@objectstack/plugin-auth 3.2.5 → 3.2.6

package/dist/index.js

@@ -33,12 +33,23 @@ __export(index_exports, {
   AUTH_TWO_FACTOR_USER_FIELDS: () => AUTH_TWO_FACTOR_USER_FIELDS,
   AUTH_USER_CONFIG: () => AUTH_USER_CONFIG,
   AUTH_VERIFICATION_CONFIG: () => AUTH_VERIFICATION_CONFIG,
-  AuthAccount: () => AuthAccount,
+  AuthAccount: () => SysAccount,
   AuthManager: () => AuthManager,
   AuthPlugin: () => AuthPlugin,
-  AuthSession: () => AuthSession,
-  AuthUser: () => AuthUser,
-  AuthVerification: () => AuthVerification,
+  AuthSession: () => SysSession,
+  AuthUser: () => SysUser,
+  AuthVerification: () => SysVerification,
+  SysAccount: () => SysAccount,
+  SysApiKey: () => SysApiKey,
+  SysInvitation: () => SysInvitation,
+  SysMember: () => SysMember,
+  SysOrganization: () => SysOrganization,
+  SysSession: () => SysSession,
+  SysTeam: () => SysTeam,
+  SysTeamMember: () => SysTeamMember,
+  SysTwoFactor: () => SysTwoFactor,
+  SysUser: () => SysUser,
+  SysVerification: () => SysVerification,
   buildOrganizationPluginSchema: () => buildOrganizationPluginSchema,
   buildTwoFactorPluginSchema: () => buildTwoFactorPluginSchema,
   createObjectQLAdapter: () => createObjectQLAdapter,
@@ -265,14 +276,16 @@ var AUTH_VERIFICATION_CONFIG = {
   }
 };
 var AUTH_ORGANIZATION_SCHEMA = {
-  modelName: "sys_organization",
+  modelName: import_system2.SystemObjectName.ORGANIZATION,
+  // 'sys_organization'
   fields: {
     createdAt: "created_at",
     updatedAt: "updated_at"
   }
 };
 var AUTH_MEMBER_SCHEMA = {
-  modelName: "sys_member",
+  modelName: import_system2.SystemObjectName.MEMBER,
+  // 'sys_member'
   fields: {
     organizationId: "organization_id",
     userId: "user_id",
@@ -280,7 +293,8 @@ var AUTH_MEMBER_SCHEMA = {
   }
 };
 var AUTH_INVITATION_SCHEMA = {
-  modelName: "sys_invitation",
+  modelName: import_system2.SystemObjectName.INVITATION,
+  // 'sys_invitation'
   fields: {
     organizationId: "organization_id",
     inviterId: "inviter_id",
@@ -294,7 +308,8 @@ var AUTH_ORG_SESSION_FIELDS = {
   activeTeamId: "active_team_id"
 };
 var AUTH_TEAM_SCHEMA = {
-  modelName: "sys_team",
+  modelName: import_system2.SystemObjectName.TEAM,
+  // 'sys_team'
   fields: {
     organizationId: "organization_id",
     createdAt: "created_at",
@@ -302,7 +317,8 @@ var AUTH_TEAM_SCHEMA = {
   }
 };
 var AUTH_TEAM_MEMBER_SCHEMA = {
-  modelName: "sys_team_member",
+  modelName: import_system2.SystemObjectName.TEAM_MEMBER,
+  // 'sys_team_member'
   fields: {
     teamId: "team_id",
     userId: "user_id",
@@ -310,7 +326,8 @@ var AUTH_TEAM_MEMBER_SCHEMA = {
   }
 };
 var AUTH_TWO_FACTOR_SCHEMA = {
-  modelName: "sys_two_factor",
+  modelName: import_system2.SystemObjectName.TWO_FACTOR,
+  // 'sys_two_factor'
   fields: {
     backupCodes: "backup_codes",
     userId: "user_id"
@@ -629,18 +646,19 @@ var AuthPlugin = class {
   }
 };
 
-// src/objects/auth-user.object.ts
+// src/objects/sys-user.object.ts
 var import_data = require("@objectstack/spec/data");
-var AuthUser = import_data.ObjectSchema.create({
-  name: "sys_user",
+var SysUser = import_data.ObjectSchema.create({
+  namespace: "sys",
+  name: "user",
   label: "User",
   pluralLabel: "Users",
   icon: "user",
+  isSystem: true,
   description: "User accounts for authentication",
   titleFormat: "{name} ({email})",
   compactLayout: ["name", "email", "email_verified"],
   fields: {
-    // ID is auto-generated by ObjectQL
     id: import_data.Field.text({
       label: "User ID",
       required: true,
@@ -676,12 +694,10 @@ var AuthUser = import_data.ObjectSchema.create({
       required: false
     })
   },
-  // Database indexes for performance
   indexes: [
     { fields: ["email"], unique: true },
     { fields: ["created_at"], unique: false }
   ],
-  // Enable features
   enable: {
     trackHistory: true,
     searchable: true,
@@ -690,7 +706,6 @@ var AuthUser = import_data.ObjectSchema.create({
     trash: true,
     mru: true
   },
-  // Validation Rules
   validations: [
     {
       name: "email_unique",
@@ -703,13 +718,15 @@ var AuthUser = import_data.ObjectSchema.create({
   ]
 });
 
-// src/objects/auth-session.object.ts
+// src/objects/sys-session.object.ts
 var import_data2 = require("@objectstack/spec/data");
-var AuthSession = import_data2.ObjectSchema.create({
-  name: "sys_session",
+var SysSession = import_data2.ObjectSchema.create({
+  namespace: "sys",
+  name: "session",
   label: "Session",
   pluralLabel: "Sessions",
   icon: "key",
+  isSystem: true,
   description: "Active user sessions",
   titleFormat: "Session {token}",
   compactLayout: ["user_id", "expires_at", "ip_address"],
@@ -752,33 +769,30 @@ var AuthSession = import_data2.ObjectSchema.create({
       required: false
     })
   },
-  // Database indexes for performance
   indexes: [
     { fields: ["token"], unique: true },
     { fields: ["user_id"], unique: false },
     { fields: ["expires_at"], unique: false }
   ],
-  // Enable features
   enable: {
     trackHistory: false,
-    // Sessions don't need history tracking
     searchable: false,
     apiEnabled: true,
     apiMethods: ["get", "list", "create", "delete"],
-    // No update for sessions
     trash: false,
-    // Sessions should be hard deleted
     mru: false
   }
 });
 
-// src/objects/auth-account.object.ts
+// src/objects/sys-account.object.ts
 var import_data3 = require("@objectstack/spec/data");
-var AuthAccount = import_data3.ObjectSchema.create({
-  name: "sys_account",
+var SysAccount = import_data3.ObjectSchema.create({
+  namespace: "sys",
+  name: "account",
   label: "Account",
   pluralLabel: "Accounts",
   icon: "link",
+  isSystem: true,
   description: "OAuth and authentication provider accounts",
   titleFormat: "{provider_id} - {account_id}",
   compactLayout: ["provider_id", "user_id", "account_id"],
@@ -843,12 +857,10 @@ var AuthAccount = import_data3.ObjectSchema.create({
       description: "Hashed password for email/password provider"
     })
   },
-  // Database indexes for performance
   indexes: [
     { fields: ["user_id"], unique: false },
     { fields: ["provider_id", "account_id"], unique: true }
   ],
-  // Enable features
   enable: {
     trackHistory: false,
     searchable: false,
@@ -859,13 +871,15 @@ var AuthAccount = import_data3.ObjectSchema.create({
   }
 });
 
-// src/objects/auth-verification.object.ts
+// src/objects/sys-verification.object.ts
 var import_data4 = require("@objectstack/spec/data");
-var AuthVerification = import_data4.ObjectSchema.create({
-  name: "sys_verification",
+var SysVerification = import_data4.ObjectSchema.create({
+  namespace: "sys",
+  name: "verification",
   label: "Verification",
   pluralLabel: "Verifications",
   icon: "shield-check",
+  isSystem: true,
   description: "Email and phone verification tokens",
   titleFormat: "Verification for {identifier}",
   compactLayout: ["identifier", "expires_at", "created_at"],
@@ -900,21 +914,444 @@ var AuthVerification = import_data4.ObjectSchema.create({
       description: "Email address or phone number"
     })
   },
-  // Database indexes for performance
   indexes: [
     { fields: ["value"], unique: true },
     { fields: ["identifier"], unique: false },
     { fields: ["expires_at"], unique: false }
   ],
-  // Enable features
   enable: {
     trackHistory: false,
     searchable: false,
     apiEnabled: true,
     apiMethods: ["get", "create", "delete"],
-    // No list or update
     trash: false,
-    // Hard delete expired tokens
+    mru: false
+  }
+});
+
+// src/objects/sys-organization.object.ts
+var import_data5 = require("@objectstack/spec/data");
+var SysOrganization = import_data5.ObjectSchema.create({
+  namespace: "sys",
+  name: "organization",
+  label: "Organization",
+  pluralLabel: "Organizations",
+  icon: "building-2",
+  isSystem: true,
+  description: "Organizations for multi-tenant grouping",
+  titleFormat: "{name}",
+  compactLayout: ["name", "slug", "created_at"],
+  fields: {
+    id: import_data5.Field.text({
+      label: "Organization ID",
+      required: true,
+      readonly: true
+    }),
+    created_at: import_data5.Field.datetime({
+      label: "Created At",
+      defaultValue: "NOW()",
+      readonly: true
+    }),
+    updated_at: import_data5.Field.datetime({
+      label: "Updated At",
+      defaultValue: "NOW()",
+      readonly: true
+    }),
+    name: import_data5.Field.text({
+      label: "Name",
+      required: true,
+      searchable: true,
+      maxLength: 255
+    }),
+    slug: import_data5.Field.text({
+      label: "Slug",
+      required: false,
+      maxLength: 255,
+      description: "URL-friendly identifier"
+    }),
+    logo: import_data5.Field.url({
+      label: "Logo",
+      required: false
+    }),
+    metadata: import_data5.Field.textarea({
+      label: "Metadata",
+      required: false,
+      description: "JSON-serialized organization metadata"
+    })
+  },
+  indexes: [
+    { fields: ["slug"], unique: true },
+    { fields: ["name"] }
+  ],
+  enable: {
+    trackHistory: true,
+    searchable: true,
+    apiEnabled: true,
+    apiMethods: ["get", "list", "create", "update", "delete"],
+    trash: true,
+    mru: true
+  }
+});
+
+// src/objects/sys-member.object.ts
+var import_data6 = require("@objectstack/spec/data");
+var SysMember = import_data6.ObjectSchema.create({
+  namespace: "sys",
+  name: "member",
+  label: "Member",
+  pluralLabel: "Members",
+  icon: "user-check",
+  isSystem: true,
+  description: "Organization membership records",
+  titleFormat: "{user_id} in {organization_id}",
+  compactLayout: ["user_id", "organization_id", "role"],
+  fields: {
+    id: import_data6.Field.text({
+      label: "Member ID",
+      required: true,
+      readonly: true
+    }),
+    created_at: import_data6.Field.datetime({
+      label: "Created At",
+      defaultValue: "NOW()",
+      readonly: true
+    }),
+    organization_id: import_data6.Field.text({
+      label: "Organization ID",
+      required: true
+    }),
+    user_id: import_data6.Field.text({
+      label: "User ID",
+      required: true
+    }),
+    role: import_data6.Field.text({
+      label: "Role",
+      required: false,
+      description: "Member role within the organization (e.g. admin, member)",
+      maxLength: 100
+    })
+  },
+  indexes: [
+    { fields: ["organization_id", "user_id"], unique: true },
+    { fields: ["user_id"] }
+  ],
+  enable: {
+    trackHistory: true,
+    searchable: false,
+    apiEnabled: true,
+    apiMethods: ["get", "list", "create", "update", "delete"],
+    trash: false,
+    mru: false
+  }
+});
+
+// src/objects/sys-invitation.object.ts
+var import_data7 = require("@objectstack/spec/data");
+var SysInvitation = import_data7.ObjectSchema.create({
+  namespace: "sys",
+  name: "invitation",
+  label: "Invitation",
+  pluralLabel: "Invitations",
+  icon: "mail",
+  isSystem: true,
+  description: "Organization invitations for user onboarding",
+  titleFormat: "Invitation to {organization_id}",
+  compactLayout: ["email", "organization_id", "status"],
+  fields: {
+    id: import_data7.Field.text({
+      label: "Invitation ID",
+      required: true,
+      readonly: true
+    }),
+    created_at: import_data7.Field.datetime({
+      label: "Created At",
+      defaultValue: "NOW()",
+      readonly: true
+    }),
+    organization_id: import_data7.Field.text({
+      label: "Organization ID",
+      required: true
+    }),
+    email: import_data7.Field.email({
+      label: "Email",
+      required: true,
+      description: "Email address of the invited user"
+    }),
+    role: import_data7.Field.text({
+      label: "Role",
+      required: false,
+      maxLength: 100,
+      description: "Role to assign upon acceptance"
+    }),
+    status: import_data7.Field.select(["pending", "accepted", "rejected", "expired", "canceled"], {
+      label: "Status",
+      required: true,
+      defaultValue: "pending"
+    }),
+    inviter_id: import_data7.Field.text({
+      label: "Inviter ID",
+      required: true,
+      description: "User ID of the person who sent the invitation"
+    }),
+    expires_at: import_data7.Field.datetime({
+      label: "Expires At",
+      required: true
+    }),
+    team_id: import_data7.Field.text({
+      label: "Team ID",
+      required: false,
+      description: "Optional team to assign upon acceptance"
+    })
+  },
+  indexes: [
+    { fields: ["organization_id"] },
+    { fields: ["email"] },
+    { fields: ["expires_at"] }
+  ],
+  enable: {
+    trackHistory: true,
+    searchable: false,
+    apiEnabled: true,
+    apiMethods: ["get", "list", "create", "update", "delete"],
+    trash: false,
+    mru: false
+  }
+});
+
+// src/objects/sys-team.object.ts
+var import_data8 = require("@objectstack/spec/data");
+var SysTeam = import_data8.ObjectSchema.create({
+  namespace: "sys",
+  name: "team",
+  label: "Team",
+  pluralLabel: "Teams",
+  icon: "users",
+  isSystem: true,
+  description: "Teams within organizations for fine-grained grouping",
+  titleFormat: "{name}",
+  compactLayout: ["name", "organization_id", "created_at"],
+  fields: {
+    id: import_data8.Field.text({
+      label: "Team ID",
+      required: true,
+      readonly: true
+    }),
+    created_at: import_data8.Field.datetime({
+      label: "Created At",
+      defaultValue: "NOW()",
+      readonly: true
+    }),
+    updated_at: import_data8.Field.datetime({
+      label: "Updated At",
+      defaultValue: "NOW()",
+      readonly: true
+    }),
+    name: import_data8.Field.text({
+      label: "Name",
+      required: true,
+      searchable: true,
+      maxLength: 255
+    }),
+    organization_id: import_data8.Field.text({
+      label: "Organization ID",
+      required: true
+    })
+  },
+  indexes: [
+    { fields: ["organization_id"] },
+    { fields: ["name", "organization_id"], unique: true }
+  ],
+  enable: {
+    trackHistory: true,
+    searchable: true,
+    apiEnabled: true,
+    apiMethods: ["get", "list", "create", "update", "delete"],
+    trash: true,
+    mru: false
+  }
+});
+
+// src/objects/sys-team-member.object.ts
+var import_data9 = require("@objectstack/spec/data");
+var SysTeamMember = import_data9.ObjectSchema.create({
+  namespace: "sys",
+  name: "team_member",
+  label: "Team Member",
+  pluralLabel: "Team Members",
+  icon: "user-plus",
+  isSystem: true,
+  description: "Team membership records linking users to teams",
+  titleFormat: "{user_id} in {team_id}",
+  compactLayout: ["user_id", "team_id", "created_at"],
+  fields: {
+    id: import_data9.Field.text({
+      label: "Team Member ID",
+      required: true,
+      readonly: true
+    }),
+    created_at: import_data9.Field.datetime({
+      label: "Created At",
+      defaultValue: "NOW()",
+      readonly: true
+    }),
+    team_id: import_data9.Field.text({
+      label: "Team ID",
+      required: true
+    }),
+    user_id: import_data9.Field.text({
+      label: "User ID",
+      required: true
+    })
+  },
+  indexes: [
+    { fields: ["team_id", "user_id"], unique: true },
+    { fields: ["user_id"] }
+  ],
+  enable: {
+    trackHistory: true,
+    searchable: false,
+    apiEnabled: true,
+    apiMethods: ["get", "list", "create", "delete"],
+    trash: false,
+    mru: false
+  }
+});
+
+// src/objects/sys-api-key.object.ts
+var import_data10 = require("@objectstack/spec/data");
+var SysApiKey = import_data10.ObjectSchema.create({
+  namespace: "sys",
+  name: "api_key",
+  label: "API Key",
+  pluralLabel: "API Keys",
+  icon: "key-round",
+  isSystem: true,
+  description: "API keys for programmatic access",
+  titleFormat: "{name}",
+  compactLayout: ["name", "user_id", "expires_at"],
+  fields: {
+    id: import_data10.Field.text({
+      label: "API Key ID",
+      required: true,
+      readonly: true
+    }),
+    created_at: import_data10.Field.datetime({
+      label: "Created At",
+      defaultValue: "NOW()",
+      readonly: true
+    }),
+    updated_at: import_data10.Field.datetime({
+      label: "Updated At",
+      defaultValue: "NOW()",
+      readonly: true
+    }),
+    name: import_data10.Field.text({
+      label: "Name",
+      required: true,
+      maxLength: 255,
+      description: "Human-readable label for the API key"
+    }),
+    key: import_data10.Field.text({
+      label: "Key",
+      required: true,
+      description: "Hashed API key value"
+    }),
+    prefix: import_data10.Field.text({
+      label: "Prefix",
+      required: false,
+      maxLength: 16,
+      description: 'Visible prefix for identifying the key (e.g., "osk_")'
+    }),
+    user_id: import_data10.Field.text({
+      label: "User ID",
+      required: true,
+      description: "Owner user of this API key"
+    }),
+    scopes: import_data10.Field.textarea({
+      label: "Scopes",
+      required: false,
+      description: "JSON array of permission scopes"
+    }),
+    expires_at: import_data10.Field.datetime({
+      label: "Expires At",
+      required: false
+    }),
+    last_used_at: import_data10.Field.datetime({
+      label: "Last Used At",
+      required: false
+    }),
+    revoked: import_data10.Field.boolean({
+      label: "Revoked",
+      defaultValue: false
+    })
+  },
+  indexes: [
+    { fields: ["key"], unique: true },
+    { fields: ["user_id"] },
+    { fields: ["prefix"] }
+  ],
+  enable: {
+    trackHistory: true,
+    searchable: false,
+    apiEnabled: true,
+    apiMethods: ["get", "list", "create", "update", "delete"],
+    trash: false,
+    mru: false
+  }
+});
+
+// src/objects/sys-two-factor.object.ts
+var import_data11 = require("@objectstack/spec/data");
+var SysTwoFactor = import_data11.ObjectSchema.create({
+  namespace: "sys",
+  name: "two_factor",
+  label: "Two Factor",
+  pluralLabel: "Two Factor Credentials",
+  icon: "smartphone",
+  isSystem: true,
+  description: "Two-factor authentication credentials",
+  titleFormat: "Two-factor for {user_id}",
+  compactLayout: ["user_id", "created_at"],
+  fields: {
+    id: import_data11.Field.text({
+      label: "Two Factor ID",
+      required: true,
+      readonly: true
+    }),
+    created_at: import_data11.Field.datetime({
+      label: "Created At",
+      defaultValue: "NOW()",
+      readonly: true
+    }),
+    updated_at: import_data11.Field.datetime({
+      label: "Updated At",
+      defaultValue: "NOW()",
+      readonly: true
+    }),
+    user_id: import_data11.Field.text({
+      label: "User ID",
+      required: true
+    }),
+    secret: import_data11.Field.text({
+      label: "Secret",
+      required: true,
+      description: "TOTP secret key"
+    }),
+    backup_codes: import_data11.Field.textarea({
+      label: "Backup Codes",
+      required: false,
+      description: "JSON-serialized backup recovery codes"
+    })
+  },
+  indexes: [
+    { fields: ["user_id"], unique: true }
+  ],
+  enable: {
+    trackHistory: false,
+    searchable: false,
+    apiEnabled: true,
+    apiMethods: ["get", "create", "update", "delete"],
+    trash: false,
     mru: false
   }
 });
@@ -939,6 +1376,17 @@ var AuthVerification = import_data4.ObjectSchema.create({
   AuthSession,
   AuthUser,
   AuthVerification,
+  SysAccount,
+  SysApiKey,
+  SysInvitation,
+  SysMember,
+  SysOrganization,
+  SysSession,
+  SysTeam,
+  SysTeamMember,
+  SysTwoFactor,
+  SysUser,
+  SysVerification,
   buildOrganizationPluginSchema,
   buildTwoFactorPluginSchema,
   createObjectQLAdapter,