npm - @lastshotlabs/bunshot - Versions diffs - 0.0.27 → 0.0.28 - Mend

@lastshotlabs/bunshot 0.0.27 → 0.0.28

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (742) hide show

package/.oclif.manifest.json +39 -0
package/README.md +8282 -2147
package/dist/cli/commands/init.js +690 -0
package/dist/cli/index.js +6 -0
package/dist/cli.js +4 -4
package/dist/packages/bunshot-admin/src/index.d.ts +15 -0
package/dist/packages/bunshot-admin/src/index.js +11 -0
package/dist/packages/bunshot-admin/src/lib/resourceTypes.d.ts +8 -0
package/dist/packages/bunshot-admin/src/lib/resourceTypes.js +33 -0
package/dist/packages/bunshot-admin/src/lib/typedRoute.d.ts +14 -0
package/dist/packages/bunshot-admin/src/lib/typedRoute.js +17 -0
package/dist/packages/bunshot-admin/src/plugin.d.ts +4 -0
package/dist/packages/bunshot-admin/src/plugin.js +46 -0
package/dist/packages/bunshot-admin/src/providers/auth0Access.d.ts +6 -0
package/dist/packages/bunshot-admin/src/providers/auth0Access.js +32 -0
package/dist/packages/bunshot-admin/src/routes/admin.d.ts +10 -0
package/dist/packages/bunshot-admin/src/routes/admin.js +923 -0
package/dist/packages/bunshot-admin/src/routes/mail.d.ts +6 -0
package/dist/packages/bunshot-admin/src/routes/mail.js +114 -0
package/dist/packages/bunshot-admin/src/routes/permissions.d.ts +8 -0
package/dist/packages/bunshot-admin/src/routes/permissions.js +315 -0
package/dist/packages/bunshot-admin/src/types/config.d.ts +16 -0
package/dist/packages/bunshot-admin/src/types/config.js +37 -0
package/dist/packages/bunshot-admin/src/types/env.d.ts +14 -0
package/dist/packages/bunshot-admin/src/types/provider.d.ts +1 -0
package/dist/packages/bunshot-admin/src/types/provider.js +4 -0
package/dist/packages/bunshot-auth/src/adapters/memoryAuth.d.ts +66 -0
package/dist/packages/bunshot-auth/src/adapters/memoryAuth.js +1063 -0
package/dist/packages/bunshot-auth/src/adapters/mongoAuth.d.ts +2 -0
package/dist/packages/bunshot-auth/src/adapters/mongoAuth.js +536 -0
package/dist/packages/bunshot-auth/src/adapters/sqliteAuth.d.ts +88 -0
package/dist/packages/bunshot-auth/src/adapters/sqliteAuth.js +1366 -0
package/dist/packages/bunshot-auth/src/admin/bunshotAccess.d.ts +2 -0
package/dist/packages/bunshot-auth/src/admin/bunshotAccess.js +23 -0
package/dist/packages/bunshot-auth/src/admin/bunshotUsers.d.ts +5 -0
package/dist/packages/bunshot-auth/src/admin/bunshotUsers.js +131 -0
package/dist/packages/bunshot-auth/src/bootstrap.d.ts +38 -0
package/dist/packages/bunshot-auth/src/bootstrap.js +384 -0
package/dist/packages/bunshot-auth/src/config/appConfig.d.ts +3 -0
package/dist/packages/bunshot-auth/src/config/appConfig.js +4 -0
package/dist/packages/bunshot-auth/src/config/authConfig.d.ts +478 -0
package/dist/packages/bunshot-auth/src/config/authConfig.js +46 -0
package/dist/packages/bunshot-auth/src/config/configLock.d.ts +2 -0
package/dist/packages/bunshot-auth/src/config/configLock.js +10 -0
package/dist/packages/bunshot-auth/src/index.d.ts +25 -0
package/dist/packages/bunshot-auth/src/index.js +23 -0
package/dist/packages/bunshot-auth/src/infra/mongo.d.ts +15 -0
package/dist/packages/bunshot-auth/src/infra/mongo.js +44 -0
package/dist/packages/bunshot-auth/src/infra/queue.d.ts +14 -0
package/dist/packages/bunshot-auth/src/infra/queue.js +27 -0
package/dist/packages/bunshot-auth/src/infra/redis.d.ts +5 -0
package/dist/packages/bunshot-auth/src/infra/redis.js +15 -0
package/dist/packages/bunshot-auth/src/infra/signing.d.ts +7 -0
package/dist/packages/bunshot-auth/src/infra/signing.js +8 -0
package/dist/packages/bunshot-auth/src/lib/accountLockout.d.ts +34 -0
package/dist/packages/bunshot-auth/src/lib/accountLockout.js +244 -0
package/dist/packages/bunshot-auth/src/lib/adapterTiers.d.ts +1 -0
package/dist/packages/bunshot-auth/src/lib/adapterTiers.js +1 -0
package/dist/packages/bunshot-auth/src/lib/authAdapter.d.ts +1 -0
package/dist/packages/bunshot-auth/src/lib/authAdapter.js +1 -0
package/dist/packages/bunshot-auth/src/lib/authContext.d.ts +15 -0
package/dist/packages/bunshot-auth/src/lib/authContext.js +1 -0
package/dist/packages/bunshot-auth/src/lib/authEventBus.d.ts +4 -0
package/dist/packages/bunshot-auth/src/lib/authEventBus.js +15 -0
package/dist/packages/bunshot-auth/src/lib/authRateLimit.d.ts +28 -0
package/dist/packages/bunshot-auth/src/lib/authRateLimit.js +205 -0
package/dist/{lib → packages/bunshot-auth/src/lib}/breachedPassword.d.ts +8 -2
package/dist/{lib → packages/bunshot-auth/src/lib}/breachedPassword.js +22 -9
package/dist/packages/bunshot-auth/src/lib/cache.d.ts +12 -0
package/dist/packages/bunshot-auth/src/lib/cache.js +120 -0
package/dist/packages/bunshot-auth/src/lib/clientIp.d.ts +4 -0
package/dist/{lib → packages/bunshot-auth/src/lib}/clientIp.js +14 -7
package/dist/packages/bunshot-auth/src/lib/cookieOptions.d.ts +27 -0
package/dist/packages/bunshot-auth/src/lib/cookieOptions.js +33 -0
package/dist/packages/bunshot-auth/src/lib/credentialStuffing.d.ts +40 -0
package/dist/packages/bunshot-auth/src/lib/credentialStuffing.js +221 -0
package/dist/packages/bunshot-auth/src/lib/deletionCancelToken.d.ts +19 -0
package/dist/packages/bunshot-auth/src/lib/deletionCancelToken.js +148 -0
package/dist/packages/bunshot-auth/src/lib/emailTemplates.d.ts +23 -0
package/dist/packages/bunshot-auth/src/lib/emailTemplates.js +265 -0
package/dist/packages/bunshot-auth/src/lib/emailVerification.d.ts +30 -0
package/dist/packages/bunshot-auth/src/lib/emailVerification.js +200 -0
package/dist/packages/bunshot-auth/src/lib/env.d.ts +1 -0
package/dist/packages/bunshot-auth/src/lib/env.js +3 -0
package/dist/packages/bunshot-auth/src/lib/fingerprint.js +36 -0
package/dist/{lib → packages/bunshot-auth/src/lib}/groups.d.ts +15 -16
package/dist/{lib → packages/bunshot-auth/src/lib}/groups.js +22 -34
package/dist/packages/bunshot-auth/src/lib/jwks.d.ts +28 -0
package/dist/packages/bunshot-auth/src/lib/jwks.js +79 -0
package/dist/packages/bunshot-auth/src/lib/jwt.d.ts +12 -0
package/dist/packages/bunshot-auth/src/lib/jwt.js +86 -0
package/dist/{lib → packages/bunshot-auth/src/lib}/logger.js +3 -3
package/dist/{lib → packages/bunshot-auth/src/lib}/m2m.d.ts +5 -4
package/dist/{lib → packages/bunshot-auth/src/lib}/m2m.js +6 -10
package/dist/packages/bunshot-auth/src/lib/magicLink.d.ts +13 -0
package/dist/packages/bunshot-auth/src/lib/magicLink.js +145 -0
package/dist/packages/bunshot-auth/src/lib/mfaChallenge.d.ts +60 -0
package/dist/packages/bunshot-auth/src/lib/mfaChallenge.js +419 -0
package/dist/packages/bunshot-auth/src/lib/oauth.d.ts +82 -0
package/dist/packages/bunshot-auth/src/lib/oauth.js +177 -0
package/dist/packages/bunshot-auth/src/lib/oauthCode.d.ts +19 -0
package/dist/packages/bunshot-auth/src/lib/oauthCode.js +182 -0
package/dist/packages/bunshot-auth/src/lib/oauthReauth.d.ts +19 -0
package/dist/packages/bunshot-auth/src/lib/oauthReauth.js +255 -0
package/dist/packages/bunshot-auth/src/lib/organization.d.ts +66 -0
package/dist/packages/bunshot-auth/src/lib/organization.js +225 -0
package/dist/packages/bunshot-auth/src/lib/passwordHistory.d.ts +12 -0
package/dist/packages/bunshot-auth/src/lib/passwordHistory.js +31 -0
package/dist/packages/bunshot-auth/src/lib/resetPassword.d.ts +20 -0
package/dist/packages/bunshot-auth/src/lib/resetPassword.js +148 -0
package/dist/packages/bunshot-auth/src/lib/roles.d.ts +9 -0
package/dist/packages/bunshot-auth/src/lib/roles.js +93 -0
package/dist/packages/bunshot-auth/src/lib/saml.d.ts +29 -0
package/dist/packages/bunshot-auth/src/lib/saml.js +73 -0
package/dist/packages/bunshot-auth/src/lib/samlRequestId.d.ts +13 -0
package/dist/packages/bunshot-auth/src/lib/samlRequestId.js +129 -0
package/dist/{lib → packages/bunshot-auth/src/lib}/scim.d.ts +7 -7
package/dist/{lib → packages/bunshot-auth/src/lib}/scim.js +15 -13
package/dist/packages/bunshot-auth/src/lib/securityEventWiring.d.ts +22 -0
package/dist/packages/bunshot-auth/src/lib/securityEventWiring.js +65 -0
package/dist/packages/bunshot-auth/src/lib/session.d.ts +45 -0
package/dist/packages/bunshot-auth/src/lib/session.js +1211 -0
package/dist/packages/bunshot-auth/src/lib/storeInfra.d.ts +26 -0
package/dist/packages/bunshot-auth/src/lib/storeInfra.js +18 -0
package/dist/{lib → packages/bunshot-auth/src/lib}/suspension.d.ts +3 -2
package/dist/{lib → packages/bunshot-auth/src/lib}/suspension.js +2 -5
package/dist/packages/bunshot-auth/src/lib/validateAdapter.d.ts +16 -0
package/dist/packages/bunshot-auth/src/lib/validateAdapter.js +161 -0
package/dist/packages/bunshot-auth/src/middleware/bearerAuth.d.ts +13 -0
package/dist/packages/bunshot-auth/src/middleware/bearerAuth.js +58 -0
package/dist/{middleware → packages/bunshot-auth/src/middleware}/csrf.d.ts +5 -4
package/dist/packages/bunshot-auth/src/middleware/csrf.js +138 -0
package/dist/packages/bunshot-auth/src/middleware/identify.d.ts +4 -0
package/dist/packages/bunshot-auth/src/middleware/identify.js +124 -0
package/dist/{middleware → packages/bunshot-auth/src/middleware}/requireMfaSetup.d.ts +2 -2
package/dist/{middleware → packages/bunshot-auth/src/middleware}/requireMfaSetup.js +10 -8
package/dist/{middleware → packages/bunshot-auth/src/middleware}/requireRole.d.ts +2 -2
package/dist/{middleware → packages/bunshot-auth/src/middleware}/requireRole.js +20 -16
package/dist/{middleware → packages/bunshot-auth/src/middleware}/requireScope.d.ts +2 -2
package/dist/{middleware → packages/bunshot-auth/src/middleware}/requireScope.js +6 -6
package/dist/{middleware → packages/bunshot-auth/src/middleware}/requireStepUp.d.ts +2 -2
package/dist/{middleware → packages/bunshot-auth/src/middleware}/requireStepUp.js +8 -7
package/dist/{middleware → packages/bunshot-auth/src/middleware}/requireVerifiedEmail.d.ts +2 -2
package/dist/{middleware → packages/bunshot-auth/src/middleware}/requireVerifiedEmail.js +7 -6
package/dist/packages/bunshot-auth/src/middleware/scimAuth.d.ts +8 -0
package/dist/packages/bunshot-auth/src/middleware/scimAuth.js +29 -0
package/dist/packages/bunshot-auth/src/middleware/userAuth.d.ts +3 -0
package/dist/packages/bunshot-auth/src/middleware/userAuth.js +6 -0
package/dist/{models → packages/bunshot-auth/src/models}/AuthUser.d.ts +12 -8
package/dist/packages/bunshot-auth/src/models/AuthUser.js +53 -0
package/dist/packages/bunshot-auth/src/models/Group.d.ts +19 -0
package/dist/packages/bunshot-auth/src/models/Group.js +22 -0
package/dist/{models → packages/bunshot-auth/src/models}/GroupMembership.d.ts +6 -8
package/dist/packages/bunshot-auth/src/models/GroupMembership.js +19 -0
package/dist/{models → packages/bunshot-auth/src/models}/M2MClient.d.ts +1 -1
package/dist/{models → packages/bunshot-auth/src/models}/M2MClient.js +5 -5
package/dist/packages/bunshot-auth/src/models/TenantRole.d.ts +13 -0
package/dist/packages/bunshot-auth/src/models/TenantRole.js +17 -0
package/dist/packages/bunshot-auth/src/plugin.d.ts +4 -0
package/dist/packages/bunshot-auth/src/plugin.js +274 -0
package/dist/packages/bunshot-auth/src/routes/auth.d.ts +15 -0
package/dist/packages/bunshot-auth/src/routes/auth.js +1624 -0
package/dist/packages/bunshot-auth/src/routes/groups.d.ts +4 -0
package/dist/packages/bunshot-auth/src/routes/groups.js +481 -0
package/dist/packages/bunshot-auth/src/routes/m2m.d.ts +2 -0
package/dist/packages/bunshot-auth/src/routes/m2m.js +145 -0
package/dist/packages/bunshot-auth/src/routes/mfa.d.ts +6 -0
package/dist/packages/bunshot-auth/src/routes/mfa.js +991 -0
package/dist/packages/bunshot-auth/src/routes/oauth.d.ts +3 -0
package/dist/packages/bunshot-auth/src/routes/oauth.js +1727 -0
package/dist/packages/bunshot-auth/src/routes/oidc.d.ts +2 -0
package/dist/packages/bunshot-auth/src/routes/oidc.js +84 -0
package/dist/packages/bunshot-auth/src/routes/organizations.d.ts +3 -0
package/dist/packages/bunshot-auth/src/routes/organizations.js +741 -0
package/dist/packages/bunshot-auth/src/routes/passkey.d.ts +2 -0
package/dist/packages/bunshot-auth/src/routes/passkey.js +199 -0
package/dist/packages/bunshot-auth/src/routes/saml.d.ts +2 -0
package/dist/packages/bunshot-auth/src/routes/saml.js +226 -0
package/dist/packages/bunshot-auth/src/routes/scim.d.ts +3 -0
package/dist/packages/bunshot-auth/src/routes/scim.js +588 -0
package/dist/packages/bunshot-auth/src/runtime.d.ts +52 -0
package/dist/packages/bunshot-auth/src/runtime.js +11 -0
package/dist/{schemas → packages/bunshot-auth/src/schemas}/auth.d.ts +4 -5
package/dist/packages/bunshot-auth/src/schemas/auth.js +24 -0
package/dist/packages/bunshot-auth/src/schemas/error.d.ts +10 -0
package/dist/packages/bunshot-auth/src/schemas/error.js +10 -0
package/dist/packages/bunshot-auth/src/schemas/success.d.ts +10 -0
package/dist/packages/bunshot-auth/src/schemas/success.js +10 -0
package/dist/packages/bunshot-auth/src/services/auth.d.ts +39 -0
package/dist/packages/bunshot-auth/src/services/auth.js +378 -0
package/dist/{services → packages/bunshot-auth/src/services}/mfa.d.ts +41 -17
package/dist/{services → packages/bunshot-auth/src/services}/mfa.js +259 -183
package/dist/packages/bunshot-auth/src/testing.d.ts +31 -0
package/dist/packages/bunshot-auth/src/testing.js +23 -0
package/dist/packages/bunshot-auth/src/types/adapter.d.ts +1 -0
package/dist/packages/bunshot-auth/src/types/adapter.js +1 -0
package/dist/packages/bunshot-auth/src/types/config.d.ts +152 -0
package/dist/packages/bunshot-auth/src/types/config.js +179 -0
package/dist/{routes → packages/bunshot-auth/src/types}/groups.d.ts +2 -3
package/dist/packages/bunshot-auth/src/types/groups.js +1 -0
package/dist/packages/bunshot-auth/src/types/oauthCode.d.ts +6 -0
package/dist/packages/bunshot-auth/src/types/oauthCode.js +1 -0
package/dist/packages/bunshot-auth/src/types/oauthReauth.d.ts +13 -0
package/dist/packages/bunshot-auth/src/types/oauthReauth.js +1 -0
package/dist/packages/bunshot-auth/src/types/redis.d.ts +1 -0
package/dist/packages/bunshot-auth/src/types/redis.js +1 -0
package/dist/packages/bunshot-auth/src/types/saml.d.ts +10 -0
package/dist/packages/bunshot-auth/src/types/saml.js +1 -0
package/dist/packages/bunshot-auth/src/types/session.d.ts +18 -0
package/dist/packages/bunshot-auth/src/types/session.js +1 -0
package/dist/packages/bunshot-auth/src/types/store.d.ts +1 -0
package/dist/packages/bunshot-auth/src/types/store.js +1 -0
package/dist/packages/bunshot-core/src/adminProvider.d.ts +95 -0
package/dist/packages/bunshot-core/src/adminProvider.js +1 -0
package/dist/packages/bunshot-core/src/auditLog.d.ts +34 -0
package/dist/packages/bunshot-core/src/auditLog.js +1 -0
package/dist/packages/bunshot-core/src/auth-adapter.d.ts +227 -0
package/dist/packages/bunshot-core/src/auth-adapter.js +4 -0
package/dist/packages/bunshot-core/src/authVariables.d.ts +14 -0
package/dist/packages/bunshot-core/src/authVariables.js +4 -0
package/dist/packages/bunshot-core/src/cache.d.ts +12 -0
package/dist/packages/bunshot-core/src/cache.js +21 -0
package/dist/{lib → packages/bunshot-core/src}/captcha.d.ts +1 -10
package/dist/packages/bunshot-core/src/captcha.js +1 -0
package/dist/packages/bunshot-core/src/clearRegistry.d.ts +6 -0
package/dist/packages/bunshot-core/src/clearRegistry.js +17 -0
package/dist/packages/bunshot-core/src/clientIp.d.ts +3 -0
package/dist/packages/bunshot-core/src/clientIp.js +45 -0
package/dist/packages/bunshot-core/src/configLock.d.ts +4 -0
package/dist/packages/bunshot-core/src/configLock.js +7 -0
package/dist/packages/bunshot-core/src/configValidation.d.ts +22 -0
package/dist/packages/bunshot-core/src/configValidation.js +39 -0
package/dist/packages/bunshot-core/src/constants.js +10 -0
package/dist/packages/bunshot-core/src/context/bunshotContext.d.ts +232 -0
package/dist/packages/bunshot-core/src/context/bunshotContext.js +1 -0
package/dist/packages/bunshot-core/src/context/contextAccess.d.ts +3 -0
package/dist/packages/bunshot-core/src/context/contextAccess.js +16 -0
package/dist/packages/bunshot-core/src/context/contextStore.d.ts +16 -0
package/dist/packages/bunshot-core/src/context/contextStore.js +31 -0
package/dist/packages/bunshot-core/src/context/frameworkConfig.d.ts +38 -0
package/dist/packages/bunshot-core/src/context/frameworkConfig.js +1 -0
package/dist/packages/bunshot-core/src/context/index.d.ts +4 -0
package/dist/packages/bunshot-core/src/context/index.js +2 -0
package/dist/packages/bunshot-core/src/context.d.ts +40 -0
package/dist/packages/bunshot-core/src/context.js +35 -0
package/dist/packages/bunshot-core/src/coreContracts.d.ts +47 -0
package/dist/packages/bunshot-core/src/coreContracts.js +1 -0
package/dist/packages/bunshot-core/src/coreRegistrar.d.ts +6 -0
package/dist/packages/bunshot-core/src/coreRegistrar.js +42 -0
package/dist/{lib → packages/bunshot-core/src}/createRoute.d.ts +4 -30
package/dist/{lib → packages/bunshot-core/src}/createRoute.js +39 -88
package/dist/packages/bunshot-core/src/cronRegistry.d.ts +11 -0
package/dist/packages/bunshot-core/src/cronRegistry.js +1 -0
package/dist/packages/bunshot-core/src/crypto.d.ts +43 -0
package/dist/packages/bunshot-core/src/crypto.js +74 -0
package/dist/packages/bunshot-core/src/csrf.d.ts +8 -0
package/dist/packages/bunshot-core/src/csrf.js +1 -0
package/dist/packages/bunshot-core/src/defaults/defaultFingerprint.d.ts +7 -0
package/dist/packages/bunshot-core/src/defaults/defaultFingerprint.js +19 -0
package/dist/packages/bunshot-core/src/defaults/memoryCacheAdapter.d.ts +6 -0
package/dist/packages/bunshot-core/src/defaults/memoryCacheAdapter.js +40 -0
package/dist/packages/bunshot-core/src/defaults/memoryRateLimit.d.ts +6 -0
package/dist/packages/bunshot-core/src/defaults/memoryRateLimit.js +24 -0
package/dist/packages/bunshot-core/src/emailTemplates.d.ts +5 -0
package/dist/packages/bunshot-core/src/emailTemplates.js +10 -0
package/dist/{lib/HttpError.d.ts → packages/bunshot-core/src/errors.d.ts} +4 -1
package/dist/{lib/HttpError.js → packages/bunshot-core/src/errors.js} +7 -1
package/dist/packages/bunshot-core/src/eventBus.d.ts +270 -0
package/dist/packages/bunshot-core/src/eventBus.js +143 -0
package/dist/packages/bunshot-core/src/idempotency.d.ts +18 -0
package/dist/packages/bunshot-core/src/idempotency.js +1 -0
package/dist/packages/bunshot-core/src/index.d.ts +60 -0
package/dist/packages/bunshot-core/src/index.js +34 -0
package/dist/packages/bunshot-core/src/mail.d.ts +14 -0
package/dist/packages/bunshot-core/src/mail.js +8 -0
package/dist/packages/bunshot-core/src/memoryEviction.d.ts +24 -0
package/dist/packages/bunshot-core/src/memoryEviction.js +52 -0
package/dist/packages/bunshot-core/src/pagination.d.ts +45 -0
package/dist/packages/bunshot-core/src/pagination.js +61 -0
package/dist/packages/bunshot-core/src/permissions.d.ts +64 -0
package/dist/packages/bunshot-core/src/permissions.js +27 -0
package/dist/packages/bunshot-core/src/plugin.d.ts +44 -0
package/dist/packages/bunshot-core/src/plugin.js +1 -0
package/dist/packages/bunshot-core/src/rateLimit.d.ts +5 -0
package/dist/packages/bunshot-core/src/rateLimit.js +18 -0
package/dist/packages/bunshot-core/src/redis.d.ts +21 -0
package/dist/packages/bunshot-core/src/redis.js +1 -0
package/dist/packages/bunshot-core/src/routeAuth.d.ts +5 -0
package/dist/packages/bunshot-core/src/routeAuth.js +11 -0
package/dist/packages/bunshot-core/src/routeOverrides.d.ts +24 -0
package/dist/packages/bunshot-core/src/routeOverrides.js +25 -0
package/dist/packages/bunshot-core/src/routerAdapter.d.ts +6 -0
package/dist/packages/bunshot-core/src/routerAdapter.js +56 -0
package/dist/packages/bunshot-core/src/secrets.d.ts +48 -0
package/dist/packages/bunshot-core/src/secrets.js +8 -0
package/dist/packages/bunshot-core/src/signing.d.ts +41 -0
package/dist/packages/bunshot-core/src/signing.js +1 -0
package/dist/packages/bunshot-core/src/sse.d.ts +36 -0
package/dist/packages/bunshot-core/src/sse.js +1 -0
package/dist/packages/bunshot-core/src/storageAdapter.js +1 -0
package/dist/packages/bunshot-core/src/storeInfra.d.ts +44 -0
package/dist/packages/bunshot-core/src/storeInfra.js +18 -0
package/dist/packages/bunshot-core/src/storeType.d.ts +7 -0
package/dist/packages/bunshot-core/src/storeType.js +1 -0
package/dist/packages/bunshot-core/src/testing.d.ts +1 -0
package/dist/packages/bunshot-core/src/testing.js +1 -0
package/dist/packages/bunshot-core/src/uploadRegistry.d.ts +23 -0
package/dist/packages/bunshot-core/src/uploadRegistry.js +4 -0
package/dist/packages/bunshot-core/src/userResolver.d.ts +5 -0
package/dist/packages/bunshot-core/src/userResolver.js +14 -0
package/dist/packages/bunshot-core/src/wsMessages.d.ts +42 -0
package/dist/packages/bunshot-core/src/wsMessages.js +4 -0
package/dist/packages/bunshot-permissions/src/adapters/memory.d.ts +7 -0
package/dist/packages/bunshot-permissions/src/adapters/memory.js +73 -0
package/dist/packages/bunshot-permissions/src/index.d.ts +10 -0
package/dist/packages/bunshot-permissions/src/index.js +5 -0
package/dist/packages/bunshot-permissions/src/lib/bootstrap.d.ts +7 -0
package/dist/packages/bunshot-permissions/src/lib/bootstrap.js +12 -0
package/dist/packages/bunshot-permissions/src/lib/evaluator.d.ts +10 -0
package/dist/packages/bunshot-permissions/src/lib/evaluator.js +165 -0
package/dist/packages/bunshot-permissions/src/lib/registry.d.ts +2 -0
package/dist/packages/bunshot-permissions/src/lib/registry.js +31 -0
package/dist/packages/bunshot-permissions/src/lib/validation.d.ts +1 -0
package/dist/packages/bunshot-permissions/src/lib/validation.js +1 -0
package/dist/packages/bunshot-permissions/src/types/adapter.d.ts +1 -0
package/dist/packages/bunshot-permissions/src/types/adapter.js +1 -0
package/dist/packages/bunshot-permissions/src/types/evaluator.d.ts +1 -0
package/dist/packages/bunshot-permissions/src/types/evaluator.js +1 -0
package/dist/packages/bunshot-permissions/src/types/models.d.ts +1 -0
package/dist/packages/bunshot-permissions/src/types/models.js +1 -0
package/dist/packages/bunshot-permissions/src/types/registry.d.ts +1 -0
package/dist/packages/bunshot-permissions/src/types/registry.js +1 -0
package/dist/packages/bunshot-postgres/src/adapter.d.ts +6 -0
package/dist/packages/bunshot-postgres/src/adapter.js +794 -0
package/dist/packages/bunshot-postgres/src/connection.d.ts +15 -0
package/dist/packages/bunshot-postgres/src/connection.js +16 -0
package/dist/packages/bunshot-postgres/src/index.d.ts +4 -0
package/dist/packages/bunshot-postgres/src/index.js +2 -0
package/dist/packages/bunshot-postgres/src/schema.d.ts +997 -0
package/dist/packages/bunshot-postgres/src/schema.js +105 -0
package/dist/src/app.d.ts +230 -0
package/dist/src/app.js +182 -0
package/dist/src/cli/commands/init.d.ts +10 -0
package/dist/src/cli/commands/init.js +709 -0
package/dist/src/cli/index.d.ts +1 -0
package/dist/src/cli/index.js +3 -0
package/dist/src/entrypoints/mongo.d.ts +6 -0
package/dist/src/entrypoints/mongo.js +4 -0
package/dist/src/entrypoints/queue.d.ts +2 -0
package/dist/src/entrypoints/queue.js +1 -0
package/dist/src/entrypoints/redis.d.ts +1 -0
package/dist/src/entrypoints/redis.js +1 -0
package/dist/{adapters → src/framework/adapters}/localStorage.d.ts +1 -1
package/dist/{adapters → src/framework/adapters}/localStorage.js +10 -10
package/dist/src/framework/adapters/memoryStorage.d.ts +2 -0
package/dist/src/framework/adapters/memoryStorage.js +45 -0
package/dist/{adapters → src/framework/adapters}/s3Storage.d.ts +1 -1
package/dist/{adapters → src/framework/adapters}/s3Storage.js +12 -12
package/dist/src/framework/admin/bunshotAccess.d.ts +2 -0
package/dist/src/framework/admin/bunshotAccess.js +23 -0
package/dist/src/framework/admin/bunshotUsers.d.ts +2 -0
package/dist/src/framework/admin/bunshotUsers.js +103 -0
package/dist/src/framework/admin/index.d.ts +7 -0
package/dist/src/framework/admin/index.js +21 -0
package/dist/src/framework/boundaryAdapters/cacheFactories.d.ts +13 -0
package/dist/src/framework/boundaryAdapters/cacheFactories.js +86 -0
package/dist/src/framework/boundaryAdapters/index.d.ts +2 -0
package/dist/src/framework/boundaryAdapters/index.js +1 -0
package/dist/src/framework/boundaryAdapters.d.ts +17 -0
package/dist/src/framework/boundaryAdapters.js +62 -0
package/dist/src/framework/buildContext.d.ts +33 -0
package/dist/src/framework/buildContext.js +119 -0
package/dist/src/framework/config/schema.d.ts +447 -0
package/dist/src/framework/config/schema.js +528 -0
package/dist/src/framework/createInfrastructure.d.ts +76 -0
package/dist/src/framework/createInfrastructure.js +221 -0
package/dist/src/framework/lib/auditLog.d.ts +23 -0
package/dist/src/framework/lib/auditLog.js +416 -0
package/dist/src/framework/lib/captcha.d.ts +11 -0
package/dist/{lib → src/framework/lib}/captcha.js +13 -10
package/dist/{lib → src/framework/lib}/createDtoMapper.js +4 -4
package/dist/src/framework/lib/createRoute.d.ts +1 -0
package/dist/src/framework/lib/createRoute.js +2 -0
package/dist/{lib → src/framework/lib}/idempotency.d.ts +2 -6
package/dist/src/framework/lib/idempotency.js +74 -0
package/dist/src/framework/lib/logger.d.ts +3 -0
package/dist/src/framework/lib/logger.js +14 -0
package/dist/src/framework/lib/metrics.d.ts +34 -0
package/dist/{lib → src/framework/lib}/metrics.js +49 -57
package/dist/src/framework/lib/pagination.d.ts +42 -0
package/dist/src/framework/lib/pagination.js +51 -0
package/dist/src/framework/lib/redisTransport.d.ts +38 -0
package/dist/src/framework/lib/redisTransport.js +107 -0
package/dist/src/framework/lib/resolveUserId.d.ts +2 -0
package/dist/src/framework/lib/resolveUserId.js +5 -0
package/dist/src/framework/lib/sseCollision.d.ts +6 -0
package/dist/src/framework/lib/sseCollision.js +26 -0
package/dist/src/framework/lib/storageAdapter.d.ts +1 -0
package/dist/src/framework/lib/storageAdapter.js +1 -0
package/dist/{lib → src/framework/lib}/stripUnreferencedSchemas.js +4 -4
package/dist/src/framework/lib/tenant.d.ts +21 -0
package/dist/src/framework/lib/tenant.js +70 -0
package/dist/{lib → src/framework/lib}/upload.d.ts +11 -10
package/dist/src/framework/lib/upload.js +132 -0
package/dist/src/framework/lib/uploadRegistry.d.ts +23 -0
package/dist/src/framework/lib/uploadRegistry.js +34 -0
package/dist/{lib → src/framework/lib}/validate.d.ts +1 -1
package/dist/{lib → src/framework/lib}/validate.js +2 -2
package/dist/src/framework/lib/ws.d.ts +19 -0
package/dist/src/framework/lib/ws.js +130 -0
package/dist/src/framework/lib/wsHeartbeat.d.ts +12 -0
package/dist/src/framework/lib/wsHeartbeat.js +53 -0
package/dist/src/framework/lib/wsMessages.d.ts +25 -0
package/dist/src/framework/lib/wsMessages.js +45 -0
package/dist/src/framework/lib/wsNamespace.d.ts +17 -0
package/dist/src/framework/lib/wsNamespace.js +19 -0
package/dist/src/framework/lib/wsPresence.d.ts +17 -0
package/dist/src/framework/lib/wsPresence.js +84 -0
package/dist/src/framework/lib/wsTransport.d.ts +38 -0
package/dist/src/framework/lib/wsTransport.js +9 -0
package/dist/{lib → src/framework/lib}/zodToMongoose.d.ts +1 -1
package/dist/{lib → src/framework/lib}/zodToMongoose.js +11 -11
package/dist/{middleware → src/framework/middleware}/auditLog.d.ts +4 -3
package/dist/src/framework/middleware/auditLog.js +42 -0
package/dist/{middleware → src/framework/middleware}/botProtection.d.ts +2 -2
package/dist/{middleware → src/framework/middleware}/botProtection.js +8 -9
package/dist/src/framework/middleware/cacheResponse.d.ts +35 -0
package/dist/src/framework/middleware/cacheResponse.js +126 -0
package/dist/{middleware → src/framework/middleware}/captcha.d.ts +2 -3
package/dist/src/framework/middleware/captcha.js +37 -0
package/dist/{middleware → src/framework/middleware}/errorHandler.d.ts +1 -1
package/dist/{middleware → src/framework/middleware}/errorHandler.js +2 -2
package/dist/src/framework/middleware/index.js +1 -0
package/dist/{middleware → src/framework/middleware}/logger.d.ts +1 -1
package/dist/src/framework/middleware/metrics.d.ts +12 -0
package/dist/src/framework/middleware/metrics.js +26 -0
package/dist/{middleware → src/framework/middleware}/rateLimit.d.ts +2 -2
package/dist/src/framework/middleware/rateLimit.js +22 -0
package/dist/src/framework/middleware/requestId.d.ts +3 -0
package/dist/{middleware → src/framework/middleware}/requestId.js +2 -2
package/dist/{middleware → src/framework/middleware}/requestLogger.d.ts +3 -3
package/dist/{middleware → src/framework/middleware}/requestLogger.js +17 -12
package/dist/{middleware → src/framework/middleware}/requestSigning.d.ts +2 -2
package/dist/{middleware → src/framework/middleware}/requestSigning.js +18 -20
package/dist/src/framework/middleware/tenant.d.ts +14 -0
package/dist/{middleware → src/framework/middleware}/tenant.js +31 -27
package/dist/src/framework/middleware/upload.d.ts +5 -0
package/dist/{middleware → src/framework/middleware}/upload.js +4 -4
package/dist/{middleware → src/framework/middleware}/webhookAuth.d.ts +3 -3
package/dist/{middleware → src/framework/middleware}/webhookAuth.js +11 -12
package/dist/src/framework/models/AuditLog.d.ts +21 -0
package/dist/src/framework/models/AuditLog.js +31 -0
package/dist/src/framework/mountMiddleware.d.ts +91 -0
package/dist/src/framework/mountMiddleware.js +128 -0
package/dist/src/framework/mountOptionalEndpoints.d.ts +103 -0
package/dist/src/framework/mountOptionalEndpoints.js +47 -0
package/dist/src/framework/mountRoutes.d.ts +21 -0
package/dist/src/framework/mountRoutes.js +144 -0
package/dist/src/framework/persistence/cronRegistry.d.ts +28 -0
package/dist/src/framework/persistence/cronRegistry.js +139 -0
package/dist/src/framework/persistence/idempotency.d.ts +26 -0
package/dist/src/framework/persistence/idempotency.js +178 -0
package/dist/src/framework/persistence/index.d.ts +6 -0
package/dist/src/framework/persistence/index.js +8 -0
package/dist/src/framework/persistence/storeInfra.d.ts +9 -0
package/dist/src/framework/persistence/storeInfra.js +1 -0
package/dist/src/framework/persistence/uploadRegistry.d.ts +35 -0
package/dist/src/framework/persistence/uploadRegistry.js +235 -0
package/dist/src/framework/persistence/wsMessages.d.ts +22 -0
package/dist/src/framework/persistence/wsMessages.js +296 -0
package/dist/src/framework/preloadSchemas.d.ts +24 -0
package/dist/src/framework/preloadSchemas.js +42 -0
package/dist/src/framework/registerBoundaryAdapters.d.ts +23 -0
package/dist/src/framework/registerBoundaryAdapters.js +46 -0
package/dist/src/framework/routes/admin.d.ts +9 -0
package/dist/src/framework/routes/admin.js +361 -0
package/dist/src/framework/routes/health.d.ts +1 -0
package/dist/src/framework/routes/health.js +21 -0
package/dist/src/framework/routes/home.d.ts +1 -0
package/dist/src/framework/routes/home.js +18 -0
package/dist/src/framework/routes/jobs.d.ts +3 -0
package/dist/{routes → src/framework/routes}/jobs.js +128 -103
package/dist/src/framework/routes/metrics.d.ts +10 -0
package/dist/src/framework/routes/metrics.js +57 -0
package/dist/{routes → src/framework/routes}/uploads.d.ts +3 -3
package/dist/src/framework/routes/uploads.js +262 -0
package/dist/src/framework/runPluginLifecycle.d.ts +27 -0
package/dist/src/framework/runPluginLifecycle.js +121 -0
package/dist/src/framework/secrets/frameworkSecretSchema.d.ts +58 -0
package/dist/src/framework/secrets/frameworkSecretSchema.js +20 -0
package/dist/src/framework/secrets/index.d.ts +9 -0
package/dist/src/framework/secrets/index.js +7 -0
package/dist/src/framework/secrets/providers/envProvider.d.ts +15 -0
package/dist/src/framework/secrets/providers/envProvider.js +18 -0
package/dist/src/framework/secrets/providers/fileProvider.d.ts +8 -0
package/dist/src/framework/secrets/providers/fileProvider.js +82 -0
package/dist/src/framework/secrets/providers/ssmProvider.d.ts +20 -0
package/dist/src/framework/secrets/providers/ssmProvider.js +127 -0
package/dist/src/framework/secrets/resolveSecretBundle.d.ts +53 -0
package/dist/src/framework/secrets/resolveSecretBundle.js +84 -0
package/dist/src/framework/secrets/resolveSecrets.d.ts +18 -0
package/dist/src/framework/secrets/resolveSecrets.js +34 -0
package/dist/src/framework/sse/index.d.ts +21 -0
package/dist/src/framework/sse/index.js +109 -0
package/dist/src/framework/ws/index.d.ts +11 -0
package/dist/src/framework/ws/index.js +8 -0
package/dist/src/index.d.ts +87 -0
package/dist/src/index.js +58 -0
package/dist/src/lib/appConfig.d.ts +7 -0
package/dist/src/lib/appConfig.js +27 -0
package/dist/src/lib/appMeta.d.ts +7 -0
package/dist/src/lib/appMeta.js +3 -0
package/dist/src/lib/authConfig.d.ts +532 -0
package/dist/{lib/appConfig.js → src/lib/authConfig.js} +75 -17
package/dist/{lib → src/lib}/context.d.ts +6 -12
package/dist/{lib → src/lib}/context.js +5 -5
package/dist/src/lib/logger.d.ts +1 -0
package/dist/src/lib/logger.js +1 -0
package/dist/src/lib/mongo.d.ts +58 -0
package/dist/src/lib/mongo.js +96 -0
package/dist/src/lib/queue.d.ts +72 -0
package/dist/src/lib/queue.js +152 -0
package/dist/src/lib/redis.d.ts +28 -0
package/dist/src/lib/redis.js +72 -0
package/dist/{lib → src/lib}/signing.d.ts +2 -2
package/dist/src/lib/signing.js +210 -0
package/dist/src/lib/signingConfig.d.ts +40 -0
package/dist/src/lib/signingConfig.js +28 -0
package/dist/src/server.d.ts +146 -0
package/dist/src/server.js +469 -0
package/dist/src/shared/lib/HttpError.d.ts +1 -0
package/dist/src/shared/lib/HttpError.js +2 -0
package/dist/src/shared/lib/constants.d.ts +10 -0
package/dist/src/shared/lib/crypto.d.ts +43 -0
package/dist/src/shared/lib/crypto.js +74 -0
package/dist/src/shared/lib/signing.d.ts +52 -0
package/dist/{lib → src/shared/lib}/signing.js +35 -8
package/dist/src/testing.d.ts +34 -0
package/dist/src/testing.js +93 -0
package/package.json +60 -24
package/dist/adapters/memoryAuth.d.ts +0 -52
package/dist/adapters/memoryAuth.js +0 -749
package/dist/adapters/memoryStorage.d.ts +0 -3
package/dist/adapters/memoryStorage.js +0 -44
package/dist/adapters/mongoAuth.d.ts +0 -2
package/dist/adapters/mongoAuth.js +0 -403
package/dist/adapters/sqliteAuth.d.ts +0 -72
package/dist/adapters/sqliteAuth.js +0 -858
package/dist/app.d.ts +0 -559
package/dist/app.js +0 -651
package/dist/entrypoints/mongo.d.ts +0 -5
package/dist/entrypoints/mongo.js +0 -4
package/dist/entrypoints/queue.d.ts +0 -2
package/dist/entrypoints/queue.js +0 -1
package/dist/entrypoints/redis.d.ts +0 -1
package/dist/entrypoints/redis.js +0 -1
package/dist/index.d.ts +0 -117
package/dist/index.js +0 -88
package/dist/lib/appConfig.d.ts +0 -275
package/dist/lib/auditLog.d.ts +0 -58
package/dist/lib/auditLog.js +0 -218
package/dist/lib/authAdapter.d.ts +0 -246
package/dist/lib/authAdapter.js +0 -7
package/dist/lib/authRateLimit.d.ts +0 -13
package/dist/lib/authRateLimit.js +0 -117
package/dist/lib/clientIp.d.ts +0 -14
package/dist/lib/credentialStuffing.d.ts +0 -31
package/dist/lib/credentialStuffing.js +0 -77
package/dist/lib/crypto.d.ts +0 -11
package/dist/lib/crypto.js +0 -22
package/dist/lib/deletionCancelToken.d.ts +0 -12
package/dist/lib/deletionCancelToken.js +0 -88
package/dist/lib/emailVerification.d.ts +0 -19
package/dist/lib/emailVerification.js +0 -129
package/dist/lib/fingerprint.js +0 -36
package/dist/lib/idempotency.js +0 -182
package/dist/lib/jwks.d.ts +0 -25
package/dist/lib/jwks.js +0 -51
package/dist/lib/jwt.d.ts +0 -15
package/dist/lib/jwt.js +0 -111
package/dist/lib/metrics.d.ts +0 -14
package/dist/lib/mfaChallenge.d.ts +0 -55
package/dist/lib/mfaChallenge.js +0 -398
package/dist/lib/mongo.d.ts +0 -39
package/dist/lib/mongo.js +0 -124
package/dist/lib/oauth.d.ts +0 -40
package/dist/lib/oauth.js +0 -101
package/dist/lib/oauthCode.d.ts +0 -15
package/dist/lib/oauthCode.js +0 -95
package/dist/lib/pagination.d.ts +0 -119
package/dist/lib/pagination.js +0 -166
package/dist/lib/queue.d.ts +0 -37
package/dist/lib/queue.js +0 -117
package/dist/lib/redis.d.ts +0 -9
package/dist/lib/redis.js +0 -61
package/dist/lib/resetPassword.d.ts +0 -12
package/dist/lib/resetPassword.js +0 -93
package/dist/lib/roles.d.ts +0 -7
package/dist/lib/roles.js +0 -49
package/dist/lib/saml.d.ts +0 -25
package/dist/lib/saml.js +0 -64
package/dist/lib/securityEvents.d.ts +0 -28
package/dist/lib/securityEvents.js +0 -26
package/dist/lib/session.d.ts +0 -49
package/dist/lib/session.js +0 -597
package/dist/lib/tenant.d.ts +0 -15
package/dist/lib/tenant.js +0 -65
package/dist/lib/upload.js +0 -112
package/dist/lib/uploadRegistry.d.ts +0 -18
package/dist/lib/uploadRegistry.js +0 -83
package/dist/lib/ws.d.ts +0 -22
package/dist/lib/ws.js +0 -96
package/dist/lib/wsHeartbeat.d.ts +0 -12
package/dist/lib/wsHeartbeat.js +0 -57
package/dist/lib/wsMessages.d.ts +0 -40
package/dist/lib/wsMessages.js +0 -330
package/dist/lib/wsPresence.d.ts +0 -25
package/dist/lib/wsPresence.js +0 -99
package/dist/middleware/auditLog.js +0 -39
package/dist/middleware/bearerAuth.d.ts +0 -2
package/dist/middleware/bearerAuth.js +0 -11
package/dist/middleware/cacheResponse.d.ts +0 -15
package/dist/middleware/cacheResponse.js +0 -178
package/dist/middleware/captcha.js +0 -36
package/dist/middleware/csrf.js +0 -129
package/dist/middleware/identify.d.ts +0 -3
package/dist/middleware/identify.js +0 -122
package/dist/middleware/index.js +0 -1
package/dist/middleware/metrics.d.ts +0 -9
package/dist/middleware/metrics.js +0 -26
package/dist/middleware/rateLimit.js +0 -22
package/dist/middleware/requestId.d.ts +0 -3
package/dist/middleware/scimAuth.d.ts +0 -8
package/dist/middleware/scimAuth.js +0 -29
package/dist/middleware/tenant.d.ts +0 -5
package/dist/middleware/upload.d.ts +0 -5
package/dist/middleware/userAuth.d.ts +0 -3
package/dist/middleware/userAuth.js +0 -6
package/dist/models/AuditLog.d.ts +0 -30
package/dist/models/AuditLog.js +0 -39
package/dist/models/AuthUser.js +0 -55
package/dist/models/Group.d.ts +0 -21
package/dist/models/Group.js +0 -28
package/dist/models/GroupMembership.js +0 -25
package/dist/models/TenantRole.d.ts +0 -15
package/dist/models/TenantRole.js +0 -23
package/dist/routes/auth.d.ts +0 -12
package/dist/routes/auth.js +0 -744
package/dist/routes/groups.js +0 -346
package/dist/routes/health.d.ts +0 -1
package/dist/routes/health.js +0 -22
package/dist/routes/home.d.ts +0 -1
package/dist/routes/home.js +0 -16
package/dist/routes/jobs.d.ts +0 -2
package/dist/routes/m2m.d.ts +0 -2
package/dist/routes/m2m.js +0 -72
package/dist/routes/metrics.d.ts +0 -8
package/dist/routes/metrics.js +0 -55
package/dist/routes/mfa.d.ts +0 -5
package/dist/routes/mfa.js +0 -628
package/dist/routes/oauth.d.ts +0 -2
package/dist/routes/oauth.js +0 -520
package/dist/routes/oidc.d.ts +0 -2
package/dist/routes/oidc.js +0 -29
package/dist/routes/passkey.d.ts +0 -1
package/dist/routes/passkey.js +0 -157
package/dist/routes/saml.d.ts +0 -2
package/dist/routes/saml.js +0 -86
package/dist/routes/scim.d.ts +0 -2
package/dist/routes/scim.js +0 -255
package/dist/routes/uploads.js +0 -227
package/dist/schemas/auth.js +0 -30
package/dist/server.d.ts +0 -57
package/dist/server.js +0 -112
package/dist/services/auth.d.ts +0 -29
package/dist/services/auth.js +0 -238
package/dist/ws/index.d.ts +0 -10
package/dist/ws/index.js +0 -39
package/docs/sections/adding-middleware/full.md +0 -35
package/docs/sections/adding-models/full.md +0 -125
package/docs/sections/adding-models/overview.md +0 -13
package/docs/sections/adding-routes/full.md +0 -182
package/docs/sections/adding-routes/overview.md +0 -23
package/docs/sections/auth-flow/full.md +0 -790
package/docs/sections/auth-flow/overview.md +0 -10
package/docs/sections/auth-security-examples/full.md +0 -388
package/docs/sections/authentication/full.md +0 -130
package/docs/sections/authentication/overview.md +0 -5
package/docs/sections/cli/full.md +0 -42
package/docs/sections/configuration/full.md +0 -172
package/docs/sections/configuration/overview.md +0 -18
package/docs/sections/configuration-example/full.md +0 -117
package/docs/sections/configuration-example/overview.md +0 -30
package/docs/sections/documentation/full.md +0 -171
package/docs/sections/environment-variables/full.md +0 -55
package/docs/sections/exports/full.md +0 -123
package/docs/sections/extending-context/full.md +0 -59
package/docs/sections/header.md +0 -3
package/docs/sections/installation/full.md +0 -6
package/docs/sections/jobs/full.md +0 -140
package/docs/sections/jobs/overview.md +0 -15
package/docs/sections/logging/full.md +0 -83
package/docs/sections/metrics/full.md +0 -131
package/docs/sections/mongodb-connections/full.md +0 -45
package/docs/sections/mongodb-connections/overview.md +0 -7
package/docs/sections/multi-tenancy/full.md +0 -66
package/docs/sections/multi-tenancy/overview.md +0 -15
package/docs/sections/oauth/full.md +0 -189
package/docs/sections/oauth/overview.md +0 -16
package/docs/sections/package-development/full.md +0 -7
package/docs/sections/pagination/full.md +0 -93
package/docs/sections/passkey-login/full.md +0 -90
package/docs/sections/passkey-login/overview.md +0 -1
package/docs/sections/peer-dependencies/full.md +0 -47
package/docs/sections/quick-start/full.md +0 -43
package/docs/sections/response-caching/full.md +0 -117
package/docs/sections/response-caching/overview.md +0 -13
package/docs/sections/roles/full.md +0 -225
package/docs/sections/roles/overview.md +0 -14
package/docs/sections/running-without-redis/full.md +0 -16
package/docs/sections/running-without-redis-or-mongodb/full.md +0 -60
package/docs/sections/signing/full.md +0 -203
package/docs/sections/stack/full.md +0 -10
package/docs/sections/uploads/full.md +0 -208
package/docs/sections/versioning/full.md +0 -85
package/docs/sections/webhook-auth/full.md +0 -100
package/docs/sections/websocket/full.md +0 -196
package/docs/sections/websocket/overview.md +0 -5
package/docs/sections/websocket-rooms/full.md +0 -102
package/docs/sections/websocket-rooms/overview.md +0 -5
/package/dist/{lib/storageAdapter.js → packages/bunshot-admin/src/types/env.js} +0 -0
/package/dist/{lib → packages/bunshot-auth/src/lib}/fingerprint.d.ts +0 -0
/package/dist/{lib → packages/bunshot-auth/src/lib}/logger.d.ts +0 -0
/package/dist/{lib → packages/bunshot-core/src}/constants.d.ts +0 -0
/package/dist/{lib → packages/bunshot-core/src}/storageAdapter.d.ts +0 -0
/package/dist/{lib → src/framework/lib}/createDtoMapper.d.ts +0 -0
/package/dist/{lib → src/framework/lib}/stripUnreferencedSchemas.d.ts +0 -0
/package/dist/{middleware → src/framework/middleware}/cors.d.ts +0 -0
/package/dist/{middleware → src/framework/middleware}/cors.js +0 -0
/package/dist/{middleware → src/framework/middleware}/index.d.ts +0 -0
/package/dist/{middleware → src/framework/middleware}/logger.js +0 -0
/package/dist/{lib → src/shared/lib}/constants.js +0 -0

package/dist/middleware/cacheResponse.js DELETED Viewed

@@ -1,178 +0,0 @@
-import { getRedis } from "../lib/redis";
-import { getAppName } from "../lib/appConfig";
-import { appConnection, mongoose } from "../lib/mongo";
-import { isSqliteReady, sqliteGetCache, sqliteSetCache, sqliteDelCache, sqliteDelCachePattern } from "../adapters/sqliteAuth";
-import { memoryGetCache, memorySetCache, memoryDelCache, memoryDelCachePattern } from "../adapters/memoryAuth";
-export function getCacheModel() {
-    if (appConnection.models["CacheEntry"])
-        return appConnection.models["CacheEntry"];
-    const { Schema } = mongoose;
-    const cacheSchema = new Schema({
-        key: { type: String, required: true, unique: true },
-        value: { type: String, required: true },
-        expiresAt: { type: Date, index: { expireAfterSeconds: 0 } },
-    }, { collection: "cache_entries" });
-    return appConnection.model("CacheEntry", cacheSchema);
-}
-function isMongoReady() {
-    return appConnection.readyState === 1;
-}
-function isRedisReady() {
-    try {
-        getRedis();
-        return true;
-    }
-    catch {
-        return false;
-    }
-}
-let _defaultCacheStore = "redis";
-export const setCacheStore = (store) => { _defaultCacheStore = store; };
-async function storeGet(store, cacheKey) {
-    if (store === "memory")
-        return memoryGetCache(cacheKey);
-    if (store === "sqlite") {
-        if (!isSqliteReady())
-            throw new Error(`cacheResponse: store is "sqlite" but SQLite is not initialized. Call setSqliteDb(path) or pass sqliteDb to createServer.`);
-        return sqliteGetCache(cacheKey);
-    }
-    if (store === "mongo") {
-        if (!isMongoReady())
-            throw new Error(`cacheResponse: store is "mongo" but appConnection is not connected. Ensure connectMongo() or connectAppMongo() is called before handling requests.`);
-        const doc = await getCacheModel().findOne({ key: cacheKey }, "value").lean();
-        return doc ? doc.value : null;
-    }
-    return getRedis().get(cacheKey);
-}
-async function storeSet(store, cacheKey, value, ttl) {
-    if (store === "memory") {
-        memorySetCache(cacheKey, value, ttl);
-        return;
-    }
-    if (store === "sqlite") {
-        if (!isSqliteReady())
-            throw new Error(`cacheResponse: store is "sqlite" but SQLite is not initialized. Call setSqliteDb(path) or pass sqliteDb to createServer.`);
-        sqliteSetCache(cacheKey, value, ttl);
-        return;
-    }
-    if (store === "mongo") {
-        if (!isMongoReady())
-            throw new Error(`cacheResponse: store is "mongo" but appConnection is not connected. Ensure connectMongo() or connectAppMongo() is called before handling requests.`);
-        const expiresAt = ttl ? new Date(Date.now() + ttl * 1000) : undefined;
-        await getCacheModel().updateOne({ key: cacheKey }, { $set: { value, ...(expiresAt ? { expiresAt } : {}) } }, { upsert: true });
-        return;
-    }
-    if (ttl) {
-        await getRedis().setex(cacheKey, ttl, value);
-    }
-    else {
-        await getRedis().set(cacheKey, value);
-    }
-}
-async function storeDel(store, cacheKey) {
-    if (store === "memory") {
-        memoryDelCache(cacheKey);
-        return;
-    }
-    if (store === "sqlite") {
-        if (!isSqliteReady())
-            return;
-        sqliteDelCache(cacheKey);
-        return;
-    }
-    if (store === "mongo") {
-        if (!isMongoReady())
-            return;
-        await getCacheModel().deleteOne({ key: cacheKey });
-        return;
-    }
-    if (!isRedisReady())
-        return;
-    await getRedis().del(cacheKey);
-}
-async function storeDelPattern(store, fullPattern) {
-    if (store === "memory") {
-        memoryDelCachePattern(fullPattern);
-        return;
-    }
-    if (store === "sqlite") {
-        if (!isSqliteReady())
-            return;
-        sqliteDelCachePattern(fullPattern);
-        return;
-    }
-    if (store === "mongo") {
-        if (!isMongoReady())
-            return;
-        // Escape all regex metacharacters in the full pattern (including the cache:{appName}: prefix,
-        // which may itself contain dots or other metacharacters). Then restore * as a glob wildcard.
-        // Order matters: escape first, then replace the now-escaped \* with .* for glob semantics.
-        const escaped = fullPattern.replace(/[.+?^${}()|[\]\\]/g, "\\$&");
-        const regex = new RegExp("^" + escaped.replace(/\*/g, ".*") + "$");
-        await getCacheModel().deleteMany({ key: regex });
-        return;
-    }
-    if (!isRedisReady())
-        return;
-    const redis = getRedis();
-    let cursor = "0";
-    do {
-        const [next, keys] = await redis.scan(cursor, "MATCH", fullPattern, "COUNT", 100);
-        cursor = next;
-        if (keys.length > 0)
-            await redis.del(...keys);
-    } while (cursor !== "0");
-}
-// ---------------------------------------------------------------------------
-// Public API
-// ---------------------------------------------------------------------------
-export const bustCache = async (key) => {
-    const cacheKey = `cache:${getAppName()}:${key}`;
-    await Promise.all([storeDel("redis", cacheKey), storeDel("mongo", cacheKey), storeDel("sqlite", cacheKey), storeDel("memory", cacheKey)]);
-};
-export const bustCachePattern = async (pattern) => {
-    const fullPattern = `cache:${getAppName()}:${pattern}`;
-    await Promise.all([storeDelPattern("redis", fullPattern), storeDelPattern("mongo", fullPattern), storeDelPattern("sqlite", fullPattern), storeDelPattern("memory", fullPattern)]);
-};
-/** Headers that must never be cached — storing these can cause session fixation or auth bypass. */
-const UNCACHEABLE_HEADERS = new Set([
-    "set-cookie",
-    "www-authenticate",
-    "authorization",
-    "x-csrf-token",
-    "proxy-authenticate",
-]);
-export const cacheResponse = ({ ttl, key, store = _defaultCacheStore }) => {
-    return async (c, next) => {
-        const appName = getAppName();
-        const rawKey = typeof key === "function" ? key(c) : key;
-        // Per-tenant namespacing: prevents two tenants caching the same key from colliding
-        const tenantId = c.get("tenantId");
-        const tenantSegment = tenantId ? `${tenantId}:` : "";
-        const cacheKey = `cache:${appName}:${tenantSegment}${rawKey}`;
-        const cached = await storeGet(store, cacheKey);
-        if (cached) {
-            const { status, headers, body } = JSON.parse(cached);
-            return new Response(body, {
-                status,
-                headers: { ...headers, "x-cache": "HIT" },
-            });
-        }
-        await next();
-        const res = c.res;
-        if (res.status >= 200 && res.status < 300) {
-            const body = await res.text();
-            const headers = {};
-            res.headers.forEach((value, name) => {
-                if (!UNCACHEABLE_HEADERS.has(name.toLowerCase())) {
-                    headers[name] = value;
-                }
-            });
-            await storeSet(store, cacheKey, JSON.stringify({ status: res.status, headers, body }), ttl);
-            c.res = new Response(body, {
-                status: res.status,
-                headers: { ...headers, "x-cache": "MISS" },
-            });
-        }
-    };
-};

package/dist/middleware/captcha.js DELETED Viewed

@@ -1,36 +0,0 @@
-import { verifyCaptcha } from "../lib/captcha";
-import { HttpError } from "../lib/HttpError";
-import { getClientIp } from "../lib/clientIp";
-/**
- * Middleware factory that verifies a CAPTCHA token from the request body.
- *
- * @example
- * router.post("/contact", requireCaptcha({ provider: "turnstile", secretKey: "..." }), handler);
- */
-export const requireCaptcha = (config) => async (c, next) => {
-    // Get effective config: param takes precedence, then global config
-    const { getCaptchaConfig } = await import("../lib/appConfig");
-    const effectiveConfig = config ?? getCaptchaConfig();
-    if (!effectiveConfig) {
-        await next();
-        return;
-    }
-    const tokenField = effectiveConfig.tokenField ?? "captcha-token";
-    let body;
-    try {
-        body = await c.req.json();
-    }
-    catch {
-        body = {};
-    }
-    const token = body[tokenField];
-    if (!token) {
-        throw new HttpError(400, "CAPTCHA token is required", "CAPTCHA_MISSING");
-    }
-    const ip = getClientIp(c) ?? undefined;
-    const result = await verifyCaptcha(token, effectiveConfig, ip);
-    if (!result.success) {
-        throw new HttpError(400, "CAPTCHA verification failed", "CAPTCHA_FAILED");
-    }
-    await next();
-};

package/dist/middleware/csrf.js DELETED Viewed

@@ -1,129 +0,0 @@
-import { getCookie, setCookie, deleteCookie } from "hono/cookie";
-import { timingSafeEqual } from "../lib/crypto";
-import { COOKIE_TOKEN, COOKIE_CSRF_TOKEN, HEADER_CSRF_TOKEN } from "../lib/constants";
-import { createHmac, randomBytes } from "crypto";
-const isProd = process.env.NODE_ENV === "production";
-const STATE_CHANGING_METHODS = new Set(["POST", "PUT", "PATCH", "DELETE"]);
-let _csrfSecret = null;
-function getCsrfSecret() {
-    if (_csrfSecret)
-        return _csrfSecret;
-    const secret = isProd ? process.env.JWT_SECRET_PROD : process.env.JWT_SECRET_DEV;
-    if (!secret)
-        throw new Error("CSRF middleware requires JWT_SECRET_DEV/JWT_SECRET_PROD to be set");
-    _csrfSecret = secret;
-    return _csrfSecret;
-}
-function generateCsrfToken(secret) {
-    const token = randomBytes(32).toString("hex");
-    const sig = createHmac("sha256", secret).update(token).digest("hex");
-    return `${token}.${sig}`;
-}
-function verifyCsrfSignature(cookieValue, secret) {
-    const dotIdx = cookieValue.indexOf(".");
-    if (dotIdx === -1)
-        return false;
-    const token = cookieValue.substring(0, dotIdx);
-    const sig = cookieValue.substring(dotIdx + 1);
-    const expected = createHmac("sha256", secret).update(token).digest("hex");
-    return timingSafeEqual(sig, expected);
-}
-const csrfCookieOptions = {
-    httpOnly: false,
-    secure: isProd,
-    sameSite: "Lax",
-    path: "/",
-    maxAge: 60 * 60 * 24 * 365, // 1 year — tied to browser, not session
-};
-/**
- * Refreshes the CSRF token cookie — call on login/register to prevent
- * session fixation-adjacent attacks.
- */
-export function refreshCsrfToken(c) {
-    const secret = getCsrfSecret();
-    const token = generateCsrfToken(secret);
-    setCookie(c, COOKIE_CSRF_TOKEN, token, csrfCookieOptions);
-}
-/**
- * Clears the CSRF token cookie — call on logout.
- */
-export function clearCsrfToken(c) {
-    deleteCookie(c, COOKIE_CSRF_TOKEN, { path: "/" });
-}
-export const csrfProtection = (options = {}) => {
-    const { exemptPaths = [], checkOrigin = true, allowedOrigins } = options;
-    // Normalize allowed origins for origin validation
-    const originSet = new Set();
-    if (allowedOrigins) {
-        const origins = Array.isArray(allowedOrigins) ? allowedOrigins : [allowedOrigins];
-        for (const o of origins) {
-            // "*" is intentionally excluded: validating against a wildcard would accept any origin,
-            // defeating the check. When CORS is open, origin validation is meaningless.
-            if (o !== "*")
-                originSet.add(o.replace(/\/$/, ""));
-        }
-    }
-    if (checkOrigin && originSet.size === 0) {
-        // Warn in all environments — this is a one-time startup message, not per-request noise,
-        // and a misconfigured production deployment should surface it.
-        console.warn("[bunshot] csrfProtection: checkOrigin is enabled but no specific allowed origins are " +
-            "configured (CORS is \"*\" or allowedOrigins is unset). Origin validation is disabled — " +
-            "only the HMAC double-submit cookie check is active. Set security.cors to specific " +
-            "origins to enable origin validation.");
-    }
-    return async (c, next) => {
-        const secret = getCsrfSecret();
-        // Set CSRF cookie on every response if not already present
-        const existingCsrf = getCookie(c, COOKIE_CSRF_TOKEN);
-        if (!existingCsrf) {
-            const token = generateCsrfToken(secret);
-            setCookie(c, COOKIE_CSRF_TOKEN, token, csrfCookieOptions);
-        }
-        // Only validate state-changing methods
-        if (!STATE_CHANGING_METHODS.has(c.req.method)) {
-            return next();
-        }
-        // Skip if no auth cookie present — not vulnerable to CSRF
-        const authCookie = getCookie(c, COOKIE_TOKEN);
-        if (!authCookie) {
-            return next();
-        }
-        // Skip exempt paths
-        const path = c.req.path;
-        for (const exempt of exemptPaths) {
-            if (exempt.endsWith("*")) {
-                if (path.startsWith(exempt.slice(0, -1)))
-                    return next();
-            }
-            else {
-                if (path === exempt)
-                    return next();
-            }
-        }
-        // Origin validation (secondary layer)
-        if (checkOrigin && originSet.size > 0) {
-            const origin = c.req.header("origin");
-            if (origin) {
-                const normalized = origin.replace(/\/$/, "");
-                if (!originSet.has(normalized)) {
-                    return c.json({ error: "CSRF origin mismatch" }, 403);
-                }
-            }
-        }
-        // Double submit cookie validation
-        const csrfCookie = getCookie(c, COOKIE_CSRF_TOKEN);
-        const csrfHeader = c.req.header(HEADER_CSRF_TOKEN);
-        if (!csrfCookie || !csrfHeader) {
-            return c.json({ error: "CSRF token missing" }, 403);
-        }
-        // Verify the cookie's HMAC signature (prevents cookie injection)
-        if (!verifyCsrfSignature(csrfCookie, secret)) {
-            return c.json({ error: "CSRF token invalid" }, 403);
-        }
-        // Compare header value to cookie value
-        if (!timingSafeEqual(csrfHeader, csrfCookie)) {
-            return c.json({ error: "CSRF token mismatch" }, 403);
-        }
-        return next();
-    };
-};

package/dist/middleware/identify.d.ts DELETED Viewed

@@ -1,3 +0,0 @@
-import type { MiddlewareHandler } from "hono";
-import type { AppEnv } from "../lib/context";
-export declare const identify: MiddlewareHandler<AppEnv>;

package/dist/middleware/identify.js DELETED Viewed

@@ -1,122 +0,0 @@
-import { getCookie } from "hono/cookie";
-import { verifyToken } from "../lib/jwt";
-import { getSession, updateSessionLastActive, getSessionFingerprint, setSessionFingerprint } from "../lib/session";
-import { COOKIE_TOKEN, HEADER_USER_TOKEN } from "../lib/constants";
-import { log, authTrace } from "../lib/logger";
-import { getTrackLastActive, getSigningConfig, getCheckSuspensionOnIdentify } from "../lib/appConfig";
-import { getSuspended } from "../lib/suspension";
-import { getClientIp } from "../lib/clientIp";
-import { sha256, timingSafeEqual } from "../lib/crypto";
-import { HttpError } from "../lib/HttpError";
-function computeFingerprint(c, fields) {
-    const parts = fields.map((f) => {
-        if (f === "ip")
-            return getClientIp(c) ?? "";
-        if (f === "ua")
-            return c.req.header("user-agent") ?? "";
-        return c.req.header("accept-language") ?? "";
-    });
-    return sha256(parts.join(":"));
-}
-export const identify = async (c, next) => {
-    c.set("authUserId", null);
-    c.set("roles", null);
-    c.set("sessionId", null);
-    c.set("authClientId", null);
-    c.set("tokenPayload", null);
-    // cookie for browsers, x-user-token header for non-browser clients
-    const token = getCookie(c, COOKIE_TOKEN) ?? c.req.header(HEADER_USER_TOKEN) ?? null;
-    log(`[identify] token=${token ? "present" : "absent"}`);
-    if (token) {
-        try {
-            const payload = await verifyToken(token);
-            c.set("tokenPayload", payload);
-            const sessionId = payload.sid;
-            if (!sessionId) {
-                // Check for M2M token (scope present, no sid)
-                if (payload.scope && payload.sub) {
-                    c.set("authClientId", payload.sub);
-                    log(`[identify] M2M token for clientId=${payload.sub}`);
-                }
-                else {
-                    log("[identify] token missing sid claim — unauthenticated");
-                }
-            }
-            else {
-                const stored = await getSession(sessionId);
-                log("[identify] token verified, checking session...");
-                authTrace(`[identify] authUserId=${payload.sub}`);
-                if (timingSafeEqual(stored ?? "", token)) {
-                    const signingCfg = getSigningConfig();
-                    const bindingCfg = signingCfg?.sessionBinding;
-                    if (bindingCfg) {
-                        const bindingOpts = typeof bindingCfg === "object" ? bindingCfg : {};
-                        const fields = bindingOpts.fields ?? ["ip", "ua"];
-                        const onMismatch = bindingOpts.onMismatch ?? "unauthenticate";
-                        const current = computeFingerprint(c, fields);
-                        const storedFp = await getSessionFingerprint(sessionId);
-                        if (storedFp === null) {
-                            // First authenticated request — store the fingerprint
-                            setSessionFingerprint(sessionId, current).catch(() => {
-                                log("[identify] failed to store session fingerprint");
-                            });
-                            c.set("authUserId", payload.sub);
-                            c.set("sessionId", sessionId);
-                        }
-                        else if (timingSafeEqual(storedFp, current)) {
-                            c.set("authUserId", payload.sub);
-                            c.set("sessionId", sessionId);
-                        }
-                        else {
-                            log(`[identify] fingerprint mismatch, onMismatch=${onMismatch}`);
-                            authTrace(`[identify] sessionId=${sessionId}`);
-                            if (onMismatch === "reject") {
-                                throw new HttpError(401, "Unauthorized", "FINGERPRINT_MISMATCH");
-                            }
-                            else if (onMismatch === "log-only") {
-                                c.set("authUserId", payload.sub);
-                                c.set("sessionId", sessionId);
-                            }
-                            // onMismatch === "unauthenticate" — leave authUserId null (already null)
-                        }
-                    }
-                    else {
-                        c.set("authUserId", payload.sub);
-                        c.set("sessionId", sessionId);
-                    }
-                    if (c.get("authUserId")) {
-                        if (getCheckSuspensionOnIdentify()) {
-                            const suspensionStatus = await getSuspended(payload.sub).catch(() => ({ suspended: false }));
-                            if (suspensionStatus.suspended) {
-                                c.set("authUserId", null);
-                                c.set("sessionId", null);
-                                c.set("roles", null);
-                                log(`[identify] userId=${payload.sub} is suspended — unauthenticated`);
-                            }
-                        }
-                    }
-                    if (c.get("authUserId")) {
-                        authTrace(`[identify] authUserId=${payload.sub} sessionId=${sessionId}`);
-                        if (getTrackLastActive()) {
-                            updateSessionLastActive(sessionId).catch(() => {
-                                log("[identify] failed to update session lastActiveAt");
-                            });
-                        }
-                    }
-                }
-                else {
-                    log("[identify] token/session mismatch — unauthenticated");
-                }
-            }
-        }
-        catch (err) {
-            if (err instanceof HttpError)
-                throw err;
-            log("[identify] invalid token — unauthenticated");
-        }
-    }
-    else {
-        log("[identify] no token — unauthenticated");
-    }
-    await next();
-};

package/dist/middleware/index.js DELETED Viewed

	@@ -1 +0,0 @@
1	- export const applyMiddleware = (handler, ...middleware) => middleware.reduceRight((next, mw) => (req) => mw(req, next), handler);

package/dist/middleware/metrics.d.ts DELETED Viewed

@@ -1,9 +0,0 @@
-import type { MiddlewareHandler } from "hono";
-import type { AppEnv } from "../lib/context";
-export interface MetricsMiddlewareOptions {
-    /** Paths to exclude from metrics collection. Strings use prefix matching. */
-    excludePaths?: (string | RegExp)[];
-    /** Custom path normalizer to prevent cardinality explosion. */
-    normalizePath?: (path: string) => string;
-}
-export declare const metricsCollector: (options?: MetricsMiddlewareOptions) => MiddlewareHandler<AppEnv>;

package/dist/middleware/metrics.js DELETED Viewed

@@ -1,26 +0,0 @@
-import { incrementCounter, observeHistogram, defaultNormalizePath } from "../lib/metrics";
-const DEFAULT_EXCLUDE = ["/metrics", "/health", "/docs", "/openapi.json"];
-export const metricsCollector = (options = {}) => {
-    const { excludePaths = DEFAULT_EXCLUDE, normalizePath = defaultNormalizePath, } = options;
-    return async (c, next) => {
-        const rawPath = c.req.path;
-        const excluded = excludePaths.some(p => typeof p === "string" ? rawPath.startsWith(p) : p.test(rawPath));
-        if (excluded)
-            return next();
-        const start = performance.now();
-        await next();
-        const duration = (performance.now() - start) / 1000; // seconds
-        const method = c.req.method;
-        const path = normalizePath(rawPath);
-        const status = String(c.res.status);
-        const tenantId = c.get("tenantId") ?? undefined;
-        const labels = { method, path, status };
-        const durationLabels = { method, path };
-        if (tenantId) {
-            labels.tenant = tenantId;
-            durationLabels.tenant = tenantId;
-        }
-        incrementCounter("http_requests_total", labels);
-        observeHistogram("http_request_duration_seconds", durationLabels, duration);
-    };
-};

package/dist/middleware/rateLimit.js DELETED Viewed

@@ -1,22 +0,0 @@
-import { trackAttempt } from "../lib/authRateLimit";
-import { buildFingerprint } from "../lib/fingerprint";
-import { getClientIp } from "../lib/clientIp";
-export const rateLimit = ({ windowMs, max, fingerprintLimit = false, }) => {
-    const opts = { windowMs, max };
-    return async (c, next) => {
-        const ip = getClientIp(c);
-        // Per-tenant namespacing: each tenant gets independent rate limit buckets
-        const tenantId = c.get("tenantId");
-        const prefix = tenantId ? `t:${tenantId}:` : "";
-        if (await trackAttempt(`${prefix}ip:${ip}`, opts)) {
-            return c.json({ error: "Too Many Requests" }, 429);
-        }
-        if (fingerprintLimit) {
-            const fp = await buildFingerprint(c.req.raw);
-            if (await trackAttempt(`${prefix}fp:${fp}`, opts)) {
-                return c.json({ error: "Too Many Requests" }, 429);
-            }
-        }
-        await next();
-    };
-};

package/dist/middleware/requestId.d.ts DELETED Viewed

@@ -1,3 +0,0 @@
-import type { MiddlewareHandler } from "hono";
-import type { AppEnv } from "../lib/context";
-export declare const requestId: MiddlewareHandler<AppEnv>;

package/dist/middleware/scimAuth.d.ts DELETED Viewed

@@ -1,8 +0,0 @@
-import type { MiddlewareHandler } from "hono";
-import type { AppEnv } from "../lib/context";
-export declare function setScimTokens(tokens: string | string[]): void;
-/**
- * Middleware that validates SCIM bearer tokens.
- * Tokens are checked with timingSafeEqual to prevent timing attacks.
- */
-export declare const scimAuth: MiddlewareHandler<AppEnv>;

package/dist/middleware/scimAuth.js DELETED Viewed

@@ -1,29 +0,0 @@
-import { timingSafeEqual } from "../lib/crypto";
-import { HttpError } from "../lib/HttpError";
-let _scimTokens = [];
-export function setScimTokens(tokens) {
-    _scimTokens = Array.isArray(tokens) ? tokens : [tokens];
-}
-/**
- * Middleware that validates SCIM bearer tokens.
- * Tokens are checked with timingSafeEqual to prevent timing attacks.
- */
-export const scimAuth = async (c, next) => {
-    const authHeader = c.req.header("authorization") ?? "";
-    if (!authHeader.startsWith("Bearer ")) {
-        throw new HttpError(401, "SCIM bearer token required");
-    }
-    const provided = authHeader.slice(7);
-    const valid = _scimTokens.some((token) => {
-        try {
-            return timingSafeEqual(provided, token);
-        }
-        catch {
-            return false;
-        }
-    });
-    if (!valid) {
-        throw new HttpError(401, "Invalid SCIM token");
-    }
-    await next();
-};

package/dist/middleware/tenant.d.ts DELETED Viewed

@@ -1,5 +0,0 @@
-import type { MiddlewareHandler } from "hono";
-import type { AppEnv } from "../lib/context";
-import type { TenancyConfig } from "../app";
-export declare const invalidateTenantCache: (tenantId: string) => void;
-export declare const createTenantMiddleware: (config: TenancyConfig) => MiddlewareHandler<AppEnv>;

package/dist/middleware/upload.d.ts DELETED Viewed

@@ -1,5 +0,0 @@
-import type { MiddlewareHandler } from "hono";
-import type { AppEnv } from "../lib/context";
-import type { UploadOpts } from "../lib/upload";
-export type UploadMiddlewareOptions = UploadOpts;
-export declare const handleUpload: (opts?: UploadMiddlewareOptions) => MiddlewareHandler<AppEnv>;

package/dist/middleware/userAuth.d.ts DELETED Viewed

@@ -1,3 +0,0 @@
-import type { MiddlewareHandler } from "hono";
-import type { AppEnv } from "../lib/context";
-export declare const userAuth: MiddlewareHandler<AppEnv>;

package/dist/middleware/userAuth.js DELETED Viewed

@@ -1,6 +0,0 @@
-export const userAuth = async (c, next) => {
-    if (!c.get("authUserId")) {
-        return c.json({ error: "Unauthorized" }, 401);
-    }
-    await next();
-};

package/dist/models/AuditLog.d.ts DELETED Viewed

@@ -1,30 +0,0 @@
-import type { Document, Model } from "mongoose";
-interface IAuditLog {
-    /** UUID assigned by the caller — stable cross-store identifier. */
-    id: string;
-    userId: string | null;
-    sessionId: string | null;
-    tenantId: string | null;
-    method: string;
-    path: string;
-    status: number;
-    ip: string | null;
-    userAgent: string | null;
-    action?: string;
-    resource?: string;
-    resourceId?: string;
-    meta?: Record<string, unknown>;
-    createdAt: Date;
-    /**
-     * Optional TTL field. MongoDB will automatically delete the document
-     * once this date is in the past (via `expireAfterSeconds: 0` index).
-     */
-    expiresAt?: Date;
-}
-type AuditLogDocument = IAuditLog & Document;
-export declare const AuditLog: Model<AuditLogDocument, {}, {}, {}, Document<unknown, {}, AuditLogDocument, {}, import("mongoose").DefaultSchemaOptions> & IAuditLog & Document<import("mongoose").Types.ObjectId, any, any, Record<string, any>, {}> & Required<{
-    _id: import("mongoose").Types.ObjectId;
-}> & {
-    __v: number;
-}, any, AuditLogDocument>;
-export {};