@kyro-cms/core 0.3.0 → 0.3.1

package/dist/index.d.cts

@@ -17,17 +17,16 @@ export { DrizzleAdapter, PostgresAuthAdapter, collectionToDrizzleSchema, createD
 export { MongoDBAdapter, createMongoDBAdapter } from './mongodb/index.cjs';
 export { buildGraphQLSchema, createGraphQLSchema } from './graphql/index.cjs';
 export { createHonoApp, createRESTAPI } from './rest/index.cjs';
-import { R as RateLimitConfig, b as RateLimitResult, L as LockoutConfig, a as LockoutStatus } from './rate-limit-BmBKGQKx.cjs';
-export { q as AccountLockout, A as AdminStylingConfig, C as CSSGenerator, F as FieldStyling, r as RateLimiter, s as RedisAuthAdapter, S as StylingConfig, d as StylingMode, T as ThemeBorderRadius, e as ThemeColors, f as ThemeConfig, g as ThemeFonts, h as ThemeShadows, i as ThemeSpacing, j as createAdminStyling, k as defaultDarkTheme, l as defaultFieldStyling, m as defaultLightTheme, n as ecommerce2026Theme, o as generateCSSVariables, p as generateTailwindConfig } from './rate-limit-BmBKGQKx.cjs';
-import { f as AuthUser, c as AuthAdapter, a as AuditLog, b as AuditLogFilter, U as UserRole, S as Session, e as AuthTokenConfig, R as RegisterData, d as AuthResult, L as LoginCredentials, J as JWTPayload } from './types-CGA0z0XD.cjs';
-export { A as AuditAction, g as AuditLogger, h as createAuditContext } from './types-CGA0z0XD.cjs';
+export { A as AdminStylingConfig, C as CSSGenerator, F as FieldStyling, S as StylingConfig, a as StylingMode, T as ThemeBorderRadius, b as ThemeColors, c as ThemeConfig, d as ThemeFonts, e as ThemeShadows, f as ThemeSpacing, g as createAdminStyling, h as defaultDarkTheme, i as defaultFieldStyling, j as defaultLightTheme, k as ecommerce2026Theme, l as generateCSSVariables, m as generateTailwindConfig } from './index-Bz9JqRGI.cjs';
+import { d as AuditLog, e as AuditLogFilter, A as AuthAdapter, U as UserRole, c as AuthUser, S as Session, b as AuthTokenConfig, R as RegisterData, a as AuthResult, L as LoginCredentials, J as JWTPayload } from './types-1u353OHN.cjs';
+export { f as AuditAction } from './types-1u353OHN.cjs';
 import Database from 'better-sqlite3';
 import { W as WebhookPayload, a as WebhookDelivery, b as WebhookConfig } from './WebhookService-mZZ75syh.cjs';
 export { A as ALL_WEBHOOK_EVENTS, C as CreateWebhookData, U as UpdateWebhookData, c as WEBHOOK_COLLECTION, d as WEBHOOK_DELIVERY_COLLECTION, e as WEBHOOK_EVENTS, f as WebhookEvent, g as WebhookService, h as WebhookTriggerResult, i as createWebhookService } from './WebhookService-mZZ75syh.cjs';
 export { TemplateConfig, allSettingsGlobals, blogCollections, blogGlobals, coreSettingsGlobals, createTemplateConfig, ecommerceCollections, ecommerceGlobals, ecommerceSettingsGlobals, kitchenSinkCollections, mediaCollections, minimalCollections } from './templates/index.cjs';
+import { Redis } from 'ioredis';
 import 'ws';
 import 'drizzle-orm/postgres-js';
-import 'ioredis';
 
 interface DeliveryResult {
     success: boolean;
@@ -74,6 +73,38 @@ declare function normalizeRichTextDocument(value: unknown): RichTextDocument;
 declare function normalizeRichTextValue<T>(value: T): T;
 declare function renderRichText(value: unknown): string;
 
+declare class AuditLogger {
+    private redis;
+    private prefix;
+    private retentionDays;
+    constructor(redis: Redis, retentionDays?: number, prefix?: string);
+    log(data: Omit<AuditLog, "id" | "timestamp">): Promise<string>;
+    get(id: string): Promise<AuditLog | null>;
+    query(filter?: AuditLogFilter): Promise<{
+        logs: AuditLog[];
+        total: number;
+    }>;
+    getRecent(limit?: number): Promise<AuditLog[]>;
+    getUserActivity(userId: string, limit?: number): Promise<AuditLog[]>;
+    getStats(startDate?: Date, endDate?: Date): Promise<{
+        totalEvents: number;
+        byAction: Record<string, number>;
+        successRate: number;
+        failedLogins: number;
+        uniqueUsers: Set<string>;
+    }>;
+    cleanup(): Promise<number>;
+    private getKeyForDate;
+    private getKeysForDateRange;
+    private matchesFilter;
+    private serializeLog;
+    private deserializeLog;
+}
+declare function createAuditContext(req: Request): {
+    ipAddress: string;
+    userAgent: string;
+};
+
 declare class Kyro {
     registry: Registry;
     db: BaseAdapter;
@@ -306,6 +337,72 @@ declare const presetPlugins: {
     Wishlist: typeof WishlistPlugin;
 };
 
+interface RedisAuthAdapterOptions {
+    url?: string;
+    host?: string;
+    port?: number;
+    password?: string;
+    db?: number;
+    keyPrefix?: string;
+    tokenExpiration?: number;
+    refreshTokenExpiration?: number;
+    tls?: boolean;
+}
+declare class RedisAuthAdapter implements AuthAdapter {
+    private redis;
+    private prefix;
+    private tokenExpiration;
+    private refreshExpiration;
+    constructor(options?: RedisAuthAdapterOptions);
+    connect(): Promise<void>;
+    disconnect(): Promise<void>;
+    private userKey;
+    private sessionKey;
+    private refreshKey;
+    private userByEmailKey;
+    private passwordHistoryKey;
+    createUser(data: {
+        email: string;
+        password: string;
+        role?: UserRole;
+        tenantId?: string;
+    }): Promise<AuthUser>;
+    findUserByEmail(email: string): Promise<AuthUser | null>;
+    findUserById(userId: string): Promise<AuthUser | null>;
+    updateUser(userId: string, data: Partial<AuthUser>): Promise<AuthUser | null>;
+    deleteUser(userId: string): Promise<boolean>;
+    hashPassword(password: string): Promise<string>;
+    verifyPassword(email: string, password: string): Promise<AuthUser | null>;
+    createSession(userId: string, data?: {
+        ipAddress?: string;
+        userAgent?: string;
+    }): Promise<Session>;
+    findSessionByToken(token: string): Promise<Session | null>;
+    deleteSession(sessionId: string): Promise<boolean>;
+    deleteUserSessions(userId: string): Promise<number>;
+    addPasswordToHistory(userId: string, passwordHash: string): Promise<void>;
+    getPasswordHistory(userId: string, count?: number): Promise<string[]>;
+    isPasswordInHistory(password: string, userId: string, historyCount?: number): Promise<boolean>;
+    private userToHash;
+    private hashToUser;
+    private sessionToHash;
+    private hashToSession;
+    private auditLogKey;
+    private auditLogIndexKey;
+    findAuditLogs(filter: {
+        userId?: string;
+        action?: string | string[];
+        resource?: string;
+        success?: boolean;
+        limit?: number;
+        offset?: number;
+    }): Promise<{
+        logs: any[];
+        total: number;
+    }>;
+    createAuditLog(data: any): Promise<any>;
+}
+
 interface EmailConfig$1 {
     provider: "smtp" | "resend" | "sendgrid" | "mailgun" | "ses";
     from: string;
@@ -439,6 +536,74 @@ declare class PasswordPolicy {
     getConfig(): PasswordPolicyConfig;
 }
 
+interface LockoutConfig {
+    maxAttempts: number;
+    lockDuration: number;
+    notifyUser: boolean;
+    notifyAdmin: boolean;
+    adminNotifyAfter: number;
+}
+interface LockoutStatus {
+    locked: boolean;
+    attemptsRemaining: number;
+    lockedUntil?: Date;
+    totalAttempts: number;
+}
+declare class AccountLockout {
+    private redis;
+    private prefix;
+    private config;
+    constructor(redis: Redis, config?: Partial<LockoutConfig>, prefix?: string);
+    private lockKey;
+    private historyKey;
+    checkLockout(userId: string): Promise<LockoutStatus>;
+    recordFailedAttempt(userId: string): Promise<LockoutStatus>;
+    lockAccount(userId: string, duration?: number): Promise<void>;
+    unlockAccount(userId: string): Promise<void>;
+    resetAttempts(userId: string): Promise<void>;
+    getLockoutHistory(userId: string, limit?: number): Promise<Date[]>;
+    getLockoutStats(userId: string): Promise<{
+        totalFailedAttempts: number;
+        lockoutCount: number;
+        lastLockout: Date | null;
+        averageAttemptsBeforeLockout: number;
+    }>;
+    shouldNotifyAdmin(currentAttempts: number): boolean;
+    getConfig(): LockoutConfig;
+    setConfig(config: Partial<LockoutConfig>): void;
+}
+
+interface RateLimitConfig {
+    window: number;
+    max: number;
+}
+interface RateLimitResult {
+    allowed: boolean;
+    remaining: number;
+    resetAt: number;
+    retryAfter?: number;
+}
+declare class RateLimiter {
+    private redis;
+    private prefix;
+    private limits;
+    private userLimits;
+    constructor(redis: Redis, limits?: Record<string, RateLimitConfig>, userLimits?: Record<string, RateLimitConfig>, prefix?: string);
+    private getKey;
+    check(type: string, identifier: string): Promise<RateLimitResult>;
+    checkUser(type: string, userId: string, identifier: string): Promise<RateLimitResult>;
+    reset(type: string, identifier: string): Promise<void>;
+    resetUser(type: string, userId: string, identifier: string): Promise<void>;
+    getStatus(type: string, identifier: string): Promise<{
+        count: number;
+        limit: number;
+        remaining: number;
+        resetAt: number;
+    }>;
+    setLimit(type: string, config: RateLimitConfig): void;
+    setUserLimit(type: string, config: RateLimitConfig): void;
+}
+
 declare class InMemoryRateLimiter {
     private storage;
     private userStorage;
@@ -1104,4 +1269,4 @@ declare function defineConfig(config: {
     debug?: KyroConfig["debug"];
 }): KyroConfig;
 
-export { AbstractBaseAdapter, type AdapterOptions, AnalyticsPlugin, AuditLog, AuditLogFilter, Auth, AuthAdapter, AuthResult, Session as AuthSession, AuthTokenConfig, AuthUser, BaseAdapter, CollectionConfig, CommentsPlugin, type CompareVersionsOptions, ConfigService, ConfigValidationError, CreateArgs, type CreateVersionOptions, type DatabaseConnectionOptions, type DatabaseType, type DatabaseType$1 as DbAdapterType, DeleteArgs, type DeliveryOptions, type DeliveryResult, Dialect, type DraftPublishConfig, type DrizzleAdapterOptions, type EmailConfig, EmailTransport, Field, FindArgs, FindByIDArgs, FindResult, GlobalConfig, Hook, InMemoryAccountLockout, InMemoryAuditLogger, InMemoryAuthAdapter, InMemoryRateLimiter, JWTPayload, Kyro, type KyroAuthConfig, KyroConfig, KyroPlugin, KyroPubSub, KyroWSServer, LocalAdapter, LoginCredentials, MediaService, type MongoDBAdapterOptions, PasswordPolicy, type PluginAPI, type PluginHooks, PluginManager, type PublishVersionOptions, RegisterData, Registry, Request$1 as Request, ReviewsPlugin, SEOPLugin, SQLiteAuthAdapter, Session, type StorageConfig, UpdateArgs, User, UserRole, type Version, type VersionAdapter, type VersionDiff, type VersionHistoryOptions, VersionManager, type VersionPublishSchedule, type VersionStatus, WebhookConfig, WebhookDelivery, WebhookPayload, WishlistPlugin, authConfig, autoBootstrap, bootstrapAdmin, buildDeliveryRecord, collectionToCreateZod, collectionToUpdateZod, collectionToWhereZod, collectionToZod, createAuth, createAuthConfig, createColumnsNode, createKyro, createLocalAdapter, createLocalStorage, createTestPayload, createVersionManager, defineConfig, deliverWebhook, deliverWithRetry, fieldToZod, generateWebhookSecret, getBootstrapFromEnv, getDefaultDraftPublishConfig, globalToZod, isArchived, isDraft, isPublished, normalizeRichTextDocument, normalizeRichTextValue, presetPlugins, renderRichText, resolveProvider, richTextStyles, signPayload, validateCollection, validateConfig, validateFields, validateGlobal };
+export { AbstractBaseAdapter, AccountLockout, type AdapterOptions, AnalyticsPlugin, AuditLog, AuditLogFilter, AuditLogger, Auth, AuthAdapter, AuthResult, Session as AuthSession, AuthTokenConfig, AuthUser, BaseAdapter, CollectionConfig, CommentsPlugin, type CompareVersionsOptions, ConfigService, ConfigValidationError, CreateArgs, type CreateVersionOptions, type DatabaseConnectionOptions, type DatabaseType, type DatabaseType$1 as DbAdapterType, DeleteArgs, type DeliveryOptions, type DeliveryResult, Dialect, type DraftPublishConfig, type DrizzleAdapterOptions, type EmailConfig, EmailTransport, Field, FindArgs, FindByIDArgs, FindResult, GlobalConfig, Hook, InMemoryAccountLockout, InMemoryAuditLogger, InMemoryAuthAdapter, InMemoryRateLimiter, JWTPayload, Kyro, type KyroAuthConfig, KyroConfig, KyroPlugin, KyroPubSub, KyroWSServer, LocalAdapter, LoginCredentials, MediaService, type MongoDBAdapterOptions, PasswordPolicy, type PluginAPI, type PluginHooks, PluginManager, type PublishVersionOptions, RateLimiter, RedisAuthAdapter, RegisterData, Registry, Request$1 as Request, ReviewsPlugin, SEOPLugin, SQLiteAuthAdapter, Session, type StorageConfig, UpdateArgs, User, UserRole, type Version, type VersionAdapter, type VersionDiff, type VersionHistoryOptions, VersionManager, type VersionPublishSchedule, type VersionStatus, WebhookConfig, WebhookDelivery, WebhookPayload, WishlistPlugin, authConfig, autoBootstrap, bootstrapAdmin, buildDeliveryRecord, collectionToCreateZod, collectionToUpdateZod, collectionToWhereZod, collectionToZod, createAuditContext, createAuth, createAuthConfig, createColumnsNode, createKyro, createLocalAdapter, createLocalStorage, createTestPayload, createVersionManager, defineConfig, deliverWebhook, deliverWithRetry, fieldToZod, generateWebhookSecret, getBootstrapFromEnv, getDefaultDraftPublishConfig, globalToZod, isArchived, isDraft, isPublished, normalizeRichTextDocument, normalizeRichTextValue, presetPlugins, renderRichText, resolveProvider, richTextStyles, signPayload, validateCollection, validateConfig, validateFields, validateGlobal };

package/dist/index.d.ts

@@ -17,17 +17,16 @@ export { DrizzleAdapter, PostgresAuthAdapter, collectionToDrizzleSchema, createD
 export { MongoDBAdapter, createMongoDBAdapter } from './mongodb/index.js';
 export { buildGraphQLSchema, createGraphQLSchema } from './graphql/index.js';
 export { createHonoApp, createRESTAPI } from './rest/index.js';
-import { R as RateLimitConfig, b as RateLimitResult, L as LockoutConfig, a as LockoutStatus } from './rate-limit-CmDv55RV.js';
-export { q as AccountLockout, A as AdminStylingConfig, C as CSSGenerator, F as FieldStyling, r as RateLimiter, s as RedisAuthAdapter, S as StylingConfig, d as StylingMode, T as ThemeBorderRadius, e as ThemeColors, f as ThemeConfig, g as ThemeFonts, h as ThemeShadows, i as ThemeSpacing, j as createAdminStyling, k as defaultDarkTheme, l as defaultFieldStyling, m as defaultLightTheme, n as ecommerce2026Theme, o as generateCSSVariables, p as generateTailwindConfig } from './rate-limit-CmDv55RV.js';
-import { f as AuthUser, c as AuthAdapter, a as AuditLog, b as AuditLogFilter, U as UserRole, S as Session, e as AuthTokenConfig, R as RegisterData, d as AuthResult, L as LoginCredentials, J as JWTPayload } from './types-CGA0z0XD.js';
-export { A as AuditAction, g as AuditLogger, h as createAuditContext } from './types-CGA0z0XD.js';
+export { A as AdminStylingConfig, C as CSSGenerator, F as FieldStyling, S as StylingConfig, a as StylingMode, T as ThemeBorderRadius, b as ThemeColors, c as ThemeConfig, d as ThemeFonts, e as ThemeShadows, f as ThemeSpacing, g as createAdminStyling, h as defaultDarkTheme, i as defaultFieldStyling, j as defaultLightTheme, k as ecommerce2026Theme, l as generateCSSVariables, m as generateTailwindConfig } from './index-Bz9JqRGI.js';
+import { d as AuditLog, e as AuditLogFilter, A as AuthAdapter, U as UserRole, c as AuthUser, S as Session, b as AuthTokenConfig, R as RegisterData, a as AuthResult, L as LoginCredentials, J as JWTPayload } from './types-1u353OHN.js';
+export { f as AuditAction } from './types-1u353OHN.js';
 import Database from 'better-sqlite3';
 import { W as WebhookPayload, a as WebhookDelivery, b as WebhookConfig } from './WebhookService-BznDc2AT.js';
 export { A as ALL_WEBHOOK_EVENTS, C as CreateWebhookData, U as UpdateWebhookData, c as WEBHOOK_COLLECTION, d as WEBHOOK_DELIVERY_COLLECTION, e as WEBHOOK_EVENTS, f as WebhookEvent, g as WebhookService, h as WebhookTriggerResult, i as createWebhookService } from './WebhookService-BznDc2AT.js';
 export { TemplateConfig, allSettingsGlobals, blogCollections, blogGlobals, coreSettingsGlobals, createTemplateConfig, ecommerceCollections, ecommerceGlobals, ecommerceSettingsGlobals, kitchenSinkCollections, mediaCollections, minimalCollections } from './templates/index.js';
+import { Redis } from 'ioredis';
 import 'ws';
 import 'drizzle-orm/postgres-js';
-import 'ioredis';
 
 interface DeliveryResult {
     success: boolean;
@@ -74,6 +73,38 @@ declare function normalizeRichTextDocument(value: unknown): RichTextDocument;
 declare function normalizeRichTextValue<T>(value: T): T;
 declare function renderRichText(value: unknown): string;
 
+declare class AuditLogger {
+    private redis;
+    private prefix;
+    private retentionDays;
+    constructor(redis: Redis, retentionDays?: number, prefix?: string);
+    log(data: Omit<AuditLog, "id" | "timestamp">): Promise<string>;
+    get(id: string): Promise<AuditLog | null>;
+    query(filter?: AuditLogFilter): Promise<{
+        logs: AuditLog[];
+        total: number;
+    }>;
+    getRecent(limit?: number): Promise<AuditLog[]>;
+    getUserActivity(userId: string, limit?: number): Promise<AuditLog[]>;
+    getStats(startDate?: Date, endDate?: Date): Promise<{
+        totalEvents: number;
+        byAction: Record<string, number>;
+        successRate: number;
+        failedLogins: number;
+        uniqueUsers: Set<string>;
+    }>;
+    cleanup(): Promise<number>;
+    private getKeyForDate;
+    private getKeysForDateRange;
+    private matchesFilter;
+    private serializeLog;
+    private deserializeLog;
+}
+declare function createAuditContext(req: Request): {
+    ipAddress: string;
+    userAgent: string;
+};
+
 declare class Kyro {
     registry: Registry;
     db: BaseAdapter;
@@ -306,6 +337,72 @@ declare const presetPlugins: {
     Wishlist: typeof WishlistPlugin;
 };
 
+interface RedisAuthAdapterOptions {
+    url?: string;
+    host?: string;
+    port?: number;
+    password?: string;
+    db?: number;
+    keyPrefix?: string;
+    tokenExpiration?: number;
+    refreshTokenExpiration?: number;
+    tls?: boolean;
+}
+declare class RedisAuthAdapter implements AuthAdapter {
+    private redis;
+    private prefix;
+    private tokenExpiration;
+    private refreshExpiration;
+    constructor(options?: RedisAuthAdapterOptions);
+    connect(): Promise<void>;
+    disconnect(): Promise<void>;
+    private userKey;
+    private sessionKey;
+    private refreshKey;
+    private userByEmailKey;
+    private passwordHistoryKey;
+    createUser(data: {
+        email: string;
+        password: string;
+        role?: UserRole;
+        tenantId?: string;
+    }): Promise<AuthUser>;
+    findUserByEmail(email: string): Promise<AuthUser | null>;
+    findUserById(userId: string): Promise<AuthUser | null>;
+    updateUser(userId: string, data: Partial<AuthUser>): Promise<AuthUser | null>;
+    deleteUser(userId: string): Promise<boolean>;
+    hashPassword(password: string): Promise<string>;
+    verifyPassword(email: string, password: string): Promise<AuthUser | null>;
+    createSession(userId: string, data?: {
+        ipAddress?: string;
+        userAgent?: string;
+    }): Promise<Session>;
+    findSessionByToken(token: string): Promise<Session | null>;
+    deleteSession(sessionId: string): Promise<boolean>;
+    deleteUserSessions(userId: string): Promise<number>;
+    addPasswordToHistory(userId: string, passwordHash: string): Promise<void>;
+    getPasswordHistory(userId: string, count?: number): Promise<string[]>;
+    isPasswordInHistory(password: string, userId: string, historyCount?: number): Promise<boolean>;
+    private userToHash;
+    private hashToUser;
+    private sessionToHash;
+    private hashToSession;
+    private auditLogKey;
+    private auditLogIndexKey;
+    findAuditLogs(filter: {
+        userId?: string;
+        action?: string | string[];
+        resource?: string;
+        success?: boolean;
+        limit?: number;
+        offset?: number;
+    }): Promise<{
+        logs: any[];
+        total: number;
+    }>;
+    createAuditLog(data: any): Promise<any>;
+}
+
 interface EmailConfig$1 {
     provider: "smtp" | "resend" | "sendgrid" | "mailgun" | "ses";
     from: string;
@@ -439,6 +536,74 @@ declare class PasswordPolicy {
     getConfig(): PasswordPolicyConfig;
 }
 
+interface LockoutConfig {
+    maxAttempts: number;
+    lockDuration: number;
+    notifyUser: boolean;
+    notifyAdmin: boolean;
+    adminNotifyAfter: number;
+}
+interface LockoutStatus {
+    locked: boolean;
+    attemptsRemaining: number;
+    lockedUntil?: Date;
+    totalAttempts: number;
+}
+declare class AccountLockout {
+    private redis;
+    private prefix;
+    private config;
+    constructor(redis: Redis, config?: Partial<LockoutConfig>, prefix?: string);
+    private lockKey;
+    private historyKey;
+    checkLockout(userId: string): Promise<LockoutStatus>;
+    recordFailedAttempt(userId: string): Promise<LockoutStatus>;
+    lockAccount(userId: string, duration?: number): Promise<void>;
+    unlockAccount(userId: string): Promise<void>;
+    resetAttempts(userId: string): Promise<void>;
+    getLockoutHistory(userId: string, limit?: number): Promise<Date[]>;
+    getLockoutStats(userId: string): Promise<{
+        totalFailedAttempts: number;
+        lockoutCount: number;
+        lastLockout: Date | null;
+        averageAttemptsBeforeLockout: number;
+    }>;
+    shouldNotifyAdmin(currentAttempts: number): boolean;
+    getConfig(): LockoutConfig;
+    setConfig(config: Partial<LockoutConfig>): void;
+}
+
+interface RateLimitConfig {
+    window: number;
+    max: number;
+}
+interface RateLimitResult {
+    allowed: boolean;
+    remaining: number;
+    resetAt: number;
+    retryAfter?: number;
+}
+declare class RateLimiter {
+    private redis;
+    private prefix;
+    private limits;
+    private userLimits;
+    constructor(redis: Redis, limits?: Record<string, RateLimitConfig>, userLimits?: Record<string, RateLimitConfig>, prefix?: string);
+    private getKey;
+    check(type: string, identifier: string): Promise<RateLimitResult>;
+    checkUser(type: string, userId: string, identifier: string): Promise<RateLimitResult>;
+    reset(type: string, identifier: string): Promise<void>;
+    resetUser(type: string, userId: string, identifier: string): Promise<void>;
+    getStatus(type: string, identifier: string): Promise<{
+        count: number;
+        limit: number;
+        remaining: number;
+        resetAt: number;
+    }>;
+    setLimit(type: string, config: RateLimitConfig): void;
+    setUserLimit(type: string, config: RateLimitConfig): void;
+}
+
 declare class InMemoryRateLimiter {
     private storage;
     private userStorage;
@@ -1104,4 +1269,4 @@ declare function defineConfig(config: {
     debug?: KyroConfig["debug"];
 }): KyroConfig;
 
-export { AbstractBaseAdapter, type AdapterOptions, AnalyticsPlugin, AuditLog, AuditLogFilter, Auth, AuthAdapter, AuthResult, Session as AuthSession, AuthTokenConfig, AuthUser, BaseAdapter, CollectionConfig, CommentsPlugin, type CompareVersionsOptions, ConfigService, ConfigValidationError, CreateArgs, type CreateVersionOptions, type DatabaseConnectionOptions, type DatabaseType, type DatabaseType$1 as DbAdapterType, DeleteArgs, type DeliveryOptions, type DeliveryResult, Dialect, type DraftPublishConfig, type DrizzleAdapterOptions, type EmailConfig, EmailTransport, Field, FindArgs, FindByIDArgs, FindResult, GlobalConfig, Hook, InMemoryAccountLockout, InMemoryAuditLogger, InMemoryAuthAdapter, InMemoryRateLimiter, JWTPayload, Kyro, type KyroAuthConfig, KyroConfig, KyroPlugin, KyroPubSub, KyroWSServer, LocalAdapter, LoginCredentials, MediaService, type MongoDBAdapterOptions, PasswordPolicy, type PluginAPI, type PluginHooks, PluginManager, type PublishVersionOptions, RegisterData, Registry, Request$1 as Request, ReviewsPlugin, SEOPLugin, SQLiteAuthAdapter, Session, type StorageConfig, UpdateArgs, User, UserRole, type Version, type VersionAdapter, type VersionDiff, type VersionHistoryOptions, VersionManager, type VersionPublishSchedule, type VersionStatus, WebhookConfig, WebhookDelivery, WebhookPayload, WishlistPlugin, authConfig, autoBootstrap, bootstrapAdmin, buildDeliveryRecord, collectionToCreateZod, collectionToUpdateZod, collectionToWhereZod, collectionToZod, createAuth, createAuthConfig, createColumnsNode, createKyro, createLocalAdapter, createLocalStorage, createTestPayload, createVersionManager, defineConfig, deliverWebhook, deliverWithRetry, fieldToZod, generateWebhookSecret, getBootstrapFromEnv, getDefaultDraftPublishConfig, globalToZod, isArchived, isDraft, isPublished, normalizeRichTextDocument, normalizeRichTextValue, presetPlugins, renderRichText, resolveProvider, richTextStyles, signPayload, validateCollection, validateConfig, validateFields, validateGlobal };
+export { AbstractBaseAdapter, AccountLockout, type AdapterOptions, AnalyticsPlugin, AuditLog, AuditLogFilter, AuditLogger, Auth, AuthAdapter, AuthResult, Session as AuthSession, AuthTokenConfig, AuthUser, BaseAdapter, CollectionConfig, CommentsPlugin, type CompareVersionsOptions, ConfigService, ConfigValidationError, CreateArgs, type CreateVersionOptions, type DatabaseConnectionOptions, type DatabaseType, type DatabaseType$1 as DbAdapterType, DeleteArgs, type DeliveryOptions, type DeliveryResult, Dialect, type DraftPublishConfig, type DrizzleAdapterOptions, type EmailConfig, EmailTransport, Field, FindArgs, FindByIDArgs, FindResult, GlobalConfig, Hook, InMemoryAccountLockout, InMemoryAuditLogger, InMemoryAuthAdapter, InMemoryRateLimiter, JWTPayload, Kyro, type KyroAuthConfig, KyroConfig, KyroPlugin, KyroPubSub, KyroWSServer, LocalAdapter, LoginCredentials, MediaService, type MongoDBAdapterOptions, PasswordPolicy, type PluginAPI, type PluginHooks, PluginManager, type PublishVersionOptions, RateLimiter, RedisAuthAdapter, RegisterData, Registry, Request$1 as Request, ReviewsPlugin, SEOPLugin, SQLiteAuthAdapter, Session, type StorageConfig, UpdateArgs, User, UserRole, type Version, type VersionAdapter, type VersionDiff, type VersionHistoryOptions, VersionManager, type VersionPublishSchedule, type VersionStatus, WebhookConfig, WebhookDelivery, WebhookPayload, WishlistPlugin, authConfig, autoBootstrap, bootstrapAdmin, buildDeliveryRecord, collectionToCreateZod, collectionToUpdateZod, collectionToWhereZod, collectionToZod, createAuditContext, createAuth, createAuthConfig, createColumnsNode, createKyro, createLocalAdapter, createLocalStorage, createTestPayload, createVersionManager, defineConfig, deliverWebhook, deliverWithRetry, fieldToZod, generateWebhookSecret, getBootstrapFromEnv, getDefaultDraftPublishConfig, globalToZod, isArchived, isDraft, isPublished, normalizeRichTextDocument, normalizeRichTextValue, presetPlugins, renderRichText, resolveProvider, richTextStyles, signPayload, validateCollection, validateConfig, validateFields, validateGlobal };

package/dist/index.js

@@ -3614,8 +3614,12 @@ var RateLimiter = class {
     this.userLimits[type] = config;
   }
 };
+
+// src/auth/security/audit-log-types.ts
 var DEFAULT_RETENTION_CONFIG = {
   retentionDays: 30};
+
+// src/auth/security/audit-log.ts
 var AuditLogger = class {
   redis;
   prefix;