@longzai-intelligence-auth/elysia 0.0.4 → 0.0.6

package/dist/index.d.ts

@@ -1,25 +1,899 @@
-export { createAuthPlugin } from "./plugin";
-export type { AuthPluginConfig, AuthPluginOptions, JwtStrategyConfig, StandaloneStrategyConfig, EnvBasicStrategyConfig, StrategyName, StrategyContext, } from "./types/auth-plugin-config";
-export { createAuthStrategy, extractJwtConfig, extractDefaultTenantId, extractRegisterRoutes } from "./core/auth-strategy";
-export type { AuthStrategy } from "./core/auth-strategy";
-export { mapDomainErrorToStatus } from "./core/error-mapper";
-export { createJwtVerifyPlugin } from "./plugins/jwt-verify.plugin";
-export type { JwtVerifyPluginOptions } from "./plugins/jwt-verify.plugin";
-export { createRbacPlugin } from "./plugins/rbac.plugin";
-export type { RbacPluginOptions } from "./plugins/rbac.plugin";
-export { createTenantPlugin } from "./plugins/tenant.plugin";
-export type { TenantPluginOptions } from "./plugins/tenant.plugin";
-export { createRateLimitPlugin } from "./plugins/rate-limit.plugin";
-export type { RateLimitPluginOptions } from "./plugins/rate-limit.plugin";
-export { createAuditPlugin } from "./plugins/audit.plugin";
-export type { AuditPluginOptions } from "./plugins/audit.plugin";
-export { createErrorHandlerPlugin } from "./plugins/error-handler.plugin";
-export type { ErrorHandlerPluginOptions } from "./plugins/error-handler.plugin";
-export { createLoggerPlugin } from "./plugins/logger.plugin";
-export type { LoggerPluginOptions } from "./plugins/logger.plugin";
-export { createBasicPreset } from "./presets/basic-preset";
-export type { BasicPresetOptions } from "./presets/basic-preset";
-export { createStandardPreset } from "./presets/standard-preset";
-export type { StandardPresetOptions } from "./presets/standard-preset";
-export { extractClientIp } from "./utils/extract-client-ip";
-export { extractUserAgent } from "./utils/extract-user-agent";
+import { DomainError } from "@longzai-intelligence/error";
+import { JwtConfig, LoggerService, RateLimiterPort, ResourceAction, TokenVerifierPort, UnifiedAuthContext, UnifiedAuthContext as UnifiedAuthContext$1 } from "@longzai-intelligence-auth/core";
+import { Elysia } from "elysia";
+import { z } from "zod";
+
+//#region src/core/error-mapper.d.ts
+/**
+ * 根据 DomainError 类型映射 HTTP 状态码
+ *
+ * @param error - 领域错误实例
+ * @returns 对应的 HTTP 状态码
+ */
+declare function mapDomainErrorToStatus(error: DomainError): number;
+//#endregion
+//#region src/verifiers/static-token-verifier.d.ts
+/**
+ * 静态令牌验证器配置
+ */
+type StaticTokenVerifierOptions = {
+  /**
+   * 静态令牌（与 getToken 至少提供一个）
+   */
+  token?: string;
+  /**
+   * 动态获取令牌的回调，优先级高于 token
+   * 用于运行时从 secret manager / env 缓存等来源解析令牌
+   */
+  getToken?: () => string | null;
+  /**
+   * 验证通过后填充到 AccessTokenPayload.sub 中的主体标识
+   * 默认 "static"
+   */
+  subject?: string;
+  /**
+   * 验证通过后填充到 AccessTokenPayload.tenantId 中的租户标识
+   * 默认不设置
+   */
+  tenantId?: string;
+};
+/**
+ * 创建静态令牌验证器
+ *
+ * @param options - 静态令牌验证器配置
+ * @returns 实现 TokenVerifierPort 的静态令牌验证器
+ */
+declare function createStaticTokenVerifier(options: StaticTokenVerifierOptions): TokenVerifierPort;
+//#endregion
+//#region src/plugins/jwt-verify.plugin.d.ts
+/** JWT 验证插件解析后的认证上下文 */
+type VerifiedAuthContext = {
+  /**
+   * 用户 ID（来自 payload.sub）
+   */
+  userId: string;
+  /**
+   * 租户 ID（来自 payload.tenantId，默认使用 defaultTenantId）
+   */
+  tenantId: string;
+  /**
+   * 角色列表
+   */
+  roles: string[];
+  /**
+   * 权限列表
+   */
+  permissions: string[];
+  /**
+   * JWT ID（用于 token 黑名单检查）
+   */
+  jti?: string;
+};
+/**
+ * JWT 验证插件配置选项
+ *
+ * @typeParam T - 扩展 schema 类型，用于从 payload 中解析自定义业务字段
+ */
+type JwtVerifyPluginOptions<T extends z.ZodTypeAny = z.ZodUndefined> = {
+  /**
+   * 令牌验证器端口（用户注入，与 jwt 二选一）
+   */
+  verifier?: TokenVerifierPort;
+  /**
+   * JWT 配置（与 verifier 二选一，未提供时使用默认配置）
+   */
+  jwt?: JwtConfig;
+  /**
+   * 默认租户 ID
+   */
+  defaultTenantId?: string;
+  /**
+   * 跳过认证的路径列表（精确匹配或前缀匹配，如 "/api/public/*"）
+   */
+  publicPaths?: string[];
+  /**
+   * 扩展 schema，用于从 payload 中解析自定义业务字段
+   */
+  extendSchema?: T;
+};
+/**
+ * 从 extendSchema 提取额外字段类型
+ *
+ * @typeParam T - 扩展 schema 类型，用于推断额外的业务字段类型
+ */
+type ExtractExtra<T extends z.ZodTypeAny> = T extends z.ZodUndefined ? Record<string, never> : z.infer<T>;
+/**
+ * 完整的认证上下文类型（基础字段 + 扩展字段）
+ *
+ * @typeParam T - 扩展 schema 类型，用于推断额外的业务字段类型
+ */
+type AuthContextWithExtra<T extends z.ZodTypeAny = z.ZodUndefined> = VerifiedAuthContext & ExtractExtra<T>;
+/**
+ * 创建 JWT 验证插件
+ *
+ * 该插件从请求头中提取 Bearer token 并验证，验证失败时抛出异常。
+ *
+ * @typeParam T - 扩展 schema 类型，用于从 payload 中解析自定义业务字段
+ * @param options - 插件配置选项
+ * @returns Elysia 插件实例
+ */
+declare function createJwtVerifyPlugin<T extends z.ZodTypeAny = z.ZodUndefined>(options: JwtVerifyPluginOptions<T>): Elysia<"", {
+  decorator: {};
+  store: {};
+  derive: {};
+  resolve: {};
+}, {
+  typebox: {};
+  error: {};
+}, {
+  schema: {};
+  standaloneSchema: {};
+  macro: {};
+  macroFn: {};
+  parser: {};
+  response: {};
+}, {}, {
+  derive: {
+    readonly auth: any;
+  };
+  resolve: {};
+  schema: {};
+  standaloneSchema: {};
+  response: import("elysia").ExtractErrorFromHandle<{
+    readonly auth: any;
+  }>;
+}, {
+  derive: {};
+  resolve: {};
+  schema: {};
+  standaloneSchema: {};
+  response: {};
+}>;
+//#endregion
+//#region src/plugins/optional-jwt.plugin.d.ts
+/**
+ * 可选 JWT 认证插件配置选项
+ *
+ * @typeParam T - 扩展 schema 类型，用于从 payload 中解析自定义业务字段
+ */
+type OptionalJwtPluginOptions<T extends z.ZodTypeAny = z.ZodUndefined> = {
+  /**
+   * 令牌验证器端口（用户注入，与 jwt 二选一）
+   */
+  verifier?: TokenVerifierPort;
+  /**
+   * JWT 配置（与 verifier 二选一，未提供时使用默认配置）
+   */
+  jwt?: JwtConfig;
+  /**
+   * 默认租户 ID
+   */
+  defaultTenantId?: string;
+  /**
+   * 扩展 schema，用于从 payload 中解析自定义业务字段
+   */
+  extendSchema?: T;
+};
+/**
+ * 可选认证上下文，auth 为 null 表示未认证
+ *
+ * @typeParam T - 扩展 schema 类型，用于推断额外的业务字段类型
+ */
+type OptionalAuthContext<T extends z.ZodTypeAny = z.ZodUndefined> = {
+  auth: (UnifiedAuthContext$1 & (T extends z.ZodUndefined ? Record<string, never> : z.infer<T>)) | null;
+};
+/**
+ * 创建可选 JWT 认证插件
+ *
+ * 该插件从请求头中提取 Bearer token 并验证，如果验证失败或无 token 则返回 null 认证上下文。
+ *
+ * @typeParam T - 扩展 schema 类型，用于从 payload 中解析自定义业务字段
+ * @param options - 插件配置选项
+ * @returns Elysia 插件实例
+ */
+declare function createOptionalJwtPlugin<T extends z.ZodTypeAny = z.ZodUndefined>(options: OptionalJwtPluginOptions<T>): Elysia<"", {
+  decorator: {};
+  store: {};
+  derive: {};
+  resolve: {};
+}, {
+  typebox: {};
+  error: {};
+}, {
+  schema: {};
+  standaloneSchema: {};
+  macro: {};
+  macroFn: {};
+  parser: {};
+  response: {};
+}, {}, {
+  derive: {
+    readonly auth: any;
+  };
+  resolve: {};
+  schema: {};
+  standaloneSchema: {};
+  response: import("elysia").ExtractErrorFromHandle<{
+    readonly auth: any;
+  }>;
+}, {
+  derive: {};
+  resolve: {};
+  schema: {};
+  standaloneSchema: {};
+  response: {};
+}>;
+//#endregion
+//#region src/plugins/rbac.plugin.d.ts
+/** 用户角色策略接口，用于数据库查询权限 */
+type UserRoleStrategy = {
+  /**
+   * 查询用户在指定租户下的所有权限
+   */
+  findPermissionsByUserId(userId: string, tenantId: string): Promise<ResourceAction[]>;
+};
+/**
+ * RBAC 插件配置选项
+ */
+type RbacPluginOptions = {
+  /**
+   * 用户角色策略（用于数据库查询权限，优先于上下文权限）
+   */
+  userRole?: UserRoleStrategy;
+};
+/**
+ * 创建 RBAC 插件
+ *
+ * @param options - 插件配置选项
+ * @returns Elysia 插件实例
+ */
+declare function createRbacPlugin(options?: RbacPluginOptions): Elysia<"", {
+  decorator: {};
+  store: {};
+  derive: {
+    readonly requirePermission: (resource: string, action: string) => Promise<void>;
+  };
+  resolve: {};
+}, {
+  typebox: {};
+  error: {};
+}, {
+  schema: {};
+  standaloneSchema: {};
+  macro: {};
+  macroFn: {};
+  parser: {};
+  response: import("elysia").ExtractErrorFromHandle<{
+    readonly requirePermission: (resource: string, action: string) => Promise<void>;
+  }>;
+}, {}, {
+  derive: {};
+  resolve: {};
+  schema: {};
+  standaloneSchema: {};
+  response: {};
+}, {
+  derive: {};
+  resolve: {};
+  schema: {};
+  standaloneSchema: {};
+  response: {};
+}>;
+//#endregion
+//#region src/plugins/api-key.plugin.d.ts
+/** API Key 认证的主体信息 */
+type ApiKeyPrincipal = {
+  /**
+   * 主体标识
+   */
+  principalId: string;
+  /**
+   * 租户 ID
+   */
+  tenantId?: string;
+  /**
+   * 角色列表
+   */
+  roles: string[];
+  /**
+   * 权限列表
+   */
+  permissions: string[];
+};
+/**
+ * API Key 认证插件配置选项
+ */
+type ApiKeyPluginOptions = {
+  /**
+   * API Key 所在的请求头名称（默认 "x-api-key"）
+   */
+  header?: string;
+  /**
+   * API Key 验证器，返回 null 表示无效
+   */
+  validator: (key: string) => Promise<ApiKeyPrincipal | null>;
+};
+/**
+ * 创建 API Key 认证插件
+ *
+ * @param options - 插件配置选项
+ * @returns Elysia 插件实例
+ */
+declare function createApiKeyPlugin(options: ApiKeyPluginOptions): Elysia<"", {
+  decorator: {};
+  store: {};
+  derive: {};
+  resolve: {};
+}, {
+  typebox: {};
+  error: {};
+}, {
+  schema: {};
+  standaloneSchema: {};
+  macro: {};
+  macroFn: {};
+  parser: {};
+  response: {};
+}, {}, {
+  derive: {
+    auth: UnifiedAuthContext$1;
+  };
+  resolve: {};
+  schema: {};
+  standaloneSchema: {};
+  response: import("elysia").ExtractErrorFromHandle<{
+    auth: UnifiedAuthContext$1;
+  }>;
+}, {
+  derive: {};
+  resolve: {};
+  schema: {};
+  standaloneSchema: {};
+  response: {};
+}>;
+//#endregion
+//#region src/plugins/in-memory-api-key-validator.d.ts
+/** 内存 API Key 映射条目 */
+type InMemoryApiKeyEntry = {
+  /**
+   * 主体标识
+   */
+  principalId: string;
+  /**
+   * 租户ID（可选）
+   */
+  tenantId?: string;
+  /**
+   * 角色列表
+   */
+  roles: string[];
+  /**
+   * 权限列表
+   */
+  permissions: string[];
+};
+/** 内存 API Key 映射表 */
+type InMemoryApiKeyMap = Record<string, InMemoryApiKeyEntry>;
+/**
+ * 创建内存 API Key 验证器
+ * 接受静态 API Key 映射，返回符合 createApiKeyPlugin 的 validator 函数
+ *
+ * @param keyMap - API Key 到主体信息的映射
+ * @returns validator 函数
+ */
+declare function createInMemoryApiKeyValidator(keyMap: InMemoryApiKeyMap): (key: string) => Promise<ApiKeyPrincipal | null>;
+//#endregion
+//#region src/plugins/composite-auth.plugin.d.ts
+/**
+ * 组合认证插件配置选项
+ *
+ * 支持多种认证方式（JWT 和 API Key），优先尝试 JWT 认证。
+ */
+type CompositeAuthPluginOptions = {
+  /**
+   * 令牌验证器端口（用户注入，与 jwt 二选一）
+   */
+  verifier?: TokenVerifierPort;
+  /**
+   * JWT 配置（与 verifier 二选一，未提供时使用默认配置）
+   */
+  jwt?: JwtConfig;
+  /**
+   * 默认租户 ID
+   */
+  defaultTenantId?: string;
+  /**
+   * API Key 验证器
+   */
+  apiKeyValidator?: (key: string) => Promise<ApiKeyPrincipal | null>;
+  /**
+   * API Key 所在的请求头名称（默认 "x-api-key"）
+   */
+  apiKeyHeader?: string;
+  /**
+   * 跳过认证的路径列表（精确匹配或前缀匹配，如 "/api/public/*"）
+   */
+  publicPaths?: string[];
+};
+/** 组合认证上下文（向后兼容，内部使用 UnifiedAuthContext） */
+type CompositeAuthContext = UnifiedAuthContext$1;
+/**
+ * 创建组合认证插件
+ *
+ * 该插件支持多种认证方式（JWT 和 API Key），优先尝试 JWT 认证，
+ * 如果 JWT 认证失败则尝试 API Key 认证，未认证时返回 null。
+ *
+ * @param options - 插件配置选项
+ * @returns Elysia 插件实例
+ */
+declare function createCompositeAuthPlugin(options: CompositeAuthPluginOptions): Elysia<"", {
+  decorator: {};
+  store: {};
+  derive: {};
+  resolve: {};
+}, {
+  typebox: {};
+  error: {};
+}, {
+  schema: {};
+  standaloneSchema: {};
+  macro: {};
+  macroFn: {};
+  parser: {};
+  response: {};
+}, {}, {
+  derive: {
+    auth: UnifiedAuthContext$1 | null;
+  };
+  resolve: {};
+  schema: {};
+  standaloneSchema: {};
+  response: import("elysia").ExtractErrorFromHandle<{
+    auth: UnifiedAuthContext$1 | null;
+  }>;
+}, {
+  derive: {};
+  resolve: {};
+  schema: {};
+  standaloneSchema: {};
+  response: {};
+}>;
+/**
+ * 创建要求认证的组合认证插件（未认证时抛出异常）
+ *
+ * @param options - 插件配置选项
+ * @returns Elysia 插件实例
+ */
+declare function createRequiredCompositeAuthPlugin(options: CompositeAuthPluginOptions): Elysia<"", {
+  decorator: {};
+  store: {};
+  derive: {};
+  resolve: {};
+}, {
+  typebox: {};
+  error: {};
+}, {
+  schema: {};
+  standaloneSchema: {};
+  macro: {};
+  macroFn: {};
+  parser: {};
+  response: {};
+}, {}, {
+  derive: {
+    auth: UnifiedAuthContext$1;
+  };
+  resolve: {};
+  schema: {};
+  standaloneSchema: {};
+  response: import("elysia").ExtractErrorFromHandle<{
+    auth: UnifiedAuthContext$1;
+  }>;
+}, {
+  derive: {};
+  resolve: {};
+  schema: {};
+  standaloneSchema: {};
+  response: {};
+}>;
+//#endregion
+//#region src/plugins/rate-limit.plugin.d.ts
+/**
+ * 速率限制插件配置选项
+ */
+type RateLimitPluginOptions = {
+  /**
+   * 速率限制器端口（用户注入）
+   */
+  limiter: RateLimiterPort;
+  /**
+   * 日志服务
+   */
+  logger?: LoggerService;
+  /**
+   * 键生成器（用于从请求中提取限制键）
+   */
+  keyGenerator?: (request: Request) => string;
+};
+/**
+ * 创建速率限制插件
+ *
+ * @param options - 插件配置选项
+ * @returns Elysia 插件实例
+ */
+declare function createRateLimitPlugin(options: RateLimitPluginOptions): Elysia<"", {
+  decorator: {};
+  store: {};
+  derive: {
+    readonly clientIp: string;
+  } & {
+    readonly rateLimitRemaining: number;
+  };
+  resolve: {};
+}, {
+  typebox: {};
+  error: {};
+}, {
+  schema: {};
+  standaloneSchema: {};
+  macro: {};
+  macroFn: {};
+  parser: {};
+  response: import("elysia").ExtractErrorFromHandle<{
+    readonly rateLimitRemaining: number;
+  }>;
+}, {}, {
+  derive: {};
+  resolve: {};
+  schema: {};
+  standaloneSchema: {};
+  response: {};
+}, {
+  derive: {};
+  resolve: {};
+  schema: {};
+  standaloneSchema: {};
+  response: {};
+}>;
+//#endregion
+//#region src/plugins/error-handler.plugin.d.ts
+type ErrorHandlerPluginOptions = {
+  logger?: LoggerService;
+};
+declare function createErrorHandlerPlugin(options?: ErrorHandlerPluginOptions): Elysia<"", {
+  decorator: {};
+  store: {};
+  derive: {};
+  resolve: {};
+}, {
+  typebox: {};
+  error: {};
+}, {
+  schema: {};
+  standaloneSchema: {};
+  macro: {};
+  macroFn: {};
+  parser: {};
+  response: {
+    200: {
+      details?: Record<string, unknown> | undefined;
+      code: string;
+      message: string;
+    } | {
+      code: string;
+      message: string;
+      details: {
+        path: string;
+        message: string | undefined;
+      }[];
+    };
+  };
+}, {}, {
+  derive: {};
+  resolve: {};
+  schema: {};
+  standaloneSchema: {};
+  response: {};
+}, {
+  derive: {};
+  resolve: {};
+  schema: {};
+  standaloneSchema: {};
+  response: {};
+}>;
+//#endregion
+//#region src/plugins/logger.plugin.d.ts
+type LoggerPluginOptions = {
+  logger: LoggerService;
+};
+declare function createLoggerPlugin(options: LoggerPluginOptions): Elysia<"", {
+  decorator: {};
+  store: {};
+  derive: {};
+  resolve: {};
+}, {
+  typebox: {};
+  error: {};
+}, {
+  schema: {};
+  standaloneSchema: {};
+  macro: {};
+  macroFn: {};
+  parser: {};
+  response: {};
+}, {}, {
+  derive: {};
+  resolve: {};
+  schema: {};
+  standaloneSchema: {};
+  response: {};
+}, {
+  derive: {};
+  resolve: {};
+  schema: {};
+  standaloneSchema: {};
+  response: {};
+}>;
+//#endregion
+//#region src/presets/basic-preset.d.ts
+/**
+ * 基础预设配置选项
+ *
+ * @typeParam T - 扩展 schema 类型，用于从 payload 中解析自定义业务字段
+ */
+type BasicPresetOptions<T extends z.ZodTypeAny = z.ZodUndefined> = {
+  /**
+   * 令牌验证器端口（用户注入）
+   */
+  tokenVerifier: TokenVerifierPort;
+  /**
+   * 默认租户 ID
+   */
+  defaultTenantId?: string;
+  /**
+   * 日志服务
+   */
+  logger?: LoggerService;
+  /**
+   * 跳过认证的路径列表（精确匹配或前缀匹配，如 "/api/public/*"）
+   */
+  publicPaths?: string[];
+  /**
+   * 扩展 schema，用于从 payload 中解析自定义业务字段
+   */
+  extendSchema?: T;
+};
+/**
+ * 创建基础预设插件
+ *
+ * 该预设包含 JWT 验证插件和错误处理插件，提供完整的认证功能。
+ *
+ * @typeParam T - 扩展 schema 类型，用于从 payload 中解析自定义业务字段
+ * @param options - 预设配置选项
+ * @returns Elysia 插件实例
+ */
+declare function createBasicPreset<T extends z.ZodTypeAny = z.ZodUndefined>(options: BasicPresetOptions<T>): Elysia<"", {
+  decorator: {};
+  store: {};
+  derive: {};
+  resolve: {};
+}, {
+  typebox: {};
+  error: {};
+}, {
+  schema: {};
+  standaloneSchema: {};
+  macro: {};
+  macroFn: {};
+  parser: {};
+  response: {};
+} & {
+  schema: {};
+  standaloneSchema: {};
+  macro: {};
+  macroFn: {};
+  parser: {};
+  response: {
+    200: {
+      details?: Record<string, unknown> | undefined;
+      code: string;
+      message: string;
+    } | {
+      code: string;
+      message: string;
+      details: {
+        path: string;
+        message: string | undefined;
+      }[];
+    };
+  };
+}, {}, {
+  derive: {};
+  resolve: {};
+  schema: {};
+  standaloneSchema: {};
+  response: {};
+}, {
+  derive: {};
+  resolve: {};
+  schema: {};
+  standaloneSchema: {};
+  response: {};
+} & {
+  derive: {
+    readonly auth: any;
+  };
+  resolve: {};
+  schema: {};
+  standaloneSchema: {};
+  response: import("elysia").ExtractErrorFromHandle<{
+    readonly auth: any;
+  }>;
+} & {
+  derive: {};
+  resolve: {};
+  schema: {};
+  standaloneSchema: {};
+  response: {};
+}>;
+//#endregion
+//#region src/presets/standard-preset.d.ts
+/**
+ * 标准预设配置选项
+ *
+ * @typeParam T - 扩展 schema 类型，用于从 payload 中解析自定义业务字段
+ */
+type StandardPresetOptions<T extends z.ZodTypeAny = z.ZodUndefined> = {
+  /**
+   * 令牌验证器端口（用户注入）
+   */
+  tokenVerifier: TokenVerifierPort;
+  /**
+   * 速率限制器端口（可选，用户注入）
+   */
+  rateLimiter?: RateLimiterPort;
+  /**
+   * 默认租户 ID
+   */
+  defaultTenantId?: string;
+  /**
+   * 用户角色策略
+   */
+  userRole?: UserRoleStrategy;
+  /**
+   * 日志服务
+   */
+  logger?: LoggerService;
+  /**
+   * 跳过认证的路径列表（精确匹配或前缀匹配，如 "/api/public/*"）
+   */
+  publicPaths?: string[];
+  /**
+   * 扩展 schema，用于从 payload 中解析自定义业务字段（仅在未使用 apiKeyValidator 时生效）
+   */
+  extendSchema?: T;
+  /**
+   * API Key 验证器（提供后使用组合认证插件替代 JWT 验证插件）
+   */
+  apiKeyValidator?: (key: string) => Promise<ApiKeyPrincipal | null>;
+};
+/**
+ * 创建标准预设插件
+ *
+ * 该预设包含认证插件、RBAC 插件、可选的限流插件和错误处理插件。
+ *
+ * @typeParam T - 扩展 schema 类型，用于从 payload 中解析自定义业务字段
+ * @param options - 预设配置选项
+ * @returns Elysia 插件实例
+ */
+declare function createStandardPreset<T extends z.ZodTypeAny = z.ZodUndefined>(options: StandardPresetOptions<T>): Elysia<"", {
+  decorator: {};
+  store: {};
+  derive: {
+    readonly requirePermission: (resource: string, action: string) => Promise<void>;
+  };
+  resolve: {};
+}, {
+  typebox: {};
+  error: {};
+}, {
+  schema: {};
+  standaloneSchema: {};
+  macro: {};
+  macroFn: {};
+  parser: {};
+  response: {};
+} & {
+  schema: {};
+  standaloneSchema: {};
+  macro: {};
+  macroFn: {};
+  parser: {};
+  response: import("elysia").ExtractErrorFromHandle<{
+    readonly requirePermission: (resource: string, action: string) => Promise<void>;
+  }>;
+} & {
+  schema: {};
+  standaloneSchema: {};
+  macro: {};
+  macroFn: {};
+  parser: {};
+  response: {
+    200: {
+      details?: Record<string, unknown> | undefined;
+      code: string;
+      message: string;
+    } | {
+      code: string;
+      message: string;
+      details: {
+        path: string;
+        message: string | undefined;
+      }[];
+    };
+  };
+}, {}, {
+  derive: {};
+  resolve: {};
+  schema: {};
+  standaloneSchema: {};
+  response: {};
+}, (({
+  derive: {};
+  resolve: {};
+  schema: {};
+  standaloneSchema: {};
+  response: {};
+} & ({
+  derive: {
+    auth: import("@longzai-intelligence-auth/core").UnifiedAuthContext;
+  };
+  resolve: {};
+  schema: {};
+  standaloneSchema: {};
+  response: import("elysia").ExtractErrorFromHandle<{
+    auth: import("@longzai-intelligence-auth/core").UnifiedAuthContext;
+  }>;
+} | {
+  derive: {
+    readonly auth: any;
+  };
+  resolve: {};
+  schema: {};
+  standaloneSchema: {};
+  response: import("elysia").ExtractErrorFromHandle<{
+    readonly auth: any;
+  }>;
+})) & {
+  derive: {};
+  resolve: {};
+  schema: {};
+  standaloneSchema: {};
+  response: {};
+}) & {
+  derive: {};
+  resolve: {};
+  schema: {};
+  standaloneSchema: {};
+  response: {};
+}>;
+//#endregion
+//#region src/utils/extract-client-ip.d.ts
+/**
+ * 从请求中提取客户端 IP 地址
+ *
+ * @param request - HTTP 请求对象
+ * @returns 客户端 IP 地址，如果无法提取则返回 undefined
+ */
+declare function extractClientIp(request: Request): string | undefined;
+//#endregion
+//#region src/utils/extract-user-agent.d.ts
+/**
+ * 从请求中提取用户代理
+ *
+ * @param request - HTTP 请求对象
+ * @returns 用户代理字符串，如果无法提取则返回 undefined
+ */
+declare function extractUserAgent(request: Request): string | undefined;
+//#endregion
+export { type ApiKeyPluginOptions, type ApiKeyPrincipal, type AuthContextWithExtra, type BasicPresetOptions, type CompositeAuthContext, type CompositeAuthPluginOptions, type ErrorHandlerPluginOptions, type ExtractExtra, type InMemoryApiKeyEntry, type InMemoryApiKeyMap, type JwtVerifyPluginOptions, type LoggerPluginOptions, type OptionalAuthContext, type OptionalJwtPluginOptions, type RateLimitPluginOptions, type RbacPluginOptions, type StandardPresetOptions, type StaticTokenVerifierOptions, type UnifiedAuthContext, type UserRoleStrategy, type VerifiedAuthContext, createApiKeyPlugin, createBasicPreset, createCompositeAuthPlugin, createErrorHandlerPlugin, createInMemoryApiKeyValidator, createJwtVerifyPlugin, createLoggerPlugin, createOptionalJwtPlugin, createRateLimitPlugin, createRbacPlugin, createRequiredCompositeAuthPlugin, createStandardPreset, createStaticTokenVerifier, extractClientIp, extractUserAgent, mapDomainErrorToStatus };