAO,EAAE,IAAI,CAAC;AAC3B,CAAC;;;ApDyMG;AAjJJ,IAAM,sBAAkB,8BAAgD,MAAS;AAM1E,SAAS,iBAAiB,EAAE,SAAS,GAA0B;AACpE,QAAM,CAAC,SAAS,UAAU,QAAI,yBAA2B,MAAM;AAC7D,UAAM,SAAS,iBAAiB;AAChC,WAAO,UAAU;AAAA,EACnB,CAAC;AACD,QAAM,CAAC,kBAAkB,mBAAmB,QAAI,yBAAS,KAAK;AAC9D,QAAM,CAAC,cAAc,eAAe,QAAI,yBAAuB,IAAI;AAEnE,QAAM,iBAAa,uBAAyB,OAAO;AACnD,QAAM,mBAAe,uBAAO,KAAK;AAEjC,gCAAU,MAAM;AACd,eAAW,UAAU;AAAA,EACvB,GAAG,CAAC,OAAO,CAAC;AAEZ,gCAAU,MAAM;AACd,iBAAa,UAAU;AAAA,EACzB,GAAG,CAAC,gBAAgB,CAAC;AAErB,QAAM,EAAE,SAAS,qBAAqB,IAAI,kCAAkC;AAC5E,QAAM,EAAE,SAAS,4BAA4B,IAAI,mCAAmC;AACpF,QAAM,EAAE,SAAS,cAAc,IAAI,kCAAkC;AACrE,QAAM,EAAE,SAAS,kBAAkB,IAAI,+BAA+B;AACtE,QAAM,EAAE,SAAS,iBAAiB,IAAI,8BAA8B;AAEpE,QAAM,qBAAiB,4BAAY,OAAO,YAAgF;AACxH,UAAM,EAAE,UAAU,MAAM,IAAI,WAAW,CAAC;AAExC,QAAI,aAAa,SAAS;AACxB,iBAAW,MAAM,kDAAkD,QAAQ,GAAG;AAC9E,aAAO,WAAW;AAAA,IACpB;AAEA,wBAAoB,IAAI;AACxB,iBAAa,UAAU;AACvB,oBAAgB,IAAI;AACpB,QAAI;AACF,iBAAW,MAAM,sCAAsC,QAAQ,YAAY,KAAK,GAAG;AACnF,YAAM,MAAM,MAAM,mBAAmB,2BAA2B,EAAE,cAAc,KAAK,CAAC;AACtF,YAAM,SAAS,IAAI;AACnB,iBAAW,MAAM;AACjB,iBAAW,UAAU;AACrB,uBAAiB,MAAM;AACvB,aAAO;AAAA,IACT,SAAS,OAAO;AACd,YAAM,MAAM,iBAAiB,QAAQ,QAAQ,IAAI,MAAM,yBAAyB;AAChF,sBAAgB,GAAG;AACnB,YAAM;AAAA,IACR,UAAE;AACA,0BAAoB,KAAK;AACzB,mBAAa,UAAU;AAAA,IACzB;AAAA,EACF,GAAG,CAAC,CAAC;AAEL,QAAM,gBAAgB,8BAAO,SAA8C;AACzE,UAAM,qBAAqB,EAAE,MAAM,KAAK,CAAC;AACzC,UAAM,OAAO,MAAM,eAAe,EAAE,UAAU,iBAAiB,OAAO,KAAK,CAAC;AAC5E,WAAO;AAAA,EACT,GAJsB;AAMtB,QAAM,uBAAuB,8BAAO,SAAqD;AACvF,UAAM,4BAA4B,EAAE,MAAM,KAAK,CAAC;AAChD,UAAM,OAAO,MAAM,eAAe,EAAE,UAAU,wBAAwB,OAAO,KAAK,CAAC;AACnF,WAAO;AAAA,EACT,GAJ6B;AAM7B,QAAM,eAAe,8BAAO,WAAuC;AACjE,UAAM,cAAc,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC;AACxC,UAAM,OAAO,MAAM,eAAe,EAAE,UAAU,gBAAgB,OAAO,KAAK,CAAC;AAC3E,WAAO;AAAA,EACT,GAJqB;AAMrB,QAAM,aAAa,8BAAO,SAAyD;AACjF,UAAM,SAAS,MAAM,kBAAkB,EAAE,MAAM,KAAK,CAAC;AACrD,WAAO;AAAA,EACT,GAHmB;AAKnB,QAAM,YAAY,8BAAO,SAAuD;AAC9E,UAAM,SAAU,MAAM,iBAAiB,EAAE,MAAM,KAAK,CAAC;AAErD,QAAI,OAAO,gBAAgB,OAAO,YAAY;AAC5C,iBAAW,KAAK,0BAA0B,OAAO,UAAU;AAC3D,aAAO;AAAA,IACT;AAEA,QAAI,OAAO,UAAU,OAAO,SAAS;AAEnC,WAAK,WAAW,EAAE,QAAQ,OAAO,QAAQ,SAAS,OAAO,QAAQ,CAAC;AAClE,UAAI;AACF,cAAM,eAAe,EAAE,UAAU,aAAa,OAAO,KAAK,CAAC;AAAA,MAC7D,SAASC,eAAc;AACrB,mBAAW,KAAK,+DAA+DA,aAAY;AAAA,MAC7F;AAAA,IACF;AAEA,WAAO;AAAA,EACT,GAnBkB;AAqBlB,QAAM,aAAS,4BAAY,MAAM;AAI/B,UAAM,UAAU,KAAK,gBAAgB;AACrC,QAAI,SAAS;AACX,sBAAgB,gCAAgC,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,EAAE,MAAM,MAAM;AACjF,mBAAW,KAAK,4DAA4D;AAAA,MAC9E,CAAC;AAAA,IACH;AACA,SAAK,aAAa;AAClB,eAAW,MAAS;AACpB,oBAAgB,IAAI;AACpB,sBAAkB;AAAA,EACpB,GAAG,CAAC,CAAC;AAEL,QAAM,YAA8B,wBAAQ,OAAO;AAAA,IACjD;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,IAAI;AAAA,IACF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AAED,SACE,4CAAC,gBAAgB,UAAhB,EAAyB,OACvB,UACH;AAEJ;AA/IgB;AAiJT,SAAS,qBAA2C;AACzD,QAAM,cAAU,2BAAW,eAAe;AAC1C,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI,MAAM,yDAAyD;AAAA,EAC3E;AACA,SAAO;AACT;AANgB;;;AtC0PP,IAAAC,sBAAA;AAjaT,IAAM,gBAAgB;AAAA,EACpB,MAAM;AAAA,EACN,iBAAiB;AAAA,EACjB,qBAAqB;AACvB;AAGO,IAAM,oBAAoB,wBAC/B,YACI;AAAA,EACJ,MAAM,QAAQ,QAAQ,cAAc;AAAA,EACpC,iBAAiB,QAAQ,mBAAmB,cAAc;AAAA,EAC1D,qBAAqB,QAAQ,uBAAuB,QAAQ,QAAQ,cAAc;AACpF,IANiC;AAQjC,IAAM,oBAAoB;AAE1B,IAAM,kBAAc,8BAA2C,MAAS;AAGxE,IAAM,kBAAkB,wBAAC,UAA4B;AACnD,QAAM,OAAO,MAAM;AAGnB,SAAO,MAAM,SAAS,MAAM,UAAU,MAAM,WAAW,MAAM;AAC/D,GALwB;AAOxB,IAAM,uBAAoD,wBAAC,EAAE,UAAU,OAAO,MAAM;AAClF,QAAM,WAAW,mBAAmB;AACpC,QAAM,UAAU,WAAW;AAC3B,QAAM,kBAAkB,QAAQ,WAAW;AAE3C,QAAM,SAAS,aAAa;AAC5B,QAAM,eAAW,gCAAY;AAC7B,QAAM,cAAc,eAAe;AACnC,QAAM,CAAC,aAAa,gBAAgB,gBAAgB,IAAI;AAAA,IACtD;AAAA,IACA;AAAA,EACF;AAIA,QAAM,aAAS,wBAAQ,MAAM,kBAAkB,QAAQ,MAAM,GAAG,CAAC,QAAQ,MAAM,CAAC;AAChF,QAAM,gBAAY,uBAAO,MAAM;AAC/B,gCAAU,MAAM;AACd,cAAU,UAAU;AAAA,EACtB,GAAG,CAAC,MAAM,CAAC;AAEX,QAAM,kBAAkB,uBAAuB;AAAA,IAC7C,aAAa,OAAO;AAAA,IACpB,YAAY;AAAA,EACd,CAAC;AAED,QAAM,gBAAY,uBAAO,MAAM;AAC/B,gCAAU,MAAM;AACd,cAAU,UAAU;AAAA,EACtB,GAAG,CAAC,MAAM,CAAC;AAEX,QAAM,kBAAc,uBAAO,QAAQ;AACnC,gCAAU,MAAM;AACd,gBAAY,UAAU;AAAA,EACxB,GAAG,CAAC,QAAQ,CAAC;AAOb,QAAM,0BAAsB,uBAAO,KAAK;AAOxC,QAAM,CAAC,gBAAgB,iBAAiB,QAAI,yBAAS,KAAK;AAC1D,QAAM,aAAa,QAAQ,SAAS,OAAO;AAC3C,QAAM,0BAAsB,uBAAO,KAAK;AAExC,gCAAU,MAAM;AACd,QAAI,CAAC,iBAAiB;AACpB,0BAAoB,UAAU;AAY9B,YAAM,YAAY,QAAQ,KAAK,SAAS,KAAK,KAAK,gBAAgB,CAAC;AACnE,UAAI,aAAa,CAAC,KAAK,gBAAgB,GAAG;AACxC,mBAAW,KAAK,yCAAoC;AACpD,aAAK,aAAa;AAClB,0BAAkB;AAAA,MACpB;AACA,wBAAkB,IAAI;AACtB;AAAA,IACF;AACA,QAAI,cAAc,oBAAoB,SAAS;AAC7C,wBAAkB,IAAI;AACtB;AAAA,IACF;AACA,wBAAoB,UAAU;AAC9B,QAAI,YAAY;AAChB,gBAAY,QACT,eAAe,EAAE,UAAU,yBAAyB,CAAC,EACrD,MAAM,CAAC,UAAmB;AAIzB,iBAAW,KAAK,uCAAuC,KAAK;AAAA,IAC9D,CAAC,EACA,QAAQ,MAAM;AACb,UAAI,CAAC,UAAW,mBAAkB,IAAI;AAAA,IACxC,CAAC;AACH,WAAO,MAAM;AACX,kBAAY;AAAA,IACd;AAAA,EACF,GAAG,CAAC,iBAAiB,UAAU,CAAC;AAEhC,QAAM,YAAY,CAAC;AAMnB,QAAM,wBAAoB,uBAAO,KAAK;AACtC,gCAAU,MAAM;AACd,UAAM,cAAc,KAAK,iBAAiB,MAAM;AAC9C,UAAI,kBAAkB,QAAS;AAC/B,wBAAkB,UAAU;AAC5B,iBAAW,KAAK,4DAAuD;AACvE,wBAAkB;AAClB,gBAAU,yDAA2C;AAAA,QACnD;AAAA,MACF,CAAC;AACD,aAAO,YAAY,UAAU,QAAQ,mBAAmB;AAAA,IAC1D,CAAC;AACD,WAAO;AAAA,EACT,GAAG,CAAC,MAAM,CAAC;AAOX,gCAAU,MAAM;AACd,QAAI,CAAC,mBAAmB,oBAAoB,QAAS;AACrD,QAAI,aAAa,OAAO,QAAQ,CAAC,YAAY,IAAI,MAAM,GAAG;AACxD,YAAM,QAAQ,gBAAgB,YAAY,IAAI,gBAAgB,YAAY,IAAI;AAC9E,UAAI,MAAO,iBAAgB,cAAc;AACzC,aAAO,KAAK,SAAS,OAAO,eAAe;AAAA,IAC7C;AAAA,EACF,GAAG,CAAC,iBAAiB,UAAU,aAAa,QAAQ,QAAQ,eAAe,CAAC;AAI5E,QAAM,yBAAqB,4BAAY,OAAO,aAAqC;AACjF,QAAI,CAAC,KAAK,gBAAgB,GAAG;AAC3B,YAAM,IAAI,MAAM,+BAA+B;AAAA,IACjD;AACA,UAAM,YAAY,QAAQ,eAAe;AAAA,MACvC,UAAU,YAAY;AAAA,IACxB,CAAC;AAAA,EACH,GAAG,CAAC,CAAC;AAEL,QAAM,2BAAuB,4BAAY,YAA2B;AAClE,QAAI,KAAK,gBAAgB,GAAG;AAC1B,UAAI;AACF,cAAM,mBAAmB,sBAAsB;AAAA,MACjD,SAAS,OAAO;AACd,mBAAW,KAAK,6CAA6C,KAAK;AAAA,MACpE;AACA,aAAO,KAAK,UAAU,QAAQ,eAAe;AAAA,IAC/C,OAAO;AACL,aAAO,KAAK,UAAU,QAAQ,mBAAmB;AAAA,IACnD;AAAA,EACF,GAAG,CAAC,oBAAoB,MAAM,CAAC;AAI/B,QAAM,iBAAa;AAAA,IACjB,OAAO,YAAoB,cAAkD;AAE3E,WAAK,aAAa;AAElB,UAAI;AACF,cAAM,SAAS,MAAM,YAAY,QAAQ,WAAW;AAAA,UAClD;AAAA,UACA,YAAY;AAAA,QACd,CAAC;AAED,kBAAU,iDAAuC;AAAA,UAC/C;AAAA,UACA,OAAO;AAAA,QACT,CAAC;AAED,eAAO;AAAA,UACL,SAAS;AAAA,UACT,SAAS,OAAO,WAAW;AAAA,UAC3B,SAAS,OAAO,WAAW;AAAA,QAC7B;AAAA,MACF,SAAS,OAAO;AACd,mBAAW,MAAM,sBAAsB,KAAK;AAE5C,YAAI,iBAAiB,UAAU;AAC7B,gBAAM,OAAO,MAAM;AAGnB,gBAAM,aAAa,MAAM,eAAe,MAAM;AAC9C,iBAAO;AAAA,YACL,SAAS;AAAA,YACT,YAAY,MAAM;AAAA,YAClB,SAAS,gBAAgB,KAAK;AAAA,YAC9B,YAAY,OAAO,eAAe,WAAW,aAAa;AAAA,UAC5D;AAAA,QACF;AACA,eAAO,EAAE,SAAS,OAAO,SAAS,qBAAqB;AAAA,MACzD;AAAA,IACF;AAAA,IACA,CAAC;AAAA,EACH;AAEA,QAAM,gBAAY;AAAA,IAChB,OACE,YACA,SACA,WACA,aACA,iBAQI;AACJ,UAAI;AAGF,4BAAoB,UAAU,QAAQ,YAAY;AAElD,cAAM,SAAS,MAAM,YAAY,QAAQ,UAAU;AAAA,UACjD;AAAA,UACA,KAAK;AAAA,UACL,YAAY;AAAA,QACd,CAAC;AAED,YAAI,OAAO,gBAAgB,OAAO,YAAY;AAC5C,qBAAW,KAAK,0BAA0B,OAAO,UAAU;AAC3D,iBAAO;AAAA,YACL,SAAS;AAAA,YACT,SAAS;AAAA,YACT,cAAc;AAAA,YACd,YAAY,OAAO;AAAA,YACnB,mBAAmB,OAAO;AAAA,UAC5B;AAAA,QACF;AAEA,YAAI,CAAC,OAAO,UAAU,CAAC,OAAO,SAAS;AACrC,qBAAW,MAAM,yCAAyC,MAAM;AAChE,iBAAO,EAAE,SAAS,OAAO,SAAS,oCAAoC;AAAA,QACxE;AAEA,YAAI,WAAW,SAAS,GAAG,GAAG;AAC5B,yBAAe,UAAU;AAAA,QAC3B;AAEA,kBAAU,qDAAyC;AAAA,UACjD;AAAA,UACA,OAAO;AAAA,QACT,CAAC;AACD,YAAI,OAAO,MAAM,IAAI;AACnB,oBAAU,QAAQ,OAAO,OAAO,KAAK,EAAE,CAAC;AAAA,QAC1C;AAEA,YAAI,CAAC,cAAc;AAIjB,gBAAM,QAAQ,gBAAgB,YAAY,IAAI,gBAAgB,YAAY,IAAI;AAC9E,cAAI,MAAO,iBAAgB,cAAc;AACzC,gBAAM,mBAAmB,SAAS,eAAe,UAAU,QAAQ;AACnE,qBAAW,KAAK,8BAA8B,gBAAgB;AAC9D,iBAAO,SAAS,gBAAgB;AAAA,QAClC;AAEA,eAAO;AAAA,UACL,SAAS;AAAA,UACT,SAAS;AAAA,UACT,MAAM,OAAO;AAAA,UACb,mBAAmB,OAAO;AAAA,QAC5B;AAAA,MACF,SAAS,OAAO;AACd,mBAAW,MAAM,qBAAqB,KAAK;AAC3C,kBAAU,yDAA2C;AAAA,UACnD;AAAA,UACA,OAAO;AAAA,QACT,CAAC;AACD,YAAI,iBAAiB,UAAU;AAC7B,iBAAO,EAAE,SAAS,OAAO,SAAS,gBAAgB,KAAK,EAAE;AAAA,QAC3D;AACA,eAAO,EAAE,SAAS,OAAO,SAAS,uBAAuB;AAAA,MAC3D;AAAA,IACF;AAAA,IACA,CAAC,gBAAgB,iBAAiB,MAAM;AAAA,EAC1C;AAIA,QAAM,mBAAe,4BAAY,YAA4D;AAG3F,UAAM,SAAS,MAAM,KAAK,WAAW;AACrC,QAAI,QAAQ;AACV,gBAAU,qDAAyC;AAAA,QACjD;AAAA,MACF,CAAC;AACD,aAAO,EAAE,SAAS,MAAM,SAAS,kBAAkB;AAAA,IACrD;AACA,cAAU,+DAA8C;AAAA,MACtD;AAAA,IACF,CAAC;AACD,WAAO,EAAE,SAAS,OAAO,SAAS,yBAAyB;AAAA,EAC7D,GAAG,CAAC,CAAC;AAEL,QAAM,aAAS,4BAAY,MAAY;AACrC,cAAU,uCAAkC;AAAA,MAC1C;AAAA,IACF,CAAC;AACD,gBAAY,QAAQ,OAAO;AAG3B,WAAO,YAAY,UAAU,QAAQ,mBAAmB;AAAA,EAC1D,GAAG,CAAC,MAAM,CAAC;AAIX,QAAM,OAAQ,SAAS,WAAuC;AAC9D,QAAM,cAAc,QAAQ,MAAM,YAAY,MAAM,YAAY;AAIhE,gCAAU,MAAM;AACd,uBAAmB,EAAE,SAAS,YAAY,CAAC;AAAA,EAC7C,GAAG,CAAC,WAAW,CAAC;AAEhB,QAAM,oBAAgB;AAAA,IACpB,OAAO,SAIqB;AAC1B,YAAM,SAAS,MAAM,YAAY,QAAQ,qBAAqB,IAAI;AAClE,aAAO;AAAA,IACT;AAAA,IACA,CAAC;AAAA,EACH;AAEA,QAAM,mBAAe,4BAAY,OAAO,WAA8C;AACpF,UAAM,SAAS,MAAM,YAAY,QAAQ,aAAa,MAAM;AAC5D,WAAO;AAAA,EACT,GAAG,CAAC,CAAC;AAEL,QAAM,YAAQ;AAAA,IACZ,OAAO;AAAA,MACL;AAAA,MACA;AAAA;AAAA;AAAA,MAGA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA,UAAU,6BAAM,KAAK,SAAS,GAApB;AAAA,MACV,iBAAiB,6BAAM,KAAK,gBAAgB,GAA3B;AAAA,MACjB,eAAe,6BAAM,aAAN;AAAA,MACf,WAAW;AAAA,MACX,iBAAiB;AAAA,MACjB;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA,iBAAiB,gBAAgB;AAAA,MACjC,gBAAgB,gBAAgB;AAAA,MAChC,kBAAkB,gBAAgB;AAAA,MAClC,gBAAgB,gBAAgB;AAAA,MAChC;AAAA,MACA;AAAA,IACF;AAAA,IACA;AAAA,MACE;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAEA,SAAO,6CAAC,YAAY,UAAZ,EAAqB,OAAe,UAAS;AACvD,GAvY0D;AA8Y1D,SAAS,gBAAgB,EAAE,UAAU,QAAQ,UAAU,KAAK,GAAsB;AAChF,MAAI,CAAC,QAAS,QAAO,6EAAG,UAAS;AACjC,SACE,6CAAC,oBACC,uDAAC,wBAAqB,QAAiB,UAAS,GAClD;AAEJ;AAPS;AASF,IAAM,mBAAe,qBAAK,eAAe;AAMhD,IAAM,mBAAoC;AAAA,EACxC,MAAM;AAAA,EACN,WAAW;AAAA,EACX,iBAAiB;AAAA,EACjB,aAAa;AAAA,EACb,QAAQ,kBAAkB;AAAA,EAC1B,oBAAoB,mCAAY;AAC9B,eAAW,KAAK,yDAAyD;AAAA,EAC3E,GAFoB;AAAA,EAGpB,sBAAsB,mCAAY;AAChC,eAAW,KAAK,2DAA2D;AAAA,EAC7E,GAFsB;AAAA,EAGtB,UAAU,6BAAM,MAAN;AAAA,EACV,iBAAiB,6BAAM,MAAN;AAAA,EACjB,eAAe,6BAAM,MAAN;AAAA,EACf,WAAW,6BAAM;AACf,eAAW,KAAK,gDAAgD;AAAA,EAClE,GAFW;AAAA,EAGX,iBAAiB,6BAAM;AAAA,EAAC,GAAP;AAAA,EACjB,YAAY,mCAAY;AACtB,eAAW,KAAK,iDAAiD;AACjE,WAAO,EAAE,SAAS,OAAO,SAAS,6BAA6B;AAAA,EACjE,GAHY;AAAA,EAIZ,WAAW,mCAAY;AACrB,eAAW,KAAK,gDAAgD;AAChE,WAAO,EAAE,SAAS,OAAO,SAAS,6BAA6B;AAAA,EACjE,GAHW;AAAA,EAIX,cAAc,mCAAY;AACxB,eAAW,KAAK,mDAAmD;AACnE,WAAO,EAAE,SAAS,OAAO,SAAS,6BAA6B;AAAA,EACjE,GAHc;AAAA,EAId,QAAQ,6BAAM;AACZ,eAAW,KAAK,6CAA6C;AAAA,EAC/D,GAFQ;AAAA,EAGR,iBAAiB,6BAAM;AAAA,EAAC,GAAP;AAAA,EACjB,gBAAgB,6BAAM,IAAN;AAAA,EAChB,kBAAkB,6BAAM;AAAA,EAAC,GAAP;AAAA,EAClB,gBAAgB,6BAAM,OAAN;AAAA,EAChB,eAAe,mCAAY;AACzB,eAAW,KAAK,oDAAoD;AACpE,WAAO,CAAC;AAAA,EACV,GAHe;AAAA,EAIf,cAAc,mCAAY;AACxB,eAAW,KAAK,mDAAmD;AACnE,WAAO,CAAC;AAAA,EACV,GAHc;AAIhB;AAQO,IAAM,UAAU,6BAAuB;AAC5C,QAAM,cAAU,2BAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACzB,QAAIC,cAAa,OAAO;AACtB,iBAAW,MAAM,8DAA8D;AAAA,IACjF;AACA,WAAO;AAAA,EACT;AACA,SAAO;AACT,GATuB;AAWvB,IAAO,sBAAQ;;;A2FtiBR,IAAM,gBAAgB,wBAAC,UAA2B;AACvD,QAAM,aAAa;AACnB,SAAO,WAAW,KAAK,KAAK;AAC9B,GAH6B;;;ACAtB,IAAM,kBAAkB,wBAAC,UAAuB;AACrD,MAAI,OAAO,UAAU,UAAU;AAC7B,WAAO;AAAA,EACT;AAEA,MAAI,OAAO,SAAS;AAClB,WAAO,MAAM;AAAA,EACf;AAEA,MAAI,OAAO,QAAQ;AACjB,WAAO,MAAM;AAAA,EACf;AAEA,MAAI,OAAO,UAAU,MAAM,QAAQ;AACjC,WAAO,MAAM,SAAS,KAAK;AAAA,EAC7B;AAEA,SAAO;AACT,GAlB+B;;;AC4BxB,SAAS,sBAAsB,GAAwB;AAC5D,MAAI,CAAC,EAAE,QAAS,QAAO;AACvB,MAAI,CAAC,EAAE,YAAa,QAAO;AAC3B,SAAO,EAAE,eAAe,EAAE,iBAAiB,CAAC,EAAE;AAChD;AAJgB;AAWT,SAAS,qBAAqB,GAAwB;AAC3D,SACE,EAAE,WACF,EAAE,eACF,CAAC,EAAE,eACH,CAAC,EAAE,mBACH,CAAC,EAAE;AAEP;AARgB;AAWT,SAAS,4BAA4B,GAAiE;AAC3G,SAAO,CAAC,EAAE,eAAe,EAAE;AAC7B;AAFgB;","names":["import_navigation","import_react","client","isBrowser","dpopEnabled","import_react","useNextRouter","isStaticBuild","import_navigation","import_react","import_react","import_react","validateIdentifier","import_react","import_consola","import_navigation","import_react","import_react","joinedValues","auth","auth","config","request","url","AnalyticsEvent","AnalyticsCategory","import_react","key","validateIdentifier","import_react","import_react","import_react","import_react","key","import_react","error","import_react","import_zod","import_mutation","import_zod","import_mutation","import_zod","import_swr","import_zod","import_zod","import_zod","import_mutation","import_zod","import_mutation","import_zod","import_mutation","import_zod","import_swr","import_zod","import_mutation","import_zod","import_zod","import_zod","useSWRMutation","import_mutation","import_zod","import_zod","import_zod","useSWRMutation","import_mutation","useSWRMutation","import_mutation","import_zod","import_mutation","import_mutation","useSWRMutation","import_swr","import_mutation","import_mutation","useSWRMutation","import_mutation","import_mutation","import_zod","import_zod","import_zod","import_zod","import_zod","import_zod","import_zod","import_zod","import_zod","import_zod","import_zod","import_zod","import_zod","import_zod","profileError","import_jsx_runtime","isBrowser"]}
1
+ {"version":3,"sources":["../src/auth/index.ts","../src/auth/constants.ts","../src/auth/context/AuthContext.tsx","../src/_api/generated/helpers/errors.ts","../src/_api/generated/helpers/auth.ts","../src/_api/generated/helpers/logger.ts","../src/auth/utils/env.ts","../src/log-control.ts","../src/auth/hooks/useSession.ts","../src/auth/hooks/useCfgRouter.ts","../src/auth/hooks/useQueryParams.ts","../src/auth/hooks/useAuthFormState.ts","../src/auth/hooks/useAuthValidation.ts","../src/auth/hooks/useAuthForm.ts","../src/auth/utils/logger.ts","../src/auth/hooks/useAutoAuth.ts","../src/auth/utils/path.ts","../src/auth/hooks/useTwoFactorVerify.ts","../src/_api/generated/core/bodySerializer.gen.ts","../src/_api/generated/core/params.gen.ts","../src/_api/generated/core/serverSentEvents.gen.ts","../src/_api/generated/core/pathSerializer.gen.ts","../src/_api/generated/core/utils.gen.ts","../src/_api/generated/core/auth.gen.ts","../src/_api/generated/client/utils.gen.ts","../src/_api/generated/client/client.gen.ts","../src/_api/generated/client.gen.ts","../src/_api/generated/sdk.gen.ts","../src/auth/utils/analytics.ts","../src/auth/hooks/useSessionStorage.ts","../src/auth/hooks/useAuthRedirect.ts","../src/auth/hooks/twoFactor.shared.ts","../src/auth/hooks/useGithubAuth.ts","../src/auth/hooks/useTwoFactorSetup.ts","../src/auth/hooks/useTwoFactorStatus.ts","../src/auth/hooks/useTwoFactor.ts","../src/auth/hooks/useLocalStorage.ts","../src/auth/hooks/useBase64.ts","../src/auth/hooks/useProfileCache.ts","../src/auth/hooks/useDeleteAccount.ts","../src/auth/context/AccountsContext.tsx","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsApiKeyRegenerateCreate.ts","../src/_api/generated/_cfg_accounts/schemas/APIKeyRegenerate.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsApiKeyRetrieve.ts","../src/_api/generated/_cfg_accounts/schemas/APIKey.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsApiKeyRevealCreate.ts","../src/_api/generated/_cfg_accounts/schemas/APIKeyReveal.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsApiKeyTestCreate.ts","../src/_api/generated/_cfg_accounts/schemas/APIKeyTestResult.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsOauthConnectionsList.ts","../src/_api/generated/_cfg_accounts/schemas/cfg_accounts_oauth_connections_response_200_AutoRef.ts","../src/_api/generated/_cfg_accounts/schemas/OAuthConnection.ts","../src/_api/generated/_cfg_accounts/schemas/OAuthProviderEnum.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsOauthDisconnectCreate.ts","../src/_api/generated/_cfg_accounts/schemas/cfg_accounts_oauth_disconnect_response_200_AutoRef.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsOauthGithubAuthorizeCreate.ts","../src/_api/generated/_cfg_accounts/schemas/OAuthAuthorizeResponse.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsOauthGithubCallbackCreate.ts","../src/_api/generated/_cfg_accounts/schemas/OAuthTokenResponse.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsOauthProvidersRetrieve.ts","../src/_api/generated/_cfg_accounts/schemas/OAuthProvidersResponse.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsOtpRequestCreate.ts","../src/_api/generated/_cfg_accounts/schemas/OTPRequestResponse.ts","../src/_api/generated/_cfg_accounts/schemas/WebmailLink.ts","../src/_api/generated/_cfg_accounts/schemas/WebmailLinkProviderEnum.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsOtpVerifyCreate.ts","../src/_api/generated/_cfg_accounts/schemas/OTPVerifyResponse.ts","../src/_api/generated/_cfg_accounts/schemas/User.ts","../src/_api/generated/_cfg_accounts/schemas/CentrifugoToken.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsProfileAvatarCreate.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsProfileDeleteCreate.ts","../src/_api/generated/_cfg_accounts/schemas/AccountDeleteResponse.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsProfilePartialPartialUpdate.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsProfilePartialUpdate.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsProfileRetrieve.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsProfileUpdatePartialUpdate.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsProfileUpdateUpdate.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsTokenBlacklistCreate.ts","../src/_api/generated/_cfg_accounts/hooks/useCfgAccountsTokenRefreshCreate.ts","../src/_api/generated/_cfg_accounts/schemas/TokenRefresh.ts","../src/_api/generated/_cfg_accounts/schemas/APIKeyRequest.ts","../src/_api/generated/_cfg_accounts/schemas/APIKeyTestRequest.ts","../src/_api/generated/_cfg_accounts/schemas/CfgUserUpdateRequest.ts","../src/_api/generated/_cfg_accounts/schemas/OAuthAuthorizeRequestRequest.ts","../src/_api/generated/_cfg_accounts/schemas/OAuthCallbackRequestRequest.ts","../src/_api/generated/_cfg_accounts/schemas/OAuthDisconnectRequestRequest.ts","../src/_api/generated/_cfg_accounts/schemas/OAuthError.ts","../src/_api/generated/_cfg_accounts/schemas/OTPErrorResponse.ts","../src/_api/generated/_cfg_accounts/schemas/OTPRequestRequest.ts","../src/_api/generated/_cfg_accounts/schemas/OTPVerifyRequest.ts","../src/_api/generated/_cfg_accounts/schemas/PatchedCfgUserUpdateRequest.ts","../src/_api/generated/_cfg_accounts/schemas/TokenBlacklistRequest.ts","../src/_api/generated/_cfg_accounts/schemas/TokenRefreshRequest.ts","../src/auth/utils/validation.ts","../src/auth/utils/errors.ts","../src/auth/utils/guard.ts"],"sourcesContent":["/**\n * @djangocfg/api/auth\n *\n * Authentication module with contexts, hooks and utilities.\n * Use this entry point in client components.\n *\n * @example\n * ```tsx\n * 'use client';\n * import { AuthProvider, useAuth } from '@djangocfg/api/auth';\n *\n * export function MyApp({ children }) {\n * return (\n * <AuthProvider>\n * {children}\n * </AuthProvider>\n * );\n * }\n *\n * export function Profile() {\n * const { user, logout } = useAuth();\n * return <div>{user?.email}</div>;\n * }\n * ```\n */\n\n// Constants\nexport * from './constants';\n\n// Contexts\nexport * from './context';\n\n// Hooks\nexport * from './hooks';\n\n// Types (single source of truth)\nexport * from './types';\n\n// Utils (validation, errors, analytics)\nexport * from './utils';\n","/**\n * Auth-related constants shared across the frontend.\n * Single source of truth — do not redefine these elsewhere.\n */\n\nexport const AUTH_CONSTANTS = {\n /** Email OTP code length (numeric). */\n EMAIL_OTP_LENGTH: 4,\n /** TOTP code length (RFC 6238 — authenticator apps). */\n TOTP_LENGTH: 6,\n /** Backup code max length. */\n BACKUP_CODE_MAX_LENGTH: 12,\n} as const;\n\n// Route conventions are NOT exported here on purpose. The '/auth' and '/'\n// defaults are applied in exactly one place — AuthProvider's route resolution\n// — and every consumer reads the resolved values from `useAuth().routes`.\n// Exporting route constants invites components to default to them directly,\n// which silently diverges from an app's AuthConfig.routes override.\n","'use client';\n\n/**\n * AuthProvider — thin React layer over the generated auth store.\n *\n * Architecture rule (auth v2): the generated store (`_api/generated/helpers/auth`)\n * is the ONLY auth engine. It owns tokens, JWT-exp semantics, the reactive\n * session snapshot, 401→refresh→retry recovery (cross-store Web-Locks), and\n * the terminal-401 `onSessionExpired` event. React only:\n * 1. subscribes to the snapshot (`useSyncExternalStore`),\n * 2. loads the user profile when a session exists,\n * 3. routes to login when the store says the session died,\n * 4. exposes login/logout actions.\n *\n * Everything that used to live here — authTick, expiry timers, four parallel\n * 401 handlers, presence-vs-exp token checks — is the store's job now.\n */\n\nimport { usePathname } from 'next/navigation';\nimport React, {\n createContext,\n memo,\n useCallback,\n useContext,\n useEffect,\n useMemo,\n useRef,\n useState,\n} from 'react';\n\nimport { auth } from '../../_api/generated/helpers/auth';\nimport { APIError } from '../../_api/generated/helpers';\nimport { applyRoleLogPolicy } from '../../log-control';\nimport { useCfgRouter, useLocalStorage, useQueryParams, useSession } from '../hooks';\nimport { clearProfileCache } from '../hooks/useProfileCache';\nimport { useAuthRedirectManager } from '../hooks/useAuthRedirect';\nimport { Analytics, AnalyticsCategory, AnalyticsEvent } from '../utils/analytics';\nimport { isDev, isBrowser } from '../utils/env';\nimport { authLogger } from '../utils/logger';\nimport { AccountsProvider, useAccountsContext } from './AccountsContext';\n\nimport type { AuthContextType, AuthProviderProps, UserProfile } from './types';\nimport type { OTPRequestResult } from '../types';\n\n// The ONLY place route conventions are declared. '/auth' is the sign-in page\n// convention; the framework has no opinion about where an app's \"home\" is, so\n// the callback default is the site root. Apps override via AuthConfig.routes;\n// everything downstream reads the RESOLVED values from `useAuth().routes`.\nconst defaultRoutes = {\n auth: '/auth',\n defaultCallback: '/',\n defaultAuthCallback: '/auth',\n};\n\n/** Resolve AuthConfig.routes against the conventions — applied exactly once. */\nexport const resolveAuthRoutes = (\n routes?: { auth?: string; defaultCallback?: string; defaultAuthCallback?: string },\n) => ({\n auth: routes?.auth || defaultRoutes.auth,\n defaultCallback: routes?.defaultCallback || defaultRoutes.defaultCallback,\n defaultAuthCallback: routes?.defaultAuthCallback || routes?.auth || defaultRoutes.defaultAuthCallback,\n});\n\nconst EMAIL_STORAGE_KEY = 'auth_email';\n\nconst AuthContext = createContext<AuthContextType | undefined>(undefined);\n\n/** Extract a user-facing message from an APIError response body. */\nconst apiErrorMessage = (error: APIError): string => {\n const body = error.response as\n | { error?: string; detail?: string; message?: string }\n | undefined;\n return body?.error || body?.detail || body?.message || error.errorMessage;\n};\n\nconst AuthProviderInternal: React.FC<AuthProviderProps> = ({ children, config }) => {\n const accounts = useAccountsContext();\n const session = useSession();\n const isAuthenticated = session.status === 'authenticated';\n\n const router = useCfgRouter();\n const pathname = usePathname();\n const queryParams = useQueryParams();\n const [storedEmail, setStoredEmail, clearStoredEmail] = useLocalStorage<string | null>(\n EMAIL_STORAGE_KEY,\n null,\n );\n\n // Resolved once; every consumer below (and, via context, every component)\n // reads these — never the raw config and never a module constant.\n const routes = useMemo(() => resolveAuthRoutes(config?.routes), [config?.routes]);\n const routesRef = useRef(routes);\n useEffect(() => {\n routesRef.current = routes;\n }, [routes]);\n\n const redirectManager = useAuthRedirectManager({\n fallbackUrl: routes.defaultCallback,\n clearOnUse: true,\n });\n\n const configRef = useRef(config);\n useEffect(() => {\n configRef.current = config;\n }, [config]);\n\n const accountsRef = useRef(accounts);\n useEffect(() => {\n accountsRef.current = accounts;\n }, [accounts]);\n\n // Set when a login flow opts out of automatic navigation (verifyOTP with\n // skipRedirect — the AuthLayout success screen owns the final hardPush,\n // including through a 2FA continuation). While set, the \"redirect\n // authenticated users away from /auth\" effect must stand down, otherwise it\n // races the success screen and eats the saved back-url.\n const pendingManualNavRef = useRef(false);\n\n // ── Bootstrap: settle the profile for the current session ─────────────────\n // The session itself needs no async bootstrap — the store answers\n // synchronously from token `exp`. The only async part is the profile fetch,\n // and it re-runs automatically when a session appears later (e.g. iframe\n // token delivery via postMessage → setSession → snapshot flips).\n const [profileSettled, setProfileSettled] = useState(false);\n const hasProfile = Boolean(accounts.profile);\n const profileAttemptedRef = useRef(false);\n\n useEffect(() => {\n if (!isAuthenticated) {\n profileAttemptedRef.current = false;\n // Dead tokens may still sit in storage (access AND refresh both\n // expired). Purge so the login form shows instantly instead of the app\n // firing doomed API calls — the automated \"clear localStorage and the\n // form appears\".\n //\n // CRITICAL: ask the STORE synchronously, never trust the React snapshot\n // here. During hydration useSyncExternalStore serves the SERVER snapshot\n // ('anonymous') for one commit even when perfectly live tokens sit in\n // storage — purging on that stale value nuked fresh logins (user typed\n // OTP → tokens saved → hardPush → hydration commit saw 'anonymous' →\n // tokens cleared → bounced back to /auth).\n const hasTokens = Boolean(auth.getToken() || auth.getRefreshToken());\n if (hasTokens && !auth.isAuthenticated()) {\n authLogger.warn('Dead session in storage — clearing');\n auth.clearSession();\n clearProfileCache();\n }\n setProfileSettled(true);\n return;\n }\n if (hasProfile || profileAttemptedRef.current) {\n setProfileSettled(true);\n return;\n }\n profileAttemptedRef.current = true;\n let cancelled = false;\n accountsRef.current\n .refreshProfile({ callerId: 'AuthProvider:bootstrap' })\n .catch((error: unknown) => {\n // A terminal 401 collapses the session via the store's\n // onSessionExpired funnel below. Anything else (network, 5xx) keeps\n // the session — the user can retry.\n authLogger.warn('Profile load failed (session kept):', error);\n })\n .finally(() => {\n if (!cancelled) setProfileSettled(true);\n });\n return () => {\n cancelled = true;\n };\n }, [isAuthenticated, hasProfile]);\n\n const isLoading = !profileSettled;\n\n // ── The ONE exit: terminal 401 → login ─────────────────────────────────────\n // The store has already cleared the session before this fires (subscribers\n // flipped to 'anonymous'), so the handler only routes. Registration returns\n // its own unsubscribe — StrictMode double-mounts compose instead of racing.\n const expiredHandledRef = useRef(false);\n useEffect(() => {\n const unsubscribe = auth.onSessionExpired(() => {\n if (expiredHandledRef.current) return;\n expiredHandledRef.current = true;\n authLogger.warn('Session expired (terminal 401) — redirecting to login');\n clearProfileCache();\n Analytics.event(AnalyticsEvent.AUTH_SESSION_EXPIRED, {\n category: AnalyticsCategory.AUTH,\n });\n router.hardReplace(routesRef.current.defaultAuthCallback);\n });\n return unsubscribe;\n }, [router]);\n\n // ── Redirect authenticated users away from the auth page ──────────────────\n // Stands down while a login flow on this page owns navigation (success\n // screen / 2FA continuation — see pendingManualNavRef). When it does fire\n // (an already-authenticated user landing on /auth), it honors the saved\n // back-url with the same priority rule as every other consumer.\n useEffect(() => {\n if (!isAuthenticated || pendingManualNavRef.current) return;\n if (pathname === routes.auth && !queryParams.get('flow')) {\n const saved = redirectManager.hasRedirect() ? redirectManager.getRedirect() : null;\n if (saved) redirectManager.clearRedirect();\n router.push(saved || routes.defaultCallback);\n }\n }, [isAuthenticated, pathname, queryParams, routes, router, redirectManager]);\n\n // ── Profile actions (delegated to AccountsContext) ─────────────────────────\n\n const loadCurrentProfile = useCallback(async (callerId?: string): Promise<void> => {\n if (!auth.isAuthenticated()) {\n throw new Error('No valid authentication token');\n }\n await accountsRef.current.refreshProfile({\n callerId: callerId || 'AuthContext.loadCurrentProfile',\n });\n }, []);\n\n const checkAuthAndRedirect = useCallback(async (): Promise<void> => {\n if (auth.isAuthenticated()) {\n try {\n await loadCurrentProfile('checkAuthAndRedirect');\n } catch (error) {\n authLogger.warn('checkAuthAndRedirect: profile load failed', error);\n }\n router.push(routesRef.current.defaultCallback);\n } else {\n router.push(routesRef.current.defaultAuthCallback);\n }\n }, [loadCurrentProfile, router]);\n\n // ── OTP login flow ─────────────────────────────────────────────────────────\n\n const requestOTP = useCallback(\n async (identifier: string, sourceUrl?: string): Promise<OTPRequestResult> => {\n // A login attempt invalidates whatever session was lying around.\n auth.clearSession();\n\n try {\n const result = await accountsRef.current.requestOTP({\n identifier,\n source_url: sourceUrl,\n });\n\n Analytics.event(AnalyticsEvent.AUTH_OTP_REQUEST, {\n category: AnalyticsCategory.AUTH,\n label: 'email',\n });\n\n return {\n success: true,\n message: result.message || 'OTP code sent to your email address',\n webmail: result.webmail ?? null,\n };\n } catch (error) {\n authLogger.error('Request OTP error:', error);\n\n if (error instanceof APIError) {\n const body = error.response as\n | { retry_after?: number; retryAfter?: number }\n | undefined;\n const retryAfter = body?.retry_after ?? body?.retryAfter;\n return {\n success: false,\n statusCode: error.statusCode,\n message: apiErrorMessage(error),\n retryAfter: typeof retryAfter === 'number' ? retryAfter : undefined,\n };\n }\n return { success: false, message: 'Failed to send OTP' };\n }\n },\n [],\n );\n\n const verifyOTP = useCallback(\n async (\n identifier: string,\n otpCode: string,\n sourceUrl?: string,\n redirectUrl?: string,\n skipRedirect?: boolean,\n ): Promise<{\n success: boolean;\n message: string;\n user?: UserProfile;\n requires_2fa?: boolean;\n session_id?: string | null;\n should_prompt_2fa?: boolean;\n }> => {\n try {\n // The caller opting out of redirect commits to handling ALL navigation\n // for this login — including the 2FA continuation and success screen.\n pendingManualNavRef.current = Boolean(skipRedirect);\n\n const result = await accountsRef.current.verifyOTP({\n identifier,\n otp: otpCode,\n source_url: sourceUrl,\n });\n\n if (result.requires_2fa && result.session_id) {\n authLogger.info('2FA required, session:', result.session_id);\n return {\n success: true,\n message: 'OTP verified, 2FA required',\n requires_2fa: true,\n session_id: result.session_id,\n should_prompt_2fa: result.should_prompt_2fa,\n };\n }\n\n if (!result.access || !result.refresh) {\n authLogger.error('Verify OTP returned invalid response:', result);\n return { success: false, message: 'Invalid OTP verification response' };\n }\n\n if (identifier.includes('@')) {\n setStoredEmail(identifier);\n }\n\n Analytics.event(AnalyticsEvent.AUTH_LOGIN_SUCCESS, {\n category: AnalyticsCategory.AUTH,\n label: 'email',\n });\n if (result.user?.id) {\n Analytics.setUser(String(result.user.id));\n }\n\n if (!skipRedirect) {\n // Priority: saved back-url (per-visit intent from the guard) >\n // explicit redirectUrl (static app default) > config default.\n // hardPush = full page load so every context reinitializes cleanly.\n const saved = redirectManager.hasRedirect() ? redirectManager.getRedirect() : null;\n if (saved) redirectManager.clearRedirect();\n const finalRedirectUrl = saved || redirectUrl || routesRef.current.defaultCallback;\n authLogger.info('Redirecting after auth to:', finalRedirectUrl);\n router.hardPush(finalRedirectUrl);\n }\n\n return {\n success: true,\n message: 'Login successful',\n user: result.user as UserProfile,\n should_prompt_2fa: result.should_prompt_2fa,\n };\n } catch (error) {\n authLogger.error('Verify OTP error:', error);\n Analytics.event(AnalyticsEvent.AUTH_OTP_VERIFY_FAIL, {\n category: AnalyticsCategory.AUTH,\n label: 'email',\n });\n if (error instanceof APIError) {\n return { success: false, message: apiErrorMessage(error) };\n }\n return { success: false, message: 'Failed to verify OTP' };\n }\n },\n [setStoredEmail, redirectManager, router],\n );\n\n // ── Session actions ────────────────────────────────────────────────────────\n\n const refreshToken = useCallback(async (): Promise<{ success: boolean; message: string }> => {\n // Same single-flight + Web-Locks path as the 401 interceptor — rotation,\n // dedup and rotated-token persistence come for free.\n const access = await auth.refreshNow();\n if (access) {\n Analytics.event(AnalyticsEvent.AUTH_TOKEN_REFRESH, {\n category: AnalyticsCategory.AUTH,\n });\n return { success: true, message: 'Token refreshed' };\n }\n Analytics.event(AnalyticsEvent.AUTH_TOKEN_REFRESH_FAIL, {\n category: AnalyticsCategory.AUTH,\n });\n return { success: false, message: 'Error refreshing token' };\n }, []);\n\n const logout = useCallback((): void => {\n Analytics.event(AnalyticsEvent.AUTH_LOGOUT, {\n category: AnalyticsCategory.AUTH,\n });\n accountsRef.current.logout(); // clears session + profile + cache\n // hardReplace = full reload + history replace, so contexts reinitialize\n // and Back doesn't return to a protected page.\n router.hardReplace(routesRef.current.defaultAuthCallback);\n }, [router]);\n\n // ── Derived state ──────────────────────────────────────────────────────────\n\n const user = (accounts.profile as UserProfile | undefined) ?? null;\n const isAdminUser = Boolean(user?.is_staff || user?.is_superuser);\n\n // Role-aware console verbosity: admins (and dev) get debug logs, regular\n // users in production get a clean console.\n useEffect(() => {\n applyRoleLogPolicy({ isAdmin: isAdminUser });\n }, [isAdminUser]);\n\n const updateProfile = useCallback(\n async (data: {\n first_name?: string;\n last_name?: string;\n username?: string;\n }): Promise<UserProfile> => {\n const result = await accountsRef.current.partialUpdateProfile(data);\n return result as UserProfile;\n },\n [],\n );\n\n const uploadAvatar = useCallback(async (avatar: File | Blob): Promise<UserProfile> => {\n const result = await accountsRef.current.uploadAvatar(avatar);\n return result as UserProfile;\n }, []);\n\n const value = useMemo<AuthContextType>(\n () => ({\n user,\n isLoading,\n // Reactive: flips via the store snapshot (token writes, refreshes,\n // expiry timer, cross-tab/cross-store sync) — no ticks, no polling.\n isAuthenticated,\n isAdminUser,\n routes,\n loadCurrentProfile,\n checkAuthAndRedirect,\n getToken: () => auth.getToken(),\n getRefreshToken: () => auth.getRefreshToken(),\n getSavedEmail: () => storedEmail,\n saveEmail: setStoredEmail,\n clearSavedEmail: clearStoredEmail,\n requestOTP,\n verifyOTP,\n refreshToken,\n logout,\n saveRedirectUrl: redirectManager.setRedirect,\n getRedirectUrl: redirectManager.getFinalRedirectUrl,\n clearRedirectUrl: redirectManager.clearRedirect,\n hasRedirectUrl: redirectManager.hasRedirect,\n updateProfile,\n uploadAvatar,\n }),\n [\n user,\n isLoading,\n isAuthenticated,\n isAdminUser,\n routes,\n loadCurrentProfile,\n checkAuthAndRedirect,\n storedEmail,\n setStoredEmail,\n clearStoredEmail,\n requestOTP,\n verifyOTP,\n refreshToken,\n logout,\n redirectManager,\n updateProfile,\n uploadAvatar,\n ],\n );\n\n return <AuthContext.Provider value={value}>{children}</AuthContext.Provider>;\n};\n\n/**\n * AuthProvider — wraps AccountsProvider + AuthProviderInternal.\n *\n * Memoised: re-renders only when `config` reference or `children` change.\n */\nfunction AuthProviderRaw({ children, config, enabled = true }: AuthProviderProps) {\n if (!enabled) return <>{children}</>;\n return (\n <AccountsProvider>\n <AuthProviderInternal config={config}>{children}</AuthProviderInternal>\n </AccountsProvider>\n );\n}\n\nexport const AuthProvider = memo(AuthProviderRaw);\n\n/**\n * Default auth state for SSR/outside provider.\n * Safe defaults that read as \"not authenticated, not loading\".\n */\nconst defaultAuthState: AuthContextType = {\n user: null,\n isLoading: false,\n isAuthenticated: false,\n isAdminUser: false,\n routes: resolveAuthRoutes(),\n loadCurrentProfile: async () => {\n authLogger.warn('useAuth: loadCurrentProfile called outside AuthProvider');\n },\n checkAuthAndRedirect: async () => {\n authLogger.warn('useAuth: checkAuthAndRedirect called outside AuthProvider');\n },\n getToken: () => null,\n getRefreshToken: () => null,\n getSavedEmail: () => null,\n saveEmail: () => {\n authLogger.warn('useAuth: saveEmail called outside AuthProvider');\n },\n clearSavedEmail: () => {},\n requestOTP: async () => {\n authLogger.warn('useAuth: requestOTP called outside AuthProvider');\n return { success: false, message: 'AuthProvider not available' };\n },\n verifyOTP: async () => {\n authLogger.warn('useAuth: verifyOTP called outside AuthProvider');\n return { success: false, message: 'AuthProvider not available' };\n },\n refreshToken: async () => {\n authLogger.warn('useAuth: refreshToken called outside AuthProvider');\n return { success: false, message: 'AuthProvider not available' };\n },\n logout: () => {\n authLogger.warn('useAuth: logout called outside AuthProvider');\n },\n saveRedirectUrl: () => {},\n getRedirectUrl: () => '',\n clearRedirectUrl: () => {},\n hasRedirectUrl: () => false,\n updateProfile: async () => {\n authLogger.warn('useAuth: updateProfile called outside AuthProvider');\n return {} as UserProfile;\n },\n uploadAvatar: async () => {\n authLogger.warn('useAuth: uploadAvatar called outside AuthProvider');\n return {} as UserProfile;\n },\n};\n\n/**\n * Hook to access auth context.\n *\n * SSR-safe: returns default unauthenticated state when called outside\n * AuthProvider (e.g. during static page generation).\n */\nexport const useAuth = (): AuthContextType => {\n const context = useContext(AuthContext);\n if (context === undefined) {\n if (isBrowser && isDev) {\n authLogger.debug('useAuth called outside AuthProvider, returning default state');\n }\n return defaultAuthState;\n }\n return context;\n};\n\nexport default AuthContext;\n","// AUTO-GENERATED by django_generator / ts_extras.wrapper\n// Typed error classes with DRF field-error support.\n// DO NOT EDIT — re-run `make gen`.\n\n/**\n * HTTP API Error with DRF field-specific validation errors.\n */\nexport class APIError extends Error {\n constructor(\n public statusCode: number,\n public statusText: string,\n public response: any,\n public url: string,\n message?: string,\n ) {\n super(message || `HTTP ${statusCode}: ${statusText}`);\n this.name = \"APIError\";\n }\n\n get details(): Record<string, any> | null {\n if (typeof this.response === \"object\" && this.response !== null) {\n return this.response;\n }\n return null;\n }\n\n get fieldErrors(): Record<string, string[]> | null {\n const details = this.details;\n if (!details) return null;\n const fieldErrors: Record<string, string[]> = {};\n for (const [key, value] of Object.entries(details)) {\n if (Array.isArray(value)) fieldErrors[key] = value;\n }\n return Object.keys(fieldErrors).length > 0 ? fieldErrors : null;\n }\n\n get errorMessage(): string {\n const details = this.details;\n if (!details) return this.message;\n if (details.detail) {\n return Array.isArray(details.detail) ? details.detail.join(\", \") : String(details.detail);\n }\n if (details.error) return String(details.error);\n if (details.message) return String(details.message);\n const fieldErrors = this.fieldErrors;\n if (fieldErrors) {\n const firstField = Object.keys(fieldErrors)[0];\n if (firstField) return `${firstField}: ${fieldErrors[firstField]?.join(\", \")}`;\n }\n return this.message;\n }\n\n get isValidationError(): boolean { return this.statusCode === 400; }\n get isAuthError(): boolean { return this.statusCode === 401; }\n get isPermissionError(): boolean { return this.statusCode === 403; }\n get isNotFoundError(): boolean { return this.statusCode === 404; }\n get isServerError(): boolean { return this.statusCode >= 500 && this.statusCode < 600; }\n}\n\n/** Network Error (connection failed, timeout, etc.) */\nexport class NetworkError extends Error {\n constructor(\n message: string,\n public url: string,\n public originalError?: Error,\n ) {\n super(message);\n this.name = \"NetworkError\";\n }\n}\n","// AUTO-GENERATED by django_generator / ts_extras.wrapper\n// Global auth store. Wired into the shared `client` from `client.gen.ts`\n// via `installAuthOnClient(client)` — called synchronously by the\n// post-processed bottom of client.gen.ts. No circular import here.\n// DO NOT EDIT — re-run `make gen`.\n\nimport { APIError } from './errors';\n\nconst ACCESS_KEY = 'cfg.access_token';\nconst REFRESH_KEY = 'cfg.refresh_token';\nconst API_KEY_KEY = 'cfg.api_key';\n\nconst isBrowser = typeof window !== 'undefined';\n\nexport type StorageMode = 'localStorage' | 'cookie';\n\n// ── Storage backends (browser-only; server-side reads return null) ─────────\n\ninterface KVStore {\n get(key: string): string | null;\n set(key: string, value: string | null): void;\n}\n\nconst localStorageBackend: KVStore = {\n get(key) {\n if (!isBrowser) return null;\n try { return window.localStorage.getItem(key); } catch { return null; }\n },\n set(key, value) {\n if (!isBrowser) return;\n try {\n if (value === null) window.localStorage.removeItem(key);\n else window.localStorage.setItem(key, value);\n } catch {}\n },\n};\n\n/** 30 days, matches typical refresh-token lifetime. */\nconst COOKIE_MAX_AGE = 60 * 60 * 24 * 30;\n\nconst cookieBackend: KVStore = {\n get(key) {\n if (!isBrowser) return null;\n try {\n const re = new RegExp(`(?:^|;\\\\s*)${encodeURIComponent(key)}=([^;]*)`);\n const m = document.cookie.match(re);\n return m ? decodeURIComponent(m[1]) : null;\n } catch { return null; }\n },\n set(key, value) {\n if (!isBrowser) return;\n try {\n const k = encodeURIComponent(key);\n const secure = window.location.protocol === 'https:' ? '; Secure' : '';\n if (value === null) {\n document.cookie = `${k}=; Path=/; Max-Age=0; SameSite=Lax${secure}`;\n } else {\n const v = encodeURIComponent(value);\n document.cookie = `${k}=${v}; Path=/; Max-Age=${COOKIE_MAX_AGE}; SameSite=Lax${secure}`;\n }\n } catch {}\n },\n};\n\nlet _storage: KVStore = localStorageBackend;\nlet _storageMode: StorageMode = 'localStorage';\n\n/** Detect locale from `NEXT_LOCALE` cookie or `navigator.language`. */\nfunction detectLocale(): string | null {\n try {\n if (typeof document !== 'undefined') {\n const m = document.cookie.match(/(?:^|;\\s*)NEXT_LOCALE=([^;]*)/);\n if (m) return decodeURIComponent(m[1]);\n }\n if (typeof navigator !== 'undefined' && navigator.language) {\n return navigator.language;\n }\n } catch {}\n return null;\n}\n\n/** Default baseUrl.\n *\n * Browser: uses NEXT_PUBLIC_API_PROXY_URL if set (empty string = same-origin\n * Next.js proxy), otherwise falls back to NEXT_PUBLIC_API_URL directly.\n * Set NEXT_PUBLIC_API_PROXY_URL='' in apps that proxy /apix/* via Next.js\n * Route Handler; leave it unset in apps that hit Django directly.\n *\n * Server (SSR / RSC / Edge): use NEXT_PUBLIC_API_URL so server-side fetch\n * reaches Django directly (proxy is a same-origin HTTP round-trip on server).\n */\nfunction defaultBaseUrl(): string {\n if (typeof window !== 'undefined') {\n try {\n if (typeof process !== 'undefined' && process.env) {\n if (process.env.NEXT_PUBLIC_STATIC_BUILD === 'true') return '';\n // NEXT_PUBLIC_API_PROXY_URL='' means same-origin proxy (e.g. /apix/* route handler).\n // Next.js inlines defined vars as their value; undefined means the var was not set.\n if (process.env.NEXT_PUBLIC_API_PROXY_URL !== undefined)\n return process.env.NEXT_PUBLIC_API_PROXY_URL;\n return process.env.NEXT_PUBLIC_API_URL || '';\n }\n } catch {}\n return '';\n }\n try {\n if (typeof process !== 'undefined' && process.env) {\n if (process.env.NEXT_PUBLIC_STATIC_BUILD === 'true') return '';\n return process.env.NEXT_PUBLIC_API_URL || '';\n }\n } catch {}\n return '';\n}\n\n/** Default API key fallback from `NEXT_PUBLIC_API_KEY`.\n *\n * Both browser and server: if NEXT_PUBLIC_API_KEY is set it is used as a\n * global fallback (e.g. a public demo key). When not set, returns null so\n * per-request keys passed via options.headers take effect unobstructed.\n */\nfunction defaultApiKey(): string | null {\n try {\n if (typeof process !== 'undefined' && process.env?.NEXT_PUBLIC_API_KEY) {\n return process.env.NEXT_PUBLIC_API_KEY;\n }\n } catch {}\n return null;\n}\n\n// ── In-memory overrides (win over storage / env) ───────────────────────────\nlet _localeOverride: string | null = null;\nlet _apiKeyOverride: string | null = null;\nlet _baseUrlOverride: string | null = null;\nlet _withCredentials = true;\nlet _onUnauthorized: ((response: Response) => void) | null = null;\n\n/**\n * User-supplied refresh handler. Receives the current refresh token,\n * must return a fresh access (and optional refresh) pair or null on failure.\n * Set once at app bootstrap via `auth.setRefreshHandler(...)`.\n */\ntype RefreshResult = { access: string; refresh?: string } | null;\ntype RefreshHandler = (refreshToken: string) => Promise<RefreshResult>;\nlet _refreshHandler: RefreshHandler | null = null;\n\n/** Single-flight: every concurrent 401 awaits the same refresh. */\nlet _refreshInflight: Promise<string | null> | null = null;\n\n/** Marker header — set on retried requests so we never loop on 401. */\nconst RETRY_MARKER = 'X-Auth-Retry';\n\n// ── Reactive session snapshot ───────────────────────────────────────────────\n//\n// The store is the single source of truth for \"am I logged in\". React (or any\n// listener) subscribes via `auth.subscribe` + `auth.getSnapshot` — designed to\n// plug straight into `useSyncExternalStore`. The snapshot flips automatically\n// on: token writes, refresh success/failure, cross-tab storage events, and an\n// internal timer armed to the next JWT `exp` boundary.\n\nexport type SessionStatus = 'authenticated' | 'anonymous';\n\nexport type SessionSnapshot = {\n /** 'authenticated' = a live access token OR a live refresh token exists. */\n status: SessionStatus;\n /** ms-epoch expiry of the current access token (null: no token / no exp). */\n accessExpiresAt: number | null;\n};\n\n/** Decode a JWT `exp` claim to ms epoch. Null on any malformed input. */\nfunction jwtExpMs(token: string): number | null {\n try {\n const payload = token.split('.')[1];\n if (!payload) return null;\n const json = JSON.parse(atob(payload.replace(/-/g, '+').replace(/_/g, '/')));\n return typeof json.exp === 'number' ? json.exp * 1000 : null;\n } catch { return null; }\n}\n\nfunction computeSnapshot(): SessionSnapshot {\n const access = _storage.get(ACCESS_KEY);\n const refresh = _storage.get(REFRESH_KEY);\n const now = Date.now();\n const accessExp = access ? jwtExpMs(access) : null;\n const accessAlive = access !== null && (accessExp === null || accessExp > now);\n const refreshExp = refresh ? jwtExpMs(refresh) : null;\n const refreshAlive = refresh !== null && (refreshExp === null || refreshExp > now);\n return {\n status: accessAlive || refreshAlive ? 'authenticated' : 'anonymous',\n accessExpiresAt: accessExp,\n };\n}\n\n/** Stable object for SSR — `useSyncExternalStore` needs referential equality. */\nconst SERVER_SNAPSHOT: SessionSnapshot = { status: 'anonymous', accessExpiresAt: null };\n\n/** Same-tab, cross-store sync channel. An app can host several copies of this\n * generated store (separate JS modules) sharing the same storage keys; the\n * `storage` event only fires in OTHER tabs, so a window event bridges them\n * synchronously within the tab (login in one store flips all of them). */\nconst SESSION_SYNC_EVENT = `cfg-auth:changed:${ACCESS_KEY}`;\n\nlet _snapshot: SessionSnapshot = computeSnapshot();\nconst _sessionListeners = new Set<() => void>();\nlet _expiryTimer: ReturnType<typeof setTimeout> | null = null;\nlet _storageListenerInstalled = false;\n\n/** Re-arm the timer that flips the snapshot exactly when a token expires. */\nfunction scheduleExpiryFlip(): void {\n if (!isBrowser) return;\n if (_expiryTimer !== null) { clearTimeout(_expiryTimer); _expiryTimer = null; }\n if (_sessionListeners.size === 0) return;\n const now = Date.now();\n const exps: number[] = [];\n const access = _storage.get(ACCESS_KEY);\n const refresh = _storage.get(REFRESH_KEY);\n const accessExp = access ? jwtExpMs(access) : null;\n const refreshExp = refresh ? jwtExpMs(refresh) : null;\n if (accessExp !== null && accessExp > now) exps.push(accessExp);\n if (refreshExp !== null && refreshExp > now) exps.push(refreshExp);\n if (!exps.length) return;\n // +250ms grace so the token is REALLY expired when we flip; clamp to the\n // max signed-32-bit setTimeout delay (~24.8 days).\n const delay = Math.min(Math.min(...exps) - now + 250, 0x7fffffff);\n _expiryTimer = setTimeout(notifySessionChanged, delay);\n}\n\n/** Recompute the snapshot; notify subscribers only when it actually changed. */\nfunction notifySessionChanged(): void {\n const next = computeSnapshot();\n const changed =\n next.status !== _snapshot.status ||\n next.accessExpiresAt !== _snapshot.accessExpiresAt;\n if (changed) _snapshot = next;\n scheduleExpiryFlip();\n if (!changed) return;\n for (const listener of Array.from(_sessionListeners)) {\n try { listener(); } catch {}\n }\n // Wake sibling stores in this tab. Re-entrant but convergent: a store that\n // recomputes to the SAME snapshot doesn't re-dispatch, so the cascade stops\n // after every store has caught up.\n if (isBrowser) {\n try { window.dispatchEvent(new Event(SESSION_SYNC_EVENT)); } catch {}\n }\n}\n\n/** Cross-tab + cross-store sync — `storage` events only fire in OTHER tabs;\n * the window event covers sibling stores in THIS tab. Either way a login or\n * logout anywhere flips every snapshot reading the same keys. */\nfunction ensureStorageSync(): void {\n if (!isBrowser || _storageListenerInstalled) return;\n _storageListenerInstalled = true;\n window.addEventListener('storage', (e) => {\n if (e.key === null || e.key === ACCESS_KEY || e.key === REFRESH_KEY) {\n notifySessionChanged();\n }\n });\n window.addEventListener(SESSION_SYNC_EVENT, () => notifySessionChanged());\n}\n\n/**\n * Terminal-401 subscribers. Unlike the single `onUnauthorized` slot these\n * compose: each registration returns its own unsubscribe, so StrictMode\n * double-mounts and multiple packages can't clobber each other.\n */\ntype SessionExpiredHandler = (response: Response) => void;\nconst _sessionExpiredHandlers = new Set<SessionExpiredHandler>();\n\n/**\n * Captured reference to the shared Hey API client. Set exactly once by\n * `installAuthOnClient(client)` (called from client.gen.ts). All `auth.set*`\n * methods that mutate transport config (baseUrl / credentials) push through\n * this reference. Until installed, those mutations are silently buffered as\n * in-memory state — the next request after install will pick them up.\n */\ntype HeyClient = {\n setConfig(opts: Record<string, unknown>): void;\n interceptors: {\n request: { use(fn: (req: Request) => Request | Promise<Request>): void };\n response: { use(fn: (res: Response, req: Request) => Response | Promise<Response>): void };\n error: { use(fn: (err: unknown, res: Response | undefined, req: Request | undefined, opts: unknown) => unknown): void };\n };\n};\nlet _client: HeyClient | null = null;\n\nfunction pushClientConfig(): void {\n if (!_client) return;\n _client.setConfig({\n baseUrl: auth.getBaseUrl(),\n credentials: _withCredentials ? 'include' : 'same-origin',\n });\n}\n\n/**\n * Global auth/config store. All getters read live state every call —\n * the interceptor below uses these to attach headers per-request.\n *\n * Default storage backend is `localStorage`. Switch to cookies (e.g.\n * for Next.js SSR cookie access) via `auth.setStorageMode('cookie')`\n * early in the app bootstrap.\n *\n * @example\n * import { auth } from '@your/api';\n * auth.setToken(jwt);\n * auth.clearTokens();\n * auth.setStorageMode('cookie');\n */\nexport const auth = {\n // ── Storage mode ──────────────────────────────────────────────────\n getStorageMode(): StorageMode { return _storageMode; },\n setStorageMode(mode: StorageMode): void {\n _storageMode = mode;\n _storage = mode === 'cookie' ? cookieBackend : localStorageBackend;\n notifySessionChanged();\n },\n\n // ── Bearer token ──────────────────────────────────────────────────\n getToken(): string | null { return _storage.get(ACCESS_KEY); },\n setToken(token: string | null): void {\n _storage.set(ACCESS_KEY, token);\n notifySessionChanged();\n },\n getRefreshToken(): string | null { return _storage.get(REFRESH_KEY); },\n setRefreshToken(token: string | null): void {\n _storage.set(REFRESH_KEY, token);\n notifySessionChanged();\n },\n clearTokens(): void {\n _storage.set(ACCESS_KEY, null);\n _storage.set(REFRESH_KEY, null);\n notifySessionChanged();\n },\n /** Session-aware: token PRESENT and not past its `exp` (or a live refresh\n * token exists that can mint one). Prefer `getSnapshot().status` in React. */\n isAuthenticated(): boolean { return computeSnapshot().status === 'authenticated'; },\n\n // ── Session (the ONE write path for login/logout flows) ──────────\n /**\n * Persist a token pair atomically. Every login flow (OTP verify, 2FA,\n * OAuth callback) and the refresh handler should end here — do NOT\n * scatter `setToken`/`setRefreshToken` pairs through app code.\n * `refresh: undefined` keeps the current refresh token (access-only\n * rotation); `refresh: null` explicitly drops it.\n */\n setSession(tokens: { access: string; refresh?: string | null }): void {\n _storage.set(ACCESS_KEY, tokens.access);\n if (tokens.refresh !== undefined) _storage.set(REFRESH_KEY, tokens.refresh);\n notifySessionChanged();\n },\n clearSession(): void { auth.clearTokens(); },\n\n // ── Reactive snapshot (for useSyncExternalStore) ──────────────────\n /**\n * @example React:\n * const session = useSyncExternalStore(\n * auth.subscribe, auth.getSnapshot, auth.getServerSnapshot,\n * );\n * const isAuthenticated = session.status === 'authenticated';\n */\n getSnapshot(): SessionSnapshot { return _snapshot; },\n getServerSnapshot(): SessionSnapshot { return SERVER_SNAPSHOT; },\n subscribe(listener: () => void): () => void {\n ensureStorageSync();\n _sessionListeners.add(listener);\n // Sync state & arm the expiry timer now that someone is listening.\n notifySessionChanged();\n return () => {\n _sessionListeners.delete(listener);\n if (_sessionListeners.size === 0 && _expiryTimer !== null) {\n clearTimeout(_expiryTimer);\n _expiryTimer = null;\n }\n };\n },\n\n /**\n * Fired on TERMINAL 401 — after the refresh+retry path is exhausted.\n * The store has already cleared the session before calling back, so\n * handlers only need to route to login (no clear-then-redirect\n * ordering to get wrong). Returns an unsubscribe function; multiple\n * handlers compose (unlike the legacy single-slot `onUnauthorized`).\n */\n onSessionExpired(cb: SessionExpiredHandler): () => void {\n _sessionExpiredHandlers.add(cb);\n return () => { _sessionExpiredHandlers.delete(cb); };\n },\n\n // ── API key ───────────────────────────────────────────────────────\n getApiKey(): string | null {\n return _apiKeyOverride ?? _storage.get(API_KEY_KEY) ?? defaultApiKey();\n },\n setApiKey(key: string | null): void { _apiKeyOverride = key; },\n setApiKeyPersist(key: string | null): void {\n _apiKeyOverride = key;\n _storage.set(API_KEY_KEY, key);\n },\n clearApiKey(): void { _apiKeyOverride = null; _storage.set(API_KEY_KEY, null); },\n\n // ── Locale ────────────────────────────────────────────────────────\n getLocale(): string | null { return _localeOverride ?? detectLocale(); },\n setLocale(locale: string | null): void { _localeOverride = locale; },\n\n // ── Base URL ──────────────────────────────────────────────────────\n getBaseUrl(): string {\n const url = (_baseUrlOverride ?? defaultBaseUrl());\n return url.replace(/\\/$/, '');\n },\n setBaseUrl(url: string | null): void {\n _baseUrlOverride = url ? url.replace(/\\/$/, '') : null;\n pushClientConfig();\n },\n\n // ── Credentials toggle ────────────────────────────────────────────\n getWithCredentials(): boolean { return _withCredentials; },\n setWithCredentials(value: boolean): void {\n _withCredentials = value;\n pushClientConfig();\n },\n\n // ── 401 handler ───────────────────────────────────────────────────\n /**\n * Fired when the server returns 401 AND no refresh path recovers it\n * (no refresh token, no refresh handler, refresh failed, or retry\n * still 401). The app should clear local state and redirect to login.\n *\n * NOT fired for 401 that gets transparently recovered by the refresh\n * handler — those are invisible to callers.\n */\n onUnauthorized(cb: ((response: Response) => void) | null): void {\n _onUnauthorized = cb;\n },\n\n /**\n * Register the refresh strategy. The handler receives the current\n * refresh token and must call your refresh endpoint, returning\n * `{ access, refresh? }` on success or `null` on failure.\n *\n * @example\n * auth.setRefreshHandler(async (refresh) => {\n * const { data } = await Auth.tokenRefreshCreate({ body: { refresh } });\n * return data ? { access: data.access, refresh: data.refresh } : null;\n * });\n */\n setRefreshHandler(fn: RefreshHandler | null): void {\n _refreshHandler = fn;\n },\n\n /**\n * Proactively run the registered refresh handler right now, reusing the\n * SAME single-flight promise as the 401-recovery interceptor. Callers\n * (e.g. an expiry timer / focus / reconnect) get token rotation,\n * de-duplication and rotated-token persistence for free — they must NOT\n * re-implement any of it. Returns the fresh access token, or null if\n * there is no handler / no refresh token / the refresh failed.\n */\n refreshNow(): Promise<string | null> {\n return tryRefresh();\n },\n};\n\n/**\n * Run the user-supplied refresh handler, persist the rotated tokens, and\n * return the fresh access token (or null on any failure path).\n *\n * TWO layers of coordination, because a single app can host MULTIPLE copies of\n * this generated store (e.g. `@djangocfg/api` + a locally-generated client +\n * `@djangocfg/monitor`), all sharing the SAME refresh token in storage:\n *\n * 1. Per-store single-flight (`_refreshInflight`) — concurrent 401s WITHIN\n * this module coalesce onto one promise. Fast path, no lock.\n * 2. Cross-store mutex (`navigator.locks`) keyed on the refresh-token storage\n * key — serializes refreshes across EVERY store in the app. The refresh\n * token is re-read INSIDE the lock, so if another store already rotated it\n * (SimpleJWT `ROTATE_REFRESH_TOKENS` blacklists the old one), the loser\n * picks up the fresh access token instead of re-POSTing a blacklisted\n * refresh token and getting a spurious 401 → logout.\n *\n * Web Locks is browser-only; on SSR / older runtimes we degrade gracefully to\n * layer 1 alone (correct whenever at most one store refreshes).\n */\nasync function tryRefresh(): Promise<string | null> {\n if (_refreshInflight) return _refreshInflight;\n if (!_refreshHandler) return null;\n\n // The critical section — re-reads the refresh token every time it runs, so a\n // rotation performed by another store (or by us on a prior attempt) is always\n // observed. Returns the fresh access token, or null on any failure.\n const runRefresh = async (): Promise<string | null> => {\n const refresh = auth.getRefreshToken();\n if (!refresh) return null;\n const result = await _refreshHandler!(refresh);\n if (!result?.access) return null;\n auth.setToken(result.access);\n if (result.refresh) auth.setRefreshToken(result.refresh);\n return result.access;\n };\n\n _refreshInflight = (async () => {\n try {\n // Serialize across all stores in this app when Web Locks is available.\n const locks =\n typeof navigator !== 'undefined'\n ? (navigator as Navigator & { locks?: LockManager }).locks\n : undefined;\n if (locks?.request) {\n return await locks.request(`${REFRESH_KEY}:refresh`, runRefresh);\n }\n return await runRefresh();\n } catch {\n return null;\n } finally {\n _refreshInflight = null;\n }\n })();\n\n return _refreshInflight;\n}\n\n/**\n * Terminal 401 — no refresh path can recover this session. The store clears\n * its own tokens FIRST (subscribers flip to 'anonymous' via the snapshot),\n * then notifies `onSessionExpired` subscribers and the legacy\n * `onUnauthorized` slot. Apps only route to login; they never own the\n * clear-before-redirect ordering.\n */\nfunction expireSession(response: Response): void {\n auth.clearTokens();\n for (const cb of Array.from(_sessionExpiredHandlers)) {\n try { cb(response); } catch {}\n }\n if (_onUnauthorized) {\n try { _onUnauthorized(response); } catch {}\n }\n}\n\n/**\n * Wire the shared client to the global auth store. Called exactly\n * once from `client.gen.ts` (post-processed) right after\n * `createClient()`. Synchronous — no microtask, no TDZ races.\n *\n * Safe to call from server / SSR: storage backends short-circuit on\n * non-browser environments, so headers populated by the interceptor\n * are simply absent server-side (which is the correct behaviour\n * unless the caller explicitly sets a server-side token).\n *\n * ── How API key auth works ────────────────────────────────────────────────\n *\n * There are three ways to supply X-API-Key, in priority order:\n *\n * 1. Per-request header (highest priority, overrides everything):\n * SomeApi.someEndpoint({ headers: { 'X-API-Key': userKey } })\n * Use this in playgrounds or any context where the key comes from\n * user input rather than app config.\n *\n * 2. Global override via auth.setApiKey(key) — applies to every request\n * from this client until cleared. Good for single-user sessions.\n *\n * 3. NEXT_PUBLIC_API_KEY env var — read by defaultApiKey() on every request.\n * Use as a public fallback key (e.g. a shared demo key for unauthenticated\n * visitors). When not set, returns null so per-request keys work freely.\n *\n * ── baseUrl gotcha with proxy packages ───────────────────────────────────\n *\n * If another package (e.g. @carapis/catalog-api/client) calls\n * `auth.setBaseUrl('')` on import, ALL requests from this shared client\n * will go to relative paths (Next.js proxy) instead of hitting Django\n * directly. This is intentional for the public catalog — but breaks any\n * feature that needs to reach Django with a dynamic API key from the\n * browser (e.g. a playground).\n *\n * Fix: pass `baseUrl` explicitly per-call to override the global setting:\n * SomeApi.someEndpoint({\n * baseUrl: process.env.NEXT_PUBLIC_API_URL,\n * headers: { 'X-API-Key': userKey },\n * })\n */\n// ── DPoP (RFC 9449) — sender-constrained tokens ────────────────────────────\n//\n// When NEXT_PUBLIC_DPOP_ENABLED === 'true', the client holds a P-256 keypair\n// whose PRIVATE key is non-extractable (Web Crypto `extractable:false`) and\n// stored in IndexedDB. JS — including XSS — can sign with it but can NEVER read\n// it. Each request carries a fresh `DPoP` proof signed by that key; the backend\n// binds the token to the key (`cnf.jkt`) and rejects any request whose proof key\n// doesn't match. A stolen token is therefore useless to an attacker.\n//\n// Dormant unless the env flag is on — bearer-mode apps are unaffected.\n\nfunction dpopEnabled(): boolean {\n try {\n return typeof process !== 'undefined'\n && process.env?.NEXT_PUBLIC_DPOP_ENABLED === 'true';\n } catch { return false; }\n}\n\nconst _DPOP_DB = 'cfg-auth';\nconst _DPOP_STORE = 'keys';\nconst _DPOP_KEY_ID = 'dpop-ec-p256';\n\nfunction _idbOpen(): Promise<IDBDatabase> {\n return new Promise((resolve, reject) => {\n const req = indexedDB.open(_DPOP_DB, 1);\n req.onupgradeneeded = () => req.result.createObjectStore(_DPOP_STORE);\n req.onsuccess = () => resolve(req.result);\n req.onerror = () => reject(req.error);\n });\n}\n\nfunction _idbGet(key: string): Promise<CryptoKeyPair | undefined> {\n return _idbOpen().then((db) => new Promise((resolve, reject) => {\n const tx = db.transaction(_DPOP_STORE, 'readonly');\n const req = tx.objectStore(_DPOP_STORE).get(key);\n req.onsuccess = () => resolve(req.result);\n req.onerror = () => reject(req.error);\n }));\n}\n\nfunction _idbPut(key: string, value: CryptoKeyPair): Promise<void> {\n return _idbOpen().then((db) => new Promise((resolve, reject) => {\n const tx = db.transaction(_DPOP_STORE, 'readwrite');\n tx.objectStore(_DPOP_STORE).put(value, key);\n tx.oncomplete = () => resolve();\n tx.onerror = () => reject(tx.error);\n }));\n}\n\n/** Single-flight keypair init — the private key is created non-extractable. */\nlet _dpopKeyPromise: Promise<CryptoKeyPair> | null = null;\n\nfunction _getDpopKeyPair(): Promise<CryptoKeyPair> {\n if (_dpopKeyPromise) return _dpopKeyPromise;\n _dpopKeyPromise = (async () => {\n const existing = await _idbGet(_DPOP_KEY_ID).catch(() => undefined);\n if (existing) return existing;\n const pair = await crypto.subtle.generateKey(\n { name: 'ECDSA', namedCurve: 'P-256' },\n false, // extractable:false — JS can sign but never export the private key\n ['sign'],\n );\n // CryptoKey is structured-cloneable; IndexedDB persists it across reloads\n // WITHOUT ever exposing raw key bytes to JS.\n await _idbPut(_DPOP_KEY_ID, pair).catch(() => {});\n return pair;\n })();\n return _dpopKeyPromise;\n}\n\nfunction _b64urlFromBytes(bytes: ArrayBuffer | Uint8Array): string {\n const arr = bytes instanceof Uint8Array ? bytes : new Uint8Array(bytes);\n let s = '';\n for (let i = 0; i < arr.length; i++) s += String.fromCharCode(arr[i]);\n return btoa(s).replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=+$/, '');\n}\n\nfunction _b64urlFromString(str: string): string {\n return _b64urlFromBytes(new TextEncoder().encode(str));\n}\n\n/** ECDSA raw signature (r||s) → JOSE base64url (Web Crypto already returns raw). */\nasync function _publicJwk(pub: CryptoKey): Promise<Record<string, string>> {\n const jwk = await crypto.subtle.exportKey('jwk', pub);\n // Public components only — required RFC 7638 members for EC.\n return { kty: 'EC', crv: 'P-256', x: jwk.x as string, y: jwk.y as string };\n}\n\n/** Build a DPoP proof JWT for this request (htm/htu/iat/jti), signed in-key. */\nasync function _makeDpopProof(method: string, url: string): Promise<string | null> {\n try {\n const pair = await _getDpopKeyPair();\n const jwk = await _publicJwk(pair.publicKey);\n const header = { typ: 'dpop+jwt', alg: 'ES256', jwk };\n // htu = scheme://authority/path without query/fragment.\n const htu = url.split('#')[0].split('?')[0];\n const jti =\n (crypto.randomUUID && crypto.randomUUID()) ||\n _b64urlFromBytes(crypto.getRandomValues(new Uint8Array(16)));\n const payload = { htm: method.toUpperCase(), htu, iat: Math.floor(Date.now() / 1000), jti };\n const signingInput =\n `${_b64urlFromString(JSON.stringify(header))}.${_b64urlFromString(JSON.stringify(payload))}`;\n const sig = await crypto.subtle.sign(\n { name: 'ECDSA', hash: 'SHA-256' },\n pair.privateKey,\n new TextEncoder().encode(signingInput),\n );\n return `${signingInput}.${_b64urlFromBytes(sig)}`;\n } catch {\n return null; // never break a request because proof generation failed\n }\n}\n\nexport function installAuthOnClient(client: HeyClient): void {\n if (_client) return; // idempotent\n _client = client;\n\n client.setConfig({\n baseUrl: auth.getBaseUrl(),\n credentials: _withCredentials ? 'include' : 'same-origin',\n });\n\n client.interceptors.request.use(async (request) => {\n const token = auth.getToken();\n if (token) request.headers.set('Authorization', `Bearer ${token}`);\n\n const locale = auth.getLocale();\n if (locale) request.headers.set('Accept-Language', locale);\n\n // Only set X-API-Key from global store if NOT already present on the\n // request — per-request headers take precedence.\n const apiKey = auth.getApiKey();\n if (apiKey && !request.headers.has('X-API-Key')) request.headers.set('X-API-Key', apiKey);\n\n try {\n const tz = Intl.DateTimeFormat().resolvedOptions().timeZone;\n if (tz) request.headers.set('X-Timezone', tz);\n } catch {}\n request.headers.set('X-Client-Time', new Date().toISOString());\n\n // DPoP proof — sign a fresh per-request proof with the non-extractable key.\n // Only in a browser, only when enabled. Failure is non-fatal (proof null).\n if (dpopEnabled() && typeof window !== 'undefined') {\n const proof = await _makeDpopProof(request.method, request.url);\n if (proof) request.headers.set('DPoP', proof);\n }\n\n return request;\n });\n\n client.interceptors.error.use((err, res, req) => {\n if (err instanceof APIError) return err;\n const url = (req as Request | undefined)?.url ?? '';\n const status = (res as Response | undefined)?.status ?? 0;\n const statusText = (res as Response | undefined)?.statusText ?? '';\n return new APIError(status, statusText, err, url);\n });\n\n\n client.interceptors.response.use(async (response, request) => {\n if (response.status !== 401) return response;\n\n // Already retried once — give up to avoid loops.\n if (request.headers.get(RETRY_MARKER)) {\n expireSession(response);\n return response;\n }\n\n const newToken = await tryRefresh();\n if (!newToken) {\n expireSession(response);\n return response;\n }\n\n // Retry the original request once with the new token. We mutate a\n // clone so the original Request body (already consumed by the\n // failed call) doesn't trip \"body already used\".\n const retry = request.clone();\n retry.headers.set('Authorization', `Bearer ${newToken}`);\n retry.headers.set(RETRY_MARKER, '1');\n // This retry uses raw fetch() and bypasses the request interceptor, so the\n // DPoP proof must be re-attached here or a bound token would 401 on retry.\n if (dpopEnabled() && typeof window !== 'undefined') {\n const proof = await _makeDpopProof(retry.method, retry.url);\n if (proof) retry.headers.set('DPoP', proof);\n }\n try {\n const retried = await fetch(retry);\n if (retried.status === 401) expireSession(retried);\n return retried;\n } catch {\n // Network error on the retry. The refresh SUCCEEDED (we hold a fresh\n // token), so the session is alive — a transient network blip must NOT\n // log the user out. Surface the original 401 to the caller only.\n return response;\n }\n });\n}\n\n// ── Default refresh handler (auto-registered) ──────────────────────────────\n//\n// POSTs straight to the SimpleJWT refresh endpoint so a 401 transparently\n// refreshes and retries. Registered at import time; an app can override it\n// afterwards with `auth.setRefreshHandler(...)` (last write wins). Returns the\n// ROTATED refresh token so the store persists it — `ROTATE_REFRESH_TOKENS`\n// blacklists the old one, so reusing it would 401 on the next refresh.\n//\n// Raw fetch, NOT the SDK: the endpoint exists on the server even when this\n// target's sliced SDK doesn't include the accounts group, and importing\n// sdk.gen here would close the cycle auth.ts → sdk.gen → client.gen → auth.ts.\nconst REFRESH_ENDPOINT = '/cfg/accounts/token/refresh/';\n\nauth.setRefreshHandler(async (refresh) => {\n try {\n const url = `${auth.getBaseUrl()}${REFRESH_ENDPOINT}`;\n const headers: Record<string, string> = { 'Content-Type': 'application/json' };\n // Bound tokens (`cnf.jkt`) require a DPoP proof on the refresh call too.\n if (dpopEnabled() && typeof window !== 'undefined') {\n const proof = await _makeDpopProof('POST', url);\n if (proof) headers['DPoP'] = proof;\n }\n const res = await fetch(url, {\n method: 'POST',\n headers,\n credentials: auth.getWithCredentials() ? 'include' : 'same-origin',\n body: JSON.stringify({ refresh }),\n });\n if (!res.ok) return null;\n const data = (await res.json()) as { access?: string; refresh?: string } | null;\n return data?.access\n ? { access: data.access, refresh: data.refresh ?? refresh }\n : null;\n } catch {\n return null;\n }\n});\n\nexport type Auth = typeof auth;\n","// AUTO-GENERATED by django_generator / ts_extras.wrapper\n// API logger built on consola. Optional dependency — install if you enable logging:\n// npm install consola\n// DO NOT EDIT — re-run `make gen`.\n\nimport { type ConsolaInstance, createConsola } from \"consola\";\n\nexport interface RequestLog {\n method: string;\n url: string;\n headers?: Record<string, string>;\n body?: any;\n timestamp: number;\n}\n\nexport interface ResponseLog {\n status: number;\n statusText: string;\n data?: any;\n duration: number;\n timestamp: number;\n}\n\nexport interface ErrorLog {\n message: string;\n statusCode?: number;\n fieldErrors?: Record<string, string[]>;\n duration: number;\n timestamp: number;\n}\n\nexport interface LoggerConfig {\n enabled: boolean;\n logRequests: boolean;\n logResponses: boolean;\n logErrors: boolean;\n logBodies: boolean;\n logHeaders: boolean;\n consola?: ConsolaInstance;\n}\n\nconst DEFAULT_CONFIG: LoggerConfig = {\n enabled: typeof process !== \"undefined\" && process.env?.NODE_ENV !== \"production\",\n logRequests: true,\n logResponses: true,\n logErrors: true,\n logBodies: true,\n logHeaders: false,\n};\n\nconst SENSITIVE_HEADERS = [\n \"authorization\",\n \"cookie\",\n \"set-cookie\",\n \"x-api-key\",\n \"x-csrf-token\",\n];\n\nexport class APILogger {\n private config: LoggerConfig;\n private consola: ConsolaInstance;\n\n constructor(config: Partial<LoggerConfig> = {}) {\n this.config = { ...DEFAULT_CONFIG, ...config };\n this.consola = config.consola || createConsola({\n level: this.config.enabled ? 4 : 0,\n });\n }\n\n enable(): void { this.config.enabled = true; }\n disable(): void { this.config.enabled = false; }\n setConfig(config: Partial<LoggerConfig>): void {\n this.config = { ...this.config, ...config };\n }\n\n private filterHeaders(headers?: Record<string, string>): Record<string, string> {\n if (!headers) return {};\n const filtered: Record<string, string> = {};\n Object.keys(headers).forEach((key) => {\n filtered[key] = SENSITIVE_HEADERS.includes(key.toLowerCase()) ? \"***\" : (headers[key] || \"\");\n });\n return filtered;\n }\n\n logRequest(request: RequestLog): void {\n if (!this.config.enabled || !this.config.logRequests) return;\n const { method, url, headers, body } = request;\n this.consola.start(`${method} ${url}`);\n if (this.config.logHeaders && headers) this.consola.debug(\"Headers:\", this.filterHeaders(headers));\n if (this.config.logBodies && body) this.consola.debug(\"Body:\", body);\n }\n\n logResponse(request: RequestLog, response: ResponseLog): void {\n if (!this.config.enabled || !this.config.logResponses) return;\n const { method, url } = request;\n const { status, statusText, data, duration } = response;\n this.consola.success(`${method} ${url} ${status} ${statusText} (${duration}ms)`);\n if (this.config.logBodies && data) this.consola.debug(\"Response:\", data);\n }\n\n logError(request: RequestLog, error: ErrorLog): void {\n if (!this.config.enabled || !this.config.logErrors) return;\n const { method, url } = request;\n const { message, statusCode, fieldErrors, duration } = error;\n this.consola.error(`${method} ${url} ${statusCode || \"Network\"} Error (${duration}ms)`);\n this.consola.error(\"Message:\", message);\n if (fieldErrors && Object.keys(fieldErrors).length > 0) {\n this.consola.error(\"Field Errors:\");\n Object.entries(fieldErrors).forEach(([field, errors]) => {\n errors.forEach((err) => this.consola.error(` • ${field}: ${err}`));\n });\n }\n }\n\n info(message: string, ...args: any[]): void { if (this.config.enabled) this.consola.info(message, ...args); }\n warn(message: string, ...args: any[]): void { if (this.config.enabled) this.consola.warn(message, ...args); }\n error(message: string, ...args: any[]): void { if (this.config.enabled) this.consola.error(message, ...args); }\n debug(message: string, ...args: any[]): void { if (this.config.enabled) this.consola.debug(message, ...args); }\n success(message: string, ...args: any[]): void { if (this.config.enabled) this.consola.success(message, ...args); }\n withTag(tag: string): ConsolaInstance { return this.consola.withTag(tag); }\n}\n\nexport const defaultLogger = new APILogger();\n","export const isDev = process.env.NODE_ENV === 'development';\nexport const isProd = !isDev;\nexport const isBrowser = typeof window !== 'undefined';\n\n/**\n * Next.js static-export build (`output: 'export'`). Loggers treat it like dev\n * for visibility; some auth/SSR features behave differently under it.\n */\nexport const isStaticBuild = process.env.NEXT_PUBLIC_STATIC_BUILD === 'true';\n\n/**\n * DPoP (RFC 9449) sender-constrained tokens are enabled for this app.\n *\n * Set by `createBaseNextConfig({ dpop: true })` (inlines\n * `NEXT_PUBLIC_DPOP_ENABLED='true'`). When true: tokens are bound to a\n * non-extractable in-browser key, a copied Bearer token can't be replayed, and\n * the API client signs a per-request DPoP proof. This flag lives in\n * `@djangocfg/api` — the package that implements DPoP — so it is the single\n * source of truth, importable by every higher-level package.\n */\nexport const dpopEnabled = process.env.NEXT_PUBLIC_DPOP_ENABLED === 'true';\n","/**\n * Global runtime log-level control.\n *\n * One mutable level that every `@djangocfg/*` consola wrapper reads, so the\n * whole app's console verbosity can be changed at runtime (e.g. raised for an\n * admin, kept silent for a regular user in production) WITHOUT each package\n * hardcoding `isDev ? 4 : 1`.\n *\n * Lives in `@djangocfg/api` because it's the lowest shared package — api,\n * layouts, centrifugo, ui-core consumers can all import it without a cycle.\n *\n * consola levels: 0 silent · 1 error · 2 warn · 3 info · 4 debug · 5 trace.\n *\n * Default policy (before anyone calls setLogLevel):\n * - dev / static build → 4 (debug)\n * - production → 1 (errors only)\n * App bootstrap should call `applyRoleLogPolicy({ isAdmin, isDev })` once auth\n * is known to raise verbosity for staff/superusers even in production.\n */\n\nimport { isDev, isStaticBuild } from './auth/utils/env';\n\nexport type ConsolaLevel = 0 | 1 | 2 | 3 | 4 | 5;\n\n/** Dev or a static export → show verbose logs by default. */\nconst verboseByDefault = isDev || isStaticBuild;\n\nconst DEFAULT_LEVEL: ConsolaLevel = verboseByDefault ? 4 : 1;\n\nlet _level: ConsolaLevel = DEFAULT_LEVEL;\n\n/** Subscribers (the wrapper loggers) notified when the level changes. */\nconst _subscribers = new Set<(level: ConsolaLevel) => void>();\n\n/** Current global log level. Wrappers read this when constructing/refreshing. */\nexport function getLogLevel(): ConsolaLevel {\n return _level;\n}\n\n/** Set the global log level and notify all live loggers. */\nexport function setLogLevel(level: ConsolaLevel): void {\n _level = level;\n for (const fn of _subscribers) {\n try {\n fn(level);\n } catch {\n /* a bad subscriber must not break logging */\n }\n }\n}\n\n/**\n * Subscribe to level changes. Returns an unsubscribe fn. The callback fires\n * immediately with the current level so a logger can sync on registration.\n */\nexport function onLogLevelChange(fn: (level: ConsolaLevel) => void): () => void {\n _subscribers.add(fn);\n try {\n fn(_level);\n } catch {\n /* ignore */\n }\n return () => _subscribers.delete(fn);\n}\n\n/**\n * Apply the role-aware policy. Call once at bootstrap and whenever auth changes.\n *\n * - admin (is_staff / is_superuser): full verbosity (debug) everywhere, even\n * in production — so support/devs can diagnose live without a redeploy.\n * - dev (non-admin): debug.\n * - production regular user: errors only — a clean console, like big SaaS apps.\n */\nexport function applyRoleLogPolicy(opts: { isAdmin: boolean; isDev?: boolean }): void {\n const devMode = opts.isDev ?? verboseByDefault;\n if (opts.isAdmin || devMode) {\n setLogLevel(4);\n } else {\n setLogLevel(1);\n }\n}\n","'use client';\n\n/**\n * useSession — reactive session snapshot from the generated auth store.\n *\n * The ONE way to answer \"am I logged in\" in React. The store owns the\n * semantics (JWT `exp`-aware, refresh-token-aware) and pushes changes on\n * token writes, refresh success/failure, expiry (internal timer), and\n * cross-tab / cross-store sync. No polling, no ticks.\n */\n\nimport { useSyncExternalStore } from 'react';\n\nimport { auth } from '../../_api/generated/helpers/auth';\n\nimport type { SessionSnapshot, SessionStatus } from '../../_api/generated/helpers/auth';\n\nexport type { SessionSnapshot, SessionStatus };\n\nexport function useSession(): SessionSnapshot {\n return useSyncExternalStore(auth.subscribe, auth.getSnapshot, auth.getServerSnapshot);\n}\n","/**\n * Universal Router Hook with BasePath Support\n *\n * Wrapper around Next.js useRouter that automatically handles basePath\n * for static builds served via iframe or subdirectory\n * \n * IMPORTANT: In Next.js 15 App Router, router.push() does NOT automatically\n * handle basePath (unlike Pages Router). This is a breaking change in App Router.\n * \n * This hook ensures basePath is always included when navigating, especially\n * important for static exports served via iframe where basePath is critical.\n * \n * @see https://nextjs.org/docs/app/building-your-application/upgrading/app-router-migration\n */\n\n'use client';\n\nimport { useRouter as useNextRouter } from 'next/navigation';\nimport { useCallback, useMemo } from 'react';\n\n/**\n * Get base path from environment variable\n */\nfunction getBasePath(): string {\n if (typeof process === 'undefined') {\n return '';\n }\n return process.env.NEXT_PUBLIC_BASE_PATH || '';\n}\n\n/**\n * Add base path to a route path\n */\nfunction withBasePath(path: string, basePath: string): string {\n if (!basePath) {\n return path;\n }\n // Ensure path starts with /\n const normalizedPath = path.startsWith('/') ? path : `/${path}`;\n // Remove trailing slash from basePath\n const normalizedBasePath = basePath.replace(/\\/$/, '');\n return `${normalizedBasePath}${normalizedPath}`;\n}\n\n/**\n * Router with basePath support\n *\n * Automatically adds basePath to all navigation methods when basePath is configured.\n * In Next.js 15 App Router, router.push() doesn't handle basePath automatically,\n * so this hook uses window.location to ensure basePath is always included.\n *\n * @example\n * ```tsx\n * const router = useCfgRouter();\n *\n * // With basePath='/cfg/admin':\n * router.push('/dashboard'); // Client-side navigation to '/cfg/admin/dashboard'\n * router.replace('/auth'); // Client-side replace with '/cfg/admin/auth'\n * router.hardPush('/dashboard'); // Full page reload to '/cfg/admin/dashboard'\n * router.hardReplace('/auth'); // Full page replace with '/cfg/admin/auth'\n * ```\n */\nexport function useCfgRouter() {\n const router = useNextRouter();\n\n // Get basePath and check if we're in static build mode\n const basePath = useMemo(() => getBasePath(), []);\n const isStaticBuild = useMemo(() => {\n return typeof process !== 'undefined' && process.env.NEXT_PUBLIC_STATIC_BUILD === 'true';\n }, []);\n\n const push = useCallback((href: string, options?: { scroll?: boolean }) => {\n if (basePath) {\n // App Router doesn't handle basePath automatically, use window.location\n window.location.href = withBasePath(href, basePath);\n } else {\n // No basePath configured, use standard router\n router.push(href, options);\n }\n }, [router, basePath]);\n\n const replace = useCallback((href: string, options?: { scroll?: boolean }) => {\n if (basePath) {\n // App Router doesn't handle basePath automatically, use window.location\n window.location.replace(withBasePath(href, basePath));\n } else {\n // No basePath configured, use standard router\n router.replace(href, options);\n }\n }, [router, basePath]);\n\n /**\n * Hard push - always uses window.location.href for full page reload\n *\n * Use this for auth redirects where React contexts need to reinitialize.\n * Unlike push(), this ALWAYS triggers a full page reload, ensuring all\n * contexts are reinitialized with fresh state.\n *\n * @example\n * ```tsx\n * // After successful login - contexts need to reload with new auth state\n * router.hardPush('/dashboard');\n * ```\n */\n const hardPush = useCallback((href: string) => {\n window.location.href = withBasePath(href, basePath);\n }, [basePath]);\n\n /**\n * Hard replace - always uses window.location.replace for full page reload\n *\n * Same as hardPush but replaces current history entry.\n * Use for auth redirects where you don't want back button to return to login.\n *\n * @example\n * ```tsx\n * // After logout - replace so back button doesn't go to protected page\n * router.hardReplace('/auth');\n * ```\n */\n const hardReplace = useCallback((href: string) => {\n window.location.replace(withBasePath(href, basePath));\n }, [basePath]);\n\n const prefetch = useCallback((href: string) => {\n // Prefetch doesn't need basePath handling, Next.js handles it\n router.prefetch(href);\n }, [router]);\n\n const back = useCallback(() => {\n router.back();\n }, [router]);\n\n const forward = useCallback(() => {\n router.forward();\n }, [router]);\n\n const refresh = useCallback(() => {\n router.refresh();\n }, [router]);\n\n return {\n push,\n replace,\n hardPush,\n hardReplace,\n prefetch,\n back,\n forward,\n refresh,\n };\n}\n\n","/**\n * useQueryParams Hook\n * \n * Safe hook to access URL query parameters without requiring Suspense boundary.\n * Works on client-side only, returns empty URLSearchParams during SSR/prerendering.\n * \n * @example\n * ```tsx\n * const params = useQueryParams();\n * const flow = params.get('flow');\n * const hasFlow = params.has('flow');\n * const allTags = params.getAll('tags');\n * ```\n */\n\n'use client';\n\nimport { usePathname } from 'next/navigation';\nimport { useEffect, useRef, useState } from 'react';\n\n/**\n * Hook to safely access URL query parameters without useSearchParams()\n * \n * This hook reads query parameters directly from window.location.search,\n * avoiding the need for Suspense boundaries that useSearchParams() requires.\n * \n * Automatically updates when URL changes (navigation, back/forward, etc.)\n * Uses pathname from Next.js to detect route changes and polls for query param changes.\n * \n * Returns a URLSearchParams object with get(), getAll(), has(), etc.\n * \n * @returns URLSearchParams object (empty during SSR)\n */\nexport function useQueryParams(): URLSearchParams {\n const pathname = usePathname();\n const [queryParams, setQueryParams] = useState<URLSearchParams>(() => {\n if (typeof window === 'undefined') {\n return new URLSearchParams();\n }\n return new URLSearchParams(window.location.search);\n });\n const lastSearchRef = useRef<string>('');\n\n useEffect(() => {\n if (typeof window === 'undefined') return;\n\n const updateQueryParams = () => {\n const currentSearch = window.location.search;\n if (currentSearch !== lastSearchRef.current) {\n lastSearchRef.current = currentSearch;\n setQueryParams(new URLSearchParams(currentSearch));\n }\n };\n\n // Sync on mount / pathname change (Next.js navigation).\n updateQueryParams();\n\n // back/forward navigation fires popstate natively.\n window.addEventListener('popstate', updateQueryParams);\n\n // Next.js router.push/replace updates the URL via history.pushState/replaceState,\n // which do NOT emit any event. Patch them to notify us, so we react to query-only\n // changes (same pathname) without polling. This replaces the old setInterval(100ms),\n // whose churning object reference helped drive the OTP auto-submit loop.\n const origPush = window.history.pushState;\n const origReplace = window.history.replaceState;\n window.history.pushState = function (...args) {\n const result = origPush.apply(this, args);\n updateQueryParams();\n return result;\n };\n window.history.replaceState = function (...args) {\n const result = origReplace.apply(this, args);\n updateQueryParams();\n return result;\n };\n\n return () => {\n window.removeEventListener('popstate', updateQueryParams);\n window.history.pushState = origPush;\n window.history.replaceState = origReplace;\n };\n }, [pathname]);\n\n return queryParams;\n}\n\n","\"use client\"\n\nimport { useCallback, useEffect, useRef, useState } from 'react';\n\nimport type { AuthFormState, AuthFormStateHandlers, AuthStep, WebmailLink } from '../types';\n\nconst formatCountdown = (s: number): string => {\n if (s <= 0) return '';\n const m = Math.floor(s / 60);\n return m > 0 ? `${m}:${String(s % 60).padStart(2, '0')}` : `${s}s`;\n};\n\nexport interface UseAuthFormStateReturn extends AuthFormState, AuthFormStateHandlers {}\n\n/**\n * Hook for auth form state management.\n * Pure state - no side effects, no API calls.\n */\nexport const useAuthFormState = (\n initialIdentifier = '',\n): UseAuthFormStateReturn => {\n const [identifier, setIdentifier] = useState(initialIdentifier);\n const [otp, setOtp] = useState('');\n const [isLoading, setIsLoading] = useState(false);\n const [acceptedTerms, setAcceptedTerms] = useState(true);\n const [step, setStep] = useState<AuthStep>('identifier');\n const [error, setError] = useState('');\n const [webmail, setWebmail] = useState<WebmailLink | null>(null);\n\n // 2FA state\n const [twoFactorSessionId, setTwoFactorSessionId] = useState<string | null>(null);\n const [shouldPrompt2FA, setShouldPrompt2FA] = useState(false);\n const [twoFactorCode, setTwoFactorCode] = useState('');\n const [useBackupCode, setUseBackupCode] = useState(false);\n\n // Rate limit countdown\n const [rateLimitSeconds, setRateLimitSeconds] = useState(0);\n const rateLimitTimerRef = useRef<ReturnType<typeof setInterval> | null>(null);\n\n const startRateLimitCountdown = useCallback((seconds: number) => {\n if (rateLimitTimerRef.current) clearInterval(rateLimitTimerRef.current);\n setRateLimitSeconds(seconds);\n rateLimitTimerRef.current = setInterval(() => {\n setRateLimitSeconds((prev) => {\n if (prev <= 1) {\n clearInterval(rateLimitTimerRef.current!);\n rateLimitTimerRef.current = null;\n return 0;\n }\n return prev - 1;\n });\n }, 1000);\n }, []);\n\n useEffect(() => () => {\n if (rateLimitTimerRef.current) clearInterval(rateLimitTimerRef.current);\n }, []);\n\n const clearError = useCallback(() => setError(''), []);\n\n return {\n // State\n identifier,\n otp,\n isLoading,\n acceptedTerms,\n step,\n error,\n twoFactorSessionId,\n shouldPrompt2FA,\n twoFactorCode,\n useBackupCode,\n rateLimitSeconds,\n isRateLimited: rateLimitSeconds > 0,\n rateLimitLabel: formatCountdown(rateLimitSeconds),\n webmail,\n // Handlers\n setIdentifier,\n setOtp,\n setAcceptedTerms,\n setError,\n clearError,\n setStep,\n setIsLoading,\n setTwoFactorSessionId,\n setShouldPrompt2FA,\n setTwoFactorCode,\n setUseBackupCode,\n startRateLimitCountdown,\n setWebmail,\n };\n};\n","\"use client\"\n\nimport { useCallback } from 'react';\n\nimport type { AuthFormValidation } from '../types';\n\nconst EMAIL_REGEX = /^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$/;\n\nexport const useAuthValidation = (): AuthFormValidation => {\n const validateIdentifier = useCallback((id: string): boolean => {\n return EMAIL_REGEX.test(id);\n }, []);\n\n return { validateIdentifier };\n};\n\nexport const validateIdentifier = (id: string): boolean => EMAIL_REGEX.test(id);\n","\"use client\"\n\nimport { useCallback, useEffect, useRef } from 'react';\n\nimport { AUTH_CONSTANTS } from '../constants';\nimport { useAuth } from '../context';\nimport { authLogger } from '../utils/logger';\nimport { useAuthFormState } from './useAuthFormState';\nimport { useAuthValidation } from './useAuthValidation';\nimport { useAutoAuth } from './useAutoAuth';\nimport { useTwoFactorVerify } from './useTwoFactorVerify';\n\nimport type { AuthFormReturn, UseAuthFormOptions } from '../types';\n/**\n * Complete auth form hook.\n * Composes smaller hooks for state, validation, and submission.\n */\nexport const useAuthForm = (options: UseAuthFormOptions): AuthFormReturn => {\n const {\n onIdentifierSuccess,\n onOTPSuccess,\n onError,\n sourceUrl,\n redirectUrl,\n requireTermsAcceptance = false,\n authPath = '/auth',\n } = options;\n\n // Compose smaller hooks\n const formState = useAuthFormState();\n const validation = useAuthValidation();\n\n // Ref to track auto-submit from URL\n const isAutoSubmitFromUrlRef = useRef(false);\n // Remembers the exact `identifier:otp` we already attempted from a magic-link\n // URL. We verify a given code at most ONCE — even if it turns out invalid or\n // expired — so re-renders never re-fire the request. Without this, the auto\n // submit loops and hammers /verify/ until the backend returns 429.\n const processedOtpKeyRef = useRef<string | null>(null);\n\n // Auth context for API calls and storage\n const {\n requestOTP,\n verifyOTP,\n getSavedEmail,\n saveEmail,\n } = useAuth();\n\n // Destructure for convenience\n const {\n identifier,\n otp,\n isLoading,\n acceptedTerms,\n twoFactorSessionId,\n twoFactorCode,\n useBackupCode,\n setIdentifier,\n setOtp,\n setStep,\n setError,\n setIsLoading,\n clearError,\n setTwoFactorSessionId,\n setShouldPrompt2FA,\n setTwoFactorCode,\n setUseBackupCode,\n startRateLimitCountdown,\n setWebmail,\n } = formState;\n\n // 2FA verification hook - skip redirect so we can show success screen\n const twoFactor = useTwoFactorVerify({\n onSuccess: () => {\n authLogger.info('2FA verification successful, showing success screen');\n setStep('success');\n onOTPSuccess?.();\n },\n onError: (error) => {\n setError(error);\n onError?.(error);\n },\n redirectUrl,\n skipRedirect: true, // We handle navigation via success step\n });\n\n const { validateIdentifier } = validation;\n\n // ─────────────────────────────────────────────────────────────────────────\n // Storage Helper\n // ─────────────────────────────────────────────────────────────────────────\n\n const saveIdentifierToStorage = useCallback((id: string) => {\n saveEmail(id);\n }, [saveEmail]);\n\n // ─────────────────────────────────────────────────────────────────────────\n // Effects\n // ─────────────────────────────────────────────────────────────────────────\n\n // Load saved identifier on mount\n useEffect(() => {\n const savedEmail = getSavedEmail();\n if (savedEmail) {\n setIdentifier(savedEmail);\n }\n // eslint-disable-next-line react-hooks/exhaustive-deps\n }, []);\n\n // ─────────────────────────────────────────────────────────────────────────\n // Submit Handlers\n // ─────────────────────────────────────────────────────────────────────────\n\n const handleIdentifierSubmit = useCallback(async (e: React.FormEvent) => {\n e.preventDefault();\n\n if (!identifier) {\n const msg = 'Please enter your email address';\n setError(msg);\n onError?.(msg);\n return;\n }\n\n if (!validateIdentifier(identifier)) {\n const msg = 'Please enter a valid email address';\n setError(msg);\n onError?.(msg);\n return;\n }\n\n if (requireTermsAcceptance && !acceptedTerms) {\n const msg = 'Please accept the Terms of Service and Privacy Policy';\n setError(msg);\n onError?.(msg);\n return;\n }\n\n setIsLoading(true);\n clearError();\n\n try {\n const result = await requestOTP(identifier, sourceUrl);\n\n if (result.success) {\n saveIdentifierToStorage(identifier);\n setWebmail(result.webmail ?? null);\n setStep('otp');\n onIdentifierSuccess?.(identifier);\n } else {\n if (result.retryAfter) {\n startRateLimitCountdown(result.retryAfter);\n clearError();\n } else {\n setError(result.message);\n onError?.(result.message);\n }\n }\n } catch {\n const msg = 'An unexpected error occurred';\n setError(msg);\n onError?.(msg);\n } finally {\n setIsLoading(false);\n }\n }, [\n identifier, acceptedTerms, requireTermsAcceptance,\n validateIdentifier, requestOTP, saveIdentifierToStorage,\n setError, setIsLoading, setStep, clearError, setWebmail,\n startRateLimitCountdown, onIdentifierSuccess, onError, sourceUrl,\n ]);\n\n // Core OTP submit - accepts explicit values to avoid stale closures\n const submitOTP = useCallback(async (\n submitIdentifier: string,\n submitOtp: string,\n ): Promise<boolean> => {\n if (!submitOtp || submitOtp.length < AUTH_CONSTANTS.EMAIL_OTP_LENGTH) {\n const msg = `Please enter the ${AUTH_CONSTANTS.EMAIL_OTP_LENGTH}-digit verification code`;\n setError(msg);\n onError?.(msg);\n return false;\n }\n\n setIsLoading(true);\n clearError();\n\n try {\n // Skip redirect - we'll show success screen first\n const result = await verifyOTP(submitIdentifier, submitOtp, sourceUrl, redirectUrl, true);\n\n // Check if 2FA is required (user has TOTP device)\n if (result.requires_2fa && result.session_id) {\n authLogger.info('2FA required after OTP verification');\n setTwoFactorSessionId(result.session_id);\n setShouldPrompt2FA(result.should_prompt_2fa || false);\n setStep('2fa');\n saveIdentifierToStorage(submitIdentifier);\n return true; // OTP was successful, now need 2FA\n }\n\n if (result.success) {\n saveIdentifierToStorage(submitIdentifier);\n\n // Sign-in only verifies identity. Setting up 2FA is owned by\n // ProfileLayout, so we never branch into a setup prompt here — the\n // backend's `should_prompt_2fa` hint is intentionally ignored.\n authLogger.info('OTP verification successful, showing success screen');\n setStep('success');\n onOTPSuccess?.();\n return true;\n } else {\n setError(result.message);\n onError?.(result.message);\n return false;\n }\n } catch {\n const msg = 'An unexpected error occurred';\n setError(msg);\n onError?.(msg);\n return false;\n } finally {\n setIsLoading(false);\n }\n }, [verifyOTP, saveIdentifierToStorage, setError, setIsLoading, clearError, onOTPSuccess, onError, sourceUrl, redirectUrl, setTwoFactorSessionId, setShouldPrompt2FA, setStep]);\n\n const handleOTPSubmit = useCallback(async (e: React.FormEvent) => {\n e.preventDefault();\n await submitOTP(identifier, otp);\n }, [identifier, otp, submitOTP]);\n\n const handleResendOTP = useCallback(async () => {\n setIsLoading(true);\n clearError();\n\n try {\n const result = await requestOTP(identifier, sourceUrl);\n\n if (result.success) {\n saveIdentifierToStorage(identifier);\n setWebmail(result.webmail ?? null);\n setOtp('');\n } else {\n if (result.retryAfter) {\n startRateLimitCountdown(result.retryAfter);\n clearError(); // countdown in rateLimitLabel is enough feedback\n } else {\n setError(result.message);\n onError?.(result.message);\n }\n }\n } catch {\n const msg = 'Failed to resend verification code';\n setError(msg);\n onError?.(msg);\n } finally {\n setIsLoading(false);\n }\n }, [identifier, requestOTP, saveIdentifierToStorage, setOtp, setError, setIsLoading, clearError, startRateLimitCountdown, setWebmail, onError, sourceUrl]);\n\n const handleBackToIdentifier = useCallback(() => {\n setStep('identifier');\n clearError();\n }, [setStep, clearError]);\n\n const forceOTPStep = useCallback(() => {\n setStep('otp');\n clearError();\n }, [setStep, clearError]);\n\n // ─────────────────────────────────────────────────────────────────────────\n // 2FA Handlers\n // ─────────────────────────────────────────────────────────────────────────\n\n const handle2FASubmit = useCallback(async (e: React.FormEvent) => {\n e.preventDefault();\n\n if (!twoFactorSessionId) {\n const msg = 'Missing 2FA session';\n setError(msg);\n onError?.(msg);\n return;\n }\n\n if (useBackupCode) {\n await twoFactor.verifyBackupCode(twoFactorSessionId, twoFactorCode);\n } else {\n await twoFactor.verifyTOTP(twoFactorSessionId, twoFactorCode);\n }\n }, [twoFactorSessionId, twoFactorCode, useBackupCode, twoFactor, setError, onError]);\n\n const handleUseBackupCode = useCallback(() => {\n setUseBackupCode(true);\n setTwoFactorCode('');\n clearError();\n }, [setUseBackupCode, setTwoFactorCode, clearError]);\n\n const handleUseTOTP = useCallback(() => {\n setUseBackupCode(false);\n setTwoFactorCode('');\n clearError();\n }, [setUseBackupCode, setTwoFactorCode, clearError]);\n\n // ─────────────────────────────────────────────────────────────────────────\n // Auto-auth from URL\n // ─────────────────────────────────────────────────────────────────────────\n\n const handleOTPFromUrl = useCallback((detectedOtp: string, detectedEmail?: string) => {\n // Prefer the email from the magic-link URL (works on a fresh browser/device),\n // fall back to the one saved from a previous request on this browser.\n const autoIdentifier = detectedEmail || getSavedEmail() || '';\n\n if (!autoIdentifier) {\n authLogger.warn('No identifier found for auto-submit (no email in URL or storage)');\n return;\n }\n\n // Verify each magic-link code at most once. A re-render must never re-fire\n // the request — a failed/expired code that retried in a loop is exactly what\n // drove the /verify/ spam and the backend's 429 lockout.\n const otpKey = `${autoIdentifier}:${detectedOtp}`;\n if (processedOtpKeyRef.current === otpKey) return;\n if (isAutoSubmitFromUrlRef.current) return;\n\n processedOtpKeyRef.current = otpKey;\n isAutoSubmitFromUrlRef.current = true;\n\n authLogger.info('OTP detected from URL, auto-submitting');\n\n // Update UI state\n setIdentifier(autoIdentifier);\n setOtp(detectedOtp);\n setStep('otp');\n\n // Submit with explicit values\n setTimeout(async () => {\n try {\n await submitOTP(autoIdentifier, detectedOtp);\n } finally {\n isAutoSubmitFromUrlRef.current = false;\n }\n }, 100);\n }, [getSavedEmail, setIdentifier, setOtp, setStep, submitOTP]);\n\n useAutoAuth({\n allowedPaths: [authPath],\n onOTPDetected: handleOTPFromUrl,\n cleanupUrl: true,\n });\n\n // ─────────────────────────────────────────────────────────────────────────\n // Return\n // ─────────────────────────────────────────────────────────────────────────\n\n return {\n // State\n ...formState,\n\n // Submit handlers\n handleIdentifierSubmit,\n handleOTPSubmit,\n handleResendOTP,\n handleBackToIdentifier,\n forceOTPStep,\n\n // 2FA handlers\n handle2FASubmit,\n handleUseBackupCode,\n handleUseTOTP,\n\n // Validation\n ...validation,\n\n // Auto-submit ref\n isAutoSubmittingFromUrl: isAutoSubmitFromUrlRef,\n\n // 2FA state from hook (for loading indicator)\n is2FALoading: twoFactor.isLoading,\n twoFactorWarning: twoFactor.warning,\n twoFactorAttemptsRemaining: twoFactor.attemptsRemaining,\n };\n};\n\n// Re-export types for convenience\nexport type { AuthFormReturn, UseAuthFormOptions } from '../types';\n","import { createConsola } from 'consola';\n\n/**\n * Universal logger for @djangocfg/api/auth\n * Uses consola for beautiful console logging\n *\n * Log levels:\n * - 0: silent\n * - 1: fatal, error\n * - 2: warn\n * - 3: log, info\n * - 4: debug\n * - 5: trace, verbose\n *\n * The level is driven by the GLOBAL runtime controller (log-control), so an\n * admin can get verbose logs (even in prod) while regular users keep a clean\n * console. `applyRoleLogPolicy(...)` at app bootstrap sets the policy.\n */\nimport { getLogLevel, onLogLevelChange } from '../../log-control';\n\nexport const logger = createConsola({\n level: getLogLevel(),\n}).withTag('api');\n\n// Keep the live logger's level in sync with the global controller.\nonLogLevelChange((level) => {\n logger.level = level;\n});\n\n/**\n * Auth-specific logger\n */\nexport const authLogger = logger.withTag('auth');\n\nexport default logger;\n","'use client';\n\nimport { usePathname } from 'next/navigation';\nimport { useEffect, useRef } from 'react';\n\nimport { AUTH_CONSTANTS } from '../constants';\nimport { authLogger } from '../utils/logger';\nimport { isAllowedAuthPath } from '../utils/path';\nimport { useCfgRouter } from './useCfgRouter';\nimport { useQueryParams } from './useQueryParams';\n\nexport interface UseAutoAuthOptions {\n /** Called with the OTP from the URL, plus the optional `email` query param if present. */\n onOTPDetected?: (otp: string, email?: string) => void;\n cleanupUrl?: boolean;\n /** Paths where auto-auth should be active. Default: ['/auth'] */\n allowedPaths?: string[];\n}\n\n/**\n * Hook for automatic authentication from URL query parameters\n * Detects OTP from URL and triggers callback.\n * (Path normalization / allow-list matching live in ../utils/path so they can\n * be unit-tested independently of the hook.)\n */\nexport const useAutoAuth = (options: UseAutoAuthOptions = {}) => {\n const { onOTPDetected, cleanupUrl = true, allowedPaths = ['/auth'] } = options;\n const queryParams = useQueryParams();\n const pathname = usePathname();\n const router = useCfgRouter();\n\n // Check if current path is in allowed paths, ignoring the locale prefix\n // (next-intl may keep it in the URL, e.g. /ru/auth) and trailing slashes.\n const isAllowedPath = isAllowedAuthPath(pathname, allowedPaths);\n\n const queryOtp = queryParams.get('otp') || '';\n const queryEmail = queryParams.get('email') || undefined;\n const hasOTP = !!queryOtp;\n const isReady = !!pathname && hasOTP && isAllowedPath;\n const otpValid = queryOtp.length === AUTH_CONSTANTS.EMAIL_OTP_LENGTH;\n\n // Keep the latest callback in a ref so its (unstable) identity never lands in\n // the effect deps below. Otherwise a parent that passes an inline function\n // re-runs this effect on every render and re-fires the OTP submission.\n const onOTPDetectedRef = useRef(onOTPDetected);\n onOTPDetectedRef.current = onOTPDetected;\n\n // Detect OTP and notify the parent. Keyed on the OTP *value* (a string), not\n // on the `queryParams` object reference — so the effect fires once per code,\n // not on every poll tick / re-render.\n useEffect(() => {\n if (!isReady || !otpValid) return;\n // Only on allowed paths to avoid conflicts with other pages\n // (e.g., /dashboard/device uses ?otp= for device authorization, not user auth)\n authLogger.info('OTP detected in URL on auth page:', queryOtp);\n onOTPDetectedRef.current?.(queryOtp, queryEmail);\n }, [isReady, otpValid, queryOtp, queryEmail]);\n\n // Clean up URL to remove sensitive params for security. Separate effect so it\n // does not depend on `onOTPDetected` and cannot re-trigger the submission.\n // Use window.location.pathname to preserve the locale prefix (e.g. /ru/auth)\n // because usePathname() strips the locale, and router.push('/auth') would cause\n // next-intl middleware to redirect back to /ru/auth — triggering a full page reload\n // that loses the in-flight OTP submission.\n useEffect(() => {\n if (!isReady || !cleanupUrl || !queryOtp) return;\n const cleanQuery = Object.fromEntries(queryParams.entries());\n delete cleanQuery.otp;\n delete cleanQuery.email;\n const queryString = new URLSearchParams(cleanQuery).toString();\n const realPathname = typeof window !== 'undefined' ? window.location.pathname : pathname;\n router.replace(queryString ? `${realPathname}?${queryString}` : realPathname);\n // eslint-disable-next-line react-hooks/exhaustive-deps\n }, [isReady, cleanupUrl, queryOtp]);\n\n return {\n isReady,\n hasOTP,\n isAllowedPath,\n };\n};\n","/**\n * Path normalization for auth routing.\n *\n * next-intl may keep a 2-letter locale prefix in the URL (e.g. `/ru/auth`), and\n * paths arrive with or without trailing slashes. To match a pathname against a\n * fixed allow-list (like `['/auth']`) reliably, strip the locale segment and\n * trailing slashes first. Extracted from useAutoAuth so it can be unit-tested\n * and reused.\n */\n\n/**\n * Strip a leading 2-letter locale segment and trailing slashes.\n * '/ru/auth/' → '/auth', '/auth' → '/auth', '/' → '/', '' → ''.\n */\nexport const normalizePath = (path: string | null | undefined): string => {\n if (!path) return '';\n const withoutLocale = path.replace(/^\\/[a-z]{2}(?=\\/|$)/, '');\n const trimmed = withoutLocale.replace(/\\/+$/, '');\n return trimmed || '/';\n};\n\n/**\n * True when `pathname` (after locale/slash normalization) is one of the allowed\n * paths, or nested under one of them (`/auth` matches `/auth/callback`).\n */\nexport const isAllowedAuthPath = (\n pathname: string | null | undefined,\n allowedPaths: string[],\n): boolean => {\n const normalized = normalizePath(pathname);\n return allowedPaths.some(\n (p) => normalized === p || normalized.startsWith(p + '/'),\n );\n};\n","'use client';\n\nimport { useCallback, useState } from 'react';\n\nimport { auth } from '../../_api/generated/helpers/auth';\nimport { CfgTotpVerify } from '../../_api/generated/sdk.gen';\nimport { Analytics, AnalyticsCategory, AnalyticsEvent } from '../utils/analytics';\nimport { authLogger } from '../utils/logger';\nimport { consumeSavedRedirect } from './useAuthRedirect';\nimport { useCfgRouter } from './useCfgRouter';\nimport { extractAttemptsRemaining, extractTwoFactorError, isValidTotpCode } from './twoFactor.shared';\n\nexport interface UseTwoFactorVerifyOptions {\n /** Callback on successful 2FA verification */\n onSuccess?: (user: any) => void;\n /** Callback on error */\n onError?: (error: string) => void;\n /** URL to redirect after successful verification */\n redirectUrl?: string;\n /** Skip automatic redirect after success (caller handles navigation) */\n skipRedirect?: boolean;\n}\n\nexport interface UseTwoFactorVerifyReturn {\n /** Loading state */\n isLoading: boolean;\n /** Error message */\n error: string | null;\n /** Warning message (e.g., low backup codes) */\n warning: string | null;\n /** Remaining backup codes (if backup code was used) */\n remainingBackupCodes: number | null;\n /** Remaining verification attempts before lockout */\n attemptsRemaining: number | null;\n /** Verify TOTP code */\n verifyTOTP: (sessionId: string, code: string) => Promise<boolean>;\n /** Verify backup code */\n verifyBackupCode: (sessionId: string, backupCode: string) => Promise<boolean>;\n /** Clear error */\n clearError: () => void;\n}\n\n/**\n * 2FA verification during login (internal — composed by {@link useTwoFactor}).\n *\n * After OTP/OAuth verification returns requires_2fa=true and a session_id,\n * collect the TOTP (or backup) code and call verifyTOTP/verifyBackupCode to\n * complete authentication.\n */\nexport const useTwoFactorVerify = (\n options: UseTwoFactorVerifyOptions = {},\n): UseTwoFactorVerifyReturn => {\n const { onSuccess, onError, redirectUrl, skipRedirect = false } = options;\n const router = useCfgRouter();\n\n const [isLoading, setIsLoading] = useState(false);\n const [error, setError] = useState<string | null>(null);\n const [warning, setWarning] = useState<string | null>(null);\n const [remainingBackupCodes, setRemainingBackupCodes] = useState<number | null>(null);\n const [attemptsRemaining, setAttemptsRemaining] = useState<number | null>(null);\n\n const clearError = useCallback(() => {\n setError(null);\n }, []);\n\n const handleSuccess = useCallback((response: {\n access_token: string;\n refresh_token: string;\n user: any;\n warning?: string;\n remaining_backup_codes?: number;\n }) => {\n // Save tokens — the ONE write path (atomic pair + session notification).\n auth.setSession({ access: response.access_token, refresh: response.refresh_token });\n\n if (response.warning) {\n setWarning(response.warning);\n }\n if (response.remaining_backup_codes !== undefined) {\n setRemainingBackupCodes(response.remaining_backup_codes);\n }\n\n Analytics.event(AnalyticsEvent.AUTH_LOGIN_SUCCESS, {\n category: AnalyticsCategory.AUTH,\n label: '2fa',\n });\n if (response.user?.id) {\n Analytics.setUser(String(response.user.id));\n }\n\n onSuccess?.(response.user);\n\n // Redirect (unless skipRedirect). Priority: saved back-url > option > default.\n if (!skipRedirect) {\n const finalRedirectUrl = consumeSavedRedirect() || redirectUrl || '/';\n authLogger.info('2FA successful, redirecting to:', finalRedirectUrl);\n router.hardPush(finalRedirectUrl);\n }\n }, [onSuccess, redirectUrl, router, skipRedirect]);\n\n const verifyTOTP = useCallback(async (sessionId: string, code: string): Promise<boolean> => {\n if (!sessionId) {\n const msg = 'Missing 2FA session ID';\n setError(msg);\n onError?.(msg);\n return false;\n }\n if (!isValidTotpCode(code)) {\n const msg = 'Please enter a 6-digit code';\n setError(msg);\n onError?.(msg);\n return false;\n }\n\n setIsLoading(true);\n setError(null);\n\n try {\n authLogger.info('Verifying TOTP code...');\n\n const result = await CfgTotpVerify.cfgTotpVerifyCreate({\n body: { session_id: sessionId, code },\n throwOnError: true,\n });\n const response = result.data;\n\n if (!response.access_token || !response.refresh_token) {\n throw new Error('Invalid response from 2FA verification');\n }\n\n handleSuccess(response);\n return true;\n } catch (err) {\n authLogger.error('2FA TOTP verification error:', err);\n const errorMessage = extractTwoFactorError(err, 'Invalid verification code');\n const attempts = extractAttemptsRemaining(err);\n if (attempts !== null) setAttemptsRemaining(attempts);\n setError(errorMessage);\n onError?.(errorMessage);\n\n Analytics.event(AnalyticsEvent.AUTH_OTP_VERIFY_FAIL, {\n category: AnalyticsCategory.AUTH,\n label: '2fa-totp',\n });\n return false;\n } finally {\n setIsLoading(false);\n }\n }, [handleSuccess, onError]);\n\n const verifyBackupCode = useCallback(async (sessionId: string, backupCode: string): Promise<boolean> => {\n if (!sessionId) {\n const msg = 'Missing 2FA session ID';\n setError(msg);\n onError?.(msg);\n return false;\n }\n if (!backupCode || backupCode.length < 8) {\n const msg = 'Please enter your backup code';\n setError(msg);\n onError?.(msg);\n return false;\n }\n\n setIsLoading(true);\n setError(null);\n\n try {\n authLogger.info('Verifying backup code...');\n\n const result = await CfgTotpVerify.cfgTotpVerifyBackupCreate({\n body: {\n session_id: sessionId,\n backup_code: backupCode.replace(/\\s+/g, ''),\n },\n throwOnError: true,\n });\n const response = result.data;\n\n if (!response.access_token || !response.refresh_token) {\n throw new Error('Invalid response from backup code verification');\n }\n\n handleSuccess(response);\n return true;\n } catch (err) {\n authLogger.error('2FA backup code verification error:', err);\n const errorMessage = extractTwoFactorError(err, 'Invalid backup code');\n const attempts = extractAttemptsRemaining(err);\n if (attempts !== null) setAttemptsRemaining(attempts);\n setError(errorMessage);\n onError?.(errorMessage);\n\n Analytics.event(AnalyticsEvent.AUTH_OTP_VERIFY_FAIL, {\n category: AnalyticsCategory.AUTH,\n label: '2fa-backup',\n });\n return false;\n } finally {\n setIsLoading(false);\n }\n }, [handleSuccess, onError]);\n\n return {\n isLoading,\n error,\n warning,\n remainingBackupCodes,\n attemptsRemaining,\n verifyTOTP,\n verifyBackupCode,\n clearError,\n };\n};\n","// This file is auto-generated by @hey-api/openapi-ts\n\nimport type { ArrayStyle, ObjectStyle, SerializerOptions } from './pathSerializer.gen';\n\nexport type QuerySerializer = (query: Record<string, unknown>) => string;\n\nexport type BodySerializer = (body: unknown) => unknown;\n\ntype QuerySerializerOptionsObject = {\n allowReserved?: boolean;\n array?: Partial<SerializerOptions<ArrayStyle>>;\n object?: Partial<SerializerOptions<ObjectStyle>>;\n};\n\nexport type QuerySerializerOptions = QuerySerializerOptionsObject & {\n /**\n * Per-parameter serialization overrides. When provided, these settings\n * override the global array/object settings for specific parameter names.\n */\n parameters?: Record<string, QuerySerializerOptionsObject>;\n};\n\nconst serializeFormDataPair = (data: FormData, key: string, value: unknown): void => {\n if (typeof value === 'string' || value instanceof Blob) {\n data.append(key, value);\n } else if (value instanceof Date) {\n data.append(key, value.toISOString());\n } else {\n data.append(key, JSON.stringify(value));\n }\n};\n\nconst serializeUrlSearchParamsPair = (data: URLSearchParams, key: string, value: unknown): void => {\n if (typeof value === 'string') {\n data.append(key, value);\n } else {\n data.append(key, JSON.stringify(value));\n }\n};\n\nexport const formDataBodySerializer = {\n bodySerializer: (body: unknown): FormData => {\n const data = new FormData();\n\n Object.entries(body as Record<string, unknown>).forEach(([key, value]) => {\n if (value === undefined || value === null) {\n return;\n }\n if (Array.isArray(value)) {\n value.forEach((v) => serializeFormDataPair(data, key, v));\n } else {\n serializeFormDataPair(data, key, value);\n }\n });\n\n return data;\n },\n};\n\nexport const jsonBodySerializer = {\n bodySerializer: (body: unknown): string =>\n JSON.stringify(body, (_key, value) => (typeof value === 'bigint' ? value.toString() : value)),\n};\n\nexport const urlSearchParamsBodySerializer = {\n bodySerializer: (body: unknown): string => {\n const data = new URLSearchParams();\n\n Object.entries(body as Record<string, unknown>).forEach(([key, value]) => {\n if (value === undefined || value === null) {\n return;\n }\n if (Array.isArray(value)) {\n value.forEach((v) => serializeUrlSearchParamsPair(data, key, v));\n } else {\n serializeUrlSearchParamsPair(data, key, value);\n }\n });\n\n return data.toString();\n },\n};\n","// This file is auto-generated by @hey-api/openapi-ts\n\ntype Slot = 'body' | 'headers' | 'path' | 'query';\n\nexport type Field =\n | {\n in: Exclude<Slot, 'body'>;\n /**\n * Field name. This is the name we want the user to see and use.\n */\n key: string;\n /**\n * Field mapped name. This is the name we want to use in the request.\n * If omitted, we use the same value as `key`.\n */\n map?: string;\n }\n | {\n in: Extract<Slot, 'body'>;\n /**\n * Key isn't required for bodies.\n */\n key?: string;\n map?: string;\n }\n | {\n /**\n * Field name. This is the name we want the user to see and use.\n */\n key: string;\n /**\n * Field mapped name. This is the name we want to use in the request.\n * If `in` is omitted, `map` aliases `key` to the transport layer.\n */\n map: Slot;\n };\n\nexport interface Fields {\n allowExtra?: Partial<Record<Slot, boolean>>;\n args?: ReadonlyArray<Field>;\n}\n\nexport type FieldsConfig = ReadonlyArray<Field | Fields>;\n\nconst extraPrefixesMap: Record<string, Slot> = {\n $body_: 'body',\n $headers_: 'headers',\n $path_: 'path',\n $query_: 'query',\n};\nconst extraPrefixes = Object.entries(extraPrefixesMap);\n\ntype KeyMap = Map<\n string,\n | {\n in: Slot;\n map?: string;\n }\n | {\n in?: never;\n map: Slot;\n }\n>;\n\nfunction buildKeyMap(fields: FieldsConfig, map?: KeyMap): KeyMap {\n if (!map) {\n map = new Map();\n }\n\n for (const config of fields) {\n if ('in' in config) {\n if (config.key) {\n map.set(config.key, {\n in: config.in,\n map: config.map,\n });\n }\n } else if ('key' in config) {\n map.set(config.key, {\n map: config.map,\n });\n } else if (config.args) {\n buildKeyMap(config.args, map);\n }\n }\n\n return map;\n}\n\ninterface Params {\n body?: unknown;\n headers: Record<string, unknown>;\n path: Record<string, unknown>;\n query: Record<string, unknown>;\n}\n\nfunction stripEmptySlots(params: Params): void {\n for (const [slot, value] of Object.entries(params)) {\n if (slot === 'body') continue;\n if (value && typeof value === 'object' && !Array.isArray(value) && !Object.keys(value).length) {\n delete params[slot as Slot];\n }\n }\n}\n\nexport function buildClientParams(args: ReadonlyArray<unknown>, fields: FieldsConfig): Params {\n const params: Params = {\n headers: Object.create(null),\n path: Object.create(null),\n query: Object.create(null),\n };\n\n const map = buildKeyMap(fields);\n\n function writeSlot(slot: Slot, key: string, value: unknown): void {\n let record = params[slot] as Record<string, unknown> | undefined;\n if (record === undefined) {\n record = Object.create(null) as Record<string, unknown>;\n params[slot] = record;\n }\n record[key] = value;\n }\n\n let config: FieldsConfig[number] | undefined;\n\n for (const [index, arg] of args.entries()) {\n if (fields[index]) {\n config = fields[index];\n }\n\n if (!config) {\n continue;\n }\n\n if ('in' in config) {\n if (config.key) {\n const field = map.get(config.key)!;\n const name = field.map || config.key;\n if (field.in) {\n writeSlot(field.in, name, arg);\n }\n } else {\n params.body = arg;\n }\n } else {\n for (const [key, value] of Object.entries(arg ?? {})) {\n const field = map.get(key);\n\n if (field) {\n if (field.in) {\n const name = field.map || key;\n writeSlot(field.in, name, value);\n } else {\n params[field.map] = value;\n }\n } else {\n const extra = extraPrefixes.find(([prefix]) => key.startsWith(prefix));\n\n if (extra) {\n const [prefix, slot] = extra;\n writeSlot(slot, key.slice(prefix.length), value);\n } else if ('allowExtra' in config && config.allowExtra) {\n for (const [slot, allowed] of Object.entries(config.allowExtra)) {\n if (allowed) {\n writeSlot(slot as Slot, key, value);\n break;\n }\n }\n }\n }\n }\n }\n }\n\n stripEmptySlots(params);\n\n return params;\n}\n","// This file is auto-generated by @hey-api/openapi-ts\n\nimport type { Config } from './types.gen';\n\nexport type ServerSentEventsOptions<TData = unknown> = Omit<RequestInit, 'method'> &\n Pick<Config, 'method' | 'responseTransformer' | 'responseValidator'> & {\n /**\n * Fetch API implementation. You can use this option to provide a custom\n * fetch instance.\n *\n * @default globalThis.fetch\n */\n fetch?: typeof fetch;\n /**\n * Implementing clients can call request interceptors inside this hook.\n */\n onRequest?: (url: string, init: RequestInit) => Promise<Request>;\n /**\n * Callback invoked when a network or parsing error occurs during streaming.\n *\n * This option applies only if the endpoint returns a stream of events.\n *\n * @param error The error that occurred.\n */\n onSseError?: (error: unknown) => void;\n /**\n * Callback invoked when an event is streamed from the server.\n *\n * This option applies only if the endpoint returns a stream of events.\n *\n * @param event Event streamed from the server.\n * @returns Nothing (void).\n */\n onSseEvent?: (event: StreamEvent<TData>) => void;\n serializedBody?: RequestInit['body'];\n /**\n * Default retry delay in milliseconds.\n *\n * This option applies only if the endpoint returns a stream of events.\n *\n * @default 3000\n */\n sseDefaultRetryDelay?: number;\n /**\n * Maximum number of retry attempts before giving up.\n */\n sseMaxRetryAttempts?: number;\n /**\n * Maximum retry delay in milliseconds.\n *\n * Applies only when exponential backoff is used.\n *\n * This option applies only if the endpoint returns a stream of events.\n *\n * @default 30000\n */\n sseMaxRetryDelay?: number;\n /**\n * Optional sleep function for retry backoff.\n *\n * Defaults to using `setTimeout`.\n */\n sseSleepFn?: (ms: number) => Promise<void>;\n url: string;\n };\n\nexport interface StreamEvent<TData = unknown> {\n data: TData;\n event?: string;\n id?: string;\n retry?: number;\n}\n\nexport type ServerSentEventsResult<TData = unknown, TReturn = void, TNext = unknown> = {\n stream: AsyncGenerator<\n TData extends Record<string, unknown> ? TData[keyof TData] : TData,\n TReturn,\n TNext\n >;\n};\n\nexport function createSseClient<TData = unknown>({\n onRequest,\n onSseError,\n onSseEvent,\n responseTransformer,\n responseValidator,\n sseDefaultRetryDelay,\n sseMaxRetryAttempts,\n sseMaxRetryDelay,\n sseSleepFn,\n url,\n ...options\n}: ServerSentEventsOptions): ServerSentEventsResult<TData> {\n let lastEventId: string | undefined;\n\n const sleep = sseSleepFn ?? ((ms: number) => new Promise((resolve) => setTimeout(resolve, ms)));\n\n const createStream = async function* () {\n let retryDelay: number = sseDefaultRetryDelay ?? 3000;\n let attempt = 0;\n const signal = options.signal ?? new AbortController().signal;\n\n while (true) {\n if (signal.aborted) break;\n\n attempt++;\n\n const headers =\n options.headers instanceof Headers\n ? options.headers\n : new Headers(options.headers as Record<string, string> | undefined);\n\n if (lastEventId !== undefined) {\n headers.set('Last-Event-ID', lastEventId);\n }\n\n try {\n const requestInit: RequestInit = {\n redirect: 'follow',\n ...options,\n body: options.serializedBody,\n headers,\n signal,\n };\n let request = new Request(url, requestInit);\n if (onRequest) {\n request = await onRequest(url, requestInit);\n }\n // fetch must be assigned here, otherwise it would throw the error:\n // TypeError: Failed to execute 'fetch' on 'Window': Illegal invocation\n const _fetch = options.fetch ?? globalThis.fetch;\n const response = await _fetch(request);\n\n if (!response.ok) throw new Error(`SSE failed: ${response.status} ${response.statusText}`);\n\n if (!response.body) throw new Error('No body in SSE response');\n\n const reader = response.body.pipeThrough(new TextDecoderStream()).getReader();\n\n let buffer = '';\n\n const abortHandler = () => {\n try {\n reader.cancel();\n } catch {\n // noop\n }\n };\n\n signal.addEventListener('abort', abortHandler);\n\n try {\n while (true) {\n const { done, value } = await reader.read();\n if (done) break;\n buffer += value;\n buffer = buffer.replace(/\\r\\n?/g, '\\n'); // normalize line endings\n\n const chunks = buffer.split('\\n\\n');\n buffer = chunks.pop() ?? '';\n\n for (const chunk of chunks) {\n const lines = chunk.split('\\n');\n const dataLines: Array<string> = [];\n let eventName: string | undefined;\n\n for (const line of lines) {\n if (line.startsWith('data:')) {\n dataLines.push(line.replace(/^data:\\s*/, ''));\n } else if (line.startsWith('event:')) {\n eventName = line.replace(/^event:\\s*/, '');\n } else if (line.startsWith('id:')) {\n lastEventId = line.replace(/^id:\\s*/, '');\n } else if (line.startsWith('retry:')) {\n const parsed = Number.parseInt(line.replace(/^retry:\\s*/, ''), 10);\n if (!Number.isNaN(parsed)) {\n retryDelay = parsed;\n }\n }\n }\n\n let data: unknown;\n let parsedJson = false;\n\n if (dataLines.length) {\n const rawData = dataLines.join('\\n');\n try {\n data = JSON.parse(rawData);\n parsedJson = true;\n } catch {\n data = rawData;\n }\n }\n\n if (parsedJson) {\n if (responseValidator) {\n await responseValidator(data);\n }\n\n if (responseTransformer) {\n data = await responseTransformer(data);\n }\n }\n\n onSseEvent?.({\n data,\n event: eventName,\n id: lastEventId,\n retry: retryDelay,\n });\n\n if (dataLines.length) {\n yield data as any;\n }\n }\n }\n } finally {\n signal.removeEventListener('abort', abortHandler);\n reader.releaseLock();\n }\n\n break; // exit loop on normal completion\n } catch (error) {\n // connection failed or aborted; retry after delay\n onSseError?.(error);\n\n if (sseMaxRetryAttempts !== undefined && attempt >= sseMaxRetryAttempts) {\n break; // stop after firing error\n }\n\n // exponential backoff: double retry each attempt, cap at 30s\n const backoff = Math.min(retryDelay * 2 ** (attempt - 1), sseMaxRetryDelay ?? 30000);\n await sleep(backoff);\n }\n }\n };\n\n const stream = createStream();\n\n return { stream };\n}\n","// This file is auto-generated by @hey-api/openapi-ts\n\ninterface SerializeOptions<T> extends SerializePrimitiveOptions, SerializerOptions<T> {}\n\ninterface SerializePrimitiveOptions {\n allowReserved?: boolean;\n name: string;\n}\n\nexport interface SerializerOptions<T> {\n /**\n * @default true\n */\n explode: boolean;\n style: T;\n}\n\nexport type ArrayStyle = 'form' | 'spaceDelimited' | 'pipeDelimited';\nexport type ArraySeparatorStyle = ArrayStyle | MatrixStyle;\ntype MatrixStyle = 'label' | 'matrix' | 'simple';\nexport type ObjectStyle = 'form' | 'deepObject';\ntype ObjectSeparatorStyle = ObjectStyle | MatrixStyle;\n\ninterface SerializePrimitiveParam extends SerializePrimitiveOptions {\n value: string;\n}\n\nexport const separatorArrayExplode = (style: ArraySeparatorStyle): '.' | ';' | ',' | '&' => {\n switch (style) {\n case 'label':\n return '.';\n case 'matrix':\n return ';';\n case 'simple':\n return ',';\n default:\n return '&';\n }\n};\n\nexport const separatorArrayNoExplode = (style: ArraySeparatorStyle): ',' | '|' | '%20' => {\n switch (style) {\n case 'form':\n return ',';\n case 'pipeDelimited':\n return '|';\n case 'spaceDelimited':\n return '%20';\n default:\n return ',';\n }\n};\n\nexport const separatorObjectExplode = (style: ObjectSeparatorStyle): '.' | ';' | ',' | '&' => {\n switch (style) {\n case 'label':\n return '.';\n case 'matrix':\n return ';';\n case 'simple':\n return ',';\n default:\n return '&';\n }\n};\n\nexport const serializeArrayParam = ({\n allowReserved,\n explode,\n name,\n style,\n value,\n}: SerializeOptions<ArraySeparatorStyle> & {\n value: unknown[];\n}): string => {\n if (!explode) {\n const joinedValues = (\n allowReserved ? value : value.map((v) => encodeURIComponent(v as string))\n ).join(separatorArrayNoExplode(style));\n switch (style) {\n case 'label':\n return `.${joinedValues}`;\n case 'matrix':\n return `;${name}=${joinedValues}`;\n case 'simple':\n return joinedValues;\n default:\n return `${name}=${joinedValues}`;\n }\n }\n\n const separator = separatorArrayExplode(style);\n const joinedValues = value\n .map((v) => {\n if (style === 'label' || style === 'simple') {\n return allowReserved ? v : encodeURIComponent(v as string);\n }\n\n return serializePrimitiveParam({\n allowReserved,\n name,\n value: v as string,\n });\n })\n .join(separator);\n return style === 'label' || style === 'matrix' ? separator + joinedValues : joinedValues;\n};\n\nexport const serializePrimitiveParam = ({\n allowReserved,\n name,\n value,\n}: SerializePrimitiveParam): string => {\n if (value === undefined || value === null) {\n return '';\n }\n\n if (typeof value === 'object') {\n throw new Error(\n 'Deeply-nested arrays/objects aren’t supported. Provide your own `querySerializer()` to handle these.',\n );\n }\n\n return `${name}=${allowReserved ? value : encodeURIComponent(value)}`;\n};\n\nexport const serializeObjectParam = ({\n allowReserved,\n explode,\n name,\n style,\n value,\n valueOnly,\n}: SerializeOptions<ObjectSeparatorStyle> & {\n value: Record<string, unknown> | Date;\n valueOnly?: boolean;\n}): string => {\n if (value instanceof Date) {\n return valueOnly ? value.toISOString() : `${name}=${value.toISOString()}`;\n }\n\n if (style !== 'deepObject' && !explode) {\n let values: string[] = [];\n Object.entries(value).forEach(([key, v]) => {\n values = [...values, key, allowReserved ? (v as string) : encodeURIComponent(v as string)];\n });\n const joinedValues = values.join(',');\n switch (style) {\n case 'form':\n return `${name}=${joinedValues}`;\n case 'label':\n return `.${joinedValues}`;\n case 'matrix':\n return `;${name}=${joinedValues}`;\n default:\n return joinedValues;\n }\n }\n\n const separator = separatorObjectExplode(style);\n const joinedValues = Object.entries(value)\n .map(([key, v]) =>\n serializePrimitiveParam({\n allowReserved,\n name: style === 'deepObject' ? `${name}[${key}]` : key,\n value: v as string,\n }),\n )\n .join(separator);\n return style === 'label' || style === 'matrix' ? separator + joinedValues : joinedValues;\n};\n","// This file is auto-generated by @hey-api/openapi-ts\n\nimport type { BodySerializer, QuerySerializer } from './bodySerializer.gen';\nimport {\n type ArraySeparatorStyle,\n serializeArrayParam,\n serializeObjectParam,\n serializePrimitiveParam,\n} from './pathSerializer.gen';\n\nexport interface PathSerializer {\n path: Record<string, unknown>;\n url: string;\n}\n\nexport const PATH_PARAM_RE: RegExp = /\\{[^{}]+\\}/g;\n\nexport const defaultPathSerializer = ({ path, url: _url }: PathSerializer): string => {\n let url = _url;\n const matches = _url.match(PATH_PARAM_RE);\n if (matches) {\n for (const match of matches) {\n let explode = false;\n let name = match.substring(1, match.length - 1);\n let style: ArraySeparatorStyle = 'simple';\n\n if (name.endsWith('*')) {\n explode = true;\n name = name.substring(0, name.length - 1);\n }\n\n if (name.startsWith('.')) {\n name = name.substring(1);\n style = 'label';\n } else if (name.startsWith(';')) {\n name = name.substring(1);\n style = 'matrix';\n }\n\n const value = path[name];\n\n if (value === undefined || value === null) {\n continue;\n }\n\n if (Array.isArray(value)) {\n url = url.replace(match, serializeArrayParam({ explode, name, style, value }));\n continue;\n }\n\n if (typeof value === 'object') {\n url = url.replace(\n match,\n serializeObjectParam({\n explode,\n name,\n style,\n value: value as Record<string, unknown>,\n valueOnly: true,\n }),\n );\n continue;\n }\n\n if (style === 'matrix') {\n url = url.replace(\n match,\n `;${serializePrimitiveParam({\n name,\n value: value as string,\n })}`,\n );\n continue;\n }\n\n const replaceValue = encodeURIComponent(\n style === 'label' ? `.${value as string}` : (value as string),\n );\n url = url.replace(match, replaceValue);\n }\n }\n return url;\n};\n\nexport const getUrl = ({\n baseUrl,\n path,\n query,\n querySerializer,\n url: _url,\n}: {\n baseUrl?: string;\n path?: Record<string, unknown>;\n query?: Record<string, unknown>;\n querySerializer: QuerySerializer;\n url: string;\n}): string => {\n const pathUrl = _url.startsWith('/') ? _url : `/${_url}`;\n let url = (baseUrl ?? '') + pathUrl;\n if (path) {\n url = defaultPathSerializer({ path, url });\n }\n let search = query ? querySerializer(query) : '';\n if (search.startsWith('?')) {\n search = search.substring(1);\n }\n if (search) {\n url += `?${search}`;\n }\n return url;\n};\n\nexport function getValidRequestBody(options: {\n body?: unknown;\n bodySerializer?: BodySerializer | null;\n serializedBody?: unknown;\n}): unknown {\n const hasBody = options.body !== undefined;\n const isSerializedBody = hasBody && options.bodySerializer;\n\n if (isSerializedBody) {\n if ('serializedBody' in options) {\n const hasSerializedBody =\n options.serializedBody !== undefined && options.serializedBody !== '';\n\n return hasSerializedBody ? options.serializedBody : null;\n }\n\n // not all clients implement a serializedBody property (i.e., client-axios)\n return options.body !== '' ? options.body : null;\n }\n\n // plain/text body\n if (hasBody) {\n return options.body;\n }\n\n // no body was provided\n return undefined;\n}\n","// This file is auto-generated by @hey-api/openapi-ts\n\nexport type AuthToken = string | undefined;\n\nexport interface Auth {\n /**\n * Which part of the request do we use to send the auth?\n *\n * @default 'header'\n */\n in?: 'header' | 'query' | 'cookie';\n /**\n * A unique identifier for the security scheme.\n *\n * Defined only when there are multiple security schemes whose `Auth`\n * shape would otherwise be identical.\n */\n key?: string;\n /**\n * Header or query parameter name.\n *\n * @default 'Authorization'\n */\n name?: string;\n scheme?: 'basic' | 'bearer';\n type: 'apiKey' | 'http';\n}\n\nexport const getAuthToken = async (\n auth: Auth,\n callback: ((auth: Auth) => Promise<AuthToken> | AuthToken) | AuthToken,\n): Promise<string | undefined> => {\n const token = typeof callback === 'function' ? await callback(auth) : callback;\n\n if (!token) {\n return;\n }\n\n if (auth.scheme === 'bearer') {\n return `Bearer ${token}`;\n }\n\n if (auth.scheme === 'basic') {\n return `Basic ${btoa(token)}`;\n }\n\n return token;\n};\n","// This file is auto-generated by @hey-api/openapi-ts\n\nimport { getAuthToken } from '../core/auth.gen';\nimport type { QuerySerializerOptions } from '../core/bodySerializer.gen';\nimport { jsonBodySerializer } from '../core/bodySerializer.gen';\nimport {\n serializeArrayParam,\n serializeObjectParam,\n serializePrimitiveParam,\n} from '../core/pathSerializer.gen';\nimport { getUrl } from '../core/utils.gen';\nimport type { Client, ClientOptions, Config, RequestOptions } from './types.gen';\n\nexport const createQuerySerializer = <T = unknown>({\n parameters = {},\n ...args\n}: QuerySerializerOptions = {}): ((queryParams: T) => string) => {\n const querySerializer = (queryParams: T): string => {\n const search: string[] = [];\n if (queryParams && typeof queryParams === 'object') {\n for (const name in queryParams) {\n const value = queryParams[name];\n\n if (value === undefined || value === null) {\n continue;\n }\n\n const options = parameters[name] || args;\n\n if (Array.isArray(value)) {\n const serializedArray = serializeArrayParam({\n allowReserved: options.allowReserved,\n explode: true,\n name,\n style: 'form',\n value,\n ...options.array,\n });\n if (serializedArray) search.push(serializedArray);\n } else if (typeof value === 'object') {\n const serializedObject = serializeObjectParam({\n allowReserved: options.allowReserved,\n explode: true,\n name,\n style: 'deepObject',\n value: value as Record<string, unknown>,\n ...options.object,\n });\n if (serializedObject) search.push(serializedObject);\n } else {\n const serializedPrimitive = serializePrimitiveParam({\n allowReserved: options.allowReserved,\n name,\n value: value as string,\n });\n if (serializedPrimitive) search.push(serializedPrimitive);\n }\n }\n }\n return search.join('&');\n };\n return querySerializer;\n};\n\n/**\n * Infers parseAs value from provided Content-Type header.\n */\nexport const getParseAs = (contentType: string | null): Exclude<Config['parseAs'], 'auto'> => {\n if (!contentType) {\n // If no Content-Type header is provided, the best we can do is return the raw response body,\n // which is effectively the same as the 'stream' option.\n return 'stream';\n }\n\n const cleanContent = contentType.split(';')[0]?.trim();\n\n if (!cleanContent) {\n return;\n }\n\n if (cleanContent.startsWith('application/json') || cleanContent.endsWith('+json')) {\n return 'json';\n }\n\n if (cleanContent === 'multipart/form-data') {\n return 'formData';\n }\n\n if (\n ['application/', 'audio/', 'image/', 'video/'].some((type) => cleanContent.startsWith(type))\n ) {\n return 'blob';\n }\n\n if (cleanContent.startsWith('text/')) {\n return 'text';\n }\n\n return;\n};\n\nconst checkForExistence = (\n options: Pick<RequestOptions, 'auth' | 'query'> & {\n headers: Headers;\n },\n name?: string,\n): boolean => {\n if (!name) {\n return false;\n }\n if (\n options.headers.has(name) ||\n options.query?.[name] ||\n options.headers.get('Cookie')?.includes(`${name}=`)\n ) {\n return true;\n }\n return false;\n};\n\nexport async function setAuthParams(\n options: Pick<RequestOptions, 'auth' | 'query' | 'security'> & {\n headers: Headers;\n },\n): Promise<void> {\n for (const auth of options.security ?? []) {\n if (checkForExistence(options, auth.name)) {\n continue;\n }\n\n const token = await getAuthToken(auth, options.auth);\n\n if (!token) {\n continue;\n }\n\n const name = auth.name ?? 'Authorization';\n\n switch (auth.in) {\n case 'query':\n if (!options.query) {\n options.query = {};\n }\n options.query[name] = token;\n break;\n case 'cookie':\n options.headers.append('Cookie', `${name}=${token}`);\n break;\n case 'header':\n default:\n options.headers.set(name, token);\n break;\n }\n }\n}\n\nexport const buildUrl: Client['buildUrl'] = (options) =>\n getUrl({\n baseUrl: options.baseUrl as string,\n path: options.path,\n query: options.query,\n querySerializer:\n typeof options.querySerializer === 'function'\n ? options.querySerializer\n : createQuerySerializer(options.querySerializer),\n url: options.url,\n });\n\nexport const mergeConfigs = (a: Config, b: Config): Config => {\n const config = { ...a, ...b };\n if (config.baseUrl?.endsWith('/')) {\n config.baseUrl = config.baseUrl.substring(0, config.baseUrl.length - 1);\n }\n config.headers = mergeHeaders(a.headers, b.headers);\n return config;\n};\n\nconst headersEntries = (headers: Headers): Array<[string, string]> => {\n const entries: Array<[string, string]> = [];\n headers.forEach((value, key) => {\n entries.push([key, value]);\n });\n return entries;\n};\n\nexport const mergeHeaders = (\n ...headers: Array<Required<Config>['headers'] | undefined>\n): Headers => {\n const mergedHeaders = new Headers();\n for (const header of headers) {\n if (!header) {\n continue;\n }\n\n const iterator = header instanceof Headers ? headersEntries(header) : Object.entries(header);\n\n for (const [key, value] of iterator) {\n if (value === null) {\n mergedHeaders.delete(key);\n } else if (Array.isArray(value)) {\n for (const v of value) {\n mergedHeaders.append(key, v as string);\n }\n } else if (value !== undefined) {\n // assume object headers are meant to be JSON stringified, i.e., their\n // content value in OpenAPI specification is 'application/json'\n mergedHeaders.set(\n key,\n typeof value === 'object' ? JSON.stringify(value) : (value as string),\n );\n }\n }\n }\n return mergedHeaders;\n};\n\ntype ErrInterceptor<Err, Res, Req, Options> = (\n error: Err,\n /** response may be undefined due to a network error where no response object is produced */\n response: Res | undefined,\n /** request may be undefined, because error may be from building the request object itself */\n request: Req | undefined,\n options: Options,\n) => Err | Promise<Err>;\n\ntype ReqInterceptor<Req, Options> = (request: Req, options: Options) => Req | Promise<Req>;\n\ntype ResInterceptor<Res, Req, Options> = (\n response: Res,\n request: Req,\n options: Options,\n) => Res | Promise<Res>;\n\nclass Interceptors<Interceptor> {\n fns: Array<Interceptor | null> = [];\n\n clear(): void {\n this.fns = [];\n }\n\n eject(id: number | Interceptor): void {\n const index = this.getInterceptorIndex(id);\n if (this.fns[index]) {\n this.fns[index] = null;\n }\n }\n\n exists(id: number | Interceptor): boolean {\n const index = this.getInterceptorIndex(id);\n return Boolean(this.fns[index]);\n }\n\n getInterceptorIndex(id: number | Interceptor): number {\n if (typeof id === 'number') {\n return this.fns[id] ? id : -1;\n }\n return this.fns.indexOf(id);\n }\n\n update(id: number | Interceptor, fn: Interceptor): number | Interceptor | false {\n const index = this.getInterceptorIndex(id);\n if (this.fns[index]) {\n this.fns[index] = fn;\n return id;\n }\n return false;\n }\n\n use(fn: Interceptor): number {\n this.fns.push(fn);\n return this.fns.length - 1;\n }\n}\n\nexport interface Middleware<Req, Res, Err, Options> {\n error: Interceptors<ErrInterceptor<Err, Res, Req, Options>>;\n request: Interceptors<ReqInterceptor<Req, Options>>;\n response: Interceptors<ResInterceptor<Res, Req, Options>>;\n}\n\nexport const createInterceptors = <Req, Res, Err, Options>(): Middleware<\n Req,\n Res,\n Err,\n Options\n> => ({\n error: new Interceptors<ErrInterceptor<Err, Res, Req, Options>>(),\n request: new Interceptors<ReqInterceptor<Req, Options>>(),\n response: new Interceptors<ResInterceptor<Res, Req, Options>>(),\n});\n\nconst defaultQuerySerializer = createQuerySerializer({\n allowReserved: false,\n array: {\n explode: true,\n style: 'form',\n },\n object: {\n explode: true,\n style: 'deepObject',\n },\n});\n\nconst defaultHeaders = {\n 'Content-Type': 'application/json',\n};\n\nexport const createConfig = <T extends ClientOptions = ClientOptions>(\n override: Config<Omit<ClientOptions, keyof T> & T> = {},\n): Config<Omit<ClientOptions, keyof T> & T> => ({\n ...jsonBodySerializer,\n headers: defaultHeaders,\n parseAs: 'auto',\n querySerializer: defaultQuerySerializer,\n ...override,\n});\n","// This file is auto-generated by @hey-api/openapi-ts\n\nimport { createSseClient } from '../core/serverSentEvents.gen';\nimport type { HttpMethod } from '../core/types.gen';\nimport { getValidRequestBody } from '../core/utils.gen';\nimport type { Client, Config, RequestOptions, ResolvedRequestOptions } from './types.gen';\nimport {\n buildUrl,\n createConfig,\n createInterceptors,\n getParseAs,\n mergeConfigs,\n mergeHeaders,\n setAuthParams,\n} from './utils.gen';\n\ntype ReqInit = Omit<RequestInit, 'body' | 'headers'> & {\n body?: any;\n headers: ReturnType<typeof mergeHeaders>;\n};\n\nexport const createClient = (config: Config = {}): Client => {\n let _config = mergeConfigs(createConfig(), config);\n\n const getConfig = (): Config => ({ ..._config });\n\n const setConfig = (config: Config): Config => {\n _config = mergeConfigs(_config, config);\n return getConfig();\n };\n\n const interceptors = createInterceptors<Request, Response, unknown, ResolvedRequestOptions>();\n\n const beforeRequest = async <\n TData = unknown,\n TResponseStyle extends 'data' | 'fields' = 'fields',\n ThrowOnError extends boolean = boolean,\n Url extends string = string,\n >(\n options: RequestOptions<TData, TResponseStyle, ThrowOnError, Url>,\n ) => {\n const opts = {\n ..._config,\n ...options,\n fetch: options.fetch ?? _config.fetch ?? globalThis.fetch,\n headers: mergeHeaders(_config.headers, options.headers),\n serializedBody: undefined as string | undefined,\n };\n\n if (opts.security) {\n await setAuthParams(opts);\n }\n\n if (opts.requestValidator) {\n await opts.requestValidator(opts);\n }\n\n if (opts.body !== undefined && opts.bodySerializer) {\n opts.serializedBody = opts.bodySerializer(opts.body) as string | undefined;\n }\n\n // remove Content-Type header if body is empty to avoid sending invalid requests\n if (opts.body === undefined || opts.serializedBody === '') {\n opts.headers.delete('Content-Type');\n }\n\n const resolvedOpts = opts as typeof opts &\n ResolvedRequestOptions<TResponseStyle, ThrowOnError, Url>;\n const url = buildUrl(resolvedOpts);\n\n return { opts: resolvedOpts, url };\n };\n\n const request: Client['request'] = async (options) => {\n const throwOnError = options.throwOnError ?? _config.throwOnError;\n const responseStyle = options.responseStyle ?? _config.responseStyle;\n\n let request: Request | undefined;\n let response: Response | undefined;\n\n try {\n const { opts, url } = await beforeRequest(options);\n const requestInit: ReqInit = {\n redirect: 'follow',\n ...opts,\n body: getValidRequestBody(opts),\n };\n\n request = new Request(url, requestInit);\n\n for (const fn of interceptors.request.fns) {\n if (fn) {\n request = await fn(request, opts);\n }\n }\n\n // fetch must be assigned here, otherwise it would throw the error:\n // TypeError: Failed to execute 'fetch' on 'Window': Illegal invocation\n const _fetch = opts.fetch!;\n\n response = await _fetch(request);\n\n for (const fn of interceptors.response.fns) {\n if (fn) {\n response = await fn(response, request, opts);\n }\n }\n\n const result = {\n request,\n response,\n };\n\n if (response.ok) {\n const parseAs =\n (opts.parseAs === 'auto'\n ? getParseAs(response.headers.get('Content-Type'))\n : opts.parseAs) ?? 'json';\n\n if (response.status === 204 || response.headers.get('Content-Length') === '0') {\n let emptyData: any;\n switch (parseAs) {\n case 'arrayBuffer':\n case 'blob':\n case 'text':\n emptyData = await response[parseAs]();\n break;\n case 'formData':\n emptyData = new FormData();\n break;\n case 'stream':\n emptyData = response.body;\n break;\n case 'json':\n default:\n emptyData = {};\n break;\n }\n return opts.responseStyle === 'data'\n ? emptyData\n : {\n data: emptyData,\n ...result,\n };\n }\n\n let data: any;\n switch (parseAs) {\n case 'arrayBuffer':\n case 'blob':\n case 'formData':\n case 'text':\n data = await response[parseAs]();\n break;\n case 'json': {\n // Some servers return 200 with no Content-Length and empty body.\n // response.json() would throw; read as text and parse if non-empty.\n const text = await response.text();\n data = text ? JSON.parse(text) : {};\n break;\n }\n case 'stream':\n return opts.responseStyle === 'data'\n ? response.body\n : {\n data: response.body,\n ...result,\n };\n }\n\n if (parseAs === 'json') {\n if (opts.responseValidator) {\n await opts.responseValidator(data);\n }\n\n if (opts.responseTransformer) {\n data = await opts.responseTransformer(data);\n }\n }\n\n return opts.responseStyle === 'data'\n ? data\n : {\n data,\n ...result,\n };\n }\n\n const textError = await response.text();\n let jsonError: unknown;\n\n try {\n jsonError = JSON.parse(textError);\n } catch {\n // noop\n }\n\n throw jsonError ?? textError;\n } catch (error) {\n let finalError = error;\n\n for (const fn of interceptors.error.fns) {\n if (fn) {\n finalError = await fn(finalError, response, request, options as ResolvedRequestOptions);\n }\n }\n\n finalError = finalError || {};\n\n if (throwOnError) {\n throw finalError;\n }\n\n // TODO: we probably want to return error and improve types\n return responseStyle === 'data'\n ? undefined\n : {\n error: finalError,\n request,\n response,\n };\n }\n };\n\n const makeMethodFn = (method: Uppercase<HttpMethod>) => (options: RequestOptions) =>\n request({ ...options, method });\n\n const makeSseFn = (method: Uppercase<HttpMethod>) => async (options: RequestOptions) => {\n const { opts, url } = await beforeRequest(options);\n return createSseClient({\n ...opts,\n body: opts.body as BodyInit | null | undefined,\n method,\n onRequest: async (url, init) => {\n let request = new Request(url, init);\n for (const fn of interceptors.request.fns) {\n if (fn) {\n request = await fn(request, opts);\n }\n }\n return request;\n },\n serializedBody: getValidRequestBody(opts) as BodyInit | null | undefined,\n url,\n });\n };\n\n const _buildUrl: Client['buildUrl'] = (options) => buildUrl({ ..._config, ...options });\n\n return {\n buildUrl: _buildUrl,\n connect: makeMethodFn('CONNECT'),\n delete: makeMethodFn('DELETE'),\n get: makeMethodFn('GET'),\n getConfig,\n head: makeMethodFn('HEAD'),\n interceptors,\n options: makeMethodFn('OPTIONS'),\n patch: makeMethodFn('PATCH'),\n post: makeMethodFn('POST'),\n put: makeMethodFn('PUT'),\n request,\n setConfig,\n sse: {\n connect: makeSseFn('CONNECT'),\n delete: makeSseFn('DELETE'),\n get: makeSseFn('GET'),\n head: makeSseFn('HEAD'),\n options: makeSseFn('OPTIONS'),\n patch: makeSseFn('PATCH'),\n post: makeSseFn('POST'),\n put: makeSseFn('PUT'),\n trace: makeSseFn('TRACE'),\n },\n trace: makeMethodFn('TRACE'),\n } as Client;\n};\n","// This file is auto-generated by @hey-api/openapi-ts\n\nimport { type Client, type ClientOptions, type Config, createClient, createConfig } from './client';\nimport type { ClientOptions as ClientOptions2 } from './types.gen';\n\n/**\n * The `createClientConfig()` function will be called on client initialization\n * and the returned object will become the client's initial configuration.\n *\n * You may want to initialize your client this way instead of calling\n * `setConfig()`. This is useful for example if you're using Next.js\n * to ensure your client always has the correct values.\n */\nexport type CreateClientConfig<T extends ClientOptions = ClientOptions2> = (override?: Config<ClientOptions & T>) => Config<Required<ClientOptions> & T>;\n\nexport const client: Client = createClient(createConfig<ClientOptions2>({ baseUrl: 'http://localhost:8000' }));\n\n// auto-init: install auth on client\nimport { installAuthOnClient } from './helpers/auth';\ninstallAuthOnClient(client);\n","// This file is auto-generated by @hey-api/openapi-ts\n\nimport { type Client, type ClientMeta, formDataBodySerializer, type Options as Options2, type RequestResult, type TDataShape } from './client';\nimport { client } from './client.gen';\nimport type { CfgAccountsApiKeyRegenerateCreateData, CfgAccountsApiKeyRegenerateCreateErrors, CfgAccountsApiKeyRegenerateCreateResponses, CfgAccountsApiKeyRetrieveData, CfgAccountsApiKeyRetrieveErrors, CfgAccountsApiKeyRetrieveResponses, CfgAccountsApiKeyRevealCreateData, CfgAccountsApiKeyRevealCreateErrors, CfgAccountsApiKeyRevealCreateResponses, CfgAccountsApiKeyTestCreateData, CfgAccountsApiKeyTestCreateResponses, CfgAccountsOauthConnectionsListData, CfgAccountsOauthConnectionsListResponses, CfgAccountsOauthDisconnectCreateData, CfgAccountsOauthDisconnectCreateErrors, CfgAccountsOauthDisconnectCreateResponses, CfgAccountsOauthGithubAuthorizeCreateData, CfgAccountsOauthGithubAuthorizeCreateErrors, CfgAccountsOauthGithubAuthorizeCreateResponses, CfgAccountsOauthGithubCallbackCreateData, CfgAccountsOauthGithubCallbackCreateErrors, CfgAccountsOauthGithubCallbackCreateResponses, CfgAccountsOauthProvidersRetrieveData, CfgAccountsOauthProvidersRetrieveResponses, CfgAccountsOtpRequestCreateData, CfgAccountsOtpRequestCreateErrors, CfgAccountsOtpRequestCreateResponses, CfgAccountsOtpVerifyCreateData, CfgAccountsOtpVerifyCreateErrors, CfgAccountsOtpVerifyCreateResponses, CfgAccountsProfileAvatarCreateData, CfgAccountsProfileAvatarCreateErrors, CfgAccountsProfileAvatarCreateResponses, CfgAccountsProfileDeleteCreateData, CfgAccountsProfileDeleteCreateErrors, CfgAccountsProfileDeleteCreateResponses, CfgAccountsProfilePartialPartialUpdateData, CfgAccountsProfilePartialPartialUpdateErrors, CfgAccountsProfilePartialPartialUpdateResponses, CfgAccountsProfilePartialUpdateData, CfgAccountsProfilePartialUpdateErrors, CfgAccountsProfilePartialUpdateResponses, CfgAccountsProfileRetrieveData, CfgAccountsProfileRetrieveErrors, CfgAccountsProfileRetrieveResponses, CfgAccountsProfileUpdatePartialUpdateData, CfgAccountsProfileUpdatePartialUpdateErrors, CfgAccountsProfileUpdatePartialUpdateResponses, CfgAccountsProfileUpdateUpdateData, CfgAccountsProfileUpdateUpdateErrors, CfgAccountsProfileUpdateUpdateResponses, CfgAccountsTokenBlacklistCreateData, CfgAccountsTokenBlacklistCreateResponses, CfgAccountsTokenRefreshCreateData, CfgAccountsTokenRefreshCreateResponses, CfgCentrifugoAuthTokenRetrieveData, CfgCentrifugoAuthTokenRetrieveErrors, CfgCentrifugoAuthTokenRetrieveResponses, CfgTotpBackupCodesRegenerateCreateData, CfgTotpBackupCodesRegenerateCreateErrors, CfgTotpBackupCodesRegenerateCreateResponses, CfgTotpBackupCodesRetrieveData, CfgTotpBackupCodesRetrieveResponses, CfgTotpDevicesDestroyData, CfgTotpDevicesDestroyResponses, CfgTotpDevicesRetrieveData, CfgTotpDevicesRetrieveResponses, CfgTotpDisableCreateData, CfgTotpDisableCreateErrors, CfgTotpDisableCreateResponses, CfgTotpSetupConfirmCreateData, CfgTotpSetupConfirmCreateErrors, CfgTotpSetupConfirmCreateResponses, CfgTotpSetupCreateData, CfgTotpSetupCreateErrors, CfgTotpSetupCreateResponses, CfgTotpVerifyBackupCreateData, CfgTotpVerifyBackupCreateErrors, CfgTotpVerifyBackupCreateResponses, CfgTotpVerifyCreateData, CfgTotpVerifyCreateErrors, CfgTotpVerifyCreateResponses } from './types.gen';\n\nexport type Options<TData extends TDataShape = TDataShape, ThrowOnError extends boolean = boolean, TResponse = unknown> = Options2<TData, ThrowOnError, TResponse> & {\n /**\n * You can provide a client instance returned by `createClient()` instead of\n * individual options. This might be also useful if you want to implement a\n * custom client.\n */\n client?: Client;\n /**\n * You can pass arbitrary values through the `meta` object. This can be\n * used to access values that aren't defined as part of the SDK function.\n */\n meta?: keyof ClientMeta extends never ? Record<string, unknown> : ClientMeta;\n};\n\nexport class CfgAccountsApiKey {\n /**\n * Get API key details\n *\n * Retrieve the current user's API key (masked) and metadata.\n */\n public static cfgAccountsApiKeyRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsApiKeyRetrieveData, ThrowOnError>): RequestResult<CfgAccountsApiKeyRetrieveResponses, CfgAccountsApiKeyRetrieveErrors, ThrowOnError> {\n return (options?.client ?? client).get<CfgAccountsApiKeyRetrieveResponses, CfgAccountsApiKeyRetrieveErrors, ThrowOnError>({\n security: [\n { scheme: 'bearer', type: 'http' },\n {\n in: 'cookie',\n name: 'sessionid',\n type: 'apiKey'\n },\n { name: 'X-API-Key', type: 'apiKey' }\n ],\n url: '/cfg/accounts/api-key/',\n ...options\n });\n }\n \n /**\n * Regenerate API key\n *\n * Generate a new API key. The full key is returned only once.\n */\n public static cfgAccountsApiKeyRegenerateCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsApiKeyRegenerateCreateData, ThrowOnError>): RequestResult<CfgAccountsApiKeyRegenerateCreateResponses, CfgAccountsApiKeyRegenerateCreateErrors, ThrowOnError> {\n return (options.client ?? client).post<CfgAccountsApiKeyRegenerateCreateResponses, CfgAccountsApiKeyRegenerateCreateErrors, ThrowOnError>({\n security: [\n { scheme: 'bearer', type: 'http' },\n {\n in: 'cookie',\n name: 'sessionid',\n type: 'apiKey'\n },\n { name: 'X-API-Key', type: 'apiKey' }\n ],\n url: '/cfg/accounts/api-key/regenerate/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options.headers\n }\n });\n }\n \n /**\n * Reveal API key\n *\n * Return the current full API key WITHOUT rotating it. The same durable value every one of the user's agents uses — for the signed-in user to copy and paste into agent onboarding. Default GET stays masked; this is the explicit reveal action.\n */\n public static cfgAccountsApiKeyRevealCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsApiKeyRevealCreateData, ThrowOnError>): RequestResult<CfgAccountsApiKeyRevealCreateResponses, CfgAccountsApiKeyRevealCreateErrors, ThrowOnError> {\n return (options.client ?? client).post<CfgAccountsApiKeyRevealCreateResponses, CfgAccountsApiKeyRevealCreateErrors, ThrowOnError>({\n security: [\n { scheme: 'bearer', type: 'http' },\n {\n in: 'cookie',\n name: 'sessionid',\n type: 'apiKey'\n },\n { name: 'X-API-Key', type: 'apiKey' }\n ],\n url: '/cfg/accounts/api-key/reveal/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options.headers\n }\n });\n }\n \n /**\n * Test API key\n *\n * Test whether an API key is valid without consuming it.\n */\n public static cfgAccountsApiKeyTestCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsApiKeyTestCreateData, ThrowOnError>): RequestResult<CfgAccountsApiKeyTestCreateResponses, unknown, ThrowOnError> {\n return (options.client ?? client).post<CfgAccountsApiKeyTestCreateResponses, unknown, ThrowOnError>({\n security: [\n { scheme: 'bearer', type: 'http' },\n {\n in: 'cookie',\n name: 'sessionid',\n type: 'apiKey'\n },\n { name: 'X-API-Key', type: 'apiKey' }\n ],\n url: '/cfg/accounts/api-key/test/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options.headers\n }\n });\n }\n}\n\nexport class CfgAccountsOauth {\n /**\n * List OAuth connections\n *\n * Get all OAuth connections for the current user.\n */\n public static cfgAccountsOauthConnectionsList<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsOauthConnectionsListData, ThrowOnError>): RequestResult<CfgAccountsOauthConnectionsListResponses, unknown, ThrowOnError> {\n return (options?.client ?? client).get<CfgAccountsOauthConnectionsListResponses, unknown, ThrowOnError>({\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/accounts/oauth/connections/',\n ...options\n });\n }\n \n /**\n * Disconnect OAuth provider\n *\n * Remove OAuth connection for the specified provider.\n */\n public static cfgAccountsOauthDisconnectCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsOauthDisconnectCreateData, ThrowOnError>): RequestResult<CfgAccountsOauthDisconnectCreateResponses, CfgAccountsOauthDisconnectCreateErrors, ThrowOnError> {\n return (options.client ?? client).post<CfgAccountsOauthDisconnectCreateResponses, CfgAccountsOauthDisconnectCreateErrors, ThrowOnError>({\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/accounts/oauth/disconnect/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options.headers\n }\n });\n }\n \n /**\n * Start GitHub OAuth\n *\n * Generate GitHub OAuth authorization URL. Redirect user to this URL to start authentication.\n */\n public static cfgAccountsOauthGithubAuthorizeCreate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsOauthGithubAuthorizeCreateData, ThrowOnError>): RequestResult<CfgAccountsOauthGithubAuthorizeCreateResponses, CfgAccountsOauthGithubAuthorizeCreateErrors, ThrowOnError> {\n return (options?.client ?? client).post<CfgAccountsOauthGithubAuthorizeCreateResponses, CfgAccountsOauthGithubAuthorizeCreateErrors, ThrowOnError>({\n url: '/cfg/accounts/oauth/github/authorize/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options?.headers\n }\n });\n }\n \n /**\n * Complete GitHub OAuth\n *\n * Exchange authorization code for JWT tokens. Call this after GitHub redirects back with code.\n */\n public static cfgAccountsOauthGithubCallbackCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsOauthGithubCallbackCreateData, ThrowOnError>): RequestResult<CfgAccountsOauthGithubCallbackCreateResponses, CfgAccountsOauthGithubCallbackCreateErrors, ThrowOnError> {\n return (options.client ?? client).post<CfgAccountsOauthGithubCallbackCreateResponses, CfgAccountsOauthGithubCallbackCreateErrors, ThrowOnError>({\n url: '/cfg/accounts/oauth/github/callback/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options.headers\n }\n });\n }\n \n /**\n * List OAuth providers\n *\n * Get list of available OAuth providers for authentication.\n */\n public static cfgAccountsOauthProvidersRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsOauthProvidersRetrieveData, ThrowOnError>): RequestResult<CfgAccountsOauthProvidersRetrieveResponses, unknown, ThrowOnError> {\n return (options?.client ?? client).get<CfgAccountsOauthProvidersRetrieveResponses, unknown, ThrowOnError>({ url: '/cfg/accounts/oauth/providers/', ...options });\n }\n}\n\nexport class CfgAccounts {\n /**\n * Request OTP code to email.\n */\n public static cfgAccountsOtpRequestCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsOtpRequestCreateData, ThrowOnError>): RequestResult<CfgAccountsOtpRequestCreateResponses, CfgAccountsOtpRequestCreateErrors, ThrowOnError> {\n return (options.client ?? client).post<CfgAccountsOtpRequestCreateResponses, CfgAccountsOtpRequestCreateErrors, ThrowOnError>({\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/accounts/otp/request/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options.headers\n }\n });\n }\n \n /**\n * Verify OTP code and return JWT tokens or 2FA session.\n *\n * If user has 2FA enabled:\n * - Returns requires_2fa=True with session_id\n * - Client must complete 2FA verification at /cfg/totp/verify/\n *\n * If user has no 2FA:\n * - Returns JWT tokens and user data directly\n */\n public static cfgAccountsOtpVerifyCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsOtpVerifyCreateData, ThrowOnError>): RequestResult<CfgAccountsOtpVerifyCreateResponses, CfgAccountsOtpVerifyCreateErrors, ThrowOnError> {\n return (options.client ?? client).post<CfgAccountsOtpVerifyCreateResponses, CfgAccountsOtpVerifyCreateErrors, ThrowOnError>({\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/accounts/otp/verify/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options.headers\n }\n });\n }\n}\n\nexport class CfgAccountsProfile {\n /**\n * Get current user profile\n *\n * Retrieve the current authenticated user's profile information.\n */\n public static cfgAccountsProfileRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileRetrieveData, ThrowOnError>): RequestResult<CfgAccountsProfileRetrieveResponses, CfgAccountsProfileRetrieveErrors, ThrowOnError> {\n return (options?.client ?? client).get<CfgAccountsProfileRetrieveResponses, CfgAccountsProfileRetrieveErrors, ThrowOnError>({\n security: [{ scheme: 'bearer', type: 'http' }, {\n in: 'cookie',\n name: 'sessionid',\n type: 'apiKey'\n }],\n url: '/cfg/accounts/profile/',\n ...options\n });\n }\n \n /**\n * Upload user avatar\n *\n * Upload avatar image for the current authenticated user. Accepts multipart/form-data with 'avatar' field.\n */\n public static cfgAccountsProfileAvatarCreate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileAvatarCreateData, ThrowOnError>): RequestResult<CfgAccountsProfileAvatarCreateResponses, CfgAccountsProfileAvatarCreateErrors, ThrowOnError> {\n return (options?.client ?? client).post<CfgAccountsProfileAvatarCreateResponses, CfgAccountsProfileAvatarCreateErrors, ThrowOnError>({\n ...formDataBodySerializer,\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/accounts/profile/avatar/',\n ...options,\n headers: {\n 'Content-Type': null,\n ...options?.headers\n }\n });\n }\n \n /**\n * Delete user account\n *\n *\n * Permanently delete the current user's account.\n *\n * This operation:\n * - Deactivates the account (user cannot log in)\n * - Anonymizes personal data (GDPR compliance)\n * - Frees up the email address for re-registration\n * - Preserves audit trail\n *\n * The account can be restored by an administrator if needed.\n *\n */\n public static cfgAccountsProfileDeleteCreate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileDeleteCreateData, ThrowOnError>): RequestResult<CfgAccountsProfileDeleteCreateResponses, CfgAccountsProfileDeleteCreateErrors, ThrowOnError> {\n return (options?.client ?? client).post<CfgAccountsProfileDeleteCreateResponses, CfgAccountsProfileDeleteCreateErrors, ThrowOnError>({\n security: [{ scheme: 'bearer', type: 'http' }, {\n in: 'cookie',\n name: 'sessionid',\n type: 'apiKey'\n }],\n url: '/cfg/accounts/profile/delete/',\n ...options\n });\n }\n \n /**\n * Partial update user profile\n *\n * Partially update the current authenticated user's profile information. Supports avatar upload.\n */\n public static cfgAccountsProfilePartialPartialUpdate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfilePartialPartialUpdateData, ThrowOnError>): RequestResult<CfgAccountsProfilePartialPartialUpdateResponses, CfgAccountsProfilePartialPartialUpdateErrors, ThrowOnError> {\n return (options?.client ?? client).patch<CfgAccountsProfilePartialPartialUpdateResponses, CfgAccountsProfilePartialPartialUpdateErrors, ThrowOnError>({\n security: [{ scheme: 'bearer', type: 'http' }, {\n in: 'cookie',\n name: 'sessionid',\n type: 'apiKey'\n }],\n url: '/cfg/accounts/profile/partial/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options?.headers\n }\n });\n }\n \n /**\n * Partial update user profile\n *\n * Partially update the current authenticated user's profile information. Supports avatar upload.\n */\n public static cfgAccountsProfilePartialUpdate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfilePartialUpdateData, ThrowOnError>): RequestResult<CfgAccountsProfilePartialUpdateResponses, CfgAccountsProfilePartialUpdateErrors, ThrowOnError> {\n return (options?.client ?? client).put<CfgAccountsProfilePartialUpdateResponses, CfgAccountsProfilePartialUpdateErrors, ThrowOnError>({\n security: [{ scheme: 'bearer', type: 'http' }, {\n in: 'cookie',\n name: 'sessionid',\n type: 'apiKey'\n }],\n url: '/cfg/accounts/profile/partial/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options?.headers\n }\n });\n }\n \n /**\n * Update user profile\n *\n * Update the current authenticated user's profile information.\n */\n public static cfgAccountsProfileUpdatePartialUpdate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileUpdatePartialUpdateData, ThrowOnError>): RequestResult<CfgAccountsProfileUpdatePartialUpdateResponses, CfgAccountsProfileUpdatePartialUpdateErrors, ThrowOnError> {\n return (options?.client ?? client).patch<CfgAccountsProfileUpdatePartialUpdateResponses, CfgAccountsProfileUpdatePartialUpdateErrors, ThrowOnError>({\n security: [{ scheme: 'bearer', type: 'http' }, {\n in: 'cookie',\n name: 'sessionid',\n type: 'apiKey'\n }],\n url: '/cfg/accounts/profile/update/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options?.headers\n }\n });\n }\n \n /**\n * Update user profile\n *\n * Update the current authenticated user's profile information.\n */\n public static cfgAccountsProfileUpdateUpdate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileUpdateUpdateData, ThrowOnError>): RequestResult<CfgAccountsProfileUpdateUpdateResponses, CfgAccountsProfileUpdateUpdateErrors, ThrowOnError> {\n return (options?.client ?? client).put<CfgAccountsProfileUpdateUpdateResponses, CfgAccountsProfileUpdateUpdateErrors, ThrowOnError>({\n security: [{ scheme: 'bearer', type: 'http' }, {\n in: 'cookie',\n name: 'sessionid',\n type: 'apiKey'\n }],\n url: '/cfg/accounts/profile/update/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options?.headers\n }\n });\n }\n}\n\nexport class CfgAccountsAuth {\n /**\n * Revoke a refresh token (logout).\n *\n * Blacklists the posted refresh token so it can never mint another access\n * token. Called best-effort by the client's logout — without it, \"logout\"\n * is purely client-side and a stolen refresh token survives until expiry.\n */\n public static cfgAccountsTokenBlacklistCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsTokenBlacklistCreateData, ThrowOnError>): RequestResult<CfgAccountsTokenBlacklistCreateResponses, unknown, ThrowOnError> {\n return (options.client ?? client).post<CfgAccountsTokenBlacklistCreateResponses, unknown, ThrowOnError>({\n url: '/cfg/accounts/token/blacklist/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options.headers\n }\n });\n }\n \n /**\n * Refresh JWT token.\n *\n * DPoP-aware: when the incoming refresh token is key-bound (`cnf.jkt`), the\n * rotated access/refresh in the response are re-stamped with the same `cnf`\n * (stock SimpleJWT drops it from the derived access), and a matching DPoP\n * proof is required on the refresh request — so a stolen refresh token can't\n * be used to mint fresh tokens.\n */\n public static cfgAccountsTokenRefreshCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsTokenRefreshCreateData, ThrowOnError>): RequestResult<CfgAccountsTokenRefreshCreateResponses, unknown, ThrowOnError> {\n return (options.client ?? client).post<CfgAccountsTokenRefreshCreateResponses, unknown, ThrowOnError>({\n url: '/cfg/accounts/token/refresh/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options.headers\n }\n });\n }\n}\n\nexport class CfgCentrifugo {\n /**\n * Get Centrifugo connection token\n *\n * Generate JWT token for WebSocket connection to Centrifugo. Token includes user's allowed channels based on their permissions. Requires authentication.\n */\n public static cfgCentrifugoAuthTokenRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgCentrifugoAuthTokenRetrieveData, ThrowOnError>): RequestResult<CfgCentrifugoAuthTokenRetrieveResponses, CfgCentrifugoAuthTokenRetrieveErrors, ThrowOnError> {\n return (options?.client ?? client).get<CfgCentrifugoAuthTokenRetrieveResponses, CfgCentrifugoAuthTokenRetrieveErrors, ThrowOnError>({\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/centrifugo/auth/token/',\n ...options\n });\n }\n}\n\nexport class CfgTotpBackupCodes {\n /**\n * Get backup codes status for user.\n */\n public static cfgTotpBackupCodesRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgTotpBackupCodesRetrieveData, ThrowOnError>): RequestResult<CfgTotpBackupCodesRetrieveResponses, unknown, ThrowOnError> {\n return (options?.client ?? client).get<CfgTotpBackupCodesRetrieveResponses, unknown, ThrowOnError>({\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/totp/backup-codes/',\n ...options\n });\n }\n \n /**\n * Regenerate backup codes.\n *\n * Requires TOTP code for verification.\n * Invalidates all existing codes.\n */\n public static cfgTotpBackupCodesRegenerateCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpBackupCodesRegenerateCreateData, ThrowOnError>): RequestResult<CfgTotpBackupCodesRegenerateCreateResponses, CfgTotpBackupCodesRegenerateCreateErrors, ThrowOnError> {\n return (options.client ?? client).post<CfgTotpBackupCodesRegenerateCreateResponses, CfgTotpBackupCodesRegenerateCreateErrors, ThrowOnError>({\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/totp/backup-codes/regenerate/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options.headers\n }\n });\n }\n}\n\nexport class CfgTotp {\n /**\n * List all TOTP devices for user.\n */\n public static cfgTotpDevicesRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgTotpDevicesRetrieveData, ThrowOnError>): RequestResult<CfgTotpDevicesRetrieveResponses, unknown, ThrowOnError> {\n return (options?.client ?? client).get<CfgTotpDevicesRetrieveResponses, unknown, ThrowOnError>({\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/totp/devices/',\n ...options\n });\n }\n \n /**\n * Delete a TOTP device.\n *\n * Requires verification code if removing the last/primary device.\n */\n public static cfgTotpDevicesDestroy<ThrowOnError extends boolean = false>(options: Options<CfgTotpDevicesDestroyData, ThrowOnError>): RequestResult<CfgTotpDevicesDestroyResponses, unknown, ThrowOnError> {\n return (options.client ?? client).delete<CfgTotpDevicesDestroyResponses, unknown, ThrowOnError>({\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/totp/devices/{id}/',\n ...options\n });\n }\n \n /**\n * Completely disable 2FA for account.\n *\n * Requires verification code.\n */\n public static cfgTotpDisableCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpDisableCreateData, ThrowOnError>): RequestResult<CfgTotpDisableCreateResponses, CfgTotpDisableCreateErrors, ThrowOnError> {\n return (options.client ?? client).post<CfgTotpDisableCreateResponses, CfgTotpDisableCreateErrors, ThrowOnError>({\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/totp/disable/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options.headers\n }\n });\n }\n}\n\nexport class CfgTotpSetup {\n /**\n * Start 2FA setup process.\n *\n * Creates a new TOTP device and returns QR code for scanning.\n */\n public static cfgTotpSetupCreate<ThrowOnError extends boolean = false>(options?: Options<CfgTotpSetupCreateData, ThrowOnError>): RequestResult<CfgTotpSetupCreateResponses, CfgTotpSetupCreateErrors, ThrowOnError> {\n return (options?.client ?? client).post<CfgTotpSetupCreateResponses, CfgTotpSetupCreateErrors, ThrowOnError>({\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/totp/setup/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options?.headers\n }\n });\n }\n \n /**\n * Confirm 2FA setup with first valid code.\n *\n * Activates the device and generates backup codes.\n */\n public static cfgTotpSetupConfirmCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpSetupConfirmCreateData, ThrowOnError>): RequestResult<CfgTotpSetupConfirmCreateResponses, CfgTotpSetupConfirmCreateErrors, ThrowOnError> {\n return (options.client ?? client).post<CfgTotpSetupConfirmCreateResponses, CfgTotpSetupConfirmCreateErrors, ThrowOnError>({\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/totp/setup/confirm/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options.headers\n }\n });\n }\n}\n\nexport class CfgTotpVerify {\n /**\n * Verify TOTP code for 2FA session.\n *\n * Completes authentication and returns JWT tokens on success.\n */\n public static cfgTotpVerifyCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpVerifyCreateData, ThrowOnError>): RequestResult<CfgTotpVerifyCreateResponses, CfgTotpVerifyCreateErrors, ThrowOnError> {\n return (options.client ?? client).post<CfgTotpVerifyCreateResponses, CfgTotpVerifyCreateErrors, ThrowOnError>({\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/totp/verify/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options.headers\n }\n });\n }\n \n /**\n * Verify backup recovery code for 2FA session.\n *\n * Alternative verification method when TOTP device unavailable.\n */\n public static cfgTotpVerifyBackupCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpVerifyBackupCreateData, ThrowOnError>): RequestResult<CfgTotpVerifyBackupCreateResponses, CfgTotpVerifyBackupCreateErrors, ThrowOnError> {\n return (options.client ?? client).post<CfgTotpVerifyBackupCreateResponses, CfgTotpVerifyBackupCreateErrors, ThrowOnError>({\n security: [\n { name: 'X-API-Key', type: 'apiKey' },\n { scheme: 'bearer', type: 'http' },\n { name: 'Authorization', type: 'apiKey' }\n ],\n url: '/cfg/totp/verify/backup/',\n ...options,\n headers: {\n 'Content-Type': 'application/json',\n ...options.headers\n }\n });\n }\n}\n","import { isDev } from \"./env\";\n/**\n * Analytics stub for @djangocfg/api/auth\n * Provides minimal analytics interface without external dependencies\n *\n * If you need full analytics, install @djangocfg/layouts and use its Analytics module\n */\n\nexport enum AnalyticsEvent {\n AUTH_OTP_REQUEST = 'auth_otp_request',\n AUTH_LOGIN_SUCCESS = 'auth_login_success',\n AUTH_OTP_VERIFY_FAIL = 'auth_otp_verify_fail',\n AUTH_SESSION_EXPIRED = 'auth_session_expired',\n AUTH_TOKEN_REFRESH = 'auth_token_refresh',\n AUTH_TOKEN_REFRESH_FAIL = 'auth_token_refresh_fail',\n AUTH_LOGOUT = 'auth_logout',\n AUTH_OAUTH_START = 'auth_oauth_start',\n AUTH_OAUTH_FAIL = 'auth_oauth_fail',\n}\n\nexport enum AnalyticsCategory {\n AUTH = 'auth',\n}\n\nexport type AnalyticsEventType = `${AnalyticsEvent}`;\nexport type AnalyticsCategoryType = `${AnalyticsCategory}`;\n\ninterface AnalyticsEventParams {\n category?: AnalyticsCategoryType;\n label?: string;\n value?: number;\n [key: string]: any;\n}\n\n/**\n * Minimal analytics implementation\n * Logs to console in development, silent in production\n */\nexport const Analytics = {\n /**\n * Track an analytics event\n */\n event(eventName: AnalyticsEventType, params?: AnalyticsEventParams) {\n if (isDev) {\n console.log('[Analytics]', eventName, params);\n }\n\n // You can extend this to send to your analytics service\n // Example: window.gtag?.('event', eventName, params);\n },\n\n /**\n * Set user ID for tracking\n */\n setUser(userId: string) {\n if (isDev) {\n console.log('[Analytics] Set user:', userId);\n }\n\n // You can extend this to send to your analytics service\n // Example: window.gtag?.('set', { user_id: userId });\n },\n};\n","'use client';\n\nimport { useState } from 'react';\n\nimport { authLogger } from '../utils/logger';\n\n/**\n * Simple sessionStorage hook with better error handling\n * @param key - Storage key\n * @param initialValue - Default value if key doesn't exist\n * @returns [value, setValue, removeValue] - Current value, setter function, and remove function\n */\nexport function useSessionStorage<T>(key: string, initialValue: T) {\n // Get initial value from sessionStorage or use provided initialValue\n const [storedValue, setStoredValue] = useState<T>(() => {\n if (typeof window === 'undefined') {\n return initialValue;\n }\n\n try {\n const item = window.sessionStorage.getItem(key);\n return item ? JSON.parse(item) : initialValue;\n } catch (error) {\n authLogger.error(`Error reading sessionStorage key \"${key}\":`, error);\n return initialValue;\n }\n });\n\n // Check data size and limit\n const checkDataSize = (data: any): boolean => {\n try {\n const jsonString = JSON.stringify(data);\n const sizeInBytes = new Blob([jsonString]).size;\n const sizeInKB = sizeInBytes / 1024;\n \n // Limit to 1MB per item\n if (sizeInKB > 1024) {\n authLogger.warn(`Data size (${sizeInKB.toFixed(2)}KB) exceeds 1MB limit for key \"${key}\"`);\n return false;\n }\n\n return true;\n } catch (error) {\n authLogger.error(`Error checking data size for key \"${key}\":`, error);\n return false;\n }\n };\n\n // Clear old data when sessionStorage is full\n const clearOldData = () => {\n try {\n const keys = Object.keys(sessionStorage).filter(key => key && typeof key === 'string');\n // Remove oldest items if we have more than 50 items\n if (keys.length > 50) {\n const itemsToRemove = Math.ceil(keys.length * 0.2);\n for (let i = 0; i < itemsToRemove; i++) {\n try {\n const key = keys[i];\n if (key) {\n sessionStorage.removeItem(key);\n sessionStorage.removeItem(`${key}_timestamp`);\n }\n } catch {\n // Ignore errors when removing items\n }\n }\n }\n } catch (error) {\n authLogger.error('Error clearing old sessionStorage data:', error);\n }\n };\n\n // Force clear all data if quota is exceeded\n const forceClearAll = () => {\n try {\n const keys = Object.keys(sessionStorage);\n for (const key of keys) {\n try {\n sessionStorage.removeItem(key);\n } catch {\n // Ignore errors when removing items\n }\n }\n } catch (error) {\n authLogger.error('Error force clearing sessionStorage:', error);\n }\n };\n\n // Update sessionStorage when value changes\n const setValue = (value: T | ((val: T) => T)) => {\n try {\n const valueToStore = value instanceof Function ? value(storedValue) : value;\n \n // Check data size before attempting to save\n if (!checkDataSize(valueToStore)) {\n authLogger.warn(`Data size too large for key \"${key}\", removing key`);\n // Remove the key if data is too large\n try {\n window.sessionStorage.removeItem(key);\n window.sessionStorage.removeItem(`${key}_timestamp`);\n } catch {\n // Ignore errors when removing\n }\n // Still update the state\n setStoredValue(valueToStore);\n return;\n }\n \n setStoredValue(valueToStore);\n\n if (typeof window !== 'undefined') {\n // Try to set the value\n try {\n window.sessionStorage.setItem(key, JSON.stringify(valueToStore));\n // Add timestamp for cleanup\n window.sessionStorage.setItem(`${key}_timestamp`, Date.now().toString());\n } catch (storageError: any) {\n // If quota exceeded, clear old data and try again\n if (storageError.name === 'QuotaExceededError' ||\n storageError.code === 22 ||\n storageError.message?.includes('quota')) {\n authLogger.warn('sessionStorage quota exceeded, clearing old data...');\n clearOldData();\n \n // Try again after clearing\n try {\n window.sessionStorage.setItem(key, JSON.stringify(valueToStore));\n window.sessionStorage.setItem(`${key}_timestamp`, Date.now().toString());\n } catch (retryError) {\n authLogger.error(`Failed to set sessionStorage key \"${key}\" after clearing old data:`, retryError);\n // If still fails, force clear all and try one more time\n try {\n forceClearAll();\n window.sessionStorage.setItem(key, JSON.stringify(valueToStore));\n window.sessionStorage.setItem(`${key}_timestamp`, Date.now().toString());\n } catch (finalError) {\n authLogger.error(`Failed to set sessionStorage key \"${key}\" after force clearing:`, finalError);\n // If still fails, just update the state without sessionStorage\n setStoredValue(valueToStore);\n }\n }\n } else {\n throw storageError;\n }\n }\n }\n } catch (error) {\n authLogger.error(`Error setting sessionStorage key \"${key}\":`, error);\n // Still update the state even if sessionStorage fails\n const valueToStore = value instanceof Function ? value(storedValue) : value;\n setStoredValue(valueToStore);\n }\n };\n\n // Remove value from sessionStorage\n const removeValue = () => {\n try {\n setStoredValue(initialValue);\n if (typeof window !== 'undefined') {\n try {\n window.sessionStorage.removeItem(key);\n window.sessionStorage.removeItem(`${key}_timestamp`);\n } catch (removeError: any) {\n // If removal fails due to quota, try to clear some data first\n if (removeError.name === 'QuotaExceededError' ||\n removeError.code === 22 ||\n removeError.message?.includes('quota')) {\n authLogger.warn('sessionStorage quota exceeded during removal, clearing old data...');\n clearOldData();\n \n try {\n window.sessionStorage.removeItem(key);\n window.sessionStorage.removeItem(`${key}_timestamp`);\n } catch (retryError) {\n authLogger.error(`Failed to remove sessionStorage key \"${key}\" after clearing:`, retryError);\n // If still fails, force clear all\n forceClearAll();\n }\n } else {\n throw removeError;\n }\n }\n }\n } catch (error) {\n authLogger.error(`Error removing sessionStorage key \"${key}\":`, error);\n }\n };\n\n return [storedValue, setValue, removeValue] as const;\n}\n","import { useSessionStorage } from './useSessionStorage';\n\nconst AUTH_REDIRECT_KEY = 'auth_redirect_url';\n\nexport interface AuthRedirectOptions {\n fallbackUrl?: string;\n clearOnUse?: boolean;\n}\n\n/**\n * Read redirect URL directly from sessionStorage (bypasses React state)\n * This is needed because different component instances have different React states\n */\nconst getRedirectFromStorage = (): string => {\n if (typeof window === 'undefined') return '';\n try {\n const item = window.sessionStorage.getItem(AUTH_REDIRECT_KEY);\n return item ? JSON.parse(item) : '';\n } catch {\n return '';\n }\n};\n\n/**\n * Clear redirect URL directly from sessionStorage\n */\nconst clearRedirectFromStorage = (): void => {\n if (typeof window === 'undefined') return;\n try {\n window.sessionStorage.removeItem(AUTH_REDIRECT_KEY);\n window.sessionStorage.removeItem(`${AUTH_REDIRECT_KEY}_timestamp`);\n } catch {\n // Ignore errors\n }\n};\n\n/**\n * Read the saved back-url without clearing it. Null when nothing saved —\n * unlike getFinalRedirectUrl, never substitutes a fallback.\n */\nexport const peekSavedRedirect = (): string | null => getRedirectFromStorage() || null;\n\n/**\n * Read AND clear the saved back-url (single-use intent). Null when nothing\n * saved. This is the one primitive every post-auth navigator uses to honor\n * \"return the user to where the guard bounced them from\".\n */\nexport const consumeSavedRedirect = (): string | null => {\n const stored = getRedirectFromStorage();\n if (stored) clearRedirectFromStorage();\n return stored || null;\n};\n\nexport const useAuthRedirectManager = (options: AuthRedirectOptions = {}) => {\n const { fallbackUrl = '/dashboard', clearOnUse = true } = options;\n const [redirectUrl, setRedirectUrl, removeRedirectUrl] = useSessionStorage<string>(AUTH_REDIRECT_KEY, '');\n\n const setRedirect = (url: string) => {\n setRedirectUrl(url);\n };\n\n const getRedirect = () => {\n // Read directly from storage to get latest value across components\n return getRedirectFromStorage() || redirectUrl;\n };\n\n const clearRedirect = () => {\n removeRedirectUrl();\n clearRedirectFromStorage();\n };\n\n const hasRedirect = () => {\n const stored = getRedirectFromStorage();\n return stored.length > 0 || redirectUrl.length > 0;\n };\n\n const getFinalRedirectUrl = () => {\n // Read directly from storage to get latest value across components\n const stored = getRedirectFromStorage();\n return stored || redirectUrl || fallbackUrl;\n };\n\n const useAndClearRedirect = () => {\n // Read directly from storage to ensure we get the latest saved URL\n // even if it was saved by a different component instance\n const stored = getRedirectFromStorage();\n const finalUrl = stored || redirectUrl || fallbackUrl;\n\n if (clearOnUse) {\n clearRedirect();\n }\n return finalUrl;\n };\n\n return {\n redirectUrl,\n setRedirect,\n getRedirect,\n clearRedirect,\n hasRedirect,\n getFinalRedirectUrl,\n useAndClearRedirect\n };\n}; ","'use client';\n\nimport { APIError } from '../../_api/generated/helpers';\n\n/**\n * Shared internals for the 2FA hook family (verify / setup / status).\n *\n * Before consolidation each of the three hooks re-implemented error extraction\n * and 6-digit validation slightly differently — three copies that drifted. This\n * module is the single source for both, so every 2FA verb reports errors and\n * validates codes identically.\n */\n\nconst TOTP_CODE_LENGTH = 6;\n\n/** A 2FA API error body may carry any of these message-ish fields. */\ninterface TwoFactorErrorBody {\n error?: unknown;\n detail?: unknown;\n message?: unknown;\n attempts_remaining?: unknown;\n}\n\n/**\n * Extract a human-readable message from a thrown error, unwrapping the\n * APIError response body (error → detail → message) before falling back.\n */\nexport function extractTwoFactorError(err: unknown, fallback: string): string {\n if (err instanceof APIError) {\n const body = (err.response ?? null) as TwoFactorErrorBody | null;\n if (typeof body?.error === 'string') return body.error;\n if (typeof body?.detail === 'string') return body.detail;\n if (typeof body?.message === 'string') return body.message;\n return err.errorMessage ?? err.message;\n }\n if (err instanceof Error) return err.message;\n return fallback;\n}\n\n/** Pull `attempts_remaining` off an APIError body, or null if absent. */\nexport function extractAttemptsRemaining(err: unknown): number | null {\n if (err instanceof APIError) {\n const body = (err.response ?? null) as TwoFactorErrorBody | null;\n if (typeof body?.attempts_remaining === 'number') return body.attempts_remaining;\n }\n return null;\n}\n\n/** True when `code` is a well-formed 6-digit TOTP code. */\nexport function isValidTotpCode(code: string): boolean {\n return !!code && code.length === TOTP_CODE_LENGTH;\n}\n\nexport { TOTP_CODE_LENGTH };\n","'use client';\n\nimport { useCallback, useState } from 'react';\n\nimport { auth } from '../../_api/generated/helpers/auth';\nimport { CfgAccountsOauth } from '../../_api/generated/sdk.gen';\nimport { Analytics, AnalyticsCategory, AnalyticsEvent } from '../utils/analytics';\nimport { authLogger } from '../utils/logger';\nimport { useCfgRouter } from './useCfgRouter';\n\nexport interface UseGithubAuthOptions {\n sourceUrl?: string;\n onSuccess?: (user: any, isNewUser: boolean) => void;\n onError?: (error: string) => void;\n /** Callback when 2FA is required */\n onRequires2FA?: (sessionId: string, shouldPrompt2FA: boolean) => void;\n redirectUrl?: string;\n /** Skip automatic redirect after success (caller handles navigation) */\n skipRedirect?: boolean;\n}\n\nexport interface UseGithubAuthReturn {\n isLoading: boolean;\n error: string | null;\n startGithubAuth: () => Promise<void>;\n handleGithubCallback: (code: string, state: string) => Promise<void>;\n}\n\n/**\n * Hook for GitHub OAuth authentication flow.\n *\n * Usage:\n * 1. Call startGithubAuth() to redirect user to GitHub\n * 2. After GitHub redirects back, call handleGithubCallback(code, state)\n *\n * @example\n * ```tsx\n * const { isLoading, error, startGithubAuth } = useGithubAuth({\n * onSuccess: (user) => router.push('/dashboard'),\n * onError: (error) => console.error(error),\n * });\n *\n * <Button onClick={startGithubAuth} disabled={isLoading}>\n * Continue with GitHub\n * </Button>\n * ```\n */\nexport const useGithubAuth = (options: UseGithubAuthOptions = {}): UseGithubAuthReturn => {\n const { sourceUrl, onSuccess, onError, onRequires2FA, redirectUrl, skipRedirect = false } = options;\n const router = useCfgRouter();\n\n const [isLoading, setIsLoading] = useState(false);\n const [error, setError] = useState<string | null>(null);\n\n /**\n * Start GitHub OAuth flow - redirects user to GitHub authorization page.\n */\n const startGithubAuth = useCallback(async () => {\n setIsLoading(true);\n setError(null);\n\n try {\n authLogger.info('Starting GitHub OAuth flow...');\n\n // Track OAuth start\n Analytics.event(AnalyticsEvent.AUTH_OAUTH_START, {\n category: AnalyticsCategory.AUTH,\n label: 'github',\n });\n\n // Call API to get authorization URL\n // The API will auto-generate redirect_uri from config if not provided\n const result = await CfgAccountsOauth.cfgAccountsOauthGithubAuthorizeCreate({\n body: {\n source_url: sourceUrl || (typeof window !== 'undefined' ? window.location.href : ''),\n },\n throwOnError: true,\n });\n const response = result.data;\n\n if (!response.authorization_url) {\n throw new Error('Failed to get authorization URL');\n }\n\n authLogger.info('Redirecting to GitHub...', response.authorization_url);\n\n if (typeof window !== 'undefined') {\n sessionStorage.setItem('oauth_state', response.state);\n sessionStorage.setItem('oauth_provider', 'github');\n }\n\n window.location.href = response.authorization_url;\n\n } catch (err) {\n const errorMessage = err instanceof Error ? err.message : 'Failed to start GitHub authentication';\n authLogger.error('GitHub OAuth start error:', err);\n setError(errorMessage);\n onError?.(errorMessage);\n\n // Track OAuth error\n Analytics.event(AnalyticsEvent.AUTH_OAUTH_FAIL, {\n category: AnalyticsCategory.AUTH,\n label: 'github',\n });\n } finally {\n setIsLoading(false);\n }\n }, [sourceUrl, onError]);\n\n /**\n * Handle GitHub OAuth callback - exchanges code for JWT tokens.\n *\n * @param code - Authorization code from GitHub callback\n * @param state - State token for CSRF verification\n */\n const handleGithubCallback = useCallback(async (code: string, state: string) => {\n setIsLoading(true);\n setError(null);\n\n try {\n authLogger.info('Processing GitHub OAuth callback...');\n\n // Verify state matches what we stored\n if (typeof window !== 'undefined') {\n const storedState = sessionStorage.getItem('oauth_state');\n if (storedState && storedState !== state) {\n throw new Error('Invalid OAuth state - possible CSRF attack');\n }\n // Clear stored state\n sessionStorage.removeItem('oauth_state');\n sessionStorage.removeItem('oauth_provider');\n }\n\n const result = await CfgAccountsOauth.cfgAccountsOauthGithubCallbackCreate({\n body: { code, state },\n throwOnError: true,\n });\n const response = result.data;\n\n // Check if 2FA is required\n if (response.requires_2fa && response.session_id) {\n authLogger.info('GitHub OAuth requires 2FA, session:', response.session_id);\n\n // Track 2FA requirement\n Analytics.event(AnalyticsEvent.AUTH_OAUTH_START, {\n category: AnalyticsCategory.AUTH,\n label: 'github-2fa-required',\n });\n\n // Call 2FA callback\n onRequires2FA?.(response.session_id, response.should_prompt_2fa || false);\n return;\n }\n\n if (!response.access || !response.refresh) {\n throw new Error('Invalid response from OAuth callback');\n }\n\n authLogger.info('GitHub OAuth successful, user:', response.user);\n\n // The ONE write path — atomic pair + session notification.\n auth.setSession({ access: response.access, refresh: response.refresh });\n\n // Track successful OAuth\n Analytics.event(AnalyticsEvent.AUTH_LOGIN_SUCCESS, {\n category: AnalyticsCategory.AUTH,\n label: 'github',\n });\n\n // Set user ID for future tracking\n if (response.user?.id) {\n Analytics.setUser(String(response.user.id));\n }\n\n // Call success callback\n onSuccess?.(response.user, response.is_new_user || false);\n\n // Redirect (unless skipRedirect is true)\n if (!skipRedirect) {\n // Use hardPush for full page reload - ensures all React contexts reinitialize\n const finalRedirectUrl = redirectUrl || '/dashboard';\n router.hardPush(finalRedirectUrl);\n }\n\n } catch (err) {\n const errorMessage = err instanceof Error ? err.message : 'GitHub authentication failed';\n authLogger.error('GitHub OAuth callback error:', err);\n setError(errorMessage);\n onError?.(errorMessage);\n\n // Track OAuth error\n Analytics.event(AnalyticsEvent.AUTH_OAUTH_FAIL, {\n category: AnalyticsCategory.AUTH,\n label: 'github',\n });\n } finally {\n setIsLoading(false);\n }\n }, [onSuccess, onError, redirectUrl, router]);\n\n return {\n isLoading,\n error,\n startGithubAuth,\n handleGithubCallback,\n };\n};\n","'use client';\n\nimport { useCallback, useState } from 'react';\n\nimport { CfgTotpSetup } from '../../_api/generated/sdk.gen';\nimport { authLogger } from '../utils/logger';\nimport { extractTwoFactorError, isValidTotpCode } from './twoFactor.shared';\n\nexport interface TwoFactorSetupData {\n /** Device ID to use for confirmation */\n deviceId: string;\n /** Base32-encoded TOTP secret (for manual entry) */\n secret: string;\n /** otpauth:// URI for QR code generation */\n provisioningUri: string;\n /** Base64-encoded QR code image (data URI) */\n qrCodeBase64: string;\n /** Seconds until setup expires */\n expiresIn: number;\n}\n\nexport interface UseTwoFactorSetupOptions {\n /** Callback when setup is confirmed and backup codes are generated */\n onComplete?: (backupCodes: string[]) => void;\n /** Callback on error */\n onError?: (error: string) => void;\n}\n\nexport interface UseTwoFactorSetupReturn {\n /** Loading state */\n isLoading: boolean;\n /** Error message */\n error: string | null;\n /** Setup data (QR code, secret, etc.) */\n setupData: TwoFactorSetupData | null;\n /** Backup codes after confirmation */\n backupCodes: string[] | null;\n /** Warning message about backup codes */\n backupCodesWarning: string | null;\n /** Current setup step */\n setupStep: 'idle' | 'scanning' | 'confirming' | 'complete';\n /** Start 2FA setup - returns QR code data */\n startSetup: (deviceName?: string) => Promise<TwoFactorSetupData | null>;\n /** Confirm setup with TOTP code - returns backup codes */\n confirmSetup: (code: string) => Promise<string[] | null>;\n /** Reset setup state */\n resetSetup: () => void;\n /** Clear error */\n clearError: () => void;\n}\n\n/**\n * 2FA setup — enabling TOTP (internal, composed by {@link useTwoFactor}).\n *\n * Flow: startSetup() → user scans QR → confirmSetup(code) → show backup codes.\n */\nexport const useTwoFactorSetup = (\n options: UseTwoFactorSetupOptions = {},\n): UseTwoFactorSetupReturn => {\n const { onComplete, onError } = options;\n\n const [isLoading, setIsLoading] = useState(false);\n const [error, setError] = useState<string | null>(null);\n const [setupData, setSetupData] = useState<TwoFactorSetupData | null>(null);\n const [backupCodes, setBackupCodes] = useState<string[] | null>(null);\n const [backupCodesWarning, setBackupCodesWarning] = useState<string | null>(null);\n const [setupStep, setSetupStep] = useState<'idle' | 'scanning' | 'confirming' | 'complete'>('idle');\n\n const clearError = useCallback(() => {\n setError(null);\n }, []);\n\n const resetSetup = useCallback(() => {\n setSetupData(null);\n setBackupCodes(null);\n setBackupCodesWarning(null);\n setSetupStep('idle');\n setError(null);\n }, []);\n\n const startSetup = useCallback(async (deviceName?: string): Promise<TwoFactorSetupData | null> => {\n setIsLoading(true);\n setError(null);\n setSetupStep('scanning');\n\n try {\n authLogger.info('Starting 2FA setup...');\n\n const result = await CfgTotpSetup.cfgTotpSetupCreate({\n body: { device_name: deviceName },\n throwOnError: true,\n });\n const response = result.data;\n\n const data: TwoFactorSetupData = {\n deviceId: response.device_id,\n secret: response.secret,\n provisioningUri: response.provisioning_uri,\n qrCodeBase64: response.qr_code_base64,\n expiresIn: response.expires_in,\n };\n\n setSetupData(data);\n authLogger.info('2FA setup initiated, expires in:', data.expiresIn, 'seconds');\n\n return data;\n } catch (err) {\n const errorMessage = extractTwoFactorError(err, 'Failed to start 2FA setup');\n authLogger.error('2FA setup error:', err);\n setError(errorMessage);\n setSetupStep('idle');\n onError?.(errorMessage);\n return null;\n } finally {\n setIsLoading(false);\n }\n }, [onError]);\n\n const confirmSetup = useCallback(async (code: string): Promise<string[] | null> => {\n if (!setupData) {\n const msg = 'Setup not started. Call startSetup() first.';\n setError(msg);\n onError?.(msg);\n return null;\n }\n if (!isValidTotpCode(code)) {\n const msg = 'Please enter a 6-digit code';\n setError(msg);\n onError?.(msg);\n return null;\n }\n\n setIsLoading(true);\n setError(null);\n setSetupStep('confirming');\n\n try {\n authLogger.info('Confirming 2FA setup...');\n\n const result = await CfgTotpSetup.cfgTotpSetupConfirmCreate({\n body: { device_id: setupData.deviceId, code },\n throwOnError: true,\n });\n const response = result.data;\n\n const codes = response.backup_codes;\n setBackupCodes(codes);\n setBackupCodesWarning(response.backup_codes_warning);\n setSetupStep('complete');\n\n authLogger.info('2FA setup confirmed, backup codes generated:', codes.length);\n\n onComplete?.(codes);\n return codes;\n } catch (err) {\n const errorMessage = extractTwoFactorError(err, 'Invalid code. Please try again.');\n authLogger.error('2FA setup confirmation error:', err);\n setError(errorMessage);\n setSetupStep('scanning'); // Go back to scanning step\n onError?.(errorMessage);\n return null;\n } finally {\n setIsLoading(false);\n }\n }, [setupData, onComplete, onError]);\n\n return {\n isLoading,\n error,\n setupData,\n backupCodes,\n backupCodesWarning,\n setupStep,\n startSetup,\n confirmSetup,\n resetSetup,\n clearError,\n };\n};\n","'use client';\n\nimport { useCallback, useState } from 'react';\n\nimport { CfgTotp } from '../../_api/generated/sdk.gen';\nimport { authLogger } from '../utils/logger';\nimport { extractTwoFactorError, isValidTotpCode } from './twoFactor.shared';\n\nexport interface TwoFactorDevice {\n id: string;\n name: string;\n createdAt: string;\n lastUsedAt: string | null;\n isPrimary: boolean;\n}\n\nexport interface UseTwoFactorStatusReturn {\n /** Loading state */\n isLoading: boolean;\n /** Error message */\n error: string | null;\n /** Whether 2FA is enabled for user */\n has2FAEnabled: boolean | null;\n /** List of TOTP devices */\n devices: TwoFactorDevice[];\n /** Fetch 2FA status */\n fetchStatus: () => Promise<void>;\n /** Disable 2FA (requires TOTP code) */\n disable2FA: (code: string) => Promise<boolean>;\n /** Clear error */\n clearError: () => void;\n}\n\n/**\n * Read and manage 2FA status (internal, composed by {@link useTwoFactor}).\n *\n * Fetches the device list / enabled flag and disables 2FA.\n */\nexport const useTwoFactorStatus = (): UseTwoFactorStatusReturn => {\n const [isLoading, setIsLoading] = useState(false);\n const [error, setError] = useState<string | null>(null);\n const [has2FAEnabled, setHas2FAEnabled] = useState<boolean | null>(null);\n const [devices, setDevices] = useState<TwoFactorDevice[]>([]);\n\n const clearError = useCallback(() => {\n setError(null);\n }, []);\n\n const fetchStatus = useCallback(async (): Promise<void> => {\n setIsLoading(true);\n setError(null);\n\n try {\n authLogger.info('Fetching 2FA status...');\n\n // API returns { devices: [...], has_2fa_enabled: bool }\n const result = await CfgTotp.cfgTotpDevicesRetrieve({ throwOnError: true });\n const response = result.data;\n\n const mappedDevices: TwoFactorDevice[] = response.devices.map((device) => ({\n id: device.id,\n name: device.name,\n createdAt: device.created_at,\n lastUsedAt: device.last_used_at ?? null,\n isPrimary: device.is_primary,\n }));\n\n setDevices(mappedDevices);\n setHas2FAEnabled(response.has_2fa_enabled);\n\n authLogger.info('2FA status:', response.has_2fa_enabled ? 'enabled' : 'disabled');\n } catch (err) {\n const errorMessage = extractTwoFactorError(err, 'Failed to fetch 2FA status');\n authLogger.error('Failed to fetch 2FA status:', err);\n setError(errorMessage);\n } finally {\n setIsLoading(false);\n }\n }, []);\n\n const disable2FA = useCallback(async (code: string): Promise<boolean> => {\n if (!isValidTotpCode(code)) {\n setError('Please enter a 6-digit code');\n return false;\n }\n\n setIsLoading(true);\n setError(null);\n\n try {\n authLogger.info('Disabling 2FA...');\n\n await CfgTotp.cfgTotpDisableCreate({ body: { code }, throwOnError: true });\n\n setHas2FAEnabled(false);\n setDevices([]);\n\n authLogger.info('2FA disabled successfully');\n return true;\n } catch (err: unknown) {\n const errorMessage = extractTwoFactorError(err, 'Invalid verification code');\n authLogger.error('Failed to disable 2FA:', err);\n setError(errorMessage);\n return false;\n } finally {\n setIsLoading(false);\n }\n }, []);\n\n return {\n isLoading,\n error,\n has2FAEnabled,\n devices,\n fetchStatus,\n disable2FA,\n clearError,\n };\n};\n","'use client';\n\nimport {\n useTwoFactorVerify,\n type UseTwoFactorVerifyOptions,\n type UseTwoFactorVerifyReturn,\n} from './useTwoFactorVerify';\nimport {\n useTwoFactorSetup,\n type TwoFactorSetupData,\n type UseTwoFactorSetupOptions,\n type UseTwoFactorSetupReturn,\n} from './useTwoFactorSetup';\nimport {\n useTwoFactorStatus,\n type TwoFactorDevice,\n type UseTwoFactorStatusReturn,\n} from './useTwoFactorStatus';\n\nexport interface UseTwoFactorOptions {\n /** Options for the login-time verification namespace */\n verify?: UseTwoFactorVerifyOptions;\n /** Options for the setup (enable) namespace */\n setup?: UseTwoFactorSetupOptions;\n}\n\nexport interface UseTwoFactorReturn {\n /** Verify a 2FA challenge during login (TOTP / backup code). */\n verify: UseTwoFactorVerifyReturn;\n /** Enable 2FA — QR provisioning → confirm → backup codes. */\n setup: UseTwoFactorSetupReturn;\n /** Read device list / enabled flag and disable 2FA. */\n status: UseTwoFactorStatusReturn;\n}\n\n/**\n * Single entry point for all two-factor authentication flows.\n *\n * The three concerns — **verify** (login), **setup** (enable) and **status**\n * (manage/disable) — are distinct verbs over the same `CfgTotp*` API, so each\n * is exposed as its own namespace with an independent loading/error surface:\n *\n * @example\n * ```tsx\n * const two = useTwoFactor({ verify: { redirectUrl: '/dashboard' } });\n *\n * await two.verify.verifyTOTP(sessionId, code); // login\n * await two.setup.startSetup('My iPhone'); // enable\n * await two.status.fetchStatus(); // manage\n * ```\n *\n * Consumers that only need one concern can compose the underlying hooks\n * directly (`useTwoFactorVerify` / `useTwoFactorSetup` / `useTwoFactorStatus`),\n * all re-exported alongside this one, to avoid mounting the others' state.\n */\nexport const useTwoFactor = (options: UseTwoFactorOptions = {}): UseTwoFactorReturn => {\n const verify = useTwoFactorVerify(options.verify);\n const setup = useTwoFactorSetup(options.setup);\n const status = useTwoFactorStatus();\n\n return { verify, setup, status };\n};\n\n// Namespaced sub-hooks — use directly when only one concern is needed.\nexport {\n useTwoFactorVerify,\n useTwoFactorSetup,\n useTwoFactorStatus,\n type UseTwoFactorVerifyOptions,\n type UseTwoFactorVerifyReturn,\n type UseTwoFactorSetupOptions,\n type UseTwoFactorSetupReturn,\n type UseTwoFactorStatusReturn,\n type TwoFactorSetupData,\n type TwoFactorDevice,\n};\n","'use client';\n\nimport { useEffect, useState } from 'react';\n\nimport { authLogger } from '../utils/logger';\n\n/**\n * Simple localStorage hook with better error handling\n * @param key - Storage key\n * @param initialValue - Default value if key doesn't exist\n * @returns [value, setValue, removeValue] - Current value, setter function, and remove function\n */\nexport function useLocalStorage<T>(key: string, initialValue: T) {\n // Get initial value from localStorage or use provided initialValue\n const [storedValue, setStoredValue] = useState<T>(() => {\n if (typeof window === 'undefined') {\n return initialValue;\n }\n\n try {\n const item = window.localStorage.getItem(key);\n if (item === null) {\n return initialValue;\n }\n \n // Try to parse as JSON first, fallback to string\n try {\n return JSON.parse(item);\n } catch {\n // If JSON.parse fails, return as string\n return item as T;\n }\n } catch (error) {\n authLogger.error(`Error reading localStorage key \"${key}\":`, error);\n return initialValue;\n }\n });\n\n // Check data size and limit\n const checkDataSize = (data: any): boolean => {\n try {\n const jsonString = JSON.stringify(data);\n const sizeInBytes = new Blob([jsonString]).size;\n const sizeInKB = sizeInBytes / 1024;\n \n // Limit to 1MB per item\n if (sizeInKB > 1024) {\n authLogger.warn(`Data size (${sizeInKB.toFixed(2)}KB) exceeds 1MB limit for key \"${key}\"`);\n return false;\n }\n\n return true;\n } catch (error) {\n authLogger.error(`Error checking data size for key \"${key}\":`, error);\n return false;\n }\n };\n\n // Clear old data when localStorage is full\n const clearOldData = () => {\n try {\n const keys = Object.keys(localStorage).filter(key => key && typeof key === 'string');\n // Remove oldest items if we have more than 50 items\n if (keys.length > 50) {\n const itemsToRemove = Math.ceil(keys.length * 0.2);\n for (let i = 0; i < itemsToRemove; i++) {\n try {\n const key = keys[i];\n if (key) {\n localStorage.removeItem(key);\n localStorage.removeItem(`${key}_timestamp`);\n }\n } catch {\n // Ignore errors when removing items\n }\n }\n }\n } catch (error) {\n authLogger.error('Error clearing old localStorage data:', error);\n }\n };\n\n // Force clear all data if quota is exceeded\n const forceClearAll = () => {\n try {\n const keys = Object.keys(localStorage);\n for (const key of keys) {\n try {\n localStorage.removeItem(key);\n } catch {\n // Ignore errors when removing items\n }\n }\n } catch (error) {\n authLogger.error('Error force clearing localStorage:', error);\n }\n };\n\n // Update localStorage when value changes\n const setValue = (value: T | ((val: T) => T)) => {\n try {\n const valueToStore = value instanceof Function ? value(storedValue) : value;\n \n // Check data size before attempting to save\n if (!checkDataSize(valueToStore)) {\n authLogger.warn(`Data size too large for key \"${key}\", removing key`);\n // Remove the key if data is too large\n try {\n window.localStorage.removeItem(key);\n window.localStorage.removeItem(`${key}_timestamp`);\n } catch {\n // Ignore errors when removing\n }\n // Still update the state\n setStoredValue(valueToStore);\n return;\n }\n \n setStoredValue(valueToStore);\n\n if (typeof window !== 'undefined') {\n // Try to set the value\n try {\n // For strings, store directly without JSON.stringify\n if (typeof valueToStore === 'string') {\n window.localStorage.setItem(key, valueToStore);\n } else {\n window.localStorage.setItem(key, JSON.stringify(valueToStore));\n }\n // Add timestamp for cleanup\n window.localStorage.setItem(`${key}_timestamp`, Date.now().toString());\n } catch (storageError: any) {\n // If quota exceeded, clear old data and try again\n if (storageError.name === 'QuotaExceededError' ||\n storageError.code === 22 ||\n storageError.message?.includes('quota')) {\n authLogger.warn('localStorage quota exceeded, clearing old data...');\n clearOldData();\n \n // Try again after clearing\n try {\n // For strings, store directly without JSON.stringify\n if (typeof valueToStore === 'string') {\n window.localStorage.setItem(key, valueToStore);\n } else {\n window.localStorage.setItem(key, JSON.stringify(valueToStore));\n }\n window.localStorage.setItem(`${key}_timestamp`, Date.now().toString());\n } catch (retryError) {\n authLogger.error(`Failed to set localStorage key \"${key}\" after clearing old data:`, retryError);\n // If still fails, force clear all and try one more time\n try {\n forceClearAll();\n // For strings, store directly without JSON.stringify\n if (typeof valueToStore === 'string') {\n window.localStorage.setItem(key, valueToStore);\n } else {\n window.localStorage.setItem(key, JSON.stringify(valueToStore));\n }\n window.localStorage.setItem(`${key}_timestamp`, Date.now().toString());\n } catch (finalError) {\n authLogger.error(`Failed to set localStorage key \"${key}\" after force clearing:`, finalError);\n // If still fails, just update the state without localStorage\n setStoredValue(valueToStore);\n }\n }\n } else {\n throw storageError;\n }\n }\n }\n } catch (error) {\n authLogger.error(`Error setting localStorage key \"${key}\":`, error);\n // Still update the state even if localStorage fails\n const valueToStore = value instanceof Function ? value(storedValue) : value;\n setStoredValue(valueToStore);\n }\n };\n\n // Remove value from localStorage\n const removeValue = () => {\n try {\n setStoredValue(initialValue);\n if (typeof window !== 'undefined') {\n try {\n window.localStorage.removeItem(key);\n window.localStorage.removeItem(`${key}_timestamp`);\n } catch (removeError: any) {\n // If removal fails due to quota, try to clear some data first\n if (removeError.name === 'QuotaExceededError' ||\n removeError.code === 22 ||\n removeError.message?.includes('quota')) {\n authLogger.warn('localStorage quota exceeded during removal, clearing old data...');\n clearOldData();\n \n try {\n window.localStorage.removeItem(key);\n window.localStorage.removeItem(`${key}_timestamp`);\n } catch (retryError) {\n authLogger.error(`Failed to remove localStorage key \"${key}\" after clearing:`, retryError);\n // If still fails, force clear all\n forceClearAll();\n }\n } else {\n throw removeError;\n }\n }\n }\n } catch (error) {\n authLogger.error(`Error removing localStorage key \"${key}\":`, error);\n }\n };\n\n return [storedValue, setValue, removeValue] as const;\n}\n","\"use client\"\n\n/**\n * Base64 Encoding/Decoding Hook\n *\n * Provides base64 encoding/decoding with dev mode detection:\n * - In production: encodes data to base64\n * - In development: returns data as-is (no encoding)\n */\n\nimport { isDev } from '../utils/env';\n\n/**\n * Encode string to base64\n * @param data - String data to encode\n * @returns Base64 encoded string (or original in dev mode)\n */\nexport function encodeBase64(data: string): string {\n if (isDev) {\n return data;\n }\n\n try {\n // Browser-safe base64 encoding\n if (typeof window !== 'undefined') {\n return btoa(encodeURIComponent(data).replace(/%([0-9A-F]{2})/g, (_, p1) => {\n return String.fromCharCode(parseInt(p1, 16));\n }));\n }\n // Node.js fallback\n return Buffer.from(data, 'utf-8').toString('base64');\n } catch (error) {\n console.error('Base64 encoding error:', error);\n return data; // Return original on error\n }\n}\n\n/**\n * Decode base64 to string\n * @param encoded - Base64 encoded string\n * @returns Decoded string (or original in dev mode)\n */\nexport function decodeBase64(encoded: string): string {\n if (isDev) {\n return encoded;\n }\n\n try {\n // Browser-safe base64 decoding\n if (typeof window !== 'undefined') {\n const binary = atob(encoded);\n const bytes = new Uint8Array(binary.length);\n for (let i = 0; i < binary.length; i++) {\n bytes[i] = binary.charCodeAt(i);\n }\n return decodeURIComponent(\n Array.from(bytes)\n .map(byte => '%' + ('00' + byte.toString(16)).slice(-2))\n .join('')\n );\n }\n // Node.js fallback\n return Buffer.from(encoded, 'base64').toString('utf-8');\n } catch (error) {\n console.error('Base64 decoding error:', error);\n return encoded; // Return original on error\n }\n}\n\n/**\n * Hook for base64 encoding/decoding\n * @returns Object with encode and decode functions\n */\nexport function useBase64() {\n return {\n encode: encodeBase64,\n decode: decodeBase64,\n isDev,\n };\n}\n","\"use client\"\n\n/**\n * Profile Cache Hook\n *\n * Provides localStorage-based caching for user profile with:\n * - TTL (Time To Live) - default 1 hour\n * - Version control for migrations\n * - Automatic invalidation on expiry\n */\n\nimport type { User } from '../../';\nimport { authLogger as profileLogger } from '../utils/logger';\nimport { decodeBase64, encodeBase64 } from './useBase64';\n\n// Cache configuration\nconst CACHE_KEY = 'user_profile_cache';\nconst CACHE_VERSION = 1;\nconst DEFAULT_TTL = 14400000; // 4 hours in milliseconds (reduced API calls, more resilient)\n\nexport interface ProfileCacheOptions {\n /** Time to live in milliseconds (default: 1 hour) */\n ttl?: number;\n}\n\ninterface CachedProfile {\n version: number;\n data: User;\n timestamp: number;\n ttl: number;\n}\n\n/**\n * Get cached profile from localStorage\n * @returns User profile if valid cache exists, null otherwise\n */\nexport function getCachedProfile(): User | null {\n try {\n if (typeof window === 'undefined') return null;\n\n const cached = localStorage.getItem(CACHE_KEY);\n if (!cached) {\n profileLogger.debug('No cached profile found');\n return null;\n }\n\n // Decode from base64\n const decoded = decodeBase64(cached);\n const cachedData: CachedProfile = JSON.parse(decoded);\n\n // Version check\n if (cachedData.version !== CACHE_VERSION) {\n profileLogger.warn('Cache version mismatch, clearing cache');\n clearProfileCache();\n return null;\n }\n\n // TTL check\n const now = Date.now();\n const age = now - cachedData.timestamp;\n if (age > cachedData.ttl) {\n profileLogger.info('Cache expired, clearing');\n clearProfileCache();\n return null;\n }\n\n profileLogger.debug('Cache hit, age:', Math.round(age / 1000), 'seconds');\n return cachedData.data;\n } catch (error) {\n profileLogger.error('Error reading cache:', error);\n clearProfileCache();\n return null;\n }\n}\n\n/**\n * Save profile to localStorage cache\n * @param profile - User profile to cache\n * @param options - Cache options (TTL)\n */\nexport function setCachedProfile(profile: User, options?: ProfileCacheOptions): void {\n try {\n if (typeof window === 'undefined') return;\n\n const cachedData: CachedProfile = {\n version: CACHE_VERSION,\n data: profile,\n timestamp: Date.now(),\n ttl: options?.ttl || DEFAULT_TTL,\n };\n\n // Encode to base64\n const encoded = encodeBase64(JSON.stringify(cachedData));\n localStorage.setItem(CACHE_KEY, encoded);\n profileLogger.debug('Profile cached, TTL:', cachedData.ttl / 1000, 'seconds');\n } catch (error) {\n profileLogger.error('Error writing cache:', error);\n }\n}\n\n/**\n * Clear profile cache from localStorage\n */\nexport function clearProfileCache(): void {\n try {\n if (typeof window === 'undefined') return;\n localStorage.removeItem(CACHE_KEY);\n profileLogger.debug('Cache cleared');\n } catch (error) {\n profileLogger.error('Error clearing cache:', error);\n }\n}\n\n/**\n * Check if cached profile is valid (exists and not expired)\n */\nexport function hasValidCache(): boolean {\n return getCachedProfile() !== null;\n}\n\n/**\n * Get cache metadata (age, TTL, etc.)\n */\nexport function getCacheMetadata(): {\n exists: boolean;\n age?: number;\n ttl?: number;\n expiresIn?: number;\n} | null {\n try {\n if (typeof window === 'undefined') return null;\n\n const cached = localStorage.getItem(CACHE_KEY);\n if (!cached) return { exists: false };\n\n // Decode from base64\n const decoded = decodeBase64(cached);\n const cachedData: CachedProfile = JSON.parse(decoded);\n const now = Date.now();\n const age = now - cachedData.timestamp;\n const expiresIn = cachedData.ttl - age;\n\n return {\n exists: true,\n age,\n ttl: cachedData.ttl,\n expiresIn: Math.max(0, expiresIn),\n };\n } catch (error) {\n profileLogger.error('Error reading metadata:', error);\n return null;\n }\n}\n","'use client';\n\nimport { useCallback, useState } from 'react';\n\nimport { apiAccounts } from '../../clients';\nimport { CfgAccountsProfile } from '../../_api/generated/sdk.gen';\nimport { useAuth } from '../context';\nimport { authLogger } from '../utils/logger';\n\nexport interface DeleteAccountResult {\n success: boolean;\n message: string;\n}\n\nexport interface UseDeleteAccountReturn {\n /** Loading state */\n isLoading: boolean;\n /** Error message */\n error: string | null;\n /** Delete the account */\n deleteAccount: () => Promise<DeleteAccountResult>;\n /** Clear error */\n clearError: () => void;\n}\n\n/**\n * Hook for deleting user account.\n *\n * This performs a soft delete - deactivates the account and anonymizes personal data.\n * The account can be restored by an administrator if needed.\n *\n * @example\n * ```tsx\n * const { deleteAccount, isLoading, error } = useDeleteAccount();\n *\n * const handleDelete = async () => {\n * const result = await deleteAccount();\n * if (result.success) {\n * // Account deleted, perform logout\n * await logout();\n * }\n * };\n * ```\n */\nexport const useDeleteAccount = (): UseDeleteAccountReturn => {\n const [isLoading, setIsLoading] = useState(false);\n const [error, setError] = useState<string | null>(null);\n const { logout } = useAuth();\n\n const clearError = useCallback(() => {\n setError(null);\n }, []);\n\n /**\n * Delete the user account (soft delete)\n */\n const deleteAccount = useCallback(async (): Promise<DeleteAccountResult> => {\n setIsLoading(true);\n setError(null);\n\n try {\n authLogger.info('Deleting account...');\n\n const result = await CfgAccountsProfile.cfgAccountsProfileDeleteCreate({ throwOnError: true });\n const response = result.data;\n\n if (!response.success) {\n authLogger.error('Failed to delete account:', response.message);\n setError(response.message);\n throw new Error(response.message);\n }\n\n } catch (error) {\n authLogger.error('Failed to delete account:', error);\n throw error;\n } finally {\n setIsLoading(false);\n }\n\n // Return success response\n\n await logout();\n return { success: true, message: 'Account deleted successfully' };\n }, []);\n\n return {\n isLoading,\n error,\n deleteAccount,\n clearError,\n };\n};\n","/**\n * CfgAccounts Context\n *\n * Manages user authentication and profile operations using generated SWR hooks.\n *\n * Features:\n * - OTP-based authentication\n * - User profile management\n * - Avatar upload\n * - Profile updates\n * - localStorage cache with TTL (1 hour)\n */\n\n\"use client\";\n\nimport {\n createContext, memo, ReactNode, useCallback, useContext, useEffect, useMemo, useRef, useState\n} from 'react';\n\nimport { auth } from '../../_api/generated/helpers/auth';\nimport { CfgAccountsAuth, CfgAccountsProfile } from '../../_api/generated/_cfg_accounts/sdk.gen';\nimport {\n useCfgAccountsOtpRequestCreate,\n useCfgAccountsOtpVerifyCreate,\n useCfgAccountsProfileAvatarCreate,\n useCfgAccountsProfilePartialUpdate,\n useCfgAccountsProfileUpdateUpdate,\n} from '../../_api/generated/_cfg_accounts/hooks';\nimport { PatchedCfgUserUpdateRequestSchema } from '../../_api/generated/_cfg_accounts/schemas';\nimport { clearProfileCache, getCachedProfile, setCachedProfile } from '../hooks/useProfileCache';\nimport { authLogger } from '../utils/logger';\n\nimport type {\n User,\n CfgUserUpdateRequest,\n PatchedCfgUserUpdateRequest,\n OtpRequestRequest,\n OtpVerifyRequest,\n OtpRequestResponse,\n OtpVerifyResponse,\n} from '../../_api/generated/_cfg_accounts/types.gen';\n\nexport { PatchedCfgUserUpdateRequestSchema };\nexport type { PatchedCfgUserUpdateRequest, User, CfgUserUpdateRequest as UserProfileUpdateRequest };\n\n// ─────────────────────────────────────────────────────────────────────────\n// Context Type\n// ─────────────────────────────────────────────────────────────────────────\n\nexport interface AccountsContextValue {\n profile?: User;\n isLoadingProfile: boolean;\n profileError: Error | null;\n\n updateProfile: (data: CfgUserUpdateRequest) => Promise<User>;\n partialUpdateProfile: (data: PatchedCfgUserUpdateRequest) => Promise<User>;\n uploadAvatar: (avatar: File | Blob) => Promise<User>;\n refreshProfile: (options?: { callerId?: string; force?: boolean }) => Promise<User | undefined>;\n\n requestOTP: (data: OtpRequestRequest) => Promise<OtpRequestResponse>;\n verifyOTP: (data: OtpVerifyRequest) => Promise<OtpVerifyResponse>;\n logout: () => void;\n}\n\nconst AccountsContext = createContext<AccountsContextValue | undefined>(undefined);\n\ninterface AccountsProviderProps {\n children: ReactNode;\n}\n\nexport function AccountsProvider({ children }: AccountsProviderProps) {\n const [profile, setProfile] = useState<User | undefined>(() => {\n const cached = getCachedProfile() as User | null;\n return cached || undefined;\n });\n const [isLoadingProfile, setIsLoadingProfile] = useState(false);\n const [profileError, setProfileError] = useState<Error | null>(null);\n\n const profileRef = useRef<User | undefined>(profile);\n const isLoadingRef = useRef(false);\n\n useEffect(() => {\n profileRef.current = profile;\n }, [profile]);\n\n useEffect(() => {\n isLoadingRef.current = isLoadingProfile;\n }, [isLoadingProfile]);\n\n const { trigger: triggerProfileUpdate } = useCfgAccountsProfileUpdateUpdate();\n const { trigger: triggerProfilePartialUpdate } = useCfgAccountsProfilePartialUpdate();\n const { trigger: triggerAvatar } = useCfgAccountsProfileAvatarCreate();\n const { trigger: triggerOtpRequest } = useCfgAccountsOtpRequestCreate();\n const { trigger: triggerOtpVerify } = useCfgAccountsOtpVerifyCreate();\n\n const refreshProfile = useCallback(async (options?: { callerId?: string; force?: boolean }): Promise<User | undefined> => {\n const { callerId, force } = options || {};\n\n if (isLoadingRef.current) {\n authLogger.debug(`Profile loading in progress, skipping (caller: ${callerId})`);\n return profileRef.current;\n }\n\n setIsLoadingProfile(true);\n isLoadingRef.current = true;\n setProfileError(null);\n try {\n authLogger.debug(`Fetching profile from API (caller: ${callerId}, force: ${force})`);\n const res = await CfgAccountsProfile.cfgAccountsProfileRetrieve({ throwOnError: true });\n const result = res.data;\n setProfile(result);\n profileRef.current = result;\n setCachedProfile(result);\n return result;\n } catch (error) {\n const err = error instanceof Error ? error : new Error('Failed to fetch profile');\n setProfileError(err);\n throw err;\n } finally {\n setIsLoadingProfile(false);\n isLoadingRef.current = false;\n }\n }, []);\n\n const updateProfile = async (data: CfgUserUpdateRequest): Promise<User> => {\n await triggerProfileUpdate({ body: data });\n const user = await refreshProfile({ callerId: 'updateProfile', force: true });\n return user as User;\n };\n\n const partialUpdateProfile = async (data: PatchedCfgUserUpdateRequest): Promise<User> => {\n await triggerProfilePartialUpdate({ body: data });\n const user = await refreshProfile({ callerId: 'partialUpdateProfile', force: true });\n return user as User;\n };\n\n const uploadAvatar = async (avatar: File | Blob): Promise<User> => {\n await triggerAvatar({ body: { avatar } });\n const user = await refreshProfile({ callerId: 'uploadAvatar', force: true });\n return user as User;\n };\n\n const requestOTP = async (data: OtpRequestRequest): Promise<OtpRequestResponse> => {\n const result = await triggerOtpRequest({ body: data });\n return result as OtpRequestResponse;\n };\n\n const verifyOTP = async (data: OtpVerifyRequest): Promise<OtpVerifyResponse> => {\n const result = (await triggerOtpVerify({ body: data })) as OtpVerifyResponse;\n\n if (result.requires_2fa && result.session_id) {\n authLogger.info('2FA required, session:', result.session_id);\n return result;\n }\n\n if (result.access && result.refresh) {\n // The ONE write path — atomic pair, notifies every session subscriber.\n auth.setSession({ access: result.access, refresh: result.refresh });\n try {\n await refreshProfile({ callerId: 'verifyOTP', force: true });\n } catch (profileError) {\n authLogger.warn('Profile refresh failed after OTP verify (tokens are saved):', profileError);\n }\n }\n\n return result;\n };\n\n const logout = useCallback(() => {\n // Best-effort server-side revocation: without blacklisting, a stolen\n // refresh token survives \"logout\" until it expires. Fire-and-forget —\n // local logout must never block on the network.\n const refresh = auth.getRefreshToken();\n if (refresh) {\n CfgAccountsAuth.cfgAccountsTokenBlacklistCreate({ body: { refresh } }).catch(() => {\n authLogger.warn('Refresh-token blacklist failed (logged out locally anyway)');\n });\n }\n auth.clearSession();\n setProfile(undefined);\n setProfileError(null);\n clearProfileCache();\n }, []);\n\n const value: AccountsContextValue = useMemo(() => ({\n profile,\n isLoadingProfile,\n profileError,\n updateProfile,\n partialUpdateProfile,\n uploadAvatar,\n refreshProfile,\n requestOTP,\n verifyOTP,\n logout,\n }), [\n profile,\n isLoadingProfile,\n profileError,\n updateProfile,\n partialUpdateProfile,\n uploadAvatar,\n refreshProfile,\n requestOTP,\n verifyOTP,\n logout,\n ]);\n\n return (\n <AccountsContext.Provider value={value}>\n {children}\n </AccountsContext.Provider>\n );\n}\n\nexport function useAccountsContext(): AccountsContextValue {\n const context = useContext(AccountsContext);\n if (!context) {\n throw new Error('useAccountsContext must be used within AccountsProvider');\n }\n return context;\n}\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// Regenerate API key\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccountsApiKey } from \"../../sdk.gen\";\nimport type { CfgAccountsApiKeyRegenerateCreateData, CfgAccountsApiKeyRegenerateCreateResponses } from \"../../types.gen\";\nimport { APIKeyRegenerateSchema } from \"../schemas/APIKeyRegenerate\";\n\ntype Args = Omit<CfgAccountsApiKeyRegenerateCreateData, \"url\">;\ntype Result = CfgAccountsApiKeyRegenerateCreateResponses[keyof CfgAccountsApiKeyRegenerateCreateResponses];\n\nexport function useCfgAccountsApiKeyRegenerateCreate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_api_key_regenerate_create\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_api_key_regenerate_create\"], Args>(\n [\"cfg_accounts_api_key_regenerate_create\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccountsApiKey.cfgAccountsApiKeyRegenerateCreate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = APIKeyRegenerateSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_api_key_regenerate_create\",\n method: \"POST\",\n path: \"/cfg/accounts/api-key/regenerate/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_api_key_regenerate_create\",\n method: \"POST\",\n path: \"/cfg/accounts/api-key/regenerate/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const APIKeyRegenerateSchema = z.object({\n key: z.string(),\n reissued_at: z.string().datetime({ offset: true }),\n});\n\nexport type APIKeyRegenerate = z.infer<typeof APIKeyRegenerateSchema>;\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// Get API key details\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWR from \"swr\";\nimport type { SWRConfiguration } from \"swr\";\nimport { CfgAccountsApiKey } from \"../../sdk.gen\";\nimport type { CfgAccountsApiKeyRetrieveData, CfgAccountsApiKeyRetrieveResponses } from \"../../types.gen\";\nimport { APIKeySchema } from \"../schemas/APIKey\";\n\ntype Result = CfgAccountsApiKeyRetrieveResponses[keyof CfgAccountsApiKeyRetrieveResponses];\n\n/**\n * Optional `enabled` flag — when `false`, the SWR key becomes `null` and\n * no request is made. Use for gated endpoints (auth-required, feature\n * flags, \"fetch only when X is selected\"). The flag is stripped before\n * being forwarded to `useSWR` so the underlying SWR config stays pristine.\n */\ntype HookConfig = SWRConfiguration<Result> & { enabled?: boolean };\n\nexport function useCfgAccountsApiKeyRetrieve(\n args?: Omit<CfgAccountsApiKeyRetrieveData, \"url\" | \"body\">,\n config?: HookConfig,\n) {\n const { enabled = true, ...swrConfig } = config ?? {};\n const key = enabled ? [\"cfg_accounts_api_key_retrieve\", args ?? {}] as const : null;\n return useSWR<Result>(\n key,\n async () => {\n const res = await CfgAccountsApiKey.cfgAccountsApiKeyRetrieve({ ...(args ?? {}), throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = APIKeySchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_api_key_retrieve\",\n method: \"GET\",\n path: \"/cfg/accounts/api-key/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_api_key_retrieve\",\n method: \"GET\",\n path: \"/cfg/accounts/api-key/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n swrConfig,\n );\n}\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const APIKeySchema = z.object({\n key: z.string(),\n reissued_at: z.string().datetime({ offset: true }).nullable(),\n created_at: z.string().datetime({ offset: true }),\n});\n\nexport type APIKey = z.infer<typeof APIKeySchema>;\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// Reveal API key\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccountsApiKey } from \"../../sdk.gen\";\nimport type { CfgAccountsApiKeyRevealCreateData, CfgAccountsApiKeyRevealCreateResponses } from \"../../types.gen\";\nimport { APIKeyRevealSchema } from \"../schemas/APIKeyReveal\";\n\ntype Args = Omit<CfgAccountsApiKeyRevealCreateData, \"url\">;\ntype Result = CfgAccountsApiKeyRevealCreateResponses[keyof CfgAccountsApiKeyRevealCreateResponses];\n\nexport function useCfgAccountsApiKeyRevealCreate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_api_key_reveal_create\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_api_key_reveal_create\"], Args>(\n [\"cfg_accounts_api_key_reveal_create\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccountsApiKey.cfgAccountsApiKeyRevealCreate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = APIKeyRevealSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_api_key_reveal_create\",\n method: \"POST\",\n path: \"/cfg/accounts/api-key/reveal/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_api_key_reveal_create\",\n method: \"POST\",\n path: \"/cfg/accounts/api-key/reveal/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const APIKeyRevealSchema = z.object({\n key: z.string(),\n created_at: z.string().datetime({ offset: true }),\n reissued_at: z.string().datetime({ offset: true }).nullable(),\n});\n\nexport type APIKeyReveal = z.infer<typeof APIKeyRevealSchema>;\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// Test API key\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccountsApiKey } from \"../../sdk.gen\";\nimport type { CfgAccountsApiKeyTestCreateData, CfgAccountsApiKeyTestCreateResponses } from \"../../types.gen\";\nimport { APIKeyTestResultSchema } from \"../schemas/APIKeyTestResult\";\n\ntype Args = Omit<CfgAccountsApiKeyTestCreateData, \"url\">;\ntype Result = CfgAccountsApiKeyTestCreateResponses[keyof CfgAccountsApiKeyTestCreateResponses];\n\nexport function useCfgAccountsApiKeyTestCreate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_api_key_test_create\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_api_key_test_create\"], Args>(\n [\"cfg_accounts_api_key_test_create\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccountsApiKey.cfgAccountsApiKeyTestCreate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = APIKeyTestResultSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_api_key_test_create\",\n method: \"POST\",\n path: \"/cfg/accounts/api-key/test/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_api_key_test_create\",\n method: \"POST\",\n path: \"/cfg/accounts/api-key/test/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const APIKeyTestResultSchema = z.object({\n valid: z.boolean(),\n user_id: z.string().nullable(),\n});\n\nexport type APIKeyTestResult = z.infer<typeof APIKeyTestResultSchema>;\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// List OAuth connections\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWR from \"swr\";\nimport type { SWRConfiguration } from \"swr\";\nimport { CfgAccountsOauth } from \"../../sdk.gen\";\nimport type { CfgAccountsOauthConnectionsListData, CfgAccountsOauthConnectionsListResponses } from \"../../types.gen\";\nimport { cfg_accounts_oauth_connections_response_200_AutoRefSchema } from \"../schemas/cfg_accounts_oauth_connections_response_200_AutoRef\";\n\ntype Result = CfgAccountsOauthConnectionsListResponses[keyof CfgAccountsOauthConnectionsListResponses];\n\n/**\n * Optional `enabled` flag — when `false`, the SWR key becomes `null` and\n * no request is made. Use for gated endpoints (auth-required, feature\n * flags, \"fetch only when X is selected\"). The flag is stripped before\n * being forwarded to `useSWR` so the underlying SWR config stays pristine.\n */\ntype HookConfig = SWRConfiguration<Result> & { enabled?: boolean };\n\nexport function useCfgAccountsOauthConnectionsList(\n args?: Omit<CfgAccountsOauthConnectionsListData, \"url\" | \"body\">,\n config?: HookConfig,\n) {\n const { enabled = true, ...swrConfig } = config ?? {};\n const key = enabled ? [\"cfg_accounts_oauth_connections_list\", args ?? {}] as const : null;\n return useSWR<Result>(\n key,\n async () => {\n const res = await CfgAccountsOauth.cfgAccountsOauthConnectionsList({ ...(args ?? {}), throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = cfg_accounts_oauth_connections_response_200_AutoRefSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_oauth_connections_list\",\n method: \"GET\",\n path: \"/cfg/accounts/oauth/connections/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_oauth_connections_list\",\n method: \"GET\",\n path: \"/cfg/accounts/oauth/connections/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n swrConfig,\n );\n}\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\nimport { OAuthConnectionSchema } from \"./OAuthConnection\";\n\nexport const cfg_accounts_oauth_connections_response_200_AutoRefSchema = z.array(OAuthConnectionSchema);\n\nexport type cfg_accounts_oauth_connections_response_200_AutoRef = z.infer<typeof cfg_accounts_oauth_connections_response_200_AutoRefSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\nimport { OAuthProviderEnumSchema } from \"./OAuthProviderEnum\";\n\nexport const OAuthConnectionSchema = z.object({\n id: z.number().int(),\n provider: OAuthProviderEnumSchema,\n provider_display: z.string(),\n provider_username: z.string(),\n provider_email: z.email(),\n provider_avatar_url: z.string(),\n connected_at: z.string().datetime({ offset: true }),\n last_login_at: z.string().datetime({ offset: true }),\n});\n\nexport type OAuthConnection = z.infer<typeof OAuthConnectionSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const OAuthProviderEnumSchema = z.enum([\"github\"]);\n\nexport type OAuthProviderEnum = z.infer<typeof OAuthProviderEnumSchema>;\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// Disconnect OAuth provider\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccountsOauth } from \"../../sdk.gen\";\nimport type { CfgAccountsOauthDisconnectCreateData, CfgAccountsOauthDisconnectCreateResponses } from \"../../types.gen\";\nimport { cfg_accounts_oauth_disconnect_response_200_AutoRefSchema } from \"../schemas/cfg_accounts_oauth_disconnect_response_200_AutoRef\";\n\ntype Args = Omit<CfgAccountsOauthDisconnectCreateData, \"url\">;\ntype Result = CfgAccountsOauthDisconnectCreateResponses[keyof CfgAccountsOauthDisconnectCreateResponses];\n\nexport function useCfgAccountsOauthDisconnectCreate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_oauth_disconnect_create\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_oauth_disconnect_create\"], Args>(\n [\"cfg_accounts_oauth_disconnect_create\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccountsOauth.cfgAccountsOauthDisconnectCreate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = cfg_accounts_oauth_disconnect_response_200_AutoRefSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_oauth_disconnect_create\",\n method: \"POST\",\n path: \"/cfg/accounts/oauth/disconnect/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_oauth_disconnect_create\",\n method: \"POST\",\n path: \"/cfg/accounts/oauth/disconnect/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const cfg_accounts_oauth_disconnect_response_200_AutoRefSchema = z.object({\n message: z.string().optional(),\n});\n\nexport type cfg_accounts_oauth_disconnect_response_200_AutoRef = z.infer<typeof cfg_accounts_oauth_disconnect_response_200_AutoRefSchema>;\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// Start GitHub OAuth\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccountsOauth } from \"../../sdk.gen\";\nimport type { CfgAccountsOauthGithubAuthorizeCreateData, CfgAccountsOauthGithubAuthorizeCreateResponses } from \"../../types.gen\";\nimport { OAuthAuthorizeResponseSchema } from \"../schemas/OAuthAuthorizeResponse\";\n\ntype Args = Omit<CfgAccountsOauthGithubAuthorizeCreateData, \"url\">;\ntype Result = CfgAccountsOauthGithubAuthorizeCreateResponses[keyof CfgAccountsOauthGithubAuthorizeCreateResponses];\n\nexport function useCfgAccountsOauthGithubAuthorizeCreate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_oauth_github_authorize_create\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_oauth_github_authorize_create\"], Args>(\n [\"cfg_accounts_oauth_github_authorize_create\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccountsOauth.cfgAccountsOauthGithubAuthorizeCreate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = OAuthAuthorizeResponseSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_oauth_github_authorize_create\",\n method: \"POST\",\n path: \"/cfg/accounts/oauth/github/authorize/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_oauth_github_authorize_create\",\n method: \"POST\",\n path: \"/cfg/accounts/oauth/github/authorize/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const OAuthAuthorizeResponseSchema = z.object({\n authorization_url: z.string(),\n state: z.string(),\n});\n\nexport type OAuthAuthorizeResponse = z.infer<typeof OAuthAuthorizeResponseSchema>;\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// Complete GitHub OAuth\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccountsOauth } from \"../../sdk.gen\";\nimport type { CfgAccountsOauthGithubCallbackCreateData, CfgAccountsOauthGithubCallbackCreateResponses } from \"../../types.gen\";\nimport { OAuthTokenResponseSchema } from \"../schemas/OAuthTokenResponse\";\n\ntype Args = Omit<CfgAccountsOauthGithubCallbackCreateData, \"url\">;\ntype Result = CfgAccountsOauthGithubCallbackCreateResponses[keyof CfgAccountsOauthGithubCallbackCreateResponses];\n\nexport function useCfgAccountsOauthGithubCallbackCreate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_oauth_github_callback_create\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_oauth_github_callback_create\"], Args>(\n [\"cfg_accounts_oauth_github_callback_create\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccountsOauth.cfgAccountsOauthGithubCallbackCreate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = OAuthTokenResponseSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_oauth_github_callback_create\",\n method: \"POST\",\n path: \"/cfg/accounts/oauth/github/callback/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_oauth_github_callback_create\",\n method: \"POST\",\n path: \"/cfg/accounts/oauth/github/callback/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const OAuthTokenResponseSchema = z.object({\n requires_2fa: z.boolean().default(false).optional(),\n session_id: z.string().regex(/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i).nullable().optional(),\n access: z.string().nullable().optional(),\n refresh: z.string().nullable().optional(),\n user: z.object({}).passthrough().nullable().optional(),\n is_new_user: z.boolean().default(false).optional(),\n is_new_connection: z.boolean().default(false).optional(),\n should_prompt_2fa: z.boolean().optional(),\n});\n\nexport type OAuthTokenResponse = z.infer<typeof OAuthTokenResponseSchema>;\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// List OAuth providers\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWR from \"swr\";\nimport type { SWRConfiguration } from \"swr\";\nimport { CfgAccountsOauth } from \"../../sdk.gen\";\nimport type { CfgAccountsOauthProvidersRetrieveData, CfgAccountsOauthProvidersRetrieveResponses } from \"../../types.gen\";\nimport { OAuthProvidersResponseSchema } from \"../schemas/OAuthProvidersResponse\";\n\ntype Result = CfgAccountsOauthProvidersRetrieveResponses[keyof CfgAccountsOauthProvidersRetrieveResponses];\n\n/**\n * Optional `enabled` flag — when `false`, the SWR key becomes `null` and\n * no request is made. Use for gated endpoints (auth-required, feature\n * flags, \"fetch only when X is selected\"). The flag is stripped before\n * being forwarded to `useSWR` so the underlying SWR config stays pristine.\n */\ntype HookConfig = SWRConfiguration<Result> & { enabled?: boolean };\n\nexport function useCfgAccountsOauthProvidersRetrieve(\n args?: Omit<CfgAccountsOauthProvidersRetrieveData, \"url\" | \"body\">,\n config?: HookConfig,\n) {\n const { enabled = true, ...swrConfig } = config ?? {};\n const key = enabled ? [\"cfg_accounts_oauth_providers_retrieve\", args ?? {}] as const : null;\n return useSWR<Result>(\n key,\n async () => {\n const res = await CfgAccountsOauth.cfgAccountsOauthProvidersRetrieve({ ...(args ?? {}), throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = OAuthProvidersResponseSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_oauth_providers_retrieve\",\n method: \"GET\",\n path: \"/cfg/accounts/oauth/providers/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_oauth_providers_retrieve\",\n method: \"GET\",\n path: \"/cfg/accounts/oauth/providers/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n swrConfig,\n );\n}\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const OAuthProvidersResponseSchema = z.object({\n providers: z.array(z.object({}).passthrough()),\n});\n\nexport type OAuthProvidersResponse = z.infer<typeof OAuthProvidersResponseSchema>;\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// POST /cfg/accounts/otp/request/\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccounts } from \"../../sdk.gen\";\nimport type { CfgAccountsOtpRequestCreateData, CfgAccountsOtpRequestCreateResponses } from \"../../types.gen\";\nimport { OTPRequestResponseSchema } from \"../schemas/OTPRequestResponse\";\n\ntype Args = Omit<CfgAccountsOtpRequestCreateData, \"url\">;\ntype Result = CfgAccountsOtpRequestCreateResponses[keyof CfgAccountsOtpRequestCreateResponses];\n\nexport function useCfgAccountsOtpRequestCreate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_otp_request_create\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_otp_request_create\"], Args>(\n [\"cfg_accounts_otp_request_create\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccounts.cfgAccountsOtpRequestCreate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = OTPRequestResponseSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_otp_request_create\",\n method: \"POST\",\n path: \"/cfg/accounts/otp/request/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_otp_request_create\",\n method: \"POST\",\n path: \"/cfg/accounts/otp/request/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\nimport { WebmailLinkSchema } from \"./WebmailLink\";\n\nexport const OTPRequestResponseSchema = z.object({\n message: z.string(),\n webmail: WebmailLinkSchema.nullable().optional(),\n});\n\nexport type OTPRequestResponse = z.infer<typeof OTPRequestResponseSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\nimport { WebmailLinkProviderEnumSchema } from \"./WebmailLinkProviderEnum\";\n\nexport const WebmailLinkSchema = z.object({\n provider: WebmailLinkProviderEnumSchema,\n provider_name: z.string(),\n url: z.string(),\n is_search: z.boolean(),\n});\n\nexport type WebmailLink = z.infer<typeof WebmailLinkSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const WebmailLinkProviderEnumSchema = z.enum([\"gmail\", \"outlook\", \"yahoo\", \"icloud\", \"proton\", \"zoho\", \"aol\", \"fastmail\", \"gmx\", \"mailcom\", \"mail_ru\", \"yandex\", \"rambler\", \"qq\", \"netease\", \"sina\", \"aliyun\", \"naver\", \"daum\", \"web_de\", \"tonline\", \"seznam\", \"wp_pl\", \"o2_pl\", \"interia\", \"libero\", \"virgilio\", \"orange\", \"laposte\", \"free_fr\", \"sfr\"]);\n\nexport type WebmailLinkProviderEnum = z.infer<typeof WebmailLinkProviderEnumSchema>;\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// POST /cfg/accounts/otp/verify/\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccounts } from \"../../sdk.gen\";\nimport type { CfgAccountsOtpVerifyCreateData, CfgAccountsOtpVerifyCreateResponses } from \"../../types.gen\";\nimport { OTPVerifyResponseSchema } from \"../schemas/OTPVerifyResponse\";\n\ntype Args = Omit<CfgAccountsOtpVerifyCreateData, \"url\">;\ntype Result = CfgAccountsOtpVerifyCreateResponses[keyof CfgAccountsOtpVerifyCreateResponses];\n\nexport function useCfgAccountsOtpVerifyCreate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_otp_verify_create\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_otp_verify_create\"], Args>(\n [\"cfg_accounts_otp_verify_create\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccounts.cfgAccountsOtpVerifyCreate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = OTPVerifyResponseSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_otp_verify_create\",\n method: \"POST\",\n path: \"/cfg/accounts/otp/verify/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_otp_verify_create\",\n method: \"POST\",\n path: \"/cfg/accounts/otp/verify/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\nimport { UserSchema } from \"./User\";\n\nexport const OTPVerifyResponseSchema = z.object({\n requires_2fa: z.boolean().default(false).optional(),\n session_id: z.string().regex(/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i).nullable().optional(),\n refresh: z.string().nullable().optional(),\n access: z.string().nullable().optional(),\n user: UserSchema.nullable().optional(),\n should_prompt_2fa: z.boolean().optional(),\n});\n\nexport type OTPVerifyResponse = z.infer<typeof OTPVerifyResponseSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\nimport { CentrifugoTokenSchema } from \"./CentrifugoToken\";\n\nexport const UserSchema = z.object({\n id: z.number().int(),\n email: z.email(),\n first_name: z.string().max(50).nullable().optional(),\n last_name: z.string().max(50).nullable().optional(),\n full_name: z.string(),\n initials: z.string(),\n display_username: z.string(),\n company: z.string().max(100).nullable().optional(),\n phone: z.string().max(20).nullable().optional(),\n position: z.string().max(100).nullable().optional(),\n language: z.string().max(10).nullable().optional(),\n timezone: z.string().max(64).nullable().optional(),\n avatar: z.string().nullable(),\n is_staff: z.boolean(),\n is_superuser: z.boolean(),\n date_joined: z.string().datetime({ offset: true }),\n last_login: z.string().datetime({ offset: true }).nullable(),\n unanswered_messages_count: z.number().int().default(0),\n centrifugo: CentrifugoTokenSchema.nullable(),\n api_key: z.string().nullable(),\n});\n\nexport type User = z.infer<typeof UserSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const CentrifugoTokenSchema = z.object({\n token: z.string(),\n centrifugo_url: z.string(),\n expires_at: z.string().datetime({ offset: true }),\n channels: z.array(z.string()),\n});\n\nexport type CentrifugoToken = z.infer<typeof CentrifugoTokenSchema>;\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// Upload user avatar\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccountsProfile } from \"../../sdk.gen\";\nimport type { CfgAccountsProfileAvatarCreateData, CfgAccountsProfileAvatarCreateResponses } from \"../../types.gen\";\nimport { UserSchema } from \"../schemas/User\";\n\ntype Args = Omit<CfgAccountsProfileAvatarCreateData, \"url\">;\ntype Result = CfgAccountsProfileAvatarCreateResponses[keyof CfgAccountsProfileAvatarCreateResponses];\n\nexport function useCfgAccountsProfileAvatarCreate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_profile_avatar_create\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_profile_avatar_create\"], Args>(\n [\"cfg_accounts_profile_avatar_create\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccountsProfile.cfgAccountsProfileAvatarCreate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = UserSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_profile_avatar_create\",\n method: \"POST\",\n path: \"/cfg/accounts/profile/avatar/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_profile_avatar_create\",\n method: \"POST\",\n path: \"/cfg/accounts/profile/avatar/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// Delete user account\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccountsProfile } from \"../../sdk.gen\";\nimport type { CfgAccountsProfileDeleteCreateData, CfgAccountsProfileDeleteCreateResponses } from \"../../types.gen\";\nimport { AccountDeleteResponseSchema } from \"../schemas/AccountDeleteResponse\";\n\ntype Args = Omit<CfgAccountsProfileDeleteCreateData, \"url\">;\ntype Result = CfgAccountsProfileDeleteCreateResponses[keyof CfgAccountsProfileDeleteCreateResponses];\n\nexport function useCfgAccountsProfileDeleteCreate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_profile_delete_create\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_profile_delete_create\"], Args>(\n [\"cfg_accounts_profile_delete_create\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccountsProfile.cfgAccountsProfileDeleteCreate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = AccountDeleteResponseSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_profile_delete_create\",\n method: \"POST\",\n path: \"/cfg/accounts/profile/delete/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_profile_delete_create\",\n method: \"POST\",\n path: \"/cfg/accounts/profile/delete/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const AccountDeleteResponseSchema = z.object({\n success: z.boolean(),\n message: z.string(),\n});\n\nexport type AccountDeleteResponse = z.infer<typeof AccountDeleteResponseSchema>;\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// Partial update user profile\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccountsProfile } from \"../../sdk.gen\";\nimport type { CfgAccountsProfilePartialPartialUpdateData, CfgAccountsProfilePartialPartialUpdateResponses } from \"../../types.gen\";\nimport { UserSchema } from \"../schemas/User\";\n\ntype Args = Omit<CfgAccountsProfilePartialPartialUpdateData, \"url\">;\ntype Result = CfgAccountsProfilePartialPartialUpdateResponses[keyof CfgAccountsProfilePartialPartialUpdateResponses];\n\nexport function useCfgAccountsProfilePartialPartialUpdate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_profile_partial_partial_update\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_profile_partial_partial_update\"], Args>(\n [\"cfg_accounts_profile_partial_partial_update\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccountsProfile.cfgAccountsProfilePartialPartialUpdate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = UserSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_profile_partial_partial_update\",\n method: \"PATCH\",\n path: \"/cfg/accounts/profile/partial/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_profile_partial_partial_update\",\n method: \"PATCH\",\n path: \"/cfg/accounts/profile/partial/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// Partial update user profile\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccountsProfile } from \"../../sdk.gen\";\nimport type { CfgAccountsProfilePartialUpdateData, CfgAccountsProfilePartialUpdateResponses } from \"../../types.gen\";\nimport { UserSchema } from \"../schemas/User\";\n\ntype Args = Omit<CfgAccountsProfilePartialUpdateData, \"url\">;\ntype Result = CfgAccountsProfilePartialUpdateResponses[keyof CfgAccountsProfilePartialUpdateResponses];\n\nexport function useCfgAccountsProfilePartialUpdate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_profile_partial_update\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_profile_partial_update\"], Args>(\n [\"cfg_accounts_profile_partial_update\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccountsProfile.cfgAccountsProfilePartialUpdate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = UserSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_profile_partial_update\",\n method: \"PUT\",\n path: \"/cfg/accounts/profile/partial/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_profile_partial_update\",\n method: \"PUT\",\n path: \"/cfg/accounts/profile/partial/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// Get current user profile\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWR from \"swr\";\nimport type { SWRConfiguration } from \"swr\";\nimport { CfgAccountsProfile } from \"../../sdk.gen\";\nimport type { CfgAccountsProfileRetrieveData, CfgAccountsProfileRetrieveResponses } from \"../../types.gen\";\nimport { UserSchema } from \"../schemas/User\";\n\ntype Result = CfgAccountsProfileRetrieveResponses[keyof CfgAccountsProfileRetrieveResponses];\n\n/**\n * Optional `enabled` flag — when `false`, the SWR key becomes `null` and\n * no request is made. Use for gated endpoints (auth-required, feature\n * flags, \"fetch only when X is selected\"). The flag is stripped before\n * being forwarded to `useSWR` so the underlying SWR config stays pristine.\n */\ntype HookConfig = SWRConfiguration<Result> & { enabled?: boolean };\n\nexport function useCfgAccountsProfileRetrieve(\n args?: Omit<CfgAccountsProfileRetrieveData, \"url\" | \"body\">,\n config?: HookConfig,\n) {\n const { enabled = true, ...swrConfig } = config ?? {};\n const key = enabled ? [\"cfg_accounts_profile_retrieve\", args ?? {}] as const : null;\n return useSWR<Result>(\n key,\n async () => {\n const res = await CfgAccountsProfile.cfgAccountsProfileRetrieve({ ...(args ?? {}), throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = UserSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_profile_retrieve\",\n method: \"GET\",\n path: \"/cfg/accounts/profile/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_profile_retrieve\",\n method: \"GET\",\n path: \"/cfg/accounts/profile/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n swrConfig,\n );\n}\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// Update user profile\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccountsProfile } from \"../../sdk.gen\";\nimport type { CfgAccountsProfileUpdatePartialUpdateData, CfgAccountsProfileUpdatePartialUpdateResponses } from \"../../types.gen\";\nimport { UserSchema } from \"../schemas/User\";\n\ntype Args = Omit<CfgAccountsProfileUpdatePartialUpdateData, \"url\">;\ntype Result = CfgAccountsProfileUpdatePartialUpdateResponses[keyof CfgAccountsProfileUpdatePartialUpdateResponses];\n\nexport function useCfgAccountsProfileUpdatePartialUpdate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_profile_update_partial_update\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_profile_update_partial_update\"], Args>(\n [\"cfg_accounts_profile_update_partial_update\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccountsProfile.cfgAccountsProfileUpdatePartialUpdate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = UserSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_profile_update_partial_update\",\n method: \"PATCH\",\n path: \"/cfg/accounts/profile/update/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_profile_update_partial_update\",\n method: \"PATCH\",\n path: \"/cfg/accounts/profile/update/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// Update user profile\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccountsProfile } from \"../../sdk.gen\";\nimport type { CfgAccountsProfileUpdateUpdateData, CfgAccountsProfileUpdateUpdateResponses } from \"../../types.gen\";\nimport { UserSchema } from \"../schemas/User\";\n\ntype Args = Omit<CfgAccountsProfileUpdateUpdateData, \"url\">;\ntype Result = CfgAccountsProfileUpdateUpdateResponses[keyof CfgAccountsProfileUpdateUpdateResponses];\n\nexport function useCfgAccountsProfileUpdateUpdate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_profile_update_update\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_profile_update_update\"], Args>(\n [\"cfg_accounts_profile_update_update\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccountsProfile.cfgAccountsProfileUpdateUpdate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = UserSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_profile_update_update\",\n method: \"PUT\",\n path: \"/cfg/accounts/profile/update/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_profile_update_update\",\n method: \"PUT\",\n path: \"/cfg/accounts/profile/update/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// POST /cfg/accounts/token/blacklist/\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccountsAuth } from \"../../sdk.gen\";\nimport type { CfgAccountsTokenBlacklistCreateData, CfgAccountsTokenBlacklistCreateResponses } from \"../../types.gen\";\n\n\ntype Args = Omit<CfgAccountsTokenBlacklistCreateData, \"url\">;\ntype Result = CfgAccountsTokenBlacklistCreateResponses[keyof CfgAccountsTokenBlacklistCreateResponses];\n\nexport function useCfgAccountsTokenBlacklistCreate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_token_blacklist_create\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_token_blacklist_create\"], Args>(\n [\"cfg_accounts_token_blacklist_create\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccountsAuth.cfgAccountsTokenBlacklistCreate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n return data;\n },\n config,\n );\n}\n","'use client';\n\n// AUTO-GENERATED by openapi_processor / ts.hooks\n// POST /cfg/accounts/token/refresh/\n// DO NOT EDIT — re-run `make gen`.\n\nimport useSWRMutation from \"swr/mutation\";\nimport type { SWRMutationConfiguration } from \"swr/mutation\";\nimport { CfgAccountsAuth } from \"../../sdk.gen\";\nimport type { CfgAccountsTokenRefreshCreateData, CfgAccountsTokenRefreshCreateResponses } from \"../../types.gen\";\nimport { TokenRefreshSchema } from \"../schemas/TokenRefresh\";\n\ntype Args = Omit<CfgAccountsTokenRefreshCreateData, \"url\">;\ntype Result = CfgAccountsTokenRefreshCreateResponses[keyof CfgAccountsTokenRefreshCreateResponses];\n\nexport function useCfgAccountsTokenRefreshCreate(\n config?: SWRMutationConfiguration<Result, Error, readonly [\"cfg_accounts_token_refresh_create\"], Args>,\n) {\n return useSWRMutation<Result, Error, readonly [\"cfg_accounts_token_refresh_create\"], Args>(\n [\"cfg_accounts_token_refresh_create\"] as const,\n async (_key, { arg }: { arg: Args }) => {\n const res = await CfgAccountsAuth.cfgAccountsTokenRefreshCreate({ ...arg, throwOnError: true } as never);\n const data = res.data as Result;\n const parsed = TokenRefreshSchema.safeParse(data);\n if (!parsed.success) {\n // Log first so the failure is always visible, even if the\n // event handler swallows it.\n console.warn(\n \"[zod] response did not match schema\",\n {\n operation: \"cfg_accounts_token_refresh_create\",\n method: \"POST\",\n path: \"/cfg/accounts/token/refresh/\",\n issues: parsed.error.issues,\n data,\n },\n );\n if (typeof window !== \"undefined\") {\n try {\n window.dispatchEvent(\n new CustomEvent(\"zod-validation-error\", {\n detail: {\n operation: \"cfg_accounts_token_refresh_create\",\n method: \"POST\",\n path: \"/cfg/accounts/token/refresh/\",\n issues: parsed.error.issues,\n data,\n timestamp: new Date(),\n },\n bubbles: true,\n cancelable: false,\n }),\n );\n } catch {\n // Event dispatch is best-effort.\n }\n }\n return data;\n }\n return parsed.data as unknown as Result;\n },\n config,\n );\n}\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const TokenRefreshSchema = z.object({\n access: z.string(),\n refresh: z.string(),\n});\n\nexport type TokenRefresh = z.infer<typeof TokenRefreshSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const APIKeyRequestSchema = z.object({\n key: z.string().min(1),\n reissued_at: z.string().datetime({ offset: true }).nullable(),\n created_at: z.string().datetime({ offset: true }),\n});\n\nexport type APIKeyRequest = z.infer<typeof APIKeyRequestSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const APIKeyTestRequestSchema = z.object({\n key: z.string().min(1),\n});\n\nexport type APIKeyTestRequest = z.infer<typeof APIKeyTestRequestSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const CfgUserUpdateRequestSchema = z.object({\n first_name: z.string().max(50).optional(),\n last_name: z.string().max(50).optional(),\n company: z.string().max(100).optional(),\n phone: z.string().max(20).optional(),\n position: z.string().max(100).optional(),\n language: z.string().max(10).optional(),\n timezone: z.string().max(64).optional(),\n});\n\nexport type CfgUserUpdateRequest = z.infer<typeof CfgUserUpdateRequestSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const OAuthAuthorizeRequestRequestSchema = z.object({\n redirect_uri: z.string().optional(),\n source_url: z.string().optional(),\n});\n\nexport type OAuthAuthorizeRequestRequest = z.infer<typeof OAuthAuthorizeRequestRequestSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const OAuthCallbackRequestRequestSchema = z.object({\n code: z.string().min(10).max(500),\n state: z.string().min(20).max(100),\n redirect_uri: z.string().optional(),\n});\n\nexport type OAuthCallbackRequestRequest = z.infer<typeof OAuthCallbackRequestRequestSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\nimport { OAuthProviderEnumSchema } from \"./OAuthProviderEnum\";\n\nexport const OAuthDisconnectRequestRequestSchema = z.object({\n provider: OAuthProviderEnumSchema,\n});\n\nexport type OAuthDisconnectRequestRequest = z.infer<typeof OAuthDisconnectRequestRequestSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const OAuthErrorSchema = z.object({\n error: z.string(),\n error_description: z.string().optional(),\n});\n\nexport type OAuthError = z.infer<typeof OAuthErrorSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const OTPErrorResponseSchema = z.object({\n error: z.string(),\n error_code: z.string().nullable().optional(),\n retry_after: z.number().int().nullable().optional(),\n});\n\nexport type OTPErrorResponse = z.infer<typeof OTPErrorResponseSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const OTPRequestRequestSchema = z.object({\n identifier: z.string().min(1),\n source_url: z.string().optional(),\n});\n\nexport type OTPRequestRequest = z.infer<typeof OTPRequestRequestSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const OTPVerifyRequestSchema = z.object({\n identifier: z.string().min(1),\n otp: z.string().min(4).max(4),\n source_url: z.string().optional(),\n});\n\nexport type OTPVerifyRequest = z.infer<typeof OTPVerifyRequestSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const PatchedCfgUserUpdateRequestSchema = z.object({\n first_name: z.string().max(50).optional(),\n last_name: z.string().max(50).optional(),\n company: z.string().max(100).optional(),\n phone: z.string().max(20).optional(),\n position: z.string().max(100).optional(),\n language: z.string().max(10).optional(),\n timezone: z.string().max(64).optional(),\n});\n\nexport type PatchedCfgUserUpdateRequest = z.infer<typeof PatchedCfgUserUpdateRequestSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const TokenBlacklistRequestSchema = z.object({\n refresh: z.string().min(1),\n});\n\nexport type TokenBlacklistRequest = z.infer<typeof TokenBlacklistRequestSchema>;\n","// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras\n// Source: OpenAPI 3.1 components.schemas\n// DO NOT EDIT — re-run `make gen-clients`.\n\nimport { z } from \"zod\";\n\nexport const TokenRefreshRequestSchema = z.object({\n refresh: z.string().min(1),\n});\n\nexport type TokenRefreshRequest = z.infer<typeof TokenRefreshRequestSchema>;\n","/**\n * Email validation utility\n */\nexport const validateEmail = (email: string): boolean => {\n const emailRegex = /^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$/;\n return emailRegex.test(email);\n};\n","/**\n * Format authentication error for display\n */\nexport const formatAuthError = (error: any): string => {\n if (typeof error === 'string') {\n return error;\n }\n\n if (error?.message) {\n return error.message;\n }\n\n if (error?.detail) {\n return error.detail;\n }\n\n if (error?.response?.data?.detail) {\n return error.response.data.detail;\n }\n\n return 'An unexpected error occurred';\n};\n","/**\n * Pure auth-guard state resolution.\n *\n * This is the decision that produced the \"stuck on Authenticating…\" bug: given\n * the auth state, should the UI show a preloader, redirect to login, or render\n * the protected content? Extracted from useAuthGuard (which lives in a package\n * with no test infra) so the branching can be unit-tested in isolation — the\n * hook just wires React state (mounted / isRedirecting) into these functions.\n *\n * Invariant that fixes the bug: once auth is resolved (`authLoading === false`)\n * and the user is unauthenticated, `isLoading` must become false so the guard\n * redirects to the form instead of spinning forever.\n */\n\nexport interface GuardInput {\n /** First client render matches SSR (preloader) until mounted, to avoid hydration mismatch. */\n mounted: boolean;\n /** Whether this route requires authentication. */\n requireAuth: boolean;\n /** AuthContext still resolving initial state. */\n authLoading: boolean;\n /** A redirect to the auth page is in flight. */\n isRedirecting: boolean;\n /** User currently has a (valid-looking) session. */\n isAuthenticated: boolean;\n}\n\n/**\n * True while the guard should render a preloader rather than the protected\n * content. Mirrors useAuthGuard's formula exactly.\n */\nexport function resolveGuardIsLoading(s: GuardInput): boolean {\n if (!s.mounted) return true; // pre-hydration: always preloader\n if (!s.requireAuth) return false; // public route: never blocks\n return s.authLoading || s.isRedirecting || !s.isAuthenticated;\n}\n\n/**\n * Whether the guard should trigger a redirect to the auth page. Only once\n * mounted, on a protected route, after auth resolved, when unauthenticated and\n * not already redirecting. This is the branch that must fire for a dead session.\n */\nexport function shouldRedirectToAuth(s: GuardInput): boolean {\n return (\n s.mounted &&\n s.requireAuth &&\n !s.authLoading &&\n !s.isAuthenticated &&\n !s.isRedirecting\n );\n}\n\n/** The effective authenticated flag the guard exposes to consumers. */\nexport function resolveGuardIsAuthenticated(s: Pick<GuardInput, 'requireAuth' | 'isAuthenticated'>): boolean {\n return !s.requireAuth || s.isAuthenticated;\n}\n\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACKO,IAAM,iBAAiB;AAAA;AAAA,EAE5B,kBAAkB;AAAA;AAAA,EAElB,aAAa;AAAA;AAAA,EAEb,wBAAwB;AAC1B;;;ACMA,IAAAA,qBAA4B;AAC5B,IAAAC,iBASO;;;ACrBA,IAAM,WAAN,cAAuB,MAAM;AAAA,EAClC,YACS,YACA,YACA,UACA,KACP,SACA;AACA,UAAM,WAAW,QAAQ,UAAU,KAAK,UAAU,EAAE;AAN7C;AACA;AACA;AACA;AAIP,SAAK,OAAO;AAAA,EACd;AAAA,EARS;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAZX,OAOoC;AAAA;AAAA;AAAA,EAYlC,IAAI,UAAsC;AACxC,QAAI,OAAO,KAAK,aAAa,YAAY,KAAK,aAAa,MAAM;AAC/D,aAAO,KAAK;AAAA,IACd;AACA,WAAO;AAAA,EACT;AAAA,EAEA,IAAI,cAA+C;AACjD,UAAM,UAAU,KAAK;AACrB,QAAI,CAAC,QAAS,QAAO;AACrB,UAAM,cAAwC,CAAC;AAC/C,eAAW,CAAC,KAAK,KAAK,KAAK,OAAO,QAAQ,OAAO,GAAG;AAClD,UAAI,MAAM,QAAQ,KAAK,EAAG,aAAY,GAAG,IAAI;AAAA,IAC/C;AACA,WAAO,OAAO,KAAK,WAAW,EAAE,SAAS,IAAI,cAAc;AAAA,EAC7D;AAAA,EAEA,IAAI,eAAuB;AACzB,UAAM,UAAU,KAAK;AACrB,QAAI,CAAC,QAAS,QAAO,KAAK;AAC1B,QAAI,QAAQ,QAAQ;AAClB,aAAO,MAAM,QAAQ,QAAQ,MAAM,IAAI,QAAQ,OAAO,KAAK,IAAI,IAAI,OAAO,QAAQ,MAAM;AAAA,IAC1F;AACA,QAAI,QAAQ,MAAO,QAAO,OAAO,QAAQ,KAAK;AAC9C,QAAI,QAAQ,QAAS,QAAO,OAAO,QAAQ,OAAO;AAClD,UAAM,cAAc,KAAK;AACzB,QAAI,aAAa;AACf,YAAM,aAAa,OAAO,KAAK,WAAW,EAAE,CAAC;AAC7C,UAAI,WAAY,QAAO,GAAG,UAAU,KAAK,YAAY,UAAU,GAAG,KAAK,IAAI,CAAC;AAAA,IAC9E;AACA,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,IAAI,oBAA6B;AAAE,WAAO,KAAK,eAAe;AAAA,EAAK;AAAA,EACnE,IAAI,cAAuB;AAAE,WAAO,KAAK,eAAe;AAAA,EAAK;AAAA,EAC7D,IAAI,oBAA6B;AAAE,WAAO,KAAK,eAAe;AAAA,EAAK;AAAA,EACnE,IAAI,kBAA2B;AAAE,WAAO,KAAK,eAAe;AAAA,EAAK;AAAA,EACjE,IAAI,gBAAyB;AAAE,WAAO,KAAK,cAAc,OAAO,KAAK,aAAa;AAAA,EAAK;AACzF;;;ACjDA,IAAM,aAAa;AACnB,IAAM,cAAc;AACpB,IAAM,cAAc;AAEpB,IAAM,YAAY,OAAO,WAAW;AAWpC,IAAM,sBAA+B;AAAA,EACnC,IAAI,KAAK;AACP,QAAI,CAAC,UAAW,QAAO;AACvB,QAAI;AAAE,aAAO,OAAO,aAAa,QAAQ,GAAG;AAAA,IAAG,QAAQ;AAAE,aAAO;AAAA,IAAM;AAAA,EACxE;AAAA,EACA,IAAI,KAAK,OAAO;AACd,QAAI,CAAC,UAAW;AAChB,QAAI;AACF,UAAI,UAAU,KAAM,QAAO,aAAa,WAAW,GAAG;AAAA,UACjD,QAAO,aAAa,QAAQ,KAAK,KAAK;AAAA,IAC7C,QAAQ;AAAA,IAAC;AAAA,EACX;AACF;AAGA,IAAM,iBAAiB,KAAK,KAAK,KAAK;AAEtC,IAAM,gBAAyB;AAAA,EAC7B,IAAI,KAAK;AACP,QAAI,CAAC,UAAW,QAAO;AACvB,QAAI;AACF,YAAM,KAAK,IAAI,OAAO,cAAc,mBAAmB,GAAG,CAAC,UAAU;AACrE,YAAM,IAAI,SAAS,OAAO,MAAM,EAAE;AAClC,aAAO,IAAI,mBAAmB,EAAE,CAAC,CAAC,IAAI;AAAA,IACxC,QAAQ;AAAE,aAAO;AAAA,IAAM;AAAA,EACzB;AAAA,EACA,IAAI,KAAK,OAAO;AACd,QAAI,CAAC,UAAW;AAChB,QAAI;AACF,YAAM,IAAI,mBAAmB,GAAG;AAChC,YAAM,SAAS,OAAO,SAAS,aAAa,WAAW,aAAa;AACpE,UAAI,UAAU,MAAM;AAClB,iBAAS,SAAS,GAAG,CAAC,qCAAqC,MAAM;AAAA,MACnE,OAAO;AACL,cAAM,IAAI,mBAAmB,KAAK;AAClC,iBAAS,SAAS,GAAG,CAAC,IAAI,CAAC,qBAAqB,cAAc,iBAAiB,MAAM;AAAA,MACvF;AAAA,IACF,QAAQ;AAAA,IAAC;AAAA,EACX;AACF;AAEA,IAAI,WAAoB;AACxB,IAAI,eAA4B;AAGhC,SAAS,eAA8B;AACrC,MAAI;AACF,QAAI,OAAO,aAAa,aAAa;AACnC,YAAM,IAAI,SAAS,OAAO,MAAM,+BAA+B;AAC/D,UAAI,EAAG,QAAO,mBAAmB,EAAE,CAAC,CAAC;AAAA,IACvC;AACA,QAAI,OAAO,cAAc,eAAe,UAAU,UAAU;AAC1D,aAAO,UAAU;AAAA,IACnB;AAAA,EACF,QAAQ;AAAA,EAAC;AACT,SAAO;AACT;AAXS;AAuBT,SAAS,iBAAyB;AAChC,MAAI,OAAO,WAAW,aAAa;AACjC,QAAI;AACF,UAAI,OAAO,YAAY,eAAe,QAAQ,KAAK;AACjD,YAAI,QAAQ,IAAI,6BAA6B,OAAQ,QAAO;AAG5D,YAAI,QAAQ,IAAI,8BAA8B;AAC5C,iBAAO,QAAQ,IAAI;AACrB,eAAO,QAAQ,IAAI,uBAAuB;AAAA,MAC5C;AAAA,IACF,QAAQ;AAAA,IAAC;AACT,WAAO;AAAA,EACT;AACA,MAAI;AACF,QAAI,OAAO,YAAY,eAAe,QAAQ,KAAK;AACjD,UAAI,QAAQ,IAAI,6BAA6B,OAAQ,QAAO;AAC5D,aAAO,QAAQ,IAAI,uBAAuB;AAAA,IAC5C;AAAA,EACF,QAAQ;AAAA,EAAC;AACT,SAAO;AACT;AArBS;AA6BT,SAAS,gBAA+B;AACtC,MAAI;AACF,QAAI,OAAO,YAAY,eAAe,QAAQ,KAAK,qBAAqB;AACtE,aAAO,QAAQ,IAAI;AAAA,IACrB;AAAA,EACF,QAAQ;AAAA,EAAC;AACT,SAAO;AACT;AAPS;AAUT,IAAI,kBAAiC;AACrC,IAAI,kBAAiC;AACrC,IAAI,mBAAkC;AACtC,IAAI,mBAAmB;AACvB,IAAI,kBAAyD;AAS7D,IAAI,kBAAyC;AAG7C,IAAI,mBAAkD;AAGtD,IAAM,eAAe;AAoBrB,SAAS,SAAS,OAA8B;AAC9C,MAAI;AACF,UAAM,UAAU,MAAM,MAAM,GAAG,EAAE,CAAC;AAClC,QAAI,CAAC,QAAS,QAAO;AACrB,UAAM,OAAO,KAAK,MAAM,KAAK,QAAQ,QAAQ,MAAM,GAAG,EAAE,QAAQ,MAAM,GAAG,CAAC,CAAC;AAC3E,WAAO,OAAO,KAAK,QAAQ,WAAW,KAAK,MAAM,MAAO;AAAA,EAC1D,QAAQ;AAAE,WAAO;AAAA,EAAM;AACzB;AAPS;AAST,SAAS,kBAAmC;AAC1C,QAAM,SAAS,SAAS,IAAI,UAAU;AACtC,QAAM,UAAU,SAAS,IAAI,WAAW;AACxC,QAAM,MAAM,KAAK,IAAI;AACrB,QAAM,YAAY,SAAS,SAAS,MAAM,IAAI;AAC9C,QAAM,cAAc,WAAW,SAAS,cAAc,QAAQ,YAAY;AAC1E,QAAM,aAAa,UAAU,SAAS,OAAO,IAAI;AACjD,QAAM,eAAe,YAAY,SAAS,eAAe,QAAQ,aAAa;AAC9E,SAAO;AAAA,IACL,QAAQ,eAAe,eAAe,kBAAkB;AAAA,IACxD,iBAAiB;AAAA,EACnB;AACF;AAZS;AAeT,IAAM,kBAAmC,EAAE,QAAQ,aAAa,iBAAiB,KAAK;AAMtF,IAAM,qBAAqB,oBAAoB,UAAU;AAEzD,IAAI,YAA6B,gBAAgB;AACjD,IAAM,oBAAoB,oBAAI,IAAgB;AAC9C,IAAI,eAAqD;AACzD,IAAI,4BAA4B;AAGhC,SAAS,qBAA2B;AAClC,MAAI,CAAC,UAAW;AAChB,MAAI,iBAAiB,MAAM;AAAE,iBAAa,YAAY;AAAG,mBAAe;AAAA,EAAM;AAC9E,MAAI,kBAAkB,SAAS,EAAG;AAClC,QAAM,MAAM,KAAK,IAAI;AACrB,QAAM,OAAiB,CAAC;AACxB,QAAM,SAAS,SAAS,IAAI,UAAU;AACtC,QAAM,UAAU,SAAS,IAAI,WAAW;AACxC,QAAM,YAAY,SAAS,SAAS,MAAM,IAAI;AAC9C,QAAM,aAAa,UAAU,SAAS,OAAO,IAAI;AACjD,MAAI,cAAc,QAAQ,YAAY,IAAK,MAAK,KAAK,SAAS;AAC9D,MAAI,eAAe,QAAQ,aAAa,IAAK,MAAK,KAAK,UAAU;AACjE,MAAI,CAAC,KAAK,OAAQ;AAGlB,QAAM,QAAQ,KAAK,IAAI,KAAK,IAAI,GAAG,IAAI,IAAI,MAAM,KAAK,UAAU;AAChE,iBAAe,WAAW,sBAAsB,KAAK;AACvD;AAjBS;AAoBT,SAAS,uBAA6B;AACpC,QAAM,OAAO,gBAAgB;AAC7B,QAAM,UACJ,KAAK,WAAW,UAAU,UAC1B,KAAK,oBAAoB,UAAU;AACrC,MAAI,QAAS,aAAY;AACzB,qBAAmB;AACnB,MAAI,CAAC,QAAS;AACd,aAAW,YAAY,MAAM,KAAK,iBAAiB,GAAG;AACpD,QAAI;AAAE,eAAS;AAAA,IAAG,QAAQ;AAAA,IAAC;AAAA,EAC7B;AAIA,MAAI,WAAW;AACb,QAAI;AAAE,aAAO,cAAc,IAAI,MAAM,kBAAkB,CAAC;AAAA,IAAG,QAAQ;AAAA,IAAC;AAAA,EACtE;AACF;AAjBS;AAsBT,SAAS,oBAA0B;AACjC,MAAI,CAAC,aAAa,0BAA2B;AAC7C,8BAA4B;AAC5B,SAAO,iBAAiB,WAAW,CAAC,MAAM;AACxC,QAAI,EAAE,QAAQ,QAAQ,EAAE,QAAQ,cAAc,EAAE,QAAQ,aAAa;AACnE,2BAAqB;AAAA,IACvB;AAAA,EACF,CAAC;AACD,SAAO,iBAAiB,oBAAoB,MAAM,qBAAqB,CAAC;AAC1E;AATS;AAiBT,IAAM,0BAA0B,oBAAI,IAA2B;AAiB/D,IAAI,UAA4B;AAEhC,SAAS,mBAAyB;AAChC,MAAI,CAAC,QAAS;AACd,UAAQ,UAAU;AAAA,IAChB,SAAS,KAAK,WAAW;AAAA,IACzB,aAAa,mBAAmB,YAAY;AAAA,EAC9C,CAAC;AACH;AANS;AAsBF,IAAM,OAAO;AAAA;AAAA,EAElB,iBAA8B;AAAE,WAAO;AAAA,EAAc;AAAA,EACrD,eAAe,MAAyB;AACtC,mBAAe;AACf,eAAW,SAAS,WAAW,gBAAgB;AAC/C,yBAAqB;AAAA,EACvB;AAAA;AAAA,EAGA,WAA0B;AAAE,WAAO,SAAS,IAAI,UAAU;AAAA,EAAG;AAAA,EAC7D,SAAS,OAA4B;AACnC,aAAS,IAAI,YAAY,KAAK;AAC9B,yBAAqB;AAAA,EACvB;AAAA,EACA,kBAAiC;AAAE,WAAO,SAAS,IAAI,WAAW;AAAA,EAAG;AAAA,EACrE,gBAAgB,OAA4B;AAC1C,aAAS,IAAI,aAAa,KAAK;AAC/B,yBAAqB;AAAA,EACvB;AAAA,EACA,cAAoB;AAClB,aAAS,IAAI,YAAY,IAAI;AAC7B,aAAS,IAAI,aAAa,IAAI;AAC9B,yBAAqB;AAAA,EACvB;AAAA;AAAA;AAAA,EAGA,kBAA2B;AAAE,WAAO,gBAAgB,EAAE,WAAW;AAAA,EAAiB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUlF,WAAW,QAA2D;AACpE,aAAS,IAAI,YAAY,OAAO,MAAM;AACtC,QAAI,OAAO,YAAY,OAAW,UAAS,IAAI,aAAa,OAAO,OAAO;AAC1E,yBAAqB;AAAA,EACvB;AAAA,EACA,eAAqB;AAAE,SAAK,YAAY;AAAA,EAAG;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAU3C,cAA+B;AAAE,WAAO;AAAA,EAAW;AAAA,EACnD,oBAAqC;AAAE,WAAO;AAAA,EAAiB;AAAA,EAC/D,UAAU,UAAkC;AAC1C,sBAAkB;AAClB,sBAAkB,IAAI,QAAQ;AAE9B,yBAAqB;AACrB,WAAO,MAAM;AACX,wBAAkB,OAAO,QAAQ;AACjC,UAAI,kBAAkB,SAAS,KAAK,iBAAiB,MAAM;AACzD,qBAAa,YAAY;AACzB,uBAAe;AAAA,MACjB;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,iBAAiB,IAAuC;AACtD,4BAAwB,IAAI,EAAE;AAC9B,WAAO,MAAM;AAAE,8BAAwB,OAAO,EAAE;AAAA,IAAG;AAAA,EACrD;AAAA;AAAA,EAGA,YAA2B;AACzB,WAAO,mBAAmB,SAAS,IAAI,WAAW,KAAK,cAAc;AAAA,EACvE;AAAA,EACA,UAAU,KAA0B;AAAE,sBAAkB;AAAA,EAAK;AAAA,EAC7D,iBAAiB,KAA0B;AACzC,sBAAkB;AAClB,aAAS,IAAI,aAAa,GAAG;AAAA,EAC/B;AAAA,EACA,cAAoB;AAAE,sBAAkB;AAAM,aAAS,IAAI,aAAa,IAAI;AAAA,EAAG;AAAA;AAAA,EAG/E,YAA2B;AAAE,WAAO,mBAAmB,aAAa;AAAA,EAAG;AAAA,EACvE,UAAU,QAA6B;AAAE,sBAAkB;AAAA,EAAQ;AAAA;AAAA,EAGnE,aAAqB;AACnB,UAAM,MAAO,oBAAoB,eAAe;AAChD,WAAO,IAAI,QAAQ,OAAO,EAAE;AAAA,EAC9B;AAAA,EACA,WAAW,KAA0B;AACnC,uBAAmB,MAAM,IAAI,QAAQ,OAAO,EAAE,IAAI;AAClD,qBAAiB;AAAA,EACnB;AAAA;AAAA,EAGA,qBAA8B;AAAE,WAAO;AAAA,EAAkB;AAAA,EACzD,mBAAmB,OAAsB;AACvC,uBAAmB;AACnB,qBAAiB;AAAA,EACnB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,eAAe,IAAiD;AAC9D,sBAAkB;AAAA,EACpB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,kBAAkB,IAAiC;AACjD,sBAAkB;AAAA,EACpB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,aAAqC;AACnC,WAAO,WAAW;AAAA,EACpB;AACF;AAsBA,eAAe,aAAqC;AAClD,MAAI,iBAAkB,QAAO;AAC7B,MAAI,CAAC,gBAAiB,QAAO;AAK7B,QAAM,aAAa,mCAAoC;AACrD,UAAM,UAAU,KAAK,gBAAgB;AACrC,QAAI,CAAC,QAAS,QAAO;AACrB,UAAM,SAAS,MAAM,gBAAiB,OAAO;AAC7C,QAAI,CAAC,QAAQ,OAAQ,QAAO;AAC5B,SAAK,SAAS,OAAO,MAAM;AAC3B,QAAI,OAAO,QAAS,MAAK,gBAAgB,OAAO,OAAO;AACvD,WAAO,OAAO;AAAA,EAChB,GARmB;AAUnB,sBAAoB,YAAY;AAC9B,QAAI;AAEF,YAAM,QACJ,OAAO,cAAc,cAChB,UAAkD,QACnD;AACN,UAAI,OAAO,SAAS;AAClB,eAAO,MAAM,MAAM,QAAQ,GAAG,WAAW,YAAY,UAAU;AAAA,MACjE;AACA,aAAO,MAAM,WAAW;AAAA,IAC1B,QAAQ;AACN,aAAO;AAAA,IACT,UAAE;AACA,yBAAmB;AAAA,IACrB;AAAA,EACF,GAAG;AAEH,SAAO;AACT;AApCe;AA6Cf,SAAS,cAAc,UAA0B;AAC/C,OAAK,YAAY;AACjB,aAAW,MAAM,MAAM,KAAK,uBAAuB,GAAG;AACpD,QAAI;AAAE,SAAG,QAAQ;AAAA,IAAG,QAAQ;AAAA,IAAC;AAAA,EAC/B;AACA,MAAI,iBAAiB;AACnB,QAAI;AAAE,sBAAgB,QAAQ;AAAA,IAAG,QAAQ;AAAA,IAAC;AAAA,EAC5C;AACF;AARS;AA8DT,SAAS,cAAuB;AAC9B,MAAI;AACF,WAAO,OAAO,YAAY,eACrB,QAAQ,KAAK,6BAA6B;AAAA,EACjD,QAAQ;AAAE,WAAO;AAAA,EAAO;AAC1B;AALS;AAOT,IAAM,WAAW;AACjB,IAAM,cAAc;AACpB,IAAM,eAAe;AAErB,SAAS,WAAiC;AACxC,SAAO,IAAI,QAAQ,CAAC,SAAS,WAAW;AACtC,UAAM,MAAM,UAAU,KAAK,UAAU,CAAC;AACtC,QAAI,kBAAkB,MAAM,IAAI,OAAO,kBAAkB,WAAW;AACpE,QAAI,YAAY,MAAM,QAAQ,IAAI,MAAM;AACxC,QAAI,UAAU,MAAM,OAAO,IAAI,KAAK;AAAA,EACtC,CAAC;AACH;AAPS;AAST,SAAS,QAAQ,KAAiD;AAChE,SAAO,SAAS,EAAE,KAAK,CAAC,OAAO,IAAI,QAAQ,CAAC,SAAS,WAAW;AAC9D,UAAM,KAAK,GAAG,YAAY,aAAa,UAAU;AACjD,UAAM,MAAM,GAAG,YAAY,WAAW,EAAE,IAAI,GAAG;AAC/C,QAAI,YAAY,MAAM,QAAQ,IAAI,MAAM;AACxC,QAAI,UAAU,MAAM,OAAO,IAAI,KAAK;AAAA,EACtC,CAAC,CAAC;AACJ;AAPS;AAST,SAAS,QAAQ,KAAa,OAAqC;AACjE,SAAO,SAAS,EAAE,KAAK,CAAC,OAAO,IAAI,QAAQ,CAAC,SAAS,WAAW;AAC9D,UAAM,KAAK,GAAG,YAAY,aAAa,WAAW;AAClD,OAAG,YAAY,WAAW,EAAE,IAAI,OAAO,GAAG;AAC1C,OAAG,aAAa,MAAM,QAAQ;AAC9B,OAAG,UAAU,MAAM,OAAO,GAAG,KAAK;AAAA,EACpC,CAAC,CAAC;AACJ;AAPS;AAUT,IAAI,kBAAiD;AAErD,SAAS,kBAA0C;AACjD,MAAI,gBAAiB,QAAO;AAC5B,qBAAmB,YAAY;AAC7B,UAAM,WAAW,MAAM,QAAQ,YAAY,EAAE,MAAM,MAAM,MAAS;AAClE,QAAI,SAAU,QAAO;AACrB,UAAM,OAAO,MAAM,OAAO,OAAO;AAAA,MAC/B,EAAE,MAAM,SAAS,YAAY,QAAQ;AAAA,MACrC;AAAA;AAAA,MACA,CAAC,MAAM;AAAA,IACT;AAGA,UAAM,QAAQ,cAAc,IAAI,EAAE,MAAM,MAAM;AAAA,IAAC,CAAC;AAChD,WAAO;AAAA,EACT,GAAG;AACH,SAAO;AACT;AAhBS;AAkBT,SAAS,iBAAiB,OAAyC;AACjE,QAAM,MAAM,iBAAiB,aAAa,QAAQ,IAAI,WAAW,KAAK;AACtE,MAAI,IAAI;AACR,WAAS,IAAI,GAAG,IAAI,IAAI,QAAQ,IAAK,MAAK,OAAO,aAAa,IAAI,CAAC,CAAC;AACpE,SAAO,KAAK,CAAC,EAAE,QAAQ,OAAO,GAAG,EAAE,QAAQ,OAAO,GAAG,EAAE,QAAQ,OAAO,EAAE;AAC1E;AALS;AAOT,SAAS,kBAAkB,KAAqB;AAC9C,SAAO,iBAAiB,IAAI,YAAY,EAAE,OAAO,GAAG,CAAC;AACvD;AAFS;AAKT,eAAe,WAAW,KAAiD;AACzE,QAAM,MAAM,MAAM,OAAO,OAAO,UAAU,OAAO,GAAG;AAEpD,SAAO,EAAE,KAAK,MAAM,KAAK,SAAS,GAAG,IAAI,GAAa,GAAG,IAAI,EAAY;AAC3E;AAJe;AAOf,eAAe,eAAe,QAAgB,KAAqC;AACjF,MAAI;AACF,UAAM,OAAO,MAAM,gBAAgB;AACnC,UAAM,MAAM,MAAM,WAAW,KAAK,SAAS;AAC3C,UAAM,SAAS,EAAE,KAAK,YAAY,KAAK,SAAS,IAAI;AAEpD,UAAM,MAAM,IAAI,MAAM,GAAG,EAAE,CAAC,EAAE,MAAM,GAAG,EAAE,CAAC;AAC1C,UAAM,MACH,OAAO,cAAc,OAAO,WAAW,KACxC,iBAAiB,OAAO,gBAAgB,IAAI,WAAW,EAAE,CAAC,CAAC;AAC7D,UAAM,UAAU,EAAE,KAAK,OAAO,YAAY,GAAG,KAAK,KAAK,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI,GAAG,IAAI;AAC1F,UAAM,eACJ,GAAG,kBAAkB,KAAK,UAAU,MAAM,CAAC,CAAC,IAAI,kBAAkB,KAAK,UAAU,OAAO,CAAC,CAAC;AAC5F,UAAM,MAAM,MAAM,OAAO,OAAO;AAAA,MAC9B,EAAE,MAAM,SAAS,MAAM,UAAU;AAAA,MACjC,KAAK;AAAA,MACL,IAAI,YAAY,EAAE,OAAO,YAAY;AAAA,IACvC;AACA,WAAO,GAAG,YAAY,IAAI,iBAAiB,GAAG,CAAC;AAAA,EACjD,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAtBe;AAwBR,SAAS,oBAAoBC,SAAyB;AAC3D,MAAI,QAAS;AACb,YAAUA;AAEV,EAAAA,QAAO,UAAU;AAAA,IACf,SAAS,KAAK,WAAW;AAAA,IACzB,aAAa,mBAAmB,YAAY;AAAA,EAC9C,CAAC;AAED,EAAAA,QAAO,aAAa,QAAQ,IAAI,OAAO,YAAY;AACjD,UAAM,QAAQ,KAAK,SAAS;AAC5B,QAAI,MAAO,SAAQ,QAAQ,IAAI,iBAAiB,UAAU,KAAK,EAAE;AAEjE,UAAM,SAAS,KAAK,UAAU;AAC9B,QAAI,OAAQ,SAAQ,QAAQ,IAAI,mBAAmB,MAAM;AAIzD,UAAM,SAAS,KAAK,UAAU;AAC9B,QAAI,UAAU,CAAC,QAAQ,QAAQ,IAAI,WAAW,EAAG,SAAQ,QAAQ,IAAI,aAAa,MAAM;AAExF,QAAI;AACF,YAAM,KAAK,KAAK,eAAe,EAAE,gBAAgB,EAAE;AACnD,UAAI,GAAI,SAAQ,QAAQ,IAAI,cAAc,EAAE;AAAA,IAC9C,QAAQ;AAAA,IAAC;AACT,YAAQ,QAAQ,IAAI,kBAAiB,oBAAI,KAAK,GAAE,YAAY,CAAC;AAI7D,QAAI,YAAY,KAAK,OAAO,WAAW,aAAa;AAClD,YAAM,QAAQ,MAAM,eAAe,QAAQ,QAAQ,QAAQ,GAAG;AAC9D,UAAI,MAAO,SAAQ,QAAQ,IAAI,QAAQ,KAAK;AAAA,IAC9C;AAEA,WAAO;AAAA,EACT,CAAC;AAED,EAAAA,QAAO,aAAa,MAAM,IAAI,CAAC,KAAK,KAAK,QAAQ;AAC/C,QAAI,eAAe,SAAU,QAAO;AACpC,UAAM,MAAO,KAA6B,OAAO;AACjD,UAAM,SAAU,KAA8B,UAAU;AACxD,UAAM,aAAc,KAA8B,cAAc;AAChE,WAAO,IAAI,SAAS,QAAQ,YAAY,KAAK,GAAG;AAAA,EAClD,CAAC;AAGD,EAAAA,QAAO,aAAa,SAAS,IAAI,OAAO,UAAU,YAAY;AAC5D,QAAI,SAAS,WAAW,IAAK,QAAO;AAGpC,QAAI,QAAQ,QAAQ,IAAI,YAAY,GAAG;AACrC,oBAAc,QAAQ;AACtB,aAAO;AAAA,IACT;AAEA,UAAM,WAAW,MAAM,WAAW;AAClC,QAAI,CAAC,UAAU;AACb,oBAAc,QAAQ;AACtB,aAAO;AAAA,IACT;AAKA,UAAM,QAAQ,QAAQ,MAAM;AAC5B,UAAM,QAAQ,IAAI,iBAAiB,UAAU,QAAQ,EAAE;AACvD,UAAM,QAAQ,IAAI,cAAc,GAAG;AAGnC,QAAI,YAAY,KAAK,OAAO,WAAW,aAAa;AAClD,YAAM,QAAQ,MAAM,eAAe,MAAM,QAAQ,MAAM,GAAG;AAC1D,UAAI,MAAO,OAAM,QAAQ,IAAI,QAAQ,KAAK;AAAA,IAC5C;AACA,QAAI;AACF,YAAM,UAAU,MAAM,MAAM,KAAK;AACjC,UAAI,QAAQ,WAAW,IAAK,eAAc,OAAO;AACjD,aAAO;AAAA,IACT,QAAQ;AAIN,aAAO;AAAA,IACT;AAAA,EACF,CAAC;AACH;AApFgB;AAiGhB,IAAM,mBAAmB;AAEzB,KAAK,kBAAkB,OAAO,YAAY;AACxC,MAAI;AACF,UAAM,MAAM,GAAG,KAAK,WAAW,CAAC,GAAG,gBAAgB;AACnD,UAAM,UAAkC,EAAE,gBAAgB,mBAAmB;AAE7E,QAAI,YAAY,KAAK,OAAO,WAAW,aAAa;AAClD,YAAM,QAAQ,MAAM,eAAe,QAAQ,GAAG;AAC9C,UAAI,MAAO,SAAQ,MAAM,IAAI;AAAA,IAC/B;AACA,UAAM,MAAM,MAAM,MAAM,KAAK;AAAA,MAC3B,QAAQ;AAAA,MACR;AAAA,MACA,aAAa,KAAK,mBAAmB,IAAI,YAAY;AAAA,MACrD,MAAM,KAAK,UAAU,EAAE,QAAQ,CAAC;AAAA,IAClC,CAAC;AACD,QAAI,CAAC,IAAI,GAAI,QAAO;AACpB,UAAM,OAAQ,MAAM,IAAI,KAAK;AAC7B,WAAO,MAAM,SACT,EAAE,QAAQ,KAAK,QAAQ,SAAS,KAAK,WAAW,QAAQ,IACxD;AAAA,EACN,QAAQ;AACN,WAAO;AAAA,EACT;AACF,CAAC;;;ACtyBD,qBAAoD;AAoCpD,IAAM,iBAA+B;AAAA,EACnC,SAAS,OAAO,YAAY,eAAe,yBAA0B;AAAA,EACrE,aAAa;AAAA,EACb,cAAc;AAAA,EACd,WAAW;AAAA,EACX,WAAW;AAAA,EACX,YAAY;AACd;AAEA,IAAM,oBAAoB;AAAA,EACxB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AAEO,IAAM,YAAN,MAAgB;AAAA,EA1DvB,OA0DuB;AAAA;AAAA;AAAA,EACb;AAAA,EACA;AAAA,EAER,YAAY,SAAgC,CAAC,GAAG;AAC9C,SAAK,SAAS,EAAE,GAAG,gBAAgB,GAAG,OAAO;AAC7C,SAAK,UAAU,OAAO,eAAW,8BAAc;AAAA,MAC7C,OAAO,KAAK,OAAO,UAAU,IAAI;AAAA,IACnC,CAAC;AAAA,EACH;AAAA,EAEA,SAAe;AAAE,SAAK,OAAO,UAAU;AAAA,EAAM;AAAA,EAC7C,UAAgB;AAAE,SAAK,OAAO,UAAU;AAAA,EAAO;AAAA,EAC/C,UAAU,QAAqC;AAC7C,SAAK,SAAS,EAAE,GAAG,KAAK,QAAQ,GAAG,OAAO;AAAA,EAC5C;AAAA,EAEQ,cAAc,SAA0D;AAC9E,QAAI,CAAC,QAAS,QAAO,CAAC;AACtB,UAAM,WAAmC,CAAC;AAC1C,WAAO,KAAK,OAAO,EAAE,QAAQ,CAAC,QAAQ;AACpC,eAAS,GAAG,IAAI,kBAAkB,SAAS,IAAI,YAAY,CAAC,IAAI,QAAS,QAAQ,GAAG,KAAK;AAAA,IAC3F,CAAC;AACD,WAAO;AAAA,EACT;AAAA,EAEA,WAAW,SAA2B;AACpC,QAAI,CAAC,KAAK,OAAO,WAAW,CAAC,KAAK,OAAO,YAAa;AACtD,UAAM,EAAE,QAAQ,KAAK,SAAS,KAAK,IAAI;AACvC,SAAK,QAAQ,MAAM,GAAG,MAAM,IAAI,GAAG,EAAE;AACrC,QAAI,KAAK,OAAO,cAAc,QAAS,MAAK,QAAQ,MAAM,YAAY,KAAK,cAAc,OAAO,CAAC;AACjG,QAAI,KAAK,OAAO,aAAa,KAAM,MAAK,QAAQ,MAAM,SAAS,IAAI;AAAA,EACrE;AAAA,EAEA,YAAY,SAAqB,UAA6B;AAC5D,QAAI,CAAC,KAAK,OAAO,WAAW,CAAC,KAAK,OAAO,aAAc;AACvD,UAAM,EAAE,QAAQ,IAAI,IAAI;AACxB,UAAM,EAAE,QAAQ,YAAY,MAAM,SAAS,IAAI;AAC/C,SAAK,QAAQ,QAAQ,GAAG,MAAM,IAAI,GAAG,IAAI,MAAM,IAAI,UAAU,KAAK,QAAQ,KAAK;AAC/E,QAAI,KAAK,OAAO,aAAa,KAAM,MAAK,QAAQ,MAAM,aAAa,IAAI;AAAA,EACzE;AAAA,EAEA,SAAS,SAAqB,OAAuB;AACnD,QAAI,CAAC,KAAK,OAAO,WAAW,CAAC,KAAK,OAAO,UAAW;AACpD,UAAM,EAAE,QAAQ,IAAI,IAAI;AACxB,UAAM,EAAE,SAAS,YAAY,aAAa,SAAS,IAAI;AACvD,SAAK,QAAQ,MAAM,GAAG,MAAM,IAAI,GAAG,IAAI,cAAc,SAAS,WAAW,QAAQ,KAAK;AACtF,SAAK,QAAQ,MAAM,YAAY,OAAO;AACtC,QAAI,eAAe,OAAO,KAAK,WAAW,EAAE,SAAS,GAAG;AACtD,WAAK,QAAQ,MAAM,eAAe;AAClC,aAAO,QAAQ,WAAW,EAAE,QAAQ,CAAC,CAAC,OAAO,MAAM,MAAM;AACvD,eAAO,QAAQ,CAAC,QAAQ,KAAK,QAAQ,MAAM,YAAO,KAAK,KAAK,GAAG,EAAE,CAAC;AAAA,MACpE,CAAC;AAAA,IACH;AAAA,EACF;AAAA,EAEA,KAAK,YAAoB,MAAmB;AAAE,QAAI,KAAK,OAAO,QAAS,MAAK,QAAQ,KAAK,SAAS,GAAG,IAAI;AAAA,EAAG;AAAA,EAC5G,KAAK,YAAoB,MAAmB;AAAE,QAAI,KAAK,OAAO,QAAS,MAAK,QAAQ,KAAK,SAAS,GAAG,IAAI;AAAA,EAAG;AAAA,EAC5G,MAAM,YAAoB,MAAmB;AAAE,QAAI,KAAK,OAAO,QAAS,MAAK,QAAQ,MAAM,SAAS,GAAG,IAAI;AAAA,EAAG;AAAA,EAC9G,MAAM,YAAoB,MAAmB;AAAE,QAAI,KAAK,OAAO,QAAS,MAAK,QAAQ,MAAM,SAAS,GAAG,IAAI;AAAA,EAAG;AAAA,EAC9G,QAAQ,YAAoB,MAAmB;AAAE,QAAI,KAAK,OAAO,QAAS,MAAK,QAAQ,QAAQ,SAAS,GAAG,IAAI;AAAA,EAAG;AAAA,EAClH,QAAQ,KAA8B;AAAE,WAAO,KAAK,QAAQ,QAAQ,GAAG;AAAA,EAAG;AAC5E;AAEO,IAAM,gBAAgB,IAAI,UAAU;;;AC1HpC,IAAM,QAAQ,yBAAyB;AAEvC,IAAMC,aAAY,OAAO,WAAW;AAMpC,IAAM,gBAAgB,QAAQ,IAAI,6BAA6B;AAY/D,IAAMC,eAAc,QAAQ,IAAI,6BAA6B;;;ACKpE,IAAM,mBAAmB,SAAS;AAElC,IAAM,gBAA8B,mBAAmB,IAAI;AAE3D,IAAI,SAAuB;AAG3B,IAAM,eAAe,oBAAI,IAAmC;AAGrD,SAAS,cAA4B;AAC1C,SAAO;AACT;AAFgB;AAKT,SAAS,YAAY,OAA2B;AACrD,WAAS;AACT,aAAW,MAAM,cAAc;AAC7B,QAAI;AACF,SAAG,KAAK;AAAA,IACV,QAAQ;AAAA,IAER;AAAA,EACF;AACF;AATgB;AAeT,SAAS,iBAAiB,IAA+C;AAC9E,eAAa,IAAI,EAAE;AACnB,MAAI;AACF,OAAG,MAAM;AAAA,EACX,QAAQ;AAAA,EAER;AACA,SAAO,MAAM,aAAa,OAAO,EAAE;AACrC;AARgB;AAkBT,SAAS,mBAAmB,MAAmD;AACpF,QAAM,UAAU,KAAK,SAAS;AAC9B,MAAI,KAAK,WAAW,SAAS;AAC3B,gBAAY,CAAC;AAAA,EACf,OAAO;AACL,gBAAY,CAAC;AAAA,EACf;AACF;AAPgB;;;AC9DhB,mBAAqC;AAQ9B,SAAS,aAA8B;AAC5C,aAAO,mCAAqB,KAAK,WAAW,KAAK,aAAa,KAAK,iBAAiB;AACtF;AAFgB;;;ACFhB,wBAA2C;AAC3C,IAAAC,gBAAqC;AAKrC,SAAS,cAAsB;AAC7B,MAAI,OAAO,YAAY,aAAa;AAClC,WAAO;AAAA,EACT;AACA,SAAO,QAAQ,IAAI,yBAAyB;AAC9C;AALS;AAUT,SAAS,aAAa,MAAc,UAA0B;AAC5D,MAAI,CAAC,UAAU;AACb,WAAO;AAAA,EACT;AAEA,QAAM,iBAAiB,KAAK,WAAW,GAAG,IAAI,OAAO,IAAI,IAAI;AAE7D,QAAM,qBAAqB,SAAS,QAAQ,OAAO,EAAE;AACrD,SAAO,GAAG,kBAAkB,GAAG,cAAc;AAC/C;AATS;AA6BF,SAAS,eAAe;AAC7B,QAAM,aAAS,kBAAAC,WAAc;AAG7B,QAAM,eAAW,uBAAQ,MAAM,YAAY,GAAG,CAAC,CAAC;AAChD,QAAMC,qBAAgB,uBAAQ,MAAM;AAClC,WAAO,OAAO,YAAY,eAAe,QAAQ,IAAI,6BAA6B;AAAA,EACpF,GAAG,CAAC,CAAC;AAEL,QAAM,WAAO,2BAAY,CAAC,MAAc,YAAmC;AACzE,QAAI,UAAU;AAEZ,aAAO,SAAS,OAAO,aAAa,MAAM,QAAQ;AAAA,IACpD,OAAO;AAEL,aAAO,KAAK,MAAM,OAAO;AAAA,IAC3B;AAAA,EACF,GAAG,CAAC,QAAQ,QAAQ,CAAC;AAErB,QAAM,cAAU,2BAAY,CAAC,MAAc,YAAmC;AAC5E,QAAI,UAAU;AAEZ,aAAO,SAAS,QAAQ,aAAa,MAAM,QAAQ,CAAC;AAAA,IACtD,OAAO;AAEL,aAAO,QAAQ,MAAM,OAAO;AAAA,IAC9B;AAAA,EACF,GAAG,CAAC,QAAQ,QAAQ,CAAC;AAerB,QAAM,eAAW,2BAAY,CAAC,SAAiB;AAC7C,WAAO,SAAS,OAAO,aAAa,MAAM,QAAQ;AAAA,EACpD,GAAG,CAAC,QAAQ,CAAC;AAcb,QAAM,kBAAc,2BAAY,CAAC,SAAiB;AAChD,WAAO,SAAS,QAAQ,aAAa,MAAM,QAAQ,CAAC;AAAA,EACtD,GAAG,CAAC,QAAQ,CAAC;AAEb,QAAM,eAAW,2BAAY,CAAC,SAAiB;AAE7C,WAAO,SAAS,IAAI;AAAA,EACtB,GAAG,CAAC,MAAM,CAAC;AAEX,QAAM,WAAO,2BAAY,MAAM;AAC7B,WAAO,KAAK;AAAA,EACd,GAAG,CAAC,MAAM,CAAC;AAEX,QAAM,cAAU,2BAAY,MAAM;AAChC,WAAO,QAAQ;AAAA,EACjB,GAAG,CAAC,MAAM,CAAC;AAEX,QAAM,cAAU,2BAAY,MAAM;AAChC,WAAO,QAAQ;AAAA,EACjB,GAAG,CAAC,MAAM,CAAC;AAEX,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF;AAzFgB;;;AC7ChB,IAAAC,qBAA4B;AAC5B,IAAAC,gBAA4C;AAerC,SAAS,iBAAkC;AAChD,QAAM,eAAW,gCAAY;AAC7B,QAAM,CAAC,aAAa,cAAc,QAAI,wBAA0B,MAAM;AACpE,QAAI,OAAO,WAAW,aAAa;AACjC,aAAO,IAAI,gBAAgB;AAAA,IAC7B;AACA,WAAO,IAAI,gBAAgB,OAAO,SAAS,MAAM;AAAA,EACnD,CAAC;AACD,QAAM,oBAAgB,sBAAe,EAAE;AAEvC,+BAAU,MAAM;AACd,QAAI,OAAO,WAAW,YAAa;AAEnC,UAAM,oBAAoB,6BAAM;AAC9B,YAAM,gBAAgB,OAAO,SAAS;AACtC,UAAI,kBAAkB,cAAc,SAAS;AAC3C,sBAAc,UAAU;AACxB,uBAAe,IAAI,gBAAgB,aAAa,CAAC;AAAA,MACnD;AAAA,IACF,GAN0B;AAS1B,sBAAkB;AAGlB,WAAO,iBAAiB,YAAY,iBAAiB;AAMrD,UAAM,WAAW,OAAO,QAAQ;AAChC,UAAM,cAAc,OAAO,QAAQ;AACnC,WAAO,QAAQ,YAAY,YAAa,MAAM;AAC5C,YAAM,SAAS,SAAS,MAAM,MAAM,IAAI;AACxC,wBAAkB;AAClB,aAAO;AAAA,IACT;AACA,WAAO,QAAQ,eAAe,YAAa,MAAM;AAC/C,YAAM,SAAS,YAAY,MAAM,MAAM,IAAI;AAC3C,wBAAkB;AAClB,aAAO;AAAA,IACT;AAEA,WAAO,MAAM;AACX,aAAO,oBAAoB,YAAY,iBAAiB;AACxD,aAAO,QAAQ,YAAY;AAC3B,aAAO,QAAQ,eAAe;AAAA,IAChC;AAAA,EACF,GAAG,CAAC,QAAQ,CAAC;AAEb,SAAO;AACT;AApDgB;;;AC/BhB,IAAAC,gBAAyD;AAIzD,IAAM,kBAAkB,wBAAC,MAAsB;AAC7C,MAAI,KAAK,EAAG,QAAO;AACnB,QAAM,IAAI,KAAK,MAAM,IAAI,EAAE;AAC3B,SAAO,IAAI,IAAI,GAAG,CAAC,IAAI,OAAO,IAAI,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,KAAK,GAAG,CAAC;AACjE,GAJwB;AAYjB,IAAM,mBAAmB,wBAC9B,oBAAoB,OACO;AAC3B,QAAM,CAAC,YAAY,aAAa,QAAI,wBAAS,iBAAiB;AAC9D,QAAM,CAAC,KAAK,MAAM,QAAI,wBAAS,EAAE;AACjC,QAAM,CAAC,WAAW,YAAY,QAAI,wBAAS,KAAK;AAChD,QAAM,CAAC,eAAe,gBAAgB,QAAI,wBAAS,IAAI;AACvD,QAAM,CAAC,MAAM,OAAO,QAAI,wBAAmB,YAAY;AACvD,QAAM,CAAC,OAAO,QAAQ,QAAI,wBAAS,EAAE;AACrC,QAAM,CAAC,SAAS,UAAU,QAAI,wBAA6B,IAAI;AAG/D,QAAM,CAAC,oBAAoB,qBAAqB,QAAI,wBAAwB,IAAI;AAChF,QAAM,CAAC,iBAAiB,kBAAkB,QAAI,wBAAS,KAAK;AAC5D,QAAM,CAAC,eAAe,gBAAgB,QAAI,wBAAS,EAAE;AACrD,QAAM,CAAC,eAAe,gBAAgB,QAAI,wBAAS,KAAK;AAGxD,QAAM,CAAC,kBAAkB,mBAAmB,QAAI,wBAAS,CAAC;AAC1D,QAAM,wBAAoB,sBAA8C,IAAI;AAE5E,QAAM,8BAA0B,2BAAY,CAAC,YAAoB;AAC/D,QAAI,kBAAkB,QAAS,eAAc,kBAAkB,OAAO;AACtE,wBAAoB,OAAO;AAC3B,sBAAkB,UAAU,YAAY,MAAM;AAC5C,0BAAoB,CAAC,SAAS;AAC5B,YAAI,QAAQ,GAAG;AACb,wBAAc,kBAAkB,OAAQ;AACxC,4BAAkB,UAAU;AAC5B,iBAAO;AAAA,QACT;AACA,eAAO,OAAO;AAAA,MAChB,CAAC;AAAA,IACH,GAAG,GAAI;AAAA,EACT,GAAG,CAAC,CAAC;AAEL,+BAAU,MAAM,MAAM;AACpB,QAAI,kBAAkB,QAAS,eAAc,kBAAkB,OAAO;AAAA,EACxE,GAAG,CAAC,CAAC;AAEL,QAAM,iBAAa,2BAAY,MAAM,SAAS,EAAE,GAAG,CAAC,CAAC;AAErD,SAAO;AAAA;AAAA,IAEL;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,eAAe,mBAAmB;AAAA,IAClC,gBAAgB,gBAAgB,gBAAgB;AAAA,IAChD;AAAA;AAAA,IAEA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF,GAzEgC;;;AChBhC,IAAAC,gBAA4B;AAI5B,IAAM,cAAc;AAEb,IAAM,oBAAoB,6BAA0B;AACzD,QAAMC,0BAAqB,2BAAY,CAAC,OAAwB;AAC9D,WAAO,YAAY,KAAK,EAAE;AAAA,EAC5B,GAAG,CAAC,CAAC;AAEL,SAAO,EAAE,oBAAAA,oBAAmB;AAC9B,GANiC;AAQ1B,IAAM,qBAAqB,wBAAC,OAAwB,YAAY,KAAK,EAAE,GAA5C;;;ACdlC,IAAAC,gBAA+C;;;ACF/C,IAAAC,kBAA8B;AAoBvB,IAAM,aAAS,+BAAc;AAAA,EAClC,OAAO,YAAY;AACrB,CAAC,EAAE,QAAQ,KAAK;AAGhB,iBAAiB,CAAC,UAAU;AAC1B,SAAO,QAAQ;AACjB,CAAC;AAKM,IAAM,aAAa,OAAO,QAAQ,MAAM;;;AC9B/C,IAAAC,qBAA4B;AAC5B,IAAAC,gBAAkC;;;ACW3B,IAAM,gBAAgB,wBAAC,SAA4C;AACxE,MAAI,CAAC,KAAM,QAAO;AAClB,QAAM,gBAAgB,KAAK,QAAQ,uBAAuB,EAAE;AAC5D,QAAM,UAAU,cAAc,QAAQ,QAAQ,EAAE;AAChD,SAAO,WAAW;AACpB,GAL6B;AAWtB,IAAM,oBAAoB,wBAC/B,UACA,iBACY;AACZ,QAAM,aAAa,cAAc,QAAQ;AACzC,SAAO,aAAa;AAAA,IAClB,CAAC,MAAM,eAAe,KAAK,WAAW,WAAW,IAAI,GAAG;AAAA,EAC1D;AACF,GARiC;;;ADA1B,IAAM,cAAc,wBAAC,UAA8B,CAAC,MAAM;AAC/D,QAAM,EAAE,eAAe,aAAa,MAAM,eAAe,CAAC,OAAO,EAAE,IAAI;AACvE,QAAM,cAAc,eAAe;AACnC,QAAM,eAAW,gCAAY;AAC7B,QAAM,SAAS,aAAa;AAI5B,QAAM,gBAAgB,kBAAkB,UAAU,YAAY;AAE9D,QAAM,WAAW,YAAY,IAAI,KAAK,KAAK;AAC3C,QAAM,aAAa,YAAY,IAAI,OAAO,KAAK;AAC/C,QAAM,SAAS,CAAC,CAAC;AACjB,QAAM,UAAU,CAAC,CAAC,YAAY,UAAU;AACxC,QAAM,WAAW,SAAS,WAAW,eAAe;AAKpD,QAAM,uBAAmB,sBAAO,aAAa;AAC7C,mBAAiB,UAAU;AAK3B,+BAAU,MAAM;AACd,QAAI,CAAC,WAAW,CAAC,SAAU;AAG3B,eAAW,KAAK,qCAAqC,QAAQ;AAC7D,qBAAiB,UAAU,UAAU,UAAU;AAAA,EACjD,GAAG,CAAC,SAAS,UAAU,UAAU,UAAU,CAAC;AAQ5C,+BAAU,MAAM;AACd,QAAI,CAAC,WAAW,CAAC,cAAc,CAAC,SAAU;AAC1C,UAAM,aAAa,OAAO,YAAY,YAAY,QAAQ,CAAC;AAC3D,WAAO,WAAW;AAClB,WAAO,WAAW;AAClB,UAAM,cAAc,IAAI,gBAAgB,UAAU,EAAE,SAAS;AAC7D,UAAM,eAAe,OAAO,WAAW,cAAc,OAAO,SAAS,WAAW;AAChF,WAAO,QAAQ,cAAc,GAAG,YAAY,IAAI,WAAW,KAAK,YAAY;AAAA,EAE9E,GAAG,CAAC,SAAS,YAAY,QAAQ,CAAC;AAElC,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF,GAvD2B;;;AEvB3B,IAAAC,gBAAsC;;;ACoBtC,IAAM,wBAAwB,wBAAC,MAAgB,KAAa,UAAyB;AACnF,MAAI,OAAO,UAAU,YAAY,iBAAiB,MAAM;AACtD,SAAK,OAAO,KAAK,KAAK;AAAA,EACxB,WAAW,iBAAiB,MAAM;AAChC,SAAK,OAAO,KAAK,MAAM,YAAY,CAAC;AAAA,EACtC,OAAO;AACL,SAAK,OAAO,KAAK,KAAK,UAAU,KAAK,CAAC;AAAA,EACxC;AACF,GAR8B;AAkBvB,IAAM,yBAAyB;AAAA,EACpC,gBAAgB,wBAAC,SAA4B;AAC3C,UAAM,OAAO,IAAI,SAAS;AAE1B,WAAO,QAAQ,IAA+B,EAAE,QAAQ,CAAC,CAAC,KAAK,KAAK,MAAM;AACxE,UAAI,UAAU,UAAa,UAAU,MAAM;AACzC;AAAA,MACF;AACA,UAAI,MAAM,QAAQ,KAAK,GAAG;AACxB,cAAM,QAAQ,CAAC,MAAM,sBAAsB,MAAM,KAAK,CAAC,CAAC;AAAA,MAC1D,OAAO;AACL,8BAAsB,MAAM,KAAK,KAAK;AAAA,MACxC;AAAA,IACF,CAAC;AAED,WAAO;AAAA,EACT,GAfgB;AAgBlB;AAEO,IAAM,qBAAqB;AAAA,EAChC,gBAAgB,wBAAC,SACf,KAAK,UAAU,MAAM,CAAC,MAAM,UAAW,OAAO,UAAU,WAAW,MAAM,SAAS,IAAI,KAAM,GAD9E;AAElB;;;AClBA,IAAM,mBAAyC;AAAA,EAC7C,QAAQ;AAAA,EACR,WAAW;AAAA,EACX,QAAQ;AAAA,EACR,SAAS;AACX;AACA,IAAM,gBAAgB,OAAO,QAAQ,gBAAgB;;;AC+B9C,SAAS,gBAAiC;AAAA,EAC/C;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,GAAG;AACL,GAA2D;AACzD,MAAI;AAEJ,QAAM,QAAQ,eAAe,CAAC,OAAe,IAAI,QAAQ,CAAC,YAAY,WAAW,SAAS,EAAE,CAAC;AAE7F,QAAM,eAAe,0CAAmB;AACtC,QAAI,aAAqB,wBAAwB;AACjD,QAAI,UAAU;AACd,UAAM,SAAS,QAAQ,UAAU,IAAI,gBAAgB,EAAE;AAEvD,WAAO,MAAM;AACX,UAAI,OAAO,QAAS;AAEpB;AAEA,YAAM,UACJ,QAAQ,mBAAmB,UACvB,QAAQ,UACR,IAAI,QAAQ,QAAQ,OAA6C;AAEvE,UAAI,gBAAgB,QAAW;AAC7B,gBAAQ,IAAI,iBAAiB,WAAW;AAAA,MAC1C;AAEA,UAAI;AACF,cAAM,cAA2B;AAAA,UAC/B,UAAU;AAAA,UACV,GAAG;AAAA,UACH,MAAM,QAAQ;AAAA,UACd;AAAA,UACA;AAAA,QACF;AACA,YAAI,UAAU,IAAI,QAAQ,KAAK,WAAW;AAC1C,YAAI,WAAW;AACb,oBAAU,MAAM,UAAU,KAAK,WAAW;AAAA,QAC5C;AAGA,cAAM,SAAS,QAAQ,SAAS,WAAW;AAC3C,cAAM,WAAW,MAAM,OAAO,OAAO;AAErC,YAAI,CAAC,SAAS,GAAI,OAAM,IAAI,MAAM,eAAe,SAAS,MAAM,IAAI,SAAS,UAAU,EAAE;AAEzF,YAAI,CAAC,SAAS,KAAM,OAAM,IAAI,MAAM,yBAAyB;AAE7D,cAAM,SAAS,SAAS,KAAK,YAAY,IAAI,kBAAkB,CAAC,EAAE,UAAU;AAE5E,YAAI,SAAS;AAEb,cAAM,eAAe,6BAAM;AACzB,cAAI;AACF,mBAAO,OAAO;AAAA,UAChB,QAAQ;AAAA,UAER;AAAA,QACF,GANqB;AAQrB,eAAO,iBAAiB,SAAS,YAAY;AAE7C,YAAI;AACF,iBAAO,MAAM;AACX,kBAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAAO,KAAK;AAC1C,gBAAI,KAAM;AACV,sBAAU;AACV,qBAAS,OAAO,QAAQ,UAAU,IAAI;AAEtC,kBAAM,SAAS,OAAO,MAAM,MAAM;AAClC,qBAAS,OAAO,IAAI,KAAK;AAEzB,uBAAW,SAAS,QAAQ;AAC1B,oBAAM,QAAQ,MAAM,MAAM,IAAI;AAC9B,oBAAM,YAA2B,CAAC;AAClC,kBAAI;AAEJ,yBAAW,QAAQ,OAAO;AACxB,oBAAI,KAAK,WAAW,OAAO,GAAG;AAC5B,4BAAU,KAAK,KAAK,QAAQ,aAAa,EAAE,CAAC;AAAA,gBAC9C,WAAW,KAAK,WAAW,QAAQ,GAAG;AACpC,8BAAY,KAAK,QAAQ,cAAc,EAAE;AAAA,gBAC3C,WAAW,KAAK,WAAW,KAAK,GAAG;AACjC,gCAAc,KAAK,QAAQ,WAAW,EAAE;AAAA,gBAC1C,WAAW,KAAK,WAAW,QAAQ,GAAG;AACpC,wBAAM,SAAS,OAAO,SAAS,KAAK,QAAQ,cAAc,EAAE,GAAG,EAAE;AACjE,sBAAI,CAAC,OAAO,MAAM,MAAM,GAAG;AACzB,iCAAa;AAAA,kBACf;AAAA,gBACF;AAAA,cACF;AAEA,kBAAI;AACJ,kBAAI,aAAa;AAEjB,kBAAI,UAAU,QAAQ;AACpB,sBAAM,UAAU,UAAU,KAAK,IAAI;AACnC,oBAAI;AACF,yBAAO,KAAK,MAAM,OAAO;AACzB,+BAAa;AAAA,gBACf,QAAQ;AACN,yBAAO;AAAA,gBACT;AAAA,cACF;AAEA,kBAAI,YAAY;AACd,oBAAI,mBAAmB;AACrB,wBAAM,kBAAkB,IAAI;AAAA,gBAC9B;AAEA,oBAAI,qBAAqB;AACvB,yBAAO,MAAM,oBAAoB,IAAI;AAAA,gBACvC;AAAA,cACF;AAEA,2BAAa;AAAA,gBACX;AAAA,gBACA,OAAO;AAAA,gBACP,IAAI;AAAA,gBACJ,OAAO;AAAA,cACT,CAAC;AAED,kBAAI,UAAU,QAAQ;AACpB,sBAAM;AAAA,cACR;AAAA,YACF;AAAA,UACF;AAAA,QACF,UAAE;AACA,iBAAO,oBAAoB,SAAS,YAAY;AAChD,iBAAO,YAAY;AAAA,QACrB;AAEA;AAAA,MACF,SAAS,OAAO;AAEd,qBAAa,KAAK;AAElB,YAAI,wBAAwB,UAAa,WAAW,qBAAqB;AACvE;AAAA,QACF;AAGA,cAAM,UAAU,KAAK,IAAI,aAAa,MAAM,UAAU,IAAI,oBAAoB,GAAK;AACnF,cAAM,MAAM,OAAO;AAAA,MACrB;AAAA,IACF;AAAA,EACF,GA1IqB;AA4IrB,QAAM,SAAS,aAAa;AAE5B,SAAO,EAAE,OAAO;AAClB;AAhKgB;;;ACtDT,IAAM,wBAAwB,wBAAC,UAAsD;AAC1F,UAAQ,OAAO;AAAA,IACb,KAAK;AACH,aAAO;AAAA,IACT,KAAK;AACH,aAAO;AAAA,IACT,KAAK;AACH,aAAO;AAAA,IACT;AACE,aAAO;AAAA,EACX;AACF,GAXqC;AAa9B,IAAM,0BAA0B,wBAAC,UAAkD;AACxF,UAAQ,OAAO;AAAA,IACb,KAAK;AACH,aAAO;AAAA,IACT,KAAK;AACH,aAAO;AAAA,IACT,KAAK;AACH,aAAO;AAAA,IACT;AACE,aAAO;AAAA,EACX;AACF,GAXuC;AAahC,IAAM,yBAAyB,wBAAC,UAAuD;AAC5F,UAAQ,OAAO;AAAA,IACb,KAAK;AACH,aAAO;AAAA,IACT,KAAK;AACH,aAAO;AAAA,IACT,KAAK;AACH,aAAO;AAAA,IACT;AACE,aAAO;AAAA,EACX;AACF,GAXsC;AAa/B,IAAM,sBAAsB,wBAAC;AAAA,EAClC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,MAEc;AACZ,MAAI,CAAC,SAAS;AACZ,UAAMC,iBACJ,gBAAgB,QAAQ,MAAM,IAAI,CAAC,MAAM,mBAAmB,CAAW,CAAC,GACxE,KAAK,wBAAwB,KAAK,CAAC;AACrC,YAAQ,OAAO;AAAA,MACb,KAAK;AACH,eAAO,IAAIA,aAAY;AAAA,MACzB,KAAK;AACH,eAAO,IAAI,IAAI,IAAIA,aAAY;AAAA,MACjC,KAAK;AACH,eAAOA;AAAA,MACT;AACE,eAAO,GAAG,IAAI,IAAIA,aAAY;AAAA,IAClC;AAAA,EACF;AAEA,QAAM,YAAY,sBAAsB,KAAK;AAC7C,QAAM,eAAe,MAClB,IAAI,CAAC,MAAM;AACV,QAAI,UAAU,WAAW,UAAU,UAAU;AAC3C,aAAO,gBAAgB,IAAI,mBAAmB,CAAW;AAAA,IAC3D;AAEA,WAAO,wBAAwB;AAAA,MAC7B;AAAA,MACA;AAAA,MACA,OAAO;AAAA,IACT,CAAC;AAAA,EACH,CAAC,EACA,KAAK,SAAS;AACjB,SAAO,UAAU,WAAW,UAAU,WAAW,YAAY,eAAe;AAC9E,GAxCmC;AA0C5B,IAAM,0BAA0B,wBAAC;AAAA,EACtC;AAAA,EACA;AAAA,EACA;AACF,MAAuC;AACrC,MAAI,UAAU,UAAa,UAAU,MAAM;AACzC,WAAO;AAAA,EACT;AAEA,MAAI,OAAO,UAAU,UAAU;AAC7B,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AAEA,SAAO,GAAG,IAAI,IAAI,gBAAgB,QAAQ,mBAAmB,KAAK,CAAC;AACrE,GAhBuC;AAkBhC,IAAM,uBAAuB,wBAAC;AAAA,EACnC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,MAGc;AACZ,MAAI,iBAAiB,MAAM;AACzB,WAAO,YAAY,MAAM,YAAY,IAAI,GAAG,IAAI,IAAI,MAAM,YAAY,CAAC;AAAA,EACzE;AAEA,MAAI,UAAU,gBAAgB,CAAC,SAAS;AACtC,QAAI,SAAmB,CAAC;AACxB,WAAO,QAAQ,KAAK,EAAE,QAAQ,CAAC,CAAC,KAAK,CAAC,MAAM;AAC1C,eAAS,CAAC,GAAG,QAAQ,KAAK,gBAAiB,IAAe,mBAAmB,CAAW,CAAC;AAAA,IAC3F,CAAC;AACD,UAAMA,gBAAe,OAAO,KAAK,GAAG;AACpC,YAAQ,OAAO;AAAA,MACb,KAAK;AACH,eAAO,GAAG,IAAI,IAAIA,aAAY;AAAA,MAChC,KAAK;AACH,eAAO,IAAIA,aAAY;AAAA,MACzB,KAAK;AACH,eAAO,IAAI,IAAI,IAAIA,aAAY;AAAA,MACjC;AACE,eAAOA;AAAA,IACX;AAAA,EACF;AAEA,QAAM,YAAY,uBAAuB,KAAK;AAC9C,QAAM,eAAe,OAAO,QAAQ,KAAK,EACtC;AAAA,IAAI,CAAC,CAAC,KAAK,CAAC,MACX,wBAAwB;AAAA,MACtB;AAAA,MACA,MAAM,UAAU,eAAe,GAAG,IAAI,IAAI,GAAG,MAAM;AAAA,MACnD,OAAO;AAAA,IACT,CAAC;AAAA,EACH,EACC,KAAK,SAAS;AACjB,SAAO,UAAU,WAAW,UAAU,WAAW,YAAY,eAAe;AAC9E,GA5CoC;;;AC/G7B,IAAM,gBAAwB;AAE9B,IAAM,wBAAwB,wBAAC,EAAE,MAAM,KAAK,KAAK,MAA8B;AACpF,MAAI,MAAM;AACV,QAAM,UAAU,KAAK,MAAM,aAAa;AACxC,MAAI,SAAS;AACX,eAAW,SAAS,SAAS;AAC3B,UAAI,UAAU;AACd,UAAI,OAAO,MAAM,UAAU,GAAG,MAAM,SAAS,CAAC;AAC9C,UAAI,QAA6B;AAEjC,UAAI,KAAK,SAAS,GAAG,GAAG;AACtB,kBAAU;AACV,eAAO,KAAK,UAAU,GAAG,KAAK,SAAS,CAAC;AAAA,MAC1C;AAEA,UAAI,KAAK,WAAW,GAAG,GAAG;AACxB,eAAO,KAAK,UAAU,CAAC;AACvB,gBAAQ;AAAA,MACV,WAAW,KAAK,WAAW,GAAG,GAAG;AAC/B,eAAO,KAAK,UAAU,CAAC;AACvB,gBAAQ;AAAA,MACV;AAEA,YAAM,QAAQ,KAAK,IAAI;AAEvB,UAAI,UAAU,UAAa,UAAU,MAAM;AACzC;AAAA,MACF;AAEA,UAAI,MAAM,QAAQ,KAAK,GAAG;AACxB,cAAM,IAAI,QAAQ,OAAO,oBAAoB,EAAE,SAAS,MAAM,OAAO,MAAM,CAAC,CAAC;AAC7E;AAAA,MACF;AAEA,UAAI,OAAO,UAAU,UAAU;AAC7B,cAAM,IAAI;AAAA,UACR;AAAA,UACA,qBAAqB;AAAA,YACnB;AAAA,YACA;AAAA,YACA;AAAA,YACA;AAAA,YACA,WAAW;AAAA,UACb,CAAC;AAAA,QACH;AACA;AAAA,MACF;AAEA,UAAI,UAAU,UAAU;AACtB,cAAM,IAAI;AAAA,UACR;AAAA,UACA,IAAI,wBAAwB;AAAA,YAC1B;AAAA,YACA;AAAA,UACF,CAAC,CAAC;AAAA,QACJ;AACA;AAAA,MACF;AAEA,YAAM,eAAe;AAAA,QACnB,UAAU,UAAU,IAAI,KAAe,KAAM;AAAA,MAC/C;AACA,YAAM,IAAI,QAAQ,OAAO,YAAY;AAAA,IACvC;AAAA,EACF;AACA,SAAO;AACT,GAjEqC;AAmE9B,IAAM,SAAS,wBAAC;AAAA,EACrB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,KAAK;AACP,MAMc;AACZ,QAAM,UAAU,KAAK,WAAW,GAAG,IAAI,OAAO,IAAI,IAAI;AACtD,MAAI,OAAO,WAAW,MAAM;AAC5B,MAAI,MAAM;AACR,UAAM,sBAAsB,EAAE,MAAM,IAAI,CAAC;AAAA,EAC3C;AACA,MAAI,SAAS,QAAQ,gBAAgB,KAAK,IAAI;AAC9C,MAAI,OAAO,WAAW,GAAG,GAAG;AAC1B,aAAS,OAAO,UAAU,CAAC;AAAA,EAC7B;AACA,MAAI,QAAQ;AACV,WAAO,IAAI,MAAM;AAAA,EACnB;AACA,SAAO;AACT,GA1BsB;AA4Bf,SAAS,oBAAoB,SAIxB;AACV,QAAM,UAAU,QAAQ,SAAS;AACjC,QAAM,mBAAmB,WAAW,QAAQ;AAE5C,MAAI,kBAAkB;AACpB,QAAI,oBAAoB,SAAS;AAC/B,YAAM,oBACJ,QAAQ,mBAAmB,UAAa,QAAQ,mBAAmB;AAErE,aAAO,oBAAoB,QAAQ,iBAAiB;AAAA,IACtD;AAGA,WAAO,QAAQ,SAAS,KAAK,QAAQ,OAAO;AAAA,EAC9C;AAGA,MAAI,SAAS;AACX,WAAO,QAAQ;AAAA,EACjB;AAGA,SAAO;AACT;AA3BgB;;;ACpFT,IAAM,eAAe,8BAC1BC,OACA,aACgC;AAChC,QAAM,QAAQ,OAAO,aAAa,aAAa,MAAM,SAASA,KAAI,IAAI;AAEtE,MAAI,CAAC,OAAO;AACV;AAAA,EACF;AAEA,MAAIA,MAAK,WAAW,UAAU;AAC5B,WAAO,UAAU,KAAK;AAAA,EACxB;AAEA,MAAIA,MAAK,WAAW,SAAS;AAC3B,WAAO,SAAS,KAAK,KAAK,CAAC;AAAA,EAC7B;AAEA,SAAO;AACT,GAnB4B;;;ACfrB,IAAM,wBAAwB,wBAAc;AAAA,EACjD,aAAa,CAAC;AAAA,EACd,GAAG;AACL,IAA4B,CAAC,MAAoC;AAC/D,QAAM,kBAAkB,wBAAC,gBAA2B;AAClD,UAAM,SAAmB,CAAC;AAC1B,QAAI,eAAe,OAAO,gBAAgB,UAAU;AAClD,iBAAW,QAAQ,aAAa;AAC9B,cAAM,QAAQ,YAAY,IAAI;AAE9B,YAAI,UAAU,UAAa,UAAU,MAAM;AACzC;AAAA,QACF;AAEA,cAAM,UAAU,WAAW,IAAI,KAAK;AAEpC,YAAI,MAAM,QAAQ,KAAK,GAAG;AACxB,gBAAM,kBAAkB,oBAAoB;AAAA,YAC1C,eAAe,QAAQ;AAAA,YACvB,SAAS;AAAA,YACT;AAAA,YACA,OAAO;AAAA,YACP;AAAA,YACA,GAAG,QAAQ;AAAA,UACb,CAAC;AACD,cAAI,gBAAiB,QAAO,KAAK,eAAe;AAAA,QAClD,WAAW,OAAO,UAAU,UAAU;AACpC,gBAAM,mBAAmB,qBAAqB;AAAA,YAC5C,eAAe,QAAQ;AAAA,YACvB,SAAS;AAAA,YACT;AAAA,YACA,OAAO;AAAA,YACP;AAAA,YACA,GAAG,QAAQ;AAAA,UACb,CAAC;AACD,cAAI,iBAAkB,QAAO,KAAK,gBAAgB;AAAA,QACpD,OAAO;AACL,gBAAM,sBAAsB,wBAAwB;AAAA,YAClD,eAAe,QAAQ;AAAA,YACvB;AAAA,YACA;AAAA,UACF,CAAC;AACD,cAAI,oBAAqB,QAAO,KAAK,mBAAmB;AAAA,QAC1D;AAAA,MACF;AAAA,IACF;AACA,WAAO,OAAO,KAAK,GAAG;AAAA,EACxB,GA3CwB;AA4CxB,SAAO;AACT,GAjDqC;AAsD9B,IAAM,aAAa,wBAAC,gBAAmE;AAC5F,MAAI,CAAC,aAAa;AAGhB,WAAO;AAAA,EACT;AAEA,QAAM,eAAe,YAAY,MAAM,GAAG,EAAE,CAAC,GAAG,KAAK;AAErD,MAAI,CAAC,cAAc;AACjB;AAAA,EACF;AAEA,MAAI,aAAa,WAAW,kBAAkB,KAAK,aAAa,SAAS,OAAO,GAAG;AACjF,WAAO;AAAA,EACT;AAEA,MAAI,iBAAiB,uBAAuB;AAC1C,WAAO;AAAA,EACT;AAEA,MACE,CAAC,gBAAgB,UAAU,UAAU,QAAQ,EAAE,KAAK,CAAC,SAAS,aAAa,WAAW,IAAI,CAAC,GAC3F;AACA,WAAO;AAAA,EACT;AAEA,MAAI,aAAa,WAAW,OAAO,GAAG;AACpC,WAAO;AAAA,EACT;AAEA;AACF,GAhC0B;AAkC1B,IAAM,oBAAoB,wBACxB,SAGA,SACY;AACZ,MAAI,CAAC,MAAM;AACT,WAAO;AAAA,EACT;AACA,MACE,QAAQ,QAAQ,IAAI,IAAI,KACxB,QAAQ,QAAQ,IAAI,KACpB,QAAQ,QAAQ,IAAI,QAAQ,GAAG,SAAS,GAAG,IAAI,GAAG,GAClD;AACA,WAAO;AAAA,EACT;AACA,SAAO;AACT,GAjB0B;AAmB1B,eAAsB,cACpB,SAGe;AACf,aAAWC,SAAQ,QAAQ,YAAY,CAAC,GAAG;AACzC,QAAI,kBAAkB,SAASA,MAAK,IAAI,GAAG;AACzC;AAAA,IACF;AAEA,UAAM,QAAQ,MAAM,aAAaA,OAAM,QAAQ,IAAI;AAEnD,QAAI,CAAC,OAAO;AACV;AAAA,IACF;AAEA,UAAM,OAAOA,MAAK,QAAQ;AAE1B,YAAQA,MAAK,IAAI;AAAA,MACf,KAAK;AACH,YAAI,CAAC,QAAQ,OAAO;AAClB,kBAAQ,QAAQ,CAAC;AAAA,QACnB;AACA,gBAAQ,MAAM,IAAI,IAAI;AACtB;AAAA,MACF,KAAK;AACH,gBAAQ,QAAQ,OAAO,UAAU,GAAG,IAAI,IAAI,KAAK,EAAE;AACnD;AAAA,MACF,KAAK;AAAA,MACL;AACE,gBAAQ,QAAQ,IAAI,MAAM,KAAK;AAC/B;AAAA,IACJ;AAAA,EACF;AACF;AAlCsB;AAoCf,IAAM,WAA+B,wBAAC,YAC3C,OAAO;AAAA,EACL,SAAS,QAAQ;AAAA,EACjB,MAAM,QAAQ;AAAA,EACd,OAAO,QAAQ;AAAA,EACf,iBACE,OAAO,QAAQ,oBAAoB,aAC/B,QAAQ,kBACR,sBAAsB,QAAQ,eAAe;AAAA,EACnD,KAAK,QAAQ;AACf,CAAC,GAVyC;AAYrC,IAAM,eAAe,wBAAC,GAAW,MAAsB;AAC5D,QAAM,SAAS,EAAE,GAAG,GAAG,GAAG,EAAE;AAC5B,MAAI,OAAO,SAAS,SAAS,GAAG,GAAG;AACjC,WAAO,UAAU,OAAO,QAAQ,UAAU,GAAG,OAAO,QAAQ,SAAS,CAAC;AAAA,EACxE;AACA,SAAO,UAAU,aAAa,EAAE,SAAS,EAAE,OAAO;AAClD,SAAO;AACT,GAP4B;AAS5B,IAAM,iBAAiB,wBAAC,YAA8C;AACpE,QAAM,UAAmC,CAAC;AAC1C,UAAQ,QAAQ,CAAC,OAAO,QAAQ;AAC9B,YAAQ,KAAK,CAAC,KAAK,KAAK,CAAC;AAAA,EAC3B,CAAC;AACD,SAAO;AACT,GANuB;AAQhB,IAAM,eAAe,2BACvB,YACS;AACZ,QAAM,gBAAgB,IAAI,QAAQ;AAClC,aAAW,UAAU,SAAS;AAC5B,QAAI,CAAC,QAAQ;AACX;AAAA,IACF;AAEA,UAAM,WAAW,kBAAkB,UAAU,eAAe,MAAM,IAAI,OAAO,QAAQ,MAAM;AAE3F,eAAW,CAAC,KAAK,KAAK,KAAK,UAAU;AACnC,UAAI,UAAU,MAAM;AAClB,sBAAc,OAAO,GAAG;AAAA,MAC1B,WAAW,MAAM,QAAQ,KAAK,GAAG;AAC/B,mBAAW,KAAK,OAAO;AACrB,wBAAc,OAAO,KAAK,CAAW;AAAA,QACvC;AAAA,MACF,WAAW,UAAU,QAAW;AAG9B,sBAAc;AAAA,UACZ;AAAA,UACA,OAAO,UAAU,WAAW,KAAK,UAAU,KAAK,IAAK;AAAA,QACvD;AAAA,MACF;AAAA,IACF;AAAA,EACF;AACA,SAAO;AACT,GA7B4B;AAgD5B,IAAM,eAAN,MAAgC;AAAA,EAzOhC,OAyOgC;AAAA;AAAA;AAAA,EAC9B,MAAiC,CAAC;AAAA,EAElC,QAAc;AACZ,SAAK,MAAM,CAAC;AAAA,EACd;AAAA,EAEA,MAAM,IAAgC;AACpC,UAAM,QAAQ,KAAK,oBAAoB,EAAE;AACzC,QAAI,KAAK,IAAI,KAAK,GAAG;AACnB,WAAK,IAAI,KAAK,IAAI;AAAA,IACpB;AAAA,EACF;AAAA,EAEA,OAAO,IAAmC;AACxC,UAAM,QAAQ,KAAK,oBAAoB,EAAE;AACzC,WAAO,QAAQ,KAAK,IAAI,KAAK,CAAC;AAAA,EAChC;AAAA,EAEA,oBAAoB,IAAkC;AACpD,QAAI,OAAO,OAAO,UAAU;AAC1B,aAAO,KAAK,IAAI,EAAE,IAAI,KAAK;AAAA,IAC7B;AACA,WAAO,KAAK,IAAI,QAAQ,EAAE;AAAA,EAC5B;AAAA,EAEA,OAAO,IAA0B,IAA+C;AAC9E,UAAM,QAAQ,KAAK,oBAAoB,EAAE;AACzC,QAAI,KAAK,IAAI,KAAK,GAAG;AACnB,WAAK,IAAI,KAAK,IAAI;AAClB,aAAO;AAAA,IACT;AACA,WAAO;AAAA,EACT;AAAA,EAEA,IAAI,IAAyB;AAC3B,SAAK,IAAI,KAAK,EAAE;AAChB,WAAO,KAAK,IAAI,SAAS;AAAA,EAC3B;AACF;AAQO,IAAM,qBAAqB,8BAK5B;AAAA,EACJ,OAAO,IAAI,aAAqD;AAAA,EAChE,SAAS,IAAI,aAA2C;AAAA,EACxD,UAAU,IAAI,aAAgD;AAChE,IATkC;AAWlC,IAAM,yBAAyB,sBAAsB;AAAA,EACnD,eAAe;AAAA,EACf,OAAO;AAAA,IACL,SAAS;AAAA,IACT,OAAO;AAAA,EACT;AAAA,EACA,QAAQ;AAAA,IACN,SAAS;AAAA,IACT,OAAO;AAAA,EACT;AACF,CAAC;AAED,IAAM,iBAAiB;AAAA,EACrB,gBAAgB;AAClB;AAEO,IAAM,eAAe,wBAC1B,WAAqD,CAAC,OACR;AAAA,EAC9C,GAAG;AAAA,EACH,SAAS;AAAA,EACT,SAAS;AAAA,EACT,iBAAiB;AAAA,EACjB,GAAG;AACL,IAR4B;;;AC9RrB,IAAM,eAAe,wBAAC,SAAiB,CAAC,MAAc;AAC3D,MAAI,UAAU,aAAa,aAAa,GAAG,MAAM;AAEjD,QAAM,YAAY,8BAAe,EAAE,GAAG,QAAQ,IAA5B;AAElB,QAAM,YAAY,wBAACC,YAA2B;AAC5C,cAAU,aAAa,SAASA,OAAM;AACtC,WAAO,UAAU;AAAA,EACnB,GAHkB;AAKlB,QAAM,eAAe,mBAAuE;AAE5F,QAAM,gBAAgB,8BAMpB,YACG;AACH,UAAM,OAAO;AAAA,MACX,GAAG;AAAA,MACH,GAAG;AAAA,MACH,OAAO,QAAQ,SAAS,QAAQ,SAAS,WAAW;AAAA,MACpD,SAAS,aAAa,QAAQ,SAAS,QAAQ,OAAO;AAAA,MACtD,gBAAgB;AAAA,IAClB;AAEA,QAAI,KAAK,UAAU;AACjB,YAAM,cAAc,IAAI;AAAA,IAC1B;AAEA,QAAI,KAAK,kBAAkB;AACzB,YAAM,KAAK,iBAAiB,IAAI;AAAA,IAClC;AAEA,QAAI,KAAK,SAAS,UAAa,KAAK,gBAAgB;AAClD,WAAK,iBAAiB,KAAK,eAAe,KAAK,IAAI;AAAA,IACrD;AAGA,QAAI,KAAK,SAAS,UAAa,KAAK,mBAAmB,IAAI;AACzD,WAAK,QAAQ,OAAO,cAAc;AAAA,IACpC;AAEA,UAAM,eAAe;AAErB,UAAM,MAAM,SAAS,YAAY;AAEjC,WAAO,EAAE,MAAM,cAAc,IAAI;AAAA,EACnC,GAtCsB;AAwCtB,QAAM,UAA6B,8BAAO,YAAY;AACpD,UAAM,eAAe,QAAQ,gBAAgB,QAAQ;AACrD,UAAM,gBAAgB,QAAQ,iBAAiB,QAAQ;AAEvD,QAAIC;AACJ,QAAI;AAEJ,QAAI;AACF,YAAM,EAAE,MAAM,IAAI,IAAI,MAAM,cAAc,OAAO;AACjD,YAAM,cAAuB;AAAA,QAC3B,UAAU;AAAA,QACV,GAAG;AAAA,QACH,MAAM,oBAAoB,IAAI;AAAA,MAChC;AAEA,MAAAA,WAAU,IAAI,QAAQ,KAAK,WAAW;AAEtC,iBAAW,MAAM,aAAa,QAAQ,KAAK;AACzC,YAAI,IAAI;AACN,UAAAA,WAAU,MAAM,GAAGA,UAAS,IAAI;AAAA,QAClC;AAAA,MACF;AAIA,YAAM,SAAS,KAAK;AAEpB,iBAAW,MAAM,OAAOA,QAAO;AAE/B,iBAAW,MAAM,aAAa,SAAS,KAAK;AAC1C,YAAI,IAAI;AACN,qBAAW,MAAM,GAAG,UAAUA,UAAS,IAAI;AAAA,QAC7C;AAAA,MACF;AAEA,YAAM,SAAS;AAAA,QACb,SAAAA;AAAA,QACA;AAAA,MACF;AAEA,UAAI,SAAS,IAAI;AACf,cAAM,WACH,KAAK,YAAY,SACd,WAAW,SAAS,QAAQ,IAAI,cAAc,CAAC,IAC/C,KAAK,YAAY;AAEvB,YAAI,SAAS,WAAW,OAAO,SAAS,QAAQ,IAAI,gBAAgB,MAAM,KAAK;AAC7E,cAAI;AACJ,kBAAQ,SAAS;AAAA,YACf,KAAK;AAAA,YACL,KAAK;AAAA,YACL,KAAK;AACH,0BAAY,MAAM,SAAS,OAAO,EAAE;AACpC;AAAA,YACF,KAAK;AACH,0BAAY,IAAI,SAAS;AACzB;AAAA,YACF,KAAK;AACH,0BAAY,SAAS;AACrB;AAAA,YACF,KAAK;AAAA,YACL;AACE,0BAAY,CAAC;AACb;AAAA,UACJ;AACA,iBAAO,KAAK,kBAAkB,SAC1B,YACA;AAAA,YACE,MAAM;AAAA,YACN,GAAG;AAAA,UACL;AAAA,QACN;AAEA,YAAI;AACJ,gBAAQ,SAAS;AAAA,UACf,KAAK;AAAA,UACL,KAAK;AAAA,UACL,KAAK;AAAA,UACL,KAAK;AACH,mBAAO,MAAM,SAAS,OAAO,EAAE;AAC/B;AAAA,UACF,KAAK,QAAQ;AAGX,kBAAM,OAAO,MAAM,SAAS,KAAK;AACjC,mBAAO,OAAO,KAAK,MAAM,IAAI,IAAI,CAAC;AAClC;AAAA,UACF;AAAA,UACA,KAAK;AACH,mBAAO,KAAK,kBAAkB,SAC1B,SAAS,OACT;AAAA,cACE,MAAM,SAAS;AAAA,cACf,GAAG;AAAA,YACL;AAAA,QACR;AAEA,YAAI,YAAY,QAAQ;AACtB,cAAI,KAAK,mBAAmB;AAC1B,kBAAM,KAAK,kBAAkB,IAAI;AAAA,UACnC;AAEA,cAAI,KAAK,qBAAqB;AAC5B,mBAAO,MAAM,KAAK,oBAAoB,IAAI;AAAA,UAC5C;AAAA,QACF;AAEA,eAAO,KAAK,kBAAkB,SAC1B,OACA;AAAA,UACE;AAAA,UACA,GAAG;AAAA,QACL;AAAA,MACN;AAEA,YAAM,YAAY,MAAM,SAAS,KAAK;AACtC,UAAI;AAEJ,UAAI;AACF,oBAAY,KAAK,MAAM,SAAS;AAAA,MAClC,QAAQ;AAAA,MAER;AAEA,YAAM,aAAa;AAAA,IACrB,SAAS,OAAO;AACd,UAAI,aAAa;AAEjB,iBAAW,MAAM,aAAa,MAAM,KAAK;AACvC,YAAI,IAAI;AACN,uBAAa,MAAM,GAAG,YAAY,UAAUA,UAAS,OAAiC;AAAA,QACxF;AAAA,MACF;AAEA,mBAAa,cAAc,CAAC;AAE5B,UAAI,cAAc;AAChB,cAAM;AAAA,MACR;AAGA,aAAO,kBAAkB,SACrB,SACA;AAAA,QACE,OAAO;AAAA,QACP,SAAAA;AAAA,QACA;AAAA,MACF;AAAA,IACN;AAAA,EACF,GArJmC;AAuJnC,QAAM,eAAe,wBAAC,WAAkC,CAAC,YACvD,QAAQ,EAAE,GAAG,SAAS,OAAO,CAAC,GADX;AAGrB,QAAM,YAAY,wBAAC,WAAkC,OAAO,YAA4B;AACtF,UAAM,EAAE,MAAM,IAAI,IAAI,MAAM,cAAc,OAAO;AACjD,WAAO,gBAAgB;AAAA,MACrB,GAAG;AAAA,MACH,MAAM,KAAK;AAAA,MACX;AAAA,MACA,WAAW,8BAAOC,MAAK,SAAS;AAC9B,YAAID,WAAU,IAAI,QAAQC,MAAK,IAAI;AACnC,mBAAW,MAAM,aAAa,QAAQ,KAAK;AACzC,cAAI,IAAI;AACN,YAAAD,WAAU,MAAM,GAAGA,UAAS,IAAI;AAAA,UAClC;AAAA,QACF;AACA,eAAOA;AAAA,MACT,GARW;AAAA,MASX,gBAAgB,oBAAoB,IAAI;AAAA,MACxC;AAAA,IACF,CAAC;AAAA,EACH,GAlBkB;AAoBlB,QAAM,YAAgC,wBAAC,YAAY,SAAS,EAAE,GAAG,SAAS,GAAG,QAAQ,CAAC,GAAhD;AAEtC,SAAO;AAAA,IACL,UAAU;AAAA,IACV,SAAS,aAAa,SAAS;AAAA,IAC/B,QAAQ,aAAa,QAAQ;AAAA,IAC7B,KAAK,aAAa,KAAK;AAAA,IACvB;AAAA,IACA,MAAM,aAAa,MAAM;AAAA,IACzB;AAAA,IACA,SAAS,aAAa,SAAS;AAAA,IAC/B,OAAO,aAAa,OAAO;AAAA,IAC3B,MAAM,aAAa,MAAM;AAAA,IACzB,KAAK,aAAa,KAAK;AAAA,IACvB;AAAA,IACA;AAAA,IACA,KAAK;AAAA,MACH,SAAS,UAAU,SAAS;AAAA,MAC5B,QAAQ,UAAU,QAAQ;AAAA,MAC1B,KAAK,UAAU,KAAK;AAAA,MACpB,MAAM,UAAU,MAAM;AAAA,MACtB,SAAS,UAAU,SAAS;AAAA,MAC5B,OAAO,UAAU,OAAO;AAAA,MACxB,MAAM,UAAU,MAAM;AAAA,MACtB,KAAK,UAAU,KAAK;AAAA,MACpB,OAAO,UAAU,OAAO;AAAA,IAC1B;AAAA,IACA,OAAO,aAAa,OAAO;AAAA,EAC7B;AACF,GA/P4B;;;ACNrB,IAAM,SAAiB,aAAa,aAA6B,EAAE,SAAS,wBAAwB,CAAC,CAAC;AAI7G,oBAAoB,MAAM;;;ACmGnB,IAAM,mBAAN,MAAuB;AAAA,EAtH9B,OAsH8B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAM1B,OAAc,gCAAsE,SAAsJ;AACtO,YAAQ,SAAS,UAAU,QAAQ,IAAqE;AAAA,MACpG,UAAU;AAAA,QACN,EAAE,MAAM,aAAa,MAAM,SAAS;AAAA,QACpC,EAAE,QAAQ,UAAU,MAAM,OAAO;AAAA,QACjC,EAAE,MAAM,iBAAiB,MAAM,SAAS;AAAA,MAC5C;AAAA,MACA,KAAK;AAAA,MACL,GAAG;AAAA,IACP,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAc,iCAAuE,SAAsL;AACvQ,YAAQ,QAAQ,UAAU,QAAQ,KAAsG;AAAA,MACpI,UAAU;AAAA,QACN,EAAE,MAAM,aAAa,MAAM,SAAS;AAAA,QACpC,EAAE,QAAQ,UAAU,MAAM,OAAO;AAAA,QACjC,EAAE,MAAM,iBAAiB,MAAM,SAAS;AAAA,MAC5C;AAAA,MACA,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,QAAQ;AAAA,MACf;AAAA,IACJ,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAc,sCAA4E,SAAsM;AAC5R,YAAQ,SAAS,UAAU,QAAQ,KAAgH;AAAA,MAC/I,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,SAAS;AAAA,MAChB;AAAA,IACJ,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAc,qCAA2E,SAAkM;AACvR,YAAQ,QAAQ,UAAU,QAAQ,KAA8G;AAAA,MAC5I,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,QAAQ;AAAA,MACf;AAAA,IACJ,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAc,kCAAwE,SAA0J;AAC5O,YAAQ,SAAS,UAAU,QAAQ,IAAuE,EAAE,KAAK,kCAAkC,GAAG,QAAQ,CAAC;AAAA,EACnK;AACJ;AAEO,IAAM,cAAN,MAAkB;AAAA,EAvMzB,OAuMyB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAIrB,OAAc,4BAAkE,SAAuK;AACnP,YAAQ,QAAQ,UAAU,QAAQ,KAA4F;AAAA,MAC1H,UAAU;AAAA,QACN,EAAE,MAAM,aAAa,MAAM,SAAS;AAAA,QACpC,EAAE,QAAQ,UAAU,MAAM,OAAO;AAAA,QACjC,EAAE,MAAM,iBAAiB,MAAM,SAAS;AAAA,MAC5C;AAAA,MACA,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,QAAQ;AAAA,MACf;AAAA,IACJ,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,OAAc,2BAAiE,SAAoK;AAC/O,YAAQ,QAAQ,UAAU,QAAQ,KAA0F;AAAA,MACxH,UAAU;AAAA,QACN,EAAE,MAAM,aAAa,MAAM,SAAS;AAAA,QACpC,EAAE,QAAQ,UAAU,MAAM,OAAO;AAAA,QACjC,EAAE,MAAM,iBAAiB,MAAM,SAAS;AAAA,MAC5C;AAAA,MACA,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,QAAQ;AAAA,MACf;AAAA,IACJ,CAAC;AAAA,EACL;AACJ;AAEO,IAAM,qBAAN,MAAyB;AAAA,EAtPhC,OAsPgC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAM5B,OAAc,2BAAiE,SAAqK;AAChP,YAAQ,SAAS,UAAU,QAAQ,IAAyF;AAAA,MACxH,UAAU,CAAC,EAAE,QAAQ,UAAU,MAAM,OAAO,GAAG;AAAA,QACvC,IAAI;AAAA,QACJ,MAAM;AAAA,QACN,MAAM;AAAA,MACV,CAAC;AAAA,MACL,KAAK;AAAA,MACL,GAAG;AAAA,IACP,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAc,+BAAqE,SAAiL;AAChQ,YAAQ,SAAS,UAAU,QAAQ,KAAkG;AAAA,MACjI,GAAG;AAAA,MACH,UAAU;AAAA,QACN,EAAE,MAAM,aAAa,MAAM,SAAS;AAAA,QACpC,EAAE,QAAQ,UAAU,MAAM,OAAO;AAAA,QACjC,EAAE,MAAM,iBAAiB,MAAM,SAAS;AAAA,MAC5C;AAAA,MACA,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,SAAS;AAAA,MAChB;AAAA,IACJ,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAiBA,OAAc,+BAAqE,SAAiL;AAChQ,YAAQ,SAAS,UAAU,QAAQ,KAAkG;AAAA,MACjI,UAAU,CAAC,EAAE,QAAQ,UAAU,MAAM,OAAO,GAAG;AAAA,QACvC,IAAI;AAAA,QACJ,MAAM;AAAA,QACN,MAAM;AAAA,MACV,CAAC;AAAA,MACL,KAAK;AAAA,MACL,GAAG;AAAA,IACP,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAc,uCAA6E,SAAyM;AAChS,YAAQ,SAAS,UAAU,QAAQ,MAAmH;AAAA,MAClJ,UAAU,CAAC,EAAE,QAAQ,UAAU,MAAM,OAAO,GAAG;AAAA,QACvC,IAAI;AAAA,QACJ,MAAM;AAAA,QACN,MAAM;AAAA,MACV,CAAC;AAAA,MACL,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,SAAS;AAAA,MAChB;AAAA,IACJ,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAc,gCAAsE,SAAoL;AACpQ,YAAQ,SAAS,UAAU,QAAQ,IAAmG;AAAA,MAClI,UAAU,CAAC,EAAE,QAAQ,UAAU,MAAM,OAAO,GAAG;AAAA,QACvC,IAAI;AAAA,QACJ,MAAM;AAAA,QACN,MAAM;AAAA,MACV,CAAC;AAAA,MACL,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,SAAS;AAAA,MAChB;AAAA,IACJ,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAc,sCAA4E,SAAsM;AAC5R,YAAQ,SAAS,UAAU,QAAQ,MAAiH;AAAA,MAChJ,UAAU,CAAC,EAAE,QAAQ,UAAU,MAAM,OAAO,GAAG;AAAA,QACvC,IAAI;AAAA,QACJ,MAAM;AAAA,QACN,MAAM;AAAA,MACV,CAAC;AAAA,MACL,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,SAAS;AAAA,MAChB;AAAA,IACJ,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAc,+BAAqE,SAAiL;AAChQ,YAAQ,SAAS,UAAU,QAAQ,IAAiG;AAAA,MAChI,UAAU,CAAC,EAAE,QAAQ,UAAU,MAAM,OAAO,GAAG;AAAA,QACvC,IAAI;AAAA,QACJ,MAAM;AAAA,QACN,MAAM;AAAA,MACV,CAAC;AAAA,MACL,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,SAAS;AAAA,MAChB;AAAA,IACJ,CAAC;AAAA,EACL;AACJ;AAEO,IAAM,kBAAN,MAAsB;AAAA,EA9Y7B,OA8Y6B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQzB,OAAc,gCAAsE,SAAqJ;AACrO,YAAQ,QAAQ,UAAU,QAAQ,KAAsE;AAAA,MACpG,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,QAAQ;AAAA,MACf;AAAA,IACJ,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,OAAc,8BAAoE,SAAiJ;AAC/N,YAAQ,QAAQ,UAAU,QAAQ,KAAoE;AAAA,MAClG,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,QAAQ;AAAA,MACf;AAAA,IACJ,CAAC;AAAA,EACL;AACJ;AA4DO,IAAM,UAAN,MAAc;AAAA,EAhfrB,OAgfqB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAIjB,OAAc,uBAA6D,SAAoI;AAC3M,YAAQ,SAAS,UAAU,QAAQ,IAA4D;AAAA,MAC3F,UAAU;AAAA,QACN,EAAE,MAAM,aAAa,MAAM,SAAS;AAAA,QACpC,EAAE,QAAQ,UAAU,MAAM,OAAO;AAAA,QACjC,EAAE,MAAM,iBAAiB,MAAM,SAAS;AAAA,MAC5C;AAAA,MACA,KAAK;AAAA,MACL,GAAG;AAAA,IACP,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAc,sBAA4D,SAAiI;AACvM,YAAQ,QAAQ,UAAU,QAAQ,OAA8D;AAAA,MAC5F,UAAU;AAAA,QACN,EAAE,MAAM,aAAa,MAAM,SAAS;AAAA,QACpC,EAAE,QAAQ,UAAU,MAAM,OAAO;AAAA,QACjC,EAAE,MAAM,iBAAiB,MAAM,SAAS;AAAA,MAC5C;AAAA,MACA,KAAK;AAAA,MACL,GAAG;AAAA,IACP,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAc,qBAA2D,SAAkJ;AACvN,YAAQ,QAAQ,UAAU,QAAQ,KAA8E;AAAA,MAC5G,UAAU;AAAA,QACN,EAAE,MAAM,aAAa,MAAM,SAAS;AAAA,QACpC,EAAE,QAAQ,UAAU,MAAM,OAAO;AAAA,QACjC,EAAE,MAAM,iBAAiB,MAAM,SAAS;AAAA,MAC5C;AAAA,MACA,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,QAAQ;AAAA,MACf;AAAA,IACJ,CAAC;AAAA,EACL;AACJ;AAEO,IAAM,eAAN,MAAmB;AAAA,EAviB1B,OAuiB0B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAMtB,OAAc,mBAAyD,SAA6I;AAChN,YAAQ,SAAS,UAAU,QAAQ,KAA0E;AAAA,MACzG,UAAU;AAAA,QACN,EAAE,MAAM,aAAa,MAAM,SAAS;AAAA,QACpC,EAAE,QAAQ,UAAU,MAAM,OAAO;AAAA,QACjC,EAAE,MAAM,iBAAiB,MAAM,SAAS;AAAA,MAC5C;AAAA,MACA,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,SAAS;AAAA,MAChB;AAAA,IACJ,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAc,0BAAgE,SAAiK;AAC3O,YAAQ,QAAQ,UAAU,QAAQ,KAAwF;AAAA,MACtH,UAAU;AAAA,QACN,EAAE,MAAM,aAAa,MAAM,SAAS;AAAA,QACpC,EAAE,QAAQ,UAAU,MAAM,OAAO;AAAA,QACjC,EAAE,MAAM,iBAAiB,MAAM,SAAS;AAAA,MAC5C;AAAA,MACA,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,QAAQ;AAAA,MACf;AAAA,IACJ,CAAC;AAAA,EACL;AACJ;AAEO,IAAM,gBAAN,MAAoB;AAAA,EAnlB3B,OAmlB2B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAMvB,OAAc,oBAA0D,SAA+I;AACnN,YAAQ,QAAQ,UAAU,QAAQ,KAA4E;AAAA,MAC1G,UAAU;AAAA,QACN,EAAE,MAAM,aAAa,MAAM,SAAS;AAAA,QACpC,EAAE,QAAQ,UAAU,MAAM,OAAO;AAAA,QACjC,EAAE,MAAM,iBAAiB,MAAM,SAAS;AAAA,MAC5C;AAAA,MACA,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,QAAQ;AAAA,MACf;AAAA,IACJ,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAc,0BAAgE,SAAiK;AAC3O,YAAQ,QAAQ,UAAU,QAAQ,KAAwF;AAAA,MACtH,UAAU;AAAA,QACN,EAAE,MAAM,aAAa,MAAM,SAAS;AAAA,QACpC,EAAE,QAAQ,UAAU,MAAM,OAAO;AAAA,QACjC,EAAE,MAAM,iBAAiB,MAAM,SAAS;AAAA,MAC5C;AAAA,MACA,KAAK;AAAA,MACL,GAAG;AAAA,MACH,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,GAAG,QAAQ;AAAA,MACf;AAAA,IACJ,CAAC;AAAA,EACL;AACJ;;;ACrnBO,IAAK,iBAAL,kBAAKE,oBAAL;AACL,EAAAA,gBAAA,sBAAmB;AACnB,EAAAA,gBAAA,wBAAqB;AACrB,EAAAA,gBAAA,0BAAuB;AACvB,EAAAA,gBAAA,0BAAuB;AACvB,EAAAA,gBAAA,wBAAqB;AACrB,EAAAA,gBAAA,6BAA0B;AAC1B,EAAAA,gBAAA,iBAAc;AACd,EAAAA,gBAAA,sBAAmB;AACnB,EAAAA,gBAAA,qBAAkB;AATR,SAAAA;AAAA,GAAA;AAYL,IAAK,oBAAL,kBAAKC,uBAAL;AACL,EAAAA,mBAAA,UAAO;AADG,SAAAA;AAAA,GAAA;AAkBL,IAAM,YAAY;AAAA;AAAA;AAAA;AAAA,EAIvB,MAAM,WAA+B,QAA+B;AAClE,QAAI,OAAO;AACT,cAAQ,IAAI,eAAe,WAAW,MAAM;AAAA,IAC9C;AAAA,EAIF;AAAA;AAAA;AAAA;AAAA,EAKA,QAAQ,QAAgB;AACtB,QAAI,OAAO;AACT,cAAQ,IAAI,yBAAyB,MAAM;AAAA,IAC7C;AAAA,EAIF;AACF;;;AC5DA,IAAAC,gBAAyB;AAUlB,SAAS,kBAAqB,KAAa,cAAiB;AAEjE,QAAM,CAAC,aAAa,cAAc,QAAI,wBAAY,MAAM;AACtD,QAAI,OAAO,WAAW,aAAa;AACjC,aAAO;AAAA,IACT;AAEA,QAAI;AACF,YAAM,OAAO,OAAO,eAAe,QAAQ,GAAG;AAC9C,aAAO,OAAO,KAAK,MAAM,IAAI,IAAI;AAAA,IACnC,SAAS,OAAO;AACd,iBAAW,MAAM,qCAAqC,GAAG,MAAM,KAAK;AACpE,aAAO;AAAA,IACT;AAAA,EACF,CAAC;AAGD,QAAM,gBAAgB,wBAAC,SAAuB;AAC5C,QAAI;AACF,YAAM,aAAa,KAAK,UAAU,IAAI;AACtC,YAAM,cAAc,IAAI,KAAK,CAAC,UAAU,CAAC,EAAE;AAC3C,YAAM,WAAW,cAAc;AAG/B,UAAI,WAAW,MAAM;AACnB,mBAAW,KAAK,cAAc,SAAS,QAAQ,CAAC,CAAC,kCAAkC,GAAG,GAAG;AACzF,eAAO;AAAA,MACT;AAEA,aAAO;AAAA,IACT,SAAS,OAAO;AACd,iBAAW,MAAM,qCAAqC,GAAG,MAAM,KAAK;AACpE,aAAO;AAAA,IACT;AAAA,EACF,GAjBsB;AAoBtB,QAAM,eAAe,6BAAM;AACzB,QAAI;AACF,YAAM,OAAO,OAAO,KAAK,cAAc,EAAE,OAAO,CAAAC,SAAOA,QAAO,OAAOA,SAAQ,QAAQ;AAErF,UAAI,KAAK,SAAS,IAAI;AACpB,cAAM,gBAAgB,KAAK,KAAK,KAAK,SAAS,GAAG;AACjD,iBAAS,IAAI,GAAG,IAAI,eAAe,KAAK;AACtC,cAAI;AACF,kBAAMA,OAAM,KAAK,CAAC;AAClB,gBAAIA,MAAK;AACP,6BAAe,WAAWA,IAAG;AAC7B,6BAAe,WAAW,GAAGA,IAAG,YAAY;AAAA,YAC9C;AAAA,UACF,QAAQ;AAAA,UAER;AAAA,QACF;AAAA,MACF;AAAA,IACF,SAAS,OAAO;AACd,iBAAW,MAAM,2CAA2C,KAAK;AAAA,IACnE;AAAA,EACF,GArBqB;AAwBrB,QAAM,gBAAgB,6BAAM;AAC1B,QAAI;AACF,YAAM,OAAO,OAAO,KAAK,cAAc;AACvC,iBAAWA,QAAO,MAAM;AACtB,YAAI;AACF,yBAAe,WAAWA,IAAG;AAAA,QAC/B,QAAQ;AAAA,QAER;AAAA,MACF;AAAA,IACF,SAAS,OAAO;AACd,iBAAW,MAAM,wCAAwC,KAAK;AAAA,IAChE;AAAA,EACF,GAbsB;AAgBtB,QAAM,WAAW,wBAAC,UAA+B;AAC/C,QAAI;AACF,YAAM,eAAe,iBAAiB,WAAW,MAAM,WAAW,IAAI;AAGtE,UAAI,CAAC,cAAc,YAAY,GAAG;AAChC,mBAAW,KAAK,gCAAgC,GAAG,iBAAiB;AAEpE,YAAI;AACF,iBAAO,eAAe,WAAW,GAAG;AACpC,iBAAO,eAAe,WAAW,GAAG,GAAG,YAAY;AAAA,QACrD,QAAQ;AAAA,QAER;AAEA,uBAAe,YAAY;AAC3B;AAAA,MACF;AAEA,qBAAe,YAAY;AAE3B,UAAI,OAAO,WAAW,aAAa;AAEjC,YAAI;AACF,iBAAO,eAAe,QAAQ,KAAK,KAAK,UAAU,YAAY,CAAC;AAE/D,iBAAO,eAAe,QAAQ,GAAG,GAAG,cAAc,KAAK,IAAI,EAAE,SAAS,CAAC;AAAA,QACzE,SAAS,cAAmB;AAE1B,cAAI,aAAa,SAAS,wBACtB,aAAa,SAAS,MACtB,aAAa,SAAS,SAAS,OAAO,GAAG;AAC3C,uBAAW,KAAK,qDAAqD;AACrE,yBAAa;AAGb,gBAAI;AACF,qBAAO,eAAe,QAAQ,KAAK,KAAK,UAAU,YAAY,CAAC;AAC/D,qBAAO,eAAe,QAAQ,GAAG,GAAG,cAAc,KAAK,IAAI,EAAE,SAAS,CAAC;AAAA,YACzE,SAAS,YAAY;AACnB,yBAAW,MAAM,qCAAqC,GAAG,8BAA8B,UAAU;AAEjG,kBAAI;AACF,8BAAc;AACd,uBAAO,eAAe,QAAQ,KAAK,KAAK,UAAU,YAAY,CAAC;AAC/D,uBAAO,eAAe,QAAQ,GAAG,GAAG,cAAc,KAAK,IAAI,EAAE,SAAS,CAAC;AAAA,cACzE,SAAS,YAAY;AACnB,2BAAW,MAAM,qCAAqC,GAAG,2BAA2B,UAAU;AAE9F,+BAAe,YAAY;AAAA,cAC7B;AAAA,YACF;AAAA,UACF,OAAO;AACL,kBAAM;AAAA,UACR;AAAA,QACF;AAAA,MACF;AAAA,IACF,SAAS,OAAO;AACd,iBAAW,MAAM,qCAAqC,GAAG,MAAM,KAAK;AAEpE,YAAM,eAAe,iBAAiB,WAAW,MAAM,WAAW,IAAI;AACtE,qBAAe,YAAY;AAAA,IAC7B;AAAA,EACF,GA/DiB;AAkEjB,QAAM,cAAc,6BAAM;AACxB,QAAI;AACF,qBAAe,YAAY;AAC3B,UAAI,OAAO,WAAW,aAAa;AACjC,YAAI;AACF,iBAAO,eAAe,WAAW,GAAG;AACpC,iBAAO,eAAe,WAAW,GAAG,GAAG,YAAY;AAAA,QACrD,SAAS,aAAkB;AAEzB,cAAI,YAAY,SAAS,wBACrB,YAAY,SAAS,MACrB,YAAY,SAAS,SAAS,OAAO,GAAG;AAC1C,uBAAW,KAAK,oEAAoE;AACpF,yBAAa;AAEb,gBAAI;AACF,qBAAO,eAAe,WAAW,GAAG;AACpC,qBAAO,eAAe,WAAW,GAAG,GAAG,YAAY;AAAA,YACrD,SAAS,YAAY;AACnB,yBAAW,MAAM,wCAAwC,GAAG,qBAAqB,UAAU;AAE3F,4BAAc;AAAA,YAChB;AAAA,UACF,OAAO;AACL,kBAAM;AAAA,UACR;AAAA,QACF;AAAA,MACF;AAAA,IACF,SAAS,OAAO;AACd,iBAAW,MAAM,sCAAsC,GAAG,MAAM,KAAK;AAAA,IACvE;AAAA,EACF,GA/BoB;AAiCpB,SAAO,CAAC,aAAa,UAAU,WAAW;AAC5C;AAjLgB;;;ACVhB,IAAM,oBAAoB;AAW1B,IAAM,yBAAyB,6BAAc;AAC3C,MAAI,OAAO,WAAW,YAAa,QAAO;AAC1C,MAAI;AACF,UAAM,OAAO,OAAO,eAAe,QAAQ,iBAAiB;AAC5D,WAAO,OAAO,KAAK,MAAM,IAAI,IAAI;AAAA,EACnC,QAAQ;AACN,WAAO;AAAA,EACT;AACF,GAR+B;AAa/B,IAAM,2BAA2B,6BAAY;AAC3C,MAAI,OAAO,WAAW,YAAa;AACnC,MAAI;AACF,WAAO,eAAe,WAAW,iBAAiB;AAClD,WAAO,eAAe,WAAW,GAAG,iBAAiB,YAAY;AAAA,EACnE,QAAQ;AAAA,EAER;AACF,GARiC;AAc1B,IAAM,oBAAoB,6BAAqB,uBAAuB,KAAK,MAAjD;AAO1B,IAAM,uBAAuB,6BAAqB;AACvD,QAAM,SAAS,uBAAuB;AACtC,MAAI,OAAQ,0BAAyB;AACrC,SAAO,UAAU;AACnB,GAJoC;AAM7B,IAAM,yBAAyB,wBAAC,UAA+B,CAAC,MAAM;AAC3E,QAAM,EAAE,cAAc,cAAc,aAAa,KAAK,IAAI;AAC1D,QAAM,CAAC,aAAa,gBAAgB,iBAAiB,IAAI,kBAA0B,mBAAmB,EAAE;AAExG,QAAM,cAAc,wBAAC,QAAgB;AACnC,mBAAe,GAAG;AAAA,EACpB,GAFoB;AAIpB,QAAM,cAAc,6BAAM;AAExB,WAAO,uBAAuB,KAAK;AAAA,EACrC,GAHoB;AAKpB,QAAM,gBAAgB,6BAAM;AAC1B,sBAAkB;AAClB,6BAAyB;AAAA,EAC3B,GAHsB;AAKtB,QAAM,cAAc,6BAAM;AACxB,UAAM,SAAS,uBAAuB;AACtC,WAAO,OAAO,SAAS,KAAK,YAAY,SAAS;AAAA,EACnD,GAHoB;AAKpB,QAAM,sBAAsB,6BAAM;AAEhC,UAAM,SAAS,uBAAuB;AACtC,WAAO,UAAU,eAAe;AAAA,EAClC,GAJ4B;AAM5B,QAAM,sBAAsB,6BAAM;AAGhC,UAAM,SAAS,uBAAuB;AACtC,UAAM,WAAW,UAAU,eAAe;AAE1C,QAAI,YAAY;AACd,oBAAc;AAAA,IAChB;AACA,WAAO;AAAA,EACT,GAV4B;AAY5B,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF,GAlDsC;;;ACxCtC,IAAM,mBAAmB;AAclB,SAAS,sBAAsB,KAAc,UAA0B;AAC5E,MAAI,eAAe,UAAU;AAC3B,UAAM,OAAQ,IAAI,YAAY;AAC9B,QAAI,OAAO,MAAM,UAAU,SAAU,QAAO,KAAK;AACjD,QAAI,OAAO,MAAM,WAAW,SAAU,QAAO,KAAK;AAClD,QAAI,OAAO,MAAM,YAAY,SAAU,QAAO,KAAK;AACnD,WAAO,IAAI,gBAAgB,IAAI;AAAA,EACjC;AACA,MAAI,eAAe,MAAO,QAAO,IAAI;AACrC,SAAO;AACT;AAVgB;AAaT,SAAS,yBAAyB,KAA6B;AACpE,MAAI,eAAe,UAAU;AAC3B,UAAM,OAAQ,IAAI,YAAY;AAC9B,QAAI,OAAO,MAAM,uBAAuB,SAAU,QAAO,KAAK;AAAA,EAChE;AACA,SAAO;AACT;AANgB;AAST,SAAS,gBAAgB,MAAuB;AACrD,SAAO,CAAC,CAAC,QAAQ,KAAK,WAAW;AACnC;AAFgB;;;AdAT,IAAM,qBAAqB,wBAChC,UAAqC,CAAC,MACT;AAC7B,QAAM,EAAE,WAAW,SAAS,aAAa,eAAe,MAAM,IAAI;AAClE,QAAM,SAAS,aAAa;AAE5B,QAAM,CAAC,WAAW,YAAY,QAAI,wBAAS,KAAK;AAChD,QAAM,CAAC,OAAO,QAAQ,QAAI,wBAAwB,IAAI;AACtD,QAAM,CAAC,SAAS,UAAU,QAAI,wBAAwB,IAAI;AAC1D,QAAM,CAAC,sBAAsB,uBAAuB,QAAI,wBAAwB,IAAI;AACpF,QAAM,CAAC,mBAAmB,oBAAoB,QAAI,wBAAwB,IAAI;AAE9E,QAAM,iBAAa,2BAAY,MAAM;AACnC,aAAS,IAAI;AAAA,EACf,GAAG,CAAC,CAAC;AAEL,QAAM,oBAAgB,2BAAY,CAAC,aAM7B;AAEJ,SAAK,WAAW,EAAE,QAAQ,SAAS,cAAc,SAAS,SAAS,cAAc,CAAC;AAElF,QAAI,SAAS,SAAS;AACpB,iBAAW,SAAS,OAAO;AAAA,IAC7B;AACA,QAAI,SAAS,2BAA2B,QAAW;AACjD,8BAAwB,SAAS,sBAAsB;AAAA,IACzD;AAEA,cAAU,qDAAyC;AAAA,MACjD;AAAA,MACA,OAAO;AAAA,IACT,CAAC;AACD,QAAI,SAAS,MAAM,IAAI;AACrB,gBAAU,QAAQ,OAAO,SAAS,KAAK,EAAE,CAAC;AAAA,IAC5C;AAEA,gBAAY,SAAS,IAAI;AAGzB,QAAI,CAAC,cAAc;AACjB,YAAM,mBAAmB,qBAAqB,KAAK,eAAe;AAClE,iBAAW,KAAK,mCAAmC,gBAAgB;AACnE,aAAO,SAAS,gBAAgB;AAAA,IAClC;AAAA,EACF,GAAG,CAAC,WAAW,aAAa,QAAQ,YAAY,CAAC;AAEjD,QAAM,iBAAa,2BAAY,OAAO,WAAmB,SAAmC;AAC1F,QAAI,CAAC,WAAW;AACd,YAAM,MAAM;AACZ,eAAS,GAAG;AACZ,gBAAU,GAAG;AACb,aAAO;AAAA,IACT;AACA,QAAI,CAAC,gBAAgB,IAAI,GAAG;AAC1B,YAAM,MAAM;AACZ,eAAS,GAAG;AACZ,gBAAU,GAAG;AACb,aAAO;AAAA,IACT;AAEA,iBAAa,IAAI;AACjB,aAAS,IAAI;AAEb,QAAI;AACF,iBAAW,KAAK,wBAAwB;AAExC,YAAM,SAAS,MAAM,cAAc,oBAAoB;AAAA,QACrD,MAAM,EAAE,YAAY,WAAW,KAAK;AAAA,QACpC,cAAc;AAAA,MAChB,CAAC;AACD,YAAM,WAAW,OAAO;AAExB,UAAI,CAAC,SAAS,gBAAgB,CAAC,SAAS,eAAe;AACrD,cAAM,IAAI,MAAM,wCAAwC;AAAA,MAC1D;AAEA,oBAAc,QAAQ;AACtB,aAAO;AAAA,IACT,SAAS,KAAK;AACZ,iBAAW,MAAM,gCAAgC,GAAG;AACpD,YAAM,eAAe,sBAAsB,KAAK,2BAA2B;AAC3E,YAAM,WAAW,yBAAyB,GAAG;AAC7C,UAAI,aAAa,KAAM,sBAAqB,QAAQ;AACpD,eAAS,YAAY;AACrB,gBAAU,YAAY;AAEtB,gBAAU,yDAA2C;AAAA,QACnD;AAAA,QACA,OAAO;AAAA,MACT,CAAC;AACD,aAAO;AAAA,IACT,UAAE;AACA,mBAAa,KAAK;AAAA,IACpB;AAAA,EACF,GAAG,CAAC,eAAe,OAAO,CAAC;AAE3B,QAAM,uBAAmB,2BAAY,OAAO,WAAmB,eAAyC;AACtG,QAAI,CAAC,WAAW;AACd,YAAM,MAAM;AACZ,eAAS,GAAG;AACZ,gBAAU,GAAG;AACb,aAAO;AAAA,IACT;AACA,QAAI,CAAC,cAAc,WAAW,SAAS,GAAG;AACxC,YAAM,MAAM;AACZ,eAAS,GAAG;AACZ,gBAAU,GAAG;AACb,aAAO;AAAA,IACT;AAEA,iBAAa,IAAI;AACjB,aAAS,IAAI;AAEb,QAAI;AACF,iBAAW,KAAK,0BAA0B;AAE1C,YAAM,SAAS,MAAM,cAAc,0BAA0B;AAAA,QAC3D,MAAM;AAAA,UACJ,YAAY;AAAA,UACZ,aAAa,WAAW,QAAQ,QAAQ,EAAE;AAAA,QAC5C;AAAA,QACA,cAAc;AAAA,MAChB,CAAC;AACD,YAAM,WAAW,OAAO;AAExB,UAAI,CAAC,SAAS,gBAAgB,CAAC,SAAS,eAAe;AACrD,cAAM,IAAI,MAAM,gDAAgD;AAAA,MAClE;AAEA,oBAAc,QAAQ;AACtB,aAAO;AAAA,IACT,SAAS,KAAK;AACZ,iBAAW,MAAM,uCAAuC,GAAG;AAC3D,YAAM,eAAe,sBAAsB,KAAK,qBAAqB;AACrE,YAAM,WAAW,yBAAyB,GAAG;AAC7C,UAAI,aAAa,KAAM,sBAAqB,QAAQ;AACpD,eAAS,YAAY;AACrB,gBAAU,YAAY;AAEtB,gBAAU,yDAA2C;AAAA,QACnD;AAAA,QACA,OAAO;AAAA,MACT,CAAC;AACD,aAAO;AAAA,IACT,UAAE;AACA,mBAAa,KAAK;AAAA,IACpB;AAAA,EACF,GAAG,CAAC,eAAe,OAAO,CAAC;AAE3B,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF,GApKkC;;;AJhC3B,IAAM,cAAc,wBAAC,YAAgD;AAC1E,QAAM;AAAA,IACJ;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,yBAAyB;AAAA,IACzB,WAAW;AAAA,EACb,IAAI;AAGJ,QAAM,YAAY,iBAAiB;AACnC,QAAM,aAAa,kBAAkB;AAGrC,QAAM,6BAAyB,sBAAO,KAAK;AAK3C,QAAM,yBAAqB,sBAAsB,IAAI;AAGrD,QAAM;AAAA,IACJ;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,IAAI,QAAQ;AAGZ,QAAM;AAAA,IACJ;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,IAAI;AAGJ,QAAM,YAAY,mBAAmB;AAAA,IACnC,WAAW,6BAAM;AACf,iBAAW,KAAK,qDAAqD;AACrE,cAAQ,SAAS;AACjB,qBAAe;AAAA,IACjB,GAJW;AAAA,IAKX,SAAS,wBAAC,UAAU;AAClB,eAAS,KAAK;AACd,gBAAU,KAAK;AAAA,IACjB,GAHS;AAAA,IAIT;AAAA,IACA,cAAc;AAAA;AAAA,EAChB,CAAC;AAED,QAAM,EAAE,oBAAAC,oBAAmB,IAAI;AAM/B,QAAM,8BAA0B,2BAAY,CAAC,OAAe;AAC1D,cAAU,EAAE;AAAA,EACd,GAAG,CAAC,SAAS,CAAC;AAOd,+BAAU,MAAM;AACd,UAAM,aAAa,cAAc;AACjC,QAAI,YAAY;AACd,oBAAc,UAAU;AAAA,IAC1B;AAAA,EAEF,GAAG,CAAC,CAAC;AAML,QAAM,6BAAyB,2BAAY,OAAO,MAAuB;AACvE,MAAE,eAAe;AAEjB,QAAI,CAAC,YAAY;AACf,YAAM,MAAM;AACZ,eAAS,GAAG;AACZ,gBAAU,GAAG;AACb;AAAA,IACF;AAEA,QAAI,CAACA,oBAAmB,UAAU,GAAG;AACnC,YAAM,MAAM;AACZ,eAAS,GAAG;AACZ,gBAAU,GAAG;AACb;AAAA,IACF;AAEA,QAAI,0BAA0B,CAAC,eAAe;AAC5C,YAAM,MAAM;AACZ,eAAS,GAAG;AACZ,gBAAU,GAAG;AACb;AAAA,IACF;AAEA,iBAAa,IAAI;AACjB,eAAW;AAEX,QAAI;AACF,YAAM,SAAS,MAAM,WAAW,YAAY,SAAS;AAErD,UAAI,OAAO,SAAS;AAClB,gCAAwB,UAAU;AAClC,mBAAW,OAAO,WAAW,IAAI;AACjC,gBAAQ,KAAK;AACb,8BAAsB,UAAU;AAAA,MAClC,OAAO;AACL,YAAI,OAAO,YAAY;AACrB,kCAAwB,OAAO,UAAU;AACzC,qBAAW;AAAA,QACb,OAAO;AACL,mBAAS,OAAO,OAAO;AACvB,oBAAU,OAAO,OAAO;AAAA,QAC1B;AAAA,MACF;AAAA,IACF,QAAQ;AACN,YAAM,MAAM;AACZ,eAAS,GAAG;AACZ,gBAAU,GAAG;AAAA,IACf,UAAE;AACA,mBAAa,KAAK;AAAA,IACpB;AAAA,EACF,GAAG;AAAA,IACD;AAAA,IAAY;AAAA,IAAe;AAAA,IAC3BA;AAAA,IAAoB;AAAA,IAAY;AAAA,IAChC;AAAA,IAAU;AAAA,IAAc;AAAA,IAAS;AAAA,IAAY;AAAA,IAC7C;AAAA,IAAyB;AAAA,IAAqB;AAAA,IAAS;AAAA,EACzD,CAAC;AAGD,QAAM,gBAAY,2BAAY,OAC5B,kBACA,cACqB;AACrB,QAAI,CAAC,aAAa,UAAU,SAAS,eAAe,kBAAkB;AACpE,YAAM,MAAM,oBAAoB,eAAe,gBAAgB;AAC/D,eAAS,GAAG;AACZ,gBAAU,GAAG;AACb,aAAO;AAAA,IACT;AAEA,iBAAa,IAAI;AACjB,eAAW;AAEX,QAAI;AAEF,YAAM,SAAS,MAAM,UAAU,kBAAkB,WAAW,WAAW,aAAa,IAAI;AAGxF,UAAI,OAAO,gBAAgB,OAAO,YAAY;AAC5C,mBAAW,KAAK,qCAAqC;AACrD,8BAAsB,OAAO,UAAU;AACvC,2BAAmB,OAAO,qBAAqB,KAAK;AACpD,gBAAQ,KAAK;AACb,gCAAwB,gBAAgB;AACxC,eAAO;AAAA,MACT;AAEA,UAAI,OAAO,SAAS;AAClB,gCAAwB,gBAAgB;AAKxC,mBAAW,KAAK,qDAAqD;AACrE,gBAAQ,SAAS;AACjB,uBAAe;AACf,eAAO;AAAA,MACT,OAAO;AACL,iBAAS,OAAO,OAAO;AACvB,kBAAU,OAAO,OAAO;AACxB,eAAO;AAAA,MACT;AAAA,IACF,QAAQ;AACN,YAAM,MAAM;AACZ,eAAS,GAAG;AACZ,gBAAU,GAAG;AACb,aAAO;AAAA,IACT,UAAE;AACA,mBAAa,KAAK;AAAA,IACpB;AAAA,EACF,GAAG,CAAC,WAAW,yBAAyB,UAAU,cAAc,YAAY,cAAc,SAAS,WAAW,aAAa,uBAAuB,oBAAoB,OAAO,CAAC;AAE9K,QAAM,sBAAkB,2BAAY,OAAO,MAAuB;AAChE,MAAE,eAAe;AACjB,UAAM,UAAU,YAAY,GAAG;AAAA,EACjC,GAAG,CAAC,YAAY,KAAK,SAAS,CAAC;AAE/B,QAAM,sBAAkB,2BAAY,YAAY;AAC9C,iBAAa,IAAI;AACjB,eAAW;AAEX,QAAI;AACF,YAAM,SAAS,MAAM,WAAW,YAAY,SAAS;AAErD,UAAI,OAAO,SAAS;AAClB,gCAAwB,UAAU;AAClC,mBAAW,OAAO,WAAW,IAAI;AACjC,eAAO,EAAE;AAAA,MACX,OAAO;AACL,YAAI,OAAO,YAAY;AACrB,kCAAwB,OAAO,UAAU;AACzC,qBAAW;AAAA,QACb,OAAO;AACL,mBAAS,OAAO,OAAO;AACvB,oBAAU,OAAO,OAAO;AAAA,QAC1B;AAAA,MACF;AAAA,IACF,QAAQ;AACN,YAAM,MAAM;AACZ,eAAS,GAAG;AACZ,gBAAU,GAAG;AAAA,IACf,UAAE;AACA,mBAAa,KAAK;AAAA,IACpB;AAAA,EACF,GAAG,CAAC,YAAY,YAAY,yBAAyB,QAAQ,UAAU,cAAc,YAAY,yBAAyB,YAAY,SAAS,SAAS,CAAC;AAEzJ,QAAM,6BAAyB,2BAAY,MAAM;AAC/C,YAAQ,YAAY;AACpB,eAAW;AAAA,EACb,GAAG,CAAC,SAAS,UAAU,CAAC;AAExB,QAAM,mBAAe,2BAAY,MAAM;AACrC,YAAQ,KAAK;AACb,eAAW;AAAA,EACb,GAAG,CAAC,SAAS,UAAU,CAAC;AAMxB,QAAM,sBAAkB,2BAAY,OAAO,MAAuB;AAChE,MAAE,eAAe;AAEjB,QAAI,CAAC,oBAAoB;AACvB,YAAM,MAAM;AACZ,eAAS,GAAG;AACZ,gBAAU,GAAG;AACb;AAAA,IACF;AAEA,QAAI,eAAe;AACjB,YAAM,UAAU,iBAAiB,oBAAoB,aAAa;AAAA,IACpE,OAAO;AACL,YAAM,UAAU,WAAW,oBAAoB,aAAa;AAAA,IAC9D;AAAA,EACF,GAAG,CAAC,oBAAoB,eAAe,eAAe,WAAW,UAAU,OAAO,CAAC;AAEnF,QAAM,0BAAsB,2BAAY,MAAM;AAC5C,qBAAiB,IAAI;AACrB,qBAAiB,EAAE;AACnB,eAAW;AAAA,EACb,GAAG,CAAC,kBAAkB,kBAAkB,UAAU,CAAC;AAEnD,QAAM,oBAAgB,2BAAY,MAAM;AACtC,qBAAiB,KAAK;AACtB,qBAAiB,EAAE;AACnB,eAAW;AAAA,EACb,GAAG,CAAC,kBAAkB,kBAAkB,UAAU,CAAC;AAMnD,QAAM,uBAAmB,2BAAY,CAAC,aAAqB,kBAA2B;AAGpF,UAAM,iBAAiB,iBAAiB,cAAc,KAAK;AAE3D,QAAI,CAAC,gBAAgB;AACnB,iBAAW,KAAK,kEAAkE;AAClF;AAAA,IACF;AAKA,UAAM,SAAS,GAAG,cAAc,IAAI,WAAW;AAC/C,QAAI,mBAAmB,YAAY,OAAQ;AAC3C,QAAI,uBAAuB,QAAS;AAEpC,uBAAmB,UAAU;AAC7B,2BAAuB,UAAU;AAEjC,eAAW,KAAK,wCAAwC;AAGxD,kBAAc,cAAc;AAC5B,WAAO,WAAW;AAClB,YAAQ,KAAK;AAGb,eAAW,YAAY;AACrB,UAAI;AACF,cAAM,UAAU,gBAAgB,WAAW;AAAA,MAC7C,UAAE;AACA,+BAAuB,UAAU;AAAA,MACnC;AAAA,IACF,GAAG,GAAG;AAAA,EACR,GAAG,CAAC,eAAe,eAAe,QAAQ,SAAS,SAAS,CAAC;AAE7D,cAAY;AAAA,IACV,cAAc,CAAC,QAAQ;AAAA,IACvB,eAAe;AAAA,IACf,YAAY;AAAA,EACd,CAAC;AAMD,SAAO;AAAA;AAAA,IAEL,GAAG;AAAA;AAAA,IAGH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA;AAAA,IAGA;AAAA,IACA;AAAA,IACA;AAAA;AAAA,IAGA,GAAG;AAAA;AAAA,IAGH,yBAAyB;AAAA;AAAA,IAGzB,cAAc,UAAU;AAAA,IACxB,kBAAkB,UAAU;AAAA,IAC5B,4BAA4B,UAAU;AAAA,EACxC;AACF,GA3W2B;;;AmBf3B,IAAAC,iBAAsC;AA6C/B,IAAM,gBAAgB,wBAAC,UAAgC,CAAC,MAA2B;AACxF,QAAM,EAAE,WAAW,WAAW,SAAS,eAAe,aAAa,eAAe,MAAM,IAAI;AAC5F,QAAM,SAAS,aAAa;AAE5B,QAAM,CAAC,WAAW,YAAY,QAAI,yBAAS,KAAK;AAChD,QAAM,CAAC,OAAO,QAAQ,QAAI,yBAAwB,IAAI;AAKtD,QAAM,sBAAkB,4BAAY,YAAY;AAC9C,iBAAa,IAAI;AACjB,aAAS,IAAI;AAEb,QAAI;AACF,iBAAW,KAAK,+BAA+B;AAG/C,gBAAU,iDAAuC;AAAA,QAC/C;AAAA,QACA,OAAO;AAAA,MACT,CAAC;AAID,YAAM,SAAS,MAAM,iBAAiB,sCAAsC;AAAA,QAC1E,MAAM;AAAA,UACJ,YAAY,cAAc,OAAO,WAAW,cAAc,OAAO,SAAS,OAAO;AAAA,QACnF;AAAA,QACA,cAAc;AAAA,MAChB,CAAC;AACD,YAAM,WAAW,OAAO;AAExB,UAAI,CAAC,SAAS,mBAAmB;AAC/B,cAAM,IAAI,MAAM,iCAAiC;AAAA,MACnD;AAEA,iBAAW,KAAK,4BAA4B,SAAS,iBAAiB;AAEtE,UAAI,OAAO,WAAW,aAAa;AACjC,uBAAe,QAAQ,eAAe,SAAS,KAAK;AACpD,uBAAe,QAAQ,kBAAkB,QAAQ;AAAA,MACnD;AAEA,aAAO,SAAS,OAAO,SAAS;AAAA,IAElC,SAAS,KAAK;AACZ,YAAM,eAAe,eAAe,QAAQ,IAAI,UAAU;AAC1D,iBAAW,MAAM,6BAA6B,GAAG;AACjD,eAAS,YAAY;AACrB,gBAAU,YAAY;AAGtB,gBAAU,+CAAsC;AAAA,QAC9C;AAAA,QACA,OAAO;AAAA,MACT,CAAC;AAAA,IACH,UAAE;AACA,mBAAa,KAAK;AAAA,IACpB;AAAA,EACF,GAAG,CAAC,WAAW,OAAO,CAAC;AAQvB,QAAM,2BAAuB,4BAAY,OAAO,MAAc,UAAkB;AAC9E,iBAAa,IAAI;AACjB,aAAS,IAAI;AAEb,QAAI;AACF,iBAAW,KAAK,qCAAqC;AAGrD,UAAI,OAAO,WAAW,aAAa;AACjC,cAAM,cAAc,eAAe,QAAQ,aAAa;AACxD,YAAI,eAAe,gBAAgB,OAAO;AACxC,gBAAM,IAAI,MAAM,4CAA4C;AAAA,QAC9D;AAEA,uBAAe,WAAW,aAAa;AACvC,uBAAe,WAAW,gBAAgB;AAAA,MAC5C;AAEA,YAAM,SAAS,MAAM,iBAAiB,qCAAqC;AAAA,QACzE,MAAM,EAAE,MAAM,MAAM;AAAA,QACpB,cAAc;AAAA,MAChB,CAAC;AACD,YAAM,WAAW,OAAO;AAGxB,UAAI,SAAS,gBAAgB,SAAS,YAAY;AAChD,mBAAW,KAAK,uCAAuC,SAAS,UAAU;AAG1E,kBAAU,iDAAuC;AAAA,UAC/C;AAAA,UACA,OAAO;AAAA,QACT,CAAC;AAGD,wBAAgB,SAAS,YAAY,SAAS,qBAAqB,KAAK;AACxE;AAAA,MACF;AAEA,UAAI,CAAC,SAAS,UAAU,CAAC,SAAS,SAAS;AACzC,cAAM,IAAI,MAAM,sCAAsC;AAAA,MACxD;AAEA,iBAAW,KAAK,kCAAkC,SAAS,IAAI;AAG/D,WAAK,WAAW,EAAE,QAAQ,SAAS,QAAQ,SAAS,SAAS,QAAQ,CAAC;AAGtE,gBAAU,qDAAyC;AAAA,QACjD;AAAA,QACA,OAAO;AAAA,MACT,CAAC;AAGD,UAAI,SAAS,MAAM,IAAI;AACrB,kBAAU,QAAQ,OAAO,SAAS,KAAK,EAAE,CAAC;AAAA,MAC5C;AAGA,kBAAY,SAAS,MAAM,SAAS,eAAe,KAAK;AAGxD,UAAI,CAAC,cAAc;AAEjB,cAAM,mBAAmB,eAAe;AACxC,eAAO,SAAS,gBAAgB;AAAA,MAClC;AAAA,IAEF,SAAS,KAAK;AACZ,YAAM,eAAe,eAAe,QAAQ,IAAI,UAAU;AAC1D,iBAAW,MAAM,gCAAgC,GAAG;AACpD,eAAS,YAAY;AACrB,gBAAU,YAAY;AAGtB,gBAAU,+CAAsC;AAAA,QAC9C;AAAA,QACA,OAAO;AAAA,MACT,CAAC;AAAA,IACH,UAAE;AACA,mBAAa,KAAK;AAAA,IACpB;AAAA,EACF,GAAG,CAAC,WAAW,SAAS,aAAa,MAAM,CAAC;AAE5C,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF,GA/J6B;;;AC7C7B,IAAAC,iBAAsC;AAsD/B,IAAM,oBAAoB,wBAC/B,UAAoC,CAAC,MACT;AAC5B,QAAM,EAAE,YAAY,QAAQ,IAAI;AAEhC,QAAM,CAAC,WAAW,YAAY,QAAI,yBAAS,KAAK;AAChD,QAAM,CAAC,OAAO,QAAQ,QAAI,yBAAwB,IAAI;AACtD,QAAM,CAAC,WAAW,YAAY,QAAI,yBAAoC,IAAI;AAC1E,QAAM,CAAC,aAAa,cAAc,QAAI,yBAA0B,IAAI;AACpE,QAAM,CAAC,oBAAoB,qBAAqB,QAAI,yBAAwB,IAAI;AAChF,QAAM,CAAC,WAAW,YAAY,QAAI,yBAA0D,MAAM;AAElG,QAAM,iBAAa,4BAAY,MAAM;AACnC,aAAS,IAAI;AAAA,EACf,GAAG,CAAC,CAAC;AAEL,QAAM,iBAAa,4BAAY,MAAM;AACnC,iBAAa,IAAI;AACjB,mBAAe,IAAI;AACnB,0BAAsB,IAAI;AAC1B,iBAAa,MAAM;AACnB,aAAS,IAAI;AAAA,EACf,GAAG,CAAC,CAAC;AAEL,QAAM,iBAAa,4BAAY,OAAO,eAA4D;AAChG,iBAAa,IAAI;AACjB,aAAS,IAAI;AACb,iBAAa,UAAU;AAEvB,QAAI;AACF,iBAAW,KAAK,uBAAuB;AAEvC,YAAM,SAAS,MAAM,aAAa,mBAAmB;AAAA,QACnD,MAAM,EAAE,aAAa,WAAW;AAAA,QAChC,cAAc;AAAA,MAChB,CAAC;AACD,YAAM,WAAW,OAAO;AAExB,YAAM,OAA2B;AAAA,QAC/B,UAAU,SAAS;AAAA,QACnB,QAAQ,SAAS;AAAA,QACjB,iBAAiB,SAAS;AAAA,QAC1B,cAAc,SAAS;AAAA,QACvB,WAAW,SAAS;AAAA,MACtB;AAEA,mBAAa,IAAI;AACjB,iBAAW,KAAK,oCAAoC,KAAK,WAAW,SAAS;AAE7E,aAAO;AAAA,IACT,SAAS,KAAK;AACZ,YAAM,eAAe,sBAAsB,KAAK,2BAA2B;AAC3E,iBAAW,MAAM,oBAAoB,GAAG;AACxC,eAAS,YAAY;AACrB,mBAAa,MAAM;AACnB,gBAAU,YAAY;AACtB,aAAO;AAAA,IACT,UAAE;AACA,mBAAa,KAAK;AAAA,IACpB;AAAA,EACF,GAAG,CAAC,OAAO,CAAC;AAEZ,QAAM,mBAAe,4BAAY,OAAO,SAA2C;AACjF,QAAI,CAAC,WAAW;AACd,YAAM,MAAM;AACZ,eAAS,GAAG;AACZ,gBAAU,GAAG;AACb,aAAO;AAAA,IACT;AACA,QAAI,CAAC,gBAAgB,IAAI,GAAG;AAC1B,YAAM,MAAM;AACZ,eAAS,GAAG;AACZ,gBAAU,GAAG;AACb,aAAO;AAAA,IACT;AAEA,iBAAa,IAAI;AACjB,aAAS,IAAI;AACb,iBAAa,YAAY;AAEzB,QAAI;AACF,iBAAW,KAAK,yBAAyB;AAEzC,YAAM,SAAS,MAAM,aAAa,0BAA0B;AAAA,QAC1D,MAAM,EAAE,WAAW,UAAU,UAAU,KAAK;AAAA,QAC5C,cAAc;AAAA,MAChB,CAAC;AACD,YAAM,WAAW,OAAO;AAExB,YAAM,QAAQ,SAAS;AACvB,qBAAe,KAAK;AACpB,4BAAsB,SAAS,oBAAoB;AACnD,mBAAa,UAAU;AAEvB,iBAAW,KAAK,gDAAgD,MAAM,MAAM;AAE5E,mBAAa,KAAK;AAClB,aAAO;AAAA,IACT,SAAS,KAAK;AACZ,YAAM,eAAe,sBAAsB,KAAK,iCAAiC;AACjF,iBAAW,MAAM,iCAAiC,GAAG;AACrD,eAAS,YAAY;AACrB,mBAAa,UAAU;AACvB,gBAAU,YAAY;AACtB,aAAO;AAAA,IACT,UAAE;AACA,mBAAa,KAAK;AAAA,IACpB;AAAA,EACF,GAAG,CAAC,WAAW,YAAY,OAAO,CAAC;AAEnC,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF,GA1HiC;;;ACtDjC,IAAAC,iBAAsC;AAoC/B,IAAM,qBAAqB,6BAAgC;AAChE,QAAM,CAAC,WAAW,YAAY,QAAI,yBAAS,KAAK;AAChD,QAAM,CAAC,OAAO,QAAQ,QAAI,yBAAwB,IAAI;AACtD,QAAM,CAAC,eAAe,gBAAgB,QAAI,yBAAyB,IAAI;AACvE,QAAM,CAAC,SAAS,UAAU,QAAI,yBAA4B,CAAC,CAAC;AAE5D,QAAM,iBAAa,4BAAY,MAAM;AACnC,aAAS,IAAI;AAAA,EACf,GAAG,CAAC,CAAC;AAEL,QAAM,kBAAc,4BAAY,YAA2B;AACzD,iBAAa,IAAI;AACjB,aAAS,IAAI;AAEb,QAAI;AACF,iBAAW,KAAK,wBAAwB;AAGxC,YAAM,SAAS,MAAM,QAAQ,uBAAuB,EAAE,cAAc,KAAK,CAAC;AAC1E,YAAM,WAAW,OAAO;AAExB,YAAM,gBAAmC,SAAS,QAAQ,IAAI,CAAC,YAAY;AAAA,QACzE,IAAI,OAAO;AAAA,QACX,MAAM,OAAO;AAAA,QACb,WAAW,OAAO;AAAA,QAClB,YAAY,OAAO,gBAAgB;AAAA,QACnC,WAAW,OAAO;AAAA,MACpB,EAAE;AAEF,iBAAW,aAAa;AACxB,uBAAiB,SAAS,eAAe;AAEzC,iBAAW,KAAK,eAAe,SAAS,kBAAkB,YAAY,UAAU;AAAA,IAClF,SAAS,KAAK;AACZ,YAAM,eAAe,sBAAsB,KAAK,4BAA4B;AAC5E,iBAAW,MAAM,+BAA+B,GAAG;AACnD,eAAS,YAAY;AAAA,IACvB,UAAE;AACA,mBAAa,KAAK;AAAA,IACpB;AAAA,EACF,GAAG,CAAC,CAAC;AAEL,QAAM,iBAAa,4BAAY,OAAO,SAAmC;AACvE,QAAI,CAAC,gBAAgB,IAAI,GAAG;AAC1B,eAAS,6BAA6B;AACtC,aAAO;AAAA,IACT;AAEA,iBAAa,IAAI;AACjB,aAAS,IAAI;AAEb,QAAI;AACF,iBAAW,KAAK,kBAAkB;AAElC,YAAM,QAAQ,qBAAqB,EAAE,MAAM,EAAE,KAAK,GAAG,cAAc,KAAK,CAAC;AAEzE,uBAAiB,KAAK;AACtB,iBAAW,CAAC,CAAC;AAEb,iBAAW,KAAK,2BAA2B;AAC3C,aAAO;AAAA,IACT,SAAS,KAAc;AACrB,YAAM,eAAe,sBAAsB,KAAK,2BAA2B;AAC3E,iBAAW,MAAM,0BAA0B,GAAG;AAC9C,eAAS,YAAY;AACrB,aAAO;AAAA,IACT,UAAE;AACA,mBAAa,KAAK;AAAA,IACpB;AAAA,EACF,GAAG,CAAC,CAAC;AAEL,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF,GAhFkC;;;ACiB3B,IAAM,eAAe,wBAAC,UAA+B,CAAC,MAA0B;AACrF,QAAM,SAAS,mBAAmB,QAAQ,MAAM;AAChD,QAAM,QAAQ,kBAAkB,QAAQ,KAAK;AAC7C,QAAM,SAAS,mBAAmB;AAElC,SAAO,EAAE,QAAQ,OAAO,OAAO;AACjC,GAN4B;;;ACrD5B,IAAAC,iBAAoC;AAU7B,SAAS,gBAAmB,KAAa,cAAiB;AAE/D,QAAM,CAAC,aAAa,cAAc,QAAI,yBAAY,MAAM;AACtD,QAAI,OAAO,WAAW,aAAa;AACjC,aAAO;AAAA,IACT;AAEA,QAAI;AACF,YAAM,OAAO,OAAO,aAAa,QAAQ,GAAG;AAC5C,UAAI,SAAS,MAAM;AACjB,eAAO;AAAA,MACT;AAGA,UAAI;AACF,eAAO,KAAK,MAAM,IAAI;AAAA,MACxB,QAAQ;AAEN,eAAO;AAAA,MACT;AAAA,IACF,SAAS,OAAO;AACd,iBAAW,MAAM,mCAAmC,GAAG,MAAM,KAAK;AAClE,aAAO;AAAA,IACT;AAAA,EACF,CAAC;AAGD,QAAM,gBAAgB,wBAAC,SAAuB;AAC5C,QAAI;AACF,YAAM,aAAa,KAAK,UAAU,IAAI;AACtC,YAAM,cAAc,IAAI,KAAK,CAAC,UAAU,CAAC,EAAE;AAC3C,YAAM,WAAW,cAAc;AAG/B,UAAI,WAAW,MAAM;AACnB,mBAAW,KAAK,cAAc,SAAS,QAAQ,CAAC,CAAC,kCAAkC,GAAG,GAAG;AACzF,eAAO;AAAA,MACT;AAEA,aAAO;AAAA,IACT,SAAS,OAAO;AACd,iBAAW,MAAM,qCAAqC,GAAG,MAAM,KAAK;AACpE,aAAO;AAAA,IACT;AAAA,EACF,GAjBsB;AAoBtB,QAAM,eAAe,6BAAM;AACzB,QAAI;AACF,YAAM,OAAO,OAAO,KAAK,YAAY,EAAE,OAAO,CAAAC,SAAOA,QAAO,OAAOA,SAAQ,QAAQ;AAEnF,UAAI,KAAK,SAAS,IAAI;AACpB,cAAM,gBAAgB,KAAK,KAAK,KAAK,SAAS,GAAG;AACjD,iBAAS,IAAI,GAAG,IAAI,eAAe,KAAK;AACtC,cAAI;AACF,kBAAMA,OAAM,KAAK,CAAC;AAClB,gBAAIA,MAAK;AACP,2BAAa,WAAWA,IAAG;AAC3B,2BAAa,WAAW,GAAGA,IAAG,YAAY;AAAA,YAC5C;AAAA,UACF,QAAQ;AAAA,UAER;AAAA,QACF;AAAA,MACF;AAAA,IACF,SAAS,OAAO;AACd,iBAAW,MAAM,yCAAyC,KAAK;AAAA,IACjE;AAAA,EACF,GArBqB;AAwBrB,QAAM,gBAAgB,6BAAM;AAC1B,QAAI;AACF,YAAM,OAAO,OAAO,KAAK,YAAY;AACrC,iBAAWA,QAAO,MAAM;AACtB,YAAI;AACF,uBAAa,WAAWA,IAAG;AAAA,QAC7B,QAAQ;AAAA,QAER;AAAA,MACF;AAAA,IACF,SAAS,OAAO;AACd,iBAAW,MAAM,sCAAsC,KAAK;AAAA,IAC9D;AAAA,EACF,GAbsB;AAgBtB,QAAM,WAAW,wBAAC,UAA+B;AAC/C,QAAI;AACF,YAAM,eAAe,iBAAiB,WAAW,MAAM,WAAW,IAAI;AAGtE,UAAI,CAAC,cAAc,YAAY,GAAG;AAChC,mBAAW,KAAK,gCAAgC,GAAG,iBAAiB;AAEpE,YAAI;AACF,iBAAO,aAAa,WAAW,GAAG;AAClC,iBAAO,aAAa,WAAW,GAAG,GAAG,YAAY;AAAA,QACnD,QAAQ;AAAA,QAER;AAEA,uBAAe,YAAY;AAC3B;AAAA,MACF;AAEA,qBAAe,YAAY;AAE3B,UAAI,OAAO,WAAW,aAAa;AAEjC,YAAI;AAEF,cAAI,OAAO,iBAAiB,UAAU;AACpC,mBAAO,aAAa,QAAQ,KAAK,YAAY;AAAA,UAC/C,OAAO;AACL,mBAAO,aAAa,QAAQ,KAAK,KAAK,UAAU,YAAY,CAAC;AAAA,UAC/D;AAEA,iBAAO,aAAa,QAAQ,GAAG,GAAG,cAAc,KAAK,IAAI,EAAE,SAAS,CAAC;AAAA,QACvE,SAAS,cAAmB;AAE1B,cAAI,aAAa,SAAS,wBACtB,aAAa,SAAS,MACtB,aAAa,SAAS,SAAS,OAAO,GAAG;AAC3C,uBAAW,KAAK,mDAAmD;AACnE,yBAAa;AAGb,gBAAI;AAEF,kBAAI,OAAO,iBAAiB,UAAU;AACpC,uBAAO,aAAa,QAAQ,KAAK,YAAY;AAAA,cAC/C,OAAO;AACL,uBAAO,aAAa,QAAQ,KAAK,KAAK,UAAU,YAAY,CAAC;AAAA,cAC/D;AACA,qBAAO,aAAa,QAAQ,GAAG,GAAG,cAAc,KAAK,IAAI,EAAE,SAAS,CAAC;AAAA,YACvE,SAAS,YAAY;AACnB,yBAAW,MAAM,mCAAmC,GAAG,8BAA8B,UAAU;AAE/F,kBAAI;AACF,8BAAc;AAEd,oBAAI,OAAO,iBAAiB,UAAU;AACpC,yBAAO,aAAa,QAAQ,KAAK,YAAY;AAAA,gBAC/C,OAAO;AACL,yBAAO,aAAa,QAAQ,KAAK,KAAK,UAAU,YAAY,CAAC;AAAA,gBAC/D;AACA,uBAAO,aAAa,QAAQ,GAAG,GAAG,cAAc,KAAK,IAAI,EAAE,SAAS,CAAC;AAAA,cACvE,SAAS,YAAY;AACnB,2BAAW,MAAM,mCAAmC,GAAG,2BAA2B,UAAU;AAE5F,+BAAe,YAAY;AAAA,cAC7B;AAAA,YACF;AAAA,UACF,OAAO;AACL,kBAAM;AAAA,UACR;AAAA,QACF;AAAA,MACF;AAAA,IACF,SAAS,OAAO;AACd,iBAAW,MAAM,mCAAmC,GAAG,MAAM,KAAK;AAElE,YAAM,eAAe,iBAAiB,WAAW,MAAM,WAAW,IAAI;AACtE,qBAAe,YAAY;AAAA,IAC7B;AAAA,EACF,GA9EiB;AAiFjB,QAAM,cAAc,6BAAM;AACxB,QAAI;AACF,qBAAe,YAAY;AAC3B,UAAI,OAAO,WAAW,aAAa;AACjC,YAAI;AACF,iBAAO,aAAa,WAAW,GAAG;AAClC,iBAAO,aAAa,WAAW,GAAG,GAAG,YAAY;AAAA,QACnD,SAAS,aAAkB;AAEzB,cAAI,YAAY,SAAS,wBACrB,YAAY,SAAS,MACrB,YAAY,SAAS,SAAS,OAAO,GAAG;AAC1C,uBAAW,KAAK,kEAAkE;AAClF,yBAAa;AAEb,gBAAI;AACF,qBAAO,aAAa,WAAW,GAAG;AAClC,qBAAO,aAAa,WAAW,GAAG,GAAG,YAAY;AAAA,YACnD,SAAS,YAAY;AACnB,yBAAW,MAAM,sCAAsC,GAAG,qBAAqB,UAAU;AAEzF,4BAAc;AAAA,YAChB;AAAA,UACF,OAAO;AACL,kBAAM;AAAA,UACR;AAAA,QACF;AAAA,MACF;AAAA,IACF,SAAS,OAAO;AACd,iBAAW,MAAM,oCAAoC,GAAG,MAAM,KAAK;AAAA,IACrE;AAAA,EACF,GA/BoB;AAiCpB,SAAO,CAAC,aAAa,UAAU,WAAW;AAC5C;AA1MgB;;;ACKT,SAAS,aAAa,MAAsB;AACjD,MAAI,OAAO;AACT,WAAO;AAAA,EACT;AAEA,MAAI;AAEF,QAAI,OAAO,WAAW,aAAa;AACjC,aAAO,KAAK,mBAAmB,IAAI,EAAE,QAAQ,mBAAmB,CAAC,GAAG,OAAO;AACzE,eAAO,OAAO,aAAa,SAAS,IAAI,EAAE,CAAC;AAAA,MAC7C,CAAC,CAAC;AAAA,IACJ;AAEA,WAAO,OAAO,KAAK,MAAM,OAAO,EAAE,SAAS,QAAQ;AAAA,EACrD,SAAS,OAAO;AACd,YAAQ,MAAM,0BAA0B,KAAK;AAC7C,WAAO;AAAA,EACT;AACF;AAlBgB;AAyBT,SAAS,aAAa,SAAyB;AACpD,MAAI,OAAO;AACT,WAAO;AAAA,EACT;AAEA,MAAI;AAEF,QAAI,OAAO,WAAW,aAAa;AACjC,YAAM,SAAS,KAAK,OAAO;AAC3B,YAAM,QAAQ,IAAI,WAAW,OAAO,MAAM;AAC1C,eAAS,IAAI,GAAG,IAAI,OAAO,QAAQ,KAAK;AACtC,cAAM,CAAC,IAAI,OAAO,WAAW,CAAC;AAAA,MAChC;AACA,aAAO;AAAA,QACL,MAAM,KAAK,KAAK,EACb,IAAI,UAAQ,OAAO,OAAO,KAAK,SAAS,EAAE,GAAG,MAAM,EAAE,CAAC,EACtD,KAAK,EAAE;AAAA,MACZ;AAAA,IACF;AAEA,WAAO,OAAO,KAAK,SAAS,QAAQ,EAAE,SAAS,OAAO;AAAA,EACxD,SAAS,OAAO;AACd,YAAQ,MAAM,0BAA0B,KAAK;AAC7C,WAAO;AAAA,EACT;AACF;AAzBgB;AA+BT,SAAS,YAAY;AAC1B,SAAO;AAAA,IACL,QAAQ;AAAA,IACR,QAAQ;AAAA,IACR;AAAA,EACF;AACF;AANgB;;;ACzDhB,IAAM,YAAY;AAClB,IAAM,gBAAgB;AACtB,IAAM,cAAc;AAkBb,SAAS,mBAAgC;AAC9C,MAAI;AACF,QAAI,OAAO,WAAW,YAAa,QAAO;AAE1C,UAAM,SAAS,aAAa,QAAQ,SAAS;AAC7C,QAAI,CAAC,QAAQ;AACX,iBAAc,MAAM,yBAAyB;AAC7C,aAAO;AAAA,IACT;AAGA,UAAM,UAAU,aAAa,MAAM;AACnC,UAAM,aAA4B,KAAK,MAAM,OAAO;AAGpD,QAAI,WAAW,YAAY,eAAe;AACxC,iBAAc,KAAK,wCAAwC;AAC3D,wBAAkB;AAClB,aAAO;AAAA,IACT;AAGA,UAAM,MAAM,KAAK,IAAI;AACrB,UAAM,MAAM,MAAM,WAAW;AAC7B,QAAI,MAAM,WAAW,KAAK;AACxB,iBAAc,KAAK,yBAAyB;AAC5C,wBAAkB;AAClB,aAAO;AAAA,IACT;AAEA,eAAc,MAAM,mBAAmB,KAAK,MAAM,MAAM,GAAI,GAAG,SAAS;AACxE,WAAO,WAAW;AAAA,EACpB,SAAS,OAAO;AACd,eAAc,MAAM,wBAAwB,KAAK;AACjD,sBAAkB;AAClB,WAAO;AAAA,EACT;AACF;AArCgB;AA4CT,SAAS,iBAAiB,SAAe,SAAqC;AACnF,MAAI;AACF,QAAI,OAAO,WAAW,YAAa;AAEnC,UAAM,aAA4B;AAAA,MAChC,SAAS;AAAA,MACT,MAAM;AAAA,MACN,WAAW,KAAK,IAAI;AAAA,MACpB,KAAK,SAAS,OAAO;AAAA,IACvB;AAGA,UAAM,UAAU,aAAa,KAAK,UAAU,UAAU,CAAC;AACvD,iBAAa,QAAQ,WAAW,OAAO;AACvC,eAAc,MAAM,wBAAwB,WAAW,MAAM,KAAM,SAAS;AAAA,EAC9E,SAAS,OAAO;AACd,eAAc,MAAM,wBAAwB,KAAK;AAAA,EACnD;AACF;AAlBgB;AAuBT,SAAS,oBAA0B;AACxC,MAAI;AACF,QAAI,OAAO,WAAW,YAAa;AACnC,iBAAa,WAAW,SAAS;AACjC,eAAc,MAAM,eAAe;AAAA,EACrC,SAAS,OAAO;AACd,eAAc,MAAM,yBAAyB,KAAK;AAAA,EACpD;AACF;AARgB;AAaT,SAAS,gBAAyB;AACvC,SAAO,iBAAiB,MAAM;AAChC;AAFgB;AAOT,SAAS,mBAKP;AACP,MAAI;AACF,QAAI,OAAO,WAAW,YAAa,QAAO;AAE1C,UAAM,SAAS,aAAa,QAAQ,SAAS;AAC7C,QAAI,CAAC,OAAQ,QAAO,EAAE,QAAQ,MAAM;AAGpC,UAAM,UAAU,aAAa,MAAM;AACnC,UAAM,aAA4B,KAAK,MAAM,OAAO;AACpD,UAAM,MAAM,KAAK,IAAI;AACrB,UAAM,MAAM,MAAM,WAAW;AAC7B,UAAM,YAAY,WAAW,MAAM;AAEnC,WAAO;AAAA,MACL,QAAQ;AAAA,MACR;AAAA,MACA,KAAK,WAAW;AAAA,MAChB,WAAW,KAAK,IAAI,GAAG,SAAS;AAAA,IAClC;AAAA,EACF,SAAS,OAAO;AACd,eAAc,MAAM,2BAA2B,KAAK;AACpD,WAAO;AAAA,EACT;AACF;AA7BgB;;;ACzHhB,IAAAC,iBAAsC;AA0C/B,IAAM,mBAAmB,6BAA8B;AAC5D,QAAM,CAAC,WAAW,YAAY,QAAI,yBAAS,KAAK;AAChD,QAAM,CAAC,OAAO,QAAQ,QAAI,yBAAwB,IAAI;AACtD,QAAM,EAAE,OAAO,IAAI,QAAQ;AAE3B,QAAM,iBAAa,4BAAY,MAAM;AACnC,aAAS,IAAI;AAAA,EACf,GAAG,CAAC,CAAC;AAKL,QAAM,oBAAgB,4BAAY,YAA0C;AAC1E,iBAAa,IAAI;AACjB,aAAS,IAAI;AAEb,QAAI;AACF,iBAAW,KAAK,qBAAqB;AAErC,YAAM,SAAS,MAAM,mBAAmB,+BAA+B,EAAE,cAAc,KAAK,CAAC;AAC7F,YAAM,WAAW,OAAO;AAExB,UAAI,CAAC,SAAS,SAAS;AACrB,mBAAW,MAAM,6BAA6B,SAAS,OAAO;AAC9D,iBAAS,SAAS,OAAO;AACzB,cAAM,IAAI,MAAM,SAAS,OAAO;AAAA,MAClC;AAAA,IAEF,SAASC,QAAO;AACd,iBAAW,MAAM,6BAA6BA,MAAK;AACnD,YAAMA;AAAA,IACR,UAAE;AACA,mBAAa,KAAK;AAAA,IACpB;AAIA,UAAM,OAAO;AACb,WAAO,EAAE,SAAS,MAAM,SAAS,+BAA+B;AAAA,EAClE,GAAG,CAAC,CAAC;AAEL,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF,GA/CgC;;;AC7BhC,IAAAC,iBAEO;;;ACXP,sBAA2B;;;ACF3B,iBAAkB;AAEX,IAAM,yBAAyB,aAAE,OAAO;AAAA,EAC7C,KAAK,aAAE,OAAO;AAAA,EACd,aAAa,aAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,KAAK,CAAC;AACnD,CAAC;;;ACHD,iBAAmB;;;ACFnB,IAAAC,cAAkB;AAEX,IAAM,eAAe,cAAE,OAAO;AAAA,EACnC,KAAK,cAAE,OAAO;AAAA,EACd,aAAa,cAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,KAAK,CAAC,EAAE,SAAS;AAAA,EAC5D,YAAY,cAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,KAAK,CAAC;AAClD,CAAC;;;ACJD,IAAAC,mBAA2B;;;ACF3B,IAAAC,cAAkB;AAEX,IAAM,qBAAqB,cAAE,OAAO;AAAA,EACzC,KAAK,cAAE,OAAO;AAAA,EACd,YAAY,cAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,KAAK,CAAC;AAAA,EAChD,aAAa,cAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,KAAK,CAAC,EAAE,SAAS;AAC9D,CAAC;;;ACJD,IAAAC,mBAA2B;;;ACF3B,IAAAC,cAAkB;AAEX,IAAM,yBAAyB,cAAE,OAAO;AAAA,EAC7C,OAAO,cAAE,QAAQ;AAAA,EACjB,SAAS,cAAE,OAAO,EAAE,SAAS;AAC/B,CAAC;;;ACHD,IAAAC,cAAmB;;;ACFnB,IAAAC,cAAkB;;;ACAlB,IAAAC,cAAkB;;;ACAlB,IAAAC,cAAkB;AAEX,IAAM,0BAA0B,cAAE,KAAK,CAAC,QAAQ,CAAC;;;ADCjD,IAAM,wBAAwB,cAAE,OAAO;AAAA,EAC5C,IAAI,cAAE,OAAO,EAAE,IAAI;AAAA,EACnB,UAAU;AAAA,EACV,kBAAkB,cAAE,OAAO;AAAA,EAC3B,mBAAmB,cAAE,OAAO;AAAA,EAC5B,gBAAgB,cAAE,MAAM;AAAA,EACxB,qBAAqB,cAAE,OAAO;AAAA,EAC9B,cAAc,cAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,KAAK,CAAC;AAAA,EAClD,eAAe,cAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,KAAK,CAAC;AACrD,CAAC;;;ADTM,IAAM,4DAA4D,cAAE,MAAM,qBAAqB;;;AGDtG,IAAAC,mBAA2B;;;ACF3B,IAAAC,cAAkB;AAEX,IAAM,2DAA2D,cAAE,OAAO;AAAA,EAC/E,SAAS,cAAE,OAAO,EAAE,SAAS;AAC/B,CAAC;;;ACFD,IAAAC,mBAA2B;;;ACF3B,IAAAC,cAAkB;AAEX,IAAM,+BAA+B,cAAE,OAAO;AAAA,EACnD,mBAAmB,cAAE,OAAO;AAAA,EAC5B,OAAO,cAAE,OAAO;AAClB,CAAC;;;ACHD,IAAAC,mBAA2B;;;ACF3B,IAAAC,eAAkB;AAEX,IAAM,2BAA2B,eAAE,OAAO;AAAA,EAC/C,cAAc,eAAE,QAAQ,EAAE,QAAQ,KAAK,EAAE,SAAS;AAAA,EAClD,YAAY,eAAE,OAAO,EAAE,MAAM,iEAAiE,EAAE,SAAS,EAAE,SAAS;AAAA,EACpH,QAAQ,eAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,EACvC,SAAS,eAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,EACxC,MAAM,eAAE,OAAO,CAAC,CAAC,EAAE,YAAY,EAAE,SAAS,EAAE,SAAS;AAAA,EACrD,aAAa,eAAE,QAAQ,EAAE,QAAQ,KAAK,EAAE,SAAS;AAAA,EACjD,mBAAmB,eAAE,QAAQ,EAAE,QAAQ,KAAK,EAAE,SAAS;AAAA,EACvD,mBAAmB,eAAE,QAAQ,EAAE,SAAS;AAC1C,CAAC;;;ACTD,IAAAC,cAAmB;;;ACFnB,IAAAC,eAAkB;AAEX,IAAM,+BAA+B,eAAE,OAAO;AAAA,EACnD,WAAW,eAAE,MAAM,eAAE,OAAO,CAAC,CAAC,EAAE,YAAY,CAAC;AAC/C,CAAC;;;ACFD,IAAAC,mBAA2B;;;ACF3B,IAAAC,eAAkB;;;ACAlB,IAAAC,eAAkB;;;ACAlB,IAAAC,eAAkB;AAEX,IAAM,gCAAgC,eAAE,KAAK,CAAC,SAAS,WAAW,SAAS,UAAU,UAAU,QAAQ,OAAO,YAAY,OAAO,WAAW,WAAW,UAAU,WAAW,MAAM,WAAW,QAAQ,UAAU,SAAS,QAAQ,UAAU,WAAW,UAAU,SAAS,SAAS,WAAW,UAAU,YAAY,UAAU,WAAW,WAAW,KAAK,CAAC;;;ADCxV,IAAM,oBAAoB,eAAE,OAAO;AAAA,EACxC,UAAU;AAAA,EACV,eAAe,eAAE,OAAO;AAAA,EACxB,KAAK,eAAE,OAAO;AAAA,EACd,WAAW,eAAE,QAAQ;AACvB,CAAC;;;ADLM,IAAM,2BAA2B,eAAE,OAAO;AAAA,EAC/C,SAAS,eAAE,OAAO;AAAA,EAClB,SAAS,kBAAkB,SAAS,EAAE,SAAS;AACjD,CAAC;;;ADKM,SAAS,+BACd,QACA;AACA,aAAO,iBAAAC;AAAA,IACL,CAAC,iCAAiC;AAAA,IAClC,OAAO,MAAM,EAAE,IAAI,MAAqB;AACtC,YAAM,MAAM,MAAM,YAAY,4BAA4B,EAAE,GAAG,KAAK,cAAc,KAAK,CAAU;AACjG,YAAM,OAAO,IAAI;AACjB,YAAM,SAAS,yBAAyB,UAAU,IAAI;AACtD,UAAI,CAAC,OAAO,SAAS;AAGnB,gBAAQ;AAAA,UACN;AAAA,UACA;AAAA,YACE,WAAW;AAAA,YACX,QAAQ;AAAA,YACR,MAAM;AAAA,YACN,QAAQ,OAAO,MAAM;AAAA,YACrB;AAAA,UACF;AAAA,QACF;AACA,YAAI,OAAO,WAAW,aAAa;AACjC,cAAI;AACF,mBAAO;AAAA,cACL,IAAI,YAAY,wBAAwB;AAAA,gBACtC,QAAQ;AAAA,kBACN,WAAW;AAAA,kBACX,QAAQ;AAAA,kBACR,MAAM;AAAA,kBACN,QAAQ,OAAO,MAAM;AAAA,kBACrB;AAAA,kBACA,WAAW,oBAAI,KAAK;AAAA,gBACtB;AAAA,gBACA,SAAS;AAAA,gBACT,YAAY;AAAA,cACd,CAAC;AAAA,YACH;AAAA,UACF,QAAQ;AAAA,UAER;AAAA,QACF;AACA,eAAO;AAAA,MACT;AACA,aAAO,OAAO;AAAA,IAChB;AAAA,IACA;AAAA,EACF;AACF;AAhDgB;;;AIThB,IAAAC,mBAA2B;;;ACF3B,IAAAC,eAAkB;;;ACAlB,IAAAC,eAAkB;;;ACAlB,IAAAC,eAAkB;AAEX,IAAM,wBAAwB,eAAE,OAAO;AAAA,EAC5C,OAAO,eAAE,OAAO;AAAA,EAChB,gBAAgB,eAAE,OAAO;AAAA,EACzB,YAAY,eAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,KAAK,CAAC;AAAA,EAChD,UAAU,eAAE,MAAM,eAAE,OAAO,CAAC;AAC9B,CAAC;;;ADJM,IAAM,aAAa,eAAE,OAAO;AAAA,EACjC,IAAI,eAAE,OAAO,EAAE,IAAI;AAAA,EACnB,OAAO,eAAE,MAAM;AAAA,EACf,YAAY,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS,EAAE,SAAS;AAAA,EACnD,WAAW,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS,EAAE,SAAS;AAAA,EAClD,WAAW,eAAE,OAAO;AAAA,EACpB,UAAU,eAAE,OAAO;AAAA,EACnB,kBAAkB,eAAE,OAAO;AAAA,EAC3B,SAAS,eAAE,OAAO,EAAE,IAAI,GAAG,EAAE,SAAS,EAAE,SAAS;AAAA,EACjD,OAAO,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS,EAAE,SAAS;AAAA,EAC9C,UAAU,eAAE,OAAO,EAAE,IAAI,GAAG,EAAE,SAAS,EAAE,SAAS;AAAA,EAClD,UAAU,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS,EAAE,SAAS;AAAA,EACjD,UAAU,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS,EAAE,SAAS;AAAA,EACjD,QAAQ,eAAE,OAAO,EAAE,SAAS;AAAA,EAC5B,UAAU,eAAE,QAAQ;AAAA,EACpB,cAAc,eAAE,QAAQ;AAAA,EACxB,aAAa,eAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,KAAK,CAAC;AAAA,EACjD,YAAY,eAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,KAAK,CAAC,EAAE,SAAS;AAAA,EAC3D,2BAA2B,eAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,CAAC;AAAA,EACrD,YAAY,sBAAsB,SAAS;AAAA,EAC3C,SAAS,eAAE,OAAO,EAAE,SAAS;AAC/B,CAAC;;;ADrBM,IAAM,0BAA0B,eAAE,OAAO;AAAA,EAC9C,cAAc,eAAE,QAAQ,EAAE,QAAQ,KAAK,EAAE,SAAS;AAAA,EAClD,YAAY,eAAE,OAAO,EAAE,MAAM,iEAAiE,EAAE,SAAS,EAAE,SAAS;AAAA,EACpH,SAAS,eAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,EACxC,QAAQ,eAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,EACvC,MAAM,WAAW,SAAS,EAAE,SAAS;AAAA,EACrC,mBAAmB,eAAE,QAAQ,EAAE,SAAS;AAC1C,CAAC;;;ADCM,SAAS,8BACd,QACA;AACA,aAAO,iBAAAC;AAAA,IACL,CAAC,gCAAgC;AAAA,IACjC,OAAO,MAAM,EAAE,IAAI,MAAqB;AACtC,YAAM,MAAM,MAAM,YAAY,2BAA2B,EAAE,GAAG,KAAK,cAAc,KAAK,CAAU;AAChG,YAAM,OAAO,IAAI;AACjB,YAAM,SAAS,wBAAwB,UAAU,IAAI;AACrD,UAAI,CAAC,OAAO,SAAS;AAGnB,gBAAQ;AAAA,UACN;AAAA,UACA;AAAA,YACE,WAAW;AAAA,YACX,QAAQ;AAAA,YACR,MAAM;AAAA,YACN,QAAQ,OAAO,MAAM;AAAA,YACrB;AAAA,UACF;AAAA,QACF;AACA,YAAI,OAAO,WAAW,aAAa;AACjC,cAAI;AACF,mBAAO;AAAA,cACL,IAAI,YAAY,wBAAwB;AAAA,gBACtC,QAAQ;AAAA,kBACN,WAAW;AAAA,kBACX,QAAQ;AAAA,kBACR,MAAM;AAAA,kBACN,QAAQ,OAAO,MAAM;AAAA,kBACrB;AAAA,kBACA,WAAW,oBAAI,KAAK;AAAA,gBACtB;AAAA,gBACA,SAAS;AAAA,gBACT,YAAY;AAAA,cACd,CAAC;AAAA,YACH;AAAA,UACF,QAAQ;AAAA,UAER;AAAA,QACF;AACA,eAAO;AAAA,MACT;AACA,aAAO,OAAO;AAAA,IAChB;AAAA,IACA;AAAA,EACF;AACF;AAhDgB;;;AIThB,IAAAC,mBAA2B;AASpB,SAAS,kCACd,QACA;AACA,aAAO,iBAAAC;AAAA,IACL,CAAC,oCAAoC;AAAA,IACrC,OAAO,MAAM,EAAE,IAAI,MAAqB;AACtC,YAAM,MAAM,MAAM,mBAAmB,+BAA+B,EAAE,GAAG,KAAK,cAAc,KAAK,CAAU;AAC3G,YAAM,OAAO,IAAI;AACjB,YAAM,SAAS,WAAW,UAAU,IAAI;AACxC,UAAI,CAAC,OAAO,SAAS;AAGnB,gBAAQ;AAAA,UACN;AAAA,UACA;AAAA,YACE,WAAW;AAAA,YACX,QAAQ;AAAA,YACR,MAAM;AAAA,YACN,QAAQ,OAAO,MAAM;AAAA,YACrB;AAAA,UACF;AAAA,QACF;AACA,YAAI,OAAO,WAAW,aAAa;AACjC,cAAI;AACF,mBAAO;AAAA,cACL,IAAI,YAAY,wBAAwB;AAAA,gBACtC,QAAQ;AAAA,kBACN,WAAW;AAAA,kBACX,QAAQ;AAAA,kBACR,MAAM;AAAA,kBACN,QAAQ,OAAO,MAAM;AAAA,kBACrB;AAAA,kBACA,WAAW,oBAAI,KAAK;AAAA,gBACtB;AAAA,gBACA,SAAS;AAAA,gBACT,YAAY;AAAA,cACd,CAAC;AAAA,YACH;AAAA,UACF,QAAQ;AAAA,UAER;AAAA,QACF;AACA,eAAO;AAAA,MACT;AACA,aAAO,OAAO;AAAA,IAChB;AAAA,IACA;AAAA,EACF;AACF;AAhDgB;;;ACThB,IAAAC,oBAA2B;;;ACF3B,IAAAC,eAAkB;AAEX,IAAM,8BAA8B,eAAE,OAAO;AAAA,EAClD,SAAS,eAAE,QAAQ;AAAA,EACnB,SAAS,eAAE,OAAO;AACpB,CAAC;;;ACHD,IAAAC,oBAA2B;;;ACA3B,IAAAC,oBAA2B;AASpB,SAAS,mCACd,QACA;AACA,aAAO,kBAAAC;AAAA,IACL,CAAC,qCAAqC;AAAA,IACtC,OAAO,MAAM,EAAE,IAAI,MAAqB;AACtC,YAAM,MAAM,MAAM,mBAAmB,gCAAgC,EAAE,GAAG,KAAK,cAAc,KAAK,CAAU;AAC5G,YAAM,OAAO,IAAI;AACjB,YAAM,SAAS,WAAW,UAAU,IAAI;AACxC,UAAI,CAAC,OAAO,SAAS;AAGnB,gBAAQ;AAAA,UACN;AAAA,UACA;AAAA,YACE,WAAW;AAAA,YACX,QAAQ;AAAA,YACR,MAAM;AAAA,YACN,QAAQ,OAAO,MAAM;AAAA,YACrB;AAAA,UACF;AAAA,QACF;AACA,YAAI,OAAO,WAAW,aAAa;AACjC,cAAI;AACF,mBAAO;AAAA,cACL,IAAI,YAAY,wBAAwB;AAAA,gBACtC,QAAQ;AAAA,kBACN,WAAW;AAAA,kBACX,QAAQ;AAAA,kBACR,MAAM;AAAA,kBACN,QAAQ,OAAO,MAAM;AAAA,kBACrB;AAAA,kBACA,WAAW,oBAAI,KAAK;AAAA,gBACtB;AAAA,gBACA,SAAS;AAAA,gBACT,YAAY;AAAA,cACd,CAAC;AAAA,YACH;AAAA,UACF,QAAQ;AAAA,UAER;AAAA,QACF;AACA,eAAO;AAAA,MACT;AACA,aAAO,OAAO;AAAA,IAChB;AAAA,IACA;AAAA,EACF;AACF;AAhDgB;;;ACThB,IAAAC,cAAmB;;;ACAnB,IAAAC,oBAA2B;;;ACA3B,IAAAC,oBAA2B;AASpB,SAAS,kCACd,QACA;AACA,aAAO,kBAAAC;AAAA,IACL,CAAC,oCAAoC;AAAA,IACrC,OAAO,MAAM,EAAE,IAAI,MAAqB;AACtC,YAAM,MAAM,MAAM,mBAAmB,+BAA+B,EAAE,GAAG,KAAK,cAAc,KAAK,CAAU;AAC3G,YAAM,OAAO,IAAI;AACjB,YAAM,SAAS,WAAW,UAAU,IAAI;AACxC,UAAI,CAAC,OAAO,SAAS;AAGnB,gBAAQ;AAAA,UACN;AAAA,UACA;AAAA,YACE,WAAW;AAAA,YACX,QAAQ;AAAA,YACR,MAAM;AAAA,YACN,QAAQ,OAAO,MAAM;AAAA,YACrB;AAAA,UACF;AAAA,QACF;AACA,YAAI,OAAO,WAAW,aAAa;AACjC,cAAI;AACF,mBAAO;AAAA,cACL,IAAI,YAAY,wBAAwB;AAAA,gBACtC,QAAQ;AAAA,kBACN,WAAW;AAAA,kBACX,QAAQ;AAAA,kBACR,MAAM;AAAA,kBACN,QAAQ,OAAO,MAAM;AAAA,kBACrB;AAAA,kBACA,WAAW,oBAAI,KAAK;AAAA,gBACtB;AAAA,gBACA,SAAS;AAAA,gBACT,YAAY;AAAA,cACd,CAAC;AAAA,YACH;AAAA,UACF,QAAQ;AAAA,UAER;AAAA,QACF;AACA,eAAO;AAAA,MACT;AACA,aAAO,OAAO;AAAA,IAChB;AAAA,IACA;AAAA,EACF;AACF;AAhDgB;;;ACThB,IAAAC,oBAA2B;;;ACA3B,IAAAC,oBAA2B;;;ACF3B,IAAAC,eAAkB;AAEX,IAAM,qBAAqB,eAAE,OAAO;AAAA,EACzC,QAAQ,eAAE,OAAO;AAAA,EACjB,SAAS,eAAE,OAAO;AACpB,CAAC;;;ACLD,IAAAC,eAAkB;AAEX,IAAM,sBAAsB,eAAE,OAAO;AAAA,EAC1C,KAAK,eAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EACrB,aAAa,eAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,KAAK,CAAC,EAAE,SAAS;AAAA,EAC5D,YAAY,eAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,KAAK,CAAC;AAClD,CAAC;;;ACND,IAAAC,eAAkB;AAEX,IAAM,0BAA0B,eAAE,OAAO;AAAA,EAC9C,KAAK,eAAE,OAAO,EAAE,IAAI,CAAC;AACvB,CAAC;;;ACJD,IAAAC,eAAkB;AAEX,IAAM,6BAA6B,eAAE,OAAO;AAAA,EACjD,YAAY,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS;AAAA,EACxC,WAAW,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS;AAAA,EACvC,SAAS,eAAE,OAAO,EAAE,IAAI,GAAG,EAAE,SAAS;AAAA,EACtC,OAAO,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS;AAAA,EACnC,UAAU,eAAE,OAAO,EAAE,IAAI,GAAG,EAAE,SAAS;AAAA,EACvC,UAAU,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS;AAAA,EACtC,UAAU,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS;AACxC,CAAC;;;ACVD,IAAAC,eAAkB;AAEX,IAAM,qCAAqC,eAAE,OAAO;AAAA,EACzD,cAAc,eAAE,OAAO,EAAE,SAAS;AAAA,EAClC,YAAY,eAAE,OAAO,EAAE,SAAS;AAClC,CAAC;;;ACLD,IAAAC,eAAkB;AAEX,IAAM,oCAAoC,eAAE,OAAO;AAAA,EACxD,MAAM,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,IAAI,GAAG;AAAA,EAChC,OAAO,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,IAAI,GAAG;AAAA,EACjC,cAAc,eAAE,OAAO,EAAE,SAAS;AACpC,CAAC;;;ACND,IAAAC,eAAkB;AAGX,IAAM,sCAAsC,eAAE,OAAO;AAAA,EAC1D,UAAU;AACZ,CAAC;;;ACLD,IAAAC,eAAkB;AAEX,IAAM,mBAAmB,eAAE,OAAO;AAAA,EACvC,OAAO,eAAE,OAAO;AAAA,EAChB,mBAAmB,eAAE,OAAO,EAAE,SAAS;AACzC,CAAC;;;ACLD,IAAAC,eAAkB;AAEX,IAAM,yBAAyB,eAAE,OAAO;AAAA,EAC7C,OAAO,eAAE,OAAO;AAAA,EAChB,YAAY,eAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,EAC3C,aAAa,eAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS;AACpD,CAAC;;;ACND,IAAAC,eAAkB;AAEX,IAAM,0BAA0B,eAAE,OAAO;AAAA,EAC9C,YAAY,eAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EAC5B,YAAY,eAAE,OAAO,EAAE,SAAS;AAClC,CAAC;;;ACLD,IAAAC,eAAkB;AAEX,IAAM,yBAAyB,eAAE,OAAO;AAAA,EAC7C,YAAY,eAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EAC5B,KAAK,eAAE,OAAO,EAAE,IAAI,CAAC,EAAE,IAAI,CAAC;AAAA,EAC5B,YAAY,eAAE,OAAO,EAAE,SAAS;AAClC,CAAC;;;ACND,IAAAC,eAAkB;AAEX,IAAM,oCAAoC,eAAE,OAAO;AAAA,EACxD,YAAY,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS;AAAA,EACxC,WAAW,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS;AAAA,EACvC,SAAS,eAAE,OAAO,EAAE,IAAI,GAAG,EAAE,SAAS;AAAA,EACtC,OAAO,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS;AAAA,EACnC,UAAU,eAAE,OAAO,EAAE,IAAI,GAAG,EAAE,SAAS;AAAA,EACvC,UAAU,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS;AAAA,EACtC,UAAU,eAAE,OAAO,EAAE,IAAI,EAAE,EAAE,SAAS;AACxC,CAAC;;;ACVD,IAAAC,eAAkB;AAEX,IAAM,8BAA8B,eAAE,OAAO;AAAA,EAClD,SAAS,eAAE,OAAO,EAAE,IAAI,CAAC;AAC3B,CAAC;;;ACJD,IAAAC,eAAkB;AAEX,IAAM,4BAA4B,eAAE,OAAO;AAAA,EAChD,SAAS,eAAE,OAAO,EAAE,IAAI,CAAC;AAC3B,CAAC;;;ApDyMG;AAjJJ,IAAM,sBAAkB,8BAAgD,MAAS;AAM1E,SAAS,iBAAiB,EAAE,SAAS,GAA0B;AACpE,QAAM,CAAC,SAAS,UAAU,QAAI,yBAA2B,MAAM;AAC7D,UAAM,SAAS,iBAAiB;AAChC,WAAO,UAAU;AAAA,EACnB,CAAC;AACD,QAAM,CAAC,kBAAkB,mBAAmB,QAAI,yBAAS,KAAK;AAC9D,QAAM,CAAC,cAAc,eAAe,QAAI,yBAAuB,IAAI;AAEnE,QAAM,iBAAa,uBAAyB,OAAO;AACnD,QAAM,mBAAe,uBAAO,KAAK;AAEjC,gCAAU,MAAM;AACd,eAAW,UAAU;AAAA,EACvB,GAAG,CAAC,OAAO,CAAC;AAEZ,gCAAU,MAAM;AACd,iBAAa,UAAU;AAAA,EACzB,GAAG,CAAC,gBAAgB,CAAC;AAErB,QAAM,EAAE,SAAS,qBAAqB,IAAI,kCAAkC;AAC5E,QAAM,EAAE,SAAS,4BAA4B,IAAI,mCAAmC;AACpF,QAAM,EAAE,SAAS,cAAc,IAAI,kCAAkC;AACrE,QAAM,EAAE,SAAS,kBAAkB,IAAI,+BAA+B;AACtE,QAAM,EAAE,SAAS,iBAAiB,IAAI,8BAA8B;AAEpE,QAAM,qBAAiB,4BAAY,OAAO,YAAgF;AACxH,UAAM,EAAE,UAAU,MAAM,IAAI,WAAW,CAAC;AAExC,QAAI,aAAa,SAAS;AACxB,iBAAW,MAAM,kDAAkD,QAAQ,GAAG;AAC9E,aAAO,WAAW;AAAA,IACpB;AAEA,wBAAoB,IAAI;AACxB,iBAAa,UAAU;AACvB,oBAAgB,IAAI;AACpB,QAAI;AACF,iBAAW,MAAM,sCAAsC,QAAQ,YAAY,KAAK,GAAG;AACnF,YAAM,MAAM,MAAM,mBAAmB,2BAA2B,EAAE,cAAc,KAAK,CAAC;AACtF,YAAM,SAAS,IAAI;AACnB,iBAAW,MAAM;AACjB,iBAAW,UAAU;AACrB,uBAAiB,MAAM;AACvB,aAAO;AAAA,IACT,SAAS,OAAO;AACd,YAAM,MAAM,iBAAiB,QAAQ,QAAQ,IAAI,MAAM,yBAAyB;AAChF,sBAAgB,GAAG;AACnB,YAAM;AAAA,IACR,UAAE;AACA,0BAAoB,KAAK;AACzB,mBAAa,UAAU;AAAA,IACzB;AAAA,EACF,GAAG,CAAC,CAAC;AAEL,QAAM,gBAAgB,8BAAO,SAA8C;AACzE,UAAM,qBAAqB,EAAE,MAAM,KAAK,CAAC;AACzC,UAAM,OAAO,MAAM,eAAe,EAAE,UAAU,iBAAiB,OAAO,KAAK,CAAC;AAC5E,WAAO;AAAA,EACT,GAJsB;AAMtB,QAAM,uBAAuB,8BAAO,SAAqD;AACvF,UAAM,4BAA4B,EAAE,MAAM,KAAK,CAAC;AAChD,UAAM,OAAO,MAAM,eAAe,EAAE,UAAU,wBAAwB,OAAO,KAAK,CAAC;AACnF,WAAO;AAAA,EACT,GAJ6B;AAM7B,QAAM,eAAe,8BAAO,WAAuC;AACjE,UAAM,cAAc,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC;AACxC,UAAM,OAAO,MAAM,eAAe,EAAE,UAAU,gBAAgB,OAAO,KAAK,CAAC;AAC3E,WAAO;AAAA,EACT,GAJqB;AAMrB,QAAM,aAAa,8BAAO,SAAyD;AACjF,UAAM,SAAS,MAAM,kBAAkB,EAAE,MAAM,KAAK,CAAC;AACrD,WAAO;AAAA,EACT,GAHmB;AAKnB,QAAM,YAAY,8BAAO,SAAuD;AAC9E,UAAM,SAAU,MAAM,iBAAiB,EAAE,MAAM,KAAK,CAAC;AAErD,QAAI,OAAO,gBAAgB,OAAO,YAAY;AAC5C,iBAAW,KAAK,0BAA0B,OAAO,UAAU;AAC3D,aAAO;AAAA,IACT;AAEA,QAAI,OAAO,UAAU,OAAO,SAAS;AAEnC,WAAK,WAAW,EAAE,QAAQ,OAAO,QAAQ,SAAS,OAAO,QAAQ,CAAC;AAClE,UAAI;AACF,cAAM,eAAe,EAAE,UAAU,aAAa,OAAO,KAAK,CAAC;AAAA,MAC7D,SAASC,eAAc;AACrB,mBAAW,KAAK,+DAA+DA,aAAY;AAAA,MAC7F;AAAA,IACF;AAEA,WAAO;AAAA,EACT,GAnBkB;AAqBlB,QAAM,aAAS,4BAAY,MAAM;AAI/B,UAAM,UAAU,KAAK,gBAAgB;AACrC,QAAI,SAAS;AACX,sBAAgB,gCAAgC,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,EAAE,MAAM,MAAM;AACjF,mBAAW,KAAK,4DAA4D;AAAA,MAC9E,CAAC;AAAA,IACH;AACA,SAAK,aAAa;AAClB,eAAW,MAAS;AACpB,oBAAgB,IAAI;AACpB,sBAAkB;AAAA,EACpB,GAAG,CAAC,CAAC;AAEL,QAAM,YAA8B,wBAAQ,OAAO;AAAA,IACjD;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,IAAI;AAAA,IACF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AAED,SACE,4CAAC,gBAAgB,UAAhB,EAAyB,OACvB,UACH;AAEJ;AA/IgB;AAiJT,SAAS,qBAA2C;AACzD,QAAM,cAAU,2BAAW,eAAe;AAC1C,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI,MAAM,yDAAyD;AAAA,EAC3E;AACA,SAAO;AACT;AANgB;;;AtC0PP,IAAAC,sBAAA;AAjaT,IAAM,gBAAgB;AAAA,EACpB,MAAM;AAAA,EACN,iBAAiB;AAAA,EACjB,qBAAqB;AACvB;AAGO,IAAM,oBAAoB,wBAC/B,YACI;AAAA,EACJ,MAAM,QAAQ,QAAQ,cAAc;AAAA,EACpC,iBAAiB,QAAQ,mBAAmB,cAAc;AAAA,EAC1D,qBAAqB,QAAQ,uBAAuB,QAAQ,QAAQ,cAAc;AACpF,IANiC;AAQjC,IAAM,oBAAoB;AAE1B,IAAM,kBAAc,8BAA2C,MAAS;AAGxE,IAAM,kBAAkB,wBAAC,UAA4B;AACnD,QAAM,OAAO,MAAM;AAGnB,SAAO,MAAM,SAAS,MAAM,UAAU,MAAM,WAAW,MAAM;AAC/D,GALwB;AAOxB,IAAM,uBAAoD,wBAAC,EAAE,UAAU,OAAO,MAAM;AAClF,QAAM,WAAW,mBAAmB;AACpC,QAAM,UAAU,WAAW;AAC3B,QAAM,kBAAkB,QAAQ,WAAW;AAE3C,QAAM,SAAS,aAAa;AAC5B,QAAM,eAAW,gCAAY;AAC7B,QAAM,cAAc,eAAe;AACnC,QAAM,CAAC,aAAa,gBAAgB,gBAAgB,IAAI;AAAA,IACtD;AAAA,IACA;AAAA,EACF;AAIA,QAAM,aAAS,wBAAQ,MAAM,kBAAkB,QAAQ,MAAM,GAAG,CAAC,QAAQ,MAAM,CAAC;AAChF,QAAM,gBAAY,uBAAO,MAAM;AAC/B,gCAAU,MAAM;AACd,cAAU,UAAU;AAAA,EACtB,GAAG,CAAC,MAAM,CAAC;AAEX,QAAM,kBAAkB,uBAAuB;AAAA,IAC7C,aAAa,OAAO;AAAA,IACpB,YAAY;AAAA,EACd,CAAC;AAED,QAAM,gBAAY,uBAAO,MAAM;AAC/B,gCAAU,MAAM;AACd,cAAU,UAAU;AAAA,EACtB,GAAG,CAAC,MAAM,CAAC;AAEX,QAAM,kBAAc,uBAAO,QAAQ;AACnC,gCAAU,MAAM;AACd,gBAAY,UAAU;AAAA,EACxB,GAAG,CAAC,QAAQ,CAAC;AAOb,QAAM,0BAAsB,uBAAO,KAAK;AAOxC,QAAM,CAAC,gBAAgB,iBAAiB,QAAI,yBAAS,KAAK;AAC1D,QAAM,aAAa,QAAQ,SAAS,OAAO;AAC3C,QAAM,0BAAsB,uBAAO,KAAK;AAExC,gCAAU,MAAM;AACd,QAAI,CAAC,iBAAiB;AACpB,0BAAoB,UAAU;AAY9B,YAAM,YAAY,QAAQ,KAAK,SAAS,KAAK,KAAK,gBAAgB,CAAC;AACnE,UAAI,aAAa,CAAC,KAAK,gBAAgB,GAAG;AACxC,mBAAW,KAAK,yCAAoC;AACpD,aAAK,aAAa;AAClB,0BAAkB;AAAA,MACpB;AACA,wBAAkB,IAAI;AACtB;AAAA,IACF;AACA,QAAI,cAAc,oBAAoB,SAAS;AAC7C,wBAAkB,IAAI;AACtB;AAAA,IACF;AACA,wBAAoB,UAAU;AAC9B,QAAI,YAAY;AAChB,gBAAY,QACT,eAAe,EAAE,UAAU,yBAAyB,CAAC,EACrD,MAAM,CAAC,UAAmB;AAIzB,iBAAW,KAAK,uCAAuC,KAAK;AAAA,IAC9D,CAAC,EACA,QAAQ,MAAM;AACb,UAAI,CAAC,UAAW,mBAAkB,IAAI;AAAA,IACxC,CAAC;AACH,WAAO,MAAM;AACX,kBAAY;AAAA,IACd;AAAA,EACF,GAAG,CAAC,iBAAiB,UAAU,CAAC;AAEhC,QAAM,YAAY,CAAC;AAMnB,QAAM,wBAAoB,uBAAO,KAAK;AACtC,gCAAU,MAAM;AACd,UAAM,cAAc,KAAK,iBAAiB,MAAM;AAC9C,UAAI,kBAAkB,QAAS;AAC/B,wBAAkB,UAAU;AAC5B,iBAAW,KAAK,4DAAuD;AACvE,wBAAkB;AAClB,gBAAU,yDAA2C;AAAA,QACnD;AAAA,MACF,CAAC;AACD,aAAO,YAAY,UAAU,QAAQ,mBAAmB;AAAA,IAC1D,CAAC;AACD,WAAO;AAAA,EACT,GAAG,CAAC,MAAM,CAAC;AAOX,gCAAU,MAAM;AACd,QAAI,CAAC,mBAAmB,oBAAoB,QAAS;AACrD,QAAI,aAAa,OAAO,QAAQ,CAAC,YAAY,IAAI,MAAM,GAAG;AACxD,YAAM,QAAQ,gBAAgB,YAAY,IAAI,gBAAgB,YAAY,IAAI;AAC9E,UAAI,MAAO,iBAAgB,cAAc;AACzC,aAAO,KAAK,SAAS,OAAO,eAAe;AAAA,IAC7C;AAAA,EACF,GAAG,CAAC,iBAAiB,UAAU,aAAa,QAAQ,QAAQ,eAAe,CAAC;AAI5E,QAAM,yBAAqB,4BAAY,OAAO,aAAqC;AACjF,QAAI,CAAC,KAAK,gBAAgB,GAAG;AAC3B,YAAM,IAAI,MAAM,+BAA+B;AAAA,IACjD;AACA,UAAM,YAAY,QAAQ,eAAe;AAAA,MACvC,UAAU,YAAY;AAAA,IACxB,CAAC;AAAA,EACH,GAAG,CAAC,CAAC;AAEL,QAAM,2BAAuB,4BAAY,YAA2B;AAClE,QAAI,KAAK,gBAAgB,GAAG;AAC1B,UAAI;AACF,cAAM,mBAAmB,sBAAsB;AAAA,MACjD,SAAS,OAAO;AACd,mBAAW,KAAK,6CAA6C,KAAK;AAAA,MACpE;AACA,aAAO,KAAK,UAAU,QAAQ,eAAe;AAAA,IAC/C,OAAO;AACL,aAAO,KAAK,UAAU,QAAQ,mBAAmB;AAAA,IACnD;AAAA,EACF,GAAG,CAAC,oBAAoB,MAAM,CAAC;AAI/B,QAAM,iBAAa;AAAA,IACjB,OAAO,YAAoB,cAAkD;AAE3E,WAAK,aAAa;AAElB,UAAI;AACF,cAAM,SAAS,MAAM,YAAY,QAAQ,WAAW;AAAA,UAClD;AAAA,UACA,YAAY;AAAA,QACd,CAAC;AAED,kBAAU,iDAAuC;AAAA,UAC/C;AAAA,UACA,OAAO;AAAA,QACT,CAAC;AAED,eAAO;AAAA,UACL,SAAS;AAAA,UACT,SAAS,OAAO,WAAW;AAAA,UAC3B,SAAS,OAAO,WAAW;AAAA,QAC7B;AAAA,MACF,SAAS,OAAO;AACd,mBAAW,MAAM,sBAAsB,KAAK;AAE5C,YAAI,iBAAiB,UAAU;AAC7B,gBAAM,OAAO,MAAM;AAGnB,gBAAM,aAAa,MAAM,eAAe,MAAM;AAC9C,iBAAO;AAAA,YACL,SAAS;AAAA,YACT,YAAY,MAAM;AAAA,YAClB,SAAS,gBAAgB,KAAK;AAAA,YAC9B,YAAY,OAAO,eAAe,WAAW,aAAa;AAAA,UAC5D;AAAA,QACF;AACA,eAAO,EAAE,SAAS,OAAO,SAAS,qBAAqB;AAAA,MACzD;AAAA,IACF;AAAA,IACA,CAAC;AAAA,EACH;AAEA,QAAM,gBAAY;AAAA,IAChB,OACE,YACA,SACA,WACA,aACA,iBAQI;AACJ,UAAI;AAGF,4BAAoB,UAAU,QAAQ,YAAY;AAElD,cAAM,SAAS,MAAM,YAAY,QAAQ,UAAU;AAAA,UACjD;AAAA,UACA,KAAK;AAAA,UACL,YAAY;AAAA,QACd,CAAC;AAED,YAAI,OAAO,gBAAgB,OAAO,YAAY;AAC5C,qBAAW,KAAK,0BAA0B,OAAO,UAAU;AAC3D,iBAAO;AAAA,YACL,SAAS;AAAA,YACT,SAAS;AAAA,YACT,cAAc;AAAA,YACd,YAAY,OAAO;AAAA,YACnB,mBAAmB,OAAO;AAAA,UAC5B;AAAA,QACF;AAEA,YAAI,CAAC,OAAO,UAAU,CAAC,OAAO,SAAS;AACrC,qBAAW,MAAM,yCAAyC,MAAM;AAChE,iBAAO,EAAE,SAAS,OAAO,SAAS,oCAAoC;AAAA,QACxE;AAEA,YAAI,WAAW,SAAS,GAAG,GAAG;AAC5B,yBAAe,UAAU;AAAA,QAC3B;AAEA,kBAAU,qDAAyC;AAAA,UACjD;AAAA,UACA,OAAO;AAAA,QACT,CAAC;AACD,YAAI,OAAO,MAAM,IAAI;AACnB,oBAAU,QAAQ,OAAO,OAAO,KAAK,EAAE,CAAC;AAAA,QAC1C;AAEA,YAAI,CAAC,cAAc;AAIjB,gBAAM,QAAQ,gBAAgB,YAAY,IAAI,gBAAgB,YAAY,IAAI;AAC9E,cAAI,MAAO,iBAAgB,cAAc;AACzC,gBAAM,mBAAmB,SAAS,eAAe,UAAU,QAAQ;AACnE,qBAAW,KAAK,8BAA8B,gBAAgB;AAC9D,iBAAO,SAAS,gBAAgB;AAAA,QAClC;AAEA,eAAO;AAAA,UACL,SAAS;AAAA,UACT,SAAS;AAAA,UACT,MAAM,OAAO;AAAA,UACb,mBAAmB,OAAO;AAAA,QAC5B;AAAA,MACF,SAAS,OAAO;AACd,mBAAW,MAAM,qBAAqB,KAAK;AAC3C,kBAAU,yDAA2C;AAAA,UACnD;AAAA,UACA,OAAO;AAAA,QACT,CAAC;AACD,YAAI,iBAAiB,UAAU;AAC7B,iBAAO,EAAE,SAAS,OAAO,SAAS,gBAAgB,KAAK,EAAE;AAAA,QAC3D;AACA,eAAO,EAAE,SAAS,OAAO,SAAS,uBAAuB;AAAA,MAC3D;AAAA,IACF;AAAA,IACA,CAAC,gBAAgB,iBAAiB,MAAM;AAAA,EAC1C;AAIA,QAAM,mBAAe,4BAAY,YAA4D;AAG3F,UAAM,SAAS,MAAM,KAAK,WAAW;AACrC,QAAI,QAAQ;AACV,gBAAU,qDAAyC;AAAA,QACjD;AAAA,MACF,CAAC;AACD,aAAO,EAAE,SAAS,MAAM,SAAS,kBAAkB;AAAA,IACrD;AACA,cAAU,+DAA8C;AAAA,MACtD;AAAA,IACF,CAAC;AACD,WAAO,EAAE,SAAS,OAAO,SAAS,yBAAyB;AAAA,EAC7D,GAAG,CAAC,CAAC;AAEL,QAAM,aAAS,4BAAY,MAAY;AACrC,cAAU,uCAAkC;AAAA,MAC1C;AAAA,IACF,CAAC;AACD,gBAAY,QAAQ,OAAO;AAG3B,WAAO,YAAY,UAAU,QAAQ,mBAAmB;AAAA,EAC1D,GAAG,CAAC,MAAM,CAAC;AAIX,QAAM,OAAQ,SAAS,WAAuC;AAC9D,QAAM,cAAc,QAAQ,MAAM,YAAY,MAAM,YAAY;AAIhE,gCAAU,MAAM;AACd,uBAAmB,EAAE,SAAS,YAAY,CAAC;AAAA,EAC7C,GAAG,CAAC,WAAW,CAAC;AAEhB,QAAM,oBAAgB;AAAA,IACpB,OAAO,SAIqB;AAC1B,YAAM,SAAS,MAAM,YAAY,QAAQ,qBAAqB,IAAI;AAClE,aAAO;AAAA,IACT;AAAA,IACA,CAAC;AAAA,EACH;AAEA,QAAM,mBAAe,4BAAY,OAAO,WAA8C;AACpF,UAAM,SAAS,MAAM,YAAY,QAAQ,aAAa,MAAM;AAC5D,WAAO;AAAA,EACT,GAAG,CAAC,CAAC;AAEL,QAAM,YAAQ;AAAA,IACZ,OAAO;AAAA,MACL;AAAA,MACA;AAAA;AAAA;AAAA,MAGA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA,UAAU,6BAAM,KAAK,SAAS,GAApB;AAAA,MACV,iBAAiB,6BAAM,KAAK,gBAAgB,GAA3B;AAAA,MACjB,eAAe,6BAAM,aAAN;AAAA,MACf,WAAW;AAAA,MACX,iBAAiB;AAAA,MACjB;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA,iBAAiB,gBAAgB;AAAA,MACjC,gBAAgB,gBAAgB;AAAA,MAChC,kBAAkB,gBAAgB;AAAA,MAClC,gBAAgB,gBAAgB;AAAA,MAChC;AAAA,MACA;AAAA,IACF;AAAA,IACA;AAAA,MACE;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAEA,SAAO,6CAAC,YAAY,UAAZ,EAAqB,OAAe,UAAS;AACvD,GAvY0D;AA8Y1D,SAAS,gBAAgB,EAAE,UAAU,QAAQ,UAAU,KAAK,GAAsB;AAChF,MAAI,CAAC,QAAS,QAAO,6EAAG,UAAS;AACjC,SACE,6CAAC,oBACC,uDAAC,wBAAqB,QAAiB,UAAS,GAClD;AAEJ;AAPS;AASF,IAAM,mBAAe,qBAAK,eAAe;AAMhD,IAAM,mBAAoC;AAAA,EACxC,MAAM;AAAA,EACN,WAAW;AAAA,EACX,iBAAiB;AAAA,EACjB,aAAa;AAAA,EACb,QAAQ,kBAAkB;AAAA,EAC1B,oBAAoB,mCAAY;AAC9B,eAAW,KAAK,yDAAyD;AAAA,EAC3E,GAFoB;AAAA,EAGpB,sBAAsB,mCAAY;AAChC,eAAW,KAAK,2DAA2D;AAAA,EAC7E,GAFsB;AAAA,EAGtB,UAAU,6BAAM,MAAN;AAAA,EACV,iBAAiB,6BAAM,MAAN;AAAA,EACjB,eAAe,6BAAM,MAAN;AAAA,EACf,WAAW,6BAAM;AACf,eAAW,KAAK,gDAAgD;AAAA,EAClE,GAFW;AAAA,EAGX,iBAAiB,6BAAM;AAAA,EAAC,GAAP;AAAA,EACjB,YAAY,mCAAY;AACtB,eAAW,KAAK,iDAAiD;AACjE,WAAO,EAAE,SAAS,OAAO,SAAS,6BAA6B;AAAA,EACjE,GAHY;AAAA,EAIZ,WAAW,mCAAY;AACrB,eAAW,KAAK,gDAAgD;AAChE,WAAO,EAAE,SAAS,OAAO,SAAS,6BAA6B;AAAA,EACjE,GAHW;AAAA,EAIX,cAAc,mCAAY;AACxB,eAAW,KAAK,mDAAmD;AACnE,WAAO,EAAE,SAAS,OAAO,SAAS,6BAA6B;AAAA,EACjE,GAHc;AAAA,EAId,QAAQ,6BAAM;AACZ,eAAW,KAAK,6CAA6C;AAAA,EAC/D,GAFQ;AAAA,EAGR,iBAAiB,6BAAM;AAAA,EAAC,GAAP;AAAA,EACjB,gBAAgB,6BAAM,IAAN;AAAA,EAChB,kBAAkB,6BAAM;AAAA,EAAC,GAAP;AAAA,EAClB,gBAAgB,6BAAM,OAAN;AAAA,EAChB,eAAe,mCAAY;AACzB,eAAW,KAAK,oDAAoD;AACpE,WAAO,CAAC;AAAA,EACV,GAHe;AAAA,EAIf,cAAc,mCAAY;AACxB,eAAW,KAAK,mDAAmD;AACnE,WAAO,CAAC;AAAA,EACV,GAHc;AAIhB;AAQO,IAAM,UAAU,6BAAuB;AAC5C,QAAM,cAAU,2BAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACzB,QAAIC,cAAa,OAAO;AACtB,iBAAW,MAAM,8DAA8D;AAAA,IACjF;AACA,WAAO;AAAA,EACT;AACA,SAAO;AACT,GATuB;AAWvB,IAAO,sBAAQ;;;A2FtiBR,IAAM,gBAAgB,wBAAC,UAA2B;AACvD,QAAM,aAAa;AACnB,SAAO,WAAW,KAAK,KAAK;AAC9B,GAH6B;;;ACAtB,IAAM,kBAAkB,wBAAC,UAAuB;AACrD,MAAI,OAAO,UAAU,UAAU;AAC7B,WAAO;AAAA,EACT;AAEA,MAAI,OAAO,SAAS;AAClB,WAAO,MAAM;AAAA,EACf;AAEA,MAAI,OAAO,QAAQ;AACjB,WAAO,MAAM;AAAA,EACf;AAEA,MAAI,OAAO,UAAU,MAAM,QAAQ;AACjC,WAAO,MAAM,SAAS,KAAK;AAAA,EAC7B;AAEA,SAAO;AACT,GAlB+B;;;AC4BxB,SAAS,sBAAsB,GAAwB;AAC5D,MAAI,CAAC,EAAE,QAAS,QAAO;AACvB,MAAI,CAAC,EAAE,YAAa,QAAO;AAC3B,SAAO,EAAE,eAAe,EAAE,iBAAiB,CAAC,EAAE;AAChD;AAJgB;AAWT,SAAS,qBAAqB,GAAwB;AAC3D,SACE,EAAE,WACF,EAAE,eACF,CAAC,EAAE,eACH,CAAC,EAAE,mBACH,CAAC,EAAE;AAEP;AARgB;AAWT,SAAS,4BAA4B,GAAiE;AAC3G,SAAO,CAAC,EAAE,eAAe,EAAE;AAC7B;AAFgB;","names":["import_navigation","import_react","client","isBrowser","dpopEnabled","import_react","useNextRouter","isStaticBuild","import_navigation","import_react","import_react","import_react","validateIdentifier","import_react","import_consola","import_navigation","import_react","import_react","joinedValues","auth","auth","config","request","url","AnalyticsEvent","AnalyticsCategory","import_react","key","validateIdentifier","import_react","import_react","import_react","import_react","key","import_react","error","import_react","import_zod","import_mutation","import_zod","import_mutation","import_zod","import_swr","import_zod","import_zod","import_zod","import_mutation","import_zod","import_mutation","import_zod","import_mutation","import_zod","import_swr","import_zod","import_mutation","import_zod","import_zod","import_zod","useSWRMutation","import_mutation","import_zod","import_zod","import_zod","useSWRMutation","import_mutation","useSWRMutation","import_mutation","import_zod","import_mutation","import_mutation","useSWRMutation","import_swr","import_mutation","import_mutation","useSWRMutation","import_mutation","import_mutation","import_zod","import_zod","import_zod","import_zod","import_zod","import_zod","import_zod","import_zod","import_zod","import_zod","import_zod","import_zod","import_zod","import_zod","profileError","import_jsx_runtime","isBrowser"]}