@levrbet/shared 0.1.95 → 0.1.97

package/dist/server/middleware/multiAuth.examples.d.ts

@@ -0,0 +1,43 @@
+/**
+ * Multi-Auth Middleware Usage Examples
+ *
+ * This file demonstrates how to use the new multiAuth middleware
+ * to support multiple authentication methods in your routes.
+ */
+declare const router: import("express-serve-static-core").Router;
+/**
+ * Client-side usage:
+ *
+ * Clients MUST include the x-levr-auth-type header to indicate which auth method they're using:
+ *
+ * For Privy User:
+ * ```
+ * headers: {
+ *   'x-levr-auth-type': 'privyUser',
+ *   'privy-access-token': 'token...',
+ *   'privy-id-token': 'token...',
+ *   'eth-address': '0x...' // optional
+ * }
+ * ```
+ *
+ * For HMAC API Key:
+ * ```
+ * headers: {
+ *   'x-levr-auth-type': 'hmac',
+ *   'Authorization': 'HMAC <api-key-id>:<signature>',
+ *   'x-request-timestamp': '1234567890',
+ *   'x-request-nonce': 'random-string' // optional
+ * }
+ * ```
+ *
+ * For Service HMAC:
+ * ```
+ * headers: {
+ *   'x-levr-auth-type': 'serviceHmac',
+ *   'Authorization': 'HMAC <api-key-id>:<signature>',
+ *   'x-request-timestamp': '1234567890',
+ *   'x-request-nonce': 'random-string' // optional
+ * }
+ * ```
+ */
+export default router;

package/dist/server/middleware/multiAuth.examples.js

@@ -0,0 +1,114 @@
+/**
+ * Multi-Auth Middleware Usage Examples
+ *
+ * This file demonstrates how to use the new multiAuth middleware
+ * to support multiple authentication methods in your routes.
+ */
+import { Router } from "express";
+import { ApiKeyScope, LevrAuth, LevrService } from "../../core";
+import { multiAuth } from "./multiAuth.middleware";
+const router = Router();
+// Example 1: Simple route supporting both Privy user auth and HMAC API keys
+// Auto-enforces Write scope for POST requests
+router.post("/orders", multiAuth({
+    methods: [LevrAuth.PRIVY_USER, LevrAuth.HMAC],
+}), (req, res) => {
+    // Access authenticated user data
+    if (req.privyUser) {
+        console.log("Authenticated via Privy:", req.privyUser.id);
+    }
+    else if (req.apiUser) {
+        console.log("Authenticated via API key:", req.apiUser.id);
+    }
+    console.log("Auth method used:", req.authMethod);
+    console.log("ETH address:", req.ethAddress);
+    res.json({ success: true });
+});
+// Example 2: Admin-only route
+router.delete("/admin/users/:id", multiAuth({
+    methods: [LevrAuth.PRIVY_ADMIN],
+}), (req, res) => {
+    // Only Privy admins can access this
+    console.log("Admin user:", req.privyUser?.id);
+    res.json({ success: true });
+});
+// Example 3: Read-only route supporting multiple auth methods
+// Disable auto-enforcement of Write scope for POST
+router.post("/search", multiAuth({
+    methods: [LevrAuth.PRIVY_USER, LevrAuth.HMAC],
+    requiredScopes: [ApiKeyScope.Read],
+    autoEnforceWriteScope: false, // POST doesn't require Write scope
+}), (req, res) => {
+    // This POST route only needs Read scope
+    res.json({ results: [] });
+});
+// Example 4: Service-to-service authentication
+// Only Orderbook and OracleCore services can access
+router.post("/internal/sync-markets", multiAuth({
+    methods: [LevrAuth.SERVICE_HMAC],
+    allowedServices: [LevrService.Orderbook, LevrService.OracleCore],
+}), (req, res) => {
+    // Only specific services can access
+    console.log("Service:", req.apiUser?.service);
+    res.json({ synced: true });
+});
+// Example 5: Mixed service and user auth with explicit scopes
+router.put("/markets/:id", multiAuth({
+    methods: [LevrAuth.PRIVY_ADMIN, LevrAuth.SERVICE_HMAC],
+    requiredScopes: [ApiKeyScope.Write], // Explicitly require Write
+    allowedServices: [LevrService.Orderbook, LevrService.Lab],
+}), (req, res) => {
+    // Either admin users or specific services can update
+    if (req.privyUser) {
+        console.log("Admin updating market:", req.privyUser.id);
+    }
+    else {
+        console.log("Service updating market:", req.apiUser?.service);
+    }
+    res.json({ updated: true });
+});
+// Example 6: GET route with optional auth
+// Even GET requests can require specific scopes if needed
+router.get("/private-data", multiAuth({
+    methods: [LevrAuth.PRIVY_USER, LevrAuth.HMAC],
+    requiredScopes: [ApiKeyScope.Read],
+}), (req, res) => {
+    res.json({ data: "sensitive information" });
+});
+/**
+ * Client-side usage:
+ *
+ * Clients MUST include the x-levr-auth-type header to indicate which auth method they're using:
+ *
+ * For Privy User:
+ * ```
+ * headers: {
+ *   'x-levr-auth-type': 'privyUser',
+ *   'privy-access-token': 'token...',
+ *   'privy-id-token': 'token...',
+ *   'eth-address': '0x...' // optional
+ * }
+ * ```
+ *
+ * For HMAC API Key:
+ * ```
+ * headers: {
+ *   'x-levr-auth-type': 'hmac',
+ *   'Authorization': 'HMAC <api-key-id>:<signature>',
+ *   'x-request-timestamp': '1234567890',
+ *   'x-request-nonce': 'random-string' // optional
+ * }
+ * ```
+ *
+ * For Service HMAC:
+ * ```
+ * headers: {
+ *   'x-levr-auth-type': 'serviceHmac',
+ *   'Authorization': 'HMAC <api-key-id>:<signature>',
+ *   'x-request-timestamp': '1234567890',
+ *   'x-request-nonce': 'random-string' // optional
+ * }
+ * ```
+ */
+export default router;
+//# sourceMappingURL=multiAuth.examples.js.map

package/dist/server/middleware/multiAuth.examples.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"multiAuth.examples.js","sourceRoot":"","sources":["../../../src/server/middleware/multiAuth.examples.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAA;AAChC,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,YAAY,CAAA;AAC/D,OAAO,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAA;AAElD,MAAM,MAAM,GAAG,MAAM,EAAE,CAAA;AAEvB,4EAA4E;AAC5E,8CAA8C;AAC9C,MAAM,CAAC,IAAI,CACP,SAAS,EACT,SAAS,CAAC;IACN,OAAO,EAAE,CAAC,QAAQ,CAAC,UAAU,EAAE,QAAQ,CAAC,IAAI,CAAC;CAChD,CAAC,EACF,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IACT,iCAAiC;IACjC,IAAI,GAAG,CAAC,SAAS,EAAE,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,0BAA0B,EAAE,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC,CAAA;IAC7D,CAAC;SAAM,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC;QACrB,OAAO,CAAC,GAAG,CAAC,4BAA4B,EAAE,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;IAC7D,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,mBAAmB,EAAE,GAAG,CAAC,UAAU,CAAC,CAAA;IAChD,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,GAAG,CAAC,UAAU,CAAC,CAAA;IAE3C,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAA;AAC/B,CAAC,CACJ,CAAA;AAED,8BAA8B;AAC9B,MAAM,CAAC,MAAM,CACT,kBAAkB,EAClB,SAAS,CAAC;IACN,OAAO,EAAE,CAAC,QAAQ,CAAC,WAAW,CAAC;CAClC,CAAC,EACF,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IACT,oCAAoC;IACpC,OAAO,CAAC,GAAG,CAAC,aAAa,EAAE,GAAG,CAAC,SAAS,EAAE,EAAE,CAAC,CAAA;IAC7C,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAA;AAC/B,CAAC,CACJ,CAAA;AAED,8DAA8D;AAC9D,mDAAmD;AACnD,MAAM,CAAC,IAAI,CACP,SAAS,EACT,SAAS,CAAC;IACN,OAAO,EAAE,CAAC,QAAQ,CAAC,UAAU,EAAE,QAAQ,CAAC,IAAI,CAAC;IAC7C,cAAc,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC;IAClC,qBAAqB,EAAE,KAAK,EAAE,mCAAmC;CACpE,CAAC,EACF,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IACT,wCAAwC;IACxC,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC,CAAA;AAC7B,CAAC,CACJ,CAAA;AAED,+CAA+C;AAC/C,oDAAoD;AACpD,MAAM,CAAC,IAAI,CACP,wBAAwB,EACxB,SAAS,CAAC;IACN,OAAO,EAAE,CAAC,QAAQ,CAAC,YAAY,CAAC;IAChC,eAAe,EAAE,CAAC,WAAW,CAAC,SAAS,EAAE,WAAW,CAAC,UAAU,CAAC;CACnE,CAAC,EACF,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IACT,oCAAoC;IACpC,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,OAAO,EAAE,OAAO,CAAC,CAAA;IAC7C,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAA;AAC9B,CAAC,CACJ,CAAA;AAED,8DAA8D;AAC9D,MAAM,CAAC,GAAG,CACN,cAAc,EACd,SAAS,CAAC;IACN,OAAO,EAAE,CAAC,QAAQ,CAAC,WAAW,EAAE,QAAQ,CAAC,YAAY,CAAC;IACtD,cAAc,EAAE,CAAC,WAAW,CAAC,KAAK,CAAC,EAAE,2BAA2B;IAChE,eAAe,EAAE,CAAC,WAAW,CAAC,SAAS,EAAE,WAAW,CAAC,GAAG,CAAC;CAC5D,CAAC,EACF,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IACT,qDAAqD;IACrD,IAAI,GAAG,CAAC,SAAS,EAAE,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,wBAAwB,EAAE,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC,CAAA;IAC3D,CAAC;SAAM,CAAC;QACJ,OAAO,CAAC,GAAG,CAAC,0BAA0B,EAAE,GAAG,CAAC,OAAO,EAAE,OAAO,CAAC,CAAA;IACjE,CAAC;IACD,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAA;AAC/B,CAAC,CACJ,CAAA;AAED,0CAA0C;AAC1C,0DAA0D;AAC1D,MAAM,CAAC,GAAG,CACN,eAAe,EACf,SAAS,CAAC;IACN,OAAO,EAAE,CAAC,QAAQ,CAAC,UAAU,EAAE,QAAQ,CAAC,IAAI,CAAC;IAC7C,cAAc,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC;CACrC,CAAC,EACF,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IACT,GAAG,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,uBAAuB,EAAE,CAAC,CAAA;AAC/C,CAAC,CACJ,CAAA;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAkCG;AAEH,eAAe,MAAM,CAAA"}

package/dist/server/middleware/multiAuth.middleware.d.ts

@@ -0,0 +1,31 @@
+import type { NextFunction, Request, Response } from "express";
+import { MultiAuthOptions } from "../../core";
+import "../types/express.types";
+/**
+ * Multi-auth middleware factory
+ *
+ * Creates Express middleware that supports multiple authentication methods.
+ * The client specifies which method to use via the x-levr-auth-type header.
+ *
+ * @example
+ * ```typescript
+ * // Support both user and API key auth, require Write scope
+ * app.post('/orders',
+ *   multiAuth({
+ *     methods: [LevrAuth.PRIVY_USER, LevrAuth.HMAC],
+ *     requiredScopes: [ApiKeyScope.Write]
+ *   }),
+ *   orderController.create
+ * )
+ *
+ * // Service-to-service only, must be from Orderbook or OracleCore service
+ * app.post('/internal/sync',
+ *   multiAuth({
+ *     methods: [LevrAuth.SERVICE_HMAC],
+ *     requiredServices: [LevrService.Orderbook, LevrService.OracleCore]
+ *   }),
+ *   internalController.sync
+ * )
+ * ```
+ */
+export declare function multiAuth(options: MultiAuthOptions): (req: Request, res: Response, next: NextFunction) => Promise<void>;

package/dist/server/middleware/multiAuth.middleware.js

@@ -0,0 +1,82 @@
+import { LEVR_AUTH_HEADER, LevrAuth, PrivyRole } from "../../core";
+import "../types/express.types";
+import { handleCloudflareAuth, handleHmacAuth, handlePrivyAuth, handleServiceHmacAuth } from "./auth";
+/**
+ * Multi-auth middleware factory
+ *
+ * Creates Express middleware that supports multiple authentication methods.
+ * The client specifies which method to use via the x-levr-auth-type header.
+ *
+ * @example
+ * ```typescript
+ * // Support both user and API key auth, require Write scope
+ * app.post('/orders',
+ *   multiAuth({
+ *     methods: [LevrAuth.PRIVY_USER, LevrAuth.HMAC],
+ *     requiredScopes: [ApiKeyScope.Write]
+ *   }),
+ *   orderController.create
+ * )
+ *
+ * // Service-to-service only, must be from Orderbook or OracleCore service
+ * app.post('/internal/sync',
+ *   multiAuth({
+ *     methods: [LevrAuth.SERVICE_HMAC],
+ *     requiredServices: [LevrService.Orderbook, LevrService.OracleCore]
+ *   }),
+ *   internalController.sync
+ * )
+ * ```
+ */
+export function multiAuth(options) {
+    return async (req, res, next) => {
+        const requestedAuthType = req.header(LEVR_AUTH_HEADER);
+        // If no auth type specified, reject
+        if (!requestedAuthType) {
+            res.status(400).json({
+                error: `Missing ${LEVR_AUTH_HEADER} header`,
+                supportedMethods: options.methods,
+            });
+            return;
+        }
+        // Check if requested auth method is supported by this route
+        if (!options.methods.includes(requestedAuthType)) {
+            res.status(400).json({
+                error: `Unsupported auth method: ${requestedAuthType}`,
+                supportedMethods: options.methods,
+            });
+            return;
+        }
+        let result;
+        // Route to appropriate auth handler
+        switch (requestedAuthType) {
+            case LevrAuth.HMAC:
+                result = await handleHmacAuth(req, options);
+                break;
+            case LevrAuth.SERVICE_HMAC:
+                result = await handleServiceHmacAuth(req, options);
+                break;
+            case LevrAuth.PRIVY_USER:
+                result = await handlePrivyAuth(req, PrivyRole.User, LevrAuth.PRIVY_USER);
+                break;
+            case LevrAuth.PRIVY_ADMIN:
+                result = await handlePrivyAuth(req, PrivyRole.Admin, LevrAuth.PRIVY_ADMIN);
+                break;
+            case LevrAuth.CLOUDFLARE:
+                result = await handleCloudflareAuth(req);
+                break;
+            default:
+                result = {
+                    success: false,
+                    error: `Unknown auth method: ${requestedAuthType}`,
+                    statusCode: 400,
+                };
+        }
+        if (!result.success) {
+            res.status(result.statusCode || 401).json({ error: result.error });
+            return;
+        }
+        next();
+    };
+}
+//# sourceMappingURL=multiAuth.middleware.js.map

package/dist/server/middleware/multiAuth.middleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"multiAuth.middleware.js","sourceRoot":"","sources":["../../../src/server/middleware/multiAuth.middleware.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,gBAAgB,EAAE,QAAQ,EAAoB,SAAS,EAAE,MAAM,YAAY,CAAA;AACpF,OAAO,wBAAwB,CAAA;AAC/B,OAAO,EAAE,oBAAoB,EAAE,cAAc,EAAE,eAAe,EAAE,qBAAqB,EAAmB,MAAM,QAAQ,CAAA;AAEtH;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,MAAM,UAAU,SAAS,CAAC,OAAyB;IAC/C,OAAO,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAiB,EAAE;QAC5E,MAAM,iBAAiB,GAAG,GAAG,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAA;QAEtD,oCAAoC;QACpC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YACrB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACjB,KAAK,EAAE,WAAW,gBAAgB,SAAS;gBAC3C,gBAAgB,EAAE,OAAO,CAAC,OAAO;aACpC,CAAC,CAAA;YACF,OAAM;QACV,CAAC;QAED,4DAA4D;QAC5D,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,iBAA6B,CAAC,EAAE,CAAC;YAC3D,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACjB,KAAK,EAAE,4BAA4B,iBAAiB,EAAE;gBACtD,gBAAgB,EAAE,OAAO,CAAC,OAAO;aACpC,CAAC,CAAA;YACF,OAAM;QACV,CAAC;QAED,IAAI,MAAkB,CAAA;QAEtB,oCAAoC;QACpC,QAAQ,iBAAiB,EAAE,CAAC;YACxB,KAAK,QAAQ,CAAC,IAAI;gBACd,MAAM,GAAG,MAAM,cAAc,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;gBAC3C,MAAK;YAET,KAAK,QAAQ,CAAC,YAAY;gBACtB,MAAM,GAAG,MAAM,qBAAqB,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;gBAClD,MAAK;YAET,KAAK,QAAQ,CAAC,UAAU;gBACpB,MAAM,GAAG,MAAM,eAAe,CAAC,GAAG,EAAE,SAAS,CAAC,IAAI,EAAE,QAAQ,CAAC,UAAU,CAAC,CAAA;gBACxE,MAAK;YAET,KAAK,QAAQ,CAAC,WAAW;gBACrB,MAAM,GAAG,MAAM,eAAe,CAAC,GAAG,EAAE,SAAS,CAAC,KAAK,EAAE,QAAQ,CAAC,WAAW,CAAC,CAAA;gBAC1E,MAAK;YAET,KAAK,QAAQ,CAAC,UAAU;gBACpB,MAAM,GAAG,MAAM,oBAAoB,CAAC,GAAG,CAAC,CAAA;gBACxC,MAAK;YAET;gBACI,MAAM,GAAG;oBACL,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,wBAAwB,iBAAiB,EAAE;oBAClD,UAAU,EAAE,GAAG;iBAClB,CAAA;QACT,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YAClB,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,UAAU,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,CAAA;YAClE,OAAM;QACV,CAAC;QAED,IAAI,EAAE,CAAA;IACV,CAAC,CAAA;AACL,CAAC"}

package/dist/server/services/cloudflare.service.d.ts

@@ -0,0 +1,12 @@
+import { type JWTPayload, type JWTVerifyResult } from "jose";
+declare class CloudflareAuthService {
+    /**
+     * Verify a Cloudflare Access JWT token.
+     *
+     * @throws Error if CloudflareConfig has not been initialized
+     * @throws Error if JWT verification fails
+     */
+    verifyJwt(jwt: string): Promise<JWTVerifyResult<JWTPayload>>;
+}
+export declare const cloudflareAuthService: CloudflareAuthService;
+export {};

package/dist/server/services/cloudflare.service.js

@@ -0,0 +1,21 @@
+import { jwtVerify } from "jose";
+import { cloudflareConfig } from "../config/cloudflare";
+class CloudflareAuthService {
+    /**
+     * Verify a Cloudflare Access JWT token.
+     *
+     * @throws Error if CloudflareConfig has not been initialized
+     * @throws Error if JWT verification fails
+     */
+    async verifyJwt(jwt) {
+        const { jwks, issuer, audience } = cloudflareConfig.config;
+        return jwtVerify(jwt, jwks, {
+            issuer,
+            audience,
+            algorithms: ["RS256"],
+            typ: "JWT",
+        });
+    }
+}
+export const cloudflareAuthService = new CloudflareAuthService();
+//# sourceMappingURL=cloudflare.service.js.map

package/dist/server/services/cloudflare.service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cloudflare.service.js","sourceRoot":"","sources":["../../../src/server/services/cloudflare.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAyC,MAAM,MAAM,CAAA;AACvE,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AAEvD,MAAM,qBAAqB;IACvB;;;;;OAKG;IACH,KAAK,CAAC,SAAS,CAAC,GAAW;QACvB,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,gBAAgB,CAAC,MAAM,CAAA;QAE1D,OAAO,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE;YACxB,MAAM;YACN,QAAQ;YACR,UAAU,EAAE,CAAC,OAAO,CAAC;YACrB,GAAG,EAAE,KAAK;SACb,CAAC,CAAA;IACN,CAAC;CACJ;AAED,MAAM,CAAC,MAAM,qBAAqB,GAAG,IAAI,qBAAqB,EAAE,CAAA"}

package/dist/server/services/index.d.ts

@@ -1 +1,3 @@
+export * from "./cloudflare.service";
 export * from "./crypto.service";
+export * from "./privy.service";

package/dist/server/services/index.js

@@ -1,2 +1,4 @@
+export * from "./cloudflare.service";
 export * from "./crypto.service";
+export * from "./privy.service";
 //# sourceMappingURL=index.js.map

package/dist/server/services/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/server/services/index.ts"],"names":[],"mappings":"AAAA,cAAc,kBAAkB,CAAA"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/server/services/index.ts"],"names":[],"mappings":"AAAA,cAAc,sBAAsB,CAAA;AACpC,cAAc,kBAAkB,CAAA;AAChC,cAAc,iBAAiB,CAAA"}

package/dist/server/services/privy.service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"privy.service.js","sourceRoot":"","sources":["../../../src/server/services/privy.service.ts"],"names":[],"mappings":";;;;;;AAAA,OAAO,EAAE,WAAW,EAAqB,MAAM,gBAAgB,CAAA;AAC/D,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAA;AAC5C,OAAO,EAAW,UAAU,EAAE,MAAM,MAAM,CAAA;AAC1C,OAAO,CAAC,MAAM,KAAK,CAAA;AACnB,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,YAAY,CAAA;AAC9C,OAAO,EACH,kBAAkB,EAClB,4BAA4B,EAC5B,YAAY,EACZ,sBAAsB,GACzB,MAAM,4BAA4B,CAAA;AACnC,OAAO,EAAE,MAAM,EAAE,MAAM,WAAW,CAAA;AASlC,MAAM,YAAY;IAAlB;QAsBI;;;WAGG;QACH,sBAAiB,GAAG,CAAC,IAAe,EAAuB,EAAE;YACzD,IAAI,OAAO,GAAwB,SAAS,CAAA;YAE5C,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;gBACzC,IAAI,OAAO,CAAC,IAAI,KAAK,QAAQ,IAAI,OAAO,CAAC,UAAU,KAAK,UAAU;oBAAE,SAAQ;gBAC5E,OAAO,GAAG,OAAO,CAAC,OAAkB,CAAA;gBACpC,IAAI,OAAO,CAAC,kBAAkB,KAAK,OAAO;oBAAE,MAAK;YACrD,CAAC;YAED,OAAO,OAAO,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACpD,CAAC,CAAA;QAED;;WAEG;QACK,0BAAqB,GAAG,CAAC,IAAe,EAAE,eAAuB,EAAW,EAAE;YAClF,OAAO,IAAI,CAAC,eAAe,CAAC,IAAI,CAC5B,CAAC,OAAO,EAAE,EAAE,CACR,OAAO,CAAC,IAAI,KAAK,QAAQ;gBACzB,OAAO,CAAC,UAAU,KAAK,UAAU;gBACjC,OAAO,CAAC,OAAO,EAAE,WAAW,EAAE,KAAK,eAAe,CAAC,WAAW,EAAE,CACvE,CAAA;QACL,CAAC,CAAA;IA2BL,CAAC;IA1EG,KAAK,CAAC,YAAY,CAAC,EAAE,UAAU,EAAE,YAAY,EAAE,UAAU,EAAE,IAAI,EAAe;QAC1E,IAAI,CAAC,UAAU,IAAI,CAAC,YAAY;YAAE,OAAO,SAAS,CAAA;QAElD,MAAM,WAAW,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC,IAAI,CAAC,CAAA;QAEhD,IAAI,CAAC;YACD,MAAM,WAAW,CAAC,KAAK,EAAE,CAAC,IAAI,EAAE,CAAC,eAAe,CAAC,UAAU,CAAC,CAAA;YAC5D,MAAM,IAAI,GAAG,MAAM,WAAW,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC,CAAA;YAEtE,IAAI,UAAU,IAAI,CAAC,IAAI,CAAC,qBAAqB,CAAC,IAAI,EAAE,UAAU,CAAC,EAAE,CAAC;gBAC9D,MAAM,CAAC,IAAI,CAAC,QAAQ,IAAI,CAAC,EAAE,uDAAuD,UAAU,GAAG,CAAC,CAAA;gBAChG,OAAO,SAAS,CAAA;YACpB,CAAC;YAED,OAAO,IAAI,CAAA;QACf,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YAClB,MAAM,CAAC,IAAI,CAAC,0CAA0C,KAAK,CAAC,OAAO,GAAG,CAAC,CAAA;YACvE,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAA;QACvB,CAAC;IACL,CAAC;IA+BO,eAAe;QACnB,MAAM,MAAM,GAAG,CAAC,CAAC,MAAM,CAAC;YACpB,gBAAgB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;YACnC,sBAAsB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;SAC5C,CAAC,CAAA;QACF,MAAM,EAAE,gBAAgB,EAAE,sBAAsB,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;QAExE,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC;YAChC,KAAK,EAAE,YAAY;YACnB,SAAS,EAAE,gBAAgB;YAC3B,kBAAkB,EAAE,sBAAsB;SAC7C,CAAC,CAAA;QAEF,MAAM,gBAAgB,GAAG,IAAI,WAAW,CAAC;YACrC,KAAK,EAAE,kBAAkB;YACzB,SAAS,EAAE,sBAAsB;YACjC,kBAAkB,EAAE,4BAA4B;SACnD,CAAC,CAAA;QAEF,OAAO;YACH,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,WAAW;YAC7B,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE,gBAAgB;SACtC,CAAA;IACL,CAAC;CACJ;AAxBW;IADP,OAAO,EAAE;mDAwBT;AAGL,MAAM,CAAC,MAAM,YAAY,GAAG,IAAI,YAAY,EAAE,CAAA"}

package/dist/server/types/express.types.d.ts

@@ -0,0 +1,27 @@
+import type { User as PrivyUser } from "@privy-io/node";
+import type { Address } from "viem";
+import type { LevrService } from "../../core";
+declare module "express-serve-static-core" {
+    interface Request {
+        /**
+         * Authenticated Privy user (set by PRIVY_USER or PRIVY_ADMIN auth)
+         */
+        privyUser?: PrivyUser;
+        /**
+         * Authenticated API key user (set by HMAC or SERVICE_HMAC auth)
+         */
+        apiUser?: {
+            id: string;
+            isService: boolean;
+            service?: LevrService | null;
+        };
+        /**
+         * Ethereum address associated with the authenticated user
+         */
+        ethAddress?: Address | null;
+        /**
+         * The authentication method used for this request
+         */
+        authMethod?: string;
+    }
+}

package/dist/server/types/express.types.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=express.types.js.map

package/dist/server/types/express.types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"express.types.js","sourceRoot":"","sources":["../../../src/server/types/express.types.ts"],"names":[],"mappings":""}

package/dist/server/types/index.d.ts

@@ -0,0 +1 @@
+export * from "./express.types";

package/dist/server/types/index.js

@@ -0,0 +1,2 @@
+export * from "./express.types";
+//# sourceMappingURL=index.js.map

package/dist/server/types/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/server/types/index.ts"],"names":[],"mappings":"AAAA,cAAc,iBAAiB,CAAA"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@levrbet/shared",
-  "version": "0.1.95",
+  "version": "0.1.97",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "exports": {

package/dist/server/auth/index.d.ts

@@ -1,2 +0,0 @@
-export * from "./middleware";
-export * from "./kms";

package/dist/server/auth/index.js

@@ -1,3 +0,0 @@
-export * from "./middleware";
-export * from "./kms";
-//# sourceMappingURL=index.js.map

package/dist/server/auth/index.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/server/auth/index.ts"],"names":[],"mappings":"AAAA,cAAc,cAAc,CAAA;AAC5B,cAAc,OAAO,CAAA"}

package/dist/server/auth/kms.d.ts

@@ -1,34 +0,0 @@
-import Redis from "ioredis";
-/**
- * Generates a new API key using AWS KMS
- * @returns {Promise<Object>} Object containing:
- *   - plaintextKey: The decrypted API key to be provided to the user (shown only once)
- *   - encryptedKey: The encrypted version of the key to be stored in the database
- *   - keyId: The AWS KMS key ID used for encryption
- */
-export declare const generateApiKey: (userId: string) => Promise<{
-    apiKey: string;
-    keyId: string;
-}>;
-/**
- * Validates a provided API key by attempting to decrypt it using AWS KMS
- * @param {string} providedKey - The API key to validate
- * @returns {Promise<Object>} Object containing:
- *   - isValid: Boolean indicating whether the key is valid
- */
-export declare const validateApiKey: (apiKey: string, redis: Redis) => Promise<{
-    isValid: boolean;
-    reason?: string;
-    keyId?: string;
-}>;
-export declare const revokeKey: (keyId: string, apiKey: string) => Promise<void>;
-/**
- * Admin function to revoke an API key by keyId.
- * Marks the key as revoked in Redis.
- */
-export declare const adminRevokeApiKey: (keyId: string, redis: Redis) => Promise<void>;
-export declare const generateHmacSignature: (payload: string) => Promise<string>;
-/**
- * Verifies an HMAC signature
- */
-export declare const verifyHmacSignature: (payload: string, signature: string) => Promise<boolean>;

package/dist/server/auth/kms.js

@@ -1,122 +0,0 @@
-/**
- * AWS KMS service integration for API key management
- * This module provides functionality for generating and validating API keys using AWS KMS
- */
-import { GenerateMacCommand, VerifyCommand, VerifyMacCommand } from "@aws-sdk/client-kms";
-import { randomBytes } from "crypto";
-import { kmsClientManager, kmsEnvConfig } from "../config";
-// import { getRevokedApiKey } from "../oracle/redis-cache-manager/cache.keys.utils"
-/**
- * Generates a new API key using AWS KMS
- * @returns {Promise<Object>} Object containing:
- *   - plaintextKey: The decrypted API key to be provided to the user (shown only once)
- *   - encryptedKey: The encrypted version of the key to be stored in the database
- *   - keyId: The AWS KMS key ID used for encryption
- */
-export const generateApiKey = async (userId) => {
-    const keyId = randomBytes(8).toString("hex"); // Unique key identifier
-    const payload = `${userId}:${keyId}`;
-    const client = kmsClientManager.client;
-    const { Mac } = await client.send(new GenerateMacCommand({
-        KeyId: kmsEnvConfig.HMAC_KEY_ALIAS,
-        Message: Buffer.from(payload),
-        MacAlgorithm: "HMAC_SHA_384",
-    }));
-    if (!Mac) {
-        throw new Error("Failed to generate HMAC");
-    }
-    return {
-        apiKey: `${payload}.${Buffer.from(Mac).toString("base64")}`, // Format: userId:keyId.signature
-        keyId,
-    };
-};
-/**
- * Validates a provided API key by attempting to decrypt it using AWS KMS
- * @param {string} providedKey - The API key to validate
- * @returns {Promise<Object>} Object containing:
- *   - isValid: Boolean indicating whether the key is valid
- */
-export const validateApiKey = async (apiKey, redis) => {
-    const [payload, signature] = apiKey.split(".");
-    const [, keyId] = payload.split(":");
-    // 1. Check if key is revoked in Redis
-    // const isRevoked = await redis.get(getRevokedApiKey(keyId as string)) // possibly save this to prisma too
-    let isRevoked = "1";
-    if (isRevoked == "1") {
-        return { isValid: false, reason: "Key revoked" };
-    }
-    const client = kmsClientManager.client;
-    const { MacValid } = await client.send(new VerifyMacCommand({
-        KeyId: kmsEnvConfig.HMAC_KEY_ALIAS,
-        Message: Buffer.from(payload),
-        Mac: Buffer.from(signature, "base64"),
-        MacAlgorithm: "HMAC_SHA_384",
-    }));
-    if (!MacValid) {
-        return { isValid: false, reason: "Invalid signature" };
-    }
-    return {
-        isValid: MacValid,
-        keyId,
-    };
-};
-export const revokeKey = async (keyId, apiKey) => {
-    const [payload, signature] = apiKey.split(".");
-    const [, providedKeyId] = payload.split(":");
-    if (providedKeyId !== keyId) {
-        throw new Error("Key ID mismatch during revocation");
-    }
-    const client = kmsClientManager.client;
-    // 2. Verify KMS signature before revocation
-    const { SignatureValid } = await client.send(new VerifyCommand({
-        KeyId: kmsEnvConfig.HMAC_KEY_ALIAS,
-        Message: Buffer.from(payload),
-        Signature: Buffer.from(signature, "base64"),
-        SigningAlgorithm: "ECDSA_SHA_256",
-    }));
-    if (!SignatureValid) {
-        throw new Error("Invalid signature during revocation");
-    }
-};
-/**
- * Admin function to revoke an API key by keyId.
- * Marks the key as revoked in Redis.
- */
-//TODO guard under admin permissions
-export const adminRevokeApiKey = async (keyId, redis) => {
-    await redis.set(`revoked:${keyId}`, "1");
-};
-export const generateHmacSignature = async (payload) => {
-    const command = new GenerateMacCommand({
-        KeyId: kmsEnvConfig.HMAC_KEY_ALIAS,
-        Message: Buffer.from(payload),
-        MacAlgorithm: "HMAC_SHA_384",
-    });
-    const client = kmsClientManager.client;
-    const response = await client.send(command);
-    if (!response.Mac) {
-        throw new Error("Failed to generate HMAC signature");
-    }
-    return Buffer.from(response.Mac).toString("base64");
-};
-/**
- * Verifies an HMAC signature
- */
-export const verifyHmacSignature = async (payload, signature) => {
-    try {
-        const command = new VerifyMacCommand({
-            KeyId: kmsEnvConfig.HMAC_KEY_ALIAS, //TODO: setup multiple signing keys, one for users, one for servers
-            Message: Buffer.from(payload),
-            Mac: Buffer.from(signature, "base64"),
-            MacAlgorithm: "HMAC_SHA_384",
-        });
-        const client = kmsClientManager.client;
-        const response = await client.send(command);
-        return response.MacValid || false;
-    }
-    catch (error) {
-        console.error("HMAC verification failed:", error);
-        return false;
-    }
-};
-//# sourceMappingURL=kms.js.map

package/dist/server/auth/kms.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"kms.js","sourceRoot":"","sources":["../../../src/server/auth/kms.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,OAAO,EAAE,kBAAkB,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAA;AACzF,OAAO,EAAE,WAAW,EAAE,MAAM,QAAQ,CAAA;AAEpC,OAAO,EAAE,gBAAgB,EAAE,YAAY,EAAE,MAAM,WAAW,CAAA;AAC1D,oFAAoF;AAEpF;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG,KAAK,EAC/B,MAAc,EAIf,EAAE;IACD,MAAM,KAAK,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA,CAAC,wBAAwB;IACrE,MAAM,OAAO,GAAG,GAAG,MAAM,IAAI,KAAK,EAAE,CAAA;IAEpC,MAAM,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAA;IAEtC,MAAM,EAAE,GAAG,EAAE,GAAG,MAAM,MAAM,CAAC,IAAI,CAC7B,IAAI,kBAAkB,CAAC;QACnB,KAAK,EAAE,YAAY,CAAC,cAAc;QAClC,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC;QAC7B,YAAY,EAAE,cAAc;KAC/B,CAAC,CACL,CAAA;IAED,IAAI,CAAC,GAAG,EAAE,CAAC;QACP,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAA;IAC9C,CAAC;IAED,OAAO;QACH,MAAM,EAAE,GAAG,OAAO,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,EAAE,iCAAiC;QAC9F,KAAK;KACR,CAAA;AACL,CAAC,CAAA;AAED;;;;;GAKG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG,KAAK,EAC/B,MAAc,EACd,KAAY,EAKb,EAAE;IACD,MAAM,CAAC,OAAO,EAAE,SAAS,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAC9C,MAAM,CAAC,EAAE,KAAK,CAAC,GAAG,OAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAErC,sCAAsC;IACtC,2GAA2G;IAC3G,IAAI,SAAS,GAAG,GAAG,CAAA;IACnB,IAAI,SAAS,IAAI,GAAG,EAAE,CAAC;QACnB,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,aAAa,EAAE,CAAA;IACpD,CAAC;IAED,MAAM,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAA;IAEtC,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,MAAM,CAAC,IAAI,CAClC,IAAI,gBAAgB,CAAC;QACjB,KAAK,EAAE,YAAY,CAAC,cAAc;QAClC,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,OAAiB,CAAC;QACvC,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,SAAmB,EAAE,QAAQ,CAAC;QAC/C,YAAY,EAAE,cAAc;KAC/B,CAAC,CACL,CAAA;IAED,IAAI,CAAC,QAAQ,EAAE,CAAC;QACZ,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,mBAAmB,EAAE,CAAA;IAC1D,CAAC;IAED,OAAO;QACH,OAAO,EAAE,QAAQ;QACjB,KAAK;KACR,CAAA;AACL,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,SAAS,GAAG,KAAK,EAAE,KAAa,EAAE,MAAc,EAAiB,EAAE;IAC5E,MAAM,CAAC,OAAO,EAAE,SAAS,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAC9C,MAAM,CAAC,EAAE,aAAa,CAAC,GAAG,OAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAC7C,IAAI,aAAa,KAAK,KAAK,EAAE,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAA;IACxD,CAAC;IACD,MAAM,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAA;IACtC,4CAA4C;IAC5C,MAAM,EAAE,cAAc,EAAE,GAAG,MAAM,MAAM,CAAC,IAAI,CACxC,IAAI,aAAa,CAAC;QACd,KAAK,EAAE,YAAY,CAAC,cAAc;QAClC,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,OAAQ,CAAC;QAC9B,SAAS,EAAE,MAAM,CAAC,IAAI,CAAC,SAAU,EAAE,QAAQ,CAAC;QAC5C,gBAAgB,EAAE,eAAe;KACpC,CAAC,CACL,CAAA;IAED,IAAI,CAAC,cAAc,EAAE,CAAC;QAClB,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;IAC1D,CAAC;AACL,CAAC,CAAA;AAED;;;GAGG;AACH,oCAAoC;AACpC,MAAM,CAAC,MAAM,iBAAiB,GAAG,KAAK,EAAE,KAAa,EAAE,KAAY,EAAiB,EAAE;IAClF,MAAM,KAAK,CAAC,GAAG,CAAC,WAAW,KAAK,EAAE,EAAE,GAAG,CAAC,CAAA;AAC5C,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,qBAAqB,GAAG,KAAK,EAAE,OAAe,EAAmB,EAAE;IAC5E,MAAM,OAAO,GAAG,IAAI,kBAAkB,CAAC;QACnC,KAAK,EAAE,YAAY,CAAC,cAAc;QAClC,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC;QAC7B,YAAY,EAAE,cAAc;KAC/B,CAAC,CAAA;IAEF,MAAM,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAA;IAEtC,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;IAC3C,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC;QAChB,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAA;IACxD,CAAC;IACD,OAAO,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;AACvD,CAAC,CAAA;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,KAAK,EAAE,OAAe,EAAE,SAAiB,EAAoB,EAAE;IAC9F,IAAI,CAAC;QACD,MAAM,OAAO,GAAG,IAAI,gBAAgB,CAAC;YACjC,KAAK,EAAE,YAAY,CAAC,cAAc,EAAE,mEAAmE;YACvG,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC;YAC7B,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,QAAQ,CAAC;YACrC,YAAY,EAAE,cAAc;SAC/B,CAAC,CAAA;QAEF,MAAM,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAA;QAEtC,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QAC3C,OAAO,QAAQ,CAAC,QAAQ,IAAI,KAAK,CAAA;IACrC,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,2BAA2B,EAAE,KAAK,CAAC,CAAA;QACjD,OAAO,KAAK,CAAA;IAChB,CAAC;AACL,CAAC,CAAA"}

package/dist/server/auth/middleware/index.d.ts

@@ -1,17 +0,0 @@
-import type { User as PrivyUser } from "@privy-io/node";
-import type { NextFunction, Request, Response } from "express";
-import Redis from "ioredis";
-import type { Address } from "viem";
-import { LevrService } from "../../../core";
-declare module "express-serve-static-core" {
-    interface Request {
-        privyUser?: PrivyUser;
-        ethAddress?: Address | null;
-        apiUser?: {
-            id: string;
-            isService: boolean;
-            service?: LevrService | null;
-        };
-    }
-}
-export declare const authMiddleWare: (redis: Redis) => (req: Request, res: Response, next: NextFunction) => Promise<void>;