@kyro-cms/core 0.1.5 → 0.1.7

package/dist/chunk-YD7Y25W7.cjs

@@ -1,176 +0,0 @@
-'use strict';
-
-var chunkTZFJMPCH_cjs = require('./chunk-TZFJMPCH.cjs');
-var drizzleOrm = require('drizzle-orm');
-var bcrypt = require('bcryptjs');
-var crypto = require('crypto');
-
-function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
-
-var bcrypt__default = /*#__PURE__*/_interopDefault(bcrypt);
-
-var PostgresAuthAdapter = class {
-  db;
-  prefix;
-  sessionTTL;
-  refreshTokenTTL;
-  constructor(options) {
-    this.db = options.db;
-    this.prefix = options.prefix || "kyro:";
-    this.sessionTTL = options.sessionTTL || 86400;
-    this.refreshTokenTTL = options.refreshTokenTTL || 604800;
-  }
-  async createUser(data) {
-    const [user] = await this.db.insert(chunkTZFJMPCH_cjs.users).values({
-      email: data.email.toLowerCase(),
-      passwordHash: data.passwordHash,
-      role: data.role || "customer",
-      tenantId: data.tenantId
-    }).returning();
-    return this.userToAuthUser(user);
-  }
-  async findUserByEmail(email) {
-    const [user] = await this.db.select().from(chunkTZFJMPCH_cjs.users).where(drizzleOrm.eq(chunkTZFJMPCH_cjs.users.email, email.toLowerCase())).limit(1);
-    return user ? this.userToAuthUser(user) : null;
-  }
-  async findUserById(id) {
-    const [user] = await this.db.select().from(chunkTZFJMPCH_cjs.users).where(drizzleOrm.eq(chunkTZFJMPCH_cjs.users.id, id)).limit(1);
-    return user ? this.userToAuthUser(user) : null;
-  }
-  async updateUser(id, data) {
-    const dbData = { updatedAt: /* @__PURE__ */ new Date() };
-    if (data.email !== void 0) dbData.email = data.email;
-    if (data.passwordHash !== void 0)
-      dbData.passwordHash = data.passwordHash;
-    if (data.role !== void 0) dbData.role = data.role;
-    if (data.tenantId !== void 0) dbData.tenantId = data.tenantId;
-    if (data.emailVerified !== void 0)
-      dbData.emailVerified = data.emailVerified;
-    if (data.locked !== void 0) dbData.locked = data.locked;
-    if (data.lastLogin !== void 0)
-      dbData.lastLogin = data.lastLogin ? new Date(data.lastLogin) : null;
-    if (data.failedLoginAttempts !== void 0)
-      dbData.failedLoginAttempts = data.failedLoginAttempts;
-    const [user] = await this.db.update(chunkTZFJMPCH_cjs.users).set(dbData).where(drizzleOrm.eq(chunkTZFJMPCH_cjs.users.id, id)).returning();
-    return user ? this.userToAuthUser(user) : null;
-  }
-  async deleteUser(id) {
-    await this.db.delete(chunkTZFJMPCH_cjs.users).where(drizzleOrm.eq(chunkTZFJMPCH_cjs.users.id, id));
-    return true;
-  }
-  async verifyPassword(password, hash) {
-    return bcrypt__default.default.compare(password, hash);
-  }
-  async hashPassword(password) {
-    return bcrypt__default.default.hash(password, 12);
-  }
-  async createSession(userId, data) {
-    const token = crypto.randomBytes(32).toString("base64url");
-    const refreshToken = crypto.randomBytes(32).toString("base64url");
-    const expiresAt = new Date(Date.now() + this.sessionTTL * 1e3);
-    new Date(Date.now() + this.refreshTokenTTL * 1e3);
-    const [session] = await this.db.insert(chunkTZFJMPCH_cjs.sessions).values({
-      userId,
-      token,
-      refreshToken,
-      ipAddress: data?.ipAddress,
-      userAgent: data?.userAgent,
-      expiresAt
-    }).returning();
-    return this.sessionToSession(session);
-  }
-  async findSessionByToken(token) {
-    const [session] = await this.db.select().from(chunkTZFJMPCH_cjs.sessions).where(drizzleOrm.and(drizzleOrm.eq(chunkTZFJMPCH_cjs.sessions.token, token), drizzleOrm.gt(chunkTZFJMPCH_cjs.sessions.expiresAt, /* @__PURE__ */ new Date()))).limit(1);
-    return session ? this.sessionToSession(session) : null;
-  }
-  async deleteSession(sessionId) {
-    await this.db.delete(chunkTZFJMPCH_cjs.sessions).where(drizzleOrm.eq(chunkTZFJMPCH_cjs.sessions.id, sessionId));
-    return true;
-  }
-  async deleteUserSessions(userId) {
-    await this.db.delete(chunkTZFJMPCH_cjs.sessions).where(drizzleOrm.eq(chunkTZFJMPCH_cjs.sessions.userId, userId));
-    return 1;
-  }
-  async addPasswordToHistory(userId, passwordHash) {
-    await this.db.insert(chunkTZFJMPCH_cjs.passwordHistory).values({
-      userId,
-      passwordHash
-    });
-  }
-  async getPasswordHistory(userId, count = 5) {
-    const history = await this.db.select({ passwordHash: chunkTZFJMPCH_cjs.passwordHistory.passwordHash }).from(chunkTZFJMPCH_cjs.passwordHistory).where(drizzleOrm.eq(chunkTZFJMPCH_cjs.passwordHistory.userId, userId)).orderBy(drizzleOrm.desc(chunkTZFJMPCH_cjs.passwordHistory.createdAt)).limit(count);
-    return history.map((h) => h.passwordHash);
-  }
-  async isPasswordInHistory(password, userId, historyCount = 5) {
-    const history = await this.getPasswordHistory(userId, historyCount);
-    for (const hash of history) {
-      if (await this.verifyPassword(password, hash)) {
-        return true;
-      }
-    }
-    return false;
-  }
-  async isLocked(userId) {
-    const [lockout] = await this.db.select().from(chunkTZFJMPCH_cjs.lockouts).where(
-      drizzleOrm.and(drizzleOrm.eq(chunkTZFJMPCH_cjs.lockouts.userId, userId), drizzleOrm.gt(chunkTZFJMPCH_cjs.lockouts.lockedUntil, /* @__PURE__ */ new Date()))
-    ).limit(1);
-    return !!lockout;
-  }
-  async getLockout(userId) {
-    const [lockout] = await this.db.select().from(chunkTZFJMPCH_cjs.lockouts).where(
-      drizzleOrm.and(drizzleOrm.eq(chunkTZFJMPCH_cjs.lockouts.userId, userId), drizzleOrm.gt(chunkTZFJMPCH_cjs.lockouts.lockedUntil, /* @__PURE__ */ new Date()))
-    ).limit(1);
-    return lockout ? { lockedUntil: lockout.lockedUntil } : null;
-  }
-  async recordFailedAttempt(userId, ipAddress) {
-    const user = await this.findUserById(userId);
-    const attempts = (user?.failedLoginAttempts || 0) + 1;
-    await this.updateUser(userId, { failedLoginAttempts: attempts });
-    const maxAttempts = 5;
-    const locked = attempts >= maxAttempts;
-    if (locked) {
-      const lockoutDuration = 15 * 60 * 1e3;
-      await this.db.insert(chunkTZFJMPCH_cjs.lockouts).values({
-        userId,
-        ipAddress,
-        reason: "Too many failed login attempts",
-        lockedUntil: new Date(Date.now() + lockoutDuration)
-      });
-    }
-    return { attempts, locked };
-  }
-  async resetAttempts(userId) {
-    await this.updateUser(userId, { failedLoginAttempts: 0 });
-  }
-  userToAuthUser(user) {
-    return {
-      id: user.id,
-      email: user.email,
-      passwordHash: user.passwordHash || void 0,
-      role: user.role,
-      tenantId: user.tenantId || void 0,
-      emailVerified: user.emailVerified || false,
-      locked: user.locked || false,
-      lastLogin: user.lastLogin?.toISOString(),
-      failedLoginAttempts: user.failedLoginAttempts || 0,
-      createdAt: user.createdAt.toISOString(),
-      updatedAt: user.updatedAt.toISOString()
-    };
-  }
-  sessionToSession(session) {
-    return {
-      id: session.id,
-      userId: session.userId,
-      token: session.token,
-      refreshToken: session.refreshToken || void 0,
-      expiresAt: session.expiresAt.toISOString(),
-      createdAt: session.createdAt.toISOString(),
-      ipAddress: session.ipAddress || void 0,
-      userAgent: session.userAgent || void 0
-    };
-  }
-};
-
-exports.PostgresAuthAdapter = PostgresAuthAdapter;
-//# sourceMappingURL=chunk-YD7Y25W7.cjs.map
-//# sourceMappingURL=chunk-YD7Y25W7.cjs.map

package/dist/chunk-YD7Y25W7.cjs.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../src/database/drizzle/postgres-auth-adapter.ts"],"names":["users","eq","bcrypt","randomBytes","sessions","and","gt","passwordHistory","desc","lockouts"],"mappings":";;;;;;;;;;;AA0BO,IAAM,sBAAN,MAAiD;AAAA,EAC9C,EAAA;AAAA,EACA,MAAA;AAAA,EACA,UAAA;AAAA,EACA,eAAA;AAAA,EAER,YAAY,OAAA,EAAqC;AAC/C,IAAA,IAAA,CAAK,KAAK,OAAA,CAAQ,EAAA;AAClB,IAAA,IAAA,CAAK,MAAA,GAAS,QAAQ,MAAA,IAAU,OAAA;AAChC,IAAA,IAAA,CAAK,UAAA,GAAa,QAAQ,UAAA,IAAc,KAAA;AACxC,IAAA,IAAA,CAAK,eAAA,GAAkB,QAAQ,eAAA,IAAmB,MAAA;AAAA,EACpD;AAAA,EAEA,MAAM,WAAW,IAAA,EAKK;AACpB,IAAA,MAAM,CAAC,IAAI,CAAA,GAAI,MAAM,KAAK,EAAA,CACvB,MAAA,CAAOA,uBAAK,CAAA,CACZ,MAAA,CAAO;AAAA,MACN,KAAA,EAAO,IAAA,CAAK,KAAA,CAAM,WAAA,EAAY;AAAA,MAC9B,cAAc,IAAA,CAAK,YAAA;AAAA,MACnB,IAAA,EAAO,KAAK,IAAA,IAAQ,UAAA;AAAA,MACpB,UAAU,IAAA,CAAK;AAAA,KAChB,EACA,SAAA,EAAU;AAEb,IAAA,OAAO,IAAA,CAAK,eAAe,IAAI,CAAA;AAAA,EACjC;AAAA,EAEA,MAAM,gBAAgB,KAAA,EAAyC;AAC7D,IAAA,MAAM,CAAC,IAAI,CAAA,GAAI,MAAM,KAAK,EAAA,CACvB,MAAA,GACA,IAAA,CAAKA,uBAAK,EACV,KAAA,CAAMC,aAAA,CAAGD,wBAAM,KAAA,EAAO,KAAA,CAAM,aAAa,CAAC,CAAA,CAC1C,KAAA,CAAM,CAAC,CAAA;AAEV,IAAA,OAAO,IAAA,GAAO,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA,GAAI,IAAA;AAAA,EAC5C;AAAA,EAEA,MAAM,aAAa,EAAA,EAAsC;AACvD,IAAA,MAAM,CAAC,IAAI,CAAA,GAAI,MAAM,IAAA,CAAK,EAAA,CACvB,QAAO,CACP,IAAA,CAAKA,uBAAK,CAAA,CACV,KAAA,CAAMC,cAAGD,uBAAA,CAAM,EAAA,EAAI,EAAE,CAAC,CAAA,CACtB,MAAM,CAAC,CAAA;AAEV,IAAA,OAAO,IAAA,GAAO,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA,GAAI,IAAA;AAAA,EAC5C;AAAA,EAEA,MAAM,UAAA,CACJ,EAAA,EACA,IAAA,EAC0B;AAC1B,IAAA,MAAM,MAAA,GAAkC,EAAE,SAAA,kBAAW,IAAI,MAAK,EAAE;AAChE,IAAA,IAAI,IAAA,CAAK,KAAA,KAAU,MAAA,EAAW,MAAA,CAAO,QAAQ,IAAA,CAAK,KAAA;AAClD,IAAA,IAAI,KAAK,YAAA,KAAiB,MAAA;AACxB,MAAA,MAAA,CAAO,eAAe,IAAA,CAAK,YAAA;AAC7B,IAAA,IAAI,IAAA,CAAK,IAAA,KAAS,MAAA,EAAW,MAAA,CAAO,OAAO,IAAA,CAAK,IAAA;AAChD,IAAA,IAAI,IAAA,CAAK,QAAA,KAAa,MAAA,EAAW,MAAA,CAAO,WAAW,IAAA,CAAK,QAAA;AACxD,IAAA,IAAI,KAAK,aAAA,KAAkB,MAAA;AACzB,MAAA,MAAA,CAAO,gBAAgB,IAAA,CAAK,aAAA;AAC9B,IAAA,IAAI,IAAA,CAAK,MAAA,KAAW,MAAA,EAAW,MAAA,CAAO,SAAS,IAAA,CAAK,MAAA;AACpD,IAAA,IAAI,KAAK,SAAA,KAAc,MAAA;AACrB,MAAA,MAAA,CAAO,YAAY,IAAA,CAAK,SAAA,GAAY,IAAI,IAAA,CAAK,IAAA,CAAK,SAAS,CAAA,GAAI,IAAA;AACjE,IAAA,IAAI,KAAK,mBAAA,KAAwB,MAAA;AAC/B,MAAA,MAAA,CAAO,sBAAsB,IAAA,CAAK,mBAAA;AAEpC,IAAA,MAAM,CAAC,IAAI,CAAA,GAAI,MAAM,IAAA,CAAK,EAAA,CACvB,OAAOA,uBAAK,CAAA,CACZ,IAAI,MAAM,CAAA,CACV,MAAMC,aAAA,CAAGD,uBAAA,CAAM,IAAI,EAAE,CAAC,EACtB,SAAA,EAAU;AAEb,IAAA,OAAO,IAAA,GAAO,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA,GAAI,IAAA;AAAA,EAC5C;AAAA,EAEA,MAAM,WAAW,EAAA,EAA8B;AAC7C,IAAe,MAAM,IAAA,CAAK,EAAA,CAAG,MAAA,CAAOA,uBAAK,CAAA,CAAE,KAAA,CAAMC,aAAA,CAAGD,uBAAA,CAAM,EAAA,EAAI,EAAE,CAAC;AACjE,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,cAAA,CAAe,QAAA,EAAkB,IAAA,EAAgC;AACrE,IAAA,OAAOE,uBAAA,CAAO,OAAA,CAAQ,QAAA,EAAU,IAAI,CAAA;AAAA,EACtC;AAAA,EAEA,MAAM,aAAa,QAAA,EAAmC;AACpD,IAAA,OAAOA,uBAAA,CAAO,IAAA,CAAK,QAAA,EAAU,EAAE,CAAA;AAAA,EACjC;AAAA,EAEA,MAAM,aAAA,CACJ,MAAA,EACA,IAAA,EACkB;AAClB,IAAA,MAAM,KAAA,GAAQC,kBAAA,CAAY,EAAE,CAAA,CAAE,SAAS,WAAW,CAAA;AAClD,IAAA,MAAM,YAAA,GAAeA,kBAAA,CAAY,EAAE,CAAA,CAAE,SAAS,WAAW,CAAA;AACzD,IAAA,MAAM,SAAA,GAAY,IAAI,IAAA,CAAK,IAAA,CAAK,KAAI,GAAI,IAAA,CAAK,aAAa,GAAI,CAAA;AAC9D,IAAyB,IAAI,IAAA,CAAK,IAAA,CAAK,KAAI,GAAI,IAAA,CAAK,kBAAkB,GAAI;AAE1E,IAAA,MAAM,CAAC,OAAO,CAAA,GAAI,MAAM,KAAK,EAAA,CAC1B,MAAA,CAAOC,0BAAQ,CAAA,CACf,MAAA,CAAO;AAAA,MACN,MAAA;AAAA,MACA,KAAA;AAAA,MACA,YAAA;AAAA,MACA,WAAW,IAAA,EAAM,SAAA;AAAA,MACjB,WAAW,IAAA,EAAM,SAAA;AAAA,MACjB;AAAA,KACD,EACA,SAAA,EAAU;AAEb,IAAA,OAAO,IAAA,CAAK,iBAAiB,OAAO,CAAA;AAAA,EACtC;AAAA,EAEA,MAAM,mBAAmB,KAAA,EAAwC;AAC/D,IAAA,MAAM,CAAC,OAAO,CAAA,GAAI,MAAM,IAAA,CAAK,EAAA,CAC1B,MAAA,EAAO,CACP,IAAA,CAAKA,0BAAQ,CAAA,CACb,KAAA,CAAMC,cAAA,CAAIJ,aAAA,CAAGG,0BAAA,CAAS,KAAA,EAAO,KAAK,CAAA,EAAGE,aAAA,CAAGF,0BAAA,CAAS,SAAA,kBAAW,IAAI,IAAA,EAAM,CAAC,CAAC,CAAA,CACxE,KAAA,CAAM,CAAC,CAAA;AAEV,IAAA,OAAO,OAAA,GAAU,IAAA,CAAK,gBAAA,CAAiB,OAAO,CAAA,GAAI,IAAA;AAAA,EACpD;AAAA,EAEA,MAAM,cAAc,SAAA,EAAqC;AACvD,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,MAAA,CAAOA,0BAAQ,CAAA,CAAE,MAAMH,aAAA,CAAGG,0BAAA,CAAS,EAAA,EAAI,SAAS,CAAC,CAAA;AAC/D,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,mBAAmB,MAAA,EAAiC;AACxD,IAAe,MAAM,IAAA,CAAK,EAAA,CACvB,MAAA,CAAOA,0BAAQ,CAAA,CACf,KAAA,CAAMH,aAAA,CAAGG,0BAAA,CAAS,MAAA,EAAQ,MAAM,CAAC;AACpC,IAAA,OAAO,CAAA;AAAA,EACT;AAAA,EAEA,MAAM,oBAAA,CACJ,MAAA,EACA,YAAA,EACe;AACf,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,MAAA,CAAOG,iCAAe,EAAE,MAAA,CAAO;AAAA,MAC3C,MAAA;AAAA,MACA;AAAA,KACD,CAAA;AAAA,EACH;AAAA,EAEA,MAAM,kBAAA,CACJ,MAAA,EACA,KAAA,GAAgB,CAAA,EACG;AACnB,IAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,EAAA,CACxB,MAAA,CAAO,EAAE,YAAA,EAAcA,iCAAA,CAAgB,YAAA,EAAc,CAAA,CACrD,IAAA,CAAKA,iCAAe,CAAA,CACpB,KAAA,CAAMN,aAAA,CAAGM,iCAAA,CAAgB,MAAA,EAAQ,MAAM,CAAC,CAAA,CACxC,OAAA,CAAQC,eAAA,CAAKD,iCAAA,CAAgB,SAAS,CAAC,CAAA,CACvC,KAAA,CAAM,KAAK,CAAA;AAEd,IAAA,OAAO,OAAA,CAAQ,GAAA,CAAI,CAAC,CAAA,KAAM,EAAE,YAAY,CAAA;AAAA,EAC1C;AAAA,EAEA,MAAM,mBAAA,CACJ,QAAA,EACA,MAAA,EACA,eAAuB,CAAA,EACL;AAClB,IAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,kBAAA,CAAmB,QAAQ,YAAY,CAAA;AAElE,IAAA,KAAA,MAAW,QAAQ,OAAA,EAAS;AAC1B,MAAA,IAAI,MAAM,IAAA,CAAK,cAAA,CAAe,QAAA,EAAU,IAAI,CAAA,EAAG;AAC7C,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF;AAEA,IAAA,OAAO,KAAA;AAAA,EACT;AAAA,EAEA,MAAM,SAAS,MAAA,EAAkC;AAC/C,IAAA,MAAM,CAAC,OAAO,CAAA,GAAI,MAAM,IAAA,CAAK,GAC1B,MAAA,EAAO,CACP,IAAA,CAAKE,0BAAQ,CAAA,CACb,KAAA;AAAA,MACCJ,cAAA,CAAIJ,aAAA,CAAGQ,0BAAA,CAAS,MAAA,EAAQ,MAAM,CAAA,EAAGH,aAAA,CAAGG,0BAAA,CAAS,WAAA,kBAAa,IAAI,IAAA,EAAM,CAAC;AAAA,KACvE,CACC,MAAM,CAAC,CAAA;AAEV,IAAA,OAAO,CAAC,CAAC,OAAA;AAAA,EACX;AAAA,EAEA,MAAM,WAAW,MAAA,EAAuD;AACtE,IAAA,MAAM,CAAC,OAAO,CAAA,GAAI,MAAM,IAAA,CAAK,GAC1B,MAAA,EAAO,CACP,IAAA,CAAKA,0BAAQ,CAAA,CACb,KAAA;AAAA,MACCJ,cAAA,CAAIJ,aAAA,CAAGQ,0BAAA,CAAS,MAAA,EAAQ,MAAM,CAAA,EAAGH,aAAA,CAAGG,0BAAA,CAAS,WAAA,kBAAa,IAAI,IAAA,EAAM,CAAC;AAAA,KACvE,CACC,MAAM,CAAC,CAAA;AAEV,IAAA,OAAO,OAAA,GAAU,EAAE,WAAA,EAAa,OAAA,CAAQ,aAAY,GAAI,IAAA;AAAA,EAC1D;AAAA,EAEA,MAAM,mBAAA,CACJ,MAAA,EACA,SAAA,EACgD;AAChD,IAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,YAAA,CAAa,MAAM,CAAA;AAC3C,IAAA,MAAM,QAAA,GAAA,CAAY,IAAA,EAAM,mBAAA,IAAuB,CAAA,IAAK,CAAA;AAEpD,IAAA,MAAM,KAAK,UAAA,CAAW,MAAA,EAAQ,EAAE,mBAAA,EAAqB,UAAU,CAAA;AAE/D,IAAA,MAAM,WAAA,GAAc,CAAA;AACpB,IAAA,MAAM,SAAS,QAAA,IAAY,WAAA;AAE3B,IAAA,IAAI,MAAA,EAAQ;AACV,MAAA,MAAM,eAAA,GAAkB,KAAK,EAAA,GAAK,GAAA;AAClC,MAAA,MAAM,IAAA,CAAK,EAAA,CAAG,MAAA,CAAOA,0BAAQ,EAAE,MAAA,CAAO;AAAA,QACpC,MAAA;AAAA,QACA,SAAA;AAAA,QACA,MAAA,EAAQ,gCAAA;AAAA,QACR,aAAa,IAAI,IAAA,CAAK,IAAA,CAAK,GAAA,KAAQ,eAAe;AAAA,OACnD,CAAA;AAAA,IACH;AAEA,IAAA,OAAO,EAAE,UAAU,MAAA,EAAO;AAAA,EAC5B;AAAA,EAEA,MAAM,cAAc,MAAA,EAA+B;AACjD,IAAA,MAAM,KAAK,UAAA,CAAW,MAAA,EAAQ,EAAE,mBAAA,EAAqB,GAAG,CAAA;AAAA,EAC1D;AAAA,EAEQ,eAAe,IAAA,EAA6B;AAClD,IAAA,OAAO;AAAA,MACL,IAAI,IAAA,CAAK,EAAA;AAAA,MACT,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,YAAA,EAAc,KAAK,YAAA,IAAgB,MAAA;AAAA,MACnC,MAAM,IAAA,CAAK,IAAA;AAAA,MACX,QAAA,EAAU,KAAK,QAAA,IAAY,MAAA;AAAA,MAC3B,aAAA,EAAe,KAAK,aAAA,IAAiB,KAAA;AAAA,MACrC,MAAA,EAAQ,KAAK,MAAA,IAAU,KAAA;AAAA,MACvB,SAAA,EAAW,IAAA,CAAK,SAAA,EAAW,WAAA,EAAY;AAAA,MACvC,mBAAA,EAAqB,KAAK,mBAAA,IAAuB,CAAA;AAAA,MACjD,SAAA,EAAW,IAAA,CAAK,SAAA,CAAU,WAAA,EAAY;AAAA,MACtC,SAAA,EAAW,IAAA,CAAK,SAAA,CAAU,WAAA;AAAY,KACxC;AAAA,EACF;AAAA,EAEQ,iBAAiB,OAAA,EAAgD;AACvE,IAAA,OAAO;AAAA,MACL,IAAI,OAAA,CAAQ,EAAA;AAAA,MACZ,QAAQ,OAAA,CAAQ,MAAA;AAAA,MAChB,OAAO,OAAA,CAAQ,KAAA;AAAA,MACf,YAAA,EAAc,QAAQ,YAAA,IAAgB,MAAA;AAAA,MACtC,SAAA,EAAW,OAAA,CAAQ,SAAA,CAAU,WAAA,EAAY;AAAA,MACzC,SAAA,EAAW,OAAA,CAAQ,SAAA,CAAU,WAAA,EAAY;AAAA,MACzC,SAAA,EAAW,QAAQ,SAAA,IAAa,MAAA;AAAA,MAChC,SAAA,EAAW,QAAQ,SAAA,IAAa;AAAA,KAClC;AAAA,EACF;AACF","file":"chunk-YD7Y25W7.cjs","sourcesContent":["import type { PostgresJsDatabase } from \"drizzle-orm/postgres-js\";\nimport { eq, and, gt, desc } from \"drizzle-orm\";\nimport bcrypt from \"bcryptjs\";\nimport { randomBytes } from \"crypto\";\nimport type {\n  AuthAdapter,\n  AuthUser,\n  Session,\n  UserRole,\n} from \"../../auth/types.js\";\nimport {\n  users,\n  sessions,\n  passwordHistory,\n  auditLogs,\n  lockouts,\n  type AuthUser as AuthUserRow,\n} from \"./schema/auth.js\";\n\nexport interface PostgresAuthAdapterOptions {\n  db: PostgresJsDatabase;\n  prefix?: string;\n  sessionTTL?: number;\n  refreshTokenTTL?: number;\n}\n\nexport class PostgresAuthAdapter implements AuthAdapter {\n  private db: PostgresJsDatabase;\n  private prefix: string;\n  private sessionTTL: number;\n  private refreshTokenTTL: number;\n\n  constructor(options: PostgresAuthAdapterOptions) {\n    this.db = options.db;\n    this.prefix = options.prefix || \"kyro:\";\n    this.sessionTTL = options.sessionTTL || 86400;\n    this.refreshTokenTTL = options.refreshTokenTTL || 604800;\n  }\n\n  async createUser(data: {\n    email: string;\n    passwordHash: string;\n    role?: UserRole;\n    tenantId?: string;\n  }): Promise<AuthUser> {\n    const [user] = await this.db\n      .insert(users)\n      .values({\n        email: data.email.toLowerCase(),\n        passwordHash: data.passwordHash,\n        role: (data.role || \"customer\") as string,\n        tenantId: data.tenantId,\n      })\n      .returning();\n\n    return this.userToAuthUser(user);\n  }\n\n  async findUserByEmail(email: string): Promise<AuthUser | null> {\n    const [user] = await this.db\n      .select()\n      .from(users)\n      .where(eq(users.email, email.toLowerCase()))\n      .limit(1);\n\n    return user ? this.userToAuthUser(user) : null;\n  }\n\n  async findUserById(id: string): Promise<AuthUser | null> {\n    const [user] = await this.db\n      .select()\n      .from(users)\n      .where(eq(users.id, id))\n      .limit(1);\n\n    return user ? this.userToAuthUser(user) : null;\n  }\n\n  async updateUser(\n    id: string,\n    data: Partial<AuthUser>,\n  ): Promise<AuthUser | null> {\n    const dbData: Record<string, unknown> = { updatedAt: new Date() };\n    if (data.email !== undefined) dbData.email = data.email;\n    if (data.passwordHash !== undefined)\n      dbData.passwordHash = data.passwordHash;\n    if (data.role !== undefined) dbData.role = data.role;\n    if (data.tenantId !== undefined) dbData.tenantId = data.tenantId;\n    if (data.emailVerified !== undefined)\n      dbData.emailVerified = data.emailVerified;\n    if (data.locked !== undefined) dbData.locked = data.locked;\n    if (data.lastLogin !== undefined)\n      dbData.lastLogin = data.lastLogin ? new Date(data.lastLogin) : null;\n    if (data.failedLoginAttempts !== undefined)\n      dbData.failedLoginAttempts = data.failedLoginAttempts;\n\n    const [user] = await this.db\n      .update(users)\n      .set(dbData)\n      .where(eq(users.id, id))\n      .returning();\n\n    return user ? this.userToAuthUser(user) : null;\n  }\n\n  async deleteUser(id: string): Promise<boolean> {\n    const result = await this.db.delete(users).where(eq(users.id, id));\n    return true;\n  }\n\n  async verifyPassword(password: string, hash: string): Promise<boolean> {\n    return bcrypt.compare(password, hash);\n  }\n\n  async hashPassword(password: string): Promise<string> {\n    return bcrypt.hash(password, 12);\n  }\n\n  async createSession(\n    userId: string,\n    data?: { ipAddress?: string; userAgent?: string },\n  ): Promise<Session> {\n    const token = randomBytes(32).toString(\"base64url\");\n    const refreshToken = randomBytes(32).toString(\"base64url\");\n    const expiresAt = new Date(Date.now() + this.sessionTTL * 1000);\n    const refreshExpiresAt = new Date(Date.now() + this.refreshTokenTTL * 1000);\n\n    const [session] = await this.db\n      .insert(sessions)\n      .values({\n        userId,\n        token,\n        refreshToken,\n        ipAddress: data?.ipAddress,\n        userAgent: data?.userAgent,\n        expiresAt,\n      })\n      .returning();\n\n    return this.sessionToSession(session);\n  }\n\n  async findSessionByToken(token: string): Promise<Session | null> {\n    const [session] = await this.db\n      .select()\n      .from(sessions)\n      .where(and(eq(sessions.token, token), gt(sessions.expiresAt, new Date())))\n      .limit(1);\n\n    return session ? this.sessionToSession(session) : null;\n  }\n\n  async deleteSession(sessionId: string): Promise<boolean> {\n    await this.db.delete(sessions).where(eq(sessions.id, sessionId));\n    return true;\n  }\n\n  async deleteUserSessions(userId: string): Promise<number> {\n    const result = await this.db\n      .delete(sessions)\n      .where(eq(sessions.userId, userId));\n    return 1;\n  }\n\n  async addPasswordToHistory(\n    userId: string,\n    passwordHash: string,\n  ): Promise<void> {\n    await this.db.insert(passwordHistory).values({\n      userId,\n      passwordHash,\n    });\n  }\n\n  async getPasswordHistory(\n    userId: string,\n    count: number = 5,\n  ): Promise<string[]> {\n    const history = await this.db\n      .select({ passwordHash: passwordHistory.passwordHash })\n      .from(passwordHistory)\n      .where(eq(passwordHistory.userId, userId))\n      .orderBy(desc(passwordHistory.createdAt))\n      .limit(count);\n\n    return history.map((h) => h.passwordHash);\n  }\n\n  async isPasswordInHistory(\n    password: string,\n    userId: string,\n    historyCount: number = 5,\n  ): Promise<boolean> {\n    const history = await this.getPasswordHistory(userId, historyCount);\n\n    for (const hash of history) {\n      if (await this.verifyPassword(password, hash)) {\n        return true;\n      }\n    }\n\n    return false;\n  }\n\n  async isLocked(userId: string): Promise<boolean> {\n    const [lockout] = await this.db\n      .select()\n      .from(lockouts)\n      .where(\n        and(eq(lockouts.userId, userId), gt(lockouts.lockedUntil, new Date())),\n      )\n      .limit(1);\n\n    return !!lockout;\n  }\n\n  async getLockout(userId: string): Promise<{ lockedUntil: Date } | null> {\n    const [lockout] = await this.db\n      .select()\n      .from(lockouts)\n      .where(\n        and(eq(lockouts.userId, userId), gt(lockouts.lockedUntil, new Date())),\n      )\n      .limit(1);\n\n    return lockout ? { lockedUntil: lockout.lockedUntil } : null;\n  }\n\n  async recordFailedAttempt(\n    userId: string,\n    ipAddress?: string,\n  ): Promise<{ attempts: number; locked: boolean }> {\n    const user = await this.findUserById(userId);\n    const attempts = (user?.failedLoginAttempts || 0) + 1;\n\n    await this.updateUser(userId, { failedLoginAttempts: attempts });\n\n    const maxAttempts = 5;\n    const locked = attempts >= maxAttempts;\n\n    if (locked) {\n      const lockoutDuration = 15 * 60 * 1000;\n      await this.db.insert(lockouts).values({\n        userId,\n        ipAddress,\n        reason: \"Too many failed login attempts\",\n        lockedUntil: new Date(Date.now() + lockoutDuration),\n      });\n    }\n\n    return { attempts, locked };\n  }\n\n  async resetAttempts(userId: string): Promise<void> {\n    await this.updateUser(userId, { failedLoginAttempts: 0 });\n  }\n\n  private userToAuthUser(user: AuthUserRow): AuthUser {\n    return {\n      id: user.id,\n      email: user.email,\n      passwordHash: user.passwordHash || undefined,\n      role: user.role as UserRole,\n      tenantId: user.tenantId || undefined,\n      emailVerified: user.emailVerified || false,\n      locked: user.locked || false,\n      lastLogin: user.lastLogin?.toISOString(),\n      failedLoginAttempts: user.failedLoginAttempts || 0,\n      createdAt: user.createdAt.toISOString(),\n      updatedAt: user.updatedAt.toISOString(),\n    };\n  }\n\n  private sessionToSession(session: typeof sessions.$inferSelect): Session {\n    return {\n      id: session.id,\n      userId: session.userId,\n      token: session.token,\n      refreshToken: session.refreshToken || undefined,\n      expiresAt: session.expiresAt.toISOString(),\n      createdAt: session.createdAt.toISOString(),\n      ipAddress: session.ipAddress || undefined,\n      userAgent: session.userAgent || undefined,\n    };\n  }\n}\n"]}

package/dist/chunk-YPAFJ7EV.js

@@ -1,225 +0,0 @@
-import { evaluateAccess } from './chunk-SDMNUYVU.js';
-import { Hono } from 'hono';
-
-function createHonoApp(options) {
-  const { registry, db, user, tenantID, cors } = options;
-  const app = new Hono();
-  if (cors) {
-    app.use("*", async (c, next) => {
-      const origin = c.req.header("Origin") || "*";
-      if (cors.origins && !cors.origins.includes(origin) && !cors.origins.includes("*")) ;
-      c.header("Access-Control-Allow-Origin", origin);
-      c.header("Access-Control-Allow-Methods", "GET, POST, PATCH, DELETE, OPTIONS");
-      c.header("Access-Control-Allow-Headers", "Content-Type, Authorization");
-      if (cors.credentials) {
-        c.header("Access-Control-Allow-Credentials", "true");
-      }
-      if (c.req.method === "OPTIONS") {
-        return c.text("");
-      }
-      await next();
-    });
-  }
-  app.get("/api/health", (c) => {
-    return c.json({
-      status: "ok",
-      version: "0.1.0",
-      collections: registry.getCollectionSlugs(),
-      timestamp: (/* @__PURE__ */ new Date()).toISOString()
-    });
-  });
-  app.get("/api/collections", (c) => {
-    const collections2 = registry.getCollections().map((col) => ({
-      slug: col.slug,
-      label: col.label || col.slug,
-      fields: col.fields.filter((f) => f.name).map((f) => ({
-        name: f.name,
-        type: f.type,
-        required: f.required,
-        label: f.label
-      }))
-    }));
-    return c.json(collections2);
-  });
-  const collections = registry.getCollections();
-  for (const collection of collections) {
-    const slug = collection.slug;
-    const basePath = `/api/${slug}`;
-    app.get(basePath, async (c) => {
-      try {
-        if (collection.access?.read) {
-          const allowed = await evaluateAccess(collection.access.read, {
-            req: c.req,
-            user,
-            tenantID
-          });
-          if (allowed === false) {
-            return c.json({ error: "Access denied" }, 403);
-          }
-        }
-        const url = new URL(c.req.url);
-        const page = parseInt(url.searchParams.get("page") || "1");
-        const limit = Math.min(parseInt(url.searchParams.get("limit") || "10"), 100);
-        const sort = url.searchParams.get("sort") || void 0;
-        const depth = parseInt(url.searchParams.get("depth") || "0");
-        const select = url.searchParams.get("select")?.split(",") || void 0;
-        let where = {};
-        const whereParam = url.searchParams.get("where");
-        if (whereParam) {
-          try {
-            where = JSON.parse(whereParam);
-          } catch {
-          }
-        }
-        const result = await db.find({
-          collection: slug,
-          where,
-          sort,
-          limit,
-          page,
-          depth,
-          tenantID,
-          select
-        });
-        return c.json(result);
-      } catch (error) {
-        return c.json({ error: error.message }, 500);
-      }
-    });
-    app.get(`${basePath}/:id`, async (c) => {
-      try {
-        const id = c.req.param("id");
-        const url = new URL(c.req.url);
-        const depth = parseInt(url.searchParams.get("depth") || "0");
-        const select = url.searchParams.get("select")?.split(",") || void 0;
-        if (collection.access?.read) {
-          const allowed = await evaluateAccess(collection.access.read, {
-            req: c.req,
-            user,
-            tenantID,
-            id
-          });
-          if (allowed === false) {
-            return c.json({ error: "Access denied" }, 403);
-          }
-        }
-        const doc = await db.findByID({
-          collection: slug,
-          id,
-          depth,
-          tenantID,
-          select
-        });
-        if (!doc) {
-          return c.json({ error: "Document not found" }, 404);
-        }
-        return c.json(doc);
-      } catch (error) {
-        return c.json({ error: error.message }, 500);
-      }
-    });
-    app.post(basePath, async (c) => {
-      try {
-        const body = await c.req.json();
-        if (collection.access?.create) {
-          const allowed = await evaluateAccess(collection.access.create, {
-            req: c.req,
-            user,
-            tenantID,
-            data: body
-          });
-          if (allowed === false) {
-            return c.json({ error: "Access denied" }, 403);
-          }
-        }
-        const schema = registry.getCreateZodSchema(slug);
-        const validated = schema.parse(body);
-        if (collection.tenantScoped && tenantID) {
-          validated.tenantID = tenantID;
-        }
-        const doc = await db.create({
-          collection: slug,
-          data: validated,
-          tenantID
-        });
-        return c.json({ doc, message: "Created successfully" }, 201);
-      } catch (error) {
-        if (error.name === "ZodError") {
-          return c.json({ error: "Validation failed", details: error.errors }, 400);
-        }
-        return c.json({ error: error.message }, 500);
-      }
-    });
-    app.patch(`${basePath}/:id`, async (c) => {
-      try {
-        const id = c.req.param("id");
-        const body = await c.req.json();
-        if (collection.access?.update) {
-          const allowed = await evaluateAccess(collection.access.update, {
-            req: c.req,
-            user,
-            tenantID,
-            id,
-            data: body
-          });
-          if (allowed === false) {
-            return c.json({ error: "Access denied" }, 403);
-          }
-        }
-        const schema = registry.getUpdateZodSchema(slug);
-        const validated = schema.parse(body);
-        const doc = await db.update({
-          collection: slug,
-          id,
-          data: validated,
-          tenantID
-        });
-        return c.json({ doc, message: "Updated successfully" });
-      } catch (error) {
-        if (error.name === "ZodError") {
-          return c.json({ error: "Validation failed", details: error.errors }, 400);
-        }
-        return c.json({ error: error.message }, 500);
-      }
-    });
-    app.delete(`${basePath}/:id`, async (c) => {
-      try {
-        const id = c.req.param("id");
-        if (collection.access?.delete) {
-          const allowed = await evaluateAccess(collection.access.delete, {
-            req: c.req,
-            user,
-            tenantID,
-            id
-          });
-          if (allowed === false) {
-            return c.json({ error: "Access denied" }, 403);
-          }
-        }
-        const doc = await db.delete({
-          collection: slug,
-          id,
-          tenantID
-        });
-        return c.json({ doc, message: "Deleted successfully" });
-      } catch (error) {
-        return c.json({ error: error.message }, 500);
-      }
-    });
-  }
-  return app;
-}
-function createRESTAPI(registry, db, options) {
-  return createHonoApp({
-    registry,
-    db,
-    user: options?.user,
-    req: options?.req,
-    tenantID: options?.tenantID,
-    cors: options?.cors
-  });
-}
-
-export { createHonoApp, createRESTAPI };
-//# sourceMappingURL=chunk-YPAFJ7EV.js.map
-//# sourceMappingURL=chunk-YPAFJ7EV.js.map

package/dist/chunk-YPAFJ7EV.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../src/api/rest/hono-app.ts"],"names":["collections"],"mappings":";;;AAsBO,SAAS,cAAc,OAAA,EAA+B;AAC3D,EAAA,MAAM,EAAE,QAAA,EAAU,EAAA,EAAI,IAAA,EAAM,QAAA,EAAU,MAAK,GAAI,OAAA;AAC/C,EAAA,MAAM,GAAA,GAAM,IAAI,IAAA,EAAK;AAGrB,EAAA,IAAI,IAAA,EAAM;AACR,IAAA,GAAA,CAAI,GAAA,CAAI,GAAA,EAAK,OAAO,CAAA,EAAG,IAAA,KAAS;AAC9B,MAAA,MAAM,MAAA,GAAS,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,QAAQ,CAAA,IAAK,GAAA;AACzC,MAAA,IAAI,IAAA,CAAK,OAAA,IAAW,CAAC,IAAA,CAAK,OAAA,CAAQ,QAAA,CAAS,MAAM,CAAA,IAAK,CAAC,IAAA,CAAK,OAAA,CAAQ,QAAA,CAAS,GAAG,CAAA,EAAG;AAInF,MAAA,CAAA,CAAE,MAAA,CAAO,+BAA+B,MAAM,CAAA;AAC9C,MAAA,CAAA,CAAE,MAAA,CAAO,gCAAgC,mCAAmC,CAAA;AAC5E,MAAA,CAAA,CAAE,MAAA,CAAO,gCAAgC,6BAA6B,CAAA;AACtE,MAAA,IAAI,KAAK,WAAA,EAAa;AACpB,QAAA,CAAA,CAAE,MAAA,CAAO,oCAAoC,MAAM,CAAA;AAAA,MACrD;AAEA,MAAA,IAAI,CAAA,CAAE,GAAA,CAAI,MAAA,KAAW,SAAA,EAAW;AAC9B,QAAA,OAAO,CAAA,CAAE,KAAK,EAAE,CAAA;AAAA,MAClB;AAEA,MAAA,MAAM,IAAA,EAAK;AAAA,IACb,CAAC,CAAA;AAAA,EACH;AAGA,EAAA,GAAA,CAAI,GAAA,CAAI,aAAA,EAAe,CAAC,CAAA,KAAM;AAC5B,IAAA,OAAO,EAAE,IAAA,CAAK;AAAA,MACZ,MAAA,EAAQ,IAAA;AAAA,MACR,OAAA,EAAS,OAAA;AAAA,MACT,WAAA,EAAa,SAAS,kBAAA,EAAmB;AAAA,MACzC,SAAA,EAAA,iBAAW,IAAI,IAAA,EAAK,EAAE,WAAA;AAAY,KACnC,CAAA;AAAA,EACH,CAAC,CAAA;AAGD,EAAA,GAAA,CAAI,GAAA,CAAI,kBAAA,EAAoB,CAAC,CAAA,KAAM;AACjC,IAAA,MAAMA,YAAAA,GAAc,QAAA,CAAS,cAAA,EAAe,CAAE,IAAI,CAAA,GAAA,MAAQ;AAAA,MACxD,MAAM,GAAA,CAAI,IAAA;AAAA,MACV,KAAA,EAAO,GAAA,CAAI,KAAA,IAAS,GAAA,CAAI,IAAA;AAAA,MACxB,MAAA,EAAQ,IAAI,MAAA,CAAO,MAAA,CAAO,OAAK,CAAA,CAAE,IAAI,CAAA,CAAE,GAAA,CAAI,CAAA,CAAA,MAAM;AAAA,QAC/C,MAAM,CAAA,CAAE,IAAA;AAAA,QACR,MAAM,CAAA,CAAE,IAAA;AAAA,QACR,UAAU,CAAA,CAAE,QAAA;AAAA,QACZ,OAAO,CAAA,CAAE;AAAA,OACX,CAAE;AAAA,KACJ,CAAE,CAAA;AACF,IAAA,OAAO,CAAA,CAAE,KAAKA,YAAW,CAAA;AAAA,EAC3B,CAAC,CAAA;AAGD,EAAA,MAAM,WAAA,GAAc,SAAS,cAAA,EAAe;AAE5C,EAAA,KAAA,MAAW,cAAc,WAAA,EAAa;AACpC,IAAA,MAAM,OAAO,UAAA,CAAW,IAAA;AACxB,IAAA,MAAM,QAAA,GAAW,QAAQ,IAAI,CAAA,CAAA;AAG7B,IAAA,GAAA,CAAI,GAAA,CAAI,QAAA,EAAU,OAAO,CAAA,KAAM;AAC7B,MAAA,IAAI;AAEF,QAAA,IAAI,UAAA,CAAW,QAAQ,IAAA,EAAM;AAC3B,UAAA,MAAM,OAAA,GAAU,MAAM,cAAA,CAAe,UAAA,CAAW,OAAO,IAAA,EAAM;AAAA,YAC3D,KAAK,CAAA,CAAE,GAAA;AAAA,YACP,IAAA;AAAA,YACA;AAAA,WACD,CAAA;AACD,UAAA,IAAI,YAAY,KAAA,EAAO;AACrB,YAAA,OAAO,EAAE,IAAA,CAAK,EAAE,KAAA,EAAO,eAAA,IAAmB,GAAG,CAAA;AAAA,UAC/C;AAAA,QACF;AAGA,QAAA,MAAM,GAAA,GAAM,IAAI,GAAA,CAAI,CAAA,CAAE,IAAI,GAAG,CAAA;AAC7B,QAAA,MAAM,OAAO,QAAA,CAAS,GAAA,CAAI,aAAa,GAAA,CAAI,MAAM,KAAK,GAAG,CAAA;AACzD,QAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,GAAA,CAAI,QAAA,CAAS,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,OAAO,CAAA,IAAK,IAAI,CAAA,EAAG,GAAG,CAAA;AAC3E,QAAA,MAAM,IAAA,GAAO,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,MAAM,CAAA,IAAK,KAAA,CAAA;AAC7C,QAAA,MAAM,QAAQ,QAAA,CAAS,GAAA,CAAI,aAAa,GAAA,CAAI,OAAO,KAAK,GAAG,CAAA;AAC3D,QAAA,MAAM,MAAA,GAAS,IAAI,YAAA,CAAa,GAAA,CAAI,QAAQ,CAAA,EAAG,KAAA,CAAM,GAAG,CAAA,IAAK,KAAA,CAAA;AAE7D,QAAA,IAAI,QAAQ,EAAC;AACb,QAAA,MAAM,UAAA,GAAa,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,OAAO,CAAA;AAC/C,QAAA,IAAI,UAAA,EAAY;AACd,UAAA,IAAI;AACF,YAAA,KAAA,GAAQ,IAAA,CAAK,MAAM,UAAU,CAAA;AAAA,UAC/B,CAAA,CAAA,MAAQ;AAAA,UAAC;AAAA,QACX;AAEA,QAAA,MAAM,MAAA,GAAS,MAAM,EAAA,CAAG,IAAA,CAAK;AAAA,UAC3B,UAAA,EAAY,IAAA;AAAA,UACZ,KAAA;AAAA,UACA,IAAA;AAAA,UACA,KAAA;AAAA,UACA,IAAA;AAAA,UACA,KAAA;AAAA,UACA,QAAA;AAAA,UACA;AAAA,SACD,CAAA;AAED,QAAA,OAAO,CAAA,CAAE,KAAK,MAAM,CAAA;AAAA,MACtB,SAAS,KAAA,EAAY;AACnB,QAAA,OAAO,EAAE,IAAA,CAAK,EAAE,OAAO,KAAA,CAAM,OAAA,IAAW,GAAG,CAAA;AAAA,MAC7C;AAAA,IACF,CAAC,CAAA;AAGD,IAAA,GAAA,CAAI,GAAA,CAAI,CAAA,EAAG,QAAQ,CAAA,IAAA,CAAA,EAAQ,OAAO,CAAA,KAAM;AACtC,MAAA,IAAI;AACF,QAAA,MAAM,EAAA,GAAK,CAAA,CAAE,GAAA,CAAI,KAAA,CAAM,IAAI,CAAA;AAC3B,QAAA,MAAM,GAAA,GAAM,IAAI,GAAA,CAAI,CAAA,CAAE,IAAI,GAAG,CAAA;AAC7B,QAAA,MAAM,QAAQ,QAAA,CAAS,GAAA,CAAI,aAAa,GAAA,CAAI,OAAO,KAAK,GAAG,CAAA;AAC3D,QAAA,MAAM,MAAA,GAAS,IAAI,YAAA,CAAa,GAAA,CAAI,QAAQ,CAAA,EAAG,KAAA,CAAM,GAAG,CAAA,IAAK,KAAA,CAAA;AAG7D,QAAA,IAAI,UAAA,CAAW,QAAQ,IAAA,EAAM;AAC3B,UAAA,MAAM,OAAA,GAAU,MAAM,cAAA,CAAe,UAAA,CAAW,OAAO,IAAA,EAAM;AAAA,YAC3D,KAAK,CAAA,CAAE,GAAA;AAAA,YACP,IAAA;AAAA,YACA,QAAA;AAAA,YACA;AAAA,WACD,CAAA;AACD,UAAA,IAAI,YAAY,KAAA,EAAO;AACrB,YAAA,OAAO,EAAE,IAAA,CAAK,EAAE,KAAA,EAAO,eAAA,IAAmB,GAAG,CAAA;AAAA,UAC/C;AAAA,QACF;AAEA,QAAA,MAAM,GAAA,GAAM,MAAM,EAAA,CAAG,QAAA,CAAS;AAAA,UAC5B,UAAA,EAAY,IAAA;AAAA,UACZ,EAAA;AAAA,UACA,KAAA;AAAA,UACA,QAAA;AAAA,UACA;AAAA,SACD,CAAA;AAED,QAAA,IAAI,CAAC,GAAA,EAAK;AACR,UAAA,OAAO,EAAE,IAAA,CAAK,EAAE,KAAA,EAAO,oBAAA,IAAwB,GAAG,CAAA;AAAA,QACpD;AAEA,QAAA,OAAO,CAAA,CAAE,KAAK,GAAG,CAAA;AAAA,MACnB,SAAS,KAAA,EAAY;AACnB,QAAA,OAAO,EAAE,IAAA,CAAK,EAAE,OAAO,KAAA,CAAM,OAAA,IAAW,GAAG,CAAA;AAAA,MAC7C;AAAA,IACF,CAAC,CAAA;AAGD,IAAA,GAAA,CAAI,IAAA,CAAK,QAAA,EAAU,OAAO,CAAA,KAAM;AAC9B,MAAA,IAAI;AACF,QAAA,MAAM,IAAA,GAAO,MAAM,CAAA,CAAE,GAAA,CAAI,IAAA,EAAK;AAG9B,QAAA,IAAI,UAAA,CAAW,QAAQ,MAAA,EAAQ;AAC7B,UAAA,MAAM,OAAA,GAAU,MAAM,cAAA,CAAe,UAAA,CAAW,OAAO,MAAA,EAAQ;AAAA,YAC7D,KAAK,CAAA,CAAE,GAAA;AAAA,YACP,IAAA;AAAA,YACA,QAAA;AAAA,YACA,IAAA,EAAM;AAAA,WACP,CAAA;AACD,UAAA,IAAI,YAAY,KAAA,EAAO;AACrB,YAAA,OAAO,EAAE,IAAA,CAAK,EAAE,KAAA,EAAO,eAAA,IAAmB,GAAG,CAAA;AAAA,UAC/C;AAAA,QACF;AAGA,QAAA,MAAM,MAAA,GAAS,QAAA,CAAS,kBAAA,CAAmB,IAAI,CAAA;AAC/C,QAAA,MAAM,SAAA,GAAY,MAAA,CAAO,KAAA,CAAM,IAAI,CAAA;AAGnC,QAAA,IAAI,UAAA,CAAW,gBAAgB,QAAA,EAAU;AACvC,UAAA,SAAA,CAAU,QAAA,GAAW,QAAA;AAAA,QACvB;AAEA,QAAA,MAAM,GAAA,GAAM,MAAM,EAAA,CAAG,MAAA,CAAO;AAAA,UAC1B,UAAA,EAAY,IAAA;AAAA,UACZ,IAAA,EAAM,SAAA;AAAA,UACN;AAAA,SACD,CAAA;AAED,QAAA,OAAO,EAAE,IAAA,CAAK,EAAE,KAAK,OAAA,EAAS,sBAAA,IAA0B,GAAG,CAAA;AAAA,MAC7D,SAAS,KAAA,EAAY;AACnB,QAAA,IAAI,KAAA,CAAM,SAAS,UAAA,EAAY;AAC7B,UAAA,OAAO,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,qBAAqB,OAAA,EAAS,KAAA,CAAM,MAAA,EAAO,EAAG,GAAG,CAAA;AAAA,QAC1E;AACA,QAAA,OAAO,EAAE,IAAA,CAAK,EAAE,OAAO,KAAA,CAAM,OAAA,IAAW,GAAG,CAAA;AAAA,MAC7C;AAAA,IACF,CAAC,CAAA;AAGD,IAAA,GAAA,CAAI,KAAA,CAAM,CAAA,EAAG,QAAQ,CAAA,IAAA,CAAA,EAAQ,OAAO,CAAA,KAAM;AACxC,MAAA,IAAI;AACF,QAAA,MAAM,EAAA,GAAK,CAAA,CAAE,GAAA,CAAI,KAAA,CAAM,IAAI,CAAA;AAC3B,QAAA,MAAM,IAAA,GAAO,MAAM,CAAA,CAAE,GAAA,CAAI,IAAA,EAAK;AAG9B,QAAA,IAAI,UAAA,CAAW,QAAQ,MAAA,EAAQ;AAC7B,UAAA,MAAM,OAAA,GAAU,MAAM,cAAA,CAAe,UAAA,CAAW,OAAO,MAAA,EAAQ;AAAA,YAC7D,KAAK,CAAA,CAAE,GAAA;AAAA,YACP,IAAA;AAAA,YACA,QAAA;AAAA,YACA,EAAA;AAAA,YACA,IAAA,EAAM;AAAA,WACP,CAAA;AACD,UAAA,IAAI,YAAY,KAAA,EAAO;AACrB,YAAA,OAAO,EAAE,IAAA,CAAK,EAAE,KAAA,EAAO,eAAA,IAAmB,GAAG,CAAA;AAAA,UAC/C;AAAA,QACF;AAGA,QAAA,MAAM,MAAA,GAAS,QAAA,CAAS,kBAAA,CAAmB,IAAI,CAAA;AAC/C,QAAA,MAAM,SAAA,GAAY,MAAA,CAAO,KAAA,CAAM,IAAI,CAAA;AAEnC,QAAA,MAAM,GAAA,GAAM,MAAM,EAAA,CAAG,MAAA,CAAO;AAAA,UAC1B,UAAA,EAAY,IAAA;AAAA,UACZ,EAAA;AAAA,UACA,IAAA,EAAM,SAAA;AAAA,UACN;AAAA,SACD,CAAA;AAED,QAAA,OAAO,EAAE,IAAA,CAAK,EAAE,GAAA,EAAK,OAAA,EAAS,wBAAwB,CAAA;AAAA,MACxD,SAAS,KAAA,EAAY;AACnB,QAAA,IAAI,KAAA,CAAM,SAAS,UAAA,EAAY;AAC7B,UAAA,OAAO,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,qBAAqB,OAAA,EAAS,KAAA,CAAM,MAAA,EAAO,EAAG,GAAG,CAAA;AAAA,QAC1E;AACA,QAAA,OAAO,EAAE,IAAA,CAAK,EAAE,OAAO,KAAA,CAAM,OAAA,IAAW,GAAG,CAAA;AAAA,MAC7C;AAAA,IACF,CAAC,CAAA;AAGD,IAAA,GAAA,CAAI,MAAA,CAAO,CAAA,EAAG,QAAQ,CAAA,IAAA,CAAA,EAAQ,OAAO,CAAA,KAAM;AACzC,MAAA,IAAI;AACF,QAAA,MAAM,EAAA,GAAK,CAAA,CAAE,GAAA,CAAI,KAAA,CAAM,IAAI,CAAA;AAG3B,QAAA,IAAI,UAAA,CAAW,QAAQ,MAAA,EAAQ;AAC7B,UAAA,MAAM,OAAA,GAAU,MAAM,cAAA,CAAe,UAAA,CAAW,OAAO,MAAA,EAAQ;AAAA,YAC7D,KAAK,CAAA,CAAE,GAAA;AAAA,YACP,IAAA;AAAA,YACA,QAAA;AAAA,YACA;AAAA,WACD,CAAA;AACD,UAAA,IAAI,YAAY,KAAA,EAAO;AACrB,YAAA,OAAO,EAAE,IAAA,CAAK,EAAE,KAAA,EAAO,eAAA,IAAmB,GAAG,CAAA;AAAA,UAC/C;AAAA,QACF;AAEA,QAAA,MAAM,GAAA,GAAM,MAAM,EAAA,CAAG,MAAA,CAAO;AAAA,UAC1B,UAAA,EAAY,IAAA;AAAA,UACZ,EAAA;AAAA,UACA;AAAA,SACD,CAAA;AAED,QAAA,OAAO,EAAE,IAAA,CAAK,EAAE,GAAA,EAAK,OAAA,EAAS,wBAAwB,CAAA;AAAA,MACxD,SAAS,KAAA,EAAY;AACnB,QAAA,OAAO,EAAE,IAAA,CAAK,EAAE,OAAO,KAAA,CAAM,OAAA,IAAW,GAAG,CAAA;AAAA,MAC7C;AAAA,IACF,CAAC,CAAA;AAAA,EACH;AAEA,EAAA,OAAO,GAAA;AACT;AAMO,SAAS,aAAA,CAAc,QAAA,EAAoB,EAAA,EAAiB,OAAA,EAQ1D;AACP,EAAA,OAAO,aAAA,CAAc;AAAA,IACnB,QAAA;AAAA,IACA,EAAA;AAAA,IACA,MAAM,OAAA,EAAS,IAAA;AAAA,IACf,KAAK,OAAA,EAAS,GAAA;AAAA,IACd,UAAU,OAAA,EAAS,QAAA;AAAA,IACnB,MAAM,OAAA,EAAS;AAAA,GAChB,CAAA;AACH","file":"chunk-YPAFJ7EV.js","sourcesContent":["import { Hono } from 'hono';\nimport type { BaseAdapter } from '../../registry/types.js';\nimport { Registry } from '../../registry/index.js';\nimport { evaluateAccess } from '../../access/types.js';\nimport type { User, Request } from '../../hooks/types.js';\n\n// ============================================================================\n// REST API Factory\n// ============================================================================\n\nexport interface HonoAppOptions {\n  registry: Registry;\n  db: BaseAdapter;\n  user?: User;\n  req?: Request;\n  tenantID?: string;\n  cors?: {\n    origins?: string[];\n    credentials?: boolean;\n  };\n}\n\nexport function createHonoApp(options: HonoAppOptions): Hono {\n  const { registry, db, user, tenantID, cors } = options;\n  const app = new Hono();\n\n  // CORS middleware\n  if (cors) {\n    app.use('*', async (c, next) => {\n      const origin = c.req.header('Origin') || '*';\n      if (cors.origins && !cors.origins.includes(origin) && !cors.origins.includes('*')) {\n        // Blocked origin\n      }\n      \n      c.header('Access-Control-Allow-Origin', origin);\n      c.header('Access-Control-Allow-Methods', 'GET, POST, PATCH, DELETE, OPTIONS');\n      c.header('Access-Control-Allow-Headers', 'Content-Type, Authorization');\n      if (cors.credentials) {\n        c.header('Access-Control-Allow-Credentials', 'true');\n      }\n      \n      if (c.req.method === 'OPTIONS') {\n        return c.text('');\n      }\n      \n      await next();\n    });\n  }\n\n  // Health check\n  app.get('/api/health', (c) => {\n    return c.json({\n      status: 'ok',\n      version: '0.1.0',\n      collections: registry.getCollectionSlugs(),\n      timestamp: new Date().toISOString(),\n    });\n  });\n\n  // List collections\n  app.get('/api/collections', (c) => {\n    const collections = registry.getCollections().map(col => ({\n      slug: col.slug,\n      label: col.label || col.slug,\n      fields: col.fields.filter(f => f.name).map(f => ({\n        name: f.name,\n        type: f.type,\n        required: f.required,\n        label: f.label,\n      })),\n    }));\n    return c.json(collections);\n  });\n\n  // Dynamic collection routes\n  const collections = registry.getCollections();\n\n  for (const collection of collections) {\n    const slug = collection.slug;\n    const basePath = `/api/${slug}`;\n\n    // GET /api/:collection - List\n    app.get(basePath, async (c) => {\n      try {\n        // Check access\n        if (collection.access?.read) {\n          const allowed = await evaluateAccess(collection.access.read, {\n            req: c.req as any,\n            user,\n            tenantID,\n          });\n          if (allowed === false) {\n            return c.json({ error: 'Access denied' }, 403);\n          }\n        }\n\n        // Parse query params\n        const url = new URL(c.req.url);\n        const page = parseInt(url.searchParams.get('page') || '1');\n        const limit = Math.min(parseInt(url.searchParams.get('limit') || '10'), 100);\n        const sort = url.searchParams.get('sort') || undefined;\n        const depth = parseInt(url.searchParams.get('depth') || '0');\n        const select = url.searchParams.get('select')?.split(',') || undefined;\n        \n        let where = {};\n        const whereParam = url.searchParams.get('where');\n        if (whereParam) {\n          try {\n            where = JSON.parse(whereParam);\n          } catch {}\n        }\n\n        const result = await db.find({\n          collection: slug,\n          where,\n          sort,\n          limit,\n          page,\n          depth,\n          tenantID,\n          select,\n        });\n\n        return c.json(result);\n      } catch (error: any) {\n        return c.json({ error: error.message }, 500);\n      }\n    });\n\n    // GET /api/:collection/:id - Find by ID\n    app.get(`${basePath}/:id`, async (c) => {\n      try {\n        const id = c.req.param('id');\n        const url = new URL(c.req.url);\n        const depth = parseInt(url.searchParams.get('depth') || '0');\n        const select = url.searchParams.get('select')?.split(',') || undefined;\n\n        // Check access\n        if (collection.access?.read) {\n          const allowed = await evaluateAccess(collection.access.read, {\n            req: c.req as any,\n            user,\n            tenantID,\n            id,\n          });\n          if (allowed === false) {\n            return c.json({ error: 'Access denied' }, 403);\n          }\n        }\n\n        const doc = await db.findByID({\n          collection: slug,\n          id,\n          depth,\n          tenantID,\n          select,\n        });\n\n        if (!doc) {\n          return c.json({ error: 'Document not found' }, 404);\n        }\n\n        return c.json(doc);\n      } catch (error: any) {\n        return c.json({ error: error.message }, 500);\n      }\n    });\n\n    // POST /api/:collection - Create\n    app.post(basePath, async (c) => {\n      try {\n        const body = await c.req.json();\n\n        // Check access\n        if (collection.access?.create) {\n          const allowed = await evaluateAccess(collection.access.create, {\n            req: c.req as any,\n            user,\n            tenantID,\n            data: body,\n          });\n          if (allowed === false) {\n            return c.json({ error: 'Access denied' }, 403);\n          }\n        }\n\n        // Validate with Zod\n        const schema = registry.getCreateZodSchema(slug);\n        const validated = schema.parse(body);\n\n        // Add tenantID if scoped\n        if (collection.tenantScoped && tenantID) {\n          validated.tenantID = tenantID;\n        }\n\n        const doc = await db.create({\n          collection: slug,\n          data: validated,\n          tenantID,\n        });\n\n        return c.json({ doc, message: 'Created successfully' }, 201);\n      } catch (error: any) {\n        if (error.name === 'ZodError') {\n          return c.json({ error: 'Validation failed', details: error.errors }, 400);\n        }\n        return c.json({ error: error.message }, 500);\n      }\n    });\n\n    // PATCH /api/:collection/:id - Update\n    app.patch(`${basePath}/:id`, async (c) => {\n      try {\n        const id = c.req.param('id');\n        const body = await c.req.json();\n\n        // Check access\n        if (collection.access?.update) {\n          const allowed = await evaluateAccess(collection.access.update, {\n            req: c.req as any,\n            user,\n            tenantID,\n            id,\n            data: body,\n          });\n          if (allowed === false) {\n            return c.json({ error: 'Access denied' }, 403);\n          }\n        }\n\n        // Validate with Zod\n        const schema = registry.getUpdateZodSchema(slug);\n        const validated = schema.parse(body);\n\n        const doc = await db.update({\n          collection: slug,\n          id,\n          data: validated,\n          tenantID,\n        });\n\n        return c.json({ doc, message: 'Updated successfully' });\n      } catch (error: any) {\n        if (error.name === 'ZodError') {\n          return c.json({ error: 'Validation failed', details: error.errors }, 400);\n        }\n        return c.json({ error: error.message }, 500);\n      }\n    });\n\n    // DELETE /api/:collection/:id - Delete\n    app.delete(`${basePath}/:id`, async (c) => {\n      try {\n        const id = c.req.param('id');\n\n        // Check access\n        if (collection.access?.delete) {\n          const allowed = await evaluateAccess(collection.access.delete, {\n            req: c.req as any,\n            user,\n            tenantID,\n            id,\n          });\n          if (allowed === false) {\n            return c.json({ error: 'Access denied' }, 403);\n          }\n        }\n\n        const doc = await db.delete({\n          collection: slug,\n          id,\n          tenantID,\n        });\n\n        return c.json({ doc, message: 'Deleted successfully' });\n      } catch (error: any) {\n        return c.json({ error: error.message }, 500);\n      }\n    });\n  }\n\n  return app;\n}\n\n// ============================================================================\n// Factory\n// ============================================================================\n\nexport function createRESTAPI(registry: Registry, db: BaseAdapter, options?: {\n  user?: User;\n  req?: Request;\n  tenantID?: string;\n  cors?: {\n    origins?: string[];\n    credentials?: boolean;\n  };\n}): Hono {\n  return createHonoApp({\n    registry,\n    db,\n    user: options?.user,\n    req: options?.req,\n    tenantID: options?.tenantID,\n    cors: options?.cors,\n  });\n}\n"]}

package/dist/database-7CJOXEZR.js

@@ -1,5 +0,0 @@
-export { createDatabase, runMigrations, seedDefaultRoles } from './chunk-LRTZJJPD.js';
-import './chunk-XTZSUDSI.js';
-import './chunk-NSBPE2FW.js';
-//# sourceMappingURL=database-7CJOXEZR.js.map
-//# sourceMappingURL=database-7CJOXEZR.js.map

package/dist/database-7CJOXEZR.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":[],"names":[],"mappings":"","file":"database-7CJOXEZR.js"}

package/dist/database-QOIV44GT.cjs

@@ -1,22 +0,0 @@
-'use strict';
-
-var chunk7G6EVYCU_cjs = require('./chunk-7G6EVYCU.cjs');
-require('./chunk-TZFJMPCH.cjs');
-require('./chunk-5BLDMQED.cjs');
-
-
-
-Object.defineProperty(exports, "createDatabase", {
-  enumerable: true,
-  get: function () { return chunk7G6EVYCU_cjs.createDatabase; }
-});
-Object.defineProperty(exports, "runMigrations", {
-  enumerable: true,
-  get: function () { return chunk7G6EVYCU_cjs.runMigrations; }
-});
-Object.defineProperty(exports, "seedDefaultRoles", {
-  enumerable: true,
-  get: function () { return chunk7G6EVYCU_cjs.seedDefaultRoles; }
-});
-//# sourceMappingURL=database-QOIV44GT.cjs.map
-//# sourceMappingURL=database-QOIV44GT.cjs.map

package/dist/database-QOIV44GT.cjs.map

@@ -1 +0,0 @@
-{"version":3,"sources":[],"names":[],"mappings":"","file":"database-QOIV44GT.cjs"}

package/dist/postgres-auth-adapter-REJFUMP7.js

@@ -1,5 +0,0 @@
-export { PostgresAuthAdapter } from './chunk-QUJ4OLSC.js';
-import './chunk-XTZSUDSI.js';
-import './chunk-NSBPE2FW.js';
-//# sourceMappingURL=postgres-auth-adapter-REJFUMP7.js.map
-//# sourceMappingURL=postgres-auth-adapter-REJFUMP7.js.map

package/dist/postgres-auth-adapter-VK6GY7LX.cjs

@@ -1,14 +0,0 @@
-'use strict';
-
-var chunkYD7Y25W7_cjs = require('./chunk-YD7Y25W7.cjs');
-require('./chunk-TZFJMPCH.cjs');
-require('./chunk-5BLDMQED.cjs');
-
-
-
-Object.defineProperty(exports, "PostgresAuthAdapter", {
-  enumerable: true,
-  get: function () { return chunkYD7Y25W7_cjs.PostgresAuthAdapter; }
-});
-//# sourceMappingURL=postgres-auth-adapter-VK6GY7LX.cjs.map
-//# sourceMappingURL=postgres-auth-adapter-VK6GY7LX.cjs.map

package/dist/redis-adapter-4YDY4LWE.js

@@ -1,4 +0,0 @@
-export { RedisAuthAdapter } from './chunk-VMSRTAH7.js';
-import './chunk-NSBPE2FW.js';
-//# sourceMappingURL=redis-adapter-4YDY4LWE.js.map
-//# sourceMappingURL=redis-adapter-4YDY4LWE.js.map

package/dist/redis-adapter-LBLNKGNS.cjs

@@ -1,13 +0,0 @@
-'use strict';
-
-var chunkA3RQWHKD_cjs = require('./chunk-A3RQWHKD.cjs');
-require('./chunk-5BLDMQED.cjs');
-
-
-
-Object.defineProperty(exports, "RedisAuthAdapter", {
-  enumerable: true,
-  get: function () { return chunkA3RQWHKD_cjs.RedisAuthAdapter; }
-});
-//# sourceMappingURL=redis-adapter-LBLNKGNS.cjs.map
-//# sourceMappingURL=redis-adapter-LBLNKGNS.cjs.map