@happyvertical/smrt-users 0.30.0 → 0.31.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/chunks/{TerminalAuthService-DoAMQ_yn.js → TerminalAuthService-DsQBk1Hc.js} +161 -71
- package/dist/chunks/TerminalAuthService-DsQBk1Hc.js.map +1 -0
- package/dist/chunks/{index-DkoYIvIu.js → index-Cp33Tyha.js} +10 -10
- package/dist/chunks/{index-DkoYIvIu.js.map → index-Cp33Tyha.js.map} +1 -1
- package/dist/collections/GroupMemberCollection.d.ts +9 -0
- package/dist/collections/GroupMemberCollection.d.ts.map +1 -1
- package/dist/collections/SessionCollection.d.ts.map +1 -1
- package/dist/index.js +38 -100
- package/dist/index.js.map +1 -1
- package/dist/manifest.json +2 -2
- package/dist/smrt-knowledge.json +4 -4
- package/dist/svelte/components/InviteUserModal.svelte +72 -169
- package/dist/svelte/components/InviteUserModal.svelte.d.ts.map +1 -1
- package/dist/svelte/components/UserCard.svelte +2 -1
- package/dist/svelte/components/UserCard.svelte.d.ts.map +1 -1
- package/dist/svelte/components/UserForm.svelte +11 -4
- package/dist/svelte/components/UserForm.svelte.d.ts.map +1 -1
- package/dist/svelte/components/UserMenu.svelte +100 -25
- package/dist/svelte/components/UserMenu.svelte.d.ts +5 -4
- package/dist/svelte/components/UserMenu.svelte.d.ts.map +1 -1
- package/dist/svelte/components/__tests__/InviteUserModal.test.js +11 -0
- package/dist/svelte/components/__tests__/UserMenu.test.js +45 -0
- package/dist/svelte/components/__tests__/UserStatus.test.js +36 -0
- package/dist/sveltekit/index.d.ts +7 -1
- package/dist/sveltekit/index.d.ts.map +1 -1
- package/dist/sveltekit.js +15 -8
- package/dist/sveltekit.js.map +1 -1
- package/package.json +8 -8
- package/dist/chunks/TerminalAuthService-DoAMQ_yn.js.map +0 -1
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import {
|
|
2
|
-
import {
|
|
1
|
+
import { _ as getSigKey, $ as checkKeyLength, a0 as subtleAlgorithm, a1 as JWSInvalid, a2 as isDisjoint, a3 as validateCrit, a4 as checkKeyType, a5 as encode, a6 as encode$1, a7 as concat, a8 as normalizeKey, a9 as JWTClaimsBuilder, aa as JWTInvalid, ab as errors, ac as jwtVerify } from "./TerminalAuthService-DsQBk1Hc.js";
|
|
2
|
+
import { ad, ae, af, ag, ah, ai, aj } from "./TerminalAuthService-DsQBk1Hc.js";
|
|
3
3
|
async function sign(alg, key, data) {
|
|
4
4
|
const cryptoKey = await getSigKey(alg, key, "sign");
|
|
5
5
|
checkKeyLength(alg, cryptoKey);
|
|
@@ -156,14 +156,14 @@ export {
|
|
|
156
156
|
CompactSign,
|
|
157
157
|
FlattenedSign,
|
|
158
158
|
SignJWT,
|
|
159
|
-
|
|
160
|
-
|
|
161
|
-
|
|
162
|
-
|
|
159
|
+
ad as compactVerify,
|
|
160
|
+
ae as createLocalJWKSet,
|
|
161
|
+
af as createRemoteJWKSet,
|
|
162
|
+
ag as customFetch,
|
|
163
163
|
errors,
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
|
|
164
|
+
ah as flattenedVerify,
|
|
165
|
+
ai as importJWK,
|
|
166
|
+
aj as jwksCache,
|
|
167
167
|
jwtVerify
|
|
168
168
|
};
|
|
169
|
-
//# sourceMappingURL=index-
|
|
169
|
+
//# sourceMappingURL=index-Cp33Tyha.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index-
|
|
1
|
+
{"version":3,"file":"index-Cp33Tyha.js","sources":["../../../../node_modules/.pnpm/jose@6.1.3/node_modules/jose/dist/webapi/lib/sign.js","../../../../node_modules/.pnpm/jose@6.1.3/node_modules/jose/dist/webapi/jws/flattened/sign.js","../../../../node_modules/.pnpm/jose@6.1.3/node_modules/jose/dist/webapi/jws/compact/sign.js","../../../../node_modules/.pnpm/jose@6.1.3/node_modules/jose/dist/webapi/jwt/sign.js"],"sourcesContent":["import { subtleAlgorithm } from './subtle_dsa.js';\nimport { checkKeyLength } from './check_key_length.js';\nimport { getSigKey } from './get_sign_verify_key.js';\nexport async function sign(alg, key, data) {\n const cryptoKey = await getSigKey(alg, key, 'sign');\n checkKeyLength(alg, cryptoKey);\n const signature = await crypto.subtle.sign(subtleAlgorithm(alg, cryptoKey.algorithm), cryptoKey, data);\n return new Uint8Array(signature);\n}\n","import { encode as b64u } from '../../util/base64url.js';\nimport { sign } from '../../lib/sign.js';\nimport { isDisjoint } from '../../lib/is_disjoint.js';\nimport { JWSInvalid } from '../../util/errors.js';\nimport { concat, encode } from '../../lib/buffer_utils.js';\nimport { checkKeyType } from '../../lib/check_key_type.js';\nimport { validateCrit } from '../../lib/validate_crit.js';\nimport { normalizeKey } from '../../lib/normalize_key.js';\nexport class FlattenedSign {\n #payload;\n #protectedHeader;\n #unprotectedHeader;\n constructor(payload) {\n if (!(payload instanceof Uint8Array)) {\n throw new TypeError('payload must be an instance of Uint8Array');\n }\n this.#payload = payload;\n }\n setProtectedHeader(protectedHeader) {\n if (this.#protectedHeader) {\n throw new TypeError('setProtectedHeader can only be called once');\n }\n this.#protectedHeader = protectedHeader;\n return this;\n }\n setUnprotectedHeader(unprotectedHeader) {\n if (this.#unprotectedHeader) {\n throw new TypeError('setUnprotectedHeader can only be called once');\n }\n this.#unprotectedHeader = unprotectedHeader;\n return this;\n }\n async sign(key, options) {\n if (!this.#protectedHeader && !this.#unprotectedHeader) {\n throw new JWSInvalid('either setProtectedHeader or setUnprotectedHeader must be called before #sign()');\n }\n if (!isDisjoint(this.#protectedHeader, this.#unprotectedHeader)) {\n throw new JWSInvalid('JWS Protected and JWS Unprotected Header Parameter names must be disjoint');\n }\n const joseHeader = {\n ...this.#protectedHeader,\n ...this.#unprotectedHeader,\n };\n const extensions = validateCrit(JWSInvalid, new Map([['b64', true]]), options?.crit, this.#protectedHeader, joseHeader);\n let b64 = true;\n if (extensions.has('b64')) {\n b64 = this.#protectedHeader.b64;\n if (typeof b64 !== 'boolean') {\n throw new JWSInvalid('The \"b64\" (base64url-encode payload) Header Parameter must be a boolean');\n }\n }\n const { alg } = joseHeader;\n if (typeof alg !== 'string' || !alg) {\n throw new JWSInvalid('JWS \"alg\" (Algorithm) Header Parameter missing or invalid');\n }\n checkKeyType(alg, key, 'sign');\n let payloadS;\n let payloadB;\n if (b64) {\n payloadS = b64u(this.#payload);\n payloadB = encode(payloadS);\n }\n else {\n payloadB = this.#payload;\n payloadS = '';\n }\n let protectedHeaderString;\n let protectedHeaderBytes;\n if (this.#protectedHeader) {\n protectedHeaderString = b64u(JSON.stringify(this.#protectedHeader));\n protectedHeaderBytes = encode(protectedHeaderString);\n }\n else {\n protectedHeaderString = '';\n protectedHeaderBytes = new Uint8Array();\n }\n const data = concat(protectedHeaderBytes, encode('.'), payloadB);\n const k = await normalizeKey(key, alg);\n const signature = await sign(alg, k, data);\n const jws = {\n signature: b64u(signature),\n payload: payloadS,\n };\n if (this.#unprotectedHeader) {\n jws.header = this.#unprotectedHeader;\n }\n if (this.#protectedHeader) {\n jws.protected = protectedHeaderString;\n }\n return jws;\n }\n}\n","import { FlattenedSign } from '../flattened/sign.js';\nexport class CompactSign {\n #flattened;\n constructor(payload) {\n this.#flattened = new FlattenedSign(payload);\n }\n setProtectedHeader(protectedHeader) {\n this.#flattened.setProtectedHeader(protectedHeader);\n return this;\n }\n async sign(key, options) {\n const jws = await this.#flattened.sign(key, options);\n if (jws.payload === undefined) {\n throw new TypeError('use the flattened module for creating JWS with b64: false');\n }\n return `${jws.protected}.${jws.payload}.${jws.signature}`;\n }\n}\n","import { CompactSign } from '../jws/compact/sign.js';\nimport { JWTInvalid } from '../util/errors.js';\nimport { JWTClaimsBuilder } from '../lib/jwt_claims_set.js';\nexport class SignJWT {\n #protectedHeader;\n #jwt;\n constructor(payload = {}) {\n this.#jwt = new JWTClaimsBuilder(payload);\n }\n setIssuer(issuer) {\n this.#jwt.iss = issuer;\n return this;\n }\n setSubject(subject) {\n this.#jwt.sub = subject;\n return this;\n }\n setAudience(audience) {\n this.#jwt.aud = audience;\n return this;\n }\n setJti(jwtId) {\n this.#jwt.jti = jwtId;\n return this;\n }\n setNotBefore(input) {\n this.#jwt.nbf = input;\n return this;\n }\n setExpirationTime(input) {\n this.#jwt.exp = input;\n return this;\n }\n setIssuedAt(input) {\n this.#jwt.iat = input;\n return this;\n }\n setProtectedHeader(protectedHeader) {\n this.#protectedHeader = protectedHeader;\n return this;\n }\n async sign(key, options) {\n const sig = new CompactSign(this.#jwt.data());\n sig.setProtectedHeader(this.#protectedHeader);\n if (Array.isArray(this.#protectedHeader?.crit) &&\n this.#protectedHeader.crit.includes('b64') &&\n this.#protectedHeader.b64 === false) {\n throw new JWTInvalid('JWTs MUST NOT use unencoded payload');\n }\n return sig.sign(key, options);\n }\n}\n"],"names":["b64u","encode"],"mappings":";;AAGO,eAAe,KAAK,KAAK,KAAK,MAAM;AACvC,QAAM,YAAY,MAAM,UAAU,KAAK,KAAK,MAAM;AAClD,iBAAe,KAAK,SAAS;AAC7B,QAAM,YAAY,MAAM,OAAO,OAAO,KAAK,gBAAgB,KAAK,UAAU,SAAS,GAAG,WAAW,IAAI;AACrG,SAAO,IAAI,WAAW,SAAS;AACnC;ACAO,MAAM,cAAc;AAAA,EACvB;AAAA,EACA;AAAA,EACA;AAAA,EACA,YAAY,SAAS;AACjB,QAAI,EAAE,mBAAmB,aAAa;AAClC,YAAM,IAAI,UAAU,2CAA2C;AAAA,IACnE;AACA,SAAK,WAAW;AAAA,EACpB;AAAA,EACA,mBAAmB,iBAAiB;AAChC,QAAI,KAAK,kBAAkB;AACvB,YAAM,IAAI,UAAU,4CAA4C;AAAA,IACpE;AACA,SAAK,mBAAmB;AACxB,WAAO;AAAA,EACX;AAAA,EACA,qBAAqB,mBAAmB;AACpC,QAAI,KAAK,oBAAoB;AACzB,YAAM,IAAI,UAAU,8CAA8C;AAAA,IACtE;AACA,SAAK,qBAAqB;AAC1B,WAAO;AAAA,EACX;AAAA,EACA,MAAM,KAAK,KAAK,SAAS;AACrB,QAAI,CAAC,KAAK,oBAAoB,CAAC,KAAK,oBAAoB;AACpD,YAAM,IAAI,WAAW,iFAAiF;AAAA,IAC1G;AACA,QAAI,CAAC,WAAW,KAAK,kBAAkB,KAAK,kBAAkB,GAAG;AAC7D,YAAM,IAAI,WAAW,2EAA2E;AAAA,IACpG;AACA,UAAM,aAAa;AAAA,MACf,GAAG,KAAK;AAAA,MACR,GAAG,KAAK;AAAA,IACpB;AACQ,UAAM,aAAa,aAAa,YAAY,oBAAI,IAAI,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,GAAG,SAAS,MAAM,KAAK,kBAAkB,UAAU;AACtH,QAAI,MAAM;AACV,QAAI,WAAW,IAAI,KAAK,GAAG;AACvB,YAAM,KAAK,iBAAiB;AAC5B,UAAI,OAAO,QAAQ,WAAW;AAC1B,cAAM,IAAI,WAAW,yEAAyE;AAAA,MAClG;AAAA,IACJ;AACA,UAAM,EAAE,IAAG,IAAK;AAChB,QAAI,OAAO,QAAQ,YAAY,CAAC,KAAK;AACjC,YAAM,IAAI,WAAW,2DAA2D;AAAA,IACpF;AACA,iBAAa,KAAK,KAAK,MAAM;AAC7B,QAAI;AACJ,QAAI;AACJ,QAAI,KAAK;AACL,iBAAWA,OAAK,KAAK,QAAQ;AAC7B,iBAAWC,SAAO,QAAQ;AAAA,IAC9B,OACK;AACD,iBAAW,KAAK;AAChB,iBAAW;AAAA,IACf;AACA,QAAI;AACJ,QAAI;AACJ,QAAI,KAAK,kBAAkB;AACvB,8BAAwBD,OAAK,KAAK,UAAU,KAAK,gBAAgB,CAAC;AAClE,6BAAuBC,SAAO,qBAAqB;AAAA,IACvD,OACK;AACD,8BAAwB;AACxB,6BAAuB,IAAI,WAAU;AAAA,IACzC;AACA,UAAM,OAAO,OAAO,sBAAsBA,SAAO,GAAG,GAAG,QAAQ;AAC/D,UAAM,IAAI,MAAM,aAAa,KAAK,GAAG;AACrC,UAAM,YAAY,MAAM,KAAK,KAAK,GAAG,IAAI;AACzC,UAAM,MAAM;AAAA,MACR,WAAWD,OAAK,SAAS;AAAA,MACzB,SAAS;AAAA,IACrB;AACQ,QAAI,KAAK,oBAAoB;AACzB,UAAI,SAAS,KAAK;AAAA,IACtB;AACA,QAAI,KAAK,kBAAkB;AACvB,UAAI,YAAY;AAAA,IACpB;AACA,WAAO;AAAA,EACX;AACJ;AC1FO,MAAM,YAAY;AAAA,EACrB;AAAA,EACA,YAAY,SAAS;AACjB,SAAK,aAAa,IAAI,cAAc,OAAO;AAAA,EAC/C;AAAA,EACA,mBAAmB,iBAAiB;AAChC,SAAK,WAAW,mBAAmB,eAAe;AAClD,WAAO;AAAA,EACX;AAAA,EACA,MAAM,KAAK,KAAK,SAAS;AACrB,UAAM,MAAM,MAAM,KAAK,WAAW,KAAK,KAAK,OAAO;AACnD,QAAI,IAAI,YAAY,QAAW;AAC3B,YAAM,IAAI,UAAU,2DAA2D;AAAA,IACnF;AACA,WAAO,GAAG,IAAI,SAAS,IAAI,IAAI,OAAO,IAAI,IAAI,SAAS;AAAA,EAC3D;AACJ;ACdO,MAAM,QAAQ;AAAA,EACjB;AAAA,EACA;AAAA,EACA,YAAY,UAAU,IAAI;AACtB,SAAK,OAAO,IAAI,iBAAiB,OAAO;AAAA,EAC5C;AAAA,EACA,UAAU,QAAQ;AACd,SAAK,KAAK,MAAM;AAChB,WAAO;AAAA,EACX;AAAA,EACA,WAAW,SAAS;AAChB,SAAK,KAAK,MAAM;AAChB,WAAO;AAAA,EACX;AAAA,EACA,YAAY,UAAU;AAClB,SAAK,KAAK,MAAM;AAChB,WAAO;AAAA,EACX;AAAA,EACA,OAAO,OAAO;AACV,SAAK,KAAK,MAAM;AAChB,WAAO;AAAA,EACX;AAAA,EACA,aAAa,OAAO;AAChB,SAAK,KAAK,MAAM;AAChB,WAAO;AAAA,EACX;AAAA,EACA,kBAAkB,OAAO;AACrB,SAAK,KAAK,MAAM;AAChB,WAAO;AAAA,EACX;AAAA,EACA,YAAY,OAAO;AACf,SAAK,KAAK,MAAM;AAChB,WAAO;AAAA,EACX;AAAA,EACA,mBAAmB,iBAAiB;AAChC,SAAK,mBAAmB;AACxB,WAAO;AAAA,EACX;AAAA,EACA,MAAM,KAAK,KAAK,SAAS;AACrB,UAAM,MAAM,IAAI,YAAY,KAAK,KAAK,KAAI,CAAE;AAC5C,QAAI,mBAAmB,KAAK,gBAAgB;AAC5C,QAAI,MAAM,QAAQ,KAAK,kBAAkB,IAAI,KACzC,KAAK,iBAAiB,KAAK,SAAS,KAAK,KACzC,KAAK,iBAAiB,QAAQ,OAAO;AACrC,YAAM,IAAI,WAAW,qCAAqC;AAAA,IAC9D;AACA,WAAO,IAAI,KAAK,KAAK,OAAO;AAAA,EAChC;AACJ;","x_google_ignoreList":[0,1,2,3]}
|
|
@@ -5,6 +5,15 @@ import { GroupMember } from '../models/GroupMember.js';
|
|
|
5
5
|
*/
|
|
6
6
|
export declare class GroupMemberCollection extends SmrtCollection<GroupMember> {
|
|
7
7
|
static readonly _itemClass: typeof GroupMember;
|
|
8
|
+
/** Memoized Group collection, used to resolve the Group table name. */
|
|
9
|
+
private groupCollection?;
|
|
10
|
+
/**
|
|
11
|
+
* Resolve the database table name for the `Group` model from the registry
|
|
12
|
+
* (via a shared-connection GroupCollection) rather than hardcoding `groups`.
|
|
13
|
+
* A `@smrt({ tableName })` override or table prefix on Group would otherwise
|
|
14
|
+
* make raw joins reference a non-existent or foreign table.
|
|
15
|
+
*/
|
|
16
|
+
private getGroupTableName;
|
|
8
17
|
/**
|
|
9
18
|
* Find all members of a group
|
|
10
19
|
*/
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"GroupMemberCollection.d.ts","sourceRoot":"","sources":["../../src/collections/GroupMemberCollection.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAC1D,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;
|
|
1
|
+
{"version":3,"file":"GroupMemberCollection.d.ts","sourceRoot":"","sources":["../../src/collections/GroupMemberCollection.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAC1D,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAGvD;;GAEG;AACH,qBAAa,qBAAsB,SAAQ,cAAc,CAAC,WAAW,CAAC;IACpE,MAAM,CAAC,QAAQ,CAAC,UAAU,qBAAe;IAEzC,uEAAuE;IACvE,OAAO,CAAC,eAAe,CAAC,CAAkB;IAE1C;;;;;OAKG;YACW,iBAAiB;IAS/B;;OAEG;IACG,WAAW,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;IAM1D;;OAEG;IACG,UAAU,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;IAMxD;;OAEG;IACG,QAAQ,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAQjE;;OAEG;IACG,SAAS,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC;IAetE;;OAEG;IACG,YAAY,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAarE;;;OAGG;IACG,WAAW,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAKpD;;;OAGG;IACG,oBAAoB,CACxB,MAAM,EAAE,MAAM,EACd,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,MAAM,EAAE,CAAC;IAepB;;OAEG;IACG,UAAU,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;CAIrD"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"SessionCollection.d.ts","sourceRoot":"","sources":["../../src/collections/SessionCollection.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAC1D,OAAO,EAGL,OAAO,EACR,MAAM,sBAAsB,CAAC;AAG9B;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,8BAA8B;IAC9B,MAAM,EAAE,MAAM,CAAC;IACf,kDAAkD;IAClD,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,+CAA+C;IAC/C,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,wBAAwB;IACxB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,wBAAwB;IACxB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,0BAA0B;IAC1B,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAChC;AAED;;GAEG;AACH,qBAAa,iBAAkB,SAAQ,cAAc,CAAC,OAAO,CAAC;IAC5D,MAAM,CAAC,QAAQ,CAAC,UAAU,iBAAW;IAErC;;OAEG;IACG,aAAa,CAAC,OAAO,EAAE,oBAAoB,GAAG,OAAO,CAAC,OAAO,CAAC;IAoBpE;;;OAGG;IACG,gBAAgB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;
|
|
1
|
+
{"version":3,"file":"SessionCollection.d.ts","sourceRoot":"","sources":["../../src/collections/SessionCollection.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAC1D,OAAO,EAGL,OAAO,EACR,MAAM,sBAAsB,CAAC;AAG9B;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,8BAA8B;IAC9B,MAAM,EAAE,MAAM,CAAC;IACf,kDAAkD;IAClD,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,+CAA+C;IAC/C,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,wBAAwB;IACxB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,wBAAwB;IACxB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,0BAA0B;IAC1B,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAChC;AAED;;GAEG;AACH,qBAAa,iBAAkB,SAAQ,cAAc,CAAC,OAAO,CAAC;IAC5D,MAAM,CAAC,QAAQ,CAAC,UAAU,iBAAW;IAErC;;OAEG;IACG,aAAa,CAAC,OAAO,EAAE,oBAAoB,GAAG,OAAO,CAAC,OAAO,CAAC;IAoBpE;;;OAGG;IACG,gBAAgB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;IA8BlE;;OAEG;IACG,KAAK,CACT,SAAS,EAAE,MAAM,EACjB,SAAS,GAAE,OAAe,EAC1B,GAAG,GAAE,MAA4B,GAChC,OAAO,CAAC,OAAO,CAAC;IAYnB;;OAEG;IACG,UAAU,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC;IAapD;;OAEG;IACG,kBAAkB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAczD;;OAEG;IACG,kBAAkB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAkBzD;;OAEG;IACG,aAAa,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IASxD;;;OAGG;IACG,aAAa,IAAI,OAAO,CAAC,MAAM,CAAC;IAiBtC;;OAEG;IACG,iBAAiB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAKxD;;;;;;;;OAQG;IACG,gBAAgB,CACpB,SAAS,EAAE,MAAM,EACjB,QAAQ,EAAE,MAAM,GAAG,IAAI,GACtB,OAAO,CAAC,OAAO,CAAC;IASnB;;OAEG;IACG,cAAc,CAClB,SAAS,EAAE,MAAM,EACjB,GAAG,EAAE,MAAM,EACX,KAAK,EAAE,OAAO,GACb,OAAO,CAAC,OAAO,CAAC;IASnB;;OAEG;IACG,cAAc,CAAC,CAAC,EACpB,SAAS,EAAE,MAAM,EACjB,GAAG,EAAE,MAAM,GACV,OAAO,CAAC,CAAC,GAAG,SAAS,CAAC;CAM1B"}
|
package/dist/index.js
CHANGED
|
@@ -1,72 +1,10 @@
|
|
|
1
|
-
import { D as DEFAULT_ROLES, n as normalizeEmail, i as isValidEmail, P as PermissionCollection, p as parsePermissionSlug, a as isValidPermissionSlug, b as DEFAULT_TENANT_POLICY, T as TenantCollection, M as MembershipCollection, c as DEFAULT_ROLE_SLUGS } from "./chunks/TerminalAuthService-
|
|
2
|
-
import { U, d, e, f, g, h, G, j, k, l, m, o, q, r,
|
|
3
|
-
import {
|
|
1
|
+
import { D as DEFAULT_ROLES, n as normalizeEmail, i as isValidEmail, P as PermissionCollection, p as parsePermissionSlug, a as isValidPermissionSlug, b as DEFAULT_TENANT_POLICY, T as TenantCollection, M as MembershipCollection, c as DEFAULT_ROLE_SLUGS } from "./chunks/TerminalAuthService-DsQBk1Hc.js";
|
|
2
|
+
import { U, d, e, f, g, h, G, j, k, l, m, o, q, r, s, t, O, u, v, w, R, x, S, y, z, A, B, C, E, F, H, I, J, K, U as U2, d as d2, L, N, Q, V, W, X, Y, Z } from "./chunks/TerminalAuthService-DsQBk1Hc.js";
|
|
3
|
+
import { field, smrt, SmrtObject, SmrtCollection, foreignKey, ObjectRegistry, findManifestEntryByQualifiedName } from "@happyvertical/smrt-core";
|
|
4
4
|
import { getPackageConfig } from "@happyvertical/smrt-config";
|
|
5
5
|
import { createHash } from "node:crypto";
|
|
6
6
|
import { MembershipStatus } from "@happyvertical/smrt-types";
|
|
7
7
|
import { MembershipStatus as MembershipStatus2, OverrideEffect, SessionStatus, TenantPermissionEffect, TenantStatus, UserStatus } from "@happyvertical/smrt-types";
|
|
8
|
-
var __defProp$2 = Object.defineProperty;
|
|
9
|
-
var __getOwnPropDesc$2 = Object.getOwnPropertyDescriptor;
|
|
10
|
-
var __decorateClass$2 = (decorators, target, key, kind) => {
|
|
11
|
-
var result = kind > 1 ? void 0 : kind ? __getOwnPropDesc$2(target, key) : target;
|
|
12
|
-
for (var i = decorators.length - 1, decorator; i >= 0; i--)
|
|
13
|
-
if (decorator = decorators[i])
|
|
14
|
-
result = (kind ? decorator(target, key, result) : decorator(result)) || result;
|
|
15
|
-
if (kind && result) __defProp$2(target, key, result);
|
|
16
|
-
return result;
|
|
17
|
-
};
|
|
18
|
-
let Group = class extends SmrtObject {
|
|
19
|
-
tenantId;
|
|
20
|
-
/**
|
|
21
|
-
* Display name for the group
|
|
22
|
-
*/
|
|
23
|
-
name = "";
|
|
24
|
-
/**
|
|
25
|
-
* Description of the group
|
|
26
|
-
*/
|
|
27
|
-
description = "";
|
|
28
|
-
constructor(options = {}) {
|
|
29
|
-
super(options);
|
|
30
|
-
if (options.tenantId !== void 0) this.tenantId = options.tenantId;
|
|
31
|
-
if (options.name !== void 0) this.name = options.name;
|
|
32
|
-
if (options.description !== void 0)
|
|
33
|
-
this.description = options.description;
|
|
34
|
-
}
|
|
35
|
-
};
|
|
36
|
-
__decorateClass$2([
|
|
37
|
-
foreignKey("Tenant", { required: true })
|
|
38
|
-
], Group.prototype, "tenantId", 2);
|
|
39
|
-
Group = __decorateClass$2([
|
|
40
|
-
smrt({
|
|
41
|
-
// #1400: read-only generated surface — RBAC/identity writes go through
|
|
42
|
-
// permission-gated services, not auth-only generated CRUD.
|
|
43
|
-
api: { include: ["list", "get"] },
|
|
44
|
-
mcp: { include: ["list", "get"] },
|
|
45
|
-
cli: true
|
|
46
|
-
})
|
|
47
|
-
], Group);
|
|
48
|
-
class GroupCollection extends SmrtCollection {
|
|
49
|
-
static _itemClass = Group;
|
|
50
|
-
/**
|
|
51
|
-
* Find all groups in a tenant
|
|
52
|
-
*/
|
|
53
|
-
async findByTenant(tenantId) {
|
|
54
|
-
return await this.list({
|
|
55
|
-
where: { tenantId },
|
|
56
|
-
orderBy: "name ASC"
|
|
57
|
-
});
|
|
58
|
-
}
|
|
59
|
-
/**
|
|
60
|
-
* Find group by slug within a tenant
|
|
61
|
-
*/
|
|
62
|
-
async findBySlug(slug, tenantId) {
|
|
63
|
-
const results = await this.list({
|
|
64
|
-
where: { slug, tenantId },
|
|
65
|
-
limit: 1
|
|
66
|
-
});
|
|
67
|
-
return results.length > 0 ? results[0] : null;
|
|
68
|
-
}
|
|
69
|
-
}
|
|
70
8
|
var __defProp$1 = Object.defineProperty;
|
|
71
9
|
var __getOwnPropDesc$1 = Object.getOwnPropertyDescriptor;
|
|
72
10
|
var __decorateClass$1 = (decorators, target, key, kind) => {
|
|
@@ -363,7 +301,7 @@ class MagicLinkService {
|
|
|
363
301
|
* The caller is responsible for emailing the token to the user.
|
|
364
302
|
*/
|
|
365
303
|
async generate(email) {
|
|
366
|
-
const { SignJWT } = await import("./chunks/index-
|
|
304
|
+
const { SignJWT } = await import("./chunks/index-Cp33Tyha.js");
|
|
367
305
|
const key = await this.getSigningKey();
|
|
368
306
|
const nonce = crypto.randomUUID();
|
|
369
307
|
const normalizedEmail = normalizeEmail(email);
|
|
@@ -392,7 +330,7 @@ class MagicLinkService {
|
|
|
392
330
|
* @throws {MagicLinkError} If the token is invalid, expired, or already used
|
|
393
331
|
*/
|
|
394
332
|
async verify(token) {
|
|
395
|
-
const { jwtVerify, errors } = await import("./chunks/index-
|
|
333
|
+
const { jwtVerify, errors } = await import("./chunks/index-Cp33Tyha.js");
|
|
396
334
|
const key = await this.getSigningKey();
|
|
397
335
|
let payload;
|
|
398
336
|
try {
|
|
@@ -1417,66 +1355,66 @@ export {
|
|
|
1417
1355
|
h as DEFAULT_SESSION_TTL,
|
|
1418
1356
|
DEFAULT_TENANT_POLICY,
|
|
1419
1357
|
DEFAULT_TOKEN_EXPIRY_SECONDS,
|
|
1420
|
-
Group,
|
|
1421
|
-
GroupCollection,
|
|
1422
|
-
|
|
1423
|
-
|
|
1424
|
-
|
|
1425
|
-
|
|
1426
|
-
|
|
1358
|
+
G as Group,
|
|
1359
|
+
j as GroupCollection,
|
|
1360
|
+
k as GroupMember,
|
|
1361
|
+
l as GroupMemberCollection,
|
|
1362
|
+
m as GroupRole,
|
|
1363
|
+
o as GroupRoleCollection,
|
|
1364
|
+
q as MAX_TENANT_HIERARCHY_DEPTH,
|
|
1427
1365
|
MagicLinkError,
|
|
1428
1366
|
MagicLinkService,
|
|
1429
1367
|
UsersMagicLinkToken as MagicLinkToken,
|
|
1430
1368
|
UsersMagicLinkTokenCollection as MagicLinkTokenCollection,
|
|
1431
|
-
|
|
1369
|
+
r as Membership,
|
|
1432
1370
|
MembershipCollection,
|
|
1433
|
-
|
|
1434
|
-
|
|
1371
|
+
s as MembershipOverride,
|
|
1372
|
+
t as MembershipOverrideCollection,
|
|
1435
1373
|
MembershipStatus2 as MembershipStatus,
|
|
1436
1374
|
O as OidcLoginError,
|
|
1437
|
-
|
|
1375
|
+
u as OidcLoginService,
|
|
1438
1376
|
OverrideEffect,
|
|
1439
|
-
|
|
1377
|
+
v as Permission,
|
|
1440
1378
|
PermissionCatalogService,
|
|
1441
1379
|
PermissionCollection,
|
|
1442
|
-
|
|
1380
|
+
w as PermissionResolver,
|
|
1443
1381
|
Role,
|
|
1444
1382
|
RoleCollection,
|
|
1445
1383
|
R as RolePermission,
|
|
1446
|
-
|
|
1384
|
+
x as RolePermissionCollection,
|
|
1447
1385
|
S as Session,
|
|
1448
|
-
|
|
1449
|
-
|
|
1386
|
+
y as SessionCollection,
|
|
1387
|
+
z as SessionService,
|
|
1450
1388
|
SessionStatus,
|
|
1451
|
-
|
|
1389
|
+
A as Tenant,
|
|
1452
1390
|
TenantCollection,
|
|
1453
|
-
|
|
1391
|
+
B as TenantHierarchyError,
|
|
1454
1392
|
TenantPermissionEffect,
|
|
1455
|
-
|
|
1456
|
-
|
|
1393
|
+
C as TenantPermissionOverride,
|
|
1394
|
+
E as TenantPermissionOverrideCollection,
|
|
1457
1395
|
TenantService,
|
|
1458
1396
|
TenantStatus,
|
|
1459
|
-
|
|
1460
|
-
|
|
1461
|
-
|
|
1462
|
-
|
|
1463
|
-
|
|
1397
|
+
F as TerminalAuthError,
|
|
1398
|
+
H as TerminalAuthRateLimitError,
|
|
1399
|
+
I as TerminalAuthService,
|
|
1400
|
+
J as User,
|
|
1401
|
+
K as UserCollection,
|
|
1464
1402
|
UserStatus,
|
|
1465
1403
|
U2 as UsersCliAuthRequest,
|
|
1466
1404
|
d2 as UsersCliAuthRequestCollection,
|
|
1467
1405
|
UsersMagicLinkToken,
|
|
1468
1406
|
UsersMagicLinkTokenCollection,
|
|
1469
1407
|
applyPostgresPermissionPolicies,
|
|
1470
|
-
|
|
1471
|
-
|
|
1408
|
+
L as decodeOidcTransaction,
|
|
1409
|
+
N as encodeOidcTransaction,
|
|
1472
1410
|
generatePostgresPermissionSql,
|
|
1473
|
-
|
|
1474
|
-
|
|
1475
|
-
|
|
1476
|
-
|
|
1411
|
+
Q as generateSessionId,
|
|
1412
|
+
V as getCurrentSessionPermissionContext,
|
|
1413
|
+
W as getRequestScopedDatabase,
|
|
1414
|
+
X as getUsersOidcConfig,
|
|
1477
1415
|
registerPermissionDefinitions,
|
|
1478
|
-
|
|
1416
|
+
Y as resolveOidcProviderConfig,
|
|
1479
1417
|
syncPermissionCatalog,
|
|
1480
|
-
|
|
1418
|
+
Z as withSessionPermissionContext
|
|
1481
1419
|
};
|
|
1482
1420
|
//# sourceMappingURL=index.js.map
|