@fivenet-app/gen 2025.5.3 → 2026.3.0

package/services/auth/auth.ts

@@ -1,5 +1,6 @@
-// @generated by protobuf-ts 2.10.0 with parameter optimize_speed,long_type_number,force_server_none
+// @generated by protobuf-ts 2.11.1 with parameter force_server_none,long_type_number,optimize_speed,ts_nocheck
 // @generated from protobuf file "services/auth/auth.proto" (package "services.auth", syntax proto3)
+// tslint:disable
 // @ts-nocheck
 import { ServiceType } from "@protobuf-ts/runtime-rpc";
 import type { BinaryWriteOptions } from "@protobuf-ts/runtime";
@@ -11,103 +12,115 @@ import { UnknownFieldHandler } from "@protobuf-ts/runtime";
 import type { PartialMessage } from "@protobuf-ts/runtime";
 import { reflectionMergePartial } from "@protobuf-ts/runtime";
 import { MessageType } from "@protobuf-ts/runtime";
-import { User } from "../../resources/users/users";
-import { JobProps } from "../../resources/jobs/job_props";
+import { RoleAttribute } from "../../resources/permissions/attributes/attributes";
+import { Permission } from "../../resources/permissions/permissions/permissions";
+import { User } from "../../resources/users/user";
+import { JobProps } from "../../resources/jobs/props/props";
 import { Character } from "../../resources/accounts/accounts";
-import { OAuth2Account } from "../../resources/accounts/oauth2";
-import { OAuth2Provider } from "../../resources/accounts/oauth2";
+import { OAuth2Account } from "../../resources/accounts/oauth2/oauth2";
+import { OAuth2Provider } from "../../resources/accounts/oauth2/oauth2";
 import { Account } from "../../resources/accounts/accounts";
 import { Timestamp } from "../../resources/timestamp/timestamp";
 /**
- * @generated from protobuf message services.auth.CreateAccountRequest
+ * @generated from protobuf message services.auth.LoginRequest
  */
-export interface CreateAccountRequest {
-    /**
-     * @generated from protobuf field: string reg_token = 1;
-     */
-    regToken: string;
+export interface LoginRequest {
     /**
-     * @generated from protobuf field: string username = 2;
+     * @generated from protobuf field: string username = 1
      */
     username: string;
     /**
-     * @generated from protobuf field: string password = 3;
+     * @generated from protobuf field: string password = 2
      */
     password: string;
 }
 /**
- * @generated from protobuf message services.auth.CreateAccountResponse
+ * @generated from protobuf message services.auth.LoginResponse
  */
-export interface CreateAccountResponse {
+export interface LoginResponse {
     /**
-     * @generated from protobuf field: uint64 account_id = 1;
+     * @generated from protobuf field: resources.timestamp.Timestamp expires = 1
+     */
+    expires?: Timestamp;
+    /**
+     * @generated from protobuf field: int64 account_id = 2
      */
     accountId: number;
+    /**
+     * @generated from protobuf field: optional services.auth.ChooseCharacterResponse char = 3
+     */
+    char?: ChooseCharacterResponse;
 }
 /**
- * @generated from protobuf message services.auth.LoginRequest
+ * @generated from protobuf message services.auth.LogoutRequest
  */
-export interface LoginRequest {
+export interface LogoutRequest {
+}
+/**
+ * @generated from protobuf message services.auth.LogoutResponse
+ */
+export interface LogoutResponse {
+    /**
+     * @generated from protobuf field: bool success = 1
+     */
+    success: boolean;
+}
+/**
+ * @generated from protobuf message services.auth.CreateAccountRequest
+ */
+export interface CreateAccountRequest {
+    /**
+     * @generated from protobuf field: string reg_token = 1
+     */
+    regToken: string;
     /**
-     * @generated from protobuf field: string username = 1;
+     * @generated from protobuf field: string username = 2
      */
     username: string;
     /**
-     * @generated from protobuf field: string password = 2;
+     * @generated from protobuf field: string password = 3
      */
     password: string;
 }
 /**
- * @generated from protobuf message services.auth.LoginResponse
+ * @generated from protobuf message services.auth.CreateAccountResponse
  */
-export interface LoginResponse {
-    /**
-     * @generated from protobuf field: resources.timestamp.Timestamp expires = 1;
-     */
-    expires?: Timestamp;
+export interface CreateAccountResponse {
     /**
-     * @generated from protobuf field: uint64 account_id = 2;
+     * @generated from protobuf field: int64 account_id = 1
      */
     accountId: number;
-    /**
-     * @generated from protobuf field: optional services.auth.ChooseCharacterResponse char = 3;
-     */
-    char?: ChooseCharacterResponse;
 }
 /**
  * @generated from protobuf message services.auth.ChangePasswordRequest
  */
 export interface ChangePasswordRequest {
     /**
-     * @generated from protobuf field: string current = 1;
+     * @generated from protobuf field: string current_password = 1
      */
-    current: string;
+    currentPassword: string;
     /**
-     * @generated from protobuf field: string new = 2;
+     * @generated from protobuf field: string new_password = 2
      */
-    new: string;
+    newPassword: string;
 }
 /**
  * @generated from protobuf message services.auth.ChangePasswordResponse
  */
 export interface ChangePasswordResponse {
-    /**
-     * @generated from protobuf field: resources.timestamp.Timestamp expires = 1;
-     */
-    expires?: Timestamp;
 }
 /**
  * @generated from protobuf message services.auth.ChangeUsernameRequest
  */
 export interface ChangeUsernameRequest {
     /**
-     * @generated from protobuf field: string current = 1;
+     * @generated from protobuf field: string current_username = 1
      */
-    current: string;
+    currentUsername: string;
     /**
-     * @generated from protobuf field: string new = 2;
+     * @generated from protobuf field: string new_username = 2
      */
-    new: string;
+    newUsername: string;
 }
 /**
  * @generated from protobuf message services.auth.ChangeUsernameResponse
@@ -119,11 +132,11 @@ export interface ChangeUsernameResponse {
  */
 export interface ForgotPasswordRequest {
     /**
-     * @generated from protobuf field: string reg_token = 1;
+     * @generated from protobuf field: string reg_token = 1
      */
     regToken: string;
     /**
-     * @generated from protobuf field: string new = 2;
+     * @generated from protobuf field: string new = 2
      */
     new: string;
 }
@@ -142,15 +155,15 @@ export interface GetAccountInfoRequest {
  */
 export interface GetAccountInfoResponse {
     /**
-     * @generated from protobuf field: resources.accounts.Account account = 1;
+     * @generated from protobuf field: resources.accounts.Account account = 1
      */
     account?: Account;
     /**
-     * @generated from protobuf field: repeated resources.accounts.OAuth2Provider oauth2_providers = 2;
+     * @generated from protobuf field: repeated resources.accounts.oauth2.OAuth2Provider oauth2_providers = 2
      */
     oauth2Providers: OAuth2Provider[];
     /**
-     * @generated from protobuf field: repeated resources.accounts.OAuth2Account oauth2_connections = 3;
+     * @generated from protobuf field: repeated resources.accounts.oauth2.OAuth2Account oauth2_connections = 3
      */
     oauth2Connections: OAuth2Account[];
 }
@@ -164,7 +177,7 @@ export interface GetCharactersRequest {
  */
 export interface GetCharactersResponse {
     /**
-     * @generated from protobuf field: repeated resources.accounts.Character chars = 1;
+     * @generated from protobuf field: repeated resources.accounts.Character chars = 1
      */
     chars: Character[];
 }
@@ -173,7 +186,7 @@ export interface GetCharactersResponse {
  */
 export interface ChooseCharacterRequest {
     /**
-     * @generated from protobuf field: int32 char_id = 1;
+     * @generated from protobuf field: int32 char_id = 1
      */
     charId: number;
 }
@@ -182,55 +195,87 @@ export interface ChooseCharacterRequest {
  */
 export interface ChooseCharacterResponse {
     /**
-     * @generated from protobuf field: resources.timestamp.Timestamp expires = 1;
+     * @generated from protobuf field: string token = 1
      */
-    expires?: Timestamp;
+    token: string;
+    /**
+     * @generated from protobuf field: string username = 2
+     */
+    username: string;
     /**
-     * @generated from protobuf field: repeated string permissions = 2;
+     * @generated from protobuf field: resources.timestamp.Timestamp expires = 3
      */
-    permissions: string[];
+    expires?: Timestamp;
     /**
-     * @generated from protobuf field: resources.jobs.JobProps job_props = 3;
+     * @generated from protobuf field: resources.jobs.props.JobProps job_props = 4
      */
     jobProps?: JobProps;
     /**
-     * @generated from protobuf field: resources.users.User char = 4;
+     * @generated from protobuf field: resources.users.User char = 5
      */
-    char?: User; // @gotags: alias:"user"
+    char?: User;
     /**
-     * @generated from protobuf field: string username = 5;
+     * @generated from protobuf field: repeated resources.permissions.permissions.Permission permissions = 6
      */
-    username: string;
+    permissions: Permission[];
+    /**
+     * @generated from protobuf field: repeated resources.permissions.attributes.RoleAttribute attributes = 7
+     */
+    attributes: RoleAttribute[];
 }
 /**
- * @generated from protobuf message services.auth.LogoutRequest
+ * @generated from protobuf message services.auth.ImpersonateJobRequest
  */
-export interface LogoutRequest {
+export interface ImpersonateJobRequest {
+    /**
+     * @generated from protobuf field: int32 job_grade = 1
+     */
+    jobGrade: number;
 }
 /**
- * @generated from protobuf message services.auth.LogoutResponse
+ * @generated from protobuf message services.auth.ImpersonateJobResponse
  */
-export interface LogoutResponse {
+export interface ImpersonateJobResponse {
     /**
-     * @generated from protobuf field: bool success = 1;
+     * @generated from protobuf field: string token = 1
      */
-    success: boolean;
+    token: string;
+    /**
+     * @generated from protobuf field: resources.timestamp.Timestamp expires = 2
+     */
+    expires?: Timestamp;
+    /**
+     * @generated from protobuf field: resources.users.User char = 3
+     */
+    char?: User;
+    /**
+     * @generated from protobuf field: repeated resources.permissions.permissions.Permission permissions = 4
+     */
+    permissions: Permission[];
+    /**
+     * @generated from protobuf field: repeated resources.permissions.attributes.RoleAttribute attributes = 5
+     */
+    attributes: RoleAttribute[];
+    /**
+     * @generated from protobuf field: bool state = 6
+     */
+    state: boolean;
 }
 /**
- * @generated from protobuf message services.auth.DeleteOAuth2ConnectionRequest
+ * @generated from protobuf message services.auth.DeleteSocialLoginRequest
  */
-export interface DeleteOAuth2ConnectionRequest {
+export interface DeleteSocialLoginRequest {
     /**
-     * @generated from protobuf field: string provider = 1;
+     * @generated from protobuf field: string provider = 1
      */
     provider: string;
 }
 /**
- * @generated from protobuf message services.auth.DeleteOAuth2ConnectionResponse
+ * @generated from protobuf message services.auth.DeleteSocialLoginResponse
  */
-export interface DeleteOAuth2ConnectionResponse {
+export interface DeleteSocialLoginResponse {
     /**
-     * @generated from protobuf field: bool success = 1;
+     * @generated from protobuf field: bool success = 1
      */
     success: boolean;
 }
@@ -239,11 +284,11 @@ export interface DeleteOAuth2ConnectionResponse {
  */
 export interface SetSuperuserModeRequest {
     /**
-     * @generated from protobuf field: bool superuser = 1;
+     * @generated from protobuf field: bool superuser = 1
      */
     superuser: boolean;
     /**
-     * @generated from protobuf field: optional string job = 2;
+     * @generated from protobuf field: optional string job = 2
      */
     job?: string;
 }
@@ -252,52 +297,55 @@ export interface SetSuperuserModeRequest {
  */
 export interface SetSuperuserModeResponse {
     /**
-     * @generated from protobuf field: resources.timestamp.Timestamp expires = 1;
+     * @generated from protobuf field: string token = 1
      */
-    expires?: Timestamp;
+    token: string;
     /**
-     * @generated from protobuf field: repeated string permissions = 2;
+     * @generated from protobuf field: resources.timestamp.Timestamp expires = 2
      */
-    permissions: string[];
+    expires?: Timestamp;
     /**
-     * @generated from protobuf field: optional resources.jobs.JobProps job_props = 3;
+     * @generated from protobuf field: optional resources.jobs.props.JobProps job_props = 3
      */
     jobProps?: JobProps;
     /**
-     * @generated from protobuf field: resources.users.User char = 4;
+     * @generated from protobuf field: resources.users.User char = 4
+     */
+    char?: User;
+    /**
+     * @generated from protobuf field: repeated resources.permissions.permissions.Permission permissions = 5
      */
-    char?: User; // @gotags: alias:"user"
+    permissions: Permission[];
+    /**
+     * @generated from protobuf field: repeated resources.permissions.attributes.RoleAttribute attributes = 6
+     */
+    attributes: RoleAttribute[];
 }
 // @generated message type with reflection information, may provide speed optimized methods
-class CreateAccountRequest$Type extends MessageType<CreateAccountRequest> {
+class LoginRequest$Type extends MessageType<LoginRequest> {
     constructor() {
-        super("services.auth.CreateAccountRequest", [
-            { no: 1, name: "reg_token", kind: "scalar", T: 9 /*ScalarType.STRING*/, options: { "validate.rules": { string: { len: "6", pattern: "^[0-9]{6}$" } } } },
-            { no: 2, name: "username", kind: "scalar", T: 9 /*ScalarType.STRING*/, options: { "validate.rules": { string: { minLen: "3", maxLen: "24", pattern: "(?i)^[0-9A-Z\u00C4\u00D6\u00DC\u00DF_-]{3,24}$" } } } },
-            { no: 3, name: "password", kind: "scalar", T: 9 /*ScalarType.STRING*/, options: { "validate.rules": { string: { minLen: "6", maxBytes: "70" } } } }
+        super("services.auth.LoginRequest", [
+            { no: 1, name: "username", kind: "scalar", T: 9 /*ScalarType.STRING*/, options: { "buf.validate.field": { string: { minLen: "3", maxLen: "24", pattern: "(?i)^[0-9A-Z\u00C4\u00D6\u00DC\u00DF_-]{3,24}$" } } } },
+            { no: 2, name: "password", kind: "scalar", T: 9 /*ScalarType.STRING*/, options: { "codegen.audit.redacted": true, "buf.validate.field": { string: { minLen: "6", maxBytes: "70" } } } }
         ]);
     }
-    create(value?: PartialMessage<CreateAccountRequest>): CreateAccountRequest {
+    create(value?: PartialMessage<LoginRequest>): LoginRequest {
         const message = globalThis.Object.create((this.messagePrototype!));
-        message.regToken = "";
         message.username = "";
         message.password = "";
         if (value !== undefined)
-            reflectionMergePartial<CreateAccountRequest>(this, message, value);
+            reflectionMergePartial<LoginRequest>(this, message, value);
         return message;
     }
-    internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: CreateAccountRequest): CreateAccountRequest {
+    internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: LoginRequest): LoginRequest {
         let message = target ?? this.create(), end = reader.pos + length;
         while (reader.pos < end) {
             let [fieldNo, wireType] = reader.tag();
             switch (fieldNo) {
-                case /* string reg_token */ 1:
-                    message.regToken = reader.string();
-                    break;
-                case /* string username */ 2:
+                case /* string username */ 1:
                     message.username = reader.string();
                     break;
-                case /* string password */ 3:
+                case /* string password */ 2:
                     message.password = reader.string();
                     break;
                 default:
@@ -311,16 +359,13 @@ class CreateAccountRequest$Type extends MessageType<CreateAccountRequest> {
         }
         return message;
     }
-    internalBinaryWrite(message: CreateAccountRequest, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter {
-        /* string reg_token = 1; */
-        if (message.regToken !== "")
-            writer.tag(1, WireType.LengthDelimited).string(message.regToken);
-        /* string username = 2; */
+    internalBinaryWrite(message: LoginRequest, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter {
+        /* string username = 1; */
         if (message.username !== "")
-            writer.tag(2, WireType.LengthDelimited).string(message.username);
-        /* string password = 3; */
+            writer.tag(1, WireType.LengthDelimited).string(message.username);
+        /* string password = 2; */
         if (message.password !== "")
-            writer.tag(3, WireType.LengthDelimited).string(message.password);
+            writer.tag(2, WireType.LengthDelimited).string(message.password);
         let u = options.writeUnknownFields;
         if (u !== false)
             (u == true ? UnknownFieldHandler.onWrite : u)(this.typeName, message, writer);
@@ -328,30 +373,38 @@ class CreateAccountRequest$Type extends MessageType<CreateAccountRequest> {
     }
 }
 /**
- * @generated MessageType for protobuf message services.auth.CreateAccountRequest
+ * @generated MessageType for protobuf message services.auth.LoginRequest
  */
-export const CreateAccountRequest = new CreateAccountRequest$Type();
+export const LoginRequest = new LoginRequest$Type();
 // @generated message type with reflection information, may provide speed optimized methods
-class CreateAccountResponse$Type extends MessageType<CreateAccountResponse> {
+class LoginResponse$Type extends MessageType<LoginResponse> {
     constructor() {
-        super("services.auth.CreateAccountResponse", [
-            { no: 1, name: "account_id", kind: "scalar", T: 4 /*ScalarType.UINT64*/, L: 2 /*LongType.NUMBER*/ }
+        super("services.auth.LoginResponse", [
+            { no: 1, name: "expires", kind: "message", T: () => Timestamp },
+            { no: 2, name: "account_id", kind: "scalar", T: 3 /*ScalarType.INT64*/, L: 2 /*LongType.NUMBER*/ },
+            { no: 3, name: "char", kind: "message", T: () => ChooseCharacterResponse }
         ]);
     }
-    create(value?: PartialMessage<CreateAccountResponse>): CreateAccountResponse {
+    create(value?: PartialMessage<LoginResponse>): LoginResponse {
         const message = globalThis.Object.create((this.messagePrototype!));
         message.accountId = 0;
         if (value !== undefined)
-            reflectionMergePartial<CreateAccountResponse>(this, message, value);
+            reflectionMergePartial<LoginResponse>(this, message, value);
         return message;
     }
-    internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: CreateAccountResponse): CreateAccountResponse {
+    internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: LoginResponse): LoginResponse {
         let message = target ?? this.create(), end = reader.pos + length;
         while (reader.pos < end) {
             let [fieldNo, wireType] = reader.tag();
             switch (fieldNo) {
-                case /* uint64 account_id */ 1:
-                    message.accountId = reader.uint64().toNumber();
+                case /* resources.timestamp.Timestamp expires */ 1:
+                    message.expires = Timestamp.internalBinaryRead(reader, reader.uint32(), options, message.expires);
+                    break;
+                case /* int64 account_id */ 2:
+                    message.accountId = reader.int64().toNumber();
+                    break;
+                case /* optional services.auth.ChooseCharacterResponse char */ 3:
+                    message.char = ChooseCharacterResponse.internalBinaryRead(reader, reader.uint32(), options, message.char);
                     break;
                 default:
                     let u = options.readUnknownField;
@@ -364,10 +417,16 @@ class CreateAccountResponse$Type extends MessageType<CreateAccountResponse> {
         }
         return message;
     }
-    internalBinaryWrite(message: CreateAccountResponse, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter {
-        /* uint64 account_id = 1; */
+    internalBinaryWrite(message: LoginResponse, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter {
+        /* resources.timestamp.Timestamp expires = 1; */
+        if (message.expires)
+            Timestamp.internalBinaryWrite(message.expires, writer.tag(1, WireType.LengthDelimited).fork(), options).join();
+        /* int64 account_id = 2; */
         if (message.accountId !== 0)
-            writer.tag(1, WireType.Varint).uint64(message.accountId);
+            writer.tag(2, WireType.Varint).int64(message.accountId);
+        /* optional services.auth.ChooseCharacterResponse char = 3; */
+        if (message.char)
+            ChooseCharacterResponse.internalBinaryWrite(message.char, writer.tag(3, WireType.LengthDelimited).fork(), options).join();
         let u = options.writeUnknownFields;
         if (u !== false)
             (u == true ? UnknownFieldHandler.onWrite : u)(this.typeName, message, writer);
@@ -375,34 +434,124 @@ class CreateAccountResponse$Type extends MessageType<CreateAccountResponse> {
     }
 }
 /**
- * @generated MessageType for protobuf message services.auth.CreateAccountResponse
+ * @generated MessageType for protobuf message services.auth.LoginResponse
  */
-export const CreateAccountResponse = new CreateAccountResponse$Type();
+export const LoginResponse = new LoginResponse$Type();
 // @generated message type with reflection information, may provide speed optimized methods
-class LoginRequest$Type extends MessageType<LoginRequest> {
+class LogoutRequest$Type extends MessageType<LogoutRequest> {
     constructor() {
-        super("services.auth.LoginRequest", [
-            { no: 1, name: "username", kind: "scalar", T: 9 /*ScalarType.STRING*/, options: { "validate.rules": { string: { minLen: "3", maxLen: "24", pattern: "(?i)^[0-9A-Z\u00C4\u00D6\u00DC\u00DF_-]{3,24}$" } } } },
-            { no: 2, name: "password", kind: "scalar", T: 9 /*ScalarType.STRING*/, options: { "validate.rules": { string: { minLen: "6", maxBytes: "70" } } } }
+        super("services.auth.LogoutRequest", []);
+    }
+    create(value?: PartialMessage<LogoutRequest>): LogoutRequest {
+        const message = globalThis.Object.create((this.messagePrototype!));
+        if (value !== undefined)
+            reflectionMergePartial<LogoutRequest>(this, message, value);
+        return message;
+    }
+    internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: LogoutRequest): LogoutRequest {
+        let message = target ?? this.create(), end = reader.pos + length;
+        while (reader.pos < end) {
+            let [fieldNo, wireType] = reader.tag();
+            switch (fieldNo) {
+                default:
+                    let u = options.readUnknownField;
+                    if (u === "throw")
+                        throw new globalThis.Error(`Unknown field ${fieldNo} (wire type ${wireType}) for ${this.typeName}`);
+                    let d = reader.skip(wireType);
+                    if (u !== false)
+                        (u === true ? UnknownFieldHandler.onRead : u)(this.typeName, message, fieldNo, wireType, d);
+            }
+        }
+        return message;
+    }
+    internalBinaryWrite(message: LogoutRequest, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter {
+        let u = options.writeUnknownFields;
+        if (u !== false)
+            (u == true ? UnknownFieldHandler.onWrite : u)(this.typeName, message, writer);
+        return writer;
+    }
+}
+/**
+ * @generated MessageType for protobuf message services.auth.LogoutRequest
+ */
+export const LogoutRequest = new LogoutRequest$Type();
+// @generated message type with reflection information, may provide speed optimized methods
+class LogoutResponse$Type extends MessageType<LogoutResponse> {
+    constructor() {
+        super("services.auth.LogoutResponse", [
+            { no: 1, name: "success", kind: "scalar", T: 8 /*ScalarType.BOOL*/ }
         ]);
     }
-    create(value?: PartialMessage<LoginRequest>): LoginRequest {
+    create(value?: PartialMessage<LogoutResponse>): LogoutResponse {
         const message = globalThis.Object.create((this.messagePrototype!));
+        message.success = false;
+        if (value !== undefined)
+            reflectionMergePartial<LogoutResponse>(this, message, value);
+        return message;
+    }
+    internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: LogoutResponse): LogoutResponse {
+        let message = target ?? this.create(), end = reader.pos + length;
+        while (reader.pos < end) {
+            let [fieldNo, wireType] = reader.tag();
+            switch (fieldNo) {
+                case /* bool success */ 1:
+                    message.success = reader.bool();
+                    break;
+                default:
+                    let u = options.readUnknownField;
+                    if (u === "throw")
+                        throw new globalThis.Error(`Unknown field ${fieldNo} (wire type ${wireType}) for ${this.typeName}`);
+                    let d = reader.skip(wireType);
+                    if (u !== false)
+                        (u === true ? UnknownFieldHandler.onRead : u)(this.typeName, message, fieldNo, wireType, d);
+            }
+        }
+        return message;
+    }
+    internalBinaryWrite(message: LogoutResponse, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter {
+        /* bool success = 1; */
+        if (message.success !== false)
+            writer.tag(1, WireType.Varint).bool(message.success);
+        let u = options.writeUnknownFields;
+        if (u !== false)
+            (u == true ? UnknownFieldHandler.onWrite : u)(this.typeName, message, writer);
+        return writer;
+    }
+}
+/**
+ * @generated MessageType for protobuf message services.auth.LogoutResponse
+ */
+export const LogoutResponse = new LogoutResponse$Type();
+// @generated message type with reflection information, may provide speed optimized methods
+class CreateAccountRequest$Type extends MessageType<CreateAccountRequest> {
+    constructor() {
+        super("services.auth.CreateAccountRequest", [
+            { no: 1, name: "reg_token", kind: "scalar", T: 9 /*ScalarType.STRING*/, options: { "codegen.audit.redacted": true, "buf.validate.field": { string: { len: "6", pattern: "^[0-9]{6}$" } } } },
+            { no: 2, name: "username", kind: "scalar", T: 9 /*ScalarType.STRING*/, options: { "buf.validate.field": { string: { minLen: "3", maxLen: "24", pattern: "(?i)^[0-9A-Z\u00C4\u00D6\u00DC\u00DF_-]{3,24}$" } }, "codegen.sanitizer.sanitizer": { enabled: true, stripHtmlTags: true } } },
+            { no: 3, name: "password", kind: "scalar", T: 9 /*ScalarType.STRING*/, options: { "codegen.audit.redacted": true, "buf.validate.field": { string: { minLen: "6", maxBytes: "70" } } } }
+        ]);
+    }
+    create(value?: PartialMessage<CreateAccountRequest>): CreateAccountRequest {
+        const message = globalThis.Object.create((this.messagePrototype!));
+        message.regToken = "";
         message.username = "";
         message.password = "";
         if (value !== undefined)
-            reflectionMergePartial<LoginRequest>(this, message, value);
+            reflectionMergePartial<CreateAccountRequest>(this, message, value);
         return message;
     }
-    internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: LoginRequest): LoginRequest {
+    internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: CreateAccountRequest): CreateAccountRequest {
         let message = target ?? this.create(), end = reader.pos + length;
         while (reader.pos < end) {
             let [fieldNo, wireType] = reader.tag();
             switch (fieldNo) {
-                case /* string username */ 1:
+                case /* string reg_token */ 1:
+                    message.regToken = reader.string();
+                    break;
+                case /* string username */ 2:
                     message.username = reader.string();
                     break;
-                case /* string password */ 2:
+                case /* string password */ 3:
                     message.password = reader.string();
                     break;
                 default:
@@ -416,13 +565,16 @@ class LoginRequest$Type extends MessageType<LoginRequest> {
         }
         return message;
     }
-    internalBinaryWrite(message: LoginRequest, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter {
-        /* string username = 1; */
+    internalBinaryWrite(message: CreateAccountRequest, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter {
+        /* string reg_token = 1; */
+        if (message.regToken !== "")
+            writer.tag(1, WireType.LengthDelimited).string(message.regToken);
+        /* string username = 2; */
         if (message.username !== "")
-            writer.tag(1, WireType.LengthDelimited).string(message.username);
-        /* string password = 2; */
+            writer.tag(2, WireType.LengthDelimited).string(message.username);
+        /* string password = 3; */
         if (message.password !== "")
-            writer.tag(2, WireType.LengthDelimited).string(message.password);
+            writer.tag(3, WireType.LengthDelimited).string(message.password);
         let u = options.writeUnknownFields;
         if (u !== false)
             (u == true ? UnknownFieldHandler.onWrite : u)(this.typeName, message, writer);
@@ -430,38 +582,30 @@ class LoginRequest$Type extends MessageType<LoginRequest> {
     }
 }
 /**
- * @generated MessageType for protobuf message services.auth.LoginRequest
+ * @generated MessageType for protobuf message services.auth.CreateAccountRequest
  */
-export const LoginRequest = new LoginRequest$Type();
+export const CreateAccountRequest = new CreateAccountRequest$Type();
 // @generated message type with reflection information, may provide speed optimized methods
-class LoginResponse$Type extends MessageType<LoginResponse> {
+class CreateAccountResponse$Type extends MessageType<CreateAccountResponse> {
     constructor() {
-        super("services.auth.LoginResponse", [
-            { no: 1, name: "expires", kind: "message", T: () => Timestamp },
-            { no: 2, name: "account_id", kind: "scalar", T: 4 /*ScalarType.UINT64*/, L: 2 /*LongType.NUMBER*/ },
-            { no: 3, name: "char", kind: "message", T: () => ChooseCharacterResponse }
+        super("services.auth.CreateAccountResponse", [
+            { no: 1, name: "account_id", kind: "scalar", T: 3 /*ScalarType.INT64*/, L: 2 /*LongType.NUMBER*/ }
         ]);
     }
-    create(value?: PartialMessage<LoginResponse>): LoginResponse {
+    create(value?: PartialMessage<CreateAccountResponse>): CreateAccountResponse {
         const message = globalThis.Object.create((this.messagePrototype!));
         message.accountId = 0;
         if (value !== undefined)
-            reflectionMergePartial<LoginResponse>(this, message, value);
+            reflectionMergePartial<CreateAccountResponse>(this, message, value);
         return message;
     }
-    internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: LoginResponse): LoginResponse {
+    internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: CreateAccountResponse): CreateAccountResponse {
         let message = target ?? this.create(), end = reader.pos + length;
         while (reader.pos < end) {
             let [fieldNo, wireType] = reader.tag();
             switch (fieldNo) {
-                case /* resources.timestamp.Timestamp expires */ 1:
-                    message.expires = Timestamp.internalBinaryRead(reader, reader.uint32(), options, message.expires);
-                    break;
-                case /* uint64 account_id */ 2:
-                    message.accountId = reader.uint64().toNumber();
-                    break;
-                case /* optional services.auth.ChooseCharacterResponse char */ 3:
-                    message.char = ChooseCharacterResponse.internalBinaryRead(reader, reader.uint32(), options, message.char);
+                case /* int64 account_id */ 1:
+                    message.accountId = reader.int64().toNumber();
                     break;
                 default:
                     let u = options.readUnknownField;
@@ -474,16 +618,10 @@ class LoginResponse$Type extends MessageType<LoginResponse> {
         }
         return message;
     }
-    internalBinaryWrite(message: LoginResponse, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter {
-        /* resources.timestamp.Timestamp expires = 1; */
-        if (message.expires)
-            Timestamp.internalBinaryWrite(message.expires, writer.tag(1, WireType.LengthDelimited).fork(), options).join();
-        /* uint64 account_id = 2; */
+    internalBinaryWrite(message: CreateAccountResponse, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter {
+        /* int64 account_id = 1; */
         if (message.accountId !== 0)
-            writer.tag(2, WireType.Varint).uint64(message.accountId);
-        /* optional services.auth.ChooseCharacterResponse char = 3; */
-        if (message.char)
-            ChooseCharacterResponse.internalBinaryWrite(message.char, writer.tag(3, WireType.LengthDelimited).fork(), options).join();
+            writer.tag(1, WireType.Varint).int64(message.accountId);
         let u = options.writeUnknownFields;
         if (u !== false)
             (u == true ? UnknownFieldHandler.onWrite : u)(this.typeName, message, writer);
@@ -491,21 +629,21 @@ class LoginResponse$Type extends MessageType<LoginResponse> {
     }
 }
 /**
- * @generated MessageType for protobuf message services.auth.LoginResponse
+ * @generated MessageType for protobuf message services.auth.CreateAccountResponse
  */
-export const LoginResponse = new LoginResponse$Type();
+export const CreateAccountResponse = new CreateAccountResponse$Type();
 // @generated message type with reflection information, may provide speed optimized methods
 class ChangePasswordRequest$Type extends MessageType<ChangePasswordRequest> {
     constructor() {
         super("services.auth.ChangePasswordRequest", [
-            { no: 1, name: "current", kind: "scalar", T: 9 /*ScalarType.STRING*/, options: { "validate.rules": { string: { minLen: "6", maxBytes: "70" } } } },
-            { no: 2, name: "new", kind: "scalar", T: 9 /*ScalarType.STRING*/, options: { "validate.rules": { string: { minLen: "6", maxBytes: "70" } } } }
+            { no: 1, name: "current_password", kind: "scalar", T: 9 /*ScalarType.STRING*/, options: { "codegen.audit.redacted": true, "buf.validate.field": { string: { minLen: "6", maxBytes: "70" } } } },
+            { no: 2, name: "new_password", kind: "scalar", T: 9 /*ScalarType.STRING*/, options: { "codegen.audit.redacted": true, "buf.validate.field": { string: { minLen: "6", maxBytes: "70" } } } }
         ]);
     }
     create(value?: PartialMessage<ChangePasswordRequest>): ChangePasswordRequest {
         const message = globalThis.Object.create((this.messagePrototype!));
-        message.current = "";
-        message.new = "";
+        message.currentPassword = "";
+        message.newPassword = "";
         if (value !== undefined)
             reflectionMergePartial<ChangePasswordRequest>(this, message, value);
         return message;
@@ -515,11 +653,11 @@ class ChangePasswordRequest$Type extends MessageType<ChangePasswordRequest> {
         while (reader.pos < end) {
             let [fieldNo, wireType] = reader.tag();
             switch (fieldNo) {
-                case /* string current */ 1:
-                    message.current = reader.string();
+                case /* string current_password */ 1:
+                    message.currentPassword = reader.string();
                     break;
-                case /* string new */ 2:
-                    message.new = reader.string();
+                case /* string new_password */ 2:
+                    message.newPassword = reader.string();
                     break;
                 default:
                     let u = options.readUnknownField;
@@ -533,12 +671,12 @@ class ChangePasswordRequest$Type extends MessageType<ChangePasswordRequest> {
         return message;
     }
     internalBinaryWrite(message: ChangePasswordRequest, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter {
-        /* string current = 1; */
-        if (message.current !== "")
-            writer.tag(1, WireType.LengthDelimited).string(message.current);
-        /* string new = 2; */
-        if (message.new !== "")
-            writer.tag(2, WireType.LengthDelimited).string(message.new);
+        /* string current_password = 1; */
+        if (message.currentPassword !== "")
+            writer.tag(1, WireType.LengthDelimited).string(message.currentPassword);
+        /* string new_password = 2; */
+        if (message.newPassword !== "")
+            writer.tag(2, WireType.LengthDelimited).string(message.newPassword);
         let u = options.writeUnknownFields;
         if (u !== false)
             (u == true ? UnknownFieldHandler.onWrite : u)(this.typeName, message, writer);
@@ -552,9 +690,7 @@ export const ChangePasswordRequest = new ChangePasswordRequest$Type();
 // @generated message type with reflection information, may provide speed optimized methods
 class ChangePasswordResponse$Type extends MessageType<ChangePasswordResponse> {
     constructor() {
-        super("services.auth.ChangePasswordResponse", [
-            { no: 1, name: "expires", kind: "message", T: () => Timestamp }
-        ]);
+        super("services.auth.ChangePasswordResponse", []);
     }
     create(value?: PartialMessage<ChangePasswordResponse>): ChangePasswordResponse {
         const message = globalThis.Object.create((this.messagePrototype!));
@@ -567,9 +703,6 @@ class ChangePasswordResponse$Type extends MessageType<ChangePasswordResponse> {
         while (reader.pos < end) {
             let [fieldNo, wireType] = reader.tag();
             switch (fieldNo) {
-                case /* resources.timestamp.Timestamp expires */ 1:
-                    message.expires = Timestamp.internalBinaryRead(reader, reader.uint32(), options, message.expires);
-                    break;
                 default:
                     let u = options.readUnknownField;
                     if (u === "throw")
@@ -582,9 +715,6 @@ class ChangePasswordResponse$Type extends MessageType<ChangePasswordResponse> {
         return message;
     }
     internalBinaryWrite(message: ChangePasswordResponse, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter {
-        /* resources.timestamp.Timestamp expires = 1; */
-        if (message.expires)
-            Timestamp.internalBinaryWrite(message.expires, writer.tag(1, WireType.LengthDelimited).fork(), options).join();
         let u = options.writeUnknownFields;
         if (u !== false)
             (u == true ? UnknownFieldHandler.onWrite : u)(this.typeName, message, writer);
@@ -599,14 +729,14 @@ export const ChangePasswordResponse = new ChangePasswordResponse$Type();
 class ChangeUsernameRequest$Type extends MessageType<ChangeUsernameRequest> {
     constructor() {
         super("services.auth.ChangeUsernameRequest", [
-            { no: 1, name: "current", kind: "scalar", T: 9 /*ScalarType.STRING*/, options: { "validate.rules": { string: { minLen: "3", maxLen: "24", pattern: "(?i)^[0-9A-Z\u00C4\u00D6\u00DC\u00DF_-]{3,24}$" } } } },
-            { no: 2, name: "new", kind: "scalar", T: 9 /*ScalarType.STRING*/, options: { "validate.rules": { string: { minLen: "3", maxLen: "24", pattern: "(?i)^[0-9A-Z\u00C4\u00D6\u00DC\u00DF_-]{3,24}$" } } } }
+            { no: 1, name: "current_username", kind: "scalar", T: 9 /*ScalarType.STRING*/, options: { "buf.validate.field": { string: { minLen: "3", maxLen: "24", pattern: "(?i)^[0-9A-Z\u00C4\u00D6\u00DC\u00DF_-]{3,24}$" } } } },
+            { no: 2, name: "new_username", kind: "scalar", T: 9 /*ScalarType.STRING*/, options: { "buf.validate.field": { string: { minLen: "3", maxLen: "24", pattern: "(?i)^[0-9A-Z\u00C4\u00D6\u00DC\u00DF_-]{3,24}$" } }, "codegen.sanitizer.sanitizer": { enabled: true, stripHtmlTags: true } } }
         ]);
     }
     create(value?: PartialMessage<ChangeUsernameRequest>): ChangeUsernameRequest {
         const message = globalThis.Object.create((this.messagePrototype!));
-        message.current = "";
-        message.new = "";
+        message.currentUsername = "";
+        message.newUsername = "";
         if (value !== undefined)
             reflectionMergePartial<ChangeUsernameRequest>(this, message, value);
         return message;
@@ -616,11 +746,11 @@ class ChangeUsernameRequest$Type extends MessageType<ChangeUsernameRequest> {
         while (reader.pos < end) {
             let [fieldNo, wireType] = reader.tag();
             switch (fieldNo) {
-                case /* string current */ 1:
-                    message.current = reader.string();
+                case /* string current_username */ 1:
+                    message.currentUsername = reader.string();
                     break;
-                case /* string new */ 2:
-                    message.new = reader.string();
+                case /* string new_username */ 2:
+                    message.newUsername = reader.string();
                     break;
                 default:
                     let u = options.readUnknownField;
@@ -634,12 +764,12 @@ class ChangeUsernameRequest$Type extends MessageType<ChangeUsernameRequest> {
         return message;
     }
     internalBinaryWrite(message: ChangeUsernameRequest, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter {
-        /* string current = 1; */
-        if (message.current !== "")
-            writer.tag(1, WireType.LengthDelimited).string(message.current);
-        /* string new = 2; */
-        if (message.new !== "")
-            writer.tag(2, WireType.LengthDelimited).string(message.new);
+        /* string current_username = 1; */
+        if (message.currentUsername !== "")
+            writer.tag(1, WireType.LengthDelimited).string(message.currentUsername);
+        /* string new_username = 2; */
+        if (message.newUsername !== "")
+            writer.tag(2, WireType.LengthDelimited).string(message.newUsername);
         let u = options.writeUnknownFields;
         if (u !== false)
             (u == true ? UnknownFieldHandler.onWrite : u)(this.typeName, message, writer);
@@ -692,8 +822,8 @@ export const ChangeUsernameResponse = new ChangeUsernameResponse$Type();
 class ForgotPasswordRequest$Type extends MessageType<ForgotPasswordRequest> {
     constructor() {
         super("services.auth.ForgotPasswordRequest", [
-            { no: 1, name: "reg_token", kind: "scalar", T: 9 /*ScalarType.STRING*/, options: { "validate.rules": { string: { len: "6", pattern: "^[0-9]{6}$" } } } },
-            { no: 2, name: "new", kind: "scalar", T: 9 /*ScalarType.STRING*/, options: { "validate.rules": { string: { minLen: "6", maxBytes: "70" } } } }
+            { no: 1, name: "reg_token", kind: "scalar", T: 9 /*ScalarType.STRING*/, options: { "codegen.audit.redacted": true, "buf.validate.field": { string: { len: "6", pattern: "^[0-9]{6}$" } } } },
+            { no: 2, name: "new", kind: "scalar", T: 9 /*ScalarType.STRING*/, options: { "codegen.audit.redacted": true, "buf.validate.field": { string: { minLen: "6", maxBytes: "70" } } } }
         ]);
     }
     create(value?: PartialMessage<ForgotPasswordRequest>): ForgotPasswordRequest {
@@ -844,10 +974,10 @@ class GetAccountInfoResponse$Type extends MessageType<GetAccountInfoResponse> {
                 case /* resources.accounts.Account account */ 1:
                     message.account = Account.internalBinaryRead(reader, reader.uint32(), options, message.account);
                     break;
-                case /* repeated resources.accounts.OAuth2Provider oauth2_providers */ 2:
+                case /* repeated resources.accounts.oauth2.OAuth2Provider oauth2_providers */ 2:
                     message.oauth2Providers.push(OAuth2Provider.internalBinaryRead(reader, reader.uint32(), options));
                     break;
-                case /* repeated resources.accounts.OAuth2Account oauth2_connections */ 3:
+                case /* repeated resources.accounts.oauth2.OAuth2Account oauth2_connections */ 3:
                     message.oauth2Connections.push(OAuth2Account.internalBinaryRead(reader, reader.uint32(), options));
                     break;
                 default:
@@ -865,10 +995,10 @@ class GetAccountInfoResponse$Type extends MessageType<GetAccountInfoResponse> {
         /* resources.accounts.Account account = 1; */
         if (message.account)
             Account.internalBinaryWrite(message.account, writer.tag(1, WireType.LengthDelimited).fork(), options).join();
-        /* repeated resources.accounts.OAuth2Provider oauth2_providers = 2; */
+        /* repeated resources.accounts.oauth2.OAuth2Provider oauth2_providers = 2; */
         for (let i = 0; i < message.oauth2Providers.length; i++)
             OAuth2Provider.internalBinaryWrite(message.oauth2Providers[i], writer.tag(2, WireType.LengthDelimited).fork(), options).join();
-        /* repeated resources.accounts.OAuth2Account oauth2_connections = 3; */
+        /* repeated resources.accounts.oauth2.OAuth2Account oauth2_connections = 3; */
         for (let i = 0; i < message.oauth2Connections.length; i++)
             OAuth2Account.internalBinaryWrite(message.oauth2Connections[i], writer.tag(3, WireType.LengthDelimited).fork(), options).join();
         let u = options.writeUnknownFields;
@@ -970,7 +1100,7 @@ export const GetCharactersResponse = new GetCharactersResponse$Type();
 class ChooseCharacterRequest$Type extends MessageType<ChooseCharacterRequest> {
     constructor() {
         super("services.auth.ChooseCharacterRequest", [
-            { no: 1, name: "char_id", kind: "scalar", T: 5 /*ScalarType.INT32*/, options: { "validate.rules": { int32: { gt: 0 } } } }
+            { no: 1, name: "char_id", kind: "scalar", T: 5 /*ScalarType.INT32*/, options: { "buf.validate.field": { int32: { gt: 0 } } } }
         ]);
     }
     create(value?: PartialMessage<ChooseCharacterRequest>): ChooseCharacterRequest {
@@ -1017,17 +1147,21 @@ export const ChooseCharacterRequest = new ChooseCharacterRequest$Type();
 class ChooseCharacterResponse$Type extends MessageType<ChooseCharacterResponse> {
     constructor() {
         super("services.auth.ChooseCharacterResponse", [
-            { no: 1, name: "expires", kind: "message", T: () => Timestamp },
-            { no: 2, name: "permissions", kind: "scalar", repeat: 2 /*RepeatType.UNPACKED*/, T: 9 /*ScalarType.STRING*/ },
-            { no: 3, name: "job_props", kind: "message", T: () => JobProps },
-            { no: 4, name: "char", kind: "message", T: () => User },
-            { no: 5, name: "username", kind: "scalar", T: 9 /*ScalarType.STRING*/ }
+            { no: 1, name: "token", kind: "scalar", T: 9 /*ScalarType.STRING*/ },
+            { no: 2, name: "username", kind: "scalar", T: 9 /*ScalarType.STRING*/ },
+            { no: 3, name: "expires", kind: "message", T: () => Timestamp },
+            { no: 4, name: "job_props", kind: "message", T: () => JobProps },
+            { no: 5, name: "char", kind: "message", T: () => User, options: { "tagger.tags": "alias:\"user\"" } },
+            { no: 6, name: "permissions", kind: "message", repeat: 2 /*RepeatType.UNPACKED*/, T: () => Permission },
+            { no: 7, name: "attributes", kind: "message", repeat: 2 /*RepeatType.UNPACKED*/, T: () => RoleAttribute }
         ]);
     }
     create(value?: PartialMessage<ChooseCharacterResponse>): ChooseCharacterResponse {
         const message = globalThis.Object.create((this.messagePrototype!));
-        message.permissions = [];
+        message.token = "";
         message.username = "";
+        message.permissions = [];
+        message.attributes = [];
         if (value !== undefined)
             reflectionMergePartial<ChooseCharacterResponse>(this, message, value);
         return message;
@@ -1037,20 +1171,26 @@ class ChooseCharacterResponse$Type extends MessageType<ChooseCharacterResponse>
         while (reader.pos < end) {
             let [fieldNo, wireType] = reader.tag();
             switch (fieldNo) {
-                case /* resources.timestamp.Timestamp expires */ 1:
-                    message.expires = Timestamp.internalBinaryRead(reader, reader.uint32(), options, message.expires);
+                case /* string token */ 1:
+                    message.token = reader.string();
+                    break;
+                case /* string username */ 2:
+                    message.username = reader.string();
                     break;
-                case /* repeated string permissions */ 2:
-                    message.permissions.push(reader.string());
+                case /* resources.timestamp.Timestamp expires */ 3:
+                    message.expires = Timestamp.internalBinaryRead(reader, reader.uint32(), options, message.expires);
                     break;
-                case /* resources.jobs.JobProps job_props */ 3:
+                case /* resources.jobs.props.JobProps job_props */ 4:
                     message.jobProps = JobProps.internalBinaryRead(reader, reader.uint32(), options, message.jobProps);
                     break;
-                case /* resources.users.User char */ 4:
+                case /* resources.users.User char */ 5:
                     message.char = User.internalBinaryRead(reader, reader.uint32(), options, message.char);
                     break;
-                case /* string username */ 5:
-                    message.username = reader.string();
+                case /* repeated resources.permissions.permissions.Permission permissions */ 6:
+                    message.permissions.push(Permission.internalBinaryRead(reader, reader.uint32(), options));
+                    break;
+                case /* repeated resources.permissions.attributes.RoleAttribute attributes */ 7:
+                    message.attributes.push(RoleAttribute.internalBinaryRead(reader, reader.uint32(), options));
                     break;
                 default:
                     let u = options.readUnknownField;
@@ -1064,21 +1204,27 @@ class ChooseCharacterResponse$Type extends MessageType<ChooseCharacterResponse>
         return message;
     }
     internalBinaryWrite(message: ChooseCharacterResponse, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter {
-        /* resources.timestamp.Timestamp expires = 1; */
+        /* string token = 1; */
+        if (message.token !== "")
+            writer.tag(1, WireType.LengthDelimited).string(message.token);
+        /* string username = 2; */
+        if (message.username !== "")
+            writer.tag(2, WireType.LengthDelimited).string(message.username);
+        /* resources.timestamp.Timestamp expires = 3; */
         if (message.expires)
-            Timestamp.internalBinaryWrite(message.expires, writer.tag(1, WireType.LengthDelimited).fork(), options).join();
-        /* repeated string permissions = 2; */
-        for (let i = 0; i < message.permissions.length; i++)
-            writer.tag(2, WireType.LengthDelimited).string(message.permissions[i]);
-        /* resources.jobs.JobProps job_props = 3; */
+            Timestamp.internalBinaryWrite(message.expires, writer.tag(3, WireType.LengthDelimited).fork(), options).join();
+        /* resources.jobs.props.JobProps job_props = 4; */
         if (message.jobProps)
-            JobProps.internalBinaryWrite(message.jobProps, writer.tag(3, WireType.LengthDelimited).fork(), options).join();
-        /* resources.users.User char = 4; */
+            JobProps.internalBinaryWrite(message.jobProps, writer.tag(4, WireType.LengthDelimited).fork(), options).join();
+        /* resources.users.User char = 5; */
         if (message.char)
-            User.internalBinaryWrite(message.char, writer.tag(4, WireType.LengthDelimited).fork(), options).join();
-        /* string username = 5; */
-        if (message.username !== "")
-            writer.tag(5, WireType.LengthDelimited).string(message.username);
+            User.internalBinaryWrite(message.char, writer.tag(5, WireType.LengthDelimited).fork(), options).join();
+        /* repeated resources.permissions.permissions.Permission permissions = 6; */
+        for (let i = 0; i < message.permissions.length; i++)
+            Permission.internalBinaryWrite(message.permissions[i], writer.tag(6, WireType.LengthDelimited).fork(), options).join();
+        /* repeated resources.permissions.attributes.RoleAttribute attributes = 7; */
+        for (let i = 0; i < message.attributes.length; i++)
+            RoleAttribute.internalBinaryWrite(message.attributes[i], writer.tag(7, WireType.LengthDelimited).fork(), options).join();
         let u = options.writeUnknownFields;
         if (u !== false)
             (u == true ? UnknownFieldHandler.onWrite : u)(this.typeName, message, writer);
@@ -1090,21 +1236,27 @@ class ChooseCharacterResponse$Type extends MessageType<ChooseCharacterResponse>
  */
 export const ChooseCharacterResponse = new ChooseCharacterResponse$Type();
 // @generated message type with reflection information, may provide speed optimized methods
-class LogoutRequest$Type extends MessageType<LogoutRequest> {
+class ImpersonateJobRequest$Type extends MessageType<ImpersonateJobRequest> {
     constructor() {
-        super("services.auth.LogoutRequest", []);
+        super("services.auth.ImpersonateJobRequest", [
+            { no: 1, name: "job_grade", kind: "scalar", T: 5 /*ScalarType.INT32*/, options: { "buf.validate.field": { int32: { gte: -1 } } } }
+        ]);
     }
-    create(value?: PartialMessage<LogoutRequest>): LogoutRequest {
+    create(value?: PartialMessage<ImpersonateJobRequest>): ImpersonateJobRequest {
         const message = globalThis.Object.create((this.messagePrototype!));
+        message.jobGrade = 0;
         if (value !== undefined)
-            reflectionMergePartial<LogoutRequest>(this, message, value);
+            reflectionMergePartial<ImpersonateJobRequest>(this, message, value);
         return message;
     }
-    internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: LogoutRequest): LogoutRequest {
+    internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: ImpersonateJobRequest): ImpersonateJobRequest {
         let message = target ?? this.create(), end = reader.pos + length;
         while (reader.pos < end) {
             let [fieldNo, wireType] = reader.tag();
             switch (fieldNo) {
+                case /* int32 job_grade */ 1:
+                    message.jobGrade = reader.int32();
+                    break;
                 default:
                     let u = options.readUnknownField;
                     if (u === "throw")
@@ -1116,7 +1268,10 @@ class LogoutRequest$Type extends MessageType<LogoutRequest> {
         }
         return message;
     }
-    internalBinaryWrite(message: LogoutRequest, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter {
+    internalBinaryWrite(message: ImpersonateJobRequest, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter {
+        /* int32 job_grade = 1; */
+        if (message.jobGrade !== 0)
+            writer.tag(1, WireType.Varint).int32(message.jobGrade);
         let u = options.writeUnknownFields;
         if (u !== false)
             (u == true ? UnknownFieldHandler.onWrite : u)(this.typeName, message, writer);
@@ -1124,30 +1279,53 @@ class LogoutRequest$Type extends MessageType<LogoutRequest> {
     }
 }
 /**
- * @generated MessageType for protobuf message services.auth.LogoutRequest
+ * @generated MessageType for protobuf message services.auth.ImpersonateJobRequest
  */
-export const LogoutRequest = new LogoutRequest$Type();
+export const ImpersonateJobRequest = new ImpersonateJobRequest$Type();
 // @generated message type with reflection information, may provide speed optimized methods
-class LogoutResponse$Type extends MessageType<LogoutResponse> {
+class ImpersonateJobResponse$Type extends MessageType<ImpersonateJobResponse> {
     constructor() {
-        super("services.auth.LogoutResponse", [
-            { no: 1, name: "success", kind: "scalar", T: 8 /*ScalarType.BOOL*/ }
+        super("services.auth.ImpersonateJobResponse", [
+            { no: 1, name: "token", kind: "scalar", T: 9 /*ScalarType.STRING*/ },
+            { no: 2, name: "expires", kind: "message", T: () => Timestamp },
+            { no: 3, name: "char", kind: "message", T: () => User, options: { "tagger.tags": "alias:\"user\"" } },
+            { no: 4, name: "permissions", kind: "message", repeat: 2 /*RepeatType.UNPACKED*/, T: () => Permission },
+            { no: 5, name: "attributes", kind: "message", repeat: 2 /*RepeatType.UNPACKED*/, T: () => RoleAttribute },
+            { no: 6, name: "state", kind: "scalar", T: 8 /*ScalarType.BOOL*/ }
         ]);
     }
-    create(value?: PartialMessage<LogoutResponse>): LogoutResponse {
+    create(value?: PartialMessage<ImpersonateJobResponse>): ImpersonateJobResponse {
         const message = globalThis.Object.create((this.messagePrototype!));
-        message.success = false;
+        message.token = "";
+        message.permissions = [];
+        message.attributes = [];
+        message.state = false;
         if (value !== undefined)
-            reflectionMergePartial<LogoutResponse>(this, message, value);
+            reflectionMergePartial<ImpersonateJobResponse>(this, message, value);
         return message;
     }
-    internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: LogoutResponse): LogoutResponse {
+    internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: ImpersonateJobResponse): ImpersonateJobResponse {
         let message = target ?? this.create(), end = reader.pos + length;
         while (reader.pos < end) {
             let [fieldNo, wireType] = reader.tag();
             switch (fieldNo) {
-                case /* bool success */ 1:
-                    message.success = reader.bool();
+                case /* string token */ 1:
+                    message.token = reader.string();
+                    break;
+                case /* resources.timestamp.Timestamp expires */ 2:
+                    message.expires = Timestamp.internalBinaryRead(reader, reader.uint32(), options, message.expires);
+                    break;
+                case /* resources.users.User char */ 3:
+                    message.char = User.internalBinaryRead(reader, reader.uint32(), options, message.char);
+                    break;
+                case /* repeated resources.permissions.permissions.Permission permissions */ 4:
+                    message.permissions.push(Permission.internalBinaryRead(reader, reader.uint32(), options));
+                    break;
+                case /* repeated resources.permissions.attributes.RoleAttribute attributes */ 5:
+                    message.attributes.push(RoleAttribute.internalBinaryRead(reader, reader.uint32(), options));
+                    break;
+                case /* bool state */ 6:
+                    message.state = reader.bool();
                     break;
                 default:
                     let u = options.readUnknownField;
@@ -1160,10 +1338,25 @@ class LogoutResponse$Type extends MessageType<LogoutResponse> {
         }
         return message;
     }
-    internalBinaryWrite(message: LogoutResponse, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter {
-        /* bool success = 1; */
-        if (message.success !== false)
-            writer.tag(1, WireType.Varint).bool(message.success);
+    internalBinaryWrite(message: ImpersonateJobResponse, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter {
+        /* string token = 1; */
+        if (message.token !== "")
+            writer.tag(1, WireType.LengthDelimited).string(message.token);
+        /* resources.timestamp.Timestamp expires = 2; */
+        if (message.expires)
+            Timestamp.internalBinaryWrite(message.expires, writer.tag(2, WireType.LengthDelimited).fork(), options).join();
+        /* resources.users.User char = 3; */
+        if (message.char)
+            User.internalBinaryWrite(message.char, writer.tag(3, WireType.LengthDelimited).fork(), options).join();
+        /* repeated resources.permissions.permissions.Permission permissions = 4; */
+        for (let i = 0; i < message.permissions.length; i++)
+            Permission.internalBinaryWrite(message.permissions[i], writer.tag(4, WireType.LengthDelimited).fork(), options).join();
+        /* repeated resources.permissions.attributes.RoleAttribute attributes = 5; */
+        for (let i = 0; i < message.attributes.length; i++)
+            RoleAttribute.internalBinaryWrite(message.attributes[i], writer.tag(5, WireType.LengthDelimited).fork(), options).join();
+        /* bool state = 6; */
+        if (message.state !== false)
+            writer.tag(6, WireType.Varint).bool(message.state);
         let u = options.writeUnknownFields;
         if (u !== false)
             (u == true ? UnknownFieldHandler.onWrite : u)(this.typeName, message, writer);
@@ -1171,24 +1364,24 @@ class LogoutResponse$Type extends MessageType<LogoutResponse> {
     }
 }
 /**
- * @generated MessageType for protobuf message services.auth.LogoutResponse
+ * @generated MessageType for protobuf message services.auth.ImpersonateJobResponse
  */
-export const LogoutResponse = new LogoutResponse$Type();
+export const ImpersonateJobResponse = new ImpersonateJobResponse$Type();
 // @generated message type with reflection information, may provide speed optimized methods
-class DeleteOAuth2ConnectionRequest$Type extends MessageType<DeleteOAuth2ConnectionRequest> {
+class DeleteSocialLoginRequest$Type extends MessageType<DeleteSocialLoginRequest> {
     constructor() {
-        super("services.auth.DeleteOAuth2ConnectionRequest", [
-            { no: 1, name: "provider", kind: "scalar", T: 9 /*ScalarType.STRING*/, options: { "validate.rules": { string: { maxLen: "50" } } } }
+        super("services.auth.DeleteSocialLoginRequest", [
+            { no: 1, name: "provider", kind: "scalar", T: 9 /*ScalarType.STRING*/, options: { "buf.validate.field": { string: { maxLen: "50" } }, "codegen.sanitizer.sanitizer": { enabled: true, stripHtmlTags: true } } }
         ]);
     }
-    create(value?: PartialMessage<DeleteOAuth2ConnectionRequest>): DeleteOAuth2ConnectionRequest {
+    create(value?: PartialMessage<DeleteSocialLoginRequest>): DeleteSocialLoginRequest {
         const message = globalThis.Object.create((this.messagePrototype!));
         message.provider = "";
         if (value !== undefined)
-            reflectionMergePartial<DeleteOAuth2ConnectionRequest>(this, message, value);
+            reflectionMergePartial<DeleteSocialLoginRequest>(this, message, value);
         return message;
     }
-    internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: DeleteOAuth2ConnectionRequest): DeleteOAuth2ConnectionRequest {
+    internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: DeleteSocialLoginRequest): DeleteSocialLoginRequest {
         let message = target ?? this.create(), end = reader.pos + length;
         while (reader.pos < end) {
             let [fieldNo, wireType] = reader.tag();
@@ -1207,7 +1400,7 @@ class DeleteOAuth2ConnectionRequest$Type extends MessageType<DeleteOAuth2Connect
         }
         return message;
     }
-    internalBinaryWrite(message: DeleteOAuth2ConnectionRequest, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter {
+    internalBinaryWrite(message: DeleteSocialLoginRequest, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter {
         /* string provider = 1; */
         if (message.provider !== "")
             writer.tag(1, WireType.LengthDelimited).string(message.provider);
@@ -1218,24 +1411,24 @@ class DeleteOAuth2ConnectionRequest$Type extends MessageType<DeleteOAuth2Connect
     }
 }
 /**
- * @generated MessageType for protobuf message services.auth.DeleteOAuth2ConnectionRequest
+ * @generated MessageType for protobuf message services.auth.DeleteSocialLoginRequest
  */
-export const DeleteOAuth2ConnectionRequest = new DeleteOAuth2ConnectionRequest$Type();
+export const DeleteSocialLoginRequest = new DeleteSocialLoginRequest$Type();
 // @generated message type with reflection information, may provide speed optimized methods
-class DeleteOAuth2ConnectionResponse$Type extends MessageType<DeleteOAuth2ConnectionResponse> {
+class DeleteSocialLoginResponse$Type extends MessageType<DeleteSocialLoginResponse> {
     constructor() {
-        super("services.auth.DeleteOAuth2ConnectionResponse", [
+        super("services.auth.DeleteSocialLoginResponse", [
             { no: 1, name: "success", kind: "scalar", T: 8 /*ScalarType.BOOL*/ }
         ]);
     }
-    create(value?: PartialMessage<DeleteOAuth2ConnectionResponse>): DeleteOAuth2ConnectionResponse {
+    create(value?: PartialMessage<DeleteSocialLoginResponse>): DeleteSocialLoginResponse {
         const message = globalThis.Object.create((this.messagePrototype!));
         message.success = false;
         if (value !== undefined)
-            reflectionMergePartial<DeleteOAuth2ConnectionResponse>(this, message, value);
+            reflectionMergePartial<DeleteSocialLoginResponse>(this, message, value);
         return message;
     }
-    internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: DeleteOAuth2ConnectionResponse): DeleteOAuth2ConnectionResponse {
+    internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: DeleteSocialLoginResponse): DeleteSocialLoginResponse {
         let message = target ?? this.create(), end = reader.pos + length;
         while (reader.pos < end) {
             let [fieldNo, wireType] = reader.tag();
@@ -1254,7 +1447,7 @@ class DeleteOAuth2ConnectionResponse$Type extends MessageType<DeleteOAuth2Connec
         }
         return message;
     }
-    internalBinaryWrite(message: DeleteOAuth2ConnectionResponse, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter {
+    internalBinaryWrite(message: DeleteSocialLoginResponse, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter {
         /* bool success = 1; */
         if (message.success !== false)
             writer.tag(1, WireType.Varint).bool(message.success);
@@ -1265,15 +1458,15 @@ class DeleteOAuth2ConnectionResponse$Type extends MessageType<DeleteOAuth2Connec
     }
 }
 /**
- * @generated MessageType for protobuf message services.auth.DeleteOAuth2ConnectionResponse
+ * @generated MessageType for protobuf message services.auth.DeleteSocialLoginResponse
  */
-export const DeleteOAuth2ConnectionResponse = new DeleteOAuth2ConnectionResponse$Type();
+export const DeleteSocialLoginResponse = new DeleteSocialLoginResponse$Type();
 // @generated message type with reflection information, may provide speed optimized methods
 class SetSuperuserModeRequest$Type extends MessageType<SetSuperuserModeRequest> {
     constructor() {
         super("services.auth.SetSuperuserModeRequest", [
             { no: 1, name: "superuser", kind: "scalar", T: 8 /*ScalarType.BOOL*/ },
-            { no: 2, name: "job", kind: "scalar", opt: true, T: 9 /*ScalarType.STRING*/, options: { "validate.rules": { string: { maxLen: "20" } } } }
+            { no: 2, name: "job", kind: "scalar", opt: true, T: 9 /*ScalarType.STRING*/, options: { "buf.validate.field": { string: { maxLen: "20" } } } }
         ]);
     }
     create(value?: PartialMessage<SetSuperuserModeRequest>): SetSuperuserModeRequest {
@@ -1326,15 +1519,19 @@ export const SetSuperuserModeRequest = new SetSuperuserModeRequest$Type();
 class SetSuperuserModeResponse$Type extends MessageType<SetSuperuserModeResponse> {
     constructor() {
         super("services.auth.SetSuperuserModeResponse", [
-            { no: 1, name: "expires", kind: "message", T: () => Timestamp },
-            { no: 2, name: "permissions", kind: "scalar", repeat: 2 /*RepeatType.UNPACKED*/, T: 9 /*ScalarType.STRING*/ },
+            { no: 1, name: "token", kind: "scalar", T: 9 /*ScalarType.STRING*/ },
+            { no: 2, name: "expires", kind: "message", T: () => Timestamp },
             { no: 3, name: "job_props", kind: "message", T: () => JobProps },
-            { no: 4, name: "char", kind: "message", T: () => User }
+            { no: 4, name: "char", kind: "message", T: () => User, options: { "tagger.tags": "alias:\"user\"" } },
+            { no: 5, name: "permissions", kind: "message", repeat: 2 /*RepeatType.UNPACKED*/, T: () => Permission },
+            { no: 6, name: "attributes", kind: "message", repeat: 2 /*RepeatType.UNPACKED*/, T: () => RoleAttribute }
         ]);
     }
     create(value?: PartialMessage<SetSuperuserModeResponse>): SetSuperuserModeResponse {
         const message = globalThis.Object.create((this.messagePrototype!));
+        message.token = "";
         message.permissions = [];
+        message.attributes = [];
         if (value !== undefined)
             reflectionMergePartial<SetSuperuserModeResponse>(this, message, value);
         return message;
@@ -1344,18 +1541,24 @@ class SetSuperuserModeResponse$Type extends MessageType<SetSuperuserModeResponse
         while (reader.pos < end) {
             let [fieldNo, wireType] = reader.tag();
             switch (fieldNo) {
-                case /* resources.timestamp.Timestamp expires */ 1:
-                    message.expires = Timestamp.internalBinaryRead(reader, reader.uint32(), options, message.expires);
+                case /* string token */ 1:
+                    message.token = reader.string();
                     break;
-                case /* repeated string permissions */ 2:
-                    message.permissions.push(reader.string());
+                case /* resources.timestamp.Timestamp expires */ 2:
+                    message.expires = Timestamp.internalBinaryRead(reader, reader.uint32(), options, message.expires);
                     break;
-                case /* optional resources.jobs.JobProps job_props */ 3:
+                case /* optional resources.jobs.props.JobProps job_props */ 3:
                     message.jobProps = JobProps.internalBinaryRead(reader, reader.uint32(), options, message.jobProps);
                     break;
                 case /* resources.users.User char */ 4:
                     message.char = User.internalBinaryRead(reader, reader.uint32(), options, message.char);
                     break;
+                case /* repeated resources.permissions.permissions.Permission permissions */ 5:
+                    message.permissions.push(Permission.internalBinaryRead(reader, reader.uint32(), options));
+                    break;
+                case /* repeated resources.permissions.attributes.RoleAttribute attributes */ 6:
+                    message.attributes.push(RoleAttribute.internalBinaryRead(reader, reader.uint32(), options));
+                    break;
                 default:
                     let u = options.readUnknownField;
                     if (u === "throw")
@@ -1368,18 +1571,24 @@ class SetSuperuserModeResponse$Type extends MessageType<SetSuperuserModeResponse
         return message;
     }
     internalBinaryWrite(message: SetSuperuserModeResponse, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter {
-        /* resources.timestamp.Timestamp expires = 1; */
+        /* string token = 1; */
+        if (message.token !== "")
+            writer.tag(1, WireType.LengthDelimited).string(message.token);
+        /* resources.timestamp.Timestamp expires = 2; */
         if (message.expires)
-            Timestamp.internalBinaryWrite(message.expires, writer.tag(1, WireType.LengthDelimited).fork(), options).join();
-        /* repeated string permissions = 2; */
-        for (let i = 0; i < message.permissions.length; i++)
-            writer.tag(2, WireType.LengthDelimited).string(message.permissions[i]);
-        /* optional resources.jobs.JobProps job_props = 3; */
+            Timestamp.internalBinaryWrite(message.expires, writer.tag(2, WireType.LengthDelimited).fork(), options).join();
+        /* optional resources.jobs.props.JobProps job_props = 3; */
         if (message.jobProps)
             JobProps.internalBinaryWrite(message.jobProps, writer.tag(3, WireType.LengthDelimited).fork(), options).join();
         /* resources.users.User char = 4; */
         if (message.char)
             User.internalBinaryWrite(message.char, writer.tag(4, WireType.LengthDelimited).fork(), options).join();
+        /* repeated resources.permissions.permissions.Permission permissions = 5; */
+        for (let i = 0; i < message.permissions.length; i++)
+            Permission.internalBinaryWrite(message.permissions[i], writer.tag(5, WireType.LengthDelimited).fork(), options).join();
+        /* repeated resources.permissions.attributes.RoleAttribute attributes = 6; */
+        for (let i = 0; i < message.attributes.length; i++)
+            RoleAttribute.internalBinaryWrite(message.attributes[i], writer.tag(6, WireType.LengthDelimited).fork(), options).join();
         let u = options.writeUnknownFields;
         if (u !== false)
             (u == true ? UnknownFieldHandler.onWrite : u)(this.typeName, message, writer);
@@ -1401,8 +1610,9 @@ export const AuthService = new ServiceType("services.auth.AuthService", [
     { name: "ChangePassword", options: {}, I: ChangePasswordRequest, O: ChangePasswordResponse },
     { name: "ForgotPassword", options: {}, I: ForgotPasswordRequest, O: ForgotPasswordResponse },
     { name: "GetCharacters", options: {}, I: GetCharactersRequest, O: GetCharactersResponse },
-    { name: "ChooseCharacter", options: {}, I: ChooseCharacterRequest, O: ChooseCharacterResponse },
+    { name: "ChooseCharacter", options: { "codegen.perms.perms": { enabled: true } }, I: ChooseCharacterRequest, O: ChooseCharacterResponse },
+    { name: "ImpersonateJob", options: { "codegen.perms.perms": { enabled: true, service: "settings.SettingsService", name: "UpdateRolePerms" } }, I: ImpersonateJobRequest, O: ImpersonateJobResponse },
     { name: "GetAccountInfo", options: {}, I: GetAccountInfoRequest, O: GetAccountInfoResponse },
-    { name: "DeleteOAuth2Connection", options: {}, I: DeleteOAuth2ConnectionRequest, O: DeleteOAuth2ConnectionResponse },
+    { name: "DeleteSocialLogin", options: {}, I: DeleteSocialLoginRequest, O: DeleteSocialLoginResponse },
     { name: "SetSuperuserMode", options: {}, I: SetSuperuserModeRequest, O: SetSuperuserModeResponse }
-]);
+], { "codegen.perms.perms_svc": { icon: "i-mdi-key-outline" } });