@lastshotlabs/bunshot 0.0.27 → 0.0.28

package/dist/adapters/memoryStorage.d.ts

@@ -1,3 +0,0 @@
-import type { StorageAdapter } from "../lib/storageAdapter";
-export declare const clearMemoryUploadStore: () => void;
-export declare const memoryStorage: () => StorageAdapter;

package/dist/adapters/memoryStorage.js

@@ -1,44 +0,0 @@
-const _store = new Map();
-export const clearMemoryUploadStore = () => {
-    _store.clear();
-};
-export const memoryStorage = () => ({
-    async put(key, data, meta) {
-        let buf;
-        if (data instanceof Blob) {
-            buf = Buffer.from(await data.arrayBuffer());
-        }
-        else if (data instanceof ReadableStream) {
-            const chunks = [];
-            const reader = data.getReader();
-            while (true) {
-                const { done, value } = await reader.read();
-                if (done)
-                    break;
-                if (value)
-                    chunks.push(value);
-            }
-            buf = Buffer.concat(chunks);
-        }
-        else {
-            buf = data;
-        }
-        _store.set(key, { data: buf, mimeType: meta.mimeType, size: meta.size });
-        return {};
-    },
-    async get(key) {
-        const entry = _store.get(key);
-        if (!entry)
-            return null;
-        const stream = new ReadableStream({
-            start(controller) {
-                controller.enqueue(entry.data);
-                controller.close();
-            },
-        });
-        return { stream, mimeType: entry.mimeType, size: entry.size };
-    },
-    async delete(key) {
-        _store.delete(key);
-    },
-});

package/dist/adapters/mongoAuth.d.ts

@@ -1,2 +0,0 @@
-import type { AuthAdapter } from "../lib/authAdapter";
-export declare const mongoAuthAdapter: AuthAdapter;

package/dist/adapters/mongoAuth.js

@@ -1,403 +0,0 @@
-import { AuthUser } from "../models/AuthUser";
-import { TenantRole } from "../models/TenantRole";
-import { Group } from "../models/Group";
-import { GroupMembership } from "../models/GroupMembership";
-import { M2MClient } from "../models/M2MClient";
-import { HttpError } from "../lib/HttpError";
-export const mongoAuthAdapter = {
-    async findByEmail(email) {
-        const user = await AuthUser.findOne({ email });
-        if (!user)
-            return null;
-        return { id: String(user._id), passwordHash: user.password };
-    },
-    async create(email, passwordHash) {
-        try {
-            const user = await AuthUser.create({ email, password: passwordHash });
-            return { id: String(user._id) };
-        }
-        catch (err) {
-            if (err?.code === 11000)
-                throw new HttpError(409, "Email already registered");
-            throw err;
-        }
-    },
-    async setPassword(userId, passwordHash) {
-        await AuthUser.findByIdAndUpdate(userId, { password: passwordHash });
-    },
-    async findOrCreateByProvider(provider, providerId, profile) {
-        const key = `${provider}:${providerId}`;
-        // Find by provider key
-        let user = await AuthUser.findOne({ providerIds: key });
-        if (user)
-            return { id: String(user._id), created: false };
-        // Reject if the email belongs to a credential account — user must link manually
-        if (profile.email) {
-            const existing = await AuthUser.findOne({ email: profile.email });
-            if (existing)
-                throw new HttpError(409, "An account with this email already exists. Sign in with your credentials, then link Google from your account settings.");
-        }
-        // Create new user
-        user = await AuthUser.create({ email: profile.email, providerIds: [key] });
-        return { id: String(user._id), created: true };
-    },
-    async linkProvider(userId, provider, providerId) {
-        const key = `${provider}:${providerId}`;
-        const user = await AuthUser.findById(userId);
-        if (!user)
-            throw new HttpError(404, "User not found");
-        if (!user.providerIds.includes(key)) {
-            user.providerIds = [...user.providerIds, key];
-            await user.save();
-        }
-    },
-    async getRoles(userId) {
-        const user = await AuthUser.findById(userId, "roles").lean();
-        return user?.roles ?? [];
-    },
-    async setRoles(userId, roles) {
-        await AuthUser.findByIdAndUpdate(userId, { roles });
-    },
-    async addRole(userId, role) {
-        await AuthUser.findByIdAndUpdate(userId, { $addToSet: { roles: role } });
-    },
-    async removeRole(userId, role) {
-        await AuthUser.findByIdAndUpdate(userId, { $pull: { roles: role } });
-    },
-    async getUser(userId) {
-        const user = await AuthUser.findById(userId, "email providerIds emailVerified displayName firstName lastName externalId suspended suspendedReason").lean();
-        if (!user)
-            return null;
-        return {
-            email: user.email,
-            providerIds: user.providerIds,
-            emailVerified: user.emailVerified ?? false,
-            displayName: user.displayName ?? undefined,
-            firstName: user.firstName ?? undefined,
-            lastName: user.lastName ?? undefined,
-            externalId: user.externalId ?? undefined,
-            suspended: user.suspended ?? false,
-            suspendedReason: user.suspendedReason ?? undefined,
-        };
-    },
-    async unlinkProvider(userId, provider) {
-        const user = await AuthUser.findById(userId);
-        if (!user)
-            throw new HttpError(404, "User not found");
-        user.providerIds = user.providerIds.filter((id) => !id.startsWith(`${provider}:`));
-        await user.save();
-    },
-    async findByIdentifier(value) {
-        const user = await AuthUser.findOne({ email: value });
-        if (!user)
-            return null;
-        return { id: String(user._id), passwordHash: user.password };
-    },
-    async setEmailVerified(userId, verified) {
-        await AuthUser.findByIdAndUpdate(userId, { emailVerified: verified });
-    },
-    async getEmailVerified(userId) {
-        const user = await AuthUser.findById(userId, "emailVerified").lean();
-        return user?.emailVerified ?? false;
-    },
-    async deleteUser(userId) {
-        await AuthUser.findByIdAndDelete(userId);
-    },
-    async hasPassword(userId) {
-        const user = await AuthUser.findById(userId, "password").lean();
-        return !!user?.password;
-    },
-    async setMfaSecret(userId, secret) {
-        await AuthUser.findByIdAndUpdate(userId, { mfaSecret: secret });
-    },
-    async getMfaSecret(userId) {
-        const user = await AuthUser.findById(userId, "mfaSecret").lean();
-        return user?.mfaSecret ?? null;
-    },
-    async isMfaEnabled(userId) {
-        const user = await AuthUser.findById(userId, "mfaEnabled").lean();
-        return user?.mfaEnabled ?? false;
-    },
-    async setMfaEnabled(userId, enabled) {
-        await AuthUser.findByIdAndUpdate(userId, { mfaEnabled: enabled });
-    },
-    async setRecoveryCodes(userId, codes) {
-        await AuthUser.findByIdAndUpdate(userId, { recoveryCodes: codes });
-    },
-    async getRecoveryCodes(userId) {
-        const user = await AuthUser.findById(userId, "recoveryCodes").lean();
-        return user?.recoveryCodes ?? [];
-    },
-    async removeRecoveryCode(userId, code) {
-        await AuthUser.findByIdAndUpdate(userId, { $pull: { recoveryCodes: code } });
-    },
-    async getMfaMethods(userId) {
-        const user = await AuthUser.findById(userId, "mfaMethods mfaEnabled").lean();
-        const methods = user?.mfaMethods ?? [];
-        // Backward compat: if mfaEnabled but no methods recorded, assume TOTP
-        if (methods.length === 0 && user?.mfaEnabled)
-            return ["totp"];
-        return methods;
-    },
-    async setMfaMethods(userId, methods) {
-        await AuthUser.findByIdAndUpdate(userId, { mfaMethods: methods });
-    },
-    async getWebAuthnCredentials(userId) {
-        const user = await AuthUser.findById(userId, "webauthnCredentials").lean();
-        const creds = user?.webauthnCredentials ?? [];
-        return creds.map((c) => ({
-            credentialId: c.credentialId,
-            publicKey: c.publicKey,
-            signCount: c.signCount,
-            transports: c.transports,
-            name: c.name,
-            createdAt: c.createdAt instanceof Date ? c.createdAt.getTime() : c.createdAt,
-        }));
-    },
-    async addWebAuthnCredential(userId, credential) {
-        await AuthUser.findByIdAndUpdate(userId, {
-            $push: {
-                webauthnCredentials: {
-                    credentialId: credential.credentialId,
-                    publicKey: credential.publicKey,
-                    signCount: credential.signCount,
-                    transports: credential.transports,
-                    name: credential.name,
-                    createdAt: new Date(credential.createdAt),
-                },
-            },
-        });
-    },
-    async removeWebAuthnCredential(userId, credentialId) {
-        await AuthUser.findByIdAndUpdate(userId, {
-            $pull: { webauthnCredentials: { credentialId } },
-        });
-    },
-    async updateWebAuthnCredentialSignCount(userId, credentialId, signCount) {
-        await AuthUser.findOneAndUpdate({ _id: userId, "webauthnCredentials.credentialId": credentialId }, { $set: { "webauthnCredentials.$.signCount": signCount } });
-    },
-    async findUserByWebAuthnCredentialId(credentialId) {
-        const user = await AuthUser.findOne({ "webauthnCredentials.credentialId": credentialId }, "_id").lean();
-        return user ? String(user._id) : null;
-    },
-    async getTenantRoles(userId, tenantId) {
-        const doc = await TenantRole.findOne({ userId, tenantId }, "roles").lean();
-        return doc?.roles ?? [];
-    },
-    async setTenantRoles(userId, tenantId, roles) {
-        await TenantRole.findOneAndUpdate({ userId, tenantId }, { $set: { roles } }, { upsert: true });
-    },
-    async addTenantRole(userId, tenantId, role) {
-        await TenantRole.findOneAndUpdate({ userId, tenantId }, { $addToSet: { roles: role } }, { upsert: true });
-    },
-    async removeTenantRole(userId, tenantId, role) {
-        await TenantRole.findOneAndUpdate({ userId, tenantId }, { $pull: { roles: role } });
-    },
-    async setSuspended(userId, suspended, reason) {
-        const update = { suspended };
-        if (suspended) {
-            update.suspendedAt = new Date();
-            update.suspendedReason = reason ?? null;
-        }
-        else {
-            update.suspendedAt = null;
-            update.suspendedReason = null;
-        }
-        await AuthUser.updateOne({ _id: userId }, { $set: update });
-    },
-    async getSuspended(userId) {
-        const user = await AuthUser.findById(userId, { suspended: 1, suspendedReason: 1 }).lean();
-        if (!user)
-            return null;
-        return { suspended: user.suspended ?? false, suspendedReason: user.suspendedReason ?? undefined };
-    },
-    async updateProfile(userId, fields) {
-        await AuthUser.updateOne({ _id: userId }, { $set: fields });
-    },
-    async listUsers(query) {
-        const filter = {};
-        if (query.email !== undefined)
-            filter.email = query.email;
-        if (query.externalId !== undefined)
-            filter.externalId = query.externalId;
-        if (query.suspended !== undefined)
-            filter.suspended = query.suspended;
-        const startIndex = query.startIndex ?? 0;
-        const count = query.count ?? 100;
-        const [users, totalResults] = await Promise.all([
-            AuthUser.find(filter, {
-                _id: 1, email: 1, displayName: 1, firstName: 1, lastName: 1,
-                externalId: 1, suspended: 1, suspendedAt: 1, suspendedReason: 1,
-                emailVerified: 1, providerIds: 1,
-            }).skip(startIndex).limit(count).lean(),
-            AuthUser.countDocuments(filter),
-        ]);
-        return {
-            users: users.map((u) => ({
-                id: String(u._id),
-                email: u.email ?? undefined,
-                displayName: u.displayName ?? undefined,
-                firstName: u.firstName ?? undefined,
-                lastName: u.lastName ?? undefined,
-                externalId: u.externalId ?? undefined,
-                suspended: u.suspended ?? false,
-                suspendedAt: u.suspendedAt ?? undefined,
-                suspendedReason: u.suspendedReason ?? undefined,
-                emailVerified: u.emailVerified ?? undefined,
-                providerIds: u.providerIds ?? undefined,
-            })),
-            totalResults,
-        };
-    },
-    // ---------------------------------------------------------------------------
-    // Groups
-    // ---------------------------------------------------------------------------
-    async createGroup(group) {
-        try {
-            const doc = await Group.create(group);
-            return { id: String(doc._id) };
-        }
-        catch (err) {
-            if (err?.code === 11000)
-                throw new HttpError(409, "A group with this name already exists in this scope");
-            throw err;
-        }
-    },
-    async deleteGroup(groupId) {
-        await Group.findByIdAndDelete(groupId);
-        // Explicit cascade (Mongoose middleware hooks are intentionally avoided for visibility)
-        await GroupMembership.deleteMany({ groupId });
-    },
-    async getGroup(groupId) {
-        const doc = await Group.findById(groupId).lean();
-        if (!doc)
-            return null;
-        return mongoGroupToRecord(doc);
-    },
-    async listGroups(tenantId, opts) {
-        const limit = Math.min(opts?.limit ?? 50, 200);
-        const offset = opts?.offset ?? 0;
-        const filter = { tenantId: tenantId ?? null };
-        const [docs, total] = await Promise.all([
-            Group.find(filter).skip(offset).limit(limit).lean(),
-            Group.countDocuments(filter),
-        ]);
-        return { items: docs.map(mongoGroupToRecord), total, limit, offset };
-    },
-    async updateGroup(groupId, updates) {
-        await Group.findByIdAndUpdate(groupId, { $set: updates });
-    },
-    async addGroupMember(groupId, userId, roles = []) {
-        // Look up group to get tenantId for denormalization
-        const group = await Group.findById(groupId, "tenantId").lean();
-        if (!group)
-            throw new HttpError(404, "Group not found");
-        try {
-            await GroupMembership.create({ groupId, userId, roles, tenantId: group.tenantId ?? null });
-        }
-        catch (err) {
-            if (err?.code === 11000)
-                throw new HttpError(409, "User is already a member of this group");
-            throw err;
-        }
-    },
-    async updateGroupMembership(groupId, userId, roles) {
-        await GroupMembership.findOneAndUpdate({ groupId, userId }, { $set: { roles } });
-    },
-    async removeGroupMember(groupId, userId) {
-        await GroupMembership.deleteOne({ groupId, userId });
-    },
-    async getGroupMembers(groupId, opts) {
-        const limit = Math.min(opts?.limit ?? 50, 200);
-        const offset = opts?.offset ?? 0;
-        const [docs, total] = await Promise.all([
-            GroupMembership.find({ groupId }, "userId roles").skip(offset).limit(limit).lean(),
-            GroupMembership.countDocuments({ groupId }),
-        ]);
-        return {
-            items: docs.map((d) => ({ userId: d.userId, roles: d.roles ?? [] })),
-            total, limit, offset,
-        };
-    },
-    async getUserGroups(userId, tenantId) {
-        const memberships = await GroupMembership.find({ userId, tenantId: tenantId ?? null }, "groupId roles").lean();
-        if (memberships.length === 0)
-            return [];
-        const groupIds = memberships.map((m) => m.groupId);
-        const groups = await Group.find({ _id: { $in: groupIds } }).lean();
-        const groupMap = new Map(groups.map((g) => [String(g._id), g]));
-        return memberships.map((m) => ({
-            group: mongoGroupToRecord(groupMap.get(m.groupId)),
-            membershipRoles: m.roles ?? [],
-        })).filter((r) => r.group);
-    },
-    async getEffectiveRoles(userId, tenantId) {
-        // Direct roles
-        let direct = [];
-        if (tenantId) {
-            const doc = await TenantRole.findOne({ userId, tenantId }, "roles").lean();
-            direct = doc?.roles ?? [];
-        }
-        else {
-            const user = await AuthUser.findById(userId, "roles").lean();
-            direct = user?.roles ?? [];
-        }
-        // Group roles via memberships
-        const memberships = await GroupMembership.find({ userId, tenantId: tenantId ?? null }, "groupId roles").lean();
-        if (memberships.length === 0)
-            return [...new Set(direct)];
-        const groupIds = memberships.map((m) => m.groupId);
-        const groups = await Group.find({ _id: { $in: groupIds } }, "roles").lean();
-        const groupMap = new Map(groups.map((g) => [String(g._id), g.roles ?? []]));
-        const groupRoles = memberships.flatMap((m) => [
-            ...(groupMap.get(m.groupId) ?? []),
-            ...(m.roles ?? []),
-        ]);
-        return [...new Set([...direct, ...groupRoles])];
-    },
-    // ---------------------------------------------------------------------------
-    // M2M client credentials
-    // ---------------------------------------------------------------------------
-    async getM2MClient(clientId) {
-        const client = await M2MClient.findOne({ clientId, active: true }).lean();
-        if (!client)
-            return null;
-        return {
-            id: String(client._id),
-            clientId: client.clientId,
-            name: client.name,
-            scopes: client.scopes,
-            active: client.active,
-            clientSecretHash: client.clientSecretHash,
-        };
-    },
-    async createM2MClient(data) {
-        const client = await M2MClient.create(data);
-        return { id: String(client._id) };
-    },
-    async deleteM2MClient(clientId) {
-        await M2MClient.deleteOne({ clientId });
-    },
-    async listM2MClients() {
-        const clients = await M2MClient.find({}).lean();
-        return clients.map((c) => ({
-            id: String(c._id),
-            clientId: c.clientId,
-            name: c.name,
-            scopes: c.scopes,
-            active: c.active,
-        }));
-    },
-};
-function mongoGroupToRecord(doc) {
-    return {
-        id: String(doc._id),
-        name: doc.name,
-        displayName: doc.displayName,
-        description: doc.description,
-        roles: doc.roles ?? [],
-        tenantId: doc.tenantId ?? null,
-        createdAt: doc.createdAt instanceof Date ? doc.createdAt.getTime() : doc.createdAt,
-        updatedAt: doc.updatedAt instanceof Date ? doc.updatedAt.getTime() : doc.updatedAt,
-    };
-}

package/dist/adapters/sqliteAuth.d.ts

@@ -1,72 +0,0 @@
-import { Database } from "bun:sqlite";
-import type { AuthAdapter } from "../lib/authAdapter";
-export declare const setSqliteDb: (path: string) => void;
-export declare function getDb(): Database;
-export declare const sqliteAuthAdapter: AuthAdapter;
-import type { SessionMetadata, SessionInfo } from "../lib/session";
-export declare const sqliteCreateSession: (userId: string, token: string, sessionId: string, metadata?: SessionMetadata) => void;
-export declare const sqliteGetSession: (sessionId: string) => string | null;
-export declare const sqliteDeleteSession: (sessionId: string) => void;
-export declare const sqliteGetUserSessions: (userId: string) => SessionInfo[];
-export declare const sqliteGetActiveSessionCount: (userId: string) => number;
-export declare const sqliteEvictOldestSession: (userId: string) => void;
-export declare const sqliteUpdateSessionLastActive: (sessionId: string) => void;
-import type { RefreshResult } from "../lib/session";
-export declare const sqliteSetRefreshToken: (sessionId: string, refreshToken: string) => void;
-export declare const sqliteGetSessionByRefreshToken: (refreshToken: string) => RefreshResult | null;
-export declare const sqliteRotateRefreshToken: (sessionId: string, newRefreshToken: string, newAccessToken: string) => void;
-export declare const sqliteGetSessionFingerprint: (sessionId: string) => string | null;
-export declare const sqliteSetSessionFingerprint: (sessionId: string, fingerprint: string) => void;
-export declare const sqliteGetMfaVerifiedAt: (sessionId: string) => number | null;
-export declare const sqliteSetMfaVerifiedAt: (sessionId: string, ts: number) => void;
-export declare const sqliteStoreOAuthState: (state: string, codeVerifier?: string, linkUserId?: string) => void;
-export declare const sqliteConsumeOAuthState: (state: string) => {
-    codeVerifier?: string;
-    linkUserId?: string;
-} | null;
-export declare const isSqliteReady: () => boolean;
-export declare const sqliteGetCache: (key: string) => string | null;
-export declare const sqliteSetCache: (key: string, value: string, ttlSeconds?: number) => void;
-export declare const sqliteDelCache: (key: string) => void;
-export declare const sqliteDelCachePattern: (pattern: string) => void;
-export declare const sqliteCreateVerificationToken: (token: string, userId: string, email: string, ttlSeconds: number) => void;
-export declare const sqliteGetVerificationToken: (token: string) => {
-    userId: string;
-    email: string;
-} | null;
-export declare const sqliteDeleteVerificationToken: (token: string) => void;
-export declare const sqliteConsumeVerificationToken: (token: string) => {
-    userId: string;
-    email: string;
-} | null;
-export declare const sqliteCreateResetToken: (token: string, userId: string, email: string, ttlSeconds: number) => void;
-export declare const sqliteConsumeResetToken: (hash: string) => {
-    userId: string;
-    email: string;
-} | null;
-export declare const sqliteCreateDeletionCancelToken: (token: string, userId: string, jobId: string, ttlSeconds: number) => void;
-export declare const sqliteConsumeDeletionCancelToken: (hash: string) => {
-    userId: string;
-    jobId: string;
-} | null;
-import type { OAuthCodePayload } from "../lib/oauthCode";
-export declare const sqliteStoreOAuthCode: (hash: string, payload: OAuthCodePayload, ttlSeconds: number) => void;
-export declare const sqliteConsumeOAuthCode: (hash: string) => OAuthCodePayload | null;
-export declare const startSqliteCleanup: (intervalMs?: number) => ReturnType<typeof setInterval>;
-export declare const sqliteRegisterUpload: (record: {
-    key: string;
-    ownerUserId?: string;
-    tenantId?: string;
-    mimeType?: string;
-    bucket?: string;
-    createdAt: number;
-}) => void;
-export declare const sqliteGetUploadRecord: (key: string) => {
-    key: string;
-    ownerUserId?: string;
-    tenantId?: string;
-    mimeType?: string;
-    bucket?: string;
-    createdAt: number;
-} | null;
-export declare const sqliteDeleteUploadRecord: (key: string) => boolean;