@maravilla-labs/types 0.1.35 → 0.1.38

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/index.d.ts +60 -0
  2. package/index.ts +165 -0
  3. package/package.json +1 -1
package/index.d.ts CHANGED
@@ -203,6 +203,64 @@ export interface Storage {
203
203
  */
204
204
  getMetadata(key: string): Promise<StorageMetadata>;
205
205
  }
206
+ /**
207
+ * Authenticated user record
208
+ */
209
+ export interface AuthUser {
210
+ id: string;
211
+ email: string;
212
+ email_verified: boolean;
213
+ status: 'active' | 'suspended' | 'deactivated';
214
+ provider: string;
215
+ groups: string[];
216
+ created_at: number;
217
+ updated_at: number;
218
+ last_login_at?: number;
219
+ }
220
+
221
+ /**
222
+ * Session returned after login or refresh
223
+ */
224
+ export interface AuthSession {
225
+ access_token: string;
226
+ refresh_token: string;
227
+ expires_in: number;
228
+ user: AuthUser;
229
+ }
230
+
231
+ /**
232
+ * Custom registration field
233
+ */
234
+ export interface AuthField {
235
+ key: string;
236
+ label: string;
237
+ field_type: string;
238
+ required: boolean;
239
+ show_on_register: boolean;
240
+ }
241
+
242
+ /**
243
+ * Auth service for end-user authentication
244
+ */
245
+ export interface AuthService {
246
+ register(options: { email: string; password: string; profile?: Record<string, any> }): Promise<AuthUser>;
247
+ login(options: { email: string; password: string }): Promise<AuthSession>;
248
+ validate(accessToken: string): Promise<AuthUser>;
249
+ refresh(refreshToken: string): Promise<AuthSession>;
250
+ logout(sessionId: string): Promise<void>;
251
+ getUser(userId: string): Promise<AuthUser | null>;
252
+ listUsers(filter?: { limit?: number; offset?: number; status?: string; email_contains?: string }): Promise<{ users: AuthUser[]; total: number; limit: number; offset: number }>;
253
+ updateUser(userId: string, update: { email?: string; status?: string; profile?: Record<string, any> }): Promise<AuthUser>;
254
+ deleteUser(userId: string): Promise<void>;
255
+ sendVerification(userId: string): Promise<{ token: string }>;
256
+ verifyEmail(token: string): Promise<void>;
257
+ sendPasswordReset(email: string): Promise<{ token: string }>;
258
+ resetPassword(token: string, newPassword: string): Promise<void>;
259
+ changePassword(userId: string, oldPassword: string, newPassword: string): Promise<void>;
260
+ getFieldConfig(): Promise<{ fields: AuthField[] }>;
261
+ withAuth<T extends (request: Request & { user: AuthUser }) => Promise<Response>>(handler: T): (request: Request) => Promise<Response>;
262
+ }
263
+
206
264
  /**
207
265
  * Main platform interface available in runtime
208
266
  */
@@ -213,6 +271,8 @@ export interface Platform {
213
271
  db: Database;
214
272
  /** Storage service instance */
215
273
  storage: Storage;
274
+ /** Auth service for end-user authentication */
275
+ auth: AuthService;
216
276
  /** Legacy aliases for compatibility */
217
277
  env: {
218
278
  KV: KvStore;
package/index.ts CHANGED
@@ -234,6 +234,138 @@ export interface Storage {
234
234
  getMetadata(key: string): Promise<StorageMetadata>;
235
235
  }
236
236
 
237
+ // Stewardship Types
238
+
239
+ /** Delegation mode for stewardship overrides */
240
+ export type DelegationMode = 'full' | 'scoped';
241
+
242
+ /** Status of a stewardship override */
243
+ export type StewardshipStatus = 'active' | 'suspended' | 'revoked' | 'expired';
244
+
245
+ /** A scoped permission entry */
246
+ export interface ScopedPermission {
247
+ /** Resource name */
248
+ resource: string;
249
+ /** Allowed actions on the resource */
250
+ actions: string[];
251
+ }
252
+
253
+ /** A stewardship override record */
254
+ export interface StewardshipOverride {
255
+ id: string;
256
+ steward_id: string;
257
+ ward_id: string;
258
+ delegation_mode: DelegationMode;
259
+ scoped_permissions: ScopedPermission[];
260
+ valid_from?: number;
261
+ valid_until?: number;
262
+ status: StewardshipStatus;
263
+ reason?: string;
264
+ source: string;
265
+ source_circle_id?: string;
266
+ source_relation_type_id?: string;
267
+ created_at: number;
268
+ updated_at: number;
269
+ }
270
+
271
+ /** Options for creating a stewardship override */
272
+ export interface CreateStewardshipOverrideRequest {
273
+ steward_id: string;
274
+ ward_id: string;
275
+ delegation_mode?: DelegationMode;
276
+ scoped_permissions?: ScopedPermission[];
277
+ valid_from?: number;
278
+ valid_until?: number;
279
+ reason?: string;
280
+ }
281
+
282
+ /** Result of resolving stewardship for a user */
283
+ export interface StewardshipResolution {
284
+ /** Users who are stewards of this user */
285
+ stewards: StewardshipOverride[];
286
+ /** Users this user is a steward of */
287
+ wards: StewardshipOverride[];
288
+ }
289
+
290
+ /** Context for acting as another user */
291
+ export interface ActAsContext {
292
+ steward_id: string;
293
+ ward_id: string;
294
+ delegation_mode: DelegationMode;
295
+ scoped_permissions: ScopedPermission[];
296
+ session_token: string;
297
+ expires_at: number;
298
+ }
299
+
300
+ /** An entry in the stewardship audit log */
301
+ export interface StewardshipAuditEntry {
302
+ id: string;
303
+ performed_by: string;
304
+ on_behalf_of: string;
305
+ action: string;
306
+ resource?: string;
307
+ details?: Record<string, any>;
308
+ created_at: number;
309
+ }
310
+
311
+ /** Options for listing audit log entries */
312
+ export interface AuditListOptions {
313
+ limit?: number;
314
+ offset?: number;
315
+ }
316
+
317
+ /** Stewardship service interface */
318
+ export interface Stewardship {
319
+ resolve(userId: string): Promise<StewardshipResolution>;
320
+ createOverride(options: CreateStewardshipOverrideRequest): Promise<StewardshipOverride>;
321
+ revoke(id: string): Promise<void>;
322
+ checkPermission(stewardId: string, wardId: string, resource: string, action: string): Promise<boolean>;
323
+ createActAs(stewardId: string, wardId: string): Promise<ActAsContext>;
324
+ listAudit(userId: string, options?: AuditListOptions): Promise<StewardshipAuditEntry[]>;
325
+ }
326
+
327
+ // Resource Types
328
+
329
+ /** A platform resource definition */
330
+ export interface Resource {
331
+ id: string;
332
+ resource_name: string;
333
+ title: string;
334
+ description?: string;
335
+ actions: string[];
336
+ created_at: number;
337
+ updated_at: number;
338
+ }
339
+
340
+ /** Options for creating a resource */
341
+ export interface CreateResourceRequest {
342
+ resource_name: string;
343
+ title: string;
344
+ description?: string;
345
+ actions?: string[];
346
+ }
347
+
348
+ // Circle Types
349
+
350
+ /** Circle membership entry */
351
+ export interface CircleMembership {
352
+ user_id: string;
353
+ email: string;
354
+ relationship: string;
355
+ is_primary_contact: boolean;
356
+ joined_at: number;
357
+ }
358
+
359
+ /** A circle */
360
+ export interface Circle {
361
+ id: string;
362
+ name: string;
363
+ metadata?: Record<string, any>;
364
+ member_count: number;
365
+ created_at: number;
366
+ updated_at: number;
367
+ }
368
+
237
369
  // Platform Types
238
370
 
239
371
  /**
@@ -246,6 +378,39 @@ export interface Platform {
246
378
  db: Database;
247
379
  /** Storage service instance */
248
380
  storage: Storage;
381
+ /** Auth service with stewardship, resources, and circle helpers */
382
+ auth: {
383
+ register(options: { email: string; password: string; profile?: Record<string, any> }): Promise<any>;
384
+ login(options: { email: string; password: string }): Promise<any>;
385
+ validate(accessToken: string): Promise<any>;
386
+ refresh(refreshToken: string): Promise<any>;
387
+ logout(sessionId: string): Promise<void>;
388
+ getUser(userId: string): Promise<any>;
389
+ listUsers(filter?: Record<string, any>): Promise<any>;
390
+ updateUser(userId: string, update: Record<string, any>): Promise<any>;
391
+ deleteUser(userId: string): Promise<void>;
392
+ sendVerification(userId: string): Promise<any>;
393
+ verifyEmail(token: string): Promise<void>;
394
+ sendPasswordReset(email: string): Promise<any>;
395
+ resetPassword(token: string, newPassword: string): Promise<void>;
396
+ changePassword(userId: string, oldPassword: string, newPassword: string): Promise<void>;
397
+ getFieldConfig(): Promise<any>;
398
+ getOAuthUrl(provider: string, options?: { redirectUri?: string }): Promise<any>;
399
+ handleOAuthCallback(provider: string, params: { code: string; state: string }): Promise<any>;
400
+
401
+ /** Stewardship (guardian/ward delegation) */
402
+ stewardship: Stewardship;
403
+
404
+ /** List available resources */
405
+ listResources(): Promise<Resource[]>;
406
+ /** Create a resource definition */
407
+ createResource(options: CreateResourceRequest): Promise<Resource>;
408
+
409
+ /** Get circle members */
410
+ getCircleMembers(circleId: string): Promise<CircleMembership[]>;
411
+ /** Get circles a user belongs to */
412
+ getUserCircles(userId: string): Promise<Circle[]>;
413
+ };
249
414
  /** Legacy aliases for compatibility */
250
415
  env: {
251
416
  KV: KvStore;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@maravilla-labs/types",
3
- "version": "0.1.35",
3
+ "version": "0.1.38",
4
4
  "description": "TypeScript definitions for Maravilla Runtime platform APIs",
5
5
  "main": "index.ts",
6
6
  "types": "index.ts",