@lifeaitools/clauth 0.2.0 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/cli/commands/install.js
CHANGED
|
@@ -157,16 +157,31 @@ export async function runInstall(opts = {}) {
|
|
|
157
157
|
const s5 = ora('Deploying auth-vault Edge Function...').start();
|
|
158
158
|
const fnSource = readFileSync(join(ROOT, 'supabase/functions/auth-vault/index.ts'), 'utf8');
|
|
159
159
|
try {
|
|
160
|
-
//
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
|
|
167
|
-
|
|
168
|
-
|
|
160
|
+
// Use the /deploy endpoint with multipart/form-data (not the old /functions endpoint)
|
|
161
|
+
const formData = new FormData();
|
|
162
|
+
|
|
163
|
+
const metadata = {
|
|
164
|
+
name: 'auth-vault',
|
|
165
|
+
entrypoint_path: 'index.ts',
|
|
166
|
+
verify_jwt: true,
|
|
167
|
+
};
|
|
168
|
+
formData.append('metadata', new Blob([JSON.stringify(metadata)], { type: 'application/json' }));
|
|
169
|
+
formData.append('file', new Blob([fnSource], { type: 'application/typescript' }), 'index.ts');
|
|
170
|
+
|
|
171
|
+
const deployRes = await fetch(
|
|
172
|
+
`${MGMT}/projects/${ref}/functions/deploy?slug=auth-vault`,
|
|
173
|
+
{
|
|
174
|
+
method: 'POST',
|
|
175
|
+
headers: { 'Authorization': `Bearer ${pat}` },
|
|
176
|
+
body: formData,
|
|
177
|
+
}
|
|
178
|
+
);
|
|
179
|
+
|
|
180
|
+
if (!deployRes.ok) {
|
|
181
|
+
const errText = await deployRes.text().catch(() => deployRes.statusText);
|
|
182
|
+
throw new Error(`HTTP ${deployRes.status}: ${errText}`);
|
|
169
183
|
}
|
|
184
|
+
|
|
170
185
|
s5.succeed('auth-vault Edge Function deployed');
|
|
171
186
|
} catch (e) {
|
|
172
187
|
s5.warn(`Edge Function deploy failed: ${e.message}`);
|
package/package.json
CHANGED
|
@@ -77,9 +77,17 @@ alter table public.clauth_audit enable row level security;
|
|
|
77
77
|
|
|
78
78
|
-- service_role bypasses RLS — all access from Edge Function only
|
|
79
79
|
-- No direct anon access to any clauth table
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
create policy "
|
|
80
|
+
do $$ begin
|
|
81
|
+
if not exists (select 1 from pg_policies where policyname = 'no_anon_services' and tablename = 'clauth_services') then
|
|
82
|
+
create policy "no_anon_services" on public.clauth_services for all using (false);
|
|
83
|
+
end if;
|
|
84
|
+
if not exists (select 1 from pg_policies where policyname = 'no_anon_machines' and tablename = 'clauth_machines') then
|
|
85
|
+
create policy "no_anon_machines" on public.clauth_machines for all using (false);
|
|
86
|
+
end if;
|
|
87
|
+
if not exists (select 1 from pg_policies where policyname = 'no_anon_audit' and tablename = 'clauth_audit') then
|
|
88
|
+
create policy "no_anon_audit" on public.clauth_audit for all using (false);
|
|
89
|
+
end if;
|
|
90
|
+
end $$;
|
|
83
91
|
|
|
84
92
|
-- ============================================================
|
|
85
93
|
-- Updated_at trigger
|
|
@@ -89,6 +97,7 @@ returns trigger language plpgsql as $$
|
|
|
89
97
|
begin new.updated_at = now(); return new; end;
|
|
90
98
|
$$;
|
|
91
99
|
|
|
100
|
+
drop trigger if exists clauth_services_updated on public.clauth_services;
|
|
92
101
|
create trigger clauth_services_updated
|
|
93
102
|
before update on public.clauth_services
|
|
94
103
|
for each row execute procedure public.clauth_touch_updated();
|