@lastshotlabs/bunshot 0.0.25 → 0.0.28

package/dist/lib/auditLog.js

@@ -1,201 +0,0 @@
-// ---------------------------------------------------------------------------
-// Memory store
-// ---------------------------------------------------------------------------
-let _auditLogs = [];
-export function clearAuditLogMemoryStore() {
-    _auditLogs = [];
-}
-// ---------------------------------------------------------------------------
-// SQLite helpers
-// ---------------------------------------------------------------------------
-function ensureSqliteTable(db) {
-    // No module-level flag — CREATE IF NOT EXISTS is idempotent and cheap.
-    // A flag would break when multiple Database instances are used (e.g. in tests).
-    db.run(`
-    CREATE TABLE IF NOT EXISTS audit_logs (
-      id         TEXT PRIMARY KEY,
-      userId     TEXT,
-      sessionId  TEXT,
-      tenantId   TEXT,
-      method     TEXT NOT NULL,
-      path       TEXT NOT NULL,
-      status     INTEGER NOT NULL,
-      ip         TEXT,
-      userAgent  TEXT,
-      action     TEXT,
-      resource   TEXT,
-      resourceId TEXT,
-      meta       TEXT,
-      createdAt  TEXT NOT NULL
-    )
-  `);
-    db.run("CREATE INDEX IF NOT EXISTS idx_al_user   ON audit_logs(userId,   createdAt)");
-    db.run("CREATE INDEX IF NOT EXISTS idx_al_tenant ON audit_logs(tenantId, createdAt)");
-    db.run("CREATE INDEX IF NOT EXISTS idx_al_path   ON audit_logs(path)");
-}
-// ---------------------------------------------------------------------------
-// logAuditEntry
-// ---------------------------------------------------------------------------
-/**
- * Persist an audit log entry to the configured store.
- * Errors are caught internally — this function never throws, to ensure
- * storage failures never fail the HTTP request.
- */
-export async function logAuditEntry(entry, options) {
-    try {
-        if (options.store === "memory") {
-            _auditLogs.push(entry);
-            return;
-        }
-        if (options.store === "sqlite") {
-            const db = options.db;
-            if (!db)
-                throw new Error("AuditLog: store is 'sqlite' but no db instance was provided");
-            ensureSqliteTable(db);
-            db.run(`INSERT INTO audit_logs
-           (id, userId, sessionId, tenantId, method, path, status,
-            ip, userAgent, action, resource, resourceId, meta, createdAt)
-         VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`, [
-                entry.id,
-                entry.userId ?? null,
-                entry.sessionId ?? null,
-                entry.tenantId ?? null,
-                entry.method,
-                entry.path,
-                entry.status,
-                entry.ip ?? null,
-                entry.userAgent ?? null,
-                entry.action ?? null,
-                entry.resource ?? null,
-                entry.resourceId ?? null,
-                entry.meta !== undefined ? JSON.stringify(entry.meta) : null,
-                entry.createdAt,
-            ]);
-            return;
-        }
-        if (options.store === "mongo") {
-            // Lazy import to avoid bundling mongoose when not used
-            const { AuditLog } = await import("../models/AuditLog");
-            await AuditLog.create({
-                ...entry,
-                createdAt: new Date(entry.createdAt),
-            });
-            return;
-        }
-    }
-    catch (err) {
-        console.error("[auditLog] failed to write entry:", err);
-    }
-}
-// ---------------------------------------------------------------------------
-// getAuditLogs
-// ---------------------------------------------------------------------------
-/**
- * Query audit log entries from the configured store.
- * Returns `{ items, total }` where `total` is the filtered count before pagination.
- */
-export async function getAuditLogs(query, options) {
-    const limit = Math.min(query.limit ?? 50, 200);
-    const offset = query.offset ?? 0;
-    const after = query.after ? new Date(query.after).toISOString() : undefined;
-    const before = query.before ? new Date(query.before).toISOString() : undefined;
-    // --- Memory ---
-    if (options.store === "memory") {
-        let filtered = _auditLogs.slice();
-        if (query.userId !== undefined)
-            filtered = filtered.filter(e => e.userId === query.userId);
-        if (query.tenantId !== undefined)
-            filtered = filtered.filter(e => e.tenantId === query.tenantId);
-        if (after)
-            filtered = filtered.filter(e => e.createdAt >= after);
-        if (before)
-            filtered = filtered.filter(e => e.createdAt < before);
-        return { items: filtered.slice(offset, offset + limit), total: filtered.length };
-    }
-    // --- SQLite ---
-    if (options.store === "sqlite") {
-        const db = options.db;
-        if (!db)
-            throw new Error("AuditLog: store is 'sqlite' but no db instance was provided");
-        ensureSqliteTable(db);
-        const conditions = [];
-        const params = [];
-        if (query.userId !== undefined) {
-            conditions.push("userId = ?");
-            params.push(query.userId);
-        }
-        if (query.tenantId !== undefined) {
-            conditions.push("tenantId = ?");
-            params.push(query.tenantId);
-        }
-        if (after) {
-            conditions.push("createdAt >= ?");
-            params.push(after);
-        }
-        if (before) {
-            conditions.push("createdAt < ?");
-            params.push(before);
-        }
-        const where = conditions.length > 0 ? `WHERE ${conditions.join(" AND ")}` : "";
-        const { count } = db.query(`SELECT COUNT(*) as count FROM audit_logs ${where}`).get(...params) ?? { count: 0 };
-        const rows = db.query(`SELECT * FROM audit_logs ${where} ORDER BY createdAt DESC LIMIT ? OFFSET ?`).all(...params, limit, offset);
-        const items = rows.map(row => ({
-            id: row.id,
-            userId: row.userId ?? null,
-            sessionId: row.sessionId ?? null,
-            tenantId: row.tenantId ?? null,
-            method: row.method,
-            path: row.path,
-            status: row.status,
-            ip: row.ip ?? null,
-            userAgent: row.userAgent ?? null,
-            action: row.action ?? undefined,
-            resource: row.resource ?? undefined,
-            resourceId: row.resourceId ?? undefined,
-            meta: row.meta ? JSON.parse(row.meta) : undefined,
-            createdAt: row.createdAt,
-        }));
-        return { items, total: count };
-    }
-    // --- MongoDB ---
-    if (options.store === "mongo") {
-        const { AuditLog } = await import("../models/AuditLog");
-        const filter = {};
-        if (query.userId !== undefined)
-            filter.userId = query.userId;
-        if (query.tenantId !== undefined)
-            filter.tenantId = query.tenantId;
-        if (after || before) {
-            filter.createdAt = {
-                ...(after ? { $gte: new Date(after) } : {}),
-                ...(before ? { $lt: new Date(before) } : {}),
-            };
-        }
-        const [total, docs] = await Promise.all([
-            AuditLog.countDocuments(filter),
-            AuditLog.find(filter)
-                .sort({ createdAt: -1 })
-                .skip(offset)
-                .limit(limit)
-                .lean(),
-        ]);
-        const items = docs.map(doc => ({
-            id: doc.id,
-            userId: doc.userId ?? null,
-            sessionId: doc.sessionId ?? null,
-            tenantId: doc.tenantId ?? null,
-            method: doc.method,
-            path: doc.path,
-            status: doc.status,
-            ip: doc.ip ?? null,
-            userAgent: doc.userAgent ?? null,
-            action: doc.action,
-            resource: doc.resource,
-            resourceId: doc.resourceId,
-            meta: doc.meta,
-            createdAt: doc.createdAt.toISOString(),
-        }));
-        return { items, total };
-    }
-    return { items: [], total: 0 };
-}

package/dist/lib/authAdapter.d.ts

@@ -1,176 +0,0 @@
-import type { GroupRecord, GroupMembershipRecord, PaginationOpts, PaginatedResult } from "./groups";
-export type { GroupRecord, GroupMembershipRecord, PaginationOpts, PaginatedResult };
-export interface OAuthProfile {
-    email?: string;
-    name?: string;
-    avatarUrl?: string;
-}
-export interface WebAuthnCredential {
-    /** Base64url-encoded credential ID. */
-    credentialId: string;
-    /** Base64url-encoded public key. */
-    publicKey: string;
-    /** Counter for signature verification (replay protection). */
-    signCount: number;
-    /** Transport hints from the authenticator (usb, ble, nfc, internal). */
-    transports?: string[];
-    /** User-assigned name for the key (e.g. "YubiKey 5"). */
-    name?: string;
-    /** When the credential was registered (epoch ms). */
-    createdAt: number;
-}
-export interface AuthAdapter {
-    findByEmail(email: string): Promise<{
-        id: string;
-        passwordHash: string;
-    } | null>;
-    create(email: string, passwordHash: string): Promise<{
-        id: string;
-    }>;
-    /** Required when using OAuth providers. Find or create a user by provider + provider user ID. */
-    findOrCreateByProvider?(provider: string, providerId: string, profile: OAuthProfile): Promise<{
-        id: string;
-        created: boolean;
-    }>;
-    /** Optional. Set or update the password hash for a user (used by /auth/set-password). */
-    setPassword?(userId: string, passwordHash: string): Promise<void>;
-    /** Optional. Link a provider identity to an existing user (used by /auth/:provider/link). */
-    linkProvider?(userId: string, provider: string, providerId: string): Promise<void>;
-    /** Optional. Return the roles assigned to a user (used by requireRole middleware). */
-    getRoles?(userId: string): Promise<string[]>;
-    /** Optional. Set the roles for a user, replacing any existing roles. */
-    setRoles?(userId: string, roles: string[]): Promise<void>;
-    /** Optional. Add a single role to a user without affecting their other roles. */
-    addRole?(userId: string, role: string): Promise<void>;
-    /** Optional. Remove a single role from a user without affecting their other roles. */
-    removeRole?(userId: string, role: string): Promise<void>;
-    /** Optional. Return basic profile info for a user by ID (used by GET /auth/me). */
-    getUser?(userId: string): Promise<{
-        email?: string;
-        providerIds?: string[];
-        emailVerified?: boolean;
-    } | null>;
-    /** Optional. Unlink a provider identity from a user (used by DELETE /auth/:provider/link). */
-    unlinkProvider?(userId: string, provider: string): Promise<void>;
-    /**
-     * Optional. Look up a user by their primary identifier (email, username, or phone depending on config).
-     * When provided, used instead of findByEmail for credential login/register flows.
-     */
-    findByIdentifier?(value: string): Promise<{
-        id: string;
-        passwordHash: string;
-    } | null>;
-    /** Optional. Mark a user's email address as verified (used by POST /auth/verify-email). */
-    setEmailVerified?(userId: string, verified: boolean): Promise<void>;
-    /** Optional. Return whether a user's email address has been verified. */
-    getEmailVerified?(userId: string): Promise<boolean>;
-    /** Optional. Permanently delete a user account. Used by DELETE /auth/me. */
-    deleteUser?(userId: string): Promise<void>;
-    /** Optional. Check whether a user has a password set (credential account vs OAuth-only). */
-    hasPassword?(userId: string): Promise<boolean>;
-    /** Optional. Store the TOTP secret for MFA setup (encrypted or plaintext, adapter decides). */
-    setMfaSecret?(userId: string, secret: string | null): Promise<void>;
-    /** Optional. Retrieve the TOTP secret for MFA verification. */
-    getMfaSecret?(userId: string): Promise<string | null>;
-    /** Optional. Check whether MFA is enabled for a user. */
-    isMfaEnabled?(userId: string): Promise<boolean>;
-    /** Optional. Enable or disable MFA for a user. */
-    setMfaEnabled?(userId: string, enabled: boolean): Promise<void>;
-    /** Optional. Store hashed recovery codes for MFA. */
-    setRecoveryCodes?(userId: string, codes: string[]): Promise<void>;
-    /** Optional. Retrieve hashed recovery codes for MFA. */
-    getRecoveryCodes?(userId: string): Promise<string[]>;
-    /** Optional. Remove a single recovery code after use. */
-    removeRecoveryCode?(userId: string, code: string): Promise<void>;
-    /** Optional. Get the MFA methods enabled for a user (e.g., ["totp"], ["emailOtp"], ["totp", "emailOtp"]). */
-    getMfaMethods?(userId: string): Promise<string[]>;
-    /** Optional. Set the MFA methods enabled for a user. */
-    setMfaMethods?(userId: string, methods: string[]): Promise<void>;
-    /** Optional. Get roles for a user within a specific tenant. */
-    getTenantRoles?(userId: string, tenantId: string): Promise<string[]>;
-    /** Optional. Set roles for a user within a specific tenant (replaces existing). */
-    setTenantRoles?(userId: string, tenantId: string, roles: string[]): Promise<void>;
-    /** Optional. Add a single role to a user within a specific tenant. */
-    addTenantRole?(userId: string, tenantId: string, role: string): Promise<void>;
-    /** Optional. Remove a single role from a user within a specific tenant. */
-    removeTenantRole?(userId: string, tenantId: string, role: string): Promise<void>;
-    /** Optional. Get all WebAuthn credentials for a user. */
-    getWebAuthnCredentials?(userId: string): Promise<WebAuthnCredential[]>;
-    /** Optional. Add a WebAuthn credential for a user. */
-    addWebAuthnCredential?(userId: string, credential: WebAuthnCredential): Promise<void>;
-    /** Optional. Remove a WebAuthn credential by its credential ID. */
-    removeWebAuthnCredential?(userId: string, credentialId: string): Promise<void>;
-    /** Optional. Update the sign count for a WebAuthn credential after successful authentication. */
-    updateWebAuthnCredentialSignCount?(userId: string, credentialId: string, signCount: number): Promise<void>;
-    /** Optional. Find the user who owns a WebAuthn credential. Returns userId or null. Used for cross-user uniqueness checks. */
-    findUserByWebAuthnCredentialId?(credentialId: string): Promise<string | null>;
-    /**
-     * Create a new group. Returns the new group's id.
-     * The name must be a slug (/^[a-z0-9_-]+$/) and unique within its scope.
-     * tenantId: null = app-wide group, string = tenant-scoped group.
-     */
-    createGroup?(group: Omit<GroupRecord, "id" | "createdAt" | "updatedAt">): Promise<{
-        id: string;
-    }>;
-    /**
-     * Delete a group and cascade-delete all its memberships.
-     * Cascade behavior is adapter-specific (MongoDB: manual deleteMany, SQLite: ON DELETE CASCADE).
-     */
-    deleteGroup?(groupId: string): Promise<void>;
-    /** Get a group by ID. Returns null if not found. */
-    getGroup?(groupId: string): Promise<GroupRecord | null>;
-    /**
-     * List groups scoped to a tenant (tenantId string) or app-wide (tenantId null).
-     * Results are paginated (default limit 50, max 200).
-     */
-    listGroups?(tenantId: string | null, opts?: PaginationOpts): Promise<PaginatedResult<GroupRecord>>;
-    /**
-     * Update mutable group fields: name, displayName, description, roles.
-     * tenantId is intentionally excluded — it is immutable after creation.
-     */
-    updateGroup?(groupId: string, updates: Partial<Pick<GroupRecord, "roles" | "name" | "displayName" | "description">>): Promise<void>;
-    /**
-     * Add a user to a group with optional per-membership roles.
-     *
-     * CONTRACT: throws if the user is already a member (unique constraint violation).
-     * All adapters must surface this as a thrown error, not a silent no-op.
-     * Use updateGroupMembership to change roles on an existing membership.
-     */
-    addGroupMember?(groupId: string, userId: string, roles?: string[]): Promise<void>;
-    /**
-     * Update the per-membership roles for an existing group member.
-     * Replaces the member's roles[] in place (not additive).
-     * No updatedAt is tracked — intentional, see GroupMembershipRecord.
-     */
-    updateGroupMembership?(groupId: string, userId: string, roles: string[]): Promise<void>;
-    /** Remove a user from a group. No-op if the user is not a member. */
-    removeGroupMember?(groupId: string, userId: string): Promise<void>;
-    /** List members of a group with their per-membership roles. Paginated. */
-    getGroupMembers?(groupId: string, opts?: PaginationOpts): Promise<PaginatedResult<{
-        userId: string;
-        roles: string[];
-    }>>;
-    /**
-     * List all groups a user belongs to in the given scope, with their per-membership roles.
-     * tenantId = null → app-wide groups; tenantId = string → tenant-scoped groups.
-     */
-    getUserGroups?(userId: string, tenantId: string | null): Promise<Array<{
-        group: GroupRecord;
-        membershipRoles: string[];
-    }>>;
-    /**
-     * Return all roles a user effectively has in the given scope, combining:
-     *   1. Direct roles (app-wide or tenant-scoped)
-     *   2. Group baseline roles (from all groups the user belongs to in that scope)
-     *   3. Per-membership roles (user-specific extras within each group)
-     *
-     * SCOPE CONTRACT (matches requireRole behavior):
-     *   - tenantId = null  → app-wide direct roles + app-wide group roles only
-     *   - tenantId = string → tenant-scoped direct roles + tenant-scoped group roles only
-     *
-     * Tenant-scoped group roles NEVER satisfy app-wide role checks and vice versa.
-     */
-    getEffectiveRoles?(userId: string, tenantId: string | null): Promise<string[]>;
-}
-export declare const setAuthAdapter: (adapter: AuthAdapter) => void;
-export declare const getAuthAdapter: () => AuthAdapter;

package/dist/lib/authAdapter.js

@@ -1,7 +0,0 @@
-let _adapter = null;
-export const setAuthAdapter = (adapter) => { _adapter = adapter; };
-export const getAuthAdapter = () => {
-    if (!_adapter)
-        throw new Error("No auth adapter set — pass authAdapter to createApp/createServer, or call setAuthAdapter()");
-    return _adapter;
-};

package/dist/lib/authRateLimit.d.ts

@@ -1,13 +0,0 @@
-export declare const setAuthRateLimitStore: (store: "memory" | "redis") => void;
-export interface LimitOpts {
-    windowMs: number;
-    max: number;
-}
-/** Returns true if the key is currently over the limit (read-only, no increment). */
-export declare const isLimited: (key: string, opts: LimitOpts) => Promise<boolean>;
-/** Increments the counter and returns true if now over the limit. */
-export declare const trackAttempt: (key: string, opts: LimitOpts) => Promise<boolean>;
-/** Resets a rate limit key. Use on login success or for admin unlock. */
-export declare const bustAuthLimit: (key: string) => Promise<void>;
-/** Clears all in-memory rate limit entries. Called by clearMemoryStore(). */
-export declare const clearMemoryRateLimitStore: () => void;

package/dist/lib/authRateLimit.js

@@ -1,81 +0,0 @@
-import { getAppName } from "./appConfig";
-// ---------------------------------------------------------------------------
-// Memory implementation
-// ---------------------------------------------------------------------------
-const _memoryStore = new Map();
-const memoryStore = {
-    async get(key) {
-        const entry = _memoryStore.get(key);
-        if (!entry)
-            return null;
-        if (entry.resetAt <= Date.now()) {
-            _memoryStore.delete(key);
-            return null;
-        }
-        return entry;
-    },
-    async set(key, entry) {
-        _memoryStore.set(key, entry);
-    },
-    async delete(key) {
-        _memoryStore.delete(key);
-    },
-};
-// ---------------------------------------------------------------------------
-// Redis implementation
-// ---------------------------------------------------------------------------
-const redisStore = {
-    async get(key) {
-        const { getRedis } = await import("./redis");
-        const raw = await getRedis().get(`rl:${getAppName()}:${key}`);
-        if (!raw)
-            return null;
-        const entry = JSON.parse(raw);
-        if (entry.resetAt <= Date.now())
-            return null;
-        return entry;
-    },
-    async set(key, entry, ttlMs) {
-        const { getRedis } = await import("./redis");
-        await getRedis().set(`rl:${getAppName()}:${key}`, JSON.stringify(entry), "PX", ttlMs);
-    },
-    async delete(key) {
-        const { getRedis } = await import("./redis");
-        await getRedis().del(`rl:${getAppName()}:${key}`);
-    },
-};
-// ---------------------------------------------------------------------------
-// Active store + setter
-// ---------------------------------------------------------------------------
-let _store = memoryStore;
-export const setAuthRateLimitStore = (store) => {
-    _store = store === "redis" ? redisStore : memoryStore;
-};
-/** Returns true if the key is currently over the limit (read-only, no increment). */
-export const isLimited = async (key, opts) => {
-    const entry = await _store.get(key);
-    if (!entry)
-        return false;
-    return entry.count >= opts.max;
-};
-/** Increments the counter and returns true if now over the limit. */
-export const trackAttempt = async (key, opts) => {
-    const now = Date.now();
-    const existing = await _store.get(key);
-    if (!existing) {
-        await _store.set(key, { count: 1, resetAt: now + opts.windowMs }, opts.windowMs);
-        return 1 >= opts.max;
-    }
-    const updated = { count: existing.count + 1, resetAt: existing.resetAt };
-    const remaining = Math.max(1, existing.resetAt - now);
-    await _store.set(key, updated, remaining);
-    return updated.count >= opts.max;
-};
-/** Resets a rate limit key. Use on login success or for admin unlock. */
-export const bustAuthLimit = async (key) => {
-    await _store.delete(key);
-};
-/** Clears all in-memory rate limit entries. Called by clearMemoryStore(). */
-export const clearMemoryRateLimitStore = () => {
-    _memoryStore.clear();
-};

package/dist/lib/clientIp.d.ts

@@ -1,14 +0,0 @@
-import type { Context } from "hono";
-export declare const setTrustProxy: (value: false | number) => void;
-/**
- * Returns the client IP address, respecting the `trustProxy` setting.
- *
- * - When `trustProxy` is `false`: returns the socket-level IP (via Bun's
- *   `server.requestIP()`), ignoring `X-Forwarded-For` entirely.
- * - When `trustProxy` is a number N: takes the Nth-from-right entry in the
- *   `X-Forwarded-For` chain (skipping N trusted proxy hops), falling back to
- *   the socket-level IP.
- *
- * Returns `"unknown"` if no IP can be determined.
- */
-export declare const getClientIp: (c: Context<any>) => string;

package/dist/lib/crypto.d.ts

@@ -1,11 +0,0 @@
-/**
- * Constant-time string comparison to prevent timing attacks.
- * Returns true if both strings are equal, false otherwise.
- * Always compares the full length even on mismatch.
- */
-export declare function timingSafeEqual(a: string, b: string): boolean;
-/**
- * SHA-256 hash a string and return the hex digest.
- * Centralized to avoid duplicate implementations across modules.
- */
-export declare function sha256(input: string): string;

package/dist/lib/crypto.js

@@ -1,22 +0,0 @@
-import { createHash, timingSafeEqual as nodeTimingSafeEqual } from "crypto";
-/**
- * Constant-time string comparison to prevent timing attacks.
- * Returns true if both strings are equal, false otherwise.
- * Always compares the full length even on mismatch.
- */
-export function timingSafeEqual(a, b) {
-    if (a.length !== b.length) {
-        // Compare against self to burn the same time, then return false
-        const buf = Buffer.from(a, "utf-8");
-        nodeTimingSafeEqual(buf, buf);
-        return false;
-    }
-    return nodeTimingSafeEqual(Buffer.from(a, "utf-8"), Buffer.from(b, "utf-8"));
-}
-/**
- * SHA-256 hash a string and return the hex digest.
- * Centralized to avoid duplicate implementations across modules.
- */
-export function sha256(input) {
-    return createHash("sha256").update(input).digest("hex");
-}

package/dist/lib/deletionCancelToken.d.ts

@@ -1,12 +0,0 @@
-type CancelStore = "redis" | "mongo" | "sqlite" | "memory";
-export declare const setDeletionCancelTokenStore: (store: CancelStore) => void;
-/** Create a cancel token. Returns the raw token (to embed in the cancel link).
- *  Only the SHA-256 hash is persisted. TTL is gracePeriod + a 5-minute buffer. */
-export declare const createDeletionCancelToken: (userId: string, jobId: string, gracePeriodSeconds: number) => Promise<string>;
-/** Atomically consume a cancel token — returns its payload and deletes it.
- *  Returns null if the token is invalid, expired, or already used. */
-export declare const consumeDeletionCancelToken: (token: string) => Promise<{
-    userId: string;
-    jobId: string;
-} | null>;
-export {};

package/dist/lib/deletionCancelToken.js

@@ -1,88 +0,0 @@
-import { getRedis } from "./redis";
-import { appConnection, mongoose } from "./mongo";
-import { getAppName } from "./appConfig";
-import { sqliteCreateDeletionCancelToken, sqliteConsumeDeletionCancelToken, } from "../adapters/sqliteAuth";
-import { memoryCreateDeletionCancelToken, memoryConsumeDeletionCancelToken, } from "../adapters/memoryAuth";
-import { sha256 as hashToken } from "./crypto";
-function getCancelModel() {
-    if (appConnection.models["DeletionCancelToken"])
-        return appConnection.models["DeletionCancelToken"];
-    const { Schema } = mongoose;
-    const schema = new Schema({
-        token: { type: String, required: true, unique: true },
-        userId: { type: String, required: true },
-        jobId: { type: String, required: true },
-        expiresAt: { type: Date, required: true, index: { expireAfterSeconds: 0 } },
-    }, { collection: "deletion_cancel_tokens" });
-    return appConnection.model("DeletionCancelToken", schema);
-}
-// ---------------------------------------------------------------------------
-// Redis helpers
-// ---------------------------------------------------------------------------
-async function redisGetDel(key) {
-    const redis = getRedis();
-    if (typeof redis.getdel === "function") {
-        try {
-            return await redis.getdel(key);
-        }
-        catch (err) {
-            const msg = err?.message ?? "";
-            if (!/unknown command|ERR unknown command/i.test(msg))
-                throw err;
-        }
-    }
-    const result = await redis.eval("local v = redis.call('GET', KEYS[1])\nif v then redis.call('DEL', KEYS[1]) end\nreturn v", 1, key);
-    return result ?? null;
-}
-let _store = "redis";
-export const setDeletionCancelTokenStore = (store) => { _store = store; };
-// ---------------------------------------------------------------------------
-// Public API
-// ---------------------------------------------------------------------------
-/** Create a cancel token. Returns the raw token (to embed in the cancel link).
- *  Only the SHA-256 hash is persisted. TTL is gracePeriod + a 5-minute buffer. */
-export const createDeletionCancelToken = async (userId, jobId, gracePeriodSeconds) => {
-    const token = crypto.randomUUID();
-    const hash = hashToken(token);
-    const ttl = gracePeriodSeconds + 300; // 5-min buffer after grace period expires
-    if (_store === "memory") {
-        memoryCreateDeletionCancelToken(hash, userId, jobId, ttl);
-        return token;
-    }
-    if (_store === "sqlite") {
-        sqliteCreateDeletionCancelToken(hash, userId, jobId, ttl);
-        return token;
-    }
-    if (_store === "mongo") {
-        await getCancelModel().create({
-            token: hash,
-            userId,
-            jobId,
-            expiresAt: new Date(Date.now() + ttl * 1000),
-        });
-        return token;
-    }
-    await getRedis().set(`delcancel:${getAppName()}:${hash}`, JSON.stringify({ userId, jobId }), "EX", ttl);
-    return token;
-};
-/** Atomically consume a cancel token — returns its payload and deletes it.
- *  Returns null if the token is invalid, expired, or already used. */
-export const consumeDeletionCancelToken = async (token) => {
-    const hash = hashToken(token);
-    if (_store === "memory")
-        return memoryConsumeDeletionCancelToken(hash);
-    if (_store === "sqlite")
-        return sqliteConsumeDeletionCancelToken(hash);
-    if (_store === "mongo") {
-        const doc = await getCancelModel()
-            .findOneAndDelete({ token: hash, expiresAt: { $gt: new Date() } })
-            .lean();
-        if (!doc)
-            return null;
-        return { userId: doc.userId, jobId: doc.jobId };
-    }
-    const raw = await redisGetDel(`delcancel:${getAppName()}:${hash}`);
-    if (!raw)
-        return null;
-    return JSON.parse(raw);
-};

package/dist/lib/emailVerification.d.ts

@@ -1,13 +0,0 @@
-type VerificationStore = "redis" | "mongo" | "sqlite" | "memory";
-export declare const setEmailVerificationStore: (store: VerificationStore) => void;
-/** Create a verification token. Returns the raw token (for the email link).
- *  Only the SHA-256 hash is persisted in the store. */
-export declare const createVerificationToken: (userId: string, email: string) => Promise<string>;
-/** Look up a verification token by its raw value. Hashes before lookup. */
-export declare const getVerificationToken: (token: string) => Promise<{
-    userId: string;
-    email: string;
-} | null>;
-/** Delete a verification token by its raw value. Hashes before lookup. */
-export declare const deleteVerificationToken: (token: string) => Promise<void>;
-export {};