@edgebasejs/react-native 0.1.8 → 0.1.9

package/dist/core/src/audit/audit-manager.js

@@ -0,0 +1,265 @@
+/**
+ * Audit trail manager for change tracking and compliance
+ * Tracks all data changes with user attribution and timestamps
+ */
+/**
+ * Audit manager for tracking data changes
+ */
+export class AuditManager {
+    constructor(db, options) {
+        this.db = db;
+        this.options = {
+            trackBefore: options?.trackBefore !== false,
+            trackAfter: options?.trackAfter !== false,
+            trackChanges: options?.trackChanges !== false,
+            excludeFields: options?.excludeFields || ['password', 'password_hash', 'secret', 'token'],
+            maxRetentionDays: options?.maxRetentionDays || 90,
+        };
+    }
+    /**
+     * Log a data change
+     */
+    async logChange(user, entity, recordId, operation, before, after, metadata) {
+        const now = Date.now();
+        const auditId = `aud_${now}_${Math.random().toString(36).substring(2, 15)}`;
+        // Filter sensitive fields
+        const filteredBefore = before ? this.filterSensitiveFields(before) : undefined;
+        const filteredAfter = after ? this.filterSensitiveFields(after) : undefined;
+        // Calculate field-level changes for updates
+        let changes;
+        if (this.options.trackChanges && operation === 'update' && filteredBefore && filteredAfter) {
+            changes = this.calculateChanges(filteredBefore, filteredAfter);
+        }
+        const auditLog = {
+            id: auditId,
+            userId: user.id,
+            entity,
+            recordId,
+            operation,
+            before: this.options.trackBefore && (operation === 'update' || operation === 'delete') ? filteredBefore : undefined,
+            after: this.options.trackAfter && (operation === 'create' || operation === 'update') ? filteredAfter : undefined,
+            changes,
+            metadata,
+            createdAt: now,
+        };
+        // Store in database
+        await this.db.run(`INSERT INTO audit_logs (id, user_id, entity, record_id, operation, before_data, after_data, changes, metadata, created_at)
+       VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`, [
+            auditLog.id,
+            auditLog.userId,
+            auditLog.entity,
+            auditLog.recordId,
+            auditLog.operation,
+            auditLog.before ? JSON.stringify(auditLog.before) : null,
+            auditLog.after ? JSON.stringify(auditLog.after) : null,
+            auditLog.changes ? JSON.stringify(auditLog.changes) : null,
+            auditLog.metadata ? JSON.stringify(auditLog.metadata) : null,
+            auditLog.createdAt,
+        ]);
+        return auditLog;
+    }
+    /**
+     * Query audit logs
+     */
+    async queryLogs(query) {
+        const limit = query.limit || 50;
+        const offset = query.offset || 0;
+        // Build WHERE clause
+        const conditions = [];
+        const params = [];
+        if (query.entity) {
+            conditions.push('entity = ?');
+            params.push(query.entity);
+        }
+        if (query.recordId) {
+            conditions.push('record_id = ?');
+            params.push(query.recordId);
+        }
+        if (query.userId) {
+            conditions.push('user_id = ?');
+            params.push(query.userId);
+        }
+        if (query.operation) {
+            conditions.push('operation = ?');
+            params.push(query.operation);
+        }
+        if (query.startDate) {
+            conditions.push('created_at >= ?');
+            params.push(query.startDate);
+        }
+        if (query.endDate) {
+            conditions.push('created_at <= ?');
+            params.push(query.endDate);
+        }
+        const whereClause = conditions.length > 0 ? `WHERE ${conditions.join(' AND ')}` : '';
+        // Get logs
+        const sql = `
+      SELECT * FROM audit_logs
+      ${whereClause}
+      ORDER BY created_at DESC
+      LIMIT ? OFFSET ?
+    `;
+        const rows = await this.db.getAll(sql, [...params, limit + 1, offset]);
+        // Check if there are more results
+        const hasMore = rows.length > limit;
+        const trimmedRows = hasMore ? rows.slice(0, limit) : rows;
+        // Get total count
+        const countSql = `SELECT COUNT(*) as total FROM audit_logs ${whereClause}`;
+        const countResult = await this.db.getOne(countSql, params);
+        const total = countResult?.total || 0;
+        // Parse JSON fields
+        const logs = trimmedRows.map((row) => ({
+            id: row.id,
+            userId: row.user_id,
+            entity: row.entity,
+            recordId: row.record_id,
+            operation: row.operation,
+            before: row.before_data ? JSON.parse(row.before_data) : undefined,
+            after: row.after_data ? JSON.parse(row.after_data) : undefined,
+            changes: row.changes ? JSON.parse(row.changes) : undefined,
+            metadata: row.metadata ? JSON.parse(row.metadata) : undefined,
+            createdAt: row.created_at,
+        }));
+        return {
+            logs,
+            total,
+            hasMore,
+        };
+    }
+    /**
+     * Get audit log by ID
+     */
+    async getLog(auditId) {
+        const row = await this.db.getOne('SELECT * FROM audit_logs WHERE id = ?', [auditId]);
+        if (!row) {
+            return null;
+        }
+        return {
+            id: row.id,
+            userId: row.user_id,
+            entity: row.entity,
+            recordId: row.record_id,
+            operation: row.operation,
+            before: row.before_data ? JSON.parse(row.before_data) : undefined,
+            after: row.after_data ? JSON.parse(row.after_data) : undefined,
+            changes: row.changes ? JSON.parse(row.changes) : undefined,
+            metadata: row.metadata ? JSON.parse(row.metadata) : undefined,
+            createdAt: row.created_at,
+        };
+    }
+    /**
+     * Get audit history for a specific record
+     */
+    async getRecordHistory(entity, recordId) {
+        const rows = await this.db.getAll('SELECT * FROM audit_logs WHERE entity = ? AND record_id = ? ORDER BY created_at DESC', [entity, recordId]);
+        return rows.map((row) => ({
+            id: row.id,
+            userId: row.user_id,
+            entity: row.entity,
+            recordId: row.record_id,
+            operation: row.operation,
+            before: row.before_data ? JSON.parse(row.before_data) : undefined,
+            after: row.after_data ? JSON.parse(row.after_data) : undefined,
+            changes: row.changes ? JSON.parse(row.changes) : undefined,
+            metadata: row.metadata ? JSON.parse(row.metadata) : undefined,
+            createdAt: row.created_at,
+        }));
+    }
+    /**
+     * Get summary statistics for audit logs
+     */
+    async getStatistics(options) {
+        const conditions = [];
+        const params = [];
+        if (options?.entity) {
+            conditions.push('entity = ?');
+            params.push(options.entity);
+        }
+        if (options?.userId) {
+            conditions.push('user_id = ?');
+            params.push(options.userId);
+        }
+        if (options?.startDate) {
+            conditions.push('created_at >= ?');
+            params.push(options.startDate);
+        }
+        if (options?.endDate) {
+            conditions.push('created_at <= ?');
+            params.push(options.endDate);
+        }
+        const whereClause = conditions.length > 0 ? `WHERE ${conditions.join(' AND ')}` : '';
+        // Total changes
+        const totalResult = await this.db.getOne(`SELECT COUNT(*) as total FROM audit_logs ${whereClause}`, params);
+        const totalChanges = totalResult?.total || 0;
+        // Changes by operation
+        const operationRows = await this.db.getAll(`SELECT operation, COUNT(*) as count FROM audit_logs ${whereClause} GROUP BY operation`, params);
+        const changesByOperation = operationRows.map((row) => ({
+            operation: row.operation,
+            count: row.count,
+        }));
+        // Changes by entity
+        const entityRows = await this.db.getAll(`SELECT entity, COUNT(*) as count FROM audit_logs ${whereClause} GROUP BY entity ORDER BY count DESC LIMIT 10`, params);
+        const changesByEntity = entityRows.map((row) => ({
+            entity: row.entity,
+            count: row.count,
+        }));
+        // Changes by user
+        const userRows = await this.db.getAll(`SELECT user_id, COUNT(*) as count FROM audit_logs ${whereClause} GROUP BY user_id ORDER BY count DESC LIMIT 10`, params);
+        const changesByUser = userRows.map((row) => ({
+            userId: row.user_id,
+            count: row.count,
+        }));
+        return {
+            totalChanges,
+            changesByOperation,
+            changesByEntity,
+            changesByUser,
+        };
+    }
+    /**
+     * Clean up old audit logs based on retention policy
+     */
+    async cleanupOldLogs() {
+        const cutoffDate = Date.now() - this.options.maxRetentionDays * 24 * 60 * 60 * 1000;
+        const result = await this.db.getOne('SELECT COUNT(*) as count FROM audit_logs WHERE created_at < ?', [cutoffDate]);
+        const count = result?.count || 0;
+        if (count > 0) {
+            await this.db.run('DELETE FROM audit_logs WHERE created_at < ?', [cutoffDate]);
+        }
+        return count;
+    }
+    /**
+     * Filter sensitive fields from data
+     */
+    filterSensitiveFields(data) {
+        const filtered = {};
+        for (const [key, value] of Object.entries(data)) {
+            if (!this.options.excludeFields.includes(key.toLowerCase())) {
+                filtered[key] = value;
+            }
+        }
+        return filtered;
+    }
+    /**
+     * Calculate field-level changes between before and after states
+     */
+    calculateChanges(before, after) {
+        const changes = [];
+        // Check for changed and new fields
+        for (const [field, afterValue] of Object.entries(after)) {
+            const beforeValue = before[field];
+            // Compare values (handle different types)
+            if (JSON.stringify(beforeValue) !== JSON.stringify(afterValue)) {
+                changes.push({ field, before: beforeValue, after: afterValue });
+            }
+        }
+        // Check for deleted fields
+        for (const field of Object.keys(before)) {
+            if (!(field in after)) {
+                changes.push({ field, before: before[field], after: undefined });
+            }
+        }
+        return changes;
+    }
+}
+//# sourceMappingURL=audit-manager.js.map

package/dist/core/src/audit/audit-manager.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"audit-manager.js","sourceRoot":"","sources":["../../../../../core/src/audit/audit-manager.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAoDH;;GAEG;AACH,MAAM,OAAO,YAAY;IAIvB,YAAY,EAAiB,EAAE,OAAsB;QACnD,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC;QACb,IAAI,CAAC,OAAO,GAAG;YACb,WAAW,EAAE,OAAO,EAAE,WAAW,KAAK,KAAK;YAC3C,UAAU,EAAE,OAAO,EAAE,UAAU,KAAK,KAAK;YACzC,YAAY,EAAE,OAAO,EAAE,YAAY,KAAK,KAAK;YAC7C,aAAa,EAAE,OAAO,EAAE,aAAa,IAAI,CAAC,UAAU,EAAE,eAAe,EAAE,QAAQ,EAAE,OAAO,CAAC;YACzF,gBAAgB,EAAE,OAAO,EAAE,gBAAgB,IAAI,EAAE;SAClD,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,SAAS,CACb,IAAU,EACV,MAAc,EACd,QAAgB,EAChB,SAAyC,EACzC,MAA4B,EAC5B,KAA2B,EAC3B,QAA8B;QAE9B,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,OAAO,GAAG,OAAO,GAAG,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;QAE5E,0BAA0B;QAC1B,MAAM,cAAc,GAAG,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,qBAAqB,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAC/E,MAAM,aAAa,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAE5E,4CAA4C;QAC5C,IAAI,OAAsE,CAAC;QAC3E,IAAI,IAAI,CAAC,OAAO,CAAC,YAAY,IAAI,SAAS,KAAK,QAAQ,IAAI,cAAc,IAAI,aAAa,EAAE,CAAC;YAC3F,OAAO,GAAG,IAAI,CAAC,gBAAgB,CAAC,cAAc,EAAE,aAAa,CAAC,CAAC;QACjE,CAAC;QAED,MAAM,QAAQ,GAAa;YACzB,EAAE,EAAE,OAAO;YACX,MAAM,EAAE,IAAI,CAAC,EAAE;YACf,MAAM;YACN,QAAQ;YACR,SAAS;YACT,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,WAAW,IAAI,CAAC,SAAS,KAAK,QAAQ,IAAI,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS;YACnH,KAAK,EAAE,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,CAAC,SAAS,KAAK,QAAQ,IAAI,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS;YAChH,OAAO;YACP,QAAQ;YACR,SAAS,EAAE,GAAG;SACf,CAAC;QAEF,oBAAoB;QACpB,MAAM,IAAI,CAAC,EAAE,CAAC,GAAG,CACf;6CACuC,EACvC;YACE,QAAQ,CAAC,EAAE;YACX,QAAQ,CAAC,MAAM;YACf,QAAQ,CAAC,MAAM;YACf,QAAQ,CAAC,QAAQ;YACjB,QAAQ,CAAC,SAAS;YAClB,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI;YACxD,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI;YACtD,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI;YAC1D,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI;YAC5D,QAAQ,CAAC,SAAS;SACnB,CACF,CAAC;QAEF,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,SAAS,CAAC,KAAiB;QAC/B,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,IAAI,EAAE,CAAC;QAChC,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,IAAI,CAAC,CAAC;QAEjC,qBAAqB;QACrB,MAAM,UAAU,GAAa,EAAE,CAAC;QAChC,MAAM,MAAM,GAAU,EAAE,CAAC;QAEzB,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;YACjB,UAAU,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YAC9B,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAC5B,CAAC;QAED,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;YACnB,UAAU,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;YACjC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAC9B,CAAC;QAED,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;YACjB,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YAC/B,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAC5B,CAAC;QAED,IAAI,KAAK,CAAC,SAAS,EAAE,CAAC;YACpB,UAAU,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;YACjC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QAC/B,CAAC;QAED,IAAI,KAAK,CAAC,SAAS,EAAE,CAAC;YACpB,UAAU,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;YACnC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QAC/B,CAAC;QAED,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC;YAClB,UAAU,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;YACnC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAC7B,CAAC;QAED,MAAM,WAAW,GAAG,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAErF,WAAW;QACX,MAAM,GAAG,GAAG;;QAER,WAAW;;;KAGd,CAAC;QACF,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,MAAM,EAAE,KAAK,GAAG,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;QAEvE,kCAAkC;QAClC,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC;QACpC,MAAM,WAAW,GAAG,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAE1D,kBAAkB;QAClB,MAAM,QAAQ,GAAG,4CAA4C,WAAW,EAAE,CAAC;QAC3E,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QAC3D,MAAM,KAAK,GAAG,WAAW,EAAE,KAAK,IAAI,CAAC,CAAC;QAEtC,oBAAoB;QACpB,MAAM,IAAI,GAAe,WAAW,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;YACjD,EAAE,EAAE,GAAG,CAAC,EAAE;YACV,MAAM,EAAE,GAAG,CAAC,OAAO;YACnB,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,QAAQ,EAAE,GAAG,CAAC,SAAS;YACvB,SAAS,EAAE,GAAG,CAAC,SAAS;YACxB,MAAM,EAAE,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,SAAS;YACjE,KAAK,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS;YAC9D,OAAO,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,SAAS;YAC1D,QAAQ,EAAE,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;YAC7D,SAAS,EAAE,GAAG,CAAC,UAAU;SAC1B,CAAC,CAAC,CAAC;QAEJ,OAAO;YACL,IAAI;YACJ,KAAK;YACL,OAAO;SACR,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM,CAAC,OAAe;QAC1B,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,uCAAuC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;QAErF,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,EAAE;YACV,MAAM,EAAE,GAAG,CAAC,OAAO;YACnB,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,QAAQ,EAAE,GAAG,CAAC,SAAS;YACvB,SAAS,EAAE,GAAG,CAAC,SAAS;YACxB,MAAM,EAAE,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,SAAS;YACjE,KAAK,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS;YAC9D,OAAO,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,SAAS;YAC1D,QAAQ,EAAE,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;YAC7D,SAAS,EAAE,GAAG,CAAC,UAAU;SAC1B,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,gBAAgB,CAAC,MAAc,EAAE,QAAgB;QACrD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,EAAE,CAAC,MAAM,CAC/B,sFAAsF,EACtF,CAAC,MAAM,EAAE,QAAQ,CAAC,CACnB,CAAC;QAEF,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;YACxB,EAAE,EAAE,GAAG,CAAC,EAAE;YACV,MAAM,EAAE,GAAG,CAAC,OAAO;YACnB,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,QAAQ,EAAE,GAAG,CAAC,SAAS;YACvB,SAAS,EAAE,GAAG,CAAC,SAAS;YACxB,MAAM,EAAE,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,SAAS;YACjE,KAAK,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS;YAC9D,OAAO,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,SAAS;YAC1D,QAAQ,EAAE,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;YAC7D,SAAS,EAAE,GAAG,CAAC,UAAU;SAC1B,CAAC,CAAC,CAAC;IACN,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,aAAa,CAAC,OAKnB;QAMC,MAAM,UAAU,GAAa,EAAE,CAAC;QAChC,MAAM,MAAM,GAAU,EAAE,CAAC;QAEzB,IAAI,OAAO,EAAE,MAAM,EAAE,CAAC;YACpB,UAAU,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YAC9B,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC9B,CAAC;QAED,IAAI,OAAO,EAAE,MAAM,EAAE,CAAC;YACpB,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YAC/B,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC9B,CAAC;QAED,IAAI,OAAO,EAAE,SAAS,EAAE,CAAC;YACvB,UAAU,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;YACnC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QACjC,CAAC;QAED,IAAI,OAAO,EAAE,OAAO,EAAE,CAAC;YACrB,UAAU,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;YACnC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/B,CAAC;QAED,MAAM,WAAW,GAAG,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAErF,gBAAgB;QAChB,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,4CAA4C,WAAW,EAAE,EAAE,MAAM,CAAC,CAAC;QAC5G,MAAM,YAAY,GAAG,WAAW,EAAE,KAAK,IAAI,CAAC,CAAC;QAE7C,uBAAuB;QACvB,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,EAAE,CAAC,MAAM,CACxC,uDAAuD,WAAW,qBAAqB,EACvF,MAAM,CACP,CAAC;QACF,MAAM,kBAAkB,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;YACrD,SAAS,EAAE,GAAG,CAAC,SAAS;YACxB,KAAK,EAAE,GAAG,CAAC,KAAK;SACjB,CAAC,CAAC,CAAC;QAEJ,oBAAoB;QACpB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,EAAE,CAAC,MAAM,CACrC,oDAAoD,WAAW,+CAA+C,EAC9G,MAAM,CACP,CAAC;QACF,MAAM,eAAe,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;YAC/C,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,KAAK,EAAE,GAAG,CAAC,KAAK;SACjB,CAAC,CAAC,CAAC;QAEJ,kBAAkB;QAClB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,EAAE,CAAC,MAAM,CACnC,qDAAqD,WAAW,gDAAgD,EAChH,MAAM,CACP,CAAC;QACF,MAAM,aAAa,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;YAC3C,MAAM,EAAE,GAAG,CAAC,OAAO;YACnB,KAAK,EAAE,GAAG,CAAC,KAAK;SACjB,CAAC,CAAC,CAAC;QAEJ,OAAO;YACL,YAAY;YACZ,kBAAkB;YAClB,eAAe;YACf,aAAa;SACd,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,cAAc;QAClB,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,OAAO,CAAC,gBAAgB,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;QAEpF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,+DAA+D,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC;QACnH,MAAM,KAAK,GAAG,MAAM,EAAE,KAAK,IAAI,CAAC,CAAC;QAEjC,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC;YACd,MAAM,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,6CAA6C,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC;QACjF,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACK,qBAAqB,CAAC,IAAyB;QACrD,MAAM,QAAQ,GAAwB,EAAE,CAAC;QAEzC,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;YAChD,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,QAAQ,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBAC5D,QAAQ,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;YACxB,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;OAEG;IACK,gBAAgB,CACtB,MAA2B,EAC3B,KAA0B;QAE1B,MAAM,OAAO,GAAsD,EAAE,CAAC;QAEtE,mCAAmC;QACnC,KAAK,MAAM,CAAC,KAAK,EAAE,UAAU,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YACxD,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;YAElC,0CAA0C;YAC1C,IAAI,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,KAAK,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC/D,OAAO,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC,CAAC;YAClE,CAAC;QACH,CAAC;QAED,2BAA2B;QAC3B,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;YACxC,IAAI,CAAC,CAAC,KAAK,IAAI,KAAK,CAAC,EAAE,CAAC;gBACtB,OAAO,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;YACnE,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;CACF"}

package/dist/core/src/auth/auth-service.d.ts

@@ -0,0 +1,71 @@
+import { z } from 'zod';
+import type { User, AuthTokens, LoginRequest, RegisterRequest } from '@edgebasejs/types';
+export declare const LoginSchema: z.ZodObject<{
+    email: z.ZodString;
+    password: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    email: string;
+    password: string;
+}, {
+    email: string;
+    password: string;
+}>;
+export declare const RegisterSchema: z.ZodObject<{
+    email: z.ZodString;
+    password: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    email: string;
+    password: string;
+}, {
+    email: string;
+    password: string;
+}>;
+/**
+ * Password hashing utilities
+ * For D1/Cloudflare, we use PBKDF2 (built-in Web Crypto API)
+ */
+export declare function hashPassword(password: string): Promise<string>;
+/**
+ * Verify password against hash
+ */
+export declare function verifyPassword(password: string, hash: string): Promise<boolean>;
+/**
+ * JWT token generation and verification
+ */
+export interface JWTPayload {
+    userId: string;
+    email: string;
+    iat: number;
+    exp: number;
+    type: 'access' | 'refresh';
+}
+/**
+ * Create JWT token (simple implementation without external library)
+ * Note: In production, consider using a library like `jose` or `jsonwebtoken`
+ */
+export declare function createJWT(payload: Omit<JWTPayload, 'iat' | 'exp'>, secret: string, expiresIn: number): string;
+/**
+ * Parse JWT token (simple implementation)
+ */
+export declare function parseJWT(token: string): JWTPayload | null;
+/**
+ * Authentication service
+ */
+export declare class AuthService {
+    /**
+     * Register a new user
+     */
+    static registerUser(request: RegisterRequest, onCreateUser: (user: User) => Promise<void>): Promise<User>;
+    /**
+     * Login user
+     */
+    static loginUser(request: LoginRequest, onGetUser: (email: string) => Promise<User & {
+        passwordHash: string;
+    }>, secret: string): Promise<AuthTokens>;
+    /**
+     * Refresh access token
+     */
+    static refreshToken(refreshToken: string, secret: string): string;
+}
+export default AuthService;
+//# sourceMappingURL=auth-service.d.ts.map

package/dist/core/src/auth/auth-service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-service.d.ts","sourceRoot":"","sources":["../../../../../core/src/auth/auth-service.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,KAAK,EAAE,IAAI,EAAE,UAAU,EAAE,YAAY,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAGzF,eAAO,MAAM,WAAW;;;;;;;;;EAGtB,CAAC;AAEH,eAAO,MAAM,cAAc;;;;;;;;;EAGzB,CAAC;AAEH;;;GAGG;AACH,wBAAsB,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CA6BpE;AAED;;GAEG;AACH,wBAAsB,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CA4CrF;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,QAAQ,GAAG,SAAS,CAAC;CAC5B;AAED;;;GAGG;AACH,wBAAgB,SAAS,CACvB,OAAO,EAAE,IAAI,CAAC,UAAU,EAAE,KAAK,GAAG,KAAK,CAAC,EACxC,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,MAAM,GAChB,MAAM,CAmBR;AAED;;GAEG;AACH,wBAAgB,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,UAAU,GAAG,IAAI,CAkBzD;AAED;;GAEG;AACH,qBAAa,WAAW;IACtB;;OAEG;WACU,YAAY,CACvB,OAAO,EAAE,eAAe,EACxB,YAAY,EAAE,CAAC,IAAI,EAAE,IAAI,KAAK,OAAO,CAAC,IAAI,CAAC,GAC1C,OAAO,CAAC,IAAI,CAAC;IAuBhB;;OAEG;WACU,SAAS,CACpB,OAAO,EAAE,YAAY,EACrB,SAAS,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,GAAG;QAAE,YAAY,EAAE,MAAM,CAAA;KAAE,CAAC,EACtE,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,UAAU,CAAC;IAiCtB;;OAEG;IACH,MAAM,CAAC,YAAY,CAAC,YAAY,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM;CAYlE;AAED,eAAe,WAAW,CAAC"}

package/dist/core/src/auth/auth-service.js

@@ -0,0 +1,177 @@
+// Authentication service
+// Handles password hashing, JWT generation, and token management
+import { z } from 'zod';
+// Validation schemas
+export const LoginSchema = z.object({
+    email: z.string().email('Invalid email'),
+    password: z.string().min(8, 'Password must be at least 8 characters'),
+});
+export const RegisterSchema = z.object({
+    email: z.string().email('Invalid email'),
+    password: z.string().min(8, 'Password must be at least 8 characters'),
+});
+/**
+ * Password hashing utilities
+ * For D1/Cloudflare, we use PBKDF2 (built-in Web Crypto API)
+ */
+export async function hashPassword(password) {
+    // Using PBKDF2 with Web Crypto API available in Cloudflare Workers
+    const encoder = new TextEncoder();
+    const data = encoder.encode(password);
+    const salt = crypto.getRandomValues(new Uint8Array(16));
+    const key = await crypto.subtle.importKey('raw', data, { name: 'PBKDF2' }, false, ['deriveBits']);
+    const bits = await crypto.subtle.deriveBits({
+        name: 'PBKDF2',
+        salt: salt,
+        iterations: 100000,
+        hash: 'SHA-256',
+    }, key, 256);
+    // Combine salt + hash and encode as hex
+    const hashArray = new Uint8Array(bits);
+    const saltHex = Array.from(salt)
+        .map((b) => b.toString(16).padStart(2, '0'))
+        .join('');
+    const hashHex = Array.from(hashArray)
+        .map((b) => b.toString(16).padStart(2, '0'))
+        .join('');
+    return `pbkdf2:${saltHex}:${hashHex}`;
+}
+/**
+ * Verify password against hash
+ */
+export async function verifyPassword(password, hash) {
+    if (!hash.startsWith('pbkdf2:')) {
+        return false;
+    }
+    const parts = hash.split(':');
+    if (parts.length !== 3) {
+        return false;
+    }
+    const [, saltHex, storedHashHex] = parts;
+    try {
+        const encoder = new TextEncoder();
+        const data = encoder.encode(password);
+        // Convert hex salt back to bytes
+        const salt = new Uint8Array(saltHex.match(/.{1,2}/g).map((byte) => parseInt(byte, 16)));
+        const key = await crypto.subtle.importKey('raw', data, { name: 'PBKDF2' }, false, [
+            'deriveBits',
+        ]);
+        const bits = await crypto.subtle.deriveBits({
+            name: 'PBKDF2',
+            salt: salt,
+            iterations: 100000,
+            hash: 'SHA-256',
+        }, key, 256);
+        const hashArray = new Uint8Array(bits);
+        const computedHashHex = Array.from(hashArray)
+            .map((b) => b.toString(16).padStart(2, '0'))
+            .join('');
+        return computedHashHex === storedHashHex;
+    }
+    catch (error) {
+        console.error('Password verification error:', error);
+        return false;
+    }
+}
+/**
+ * Create JWT token (simple implementation without external library)
+ * Note: In production, consider using a library like `jose` or `jsonwebtoken`
+ */
+export function createJWT(payload, secret, expiresIn) {
+    const header = {
+        alg: 'HS256',
+        typ: 'JWT',
+    };
+    const now = Math.floor(Date.now() / 1000);
+    const jwtPayload = {
+        ...payload,
+        iat: now,
+        exp: now + expiresIn,
+    };
+    const headerEncoded = btoa(JSON.stringify(header));
+    const payloadEncoded = btoa(JSON.stringify(jwtPayload));
+    // For now, return a placeholder token with payload info
+    // Full HMAC implementation would require crypto-js or jose library
+    return `${headerEncoded}.${payloadEncoded}.signature-placeholder`;
+}
+/**
+ * Parse JWT token (simple implementation)
+ */
+export function parseJWT(token) {
+    try {
+        const parts = token.split('.');
+        if (parts.length !== 3) {
+            return null;
+        }
+        const payload = JSON.parse(atob(parts[1]));
+        const now = Math.floor(Date.now() / 1000);
+        if (payload.exp && payload.exp < now) {
+            return null;
+        }
+        return payload;
+    }
+    catch (error) {
+        return null;
+    }
+}
+/**
+ * Authentication service
+ */
+export class AuthService {
+    /**
+     * Register a new user
+     */
+    static async registerUser(request, onCreateUser) {
+        // Validate input
+        const validated = RegisterSchema.parse(request);
+        // Hash password
+        const passwordHash = await hashPassword(validated.password);
+        // Create user
+        const userId = `user_${Date.now()}_${Math.random().toString(36).substr(2, 9)}`;
+        const now = Date.now();
+        const user = {
+            id: userId,
+            email: validated.email,
+            createdAt: now,
+            updatedAt: now,
+        };
+        await onCreateUser(user);
+        return user;
+    }
+    /**
+     * Login user
+     */
+    static async loginUser(request, onGetUser, secret) {
+        // Validate input
+        const validated = LoginSchema.parse(request);
+        // Get user
+        const user = await onGetUser(validated.email);
+        // Verify password
+        const passwordValid = await verifyPassword(validated.password, user.passwordHash);
+        if (!passwordValid) {
+            throw new Error('Invalid credentials');
+        }
+        // Generate tokens
+        const accessToken = createJWT({ userId: user.id, email: user.email, type: 'access' }, secret, 3600 // 1 hour
+        );
+        const refreshToken = createJWT({ userId: user.id, email: user.email, type: 'refresh' }, secret, 604800 // 7 days
+        );
+        return {
+            accessToken,
+            refreshToken,
+            expiresIn: 3600,
+        };
+    }
+    /**
+     * Refresh access token
+     */
+    static refreshToken(refreshToken, secret) {
+        const payload = parseJWT(refreshToken);
+        if (!payload || payload.type !== 'refresh') {
+            throw new Error('Invalid refresh token');
+        }
+        return createJWT({ userId: payload.userId, email: payload.email, type: 'access' }, secret, 3600);
+    }
+}
+export default AuthService;
+//# sourceMappingURL=auth-service.js.map

package/dist/core/src/auth/auth-service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-service.js","sourceRoot":"","sources":["../../../../../core/src/auth/auth-service.ts"],"names":[],"mappings":"AAAA,yBAAyB;AACzB,iEAAiE;AAEjE,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAGxB,qBAAqB;AACrB,MAAM,CAAC,MAAM,WAAW,GAAG,CAAC,CAAC,MAAM,CAAC;IAClC,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,eAAe,CAAC;IACxC,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,wCAAwC,CAAC;CACtE,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,CAAC,MAAM,CAAC;IACrC,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,eAAe,CAAC;IACxC,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,wCAAwC,CAAC;CACtE,CAAC,CAAC;AAEH;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,QAAgB;IACjD,mEAAmE;IACnE,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;IAClC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACtC,MAAM,IAAI,GAAG,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;IAExD,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,KAAK,EAAE,CAAC,YAAY,CAAC,CAAC,CAAC;IAElG,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,UAAU,CACzC;QACE,IAAI,EAAE,QAAQ;QACd,IAAI,EAAE,IAAI;QACV,UAAU,EAAE,MAAM;QAClB,IAAI,EAAE,SAAS;KAChB,EACD,GAAG,EACH,GAAG,CACJ,CAAC;IAEF,wCAAwC;IACxC,MAAM,SAAS,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC;IACvC,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC;SAC7B,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;SAC3C,IAAI,CAAC,EAAE,CAAC,CAAC;IACZ,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC;SAClC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;SAC3C,IAAI,CAAC,EAAE,CAAC,CAAC;IAEZ,OAAO,UAAU,OAAO,IAAI,OAAO,EAAE,CAAC;AACxC,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,QAAgB,EAAE,IAAY;IACjE,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAChC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC9B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,CAAC,EAAE,OAAO,EAAE,aAAa,CAAC,GAAG,KAAK,CAAC;IAEzC,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;QAClC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAEtC,iCAAiC;QACjC,MAAM,IAAI,GAAG,IAAI,UAAU,CAAC,OAAO,CAAC,KAAK,CAAC,SAAS,CAAE,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;QAEzF,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,KAAK,EAAE;YAChF,YAAY;SACb,CAAC,CAAC;QAEH,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,UAAU,CACzC;YACE,IAAI,EAAE,QAAQ;YACd,IAAI,EAAE,IAAI;YACV,UAAU,EAAE,MAAM;YAClB,IAAI,EAAE,SAAS;SAChB,EACD,GAAG,EACH,GAAG,CACJ,CAAC;QAEF,MAAM,SAAS,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC;QACvC,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC;aAC1C,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;aAC3C,IAAI,CAAC,EAAE,CAAC,CAAC;QAEZ,OAAO,eAAe,KAAK,aAAa,CAAC;IAC3C,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,8BAA8B,EAAE,KAAK,CAAC,CAAC;QACrD,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAaD;;;GAGG;AACH,MAAM,UAAU,SAAS,CACvB,OAAwC,EACxC,MAAc,EACd,SAAiB;IAEjB,MAAM,MAAM,GAAG;QACb,GAAG,EAAE,OAAO;QACZ,GAAG,EAAE,KAAK;KACX,CAAC;IAEF,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAC1C,MAAM,UAAU,GAAG;QACjB,GAAG,OAAO;QACV,GAAG,EAAE,GAAG;QACR,GAAG,EAAE,GAAG,GAAG,SAAS;KACrB,CAAC;IAEF,MAAM,aAAa,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC;IACnD,MAAM,cAAc,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC;IAExD,wDAAwD;IACxD,mEAAmE;IACnE,OAAO,GAAG,aAAa,IAAI,cAAc,wBAAwB,CAAC;AACpE,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,QAAQ,CAAC,KAAa;IACpC,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC3C,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAE1C,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC;YACrC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,OAAqB,CAAC;IAC/B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,OAAO,WAAW;IACtB;;OAEG;IACH,MAAM,CAAC,KAAK,CAAC,YAAY,CACvB,OAAwB,EACxB,YAA2C;QAE3C,iBAAiB;QACjB,MAAM,SAAS,GAAG,cAAc,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAEhD,gBAAgB;QAChB,MAAM,YAAY,GAAG,MAAM,YAAY,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QAE5D,cAAc;QACd,MAAM,MAAM,GAAG,QAAQ,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;QAC/E,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEvB,MAAM,IAAI,GAAS;YACjB,EAAE,EAAE,MAAM;YACV,KAAK,EAAE,SAAS,CAAC,KAAK;YACtB,SAAS,EAAE,GAAG;YACd,SAAS,EAAE,GAAG;SACf,CAAC;QAEF,MAAM,YAAY,CAAC,IAAI,CAAC,CAAC;QAEzB,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,KAAK,CAAC,SAAS,CACpB,OAAqB,EACrB,SAAsE,EACtE,MAAc;QAEd,iBAAiB;QACjB,MAAM,SAAS,GAAG,WAAW,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAE7C,WAAW;QACX,MAAM,IAAI,GAAG,MAAM,SAAS,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;QAE9C,kBAAkB;QAClB,MAAM,aAAa,GAAG,MAAM,cAAc,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC;QAClF,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACzC,CAAC;QAED,kBAAkB;QAClB,MAAM,WAAW,GAAG,SAAS,CAC3B,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,EACtD,MAAM,EACN,IAAI,CAAC,SAAS;SACf,CAAC;QAEF,MAAM,YAAY,GAAG,SAAS,CAC5B,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,EAAE,SAAS,EAAE,EACvD,MAAM,EACN,MAAM,CAAC,SAAS;SACjB,CAAC;QAEF,OAAO;YACL,WAAW;YACX,YAAY;YACZ,SAAS,EAAE,IAAI;SAChB,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,YAAY,CAAC,YAAoB,EAAE,MAAc;QACtD,MAAM,OAAO,GAAG,QAAQ,CAAC,YAAY,CAAC,CAAC;QACvC,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;YAC3C,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;QAC3C,CAAC;QAED,OAAO,SAAS,CACd,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,EAChE,MAAM,EACN,IAAI,CACL,CAAC;IACJ,CAAC;CACF;AAED,eAAe,WAAW,CAAC"}

package/dist/core/src/auth/index.d.ts

@@ -0,0 +1,4 @@
+export * from './auth-service';
+export { default as AuthService } from './auth-service';
+export { createJWT, parseJWT, verifyPassword, hashPassword } from './auth-service';
+//# sourceMappingURL=index.d.ts.map

package/dist/core/src/auth/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../core/src/auth/index.ts"],"names":[],"mappings":"AAAA,cAAc,gBAAgB,CAAC;AAC/B,OAAO,EAAE,OAAO,IAAI,WAAW,EAAE,MAAM,gBAAgB,CAAC;AACxD,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,cAAc,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC"}

package/dist/core/src/auth/index.js

@@ -0,0 +1,4 @@
+export * from './auth-service';
+export { default as AuthService } from './auth-service';
+export { createJWT, parseJWT, verifyPassword, hashPassword } from './auth-service';
+//# sourceMappingURL=index.js.map

package/dist/core/src/auth/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../core/src/auth/index.ts"],"names":[],"mappings":"AAAA,cAAc,gBAAgB,CAAC;AAC/B,OAAO,EAAE,OAAO,IAAI,WAAW,EAAE,MAAM,gBAAgB,CAAC;AACxD,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,cAAc,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC"}

package/dist/core/src/encryption/encryption-manager.d.ts

@@ -0,0 +1,97 @@
+/**
+ * Encryption manager for field-level data encryption
+ * Handles encryption/decryption of sensitive fields at rest
+ */
+export interface EncryptionConfig {
+    entity: string;
+    fields: string[];
+    algorithm?: 'AES-GCM' | 'AES-CBC';
+    keyRotation?: boolean;
+}
+export interface EncryptedValue {
+    ciphertext: string;
+    iv: string;
+    algorithm: string;
+    keyVersion?: number;
+}
+export interface EncryptionKey {
+    id: string;
+    key: CryptoKey;
+    version: number;
+    algorithm: string;
+    createdAt: number;
+}
+/**
+ * Encryption manager for field-level encryption
+ */
+export declare class EncryptionManager {
+    private configs;
+    private currentKey;
+    private keyHistory;
+    constructor();
+    /**
+     * Register encryption configuration for an entity
+     */
+    registerConfig(config: EncryptionConfig): void;
+    /**
+     * Get encryption configuration for an entity
+     */
+    getConfig(entity: string): EncryptionConfig | undefined;
+    /**
+     * Initialize encryption key from master key
+     */
+    initializeKey(masterKey: string, version?: number): Promise<void>;
+    /**
+     * Rotate encryption key (for key rotation support)
+     */
+    rotateKey(newMasterKey: string): Promise<void>;
+    /**
+     * Encrypt a value
+     */
+    encrypt(value: any): Promise<EncryptedValue>;
+    /**
+     * Decrypt a value
+     */
+    decrypt(encrypted: EncryptedValue): Promise<any>;
+    /**
+     * Encrypt fields in a record based on entity configuration
+     */
+    encryptRecord(entity: string, record: Record<string, any>): Promise<Record<string, any>>;
+    /**
+     * Decrypt fields in a record based on entity configuration
+     */
+    decryptRecord(entity: string, record: Record<string, any>): Promise<Record<string, any>>;
+    /**
+     * Check if a field should be encrypted
+     */
+    shouldEncrypt(entity: string, field: string): boolean;
+    /**
+     * Get all encrypted fields for an entity
+     */
+    getEncryptedFields(entity: string): string[];
+    /**
+     * Re-encrypt a record with a new key (for key rotation)
+     */
+    reencryptRecord(entity: string, record: Record<string, any>): Promise<Record<string, any>>;
+    /**
+     * Derive key material from master key
+     */
+    private deriveKeyMaterial;
+    /**
+     * Convert ArrayBuffer to Base64
+     */
+    private arrayBufferToBase64;
+    /**
+     * Convert Base64 to ArrayBuffer
+     */
+    private base64ToArrayBuffer;
+    /**
+     * Clear all encryption keys (security)
+     */
+    clear(): void;
+}
+/**
+ * Global encryption manager instance
+ */
+export declare const encryptionManager: EncryptionManager;
+//# sourceMappingURL=encryption-manager.d.ts.map

package/dist/core/src/encryption/encryption-manager.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"encryption-manager.d.ts","sourceRoot":"","sources":["../../../../../core/src/encryption/encryption-manager.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,SAAS,CAAC,EAAE,SAAS,GAAG,SAAS,CAAC;IAClC,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAED,MAAM,WAAW,cAAc;IAC7B,UAAU,EAAE,MAAM,CAAC;IACnB,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,GAAG,EAAE,SAAS,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,OAAO,CAA4C;IAC3D,OAAO,CAAC,UAAU,CAA8B;IAChD,OAAO,CAAC,UAAU,CAAyC;;IAI3D;;OAEG;IACH,cAAc,CAAC,MAAM,EAAE,gBAAgB,GAAG,IAAI;IAI9C;;OAEG;IACH,SAAS,CAAC,MAAM,EAAE,MAAM,GAAG,gBAAgB,GAAG,SAAS;IAIvD;;OAEG;IACG,aAAa,CAAC,SAAS,EAAE,MAAM,EAAE,OAAO,GAAE,MAAU,GAAG,OAAO,CAAC,IAAI,CAAC;IA8B1E;;OAEG;IACG,SAAS,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAKpD;;OAEG;IACG,OAAO,CAAC,KAAK,EAAE,GAAG,GAAG,OAAO,CAAC,cAAc,CAAC;IAiClD;;OAEG;IACG,OAAO,CAAC,SAAS,EAAE,cAAc,GAAG,OAAO,CAAC,GAAG,CAAC;IAkCtD;;OAEG;IACG,aAAa,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAqB9F;;OAEG;IACG,aAAa,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IA+B9F;;OAEG;IACH,aAAa,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO;IAKrD;;OAEG;IACH,kBAAkB,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE;IAK5C;;OAEG;IACG,eAAe,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAQhG;;OAEG;YACW,iBAAiB;IAW/B;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAS3B;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAS3B;;OAEG;IACH,KAAK,IAAI,IAAI;CAId;AAED;;GAEG;AACH,eAAO,MAAM,iBAAiB,mBAA0B,CAAC"}