@kyro-cms/core 0.3.2 → 0.3.5

package/dist/{chunk-44BF6ALS.cjs → chunk-H4XCAPA6.cjs}

@@ -1,6 +1,5 @@
 'use strict';
 
-var ioredis = require('ioredis');
 var bcrypt = require('bcryptjs');
 var crypto = require('crypto');
 
@@ -13,27 +12,35 @@ var DEFAULT_PREFIX = "kyro:auth:";
 var DEFAULT_TOKEN_EXPIRATION = 86400;
 var DEFAULT_REFRESH_EXPIRATION = 604800;
 var RedisAuthAdapter = class {
-  redis;
+  _redis = null;
   prefix;
   tokenExpiration;
   refreshExpiration;
+  options;
   constructor(options = {}) {
-    const url = options.url || `redis://${options.host || "localhost"}:${options.port || 6379}`;
-    this.redis = new ioredis.Redis(url, {
-      password: options.password,
-      db: options.db,
-      lazyConnect: true,
-      tls: options.tls ? {} : void 0
-    });
+    this.options = options;
     this.prefix = options.keyPrefix || DEFAULT_PREFIX;
     this.tokenExpiration = options.tokenExpiration || DEFAULT_TOKEN_EXPIRATION;
     this.refreshExpiration = options.refreshTokenExpiration || DEFAULT_REFRESH_EXPIRATION;
   }
+  async getRedis() {
+    if (!this._redis) {
+      const { Redis: RedisClass } = await import('ioredis');
+      const url = this.options.url || `redis://${this.options.host || "localhost"}:${this.options.port || 6379}`;
+      this._redis = new RedisClass(url, {
+        password: this.options.password,
+        db: this.options.db,
+        lazyConnect: true,
+        tls: this.options.tls ? {} : void 0
+      });
+    }
+    return this._redis;
+  }
   async connect() {
-    await this.redis.connect();
+    await this.getRedis();
   }
   async disconnect() {
-    await this.redis.quit();
+    await (await this.getRedis()).quit();
   }
   userKey(userId) {
     return `${this.prefix}users:${userId}`;
@@ -63,21 +70,19 @@ var RedisAuthAdapter = class {
       createdAt: now,
       updatedAt: now
     };
-    const pipeline = this.redis.pipeline();
+    const pipeline = (await this.getRedis()).pipeline();
     pipeline.hset(this.userKey(userId), this.userToHash(user));
     pipeline.set(this.userByEmailKey(data.email), userId);
     await pipeline.exec();
     return user;
   }
   async findUserByEmail(email) {
-    const userId = await this.redis.get(
-      this.userByEmailKey(email.toLowerCase())
-    );
+    const userId = await (await this.getRedis()).get(this.userByEmailKey(email.toLowerCase()));
     if (!userId) return null;
     return this.findUserById(userId);
   }
   async findUserById(userId) {
-    const data = await this.redis.hgetall(this.userKey(userId));
+    const data = await (await this.getRedis()).hgetall(this.userKey(userId));
     if (!data || Object.keys(data).length === 0) return null;
     return this.hashToUser(data);
   }
@@ -91,18 +96,18 @@ var RedisAuthAdapter = class {
       updatedAt: (/* @__PURE__ */ new Date()).toISOString()
     };
     if (data.email && data.email !== existing.email) {
-      const pipeline = this.redis.pipeline();
+      const pipeline = (await this.getRedis()).pipeline();
       pipeline.del(this.userByEmailKey(existing.email));
       pipeline.set(this.userByEmailKey(data.email), userId);
       await pipeline.exec();
     }
-    await this.redis.hset(this.userKey(userId), this.userToHash(updated));
+    await (await this.getRedis()).hset(this.userKey(userId), this.userToHash(updated));
     return updated;
   }
   async deleteUser(userId) {
     const user = await this.findUserById(userId);
     if (!user) return false;
-    const pipeline = this.redis.pipeline();
+    const pipeline = (await this.getRedis()).pipeline();
     pipeline.del(this.userKey(userId));
     pipeline.del(this.userByEmailKey(user.email));
     pipeline.del(this.passwordHistoryKey(userId));
@@ -113,7 +118,7 @@ var RedisAuthAdapter = class {
     return bcrypt__default.default.hash(password, 12);
   }
   async verifyPassword(email, password) {
-    const userId = await this.redis.get(this.userByEmailKey(email));
+    const userId = await (await this.getRedis()).get(this.userByEmailKey(email));
     if (!userId) return null;
     const user = await this.findUserById(userId);
     if (!user || !user.passwordHash) return null;
@@ -137,7 +142,7 @@ var RedisAuthAdapter = class {
       ipAddress: data.ipAddress,
       userAgent: data.userAgent
     };
-    const pipeline = this.redis.pipeline();
+    const pipeline = (await this.getRedis()).pipeline();
     pipeline.hset(this.sessionKey(sessionId), this.sessionToHash(session));
     pipeline.setex(
       this.refreshKey(refreshToken),
@@ -148,14 +153,21 @@ var RedisAuthAdapter = class {
     return session;
   }
   async findSessionByToken(token) {
-    const data = await this.redis.hgetall(this.sessionKey(token));
+    const data = await (await this.getRedis()).hgetall(this.sessionKey(token));
+    if (!data || Object.keys(data).length === 0) return null;
+    return this.hashToSession(data);
+  }
+  async findSessionByRefreshToken(refreshToken) {
+    const sessionId = await (await this.getRedis()).get(this.refreshKey(refreshToken));
+    if (!sessionId) return null;
+    const data = await (await this.getRedis()).hgetall(this.sessionKey(sessionId));
     if (!data || Object.keys(data).length === 0) return null;
     return this.hashToSession(data);
   }
   async deleteSession(sessionId) {
-    const session = await this.redis.hgetall(this.sessionKey(sessionId));
+    const session = await (await this.getRedis()).hgetall(this.sessionKey(sessionId));
     if (!session || Object.keys(session).length === 0) return false;
-    const pipeline = this.redis.pipeline();
+    const pipeline = (await this.getRedis()).pipeline();
     pipeline.del(this.sessionKey(sessionId));
     if (session.refreshToken) {
       pipeline.del(this.refreshKey(session.refreshToken));
@@ -168,16 +180,10 @@ var RedisAuthAdapter = class {
     let cursor = "0";
     let deleted = 0;
     do {
-      const [nextCursor, keys] = await this.redis.scan(
-        cursor,
-        "MATCH",
-        pattern,
-        "COUNT",
-        100
-      );
+      const [nextCursor, keys] = await (await this.getRedis()).scan(cursor, "MATCH", pattern, "COUNT", 100);
       cursor = nextCursor;
       for (const key of keys) {
-        const sessionData = await this.redis.hgetall(key);
+        const sessionData = await (await this.getRedis()).hgetall(key);
         if (sessionData.userId === userId) {
           const sessionId = key.replace(`${this.prefix}sessions:`, "");
           await this.deleteSession(sessionId);
@@ -188,11 +194,15 @@ var RedisAuthAdapter = class {
     return deleted;
   }
   async addPasswordToHistory(userId, passwordHash) {
-    await this.redis.lpush(this.passwordHistoryKey(userId), passwordHash);
-    await this.redis.ltrim(this.passwordHistoryKey(userId), 0, 4);
+    await (await this.getRedis()).lpush(this.passwordHistoryKey(userId), passwordHash);
+    await (await this.getRedis()).ltrim(this.passwordHistoryKey(userId), 0, 4);
   }
   async getPasswordHistory(userId, count = 5) {
-    return this.redis.lrange(this.passwordHistoryKey(userId), 0, count - 1);
+    return (await this.getRedis()).lrange(
+      this.passwordHistoryKey(userId),
+      0,
+      count - 1
+    );
   }
   async isPasswordInHistory(password, userId, historyCount = 5) {
     const history = await this.getPasswordHistory(userId, historyCount);
@@ -270,12 +280,12 @@ var RedisAuthAdapter = class {
   async findAuditLogs(filter) {
     const { limit = 50, offset = 0 } = filter;
     const indexKey = this.auditLogIndexKey();
-    const allIds = await this.redis.zrevrange(indexKey, 0, -1);
+    const allIds = await (await this.getRedis()).zrevrange(indexKey, 0, -1);
     const total = allIds.length;
     const pagedIds = allIds.slice(offset, offset + limit);
     const logs = [];
     for (const id of pagedIds) {
-      const logData = await this.redis.get(this.auditLogKey(id));
+      const logData = await (await this.getRedis()).get(this.auditLogKey(id));
       if (logData) {
         const log = JSON.parse(logData);
         if ((!filter.userId || log.userId === filter.userId) && (!filter.action || (Array.isArray(filter.action) ? filter.action.includes(log.action) : log.action === filter.action)) && (!filter.resource || log.resource === filter.resource) && (filter.success === void 0 || log.success === filter.success)) {
@@ -289,18 +299,14 @@ var RedisAuthAdapter = class {
     const id = crypto.randomBytes(16).toString("hex");
     const timestamp = /* @__PURE__ */ new Date();
     const log = { ...data, id, timestamp };
-    await this.redis.set(this.auditLogKey(id), JSON.stringify(log));
-    await this.redis.zadd(this.auditLogIndexKey(), Date.now(), id);
-    const count = await this.redis.zcard(this.auditLogIndexKey());
+    await (await this.getRedis()).set(this.auditLogKey(id), JSON.stringify(log));
+    await (await this.getRedis()).zadd(this.auditLogIndexKey(), Date.now(), id);
+    const count = await (await this.getRedis()).zcard(this.auditLogIndexKey());
     if (count > 1e4) {
-      const oldIds = await this.redis.zrange(
-        this.auditLogIndexKey(),
-        0,
-        count - 10001
-      );
+      const oldIds = await (await this.getRedis()).zrange(this.auditLogIndexKey(), 0, count - 10001);
       for (const oldId of oldIds) {
-        await this.redis.del(this.auditLogKey(oldId));
-        await this.redis.zrem(this.auditLogIndexKey(), oldId);
+        await (await this.getRedis()).del(this.auditLogKey(oldId));
+        await (await this.getRedis()).zrem(this.auditLogIndexKey(), oldId);
       }
     }
     return log;
@@ -308,5 +314,5 @@ var RedisAuthAdapter = class {
 };
 
 exports.RedisAuthAdapter = RedisAuthAdapter;
-//# sourceMappingURL=chunk-44BF6ALS.cjs.map
-//# sourceMappingURL=chunk-44BF6ALS.cjs.map
+//# sourceMappingURL=chunk-H4XCAPA6.cjs.map
+//# sourceMappingURL=chunk-H4XCAPA6.cjs.map

package/dist/chunk-H4XCAPA6.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/auth/redis-adapter.ts"],"names":["randomBytes","bcrypt"],"mappings":";;;;;;;;;;AAiBA,IAAM,cAAA,GAAiB,YAAA;AACvB,IAAM,wBAAA,GAA2B,KAAA;AACjC,IAAM,0BAAA,GAA6B,MAAA;AAE5B,IAAM,mBAAN,MAA8C;AAAA,EAC3C,MAAA,GAAuB,IAAA;AAAA,EACvB,MAAA;AAAA,EACA,eAAA;AAAA,EACA,iBAAA;AAAA,EACA,OAAA;AAAA,EAER,WAAA,CAAY,OAAA,GAAmC,EAAC,EAAG;AACjD,IAAA,IAAA,CAAK,OAAA,GAAU,OAAA;AACf,IAAA,IAAA,CAAK,MAAA,GAAS,QAAQ,SAAA,IAAa,cAAA;AACnC,IAAA,IAAA,CAAK,eAAA,GAAkB,QAAQ,eAAA,IAAmB,wBAAA;AAClD,IAAA,IAAA,CAAK,iBAAA,GACH,QAAQ,sBAAA,IAA0B,0BAAA;AAAA,EACtC;AAAA,EAEA,MAAc,QAAA,GAA2B;AACvC,IAAA,IAAI,CAAC,KAAK,MAAA,EAAQ;AAChB,MAAA,MAAM,EAAE,KAAA,EAAO,UAAA,EAAW,GAAI,MAAM,OAAO,SAAS,CAAA;AACpD,MAAA,MAAM,GAAA,GACJ,IAAA,CAAK,OAAA,CAAQ,GAAA,IACb,CAAA,QAAA,EAAW,IAAA,CAAK,OAAA,CAAQ,IAAA,IAAQ,WAAW,CAAA,CAAA,EAAI,IAAA,CAAK,OAAA,CAAQ,QAAQ,IAAI,CAAA,CAAA;AAC1E,MAAA,IAAA,CAAK,MAAA,GAAS,IAAI,UAAA,CAAW,GAAA,EAAK;AAAA,QAChC,QAAA,EAAU,KAAK,OAAA,CAAQ,QAAA;AAAA,QACvB,EAAA,EAAI,KAAK,OAAA,CAAQ,EAAA;AAAA,QACjB,WAAA,EAAa,IAAA;AAAA,QACb,GAAA,EAAK,IAAA,CAAK,OAAA,CAAQ,GAAA,GAAM,EAAC,GAAI;AAAA,OAC9B,CAAA;AAAA,IACH;AACA,IAAA,OAAO,IAAA,CAAK,MAAA;AAAA,EACd;AAAA,EAEA,MAAM,OAAA,GAAyB;AAC7B,IAAA,MAAM,KAAK,QAAA,EAAS;AAAA,EACtB;AAAA,EAEA,MAAM,UAAA,GAA4B;AAChC,IAAA,MAAA,CAAO,MAAM,IAAA,CAAK,QAAA,EAAS,EAAG,IAAA,EAAK;AAAA,EACrC;AAAA,EAEQ,QAAQ,MAAA,EAAwB;AACtC,IAAA,OAAO,CAAA,EAAG,IAAA,CAAK,MAAM,CAAA,MAAA,EAAS,MAAM,CAAA,CAAA;AAAA,EACtC;AAAA,EAEQ,WAAW,SAAA,EAA2B;AAC5C,IAAA,OAAO,CAAA,EAAG,IAAA,CAAK,MAAM,CAAA,SAAA,EAAY,SAAS,CAAA,CAAA;AAAA,EAC5C;AAAA,EAEQ,WAAW,KAAA,EAAuB;AACxC,IAAA,OAAO,CAAA,EAAG,IAAA,CAAK,MAAM,CAAA,QAAA,EAAW,KAAK,CAAA,CAAA;AAAA,EACvC;AAAA,EAEQ,eAAe,KAAA,EAAuB;AAC5C,IAAA,OAAO,GAAG,IAAA,CAAK,MAAM,CAAA,YAAA,EAAe,KAAA,CAAM,aAAa,CAAA,CAAA;AAAA,EACzD;AAAA,EAEQ,mBAAmB,MAAA,EAAwB;AACjD,IAAA,OAAO,CAAA,EAAG,IAAA,CAAK,MAAM,CAAA,MAAA,EAAS,MAAM,CAAA,iBAAA,CAAA;AAAA,EACtC;AAAA,EAEA,MAAM,WAAW,IAAA,EAKK;AACpB,IAAA,MAAM,MAAA,GAASA,kBAAA,CAAY,EAAE,CAAA,CAAE,SAAS,KAAK,CAAA;AAC7C,IAAA,MAAM,GAAA,GAAA,iBAAM,IAAI,IAAA,EAAK,EAAE,WAAA,EAAY;AACnC,IAAA,MAAM,YAAA,GAAe,MAAM,IAAA,CAAK,YAAA,CAAa,KAAK,QAAQ,CAAA;AAE1D,IAAA,MAAM,IAAA,GAAiB;AAAA,MACrB,EAAA,EAAI,MAAA;AAAA,MACJ,KAAA,EAAO,IAAA,CAAK,KAAA,CAAM,WAAA,EAAY;AAAA,MAC9B,YAAA;AAAA,MACA,IAAA,EAAO,KAAK,IAAA,IAAQ,UAAA;AAAA,MACpB,UAAU,IAAA,CAAK,QAAA;AAAA,MACf,SAAA,EAAW,GAAA;AAAA,MACX,SAAA,EAAW;AAAA,KACb;AAEA,IAAA,MAAM,QAAA,GAAA,CAAY,MAAM,IAAA,CAAK,QAAA,IAAY,QAAA,EAAS;AAElD,IAAA,QAAA,CAAS,IAAA,CAAK,KAAK,OAAA,CAAQ,MAAM,GAAG,IAAA,CAAK,UAAA,CAAW,IAAI,CAAC,CAAA;AACzD,IAAA,QAAA,CAAS,IAAI,IAAA,CAAK,cAAA,CAAe,IAAA,CAAK,KAAK,GAAG,MAAM,CAAA;AAEpD,IAAA,MAAM,SAAS,IAAA,EAAK;AAEpB,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,gBAAgB,KAAA,EAAyC;AAC7D,IAAA,MAAM,MAAA,GAAS,MAAA,CACb,MAAM,IAAA,CAAK,QAAA,EAAS,EACpB,GAAA,CAAI,IAAA,CAAK,cAAA,CAAe,KAAA,CAAM,WAAA,EAAa,CAAC,CAAA;AAC9C,IAAA,IAAI,CAAC,QAAQ,OAAO,IAAA;AACpB,IAAA,OAAO,IAAA,CAAK,aAAa,MAAM,CAAA;AAAA,EACjC;AAAA,EAEA,MAAM,aAAa,MAAA,EAA0C;AAC3D,IAAA,MAAM,IAAA,GAAO,MAAA,CAAO,MAAM,IAAA,CAAK,QAAA,IAAY,OAAA,CAAQ,IAAA,CAAK,OAAA,CAAQ,MAAM,CAAC,CAAA;AACvE,IAAA,IAAI,CAAC,QAAQ,MAAA,CAAO,IAAA,CAAK,IAAI,CAAA,CAAE,MAAA,KAAW,GAAG,OAAO,IAAA;AACpD,IAAA,OAAO,IAAA,CAAK,WAAW,IAAI,CAAA;AAAA,EAC7B;AAAA,EAEA,MAAM,UAAA,CACJ,MAAA,EACA,IAAA,EAC0B;AAC1B,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,YAAA,CAAa,MAAM,CAAA;AAC/C,IAAA,IAAI,CAAC,UAAU,OAAO,IAAA;AAEtB,IAAA,MAAM,OAAA,GAAoB;AAAA,MACxB,GAAG,QAAA;AAAA,MACH,GAAG,IAAA;AAAA,MACH,EAAA,EAAI,MAAA;AAAA,MACJ,SAAA,EAAA,iBAAW,IAAI,IAAA,EAAK,EAAE,WAAA;AAAY,KACpC;AAEA,IAAA,IAAI,IAAA,CAAK,KAAA,IAAS,IAAA,CAAK,KAAA,KAAU,SAAS,KAAA,EAAO;AAC/C,MAAA,MAAM,QAAA,GAAA,CAAY,MAAM,IAAA,CAAK,QAAA,IAAY,QAAA,EAAS;AAClD,MAAA,QAAA,CAAS,GAAA,CAAI,IAAA,CAAK,cAAA,CAAe,QAAA,CAAS,KAAK,CAAC,CAAA;AAChD,MAAA,QAAA,CAAS,IAAI,IAAA,CAAK,cAAA,CAAe,IAAA,CAAK,KAAK,GAAG,MAAM,CAAA;AACpD,MAAA,MAAM,SAAS,IAAA,EAAK;AAAA,IACtB;AAEA,IAAA,MAAA,CACE,MAAM,IAAA,CAAK,QAAA,EAAS,EACpB,IAAA,CAAK,IAAA,CAAK,OAAA,CAAQ,MAAM,CAAA,EAAG,IAAA,CAAK,UAAA,CAAW,OAAO,CAAC,CAAA;AACrD,IAAA,OAAO,OAAA;AAAA,EACT;AAAA,EAEA,MAAM,WAAW,MAAA,EAAkC;AACjD,IAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,YAAA,CAAa,MAAM,CAAA;AAC3C,IAAA,IAAI,CAAC,MAAM,OAAO,KAAA;AAElB,IAAA,MAAM,QAAA,GAAA,CAAY,MAAM,IAAA,CAAK,QAAA,IAAY,QAAA,EAAS;AAClD,IAAA,QAAA,CAAS,GAAA,CAAI,IAAA,CAAK,OAAA,CAAQ,MAAM,CAAC,CAAA;AACjC,IAAA,QAAA,CAAS,GAAA,CAAI,IAAA,CAAK,cAAA,CAAe,IAAA,CAAK,KAAK,CAAC,CAAA;AAC5C,IAAA,QAAA,CAAS,GAAA,CAAI,IAAA,CAAK,kBAAA,CAAmB,MAAM,CAAC,CAAA;AAC5C,IAAA,MAAM,SAAS,IAAA,EAAK;AAEpB,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,aAAa,QAAA,EAAmC;AACpD,IAAA,OAAOC,uBAAA,CAAO,IAAA,CAAK,QAAA,EAAU,EAAE,CAAA;AAAA,EACjC;AAAA,EAEA,MAAM,cAAA,CACJ,KAAA,EACA,QAAA,EAC0B;AAC1B,IAAA,MAAM,MAAA,GAAS,MAAA,CACb,MAAM,IAAA,CAAK,QAAA,IACX,GAAA,CAAI,IAAA,CAAK,cAAA,CAAe,KAAK,CAAC,CAAA;AAChC,IAAA,IAAI,CAAC,QAAQ,OAAO,IAAA;AACpB,IAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,YAAA,CAAa,MAAM,CAAA;AAC3C,IAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,IAAA,CAAK,cAAc,OAAO,IAAA;AACxC,IAAA,MAAM,QAAQ,MAAMA,uBAAA,CAAO,OAAA,CAAQ,QAAA,EAAU,KAAK,YAAY,CAAA;AAC9D,IAAA,OAAO,QAAQ,IAAA,GAAO,IAAA;AAAA,EACxB;AAAA,EAEA,MAAM,aAAA,CACJ,MAAA,EACA,IAAA,GAGI,EAAC,EACa;AAClB,IAAA,MAAM,SAAA,GAAYD,kBAAA,CAAY,EAAE,CAAA,CAAE,SAAS,KAAK,CAAA;AAChD,IAAA,MAAM,KAAA,GAAQA,kBAAA,CAAY,EAAE,CAAA,CAAE,SAAS,WAAW,CAAA;AAClD,IAAA,MAAM,YAAA,GAAeA,kBAAA,CAAY,EAAE,CAAA,CAAE,SAAS,WAAW,CAAA;AACzD,IAAA,MAAM,GAAA,uBAAU,IAAA,EAAK;AAErB,IAAA,MAAM,OAAA,GAAmB;AAAA,MACvB,EAAA,EAAI,SAAA;AAAA,MACJ,MAAA;AAAA,MACA,KAAA;AAAA,MACA,YAAA;AAAA,MACA,WAAW,IAAI,IAAA;AAAA,QACb,GAAA,CAAI,OAAA,EAAQ,GAAI,IAAA,CAAK,eAAA,GAAkB;AAAA,QACvC,WAAA,EAAY;AAAA,MACd,SAAA,EAAW,IAAI,WAAA,EAAY;AAAA,MAC3B,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,WAAW,IAAA,CAAK;AAAA,KAClB;AAEA,IAAA,MAAM,QAAA,GAAA,CAAY,MAAM,IAAA,CAAK,QAAA,IAAY,QAAA,EAAS;AAElD,IAAA,QAAA,CAAS,IAAA,CAAK,KAAK,UAAA,CAAW,SAAS,GAAG,IAAA,CAAK,aAAA,CAAc,OAAO,CAAC,CAAA;AACrE,IAAA,QAAA,CAAS,KAAA;AAAA,MACP,IAAA,CAAK,WAAW,YAAY,CAAA;AAAA,MAC5B,IAAA,CAAK,iBAAA;AAAA,MACL;AAAA,KACF;AAEA,IAAA,MAAM,SAAS,IAAA,EAAK;AAEpB,IAAA,OAAO,OAAA;AAAA,EACT;AAAA,EAEA,MAAM,mBAAmB,KAAA,EAAwC;AAC/D,IAAA,MAAM,IAAA,GAAO,MAAA,CAAO,MAAM,IAAA,CAAK,QAAA,IAAY,OAAA,CAAQ,IAAA,CAAK,UAAA,CAAW,KAAK,CAAC,CAAA;AACzE,IAAA,IAAI,CAAC,QAAQ,MAAA,CAAO,IAAA,CAAK,IAAI,CAAA,CAAE,MAAA,KAAW,GAAG,OAAO,IAAA;AACpD,IAAA,OAAO,IAAA,CAAK,cAAc,IAAI,CAAA;AAAA,EAChC;AAAA,EAEA,MAAM,0BACJ,YAAA,EACyB;AACzB,IAAA,MAAM,SAAA,GAAY,MAAA,CAChB,MAAM,IAAA,CAAK,QAAA,IACX,GAAA,CAAI,IAAA,CAAK,UAAA,CAAW,YAAY,CAAC,CAAA;AACnC,IAAA,IAAI,CAAC,WAAW,OAAO,IAAA;AACvB,IAAA,MAAM,IAAA,GAAO,MAAA,CACX,MAAM,IAAA,CAAK,QAAA,IACX,OAAA,CAAQ,IAAA,CAAK,UAAA,CAAW,SAAS,CAAC,CAAA;AACpC,IAAA,IAAI,CAAC,QAAQ,MAAA,CAAO,IAAA,CAAK,IAAI,CAAA,CAAE,MAAA,KAAW,GAAG,OAAO,IAAA;AACpD,IAAA,OAAO,IAAA,CAAK,cAAc,IAAI,CAAA;AAAA,EAChC;AAAA,EAEA,MAAM,cAAc,SAAA,EAAqC;AACvD,IAAA,MAAM,OAAA,GAAU,MAAA,CACd,MAAM,IAAA,CAAK,QAAA,IACX,OAAA,CAAQ,IAAA,CAAK,UAAA,CAAW,SAAS,CAAC,CAAA;AACpC,IAAA,IAAI,CAAC,WAAW,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,MAAA,KAAW,GAAG,OAAO,KAAA;AAE1D,IAAA,MAAM,QAAA,GAAA,CAAY,MAAM,IAAA,CAAK,QAAA,IAAY,QAAA,EAAS;AAClD,IAAA,QAAA,CAAS,GAAA,CAAI,IAAA,CAAK,UAAA,CAAW,SAAS,CAAC,CAAA;AACvC,IAAA,IAAI,QAAQ,YAAA,EAAc;AACxB,MAAA,QAAA,CAAS,GAAA,CAAI,IAAA,CAAK,UAAA,CAAW,OAAA,CAAQ,YAAY,CAAC,CAAA;AAAA,IACpD;AACA,IAAA,MAAM,SAAS,IAAA,EAAK;AAEpB,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,mBAAmB,MAAA,EAAiC;AACxD,IAAA,MAAM,OAAA,GAAU,CAAA,EAAG,IAAA,CAAK,MAAM,CAAA,UAAA,CAAA;AAC9B,IAAA,IAAI,MAAA,GAAS,GAAA;AACb,IAAA,IAAI,OAAA,GAAU,CAAA;AAEd,IAAA,GAAG;AACD,MAAA,MAAM,CAAC,UAAA,EAAY,IAAI,CAAA,GAAI,OACzB,MAAM,IAAA,CAAK,QAAA,EAAS,EACpB,IAAA,CAAK,MAAA,EAAQ,OAAA,EAAS,OAAA,EAAS,SAAS,GAAG,CAAA;AAC7C,MAAA,MAAA,GAAS,UAAA;AAET,MAAA,KAAA,MAAW,OAAO,IAAA,EAAM;AACtB,QAAA,MAAM,cAAc,MAAA,CAAO,MAAM,KAAK,QAAA,EAAS,EAAG,QAAQ,GAAG,CAAA;AAC7D,QAAA,IAAI,WAAA,CAAY,WAAW,MAAA,EAAQ;AACjC,UAAA,MAAM,YAAY,GAAA,CAAI,OAAA,CAAQ,GAAG,IAAA,CAAK,MAAM,aAAa,EAAE,CAAA;AAC3D,UAAA,MAAM,IAAA,CAAK,cAAc,SAAS,CAAA;AAClC,UAAA,OAAA,EAAA;AAAA,QACF;AAAA,MACF;AAAA,IACF,SAAS,MAAA,KAAW,GAAA;AAEpB,IAAA,OAAO,OAAA;AAAA,EACT;AAAA,EAEA,MAAM,oBAAA,CACJ,MAAA,EACA,YAAA,EACe;AACf,IAAA,MAAA,CACE,MAAM,KAAK,QAAA,EAAS,EACpB,MAAM,IAAA,CAAK,kBAAA,CAAmB,MAAM,CAAA,EAAG,YAAY,CAAA;AACrD,IAAA,MAAA,CAAO,MAAM,IAAA,CAAK,QAAA,EAAS,EAAG,KAAA,CAAM,KAAK,kBAAA,CAAmB,MAAM,CAAA,EAAG,CAAA,EAAG,CAAC,CAAA;AAAA,EAC3E;AAAA,EAEA,MAAM,kBAAA,CACJ,MAAA,EACA,KAAA,GAAgB,CAAA,EACG;AACnB,IAAA,OAAA,CAAQ,MAAM,IAAA,CAAK,QAAA,EAAS,EAAG,MAAA;AAAA,MAC7B,IAAA,CAAK,mBAAmB,MAAM,CAAA;AAAA,MAC9B,CAAA;AAAA,MACA,KAAA,GAAQ;AAAA,KACV;AAAA,EACF;AAAA,EAEA,MAAM,mBAAA,CACJ,QAAA,EACA,MAAA,EACA,eAAuB,CAAA,EACL;AAClB,IAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,kBAAA,CAAmB,QAAQ,YAAY,CAAA;AAElE,IAAA,KAAA,MAAW,QAAQ,OAAA,EAAS;AAC1B,MAAA,IAAI,MAAMC,uBAAA,CAAO,OAAA,CAAQ,QAAA,EAAU,IAAI,CAAA,EAAG;AACxC,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF;AAEA,IAAA,OAAO,KAAA;AAAA,EACT;AAAA,EAEQ,WAAW,IAAA,EAAwC;AACzD,IAAA,MAAM,IAAA,GAA+B;AAAA,MACnC,IAAI,IAAA,CAAK,EAAA;AAAA,MACT,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,YAAA,EAAc,KAAK,YAAA,IAAgB,EAAA;AAAA,MACnC,MAAM,IAAA,CAAK,IAAA;AAAA,MACX,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,WAAW,IAAA,CAAK;AAAA,KAClB;AAEA,IAAA,IAAI,IAAA,CAAK,QAAA,EAAU,IAAA,CAAK,QAAA,GAAW,IAAA,CAAK,QAAA;AACxC,IAAA,IAAI,KAAK,aAAA,KAAkB,MAAA;AACzB,MAAA,IAAA,CAAK,aAAA,GAAgB,MAAA,CAAO,IAAA,CAAK,aAAa,CAAA;AAChD,IAAA,IAAI,KAAK,MAAA,KAAW,MAAA,OAAgB,MAAA,GAAS,MAAA,CAAO,KAAK,MAAM,CAAA;AAC/D,IAAA,IAAI,IAAA,CAAK,SAAA,EAAW,IAAA,CAAK,SAAA,GAAY,IAAA,CAAK,SAAA;AAC1C,IAAA,IAAI,KAAK,mBAAA,KAAwB,MAAA;AAC/B,MAAA,IAAA,CAAK,mBAAA,GAAsB,MAAA,CAAO,IAAA,CAAK,mBAAmB,CAAA;AAE5D,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEQ,WAAW,IAAA,EAAwC;AACzD,IAAA,OAAO;AAAA,MACL,IAAI,IAAA,CAAK,EAAA;AAAA,MACT,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,cAAc,IAAA,CAAK,YAAA;AAAA,MACnB,MAAM,IAAA,CAAK,IAAA;AAAA,MACX,UAAU,IAAA,CAAK,QAAA;AAAA,MACf,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,aAAA,EAAe,KAAK,aAAA,KAAkB,MAAA;AAAA,MACtC,MAAA,EAAQ,KAAK,MAAA,KAAW,MAAA;AAAA,MACxB,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,qBAAqB,IAAA,CAAK,mBAAA,GACtB,SAAS,IAAA,CAAK,mBAAA,EAAqB,EAAE,CAAA,GACrC;AAAA,KACN;AAAA,EACF;AAAA,EAEQ,cAAc,OAAA,EAA0C;AAC9D,IAAA,MAAM,IAAA,GAA+B;AAAA,MACnC,IAAI,OAAA,CAAQ,EAAA;AAAA,MACZ,QAAQ,OAAA,CAAQ,MAAA;AAAA,MAChB,OAAO,OAAA,CAAQ,KAAA;AAAA,MACf,WAAW,OAAA,CAAQ,SAAA;AAAA,MACnB,WAAW,OAAA,CAAQ;AAAA,KACrB;AAEA,IAAA,IAAI,OAAA,CAAQ,YAAA,EAAc,IAAA,CAAK,YAAA,GAAe,OAAA,CAAQ,YAAA;AACtD,IAAA,IAAI,OAAA,CAAQ,SAAA,EAAW,IAAA,CAAK,SAAA,GAAY,OAAA,CAAQ,SAAA;AAChD,IAAA,IAAI,OAAA,CAAQ,SAAA,EAAW,IAAA,CAAK,SAAA,GAAY,OAAA,CAAQ,SAAA;AAEhD,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEQ,cAAc,IAAA,EAAuC;AAC3D,IAAA,OAAO;AAAA,MACL,IAAI,IAAA,CAAK,EAAA;AAAA,MACT,QAAQ,IAAA,CAAK,MAAA;AAAA,MACb,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,cAAc,IAAA,CAAK,YAAA;AAAA,MACnB,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,WAAW,IAAA,CAAK;AAAA,KAClB;AAAA,EACF;AAAA,EAEQ,YAAY,EAAA,EAAoB;AACtC,IAAA,OAAO,CAAA,EAAG,IAAA,CAAK,MAAM,CAAA,WAAA,EAAc,EAAE,CAAA,CAAA;AAAA,EACvC;AAAA,EAEQ,gBAAA,GAA2B;AACjC,IAAA,OAAO,CAAA,EAAG,KAAK,MAAM,CAAA,WAAA,CAAA;AAAA,EACvB;AAAA,EAEA,MAAM,cAAc,MAAA,EAOwB;AAC1C,IAAA,MAAM,EAAE,KAAA,GAAQ,EAAA,EAAI,MAAA,GAAS,GAAE,GAAI,MAAA;AACnC,IAAA,MAAM,QAAA,GAAW,KAAK,gBAAA,EAAiB;AACvC,IAAA,MAAM,MAAA,GAAS,OAAO,MAAM,IAAA,CAAK,UAAS,EAAG,SAAA,CAAU,QAAA,EAAU,CAAA,EAAG,EAAE,CAAA;AACtE,IAAA,MAAM,QAAQ,MAAA,CAAO,MAAA;AAErB,IAAA,MAAM,QAAA,GAAW,MAAA,CAAO,KAAA,CAAM,MAAA,EAAQ,SAAS,KAAK,CAAA;AACpD,IAAA,MAAM,OAAc,EAAC;AAErB,IAAA,KAAA,MAAW,MAAM,QAAA,EAAU;AACzB,MAAA,MAAM,OAAA,GAAU,MAAA,CAAO,MAAM,IAAA,CAAK,QAAA,IAAY,GAAA,CAAI,IAAA,CAAK,WAAA,CAAY,EAAE,CAAC,CAAA;AACtE,MAAA,IAAI,OAAA,EAAS;AACX,QAAA,MAAM,GAAA,GAAM,IAAA,CAAK,KAAA,CAAM,OAAO,CAAA;AAC9B,QAAA,IAAA,CACG,CAAC,MAAA,CAAO,MAAA,IAAU,GAAA,CAAI,MAAA,KAAW,OAAO,MAAA,MACxC,CAAC,MAAA,CAAO,MAAA,KACN,MAAM,OAAA,CAAQ,MAAA,CAAO,MAAM,CAAA,GACxB,MAAA,CAAO,OAAO,QAAA,CAAS,GAAA,CAAI,MAAM,CAAA,GACjC,IAAI,MAAA,KAAW,MAAA,CAAO,MAAA,CAAA,CAAA,KAC3B,CAAC,OAAO,QAAA,IAAY,GAAA,CAAI,QAAA,KAAa,MAAA,CAAO,cAC5C,MAAA,CAAO,OAAA,KAAY,UAAa,GAAA,CAAI,OAAA,KAAY,OAAO,OAAA,CAAA,EACxD;AACA,UAAA,IAAA,CAAK,IAAA,CAAK,EAAE,GAAG,GAAA,EAAK,SAAA,EAAW,IAAI,IAAA,CAAK,GAAA,CAAI,SAAS,CAAA,EAAG,CAAA;AAAA,QAC1D;AAAA,MACF;AAAA,IACF;AAEA,IAAA,OAAO,EAAE,MAAM,KAAA,EAAM;AAAA,EACvB;AAAA,EAEA,MAAM,eAAe,IAAA,EAAyB;AAC5C,IAAA,MAAM,EAAA,GAAKD,kBAAA,CAAY,EAAE,CAAA,CAAE,SAAS,KAAK,CAAA;AACzC,IAAA,MAAM,SAAA,uBAAgB,IAAA,EAAK;AAC3B,IAAA,MAAM,GAAA,GAAM,EAAE,GAAG,IAAA,EAAM,IAAI,SAAA,EAAU;AACrC,IAAA,MAAA,CACE,MAAM,IAAA,CAAK,QAAA,EAAS,EACpB,GAAA,CAAI,IAAA,CAAK,WAAA,CAAY,EAAE,CAAA,EAAG,IAAA,CAAK,SAAA,CAAU,GAAG,CAAC,CAAA;AAC/C,IAAA,MAAA,CAAO,MAAM,IAAA,CAAK,QAAA,EAAS,EAAG,IAAA,CAAK,IAAA,CAAK,gBAAA,EAAiB,EAAG,IAAA,CAAK,GAAA,EAAI,EAAG,EAAE,CAAA;AAC1E,IAAA,MAAM,KAAA,GAAQ,OAAO,MAAM,IAAA,CAAK,UAAS,EAAG,KAAA,CAAM,IAAA,CAAK,gBAAA,EAAkB,CAAA;AACzE,IAAA,IAAI,QAAQ,GAAA,EAAO;AACjB,MAAA,MAAM,MAAA,GAAS,MAAA,CACb,MAAM,IAAA,CAAK,QAAA,EAAS,EACpB,MAAA,CAAO,IAAA,CAAK,gBAAA,EAAiB,EAAG,CAAA,EAAG,KAAA,GAAQ,KAAK,CAAA;AAClD,MAAA,KAAA,MAAW,SAAS,MAAA,EAAQ;AAC1B,QAAA,MAAA,CAAO,MAAM,KAAK,QAAA,EAAS,EAAG,IAAI,IAAA,CAAK,WAAA,CAAY,KAAK,CAAC,CAAA;AACzD,QAAA,MAAA,CAAO,MAAM,KAAK,QAAA,EAAS,EAAG,KAAK,IAAA,CAAK,gBAAA,IAAoB,KAAK,CAAA;AAAA,MACnE;AAAA,IACF;AACA,IAAA,OAAO,GAAA;AAAA,EACT;AACF","file":"chunk-H4XCAPA6.cjs","sourcesContent":["import type { Redis } from \"ioredis\";\nimport type { AuthAdapter, AuthUser, Session, UserRole } from \"./types.js\";\nimport bcrypt from \"bcryptjs\";\nimport { randomBytes } from \"crypto\";\n\nexport interface RedisAuthAdapterOptions {\n  url?: string;\n  host?: string;\n  port?: number;\n  password?: string;\n  db?: number;\n  keyPrefix?: string;\n  tokenExpiration?: number;\n  refreshTokenExpiration?: number;\n  tls?: boolean;\n}\n\nconst DEFAULT_PREFIX = \"kyro:auth:\";\nconst DEFAULT_TOKEN_EXPIRATION = 86400;\nconst DEFAULT_REFRESH_EXPIRATION = 604800;\n\nexport class RedisAuthAdapter implements AuthAdapter {\n  private _redis: Redis | null = null;\n  private prefix: string;\n  private tokenExpiration: number;\n  private refreshExpiration: number;\n  private options: RedisAuthAdapterOptions;\n\n  constructor(options: RedisAuthAdapterOptions = {}) {\n    this.options = options;\n    this.prefix = options.keyPrefix || DEFAULT_PREFIX;\n    this.tokenExpiration = options.tokenExpiration || DEFAULT_TOKEN_EXPIRATION;\n    this.refreshExpiration =\n      options.refreshTokenExpiration || DEFAULT_REFRESH_EXPIRATION;\n  }\n\n  private async getRedis(): Promise<Redis> {\n    if (!this._redis) {\n      const { Redis: RedisClass } = await import(\"ioredis\");\n      const url =\n        this.options.url ||\n        `redis://${this.options.host || \"localhost\"}:${this.options.port || 6379}`;\n      this._redis = new RedisClass(url, {\n        password: this.options.password,\n        db: this.options.db,\n        lazyConnect: true,\n        tls: this.options.tls ? {} : undefined,\n      });\n    }\n    return this._redis;\n  }\n\n  async connect(): Promise<void> {\n    await this.getRedis();\n  }\n\n  async disconnect(): Promise<void> {\n    await (await this.getRedis()).quit();\n  }\n\n  private userKey(userId: string): string {\n    return `${this.prefix}users:${userId}`;\n  }\n\n  private sessionKey(sessionId: string): string {\n    return `${this.prefix}sessions:${sessionId}`;\n  }\n\n  private refreshKey(token: string): string {\n    return `${this.prefix}refresh:${token}`;\n  }\n\n  private userByEmailKey(email: string): string {\n    return `${this.prefix}users:email:${email.toLowerCase()}`;\n  }\n\n  private passwordHistoryKey(userId: string): string {\n    return `${this.prefix}users:${userId}:password_history`;\n  }\n\n  async createUser(data: {\n    email: string;\n    password: string;\n    role?: UserRole;\n    tenantId?: string;\n  }): Promise<AuthUser> {\n    const userId = randomBytes(16).toString(\"hex\");\n    const now = new Date().toISOString();\n    const passwordHash = await this.hashPassword(data.password);\n\n    const user: AuthUser = {\n      id: userId,\n      email: data.email.toLowerCase(),\n      passwordHash,\n      role: (data.role || \"customer\") as UserRole,\n      tenantId: data.tenantId,\n      createdAt: now,\n      updatedAt: now,\n    };\n\n    const pipeline = (await this.getRedis()).pipeline();\n\n    pipeline.hset(this.userKey(userId), this.userToHash(user));\n    pipeline.set(this.userByEmailKey(data.email), userId);\n\n    await pipeline.exec();\n\n    return user;\n  }\n\n  async findUserByEmail(email: string): Promise<AuthUser | null> {\n    const userId = await (\n      await this.getRedis()\n    ).get(this.userByEmailKey(email.toLowerCase()));\n    if (!userId) return null;\n    return this.findUserById(userId);\n  }\n\n  async findUserById(userId: string): Promise<AuthUser | null> {\n    const data = await (await this.getRedis()).hgetall(this.userKey(userId));\n    if (!data || Object.keys(data).length === 0) return null;\n    return this.hashToUser(data);\n  }\n\n  async updateUser(\n    userId: string,\n    data: Partial<AuthUser>,\n  ): Promise<AuthUser | null> {\n    const existing = await this.findUserById(userId);\n    if (!existing) return null;\n\n    const updated: AuthUser = {\n      ...existing,\n      ...data,\n      id: userId,\n      updatedAt: new Date().toISOString(),\n    };\n\n    if (data.email && data.email !== existing.email) {\n      const pipeline = (await this.getRedis()).pipeline();\n      pipeline.del(this.userByEmailKey(existing.email));\n      pipeline.set(this.userByEmailKey(data.email), userId);\n      await pipeline.exec();\n    }\n\n    await (\n      await this.getRedis()\n    ).hset(this.userKey(userId), this.userToHash(updated));\n    return updated;\n  }\n\n  async deleteUser(userId: string): Promise<boolean> {\n    const user = await this.findUserById(userId);\n    if (!user) return false;\n\n    const pipeline = (await this.getRedis()).pipeline();\n    pipeline.del(this.userKey(userId));\n    pipeline.del(this.userByEmailKey(user.email));\n    pipeline.del(this.passwordHistoryKey(userId));\n    await pipeline.exec();\n\n    return true;\n  }\n\n  async hashPassword(password: string): Promise<string> {\n    return bcrypt.hash(password, 12);\n  }\n\n  async verifyPassword(\n    email: string,\n    password: string,\n  ): Promise<AuthUser | null> {\n    const userId = await (\n      await this.getRedis()\n    ).get(this.userByEmailKey(email));\n    if (!userId) return null;\n    const user = await this.findUserById(userId);\n    if (!user || !user.passwordHash) return null;\n    const valid = await bcrypt.compare(password, user.passwordHash);\n    return valid ? user : null;\n  }\n\n  async createSession(\n    userId: string,\n    data: {\n      ipAddress?: string;\n      userAgent?: string;\n    } = {},\n  ): Promise<Session> {\n    const sessionId = randomBytes(32).toString(\"hex\");\n    const token = randomBytes(32).toString(\"base64url\");\n    const refreshToken = randomBytes(32).toString(\"base64url\");\n    const now = new Date();\n\n    const session: Session = {\n      id: sessionId,\n      userId,\n      token,\n      refreshToken,\n      expiresAt: new Date(\n        now.getTime() + this.tokenExpiration * 1000,\n      ).toISOString(),\n      createdAt: now.toISOString(),\n      ipAddress: data.ipAddress,\n      userAgent: data.userAgent,\n    };\n\n    const pipeline = (await this.getRedis()).pipeline();\n\n    pipeline.hset(this.sessionKey(sessionId), this.sessionToHash(session));\n    pipeline.setex(\n      this.refreshKey(refreshToken),\n      this.refreshExpiration,\n      sessionId,\n    );\n\n    await pipeline.exec();\n\n    return session;\n  }\n\n  async findSessionByToken(token: string): Promise<Session | null> {\n    const data = await (await this.getRedis()).hgetall(this.sessionKey(token));\n    if (!data || Object.keys(data).length === 0) return null;\n    return this.hashToSession(data);\n  }\n\n  async findSessionByRefreshToken(\n    refreshToken: string,\n  ): Promise<Session | null> {\n    const sessionId = await (\n      await this.getRedis()\n    ).get(this.refreshKey(refreshToken));\n    if (!sessionId) return null;\n    const data = await (\n      await this.getRedis()\n    ).hgetall(this.sessionKey(sessionId));\n    if (!data || Object.keys(data).length === 0) return null;\n    return this.hashToSession(data);\n  }\n\n  async deleteSession(sessionId: string): Promise<boolean> {\n    const session = await (\n      await this.getRedis()\n    ).hgetall(this.sessionKey(sessionId));\n    if (!session || Object.keys(session).length === 0) return false;\n\n    const pipeline = (await this.getRedis()).pipeline();\n    pipeline.del(this.sessionKey(sessionId));\n    if (session.refreshToken) {\n      pipeline.del(this.refreshKey(session.refreshToken));\n    }\n    await pipeline.exec();\n\n    return true;\n  }\n\n  async deleteUserSessions(userId: string): Promise<number> {\n    const pattern = `${this.prefix}sessions:*`;\n    let cursor = \"0\";\n    let deleted = 0;\n\n    do {\n      const [nextCursor, keys] = await (\n        await this.getRedis()\n      ).scan(cursor, \"MATCH\", pattern, \"COUNT\", 100);\n      cursor = nextCursor;\n\n      for (const key of keys) {\n        const sessionData = await (await this.getRedis()).hgetall(key);\n        if (sessionData.userId === userId) {\n          const sessionId = key.replace(`${this.prefix}sessions:`, \"\");\n          await this.deleteSession(sessionId);\n          deleted++;\n        }\n      }\n    } while (cursor !== \"0\");\n\n    return deleted;\n  }\n\n  async addPasswordToHistory(\n    userId: string,\n    passwordHash: string,\n  ): Promise<void> {\n    await (\n      await this.getRedis()\n    ).lpush(this.passwordHistoryKey(userId), passwordHash);\n    await (await this.getRedis()).ltrim(this.passwordHistoryKey(userId), 0, 4);\n  }\n\n  async getPasswordHistory(\n    userId: string,\n    count: number = 5,\n  ): Promise<string[]> {\n    return (await this.getRedis()).lrange(\n      this.passwordHistoryKey(userId),\n      0,\n      count - 1,\n    );\n  }\n\n  async isPasswordInHistory(\n    password: string,\n    userId: string,\n    historyCount: number = 5,\n  ): Promise<boolean> {\n    const history = await this.getPasswordHistory(userId, historyCount);\n\n    for (const hash of history) {\n      if (await bcrypt.compare(password, hash)) {\n        return true;\n      }\n    }\n\n    return false;\n  }\n\n  private userToHash(user: AuthUser): Record<string, string> {\n    const hash: Record<string, string> = {\n      id: user.id,\n      email: user.email,\n      passwordHash: user.passwordHash || \"\",\n      role: user.role,\n      createdAt: user.createdAt,\n      updatedAt: user.updatedAt,\n    };\n\n    if (user.tenantId) hash.tenantId = user.tenantId;\n    if (user.emailVerified !== undefined)\n      hash.emailVerified = String(user.emailVerified);\n    if (user.locked !== undefined) hash.locked = String(user.locked);\n    if (user.lastLogin) hash.lastLogin = user.lastLogin;\n    if (user.failedLoginAttempts !== undefined)\n      hash.failedLoginAttempts = String(user.failedLoginAttempts);\n\n    return hash;\n  }\n\n  private hashToUser(hash: Record<string, string>): AuthUser {\n    return {\n      id: hash.id,\n      email: hash.email,\n      passwordHash: hash.passwordHash,\n      role: hash.role as UserRole,\n      tenantId: hash.tenantId,\n      createdAt: hash.createdAt,\n      updatedAt: hash.updatedAt,\n      emailVerified: hash.emailVerified === \"true\",\n      locked: hash.locked === \"true\",\n      lastLogin: hash.lastLogin,\n      failedLoginAttempts: hash.failedLoginAttempts\n        ? parseInt(hash.failedLoginAttempts, 10)\n        : 0,\n    };\n  }\n\n  private sessionToHash(session: Session): Record<string, string> {\n    const hash: Record<string, string> = {\n      id: session.id,\n      userId: session.userId,\n      token: session.token,\n      expiresAt: session.expiresAt,\n      createdAt: session.createdAt,\n    };\n\n    if (session.refreshToken) hash.refreshToken = session.refreshToken;\n    if (session.ipAddress) hash.ipAddress = session.ipAddress;\n    if (session.userAgent) hash.userAgent = session.userAgent;\n\n    return hash;\n  }\n\n  private hashToSession(hash: Record<string, string>): Session {\n    return {\n      id: hash.id,\n      userId: hash.userId,\n      token: hash.token,\n      refreshToken: hash.refreshToken,\n      expiresAt: hash.expiresAt,\n      createdAt: hash.createdAt,\n      ipAddress: hash.ipAddress,\n      userAgent: hash.userAgent,\n    };\n  }\n\n  private auditLogKey(id: string): string {\n    return `${this.prefix}audit:logs:${id}`;\n  }\n\n  private auditLogIndexKey(): string {\n    return `${this.prefix}audit:index`;\n  }\n\n  async findAuditLogs(filter: {\n    userId?: string;\n    action?: string | string[];\n    resource?: string;\n    success?: boolean;\n    limit?: number;\n    offset?: number;\n  }): Promise<{ logs: any[]; total: number }> {\n    const { limit = 50, offset = 0 } = filter;\n    const indexKey = this.auditLogIndexKey();\n    const allIds = await (await this.getRedis()).zrevrange(indexKey, 0, -1);\n    const total = allIds.length;\n\n    const pagedIds = allIds.slice(offset, offset + limit);\n    const logs: any[] = [];\n\n    for (const id of pagedIds) {\n      const logData = await (await this.getRedis()).get(this.auditLogKey(id));\n      if (logData) {\n        const log = JSON.parse(logData);\n        if (\n          (!filter.userId || log.userId === filter.userId) &&\n          (!filter.action ||\n            (Array.isArray(filter.action)\n              ? filter.action.includes(log.action)\n              : log.action === filter.action)) &&\n          (!filter.resource || log.resource === filter.resource) &&\n          (filter.success === undefined || log.success === filter.success)\n        ) {\n          logs.push({ ...log, timestamp: new Date(log.timestamp) });\n        }\n      }\n    }\n\n    return { logs, total };\n  }\n\n  async createAuditLog(data: any): Promise<any> {\n    const id = randomBytes(16).toString(\"hex\");\n    const timestamp = new Date();\n    const log = { ...data, id, timestamp };\n    await (\n      await this.getRedis()\n    ).set(this.auditLogKey(id), JSON.stringify(log));\n    await (await this.getRedis()).zadd(this.auditLogIndexKey(), Date.now(), id);\n    const count = await (await this.getRedis()).zcard(this.auditLogIndexKey());\n    if (count > 10000) {\n      const oldIds = await (\n        await this.getRedis()\n      ).zrange(this.auditLogIndexKey(), 0, count - 10001);\n      for (const oldId of oldIds) {\n        await (await this.getRedis()).del(this.auditLogKey(oldId));\n        await (await this.getRedis()).zrem(this.auditLogIndexKey(), oldId);\n      }\n    }\n    return log;\n  }\n}\n"]}

package/dist/{chunk-VIONYQ2K.cjs → chunk-IBG6V56E.cjs}

@@ -2,33 +2,6 @@
 
 var crypto = require('crypto');
 
-// src/access/types.ts
-async function evaluateAccess(access, args) {
-  if (typeof access === "boolean") {
-    return access;
-  }
-  if (typeof access === "function") {
-    return await access(args);
-  }
-  return true;
-}
-function mergeWhereClauses(...whereClauses) {
-  const result = {};
-  for (const clause of whereClauses) {
-    if (clause && typeof clause === "object") {
-      Object.assign(result, clause);
-    }
-  }
-  return result;
-}
-function getWhereClause(access, args) {
-  return evaluateAccess(access, args).then((result) => {
-    if (result === true) return void 0;
-    if (result === false) return { _id: { $eq: null } };
-    return result;
-  });
-}
-
 // src/webhooks/types.ts
 var WEBHOOK_EVENTS = {
   COLLECTION_CREATE: "collection.create",
@@ -493,8 +466,20 @@ function hasApiKeyPermission(permissions, required) {
   if (permissions.includes(`${resource}:*`)) return true;
   return false;
 }
+function generateApiKey() {
+  const chars = "abcdefghijklmnopqrstuvwxyz0123456789";
+  let suffix = "";
+  for (let i = 0; i < 32; i++) {
+    suffix += chars[Math.floor(Math.random() * chars.length)];
+  }
+  return `kyro_${suffix}`;
+}
+function generateApiKeyPrefix(key) {
+  return key.substring(0, 8);
+}
 
 exports.ALL_WEBHOOK_EVENTS = ALL_WEBHOOK_EVENTS;
+exports.API_KEY_COLLECTION = API_KEY_COLLECTION;
 exports.WEBHOOK_COLLECTION = WEBHOOK_COLLECTION;
 exports.WEBHOOK_DELIVERY_COLLECTION = WEBHOOK_DELIVERY_COLLECTION;
 exports.WEBHOOK_EVENTS = WEBHOOK_EVENTS;
@@ -505,13 +490,12 @@ exports.createTestPayload = createTestPayload;
 exports.createWebhookService = createWebhookService;
 exports.deliverWebhook = deliverWebhook;
 exports.deliverWithRetry = deliverWithRetry;
-exports.evaluateAccess = evaluateAccess;
 exports.extractApiKeyFromRequest = extractApiKeyFromRequest;
+exports.generateApiKey = generateApiKey;
+exports.generateApiKeyPrefix = generateApiKeyPrefix;
 exports.generateWebhookSecret = generateWebhookSecret;
-exports.getWhereClause = getWhereClause;
 exports.hasApiKeyPermission = hasApiKeyPermission;
-exports.mergeWhereClauses = mergeWhereClauses;
 exports.signPayload = signPayload;
 exports.validateApiKey = validateApiKey;
-//# sourceMappingURL=chunk-VIONYQ2K.cjs.map
-//# sourceMappingURL=chunk-VIONYQ2K.cjs.map
+//# sourceMappingURL=chunk-IBG6V56E.cjs.map
+//# sourceMappingURL=chunk-IBG6V56E.cjs.map

package/dist/chunk-IBG6V56E.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/webhooks/types.ts","../src/webhooks/delivery.ts","../src/webhooks/WebhookService.ts","../src/auth/api-key.ts"],"names":["createHmac","randomBytes","randomUUID","timingSafeEqual"],"mappings":";;;;;AAAO,IAAM,cAAA,GAAiB;AAAA,EAC5B,iBAAA,EAAmB,mBAAA;AAAA,EACnB,iBAAA,EAAmB,mBAAA;AAAA,EACnB,iBAAA,EAAmB,mBAAA;AAAA,EACnB,YAAA,EAAc,cAAA;AAAA,EACd,YAAA,EAAc,cAAA;AAAA,EACd,UAAA,EAAY,YAAA;AAAA,EACZ,aAAA,EAAe,eAAA;AAAA,EACf,WAAA,EAAa,aAAA;AAAA,EACb,aAAA,EAAe,eAAA;AAAA,EACf,UAAA,EAAY,YAAA;AAAA,EACZ,aAAA,EAAe,eAAA;AAAA,EACf,eAAA,EAAiB;AACnB;AAIO,IAAM,kBAAA,GAAqC,MAAA,CAAO,MAAA,CAAO,cAAc;AA+EvE,IAAM,kBAAA,GAAqB;AAC3B,IAAM,2BAAA,GAA8B;ACxEpC,SAAS,WAAA,CAAY,SAAiB,MAAA,EAAwB;AACnE,EAAA,OAAO,CAAA,OAAA,EAAUA,iBAAA,CAAW,QAAA,EAAU,MAAM,CAAA,CAAE,OAAO,OAAO,CAAA,CAAE,MAAA,CAAO,KAAK,CAAC,CAAA,CAAA;AAC7E;AAEO,SAAS,qBAAA,GAAgC;AAC9C,EAAA,OAAOC,kBAAA,CAAY,EAAE,CAAA,CAAE,QAAA,CAAS,KAAK,CAAA;AACvC;AAEA,eAAsB,cAAA,CACpB,OAAA,EACA,OAAA,EACA,OAAA,GAA2B,EAAC,EACH;AACzB,EAAA,MAAM,OAAA,GAAU,QAAQ,OAAA,IAAW,GAAA;AACnC,EAAA,MAAM,SAAA,GAAY,KAAK,GAAA,EAAI;AAE3B,EAAA,MAAM,IAAA,GAAO,IAAA,CAAK,SAAA,CAAU,OAAO,CAAA;AAEnC,EAAA,MAAM,OAAA,GAAkC;AAAA,IACtC,cAAA,EAAgB,kBAAA;AAAA,IAChB,YAAA,EAAc,sBAAA;AAAA,IACd,mBAAmB,OAAA,CAAQ,KAAA;AAAA,IAC3B,sBAAsB,OAAA,CAAQ,EAAA;AAAA,IAC9B,uBAAuB,OAAA,CAAQ,SAAA;AAAA,IAC/B,GAAI,OAAA,CAAQ,OAAA,IAAW;AAAC,GAC1B;AAEA,EAAA,IAAI,QAAQ,MAAA,EAAQ;AAClB,IAAA,MAAM,SAAA,GAAY,WAAA,CAAY,IAAA,EAAM,OAAA,CAAQ,MAAM,CAAA;AAClD,IAAA,OAAA,CAAQ,qBAAqB,CAAA,GAAI,SAAA;AAAA,EACnC;AAEA,EAAA,MAAM,UAAA,GAAa,IAAI,eAAA,EAAgB;AACvC,EAAA,MAAM,YAAY,UAAA,CAAW,MAAM,UAAA,CAAW,KAAA,IAAS,OAAO,CAAA;AAE9D,EAAA,IAAI;AACF,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,OAAA,CAAQ,GAAA,EAAK;AAAA,MACxC,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA;AAAA,MACA,IAAA;AAAA,MACA,QAAQ,UAAA,CAAW;AAAA,KACpB,CAAA;AAED,IAAA,YAAA,CAAa,SAAS,CAAA;AAEtB,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,GAAA,EAAI,GAAI,SAAA;AAC9B,IAAA,IAAI,YAAA;AAEJ,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,IAAA,EAAK;AACjC,MAAA,YAAA,GAAe,IAAA,CAAK,KAAA,CAAM,CAAA,EAAG,GAAI,CAAA;AAAA,IACnC,CAAA,CAAA,MAAQ;AAAA,IAAC;AAET,IAAA,MAAM,MAAA,GAAyB;AAAA,MAC7B,SAAS,QAAA,CAAS,EAAA;AAAA,MAClB,QAAQ,QAAA,CAAS,MAAA;AAAA,MACjB,YAAY,QAAA,CAAS,UAAA;AAAA,MACrB,IAAA,EAAM,YAAA;AAAA,MACN;AAAA,KACF;AAEA,IAAA,IAAI,MAAA,CAAO,OAAA,IAAW,OAAA,CAAQ,SAAA,EAAW;AACvC,MAAA,OAAA,CAAQ,UAAU,MAAM,CAAA;AAAA,IAC1B,CAAA,MAAA,IAAW,CAAC,MAAA,CAAO,OAAA,IAAW,QAAQ,SAAA,EAAW;AAC/C,MAAA,OAAA,CAAQ,UAAU,CAAA,KAAA,EAAQ,QAAA,CAAS,MAAM,CAAA,EAAA,EAAK,QAAA,CAAS,UAAU,CAAA,CAAE,CAAA;AAAA,IACrE;AAEA,IAAA,OAAO,MAAA;AAAA,EACT,SAAS,KAAA,EAAY;AACnB,IAAA,YAAA,CAAa,SAAS,CAAA;AACtB,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,GAAA,EAAI,GAAI,SAAA;AAC9B,IAAA,MAAM,YAAA,GACJ,MAAM,IAAA,KAAS,YAAA,GACX,2BAA2B,OAAO,CAAA,EAAA,CAAA,GAClC,MAAM,OAAA,IAAW,eAAA;AAEvB,IAAA,IAAI,QAAQ,SAAA,EAAW;AACrB,MAAA,OAAA,CAAQ,UAAU,YAAY,CAAA;AAAA,IAChC;AAEA,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,KAAA;AAAA,MACT,MAAA,EAAQ,CAAA;AAAA,MACR,QAAA;AAAA,MACA,KAAA,EAAO;AAAA,KACT;AAAA,EACF;AACF;AAEA,eAAsB,iBACpB,OAAA,EACA,OAAA,EACA,UAAA,EACA,OAAA,GAA2B,EAAC,EACH;AACzB,EAAA,MAAM,UAAA,GAAa,QAAQ,UAAA,IAAc,CAAA;AACzC,EAAA,MAAM,SAAA,GAAY,QAAQ,UAAA,IAAc,GAAA;AACxC,EAAA,IAAI,UAAA,GAAoC,IAAA;AAExC,EAAA,KAAA,IAAS,OAAA,GAAU,CAAA,EAAG,OAAA,IAAW,UAAA,EAAY,OAAA,EAAA,EAAW;AACtD,IAAA,IAAI,UAAU,CAAA,EAAG;AACf,MAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,GAAA,CAAI,SAAA,GAAY,IAAA,CAAK,IAAI,CAAA,EAAG,OAAA,GAAU,CAAC,CAAA,EAAG,GAAK,CAAA;AAClE,MAAA,IAAI,QAAQ,OAAA,EAAS;AACnB,QAAA,OAAA,CAAQ,OAAA,CAAQ,OAAA,EAAS,CAAA,YAAA,EAAe,KAAK,CAAA,KAAA,CAAO,CAAA;AAAA,MACtD;AACA,MAAA,MAAM,MAAM,KAAK,CAAA;AAAA,IACnB;AAEA,IAAA,IAAI,OAAA,CAAQ,OAAA,IAAW,OAAA,GAAU,CAAA,EAAG;AAClC,MAAA,OAAA,CAAQ,OAAA,CAAQ,SAAS,CAAA,QAAA,EAAW,OAAA,GAAU,CAAC,CAAA,CAAA,EAAI,UAAA,GAAa,CAAC,CAAA,CAAE,CAAA;AAAA,IACrE;AAEA,IAAA,UAAA,GAAa,MAAM,cAAA,CAAe,OAAA,EAAS,OAAA,EAAS;AAAA,MAClD,GAAG,OAAA;AAAA,MACH,OAAA,EAAS,MAAA;AAAA,MACT,SAAA,EAAW,MAAA;AAAA,MACX,SAAA,EAAW;AAAA,KACZ,CAAA;AAED,IAAA,IAAI,WAAW,OAAA,EAAS;AACtB,MAAA,OAAO,UAAA;AAAA,IACT;AAEA,IAAA,IAAI,WAAW,KAAA,EAAO,QAAA,CAAS,WAAW,CAAA,IAAK,UAAU,UAAA,EAAY;AACnE,MAAA;AAAA,IACF;AAEA,IAAA,IAAI,UAAA,CAAW,MAAA,IAAU,GAAA,IAAO,UAAA,CAAW,SAAS,GAAA,EAAK;AACvD,MAAA,OAAO,UAAA;AAAA,IACT;AAAA,EACF;AAEA,EAAA,OACE,UAAA,IAAc;AAAA,IACZ,OAAA,EAAS,KAAA;AAAA,IACT,MAAA,EAAQ,CAAA;AAAA,IACR,QAAA,EAAU,CAAA;AAAA,IACV,KAAA,EAAO;AAAA,GACT;AAEJ;AAEO,SAAS,oBACd,UAAA,EACA,SAAA,EACA,KAAA,EACA,OAAA,EACA,SACA,MAAA,EACiB;AACjB,EAAA,OAAO;AAAA,IACL,EAAA,EAAI,UAAA;AAAA,IACJ,SAAA;AAAA,IACA,KAAA;AAAA,IACA,OAAA;AAAA,IACA,OAAA;AAAA,IACA,MAAA,EAAQ,MAAA,CAAO,OAAA,GAAU,SAAA,GAAY,QAAA;AAAA,IACrC,cAAA,EAAgB,OAAO,MAAA,IAAU,MAAA;AAAA,IACjC,cAAc,MAAA,CAAO,IAAA;AAAA,IACrB,UAAU,MAAA,CAAO,QAAA;AAAA,IACjB,OAAO,MAAA,CAAO,KAAA;AAAA,IACd,SAAA,EAAA,iBAAW,IAAI,IAAA,EAAK,EAAE,WAAA,EAAY;AAAA,IAClC,aAAa,MAAA,CAAO,OAAA,GAAA,qBAAc,IAAA,EAAK,EAAE,aAAY,GAAI;AAAA,GAC3D;AACF;AAEA,SAAS,MAAM,EAAA,EAA2B;AACxC,EAAA,OAAO,IAAI,OAAA,CAAQ,CAAC,YAAY,UAAA,CAAW,OAAA,EAAS,EAAE,CAAC,CAAA;AACzD;AAEO,SAAS,iBAAA,GAAoC;AAClD,EAAA,OAAO;AAAA,IACL,EAAA,EAAI,CAAA,KAAA,EAAQ,IAAA,CAAK,GAAA,EAAK,CAAA,CAAA;AAAA,IACtB,KAAA,EAAO,mBAAA;AAAA,IACP,SAAA,EAAA,iBAAW,IAAI,IAAA,EAAK,EAAE,WAAA,EAAY;AAAA,IAClC,UAAA,EAAY,MAAA;AAAA,IACZ,SAAA,EAAW,QAAA;AAAA,IACX,IAAA,EAAM,EAAE,OAAA,EAAS,iCAAA,EAAkC;AAAA,IACnD,MAAM,EAAE,EAAA,EAAI,UAAU,KAAA,EAAO,iBAAA,EAAmB,MAAM,aAAA;AAAc,GACtE;AACF;AC1LO,IAAM,iBAAN,MAAqB;AAAA,EAClB,EAAA;AAAA,EAER,YAAY,EAAA,EAAiB;AAC3B,IAAA,IAAA,CAAK,EAAA,GAAK,EAAA;AAAA,EACZ;AAAA,EAEA,MAAM,YAAY,OAAA,EAGW;AAC3B,IAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,EAAA,CAAG,IAAA,CAAK;AAAA,MAChC,UAAA,EAAY,kBAAA;AAAA,MACZ,KAAA,EAAO,OAAA,EAAS,MAAA,GAAS,EAAE,MAAA,EAAQ,EAAE,MAAA,EAAQ,OAAA,CAAQ,MAAA,EAAO,EAAE,GAAI,EAAC;AAAA,MACnE,KAAA,EAAO,GAAA;AAAA,MACP,IAAA,EAAM;AAAA,KACP,CAAA;AAED,IAAA,MAAM,WAAW,MAAA,CAAO,IAAA;AAExB,IAAA,IAAI,SAAS,KAAA,EAAO;AAClB,MAAA,OAAO,QAAA,CAAS,MAAA;AAAA,QAAO,CAAC,CAAA,KACtB,CAAA,CAAE,MAAA,CAAO,QAAA,CAAS,QAAQ,KAAqB;AAAA,OACjD;AAAA,IACF;AAEA,IAAA,OAAO,QAAA;AAAA,EACT;AAAA,EAEA,MAAM,eAAe,EAAA,EAA2C;AAC9D,IAAA,OAAO,IAAA,CAAK,GAAG,QAAA,CAAS;AAAA,MACtB,UAAA,EAAY,kBAAA;AAAA,MACZ;AAAA,KACD,CAAA;AAAA,EACH;AAAA,EAEA,MAAM,cAAc,IAAA,EAAiD;AACnE,IAAA,MAAM,GAAA,GAAA,iBAAM,IAAI,IAAA,EAAK,EAAE,WAAA,EAAY;AACnC,IAAA,MAAM,MAAA,GAAS,IAAA,CAAK,MAAA,IAAU,qBAAA,EAAsB;AAEpD,IAAA,MAAM,OAAA,GAAU;AAAA,MACd,IAAIC,iBAAA,EAAW;AAAA,MACf,MAAM,IAAA,CAAK,IAAA;AAAA,MACX,KAAK,IAAA,CAAK,GAAA;AAAA,MACV,QAAQ,IAAA,CAAK,MAAA;AAAA,MACb,MAAA,EAAQ,KAAK,MAAA,IAAU,QAAA;AAAA,MACvB,MAAA;AAAA,MACA,OAAA,EAAS,IAAA,CAAK,OAAA,IAAW,EAAC;AAAA,MAC1B,SAAA,EAAW,GAAA;AAAA,MACX,SAAA,EAAW;AAAA,KACb;AAEA,IAAA,MAAM,IAAA,CAAK,GAAG,MAAA,CAAO;AAAA,MACnB,UAAA,EAAY,kBAAA;AAAA,MACZ,IAAA,EAAM;AAAA,KACP,CAAA;AAED,IAAA,OAAO,OAAA;AAAA,EACT;AAAA,EAEA,MAAM,aAAA,CACJ,EAAA,EACA,IAAA,EAC+B;AAC/B,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,cAAA,CAAe,EAAE,CAAA;AAC7C,IAAA,IAAI,CAAC,UAAU,OAAO,IAAA;AAEtB,IAAA,MAAM,OAAA,GAAU;AAAA,MACd,GAAG,QAAA;AAAA,MACH,GAAG,IAAA;AAAA,MACH,SAAA,EAAA,iBAAW,IAAI,IAAA,EAAK,EAAE,WAAA;AAAY,KACpC;AAEA,IAAA,IAAI,IAAA,CAAK,MAAA,KAAW,EAAA,IAAM,QAAA,IAAY,IAAA,EAAM;AAC1C,MAAA,OAAO,OAAA,CAAQ,MAAA;AAAA,IACjB;AAEA,IAAA,MAAM,IAAA,CAAK,GAAG,MAAA,CAAO;AAAA,MACnB,UAAA,EAAY,kBAAA;AAAA,MACZ,EAAA;AAAA,MACA,IAAA,EAAM;AAAA,KACP,CAAA;AAED,IAAA,OAAO,OAAA;AAAA,EACT;AAAA,EAEA,MAAM,cAAc,EAAA,EAA2B;AAC7C,IAAA,MAAM,IAAA,CAAK,GAAG,MAAA,CAAO;AAAA,MACnB,UAAA,EAAY,kBAAA;AAAA,MACZ;AAAA,KACD,CAAA;AAAA,EACH;AAAA,EAEA,MAAM,OAAA,CACJ,KAAA,EACA,WAAA,EACiC;AACjC,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,WAAA,EAAY;AACxC,IAAA,MAAM,iBAAiB,QAAA,CAAS,MAAA,CAAO,CAAC,CAAA,KAAM,CAAA,CAAE,WAAW,QAAQ,CAAA;AAEnE,IAAA,MAAM,mBAAmB,cAAA,CAAe,MAAA;AAAA,MAAO,CAAC,CAAA,KAC9C,CAAA,CAAE,MAAA,CAAO,SAAS,KAAK;AAAA,KACzB;AAEA,IAAA,IAAI,gBAAA,CAAiB,WAAW,CAAA,EAAG;AACjC,MAAA,OAAO,EAAC;AAAA,IACV;AAEA,IAAA,MAAM,OAAA,GAA0B;AAAA,MAC9B,EAAA,EAAI,CAAA,GAAA,EAAM,IAAA,CAAK,GAAA,EAAK,CAAA,CAAA,EAAIA,iBAAA,EAAW,CAAE,KAAA,CAAM,CAAA,EAAG,CAAC,CAAC,CAAA,CAAA;AAAA,MAChD,KAAA;AAAA,MACA,SAAA,EAAA,iBAAW,IAAI,IAAA,EAAK,EAAE,WAAA,EAAY;AAAA,MAClC,GAAG;AAAA,KACL;AAEA,IAAA,MAAM,UAAkC,EAAC;AAEzC,IAAA,KAAA,MAAW,WAAW,gBAAA,EAAkB;AACtC,MAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,cAAA,CAAe,SAAS,OAAO,CAAA;AACzD,MAAA,OAAA,CAAQ,KAAK,MAAM,CAAA;AAAA,IACrB;AAEA,IAAA,OAAO,OAAA;AAAA,EACT;AAAA,EAEA,MAAM,cAAA,CACJ,OAAA,EACA,OAAA,EAC+B;AAC/B,IAAA,MAAM,UAAA,GAAa,CAAA,IAAA,EAAO,IAAA,CAAK,GAAA,EAAK,CAAA,CAAA,EAAIA,iBAAA,EAAW,CAAE,KAAA,CAAM,CAAA,EAAG,CAAC,CAAC,CAAA,CAAA;AAEhE,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,MAAM,gBAAA,CAAiB,OAAA,EAAS,SAAS,UAAA,EAAY;AAAA,QAClE,UAAA,EAAY,CAAA;AAAA,QACZ,UAAA,EAAY;AAAA,OACb,CAAA;AAED,MAAA,MAAM,cAAA,GAAiB,mBAAA;AAAA,QACrB,UAAA;AAAA,QACA,OAAA,CAAQ,EAAA;AAAA,QACR,OAAA,CAAQ,OAAO,CAAC,CAAA;AAAA,QAChB,OAAA;AAAA,QACA,CAAA;AAAA,QACA;AAAA,OACF;AAEA,MAAA,IAAI;AACF,QAAA,MAAM,IAAA,CAAK,GAAG,MAAA,CAAO;AAAA,UACnB,UAAA,EAAY,2BAAA;AAAA,UACZ,IAAA,EAAM;AAAA,SACP,CAAA;AAAA,MACH,CAAA,CAAA,MAAQ;AACN,QAAA,OAAA,CAAQ,IAAA;AAAA,UACN,kDAAA;AAAA,UACA;AAAA,SACF;AAAA,MACF;AAEA,MAAA,IAAI,CAAC,OAAO,OAAA,EAAS;AACnB,QAAA,MAAM,IAAA,CAAK,aAAA,CAAc,OAAA,CAAQ,EAAA,EAAI;AAAA,UACnC,MAAA,EAAQ,OAAA;AAAA,UACR,WAAW,MAAA,CAAO;AAAA,SACnB,CAAA,CAAE,KAAA,CAAM,MAAM;AAAA,QAAC,CAAC,CAAA;AAAA,MACnB,CAAA,MAAO;AACL,QAAA,MAAM,IAAA,CAAK,aAAA,CAAc,OAAA,CAAQ,EAAA,EAAI;AAAA,UACnC,MAAA,EAAQ,QAAA;AAAA,UACR,aAAA,EAAA,iBAAe,IAAI,IAAA,EAAK,EAAE,WAAA;AAAY,SACvC,CAAA,CAAE,KAAA,CAAM,MAAM;AAAA,QAAC,CAAC,CAAA;AAAA,MACnB;AAEA,MAAA,OAAO;AAAA,QACL,UAAA;AAAA,QACA,WAAW,OAAA,CAAQ,EAAA;AAAA,QACnB,KAAA,EAAO,OAAA,CAAQ,MAAA,CAAO,CAAC,CAAA;AAAA,QACvB,MAAA,EAAQ,MAAA,CAAO,OAAA,GAAU,SAAA,GAAY,QAAA;AAAA,QACrC,gBAAgB,MAAA,CAAO,MAAA;AAAA,QACvB,UAAU,MAAA,CAAO,QAAA;AAAA,QACjB,OAAO,MAAA,CAAO;AAAA,OAChB;AAAA,IACF,SAAS,KAAA,EAAY;AACnB,MAAA,OAAO;AAAA,QACL,UAAA;AAAA,QACA,WAAW,OAAA,CAAQ,EAAA;AAAA,QACnB,KAAA,EAAO,OAAA,CAAQ,MAAA,CAAO,CAAC,CAAA;AAAA,QACvB,MAAA,EAAQ,QAAA;AAAA,QACR,OAAO,KAAA,CAAM;AAAA,OACf;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,YAAY,SAAA,EAAyD;AACzE,IAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,cAAA,CAAe,SAAS,CAAA;AACnD,IAAA,IAAI,CAAC,SAAS,OAAO,IAAA;AAErB,IAAA,MAAM,OAAA,GAA0B;AAAA,MAC9B,EAAA,EAAI,CAAA,KAAA,EAAQ,IAAA,CAAK,GAAA,EAAK,CAAA,CAAA;AAAA,MACtB,KAAA,EAAO,OAAA,CAAQ,MAAA,CAAO,CAAC,CAAA,IAAK,mBAAA;AAAA,MAC5B,SAAA,EAAA,iBAAW,IAAI,IAAA,EAAK,EAAE,WAAA,EAAY;AAAA,MAClC,UAAA,EAAY,MAAA;AAAA,MACZ,SAAA,EAAW,QAAA;AAAA,MACX,IAAA,EAAM,EAAE,OAAA,EAAS,+CAAA,EAAgD;AAAA,MACjE,IAAA,EAAM;AAAA,QACJ,EAAA,EAAI,QAAA;AAAA,QACJ,KAAA,EAAO,iBAAA;AAAA,QACP,IAAA,EAAM;AAAA;AACR,KACF;AAEA,IAAA,OAAO,IAAA,CAAK,cAAA,CAAe,OAAA,EAAS,OAAO,CAAA;AAAA,EAC7C;AAAA,EAEA,MAAM,kBAAA,CACJ,SAAA,EACA,KAAA,GAAgB,EAAA,EACY;AAC5B,IAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,EAAA,CAAG,IAAA,CAAK;AAAA,MAChC,UAAA,EAAY,2BAAA;AAAA,MACZ,OAAO,EAAE,SAAA,EAAW,EAAE,MAAA,EAAQ,WAAU,EAAE;AAAA,MAC1C,IAAA,EAAM,YAAA;AAAA,MACN,KAAA;AAAA,MACA,IAAA,EAAM;AAAA,KACP,CAAA;AAED,IAAA,OAAO,MAAA,CAAO,IAAA;AAAA,EAChB;AAAA,EAEA,MAAM,cACJ,UAAA,EACsC;AACtC,IAAA,MAAM,QAAA,GAAY,MAAM,IAAA,CAAK,EAAA,CAAG,QAAA,CAAS;AAAA,MACvC,UAAA,EAAY,2BAAA;AAAA,MACZ,EAAA,EAAI;AAAA,KACL,CAAA;AAED,IAAA,IAAI,CAAC,UAAU,OAAO,IAAA;AAEtB,IAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,cAAA,CAAe,SAAS,SAAS,CAAA;AAC5D,IAAA,IAAI,CAAC,SAAS,OAAO,IAAA;AAErB,IAAA,OAAO,IAAA,CAAK,cAAA,CAAe,OAAA,EAAS,QAAA,CAAS,OAAO,CAAA;AAAA,EACtD;AACF;AAEO,SAAS,qBAAqB,EAAA,EAAiC;AACpE,EAAA,OAAO,IAAI,eAAe,EAAE,CAAA;AAC9B;ACpOO,IAAM,kBAAA,GAAqB;AAElC,SAAS,kBAAkB,GAAA,EAAqB;AAC9C,EAAA,OAAO,GAAA,CAAI,SAAA,CAAU,CAAA,EAAG,CAAC,CAAA;AAC3B;AAEA,SAAS,mBAAA,CAAoB,GAAW,CAAA,EAAoB;AAC1D,EAAA,IAAI,CAAA,CAAE,MAAA,KAAW,CAAA,CAAE,MAAA,EAAQ;AACzB,IAAA,OAAO,KAAA;AAAA,EACT;AACA,EAAA,IAAI;AACF,IAAA,OAAOC,sBAAA,CAAgB,OAAO,IAAA,CAAK,CAAC,GAAG,MAAA,CAAO,IAAA,CAAK,CAAC,CAAC,CAAA;AAAA,EACvD,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AAEA,eAAsB,cAAA,CACpB,MAAA,EACA,EAAA,EACA,UAAA,EACiC;AACjC,EAAA,IAAI,CAAC,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,EAAU;AACzC,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,qBAAA,EAAsB;AAAA,EACtD;AAEA,EAAA,IAAI,CAAC,MAAA,CAAO,UAAA,CAAW,OAAO,CAAA,EAAG;AAC/B,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,wBAAA,EAAyB;AAAA,EACzD;AAEA,EAAA,MAAM,SAAA,GAAY,kBAAkB,MAAM,CAAA;AAE1C,EAAA,IAAI;AACF,IAAA,MAAM,MAAA,GAAS,MAAM,EAAA,CAAG,IAAA,CAAK;AAAA,MAC3B,UAAA,EAAY,kBAAA;AAAA,MACZ,OAAO,EAAE,SAAA,EAAW,EAAE,MAAA,EAAQ,WAAU,EAAE;AAAA,MAC1C,KAAA,EAAO,GAAA;AAAA,MACP,IAAA,EAAM;AAAA,KACP,CAAA;AAED,IAAA,IAAI,CAAC,MAAA,CAAO,IAAA,IAAQ,MAAA,CAAO,IAAA,CAAK,WAAW,CAAA,EAAG;AAC5C,MAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,iBAAA,EAAkB;AAAA,IAClD;AAEA,IAAA,IAAI,UAAA,GAAkC,IAAA;AACtC,IAAA,KAAA,MAAW,GAAA,IAAO,OAAO,IAAA,EAAM;AAC7B,MAAA,MAAM,MAAA,GAAS,GAAA;AACf,MAAA,IAAI,mBAAA,CAAoB,MAAA,CAAO,GAAA,EAAK,MAAM,CAAA,EAAG;AAC3C,QAAA,UAAA,GAAa,MAAA;AACb,QAAA;AAAA,MACF;AAAA,IACF;AAEA,IAAA,IAAI,CAAC,UAAA,EAAY;AACf,MAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,iBAAA,EAAkB;AAAA,IAClD;AAEA,IAAA,IAAI,WAAW,SAAA,EAAW;AACxB,MAAA,MAAM,SAAA,GAAY,IAAI,IAAA,CAAK,UAAA,CAAW,SAAS,CAAA;AAC/C,MAAA,IAAI,SAAA,mBAAY,IAAI,IAAA,EAAK,EAAG;AAC1B,QAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,qBAAA,EAAsB;AAAA,MACtD;AAAA,IACF;AAEA,IAAA,IAAI;AACF,MAAA,MAAM,GAAG,MAAA,CAAO;AAAA,QACd,UAAA,EAAY,kBAAA;AAAA,QACZ,IAAI,UAAA,CAAW,EAAA;AAAA,QACf,MAAM,EAAE,UAAA,EAAA,qBAAgB,IAAA,EAAK,EAAE,aAAY;AAAE,OAC9C,CAAA;AAAA,IACH,CAAA,CAAA,MAAQ;AAAA,IAER;AAEA,IAAA,MAAM,IAAA,GAA0B;AAAA,MAC9B,IAAI,UAAA,CAAW,MAAA;AAAA,MACf,IAAA,EAAO,WAAmB,IAAA,IAAQ,QAAA;AAAA,MAClC,UAAW,UAAA,CAAmB;AAAA,KAChC;AAEA,IAAA,IAAI,UAAA,EAAY;AACd,MAAA,MAAM,MAAA,GAAS,MAAM,UAAA,CAAW,UAAA,CAAW,MAAM,CAAA;AACjD,MAAA,IAAI,MAAA,EAAQ;AACV,QAAA,MAAA,CAAO,MAAA,CAAO,MAAM,MAAM,CAAA;AAAA,MAC5B;AAAA,IACF;AAEA,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,IAAA;AAAA,MACP,QAAQ,UAAA,CAAW,MAAA;AAAA,MACnB,IAAA;AAAA,MACA,WAAA,EAAa,UAAA,CAAW,WAAA,IAAe,EAAC;AAAA,MACxC,UAAU,UAAA,CAAW,EAAA;AAAA,MACrB,UAAU,IAAA,CAAK,QAAA;AAAA,MACf,MAAM,IAAA,CAAK;AAAA,KACb;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,8BAA8B,KAAK,CAAA;AACjD,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,4BAAA,EAA6B;AAAA,EAC7D;AACF;AAEO,SAAS,yBAAyB,OAAA,EAAiC;AACxE,EAAA,MAAM,UAAA,GAAa,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,eAAe,CAAA;AACtD,EAAA,IAAI,UAAA,EAAY;AACd,IAAA,IAAI,UAAA,CAAW,UAAA,CAAW,SAAS,CAAA,EAAG;AACpC,MAAA,OAAO,UAAA,CAAW,KAAA,CAAM,CAAC,CAAA,CAAE,IAAA,EAAK;AAAA,IAClC;AACA,IAAA,IAAI,UAAA,CAAW,UAAA,CAAW,SAAS,CAAA,EAAG;AACpC,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAEA,EAAA,MAAM,OAAA,GAAU,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,WAAW,CAAA;AAC/C,EAAA,IAAI,OAAA,EAAS;AACX,IAAA,OAAO,QAAQ,IAAA,EAAK;AAAA,EACtB;AAEA,EAAA,OAAO,IAAA;AACT;AAEO,SAAS,oBACd,MAAA,EACsB;AACtB,EAAA,IAAI,CAAC,MAAA,CAAO,KAAA,IAAS,CAAC,OAAO,MAAA,EAAQ;AACnC,IAAA,OAAO,IAAA;AAAA,EACT;AACA,EAAA,OAAO;AAAA,IACL,QAAQ,MAAA,CAAO,MAAA;AAAA,IACf,IAAA,EAAM,MAAA,CAAO,IAAA,IAAQ,EAAC;AAAA,IACtB,WAAA,EAAa,MAAA,CAAO,WAAA,IAAe,EAAC;AAAA,IACpC,QAAA,EAAU,OAAO,QAAA,IAAY,EAAA;AAAA,IAC7B,UAAU,MAAA,CAAO,QAAA;AAAA,IACjB,MAAM,MAAA,CAAO;AAAA,GACf;AACF;AAEO,SAAS,mBAAA,CACd,aACA,QAAA,EACS;AACT,EAAA,IAAI,WAAA,CAAY,MAAA,KAAW,CAAA,EAAG,OAAO,KAAA;AACrC,EAAA,IAAI,WAAA,CAAY,QAAA,CAAS,GAAG,CAAA,EAAG,OAAO,IAAA;AACtC,EAAA,IAAI,WAAA,CAAY,QAAA,CAAS,QAAQ,CAAA,EAAG,OAAO,IAAA;AAE3C,EAAA,MAAM,CAAC,QAAA,EAAU,MAAM,CAAA,GAAI,QAAA,CAAS,MAAM,GAAG,CAAA;AAC7C,EAAA,IAAI,YAAY,QAAA,CAAS,CAAA,EAAG,QAAQ,CAAA,EAAA,CAAI,GAAG,OAAO,IAAA;AAElD,EAAA,OAAO,KAAA;AACT;AAEO,SAAS,cAAA,GAAyB;AACvC,EAAA,MAAM,KAAA,GAAQ,sCAAA;AACd,EAAA,IAAI,MAAA,GAAS,EAAA;AACb,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,EAAA,EAAI,CAAA,EAAA,EAAK;AAC3B,IAAA,MAAA,IAAU,KAAA,CAAM,KAAK,KAAA,CAAM,IAAA,CAAK,QAAO,GAAI,KAAA,CAAM,MAAM,CAAC,CAAA;AAAA,EAC1D;AACA,EAAA,OAAO,QAAQ,MAAM,CAAA,CAAA;AACvB;AAEO,SAAS,qBAAqB,GAAA,EAAqB;AACxD,EAAA,OAAO,GAAA,CAAI,SAAA,CAAU,CAAA,EAAG,CAAC,CAAA;AAC3B","file":"chunk-IBG6V56E.cjs","sourcesContent":["export const WEBHOOK_EVENTS = {\n  COLLECTION_CREATE: \"collection.create\",\n  COLLECTION_UPDATE: \"collection.update\",\n  COLLECTION_DELETE: \"collection.delete\",\n  MEDIA_UPLOAD: \"media.upload\",\n  MEDIA_DELETE: \"media.delete\",\n  AUTH_LOGIN: \"auth.login\",\n  AUTH_REGISTER: \"auth.register\",\n  AUTH_LOGOUT: \"auth.logout\",\n  ORDER_CREATED: \"order.created\",\n  ORDER_PAID: \"order.paid\",\n  ORDER_SHIPPED: \"order.shipped\",\n  ORDER_DELIVERED: \"order.delivered\",\n} as const;\n\nexport type WebhookEvent = (typeof WEBHOOK_EVENTS)[keyof typeof WEBHOOK_EVENTS];\n\nexport const ALL_WEBHOOK_EVENTS: WebhookEvent[] = Object.values(WEBHOOK_EVENTS);\n\nexport interface WebhookConfig {\n  id: string;\n  name: string;\n  url: string;\n  events: WebhookEvent[];\n  status: \"active\" | \"inactive\" | \"error\";\n  secret?: string;\n  headers?: Record<string, string>;\n  lastTriggered?: string;\n  lastError?: string;\n  createdAt: string;\n  updatedAt: string;\n}\n\nexport interface CreateWebhookData {\n  name: string;\n  url: string;\n  events: WebhookEvent[];\n  status?: \"active\" | \"inactive\";\n  secret?: string;\n  headers?: Record<string, string>;\n}\n\nexport interface UpdateWebhookData {\n  name?: string;\n  url?: string;\n  events?: WebhookEvent[];\n  status?: \"active\" | \"inactive\" | \"error\";\n  secret?: string;\n  headers?: Record<string, string>;\n  lastTriggered?: string | null;\n  lastError?: string | null;\n}\n\nexport interface WebhookPayload {\n  id: string;\n  event: WebhookEvent;\n  timestamp: string;\n  collection?: string;\n  operation?: \"create\" | \"update\" | \"delete\";\n  data?: unknown;\n  previousData?: unknown;\n  user?: {\n    id: string;\n    email?: string;\n    role?: string;\n  };\n  tenantId?: string;\n  metadata?: Record<string, unknown>;\n}\n\nexport interface WebhookDelivery {\n  id: string;\n  webhookId: string;\n  event: WebhookEvent;\n  payload: WebhookPayload;\n  attempt: number;\n  status: \"pending\" | \"success\" | \"failed\" | \"retrying\";\n  responseStatus?: number;\n  responseBody?: string;\n  error?: string;\n  duration?: number;\n  createdAt: string;\n  deliveredAt?: string;\n  nextRetryAt?: string;\n}\n\nexport interface WebhookTriggerResult {\n  deliveryId: string;\n  webhookId: string;\n  event: WebhookEvent;\n  status: \"queued\" | \"success\" | \"failed\";\n  responseStatus?: number;\n  duration?: number;\n  error?: string;\n}\n\nexport const WEBHOOK_COLLECTION = \"_webhooks\";\nexport const WEBHOOK_DELIVERY_COLLECTION = \"_webhook_deliveries\";\n","import { createHmac, randomBytes } from \"crypto\";\nimport type {\n  WebhookConfig,\n  WebhookPayload,\n  WebhookDelivery,\n} from \"./types.js\";\n\nexport interface DeliveryResult {\n  success: boolean;\n  status: number;\n  statusText?: string;\n  body?: string;\n  duration: number;\n  error?: string;\n}\n\nexport interface DeliveryOptions {\n  timeout?: number;\n  maxRetries?: number;\n  retryDelay?: number;\n  onRetry?: (attempt: number, error: string) => void;\n  onSuccess?: (result: DeliveryResult) => void;\n  onFailure?: (error: string) => void;\n}\n\nexport function signPayload(payload: string, secret: string): string {\n  return `sha256=${createHmac(\"sha256\", secret).update(payload).digest(\"hex\")}`;\n}\n\nexport function generateWebhookSecret(): string {\n  return randomBytes(32).toString(\"hex\");\n}\n\nexport async function deliverWebhook(\n  webhook: WebhookConfig,\n  payload: WebhookPayload,\n  options: DeliveryOptions = {},\n): Promise<DeliveryResult> {\n  const timeout = options.timeout || 30000;\n  const startTime = Date.now();\n\n  const body = JSON.stringify(payload);\n\n  const headers: Record<string, string> = {\n    \"Content-Type\": \"application/json\",\n    \"User-Agent\": \"Kyro-CMS-Webhook/1.0\",\n    \"X-Webhook-Event\": payload.event,\n    \"X-Webhook-Delivery\": payload.id,\n    \"X-Webhook-Timestamp\": payload.timestamp,\n    ...(webhook.headers || {}),\n  };\n\n  if (webhook.secret) {\n    const signature = signPayload(body, webhook.secret);\n    headers[\"X-Webhook-Signature\"] = signature;\n  }\n\n  const controller = new AbortController();\n  const timeoutId = setTimeout(() => controller.abort(), timeout);\n\n  try {\n    const response = await fetch(webhook.url, {\n      method: \"POST\",\n      headers,\n      body,\n      signal: controller.signal,\n    });\n\n    clearTimeout(timeoutId);\n\n    const duration = Date.now() - startTime;\n    let responseBody: string | undefined;\n\n    try {\n      const text = await response.text();\n      responseBody = text.slice(0, 1000);\n    } catch {}\n\n    const result: DeliveryResult = {\n      success: response.ok,\n      status: response.status,\n      statusText: response.statusText,\n      body: responseBody,\n      duration,\n    };\n\n    if (result.success && options.onSuccess) {\n      options.onSuccess(result);\n    } else if (!result.success && options.onFailure) {\n      options.onFailure(`HTTP ${response.status}: ${response.statusText}`);\n    }\n\n    return result;\n  } catch (error: any) {\n    clearTimeout(timeoutId);\n    const duration = Date.now() - startTime;\n    const errorMessage =\n      error.name === \"AbortError\"\n        ? `Request timed out after ${timeout}ms`\n        : error.message || \"Unknown error\";\n\n    if (options.onFailure) {\n      options.onFailure(errorMessage);\n    }\n\n    return {\n      success: false,\n      status: 0,\n      duration,\n      error: errorMessage,\n    };\n  }\n}\n\nexport async function deliverWithRetry(\n  webhook: WebhookConfig,\n  payload: WebhookPayload,\n  deliveryId: string,\n  options: DeliveryOptions = {},\n): Promise<DeliveryResult> {\n  const maxRetries = options.maxRetries ?? 5;\n  const baseDelay = options.retryDelay ?? 1000;\n  let lastResult: DeliveryResult | null = null;\n\n  for (let attempt = 0; attempt <= maxRetries; attempt++) {\n    if (attempt > 0) {\n      const delay = Math.min(baseDelay * Math.pow(2, attempt - 1), 30000);\n      if (options.onRetry) {\n        options.onRetry(attempt, `Retrying in ${delay}ms...`);\n      }\n      await sleep(delay);\n    }\n\n    if (options.onRetry && attempt > 0) {\n      options.onRetry(attempt, `Attempt ${attempt + 1}/${maxRetries + 1}`);\n    }\n\n    lastResult = await deliverWebhook(webhook, payload, {\n      ...options,\n      onRetry: undefined,\n      onSuccess: undefined,\n      onFailure: undefined,\n    });\n\n    if (lastResult.success) {\n      return lastResult;\n    }\n\n    if (lastResult.error?.includes(\"timed out\") && attempt < maxRetries) {\n      continue;\n    }\n\n    if (lastResult.status >= 400 && lastResult.status < 500) {\n      return lastResult;\n    }\n  }\n\n  return (\n    lastResult || {\n      success: false,\n      status: 0,\n      duration: 0,\n      error: \"All delivery attempts failed\",\n    }\n  );\n}\n\nexport function buildDeliveryRecord(\n  deliveryId: string,\n  webhookId: string,\n  event: string,\n  payload: WebhookPayload,\n  attempt: number,\n  result: DeliveryResult,\n): WebhookDelivery {\n  return {\n    id: deliveryId,\n    webhookId,\n    event: event as any,\n    payload,\n    attempt,\n    status: result.success ? \"success\" : \"failed\",\n    responseStatus: result.status || undefined,\n    responseBody: result.body,\n    duration: result.duration,\n    error: result.error,\n    createdAt: new Date().toISOString(),\n    deliveredAt: result.success ? new Date().toISOString() : undefined,\n  };\n}\n\nfunction sleep(ms: number): Promise<void> {\n  return new Promise((resolve) => setTimeout(resolve, ms));\n}\n\nexport function createTestPayload(): WebhookPayload {\n  return {\n    id: `test_${Date.now()}`,\n    event: \"collection.create\",\n    timestamp: new Date().toISOString(),\n    collection: \"test\",\n    operation: \"create\",\n    data: { message: \"This is a test webhook delivery\" },\n    user: { id: \"system\", email: \"system@kyro.dev\", role: \"super_admin\" },\n  };\n}\n","import { randomUUID } from \"crypto\";\nimport type { BaseAdapter } from \"../registry/types.js\";\nimport {\n  type WebhookConfig,\n  type CreateWebhookData,\n  type UpdateWebhookData,\n  type WebhookPayload,\n  type WebhookDelivery,\n  type WebhookEvent,\n  type WebhookTriggerResult,\n  WEBHOOK_COLLECTION,\n  WEBHOOK_DELIVERY_COLLECTION,\n} from \"./types.js\";\nimport {\n  deliverWithRetry,\n  buildDeliveryRecord,\n  generateWebhookSecret,\n} from \"./delivery.js\";\n\nexport class WebhookService {\n  private db: BaseAdapter;\n\n  constructor(db: BaseAdapter) {\n    this.db = db;\n  }\n\n  async getWebhooks(filters?: {\n    status?: string;\n    event?: WebhookEvent;\n  }): Promise<WebhookConfig[]> {\n    const result = await this.db.find({\n      collection: WEBHOOK_COLLECTION,\n      where: filters?.status ? { status: { equals: filters.status } } : {},\n      limit: 100,\n      page: 1,\n    });\n\n    const webhooks = result.docs as unknown as WebhookConfig[];\n\n    if (filters?.event) {\n      return webhooks.filter((w) =>\n        w.events.includes(filters.event as WebhookEvent),\n      );\n    }\n\n    return webhooks;\n  }\n\n  async getWebhookById(id: string): Promise<WebhookConfig | null> {\n    return this.db.findByID({\n      collection: WEBHOOK_COLLECTION,\n      id,\n    }) as Promise<WebhookConfig | null>;\n  }\n\n  async createWebhook(data: CreateWebhookData): Promise<WebhookConfig> {\n    const now = new Date().toISOString();\n    const secret = data.secret || generateWebhookSecret();\n\n    const webhook = {\n      id: randomUUID(),\n      name: data.name,\n      url: data.url,\n      events: data.events,\n      status: data.status || \"active\",\n      secret,\n      headers: data.headers || {},\n      createdAt: now,\n      updatedAt: now,\n    };\n\n    await this.db.create({\n      collection: WEBHOOK_COLLECTION,\n      data: webhook,\n    });\n\n    return webhook as WebhookConfig;\n  }\n\n  async updateWebhook(\n    id: string,\n    data: UpdateWebhookData,\n  ): Promise<WebhookConfig | null> {\n    const existing = await this.getWebhookById(id);\n    if (!existing) return null;\n\n    const updated = {\n      ...existing,\n      ...data,\n      updatedAt: new Date().toISOString(),\n    };\n\n    if (data.secret === \"\" && \"secret\" in data) {\n      delete updated.secret;\n    }\n\n    await this.db.update({\n      collection: WEBHOOK_COLLECTION,\n      id,\n      data: updated,\n    });\n\n    return updated as WebhookConfig;\n  }\n\n  async deleteWebhook(id: string): Promise<void> {\n    await this.db.delete({\n      collection: WEBHOOK_COLLECTION,\n      id,\n    });\n  }\n\n  async trigger(\n    event: WebhookEvent,\n    payloadData: Omit<WebhookPayload, \"id\" | \"event\" | \"timestamp\">,\n  ): Promise<WebhookTriggerResult[]> {\n    const webhooks = await this.getWebhooks();\n    const activeWebhooks = webhooks.filter((w) => w.status === \"active\");\n\n    const matchingWebhooks = activeWebhooks.filter((w) =>\n      w.events.includes(event),\n    );\n\n    if (matchingWebhooks.length === 0) {\n      return [];\n    }\n\n    const payload: WebhookPayload = {\n      id: `wh_${Date.now()}_${randomUUID().slice(0, 8)}`,\n      event,\n      timestamp: new Date().toISOString(),\n      ...payloadData,\n    };\n\n    const results: WebhookTriggerResult[] = [];\n\n    for (const webhook of matchingWebhooks) {\n      const result = await this.triggerWebhook(webhook, payload);\n      results.push(result);\n    }\n\n    return results;\n  }\n\n  async triggerWebhook(\n    webhook: WebhookConfig,\n    payload: WebhookPayload,\n  ): Promise<WebhookTriggerResult> {\n    const deliveryId = `dlv_${Date.now()}_${randomUUID().slice(0, 8)}`;\n\n    try {\n      const result = await deliverWithRetry(webhook, payload, deliveryId, {\n        maxRetries: 5,\n        retryDelay: 1000,\n      });\n\n      const deliveryRecord = buildDeliveryRecord(\n        deliveryId,\n        webhook.id,\n        webhook.events[0],\n        payload,\n        1,\n        result,\n      );\n\n      try {\n        await this.db.create({\n          collection: WEBHOOK_DELIVERY_COLLECTION,\n          data: deliveryRecord,\n        });\n      } catch {\n        console.warn(\n          \"[WebhookService] Failed to save delivery record:\",\n          deliveryId,\n        );\n      }\n\n      if (!result.success) {\n        await this.updateWebhook(webhook.id, {\n          status: \"error\",\n          lastError: result.error,\n        }).catch(() => {});\n      } else {\n        await this.updateWebhook(webhook.id, {\n          status: \"active\",\n          lastTriggered: new Date().toISOString(),\n        }).catch(() => {});\n      }\n\n      return {\n        deliveryId,\n        webhookId: webhook.id,\n        event: webhook.events[0],\n        status: result.success ? \"success\" : \"failed\",\n        responseStatus: result.status,\n        duration: result.duration,\n        error: result.error,\n      };\n    } catch (error: any) {\n      return {\n        deliveryId,\n        webhookId: webhook.id,\n        event: webhook.events[0],\n        status: \"failed\",\n        error: error.message,\n      };\n    }\n  }\n\n  async testWebhook(webhookId: string): Promise<WebhookTriggerResult | null> {\n    const webhook = await this.getWebhookById(webhookId);\n    if (!webhook) return null;\n\n    const payload: WebhookPayload = {\n      id: `test_${Date.now()}`,\n      event: webhook.events[0] || \"collection.create\",\n      timestamp: new Date().toISOString(),\n      collection: \"test\",\n      operation: \"create\",\n      data: { message: \"This is a test webhook delivery from Kyro CMS\" },\n      user: {\n        id: \"system\",\n        email: \"system@kyro.dev\",\n        role: \"super_admin\",\n      },\n    };\n\n    return this.triggerWebhook(webhook, payload);\n  }\n\n  async getDeliveryHistory(\n    webhookId: string,\n    limit: number = 50,\n  ): Promise<WebhookDelivery[]> {\n    const result = await this.db.find({\n      collection: WEBHOOK_DELIVERY_COLLECTION,\n      where: { webhookId: { equals: webhookId } },\n      sort: \"-createdAt\",\n      limit,\n      page: 1,\n    });\n\n    return result.docs as unknown as WebhookDelivery[];\n  }\n\n  async retryDelivery(\n    deliveryId: string,\n  ): Promise<WebhookTriggerResult | null> {\n    const delivery = (await this.db.findByID({\n      collection: WEBHOOK_DELIVERY_COLLECTION,\n      id: deliveryId,\n    })) as WebhookDelivery | null;\n\n    if (!delivery) return null;\n\n    const webhook = await this.getWebhookById(delivery.webhookId);\n    if (!webhook) return null;\n\n    return this.triggerWebhook(webhook, delivery.payload);\n  }\n}\n\nexport function createWebhookService(db: BaseAdapter): WebhookService {\n  return new WebhookService(db);\n}\n","import { timingSafeEqual } from \"crypto\";\nimport type { BaseAdapter } from \"../registry/types.js\";\nimport type { AuthUser, UserRole } from \"./types.js\";\n\nexport interface ApiKeyRecord {\n  id: string;\n  userId: string;\n  name: string;\n  key: string;\n  keyPrefix: string;\n  permissions: string[];\n  lastUsedAt?: string;\n  expiresAt?: string;\n  createdAt: string;\n}\n\nexport interface ApiKeyValidationResult {\n  valid: boolean;\n  userId?: string;\n  user?: Partial<AuthUser>;\n  permissions?: string[];\n  apiKeyId?: string;\n  error?: string;\n  tenantId?: string;\n  role?: UserRole;\n}\n\nexport interface ApiKeyContext {\n  userId: string;\n  user: Partial<AuthUser>;\n  permissions: string[];\n  apiKeyId: string;\n  tenantId?: string;\n  role?: UserRole;\n}\n\nexport const API_KEY_COLLECTION = \"_api_keys\";\n\nfunction generateKeyPrefix(key: string): string {\n  return key.substring(0, 8);\n}\n\nfunction constantTimeCompare(a: string, b: string): boolean {\n  if (a.length !== b.length) {\n    return false;\n  }\n  try {\n    return timingSafeEqual(Buffer.from(a), Buffer.from(b));\n  } catch {\n    return false;\n  }\n}\n\nexport async function validateApiKey(\n  rawKey: string,\n  db: BaseAdapter,\n  userLookup?: (userId: string) => Promise<Partial<AuthUser> | null>,\n): Promise<ApiKeyValidationResult> {\n  if (!rawKey || typeof rawKey !== \"string\") {\n    return { valid: false, error: \"No API key provided\" };\n  }\n\n  if (!rawKey.startsWith(\"kyro_\")) {\n    return { valid: false, error: \"Invalid API key format\" };\n  }\n\n  const keyPrefix = generateKeyPrefix(rawKey);\n\n  try {\n    const result = await db.find({\n      collection: API_KEY_COLLECTION,\n      where: { keyPrefix: { equals: keyPrefix } },\n      limit: 100,\n      page: 1,\n    });\n\n    if (!result.docs || result.docs.length === 0) {\n      return { valid: false, error: \"Invalid API key\" };\n    }\n\n    let matchedKey: ApiKeyRecord | null = null;\n    for (const doc of result.docs) {\n      const record = doc as unknown as ApiKeyRecord;\n      if (constantTimeCompare(record.key, rawKey)) {\n        matchedKey = record;\n        break;\n      }\n    }\n\n    if (!matchedKey) {\n      return { valid: false, error: \"Invalid API key\" };\n    }\n\n    if (matchedKey.expiresAt) {\n      const expiresAt = new Date(matchedKey.expiresAt);\n      if (expiresAt < new Date()) {\n        return { valid: false, error: \"API key has expired\" };\n      }\n    }\n\n    try {\n      await db.update({\n        collection: API_KEY_COLLECTION,\n        id: matchedKey.id,\n        data: { lastUsedAt: new Date().toISOString() },\n      });\n    } catch {\n      // Non-critical: don't fail if lastUsedAt update fails\n    }\n\n    const user: Partial<AuthUser> = {\n      id: matchedKey.userId,\n      role: (matchedKey as any).role || \"author\",\n      tenantId: (matchedKey as any).tenantId,\n    };\n\n    if (userLookup) {\n      const dbUser = await userLookup(matchedKey.userId);\n      if (dbUser) {\n        Object.assign(user, dbUser);\n      }\n    }\n\n    return {\n      valid: true,\n      userId: matchedKey.userId,\n      user,\n      permissions: matchedKey.permissions || [],\n      apiKeyId: matchedKey.id,\n      tenantId: user.tenantId,\n      role: user.role,\n    };\n  } catch (error) {\n    console.error(\"[ApiKey] Validation error:\", error);\n    return { valid: false, error: \"Failed to validate API key\" };\n  }\n}\n\nexport function extractApiKeyFromRequest(request: Request): string | null {\n  const authHeader = request.headers.get(\"Authorization\");\n  if (authHeader) {\n    if (authHeader.startsWith(\"ApiKey \")) {\n      return authHeader.slice(7).trim();\n    }\n    if (authHeader.startsWith(\"Bearer \")) {\n      return null;\n    }\n  }\n\n  const xApiKey = request.headers.get(\"X-API-Key\");\n  if (xApiKey) {\n    return xApiKey.trim();\n  }\n\n  return null;\n}\n\nexport function createApiKeyContext(\n  result: ApiKeyValidationResult,\n): ApiKeyContext | null {\n  if (!result.valid || !result.userId) {\n    return null;\n  }\n  return {\n    userId: result.userId,\n    user: result.user || {},\n    permissions: result.permissions || [],\n    apiKeyId: result.apiKeyId || \"\",\n    tenantId: result.tenantId,\n    role: result.role,\n  };\n}\n\nexport function hasApiKeyPermission(\n  permissions: string[],\n  required: string,\n): boolean {\n  if (permissions.length === 0) return false;\n  if (permissions.includes(\"*\")) return true;\n  if (permissions.includes(required)) return true;\n\n  const [resource, action] = required.split(\":\");\n  if (permissions.includes(`${resource}:*`)) return true;\n\n  return false;\n}\n\nexport function generateApiKey(): string {\n  const chars = \"abcdefghijklmnopqrstuvwxyz0123456789\";\n  let suffix = \"\";\n  for (let i = 0; i < 32; i++) {\n    suffix += chars[Math.floor(Math.random() * chars.length)];\n  }\n  return `kyro_${suffix}`;\n}\n\nexport function generateApiKeyPrefix(key: string): string {\n  return key.substring(0, 8);\n}\n"]}

package/dist/{chunk-LIJVWQKU.cjs → chunk-IX3ABYKZ.cjs}

@@ -1,6 +1,6 @@
 'use strict';
 
-var chunk7YITG2US_cjs = require('./chunk-7YITG2US.cjs');
+var chunkWQBRWOQT_cjs = require('./chunk-WQBRWOQT.cjs');
 var drizzleOrm = require('drizzle-orm');
 var bcrypt = require('bcryptjs');
 var crypto$1 = require('crypto');
@@ -22,8 +22,9 @@ var PostgresAuthAdapter = class {
   }
   async createUser(data) {
     const passwordHash = await this.hashPassword(data.password);
-    const [user] = await this.db.insert(chunk7YITG2US_cjs.users).values({
+    const [user] = await this.db.insert(chunkWQBRWOQT_cjs.users).values({
       email: data.email.toLowerCase(),
+      name: data.name,
       passwordHash,
       role: data.role || "customer",
       tenantId: data.tenantId
@@ -31,15 +32,16 @@ var PostgresAuthAdapter = class {
     return this.userToAuthUser(user);
   }
   async findUserByEmail(email) {
-    const [user] = await this.db.select().from(chunk7YITG2US_cjs.users).where(drizzleOrm.eq(chunk7YITG2US_cjs.users.email, email.toLowerCase())).limit(1);
+    const [user] = await this.db.select().from(chunkWQBRWOQT_cjs.users).where(drizzleOrm.eq(chunkWQBRWOQT_cjs.users.email, email.toLowerCase())).limit(1);
     return user ? this.userToAuthUser(user) : null;
   }
   async findUserById(id) {
-    const [user] = await this.db.select().from(chunk7YITG2US_cjs.users).where(drizzleOrm.eq(chunk7YITG2US_cjs.users.id, id)).limit(1);
+    const [user] = await this.db.select().from(chunkWQBRWOQT_cjs.users).where(drizzleOrm.eq(chunkWQBRWOQT_cjs.users.id, id)).limit(1);
     return user ? this.userToAuthUser(user) : null;
   }
   async updateUser(id, data) {
     const dbData = { updatedAt: /* @__PURE__ */ new Date() };
+    if (data.name !== void 0) dbData.name = data.name;
     if (data.email !== void 0) dbData.email = data.email;
     if (data.passwordHash !== void 0)
       dbData.passwordHash = data.passwordHash;
@@ -52,17 +54,17 @@ var PostgresAuthAdapter = class {
       dbData.lastLogin = data.lastLogin ? new Date(data.lastLogin) : null;
     if (data.failedLoginAttempts !== void 0)
       dbData.failedLoginAttempts = data.failedLoginAttempts;
-    const [user] = await this.db.update(chunk7YITG2US_cjs.users).set(dbData).where(drizzleOrm.eq(chunk7YITG2US_cjs.users.id, id)).returning();
+    const [user] = await this.db.update(chunkWQBRWOQT_cjs.users).set(dbData).where(drizzleOrm.eq(chunkWQBRWOQT_cjs.users.id, id)).returning();
     return user ? this.userToAuthUser(user) : null;
   }
   async deleteUser(id) {
-    await this.db.delete(chunk7YITG2US_cjs.users).where(drizzleOrm.eq(chunk7YITG2US_cjs.users.id, id));
+    await this.db.delete(chunkWQBRWOQT_cjs.users).where(drizzleOrm.eq(chunkWQBRWOQT_cjs.users.id, id));
     return true;
   }
   async verifyPassword(email, password) {
     const user = await this.findUserByEmail(email);
     if (!user) return null;
-    const [stored] = await this.db.select().from(chunk7YITG2US_cjs.users).where(drizzleOrm.eq(chunk7YITG2US_cjs.users.email, email.toLowerCase())).limit(1);
+    const [stored] = await this.db.select().from(chunkWQBRWOQT_cjs.users).where(drizzleOrm.eq(chunkWQBRWOQT_cjs.users.email, email.toLowerCase())).limit(1);
     if (!stored?.passwordHash) return null;
     const valid = await bcrypt__default.default.compare(password, stored.passwordHash);
     return valid ? user : null;
@@ -75,7 +77,7 @@ var PostgresAuthAdapter = class {
     const refreshToken = crypto$1.randomBytes(32).toString("base64url");
     const expiresAt = new Date(Date.now() + this.sessionTTL * 1e3);
     new Date(Date.now() + this.refreshTokenTTL * 1e3);
-    const [session] = await this.db.insert(chunk7YITG2US_cjs.sessions).values({
+    const [session] = await this.db.insert(chunkWQBRWOQT_cjs.sessions).values({
       userId,
       token,
       refreshToken,
@@ -86,25 +88,34 @@ var PostgresAuthAdapter = class {
     return this.sessionToSession(session);
   }
   async findSessionByToken(token) {
-    const [session] = await this.db.select().from(chunk7YITG2US_cjs.sessions).where(drizzleOrm.and(drizzleOrm.eq(chunk7YITG2US_cjs.sessions.token, token), drizzleOrm.gt(chunk7YITG2US_cjs.sessions.expiresAt, /* @__PURE__ */ new Date()))).limit(1);
+    const [session] = await this.db.select().from(chunkWQBRWOQT_cjs.sessions).where(drizzleOrm.and(drizzleOrm.eq(chunkWQBRWOQT_cjs.sessions.token, token), drizzleOrm.gt(chunkWQBRWOQT_cjs.sessions.expiresAt, /* @__PURE__ */ new Date()))).limit(1);
+    return session ? this.sessionToSession(session) : null;
+  }
+  async findSessionByRefreshToken(refreshToken) {
+    const [session] = await this.db.select().from(chunkWQBRWOQT_cjs.sessions).where(
+      drizzleOrm.and(
+        drizzleOrm.eq(chunkWQBRWOQT_cjs.sessions.refreshToken, refreshToken),
+        drizzleOrm.gt(chunkWQBRWOQT_cjs.sessions.expiresAt, /* @__PURE__ */ new Date())
+      )
+    ).limit(1);
     return session ? this.sessionToSession(session) : null;
   }
   async deleteSession(sessionId) {
-    await this.db.delete(chunk7YITG2US_cjs.sessions).where(drizzleOrm.eq(chunk7YITG2US_cjs.sessions.id, sessionId));
+    await this.db.delete(chunkWQBRWOQT_cjs.sessions).where(drizzleOrm.eq(chunkWQBRWOQT_cjs.sessions.id, sessionId));
     return true;
   }
   async deleteUserSessions(userId) {
-    await this.db.delete(chunk7YITG2US_cjs.sessions).where(drizzleOrm.eq(chunk7YITG2US_cjs.sessions.userId, userId));
+    await this.db.delete(chunkWQBRWOQT_cjs.sessions).where(drizzleOrm.eq(chunkWQBRWOQT_cjs.sessions.userId, userId));
     return 1;
   }
   async addPasswordToHistory(userId, passwordHash) {
-    await this.db.insert(chunk7YITG2US_cjs.passwordHistory).values({
+    await this.db.insert(chunkWQBRWOQT_cjs.passwordHistory).values({
       userId,
       passwordHash
     });
   }
   async getPasswordHistory(userId, count = 5) {
-    const history = await this.db.select({ passwordHash: chunk7YITG2US_cjs.passwordHistory.passwordHash }).from(chunk7YITG2US_cjs.passwordHistory).where(drizzleOrm.eq(chunk7YITG2US_cjs.passwordHistory.userId, userId)).orderBy(drizzleOrm.desc(chunk7YITG2US_cjs.passwordHistory.createdAt)).limit(count);
+    const history = await this.db.select({ passwordHash: chunkWQBRWOQT_cjs.passwordHistory.passwordHash }).from(chunkWQBRWOQT_cjs.passwordHistory).where(drizzleOrm.eq(chunkWQBRWOQT_cjs.passwordHistory.userId, userId)).orderBy(drizzleOrm.desc(chunkWQBRWOQT_cjs.passwordHistory.createdAt)).limit(count);
     return history.map((h) => h.passwordHash);
   }
   async isPasswordInHistory(password, userId, historyCount = 5) {
@@ -117,14 +128,14 @@ var PostgresAuthAdapter = class {
     return false;
   }
   async isLocked(userId) {
-    const [lockout] = await this.db.select().from(chunk7YITG2US_cjs.lockouts).where(
-      drizzleOrm.and(drizzleOrm.eq(chunk7YITG2US_cjs.lockouts.userId, userId), drizzleOrm.gt(chunk7YITG2US_cjs.lockouts.lockedUntil, /* @__PURE__ */ new Date()))
+    const [lockout] = await this.db.select().from(chunkWQBRWOQT_cjs.lockouts).where(
+      drizzleOrm.and(drizzleOrm.eq(chunkWQBRWOQT_cjs.lockouts.userId, userId), drizzleOrm.gt(chunkWQBRWOQT_cjs.lockouts.lockedUntil, /* @__PURE__ */ new Date()))
     ).limit(1);
     return !!lockout;
   }
   async getLockout(userId) {
-    const [lockout] = await this.db.select().from(chunk7YITG2US_cjs.lockouts).where(
-      drizzleOrm.and(drizzleOrm.eq(chunk7YITG2US_cjs.lockouts.userId, userId), drizzleOrm.gt(chunk7YITG2US_cjs.lockouts.lockedUntil, /* @__PURE__ */ new Date()))
+    const [lockout] = await this.db.select().from(chunkWQBRWOQT_cjs.lockouts).where(
+      drizzleOrm.and(drizzleOrm.eq(chunkWQBRWOQT_cjs.lockouts.userId, userId), drizzleOrm.gt(chunkWQBRWOQT_cjs.lockouts.lockedUntil, /* @__PURE__ */ new Date()))
     ).limit(1);
     return lockout ? { lockedUntil: lockout.lockedUntil } : null;
   }
@@ -136,7 +147,7 @@ var PostgresAuthAdapter = class {
     const locked = attempts >= maxAttempts;
     if (locked) {
       const lockoutDuration = 15 * 60 * 1e3;
-      await this.db.insert(chunk7YITG2US_cjs.lockouts).values({
+      await this.db.insert(chunkWQBRWOQT_cjs.lockouts).values({
         userId,
         ipAddress,
         reason: "Too many failed login attempts",
@@ -161,22 +172,22 @@ var PostgresAuthAdapter = class {
       endDate
     } = filter;
     const conditions = [];
-    if (userId) conditions.push(drizzleOrm.eq(chunk7YITG2US_cjs.auditLogs.userId, userId));
+    if (userId) conditions.push(drizzleOrm.eq(chunkWQBRWOQT_cjs.auditLogs.userId, userId));
     if (action) {
       if (Array.isArray(action)) {
-        conditions.push(drizzleOrm.sql`${chunk7YITG2US_cjs.auditLogs.action} = ANY(${action})`);
+        conditions.push(drizzleOrm.sql`${chunkWQBRWOQT_cjs.auditLogs.action} = ANY(${action})`);
       } else {
-        conditions.push(drizzleOrm.eq(chunk7YITG2US_cjs.auditLogs.action, action));
+        conditions.push(drizzleOrm.eq(chunkWQBRWOQT_cjs.auditLogs.action, action));
       }
     }
-    if (resource) conditions.push(drizzleOrm.eq(chunk7YITG2US_cjs.auditLogs.resource, resource));
-    if (resourceId) conditions.push(drizzleOrm.eq(chunk7YITG2US_cjs.auditLogs.resourceId, resourceId));
-    if (success !== void 0) conditions.push(drizzleOrm.eq(chunk7YITG2US_cjs.auditLogs.success, success));
-    if (startDate) conditions.push(drizzleOrm.sql`${chunk7YITG2US_cjs.auditLogs.timestamp} >= ${startDate}`);
-    if (endDate) conditions.push(drizzleOrm.sql`${chunk7YITG2US_cjs.auditLogs.timestamp} <= ${endDate}`);
+    if (resource) conditions.push(drizzleOrm.eq(chunkWQBRWOQT_cjs.auditLogs.resource, resource));
+    if (resourceId) conditions.push(drizzleOrm.eq(chunkWQBRWOQT_cjs.auditLogs.resourceId, resourceId));
+    if (success !== void 0) conditions.push(drizzleOrm.eq(chunkWQBRWOQT_cjs.auditLogs.success, success));
+    if (startDate) conditions.push(drizzleOrm.sql`${chunkWQBRWOQT_cjs.auditLogs.timestamp} >= ${startDate}`);
+    if (endDate) conditions.push(drizzleOrm.sql`${chunkWQBRWOQT_cjs.auditLogs.timestamp} <= ${endDate}`);
     const whereClause = conditions.length > 0 ? drizzleOrm.and(...conditions) : void 0;
-    const countResult = await this.db.select({ count: drizzleOrm.sql`count(*)` }).from(chunk7YITG2US_cjs.auditLogs).where(whereClause);
-    const logs = await this.db.select().from(chunk7YITG2US_cjs.auditLogs).where(whereClause).orderBy(drizzleOrm.desc(chunk7YITG2US_cjs.auditLogs.timestamp)).limit(limit).offset(offset);
+    const countResult = await this.db.select({ count: drizzleOrm.sql`count(*)` }).from(chunkWQBRWOQT_cjs.auditLogs).where(whereClause);
+    const logs = await this.db.select().from(chunkWQBRWOQT_cjs.auditLogs).where(whereClause).orderBy(drizzleOrm.desc(chunkWQBRWOQT_cjs.auditLogs.timestamp)).limit(limit).offset(offset);
     return {
       logs: logs.map((log) => ({
         id: log.id,
@@ -200,7 +211,7 @@ var PostgresAuthAdapter = class {
   async createAuditLog(data) {
     const id = crypto.randomUUID();
     const timestamp = /* @__PURE__ */ new Date();
-    await this.db.insert(chunk7YITG2US_cjs.auditLogs).values({
+    await this.db.insert(chunkWQBRWOQT_cjs.auditLogs).values({
       id,
       action: data.action,
       userId: data.userId,
@@ -225,6 +236,7 @@ var PostgresAuthAdapter = class {
   userToAuthUser(user) {
     return {
       id: user.id,
+      name: user.name || void 0,
       email: user.email,
       passwordHash: user.passwordHash || void 0,
       role: user.role,
@@ -252,5 +264,5 @@ var PostgresAuthAdapter = class {
 };
 
 exports.PostgresAuthAdapter = PostgresAuthAdapter;
-//# sourceMappingURL=chunk-LIJVWQKU.cjs.map
-//# sourceMappingURL=chunk-LIJVWQKU.cjs.map
+//# sourceMappingURL=chunk-IX3ABYKZ.cjs.map
+//# sourceMappingURL=chunk-IX3ABYKZ.cjs.map