@kyro-cms/core 0.3.1 → 0.3.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (201) hide show
  1. package/dist/{WebhookService-BznDc2AT.d.ts → WebhookService-BCpW2dyL.d.ts} +1 -1
  2. package/dist/{WebhookService-mZZ75syh.d.cts → WebhookService-DxYSFvNg.d.cts} +1 -1
  3. package/dist/api-handler.cjs +52 -0
  4. package/dist/api-handler.cjs.map +1 -0
  5. package/dist/api-handler.d.cts +9 -0
  6. package/dist/api-handler.d.ts +9 -0
  7. package/dist/api-handler.js +46 -0
  8. package/dist/api-handler.js.map +1 -0
  9. package/dist/{base-Hu6ij8sZ.d.ts → base-DvvNqnM-.d.cts} +16 -5
  10. package/dist/{base-Db9LkB1N.d.cts → base-eVegJ_Pr.d.ts} +16 -5
  11. package/dist/bootstrap-DGJ3N7SO.js +6 -0
  12. package/dist/{bootstrap-LL6O7PWO.js.map → bootstrap-DGJ3N7SO.js.map} +1 -1
  13. package/dist/bootstrap-O5UGUTYU.cjs +31 -0
  14. package/dist/{bootstrap-BMWVB2T6.cjs.map → bootstrap-O5UGUTYU.cjs.map} +1 -1
  15. package/dist/{chunk-QKOFKITP.js → chunk-2HFJUUFZ.js} +3 -11
  16. package/dist/chunk-2HFJUUFZ.js.map +1 -0
  17. package/dist/chunk-2SJATAN4.js +5514 -0
  18. package/dist/chunk-2SJATAN4.js.map +1 -0
  19. package/dist/{chunk-DIC236EW.js → chunk-342BJNBI.js} +167 -24
  20. package/dist/chunk-342BJNBI.js.map +1 -0
  21. package/dist/{chunk-OUGKLCYF.js → chunk-3AJE4SEG.js} +4 -3
  22. package/dist/chunk-3AJE4SEG.js.map +1 -0
  23. package/dist/chunk-6LPNEC6D.js +617 -0
  24. package/dist/chunk-6LPNEC6D.js.map +1 -0
  25. package/dist/{chunk-BXMWDUED.js → chunk-A4USRVTQ.js} +2 -2
  26. package/dist/chunk-A4USRVTQ.js.map +1 -0
  27. package/dist/chunk-ADLJSJSN.cjs +13 -0
  28. package/dist/chunk-ADLJSJSN.cjs.map +1 -0
  29. package/dist/chunk-ATBOUGQP.cjs +513 -0
  30. package/dist/chunk-ATBOUGQP.cjs.map +1 -0
  31. package/dist/{chunk-KB6QF4HO.js → chunk-B76I67F3.js} +246 -141
  32. package/dist/chunk-B76I67F3.js.map +1 -0
  33. package/dist/chunk-BQ2T4WRS.js +140 -0
  34. package/dist/chunk-BQ2T4WRS.js.map +1 -0
  35. package/dist/chunk-CZ3HWX2X.cjs +622 -0
  36. package/dist/chunk-CZ3HWX2X.cjs.map +1 -0
  37. package/dist/{chunk-PNBZZ76A.cjs → chunk-DAIBBBOL.cjs} +246 -140
  38. package/dist/chunk-DAIBBBOL.cjs.map +1 -0
  39. package/dist/{chunk-U74F3YZU.js → chunk-DBUYB32X.js} +15 -3
  40. package/dist/chunk-DBUYB32X.js.map +1 -0
  41. package/dist/chunk-DLHUQO25.cjs +1746 -0
  42. package/dist/chunk-DLHUQO25.cjs.map +1 -0
  43. package/dist/{chunk-GE5DMB44.js → chunk-E3BZLMX6.js} +55 -49
  44. package/dist/chunk-E3BZLMX6.js.map +1 -0
  45. package/dist/{chunk-44BF6ALS.cjs → chunk-H4XCAPA6.cjs} +55 -49
  46. package/dist/chunk-H4XCAPA6.cjs.map +1 -0
  47. package/dist/{chunk-VIONYQ2K.cjs → chunk-IBG6V56E.cjs} +16 -32
  48. package/dist/chunk-IBG6V56E.cjs.map +1 -0
  49. package/dist/{chunk-LIJVWQKU.cjs → chunk-IX3ABYKZ.cjs} +43 -31
  50. package/dist/chunk-IX3ABYKZ.cjs.map +1 -0
  51. package/dist/chunk-JYGIFBBS.cjs +146 -0
  52. package/dist/chunk-JYGIFBBS.cjs.map +1 -0
  53. package/dist/{chunk-42JPONZU.cjs → chunk-K7JPTH3G.cjs} +17 -16
  54. package/dist/chunk-K7JPTH3G.cjs.map +1 -0
  55. package/dist/{chunk-RLTG4YZM.cjs → chunk-KOCTZKPV.cjs} +2 -2
  56. package/dist/chunk-KOCTZKPV.cjs.map +1 -0
  57. package/dist/chunk-MMYAIYHJ.cjs +5538 -0
  58. package/dist/chunk-MMYAIYHJ.cjs.map +1 -0
  59. package/dist/{chunk-EWP5AT6A.cjs → chunk-N4H37VN4.cjs} +2 -11
  60. package/dist/chunk-N4H37VN4.cjs.map +1 -0
  61. package/dist/chunk-P2YW545G.js +11 -0
  62. package/dist/chunk-P2YW545G.js.map +1 -0
  63. package/dist/chunk-Q23JB3KL.js +488 -0
  64. package/dist/chunk-Q23JB3KL.js.map +1 -0
  65. package/dist/{chunk-E5X75WNB.js → chunk-QXIQWPAP.js} +14 -30
  66. package/dist/chunk-QXIQWPAP.js.map +1 -0
  67. package/dist/chunk-R3XIBBAW.cjs +34 -0
  68. package/dist/chunk-R3XIBBAW.cjs.map +1 -0
  69. package/dist/{chunk-KWGNR4HM.js → chunk-REK7AYOC.js} +82 -9
  70. package/dist/chunk-REK7AYOC.js.map +1 -0
  71. package/dist/chunk-RGIQKTZ7.js +68 -0
  72. package/dist/chunk-RGIQKTZ7.js.map +1 -0
  73. package/dist/chunk-RYDGMBIG.js +1737 -0
  74. package/dist/chunk-RYDGMBIG.js.map +1 -0
  75. package/dist/chunk-SDMNUYVU.js +30 -0
  76. package/dist/chunk-SDMNUYVU.js.map +1 -0
  77. package/dist/chunk-VEI5KQVC.cjs +1246 -0
  78. package/dist/chunk-VEI5KQVC.cjs.map +1 -0
  79. package/dist/{chunk-FTSSDDZQ.cjs → chunk-VJT6P4N6.cjs} +82 -9
  80. package/dist/chunk-VJT6P4N6.cjs.map +1 -0
  81. package/dist/{chunk-HT6VE4NW.cjs → chunk-W3KPQX7V.cjs} +168 -25
  82. package/dist/chunk-W3KPQX7V.cjs.map +1 -0
  83. package/dist/{chunk-LTRCYJAG.js → chunk-WOWUL7ZY.js} +3 -2
  84. package/dist/chunk-WOWUL7ZY.js.map +1 -0
  85. package/dist/{chunk-7YITG2US.cjs → chunk-WQBRWOQT.cjs} +3 -2
  86. package/dist/chunk-WQBRWOQT.cjs.map +1 -0
  87. package/dist/chunk-X3CU27OO.cjs +78 -0
  88. package/dist/chunk-X3CU27OO.cjs.map +1 -0
  89. package/dist/chunk-XIXGJGQW.js +1228 -0
  90. package/dist/chunk-XIXGJGQW.js.map +1 -0
  91. package/dist/cli/index.cjs +2 -2
  92. package/dist/cli/index.js +2 -2
  93. package/dist/client.cjs +23 -13
  94. package/dist/client.d.cts +4 -2
  95. package/dist/client.d.ts +4 -2
  96. package/dist/client.js +3 -1
  97. package/dist/drizzle/index.cjs +20 -19
  98. package/dist/drizzle/index.d.cts +28 -7
  99. package/dist/drizzle/index.d.ts +28 -7
  100. package/dist/drizzle/index.js +5 -4
  101. package/dist/fields/index.cjs +105 -0
  102. package/dist/fields/index.cjs.map +1 -0
  103. package/dist/fields/index.d.cts +27 -0
  104. package/dist/fields/index.d.ts +27 -0
  105. package/dist/fields/index.js +4 -0
  106. package/dist/fields/index.js.map +1 -0
  107. package/dist/graphql/index.cjs +4 -3
  108. package/dist/graphql/index.d.cts +3 -2
  109. package/dist/graphql/index.d.ts +3 -2
  110. package/dist/graphql/index.js +2 -1
  111. package/dist/{index-Ci6r4xnN.d.ts → index-CLp-DRKA.d.ts} +2 -1
  112. package/dist/{index-11MDNKce.d.cts → index-DfO7G4kN.d.cts} +2 -1
  113. package/dist/index.cjs +2621 -6672
  114. package/dist/index.cjs.map +1 -1
  115. package/dist/index.d.cts +136 -47
  116. package/dist/index.d.ts +136 -47
  117. package/dist/index.js +2333 -6546
  118. package/dist/index.js.map +1 -1
  119. package/dist/integration.cjs +68 -0
  120. package/dist/integration.cjs.map +1 -0
  121. package/dist/integration.d.cts +27 -0
  122. package/dist/integration.d.ts +27 -0
  123. package/dist/integration.js +61 -0
  124. package/dist/integration.js.map +1 -0
  125. package/dist/mongodb/index.cjs +4 -4
  126. package/dist/mongodb/index.d.cts +20 -6
  127. package/dist/mongodb/index.d.ts +20 -6
  128. package/dist/mongodb/index.js +2 -2
  129. package/dist/postgres-auth-adapter-7F3ECO7I.js +5 -0
  130. package/dist/{postgres-auth-adapter-OTRWSTT5.js.map → postgres-auth-adapter-7F3ECO7I.js.map} +1 -1
  131. package/dist/postgres-auth-adapter-Z463NYJZ.cjs +14 -0
  132. package/dist/{postgres-auth-adapter-EVRPO7BQ.cjs.map → postgres-auth-adapter-Z463NYJZ.cjs.map} +1 -1
  133. package/dist/redis-adapter-LPUWLE4Y.cjs +13 -0
  134. package/dist/{redis-adapter-E7PMN5HW.cjs.map → redis-adapter-LPUWLE4Y.cjs.map} +1 -1
  135. package/dist/redis-adapter-THYDCGQR.js +4 -0
  136. package/dist/{redis-adapter-HOO67RBQ.js.map → redis-adapter-THYDCGQR.js.map} +1 -1
  137. package/dist/rest/index.cjs +8 -5
  138. package/dist/rest/index.d.cts +6 -3
  139. package/dist/rest/index.d.ts +6 -3
  140. package/dist/rest/index.js +6 -3
  141. package/dist/{schema-CNB2DDTX.js → schema-6Q4W6AE6.js} +3 -3
  142. package/dist/{schema-CNB2DDTX.js.map → schema-6Q4W6AE6.js.map} +1 -1
  143. package/dist/{schema-Y777CQQS.cjs → schema-TIYTCIKX.cjs} +14 -14
  144. package/dist/{schema-Y777CQQS.cjs.map → schema-TIYTCIKX.cjs.map} +1 -1
  145. package/dist/templates/index.cjs +27 -23
  146. package/dist/templates/index.d.cts +8 -2
  147. package/dist/templates/index.d.ts +8 -2
  148. package/dist/templates/index.js +1 -1
  149. package/dist/trpc/index.cjs +12 -11
  150. package/dist/trpc/index.d.cts +3 -2
  151. package/dist/trpc/index.d.ts +3 -2
  152. package/dist/trpc/index.js +3 -2
  153. package/dist/{types-kGfsGdos.d.cts → types-Bs1up4yP.d.ts} +76 -244
  154. package/dist/{types-1u353OHN.d.ts → types-Da83JLDk.d.cts} +6 -2
  155. package/dist/{types-1u353OHN.d.cts → types-Da83JLDk.d.ts} +6 -2
  156. package/dist/{types-kGfsGdos.d.ts → types-J3R9nVsZ.d.cts} +76 -244
  157. package/dist/types-VtjUxIMp.d.cts +246 -0
  158. package/dist/types-VtjUxIMp.d.ts +246 -0
  159. package/package.json +16 -9
  160. package/dist/bootstrap-BMWVB2T6.cjs +0 -31
  161. package/dist/bootstrap-LL6O7PWO.js +0 -6
  162. package/dist/chunk-42JPONZU.cjs.map +0 -1
  163. package/dist/chunk-44BF6ALS.cjs.map +0 -1
  164. package/dist/chunk-4M5PHMUE.cjs +0 -947
  165. package/dist/chunk-4M5PHMUE.cjs.map +0 -1
  166. package/dist/chunk-6MSSF46R.js +0 -941
  167. package/dist/chunk-6MSSF46R.js.map +0 -1
  168. package/dist/chunk-7YITG2US.cjs.map +0 -1
  169. package/dist/chunk-BTOE3VUK.js +0 -330
  170. package/dist/chunk-BTOE3VUK.js.map +0 -1
  171. package/dist/chunk-BXMWDUED.js.map +0 -1
  172. package/dist/chunk-DIC236EW.js.map +0 -1
  173. package/dist/chunk-E5X75WNB.js.map +0 -1
  174. package/dist/chunk-E63IF3MD.cjs +0 -951
  175. package/dist/chunk-E63IF3MD.cjs.map +0 -1
  176. package/dist/chunk-EWP5AT6A.cjs.map +0 -1
  177. package/dist/chunk-FTSSDDZQ.cjs.map +0 -1
  178. package/dist/chunk-GE5DMB44.js.map +0 -1
  179. package/dist/chunk-GVFB5C6O.cjs +0 -345
  180. package/dist/chunk-GVFB5C6O.cjs.map +0 -1
  181. package/dist/chunk-HT6VE4NW.cjs.map +0 -1
  182. package/dist/chunk-HVSQDZZJ.cjs +0 -765
  183. package/dist/chunk-HVSQDZZJ.cjs.map +0 -1
  184. package/dist/chunk-HYC4GNHX.js +0 -758
  185. package/dist/chunk-HYC4GNHX.js.map +0 -1
  186. package/dist/chunk-KB6QF4HO.js.map +0 -1
  187. package/dist/chunk-KWGNR4HM.js.map +0 -1
  188. package/dist/chunk-LIJVWQKU.cjs.map +0 -1
  189. package/dist/chunk-LTRCYJAG.js.map +0 -1
  190. package/dist/chunk-OUGKLCYF.js.map +0 -1
  191. package/dist/chunk-PNBZZ76A.cjs.map +0 -1
  192. package/dist/chunk-QKOFKITP.js.map +0 -1
  193. package/dist/chunk-RLTG4YZM.cjs.map +0 -1
  194. package/dist/chunk-RRYXQMZG.js +0 -935
  195. package/dist/chunk-RRYXQMZG.js.map +0 -1
  196. package/dist/chunk-U74F3YZU.js.map +0 -1
  197. package/dist/chunk-VIONYQ2K.cjs.map +0 -1
  198. package/dist/postgres-auth-adapter-EVRPO7BQ.cjs +0 -14
  199. package/dist/postgres-auth-adapter-OTRWSTT5.js +0 -5
  200. package/dist/redis-adapter-E7PMN5HW.cjs +0 -13
  201. package/dist/redis-adapter-HOO67RBQ.js +0 -4
package/dist/chunk-RRYXQMZG.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../src/auth/sqlite-adapter.ts","../src/auth/security/password-policy.ts","../src/auth/bootstrap.ts"],"names":[],"mappings":";;;;;;AAkBA,IAAM,oBAAA,GAAuB,GAAA;AAC7B,IAAM,sBAAA,GAAyB,GAAA;AAC/B,IAAM,kBAAA,GAAqB,KAAA;AAC3B,IAAM,iBAAA,GAAoB,SAAA;AAEnB,IAAM,oBAAN,MAA+C;AAAA,EAC5C,EAAA,GAA+B,IAAA;AAAA,EAC/B,IAAA;AAAA,EACA,UAAA;AAAA,EACA,UAAA;AAAA,EACA,WAAA;AAAA,EACA,iBAAA;AAAA,EACA,SAAA;AAAA,EACA,QAAA;AAAA,EAEA,kBAAA,uBAA0D,GAAA,EAAI;AAAA,EAEtE,WAAA,CAAY,OAAA,GAAoC,EAAC,EAAG;AAClD,IAAA,IAAA,CAAK,IAAA,GAAO,QAAQ,IAAA,IAAQ,gBAAA;AAC5B,IAAA,IAAA,CAAK,UAAA,GAAa,QAAQ,UAAA,IAAc,EAAA;AACxC,IAAA,IAAA,CAAK,UAAA,GAAa,CAAC,CAAC,OAAA,CAAQ,EAAA;AAC5B,IAAA,IAAA,CAAK,WAAA,GAAc,QAAQ,WAAA,IAAe,oBAAA;AAC1C,IAAA,IAAA,CAAK,iBAAA,GACH,QAAQ,iBAAA,IAAqB,sBAAA;AAC/B,IAAA,IAAA,CAAK,SAAA,GAAY,QAAQ,SAAA,IAAa,kBAAA;AACtC,IAAA,IAAA,CAAK,QAAA,GAAW,QAAQ,QAAA,IAAY,iBAAA;AAEpC,IAAA,IAAI,QAAQ,EAAA,EAAI;AACd,MAAA,IAAA,CAAK,KAAK,OAAA,CAAQ,EAAA;AAAA,IACpB;AAAA,EACF;AAAA,EAEA,MAAM,OAAA,GAAyB;AAC7B,IAAA,IAAI,KAAK,EAAA,EAAI;AAEb,IAAA,MAAM,GAAA,GAAM,OAAA,CAAQ,IAAA,CAAK,IAAI,CAAA;AAC7B,IAAA,IAAI,GAAA,IAAO,QAAQ,GAAA,EAAK;AACtB,MAAA,SAAA,CAAU,GAAA,EAAK,EAAE,SAAA,EAAW,IAAA,EAAM,CAAA;AAAA,IACpC;AAEA,IAAA,MAAM,QAAA,GAAA,CAAY,MAAM,OAAO,gBAAgB,CAAA,EAAG,OAAA;AAClD,IAAA,IAAA,CAAK,EAAA,GAAK,IAAI,QAAA,CAAS,IAAA,CAAK,IAAA,EAAM;AAAA,MAChC,SAAS,IAAA,CAAK;AAAA,KACf,CAAA;AAED,IAAA,IAAA,CAAK,EAAA,CAAG,OAAO,oBAAoB,CAAA;AACnC,IAAA,IAAA,CAAK,EAAA,CAAG,OAAO,sBAAsB,CAAA;AACrC,IAAA,IAAA,CAAK,EAAA,CAAG,MAAA,CAAO,eAAA,GAAkB,IAAA,CAAK,SAAS,CAAA;AAC/C,IAAA,IAAA,CAAK,EAAA,CAAG,MAAA,CAAO,cAAA,GAAiB,IAAA,CAAK,QAAQ,CAAA;AAC7C,IAAA,IAAA,CAAK,EAAA,CAAG,MAAA,CAAO,uBAAA,GAA0B,IAAA,CAAK,iBAAiB,CAAA;AAC/D,IAAA,IAAA,CAAK,EAAA,CAAG,OAAO,mBAAmB,CAAA;AAClC,IAAA,IAAA,CAAK,EAAA,CAAG,OAAO,qBAAqB,CAAA;AAEpC,IAAA,IAAA,CAAK,YAAA,EAAa;AAClB,IAAA,IAAA,CAAK,iBAAA,EAAkB;AAAA,EACzB;AAAA,EAEA,MAAM,UAAA,GAA4B;AAChC,IAAA,IAAI,IAAA,CAAK,EAAA,IAAM,CAAC,IAAA,CAAK,UAAA,EAAY;AAC/B,MAAA,IAAA,CAAK,EAAA,CAAG,OAAO,0BAA0B,CAAA;AACzC,MAAA,IAAA,CAAK,GAAG,KAAA,EAAM;AACd,MAAA,IAAA,CAAK,EAAA,GAAK,IAAA;AACV,MAAA,IAAA,CAAK,mBAAmB,KAAA,EAAM;AAAA,IAChC;AAAA,EACF;AAAA,EAEQ,YAAA,GAAqB;AAC3B,IAAA,IAAI,CAAC,KAAK,EAAA,EAAI;AAEd,IAAA,IAAA,CAAK,GAAG,IAAA,CAAK;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAAA,CAkFZ,CAAA;AAAA,EACH;AAAA,EAEQ,iBAAA,GAA0B;AAChC,IAAA,IAAI,CAAC,KAAK,EAAA,EAAI;AAEd,IAAA,IAAA,CAAK,kBAAA,CAAmB,GAAA;AAAA,MACtB,iBAAA;AAAA,MACA,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ,0CAA0C;AAAA,KAC5D;AACA,IAAA,IAAA,CAAK,kBAAA,CAAmB,GAAA;AAAA,MACtB,cAAA;AAAA,MACA,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ,uCAAuC;AAAA,KACzD;AACA,IAAA,IAAA,CAAK,kBAAA,CAAmB,GAAA;AAAA,MACtB,oBAAA;AAAA,MACA,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ,6CAA6C;AAAA,KAC/D;AACA,IAAA,IAAA,CAAK,kBAAA,CAAmB,GAAA;AAAA,MACtB,2BAAA;AAAA,MACA,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ,qDAAqD;AAAA,KACvE;AACA,IAAA,IAAA,CAAK,kBAAA,CAAmB,GAAA;AAAA,MACtB,eAAA;AAAA,MACA,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ,qDAAqD;AAAA,KACvE;AACA,IAAA,IAAA,CAAK,kBAAA,CAAmB,GAAA;AAAA,MACtB,oBAAA;AAAA,MACA,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ,6CAA6C;AAAA,KAC/D;AACA,IAAA,IAAA,CAAK,kBAAA,CAAmB,GAAA;AAAA,MACtB,YAAA;AAAA,MACA,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ,0CAA0C;AAAA,KAC5D;AACA,IAAA,IAAA,CAAK,kBAAA,CAAmB,GAAA;AAAA,MACtB,YAAA;AAAA,MACA,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ,qCAAqC;AAAA,KACvD;AACA,IAAA,IAAA,CAAK,kBAAA,CAAmB,GAAA;AAAA,MACtB,oBAAA;AAAA,MACA,KAAK,EAAA,CAAG,OAAA;AAAA,QACN;AAAA;AACF,KACF;AACA,IAAA,IAAA,CAAK,kBAAA,CAAmB,GAAA;AAAA,MACtB,oBAAA;AAAA,MACA,KAAK,EAAA,CAAG,OAAA;AAAA,QACN;AAAA;AACF,KACF;AACA,IAAA,IAAA,CAAK,kBAAA,CAAmB,GAAA;AAAA,MACtB,qBAAA;AAAA,MACA,KAAK,EAAA,CAAG,OAAA;AAAA,QACN,CAAA;AAAA;AAAA,SAAA;AAAA;AAGF,KACF;AACA,IAAA,IAAA,CAAK,kBAAA,CAAmB,GAAA;AAAA,MACtB,uBAAA;AAAA,MACA,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ,gDAAgD;AAAA,KAClE;AACA,IAAA,IAAA,CAAK,kBAAA,CAAmB,GAAA;AAAA,MACtB,qBAAA;AAAA,MACA,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ,iDAAiD;AAAA,KACnE;AACA,IAAA,IAAA,CAAK,kBAAA,CAAmB,GAAA;AAAA,MACtB,wBAAA;AAAA,MACA,KAAK,EAAA,CAAG,OAAA;AAAA,QACN;AAAA;AACF,KACF;AACA,IAAA,IAAA,CAAK,kBAAA,CAAmB,GAAA;AAAA,MACtB,YAAA;AAAA,MACA,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ,+CAA+C;AAAA,KACjE;AACA,IAAA,IAAA,CAAK,kBAAA,CAAmB,GAAA;AAAA,MACtB,eAAA;AAAA,MACA,IAAA,CAAK,GAAG,OAAA,CAAQ;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MAAA,CAQf;AAAA,KACH;AACA,IAAA,IAAA,CAAK,kBAAA,CAAmB,GAAA;AAAA,MACtB,cAAA;AAAA,MACA,KAAK,EAAA,CAAG,OAAA;AAAA,QACN;AAAA;AACF,KACF;AAAA,EACF;AAAA,EAEQ,KAAK,IAAA,EAAkC;AAC7C,IAAA,MAAM,IAAA,GAAO,IAAA,CAAK,kBAAA,CAAmB,GAAA,CAAI,IAAI,CAAA;AAC7C,IAAA,IAAI,CAAC,IAAA,EAAM,MAAM,IAAI,KAAA,CAAM,CAAA,8BAAA,EAAiC,IAAI,CAAA,CAAE,CAAA;AAClE,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,sBAAA,GAA0C;AAC9C,IAAA,IAAI,CAAC,IAAA,CAAK,EAAA,EAAI,MAAM,IAAI,MAAM,eAAe,CAAA;AAC7C,IAAA,MAAM,MAAA,GAAS,IAAA,CAAK,IAAA,CAAK,uBAAuB,CAAA,CAAE,GAAA;AAAA,MAAA,iBAChD,IAAI,IAAA,EAAK,EAAE,WAAA;AAAY,KACzB;AACA,IAAA,OAAO,MAAA,CAAO,OAAA;AAAA,EAChB;AAAA,EAEA,MAAM,mBAAA,CAAoB,aAAA,GAAwB,EAAA,EAAqB;AACrE,IAAA,IAAI,CAAC,IAAA,CAAK,EAAA,EAAI,MAAM,IAAI,MAAM,eAAe,CAAA;AAC7C,IAAA,MAAM,SAAS,IAAI,IAAA;AAAA,MACjB,KAAK,GAAA,EAAI,GAAI,aAAA,GAAgB,EAAA,GAAK,KAAK,EAAA,GAAK;AAAA,MAC5C,WAAA,EAAY;AACd,IAAA,MAAM,SAAS,IAAA,CAAK,IAAA,CAAK,qBAAqB,CAAA,CAAE,IAAI,MAAM,CAAA;AAC1D,IAAA,OAAO,MAAA,CAAO,OAAA;AAAA,EAChB;AAAA,EAEA,MAAM,QAAA,GAIH;AACD,IAAA,IAAI,CAAC,IAAA,CAAK,EAAA,EAAI,MAAM,IAAI,MAAM,eAAe,CAAA;AAE7C,IAAA,MAAM,YAAa,IAAA,CAAK,IAAA,CAAK,YAAY,CAAA,CAAE,KAAI,CAC5C,KAAA;AAEH,IAAA,MAAM,kBAAA,GACJ,KAAK,EAAA,CACF,OAAA;AAAA,MACC;AAAA,MAED,GAAA,CAAA,iBAAI,IAAI,MAAK,EAAE,WAAA,EAAa,CAAA,CAC/B,KAAA;AAEF,IAAA,MAAM,gBACJ,IAAA,CAAK,EAAA,CACF,QAAQ,+CAA+C,CAAA,CACvD,KAAI,CACP,KAAA;AAEF,IAAA,OAAO,EAAE,SAAA,EAAW,kBAAA,EAAoB,aAAA,EAAc;AAAA,EACxD;AAAA,EAEA,MAAM,WAAW,IAAA,EAKK;AACpB,IAAA,IAAI,CAAC,IAAA,CAAK,EAAA,EAAI,MAAM,IAAI,MAAM,eAAe,CAAA;AAE7C,IAAA,MAAM,EAAA,GAAK,WAAA,CAAY,EAAE,CAAA,CAAE,SAAS,KAAK,CAAA;AACzC,IAAA,MAAM,GAAA,GAAA,iBAAM,IAAI,IAAA,EAAK,EAAE,WAAA,EAAY;AACnC,IAAA,MAAM,YAAA,GAAe,MAAM,IAAA,CAAK,YAAA,CAAa,KAAK,QAAQ,CAAA;AAE1D,IAAA,MAAM,IAAA,GAAiB;AAAA,MACrB,EAAA;AAAA,MACA,KAAA,EAAO,IAAA,CAAK,KAAA,CAAM,WAAA,EAAY;AAAA,MAC9B,YAAA;AAAA,MACA,IAAA,EAAO,KAAK,IAAA,IAAQ,UAAA;AAAA,MACpB,UAAU,IAAA,CAAK,QAAA;AAAA,MACf,SAAA,EAAW,GAAA;AAAA,MACX,SAAA,EAAW;AAAA,KACb;AAEA,IAAA,IAAA,CAAK,EAAA,CACF,OAAA;AAAA,MACC,CAAA;AAAA,qCAAA;AAAA,KAEF,CACC,GAAA;AAAA,MACC,EAAA;AAAA,MACA,IAAA,CAAK,KAAA;AAAA,MACL,IAAA,CAAK,YAAA;AAAA,MACL,IAAA,CAAK,IAAA;AAAA,MACL,IAAA,CAAK,QAAA;AAAA,MACL,GAAA;AAAA,MACA;AAAA,KACF;AAEF,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,gBAAgB,KAAA,EAAyC;AAC7D,IAAA,IAAI,CAAC,IAAA,CAAK,EAAA,EAAI,MAAM,IAAI,MAAM,eAAe,CAAA;AAE7C,IAAA,MAAM,GAAA,GAAM,KAAK,IAAA,CAAK,iBAAiB,EAAE,GAAA,CAAI,KAAA,CAAM,aAAa,CAAA;AAIhE,IAAA,IAAI,CAAC,KAAK,OAAO,IAAA;AACjB,IAAA,OAAO,IAAA,CAAK,UAAU,GAAG,CAAA;AAAA,EAC3B;AAAA,EAEA,MAAM,aAAa,MAAA,EAA0C;AAC3D,IAAA,IAAI,CAAC,IAAA,CAAK,EAAA,EAAI,MAAM,IAAI,MAAM,eAAe,CAAA;AAE7C,IAAA,MAAM,MAAM,IAAA,CAAK,IAAA,CAAK,cAAc,CAAA,CAAE,IAAI,MAAM,CAAA;AAIhD,IAAA,IAAI,CAAC,KAAK,OAAO,IAAA;AACjB,IAAA,OAAO,IAAA,CAAK,UAAU,GAAG,CAAA;AAAA,EAC3B;AAAA,EAEA,MAAM,UAAA,CACJ,MAAA,EACA,IAAA,EAC0B;AAC1B,IAAA,IAAI,CAAC,IAAA,CAAK,EAAA,EAAI,MAAM,IAAI,MAAM,eAAe,CAAA;AAE7C,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,YAAA,CAAa,MAAM,CAAA;AAC/C,IAAA,IAAI,CAAC,UAAU,OAAO,IAAA;AAEtB,IAAA,MAAM,UAAoB,EAAC;AAC3B,IAAA,MAAM,SAAoB,EAAC;AAE3B,IAAA,IAAI,IAAA,CAAK,UAAU,MAAA,EAAW;AAC5B,MAAA,OAAA,CAAQ,KAAK,WAAW,CAAA;AACxB,MAAA,MAAA,CAAO,IAAA,CAAK,IAAA,CAAK,KAAA,CAAM,WAAA,EAAa,CAAA;AAAA,IACtC;AACA,IAAA,IAAI,IAAA,CAAK,iBAAiB,MAAA,EAAW;AACnC,MAAA,OAAA,CAAQ,KAAK,mBAAmB,CAAA;AAChC,MAAA,MAAA,CAAO,IAAA,CAAK,KAAK,YAAY,CAAA;AAAA,IAC/B;AACA,IAAA,IAAI,IAAA,CAAK,SAAS,MAAA,EAAW;AAC3B,MAAA,OAAA,CAAQ,KAAK,UAAU,CAAA;AACvB,MAAA,MAAA,CAAO,IAAA,CAAK,KAAK,IAAI,CAAA;AAAA,IACvB;AACA,IAAA,IAAI,IAAA,CAAK,aAAa,MAAA,EAAW;AAC/B,MAAA,OAAA,CAAQ,KAAK,eAAe,CAAA;AAC5B,MAAA,MAAA,CAAO,IAAA,CAAK,KAAK,QAAQ,CAAA;AAAA,IAC3B;AACA,IAAA,IAAI,IAAA,CAAK,kBAAkB,MAAA,EAAW;AACpC,MAAA,OAAA,CAAQ,KAAK,oBAAoB,CAAA;AACjC,MAAA,MAAA,CAAO,IAAA,CAAK,IAAA,CAAK,aAAA,GAAgB,CAAA,GAAI,CAAC,CAAA;AAAA,IACxC;AACA,IAAA,IAAI,IAAA,CAAK,WAAW,MAAA,EAAW;AAC7B,MAAA,OAAA,CAAQ,KAAK,YAAY,CAAA;AACzB,MAAA,MAAA,CAAO,IAAA,CAAK,IAAA,CAAK,MAAA,GAAS,CAAA,GAAI,CAAC,CAAA;AAAA,IACjC;AACA,IAAA,IAAI,IAAA,CAAK,cAAc,MAAA,EAAW;AAChC,MAAA,OAAA,CAAQ,KAAK,gBAAgB,CAAA;AAC7B,MAAA,MAAA,CAAO,IAAA,CAAK,KAAK,SAAS,CAAA;AAAA,IAC5B;AACA,IAAA,IAAI,IAAA,CAAK,wBAAwB,MAAA,EAAW;AAC1C,MAAA,OAAA,CAAQ,KAAK,2BAA2B,CAAA;AACxC,MAAA,MAAA,CAAO,IAAA,CAAK,KAAK,mBAAmB,CAAA;AAAA,IACtC;AAEA,IAAA,OAAA,CAAQ,KAAK,gBAAgB,CAAA;AAC7B,IAAA,MAAA,CAAO,IAAA,CAAA,iBAAK,IAAI,IAAA,EAAK,EAAE,aAAa,CAAA;AAEpC,IAAA,MAAA,CAAO,KAAK,MAAM,CAAA;AAElB,IAAA,IAAA,CAAK,EAAA,CACF,OAAA,CAAQ,CAAA,sBAAA,EAAyB,OAAA,CAAQ,IAAA,CAAK,IAAI,CAAC,CAAA,aAAA,CAAe,CAAA,CAClE,GAAA,CAAI,GAAG,MAAM,CAAA;AAEhB,IAAA,OAAO,IAAA,CAAK,aAAa,MAAM,CAAA;AAAA,EACjC;AAAA,EAEA,MAAM,WAAW,MAAA,EAAkC;AACjD,IAAA,IAAI,CAAC,IAAA,CAAK,EAAA,EAAI,MAAM,IAAI,MAAM,eAAe,CAAA;AAE7C,IAAA,MAAM,SAAS,IAAA,CAAK,IAAA,CAAK,YAAY,CAAA,CAAE,IAAI,MAAM,CAAA;AACjD,IAAA,OAAO,OAAO,OAAA,GAAU,CAAA;AAAA,EAC1B;AAAA,EAEA,MAAM,aAAa,QAAA,EAAmC;AACpD,IAAA,OAAO,MAAA,CAAO,IAAA,CAAK,QAAA,EAAU,IAAA,CAAK,UAAU,CAAA;AAAA,EAC9C;AAAA,EAEA,MAAM,cAAA,CACJ,KAAA,EACA,QAAA,EAC0B;AAC1B,IAAA,IAAI,CAAC,IAAA,CAAK,EAAA,EAAI,MAAM,IAAI,MAAM,eAAe,CAAA;AAC7C,IAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,eAAA,CAAgB,KAAK,CAAA;AAC7C,IAAA,IAAI,CAAC,MAAM,OAAO,IAAA;AAClB,IAAA,MAAM,MAAA,GAAS,KAAK,EAAA,CACjB,OAAA,CAAQ,8CAA8C,CAAA,CACtD,GAAA,CAAI,KAAK,EAAE,CAAA;AACd,IAAA,IAAI,CAAC,MAAA,EAAQ,aAAA,EAAe,OAAO,IAAA;AACnC,IAAA,MAAM,QAAQ,MAAM,MAAA,CAAO,OAAA,CAAQ,QAAA,EAAU,OAAO,aAAa,CAAA;AACjE,IAAA,OAAO,QAAQ,IAAA,GAAO,IAAA;AAAA,EACxB;AAAA,EAEA,MAAM,aAAA,CACJ,MAAA,EACA,IAAA,GAGI,EAAC,EACa;AAClB,IAAA,IAAI,CAAC,IAAA,CAAK,EAAA,EAAI,MAAM,IAAI,MAAM,eAAe,CAAA;AAE7C,IAAA,MAAM,EAAA,GAAK,WAAA,CAAY,EAAE,CAAA,CAAE,SAAS,KAAK,CAAA;AACzC,IAAA,MAAM,KAAA,GAAQ,WAAA,CAAY,EAAE,CAAA,CAAE,SAAS,WAAW,CAAA;AAClD,IAAA,MAAM,YAAA,GAAe,WAAA,CAAY,EAAE,CAAA,CAAE,SAAS,WAAW,CAAA;AACzD,IAAA,MAAM,GAAA,uBAAU,IAAA,EAAK;AACrB,IAAA,MAAM,SAAA,GAAY,IAAI,IAAA,CAAK,GAAA,CAAI,SAAQ,GAAI,KAAQ,EAAE,WAAA,EAAY;AAEjE,IAAA,MAAM,OAAA,GAAmB;AAAA,MACvB,EAAA;AAAA,MACA,MAAA;AAAA,MACA,KAAA;AAAA,MACA,YAAA;AAAA,MACA,SAAA;AAAA,MACA,SAAA,EAAW,IAAI,WAAA,EAAY;AAAA,MAC3B,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,WAAW,IAAA,CAAK;AAAA,KAClB;AAEA,IAAA,IAAA,CAAK,EAAA,CACF,OAAA;AAAA,MACC,CAAA;AAAA,wCAAA;AAAA,KAEF,CACC,GAAA;AAAA,MACC,OAAA,CAAQ,EAAA;AAAA,MACR,OAAA,CAAQ,MAAA;AAAA,MACR,OAAA,CAAQ,KAAA;AAAA,MACR,OAAA,CAAQ,YAAA;AAAA,MACR,OAAA,CAAQ,SAAA;AAAA,MACR,OAAA,CAAQ,SAAA;AAAA,MACR,OAAA,CAAQ,SAAA;AAAA,MACR,OAAA,CAAQ;AAAA,KACV;AAEF,IAAA,OAAO,OAAA;AAAA,EACT;AAAA,EAEA,MAAM,mBAAmB,KAAA,EAAwC;AAC/D,IAAA,IAAI,CAAC,IAAA,CAAK,EAAA,EAAI,MAAM,IAAI,MAAM,eAAe,CAAA;AAE7C,IAAA,MAAM,MAAM,IAAA,CAAK,IAAA,CAAK,oBAAoB,CAAA,CAAE,IAAI,KAAK,CAAA;AAIrD,IAAA,IAAI,CAAC,KAAK,OAAO,IAAA;AACjB,IAAA,OAAO,IAAA,CAAK,aAAa,GAAG,CAAA;AAAA,EAC9B;AAAA,EAEA,MAAM,0BACJ,YAAA,EACyB;AACzB,IAAA,IAAI,CAAC,IAAA,CAAK,EAAA,EAAI,MAAM,IAAI,MAAM,eAAe,CAAA;AAE7C,IAAA,MAAM,MAAM,IAAA,CAAK,IAAA,CAAK,2BAA2B,CAAA,CAAE,IAAI,YAAY,CAAA;AAInE,IAAA,IAAI,CAAC,KAAK,OAAO,IAAA;AACjB,IAAA,OAAO,IAAA,CAAK,aAAa,GAAG,CAAA;AAAA,EAC9B;AAAA,EAEA,MAAM,cAAc,SAAA,EAAqC;AACvD,IAAA,IAAI,CAAC,IAAA,CAAK,EAAA,EAAI,MAAM,IAAI,MAAM,eAAe,CAAA;AAE7C,IAAA,MAAM,SAAS,IAAA,CAAK,IAAA,CAAK,eAAe,CAAA,CAAE,GAAA,CAAI,WAAW,SAAS,CAAA;AAClE,IAAA,OAAO,OAAO,OAAA,GAAU,CAAA;AAAA,EAC1B;AAAA,EAEA,MAAM,mBAAmB,MAAA,EAAiC;AACxD,IAAA,IAAI,CAAC,IAAA,CAAK,EAAA,EAAI,MAAM,IAAI,MAAM,eAAe,CAAA;AAE7C,IAAA,MAAM,SAAS,IAAA,CAAK,IAAA,CAAK,oBAAoB,CAAA,CAAE,IAAI,MAAM,CAAA;AACzD,IAAA,OAAO,MAAA,CAAO,OAAA;AAAA,EAChB;AAAA,EAEA,MAAM,WAAA,GAAgC;AACpC,IAAA,IAAI,CAAC,IAAA,CAAK,EAAA,EAAI,MAAM,IAAI,MAAM,eAAe,CAAA;AAE7C,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,IAAA,CAAK,YAAY,EAAE,GAAA,EAAI;AACxC,IAAA,OAAO,IAAI,KAAA,GAAQ,CAAA;AAAA,EACrB;AAAA,EAEA,MAAM,oBAAA,CACJ,MAAA,EACA,YAAA,EACe;AACf,IAAA,IAAI,CAAC,IAAA,CAAK,EAAA,EAAI,MAAM,IAAI,MAAM,eAAe,CAAA;AAE7C,IAAA,IAAA,CAAK,IAAA,CAAK,oBAAoB,CAAA,CAAE,GAAA;AAAA,MAC9B,MAAA;AAAA,MACA,YAAA;AAAA,MAAA,iBACA,IAAI,IAAA,EAAK,EAAE,WAAA;AAAY,KACzB;AACA,IAAA,IAAA,CAAK,IAAA,CAAK,qBAAqB,CAAA,CAAE,GAAA,CAAI,MAAM,CAAA;AAAA,EAC7C;AAAA,EAEA,MAAM,kBAAA,CACJ,MAAA,EACA,KAAA,GAAgB,CAAA,EACG;AACnB,IAAA,IAAI,CAAC,IAAA,CAAK,EAAA,EAAI,MAAM,IAAI,MAAM,eAAe,CAAA;AAE7C,IAAA,MAAM,OAAO,IAAA,CAAK,IAAA,CAAK,oBAAoB,CAAA,CAAE,GAAA,CAAI,QAAQ,KAAK,CAAA;AAI9D,IAAA,OAAO,IAAA,CAAK,GAAA,CAAI,CAAC,CAAA,KAAM,EAAE,aAAa,CAAA;AAAA,EACxC;AAAA,EAEA,MAAM,mBAAA,CACJ,QAAA,EACA,MAAA,EACA,eAAuB,CAAA,EACL;AAClB,IAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,kBAAA,CAAmB,QAAQ,YAAY,CAAA;AAClE,IAAA,KAAA,MAAW,QAAQ,OAAA,EAAS;AAC1B,MAAA,IAAI,MAAM,MAAA,CAAO,OAAA,CAAQ,QAAA,EAAU,IAAI,CAAA,EAAG;AACxC,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF;AACA,IAAA,OAAO,KAAA;AAAA,EACT;AAAA,EAEA,MAAM,oBAAoB,MAAA,EAA+B;AACvD,IAAA,IAAI,CAAC,IAAA,CAAK,EAAA,EAAI,MAAM,IAAI,MAAM,eAAe,CAAA;AAE7C,IAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,IAAA,MAAM,UAAU,IAAA,CAAK,IAAA,CAAK,YAAY,CAAA,CAAE,IAAI,MAAM,CAAA;AAIlD,IAAA,MAAM,QAAA,GAAA,CAAY,OAAA,EAAS,QAAA,IAAY,CAAA,IAAK,CAAA;AAC5C,IAAA,MAAM,WAAA,GACJ,YAAY,CAAA,GAAI,GAAA,GAAM,KAAK,EAAA,GAAK,GAAA,GAAO,SAAS,YAAA,IAAgB,IAAA;AAElE,IAAA,IAAA,CAAK,IAAA,CAAK,eAAe,CAAA,CAAE,GAAA;AAAA,MACzB,MAAA;AAAA,MACA,QAAA;AAAA,MACA,GAAA;AAAA,MACA,WAAA,KAAgB,OAAO,GAAA,GAAM,IAAA;AAAA,MAC7B;AAAA,KACF;AAAA,EACF;AAAA,EAEA,MAAM,cAAc,MAAA,EAA+B;AACjD,IAAA,IAAI,CAAC,IAAA,CAAK,EAAA,EAAI,MAAM,IAAI,MAAM,eAAe,CAAA;AAC7C,IAAA,IAAA,CAAK,IAAA,CAAK,cAAc,CAAA,CAAE,GAAA,CAAI,MAAM,CAAA;AAAA,EACtC;AAAA,EAEA,MAAM,aAAa,MAAA,EAKhB;AACD,IAAA,IAAI,CAAC,IAAA,CAAK,EAAA,EAAI,MAAM,IAAI,MAAM,eAAe,CAAA;AAE7C,IAAA,IAAA,CAAK,KAAK,wBAAwB,CAAA,CAAE,GAAA,CAAI,IAAA,CAAK,KAAK,CAAA;AAElD,IAAA,MAAM,UAAU,IAAA,CAAK,IAAA,CAAK,YAAY,CAAA,CAAE,IAAI,MAAM,CAAA;AAIlD,IAAA,IAAI,CAAC,OAAA,EAAS;AACZ,MAAA,OAAO;AAAA,QACL,MAAA,EAAQ,KAAA;AAAA,QACR,iBAAA,EAAmB,CAAA;AAAA,QACnB,aAAA,EAAe;AAAA,OACjB;AAAA,IACF;AAEA,IAAA,IAAI,QAAQ,YAAA,KAAiB,IAAA,IAAQ,QAAQ,YAAA,GAAe,IAAA,CAAK,KAAI,EAAG;AACtE,MAAA,OAAO;AAAA,QACL,MAAA,EAAQ,IAAA;AAAA,QACR,iBAAA,EAAmB,CAAA;AAAA,QACnB,WAAA,EAAa,IAAI,IAAA,CAAK,OAAA,CAAQ,YAAY,CAAA;AAAA,QAC1C,eAAe,OAAA,CAAQ;AAAA,OACzB;AAAA,IACF;AAEA,IAAA,OAAO;AAAA,MACL,MAAA,EAAQ,KAAA;AAAA,MACR,mBAAmB,IAAA,CAAK,GAAA,CAAI,CAAA,EAAG,CAAA,GAAI,QAAQ,QAAQ,CAAA;AAAA,MACnD,eAAe,OAAA,CAAQ;AAAA,KACzB;AAAA,EACF;AAAA,EAEA,MAAM,SAAS,IAAA,EAYK;AAClB,IAAA,IAAI,CAAC,IAAA,CAAK,EAAA,EAAI,MAAM,IAAI,MAAM,eAAe,CAAA;AAE7C,IAAA,MAAM,EAAA,GAAK,WAAA,CAAY,EAAE,CAAA,CAAE,SAAS,KAAK,CAAA;AACzC,IAAA,MAAM,SAAA,GAAA,iBAAY,IAAI,IAAA,EAAK,EAAE,WAAA,EAAY;AAEzC,IAAA,IAAA,CAAK,EAAA,CACF,OAAA;AAAA,MACC,CAAA;AAAA;AAAA;AAAA,2DAAA;AAAA,KAIF,CACC,GAAA;AAAA,MACC,EAAA;AAAA,MACA,SAAA;AAAA,MACA,IAAA,CAAK,MAAA;AAAA,MACL,KAAK,MAAA,IAAU,IAAA;AAAA,MACf,KAAK,SAAA,IAAa,IAAA;AAAA,MAClB,KAAK,IAAA,IAAQ,IAAA;AAAA,MACb,IAAA,CAAK,QAAA;AAAA,MACL,KAAK,UAAA,IAAc,IAAA;AAAA,MACnB,KAAK,SAAA,IAAa,IAAA;AAAA,MAClB,KAAK,SAAA,IAAa,IAAA;AAAA,MAClB,IAAA,CAAK,UAAU,CAAA,GAAI,CAAA;AAAA,MACnB,KAAK,KAAA,IAAS,IAAA;AAAA,MACd,KAAK,QAAA,GAAW,IAAA,CAAK,SAAA,CAAU,IAAA,CAAK,QAAQ,CAAA,GAAI,IAAA;AAAA,MAAA,iBAChD,IAAI,IAAA,EAAK,EAAE,WAAA;AAAY,KACzB;AAEF,IAAA,OAAO,EAAA;AAAA,EACT;AAAA,EAEA,MAAM,cAAA,CACJ,OAAA,GASI,EAAC,EAiBJ;AACD,IAAA,IAAI,CAAC,IAAA,CAAK,EAAA,EAAI,MAAM,IAAI,MAAM,eAAe,CAAA;AAE7C,IAAA,MAAM,aAAuB,EAAC;AAC9B,IAAA,MAAM,SAAoB,EAAC;AAE3B,IAAA,IAAI,QAAQ,MAAA,EAAQ;AAClB,MAAA,UAAA,CAAW,KAAK,YAAY,CAAA;AAC5B,MAAA,MAAA,CAAO,IAAA,CAAK,QAAQ,MAAM,CAAA;AAAA,IAC5B;AACA,IAAA,IAAI,QAAQ,MAAA,EAAQ;AAClB,MAAA,UAAA,CAAW,KAAK,aAAa,CAAA;AAC7B,MAAA,MAAA,CAAO,IAAA,CAAK,QAAQ,MAAM,CAAA;AAAA,IAC5B;AACA,IAAA,IAAI,QAAQ,QAAA,EAAU;AACpB,MAAA,UAAA,CAAW,KAAK,cAAc,CAAA;AAC9B,MAAA,MAAA,CAAO,IAAA,CAAK,QAAQ,QAAQ,CAAA;AAAA,IAC9B;AACA,IAAA,IAAI,OAAA,CAAQ,YAAY,MAAA,EAAW;AACjC,MAAA,UAAA,CAAW,KAAK,aAAa,CAAA;AAC7B,MAAA,MAAA,CAAO,IAAA,CAAK,OAAA,CAAQ,OAAA,GAAU,CAAA,GAAI,CAAC,CAAA;AAAA,IACrC;AACA,IAAA,IAAI,QAAQ,SAAA,EAAW;AACrB,MAAA,UAAA,CAAW,KAAK,gBAAgB,CAAA;AAChC,MAAA,MAAA,CAAO,IAAA,CAAK,OAAA,CAAQ,SAAA,CAAU,WAAA,EAAa,CAAA;AAAA,IAC7C;AACA,IAAA,IAAI,QAAQ,OAAA,EAAS;AACnB,MAAA,UAAA,CAAW,KAAK,gBAAgB,CAAA;AAChC,MAAA,MAAA,CAAO,IAAA,CAAK,OAAA,CAAQ,OAAA,CAAQ,WAAA,EAAa,CAAA;AAAA,IAC3C;AAEA,IAAA,MAAM,KAAA,GACJ,WAAW,MAAA,GAAS,CAAA,GAAI,WAAW,UAAA,CAAW,IAAA,CAAK,OAAO,CAAA,GAAI,EAAA;AAChE,IAAA,MAAM,KAAA,GAAQ,QAAQ,KAAA,IAAS,EAAA;AAC/B,IAAA,MAAM,MAAA,GAAS,QAAQ,MAAA,IAAU,CAAA;AAEjC,IAAA,MAAM,WAAA,GAAc,IAAA,CAAK,EAAA,CACtB,OAAA,CAAQ,CAAA,8CAAA,EAAiD,KAAK,CAAA,CAAE,CAAA,CAChE,GAAA,CAAI,GAAG,MAAM,CAAA;AAEhB,IAAA,MAAM,IAAA,GAAO,KAAK,EAAA,CACf,OAAA;AAAA,MACC,iCAAiC,KAAK,CAAA,yCAAA;AAAA,KACxC,CACC,GAAA,CAAI,GAAG,MAAA,EAAQ,OAAO,MAAM,CAAA;AAE/B,IAAA,OAAO;AAAA,MACL,OAAO,WAAA,CAAY,KAAA;AAAA,MACnB,IAAA,EAAM,IAAA,CAAK,GAAA,CAAI,CAAC,GAAA,MAAS;AAAA,QACvB,IAAI,GAAA,CAAI,EAAA;AAAA,QACR,SAAA,EAAW,IAAI,IAAA,CAAK,GAAA,CAAI,SAAmB,CAAA;AAAA,QAC3C,QAAQ,GAAA,CAAI,MAAA;AAAA,QACZ,MAAA,EAAS,IAAI,OAAA,IAAsB,MAAA;AAAA,QACnC,SAAA,EAAY,IAAI,UAAA,IAAyB,MAAA;AAAA,QACzC,UAAU,GAAA,CAAI,QAAA;AAAA,QACd,UAAA,EAAa,IAAI,WAAA,IAA0B,MAAA;AAAA,QAC3C,SAAA,EAAY,IAAI,UAAA,IAAyB,MAAA;AAAA,QACzC,SAAA,EAAY,IAAI,UAAA,IAAyB,MAAA;AAAA,QACzC,OAAA,EAAU,IAAI,OAAA,KAAuB,CAAA;AAAA,QACrC,KAAA,EAAQ,IAAI,KAAA,IAAoB,MAAA;AAAA,QAChC,UAAU,GAAA,CAAI,QAAA,GAAW,KAAK,KAAA,CAAM,GAAA,CAAI,QAAkB,CAAA,GAAI;AAAA,OAChE,CAAE;AAAA,KACJ;AAAA,EACF;AAAA,EAEQ,UAAU,GAAA,EAAwC;AACxD,IAAA,OAAO;AAAA,MACL,IAAI,GAAA,CAAI,EAAA;AAAA,MACR,OAAO,GAAA,CAAI,KAAA;AAAA,MACX,cAAc,GAAA,CAAI,aAAA;AAAA,MAClB,MAAM,GAAA,CAAI,IAAA;AAAA,MACV,UAAU,GAAA,CAAI,SAAA;AAAA,MACd,aAAA,EAAgB,IAAI,cAAA,KAA8B,CAAA;AAAA,MAClD,MAAA,EAAS,IAAI,MAAA,KAAsB,CAAA;AAAA,MACnC,WAAW,GAAA,CAAI,UAAA;AAAA,MACf,mBAAA,EAAsB,IAAI,qBAAA,IAAoC,CAAA;AAAA,MAC9D,WAAW,GAAA,CAAI,UAAA;AAAA,MACf,WAAW,GAAA,CAAI;AAAA,KACjB;AAAA,EACF;AAAA,EAEQ,aAAa,GAAA,EAAuC;AAC1D,IAAA,OAAO;AAAA,MACL,IAAI,GAAA,CAAI,EAAA;AAAA,MACR,QAAQ,GAAA,CAAI,OAAA;AAAA,MACZ,OAAO,GAAA,CAAI,KAAA;AAAA,MACX,cAAc,GAAA,CAAI,aAAA;AAAA,MAClB,WAAW,GAAA,CAAI,UAAA;AAAA,MACf,WAAW,GAAA,CAAI,UAAA;AAAA,MACf,WAAW,GAAA,CAAI,UAAA;AAAA,MACf,WAAW,GAAA,CAAI;AAAA,KACjB;AAAA,EACF;AAAA,EAEA,MAAM,cACJ,MAAA,EAC8C;AAC9C,IAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,cAAA,CAAe;AAAA,MACvC,QAAQ,MAAA,CAAO,MAAA;AAAA,MACf,QAAQ,MAAA,CAAO,MAAA;AAAA,MACf,UAAU,MAAA,CAAO,QAAA;AAAA,MACjB,SAAS,MAAA,CAAO,OAAA;AAAA,MAChB,WAAW,MAAA,CAAO,SAAA;AAAA,MAClB,SAAS,MAAA,CAAO,OAAA;AAAA,MAChB,OAAO,MAAA,CAAO,KAAA;AAAA,MACd,QAAQ,MAAA,CAAO;AAAA,KAChB,CAAA;AACD,IAAA,OAAO;AAAA,MACL,IAAA,EAAM,MAAA,CAAO,IAAA,CAAK,GAAA,CAAI,CAAC,GAAA,MAAS;AAAA,QAC9B,GAAG,GAAA;AAAA,QACH,QAAQ,GAAA,CAAI;AAAA,OACd,CAAE,CAAA;AAAA,MACF,OAAO,MAAA,CAAO;AAAA,KAChB;AAAA,EACF;AAAA,EAEA,MAAM,eACJ,IAAA,EACmB;AACnB,IAAA,MAAM,EAAA,GAAK,MAAM,IAAA,CAAK,QAAA,CAAS;AAAA,MAC7B,QAAQ,IAAA,CAAK,MAAA;AAAA,MACb,QAAQ,IAAA,CAAK,MAAA;AAAA,MACb,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,MAAM,IAAA,CAAK,IAAA;AAAA,MACX,UAAU,IAAA,CAAK,QAAA;AAAA,MACf,YAAY,IAAA,CAAK,UAAA;AAAA,MACjB,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,SAAS,IAAA,CAAK,OAAA;AAAA,MACd,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,UAAU,IAAA,CAAK;AAAA,KAChB,CAAA;AACD,IAAA,MAAM,MAAM,IAAA,CAAK,EAAA,EACb,QAAQ,4CAA4C,CAAA,CACrD,IAAI,EAAE,CAAA;AACT,IAAA,OAAO;AAAA,MACL,GAAG,IAAA;AAAA,MACH,EAAA;AAAA,MACA,SAAA,EAAW,MAAM,IAAI,IAAA,CAAK,IAAI,SAAmB,CAAA,uBAAQ,IAAA;AAAK,KAChE;AAAA,EACF;AACF;;;ACr1BO,IAAM,uBAAA,GAAgD;AAAA,EAC3D,SAAA,EAAW,EAAA;AAAA,EACX,gBAAA,EAAkB,IAAA;AAAA,EAClB,gBAAA,EAAkB,IAAA;AAAA,EAClB,cAAA,EAAgB,IAAA;AAAA,EAChB,mBAAA,EAAqB,IAAA;AAAA,EACrB,YAAA,EAAc,CAAA;AAAA,EACd,SAAA,EAAW;AACb,CAAA;AAEO,IAAM,iBAAN,MAAqB;AAAA,EAClB,MAAA;AAAA,EAER,WAAA,CAAY,MAAA,GAAwC,EAAC,EAAG;AACtD,IAAA,IAAA,CAAK,MAAA,GAAS,EAAE,GAAG,uBAAA,EAAyB,GAAG,MAAA,EAAO;AAAA,EACxD;AAAA,EAEA,SAAS,QAAA,EAAoC;AAC3C,IAAA,MAAM,SAAmB,EAAC;AAE1B,IAAA,IAAI,KAAK,MAAA,CAAO,SAAA,IAAa,SAAS,MAAA,GAAS,IAAA,CAAK,OAAO,SAAA,EAAW;AACpE,MAAA,MAAA,CAAO,IAAA;AAAA,QACL,CAAA,yBAAA,EAA4B,IAAA,CAAK,MAAA,CAAO,SAAS,CAAA,WAAA;AAAA,OACnD;AAAA,IACF;AAEA,IAAA,IAAI,QAAA,CAAS,MAAA,GAAS,IAAA,CAAK,MAAA,CAAO,SAAA,EAAW;AAC3C,MAAA,MAAA,CAAO,IAAA;AAAA,QACL,CAAA,0BAAA,EAA6B,IAAA,CAAK,MAAA,CAAO,SAAS,CAAA,WAAA;AAAA,OACpD;AAAA,IACF;AAEA,IAAA,IAAI,KAAK,MAAA,CAAO,gBAAA,IAAoB,CAAC,OAAA,CAAQ,IAAA,CAAK,QAAQ,CAAA,EAAG;AAC3D,MAAA,MAAA,CAAO,KAAK,qDAAqD,CAAA;AAAA,IACnE;AAEA,IAAA,IAAI,KAAK,MAAA,CAAO,gBAAA,IAAoB,CAAC,OAAA,CAAQ,IAAA,CAAK,QAAQ,CAAA,EAAG;AAC3D,MAAA,MAAA,CAAO,KAAK,qDAAqD,CAAA;AAAA,IACnE;AAEA,IAAA,IAAI,KAAK,MAAA,CAAO,cAAA,IAAkB,CAAC,OAAA,CAAQ,IAAA,CAAK,QAAQ,CAAA,EAAG;AACzD,MAAA,MAAA,CAAO,KAAK,2CAA2C,CAAA;AAAA,IACzD;AAEA,IAAA,IACE,KAAK,MAAA,CAAO,mBAAA,IACZ,CAAC,uCAAA,CAAwC,IAAA,CAAK,QAAQ,CAAA,EACtD;AACA,MAAA,MAAA,CAAO,KAAK,sDAAsD,CAAA;AAAA,IACpE;AAEA,IAAA,MAAM,eAAA,GAAkB;AAAA,MACtB,UAAA;AAAA,MACA,QAAA;AAAA,MACA,UAAA;AAAA,MACA,QAAA;AAAA,MACA,QAAA;AAAA,MACA,QAAA;AAAA,MACA,SAAA;AAAA,MACA,SAAA;AAAA,MACA,UAAA;AAAA,MACA,QAAA;AAAA,MACA,UAAA;AAAA,MACA,UAAA;AAAA,MACA,QAAA;AAAA,MACA,UAAA;AAAA,MACA,QAAA;AAAA,MACA,UAAA;AAAA,MACA,WAAA;AAAA,MACA,QAAA;AAAA,MACA,QAAA;AAAA,MACA;AAAA,KACF;AAEA,IAAA,IAAI,eAAA,CAAgB,QAAA,CAAS,QAAA,CAAS,WAAA,EAAa,CAAA,EAAG;AACpD,MAAA,MAAA,CAAO,IAAA;AAAA,QACL;AAAA,OACF;AAAA,IACF;AAEA,IAAA,IAAI,cAAc,IAAA,CAAK,QAAQ,KAAK,UAAA,CAAW,IAAA,CAAK,QAAQ,CAAA,EAAG;AAC7D,MAAA,MAAA,CAAO,IAAA;AAAA,QACL;AAAA,OACF;AAAA,IACF;AAEA,IAAA,IAAI,WAAA,CAAY,IAAA,CAAK,QAAQ,CAAA,EAAG;AAC9B,MAAA,MAAA,CAAO,IAAA;AAAA,QACL;AAAA,OACF;AAAA,IACF;AAEA,IAAA,IACE,+EAAA,CAAgF,IAAA;AAAA,MAC9E;AAAA,KACF,EACA;AACA,MAAA,MAAA,CAAO,KAAK,yDAAyD,CAAA;AAAA,IACvE;AAEA,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,OAAO,MAAA,KAAW,CAAA;AAAA,MACzB;AAAA,KACF;AAAA,EACF;AAAA,EAEA,MAAM,UAAA,CACJ,YAAA,EACA,OAAA,EACA,QAAA,EAC2B;AAC3B,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,IAAA;AAAA,MACP,QAAQ;AAAC,KACX;AAAA,EACF;AAAA,EAEA,MAAM,WAAA,CACJ,QAAA,EACA,OAAA,EACA,QAAA,EACkB;AAClB,IAAA,KAAA,MAAW,QAAQ,OAAA,EAAS;AAC1B,MAAA,IAAI,MAAM,QAAA,CAAS,QAAA,EAAU,IAAI,CAAA,EAAG;AAClC,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF;AACA,IAAA,OAAO,KAAA;AAAA,EACT;AAAA,EAEA,gBAAA,CAAiB,SAAiB,EAAA,EAAY;AAC5C,IAAA,MAAM,SAAA,GAAY,4BAAA;AAClB,IAAA,MAAM,SAAA,GAAY,4BAAA;AAClB,IAAA,MAAM,OAAA,GAAU,YAAA;AAChB,IAAA,MAAM,OAAA,GAAU,4BAAA;AAEhB,IAAA,IAAI,QAAA,GAAW,EAAA;AAEf,IAAA,QAAA,IAAY,SAAA,CAAU,KAAK,KAAA,CAAM,IAAA,CAAK,QAAO,GAAI,SAAA,CAAU,MAAM,CAAC,CAAA;AAClE,IAAA,QAAA,IAAY,SAAA,CAAU,KAAK,KAAA,CAAM,IAAA,CAAK,QAAO,GAAI,SAAA,CAAU,MAAM,CAAC,CAAA;AAClE,IAAA,QAAA,IAAY,OAAA,CAAQ,KAAK,KAAA,CAAM,IAAA,CAAK,QAAO,GAAI,OAAA,CAAQ,MAAM,CAAC,CAAA;AAC9D,IAAA,QAAA,IAAY,OAAA,CAAQ,KAAK,KAAA,CAAM,IAAA,CAAK,QAAO,GAAI,OAAA,CAAQ,MAAM,CAAC,CAAA;AAE9D,IAAA,MAAM,QAAA,GAAW,SAAA,GAAY,SAAA,GAAY,OAAA,GAAU,OAAA;AACnD,IAAA,KAAA,IAAS,CAAA,GAAI,QAAA,CAAS,MAAA,EAAQ,CAAA,GAAI,QAAQ,CAAA,EAAA,EAAK;AAC7C,MAAA,QAAA,IAAY,QAAA,CAAS,KAAK,KAAA,CAAM,IAAA,CAAK,QAAO,GAAI,QAAA,CAAS,MAAM,CAAC,CAAA;AAAA,IAClE;AAEA,IAAA,OAAO,QAAA,CACJ,KAAA,CAAM,EAAE,CAAA,CACR,IAAA,CAAK,MAAM,IAAA,CAAK,MAAA,EAAO,GAAI,GAAG,CAAA,CAC9B,IAAA,CAAK,EAAE,CAAA;AAAA,EACZ;AAAA,EAEA,YAAY,QAAA,EAIV;AACA,IAAA,IAAI,KAAA,GAAQ,CAAA;AACZ,IAAA,MAAM,WAAqB,EAAC;AAE5B,IAAA,IAAI,QAAA,CAAS,MAAA,IAAU,CAAA,EAAG,KAAA,IAAS,CAAA;AACnC,IAAA,IAAI,QAAA,CAAS,MAAA,IAAU,EAAA,EAAI,KAAA,IAAS,CAAA;AACpC,IAAA,IAAI,QAAA,CAAS,MAAA,IAAU,EAAA,EAAI,KAAA,IAAS,CAAA;AAEpC,IAAA,IAAI,OAAA,CAAQ,IAAA,CAAK,QAAQ,CAAA,EAAG,KAAA,IAAS,CAAA;AACrC,IAAA,IAAI,OAAA,CAAQ,IAAA,CAAK,QAAQ,CAAA,EAAG,KAAA,IAAS,CAAA;AACrC,IAAA,IAAI,OAAA,CAAQ,IAAA,CAAK,QAAQ,CAAA,EAAG,KAAA,IAAS,CAAA;AACrC,IAAA,IAAI,iCAAA,CAAkC,IAAA,CAAK,QAAQ,CAAA,EAAG,KAAA,IAAS,CAAA;AAE/D,IAAA,IAAI,QAAA,CAAS,MAAA,GAAS,CAAA,EAAG,KAAA,IAAS,CAAA;AAClC,IAAA,IAAI,QAAA,CAAS,MAAA,GAAS,EAAA,EAAI,KAAA,IAAS,CAAA;AAEnC,IAAA,MAAM,WAAA,GAAc,IAAI,GAAA,CAAI,QAAQ,CAAA,CAAE,IAAA;AACtC,IAAA,IAAI,WAAA,GAAc,GAAG,KAAA,IAAS,CAAA;AAC9B,IAAA,IAAI,WAAA,GAAc,IAAI,KAAA,IAAS,CAAA;AAE/B,IAAA,IAAI,KAAA;AACJ,IAAA,IAAI,SAAS,CAAA,EAAG;AACd,MAAA,KAAA,GAAQ,MAAA;AACR,MAAA,QAAA,CAAS,KAAK,qBAAqB,CAAA;AACnC,MAAA,QAAA,CAAS,KAAK,yCAAyC,CAAA;AAAA,IACzD,CAAA,MAAA,IAAW,SAAS,CAAA,EAAG;AACrB,MAAA,KAAA,GAAQ,MAAA;AACR,MAAA,QAAA,CAAS,KAAK,wBAAwB,CAAA;AACtC,MAAA,QAAA,CAAS,KAAK,2BAA2B,CAAA;AAAA,IAC3C,CAAA,MAAA,IAAW,SAAS,CAAA,EAAG;AACrB,MAAA,KAAA,GAAQ,MAAA;AACR,MAAA,QAAA,CAAS,KAAK,8CAA8C,CAAA;AAAA,IAC9D,CAAA,MAAO;AACL,MAAA,KAAA,GAAQ,QAAA;AAAA,IACV;AAEA,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,QAAA,EAAS;AAAA,EAClC;AAAA,EAEA,UAAU,MAAA,EAA6C;AACrD,IAAA,IAAA,CAAK,SAAS,EAAE,GAAG,IAAA,CAAK,MAAA,EAAQ,GAAG,MAAA,EAAO;AAAA,EAC5C;AAAA,EAEA,SAAA,GAAkC;AAChC,IAAA,OAAO,EAAE,GAAG,IAAA,CAAK,MAAA,EAAO;AAAA,EAC1B;AACF;;;ACrMA,eAAsB,eACpB,MAAA,EAC0B;AAC1B,EAAA,MAAM;AAAA,IACJ,UAAA;AAAA,IACA,aAAA;AAAA,IACA,SAAA,GAAY,aAAA;AAAA,IACZ,QAAA;AAAA,IACA,WAAA;AAAA,IACA,gBAAA,GAAmB;AAAA,GACrB,GAAI,MAAA;AAEJ,EAAA,MAAM,WAAA,GACJ,MAAA,CAAO,WAAA,IACP,IAAI,iBAAA,CAAkB;AAAA,IACpB,IAAA,EAAM,OAAO,UAAA,IAAc;AAAA,GAC5B,CAAA;AAEH,EAAA,IAAI;AACF,IAAA,MAAM,YAAY,OAAA,IAAU;AAAA,EAC9B,SAAS,KAAA,EAAO;AACd,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,KAAA;AAAA,MACT,KAAA,EAAO;AAAA,KACT;AAAA,EACF;AAEA,EAAA,MAAM,cAAA,GAAiB,IAAI,cAAA,EAAe;AAC1C,EAAA,MAAM,kBAAA,GAAqB,cAAA,CAAe,QAAA,CAAS,aAAa,CAAA;AAChE,EAAA,IAAI,CAAC,mBAAmB,KAAA,EAAO;AAC7B,IAAA,MAAM,YAAY,UAAA,IAAa;AAC/B,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,KAAA;AAAA,MACT,OAAO,CAAA,kBAAA,EAAqB,kBAAA,CAAmB,MAAA,CAAO,IAAA,CAAK,IAAI,CAAC,CAAA;AAAA,KAClE;AAAA,EACF;AAEA,EAAA,MAAM,YAAA,GAAe,MAAM,WAAA,CAAY,eAAA,CAAgB,UAAU,CAAA;AACjE,EAAA,IAAI,YAAA,EAAc;AAChB,IAAA,MAAM,YAAY,UAAA,IAAa;AAC/B,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,KAAA;AAAA,MACT,KAAA,EAAO;AAAA,KACT;AAAA,EACF;AAEA,EAAA,IAAI;AACF,IAAA,MAAM,IAAA,GAAO,MAAM,WAAA,CAAY,UAAA,CAAW;AAAA,MACxC,KAAA,EAAO,UAAA;AAAA,MACP,QAAA,EAAU,aAAA;AAAA,MACV,MAAO,SAAA,IAA0B,OAAA;AAAA,MACjC;AAAA,KACD,CAAA;AAED,IAAA,IAAI,oBAAoB,WAAA,EAAa;AACnC,MAAA,MAAM,cAAA,GAAiB,IAAI,cAAA,CAAe,WAAW,CAAA;AACrD,MAAA,MAAM,SAAA,GAAY,eAAe,YAAA,EAAa;AAC9C,MAAA,MAAM,eAAA,GAAkB,UAAU,OAAA,CAAQ,UAAA,CAAW,MAAM,GAAG,CAAA,CAAE,CAAC,CAAC,CAAA;AAClE,MAAA,MAAM,eAAe,IAAA,CAAK;AAAA,QACxB,EAAA,EAAI,UAAA;AAAA,QACJ,GAAG;AAAA,OACJ,CAAA;AAAA,IACH;AAEA,IAAA,MAAM,YAAY,UAAA,IAAa;AAC/B,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,IAAA;AAAA,MACT;AAAA,KACF;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,MAAM,YAAY,UAAA,IAAa;AAC/B,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,KAAA;AAAA,MACT,KAAA,EACE,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU;AAAA,KAC7C;AAAA,EACF;AACF;AAEA,eAAsB,sBAAA,CACpB,aACA,UAAA,EACkB;AAClB,EAAA,MAAM,YAAA,GAAe,MAAM,WAAA,CAAY,eAAA,CAAgB,UAAU,CAAA;AACjE,EAAA,OAAO,CAAC,YAAA;AACV;AAEO,SAAS,mBAAA,GAA8C;AAC5D,EAAA,MAAM,KAAA,GAAQ,QAAQ,GAAA,CAAI,gBAAA;AAC1B,EAAA,MAAM,QAAA,GAAW,QAAQ,GAAA,CAAI,mBAAA;AAE7B,EAAA,IAAI,CAAC,KAAA,IAAS,CAAC,QAAA,EAAU;AACvB,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,OAAO;AAAA,IACL,UAAA,EAAY,OAAA,CAAQ,GAAA,CAAI,iBAAA,IAAqB,gBAAA;AAAA,IAC7C,UAAA,EAAY,KAAA;AAAA,IACZ,aAAA,EAAe,QAAA;AAAA,IACf,SAAA,EAAW,OAAA,CAAQ,GAAA,CAAI,eAAA,IAAmB,aAAA;AAAA,IAC1C,QAAA,EAAU,QAAQ,GAAA,CAAI,oBAAA;AAAA,IACtB,WAAA,EAAa,OAAA,CAAQ,GAAA,CAAI,SAAA,GACrB;AAAA,MACE,QAAA,EAAU,MAAA;AAAA,MACV,IAAA,EAAM;AAAA,QACJ,IAAA,EAAM,QAAQ,GAAA,CAAI,SAAA;AAAA,QAClB,MAAM,QAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,SAAA,IAAa,OAAO,EAAE,CAAA;AAAA,QACjD,MAAA,EAAQ,OAAA,CAAQ,GAAA,CAAI,WAAA,KAAgB,MAAA;AAAA,QACpC,IAAA,EAAM;AAAA,UACJ,IAAA,EAAM,OAAA,CAAQ,GAAA,CAAI,SAAA,IAAa,EAAA;AAAA,UAC/B,IAAA,EAAM,OAAA,CAAQ,GAAA,CAAI,SAAA,IAAa;AAAA;AACjC,OACF;AAAA,MACA,IAAA,EAAM,OAAA,CAAQ,GAAA,CAAI,SAAA,IAAa,qBAAA;AAAA,MAC/B,QAAA,EAAU,QAAQ,GAAA,CAAI;AAAA,KACxB,GACA,MAAA;AAAA,IACJ,gBAAA,EAAkB,OAAA,CAAQ,GAAA,CAAI,uBAAA,KAA4B;AAAA,GAC5D;AACF;AAEA,eAAsB,aAAA,GAAiD;AACrE,EAAA,MAAM,SAAS,mBAAA,EAAoB;AACnC,EAAA,IAAI,CAAC,MAAA,EAAQ;AACX,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,OAAA,CAAQ,IAAI,kCAAkC,CAAA;AAC9C,EAAA,MAAM,MAAA,GAAS,MAAM,cAAA,CAAe,MAAM,CAAA;AAE1C,EAAA,IAAI,OAAO,OAAA,EAAS;AAClB,IAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,oBAAA,EAAuB,MAAA,CAAO,UAAU,CAAA,CAAE,CAAA;AAAA,EACxD,CAAA,MAAO;AACL,IAAA,OAAA,CAAQ,KAAA,CAAM,CAAA,kBAAA,EAAqB,MAAA,CAAO,KAAK,CAAA,CAAE,CAAA;AAAA,EACnD;AAEA,EAAA,OAAO,MAAA;AACT;AAEA,eAAsB,kBAAA,CACpB,MAAA,EACA,UAAA,GAAqB,CAAA,EACrB,eAAuB,GAAA,EACG;AAC1B,EAAA,IAAI,SAAA,GAAoB,EAAA;AAExB,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,UAAA,EAAY,CAAA,EAAA,EAAK;AACnC,IAAA,MAAM,MAAA,GAAS,MAAM,cAAA,CAAe,MAAM,CAAA;AAE1C,IAAA,IAAI,OAAO,OAAA,EAAS;AAClB,MAAA,OAAO,MAAA;AAAA,IACT;AAEA,IAAA,SAAA,GAAY,OAAO,KAAA,IAAS,eAAA;AAE5B,IAAA,IAAI,SAAA,CAAU,QAAA,CAAS,gBAAgB,CAAA,EAAG;AACxC,MAAA,OAAO,MAAA;AAAA,IACT;AAEA,IAAA,IAAI,CAAA,GAAI,aAAa,CAAA,EAAG;AACtB,MAAA,MAAM,IAAI,OAAA,CAAQ,CAAC,YAAY,UAAA,CAAW,OAAA,EAAS,YAAY,CAAC,CAAA;AAAA,IAClE;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,OAAA,EAAS,KAAA;AAAA,IACT,KAAA,EAAO,CAAA,aAAA,EAAgB,UAAU,CAAA,UAAA,EAAa,SAAS,CAAA;AAAA,GACzD;AACF","file":"chunk-RRYXQMZG.js","sourcesContent":["import type Database from \"better-sqlite3\";\nimport bcrypt from \"bcryptjs\";\nimport { randomBytes } from \"crypto\";\nimport { mkdirSync } from \"fs\";\nimport { dirname } from \"path\";\nimport type { AuthAdapter, AuthUser, Session, UserRole } from \"./types.js\";\nimport type { AuditLog, AuditLogFilter } from \"./security/audit-log.js\";\n\nexport interface SQLiteAuthAdapterOptions {\n path?: string;\n db?: Database.Database;\n saltRounds?: number;\n busyTimeout?: number;\n walAutoCheckpoint?: number;\n cacheSize?: number;\n mmapSize?: number;\n}\n\nconst DEFAULT_BUSY_TIMEOUT = 5000;\nconst DEFAULT_WAL_CHECKPOINT = 1000;\nconst DEFAULT_CACHE_SIZE = -64000;\nconst DEFAULT_MMAP_SIZE = 268435456;\n\nexport class SQLiteAuthAdapter implements AuthAdapter {\n private db: Database.Database | null = null;\n private path: string;\n private saltRounds: number;\n private externalDb: boolean;\n private busyTimeout: number;\n private walAutoCheckpoint: number;\n private cacheSize: number;\n private mmapSize: number;\n\n private preparedStatements: Map<string, Database.Statement> = new Map();\n\n constructor(options: SQLiteAuthAdapterOptions = {}) {\n this.path = options.path || \"./data/auth.db\";\n this.saltRounds = options.saltRounds || 12;\n this.externalDb = !!options.db;\n this.busyTimeout = options.busyTimeout ?? DEFAULT_BUSY_TIMEOUT;\n this.walAutoCheckpoint =\n options.walAutoCheckpoint ?? DEFAULT_WAL_CHECKPOINT;\n this.cacheSize = options.cacheSize ?? DEFAULT_CACHE_SIZE;\n this.mmapSize = options.mmapSize ?? DEFAULT_MMAP_SIZE;\n\n if (options.db) {\n this.db = options.db;\n }\n }\n\n async connect(): Promise<void> {\n if (this.db) return;\n\n const dir = dirname(this.path);\n if (dir && dir !== \".\") {\n mkdirSync(dir, { recursive: true });\n }\n\n const Database = (await import(\"better-sqlite3\")).default;\n this.db = new Database(this.path, {\n timeout: this.busyTimeout,\n });\n\n this.db.pragma(\"journal_mode = WAL\");\n this.db.pragma(\"synchronous = NORMAL\");\n this.db.pragma(\"cache_size = \" + this.cacheSize);\n this.db.pragma(\"mmap_size = \" + this.mmapSize);\n this.db.pragma(\"wal_autocheckpoint = \" + this.walAutoCheckpoint);\n this.db.pragma(\"foreign_keys = ON\");\n this.db.pragma(\"temp_store = MEMORY\");\n\n this.ensureTables();\n this.prepareStatements();\n }\n\n async disconnect(): Promise<void> {\n if (this.db && !this.externalDb) {\n this.db.pragma(\"wal_checkpoint(TRUNCATE)\");\n this.db.close();\n this.db = null;\n this.preparedStatements.clear();\n }\n }\n\n private ensureTables(): void {\n if (!this.db) return;\n\n this.db.exec(`\n CREATE TABLE IF NOT EXISTS kyro_users (\n id TEXT PRIMARY KEY,\n email TEXT UNIQUE NOT NULL,\n password_hash TEXT NOT NULL,\n role TEXT NOT NULL DEFAULT 'customer',\n tenant_id TEXT,\n email_verified INTEGER DEFAULT 0,\n locked INTEGER DEFAULT 0,\n last_login TEXT,\n failed_login_attempts INTEGER DEFAULT 0,\n locked_until TEXT,\n created_at TEXT NOT NULL,\n updated_at TEXT NOT NULL\n );\n\n CREATE TABLE IF NOT EXISTS kyro_sessions (\n id TEXT PRIMARY KEY,\n user_id TEXT NOT NULL,\n token TEXT NOT NULL,\n refresh_token TEXT,\n expires_at TEXT NOT NULL,\n created_at TEXT NOT NULL,\n ip_address TEXT,\n user_agent TEXT,\n FOREIGN KEY (user_id) REFERENCES kyro_users(id) ON DELETE CASCADE\n );\n\n CREATE TABLE IF NOT EXISTS kyro_password_history (\n id INTEGER PRIMARY KEY AUTOINCREMENT,\n user_id TEXT NOT NULL,\n password_hash TEXT NOT NULL,\n created_at TEXT NOT NULL,\n FOREIGN KEY (user_id) REFERENCES kyro_users(id) ON DELETE CASCADE\n );\n\n CREATE TABLE IF NOT EXISTS kyro_rate_limits (\n id INTEGER PRIMARY KEY AUTOINCREMENT,\n key TEXT NOT NULL,\n window_start INTEGER NOT NULL,\n count INTEGER NOT NULL DEFAULT 1,\n UNIQUE(key, window_start)\n );\n\n CREATE TABLE IF NOT EXISTS kyro_lockouts (\n user_id TEXT PRIMARY KEY,\n attempts INTEGER NOT NULL DEFAULT 0,\n last_attempt INTEGER,\n locked_at INTEGER,\n locked_until INTEGER\n );\n\n CREATE TABLE IF NOT EXISTS kyro_audit_logs (\n id TEXT PRIMARY KEY,\n timestamp TEXT NOT NULL,\n action TEXT NOT NULL,\n user_id TEXT,\n user_email TEXT,\n role TEXT,\n resource TEXT NOT NULL,\n resource_id TEXT,\n ip_address TEXT,\n user_agent TEXT,\n success INTEGER NOT NULL,\n error TEXT,\n metadata TEXT,\n created_at TEXT NOT NULL DEFAULT (datetime('now'))\n );\n\n CREATE INDEX IF NOT EXISTS idx_kyro_users_email ON kyro_users(email);\n CREATE INDEX IF NOT EXISTS idx_kyro_sessions_user_id ON kyro_sessions(user_id);\n CREATE INDEX IF NOT EXISTS idx_kyro_sessions_token ON kyro_sessions(token);\n CREATE INDEX IF NOT EXISTS idx_kyro_sessions_refresh_token ON kyro_sessions(refresh_token);\n CREATE INDEX IF NOT EXISTS idx_kyro_sessions_expires ON kyro_sessions(expires_at);\n CREATE INDEX IF NOT EXISTS idx_kyro_password_history_user_id ON kyro_password_history(user_id);\n CREATE INDEX IF NOT EXISTS idx_kyro_rate_limits_key ON kyro_rate_limits(key);\n CREATE INDEX IF NOT EXISTS idx_kyro_rate_limits_window ON kyro_rate_limits(window_start);\n CREATE INDEX IF NOT EXISTS idx_kyro_lockouts_locked_until ON kyro_lockouts(locked_until);\n CREATE INDEX IF NOT EXISTS idx_kyro_audit_logs_timestamp ON kyro_audit_logs(timestamp);\n CREATE INDEX IF NOT EXISTS idx_kyro_audit_logs_action ON kyro_audit_logs(action);\n CREATE INDEX IF NOT EXISTS idx_kyro_audit_logs_user_id ON kyro_audit_logs(user_id);\n CREATE INDEX IF NOT EXISTS idx_kyro_audit_logs_resource ON kyro_audit_logs(resource);\n `);\n }\n\n private prepareStatements(): void {\n if (!this.db) return;\n\n this.preparedStatements.set(\n \"findUserByEmail\",\n this.db.prepare(\"SELECT * FROM kyro_users WHERE email = ?\"),\n );\n this.preparedStatements.set(\n \"findUserById\",\n this.db.prepare(\"SELECT * FROM kyro_users WHERE id = ?\"),\n );\n this.preparedStatements.set(\n \"findSessionByToken\",\n this.db.prepare(\"SELECT * FROM kyro_sessions WHERE token = ?\"),\n );\n this.preparedStatements.set(\n \"findSessionByRefreshToken\",\n this.db.prepare(\"SELECT * FROM kyro_sessions WHERE refresh_token = ?\"),\n );\n this.preparedStatements.set(\n \"deleteSession\",\n this.db.prepare(\"DELETE FROM kyro_sessions WHERE id = ? OR token = ?\"),\n );\n this.preparedStatements.set(\n \"deleteUserSessions\",\n this.db.prepare(\"DELETE FROM kyro_sessions WHERE user_id = ?\"),\n );\n this.preparedStatements.set(\n \"countUsers\",\n this.db.prepare(\"SELECT COUNT(*) as count FROM kyro_users\"),\n );\n this.preparedStatements.set(\n \"deleteUser\",\n this.db.prepare(\"DELETE FROM kyro_users WHERE id = ?\"),\n );\n this.preparedStatements.set(\n \"getPasswordHistory\",\n this.db.prepare(\n \"SELECT password_hash FROM kyro_password_history WHERE user_id = ? ORDER BY created_at DESC LIMIT ?\",\n ),\n );\n this.preparedStatements.set(\n \"addPasswordHistory\",\n this.db.prepare(\n \"INSERT INTO kyro_password_history (user_id, password_hash, created_at) VALUES (?, ?, ?)\",\n ),\n );\n this.preparedStatements.set(\n \"trimPasswordHistory\",\n this.db.prepare(\n `DELETE FROM kyro_password_history WHERE id IN (\n SELECT id FROM kyro_password_history WHERE user_id = ? ORDER BY created_at DESC LIMIT -1 OFFSET 5\n )`,\n ),\n );\n this.preparedStatements.set(\n \"deleteExpiredSessions\",\n this.db.prepare(\"DELETE FROM kyro_sessions WHERE expires_at < ?\"),\n );\n this.preparedStatements.set(\n \"cleanupOldAuditLogs\",\n this.db.prepare(\"DELETE FROM kyro_audit_logs WHERE timestamp < ?\"),\n );\n this.preparedStatements.set(\n \"cleanupExpiredLockouts\",\n this.db.prepare(\n \"UPDATE kyro_lockouts SET attempts = 0, locked_at = NULL, locked_until = NULL WHERE locked_until < ?\",\n ),\n );\n this.preparedStatements.set(\n \"getLockout\",\n this.db.prepare(\"SELECT * FROM kyro_lockouts WHERE user_id = ?\"),\n );\n this.preparedStatements.set(\n \"upsertLockout\",\n this.db.prepare(`\n INSERT INTO kyro_lockouts (user_id, attempts, last_attempt, locked_at, locked_until)\n VALUES (?, ?, ?, ?, ?)\n ON CONFLICT(user_id) DO UPDATE SET\n attempts = excluded.attempts,\n last_attempt = excluded.last_attempt,\n locked_at = excluded.locked_at,\n locked_until = excluded.locked_until\n `),\n );\n this.preparedStatements.set(\n \"resetLockout\",\n this.db.prepare(\n \"UPDATE kyro_lockouts SET attempts = 0, locked_at = NULL, locked_until = NULL WHERE user_id = ?\",\n ),\n );\n }\n\n private stmt(name: string): Database.Statement {\n const stmt = this.preparedStatements.get(name);\n if (!stmt) throw new Error(`Prepared statement not found: ${name}`);\n return stmt;\n }\n\n async cleanupExpiredSessions(): Promise<number> {\n if (!this.db) throw new Error(\"Not connected\");\n const result = this.stmt(\"deleteExpiredSessions\").run(\n new Date().toISOString(),\n );\n return result.changes;\n }\n\n async cleanupOldAuditLogs(retentionDays: number = 30): Promise<number> {\n if (!this.db) throw new Error(\"Not connected\");\n const cutoff = new Date(\n Date.now() - retentionDays * 24 * 60 * 60 * 1000,\n ).toISOString();\n const result = this.stmt(\"cleanupOldAuditLogs\").run(cutoff);\n return result.changes;\n }\n\n async getStats(): Promise<{\n userCount: number;\n activeSessionCount: number;\n auditLogCount: number;\n }> {\n if (!this.db) throw new Error(\"Not connected\");\n\n const userCount = (this.stmt(\"countUsers\").get() as { count: number })\n .count;\n\n const activeSessionCount = (\n this.db\n .prepare(\n \"SELECT COUNT(*) as count FROM kyro_sessions WHERE expires_at > ?\",\n )\n .get(new Date().toISOString()) as { count: number }\n ).count;\n\n const auditLogCount = (\n this.db\n .prepare(\"SELECT COUNT(*) as count FROM kyro_audit_logs\")\n .get() as { count: number }\n ).count;\n\n return { userCount, activeSessionCount, auditLogCount };\n }\n\n async createUser(data: {\n email: string;\n password: string;\n role?: UserRole;\n tenantId?: string;\n }): Promise<AuthUser> {\n if (!this.db) throw new Error(\"Not connected\");\n\n const id = randomBytes(16).toString(\"hex\");\n const now = new Date().toISOString();\n const passwordHash = await this.hashPassword(data.password);\n\n const user: AuthUser = {\n id,\n email: data.email.toLowerCase(),\n passwordHash,\n role: (data.role || \"customer\") as UserRole,\n tenantId: data.tenantId,\n createdAt: now,\n updatedAt: now,\n };\n\n this.db\n .prepare(\n `INSERT INTO kyro_users (id, email, password_hash, role, tenant_id, created_at, updated_at)\n VALUES (?, ?, ?, ?, ?, ?, ?)`,\n )\n .run(\n id,\n user.email,\n user.passwordHash,\n user.role,\n user.tenantId,\n now,\n now,\n );\n\n return user;\n }\n\n async findUserByEmail(email: string): Promise<AuthUser | null> {\n if (!this.db) throw new Error(\"Not connected\");\n\n const row = this.stmt(\"findUserByEmail\").get(email.toLowerCase()) as\n | Record<string, unknown>\n | undefined;\n\n if (!row) return null;\n return this.rowToUser(row);\n }\n\n async findUserById(userId: string): Promise<AuthUser | null> {\n if (!this.db) throw new Error(\"Not connected\");\n\n const row = this.stmt(\"findUserById\").get(userId) as\n | Record<string, unknown>\n | undefined;\n\n if (!row) return null;\n return this.rowToUser(row);\n }\n\n async updateUser(\n userId: string,\n data: Partial<AuthUser>,\n ): Promise<AuthUser | null> {\n if (!this.db) throw new Error(\"Not connected\");\n\n const existing = await this.findUserById(userId);\n if (!existing) return null;\n\n const updates: string[] = [];\n const values: unknown[] = [];\n\n if (data.email !== undefined) {\n updates.push(\"email = ?\");\n values.push(data.email.toLowerCase());\n }\n if (data.passwordHash !== undefined) {\n updates.push(\"password_hash = ?\");\n values.push(data.passwordHash);\n }\n if (data.role !== undefined) {\n updates.push(\"role = ?\");\n values.push(data.role);\n }\n if (data.tenantId !== undefined) {\n updates.push(\"tenant_id = ?\");\n values.push(data.tenantId);\n }\n if (data.emailVerified !== undefined) {\n updates.push(\"email_verified = ?\");\n values.push(data.emailVerified ? 1 : 0);\n }\n if (data.locked !== undefined) {\n updates.push(\"locked = ?\");\n values.push(data.locked ? 1 : 0);\n }\n if (data.lastLogin !== undefined) {\n updates.push(\"last_login = ?\");\n values.push(data.lastLogin);\n }\n if (data.failedLoginAttempts !== undefined) {\n updates.push(\"failed_login_attempts = ?\");\n values.push(data.failedLoginAttempts);\n }\n\n updates.push(\"updated_at = ?\");\n values.push(new Date().toISOString());\n\n values.push(userId);\n\n this.db\n .prepare(`UPDATE kyro_users SET ${updates.join(\", \")} WHERE id = ?`)\n .run(...values);\n\n return this.findUserById(userId);\n }\n\n async deleteUser(userId: string): Promise<boolean> {\n if (!this.db) throw new Error(\"Not connected\");\n\n const result = this.stmt(\"deleteUser\").run(userId);\n return result.changes > 0;\n }\n\n async hashPassword(password: string): Promise<string> {\n return bcrypt.hash(password, this.saltRounds);\n }\n\n async verifyPassword(\n email: string,\n password: string,\n ): Promise<AuthUser | null> {\n if (!this.db) throw new Error(\"Not connected\");\n const user = await this.findUserByEmail(email);\n if (!user) return null;\n const stored = this.db\n .prepare(\"SELECT password_hash FROM users WHERE id = ?\")\n .get(user.id) as { password_hash: string } | undefined;\n if (!stored?.password_hash) return null;\n const valid = await bcrypt.compare(password, stored.password_hash);\n return valid ? user : null;\n }\n\n async createSession(\n userId: string,\n data: {\n ipAddress?: string;\n userAgent?: string;\n } = {},\n ): Promise<Session> {\n if (!this.db) throw new Error(\"Not connected\");\n\n const id = randomBytes(32).toString(\"hex\");\n const token = randomBytes(32).toString(\"base64url\");\n const refreshToken = randomBytes(32).toString(\"base64url\");\n const now = new Date();\n const expiresAt = new Date(now.getTime() + 86400000).toISOString();\n\n const session: Session = {\n id,\n userId,\n token,\n refreshToken,\n expiresAt,\n createdAt: now.toISOString(),\n ipAddress: data.ipAddress,\n userAgent: data.userAgent,\n };\n\n this.db\n .prepare(\n `INSERT INTO kyro_sessions (id, user_id, token, refresh_token, expires_at, created_at, ip_address, user_agent)\n VALUES (?, ?, ?, ?, ?, ?, ?, ?)`,\n )\n .run(\n session.id,\n session.userId,\n session.token,\n session.refreshToken,\n session.expiresAt,\n session.createdAt,\n session.ipAddress,\n session.userAgent,\n );\n\n return session;\n }\n\n async findSessionByToken(token: string): Promise<Session | null> {\n if (!this.db) throw new Error(\"Not connected\");\n\n const row = this.stmt(\"findSessionByToken\").get(token) as\n | Record<string, unknown>\n | undefined;\n\n if (!row) return null;\n return this.rowToSession(row);\n }\n\n async findSessionByRefreshToken(\n refreshToken: string,\n ): Promise<Session | null> {\n if (!this.db) throw new Error(\"Not connected\");\n\n const row = this.stmt(\"findSessionByRefreshToken\").get(refreshToken) as\n | Record<string, unknown>\n | undefined;\n\n if (!row) return null;\n return this.rowToSession(row);\n }\n\n async deleteSession(sessionId: string): Promise<boolean> {\n if (!this.db) throw new Error(\"Not connected\");\n\n const result = this.stmt(\"deleteSession\").run(sessionId, sessionId);\n return result.changes > 0;\n }\n\n async deleteUserSessions(userId: string): Promise<number> {\n if (!this.db) throw new Error(\"Not connected\");\n\n const result = this.stmt(\"deleteUserSessions\").run(userId);\n return result.changes;\n }\n\n async hasAnyUsers(): Promise<boolean> {\n if (!this.db) throw new Error(\"Not connected\");\n\n const row = this.stmt(\"countUsers\").get() as { count: number };\n return row.count > 0;\n }\n\n async addPasswordToHistory(\n userId: string,\n passwordHash: string,\n ): Promise<void> {\n if (!this.db) throw new Error(\"Not connected\");\n\n this.stmt(\"addPasswordHistory\").run(\n userId,\n passwordHash,\n new Date().toISOString(),\n );\n this.stmt(\"trimPasswordHistory\").run(userId);\n }\n\n async getPasswordHistory(\n userId: string,\n count: number = 5,\n ): Promise<string[]> {\n if (!this.db) throw new Error(\"Not connected\");\n\n const rows = this.stmt(\"getPasswordHistory\").all(userId, count) as Array<{\n password_hash: string;\n }>;\n\n return rows.map((r) => r.password_hash);\n }\n\n async isPasswordInHistory(\n password: string,\n userId: string,\n historyCount: number = 5,\n ): Promise<boolean> {\n const history = await this.getPasswordHistory(userId, historyCount);\n for (const hash of history) {\n if (await bcrypt.compare(password, hash)) {\n return true;\n }\n }\n return false;\n }\n\n async recordFailedAttempt(userId: string): Promise<void> {\n if (!this.db) throw new Error(\"Not connected\");\n\n const now = Date.now();\n const lockout = this.stmt(\"getLockout\").get(userId) as\n | { attempts: number; locked_until: number | null }\n | undefined;\n\n const attempts = (lockout?.attempts || 0) + 1;\n const lockedUntil =\n attempts >= 5 ? now + 15 * 60 * 1000 : lockout?.locked_until || null;\n\n this.stmt(\"upsertLockout\").run(\n userId,\n attempts,\n now,\n lockedUntil !== null ? now : null,\n lockedUntil,\n );\n }\n\n async resetAttempts(userId: string): Promise<void> {\n if (!this.db) throw new Error(\"Not connected\");\n this.stmt(\"resetLockout\").run(userId);\n }\n\n async checkLockout(userId: string): Promise<{\n locked: boolean;\n attemptsRemaining: number;\n lockedUntil?: Date;\n totalAttempts: number;\n }> {\n if (!this.db) throw new Error(\"Not connected\");\n\n this.stmt(\"cleanupExpiredLockouts\").run(Date.now());\n\n const lockout = this.stmt(\"getLockout\").get(userId) as\n | { attempts: number; locked_until: number | null }\n | undefined;\n\n if (!lockout) {\n return {\n locked: false,\n attemptsRemaining: 5,\n totalAttempts: 0,\n };\n }\n\n if (lockout.locked_until !== null && lockout.locked_until > Date.now()) {\n return {\n locked: true,\n attemptsRemaining: 0,\n lockedUntil: new Date(lockout.locked_until),\n totalAttempts: lockout.attempts,\n };\n }\n\n return {\n locked: false,\n attemptsRemaining: Math.max(0, 5 - lockout.attempts),\n totalAttempts: lockout.attempts,\n };\n }\n\n async logAudit(data: {\n action: string;\n userId?: string;\n userEmail?: string;\n role?: string;\n resource: string;\n resourceId?: string;\n ipAddress?: string;\n userAgent?: string;\n success: boolean;\n error?: string;\n metadata?: Record<string, unknown>;\n }): Promise<string> {\n if (!this.db) throw new Error(\"Not connected\");\n\n const id = randomBytes(16).toString(\"hex\");\n const timestamp = new Date().toISOString();\n\n this.db\n .prepare(\n `INSERT INTO kyro_audit_logs (\n id, timestamp, action, user_id, user_email, role, resource, resource_id,\n ip_address, user_agent, success, error, metadata, created_at\n ) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`,\n )\n .run(\n id,\n timestamp,\n data.action,\n data.userId || null,\n data.userEmail || null,\n data.role || null,\n data.resource,\n data.resourceId || null,\n data.ipAddress || null,\n data.userAgent || null,\n data.success ? 1 : 0,\n data.error || null,\n data.metadata ? JSON.stringify(data.metadata) : null,\n new Date().toISOString(),\n );\n\n return id;\n }\n\n async queryAuditLogs(\n options: {\n action?: string;\n userId?: string;\n resource?: string;\n success?: boolean;\n startDate?: Date;\n endDate?: Date;\n limit?: number;\n offset?: number;\n } = {},\n ): Promise<{\n logs: Array<{\n id: string;\n timestamp: Date;\n action: string;\n userId?: string;\n userEmail?: string;\n resource: string;\n resourceId?: string;\n ipAddress?: string;\n userAgent?: string;\n success: boolean;\n error?: string;\n metadata?: Record<string, unknown>;\n }>;\n total: number;\n }> {\n if (!this.db) throw new Error(\"Not connected\");\n\n const conditions: string[] = [];\n const params: unknown[] = [];\n\n if (options.action) {\n conditions.push(\"action = ?\");\n params.push(options.action);\n }\n if (options.userId) {\n conditions.push(\"user_id = ?\");\n params.push(options.userId);\n }\n if (options.resource) {\n conditions.push(\"resource = ?\");\n params.push(options.resource);\n }\n if (options.success !== undefined) {\n conditions.push(\"success = ?\");\n params.push(options.success ? 1 : 0);\n }\n if (options.startDate) {\n conditions.push(\"timestamp >= ?\");\n params.push(options.startDate.toISOString());\n }\n if (options.endDate) {\n conditions.push(\"timestamp <= ?\");\n params.push(options.endDate.toISOString());\n }\n\n const where =\n conditions.length > 0 ? \"WHERE \" + conditions.join(\" AND \") : \"\";\n const limit = options.limit || 50;\n const offset = options.offset || 0;\n\n const totalResult = this.db\n .prepare(`SELECT COUNT(*) as count FROM kyro_audit_logs ${where}`)\n .get(...params) as { count: number };\n\n const rows = this.db\n .prepare(\n `SELECT * FROM kyro_audit_logs ${where} ORDER BY timestamp DESC LIMIT ? OFFSET ?`,\n )\n .all(...params, limit, offset) as Array<Record<string, unknown>>;\n\n return {\n total: totalResult.count,\n logs: rows.map((row) => ({\n id: row.id as string,\n timestamp: new Date(row.timestamp as string),\n action: row.action as string,\n userId: (row.user_id as string) || undefined,\n userEmail: (row.user_email as string) || undefined,\n resource: row.resource as string,\n resourceId: (row.resource_id as string) || undefined,\n ipAddress: (row.ip_address as string) || undefined,\n userAgent: (row.user_agent as string) || undefined,\n success: (row.success as number) === 1,\n error: (row.error as string) || undefined,\n metadata: row.metadata ? JSON.parse(row.metadata as string) : undefined,\n })),\n };\n }\n\n private rowToUser(row: Record<string, unknown>): AuthUser {\n return {\n id: row.id as string,\n email: row.email as string,\n passwordHash: row.password_hash as string,\n role: row.role as UserRole,\n tenantId: row.tenant_id as string | undefined,\n emailVerified: (row.email_verified as number) === 1,\n locked: (row.locked as number) === 1,\n lastLogin: row.last_login as string | undefined,\n failedLoginAttempts: (row.failed_login_attempts as number) || 0,\n createdAt: row.created_at as string,\n updatedAt: row.updated_at as string,\n };\n }\n\n private rowToSession(row: Record<string, unknown>): Session {\n return {\n id: row.id as string,\n userId: row.user_id as string,\n token: row.token as string,\n refreshToken: row.refresh_token as string | undefined,\n expiresAt: row.expires_at as string,\n createdAt: row.created_at as string,\n ipAddress: row.ip_address as string | undefined,\n userAgent: row.user_agent as string | undefined,\n };\n }\n\n async findAuditLogs(\n filter: AuditLogFilter,\n ): Promise<{ logs: AuditLog[]; total: number }> {\n const result = await this.queryAuditLogs({\n action: filter.action as string | undefined,\n userId: filter.userId,\n resource: filter.resource,\n success: filter.success,\n startDate: filter.startDate,\n endDate: filter.endDate,\n limit: filter.limit,\n offset: filter.offset,\n });\n return {\n logs: result.logs.map((log) => ({\n ...log,\n action: log.action as AuditLog[\"action\"],\n })),\n total: result.total,\n };\n }\n\n async createAuditLog(\n data: Omit<AuditLog, \"id\" | \"timestamp\">,\n ): Promise<AuditLog> {\n const id = await this.logAudit({\n action: data.action,\n userId: data.userId,\n userEmail: data.userEmail,\n role: data.role,\n resource: data.resource,\n resourceId: data.resourceId,\n ipAddress: data.ipAddress,\n userAgent: data.userAgent,\n success: data.success,\n error: data.error,\n metadata: data.metadata,\n });\n const row = this.db\n ?.prepare(\"SELECT * FROM kyro_audit_logs WHERE id = ?\")\n .get(id) as Record<string, unknown> | undefined;\n return {\n ...data,\n id,\n timestamp: row ? new Date(row.timestamp as string) : new Date(),\n };\n }\n}\n","export interface PasswordPolicyConfig {\n minLength: number;\n requireUppercase: boolean;\n requireLowercase: boolean;\n requireNumbers: boolean;\n requireSpecialChars: boolean;\n preventReuse: number;\n maxLength?: number;\n}\n\nexport interface ValidationResult {\n valid: boolean;\n errors: string[];\n}\n\nexport const DEFAULT_PASSWORD_POLICY: PasswordPolicyConfig = {\n minLength: 12,\n requireUppercase: true,\n requireLowercase: true,\n requireNumbers: true,\n requireSpecialChars: true,\n preventReuse: 5,\n maxLength: 128,\n};\n\nexport class PasswordPolicy {\n private config: PasswordPolicyConfig;\n\n constructor(config: Partial<PasswordPolicyConfig> = {}) {\n this.config = { ...DEFAULT_PASSWORD_POLICY, ...config };\n }\n\n validate(password: string): ValidationResult {\n const errors: string[] = [];\n\n if (this.config.maxLength && password.length > this.config.maxLength) {\n errors.push(\n `Password must not exceed ${this.config.maxLength} characters`,\n );\n }\n\n if (password.length < this.config.minLength) {\n errors.push(\n `Password must be at least ${this.config.minLength} characters`,\n );\n }\n\n if (this.config.requireUppercase && !/[A-Z]/.test(password)) {\n errors.push(\"Password must contain at least one uppercase letter\");\n }\n\n if (this.config.requireLowercase && !/[a-z]/.test(password)) {\n errors.push(\"Password must contain at least one lowercase letter\");\n }\n\n if (this.config.requireNumbers && !/[0-9]/.test(password)) {\n errors.push(\"Password must contain at least one number\");\n }\n\n if (\n this.config.requireSpecialChars &&\n !/[!@#$%^&*()_+\\-=\\[\\]{};':\"\\\\|,.<>\\/?]/.test(password)\n ) {\n errors.push(\"Password must contain at least one special character\");\n }\n\n const commonPasswords = [\n \"password\",\n \"123456\",\n \"12345678\",\n \"qwerty\",\n \"abc123\",\n \"monkey\",\n \"1234567\",\n \"letmein\",\n \"trustno1\",\n \"dragon\",\n \"baseball\",\n \"iloveyou\",\n \"master\",\n \"sunshine\",\n \"ashley\",\n \"football\",\n \"password1\",\n \"shadow\",\n \"123123\",\n \"654321\",\n ];\n\n if (commonPasswords.includes(password.toLowerCase())) {\n errors.push(\n \"This password is too common. Please choose a more secure password\",\n );\n }\n\n if (/^[a-zA-Z]+$/.test(password) || /^[0-9]+$/.test(password)) {\n errors.push(\n \"Password must contain a mix of letters, numbers, and/or special characters\",\n );\n }\n\n if (/(.)\\1{2,}/.test(password)) {\n errors.push(\n \"Password must not contain more than 2 consecutive identical characters\",\n );\n }\n\n if (\n /^(012|123|234|345|456|567|678|789|890|098|987|876|765|654|543|432|321|210)+$/i.test(\n password,\n )\n ) {\n errors.push(\"Password must not contain sequential numbers or letters\");\n }\n\n return {\n valid: errors.length === 0,\n errors,\n };\n }\n\n async checkReuse(\n passwordHash: string,\n history: string[],\n verifyFn: (password: string, hash: string) => Promise<boolean>,\n ): Promise<ValidationResult> {\n return {\n valid: true,\n errors: [],\n };\n }\n\n async isInHistory(\n password: string,\n history: string[],\n verifyFn: (password: string, hash: string) => Promise<boolean>,\n ): Promise<boolean> {\n for (const hash of history) {\n if (await verifyFn(password, hash)) {\n return true;\n }\n }\n return false;\n }\n\n generatePassword(length: number = 16): string {\n const uppercase = \"ABCDEFGHIJKLMNOPQRSTUVWXYZ\";\n const lowercase = \"abcdefghijklmnopqrstuvwxyz\";\n const numbers = \"0123456789\";\n const special = \"!@#$%^&*()_+-=[]{}|;:,.<>?\";\n\n let password = \"\";\n\n password += uppercase[Math.floor(Math.random() * uppercase.length)];\n password += lowercase[Math.floor(Math.random() * lowercase.length)];\n password += numbers[Math.floor(Math.random() * numbers.length)];\n password += special[Math.floor(Math.random() * special.length)];\n\n const allChars = uppercase + lowercase + numbers + special;\n for (let i = password.length; i < length; i++) {\n password += allChars[Math.floor(Math.random() * allChars.length)];\n }\n\n return password\n .split(\"\")\n .sort(() => Math.random() - 0.5)\n .join(\"\");\n }\n\n getStrength(password: string): {\n score: number;\n label: string;\n feedback: string[];\n } {\n let score = 0;\n const feedback: string[] = [];\n\n if (password.length >= 8) score += 1;\n if (password.length >= 12) score += 1;\n if (password.length >= 16) score += 1;\n\n if (/[a-z]/.test(password)) score += 1;\n if (/[A-Z]/.test(password)) score += 1;\n if (/[0-9]/.test(password)) score += 1;\n if (/[!@#$%^&*()_+\\-=\\[\\]{}|;:,.<>?]/.test(password)) score += 1;\n\n if (password.length > 8) score += 1;\n if (password.length > 12) score += 1;\n\n const uniqueChars = new Set(password).size;\n if (uniqueChars > 6) score += 1;\n if (uniqueChars > 10) score += 1;\n\n let label: string;\n if (score <= 3) {\n label = \"Weak\";\n feedback.push(\"Add more characters\");\n feedback.push(\"Include uppercase and lowercase letters\");\n } else if (score <= 5) {\n label = \"Fair\";\n feedback.push(\"Add special characters\");\n feedback.push(\"Consider making it longer\");\n } else if (score <= 7) {\n label = \"Good\";\n feedback.push(\"Consider making it longer for extra security\");\n } else {\n label = \"Strong\";\n }\n\n return { score, label, feedback };\n }\n\n setConfig(config: Partial<PasswordPolicyConfig>): void {\n this.config = { ...this.config, ...config };\n }\n\n getConfig(): PasswordPolicyConfig {\n return { ...this.config };\n }\n}\n","import { SQLiteAuthAdapter } from \"./sqlite-adapter.js\";\nimport { EmailTransport, type EmailConfig } from \"./nodemailer-transport.js\";\nimport { PasswordPolicy } from \"./security/password-policy.js\";\nimport type { AuthUser, UserRole, AuthAdapter } from \"./types.js\";\n\nexport interface BootstrapConfig {\n authAdapter?: AuthAdapter;\n authDbPath?: string;\n adminEmail: string;\n adminPassword: string;\n adminRole?: string;\n tenantId?: string;\n emailConfig?: EmailConfig;\n sendWelcomeEmail?: boolean;\n}\n\nexport interface BootstrapResult {\n success: boolean;\n user?: AuthUser;\n error?: string;\n}\n\nexport async function bootstrapAdmin(\n config: BootstrapConfig,\n): Promise<BootstrapResult> {\n const {\n adminEmail,\n adminPassword,\n adminRole = \"super_admin\",\n tenantId,\n emailConfig,\n sendWelcomeEmail = false,\n } = config;\n\n const authAdapter =\n config.authAdapter ||\n new SQLiteAuthAdapter({\n path: config.authDbPath || \"./data/auth.db\",\n });\n\n try {\n await authAdapter.connect?.();\n } catch (error) {\n return {\n success: false,\n error: \"Failed to connect to auth storage\",\n };\n }\n\n const passwordPolicy = new PasswordPolicy();\n const passwordValidation = passwordPolicy.validate(adminPassword);\n if (!passwordValidation.valid) {\n await authAdapter.disconnect?.();\n return {\n success: false,\n error: `Invalid password: ${passwordValidation.errors.join(\", \")}`,\n };\n }\n\n const existingUser = await authAdapter.findUserByEmail(adminEmail);\n if (existingUser) {\n await authAdapter.disconnect?.();\n return {\n success: false,\n error: \"Admin user already exists\",\n };\n }\n\n try {\n const user = await authAdapter.createUser({\n email: adminEmail,\n password: adminPassword,\n role: (adminRole as UserRole) || \"admin\",\n tenantId,\n });\n\n if (sendWelcomeEmail && emailConfig) {\n const emailTransport = new EmailTransport(emailConfig);\n const templates = emailTransport.getTemplates();\n const welcomeTemplate = templates.welcome(adminEmail.split(\"@\")[0]);\n await emailTransport.send({\n to: adminEmail,\n ...welcomeTemplate,\n });\n }\n\n await authAdapter.disconnect?.();\n return {\n success: true,\n user,\n };\n } catch (error) {\n await authAdapter.disconnect?.();\n return {\n success: false,\n error:\n error instanceof Error ? error.message : \"Failed to create admin user\",\n };\n }\n}\n\nexport async function checkBootstrapRequired(\n authAdapter: AuthAdapter,\n adminEmail: string,\n): Promise<boolean> {\n const existingUser = await authAdapter.findUserByEmail(adminEmail);\n return !existingUser;\n}\n\nexport function getBootstrapFromEnv(): BootstrapConfig | null {\n const email = process.env.KYRO_ADMIN_EMAIL;\n const password = process.env.KYRO_ADMIN_PASSWORD;\n\n if (!email || !password) {\n return null;\n }\n\n return {\n authDbPath: process.env.KYRO_AUTH_DB_PATH || \"./data/auth.db\",\n adminEmail: email,\n adminPassword: password,\n adminRole: process.env.KYRO_ADMIN_ROLE || \"super_admin\",\n tenantId: process.env.KYRO_ADMIN_TENANT_ID,\n emailConfig: process.env.SMTP_HOST\n ? {\n provider: \"smtp\",\n smtp: {\n host: process.env.SMTP_HOST,\n port: parseInt(process.env.SMTP_PORT || \"587\", 10),\n secure: process.env.SMTP_SECURE === \"true\",\n auth: {\n user: process.env.SMTP_USER || \"\",\n pass: process.env.SMTP_PASS || \"\",\n },\n },\n from: process.env.SMTP_FROM || \"noreply@example.com\",\n fromName: process.env.SMTP_FROM_NAME,\n }\n : undefined,\n sendWelcomeEmail: process.env.KYRO_ADMIN_SEND_WELCOME === \"true\",\n };\n}\n\nexport async function autoBootstrap(): Promise<BootstrapResult | null> {\n const config = getBootstrapFromEnv();\n if (!config) {\n return null;\n }\n\n console.log(\"Auto-bootstrapping admin user...\");\n const result = await bootstrapAdmin(config);\n\n if (result.success) {\n console.log(`Admin user created: ${config.adminEmail}`);\n } else {\n console.error(`Bootstrap failed: ${result.error}`);\n }\n\n return result;\n}\n\nexport async function bootstrapWithRetry(\n config: BootstrapConfig,\n maxRetries: number = 3,\n retryDelayMs: number = 2000,\n): Promise<BootstrapResult> {\n let lastError: string = \"\";\n\n for (let i = 0; i < maxRetries; i++) {\n const result = await bootstrapAdmin(config);\n\n if (result.success) {\n return result;\n }\n\n lastError = result.error || \"Unknown error\";\n\n if (lastError.includes(\"already exists\")) {\n return result;\n }\n\n if (i < maxRetries - 1) {\n await new Promise((resolve) => setTimeout(resolve, retryDelayMs));\n }\n }\n\n return {\n success: false,\n error: `Failed after ${maxRetries} retries: ${lastError}`,\n };\n}\n"]}
package/dist/chunk-U74F3YZU.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../src/database/drizzle/postgres-auth-adapter.ts"],"names":[],"mappings":";;;;;AA8BO,IAAM,sBAAN,MAAiD;AAAA,EAC9C,EAAA;AAAA,EACA,MAAA;AAAA,EACA,UAAA;AAAA,EACA,eAAA;AAAA,EAER,YAAY,OAAA,EAAqC;AAC/C,IAAA,IAAA,CAAK,KAAK,OAAA,CAAQ,EAAA;AAClB,IAAA,IAAA,CAAK,MAAA,GAAS,QAAQ,MAAA,IAAU,OAAA;AAChC,IAAA,IAAA,CAAK,UAAA,GAAa,QAAQ,UAAA,IAAc,KAAA;AACxC,IAAA,IAAA,CAAK,eAAA,GAAkB,QAAQ,eAAA,IAAmB,MAAA;AAAA,EACpD;AAAA,EAEA,MAAM,WAAW,IAAA,EAKK;AACpB,IAAA,MAAM,YAAA,GAAe,MAAM,IAAA,CAAK,YAAA,CAAa,KAAK,QAAQ,CAAA;AAC1D,IAAA,MAAM,CAAC,IAAI,CAAA,GAAI,MAAM,KAAK,EAAA,CACvB,MAAA,CAAO,KAAK,CAAA,CACZ,MAAA,CAAO;AAAA,MACN,KAAA,EAAO,IAAA,CAAK,KAAA,CAAM,WAAA,EAAY;AAAA,MAC9B,YAAA;AAAA,MACA,IAAA,EAAO,KAAK,IAAA,IAAQ,UAAA;AAAA,MACpB,UAAU,IAAA,CAAK;AAAA,KAChB,EACA,SAAA,EAAU;AAEb,IAAA,OAAO,IAAA,CAAK,eAAe,IAAI,CAAA;AAAA,EACjC;AAAA,EAEA,MAAM,gBAAgB,KAAA,EAAyC;AAC7D,IAAA,MAAM,CAAC,IAAI,CAAA,GAAI,MAAM,KAAK,EAAA,CACvB,MAAA,GACA,IAAA,CAAK,KAAK,EACV,KAAA,CAAM,EAAA,CAAG,MAAM,KAAA,EAAO,KAAA,CAAM,aAAa,CAAC,CAAA,CAC1C,KAAA,CAAM,CAAC,CAAA;AAEV,IAAA,OAAO,IAAA,GAAO,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA,GAAI,IAAA;AAAA,EAC5C;AAAA,EAEA,MAAM,aAAa,EAAA,EAAsC;AACvD,IAAA,MAAM,CAAC,IAAI,CAAA,GAAI,MAAM,IAAA,CAAK,EAAA,CACvB,QAAO,CACP,IAAA,CAAK,KAAK,CAAA,CACV,KAAA,CAAM,GAAG,KAAA,CAAM,EAAA,EAAI,EAAE,CAAC,CAAA,CACtB,MAAM,CAAC,CAAA;AAEV,IAAA,OAAO,IAAA,GAAO,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA,GAAI,IAAA;AAAA,EAC5C;AAAA,EAEA,MAAM,UAAA,CACJ,EAAA,EACA,IAAA,EAC0B;AAC1B,IAAA,MAAM,MAAA,GAAkC,EAAE,SAAA,kBAAW,IAAI,MAAK,EAAE;AAChE,IAAA,IAAI,IAAA,CAAK,KAAA,KAAU,MAAA,EAAW,MAAA,CAAO,QAAQ,IAAA,CAAK,KAAA;AAClD,IAAA,IAAI,KAAK,YAAA,KAAiB,MAAA;AACxB,MAAA,MAAA,CAAO,eAAe,IAAA,CAAK,YAAA;AAC7B,IAAA,IAAI,IAAA,CAAK,IAAA,KAAS,MAAA,EAAW,MAAA,CAAO,OAAO,IAAA,CAAK,IAAA;AAChD,IAAA,IAAI,IAAA,CAAK,QAAA,KAAa,MAAA,EAAW,MAAA,CAAO,WAAW,IAAA,CAAK,QAAA;AACxD,IAAA,IAAI,KAAK,aAAA,KAAkB,MAAA;AACzB,MAAA,MAAA,CAAO,gBAAgB,IAAA,CAAK,aAAA;AAC9B,IAAA,IAAI,IAAA,CAAK,MAAA,KAAW,MAAA,EAAW,MAAA,CAAO,SAAS,IAAA,CAAK,MAAA;AACpD,IAAA,IAAI,KAAK,SAAA,KAAc,MAAA;AACrB,MAAA,MAAA,CAAO,YAAY,IAAA,CAAK,SAAA,GAAY,IAAI,IAAA,CAAK,IAAA,CAAK,SAAS,CAAA,GAAI,IAAA;AACjE,IAAA,IAAI,KAAK,mBAAA,KAAwB,MAAA;AAC/B,MAAA,MAAA,CAAO,sBAAsB,IAAA,CAAK,mBAAA;AAEpC,IAAA,MAAM,CAAC,IAAI,CAAA,GAAI,MAAM,IAAA,CAAK,EAAA,CACvB,OAAO,KAAK,CAAA,CACZ,IAAI,MAAM,CAAA,CACV,MAAM,EAAA,CAAG,KAAA,CAAM,IAAI,EAAE,CAAC,EACtB,SAAA,EAAU;AAEb,IAAA,OAAO,IAAA,GAAO,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA,GAAI,IAAA;AAAA,EAC5C;AAAA,EAEA,MAAM,WAAW,EAAA,EAA8B;AAC7C,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,MAAA,CAAO,KAAK,CAAA,CAAE,MAAM,EAAA,CAAG,KAAA,CAAM,EAAA,EAAI,EAAE,CAAC,CAAA;AAClD,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,cAAA,CACJ,KAAA,EACA,QAAA,EAC0B;AAC1B,IAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,eAAA,CAAgB,KAAK,CAAA;AAC7C,IAAA,IAAI,CAAC,MAAM,OAAO,IAAA;AAClB,IAAA,MAAM,CAAC,MAAM,CAAA,GAAI,MAAM,KAAK,EAAA,CACzB,MAAA,GACA,IAAA,CAAK,KAAK,EACV,KAAA,CAAM,EAAA,CAAG,MAAM,KAAA,EAAO,KAAA,CAAM,aAAa,CAAC,CAAA,CAC1C,KAAA,CAAM,CAAC,CAAA;AACV,IAAA,IAAI,CAAC,MAAA,EAAQ,YAAA,EAAc,OAAO,IAAA;AAClC,IAAA,MAAM,QAAQ,MAAM,MAAA,CAAO,OAAA,CAAQ,QAAA,EAAU,OAAO,YAAY,CAAA;AAChE,IAAA,OAAO,QAAQ,IAAA,GAAO,IAAA;AAAA,EACxB;AAAA,EAEA,MAAM,aAAa,QAAA,EAAmC;AACpD,IAAA,OAAO,MAAA,CAAO,IAAA,CAAK,QAAA,EAAU,EAAE,CAAA;AAAA,EACjC;AAAA,EAEA,MAAM,aAAA,CACJ,MAAA,EACA,IAAA,EACkB;AAClB,IAAA,MAAM,KAAA,GAAQ,WAAA,CAAY,EAAE,CAAA,CAAE,SAAS,WAAW,CAAA;AAClD,IAAA,MAAM,YAAA,GAAe,WAAA,CAAY,EAAE,CAAA,CAAE,SAAS,WAAW,CAAA;AACzD,IAAA,MAAM,SAAA,GAAY,IAAI,IAAA,CAAK,IAAA,CAAK,KAAI,GAAI,IAAA,CAAK,aAAa,GAAI,CAAA;AAC9D,IAAyB,IAAI,IAAA,CAAK,IAAA,CAAK,KAAI,GAAI,IAAA,CAAK,kBAAkB,GAAI;AAE1E,IAAA,MAAM,CAAC,OAAO,CAAA,GAAI,MAAM,KAAK,EAAA,CAC1B,MAAA,CAAO,QAAQ,CAAA,CACf,MAAA,CAAO;AAAA,MACN,MAAA;AAAA,MACA,KAAA;AAAA,MACA,YAAA;AAAA,MACA,WAAW,IAAA,EAAM,SAAA;AAAA,MACjB,WAAW,IAAA,EAAM,SAAA;AAAA,MACjB;AAAA,KACD,EACA,SAAA,EAAU;AAEb,IAAA,OAAO,IAAA,CAAK,iBAAiB,OAAO,CAAA;AAAA,EACtC;AAAA,EAEA,MAAM,mBAAmB,KAAA,EAAwC;AAC/D,IAAA,MAAM,CAAC,OAAO,CAAA,GAAI,MAAM,IAAA,CAAK,EAAA,CAC1B,MAAA,EAAO,CACP,IAAA,CAAK,QAAQ,CAAA,CACb,KAAA,CAAM,GAAA,CAAI,EAAA,CAAG,QAAA,CAAS,KAAA,EAAO,KAAK,CAAA,EAAG,EAAA,CAAG,QAAA,CAAS,SAAA,kBAAW,IAAI,IAAA,EAAM,CAAC,CAAC,CAAA,CACxE,KAAA,CAAM,CAAC,CAAA;AAEV,IAAA,OAAO,OAAA,GAAU,IAAA,CAAK,gBAAA,CAAiB,OAAO,CAAA,GAAI,IAAA;AAAA,EACpD;AAAA,EAEA,MAAM,cAAc,SAAA,EAAqC;AACvD,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,MAAA,CAAO,QAAQ,CAAA,CAAE,MAAM,EAAA,CAAG,QAAA,CAAS,EAAA,EAAI,SAAS,CAAC,CAAA;AAC/D,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,mBAAmB,MAAA,EAAiC;AACxD,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,MAAA,CAAO,QAAQ,CAAA,CAAE,MAAM,EAAA,CAAG,QAAA,CAAS,MAAA,EAAQ,MAAM,CAAC,CAAA;AAChE,IAAA,OAAO,CAAA;AAAA,EACT;AAAA,EAEA,MAAM,oBAAA,CACJ,MAAA,EACA,YAAA,EACe;AACf,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,MAAA,CAAO,eAAe,EAAE,MAAA,CAAO;AAAA,MAC3C,MAAA;AAAA,MACA;AAAA,KACD,CAAA;AAAA,EACH;AAAA,EAEA,MAAM,kBAAA,CACJ,MAAA,EACA,KAAA,GAAgB,CAAA,EACG;AACnB,IAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,EAAA,CACxB,MAAA,CAAO,EAAE,YAAA,EAAc,eAAA,CAAgB,YAAA,EAAc,CAAA,CACrD,IAAA,CAAK,eAAe,CAAA,CACpB,KAAA,CAAM,EAAA,CAAG,eAAA,CAAgB,MAAA,EAAQ,MAAM,CAAC,CAAA,CACxC,OAAA,CAAQ,IAAA,CAAK,eAAA,CAAgB,SAAS,CAAC,CAAA,CACvC,KAAA,CAAM,KAAK,CAAA;AAEd,IAAA,OAAO,OAAA,CAAQ,GAAA,CAAI,CAAC,CAAA,KAAM,EAAE,YAAY,CAAA;AAAA,EAC1C;AAAA,EAEA,MAAM,mBAAA,CACJ,QAAA,EACA,MAAA,EACA,eAAuB,CAAA,EACL;AAClB,IAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,kBAAA,CAAmB,QAAQ,YAAY,CAAA;AAElE,IAAA,KAAA,MAAW,QAAQ,OAAA,EAAS;AAC1B,MAAA,IAAI,MAAM,IAAA,CAAK,cAAA,CAAe,QAAA,EAAU,IAAI,CAAA,EAAG;AAC7C,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF;AAEA,IAAA,OAAO,KAAA;AAAA,EACT;AAAA,EAEA,MAAM,SAAS,MAAA,EAAkC;AAC/C,IAAA,MAAM,CAAC,OAAO,CAAA,GAAI,MAAM,IAAA,CAAK,GAC1B,MAAA,EAAO,CACP,IAAA,CAAK,QAAQ,CAAA,CACb,KAAA;AAAA,MACC,GAAA,CAAI,EAAA,CAAG,QAAA,CAAS,MAAA,EAAQ,MAAM,CAAA,EAAG,EAAA,CAAG,QAAA,CAAS,WAAA,kBAAa,IAAI,IAAA,EAAM,CAAC;AAAA,KACvE,CACC,MAAM,CAAC,CAAA;AAEV,IAAA,OAAO,CAAC,CAAC,OAAA;AAAA,EACX;AAAA,EAEA,MAAM,WAAW,MAAA,EAAuD;AACtE,IAAA,MAAM,CAAC,OAAO,CAAA,GAAI,MAAM,IAAA,CAAK,GAC1B,MAAA,EAAO,CACP,IAAA,CAAK,QAAQ,CAAA,CACb,KAAA;AAAA,MACC,GAAA,CAAI,EAAA,CAAG,QAAA,CAAS,MAAA,EAAQ,MAAM,CAAA,EAAG,EAAA,CAAG,QAAA,CAAS,WAAA,kBAAa,IAAI,IAAA,EAAM,CAAC;AAAA,KACvE,CACC,MAAM,CAAC,CAAA;AAEV,IAAA,OAAO,OAAA,GAAU,EAAE,WAAA,EAAa,OAAA,CAAQ,aAAY,GAAI,IAAA;AAAA,EAC1D;AAAA,EAEA,MAAM,mBAAA,CACJ,MAAA,EACA,SAAA,EACgD;AAChD,IAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,YAAA,CAAa,MAAM,CAAA;AAC3C,IAAA,MAAM,QAAA,GAAA,CAAY,IAAA,EAAM,mBAAA,IAAuB,CAAA,IAAK,CAAA;AAEpD,IAAA,MAAM,KAAK,UAAA,CAAW,MAAA,EAAQ,EAAE,mBAAA,EAAqB,UAAU,CAAA;AAE/D,IAAA,MAAM,WAAA,GAAc,CAAA;AACpB,IAAA,MAAM,SAAS,QAAA,IAAY,WAAA;AAE3B,IAAA,IAAI,MAAA,EAAQ;AACV,MAAA,MAAM,eAAA,GAAkB,KAAK,EAAA,GAAK,GAAA;AAClC,MAAA,MAAM,IAAA,CAAK,EAAA,CAAG,MAAA,CAAO,QAAQ,EAAE,MAAA,CAAO;AAAA,QACpC,MAAA;AAAA,QACA,SAAA;AAAA,QACA,MAAA,EAAQ,gCAAA;AAAA,QACR,aAAa,IAAI,IAAA,CAAK,IAAA,CAAK,GAAA,KAAQ,eAAe;AAAA,OACnD,CAAA;AAAA,IACH;AAEA,IAAA,OAAO,EAAE,UAAU,MAAA,EAAO;AAAA,EAC5B;AAAA,EAEA,MAAM,cAAc,MAAA,EAA+B;AACjD,IAAA,MAAM,KAAK,UAAA,CAAW,MAAA,EAAQ,EAAE,mBAAA,EAAqB,GAAG,CAAA;AAAA,EAC1D;AAAA,EAEA,MAAM,cACJ,MAAA,EAC8C;AAC9C,IAAA,MAAM;AAAA,MACJ,KAAA,GAAQ,EAAA;AAAA,MACR,MAAA,GAAS,CAAA;AAAA,MACT,MAAA;AAAA,MACA,MAAA;AAAA,MACA,QAAA;AAAA,MACA,UAAA;AAAA,MACA,OAAA;AAAA,MACA,SAAA;AAAA,MACA;AAAA,KACF,GAAI,MAAA;AAEJ,IAAA,MAAM,aAAa,EAAC;AACpB,IAAA,IAAI,QAAQ,UAAA,CAAW,IAAA,CAAK,GAAG,SAAA,CAAU,MAAA,EAAQ,MAAM,CAAC,CAAA;AACxD,IAAA,IAAI,MAAA,EAAQ;AACV,MAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,MAAM,CAAA,EAAG;AACzB,QAAA,UAAA,CAAW,KAAK,GAAA,CAAA,EAAM,SAAA,CAAU,MAAM,CAAA,OAAA,EAAU,MAAM,CAAA,CAAA,CAAG,CAAA;AAAA,MAC3D,CAAA,MAAO;AACL,QAAA,UAAA,CAAW,IAAA,CAAK,EAAA,CAAG,SAAA,CAAU,MAAA,EAAQ,MAAM,CAAC,CAAA;AAAA,MAC9C;AAAA,IACF;AACA,IAAA,IAAI,UAAU,UAAA,CAAW,IAAA,CAAK,GAAG,SAAA,CAAU,QAAA,EAAU,QAAQ,CAAC,CAAA;AAC9D,IAAA,IAAI,YAAY,UAAA,CAAW,IAAA,CAAK,GAAG,SAAA,CAAU,UAAA,EAAY,UAAU,CAAC,CAAA;AACpE,IAAA,IAAI,OAAA,KAAY,QAAW,UAAA,CAAW,IAAA,CAAK,GAAG,SAAA,CAAU,OAAA,EAAS,OAAO,CAAC,CAAA;AACzE,IAAA,IAAI,SAAA,aAAsB,IAAA,CAAK,GAAA,CAAA,EAAM,UAAU,SAAS,CAAA,IAAA,EAAO,SAAS,CAAA,CAAE,CAAA;AAC1E,IAAA,IAAI,OAAA,aAAoB,IAAA,CAAK,GAAA,CAAA,EAAM,UAAU,SAAS,CAAA,IAAA,EAAO,OAAO,CAAA,CAAE,CAAA;AAEtE,IAAA,MAAM,cAAc,UAAA,CAAW,MAAA,GAAS,IAAI,GAAA,CAAI,GAAG,UAAU,CAAA,GAAI,MAAA;AAEjE,IAAA,MAAM,WAAA,GAAc,MAAM,IAAA,CAAK,EAAA,CAC5B,OAAO,EAAE,KAAA,EAAO,GAAA,CAAA,QAAA,CAAA,EAAuB,CAAA,CACvC,IAAA,CAAK,SAAS,CAAA,CACd,MAAM,WAAW,CAAA;AAEpB,IAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,EAAA,CACrB,QAAO,CACP,IAAA,CAAK,SAAS,CAAA,CACd,KAAA,CAAM,WAAW,EACjB,OAAA,CAAQ,IAAA,CAAK,UAAU,SAAS,CAAC,EACjC,KAAA,CAAM,KAAK,CAAA,CACX,MAAA,CAAO,MAAM,CAAA;AAEhB,IAAA,OAAO;AAAA,MACL,IAAA,EAAM,IAAA,CAAK,GAAA,CAAI,CAAC,GAAA,MAAS;AAAA,QACvB,IAAI,GAAA,CAAI,EAAA;AAAA,QACR,WAAW,GAAA,CAAI,SAAA;AAAA,QACf,QAAQ,GAAA,CAAI,MAAA;AAAA,QACZ,MAAA,EAAQ,IAAI,MAAA,IAAU,MAAA;AAAA,QACtB,SAAA,EAAW,IAAI,SAAA,IAAa,MAAA;AAAA,QAC5B,IAAA,EAAM,IAAI,IAAA,IAAQ,MAAA;AAAA,QAClB,UAAU,GAAA,CAAI,QAAA;AAAA,QACd,UAAA,EAAY,IAAI,UAAA,IAAc,MAAA;AAAA,QAC9B,OAAA,EAAS,IAAI,OAAA,IAAW,MAAA;AAAA,QACxB,SAAA,EAAW,IAAI,SAAA,IAAa,MAAA;AAAA,QAC5B,SAAA,EAAW,IAAI,SAAA,IAAa,MAAA;AAAA,QAC5B,SAAS,GAAA,CAAI,OAAA;AAAA,QACb,KAAA,EAAO,IAAI,KAAA,IAAS,MAAA;AAAA,QACpB,QAAA,EAAU,IAAI,QAAA,IAAY;AAAA,OAC5B,CAAE,CAAA;AAAA,MACF,OAAO,MAAA,CAAO,WAAA,CAAY,CAAC,CAAA,EAAG,SAAS,CAAC;AAAA,KAC1C;AAAA,EACF;AAAA,EAEA,MAAM,eACJ,IAAA,EACmB;AACnB,IAAA,MAAM,EAAA,GAAK,OAAO,UAAA,EAAW;AAC7B,IAAA,MAAM,SAAA,uBAAgB,IAAA,EAAK;AAE3B,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,MAAA,CAAO,SAAS,EAAE,MAAA,CAAO;AAAA,MACrC,EAAA;AAAA,MACA,QAAQ,IAAA,CAAK,MAAA;AAAA,MACb,QAAQ,IAAA,CAAK,MAAA;AAAA,MACb,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,MAAM,IAAA,CAAK,IAAA;AAAA,MACX,UAAU,IAAA,CAAK,QAAA;AAAA,MACf,YAAY,IAAA,CAAK,UAAA;AAAA,MACjB,SAAS,IAAA,CAAK,OAAA;AAAA,MACd,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,SAAS,IAAA,CAAK,OAAA;AAAA,MACd,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,UAAU,IAAA,CAAK,QAAA;AAAA,MACf;AAAA,KACD,CAAA;AAED,IAAA,OAAO;AAAA,MACL,GAAG,IAAA;AAAA,MACH,EAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AAAA,EAEQ,eAAe,IAAA,EAA6B;AAClD,IAAA,OAAO;AAAA,MACL,IAAI,IAAA,CAAK,EAAA;AAAA,MACT,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,YAAA,EAAc,KAAK,YAAA,IAAgB,MAAA;AAAA,MACnC,MAAM,IAAA,CAAK,IAAA;AAAA,MACX,QAAA,EAAU,KAAK,QAAA,IAAY,MAAA;AAAA,MAC3B,aAAA,EAAe,KAAK,aAAA,IAAiB,KAAA;AAAA,MACrC,MAAA,EAAQ,KAAK,MAAA,IAAU,KAAA;AAAA,MACvB,SAAA,EAAW,IAAA,CAAK,SAAA,EAAW,WAAA,EAAY;AAAA,MACvC,mBAAA,EAAqB,KAAK,mBAAA,IAAuB,CAAA;AAAA,MACjD,SAAA,EAAW,IAAA,CAAK,SAAA,CAAU,WAAA,EAAY;AAAA,MACtC,SAAA,EAAW,IAAA,CAAK,SAAA,CAAU,WAAA;AAAY,KACxC;AAAA,EACF;AAAA,EAEQ,iBAAiB,OAAA,EAAgD;AACvE,IAAA,OAAO;AAAA,MACL,IAAI,OAAA,CAAQ,EAAA;AAAA,MACZ,QAAQ,OAAA,CAAQ,MAAA;AAAA,MAChB,OAAO,OAAA,CAAQ,KAAA;AAAA,MACf,YAAA,EAAc,QAAQ,YAAA,IAAgB,MAAA;AAAA,MACtC,SAAA,EAAW,OAAA,CAAQ,SAAA,CAAU,WAAA,EAAY;AAAA,MACzC,SAAA,EAAW,OAAA,CAAQ,SAAA,CAAU,WAAA,EAAY;AAAA,MACzC,SAAA,EAAW,QAAQ,SAAA,IAAa,MAAA;AAAA,MAChC,SAAA,EAAW,QAAQ,SAAA,IAAa;AAAA,KAClC;AAAA,EACF;AACF","file":"chunk-U74F3YZU.js","sourcesContent":["import type { PostgresJsDatabase } from \"drizzle-orm/postgres-js\";\nimport { eq, and, gt, desc, sql } from \"drizzle-orm\";\nimport bcrypt from \"bcryptjs\";\nimport { randomBytes } from \"crypto\";\nimport type {\n AuthAdapter,\n AuthUser,\n Session,\n UserRole,\n} from \"../../auth/types.js\";\nimport {\n users,\n sessions,\n passwordHistory,\n auditLogs,\n lockouts,\n type AuthUser as AuthUserRow,\n} from \"./schema/auth.js\";\nimport type {\n AuditLog,\n AuditLogFilter,\n} from \"../../auth/security/audit-log.js\";\n\nexport interface PostgresAuthAdapterOptions {\n db: PostgresJsDatabase;\n prefix?: string;\n sessionTTL?: number;\n refreshTokenTTL?: number;\n}\n\nexport class PostgresAuthAdapter implements AuthAdapter {\n private db: PostgresJsDatabase;\n private prefix: string;\n private sessionTTL: number;\n private refreshTokenTTL: number;\n\n constructor(options: PostgresAuthAdapterOptions) {\n this.db = options.db;\n this.prefix = options.prefix || \"kyro:\";\n this.sessionTTL = options.sessionTTL || 86400;\n this.refreshTokenTTL = options.refreshTokenTTL || 604800;\n }\n\n async createUser(data: {\n email: string;\n password: string;\n role?: UserRole;\n tenantId?: string;\n }): Promise<AuthUser> {\n const passwordHash = await this.hashPassword(data.password);\n const [user] = await this.db\n .insert(users)\n .values({\n email: data.email.toLowerCase(),\n passwordHash,\n role: (data.role || \"customer\") as string,\n tenantId: data.tenantId,\n })\n .returning();\n\n return this.userToAuthUser(user);\n }\n\n async findUserByEmail(email: string): Promise<AuthUser | null> {\n const [user] = await this.db\n .select()\n .from(users)\n .where(eq(users.email, email.toLowerCase()))\n .limit(1);\n\n return user ? this.userToAuthUser(user) : null;\n }\n\n async findUserById(id: string): Promise<AuthUser | null> {\n const [user] = await this.db\n .select()\n .from(users)\n .where(eq(users.id, id))\n .limit(1);\n\n return user ? this.userToAuthUser(user) : null;\n }\n\n async updateUser(\n id: string,\n data: Partial<AuthUser>,\n ): Promise<AuthUser | null> {\n const dbData: Record<string, unknown> = { updatedAt: new Date() };\n if (data.email !== undefined) dbData.email = data.email;\n if (data.passwordHash !== undefined)\n dbData.passwordHash = data.passwordHash;\n if (data.role !== undefined) dbData.role = data.role;\n if (data.tenantId !== undefined) dbData.tenantId = data.tenantId;\n if (data.emailVerified !== undefined)\n dbData.emailVerified = data.emailVerified;\n if (data.locked !== undefined) dbData.locked = data.locked;\n if (data.lastLogin !== undefined)\n dbData.lastLogin = data.lastLogin ? new Date(data.lastLogin) : null;\n if (data.failedLoginAttempts !== undefined)\n dbData.failedLoginAttempts = data.failedLoginAttempts;\n\n const [user] = await this.db\n .update(users)\n .set(dbData)\n .where(eq(users.id, id))\n .returning();\n\n return user ? this.userToAuthUser(user) : null;\n }\n\n async deleteUser(id: string): Promise<boolean> {\n await this.db.delete(users).where(eq(users.id, id));\n return true;\n }\n\n async verifyPassword(\n email: string,\n password: string,\n ): Promise<AuthUser | null> {\n const user = await this.findUserByEmail(email);\n if (!user) return null;\n const [stored] = await this.db\n .select()\n .from(users)\n .where(eq(users.email, email.toLowerCase()))\n .limit(1);\n if (!stored?.passwordHash) return null;\n const valid = await bcrypt.compare(password, stored.passwordHash);\n return valid ? user : null;\n }\n\n async hashPassword(password: string): Promise<string> {\n return bcrypt.hash(password, 12);\n }\n\n async createSession(\n userId: string,\n data?: { ipAddress?: string; userAgent?: string },\n ): Promise<Session> {\n const token = randomBytes(32).toString(\"base64url\");\n const refreshToken = randomBytes(32).toString(\"base64url\");\n const expiresAt = new Date(Date.now() + this.sessionTTL * 1000);\n const refreshExpiresAt = new Date(Date.now() + this.refreshTokenTTL * 1000);\n\n const [session] = await this.db\n .insert(sessions)\n .values({\n userId,\n token,\n refreshToken,\n ipAddress: data?.ipAddress,\n userAgent: data?.userAgent,\n expiresAt,\n })\n .returning();\n\n return this.sessionToSession(session);\n }\n\n async findSessionByToken(token: string): Promise<Session | null> {\n const [session] = await this.db\n .select()\n .from(sessions)\n .where(and(eq(sessions.token, token), gt(sessions.expiresAt, new Date())))\n .limit(1);\n\n return session ? this.sessionToSession(session) : null;\n }\n\n async deleteSession(sessionId: string): Promise<boolean> {\n await this.db.delete(sessions).where(eq(sessions.id, sessionId));\n return true;\n }\n\n async deleteUserSessions(userId: string): Promise<number> {\n await this.db.delete(sessions).where(eq(sessions.userId, userId));\n return 1;\n }\n\n async addPasswordToHistory(\n userId: string,\n passwordHash: string,\n ): Promise<void> {\n await this.db.insert(passwordHistory).values({\n userId,\n passwordHash,\n });\n }\n\n async getPasswordHistory(\n userId: string,\n count: number = 5,\n ): Promise<string[]> {\n const history = await this.db\n .select({ passwordHash: passwordHistory.passwordHash })\n .from(passwordHistory)\n .where(eq(passwordHistory.userId, userId))\n .orderBy(desc(passwordHistory.createdAt))\n .limit(count);\n\n return history.map((h) => h.passwordHash);\n }\n\n async isPasswordInHistory(\n password: string,\n userId: string,\n historyCount: number = 5,\n ): Promise<boolean> {\n const history = await this.getPasswordHistory(userId, historyCount);\n\n for (const hash of history) {\n if (await this.verifyPassword(password, hash)) {\n return true;\n }\n }\n\n return false;\n }\n\n async isLocked(userId: string): Promise<boolean> {\n const [lockout] = await this.db\n .select()\n .from(lockouts)\n .where(\n and(eq(lockouts.userId, userId), gt(lockouts.lockedUntil, new Date())),\n )\n .limit(1);\n\n return !!lockout;\n }\n\n async getLockout(userId: string): Promise<{ lockedUntil: Date } | null> {\n const [lockout] = await this.db\n .select()\n .from(lockouts)\n .where(\n and(eq(lockouts.userId, userId), gt(lockouts.lockedUntil, new Date())),\n )\n .limit(1);\n\n return lockout ? { lockedUntil: lockout.lockedUntil } : null;\n }\n\n async recordFailedAttempt(\n userId: string,\n ipAddress?: string,\n ): Promise<{ attempts: number; locked: boolean }> {\n const user = await this.findUserById(userId);\n const attempts = (user?.failedLoginAttempts || 0) + 1;\n\n await this.updateUser(userId, { failedLoginAttempts: attempts });\n\n const maxAttempts = 5;\n const locked = attempts >= maxAttempts;\n\n if (locked) {\n const lockoutDuration = 15 * 60 * 1000;\n await this.db.insert(lockouts).values({\n userId,\n ipAddress,\n reason: \"Too many failed login attempts\",\n lockedUntil: new Date(Date.now() + lockoutDuration),\n });\n }\n\n return { attempts, locked };\n }\n\n async resetAttempts(userId: string): Promise<void> {\n await this.updateUser(userId, { failedLoginAttempts: 0 });\n }\n\n async findAuditLogs(\n filter: AuditLogFilter,\n ): Promise<{ logs: AuditLog[]; total: number }> {\n const {\n limit = 50,\n offset = 0,\n userId,\n action,\n resource,\n resourceId,\n success,\n startDate,\n endDate,\n } = filter;\n\n const conditions = [];\n if (userId) conditions.push(eq(auditLogs.userId, userId));\n if (action) {\n if (Array.isArray(action)) {\n conditions.push(sql`${auditLogs.action} = ANY(${action})`);\n } else {\n conditions.push(eq(auditLogs.action, action));\n }\n }\n if (resource) conditions.push(eq(auditLogs.resource, resource));\n if (resourceId) conditions.push(eq(auditLogs.resourceId, resourceId));\n if (success !== undefined) conditions.push(eq(auditLogs.success, success));\n if (startDate) conditions.push(sql`${auditLogs.timestamp} >= ${startDate}`);\n if (endDate) conditions.push(sql`${auditLogs.timestamp} <= ${endDate}`);\n\n const whereClause = conditions.length > 0 ? and(...conditions) : undefined;\n\n const countResult = await this.db\n .select({ count: sql<number>`count(*)` })\n .from(auditLogs)\n .where(whereClause);\n\n const logs = await this.db\n .select()\n .from(auditLogs)\n .where(whereClause)\n .orderBy(desc(auditLogs.timestamp))\n .limit(limit)\n .offset(offset);\n\n return {\n logs: logs.map((log) => ({\n id: log.id,\n timestamp: log.timestamp,\n action: log.action as AuditLog[\"action\"],\n userId: log.userId || undefined,\n userEmail: log.userEmail || undefined,\n role: log.role || undefined,\n resource: log.resource,\n resourceId: log.resourceId || undefined,\n changes: log.changes || undefined,\n ipAddress: log.ipAddress || undefined,\n userAgent: log.userAgent || undefined,\n success: log.success,\n error: log.error || undefined,\n metadata: log.metadata || undefined,\n })),\n total: Number(countResult[0]?.count || 0),\n };\n }\n\n async createAuditLog(\n data: Omit<AuditLog, \"id\" | \"timestamp\">,\n ): Promise<AuditLog> {\n const id = crypto.randomUUID();\n const timestamp = new Date();\n\n await this.db.insert(auditLogs).values({\n id,\n action: data.action,\n userId: data.userId,\n userEmail: data.userEmail,\n role: data.role,\n resource: data.resource,\n resourceId: data.resourceId,\n changes: data.changes,\n ipAddress: data.ipAddress,\n userAgent: data.userAgent,\n success: data.success,\n error: data.error,\n metadata: data.metadata,\n timestamp,\n });\n\n return {\n ...data,\n id,\n timestamp,\n };\n }\n\n private userToAuthUser(user: AuthUserRow): AuthUser {\n return {\n id: user.id,\n email: user.email,\n passwordHash: user.passwordHash || undefined,\n role: user.role as UserRole,\n tenantId: user.tenantId || undefined,\n emailVerified: user.emailVerified || false,\n locked: user.locked || false,\n lastLogin: user.lastLogin?.toISOString(),\n failedLoginAttempts: user.failedLoginAttempts || 0,\n createdAt: user.createdAt.toISOString(),\n updatedAt: user.updatedAt.toISOString(),\n };\n }\n\n private sessionToSession(session: typeof sessions.$inferSelect): Session {\n return {\n id: session.id,\n userId: session.userId,\n token: session.token,\n refreshToken: session.refreshToken || undefined,\n expiresAt: session.expiresAt.toISOString(),\n createdAt: session.createdAt.toISOString(),\n ipAddress: session.ipAddress || undefined,\n userAgent: session.userAgent || undefined,\n };\n }\n}\n"]}
package/dist/chunk-VIONYQ2K.cjs.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../src/access/types.ts","../src/webhooks/types.ts","../src/webhooks/delivery.ts","../src/webhooks/WebhookService.ts","../src/auth/api-key.ts"],"names":["createHmac","randomBytes","randomUUID","timingSafeEqual"],"mappings":";;;;;AA+CA,eAAsB,cAAA,CACpB,QACA,IAAA,EACgC;AAChC,EAAA,IAAI,OAAO,WAAW,SAAA,EAAW;AAC/B,IAAA,OAAO,MAAA;AAAA,EACT;AACA,EAAA,IAAI,OAAO,WAAW,UAAA,EAAY;AAChC,IAAA,OAAO,MAAM,OAAO,IAAI,CAAA;AAAA,EAC1B;AACA,EAAA,OAAO,IAAA;AACT;AAEO,SAAS,qBACX,YAAA,EACU;AACb,EAAA,MAAM,SAAsB,EAAC;AAC7B,EAAA,KAAA,MAAW,UAAU,YAAA,EAAc;AACjC,IAAA,IAAI,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,EAAU;AACxC,MAAA,MAAA,CAAO,MAAA,CAAO,QAAQ,MAAM,CAAA;AAAA,IAC9B;AAAA,EACF;AACA,EAAA,OAAO,MAAA;AACT;AAEO,SAAS,cAAA,CACd,QACA,IAAA,EACkC;AAClC,EAAA,OAAO,cAAA,CAAe,MAAA,EAAQ,IAAI,CAAA,CAAE,KAAK,CAAA,MAAA,KAAU;AACjD,IAAA,IAAI,MAAA,KAAW,MAAM,OAAO,MAAA;AAC5B,IAAA,IAAI,MAAA,KAAW,OAAO,OAAO,EAAE,KAAK,EAAE,GAAA,EAAK,MAAK,EAAE;AAClD,IAAA,OAAO,MAAA;AAAA,EACT,CAAC,CAAA;AACH;;;ACjFO,IAAM,cAAA,GAAiB;AAAA,EAC5B,iBAAA,EAAmB,mBAAA;AAAA,EACnB,iBAAA,EAAmB,mBAAA;AAAA,EACnB,iBAAA,EAAmB,mBAAA;AAAA,EACnB,YAAA,EAAc,cAAA;AAAA,EACd,YAAA,EAAc,cAAA;AAAA,EACd,UAAA,EAAY,YAAA;AAAA,EACZ,aAAA,EAAe,eAAA;AAAA,EACf,WAAA,EAAa,aAAA;AAAA,EACb,aAAA,EAAe,eAAA;AAAA,EACf,UAAA,EAAY,YAAA;AAAA,EACZ,aAAA,EAAe,eAAA;AAAA,EACf,eAAA,EAAiB;AACnB;AAIO,IAAM,kBAAA,GAAqC,MAAA,CAAO,MAAA,CAAO,cAAc;AA+EvE,IAAM,kBAAA,GAAqB;AAC3B,IAAM,2BAAA,GAA8B;ACxEpC,SAAS,WAAA,CAAY,SAAiB,MAAA,EAAwB;AACnE,EAAA,OAAO,CAAA,OAAA,EAAUA,iBAAA,CAAW,QAAA,EAAU,MAAM,CAAA,CAAE,OAAO,OAAO,CAAA,CAAE,MAAA,CAAO,KAAK,CAAC,CAAA,CAAA;AAC7E;AAEO,SAAS,qBAAA,GAAgC;AAC9C,EAAA,OAAOC,kBAAA,CAAY,EAAE,CAAA,CAAE,QAAA,CAAS,KAAK,CAAA;AACvC;AAEA,eAAsB,cAAA,CACpB,OAAA,EACA,OAAA,EACA,OAAA,GAA2B,EAAC,EACH;AACzB,EAAA,MAAM,OAAA,GAAU,QAAQ,OAAA,IAAW,GAAA;AACnC,EAAA,MAAM,SAAA,GAAY,KAAK,GAAA,EAAI;AAE3B,EAAA,MAAM,IAAA,GAAO,IAAA,CAAK,SAAA,CAAU,OAAO,CAAA;AAEnC,EAAA,MAAM,OAAA,GAAkC;AAAA,IACtC,cAAA,EAAgB,kBAAA;AAAA,IAChB,YAAA,EAAc,sBAAA;AAAA,IACd,mBAAmB,OAAA,CAAQ,KAAA;AAAA,IAC3B,sBAAsB,OAAA,CAAQ,EAAA;AAAA,IAC9B,uBAAuB,OAAA,CAAQ,SAAA;AAAA,IAC/B,GAAI,OAAA,CAAQ,OAAA,IAAW;AAAC,GAC1B;AAEA,EAAA,IAAI,QAAQ,MAAA,EAAQ;AAClB,IAAA,MAAM,SAAA,GAAY,WAAA,CAAY,IAAA,EAAM,OAAA,CAAQ,MAAM,CAAA;AAClD,IAAA,OAAA,CAAQ,qBAAqB,CAAA,GAAI,SAAA;AAAA,EACnC;AAEA,EAAA,MAAM,UAAA,GAAa,IAAI,eAAA,EAAgB;AACvC,EAAA,MAAM,YAAY,UAAA,CAAW,MAAM,UAAA,CAAW,KAAA,IAAS,OAAO,CAAA;AAE9D,EAAA,IAAI;AACF,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,OAAA,CAAQ,GAAA,EAAK;AAAA,MACxC,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA;AAAA,MACA,IAAA;AAAA,MACA,QAAQ,UAAA,CAAW;AAAA,KACpB,CAAA;AAED,IAAA,YAAA,CAAa,SAAS,CAAA;AAEtB,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,GAAA,EAAI,GAAI,SAAA;AAC9B,IAAA,IAAI,YAAA;AAEJ,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,IAAA,EAAK;AACjC,MAAA,YAAA,GAAe,IAAA,CAAK,KAAA,CAAM,CAAA,EAAG,GAAI,CAAA;AAAA,IACnC,CAAA,CAAA,MAAQ;AAAA,IAAC;AAET,IAAA,MAAM,MAAA,GAAyB;AAAA,MAC7B,SAAS,QAAA,CAAS,EAAA;AAAA,MAClB,QAAQ,QAAA,CAAS,MAAA;AAAA,MACjB,YAAY,QAAA,CAAS,UAAA;AAAA,MACrB,IAAA,EAAM,YAAA;AAAA,MACN;AAAA,KACF;AAEA,IAAA,IAAI,MAAA,CAAO,OAAA,IAAW,OAAA,CAAQ,SAAA,EAAW;AACvC,MAAA,OAAA,CAAQ,UAAU,MAAM,CAAA;AAAA,IAC1B,CAAA,MAAA,IAAW,CAAC,MAAA,CAAO,OAAA,IAAW,QAAQ,SAAA,EAAW;AAC/C,MAAA,OAAA,CAAQ,UAAU,CAAA,KAAA,EAAQ,QAAA,CAAS,MAAM,CAAA,EAAA,EAAK,QAAA,CAAS,UAAU,CAAA,CAAE,CAAA;AAAA,IACrE;AAEA,IAAA,OAAO,MAAA;AAAA,EACT,SAAS,KAAA,EAAY;AACnB,IAAA,YAAA,CAAa,SAAS,CAAA;AACtB,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,GAAA,EAAI,GAAI,SAAA;AAC9B,IAAA,MAAM,YAAA,GACJ,MAAM,IAAA,KAAS,YAAA,GACX,2BAA2B,OAAO,CAAA,EAAA,CAAA,GAClC,MAAM,OAAA,IAAW,eAAA;AAEvB,IAAA,IAAI,QAAQ,SAAA,EAAW;AACrB,MAAA,OAAA,CAAQ,UAAU,YAAY,CAAA;AAAA,IAChC;AAEA,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,KAAA;AAAA,MACT,MAAA,EAAQ,CAAA;AAAA,MACR,QAAA;AAAA,MACA,KAAA,EAAO;AAAA,KACT;AAAA,EACF;AACF;AAEA,eAAsB,iBACpB,OAAA,EACA,OAAA,EACA,UAAA,EACA,OAAA,GAA2B,EAAC,EACH;AACzB,EAAA,MAAM,UAAA,GAAa,QAAQ,UAAA,IAAc,CAAA;AACzC,EAAA,MAAM,SAAA,GAAY,QAAQ,UAAA,IAAc,GAAA;AACxC,EAAA,IAAI,UAAA,GAAoC,IAAA;AAExC,EAAA,KAAA,IAAS,OAAA,GAAU,CAAA,EAAG,OAAA,IAAW,UAAA,EAAY,OAAA,EAAA,EAAW;AACtD,IAAA,IAAI,UAAU,CAAA,EAAG;AACf,MAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,GAAA,CAAI,SAAA,GAAY,IAAA,CAAK,IAAI,CAAA,EAAG,OAAA,GAAU,CAAC,CAAA,EAAG,GAAK,CAAA;AAClE,MAAA,IAAI,QAAQ,OAAA,EAAS;AACnB,QAAA,OAAA,CAAQ,OAAA,CAAQ,OAAA,EAAS,CAAA,YAAA,EAAe,KAAK,CAAA,KAAA,CAAO,CAAA;AAAA,MACtD;AACA,MAAA,MAAM,MAAM,KAAK,CAAA;AAAA,IACnB;AAEA,IAAA,IAAI,OAAA,CAAQ,OAAA,IAAW,OAAA,GAAU,CAAA,EAAG;AAClC,MAAA,OAAA,CAAQ,OAAA,CAAQ,SAAS,CAAA,QAAA,EAAW,OAAA,GAAU,CAAC,CAAA,CAAA,EAAI,UAAA,GAAa,CAAC,CAAA,CAAE,CAAA;AAAA,IACrE;AAEA,IAAA,UAAA,GAAa,MAAM,cAAA,CAAe,OAAA,EAAS,OAAA,EAAS;AAAA,MAClD,GAAG,OAAA;AAAA,MACH,OAAA,EAAS,MAAA;AAAA,MACT,SAAA,EAAW,MAAA;AAAA,MACX,SAAA,EAAW;AAAA,KACZ,CAAA;AAED,IAAA,IAAI,WAAW,OAAA,EAAS;AACtB,MAAA,OAAO,UAAA;AAAA,IACT;AAEA,IAAA,IAAI,WAAW,KAAA,EAAO,QAAA,CAAS,WAAW,CAAA,IAAK,UAAU,UAAA,EAAY;AACnE,MAAA;AAAA,IACF;AAEA,IAAA,IAAI,UAAA,CAAW,MAAA,IAAU,GAAA,IAAO,UAAA,CAAW,SAAS,GAAA,EAAK;AACvD,MAAA,OAAO,UAAA;AAAA,IACT;AAAA,EACF;AAEA,EAAA,OACE,UAAA,IAAc;AAAA,IACZ,OAAA,EAAS,KAAA;AAAA,IACT,MAAA,EAAQ,CAAA;AAAA,IACR,QAAA,EAAU,CAAA;AAAA,IACV,KAAA,EAAO;AAAA,GACT;AAEJ;AAEO,SAAS,oBACd,UAAA,EACA,SAAA,EACA,KAAA,EACA,OAAA,EACA,SACA,MAAA,EACiB;AACjB,EAAA,OAAO;AAAA,IACL,EAAA,EAAI,UAAA;AAAA,IACJ,SAAA;AAAA,IACA,KAAA;AAAA,IACA,OAAA;AAAA,IACA,OAAA;AAAA,IACA,MAAA,EAAQ,MAAA,CAAO,OAAA,GAAU,SAAA,GAAY,QAAA;AAAA,IACrC,cAAA,EAAgB,OAAO,MAAA,IAAU,MAAA;AAAA,IACjC,cAAc,MAAA,CAAO,IAAA;AAAA,IACrB,UAAU,MAAA,CAAO,QAAA;AAAA,IACjB,OAAO,MAAA,CAAO,KAAA;AAAA,IACd,SAAA,EAAA,iBAAW,IAAI,IAAA,EAAK,EAAE,WAAA,EAAY;AAAA,IAClC,aAAa,MAAA,CAAO,OAAA,GAAA,qBAAc,IAAA,EAAK,EAAE,aAAY,GAAI;AAAA,GAC3D;AACF;AAEA,SAAS,MAAM,EAAA,EAA2B;AACxC,EAAA,OAAO,IAAI,OAAA,CAAQ,CAAC,YAAY,UAAA,CAAW,OAAA,EAAS,EAAE,CAAC,CAAA;AACzD;AAEO,SAAS,iBAAA,GAAoC;AAClD,EAAA,OAAO;AAAA,IACL,EAAA,EAAI,CAAA,KAAA,EAAQ,IAAA,CAAK,GAAA,EAAK,CAAA,CAAA;AAAA,IACtB,KAAA,EAAO,mBAAA;AAAA,IACP,SAAA,EAAA,iBAAW,IAAI,IAAA,EAAK,EAAE,WAAA,EAAY;AAAA,IAClC,UAAA,EAAY,MAAA;AAAA,IACZ,SAAA,EAAW,QAAA;AAAA,IACX,IAAA,EAAM,EAAE,OAAA,EAAS,iCAAA,EAAkC;AAAA,IACnD,MAAM,EAAE,EAAA,EAAI,UAAU,KAAA,EAAO,iBAAA,EAAmB,MAAM,aAAA;AAAc,GACtE;AACF;AC1LO,IAAM,iBAAN,MAAqB;AAAA,EAClB,EAAA;AAAA,EAER,YAAY,EAAA,EAAiB;AAC3B,IAAA,IAAA,CAAK,EAAA,GAAK,EAAA;AAAA,EACZ;AAAA,EAEA,MAAM,YAAY,OAAA,EAGW;AAC3B,IAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,EAAA,CAAG,IAAA,CAAK;AAAA,MAChC,UAAA,EAAY,kBAAA;AAAA,MACZ,KAAA,EAAO,OAAA,EAAS,MAAA,GAAS,EAAE,MAAA,EAAQ,EAAE,MAAA,EAAQ,OAAA,CAAQ,MAAA,EAAO,EAAE,GAAI,EAAC;AAAA,MACnE,KAAA,EAAO,GAAA;AAAA,MACP,IAAA,EAAM;AAAA,KACP,CAAA;AAED,IAAA,MAAM,WAAW,MAAA,CAAO,IAAA;AAExB,IAAA,IAAI,SAAS,KAAA,EAAO;AAClB,MAAA,OAAO,QAAA,CAAS,MAAA;AAAA,QAAO,CAAC,CAAA,KACtB,CAAA,CAAE,MAAA,CAAO,QAAA,CAAS,QAAQ,KAAqB;AAAA,OACjD;AAAA,IACF;AAEA,IAAA,OAAO,QAAA;AAAA,EACT;AAAA,EAEA,MAAM,eAAe,EAAA,EAA2C;AAC9D,IAAA,OAAO,IAAA,CAAK,GAAG,QAAA,CAAS;AAAA,MACtB,UAAA,EAAY,kBAAA;AAAA,MACZ;AAAA,KACD,CAAA;AAAA,EACH;AAAA,EAEA,MAAM,cAAc,IAAA,EAAiD;AACnE,IAAA,MAAM,GAAA,GAAA,iBAAM,IAAI,IAAA,EAAK,EAAE,WAAA,EAAY;AACnC,IAAA,MAAM,MAAA,GAAS,IAAA,CAAK,MAAA,IAAU,qBAAA,EAAsB;AAEpD,IAAA,MAAM,OAAA,GAAU;AAAA,MACd,IAAIC,iBAAA,EAAW;AAAA,MACf,MAAM,IAAA,CAAK,IAAA;AAAA,MACX,KAAK,IAAA,CAAK,GAAA;AAAA,MACV,QAAQ,IAAA,CAAK,MAAA;AAAA,MACb,MAAA,EAAQ,KAAK,MAAA,IAAU,QAAA;AAAA,MACvB,MAAA;AAAA,MACA,OAAA,EAAS,IAAA,CAAK,OAAA,IAAW,EAAC;AAAA,MAC1B,SAAA,EAAW,GAAA;AAAA,MACX,SAAA,EAAW;AAAA,KACb;AAEA,IAAA,MAAM,IAAA,CAAK,GAAG,MAAA,CAAO;AAAA,MACnB,UAAA,EAAY,kBAAA;AAAA,MACZ,IAAA,EAAM;AAAA,KACP,CAAA;AAED,IAAA,OAAO,OAAA;AAAA,EACT;AAAA,EAEA,MAAM,aAAA,CACJ,EAAA,EACA,IAAA,EAC+B;AAC/B,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,cAAA,CAAe,EAAE,CAAA;AAC7C,IAAA,IAAI,CAAC,UAAU,OAAO,IAAA;AAEtB,IAAA,MAAM,OAAA,GAAU;AAAA,MACd,GAAG,QAAA;AAAA,MACH,GAAG,IAAA;AAAA,MACH,SAAA,EAAA,iBAAW,IAAI,IAAA,EAAK,EAAE,WAAA;AAAY,KACpC;AAEA,IAAA,IAAI,IAAA,CAAK,MAAA,KAAW,EAAA,IAAM,QAAA,IAAY,IAAA,EAAM;AAC1C,MAAA,OAAO,OAAA,CAAQ,MAAA;AAAA,IACjB;AAEA,IAAA,MAAM,IAAA,CAAK,GAAG,MAAA,CAAO;AAAA,MACnB,UAAA,EAAY,kBAAA;AAAA,MACZ,EAAA;AAAA,MACA,IAAA,EAAM;AAAA,KACP,CAAA;AAED,IAAA,OAAO,OAAA;AAAA,EACT;AAAA,EAEA,MAAM,cAAc,EAAA,EAA2B;AAC7C,IAAA,MAAM,IAAA,CAAK,GAAG,MAAA,CAAO;AAAA,MACnB,UAAA,EAAY,kBAAA;AAAA,MACZ;AAAA,KACD,CAAA;AAAA,EACH;AAAA,EAEA,MAAM,OAAA,CACJ,KAAA,EACA,WAAA,EACiC;AACjC,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,WAAA,EAAY;AACxC,IAAA,MAAM,iBAAiB,QAAA,CAAS,MAAA,CAAO,CAAC,CAAA,KAAM,CAAA,CAAE,WAAW,QAAQ,CAAA;AAEnE,IAAA,MAAM,mBAAmB,cAAA,CAAe,MAAA;AAAA,MAAO,CAAC,CAAA,KAC9C,CAAA,CAAE,MAAA,CAAO,SAAS,KAAK;AAAA,KACzB;AAEA,IAAA,IAAI,gBAAA,CAAiB,WAAW,CAAA,EAAG;AACjC,MAAA,OAAO,EAAC;AAAA,IACV;AAEA,IAAA,MAAM,OAAA,GAA0B;AAAA,MAC9B,EAAA,EAAI,CAAA,GAAA,EAAM,IAAA,CAAK,GAAA,EAAK,CAAA,CAAA,EAAIA,iBAAA,EAAW,CAAE,KAAA,CAAM,CAAA,EAAG,CAAC,CAAC,CAAA,CAAA;AAAA,MAChD,KAAA;AAAA,MACA,SAAA,EAAA,iBAAW,IAAI,IAAA,EAAK,EAAE,WAAA,EAAY;AAAA,MAClC,GAAG;AAAA,KACL;AAEA,IAAA,MAAM,UAAkC,EAAC;AAEzC,IAAA,KAAA,MAAW,WAAW,gBAAA,EAAkB;AACtC,MAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,cAAA,CAAe,SAAS,OAAO,CAAA;AACzD,MAAA,OAAA,CAAQ,KAAK,MAAM,CAAA;AAAA,IACrB;AAEA,IAAA,OAAO,OAAA;AAAA,EACT;AAAA,EAEA,MAAM,cAAA,CACJ,OAAA,EACA,OAAA,EAC+B;AAC/B,IAAA,MAAM,UAAA,GAAa,CAAA,IAAA,EAAO,IAAA,CAAK,GAAA,EAAK,CAAA,CAAA,EAAIA,iBAAA,EAAW,CAAE,KAAA,CAAM,CAAA,EAAG,CAAC,CAAC,CAAA,CAAA;AAEhE,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,MAAM,gBAAA,CAAiB,OAAA,EAAS,SAAS,UAAA,EAAY;AAAA,QAClE,UAAA,EAAY,CAAA;AAAA,QACZ,UAAA,EAAY;AAAA,OACb,CAAA;AAED,MAAA,MAAM,cAAA,GAAiB,mBAAA;AAAA,QACrB,UAAA;AAAA,QACA,OAAA,CAAQ,EAAA;AAAA,QACR,OAAA,CAAQ,OAAO,CAAC,CAAA;AAAA,QAChB,OAAA;AAAA,QACA,CAAA;AAAA,QACA;AAAA,OACF;AAEA,MAAA,IAAI;AACF,QAAA,MAAM,IAAA,CAAK,GAAG,MAAA,CAAO;AAAA,UACnB,UAAA,EAAY,2BAAA;AAAA,UACZ,IAAA,EAAM;AAAA,SACP,CAAA;AAAA,MACH,CAAA,CAAA,MAAQ;AACN,QAAA,OAAA,CAAQ,IAAA;AAAA,UACN,kDAAA;AAAA,UACA;AAAA,SACF;AAAA,MACF;AAEA,MAAA,IAAI,CAAC,OAAO,OAAA,EAAS;AACnB,QAAA,MAAM,IAAA,CAAK,aAAA,CAAc,OAAA,CAAQ,EAAA,EAAI;AAAA,UACnC,MAAA,EAAQ,OAAA;AAAA,UACR,WAAW,MAAA,CAAO;AAAA,SACnB,CAAA,CAAE,KAAA,CAAM,MAAM;AAAA,QAAC,CAAC,CAAA;AAAA,MACnB,CAAA,MAAO;AACL,QAAA,MAAM,IAAA,CAAK,aAAA,CAAc,OAAA,CAAQ,EAAA,EAAI;AAAA,UACnC,MAAA,EAAQ,QAAA;AAAA,UACR,aAAA,EAAA,iBAAe,IAAI,IAAA,EAAK,EAAE,WAAA;AAAY,SACvC,CAAA,CAAE,KAAA,CAAM,MAAM;AAAA,QAAC,CAAC,CAAA;AAAA,MACnB;AAEA,MAAA,OAAO;AAAA,QACL,UAAA;AAAA,QACA,WAAW,OAAA,CAAQ,EAAA;AAAA,QACnB,KAAA,EAAO,OAAA,CAAQ,MAAA,CAAO,CAAC,CAAA;AAAA,QACvB,MAAA,EAAQ,MAAA,CAAO,OAAA,GAAU,SAAA,GAAY,QAAA;AAAA,QACrC,gBAAgB,MAAA,CAAO,MAAA;AAAA,QACvB,UAAU,MAAA,CAAO,QAAA;AAAA,QACjB,OAAO,MAAA,CAAO;AAAA,OAChB;AAAA,IACF,SAAS,KAAA,EAAY;AACnB,MAAA,OAAO;AAAA,QACL,UAAA;AAAA,QACA,WAAW,OAAA,CAAQ,EAAA;AAAA,QACnB,KAAA,EAAO,OAAA,CAAQ,MAAA,CAAO,CAAC,CAAA;AAAA,QACvB,MAAA,EAAQ,QAAA;AAAA,QACR,OAAO,KAAA,CAAM;AAAA,OACf;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,YAAY,SAAA,EAAyD;AACzE,IAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,cAAA,CAAe,SAAS,CAAA;AACnD,IAAA,IAAI,CAAC,SAAS,OAAO,IAAA;AAErB,IAAA,MAAM,OAAA,GAA0B;AAAA,MAC9B,EAAA,EAAI,CAAA,KAAA,EAAQ,IAAA,CAAK,GAAA,EAAK,CAAA,CAAA;AAAA,MACtB,KAAA,EAAO,OAAA,CAAQ,MAAA,CAAO,CAAC,CAAA,IAAK,mBAAA;AAAA,MAC5B,SAAA,EAAA,iBAAW,IAAI,IAAA,EAAK,EAAE,WAAA,EAAY;AAAA,MAClC,UAAA,EAAY,MAAA;AAAA,MACZ,SAAA,EAAW,QAAA;AAAA,MACX,IAAA,EAAM,EAAE,OAAA,EAAS,+CAAA,EAAgD;AAAA,MACjE,IAAA,EAAM;AAAA,QACJ,EAAA,EAAI,QAAA;AAAA,QACJ,KAAA,EAAO,iBAAA;AAAA,QACP,IAAA,EAAM;AAAA;AACR,KACF;AAEA,IAAA,OAAO,IAAA,CAAK,cAAA,CAAe,OAAA,EAAS,OAAO,CAAA;AAAA,EAC7C;AAAA,EAEA,MAAM,kBAAA,CACJ,SAAA,EACA,KAAA,GAAgB,EAAA,EACY;AAC5B,IAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,EAAA,CAAG,IAAA,CAAK;AAAA,MAChC,UAAA,EAAY,2BAAA;AAAA,MACZ,OAAO,EAAE,SAAA,EAAW,EAAE,MAAA,EAAQ,WAAU,EAAE;AAAA,MAC1C,IAAA,EAAM,YAAA;AAAA,MACN,KAAA;AAAA,MACA,IAAA,EAAM;AAAA,KACP,CAAA;AAED,IAAA,OAAO,MAAA,CAAO,IAAA;AAAA,EAChB;AAAA,EAEA,MAAM,cACJ,UAAA,EACsC;AACtC,IAAA,MAAM,QAAA,GAAY,MAAM,IAAA,CAAK,EAAA,CAAG,QAAA,CAAS;AAAA,MACvC,UAAA,EAAY,2BAAA;AAAA,MACZ,EAAA,EAAI;AAAA,KACL,CAAA;AAED,IAAA,IAAI,CAAC,UAAU,OAAO,IAAA;AAEtB,IAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,cAAA,CAAe,SAAS,SAAS,CAAA;AAC5D,IAAA,IAAI,CAAC,SAAS,OAAO,IAAA;AAErB,IAAA,OAAO,IAAA,CAAK,cAAA,CAAe,OAAA,EAAS,QAAA,CAAS,OAAO,CAAA;AAAA,EACtD;AACF;AAEO,SAAS,qBAAqB,EAAA,EAAiC;AACpE,EAAA,OAAO,IAAI,eAAe,EAAE,CAAA;AAC9B;ACpOO,IAAM,kBAAA,GAAqB,WAAA;AAElC,SAAS,kBAAkB,GAAA,EAAqB;AAC9C,EAAA,OAAO,GAAA,CAAI,SAAA,CAAU,CAAA,EAAG,CAAC,CAAA;AAC3B;AAEA,SAAS,mBAAA,CAAoB,GAAW,CAAA,EAAoB;AAC1D,EAAA,IAAI,CAAA,CAAE,MAAA,KAAW,CAAA,CAAE,MAAA,EAAQ;AACzB,IAAA,OAAO,KAAA;AAAA,EACT;AACA,EAAA,IAAI;AACF,IAAA,OAAOC,sBAAA,CAAgB,OAAO,IAAA,CAAK,CAAC,GAAG,MAAA,CAAO,IAAA,CAAK,CAAC,CAAC,CAAA;AAAA,EACvD,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AAEA,eAAsB,cAAA,CACpB,MAAA,EACA,EAAA,EACA,UAAA,EACiC;AACjC,EAAA,IAAI,CAAC,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,EAAU;AACzC,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,qBAAA,EAAsB;AAAA,EACtD;AAEA,EAAA,IAAI,CAAC,MAAA,CAAO,UAAA,CAAW,OAAO,CAAA,EAAG;AAC/B,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,wBAAA,EAAyB;AAAA,EACzD;AAEA,EAAA,MAAM,SAAA,GAAY,kBAAkB,MAAM,CAAA;AAE1C,EAAA,IAAI;AACF,IAAA,MAAM,MAAA,GAAS,MAAM,EAAA,CAAG,IAAA,CAAK;AAAA,MAC3B,UAAA,EAAY,kBAAA;AAAA,MACZ,OAAO,EAAE,SAAA,EAAW,EAAE,MAAA,EAAQ,WAAU,EAAE;AAAA,MAC1C,KAAA,EAAO,GAAA;AAAA,MACP,IAAA,EAAM;AAAA,KACP,CAAA;AAED,IAAA,IAAI,CAAC,MAAA,CAAO,IAAA,IAAQ,MAAA,CAAO,IAAA,CAAK,WAAW,CAAA,EAAG;AAC5C,MAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,iBAAA,EAAkB;AAAA,IAClD;AAEA,IAAA,IAAI,UAAA,GAAkC,IAAA;AACtC,IAAA,KAAA,MAAW,GAAA,IAAO,OAAO,IAAA,EAAM;AAC7B,MAAA,MAAM,MAAA,GAAS,GAAA;AACf,MAAA,IAAI,mBAAA,CAAoB,MAAA,CAAO,GAAA,EAAK,MAAM,CAAA,EAAG;AAC3C,QAAA,UAAA,GAAa,MAAA;AACb,QAAA;AAAA,MACF;AAAA,IACF;AAEA,IAAA,IAAI,CAAC,UAAA,EAAY;AACf,MAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,iBAAA,EAAkB;AAAA,IAClD;AAEA,IAAA,IAAI,WAAW,SAAA,EAAW;AACxB,MAAA,MAAM,SAAA,GAAY,IAAI,IAAA,CAAK,UAAA,CAAW,SAAS,CAAA;AAC/C,MAAA,IAAI,SAAA,mBAAY,IAAI,IAAA,EAAK,EAAG;AAC1B,QAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,qBAAA,EAAsB;AAAA,MACtD;AAAA,IACF;AAEA,IAAA,IAAI;AACF,MAAA,MAAM,GAAG,MAAA,CAAO;AAAA,QACd,UAAA,EAAY,kBAAA;AAAA,QACZ,IAAI,UAAA,CAAW,EAAA;AAAA,QACf,MAAM,EAAE,UAAA,EAAA,qBAAgB,IAAA,EAAK,EAAE,aAAY;AAAE,OAC9C,CAAA;AAAA,IACH,CAAA,CAAA,MAAQ;AAAA,IAER;AAEA,IAAA,MAAM,IAAA,GAA0B;AAAA,MAC9B,IAAI,UAAA,CAAW,MAAA;AAAA,MACf,IAAA,EAAO,WAAmB,IAAA,IAAQ,QAAA;AAAA,MAClC,UAAW,UAAA,CAAmB;AAAA,KAChC;AAEA,IAAA,IAAI,UAAA,EAAY;AACd,MAAA,MAAM,MAAA,GAAS,MAAM,UAAA,CAAW,UAAA,CAAW,MAAM,CAAA;AACjD,MAAA,IAAI,MAAA,EAAQ;AACV,QAAA,MAAA,CAAO,MAAA,CAAO,MAAM,MAAM,CAAA;AAAA,MAC5B;AAAA,IACF;AAEA,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,IAAA;AAAA,MACP,QAAQ,UAAA,CAAW,MAAA;AAAA,MACnB,IAAA;AAAA,MACA,WAAA,EAAa,UAAA,CAAW,WAAA,IAAe,EAAC;AAAA,MACxC,UAAU,UAAA,CAAW,EAAA;AAAA,MACrB,UAAU,IAAA,CAAK,QAAA;AAAA,MACf,MAAM,IAAA,CAAK;AAAA,KACb;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,8BAA8B,KAAK,CAAA;AACjD,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,4BAAA,EAA6B;AAAA,EAC7D;AACF;AAEO,SAAS,yBAAyB,OAAA,EAAiC;AACxE,EAAA,MAAM,UAAA,GAAa,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,eAAe,CAAA;AACtD,EAAA,IAAI,UAAA,EAAY;AACd,IAAA,IAAI,UAAA,CAAW,UAAA,CAAW,SAAS,CAAA,EAAG;AACpC,MAAA,OAAO,UAAA,CAAW,KAAA,CAAM,CAAC,CAAA,CAAE,IAAA,EAAK;AAAA,IAClC;AACA,IAAA,IAAI,UAAA,CAAW,UAAA,CAAW,SAAS,CAAA,EAAG;AACpC,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAEA,EAAA,MAAM,OAAA,GAAU,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,WAAW,CAAA;AAC/C,EAAA,IAAI,OAAA,EAAS;AACX,IAAA,OAAO,QAAQ,IAAA,EAAK;AAAA,EACtB;AAEA,EAAA,OAAO,IAAA;AACT;AAEO,SAAS,oBACd,MAAA,EACsB;AACtB,EAAA,IAAI,CAAC,MAAA,CAAO,KAAA,IAAS,CAAC,OAAO,MAAA,EAAQ;AACnC,IAAA,OAAO,IAAA;AAAA,EACT;AACA,EAAA,OAAO;AAAA,IACL,QAAQ,MAAA,CAAO,MAAA;AAAA,IACf,IAAA,EAAM,MAAA,CAAO,IAAA,IAAQ,EAAC;AAAA,IACtB,WAAA,EAAa,MAAA,CAAO,WAAA,IAAe,EAAC;AAAA,IACpC,QAAA,EAAU,OAAO,QAAA,IAAY,EAAA;AAAA,IAC7B,UAAU,MAAA,CAAO,QAAA;AAAA,IACjB,MAAM,MAAA,CAAO;AAAA,GACf;AACF;AAEO,SAAS,mBAAA,CACd,aACA,QAAA,EACS;AACT,EAAA,IAAI,WAAA,CAAY,MAAA,KAAW,CAAA,EAAG,OAAO,KAAA;AACrC,EAAA,IAAI,WAAA,CAAY,QAAA,CAAS,GAAG,CAAA,EAAG,OAAO,IAAA;AACtC,EAAA,IAAI,WAAA,CAAY,QAAA,CAAS,QAAQ,CAAA,EAAG,OAAO,IAAA;AAE3C,EAAA,MAAM,CAAC,QAAA,EAAU,MAAM,CAAA,GAAI,QAAA,CAAS,MAAM,GAAG,CAAA;AAC7C,EAAA,IAAI,YAAY,QAAA,CAAS,CAAA,EAAG,QAAQ,CAAA,EAAA,CAAI,GAAG,OAAO,IAAA;AAElD,EAAA,OAAO,KAAA;AACT","file":"chunk-VIONYQ2K.cjs","sourcesContent":["import type { User, Request } from '../hooks/types.js';\n\n// ============================================================================\n// Access Control Types\n// ============================================================================\n\nexport interface WhereClause {\n [field: string]: any;\n}\n\nexport interface AccessArgs {\n req: Request;\n user?: User;\n data?: any;\n doc?: any;\n id?: string;\n tenantID?: string;\n context?: Record<string, any>;\n}\n\nexport type AccessControl = boolean | ((args: AccessArgs) => Promise<boolean | WhereClause> | boolean | WhereClause);\n\nexport interface CollectionAccess {\n create?: AccessControl;\n read?: AccessControl;\n update?: AccessControl;\n delete?: AccessControl;\n admin?: AccessControl;\n unlock?: AccessControl;\n readVersions?: AccessControl;\n}\n\nexport interface GlobalAccess {\n read?: AccessControl;\n update?: AccessControl;\n}\n\nexport interface FieldAccess {\n create?: AccessControl;\n read?: AccessControl;\n update?: AccessControl;\n}\n\n// ============================================================================\n// Access Control Evaluation\n// ============================================================================\n\nexport async function evaluateAccess(\n access: AccessControl,\n args: AccessArgs\n): Promise<boolean | WhereClause> {\n if (typeof access === 'boolean') {\n return access;\n }\n if (typeof access === 'function') {\n return await access(args);\n }\n return true;\n}\n\nexport function mergeWhereClauses(\n ...whereClauses: (WhereClause | boolean | undefined)[]\n): WhereClause {\n const result: WhereClause = {};\n for (const clause of whereClauses) {\n if (clause && typeof clause === 'object') {\n Object.assign(result, clause);\n }\n }\n return result;\n}\n\nexport function getWhereClause(\n access: AccessControl,\n args: AccessArgs\n): Promise<WhereClause | undefined> {\n return evaluateAccess(access, args).then(result => {\n if (result === true) return undefined;\n if (result === false) return { _id: { $eq: null } };\n return result;\n });\n}\n","export const WEBHOOK_EVENTS = {\n COLLECTION_CREATE: \"collection.create\",\n COLLECTION_UPDATE: \"collection.update\",\n COLLECTION_DELETE: \"collection.delete\",\n MEDIA_UPLOAD: \"media.upload\",\n MEDIA_DELETE: \"media.delete\",\n AUTH_LOGIN: \"auth.login\",\n AUTH_REGISTER: \"auth.register\",\n AUTH_LOGOUT: \"auth.logout\",\n ORDER_CREATED: \"order.created\",\n ORDER_PAID: \"order.paid\",\n ORDER_SHIPPED: \"order.shipped\",\n ORDER_DELIVERED: \"order.delivered\",\n} as const;\n\nexport type WebhookEvent = (typeof WEBHOOK_EVENTS)[keyof typeof WEBHOOK_EVENTS];\n\nexport const ALL_WEBHOOK_EVENTS: WebhookEvent[] = Object.values(WEBHOOK_EVENTS);\n\nexport interface WebhookConfig {\n id: string;\n name: string;\n url: string;\n events: WebhookEvent[];\n status: \"active\" | \"inactive\" | \"error\";\n secret?: string;\n headers?: Record<string, string>;\n lastTriggered?: string;\n lastError?: string;\n createdAt: string;\n updatedAt: string;\n}\n\nexport interface CreateWebhookData {\n name: string;\n url: string;\n events: WebhookEvent[];\n status?: \"active\" | \"inactive\";\n secret?: string;\n headers?: Record<string, string>;\n}\n\nexport interface UpdateWebhookData {\n name?: string;\n url?: string;\n events?: WebhookEvent[];\n status?: \"active\" | \"inactive\" | \"error\";\n secret?: string;\n headers?: Record<string, string>;\n lastTriggered?: string | null;\n lastError?: string | null;\n}\n\nexport interface WebhookPayload {\n id: string;\n event: WebhookEvent;\n timestamp: string;\n collection?: string;\n operation?: \"create\" | \"update\" | \"delete\";\n data?: unknown;\n previousData?: unknown;\n user?: {\n id: string;\n email?: string;\n role?: string;\n };\n tenantId?: string;\n metadata?: Record<string, unknown>;\n}\n\nexport interface WebhookDelivery {\n id: string;\n webhookId: string;\n event: WebhookEvent;\n payload: WebhookPayload;\n attempt: number;\n status: \"pending\" | \"success\" | \"failed\" | \"retrying\";\n responseStatus?: number;\n responseBody?: string;\n error?: string;\n duration?: number;\n createdAt: string;\n deliveredAt?: string;\n nextRetryAt?: string;\n}\n\nexport interface WebhookTriggerResult {\n deliveryId: string;\n webhookId: string;\n event: WebhookEvent;\n status: \"queued\" | \"success\" | \"failed\";\n responseStatus?: number;\n duration?: number;\n error?: string;\n}\n\nexport const WEBHOOK_COLLECTION = \"_webhooks\";\nexport const WEBHOOK_DELIVERY_COLLECTION = \"_webhook_deliveries\";\n","import { createHmac, randomBytes } from \"crypto\";\nimport type {\n WebhookConfig,\n WebhookPayload,\n WebhookDelivery,\n} from \"./types.js\";\n\nexport interface DeliveryResult {\n success: boolean;\n status: number;\n statusText?: string;\n body?: string;\n duration: number;\n error?: string;\n}\n\nexport interface DeliveryOptions {\n timeout?: number;\n maxRetries?: number;\n retryDelay?: number;\n onRetry?: (attempt: number, error: string) => void;\n onSuccess?: (result: DeliveryResult) => void;\n onFailure?: (error: string) => void;\n}\n\nexport function signPayload(payload: string, secret: string): string {\n return `sha256=${createHmac(\"sha256\", secret).update(payload).digest(\"hex\")}`;\n}\n\nexport function generateWebhookSecret(): string {\n return randomBytes(32).toString(\"hex\");\n}\n\nexport async function deliverWebhook(\n webhook: WebhookConfig,\n payload: WebhookPayload,\n options: DeliveryOptions = {},\n): Promise<DeliveryResult> {\n const timeout = options.timeout || 30000;\n const startTime = Date.now();\n\n const body = JSON.stringify(payload);\n\n const headers: Record<string, string> = {\n \"Content-Type\": \"application/json\",\n \"User-Agent\": \"Kyro-CMS-Webhook/1.0\",\n \"X-Webhook-Event\": payload.event,\n \"X-Webhook-Delivery\": payload.id,\n \"X-Webhook-Timestamp\": payload.timestamp,\n ...(webhook.headers || {}),\n };\n\n if (webhook.secret) {\n const signature = signPayload(body, webhook.secret);\n headers[\"X-Webhook-Signature\"] = signature;\n }\n\n const controller = new AbortController();\n const timeoutId = setTimeout(() => controller.abort(), timeout);\n\n try {\n const response = await fetch(webhook.url, {\n method: \"POST\",\n headers,\n body,\n signal: controller.signal,\n });\n\n clearTimeout(timeoutId);\n\n const duration = Date.now() - startTime;\n let responseBody: string | undefined;\n\n try {\n const text = await response.text();\n responseBody = text.slice(0, 1000);\n } catch {}\n\n const result: DeliveryResult = {\n success: response.ok,\n status: response.status,\n statusText: response.statusText,\n body: responseBody,\n duration,\n };\n\n if (result.success && options.onSuccess) {\n options.onSuccess(result);\n } else if (!result.success && options.onFailure) {\n options.onFailure(`HTTP ${response.status}: ${response.statusText}`);\n }\n\n return result;\n } catch (error: any) {\n clearTimeout(timeoutId);\n const duration = Date.now() - startTime;\n const errorMessage =\n error.name === \"AbortError\"\n ? `Request timed out after ${timeout}ms`\n : error.message || \"Unknown error\";\n\n if (options.onFailure) {\n options.onFailure(errorMessage);\n }\n\n return {\n success: false,\n status: 0,\n duration,\n error: errorMessage,\n };\n }\n}\n\nexport async function deliverWithRetry(\n webhook: WebhookConfig,\n payload: WebhookPayload,\n deliveryId: string,\n options: DeliveryOptions = {},\n): Promise<DeliveryResult> {\n const maxRetries = options.maxRetries ?? 5;\n const baseDelay = options.retryDelay ?? 1000;\n let lastResult: DeliveryResult | null = null;\n\n for (let attempt = 0; attempt <= maxRetries; attempt++) {\n if (attempt > 0) {\n const delay = Math.min(baseDelay * Math.pow(2, attempt - 1), 30000);\n if (options.onRetry) {\n options.onRetry(attempt, `Retrying in ${delay}ms...`);\n }\n await sleep(delay);\n }\n\n if (options.onRetry && attempt > 0) {\n options.onRetry(attempt, `Attempt ${attempt + 1}/${maxRetries + 1}`);\n }\n\n lastResult = await deliverWebhook(webhook, payload, {\n ...options,\n onRetry: undefined,\n onSuccess: undefined,\n onFailure: undefined,\n });\n\n if (lastResult.success) {\n return lastResult;\n }\n\n if (lastResult.error?.includes(\"timed out\") && attempt < maxRetries) {\n continue;\n }\n\n if (lastResult.status >= 400 && lastResult.status < 500) {\n return lastResult;\n }\n }\n\n return (\n lastResult || {\n success: false,\n status: 0,\n duration: 0,\n error: \"All delivery attempts failed\",\n }\n );\n}\n\nexport function buildDeliveryRecord(\n deliveryId: string,\n webhookId: string,\n event: string,\n payload: WebhookPayload,\n attempt: number,\n result: DeliveryResult,\n): WebhookDelivery {\n return {\n id: deliveryId,\n webhookId,\n event: event as any,\n payload,\n attempt,\n status: result.success ? \"success\" : \"failed\",\n responseStatus: result.status || undefined,\n responseBody: result.body,\n duration: result.duration,\n error: result.error,\n createdAt: new Date().toISOString(),\n deliveredAt: result.success ? new Date().toISOString() : undefined,\n };\n}\n\nfunction sleep(ms: number): Promise<void> {\n return new Promise((resolve) => setTimeout(resolve, ms));\n}\n\nexport function createTestPayload(): WebhookPayload {\n return {\n id: `test_${Date.now()}`,\n event: \"collection.create\",\n timestamp: new Date().toISOString(),\n collection: \"test\",\n operation: \"create\",\n data: { message: \"This is a test webhook delivery\" },\n user: { id: \"system\", email: \"system@kyro.dev\", role: \"super_admin\" },\n };\n}\n","import { randomUUID } from \"crypto\";\nimport type { BaseAdapter } from \"../registry/types.js\";\nimport {\n type WebhookConfig,\n type CreateWebhookData,\n type UpdateWebhookData,\n type WebhookPayload,\n type WebhookDelivery,\n type WebhookEvent,\n type WebhookTriggerResult,\n WEBHOOK_COLLECTION,\n WEBHOOK_DELIVERY_COLLECTION,\n} from \"./types.js\";\nimport {\n deliverWithRetry,\n buildDeliveryRecord,\n generateWebhookSecret,\n} from \"./delivery.js\";\n\nexport class WebhookService {\n private db: BaseAdapter;\n\n constructor(db: BaseAdapter) {\n this.db = db;\n }\n\n async getWebhooks(filters?: {\n status?: string;\n event?: WebhookEvent;\n }): Promise<WebhookConfig[]> {\n const result = await this.db.find({\n collection: WEBHOOK_COLLECTION,\n where: filters?.status ? { status: { equals: filters.status } } : {},\n limit: 100,\n page: 1,\n });\n\n const webhooks = result.docs as unknown as WebhookConfig[];\n\n if (filters?.event) {\n return webhooks.filter((w) =>\n w.events.includes(filters.event as WebhookEvent),\n );\n }\n\n return webhooks;\n }\n\n async getWebhookById(id: string): Promise<WebhookConfig | null> {\n return this.db.findByID({\n collection: WEBHOOK_COLLECTION,\n id,\n }) as Promise<WebhookConfig | null>;\n }\n\n async createWebhook(data: CreateWebhookData): Promise<WebhookConfig> {\n const now = new Date().toISOString();\n const secret = data.secret || generateWebhookSecret();\n\n const webhook = {\n id: randomUUID(),\n name: data.name,\n url: data.url,\n events: data.events,\n status: data.status || \"active\",\n secret,\n headers: data.headers || {},\n createdAt: now,\n updatedAt: now,\n };\n\n await this.db.create({\n collection: WEBHOOK_COLLECTION,\n data: webhook,\n });\n\n return webhook as WebhookConfig;\n }\n\n async updateWebhook(\n id: string,\n data: UpdateWebhookData,\n ): Promise<WebhookConfig | null> {\n const existing = await this.getWebhookById(id);\n if (!existing) return null;\n\n const updated = {\n ...existing,\n ...data,\n updatedAt: new Date().toISOString(),\n };\n\n if (data.secret === \"\" && \"secret\" in data) {\n delete updated.secret;\n }\n\n await this.db.update({\n collection: WEBHOOK_COLLECTION,\n id,\n data: updated,\n });\n\n return updated as WebhookConfig;\n }\n\n async deleteWebhook(id: string): Promise<void> {\n await this.db.delete({\n collection: WEBHOOK_COLLECTION,\n id,\n });\n }\n\n async trigger(\n event: WebhookEvent,\n payloadData: Omit<WebhookPayload, \"id\" | \"event\" | \"timestamp\">,\n ): Promise<WebhookTriggerResult[]> {\n const webhooks = await this.getWebhooks();\n const activeWebhooks = webhooks.filter((w) => w.status === \"active\");\n\n const matchingWebhooks = activeWebhooks.filter((w) =>\n w.events.includes(event),\n );\n\n if (matchingWebhooks.length === 0) {\n return [];\n }\n\n const payload: WebhookPayload = {\n id: `wh_${Date.now()}_${randomUUID().slice(0, 8)}`,\n event,\n timestamp: new Date().toISOString(),\n ...payloadData,\n };\n\n const results: WebhookTriggerResult[] = [];\n\n for (const webhook of matchingWebhooks) {\n const result = await this.triggerWebhook(webhook, payload);\n results.push(result);\n }\n\n return results;\n }\n\n async triggerWebhook(\n webhook: WebhookConfig,\n payload: WebhookPayload,\n ): Promise<WebhookTriggerResult> {\n const deliveryId = `dlv_${Date.now()}_${randomUUID().slice(0, 8)}`;\n\n try {\n const result = await deliverWithRetry(webhook, payload, deliveryId, {\n maxRetries: 5,\n retryDelay: 1000,\n });\n\n const deliveryRecord = buildDeliveryRecord(\n deliveryId,\n webhook.id,\n webhook.events[0],\n payload,\n 1,\n result,\n );\n\n try {\n await this.db.create({\n collection: WEBHOOK_DELIVERY_COLLECTION,\n data: deliveryRecord,\n });\n } catch {\n console.warn(\n \"[WebhookService] Failed to save delivery record:\",\n deliveryId,\n );\n }\n\n if (!result.success) {\n await this.updateWebhook(webhook.id, {\n status: \"error\",\n lastError: result.error,\n }).catch(() => {});\n } else {\n await this.updateWebhook(webhook.id, {\n status: \"active\",\n lastTriggered: new Date().toISOString(),\n }).catch(() => {});\n }\n\n return {\n deliveryId,\n webhookId: webhook.id,\n event: webhook.events[0],\n status: result.success ? \"success\" : \"failed\",\n responseStatus: result.status,\n duration: result.duration,\n error: result.error,\n };\n } catch (error: any) {\n return {\n deliveryId,\n webhookId: webhook.id,\n event: webhook.events[0],\n status: \"failed\",\n error: error.message,\n };\n }\n }\n\n async testWebhook(webhookId: string): Promise<WebhookTriggerResult | null> {\n const webhook = await this.getWebhookById(webhookId);\n if (!webhook) return null;\n\n const payload: WebhookPayload = {\n id: `test_${Date.now()}`,\n event: webhook.events[0] || \"collection.create\",\n timestamp: new Date().toISOString(),\n collection: \"test\",\n operation: \"create\",\n data: { message: \"This is a test webhook delivery from Kyro CMS\" },\n user: {\n id: \"system\",\n email: \"system@kyro.dev\",\n role: \"super_admin\",\n },\n };\n\n return this.triggerWebhook(webhook, payload);\n }\n\n async getDeliveryHistory(\n webhookId: string,\n limit: number = 50,\n ): Promise<WebhookDelivery[]> {\n const result = await this.db.find({\n collection: WEBHOOK_DELIVERY_COLLECTION,\n where: { webhookId: { equals: webhookId } },\n sort: \"-createdAt\",\n limit,\n page: 1,\n });\n\n return result.docs as unknown as WebhookDelivery[];\n }\n\n async retryDelivery(\n deliveryId: string,\n ): Promise<WebhookTriggerResult | null> {\n const delivery = (await this.db.findByID({\n collection: WEBHOOK_DELIVERY_COLLECTION,\n id: deliveryId,\n })) as WebhookDelivery | null;\n\n if (!delivery) return null;\n\n const webhook = await this.getWebhookById(delivery.webhookId);\n if (!webhook) return null;\n\n return this.triggerWebhook(webhook, delivery.payload);\n }\n}\n\nexport function createWebhookService(db: BaseAdapter): WebhookService {\n return new WebhookService(db);\n}\n","import { timingSafeEqual } from \"crypto\";\nimport type { BaseAdapter } from \"../registry/types.js\";\nimport type { AuthUser, UserRole } from \"./types.js\";\n\nexport interface ApiKeyRecord {\n id: string;\n userId: string;\n name: string;\n key: string;\n keyPrefix: string;\n permissions: string[];\n lastUsedAt?: string;\n expiresAt?: string;\n createdAt: string;\n}\n\nexport interface ApiKeyValidationResult {\n valid: boolean;\n userId?: string;\n user?: Partial<AuthUser>;\n permissions?: string[];\n apiKeyId?: string;\n error?: string;\n tenantId?: string;\n role?: UserRole;\n}\n\nexport interface ApiKeyContext {\n userId: string;\n user: Partial<AuthUser>;\n permissions: string[];\n apiKeyId: string;\n tenantId?: string;\n role?: UserRole;\n}\n\nexport const API_KEY_COLLECTION = \"_api_keys\";\n\nfunction generateKeyPrefix(key: string): string {\n return key.substring(0, 8);\n}\n\nfunction constantTimeCompare(a: string, b: string): boolean {\n if (a.length !== b.length) {\n return false;\n }\n try {\n return timingSafeEqual(Buffer.from(a), Buffer.from(b));\n } catch {\n return false;\n }\n}\n\nexport async function validateApiKey(\n rawKey: string,\n db: BaseAdapter,\n userLookup?: (userId: string) => Promise<Partial<AuthUser> | null>,\n): Promise<ApiKeyValidationResult> {\n if (!rawKey || typeof rawKey !== \"string\") {\n return { valid: false, error: \"No API key provided\" };\n }\n\n if (!rawKey.startsWith(\"kyro_\")) {\n return { valid: false, error: \"Invalid API key format\" };\n }\n\n const keyPrefix = generateKeyPrefix(rawKey);\n\n try {\n const result = await db.find({\n collection: API_KEY_COLLECTION,\n where: { keyPrefix: { equals: keyPrefix } },\n limit: 100,\n page: 1,\n });\n\n if (!result.docs || result.docs.length === 0) {\n return { valid: false, error: \"Invalid API key\" };\n }\n\n let matchedKey: ApiKeyRecord | null = null;\n for (const doc of result.docs) {\n const record = doc as unknown as ApiKeyRecord;\n if (constantTimeCompare(record.key, rawKey)) {\n matchedKey = record;\n break;\n }\n }\n\n if (!matchedKey) {\n return { valid: false, error: \"Invalid API key\" };\n }\n\n if (matchedKey.expiresAt) {\n const expiresAt = new Date(matchedKey.expiresAt);\n if (expiresAt < new Date()) {\n return { valid: false, error: \"API key has expired\" };\n }\n }\n\n try {\n await db.update({\n collection: API_KEY_COLLECTION,\n id: matchedKey.id,\n data: { lastUsedAt: new Date().toISOString() },\n });\n } catch {\n // Non-critical: don't fail if lastUsedAt update fails\n }\n\n const user: Partial<AuthUser> = {\n id: matchedKey.userId,\n role: (matchedKey as any).role || \"author\",\n tenantId: (matchedKey as any).tenantId,\n };\n\n if (userLookup) {\n const dbUser = await userLookup(matchedKey.userId);\n if (dbUser) {\n Object.assign(user, dbUser);\n }\n }\n\n return {\n valid: true,\n userId: matchedKey.userId,\n user,\n permissions: matchedKey.permissions || [],\n apiKeyId: matchedKey.id,\n tenantId: user.tenantId,\n role: user.role,\n };\n } catch (error) {\n console.error(\"[ApiKey] Validation error:\", error);\n return { valid: false, error: \"Failed to validate API key\" };\n }\n}\n\nexport function extractApiKeyFromRequest(request: Request): string | null {\n const authHeader = request.headers.get(\"Authorization\");\n if (authHeader) {\n if (authHeader.startsWith(\"ApiKey \")) {\n return authHeader.slice(7).trim();\n }\n if (authHeader.startsWith(\"Bearer \")) {\n return null;\n }\n }\n\n const xApiKey = request.headers.get(\"X-API-Key\");\n if (xApiKey) {\n return xApiKey.trim();\n }\n\n return null;\n}\n\nexport function createApiKeyContext(\n result: ApiKeyValidationResult,\n): ApiKeyContext | null {\n if (!result.valid || !result.userId) {\n return null;\n }\n return {\n userId: result.userId,\n user: result.user || {},\n permissions: result.permissions || [],\n apiKeyId: result.apiKeyId || \"\",\n tenantId: result.tenantId,\n role: result.role,\n };\n}\n\nexport function hasApiKeyPermission(\n permissions: string[],\n required: string,\n): boolean {\n if (permissions.length === 0) return false;\n if (permissions.includes(\"*\")) return true;\n if (permissions.includes(required)) return true;\n\n const [resource, action] = required.split(\":\");\n if (permissions.includes(`${resource}:*`)) return true;\n\n return false;\n}\n\nexport function generateApiKey(): string {\n const chars = \"abcdefghijklmnopqrstuvwxyz0123456789\";\n let suffix = \"\";\n for (let i = 0; i < 28; i++) {\n suffix += chars[Math.floor(Math.random() * chars.length)];\n }\n return `kyro_${suffix}`;\n}\n\nexport function generateApiKeyPrefix(key: string): string {\n return key.substring(0, 8);\n}\n"]}
package/dist/postgres-auth-adapter-EVRPO7BQ.cjs DELETED
@@ -1,14 +0,0 @@
1
- 'use strict';
2
-
3
- var chunkLIJVWQKU_cjs = require('./chunk-LIJVWQKU.cjs');
4
- require('./chunk-7YITG2US.cjs');
5
- require('./chunk-G7VZBCD6.cjs');
6
-
7
-
8
-
9
- Object.defineProperty(exports, "PostgresAuthAdapter", {
10
- enumerable: true,
11
- get: function () { return chunkLIJVWQKU_cjs.PostgresAuthAdapter; }
12
- });
13
- //# sourceMappingURL=postgres-auth-adapter-EVRPO7BQ.cjs.map
14
- //# sourceMappingURL=postgres-auth-adapter-EVRPO7BQ.cjs.map
package/dist/postgres-auth-adapter-OTRWSTT5.js DELETED
@@ -1,5 +0,0 @@
1
- export { PostgresAuthAdapter } from './chunk-U74F3YZU.js';
2
- import './chunk-LTRCYJAG.js';
3
- import './chunk-Z6ZWNWWR.js';
4
- //# sourceMappingURL=postgres-auth-adapter-OTRWSTT5.js.map
5
- //# sourceMappingURL=postgres-auth-adapter-OTRWSTT5.js.map
package/dist/redis-adapter-E7PMN5HW.cjs DELETED
@@ -1,13 +0,0 @@
1
- 'use strict';
2
-
3
- var chunk44BF6ALS_cjs = require('./chunk-44BF6ALS.cjs');
4
- require('./chunk-G7VZBCD6.cjs');
5
-
6
-
7
-
8
- Object.defineProperty(exports, "RedisAuthAdapter", {
9
- enumerable: true,
10
- get: function () { return chunk44BF6ALS_cjs.RedisAuthAdapter; }
11
- });
12
- //# sourceMappingURL=redis-adapter-E7PMN5HW.cjs.map
13
- //# sourceMappingURL=redis-adapter-E7PMN5HW.cjs.map
package/dist/redis-adapter-HOO67RBQ.js DELETED
@@ -1,4 +0,0 @@
1
- export { RedisAuthAdapter } from './chunk-GE5DMB44.js';
2
- import './chunk-Z6ZWNWWR.js';
3
- //# sourceMappingURL=redis-adapter-HOO67RBQ.js.map
4
- //# sourceMappingURL=redis-adapter-HOO67RBQ.js.map