@mitway/sdk 0.5.0 → 0.7.0

package/dist/index.js

@@ -1,2054 +1,5 @@
-// src/types.ts
-var MitwayBaasError = class _MitwayBaasError extends Error {
-  statusCode;
-  error;
-  nextActions;
-  constructor(message, statusCode, error, nextActions) {
-    super(message);
-    this.name = "MitwayBaasError";
-    this.statusCode = statusCode;
-    this.error = error;
-    this.nextActions = nextActions;
-  }
-  static fromApiError(apiError) {
-    return new _MitwayBaasError(
-      apiError.message,
-      apiError.statusCode,
-      apiError.error,
-      apiError.nextActions
-    );
-  }
-};
-
-// src/lib/logger.ts
-var SENSITIVE_HEADERS = ["authorization", "x-api-key", "cookie", "set-cookie"];
-var SENSITIVE_BODY_KEYS = [
-  "password",
-  "token",
-  "accesstoken",
-  "refreshtoken",
-  "authorization",
-  "secret",
-  "apikey",
-  "api_key",
-  "email",
-  "ssn",
-  "creditcard",
-  "credit_card"
-];
-function redactHeaders(headers) {
-  const redacted = {};
-  for (const [key, value] of Object.entries(headers)) {
-    if (SENSITIVE_HEADERS.includes(key.toLowerCase())) {
-      redacted[key] = "***REDACTED***";
-    } else {
-      redacted[key] = value;
-    }
-  }
-  return redacted;
-}
-function sanitizeBody(body) {
-  if (body === null || body === void 0) return body;
-  if (typeof body === "string") {
-    try {
-      const parsed = JSON.parse(body);
-      return sanitizeBody(parsed);
-    } catch {
-      return body;
-    }
-  }
-  if (Array.isArray(body)) return body.map(sanitizeBody);
-  if (typeof body === "object") {
-    const sanitized = {};
-    for (const [key, value] of Object.entries(body)) {
-      if (SENSITIVE_BODY_KEYS.includes(key.toLowerCase().replace(/[-_]/g, ""))) {
-        sanitized[key] = "***REDACTED***";
-      } else {
-        sanitized[key] = sanitizeBody(value);
-      }
-    }
-    return sanitized;
-  }
-  return body;
-}
-function formatBody(body) {
-  if (body === void 0 || body === null) return "";
-  if (typeof body === "string") {
-    try {
-      return JSON.stringify(JSON.parse(body), null, 2);
-    } catch {
-      return body;
-    }
-  }
-  if (typeof FormData !== "undefined" && body instanceof FormData) {
-    return "[FormData]";
-  }
-  try {
-    return JSON.stringify(body, null, 2);
-  } catch {
-    return "[Unserializable body]";
-  }
-}
-var Logger = class {
-  enabled;
-  customLog;
-  constructor(debug) {
-    if (typeof debug === "function") {
-      this.enabled = true;
-      this.customLog = debug;
-    } else {
-      this.enabled = !!debug;
-      this.customLog = null;
-    }
-  }
-  log(message, ...args) {
-    if (!this.enabled) return;
-    const formatted = `[MITWAY-BaaS Debug] ${message}`;
-    if (this.customLog) {
-      this.customLog(formatted, ...args);
-    } else {
-      console.log(formatted, ...args);
-    }
-  }
-  warn(message, ...args) {
-    if (!this.enabled) return;
-    const formatted = `[MITWAY-BaaS Debug] ${message}`;
-    if (this.customLog) {
-      this.customLog(formatted, ...args);
-    } else {
-      console.warn(formatted, ...args);
-    }
-  }
-  error(message, ...args) {
-    if (!this.enabled) return;
-    const formatted = `[MITWAY-BaaS Debug] ${message}`;
-    if (this.customLog) {
-      this.customLog(formatted, ...args);
-    } else {
-      console.error(formatted, ...args);
-    }
-  }
-  logRequest(method, url, headers, body) {
-    if (!this.enabled) return;
-    const parts = [`\u2192 ${method} ${url}`];
-    if (headers && Object.keys(headers).length > 0) {
-      parts.push(`  Headers: ${JSON.stringify(redactHeaders(headers))}`);
-    }
-    const formattedBody = formatBody(sanitizeBody(body));
-    if (formattedBody) {
-      const truncated = formattedBody.length > 1e3 ? formattedBody.slice(0, 1e3) + "... [truncated]" : formattedBody;
-      parts.push(`  Body: ${truncated}`);
-    }
-    this.log(parts.join("\n"));
-  }
-  logResponse(method, url, status, durationMs, body) {
-    if (!this.enabled) return;
-    const parts = [
-      `\u2190 ${method} ${url} ${status} (${durationMs}ms)`
-    ];
-    const formattedBody = formatBody(sanitizeBody(body));
-    if (formattedBody) {
-      const truncated = formattedBody.length > 1e3 ? formattedBody.slice(0, 1e3) + "... [truncated]" : formattedBody;
-      parts.push(`  Body: ${truncated}`);
-    }
-    if (status >= 400) {
-      this.error(parts.join("\n"));
-    } else {
-      this.log(parts.join("\n"));
-    }
-  }
-};
-
-// src/lib/token-manager.ts
-var CSRF_TOKEN_COOKIE = "mitway_baas_csrf_token";
-var DEFAULT_STORAGE_KEY = "mitway_baas_session";
-function getCsrfToken() {
-  if (typeof document === "undefined") return null;
-  const match = document.cookie.split(";").find((c) => c.trim().startsWith(`${CSRF_TOKEN_COOKIE}=`));
-  if (!match) return null;
-  return match.split("=")[1] || null;
-}
-function setCsrfToken(token) {
-  if (typeof document === "undefined") return;
-  const maxAge = 7 * 24 * 60 * 60;
-  const secure = typeof window !== "undefined" && window.location.protocol === "https:" ? "; Secure" : "";
-  document.cookie = `${CSRF_TOKEN_COOKIE}=${encodeURIComponent(token)}; path=/; max-age=${maxAge}; SameSite=Lax${secure}`;
-}
-function clearCsrfToken() {
-  if (typeof document === "undefined") return;
-  const secure = typeof window !== "undefined" && window.location.protocol === "https:" ? "; Secure" : "";
-  document.cookie = `${CSRF_TOKEN_COOKIE}=; path=/; max-age=0; SameSite=Lax${secure}`;
-}
-var TokenManager = class {
-  accessToken = null;
-  refreshToken = null;
-  user = null;
-  persistSession;
-  storageKey;
-  /** Fired when the access token changes (used by long-lived consumers). */
-  onTokenChange = null;
-  constructor(opts) {
-    this.persistSession = opts?.persistSession ?? true;
-    this.storageKey = opts?.storageKey ?? DEFAULT_STORAGE_KEY;
-  }
-  saveSession(session) {
-    const tokenChanged = session.accessToken !== this.accessToken;
-    this.accessToken = session.accessToken;
-    this.user = session.user;
-    if (session.refreshToken !== void 0) {
-      this.refreshToken = session.refreshToken ?? null;
-    }
-    this.persist();
-    if (tokenChanged && this.onTokenChange) {
-      this.onTokenChange();
-    }
-  }
-  getSession() {
-    if (!this.accessToken || !this.user) return null;
-    return {
-      accessToken: this.accessToken,
-      refreshToken: this.refreshToken ?? void 0,
-      user: this.user
-    };
-  }
-  getAccessToken() {
-    return this.accessToken;
-  }
-  setAccessToken(token) {
-    const tokenChanged = token !== this.accessToken;
-    this.accessToken = token;
-    this.persist();
-    if (tokenChanged && this.onTokenChange) {
-      this.onTokenChange();
-    }
-  }
-  getRefreshToken() {
-    return this.refreshToken;
-  }
-  setRefreshToken(token) {
-    this.refreshToken = token;
-    this.persist();
-  }
-  getUser() {
-    return this.user;
-  }
-  setUser(user) {
-    this.user = user;
-    this.persist();
-  }
-  clearSession() {
-    const hadToken = this.accessToken !== null;
-    this.accessToken = null;
-    this.refreshToken = null;
-    this.user = null;
-    this.removePersisted();
-    if (hadToken && this.onTokenChange) {
-      this.onTokenChange();
-    }
-  }
-  /**
-   * Restore the session from localStorage. Returns true if a persisted
-   * session was found and loaded into memory.
-   */
-  restoreSession() {
-    if (!this.persistSession || typeof localStorage === "undefined") return false;
-    try {
-      const raw = localStorage.getItem(this.storageKey);
-      if (!raw) return false;
-      const stored = JSON.parse(raw);
-      if (!stored.accessToken || !stored.user) return false;
-      this.accessToken = stored.accessToken;
-      this.refreshToken = stored.refreshToken ?? null;
-      this.user = stored.user;
-      return true;
-    } catch {
-      return false;
-    }
-  }
-  persist() {
-    if (!this.persistSession || typeof localStorage === "undefined") return;
-    if (!this.accessToken || !this.user) return;
-    try {
-      const data = {
-        accessToken: this.accessToken,
-        user: this.user
-      };
-      if (this.refreshToken) {
-        data.refreshToken = this.refreshToken;
-      }
-      localStorage.setItem(this.storageKey, JSON.stringify(data));
-    } catch {
-    }
-  }
-  removePersisted() {
-    if (!this.persistSession || typeof localStorage === "undefined") return;
-    try {
-      localStorage.removeItem(this.storageKey);
-    } catch {
-    }
-  }
-};
-
-// src/lib/auth-envelope.ts
-function normalizeAuthPayload(raw) {
-  if (!raw || typeof raw !== "object") return raw;
-  const src = raw;
-  const out = { ...src };
-  let mutated = false;
-  if ("access_token" in src && !("accessToken" in src)) {
-    out.accessToken = src.access_token;
-    delete out.access_token;
-    mutated = true;
-  }
-  if ("csrf_token" in src && !("csrfToken" in src)) {
-    out.csrfToken = src.csrf_token;
-    delete out.csrf_token;
-    mutated = true;
-  }
-  if ("refresh_token" in src && !("refreshToken" in src)) {
-    out.refreshToken = src.refresh_token;
-    delete out.refresh_token;
-    mutated = true;
-  }
-  return mutated ? out : raw;
-}
-
-// src/lib/http-client.ts
-var RETRYABLE_STATUS_CODES = /* @__PURE__ */ new Set([500, 502, 503, 504]);
-var IDEMPOTENT_METHODS = /* @__PURE__ */ new Set(["GET", "HEAD", "PUT", "DELETE", "OPTIONS"]);
-var HttpClient = class {
-  baseUrl;
-  fetch;
-  defaultHeaders;
-  anonKey;
-  userToken = null;
-  logger;
-  autoRefreshToken = true;
-  isRefreshing = false;
-  refreshPromise = null;
-  tokenManager;
-  refreshToken = null;
-  timeout;
-  retryCount;
-  retryDelay;
-  constructor(config, tokenManager, logger) {
-    this.baseUrl = config.baseUrl || "http://localhost:7130";
-    this.autoRefreshToken = config.autoRefreshToken ?? true;
-    this.fetch = config.fetch || (globalThis.fetch ? globalThis.fetch.bind(globalThis) : void 0);
-    this.anonKey = config.anonKey;
-    this.defaultHeaders = {
-      ...config.headers
-    };
-    this.tokenManager = tokenManager ?? new TokenManager();
-    this.logger = logger || new Logger(false);
-    this.timeout = config.timeout ?? 3e4;
-    this.retryCount = config.retryCount ?? 3;
-    this.retryDelay = config.retryDelay ?? 500;
-    if (!this.fetch) {
-      throw new Error(
-        "Fetch is not available. Provide a fetch implementation in the SDK config."
-      );
-    }
-  }
-  buildUrl(path, params) {
-    const url = new URL(path, this.baseUrl);
-    if (params) {
-      Object.entries(params).forEach(([key, value]) => {
-        if (key === "select") {
-          let normalizedValue = value.replace(/\s+/g, " ").trim();
-          normalizedValue = normalizedValue.replace(/\s*\(\s*/g, "(").replace(/\s*\)\s*/g, ")").replace(/\(\s+/g, "(").replace(/\s+\)/g, ")").replace(/,\s+(?=[^()]*\))/g, ",");
-          url.searchParams.append(key, normalizedValue);
-        } else {
-          url.searchParams.append(key, value);
-        }
-      });
-    }
-    return url.toString();
-  }
-  isRetryableStatus(status) {
-    return RETRYABLE_STATUS_CODES.has(status);
-  }
-  computeRetryDelay(attempt) {
-    const base = this.retryDelay * Math.pow(2, attempt - 1);
-    const jitter = base * (0.85 + Math.random() * 0.3);
-    return Math.round(jitter);
-  }
-  async handleRequest(method, path, options = {}) {
-    const {
-      params,
-      headers = {},
-      body,
-      signal: callerSignal,
-      ...fetchOptions
-    } = options;
-    const url = this.buildUrl(path, params);
-    const startTime = Date.now();
-    const canRetry = IDEMPOTENT_METHODS.has(method.toUpperCase()) || options.idempotent === true;
-    const maxAttempts = canRetry ? this.retryCount : 0;
-    const requestHeaders = {
-      ...this.defaultHeaders
-    };
-    const authToken = this.userToken || this.anonKey;
-    if (authToken) {
-      requestHeaders["Authorization"] = `Bearer ${authToken}`;
-    }
-    let processedBody;
-    if (body !== void 0) {
-      if (typeof FormData !== "undefined" && body instanceof FormData) {
-        processedBody = body;
-      } else {
-        if (method !== "GET") {
-          requestHeaders["Content-Type"] = "application/json;charset=UTF-8";
-        }
-        processedBody = JSON.stringify(body);
-      }
-    }
-    if (headers instanceof Headers) {
-      headers.forEach((value, key) => {
-        requestHeaders[key] = value;
-      });
-    } else if (Array.isArray(headers)) {
-      headers.forEach(([key, value]) => {
-        requestHeaders[key] = value;
-      });
-    } else {
-      Object.assign(requestHeaders, headers);
-    }
-    this.logger.logRequest(method, url, requestHeaders, processedBody);
-    let lastError;
-    for (let attempt = 0; attempt <= maxAttempts; attempt++) {
-      if (attempt > 0) {
-        const delay = this.computeRetryDelay(attempt);
-        this.logger.warn(
-          `Retry ${attempt}/${maxAttempts} for ${method} ${url} in ${delay}ms`
-        );
-        if (callerSignal?.aborted) throw callerSignal.reason;
-        await new Promise((resolve, reject) => {
-          const onAbort = () => {
-            clearTimeout(timer2);
-            reject(callerSignal.reason);
-          };
-          const timer2 = setTimeout(() => {
-            if (callerSignal)
-              callerSignal.removeEventListener("abort", onAbort);
-            resolve();
-          }, delay);
-          if (callerSignal) {
-            callerSignal.addEventListener("abort", onAbort, { once: true });
-          }
-        });
-      }
-      let controller;
-      let timer;
-      if (this.timeout > 0 || callerSignal) {
-        controller = new AbortController();
-        if (this.timeout > 0) {
-          timer = setTimeout(() => controller.abort(), this.timeout);
-        }
-        if (callerSignal) {
-          if (callerSignal.aborted) {
-            controller.abort(callerSignal.reason);
-          } else {
-            const onCallerAbort = () => controller.abort(callerSignal.reason);
-            callerSignal.addEventListener("abort", onCallerAbort, { once: true });
-            controller.signal.addEventListener(
-              "abort",
-              () => {
-                callerSignal.removeEventListener("abort", onCallerAbort);
-              },
-              { once: true }
-            );
-          }
-        }
-      }
-      try {
-        const response = await this.fetch(url, {
-          method,
-          headers: requestHeaders,
-          body: processedBody,
-          ...fetchOptions,
-          ...controller ? { signal: controller.signal } : {}
-        });
-        if (this.isRetryableStatus(response.status) && attempt < maxAttempts) {
-          if (timer !== void 0) clearTimeout(timer);
-          await response.body?.cancel();
-          lastError = new MitwayBaasError(
-            `Server error: ${response.status} ${response.statusText}`,
-            response.status,
-            "SERVER_ERROR"
-          );
-          continue;
-        }
-        if (response.status === 204) {
-          if (timer !== void 0) clearTimeout(timer);
-          return void 0;
-        }
-        let data;
-        const contentType = response.headers.get("content-type");
-        try {
-          if (contentType?.includes("json")) {
-            data = await response.json();
-          } else {
-            data = await response.text();
-          }
-        } catch (parseErr) {
-          if (timer !== void 0) clearTimeout(timer);
-          throw new MitwayBaasError(
-            `Failed to parse response body: ${parseErr?.message || "Unknown error"}`,
-            response.status,
-            response.ok ? "PARSE_ERROR" : "REQUEST_FAILED"
-          );
-        }
-        if (timer !== void 0) clearTimeout(timer);
-        if (!response.ok) {
-          this.logger.logResponse(
-            method,
-            url,
-            response.status,
-            Date.now() - startTime,
-            data
-          );
-          if (data && typeof data === "object" && "error" in data && data.error !== null && typeof data.error === "object") {
-            const envErr = data.error;
-            throw new MitwayBaasError(
-              envErr.message || response.statusText || "Request failed",
-              envErr.statusCode || response.status,
-              envErr.code || envErr.error || "REQUEST_FAILED",
-              envErr.nextActions
-            );
-          }
-          throw new MitwayBaasError(
-            `Request failed: ${response.statusText}`,
-            response.status,
-            "REQUEST_FAILED"
-          );
-        }
-        this.logger.logResponse(
-          method,
-          url,
-          response.status,
-          Date.now() - startTime,
-          data
-        );
-        if (data && typeof data === "object" && "data" in data && "error" in data && data.error === null) {
-          return data.data;
-        }
-        return data;
-      } catch (err) {
-        if (timer !== void 0) clearTimeout(timer);
-        if (err?.name === "AbortError") {
-          if (controller && controller.signal.aborted && this.timeout > 0 && !callerSignal?.aborted) {
-            throw new MitwayBaasError(
-              `Request timed out after ${this.timeout}ms`,
-              408,
-              "REQUEST_TIMEOUT"
-            );
-          }
-          throw err;
-        }
-        if (err instanceof MitwayBaasError) {
-          throw err;
-        }
-        if (attempt < maxAttempts) {
-          lastError = err;
-          continue;
-        }
-        throw new MitwayBaasError(
-          `Network request failed: ${err?.message || "Unknown error"}`,
-          0,
-          "NETWORK_ERROR"
-        );
-      }
-    }
-    throw lastError || new MitwayBaasError(
-      "Request failed after all retry attempts",
-      0,
-      "NETWORK_ERROR"
-    );
-  }
-  async request(method, path, options = {}) {
-    try {
-      return await this.handleRequest(method, path, { ...options });
-    } catch (error) {
-      if (error instanceof MitwayBaasError && error.statusCode === 401 && error.error === "INVALID_TOKEN" && this.autoRefreshToken) {
-        try {
-          const newTokenData = await this.handleTokenRefresh();
-          this.setAuthToken(newTokenData.accessToken);
-          this.tokenManager.saveSession(newTokenData);
-          if (newTokenData.csrfToken) {
-            setCsrfToken(newTokenData.csrfToken);
-          }
-          if (newTokenData.refreshToken) {
-            this.setRefreshToken(newTokenData.refreshToken);
-          }
-          return await this.handleRequest(method, path, { ...options });
-        } catch (refreshError) {
-          this.tokenManager.clearSession();
-          this.userToken = null;
-          this.refreshToken = null;
-          clearCsrfToken();
-          throw refreshError;
-        }
-      }
-      throw error;
-    }
-  }
-  /**
-   * Low-level fetch helper for binary bodies (uploads) and streamed responses
-   * (downloads). Applies the current Bearer token (user session → anon key
-   * fallback) plus any configured default headers, resolves `path` against
-   * `baseUrl`, and returns the raw `Response` — it does NOT unwrap the
-   * `{ data, error }` envelope, so the caller is responsible for status
-   * checking and parsing.
-   *
-   * Used by the storage module for object upload/download paths where the
-   * body or response is not JSON.
-   */
-  async rawFetch(path, init = {}) {
-    const url = this.buildUrl(path);
-    const headers = new Headers(init.headers ?? {});
-    for (const [k, v] of Object.entries(this.defaultHeaders)) {
-      if (!headers.has(k)) headers.set(k, v);
-    }
-    if (!headers.has("Authorization")) {
-      const token = this.userToken ?? this.anonKey;
-      if (token) headers.set("Authorization", `Bearer ${token}`);
-    }
-    return this.fetch(url, { ...init, headers });
-  }
-  get(path, options) {
-    return this.request("GET", path, options);
-  }
-  post(path, body, options) {
-    return this.request("POST", path, { ...options, body });
-  }
-  put(path, body, options) {
-    return this.request("PUT", path, { ...options, body });
-  }
-  patch(path, body, options) {
-    return this.request("PATCH", path, { ...options, body });
-  }
-  delete(path, options) {
-    return this.request("DELETE", path, options);
-  }
-  setAuthToken(token) {
-    this.userToken = token;
-  }
-  setRefreshToken(token) {
-    this.refreshToken = token;
-  }
-  getHeaders() {
-    const headers = { ...this.defaultHeaders };
-    const authToken = this.userToken || this.anonKey;
-    if (authToken) {
-      headers["Authorization"] = `Bearer ${authToken}`;
-    }
-    return headers;
-  }
-  /**
-   * Refresh the current session by calling the MITWAY-BaaS refresh endpoint.
-   * Note: the route is `/api/auth/refresh` (POST), not the InsForge
-   * `/api/auth/sessions/current` route. Returns the new access token + user.
-   */
-  async handleTokenRefresh() {
-    if (this.isRefreshing) {
-      return this.refreshPromise;
-    }
-    this.isRefreshing = true;
-    this.refreshPromise = (async () => {
-      try {
-        const csrfToken = getCsrfToken();
-        const body = this.refreshToken ? { refreshToken: this.refreshToken } : void 0;
-        const response = await this.handleRequest(
-          "POST",
-          "/api/auth/refresh",
-          {
-            body,
-            headers: csrfToken ? { "X-CSRF-Token": csrfToken } : {},
-            credentials: "include"
-          }
-        );
-        return normalizeAuthPayload(response);
-      } finally {
-        this.isRefreshing = false;
-        this.refreshPromise = null;
-      }
-    })();
-    return this.refreshPromise;
-  }
-};
-
-// src/modules/auth.ts
-function wrapError(error, fallbackMessage) {
-  if (error instanceof MitwayBaasError) {
-    return { data: null, error };
-  }
-  return {
-    data: null,
-    error: new MitwayBaasError(
-      error instanceof Error ? error.message : fallbackMessage,
-      500,
-      "AUTH_ERROR"
-    )
-  };
-}
-var Auth = class {
-  constructor(http, tokenManager) {
-    this.http = http;
-    this.tokenManager = tokenManager;
-  }
-  http;
-  tokenManager;
-  /**
-   * Persist the session in memory + HttpClient defaults so subsequent
-   * requests carry the new bearer token automatically.
-   */
-  saveSessionFromResponse(response) {
-    const session = {
-      accessToken: response.accessToken,
-      refreshToken: response.refreshToken,
-      user: response.user
-    };
-    if (response.csrfToken) {
-      setCsrfToken(response.csrfToken);
-    }
-    this.tokenManager.saveSession(session);
-    this.http.setAuthToken(response.accessToken);
-    this.http.setRefreshToken(response.refreshToken ?? null);
-  }
-  /**
-   * Create a new user account and start a session.
-   *
-   * @example
-   * const { data, error } = await client.auth.signUp({
-   *   email: 'a@b.com',
-   *   password: 'a-strong-password',
-   *   name: 'Alice'
-   * });
-   */
-  async signUp(request) {
-    try {
-      const raw = await this.http.post(
-        "/api/auth/register",
-        request,
-        { credentials: "include" }
-      );
-      const response = normalizeAuthPayload(raw);
-      if (response?.accessToken && response.user) {
-        this.saveSessionFromResponse(response);
-      }
-      return { data: response, error: null };
-    } catch (error) {
-      return wrapError(error, "Sign up failed");
-    }
-  }
-  /**
-   * Sign in with email + password and start a session.
-   */
-  async signInWithPassword(request) {
-    try {
-      const raw = await this.http.post(
-        "/api/auth/login",
-        request,
-        { credentials: "include" }
-      );
-      const response = normalizeAuthPayload(raw);
-      if (response?.accessToken && response.user) {
-        this.saveSessionFromResponse(response);
-      }
-      return { data: response, error: null };
-    } catch (error) {
-      return wrapError(error, "Sign in failed");
-    }
-  }
-  /**
-   * End the current session. Clears in-memory state even if the backend
-   * call fails (network/offline).
-   */
-  async signOut() {
-    try {
-      try {
-        await this.http.post("/api/auth/logout", void 0, {
-          credentials: "include"
-        });
-      } catch {
-      }
-      this.tokenManager.clearSession();
-      this.http.setAuthToken(null);
-      this.http.setRefreshToken(null);
-      clearCsrfToken();
-      return { error: null };
-    } catch {
-      return {
-        error: new MitwayBaasError("Failed to sign out", 500, "SIGNOUT_ERROR")
-      };
-    }
-  }
-  /**
-   * Manually refresh the current session. The HttpClient will call this
-   * automatically on 401 INVALID_TOKEN responses; consumers usually do
-   * not need to call it directly.
-   */
-  async refreshSession() {
-    try {
-      const response = await this.http.handleTokenRefresh();
-      if (response?.accessToken && response.user) {
-        this.saveSessionFromResponse(response);
-      }
-      return { data: response, error: null };
-    } catch (error) {
-      return wrapError(error, "Session refresh failed");
-    }
-  }
-  /**
-   * Restore the session from localStorage and validate it with the backend.
-   * Call this once on app startup (e.g. in a React AuthProvider useEffect).
-   *
-   * Flow:
-   *   1. Read persisted session from localStorage.
-   *   2. Populate in-memory state (TokenManager + HttpClient).
-   *   3. Validate with `GET /api/auth/sessions/current`.
-   *      - If the access token expired, the HttpClient auto-refresh kicks in
-   *        using the persisted refresh token (sent in the POST body, not
-   *        cookies — works cross-site).
-   *   4. Return the validated user or an error.
-   *
-   * If no persisted session exists, returns `{ data: null, error }` — the
-   * app should show the login page.
-   */
-  async initialize() {
-    const restored = this.tokenManager.restoreSession();
-    if (!restored) {
-      return {
-        data: null,
-        error: new MitwayBaasError("No persisted session", 0, "NO_SESSION")
-      };
-    }
-    const session = this.tokenManager.getSession();
-    if (!session) {
-      return {
-        data: null,
-        error: new MitwayBaasError("No persisted session", 0, "NO_SESSION")
-      };
-    }
-    this.http.setAuthToken(session.accessToken);
-    const refreshToken = this.tokenManager.getRefreshToken();
-    if (refreshToken) {
-      this.http.setRefreshToken(refreshToken);
-    }
-    try {
-      const response = await this.http.get(
-        "/api/auth/sessions/current"
-      );
-      if (response?.user) {
-        this.tokenManager.setUser(response.user);
-        return {
-          data: {
-            user: response.user,
-            accessToken: session.accessToken
-          },
-          error: null
-        };
-      }
-      this.tokenManager.clearSession();
-      this.http.setAuthToken(null);
-      this.http.setRefreshToken(null);
-      return {
-        data: null,
-        error: new MitwayBaasError("Invalid session", 401, "INVALID_SESSION")
-      };
-    } catch (error) {
-      this.tokenManager.clearSession();
-      this.http.setAuthToken(null);
-      this.http.setRefreshToken(null);
-      return wrapError(error, "Session restore failed");
-    }
-  }
-  /**
-   * Get the current in-memory session, or null if the user is not signed in.
-   * Synchronous — does not hit the network.
-   */
-  getSession() {
-    return this.tokenManager.getSession();
-  }
-  /**
-   * Get the current in-memory user, or null if not signed in.
-   */
-  getUser() {
-    return this.tokenManager.getUser();
-  }
-  /**
-   * Fetch the current user from the backend. Unlike getUser() which reads
-   * from memory, this makes a network request and returns the latest data.
-   */
-  async getCurrentUser() {
-    try {
-      const response = await this.http.get(
-        "/api/auth/sessions/current"
-      );
-      if (response?.user) {
-        const session = {
-          accessToken: this.tokenManager.getSession()?.accessToken ?? "",
-          user: response.user
-        };
-        this.tokenManager.saveSession(session);
-      }
-      return { data: response, error: null };
-    } catch (error) {
-      return wrapError(error, "Failed to get current user");
-    }
-  }
-  /**
-   * Get a user's profile by ID. Requires authentication.
-   */
-  async getProfile(userId) {
-    try {
-      const response = await this.http.get(`/api/auth/profiles/${encodeURIComponent(userId)}`);
-      return { data: response, error: null };
-    } catch (error) {
-      return wrapError(
-        error,
-        "Failed to get profile"
-      );
-    }
-  }
-  /**
-   * Update the current user's profile. Merges with existing profile data —
-   * only the fields you pass are updated, existing fields are preserved.
-   */
-  async setProfile(profile) {
-    try {
-      const response = await this.http.patch("/api/auth/profiles/current", { profile });
-      return { data: response, error: null };
-    } catch (error) {
-      return wrapError(
-        error,
-        "Failed to update profile"
-      );
-    }
-  }
-};
-
-// src/modules/database.ts
-import { PostgrestClient } from "@supabase/postgrest-js";
-function createMitwayBaasFetch(httpClient, tokenManager, anonKey) {
-  return async (input, init) => {
-    const url = typeof input === "string" ? input : input.toString();
-    const urlObj = new URL(url);
-    const pathname = urlObj.pathname.startsWith("/") ? urlObj.pathname.slice(1) : urlObj.pathname;
-    const rpcMatch = pathname.match(/^rpc\/(.+)$/);
-    const endpoint = rpcMatch ? `/api/database/rpc/${rpcMatch[1]}` : `/api/database/records/${pathname}`;
-    const targetUrl = `${httpClient.baseUrl}${endpoint}${urlObj.search}`;
-    const headers = new Headers(init?.headers);
-    if (!headers.has("Authorization")) {
-      const token = tokenManager.getAccessToken() ?? anonKey;
-      if (token) {
-        headers.set("Authorization", `Bearer ${token}`);
-      }
-    }
-    return fetch(targetUrl, { ...init, headers });
-  };
-}
-var Database = class {
-  postgrest;
-  httpClient;
-  constructor(httpClient, tokenManager, anonKey) {
-    this.httpClient = httpClient;
-    this.postgrest = new PostgrestClient("http://dummy", {
-      fetch: createMitwayBaasFetch(httpClient, tokenManager, anonKey),
-      headers: {}
-    });
-  }
-  /**
-   * Build a PostgREST query against a table.
-   *
-   * @example
-   * const { data, error } = await client.database
-   *   .from('posts')
-   *   .select('*')
-   *   .eq('user_id', userId)
-   *   .order('created_at', { ascending: false })
-   *   .limit(10);
-   *
-   * @example
-   * const { data, error } = await client.database
-   *   .from('posts')
-   *   .insert({ title: 'Hello', content: 'World' })
-   *   .select()
-   *   .single();
-   */
-  from(table) {
-    if (!table || typeof table !== "string") {
-      throw new MitwayBaasError(
-        "Database.from(table) requires a non-empty string",
-        400,
-        "INVALID_TABLE_NAME"
-      );
-    }
-    return this.postgrest.from(table);
-  }
-  /**
-   * Call a PostgreSQL stored function (RPC).
-   *
-   * @example
-   * const { data, error } = await client.database
-   *   .rpc('get_user_stats', { user_id: 123 });
-   */
-  rpc(fn, args, options) {
-    return this.postgrest.rpc(fn, args, options);
-  }
-  /**
-   * The backend base URL the database client is targeting. Useful for
-   * debugging — the actual PostgREST instance is internal and not
-   * reachable by the SDK directly.
-   */
-  getUrl() {
-    return this.httpClient.baseUrl;
-  }
-};
-
-// src/modules/realtime.ts
-import { io } from "socket.io-client";
-var PRESENCE_HEARTBEAT_MS = 2e4;
-function makeChannelError(code, message) {
-  const err = new Error(message);
-  err.code = code;
-  return err;
-}
-var DEFAULT_CONNECT_TIMEOUT_MS = 1e4;
-var RealtimeChannel = class {
-  constructor(topic, realtime, options = {}) {
-    this.topic = topic;
-    this.realtime = realtime;
-    this.options = options;
-  }
-  topic;
-  realtime;
-  bindings = [];
-  state = "closed";
-  statusCallback = null;
-  /** Local presence state mirror — populated from `presence_state` /
-   *  `presence_join` / `presence_leave` events. Read via `presenceState()`. */
-  presence = {};
-  /** Latest state this client has tracked. Non-null means the heartbeat
-   *  timer is active and we'll re-emit this state every TTL/2. */
-  trackedState = null;
-  presenceHeartbeat = null;
-  /** Timestamp of the most recently received broadcast on this channel —
-   *  used as the `since` anchor on replay after reconnect. ISO-8601. */
-  lastBroadcastTimestamp = null;
-  /** Configuration from `channel(topic, opts)`. Frozen at construction. */
-  options;
-  /** Whether this channel was opened as `private: true`. */
-  get isPrivate() {
-    return this.options.config?.private === true;
-  }
-  /** The user-supplied presence key, if any. */
-  get presenceKey() {
-    return this.options.config?.presence?.key;
-  }
-  /** Internal — exposed for Realtime to drive resubscription after a
-   *  network hiccup. Returns the current lifecycle state. */
-  _state() {
-    return this.state;
-  }
-  /** Internal — called by `Realtime` when Socket.IO reconnects after a
-   *  drop. Re-runs the registration flow; the backend assigns fresh
-   *  subscription_ids and Socket.IO rejoins the per-subscription rooms,
-   *  so events resume without developer intervention. The user-provided
-   *  statusCallback (from the original subscribe()) fires again with
-   *  'SUBSCRIBED' or 'CHANNEL_ERROR' so the app can reflect state. */
-  async _rejoinAfterReconnect() {
-    if (this.state === "closed") {
-      return;
-    }
-    for (const b of this.bindings) {
-      if (b.type === "postgres_changes") {
-        b.subscriptionId = void 0;
-      }
-    }
-    this.state = "joining";
-    try {
-      await this.registerAllBindings();
-      if (this.trackedState) {
-        const socket = this.realtime._getSocket();
-        const key = this.presenceKey;
-        socket?.emit(
-          "realtime:presence:track",
-          key !== void 0 ? { channel: this.topic, state: this.trackedState, key } : { channel: this.topic, state: this.trackedState }
-        );
-      }
-      if (this.lastBroadcastTimestamp && this.bindings.some((b) => b.type === "broadcast")) {
-        void this.replay({ since: this.lastBroadcastTimestamp }).catch(() => void 0);
-      }
-      this.state = "joined";
-      this.statusCallback?.("SUBSCRIBED");
-    } catch (err) {
-      this.state = "errored";
-      this.statusCallback?.(
-        "CHANNEL_ERROR",
-        makeChannelError("REJOIN_FAILED", err instanceof Error ? err.message : String(err))
-      );
-    }
-  }
-  // ── implementation signature (not in public type surface).
-  // The callback type is intentionally broad: each overload above pins a
-  // specific payload shape, but TypeScript overload resolution needs the
-  // implementation to accept the union of every narrow callback without
-  // the contravariance conflict (TS2394). `any` is the standard escape
-  // hatch for this exact pattern and is confined to this one line — the
-  // public surface users see is strictly typed via the overloads.
-  on(type, filter, callback) {
-    if (type === "postgres_changes") {
-      this.bindings.push({
-        type: "postgres_changes",
-        filter,
-        callback
-      });
-    } else if (type === "broadcast") {
-      this.bindings.push({
-        type: "broadcast",
-        filter,
-        callback
-      });
-    } else {
-      this.bindings.push({
-        type: "presence",
-        filter,
-        callback
-      });
-    }
-    return this;
-  }
-  // -------------------------------------------------------------------------
-  // Presence — track / untrack / state accessor
-  // -------------------------------------------------------------------------
-  /**
-   * Register or refresh this client's presence entry on the channel. Safe
-   * to call many times — state replaces (not merges). Starts a heartbeat
-   * timer at TTL/2 so the entry stays alive while the socket is open.
-   * The channel must be `subscribe()`d first (the server enforces this).
-   */
-  async track(state) {
-    const socket = this.realtime._getSocket();
-    if (!socket) {
-      throw new MitwayBaasError("Socket not connected", 503, "NOT_CONNECTED");
-    }
-    this.trackedState = state;
-    const key = this.presenceKey;
-    socket.emit(
-      "realtime:presence:track",
-      key !== void 0 ? { channel: this.topic, state, key } : { channel: this.topic, state }
-    );
-    if (!this.presenceHeartbeat) {
-      this.presenceHeartbeat = setInterval(() => {
-        const s = this.realtime._getSocket();
-        if (s && this.trackedState) {
-          s.emit(
-            "realtime:presence:track",
-            key !== void 0 ? { channel: this.topic, state: this.trackedState, key } : { channel: this.topic, state: this.trackedState }
-          );
-        }
-      }, PRESENCE_HEARTBEAT_MS);
-      const h = this.presenceHeartbeat;
-      h.unref?.();
-    }
-  }
-  /**
-   * Remove this client's presence entry immediately, stopping the
-   * heartbeat. Safe if the client never called `track`.
-   */
-  untrack() {
-    this.trackedState = null;
-    if (this.presenceHeartbeat) {
-      clearInterval(this.presenceHeartbeat);
-      this.presenceHeartbeat = null;
-    }
-    const socket = this.realtime._getSocket();
-    socket?.emit("realtime:presence:untrack", { channel: this.topic });
-  }
-  /** Snapshot of the current presence state on this channel. Keys are
-   *  opaque client identifiers (server-assigned). Re-read inside your
-   *  `.on('presence', { event: 'sync' }, ...)` handler. */
-  presenceState() {
-    return this.presence;
-  }
-  /**
-   * Register all bindings with the server:
-   *   * For each `broadcast` binding, ensure we're subscribed to the topic
-   *     (one `realtime:subscribe` for the channel as a whole).
-   *   * For each `postgres_changes` binding, emit
-   *     `realtime:postgres_changes:subscribe` and record the assigned
-   *     subscription_id.
-   *
-   * `statusCallback` is invoked with `'SUBSCRIBED'` when every binding
-   * has ack'd, or with `'CHANNEL_ERROR' | 'TIMED_OUT'` on failure.
-   */
-  subscribe(statusCallback) {
-    this.statusCallback = statusCallback ?? null;
-    if (this.state === "joining" || this.state === "joined") {
-      return this;
-    }
-    this.state = "joining";
-    void this.realtime.connect().then(
-      async () => {
-        try {
-          await this.registerAllBindings();
-          this.state = "joined";
-          this.statusCallback?.("SUBSCRIBED");
-        } catch (err) {
-          this.state = "errored";
-          const message = err instanceof Error ? err.message : String(err);
-          this.statusCallback?.(
-            "CHANNEL_ERROR",
-            makeChannelError("SUBSCRIBE_FAILED", message)
-          );
-        }
-      },
-      (err) => {
-        this.state = "errored";
-        this.statusCallback?.(
-          "CHANNEL_ERROR",
-          makeChannelError("CONNECT_FAILED", err.message)
-        );
-      }
-    );
-    return this;
-  }
-  /**
-   * Tear down every binding: unsubscribe from the broadcast topic (if
-   * any broadcast bindings exist) and remove every postgres_changes
-   * subscription by id. Safe to call when state is already closed.
-   */
-  async unsubscribe() {
-    if (this.state === "closed") {
-      return;
-    }
-    const socket = this.realtime._getSocket();
-    if (this.presenceHeartbeat) {
-      clearInterval(this.presenceHeartbeat);
-      this.presenceHeartbeat = null;
-    }
-    if (!socket) {
-      this.trackedState = null;
-      this.state = "closed";
-      return;
-    }
-    if (this.trackedState) {
-      socket.emit("realtime:presence:untrack", { channel: this.topic });
-      this.trackedState = null;
-    }
-    const pcBindings = this.bindings.filter(
-      (b) => b.type === "postgres_changes"
-    );
-    for (const b of pcBindings) {
-      if (b.subscriptionId) {
-        socket.emit("realtime:postgres_changes:unsubscribe", {
-          subscription_id: b.subscriptionId
-        });
-        b.subscriptionId = void 0;
-      }
-    }
-    if (this.bindings.some((b) => b.type === "broadcast" || b.type === "presence")) {
-      socket.emit("realtime:unsubscribe", { channel: this.topic });
-    }
-    this.realtime._detachChannel(this);
-    this.state = "closed";
-    this.statusCallback?.("CLOSED");
-  }
-  /**
-   * Publish a broadcast event to the topic. Broadcasts are always
-   * ephemeral — the server fans out to every subscribed socket in memory,
-   * with no DB persistence or webhook fan-out. For audited / durable
-   * events, write to your own application table and enable
-   * `postgres_changes` on it; the SDK will surface the INSERT as a
-   * `postgres_changes` event without a separate channel.send call.
-   *
-   * The returned promise always resolves with the server ack, so callers
-   * can `await channel.send(...)` to confirm delivery + get the server-
-   * assigned `message_id`. There's no performance cost — Socket.IO piggy-
-   * backs the ack on the same frame. Callers that don't need it just
-   * don't await.
-   */
-  async send(args) {
-    if (args.type !== "broadcast") {
-      throw new MitwayBaasError(
-        'Only "broadcast" sends are supported \u2014 DB changes flow via your DB writes, not channel.send()',
-        400,
-        "UNSUPPORTED_SEND_TYPE"
-      );
-    }
-    const RESERVED_BROADCAST_NAMES = /* @__PURE__ */ new Set([
-      "postgres_changes",
-      "presence_state",
-      "presence_join",
-      "presence_leave"
-    ]);
-    if (RESERVED_BROADCAST_NAMES.has(args.event)) {
-      throw new MitwayBaasError(
-        `"${args.event}" is a reserved event name \u2014 pick a different name for broadcast events`,
-        400,
-        "RESERVED_EVENT_NAME"
-      );
-    }
-    const socket = this.realtime._getSocket();
-    if (!socket) {
-      throw new MitwayBaasError("Socket not connected", 503, "NOT_CONNECTED");
-    }
-    const self = this.options.config?.broadcast?.self;
-    const wirePayload = {
-      channel: this.topic,
-      event: args.event,
-      payload: args.payload
-    };
-    if (self === false) {
-      wirePayload.self = false;
-    }
-    return await new Promise((resolve) => {
-      socket.emit(
-        "realtime:publish",
-        wirePayload,
-        (ack) => {
-          resolve(ack);
-        }
-      );
-    });
-  }
-  /**
-   * Replay SQL-originated broadcasts on this topic since the given
-   * timestamp. Delivered only to this socket (same envelope format as
-   * live broadcasts; the SDK routes them through `.on('broadcast', ...)`
-   * bindings just like the real-time path). Backend caps the window at
-   * 24 h and the limit at 1000.
-   */
-  async replay(args) {
-    const socket = this.realtime._getSocket();
-    if (!socket) {
-      throw new MitwayBaasError("Socket not connected", 503, "NOT_CONNECTED");
-    }
-    socket.emit("realtime:broadcast:replay", {
-      channel: this.topic,
-      since: args.since,
-      limit: args.limit,
-      private: this.isPrivate
-    });
-  }
-  /** Internal — called by Realtime's event router on every incoming event. */
-  _dispatch(event, envelope) {
-    if (event === "postgres_changes") {
-      const pcEvent = envelope;
-      for (const b of this.bindings) {
-        if (b.type !== "postgres_changes") {
-          continue;
-        }
-        if (!b.subscriptionId || !pcEvent.ids.includes(b.subscriptionId)) {
-          continue;
-        }
-        const matchesEvent = b.filter.event === "*" || b.filter.event === pcEvent.data.eventType;
-        if (!matchesEvent) {
-          continue;
-        }
-        try {
-          b.callback(pcEvent.data);
-        } catch {
-        }
-      }
-      return;
-    }
-    if (event === "presence_state" || event === "presence_join" || event === "presence_leave") {
-      const e = envelope;
-      if (e.channel !== this.topic) {
-        return;
-      }
-      if (event === "presence_state" && e.state) {
-        this.presence = { ...e.state };
-        this.firePresence({ event: "sync", state: this.presence });
-      } else if (event === "presence_join" && e.joins) {
-        Object.assign(this.presence, e.joins);
-        this.firePresence({ event: "join", joins: e.joins });
-      } else if (event === "presence_leave" && e.leaves) {
-        for (const key of Object.keys(e.leaves)) {
-          delete this.presence[key];
-        }
-        this.firePresence({ event: "leave", leaves: e.leaves });
-      }
-      return;
-    }
-    const meta = envelope.meta;
-    if (meta?.timestamp) {
-      if (!this.lastBroadcastTimestamp || meta.timestamp > this.lastBroadcastTimestamp) {
-        this.lastBroadcastTimestamp = meta.timestamp;
-      }
-    }
-    for (const b of this.bindings) {
-      if (b.type !== "broadcast") {
-        continue;
-      }
-      if (b.filter.event !== event) {
-        continue;
-      }
-      const { meta: _meta, ...payload } = envelope;
-      try {
-        b.callback({ type: "broadcast", event, payload });
-      } catch {
-      }
-    }
-  }
-  firePresence(payload) {
-    for (const b of this.bindings) {
-      if (b.type !== "presence") {
-        continue;
-      }
-      if (b.filter.event !== payload.event) {
-        continue;
-      }
-      try {
-        if (payload.event === "sync") {
-          b.callback();
-        } else if (payload.event === "join") {
-          b.callback(payload);
-        } else {
-          b.callback(payload);
-        }
-      } catch {
-      }
-    }
-  }
-  async registerAllBindings() {
-    const socket = this.realtime._getSocket();
-    if (!socket) {
-      throw new Error("Socket not available");
-    }
-    const needsRoomJoin = this.bindings.some(
-      (b) => b.type === "broadcast" || b.type === "presence"
-    );
-    if (needsRoomJoin) {
-      await new Promise((resolve, reject) => {
-        socket.emit(
-          "realtime:subscribe",
-          { channel: this.topic, private: this.isPrivate },
-          (ack) => {
-            if (ack.status === "ok") {
-              resolve();
-            } else {
-              reject(new Error(ack.error?.message ?? "subscribe failed"));
-            }
-          }
-        );
-      });
-    }
-    const pcBindings = this.bindings.filter(
-      (b) => b.type === "postgres_changes"
-    );
-    await Promise.all(
-      pcBindings.map(
-        (b) => new Promise((resolve, reject) => {
-          socket.emit(
-            "realtime:postgres_changes:subscribe",
-            {
-              event: b.filter.event,
-              schema: b.filter.schema ?? "public",
-              table: b.filter.table,
-              filter: b.filter.filter
-            },
-            (ack) => {
-              if (ack.status === "ok" && ack.subscription_id) {
-                b.subscriptionId = ack.subscription_id;
-                resolve();
-              } else {
-                reject(
-                  new Error(ack.error?.message ?? "postgres_changes subscribe failed")
-                );
-              }
-            }
-          );
-        })
-      )
-    );
-  }
-};
-var Realtime = class {
-  socket = null;
-  baseUrl;
-  options;
-  anonKey;
-  tokenManager;
-  channels = /* @__PURE__ */ new Map();
-  connecting = null;
-  /** Flips to `true` once the initial handshake resolves. Differentiates
-   *  the first `connect` event (part of `openSocket`) from subsequent
-   *  reconnect events (which should trigger auto-resubscribe). */
-  firstConnected = false;
-  constructor(baseUrl, tokenManager, anonKey, options = {}) {
-    this.baseUrl = baseUrl;
-    this.tokenManager = tokenManager;
-    this.anonKey = anonKey;
-    this.options = options;
-  }
-  get isConnected() {
-    return this.socket?.connected === true;
-  }
-  get socketId() {
-    return this.socket?.id;
-  }
-  /**
-   * Get (or create) a channel for `topic`. Channels are cached so multiple
-   * `.channel('same')` calls return the same instance.
-   *
-   * The optional `opts` argument lets the caller configure the channel:
-   *   * `config.private` — enable subscribe-side authorization against
-   *     `realtime.authorize_subscribe(...)` on the tenant DB.
-   *   * `config.broadcast.self` — `false` excludes the sender from the
-   *     fan-out (defaults to `true`).
-   *   * `config.presence.key` — stable presence key to group multiple
-   *     tabs of the same user under one entry.
-   *
-   * `channel.send()` always resolves with the server ack (see its own
-   * docstring); there is no separate opt-in needed.
-   *
-   * Options are locked in when the channel is first created; subsequent
-   * `.channel('same')` calls with different opts are ignored. Pass a
-   * different topic to get a different-configured channel.
-   */
-  channel(topic, opts) {
-    const existing = this.channels.get(topic);
-    if (existing) {
-      return existing;
-    }
-    const channel = new RealtimeChannel(topic, this, opts);
-    this.channels.set(topic, channel);
-    return channel;
-  }
-  connect() {
-    if (this.isConnected) {
-      return Promise.resolve();
-    }
-    if (this.connecting) {
-      return this.connecting;
-    }
-    this.connecting = this.openSocket();
-    return this.connecting;
-  }
-  /**
-   * Close the socket. Channels are left as-is so they can re-subscribe
-   * on the next `connect()` — useful for auth token refresh flows.
-   */
-  disconnect() {
-    if (!this.socket) {
-      return;
-    }
-    this.socket.disconnect();
-    this.socket = null;
-    this.firstConnected = false;
-  }
-  // -------------------------------------------------------------------------
-  // internals used by RealtimeChannel
-  // -------------------------------------------------------------------------
-  /* istanbul ignore next — tested via channel integration */
-  _getSocket() {
-    return this.socket;
-  }
-  _detachChannel(channel) {
-    this.channels.delete(channel.topic);
-  }
-  openSocket() {
-    const token = this.tokenManager.getAccessToken() ?? this.anonKey;
-    if (!token) {
-      const err = new MitwayBaasError(
-        "Realtime requires an access token or anonKey",
-        401,
-        "AUTH_INVALID_API_KEY"
-      );
-      this.connecting = null;
-      return Promise.reject(err);
-    }
-    const timeoutMs = this.options.timeoutMs ?? DEFAULT_CONNECT_TIMEOUT_MS;
-    const socket = io(this.baseUrl, {
-      path: this.options.path,
-      transports: this.options.transports ?? ["websocket"],
-      auth: { token, ...this.options.extraAuth ?? {} },
-      reconnection: true,
-      timeout: timeoutMs
-    });
-    this.socket = socket;
-    socket.onAny((event, ...args) => this.dispatch(event, args));
-    socket.on("connect", () => {
-      if (!this.firstConnected) {
-        return;
-      }
-      for (const channel of this.channels.values()) {
-        const state = channel._state();
-        if (state === "joined" || state === "errored") {
-          void channel._rejoinAfterReconnect();
-        }
-      }
-    });
-    return new Promise((resolve, reject) => {
-      const timer = setTimeout(() => {
-        socket.off("connect", onConnect);
-        socket.off("connect_error", onConnectError);
-        this.connecting = null;
-        reject(
-          new MitwayBaasError(
-            `Realtime connection timeout after ${timeoutMs}ms`,
-            408,
-            "CONNECTION_TIMEOUT"
-          )
-        );
-      }, timeoutMs);
-      const clear = () => {
-        clearTimeout(timer);
-        socket.off("connect", onConnect);
-        socket.off("connect_error", onConnectError);
-      };
-      const onConnect = () => {
-        clear();
-        this.connecting = null;
-        this.firstConnected = true;
-        resolve();
-      };
-      const onConnectError = (err) => {
-        clear();
-        this.connecting = null;
-        reject(new MitwayBaasError(err.message, 0, "CONNECTION_FAILED"));
-      };
-      socket.once("connect", onConnect);
-      socket.once("connect_error", onConnectError);
-    });
-  }
-  dispatch(event, args) {
-    if (event === "postgres_changes") {
-      const envelope2 = args[0] ?? {};
-      this.channels.forEach((ch) => ch._dispatch("postgres_changes", envelope2));
-      return;
-    }
-    if (event === "connect" || event === "disconnect" || event === "connect_error" || event === "error" || event === "realtime:error" || event === "realtime:shutdown") {
-      return;
-    }
-    const envelope = args[0] ?? {};
-    this.channels.forEach((ch) => ch._dispatch(event, envelope));
-  }
-};
-
-// src/modules/storage.ts
-function bucketFromWire(row) {
-  return {
-    id: row.id,
-    name: row.name,
-    public: row.public,
-    fileSizeLimitBytes: row.file_size_limit_bytes,
-    allowedMimeTypes: row.allowed_mime_types,
-    createdAt: row.created_at,
-    updatedAt: row.updated_at
-  };
-}
-function objectFromWire(row, bucketName) {
-  return {
-    id: row.id,
-    bucket: bucketName,
-    key: row.key,
-    size: row.size,
-    mimeType: row.mime_type,
-    etag: row.etag,
-    cacheControl: row.cache_control,
-    contentDisposition: row.content_disposition,
-    uploadedBy: row.uploaded_by,
-    uploadedAt: row.uploaded_at,
-    updatedAt: row.updated_at
-  };
-}
-function configFromWire(row) {
-  return {
-    defaultFileSizeLimitBytes: row.default_file_size_limit_bytes,
-    maxFileSizeLimitBytes: row.max_file_size_limit_bytes,
-    tenantStorageQuotaBytes: row.tenant_storage_quota_bytes,
-    reservedSpaceBytes: row.reserved_space_bytes,
-    signedUrlDefaultTtlSec: row.signed_url_default_ttl_sec,
-    signedUrlMaxTtlSec: row.signed_url_max_ttl_sec
-  };
-}
-function encodeKey(key) {
-  return key.split("/").map(encodeURIComponent).join("/");
-}
-function wrapError2(err, fallback) {
-  if (err instanceof MitwayBaasError) return { data: null, error: err };
-  return {
-    data: null,
-    error: new MitwayBaasError(
-      err instanceof Error ? err.message : fallback,
-      0,
-      "STORAGE_ERROR"
-    )
-  };
-}
-async function readEnvelopeError(response) {
-  let code = "STORAGE_ERROR";
-  let message = `HTTP ${response.status}`;
-  try {
-    const body = await response.json();
-    if (body && body.error) {
-      code = body.error.code ?? code;
-      message = body.error.message ?? message;
-    }
-  } catch {
-  }
-  return new MitwayBaasError(message, response.status, code);
-}
-var StorageBucketClient = class {
-  constructor(http, bucketName) {
-    this.http = http;
-    this.bucketName = bucketName;
-  }
-  http;
-  bucketName;
-  bucketBase() {
-    return `/api/storage/buckets/${encodeURIComponent(this.bucketName)}`;
-  }
-  objectPath(key) {
-    return `${this.bucketBase()}/objects/${encodeKey(key)}`;
-  }
-  async upload(key, body, opts = {}) {
-    try {
-      const method = opts.upsert ? "PUT" : "POST";
-      const headers = {
-        "Content-Type": opts.contentType ?? "application/octet-stream"
-      };
-      if (opts.cacheControl) headers["Cache-Control"] = opts.cacheControl;
-      if (opts.contentDisposition)
-        headers["Content-Disposition"] = opts.contentDisposition;
-      const response = await this.http.rawFetch(this.objectPath(key), {
-        method,
-        headers,
-        body,
-        signal: opts.abortSignal
-      });
-      if (!response.ok) {
-        return { data: null, error: await readEnvelopeError(response) };
-      }
-      const parsed = await response.json();
-      if (parsed.error || !parsed.data) {
-        return {
-          data: null,
-          error: new MitwayBaasError(
-            parsed.error?.message ?? "Upload failed",
-            response.status,
-            parsed.error?.code ?? "STORAGE_ERROR"
-          )
-        };
-      }
-      return { data: objectFromWire(parsed.data, this.bucketName), error: null };
-    } catch (err) {
-      return wrapError2(err, "Upload failed");
-    }
-  }
-  async download(key, opts = {}) {
-    try {
-      const headers = {};
-      if (opts.range) {
-        headers["Range"] = `bytes=${opts.range.start}-${opts.range.end}`;
-      }
-      const response = await this.http.rawFetch(this.objectPath(key), {
-        method: "GET",
-        headers,
-        signal: opts.abortSignal
-      });
-      if (!response.ok) {
-        return { data: null, error: await readEnvelopeError(response) };
-      }
-      const blob = await response.blob();
-      return { data: blob, error: null };
-    } catch (err) {
-      return wrapError2(err, "Download failed");
-    }
-  }
-  async getStream(key, opts = {}) {
-    try {
-      const headers = {};
-      if (opts.range) {
-        headers["Range"] = `bytes=${opts.range.start}-${opts.range.end}`;
-      }
-      const response = await this.http.rawFetch(this.objectPath(key), {
-        method: "GET",
-        headers,
-        signal: opts.abortSignal
-      });
-      if (!response.ok) {
-        return { data: null, error: await readEnvelopeError(response) };
-      }
-      if (!response.body) {
-        return {
-          data: null,
-          error: new MitwayBaasError(
-            "Response body is not a stream",
-            response.status,
-            "STORAGE_ERROR"
-          )
-        };
-      }
-      return {
-        data: response.body,
-        error: null
-      };
-    } catch (err) {
-      return wrapError2(err, "Download failed");
-    }
-  }
-  async remove(keys) {
-    try {
-      const results = await Promise.allSettled(
-        keys.map(
-          (key) => this.http.rawFetch(this.objectPath(key), { method: "DELETE" })
-        )
-      );
-      const removed = [];
-      const errors = [];
-      for (let i = 0; i < keys.length; i++) {
-        const key = keys[i];
-        const r = results[i];
-        if (r.status === "fulfilled" && r.value.ok) {
-          removed.push(key);
-        } else if (r.status === "fulfilled") {
-          errors.push(`${key}: HTTP ${r.value.status}`);
-        } else {
-          const msg = r.reason instanceof Error ? r.reason.message : String(r.reason);
-          errors.push(`${key}: ${msg}`);
-        }
-      }
-      if (errors.length > 0) {
-        return {
-          data: null,
-          error: new MitwayBaasError(
-            `Failed to delete some objects: ${errors.join("; ")}`,
-            0,
-            "STORAGE_ERROR"
-          )
-        };
-      }
-      return { data: { removed }, error: null };
-    } catch (err) {
-      return wrapError2(err, "Delete failed");
-    }
-  }
-  async list(opts = {}) {
-    try {
-      const params = {};
-      if (opts.prefix !== void 0) params.prefix = opts.prefix;
-      if (opts.limit !== void 0) params.limit = String(opts.limit);
-      if (opts.startAfter !== void 0) params.start_after = opts.startAfter;
-      const rows = await this.http.get(
-        `${this.bucketBase()}/objects`,
-        { params }
-      );
-      return {
-        data: rows.map((r) => objectFromWire(r, this.bucketName)),
-        error: null
-      };
-    } catch (err) {
-      return wrapError2(err, "List failed");
-    }
-  }
-  async copy(fromKey, toKey, toBucket) {
-    try {
-      const row = await this.http.post(
-        `${this.objectPath(fromKey)}/copy`,
-        {
-          dest_bucket: toBucket ?? this.bucketName,
-          dest_key: toKey
-        }
-      );
-      return {
-        data: objectFromWire(row, toBucket ?? this.bucketName),
-        error: null
-      };
-    } catch (err) {
-      return wrapError2(err, "Copy failed");
-    }
-  }
-  async move(fromKey, toKey, toBucket) {
-    try {
-      const row = await this.http.post(
-        `${this.objectPath(fromKey)}/move`,
-        {
-          dest_bucket: toBucket ?? this.bucketName,
-          dest_key: toKey
-        }
-      );
-      return {
-        data: objectFromWire(row, toBucket ?? this.bucketName),
-        error: null
-      };
-    } catch (err) {
-      return wrapError2(err, "Move failed");
-    }
-  }
-  async createSignedUrl(key, opts = {}) {
-    try {
-      const body = {};
-      if (opts.expiresIn !== void 0) body.expires_in = opts.expiresIn;
-      const wire = await this.http.post(`${this.objectPath(key)}/sign`, body);
-      return {
-        data: {
-          url: wire.url,
-          token: wire.token,
-          expiresAt: wire.expiresAt
-        },
-        error: null
-      };
-    } catch (err) {
-      return wrapError2(err, "Sign failed");
-    }
-  }
-  getPublicUrl(key) {
-    const url = `${this.http.baseUrl.replace(/\/$/, "")}${this.objectPath(key)}`;
-    return { data: { url } };
-  }
-};
-var Storage = class {
-  constructor(http) {
-    this.http = http;
-  }
-  http;
-  /** Scope subsequent operations to a single bucket. */
-  from(bucketName) {
-    return new StorageBucketClient(this.http, bucketName);
-  }
-  // --- Admin (require service_role) ---
-  async listBuckets() {
-    try {
-      const rows = await this.http.get("/api/storage/buckets");
-      return { data: rows.map(bucketFromWire), error: null };
-    } catch (err) {
-      return wrapError2(err, "listBuckets failed");
-    }
-  }
-  async getBucket(name) {
-    try {
-      const row = await this.http.get(
-        `/api/storage/buckets/${encodeURIComponent(name)}`
-      );
-      return { data: bucketFromWire(row), error: null };
-    } catch (err) {
-      return wrapError2(err, "getBucket failed");
-    }
-  }
-  async createBucket(name, opts = {}) {
-    try {
-      const body = { name };
-      if (opts.public !== void 0) body.public = opts.public;
-      if (opts.fileSizeLimitBytes !== void 0)
-        body.file_size_limit_bytes = opts.fileSizeLimitBytes;
-      if (opts.allowedMimeTypes !== void 0)
-        body.allowed_mime_types = opts.allowedMimeTypes;
-      const row = await this.http.post(
-        "/api/storage/buckets",
-        body
-      );
-      return { data: bucketFromWire(row), error: null };
-    } catch (err) {
-      return wrapError2(err, "createBucket failed");
-    }
-  }
-  async updateBucket(name, opts) {
-    try {
-      const body = {};
-      if (opts.public !== void 0) body.public = opts.public;
-      if (opts.fileSizeLimitBytes !== void 0)
-        body.file_size_limit_bytes = opts.fileSizeLimitBytes;
-      if (opts.allowedMimeTypes !== void 0)
-        body.allowed_mime_types = opts.allowedMimeTypes;
-      const row = await this.http.patch(
-        `/api/storage/buckets/${encodeURIComponent(name)}`,
-        body
-      );
-      return { data: bucketFromWire(row), error: null };
-    } catch (err) {
-      return wrapError2(err, "updateBucket failed");
-    }
-  }
-  async deleteBucket(name) {
-    try {
-      await this.http.delete(
-        `/api/storage/buckets/${encodeURIComponent(name)}`
-      );
-      return { data: null, error: null };
-    } catch (err) {
-      return wrapError2(err, "deleteBucket failed");
-    }
-  }
-  async emptyBucket(name) {
-    try {
-      const result = await this.http.post(
-        `/api/storage/buckets/${encodeURIComponent(name)}/empty`,
-        {}
-      );
-      return { data: result, error: null };
-    } catch (err) {
-      return wrapError2(err, "emptyBucket failed");
-    }
-  }
-  // --- Storage config (service_role) ---
-  async getConfig() {
-    try {
-      const row = await this.http.get("/api/storage/config");
-      return { data: configFromWire(row), error: null };
-    } catch (err) {
-      return wrapError2(err, "getConfig failed");
-    }
-  }
-};
-
-// src/client.ts
-var MitwayBaasClient = class {
-  http;
-  tokenManager;
-  auth;
-  database;
-  realtime;
-  storage;
-  constructor(config = {}) {
-    const logger = new Logger(config.debug);
-    this.tokenManager = new TokenManager({
-      persistSession: config.persistSession,
-      storageKey: config.storageKey
-    });
-    this.http = new HttpClient(config, this.tokenManager, logger);
-    this.auth = new Auth(this.http, this.tokenManager);
-    this.database = new Database(this.http, this.tokenManager, config.anonKey);
-    this.realtime = new Realtime(
-      this.http.baseUrl,
-      this.tokenManager,
-      config.anonKey,
-      config.realtime
-    );
-    this.storage = new Storage(this.http);
-  }
-  /**
-   * Escape hatch for callers that need to make custom requests against the
-   * backend without going through `auth` or `database`.
-   */
-  getHttpClient() {
-    return this.http;
-  }
-};
-
-// src/index.ts
-function createClient(config) {
-  return new MitwayBaasClient(config);
-}
-var index_default = MitwayBaasClient;
-export {
-  Auth,
-  Database,
-  HttpClient,
-  Logger,
-  MitwayBaasClient,
-  MitwayBaasError,
-  Realtime,
-  RealtimeChannel,
-  Storage,
-  StorageBucketClient,
-  TokenManager,
-  createClient,
-  index_default as default
-};
-//# sourceMappingURL=index.js.map
+import {PostgrestClient}from'@supabase/postgrest-js';import {io}from'socket.io-client';var c=class n extends Error{statusCode;error;nextActions;constructor(e,t,r,s){super(e),this.name="MitwayBaasError",this.statusCode=t,this.error=r,this.nextActions=s;}static fromApiError(e){return new n(e.message,e.statusCode,e.error,e.nextActions)}};var X=["authorization","x-api-key","cookie","set-cookie"],Z=["password","token","accesstoken","refreshtoken","authorization","secret","apikey","api_key","email","ssn","creditcard","credit_card"];function ee(n){let e={};for(let[t,r]of Object.entries(n))X.includes(t.toLowerCase())?e[t]="***REDACTED***":e[t]=r;return e}function C(n){if(n==null)return n;if(typeof n=="string")try{let e=JSON.parse(n);return C(e)}catch{return n}if(Array.isArray(n))return n.map(C);if(typeof n=="object"){let e={};for(let[t,r]of Object.entries(n))Z.includes(t.toLowerCase().replace(/[-_]/g,""))?e[t]="***REDACTED***":e[t]=C(r);return e}return n}function G(n){if(n==null)return "";if(typeof n=="string")try{return JSON.stringify(JSON.parse(n),null,2)}catch{return n}if(typeof FormData<"u"&&n instanceof FormData)return "[FormData]";try{return JSON.stringify(n,null,2)}catch{return "[Unserializable body]"}}var R=class{enabled;customLog;constructor(e){typeof e=="function"?(this.enabled=true,this.customLog=e):(this.enabled=!!e,this.customLog=null);}log(e,...t){if(!this.enabled)return;let r=`[MITWAY-BaaS Debug] ${e}`;this.customLog?this.customLog(r,...t):console.log(r,...t);}warn(e,...t){if(!this.enabled)return;let r=`[MITWAY-BaaS Debug] ${e}`;this.customLog?this.customLog(r,...t):console.warn(r,...t);}error(e,...t){if(!this.enabled)return;let r=`[MITWAY-BaaS Debug] ${e}`;this.customLog?this.customLog(r,...t):console.error(r,...t);}logRequest(e,t,r,s){if(!this.enabled)return;let i=[`\u2192 ${e} ${t}`];r&&Object.keys(r).length>0&&i.push(`  Headers: ${JSON.stringify(ee(r))}`);let a=G(C(s));if(a){let o=a.length>1e3?a.slice(0,1e3)+"... [truncated]":a;i.push(`  Body: ${o}`);}this.log(i.join(`
+`));}logResponse(e,t,r,s,i){if(!this.enabled)return;let a=[`\u2190 ${e} ${t} ${r} (${s}ms)`],o=G(C(i));if(o){let g=o.length>1e3?o.slice(0,1e3)+"... [truncated]":o;a.push(`  Body: ${g}`);}r>=400?this.error(a.join(`
+`)):this.log(a.join(`
+`));}};var K="mitway_baas_csrf_token",te="mitway_baas_session";function V(){return typeof localStorage<"u"?{getItem:e=>{try{return localStorage.getItem(e)}catch{return null}},setItem:(e,t)=>{try{localStorage.setItem(e,t);}catch{}},removeItem:e=>{try{localStorage.removeItem(e);}catch{}}}:{getItem:()=>null,setItem:()=>{},removeItem:()=>{}}}var re={getItem:()=>null,setItem:()=>{},removeItem:()=>{}};function Y(){if(typeof document>"u")return null;let n=document.cookie.split(";").find(e=>e.trim().startsWith(`${K}=`));return n&&n.split("=")[1]||null}function F(n){if(typeof document>"u")return;let e=10080*60,t=typeof window<"u"&&window.location.protocol==="https:"?"; Secure":"";document.cookie=`${K}=${encodeURIComponent(n)}; path=/; max-age=${e}; SameSite=Lax${t}`;}function D(){if(typeof document>"u")return;let n=typeof window<"u"&&window.location.protocol==="https:"?"; Secure":"";document.cookie=`${K}=; path=/; max-age=0; SameSite=Lax${n}`;}var S=class{accessToken=null;refreshToken=null;user=null;persistSession;storageKey;storage;onTokenChange=null;constructor(e){this.persistSession=e?.persistSession??true,this.storageKey=e?.storageKey??te,this.storage=this.persistSession?e?.storage??V():re,(e?.multiTab??true)&&this.persistSession&&typeof window<"u"&&typeof localStorage<"u"&&window.addEventListener("storage",this.handleStorageEvent);}handleStorageEvent=e=>{e.key===this.storageKey&&(typeof localStorage<"u"&&e.storageArea!==localStorage||this.syncFromStorage(e.newValue));};syncFromStorage(e){let t=this.accessToken;if(e===null)this.accessToken=null,this.refreshToken=null,this.user=null;else try{let r=JSON.parse(e);if(!r.accessToken||!r.user)return;this.accessToken=r.accessToken,this.refreshToken=r.refreshToken??null,this.user=r.user;}catch{return}t!==this.accessToken&&this.onTokenChange&&this.onTokenChange();}saveSession(e){let t=e.accessToken!==this.accessToken;this.accessToken=e.accessToken,this.user=e.user,e.refreshToken!==void 0&&(this.refreshToken=e.refreshToken??null),this.persist(),t&&this.onTokenChange&&this.onTokenChange();}getSession(){return !this.accessToken||!this.user?null:{accessToken:this.accessToken,refreshToken:this.refreshToken??void 0,user:this.user}}getAccessToken(){return this.accessToken}setAccessToken(e){let t=e!==this.accessToken;this.accessToken=e,this.persist(),t&&this.onTokenChange&&this.onTokenChange();}getRefreshToken(){return this.refreshToken}setRefreshToken(e){this.refreshToken=e,this.persist();}getUser(){return this.user}setUser(e){this.user=e,this.persist();}clearSession(){let e=this.accessToken!==null;this.accessToken=null,this.refreshToken=null,this.user=null,this.removePersisted(),e&&this.onTokenChange&&this.onTokenChange();}restoreSession(){if(!this.persistSession)return  false;try{let e=this.storage.getItem(this.storageKey);if(!e)return !1;let t=JSON.parse(e);return !t.accessToken||!t.user?!1:(this.accessToken=t.accessToken,this.refreshToken=t.refreshToken??null,this.user=t.user,!0)}catch{return  false}}persist(){if(!this.persistSession||!this.accessToken||!this.user)return;let e={accessToken:this.accessToken,user:this.user};this.refreshToken&&(e.refreshToken=this.refreshToken),this.storage.setItem(this.storageKey,JSON.stringify(e));}removePersisted(){this.persistSession&&this.storage.removeItem(this.storageKey);}};function P(n){if(!n||typeof n!="object")return n;let e=n,t={...e},r=false;return "access_token"in e&&!("accessToken"in e)&&(t.accessToken=e.access_token,delete t.access_token,r=true),"csrf_token"in e&&!("csrfToken"in e)&&(t.csrfToken=e.csrf_token,delete t.csrf_token,r=true),"refresh_token"in e&&!("refreshToken"in e)&&(t.refreshToken=e.refresh_token,delete t.refresh_token,r=true),r?t:n}var se=new Set([500,502,503,504]),ne=new Set(["GET","HEAD","PUT","DELETE","OPTIONS"]),_=class{baseUrl;fetch;defaultHeaders;anonKey;userToken=null;logger;autoRefreshToken=true;isRefreshing=false;refreshPromise=null;tokenManager;refreshToken=null;timeout;retryCount;retryDelay;constructor(e,t,r){if(this.baseUrl=e.baseUrl||"http://localhost:7130",this.autoRefreshToken=e.autoRefreshToken??true,this.fetch=e.fetch||(globalThis.fetch?globalThis.fetch.bind(globalThis):void 0),this.anonKey=e.anonKey,this.defaultHeaders={...e.headers},this.tokenManager=t??new S,this.logger=r||new R(false),this.timeout=e.timeout??3e4,this.retryCount=e.retryCount??3,this.retryDelay=e.retryDelay??500,!this.fetch)throw new Error("Fetch is not available. Provide a fetch implementation in the SDK config.")}buildUrl(e,t){let r=new URL(e,this.baseUrl);return t&&Object.entries(t).forEach(([s,i])=>{if(s==="select"){let a=i.replace(/\s+/g," ").trim();a=a.replace(/\s*\(\s*/g,"(").replace(/\s*\)\s*/g,")").replace(/\(\s+/g,"(").replace(/\s+\)/g,")").replace(/,\s+(?=[^()]*\))/g,","),r.searchParams.append(s,a);}else r.searchParams.append(s,i);}),r.toString()}isRetryableStatus(e){return se.has(e)}computeRetryDelay(e){let r=this.retryDelay*Math.pow(2,e-1)*(.85+Math.random()*.3);return Math.round(r)}async handleRequest(e,t,r={}){let{params:s,headers:i={},body:a,signal:o,...g}=r,p=this.buildUrl(t,s),w=Date.now(),T=ne.has(e.toUpperCase())||r.idempotent===true?this.retryCount:0,b={...this.defaultHeaders},J=this.userToken||this.anonKey;J&&(b.Authorization=`Bearer ${J}`);let M;a!==void 0&&(typeof FormData<"u"&&a instanceof FormData?M=a:(e!=="GET"&&(b["Content-Type"]="application/json;charset=UTF-8"),M=JSON.stringify(a))),i instanceof Headers?i.forEach((f,h)=>{b[h]=f;}):Array.isArray(i)?i.forEach(([f,h])=>{b[f]=h;}):Object.assign(b,i),this.logger.logRequest(e,p,b,M);let H;for(let f=0;f<=T;f++){if(f>0){let l=this.computeRetryDelay(f);if(this.logger.warn(`Retry ${f}/${T} for ${e} ${p} in ${l}ms`),o?.aborted)throw o.reason;await new Promise((u,q)=>{let y=()=>{clearTimeout(Q),q(o.reason);},Q=setTimeout(()=>{o&&o.removeEventListener("abort",y),u();},l);o&&o.addEventListener("abort",y,{once:true});});}let h,m;if((this.timeout>0||o)&&(h=new AbortController,this.timeout>0&&(m=setTimeout(()=>h.abort(),this.timeout)),o))if(o.aborted)h.abort(o.reason);else {let l=()=>h.abort(o.reason);o.addEventListener("abort",l,{once:true}),h.signal.addEventListener("abort",()=>{o.removeEventListener("abort",l);},{once:true});}try{let l=await this.fetch(p,{method:e,headers:b,body:M,...g,...h?{signal:h.signal}:{}});if(this.isRetryableStatus(l.status)&&f<T){m!==void 0&&clearTimeout(m),await l.body?.cancel(),H=new c(`Server error: ${l.status} ${l.statusText}`,l.status,"SERVER_ERROR");continue}if(l.status===204){m!==void 0&&clearTimeout(m);return}let u,q=l.headers.get("content-type");try{q?.includes("json")?u=await l.json():u=await l.text();}catch(y){throw m!==void 0&&clearTimeout(m),new c(`Failed to parse response body: ${y?.message||"Unknown error"}`,l.status,l.ok?"PARSE_ERROR":"REQUEST_FAILED")}if(m!==void 0&&clearTimeout(m),!l.ok){if(this.logger.logResponse(e,p,l.status,Date.now()-w,u),u&&typeof u=="object"&&"error"in u&&u.error!==null&&typeof u.error=="object"){let y=u.error;throw new c(y.message||l.statusText||"Request failed",y.statusCode||l.status,y.code||y.error||"REQUEST_FAILED",y.nextActions)}throw new c(`Request failed: ${l.statusText}`,l.status,"REQUEST_FAILED")}return this.logger.logResponse(e,p,l.status,Date.now()-w,u),u&&typeof u=="object"&&"data"in u&&"error"in u&&u.error===null?u.data:u}catch(l){if(m!==void 0&&clearTimeout(m),l?.name==="AbortError")throw h&&h.signal.aborted&&this.timeout>0&&!o?.aborted?new c(`Request timed out after ${this.timeout}ms`,408,"REQUEST_TIMEOUT"):l;if(l instanceof c)throw l;if(f<T){H=l;continue}throw new c(`Network request failed: ${l?.message||"Unknown error"}`,0,"NETWORK_ERROR")}}throw H||new c("Request failed after all retry attempts",0,"NETWORK_ERROR")}async request(e,t,r={}){try{return await this.handleRequest(e,t,{...r})}catch(s){if(s instanceof c&&s.statusCode===401&&s.error==="INVALID_TOKEN"&&this.autoRefreshToken)try{let i=await this.handleTokenRefresh();return this.setAuthToken(i.accessToken),this.tokenManager.saveSession(i),i.csrfToken&&F(i.csrfToken),i.refreshToken&&this.setRefreshToken(i.refreshToken),await this.handleRequest(e,t,{...r})}catch(i){throw this.tokenManager.clearSession(),this.userToken=null,this.refreshToken=null,D(),i}throw s}}async rawFetch(e,t={}){let r=this.buildUrl(e),s=new Headers(t.headers??{});for(let[i,a]of Object.entries(this.defaultHeaders))s.has(i)||s.set(i,a);if(!s.has("Authorization")){let i=this.userToken??this.anonKey;i&&s.set("Authorization",`Bearer ${i}`);}return this.fetch(r,{...t,headers:s})}get(e,t){return this.request("GET",e,t)}post(e,t,r){return this.request("POST",e,{...r,body:t})}put(e,t,r){return this.request("PUT",e,{...r,body:t})}patch(e,t,r){return this.request("PATCH",e,{...r,body:t})}delete(e,t){return this.request("DELETE",e,t)}setAuthToken(e){this.userToken=e;}setRefreshToken(e){this.refreshToken=e;}getHeaders(){let e={...this.defaultHeaders},t=this.userToken||this.anonKey;return t&&(e.Authorization=`Bearer ${t}`),e}async handleTokenRefresh(){return this.isRefreshing?this.refreshPromise:(this.isRefreshing=true,this.refreshPromise=(async()=>{try{let e=Y(),t=this.refreshToken?{refreshToken:this.refreshToken}:void 0,r=await this.handleRequest("POST","/api/auth/refresh",{body:t,headers:e?{"X-CSRF-Token":e}:{},credentials:"include"});return P(r)}finally{this.isRefreshing=false,this.refreshPromise=null;}})(),this.refreshPromise)}};function E(n,e){return n instanceof c?{data:null,error:n}:{data:null,error:new c(n instanceof Error?n.message:e,500,"AUTH_ERROR")}}var A=class{constructor(e,t){this.http=e;this.tokenManager=t;this.tokenManager.onTokenChange=()=>this._emitFromTokenChange();}http;tokenManager;stateChangeListeners=new Set;lastEmittedUserId=null;lastEmittedAccessToken=null;onAuthStateChange(e){return this.stateChangeListeners.add(e),{unsubscribe:()=>{this.stateChangeListeners.delete(e);}}}emit(e,t){for(let r of this.stateChangeListeners)try{r(e,t);}catch{}}_emitFromTokenChange(){let e=this.tokenManager.getSession(),t=this.lastEmittedUserId,r=this.lastEmittedAccessToken;if(!e){t!==null&&(this.lastEmittedUserId=null,this.lastEmittedAccessToken=null,this.emit("SIGNED_OUT",null));return}let s=e.user.id;if(t===null){this.lastEmittedUserId=s,this.lastEmittedAccessToken=e.accessToken,this.emit("SIGNED_IN",e);return}if(t!==s){this.lastEmittedUserId=null,this.lastEmittedAccessToken=null,this.emit("SIGNED_OUT",null),this.lastEmittedUserId=s,this.lastEmittedAccessToken=e.accessToken,this.emit("SIGNED_IN",e);return}r!==e.accessToken&&(this.lastEmittedAccessToken=e.accessToken,this.emit("TOKEN_REFRESHED",e));}saveSessionFromResponse(e){let t={accessToken:e.accessToken,refreshToken:e.refreshToken,user:e.user};e.csrfToken&&F(e.csrfToken),this.tokenManager.saveSession(t),this.http.setAuthToken(e.accessToken),this.http.setRefreshToken(e.refreshToken??null);}async signUp(e){try{let t=await this.http.post("/api/auth/register",e,{credentials:"include"}),r=P(t);return r?.accessToken&&r.user&&this.saveSessionFromResponse(r),{data:r,error:null}}catch(t){return E(t,"Sign up failed")}}async signInWithPassword(e){try{let t=await this.http.post("/api/auth/login",e,{credentials:"include"}),r=P(t);return r?.accessToken&&r.user&&this.saveSessionFromResponse(r),{data:r,error:null}}catch(t){return E(t,"Sign in failed")}}async signOut(){try{try{await this.http.post("/api/auth/logout",void 0,{credentials:"include"});}catch{}return this.tokenManager.clearSession(),this.http.setAuthToken(null),this.http.setRefreshToken(null),D(),{error:null}}catch{return {error:new c("Failed to sign out",500,"SIGNOUT_ERROR")}}}async refreshSession(){try{let e=await this.http.handleTokenRefresh();return e?.accessToken&&e.user&&this.saveSessionFromResponse(e),{data:e,error:null}}catch(e){return E(e,"Session refresh failed")}}async initialize(){if(!this.tokenManager.restoreSession())return this.emit("INITIAL_SESSION",null),{data:null,error:new c("No persisted session",0,"NO_SESSION")};let t=this.tokenManager.getSession();if(!t)return this.emit("INITIAL_SESSION",null),{data:null,error:new c("No persisted session",0,"NO_SESSION")};this.http.setAuthToken(t.accessToken);let r=this.tokenManager.getRefreshToken();r&&this.http.setRefreshToken(r),this.lastEmittedUserId=t.user.id,this.lastEmittedAccessToken=t.accessToken;try{let s=await this.http.get("/api/auth/sessions/current");if(s?.user){this.tokenManager.setUser(s.user);let i=this.tokenManager.getSession();return this.emit("INITIAL_SESSION",i),{data:{user:s.user,accessToken:t.accessToken},error:null}}return this.tokenManager.clearSession(),this.http.setAuthToken(null),this.http.setRefreshToken(null),this.emit("INITIAL_SESSION",null),{data:null,error:new c("Invalid session",401,"INVALID_SESSION")}}catch(s){return this.tokenManager.clearSession(),this.http.setAuthToken(null),this.http.setRefreshToken(null),this.emit("INITIAL_SESSION",null),E(s,"Session restore failed")}}getSession(){return this.tokenManager.getSession()}getUser(){return this.tokenManager.getUser()}async getCurrentUser(){try{let e=await this.http.get("/api/auth/sessions/current");if(e?.user){let t={accessToken:this.tokenManager.getSession()?.accessToken??"",user:e.user};this.tokenManager.saveSession(t);}return {data:e,error:null}}catch(e){return E(e,"Failed to get current user")}}async getProfile(e){try{return {data:await this.http.get(`/api/auth/profiles/${encodeURIComponent(e)}`),error:null}}catch(t){return E(t,"Failed to get profile")}}async setProfile(e){try{let t=await this.http.patch("/api/auth/profiles/current",{profile:e}),r=this.tokenManager.getUser();if(t?.profile&&r){let s={...r,profile:t.profile};this.tokenManager.setUser(s),this.emit("USER_UPDATED",this.tokenManager.getSession());}return {data:t,error:null}}catch(t){return E(t,"Failed to update profile")}}};function oe(n,e,t){return async(r,s)=>{let i=typeof r=="string"?r:r.toString(),a=new URL(i),o=a.pathname.startsWith("/")?a.pathname.slice(1):a.pathname,g=o.match(/^rpc\/(.+)$/),p=g?`/api/database/rpc/${g[1]}`:`/api/database/records/${o}`,w=`${n.baseUrl}${p}${a.search}`,x=new Headers(s?.headers);if(!x.has("Authorization")){let T=e.getAccessToken()??t;T&&x.set("Authorization",`Bearer ${T}`);}return fetch(w,{...s,headers:x})}}var O=class{postgrest;httpClient;constructor(e,t,r){this.httpClient=e,this.postgrest=new PostgrestClient("http://dummy",{fetch:oe(e,t,r),headers:{}});}from(e){if(!e||typeof e!="string")throw new c("Database.from(table) requires a non-empty string",400,"INVALID_TABLE_NAME");return this.postgrest.from(e)}rpc(e,t,r){return this.postgrest.rpc(e,t,r)}getUrl(){return this.httpClient.baseUrl}};var ce=2e4;function z(n,e){let t=new Error(e);return t.code=n,t}var le=1e4,N=class{constructor(e,t,r={}){this.topic=e;this.realtime=t;this.options=r;}topic;realtime;bindings=[];state="closed";statusCallback=null;presence={};trackedState=null;presenceHeartbeat=null;lastBroadcastTimestamp=null;options;get isPrivate(){return this.options.config?.private===true}get presenceKey(){return this.options.config?.presence?.key}_state(){return this.state}async _rejoinAfterReconnect(){if(this.state!=="closed"){for(let e of this.bindings)e.type==="postgres_changes"&&(e.subscriptionId=void 0);this.state="joining";try{if(await this.registerAllBindings(),this.trackedState){let e=this.realtime._getSocket(),t=this.presenceKey;e?.emit("realtime:presence:track",t!==void 0?{channel:this.topic,state:this.trackedState,key:t}:{channel:this.topic,state:this.trackedState});}this.lastBroadcastTimestamp&&this.bindings.some(e=>e.type==="broadcast")&&this.replay({since:this.lastBroadcastTimestamp}).catch(()=>{}),this.state="joined",this.statusCallback?.("SUBSCRIBED");}catch(e){this.state="errored",this.statusCallback?.("CHANNEL_ERROR",z("REJOIN_FAILED",e instanceof Error?e.message:String(e)));}}}on(e,t,r){return e==="postgres_changes"?this.bindings.push({type:"postgres_changes",filter:t,callback:r}):e==="broadcast"?this.bindings.push({type:"broadcast",filter:t,callback:r}):this.bindings.push({type:"presence",filter:t,callback:r}),this}async track(e){let t=this.realtime._getSocket();if(!t)throw new c("Socket not connected",503,"NOT_CONNECTED");this.trackedState=e;let r=this.presenceKey;t.emit("realtime:presence:track",r!==void 0?{channel:this.topic,state:e,key:r}:{channel:this.topic,state:e}),this.presenceHeartbeat||(this.presenceHeartbeat=setInterval(()=>{let i=this.realtime._getSocket();i&&this.trackedState&&i.emit("realtime:presence:track",r!==void 0?{channel:this.topic,state:this.trackedState,key:r}:{channel:this.topic,state:this.trackedState});},ce),this.presenceHeartbeat.unref?.());}untrack(){this.trackedState=null,this.presenceHeartbeat&&(clearInterval(this.presenceHeartbeat),this.presenceHeartbeat=null),this.realtime._getSocket()?.emit("realtime:presence:untrack",{channel:this.topic});}presenceState(){return this.presence}subscribe(e){return this.statusCallback=e??null,this.state==="joining"||this.state==="joined"?this:(this.state="joining",this.realtime.connect().then(async()=>{try{await this.registerAllBindings(),this.state="joined",this.statusCallback?.("SUBSCRIBED");}catch(t){this.state="errored";let r=t instanceof Error?t.message:String(t);this.statusCallback?.("CHANNEL_ERROR",z("SUBSCRIBE_FAILED",r));}},t=>{this.state="errored",this.statusCallback?.("CHANNEL_ERROR",z("CONNECT_FAILED",t.message));}),this)}async unsubscribe(){if(this.state==="closed")return;let e=this.realtime._getSocket();if(this.presenceHeartbeat&&(clearInterval(this.presenceHeartbeat),this.presenceHeartbeat=null),!e){this.trackedState=null,this.state="closed";return}this.trackedState&&(e.emit("realtime:presence:untrack",{channel:this.topic}),this.trackedState=null);let t=this.bindings.filter(r=>r.type==="postgres_changes");for(let r of t)r.subscriptionId&&(e.emit("realtime:postgres_changes:unsubscribe",{subscription_id:r.subscriptionId}),r.subscriptionId=void 0);this.bindings.some(r=>r.type==="broadcast"||r.type==="presence")&&e.emit("realtime:unsubscribe",{channel:this.topic}),this.realtime._detachChannel(this),this.state="closed",this.statusCallback?.("CLOSED");}async send(e){if(e.type!=="broadcast")throw new c('Only "broadcast" sends are supported \u2014 DB changes flow via your DB writes, not channel.send()',400,"UNSUPPORTED_SEND_TYPE");if(new Set(["postgres_changes","presence_state","presence_join","presence_leave"]).has(e.event))throw new c(`"${e.event}" is a reserved event name \u2014 pick a different name for broadcast events`,400,"RESERVED_EVENT_NAME");let r=this.realtime._getSocket();if(!r)throw new c("Socket not connected",503,"NOT_CONNECTED");let s=this.options.config?.broadcast?.self,i={channel:this.topic,event:e.event,payload:e.payload};return s===false&&(i.self=false),await new Promise(a=>{r.emit("realtime:publish",i,o=>{a(o);});})}async replay(e){let t=this.realtime._getSocket();if(!t)throw new c("Socket not connected",503,"NOT_CONNECTED");t.emit("realtime:broadcast:replay",{channel:this.topic,since:e.since,limit:e.limit,private:this.isPrivate});}_dispatch(e,t){if(e==="postgres_changes"){let s=t;for(let i of this.bindings)if(!(i.type!=="postgres_changes"||!i.subscriptionId||!s.ids.includes(i.subscriptionId)||!(i.filter.event==="*"||i.filter.event===s.data.eventType)))try{i.callback(s.data);}catch{}return}if(e==="presence_state"||e==="presence_join"||e==="presence_leave"){let s=t;if(s.channel!==this.topic)return;if(e==="presence_state"&&s.state)this.presence={...s.state},this.firePresence({event:"sync",state:this.presence});else if(e==="presence_join"&&s.joins)Object.assign(this.presence,s.joins),this.firePresence({event:"join",joins:s.joins});else if(e==="presence_leave"&&s.leaves){for(let i of Object.keys(s.leaves))delete this.presence[i];this.firePresence({event:"leave",leaves:s.leaves});}return}let r=t.meta;r?.timestamp&&(!this.lastBroadcastTimestamp||r.timestamp>this.lastBroadcastTimestamp)&&(this.lastBroadcastTimestamp=r.timestamp);for(let s of this.bindings){if(s.type!=="broadcast"||s.filter.event!==e)continue;let{meta:i,...a}=t;try{s.callback({type:"broadcast",event:e,payload:a});}catch{}}}firePresence(e){for(let t of this.bindings)if(t.type==="presence"&&t.filter.event===e.event)try{e.event==="sync"?t.callback():(e.event,t.callback(e));}catch{}}async registerAllBindings(){let e=this.realtime._getSocket();if(!e)throw new Error("Socket not available");this.bindings.some(s=>s.type==="broadcast"||s.type==="presence")&&await new Promise((s,i)=>{e.emit("realtime:subscribe",{channel:this.topic,private:this.isPrivate},a=>{a.status==="ok"?s():i(new Error(a.error?.message??"subscribe failed"));});});let r=this.bindings.filter(s=>s.type==="postgres_changes");await Promise.all(r.map(s=>new Promise((i,a)=>{e.emit("realtime:postgres_changes:subscribe",{event:s.filter.event,schema:s.filter.schema??"public",table:s.filter.table,filter:s.filter.filter},o=>{o.status==="ok"&&o.subscription_id?(s.subscriptionId=o.subscription_id,i()):a(new Error(o.error?.message??"postgres_changes subscribe failed"));});})));}},B=class{socket=null;baseUrl;options;anonKey;tokenManager;channels=new Map;connecting=null;firstConnected=false;constructor(e,t,r,s={}){this.baseUrl=e,this.tokenManager=t,this.anonKey=r,this.options=s;}get isConnected(){return this.socket?.connected===true}get socketId(){return this.socket?.id}channel(e,t){let r=this.channels.get(e);if(r)return r;let s=new N(e,this,t);return this.channels.set(e,s),s}connect(){return this.isConnected?Promise.resolve():this.connecting?this.connecting:(this.connecting=this.openSocket(),this.connecting)}disconnect(){this.socket&&(this.socket.disconnect(),this.socket=null,this.firstConnected=false);}_getSocket(){return this.socket}_detachChannel(e){this.channels.delete(e.topic);}openSocket(){let e=this.tokenManager.getAccessToken()??this.anonKey;if(!e){let s=new c("Realtime requires an access token or anonKey",401,"AUTH_INVALID_API_KEY");return this.connecting=null,Promise.reject(s)}let t=this.options.timeoutMs??le,r=io(this.baseUrl,{path:this.options.path,transports:this.options.transports??["websocket"],auth:{token:e,...this.options.extraAuth??{}},reconnection:true,timeout:t});return this.socket=r,r.onAny((s,...i)=>this.dispatch(s,i)),r.on("connect",()=>{if(this.firstConnected)for(let s of this.channels.values()){let i=s._state();(i==="joined"||i==="errored")&&s._rejoinAfterReconnect();}}),new Promise((s,i)=>{let a=setTimeout(()=>{r.off("connect",g),r.off("connect_error",p),this.connecting=null,i(new c(`Realtime connection timeout after ${t}ms`,408,"CONNECTION_TIMEOUT"));},t),o=()=>{clearTimeout(a),r.off("connect",g),r.off("connect_error",p);},g=()=>{o(),this.connecting=null,this.firstConnected=true,s();},p=w=>{o(),this.connecting=null,i(new c(w.message,0,"CONNECTION_FAILED"));};r.once("connect",g),r.once("connect_error",p);})}dispatch(e,t){if(e==="postgres_changes"){let s=t[0]??{};this.channels.forEach(i=>i._dispatch("postgres_changes",s));return}if(e==="connect"||e==="disconnect"||e==="connect_error"||e==="error"||e==="realtime:error"||e==="realtime:shutdown")return;let r=t[0]??{};this.channels.forEach(s=>s._dispatch(e,r));}};function L(n){return {id:n.id,name:n.name,public:n.public,fileSizeLimitBytes:n.file_size_limit_bytes,allowedMimeTypes:n.allowed_mime_types,createdAt:n.created_at,updatedAt:n.updated_at}}function j(n,e){return {id:n.id,bucket:e,key:n.key,size:n.size,mimeType:n.mime_type,etag:n.etag,cacheControl:n.cache_control,contentDisposition:n.content_disposition,uploadedBy:n.uploaded_by,uploadedAt:n.uploaded_at,updatedAt:n.updated_at}}function ue(n){return {defaultFileSizeLimitBytes:n.default_file_size_limit_bytes,maxFileSizeLimitBytes:n.max_file_size_limit_bytes,tenantStorageQuotaBytes:n.tenant_storage_quota_bytes,reservedSpaceBytes:n.reserved_space_bytes,signedUrlDefaultTtlSec:n.signed_url_default_ttl_sec,signedUrlMaxTtlSec:n.signed_url_max_ttl_sec}}function de(n){return n.split("/").map(encodeURIComponent).join("/")}function d(n,e){return n instanceof c?{data:null,error:n}:{data:null,error:new c(n instanceof Error?n.message:e,0,"STORAGE_ERROR")}}async function W(n){let e="STORAGE_ERROR",t=`HTTP ${n.status}`;try{let r=await n.json();r&&r.error&&(e=r.error.code??e,t=r.error.message??t);}catch{}return new c(t,n.status,e)}var $=class{constructor(e,t){this.http=e;this.bucketName=t;}http;bucketName;bucketBase(){return `/api/storage/buckets/${encodeURIComponent(this.bucketName)}`}objectPath(e){return `${this.bucketBase()}/objects/${de(e)}`}async upload(e,t,r={}){try{let s=r.upsert?"PUT":"POST",i={"Content-Type":r.contentType??"application/octet-stream"};r.cacheControl&&(i["Cache-Control"]=r.cacheControl),r.contentDisposition&&(i["Content-Disposition"]=r.contentDisposition);let a=await this.http.rawFetch(this.objectPath(e),{method:s,headers:i,body:t,signal:r.abortSignal});if(!a.ok)return {data:null,error:await W(a)};let o=await a.json();return o.error||!o.data?{data:null,error:new c(o.error?.message??"Upload failed",a.status,o.error?.code??"STORAGE_ERROR")}:{data:j(o.data,this.bucketName),error:null}}catch(s){return d(s,"Upload failed")}}async download(e,t={}){try{let r={};t.range&&(r.Range=`bytes=${t.range.start}-${t.range.end}`);let s=await this.http.rawFetch(this.objectPath(e),{method:"GET",headers:r,signal:t.abortSignal});return s.ok?{data:await s.blob(),error:null}:{data:null,error:await W(s)}}catch(r){return d(r,"Download failed")}}async getStream(e,t={}){try{let r={};t.range&&(r.Range=`bytes=${t.range.start}-${t.range.end}`);let s=await this.http.rawFetch(this.objectPath(e),{method:"GET",headers:r,signal:t.abortSignal});return s.ok?s.body?{data:s.body,error:null}:{data:null,error:new c("Response body is not a stream",s.status,"STORAGE_ERROR")}:{data:null,error:await W(s)}}catch(r){return d(r,"Download failed")}}async remove(e){try{let t=await Promise.allSettled(e.map(i=>this.http.rawFetch(this.objectPath(i),{method:"DELETE"}))),r=[],s=[];for(let i=0;i<e.length;i++){let a=e[i],o=t[i];if(o.status==="fulfilled"&&o.value.ok)r.push(a);else if(o.status==="fulfilled")s.push(`${a}: HTTP ${o.value.status}`);else {let g=o.reason instanceof Error?o.reason.message:String(o.reason);s.push(`${a}: ${g}`);}}return s.length>0?{data:null,error:new c(`Failed to delete some objects: ${s.join("; ")}`,0,"STORAGE_ERROR")}:{data:{removed:r},error:null}}catch(t){return d(t,"Delete failed")}}async list(e={}){try{let t={};return e.prefix!==void 0&&(t.prefix=e.prefix),e.limit!==void 0&&(t.limit=String(e.limit)),e.startAfter!==void 0&&(t.start_after=e.startAfter),{data:(await this.http.get(`${this.bucketBase()}/objects`,{params:t})).map(s=>j(s,this.bucketName)),error:null}}catch(t){return d(t,"List failed")}}async copy(e,t,r){try{let s=await this.http.post(`${this.objectPath(e)}/copy`,{dest_bucket:r??this.bucketName,dest_key:t});return {data:j(s,r??this.bucketName),error:null}}catch(s){return d(s,"Copy failed")}}async move(e,t,r){try{let s=await this.http.post(`${this.objectPath(e)}/move`,{dest_bucket:r??this.bucketName,dest_key:t});return {data:j(s,r??this.bucketName),error:null}}catch(s){return d(s,"Move failed")}}async createSignedUrl(e,t={}){try{let r={};t.expiresIn!==void 0&&(r.expires_in=t.expiresIn);let s=await this.http.post(`${this.objectPath(e)}/sign`,r);return {data:{url:s.url,token:s.token,expiresAt:s.expiresAt},error:null}}catch(r){return d(r,"Sign failed")}}getPublicUrl(e){return {data:{url:`${this.http.baseUrl.replace(/\/$/,"")}${this.objectPath(e)}`}}}},I=class{constructor(e){this.http=e;}http;from(e){return new $(this.http,e)}async listBuckets(){try{return {data:(await this.http.get("/api/storage/buckets")).map(L),error:null}}catch(e){return d(e,"listBuckets failed")}}async getBucket(e){try{let t=await this.http.get(`/api/storage/buckets/${encodeURIComponent(e)}`);return {data:L(t),error:null}}catch(t){return d(t,"getBucket failed")}}async createBucket(e,t={}){try{let r={name:e};t.public!==void 0&&(r.public=t.public),t.fileSizeLimitBytes!==void 0&&(r.file_size_limit_bytes=t.fileSizeLimitBytes),t.allowedMimeTypes!==void 0&&(r.allowed_mime_types=t.allowedMimeTypes);let s=await this.http.post("/api/storage/buckets",r);return {data:L(s),error:null}}catch(r){return d(r,"createBucket failed")}}async updateBucket(e,t){try{let r={};t.public!==void 0&&(r.public=t.public),t.fileSizeLimitBytes!==void 0&&(r.file_size_limit_bytes=t.fileSizeLimitBytes),t.allowedMimeTypes!==void 0&&(r.allowed_mime_types=t.allowedMimeTypes);let s=await this.http.patch(`/api/storage/buckets/${encodeURIComponent(e)}`,r);return {data:L(s),error:null}}catch(r){return d(r,"updateBucket failed")}}async deleteBucket(e){try{return await this.http.delete(`/api/storage/buckets/${encodeURIComponent(e)}`),{data:null,error:null}}catch(t){return d(t,"deleteBucket failed")}}async emptyBucket(e){try{return {data:await this.http.post(`/api/storage/buckets/${encodeURIComponent(e)}/empty`,{}),error:null}}catch(t){return d(t,"emptyBucket failed")}}async getConfig(){try{let e=await this.http.get("/api/storage/config");return {data:ue(e),error:null}}catch(e){return d(e,"getConfig failed")}}};function he(n){return {key:n.key,digest:n.digest,updatedAt:n.updated_at}}function k(n,e){return n instanceof c?{data:null,error:n}:{data:null,error:new c(n instanceof Error?n.message:e,0,"FUNCTIONS_ERROR")}}function ge(n){return typeof n=="object"&&n!==null&&!ArrayBuffer.isView(n)&&!(n instanceof Blob)&&!(n instanceof FormData)&&!(n instanceof URLSearchParams)&&!(n instanceof ReadableStream)}var U=class{constructor(e){this.http=e;}http;async list(){try{return {data:await this.http.get("/api/functions"),error:null}}catch(e){return k(e,"list failed")}}async get(e){try{return {data:await this.http.get(`/api/functions/${encodeURIComponent(e)}`),error:null}}catch(t){return k(t,"get failed")}}async create(e){try{return {data:await this.http.post("/api/functions",e),error:null}}catch(t){return k(t,"create failed")}}async update(e,t){try{return {data:await this.http.put(`/api/functions/${encodeURIComponent(e)}`,t),error:null}}catch(r){return k(r,"update failed")}}async remove(e){try{return await this.http.delete(`/api/functions/${encodeURIComponent(e)}`),{data:{deleted:!0},error:null}}catch(t){return k(t,"remove failed")}}async invoke(e,t={}){try{let r=t.method??"POST",s={...t.headers},i;return t.body!==void 0&&t.body!==null&&(ge(t.body)?(i=JSON.stringify(t.body),s["Content-Type"]||(s["Content-Type"]="application/json")):i=t.body),{data:await this.http.rawFetch(`/api/invoke/${encodeURIComponent(e)}`,{method:r,headers:s,body:i}),error:null}}catch(r){return k(r,"invoke failed")}}async listSecrets(){try{return {data:(await this.http.get("/api/functions/secrets")).secrets.map(he),error:null}}catch(e){return k(e,"listSecrets failed")}}async setSecrets(e){try{return await this.http.put("/api/functions/secrets",{secrets:e}),{data:{saved:!0},error:null}}catch(t){return k(t,"setSecrets failed")}}async deleteSecret(e){try{return await this.http.delete(`/api/functions/secrets/${encodeURIComponent(e)}`),{data:{deleted:!0},error:null}}catch(t){return k(t,"deleteSecret failed")}}};var v=class{http;tokenManager;auth;database;realtime;storage;functions;constructor(e={}){let t=new R(e.debug);this.tokenManager=new S({persistSession:e.persistSession,storageKey:e.storageKey,storage:e.storage,multiTab:e.multiTab}),this.http=new _(e,this.tokenManager,t),this.auth=new A(this.http,this.tokenManager),this.database=new O(this.http,this.tokenManager,e.anonKey),this.realtime=new B(this.http.baseUrl,this.tokenManager,e.anonKey,e.realtime),this.storage=new I(this.http),this.functions=new U(this.http);}getHttpClient(){return this.http}};function Qe(n){return new v(n)}var Xe=v;
+export{A as Auth,O as Database,U as Functions,_ as HttpClient,R as Logger,v as MitwayBaasClient,c as MitwayBaasError,B as Realtime,N as RealtimeChannel,I as Storage,$ as StorageBucketClient,S as TokenManager,Qe as createClient,V as createLocalStorageAdapter,Xe as default};