npm - @kyro-cms/core - Versions diffs - 0.1.1 → 0.1.2 - Mend

@kyro-cms/core 0.1.1 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (74) hide show

package/README.md +196 -109
package/dist/bootstrap-2WJK6PG7.cjs +29 -0
package/dist/bootstrap-2WJK6PG7.cjs.map +1 -0
package/dist/bootstrap-Q2TWUQF3.js +4 -0
package/dist/bootstrap-Q2TWUQF3.js.map +1 -0
package/dist/chunk-3QX6KG2S.js +2125 -0
package/dist/chunk-3QX6KG2S.js.map +1 -0
package/dist/chunk-5AOILNGY.cjs +212 -0
package/dist/chunk-5AOILNGY.cjs.map +1 -0
package/dist/{chunk-DKSMFC3L.js → chunk-EINVJPFM.js} +2 -2
package/dist/{chunk-DKSMFC3L.js.map → chunk-EINVJPFM.js.map} +1 -1
package/dist/chunk-F5B64H5S.cjs +2149 -0
package/dist/chunk-F5B64H5S.cjs.map +1 -0
package/dist/chunk-I4BORBXT.cjs +914 -0
package/dist/chunk-I4BORBXT.cjs.map +1 -0
package/dist/chunk-KA3UOIFC.js +206 -0
package/dist/chunk-KA3UOIFC.js.map +1 -0
package/dist/chunk-KWTKEBHM.cjs +176 -0
package/dist/chunk-KWTKEBHM.cjs.map +1 -0
package/dist/chunk-M4JFHQ5J.js +170 -0
package/dist/chunk-M4JFHQ5J.js.map +1 -0
package/dist/chunk-PZ5AY32C.js +9 -0
package/dist/chunk-PZ5AY32C.js.map +1 -0
package/dist/chunk-Q7SFCCGT.cjs +11 -0
package/dist/chunk-Q7SFCCGT.cjs.map +1 -0
package/dist/chunk-U4CHJTWX.cjs +94 -0
package/dist/chunk-U4CHJTWX.cjs.map +1 -0
package/dist/{chunk-3Q3FS5J4.cjs → chunk-V3B25QOK.cjs} +2 -2
package/dist/{chunk-3Q3FS5J4.cjs.map → chunk-V3B25QOK.cjs.map} +1 -1
package/dist/chunk-V67YXRBT.js +899 -0
package/dist/chunk-V67YXRBT.js.map +1 -0
package/dist/chunk-XLMVCGXA.js +86 -0
package/dist/chunk-XLMVCGXA.js.map +1 -0
package/dist/cli/index.cjs +106 -14
package/dist/cli/index.cjs.map +1 -1
package/dist/cli/index.js +106 -14
package/dist/cli/index.js.map +1 -1
package/dist/database-37KXWUER.js +5 -0
package/dist/database-37KXWUER.js.map +1 -0
package/dist/database-LJKD3HE4.cjs +22 -0
package/dist/database-LJKD3HE4.cjs.map +1 -0
package/dist/drizzle/index.cjs +25 -5
package/dist/drizzle/index.d.cts +5 -49
package/dist/drizzle/index.d.ts +5 -49
package/dist/drizzle/index.js +5 -1
package/dist/graphql/index.cjs +1 -0
package/dist/graphql/index.js +1 -0
package/dist/index-BVFlb7uU.d.ts +192 -0
package/dist/index-CzkEHKqu.d.cts +192 -0
package/dist/index.cjs +1203 -23
package/dist/index.cjs.map +1 -1
package/dist/index.d.cts +382 -68
package/dist/index.d.ts +382 -68
package/dist/index.js +1110 -20
package/dist/index.js.map +1 -1
package/dist/mongodb/index.cjs +1 -0
package/dist/mongodb/index.js +1 -0
package/dist/postgres-auth-adapter-CYZAVPPP.cjs +14 -0
package/dist/postgres-auth-adapter-CYZAVPPP.cjs.map +1 -0
package/dist/postgres-auth-adapter-LTDUGBMB.js +5 -0
package/dist/postgres-auth-adapter-LTDUGBMB.js.map +1 -0
package/dist/rest/index.cjs +1 -0
package/dist/rest/index.js +1 -0
package/dist/templates/index.cjs +94 -536
package/dist/templates/index.cjs.map +1 -1
package/dist/templates/index.d.cts +45 -1
package/dist/templates/index.d.ts +45 -1
package/dist/templates/index.js +2 -535
package/dist/templates/index.js.map +1 -1
package/dist/trpc/index.cjs +1 -0
package/dist/trpc/index.js +1 -0
package/dist/ws/index.cjs +1 -0
package/dist/ws/index.js +1 -0
package/package.json +23 -8

package/dist/chunk-I4BORBXT.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/auth/redis-adapter.ts","../src/auth/nodemailer-transport.ts","../src/auth/security/password-policy.ts","../src/auth/bootstrap.ts"],"names":["Redis","randomBytes","bcrypt","nodemailer"],"mappings":";;;;;;;;;;;;;;AAiBA,IAAM,cAAA,GAAiB,YAAA;AACvB,IAAM,wBAAA,GAA2B,KAAA;AACjC,IAAM,0BAAA,GAA6B,MAAA;AAE5B,IAAM,mBAAN,MAA8C;AAAA,EAC3C,KAAA;AAAA,EACA,MAAA;AAAA,EACA,eAAA;AAAA,EACA,iBAAA;AAAA,EAER,WAAA,CAAY,OAAA,GAAmC,EAAC,EAAG;AACjD,IAAA,MAAM,GAAA,GACJ,OAAA,CAAQ,GAAA,IACR,CAAA,QAAA,EAAW,OAAA,CAAQ,QAAQ,WAAW,CAAA,CAAA,EAAI,OAAA,CAAQ,IAAA,IAAQ,IAAI,CAAA,CAAA;AAEhE,IAAA,IAAA,CAAK,KAAA,GAAQ,IAAIA,uBAAA,CAAM,GAAA,EAAK;AAAA,MAC1B,UAAU,OAAA,CAAQ,QAAA;AAAA,MAClB,IAAI,OAAA,CAAQ,EAAA;AAAA,MACZ,WAAA,EAAa,IAAA;AAAA,MACb,GAAA,EAAK,OAAA,CAAQ,GAAA,GAAM,EAAC,GAAI;AAAA,KACzB,CAAA;AAED,IAAA,IAAA,CAAK,MAAA,GAAS,QAAQ,SAAA,IAAa,cAAA;AACnC,IAAA,IAAA,CAAK,eAAA,GAAkB,QAAQ,eAAA,IAAmB,wBAAA;AAClD,IAAA,IAAA,CAAK,iBAAA,GACH,QAAQ,sBAAA,IAA0B,0BAAA;AAAA,EACtC;AAAA,EAEA,MAAM,OAAA,GAAyB;AAC7B,IAAA,MAAM,IAAA,CAAK,MAAM,OAAA,EAAQ;AAAA,EAC3B;AAAA,EAEA,MAAM,UAAA,GAA4B;AAChC,IAAA,MAAM,IAAA,CAAK,MAAM,IAAA,EAAK;AAAA,EACxB;AAAA,EAEQ,QAAQ,MAAA,EAAwB;AACtC,IAAA,OAAO,CAAA,EAAG,IAAA,CAAK,MAAM,CAAA,MAAA,EAAS,MAAM,CAAA,CAAA;AAAA,EACtC;AAAA,EAEQ,WAAW,SAAA,EAA2B;AAC5C,IAAA,OAAO,CAAA,EAAG,IAAA,CAAK,MAAM,CAAA,SAAA,EAAY,SAAS,CAAA,CAAA;AAAA,EAC5C;AAAA,EAEQ,WAAW,KAAA,EAAuB;AACxC,IAAA,OAAO,CAAA,EAAG,IAAA,CAAK,MAAM,CAAA,QAAA,EAAW,KAAK,CAAA,CAAA;AAAA,EACvC;AAAA,EAEQ,eAAe,KAAA,EAAuB;AAC5C,IAAA,OAAO,GAAG,IAAA,CAAK,MAAM,CAAA,YAAA,EAAe,KAAA,CAAM,aAAa,CAAA,CAAA;AAAA,EACzD;AAAA,EAEQ,mBAAmB,MAAA,EAAwB;AACjD,IAAA,OAAO,CAAA,EAAG,IAAA,CAAK,MAAM,CAAA,MAAA,EAAS,MAAM,CAAA,iBAAA,CAAA;AAAA,EACtC;AAAA,EAEA,MAAM,WAAW,IAAA,EAKK;AACpB,IAAA,MAAM,MAAA,GAASC,kBAAA,CAAY,EAAE,CAAA,CAAE,SAAS,KAAK,CAAA;AAC7C,IAAA,MAAM,GAAA,GAAA,iBAAM,IAAI,IAAA,EAAK,EAAE,WAAA,EAAY;AAEnC,IAAA,MAAM,IAAA,GAAiB;AAAA,MACrB,EAAA,EAAI,MAAA;AAAA,MACJ,KAAA,EAAO,IAAA,CAAK,KAAA,CAAM,WAAA,EAAY;AAAA,MAC9B,cAAc,IAAA,CAAK,YAAA;AAAA,MACnB,IAAA,EAAO,KAAK,IAAA,IAAQ,UAAA;AAAA,MACpB,UAAU,IAAA,CAAK,QAAA;AAAA,MACf,SAAA,EAAW,GAAA;AAAA,MACX,SAAA,EAAW;AAAA,KACb;AAEA,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,KAAA,CAAM,QAAA,EAAS;AAErC,IAAA,QAAA,CAAS,IAAA,CAAK,KAAK,OAAA,CAAQ,MAAM,GAAG,IAAA,CAAK,UAAA,CAAW,IAAI,CAAC,CAAA;AACzD,IAAA,QAAA,CAAS,IAAI,IAAA,CAAK,cAAA,CAAe,IAAA,CAAK,KAAK,GAAG,MAAM,CAAA;AAEpD,IAAA,MAAM,SAAS,IAAA,EAAK;AAEpB,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,gBAAgB,KAAA,EAAyC;AAC7D,IAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,KAAA,CAAM,GAAA;AAAA,MAC9B,IAAA,CAAK,cAAA,CAAe,KAAA,CAAM,WAAA,EAAa;AAAA,KACzC;AACA,IAAA,IAAI,CAAC,QAAQ,OAAO,IAAA;AACpB,IAAA,OAAO,IAAA,CAAK,aAAa,MAAM,CAAA;AAAA,EACjC;AAAA,EAEA,MAAM,aAAa,MAAA,EAA0C;AAC3D,IAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,KAAA,CAAM,QAAQ,IAAA,CAAK,OAAA,CAAQ,MAAM,CAAC,CAAA;AAC1D,IAAA,IAAI,CAAC,QAAQ,MAAA,CAAO,IAAA,CAAK,IAAI,CAAA,CAAE,MAAA,KAAW,GAAG,OAAO,IAAA;AACpD,IAAA,OAAO,IAAA,CAAK,WAAW,IAAI,CAAA;AAAA,EAC7B;AAAA,EAEA,MAAM,UAAA,CACJ,MAAA,EACA,IAAA,EAC0B;AAC1B,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,YAAA,CAAa,MAAM,CAAA;AAC/C,IAAA,IAAI,CAAC,UAAU,OAAO,IAAA;AAEtB,IAAA,MAAM,OAAA,GAAoB;AAAA,MACxB,GAAG,QAAA;AAAA,MACH,GAAG,IAAA;AAAA,MACH,EAAA,EAAI,MAAA;AAAA,MACJ,SAAA,EAAA,iBAAW,IAAI,IAAA,EAAK,EAAE,WAAA;AAAY,KACpC;AAEA,IAAA,IAAI,IAAA,CAAK,KAAA,IAAS,IAAA,CAAK,KAAA,KAAU,SAAS,KAAA,EAAO;AAC/C,MAAA,MAAM,QAAA,GAAW,IAAA,CAAK,KAAA,CAAM,QAAA,EAAS;AACrC,MAAA,QAAA,CAAS,GAAA,CAAI,IAAA,CAAK,cAAA,CAAe,QAAA,CAAS,KAAK,CAAC,CAAA;AAChD,MAAA,QAAA,CAAS,IAAI,IAAA,CAAK,cAAA,CAAe,IAAA,CAAK,KAAK,GAAG,MAAM,CAAA;AACpD,MAAA,MAAM,SAAS,IAAA,EAAK;AAAA,IACtB;AAEA,IAAA,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,IAAA,CAAK,OAAA,CAAQ,MAAM,CAAA,EAAG,IAAA,CAAK,UAAA,CAAW,OAAO,CAAC,CAAA;AACpE,IAAA,OAAO,OAAA;AAAA,EACT;AAAA,EAEA,MAAM,WAAW,MAAA,EAAkC;AACjD,IAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,YAAA,CAAa,MAAM,CAAA;AAC3C,IAAA,IAAI,CAAC,MAAM,OAAO,KAAA;AAElB,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,KAAA,CAAM,QAAA,EAAS;AACrC,IAAA,QAAA,CAAS,GAAA,CAAI,IAAA,CAAK,OAAA,CAAQ,MAAM,CAAC,CAAA;AACjC,IAAA,QAAA,CAAS,GAAA,CAAI,IAAA,CAAK,cAAA,CAAe,IAAA,CAAK,KAAK,CAAC,CAAA;AAC5C,IAAA,QAAA,CAAS,GAAA,CAAI,IAAA,CAAK,kBAAA,CAAmB,MAAM,CAAC,CAAA;AAC5C,IAAA,MAAM,SAAS,IAAA,EAAK;AAEpB,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,aAAa,QAAA,EAAmC;AACpD,IAAA,OAAOC,uBAAA,CAAO,IAAA,CAAK,QAAA,EAAU,EAAE,CAAA;AAAA,EACjC;AAAA,EAEA,MAAM,cAAA,CAAe,QAAA,EAAkB,IAAA,EAAgC;AACrE,IAAA,OAAOA,uBAAA,CAAO,OAAA,CAAQ,QAAA,EAAU,IAAI,CAAA;AAAA,EACtC;AAAA,EAEA,MAAM,aAAA,CACJ,MAAA,EACA,IAAA,GAGI,EAAC,EACa;AAClB,IAAA,MAAM,SAAA,GAAYD,kBAAA,CAAY,EAAE,CAAA,CAAE,SAAS,KAAK,CAAA;AAChD,IAAA,MAAM,KAAA,GAAQA,kBAAA,CAAY,EAAE,CAAA,CAAE,SAAS,WAAW,CAAA;AAClD,IAAA,MAAM,YAAA,GAAeA,kBAAA,CAAY,EAAE,CAAA,CAAE,SAAS,WAAW,CAAA;AACzD,IAAA,MAAM,GAAA,uBAAU,IAAA,EAAK;AAErB,IAAA,MAAM,OAAA,GAAmB;AAAA,MACvB,EAAA,EAAI,SAAA;AAAA,MACJ,MAAA;AAAA,MACA,KAAA;AAAA,MACA,YAAA;AAAA,MACA,WAAW,IAAI,IAAA;AAAA,QACb,GAAA,CAAI,OAAA,EAAQ,GAAI,IAAA,CAAK,eAAA,GAAkB;AAAA,QACvC,WAAA,EAAY;AAAA,MACd,SAAA,EAAW,IAAI,WAAA,EAAY;AAAA,MAC3B,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,WAAW,IAAA,CAAK;AAAA,KAClB;AAEA,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,KAAA,CAAM,QAAA,EAAS;AAErC,IAAA,QAAA,CAAS,IAAA,CAAK,KAAK,UAAA,CAAW,SAAS,GAAG,IAAA,CAAK,aAAA,CAAc,OAAO,CAAC,CAAA;AACrE,IAAA,QAAA,CAAS,KAAA;AAAA,MACP,IAAA,CAAK,WAAW,YAAY,CAAA;AAAA,MAC5B,IAAA,CAAK,iBAAA;AAAA,MACL;AAAA,KACF;AAEA,IAAA,MAAM,SAAS,IAAA,EAAK;AAEpB,IAAA,OAAO,OAAA;AAAA,EACT;AAAA,EAEA,MAAM,mBAAmB,KAAA,EAAwC;AAC/D,IAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,KAAA,CAAM,QAAQ,IAAA,CAAK,UAAA,CAAW,KAAK,CAAC,CAAA;AAC5D,IAAA,IAAI,CAAC,QAAQ,MAAA,CAAO,IAAA,CAAK,IAAI,CAAA,CAAE,MAAA,KAAW,GAAG,OAAO,IAAA;AACpD,IAAA,OAAO,IAAA,CAAK,cAAc,IAAI,CAAA;AAAA,EAChC;AAAA,EAEA,MAAM,cAAc,SAAA,EAAqC;AACvD,IAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,KAAA,CAAM,QAAQ,IAAA,CAAK,UAAA,CAAW,SAAS,CAAC,CAAA;AACnE,IAAA,IAAI,CAAC,WAAW,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,MAAA,KAAW,GAAG,OAAO,KAAA;AAE1D,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,KAAA,CAAM,QAAA,EAAS;AACrC,IAAA,QAAA,CAAS,GAAA,CAAI,IAAA,CAAK,UAAA,CAAW,SAAS,CAAC,CAAA;AACvC,IAAA,IAAI,QAAQ,YAAA,EAAc;AACxB,MAAA,QAAA,CAAS,GAAA,CAAI,IAAA,CAAK,UAAA,CAAW,OAAA,CAAQ,YAAY,CAAC,CAAA;AAAA,IACpD;AACA,IAAA,MAAM,SAAS,IAAA,EAAK;AAEpB,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,mBAAmB,MAAA,EAAiC;AACxD,IAAA,MAAM,OAAA,GAAU,CAAA,EAAG,IAAA,CAAK,MAAM,CAAA,UAAA,CAAA;AAC9B,IAAA,IAAI,MAAA,GAAS,GAAA;AACb,IAAA,IAAI,OAAA,GAAU,CAAA;AAEd,IAAA,GAAG;AACD,MAAA,MAAM,CAAC,UAAA,EAAY,IAAI,CAAA,GAAI,MAAM,KAAK,KAAA,CAAM,IAAA;AAAA,QAC1C,MAAA;AAAA,QACA,OAAA;AAAA,QACA,OAAA;AAAA,QACA,OAAA;AAAA,QACA;AAAA,OACF;AACA,MAAA,MAAA,GAAS,UAAA;AAET,MAAA,KAAA,MAAW,OAAO,IAAA,EAAM;AACtB,QAAA,MAAM,WAAA,GAAc,MAAM,IAAA,CAAK,KAAA,CAAM,QAAQ,GAAG,CAAA;AAChD,QAAA,IAAI,WAAA,CAAY,WAAW,MAAA,EAAQ;AACjC,UAAA,MAAM,YAAY,GAAA,CAAI,OAAA,CAAQ,GAAG,IAAA,CAAK,MAAM,aAAa,EAAE,CAAA;AAC3D,UAAA,MAAM,IAAA,CAAK,cAAc,SAAS,CAAA;AAClC,UAAA,OAAA,EAAA;AAAA,QACF;AAAA,MACF;AAAA,IACF,SAAS,MAAA,KAAW,GAAA;AAEpB,IAAA,OAAO,OAAA;AAAA,EACT;AAAA,EAEA,MAAM,oBAAA,CACJ,MAAA,EACA,YAAA,EACe;AACf,IAAA,MAAM,KAAK,KAAA,CAAM,KAAA,CAAM,KAAK,kBAAA,CAAmB,MAAM,GAAG,YAAY,CAAA;AACpE,IAAA,MAAM,IAAA,CAAK,MAAM,KAAA,CAAM,IAAA,CAAK,mBAAmB,MAAM,CAAA,EAAG,GAAG,CAAC,CAAA;AAAA,EAC9D;AAAA,EAEA,MAAM,kBAAA,CACJ,MAAA,EACA,KAAA,GAAgB,CAAA,EACG;AACnB,IAAA,OAAO,IAAA,CAAK,MAAM,MAAA,CAAO,IAAA,CAAK,mBAAmB,MAAM,CAAA,EAAG,CAAA,EAAG,KAAA,GAAQ,CAAC,CAAA;AAAA,EACxE;AAAA,EAEA,MAAM,mBAAA,CACJ,QAAA,EACA,MAAA,EACA,eAAuB,CAAA,EACL;AAClB,IAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,kBAAA,CAAmB,QAAQ,YAAY,CAAA;AAElE,IAAA,KAAA,MAAW,QAAQ,OAAA,EAAS;AAC1B,MAAA,IAAI,MAAM,IAAA,CAAK,cAAA,CAAe,QAAA,EAAU,IAAI,CAAA,EAAG;AAC7C,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF;AAEA,IAAA,OAAO,KAAA;AAAA,EACT;AAAA,EAEQ,WAAW,IAAA,EAAwC;AACzD,IAAA,MAAM,IAAA,GAA+B;AAAA,MACnC,IAAI,IAAA,CAAK,EAAA;AAAA,MACT,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,YAAA,EAAc,KAAK,YAAA,IAAgB,EAAA;AAAA,MACnC,MAAM,IAAA,CAAK,IAAA;AAAA,MACX,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,WAAW,IAAA,CAAK;AAAA,KAClB;AAEA,IAAA,IAAI,IAAA,CAAK,QAAA,EAAU,IAAA,CAAK,QAAA,GAAW,IAAA,CAAK,QAAA;AACxC,IAAA,IAAI,KAAK,aAAA,KAAkB,MAAA;AACzB,MAAA,IAAA,CAAK,aAAA,GAAgB,MAAA,CAAO,IAAA,CAAK,aAAa,CAAA;AAChD,IAAA,IAAI,KAAK,MAAA,KAAW,MAAA,OAAgB,MAAA,GAAS,MAAA,CAAO,KAAK,MAAM,CAAA;AAC/D,IAAA,IAAI,IAAA,CAAK,SAAA,EAAW,IAAA,CAAK,SAAA,GAAY,IAAA,CAAK,SAAA;AAC1C,IAAA,IAAI,KAAK,mBAAA,KAAwB,MAAA;AAC/B,MAAA,IAAA,CAAK,mBAAA,GAAsB,MAAA,CAAO,IAAA,CAAK,mBAAmB,CAAA;AAE5D,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEQ,WAAW,IAAA,EAAwC;AACzD,IAAA,OAAO;AAAA,MACL,IAAI,IAAA,CAAK,EAAA;AAAA,MACT,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,cAAc,IAAA,CAAK,YAAA;AAAA,MACnB,MAAM,IAAA,CAAK,IAAA;AAAA,MACX,UAAU,IAAA,CAAK,QAAA;AAAA,MACf,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,aAAA,EAAe,KAAK,aAAA,KAAkB,MAAA;AAAA,MACtC,MAAA,EAAQ,KAAK,MAAA,KAAW,MAAA;AAAA,MACxB,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,qBAAqB,IAAA,CAAK,mBAAA,GACtB,SAAS,IAAA,CAAK,mBAAA,EAAqB,EAAE,CAAA,GACrC;AAAA,KACN;AAAA,EACF;AAAA,EAEQ,cAAc,OAAA,EAA0C;AAC9D,IAAA,MAAM,IAAA,GAA+B;AAAA,MACnC,IAAI,OAAA,CAAQ,EAAA;AAAA,MACZ,QAAQ,OAAA,CAAQ,MAAA;AAAA,MAChB,OAAO,OAAA,CAAQ,KAAA;AAAA,MACf,WAAW,OAAA,CAAQ,SAAA;AAAA,MACnB,WAAW,OAAA,CAAQ;AAAA,KACrB;AAEA,IAAA,IAAI,OAAA,CAAQ,YAAA,EAAc,IAAA,CAAK,YAAA,GAAe,OAAA,CAAQ,YAAA;AACtD,IAAA,IAAI,OAAA,CAAQ,SAAA,EAAW,IAAA,CAAK,SAAA,GAAY,OAAA,CAAQ,SAAA;AAChD,IAAA,IAAI,OAAA,CAAQ,SAAA,EAAW,IAAA,CAAK,SAAA,GAAY,OAAA,CAAQ,SAAA;AAEhD,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEQ,cAAc,IAAA,EAAuC;AAC3D,IAAA,OAAO;AAAA,MACL,IAAI,IAAA,CAAK,EAAA;AAAA,MACT,QAAQ,IAAA,CAAK,MAAA;AAAA,MACb,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,cAAc,IAAA,CAAK,YAAA;AAAA,MACnB,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,WAAW,IAAA,CAAK;AAAA,KAClB;AAAA,EACF;AACF;ACtSA,IAAM,gBAAA,GAAmC;AAAA,EACvC,WAAA,EAAa,CAAC,IAAA,EAAM,QAAA,GAAW,MAAA,MAAY;AAAA,IACzC,OAAA,EAAS,2BAAA;AAAA,IACT,IAAA,EAAM;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,uBAAA,EAgBe,QAAQ,CAAA;AAAA;AAAA;AAAA,qBAAA,EAGV,IAAI,CAAA;AAAA;AAAA;AAAA,yDAAA,EAGgC,IAAI,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAAA,CAAA;AAAA,IAS3D,IAAA,EAAM,WAAW,QAAQ,CAAA;;AAAA,gDAAA,EAAwD,IAAI;;AAAA;;AAAA,kEAAA;AAAA,GACvF,CAAA;AAAA,EAEA,aAAA,EAAe,CAAC,IAAA,EAAM,QAAA,GAAW,MAAA,MAAY;AAAA,IAC3C,OAAA,EAAS,qBAAA;AAAA,IACT,IAAA,EAAM;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,mBAAA,EAkBW,QAAQ,CAAA;AAAA;AAAA;AAAA,qBAAA,EAGN,IAAI,CAAA;AAAA;AAAA;AAAA,yDAAA,EAGgC,IAAI,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAAA,CAAA;AAAA,IAW3D,IAAA,EAAM,CAAA;;AAAA,MAAA,EAAmC,QAAQ,CAAA;;AAAA,wFAAA,EAAgG,IAAI;;AAAA;;AAAA,iEAAA;AAAA,GACvJ,CAAA;AAAA,EAEA,OAAA,EAAS,CAAC,QAAA,GAAW,MAAA,MAAY;AAAA,IAC/B,OAAA,EAAS,qBAAA;AAAA,IACT,IAAA,EAAM;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,mCAAA,EAe2B,QAAQ,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAAA,CAAA;AAAA,IAiBzC,IAAA,EAAM,wBAAwB,QAAQ,CAAA;;AAAA;;AAAA;AAAA;AAAA;AAAA;AAAA;;AAAA,2CAAA;AAAA,GACxC,CAAA;AAAA,EAEA,aAAA,EAAe,CAAC,QAAA,EAAU,QAAA,EAAU,WAAW,MAAA,MAAY;AAAA,IACzD,OAAA,EAAS,yCAAA;AAAA,IACT,IAAA,EAAM;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,mBAAA,EAiBW,QAAQ,CAAA;AAAA;AAAA;AAAA,gCAAA,EAGK,QAAQ,CAAA;AAAA,iCAAA,EACP,IAAA,CAAK,KAAA,CAAM,QAAA,GAAW,GAAK,CAAC,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAAA,CAAA;AAAA,IAgB3D,IAAA,EAAM,CAAA;;AAAA,MAAA,EAAmC,QAAQ,CAAA;;AAAA,gFAAA,EAAwF,QAAQ,CAAA;;AAAA,kBAAA,EAA2B,IAAA,CAAK,KAAA,CAAM,QAAA,GAAW,GAAK,CAAC,CAAA;;AAAA;;AAAA,iEAAA;AAAA,GAC1M,CAAA;AAAA,EAEA,eAAA,EAAiB,CAAC,QAAA,GAAW,MAAA,MAAY;AAAA,IACvC,OAAA,EAAS,gCAAA;AAAA,IACT,IAAA,EAAM;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,mBAAA,EAgBW,QAAQ,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAAA,CAAA;AAAA,IAUzB,IAAA,EAAM,CAAA;;AAAA,MAAA,EAA6B,QAAQ,CAAA;;AAAA;;AAAA;;AAAA,uEAAA;AAAA,GAC7C,CAAA;AAAA,EAEA,QAAA,EAAU,CAAC,QAAA,EAAU,IAAA,EAAM,WAAW,MAAA,MAAY;AAAA,IAChD,OAAA,EAAS,2BAAA;AAAA,IACT,IAAA,EAAM;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,mBAAA,EAiBW,QAAQ,CAAA;AAAA;AAAA;AAAA,0CAAA,EAGe,QAAQ,CAAA;AAAA,sCAAA,EACZ,IAAI,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAAA,CAAA;AAAA,IAgBxC,IAAA,EAAM,CAAA;;AAAA,MAAA,EAA+B,QAAQ,CAAA;;AAAA;;AAAA,UAAA,EAA8D,QAAQ;AAAA,MAAA,EAAW,IAAI;;AAAA,gFAAA;AAAA,GACpI;AACF,CAAA;AAEO,IAAM,cAAA,GAAN,MAAM,eAAA,CAAe;AAAA,EAClB,WAAA;AAAA,EACA,IAAA;AAAA,EACA,QAAA;AAAA,EACA,SAAA;AAAA,EAER,WAAA,CAAY,QAAqB,SAAA,EAAqC;AACpE,IAAA,IAAA,CAAK,WAAA,GAAcE,4BAAW,eAAA,CAAgB;AAAA,MAC5C,MAAM,MAAA,CAAO,IAAA;AAAA,MACb,MAAM,MAAA,CAAO,IAAA;AAAA,MACb,QAAQ,MAAA,CAAO,MAAA;AAAA,MACf,MAAM,MAAA,CAAO;AAAA,KACd,CAAA;AAED,IAAA,IAAA,CAAK,OAAO,MAAA,CAAO,IAAA;AACnB,IAAA,IAAA,CAAK,QAAA,GAAW,OAAO,QAAA,IAAY,UAAA;AACnC,IAAA,IAAA,CAAK,SAAA,GAAY,EAAE,GAAG,gBAAA,EAAkB,GAAG,SAAA,EAAU;AAAA,EACvD;AAAA,EAEA,MAAM,KAAK,OAAA,EAAiD;AAC1D,IAAA,OAAO,IAAA,CAAK,YAAY,QAAA,CAAS;AAAA,MAC/B,MAAM,CAAA,CAAA,EAAI,IAAA,CAAK,QAAQ,CAAA,GAAA,EAAM,KAAK,IAAI,CAAA,CAAA,CAAA;AAAA,MACtC,EAAA,EAAI,KAAA,CAAM,OAAA,CAAQ,OAAA,CAAQ,EAAE,CAAA,GAAI,OAAA,CAAQ,EAAA,CAAG,IAAA,CAAK,IAAI,CAAA,GAAI,OAAA,CAAQ,EAAA;AAAA,MAChE,SAAS,OAAA,CAAQ,OAAA;AAAA,MACjB,MAAM,OAAA,CAAQ,IAAA;AAAA,MACd,MAAM,OAAA,CAAQ;AAAA,KACf,CAAA;AAAA,EACH;AAAA,EAEA,YAAA,GAA+B;AAC7B,IAAA,OAAO,IAAA,CAAK,SAAA;AAAA,EACd;AAAA,EAEA,MAAM,gBAAA,GAAqC;AACzC,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,CAAK,YAAY,MAAA,EAAO;AAC9B,MAAA,OAAO,IAAA;AAAA,IACT,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO,KAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,OAAO,OAAA,GAAiC;AACtC,IAAA,MAAM,IAAA,GAAO,QAAQ,GAAA,CAAI,SAAA;AACzB,IAAA,MAAM,OAAO,QAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,SAAA,IAAa,OAAO,EAAE,CAAA;AACxD,IAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,GAAA,CAAI,WAAA,KAAgB,MAAA;AAC3C,IAAA,MAAM,IAAA,GAAO,QAAQ,GAAA,CAAI,SAAA;AACzB,IAAA,MAAM,IAAA,GAAO,QAAQ,GAAA,CAAI,SAAA;AACzB,IAAA,MAAM,OACJ,OAAA,CAAQ,GAAA,CAAI,SAAA,IACZ,OAAA,CAAQ,IAAI,YAAA,IACZ,qBAAA;AACF,IAAA,MAAM,QAAA,GAAW,OAAA,CAAQ,GAAA,CAAI,cAAA,IAAkB,UAAA;AAE/C,IAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,IAAA,IAAQ,CAAC,IAAA,EAAM;AAC3B,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,OAAO,IAAI,eAAA,CAAe;AAAA,MACxB,IAAA;AAAA,MACA,IAAA;AAAA,MACA,MAAA;AAAA,MACA,IAAA,EAAM,EAAE,IAAA,EAAM,IAAA,EAAK;AAAA,MACnB,IAAA;AAAA,MACA;AAAA,KACD,CAAA;AAAA,EACH;AACF;;;AC/UO,IAAM,uBAAA,GAAgD;AAAA,EAC3D,SAAA,EAAW,EAAA;AAAA,EACX,gBAAA,EAAkB,IAAA;AAAA,EAClB,gBAAA,EAAkB,IAAA;AAAA,EAClB,cAAA,EAAgB,IAAA;AAAA,EAChB,mBAAA,EAAqB,IAAA;AAAA,EACrB,YAAA,EAAc,CAAA;AAAA,EACd,SAAA,EAAW;AACb,CAAA;AAEO,IAAM,iBAAN,MAAqB;AAAA,EAClB,MAAA;AAAA,EAER,WAAA,CAAY,MAAA,GAAwC,EAAC,EAAG;AACtD,IAAA,IAAA,CAAK,MAAA,GAAS,EAAE,GAAG,uBAAA,EAAyB,GAAG,MAAA,EAAO;AAAA,EACxD;AAAA,EAEA,SAAS,QAAA,EAAoC;AAC3C,IAAA,MAAM,SAAmB,EAAC;AAE1B,IAAA,IAAI,KAAK,MAAA,CAAO,SAAA,IAAa,SAAS,MAAA,GAAS,IAAA,CAAK,OAAO,SAAA,EAAW;AACpE,MAAA,MAAA,CAAO,IAAA;AAAA,QACL,CAAA,yBAAA,EAA4B,IAAA,CAAK,MAAA,CAAO,SAAS,CAAA,WAAA;AAAA,OACnD;AAAA,IACF;AAEA,IAAA,IAAI,QAAA,CAAS,MAAA,GAAS,IAAA,CAAK,MAAA,CAAO,SAAA,EAAW;AAC3C,MAAA,MAAA,CAAO,IAAA;AAAA,QACL,CAAA,0BAAA,EAA6B,IAAA,CAAK,MAAA,CAAO,SAAS,CAAA,WAAA;AAAA,OACpD;AAAA,IACF;AAEA,IAAA,IAAI,KAAK,MAAA,CAAO,gBAAA,IAAoB,CAAC,OAAA,CAAQ,IAAA,CAAK,QAAQ,CAAA,EAAG;AAC3D,MAAA,MAAA,CAAO,KAAK,qDAAqD,CAAA;AAAA,IACnE;AAEA,IAAA,IAAI,KAAK,MAAA,CAAO,gBAAA,IAAoB,CAAC,OAAA,CAAQ,IAAA,CAAK,QAAQ,CAAA,EAAG;AAC3D,MAAA,MAAA,CAAO,KAAK,qDAAqD,CAAA;AAAA,IACnE;AAEA,IAAA,IAAI,KAAK,MAAA,CAAO,cAAA,IAAkB,CAAC,OAAA,CAAQ,IAAA,CAAK,QAAQ,CAAA,EAAG;AACzD,MAAA,MAAA,CAAO,KAAK,2CAA2C,CAAA;AAAA,IACzD;AAEA,IAAA,IACE,KAAK,MAAA,CAAO,mBAAA,IACZ,CAAC,uCAAA,CAAwC,IAAA,CAAK,QAAQ,CAAA,EACtD;AACA,MAAA,MAAA,CAAO,KAAK,sDAAsD,CAAA;AAAA,IACpE;AAEA,IAAA,MAAM,eAAA,GAAkB;AAAA,MACtB,UAAA;AAAA,MACA,QAAA;AAAA,MACA,UAAA;AAAA,MACA,QAAA;AAAA,MACA,QAAA;AAAA,MACA,QAAA;AAAA,MACA,SAAA;AAAA,MACA,SAAA;AAAA,MACA,UAAA;AAAA,MACA,QAAA;AAAA,MACA,UAAA;AAAA,MACA,UAAA;AAAA,MACA,QAAA;AAAA,MACA,UAAA;AAAA,MACA,QAAA;AAAA,MACA,UAAA;AAAA,MACA,WAAA;AAAA,MACA,QAAA;AAAA,MACA,QAAA;AAAA,MACA;AAAA,KACF;AAEA,IAAA,IAAI,eAAA,CAAgB,QAAA,CAAS,QAAA,CAAS,WAAA,EAAa,CAAA,EAAG;AACpD,MAAA,MAAA,CAAO,IAAA;AAAA,QACL;AAAA,OACF;AAAA,IACF;AAEA,IAAA,IAAI,cAAc,IAAA,CAAK,QAAQ,KAAK,UAAA,CAAW,IAAA,CAAK,QAAQ,CAAA,EAAG;AAC7D,MAAA,MAAA,CAAO,IAAA;AAAA,QACL;AAAA,OACF;AAAA,IACF;AAEA,IAAA,IAAI,WAAA,CAAY,IAAA,CAAK,QAAQ,CAAA,EAAG;AAC9B,MAAA,MAAA,CAAO,IAAA;AAAA,QACL;AAAA,OACF;AAAA,IACF;AAEA,IAAA,IACE,+EAAA,CAAgF,IAAA;AAAA,MAC9E;AAAA,KACF,EACA;AACA,MAAA,MAAA,CAAO,KAAK,yDAAyD,CAAA;AAAA,IACvE;AAEA,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,OAAO,MAAA,KAAW,CAAA;AAAA,MACzB;AAAA,KACF;AAAA,EACF;AAAA,EAEA,MAAM,UAAA,CACJ,YAAA,EACA,OAAA,EACA,QAAA,EAC2B;AAC3B,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,IAAA;AAAA,MACP,QAAQ;AAAC,KACX;AAAA,EACF;AAAA,EAEA,MAAM,WAAA,CACJ,QAAA,EACA,OAAA,EACA,QAAA,EACkB;AAClB,IAAA,KAAA,MAAW,QAAQ,OAAA,EAAS;AAC1B,MAAA,IAAI,MAAM,QAAA,CAAS,QAAA,EAAU,IAAI,CAAA,EAAG;AAClC,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF;AACA,IAAA,OAAO,KAAA;AAAA,EACT;AAAA,EAEA,gBAAA,CAAiB,SAAiB,EAAA,EAAY;AAC5C,IAAA,MAAM,SAAA,GAAY,4BAAA;AAClB,IAAA,MAAM,SAAA,GAAY,4BAAA;AAClB,IAAA,MAAM,OAAA,GAAU,YAAA;AAChB,IAAA,MAAM,OAAA,GAAU,4BAAA;AAEhB,IAAA,IAAI,QAAA,GAAW,EAAA;AAEf,IAAA,QAAA,IAAY,SAAA,CAAU,KAAK,KAAA,CAAM,IAAA,CAAK,QAAO,GAAI,SAAA,CAAU,MAAM,CAAC,CAAA;AAClE,IAAA,QAAA,IAAY,SAAA,CAAU,KAAK,KAAA,CAAM,IAAA,CAAK,QAAO,GAAI,SAAA,CAAU,MAAM,CAAC,CAAA;AAClE,IAAA,QAAA,IAAY,OAAA,CAAQ,KAAK,KAAA,CAAM,IAAA,CAAK,QAAO,GAAI,OAAA,CAAQ,MAAM,CAAC,CAAA;AAC9D,IAAA,QAAA,IAAY,OAAA,CAAQ,KAAK,KAAA,CAAM,IAAA,CAAK,QAAO,GAAI,OAAA,CAAQ,MAAM,CAAC,CAAA;AAE9D,IAAA,MAAM,QAAA,GAAW,SAAA,GAAY,SAAA,GAAY,OAAA,GAAU,OAAA;AACnD,IAAA,KAAA,IAAS,CAAA,GAAI,QAAA,CAAS,MAAA,EAAQ,CAAA,GAAI,QAAQ,CAAA,EAAA,EAAK;AAC7C,MAAA,QAAA,IAAY,QAAA,CAAS,KAAK,KAAA,CAAM,IAAA,CAAK,QAAO,GAAI,QAAA,CAAS,MAAM,CAAC,CAAA;AAAA,IAClE;AAEA,IAAA,OAAO,QAAA,CACJ,KAAA,CAAM,EAAE,CAAA,CACR,IAAA,CAAK,MAAM,IAAA,CAAK,MAAA,EAAO,GAAI,GAAG,CAAA,CAC9B,IAAA,CAAK,EAAE,CAAA;AAAA,EACZ;AAAA,EAEA,YAAY,QAAA,EAIV;AACA,IAAA,IAAI,KAAA,GAAQ,CAAA;AACZ,IAAA,MAAM,WAAqB,EAAC;AAE5B,IAAA,IAAI,QAAA,CAAS,MAAA,IAAU,CAAA,EAAG,KAAA,IAAS,CAAA;AACnC,IAAA,IAAI,QAAA,CAAS,MAAA,IAAU,EAAA,EAAI,KAAA,IAAS,CAAA;AACpC,IAAA,IAAI,QAAA,CAAS,MAAA,IAAU,EAAA,EAAI,KAAA,IAAS,CAAA;AAEpC,IAAA,IAAI,OAAA,CAAQ,IAAA,CAAK,QAAQ,CAAA,EAAG,KAAA,IAAS,CAAA;AACrC,IAAA,IAAI,OAAA,CAAQ,IAAA,CAAK,QAAQ,CAAA,EAAG,KAAA,IAAS,CAAA;AACrC,IAAA,IAAI,OAAA,CAAQ,IAAA,CAAK,QAAQ,CAAA,EAAG,KAAA,IAAS,CAAA;AACrC,IAAA,IAAI,iCAAA,CAAkC,IAAA,CAAK,QAAQ,CAAA,EAAG,KAAA,IAAS,CAAA;AAE/D,IAAA,IAAI,QAAA,CAAS,MAAA,GAAS,CAAA,EAAG,KAAA,IAAS,CAAA;AAClC,IAAA,IAAI,QAAA,CAAS,MAAA,GAAS,EAAA,EAAI,KAAA,IAAS,CAAA;AAEnC,IAAA,MAAM,WAAA,GAAc,IAAI,GAAA,CAAI,QAAQ,CAAA,CAAE,IAAA;AACtC,IAAA,IAAI,WAAA,GAAc,GAAG,KAAA,IAAS,CAAA;AAC9B,IAAA,IAAI,WAAA,GAAc,IAAI,KAAA,IAAS,CAAA;AAE/B,IAAA,IAAI,KAAA;AACJ,IAAA,IAAI,SAAS,CAAA,EAAG;AACd,MAAA,KAAA,GAAQ,MAAA;AACR,MAAA,QAAA,CAAS,KAAK,qBAAqB,CAAA;AACnC,MAAA,QAAA,CAAS,KAAK,yCAAyC,CAAA;AAAA,IACzD,CAAA,MAAA,IAAW,SAAS,CAAA,EAAG;AACrB,MAAA,KAAA,GAAQ,MAAA;AACR,MAAA,QAAA,CAAS,KAAK,wBAAwB,CAAA;AACtC,MAAA,QAAA,CAAS,KAAK,2BAA2B,CAAA;AAAA,IAC3C,CAAA,MAAA,IAAW,SAAS,CAAA,EAAG;AACrB,MAAA,KAAA,GAAQ,MAAA;AACR,MAAA,QAAA,CAAS,KAAK,8CAA8C,CAAA;AAAA,IAC9D,CAAA,MAAO;AACL,MAAA,KAAA,GAAQ,QAAA;AAAA,IACV;AAEA,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,QAAA,EAAS;AAAA,EAClC;AAAA,EAEA,UAAU,MAAA,EAA6C;AACrD,IAAA,IAAA,CAAK,SAAS,EAAE,GAAG,IAAA,CAAK,MAAA,EAAQ,GAAG,MAAA,EAAO;AAAA,EAC5C;AAAA,EAEA,SAAA,GAAkC;AAChC,IAAA,OAAO,EAAE,GAAG,IAAA,CAAK,MAAA,EAAO;AAAA,EAC1B;AACF;;;ACvLA,eAAsB,eACpB,MAAA,EAC0B;AAC1B,EAAA,MAAM;AAAA,IACJ,QAAA;AAAA,IACA,SAAA;AAAA,IACA,SAAA;AAAA,IACA,aAAA;AAAA,IACA,UAAA;AAAA,IACA,aAAA;AAAA,IACA,SAAA,GAAY,aAAA;AAAA,IACZ,QAAA;AAAA,IACA,WAAA;AAAA,IACA,gBAAA,GAAmB;AAAA,GACrB,GAAI,MAAA;AAEJ,EAAA,IAAI,KAAA;AACJ,EAAA,IAAI,QAAA,EAAU;AACZ,IAAA,KAAA,GAAQ,IAAIH,wBAAM,QAAQ,CAAA;AAAA,EAC5B,CAAA,MAAO;AACL,IAAA,KAAA,GAAQ,IAAIA,uBAAAA,CAAM;AAAA,MAChB,MAAM,SAAA,IAAa,WAAA;AAAA,MACnB,MAAM,SAAA,IAAa,IAAA;AAAA,MACnB,QAAA,EAAU,aAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI;AACF,IAAA,MAAM,MAAM,OAAA,EAAQ;AAAA,EACtB,SAAS,KAAA,EAAO;AACd,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,KAAA;AAAA,MACT,KAAA,EAAO;AAAA,KACT;AAAA,EACF;AAEA,EAAA,MAAM,WAAA,GAAc,IAAI,gBAAA,CAAiB;AAAA,IACvC,GAAA,EAAK,QAAA;AAAA,IACL,IAAA,EAAM,SAAA;AAAA,IACN,IAAA,EAAM,SAAA;AAAA,IACN,QAAA,EAAU;AAAA,GACX,CAAA;AAED,EAAA,MAAM,cAAA,GAAiB,IAAI,cAAA,EAAe;AAC1C,EAAA,MAAM,kBAAA,GAAqB,cAAA,CAAe,QAAA,CAAS,aAAa,CAAA;AAChE,EAAA,IAAI,CAAC,mBAAmB,KAAA,EAAO;AAC7B,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,KAAA;AAAA,MACT,OAAO,CAAA,kBAAA,EAAqB,kBAAA,CAAmB,MAAA,CAAO,IAAA,CAAK,IAAI,CAAC,CAAA;AAAA,KAClE;AAAA,EACF;AAEA,EAAA,MAAM,YAAA,GAAe,MAAM,WAAA,CAAY,eAAA,CAAgB,UAAU,CAAA;AACjE,EAAA,IAAI,YAAA,EAAc;AAChB,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,KAAA;AAAA,MACT,KAAA,EAAO;AAAA,KACT;AAAA,EACF;AAEA,EAAA,IAAI;AACF,IAAA,MAAM,YAAA,GAAe,MAAM,WAAA,CAAY,YAAA,CAAa,aAAa,CAAA;AACjE,IAAA,MAAM,IAAA,GAAO,MAAM,WAAA,CAAY,UAAA,CAAW;AAAA,MACxC,KAAA,EAAO,UAAA;AAAA,MACP,YAAA;AAAA,MACA,MAAO,SAAA,IAA0B,OAAA;AAAA,MACjC;AAAA,KACD,CAAA;AAED,IAAA,IAAI,oBAAoB,WAAA,EAAa;AACnC,MAAA,MAAM,cAAA,GAAiB,IAAI,cAAA,CAAe,WAAW,CAAA;AACrD,MAAA,MAAM,SAAA,GAAY,eAAe,YAAA,EAAa;AAC9C,MAAA,MAAM,eAAA,GAAkB,UAAU,OAAA,CAAQ,UAAA,CAAW,MAAM,GAAG,CAAA,CAAE,CAAC,CAAC,CAAA;AAClE,MAAA,MAAM,eAAe,IAAA,CAAK;AAAA,QACxB,EAAA,EAAI,UAAA;AAAA,QACJ,GAAG;AAAA,OACJ,CAAA;AAAA,IACH;AAEA,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,IAAA;AAAA,MACT;AAAA,KACF;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,KAAA;AAAA,MACT,KAAA,EACE,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU;AAAA,KAC7C;AAAA,EACF,CAAA,SAAE;AACA,IAAA,MAAM,MAAM,IAAA,EAAK;AAAA,EACnB;AACF;AAEA,eAAsB,sBAAA,CACpB,OACA,UAAA,EACkB;AAClB,EAAA,MAAM,YAAA,GAAe,MAAM,KAAA,CAAM,GAAA;AAAA,IAC/B,CAAA,sBAAA,EAAyB,UAAA,CAAW,WAAA,EAAa,CAAA;AAAA,GACnD;AACA,EAAA,OAAO,CAAC,YAAA;AACV;AAEO,SAAS,mBAAA,GAA8C;AAC5D,EAAA,MAAM,KAAA,GAAQ,QAAQ,GAAA,CAAI,gBAAA;AAC1B,EAAA,MAAM,QAAA,GAAW,QAAQ,GAAA,CAAI,mBAAA;AAE7B,EAAA,IAAI,CAAC,KAAA,IAAS,CAAC,QAAA,EAAU;AACvB,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,OAAO;AAAA,IACL,QAAA,EAAU,QAAQ,GAAA,CAAI,SAAA;AAAA,IACtB,SAAA,EAAW,QAAQ,GAAA,CAAI,UAAA;AAAA,IACvB,SAAA,EAAW,QAAQ,GAAA,CAAI,UAAA,GACnB,SAAS,OAAA,CAAQ,GAAA,CAAI,UAAA,EAAY,EAAE,CAAA,GACnC,MAAA;AAAA,IACJ,aAAA,EAAe,QAAQ,GAAA,CAAI,cAAA;AAAA,IAC3B,UAAA,EAAY,KAAA;AAAA,IACZ,aAAA,EAAe,QAAA;AAAA,IACf,SAAA,EAAW,OAAA,CAAQ,GAAA,CAAI,eAAA,IAAmB,aAAA;AAAA,IAC1C,QAAA,EAAU,QAAQ,GAAA,CAAI,oBAAA;AAAA,IACtB,WAAA,EAAa,OAAA,CAAQ,GAAA,CAAI,SAAA,GACrB;AAAA,MACE,IAAA,EAAM,QAAQ,GAAA,CAAI,SAAA;AAAA,MAClB,MAAM,QAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,SAAA,IAAa,OAAO,EAAE,CAAA;AAAA,MACjD,MAAA,EAAQ,OAAA,CAAQ,GAAA,CAAI,WAAA,KAAgB,MAAA;AAAA,MACpC,IAAA,EAAM;AAAA,QACJ,IAAA,EAAM,OAAA,CAAQ,GAAA,CAAI,SAAA,IAAa,EAAA;AAAA,QAC/B,IAAA,EAAM,OAAA,CAAQ,GAAA,CAAI,SAAA,IAAa;AAAA,OACjC;AAAA,MACA,IAAA,EAAM,OAAA,CAAQ,GAAA,CAAI,SAAA,IAAa,qBAAA;AAAA,MAC/B,QAAA,EAAU,QAAQ,GAAA,CAAI;AAAA,KACxB,GACA,MAAA;AAAA,IACJ,gBAAA,EAAkB,OAAA,CAAQ,GAAA,CAAI,uBAAA,KAA4B;AAAA,GAC5D;AACF;AAEA,eAAsB,aAAA,GAAiD;AACrE,EAAA,MAAM,SAAS,mBAAA,EAAoB;AACnC,EAAA,IAAI,CAAC,MAAA,EAAQ;AACX,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,OAAA,CAAQ,IAAI,kCAAkC,CAAA;AAC9C,EAAA,MAAM,MAAA,GAAS,MAAM,cAAA,CAAe,MAAM,CAAA;AAE1C,EAAA,IAAI,OAAO,OAAA,EAAS;AAClB,IAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,oBAAA,EAAuB,MAAA,CAAO,UAAU,CAAA,CAAE,CAAA;AAAA,EACxD,CAAA,MAAO;AACL,IAAA,OAAA,CAAQ,KAAA,CAAM,CAAA,kBAAA,EAAqB,MAAA,CAAO,KAAK,CAAA,CAAE,CAAA;AAAA,EACnD;AAEA,EAAA,OAAO,MAAA;AACT;AAEA,eAAsB,kBAAA,CACpB,MAAA,EACA,UAAA,GAAqB,CAAA,EACrB,eAAuB,GAAA,EACG;AAC1B,EAAA,IAAI,SAAA,GAAoB,EAAA;AAExB,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,UAAA,EAAY,CAAA,EAAA,EAAK;AACnC,IAAA,MAAM,MAAA,GAAS,MAAM,cAAA,CAAe,MAAM,CAAA;AAE1C,IAAA,IAAI,OAAO,OAAA,EAAS;AAClB,MAAA,OAAO,MAAA;AAAA,IACT;AAEA,IAAA,SAAA,GAAY,OAAO,KAAA,IAAS,eAAA;AAE5B,IAAA,IAAI,SAAA,CAAU,QAAA,CAAS,gBAAgB,CAAA,EAAG;AACxC,MAAA,OAAO,MAAA;AAAA,IACT;AAEA,IAAA,IAAI,CAAA,GAAI,aAAa,CAAA,EAAG;AACtB,MAAA,MAAM,IAAI,OAAA,CAAQ,CAAC,YAAY,UAAA,CAAW,OAAA,EAAS,YAAY,CAAC,CAAA;AAAA,IAClE;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,OAAA,EAAS,KAAA;AAAA,IACT,KAAA,EAAO,CAAA,aAAA,EAAgB,UAAU,CAAA,UAAA,EAAa,SAAS,CAAA;AAAA,GACzD;AACF","file":"chunk-I4BORBXT.cjs","sourcesContent":["import Redis from \"ioredis\";\nimport type { AuthAdapter, AuthUser, Session, UserRole } from \"./types.js\";\nimport bcrypt from \"bcryptjs\";\nimport { randomBytes } from \"crypto\";\n\nexport interface RedisAuthAdapterOptions {\n url?: string;\n host?: string;\n port?: number;\n password?: string;\n db?: number;\n keyPrefix?: string;\n tokenExpiration?: number;\n refreshTokenExpiration?: number;\n tls?: boolean;\n}\n\nconst DEFAULT_PREFIX = \"kyro:auth:\";\nconst DEFAULT_TOKEN_EXPIRATION = 86400;\nconst DEFAULT_REFRESH_EXPIRATION = 604800;\n\nexport class RedisAuthAdapter implements AuthAdapter {\n private redis: Redis;\n private prefix: string;\n private tokenExpiration: number;\n private refreshExpiration: number;\n\n constructor(options: RedisAuthAdapterOptions = {}) {\n const url =\n options.url ||\n `redis://${options.host || \"localhost\"}:${options.port || 6379}`;\n\n this.redis = new Redis(url, {\n password: options.password,\n db: options.db,\n lazyConnect: true,\n tls: options.tls ? {} : undefined,\n });\n\n this.prefix = options.keyPrefix || DEFAULT_PREFIX;\n this.tokenExpiration = options.tokenExpiration || DEFAULT_TOKEN_EXPIRATION;\n this.refreshExpiration =\n options.refreshTokenExpiration || DEFAULT_REFRESH_EXPIRATION;\n }\n\n async connect(): Promise<void> {\n await this.redis.connect();\n }\n\n async disconnect(): Promise<void> {\n await this.redis.quit();\n }\n\n private userKey(userId: string): string {\n return `${this.prefix}users:${userId}`;\n }\n\n private sessionKey(sessionId: string): string {\n return `${this.prefix}sessions:${sessionId}`;\n }\n\n private refreshKey(token: string): string {\n return `${this.prefix}refresh:${token}`;\n }\n\n private userByEmailKey(email: string): string {\n return `${this.prefix}users:email:${email.toLowerCase()}`;\n }\n\n private passwordHistoryKey(userId: string): string {\n return `${this.prefix}users:${userId}:password_history`;\n }\n\n async createUser(data: {\n email: string;\n passwordHash: string;\n role?: UserRole;\n tenantId?: string;\n }): Promise<AuthUser> {\n const userId = randomBytes(16).toString(\"hex\");\n const now = new Date().toISOString();\n\n const user: AuthUser = {\n id: userId,\n email: data.email.toLowerCase(),\n passwordHash: data.passwordHash,\n role: (data.role || \"customer\") as UserRole,\n tenantId: data.tenantId,\n createdAt: now,\n updatedAt: now,\n };\n\n const pipeline = this.redis.pipeline();\n\n pipeline.hset(this.userKey(userId), this.userToHash(user));\n pipeline.set(this.userByEmailKey(data.email), userId);\n\n await pipeline.exec();\n\n return user;\n }\n\n async findUserByEmail(email: string): Promise<AuthUser | null> {\n const userId = await this.redis.get(\n this.userByEmailKey(email.toLowerCase()),\n );\n if (!userId) return null;\n return this.findUserById(userId);\n }\n\n async findUserById(userId: string): Promise<AuthUser | null> {\n const data = await this.redis.hgetall(this.userKey(userId));\n if (!data || Object.keys(data).length === 0) return null;\n return this.hashToUser(data);\n }\n\n async updateUser(\n userId: string,\n data: Partial<AuthUser>,\n ): Promise<AuthUser | null> {\n const existing = await this.findUserById(userId);\n if (!existing) return null;\n\n const updated: AuthUser = {\n ...existing,\n ...data,\n id: userId,\n updatedAt: new Date().toISOString(),\n };\n\n if (data.email && data.email !== existing.email) {\n const pipeline = this.redis.pipeline();\n pipeline.del(this.userByEmailKey(existing.email));\n pipeline.set(this.userByEmailKey(data.email), userId);\n await pipeline.exec();\n }\n\n await this.redis.hset(this.userKey(userId), this.userToHash(updated));\n return updated;\n }\n\n async deleteUser(userId: string): Promise<boolean> {\n const user = await this.findUserById(userId);\n if (!user) return false;\n\n const pipeline = this.redis.pipeline();\n pipeline.del(this.userKey(userId));\n pipeline.del(this.userByEmailKey(user.email));\n pipeline.del(this.passwordHistoryKey(userId));\n await pipeline.exec();\n\n return true;\n }\n\n async hashPassword(password: string): Promise<string> {\n return bcrypt.hash(password, 12);\n }\n\n async verifyPassword(password: string, hash: string): Promise<boolean> {\n return bcrypt.compare(password, hash);\n }\n\n async createSession(\n userId: string,\n data: {\n ipAddress?: string;\n userAgent?: string;\n } = {},\n ): Promise<Session> {\n const sessionId = randomBytes(32).toString(\"hex\");\n const token = randomBytes(32).toString(\"base64url\");\n const refreshToken = randomBytes(32).toString(\"base64url\");\n const now = new Date();\n\n const session: Session = {\n id: sessionId,\n userId,\n token,\n refreshToken,\n expiresAt: new Date(\n now.getTime() + this.tokenExpiration * 1000,\n ).toISOString(),\n createdAt: now.toISOString(),\n ipAddress: data.ipAddress,\n userAgent: data.userAgent,\n };\n\n const pipeline = this.redis.pipeline();\n\n pipeline.hset(this.sessionKey(sessionId), this.sessionToHash(session));\n pipeline.setex(\n this.refreshKey(refreshToken),\n this.refreshExpiration,\n sessionId,\n );\n\n await pipeline.exec();\n\n return session;\n }\n\n async findSessionByToken(token: string): Promise<Session | null> {\n const data = await this.redis.hgetall(this.sessionKey(token));\n if (!data || Object.keys(data).length === 0) return null;\n return this.hashToSession(data);\n }\n\n async deleteSession(sessionId: string): Promise<boolean> {\n const session = await this.redis.hgetall(this.sessionKey(sessionId));\n if (!session || Object.keys(session).length === 0) return false;\n\n const pipeline = this.redis.pipeline();\n pipeline.del(this.sessionKey(sessionId));\n if (session.refreshToken) {\n pipeline.del(this.refreshKey(session.refreshToken));\n }\n await pipeline.exec();\n\n return true;\n }\n\n async deleteUserSessions(userId: string): Promise<number> {\n const pattern = `${this.prefix}sessions:*`;\n let cursor = \"0\";\n let deleted = 0;\n\n do {\n const [nextCursor, keys] = await this.redis.scan(\n cursor,\n \"MATCH\",\n pattern,\n \"COUNT\",\n 100,\n );\n cursor = nextCursor;\n\n for (const key of keys) {\n const sessionData = await this.redis.hgetall(key);\n if (sessionData.userId === userId) {\n const sessionId = key.replace(`${this.prefix}sessions:`, \"\");\n await this.deleteSession(sessionId);\n deleted++;\n }\n }\n } while (cursor !== \"0\");\n\n return deleted;\n }\n\n async addPasswordToHistory(\n userId: string,\n passwordHash: string,\n ): Promise<void> {\n await this.redis.lpush(this.passwordHistoryKey(userId), passwordHash);\n await this.redis.ltrim(this.passwordHistoryKey(userId), 0, 4);\n }\n\n async getPasswordHistory(\n userId: string,\n count: number = 5,\n ): Promise<string[]> {\n return this.redis.lrange(this.passwordHistoryKey(userId), 0, count - 1);\n }\n\n async isPasswordInHistory(\n password: string,\n userId: string,\n historyCount: number = 5,\n ): Promise<boolean> {\n const history = await this.getPasswordHistory(userId, historyCount);\n\n for (const hash of history) {\n if (await this.verifyPassword(password, hash)) {\n return true;\n }\n }\n\n return false;\n }\n\n private userToHash(user: AuthUser): Record<string, string> {\n const hash: Record<string, string> = {\n id: user.id,\n email: user.email,\n passwordHash: user.passwordHash || \"\",\n role: user.role,\n createdAt: user.createdAt,\n updatedAt: user.updatedAt,\n };\n\n if (user.tenantId) hash.tenantId = user.tenantId;\n if (user.emailVerified !== undefined)\n hash.emailVerified = String(user.emailVerified);\n if (user.locked !== undefined) hash.locked = String(user.locked);\n if (user.lastLogin) hash.lastLogin = user.lastLogin;\n if (user.failedLoginAttempts !== undefined)\n hash.failedLoginAttempts = String(user.failedLoginAttempts);\n\n return hash;\n }\n\n private hashToUser(hash: Record<string, string>): AuthUser {\n return {\n id: hash.id,\n email: hash.email,\n passwordHash: hash.passwordHash,\n role: hash.role as UserRole,\n tenantId: hash.tenantId,\n createdAt: hash.createdAt,\n updatedAt: hash.updatedAt,\n emailVerified: hash.emailVerified === \"true\",\n locked: hash.locked === \"true\",\n lastLogin: hash.lastLogin,\n failedLoginAttempts: hash.failedLoginAttempts\n ? parseInt(hash.failedLoginAttempts, 10)\n : 0,\n };\n }\n\n private sessionToHash(session: Session): Record<string, string> {\n const hash: Record<string, string> = {\n id: session.id,\n userId: session.userId,\n token: session.token,\n expiresAt: session.expiresAt,\n createdAt: session.createdAt,\n };\n\n if (session.refreshToken) hash.refreshToken = session.refreshToken;\n if (session.ipAddress) hash.ipAddress = session.ipAddress;\n if (session.userAgent) hash.userAgent = session.userAgent;\n\n return hash;\n }\n\n private hashToSession(hash: Record<string, string>): Session {\n return {\n id: hash.id,\n userId: hash.userId,\n token: hash.token,\n refreshToken: hash.refreshToken,\n expiresAt: hash.expiresAt,\n createdAt: hash.createdAt,\n ipAddress: hash.ipAddress,\n userAgent: hash.userAgent,\n };\n }\n}\n","import nodemailer, { Transporter } from \"nodemailer\";\nimport type { SentMessageInfo } from \"nodemailer\";\n\nexport interface EmailConfig {\n host: string;\n port: number;\n secure: boolean;\n auth: {\n user: string;\n pass: string;\n };\n from: string;\n fromName?: string;\n}\n\nexport interface EmailOptions {\n to: string | string[];\n subject: string;\n html: string;\n text?: string;\n}\n\nexport interface EmailTemplates {\n verifyEmail: (\n link: string,\n userName?: string,\n ) => { subject: string; html: string; text: string };\n resetPassword: (\n link: string,\n userName?: string,\n ) => { subject: string; html: string; text: string };\n welcome: (userName?: string) => {\n subject: string;\n html: string;\n text: string;\n };\n accountLocked: (\n attempts: number,\n duration: number,\n userName?: string,\n ) => { subject: string; html: string; text: string };\n passwordChanged: (userName?: string) => {\n subject: string;\n html: string;\n text: string;\n };\n newLogin: (\n location: string,\n time: string,\n userName?: string,\n ) => { subject: string; html: string; text: string };\n}\n\nconst defaultTemplates: EmailTemplates = {\n verifyEmail: (link, userName = \"User\") => ({\n subject: \"Verify your email address\",\n html: `\n <!DOCTYPE html>\n <html>\n <head>\n <meta charset=\"utf-8\">\n <meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n <title>Verify Email</title>\n <style>\n body { font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif; line-height: 1.6; color: #333; }\n .container { max-width: 600px; margin: 0 auto; padding: 20px; }\n .button { display: inline-block; padding: 12px 24px; background: #0b1222; color: white; text-decoration: none; border-radius: 6px; font-weight: 600; }\n .footer { margin-top: 30px; font-size: 12px; color: #666; }\n </style>\n </head>\n <body>\n <div class=\"container\">\n <h1>Welcome, ${userName}!</h1>\n <p>Please verify your email address by clicking the button below:</p>\n <p style=\"text-align: center; margin: 30px 0;\">\n <a href=\"${link}\" class=\"button\">Verify Email</a>\n </p>\n <p>Or copy and paste this link into your browser:</p>\n <p style=\"word-break: break-all; color: #666;\">${link}</p>\n <p>This link will expire in 24 hours.</p>\n <div class=\"footer\">\n <p>If you didn't create an account, you can safely ignore this email.</p>\n </div>\n </div>\n </body>\n </html>\n `,\n text: `Welcome ${userName}!\\n\\nPlease verify your email by clicking this link: ${link}\\n\\nThis link will expire in 24 hours.\\n\\nIf you didn't create an account, you can safely ignore this email.`,\n }),\n\n resetPassword: (link, userName = \"User\") => ({\n subject: \"Reset your password\",\n html: `\n <!DOCTYPE html>\n <html>\n <head>\n <meta charset=\"utf-8\">\n <meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n <title>Reset Password</title>\n <style>\n body { font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif; line-height: 1.6; color: #333; }\n .container { max-width: 600px; margin: 0 auto; padding: 20px; }\n .button { display: inline-block; padding: 12px 24px; background: #dc2626; color: white; text-decoration: none; border-radius: 6px; font-weight: 600; }\n .warning { background: #fef3c7; border: 1px solid #f59e0b; padding: 12px; border-radius: 6px; margin: 20px 0; }\n .footer { margin-top: 30px; font-size: 12px; color: #666; }\n </style>\n </head>\n <body>\n <div class=\"container\">\n <h1>Password Reset Request</h1>\n <p>Hello ${userName},</p>\n <p>We received a request to reset your password. Click the button below to create a new password:</p>\n <p style=\"text-align: center; margin: 30px 0;\">\n <a href=\"${link}\" class=\"button\">Reset Password</a>\n </p>\n <p>Or copy and paste this link into your browser:</p>\n <p style=\"word-break: break-all; color: #666;\">${link}</p>\n <div class=\"warning\">\n <strong>⚠️ Important:</strong> This link will expire in 1 hour. If you didn't request a password reset, please ignore this email or contact support if you have concerns.\n </div>\n <div class=\"footer\">\n <p>For security reasons, please don't share this email with anyone.</p>\n </div>\n </div>\n </body>\n </html>\n `,\n text: `Password Reset Request\\n\\nHello ${userName},\\n\\nWe received a request to reset your password. Click this link to create a new password: ${link}\\n\\nThis link will expire in 1 hour.\\n\\nIf you didn't request a password reset, please ignore this email.`,\n }),\n\n welcome: (userName = \"User\") => ({\n subject: \"Welcome to Kyro CMS\",\n html: `\n <!DOCTYPE html>\n <html>\n <head>\n <meta charset=\"utf-8\">\n <meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n <title>Welcome</title>\n <style>\n body { font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif; line-height: 1.6; color: #333; }\n .container { max-width: 600px; margin: 0 auto; padding: 20px; }\n .button { display: inline-block; padding: 12px 24px; background: #0b1222; color: white; text-decoration: none; border-radius: 6px; font-weight: 600; }\n </style>\n </head>\n <body>\n <div class=\"container\">\n <h1>Welcome to Kyro CMS, ${userName}!</h1>\n <p>Your account has been created successfully.</p>\n <p>You can now:</p>\n <ul>\n <li>Manage your content collections</li>\n <li>Upload and organize media</li>\n <li>Configure settings</li>\n <li>And much more...</li>\n </ul>\n <p style=\"text-align: center; margin: 30px 0;\">\n <a href=\"#\" class=\"button\">Get Started</a>\n </p>\n <p>If you have any questions, feel free to reach out to our support team.</p>\n </div>\n </body>\n </html>\n `,\n text: `Welcome to Kyro CMS, ${userName}!\\n\\nYour account has been created successfully.\\n\\nYou can now:\\n- Manage your content collections\\n- Upload and organize media\\n- Configure settings\\n- And much more...\\n\\nGet started by logging into your dashboard.`,\n }),\n\n accountLocked: (attempts, duration, userName = \"User\") => ({\n subject: \"Account Security Alert - Account Locked\",\n html: `\n <!DOCTYPE html>\n <html>\n <head>\n <meta charset=\"utf-8\">\n <meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n <title>Account Locked</title>\n <style>\n body { font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif; line-height: 1.6; color: #333; }\n .container { max-width: 600px; margin: 0 auto; padding: 20px; }\n .alert { background: #fef2f2; border: 1px solid #ef4444; padding: 16px; border-radius: 8px; margin: 20px 0; }\n .footer { margin-top: 30px; font-size: 12px; color: #666; }\n </style>\n </head>\n <body>\n <div class=\"container\">\n <h1>Account Security Alert</h1>\n <p>Hello ${userName},</p>\n <div class=\"alert\">\n <p><strong>⚠️ Your account has been temporarily locked due to multiple failed login attempts.</strong></p>\n <p>Failed attempts: ${attempts}</p>\n <p>Lockout duration: ${Math.round(duration / 60000)} minutes</p>\n </div>\n <p>Your account will automatically unlock after the lockout period expires.</p>\n <p>If this wasn't you, we recommend:</p>\n <ul>\n <li>Using a strong, unique password</li>\n <li>Enabling two-factor authentication (coming soon)</li>\n <li>Reviewing your recent account activity</li>\n </ul>\n <div class=\"footer\">\n <p>If you need immediate assistance, please contact support.</p>\n </div>\n </div>\n </body>\n </html>\n `,\n text: `Account Security Alert\\n\\nHello ${userName},\\n\\nYour account has been temporarily locked due to multiple failed login attempts (${attempts}).\\n\\nLockout duration: ${Math.round(duration / 60000)} minutes\\n\\nYour account will automatically unlock after this period.\\n\\nIf this wasn't you, we recommend using a strong, unique password.`,\n }),\n\n passwordChanged: (userName = \"User\") => ({\n subject: \"Your password has been changed\",\n html: `\n <!DOCTYPE html>\n <html>\n <head>\n <meta charset=\"utf-8\">\n <meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n <title>Password Changed</title>\n <style>\n body { font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif; line-height: 1.6; color: #333; }\n .container { max-width: 600px; margin: 0 auto; padding: 20px; }\n .info { background: #f0fdf4; border: 1px solid #22c55e; padding: 12px; border-radius: 6px; margin: 20px 0; }\n </style>\n </head>\n <body>\n <div class=\"container\">\n <h1>Password Changed</h1>\n <p>Hello ${userName},</p>\n <div class=\"info\">\n <p>Your password was recently changed.</p>\n </div>\n <p>If you did this, you can safely ignore this email.</p>\n <p><strong>If you didn't change your password</strong>, please contact our support team immediately as your account may have been compromised.</p>\n </div>\n </body>\n </html>\n `,\n text: `Password Changed\\n\\nHello ${userName},\\n\\nYour password was recently changed.\\n\\nIf you did this, you can safely ignore this email.\\n\\nIf you didn't change your password, please contact support immediately.`,\n }),\n\n newLogin: (location, time, userName = \"User\") => ({\n subject: \"New login to your account\",\n html: `\n <!DOCTYPE html>\n <html>\n <head>\n <meta charset=\"utf-8\">\n <meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n <title>New Login</title>\n <style>\n body { font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif; line-height: 1.6; color: #333; }\n .container { max-width: 600px; margin: 0 auto; padding: 20px; }\n .info-box { background: #f8fafc; border: 1px solid #e2e8f0; padding: 16px; border-radius: 8px; margin: 20px 0; }\n .footer { margin-top: 30px; font-size: 12px; color: #666; }\n </style>\n </head>\n <body>\n <div class=\"container\">\n <h1>New Login Detected</h1>\n <p>Hello ${userName},</p>\n <p>We detected a new login to your account:</p>\n <div class=\"info-box\">\n <p><strong>Location:</strong> ${location}</p>\n <p><strong>Time:</strong> ${time}</p>\n </div>\n <p><strong>If this was you</strong>, no action is needed.</p>\n <p><strong>If this wasn't you</strong>, your account may be compromised. Please:</p>\n <ol>\n <li>Change your password immediately</li>\n <li>Review your recent account activity</li>\n <li>Contact support if needed</li>\n </ol>\n <div class=\"footer\">\n <p>This is an automated security notification.</p>\n </div>\n </div>\n </body>\n </html>\n `,\n text: `New Login Detected\\n\\nHello ${userName},\\n\\nWe detected a new login to your account:\\n\\nLocation: ${location}\\nTime: ${time}\\n\\nIf this wasn't you, please change your password immediately and contact support.`,\n }),\n};\n\nexport class EmailTransport {\n private transporter: Transporter<SentMessageInfo>;\n private from: string;\n private fromName: string;\n private templates: EmailTemplates;\n\n constructor(config: EmailConfig, templates?: Partial<EmailTemplates>) {\n this.transporter = nodemailer.createTransport({\n host: config.host,\n port: config.port,\n secure: config.secure,\n auth: config.auth,\n });\n\n this.from = config.from;\n this.fromName = config.fromName || \"Kyro CMS\";\n this.templates = { ...defaultTemplates, ...templates };\n }\n\n async send(options: EmailOptions): Promise<SentMessageInfo> {\n return this.transporter.sendMail({\n from: `\"${this.fromName}\" <${this.from}>`,\n to: Array.isArray(options.to) ? options.to.join(\", \") : options.to,\n subject: options.subject,\n html: options.html,\n text: options.text,\n });\n }\n\n getTemplates(): EmailTemplates {\n return this.templates;\n }\n\n async verifyConnection(): Promise<boolean> {\n try {\n await this.transporter.verify();\n return true;\n } catch {\n return false;\n }\n }\n\n static fromEnv(): EmailTransport | null {\n const host = process.env.SMTP_HOST;\n const port = parseInt(process.env.SMTP_PORT || \"587\", 10);\n const secure = process.env.SMTP_SECURE === \"true\";\n const user = process.env.SMTP_USER;\n const pass = process.env.SMTP_PASS;\n const from =\n process.env.SMTP_FROM ||\n process.env.DEFAULT_FROM ||\n \"noreply@example.com\";\n const fromName = process.env.SMTP_FROM_NAME || \"Kyro CMS\";\n\n if (!host || !user || !pass) {\n return null;\n }\n\n return new EmailTransport({\n host,\n port,\n secure,\n auth: { user, pass },\n from,\n fromName,\n });\n }\n}\n","export interface PasswordPolicyConfig {\n minLength: number;\n requireUppercase: boolean;\n requireLowercase: boolean;\n requireNumbers: boolean;\n requireSpecialChars: boolean;\n preventReuse: number;\n maxLength?: number;\n}\n\nexport interface ValidationResult {\n valid: boolean;\n errors: string[];\n}\n\nexport const DEFAULT_PASSWORD_POLICY: PasswordPolicyConfig = {\n minLength: 12,\n requireUppercase: true,\n requireLowercase: true,\n requireNumbers: true,\n requireSpecialChars: true,\n preventReuse: 5,\n maxLength: 128,\n};\n\nexport class PasswordPolicy {\n private config: PasswordPolicyConfig;\n\n constructor(config: Partial<PasswordPolicyConfig> = {}) {\n this.config = { ...DEFAULT_PASSWORD_POLICY, ...config };\n }\n\n validate(password: string): ValidationResult {\n const errors: string[] = [];\n\n if (this.config.maxLength && password.length > this.config.maxLength) {\n errors.push(\n `Password must not exceed ${this.config.maxLength} characters`,\n );\n }\n\n if (password.length < this.config.minLength) {\n errors.push(\n `Password must be at least ${this.config.minLength} characters`,\n );\n }\n\n if (this.config.requireUppercase && !/[A-Z]/.test(password)) {\n errors.push(\"Password must contain at least one uppercase letter\");\n }\n\n if (this.config.requireLowercase && !/[a-z]/.test(password)) {\n errors.push(\"Password must contain at least one lowercase letter\");\n }\n\n if (this.config.requireNumbers && !/[0-9]/.test(password)) {\n errors.push(\"Password must contain at least one number\");\n }\n\n if (\n this.config.requireSpecialChars &&\n !/[!@#$%^&*()_+\\-=\\[\\]{};':\"\\\\|,.<>\\/?]/.test(password)\n ) {\n errors.push(\"Password must contain at least one special character\");\n }\n\n const commonPasswords = [\n \"password\",\n \"123456\",\n \"12345678\",\n \"qwerty\",\n \"abc123\",\n \"monkey\",\n \"1234567\",\n \"letmein\",\n \"trustno1\",\n \"dragon\",\n \"baseball\",\n \"iloveyou\",\n \"master\",\n \"sunshine\",\n \"ashley\",\n \"football\",\n \"password1\",\n \"shadow\",\n \"123123\",\n \"654321\",\n ];\n\n if (commonPasswords.includes(password.toLowerCase())) {\n errors.push(\n \"This password is too common. Please choose a more secure password\",\n );\n }\n\n if (/^[a-zA-Z]+$/.test(password) || /^[0-9]+$/.test(password)) {\n errors.push(\n \"Password must contain a mix of letters, numbers, and/or special characters\",\n );\n }\n\n if (/(.)\\1{2,}/.test(password)) {\n errors.push(\n \"Password must not contain more than 2 consecutive identical characters\",\n );\n }\n\n if (\n /^(012|123|234|345|456|567|678|789|890|098|987|876|765|654|543|432|321|210)+$/i.test(\n password,\n )\n ) {\n errors.push(\"Password must not contain sequential numbers or letters\");\n }\n\n return {\n valid: errors.length === 0,\n errors,\n };\n }\n\n async checkReuse(\n passwordHash: string,\n history: string[],\n verifyFn: (password: string, hash: string) => Promise<boolean>,\n ): Promise<ValidationResult> {\n return {\n valid: true,\n errors: [],\n };\n }\n\n async isInHistory(\n password: string,\n history: string[],\n verifyFn: (password: string, hash: string) => Promise<boolean>,\n ): Promise<boolean> {\n for (const hash of history) {\n if (await verifyFn(password, hash)) {\n return true;\n }\n }\n return false;\n }\n\n generatePassword(length: number = 16): string {\n const uppercase = \"ABCDEFGHIJKLMNOPQRSTUVWXYZ\";\n const lowercase = \"abcdefghijklmnopqrstuvwxyz\";\n const numbers = \"0123456789\";\n const special = \"!@#$%^&*()_+-=[]{}|;:,.<>?\";\n\n let password = \"\";\n\n password += uppercase[Math.floor(Math.random() * uppercase.length)];\n password += lowercase[Math.floor(Math.random() * lowercase.length)];\n password += numbers[Math.floor(Math.random() * numbers.length)];\n password += special[Math.floor(Math.random() * special.length)];\n\n const allChars = uppercase + lowercase + numbers + special;\n for (let i = password.length; i < length; i++) {\n password += allChars[Math.floor(Math.random() * allChars.length)];\n }\n\n return password\n .split(\"\")\n .sort(() => Math.random() - 0.5)\n .join(\"\");\n }\n\n getStrength(password: string): {\n score: number;\n label: string;\n feedback: string[];\n } {\n let score = 0;\n const feedback: string[] = [];\n\n if (password.length >= 8) score += 1;\n if (password.length >= 12) score += 1;\n if (password.length >= 16) score += 1;\n\n if (/[a-z]/.test(password)) score += 1;\n if (/[A-Z]/.test(password)) score += 1;\n if (/[0-9]/.test(password)) score += 1;\n if (/[!@#$%^&*()_+\\-=\\[\\]{}|;:,.<>?]/.test(password)) score += 1;\n\n if (password.length > 8) score += 1;\n if (password.length > 12) score += 1;\n\n const uniqueChars = new Set(password).size;\n if (uniqueChars > 6) score += 1;\n if (uniqueChars > 10) score += 1;\n\n let label: string;\n if (score <= 3) {\n label = \"Weak\";\n feedback.push(\"Add more characters\");\n feedback.push(\"Include uppercase and lowercase letters\");\n } else if (score <= 5) {\n label = \"Fair\";\n feedback.push(\"Add special characters\");\n feedback.push(\"Consider making it longer\");\n } else if (score <= 7) {\n label = \"Good\";\n feedback.push(\"Consider making it longer for extra security\");\n } else {\n label = \"Strong\";\n }\n\n return { score, label, feedback };\n }\n\n setConfig(config: Partial<PasswordPolicyConfig>): void {\n this.config = { ...this.config, ...config };\n }\n\n getConfig(): PasswordPolicyConfig {\n return { ...this.config };\n }\n}\n","import Redis from \"ioredis\";\nimport { RedisAuthAdapter } from \"./redis-adapter.js\";\nimport { EmailTransport } from \"./nodemailer-transport.js\";\nimport { PasswordPolicy } from \"./security/password-policy.js\";\nimport { AuditLogger } from \"./security/audit-log.js\";\nimport { AccountLockout } from \"./security/lockout.js\";\nimport { RateLimiter } from \"./security/rate-limit.js\";\nimport type { AuthUser, UserRole, AuthAdapter } from \"./types.js\";\n\nexport interface BootstrapConfig {\n redisUrl?: string;\n redisHost?: string;\n redisPort?: number;\n redisPassword?: string;\n authAdapter?: AuthAdapter;\n adminEmail: string;\n adminPassword: string;\n adminRole?: string;\n tenantId?: string;\n emailConfig?: {\n host: string;\n port: number;\n secure: boolean;\n auth: { user: string; pass: string };\n from: string;\n fromName?: string;\n };\n sendWelcomeEmail?: boolean;\n}\n\nexport interface BootstrapResult {\n success: boolean;\n user?: AuthUser;\n error?: string;\n}\n\nexport async function bootstrapAdmin(\n config: BootstrapConfig,\n): Promise<BootstrapResult> {\n const {\n redisUrl,\n redisHost,\n redisPort,\n redisPassword,\n adminEmail,\n adminPassword,\n adminRole = \"super_admin\",\n tenantId,\n emailConfig,\n sendWelcomeEmail = false,\n } = config;\n\n let redis: Redis;\n if (redisUrl) {\n redis = new Redis(redisUrl);\n } else {\n redis = new Redis({\n host: redisHost || \"localhost\",\n port: redisPort || 6379,\n password: redisPassword,\n lazyConnect: true,\n });\n }\n\n try {\n await redis.connect();\n } catch (error) {\n return {\n success: false,\n error: \"Failed to connect to Redis\",\n };\n }\n\n const authAdapter = new RedisAuthAdapter({\n url: redisUrl,\n host: redisHost,\n port: redisPort,\n password: redisPassword,\n });\n\n const passwordPolicy = new PasswordPolicy();\n const passwordValidation = passwordPolicy.validate(adminPassword);\n if (!passwordValidation.valid) {\n return {\n success: false,\n error: `Invalid password: ${passwordValidation.errors.join(\", \")}`,\n };\n }\n\n const existingUser = await authAdapter.findUserByEmail(adminEmail);\n if (existingUser) {\n return {\n success: false,\n error: \"Admin user already exists\",\n };\n }\n\n try {\n const passwordHash = await authAdapter.hashPassword(adminPassword);\n const user = await authAdapter.createUser({\n email: adminEmail,\n passwordHash,\n role: (adminRole as UserRole) || \"admin\",\n tenantId,\n });\n\n if (sendWelcomeEmail && emailConfig) {\n const emailTransport = new EmailTransport(emailConfig);\n const templates = emailTransport.getTemplates();\n const welcomeTemplate = templates.welcome(adminEmail.split(\"@\")[0]);\n await emailTransport.send({\n to: adminEmail,\n ...welcomeTemplate,\n });\n }\n\n return {\n success: true,\n user,\n };\n } catch (error) {\n return {\n success: false,\n error:\n error instanceof Error ? error.message : \"Failed to create admin user\",\n };\n } finally {\n await redis.quit();\n }\n}\n\nexport async function checkBootstrapRequired(\n redis: Redis,\n adminEmail: string,\n): Promise<boolean> {\n const existingUser = await redis.get(\n `kyro:auth:users:email:${adminEmail.toLowerCase()}`,\n );\n return !existingUser;\n}\n\nexport function getBootstrapFromEnv(): BootstrapConfig | null {\n const email = process.env.KYRO_ADMIN_EMAIL;\n const password = process.env.KYRO_ADMIN_PASSWORD;\n\n if (!email || !password) {\n return null;\n }\n\n return {\n redisUrl: process.env.REDIS_URL,\n redisHost: process.env.REDIS_HOST,\n redisPort: process.env.REDIS_PORT\n ? parseInt(process.env.REDIS_PORT, 10)\n : undefined,\n redisPassword: process.env.REDIS_PASSWORD,\n adminEmail: email,\n adminPassword: password,\n adminRole: process.env.KYRO_ADMIN_ROLE || \"super_admin\",\n tenantId: process.env.KYRO_ADMIN_TENANT_ID,\n emailConfig: process.env.SMTP_HOST\n ? {\n host: process.env.SMTP_HOST,\n port: parseInt(process.env.SMTP_PORT || \"587\", 10),\n secure: process.env.SMTP_SECURE === \"true\",\n auth: {\n user: process.env.SMTP_USER || \"\",\n pass: process.env.SMTP_PASS || \"\",\n },\n from: process.env.SMTP_FROM || \"noreply@example.com\",\n fromName: process.env.SMTP_FROM_NAME,\n }\n : undefined,\n sendWelcomeEmail: process.env.KYRO_ADMIN_SEND_WELCOME === \"true\",\n };\n}\n\nexport async function autoBootstrap(): Promise<BootstrapResult | null> {\n const config = getBootstrapFromEnv();\n if (!config) {\n return null;\n }\n\n console.log(\"Auto-bootstrapping admin user...\");\n const result = await bootstrapAdmin(config);\n\n if (result.success) {\n console.log(`Admin user created: ${config.adminEmail}`);\n } else {\n console.error(`Bootstrap failed: ${result.error}`);\n }\n\n return result;\n}\n\nexport async function bootstrapWithRetry(\n config: BootstrapConfig,\n maxRetries: number = 3,\n retryDelayMs: number = 2000,\n): Promise<BootstrapResult> {\n let lastError: string = \"\";\n\n for (let i = 0; i < maxRetries; i++) {\n const result = await bootstrapAdmin(config);\n\n if (result.success) {\n return result;\n }\n\n lastError = result.error || \"Unknown error\";\n\n if (lastError.includes(\"already exists\")) {\n return result;\n }\n\n if (i < maxRetries - 1) {\n await new Promise((resolve) => setTimeout(resolve, retryDelayMs));\n }\n }\n\n return {\n success: false,\n error: `Failed after ${maxRetries} retries: ${lastError}`,\n };\n}\n"]}

package/dist/chunk-KA3UOIFC.js ADDED Viewed

@@ -0,0 +1,206 @@
+import { __export } from './chunk-PZ5AY32C.js';
+import { pgTable, timestamp, jsonb, integer, boolean, uuid, varchar, uniqueIndex, index, text } from 'drizzle-orm/pg-core';
+// src/database/drizzle/schema/auth.ts
+var auth_exports = {};
+__export(auth_exports, {
+  apiKeys: () => apiKeys,
+  auditLogs: () => auditLogs,
+  emailVerifications: () => emailVerifications,
+  lockouts: () => lockouts,
+  passwordHistory: () => passwordHistory,
+  passwordResets: () => passwordResets,
+  permissions: () => permissions,
+  roles: () => roles,
+  sessions: () => sessions,
+  tenants: () => tenants,
+  users: () => users
+});
+var users = pgTable(
+  "users",
+  {
+    id: uuid("id").primaryKey().defaultRandom(),
+    email: varchar("email", { length: 255 }).notNull(),
+    passwordHash: varchar("password_hash", { length: 255 }),
+    role: varchar("role", { length: 50 }).notNull().default("customer"),
+    tenantId: uuid("tenant_id"),
+    emailVerified: boolean("email_verified").default(false),
+    locked: boolean("locked").default(false),
+    lastLogin: timestamp("last_login"),
+    failedLoginAttempts: integer("failed_login_attempts").default(0),
+    metadata: jsonb("metadata").$type(),
+    createdAt: timestamp("created_at").defaultNow().notNull(),
+    updatedAt: timestamp("updated_at").defaultNow().notNull()
+  },
+  (table) => [
+    uniqueIndex("users_email_idx").on(table.email),
+    index("users_tenant_idx").on(table.tenantId),
+    index("users_role_idx").on(table.role)
+  ]
+);
+var roles = pgTable(
+  "roles",
+  {
+    id: uuid("id").primaryKey().defaultRandom(),
+    name: varchar("name", { length: 100 }).notNull().unique(),
+    level: integer("level").notNull().default(0),
+    inherits: text("inherits").array(),
+    description: text("description"),
+    permissions: jsonb("permissions").$type().default([]),
+    isSystem: boolean("is_system").default(false),
+    createdAt: timestamp("created_at").defaultNow().notNull(),
+    updatedAt: timestamp("updated_at").defaultNow().notNull()
+  },
+  (table) => [index("roles_level_idx").on(table.level)]
+);
+var permissions = pgTable(
+  "permissions",
+  {
+    id: uuid("id").primaryKey().defaultRandom(),
+    roleId: uuid("role_id").references(() => roles.id, { onDelete: "cascade" }),
+    resource: varchar("resource", { length: 100 }).notNull(),
+    action: varchar("action", { length: 50 }).notNull(),
+    conditions: jsonb("conditions").$type(),
+    createdAt: timestamp("created_at").defaultNow().notNull()
+  },
+  (table) => [
+    index("permissions_role_idx").on(table.roleId),
+    index("permissions_resource_idx").on(table.resource)
+  ]
+);
+var sessions = pgTable(
+  "sessions",
+  {
+    id: uuid("id").primaryKey().defaultRandom(),
+    userId: uuid("user_id").notNull().references(() => users.id, { onDelete: "cascade" }),
+    token: varchar("token", { length: 512 }).notNull().unique(),
+    refreshToken: varchar("refresh_token", { length: 512 }),
+    ipAddress: varchar("ip_address", { length: 45 }),
+    userAgent: text("user_agent"),
+    expiresAt: timestamp("expires_at").notNull(),
+    createdAt: timestamp("created_at").defaultNow().notNull()
+  },
+  (table) => [
+    index("sessions_user_idx").on(table.userId),
+    index("sessions_token_idx").on(table.token),
+    index("sessions_expires_idx").on(table.expiresAt)
+  ]
+);
+var auditLogs = pgTable(
+  "audit_logs",
+  {
+    id: uuid("id").primaryKey().defaultRandom(),
+    action: varchar("action", { length: 100 }).notNull(),
+    userId: uuid("user_id").references(() => users.id, {
+      onDelete: "set null"
+    }),
+    userEmail: varchar("user_email", { length: 255 }),
+    role: varchar("role", { length: 50 }),
+    resource: varchar("resource", { length: 100 }).notNull(),
+    resourceId: uuid("resource_id"),
+    changes: jsonb("changes").$type(),
+    ipAddress: varchar("ip_address", { length: 45 }),
+    userAgent: text("user_agent"),
+    success: boolean("success").notNull().default(true),
+    error: text("error"),
+    metadata: jsonb("metadata").$type(),
+    timestamp: timestamp("timestamp").defaultNow().notNull()
+  },
+  (table) => [
+    index("audit_logs_user_idx").on(table.userId),
+    index("audit_logs_action_idx").on(table.action),
+    index("audit_logs_resource_idx").on(table.resource),
+    index("audit_logs_timestamp_idx").on(table.timestamp)
+  ]
+);
+var tenants = pgTable(
+  "tenants",
+  {
+    id: uuid("id").primaryKey().defaultRandom(),
+    name: varchar("name", { length: 255 }).notNull(),
+    slug: varchar("slug", { length: 100 }).notNull().unique(),
+    settings: jsonb("settings").$type().default({}),
+    isActive: boolean("is_active").default(true),
+    createdAt: timestamp("created_at").defaultNow().notNull(),
+    updatedAt: timestamp("updated_at").defaultNow().notNull()
+  },
+  (table) => [uniqueIndex("tenants_slug_idx").on(table.slug)]
+);
+var apiKeys = pgTable(
+  "api_keys",
+  {
+    id: uuid("id").primaryKey().defaultRandom(),
+    userId: uuid("user_id").notNull().references(() => users.id, { onDelete: "cascade" }),
+    name: varchar("name", { length: 255 }).notNull(),
+    key: varchar("key", { length: 64 }).notNull().unique(),
+    keyPrefix: varchar("key_prefix", { length: 8 }).notNull(),
+    permissions: jsonb("permissions").$type().default([]),
+    lastUsedAt: timestamp("last_used_at"),
+    expiresAt: timestamp("expires_at"),
+    createdAt: timestamp("created_at").defaultNow().notNull()
+  },
+  (table) => [
+    index("api_keys_user_idx").on(table.userId),
+    index("api_keys_key_idx").on(table.key)
+  ]
+);
+var emailVerifications = pgTable(
+  "email_verifications",
+  {
+    id: uuid("id").primaryKey().defaultRandom(),
+    userId: uuid("user_id").notNull().references(() => users.id, { onDelete: "cascade" }),
+    token: varchar("token", { length: 64 }).notNull().unique(),
+    expiresAt: timestamp("expires_at").notNull(),
+    createdAt: timestamp("created_at").defaultNow().notNull()
+  },
+  (table) => [
+    index("email_verifications_token_idx").on(table.token),
+    index("email_verifications_user_idx").on(table.userId)
+  ]
+);
+var passwordResets = pgTable(
+  "password_resets",
+  {
+    id: uuid("id").primaryKey().defaultRandom(),
+    userId: uuid("user_id").notNull().references(() => users.id, { onDelete: "cascade" }),
+    token: varchar("token", { length: 64 }).notNull().unique(),
+    expiresAt: timestamp("expires_at").notNull(),
+    usedAt: timestamp("used_at"),
+    createdAt: timestamp("created_at").defaultNow().notNull()
+  },
+  (table) => [
+    index("password_resets_token_idx").on(table.token),
+    index("password_resets_user_idx").on(table.userId)
+  ]
+);
+var passwordHistory = pgTable(
+  "password_history",
+  {
+    id: uuid("id").primaryKey().defaultRandom(),
+    userId: uuid("user_id").notNull().references(() => users.id, { onDelete: "cascade" }),
+    passwordHash: varchar("password_hash", { length: 255 }).notNull(),
+    createdAt: timestamp("created_at").defaultNow().notNull()
+  },
+  (table) => [index("password_history_user_idx").on(table.userId)]
+);
+var lockouts = pgTable(
+  "lockouts",
+  {
+    id: uuid("id").primaryKey().defaultRandom(),
+    userId: uuid("user_id").notNull().references(() => users.id, { onDelete: "cascade" }),
+    ipAddress: varchar("ip_address", { length: 45 }),
+    reason: varchar("reason", { length: 255 }),
+    lockedUntil: timestamp("locked_until").notNull(),
+    releasedAt: timestamp("released_at"),
+    createdAt: timestamp("created_at").defaultNow().notNull()
+  },
+  (table) => [
+    index("lockouts_user_idx").on(table.userId),
+    index("lockouts_ip_idx").on(table.ipAddress),
+    index("lockouts_locked_until_idx").on(table.lockedUntil)
+  ]
+);
+export { auth_exports, lockouts, passwordHistory, sessions, users };
+//# sourceMappingURL=chunk-KA3UOIFC.js.map
+//# sourceMappingURL=chunk-KA3UOIFC.js.map

package/dist/chunk-KA3UOIFC.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/database/drizzle/schema/auth.ts"],"names":[],"mappings":";;;;AAAA,IAAA,YAAA,GAAA;AAAA,QAAA,CAAA,YAAA,EAAA;AAAA,EAAA,OAAA,EAAA,MAAA,OAAA;AAAA,EAAA,SAAA,EAAA,MAAA,SAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,QAAA,EAAA,MAAA,QAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,cAAA,EAAA,MAAA,cAAA;AAAA,EAAA,WAAA,EAAA,MAAA,WAAA;AAAA,EAAA,KAAA,EAAA,MAAA,KAAA;AAAA,EAAA,QAAA,EAAA,MAAA,QAAA;AAAA,EAAA,OAAA,EAAA,MAAA,OAAA;AAAA,EAAA,KAAA,EAAA,MAAA;AAAA,CAAA,CAAA;AAaO,IAAM,KAAA,GAAQ,OAAA;AAAA,EACnB,OAAA;AAAA,EACA;AAAA,IACE,IAAI,IAAA,CAAK,IAAI,CAAA,CAAE,UAAA,GAAa,aAAA,EAAc;AAAA,IAC1C,KAAA,EAAO,QAAQ,OAAA,EAAS,EAAE,QAAQ,GAAA,EAAK,EAAE,OAAA,EAAQ;AAAA,IACjD,cAAc,OAAA,CAAQ,eAAA,EAAiB,EAAE,MAAA,EAAQ,KAAK,CAAA;AAAA,IACtD,IAAA,EAAM,OAAA,CAAQ,MAAA,EAAQ,EAAE,MAAA,EAAQ,EAAA,EAAI,CAAA,CAAE,OAAA,EAAQ,CAAE,OAAA,CAAQ,UAAU,CAAA;AAAA,IAClE,QAAA,EAAU,KAAK,WAAW,CAAA;AAAA,IAC1B,aAAA,EAAe,OAAA,CAAQ,gBAAgB,CAAA,CAAE,QAAQ,KAAK,CAAA;AAAA,IACtD,MAAA,EAAQ,OAAA,CAAQ,QAAQ,CAAA,CAAE,QAAQ,KAAK,CAAA;AAAA,IACvC,SAAA,EAAW,UAAU,YAAY,CAAA;AAAA,IACjC,mBAAA,EAAqB,OAAA,CAAQ,uBAAuB,CAAA,CAAE,QAAQ,CAAC,CAAA;AAAA,IAC/D,QAAA,EAAU,KAAA,CAAM,UAAU,CAAA,CAAE,KAAA,EAA+B;AAAA,IAC3D,WAAW,SAAA,CAAU,YAAY,CAAA,CAAE,UAAA,GAAa,OAAA,EAAQ;AAAA,IACxD,WAAW,SAAA,CAAU,YAAY,CAAA,CAAE,UAAA,GAAa,OAAA;AAAQ,GAC1D;AAAA,EACA,CAAC,KAAA,KAAU;AAAA,IACT,WAAA,CAAY,iBAAiB,CAAA,CAAE,EAAA,CAAG,MAAM,KAAK,CAAA;AAAA,IAC7C,KAAA,CAAM,kBAAkB,CAAA,CAAE,EAAA,CAAG,MAAM,QAAQ,CAAA;AAAA,IAC3C,KAAA,CAAM,gBAAgB,CAAA,CAAE,EAAA,CAAG,MAAM,IAAI;AAAA;AAEzC;AAEO,IAAM,KAAA,GAAQ,OAAA;AAAA,EACnB,OAAA;AAAA,EACA;AAAA,IACE,IAAI,IAAA,CAAK,IAAI,CAAA,CAAE,UAAA,GAAa,aAAA,EAAc;AAAA,IAC1C,IAAA,EAAM,OAAA,CAAQ,MAAA,EAAQ,EAAE,MAAA,EAAQ,KAAK,CAAA,CAAE,OAAA,EAAQ,CAAE,MAAA,EAAO;AAAA,IACxD,OAAO,OAAA,CAAQ,OAAO,EAAE,OAAA,EAAQ,CAAE,QAAQ,CAAC,CAAA;AAAA,IAC3C,QAAA,EAAU,IAAA,CAAK,UAAU,CAAA,CAAE,KAAA,EAAM;AAAA,IACjC,WAAA,EAAa,KAAK,aAAa,CAAA;AAAA,IAC/B,WAAA,EAAa,MAAM,aAAa,CAAA,CAAE,OAAgB,CAAE,OAAA,CAAQ,EAAE,CAAA;AAAA,IAC9D,QAAA,EAAU,OAAA,CAAQ,WAAW,CAAA,CAAE,QAAQ,KAAK,CAAA;AAAA,IAC5C,WAAW,SAAA,CAAU,YAAY,CAAA,CAAE,UAAA,GAAa,OAAA,EAAQ;AAAA,IACxD,WAAW,SAAA,CAAU,YAAY,CAAA,CAAE,UAAA,GAAa,OAAA;AAAQ,GAC1D;AAAA,EACA,CAAC,UAAU,CAAC,KAAA,CAAM,iBAAiB,CAAA,CAAE,EAAA,CAAG,KAAA,CAAM,KAAK,CAAC;AACtD,CAAA;AAEO,IAAM,WAAA,GAAc,OAAA;AAAA,EACzB,aAAA;AAAA,EACA;AAAA,IACE,IAAI,IAAA,CAAK,IAAI,CAAA,CAAE,UAAA,GAAa,aAAA,EAAc;AAAA,IAC1C,MAAA,EAAQ,IAAA,CAAK,SAAS,CAAA,CAAE,UAAA,CAAW,MAAM,KAAA,CAAM,EAAA,EAAI,EAAE,QAAA,EAAU,SAAA,EAAW,CAAA;AAAA,IAC1E,QAAA,EAAU,QAAQ,UAAA,EAAY,EAAE,QAAQ,GAAA,EAAK,EAAE,OAAA,EAAQ;AAAA,IACvD,MAAA,EAAQ,QAAQ,QAAA,EAAU,EAAE,QAAQ,EAAA,EAAI,EAAE,OAAA,EAAQ;AAAA,IAClD,UAAA,EAAY,KAAA,CAAM,YAAY,CAAA,CAAE,KAAA,EAA+B;AAAA,IAC/D,WAAW,SAAA,CAAU,YAAY,CAAA,CAAE,UAAA,GAAa,OAAA;AAAQ,GAC1D;AAAA,EACA,CAAC,KAAA,KAAU;AAAA,IACT,KAAA,CAAM,sBAAsB,CAAA,CAAE,EAAA,CAAG,MAAM,MAAM,CAAA;AAAA,IAC7C,KAAA,CAAM,0BAA0B,CAAA,CAAE,EAAA,CAAG,MAAM,QAAQ;AAAA;AAEvD,CAAA;AAEO,IAAM,QAAA,GAAW,OAAA;AAAA,EACtB,UAAA;AAAA,EACA;AAAA,IACE,IAAI,IAAA,CAAK,IAAI,CAAA,CAAE,UAAA,GAAa,aAAA,EAAc;AAAA,IAC1C,MAAA,EAAQ,IAAA,CAAK,SAAS,CAAA,CACnB,OAAA,EAAQ,CACR,UAAA,CAAW,MAAM,KAAA,CAAM,EAAA,EAAI,EAAE,QAAA,EAAU,WAAW,CAAA;AAAA,IACrD,KAAA,EAAO,OAAA,CAAQ,OAAA,EAAS,EAAE,MAAA,EAAQ,KAAK,CAAA,CAAE,OAAA,EAAQ,CAAE,MAAA,EAAO;AAAA,IAC1D,cAAc,OAAA,CAAQ,eAAA,EAAiB,EAAE,MAAA,EAAQ,KAAK,CAAA;AAAA,IACtD,WAAW,OAAA,CAAQ,YAAA,EAAc,EAAE,MAAA,EAAQ,IAAI,CAAA;AAAA,IAC/C,SAAA,EAAW,KAAK,YAAY,CAAA;AAAA,IAC5B,SAAA,EAAW,SAAA,CAAU,YAAY,CAAA,CAAE,OAAA,EAAQ;AAAA,IAC3C,WAAW,SAAA,CAAU,YAAY,CAAA,CAAE,UAAA,GAAa,OAAA;AAAQ,GAC1D;AAAA,EACA,CAAC,KAAA,KAAU;AAAA,IACT,KAAA,CAAM,mBAAmB,CAAA,CAAE,EAAA,CAAG,MAAM,MAAM,CAAA;AAAA,IAC1C,KAAA,CAAM,oBAAoB,CAAA,CAAE,EAAA,CAAG,MAAM,KAAK,CAAA;AAAA,IAC1C,KAAA,CAAM,sBAAsB,CAAA,CAAE,EAAA,CAAG,MAAM,SAAS;AAAA;AAEpD;AAEO,IAAM,SAAA,GAAY,OAAA;AAAA,EACvB,YAAA;AAAA,EACA;AAAA,IACE,IAAI,IAAA,CAAK,IAAI,CAAA,CAAE,UAAA,GAAa,aAAA,EAAc;AAAA,IAC1C,MAAA,EAAQ,QAAQ,QAAA,EAAU,EAAE,QAAQ,GAAA,EAAK,EAAE,OAAA,EAAQ;AAAA,IACnD,QAAQ,IAAA,CAAK,SAAS,EAAE,UAAA,CAAW,MAAM,MAAM,EAAA,EAAI;AAAA,MACjD,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IACD,WAAW,OAAA,CAAQ,YAAA,EAAc,EAAE,MAAA,EAAQ,KAAK,CAAA;AAAA,IAChD,MAAM,OAAA,CAAQ,MAAA,EAAQ,EAAE,MAAA,EAAQ,IAAI,CAAA;AAAA,IACpC,QAAA,EAAU,QAAQ,UAAA,EAAY,EAAE,QAAQ,GAAA,EAAK,EAAE,OAAA,EAAQ;AAAA,IACvD,UAAA,EAAY,KAAK,aAAa,CAAA;AAAA,IAC9B,OAAA,EACE,KAAA,CAAM,SAAS,CAAA,CAAE,KAAA,EAAuD;AAAA,IAC1E,WAAW,OAAA,CAAQ,YAAA,EAAc,EAAE,MAAA,EAAQ,IAAI,CAAA;AAAA,IAC/C,SAAA,EAAW,KAAK,YAAY,CAAA;AAAA,IAC5B,SAAS,OAAA,CAAQ,SAAS,EAAE,OAAA,EAAQ,CAAE,QAAQ,IAAI,CAAA;AAAA,IAClD,KAAA,EAAO,KAAK,OAAO,CAAA;AAAA,IACnB,QAAA,EAAU,KAAA,CAAM,UAAU,CAAA,CAAE,KAAA,EAA+B;AAAA,IAC3D,WAAW,SAAA,CAAU,WAAW,CAAA,CAAE,UAAA,GAAa,OAAA;AAAQ,GACzD;AAAA,EACA,CAAC,KAAA,KAAU;AAAA,IACT,KAAA,CAAM,qBAAqB,CAAA,CAAE,EAAA,CAAG,MAAM,MAAM,CAAA;AAAA,IAC5C,KAAA,CAAM,uBAAuB,CAAA,CAAE,EAAA,CAAG,MAAM,MAAM,CAAA;AAAA,IAC9C,KAAA,CAAM,yBAAyB,CAAA,CAAE,EAAA,CAAG,MAAM,QAAQ,CAAA;AAAA,IAClD,KAAA,CAAM,0BAA0B,CAAA,CAAE,EAAA,CAAG,MAAM,SAAS;AAAA;AAExD,CAAA;AAEO,IAAM,OAAA,GAAU,OAAA;AAAA,EACrB,SAAA;AAAA,EACA;AAAA,IACE,IAAI,IAAA,CAAK,IAAI,CAAA,CAAE,UAAA,GAAa,aAAA,EAAc;AAAA,IAC1C,IAAA,EAAM,QAAQ,MAAA,EAAQ,EAAE,QAAQ,GAAA,EAAK,EAAE,OAAA,EAAQ;AAAA,IAC/C,IAAA,EAAM,OAAA,CAAQ,MAAA,EAAQ,EAAE,MAAA,EAAQ,KAAK,CAAA,CAAE,OAAA,EAAQ,CAAE,MAAA,EAAO;AAAA,IACxD,QAAA,EAAU,MAAM,UAAU,CAAA,CAAE,OAA+B,CAAE,OAAA,CAAQ,EAAE,CAAA;AAAA,IACvE,QAAA,EAAU,OAAA,CAAQ,WAAW,CAAA,CAAE,QAAQ,IAAI,CAAA;AAAA,IAC3C,WAAW,SAAA,CAAU,YAAY,CAAA,CAAE,UAAA,GAAa,OAAA,EAAQ;AAAA,IACxD,WAAW,SAAA,CAAU,YAAY,CAAA,CAAE,UAAA,GAAa,OAAA;AAAQ,GAC1D;AAAA,EACA,CAAC,UAAU,CAAC,WAAA,CAAY,kBAAkB,CAAA,CAAE,EAAA,CAAG,KAAA,CAAM,IAAI,CAAC;AAC5D,CAAA;AAEO,IAAM,OAAA,GAAU,OAAA;AAAA,EACrB,UAAA;AAAA,EACA;AAAA,IACE,IAAI,IAAA,CAAK,IAAI,CAAA,CAAE,UAAA,GAAa,aAAA,EAAc;AAAA,IAC1C,MAAA,EAAQ,IAAA,CAAK,SAAS,CAAA,CACnB,OAAA,EAAQ,CACR,UAAA,CAAW,MAAM,KAAA,CAAM,EAAA,EAAI,EAAE,QAAA,EAAU,WAAW,CAAA;AAAA,IACrD,IAAA,EAAM,QAAQ,MAAA,EAAQ,EAAE,QAAQ,GAAA,EAAK,EAAE,OAAA,EAAQ;AAAA,IAC/C,GAAA,EAAK,OAAA,CAAQ,KAAA,EAAO,EAAE,MAAA,EAAQ,IAAI,CAAA,CAAE,OAAA,EAAQ,CAAE,MAAA,EAAO;AAAA,IACrD,SAAA,EAAW,QAAQ,YAAA,EAAc,EAAE,QAAQ,CAAA,EAAG,EAAE,OAAA,EAAQ;AAAA,IACxD,WAAA,EAAa,MAAM,aAAa,CAAA,CAAE,OAAgB,CAAE,OAAA,CAAQ,EAAE,CAAA;AAAA,IAC9D,UAAA,EAAY,UAAU,cAAc,CAAA;AAAA,IACpC,SAAA,EAAW,UAAU,YAAY,CAAA;AAAA,IACjC,WAAW,SAAA,CAAU,YAAY,CAAA,CAAE,UAAA,GAAa,OAAA;AAAQ,GAC1D;AAAA,EACA,CAAC,KAAA,KAAU;AAAA,IACT,KAAA,CAAM,mBAAmB,CAAA,CAAE,EAAA,CAAG,MAAM,MAAM,CAAA;AAAA,IAC1C,KAAA,CAAM,kBAAkB,CAAA,CAAE,EAAA,CAAG,MAAM,GAAG;AAAA;AAE1C,CAAA;AAEO,IAAM,kBAAA,GAAqB,OAAA;AAAA,EAChC,qBAAA;AAAA,EACA;AAAA,IACE,IAAI,IAAA,CAAK,IAAI,CAAA,CAAE,UAAA,GAAa,aAAA,EAAc;AAAA,IAC1C,MAAA,EAAQ,IAAA,CAAK,SAAS,CAAA,CACnB,OAAA,EAAQ,CACR,UAAA,CAAW,MAAM,KAAA,CAAM,EAAA,EAAI,EAAE,QAAA,EAAU,WAAW,CAAA;AAAA,IACrD,KAAA,EAAO,OAAA,CAAQ,OAAA,EAAS,EAAE,MAAA,EAAQ,IAAI,CAAA,CAAE,OAAA,EAAQ,CAAE,MAAA,EAAO;AAAA,IACzD,SAAA,EAAW,SAAA,CAAU,YAAY,CAAA,CAAE,OAAA,EAAQ;AAAA,IAC3C,WAAW,SAAA,CAAU,YAAY,CAAA,CAAE,UAAA,GAAa,OAAA;AAAQ,GAC1D;AAAA,EACA,CAAC,KAAA,KAAU;AAAA,IACT,KAAA,CAAM,+BAA+B,CAAA,CAAE,EAAA,CAAG,MAAM,KAAK,CAAA;AAAA,IACrD,KAAA,CAAM,8BAA8B,CAAA,CAAE,EAAA,CAAG,MAAM,MAAM;AAAA;AAEzD,CAAA;AAEO,IAAM,cAAA,GAAiB,OAAA;AAAA,EAC5B,iBAAA;AAAA,EACA;AAAA,IACE,IAAI,IAAA,CAAK,IAAI,CAAA,CAAE,UAAA,GAAa,aAAA,EAAc;AAAA,IAC1C,MAAA,EAAQ,IAAA,CAAK,SAAS,CAAA,CACnB,OAAA,EAAQ,CACR,UAAA,CAAW,MAAM,KAAA,CAAM,EAAA,EAAI,EAAE,QAAA,EAAU,WAAW,CAAA;AAAA,IACrD,KAAA,EAAO,OAAA,CAAQ,OAAA,EAAS,EAAE,MAAA,EAAQ,IAAI,CAAA,CAAE,OAAA,EAAQ,CAAE,MAAA,EAAO;AAAA,IACzD,SAAA,EAAW,SAAA,CAAU,YAAY,CAAA,CAAE,OAAA,EAAQ;AAAA,IAC3C,MAAA,EAAQ,UAAU,SAAS,CAAA;AAAA,IAC3B,WAAW,SAAA,CAAU,YAAY,CAAA,CAAE,UAAA,GAAa,OAAA;AAAQ,GAC1D;AAAA,EACA,CAAC,KAAA,KAAU;AAAA,IACT,KAAA,CAAM,2BAA2B,CAAA,CAAE,EAAA,CAAG,MAAM,KAAK,CAAA;AAAA,IACjD,KAAA,CAAM,0BAA0B,CAAA,CAAE,EAAA,CAAG,MAAM,MAAM;AAAA;AAErD,CAAA;AAEO,IAAM,eAAA,GAAkB,OAAA;AAAA,EAC7B,kBAAA;AAAA,EACA;AAAA,IACE,IAAI,IAAA,CAAK,IAAI,CAAA,CAAE,UAAA,GAAa,aAAA,EAAc;AAAA,IAC1C,MAAA,EAAQ,IAAA,CAAK,SAAS,CAAA,CACnB,OAAA,EAAQ,CACR,UAAA,CAAW,MAAM,KAAA,CAAM,EAAA,EAAI,EAAE,QAAA,EAAU,WAAW,CAAA;AAAA,IACrD,YAAA,EAAc,QAAQ,eAAA,EAAiB,EAAE,QAAQ,GAAA,EAAK,EAAE,OAAA,EAAQ;AAAA,IAChE,WAAW,SAAA,CAAU,YAAY,CAAA,CAAE,UAAA,GAAa,OAAA;AAAQ,GAC1D;AAAA,EACA,CAAC,UAAU,CAAC,KAAA,CAAM,2BAA2B,CAAA,CAAE,EAAA,CAAG,KAAA,CAAM,MAAM,CAAC;AACjE;AAEO,IAAM,QAAA,GAAW,OAAA;AAAA,EACtB,UAAA;AAAA,EACA;AAAA,IACE,IAAI,IAAA,CAAK,IAAI,CAAA,CAAE,UAAA,GAAa,aAAA,EAAc;AAAA,IAC1C,MAAA,EAAQ,IAAA,CAAK,SAAS,CAAA,CACnB,OAAA,EAAQ,CACR,UAAA,CAAW,MAAM,KAAA,CAAM,EAAA,EAAI,EAAE,QAAA,EAAU,WAAW,CAAA;AAAA,IACrD,WAAW,OAAA,CAAQ,YAAA,EAAc,EAAE,MAAA,EAAQ,IAAI,CAAA;AAAA,IAC/C,QAAQ,OAAA,CAAQ,QAAA,EAAU,EAAE,MAAA,EAAQ,KAAK,CAAA;AAAA,IACzC,WAAA,EAAa,SAAA,CAAU,cAAc,CAAA,CAAE,OAAA,EAAQ;AAAA,IAC/C,UAAA,EAAY,UAAU,aAAa,CAAA;AAAA,IACnC,WAAW,SAAA,CAAU,YAAY,CAAA,CAAE,UAAA,GAAa,OAAA;AAAQ,GAC1D;AAAA,EACA,CAAC,KAAA,KAAU;AAAA,IACT,KAAA,CAAM,mBAAmB,CAAA,CAAE,EAAA,CAAG,MAAM,MAAM,CAAA;AAAA,IAC1C,KAAA,CAAM,iBAAiB,CAAA,CAAE,EAAA,CAAG,MAAM,SAAS,CAAA;AAAA,IAC3C,KAAA,CAAM,2BAA2B,CAAA,CAAE,EAAA,CAAG,MAAM,WAAW;AAAA;AAE3D","file":"chunk-KA3UOIFC.js","sourcesContent":["import {\n pgTable,\n uuid,\n varchar,\n boolean,\n timestamp,\n integer,\n text,\n jsonb,\n index,\n uniqueIndex,\n} from \"drizzle-orm/pg-core\";\n\nexport const users = pgTable(\n \"users\",\n {\n id: uuid(\"id\").primaryKey().defaultRandom(),\n email: varchar(\"email\", { length: 255 }).notNull(),\n passwordHash: varchar(\"password_hash\", { length: 255 }),\n role: varchar(\"role\", { length: 50 }).notNull().default(\"customer\"),\n tenantId: uuid(\"tenant_id\"),\n emailVerified: boolean(\"email_verified\").default(false),\n locked: boolean(\"locked\").default(false),\n lastLogin: timestamp(\"last_login\"),\n failedLoginAttempts: integer(\"failed_login_attempts\").default(0),\n metadata: jsonb(\"metadata\").$type<Record<string, unknown>>(),\n createdAt: timestamp(\"created_at\").defaultNow().notNull(),\n updatedAt: timestamp(\"updated_at\").defaultNow().notNull(),\n },\n (table) => [\n uniqueIndex(\"users_email_idx\").on(table.email),\n index(\"users_tenant_idx\").on(table.tenantId),\n index(\"users_role_idx\").on(table.role),\n ],\n);\n\nexport const roles = pgTable(\n \"roles\",\n {\n id: uuid(\"id\").primaryKey().defaultRandom(),\n name: varchar(\"name\", { length: 100 }).notNull().unique(),\n level: integer(\"level\").notNull().default(0),\n inherits: text(\"inherits\").array(),\n description: text(\"description\"),\n permissions: jsonb(\"permissions\").$type<string[]>().default([]),\n isSystem: boolean(\"is_system\").default(false),\n createdAt: timestamp(\"created_at\").defaultNow().notNull(),\n updatedAt: timestamp(\"updated_at\").defaultNow().notNull(),\n },\n (table) => [index(\"roles_level_idx\").on(table.level)],\n);\n\nexport const permissions = pgTable(\n \"permissions\",\n {\n id: uuid(\"id\").primaryKey().defaultRandom(),\n roleId: uuid(\"role_id\").references(() => roles.id, { onDelete: \"cascade\" }),\n resource: varchar(\"resource\", { length: 100 }).notNull(),\n action: varchar(\"action\", { length: 50 }).notNull(),\n conditions: jsonb(\"conditions\").$type<Record<string, unknown>>(),\n createdAt: timestamp(\"created_at\").defaultNow().notNull(),\n },\n (table) => [\n index(\"permissions_role_idx\").on(table.roleId),\n index(\"permissions_resource_idx\").on(table.resource),\n ],\n);\n\nexport const sessions = pgTable(\n \"sessions\",\n {\n id: uuid(\"id\").primaryKey().defaultRandom(),\n userId: uuid(\"user_id\")\n .notNull()\n .references(() => users.id, { onDelete: \"cascade\" }),\n token: varchar(\"token\", { length: 512 }).notNull().unique(),\n refreshToken: varchar(\"refresh_token\", { length: 512 }),\n ipAddress: varchar(\"ip_address\", { length: 45 }),\n userAgent: text(\"user_agent\"),\n expiresAt: timestamp(\"expires_at\").notNull(),\n createdAt: timestamp(\"created_at\").defaultNow().notNull(),\n },\n (table) => [\n index(\"sessions_user_idx\").on(table.userId),\n index(\"sessions_token_idx\").on(table.token),\n index(\"sessions_expires_idx\").on(table.expiresAt),\n ],\n);\n\nexport const auditLogs = pgTable(\n \"audit_logs\",\n {\n id: uuid(\"id\").primaryKey().defaultRandom(),\n action: varchar(\"action\", { length: 100 }).notNull(),\n userId: uuid(\"user_id\").references(() => users.id, {\n onDelete: \"set null\",\n }),\n userEmail: varchar(\"user_email\", { length: 255 }),\n role: varchar(\"role\", { length: 50 }),\n resource: varchar(\"resource\", { length: 100 }).notNull(),\n resourceId: uuid(\"resource_id\"),\n changes:\n jsonb(\"changes\").$type<{ field: string; old: unknown; new: unknown }[]>(),\n ipAddress: varchar(\"ip_address\", { length: 45 }),\n userAgent: text(\"user_agent\"),\n success: boolean(\"success\").notNull().default(true),\n error: text(\"error\"),\n metadata: jsonb(\"metadata\").$type<Record<string, unknown>>(),\n timestamp: timestamp(\"timestamp\").defaultNow().notNull(),\n },\n (table) => [\n index(\"audit_logs_user_idx\").on(table.userId),\n index(\"audit_logs_action_idx\").on(table.action),\n index(\"audit_logs_resource_idx\").on(table.resource),\n index(\"audit_logs_timestamp_idx\").on(table.timestamp),\n ],\n);\n\nexport const tenants = pgTable(\n \"tenants\",\n {\n id: uuid(\"id\").primaryKey().defaultRandom(),\n name: varchar(\"name\", { length: 255 }).notNull(),\n slug: varchar(\"slug\", { length: 100 }).notNull().unique(),\n settings: jsonb(\"settings\").$type<Record<string, unknown>>().default({}),\n isActive: boolean(\"is_active\").default(true),\n createdAt: timestamp(\"created_at\").defaultNow().notNull(),\n updatedAt: timestamp(\"updated_at\").defaultNow().notNull(),\n },\n (table) => [uniqueIndex(\"tenants_slug_idx\").on(table.slug)],\n);\n\nexport const apiKeys = pgTable(\n \"api_keys\",\n {\n id: uuid(\"id\").primaryKey().defaultRandom(),\n userId: uuid(\"user_id\")\n .notNull()\n .references(() => users.id, { onDelete: \"cascade\" }),\n name: varchar(\"name\", { length: 255 }).notNull(),\n key: varchar(\"key\", { length: 64 }).notNull().unique(),\n keyPrefix: varchar(\"key_prefix\", { length: 8 }).notNull(),\n permissions: jsonb(\"permissions\").$type<string[]>().default([]),\n lastUsedAt: timestamp(\"last_used_at\"),\n expiresAt: timestamp(\"expires_at\"),\n createdAt: timestamp(\"created_at\").defaultNow().notNull(),\n },\n (table) => [\n index(\"api_keys_user_idx\").on(table.userId),\n index(\"api_keys_key_idx\").on(table.key),\n ],\n);\n\nexport const emailVerifications = pgTable(\n \"email_verifications\",\n {\n id: uuid(\"id\").primaryKey().defaultRandom(),\n userId: uuid(\"user_id\")\n .notNull()\n .references(() => users.id, { onDelete: \"cascade\" }),\n token: varchar(\"token\", { length: 64 }).notNull().unique(),\n expiresAt: timestamp(\"expires_at\").notNull(),\n createdAt: timestamp(\"created_at\").defaultNow().notNull(),\n },\n (table) => [\n index(\"email_verifications_token_idx\").on(table.token),\n index(\"email_verifications_user_idx\").on(table.userId),\n ],\n);\n\nexport const passwordResets = pgTable(\n \"password_resets\",\n {\n id: uuid(\"id\").primaryKey().defaultRandom(),\n userId: uuid(\"user_id\")\n .notNull()\n .references(() => users.id, { onDelete: \"cascade\" }),\n token: varchar(\"token\", { length: 64 }).notNull().unique(),\n expiresAt: timestamp(\"expires_at\").notNull(),\n usedAt: timestamp(\"used_at\"),\n createdAt: timestamp(\"created_at\").defaultNow().notNull(),\n },\n (table) => [\n index(\"password_resets_token_idx\").on(table.token),\n index(\"password_resets_user_idx\").on(table.userId),\n ],\n);\n\nexport const passwordHistory = pgTable(\n \"password_history\",\n {\n id: uuid(\"id\").primaryKey().defaultRandom(),\n userId: uuid(\"user_id\")\n .notNull()\n .references(() => users.id, { onDelete: \"cascade\" }),\n passwordHash: varchar(\"password_hash\", { length: 255 }).notNull(),\n createdAt: timestamp(\"created_at\").defaultNow().notNull(),\n },\n (table) => [index(\"password_history_user_idx\").on(table.userId)],\n);\n\nexport const lockouts = pgTable(\n \"lockouts\",\n {\n id: uuid(\"id\").primaryKey().defaultRandom(),\n userId: uuid(\"user_id\")\n .notNull()\n .references(() => users.id, { onDelete: \"cascade\" }),\n ipAddress: varchar(\"ip_address\", { length: 45 }),\n reason: varchar(\"reason\", { length: 255 }),\n lockedUntil: timestamp(\"locked_until\").notNull(),\n releasedAt: timestamp(\"released_at\"),\n createdAt: timestamp(\"created_at\").defaultNow().notNull(),\n },\n (table) => [\n index(\"lockouts_user_idx\").on(table.userId),\n index(\"lockouts_ip_idx\").on(table.ipAddress),\n index(\"lockouts_locked_until_idx\").on(table.lockedUntil),\n ],\n);\n\nexport type AuthUser = typeof users.$inferSelect;\nexport type AuthUserNew = typeof users.$inferInsert;\nexport type AuthRole = typeof roles.$inferSelect;\nexport type AuthRoleNew = typeof roles.$inferInsert;\nexport type AuthSession = typeof sessions.$inferSelect;\nexport type AuthSessionNew = typeof sessions.$inferInsert;\nexport type AuthAuditLog = typeof auditLogs.$inferSelect;\nexport type AuthAuditLogNew = typeof auditLogs.$inferInsert;\nexport type AuthTenant = typeof tenants.$inferSelect;\nexport type AuthTenantNew = typeof tenants.$inferInsert;\nexport type AuthApiKey = typeof apiKeys.$inferSelect;\nexport type AuthApiKeyNew = typeof apiKeys.$inferInsert;\nexport type AuthEmailVerification = typeof emailVerifications.$inferSelect;\nexport type AuthPasswordReset = typeof passwordResets.$inferSelect;\nexport type AuthPasswordHistoryEntry = typeof passwordHistory.$inferSelect;\nexport type AuthLockout = typeof lockouts.$inferSelect;\n"]}

package/dist/chunk-KWTKEBHM.cjs ADDED Viewed

@@ -0,0 +1,176 @@
+'use strict';
+var chunk5AOILNGY_cjs = require('./chunk-5AOILNGY.cjs');
+var drizzleOrm = require('drizzle-orm');
+var bcrypt = require('bcryptjs');
+var crypto = require('crypto');
+function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
+var bcrypt__default = /*#__PURE__*/_interopDefault(bcrypt);
+var PostgresAuthAdapter = class {
+  db;
+  prefix;
+  sessionTTL;
+  refreshTokenTTL;
+  constructor(options) {
+    this.db = options.db;
+    this.prefix = options.prefix || "kyro:";
+    this.sessionTTL = options.sessionTTL || 86400;
+    this.refreshTokenTTL = options.refreshTokenTTL || 604800;
+  }
+  async createUser(data) {
+    const [user] = await this.db.insert(chunk5AOILNGY_cjs.users).values({
+      email: data.email.toLowerCase(),
+      passwordHash: data.passwordHash,
+      role: data.role || "customer",
+      tenantId: data.tenantId
+    }).returning();
+    return this.userToAuthUser(user);
+  }
+  async findUserByEmail(email) {
+    const [user] = await this.db.select().from(chunk5AOILNGY_cjs.users).where(drizzleOrm.eq(chunk5AOILNGY_cjs.users.email, email.toLowerCase())).limit(1);
+    return user ? this.userToAuthUser(user) : null;
+  }
+  async findUserById(id) {
+    const [user] = await this.db.select().from(chunk5AOILNGY_cjs.users).where(drizzleOrm.eq(chunk5AOILNGY_cjs.users.id, id)).limit(1);
+    return user ? this.userToAuthUser(user) : null;
+  }
+  async updateUser(id, data) {
+    const dbData = { updatedAt: /* @__PURE__ */ new Date() };
+    if (data.email !== void 0) dbData.email = data.email;
+    if (data.passwordHash !== void 0)
+      dbData.passwordHash = data.passwordHash;
+    if (data.role !== void 0) dbData.role = data.role;
+    if (data.tenantId !== void 0) dbData.tenantId = data.tenantId;
+    if (data.emailVerified !== void 0)
+      dbData.emailVerified = data.emailVerified;
+    if (data.locked !== void 0) dbData.locked = data.locked;
+    if (data.lastLogin !== void 0)
+      dbData.lastLogin = data.lastLogin ? new Date(data.lastLogin) : null;
+    if (data.failedLoginAttempts !== void 0)
+      dbData.failedLoginAttempts = data.failedLoginAttempts;
+    const [user] = await this.db.update(chunk5AOILNGY_cjs.users).set(dbData).where(drizzleOrm.eq(chunk5AOILNGY_cjs.users.id, id)).returning();
+    return user ? this.userToAuthUser(user) : null;
+  }
+  async deleteUser(id) {
+    await this.db.delete(chunk5AOILNGY_cjs.users).where(drizzleOrm.eq(chunk5AOILNGY_cjs.users.id, id));
+    return true;
+  }
+  async verifyPassword(password, hash) {
+    return bcrypt__default.default.compare(password, hash);
+  }
+  async hashPassword(password) {
+    return bcrypt__default.default.hash(password, 12);
+  }
+  async createSession(userId, data) {
+    const token = crypto.randomBytes(32).toString("base64url");
+    const refreshToken = crypto.randomBytes(32).toString("base64url");
+    const expiresAt = new Date(Date.now() + this.sessionTTL * 1e3);
+    new Date(Date.now() + this.refreshTokenTTL * 1e3);
+    const [session] = await this.db.insert(chunk5AOILNGY_cjs.sessions).values({
+      userId,
+      token,
+      refreshToken,
+      ipAddress: data?.ipAddress,
+      userAgent: data?.userAgent,
+      expiresAt
+    }).returning();
+    return this.sessionToSession(session);
+  }
+  async findSessionByToken(token) {
+    const [session] = await this.db.select().from(chunk5AOILNGY_cjs.sessions).where(drizzleOrm.and(drizzleOrm.eq(chunk5AOILNGY_cjs.sessions.token, token), drizzleOrm.gt(chunk5AOILNGY_cjs.sessions.expiresAt, /* @__PURE__ */ new Date()))).limit(1);
+    return session ? this.sessionToSession(session) : null;
+  }
+  async deleteSession(sessionId) {
+    await this.db.delete(chunk5AOILNGY_cjs.sessions).where(drizzleOrm.eq(chunk5AOILNGY_cjs.sessions.id, sessionId));
+    return true;
+  }
+  async deleteUserSessions(userId) {
+    await this.db.delete(chunk5AOILNGY_cjs.sessions).where(drizzleOrm.eq(chunk5AOILNGY_cjs.sessions.userId, userId));
+    return 1;
+  }
+  async addPasswordToHistory(userId, passwordHash) {
+    await this.db.insert(chunk5AOILNGY_cjs.passwordHistory).values({
+      userId,
+      passwordHash
+    });
+  }
+  async getPasswordHistory(userId, count = 5) {
+    const history = await this.db.select({ passwordHash: chunk5AOILNGY_cjs.passwordHistory.passwordHash }).from(chunk5AOILNGY_cjs.passwordHistory).where(drizzleOrm.eq(chunk5AOILNGY_cjs.passwordHistory.userId, userId)).orderBy(drizzleOrm.desc(chunk5AOILNGY_cjs.passwordHistory.createdAt)).limit(count);
+    return history.map((h) => h.passwordHash);
+  }
+  async isPasswordInHistory(password, userId, historyCount = 5) {
+    const history = await this.getPasswordHistory(userId, historyCount);
+    for (const hash of history) {
+      if (await this.verifyPassword(password, hash)) {
+        return true;
+      }
+    }
+    return false;
+  }
+  async isLocked(userId) {
+    const [lockout] = await this.db.select().from(chunk5AOILNGY_cjs.lockouts).where(
+      drizzleOrm.and(drizzleOrm.eq(chunk5AOILNGY_cjs.lockouts.userId, userId), drizzleOrm.gt(chunk5AOILNGY_cjs.lockouts.lockedUntil, /* @__PURE__ */ new Date()))
+    ).limit(1);
+    return !!lockout;
+  }
+  async getLockout(userId) {
+    const [lockout] = await this.db.select().from(chunk5AOILNGY_cjs.lockouts).where(
+      drizzleOrm.and(drizzleOrm.eq(chunk5AOILNGY_cjs.lockouts.userId, userId), drizzleOrm.gt(chunk5AOILNGY_cjs.lockouts.lockedUntil, /* @__PURE__ */ new Date()))
+    ).limit(1);
+    return lockout ? { lockedUntil: lockout.lockedUntil } : null;
+  }
+  async recordFailedAttempt(userId, ipAddress) {
+    const user = await this.findUserById(userId);
+    const attempts = (user?.failedLoginAttempts || 0) + 1;
+    await this.updateUser(userId, { failedLoginAttempts: attempts });
+    const maxAttempts = 5;
+    const locked = attempts >= maxAttempts;
+    if (locked) {
+      const lockoutDuration = 15 * 60 * 1e3;
+      await this.db.insert(chunk5AOILNGY_cjs.lockouts).values({
+        userId,
+        ipAddress,
+        reason: "Too many failed login attempts",
+        lockedUntil: new Date(Date.now() + lockoutDuration)
+      });
+    }
+    return { attempts, locked };
+  }
+  async resetAttempts(userId) {
+    await this.updateUser(userId, { failedLoginAttempts: 0 });
+  }
+  userToAuthUser(user) {
+    return {
+      id: user.id,
+      email: user.email,
+      passwordHash: user.passwordHash || void 0,
+      role: user.role,
+      tenantId: user.tenantId || void 0,
+      emailVerified: user.emailVerified || false,
+      locked: user.locked || false,
+      lastLogin: user.lastLogin?.toISOString(),
+      failedLoginAttempts: user.failedLoginAttempts || 0,
+      createdAt: user.createdAt.toISOString(),
+      updatedAt: user.updatedAt.toISOString()
+    };
+  }
+  sessionToSession(session) {
+    return {
+      id: session.id,
+      userId: session.userId,
+      token: session.token,
+      refreshToken: session.refreshToken || void 0,
+      expiresAt: session.expiresAt.toISOString(),
+      createdAt: session.createdAt.toISOString(),
+      ipAddress: session.ipAddress || void 0,
+      userAgent: session.userAgent || void 0
+    };
+  }
+};
+exports.PostgresAuthAdapter = PostgresAuthAdapter;
+//# sourceMappingURL=chunk-KWTKEBHM.cjs.map
+//# sourceMappingURL=chunk-KWTKEBHM.cjs.map

package/dist/chunk-KWTKEBHM.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/database/drizzle/postgres-auth-adapter.ts"],"names":["users","eq","bcrypt","randomBytes","sessions","and","gt","passwordHistory","desc","lockouts"],"mappings":";;;;;;;;;;;AA0BO,IAAM,sBAAN,MAAiD;AAAA,EAC9C,EAAA;AAAA,EACA,MAAA;AAAA,EACA,UAAA;AAAA,EACA,eAAA;AAAA,EAER,YAAY,OAAA,EAAqC;AAC/C,IAAA,IAAA,CAAK,KAAK,OAAA,CAAQ,EAAA;AAClB,IAAA,IAAA,CAAK,MAAA,GAAS,QAAQ,MAAA,IAAU,OAAA;AAChC,IAAA,IAAA,CAAK,UAAA,GAAa,QAAQ,UAAA,IAAc,KAAA;AACxC,IAAA,IAAA,CAAK,eAAA,GAAkB,QAAQ,eAAA,IAAmB,MAAA;AAAA,EACpD;AAAA,EAEA,MAAM,WAAW,IAAA,EAKK;AACpB,IAAA,MAAM,CAAC,IAAI,CAAA,GAAI,MAAM,KAAK,EAAA,CACvB,MAAA,CAAOA,uBAAK,CAAA,CACZ,MAAA,CAAO;AAAA,MACN,KAAA,EAAO,IAAA,CAAK,KAAA,CAAM,WAAA,EAAY;AAAA,MAC9B,cAAc,IAAA,CAAK,YAAA;AAAA,MACnB,IAAA,EAAO,KAAK,IAAA,IAAQ,UAAA;AAAA,MACpB,UAAU,IAAA,CAAK;AAAA,KAChB,EACA,SAAA,EAAU;AAEb,IAAA,OAAO,IAAA,CAAK,eAAe,IAAI,CAAA;AAAA,EACjC;AAAA,EAEA,MAAM,gBAAgB,KAAA,EAAyC;AAC7D,IAAA,MAAM,CAAC,IAAI,CAAA,GAAI,MAAM,KAAK,EAAA,CACvB,MAAA,GACA,IAAA,CAAKA,uBAAK,EACV,KAAA,CAAMC,aAAA,CAAGD,wBAAM,KAAA,EAAO,KAAA,CAAM,aAAa,CAAC,CAAA,CAC1C,KAAA,CAAM,CAAC,CAAA;AAEV,IAAA,OAAO,IAAA,GAAO,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA,GAAI,IAAA;AAAA,EAC5C;AAAA,EAEA,MAAM,aAAa,EAAA,EAAsC;AACvD,IAAA,MAAM,CAAC,IAAI,CAAA,GAAI,MAAM,IAAA,CAAK,EAAA,CACvB,QAAO,CACP,IAAA,CAAKA,uBAAK,CAAA,CACV,KAAA,CAAMC,cAAGD,uBAAA,CAAM,EAAA,EAAI,EAAE,CAAC,CAAA,CACtB,MAAM,CAAC,CAAA;AAEV,IAAA,OAAO,IAAA,GAAO,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA,GAAI,IAAA;AAAA,EAC5C;AAAA,EAEA,MAAM,UAAA,CACJ,EAAA,EACA,IAAA,EAC0B;AAC1B,IAAA,MAAM,MAAA,GAAkC,EAAE,SAAA,kBAAW,IAAI,MAAK,EAAE;AAChE,IAAA,IAAI,IAAA,CAAK,KAAA,KAAU,MAAA,EAAW,MAAA,CAAO,QAAQ,IAAA,CAAK,KAAA;AAClD,IAAA,IAAI,KAAK,YAAA,KAAiB,MAAA;AACxB,MAAA,MAAA,CAAO,eAAe,IAAA,CAAK,YAAA;AAC7B,IAAA,IAAI,IAAA,CAAK,IAAA,KAAS,MAAA,EAAW,MAAA,CAAO,OAAO,IAAA,CAAK,IAAA;AAChD,IAAA,IAAI,IAAA,CAAK,QAAA,KAAa,MAAA,EAAW,MAAA,CAAO,WAAW,IAAA,CAAK,QAAA;AACxD,IAAA,IAAI,KAAK,aAAA,KAAkB,MAAA;AACzB,MAAA,MAAA,CAAO,gBAAgB,IAAA,CAAK,aAAA;AAC9B,IAAA,IAAI,IAAA,CAAK,MAAA,KAAW,MAAA,EAAW,MAAA,CAAO,SAAS,IAAA,CAAK,MAAA;AACpD,IAAA,IAAI,KAAK,SAAA,KAAc,MAAA;AACrB,MAAA,MAAA,CAAO,YAAY,IAAA,CAAK,SAAA,GAAY,IAAI,IAAA,CAAK,IAAA,CAAK,SAAS,CAAA,GAAI,IAAA;AACjE,IAAA,IAAI,KAAK,mBAAA,KAAwB,MAAA;AAC/B,MAAA,MAAA,CAAO,sBAAsB,IAAA,CAAK,mBAAA;AAEpC,IAAA,MAAM,CAAC,IAAI,CAAA,GAAI,MAAM,IAAA,CAAK,EAAA,CACvB,OAAOA,uBAAK,CAAA,CACZ,IAAI,MAAM,CAAA,CACV,MAAMC,aAAA,CAAGD,uBAAA,CAAM,IAAI,EAAE,CAAC,EACtB,SAAA,EAAU;AAEb,IAAA,OAAO,IAAA,GAAO,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA,GAAI,IAAA;AAAA,EAC5C;AAAA,EAEA,MAAM,WAAW,EAAA,EAA8B;AAC7C,IAAe,MAAM,IAAA,CAAK,EAAA,CAAG,MAAA,CAAOA,uBAAK,CAAA,CAAE,KAAA,CAAMC,aAAA,CAAGD,uBAAA,CAAM,EAAA,EAAI,EAAE,CAAC;AACjE,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,cAAA,CAAe,QAAA,EAAkB,IAAA,EAAgC;AACrE,IAAA,OAAOE,uBAAA,CAAO,OAAA,CAAQ,QAAA,EAAU,IAAI,CAAA;AAAA,EACtC;AAAA,EAEA,MAAM,aAAa,QAAA,EAAmC;AACpD,IAAA,OAAOA,uBAAA,CAAO,IAAA,CAAK,QAAA,EAAU,EAAE,CAAA;AAAA,EACjC;AAAA,EAEA,MAAM,aAAA,CACJ,MAAA,EACA,IAAA,EACkB;AAClB,IAAA,MAAM,KAAA,GAAQC,kBAAA,CAAY,EAAE,CAAA,CAAE,SAAS,WAAW,CAAA;AAClD,IAAA,MAAM,YAAA,GAAeA,kBAAA,CAAY,EAAE,CAAA,CAAE,SAAS,WAAW,CAAA;AACzD,IAAA,MAAM,SAAA,GAAY,IAAI,IAAA,CAAK,IAAA,CAAK,KAAI,GAAI,IAAA,CAAK,aAAa,GAAI,CAAA;AAC9D,IAAyB,IAAI,IAAA,CAAK,IAAA,CAAK,KAAI,GAAI,IAAA,CAAK,kBAAkB,GAAI;AAE1E,IAAA,MAAM,CAAC,OAAO,CAAA,GAAI,MAAM,KAAK,EAAA,CAC1B,MAAA,CAAOC,0BAAQ,CAAA,CACf,MAAA,CAAO;AAAA,MACN,MAAA;AAAA,MACA,KAAA;AAAA,MACA,YAAA;AAAA,MACA,WAAW,IAAA,EAAM,SAAA;AAAA,MACjB,WAAW,IAAA,EAAM,SAAA;AAAA,MACjB;AAAA,KACD,EACA,SAAA,EAAU;AAEb,IAAA,OAAO,IAAA,CAAK,iBAAiB,OAAO,CAAA;AAAA,EACtC;AAAA,EAEA,MAAM,mBAAmB,KAAA,EAAwC;AAC/D,IAAA,MAAM,CAAC,OAAO,CAAA,GAAI,MAAM,IAAA,CAAK,EAAA,CAC1B,MAAA,EAAO,CACP,IAAA,CAAKA,0BAAQ,CAAA,CACb,KAAA,CAAMC,cAAA,CAAIJ,aAAA,CAAGG,0BAAA,CAAS,KAAA,EAAO,KAAK,CAAA,EAAGE,aAAA,CAAGF,0BAAA,CAAS,SAAA,kBAAW,IAAI,IAAA,EAAM,CAAC,CAAC,CAAA,CACxE,KAAA,CAAM,CAAC,CAAA;AAEV,IAAA,OAAO,OAAA,GAAU,IAAA,CAAK,gBAAA,CAAiB,OAAO,CAAA,GAAI,IAAA;AAAA,EACpD;AAAA,EAEA,MAAM,cAAc,SAAA,EAAqC;AACvD,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,MAAA,CAAOA,0BAAQ,CAAA,CAAE,MAAMH,aAAA,CAAGG,0BAAA,CAAS,EAAA,EAAI,SAAS,CAAC,CAAA;AAC/D,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,mBAAmB,MAAA,EAAiC;AACxD,IAAe,MAAM,IAAA,CAAK,EAAA,CACvB,MAAA,CAAOA,0BAAQ,CAAA,CACf,KAAA,CAAMH,aAAA,CAAGG,0BAAA,CAAS,MAAA,EAAQ,MAAM,CAAC;AACpC,IAAA,OAAO,CAAA;AAAA,EACT;AAAA,EAEA,MAAM,oBAAA,CACJ,MAAA,EACA,YAAA,EACe;AACf,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,MAAA,CAAOG,iCAAe,EAAE,MAAA,CAAO;AAAA,MAC3C,MAAA;AAAA,MACA;AAAA,KACD,CAAA;AAAA,EACH;AAAA,EAEA,MAAM,kBAAA,CACJ,MAAA,EACA,KAAA,GAAgB,CAAA,EACG;AACnB,IAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,EAAA,CACxB,MAAA,CAAO,EAAE,YAAA,EAAcA,iCAAA,CAAgB,YAAA,EAAc,CAAA,CACrD,IAAA,CAAKA,iCAAe,CAAA,CACpB,KAAA,CAAMN,aAAA,CAAGM,iCAAA,CAAgB,MAAA,EAAQ,MAAM,CAAC,CAAA,CACxC,OAAA,CAAQC,eAAA,CAAKD,iCAAA,CAAgB,SAAS,CAAC,CAAA,CACvC,KAAA,CAAM,KAAK,CAAA;AAEd,IAAA,OAAO,OAAA,CAAQ,GAAA,CAAI,CAAC,CAAA,KAAM,EAAE,YAAY,CAAA;AAAA,EAC1C;AAAA,EAEA,MAAM,mBAAA,CACJ,QAAA,EACA,MAAA,EACA,eAAuB,CAAA,EACL;AAClB,IAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,kBAAA,CAAmB,QAAQ,YAAY,CAAA;AAElE,IAAA,KAAA,MAAW,QAAQ,OAAA,EAAS;AAC1B,MAAA,IAAI,MAAM,IAAA,CAAK,cAAA,CAAe,QAAA,EAAU,IAAI,CAAA,EAAG;AAC7C,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF;AAEA,IAAA,OAAO,KAAA;AAAA,EACT;AAAA,EAEA,MAAM,SAAS,MAAA,EAAkC;AAC/C,IAAA,MAAM,CAAC,OAAO,CAAA,GAAI,MAAM,IAAA,CAAK,GAC1B,MAAA,EAAO,CACP,IAAA,CAAKE,0BAAQ,CAAA,CACb,KAAA;AAAA,MACCJ,cAAA,CAAIJ,aAAA,CAAGQ,0BAAA,CAAS,MAAA,EAAQ,MAAM,CAAA,EAAGH,aAAA,CAAGG,0BAAA,CAAS,WAAA,kBAAa,IAAI,IAAA,EAAM,CAAC;AAAA,KACvE,CACC,MAAM,CAAC,CAAA;AAEV,IAAA,OAAO,CAAC,CAAC,OAAA;AAAA,EACX;AAAA,EAEA,MAAM,WAAW,MAAA,EAAuD;AACtE,IAAA,MAAM,CAAC,OAAO,CAAA,GAAI,MAAM,IAAA,CAAK,GAC1B,MAAA,EAAO,CACP,IAAA,CAAKA,0BAAQ,CAAA,CACb,KAAA;AAAA,MACCJ,cAAA,CAAIJ,aAAA,CAAGQ,0BAAA,CAAS,MAAA,EAAQ,MAAM,CAAA,EAAGH,aAAA,CAAGG,0BAAA,CAAS,WAAA,kBAAa,IAAI,IAAA,EAAM,CAAC;AAAA,KACvE,CACC,MAAM,CAAC,CAAA;AAEV,IAAA,OAAO,OAAA,GAAU,EAAE,WAAA,EAAa,OAAA,CAAQ,aAAY,GAAI,IAAA;AAAA,EAC1D;AAAA,EAEA,MAAM,mBAAA,CACJ,MAAA,EACA,SAAA,EACgD;AAChD,IAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,YAAA,CAAa,MAAM,CAAA;AAC3C,IAAA,MAAM,QAAA,GAAA,CAAY,IAAA,EAAM,mBAAA,IAAuB,CAAA,IAAK,CAAA;AAEpD,IAAA,MAAM,KAAK,UAAA,CAAW,MAAA,EAAQ,EAAE,mBAAA,EAAqB,UAAU,CAAA;AAE/D,IAAA,MAAM,WAAA,GAAc,CAAA;AACpB,IAAA,MAAM,SAAS,QAAA,IAAY,WAAA;AAE3B,IAAA,IAAI,MAAA,EAAQ;AACV,MAAA,MAAM,eAAA,GAAkB,KAAK,EAAA,GAAK,GAAA;AAClC,MAAA,MAAM,IAAA,CAAK,EAAA,CAAG,MAAA,CAAOA,0BAAQ,EAAE,MAAA,CAAO;AAAA,QACpC,MAAA;AAAA,QACA,SAAA;AAAA,QACA,MAAA,EAAQ,gCAAA;AAAA,QACR,aAAa,IAAI,IAAA,CAAK,IAAA,CAAK,GAAA,KAAQ,eAAe;AAAA,OACnD,CAAA;AAAA,IACH;AAEA,IAAA,OAAO,EAAE,UAAU,MAAA,EAAO;AAAA,EAC5B;AAAA,EAEA,MAAM,cAAc,MAAA,EAA+B;AACjD,IAAA,MAAM,KAAK,UAAA,CAAW,MAAA,EAAQ,EAAE,mBAAA,EAAqB,GAAG,CAAA;AAAA,EAC1D;AAAA,EAEQ,eAAe,IAAA,EAA6B;AAClD,IAAA,OAAO;AAAA,MACL,IAAI,IAAA,CAAK,EAAA;AAAA,MACT,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,YAAA,EAAc,KAAK,YAAA,IAAgB,MAAA;AAAA,MACnC,MAAM,IAAA,CAAK,IAAA;AAAA,MACX,QAAA,EAAU,KAAK,QAAA,IAAY,MAAA;AAAA,MAC3B,aAAA,EAAe,KAAK,aAAA,IAAiB,KAAA;AAAA,MACrC,MAAA,EAAQ,KAAK,MAAA,IAAU,KAAA;AAAA,MACvB,SAAA,EAAW,IAAA,CAAK,SAAA,EAAW,WAAA,EAAY;AAAA,MACvC,mBAAA,EAAqB,KAAK,mBAAA,IAAuB,CAAA;AAAA,MACjD,SAAA,EAAW,IAAA,CAAK,SAAA,CAAU,WAAA,EAAY;AAAA,MACtC,SAAA,EAAW,IAAA,CAAK,SAAA,CAAU,WAAA;AAAY,KACxC;AAAA,EACF;AAAA,EAEQ,iBAAiB,OAAA,EAAgD;AACvE,IAAA,OAAO;AAAA,MACL,IAAI,OAAA,CAAQ,EAAA;AAAA,MACZ,QAAQ,OAAA,CAAQ,MAAA;AAAA,MAChB,OAAO,OAAA,CAAQ,KAAA;AAAA,MACf,YAAA,EAAc,QAAQ,YAAA,IAAgB,MAAA;AAAA,MACtC,SAAA,EAAW,OAAA,CAAQ,SAAA,CAAU,WAAA,EAAY;AAAA,MACzC,SAAA,EAAW,OAAA,CAAQ,SAAA,CAAU,WAAA,EAAY;AAAA,MACzC,SAAA,EAAW,QAAQ,SAAA,IAAa,MAAA;AAAA,MAChC,SAAA,EAAW,QAAQ,SAAA,IAAa;AAAA,KAClC;AAAA,EACF;AACF","file":"chunk-KWTKEBHM.cjs","sourcesContent":["import type { PostgresJsDatabase } from \"drizzle-orm/postgres-js\";\nimport { eq, and, gt, desc } from \"drizzle-orm\";\nimport bcrypt from \"bcryptjs\";\nimport { randomBytes } from \"crypto\";\nimport type {\n AuthAdapter,\n AuthUser,\n Session,\n UserRole,\n} from \"../../auth/types.js\";\nimport {\n users,\n sessions,\n passwordHistory,\n auditLogs,\n lockouts,\n type AuthUser as AuthUserRow,\n} from \"./schema/auth.js\";\n\nexport interface PostgresAuthAdapterOptions {\n db: PostgresJsDatabase;\n prefix?: string;\n sessionTTL?: number;\n refreshTokenTTL?: number;\n}\n\nexport class PostgresAuthAdapter implements AuthAdapter {\n private db: PostgresJsDatabase;\n private prefix: string;\n private sessionTTL: number;\n private refreshTokenTTL: number;\n\n constructor(options: PostgresAuthAdapterOptions) {\n this.db = options.db;\n this.prefix = options.prefix || \"kyro:\";\n this.sessionTTL = options.sessionTTL || 86400;\n this.refreshTokenTTL = options.refreshTokenTTL || 604800;\n }\n\n async createUser(data: {\n email: string;\n passwordHash: string;\n role?: UserRole;\n tenantId?: string;\n }): Promise<AuthUser> {\n const [user] = await this.db\n .insert(users)\n .values({\n email: data.email.toLowerCase(),\n passwordHash: data.passwordHash,\n role: (data.role || \"customer\") as string,\n tenantId: data.tenantId,\n })\n .returning();\n\n return this.userToAuthUser(user);\n }\n\n async findUserByEmail(email: string): Promise<AuthUser | null> {\n const [user] = await this.db\n .select()\n .from(users)\n .where(eq(users.email, email.toLowerCase()))\n .limit(1);\n\n return user ? this.userToAuthUser(user) : null;\n }\n\n async findUserById(id: string): Promise<AuthUser | null> {\n const [user] = await this.db\n .select()\n .from(users)\n .where(eq(users.id, id))\n .limit(1);\n\n return user ? this.userToAuthUser(user) : null;\n }\n\n async updateUser(\n id: string,\n data: Partial<AuthUser>,\n ): Promise<AuthUser | null> {\n const dbData: Record<string, unknown> = { updatedAt: new Date() };\n if (data.email !== undefined) dbData.email = data.email;\n if (data.passwordHash !== undefined)\n dbData.passwordHash = data.passwordHash;\n if (data.role !== undefined) dbData.role = data.role;\n if (data.tenantId !== undefined) dbData.tenantId = data.tenantId;\n if (data.emailVerified !== undefined)\n dbData.emailVerified = data.emailVerified;\n if (data.locked !== undefined) dbData.locked = data.locked;\n if (data.lastLogin !== undefined)\n dbData.lastLogin = data.lastLogin ? new Date(data.lastLogin) : null;\n if (data.failedLoginAttempts !== undefined)\n dbData.failedLoginAttempts = data.failedLoginAttempts;\n\n const [user] = await this.db\n .update(users)\n .set(dbData)\n .where(eq(users.id, id))\n .returning();\n\n return user ? this.userToAuthUser(user) : null;\n }\n\n async deleteUser(id: string): Promise<boolean> {\n const result = await this.db.delete(users).where(eq(users.id, id));\n return true;\n }\n\n async verifyPassword(password: string, hash: string): Promise<boolean> {\n return bcrypt.compare(password, hash);\n }\n\n async hashPassword(password: string): Promise<string> {\n return bcrypt.hash(password, 12);\n }\n\n async createSession(\n userId: string,\n data?: { ipAddress?: string; userAgent?: string },\n ): Promise<Session> {\n const token = randomBytes(32).toString(\"base64url\");\n const refreshToken = randomBytes(32).toString(\"base64url\");\n const expiresAt = new Date(Date.now() + this.sessionTTL * 1000);\n const refreshExpiresAt = new Date(Date.now() + this.refreshTokenTTL * 1000);\n\n const [session] = await this.db\n .insert(sessions)\n .values({\n userId,\n token,\n refreshToken,\n ipAddress: data?.ipAddress,\n userAgent: data?.userAgent,\n expiresAt,\n })\n .returning();\n\n return this.sessionToSession(session);\n }\n\n async findSessionByToken(token: string): Promise<Session | null> {\n const [session] = await this.db\n .select()\n .from(sessions)\n .where(and(eq(sessions.token, token), gt(sessions.expiresAt, new Date())))\n .limit(1);\n\n return session ? this.sessionToSession(session) : null;\n }\n\n async deleteSession(sessionId: string): Promise<boolean> {\n await this.db.delete(sessions).where(eq(sessions.id, sessionId));\n return true;\n }\n\n async deleteUserSessions(userId: string): Promise<number> {\n const result = await this.db\n .delete(sessions)\n .where(eq(sessions.userId, userId));\n return 1;\n }\n\n async addPasswordToHistory(\n userId: string,\n passwordHash: string,\n ): Promise<void> {\n await this.db.insert(passwordHistory).values({\n userId,\n passwordHash,\n });\n }\n\n async getPasswordHistory(\n userId: string,\n count: number = 5,\n ): Promise<string[]> {\n const history = await this.db\n .select({ passwordHash: passwordHistory.passwordHash })\n .from(passwordHistory)\n .where(eq(passwordHistory.userId, userId))\n .orderBy(desc(passwordHistory.createdAt))\n .limit(count);\n\n return history.map((h) => h.passwordHash);\n }\n\n async isPasswordInHistory(\n password: string,\n userId: string,\n historyCount: number = 5,\n ): Promise<boolean> {\n const history = await this.getPasswordHistory(userId, historyCount);\n\n for (const hash of history) {\n if (await this.verifyPassword(password, hash)) {\n return true;\n }\n }\n\n return false;\n }\n\n async isLocked(userId: string): Promise<boolean> {\n const [lockout] = await this.db\n .select()\n .from(lockouts)\n .where(\n and(eq(lockouts.userId, userId), gt(lockouts.lockedUntil, new Date())),\n )\n .limit(1);\n\n return !!lockout;\n }\n\n async getLockout(userId: string): Promise<{ lockedUntil: Date } | null> {\n const [lockout] = await this.db\n .select()\n .from(lockouts)\n .where(\n and(eq(lockouts.userId, userId), gt(lockouts.lockedUntil, new Date())),\n )\n .limit(1);\n\n return lockout ? { lockedUntil: lockout.lockedUntil } : null;\n }\n\n async recordFailedAttempt(\n userId: string,\n ipAddress?: string,\n ): Promise<{ attempts: number; locked: boolean }> {\n const user = await this.findUserById(userId);\n const attempts = (user?.failedLoginAttempts || 0) + 1;\n\n await this.updateUser(userId, { failedLoginAttempts: attempts });\n\n const maxAttempts = 5;\n const locked = attempts >= maxAttempts;\n\n if (locked) {\n const lockoutDuration = 15 * 60 * 1000;\n await this.db.insert(lockouts).values({\n userId,\n ipAddress,\n reason: \"Too many failed login attempts\",\n lockedUntil: new Date(Date.now() + lockoutDuration),\n });\n }\n\n return { attempts, locked };\n }\n\n async resetAttempts(userId: string): Promise<void> {\n await this.updateUser(userId, { failedLoginAttempts: 0 });\n }\n\n private userToAuthUser(user: AuthUserRow): AuthUser {\n return {\n id: user.id,\n email: user.email,\n passwordHash: user.passwordHash || undefined,\n role: user.role as UserRole,\n tenantId: user.tenantId || undefined,\n emailVerified: user.emailVerified || false,\n locked: user.locked || false,\n lastLogin: user.lastLogin?.toISOString(),\n failedLoginAttempts: user.failedLoginAttempts || 0,\n createdAt: user.createdAt.toISOString(),\n updatedAt: user.updatedAt.toISOString(),\n };\n }\n\n private sessionToSession(session: typeof sessions.$inferSelect): Session {\n return {\n id: session.id,\n userId: session.userId,\n token: session.token,\n refreshToken: session.refreshToken || undefined,\n expiresAt: session.expiresAt.toISOString(),\n createdAt: session.createdAt.toISOString(),\n ipAddress: session.ipAddress || undefined,\n userAgent: session.userAgent || undefined,\n };\n }\n}\n"]}