@mesob/auth-hono 0.0.6 → 0.0.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +191 -126
- package/dist/index.js.map +1 -1
- package/package.json +2 -2
package/dist/index.js
CHANGED
|
@@ -449,9 +449,9 @@ var findSessionByToken = (db, hashedToken) => {
|
|
|
449
449
|
};
|
|
450
450
|
|
|
451
451
|
// src/db/orm/iam/users/find-user-by-id.ts
|
|
452
|
-
import { and as and2, eq as eq2 } from "drizzle-orm";
|
|
453
|
-
var findUserById = (db, tenantId, userId) => {
|
|
454
|
-
return db.select({
|
|
452
|
+
import { and as and2, eq as eq2, sql as sql2 } from "drizzle-orm";
|
|
453
|
+
var findUserById = async (db, tenantId, userId) => {
|
|
454
|
+
return await db.select({
|
|
455
455
|
id: usersInIam.id,
|
|
456
456
|
tenantId: usersInIam.tenantId,
|
|
457
457
|
fullName: usersInIam.fullName,
|
|
@@ -461,8 +461,34 @@ var findUserById = (db, tenantId, userId) => {
|
|
|
461
461
|
image: usersInIam.image,
|
|
462
462
|
emailVerified: usersInIam.emailVerified,
|
|
463
463
|
phoneVerified: usersInIam.phoneVerified,
|
|
464
|
-
lastSignInAt: usersInIam.lastSignInAt
|
|
465
|
-
|
|
464
|
+
lastSignInAt: usersInIam.lastSignInAt,
|
|
465
|
+
userRoles: sql2`
|
|
466
|
+
COALESCE(
|
|
467
|
+
json_agg(
|
|
468
|
+
json_build_object(
|
|
469
|
+
'id', ${userRolesInIam.id},
|
|
470
|
+
'roleId', ${rolesInIam.id},
|
|
471
|
+
'code', ${rolesInIam.code},
|
|
472
|
+
'name', ${rolesInIam.name},
|
|
473
|
+
'description', ${rolesInIam.description}
|
|
474
|
+
)
|
|
475
|
+
) FILTER (WHERE ${userRolesInIam.id} IS NOT NULL),
|
|
476
|
+
'[]'::json
|
|
477
|
+
)
|
|
478
|
+
`
|
|
479
|
+
}).from(usersInIam).leftJoin(
|
|
480
|
+
userRolesInIam,
|
|
481
|
+
and2(
|
|
482
|
+
eq2(userRolesInIam.userId, usersInIam.id),
|
|
483
|
+
eq2(userRolesInIam.tenantId, tenantId)
|
|
484
|
+
)
|
|
485
|
+
).leftJoin(
|
|
486
|
+
rolesInIam,
|
|
487
|
+
and2(
|
|
488
|
+
eq2(userRolesInIam.roleId, rolesInIam.id),
|
|
489
|
+
eq2(rolesInIam.tenantId, tenantId)
|
|
490
|
+
)
|
|
491
|
+
).where(and2(eq2(usersInIam.id, userId), eq2(usersInIam.tenantId, tenantId))).groupBy(usersInIam.id).limit(1).then(([user]) => user || null);
|
|
466
492
|
};
|
|
467
493
|
|
|
468
494
|
// src/handler.ts
|
|
@@ -470,24 +496,6 @@ import { OpenAPIHono as OpenAPIHono2 } from "@hono/zod-openapi";
|
|
|
470
496
|
import { getCookie as getCookie3 } from "hono/cookie";
|
|
471
497
|
import { HTTPException as HTTPException16 } from "hono/http-exception";
|
|
472
498
|
|
|
473
|
-
// src/db/orm/iam/users/find-user-roles.ts
|
|
474
|
-
import { and as and3, eq as eq3 } from "drizzle-orm";
|
|
475
|
-
var findUserRoles = (db, tenantId, userId) => {
|
|
476
|
-
return db.select({
|
|
477
|
-
id: userRolesInIam.id,
|
|
478
|
-
roleId: rolesInIam.id,
|
|
479
|
-
code: rolesInIam.code,
|
|
480
|
-
name: rolesInIam.name,
|
|
481
|
-
description: rolesInIam.description
|
|
482
|
-
}).from(userRolesInIam).innerJoin(rolesInIam, eq3(userRolesInIam.roleId, rolesInIam.id)).where(
|
|
483
|
-
and3(
|
|
484
|
-
eq3(userRolesInIam.userId, userId),
|
|
485
|
-
eq3(userRolesInIam.tenantId, tenantId),
|
|
486
|
-
eq3(rolesInIam.tenantId, tenantId)
|
|
487
|
-
)
|
|
488
|
-
);
|
|
489
|
-
};
|
|
490
|
-
|
|
491
499
|
// src/lib/crypto.ts
|
|
492
500
|
import { scrypt } from "@noble/hashes/scrypt.js";
|
|
493
501
|
import { randomBytes } from "@noble/hashes/utils.js";
|
|
@@ -576,6 +584,13 @@ import { z } from "zod";
|
|
|
576
584
|
var emailField = z.string().trim().email("Invalid email address").max(255, "Email too long");
|
|
577
585
|
var phoneField = z.string().trim().min(6, "Phone too short").max(30, "Phone too long").regex(/^[+()\d\s-]+$/, "Invalid phone number format");
|
|
578
586
|
var passwordField = z.string().min(8, "Password must be at least 8 characters").max(128, "Password too long");
|
|
587
|
+
var userRoleSchema = z.object({
|
|
588
|
+
id: z.string().uuid(),
|
|
589
|
+
roleId: z.string().uuid(),
|
|
590
|
+
code: z.string(),
|
|
591
|
+
name: z.string(),
|
|
592
|
+
description: z.string()
|
|
593
|
+
});
|
|
579
594
|
var userSchema = z.object({
|
|
580
595
|
id: z.string().uuid(),
|
|
581
596
|
tenantId: z.string(),
|
|
@@ -586,7 +601,8 @@ var userSchema = z.object({
|
|
|
586
601
|
image: z.string().nullable(),
|
|
587
602
|
emailVerified: z.boolean(),
|
|
588
603
|
phoneVerified: z.boolean(),
|
|
589
|
-
lastSignInAt: z.string().datetime().nullable()
|
|
604
|
+
lastSignInAt: z.string().datetime().nullable(),
|
|
605
|
+
userRoles: z.array(userRoleSchema).nullable()
|
|
590
606
|
});
|
|
591
607
|
var sessionSchema = z.object({
|
|
592
608
|
id: z.string().uuid(),
|
|
@@ -700,24 +716,24 @@ var pendingAccountChangeResponseSchema = z.object({
|
|
|
700
716
|
import { HTTPException as HTTPException2 } from "hono/http-exception";
|
|
701
717
|
|
|
702
718
|
// src/db/orm/iam/account-changes/expire-pending-account-changes.ts
|
|
703
|
-
import { and as
|
|
719
|
+
import { and as and3, eq as eq3, lte } from "drizzle-orm";
|
|
704
720
|
var expirePendingAccountChanges = (db, tenantId, userId) => {
|
|
705
721
|
const now = (/* @__PURE__ */ new Date()).toISOString();
|
|
706
722
|
return db.update(accountChangesInIam).set({
|
|
707
723
|
status: "expired",
|
|
708
724
|
updatedAt: now
|
|
709
725
|
}).where(
|
|
710
|
-
|
|
711
|
-
|
|
712
|
-
|
|
713
|
-
|
|
726
|
+
and3(
|
|
727
|
+
eq3(accountChangesInIam.tenantId, tenantId),
|
|
728
|
+
eq3(accountChangesInIam.userId, userId),
|
|
729
|
+
eq3(accountChangesInIam.status, "pending"),
|
|
714
730
|
lte(accountChangesInIam.expiresAt, now)
|
|
715
731
|
)
|
|
716
732
|
);
|
|
717
733
|
};
|
|
718
734
|
|
|
719
735
|
// src/db/orm/iam/account-changes/find-pending-account-change.ts
|
|
720
|
-
import { and as
|
|
736
|
+
import { and as and4, desc, eq as eq4, gt as gt2 } from "drizzle-orm";
|
|
721
737
|
var findPendingAccountChange = async (db, tenantId, userId) => {
|
|
722
738
|
const now = (/* @__PURE__ */ new Date()).toISOString();
|
|
723
739
|
return await db.select({
|
|
@@ -726,10 +742,10 @@ var findPendingAccountChange = async (db, tenantId, userId) => {
|
|
|
726
742
|
newPhone: accountChangesInIam.newPhone,
|
|
727
743
|
expiresAt: accountChangesInIam.expiresAt
|
|
728
744
|
}).from(accountChangesInIam).where(
|
|
729
|
-
|
|
730
|
-
|
|
731
|
-
|
|
732
|
-
|
|
745
|
+
and4(
|
|
746
|
+
eq4(accountChangesInIam.tenantId, tenantId),
|
|
747
|
+
eq4(accountChangesInIam.userId, userId),
|
|
748
|
+
eq4(accountChangesInIam.status, "pending"),
|
|
733
749
|
gt2(accountChangesInIam.expiresAt, now)
|
|
734
750
|
)
|
|
735
751
|
).orderBy(desc(accountChangesInIam.createdAt)).limit(1).then(([row]) => {
|
|
@@ -749,18 +765,18 @@ var findPendingAccountChange = async (db, tenantId, userId) => {
|
|
|
749
765
|
};
|
|
750
766
|
|
|
751
767
|
// src/db/orm/iam/verifications/find-active-verification-id.ts
|
|
752
|
-
import { and as
|
|
768
|
+
import { and as and5, desc as desc2, eq as eq5, gt as gt3 } from "drizzle-orm";
|
|
753
769
|
var findActiveVerificationId = async (db, tenantId, userId, type, to) => {
|
|
754
770
|
const now = (/* @__PURE__ */ new Date()).toISOString();
|
|
755
771
|
return await db.select({
|
|
756
772
|
verificationId: verificationsInIam.id,
|
|
757
773
|
expiresAt: verificationsInIam.expiresAt
|
|
758
774
|
}).from(verificationsInIam).where(
|
|
759
|
-
|
|
760
|
-
|
|
761
|
-
|
|
762
|
-
|
|
763
|
-
|
|
775
|
+
and5(
|
|
776
|
+
eq5(verificationsInIam.tenantId, tenantId),
|
|
777
|
+
eq5(verificationsInIam.userId, userId),
|
|
778
|
+
eq5(verificationsInIam.type, type),
|
|
779
|
+
eq5(verificationsInIam.to, to),
|
|
764
780
|
gt3(verificationsInIam.expiresAt, now)
|
|
765
781
|
)
|
|
766
782
|
).orderBy(desc2(verificationsInIam.createdAt)).limit(1).then(([row]) => row ? row : null);
|
|
@@ -841,9 +857,9 @@ var accountChangePendingHandler = async (c) => {
|
|
|
841
857
|
};
|
|
842
858
|
|
|
843
859
|
// src/db/orm/iam/users/find-user-by-email.ts
|
|
844
|
-
import { and as
|
|
845
|
-
var findUserByEmail = (db, tenantId, email) => {
|
|
846
|
-
|
|
860
|
+
import { and as and6, eq as eq6, sql as sql3 } from "drizzle-orm";
|
|
861
|
+
var findUserByEmail = async (db, tenantId, email) => {
|
|
862
|
+
const result = await db.select({
|
|
847
863
|
id: usersInIam.id,
|
|
848
864
|
tenantId: usersInIam.tenantId,
|
|
849
865
|
fullName: usersInIam.fullName,
|
|
@@ -853,19 +869,46 @@ var findUserByEmail = (db, tenantId, email) => {
|
|
|
853
869
|
image: usersInIam.image,
|
|
854
870
|
emailVerified: usersInIam.emailVerified,
|
|
855
871
|
phoneVerified: usersInIam.phoneVerified,
|
|
856
|
-
lastSignInAt: usersInIam.lastSignInAt
|
|
857
|
-
|
|
858
|
-
|
|
859
|
-
|
|
860
|
-
|
|
872
|
+
lastSignInAt: usersInIam.lastSignInAt,
|
|
873
|
+
userRoles: sql3`
|
|
874
|
+
COALESCE(
|
|
875
|
+
json_agg(
|
|
876
|
+
json_build_object(
|
|
877
|
+
'id', ${userRolesInIam.id},
|
|
878
|
+
'roleId', ${rolesInIam.id},
|
|
879
|
+
'code', ${rolesInIam.code},
|
|
880
|
+
'name', ${rolesInIam.name},
|
|
881
|
+
'description', ${rolesInIam.description}
|
|
882
|
+
)
|
|
883
|
+
) FILTER (WHERE ${userRolesInIam.id} IS NOT NULL),
|
|
884
|
+
'[]'::json
|
|
885
|
+
)
|
|
886
|
+
`
|
|
887
|
+
}).from(usersInIam).leftJoin(
|
|
888
|
+
userRolesInIam,
|
|
889
|
+
and6(
|
|
890
|
+
eq6(userRolesInIam.userId, usersInIam.id),
|
|
891
|
+
eq6(userRolesInIam.tenantId, tenantId)
|
|
861
892
|
)
|
|
862
|
-
).
|
|
893
|
+
).leftJoin(
|
|
894
|
+
rolesInIam,
|
|
895
|
+
and6(
|
|
896
|
+
eq6(userRolesInIam.roleId, rolesInIam.id),
|
|
897
|
+
eq6(rolesInIam.tenantId, tenantId)
|
|
898
|
+
)
|
|
899
|
+
).where(
|
|
900
|
+
and6(
|
|
901
|
+
eq6(usersInIam.tenantId, tenantId),
|
|
902
|
+
sql3`lower(${usersInIam.email}) = lower(${email})`
|
|
903
|
+
)
|
|
904
|
+
).groupBy(usersInIam.id).limit(1).then(([u]) => u || null);
|
|
905
|
+
return result;
|
|
863
906
|
};
|
|
864
907
|
|
|
865
908
|
// src/db/orm/iam/users/find-user-by-phone.ts
|
|
866
|
-
import { and as
|
|
867
|
-
var findUserByPhone = (db, tenantId, phone) => {
|
|
868
|
-
|
|
909
|
+
import { and as and7, eq as eq7, sql as sql4 } from "drizzle-orm";
|
|
910
|
+
var findUserByPhone = async (db, tenantId, phone) => {
|
|
911
|
+
const result = await db.select({
|
|
869
912
|
id: usersInIam.id,
|
|
870
913
|
tenantId: usersInIam.tenantId,
|
|
871
914
|
fullName: usersInIam.fullName,
|
|
@@ -875,8 +918,35 @@ var findUserByPhone = (db, tenantId, phone) => {
|
|
|
875
918
|
image: usersInIam.image,
|
|
876
919
|
emailVerified: usersInIam.emailVerified,
|
|
877
920
|
phoneVerified: usersInIam.phoneVerified,
|
|
878
|
-
lastSignInAt: usersInIam.lastSignInAt
|
|
879
|
-
|
|
921
|
+
lastSignInAt: usersInIam.lastSignInAt,
|
|
922
|
+
userRoles: sql4`
|
|
923
|
+
COALESCE(
|
|
924
|
+
json_agg(
|
|
925
|
+
json_build_object(
|
|
926
|
+
'id', ${userRolesInIam.id},
|
|
927
|
+
'roleId', ${rolesInIam.id},
|
|
928
|
+
'code', ${rolesInIam.code},
|
|
929
|
+
'name', ${rolesInIam.name},
|
|
930
|
+
'description', ${rolesInIam.description}
|
|
931
|
+
)
|
|
932
|
+
) FILTER (WHERE ${userRolesInIam.id} IS NOT NULL),
|
|
933
|
+
'[]'::json
|
|
934
|
+
)
|
|
935
|
+
`
|
|
936
|
+
}).from(usersInIam).leftJoin(
|
|
937
|
+
userRolesInIam,
|
|
938
|
+
and7(
|
|
939
|
+
eq7(userRolesInIam.userId, usersInIam.id),
|
|
940
|
+
eq7(userRolesInIam.tenantId, tenantId)
|
|
941
|
+
)
|
|
942
|
+
).leftJoin(
|
|
943
|
+
rolesInIam,
|
|
944
|
+
and7(
|
|
945
|
+
eq7(userRolesInIam.roleId, rolesInIam.id),
|
|
946
|
+
eq7(rolesInIam.tenantId, tenantId)
|
|
947
|
+
)
|
|
948
|
+
).where(and7(eq7(usersInIam.tenantId, tenantId), eq7(usersInIam.phone, phone))).groupBy(usersInIam.id).limit(1).then(([u]) => u || null);
|
|
949
|
+
return result;
|
|
880
950
|
};
|
|
881
951
|
|
|
882
952
|
// src/db/orm/iam/users/find-user-by-identifier.ts
|
|
@@ -931,22 +1001,22 @@ var insertSession = (db, data) => {
|
|
|
931
1001
|
};
|
|
932
1002
|
|
|
933
1003
|
// src/db/orm/iam/users/update-user-verified.ts
|
|
934
|
-
import { and as
|
|
1004
|
+
import { and as and8, eq as eq8 } from "drizzle-orm";
|
|
935
1005
|
var updateUserVerified = (db, tenantId, userId, type) => {
|
|
936
1006
|
return db.update(usersInIam).set({
|
|
937
1007
|
[type === "email" ? "emailVerified" : "phoneVerified"]: true,
|
|
938
1008
|
lastSignInAt: (/* @__PURE__ */ new Date()).toISOString()
|
|
939
|
-
}).where(
|
|
1009
|
+
}).where(and8(eq8(usersInIam.id, userId), eq8(usersInIam.tenantId, tenantId)));
|
|
940
1010
|
};
|
|
941
1011
|
|
|
942
1012
|
// src/db/orm/iam/verifications/consume-verification.ts
|
|
943
|
-
import { eq as
|
|
1013
|
+
import { eq as eq9 } from "drizzle-orm";
|
|
944
1014
|
var consumeVerification = (db, verificationId) => {
|
|
945
|
-
return db.delete(verificationsInIam).where(
|
|
1015
|
+
return db.delete(verificationsInIam).where(eq9(verificationsInIam.id, verificationId));
|
|
946
1016
|
};
|
|
947
1017
|
|
|
948
1018
|
// src/db/orm/iam/verifications/find-verification-by-id.ts
|
|
949
|
-
import { eq as
|
|
1019
|
+
import { eq as eq10 } from "drizzle-orm";
|
|
950
1020
|
var findVerificationById = (db, verificationId) => {
|
|
951
1021
|
return db.select({
|
|
952
1022
|
id: verificationsInIam.id,
|
|
@@ -958,17 +1028,17 @@ var findVerificationById = (db, verificationId) => {
|
|
|
958
1028
|
expiresAt: verificationsInIam.expiresAt,
|
|
959
1029
|
createdAt: verificationsInIam.createdAt,
|
|
960
1030
|
attempt: verificationsInIam.attempt
|
|
961
|
-
}).from(verificationsInIam).where(
|
|
1031
|
+
}).from(verificationsInIam).where(eq10(verificationsInIam.id, verificationId)).limit(1).then(([verification]) => verification || null);
|
|
962
1032
|
};
|
|
963
1033
|
|
|
964
1034
|
// src/db/orm/iam/verifications/update-verification-attempt.ts
|
|
965
|
-
import { eq as
|
|
1035
|
+
import { eq as eq11 } from "drizzle-orm";
|
|
966
1036
|
var updateVerificationAttempt = async (db, verificationId) => {
|
|
967
1037
|
const verification = await findVerificationById(db, verificationId);
|
|
968
1038
|
if (!verification) {
|
|
969
1039
|
return;
|
|
970
1040
|
}
|
|
971
|
-
await db.update(verificationsInIam).set({ attempt: (verification.attempt || 0) + 1 }).where(
|
|
1041
|
+
await db.update(verificationsInIam).set({ attempt: (verification.attempt || 0) + 1 }).where(eq11(verificationsInIam.id, verificationId));
|
|
972
1042
|
};
|
|
973
1043
|
|
|
974
1044
|
// src/lib/session.ts
|
|
@@ -1081,7 +1151,7 @@ var emailVerificationConfirmHandler = async (c) => {
|
|
|
1081
1151
|
import { HTTPException as HTTPException4 } from "hono/http-exception";
|
|
1082
1152
|
|
|
1083
1153
|
// src/db/orm/iam/account-changes/cancel-pending-account-changes.ts
|
|
1084
|
-
import { and as
|
|
1154
|
+
import { and as and9, eq as eq12 } from "drizzle-orm";
|
|
1085
1155
|
var cancelPendingAccountChanges = (db, tenantId, userId, changeType) => {
|
|
1086
1156
|
const now = (/* @__PURE__ */ new Date()).toISOString();
|
|
1087
1157
|
return db.update(accountChangesInIam).set({
|
|
@@ -1090,11 +1160,11 @@ var cancelPendingAccountChanges = (db, tenantId, userId, changeType) => {
|
|
|
1090
1160
|
updatedAt: now,
|
|
1091
1161
|
reason: "replaced"
|
|
1092
1162
|
}).where(
|
|
1093
|
-
|
|
1094
|
-
|
|
1095
|
-
|
|
1096
|
-
|
|
1097
|
-
|
|
1163
|
+
and9(
|
|
1164
|
+
eq12(accountChangesInIam.tenantId, tenantId),
|
|
1165
|
+
eq12(accountChangesInIam.userId, userId),
|
|
1166
|
+
eq12(accountChangesInIam.changeType, changeType),
|
|
1167
|
+
eq12(accountChangesInIam.status, "pending")
|
|
1098
1168
|
)
|
|
1099
1169
|
);
|
|
1100
1170
|
};
|
|
@@ -1117,13 +1187,13 @@ var insertPendingEmailChange = (db, data) => {
|
|
|
1117
1187
|
};
|
|
1118
1188
|
|
|
1119
1189
|
// src/db/orm/iam/verifications/delete-verifications-by-user-and-type.ts
|
|
1120
|
-
import { and as
|
|
1190
|
+
import { and as and10, eq as eq13 } from "drizzle-orm";
|
|
1121
1191
|
var deleteVerificationsByUserAndType = (db, tenantId, userId, type) => {
|
|
1122
1192
|
return db.delete(verificationsInIam).where(
|
|
1123
|
-
|
|
1124
|
-
|
|
1125
|
-
|
|
1126
|
-
|
|
1193
|
+
and10(
|
|
1194
|
+
eq13(verificationsInIam.tenantId, tenantId),
|
|
1195
|
+
eq13(verificationsInIam.userId, userId),
|
|
1196
|
+
eq13(verificationsInIam.type, type)
|
|
1127
1197
|
)
|
|
1128
1198
|
);
|
|
1129
1199
|
};
|
|
@@ -1344,7 +1414,7 @@ import { getCookie } from "hono/cookie";
|
|
|
1344
1414
|
import { HTTPException as HTTPException6 } from "hono/http-exception";
|
|
1345
1415
|
|
|
1346
1416
|
// src/db/orm/iam/accounts/find-account-by-provider.ts
|
|
1347
|
-
import { and as
|
|
1417
|
+
import { and as and11, eq as eq14 } from "drizzle-orm";
|
|
1348
1418
|
var findAccountByProvider = (db, tenantId, userId, provider) => {
|
|
1349
1419
|
return db.select({
|
|
1350
1420
|
id: accountsInIam.id,
|
|
@@ -1354,34 +1424,34 @@ var findAccountByProvider = (db, tenantId, userId, provider) => {
|
|
|
1354
1424
|
providerAccountId: accountsInIam.providerAccountId,
|
|
1355
1425
|
password: accountsInIam.password
|
|
1356
1426
|
}).from(accountsInIam).where(
|
|
1357
|
-
|
|
1358
|
-
|
|
1359
|
-
|
|
1360
|
-
|
|
1427
|
+
and11(
|
|
1428
|
+
eq14(accountsInIam.tenantId, tenantId),
|
|
1429
|
+
eq14(accountsInIam.userId, userId),
|
|
1430
|
+
eq14(accountsInIam.provider, provider)
|
|
1361
1431
|
)
|
|
1362
1432
|
).limit(1).then(([account]) => account || null);
|
|
1363
1433
|
};
|
|
1364
1434
|
|
|
1365
1435
|
// src/db/orm/iam/accounts/update-account-password.ts
|
|
1366
|
-
import { and as
|
|
1436
|
+
import { and as and12, eq as eq15 } from "drizzle-orm";
|
|
1367
1437
|
var updateAccountPassword = (db, tenantId, userId, password) => {
|
|
1368
1438
|
return db.update(accountsInIam).set({ password }).where(
|
|
1369
|
-
|
|
1370
|
-
|
|
1371
|
-
|
|
1372
|
-
|
|
1439
|
+
and12(
|
|
1440
|
+
eq15(accountsInIam.tenantId, tenantId),
|
|
1441
|
+
eq15(accountsInIam.userId, userId),
|
|
1442
|
+
eq15(accountsInIam.provider, "credentials")
|
|
1373
1443
|
)
|
|
1374
1444
|
);
|
|
1375
1445
|
};
|
|
1376
1446
|
|
|
1377
1447
|
// src/db/orm/iam/sessions/delete-session-by-id.ts
|
|
1378
|
-
import { eq as
|
|
1448
|
+
import { eq as eq16 } from "drizzle-orm";
|
|
1379
1449
|
var deleteSessionById = (db, sessionId) => {
|
|
1380
|
-
return db.delete(sessionsInIam).where(
|
|
1450
|
+
return db.delete(sessionsInIam).where(eq16(sessionsInIam.id, sessionId));
|
|
1381
1451
|
};
|
|
1382
1452
|
|
|
1383
1453
|
// src/db/orm/iam/sessions/list-sessions-for-user.ts
|
|
1384
|
-
import { and as
|
|
1454
|
+
import { and as and13, asc, eq as eq17, gt as gt4 } from "drizzle-orm";
|
|
1385
1455
|
var listSessionsForUser = (db, tenantId, userId) => {
|
|
1386
1456
|
return db.select({
|
|
1387
1457
|
id: sessionsInIam.id,
|
|
@@ -1393,9 +1463,9 @@ var listSessionsForUser = (db, tenantId, userId) => {
|
|
|
1393
1463
|
userAgent: sessionsInIam.userAgent,
|
|
1394
1464
|
ip: sessionsInIam.ip
|
|
1395
1465
|
}).from(sessionsInIam).where(
|
|
1396
|
-
|
|
1397
|
-
|
|
1398
|
-
|
|
1466
|
+
and13(
|
|
1467
|
+
eq17(sessionsInIam.tenantId, tenantId),
|
|
1468
|
+
eq17(sessionsInIam.userId, userId),
|
|
1399
1469
|
gt4(sessionsInIam.expiresAt, (/* @__PURE__ */ new Date()).toISOString())
|
|
1400
1470
|
)
|
|
1401
1471
|
).orderBy(asc(sessionsInIam.createdAt)).then((sessions) => sessions);
|
|
@@ -1872,9 +1942,9 @@ var deleteOldestSessions = async (db, tenantId, userId, keepCount) => {
|
|
|
1872
1942
|
};
|
|
1873
1943
|
|
|
1874
1944
|
// src/db/orm/iam/users/update-last-sign-in.ts
|
|
1875
|
-
import { and as
|
|
1945
|
+
import { and as and14, eq as eq18 } from "drizzle-orm";
|
|
1876
1946
|
var updateLastSignIn = (db, tenantId, userId) => {
|
|
1877
|
-
return db.update(usersInIam).set({ lastSignInAt: (/* @__PURE__ */ new Date()).toISOString(), loginAttempt: 0 }).where(
|
|
1947
|
+
return db.update(usersInIam).set({ lastSignInAt: (/* @__PURE__ */ new Date()).toISOString(), loginAttempt: 0 }).where(and14(eq18(usersInIam.id, userId), eq18(usersInIam.tenantId, tenantId)));
|
|
1878
1948
|
};
|
|
1879
1949
|
|
|
1880
1950
|
// src/routes/handler/sign-in.ts
|
|
@@ -2027,7 +2097,7 @@ var insertCredentialsAccount = (db, data) => {
|
|
|
2027
2097
|
};
|
|
2028
2098
|
|
|
2029
2099
|
// src/db/orm/iam/users/find-user-by-handle.ts
|
|
2030
|
-
import { and as
|
|
2100
|
+
import { and as and15, eq as eq19, sql as sql5 } from "drizzle-orm";
|
|
2031
2101
|
var findUserByHandle = (db, tenantId, handle) => {
|
|
2032
2102
|
return db.select({
|
|
2033
2103
|
id: usersInIam.id,
|
|
@@ -2041,9 +2111,9 @@ var findUserByHandle = (db, tenantId, handle) => {
|
|
|
2041
2111
|
phoneVerified: usersInIam.phoneVerified,
|
|
2042
2112
|
lastSignInAt: usersInIam.lastSignInAt
|
|
2043
2113
|
}).from(usersInIam).where(
|
|
2044
|
-
|
|
2045
|
-
|
|
2046
|
-
|
|
2114
|
+
and15(
|
|
2115
|
+
eq19(usersInIam.tenantId, tenantId),
|
|
2116
|
+
sql5`lower(${usersInIam.handle}) = lower(${handle})`
|
|
2047
2117
|
)
|
|
2048
2118
|
).limit(1).then(([user]) => user || null);
|
|
2049
2119
|
};
|
|
@@ -2197,58 +2267,58 @@ var signUpHandler = async (c) => {
|
|
|
2197
2267
|
import { HTTPException as HTTPException13 } from "hono/http-exception";
|
|
2198
2268
|
|
|
2199
2269
|
// src/db/orm/iam/account-changes/mark-pending-account-change-applied.ts
|
|
2200
|
-
import { and as
|
|
2270
|
+
import { and as and16, eq as eq20 } from "drizzle-orm";
|
|
2201
2271
|
var markPendingAccountChangeApplied = (db, tenantId, userId, changeType, newValue) => {
|
|
2202
2272
|
const now = (/* @__PURE__ */ new Date()).toISOString();
|
|
2203
|
-
const valueCondition = changeType === "email" ?
|
|
2273
|
+
const valueCondition = changeType === "email" ? eq20(accountChangesInIam.newEmail, newValue) : eq20(accountChangesInIam.newPhone, newValue);
|
|
2204
2274
|
return db.update(accountChangesInIam).set({
|
|
2205
2275
|
status: "applied",
|
|
2206
2276
|
confirmedAt: now,
|
|
2207
2277
|
updatedAt: now
|
|
2208
2278
|
}).where(
|
|
2209
|
-
|
|
2210
|
-
|
|
2211
|
-
|
|
2212
|
-
|
|
2213
|
-
|
|
2279
|
+
and16(
|
|
2280
|
+
eq20(accountChangesInIam.tenantId, tenantId),
|
|
2281
|
+
eq20(accountChangesInIam.userId, userId),
|
|
2282
|
+
eq20(accountChangesInIam.changeType, changeType),
|
|
2283
|
+
eq20(accountChangesInIam.status, "pending"),
|
|
2214
2284
|
valueCondition
|
|
2215
2285
|
)
|
|
2216
2286
|
);
|
|
2217
2287
|
};
|
|
2218
2288
|
|
|
2219
2289
|
// src/db/orm/iam/accounts/update-credentials-provider-account-id.ts
|
|
2220
|
-
import { and as
|
|
2290
|
+
import { and as and17, eq as eq21 } from "drizzle-orm";
|
|
2221
2291
|
var updateCredentialsProviderAccountId = async (db, tenantId, userId, providerAccountId) => {
|
|
2222
2292
|
const updated = await db.update(accountsInIam).set({ providerAccountId }).where(
|
|
2223
|
-
|
|
2224
|
-
|
|
2225
|
-
|
|
2226
|
-
|
|
2293
|
+
and17(
|
|
2294
|
+
eq21(accountsInIam.tenantId, tenantId),
|
|
2295
|
+
eq21(accountsInIam.userId, userId),
|
|
2296
|
+
eq21(accountsInIam.provider, "credentials")
|
|
2227
2297
|
)
|
|
2228
2298
|
).returning({ id: accountsInIam.id }).then(([row]) => row?.id);
|
|
2229
2299
|
return Boolean(updated);
|
|
2230
2300
|
};
|
|
2231
2301
|
|
|
2232
2302
|
// src/db/orm/iam/sessions/delete-other-sessions.ts
|
|
2233
|
-
import { and as
|
|
2303
|
+
import { and as and18, eq as eq22, ne } from "drizzle-orm";
|
|
2234
2304
|
var deleteOtherSessions = (db, tenantId, userId, currentSessionId) => {
|
|
2235
2305
|
return db.delete(sessionsInIam).where(
|
|
2236
|
-
|
|
2237
|
-
|
|
2238
|
-
|
|
2306
|
+
and18(
|
|
2307
|
+
eq22(sessionsInIam.tenantId, tenantId),
|
|
2308
|
+
eq22(sessionsInIam.userId, userId),
|
|
2239
2309
|
ne(sessionsInIam.id, currentSessionId)
|
|
2240
2310
|
)
|
|
2241
2311
|
);
|
|
2242
2312
|
};
|
|
2243
2313
|
|
|
2244
2314
|
// src/db/orm/iam/users/update-user-email.ts
|
|
2245
|
-
import { and as
|
|
2315
|
+
import { and as and19, eq as eq23, sql as sql6 } from "drizzle-orm";
|
|
2246
2316
|
var updateUserEmail = (db, tenantId, userId, email) => {
|
|
2247
2317
|
return db.update(usersInIam).set({
|
|
2248
2318
|
email,
|
|
2249
2319
|
emailVerified: true,
|
|
2250
|
-
updatedAt:
|
|
2251
|
-
}).where(
|
|
2320
|
+
updatedAt: sql6`CURRENT_TIMESTAMP`
|
|
2321
|
+
}).where(and19(eq23(usersInIam.id, userId), eq23(usersInIam.tenantId, tenantId))).returning({
|
|
2252
2322
|
id: usersInIam.id,
|
|
2253
2323
|
tenantId: usersInIam.tenantId,
|
|
2254
2324
|
fullName: usersInIam.fullName,
|
|
@@ -2305,13 +2375,13 @@ var updateEmailHandler = async (c) => {
|
|
|
2305
2375
|
import { HTTPException as HTTPException14 } from "hono/http-exception";
|
|
2306
2376
|
|
|
2307
2377
|
// src/db/orm/iam/users/update-user-phone.ts
|
|
2308
|
-
import { and as
|
|
2378
|
+
import { and as and20, eq as eq24, sql as sql7 } from "drizzle-orm";
|
|
2309
2379
|
var updateUserPhone = (db, tenantId, userId, phone) => {
|
|
2310
2380
|
return db.update(usersInIam).set({
|
|
2311
2381
|
phone,
|
|
2312
2382
|
phoneVerified: true,
|
|
2313
|
-
updatedAt:
|
|
2314
|
-
}).where(
|
|
2383
|
+
updatedAt: sql7`CURRENT_TIMESTAMP`
|
|
2384
|
+
}).where(and20(eq24(usersInIam.id, userId), eq24(usersInIam.tenantId, tenantId))).returning({
|
|
2315
2385
|
id: usersInIam.id,
|
|
2316
2386
|
tenantId: usersInIam.tenantId,
|
|
2317
2387
|
fullName: usersInIam.fullName,
|
|
@@ -2368,7 +2438,7 @@ var updatePhoneHandler = async (c) => {
|
|
|
2368
2438
|
import { HTTPException as HTTPException15 } from "hono/http-exception";
|
|
2369
2439
|
|
|
2370
2440
|
// src/db/orm/iam/users/update-user-profile.ts
|
|
2371
|
-
import { and as
|
|
2441
|
+
import { and as and21, eq as eq25, sql as sql8 } from "drizzle-orm";
|
|
2372
2442
|
var updateUserProfile = async (db, tenantId, userId, data) => {
|
|
2373
2443
|
const updateData = {};
|
|
2374
2444
|
if (data.fullName !== void 0) {
|
|
@@ -2376,8 +2446,8 @@ var updateUserProfile = async (db, tenantId, userId, data) => {
|
|
|
2376
2446
|
}
|
|
2377
2447
|
return await db.update(usersInIam).set({
|
|
2378
2448
|
...updateData,
|
|
2379
|
-
updatedAt:
|
|
2380
|
-
}).where(
|
|
2449
|
+
updatedAt: sql8`CURRENT_TIMESTAMP`
|
|
2450
|
+
}).where(and21(eq25(usersInIam.id, userId), eq25(usersInIam.tenantId, tenantId))).returning({
|
|
2381
2451
|
id: usersInIam.id,
|
|
2382
2452
|
tenantId: usersInIam.tenantId,
|
|
2383
2453
|
fullName: usersInIam.fullName,
|
|
@@ -2944,14 +3014,9 @@ var createAuthMiddleware = (config, database, getTenantId) => {
|
|
|
2944
3014
|
session.userId
|
|
2945
3015
|
);
|
|
2946
3016
|
if (user) {
|
|
2947
|
-
const userRoles = await findUserRoles(
|
|
2948
|
-
database,
|
|
2949
|
-
session.tenantId,
|
|
2950
|
-
session.userId
|
|
2951
|
-
);
|
|
2952
3017
|
c.set("tenantId", enableTenant ? session.tenantId : tenantId);
|
|
2953
3018
|
c.set("userId", user.id);
|
|
2954
|
-
c.set("user",
|
|
3019
|
+
c.set("user", user);
|
|
2955
3020
|
c.set("session", session);
|
|
2956
3021
|
}
|
|
2957
3022
|
}
|