npm - @lastshotlabs/bunshot - Versions diffs - 0.0.25 → 0.0.28 - Mend

@lastshotlabs/bunshot 0.0.25 → 0.0.28

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (725) hide show

package/.oclif.manifest.json +39 -0
package/README.md +8282 -2147
package/dist/cli/commands/init.js +690 -0
package/dist/cli/index.js +6 -0
package/dist/cli.js +4 -4
package/dist/packages/bunshot-admin/src/index.d.ts +15 -0
package/dist/packages/bunshot-admin/src/index.js +11 -0
package/dist/packages/bunshot-admin/src/lib/resourceTypes.d.ts +8 -0
package/dist/packages/bunshot-admin/src/lib/resourceTypes.js +33 -0
package/dist/packages/bunshot-admin/src/lib/typedRoute.d.ts +14 -0
package/dist/packages/bunshot-admin/src/lib/typedRoute.js +17 -0
package/dist/packages/bunshot-admin/src/plugin.d.ts +4 -0
package/dist/packages/bunshot-admin/src/plugin.js +46 -0
package/dist/packages/bunshot-admin/src/providers/auth0Access.d.ts +6 -0
package/dist/packages/bunshot-admin/src/providers/auth0Access.js +32 -0
package/dist/packages/bunshot-admin/src/routes/admin.d.ts +10 -0
package/dist/packages/bunshot-admin/src/routes/admin.js +923 -0
package/dist/packages/bunshot-admin/src/routes/mail.d.ts +6 -0
package/dist/packages/bunshot-admin/src/routes/mail.js +114 -0
package/dist/packages/bunshot-admin/src/routes/permissions.d.ts +8 -0
package/dist/packages/bunshot-admin/src/routes/permissions.js +315 -0
package/dist/packages/bunshot-admin/src/types/config.d.ts +16 -0
package/dist/packages/bunshot-admin/src/types/config.js +37 -0
package/dist/packages/bunshot-admin/src/types/env.d.ts +14 -0
package/dist/packages/bunshot-admin/src/types/provider.d.ts +1 -0
package/dist/packages/bunshot-admin/src/types/provider.js +4 -0
package/dist/packages/bunshot-auth/src/adapters/memoryAuth.d.ts +66 -0
package/dist/packages/bunshot-auth/src/adapters/memoryAuth.js +1063 -0
package/dist/packages/bunshot-auth/src/adapters/mongoAuth.d.ts +2 -0
package/dist/packages/bunshot-auth/src/adapters/mongoAuth.js +536 -0
package/dist/packages/bunshot-auth/src/adapters/sqliteAuth.d.ts +88 -0
package/dist/packages/bunshot-auth/src/adapters/sqliteAuth.js +1366 -0
package/dist/packages/bunshot-auth/src/admin/bunshotAccess.d.ts +2 -0
package/dist/packages/bunshot-auth/src/admin/bunshotAccess.js +23 -0
package/dist/packages/bunshot-auth/src/admin/bunshotUsers.d.ts +5 -0
package/dist/packages/bunshot-auth/src/admin/bunshotUsers.js +131 -0
package/dist/packages/bunshot-auth/src/bootstrap.d.ts +38 -0
package/dist/packages/bunshot-auth/src/bootstrap.js +384 -0
package/dist/packages/bunshot-auth/src/config/appConfig.d.ts +3 -0
package/dist/packages/bunshot-auth/src/config/appConfig.js +4 -0
package/dist/packages/bunshot-auth/src/config/authConfig.d.ts +478 -0
package/dist/packages/bunshot-auth/src/config/authConfig.js +46 -0
package/dist/packages/bunshot-auth/src/config/configLock.d.ts +2 -0
package/dist/packages/bunshot-auth/src/config/configLock.js +10 -0
package/dist/packages/bunshot-auth/src/index.d.ts +25 -0
package/dist/packages/bunshot-auth/src/index.js +23 -0
package/dist/packages/bunshot-auth/src/infra/mongo.d.ts +15 -0
package/dist/packages/bunshot-auth/src/infra/mongo.js +44 -0
package/dist/packages/bunshot-auth/src/infra/queue.d.ts +14 -0
package/dist/packages/bunshot-auth/src/infra/queue.js +27 -0
package/dist/packages/bunshot-auth/src/infra/redis.d.ts +5 -0
package/dist/packages/bunshot-auth/src/infra/redis.js +15 -0
package/dist/packages/bunshot-auth/src/infra/signing.d.ts +7 -0
package/dist/packages/bunshot-auth/src/infra/signing.js +8 -0
package/dist/packages/bunshot-auth/src/lib/accountLockout.d.ts +34 -0
package/dist/packages/bunshot-auth/src/lib/accountLockout.js +244 -0
package/dist/packages/bunshot-auth/src/lib/adapterTiers.d.ts +1 -0
package/dist/packages/bunshot-auth/src/lib/adapterTiers.js +1 -0
package/dist/packages/bunshot-auth/src/lib/authAdapter.d.ts +1 -0
package/dist/packages/bunshot-auth/src/lib/authAdapter.js +1 -0
package/dist/packages/bunshot-auth/src/lib/authContext.d.ts +15 -0
package/dist/packages/bunshot-auth/src/lib/authContext.js +1 -0
package/dist/packages/bunshot-auth/src/lib/authEventBus.d.ts +4 -0
package/dist/packages/bunshot-auth/src/lib/authEventBus.js +15 -0
package/dist/packages/bunshot-auth/src/lib/authRateLimit.d.ts +28 -0
package/dist/packages/bunshot-auth/src/lib/authRateLimit.js +205 -0
package/dist/packages/bunshot-auth/src/lib/breachedPassword.d.ts +19 -0
package/dist/packages/bunshot-auth/src/lib/breachedPassword.js +61 -0
package/dist/packages/bunshot-auth/src/lib/cache.d.ts +12 -0
package/dist/packages/bunshot-auth/src/lib/cache.js +120 -0
package/dist/packages/bunshot-auth/src/lib/clientIp.d.ts +4 -0
package/dist/{lib → packages/bunshot-auth/src/lib}/clientIp.js +14 -7
package/dist/packages/bunshot-auth/src/lib/cookieOptions.d.ts +27 -0
package/dist/packages/bunshot-auth/src/lib/cookieOptions.js +33 -0
package/dist/packages/bunshot-auth/src/lib/credentialStuffing.d.ts +40 -0
package/dist/packages/bunshot-auth/src/lib/credentialStuffing.js +221 -0
package/dist/packages/bunshot-auth/src/lib/deletionCancelToken.d.ts +19 -0
package/dist/packages/bunshot-auth/src/lib/deletionCancelToken.js +148 -0
package/dist/packages/bunshot-auth/src/lib/emailTemplates.d.ts +23 -0
package/dist/packages/bunshot-auth/src/lib/emailTemplates.js +265 -0
package/dist/packages/bunshot-auth/src/lib/emailVerification.d.ts +30 -0
package/dist/packages/bunshot-auth/src/lib/emailVerification.js +200 -0
package/dist/packages/bunshot-auth/src/lib/env.d.ts +1 -0
package/dist/packages/bunshot-auth/src/lib/env.js +3 -0
package/dist/packages/bunshot-auth/src/lib/fingerprint.js +36 -0
package/dist/{lib → packages/bunshot-auth/src/lib}/groups.d.ts +15 -16
package/dist/{lib → packages/bunshot-auth/src/lib}/groups.js +22 -34
package/dist/packages/bunshot-auth/src/lib/jwks.d.ts +28 -0
package/dist/packages/bunshot-auth/src/lib/jwks.js +79 -0
package/dist/packages/bunshot-auth/src/lib/jwt.d.ts +12 -0
package/dist/packages/bunshot-auth/src/lib/jwt.js +86 -0
package/dist/packages/bunshot-auth/src/lib/logger.d.ts +3 -0
package/dist/packages/bunshot-auth/src/lib/logger.js +13 -0
package/dist/packages/bunshot-auth/src/lib/m2m.d.ts +30 -0
package/dist/packages/bunshot-auth/src/lib/m2m.js +44 -0
package/dist/packages/bunshot-auth/src/lib/magicLink.d.ts +13 -0
package/dist/packages/bunshot-auth/src/lib/magicLink.js +145 -0
package/dist/packages/bunshot-auth/src/lib/mfaChallenge.d.ts +60 -0
package/dist/packages/bunshot-auth/src/lib/mfaChallenge.js +419 -0
package/dist/packages/bunshot-auth/src/lib/oauth.d.ts +82 -0
package/dist/packages/bunshot-auth/src/lib/oauth.js +177 -0
package/dist/packages/bunshot-auth/src/lib/oauthCode.d.ts +19 -0
package/dist/packages/bunshot-auth/src/lib/oauthCode.js +182 -0
package/dist/packages/bunshot-auth/src/lib/oauthReauth.d.ts +19 -0
package/dist/packages/bunshot-auth/src/lib/oauthReauth.js +255 -0
package/dist/packages/bunshot-auth/src/lib/organization.d.ts +66 -0
package/dist/packages/bunshot-auth/src/lib/organization.js +225 -0
package/dist/packages/bunshot-auth/src/lib/passwordHistory.d.ts +12 -0
package/dist/packages/bunshot-auth/src/lib/passwordHistory.js +31 -0
package/dist/packages/bunshot-auth/src/lib/resetPassword.d.ts +20 -0
package/dist/packages/bunshot-auth/src/lib/resetPassword.js +148 -0
package/dist/packages/bunshot-auth/src/lib/roles.d.ts +9 -0
package/dist/packages/bunshot-auth/src/lib/roles.js +93 -0
package/dist/packages/bunshot-auth/src/lib/saml.d.ts +29 -0
package/dist/packages/bunshot-auth/src/lib/saml.js +73 -0
package/dist/packages/bunshot-auth/src/lib/samlRequestId.d.ts +13 -0
package/dist/packages/bunshot-auth/src/lib/samlRequestId.js +129 -0
package/dist/packages/bunshot-auth/src/lib/scim.d.ts +44 -0
package/dist/packages/bunshot-auth/src/lib/scim.js +56 -0
package/dist/packages/bunshot-auth/src/lib/securityEventWiring.d.ts +22 -0
package/dist/packages/bunshot-auth/src/lib/securityEventWiring.js +65 -0
package/dist/packages/bunshot-auth/src/lib/session.d.ts +45 -0
package/dist/packages/bunshot-auth/src/lib/session.js +1211 -0
package/dist/packages/bunshot-auth/src/lib/storeInfra.d.ts +26 -0
package/dist/packages/bunshot-auth/src/lib/storeInfra.js +18 -0
package/dist/packages/bunshot-auth/src/lib/suspension.d.ts +14 -0
package/dist/packages/bunshot-auth/src/lib/suspension.js +20 -0
package/dist/packages/bunshot-auth/src/lib/validateAdapter.d.ts +16 -0
package/dist/packages/bunshot-auth/src/lib/validateAdapter.js +161 -0
package/dist/packages/bunshot-auth/src/middleware/bearerAuth.d.ts +13 -0
package/dist/packages/bunshot-auth/src/middleware/bearerAuth.js +58 -0
package/dist/{middleware → packages/bunshot-auth/src/middleware}/csrf.d.ts +5 -4
package/dist/packages/bunshot-auth/src/middleware/csrf.js +138 -0
package/dist/packages/bunshot-auth/src/middleware/identify.d.ts +4 -0
package/dist/packages/bunshot-auth/src/middleware/identify.js +124 -0
package/dist/{middleware → packages/bunshot-auth/src/middleware}/requireMfaSetup.d.ts +2 -2
package/dist/{middleware → packages/bunshot-auth/src/middleware}/requireMfaSetup.js +10 -7
package/dist/{middleware → packages/bunshot-auth/src/middleware}/requireRole.d.ts +2 -2
package/dist/{middleware → packages/bunshot-auth/src/middleware}/requireRole.js +20 -16
package/dist/packages/bunshot-auth/src/middleware/requireScope.d.ts +10 -0
package/dist/packages/bunshot-auth/src/middleware/requireScope.js +25 -0
package/dist/packages/bunshot-auth/src/middleware/requireStepUp.d.ts +18 -0
package/dist/packages/bunshot-auth/src/middleware/requireStepUp.js +30 -0
package/dist/{middleware → packages/bunshot-auth/src/middleware}/requireVerifiedEmail.d.ts +2 -2
package/dist/{middleware → packages/bunshot-auth/src/middleware}/requireVerifiedEmail.js +7 -6
package/dist/packages/bunshot-auth/src/middleware/scimAuth.d.ts +8 -0
package/dist/packages/bunshot-auth/src/middleware/scimAuth.js +29 -0
package/dist/packages/bunshot-auth/src/middleware/userAuth.d.ts +3 -0
package/dist/packages/bunshot-auth/src/middleware/userAuth.js +6 -0
package/dist/{models → packages/bunshot-auth/src/models}/AuthUser.d.ts +19 -8
package/dist/packages/bunshot-auth/src/models/AuthUser.js +53 -0
package/dist/packages/bunshot-auth/src/models/Group.d.ts +19 -0
package/dist/packages/bunshot-auth/src/models/Group.js +22 -0
package/dist/{models → packages/bunshot-auth/src/models}/GroupMembership.d.ts +6 -8
package/dist/packages/bunshot-auth/src/models/GroupMembership.js +19 -0
package/dist/packages/bunshot-auth/src/models/M2MClient.d.ts +18 -0
package/dist/packages/bunshot-auth/src/models/M2MClient.js +18 -0
package/dist/packages/bunshot-auth/src/models/TenantRole.d.ts +13 -0
package/dist/packages/bunshot-auth/src/models/TenantRole.js +17 -0
package/dist/packages/bunshot-auth/src/plugin.d.ts +4 -0
package/dist/packages/bunshot-auth/src/plugin.js +274 -0
package/dist/packages/bunshot-auth/src/routes/auth.d.ts +15 -0
package/dist/packages/bunshot-auth/src/routes/auth.js +1624 -0
package/dist/packages/bunshot-auth/src/routes/groups.d.ts +4 -0
package/dist/packages/bunshot-auth/src/routes/groups.js +481 -0
package/dist/packages/bunshot-auth/src/routes/m2m.d.ts +2 -0
package/dist/packages/bunshot-auth/src/routes/m2m.js +145 -0
package/dist/packages/bunshot-auth/src/routes/mfa.d.ts +6 -0
package/dist/packages/bunshot-auth/src/routes/mfa.js +991 -0
package/dist/packages/bunshot-auth/src/routes/oauth.d.ts +3 -0
package/dist/packages/bunshot-auth/src/routes/oauth.js +1727 -0
package/dist/packages/bunshot-auth/src/routes/oidc.d.ts +2 -0
package/dist/packages/bunshot-auth/src/routes/oidc.js +84 -0
package/dist/packages/bunshot-auth/src/routes/organizations.d.ts +3 -0
package/dist/packages/bunshot-auth/src/routes/organizations.js +741 -0
package/dist/packages/bunshot-auth/src/routes/passkey.d.ts +2 -0
package/dist/packages/bunshot-auth/src/routes/passkey.js +199 -0
package/dist/packages/bunshot-auth/src/routes/saml.d.ts +2 -0
package/dist/packages/bunshot-auth/src/routes/saml.js +226 -0
package/dist/packages/bunshot-auth/src/routes/scim.d.ts +3 -0
package/dist/packages/bunshot-auth/src/routes/scim.js +588 -0
package/dist/packages/bunshot-auth/src/runtime.d.ts +52 -0
package/dist/packages/bunshot-auth/src/runtime.js +11 -0
package/dist/{schemas → packages/bunshot-auth/src/schemas}/auth.d.ts +4 -5
package/dist/packages/bunshot-auth/src/schemas/auth.js +24 -0
package/dist/packages/bunshot-auth/src/schemas/error.d.ts +10 -0
package/dist/packages/bunshot-auth/src/schemas/error.js +10 -0
package/dist/packages/bunshot-auth/src/schemas/success.d.ts +10 -0
package/dist/packages/bunshot-auth/src/schemas/success.js +10 -0
package/dist/packages/bunshot-auth/src/services/auth.d.ts +39 -0
package/dist/packages/bunshot-auth/src/services/auth.js +378 -0
package/dist/{services → packages/bunshot-auth/src/services}/mfa.d.ts +41 -17
package/dist/{services → packages/bunshot-auth/src/services}/mfa.js +259 -183
package/dist/packages/bunshot-auth/src/testing.d.ts +31 -0
package/dist/packages/bunshot-auth/src/testing.js +23 -0
package/dist/packages/bunshot-auth/src/types/adapter.d.ts +1 -0
package/dist/packages/bunshot-auth/src/types/adapter.js +1 -0
package/dist/packages/bunshot-auth/src/types/config.d.ts +152 -0
package/dist/packages/bunshot-auth/src/types/config.js +179 -0
package/dist/{routes → packages/bunshot-auth/src/types}/groups.d.ts +2 -3
package/dist/packages/bunshot-auth/src/types/groups.js +1 -0
package/dist/packages/bunshot-auth/src/types/oauthCode.d.ts +6 -0
package/dist/packages/bunshot-auth/src/types/oauthCode.js +1 -0
package/dist/packages/bunshot-auth/src/types/oauthReauth.d.ts +13 -0
package/dist/packages/bunshot-auth/src/types/oauthReauth.js +1 -0
package/dist/packages/bunshot-auth/src/types/redis.d.ts +1 -0
package/dist/packages/bunshot-auth/src/types/redis.js +1 -0
package/dist/packages/bunshot-auth/src/types/saml.d.ts +10 -0
package/dist/packages/bunshot-auth/src/types/saml.js +1 -0
package/dist/packages/bunshot-auth/src/types/session.d.ts +18 -0
package/dist/packages/bunshot-auth/src/types/session.js +1 -0
package/dist/packages/bunshot-auth/src/types/store.d.ts +1 -0
package/dist/packages/bunshot-auth/src/types/store.js +1 -0
package/dist/packages/bunshot-core/src/adminProvider.d.ts +95 -0
package/dist/packages/bunshot-core/src/adminProvider.js +1 -0
package/dist/packages/bunshot-core/src/auditLog.d.ts +34 -0
package/dist/packages/bunshot-core/src/auditLog.js +1 -0
package/dist/packages/bunshot-core/src/auth-adapter.d.ts +227 -0
package/dist/packages/bunshot-core/src/auth-adapter.js +4 -0
package/dist/packages/bunshot-core/src/authVariables.d.ts +14 -0
package/dist/packages/bunshot-core/src/authVariables.js +4 -0
package/dist/packages/bunshot-core/src/cache.d.ts +12 -0
package/dist/packages/bunshot-core/src/cache.js +21 -0
package/dist/packages/bunshot-core/src/captcha.d.ts +16 -0
package/dist/packages/bunshot-core/src/captcha.js +1 -0
package/dist/packages/bunshot-core/src/clearRegistry.d.ts +6 -0
package/dist/packages/bunshot-core/src/clearRegistry.js +17 -0
package/dist/packages/bunshot-core/src/clientIp.d.ts +3 -0
package/dist/packages/bunshot-core/src/clientIp.js +45 -0
package/dist/packages/bunshot-core/src/configLock.d.ts +4 -0
package/dist/packages/bunshot-core/src/configLock.js +7 -0
package/dist/packages/bunshot-core/src/configValidation.d.ts +22 -0
package/dist/packages/bunshot-core/src/configValidation.js +39 -0
package/dist/packages/bunshot-core/src/constants.js +10 -0
package/dist/packages/bunshot-core/src/context/bunshotContext.d.ts +232 -0
package/dist/packages/bunshot-core/src/context/bunshotContext.js +1 -0
package/dist/packages/bunshot-core/src/context/contextAccess.d.ts +3 -0
package/dist/packages/bunshot-core/src/context/contextAccess.js +16 -0
package/dist/packages/bunshot-core/src/context/contextStore.d.ts +16 -0
package/dist/packages/bunshot-core/src/context/contextStore.js +31 -0
package/dist/packages/bunshot-core/src/context/frameworkConfig.d.ts +38 -0
package/dist/packages/bunshot-core/src/context/frameworkConfig.js +1 -0
package/dist/packages/bunshot-core/src/context/index.d.ts +4 -0
package/dist/packages/bunshot-core/src/context/index.js +2 -0
package/dist/packages/bunshot-core/src/context.d.ts +40 -0
package/dist/packages/bunshot-core/src/context.js +35 -0
package/dist/packages/bunshot-core/src/coreContracts.d.ts +47 -0
package/dist/packages/bunshot-core/src/coreContracts.js +1 -0
package/dist/packages/bunshot-core/src/coreRegistrar.d.ts +6 -0
package/dist/packages/bunshot-core/src/coreRegistrar.js +42 -0
package/dist/{lib → packages/bunshot-core/src}/createRoute.d.ts +4 -30
package/dist/{lib → packages/bunshot-core/src}/createRoute.js +39 -88
package/dist/packages/bunshot-core/src/cronRegistry.d.ts +11 -0
package/dist/packages/bunshot-core/src/cronRegistry.js +1 -0
package/dist/packages/bunshot-core/src/crypto.d.ts +43 -0
package/dist/packages/bunshot-core/src/crypto.js +74 -0
package/dist/packages/bunshot-core/src/csrf.d.ts +8 -0
package/dist/packages/bunshot-core/src/csrf.js +1 -0
package/dist/packages/bunshot-core/src/defaults/defaultFingerprint.d.ts +7 -0
package/dist/packages/bunshot-core/src/defaults/defaultFingerprint.js +19 -0
package/dist/packages/bunshot-core/src/defaults/memoryCacheAdapter.d.ts +6 -0
package/dist/packages/bunshot-core/src/defaults/memoryCacheAdapter.js +40 -0
package/dist/packages/bunshot-core/src/defaults/memoryRateLimit.d.ts +6 -0
package/dist/packages/bunshot-core/src/defaults/memoryRateLimit.js +24 -0
package/dist/packages/bunshot-core/src/emailTemplates.d.ts +5 -0
package/dist/packages/bunshot-core/src/emailTemplates.js +10 -0
package/dist/packages/bunshot-core/src/errors.d.ts +13 -0
package/dist/packages/bunshot-core/src/errors.js +22 -0
package/dist/packages/bunshot-core/src/eventBus.d.ts +270 -0
package/dist/packages/bunshot-core/src/eventBus.js +143 -0
package/dist/packages/bunshot-core/src/idempotency.d.ts +18 -0
package/dist/packages/bunshot-core/src/idempotency.js +1 -0
package/dist/packages/bunshot-core/src/index.d.ts +60 -0
package/dist/packages/bunshot-core/src/index.js +34 -0
package/dist/packages/bunshot-core/src/mail.d.ts +14 -0
package/dist/packages/bunshot-core/src/mail.js +8 -0
package/dist/packages/bunshot-core/src/memoryEviction.d.ts +24 -0
package/dist/packages/bunshot-core/src/memoryEviction.js +52 -0
package/dist/packages/bunshot-core/src/pagination.d.ts +45 -0
package/dist/packages/bunshot-core/src/pagination.js +61 -0
package/dist/packages/bunshot-core/src/permissions.d.ts +64 -0
package/dist/packages/bunshot-core/src/permissions.js +27 -0
package/dist/packages/bunshot-core/src/plugin.d.ts +44 -0
package/dist/packages/bunshot-core/src/plugin.js +1 -0
package/dist/packages/bunshot-core/src/rateLimit.d.ts +5 -0
package/dist/packages/bunshot-core/src/rateLimit.js +18 -0
package/dist/packages/bunshot-core/src/redis.d.ts +21 -0
package/dist/packages/bunshot-core/src/redis.js +1 -0
package/dist/packages/bunshot-core/src/routeAuth.d.ts +5 -0
package/dist/packages/bunshot-core/src/routeAuth.js +11 -0
package/dist/packages/bunshot-core/src/routeOverrides.d.ts +24 -0
package/dist/packages/bunshot-core/src/routeOverrides.js +25 -0
package/dist/packages/bunshot-core/src/routerAdapter.d.ts +6 -0
package/dist/packages/bunshot-core/src/routerAdapter.js +56 -0
package/dist/packages/bunshot-core/src/secrets.d.ts +48 -0
package/dist/packages/bunshot-core/src/secrets.js +8 -0
package/dist/packages/bunshot-core/src/signing.d.ts +41 -0
package/dist/packages/bunshot-core/src/signing.js +1 -0
package/dist/packages/bunshot-core/src/sse.d.ts +36 -0
package/dist/packages/bunshot-core/src/sse.js +1 -0
package/dist/packages/bunshot-core/src/storageAdapter.js +1 -0
package/dist/packages/bunshot-core/src/storeInfra.d.ts +44 -0
package/dist/packages/bunshot-core/src/storeInfra.js +18 -0
package/dist/packages/bunshot-core/src/storeType.d.ts +7 -0
package/dist/packages/bunshot-core/src/storeType.js +1 -0
package/dist/packages/bunshot-core/src/testing.d.ts +1 -0
package/dist/packages/bunshot-core/src/testing.js +1 -0
package/dist/packages/bunshot-core/src/uploadRegistry.d.ts +23 -0
package/dist/packages/bunshot-core/src/uploadRegistry.js +4 -0
package/dist/packages/bunshot-core/src/userResolver.d.ts +5 -0
package/dist/packages/bunshot-core/src/userResolver.js +14 -0
package/dist/packages/bunshot-core/src/wsMessages.d.ts +42 -0
package/dist/packages/bunshot-core/src/wsMessages.js +4 -0
package/dist/packages/bunshot-permissions/src/adapters/memory.d.ts +7 -0
package/dist/packages/bunshot-permissions/src/adapters/memory.js +73 -0
package/dist/packages/bunshot-permissions/src/index.d.ts +10 -0
package/dist/packages/bunshot-permissions/src/index.js +5 -0
package/dist/packages/bunshot-permissions/src/lib/bootstrap.d.ts +7 -0
package/dist/packages/bunshot-permissions/src/lib/bootstrap.js +12 -0
package/dist/packages/bunshot-permissions/src/lib/evaluator.d.ts +10 -0
package/dist/packages/bunshot-permissions/src/lib/evaluator.js +165 -0
package/dist/packages/bunshot-permissions/src/lib/registry.d.ts +2 -0
package/dist/packages/bunshot-permissions/src/lib/registry.js +31 -0
package/dist/packages/bunshot-permissions/src/lib/validation.d.ts +1 -0
package/dist/packages/bunshot-permissions/src/lib/validation.js +1 -0
package/dist/packages/bunshot-permissions/src/types/adapter.d.ts +1 -0
package/dist/packages/bunshot-permissions/src/types/adapter.js +1 -0
package/dist/packages/bunshot-permissions/src/types/evaluator.d.ts +1 -0
package/dist/packages/bunshot-permissions/src/types/evaluator.js +1 -0
package/dist/packages/bunshot-permissions/src/types/models.d.ts +1 -0
package/dist/packages/bunshot-permissions/src/types/models.js +1 -0
package/dist/packages/bunshot-permissions/src/types/registry.d.ts +1 -0
package/dist/packages/bunshot-permissions/src/types/registry.js +1 -0
package/dist/packages/bunshot-postgres/src/adapter.d.ts +6 -0
package/dist/packages/bunshot-postgres/src/adapter.js +794 -0
package/dist/packages/bunshot-postgres/src/connection.d.ts +15 -0
package/dist/packages/bunshot-postgres/src/connection.js +16 -0
package/dist/packages/bunshot-postgres/src/index.d.ts +4 -0
package/dist/packages/bunshot-postgres/src/index.js +2 -0
package/dist/packages/bunshot-postgres/src/schema.d.ts +997 -0
package/dist/packages/bunshot-postgres/src/schema.js +105 -0
package/dist/src/app.d.ts +230 -0
package/dist/src/app.js +182 -0
package/dist/src/cli/commands/init.d.ts +10 -0
package/dist/src/cli/commands/init.js +709 -0
package/dist/src/cli/index.d.ts +1 -0
package/dist/src/cli/index.js +3 -0
package/dist/src/entrypoints/mongo.d.ts +6 -0
package/dist/src/entrypoints/mongo.js +4 -0
package/dist/src/entrypoints/queue.d.ts +2 -0
package/dist/src/entrypoints/queue.js +1 -0
package/dist/src/entrypoints/redis.d.ts +1 -0
package/dist/src/entrypoints/redis.js +1 -0
package/dist/{adapters → src/framework/adapters}/localStorage.d.ts +1 -1
package/dist/{adapters → src/framework/adapters}/localStorage.js +23 -8
package/dist/src/framework/adapters/memoryStorage.d.ts +2 -0
package/dist/src/framework/adapters/memoryStorage.js +45 -0
package/dist/{adapters → src/framework/adapters}/s3Storage.d.ts +1 -1
package/dist/{adapters → src/framework/adapters}/s3Storage.js +12 -12
package/dist/src/framework/admin/bunshotAccess.d.ts +2 -0
package/dist/src/framework/admin/bunshotAccess.js +23 -0
package/dist/src/framework/admin/bunshotUsers.d.ts +2 -0
package/dist/src/framework/admin/bunshotUsers.js +103 -0
package/dist/src/framework/admin/index.d.ts +7 -0
package/dist/src/framework/admin/index.js +21 -0
package/dist/src/framework/boundaryAdapters/cacheFactories.d.ts +13 -0
package/dist/src/framework/boundaryAdapters/cacheFactories.js +86 -0
package/dist/src/framework/boundaryAdapters/index.d.ts +2 -0
package/dist/src/framework/boundaryAdapters/index.js +1 -0
package/dist/src/framework/boundaryAdapters.d.ts +17 -0
package/dist/src/framework/boundaryAdapters.js +62 -0
package/dist/src/framework/buildContext.d.ts +33 -0
package/dist/src/framework/buildContext.js +119 -0
package/dist/src/framework/config/schema.d.ts +447 -0
package/dist/src/framework/config/schema.js +528 -0
package/dist/src/framework/createInfrastructure.d.ts +76 -0
package/dist/src/framework/createInfrastructure.js +221 -0
package/dist/src/framework/lib/auditLog.d.ts +23 -0
package/dist/src/framework/lib/auditLog.js +416 -0
package/dist/src/framework/lib/captcha.d.ts +11 -0
package/dist/src/framework/lib/captcha.js +40 -0
package/dist/{lib → src/framework/lib}/createDtoMapper.js +4 -4
package/dist/src/framework/lib/createRoute.d.ts +1 -0
package/dist/src/framework/lib/createRoute.js +2 -0
package/dist/{lib → src/framework/lib}/idempotency.d.ts +2 -6
package/dist/src/framework/lib/idempotency.js +74 -0
package/dist/src/framework/lib/logger.d.ts +3 -0
package/dist/src/framework/lib/logger.js +14 -0
package/dist/src/framework/lib/metrics.d.ts +34 -0
package/dist/{lib → src/framework/lib}/metrics.js +49 -57
package/dist/src/framework/lib/pagination.d.ts +42 -0
package/dist/src/framework/lib/pagination.js +51 -0
package/dist/src/framework/lib/redisTransport.d.ts +38 -0
package/dist/src/framework/lib/redisTransport.js +107 -0
package/dist/src/framework/lib/resolveUserId.d.ts +2 -0
package/dist/src/framework/lib/resolveUserId.js +5 -0
package/dist/src/framework/lib/sseCollision.d.ts +6 -0
package/dist/src/framework/lib/sseCollision.js +26 -0
package/dist/src/framework/lib/storageAdapter.d.ts +1 -0
package/dist/src/framework/lib/storageAdapter.js +1 -0
package/dist/{lib → src/framework/lib}/stripUnreferencedSchemas.js +4 -4
package/dist/src/framework/lib/tenant.d.ts +21 -0
package/dist/src/framework/lib/tenant.js +70 -0
package/dist/{lib → src/framework/lib}/upload.d.ts +14 -9
package/dist/src/framework/lib/upload.js +132 -0
package/dist/src/framework/lib/uploadRegistry.d.ts +23 -0
package/dist/src/framework/lib/uploadRegistry.js +34 -0
package/dist/{lib → src/framework/lib}/validate.d.ts +1 -1
package/dist/{lib → src/framework/lib}/validate.js +2 -2
package/dist/src/framework/lib/ws.d.ts +19 -0
package/dist/src/framework/lib/ws.js +130 -0
package/dist/src/framework/lib/wsHeartbeat.d.ts +12 -0
package/dist/src/framework/lib/wsHeartbeat.js +53 -0
package/dist/src/framework/lib/wsMessages.d.ts +25 -0
package/dist/src/framework/lib/wsMessages.js +45 -0
package/dist/src/framework/lib/wsNamespace.d.ts +17 -0
package/dist/src/framework/lib/wsNamespace.js +19 -0
package/dist/src/framework/lib/wsPresence.d.ts +17 -0
package/dist/src/framework/lib/wsPresence.js +84 -0
package/dist/src/framework/lib/wsTransport.d.ts +38 -0
package/dist/src/framework/lib/wsTransport.js +9 -0
package/dist/{lib → src/framework/lib}/zodToMongoose.d.ts +1 -1
package/dist/{lib → src/framework/lib}/zodToMongoose.js +11 -11
package/dist/{middleware → src/framework/middleware}/auditLog.d.ts +4 -3
package/dist/src/framework/middleware/auditLog.js +42 -0
package/dist/{middleware → src/framework/middleware}/botProtection.d.ts +2 -2
package/dist/{middleware → src/framework/middleware}/botProtection.js +8 -9
package/dist/src/framework/middleware/cacheResponse.d.ts +35 -0
package/dist/src/framework/middleware/cacheResponse.js +126 -0
package/dist/src/framework/middleware/captcha.d.ts +9 -0
package/dist/src/framework/middleware/captcha.js +37 -0
package/dist/{middleware → src/framework/middleware}/errorHandler.d.ts +1 -1
package/dist/src/framework/middleware/errorHandler.js +16 -0
package/dist/src/framework/middleware/index.js +1 -0
package/dist/{middleware → src/framework/middleware}/logger.d.ts +1 -1
package/dist/src/framework/middleware/metrics.d.ts +12 -0
package/dist/src/framework/middleware/metrics.js +26 -0
package/dist/{middleware → src/framework/middleware}/rateLimit.d.ts +2 -2
package/dist/src/framework/middleware/rateLimit.js +22 -0
package/dist/src/framework/middleware/requestId.d.ts +3 -0
package/dist/{middleware → src/framework/middleware}/requestId.js +2 -2
package/dist/{middleware → src/framework/middleware}/requestLogger.d.ts +3 -3
package/dist/{middleware → src/framework/middleware}/requestLogger.js +17 -12
package/dist/{middleware → src/framework/middleware}/requestSigning.d.ts +2 -2
package/dist/{middleware → src/framework/middleware}/requestSigning.js +18 -19
package/dist/src/framework/middleware/tenant.d.ts +14 -0
package/dist/{middleware → src/framework/middleware}/tenant.js +31 -27
package/dist/src/framework/middleware/upload.d.ts +5 -0
package/dist/{middleware → src/framework/middleware}/upload.js +4 -4
package/dist/{middleware → src/framework/middleware}/webhookAuth.d.ts +3 -3
package/dist/{middleware → src/framework/middleware}/webhookAuth.js +11 -11
package/dist/src/framework/models/AuditLog.d.ts +21 -0
package/dist/src/framework/models/AuditLog.js +31 -0
package/dist/src/framework/mountMiddleware.d.ts +91 -0
package/dist/src/framework/mountMiddleware.js +128 -0
package/dist/src/framework/mountOptionalEndpoints.d.ts +103 -0
package/dist/src/framework/mountOptionalEndpoints.js +47 -0
package/dist/src/framework/mountRoutes.d.ts +21 -0
package/dist/src/framework/mountRoutes.js +144 -0
package/dist/src/framework/persistence/cronRegistry.d.ts +28 -0
package/dist/src/framework/persistence/cronRegistry.js +139 -0
package/dist/src/framework/persistence/idempotency.d.ts +26 -0
package/dist/src/framework/persistence/idempotency.js +178 -0
package/dist/src/framework/persistence/index.d.ts +6 -0
package/dist/src/framework/persistence/index.js +8 -0
package/dist/src/framework/persistence/storeInfra.d.ts +9 -0
package/dist/src/framework/persistence/storeInfra.js +1 -0
package/dist/src/framework/persistence/uploadRegistry.d.ts +35 -0
package/dist/src/framework/persistence/uploadRegistry.js +235 -0
package/dist/src/framework/persistence/wsMessages.d.ts +22 -0
package/dist/src/framework/persistence/wsMessages.js +296 -0
package/dist/src/framework/preloadSchemas.d.ts +24 -0
package/dist/src/framework/preloadSchemas.js +42 -0
package/dist/src/framework/registerBoundaryAdapters.d.ts +23 -0
package/dist/src/framework/registerBoundaryAdapters.js +46 -0
package/dist/src/framework/routes/admin.d.ts +9 -0
package/dist/src/framework/routes/admin.js +361 -0
package/dist/src/framework/routes/health.d.ts +1 -0
package/dist/src/framework/routes/health.js +21 -0
package/dist/src/framework/routes/home.d.ts +1 -0
package/dist/src/framework/routes/home.js +18 -0
package/dist/src/framework/routes/jobs.d.ts +3 -0
package/dist/src/framework/routes/jobs.js +315 -0
package/dist/src/framework/routes/metrics.d.ts +10 -0
package/dist/src/framework/routes/metrics.js +57 -0
package/dist/src/framework/routes/uploads.d.ts +14 -0
package/dist/src/framework/routes/uploads.js +262 -0
package/dist/src/framework/runPluginLifecycle.d.ts +27 -0
package/dist/src/framework/runPluginLifecycle.js +121 -0
package/dist/src/framework/secrets/frameworkSecretSchema.d.ts +58 -0
package/dist/src/framework/secrets/frameworkSecretSchema.js +20 -0
package/dist/src/framework/secrets/index.d.ts +9 -0
package/dist/src/framework/secrets/index.js +7 -0
package/dist/src/framework/secrets/providers/envProvider.d.ts +15 -0
package/dist/src/framework/secrets/providers/envProvider.js +18 -0
package/dist/src/framework/secrets/providers/fileProvider.d.ts +8 -0
package/dist/src/framework/secrets/providers/fileProvider.js +82 -0
package/dist/src/framework/secrets/providers/ssmProvider.d.ts +20 -0
package/dist/src/framework/secrets/providers/ssmProvider.js +127 -0
package/dist/src/framework/secrets/resolveSecretBundle.d.ts +53 -0
package/dist/src/framework/secrets/resolveSecretBundle.js +84 -0
package/dist/src/framework/secrets/resolveSecrets.d.ts +18 -0
package/dist/src/framework/secrets/resolveSecrets.js +34 -0
package/dist/src/framework/sse/index.d.ts +21 -0
package/dist/src/framework/sse/index.js +109 -0
package/dist/src/framework/ws/index.d.ts +11 -0
package/dist/src/framework/ws/index.js +8 -0
package/dist/src/index.d.ts +87 -0
package/dist/src/index.js +58 -0
package/dist/src/lib/appConfig.d.ts +7 -0
package/dist/src/lib/appConfig.js +27 -0
package/dist/src/lib/appMeta.d.ts +7 -0
package/dist/src/lib/appMeta.js +3 -0
package/dist/src/lib/authConfig.d.ts +532 -0
package/dist/src/lib/authConfig.js +179 -0
package/dist/{lib → src/lib}/context.d.ts +6 -7
package/dist/{lib → src/lib}/context.js +5 -5
package/dist/src/lib/logger.d.ts +1 -0
package/dist/src/lib/logger.js +1 -0
package/dist/src/lib/mongo.d.ts +58 -0
package/dist/src/lib/mongo.js +96 -0
package/dist/src/lib/queue.d.ts +72 -0
package/dist/src/lib/queue.js +152 -0
package/dist/src/lib/redis.d.ts +28 -0
package/dist/src/lib/redis.js +72 -0
package/dist/{lib → src/lib}/signing.d.ts +2 -2
package/dist/src/lib/signing.js +210 -0
package/dist/src/lib/signingConfig.d.ts +40 -0
package/dist/src/lib/signingConfig.js +28 -0
package/dist/src/server.d.ts +146 -0
package/dist/src/server.js +469 -0
package/dist/src/shared/lib/HttpError.d.ts +1 -0
package/dist/src/shared/lib/HttpError.js +2 -0
package/dist/src/shared/lib/constants.d.ts +10 -0
package/dist/src/shared/lib/crypto.d.ts +43 -0
package/dist/src/shared/lib/crypto.js +74 -0
package/dist/src/shared/lib/signing.d.ts +52 -0
package/dist/{lib → src/shared/lib}/signing.js +40 -10
package/dist/src/testing.d.ts +34 -0
package/dist/src/testing.js +93 -0
package/package.json +62 -25
package/dist/adapters/memoryAuth.d.ts +0 -46
package/dist/adapters/memoryAuth.js +0 -634
package/dist/adapters/memoryStorage.d.ts +0 -3
package/dist/adapters/memoryStorage.js +0 -44
package/dist/adapters/mongoAuth.d.ts +0 -2
package/dist/adapters/mongoAuth.js +0 -307
package/dist/adapters/sqliteAuth.d.ts +0 -49
package/dist/adapters/sqliteAuth.js +0 -707
package/dist/app.d.ts +0 -456
package/dist/app.js +0 -548
package/dist/entrypoints/mongo.d.ts +0 -5
package/dist/entrypoints/mongo.js +0 -4
package/dist/entrypoints/queue.d.ts +0 -2
package/dist/entrypoints/queue.js +0 -1
package/dist/entrypoints/redis.d.ts +0 -1
package/dist/entrypoints/redis.js +0 -1
package/dist/index.d.ts +0 -98
package/dist/index.js +0 -77
package/dist/lib/HttpError.d.ts +0 -9
package/dist/lib/HttpError.js +0 -14
package/dist/lib/appConfig.d.ts +0 -162
package/dist/lib/appConfig.js +0 -83
package/dist/lib/auditLog.d.ts +0 -52
package/dist/lib/auditLog.js +0 -201
package/dist/lib/authAdapter.d.ts +0 -176
package/dist/lib/authAdapter.js +0 -7
package/dist/lib/authRateLimit.d.ts +0 -13
package/dist/lib/authRateLimit.js +0 -81
package/dist/lib/clientIp.d.ts +0 -14
package/dist/lib/crypto.d.ts +0 -11
package/dist/lib/crypto.js +0 -22
package/dist/lib/deletionCancelToken.d.ts +0 -12
package/dist/lib/deletionCancelToken.js +0 -88
package/dist/lib/emailVerification.d.ts +0 -13
package/dist/lib/emailVerification.js +0 -86
package/dist/lib/fingerprint.js +0 -36
package/dist/lib/idempotency.js +0 -182
package/dist/lib/jwt.d.ts +0 -2
package/dist/lib/jwt.js +0 -24
package/dist/lib/logger.d.ts +0 -1
package/dist/lib/logger.js +0 -7
package/dist/lib/metrics.d.ts +0 -14
package/dist/lib/mfaChallenge.d.ts +0 -42
package/dist/lib/mfaChallenge.js +0 -293
package/dist/lib/mongo.d.ts +0 -39
package/dist/lib/mongo.js +0 -124
package/dist/lib/oauth.d.ts +0 -40
package/dist/lib/oauth.js +0 -101
package/dist/lib/oauthCode.d.ts +0 -15
package/dist/lib/oauthCode.js +0 -90
package/dist/lib/pagination.d.ts +0 -119
package/dist/lib/pagination.js +0 -166
package/dist/lib/queue.d.ts +0 -37
package/dist/lib/queue.js +0 -117
package/dist/lib/redis.d.ts +0 -9
package/dist/lib/redis.js +0 -61
package/dist/lib/resetPassword.d.ts +0 -12
package/dist/lib/resetPassword.js +0 -91
package/dist/lib/roles.d.ts +0 -7
package/dist/lib/roles.js +0 -49
package/dist/lib/session.d.ts +0 -39
package/dist/lib/session.js +0 -535
package/dist/lib/tenant.d.ts +0 -15
package/dist/lib/tenant.js +0 -65
package/dist/lib/upload.js +0 -87
package/dist/lib/ws.d.ts +0 -22
package/dist/lib/ws.js +0 -89
package/dist/lib/wsHeartbeat.d.ts +0 -12
package/dist/lib/wsHeartbeat.js +0 -57
package/dist/lib/wsMessages.d.ts +0 -40
package/dist/lib/wsMessages.js +0 -330
package/dist/lib/wsPresence.d.ts +0 -25
package/dist/lib/wsPresence.js +0 -99
package/dist/middleware/auditLog.js +0 -39
package/dist/middleware/bearerAuth.d.ts +0 -2
package/dist/middleware/bearerAuth.js +0 -11
package/dist/middleware/cacheResponse.d.ts +0 -15
package/dist/middleware/cacheResponse.js +0 -178
package/dist/middleware/csrf.js +0 -125
package/dist/middleware/errorHandler.js +0 -13
package/dist/middleware/identify.d.ts +0 -3
package/dist/middleware/identify.js +0 -95
package/dist/middleware/index.js +0 -1
package/dist/middleware/metrics.d.ts +0 -9
package/dist/middleware/metrics.js +0 -26
package/dist/middleware/rateLimit.js +0 -22
package/dist/middleware/requestId.d.ts +0 -3
package/dist/middleware/tenant.d.ts +0 -5
package/dist/middleware/upload.d.ts +0 -5
package/dist/middleware/userAuth.d.ts +0 -3
package/dist/middleware/userAuth.js +0 -6
package/dist/models/AuditLog.d.ts +0 -30
package/dist/models/AuditLog.js +0 -39
package/dist/models/AuthUser.js +0 -48
package/dist/models/Group.d.ts +0 -21
package/dist/models/Group.js +0 -28
package/dist/models/GroupMembership.js +0 -25
package/dist/models/TenantRole.d.ts +0 -15
package/dist/models/TenantRole.js +0 -23
package/dist/routes/auth.d.ts +0 -11
package/dist/routes/auth.js +0 -605
package/dist/routes/groups.js +0 -346
package/dist/routes/health.d.ts +0 -1
package/dist/routes/health.js +0 -22
package/dist/routes/home.d.ts +0 -1
package/dist/routes/home.js +0 -16
package/dist/routes/jobs.d.ts +0 -2
package/dist/routes/jobs.js +0 -272
package/dist/routes/metrics.d.ts +0 -7
package/dist/routes/metrics.js +0 -52
package/dist/routes/mfa.d.ts +0 -5
package/dist/routes/mfa.js +0 -620
package/dist/routes/oauth.d.ts +0 -2
package/dist/routes/oauth.js +0 -514
package/dist/routes/uploads.d.ts +0 -2
package/dist/routes/uploads.js +0 -135
package/dist/schemas/auth.js +0 -30
package/dist/server.d.ts +0 -57
package/dist/server.js +0 -112
package/dist/services/auth.d.ts +0 -27
package/dist/services/auth.js +0 -159
package/dist/ws/index.d.ts +0 -10
package/dist/ws/index.js +0 -38
package/docs/sections/adding-middleware/full.md +0 -35
package/docs/sections/adding-models/full.md +0 -125
package/docs/sections/adding-models/overview.md +0 -13
package/docs/sections/adding-routes/full.md +0 -182
package/docs/sections/adding-routes/overview.md +0 -23
package/docs/sections/auth-flow/full.md +0 -779
package/docs/sections/auth-flow/overview.md +0 -10
package/docs/sections/auth-security-examples/full.md +0 -365
package/docs/sections/authentication/full.md +0 -130
package/docs/sections/authentication/overview.md +0 -5
package/docs/sections/cli/full.md +0 -42
package/docs/sections/configuration/full.md +0 -172
package/docs/sections/configuration/overview.md +0 -18
package/docs/sections/configuration-example/full.md +0 -117
package/docs/sections/configuration-example/overview.md +0 -30
package/docs/sections/documentation/full.md +0 -171
package/docs/sections/environment-variables/full.md +0 -55
package/docs/sections/exports/full.md +0 -123
package/docs/sections/extending-context/full.md +0 -59
package/docs/sections/header.md +0 -3
package/docs/sections/installation/full.md +0 -6
package/docs/sections/jobs/full.md +0 -140
package/docs/sections/jobs/overview.md +0 -15
package/docs/sections/logging/full.md +0 -83
package/docs/sections/metrics/full.md +0 -127
package/docs/sections/mongodb-connections/full.md +0 -45
package/docs/sections/mongodb-connections/overview.md +0 -7
package/docs/sections/multi-tenancy/full.md +0 -66
package/docs/sections/multi-tenancy/overview.md +0 -15
package/docs/sections/oauth/full.md +0 -189
package/docs/sections/oauth/overview.md +0 -16
package/docs/sections/package-development/full.md +0 -7
package/docs/sections/pagination/full.md +0 -93
package/docs/sections/peer-dependencies/full.md +0 -47
package/docs/sections/quick-start/full.md +0 -43
package/docs/sections/response-caching/full.md +0 -117
package/docs/sections/response-caching/overview.md +0 -13
package/docs/sections/roles/full.md +0 -225
package/docs/sections/roles/overview.md +0 -14
package/docs/sections/running-without-redis/full.md +0 -16
package/docs/sections/running-without-redis-or-mongodb/full.md +0 -60
package/docs/sections/signing/full.md +0 -203
package/docs/sections/stack/full.md +0 -10
package/docs/sections/uploads/full.md +0 -199
package/docs/sections/versioning/full.md +0 -85
package/docs/sections/webhook-auth/full.md +0 -100
package/docs/sections/websocket/full.md +0 -184
package/docs/sections/websocket/overview.md +0 -5
package/docs/sections/websocket-rooms/full.md +0 -102
package/docs/sections/websocket-rooms/overview.md +0 -5
/package/dist/{lib/storageAdapter.js → packages/bunshot-admin/src/types/env.js} +0 -0
/package/dist/{lib → packages/bunshot-auth/src/lib}/fingerprint.d.ts +0 -0
/package/dist/{lib → packages/bunshot-core/src}/constants.d.ts +0 -0
/package/dist/{lib → packages/bunshot-core/src}/storageAdapter.d.ts +0 -0
/package/dist/{lib → src/framework/lib}/createDtoMapper.d.ts +0 -0
/package/dist/{lib → src/framework/lib}/stripUnreferencedSchemas.d.ts +0 -0
/package/dist/{middleware → src/framework/middleware}/cors.d.ts +0 -0
/package/dist/{middleware → src/framework/middleware}/cors.js +0 -0
/package/dist/{middleware → src/framework/middleware}/index.d.ts +0 -0
/package/dist/{middleware → src/framework/middleware}/logger.js +0 -0
/package/dist/{lib → src/shared/lib}/constants.js +0 -0

package/dist/packages/bunshot-auth/src/routes/scim.js ADDED Viewed

@@ -0,0 +1,588 @@
+import { parseScimFilter, userRecordToScim } from '../lib/scim';
+import { createScimAuth } from '../middleware/scimAuth';
+import { z } from 'zod';
+import { createRoute, registerSchema } from '../../../bunshot-core/src/index.js';
+import { createRouter } from '../../../bunshot-core/src/index.js';
+import { getClientIp } from '../../../bunshot-core/src/index.js';
+const tags = ['SCIM'];
+// Rate limit options for SCIM endpoints
+const scimReadOpts = { windowMs: 60_000, max: 100 }; // 100/min for reads
+const scimWriteOpts = { windowMs: 60_000, max: 30 }; // 30/min for writes
+// ─── Zod Schemas ─────────────────────────────────────────────────────────────
+const scimUserCreateSchema = z
+    .object({
+    userName: z.string().email().optional(),
+    emails: z.array(z.object({ value: z.string().email() })).optional(),
+    name: z
+        .object({
+        givenName: z.string().max(256).optional(),
+        familyName: z.string().max(256).optional(),
+    })
+        .optional(),
+    displayName: z.string().max(256).optional(),
+    externalId: z.string().max(256).optional(),
+    active: z.boolean().optional(),
+})
+    .passthrough();
+const scimUserReplaceSchema = scimUserCreateSchema.extend({
+    id: z.string().max(256).optional(),
+});
+const scimPatchSchema = z
+    .object({
+    schemas: z.array(z.string()).optional(),
+    Operations: z
+        .array(z.object({
+        op: z.string().max(50),
+        path: z.string().max(256).optional(),
+        value: z.unknown(),
+    }))
+        .max(100),
+})
+    .passthrough();
+const scimUserResponseSchema = z
+    .object({
+    schemas: z.array(z.string()),
+    id: z.string(),
+    userName: z.string().optional(),
+    displayName: z.string().optional(),
+    externalId: z.string().optional(),
+    name: z
+        .object({
+        givenName: z.string().optional(),
+        familyName: z.string().optional(),
+        formatted: z.string().optional(),
+    })
+        .optional(),
+    emails: z.array(z.object({ value: z.string(), primary: z.boolean() })).optional(),
+    active: z.boolean(),
+    meta: z
+        .object({
+        resourceType: z.literal('User'),
+        created: z.string().optional(),
+        lastModified: z.string().optional(),
+    })
+        .optional(),
+})
+    .passthrough();
+const scimListResponseSchema = z.object({
+    schemas: z.array(z.string()),
+    totalResults: z.number().int(),
+    startIndex: z.number().int(),
+    itemsPerPage: z.number().int(),
+    Resources: z.array(scimUserResponseSchema),
+});
+const scimErrorSchema = registerSchema('ScimError', z.object({
+    schemas: z.array(z.literal('urn:ietf:params:scim:api:messages:2.0:Error')),
+    status: z.string(),
+    detail: z.string(),
+}));
+const scimListQuerySchema = z.object({
+    filter: z.string().optional(),
+    startIndex: z.coerce.number().int().min(1).default(1),
+    count: z.coerce.number().int().min(1).max(200).default(100),
+});
+const scimUserIdParamSchema = z.object({ id: z.string().max(256) });
+const scimServiceProviderConfigSchema = z.object({
+    schemas: z.array(z.string()),
+    patch: z.object({ supported: z.boolean() }),
+    bulk: z.object({ supported: z.boolean(), maxOperations: z.number(), maxPayloadSize: z.number() }),
+    filter: z.object({ supported: z.boolean(), maxResults: z.number() }),
+    changePassword: z.object({ supported: z.boolean() }),
+    sort: z.object({ supported: z.boolean() }),
+    etag: z.object({ supported: z.boolean() }),
+});
+const scimResourceTypesSchema = z.object({
+    schemas: z.array(z.string()),
+    totalResults: z.number(),
+    Resources: z.array(z.object({
+        schemas: z.array(z.string()),
+        id: z.string(),
+        name: z.string(),
+        endpoint: z.string(),
+        schema: z.string(),
+    })),
+});
+function scimErrorBody(status, detail) {
+    return {
+        schemas: ['urn:ietf:params:scim:api:messages:2.0:Error'],
+        status: String(status),
+        detail,
+    };
+}
+// Shared error response declarations used across all SCIM routes.
+const scimCommonErrors = {
+    400: {
+        content: { 'application/json': { schema: scimErrorSchema } },
+        description: 'Invalid request parameters.',
+    },
+    401: {
+        content: { 'application/json': { schema: scimErrorSchema } },
+        description: 'Unauthorized.',
+    },
+    429: {
+        content: { 'application/json': { schema: scimErrorSchema } },
+        description: 'Rate limit exceeded.',
+    },
+    503: {
+        content: { 'application/json': { schema: scimErrorSchema } },
+        description: 'SCIM not configured.',
+    },
+};
+const scimWriteErrors = {
+    ...scimCommonErrors,
+    501: {
+        content: { 'application/json': { schema: scimErrorSchema } },
+        description: 'Adapter method not supported.',
+    },
+};
+// ─── Route Definitions ───────────────────────────────────────────────────────
+const listUsersRoute = createRoute({
+    method: 'get',
+    path: '/scim/v2/Users',
+    summary: 'List/search SCIM users',
+    tags,
+    request: { query: scimListQuerySchema },
+    responses: {
+        200: {
+            content: { 'application/json': { schema: scimListResponseSchema } },
+            description: 'SCIM user list.',
+        },
+        ...scimCommonErrors,
+        501: {
+            content: { 'application/json': { schema: scimErrorSchema } },
+            description: 'Adapter method not supported.',
+        },
+    },
+});
+const getUserRoute = createRoute({
+    method: 'get',
+    path: '/scim/v2/Users/{id}',
+    summary: 'Get a SCIM user by ID',
+    tags,
+    request: { params: scimUserIdParamSchema },
+    responses: {
+        200: {
+            content: { 'application/json': { schema: scimUserResponseSchema } },
+            description: 'SCIM user.',
+        },
+        404: {
+            content: { 'application/json': { schema: scimErrorSchema } },
+            description: 'User not found.',
+        },
+        ...scimCommonErrors,
+        501: {
+            content: { 'application/json': { schema: scimErrorSchema } },
+            description: 'Adapter method not supported.',
+        },
+    },
+});
+const createUserRoute = createRoute({
+    method: 'post',
+    path: '/scim/v2/Users',
+    summary: 'Create/provision a SCIM user',
+    tags,
+    request: {
+        body: { content: { 'application/json': { schema: scimUserCreateSchema } } },
+    },
+    responses: {
+        201: {
+            content: { 'application/json': { schema: scimUserResponseSchema } },
+            description: 'User created.',
+        },
+        409: {
+            content: { 'application/json': { schema: scimErrorSchema } },
+            description: 'User already exists.',
+        },
+        ...scimWriteErrors,
+    },
+});
+const replaceUserRoute = createRoute({
+    method: 'put',
+    path: '/scim/v2/Users/{id}',
+    summary: 'Replace a SCIM user',
+    tags,
+    request: {
+        params: scimUserIdParamSchema,
+        body: { content: { 'application/json': { schema: scimUserReplaceSchema } } },
+    },
+    responses: {
+        200: {
+            content: { 'application/json': { schema: scimUserResponseSchema } },
+            description: 'User replaced.',
+        },
+        404: {
+            content: { 'application/json': { schema: scimErrorSchema } },
+            description: 'User not found.',
+        },
+        ...scimCommonErrors,
+    },
+});
+const patchUserRoute = createRoute({
+    method: 'patch',
+    path: '/scim/v2/Users/{id}',
+    summary: 'Partially update a SCIM user (PatchOp)',
+    tags,
+    request: {
+        params: scimUserIdParamSchema,
+        body: { content: { 'application/json': { schema: scimPatchSchema } } },
+    },
+    responses: {
+        200: {
+            content: { 'application/json': { schema: scimUserResponseSchema } },
+            description: 'User updated.',
+        },
+        404: {
+            content: { 'application/json': { schema: scimErrorSchema } },
+            description: 'User not found.',
+        },
+        ...scimCommonErrors,
+    },
+});
+const deleteUserRoute = createRoute({
+    method: 'delete',
+    path: '/scim/v2/Users/{id}',
+    summary: 'Deprovision a SCIM user',
+    tags,
+    request: { params: scimUserIdParamSchema },
+    responses: {
+        204: { description: 'User deprovisioned.' },
+        404: {
+            content: { 'application/json': { schema: scimErrorSchema } },
+            description: 'User not found.',
+        },
+        ...scimCommonErrors,
+    },
+});
+const serviceProviderConfigRoute = createRoute({
+    method: 'get',
+    path: '/scim/v2/ServiceProviderConfig',
+    summary: 'SCIM service provider capabilities',
+    tags,
+    responses: {
+        200: {
+            content: { 'application/json': { schema: scimServiceProviderConfigSchema } },
+            description: 'SCIM service provider configuration.',
+        },
+        401: {
+            content: { 'application/json': { schema: scimErrorSchema } },
+            description: 'Unauthorized.',
+        },
+    },
+});
+const resourceTypesRoute = createRoute({
+    method: 'get',
+    path: '/scim/v2/ResourceTypes',
+    summary: 'SCIM resource type discovery',
+    tags,
+    responses: {
+        200: {
+            content: { 'application/json': { schema: scimResourceTypesSchema } },
+            description: 'SCIM resource types.',
+        },
+        401: {
+            content: { 'application/json': { schema: scimErrorSchema } },
+            description: 'Unauthorized.',
+        },
+    },
+});
+// ─── Router ──────────────────────────────────────────────────────────────────
+export function createScimRouter(runtime) {
+    const { adapter } = runtime;
+    const getConfig = () => runtime.config;
+    const router = createRouter();
+    // All SCIM routes require SCIM bearer auth
+    router.use('/scim/v2/*', createScimAuth(runtime));
+    // GET /scim/v2/Users — list/search users
+    router.openapi(listUsersRoute, async (c) => {
+        const ip = getClientIp(c);
+        if (await runtime.rateLimit.trackAttempt(`scim-read:${ip}`, scimReadOpts)) {
+            return c.json(scimErrorBody(429, 'Too many requests'), 429);
+        }
+        const config = getConfig().scim;
+        if (!config)
+            return c.json(scimErrorBody(503, 'SCIM not configured'), 503);
+        if (!adapter.listUsers)
+            return c.json(scimErrorBody(501, 'Auth adapter does not support listUsers'), 501);
+        const { filter, startIndex, count } = c.req.valid('query');
+        const query = parseScimFilter(filter);
+        query.startIndex = Math.max(0, startIndex - 1); // SCIM is 1-based
+        query.count = Math.min(count, 200);
+        const { users, totalResults } = await adapter.listUsers(query);
+        const response = {
+            schemas: ['urn:ietf:params:scim:api:messages:2.0:ListResponse'],
+            totalResults,
+            startIndex,
+            itemsPerPage: users.length,
+            Resources: users.map(u => userRecordToScim(u, config.userMapping)),
+        };
+        return c.json(response, 200);
+    }, (result, c) => {
+        if (!result.success) {
+            const detail = result.error.issues.map(i => `${i.path.join('.')}: ${i.message}`).join('; ');
+            return c.json(scimErrorBody(400, detail), 400);
+        }
+    });
+    // GET /scim/v2/Users/:id — get a user
+    router.openapi(getUserRoute, async (c) => {
+        const ip = getClientIp(c);
+        if (await runtime.rateLimit.trackAttempt(`scim-read:${ip}`, scimReadOpts)) {
+            return c.json(scimErrorBody(429, 'Too many requests'), 429);
+        }
+        const config = getConfig().scim;
+        if (!config)
+            return c.json(scimErrorBody(503, 'SCIM not configured'), 503);
+        if (!adapter.getUser)
+            return c.json(scimErrorBody(501, 'Auth adapter does not support getUser'), 501);
+        const { id } = c.req.valid('param');
+        const user = await adapter.getUser(id);
+        if (!user)
+            return c.json(scimErrorBody(404, 'User not found'), 404);
+        const scimUser = userRecordToScim({
+            id,
+            email: user.email,
+            displayName: user.displayName,
+            firstName: user.firstName,
+            lastName: user.lastName,
+            externalId: user.externalId,
+            suspended: user.suspended ?? false,
+            suspendedReason: user.suspendedReason,
+        }, config.userMapping);
+        return c.json(scimUser, 200);
+    }, (result, c) => {
+        if (!result.success) {
+            const detail = result.error.issues.map(i => `${i.path.join('.')}: ${i.message}`).join('; ');
+            return c.json(scimErrorBody(400, detail), 400);
+        }
+    });
+    // POST /scim/v2/Users — create a user (provision)
+    router.openapi(createUserRoute, async (c) => {
+        const ip = getClientIp(c);
+        if (await runtime.rateLimit.trackAttempt(`scim-write:${ip}`, scimWriteOpts)) {
+            return c.json(scimErrorBody(429, 'Too many requests'), 429);
+        }
+        const config = getConfig().scim;
+        if (!config)
+            return c.json(scimErrorBody(503, 'SCIM not configured'), 503);
+        if (!adapter.create)
+            return c.json(scimErrorBody(501, 'Auth adapter does not support create'), 501);
+        const body = c.req.valid('json');
+        const email = body.userName ?? body.emails?.[0]?.value;
+        if (!email)
+            return c.json(scimErrorBody(400, 'userName is required'), 400);
+        const existingByEmail = await adapter.findByEmail?.(email);
+        if (existingByEmail)
+            return c.json(scimErrorBody(409, 'User already exists'), 409);
+        // Create user with a random placeholder password (SCIM users authenticate via SSO)
+        const placeholderHash = await Bun.password.hash(crypto.randomUUID());
+        const { id } = await adapter.create(email, placeholderHash);
+        // Set profile fields
+        if (adapter.updateProfile) {
+            const fields = {};
+            if (body.name?.givenName)
+                fields.firstName = body.name.givenName;
+            if (body.name?.familyName)
+                fields.lastName = body.name.familyName;
+            if (body.displayName)
+                fields.displayName = body.displayName;
+            if (body.externalId)
+                fields.externalId = body.externalId;
+            if (Object.keys(fields).length > 0)
+                await adapter.updateProfile(id, fields);
+        }
+        const scimUser = userRecordToScim({
+            id,
+            email,
+            displayName: body.displayName,
+            firstName: body.name?.givenName,
+            lastName: body.name?.familyName,
+            externalId: body.externalId,
+            suspended: body.active === false,
+        }, config.userMapping);
+        return c.json(scimUser, 201);
+    }, (result, c) => {
+        if (!result.success) {
+            const detail = result.error.issues.map(i => `${i.path.join('.')}: ${i.message}`).join('; ');
+            return c.json(scimErrorBody(400, detail), 400);
+        }
+    });
+    // PUT /scim/v2/Users/:id — replace a user
+    router.openapi(replaceUserRoute, async (c) => {
+        const ip = getClientIp(c);
+        if (await runtime.rateLimit.trackAttempt(`scim-write:${ip}`, scimWriteOpts)) {
+            return c.json(scimErrorBody(429, 'Too many requests'), 429);
+        }
+        const config = getConfig().scim;
+        if (!config)
+            return c.json(scimErrorBody(503, 'SCIM not configured'), 503);
+        const { id: userId } = c.req.valid('param');
+        const body = c.req.valid('json');
+        // Validate id in body matches path param if provided
+        if (body.id && body.id !== userId) {
+            return c.json(scimErrorBody(400, 'id in body does not match path parameter'), 400);
+        }
+        if (adapter.updateProfile) {
+            const fields = {};
+            if (body.name?.givenName !== undefined)
+                fields.firstName = body.name.givenName;
+            if (body.name?.familyName !== undefined)
+                fields.lastName = body.name.familyName;
+            if (body.displayName !== undefined)
+                fields.displayName = body.displayName;
+            if (body.externalId !== undefined)
+                fields.externalId = body.externalId;
+            if (Object.keys(fields).length > 0)
+                await adapter.updateProfile(userId, fields);
+        }
+        if (adapter.setSuspended && body.active !== undefined) {
+            await adapter.setSuspended(userId, !body.active);
+        }
+        const user = await adapter.getUser?.(userId);
+        if (!user)
+            return c.json(scimErrorBody(404, 'User not found'), 404);
+        return c.json(userRecordToScim({
+            id: userId,
+            email: user.email,
+            displayName: user.displayName,
+            firstName: user.firstName,
+            lastName: user.lastName,
+            externalId: user.externalId,
+            suspended: user.suspended ?? false,
+        }, config.userMapping), 200);
+    }, (result, c) => {
+        if (!result.success) {
+            const detail = result.error.issues.map(i => `${i.path.join('.')}: ${i.message}`).join('; ');
+            return c.json(scimErrorBody(400, detail), 400);
+        }
+    });
+    // PATCH /scim/v2/Users/:id — partial update
+    router.openapi(patchUserRoute, async (c) => {
+        const ip = getClientIp(c);
+        if (await runtime.rateLimit.trackAttempt(`scim-write:${ip}`, scimWriteOpts)) {
+            return c.json(scimErrorBody(429, 'Too many requests'), 429);
+        }
+        const config = getConfig().scim;
+        if (!config)
+            return c.json(scimErrorBody(503, 'SCIM not configured'), 503);
+        const { id: userId } = c.req.valid('param');
+        const body = c.req.valid('json');
+        const operations = body.Operations ?? [];
+        for (const op of operations) {
+            const opType = op.op?.toLowerCase();
+            if (opType === 'replace' || opType === 'add') {
+                const value = op.value;
+                if (op.path === 'active' && adapter.setSuspended) {
+                    await adapter.setSuspended(userId, !value);
+                }
+                else if (!op.path &&
+                    typeof value === 'object' &&
+                    value !== null &&
+                    adapter.updateProfile) {
+                    // Bulk replace — map SCIM fields to profile fields
+                    const v = value;
+                    const fields = {};
+                    if (typeof v.displayName === 'string')
+                        fields.displayName = v.displayName;
+                    if (typeof v['name.givenName'] === 'string')
+                        fields.firstName = v['name.givenName'];
+                    if (typeof v['name.familyName'] === 'string')
+                        fields.lastName = v['name.familyName'];
+                    if (typeof v.externalId === 'string')
+                        fields.externalId = v.externalId;
+                    if (v.active !== undefined && adapter.setSuspended) {
+                        await adapter.setSuspended(userId, !v.active);
+                    }
+                    if (Object.keys(fields).length > 0)
+                        await adapter.updateProfile(userId, fields);
+                }
+            }
+            else if (opType === 'remove' && op.path === 'active' && adapter.setSuspended) {
+                await adapter.setSuspended(userId, true);
+            }
+        }
+        const user = await adapter.getUser?.(userId);
+        if (!user)
+            return c.json(scimErrorBody(404, 'User not found'), 404);
+        return c.json(userRecordToScim({
+            id: userId,
+            email: user.email,
+            displayName: user.displayName,
+            firstName: user.firstName,
+            lastName: user.lastName,
+            externalId: user.externalId,
+            suspended: user.suspended ?? false,
+        }, config.userMapping), 200);
+    }, (result, c) => {
+        if (!result.success) {
+            const detail = result.error.issues.map(i => `${i.path.join('.')}: ${i.message}`).join('; ');
+            return c.json(scimErrorBody(400, detail), 400);
+        }
+    });
+    // DELETE /scim/v2/Users/:id — deprovision
+    router.openapi(deleteUserRoute, async (c) => {
+        const ip = getClientIp(c);
+        if (await runtime.rateLimit.trackAttempt(`scim-write:${ip}`, scimWriteOpts)) {
+            return c.json(scimErrorBody(429, 'Too many requests'), 429);
+        }
+        const config = getConfig().scim;
+        if (!config)
+            return c.json(scimErrorBody(503, 'SCIM not configured'), 503);
+        const { id: userId } = c.req.valid('param');
+        // Check user exists before deprovisioning (RFC 7644 section 3.6 requires 404 for unknown resources).
+        // The startup validator ensures getUser is present when SCIM is enabled.
+        const user = await adapter.getUser(userId);
+        if (!user)
+            return c.json(scimErrorBody(404, 'User not found'), 404);
+        const onDeprovision = config.onDeprovision ?? 'suspend';
+        if (typeof onDeprovision === 'function') {
+            await onDeprovision(userId);
+        }
+        else if (onDeprovision === 'delete') {
+            {
+                const sr = runtime.repos.session;
+                const ss = await sr.getUserSessions(userId, runtime.config);
+                await Promise.all(ss.map(s => sr.deleteSession(s.sessionId, runtime.config)));
+            }
+            if (adapter.deleteUser)
+                await adapter.deleteUser(userId);
+        }
+        else {
+            // Default: suspend
+            if (adapter.setSuspended)
+                await adapter.setSuspended(userId, true, 'SCIM deprovisioned');
+        }
+        return c.body(null, 204);
+    }, (result, c) => {
+        if (!result.success) {
+            const detail = result.error.issues.map(i => `${i.path.join('.')}: ${i.message}`).join('; ');
+            return c.json(scimErrorBody(400, detail), 400);
+        }
+    });
+    // Discovery endpoints
+    router.openapi(serviceProviderConfigRoute, c => {
+        return c.json({
+            schemas: ['urn:ietf:params:scim:schemas:core:2.0:ServiceProviderConfig'],
+            patch: { supported: true },
+            bulk: { supported: false, maxOperations: 0, maxPayloadSize: 0 },
+            filter: { supported: true, maxResults: 200 },
+            changePassword: { supported: false },
+            sort: { supported: false },
+            etag: { supported: false },
+        }, 200);
+    });
+    router.openapi(resourceTypesRoute, c => {
+        return c.json({
+            schemas: ['urn:ietf:params:scim:api:messages:2.0:ListResponse'],
+            totalResults: 1,
+            Resources: [
+                {
+                    schemas: ['urn:ietf:params:scim:schemas:core:2.0:ResourceType'],
+                    id: 'User',
+                    name: 'User',
+                    endpoint: '/scim/v2/Users',
+                    schema: 'urn:ietf:params:scim:schemas:core:2.0:User',
+                },
+            ],
+        }, 200);
+    });
+    return router;
+}

package/dist/packages/bunshot-auth/src/runtime.d.ts ADDED Viewed

@@ -0,0 +1,52 @@
+import type { BunshotContext, BunshotEventBus, DataEncryptionKey, SigningConfig } from '../../bunshot-core/src/index.js';
+import type { AuthResolvedConfig } from './config/authConfig';
+import type { AuthQueueFactory } from './infra/queue';
+import type { LockoutService } from './lib/accountLockout';
+import type { AuthAdapter } from './lib/authAdapter';
+import type { AuthRateLimitService } from './lib/authRateLimit';
+import type { CredentialStuffingService } from './lib/credentialStuffing';
+import type { IDeletionCancelTokenRepository } from './lib/deletionCancelToken';
+import type { IVerificationTokenRepository } from './lib/emailVerification';
+import type { IMagicLinkRepository } from './lib/magicLink';
+import type { IMfaChallengeRepository } from './lib/mfaChallenge';
+import type { OAuthProviders, OAuthStateStore } from './lib/oauth';
+import type { IOAuthCodeRepository } from './lib/oauthCode';
+import type { IOAuthReauthRepository } from './lib/oauthReauth';
+import type { OrgService } from './lib/organization';
+import type { IResetTokenRepository } from './lib/resetPassword';
+import type { ISamlRequestIdRepository } from './lib/samlRequestId';
+import type { ISessionRepository } from './lib/session';
+import type { ResolvedStores } from './types/adapter';
+export interface AuthRuntimeContext {
+    readonly adapter: AuthAdapter;
+    readonly eventBus: BunshotEventBus;
+    readonly config: AuthResolvedConfig;
+    readonly stores: Readonly<ResolvedStores>;
+    readonly signing: SigningConfig | null;
+    readonly dataEncryptionKeys: readonly DataEncryptionKey[];
+    readonly oauth: {
+        readonly providers: OAuthProviders;
+        readonly stateStore: OAuthStateStore;
+    };
+    readonly lockout: LockoutService | null;
+    readonly rateLimit: AuthRateLimitService;
+    readonly credentialStuffing: CredentialStuffingService | null;
+    readonly orgService: OrgService | null;
+    readonly queueFactory: AuthQueueFactory | null;
+    readonly repos: {
+        readonly oauthCode: IOAuthCodeRepository;
+        readonly oauthReauth: IOAuthReauthRepository;
+        readonly magicLink: IMagicLinkRepository;
+        readonly deletionCancelToken: IDeletionCancelTokenRepository;
+        readonly mfaChallenge: IMfaChallengeRepository;
+        readonly samlRequestId: ISamlRequestIdRepository | null;
+        readonly verificationToken: IVerificationTokenRepository;
+        readonly resetToken: IResetTokenRepository;
+        readonly session: ISessionRepository;
+    };
+}
+export declare const AUTH_RUNTIME_KEY = "bunshot-auth";
+export declare function getAuthRuntimeContext(ctx: BunshotContext | null | undefined): AuthRuntimeContext;
+export declare function getAuthRuntimeFromRequest(c: {
+    get(key: string): unknown;
+}): AuthRuntimeContext;

package/dist/packages/bunshot-auth/src/runtime.js ADDED Viewed

@@ -0,0 +1,11 @@
+export const AUTH_RUNTIME_KEY = 'bunshot-auth';
+export function getAuthRuntimeContext(ctx) {
+    const runtime = ctx?.pluginState.get(AUTH_RUNTIME_KEY);
+    if (!runtime?.adapter) {
+        throw new Error('[bunshot-auth] auth runtime context is not available on BunshotContext');
+    }
+    return runtime;
+}
+export function getAuthRuntimeFromRequest(c) {
+    return getAuthRuntimeContext(c.get('bunshotCtx'));
+}

package/dist/{schemas → packages/bunshot-auth/src/schemas}/auth.d.ts RENAMED Viewed

@@ -1,6 +1,6 @@
-import { z } from "zod";
-import type { PrimaryField } from "../lib/appConfig";
-export declare const makeRegisterSchema: (primaryField: PrimaryField) => z.ZodObject<{
+import { z } from 'zod';
+import type { PasswordPolicyConfig, PrimaryField } from '../config/authConfig';
+export declare const makeRegisterSchema: (primaryField: PrimaryField, policy: PasswordPolicyConfig) => z.ZodObject<{
     [x: string]: z.ZodString;
     password: z.ZodString;
 }, z.core.$strip>;
@@ -8,5 +8,4 @@ export declare const makeLoginSchema: (primaryField: PrimaryField) => z.ZodObjec
     [x: string]: z.ZodString;
     password: z.ZodString;
 }, z.core.$strip>;
-/** Password schema for reset-password — same policy as registration. */
-export declare const resetPasswordSchema: () => z.ZodString;
+export declare const resetPasswordSchema: (policy: PasswordPolicyConfig) => z.ZodString;