@kyro-cms/core 0.9.0 → 0.9.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (265) hide show
  1. package/README.md +55 -593
  2. package/dist/{WebhookService-AefJfqX0.d.cts → WebhookService-BKszZlG0.d.cts} +1 -1
  3. package/dist/{WebhookService-118ZTFis.d.ts → WebhookService-Ccf1j-IN.d.ts} +1 -1
  4. package/dist/api-handler-graphql.cjs +44 -0
  5. package/dist/api-handler-graphql.cjs.map +1 -0
  6. package/dist/api-handler-graphql.d.cts +6 -0
  7. package/dist/api-handler-graphql.d.ts +6 -0
  8. package/dist/api-handler-graphql.js +41 -0
  9. package/dist/api-handler-graphql.js.map +1 -0
  10. package/dist/api-handler-trpc.cjs +38 -0
  11. package/dist/api-handler-trpc.cjs.map +1 -0
  12. package/dist/api-handler-trpc.d.cts +5 -0
  13. package/dist/api-handler-trpc.d.ts +5 -0
  14. package/dist/api-handler-trpc.js +36 -0
  15. package/dist/api-handler-trpc.js.map +1 -0
  16. package/dist/api-handler.cjs +33 -99
  17. package/dist/api-handler.cjs.map +1 -1
  18. package/dist/api-handler.d.cts +2 -1
  19. package/dist/api-handler.d.ts +2 -1
  20. package/dist/api-handler.js +21 -97
  21. package/dist/api-handler.js.map +1 -1
  22. package/dist/{tenant-B1YB0Jy8.d.ts → base-CIuXkrH4.d.cts} +7 -15
  23. package/dist/{tenant-Cpeveji6.d.cts → base-fFo4lqER.d.ts} +7 -15
  24. package/dist/bootstrap-3PV3GJ3S.js +7 -0
  25. package/dist/{bootstrap-JCML6NFO.js.map → bootstrap-3PV3GJ3S.js.map} +1 -1
  26. package/dist/bootstrap-4CELFLJO.cjs +32 -0
  27. package/dist/{bootstrap-AKAUP6F6.cjs.map → bootstrap-4CELFLJO.cjs.map} +1 -1
  28. package/dist/{chunk-VJT6P4N6.cjs → chunk-3HR772HI.cjs} +199 -32
  29. package/dist/chunk-3HR772HI.cjs.map +1 -0
  30. package/dist/chunk-3KTWGODI.cjs +178 -0
  31. package/dist/chunk-3KTWGODI.cjs.map +1 -0
  32. package/dist/{chunk-QXIQWPAP.js → chunk-3UK5XBVJ.js} +4 -134
  33. package/dist/chunk-3UK5XBVJ.js.map +1 -0
  34. package/dist/{chunk-FXYP2HA6.js → chunk-4AO3A3JM.js} +48 -4
  35. package/dist/chunk-4AO3A3JM.js.map +1 -0
  36. package/dist/{chunk-Z6ZWNWWR.js → chunk-4CV4JOE5.js} +3 -9
  37. package/dist/{chunk-Z6ZWNWWR.js.map → chunk-4CV4JOE5.js.map} +1 -1
  38. package/dist/chunk-4M7X5HAB.cjs +173 -0
  39. package/dist/chunk-4M7X5HAB.cjs.map +1 -0
  40. package/dist/chunk-53NYVYVX.js +3243 -0
  41. package/dist/chunk-53NYVYVX.js.map +1 -0
  42. package/dist/{chunk-35U3FROB.js → chunk-5H3MWQJS.js} +714 -184
  43. package/dist/chunk-5H3MWQJS.js.map +1 -0
  44. package/dist/{chunk-YVUJBEXE.cjs → chunk-5PMQQFRE.cjs} +16 -7
  45. package/dist/chunk-5PMQQFRE.cjs.map +1 -0
  46. package/dist/{chunk-57P6MJKC.js → chunk-6UNONDW7.js} +94 -10
  47. package/dist/chunk-6UNONDW7.js.map +1 -0
  48. package/dist/{chunk-Y3N7UUDO.js → chunk-7OGPN7MP.js} +5 -2
  49. package/dist/chunk-7OGPN7MP.js.map +1 -0
  50. package/dist/{chunk-2OL4O2TH.cjs → chunk-7OS7TX2Q.cjs} +68 -62
  51. package/dist/chunk-7OS7TX2Q.cjs.map +1 -0
  52. package/dist/{chunk-3TPQ2BU6.js → chunk-BYBMTIMT.js} +2 -6
  53. package/dist/chunk-BYBMTIMT.js.map +1 -0
  54. package/dist/{chunk-ES5HNFFT.js → chunk-CF7OL6HR.js} +4 -2
  55. package/dist/chunk-CF7OL6HR.js.map +1 -0
  56. package/dist/chunk-CJONKRHJ.js +162 -0
  57. package/dist/chunk-CJONKRHJ.js.map +1 -0
  58. package/dist/{chunk-OHVB4AJ7.js → chunk-CJX74IYK.js} +24 -18
  59. package/dist/chunk-CJX74IYK.js.map +1 -0
  60. package/dist/{chunk-5KVM3WEY.cjs → chunk-CNKT4PME.cjs} +1592 -868
  61. package/dist/chunk-CNKT4PME.cjs.map +1 -0
  62. package/dist/{chunk-G7VZBCD6.cjs → chunk-CZLDE2OZ.cjs} +2 -9
  63. package/dist/{chunk-G7VZBCD6.cjs.map → chunk-CZLDE2OZ.cjs.map} +1 -1
  64. package/dist/{chunk-WQBRWOQT.cjs → chunk-DPA3KWPY.cjs} +4 -3
  65. package/dist/chunk-DPA3KWPY.cjs.map +1 -0
  66. package/dist/{chunk-LINKCEG4.cjs → chunk-E2763JUP.cjs} +726 -196
  67. package/dist/chunk-E2763JUP.cjs.map +1 -0
  68. package/dist/chunk-E5UJBLQ7.js +220 -0
  69. package/dist/chunk-E5UJBLQ7.js.map +1 -0
  70. package/dist/{chunk-DVD5P72E.cjs → chunk-EEJUFDMF.cjs} +2 -6
  71. package/dist/chunk-EEJUFDMF.cjs.map +1 -0
  72. package/dist/chunk-FSKONGCX.cjs +253 -0
  73. package/dist/chunk-FSKONGCX.cjs.map +1 -0
  74. package/dist/{chunk-Y3QQN7PN.js → chunk-GAAHG2Z4.js} +13 -4
  75. package/dist/chunk-GAAHG2Z4.js.map +1 -0
  76. package/dist/chunk-GAOXD3XT.js +175 -0
  77. package/dist/chunk-GAOXD3XT.js.map +1 -0
  78. package/dist/{chunk-SA7NSSIQ.cjs → chunk-GUUB5EAG.cjs} +13 -187
  79. package/dist/chunk-GUUB5EAG.cjs.map +1 -0
  80. package/dist/{chunk-4DA7QPLA.cjs → chunk-GXFOGU7N.cjs} +5 -2
  81. package/dist/chunk-GXFOGU7N.cjs.map +1 -0
  82. package/dist/{chunk-I7HHI6QV.cjs → chunk-IDVRRRAK.cjs} +17 -9
  83. package/dist/chunk-IDVRRRAK.cjs.map +1 -0
  84. package/dist/{chunk-HXRD4B37.js → chunk-IPTZM3VE.js} +1423 -704
  85. package/dist/chunk-IPTZM3VE.js.map +1 -0
  86. package/dist/chunk-KC2GDBLS.cjs +84 -0
  87. package/dist/chunk-KC2GDBLS.cjs.map +1 -0
  88. package/dist/{chunk-QUW2RZTM.cjs → chunk-L46ROHUS.cjs} +51 -7
  89. package/dist/chunk-L46ROHUS.cjs.map +1 -0
  90. package/dist/chunk-L4EZKIEX.js +185 -0
  91. package/dist/chunk-L4EZKIEX.js.map +1 -0
  92. package/dist/{chunk-REK7AYOC.js → chunk-L5UKKZQN.js} +199 -32
  93. package/dist/chunk-L5UKKZQN.js.map +1 -0
  94. package/dist/chunk-NKPKR5BW.cjs +188 -0
  95. package/dist/chunk-NKPKR5BW.cjs.map +1 -0
  96. package/dist/chunk-NWUEVLQT.cjs +99 -0
  97. package/dist/chunk-NWUEVLQT.cjs.map +1 -0
  98. package/dist/{chunk-3AJE4SEG.js → chunk-OHC6UHFY.js} +208 -76
  99. package/dist/chunk-OHC6UHFY.js.map +1 -0
  100. package/dist/chunk-PHJRNPHY.cjs +3291 -0
  101. package/dist/chunk-PHJRNPHY.cjs.map +1 -0
  102. package/dist/{chunk-DXHRBMGB.js → chunk-PQ72Z6WC.js} +67 -112
  103. package/dist/chunk-PQ72Z6WC.js.map +1 -0
  104. package/dist/{chunk-K7JPTH3G.cjs → chunk-PV2I2KMI.cjs} +214 -82
  105. package/dist/chunk-PV2I2KMI.cjs.map +1 -0
  106. package/dist/{chunk-PDYFVNUX.cjs → chunk-Q23GAMLE.cjs} +71 -116
  107. package/dist/chunk-Q23GAMLE.cjs.map +1 -0
  108. package/dist/{chunk-H727JIG7.js → chunk-Q72BOAPK.js} +16 -8
  109. package/dist/chunk-Q72BOAPK.js.map +1 -0
  110. package/dist/{chunk-IBG6V56E.cjs → chunk-QFLB4EIJ.cjs} +2 -139
  111. package/dist/chunk-QFLB4EIJ.cjs.map +1 -0
  112. package/dist/{chunk-2KVHZE6O.cjs → chunk-RFFSZSCL.cjs} +282 -190
  113. package/dist/chunk-RFFSZSCL.cjs.map +1 -0
  114. package/dist/{chunk-V3LKPM3O.cjs → chunk-SHTTJMLT.cjs} +4 -2
  115. package/dist/chunk-SHTTJMLT.cjs.map +1 -0
  116. package/dist/{chunk-WOWUL7ZY.js → chunk-UUDTPZX6.js} +5 -4
  117. package/dist/chunk-UUDTPZX6.js.map +1 -0
  118. package/dist/{chunk-QPPDLRNR.js → chunk-V7KZQIZ6.js} +277 -185
  119. package/dist/chunk-V7KZQIZ6.js.map +1 -0
  120. package/dist/{chunk-3ZFYL34R.js → chunk-WXVB364T.js} +12 -185
  121. package/dist/chunk-WXVB364T.js.map +1 -0
  122. package/dist/chunk-XEB7PH2E.js +81 -0
  123. package/dist/chunk-XEB7PH2E.js.map +1 -0
  124. package/dist/{chunk-IA6AU5PI.cjs → chunk-Y7AQK4R4.cjs} +94 -10
  125. package/dist/chunk-Y7AQK4R4.cjs.map +1 -0
  126. package/dist/chunk-YFAVQQTU.js +92 -0
  127. package/dist/chunk-YFAVQQTU.js.map +1 -0
  128. package/dist/cli/index.cjs +6 -6
  129. package/dist/cli/index.cjs.map +1 -1
  130. package/dist/cli/index.js +6 -6
  131. package/dist/cli/index.js.map +1 -1
  132. package/dist/client.cjs +4 -4
  133. package/dist/client.d.cts +3 -3
  134. package/dist/client.d.ts +3 -3
  135. package/dist/client.js +2 -2
  136. package/dist/drizzle/index.cjs +15 -14
  137. package/dist/drizzle/index.d.cts +10 -14
  138. package/dist/drizzle/index.d.ts +10 -14
  139. package/dist/drizzle/index.js +6 -5
  140. package/dist/fields/index.cjs +22 -38
  141. package/dist/fields/index.d.cts +2 -22
  142. package/dist/fields/index.d.ts +2 -22
  143. package/dist/fields/index.js +2 -2
  144. package/dist/graphql/index.cjs +6 -5
  145. package/dist/graphql/index.d.cts +5 -3
  146. package/dist/graphql/index.d.ts +5 -3
  147. package/dist/graphql/index.js +4 -3
  148. package/dist/index-BKta3cBH.d.cts +277 -0
  149. package/dist/index-ClOqnkTO.d.ts +277 -0
  150. package/dist/index.cjs +310 -168
  151. package/dist/index.cjs.map +1 -1
  152. package/dist/index.d.cts +130 -211
  153. package/dist/index.d.ts +130 -211
  154. package/dist/index.js +174 -35
  155. package/dist/index.js.map +1 -1
  156. package/dist/integration.cjs +3 -3
  157. package/dist/integration.js +2 -2
  158. package/dist/media-7WDX4BDJ.js +4 -0
  159. package/dist/{media-GPPTZ43E.js.map → media-7WDX4BDJ.js.map} +1 -1
  160. package/dist/{media-XNTUFJZR.cjs → media-TUSLVRQ6.cjs} +3 -3
  161. package/dist/{media-XNTUFJZR.cjs.map → media-TUSLVRQ6.cjs.map} +1 -1
  162. package/dist/mongo-auth-adapter-GT4S7SCU.cjs +17 -0
  163. package/dist/{mongo-auth-adapter-NHHUJHVH.cjs.map → mongo-auth-adapter-GT4S7SCU.cjs.map} +1 -1
  164. package/dist/mongo-auth-adapter-M7VV4LNB.js +4 -0
  165. package/dist/{mongo-auth-adapter-NJQUUCTP.js.map → mongo-auth-adapter-M7VV4LNB.js.map} +1 -1
  166. package/dist/mongodb/index.cjs +9 -8
  167. package/dist/mongodb/index.d.cts +6 -13
  168. package/dist/mongodb/index.d.ts +6 -13
  169. package/dist/mongodb/index.js +5 -4
  170. package/dist/postgres-auth-adapter-AFAPISH7.js +5 -0
  171. package/dist/{postgres-auth-adapter-3T2NKTSE.js.map → postgres-auth-adapter-AFAPISH7.js.map} +1 -1
  172. package/dist/postgres-auth-adapter-SFDTLONT.cjs +14 -0
  173. package/dist/{postgres-auth-adapter-7IEENCKQ.cjs.map → postgres-auth-adapter-SFDTLONT.cjs.map} +1 -1
  174. package/dist/redis-adapter-UQX4EE3B.cjs +13 -0
  175. package/dist/{redis-adapter-D2E2S3GB.cjs.map → redis-adapter-UQX4EE3B.cjs.map} +1 -1
  176. package/dist/redis-adapter-XALOGWY3.js +4 -0
  177. package/dist/{redis-adapter-VQXD7ESY.js.map → redis-adapter-XALOGWY3.js.map} +1 -1
  178. package/dist/rest/index.cjs +16 -15
  179. package/dist/rest/index.d.cts +4 -4
  180. package/dist/rest/index.d.ts +4 -4
  181. package/dist/rest/index.js +14 -13
  182. package/dist/{schema-37SE2F4B.cjs → schema-6QL3USNB.cjs} +15 -15
  183. package/dist/{schema-37SE2F4B.cjs.map → schema-6QL3USNB.cjs.map} +1 -1
  184. package/dist/{schema-5PHL5IVB.js → schema-FNNWEAAW.js} +4 -4
  185. package/dist/{schema-5PHL5IVB.js.map → schema-FNNWEAAW.js.map} +1 -1
  186. package/dist/sqlite-adapter-AQB5TCGV.cjs +13 -0
  187. package/dist/{sqlite-adapter-LVK5PS4T.cjs.map → sqlite-adapter-AQB5TCGV.cjs.map} +1 -1
  188. package/dist/sqlite-adapter-N5H6IM2X.js +4 -0
  189. package/dist/{sqlite-adapter-TR3U3W6Q.js.map → sqlite-adapter-N5H6IM2X.js.map} +1 -1
  190. package/dist/templates/index.cjs +134 -32
  191. package/dist/templates/index.d.cts +52 -9
  192. package/dist/templates/index.d.ts +52 -9
  193. package/dist/templates/index.js +4 -2
  194. package/dist/trpc/index.cjs +14 -13
  195. package/dist/trpc/index.d.cts +55 -49
  196. package/dist/trpc/index.d.ts +55 -49
  197. package/dist/trpc/index.js +5 -4
  198. package/dist/{types-D6ZLRGbH.d.cts → types-CpjuXbe7.d.cts} +2 -0
  199. package/dist/{types-D6ZLRGbH.d.ts → types-CpjuXbe7.d.ts} +2 -0
  200. package/dist/{types-VtjUxIMp.d.cts → types-DeSApf9T.d.cts} +36 -14
  201. package/dist/{types-VtjUxIMp.d.ts → types-DeSApf9T.d.ts} +36 -14
  202. package/dist/{types-J3R9nVsZ.d.cts → types-Dgzlftb7.d.ts} +32 -28
  203. package/dist/{types-Bs1up4yP.d.ts → types-Ds0tCA3L.d.cts} +32 -28
  204. package/dist/ws/index.cjs +6 -6
  205. package/dist/ws/index.js +2 -2
  206. package/package.json +22 -4
  207. package/dist/bootstrap-AKAUP6F6.cjs +0 -32
  208. package/dist/bootstrap-JCML6NFO.js +0 -7
  209. package/dist/chunk-2KVHZE6O.cjs.map +0 -1
  210. package/dist/chunk-2OL4O2TH.cjs.map +0 -1
  211. package/dist/chunk-35U3FROB.js.map +0 -1
  212. package/dist/chunk-3AJE4SEG.js.map +0 -1
  213. package/dist/chunk-3J4MFTI3.js +0 -3872
  214. package/dist/chunk-3J4MFTI3.js.map +0 -1
  215. package/dist/chunk-3TPQ2BU6.js.map +0 -1
  216. package/dist/chunk-3ZFYL34R.js.map +0 -1
  217. package/dist/chunk-4DA7QPLA.cjs.map +0 -1
  218. package/dist/chunk-57P6MJKC.js.map +0 -1
  219. package/dist/chunk-5KVM3WEY.cjs.map +0 -1
  220. package/dist/chunk-6IMPH6WV.cjs +0 -3897
  221. package/dist/chunk-6IMPH6WV.cjs.map +0 -1
  222. package/dist/chunk-ATBOUGQP.cjs +0 -513
  223. package/dist/chunk-ATBOUGQP.cjs.map +0 -1
  224. package/dist/chunk-DVD5P72E.cjs.map +0 -1
  225. package/dist/chunk-DXHRBMGB.js.map +0 -1
  226. package/dist/chunk-ES5HNFFT.js.map +0 -1
  227. package/dist/chunk-FXYP2HA6.js.map +0 -1
  228. package/dist/chunk-H727JIG7.js.map +0 -1
  229. package/dist/chunk-HXRD4B37.js.map +0 -1
  230. package/dist/chunk-I7HHI6QV.cjs.map +0 -1
  231. package/dist/chunk-IA6AU5PI.cjs.map +0 -1
  232. package/dist/chunk-IBG6V56E.cjs.map +0 -1
  233. package/dist/chunk-K7JPTH3G.cjs.map +0 -1
  234. package/dist/chunk-LINKCEG4.cjs.map +0 -1
  235. package/dist/chunk-OHVB4AJ7.js.map +0 -1
  236. package/dist/chunk-PDYFVNUX.cjs.map +0 -1
  237. package/dist/chunk-Q23JB3KL.js +0 -488
  238. package/dist/chunk-Q23JB3KL.js.map +0 -1
  239. package/dist/chunk-QPPDLRNR.js.map +0 -1
  240. package/dist/chunk-QUW2RZTM.cjs.map +0 -1
  241. package/dist/chunk-QXIQWPAP.js.map +0 -1
  242. package/dist/chunk-R3XIBBAW.cjs +0 -34
  243. package/dist/chunk-R3XIBBAW.cjs.map +0 -1
  244. package/dist/chunk-REK7AYOC.js.map +0 -1
  245. package/dist/chunk-SA7NSSIQ.cjs.map +0 -1
  246. package/dist/chunk-SDMNUYVU.js +0 -30
  247. package/dist/chunk-SDMNUYVU.js.map +0 -1
  248. package/dist/chunk-V3LKPM3O.cjs.map +0 -1
  249. package/dist/chunk-VJT6P4N6.cjs.map +0 -1
  250. package/dist/chunk-WOWUL7ZY.js.map +0 -1
  251. package/dist/chunk-WQBRWOQT.cjs.map +0 -1
  252. package/dist/chunk-Y3N7UUDO.js.map +0 -1
  253. package/dist/chunk-Y3QQN7PN.js.map +0 -1
  254. package/dist/chunk-YVUJBEXE.cjs.map +0 -1
  255. package/dist/index-CLp-DRKA.d.ts +0 -64
  256. package/dist/index-DfO7G4kN.d.cts +0 -64
  257. package/dist/media-GPPTZ43E.js +0 -4
  258. package/dist/mongo-auth-adapter-NHHUJHVH.cjs +0 -17
  259. package/dist/mongo-auth-adapter-NJQUUCTP.js +0 -4
  260. package/dist/postgres-auth-adapter-3T2NKTSE.js +0 -5
  261. package/dist/postgres-auth-adapter-7IEENCKQ.cjs +0 -14
  262. package/dist/redis-adapter-D2E2S3GB.cjs +0 -13
  263. package/dist/redis-adapter-VQXD7ESY.js +0 -4
  264. package/dist/sqlite-adapter-LVK5PS4T.cjs +0 -13
  265. package/dist/sqlite-adapter-TR3U3W6Q.js +0 -4
package/dist/chunk-CF7OL6HR.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/auth/redis-adapter.ts"],"names":[],"mappings":";;;;AAiBA,IAAM,cAAA,GAAiB,YAAA;AACvB,IAAM,wBAAA,GAA2B,KAAA;AACjC,IAAM,0BAAA,GAA6B,MAAA;AAE5B,IAAM,mBAAN,MAA8C;AAAA,EAC3C,MAAA,GAAuB,IAAA;AAAA,EACvB,MAAA;AAAA,EACA,eAAA;AAAA,EACA,iBAAA;AAAA,EACA,OAAA;AAAA,EAER,WAAA,CAAY,OAAA,GAAmC,EAAC,EAAG;AACjD,IAAA,IAAA,CAAK,OAAA,GAAU,OAAA;AACf,IAAA,IAAA,CAAK,MAAA,GAAS,QAAQ,SAAA,IAAa,cAAA;AACnC,IAAA,IAAA,CAAK,eAAA,GAAkB,QAAQ,eAAA,IAAmB,wBAAA;AAClD,IAAA,IAAA,CAAK,iBAAA,GACH,QAAQ,sBAAA,IAA0B,0BAAA;AAAA,EACtC;AAAA,EAEA,MAAc,QAAA,GAA2B;AACvC,IAAA,IAAI,CAAC,KAAK,MAAA,EAAQ;AAChB,MAAA,MAAM,EAAE,KAAA,EAAO,UAAA,EAAW,GAAI,MAAM,OAAO,SAAS,CAAA;AACpD,MAAA,MAAM,GAAA,GACJ,IAAA,CAAK,OAAA,CAAQ,GAAA,IACb,CAAA,QAAA,EAAW,IAAA,CAAK,OAAA,CAAQ,IAAA,IAAQ,WAAW,CAAA,CAAA,EAAI,IAAA,CAAK,OAAA,CAAQ,QAAQ,IAAI,CAAA,CAAA;AAC1E,MAAA,IAAA,CAAK,MAAA,GAAS,IAAI,UAAA,CAAW,GAAA,EAAK;AAAA,QAChC,QAAA,EAAU,KAAK,OAAA,CAAQ,QAAA;AAAA,QACvB,EAAA,EAAI,KAAK,OAAA,CAAQ,EAAA;AAAA,QACjB,WAAA,EAAa,IAAA;AAAA,QACb,GAAA,EAAK,IAAA,CAAK,OAAA,CAAQ,GAAA,GAAM,EAAC,GAAI;AAAA,OAC9B,CAAA;AAAA,IACH;AACA,IAAA,OAAO,IAAA,CAAK,MAAA;AAAA,EACd;AAAA,EAEA,MAAM,OAAA,GAAyB;AAC7B,IAAA,MAAM,KAAK,QAAA,EAAS;AAAA,EACtB;AAAA,EAEA,MAAM,UAAA,GAA4B;AAChC,IAAA,MAAA,CAAO,MAAM,IAAA,CAAK,QAAA,EAAS,EAAG,IAAA,EAAK;AAAA,EACrC;AAAA,EAEQ,QAAQ,MAAA,EAAwB;AACtC,IAAA,OAAO,CAAA,EAAG,IAAA,CAAK,MAAM,CAAA,MAAA,EAAS,MAAM,CAAA,CAAA;AAAA,EACtC;AAAA,EAEQ,WAAW,SAAA,EAA2B;AAC5C,IAAA,OAAO,CAAA,EAAG,IAAA,CAAK,MAAM,CAAA,SAAA,EAAY,SAAS,CAAA,CAAA;AAAA,EAC5C;AAAA,EAEQ,WAAW,KAAA,EAAuB;AACxC,IAAA,OAAO,CAAA,EAAG,IAAA,CAAK,MAAM,CAAA,QAAA,EAAW,KAAK,CAAA,CAAA;AAAA,EACvC;AAAA,EAEQ,eAAe,KAAA,EAAuB;AAC5C,IAAA,OAAO,GAAG,IAAA,CAAK,MAAM,CAAA,YAAA,EAAe,KAAA,CAAM,aAAa,CAAA,CAAA;AAAA,EACzD;AAAA,EAEQ,mBAAmB,MAAA,EAAwB;AACjD,IAAA,OAAO,CAAA,EAAG,IAAA,CAAK,MAAM,CAAA,MAAA,EAAS,MAAM,CAAA,iBAAA,CAAA;AAAA,EACtC;AAAA,EAEA,MAAM,WAAW,IAAA,EAKK;AACpB,IAAA,MAAM,MAAA,GAAS,WAAA,CAAY,EAAE,CAAA,CAAE,SAAS,KAAK,CAAA;AAC7C,IAAA,MAAM,GAAA,GAAA,iBAAM,IAAI,IAAA,EAAK,EAAE,WAAA,EAAY;AACnC,IAAA,MAAM,YAAA,GAAe,MAAM,IAAA,CAAK,YAAA,CAAa,KAAK,QAAQ,CAAA;AAE1D,IAAA,MAAM,IAAA,GAAiB;AAAA,MACrB,EAAA,EAAI,MAAA;AAAA,MACJ,KAAA,EAAO,IAAA,CAAK,KAAA,CAAM,WAAA,EAAY;AAAA,MAC9B,YAAA;AAAA,MACA,IAAA,EAAO,KAAK,IAAA,IAAQ,UAAA;AAAA,MACpB,UAAU,IAAA,CAAK,QAAA;AAAA,MACf,SAAA,EAAW,GAAA;AAAA,MACX,SAAA,EAAW;AAAA,KACb;AAEA,IAAA,MAAM,QAAA,GAAA,CAAY,MAAM,IAAA,CAAK,QAAA,IAAY,QAAA,EAAS;AAElD,IAAA,QAAA,CAAS,IAAA,CAAK,KAAK,OAAA,CAAQ,MAAM,GAAG,IAAA,CAAK,UAAA,CAAW,IAAI,CAAC,CAAA;AACzD,IAAA,QAAA,CAAS,IAAI,IAAA,CAAK,cAAA,CAAe,IAAA,CAAK,KAAK,GAAG,MAAM,CAAA;AAEpD,IAAA,MAAM,SAAS,IAAA,EAAK;AAEpB,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,gBAAgB,KAAA,EAAyC;AAC7D,IAAA,MAAM,MAAA,GAAS,MAAA,CACb,MAAM,IAAA,CAAK,QAAA,EAAS,EACpB,GAAA,CAAI,IAAA,CAAK,cAAA,CAAe,KAAA,CAAM,WAAA,EAAa,CAAC,CAAA;AAC9C,IAAA,IAAI,CAAC,QAAQ,OAAO,IAAA;AACpB,IAAA,OAAO,IAAA,CAAK,aAAa,MAAM,CAAA;AAAA,EACjC;AAAA,EAEA,MAAM,aAAa,MAAA,EAA0C;AAC3D,IAAA,MAAM,IAAA,GAAO,MAAA,CAAO,MAAM,IAAA,CAAK,QAAA,IAAY,OAAA,CAAQ,IAAA,CAAK,OAAA,CAAQ,MAAM,CAAC,CAAA;AACvE,IAAA,IAAI,CAAC,QAAQ,MAAA,CAAO,IAAA,CAAK,IAAI,CAAA,CAAE,MAAA,KAAW,GAAG,OAAO,IAAA;AACpD,IAAA,OAAO,IAAA,CAAK,WAAW,IAAI,CAAA;AAAA,EAC7B;AAAA,EAEA,MAAM,UAAA,CACJ,MAAA,EACA,IAAA,EAC0B;AAC1B,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,YAAA,CAAa,MAAM,CAAA;AAC/C,IAAA,IAAI,CAAC,UAAU,OAAO,IAAA;AAEtB,IAAA,MAAM,OAAA,GAAoB;AAAA,MACxB,GAAG,QAAA;AAAA,MACH,GAAG,IAAA;AAAA,MACH,EAAA,EAAI,MAAA;AAAA,MACJ,SAAA,EAAA,iBAAW,IAAI,IAAA,EAAK,EAAE,WAAA;AAAY,KACpC;AAEA,IAAA,IAAI,IAAA,CAAK,KAAA,IAAS,IAAA,CAAK,KAAA,KAAU,SAAS,KAAA,EAAO;AAC/C,MAAA,MAAM,QAAA,GAAA,CAAY,MAAM,IAAA,CAAK,QAAA,IAAY,QAAA,EAAS;AAClD,MAAA,QAAA,CAAS,GAAA,CAAI,IAAA,CAAK,cAAA,CAAe,QAAA,CAAS,KAAK,CAAC,CAAA;AAChD,MAAA,QAAA,CAAS,IAAI,IAAA,CAAK,cAAA,CAAe,IAAA,CAAK,KAAK,GAAG,MAAM,CAAA;AACpD,MAAA,MAAM,SAAS,IAAA,EAAK;AAAA,IACtB;AAEA,IAAA,MAAA,CACE,MAAM,IAAA,CAAK,QAAA,EAAS,EACpB,IAAA,CAAK,IAAA,CAAK,OAAA,CAAQ,MAAM,CAAA,EAAG,IAAA,CAAK,UAAA,CAAW,OAAO,CAAC,CAAA;AACrD,IAAA,OAAO,OAAA;AAAA,EACT;AAAA,EAEA,MAAM,WAAW,MAAA,EAAkC;AACjD,IAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,YAAA,CAAa,MAAM,CAAA;AAC3C,IAAA,IAAI,CAAC,MAAM,OAAO,KAAA;AAElB,IAAA,MAAM,QAAA,GAAA,CAAY,MAAM,IAAA,CAAK,QAAA,IAAY,QAAA,EAAS;AAClD,IAAA,QAAA,CAAS,GAAA,CAAI,IAAA,CAAK,OAAA,CAAQ,MAAM,CAAC,CAAA;AACjC,IAAA,QAAA,CAAS,GAAA,CAAI,IAAA,CAAK,cAAA,CAAe,IAAA,CAAK,KAAK,CAAC,CAAA;AAC5C,IAAA,QAAA,CAAS,GAAA,CAAI,IAAA,CAAK,kBAAA,CAAmB,MAAM,CAAC,CAAA;AAC5C,IAAA,MAAM,SAAS,IAAA,EAAK;AAEpB,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,aAAa,QAAA,EAAmC;AACpD,IAAA,OAAO,MAAA,CAAO,IAAA,CAAK,QAAA,EAAU,EAAE,CAAA;AAAA,EACjC;AAAA,EAEA,MAAM,cAAA,CACJ,KAAA,EACA,QAAA,EAC0B;AAC1B,IAAA,MAAM,MAAA,GAAS,MAAA,CACb,MAAM,IAAA,CAAK,QAAA,IACX,GAAA,CAAI,IAAA,CAAK,cAAA,CAAe,KAAK,CAAC,CAAA;AAChC,IAAA,IAAI,CAAC,QAAQ,OAAO,IAAA;AACpB,IAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,YAAA,CAAa,MAAM,CAAA;AAC3C,IAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,IAAA,CAAK,cAAc,OAAO,IAAA;AACxC,IAAA,MAAM,QAAQ,MAAM,MAAA,CAAO,OAAA,CAAQ,QAAA,EAAU,KAAK,YAAY,CAAA;AAC9D,IAAA,OAAO,QAAQ,IAAA,GAAO,IAAA;AAAA,EACxB;AAAA,EAEA,MAAM,aAAA,CACJ,MAAA,EACA,IAAA,GAGI,EAAC,EACa;AAClB,IAAA,MAAM,SAAA,GAAY,WAAA,CAAY,EAAE,CAAA,CAAE,SAAS,KAAK,CAAA;AAChD,IAAA,MAAM,KAAA,GAAQ,WAAA,CAAY,EAAE,CAAA,CAAE,SAAS,WAAW,CAAA;AAClD,IAAA,MAAM,YAAA,GAAe,WAAA,CAAY,EAAE,CAAA,CAAE,SAAS,WAAW,CAAA;AACzD,IAAA,MAAM,GAAA,uBAAU,IAAA,EAAK;AAErB,IAAA,MAAM,OAAA,GAAmB;AAAA,MACvB,EAAA,EAAI,SAAA;AAAA,MACJ,MAAA;AAAA,MACA,KAAA;AAAA,MACA,YAAA;AAAA,MACA,WAAW,IAAI,IAAA;AAAA,QACb,GAAA,CAAI,OAAA,EAAQ,GAAI,IAAA,CAAK,eAAA,GAAkB;AAAA,QACvC,WAAA,EAAY;AAAA,MACd,SAAA,EAAW,IAAI,WAAA,EAAY;AAAA,MAC3B,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,WAAW,IAAA,CAAK;AAAA,KAClB;AAEA,IAAA,MAAM,QAAA,GAAA,CAAY,MAAM,IAAA,CAAK,QAAA,IAAY,QAAA,EAAS;AAElD,IAAA,QAAA,CAAS,IAAA,CAAK,KAAK,UAAA,CAAW,SAAS,GAAG,IAAA,CAAK,aAAA,CAAc,OAAO,CAAC,CAAA;AACrE,IAAA,QAAA,CAAS,KAAA;AAAA,MACP,IAAA,CAAK,WAAW,YAAY,CAAA;AAAA,MAC5B,IAAA,CAAK,iBAAA;AAAA,MACL;AAAA,KACF;AAEA,IAAA,MAAM,SAAS,IAAA,EAAK;AAEpB,IAAA,OAAO,OAAA;AAAA,EACT;AAAA,EAEA,MAAM,mBAAmB,KAAA,EAAwC;AAC/D,IAAA,MAAM,IAAA,GAAO,MAAA,CAAO,MAAM,IAAA,CAAK,QAAA,IAAY,OAAA,CAAQ,IAAA,CAAK,UAAA,CAAW,KAAK,CAAC,CAAA;AACzE,IAAA,IAAI,CAAC,QAAQ,MAAA,CAAO,IAAA,CAAK,IAAI,CAAA,CAAE,MAAA,KAAW,GAAG,OAAO,IAAA;AACpD,IAAA,OAAO,IAAA,CAAK,cAAc,IAAI,CAAA;AAAA,EAChC;AAAA,EAEA,MAAM,0BACJ,YAAA,EACyB;AACzB,IAAA,MAAM,SAAA,GAAY,MAAA,CAChB,MAAM,IAAA,CAAK,QAAA,IACX,GAAA,CAAI,IAAA,CAAK,UAAA,CAAW,YAAY,CAAC,CAAA;AACnC,IAAA,IAAI,CAAC,WAAW,OAAO,IAAA;AACvB,IAAA,MAAM,IAAA,GAAO,MAAA,CACX,MAAM,IAAA,CAAK,QAAA,IACX,OAAA,CAAQ,IAAA,CAAK,UAAA,CAAW,SAAS,CAAC,CAAA;AACpC,IAAA,IAAI,CAAC,QAAQ,MAAA,CAAO,IAAA,CAAK,IAAI,CAAA,CAAE,MAAA,KAAW,GAAG,OAAO,IAAA;AACpD,IAAA,OAAO,IAAA,CAAK,cAAc,IAAI,CAAA;AAAA,EAChC;AAAA,EAEA,MAAM,cAAc,SAAA,EAAqC;AACvD,IAAA,MAAM,OAAA,GAAU,MAAA,CACd,MAAM,IAAA,CAAK,QAAA,IACX,OAAA,CAAQ,IAAA,CAAK,UAAA,CAAW,SAAS,CAAC,CAAA;AACpC,IAAA,IAAI,CAAC,WAAW,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,MAAA,KAAW,GAAG,OAAO,KAAA;AAE1D,IAAA,MAAM,QAAA,GAAA,CAAY,MAAM,IAAA,CAAK,QAAA,IAAY,QAAA,EAAS;AAClD,IAAA,QAAA,CAAS,GAAA,CAAI,IAAA,CAAK,UAAA,CAAW,SAAS,CAAC,CAAA;AACvC,IAAA,IAAI,QAAQ,YAAA,EAAc;AACxB,MAAA,QAAA,CAAS,GAAA,CAAI,IAAA,CAAK,UAAA,CAAW,OAAA,CAAQ,YAAY,CAAC,CAAA;AAAA,IACpD;AACA,IAAA,MAAM,SAAS,IAAA,EAAK;AAEpB,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,mBAAmB,MAAA,EAAiC;AACxD,IAAA,MAAM,OAAA,GAAU,CAAA,EAAG,IAAA,CAAK,MAAM,CAAA,UAAA,CAAA;AAC9B,IAAA,IAAI,MAAA,GAAS,GAAA;AACb,IAAA,IAAI,OAAA,GAAU,CAAA;AAEd,IAAA,GAAG;AACD,MAAA,MAAM,CAAC,UAAA,EAAY,IAAI,CAAA,GAAI,OACzB,MAAM,IAAA,CAAK,QAAA,EAAS,EACpB,IAAA,CAAK,MAAA,EAAQ,OAAA,EAAS,OAAA,EAAS,SAAS,GAAG,CAAA;AAC7C,MAAA,MAAA,GAAS,UAAA;AAET,MAAA,KAAA,MAAW,OAAO,IAAA,EAAM;AACtB,QAAA,MAAM,cAAc,MAAA,CAAO,MAAM,KAAK,QAAA,EAAS,EAAG,QAAQ,GAAG,CAAA;AAC7D,QAAA,IAAI,WAAA,CAAY,WAAW,MAAA,EAAQ;AACjC,UAAA,MAAM,YAAY,GAAA,CAAI,OAAA,CAAQ,GAAG,IAAA,CAAK,MAAM,aAAa,EAAE,CAAA;AAC3D,UAAA,MAAM,IAAA,CAAK,cAAc,SAAS,CAAA;AAClC,UAAA,OAAA,EAAA;AAAA,QACF;AAAA,MACF;AAAA,IACF,SAAS,MAAA,KAAW,GAAA;AAEpB,IAAA,OAAO,OAAA;AAAA,EACT;AAAA,EAEA,MAAM,oBAAA,CACJ,MAAA,EACA,YAAA,EACe;AACf,IAAA,MAAA,CACE,MAAM,KAAK,QAAA,EAAS,EACpB,MAAM,IAAA,CAAK,kBAAA,CAAmB,MAAM,CAAA,EAAG,YAAY,CAAA;AACrD,IAAA,MAAA,CAAO,MAAM,IAAA,CAAK,QAAA,EAAS,EAAG,KAAA,CAAM,KAAK,kBAAA,CAAmB,MAAM,CAAA,EAAG,CAAA,EAAG,CAAC,CAAA;AAAA,EAC3E;AAAA,EAEA,MAAM,kBAAA,CACJ,MAAA,EACA,KAAA,GAAgB,CAAA,EACG;AACnB,IAAA,OAAA,CAAQ,MAAM,IAAA,CAAK,QAAA,EAAS,EAAG,MAAA;AAAA,MAC7B,IAAA,CAAK,mBAAmB,MAAM,CAAA;AAAA,MAC9B,CAAA;AAAA,MACA,KAAA,GAAQ;AAAA,KACV;AAAA,EACF;AAAA,EAEA,MAAM,mBAAA,CACJ,QAAA,EACA,MAAA,EACA,eAAuB,CAAA,EACL;AAClB,IAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,kBAAA,CAAmB,QAAQ,YAAY,CAAA;AAElE,IAAA,KAAA,MAAW,QAAQ,OAAA,EAAS;AAC1B,MAAA,IAAI,MAAM,MAAA,CAAO,OAAA,CAAQ,QAAA,EAAU,IAAI,CAAA,EAAG;AACxC,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF;AAEA,IAAA,OAAO,KAAA;AAAA,EACT;AAAA,EAEQ,WAAW,IAAA,EAAwC;AACzD,IAAA,MAAM,IAAA,GAA+B;AAAA,MACnC,IAAI,IAAA,CAAK,EAAA;AAAA,MACT,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,YAAA,EAAc,KAAK,YAAA,IAAgB,EAAA;AAAA,MACnC,MAAM,IAAA,CAAK,IAAA;AAAA,MACX,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,WAAW,IAAA,CAAK;AAAA,KAClB;AAEA,IAAA,IAAI,IAAA,CAAK,MAAA,EAAQ,IAAA,CAAK,MAAA,GAAS,IAAA,CAAK,MAAA;AACpC,IAAA,IAAI,IAAA,CAAK,QAAA,EAAU,IAAA,CAAK,QAAA,GAAW,IAAA,CAAK,QAAA;AACxC,IAAA,IAAI,KAAK,aAAA,KAAkB,MAAA;AACzB,MAAA,IAAA,CAAK,aAAA,GAAgB,MAAA,CAAO,IAAA,CAAK,aAAa,CAAA;AAChD,IAAA,IAAI,KAAK,MAAA,KAAW,MAAA,OAAgB,MAAA,GAAS,MAAA,CAAO,KAAK,MAAM,CAAA;AAC/D,IAAA,IAAI,IAAA,CAAK,SAAA,EAAW,IAAA,CAAK,SAAA,GAAY,IAAA,CAAK,SAAA;AAC1C,IAAA,IAAI,KAAK,mBAAA,KAAwB,MAAA;AAC/B,MAAA,IAAA,CAAK,mBAAA,GAAsB,MAAA,CAAO,IAAA,CAAK,mBAAmB,CAAA;AAE5D,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEQ,WAAW,IAAA,EAAwC;AACzD,IAAA,OAAO;AAAA,MACL,IAAI,IAAA,CAAK,EAAA;AAAA,MACT,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,cAAc,IAAA,CAAK,YAAA;AAAA,MACnB,MAAM,IAAA,CAAK,IAAA;AAAA,MACX,UAAU,IAAA,CAAK,QAAA;AAAA,MACf,QAAQ,IAAA,CAAK,MAAA;AAAA,MACb,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,aAAA,EAAe,KAAK,aAAA,KAAkB,MAAA;AAAA,MACtC,MAAA,EAAQ,KAAK,MAAA,KAAW,MAAA;AAAA,MACxB,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,qBAAqB,IAAA,CAAK,mBAAA,GACtB,SAAS,IAAA,CAAK,mBAAA,EAAqB,EAAE,CAAA,GACrC;AAAA,KACN;AAAA,EACF;AAAA,EAEQ,cAAc,OAAA,EAA0C;AAC9D,IAAA,MAAM,IAAA,GAA+B;AAAA,MACnC,IAAI,OAAA,CAAQ,EAAA;AAAA,MACZ,QAAQ,OAAA,CAAQ,MAAA;AAAA,MAChB,OAAO,OAAA,CAAQ,KAAA;AAAA,MACf,WAAW,OAAA,CAAQ,SAAA;AAAA,MACnB,WAAW,OAAA,CAAQ;AAAA,KACrB;AAEA,IAAA,IAAI,OAAA,CAAQ,YAAA,EAAc,IAAA,CAAK,YAAA,GAAe,OAAA,CAAQ,YAAA;AACtD,IAAA,IAAI,OAAA,CAAQ,SAAA,EAAW,IAAA,CAAK,SAAA,GAAY,OAAA,CAAQ,SAAA;AAChD,IAAA,IAAI,OAAA,CAAQ,SAAA,EAAW,IAAA,CAAK,SAAA,GAAY,OAAA,CAAQ,SAAA;AAEhD,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEQ,cAAc,IAAA,EAAuC;AAC3D,IAAA,OAAO;AAAA,MACL,IAAI,IAAA,CAAK,EAAA;AAAA,MACT,QAAQ,IAAA,CAAK,MAAA;AAAA,MACb,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,cAAc,IAAA,CAAK,YAAA;AAAA,MACnB,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,WAAW,IAAA,CAAK;AAAA,KAClB;AAAA,EACF;AAAA,EAEQ,QAAA,CAAS,WAAmB,KAAA,EAAuB;AACzD,IAAA,OAAO,GAAG,IAAA,CAAK,MAAM,CAAA,OAAA,EAAU,SAAS,IAAI,KAAK,CAAA,CAAA;AAAA,EACnD;AAAA,EAEA,MAAM,6BAA6B,MAAA,EAA6D;AAC9F,IAAA,MAAM,KAAA,GAAQ,WAAA,CAAY,EAAE,CAAA,CAAE,SAAS,KAAK,CAAA;AAC5C,IAAA,MAAM,SAAA,GAAY,IAAI,IAAA,CAAK,IAAA,CAAK,KAAI,GAAI,EAAA,GAAK,EAAA,GAAK,EAAA,GAAK,GAAI,CAAA;AAC3D,IAAA,MAAM,KAAA,GAAQ,MAAM,IAAA,CAAK,QAAA,EAAS;AAClC,IAAA,MAAM,KAAA,CAAM,MAAM,IAAA,CAAK,QAAA,CAAS,gBAAgB,KAAK,CAAA,EAAG,OAAO,MAAM,CAAA;AACrE,IAAA,OAAO,EAAE,OAAO,SAAA,EAAU;AAAA,EAC5B;AAAA,EAEA,MAAM,iBAAiB,KAAA,EAA+E;AACpG,IAAA,MAAM,KAAA,GAAQ,MAAM,IAAA,CAAK,QAAA,EAAS;AAClC,IAAA,MAAM,MAAA,GAAS,MAAM,KAAA,CAAM,GAAA,CAAI,KAAK,QAAA,CAAS,cAAA,EAAgB,KAAK,CAAC,CAAA;AACnE,IAAA,IAAI,CAAC,MAAA,EAAQ;AACX,MAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,0BAAA,EAA2B;AAAA,IAC7D;AACA,IAAA,MAAM,MAAM,GAAA,CAAI,IAAA,CAAK,QAAA,CAAS,cAAA,EAAgB,KAAK,CAAC,CAAA;AACpD,IAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,MAAA,EAAO;AAAA,EACjC;AAAA,EAEA,MAAM,yBAAyB,KAAA,EAA4E;AACzG,IAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,eAAA,CAAgB,KAAK,CAAA;AAC7C,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,OAAO,EAAE,OAAO,EAAA,EAAI,SAAA,sBAAe,IAAA,EAAK,EAAG,OAAO,gBAAA,EAAiB;AAAA,IACrE;AACA,IAAA,MAAM,KAAA,GAAQ,WAAA,CAAY,EAAE,CAAA,CAAE,SAAS,KAAK,CAAA;AAC5C,IAAA,MAAM,SAAA,GAAY,IAAI,IAAA,CAAK,IAAA,CAAK,KAAI,GAAI,EAAA,GAAK,KAAK,GAAI,CAAA;AACtD,IAAA,MAAM,KAAA,GAAQ,MAAM,IAAA,CAAK,QAAA,EAAS;AAClC,IAAA,MAAM,KAAA,CAAM,MAAM,IAAA,CAAK,QAAA,CAAS,kBAAkB,KAAK,CAAA,EAAG,IAAA,EAAM,IAAA,CAAK,EAAE,CAAA;AACvE,IAAA,OAAO,EAAE,OAAO,SAAA,EAAU;AAAA,EAC5B;AAAA,EAEA,MAAM,sBAAA,CAAuB,KAAA,EAAe,WAAA,EAAoE;AAC9G,IAAA,MAAM,KAAA,GAAQ,MAAM,IAAA,CAAK,QAAA,EAAS;AAClC,IAAA,MAAM,MAAA,GAAS,MAAM,KAAA,CAAM,GAAA,CAAI,KAAK,QAAA,CAAS,gBAAA,EAAkB,KAAK,CAAC,CAAA;AACrE,IAAA,IAAI,CAAC,MAAA,EAAQ;AACX,MAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,0BAAA,EAA2B;AAAA,IAC7D;AACA,IAAA,MAAM,YAAA,GAAe,MAAM,IAAA,CAAK,YAAA,CAAa,WAAW,CAAA;AACxD,IAAA,MAAM,IAAA,CAAK,UAAA,CAAW,MAAA,EAAQ,EAAE,cAAc,CAAA;AAC9C,IAAA,MAAM,MAAM,GAAA,CAAI,IAAA,CAAK,QAAA,CAAS,gBAAA,EAAkB,KAAK,CAAC,CAAA;AACtD,IAAA,OAAO,EAAE,SAAS,IAAA,EAAK;AAAA,EACzB;AAAA,EAEQ,YAAY,EAAA,EAAoB;AACtC,IAAA,OAAO,CAAA,EAAG,IAAA,CAAK,MAAM,CAAA,WAAA,EAAc,EAAE,CAAA,CAAA;AAAA,EACvC;AAAA,EAEQ,gBAAA,GAA2B;AACjC,IAAA,OAAO,CAAA,EAAG,KAAK,MAAM,CAAA,WAAA,CAAA;AAAA,EACvB;AAAA,EAEA,MAAM,cAAc,MAAA,EAOwB;AAC1C,IAAA,MAAM,EAAE,KAAA,GAAQ,EAAA,EAAI,MAAA,GAAS,GAAE,GAAI,MAAA;AACnC,IAAA,MAAM,QAAA,GAAW,KAAK,gBAAA,EAAiB;AACvC,IAAA,MAAM,MAAA,GAAS,OAAO,MAAM,IAAA,CAAK,UAAS,EAAG,SAAA,CAAU,QAAA,EAAU,CAAA,EAAG,EAAE,CAAA;AACtE,IAAA,MAAM,QAAQ,MAAA,CAAO,MAAA;AAErB,IAAA,MAAM,QAAA,GAAW,MAAA,CAAO,KAAA,CAAM,MAAA,EAAQ,SAAS,KAAK,CAAA;AACpD,IAAA,MAAM,OAAc,EAAC;AAErB,IAAA,KAAA,MAAW,MAAM,QAAA,EAAU;AACzB,MAAA,MAAM,OAAA,GAAU,MAAA,CAAO,MAAM,IAAA,CAAK,QAAA,IAAY,GAAA,CAAI,IAAA,CAAK,WAAA,CAAY,EAAE,CAAC,CAAA;AACtE,MAAA,IAAI,OAAA,EAAS;AACX,QAAA,MAAM,GAAA,GAAM,IAAA,CAAK,KAAA,CAAM,OAAO,CAAA;AAC9B,QAAA,IAAA,CACG,CAAC,MAAA,CAAO,MAAA,IAAU,GAAA,CAAI,MAAA,KAAW,OAAO,MAAA,MACxC,CAAC,MAAA,CAAO,MAAA,KACN,MAAM,OAAA,CAAQ,MAAA,CAAO,MAAM,CAAA,GACxB,MAAA,CAAO,OAAO,QAAA,CAAS,GAAA,CAAI,MAAM,CAAA,GACjC,IAAI,MAAA,KAAW,MAAA,CAAO,MAAA,CAAA,CAAA,KAC3B,CAAC,OAAO,QAAA,IAAY,GAAA,CAAI,QAAA,KAAa,MAAA,CAAO,cAC5C,MAAA,CAAO,OAAA,KAAY,UAAa,GAAA,CAAI,OAAA,KAAY,OAAO,OAAA,CAAA,EACxD;AACA,UAAA,IAAA,CAAK,IAAA,CAAK,EAAE,GAAG,GAAA,EAAK,SAAA,EAAW,IAAI,IAAA,CAAK,GAAA,CAAI,SAAS,CAAA,EAAG,CAAA;AAAA,QAC1D;AAAA,MACF;AAAA,IACF;AAEA,IAAA,OAAO,EAAE,MAAM,KAAA,EAAM;AAAA,EACvB;AAAA,EAEA,MAAM,eAAe,IAAA,EAAyB;AAC5C,IAAA,MAAM,EAAA,GAAK,WAAA,CAAY,EAAE,CAAA,CAAE,SAAS,KAAK,CAAA;AACzC,IAAA,MAAM,SAAA,uBAAgB,IAAA,EAAK;AAC3B,IAAA,MAAM,GAAA,GAAM,EAAE,GAAG,IAAA,EAAM,IAAI,SAAA,EAAU;AACrC,IAAA,MAAA,CACE,MAAM,IAAA,CAAK,QAAA,EAAS,EACpB,GAAA,CAAI,IAAA,CAAK,WAAA,CAAY,EAAE,CAAA,EAAG,IAAA,CAAK,SAAA,CAAU,GAAG,CAAC,CAAA;AAC/C,IAAA,MAAA,CAAO,MAAM,IAAA,CAAK,QAAA,EAAS,EAAG,IAAA,CAAK,IAAA,CAAK,gBAAA,EAAiB,EAAG,IAAA,CAAK,GAAA,EAAI,EAAG,EAAE,CAAA;AAC1E,IAAA,MAAM,KAAA,GAAQ,OAAO,MAAM,IAAA,CAAK,UAAS,EAAG,KAAA,CAAM,IAAA,CAAK,gBAAA,EAAkB,CAAA;AACzE,IAAA,IAAI,QAAQ,GAAA,EAAO;AACjB,MAAA,MAAM,MAAA,GAAS,MAAA,CACb,MAAM,IAAA,CAAK,QAAA,EAAS,EACpB,MAAA,CAAO,IAAA,CAAK,gBAAA,EAAiB,EAAG,CAAA,EAAG,KAAA,GAAQ,KAAK,CAAA;AAClD,MAAA,KAAA,MAAW,SAAS,MAAA,EAAQ;AAC1B,QAAA,MAAA,CAAO,MAAM,KAAK,QAAA,EAAS,EAAG,IAAI,IAAA,CAAK,WAAA,CAAY,KAAK,CAAC,CAAA;AACzD,QAAA,MAAA,CAAO,MAAM,KAAK,QAAA,EAAS,EAAG,KAAK,IAAA,CAAK,gBAAA,IAAoB,KAAK,CAAA;AAAA,MACnE;AAAA,IACF;AACA,IAAA,OAAO,GAAA;AAAA,EACT;AACF","file":"chunk-CF7OL6HR.js","sourcesContent":["import type { Redis } from \"ioredis\";\nimport type { AuthAdapter, AuthUser, Session, UserRole } from \"./types.js\";\nimport bcrypt from \"bcryptjs\";\nimport { randomBytes } from \"crypto\";\n\nexport interface RedisAuthAdapterOptions {\n url?: string;\n host?: string;\n port?: number;\n password?: string;\n db?: number;\n keyPrefix?: string;\n tokenExpiration?: number;\n refreshTokenExpiration?: number;\n tls?: boolean;\n}\n\nconst DEFAULT_PREFIX = \"kyro:auth:\";\nconst DEFAULT_TOKEN_EXPIRATION = 86400;\nconst DEFAULT_REFRESH_EXPIRATION = 604800;\n\nexport class RedisAuthAdapter implements AuthAdapter {\n private _redis: Redis | null = null;\n private prefix: string;\n private tokenExpiration: number;\n private refreshExpiration: number;\n private options: RedisAuthAdapterOptions;\n\n constructor(options: RedisAuthAdapterOptions = {}) {\n this.options = options;\n this.prefix = options.keyPrefix || DEFAULT_PREFIX;\n this.tokenExpiration = options.tokenExpiration || DEFAULT_TOKEN_EXPIRATION;\n this.refreshExpiration =\n options.refreshTokenExpiration || DEFAULT_REFRESH_EXPIRATION;\n }\n\n private async getRedis(): Promise<Redis> {\n if (!this._redis) {\n const { Redis: RedisClass } = await import(\"ioredis\");\n const url =\n this.options.url ||\n `redis://${this.options.host || \"localhost\"}:${this.options.port || 6379}`;\n this._redis = new RedisClass(url, {\n password: this.options.password,\n db: this.options.db,\n lazyConnect: true,\n tls: this.options.tls ? {} : undefined,\n });\n }\n return this._redis;\n }\n\n async connect(): Promise<void> {\n await this.getRedis();\n }\n\n async disconnect(): Promise<void> {\n await (await this.getRedis()).quit();\n }\n\n private userKey(userId: string): string {\n return `${this.prefix}users:${userId}`;\n }\n\n private sessionKey(sessionId: string): string {\n return `${this.prefix}sessions:${sessionId}`;\n }\n\n private refreshKey(token: string): string {\n return `${this.prefix}refresh:${token}`;\n }\n\n private userByEmailKey(email: string): string {\n return `${this.prefix}users:email:${email.toLowerCase()}`;\n }\n\n private passwordHistoryKey(userId: string): string {\n return `${this.prefix}users:${userId}:password_history`;\n }\n\n async createUser(data: {\n email: string;\n password: string;\n role?: UserRole;\n tenantId?: string;\n }): Promise<AuthUser> {\n const userId = randomBytes(16).toString(\"hex\");\n const now = new Date().toISOString();\n const passwordHash = await this.hashPassword(data.password);\n\n const user: AuthUser = {\n id: userId,\n email: data.email.toLowerCase(),\n passwordHash,\n role: (data.role || \"customer\") as UserRole,\n tenantId: data.tenantId,\n createdAt: now,\n updatedAt: now,\n };\n\n const pipeline = (await this.getRedis()).pipeline();\n\n pipeline.hset(this.userKey(userId), this.userToHash(user));\n pipeline.set(this.userByEmailKey(data.email), userId);\n\n await pipeline.exec();\n\n return user;\n }\n\n async findUserByEmail(email: string): Promise<AuthUser | null> {\n const userId = await (\n await this.getRedis()\n ).get(this.userByEmailKey(email.toLowerCase()));\n if (!userId) return null;\n return this.findUserById(userId);\n }\n\n async findUserById(userId: string): Promise<AuthUser | null> {\n const data = await (await this.getRedis()).hgetall(this.userKey(userId));\n if (!data || Object.keys(data).length === 0) return null;\n return this.hashToUser(data);\n }\n\n async updateUser(\n userId: string,\n data: Partial<AuthUser>,\n ): Promise<AuthUser | null> {\n const existing = await this.findUserById(userId);\n if (!existing) return null;\n\n const updated: AuthUser = {\n ...existing,\n ...data,\n id: userId,\n updatedAt: new Date().toISOString(),\n };\n\n if (data.email && data.email !== existing.email) {\n const pipeline = (await this.getRedis()).pipeline();\n pipeline.del(this.userByEmailKey(existing.email));\n pipeline.set(this.userByEmailKey(data.email), userId);\n await pipeline.exec();\n }\n\n await (\n await this.getRedis()\n ).hset(this.userKey(userId), this.userToHash(updated));\n return updated;\n }\n\n async deleteUser(userId: string): Promise<boolean> {\n const user = await this.findUserById(userId);\n if (!user) return false;\n\n const pipeline = (await this.getRedis()).pipeline();\n pipeline.del(this.userKey(userId));\n pipeline.del(this.userByEmailKey(user.email));\n pipeline.del(this.passwordHistoryKey(userId));\n await pipeline.exec();\n\n return true;\n }\n\n async hashPassword(password: string): Promise<string> {\n return bcrypt.hash(password, 12);\n }\n\n async verifyPassword(\n email: string,\n password: string,\n ): Promise<AuthUser | null> {\n const userId = await (\n await this.getRedis()\n ).get(this.userByEmailKey(email));\n if (!userId) return null;\n const user = await this.findUserById(userId);\n if (!user || !user.passwordHash) return null;\n const valid = await bcrypt.compare(password, user.passwordHash);\n return valid ? user : null;\n }\n\n async createSession(\n userId: string,\n data: {\n ipAddress?: string;\n userAgent?: string;\n } = {},\n ): Promise<Session> {\n const sessionId = randomBytes(32).toString(\"hex\");\n const token = randomBytes(32).toString(\"base64url\");\n const refreshToken = randomBytes(32).toString(\"base64url\");\n const now = new Date();\n\n const session: Session = {\n id: sessionId,\n userId,\n token,\n refreshToken,\n expiresAt: new Date(\n now.getTime() + this.tokenExpiration * 1000,\n ).toISOString(),\n createdAt: now.toISOString(),\n ipAddress: data.ipAddress,\n userAgent: data.userAgent,\n };\n\n const pipeline = (await this.getRedis()).pipeline();\n\n pipeline.hset(this.sessionKey(sessionId), this.sessionToHash(session));\n pipeline.setex(\n this.refreshKey(refreshToken),\n this.refreshExpiration,\n sessionId,\n );\n\n await pipeline.exec();\n\n return session;\n }\n\n async findSessionByToken(token: string): Promise<Session | null> {\n const data = await (await this.getRedis()).hgetall(this.sessionKey(token));\n if (!data || Object.keys(data).length === 0) return null;\n return this.hashToSession(data);\n }\n\n async findSessionByRefreshToken(\n refreshToken: string,\n ): Promise<Session | null> {\n const sessionId = await (\n await this.getRedis()\n ).get(this.refreshKey(refreshToken));\n if (!sessionId) return null;\n const data = await (\n await this.getRedis()\n ).hgetall(this.sessionKey(sessionId));\n if (!data || Object.keys(data).length === 0) return null;\n return this.hashToSession(data);\n }\n\n async deleteSession(sessionId: string): Promise<boolean> {\n const session = await (\n await this.getRedis()\n ).hgetall(this.sessionKey(sessionId));\n if (!session || Object.keys(session).length === 0) return false;\n\n const pipeline = (await this.getRedis()).pipeline();\n pipeline.del(this.sessionKey(sessionId));\n if (session.refreshToken) {\n pipeline.del(this.refreshKey(session.refreshToken));\n }\n await pipeline.exec();\n\n return true;\n }\n\n async deleteUserSessions(userId: string): Promise<number> {\n const pattern = `${this.prefix}sessions:*`;\n let cursor = \"0\";\n let deleted = 0;\n\n do {\n const [nextCursor, keys] = await (\n await this.getRedis()\n ).scan(cursor, \"MATCH\", pattern, \"COUNT\", 100);\n cursor = nextCursor;\n\n for (const key of keys) {\n const sessionData = await (await this.getRedis()).hgetall(key);\n if (sessionData.userId === userId) {\n const sessionId = key.replace(`${this.prefix}sessions:`, \"\");\n await this.deleteSession(sessionId);\n deleted++;\n }\n }\n } while (cursor !== \"0\");\n\n return deleted;\n }\n\n async addPasswordToHistory(\n userId: string,\n passwordHash: string,\n ): Promise<void> {\n await (\n await this.getRedis()\n ).lpush(this.passwordHistoryKey(userId), passwordHash);\n await (await this.getRedis()).ltrim(this.passwordHistoryKey(userId), 0, 4);\n }\n\n async getPasswordHistory(\n userId: string,\n count: number = 5,\n ): Promise<string[]> {\n return (await this.getRedis()).lrange(\n this.passwordHistoryKey(userId),\n 0,\n count - 1,\n );\n }\n\n async isPasswordInHistory(\n password: string,\n userId: string,\n historyCount: number = 5,\n ): Promise<boolean> {\n const history = await this.getPasswordHistory(userId, historyCount);\n\n for (const hash of history) {\n if (await bcrypt.compare(password, hash)) {\n return true;\n }\n }\n\n return false;\n }\n\n private userToHash(user: AuthUser): Record<string, string> {\n const hash: Record<string, string> = {\n id: user.id,\n email: user.email,\n passwordHash: user.passwordHash || \"\",\n role: user.role,\n createdAt: user.createdAt,\n updatedAt: user.updatedAt,\n };\n\n if (user.avatar) hash.avatar = user.avatar;\n if (user.tenantId) hash.tenantId = user.tenantId;\n if (user.emailVerified !== undefined)\n hash.emailVerified = String(user.emailVerified);\n if (user.locked !== undefined) hash.locked = String(user.locked);\n if (user.lastLogin) hash.lastLogin = user.lastLogin;\n if (user.failedLoginAttempts !== undefined)\n hash.failedLoginAttempts = String(user.failedLoginAttempts);\n\n return hash;\n }\n\n private hashToUser(hash: Record<string, string>): AuthUser {\n return {\n id: hash.id,\n email: hash.email,\n passwordHash: hash.passwordHash,\n role: hash.role as UserRole,\n tenantId: hash.tenantId,\n avatar: hash.avatar,\n createdAt: hash.createdAt,\n updatedAt: hash.updatedAt,\n emailVerified: hash.emailVerified === \"true\",\n locked: hash.locked === \"true\",\n lastLogin: hash.lastLogin,\n failedLoginAttempts: hash.failedLoginAttempts\n ? parseInt(hash.failedLoginAttempts, 10)\n : 0,\n };\n }\n\n private sessionToHash(session: Session): Record<string, string> {\n const hash: Record<string, string> = {\n id: session.id,\n userId: session.userId,\n token: session.token,\n expiresAt: session.expiresAt,\n createdAt: session.createdAt,\n };\n\n if (session.refreshToken) hash.refreshToken = session.refreshToken;\n if (session.ipAddress) hash.ipAddress = session.ipAddress;\n if (session.userAgent) hash.userAgent = session.userAgent;\n\n return hash;\n }\n\n private hashToSession(hash: Record<string, string>): Session {\n return {\n id: hash.id,\n userId: hash.userId,\n token: hash.token,\n refreshToken: hash.refreshToken,\n expiresAt: hash.expiresAt,\n createdAt: hash.createdAt,\n ipAddress: hash.ipAddress,\n userAgent: hash.userAgent,\n };\n }\n\n private tokenKey(tokenType: string, token: string): string {\n return `${this.prefix}tokens:${tokenType}:${token}`;\n }\n\n async createEmailVerificationToken(userId: string): Promise<{ token: string; expiresAt: Date }> {\n const token = randomBytes(32).toString(\"hex\");\n const expiresAt = new Date(Date.now() + 24 * 60 * 60 * 1000); // 24 hours\n const redis = await this.getRedis();\n await redis.setex(this.tokenKey(\"email-verify\", token), 86400, userId);\n return { token, expiresAt };\n }\n\n async verifyEmailToken(token: string): Promise<{ success: boolean; userId?: string; error?: string }> {\n const redis = await this.getRedis();\n const userId = await redis.get(this.tokenKey(\"email-verify\", token));\n if (!userId) {\n return { success: false, error: \"Invalid or expired token\" };\n }\n await redis.del(this.tokenKey(\"email-verify\", token));\n return { success: true, userId };\n }\n\n async createPasswordResetToken(email: string): Promise<{ token: string; expiresAt: Date; error?: string }> {\n const user = await this.findUserByEmail(email);\n if (!user) {\n return { token: \"\", expiresAt: new Date(), error: \"User not found\" };\n }\n const token = randomBytes(32).toString(\"hex\");\n const expiresAt = new Date(Date.now() + 60 * 60 * 1000); // 1 hour\n const redis = await this.getRedis();\n await redis.setex(this.tokenKey(\"password-reset\", token), 3600, user.id);\n return { token, expiresAt };\n }\n\n async resetPasswordWithToken(token: string, newPassword: string): Promise<{ success: boolean; error?: string }> {\n const redis = await this.getRedis();\n const userId = await redis.get(this.tokenKey(\"password-reset\", token));\n if (!userId) {\n return { success: false, error: \"Invalid or expired token\" };\n }\n const passwordHash = await this.hashPassword(newPassword);\n await this.updateUser(userId, { passwordHash });\n await redis.del(this.tokenKey(\"password-reset\", token));\n return { success: true };\n }\n\n private auditLogKey(id: string): string {\n return `${this.prefix}audit:logs:${id}`;\n }\n\n private auditLogIndexKey(): string {\n return `${this.prefix}audit:index`;\n }\n\n async findAuditLogs(filter: {\n userId?: string;\n action?: string | string[];\n resource?: string;\n success?: boolean;\n limit?: number;\n offset?: number;\n }): Promise<{ logs: any[]; total: number }> {\n const { limit = 50, offset = 0 } = filter;\n const indexKey = this.auditLogIndexKey();\n const allIds = await (await this.getRedis()).zrevrange(indexKey, 0, -1);\n const total = allIds.length;\n\n const pagedIds = allIds.slice(offset, offset + limit);\n const logs: any[] = [];\n\n for (const id of pagedIds) {\n const logData = await (await this.getRedis()).get(this.auditLogKey(id));\n if (logData) {\n const log = JSON.parse(logData);\n if (\n (!filter.userId || log.userId === filter.userId) &&\n (!filter.action ||\n (Array.isArray(filter.action)\n ? filter.action.includes(log.action)\n : log.action === filter.action)) &&\n (!filter.resource || log.resource === filter.resource) &&\n (filter.success === undefined || log.success === filter.success)\n ) {\n logs.push({ ...log, timestamp: new Date(log.timestamp) });\n }\n }\n }\n\n return { logs, total };\n }\n\n async createAuditLog(data: any): Promise<any> {\n const id = randomBytes(16).toString(\"hex\");\n const timestamp = new Date();\n const log = { ...data, id, timestamp };\n await (\n await this.getRedis()\n ).set(this.auditLogKey(id), JSON.stringify(log));\n await (await this.getRedis()).zadd(this.auditLogIndexKey(), Date.now(), id);\n const count = await (await this.getRedis()).zcard(this.auditLogIndexKey());\n if (count > 10000) {\n const oldIds = await (\n await this.getRedis()\n ).zrange(this.auditLogIndexKey(), 0, count - 10001);\n for (const oldId of oldIds) {\n await (await this.getRedis()).del(this.auditLogKey(oldId));\n await (await this.getRedis()).zrem(this.auditLogIndexKey(), oldId);\n }\n }\n return log;\n }\n}\n"]}
package/dist/chunk-CJONKRHJ.js ADDED
@@ -0,0 +1,162 @@
1
+ import { timingSafeEqual } from 'crypto';
2
+
3
+ // src/access/types.ts
4
+ async function evaluateAccess(access, args) {
5
+ if (typeof access === "boolean") {
6
+ return access;
7
+ }
8
+ if (typeof access === "function") {
9
+ return await access(args);
10
+ }
11
+ return true;
12
+ }
13
+ function mergeWhereClauses(...whereClauses) {
14
+ const result = {};
15
+ for (const clause of whereClauses) {
16
+ if (clause && typeof clause === "object") {
17
+ Object.assign(result, clause);
18
+ }
19
+ }
20
+ return result;
21
+ }
22
+ function getWhereClause(access, args) {
23
+ return evaluateAccess(access, args).then((result) => {
24
+ if (result === true) return void 0;
25
+ if (result === false) return { _id: { $eq: null } };
26
+ return result;
27
+ });
28
+ }
29
+ var API_KEY_COLLECTION = "_api_keys";
30
+ function generateKeyPrefix(key) {
31
+ return key.substring(0, 8);
32
+ }
33
+ function constantTimeCompare(a, b) {
34
+ if (a.length !== b.length) {
35
+ return false;
36
+ }
37
+ try {
38
+ return timingSafeEqual(Buffer.from(a), Buffer.from(b));
39
+ } catch {
40
+ return false;
41
+ }
42
+ }
43
+ async function validateApiKey(rawKey, db, userLookup) {
44
+ if (!rawKey || typeof rawKey !== "string") {
45
+ return { valid: false, error: "No API key provided" };
46
+ }
47
+ if (!rawKey.startsWith("kyro_")) {
48
+ return { valid: false, error: "Invalid API key format" };
49
+ }
50
+ const keyPrefix = generateKeyPrefix(rawKey);
51
+ try {
52
+ const result = await db.find({
53
+ collection: API_KEY_COLLECTION,
54
+ where: { keyPrefix: { equals: keyPrefix } },
55
+ limit: 100,
56
+ page: 1
57
+ });
58
+ if (!result.docs || result.docs.length === 0) {
59
+ return { valid: false, error: "Invalid API key" };
60
+ }
61
+ let matchedKey = null;
62
+ for (const doc of result.docs) {
63
+ const record = doc;
64
+ if (constantTimeCompare(record.key, rawKey)) {
65
+ matchedKey = record;
66
+ break;
67
+ }
68
+ }
69
+ if (!matchedKey) {
70
+ return { valid: false, error: "Invalid API key" };
71
+ }
72
+ if (matchedKey.expiresAt) {
73
+ const expiresAt = new Date(matchedKey.expiresAt);
74
+ if (expiresAt < /* @__PURE__ */ new Date()) {
75
+ return { valid: false, error: "API key has expired" };
76
+ }
77
+ }
78
+ try {
79
+ await db.update({
80
+ collection: API_KEY_COLLECTION,
81
+ id: matchedKey.id,
82
+ data: { lastUsedAt: (/* @__PURE__ */ new Date()).toISOString() }
83
+ });
84
+ } catch {
85
+ }
86
+ const user = {
87
+ id: matchedKey.userId,
88
+ role: matchedKey.role || "author",
89
+ tenantId: matchedKey.tenantId
90
+ };
91
+ if (userLookup) {
92
+ const dbUser = await userLookup(matchedKey.userId);
93
+ if (dbUser) {
94
+ Object.assign(user, dbUser);
95
+ }
96
+ }
97
+ return {
98
+ valid: true,
99
+ userId: matchedKey.userId,
100
+ user,
101
+ permissions: matchedKey.permissions || [],
102
+ apiKeyId: matchedKey.id,
103
+ tenantId: user.tenantId,
104
+ role: user.role
105
+ };
106
+ } catch (error) {
107
+ console.error("[ApiKey] Validation error:", error);
108
+ return { valid: false, error: "Failed to validate API key" };
109
+ }
110
+ }
111
+ function extractApiKeyFromRequest(request) {
112
+ const authHeader = request.headers.get("Authorization");
113
+ if (authHeader) {
114
+ if (authHeader.startsWith("ApiKey ")) {
115
+ return authHeader.slice(7).trim();
116
+ }
117
+ if (authHeader.startsWith("Bearer ")) {
118
+ return null;
119
+ }
120
+ }
121
+ const xApiKey = request.headers.get("X-API-Key");
122
+ if (xApiKey) {
123
+ return xApiKey.trim();
124
+ }
125
+ return null;
126
+ }
127
+ function createApiKeyContext(result) {
128
+ if (!result.valid || !result.userId) {
129
+ return null;
130
+ }
131
+ return {
132
+ userId: result.userId,
133
+ user: result.user || {},
134
+ permissions: result.permissions || [],
135
+ apiKeyId: result.apiKeyId || "",
136
+ tenantId: result.tenantId,
137
+ role: result.role
138
+ };
139
+ }
140
+ function hasApiKeyPermission(permissions, required) {
141
+ if (permissions.length === 0) return false;
142
+ if (permissions.includes("*")) return true;
143
+ if (permissions.includes(required)) return true;
144
+ const [resource, action] = required.split(":");
145
+ if (permissions.includes(`${resource}:*`)) return true;
146
+ return false;
147
+ }
148
+ function generateApiKey() {
149
+ const chars = "abcdefghijklmnopqrstuvwxyz0123456789";
150
+ let suffix = "";
151
+ for (let i = 0; i < 32; i++) {
152
+ suffix += chars[Math.floor(Math.random() * chars.length)];
153
+ }
154
+ return `kyro_${suffix}`;
155
+ }
156
+ function generateApiKeyPrefix(key) {
157
+ return key.substring(0, 8);
158
+ }
159
+
160
+ export { API_KEY_COLLECTION, createApiKeyContext, evaluateAccess, extractApiKeyFromRequest, generateApiKey, generateApiKeyPrefix, getWhereClause, hasApiKeyPermission, mergeWhereClauses, validateApiKey };
161
+ //# sourceMappingURL=chunk-CJONKRHJ.js.map
162
+ //# sourceMappingURL=chunk-CJONKRHJ.js.map
package/dist/chunk-CJONKRHJ.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/access/types.ts","../src/auth/api-key.ts"],"names":[],"mappings":";;;AA+CA,eAAsB,cAAA,CACpB,QACA,IAAA,EACgC;AAChC,EAAA,IAAI,OAAO,WAAW,SAAA,EAAW;AAC/B,IAAA,OAAO,MAAA;AAAA,EACT;AACA,EAAA,IAAI,OAAO,WAAW,UAAA,EAAY;AAChC,IAAA,OAAO,MAAM,OAAO,IAAI,CAAA;AAAA,EAC1B;AACA,EAAA,OAAO,IAAA;AACT;AAEO,SAAS,qBACX,YAAA,EACU;AACb,EAAA,MAAM,SAAsB,EAAC;AAC7B,EAAA,KAAA,MAAW,UAAU,YAAA,EAAc;AACjC,IAAA,IAAI,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,EAAU;AACxC,MAAA,MAAA,CAAO,MAAA,CAAO,QAAQ,MAAM,CAAA;AAAA,IAC9B;AAAA,EACF;AACA,EAAA,OAAO,MAAA;AACT;AAEO,SAAS,cAAA,CACd,QACA,IAAA,EACkC;AAClC,EAAA,OAAO,cAAA,CAAe,MAAA,EAAQ,IAAI,CAAA,CAAE,KAAK,CAAA,MAAA,KAAU;AACjD,IAAA,IAAI,MAAA,KAAW,MAAM,OAAO,MAAA;AAC5B,IAAA,IAAI,MAAA,KAAW,OAAO,OAAO,EAAE,KAAK,EAAE,GAAA,EAAK,MAAK,EAAE;AAClD,IAAA,OAAO,MAAA;AAAA,EACT,CAAC,CAAA;AACH;AC7CO,IAAM,kBAAA,GAAqB;AAElC,SAAS,kBAAkB,GAAA,EAAqB;AAC9C,EAAA,OAAO,GAAA,CAAI,SAAA,CAAU,CAAA,EAAG,CAAC,CAAA;AAC3B;AAEA,SAAS,mBAAA,CAAoB,GAAW,CAAA,EAAoB;AAC1D,EAAA,IAAI,CAAA,CAAE,MAAA,KAAW,CAAA,CAAE,MAAA,EAAQ;AACzB,IAAA,OAAO,KAAA;AAAA,EACT;AACA,EAAA,IAAI;AACF,IAAA,OAAO,eAAA,CAAgB,OAAO,IAAA,CAAK,CAAC,GAAG,MAAA,CAAO,IAAA,CAAK,CAAC,CAAC,CAAA;AAAA,EACvD,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AAEA,eAAsB,cAAA,CACpB,MAAA,EACA,EAAA,EACA,UAAA,EACiC;AACjC,EAAA,IAAI,CAAC,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,EAAU;AACzC,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,qBAAA,EAAsB;AAAA,EACtD;AAEA,EAAA,IAAI,CAAC,MAAA,CAAO,UAAA,CAAW,OAAO,CAAA,EAAG;AAC/B,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,wBAAA,EAAyB;AAAA,EACzD;AAEA,EAAA,MAAM,SAAA,GAAY,kBAAkB,MAAM,CAAA;AAE1C,EAAA,IAAI;AACF,IAAA,MAAM,MAAA,GAAS,MAAM,EAAA,CAAG,IAAA,CAAK;AAAA,MAC3B,UAAA,EAAY,kBAAA;AAAA,MACZ,OAAO,EAAE,SAAA,EAAW,EAAE,MAAA,EAAQ,WAAU,EAAE;AAAA,MAC1C,KAAA,EAAO,GAAA;AAAA,MACP,IAAA,EAAM;AAAA,KACP,CAAA;AAED,IAAA,IAAI,CAAC,MAAA,CAAO,IAAA,IAAQ,MAAA,CAAO,IAAA,CAAK,WAAW,CAAA,EAAG;AAC5C,MAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,iBAAA,EAAkB;AAAA,IAClD;AAEA,IAAA,IAAI,UAAA,GAAkC,IAAA;AACtC,IAAA,KAAA,MAAW,GAAA,IAAO,OAAO,IAAA,EAAM;AAC7B,MAAA,MAAM,MAAA,GAAS,GAAA;AACf,MAAA,IAAI,mBAAA,CAAoB,MAAA,CAAO,GAAA,EAAK,MAAM,CAAA,EAAG;AAC3C,QAAA,UAAA,GAAa,MAAA;AACb,QAAA;AAAA,MACF;AAAA,IACF;AAEA,IAAA,IAAI,CAAC,UAAA,EAAY;AACf,MAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,iBAAA,EAAkB;AAAA,IAClD;AAEA,IAAA,IAAI,WAAW,SAAA,EAAW;AACxB,MAAA,MAAM,SAAA,GAAY,IAAI,IAAA,CAAK,UAAA,CAAW,SAAS,CAAA;AAC/C,MAAA,IAAI,SAAA,mBAAY,IAAI,IAAA,EAAK,EAAG;AAC1B,QAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,qBAAA,EAAsB;AAAA,MACtD;AAAA,IACF;AAEA,IAAA,IAAI;AACF,MAAA,MAAM,GAAG,MAAA,CAAO;AAAA,QACd,UAAA,EAAY,kBAAA;AAAA,QACZ,IAAI,UAAA,CAAW,EAAA;AAAA,QACf,MAAM,EAAE,UAAA,EAAA,qBAAgB,IAAA,EAAK,EAAE,aAAY;AAAE,OAC9C,CAAA;AAAA,IACH,CAAA,CAAA,MAAQ;AAAA,IAER;AAEA,IAAA,MAAM,IAAA,GAA0B;AAAA,MAC9B,IAAI,UAAA,CAAW,MAAA;AAAA,MACf,IAAA,EAAO,WAAmB,IAAA,IAAQ,QAAA;AAAA,MAClC,UAAW,UAAA,CAAmB;AAAA,KAChC;AAEA,IAAA,IAAI,UAAA,EAAY;AACd,MAAA,MAAM,MAAA,GAAS,MAAM,UAAA,CAAW,UAAA,CAAW,MAAM,CAAA;AACjD,MAAA,IAAI,MAAA,EAAQ;AACV,QAAA,MAAA,CAAO,MAAA,CAAO,MAAM,MAAM,CAAA;AAAA,MAC5B;AAAA,IACF;AAEA,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,IAAA;AAAA,MACP,QAAQ,UAAA,CAAW,MAAA;AAAA,MACnB,IAAA;AAAA,MACA,WAAA,EAAa,UAAA,CAAW,WAAA,IAAe,EAAC;AAAA,MACxC,UAAU,UAAA,CAAW,EAAA;AAAA,MACrB,UAAU,IAAA,CAAK,QAAA;AAAA,MACf,MAAM,IAAA,CAAK;AAAA,KACb;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,8BAA8B,KAAK,CAAA;AACjD,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,4BAAA,EAA6B;AAAA,EAC7D;AACF;AAEO,SAAS,yBAAyB,OAAA,EAAiC;AACxE,EAAA,MAAM,UAAA,GAAa,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,eAAe,CAAA;AACtD,EAAA,IAAI,UAAA,EAAY;AACd,IAAA,IAAI,UAAA,CAAW,UAAA,CAAW,SAAS,CAAA,EAAG;AACpC,MAAA,OAAO,UAAA,CAAW,KAAA,CAAM,CAAC,CAAA,CAAE,IAAA,EAAK;AAAA,IAClC;AACA,IAAA,IAAI,UAAA,CAAW,UAAA,CAAW,SAAS,CAAA,EAAG;AACpC,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAEA,EAAA,MAAM,OAAA,GAAU,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,WAAW,CAAA;AAC/C,EAAA,IAAI,OAAA,EAAS;AACX,IAAA,OAAO,QAAQ,IAAA,EAAK;AAAA,EACtB;AAEA,EAAA,OAAO,IAAA;AACT;AAEO,SAAS,oBACd,MAAA,EACsB;AACtB,EAAA,IAAI,CAAC,MAAA,CAAO,KAAA,IAAS,CAAC,OAAO,MAAA,EAAQ;AACnC,IAAA,OAAO,IAAA;AAAA,EACT;AACA,EAAA,OAAO;AAAA,IACL,QAAQ,MAAA,CAAO,MAAA;AAAA,IACf,IAAA,EAAM,MAAA,CAAO,IAAA,IAAQ,EAAC;AAAA,IACtB,WAAA,EAAa,MAAA,CAAO,WAAA,IAAe,EAAC;AAAA,IACpC,QAAA,EAAU,OAAO,QAAA,IAAY,EAAA;AAAA,IAC7B,UAAU,MAAA,CAAO,QAAA;AAAA,IACjB,MAAM,MAAA,CAAO;AAAA,GACf;AACF;AAEO,SAAS,mBAAA,CACd,aACA,QAAA,EACS;AACT,EAAA,IAAI,WAAA,CAAY,MAAA,KAAW,CAAA,EAAG,OAAO,KAAA;AACrC,EAAA,IAAI,WAAA,CAAY,QAAA,CAAS,GAAG,CAAA,EAAG,OAAO,IAAA;AACtC,EAAA,IAAI,WAAA,CAAY,QAAA,CAAS,QAAQ,CAAA,EAAG,OAAO,IAAA;AAE3C,EAAA,MAAM,CAAC,QAAA,EAAU,MAAM,CAAA,GAAI,QAAA,CAAS,MAAM,GAAG,CAAA;AAC7C,EAAA,IAAI,YAAY,QAAA,CAAS,CAAA,EAAG,QAAQ,CAAA,EAAA,CAAI,GAAG,OAAO,IAAA;AAElD,EAAA,OAAO,KAAA;AACT;AAEO,SAAS,cAAA,GAAyB;AACvC,EAAA,MAAM,KAAA,GAAQ,sCAAA;AACd,EAAA,IAAI,MAAA,GAAS,EAAA;AACb,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,EAAA,EAAI,CAAA,EAAA,EAAK;AAC3B,IAAA,MAAA,IAAU,KAAA,CAAM,KAAK,KAAA,CAAM,IAAA,CAAK,QAAO,GAAI,KAAA,CAAM,MAAM,CAAC,CAAA;AAAA,EAC1D;AACA,EAAA,OAAO,QAAQ,MAAM,CAAA,CAAA;AACvB;AAEO,SAAS,qBAAqB,GAAA,EAAqB;AACxD,EAAA,OAAO,GAAA,CAAI,SAAA,CAAU,CAAA,EAAG,CAAC,CAAA;AAC3B","file":"chunk-CJONKRHJ.js","sourcesContent":["import type { User, Request } from '../hooks/types.js';\n\n// ============================================================================\n// Access Control Types\n// ============================================================================\n\nexport interface WhereClause {\n [field: string]: any;\n}\n\nexport interface AccessArgs {\n req: Request;\n user?: User;\n data?: any;\n doc?: any;\n id?: string;\n tenantID?: string;\n context?: Record<string, any>;\n}\n\nexport type AccessControl = boolean | ((args: AccessArgs) => Promise<boolean | WhereClause> | boolean | WhereClause);\n\nexport interface CollectionAccess {\n create?: AccessControl;\n read?: AccessControl;\n update?: AccessControl;\n delete?: AccessControl;\n admin?: AccessControl;\n unlock?: AccessControl;\n readVersions?: AccessControl;\n}\n\nexport interface GlobalAccess {\n read?: AccessControl;\n update?: AccessControl;\n}\n\nexport interface FieldAccess {\n create?: AccessControl;\n read?: AccessControl;\n update?: AccessControl;\n}\n\n// ============================================================================\n// Access Control Evaluation\n// ============================================================================\n\nexport async function evaluateAccess(\n access: AccessControl,\n args: AccessArgs\n): Promise<boolean | WhereClause> {\n if (typeof access === 'boolean') {\n return access;\n }\n if (typeof access === 'function') {\n return await access(args);\n }\n return true;\n}\n\nexport function mergeWhereClauses(\n ...whereClauses: (WhereClause | boolean | undefined)[]\n): WhereClause {\n const result: WhereClause = {};\n for (const clause of whereClauses) {\n if (clause && typeof clause === 'object') {\n Object.assign(result, clause);\n }\n }\n return result;\n}\n\nexport function getWhereClause(\n access: AccessControl,\n args: AccessArgs\n): Promise<WhereClause | undefined> {\n return evaluateAccess(access, args).then(result => {\n if (result === true) return undefined;\n if (result === false) return { _id: { $eq: null } };\n return result;\n });\n}\n","import { timingSafeEqual } from \"crypto\";\nimport type { BaseAdapter } from \"../registry/types.js\";\nimport type { AuthUser, UserRole } from \"./types.js\";\n\nexport interface ApiKeyRecord {\n id: string;\n userId: string;\n name: string;\n key: string;\n keyPrefix: string;\n permissions: string[];\n lastUsedAt?: string;\n expiresAt?: string;\n createdAt: string;\n}\n\nexport interface ApiKeyValidationResult {\n valid: boolean;\n userId?: string;\n user?: Partial<AuthUser>;\n permissions?: string[];\n apiKeyId?: string;\n error?: string;\n tenantId?: string;\n role?: UserRole;\n}\n\nexport interface ApiKeyContext {\n userId: string;\n user: Partial<AuthUser>;\n permissions: string[];\n apiKeyId: string;\n tenantId?: string;\n role?: UserRole;\n}\n\nexport const API_KEY_COLLECTION = \"_api_keys\";\n\nfunction generateKeyPrefix(key: string): string {\n return key.substring(0, 8);\n}\n\nfunction constantTimeCompare(a: string, b: string): boolean {\n if (a.length !== b.length) {\n return false;\n }\n try {\n return timingSafeEqual(Buffer.from(a), Buffer.from(b));\n } catch {\n return false;\n }\n}\n\nexport async function validateApiKey(\n rawKey: string,\n db: BaseAdapter,\n userLookup?: (userId: string) => Promise<Partial<AuthUser> | null>,\n): Promise<ApiKeyValidationResult> {\n if (!rawKey || typeof rawKey !== \"string\") {\n return { valid: false, error: \"No API key provided\" };\n }\n\n if (!rawKey.startsWith(\"kyro_\")) {\n return { valid: false, error: \"Invalid API key format\" };\n }\n\n const keyPrefix = generateKeyPrefix(rawKey);\n\n try {\n const result = await db.find({\n collection: API_KEY_COLLECTION,\n where: { keyPrefix: { equals: keyPrefix } },\n limit: 100,\n page: 1,\n });\n\n if (!result.docs || result.docs.length === 0) {\n return { valid: false, error: \"Invalid API key\" };\n }\n\n let matchedKey: ApiKeyRecord | null = null;\n for (const doc of result.docs) {\n const record = doc as unknown as ApiKeyRecord;\n if (constantTimeCompare(record.key, rawKey)) {\n matchedKey = record;\n break;\n }\n }\n\n if (!matchedKey) {\n return { valid: false, error: \"Invalid API key\" };\n }\n\n if (matchedKey.expiresAt) {\n const expiresAt = new Date(matchedKey.expiresAt);\n if (expiresAt < new Date()) {\n return { valid: false, error: \"API key has expired\" };\n }\n }\n\n try {\n await db.update({\n collection: API_KEY_COLLECTION,\n id: matchedKey.id,\n data: { lastUsedAt: new Date().toISOString() },\n });\n } catch {\n // Non-critical: don't fail if lastUsedAt update fails\n }\n\n const user: Partial<AuthUser> = {\n id: matchedKey.userId,\n role: (matchedKey as any).role || \"author\",\n tenantId: (matchedKey as any).tenantId,\n };\n\n if (userLookup) {\n const dbUser = await userLookup(matchedKey.userId);\n if (dbUser) {\n Object.assign(user, dbUser);\n }\n }\n\n return {\n valid: true,\n userId: matchedKey.userId,\n user,\n permissions: matchedKey.permissions || [],\n apiKeyId: matchedKey.id,\n tenantId: user.tenantId,\n role: user.role,\n };\n } catch (error) {\n console.error(\"[ApiKey] Validation error:\", error);\n return { valid: false, error: \"Failed to validate API key\" };\n }\n}\n\nexport function extractApiKeyFromRequest(request: Request): string | null {\n const authHeader = request.headers.get(\"Authorization\");\n if (authHeader) {\n if (authHeader.startsWith(\"ApiKey \")) {\n return authHeader.slice(7).trim();\n }\n if (authHeader.startsWith(\"Bearer \")) {\n return null;\n }\n }\n\n const xApiKey = request.headers.get(\"X-API-Key\");\n if (xApiKey) {\n return xApiKey.trim();\n }\n\n return null;\n}\n\nexport function createApiKeyContext(\n result: ApiKeyValidationResult,\n): ApiKeyContext | null {\n if (!result.valid || !result.userId) {\n return null;\n }\n return {\n userId: result.userId,\n user: result.user || {},\n permissions: result.permissions || [],\n apiKeyId: result.apiKeyId || \"\",\n tenantId: result.tenantId,\n role: result.role,\n };\n}\n\nexport function hasApiKeyPermission(\n permissions: string[],\n required: string,\n): boolean {\n if (permissions.length === 0) return false;\n if (permissions.includes(\"*\")) return true;\n if (permissions.includes(required)) return true;\n\n const [resource, action] = required.split(\":\");\n if (permissions.includes(`${resource}:*`)) return true;\n\n return false;\n}\n\nexport function generateApiKey(): string {\n const chars = \"abcdefghijklmnopqrstuvwxyz0123456789\";\n let suffix = \"\";\n for (let i = 0; i < 32; i++) {\n suffix += chars[Math.floor(Math.random() * chars.length)];\n }\n return `kyro_${suffix}`;\n}\n\nexport function generateApiKeyPrefix(key: string): string {\n return key.substring(0, 8);\n}\n"]}
package/dist/{chunk-OHVB4AJ7.js → chunk-CJX74IYK.js} RENAMED
@@ -1,4 +1,4 @@
1
- import { users, sessions, passwordHistory, lockouts, auditLogs, emailVerifications, passwordResets } from './chunk-WOWUL7ZY.js';
1
+ import { users, sessions, passwordHistory, lockouts, auditLogs, emailVerifications, passwordResets } from './chunk-UUDTPZX6.js';
2
2
  import { sql, eq, desc, and, gt } from 'drizzle-orm';
3
3
  import bcrypt from 'bcryptjs';
4
4
  import { randomBytes } from 'crypto';
@@ -30,10 +30,12 @@ var PostgresAuthAdapter = class {
30
30
  "last_login" TIMESTAMP,
31
31
  "failed_login_attempts" INTEGER DEFAULT 0,
32
32
  "metadata" JSONB,
33
+ "avatar" VARCHAR(255),
33
34
  "created_at" TIMESTAMP NOT NULL DEFAULT NOW(),
34
35
  "updated_at" TIMESTAMP NOT NULL DEFAULT NOW()
35
36
  )
36
37
  `);
38
+ await this.db.execute(sql`ALTER TABLE "users" ADD COLUMN IF NOT EXISTS "avatar" VARCHAR(255)`);
37
39
  await this.db.execute(sql`CREATE UNIQUE INDEX IF NOT EXISTS "users_email_idx" ON "users" ("email")`);
38
40
  await this.db.execute(sql`CREATE INDEX IF NOT EXISTS "users_tenant_idx" ON "users" ("tenant_id")`);
39
41
  await this.db.execute(sql`CREATE INDEX IF NOT EXISTS "users_role_idx" ON "users" ("role")`);
@@ -60,7 +62,7 @@ var PostgresAuthAdapter = class {
60
62
  "user_email" VARCHAR(255),
61
63
  "role" VARCHAR(50),
62
64
  "resource" VARCHAR(100) NOT NULL,
63
- "resource_id" UUID,
65
+ "resource_id" VARCHAR(255),
64
66
  "changes" JSONB,
65
67
  "ip_address" VARCHAR(45),
66
68
  "user_agent" TEXT,
@@ -70,6 +72,7 @@ var PostgresAuthAdapter = class {
70
72
  "timestamp" TIMESTAMP NOT NULL DEFAULT NOW()
71
73
  )
72
74
  `);
75
+ await this.db.execute(sql`ALTER TABLE "audit_logs" ALTER COLUMN "resource_id" TYPE VARCHAR(255)`);
73
76
  await this.db.execute(sql`CREATE INDEX IF NOT EXISTS "audit_logs_user_idx" ON "audit_logs" ("user_id")`);
74
77
  await this.db.execute(sql`CREATE INDEX IF NOT EXISTS "audit_logs_action_idx" ON "audit_logs" ("action")`);
75
78
  await this.db.execute(sql`CREATE INDEX IF NOT EXISTS "audit_logs_resource_idx" ON "audit_logs" ("resource")`);
@@ -164,6 +167,7 @@ var PostgresAuthAdapter = class {
164
167
  name: data.name,
165
168
  passwordHash,
166
169
  role: data.role || "customer",
170
+ avatar: data.avatar,
167
171
  tenantId: data.tenantId
168
172
  }).returning();
169
173
  return this.userToAuthUser(user);
@@ -184,6 +188,7 @@ var PostgresAuthAdapter = class {
184
188
  dbData.passwordHash = data.passwordHash;
185
189
  if (data.role !== void 0) dbData.role = data.role;
186
190
  if (data.tenantId !== void 0) dbData.tenantId = data.tenantId;
191
+ if (data.avatar !== void 0) dbData.avatar = data.avatar;
187
192
  if (data.emailVerified !== void 0)
188
193
  dbData.emailVerified = data.emailVerified;
189
194
  if (data.locked !== void 0) dbData.locked = data.locked;
@@ -376,17 +381,17 @@ var PostgresAuthAdapter = class {
376
381
  await this.db.insert(auditLogs).values({
377
382
  id,
378
383
  action: data.action,
379
- userId: data.userId,
380
- userEmail: data.userEmail,
381
- role: data.role,
384
+ userId: data.userId ?? null,
385
+ userEmail: data.userEmail ?? null,
386
+ role: data.role ?? null,
382
387
  resource: data.resource,
383
- resourceId: data.resourceId,
384
- changes: data.changes,
385
- ipAddress: data.ipAddress,
386
- userAgent: data.userAgent,
388
+ resourceId: data.resourceId ?? null,
389
+ changes: data.changes ?? null,
390
+ ipAddress: data.ipAddress ?? null,
391
+ userAgent: data.userAgent ?? null,
387
392
  success: data.success,
388
- error: data.error,
389
- metadata: data.metadata,
393
+ error: data.error ?? null,
394
+ metadata: data.metadata ?? null,
390
395
  timestamp
391
396
  });
392
397
  return {
@@ -402,13 +407,14 @@ var PostgresAuthAdapter = class {
402
407
  email: user.email,
403
408
  passwordHash: user.passwordHash || void 0,
404
409
  role: user.role,
410
+ avatar: user.avatar && typeof user.avatar === "object" ? user.avatar.id || void 0 : user.avatar || void 0,
405
411
  tenantId: user.tenantId || void 0,
406
412
  emailVerified: user.emailVerified || false,
407
413
  locked: user.locked || false,
408
- lastLogin: user.lastLogin?.toISOString(),
414
+ lastLogin: user.lastLogin ? new Date(user.lastLogin).toISOString() : void 0,
409
415
  failedLoginAttempts: user.failedLoginAttempts || 0,
410
- createdAt: user.createdAt.toISOString(),
411
- updatedAt: user.updatedAt.toISOString()
416
+ createdAt: new Date(user.createdAt).toISOString(),
417
+ updatedAt: new Date(user.updatedAt).toISOString()
412
418
  };
413
419
  }
414
420
  sessionToSession(session) {
@@ -417,8 +423,8 @@ var PostgresAuthAdapter = class {
417
423
  userId: session.userId,
418
424
  token: session.token,
419
425
  refreshToken: session.refreshToken || void 0,
420
- expiresAt: session.expiresAt.toISOString(),
421
- createdAt: session.createdAt.toISOString(),
426
+ expiresAt: new Date(session.expiresAt).toISOString(),
427
+ createdAt: new Date(session.createdAt).toISOString(),
422
428
  ipAddress: session.ipAddress || void 0,
423
429
  userAgent: session.userAgent || void 0
424
430
  };
@@ -479,5 +485,5 @@ var PostgresAuthAdapter = class {
479
485
  };
480
486
 
481
487
  export { PostgresAuthAdapter };
482
- //# sourceMappingURL=chunk-OHVB4AJ7.js.map
483
- //# sourceMappingURL=chunk-OHVB4AJ7.js.map
488
+ //# sourceMappingURL=chunk-CJX74IYK.js.map
489
+ //# sourceMappingURL=chunk-CJX74IYK.js.map
package/dist/chunk-CJX74IYK.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/database/drizzle/postgres-auth-adapter.ts"],"names":["rows","count"],"mappings":";;;;;AAoCA,IAAI,cAAA,GAAiB,KAAA;AAEd,IAAM,sBAAN,MAAiD;AAAA,EAC9C,EAAA;AAAA,EACA,MAAA;AAAA,EACA,UAAA;AAAA,EACA,eAAA;AAAA,EAER,YAAY,OAAA,EAAqC;AAC/C,IAAA,IAAA,CAAK,KAAK,OAAA,CAAQ,EAAA;AAClB,IAAA,IAAA,CAAK,MAAA,GAAS,QAAQ,MAAA,IAAU,OAAA;AAChC,IAAA,IAAA,CAAK,UAAA,GAAa,QAAQ,UAAA,IAAc,KAAA;AACxC,IAAA,IAAA,CAAK,eAAA,GAAkB,QAAQ,eAAA,IAAmB,MAAA;AAAA,EACpD;AAAA,EAEA,MAAM,OAAA,GAAyB;AAC7B,IAAA,IAAI,cAAA,EAAgB;AACpB,IAAA,MAAM,IAAA,CAAK,GAAG,OAAA,CAAQ,GAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAAA,CAiBrB,CAAA;AACD,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ,GAAA,CAAA,kEAAA,CAAuE,CAAA;AAC7F,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ,GAAA,CAAA,wEAAA,CAA6E,CAAA;AACnG,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ,GAAA,CAAA,sEAAA,CAA2E,CAAA;AACjG,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ,GAAA,CAAA,+DAAA,CAAoE,CAAA;AAE1F,IAAA,MAAM,IAAA,CAAK,GAAG,OAAA,CAAQ,GAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAAA,CAWrB,CAAA;AACD,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ,GAAA,CAAA,wEAAA,CAA6E,CAAA;AACnG,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ,GAAA,CAAA,uEAAA,CAA4E,CAAA;AAClG,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ,GAAA,CAAA,8EAAA,CAAmF,CAAA;AAEzG,IAAA,MAAM,IAAA,CAAK,GAAG,OAAA,CAAQ,GAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAAA,CAiBrB,CAAA;AACD,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ,GAAA,CAAA,qEAAA,CAA0E,CAAA;AAChG,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ,GAAA,CAAA,4EAAA,CAAiF,CAAA;AACvG,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ,GAAA,CAAA,6EAAA,CAAkF,CAAA;AACxG,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ,GAAA,CAAA,iFAAA,CAAsF,CAAA;AAC5G,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ,GAAA,CAAA,mFAAA,CAAwF,CAAA;AAE9G,IAAA,MAAM,IAAA,CAAK,GAAG,OAAA,CAAQ,GAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAAA,CAOrB,CAAA;AACD,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ,GAAA,CAAA,wFAAA,CAA6F,CAAA;AAEnH,IAAA,MAAM,IAAA,CAAK,GAAG,OAAA,CAAQ,GAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAAA,CAUrB,CAAA;AACD,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ,GAAA,CAAA,wEAAA,CAA6E,CAAA;AACnG,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ,GAAA,CAAA,qFAAA,CAA0F,CAAA;AAEhH,IAAA,MAAM,IAAA,CAAK,GAAG,OAAA,CAAQ,GAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAAA,CAYrB,CAAA;AACD,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ,GAAA,CAAA,iEAAA,CAAsE,CAAA;AAE5F,IAAA,MAAM,IAAA,CAAK,GAAG,OAAA,CAAQ,GAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAAA,CAUrB,CAAA;AAED,IAAA,MAAM,IAAA,CAAK,GAAG,OAAA,CAAQ,GAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAAA,CAYrB,CAAA;AAED,IAAA,MAAM,IAAA,CAAK,GAAG,OAAA,CAAQ,GAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAAA,CAQrB,CAAA;AAED,IAAA,MAAM,IAAA,CAAK,GAAG,OAAA,CAAQ,GAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAAA,CASrB,CAAA;AACD,IAAA,cAAA,GAAiB,IAAA;AAAA,EACnB;AAAA,EAEA,MAAM,UAAA,GAA4B;AAAA,EAClC;AAAA,EAEA,MAAM,WAAW,IAAA,EAOK;AACpB,IAAA,MAAM,YAAA,GAAe,MAAM,IAAA,CAAK,YAAA,CAAa,KAAK,QAAQ,CAAA;AAC1D,IAAA,MAAM,CAAC,IAAI,CAAA,GAAI,MAAM,KAAK,EAAA,CACvB,MAAA,CAAO,KAAK,CAAA,CACZ,MAAA,CAAO;AAAA,MACN,KAAA,EAAO,IAAA,CAAK,KAAA,CAAM,WAAA,EAAY;AAAA,MAC9B,MAAM,IAAA,CAAK,IAAA;AAAA,MACX,YAAA;AAAA,MACA,IAAA,EAAO,KAAK,IAAA,IAAQ,UAAA;AAAA,MACpB,QAAQ,IAAA,CAAK,MAAA;AAAA,MACb,UAAU,IAAA,CAAK;AAAA,KAChB,EACA,SAAA,EAAU;AAEb,IAAA,OAAO,IAAA,CAAK,eAAe,IAAI,CAAA;AAAA,EACjC;AAAA,EAEA,MAAM,gBAAgB,KAAA,EAAyC;AAC7D,IAAA,MAAM,CAAC,IAAI,CAAA,GAAI,MAAM,KAAK,EAAA,CACvB,MAAA,GACA,IAAA,CAAK,KAAK,EACV,KAAA,CAAM,EAAA,CAAG,MAAM,KAAA,EAAO,KAAA,CAAM,aAAa,CAAC,CAAA,CAC1C,KAAA,CAAM,CAAC,CAAA;AAEV,IAAA,OAAO,IAAA,GAAO,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA,GAAI,IAAA;AAAA,EAC5C;AAAA,EAEA,MAAM,aAAa,EAAA,EAAsC;AACvD,IAAA,MAAM,CAAC,IAAI,CAAA,GAAI,MAAM,IAAA,CAAK,EAAA,CACvB,QAAO,CACP,IAAA,CAAK,KAAK,CAAA,CACV,KAAA,CAAM,GAAG,KAAA,CAAM,EAAA,EAAI,EAAE,CAAC,CAAA,CACtB,MAAM,CAAC,CAAA;AAEV,IAAA,OAAO,IAAA,GAAO,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA,GAAI,IAAA;AAAA,EAC5C;AAAA,EAEA,MAAM,UAAA,CACJ,EAAA,EACA,IAAA,EAC0B;AAC1B,IAAA,MAAM,MAAA,GAAkC,EAAE,SAAA,kBAAW,IAAI,MAAK,EAAE;AAChE,IAAA,IAAI,IAAA,CAAK,IAAA,KAAS,MAAA,EAAW,MAAA,CAAO,OAAO,IAAA,CAAK,IAAA;AAChD,IAAA,IAAI,IAAA,CAAK,KAAA,KAAU,MAAA,EAAW,MAAA,CAAO,QAAQ,IAAA,CAAK,KAAA;AAClD,IAAA,IAAI,KAAK,YAAA,KAAiB,MAAA;AACxB,MAAA,MAAA,CAAO,eAAe,IAAA,CAAK,YAAA;AAC7B,IAAA,IAAI,IAAA,CAAK,IAAA,KAAS,MAAA,EAAW,MAAA,CAAO,OAAO,IAAA,CAAK,IAAA;AAChD,IAAA,IAAI,IAAA,CAAK,QAAA,KAAa,MAAA,EAAW,MAAA,CAAO,WAAW,IAAA,CAAK,QAAA;AACxD,IAAA,IAAI,IAAA,CAAK,MAAA,KAAW,MAAA,EAAW,MAAA,CAAO,SAAS,IAAA,CAAK,MAAA;AACpD,IAAA,IAAI,KAAK,aAAA,KAAkB,MAAA;AACzB,MAAA,MAAA,CAAO,gBAAgB,IAAA,CAAK,aAAA;AAC9B,IAAA,IAAI,IAAA,CAAK,MAAA,KAAW,MAAA,EAAW,MAAA,CAAO,SAAS,IAAA,CAAK,MAAA;AACpD,IAAA,IAAI,KAAK,SAAA,KAAc,MAAA;AACrB,MAAA,MAAA,CAAO,YAAY,IAAA,CAAK,SAAA,GAAY,IAAI,IAAA,CAAK,IAAA,CAAK,SAAS,CAAA,GAAI,IAAA;AACjE,IAAA,IAAI,KAAK,mBAAA,KAAwB,MAAA;AAC/B,MAAA,MAAA,CAAO,sBAAsB,IAAA,CAAK,mBAAA;AAEpC,IAAA,MAAM,CAAC,IAAI,CAAA,GAAI,MAAM,IAAA,CAAK,EAAA,CACvB,OAAO,KAAK,CAAA,CACZ,IAAI,MAAM,CAAA,CACV,MAAM,EAAA,CAAG,KAAA,CAAM,IAAI,EAAE,CAAC,EACtB,SAAA,EAAU;AAEb,IAAA,OAAO,IAAA,GAAO,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA,GAAI,IAAA;AAAA,EAC5C;AAAA,EAEA,MAAM,WAAW,EAAA,EAA8B;AAC7C,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,MAAA,CAAO,KAAK,CAAA,CAAE,MAAM,EAAA,CAAG,KAAA,CAAM,EAAA,EAAI,EAAE,CAAC,CAAA;AAClD,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,SAAA,CACJ,OAAA,GAII,EAAC,EAC0C;AAC/C,IAAA,MAAM,IAAA,GAAO,QAAQ,IAAA,IAAQ,CAAA;AAC7B,IAAA,MAAM,KAAA,GAAQ,QAAQ,KAAA,IAAS,EAAA;AAC/B,IAAA,MAAM,MAAA,GAAA,CAAU,OAAO,CAAA,IAAK,KAAA;AAC5B,IAAA,MAAM,SAAS,OAAA,CAAQ,MAAA;AAEvB,IAAA,IAAI,MAAA,EAAQ;AACV,MAAA,MAAM,OAAA,GAAU,IAAI,MAAM,CAAA,CAAA,CAAA;AAC1B,MAAA,MAAM,CAACA,KAAAA,EAAM,CAAC,EAAE,KAAA,EAAAC,MAAAA,EAAO,CAAC,CAAA,GAAI,MAAM,OAAA,CAAQ,GAAA,CAAI;AAAA,QAC5C,IAAA,CAAK,EAAA,CACF,MAAA,EAAO,CACP,IAAA,CAAK,KAAK,CAAA,CACV,KAAA,CAAM,GAAA,CAAA,EAAM,KAAA,CAAM,KAAK,CAAA,OAAA,EAAU,OAAO,CAAA,CAAE,CAAA,CAC1C,OAAA,CAAQ,IAAA,CAAK,KAAA,CAAM,SAAS,CAAC,CAAA,CAC7B,KAAA,CAAM,KAAK,CAAA,CACX,MAAA,CAAO,MAAM,CAAA;AAAA,QAChB,KAAK,EAAA,CACF,MAAA,CAAO,EAAE,KAAA,EAAO,eAAuB,CAAA,CACvC,IAAA,CAAK,KAAK,EACV,KAAA,CAAM,GAAA,CAAA,EAAM,MAAM,KAAK,CAAA,OAAA,EAAU,OAAO,CAAA,CAAE;AAAA,OAC9C,CAAA;AACD,MAAA,OAAO;AAAA,QACL,KAAA,EAAOD,MAAK,GAAA,CAAI,CAAC,MAAM,IAAA,CAAK,cAAA,CAAe,CAAC,CAAC,CAAA;AAAA,QAC7C,KAAA,EAAO,OAAOC,MAAK;AAAA,OACrB;AAAA,IACF;AAEA,IAAA,MAAM,CAAC,IAAA,EAAM,CAAC,EAAE,KAAA,EAAO,CAAC,CAAA,GAAI,MAAM,OAAA,CAAQ,GAAA,CAAI;AAAA,MAC5C,KAAK,EAAA,CACF,MAAA,EAAO,CACP,IAAA,CAAK,KAAK,CAAA,CACV,OAAA,CAAQ,IAAA,CAAK,KAAA,CAAM,SAAS,CAAC,CAAA,CAC7B,MAAM,KAAK,CAAA,CACX,OAAO,MAAM,CAAA;AAAA,MAChB,IAAA,CAAK,GAAG,MAAA,CAAO,EAAE,OAAO,GAAA,CAAA,QAAA,CAAA,EAAuB,CAAA,CAAE,IAAA,CAAK,KAAK;AAAA,KAC5D,CAAA;AACD,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAK,GAAA,CAAI,CAAC,MAAM,IAAA,CAAK,cAAA,CAAe,CAAC,CAAC,CAAA;AAAA,MAC7C,KAAA,EAAO,OAAO,KAAK;AAAA,KACrB;AAAA,EACF;AAAA,EAEA,MAAM,cAAA,CACJ,KAAA,EACA,QAAA,EAC0B;AAC1B,IAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,eAAA,CAAgB,KAAK,CAAA;AAC7C,IAAA,IAAI,CAAC,MAAM,OAAO,IAAA;AAClB,IAAA,MAAM,CAAC,MAAM,CAAA,GAAI,MAAM,KAAK,EAAA,CACzB,MAAA,GACA,IAAA,CAAK,KAAK,EACV,KAAA,CAAM,EAAA,CAAG,MAAM,KAAA,EAAO,KAAA,CAAM,aAAa,CAAC,CAAA,CAC1C,KAAA,CAAM,CAAC,CAAA;AACV,IAAA,IAAI,CAAC,MAAA,EAAQ,YAAA,EAAc,OAAO,IAAA;AAClC,IAAA,MAAM,QAAQ,MAAM,MAAA,CAAO,OAAA,CAAQ,QAAA,EAAU,OAAO,YAAY,CAAA;AAChE,IAAA,OAAO,QAAQ,IAAA,GAAO,IAAA;AAAA,EACxB;AAAA,EAEA,MAAM,aAAa,QAAA,EAAmC;AACpD,IAAA,OAAO,MAAA,CAAO,IAAA,CAAK,QAAA,EAAU,EAAE,CAAA;AAAA,EACjC;AAAA,EAEA,MAAM,aAAA,CACJ,MAAA,EACA,IAAA,EACkB;AAClB,IAAA,MAAM,KAAA,GAAQ,WAAA,CAAY,EAAE,CAAA,CAAE,SAAS,WAAW,CAAA;AAClD,IAAA,MAAM,YAAA,GAAe,WAAA,CAAY,EAAE,CAAA,CAAE,SAAS,WAAW,CAAA;AACzD,IAAA,MAAM,SAAA,GAAY,IAAI,IAAA,CAAK,IAAA,CAAK,KAAI,GAAI,IAAA,CAAK,aAAa,GAAI,CAAA;AAC9D,IAAyB,IAAI,IAAA,CAAK,IAAA,CAAK,KAAI,GAAI,IAAA,CAAK,kBAAkB,GAAI;AAE1E,IAAA,MAAM,CAAC,OAAO,CAAA,GAAI,MAAM,KAAK,EAAA,CAC1B,MAAA,CAAO,QAAQ,CAAA,CACf,MAAA,CAAO;AAAA,MACN,MAAA;AAAA,MACA,KAAA;AAAA,MACA,YAAA;AAAA,MACA,WAAW,IAAA,EAAM,SAAA;AAAA,MACjB,WAAW,IAAA,EAAM,SAAA;AAAA,MACjB;AAAA,KACD,EACA,SAAA,EAAU;AAEb,IAAA,OAAO,IAAA,CAAK,iBAAiB,OAAO,CAAA;AAAA,EACtC;AAAA,EAEA,MAAM,mBAAmB,KAAA,EAAwC;AAC/D,IAAA,MAAM,CAAC,OAAO,CAAA,GAAI,MAAM,IAAA,CAAK,EAAA,CAC1B,MAAA,EAAO,CACP,IAAA,CAAK,QAAQ,CAAA,CACb,KAAA,CAAM,GAAA,CAAI,EAAA,CAAG,QAAA,CAAS,KAAA,EAAO,KAAK,CAAA,EAAG,EAAA,CAAG,QAAA,CAAS,SAAA,kBAAW,IAAI,IAAA,EAAM,CAAC,CAAC,CAAA,CACxE,KAAA,CAAM,CAAC,CAAA;AAEV,IAAA,OAAO,OAAA,GAAU,IAAA,CAAK,gBAAA,CAAiB,OAAO,CAAA,GAAI,IAAA;AAAA,EACpD;AAAA,EAEA,MAAM,0BACJ,YAAA,EACyB;AACzB,IAAA,MAAM,CAAC,OAAO,CAAA,GAAI,MAAM,IAAA,CAAK,GAC1B,MAAA,EAAO,CACP,IAAA,CAAK,QAAQ,CAAA,CACb,KAAA;AAAA,MACC,GAAA;AAAA,QACE,EAAA,CAAG,QAAA,CAAS,YAAA,EAAc,YAAY,CAAA;AAAA,QACtC,EAAA,CAAG,QAAA,CAAS,SAAA,kBAAW,IAAI,MAAM;AAAA;AACnC,KACF,CACC,MAAM,CAAC,CAAA;AAEV,IAAA,OAAO,OAAA,GAAU,IAAA,CAAK,gBAAA,CAAiB,OAAO,CAAA,GAAI,IAAA;AAAA,EACpD;AAAA,EAEA,MAAM,cAAc,SAAA,EAAqC;AACvD,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,MAAA,CAAO,QAAQ,CAAA,CAAE,MAAM,EAAA,CAAG,QAAA,CAAS,EAAA,EAAI,SAAS,CAAC,CAAA;AAC/D,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,mBAAmB,MAAA,EAAiC;AACxD,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,MAAA,CAAO,QAAQ,CAAA,CAAE,MAAM,EAAA,CAAG,QAAA,CAAS,MAAA,EAAQ,MAAM,CAAC,CAAA;AAChE,IAAA,OAAO,CAAA;AAAA,EACT;AAAA,EAEA,MAAM,oBAAA,CACJ,MAAA,EACA,YAAA,EACe;AACf,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,MAAA,CAAO,eAAe,EAAE,MAAA,CAAO;AAAA,MAC3C,MAAA;AAAA,MACA;AAAA,KACD,CAAA;AAAA,EACH;AAAA,EAEA,MAAM,kBAAA,CACJ,MAAA,EACA,KAAA,GAAgB,CAAA,EACG;AACnB,IAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,EAAA,CACxB,MAAA,CAAO,EAAE,YAAA,EAAc,eAAA,CAAgB,YAAA,EAAc,CAAA,CACrD,IAAA,CAAK,eAAe,CAAA,CACpB,KAAA,CAAM,EAAA,CAAG,eAAA,CAAgB,MAAA,EAAQ,MAAM,CAAC,CAAA,CACxC,OAAA,CAAQ,IAAA,CAAK,eAAA,CAAgB,SAAS,CAAC,CAAA,CACvC,KAAA,CAAM,KAAK,CAAA;AAEd,IAAA,OAAO,OAAA,CAAQ,GAAA,CAAI,CAAC,CAAA,KAAM,EAAE,YAAY,CAAA;AAAA,EAC1C;AAAA,EAEA,MAAM,mBAAA,CACJ,QAAA,EACA,MAAA,EACA,eAAuB,CAAA,EACL;AAClB,IAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,kBAAA,CAAmB,QAAQ,YAAY,CAAA;AAElE,IAAA,KAAA,MAAW,QAAQ,OAAA,EAAS;AAC1B,MAAA,IAAI,MAAM,IAAA,CAAK,cAAA,CAAe,QAAA,EAAU,IAAI,CAAA,EAAG;AAC7C,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF;AAEA,IAAA,OAAO,KAAA;AAAA,EACT;AAAA,EAEA,MAAM,SAAS,MAAA,EAAkC;AAC/C,IAAA,MAAM,CAAC,OAAO,CAAA,GAAI,MAAM,IAAA,CAAK,GAC1B,MAAA,EAAO,CACP,IAAA,CAAK,QAAQ,CAAA,CACb,KAAA;AAAA,MACC,GAAA,CAAI,EAAA,CAAG,QAAA,CAAS,MAAA,EAAQ,MAAM,CAAA,EAAG,EAAA,CAAG,QAAA,CAAS,WAAA,kBAAa,IAAI,IAAA,EAAM,CAAC;AAAA,KACvE,CACC,MAAM,CAAC,CAAA;AAEV,IAAA,OAAO,CAAC,CAAC,OAAA;AAAA,EACX;AAAA,EAEA,MAAM,WAAW,MAAA,EAAuD;AACtE,IAAA,MAAM,CAAC,OAAO,CAAA,GAAI,MAAM,IAAA,CAAK,GAC1B,MAAA,EAAO,CACP,IAAA,CAAK,QAAQ,CAAA,CACb,KAAA;AAAA,MACC,GAAA,CAAI,EAAA,CAAG,QAAA,CAAS,MAAA,EAAQ,MAAM,CAAA,EAAG,EAAA,CAAG,QAAA,CAAS,WAAA,kBAAa,IAAI,IAAA,EAAM,CAAC;AAAA,KACvE,CACC,MAAM,CAAC,CAAA;AAEV,IAAA,OAAO,OAAA,GAAU,EAAE,WAAA,EAAa,OAAA,CAAQ,aAAY,GAAI,IAAA;AAAA,EAC1D;AAAA,EAEA,MAAM,mBAAA,CACJ,MAAA,EACA,SAAA,EACgD;AAChD,IAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,YAAA,CAAa,MAAM,CAAA;AAC3C,IAAA,MAAM,QAAA,GAAA,CAAY,IAAA,EAAM,mBAAA,IAAuB,CAAA,IAAK,CAAA;AAEpD,IAAA,MAAM,KAAK,UAAA,CAAW,MAAA,EAAQ,EAAE,mBAAA,EAAqB,UAAU,CAAA;AAE/D,IAAA,MAAM,WAAA,GAAc,CAAA;AACpB,IAAA,MAAM,SAAS,QAAA,IAAY,WAAA;AAE3B,IAAA,IAAI,MAAA,EAAQ;AACV,MAAA,MAAM,eAAA,GAAkB,KAAK,EAAA,GAAK,GAAA;AAClC,MAAA,MAAM,IAAA,CAAK,EAAA,CAAG,MAAA,CAAO,QAAQ,EAAE,MAAA,CAAO;AAAA,QACpC,MAAA;AAAA,QACA,SAAA;AAAA,QACA,MAAA,EAAQ,gCAAA;AAAA,QACR,aAAa,IAAI,IAAA,CAAK,IAAA,CAAK,GAAA,KAAQ,eAAe;AAAA,OACnD,CAAA;AAAA,IACH;AAEA,IAAA,OAAO,EAAE,UAAU,MAAA,EAAO;AAAA,EAC5B;AAAA,EAEA,MAAM,cAAc,MAAA,EAA+B;AACjD,IAAA,MAAM,KAAK,UAAA,CAAW,MAAA,EAAQ,EAAE,mBAAA,EAAqB,GAAG,CAAA;AAAA,EAC1D;AAAA,EAEA,MAAM,cACJ,MAAA,EAC8C;AAC9C,IAAA,MAAM;AAAA,MACJ,KAAA,GAAQ,EAAA;AAAA,MACR,MAAA,GAAS,CAAA;AAAA,MACT,MAAA;AAAA,MACA,MAAA;AAAA,MACA,QAAA;AAAA,MACA,UAAA;AAAA,MACA,OAAA;AAAA,MACA,SAAA;AAAA,MACA;AAAA,KACF,GAAI,MAAA;AAEJ,IAAA,MAAM,aAAa,EAAC;AACpB,IAAA,IAAI,QAAQ,UAAA,CAAW,IAAA,CAAK,GAAG,SAAA,CAAU,MAAA,EAAQ,MAAM,CAAC,CAAA;AACxD,IAAA,IAAI,MAAA,EAAQ;AACV,MAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,MAAM,CAAA,EAAG;AACzB,QAAA,UAAA,CAAW,KAAK,GAAA,CAAA,EAAM,SAAA,CAAU,MAAM,CAAA,OAAA,EAAU,MAAM,CAAA,CAAA,CAAG,CAAA;AAAA,MAC3D,CAAA,MAAO;AACL,QAAA,UAAA,CAAW,IAAA,CAAK,EAAA,CAAG,SAAA,CAAU,MAAA,EAAQ,MAAM,CAAC,CAAA;AAAA,MAC9C;AAAA,IACF;AACA,IAAA,IAAI,UAAU,UAAA,CAAW,IAAA,CAAK,GAAG,SAAA,CAAU,QAAA,EAAU,QAAQ,CAAC,CAAA;AAC9D,IAAA,IAAI,YAAY,UAAA,CAAW,IAAA,CAAK,GAAG,SAAA,CAAU,UAAA,EAAY,UAAU,CAAC,CAAA;AACpE,IAAA,IAAI,OAAA,KAAY,QAAW,UAAA,CAAW,IAAA,CAAK,GAAG,SAAA,CAAU,OAAA,EAAS,OAAO,CAAC,CAAA;AACzE,IAAA,IAAI,SAAA,aAAsB,IAAA,CAAK,GAAA,CAAA,EAAM,UAAU,SAAS,CAAA,IAAA,EAAO,SAAS,CAAA,CAAE,CAAA;AAC1E,IAAA,IAAI,OAAA,aAAoB,IAAA,CAAK,GAAA,CAAA,EAAM,UAAU,SAAS,CAAA,IAAA,EAAO,OAAO,CAAA,CAAE,CAAA;AAEtE,IAAA,MAAM,cAAc,UAAA,CAAW,MAAA,GAAS,IAAI,GAAA,CAAI,GAAG,UAAU,CAAA,GAAI,MAAA;AAEjE,IAAA,MAAM,WAAA,GAAc,MAAM,IAAA,CAAK,EAAA,CAC5B,OAAO,EAAE,KAAA,EAAO,GAAA,CAAA,QAAA,CAAA,EAAuB,CAAA,CACvC,IAAA,CAAK,SAAS,CAAA,CACd,MAAM,WAAW,CAAA;AAEpB,IAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,EAAA,CACrB,QAAO,CACP,IAAA,CAAK,SAAS,CAAA,CACd,KAAA,CAAM,WAAW,EACjB,OAAA,CAAQ,IAAA,CAAK,UAAU,SAAS,CAAC,EACjC,KAAA,CAAM,KAAK,CAAA,CACX,MAAA,CAAO,MAAM,CAAA;AAEhB,IAAA,OAAO;AAAA,MACL,IAAA,EAAM,IAAA,CAAK,GAAA,CAAI,CAAC,GAAA,MAAS;AAAA,QACvB,IAAI,GAAA,CAAI,EAAA;AAAA,QACR,WAAW,GAAA,CAAI,SAAA;AAAA,QACf,QAAQ,GAAA,CAAI,MAAA;AAAA,QACZ,MAAA,EAAQ,IAAI,MAAA,IAAU,MAAA;AAAA,QACtB,SAAA,EAAW,IAAI,SAAA,IAAa,MAAA;AAAA,QAC5B,IAAA,EAAM,IAAI,IAAA,IAAQ,MAAA;AAAA,QAClB,UAAU,GAAA,CAAI,QAAA;AAAA,QACd,UAAA,EAAY,IAAI,UAAA,IAAc,MAAA;AAAA,QAC9B,OAAA,EAAS,IAAI,OAAA,IAAW,MAAA;AAAA,QACxB,SAAA,EAAW,IAAI,SAAA,IAAa,MAAA;AAAA,QAC5B,SAAA,EAAW,IAAI,SAAA,IAAa,MAAA;AAAA,QAC5B,SAAS,GAAA,CAAI,OAAA;AAAA,QACb,KAAA,EAAO,IAAI,KAAA,IAAS,MAAA;AAAA,QACpB,QAAA,EAAU,IAAI,QAAA,IAAY;AAAA,OAC5B,CAAE,CAAA;AAAA,MACF,OAAO,MAAA,CAAO,WAAA,CAAY,CAAC,CAAA,EAAG,SAAS,CAAC;AAAA,KAC1C;AAAA,EACF;AAAA,EAEA,MAAM,eACJ,IAAA,EACmB;AACnB,IAAA,MAAM,EAAA,GAAK,OAAO,UAAA,EAAW;AAC7B,IAAA,MAAM,SAAA,uBAAgB,IAAA,EAAK;AAE3B,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,MAAA,CAAO,SAAS,EAAE,MAAA,CAAO;AAAA,MACrC,EAAA;AAAA,MACA,QAAQ,IAAA,CAAK,MAAA;AAAA,MACb,MAAA,EAAQ,KAAK,MAAA,IAAU,IAAA;AAAA,MACvB,SAAA,EAAW,KAAK,SAAA,IAAa,IAAA;AAAA,MAC7B,IAAA,EAAM,KAAK,IAAA,IAAQ,IAAA;AAAA,MACnB,UAAU,IAAA,CAAK,QAAA;AAAA,MACf,UAAA,EAAY,KAAK,UAAA,IAAc,IAAA;AAAA,MAC/B,OAAA,EAAS,KAAK,OAAA,IAAW,IAAA;AAAA,MACzB,SAAA,EAAW,KAAK,SAAA,IAAa,IAAA;AAAA,MAC7B,SAAA,EAAW,KAAK,SAAA,IAAa,IAAA;AAAA,MAC7B,SAAS,IAAA,CAAK,OAAA;AAAA,MACd,KAAA,EAAO,KAAK,KAAA,IAAS,IAAA;AAAA,MACrB,QAAA,EAAU,KAAK,QAAA,IAAY,IAAA;AAAA,MAC3B;AAAA,KACD,CAAA;AAED,IAAA,OAAO;AAAA,MACL,GAAG,IAAA;AAAA,MACH,EAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AAAA,EAEQ,eAAe,IAAA,EAA6B;AAClD,IAAA,OAAO;AAAA,MACL,IAAI,IAAA,CAAK,EAAA;AAAA,MACT,IAAA,EAAM,KAAK,IAAA,IAAQ,MAAA;AAAA,MACnB,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,YAAA,EAAc,KAAK,YAAA,IAAgB,MAAA;AAAA,MACnC,MAAM,IAAA,CAAK,IAAA;AAAA,MACX,MAAA,EAAQ,IAAA,CAAK,MAAA,IAAU,OAAO,IAAA,CAAK,MAAA,KAAW,QAAA,GACzC,IAAA,CAAK,MAAA,CAAe,EAAA,IAAM,MAAA,GAC1B,IAAA,CAAK,MAAA,IAAU,MAAA;AAAA,MACpB,QAAA,EAAU,KAAK,QAAA,IAAY,MAAA;AAAA,MAC3B,aAAA,EAAe,KAAK,aAAA,IAAiB,KAAA;AAAA,MACrC,MAAA,EAAQ,KAAK,MAAA,IAAU,KAAA;AAAA,MACvB,SAAA,EAAW,KAAK,SAAA,GAAY,IAAI,KAAK,IAAA,CAAK,SAAS,CAAA,CAAE,WAAA,EAAY,GAAI,MAAA;AAAA,MACrE,mBAAA,EAAqB,KAAK,mBAAA,IAAuB,CAAA;AAAA,MACjD,WAAW,IAAI,IAAA,CAAK,IAAA,CAAK,SAAS,EAAE,WAAA,EAAY;AAAA,MAChD,WAAW,IAAI,IAAA,CAAK,IAAA,CAAK,SAAS,EAAE,WAAA;AAAY,KAClD;AAAA,EACF;AAAA,EAEQ,iBAAiB,OAAA,EAAgD;AACvE,IAAA,OAAO;AAAA,MACL,IAAI,OAAA,CAAQ,EAAA;AAAA,MACZ,QAAQ,OAAA,CAAQ,MAAA;AAAA,MAChB,OAAO,OAAA,CAAQ,KAAA;AAAA,MACf,YAAA,EAAc,QAAQ,YAAA,IAAgB,MAAA;AAAA,MACtC,WAAW,IAAI,IAAA,CAAK,OAAA,CAAQ,SAAS,EAAE,WAAA,EAAY;AAAA,MACnD,WAAW,IAAI,IAAA,CAAK,OAAA,CAAQ,SAAS,EAAE,WAAA,EAAY;AAAA,MACnD,SAAA,EAAW,QAAQ,SAAA,IAAa,MAAA;AAAA,MAChC,SAAA,EAAW,QAAQ,SAAA,IAAa;AAAA,KAClC;AAAA,EACF;AAAA,EAEA,MAAM,6BAA6B,MAAA,EAA6D;AAC9F,IAAA,MAAM,KAAA,GAAQ,WAAA,CAAY,EAAE,CAAA,CAAE,SAAS,KAAK,CAAA;AAC5C,IAAA,MAAM,SAAA,GAAY,IAAI,IAAA,CAAK,IAAA,CAAK,KAAI,GAAI,EAAA,GAAK,EAAA,GAAK,EAAA,GAAK,GAAI,CAAA;AAE3D,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,MAAA,CAAO,kBAAkB,EAAE,MAAA,CAAO;AAAA,MAC9C,MAAA;AAAA,MACA,KAAA;AAAA,MACA;AAAA,KACD,CAAA;AAED,IAAA,OAAO,EAAE,OAAO,SAAA,EAAU;AAAA,EAC5B;AAAA,EAEA,MAAM,iBAAiB,KAAA,EAA+E;AACpG,IAAA,MAAM,CAAC,YAAY,CAAA,GAAI,MAAM,IAAA,CAAK,EAAA,CAC/B,QAAO,CACP,IAAA,CAAK,kBAAkB,CAAA,CACvB,KAAA,CAAM,GAAG,kBAAA,CAAmB,KAAA,EAAO,KAAK,CAAC,CAAA,CACzC,MAAM,CAAC,CAAA;AAEV,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,4BAAA,EAA6B;AAAA,IAC/D;AAEA,IAAA,IAAI,YAAA,CAAa,SAAA,mBAAY,IAAI,IAAA,EAAK,EAAG;AACvC,MAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,gCAAA,EAAiC;AAAA,IACnE;AAEA,IAAA,MAAM,KAAK,EAAA,CACR,MAAA,CAAO,KAAK,CAAA,CACZ,IAAI,EAAE,aAAA,EAAe,IAAA,EAAM,EAC3B,KAAA,CAAM,EAAA,CAAG,MAAM,EAAA,EAAI,YAAA,CAAa,MAAM,CAAC,CAAA;AAE1C,IAAA,MAAM,IAAA,CAAK,EAAA,CACR,MAAA,CAAO,kBAAkB,CAAA,CACzB,KAAA,CAAM,EAAA,CAAG,kBAAA,CAAmB,EAAA,EAAI,YAAA,CAAa,EAAE,CAAC,CAAA;AAEnD,IAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,MAAA,EAAQ,aAAa,MAAA,EAAO;AAAA,EACtD;AAAA,EAEA,MAAM,yBAAyB,KAAA,EAA4E;AACzG,IAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,eAAA,CAAgB,KAAK,CAAA;AAC7C,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,OAAO,EAAE,OAAO,EAAA,EAAI,SAAA,sBAAe,IAAA,EAAK,EAAG,OAAO,gBAAA,EAAiB;AAAA,IACrE;AAEA,IAAA,MAAM,KAAA,GAAQ,WAAA,CAAY,EAAE,CAAA,CAAE,SAAS,KAAK,CAAA;AAC5C,IAAA,MAAM,SAAA,GAAY,IAAI,IAAA,CAAK,IAAA,CAAK,KAAI,GAAI,EAAA,GAAK,KAAK,GAAI,CAAA;AAEtD,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,MAAA,CAAO,cAAc,EAAE,MAAA,CAAO;AAAA,MAC1C,QAAQ,IAAA,CAAK,EAAA;AAAA,MACb,KAAA;AAAA,MACA;AAAA,KACD,CAAA;AAED,IAAA,OAAO,EAAE,OAAO,SAAA,EAAU;AAAA,EAC5B;AAAA,EAEA,MAAM,sBAAA,CAAuB,KAAA,EAAe,WAAA,EAAoE;AAC9G,IAAA,MAAM,CAAC,KAAK,CAAA,GAAI,MAAM,IAAA,CAAK,EAAA,CACxB,QAAO,CACP,IAAA,CAAK,cAAc,CAAA,CACnB,KAAA,CAAM,GAAG,cAAA,CAAe,KAAA,EAAO,KAAK,CAAC,CAAA,CACrC,MAAM,CAAC,CAAA;AAEV,IAAA,IAAI,CAAC,KAAA,EAAO;AACV,MAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,qBAAA,EAAsB;AAAA,IACxD;AAEA,IAAA,IAAI,KAAA,CAAM,SAAA,mBAAY,IAAI,IAAA,EAAK,EAAG;AAChC,MAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,yBAAA,EAA0B;AAAA,IAC5D;AAEA,IAAA,IAAI,MAAM,MAAA,EAAQ;AAChB,MAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,mCAAA,EAAoC;AAAA,IACtE;AAEA,IAAA,MAAM,YAAA,GAAe,MAAM,IAAA,CAAK,YAAA,CAAa,WAAW,CAAA;AAExD,IAAA,MAAM,IAAA,CAAK,GACR,MAAA,CAAO,KAAK,EACZ,GAAA,CAAI,EAAE,cAAc,SAAA,kBAAW,IAAI,MAAK,EAAG,EAC3C,KAAA,CAAM,EAAA,CAAG,MAAM,EAAA,EAAI,KAAA,CAAM,MAAM,CAAC,CAAA;AAEnC,IAAA,MAAM,KAAK,EAAA,CACR,MAAA,CAAO,cAAc,CAAA,CACrB,GAAA,CAAI,EAAE,MAAA,kBAAQ,IAAI,MAAK,EAAG,EAC1B,KAAA,CAAM,EAAA,CAAG,eAAe,EAAA,EAAI,KAAA,CAAM,EAAE,CAAC,CAAA;AAExC,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,MAAA,CAAO,QAAQ,CAAA,CAAE,KAAA,CAAM,EAAA,CAAG,QAAA,CAAS,MAAA,EAAQ,KAAA,CAAM,MAAM,CAAC,CAAA;AAEtE,IAAA,OAAO,EAAE,SAAS,IAAA,EAAK;AAAA,EACzB;AACF","file":"chunk-CJX74IYK.js","sourcesContent":["import type { PostgresJsDatabase } from \"drizzle-orm/postgres-js\";\nimport { eq, and, gt, desc, sql } from \"drizzle-orm\";\nimport bcrypt from \"bcryptjs\";\nimport { randomBytes, randomUUID } from \"crypto\";\nimport type {\n AuthAdapter,\n AuthUser,\n Session,\n UserRole,\n} from \"../../auth/types.js\";\nimport {\n users,\n sessions,\n passwordHistory,\n auditLogs,\n lockouts,\n roles,\n permissions,\n tenants,\n apiKeys,\n emailVerifications,\n passwordResets,\n type AuthUser as AuthUserRow,\n} from \"./schema/auth.js\";\nimport type {\n AuditLog,\n AuditLogFilter,\n} from \"../../auth/security/audit-log.js\";\n\nexport interface PostgresAuthAdapterOptions {\n db: PostgresJsDatabase;\n prefix?: string;\n sessionTTL?: number;\n refreshTokenTTL?: number;\n}\n\nlet _tablesEnsured = false;\n\nexport class PostgresAuthAdapter implements AuthAdapter {\n private db: PostgresJsDatabase;\n private prefix: string;\n private sessionTTL: number;\n private refreshTokenTTL: number;\n\n constructor(options: PostgresAuthAdapterOptions) {\n this.db = options.db;\n this.prefix = options.prefix || \"kyro:\";\n this.sessionTTL = options.sessionTTL || 86400;\n this.refreshTokenTTL = options.refreshTokenTTL || 604800;\n }\n\n async connect(): Promise<void> {\n if (_tablesEnsured) return;\n await this.db.execute(sql`\n CREATE TABLE IF NOT EXISTS \"users\" (\n \"id\" UUID PRIMARY KEY DEFAULT gen_random_uuid(),\n \"name\" VARCHAR(255),\n \"email\" VARCHAR(255) NOT NULL,\n \"password_hash\" VARCHAR(255),\n \"role\" VARCHAR(50) NOT NULL DEFAULT 'customer',\n \"tenant_id\" UUID,\n \"email_verified\" BOOLEAN DEFAULT false,\n \"locked\" BOOLEAN DEFAULT false,\n \"last_login\" TIMESTAMP,\n \"failed_login_attempts\" INTEGER DEFAULT 0,\n \"metadata\" JSONB,\n \"avatar\" VARCHAR(255),\n \"created_at\" TIMESTAMP NOT NULL DEFAULT NOW(),\n \"updated_at\" TIMESTAMP NOT NULL DEFAULT NOW()\n )\n `);\n await this.db.execute(sql`ALTER TABLE \"users\" ADD COLUMN IF NOT EXISTS \"avatar\" VARCHAR(255)`);\n await this.db.execute(sql`CREATE UNIQUE INDEX IF NOT EXISTS \"users_email_idx\" ON \"users\" (\"email\")`);\n await this.db.execute(sql`CREATE INDEX IF NOT EXISTS \"users_tenant_idx\" ON \"users\" (\"tenant_id\")`);\n await this.db.execute(sql`CREATE INDEX IF NOT EXISTS \"users_role_idx\" ON \"users\" (\"role\")`);\n\n await this.db.execute(sql`\n CREATE TABLE IF NOT EXISTS \"sessions\" (\n \"id\" UUID PRIMARY KEY DEFAULT gen_random_uuid(),\n \"user_id\" UUID NOT NULL REFERENCES \"users\"(\"id\") ON DELETE CASCADE,\n \"token\" VARCHAR(512) NOT NULL UNIQUE,\n \"refresh_token\" VARCHAR(512),\n \"ip_address\" VARCHAR(45),\n \"user_agent\" TEXT,\n \"expires_at\" TIMESTAMP NOT NULL,\n \"created_at\" TIMESTAMP NOT NULL DEFAULT NOW()\n )\n `);\n await this.db.execute(sql`CREATE INDEX IF NOT EXISTS \"sessions_user_idx\" ON \"sessions\" (\"user_id\")`);\n await this.db.execute(sql`CREATE INDEX IF NOT EXISTS \"sessions_token_idx\" ON \"sessions\" (\"token\")`);\n await this.db.execute(sql`CREATE INDEX IF NOT EXISTS \"sessions_expires_idx\" ON \"sessions\" (\"expires_at\")`);\n\n await this.db.execute(sql`\n CREATE TABLE IF NOT EXISTS \"audit_logs\" (\n \"id\" UUID PRIMARY KEY DEFAULT gen_random_uuid(),\n \"action\" VARCHAR(100) NOT NULL,\n \"user_id\" UUID REFERENCES \"users\"(\"id\") ON DELETE SET NULL,\n \"user_email\" VARCHAR(255),\n \"role\" VARCHAR(50),\n \"resource\" VARCHAR(100) NOT NULL,\n \"resource_id\" VARCHAR(255),\n \"changes\" JSONB,\n \"ip_address\" VARCHAR(45),\n \"user_agent\" TEXT,\n \"success\" BOOLEAN NOT NULL DEFAULT true,\n \"error\" TEXT,\n \"metadata\" JSONB,\n \"timestamp\" TIMESTAMP NOT NULL DEFAULT NOW()\n )\n `);\n await this.db.execute(sql`ALTER TABLE \"audit_logs\" ALTER COLUMN \"resource_id\" TYPE VARCHAR(255)`);\n await this.db.execute(sql`CREATE INDEX IF NOT EXISTS \"audit_logs_user_idx\" ON \"audit_logs\" (\"user_id\")`);\n await this.db.execute(sql`CREATE INDEX IF NOT EXISTS \"audit_logs_action_idx\" ON \"audit_logs\" (\"action\")`);\n await this.db.execute(sql`CREATE INDEX IF NOT EXISTS \"audit_logs_resource_idx\" ON \"audit_logs\" (\"resource\")`);\n await this.db.execute(sql`CREATE INDEX IF NOT EXISTS \"audit_logs_timestamp_idx\" ON \"audit_logs\" (\"timestamp\")`);\n\n await this.db.execute(sql`\n CREATE TABLE IF NOT EXISTS \"password_history\" (\n \"id\" UUID PRIMARY KEY DEFAULT gen_random_uuid(),\n \"user_id\" UUID NOT NULL REFERENCES \"users\"(\"id\") ON DELETE CASCADE,\n \"password_hash\" VARCHAR(255) NOT NULL,\n \"created_at\" TIMESTAMP NOT NULL DEFAULT NOW()\n )\n `);\n await this.db.execute(sql`CREATE INDEX IF NOT EXISTS \"password_history_user_idx\" ON \"password_history\" (\"user_id\")`);\n\n await this.db.execute(sql`\n CREATE TABLE IF NOT EXISTS \"lockouts\" (\n \"id\" UUID PRIMARY KEY DEFAULT gen_random_uuid(),\n \"user_id\" UUID NOT NULL REFERENCES \"users\"(\"id\") ON DELETE CASCADE,\n \"ip_address\" VARCHAR(45),\n \"reason\" VARCHAR(255),\n \"locked_until\" TIMESTAMP NOT NULL,\n \"released_at\" TIMESTAMP,\n \"created_at\" TIMESTAMP NOT NULL DEFAULT NOW()\n )\n `);\n await this.db.execute(sql`CREATE INDEX IF NOT EXISTS \"lockouts_user_idx\" ON \"lockouts\" (\"user_id\")`);\n await this.db.execute(sql`CREATE INDEX IF NOT EXISTS \"lockouts_locked_until_idx\" ON \"lockouts\" (\"locked_until\")`);\n\n await this.db.execute(sql`\n CREATE TABLE IF NOT EXISTS \"roles\" (\n \"id\" UUID PRIMARY KEY DEFAULT gen_random_uuid(),\n \"name\" VARCHAR(100) NOT NULL UNIQUE,\n \"level\" INTEGER NOT NULL DEFAULT 0,\n \"inherits\" TEXT[],\n \"description\" TEXT,\n \"permissions\" JSONB DEFAULT '[]',\n \"is_system\" BOOLEAN DEFAULT false,\n \"created_at\" TIMESTAMP NOT NULL DEFAULT NOW(),\n \"updated_at\" TIMESTAMP NOT NULL DEFAULT NOW()\n )\n `);\n await this.db.execute(sql`CREATE INDEX IF NOT EXISTS \"roles_level_idx\" ON \"roles\" (\"level\")`);\n\n await this.db.execute(sql`\n CREATE TABLE IF NOT EXISTS \"tenants\" (\n \"id\" UUID PRIMARY KEY DEFAULT gen_random_uuid(),\n \"name\" VARCHAR(255) NOT NULL,\n \"slug\" VARCHAR(100) NOT NULL UNIQUE,\n \"settings\" JSONB DEFAULT '{}',\n \"is_active\" BOOLEAN DEFAULT true,\n \"created_at\" TIMESTAMP NOT NULL DEFAULT NOW(),\n \"updated_at\" TIMESTAMP NOT NULL DEFAULT NOW()\n )\n `);\n\n await this.db.execute(sql`\n CREATE TABLE IF NOT EXISTS \"api_keys\" (\n \"id\" UUID PRIMARY KEY DEFAULT gen_random_uuid(),\n \"user_id\" UUID NOT NULL REFERENCES \"users\"(\"id\") ON DELETE CASCADE,\n \"name\" VARCHAR(255) NOT NULL,\n \"key\" VARCHAR(64) NOT NULL UNIQUE,\n \"key_prefix\" VARCHAR(8) NOT NULL,\n \"permissions\" JSONB DEFAULT '[]',\n \"last_used_at\" TIMESTAMP,\n \"expires_at\" TIMESTAMP,\n \"created_at\" TIMESTAMP NOT NULL DEFAULT NOW()\n )\n `);\n\n await this.db.execute(sql`\n CREATE TABLE IF NOT EXISTS \"email_verifications\" (\n \"id\" UUID PRIMARY KEY DEFAULT gen_random_uuid(),\n \"user_id\" UUID NOT NULL REFERENCES \"users\"(\"id\") ON DELETE CASCADE,\n \"token\" VARCHAR(64) NOT NULL UNIQUE,\n \"expires_at\" TIMESTAMP NOT NULL,\n \"created_at\" TIMESTAMP NOT NULL DEFAULT NOW()\n )\n `);\n\n await this.db.execute(sql`\n CREATE TABLE IF NOT EXISTS \"password_resets\" (\n \"id\" UUID PRIMARY KEY DEFAULT gen_random_uuid(),\n \"user_id\" UUID NOT NULL REFERENCES \"users\"(\"id\") ON DELETE CASCADE,\n \"token\" VARCHAR(64) NOT NULL UNIQUE,\n \"expires_at\" TIMESTAMP NOT NULL,\n \"used_at\" TIMESTAMP,\n \"created_at\" TIMESTAMP NOT NULL DEFAULT NOW()\n )\n `);\n _tablesEnsured = true;\n }\n\n async disconnect(): Promise<void> {\n }\n\n async createUser(data: {\n email: string;\n password: string;\n name?: string;\n role?: UserRole;\n avatar?: string;\n tenantId?: string;\n }): Promise<AuthUser> {\n const passwordHash = await this.hashPassword(data.password);\n const [user] = await this.db\n .insert(users)\n .values({\n email: data.email.toLowerCase(),\n name: data.name,\n passwordHash,\n role: (data.role || \"customer\") as string,\n avatar: data.avatar,\n tenantId: data.tenantId,\n })\n .returning();\n\n return this.userToAuthUser(user);\n }\n\n async findUserByEmail(email: string): Promise<AuthUser | null> {\n const [user] = await this.db\n .select()\n .from(users)\n .where(eq(users.email, email.toLowerCase()))\n .limit(1);\n\n return user ? this.userToAuthUser(user) : null;\n }\n\n async findUserById(id: string): Promise<AuthUser | null> {\n const [user] = await this.db\n .select()\n .from(users)\n .where(eq(users.id, id))\n .limit(1);\n\n return user ? this.userToAuthUser(user) : null;\n }\n\n async updateUser(\n id: string,\n data: Partial<AuthUser>,\n ): Promise<AuthUser | null> {\n const dbData: Record<string, unknown> = { updatedAt: new Date() };\n if (data.name !== undefined) dbData.name = data.name;\n if (data.email !== undefined) dbData.email = data.email;\n if (data.passwordHash !== undefined)\n dbData.passwordHash = data.passwordHash;\n if (data.role !== undefined) dbData.role = data.role;\n if (data.tenantId !== undefined) dbData.tenantId = data.tenantId;\n if (data.avatar !== undefined) dbData.avatar = data.avatar;\n if (data.emailVerified !== undefined)\n dbData.emailVerified = data.emailVerified;\n if (data.locked !== undefined) dbData.locked = data.locked;\n if (data.lastLogin !== undefined)\n dbData.lastLogin = data.lastLogin ? new Date(data.lastLogin) : null;\n if (data.failedLoginAttempts !== undefined)\n dbData.failedLoginAttempts = data.failedLoginAttempts;\n\n const [user] = await this.db\n .update(users)\n .set(dbData)\n .where(eq(users.id, id))\n .returning();\n\n return user ? this.userToAuthUser(user) : null;\n }\n\n async deleteUser(id: string): Promise<boolean> {\n await this.db.delete(users).where(eq(users.id, id));\n return true;\n }\n\n async findUsers(\n options: {\n page?: number;\n limit?: number;\n search?: string;\n } = {},\n ): Promise<{ users: AuthUser[]; total: number }> {\n const page = options.page ?? 1;\n const limit = options.limit ?? 10;\n const offset = (page - 1) * limit;\n const search = options.search;\n\n if (search) {\n const pattern = `%${search}%`;\n const [rows, [{ count }]] = await Promise.all([\n this.db\n .select()\n .from(users)\n .where(sql`${users.email} ILIKE ${pattern}`)\n .orderBy(desc(users.createdAt))\n .limit(limit)\n .offset(offset),\n this.db\n .select({ count: sql<number>`count(*)` })\n .from(users)\n .where(sql`${users.email} ILIKE ${pattern}`),\n ]);\n return {\n users: rows.map((r) => this.userToAuthUser(r)),\n total: Number(count),\n };\n }\n\n const [rows, [{ count }]] = await Promise.all([\n this.db\n .select()\n .from(users)\n .orderBy(desc(users.createdAt))\n .limit(limit)\n .offset(offset),\n this.db.select({ count: sql<number>`count(*)` }).from(users),\n ]);\n return {\n users: rows.map((r) => this.userToAuthUser(r)),\n total: Number(count),\n };\n }\n\n async verifyPassword(\n email: string,\n password: string,\n ): Promise<AuthUser | null> {\n const user = await this.findUserByEmail(email);\n if (!user) return null;\n const [stored] = await this.db\n .select()\n .from(users)\n .where(eq(users.email, email.toLowerCase()))\n .limit(1);\n if (!stored?.passwordHash) return null;\n const valid = await bcrypt.compare(password, stored.passwordHash);\n return valid ? user : null;\n }\n\n async hashPassword(password: string): Promise<string> {\n return bcrypt.hash(password, 12);\n }\n\n async createSession(\n userId: string,\n data?: { ipAddress?: string; userAgent?: string },\n ): Promise<Session> {\n const token = randomBytes(32).toString(\"base64url\");\n const refreshToken = randomBytes(32).toString(\"base64url\");\n const expiresAt = new Date(Date.now() + this.sessionTTL * 1000);\n const refreshExpiresAt = new Date(Date.now() + this.refreshTokenTTL * 1000);\n\n const [session] = await this.db\n .insert(sessions)\n .values({\n userId,\n token,\n refreshToken,\n ipAddress: data?.ipAddress,\n userAgent: data?.userAgent,\n expiresAt,\n })\n .returning();\n\n return this.sessionToSession(session);\n }\n\n async findSessionByToken(token: string): Promise<Session | null> {\n const [session] = await this.db\n .select()\n .from(sessions)\n .where(and(eq(sessions.token, token), gt(sessions.expiresAt, new Date())))\n .limit(1);\n\n return session ? this.sessionToSession(session) : null;\n }\n\n async findSessionByRefreshToken(\n refreshToken: string,\n ): Promise<Session | null> {\n const [session] = await this.db\n .select()\n .from(sessions)\n .where(\n and(\n eq(sessions.refreshToken, refreshToken),\n gt(sessions.expiresAt, new Date()),\n ),\n )\n .limit(1);\n\n return session ? this.sessionToSession(session) : null;\n }\n\n async deleteSession(sessionId: string): Promise<boolean> {\n await this.db.delete(sessions).where(eq(sessions.id, sessionId));\n return true;\n }\n\n async deleteUserSessions(userId: string): Promise<number> {\n await this.db.delete(sessions).where(eq(sessions.userId, userId));\n return 1;\n }\n\n async addPasswordToHistory(\n userId: string,\n passwordHash: string,\n ): Promise<void> {\n await this.db.insert(passwordHistory).values({\n userId,\n passwordHash,\n });\n }\n\n async getPasswordHistory(\n userId: string,\n count: number = 5,\n ): Promise<string[]> {\n const history = await this.db\n .select({ passwordHash: passwordHistory.passwordHash })\n .from(passwordHistory)\n .where(eq(passwordHistory.userId, userId))\n .orderBy(desc(passwordHistory.createdAt))\n .limit(count);\n\n return history.map((h) => h.passwordHash);\n }\n\n async isPasswordInHistory(\n password: string,\n userId: string,\n historyCount: number = 5,\n ): Promise<boolean> {\n const history = await this.getPasswordHistory(userId, historyCount);\n\n for (const hash of history) {\n if (await this.verifyPassword(password, hash)) {\n return true;\n }\n }\n\n return false;\n }\n\n async isLocked(userId: string): Promise<boolean> {\n const [lockout] = await this.db\n .select()\n .from(lockouts)\n .where(\n and(eq(lockouts.userId, userId), gt(lockouts.lockedUntil, new Date())),\n )\n .limit(1);\n\n return !!lockout;\n }\n\n async getLockout(userId: string): Promise<{ lockedUntil: Date } | null> {\n const [lockout] = await this.db\n .select()\n .from(lockouts)\n .where(\n and(eq(lockouts.userId, userId), gt(lockouts.lockedUntil, new Date())),\n )\n .limit(1);\n\n return lockout ? { lockedUntil: lockout.lockedUntil } : null;\n }\n\n async recordFailedAttempt(\n userId: string,\n ipAddress?: string,\n ): Promise<{ attempts: number; locked: boolean }> {\n const user = await this.findUserById(userId);\n const attempts = (user?.failedLoginAttempts || 0) + 1;\n\n await this.updateUser(userId, { failedLoginAttempts: attempts });\n\n const maxAttempts = 5;\n const locked = attempts >= maxAttempts;\n\n if (locked) {\n const lockoutDuration = 15 * 60 * 1000;\n await this.db.insert(lockouts).values({\n userId,\n ipAddress,\n reason: \"Too many failed login attempts\",\n lockedUntil: new Date(Date.now() + lockoutDuration),\n });\n }\n\n return { attempts, locked };\n }\n\n async resetAttempts(userId: string): Promise<void> {\n await this.updateUser(userId, { failedLoginAttempts: 0 });\n }\n\n async findAuditLogs(\n filter: AuditLogFilter,\n ): Promise<{ logs: AuditLog[]; total: number }> {\n const {\n limit = 50,\n offset = 0,\n userId,\n action,\n resource,\n resourceId,\n success,\n startDate,\n endDate,\n } = filter;\n\n const conditions = [];\n if (userId) conditions.push(eq(auditLogs.userId, userId));\n if (action) {\n if (Array.isArray(action)) {\n conditions.push(sql`${auditLogs.action} = ANY(${action})`);\n } else {\n conditions.push(eq(auditLogs.action, action));\n }\n }\n if (resource) conditions.push(eq(auditLogs.resource, resource));\n if (resourceId) conditions.push(eq(auditLogs.resourceId, resourceId));\n if (success !== undefined) conditions.push(eq(auditLogs.success, success));\n if (startDate) conditions.push(sql`${auditLogs.timestamp} >= ${startDate}`);\n if (endDate) conditions.push(sql`${auditLogs.timestamp} <= ${endDate}`);\n\n const whereClause = conditions.length > 0 ? and(...conditions) : undefined;\n\n const countResult = await this.db\n .select({ count: sql<number>`count(*)` })\n .from(auditLogs)\n .where(whereClause);\n\n const logs = await this.db\n .select()\n .from(auditLogs)\n .where(whereClause)\n .orderBy(desc(auditLogs.timestamp))\n .limit(limit)\n .offset(offset);\n\n return {\n logs: logs.map((log) => ({\n id: log.id,\n timestamp: log.timestamp,\n action: log.action as AuditLog[\"action\"],\n userId: log.userId || undefined,\n userEmail: log.userEmail || undefined,\n role: log.role || undefined,\n resource: log.resource,\n resourceId: log.resourceId || undefined,\n changes: log.changes || undefined,\n ipAddress: log.ipAddress || undefined,\n userAgent: log.userAgent || undefined,\n success: log.success,\n error: log.error || undefined,\n metadata: log.metadata || undefined,\n })),\n total: Number(countResult[0]?.count || 0),\n };\n }\n\n async createAuditLog(\n data: Omit<AuditLog, \"id\" | \"timestamp\">,\n ): Promise<AuditLog> {\n const id = crypto.randomUUID();\n const timestamp = new Date();\n\n await this.db.insert(auditLogs).values({\n id,\n action: data.action,\n userId: data.userId ?? null,\n userEmail: data.userEmail ?? null,\n role: data.role ?? null,\n resource: data.resource,\n resourceId: data.resourceId ?? null,\n changes: data.changes ?? null,\n ipAddress: data.ipAddress ?? null,\n userAgent: data.userAgent ?? null,\n success: data.success,\n error: data.error ?? null,\n metadata: data.metadata ?? null,\n timestamp,\n });\n\n return {\n ...data,\n id,\n timestamp,\n };\n }\n\n private userToAuthUser(user: AuthUserRow): AuthUser {\n return {\n id: user.id,\n name: user.name || undefined,\n email: user.email,\n passwordHash: user.passwordHash || undefined,\n role: user.role as UserRole,\n avatar: user.avatar && typeof user.avatar === \"object\"\n ? (user.avatar as any).id || undefined\n : (user.avatar || undefined),\n tenantId: user.tenantId || undefined,\n emailVerified: user.emailVerified || false,\n locked: user.locked || false,\n lastLogin: user.lastLogin ? new Date(user.lastLogin).toISOString() : undefined,\n failedLoginAttempts: user.failedLoginAttempts || 0,\n createdAt: new Date(user.createdAt).toISOString(),\n updatedAt: new Date(user.updatedAt).toISOString(),\n };\n }\n\n private sessionToSession(session: typeof sessions.$inferSelect): Session {\n return {\n id: session.id,\n userId: session.userId,\n token: session.token,\n refreshToken: session.refreshToken || undefined,\n expiresAt: new Date(session.expiresAt).toISOString(),\n createdAt: new Date(session.createdAt).toISOString(),\n ipAddress: session.ipAddress || undefined,\n userAgent: session.userAgent || undefined,\n };\n }\n\n async createEmailVerificationToken(userId: string): Promise<{ token: string; expiresAt: Date }> {\n const token = randomBytes(32).toString(\"hex\");\n const expiresAt = new Date(Date.now() + 24 * 60 * 60 * 1000);\n\n await this.db.insert(emailVerifications).values({\n userId,\n token,\n expiresAt,\n });\n\n return { token, expiresAt };\n }\n\n async verifyEmailToken(token: string): Promise<{ success: boolean; userId?: string; error?: string }> {\n const [verification] = await this.db\n .select()\n .from(emailVerifications)\n .where(eq(emailVerifications.token, token))\n .limit(1);\n\n if (!verification) {\n return { success: false, error: \"Invalid verification token\" };\n }\n\n if (verification.expiresAt < new Date()) {\n return { success: false, error: \"Verification token has expired\" };\n }\n\n await this.db\n .update(users)\n .set({ emailVerified: true })\n .where(eq(users.id, verification.userId));\n\n await this.db\n .delete(emailVerifications)\n .where(eq(emailVerifications.id, verification.id));\n\n return { success: true, userId: verification.userId };\n }\n\n async createPasswordResetToken(email: string): Promise<{ token: string; expiresAt: Date; error?: string }> {\n const user = await this.findUserByEmail(email);\n if (!user) {\n return { token: \"\", expiresAt: new Date(), error: \"User not found\" };\n }\n\n const token = randomBytes(32).toString(\"hex\");\n const expiresAt = new Date(Date.now() + 60 * 60 * 1000);\n\n await this.db.insert(passwordResets).values({\n userId: user.id,\n token,\n expiresAt,\n });\n\n return { token, expiresAt };\n }\n\n async resetPasswordWithToken(token: string, newPassword: string): Promise<{ success: boolean; error?: string }> {\n const [reset] = await this.db\n .select()\n .from(passwordResets)\n .where(eq(passwordResets.token, token))\n .limit(1);\n\n if (!reset) {\n return { success: false, error: \"Invalid reset token\" };\n }\n\n if (reset.expiresAt < new Date()) {\n return { success: false, error: \"Reset token has expired\" };\n }\n\n if (reset.usedAt) {\n return { success: false, error: \"Reset token has already been used\" };\n }\n\n const passwordHash = await this.hashPassword(newPassword);\n\n await this.db\n .update(users)\n .set({ passwordHash, updatedAt: new Date() })\n .where(eq(users.id, reset.userId));\n\n await this.db\n .update(passwordResets)\n .set({ usedAt: new Date() })\n .where(eq(passwordResets.id, reset.id));\n\n await this.db.delete(sessions).where(eq(sessions.userId, reset.userId));\n\n return { success: true };\n }\n}\n"]}