@fengsoft/auth-organizations 0.1.0

package/CHANGELOG.md

@@ -0,0 +1,7 @@
+# Changelog
+
+All notable changes to this package will be documented in this file.
+
+## 0.1.0
+
+- Initial public release.

package/LICENSE

@@ -0,0 +1,100 @@
+Apache License
+Version 2.0, January 2004
+http://www.apache.org/licenses/
+
+TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+1. Definitions.
+
+"License" shall mean the terms and conditions for use, reproduction, and
+distribution as defined by Sections 1 through 9 of this document.
+
+"Licensor" shall mean the copyright owner or entity authorized by the copyright
+owner that is granting the License.
+
+"Legal Entity" shall mean the union of the acting entity and all other entities
+that control, are controlled by, or are under common control with that entity.
+For the purposes of this definition, "control" means (i) the power, direct or
+indirect, to cause the direction or management of such entity, whether by
+contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the
+outstanding shares, or (iii) beneficial ownership of such entity.
+
+"You" (or "Your") shall mean an individual or Legal Entity exercising
+permissions granted by this License.
+
+"Source" form shall mean the preferred form for making modifications, including
+but not limited to software source code, documentation source, and configuration
+files.
+
+"Object" form shall mean any form resulting from mechanical transformation or
+translation of a Source form, including but not limited to compiled object code,
+generated documentation, and conversions to other media types.
+
+"Work" shall mean the work of authorship, whether in Source or Object form, made
+available under the License, as indicated by a copyright notice that is included
+in or attached to the work.
+
+"Derivative Works" shall mean any work, whether in Source or Object form, that
+is based on (or derived from) the Work and for which the editorial revisions,
+annotations, elaborations, or other modifications represent, as a whole, an
+original work of authorship.
+
+"Contribution" shall mean any work of authorship, including the original version
+of the Work and any modifications or additions to that Work or Derivative Works,
+that is intentionally submitted to Licensor for inclusion in the Work by the
+copyright owner or by an individual or Legal Entity authorized to submit on
+behalf of the copyright owner.
+
+"Contributor" shall mean Licensor and any individual or Legal Entity on behalf
+of whom a Contribution has been received by Licensor and subsequently
+incorporated within the Work.
+
+2. Grant of Copyright License. Subject to the terms and conditions of this
+License, each Contributor hereby grants to You a perpetual, worldwide,
+non-exclusive, no-charge, royalty-free, irrevocable copyright license to
+reproduce, prepare Derivative Works of, publicly display, publicly perform,
+sublicense, and distribute the Work and such Derivative Works in Source or
+Object form.
+
+3. Grant of Patent License. Subject to the terms and conditions of this License,
+each Contributor hereby grants to You a perpetual, worldwide, non-exclusive,
+no-charge, royalty-free, irrevocable patent license to make, have made, use,
+offer to sell, sell, import, and otherwise transfer the Work.
+
+4. Redistribution. You may reproduce and distribute copies of the Work or
+Derivative Works thereof in any medium, with or without modifications, and in
+Source or Object form, provided that You meet the following conditions:
+
+You must give any other recipients of the Work or Derivative Works a copy of
+this License; and
+
+You must cause any modified files to carry prominent notices stating that You
+changed the files; and
+
+You must retain, in the Source form of any Derivative Works that You distribute,
+all copyright, patent, trademark, and attribution notices from the Source form
+of the Work; and
+
+If the Work includes a "NOTICE" text file as part of its distribution, then any
+Derivative Works that You distribute must include a readable copy of the
+attribution notices contained within such NOTICE file.
+
+5. Submission of Contributions. Unless You explicitly state otherwise, any
+Contribution intentionally submitted for inclusion in the Work by You to the
+Licensor shall be under the terms and conditions of this License.
+
+6. Trademarks. This License does not grant permission to use the trade names,
+trademarks, service marks, or product names of the Licensor.
+
+7. Disclaimer of Warranty. Unless required by applicable law or agreed to in
+writing, Licensor provides the Work on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+CONDITIONS OF ANY KIND, either express or implied.
+
+8. Limitation of Liability. In no event and under no legal theory shall any
+Contributor be liable to You for damages arising as a result of this License or
+out of the use or inability to use the Work.
+
+9. Accepting Warranty or Additional Liability. While redistributing the Work or
+Derivative Works thereof, You may choose to offer, and charge a fee for,
+acceptance of support, warranty, indemnity, or other liability obligations.
+

package/README.md

@@ -0,0 +1,24 @@
+# @fengsoft/auth-organizations
+
+Organization, invitation, membership, and active-organization workflows built on Better Auth.
+
+## Install
+
+```bash
+pnpm add @fengsoft/auth-organizations better-auth
+```
+
+## Use When
+
+- your product is multi-tenant and needs organization-aware auth behavior
+- you need reusable invite and membership flows before product-specific workspace rules
+
+## Related Packages
+
+- `@fengsoft/auth-core`
+- `@fengsoft/auth-contracts`
+
+## Source
+
+- Repo: `fengsoft/auth-core`
+- Docs: see the root repository README and docs app for architecture and adoption guides

package/dist/auth-contracts/src/index.d.ts

@@ -0,0 +1,89 @@
+import type { Id, Timestamp } from "@fengsoft/foundation-contracts";
+export declare const AUTH_ROLES: readonly ["owner", "admin", "member", "viewer"];
+export type AuthRole = (typeof AUTH_ROLES)[number];
+export type AuthPermission = string;
+export type AuthUser = {
+    id: Id;
+    email: string;
+    name: string | null;
+    emailVerified: boolean;
+    createdAt: Timestamp;
+    updatedAt: Timestamp;
+};
+export type AuthSession = {
+    id: Id;
+    user: AuthUser;
+    activeOrganizationId: Id | null;
+    expiresAt: Timestamp;
+    createdAt: Timestamp;
+};
+export type AuthOrganization = {
+    id: Id;
+    name: string;
+    slug: string;
+    createdAt: Timestamp;
+    updatedAt: Timestamp;
+};
+export type AuthMembership = {
+    id: Id;
+    organizationId: Id;
+    userId: Id;
+    role: AuthRole;
+    permissions: AuthPermission[];
+    createdAt: Timestamp;
+};
+export type AuthInvite = {
+    id: Id;
+    email: string;
+    organizationId: Id;
+    role: AuthRole;
+    status: "pending" | "accepted" | "revoked";
+    expiresAt: Timestamp;
+    createdAt: Timestamp;
+};
+export type AuthApiKeyOwnerType = "user" | "organization";
+export type AuthApiKeyPermissions = Record<string, string[]>;
+export type AuthApiKey = {
+    id: Id;
+    configId: string;
+    label: string | null;
+    start: string | null;
+    prefix: string | null;
+    ownerType: AuthApiKeyOwnerType;
+    ownerId: Id;
+    enabled: boolean;
+    permissions: AuthApiKeyPermissions | null;
+    metadata: Record<string, unknown> | null;
+    rateLimitEnabled: boolean;
+    rateLimitTimeWindow: number | null;
+    rateLimitMax: number | null;
+    requestCount: number;
+    remaining: number | null;
+    refillAmount: number | null;
+    refillInterval: number | null;
+    lastRefillAt: Timestamp | null;
+    lastUsedAt: Timestamp | null;
+    expiresAt: Timestamp | null;
+    createdAt: Timestamp;
+    updatedAt: Timestamp;
+};
+export type CreatedAuthApiKey = {
+    apiKey: AuthApiKey;
+    secret: string;
+};
+export type AuthApiKeyVerificationResult = {
+    valid: boolean;
+    apiKey: AuthApiKey | null;
+    errorCode: string | null;
+    errorMessage: string | null;
+};
+export type AuthAuditEvent = {
+    id: Id;
+    action: string;
+    actorId: Id | null;
+    organizationId: Id | null;
+    resourceType: string;
+    resourceId: Id | null;
+    createdAt: Timestamp;
+};
+//# sourceMappingURL=index.d.ts.map

package/dist/auth-contracts/src/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../auth-contracts/src/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,EAAE,EAAE,SAAS,EAAE,MAAM,gCAAgC,CAAC;AAEpE,eAAO,MAAM,UAAU,iDAAkD,CAAC;AAE1E,MAAM,MAAM,QAAQ,GAAG,CAAC,OAAO,UAAU,CAAC,CAAC,MAAM,CAAC,CAAC;AACnD,MAAM,MAAM,cAAc,GAAG,MAAM,CAAC;AAEpC,MAAM,MAAM,QAAQ,GAAG;IACtB,EAAE,EAAE,EAAE,CAAC;IACP,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,aAAa,EAAE,OAAO,CAAC;IACvB,SAAS,EAAE,SAAS,CAAC;IACrB,SAAS,EAAE,SAAS,CAAC;CACrB,CAAC;AAEF,MAAM,MAAM,WAAW,GAAG;IACzB,EAAE,EAAE,EAAE,CAAC;IACP,IAAI,EAAE,QAAQ,CAAC;IACf,oBAAoB,EAAE,EAAE,GAAG,IAAI,CAAC;IAChC,SAAS,EAAE,SAAS,CAAC;IACrB,SAAS,EAAE,SAAS,CAAC;CACrB,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG;IAC9B,EAAE,EAAE,EAAE,CAAC;IACP,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,SAAS,CAAC;IACrB,SAAS,EAAE,SAAS,CAAC;CACrB,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG;IAC5B,EAAE,EAAE,EAAE,CAAC;IACP,cAAc,EAAE,EAAE,CAAC;IACnB,MAAM,EAAE,EAAE,CAAC;IACX,IAAI,EAAE,QAAQ,CAAC;IACf,WAAW,EAAE,cAAc,EAAE,CAAC;IAC9B,SAAS,EAAE,SAAS,CAAC;CACrB,CAAC;AAEF,MAAM,MAAM,UAAU,GAAG;IACxB,EAAE,EAAE,EAAE,CAAC;IACP,KAAK,EAAE,MAAM,CAAC;IACd,cAAc,EAAE,EAAE,CAAC;IACnB,IAAI,EAAE,QAAQ,CAAC;IACf,MAAM,EAAE,SAAS,GAAG,UAAU,GAAG,SAAS,CAAC;IAC3C,SAAS,EAAE,SAAS,CAAC;IACrB,SAAS,EAAE,SAAS,CAAC;CACrB,CAAC;AAEF,MAAM,MAAM,mBAAmB,GAAG,MAAM,GAAG,cAAc,CAAC;AAC1D,MAAM,MAAM,qBAAqB,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;AAE7D,MAAM,MAAM,UAAU,GAAG;IACxB,EAAE,EAAE,EAAE,CAAC;IACP,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,SAAS,EAAE,mBAAmB,CAAC;IAC/B,OAAO,EAAE,EAAE,CAAC;IACZ,OAAO,EAAE,OAAO,CAAC;IACjB,WAAW,EAAE,qBAAqB,GAAG,IAAI,CAAC;IAC1C,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IACzC,gBAAgB,EAAE,OAAO,CAAC;IAC1B,mBAAmB,EAAE,MAAM,GAAG,IAAI,CAAC;IACnC,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,cAAc,EAAE,MAAM,GAAG,IAAI,CAAC;IAC9B,YAAY,EAAE,SAAS,GAAG,IAAI,CAAC;IAC/B,UAAU,EAAE,SAAS,GAAG,IAAI,CAAC;IAC7B,SAAS,EAAE,SAAS,GAAG,IAAI,CAAC;IAC5B,SAAS,EAAE,SAAS,CAAC;IACrB,SAAS,EAAE,SAAS,CAAC;CACrB,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG;IAC/B,MAAM,EAAE,UAAU,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;CACf,CAAC;AAEF,MAAM,MAAM,4BAA4B,GAAG;IAC1C,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,EAAE,UAAU,GAAG,IAAI,CAAC;IAC1B,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;CAC5B,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG;IAC5B,EAAE,EAAE,EAAE,CAAC;IACP,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,EAAE,GAAG,IAAI,CAAC;IACnB,cAAc,EAAE,EAAE,GAAG,IAAI,CAAC;IAC1B,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,EAAE,GAAG,IAAI,CAAC;IACtB,SAAS,EAAE,SAAS,CAAC;CACrB,CAAC"}

package/dist/auth-contracts/src/index.js

@@ -0,0 +1,2 @@
+export const AUTH_ROLES = ["owner", "admin", "member", "viewer"];
+//# sourceMappingURL=index.js.map

package/dist/auth-contracts/src/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../auth-contracts/src/index.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,CAAU,CAAC"}

package/dist/auth-organizations/src/index.d.ts

@@ -0,0 +1,77 @@
+import type { AuthInvite, AuthMembership, AuthOrganization, AuthRole } from "@fengsoft/auth-contracts";
+type AuthHeaders = Headers | Array<[string, string]> | Record<string, string>;
+export type OrganizationRequestContext = {
+    headers: AuthHeaders;
+};
+export type OrganizationLookupInput = {
+    organizationId?: string;
+    organizationSlug?: string;
+};
+export type CreateOrganizationInput = {
+    name: string;
+    slug: string;
+    ownerUserId?: string;
+    logo?: string;
+    metadata?: Record<string, unknown>;
+    keepCurrentActiveOrganization?: boolean;
+};
+export type InviteMemberInput = OrganizationLookupInput & {
+    email: string;
+    role: AuthRole;
+    resend?: boolean;
+};
+export type AcceptInviteInput = {
+    invitationId: string;
+};
+export type RevokeInviteInput = {
+    invitationId: string;
+};
+export type GetOrganizationInput = OrganizationLookupInput & {
+    membersLimit?: number;
+};
+export type ListMembershipsInput = OrganizationLookupInput & {
+    limit?: number;
+    offset?: number;
+    sortBy?: string;
+    sortDirection?: "asc" | "desc";
+};
+export type SwitchActiveOrganizationInput = {
+    organizationId?: string | null;
+    organizationSlug?: string;
+};
+export type UpdateMemberRoleInput = {
+    memberId: string;
+    role: AuthRole;
+    organizationId?: string;
+};
+export type RemoveMemberInput = {
+    memberIdOrEmail: string;
+    organizationId?: string;
+};
+export type AuthOrganizationDetails = {
+    organization: AuthOrganization;
+    invitations: AuthInvite[];
+    memberships: AuthMembership[];
+};
+export type AcceptInviteResult = {
+    invitation: AuthInvite;
+    membership: AuthMembership | null;
+};
+export type OrganizationService = {
+    createOrganization: (context: OrganizationRequestContext, input: CreateOrganizationInput) => Promise<AuthOrganization>;
+    getOrganization: (context: OrganizationRequestContext, input: GetOrganizationInput) => Promise<AuthOrganizationDetails | null>;
+    listOrganizations: (context: OrganizationRequestContext) => Promise<AuthOrganization[]>;
+    inviteMember: (context: OrganizationRequestContext, input: InviteMemberInput) => Promise<AuthInvite>;
+    acceptInvite: (context: OrganizationRequestContext, input: AcceptInviteInput) => Promise<AcceptInviteResult>;
+    revokeInvite: (context: OrganizationRequestContext, input: RevokeInviteInput) => Promise<AuthInvite | null>;
+    listMemberships: (context: OrganizationRequestContext, input: ListMembershipsInput) => Promise<AuthMembership[]>;
+    switchActiveOrganization: (context: OrganizationRequestContext, input: SwitchActiveOrganizationInput) => Promise<AuthOrganization | null>;
+    updateMemberRole: (context: OrganizationRequestContext, input: UpdateMemberRoleInput) => Promise<AuthMembership>;
+    removeMember: (context: OrganizationRequestContext, input: RemoveMemberInput) => Promise<AuthMembership>;
+};
+export declare function createOrganizationService(service: OrganizationService): OrganizationService;
+export declare function createBetterAuthOrganizationService(auth: {
+    api: unknown;
+}): OrganizationService;
+export {};
+//# sourceMappingURL=index.d.ts.map

package/dist/auth-organizations/src/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACX,UAAU,EACV,cAAc,EACd,gBAAgB,EAChB,QAAQ,EACR,MAAM,0BAA0B,CAAC;AAGlC,KAAK,WAAW,GAAG,OAAO,GAAG,KAAK,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AAiI9E,MAAM,MAAM,0BAA0B,GAAG;IACxC,OAAO,EAAE,WAAW,CAAC;CACrB,CAAC;AAEF,MAAM,MAAM,uBAAuB,GAAG;IACrC,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC1B,CAAC;AAEF,MAAM,MAAM,uBAAuB,GAAG;IACrC,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACnC,6BAA6B,CAAC,EAAE,OAAO,CAAC;CACxC,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG,uBAAuB,GAAG;IACzD,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,QAAQ,CAAC;IACf,MAAM,CAAC,EAAE,OAAO,CAAC;CACjB,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG;IAC/B,YAAY,EAAE,MAAM,CAAC;CACrB,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG;IAC/B,YAAY,EAAE,MAAM,CAAC;CACrB,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG,uBAAuB,GAAG;IAC5D,YAAY,CAAC,EAAE,MAAM,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG,uBAAuB,GAAG;IAC5D,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,aAAa,CAAC,EAAE,KAAK,GAAG,MAAM,CAAC;CAC/B,CAAC;AAEF,MAAM,MAAM,6BAA6B,GAAG;IAC3C,cAAc,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC/B,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC1B,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IACnC,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,QAAQ,CAAC;IACf,cAAc,CAAC,EAAE,MAAM,CAAC;CACxB,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG;IAC/B,eAAe,EAAE,MAAM,CAAC;IACxB,cAAc,CAAC,EAAE,MAAM,CAAC;CACxB,CAAC;AAEF,MAAM,MAAM,uBAAuB,GAAG;IACrC,YAAY,EAAE,gBAAgB,CAAC;IAC/B,WAAW,EAAE,UAAU,EAAE,CAAC;IAC1B,WAAW,EAAE,cAAc,EAAE,CAAC;CAC9B,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG;IAChC,UAAU,EAAE,UAAU,CAAC;IACvB,UAAU,EAAE,cAAc,GAAG,IAAI,CAAC;CAClC,CAAC;AAEF,MAAM,MAAM,mBAAmB,GAAG;IACjC,kBAAkB,EAAE,CACnB,OAAO,EAAE,0BAA0B,EACnC,KAAK,EAAE,uBAAuB,KAC1B,OAAO,CAAC,gBAAgB,CAAC,CAAC;IAC/B,eAAe,EAAE,CAChB,OAAO,EAAE,0BAA0B,EACnC,KAAK,EAAE,oBAAoB,KACvB,OAAO,CAAC,uBAAuB,GAAG,IAAI,CAAC,CAAC;IAC7C,iBAAiB,EAAE,CAClB,OAAO,EAAE,0BAA0B,KAC/B,OAAO,CAAC,gBAAgB,EAAE,CAAC,CAAC;IACjC,YAAY,EAAE,CACb,OAAO,EAAE,0BAA0B,EACnC,KAAK,EAAE,iBAAiB,KACpB,OAAO,CAAC,UAAU,CAAC,CAAC;IACzB,YAAY,EAAE,CACb,OAAO,EAAE,0BAA0B,EACnC,KAAK,EAAE,iBAAiB,KACpB,OAAO,CAAC,kBAAkB,CAAC,CAAC;IACjC,YAAY,EAAE,CACb,OAAO,EAAE,0BAA0B,EACnC,KAAK,EAAE,iBAAiB,KACpB,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC;IAChC,eAAe,EAAE,CAChB,OAAO,EAAE,0BAA0B,EACnC,KAAK,EAAE,oBAAoB,KACvB,OAAO,CAAC,cAAc,EAAE,CAAC,CAAC;IAC/B,wBAAwB,EAAE,CACzB,OAAO,EAAE,0BAA0B,EACnC,KAAK,EAAE,6BAA6B,KAChC,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC,CAAC;IACtC,gBAAgB,EAAE,CACjB,OAAO,EAAE,0BAA0B,EACnC,KAAK,EAAE,qBAAqB,KACxB,OAAO,CAAC,cAAc,CAAC,CAAC;IAC7B,YAAY,EAAE,CACb,OAAO,EAAE,0BAA0B,EACnC,KAAK,EAAE,iBAAiB,KACpB,OAAO,CAAC,cAAc,CAAC,CAAC;CAC7B,CAAC;AAkFF,wBAAgB,yBAAyB,CACxC,OAAO,EAAE,mBAAmB,GAC1B,mBAAmB,CAErB;AAED,wBAAgB,mCAAmC,CAAC,IAAI,EAAE;IACzD,GAAG,EAAE,OAAO,CAAC;CACb,GAAG,mBAAmB,CA4HtB"}

package/dist/auth-organizations/src/index.js

@@ -0,0 +1,179 @@
+function normalizeTimestamp(value) {
+    return value instanceof Date
+        ? value.toISOString()
+        : new Date(value).toISOString();
+}
+function toHeaders(headers) {
+    return new Headers(headers);
+}
+function normalizeRole(role) {
+    return role;
+}
+function normalizeInvitationStatus(status) {
+    switch (status) {
+        case "accepted":
+            return "accepted";
+        case "pending":
+            return "pending";
+        default:
+            return "revoked";
+    }
+}
+function normalizeOrganization(organization) {
+    return {
+        id: organization.id,
+        name: organization.name,
+        slug: organization.slug,
+        createdAt: normalizeTimestamp(organization.createdAt),
+        updatedAt: normalizeTimestamp(organization.updatedAt ?? organization.createdAt),
+    };
+}
+function normalizeMembership(membership) {
+    return {
+        id: membership.id,
+        organizationId: membership.organizationId,
+        userId: membership.userId,
+        role: normalizeRole(membership.role),
+        permissions: [],
+        createdAt: normalizeTimestamp(membership.createdAt),
+    };
+}
+function normalizeInvite(invitation) {
+    return {
+        id: invitation.id,
+        email: invitation.email,
+        organizationId: invitation.organizationId,
+        role: normalizeRole(invitation.role),
+        status: normalizeInvitationStatus(invitation.status),
+        expiresAt: normalizeTimestamp(invitation.expiresAt),
+        createdAt: normalizeTimestamp(invitation.createdAt),
+    };
+}
+function normalizeOrganizationDetails(details) {
+    return {
+        organization: normalizeOrganization(details),
+        invitations: details.invitations.map(normalizeInvite),
+        memberships: details.members.map(normalizeMembership),
+    };
+}
+function toOrganizationAuthClient(auth) {
+    return auth;
+}
+export function createOrganizationService(service) {
+    return service;
+}
+export function createBetterAuthOrganizationService(auth) {
+    const authClient = toOrganizationAuthClient(auth);
+    return createOrganizationService({
+        createOrganization: async (context, input) => {
+            const created = await authClient.api.createOrganization({
+                headers: toHeaders(context.headers),
+                body: {
+                    keepCurrentActiveOrganization: input.keepCurrentActiveOrganization,
+                    logo: input.logo,
+                    metadata: input.metadata,
+                    name: input.name,
+                    slug: input.slug,
+                    userId: input.ownerUserId,
+                },
+            });
+            return normalizeOrganization(created);
+        },
+        getOrganization: async (context, input) => {
+            const details = await authClient.api.getFullOrganization({
+                headers: toHeaders(context.headers),
+                query: {
+                    membersLimit: input.membersLimit,
+                    organizationId: input.organizationId,
+                    organizationSlug: input.organizationSlug,
+                },
+            });
+            return details ? normalizeOrganizationDetails(details) : null;
+        },
+        listOrganizations: async (context) => {
+            const organizations = await authClient.api.listOrganizations({
+                headers: toHeaders(context.headers),
+            });
+            return organizations.map(normalizeOrganization);
+        },
+        inviteMember: async (context, input) => {
+            const invitation = await authClient.api.createInvitation({
+                headers: toHeaders(context.headers),
+                body: {
+                    email: input.email,
+                    organizationId: input.organizationId,
+                    resend: input.resend,
+                    role: input.role,
+                },
+            });
+            return normalizeInvite(invitation);
+        },
+        acceptInvite: async (context, input) => {
+            const result = await authClient.api.acceptInvitation({
+                headers: toHeaders(context.headers),
+                body: {
+                    invitationId: input.invitationId,
+                },
+            });
+            return {
+                invitation: normalizeInvite(result.invitation),
+                membership: result.member ? normalizeMembership(result.member) : null,
+            };
+        },
+        revokeInvite: async (context, input) => {
+            const result = await authClient.api.cancelInvitation({
+                headers: toHeaders(context.headers),
+                body: {
+                    invitationId: input.invitationId,
+                },
+            });
+            return result.invitation ? normalizeInvite(result.invitation) : null;
+        },
+        listMemberships: async (context, input) => {
+            const result = await authClient.api.listMembers({
+                headers: toHeaders(context.headers),
+                query: {
+                    limit: input.limit,
+                    offset: input.offset,
+                    organizationId: input.organizationId,
+                    organizationSlug: input.organizationSlug,
+                    sortBy: input.sortBy,
+                    sortDirection: input.sortDirection,
+                },
+            });
+            return result.members.map(normalizeMembership);
+        },
+        switchActiveOrganization: async (context, input) => {
+            const organization = await authClient.api.setActiveOrganization({
+                headers: toHeaders(context.headers),
+                body: {
+                    organizationId: input.organizationId,
+                    organizationSlug: input.organizationSlug,
+                },
+            });
+            return organization ? normalizeOrganization(organization) : null;
+        },
+        updateMemberRole: async (context, input) => {
+            const member = await authClient.api.updateMemberRole({
+                headers: toHeaders(context.headers),
+                body: {
+                    memberId: input.memberId,
+                    organizationId: input.organizationId,
+                    role: input.role,
+                },
+            });
+            return normalizeMembership(member);
+        },
+        removeMember: async (context, input) => {
+            const result = await authClient.api.removeMember({
+                headers: toHeaders(context.headers),
+                body: {
+                    memberIdOrEmail: input.memberIdOrEmail,
+                    organizationId: input.organizationId,
+                },
+            });
+            return normalizeMembership(result.member);
+        },
+    });
+}
+//# sourceMappingURL=index.js.map

package/dist/auth-organizations/src/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/index.ts"],"names":[],"mappings":"AAyPA,SAAS,kBAAkB,CAAC,KAAoB;IAC/C,OAAO,KAAK,YAAY,IAAI;QAC3B,CAAC,CAAC,KAAK,CAAC,WAAW,EAAE;QACrB,CAAC,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC;AAClC,CAAC;AAED,SAAS,SAAS,CAAC,OAAoB;IACtC,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC,CAAC;AAC7B,CAAC;AAED,SAAS,aAAa,CAAC,IAAY;IAClC,OAAO,IAAgB,CAAC;AACzB,CAAC;AAED,SAAS,yBAAyB,CAAC,MAAc;IAChD,QAAQ,MAAM,EAAE,CAAC;QAChB,KAAK,UAAU;YACd,OAAO,UAAU,CAAC;QACnB,KAAK,SAAS;YACb,OAAO,SAAS,CAAC;QAClB;YACC,OAAO,SAAS,CAAC;IACnB,CAAC;AACF,CAAC;AAED,SAAS,qBAAqB,CAC7B,YAA2C;IAE3C,OAAO;QACN,EAAE,EAAE,YAAY,CAAC,EAAE;QACnB,IAAI,EAAE,YAAY,CAAC,IAAI;QACvB,IAAI,EAAE,YAAY,CAAC,IAAI;QACvB,SAAS,EAAE,kBAAkB,CAAC,YAAY,CAAC,SAAS,CAAC;QACrD,SAAS,EAAE,kBAAkB,CAC5B,YAAY,CAAC,SAAS,IAAI,YAAY,CAAC,SAAS,CAChD;KACD,CAAC;AACH,CAAC;AAED,SAAS,mBAAmB,CAC3B,UAAmC;IAEnC,OAAO;QACN,EAAE,EAAE,UAAU,CAAC,EAAE;QACjB,cAAc,EAAE,UAAU,CAAC,cAAc;QACzC,MAAM,EAAE,UAAU,CAAC,MAAM;QACzB,IAAI,EAAE,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC;QACpC,WAAW,EAAE,EAAE;QACf,SAAS,EAAE,kBAAkB,CAAC,UAAU,CAAC,SAAS,CAAC;KACnD,CAAC;AACH,CAAC;AAED,SAAS,eAAe,CAAC,UAAuC;IAC/D,OAAO;QACN,EAAE,EAAE,UAAU,CAAC,EAAE;QACjB,KAAK,EAAE,UAAU,CAAC,KAAK;QACvB,cAAc,EAAE,UAAU,CAAC,cAAc;QACzC,IAAI,EAAE,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC;QACpC,MAAM,EAAE,yBAAyB,CAAC,UAAU,CAAC,MAAM,CAAC;QACpD,SAAS,EAAE,kBAAkB,CAAC,UAAU,CAAC,SAAS,CAAC;QACnD,SAAS,EAAE,kBAAkB,CAAC,UAAU,CAAC,SAAS,CAAC;KACnD,CAAC;AACH,CAAC;AAED,SAAS,4BAA4B,CACpC,OAA6C;IAE7C,OAAO;QACN,YAAY,EAAE,qBAAqB,CAAC,OAAO,CAAC;QAC5C,WAAW,EAAE,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,eAAe,CAAC;QACrD,WAAW,EAAE,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC;KACrD,CAAC;AACH,CAAC;AAED,SAAS,wBAAwB,CAAC,IAEjC;IACA,OAAO,IAA8B,CAAC;AACvC,CAAC;AAED,MAAM,UAAU,yBAAyB,CACxC,OAA4B;IAE5B,OAAO,OAAO,CAAC;AAChB,CAAC;AAED,MAAM,UAAU,mCAAmC,CAAC,IAEnD;IACA,MAAM,UAAU,GAAG,wBAAwB,CAAC,IAAI,CAAC,CAAC;IAElD,OAAO,yBAAyB,CAAC;QAChC,kBAAkB,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;YAC5C,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,GAAG,CAAC,kBAAkB,CAAC;gBACvD,OAAO,EAAE,SAAS,CAAC,OAAO,CAAC,OAAO,CAAC;gBACnC,IAAI,EAAE;oBACL,6BAA6B,EAAE,KAAK,CAAC,6BAA6B;oBAClE,IAAI,EAAE,KAAK,CAAC,IAAI;oBAChB,QAAQ,EAAE,KAAK,CAAC,QAAQ;oBACxB,IAAI,EAAE,KAAK,CAAC,IAAI;oBAChB,IAAI,EAAE,KAAK,CAAC,IAAI;oBAChB,MAAM,EAAE,KAAK,CAAC,WAAW;iBACzB;aACD,CAAC,CAAC;YAEH,OAAO,qBAAqB,CAAC,OAAO,CAAC,CAAC;QACvC,CAAC;QACD,eAAe,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;YACzC,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,GAAG,CAAC,mBAAmB,CAAC;gBACxD,OAAO,EAAE,SAAS,CAAC,OAAO,CAAC,OAAO,CAAC;gBACnC,KAAK,EAAE;oBACN,YAAY,EAAE,KAAK,CAAC,YAAY;oBAChC,cAAc,EAAE,KAAK,CAAC,cAAc;oBACpC,gBAAgB,EAAE,KAAK,CAAC,gBAAgB;iBACxC;aACD,CAAC,CAAC;YAEH,OAAO,OAAO,CAAC,CAAC,CAAC,4BAA4B,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAC/D,CAAC;QACD,iBAAiB,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;YACpC,MAAM,aAAa,GAAG,MAAM,UAAU,CAAC,GAAG,CAAC,iBAAiB,CAAC;gBAC5D,OAAO,EAAE,SAAS,CAAC,OAAO,CAAC,OAAO,CAAC;aACnC,CAAC,CAAC;YAEH,OAAO,aAAa,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;QACjD,CAAC;QACD,YAAY,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;YACtC,MAAM,UAAU,GAAG,MAAM,UAAU,CAAC,GAAG,CAAC,gBAAgB,CAAC;gBACxD,OAAO,EAAE,SAAS,CAAC,OAAO,CAAC,OAAO,CAAC;gBACnC,IAAI,EAAE;oBACL,KAAK,EAAE,KAAK,CAAC,KAAK;oBAClB,cAAc,EAAE,KAAK,CAAC,cAAc;oBACpC,MAAM,EAAE,KAAK,CAAC,MAAM;oBACpB,IAAI,EAAE,KAAK,CAAC,IAAI;iBAChB;aACD,CAAC,CAAC;YAEH,OAAO,eAAe,CAAC,UAAU,CAAC,CAAC;QACpC,CAAC;QACD,YAAY,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;YACtC,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,GAAG,CAAC,gBAAgB,CAAC;gBACpD,OAAO,EAAE,SAAS,CAAC,OAAO,CAAC,OAAO,CAAC;gBACnC,IAAI,EAAE;oBACL,YAAY,EAAE,KAAK,CAAC,YAAY;iBAChC;aACD,CAAC,CAAC;YAEH,OAAO;gBACN,UAAU,EAAE,eAAe,CAAC,MAAM,CAAC,UAAU,CAAC;gBAC9C,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,mBAAmB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI;aACrE,CAAC;QACH,CAAC;QACD,YAAY,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;YACtC,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,GAAG,CAAC,gBAAgB,CAAC;gBACpD,OAAO,EAAE,SAAS,CAAC,OAAO,CAAC,OAAO,CAAC;gBACnC,IAAI,EAAE;oBACL,YAAY,EAAE,KAAK,CAAC,YAAY;iBAChC;aACD,CAAC,CAAC;YAEH,OAAO,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,eAAe,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QACtE,CAAC;QACD,eAAe,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;YACzC,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,GAAG,CAAC,WAAW,CAAC;gBAC/C,OAAO,EAAE,SAAS,CAAC,OAAO,CAAC,OAAO,CAAC;gBACnC,KAAK,EAAE;oBACN,KAAK,EAAE,KAAK,CAAC,KAAK;oBAClB,MAAM,EAAE,KAAK,CAAC,MAAM;oBACpB,cAAc,EAAE,KAAK,CAAC,cAAc;oBACpC,gBAAgB,EAAE,KAAK,CAAC,gBAAgB;oBACxC,MAAM,EAAE,KAAK,CAAC,MAAM;oBACpB,aAAa,EAAE,KAAK,CAAC,aAAa;iBAClC;aACD,CAAC,CAAC;YAEH,OAAO,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;QAChD,CAAC;QACD,wBAAwB,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;YAClD,MAAM,YAAY,GAAG,MAAM,UAAU,CAAC,GAAG,CAAC,qBAAqB,CAAC;gBAC/D,OAAO,EAAE,SAAS,CAAC,OAAO,CAAC,OAAO,CAAC;gBACnC,IAAI,EAAE;oBACL,cAAc,EAAE,KAAK,CAAC,cAAc;oBACpC,gBAAgB,EAAE,KAAK,CAAC,gBAAgB;iBACxC;aACD,CAAC,CAAC;YAEH,OAAO,YAAY,CAAC,CAAC,CAAC,qBAAqB,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAClE,CAAC;QACD,gBAAgB,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;YAC1C,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,GAAG,CAAC,gBAAgB,CAAC;gBACpD,OAAO,EAAE,SAAS,CAAC,OAAO,CAAC,OAAO,CAAC;gBACnC,IAAI,EAAE;oBACL,QAAQ,EAAE,KAAK,CAAC,QAAQ;oBACxB,cAAc,EAAE,KAAK,CAAC,cAAc;oBACpC,IAAI,EAAE,KAAK,CAAC,IAAI;iBAChB;aACD,CAAC,CAAC;YAEH,OAAO,mBAAmB,CAAC,MAAM,CAAC,CAAC;QACpC,CAAC;QACD,YAAY,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;YACtC,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,GAAG,CAAC,YAAY,CAAC;gBAChD,OAAO,EAAE,SAAS,CAAC,OAAO,CAAC,OAAO,CAAC;gBACnC,IAAI,EAAE;oBACL,eAAe,EAAE,KAAK,CAAC,eAAe;oBACtC,cAAc,EAAE,KAAK,CAAC,cAAc;iBACpC;aACD,CAAC,CAAC;YAEH,OAAO,mBAAmB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAC3C,CAAC;KACD,CAAC,CAAC;AACJ,CAAC"}

package/dist/foundation-contracts/src/index.d.ts

@@ -0,0 +1,24 @@
+export type Id = string;
+export type Timestamp = string;
+export type MetadataValue = string | number | boolean | null | MetadataValue[] | {
+    [key: string]: MetadataValue;
+};
+export type Metadata = Record<string, MetadataValue>;
+export type ErrorEnvelope = {
+    code: string;
+    message: string;
+    status: number;
+    requestId?: string;
+    details?: Metadata;
+};
+export type PageRequest = {
+    cursor?: string | null;
+    limit?: number;
+};
+export type PageResult<TItem> = {
+    items: TItem[];
+    nextCursor: string | null;
+    totalCount?: number;
+};
+export declare function createErrorEnvelope(input: ErrorEnvelope): ErrorEnvelope;
+//# sourceMappingURL=index.d.ts.map

package/dist/foundation-contracts/src/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../foundation-contracts/src/index.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,EAAE,GAAG,MAAM,CAAC;AACxB,MAAM,MAAM,SAAS,GAAG,MAAM,CAAC;AAC/B,MAAM,MAAM,aAAa,GACtB,MAAM,GACN,MAAM,GACN,OAAO,GACP,IAAI,GACJ,aAAa,EAAE,GACf;IAAE,CAAC,GAAG,EAAE,MAAM,GAAG,aAAa,CAAA;CAAE,CAAC;AAEpC,MAAM,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;AAErD,MAAM,MAAM,aAAa,GAAG;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,OAAO,CAAC,EAAE,QAAQ,CAAC;CACnB,CAAC;AAEF,MAAM,MAAM,WAAW,GAAG;IACzB,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,KAAK,CAAC,EAAE,MAAM,CAAC;CACf,CAAC;AAEF,MAAM,MAAM,UAAU,CAAC,KAAK,IAAI;IAC/B,KAAK,EAAE,KAAK,EAAE,CAAC;IACf,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,UAAU,CAAC,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,aAAa,GAAG,aAAa,CAEvE"}

package/dist/foundation-contracts/src/index.js

@@ -0,0 +1,4 @@
+export function createErrorEnvelope(input) {
+    return input;
+}
+//# sourceMappingURL=index.js.map

package/dist/foundation-contracts/src/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../foundation-contracts/src/index.ts"],"names":[],"mappings":"AA+BA,MAAM,UAAU,mBAAmB,CAAC,KAAoB;IACvD,OAAO,KAAK,CAAC;AACd,CAAC"}

package/package.json

@@ -0,0 +1,31 @@
+{
+  "name": "@fengsoft/auth-organizations",
+  "version": "0.1.0",
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "default": "./dist/index.js"
+    }
+  },
+  "files": [
+    "dist",
+    "README.md",
+    "CHANGELOG.md",
+    "LICENSE"
+  ],
+  "publishConfig": {
+    "access": "public"
+  },
+  "dependencies": {
+    "better-auth": "^1.5.6",
+    "@fengsoft/auth-contracts": "0.1.0"
+  },
+  "scripts": {
+    "build": "tsc -p tsconfig.json",
+    "typecheck": "tsc --noEmit -p tsconfig.json",
+    "lint": "biome check src package.json tsconfig.json"
+  }
+}