@objectstack/spec 0.1.2 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (58) hide show
  1. package/dist/data/filter.zod.d.ts +295 -0
  2. package/dist/data/filter.zod.d.ts.map +1 -0
  3. package/dist/data/filter.zod.js +226 -0
  4. package/dist/index.d.ts +2 -0
  5. package/dist/index.d.ts.map +1 -1
  6. package/dist/index.js +2 -0
  7. package/dist/system/auth.zod.d.ts +2287 -0
  8. package/dist/system/auth.zod.d.ts.map +1 -0
  9. package/dist/system/auth.zod.js +365 -0
  10. package/dist/system/datasource.zod.d.ts +118 -38
  11. package/dist/system/datasource.zod.d.ts.map +1 -1
  12. package/dist/system/datasource.zod.js +25 -6
  13. package/dist/system/driver.zod.d.ts +106 -0
  14. package/dist/system/driver.zod.d.ts.map +1 -1
  15. package/dist/system/driver.zod.js +47 -0
  16. package/dist/system/policy.zod.d.ts +10 -10
  17. package/dist/ui/dashboard.zod.d.ts +10 -10
  18. package/dist/ui/dashboard.zod.d.ts.map +1 -1
  19. package/dist/ui/dashboard.zod.js +3 -2
  20. package/dist/ui/report.zod.d.ts +4 -32
  21. package/dist/ui/report.zod.d.ts.map +1 -1
  22. package/dist/ui/report.zod.js +3 -8
  23. package/json-schema/AccountLinkingConfig.json +27 -0
  24. package/json-schema/AuthConfig.json +606 -0
  25. package/json-schema/AuthPluginConfig.json +28 -0
  26. package/json-schema/AuthStrategy.json +17 -0
  27. package/json-schema/AuthenticationConfig.json +601 -0
  28. package/json-schema/AuthenticationProvider.json +617 -0
  29. package/json-schema/CSRFConfig.json +31 -0
  30. package/json-schema/ComparisonOperator.json +56 -0
  31. package/json-schema/Dashboard.json +20 -0
  32. package/json-schema/DashboardWidget.json +20 -0
  33. package/json-schema/DatabaseAdapter.json +38 -0
  34. package/json-schema/Datasource.json +25 -5
  35. package/json-schema/DatasourceCapabilities.json +25 -5
  36. package/json-schema/DriverCapabilities.json +30 -0
  37. package/json-schema/DriverDefinition.json +25 -5
  38. package/json-schema/DriverInterface.json +30 -0
  39. package/json-schema/EmailPasswordConfig.json +43 -0
  40. package/json-schema/EqualityOperator.json +14 -0
  41. package/json-schema/FieldOperators.json +108 -0
  42. package/json-schema/FilterCondition.json +28 -0
  43. package/json-schema/MagicLinkConfig.json +21 -0
  44. package/json-schema/NormalizedFilter.json +348 -0
  45. package/json-schema/OAuthProvider.json +66 -0
  46. package/json-schema/PasskeyConfig.json +54 -0
  47. package/json-schema/QueryFilter.json +34 -0
  48. package/json-schema/RangeOperator.json +41 -0
  49. package/json-schema/RateLimitConfig.json +36 -0
  50. package/json-schema/Report.json +20 -26
  51. package/json-schema/SessionConfig.json +56 -0
  52. package/json-schema/SetOperator.json +18 -0
  53. package/json-schema/SpecialOperator.json +18 -0
  54. package/json-schema/StandardAuthProvider.json +622 -0
  55. package/json-schema/StringOperator.json +21 -0
  56. package/json-schema/TwoFactorConfig.json +40 -0
  57. package/json-schema/UserFieldMapping.json +47 -0
  58. package/package.json +1 -1
package/json-schema/AuthConfig.json ADDED
@@ -0,0 +1,606 @@
1
+ {
2
+ "$ref": "#/definitions/AuthConfig",
3
+ "definitions": {
4
+ "AuthConfig": {
5
+ "type": "object",
6
+ "properties": {
7
+ "name": {
8
+ "type": "string",
9
+ "pattern": "^[a-z_][a-z0-9_]*$",
10
+ "description": "Configuration name (snake_case)"
11
+ },
12
+ "label": {
13
+ "type": "string",
14
+ "description": "Display label"
15
+ },
16
+ "driver": {
17
+ "type": "string",
18
+ "default": "better-auth",
19
+ "description": "The underlying authentication implementation driver"
20
+ },
21
+ "strategies": {
22
+ "type": "array",
23
+ "items": {
24
+ "type": "string",
25
+ "enum": [
26
+ "email_password",
27
+ "magic_link",
28
+ "oauth",
29
+ "passkey",
30
+ "otp",
31
+ "anonymous"
32
+ ]
33
+ },
34
+ "minItems": 1,
35
+ "description": "Enabled authentication strategies"
36
+ },
37
+ "baseUrl": {
38
+ "type": "string",
39
+ "format": "uri",
40
+ "description": "Application base URL"
41
+ },
42
+ "secret": {
43
+ "type": "string",
44
+ "minLength": 32,
45
+ "description": "Secret key for signing (min 32 chars)"
46
+ },
47
+ "emailPassword": {
48
+ "type": "object",
49
+ "properties": {
50
+ "enabled": {
51
+ "type": "boolean",
52
+ "default": true
53
+ },
54
+ "requireEmailVerification": {
55
+ "type": "boolean",
56
+ "default": true,
57
+ "description": "Require email verification before login"
58
+ },
59
+ "minPasswordLength": {
60
+ "type": "number",
61
+ "minimum": 6,
62
+ "maximum": 128,
63
+ "default": 8,
64
+ "description": "Minimum password length"
65
+ },
66
+ "requirePasswordComplexity": {
67
+ "type": "boolean",
68
+ "default": true,
69
+ "description": "Require uppercase, lowercase, numbers, symbols"
70
+ },
71
+ "allowPasswordReset": {
72
+ "type": "boolean",
73
+ "default": true,
74
+ "description": "Enable password reset functionality"
75
+ },
76
+ "passwordResetExpiry": {
77
+ "type": "number",
78
+ "default": 3600,
79
+ "description": "Password reset token expiry in seconds"
80
+ }
81
+ },
82
+ "additionalProperties": false
83
+ },
84
+ "magicLink": {
85
+ "type": "object",
86
+ "properties": {
87
+ "enabled": {
88
+ "type": "boolean",
89
+ "default": true
90
+ },
91
+ "expiryTime": {
92
+ "type": "number",
93
+ "default": 900,
94
+ "description": "Magic link expiry time in seconds (default 15 min)"
95
+ }
96
+ },
97
+ "additionalProperties": false
98
+ },
99
+ "passkey": {
100
+ "type": "object",
101
+ "properties": {
102
+ "enabled": {
103
+ "type": "boolean",
104
+ "default": false
105
+ },
106
+ "rpName": {
107
+ "type": "string",
108
+ "description": "Relying Party name"
109
+ },
110
+ "rpId": {
111
+ "type": "string",
112
+ "description": "Relying Party ID (defaults to domain)"
113
+ },
114
+ "allowedOrigins": {
115
+ "type": "array",
116
+ "items": {
117
+ "type": "string",
118
+ "format": "uri"
119
+ },
120
+ "description": "Allowed origins for WebAuthn"
121
+ },
122
+ "userVerification": {
123
+ "type": "string",
124
+ "enum": [
125
+ "required",
126
+ "preferred",
127
+ "discouraged"
128
+ ],
129
+ "default": "preferred"
130
+ },
131
+ "attestation": {
132
+ "type": "string",
133
+ "enum": [
134
+ "none",
135
+ "indirect",
136
+ "direct",
137
+ "enterprise"
138
+ ],
139
+ "default": "none"
140
+ }
141
+ },
142
+ "required": [
143
+ "rpName"
144
+ ],
145
+ "additionalProperties": false
146
+ },
147
+ "oauth": {
148
+ "type": "object",
149
+ "properties": {
150
+ "providers": {
151
+ "type": "array",
152
+ "items": {
153
+ "type": "object",
154
+ "properties": {
155
+ "provider": {
156
+ "type": "string",
157
+ "enum": [
158
+ "google",
159
+ "github",
160
+ "facebook",
161
+ "twitter",
162
+ "linkedin",
163
+ "microsoft",
164
+ "apple",
165
+ "discord",
166
+ "gitlab",
167
+ "custom"
168
+ ],
169
+ "description": "OAuth provider type"
170
+ },
171
+ "clientId": {
172
+ "type": "string",
173
+ "description": "OAuth client ID"
174
+ },
175
+ "clientSecret": {
176
+ "type": "string",
177
+ "description": "OAuth client secret (typically from ENV)"
178
+ },
179
+ "scopes": {
180
+ "type": "array",
181
+ "items": {
182
+ "type": "string"
183
+ },
184
+ "description": "Requested OAuth scopes"
185
+ },
186
+ "redirectUri": {
187
+ "type": "string",
188
+ "format": "uri",
189
+ "description": "OAuth callback URL"
190
+ },
191
+ "enabled": {
192
+ "type": "boolean",
193
+ "default": true,
194
+ "description": "Whether this provider is enabled"
195
+ },
196
+ "displayName": {
197
+ "type": "string",
198
+ "description": "Display name for the provider button"
199
+ },
200
+ "icon": {
201
+ "type": "string",
202
+ "description": "Icon URL or identifier"
203
+ }
204
+ },
205
+ "required": [
206
+ "provider",
207
+ "clientId",
208
+ "clientSecret"
209
+ ],
210
+ "additionalProperties": false
211
+ },
212
+ "minItems": 1
213
+ }
214
+ },
215
+ "required": [
216
+ "providers"
217
+ ],
218
+ "additionalProperties": false
219
+ },
220
+ "session": {
221
+ "type": "object",
222
+ "properties": {
223
+ "expiresIn": {
224
+ "type": "number",
225
+ "default": 604800,
226
+ "description": "Session expiry in seconds (default 7 days)"
227
+ },
228
+ "updateAge": {
229
+ "type": "number",
230
+ "default": 86400,
231
+ "description": "Session update interval in seconds (default 1 day)"
232
+ },
233
+ "cookieName": {
234
+ "type": "string",
235
+ "default": "session_token",
236
+ "description": "Session cookie name"
237
+ },
238
+ "cookieSecure": {
239
+ "type": "boolean",
240
+ "default": true,
241
+ "description": "Use secure cookies (HTTPS only)"
242
+ },
243
+ "cookieSameSite": {
244
+ "type": "string",
245
+ "enum": [
246
+ "strict",
247
+ "lax",
248
+ "none"
249
+ ],
250
+ "default": "lax",
251
+ "description": "SameSite cookie attribute"
252
+ },
253
+ "cookieDomain": {
254
+ "type": "string",
255
+ "description": "Cookie domain"
256
+ },
257
+ "cookiePath": {
258
+ "type": "string",
259
+ "default": "/",
260
+ "description": "Cookie path"
261
+ },
262
+ "cookieHttpOnly": {
263
+ "type": "boolean",
264
+ "default": true,
265
+ "description": "HttpOnly cookie attribute"
266
+ }
267
+ },
268
+ "additionalProperties": false,
269
+ "default": {}
270
+ },
271
+ "rateLimit": {
272
+ "type": "object",
273
+ "properties": {
274
+ "enabled": {
275
+ "type": "boolean",
276
+ "default": true
277
+ },
278
+ "maxAttempts": {
279
+ "type": "number",
280
+ "default": 5,
281
+ "description": "Maximum login attempts"
282
+ },
283
+ "windowMs": {
284
+ "type": "number",
285
+ "default": 900000,
286
+ "description": "Time window in milliseconds (default 15 min)"
287
+ },
288
+ "blockDuration": {
289
+ "type": "number",
290
+ "default": 900000,
291
+ "description": "Block duration after max attempts in ms"
292
+ },
293
+ "skipSuccessfulRequests": {
294
+ "type": "boolean",
295
+ "default": false,
296
+ "description": "Only count failed requests"
297
+ }
298
+ },
299
+ "additionalProperties": false,
300
+ "default": {}
301
+ },
302
+ "csrf": {
303
+ "type": "object",
304
+ "properties": {
305
+ "enabled": {
306
+ "type": "boolean",
307
+ "default": true
308
+ },
309
+ "tokenLength": {
310
+ "type": "number",
311
+ "default": 32,
312
+ "description": "CSRF token length"
313
+ },
314
+ "cookieName": {
315
+ "type": "string",
316
+ "default": "csrf_token",
317
+ "description": "CSRF cookie name"
318
+ },
319
+ "headerName": {
320
+ "type": "string",
321
+ "default": "X-CSRF-Token",
322
+ "description": "CSRF header name"
323
+ }
324
+ },
325
+ "additionalProperties": false,
326
+ "default": {}
327
+ },
328
+ "accountLinking": {
329
+ "type": "object",
330
+ "properties": {
331
+ "enabled": {
332
+ "type": "boolean",
333
+ "default": true,
334
+ "description": "Allow account linking"
335
+ },
336
+ "autoLink": {
337
+ "type": "boolean",
338
+ "default": false,
339
+ "description": "Automatically link accounts with same email"
340
+ },
341
+ "requireVerification": {
342
+ "type": "boolean",
343
+ "default": true,
344
+ "description": "Require email verification before linking"
345
+ }
346
+ },
347
+ "additionalProperties": false,
348
+ "default": {}
349
+ },
350
+ "twoFactor": {
351
+ "type": "object",
352
+ "properties": {
353
+ "enabled": {
354
+ "type": "boolean",
355
+ "default": false
356
+ },
357
+ "issuer": {
358
+ "type": "string",
359
+ "description": "TOTP issuer name"
360
+ },
361
+ "qrCodeSize": {
362
+ "type": "number",
363
+ "default": 200,
364
+ "description": "QR code size in pixels"
365
+ },
366
+ "backupCodes": {
367
+ "type": "object",
368
+ "properties": {
369
+ "enabled": {
370
+ "type": "boolean",
371
+ "default": true
372
+ },
373
+ "count": {
374
+ "type": "number",
375
+ "default": 10,
376
+ "description": "Number of backup codes to generate"
377
+ }
378
+ },
379
+ "additionalProperties": false
380
+ }
381
+ },
382
+ "additionalProperties": false
383
+ },
384
+ "userFieldMapping": {
385
+ "type": "object",
386
+ "properties": {
387
+ "id": {
388
+ "type": "string",
389
+ "default": "id",
390
+ "description": "User ID field"
391
+ },
392
+ "email": {
393
+ "type": "string",
394
+ "default": "email",
395
+ "description": "Email field"
396
+ },
397
+ "name": {
398
+ "type": "string",
399
+ "default": "name",
400
+ "description": "Name field"
401
+ },
402
+ "image": {
403
+ "type": "string",
404
+ "default": "image",
405
+ "description": "Profile image field"
406
+ },
407
+ "emailVerified": {
408
+ "type": "string",
409
+ "default": "email_verified",
410
+ "description": "Email verification status field"
411
+ },
412
+ "createdAt": {
413
+ "type": "string",
414
+ "default": "created_at",
415
+ "description": "Created timestamp field"
416
+ },
417
+ "updatedAt": {
418
+ "type": "string",
419
+ "default": "updated_at",
420
+ "description": "Updated timestamp field"
421
+ }
422
+ },
423
+ "additionalProperties": false,
424
+ "default": {}
425
+ },
426
+ "database": {
427
+ "type": "object",
428
+ "properties": {
429
+ "type": {
430
+ "type": "string",
431
+ "enum": [
432
+ "prisma",
433
+ "drizzle",
434
+ "kysely",
435
+ "custom"
436
+ ],
437
+ "description": "Database adapter type"
438
+ },
439
+ "connectionString": {
440
+ "type": "string",
441
+ "description": "Database connection string"
442
+ },
443
+ "tablePrefix": {
444
+ "type": "string",
445
+ "default": "auth_",
446
+ "description": "Prefix for auth tables"
447
+ },
448
+ "schema": {
449
+ "type": "string",
450
+ "description": "Database schema name"
451
+ }
452
+ },
453
+ "required": [
454
+ "type"
455
+ ],
456
+ "additionalProperties": false
457
+ },
458
+ "plugins": {
459
+ "type": "array",
460
+ "items": {
461
+ "type": "object",
462
+ "properties": {
463
+ "name": {
464
+ "type": "string",
465
+ "description": "Plugin name"
466
+ },
467
+ "enabled": {
468
+ "type": "boolean",
469
+ "default": true
470
+ },
471
+ "options": {
472
+ "type": "object",
473
+ "additionalProperties": {},
474
+ "description": "Plugin-specific options"
475
+ }
476
+ },
477
+ "required": [
478
+ "name"
479
+ ],
480
+ "additionalProperties": false
481
+ },
482
+ "default": []
483
+ },
484
+ "hooks": {
485
+ "type": "object",
486
+ "properties": {},
487
+ "additionalProperties": false,
488
+ "description": "Authentication lifecycle hooks"
489
+ },
490
+ "security": {
491
+ "type": "object",
492
+ "properties": {
493
+ "allowedOrigins": {
494
+ "type": "array",
495
+ "items": {
496
+ "type": "string"
497
+ },
498
+ "description": "CORS allowed origins"
499
+ },
500
+ "trustProxy": {
501
+ "type": "boolean",
502
+ "default": false,
503
+ "description": "Trust proxy headers"
504
+ },
505
+ "ipRateLimiting": {
506
+ "type": "boolean",
507
+ "default": true,
508
+ "description": "Enable IP-based rate limiting"
509
+ },
510
+ "sessionFingerprinting": {
511
+ "type": "boolean",
512
+ "default": true,
513
+ "description": "Enable session fingerprinting"
514
+ },
515
+ "maxSessions": {
516
+ "type": "number",
517
+ "default": 5,
518
+ "description": "Maximum concurrent sessions per user"
519
+ }
520
+ },
521
+ "additionalProperties": false,
522
+ "description": "Advanced security settings"
523
+ },
524
+ "email": {
525
+ "type": "object",
526
+ "properties": {
527
+ "from": {
528
+ "type": "string",
529
+ "format": "email",
530
+ "description": "From email address"
531
+ },
532
+ "fromName": {
533
+ "type": "string",
534
+ "description": "From name"
535
+ },
536
+ "provider": {
537
+ "type": "string",
538
+ "enum": [
539
+ "smtp",
540
+ "sendgrid",
541
+ "mailgun",
542
+ "ses",
543
+ "resend",
544
+ "custom"
545
+ ],
546
+ "description": "Email provider"
547
+ },
548
+ "config": {
549
+ "type": "object",
550
+ "additionalProperties": {},
551
+ "description": "Provider-specific configuration"
552
+ }
553
+ },
554
+ "required": [
555
+ "from",
556
+ "provider"
557
+ ],
558
+ "additionalProperties": false,
559
+ "description": "Email configuration"
560
+ },
561
+ "ui": {
562
+ "type": "object",
563
+ "properties": {
564
+ "brandName": {
565
+ "type": "string",
566
+ "description": "Brand name displayed in auth UI"
567
+ },
568
+ "logo": {
569
+ "type": "string",
570
+ "description": "Logo URL"
571
+ },
572
+ "primaryColor": {
573
+ "type": "string",
574
+ "description": "Primary brand color (hex)"
575
+ },
576
+ "customCss": {
577
+ "type": "string",
578
+ "description": "Custom CSS for auth pages"
579
+ }
580
+ },
581
+ "additionalProperties": false,
582
+ "description": "UI customization"
583
+ },
584
+ "active": {
585
+ "type": "boolean",
586
+ "default": true,
587
+ "description": "Whether this provider is active"
588
+ },
589
+ "allowRegistration": {
590
+ "type": "boolean",
591
+ "default": true,
592
+ "description": "Allow new user registration"
593
+ }
594
+ },
595
+ "required": [
596
+ "name",
597
+ "label",
598
+ "strategies",
599
+ "baseUrl",
600
+ "secret"
601
+ ],
602
+ "additionalProperties": false
603
+ }
604
+ },
605
+ "$schema": "http://json-schema.org/draft-07/schema#"
606
+ }
package/json-schema/AuthPluginConfig.json ADDED
@@ -0,0 +1,28 @@
1
+ {
2
+ "$ref": "#/definitions/AuthPluginConfig",
3
+ "definitions": {
4
+ "AuthPluginConfig": {
5
+ "type": "object",
6
+ "properties": {
7
+ "name": {
8
+ "type": "string",
9
+ "description": "Plugin name"
10
+ },
11
+ "enabled": {
12
+ "type": "boolean",
13
+ "default": true
14
+ },
15
+ "options": {
16
+ "type": "object",
17
+ "additionalProperties": {},
18
+ "description": "Plugin-specific options"
19
+ }
20
+ },
21
+ "required": [
22
+ "name"
23
+ ],
24
+ "additionalProperties": false
25
+ }
26
+ },
27
+ "$schema": "http://json-schema.org/draft-07/schema#"
28
+ }
package/json-schema/AuthStrategy.json ADDED
@@ -0,0 +1,17 @@
1
+ {
2
+ "$ref": "#/definitions/AuthStrategy",
3
+ "definitions": {
4
+ "AuthStrategy": {
5
+ "type": "string",
6
+ "enum": [
7
+ "email_password",
8
+ "magic_link",
9
+ "oauth",
10
+ "passkey",
11
+ "otp",
12
+ "anonymous"
13
+ ]
14
+ }
15
+ },
16
+ "$schema": "http://json-schema.org/draft-07/schema#"
17
+ }