npm - @open-mercato/core - Versions diffs - 0.5.1-develop.2691.d8a0934b37 → 0.5.1-develop.2694.732417c5ec - Mend

@open-mercato/core 0.5.1-develop.2691.d8a0934b37 → 0.5.1-develop.2694.732417c5ec

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (414) hide show

package/dist/modules/currencies/commands/fetch-configs.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../src/modules/currencies/commands/fetch-configs.ts"],
-  "sourcesContent": ["import type { EntityManager } from '@mikro-orm/core'\nimport { z } from 'zod'\nimport { CurrencyFetchConfig } from '../data/entities'\nimport {\n  currencyFetchConfigCreateSchema,\n  currencyFetchConfigUpdateSchema,\n} from '../data/validators'\n\nexport interface FetchConfigCommandScope {\n  tenantId: string\n  organizationId: string\n  userId?: string\n}\n\nexport async function createFetchConfig(\n  em: EntityManager,\n  input: z.infer<typeof currencyFetchConfigCreateSchema>,\n  scope: FetchConfigCommandScope\n): Promise<CurrencyFetchConfig> {\n  // Validate input\n  const validated = currencyFetchConfigCreateSchema.parse(input)\n\n  // Check for duplicate provider\n  const existing = await em.findOne(CurrencyFetchConfig, {\n    organizationId: scope.organizationId,\n    tenantId: scope.tenantId,\n    provider: validated.provider,\n  })\n\n  if (existing) {\n    throw new Error(`Provider ${validated.provider} already configured`)\n  }\n\n  // Create config\n  const config = em.create(CurrencyFetchConfig, {\n    ...validated,\n    organizationId: scope.organizationId,\n    tenantId: scope.tenantId,\n    createdAt: new Date(),\n    updatedAt: new Date(),\n  })\n\n  await em.persistAndFlush(config)\n  return config\n}\n\nexport async function updateFetchConfig(\n  em: EntityManager,\n  id: string,\n  input: z.infer<typeof currencyFetchConfigUpdateSchema>,\n  scope: FetchConfigCommandScope\n): Promise<CurrencyFetchConfig> {\n  const validated = currencyFetchConfigUpdateSchema.parse(input)\n\n  const config = await em.findOne(CurrencyFetchConfig, {\n    id,\n    organizationId: scope.organizationId,\n    tenantId: scope.tenantId,\n  })\n\n  if (!config) {\n    throw new Error('Fetch config not found')\n  }\n\n  em.assign(config, validated)\n  await em.persistAndFlush(config)\n\n  return config\n}\n\nexport async function deleteFetchConfig(\n  em: EntityManager,\n  id: string,\n  scope: FetchConfigCommandScope\n): Promise<void> {\n  const config = await em.findOne(CurrencyFetchConfig, {\n    id,\n    organizationId: scope.organizationId,\n    tenantId: scope.tenantId,\n  })\n\n  if (!config) {\n    throw new Error('Fetch config not found')\n  }\n\n  await em.removeAndFlush(config)\n}\n"],
-  "mappings": "AAEA,SAAS,2BAA2B;AACpC;AAAA,EACE;AAAA,EACA;AAAA,OACK;AAQP,eAAsB,kBACpB,IACA,OACA,OAC8B;AAE9B,QAAM,YAAY,gCAAgC,MAAM,KAAK;AAG7D,QAAM,WAAW,MAAM,GAAG,QAAQ,qBAAqB;AAAA,IACrD,gBAAgB,MAAM;AAAA,IACtB,UAAU,MAAM;AAAA,IAChB,UAAU,UAAU;AAAA,EACtB,CAAC;AAED,MAAI,UAAU;AACZ,UAAM,IAAI,MAAM,YAAY,UAAU,QAAQ,qBAAqB;AAAA,EACrE;AAGA,QAAM,SAAS,GAAG,OAAO,qBAAqB;AAAA,IAC5C,GAAG;AAAA,IACH,gBAAgB,MAAM;AAAA,IACtB,UAAU,MAAM;AAAA,IAChB,WAAW,oBAAI,KAAK;AAAA,IACpB,WAAW,oBAAI,KAAK;AAAA,EACtB,CAAC;AAED,QAAM,GAAG,gBAAgB,MAAM;AAC/B,SAAO;AACT;AAEA,eAAsB,kBACpB,IACA,IACA,OACA,OAC8B;AAC9B,QAAM,YAAY,gCAAgC,MAAM,KAAK;AAE7D,QAAM,SAAS,MAAM,GAAG,QAAQ,qBAAqB;AAAA,IACnD;AAAA,IACA,gBAAgB,MAAM;AAAA,IACtB,UAAU,MAAM;AAAA,EAClB,CAAC;AAED,MAAI,CAAC,QAAQ;AACX,UAAM,IAAI,MAAM,wBAAwB;AAAA,EAC1C;AAEA,KAAG,OAAO,QAAQ,SAAS;AAC3B,QAAM,GAAG,gBAAgB,MAAM;AAE/B,SAAO;AACT;AAEA,eAAsB,kBACpB,IACA,IACA,OACe;AACf,QAAM,SAAS,MAAM,GAAG,QAAQ,qBAAqB;AAAA,IACnD;AAAA,IACA,gBAAgB,MAAM;AAAA,IACtB,UAAU,MAAM;AAAA,EAClB,CAAC;AAED,MAAI,CAAC,QAAQ;AACX,UAAM,IAAI,MAAM,wBAAwB;AAAA,EAC1C;AAEA,QAAM,GAAG,eAAe,MAAM;AAChC;",
+  "sourcesContent": ["import type { EntityManager } from '@mikro-orm/core'\nimport { z } from 'zod'\nimport { CurrencyFetchConfig } from '../data/entities'\nimport {\n  currencyFetchConfigCreateSchema,\n  currencyFetchConfigUpdateSchema,\n} from '../data/validators'\n\nexport interface FetchConfigCommandScope {\n  tenantId: string\n  organizationId: string\n  userId?: string\n}\n\nexport async function createFetchConfig(\n  em: EntityManager,\n  input: z.infer<typeof currencyFetchConfigCreateSchema>,\n  scope: FetchConfigCommandScope\n): Promise<CurrencyFetchConfig> {\n  // Validate input\n  const validated = currencyFetchConfigCreateSchema.parse(input)\n\n  // Check for duplicate provider\n  const existing = await em.findOne(CurrencyFetchConfig, {\n    organizationId: scope.organizationId,\n    tenantId: scope.tenantId,\n    provider: validated.provider,\n  })\n\n  if (existing) {\n    throw new Error(`Provider ${validated.provider} already configured`)\n  }\n\n  // Create config\n  const config = em.create(CurrencyFetchConfig, {\n    ...validated,\n    organizationId: scope.organizationId,\n    tenantId: scope.tenantId,\n    createdAt: new Date(),\n    updatedAt: new Date(),\n  })\n\n  await em.persist(config).flush()\n  return config\n}\n\nexport async function updateFetchConfig(\n  em: EntityManager,\n  id: string,\n  input: z.infer<typeof currencyFetchConfigUpdateSchema>,\n  scope: FetchConfigCommandScope\n): Promise<CurrencyFetchConfig> {\n  const validated = currencyFetchConfigUpdateSchema.parse(input)\n\n  const config = await em.findOne(CurrencyFetchConfig, {\n    id,\n    organizationId: scope.organizationId,\n    tenantId: scope.tenantId,\n  })\n\n  if (!config) {\n    throw new Error('Fetch config not found')\n  }\n\n  em.assign(config, validated)\n  await em.persist(config).flush()\n\n  return config\n}\n\nexport async function deleteFetchConfig(\n  em: EntityManager,\n  id: string,\n  scope: FetchConfigCommandScope\n): Promise<void> {\n  const config = await em.findOne(CurrencyFetchConfig, {\n    id,\n    organizationId: scope.organizationId,\n    tenantId: scope.tenantId,\n  })\n\n  if (!config) {\n    throw new Error('Fetch config not found')\n  }\n\n  await em.remove(config).flush()\n}\n"],
+  "mappings": "AAEA,SAAS,2BAA2B;AACpC;AAAA,EACE;AAAA,EACA;AAAA,OACK;AAQP,eAAsB,kBACpB,IACA,OACA,OAC8B;AAE9B,QAAM,YAAY,gCAAgC,MAAM,KAAK;AAG7D,QAAM,WAAW,MAAM,GAAG,QAAQ,qBAAqB;AAAA,IACrD,gBAAgB,MAAM;AAAA,IACtB,UAAU,MAAM;AAAA,IAChB,UAAU,UAAU;AAAA,EACtB,CAAC;AAED,MAAI,UAAU;AACZ,UAAM,IAAI,MAAM,YAAY,UAAU,QAAQ,qBAAqB;AAAA,EACrE;AAGA,QAAM,SAAS,GAAG,OAAO,qBAAqB;AAAA,IAC5C,GAAG;AAAA,IACH,gBAAgB,MAAM;AAAA,IACtB,UAAU,MAAM;AAAA,IAChB,WAAW,oBAAI,KAAK;AAAA,IACpB,WAAW,oBAAI,KAAK;AAAA,EACtB,CAAC;AAED,QAAM,GAAG,QAAQ,MAAM,EAAE,MAAM;AAC/B,SAAO;AACT;AAEA,eAAsB,kBACpB,IACA,IACA,OACA,OAC8B;AAC9B,QAAM,YAAY,gCAAgC,MAAM,KAAK;AAE7D,QAAM,SAAS,MAAM,GAAG,QAAQ,qBAAqB;AAAA,IACnD;AAAA,IACA,gBAAgB,MAAM;AAAA,IACtB,UAAU,MAAM;AAAA,EAClB,CAAC;AAED,MAAI,CAAC,QAAQ;AACX,UAAM,IAAI,MAAM,wBAAwB;AAAA,EAC1C;AAEA,KAAG,OAAO,QAAQ,SAAS;AAC3B,QAAM,GAAG,QAAQ,MAAM,EAAE,MAAM;AAE/B,SAAO;AACT;AAEA,eAAsB,kBACpB,IACA,IACA,OACe;AACf,QAAM,SAAS,MAAM,GAAG,QAAQ,qBAAqB;AAAA,IACnD;AAAA,IACA,gBAAgB,MAAM;AAAA,IACtB,UAAU,MAAM;AAAA,EAClB,CAAC;AAED,MAAI,CAAC,QAAQ;AACX,UAAM,IAAI,MAAM,wBAAwB;AAAA,EAC1C;AAEA,QAAM,GAAG,OAAO,MAAM,EAAE,MAAM;AAChC;",
   "names": []
 }

package/dist/modules/currencies/data/entities.js CHANGED Viewed

@@ -8,7 +8,7 @@ var __decorateClass = (decorators, target, key, kind) => {
   if (kind && result) __defProp(target, key, result);
   return result;
 };
-import { Entity, PrimaryKey, Property, Index, Unique } from "@mikro-orm/core";
+import { Entity, Index, PrimaryKey, Property, Unique } from "@mikro-orm/decorators/legacy";
 let Currency = class {
   constructor() {
     this.decimalPlaces = 2;

package/dist/modules/currencies/data/entities.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../src/modules/currencies/data/entities.ts"],
-  "sourcesContent": ["import { Entity, PrimaryKey, Property, Index, Unique } from '@mikro-orm/core'\n\n@Entity({ tableName: 'currencies' })\n@Index({\n  name: 'currencies_scope_idx',\n  properties: ['organizationId', 'tenantId'],\n})\n@Unique({\n  name: 'currencies_code_scope_unique',\n  properties: ['organizationId', 'tenantId', 'code'],\n})\nexport class Currency {\n  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })\n  id!: string\n\n  @Property({ name: 'organization_id', type: 'uuid' })\n  organizationId!: string\n\n  @Property({ name: 'tenant_id', type: 'uuid' })\n  tenantId!: string\n\n  // Currency identification (ISO 4217)\n  @Property({ type: 'text' })\n  code!: string\n\n  @Property({ type: 'text' })\n  name!: string\n\n  @Property({ type: 'text', nullable: true })\n  symbol?: string | null\n\n  // Formatting\n  @Property({ name: 'decimal_places', type: 'integer', default: 2 })\n  decimalPlaces: number = 2\n\n  @Property({ name: 'thousands_separator', type: 'text', nullable: true })\n  thousandsSeparator?: string | null\n\n  @Property({ name: 'decimal_separator', type: 'text', nullable: true })\n  decimalSeparator?: string | null\n\n  // Base currency flag\n  @Property({ name: 'is_base', type: 'boolean', default: false })\n  isBase: boolean = false\n\n  @Property({ name: 'is_active', type: 'boolean', default: true })\n  isActive: boolean = true\n\n  // Audit fields\n  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })\n  createdAt: Date = new Date()\n\n  @Property({ name: 'updated_at', type: Date, onUpdate: () => new Date() })\n  updatedAt: Date = new Date()\n\n  @Property({ name: 'deleted_at', type: Date, nullable: true })\n  deletedAt?: Date | null\n}\n\n@Entity({ tableName: 'exchange_rates' })\n@Index({\n  name: 'exchange_rates_scope_idx',\n  properties: ['organizationId', 'tenantId'],\n})\n@Index({\n  name: 'exchange_rates_pair_idx',\n  properties: ['fromCurrencyCode', 'toCurrencyCode', 'date'],\n})\n@Unique({\n  name: 'exchange_rates_pair_datetime_source_unique',\n  properties: ['organizationId', 'tenantId', 'fromCurrencyCode', 'toCurrencyCode', 'date', 'source'],\n})\nexport class ExchangeRate {\n  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })\n  id!: string\n\n  @Property({ name: 'organization_id', type: 'uuid' })\n  organizationId!: string\n\n  @Property({ name: 'tenant_id', type: 'uuid' })\n  tenantId!: string\n\n  // Currency pair (using codes, not FKs - matches existing pattern)\n  @Property({ name: 'from_currency_code', type: 'text' })\n  fromCurrencyCode!: string\n\n  @Property({ name: 'to_currency_code', type: 'text' })\n  toCurrencyCode!: string\n\n  // Rate value (high precision for crypto/forex)\n  @Property({ type: 'numeric', precision: 18, scale: 8 })\n  rate!: string\n\n  // Date and time when the rate applies (stored as timestamptz)\n  @Property({ name: 'date', type: 'timestamptz' })\n  date!: Date\n\n  // Source tracking (required)\n  @Property({ type: 'text' })\n  source!: string\n\n  // Rate type from bank's perspective (nullable for backward compatibility)\n  @Property({ type: 'text', nullable: true })\n  type?: string | null\n\n  @Property({ name: 'is_active', type: 'boolean', default: true })\n  isActive: boolean = true\n\n  // Audit fields\n  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })\n  createdAt: Date = new Date()\n\n  @Property({ name: 'updated_at', type: Date, onUpdate: () => new Date() })\n  updatedAt: Date = new Date()\n\n  @Property({ name: 'deleted_at', type: Date, nullable: true })\n  deletedAt?: Date | null\n}\n\n@Entity({ tableName: 'currency_fetch_configs' })\n@Index({\n  name: 'currency_fetch_configs_scope_idx',\n  properties: ['organizationId', 'tenantId'],\n})\n@Index({\n  name: 'currency_fetch_configs_enabled_idx',\n  properties: ['isEnabled', 'syncTime'],\n})\n@Unique({\n  name: 'currency_fetch_configs_provider_scope_unique',\n  properties: ['organizationId', 'tenantId', 'provider'],\n})\nexport class CurrencyFetchConfig {\n  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })\n  id!: string\n\n  @Property({ name: 'organization_id', type: 'uuid' })\n  organizationId!: string\n\n  @Property({ name: 'tenant_id', type: 'uuid' })\n  tenantId!: string\n\n  // Provider configuration\n  @Property({ type: 'text' })\n  provider!: string // 'NBP', 'Raiffeisen Bank Polska', 'Custom'\n\n  @Property({ name: 'is_enabled', type: 'boolean', default: false })\n  isEnabled: boolean = false\n\n  // Schedule configuration (cron-style time of day)\n  @Property({ name: 'sync_time', type: 'text', nullable: true })\n  syncTime?: string | null // e.g., \"09:00\" for daily at 9 AM\n\n  // Last sync tracking\n  @Property({ name: 'last_sync_at', type: 'timestamptz', nullable: true })\n  lastSyncAt?: Date | null\n\n  @Property({ name: 'last_sync_status', type: 'text', nullable: true })\n  lastSyncStatus?: string | null // 'success', 'error', 'partial'\n\n  @Property({ name: 'last_sync_message', type: 'text', nullable: true })\n  lastSyncMessage?: string | null\n\n  @Property({ name: 'last_sync_count', type: 'integer', nullable: true })\n  lastSyncCount?: number | null // Number of rates fetched\n\n  // Custom provider configuration (for future web scraping)\n  @Property({ type: 'jsonb', nullable: true })\n  config?: any | null\n\n  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })\n  createdAt: Date = new Date()\n\n  @Property({ name: 'updated_at', type: Date, onUpdate: () => new Date() })\n  updatedAt: Date = new Date()\n}\n"],
-  "mappings": ";;;;;;;;;;AAAA,SAAS,QAAQ,YAAY,UAAU,OAAO,cAAc;AAWrD,IAAM,WAAN,MAAe;AAAA,EAAf;AAsBL,yBAAwB;AAUxB,kBAAkB;AAGlB,oBAAoB;AAIpB,qBAAkB,oBAAI,KAAK;AAG3B,qBAAkB,oBAAI,KAAK;AAAA;AAI7B;AA5CE;AAAA,EADC,WAAW,EAAE,MAAM,QAAQ,YAAY,oBAAoB,CAAC;AAAA,GADlD,SAEX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,mBAAmB,MAAM,OAAO,CAAC;AAAA,GAJxC,SAKX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,OAAO,CAAC;AAAA,GAPlC,SAQX;AAIA;AAAA,EADC,SAAS,EAAE,MAAM,OAAO,CAAC;AAAA,GAXf,SAYX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,OAAO,CAAC;AAAA,GAdf,SAeX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAjB/B,SAkBX;AAIA;AAAA,EADC,SAAS,EAAE,MAAM,kBAAkB,MAAM,WAAW,SAAS,EAAE,CAAC;AAAA,GArBtD,SAsBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,uBAAuB,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAxB5D,SAyBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,qBAAqB,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GA3B1D,SA4BX;AAIA;AAAA,EADC,SAAS,EAAE,MAAM,WAAW,MAAM,WAAW,SAAS,MAAM,CAAC;AAAA,GA/BnD,SAgCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,WAAW,SAAS,KAAK,CAAC;AAAA,GAlCpD,SAmCX;AAIA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GAtC7D,SAuCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GAzC7D,SA0CX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GA5CjD,SA6CX;AA7CW,WAAN;AAAA,EATN,OAAO,EAAE,WAAW,aAAa,CAAC;AAAA,EAClC,MAAM;AAAA,IACL,MAAM;AAAA,IACN,YAAY,CAAC,kBAAkB,UAAU;AAAA,EAC3C,CAAC;AAAA,EACA,OAAO;AAAA,IACN,MAAM;AAAA,IACN,YAAY,CAAC,kBAAkB,YAAY,MAAM;AAAA,EACnD,CAAC;AAAA,GACY;AA6DN,IAAM,eAAN,MAAmB;AAAA,EAAnB;AAkCL,oBAAoB;AAIpB,qBAAkB,oBAAI,KAAK;AAG3B,qBAAkB,oBAAI,KAAK;AAAA;AAI7B;AA3CE;AAAA,EADC,WAAW,EAAE,MAAM,QAAQ,YAAY,oBAAoB,CAAC;AAAA,GADlD,aAEX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,mBAAmB,MAAM,OAAO,CAAC;AAAA,GAJxC,aAKX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,OAAO,CAAC;AAAA,GAPlC,aAQX;AAIA;AAAA,EADC,SAAS,EAAE,MAAM,sBAAsB,MAAM,OAAO,CAAC;AAAA,GAX3C,aAYX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,oBAAoB,MAAM,OAAO,CAAC;AAAA,GAdzC,aAeX;AAIA;AAAA,EADC,SAAS,EAAE,MAAM,WAAW,WAAW,IAAI,OAAO,EAAE,CAAC;AAAA,GAlB3C,aAmBX;AAIA;AAAA,EADC,SAAS,EAAE,MAAM,QAAQ,MAAM,cAAc,CAAC;AAAA,GAtBpC,aAuBX;AAIA;AAAA,EADC,SAAS,EAAE,MAAM,OAAO,CAAC;AAAA,GA1Bf,aA2BX;AAIA;AAAA,EADC,SAAS,EAAE,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GA9B/B,aA+BX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,WAAW,SAAS,KAAK,CAAC;AAAA,GAjCpD,aAkCX;AAIA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GArC7D,aAsCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GAxC7D,aAyCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GA3CjD,aA4CX;AA5CW,eAAN;AAAA,EAbN,OAAO,EAAE,WAAW,iBAAiB,CAAC;AAAA,EACtC,MAAM;AAAA,IACL,MAAM;AAAA,IACN,YAAY,CAAC,kBAAkB,UAAU;AAAA,EAC3C,CAAC;AAAA,EACA,MAAM;AAAA,IACL,MAAM;AAAA,IACN,YAAY,CAAC,oBAAoB,kBAAkB,MAAM;AAAA,EAC3D,CAAC;AAAA,EACA,OAAO;AAAA,IACN,MAAM;AAAA,IACN,YAAY,CAAC,kBAAkB,YAAY,oBAAoB,kBAAkB,QAAQ,QAAQ;AAAA,EACnG,CAAC;AAAA,GACY;AA4DN,IAAM,sBAAN,MAA0B;AAAA,EAA1B;AAeL,qBAAqB;AAwBrB,qBAAkB,oBAAI,KAAK;AAG3B,qBAAkB,oBAAI,KAAK;AAAA;AAC7B;AAzCE;AAAA,EADC,WAAW,EAAE,MAAM,QAAQ,YAAY,oBAAoB,CAAC;AAAA,GADlD,oBAEX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,mBAAmB,MAAM,OAAO,CAAC;AAAA,GAJxC,oBAKX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,OAAO,CAAC;AAAA,GAPlC,oBAQX;AAIA;AAAA,EADC,SAAS,EAAE,MAAM,OAAO,CAAC;AAAA,GAXf,oBAYX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,WAAW,SAAS,MAAM,CAAC;AAAA,GAdtD,oBAeX;AAIA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAlBlD,oBAmBX;AAIA;AAAA,EADC,SAAS,EAAE,MAAM,gBAAgB,MAAM,eAAe,UAAU,KAAK,CAAC;AAAA,GAtB5D,oBAuBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,oBAAoB,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAzBzD,oBA0BX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,qBAAqB,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GA5B1D,oBA6BX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,mBAAmB,MAAM,WAAW,UAAU,KAAK,CAAC;AAAA,GA/B3D,oBAgCX;AAIA;AAAA,EADC,SAAS,EAAE,MAAM,SAAS,UAAU,KAAK,CAAC;AAAA,GAnChC,oBAoCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GAtC7D,oBAuCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GAzC7D,oBA0CX;AA1CW,sBAAN;AAAA,EAbN,OAAO,EAAE,WAAW,yBAAyB,CAAC;AAAA,EAC9C,MAAM;AAAA,IACL,MAAM;AAAA,IACN,YAAY,CAAC,kBAAkB,UAAU;AAAA,EAC3C,CAAC;AAAA,EACA,MAAM;AAAA,IACL,MAAM;AAAA,IACN,YAAY,CAAC,aAAa,UAAU;AAAA,EACtC,CAAC;AAAA,EACA,OAAO;AAAA,IACN,MAAM;AAAA,IACN,YAAY,CAAC,kBAAkB,YAAY,UAAU;AAAA,EACvD,CAAC;AAAA,GACY;",
+  "sourcesContent": ["import { Entity, Index, PrimaryKey, Property, Unique } from '@mikro-orm/decorators/legacy'\n\n@Entity({ tableName: 'currencies' })\n@Index({\n  name: 'currencies_scope_idx',\n  properties: ['organizationId', 'tenantId'],\n})\n@Unique({\n  name: 'currencies_code_scope_unique',\n  properties: ['organizationId', 'tenantId', 'code'],\n})\nexport class Currency {\n  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })\n  id!: string\n\n  @Property({ name: 'organization_id', type: 'uuid' })\n  organizationId!: string\n\n  @Property({ name: 'tenant_id', type: 'uuid' })\n  tenantId!: string\n\n  // Currency identification (ISO 4217)\n  @Property({ type: 'text' })\n  code!: string\n\n  @Property({ type: 'text' })\n  name!: string\n\n  @Property({ type: 'text', nullable: true })\n  symbol?: string | null\n\n  // Formatting\n  @Property({ name: 'decimal_places', type: 'integer', default: 2 })\n  decimalPlaces: number = 2\n\n  @Property({ name: 'thousands_separator', type: 'text', nullable: true })\n  thousandsSeparator?: string | null\n\n  @Property({ name: 'decimal_separator', type: 'text', nullable: true })\n  decimalSeparator?: string | null\n\n  // Base currency flag\n  @Property({ name: 'is_base', type: 'boolean', default: false })\n  isBase: boolean = false\n\n  @Property({ name: 'is_active', type: 'boolean', default: true })\n  isActive: boolean = true\n\n  // Audit fields\n  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })\n  createdAt: Date = new Date()\n\n  @Property({ name: 'updated_at', type: Date, onUpdate: () => new Date() })\n  updatedAt: Date = new Date()\n\n  @Property({ name: 'deleted_at', type: Date, nullable: true })\n  deletedAt?: Date | null\n}\n\n@Entity({ tableName: 'exchange_rates' })\n@Index({\n  name: 'exchange_rates_scope_idx',\n  properties: ['organizationId', 'tenantId'],\n})\n@Index({\n  name: 'exchange_rates_pair_idx',\n  properties: ['fromCurrencyCode', 'toCurrencyCode', 'date'],\n})\n@Unique({\n  name: 'exchange_rates_pair_datetime_source_unique',\n  properties: ['organizationId', 'tenantId', 'fromCurrencyCode', 'toCurrencyCode', 'date', 'source'],\n})\nexport class ExchangeRate {\n  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })\n  id!: string\n\n  @Property({ name: 'organization_id', type: 'uuid' })\n  organizationId!: string\n\n  @Property({ name: 'tenant_id', type: 'uuid' })\n  tenantId!: string\n\n  // Currency pair (using codes, not FKs - matches existing pattern)\n  @Property({ name: 'from_currency_code', type: 'text' })\n  fromCurrencyCode!: string\n\n  @Property({ name: 'to_currency_code', type: 'text' })\n  toCurrencyCode!: string\n\n  // Rate value (high precision for crypto/forex)\n  @Property({ type: 'numeric', precision: 18, scale: 8 })\n  rate!: string\n\n  // Date and time when the rate applies (stored as timestamptz)\n  @Property({ name: 'date', type: 'timestamptz' })\n  date!: Date\n\n  // Source tracking (required)\n  @Property({ type: 'text' })\n  source!: string\n\n  // Rate type from bank's perspective (nullable for backward compatibility)\n  @Property({ type: 'text', nullable: true })\n  type?: string | null\n\n  @Property({ name: 'is_active', type: 'boolean', default: true })\n  isActive: boolean = true\n\n  // Audit fields\n  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })\n  createdAt: Date = new Date()\n\n  @Property({ name: 'updated_at', type: Date, onUpdate: () => new Date() })\n  updatedAt: Date = new Date()\n\n  @Property({ name: 'deleted_at', type: Date, nullable: true })\n  deletedAt?: Date | null\n}\n\n@Entity({ tableName: 'currency_fetch_configs' })\n@Index({\n  name: 'currency_fetch_configs_scope_idx',\n  properties: ['organizationId', 'tenantId'],\n})\n@Index({\n  name: 'currency_fetch_configs_enabled_idx',\n  properties: ['isEnabled', 'syncTime'],\n})\n@Unique({\n  name: 'currency_fetch_configs_provider_scope_unique',\n  properties: ['organizationId', 'tenantId', 'provider'],\n})\nexport class CurrencyFetchConfig {\n  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })\n  id!: string\n\n  @Property({ name: 'organization_id', type: 'uuid' })\n  organizationId!: string\n\n  @Property({ name: 'tenant_id', type: 'uuid' })\n  tenantId!: string\n\n  // Provider configuration\n  @Property({ type: 'text' })\n  provider!: string // 'NBP', 'Raiffeisen Bank Polska', 'Custom'\n\n  @Property({ name: 'is_enabled', type: 'boolean', default: false })\n  isEnabled: boolean = false\n\n  // Schedule configuration (cron-style time of day)\n  @Property({ name: 'sync_time', type: 'text', nullable: true })\n  syncTime?: string | null // e.g., \"09:00\" for daily at 9 AM\n\n  // Last sync tracking\n  @Property({ name: 'last_sync_at', type: 'timestamptz', nullable: true })\n  lastSyncAt?: Date | null\n\n  @Property({ name: 'last_sync_status', type: 'text', nullable: true })\n  lastSyncStatus?: string | null // 'success', 'error', 'partial'\n\n  @Property({ name: 'last_sync_message', type: 'text', nullable: true })\n  lastSyncMessage?: string | null\n\n  @Property({ name: 'last_sync_count', type: 'integer', nullable: true })\n  lastSyncCount?: number | null // Number of rates fetched\n\n  // Custom provider configuration (for future web scraping)\n  @Property({ type: 'jsonb', nullable: true })\n  config?: any | null\n\n  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })\n  createdAt: Date = new Date()\n\n  @Property({ name: 'updated_at', type: Date, onUpdate: () => new Date() })\n  updatedAt: Date = new Date()\n}\n"],
+  "mappings": ";;;;;;;;;;AAAA,SAAS,QAAQ,OAAO,YAAY,UAAU,cAAc;AAWrD,IAAM,WAAN,MAAe;AAAA,EAAf;AAsBL,yBAAwB;AAUxB,kBAAkB;AAGlB,oBAAoB;AAIpB,qBAAkB,oBAAI,KAAK;AAG3B,qBAAkB,oBAAI,KAAK;AAAA;AAI7B;AA5CE;AAAA,EADC,WAAW,EAAE,MAAM,QAAQ,YAAY,oBAAoB,CAAC;AAAA,GADlD,SAEX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,mBAAmB,MAAM,OAAO,CAAC;AAAA,GAJxC,SAKX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,OAAO,CAAC;AAAA,GAPlC,SAQX;AAIA;AAAA,EADC,SAAS,EAAE,MAAM,OAAO,CAAC;AAAA,GAXf,SAYX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,OAAO,CAAC;AAAA,GAdf,SAeX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAjB/B,SAkBX;AAIA;AAAA,EADC,SAAS,EAAE,MAAM,kBAAkB,MAAM,WAAW,SAAS,EAAE,CAAC;AAAA,GArBtD,SAsBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,uBAAuB,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAxB5D,SAyBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,qBAAqB,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GA3B1D,SA4BX;AAIA;AAAA,EADC,SAAS,EAAE,MAAM,WAAW,MAAM,WAAW,SAAS,MAAM,CAAC;AAAA,GA/BnD,SAgCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,WAAW,SAAS,KAAK,CAAC;AAAA,GAlCpD,SAmCX;AAIA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GAtC7D,SAuCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GAzC7D,SA0CX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GA5CjD,SA6CX;AA7CW,WAAN;AAAA,EATN,OAAO,EAAE,WAAW,aAAa,CAAC;AAAA,EAClC,MAAM;AAAA,IACL,MAAM;AAAA,IACN,YAAY,CAAC,kBAAkB,UAAU;AAAA,EAC3C,CAAC;AAAA,EACA,OAAO;AAAA,IACN,MAAM;AAAA,IACN,YAAY,CAAC,kBAAkB,YAAY,MAAM;AAAA,EACnD,CAAC;AAAA,GACY;AA6DN,IAAM,eAAN,MAAmB;AAAA,EAAnB;AAkCL,oBAAoB;AAIpB,qBAAkB,oBAAI,KAAK;AAG3B,qBAAkB,oBAAI,KAAK;AAAA;AAI7B;AA3CE;AAAA,EADC,WAAW,EAAE,MAAM,QAAQ,YAAY,oBAAoB,CAAC;AAAA,GADlD,aAEX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,mBAAmB,MAAM,OAAO,CAAC;AAAA,GAJxC,aAKX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,OAAO,CAAC;AAAA,GAPlC,aAQX;AAIA;AAAA,EADC,SAAS,EAAE,MAAM,sBAAsB,MAAM,OAAO,CAAC;AAAA,GAX3C,aAYX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,oBAAoB,MAAM,OAAO,CAAC;AAAA,GAdzC,aAeX;AAIA;AAAA,EADC,SAAS,EAAE,MAAM,WAAW,WAAW,IAAI,OAAO,EAAE,CAAC;AAAA,GAlB3C,aAmBX;AAIA;AAAA,EADC,SAAS,EAAE,MAAM,QAAQ,MAAM,cAAc,CAAC;AAAA,GAtBpC,aAuBX;AAIA;AAAA,EADC,SAAS,EAAE,MAAM,OAAO,CAAC;AAAA,GA1Bf,aA2BX;AAIA;AAAA,EADC,SAAS,EAAE,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GA9B/B,aA+BX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,WAAW,SAAS,KAAK,CAAC;AAAA,GAjCpD,aAkCX;AAIA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GArC7D,aAsCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GAxC7D,aAyCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GA3CjD,aA4CX;AA5CW,eAAN;AAAA,EAbN,OAAO,EAAE,WAAW,iBAAiB,CAAC;AAAA,EACtC,MAAM;AAAA,IACL,MAAM;AAAA,IACN,YAAY,CAAC,kBAAkB,UAAU;AAAA,EAC3C,CAAC;AAAA,EACA,MAAM;AAAA,IACL,MAAM;AAAA,IACN,YAAY,CAAC,oBAAoB,kBAAkB,MAAM;AAAA,EAC3D,CAAC;AAAA,EACA,OAAO;AAAA,IACN,MAAM;AAAA,IACN,YAAY,CAAC,kBAAkB,YAAY,oBAAoB,kBAAkB,QAAQ,QAAQ;AAAA,EACnG,CAAC;AAAA,GACY;AA4DN,IAAM,sBAAN,MAA0B;AAAA,EAA1B;AAeL,qBAAqB;AAwBrB,qBAAkB,oBAAI,KAAK;AAG3B,qBAAkB,oBAAI,KAAK;AAAA;AAC7B;AAzCE;AAAA,EADC,WAAW,EAAE,MAAM,QAAQ,YAAY,oBAAoB,CAAC;AAAA,GADlD,oBAEX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,mBAAmB,MAAM,OAAO,CAAC;AAAA,GAJxC,oBAKX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,OAAO,CAAC;AAAA,GAPlC,oBAQX;AAIA;AAAA,EADC,SAAS,EAAE,MAAM,OAAO,CAAC;AAAA,GAXf,oBAYX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,WAAW,SAAS,MAAM,CAAC;AAAA,GAdtD,oBAeX;AAIA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAlBlD,oBAmBX;AAIA;AAAA,EADC,SAAS,EAAE,MAAM,gBAAgB,MAAM,eAAe,UAAU,KAAK,CAAC;AAAA,GAtB5D,oBAuBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,oBAAoB,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAzBzD,oBA0BX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,qBAAqB,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GA5B1D,oBA6BX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,mBAAmB,MAAM,WAAW,UAAU,KAAK,CAAC;AAAA,GA/B3D,oBAgCX;AAIA;AAAA,EADC,SAAS,EAAE,MAAM,SAAS,UAAU,KAAK,CAAC;AAAA,GAnChC,oBAoCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GAtC7D,oBAuCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GAzC7D,oBA0CX;AA1CW,sBAAN;AAAA,EAbN,OAAO,EAAE,WAAW,yBAAyB,CAAC;AAAA,EAC9C,MAAM;AAAA,IACL,MAAM;AAAA,IACN,YAAY,CAAC,kBAAkB,UAAU;AAAA,EAC3C,CAAC;AAAA,EACA,MAAM;AAAA,IACL,MAAM;AAAA,IACN,YAAY,CAAC,aAAa,UAAU;AAAA,EACtC,CAAC;AAAA,EACA,OAAO;AAAA,IACN,MAAM;AAAA,IACN,YAAY,CAAC,kBAAkB,YAAY,UAAU;AAAA,EACvD,CAAC;AAAA,GACY;",
   "names": []
 }

package/dist/modules/customer_accounts/api/signup.js CHANGED Viewed

@@ -112,7 +112,7 @@ async function POST(req) {
     });
     em.persist(userRole);
   }
-  await em.persistAndFlush(user);
+  await em.persist(user).flush();
   const verificationToken = await customerTokenService.createEmailVerification(user.id, tenantId);
   const verifyUrl = resolvePortalVerifyUrl(baseUrl, verificationToken, orgRow.slug);
   const subject = translate("customer_accounts.signup.created.subject", "Verify your portal account");

package/dist/modules/customer_accounts/api/signup.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../src/modules/customer_accounts/api/signup.ts"],
-  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { compare as bcryptCompare } from 'bcryptjs'\nimport { z } from 'zod'\nimport type { OpenApiRouteDoc, OpenApiMethodDoc } from '@open-mercato/shared/lib/openapi'\nimport { resolveTranslations } from '@open-mercato/shared/lib/i18n/server'\nimport { sendEmail } from '@open-mercato/shared/lib/email/send'\nimport { signupSchema } from '@open-mercato/core/modules/customer_accounts/data/validators'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { CustomerUserService } from '@open-mercato/core/modules/customer_accounts/services/customerUserService'\nimport { CustomerTokenService } from '@open-mercato/core/modules/customer_accounts/services/customerTokenService'\nimport { CustomerRole, CustomerUserRole } from '@open-mercato/core/modules/customer_accounts/data/entities'\nimport { emitCustomerAccountsEvent } from '@open-mercato/core/modules/customer_accounts/events'\nimport CustomerSignupVerificationEmail from '@open-mercato/core/modules/customer_accounts/emails/CustomerSignupVerificationEmail'\nimport CustomerExistingAccountEmail from '@open-mercato/core/modules/customer_accounts/emails/CustomerExistingAccountEmail'\nimport { rateLimitErrorSchema } from '@open-mercato/shared/lib/ratelimit/helpers'\nimport {\n  checkAuthRateLimit,\n  customerSignupRateLimitConfig,\n  customerSignupIpRateLimitConfig,\n} from '@open-mercato/core/modules/customer_accounts/lib/rateLimiter'\nimport { readNormalizedEmailFromJsonRequest } from '@open-mercato/core/modules/customer_accounts/lib/rateLimitIdentifier'\nimport { findOrganizationInTenant } from '@open-mercato/core/modules/customer_accounts/lib/organizationLookup'\nimport { getSecurityEmailBaseUrl, mapSecurityEmailUrlError } from '@open-mercato/shared/lib/url'\n\nexport const metadata: { path?: string; requireAuth?: boolean } = { requireAuth: false }\n\n// Precomputed bcrypt cost-10 hash of an unknowable random 32-byte input; used to equalize\n// response latency between the existing-user and new-user signup branches so the endpoint's\n// 202-for-both contract is not undone by a timing side channel.\nconst TIMING_EQUALIZATION_HASH = '$2b$10$.F2A6UHFzk.d8trNdfqt4OLz05Nf3IOuMmN6VJKflhD4.rz.prR8i'\nfunction resolvePortalLoginUrl(baseUrl: string, organizationSlug?: string | null): string {\n  return organizationSlug\n    ? `${baseUrl}/${organizationSlug}/portal/login`\n    : `${baseUrl}/portal/login`\n}\n\nfunction resolvePortalVerifyUrl(baseUrl: string, token: string, organizationSlug?: string | null): string {\n  const route = organizationSlug\n    ? `${baseUrl}/${organizationSlug}/portal/verify`\n    : `${baseUrl}/portal/verify`\n  return `${route}?token=${encodeURIComponent(token)}`\n}\n\nexport async function POST(req: Request) {\n  const rateLimitEmail = await readNormalizedEmailFromJsonRequest(req)\n  const { error: rateLimitError } = await checkAuthRateLimit({\n    req,\n    ipConfig: customerSignupIpRateLimitConfig,\n    compoundConfig: customerSignupRateLimitConfig,\n    compoundIdentifier: rateLimitEmail,\n  })\n  if (rateLimitError) return rateLimitError\n\n  let body: unknown\n  try {\n    body = await req.json()\n  } catch {\n    return NextResponse.json({ ok: false, error: 'Invalid request body' }, { status: 400 })\n  }\n\n  const parsed = signupSchema.safeParse(body)\n  if (!parsed.success) {\n    return NextResponse.json({ ok: false, error: 'Validation failed', details: parsed.error.flatten().fieldErrors }, { status: 400 })\n  }\n\n  const { email, password, displayName, tenantId, organizationId } = parsed.data\n  if (!tenantId || !organizationId) {\n    return NextResponse.json({ ok: false, error: 'tenantId and organizationId are required' }, { status: 400 })\n  }\n\n  let baseUrl: string\n  try {\n    baseUrl = getSecurityEmailBaseUrl(req)\n  } catch (error) {\n    const mapped = mapSecurityEmailUrlError(error, {\n      scope: 'customer_accounts.signup',\n      configMessage: 'Customer signup is not configured',\n    })\n    if (mapped) return NextResponse.json(mapped.body, { status: mapped.status })\n    throw error\n  }\n\n  const container = await createRequestContainer()\n  const customerUserService = container.resolve('customerUserService') as CustomerUserService\n  const customerTokenService = container.resolve('customerTokenService') as CustomerTokenService\n  const em = container.resolve('em') as import('@mikro-orm/postgresql').EntityManager\n  const { translate } = await resolveTranslations()\n\n  const orgRow = await findOrganizationInTenant(em, organizationId, tenantId)\n  if (!orgRow) {\n    return NextResponse.json({ ok: false, error: 'Registration could not be completed' }, { status: 400 })\n  }\n\n  const existing = await customerUserService.findByEmail(email, tenantId)\n  if (existing) {\n    await bcryptCompare(password, TIMING_EQUALIZATION_HASH)\n    const existingOrg = await findOrganizationInTenant(em, existing.organizationId, tenantId)\n    const loginUrl = resolvePortalLoginUrl(baseUrl, existingOrg?.slug ?? null)\n    const subject = translate('customer_accounts.signup.existing.subject', 'You already have a portal account')\n    const copy = {\n      preview: translate('customer_accounts.signup.existing.preview', 'A sign-up attempt was made for an email that already has a portal account.'),\n      title: translate('customer_accounts.signup.existing.title', 'You already have a portal account'),\n      body: translate(\n        'customer_accounts.signup.existing.body',\n        'A sign-up request was made for this email address. You can sign in with your existing account. If you forgot your password, use the password reset option on the sign-in page.',\n      ),\n      cta: translate('customer_accounts.signup.existing.cta', 'Open sign-in page'),\n      hint: translate(\n        'customer_accounts.signup.existing.hint',\n        'If this was not you, you can ignore this message. No new portal account was created.',\n      ),\n    }\n\n    void sendEmail({\n      to: existing.email,\n      subject,\n      react: CustomerExistingAccountEmail({ loginUrl, copy }),\n    }).catch((error) => {\n      console.error('[customer_accounts.signup] existing-account email failed', error)\n    })\n\n    return NextResponse.json({ ok: true }, { status: 202 })\n  }\n\n  const user = await customerUserService.createUser(email, password, displayName, { tenantId, organizationId })\n\n  const defaultRole = await em.findOne(CustomerRole, {\n    tenantId,\n    isDefault: true,\n    deletedAt: null,\n  })\n  if (defaultRole) {\n    const userRole = em.create(CustomerUserRole, {\n      user,\n      role: defaultRole,\n      createdAt: new Date(),\n    } as any)\n    em.persist(userRole)\n  }\n\n  await em.persistAndFlush(user)\n\n  const verificationToken = await customerTokenService.createEmailVerification(user.id, tenantId)\n  const verifyUrl = resolvePortalVerifyUrl(baseUrl, verificationToken, orgRow.slug)\n  const subject = translate('customer_accounts.signup.created.subject', 'Verify your portal account')\n  const copy = {\n    preview: translate('customer_accounts.signup.created.preview', 'Verify your portal account to finish sign-up.'),\n    title: translate('customer_accounts.signup.created.title', 'Verify your portal account'),\n    body: translate(\n      'customer_accounts.signup.created.body',\n      'Your account request was accepted. Confirm your email address to finish setting up portal access.',\n    ),\n    cta: translate('customer_accounts.signup.created.cta', 'Verify email address'),\n    hint: translate(\n      'customer_accounts.signup.created.hint',\n      'This verification link expires in 24 hours. If you did not request this, you can ignore this email.',\n    ),\n  }\n\n  void sendEmail({\n    to: user.email,\n    subject,\n    react: CustomerSignupVerificationEmail({ verifyUrl, copy }),\n  }).catch((error) => {\n    console.error('[customer_accounts.signup] verification email failed', error)\n  })\n\n  void emitCustomerAccountsEvent('customer_accounts.user.created', {\n    id: user.id,\n    email: user.email,\n    tenantId,\n    organizationId,\n  }).catch(() => undefined)\n\n  return NextResponse.json({ ok: true }, { status: 202 })\n}\n\nconst signupAcceptedSchema = z.object({ ok: z.literal(true) })\n\nconst errorSchema = z.object({\n  ok: z.literal(false),\n  error: z.string(),\n})\n\nconst methodDoc: OpenApiMethodDoc = {\n  summary: 'Register a new customer account',\n  description: 'Accepts a signup request and always returns 202 to prevent account enumeration.',\n  tags: ['Customer Authentication'],\n  requestBody: {\n    schema: signupSchema,\n    description: 'Signup payload with email, password, and display name.',\n  },\n  responses: [\n    { status: 202, description: 'Signup accepted', schema: signupAcceptedSchema },\n  ],\n  errors: [\n    { status: 400, description: 'Validation failed or invalid request origin', schema: errorSchema },\n    { status: 429, description: 'Too many signup attempts', schema: rateLimitErrorSchema },\n    { status: 500, description: 'Signup email origin is not configured', schema: errorSchema },\n  ],\n}\n\nexport const openApi: OpenApiRouteDoc = {\n  summary: 'Customer account registration',\n  description: 'Handles customer self-registration without revealing whether the email already exists.',\n  methods: { POST: methodDoc },\n}\n"],
-  "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,WAAW,qBAAqB;AACzC,SAAS,SAAS;AAElB,SAAS,2BAA2B;AACpC,SAAS,iBAAiB;AAC1B,SAAS,oBAAoB;AAC7B,SAAS,8BAA8B;AAGvC,SAAS,cAAc,wBAAwB;AAC/C,SAAS,iCAAiC;AAC1C,OAAO,qCAAqC;AAC5C,OAAO,kCAAkC;AACzC,SAAS,4BAA4B;AACrC;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP,SAAS,0CAA0C;AACnD,SAAS,gCAAgC;AACzC,SAAS,yBAAyB,gCAAgC;AAE3D,MAAM,WAAqD,EAAE,aAAa,MAAM;AAKvF,MAAM,2BAA2B;AACjC,SAAS,sBAAsB,SAAiB,kBAA0C;AACxF,SAAO,mBACH,GAAG,OAAO,IAAI,gBAAgB,kBAC9B,GAAG,OAAO;AAChB;AAEA,SAAS,uBAAuB,SAAiB,OAAe,kBAA0C;AACxG,QAAM,QAAQ,mBACV,GAAG,OAAO,IAAI,gBAAgB,mBAC9B,GAAG,OAAO;AACd,SAAO,GAAG,KAAK,UAAU,mBAAmB,KAAK,CAAC;AACpD;AAEA,eAAsB,KAAK,KAAc;AACvC,QAAM,iBAAiB,MAAM,mCAAmC,GAAG;AACnE,QAAM,EAAE,OAAO,eAAe,IAAI,MAAM,mBAAmB;AAAA,IACzD;AAAA,IACA,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,oBAAoB;AAAA,EACtB,CAAC;AACD,MAAI,eAAgB,QAAO;AAE3B,MAAI;AACJ,MAAI;AACF,WAAO,MAAM,IAAI,KAAK;AAAA,EACxB,QAAQ;AACN,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,uBAAuB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACxF;AAEA,QAAM,SAAS,aAAa,UAAU,IAAI;AAC1C,MAAI,CAAC,OAAO,SAAS;AACnB,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,qBAAqB,SAAS,OAAO,MAAM,QAAQ,EAAE,YAAY,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAClI;AAEA,QAAM,EAAE,OAAO,UAAU,aAAa,UAAU,eAAe,IAAI,OAAO;AAC1E,MAAI,CAAC,YAAY,CAAC,gBAAgB;AAChC,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,2CAA2C,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC5G;AAEA,MAAI;AACJ,MAAI;AACF,cAAU,wBAAwB,GAAG;AAAA,EACvC,SAAS,OAAO;AACd,UAAM,SAAS,yBAAyB,OAAO;AAAA,MAC7C,OAAO;AAAA,MACP,eAAe;AAAA,IACjB,CAAC;AACD,QAAI,OAAQ,QAAO,aAAa,KAAK,OAAO,MAAM,EAAE,QAAQ,OAAO,OAAO,CAAC;AAC3E,UAAM;AAAA,EACR;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,sBAAsB,UAAU,QAAQ,qBAAqB;AACnE,QAAM,uBAAuB,UAAU,QAAQ,sBAAsB;AACrE,QAAM,KAAK,UAAU,QAAQ,IAAI;AACjC,QAAM,EAAE,UAAU,IAAI,MAAM,oBAAoB;AAEhD,QAAM,SAAS,MAAM,yBAAyB,IAAI,gBAAgB,QAAQ;AAC1E,MAAI,CAAC,QAAQ;AACX,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,sCAAsC,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACvG;AAEA,QAAM,WAAW,MAAM,oBAAoB,YAAY,OAAO,QAAQ;AACtE,MAAI,UAAU;AACZ,UAAM,cAAc,UAAU,wBAAwB;AACtD,UAAM,cAAc,MAAM,yBAAyB,IAAI,SAAS,gBAAgB,QAAQ;AACxF,UAAM,WAAW,sBAAsB,SAAS,aAAa,QAAQ,IAAI;AACzE,UAAMA,WAAU,UAAU,6CAA6C,mCAAmC;AAC1G,UAAMC,QAAO;AAAA,MACX,SAAS,UAAU,6CAA6C,4EAA4E;AAAA,MAC5I,OAAO,UAAU,2CAA2C,mCAAmC;AAAA,MAC/F,MAAM;AAAA,QACJ;AAAA,QACA;AAAA,MACF;AAAA,MACA,KAAK,UAAU,yCAAyC,mBAAmB;AAAA,MAC3E,MAAM;AAAA,QACJ;AAAA,QACA;AAAA,MACF;AAAA,IACF;AAEA,SAAK,UAAU;AAAA,MACb,IAAI,SAAS;AAAA,MACb,SAAAD;AAAA,MACA,OAAO,6BAA6B,EAAE,UAAU,MAAAC,MAAK,CAAC;AAAA,IACxD,CAAC,EAAE,MAAM,CAAC,UAAU;AAClB,cAAQ,MAAM,4DAA4D,KAAK;AAAA,IACjF,CAAC;AAED,WAAO,aAAa,KAAK,EAAE,IAAI,KAAK,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACxD;AAEA,QAAM,OAAO,MAAM,oBAAoB,WAAW,OAAO,UAAU,aAAa,EAAE,UAAU,eAAe,CAAC;AAE5G,QAAM,cAAc,MAAM,GAAG,QAAQ,cAAc;AAAA,IACjD;AAAA,IACA,WAAW;AAAA,IACX,WAAW;AAAA,EACb,CAAC;AACD,MAAI,aAAa;AACf,UAAM,WAAW,GAAG,OAAO,kBAAkB;AAAA,MAC3C;AAAA,MACA,MAAM;AAAA,MACN,WAAW,oBAAI,KAAK;AAAA,IACtB,CAAQ;AACR,OAAG,QAAQ,QAAQ;AAAA,EACrB;AAEA,QAAM,GAAG,gBAAgB,IAAI;AAE7B,QAAM,oBAAoB,MAAM,qBAAqB,wBAAwB,KAAK,IAAI,QAAQ;AAC9F,QAAM,YAAY,uBAAuB,SAAS,mBAAmB,OAAO,IAAI;AAChF,QAAM,UAAU,UAAU,4CAA4C,4BAA4B;AAClG,QAAM,OAAO;AAAA,IACX,SAAS,UAAU,4CAA4C,+CAA+C;AAAA,IAC9G,OAAO,UAAU,0CAA0C,4BAA4B;AAAA,IACvF,MAAM;AAAA,MACJ;AAAA,MACA;AAAA,IACF;AAAA,IACA,KAAK,UAAU,wCAAwC,sBAAsB;AAAA,IAC7E,MAAM;AAAA,MACJ;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAEA,OAAK,UAAU;AAAA,IACb,IAAI,KAAK;AAAA,IACT;AAAA,IACA,OAAO,gCAAgC,EAAE,WAAW,KAAK,CAAC;AAAA,EAC5D,CAAC,EAAE,MAAM,CAAC,UAAU;AAClB,YAAQ,MAAM,wDAAwD,KAAK;AAAA,EAC7E,CAAC;AAED,OAAK,0BAA0B,kCAAkC;AAAA,IAC/D,IAAI,KAAK;AAAA,IACT,OAAO,KAAK;AAAA,IACZ;AAAA,IACA;AAAA,EACF,CAAC,EAAE,MAAM,MAAM,MAAS;AAExB,SAAO,aAAa,KAAK,EAAE,IAAI,KAAK,GAAG,EAAE,QAAQ,IAAI,CAAC;AACxD;AAEA,MAAM,uBAAuB,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,IAAI,EAAE,CAAC;AAE7D,MAAM,cAAc,EAAE,OAAO;AAAA,EAC3B,IAAI,EAAE,QAAQ,KAAK;AAAA,EACnB,OAAO,EAAE,OAAO;AAClB,CAAC;AAED,MAAM,YAA8B;AAAA,EAClC,SAAS;AAAA,EACT,aAAa;AAAA,EACb,MAAM,CAAC,yBAAyB;AAAA,EAChC,aAAa;AAAA,IACX,QAAQ;AAAA,IACR,aAAa;AAAA,EACf;AAAA,EACA,WAAW;AAAA,IACT,EAAE,QAAQ,KAAK,aAAa,mBAAmB,QAAQ,qBAAqB;AAAA,EAC9E;AAAA,EACA,QAAQ;AAAA,IACN,EAAE,QAAQ,KAAK,aAAa,+CAA+C,QAAQ,YAAY;AAAA,IAC/F,EAAE,QAAQ,KAAK,aAAa,4BAA4B,QAAQ,qBAAqB;AAAA,IACrF,EAAE,QAAQ,KAAK,aAAa,yCAAyC,QAAQ,YAAY;AAAA,EAC3F;AACF;AAEO,MAAM,UAA2B;AAAA,EACtC,SAAS;AAAA,EACT,aAAa;AAAA,EACb,SAAS,EAAE,MAAM,UAAU;AAC7B;",
+  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { compare as bcryptCompare } from 'bcryptjs'\nimport { z } from 'zod'\nimport type { OpenApiRouteDoc, OpenApiMethodDoc } from '@open-mercato/shared/lib/openapi'\nimport { resolveTranslations } from '@open-mercato/shared/lib/i18n/server'\nimport { sendEmail } from '@open-mercato/shared/lib/email/send'\nimport { signupSchema } from '@open-mercato/core/modules/customer_accounts/data/validators'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { CustomerUserService } from '@open-mercato/core/modules/customer_accounts/services/customerUserService'\nimport { CustomerTokenService } from '@open-mercato/core/modules/customer_accounts/services/customerTokenService'\nimport { CustomerRole, CustomerUserRole } from '@open-mercato/core/modules/customer_accounts/data/entities'\nimport { emitCustomerAccountsEvent } from '@open-mercato/core/modules/customer_accounts/events'\nimport CustomerSignupVerificationEmail from '@open-mercato/core/modules/customer_accounts/emails/CustomerSignupVerificationEmail'\nimport CustomerExistingAccountEmail from '@open-mercato/core/modules/customer_accounts/emails/CustomerExistingAccountEmail'\nimport { rateLimitErrorSchema } from '@open-mercato/shared/lib/ratelimit/helpers'\nimport {\n  checkAuthRateLimit,\n  customerSignupRateLimitConfig,\n  customerSignupIpRateLimitConfig,\n} from '@open-mercato/core/modules/customer_accounts/lib/rateLimiter'\nimport { readNormalizedEmailFromJsonRequest } from '@open-mercato/core/modules/customer_accounts/lib/rateLimitIdentifier'\nimport { findOrganizationInTenant } from '@open-mercato/core/modules/customer_accounts/lib/organizationLookup'\nimport { getSecurityEmailBaseUrl, mapSecurityEmailUrlError } from '@open-mercato/shared/lib/url'\n\nexport const metadata: { path?: string; requireAuth?: boolean } = { requireAuth: false }\n\n// Precomputed bcrypt cost-10 hash of an unknowable random 32-byte input; used to equalize\n// response latency between the existing-user and new-user signup branches so the endpoint's\n// 202-for-both contract is not undone by a timing side channel.\nconst TIMING_EQUALIZATION_HASH = '$2b$10$.F2A6UHFzk.d8trNdfqt4OLz05Nf3IOuMmN6VJKflhD4.rz.prR8i'\nfunction resolvePortalLoginUrl(baseUrl: string, organizationSlug?: string | null): string {\n  return organizationSlug\n    ? `${baseUrl}/${organizationSlug}/portal/login`\n    : `${baseUrl}/portal/login`\n}\n\nfunction resolvePortalVerifyUrl(baseUrl: string, token: string, organizationSlug?: string | null): string {\n  const route = organizationSlug\n    ? `${baseUrl}/${organizationSlug}/portal/verify`\n    : `${baseUrl}/portal/verify`\n  return `${route}?token=${encodeURIComponent(token)}`\n}\n\nexport async function POST(req: Request) {\n  const rateLimitEmail = await readNormalizedEmailFromJsonRequest(req)\n  const { error: rateLimitError } = await checkAuthRateLimit({\n    req,\n    ipConfig: customerSignupIpRateLimitConfig,\n    compoundConfig: customerSignupRateLimitConfig,\n    compoundIdentifier: rateLimitEmail,\n  })\n  if (rateLimitError) return rateLimitError\n\n  let body: unknown\n  try {\n    body = await req.json()\n  } catch {\n    return NextResponse.json({ ok: false, error: 'Invalid request body' }, { status: 400 })\n  }\n\n  const parsed = signupSchema.safeParse(body)\n  if (!parsed.success) {\n    return NextResponse.json({ ok: false, error: 'Validation failed', details: parsed.error.flatten().fieldErrors }, { status: 400 })\n  }\n\n  const { email, password, displayName, tenantId, organizationId } = parsed.data\n  if (!tenantId || !organizationId) {\n    return NextResponse.json({ ok: false, error: 'tenantId and organizationId are required' }, { status: 400 })\n  }\n\n  let baseUrl: string\n  try {\n    baseUrl = getSecurityEmailBaseUrl(req)\n  } catch (error) {\n    const mapped = mapSecurityEmailUrlError(error, {\n      scope: 'customer_accounts.signup',\n      configMessage: 'Customer signup is not configured',\n    })\n    if (mapped) return NextResponse.json(mapped.body, { status: mapped.status })\n    throw error\n  }\n\n  const container = await createRequestContainer()\n  const customerUserService = container.resolve('customerUserService') as CustomerUserService\n  const customerTokenService = container.resolve('customerTokenService') as CustomerTokenService\n  const em = container.resolve('em') as import('@mikro-orm/postgresql').EntityManager\n  const { translate } = await resolveTranslations()\n\n  const orgRow = await findOrganizationInTenant(em, organizationId, tenantId)\n  if (!orgRow) {\n    return NextResponse.json({ ok: false, error: 'Registration could not be completed' }, { status: 400 })\n  }\n\n  const existing = await customerUserService.findByEmail(email, tenantId)\n  if (existing) {\n    await bcryptCompare(password, TIMING_EQUALIZATION_HASH)\n    const existingOrg = await findOrganizationInTenant(em, existing.organizationId, tenantId)\n    const loginUrl = resolvePortalLoginUrl(baseUrl, existingOrg?.slug ?? null)\n    const subject = translate('customer_accounts.signup.existing.subject', 'You already have a portal account')\n    const copy = {\n      preview: translate('customer_accounts.signup.existing.preview', 'A sign-up attempt was made for an email that already has a portal account.'),\n      title: translate('customer_accounts.signup.existing.title', 'You already have a portal account'),\n      body: translate(\n        'customer_accounts.signup.existing.body',\n        'A sign-up request was made for this email address. You can sign in with your existing account. If you forgot your password, use the password reset option on the sign-in page.',\n      ),\n      cta: translate('customer_accounts.signup.existing.cta', 'Open sign-in page'),\n      hint: translate(\n        'customer_accounts.signup.existing.hint',\n        'If this was not you, you can ignore this message. No new portal account was created.',\n      ),\n    }\n\n    void sendEmail({\n      to: existing.email,\n      subject,\n      react: CustomerExistingAccountEmail({ loginUrl, copy }),\n    }).catch((error) => {\n      console.error('[customer_accounts.signup] existing-account email failed', error)\n    })\n\n    return NextResponse.json({ ok: true }, { status: 202 })\n  }\n\n  const user = await customerUserService.createUser(email, password, displayName, { tenantId, organizationId })\n\n  const defaultRole = await em.findOne(CustomerRole, {\n    tenantId,\n    isDefault: true,\n    deletedAt: null,\n  })\n  if (defaultRole) {\n    const userRole = em.create(CustomerUserRole, {\n      user,\n      role: defaultRole,\n      createdAt: new Date(),\n    } as any)\n    em.persist(userRole)\n  }\n\n  await em.persist(user).flush()\n\n  const verificationToken = await customerTokenService.createEmailVerification(user.id, tenantId)\n  const verifyUrl = resolvePortalVerifyUrl(baseUrl, verificationToken, orgRow.slug)\n  const subject = translate('customer_accounts.signup.created.subject', 'Verify your portal account')\n  const copy = {\n    preview: translate('customer_accounts.signup.created.preview', 'Verify your portal account to finish sign-up.'),\n    title: translate('customer_accounts.signup.created.title', 'Verify your portal account'),\n    body: translate(\n      'customer_accounts.signup.created.body',\n      'Your account request was accepted. Confirm your email address to finish setting up portal access.',\n    ),\n    cta: translate('customer_accounts.signup.created.cta', 'Verify email address'),\n    hint: translate(\n      'customer_accounts.signup.created.hint',\n      'This verification link expires in 24 hours. If you did not request this, you can ignore this email.',\n    ),\n  }\n\n  void sendEmail({\n    to: user.email,\n    subject,\n    react: CustomerSignupVerificationEmail({ verifyUrl, copy }),\n  }).catch((error) => {\n    console.error('[customer_accounts.signup] verification email failed', error)\n  })\n\n  void emitCustomerAccountsEvent('customer_accounts.user.created', {\n    id: user.id,\n    email: user.email,\n    tenantId,\n    organizationId,\n  }).catch(() => undefined)\n\n  return NextResponse.json({ ok: true }, { status: 202 })\n}\n\nconst signupAcceptedSchema = z.object({ ok: z.literal(true) })\n\nconst errorSchema = z.object({\n  ok: z.literal(false),\n  error: z.string(),\n})\n\nconst methodDoc: OpenApiMethodDoc = {\n  summary: 'Register a new customer account',\n  description: 'Accepts a signup request and always returns 202 to prevent account enumeration.',\n  tags: ['Customer Authentication'],\n  requestBody: {\n    schema: signupSchema,\n    description: 'Signup payload with email, password, and display name.',\n  },\n  responses: [\n    { status: 202, description: 'Signup accepted', schema: signupAcceptedSchema },\n  ],\n  errors: [\n    { status: 400, description: 'Validation failed or invalid request origin', schema: errorSchema },\n    { status: 429, description: 'Too many signup attempts', schema: rateLimitErrorSchema },\n    { status: 500, description: 'Signup email origin is not configured', schema: errorSchema },\n  ],\n}\n\nexport const openApi: OpenApiRouteDoc = {\n  summary: 'Customer account registration',\n  description: 'Handles customer self-registration without revealing whether the email already exists.',\n  methods: { POST: methodDoc },\n}\n"],
+  "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,WAAW,qBAAqB;AACzC,SAAS,SAAS;AAElB,SAAS,2BAA2B;AACpC,SAAS,iBAAiB;AAC1B,SAAS,oBAAoB;AAC7B,SAAS,8BAA8B;AAGvC,SAAS,cAAc,wBAAwB;AAC/C,SAAS,iCAAiC;AAC1C,OAAO,qCAAqC;AAC5C,OAAO,kCAAkC;AACzC,SAAS,4BAA4B;AACrC;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP,SAAS,0CAA0C;AACnD,SAAS,gCAAgC;AACzC,SAAS,yBAAyB,gCAAgC;AAE3D,MAAM,WAAqD,EAAE,aAAa,MAAM;AAKvF,MAAM,2BAA2B;AACjC,SAAS,sBAAsB,SAAiB,kBAA0C;AACxF,SAAO,mBACH,GAAG,OAAO,IAAI,gBAAgB,kBAC9B,GAAG,OAAO;AAChB;AAEA,SAAS,uBAAuB,SAAiB,OAAe,kBAA0C;AACxG,QAAM,QAAQ,mBACV,GAAG,OAAO,IAAI,gBAAgB,mBAC9B,GAAG,OAAO;AACd,SAAO,GAAG,KAAK,UAAU,mBAAmB,KAAK,CAAC;AACpD;AAEA,eAAsB,KAAK,KAAc;AACvC,QAAM,iBAAiB,MAAM,mCAAmC,GAAG;AACnE,QAAM,EAAE,OAAO,eAAe,IAAI,MAAM,mBAAmB;AAAA,IACzD;AAAA,IACA,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,oBAAoB;AAAA,EACtB,CAAC;AACD,MAAI,eAAgB,QAAO;AAE3B,MAAI;AACJ,MAAI;AACF,WAAO,MAAM,IAAI,KAAK;AAAA,EACxB,QAAQ;AACN,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,uBAAuB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACxF;AAEA,QAAM,SAAS,aAAa,UAAU,IAAI;AAC1C,MAAI,CAAC,OAAO,SAAS;AACnB,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,qBAAqB,SAAS,OAAO,MAAM,QAAQ,EAAE,YAAY,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAClI;AAEA,QAAM,EAAE,OAAO,UAAU,aAAa,UAAU,eAAe,IAAI,OAAO;AAC1E,MAAI,CAAC,YAAY,CAAC,gBAAgB;AAChC,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,2CAA2C,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC5G;AAEA,MAAI;AACJ,MAAI;AACF,cAAU,wBAAwB,GAAG;AAAA,EACvC,SAAS,OAAO;AACd,UAAM,SAAS,yBAAyB,OAAO;AAAA,MAC7C,OAAO;AAAA,MACP,eAAe;AAAA,IACjB,CAAC;AACD,QAAI,OAAQ,QAAO,aAAa,KAAK,OAAO,MAAM,EAAE,QAAQ,OAAO,OAAO,CAAC;AAC3E,UAAM;AAAA,EACR;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,sBAAsB,UAAU,QAAQ,qBAAqB;AACnE,QAAM,uBAAuB,UAAU,QAAQ,sBAAsB;AACrE,QAAM,KAAK,UAAU,QAAQ,IAAI;AACjC,QAAM,EAAE,UAAU,IAAI,MAAM,oBAAoB;AAEhD,QAAM,SAAS,MAAM,yBAAyB,IAAI,gBAAgB,QAAQ;AAC1E,MAAI,CAAC,QAAQ;AACX,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,sCAAsC,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACvG;AAEA,QAAM,WAAW,MAAM,oBAAoB,YAAY,OAAO,QAAQ;AACtE,MAAI,UAAU;AACZ,UAAM,cAAc,UAAU,wBAAwB;AACtD,UAAM,cAAc,MAAM,yBAAyB,IAAI,SAAS,gBAAgB,QAAQ;AACxF,UAAM,WAAW,sBAAsB,SAAS,aAAa,QAAQ,IAAI;AACzE,UAAMA,WAAU,UAAU,6CAA6C,mCAAmC;AAC1G,UAAMC,QAAO;AAAA,MACX,SAAS,UAAU,6CAA6C,4EAA4E;AAAA,MAC5I,OAAO,UAAU,2CAA2C,mCAAmC;AAAA,MAC/F,MAAM;AAAA,QACJ;AAAA,QACA;AAAA,MACF;AAAA,MACA,KAAK,UAAU,yCAAyC,mBAAmB;AAAA,MAC3E,MAAM;AAAA,QACJ;AAAA,QACA;AAAA,MACF;AAAA,IACF;AAEA,SAAK,UAAU;AAAA,MACb,IAAI,SAAS;AAAA,MACb,SAAAD;AAAA,MACA,OAAO,6BAA6B,EAAE,UAAU,MAAAC,MAAK,CAAC;AAAA,IACxD,CAAC,EAAE,MAAM,CAAC,UAAU;AAClB,cAAQ,MAAM,4DAA4D,KAAK;AAAA,IACjF,CAAC;AAED,WAAO,aAAa,KAAK,EAAE,IAAI,KAAK,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACxD;AAEA,QAAM,OAAO,MAAM,oBAAoB,WAAW,OAAO,UAAU,aAAa,EAAE,UAAU,eAAe,CAAC;AAE5G,QAAM,cAAc,MAAM,GAAG,QAAQ,cAAc;AAAA,IACjD;AAAA,IACA,WAAW;AAAA,IACX,WAAW;AAAA,EACb,CAAC;AACD,MAAI,aAAa;AACf,UAAM,WAAW,GAAG,OAAO,kBAAkB;AAAA,MAC3C;AAAA,MACA,MAAM;AAAA,MACN,WAAW,oBAAI,KAAK;AAAA,IACtB,CAAQ;AACR,OAAG,QAAQ,QAAQ;AAAA,EACrB;AAEA,QAAM,GAAG,QAAQ,IAAI,EAAE,MAAM;AAE7B,QAAM,oBAAoB,MAAM,qBAAqB,wBAAwB,KAAK,IAAI,QAAQ;AAC9F,QAAM,YAAY,uBAAuB,SAAS,mBAAmB,OAAO,IAAI;AAChF,QAAM,UAAU,UAAU,4CAA4C,4BAA4B;AAClG,QAAM,OAAO;AAAA,IACX,SAAS,UAAU,4CAA4C,+CAA+C;AAAA,IAC9G,OAAO,UAAU,0CAA0C,4BAA4B;AAAA,IACvF,MAAM;AAAA,MACJ;AAAA,MACA;AAAA,IACF;AAAA,IACA,KAAK,UAAU,wCAAwC,sBAAsB;AAAA,IAC7E,MAAM;AAAA,MACJ;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAEA,OAAK,UAAU;AAAA,IACb,IAAI,KAAK;AAAA,IACT;AAAA,IACA,OAAO,gCAAgC,EAAE,WAAW,KAAK,CAAC;AAAA,EAC5D,CAAC,EAAE,MAAM,CAAC,UAAU;AAClB,YAAQ,MAAM,wDAAwD,KAAK;AAAA,EAC7E,CAAC;AAED,OAAK,0BAA0B,kCAAkC;AAAA,IAC/D,IAAI,KAAK;AAAA,IACT,OAAO,KAAK;AAAA,IACZ;AAAA,IACA;AAAA,EACF,CAAC,EAAE,MAAM,MAAM,MAAS;AAExB,SAAO,aAAa,KAAK,EAAE,IAAI,KAAK,GAAG,EAAE,QAAQ,IAAI,CAAC;AACxD;AAEA,MAAM,uBAAuB,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,IAAI,EAAE,CAAC;AAE7D,MAAM,cAAc,EAAE,OAAO;AAAA,EAC3B,IAAI,EAAE,QAAQ,KAAK;AAAA,EACnB,OAAO,EAAE,OAAO;AAClB,CAAC;AAED,MAAM,YAA8B;AAAA,EAClC,SAAS;AAAA,EACT,aAAa;AAAA,EACb,MAAM,CAAC,yBAAyB;AAAA,EAChC,aAAa;AAAA,IACX,QAAQ;AAAA,IACR,aAAa;AAAA,EACf;AAAA,EACA,WAAW;AAAA,IACT,EAAE,QAAQ,KAAK,aAAa,mBAAmB,QAAQ,qBAAqB;AAAA,EAC9E;AAAA,EACA,QAAQ;AAAA,IACN,EAAE,QAAQ,KAAK,aAAa,+CAA+C,QAAQ,YAAY;AAAA,IAC/F,EAAE,QAAQ,KAAK,aAAa,4BAA4B,QAAQ,qBAAqB;AAAA,IACrF,EAAE,QAAQ,KAAK,aAAa,yCAAyC,QAAQ,YAAY;AAAA,EAC3F;AACF;AAEO,MAAM,UAA2B;AAAA,EACtC,SAAS;AAAA,EACT,aAAa;AAAA,EACb,SAAS,EAAE,MAAM,UAAU;AAC7B;",
   "names": ["subject", "copy"]
 }

package/dist/modules/customer_accounts/data/entities.js CHANGED Viewed

@@ -8,7 +8,7 @@ var __decorateClass = (decorators, target, key, kind) => {
   if (kind && result) __defProp(target, key, result);
   return result;
 };
-import { Entity, PrimaryKey, Property, ManyToOne, Unique, Index } from "@mikro-orm/core";
+import { Entity, Index, ManyToOne, PrimaryKey, Property, Unique } from "@mikro-orm/decorators/legacy";
 let CustomerUser = class {
   constructor() {
     this.failedLoginAttempts = 0;

package/dist/modules/customer_accounts/data/entities.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../src/modules/customer_accounts/data/entities.ts"],
-  "sourcesContent": ["import { Entity, PrimaryKey, Property, ManyToOne, Unique, Index } from '@mikro-orm/core'\n\n@Entity({ tableName: 'customer_users' })\n@Unique({ properties: ['tenantId', 'emailHash'], name: 'customer_users_tenant_email_hash_uniq' })\nexport class CustomerUser {\n  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })\n  id!: string\n\n  @Property({ name: 'tenant_id', type: 'uuid' })\n  tenantId!: string\n\n  @Property({ name: 'organization_id', type: 'uuid' })\n  organizationId!: string\n\n  @Property({ type: 'text' })\n  email!: string\n\n  @Property({ name: 'email_hash', type: 'text' })\n  @Index({ name: 'customer_users_email_hash_idx' })\n  emailHash!: string\n\n  @Property({ name: 'password_hash', type: 'text', nullable: true })\n  passwordHash?: string | null\n\n  @Property({ name: 'display_name', type: 'text' })\n  displayName!: string\n\n  @Property({ name: 'email_verified_at', type: Date, nullable: true })\n  emailVerifiedAt?: Date | null\n\n  @Property({ name: 'failed_login_attempts', type: 'int', default: 0 })\n  failedLoginAttempts: number = 0\n\n  @Property({ name: 'locked_until', type: Date, nullable: true })\n  lockedUntil?: Date | null\n\n  @Property({ name: 'last_login_at', type: Date, nullable: true })\n  lastLoginAt?: Date | null\n\n  @Property({ name: 'sessions_revoked_at', type: Date, nullable: true })\n  sessionsRevokedAt?: Date | null\n\n  @Property({ name: 'person_entity_id', type: 'uuid', nullable: true })\n  @Index({ name: 'customer_users_person_entity_idx' })\n  personEntityId?: string | null\n\n  @Property({ name: 'customer_entity_id', type: 'uuid', nullable: true })\n  @Index({ name: 'customer_users_customer_entity_idx' })\n  customerEntityId?: string | null\n\n  @Property({ name: 'is_active', type: 'boolean', default: true })\n  isActive: boolean = true\n\n  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })\n  createdAt: Date = new Date()\n\n  @Property({ name: 'updated_at', type: Date, onUpdate: () => new Date(), nullable: true })\n  updatedAt?: Date\n\n  @Property({ name: 'deleted_at', type: Date, nullable: true })\n  deletedAt?: Date | null\n}\n\n@Entity({ tableName: 'customer_roles' })\n@Unique({ properties: ['tenantId', 'slug'], name: 'customer_roles_tenant_slug_uniq' })\nexport class CustomerRole {\n  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })\n  id!: string\n\n  @Property({ name: 'tenant_id', type: 'uuid' })\n  tenantId!: string\n\n  @Property({ name: 'organization_id', type: 'uuid' })\n  organizationId!: string\n\n  @Property({ type: 'text' })\n  name!: string\n\n  @Property({ type: 'text' })\n  slug!: string\n\n  @Property({ type: 'text', nullable: true })\n  description?: string | null\n\n  @Property({ name: 'is_default', type: 'boolean', default: false })\n  isDefault: boolean = false\n\n  @Property({ name: 'is_system', type: 'boolean', default: false })\n  isSystem: boolean = false\n\n  @Property({ name: 'customer_assignable', type: 'boolean', default: false })\n  customerAssignable: boolean = false\n\n  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })\n  createdAt: Date = new Date()\n\n  @Property({ name: 'updated_at', type: Date, onUpdate: () => new Date(), nullable: true })\n  updatedAt?: Date\n\n  @Property({ name: 'deleted_at', type: Date, nullable: true })\n  deletedAt?: Date | null\n}\n\n@Entity({ tableName: 'customer_role_acls' })\n@Unique({ properties: ['role', 'tenantId'], name: 'customer_role_acls_role_tenant_uniq' })\nexport class CustomerRoleAcl {\n  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })\n  id!: string\n\n  @ManyToOne(() => CustomerRole)\n  role!: CustomerRole\n\n  @Property({ name: 'tenant_id', type: 'uuid' })\n  tenantId!: string\n\n  @Property({ name: 'features_json', type: 'json', nullable: true })\n  featuresJson?: string[] | null\n\n  @Property({ name: 'is_portal_admin', type: 'boolean', default: false })\n  isPortalAdmin: boolean = false\n\n  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })\n  createdAt: Date = new Date()\n\n  @Property({ name: 'updated_at', type: Date, onUpdate: () => new Date(), nullable: true })\n  updatedAt?: Date\n\n  @Property({ name: 'deleted_at', type: Date, nullable: true })\n  deletedAt?: Date | null\n}\n\n@Entity({ tableName: 'customer_user_roles' })\n@Unique({ properties: ['user', 'role'], name: 'customer_user_roles_user_role_uniq' })\nexport class CustomerUserRole {\n  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })\n  id!: string\n\n  @ManyToOne(() => CustomerUser)\n  user!: CustomerUser\n\n  @ManyToOne(() => CustomerRole)\n  role!: CustomerRole\n\n  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })\n  createdAt: Date = new Date()\n\n  @Property({ name: 'deleted_at', type: Date, nullable: true })\n  deletedAt?: Date | null\n}\n\n@Entity({ tableName: 'customer_user_acls' })\n@Unique({ properties: ['user', 'tenantId'], name: 'customer_user_acls_user_tenant_uniq' })\nexport class CustomerUserAcl {\n  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })\n  id!: string\n\n  @ManyToOne(() => CustomerUser)\n  user!: CustomerUser\n\n  @Property({ name: 'tenant_id', type: 'uuid' })\n  tenantId!: string\n\n  @Property({ name: 'features_json', type: 'json', nullable: true })\n  featuresJson?: string[] | null\n\n  @Property({ name: 'is_portal_admin', type: 'boolean', default: false })\n  isPortalAdmin: boolean = false\n\n  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })\n  createdAt: Date = new Date()\n\n  @Property({ name: 'updated_at', type: Date, onUpdate: () => new Date(), nullable: true })\n  updatedAt?: Date\n\n  @Property({ name: 'deleted_at', type: Date, nullable: true })\n  deletedAt?: Date | null\n}\n\n@Entity({ tableName: 'customer_user_sessions' })\n@Index({ properties: ['tokenHash'], name: 'customer_user_sessions_token_hash_idx' })\nexport class CustomerUserSession {\n  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })\n  id!: string\n\n  @ManyToOne(() => CustomerUser)\n  user!: CustomerUser\n\n  @Property({ name: 'token_hash', type: 'text' })\n  tokenHash!: string\n\n  @Property({ name: 'ip_address', type: 'text', nullable: true })\n  ipAddress?: string | null\n\n  @Property({ name: 'user_agent', type: 'text', nullable: true })\n  userAgent?: string | null\n\n  @Property({ name: 'expires_at', type: Date })\n  expiresAt!: Date\n\n  @Property({ name: 'last_used_at', type: Date, nullable: true })\n  lastUsedAt?: Date | null\n\n  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })\n  createdAt: Date = new Date()\n\n  @Property({ name: 'deleted_at', type: Date, nullable: true })\n  deletedAt?: Date | null\n}\n\n@Entity({ tableName: 'customer_user_email_verifications' })\n@Index({ properties: ['token'], name: 'customer_user_email_verifications_token_idx' })\nexport class CustomerUserEmailVerification {\n  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })\n  id!: string\n\n  @ManyToOne(() => CustomerUser)\n  user!: CustomerUser\n\n  @Property({ type: 'text' })\n  token!: string\n\n  @Property({ type: 'text', default: 'email_verification' })\n  purpose: string = 'email_verification'\n\n  @Property({ name: 'expires_at', type: Date })\n  expiresAt!: Date\n\n  @Property({ name: 'used_at', type: Date, nullable: true })\n  usedAt?: Date | null\n\n  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })\n  createdAt: Date = new Date()\n}\n\n@Entity({ tableName: 'customer_user_password_resets' })\n@Index({ properties: ['token'], name: 'customer_user_password_resets_token_idx' })\nexport class CustomerUserPasswordReset {\n  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })\n  id!: string\n\n  @ManyToOne(() => CustomerUser)\n  user!: CustomerUser\n\n  @Property({ type: 'text' })\n  token!: string\n\n  @Property({ name: 'expires_at', type: Date })\n  expiresAt!: Date\n\n  @Property({ name: 'used_at', type: Date, nullable: true })\n  usedAt?: Date | null\n\n  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })\n  createdAt: Date = new Date()\n}\n\n@Entity({ tableName: 'customer_user_invitations' })\n@Index({ properties: ['token'], name: 'customer_user_invitations_token_idx' })\n@Index({ properties: ['tenantId', 'emailHash'], name: 'customer_user_invitations_tenant_email_hash_idx' })\nexport class CustomerUserInvitation {\n  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })\n  id!: string\n\n  @Property({ name: 'tenant_id', type: 'uuid' })\n  tenantId!: string\n\n  @Property({ name: 'organization_id', type: 'uuid' })\n  organizationId!: string\n\n  @Property({ type: 'text' })\n  email!: string\n\n  @Property({ name: 'email_hash', type: 'text' })\n  emailHash!: string\n\n  @Property({ type: 'text' })\n  token!: string\n\n  @Property({ name: 'customer_entity_id', type: 'uuid', nullable: true })\n  customerEntityId?: string | null\n\n  @Property({ name: 'role_ids_json', type: 'json', nullable: true })\n  roleIdsJson?: string[] | null\n\n  @Property({ name: 'invited_by_user_id', type: 'uuid', nullable: true })\n  invitedByUserId?: string | null\n\n  @Property({ name: 'invited_by_customer_user_id', type: 'uuid', nullable: true })\n  invitedByCustomerUserId?: string | null\n\n  @Property({ name: 'display_name', type: 'text', nullable: true })\n  displayName?: string | null\n\n  @Property({ name: 'expires_at', type: Date })\n  expiresAt!: Date\n\n  @Property({ name: 'accepted_at', type: Date, nullable: true })\n  acceptedAt?: Date | null\n\n  @Property({ name: 'cancelled_at', type: Date, nullable: true })\n  cancelledAt?: Date | null\n\n  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })\n  createdAt: Date = new Date()\n}\n"],
-  "mappings": ";;;;;;;;;;AAAA,SAAS,QAAQ,YAAY,UAAU,WAAW,QAAQ,aAAa;AAIhE,IAAM,eAAN,MAAmB;AAAA,EAAnB;AA2BL,+BAA8B;AAoB9B,oBAAoB;AAGpB,qBAAkB,oBAAI,KAAK;AAAA;AAO7B;AAvDE;AAAA,EADC,WAAW,EAAE,MAAM,QAAQ,YAAY,oBAAoB,CAAC;AAAA,GADlD,aAEX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,OAAO,CAAC;AAAA,GAJlC,aAKX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,mBAAmB,MAAM,OAAO,CAAC;AAAA,GAPxC,aAQX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,OAAO,CAAC;AAAA,GAVf,aAWX;AAIA;AAAA,EAFC,SAAS,EAAE,MAAM,cAAc,MAAM,OAAO,CAAC;AAAA,EAC7C,MAAM,EAAE,MAAM,gCAAgC,CAAC;AAAA,GAdrC,aAeX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,iBAAiB,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAjBtD,aAkBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,gBAAgB,MAAM,OAAO,CAAC;AAAA,GApBrC,aAqBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,qBAAqB,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GAvBxD,aAwBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,yBAAyB,MAAM,OAAO,SAAS,EAAE,CAAC;AAAA,GA1BzD,aA2BX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,gBAAgB,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GA7BnD,aA8BX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,iBAAiB,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GAhCpD,aAiCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,uBAAuB,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GAnC1D,aAoCX;AAIA;AAAA,EAFC,SAAS,EAAE,MAAM,oBAAoB,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,EACnE,MAAM,EAAE,MAAM,mCAAmC,CAAC;AAAA,GAvCxC,aAwCX;AAIA;AAAA,EAFC,SAAS,EAAE,MAAM,sBAAsB,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,EACrE,MAAM,EAAE,MAAM,qCAAqC,CAAC;AAAA,GA3C1C,aA4CX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,WAAW,SAAS,KAAK,CAAC;AAAA,GA9CpD,aA+CX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GAjD7D,aAkDX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,GAAG,UAAU,KAAK,CAAC;AAAA,GApD7E,aAqDX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GAvDjD,aAwDX;AAxDW,eAAN;AAAA,EAFN,OAAO,EAAE,WAAW,iBAAiB,CAAC;AAAA,EACtC,OAAO,EAAE,YAAY,CAAC,YAAY,WAAW,GAAG,MAAM,wCAAwC,CAAC;AAAA,GACnF;AA6DN,IAAM,eAAN,MAAmB;AAAA,EAAnB;AAoBL,qBAAqB;AAGrB,oBAAoB;AAGpB,8BAA8B;AAG9B,qBAAkB,oBAAI,KAAK;AAAA;AAO7B;AAlCE;AAAA,EADC,WAAW,EAAE,MAAM,QAAQ,YAAY,oBAAoB,CAAC;AAAA,GADlD,aAEX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,OAAO,CAAC;AAAA,GAJlC,aAKX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,mBAAmB,MAAM,OAAO,CAAC;AAAA,GAPxC,aAQX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,OAAO,CAAC;AAAA,GAVf,aAWX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,OAAO,CAAC;AAAA,GAbf,aAcX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAhB/B,aAiBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,WAAW,SAAS,MAAM,CAAC;AAAA,GAnBtD,aAoBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,WAAW,SAAS,MAAM,CAAC;AAAA,GAtBrD,aAuBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,uBAAuB,MAAM,WAAW,SAAS,MAAM,CAAC;AAAA,GAzB/D,aA0BX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GA5B7D,aA6BX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,GAAG,UAAU,KAAK,CAAC;AAAA,GA/B7E,aAgCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GAlCjD,aAmCX;AAnCW,eAAN;AAAA,EAFN,OAAO,EAAE,WAAW,iBAAiB,CAAC;AAAA,EACtC,OAAO,EAAE,YAAY,CAAC,YAAY,MAAM,GAAG,MAAM,kCAAkC,CAAC;AAAA,GACxE;AAwCN,IAAM,kBAAN,MAAsB;AAAA,EAAtB;AAcL,yBAAyB;AAGzB,qBAAkB,oBAAI,KAAK;AAAA;AAO7B;AAtBE;AAAA,EADC,WAAW,EAAE,MAAM,QAAQ,YAAY,oBAAoB,CAAC;AAAA,GADlD,gBAEX;AAGA;AAAA,EADC,UAAU,MAAM,YAAY;AAAA,GAJlB,gBAKX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,OAAO,CAAC;AAAA,GAPlC,gBAQX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,iBAAiB,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAVtD,gBAWX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,mBAAmB,MAAM,WAAW,SAAS,MAAM,CAAC;AAAA,GAb3D,gBAcX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GAhB7D,gBAiBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,GAAG,UAAU,KAAK,CAAC;AAAA,GAnB7E,gBAoBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GAtBjD,gBAuBX;AAvBW,kBAAN;AAAA,EAFN,OAAO,EAAE,WAAW,qBAAqB,CAAC;AAAA,EAC1C,OAAO,EAAE,YAAY,CAAC,QAAQ,UAAU,GAAG,MAAM,sCAAsC,CAAC;AAAA,GAC5E;AA4BN,IAAM,mBAAN,MAAuB;AAAA,EAAvB;AAWL,qBAAkB,oBAAI,KAAK;AAAA;AAI7B;AAbE;AAAA,EADC,WAAW,EAAE,MAAM,QAAQ,YAAY,oBAAoB,CAAC;AAAA,GADlD,iBAEX;AAGA;AAAA,EADC,UAAU,MAAM,YAAY;AAAA,GAJlB,iBAKX;AAGA;AAAA,EADC,UAAU,MAAM,YAAY;AAAA,GAPlB,iBAQX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GAV7D,iBAWX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GAbjD,iBAcX;AAdW,mBAAN;AAAA,EAFN,OAAO,EAAE,WAAW,sBAAsB,CAAC;AAAA,EAC3C,OAAO,EAAE,YAAY,CAAC,QAAQ,MAAM,GAAG,MAAM,qCAAqC,CAAC;AAAA,GACvE;AAmBN,IAAM,kBAAN,MAAsB;AAAA,EAAtB;AAcL,yBAAyB;AAGzB,qBAAkB,oBAAI,KAAK;AAAA;AAO7B;AAtBE;AAAA,EADC,WAAW,EAAE,MAAM,QAAQ,YAAY,oBAAoB,CAAC;AAAA,GADlD,gBAEX;AAGA;AAAA,EADC,UAAU,MAAM,YAAY;AAAA,GAJlB,gBAKX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,OAAO,CAAC;AAAA,GAPlC,gBAQX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,iBAAiB,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAVtD,gBAWX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,mBAAmB,MAAM,WAAW,SAAS,MAAM,CAAC;AAAA,GAb3D,gBAcX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GAhB7D,gBAiBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,GAAG,UAAU,KAAK,CAAC;AAAA,GAnB7E,gBAoBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GAtBjD,gBAuBX;AAvBW,kBAAN;AAAA,EAFN,OAAO,EAAE,WAAW,qBAAqB,CAAC;AAAA,EAC1C,OAAO,EAAE,YAAY,CAAC,QAAQ,UAAU,GAAG,MAAM,sCAAsC,CAAC;AAAA,GAC5E;AA4BN,IAAM,sBAAN,MAA0B;AAAA,EAA1B;AAuBL,qBAAkB,oBAAI,KAAK;AAAA;AAI7B;AAzBE;AAAA,EADC,WAAW,EAAE,MAAM,QAAQ,YAAY,oBAAoB,CAAC;AAAA,GADlD,oBAEX;AAGA;AAAA,EADC,UAAU,MAAM,YAAY;AAAA,GAJlB,oBAKX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,OAAO,CAAC;AAAA,GAPnC,oBAQX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAVnD,oBAWX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAbnD,oBAcX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,KAAK,CAAC;AAAA,GAhBjC,oBAiBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,gBAAgB,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GAnBnD,oBAoBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GAtB7D,oBAuBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GAzBjD,oBA0BX;AA1BW,sBAAN;AAAA,EAFN,OAAO,EAAE,WAAW,yBAAyB,CAAC;AAAA,EAC9C,MAAM,EAAE,YAAY,CAAC,WAAW,GAAG,MAAM,wCAAwC,CAAC;AAAA,GACtE;AA+BN,IAAM,gCAAN,MAAoC;AAAA,EAApC;AAWL,mBAAkB;AASlB,qBAAkB,oBAAI,KAAK;AAAA;AAC7B;AAnBE;AAAA,EADC,WAAW,EAAE,MAAM,QAAQ,YAAY,oBAAoB,CAAC;AAAA,GADlD,8BAEX;AAGA;AAAA,EADC,UAAU,MAAM,YAAY;AAAA,GAJlB,8BAKX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,OAAO,CAAC;AAAA,GAPf,8BAQX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,QAAQ,SAAS,qBAAqB,CAAC;AAAA,GAV9C,8BAWX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,KAAK,CAAC;AAAA,GAbjC,8BAcX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,WAAW,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GAhB9C,8BAiBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GAnB7D,8BAoBX;AApBW,gCAAN;AAAA,EAFN,OAAO,EAAE,WAAW,oCAAoC,CAAC;AAAA,EACzD,MAAM,EAAE,YAAY,CAAC,OAAO,GAAG,MAAM,8CAA8C,CAAC;AAAA,GACxE;AAyBN,IAAM,4BAAN,MAAgC;AAAA,EAAhC;AAiBL,qBAAkB,oBAAI,KAAK;AAAA;AAC7B;AAhBE;AAAA,EADC,WAAW,EAAE,MAAM,QAAQ,YAAY,oBAAoB,CAAC;AAAA,GADlD,0BAEX;AAGA;AAAA,EADC,UAAU,MAAM,YAAY;AAAA,GAJlB,0BAKX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,OAAO,CAAC;AAAA,GAPf,0BAQX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,KAAK,CAAC;AAAA,GAVjC,0BAWX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,WAAW,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GAb9C,0BAcX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GAhB7D,0BAiBX;AAjBW,4BAAN;AAAA,EAFN,OAAO,EAAE,WAAW,gCAAgC,CAAC;AAAA,EACrD,MAAM,EAAE,YAAY,CAAC,OAAO,GAAG,MAAM,0CAA0C,CAAC;AAAA,GACpE;AAuBN,IAAM,yBAAN,MAA6B;AAAA,EAA7B;AA4CL,qBAAkB,oBAAI,KAAK;AAAA;AAC7B;AA3CE;AAAA,EADC,WAAW,EAAE,MAAM,QAAQ,YAAY,oBAAoB,CAAC;AAAA,GADlD,uBAEX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,OAAO,CAAC;AAAA,GAJlC,uBAKX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,mBAAmB,MAAM,OAAO,CAAC;AAAA,GAPxC,uBAQX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,OAAO,CAAC;AAAA,GAVf,uBAWX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,OAAO,CAAC;AAAA,GAbnC,uBAcX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,OAAO,CAAC;AAAA,GAhBf,uBAiBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,sBAAsB,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAnB3D,uBAoBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,iBAAiB,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAtBtD,uBAuBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,sBAAsB,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAzB3D,uBA0BX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,+BAA+B,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GA5BpE,uBA6BX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,gBAAgB,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GA/BrD,uBAgCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,KAAK,CAAC;AAAA,GAlCjC,uBAmCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,eAAe,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GArClD,uBAsCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,gBAAgB,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GAxCnD,uBAyCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GA3C7D,uBA4CX;AA5CW,yBAAN;AAAA,EAHN,OAAO,EAAE,WAAW,4BAA4B,CAAC;AAAA,EACjD,MAAM,EAAE,YAAY,CAAC,OAAO,GAAG,MAAM,sCAAsC,CAAC;AAAA,EAC5E,MAAM,EAAE,YAAY,CAAC,YAAY,WAAW,GAAG,MAAM,kDAAkD,CAAC;AAAA,GAC5F;",
+  "sourcesContent": ["import { Entity, Index, ManyToOne, PrimaryKey, Property, Unique } from '@mikro-orm/decorators/legacy'\n\n@Entity({ tableName: 'customer_users' })\n@Unique({ properties: ['tenantId', 'emailHash'], name: 'customer_users_tenant_email_hash_uniq' })\nexport class CustomerUser {\n  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })\n  id!: string\n\n  @Property({ name: 'tenant_id', type: 'uuid' })\n  tenantId!: string\n\n  @Property({ name: 'organization_id', type: 'uuid' })\n  organizationId!: string\n\n  @Property({ type: 'text' })\n  email!: string\n\n  @Property({ name: 'email_hash', type: 'text' })\n  @Index({ name: 'customer_users_email_hash_idx' })\n  emailHash!: string\n\n  @Property({ name: 'password_hash', type: 'text', nullable: true })\n  passwordHash?: string | null\n\n  @Property({ name: 'display_name', type: 'text' })\n  displayName!: string\n\n  @Property({ name: 'email_verified_at', type: Date, nullable: true })\n  emailVerifiedAt?: Date | null\n\n  @Property({ name: 'failed_login_attempts', type: 'int', default: 0 })\n  failedLoginAttempts: number = 0\n\n  @Property({ name: 'locked_until', type: Date, nullable: true })\n  lockedUntil?: Date | null\n\n  @Property({ name: 'last_login_at', type: Date, nullable: true })\n  lastLoginAt?: Date | null\n\n  @Property({ name: 'sessions_revoked_at', type: Date, nullable: true })\n  sessionsRevokedAt?: Date | null\n\n  @Property({ name: 'person_entity_id', type: 'uuid', nullable: true })\n  @Index({ name: 'customer_users_person_entity_idx' })\n  personEntityId?: string | null\n\n  @Property({ name: 'customer_entity_id', type: 'uuid', nullable: true })\n  @Index({ name: 'customer_users_customer_entity_idx' })\n  customerEntityId?: string | null\n\n  @Property({ name: 'is_active', type: 'boolean', default: true })\n  isActive: boolean = true\n\n  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })\n  createdAt: Date = new Date()\n\n  @Property({ name: 'updated_at', type: Date, onUpdate: () => new Date(), nullable: true })\n  updatedAt?: Date\n\n  @Property({ name: 'deleted_at', type: Date, nullable: true })\n  deletedAt?: Date | null\n}\n\n@Entity({ tableName: 'customer_roles' })\n@Unique({ properties: ['tenantId', 'slug'], name: 'customer_roles_tenant_slug_uniq' })\nexport class CustomerRole {\n  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })\n  id!: string\n\n  @Property({ name: 'tenant_id', type: 'uuid' })\n  tenantId!: string\n\n  @Property({ name: 'organization_id', type: 'uuid' })\n  organizationId!: string\n\n  @Property({ type: 'text' })\n  name!: string\n\n  @Property({ type: 'text' })\n  slug!: string\n\n  @Property({ type: 'text', nullable: true })\n  description?: string | null\n\n  @Property({ name: 'is_default', type: 'boolean', default: false })\n  isDefault: boolean = false\n\n  @Property({ name: 'is_system', type: 'boolean', default: false })\n  isSystem: boolean = false\n\n  @Property({ name: 'customer_assignable', type: 'boolean', default: false })\n  customerAssignable: boolean = false\n\n  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })\n  createdAt: Date = new Date()\n\n  @Property({ name: 'updated_at', type: Date, onUpdate: () => new Date(), nullable: true })\n  updatedAt?: Date\n\n  @Property({ name: 'deleted_at', type: Date, nullable: true })\n  deletedAt?: Date | null\n}\n\n@Entity({ tableName: 'customer_role_acls' })\n@Unique({ properties: ['role', 'tenantId'], name: 'customer_role_acls_role_tenant_uniq' })\nexport class CustomerRoleAcl {\n  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })\n  id!: string\n\n  @ManyToOne(() => CustomerRole)\n  role!: CustomerRole\n\n  @Property({ name: 'tenant_id', type: 'uuid' })\n  tenantId!: string\n\n  @Property({ name: 'features_json', type: 'json', nullable: true })\n  featuresJson?: string[] | null\n\n  @Property({ name: 'is_portal_admin', type: 'boolean', default: false })\n  isPortalAdmin: boolean = false\n\n  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })\n  createdAt: Date = new Date()\n\n  @Property({ name: 'updated_at', type: Date, onUpdate: () => new Date(), nullable: true })\n  updatedAt?: Date\n\n  @Property({ name: 'deleted_at', type: Date, nullable: true })\n  deletedAt?: Date | null\n}\n\n@Entity({ tableName: 'customer_user_roles' })\n@Unique({ properties: ['user', 'role'], name: 'customer_user_roles_user_role_uniq' })\nexport class CustomerUserRole {\n  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })\n  id!: string\n\n  @ManyToOne(() => CustomerUser)\n  user!: CustomerUser\n\n  @ManyToOne(() => CustomerRole)\n  role!: CustomerRole\n\n  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })\n  createdAt: Date = new Date()\n\n  @Property({ name: 'deleted_at', type: Date, nullable: true })\n  deletedAt?: Date | null\n}\n\n@Entity({ tableName: 'customer_user_acls' })\n@Unique({ properties: ['user', 'tenantId'], name: 'customer_user_acls_user_tenant_uniq' })\nexport class CustomerUserAcl {\n  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })\n  id!: string\n\n  @ManyToOne(() => CustomerUser)\n  user!: CustomerUser\n\n  @Property({ name: 'tenant_id', type: 'uuid' })\n  tenantId!: string\n\n  @Property({ name: 'features_json', type: 'json', nullable: true })\n  featuresJson?: string[] | null\n\n  @Property({ name: 'is_portal_admin', type: 'boolean', default: false })\n  isPortalAdmin: boolean = false\n\n  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })\n  createdAt: Date = new Date()\n\n  @Property({ name: 'updated_at', type: Date, onUpdate: () => new Date(), nullable: true })\n  updatedAt?: Date\n\n  @Property({ name: 'deleted_at', type: Date, nullable: true })\n  deletedAt?: Date | null\n}\n\n@Entity({ tableName: 'customer_user_sessions' })\n@Index({ properties: ['tokenHash'], name: 'customer_user_sessions_token_hash_idx' })\nexport class CustomerUserSession {\n  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })\n  id!: string\n\n  @ManyToOne(() => CustomerUser)\n  user!: CustomerUser\n\n  @Property({ name: 'token_hash', type: 'text' })\n  tokenHash!: string\n\n  @Property({ name: 'ip_address', type: 'text', nullable: true })\n  ipAddress?: string | null\n\n  @Property({ name: 'user_agent', type: 'text', nullable: true })\n  userAgent?: string | null\n\n  @Property({ name: 'expires_at', type: Date })\n  expiresAt!: Date\n\n  @Property({ name: 'last_used_at', type: Date, nullable: true })\n  lastUsedAt?: Date | null\n\n  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })\n  createdAt: Date = new Date()\n\n  @Property({ name: 'deleted_at', type: Date, nullable: true })\n  deletedAt?: Date | null\n}\n\n@Entity({ tableName: 'customer_user_email_verifications' })\n@Index({ properties: ['token'], name: 'customer_user_email_verifications_token_idx' })\nexport class CustomerUserEmailVerification {\n  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })\n  id!: string\n\n  @ManyToOne(() => CustomerUser)\n  user!: CustomerUser\n\n  @Property({ type: 'text' })\n  token!: string\n\n  @Property({ type: 'text', default: 'email_verification' })\n  purpose: string = 'email_verification'\n\n  @Property({ name: 'expires_at', type: Date })\n  expiresAt!: Date\n\n  @Property({ name: 'used_at', type: Date, nullable: true })\n  usedAt?: Date | null\n\n  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })\n  createdAt: Date = new Date()\n}\n\n@Entity({ tableName: 'customer_user_password_resets' })\n@Index({ properties: ['token'], name: 'customer_user_password_resets_token_idx' })\nexport class CustomerUserPasswordReset {\n  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })\n  id!: string\n\n  @ManyToOne(() => CustomerUser)\n  user!: CustomerUser\n\n  @Property({ type: 'text' })\n  token!: string\n\n  @Property({ name: 'expires_at', type: Date })\n  expiresAt!: Date\n\n  @Property({ name: 'used_at', type: Date, nullable: true })\n  usedAt?: Date | null\n\n  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })\n  createdAt: Date = new Date()\n}\n\n@Entity({ tableName: 'customer_user_invitations' })\n@Index({ properties: ['token'], name: 'customer_user_invitations_token_idx' })\n@Index({ properties: ['tenantId', 'emailHash'], name: 'customer_user_invitations_tenant_email_hash_idx' })\nexport class CustomerUserInvitation {\n  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })\n  id!: string\n\n  @Property({ name: 'tenant_id', type: 'uuid' })\n  tenantId!: string\n\n  @Property({ name: 'organization_id', type: 'uuid' })\n  organizationId!: string\n\n  @Property({ type: 'text' })\n  email!: string\n\n  @Property({ name: 'email_hash', type: 'text' })\n  emailHash!: string\n\n  @Property({ type: 'text' })\n  token!: string\n\n  @Property({ name: 'customer_entity_id', type: 'uuid', nullable: true })\n  customerEntityId?: string | null\n\n  @Property({ name: 'role_ids_json', type: 'json', nullable: true })\n  roleIdsJson?: string[] | null\n\n  @Property({ name: 'invited_by_user_id', type: 'uuid', nullable: true })\n  invitedByUserId?: string | null\n\n  @Property({ name: 'invited_by_customer_user_id', type: 'uuid', nullable: true })\n  invitedByCustomerUserId?: string | null\n\n  @Property({ name: 'display_name', type: 'text', nullable: true })\n  displayName?: string | null\n\n  @Property({ name: 'expires_at', type: Date })\n  expiresAt!: Date\n\n  @Property({ name: 'accepted_at', type: Date, nullable: true })\n  acceptedAt?: Date | null\n\n  @Property({ name: 'cancelled_at', type: Date, nullable: true })\n  cancelledAt?: Date | null\n\n  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })\n  createdAt: Date = new Date()\n}\n"],
+  "mappings": ";;;;;;;;;;AAAA,SAAS,QAAQ,OAAO,WAAW,YAAY,UAAU,cAAc;AAIhE,IAAM,eAAN,MAAmB;AAAA,EAAnB;AA2BL,+BAA8B;AAoB9B,oBAAoB;AAGpB,qBAAkB,oBAAI,KAAK;AAAA;AAO7B;AAvDE;AAAA,EADC,WAAW,EAAE,MAAM,QAAQ,YAAY,oBAAoB,CAAC;AAAA,GADlD,aAEX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,OAAO,CAAC;AAAA,GAJlC,aAKX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,mBAAmB,MAAM,OAAO,CAAC;AAAA,GAPxC,aAQX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,OAAO,CAAC;AAAA,GAVf,aAWX;AAIA;AAAA,EAFC,SAAS,EAAE,MAAM,cAAc,MAAM,OAAO,CAAC;AAAA,EAC7C,MAAM,EAAE,MAAM,gCAAgC,CAAC;AAAA,GAdrC,aAeX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,iBAAiB,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAjBtD,aAkBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,gBAAgB,MAAM,OAAO,CAAC;AAAA,GApBrC,aAqBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,qBAAqB,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GAvBxD,aAwBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,yBAAyB,MAAM,OAAO,SAAS,EAAE,CAAC;AAAA,GA1BzD,aA2BX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,gBAAgB,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GA7BnD,aA8BX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,iBAAiB,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GAhCpD,aAiCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,uBAAuB,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GAnC1D,aAoCX;AAIA;AAAA,EAFC,SAAS,EAAE,MAAM,oBAAoB,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,EACnE,MAAM,EAAE,MAAM,mCAAmC,CAAC;AAAA,GAvCxC,aAwCX;AAIA;AAAA,EAFC,SAAS,EAAE,MAAM,sBAAsB,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,EACrE,MAAM,EAAE,MAAM,qCAAqC,CAAC;AAAA,GA3C1C,aA4CX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,WAAW,SAAS,KAAK,CAAC;AAAA,GA9CpD,aA+CX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GAjD7D,aAkDX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,GAAG,UAAU,KAAK,CAAC;AAAA,GApD7E,aAqDX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GAvDjD,aAwDX;AAxDW,eAAN;AAAA,EAFN,OAAO,EAAE,WAAW,iBAAiB,CAAC;AAAA,EACtC,OAAO,EAAE,YAAY,CAAC,YAAY,WAAW,GAAG,MAAM,wCAAwC,CAAC;AAAA,GACnF;AA6DN,IAAM,eAAN,MAAmB;AAAA,EAAnB;AAoBL,qBAAqB;AAGrB,oBAAoB;AAGpB,8BAA8B;AAG9B,qBAAkB,oBAAI,KAAK;AAAA;AAO7B;AAlCE;AAAA,EADC,WAAW,EAAE,MAAM,QAAQ,YAAY,oBAAoB,CAAC;AAAA,GADlD,aAEX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,OAAO,CAAC;AAAA,GAJlC,aAKX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,mBAAmB,MAAM,OAAO,CAAC;AAAA,GAPxC,aAQX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,OAAO,CAAC;AAAA,GAVf,aAWX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,OAAO,CAAC;AAAA,GAbf,aAcX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAhB/B,aAiBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,WAAW,SAAS,MAAM,CAAC;AAAA,GAnBtD,aAoBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,WAAW,SAAS,MAAM,CAAC;AAAA,GAtBrD,aAuBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,uBAAuB,MAAM,WAAW,SAAS,MAAM,CAAC;AAAA,GAzB/D,aA0BX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GA5B7D,aA6BX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,GAAG,UAAU,KAAK,CAAC;AAAA,GA/B7E,aAgCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GAlCjD,aAmCX;AAnCW,eAAN;AAAA,EAFN,OAAO,EAAE,WAAW,iBAAiB,CAAC;AAAA,EACtC,OAAO,EAAE,YAAY,CAAC,YAAY,MAAM,GAAG,MAAM,kCAAkC,CAAC;AAAA,GACxE;AAwCN,IAAM,kBAAN,MAAsB;AAAA,EAAtB;AAcL,yBAAyB;AAGzB,qBAAkB,oBAAI,KAAK;AAAA;AAO7B;AAtBE;AAAA,EADC,WAAW,EAAE,MAAM,QAAQ,YAAY,oBAAoB,CAAC;AAAA,GADlD,gBAEX;AAGA;AAAA,EADC,UAAU,MAAM,YAAY;AAAA,GAJlB,gBAKX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,OAAO,CAAC;AAAA,GAPlC,gBAQX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,iBAAiB,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAVtD,gBAWX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,mBAAmB,MAAM,WAAW,SAAS,MAAM,CAAC;AAAA,GAb3D,gBAcX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GAhB7D,gBAiBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,GAAG,UAAU,KAAK,CAAC;AAAA,GAnB7E,gBAoBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GAtBjD,gBAuBX;AAvBW,kBAAN;AAAA,EAFN,OAAO,EAAE,WAAW,qBAAqB,CAAC;AAAA,EAC1C,OAAO,EAAE,YAAY,CAAC,QAAQ,UAAU,GAAG,MAAM,sCAAsC,CAAC;AAAA,GAC5E;AA4BN,IAAM,mBAAN,MAAuB;AAAA,EAAvB;AAWL,qBAAkB,oBAAI,KAAK;AAAA;AAI7B;AAbE;AAAA,EADC,WAAW,EAAE,MAAM,QAAQ,YAAY,oBAAoB,CAAC;AAAA,GADlD,iBAEX;AAGA;AAAA,EADC,UAAU,MAAM,YAAY;AAAA,GAJlB,iBAKX;AAGA;AAAA,EADC,UAAU,MAAM,YAAY;AAAA,GAPlB,iBAQX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GAV7D,iBAWX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GAbjD,iBAcX;AAdW,mBAAN;AAAA,EAFN,OAAO,EAAE,WAAW,sBAAsB,CAAC;AAAA,EAC3C,OAAO,EAAE,YAAY,CAAC,QAAQ,MAAM,GAAG,MAAM,qCAAqC,CAAC;AAAA,GACvE;AAmBN,IAAM,kBAAN,MAAsB;AAAA,EAAtB;AAcL,yBAAyB;AAGzB,qBAAkB,oBAAI,KAAK;AAAA;AAO7B;AAtBE;AAAA,EADC,WAAW,EAAE,MAAM,QAAQ,YAAY,oBAAoB,CAAC;AAAA,GADlD,gBAEX;AAGA;AAAA,EADC,UAAU,MAAM,YAAY;AAAA,GAJlB,gBAKX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,OAAO,CAAC;AAAA,GAPlC,gBAQX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,iBAAiB,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAVtD,gBAWX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,mBAAmB,MAAM,WAAW,SAAS,MAAM,CAAC;AAAA,GAb3D,gBAcX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GAhB7D,gBAiBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,GAAG,UAAU,KAAK,CAAC;AAAA,GAnB7E,gBAoBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GAtBjD,gBAuBX;AAvBW,kBAAN;AAAA,EAFN,OAAO,EAAE,WAAW,qBAAqB,CAAC;AAAA,EAC1C,OAAO,EAAE,YAAY,CAAC,QAAQ,UAAU,GAAG,MAAM,sCAAsC,CAAC;AAAA,GAC5E;AA4BN,IAAM,sBAAN,MAA0B;AAAA,EAA1B;AAuBL,qBAAkB,oBAAI,KAAK;AAAA;AAI7B;AAzBE;AAAA,EADC,WAAW,EAAE,MAAM,QAAQ,YAAY,oBAAoB,CAAC;AAAA,GADlD,oBAEX;AAGA;AAAA,EADC,UAAU,MAAM,YAAY;AAAA,GAJlB,oBAKX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,OAAO,CAAC;AAAA,GAPnC,oBAQX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAVnD,oBAWX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAbnD,oBAcX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,KAAK,CAAC;AAAA,GAhBjC,oBAiBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,gBAAgB,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GAnBnD,oBAoBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GAtB7D,oBAuBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GAzBjD,oBA0BX;AA1BW,sBAAN;AAAA,EAFN,OAAO,EAAE,WAAW,yBAAyB,CAAC;AAAA,EAC9C,MAAM,EAAE,YAAY,CAAC,WAAW,GAAG,MAAM,wCAAwC,CAAC;AAAA,GACtE;AA+BN,IAAM,gCAAN,MAAoC;AAAA,EAApC;AAWL,mBAAkB;AASlB,qBAAkB,oBAAI,KAAK;AAAA;AAC7B;AAnBE;AAAA,EADC,WAAW,EAAE,MAAM,QAAQ,YAAY,oBAAoB,CAAC;AAAA,GADlD,8BAEX;AAGA;AAAA,EADC,UAAU,MAAM,YAAY;AAAA,GAJlB,8BAKX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,OAAO,CAAC;AAAA,GAPf,8BAQX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,QAAQ,SAAS,qBAAqB,CAAC;AAAA,GAV9C,8BAWX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,KAAK,CAAC;AAAA,GAbjC,8BAcX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,WAAW,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GAhB9C,8BAiBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GAnB7D,8BAoBX;AApBW,gCAAN;AAAA,EAFN,OAAO,EAAE,WAAW,oCAAoC,CAAC;AAAA,EACzD,MAAM,EAAE,YAAY,CAAC,OAAO,GAAG,MAAM,8CAA8C,CAAC;AAAA,GACxE;AAyBN,IAAM,4BAAN,MAAgC;AAAA,EAAhC;AAiBL,qBAAkB,oBAAI,KAAK;AAAA;AAC7B;AAhBE;AAAA,EADC,WAAW,EAAE,MAAM,QAAQ,YAAY,oBAAoB,CAAC;AAAA,GADlD,0BAEX;AAGA;AAAA,EADC,UAAU,MAAM,YAAY;AAAA,GAJlB,0BAKX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,OAAO,CAAC;AAAA,GAPf,0BAQX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,KAAK,CAAC;AAAA,GAVjC,0BAWX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,WAAW,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GAb9C,0BAcX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GAhB7D,0BAiBX;AAjBW,4BAAN;AAAA,EAFN,OAAO,EAAE,WAAW,gCAAgC,CAAC;AAAA,EACrD,MAAM,EAAE,YAAY,CAAC,OAAO,GAAG,MAAM,0CAA0C,CAAC;AAAA,GACpE;AAuBN,IAAM,yBAAN,MAA6B;AAAA,EAA7B;AA4CL,qBAAkB,oBAAI,KAAK;AAAA;AAC7B;AA3CE;AAAA,EADC,WAAW,EAAE,MAAM,QAAQ,YAAY,oBAAoB,CAAC;AAAA,GADlD,uBAEX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,OAAO,CAAC;AAAA,GAJlC,uBAKX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,mBAAmB,MAAM,OAAO,CAAC;AAAA,GAPxC,uBAQX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,OAAO,CAAC;AAAA,GAVf,uBAWX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,OAAO,CAAC;AAAA,GAbnC,uBAcX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,OAAO,CAAC;AAAA,GAhBf,uBAiBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,sBAAsB,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAnB3D,uBAoBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,iBAAiB,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAtBtD,uBAuBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,sBAAsB,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAzB3D,uBA0BX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,+BAA+B,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GA5BpE,uBA6BX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,gBAAgB,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GA/BrD,uBAgCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,KAAK,CAAC;AAAA,GAlCjC,uBAmCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,eAAe,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GArClD,uBAsCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,gBAAgB,MAAM,MAAM,UAAU,KAAK,CAAC;AAAA,GAxCnD,uBAyCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GA3C7D,uBA4CX;AA5CW,yBAAN;AAAA,EAHN,OAAO,EAAE,WAAW,4BAA4B,CAAC;AAAA,EACjD,MAAM,EAAE,YAAY,CAAC,OAAO,GAAG,MAAM,sCAAsC,CAAC;AAAA,EAC5E,MAAM,EAAE,YAAY,CAAC,YAAY,WAAW,GAAG,MAAM,kDAAkD,CAAC;AAAA,GAC5F;",
   "names": []
 }

package/dist/modules/customer_accounts/services/customerInvitationService.js CHANGED Viewed

@@ -33,7 +33,7 @@ class CustomerInvitationService {
       expiresAt,
       createdAt: /* @__PURE__ */ new Date()
     });
-    await this.em.persistAndFlush(invitation);
+    await this.em.persist(invitation).flush();
     return { invitation, rawToken: token };
   }
   async findByToken(token) {

package/dist/modules/customer_accounts/services/customerInvitationService.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../src/modules/customer_accounts/services/customerInvitationService.ts"],
-  "sourcesContent": ["import { EntityManager } from '@mikro-orm/postgresql'\nimport { hash } from 'bcryptjs'\nimport {\n  CustomerUser,\n  CustomerUserInvitation,\n  CustomerUserRole,\n  CustomerRole,\n} from '@open-mercato/core/modules/customer_accounts/data/entities'\nimport { generateSecureToken, hashToken } from '@open-mercato/core/modules/customer_accounts/lib/tokenGenerator'\nimport { hashForLookup } from '@open-mercato/shared/lib/encryption/aes'\nimport { findOneWithDecryption, findWithDecryption } from '@open-mercato/shared/lib/encryption/find'\n\nconst BCRYPT_COST = 10\nconst INVITATION_TTL_MS = 72 * 60 * 60 * 1000 // 72 hours\n\nexport class CustomerInvitationService {\n  constructor(private em: EntityManager) {}\n\n  async createInvitation(\n    email: string,\n    scope: { tenantId: string; organizationId: string },\n    options: {\n      customerEntityId?: string | null\n      roleIds: string[]\n      invitedByUserId?: string | null\n      invitedByCustomerUserId?: string | null\n      displayName?: string | null\n    },\n  ): Promise<{ invitation: CustomerUserInvitation; rawToken: string }> {\n    const token = generateSecureToken()\n    const emailHash = hashForLookup(email)\n    const expiresAt = new Date(Date.now() + INVITATION_TTL_MS)\n\n    const tokenHashed = hashToken(token)\n    const invitation = this.em.create(CustomerUserInvitation, {\n      tenantId: scope.tenantId,\n      organizationId: scope.organizationId,\n      email: email.toLowerCase().trim(),\n      emailHash,\n      token: tokenHashed,\n      customerEntityId: options.customerEntityId || null,\n      roleIdsJson: options.roleIds,\n      invitedByUserId: options.invitedByUserId || null,\n      invitedByCustomerUserId: options.invitedByCustomerUserId || null,\n      displayName: options.displayName || null,\n      expiresAt,\n      createdAt: new Date(),\n    } as any) as CustomerUserInvitation\n    await this.em.persistAndFlush(invitation)\n    return { invitation, rawToken: token }\n  }\n\n  async findByToken(token: string): Promise<CustomerUserInvitation | null> {\n    const tokenHashed = hashToken(token)\n    const invitation = await findOneWithDecryption(\n      this.em,\n      CustomerUserInvitation,\n      { token: tokenHashed } as any,\n    )\n    if (!invitation) return null\n    if (invitation.acceptedAt) return null\n    if (invitation.cancelledAt) return null\n    if (invitation.expiresAt.getTime() < Date.now()) return null\n    return invitation\n  }\n\n  async acceptInvitation(\n    token: string,\n    password: string,\n    displayName: string,\n  ): Promise<{ user: CustomerUser; invitation: CustomerUserInvitation } | null> {\n    const invitation = await this.findByToken(token)\n    if (!invitation) return null\n\n    const passwordHash = await hash(password, BCRYPT_COST)\n    const emailHash = hashForLookup(invitation.email)\n\n    // Create user\n    const user = this.em.create(CustomerUser, {\n      email: invitation.email,\n      emailHash,\n      passwordHash,\n      displayName: displayName || invitation.displayName || invitation.email,\n      tenantId: invitation.tenantId,\n      organizationId: invitation.organizationId,\n      customerEntityId: invitation.customerEntityId || null,\n      isActive: true,\n      emailVerifiedAt: new Date(), // Invitation implicitly verifies email\n      failedLoginAttempts: 0,\n      createdAt: new Date(),\n    } as any) as CustomerUser\n    this.em.persist(user)\n\n    // Assign roles\n    const roleIds = Array.isArray(invitation.roleIdsJson) ? invitation.roleIdsJson : []\n    const roles = roleIds.length > 0\n      ? await findWithDecryption(\n          this.em,\n          CustomerRole,\n          {\n            id: { $in: roleIds } as any,\n            tenantId: invitation.tenantId,\n            deletedAt: null,\n          } as any,\n          undefined,\n          { tenantId: invitation.tenantId, organizationId: invitation.organizationId },\n        )\n      : []\n    for (const role of roles) {\n      const userRole = this.em.create(CustomerUserRole, {\n        user,\n        role,\n        createdAt: new Date(),\n      } as any)\n      this.em.persist(userRole)\n    }\n\n    // Mark invitation as accepted\n    invitation.acceptedAt = new Date()\n\n    await this.em.flush()\n    return { user, invitation }\n  }\n}\n"],
-  "mappings": "AACA,SAAS,YAAY;AACrB;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP,SAAS,qBAAqB,iBAAiB;AAC/C,SAAS,qBAAqB;AAC9B,SAAS,uBAAuB,0BAA0B;AAE1D,MAAM,cAAc;AACpB,MAAM,oBAAoB,KAAK,KAAK,KAAK;AAElC,MAAM,0BAA0B;AAAA,EACrC,YAAoB,IAAmB;AAAnB;AAAA,EAAoB;AAAA,EAExC,MAAM,iBACJ,OACA,OACA,SAOmE;AACnE,UAAM,QAAQ,oBAAoB;AAClC,UAAM,YAAY,cAAc,KAAK;AACrC,UAAM,YAAY,IAAI,KAAK,KAAK,IAAI,IAAI,iBAAiB;AAEzD,UAAM,cAAc,UAAU,KAAK;AACnC,UAAM,aAAa,KAAK,GAAG,OAAO,wBAAwB;AAAA,MACxD,UAAU,MAAM;AAAA,MAChB,gBAAgB,MAAM;AAAA,MACtB,OAAO,MAAM,YAAY,EAAE,KAAK;AAAA,MAChC;AAAA,MACA,OAAO;AAAA,MACP,kBAAkB,QAAQ,oBAAoB;AAAA,MAC9C,aAAa,QAAQ;AAAA,MACrB,iBAAiB,QAAQ,mBAAmB;AAAA,MAC5C,yBAAyB,QAAQ,2BAA2B;AAAA,MAC5D,aAAa,QAAQ,eAAe;AAAA,MACpC;AAAA,MACA,WAAW,oBAAI,KAAK;AAAA,IACtB,CAAQ;AACR,UAAM,KAAK,GAAG,gBAAgB,UAAU;AACxC,WAAO,EAAE,YAAY,UAAU,MAAM;AAAA,EACvC;AAAA,EAEA,MAAM,YAAY,OAAuD;AACvE,UAAM,cAAc,UAAU,KAAK;AACnC,UAAM,aAAa,MAAM;AAAA,MACvB,KAAK;AAAA,MACL;AAAA,MACA,EAAE,OAAO,YAAY;AAAA,IACvB;AACA,QAAI,CAAC,WAAY,QAAO;AACxB,QAAI,WAAW,WAAY,QAAO;AAClC,QAAI,WAAW,YAAa,QAAO;AACnC,QAAI,WAAW,UAAU,QAAQ,IAAI,KAAK,IAAI,EAAG,QAAO;AACxD,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,iBACJ,OACA,UACA,aAC4E;AAC5E,UAAM,aAAa,MAAM,KAAK,YAAY,KAAK;AAC/C,QAAI,CAAC,WAAY,QAAO;AAExB,UAAM,eAAe,MAAM,KAAK,UAAU,WAAW;AACrD,UAAM,YAAY,cAAc,WAAW,KAAK;AAGhD,UAAM,OAAO,KAAK,GAAG,OAAO,cAAc;AAAA,MACxC,OAAO,WAAW;AAAA,MAClB;AAAA,MACA;AAAA,MACA,aAAa,eAAe,WAAW,eAAe,WAAW;AAAA,MACjE,UAAU,WAAW;AAAA,MACrB,gBAAgB,WAAW;AAAA,MAC3B,kBAAkB,WAAW,oBAAoB;AAAA,MACjD,UAAU;AAAA,MACV,iBAAiB,oBAAI,KAAK;AAAA;AAAA,MAC1B,qBAAqB;AAAA,MACrB,WAAW,oBAAI,KAAK;AAAA,IACtB,CAAQ;AACR,SAAK,GAAG,QAAQ,IAAI;AAGpB,UAAM,UAAU,MAAM,QAAQ,WAAW,WAAW,IAAI,WAAW,cAAc,CAAC;AAClF,UAAM,QAAQ,QAAQ,SAAS,IAC3B,MAAM;AAAA,MACJ,KAAK;AAAA,MACL;AAAA,MACA;AAAA,QACE,IAAI,EAAE,KAAK,QAAQ;AAAA,QACnB,UAAU,WAAW;AAAA,QACrB,WAAW;AAAA,MACb;AAAA,MACA;AAAA,MACA,EAAE,UAAU,WAAW,UAAU,gBAAgB,WAAW,eAAe;AAAA,IAC7E,IACA,CAAC;AACL,eAAW,QAAQ,OAAO;AACxB,YAAM,WAAW,KAAK,GAAG,OAAO,kBAAkB;AAAA,QAChD;AAAA,QACA;AAAA,QACA,WAAW,oBAAI,KAAK;AAAA,MACtB,CAAQ;AACR,WAAK,GAAG,QAAQ,QAAQ;AAAA,IAC1B;AAGA,eAAW,aAAa,oBAAI,KAAK;AAEjC,UAAM,KAAK,GAAG,MAAM;AACpB,WAAO,EAAE,MAAM,WAAW;AAAA,EAC5B;AACF;",
+  "sourcesContent": ["import { EntityManager } from '@mikro-orm/postgresql'\nimport { hash } from 'bcryptjs'\nimport {\n  CustomerUser,\n  CustomerUserInvitation,\n  CustomerUserRole,\n  CustomerRole,\n} from '@open-mercato/core/modules/customer_accounts/data/entities'\nimport { generateSecureToken, hashToken } from '@open-mercato/core/modules/customer_accounts/lib/tokenGenerator'\nimport { hashForLookup } from '@open-mercato/shared/lib/encryption/aes'\nimport { findOneWithDecryption, findWithDecryption } from '@open-mercato/shared/lib/encryption/find'\n\nconst BCRYPT_COST = 10\nconst INVITATION_TTL_MS = 72 * 60 * 60 * 1000 // 72 hours\n\nexport class CustomerInvitationService {\n  constructor(private em: EntityManager) {}\n\n  async createInvitation(\n    email: string,\n    scope: { tenantId: string; organizationId: string },\n    options: {\n      customerEntityId?: string | null\n      roleIds: string[]\n      invitedByUserId?: string | null\n      invitedByCustomerUserId?: string | null\n      displayName?: string | null\n    },\n  ): Promise<{ invitation: CustomerUserInvitation; rawToken: string }> {\n    const token = generateSecureToken()\n    const emailHash = hashForLookup(email)\n    const expiresAt = new Date(Date.now() + INVITATION_TTL_MS)\n\n    const tokenHashed = hashToken(token)\n    const invitation = this.em.create(CustomerUserInvitation, {\n      tenantId: scope.tenantId,\n      organizationId: scope.organizationId,\n      email: email.toLowerCase().trim(),\n      emailHash,\n      token: tokenHashed,\n      customerEntityId: options.customerEntityId || null,\n      roleIdsJson: options.roleIds,\n      invitedByUserId: options.invitedByUserId || null,\n      invitedByCustomerUserId: options.invitedByCustomerUserId || null,\n      displayName: options.displayName || null,\n      expiresAt,\n      createdAt: new Date(),\n    } as any) as CustomerUserInvitation\n    await this.em.persist(invitation).flush()\n    return { invitation, rawToken: token }\n  }\n\n  async findByToken(token: string): Promise<CustomerUserInvitation | null> {\n    const tokenHashed = hashToken(token)\n    const invitation = await findOneWithDecryption(\n      this.em,\n      CustomerUserInvitation,\n      { token: tokenHashed } as any,\n    )\n    if (!invitation) return null\n    if (invitation.acceptedAt) return null\n    if (invitation.cancelledAt) return null\n    if (invitation.expiresAt.getTime() < Date.now()) return null\n    return invitation\n  }\n\n  async acceptInvitation(\n    token: string,\n    password: string,\n    displayName: string,\n  ): Promise<{ user: CustomerUser; invitation: CustomerUserInvitation } | null> {\n    const invitation = await this.findByToken(token)\n    if (!invitation) return null\n\n    const passwordHash = await hash(password, BCRYPT_COST)\n    const emailHash = hashForLookup(invitation.email)\n\n    // Create user\n    const user = this.em.create(CustomerUser, {\n      email: invitation.email,\n      emailHash,\n      passwordHash,\n      displayName: displayName || invitation.displayName || invitation.email,\n      tenantId: invitation.tenantId,\n      organizationId: invitation.organizationId,\n      customerEntityId: invitation.customerEntityId || null,\n      isActive: true,\n      emailVerifiedAt: new Date(), // Invitation implicitly verifies email\n      failedLoginAttempts: 0,\n      createdAt: new Date(),\n    } as any) as CustomerUser\n    this.em.persist(user)\n\n    // Assign roles\n    const roleIds = Array.isArray(invitation.roleIdsJson) ? invitation.roleIdsJson : []\n    const roles = roleIds.length > 0\n      ? await findWithDecryption(\n          this.em,\n          CustomerRole,\n          {\n            id: { $in: roleIds } as any,\n            tenantId: invitation.tenantId,\n            deletedAt: null,\n          } as any,\n          undefined,\n          { tenantId: invitation.tenantId, organizationId: invitation.organizationId },\n        )\n      : []\n    for (const role of roles) {\n      const userRole = this.em.create(CustomerUserRole, {\n        user,\n        role,\n        createdAt: new Date(),\n      } as any)\n      this.em.persist(userRole)\n    }\n\n    // Mark invitation as accepted\n    invitation.acceptedAt = new Date()\n\n    await this.em.flush()\n    return { user, invitation }\n  }\n}\n"],
+  "mappings": "AACA,SAAS,YAAY;AACrB;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP,SAAS,qBAAqB,iBAAiB;AAC/C,SAAS,qBAAqB;AAC9B,SAAS,uBAAuB,0BAA0B;AAE1D,MAAM,cAAc;AACpB,MAAM,oBAAoB,KAAK,KAAK,KAAK;AAElC,MAAM,0BAA0B;AAAA,EACrC,YAAoB,IAAmB;AAAnB;AAAA,EAAoB;AAAA,EAExC,MAAM,iBACJ,OACA,OACA,SAOmE;AACnE,UAAM,QAAQ,oBAAoB;AAClC,UAAM,YAAY,cAAc,KAAK;AACrC,UAAM,YAAY,IAAI,KAAK,KAAK,IAAI,IAAI,iBAAiB;AAEzD,UAAM,cAAc,UAAU,KAAK;AACnC,UAAM,aAAa,KAAK,GAAG,OAAO,wBAAwB;AAAA,MACxD,UAAU,MAAM;AAAA,MAChB,gBAAgB,MAAM;AAAA,MACtB,OAAO,MAAM,YAAY,EAAE,KAAK;AAAA,MAChC;AAAA,MACA,OAAO;AAAA,MACP,kBAAkB,QAAQ,oBAAoB;AAAA,MAC9C,aAAa,QAAQ;AAAA,MACrB,iBAAiB,QAAQ,mBAAmB;AAAA,MAC5C,yBAAyB,QAAQ,2BAA2B;AAAA,MAC5D,aAAa,QAAQ,eAAe;AAAA,MACpC;AAAA,MACA,WAAW,oBAAI,KAAK;AAAA,IACtB,CAAQ;AACR,UAAM,KAAK,GAAG,QAAQ,UAAU,EAAE,MAAM;AACxC,WAAO,EAAE,YAAY,UAAU,MAAM;AAAA,EACvC;AAAA,EAEA,MAAM,YAAY,OAAuD;AACvE,UAAM,cAAc,UAAU,KAAK;AACnC,UAAM,aAAa,MAAM;AAAA,MACvB,KAAK;AAAA,MACL;AAAA,MACA,EAAE,OAAO,YAAY;AAAA,IACvB;AACA,QAAI,CAAC,WAAY,QAAO;AACxB,QAAI,WAAW,WAAY,QAAO;AAClC,QAAI,WAAW,YAAa,QAAO;AACnC,QAAI,WAAW,UAAU,QAAQ,IAAI,KAAK,IAAI,EAAG,QAAO;AACxD,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,iBACJ,OACA,UACA,aAC4E;AAC5E,UAAM,aAAa,MAAM,KAAK,YAAY,KAAK;AAC/C,QAAI,CAAC,WAAY,QAAO;AAExB,UAAM,eAAe,MAAM,KAAK,UAAU,WAAW;AACrD,UAAM,YAAY,cAAc,WAAW,KAAK;AAGhD,UAAM,OAAO,KAAK,GAAG,OAAO,cAAc;AAAA,MACxC,OAAO,WAAW;AAAA,MAClB;AAAA,MACA;AAAA,MACA,aAAa,eAAe,WAAW,eAAe,WAAW;AAAA,MACjE,UAAU,WAAW;AAAA,MACrB,gBAAgB,WAAW;AAAA,MAC3B,kBAAkB,WAAW,oBAAoB;AAAA,MACjD,UAAU;AAAA,MACV,iBAAiB,oBAAI,KAAK;AAAA;AAAA,MAC1B,qBAAqB;AAAA,MACrB,WAAW,oBAAI,KAAK;AAAA,IACtB,CAAQ;AACR,SAAK,GAAG,QAAQ,IAAI;AAGpB,UAAM,UAAU,MAAM,QAAQ,WAAW,WAAW,IAAI,WAAW,cAAc,CAAC;AAClF,UAAM,QAAQ,QAAQ,SAAS,IAC3B,MAAM;AAAA,MACJ,KAAK;AAAA,MACL;AAAA,MACA;AAAA,QACE,IAAI,EAAE,KAAK,QAAQ;AAAA,QACnB,UAAU,WAAW;AAAA,QACrB,WAAW;AAAA,MACb;AAAA,MACA;AAAA,MACA,EAAE,UAAU,WAAW,UAAU,gBAAgB,WAAW,eAAe;AAAA,IAC7E,IACA,CAAC;AACL,eAAW,QAAQ,OAAO;AACxB,YAAM,WAAW,KAAK,GAAG,OAAO,kBAAkB;AAAA,QAChD;AAAA,QACA;AAAA,QACA,WAAW,oBAAI,KAAK;AAAA,MACtB,CAAQ;AACR,WAAK,GAAG,QAAQ,QAAQ;AAAA,IAC1B;AAGA,eAAW,aAAa,oBAAI,KAAK;AAEjC,UAAM,KAAK,GAAG,MAAM;AACpB,WAAO,EAAE,MAAM,WAAW;AAAA,EAC5B;AACF;",
   "names": []
 }

package/dist/modules/customer_accounts/services/customerSessionService.js CHANGED Viewed

@@ -32,7 +32,7 @@ class CustomerSessionService {
       lastUsedAt: /* @__PURE__ */ new Date(),
       createdAt: /* @__PURE__ */ new Date()
     });
-    await this.em.persistAndFlush(session);
+    await this.em.persist(session).flush();
     const jwt = this.signCustomerJwt(user, resolvedFeatures, session.id);
     return { rawToken, jwt, session };
   }

package/dist/modules/customer_accounts/services/customerSessionService.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../src/modules/customer_accounts/services/customerSessionService.ts"],
-  "sourcesContent": ["import { EntityManager } from '@mikro-orm/postgresql'\nimport { CustomerUser, CustomerUserSession } from '@open-mercato/core/modules/customer_accounts/data/entities'\nimport { generateSecureToken, hashToken } from '@open-mercato/core/modules/customer_accounts/lib/tokenGenerator'\nimport { signAudienceJwt } from '@open-mercato/shared/lib/auth/jwt'\nimport { findWithDecryption } from '@open-mercato/shared/lib/encryption/find'\n\nexport const CUSTOMER_JWT_AUDIENCE = 'customer'\nconst CUSTOMER_JWT_TTL_SECONDS = 60 * 60 * 8\n\nconst DEFAULT_SESSION_TTL_DAYS = 30\nconst DEFAULT_MAX_SESSIONS_PER_USER = 5\n\nfunction resolveMaxSessionsPerUser(): number {\n  const raw = process.env.MAX_CUSTOMER_SESSIONS_PER_USER\n  if (!raw) return DEFAULT_MAX_SESSIONS_PER_USER\n  const parsed = Number(raw)\n  if (!Number.isFinite(parsed) || parsed <= 0) return DEFAULT_MAX_SESSIONS_PER_USER\n  return Math.floor(parsed)\n}\n\nexport class CustomerSessionService {\n  constructor(private em: EntityManager) {}\n\n  async createSession(\n    user: CustomerUser,\n    resolvedFeatures: string[],\n    ip?: string | null,\n    userAgent?: string | null,\n  ): Promise<{ rawToken: string; jwt: string; session: CustomerUserSession }> {\n    const rawToken = generateSecureToken()\n    const tokenHash = hashToken(rawToken)\n    const days = Number(process.env.CUSTOMER_SESSION_TTL_DAYS || DEFAULT_SESSION_TTL_DAYS)\n    const expiresAt = new Date(Date.now() + days * 24 * 60 * 60 * 1000)\n\n    await this.enforceSessionCap(user.id, user.tenantId, user.organizationId)\n\n    const session = this.em.create(CustomerUserSession, {\n      user,\n      tokenHash,\n      ipAddress: ip || null,\n      userAgent: userAgent || null,\n      expiresAt,\n      lastUsedAt: new Date(),\n      createdAt: new Date(),\n    } as any) as CustomerUserSession\n    await this.em.persistAndFlush(session)\n\n    const jwt = this.signCustomerJwt(user, resolvedFeatures, session.id)\n\n    return { rawToken, jwt, session }\n  }\n\n  signCustomerJwt(user: CustomerUser, resolvedFeatures: string[], sessionId: string): string {\n    return signAudienceJwt(\n      CUSTOMER_JWT_AUDIENCE,\n      {\n        sub: user.id,\n        sid: sessionId,\n        type: 'customer',\n        tenantId: user.tenantId,\n        orgId: user.organizationId,\n        email: user.email,\n        displayName: user.displayName || '',\n        customerEntityId: user.customerEntityId || null,\n        personEntityId: user.personEntityId || null,\n        resolvedFeatures,\n      },\n      CUSTOMER_JWT_TTL_SECONDS,\n    )\n  }\n\n  async findByToken(rawToken: string, tenantId?: string): Promise<CustomerUserSession | null> {\n    const tokenHash = hashToken(rawToken)\n    const session = await this.em.findOne(CustomerUserSession, {\n      tokenHash,\n      deletedAt: null,\n    }, { populate: ['user'] })\n    if (!session) return null\n    if (session.expiresAt.getTime() < Date.now()) return null\n    const user = session.user as CustomerUser\n    if (tenantId && user?.tenantId !== tenantId) return null\n    return session\n  }\n\n  async refreshSession(\n    rawToken: string,\n    resolvedFeatures: string[],\n  ): Promise<{ jwt: string; user: CustomerUser } | null> {\n    const session = await this.findByToken(rawToken)\n    if (!session) return null\n    const user = session.user as CustomerUser\n    if (!user || user.deletedAt || !user.isActive) return null\n\n    await this.em.nativeUpdate(CustomerUserSession, { id: session.id }, { lastUsedAt: new Date() })\n    const jwt = this.signCustomerJwt(user, resolvedFeatures, session.id)\n    return { jwt, user }\n  }\n\n  async findActiveSessionById(sessionId: string): Promise<CustomerUserSession | null> {\n    const session = await this.em.findOne(CustomerUserSession, {\n      id: sessionId,\n      deletedAt: null,\n    })\n    if (!session) return null\n    if (session.expiresAt.getTime() < Date.now()) return null\n    return session\n  }\n\n  async revokeSession(sessionId: string): Promise<void> {\n    await this.em.nativeUpdate(CustomerUserSession, { id: sessionId }, { deletedAt: new Date() })\n  }\n\n  private async enforceSessionCap(\n    userId: string,\n    tenantId: string,\n    organizationId: string,\n  ): Promise<void> {\n    const cap = resolveMaxSessionsPerUser()\n    const existing = await findWithDecryption(\n      this.em,\n      CustomerUserSession,\n      {\n        user: userId as any,\n        deletedAt: null,\n        expiresAt: { $gt: new Date() },\n      },\n      { orderBy: { createdAt: 'asc' } },\n      { tenantId, organizationId },\n    )\n    const toRevoke = existing.length - (cap - 1)\n    if (toRevoke <= 0) return\n    const oldestIds = existing.slice(0, toRevoke).map((s) => s.id)\n    await this.em.nativeUpdate(\n      CustomerUserSession,\n      { id: { $in: oldestIds } },\n      { deletedAt: new Date() },\n    )\n  }\n\n  async revokeAllUserSessions(userId: string): Promise<void> {\n    const now = new Date()\n    await this.em.nativeUpdate(\n      CustomerUserSession,\n      { user: userId as any, deletedAt: null },\n      { deletedAt: now },\n    )\n    await this.em.nativeUpdate(\n      CustomerUser,\n      { id: userId },\n      { sessionsRevokedAt: now },\n    )\n  }\n}\n"],
-  "mappings": "AACA,SAAS,cAAc,2BAA2B;AAClD,SAAS,qBAAqB,iBAAiB;AAC/C,SAAS,uBAAuB;AAChC,SAAS,0BAA0B;AAE5B,MAAM,wBAAwB;AACrC,MAAM,2BAA2B,KAAK,KAAK;AAE3C,MAAM,2BAA2B;AACjC,MAAM,gCAAgC;AAEtC,SAAS,4BAAoC;AAC3C,QAAM,MAAM,QAAQ,IAAI;AACxB,MAAI,CAAC,IAAK,QAAO;AACjB,QAAM,SAAS,OAAO,GAAG;AACzB,MAAI,CAAC,OAAO,SAAS,MAAM,KAAK,UAAU,EAAG,QAAO;AACpD,SAAO,KAAK,MAAM,MAAM;AAC1B;AAEO,MAAM,uBAAuB;AAAA,EAClC,YAAoB,IAAmB;AAAnB;AAAA,EAAoB;AAAA,EAExC,MAAM,cACJ,MACA,kBACA,IACA,WAC0E;AAC1E,UAAM,WAAW,oBAAoB;AACrC,UAAM,YAAY,UAAU,QAAQ;AACpC,UAAM,OAAO,OAAO,QAAQ,IAAI,6BAA6B,wBAAwB;AACrF,UAAM,YAAY,IAAI,KAAK,KAAK,IAAI,IAAI,OAAO,KAAK,KAAK,KAAK,GAAI;AAElE,UAAM,KAAK,kBAAkB,KAAK,IAAI,KAAK,UAAU,KAAK,cAAc;AAExE,UAAM,UAAU,KAAK,GAAG,OAAO,qBAAqB;AAAA,MAClD;AAAA,MACA;AAAA,MACA,WAAW,MAAM;AAAA,MACjB,WAAW,aAAa;AAAA,MACxB;AAAA,MACA,YAAY,oBAAI,KAAK;AAAA,MACrB,WAAW,oBAAI,KAAK;AAAA,IACtB,CAAQ;AACR,UAAM,KAAK,GAAG,gBAAgB,OAAO;AAErC,UAAM,MAAM,KAAK,gBAAgB,MAAM,kBAAkB,QAAQ,EAAE;AAEnE,WAAO,EAAE,UAAU,KAAK,QAAQ;AAAA,EAClC;AAAA,EAEA,gBAAgB,MAAoB,kBAA4B,WAA2B;AACzF,WAAO;AAAA,MACL;AAAA,MACA;AAAA,QACE,KAAK,KAAK;AAAA,QACV,KAAK;AAAA,QACL,MAAM;AAAA,QACN,UAAU,KAAK;AAAA,QACf,OAAO,KAAK;AAAA,QACZ,OAAO,KAAK;AAAA,QACZ,aAAa,KAAK,eAAe;AAAA,QACjC,kBAAkB,KAAK,oBAAoB;AAAA,QAC3C,gBAAgB,KAAK,kBAAkB;AAAA,QACvC;AAAA,MACF;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,YAAY,UAAkB,UAAwD;AAC1F,UAAM,YAAY,UAAU,QAAQ;AACpC,UAAM,UAAU,MAAM,KAAK,GAAG,QAAQ,qBAAqB;AAAA,MACzD;AAAA,MACA,WAAW;AAAA,IACb,GAAG,EAAE,UAAU,CAAC,MAAM,EAAE,CAAC;AACzB,QAAI,CAAC,QAAS,QAAO;AACrB,QAAI,QAAQ,UAAU,QAAQ,IAAI,KAAK,IAAI,EAAG,QAAO;AACrD,UAAM,OAAO,QAAQ;AACrB,QAAI,YAAY,MAAM,aAAa,SAAU,QAAO;AACpD,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,eACJ,UACA,kBACqD;AACrD,UAAM,UAAU,MAAM,KAAK,YAAY,QAAQ;AAC/C,QAAI,CAAC,QAAS,QAAO;AACrB,UAAM,OAAO,QAAQ;AACrB,QAAI,CAAC,QAAQ,KAAK,aAAa,CAAC,KAAK,SAAU,QAAO;AAEtD,UAAM,KAAK,GAAG,aAAa,qBAAqB,EAAE,IAAI,QAAQ,GAAG,GAAG,EAAE,YAAY,oBAAI,KAAK,EAAE,CAAC;AAC9F,UAAM,MAAM,KAAK,gBAAgB,MAAM,kBAAkB,QAAQ,EAAE;AACnE,WAAO,EAAE,KAAK,KAAK;AAAA,EACrB;AAAA,EAEA,MAAM,sBAAsB,WAAwD;AAClF,UAAM,UAAU,MAAM,KAAK,GAAG,QAAQ,qBAAqB;AAAA,MACzD,IAAI;AAAA,MACJ,WAAW;AAAA,IACb,CAAC;AACD,QAAI,CAAC,QAAS,QAAO;AACrB,QAAI,QAAQ,UAAU,QAAQ,IAAI,KAAK,IAAI,EAAG,QAAO;AACrD,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,cAAc,WAAkC;AACpD,UAAM,KAAK,GAAG,aAAa,qBAAqB,EAAE,IAAI,UAAU,GAAG,EAAE,WAAW,oBAAI,KAAK,EAAE,CAAC;AAAA,EAC9F;AAAA,EAEA,MAAc,kBACZ,QACA,UACA,gBACe;AACf,UAAM,MAAM,0BAA0B;AACtC,UAAM,WAAW,MAAM;AAAA,MACrB,KAAK;AAAA,MACL;AAAA,MACA;AAAA,QACE,MAAM;AAAA,QACN,WAAW;AAAA,QACX,WAAW,EAAE,KAAK,oBAAI,KAAK,EAAE;AAAA,MAC/B;AAAA,MACA,EAAE,SAAS,EAAE,WAAW,MAAM,EAAE;AAAA,MAChC,EAAE,UAAU,eAAe;AAAA,IAC7B;AACA,UAAM,WAAW,SAAS,UAAU,MAAM;AAC1C,QAAI,YAAY,EAAG;AACnB,UAAM,YAAY,SAAS,MAAM,GAAG,QAAQ,EAAE,IAAI,CAAC,MAAM,EAAE,EAAE;AAC7D,UAAM,KAAK,GAAG;AAAA,MACZ;AAAA,MACA,EAAE,IAAI,EAAE,KAAK,UAAU,EAAE;AAAA,MACzB,EAAE,WAAW,oBAAI,KAAK,EAAE;AAAA,IAC1B;AAAA,EACF;AAAA,EAEA,MAAM,sBAAsB,QAA+B;AACzD,UAAM,MAAM,oBAAI,KAAK;AACrB,UAAM,KAAK,GAAG;AAAA,MACZ;AAAA,MACA,EAAE,MAAM,QAAe,WAAW,KAAK;AAAA,MACvC,EAAE,WAAW,IAAI;AAAA,IACnB;AACA,UAAM,KAAK,GAAG;AAAA,MACZ;AAAA,MACA,EAAE,IAAI,OAAO;AAAA,MACb,EAAE,mBAAmB,IAAI;AAAA,IAC3B;AAAA,EACF;AACF;",
+  "sourcesContent": ["import { EntityManager } from '@mikro-orm/postgresql'\nimport { CustomerUser, CustomerUserSession } from '@open-mercato/core/modules/customer_accounts/data/entities'\nimport { generateSecureToken, hashToken } from '@open-mercato/core/modules/customer_accounts/lib/tokenGenerator'\nimport { signAudienceJwt } from '@open-mercato/shared/lib/auth/jwt'\nimport { findWithDecryption } from '@open-mercato/shared/lib/encryption/find'\n\nexport const CUSTOMER_JWT_AUDIENCE = 'customer'\nconst CUSTOMER_JWT_TTL_SECONDS = 60 * 60 * 8\n\nconst DEFAULT_SESSION_TTL_DAYS = 30\nconst DEFAULT_MAX_SESSIONS_PER_USER = 5\n\nfunction resolveMaxSessionsPerUser(): number {\n  const raw = process.env.MAX_CUSTOMER_SESSIONS_PER_USER\n  if (!raw) return DEFAULT_MAX_SESSIONS_PER_USER\n  const parsed = Number(raw)\n  if (!Number.isFinite(parsed) || parsed <= 0) return DEFAULT_MAX_SESSIONS_PER_USER\n  return Math.floor(parsed)\n}\n\nexport class CustomerSessionService {\n  constructor(private em: EntityManager) {}\n\n  async createSession(\n    user: CustomerUser,\n    resolvedFeatures: string[],\n    ip?: string | null,\n    userAgent?: string | null,\n  ): Promise<{ rawToken: string; jwt: string; session: CustomerUserSession }> {\n    const rawToken = generateSecureToken()\n    const tokenHash = hashToken(rawToken)\n    const days = Number(process.env.CUSTOMER_SESSION_TTL_DAYS || DEFAULT_SESSION_TTL_DAYS)\n    const expiresAt = new Date(Date.now() + days * 24 * 60 * 60 * 1000)\n\n    await this.enforceSessionCap(user.id, user.tenantId, user.organizationId)\n\n    const session = this.em.create(CustomerUserSession, {\n      user,\n      tokenHash,\n      ipAddress: ip || null,\n      userAgent: userAgent || null,\n      expiresAt,\n      lastUsedAt: new Date(),\n      createdAt: new Date(),\n    } as any) as CustomerUserSession\n    await this.em.persist(session).flush()\n\n    const jwt = this.signCustomerJwt(user, resolvedFeatures, session.id)\n\n    return { rawToken, jwt, session }\n  }\n\n  signCustomerJwt(user: CustomerUser, resolvedFeatures: string[], sessionId: string): string {\n    return signAudienceJwt(\n      CUSTOMER_JWT_AUDIENCE,\n      {\n        sub: user.id,\n        sid: sessionId,\n        type: 'customer',\n        tenantId: user.tenantId,\n        orgId: user.organizationId,\n        email: user.email,\n        displayName: user.displayName || '',\n        customerEntityId: user.customerEntityId || null,\n        personEntityId: user.personEntityId || null,\n        resolvedFeatures,\n      },\n      CUSTOMER_JWT_TTL_SECONDS,\n    )\n  }\n\n  async findByToken(rawToken: string, tenantId?: string): Promise<CustomerUserSession | null> {\n    const tokenHash = hashToken(rawToken)\n    const session = await this.em.findOne(CustomerUserSession, {\n      tokenHash,\n      deletedAt: null,\n    }, { populate: ['user'] })\n    if (!session) return null\n    if (session.expiresAt.getTime() < Date.now()) return null\n    const user = session.user as CustomerUser\n    if (tenantId && user?.tenantId !== tenantId) return null\n    return session\n  }\n\n  async refreshSession(\n    rawToken: string,\n    resolvedFeatures: string[],\n  ): Promise<{ jwt: string; user: CustomerUser } | null> {\n    const session = await this.findByToken(rawToken)\n    if (!session) return null\n    const user = session.user as CustomerUser\n    if (!user || user.deletedAt || !user.isActive) return null\n\n    await this.em.nativeUpdate(CustomerUserSession, { id: session.id }, { lastUsedAt: new Date() })\n    const jwt = this.signCustomerJwt(user, resolvedFeatures, session.id)\n    return { jwt, user }\n  }\n\n  async findActiveSessionById(sessionId: string): Promise<CustomerUserSession | null> {\n    const session = await this.em.findOne(CustomerUserSession, {\n      id: sessionId,\n      deletedAt: null,\n    })\n    if (!session) return null\n    if (session.expiresAt.getTime() < Date.now()) return null\n    return session\n  }\n\n  async revokeSession(sessionId: string): Promise<void> {\n    await this.em.nativeUpdate(CustomerUserSession, { id: sessionId }, { deletedAt: new Date() })\n  }\n\n  private async enforceSessionCap(\n    userId: string,\n    tenantId: string,\n    organizationId: string,\n  ): Promise<void> {\n    const cap = resolveMaxSessionsPerUser()\n    const existing = await findWithDecryption(\n      this.em,\n      CustomerUserSession,\n      {\n        user: userId as any,\n        deletedAt: null,\n        expiresAt: { $gt: new Date() },\n      },\n      { orderBy: { createdAt: 'asc' } },\n      { tenantId, organizationId },\n    )\n    const toRevoke = existing.length - (cap - 1)\n    if (toRevoke <= 0) return\n    const oldestIds = existing.slice(0, toRevoke).map((s) => s.id)\n    await this.em.nativeUpdate(\n      CustomerUserSession,\n      { id: { $in: oldestIds } },\n      { deletedAt: new Date() },\n    )\n  }\n\n  async revokeAllUserSessions(userId: string): Promise<void> {\n    const now = new Date()\n    await this.em.nativeUpdate(\n      CustomerUserSession,\n      { user: userId as any, deletedAt: null },\n      { deletedAt: now },\n    )\n    await this.em.nativeUpdate(\n      CustomerUser,\n      { id: userId },\n      { sessionsRevokedAt: now },\n    )\n  }\n}\n"],
+  "mappings": "AACA,SAAS,cAAc,2BAA2B;AAClD,SAAS,qBAAqB,iBAAiB;AAC/C,SAAS,uBAAuB;AAChC,SAAS,0BAA0B;AAE5B,MAAM,wBAAwB;AACrC,MAAM,2BAA2B,KAAK,KAAK;AAE3C,MAAM,2BAA2B;AACjC,MAAM,gCAAgC;AAEtC,SAAS,4BAAoC;AAC3C,QAAM,MAAM,QAAQ,IAAI;AACxB,MAAI,CAAC,IAAK,QAAO;AACjB,QAAM,SAAS,OAAO,GAAG;AACzB,MAAI,CAAC,OAAO,SAAS,MAAM,KAAK,UAAU,EAAG,QAAO;AACpD,SAAO,KAAK,MAAM,MAAM;AAC1B;AAEO,MAAM,uBAAuB;AAAA,EAClC,YAAoB,IAAmB;AAAnB;AAAA,EAAoB;AAAA,EAExC,MAAM,cACJ,MACA,kBACA,IACA,WAC0E;AAC1E,UAAM,WAAW,oBAAoB;AACrC,UAAM,YAAY,UAAU,QAAQ;AACpC,UAAM,OAAO,OAAO,QAAQ,IAAI,6BAA6B,wBAAwB;AACrF,UAAM,YAAY,IAAI,KAAK,KAAK,IAAI,IAAI,OAAO,KAAK,KAAK,KAAK,GAAI;AAElE,UAAM,KAAK,kBAAkB,KAAK,IAAI,KAAK,UAAU,KAAK,cAAc;AAExE,UAAM,UAAU,KAAK,GAAG,OAAO,qBAAqB;AAAA,MAClD;AAAA,MACA;AAAA,MACA,WAAW,MAAM;AAAA,MACjB,WAAW,aAAa;AAAA,MACxB;AAAA,MACA,YAAY,oBAAI,KAAK;AAAA,MACrB,WAAW,oBAAI,KAAK;AAAA,IACtB,CAAQ;AACR,UAAM,KAAK,GAAG,QAAQ,OAAO,EAAE,MAAM;AAErC,UAAM,MAAM,KAAK,gBAAgB,MAAM,kBAAkB,QAAQ,EAAE;AAEnE,WAAO,EAAE,UAAU,KAAK,QAAQ;AAAA,EAClC;AAAA,EAEA,gBAAgB,MAAoB,kBAA4B,WAA2B;AACzF,WAAO;AAAA,MACL;AAAA,MACA;AAAA,QACE,KAAK,KAAK;AAAA,QACV,KAAK;AAAA,QACL,MAAM;AAAA,QACN,UAAU,KAAK;AAAA,QACf,OAAO,KAAK;AAAA,QACZ,OAAO,KAAK;AAAA,QACZ,aAAa,KAAK,eAAe;AAAA,QACjC,kBAAkB,KAAK,oBAAoB;AAAA,QAC3C,gBAAgB,KAAK,kBAAkB;AAAA,QACvC;AAAA,MACF;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,YAAY,UAAkB,UAAwD;AAC1F,UAAM,YAAY,UAAU,QAAQ;AACpC,UAAM,UAAU,MAAM,KAAK,GAAG,QAAQ,qBAAqB;AAAA,MACzD;AAAA,MACA,WAAW;AAAA,IACb,GAAG,EAAE,UAAU,CAAC,MAAM,EAAE,CAAC;AACzB,QAAI,CAAC,QAAS,QAAO;AACrB,QAAI,QAAQ,UAAU,QAAQ,IAAI,KAAK,IAAI,EAAG,QAAO;AACrD,UAAM,OAAO,QAAQ;AACrB,QAAI,YAAY,MAAM,aAAa,SAAU,QAAO;AACpD,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,eACJ,UACA,kBACqD;AACrD,UAAM,UAAU,MAAM,KAAK,YAAY,QAAQ;AAC/C,QAAI,CAAC,QAAS,QAAO;AACrB,UAAM,OAAO,QAAQ;AACrB,QAAI,CAAC,QAAQ,KAAK,aAAa,CAAC,KAAK,SAAU,QAAO;AAEtD,UAAM,KAAK,GAAG,aAAa,qBAAqB,EAAE,IAAI,QAAQ,GAAG,GAAG,EAAE,YAAY,oBAAI,KAAK,EAAE,CAAC;AAC9F,UAAM,MAAM,KAAK,gBAAgB,MAAM,kBAAkB,QAAQ,EAAE;AACnE,WAAO,EAAE,KAAK,KAAK;AAAA,EACrB;AAAA,EAEA,MAAM,sBAAsB,WAAwD;AAClF,UAAM,UAAU,MAAM,KAAK,GAAG,QAAQ,qBAAqB;AAAA,MACzD,IAAI;AAAA,MACJ,WAAW;AAAA,IACb,CAAC;AACD,QAAI,CAAC,QAAS,QAAO;AACrB,QAAI,QAAQ,UAAU,QAAQ,IAAI,KAAK,IAAI,EAAG,QAAO;AACrD,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,cAAc,WAAkC;AACpD,UAAM,KAAK,GAAG,aAAa,qBAAqB,EAAE,IAAI,UAAU,GAAG,EAAE,WAAW,oBAAI,KAAK,EAAE,CAAC;AAAA,EAC9F;AAAA,EAEA,MAAc,kBACZ,QACA,UACA,gBACe;AACf,UAAM,MAAM,0BAA0B;AACtC,UAAM,WAAW,MAAM;AAAA,MACrB,KAAK;AAAA,MACL;AAAA,MACA;AAAA,QACE,MAAM;AAAA,QACN,WAAW;AAAA,QACX,WAAW,EAAE,KAAK,oBAAI,KAAK,EAAE;AAAA,MAC/B;AAAA,MACA,EAAE,SAAS,EAAE,WAAW,MAAM,EAAE;AAAA,MAChC,EAAE,UAAU,eAAe;AAAA,IAC7B;AACA,UAAM,WAAW,SAAS,UAAU,MAAM;AAC1C,QAAI,YAAY,EAAG;AACnB,UAAM,YAAY,SAAS,MAAM,GAAG,QAAQ,EAAE,IAAI,CAAC,MAAM,EAAE,EAAE;AAC7D,UAAM,KAAK,GAAG;AAAA,MACZ;AAAA,MACA,EAAE,IAAI,EAAE,KAAK,UAAU,EAAE;AAAA,MACzB,EAAE,WAAW,oBAAI,KAAK,EAAE;AAAA,IAC1B;AAAA,EACF;AAAA,EAEA,MAAM,sBAAsB,QAA+B;AACzD,UAAM,MAAM,oBAAI,KAAK;AACrB,UAAM,KAAK,GAAG;AAAA,MACZ;AAAA,MACA,EAAE,MAAM,QAAe,WAAW,KAAK;AAAA,MACvC,EAAE,WAAW,IAAI;AAAA,IACnB;AACA,UAAM,KAAK,GAAG;AAAA,MACZ;AAAA,MACA,EAAE,IAAI,OAAO;AAAA,MACb,EAAE,mBAAmB,IAAI;AAAA,IAC3B;AAAA,EACF;AACF;",
   "names": []
 }

package/dist/modules/customer_accounts/services/customerTokenService.js CHANGED Viewed

@@ -3,6 +3,9 @@ import {
   CustomerUserPasswordReset
 } from "@open-mercato/core/modules/customer_accounts/data/entities";
 import { generateSecureToken, hashToken } from "@open-mercato/core/modules/customer_accounts/lib/tokenGenerator";
+function getKysely(em) {
+  return em.getKysely();
+}
 const EMAIL_VERIFICATION_TTL_MS = 24 * 60 * 60 * 1e3;
 const MAGIC_LINK_TTL_MS = 15 * 60 * 1e3;
 const PASSWORD_RESET_TTL_MS = 60 * 60 * 1e3;
@@ -21,7 +24,7 @@ class CustomerTokenService {
       expiresAt,
       createdAt: /* @__PURE__ */ new Date()
     });
-    await this.em.persistAndFlush(record);
+    await this.em.persist(record).flush();
     return rawToken;
   }
   async createMagicLink(userId, tenantId) {
@@ -35,7 +38,7 @@ class CustomerTokenService {
       expiresAt,
       createdAt: /* @__PURE__ */ new Date()
     });
-    await this.em.persistAndFlush(record);
+    await this.em.persist(record).flush();
     return rawToken;
   }
   async createPasswordReset(userId, tenantId) {
@@ -48,7 +51,7 @@ class CustomerTokenService {
       expiresAt,
       createdAt: /* @__PURE__ */ new Date()
     });
-    await this.em.persistAndFlush(record);
+    await this.em.persist(record).flush();
     return rawToken;
   }
   async verifyEmailToken(token, purpose, tenantId) {
@@ -62,8 +65,9 @@ class CustomerTokenService {
     if (record.expiresAt.getTime() < Date.now()) return null;
     const user = record.user;
     if (tenantId && user?.tenantId !== tenantId) return null;
-    const knex = this.em.getKnex();
-    const consumed = await knex("customer_user_email_verifications").where("id", record.id).whereNull("used_at").where("expires_at", ">", /* @__PURE__ */ new Date()).update({ used_at: /* @__PURE__ */ new Date() });
+    const db = getKysely(this.em);
+    const updateResult = await db.updateTable("customer_user_email_verifications").set({ used_at: /* @__PURE__ */ new Date() }).where("id", "=", record.id).where("used_at", "is", null).where("expires_at", ">", /* @__PURE__ */ new Date()).executeTakeFirst();
+    const consumed = Number(updateResult?.numUpdatedRows ?? 0n);
     if (consumed === 0) return null;
     const resolvedUserId = typeof user === "string" ? user : user.id;
     const resolvedTenantId = typeof user === "string" ? "" : user.tenantId;
@@ -79,8 +83,9 @@ class CustomerTokenService {
     if (record.expiresAt.getTime() < Date.now()) return null;
     const user = record.user;
     if (tenantId && user?.tenantId !== tenantId) return null;
-    const knex = this.em.getKnex();
-    const consumed = await knex("customer_user_password_resets").where("id", record.id).whereNull("used_at").where("expires_at", ">", /* @__PURE__ */ new Date()).update({ used_at: /* @__PURE__ */ new Date() });
+    const db = getKysely(this.em);
+    const updateResult = await db.updateTable("customer_user_password_resets").set({ used_at: /* @__PURE__ */ new Date() }).where("id", "=", record.id).where("used_at", "is", null).where("expires_at", ">", /* @__PURE__ */ new Date()).executeTakeFirst();
+    const consumed = Number(updateResult?.numUpdatedRows ?? 0n);
     if (consumed === 0) return null;
     const resolvedUserId = typeof user === "string" ? user : user.id;
     const resolvedTenantId = typeof user === "string" ? "" : user.tenantId;

package/dist/modules/customer_accounts/services/customerTokenService.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../src/modules/customer_accounts/services/customerTokenService.ts"],
-  "sourcesContent": ["import { EntityManager } from '@mikro-orm/postgresql'\nimport {\n  CustomerUser,\n  CustomerUserEmailVerification,\n  CustomerUserPasswordReset,\n} from '@open-mercato/core/modules/customer_accounts/data/entities'\nimport { generateSecureToken, hashToken } from '@open-mercato/core/modules/customer_accounts/lib/tokenGenerator'\n\nconst EMAIL_VERIFICATION_TTL_MS = 24 * 60 * 60 * 1000 // 24 hours\nconst MAGIC_LINK_TTL_MS = 15 * 60 * 1000 // 15 minutes\nconst PASSWORD_RESET_TTL_MS = 60 * 60 * 1000 // 60 minutes\n\nexport class CustomerTokenService {\n  constructor(private em: EntityManager) {}\n\n  async createEmailVerification(userId: string, tenantId: string): Promise<string> {\n    const rawToken = generateSecureToken()\n    const tokenHashed = hashToken(rawToken)\n    const expiresAt = new Date(Date.now() + EMAIL_VERIFICATION_TTL_MS)\n    const record = this.em.create(CustomerUserEmailVerification, {\n      user: userId as any,\n      token: tokenHashed,\n      purpose: 'email_verification',\n      expiresAt,\n      createdAt: new Date(),\n    } as any)\n    await this.em.persistAndFlush(record)\n    return rawToken\n  }\n\n  async createMagicLink(userId: string, tenantId: string): Promise<string> {\n    const rawToken = generateSecureToken()\n    const tokenHashed = hashToken(rawToken)\n    const expiresAt = new Date(Date.now() + MAGIC_LINK_TTL_MS)\n    const record = this.em.create(CustomerUserEmailVerification, {\n      user: userId as any,\n      token: tokenHashed,\n      purpose: 'magic_link',\n      expiresAt,\n      createdAt: new Date(),\n    } as any)\n    await this.em.persistAndFlush(record)\n    return rawToken\n  }\n\n  async createPasswordReset(userId: string, tenantId: string): Promise<string> {\n    const rawToken = generateSecureToken()\n    const tokenHashed = hashToken(rawToken)\n    const expiresAt = new Date(Date.now() + PASSWORD_RESET_TTL_MS)\n    const record = this.em.create(CustomerUserPasswordReset, {\n      user: userId as any,\n      token: tokenHashed,\n      expiresAt,\n      createdAt: new Date(),\n    } as any)\n    await this.em.persistAndFlush(record)\n    return rawToken\n  }\n\n  async verifyEmailToken(token: string, purpose: string, tenantId?: string): Promise<{ userId: string; tenantId: string } | null> {\n    const tokenHashed = hashToken(token)\n    const record = await this.em.findOne(CustomerUserEmailVerification, {\n      token: tokenHashed,\n      purpose,\n    }, { populate: ['user'] })\n    if (!record) return null\n    if (record.usedAt) return null\n    if (record.expiresAt.getTime() < Date.now()) return null\n\n    const user = record.user as CustomerUser\n    if (tenantId && user?.tenantId !== tenantId) return null\n\n    const knex = this.em.getKnex()\n    const consumed = await knex('customer_user_email_verifications')\n      .where('id', record.id)\n      .whereNull('used_at')\n      .where('expires_at', '>', new Date())\n      .update({ used_at: new Date() })\n    if (consumed === 0) return null\n\n    const resolvedUserId = typeof user === 'string' ? user : user.id\n    const resolvedTenantId = typeof user === 'string' ? '' : user.tenantId\n    return { userId: resolvedUserId, tenantId: resolvedTenantId }\n  }\n\n  async verifyPasswordResetToken(token: string, tenantId?: string): Promise<{ userId: string; tenantId: string } | null> {\n    const tokenHashed = hashToken(token)\n    const record = await this.em.findOne(CustomerUserPasswordReset, {\n      token: tokenHashed,\n    }, { populate: ['user'] })\n    if (!record) return null\n    if (record.usedAt) return null\n    if (record.expiresAt.getTime() < Date.now()) return null\n\n    const user = record.user as CustomerUser\n    if (tenantId && user?.tenantId !== tenantId) return null\n\n    const knex = this.em.getKnex()\n    const consumed = await knex('customer_user_password_resets')\n      .where('id', record.id)\n      .whereNull('used_at')\n      .where('expires_at', '>', new Date())\n      .update({ used_at: new Date() })\n    if (consumed === 0) return null\n\n    const resolvedUserId = typeof user === 'string' ? user : user.id\n    const resolvedTenantId = typeof user === 'string' ? '' : user.tenantId\n    return { userId: resolvedUserId, tenantId: resolvedTenantId }\n  }\n}\n"],
-  "mappings": "AACA;AAAA,EAEE;AAAA,EACA;AAAA,OACK;AACP,SAAS,qBAAqB,iBAAiB;AAE/C,MAAM,4BAA4B,KAAK,KAAK,KAAK;AACjD,MAAM,oBAAoB,KAAK,KAAK;AACpC,MAAM,wBAAwB,KAAK,KAAK;AAEjC,MAAM,qBAAqB;AAAA,EAChC,YAAoB,IAAmB;AAAnB;AAAA,EAAoB;AAAA,EAExC,MAAM,wBAAwB,QAAgB,UAAmC;AAC/E,UAAM,WAAW,oBAAoB;AACrC,UAAM,cAAc,UAAU,QAAQ;AACtC,UAAM,YAAY,IAAI,KAAK,KAAK,IAAI,IAAI,yBAAyB;AACjE,UAAM,SAAS,KAAK,GAAG,OAAO,+BAA+B;AAAA,MAC3D,MAAM;AAAA,MACN,OAAO;AAAA,MACP,SAAS;AAAA,MACT;AAAA,MACA,WAAW,oBAAI,KAAK;AAAA,IACtB,CAAQ;AACR,UAAM,KAAK,GAAG,gBAAgB,MAAM;AACpC,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,gBAAgB,QAAgB,UAAmC;AACvE,UAAM,WAAW,oBAAoB;AACrC,UAAM,cAAc,UAAU,QAAQ;AACtC,UAAM,YAAY,IAAI,KAAK,KAAK,IAAI,IAAI,iBAAiB;AACzD,UAAM,SAAS,KAAK,GAAG,OAAO,+BAA+B;AAAA,MAC3D,MAAM;AAAA,MACN,OAAO;AAAA,MACP,SAAS;AAAA,MACT;AAAA,MACA,WAAW,oBAAI,KAAK;AAAA,IACtB,CAAQ;AACR,UAAM,KAAK,GAAG,gBAAgB,MAAM;AACpC,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,oBAAoB,QAAgB,UAAmC;AAC3E,UAAM,WAAW,oBAAoB;AACrC,UAAM,cAAc,UAAU,QAAQ;AACtC,UAAM,YAAY,IAAI,KAAK,KAAK,IAAI,IAAI,qBAAqB;AAC7D,UAAM,SAAS,KAAK,GAAG,OAAO,2BAA2B;AAAA,MACvD,MAAM;AAAA,MACN,OAAO;AAAA,MACP;AAAA,MACA,WAAW,oBAAI,KAAK;AAAA,IACtB,CAAQ;AACR,UAAM,KAAK,GAAG,gBAAgB,MAAM;AACpC,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,iBAAiB,OAAe,SAAiB,UAAyE;AAC9H,UAAM,cAAc,UAAU,KAAK;AACnC,UAAM,SAAS,MAAM,KAAK,GAAG,QAAQ,+BAA+B;AAAA,MAClE,OAAO;AAAA,MACP;AAAA,IACF,GAAG,EAAE,UAAU,CAAC,MAAM,EAAE,CAAC;AACzB,QAAI,CAAC,OAAQ,QAAO;AACpB,QAAI,OAAO,OAAQ,QAAO;AAC1B,QAAI,OAAO,UAAU,QAAQ,IAAI,KAAK,IAAI,EAAG,QAAO;AAEpD,UAAM,OAAO,OAAO;AACpB,QAAI,YAAY,MAAM,aAAa,SAAU,QAAO;AAEpD,UAAM,OAAO,KAAK,GAAG,QAAQ;AAC7B,UAAM,WAAW,MAAM,KAAK,mCAAmC,EAC5D,MAAM,MAAM,OAAO,EAAE,EACrB,UAAU,SAAS,EACnB,MAAM,cAAc,KAAK,oBAAI,KAAK,CAAC,EACnC,OAAO,EAAE,SAAS,oBAAI,KAAK,EAAE,CAAC;AACjC,QAAI,aAAa,EAAG,QAAO;AAE3B,UAAM,iBAAiB,OAAO,SAAS,WAAW,OAAO,KAAK;AAC9D,UAAM,mBAAmB,OAAO,SAAS,WAAW,KAAK,KAAK;AAC9D,WAAO,EAAE,QAAQ,gBAAgB,UAAU,iBAAiB;AAAA,EAC9D;AAAA,EAEA,MAAM,yBAAyB,OAAe,UAAyE;AACrH,UAAM,cAAc,UAAU,KAAK;AACnC,UAAM,SAAS,MAAM,KAAK,GAAG,QAAQ,2BAA2B;AAAA,MAC9D,OAAO;AAAA,IACT,GAAG,EAAE,UAAU,CAAC,MAAM,EAAE,CAAC;AACzB,QAAI,CAAC,OAAQ,QAAO;AACpB,QAAI,OAAO,OAAQ,QAAO;AAC1B,QAAI,OAAO,UAAU,QAAQ,IAAI,KAAK,IAAI,EAAG,QAAO;AAEpD,UAAM,OAAO,OAAO;AACpB,QAAI,YAAY,MAAM,aAAa,SAAU,QAAO;AAEpD,UAAM,OAAO,KAAK,GAAG,QAAQ;AAC7B,UAAM,WAAW,MAAM,KAAK,+BAA+B,EACxD,MAAM,MAAM,OAAO,EAAE,EACrB,UAAU,SAAS,EACnB,MAAM,cAAc,KAAK,oBAAI,KAAK,CAAC,EACnC,OAAO,EAAE,SAAS,oBAAI,KAAK,EAAE,CAAC;AACjC,QAAI,aAAa,EAAG,QAAO;AAE3B,UAAM,iBAAiB,OAAO,SAAS,WAAW,OAAO,KAAK;AAC9D,UAAM,mBAAmB,OAAO,SAAS,WAAW,KAAK,KAAK;AAC9D,WAAO,EAAE,QAAQ,gBAAgB,UAAU,iBAAiB;AAAA,EAC9D;AACF;",
+  "sourcesContent": ["import { EntityManager } from '@mikro-orm/postgresql'\nimport type { Kysely } from 'kysely'\nimport {\n  CustomerUser,\n  CustomerUserEmailVerification,\n  CustomerUserPasswordReset,\n} from '@open-mercato/core/modules/customer_accounts/data/entities'\nimport { generateSecureToken, hashToken } from '@open-mercato/core/modules/customer_accounts/lib/tokenGenerator'\n\nfunction getKysely(em: EntityManager): Kysely<any> {\n  return (em as unknown as { getKysely: () => Kysely<any> }).getKysely()\n}\n\nconst EMAIL_VERIFICATION_TTL_MS = 24 * 60 * 60 * 1000 // 24 hours\nconst MAGIC_LINK_TTL_MS = 15 * 60 * 1000 // 15 minutes\nconst PASSWORD_RESET_TTL_MS = 60 * 60 * 1000 // 60 minutes\n\nexport class CustomerTokenService {\n  constructor(private em: EntityManager) {}\n\n  async createEmailVerification(userId: string, tenantId: string): Promise<string> {\n    const rawToken = generateSecureToken()\n    const tokenHashed = hashToken(rawToken)\n    const expiresAt = new Date(Date.now() + EMAIL_VERIFICATION_TTL_MS)\n    const record = this.em.create(CustomerUserEmailVerification, {\n      user: userId as any,\n      token: tokenHashed,\n      purpose: 'email_verification',\n      expiresAt,\n      createdAt: new Date(),\n    } as any)\n    await this.em.persist(record).flush()\n    return rawToken\n  }\n\n  async createMagicLink(userId: string, tenantId: string): Promise<string> {\n    const rawToken = generateSecureToken()\n    const tokenHashed = hashToken(rawToken)\n    const expiresAt = new Date(Date.now() + MAGIC_LINK_TTL_MS)\n    const record = this.em.create(CustomerUserEmailVerification, {\n      user: userId as any,\n      token: tokenHashed,\n      purpose: 'magic_link',\n      expiresAt,\n      createdAt: new Date(),\n    } as any)\n    await this.em.persist(record).flush()\n    return rawToken\n  }\n\n  async createPasswordReset(userId: string, tenantId: string): Promise<string> {\n    const rawToken = generateSecureToken()\n    const tokenHashed = hashToken(rawToken)\n    const expiresAt = new Date(Date.now() + PASSWORD_RESET_TTL_MS)\n    const record = this.em.create(CustomerUserPasswordReset, {\n      user: userId as any,\n      token: tokenHashed,\n      expiresAt,\n      createdAt: new Date(),\n    } as any)\n    await this.em.persist(record).flush()\n    return rawToken\n  }\n\n  async verifyEmailToken(token: string, purpose: string, tenantId?: string): Promise<{ userId: string; tenantId: string } | null> {\n    const tokenHashed = hashToken(token)\n    const record = await this.em.findOne(CustomerUserEmailVerification, {\n      token: tokenHashed,\n      purpose,\n    }, { populate: ['user'] })\n    if (!record) return null\n    if (record.usedAt) return null\n    if (record.expiresAt.getTime() < Date.now()) return null\n\n    const user = record.user as CustomerUser\n    if (tenantId && user?.tenantId !== tenantId) return null\n\n    const db = getKysely(this.em)\n    const updateResult = await db\n      .updateTable('customer_user_email_verifications' as any)\n      .set({ used_at: new Date() } as any)\n      .where('id' as any, '=', record.id)\n      .where('used_at' as any, 'is', null)\n      .where('expires_at' as any, '>', new Date())\n      .executeTakeFirst()\n    const consumed = Number(updateResult?.numUpdatedRows ?? 0n)\n    if (consumed === 0) return null\n\n    const resolvedUserId = typeof user === 'string' ? user : user.id\n    const resolvedTenantId = typeof user === 'string' ? '' : user.tenantId\n    return { userId: resolvedUserId, tenantId: resolvedTenantId }\n  }\n\n  async verifyPasswordResetToken(token: string, tenantId?: string): Promise<{ userId: string; tenantId: string } | null> {\n    const tokenHashed = hashToken(token)\n    const record = await this.em.findOne(CustomerUserPasswordReset, {\n      token: tokenHashed,\n    }, { populate: ['user'] })\n    if (!record) return null\n    if (record.usedAt) return null\n    if (record.expiresAt.getTime() < Date.now()) return null\n\n    const user = record.user as CustomerUser\n    if (tenantId && user?.tenantId !== tenantId) return null\n\n    const db = getKysely(this.em)\n    const updateResult = await db\n      .updateTable('customer_user_password_resets' as any)\n      .set({ used_at: new Date() } as any)\n      .where('id' as any, '=', record.id)\n      .where('used_at' as any, 'is', null)\n      .where('expires_at' as any, '>', new Date())\n      .executeTakeFirst()\n    const consumed = Number(updateResult?.numUpdatedRows ?? 0n)\n    if (consumed === 0) return null\n\n    const resolvedUserId = typeof user === 'string' ? user : user.id\n    const resolvedTenantId = typeof user === 'string' ? '' : user.tenantId\n    return { userId: resolvedUserId, tenantId: resolvedTenantId }\n  }\n}\n"],
+  "mappings": "AAEA;AAAA,EAEE;AAAA,EACA;AAAA,OACK;AACP,SAAS,qBAAqB,iBAAiB;AAE/C,SAAS,UAAU,IAAgC;AACjD,SAAQ,GAAmD,UAAU;AACvE;AAEA,MAAM,4BAA4B,KAAK,KAAK,KAAK;AACjD,MAAM,oBAAoB,KAAK,KAAK;AACpC,MAAM,wBAAwB,KAAK,KAAK;AAEjC,MAAM,qBAAqB;AAAA,EAChC,YAAoB,IAAmB;AAAnB;AAAA,EAAoB;AAAA,EAExC,MAAM,wBAAwB,QAAgB,UAAmC;AAC/E,UAAM,WAAW,oBAAoB;AACrC,UAAM,cAAc,UAAU,QAAQ;AACtC,UAAM,YAAY,IAAI,KAAK,KAAK,IAAI,IAAI,yBAAyB;AACjE,UAAM,SAAS,KAAK,GAAG,OAAO,+BAA+B;AAAA,MAC3D,MAAM;AAAA,MACN,OAAO;AAAA,MACP,SAAS;AAAA,MACT;AAAA,MACA,WAAW,oBAAI,KAAK;AAAA,IACtB,CAAQ;AACR,UAAM,KAAK,GAAG,QAAQ,MAAM,EAAE,MAAM;AACpC,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,gBAAgB,QAAgB,UAAmC;AACvE,UAAM,WAAW,oBAAoB;AACrC,UAAM,cAAc,UAAU,QAAQ;AACtC,UAAM,YAAY,IAAI,KAAK,KAAK,IAAI,IAAI,iBAAiB;AACzD,UAAM,SAAS,KAAK,GAAG,OAAO,+BAA+B;AAAA,MAC3D,MAAM;AAAA,MACN,OAAO;AAAA,MACP,SAAS;AAAA,MACT;AAAA,MACA,WAAW,oBAAI,KAAK;AAAA,IACtB,CAAQ;AACR,UAAM,KAAK,GAAG,QAAQ,MAAM,EAAE,MAAM;AACpC,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,oBAAoB,QAAgB,UAAmC;AAC3E,UAAM,WAAW,oBAAoB;AACrC,UAAM,cAAc,UAAU,QAAQ;AACtC,UAAM,YAAY,IAAI,KAAK,KAAK,IAAI,IAAI,qBAAqB;AAC7D,UAAM,SAAS,KAAK,GAAG,OAAO,2BAA2B;AAAA,MACvD,MAAM;AAAA,MACN,OAAO;AAAA,MACP;AAAA,MACA,WAAW,oBAAI,KAAK;AAAA,IACtB,CAAQ;AACR,UAAM,KAAK,GAAG,QAAQ,MAAM,EAAE,MAAM;AACpC,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,iBAAiB,OAAe,SAAiB,UAAyE;AAC9H,UAAM,cAAc,UAAU,KAAK;AACnC,UAAM,SAAS,MAAM,KAAK,GAAG,QAAQ,+BAA+B;AAAA,MAClE,OAAO;AAAA,MACP;AAAA,IACF,GAAG,EAAE,UAAU,CAAC,MAAM,EAAE,CAAC;AACzB,QAAI,CAAC,OAAQ,QAAO;AACpB,QAAI,OAAO,OAAQ,QAAO;AAC1B,QAAI,OAAO,UAAU,QAAQ,IAAI,KAAK,IAAI,EAAG,QAAO;AAEpD,UAAM,OAAO,OAAO;AACpB,QAAI,YAAY,MAAM,aAAa,SAAU,QAAO;AAEpD,UAAM,KAAK,UAAU,KAAK,EAAE;AAC5B,UAAM,eAAe,MAAM,GACxB,YAAY,mCAA0C,EACtD,IAAI,EAAE,SAAS,oBAAI,KAAK,EAAE,CAAQ,EAClC,MAAM,MAAa,KAAK,OAAO,EAAE,EACjC,MAAM,WAAkB,MAAM,IAAI,EAClC,MAAM,cAAqB,KAAK,oBAAI,KAAK,CAAC,EAC1C,iBAAiB;AACpB,UAAM,WAAW,OAAO,cAAc,kBAAkB,EAAE;AAC1D,QAAI,aAAa,EAAG,QAAO;AAE3B,UAAM,iBAAiB,OAAO,SAAS,WAAW,OAAO,KAAK;AAC9D,UAAM,mBAAmB,OAAO,SAAS,WAAW,KAAK,KAAK;AAC9D,WAAO,EAAE,QAAQ,gBAAgB,UAAU,iBAAiB;AAAA,EAC9D;AAAA,EAEA,MAAM,yBAAyB,OAAe,UAAyE;AACrH,UAAM,cAAc,UAAU,KAAK;AACnC,UAAM,SAAS,MAAM,KAAK,GAAG,QAAQ,2BAA2B;AAAA,MAC9D,OAAO;AAAA,IACT,GAAG,EAAE,UAAU,CAAC,MAAM,EAAE,CAAC;AACzB,QAAI,CAAC,OAAQ,QAAO;AACpB,QAAI,OAAO,OAAQ,QAAO;AAC1B,QAAI,OAAO,UAAU,QAAQ,IAAI,KAAK,IAAI,EAAG,QAAO;AAEpD,UAAM,OAAO,OAAO;AACpB,QAAI,YAAY,MAAM,aAAa,SAAU,QAAO;AAEpD,UAAM,KAAK,UAAU,KAAK,EAAE;AAC5B,UAAM,eAAe,MAAM,GACxB,YAAY,+BAAsC,EAClD,IAAI,EAAE,SAAS,oBAAI,KAAK,EAAE,CAAQ,EAClC,MAAM,MAAa,KAAK,OAAO,EAAE,EACjC,MAAM,WAAkB,MAAM,IAAI,EAClC,MAAM,cAAqB,KAAK,oBAAI,KAAK,CAAC,EAC1C,iBAAiB;AACpB,UAAM,WAAW,OAAO,cAAc,kBAAkB,EAAE;AAC1D,QAAI,aAAa,EAAG,QAAO;AAE3B,UAAM,iBAAiB,OAAO,SAAS,WAAW,OAAO,KAAK;AAC9D,UAAM,mBAAmB,OAAO,SAAS,WAAW,KAAK,KAAK;AAC9D,WAAO,EAAE,QAAQ,gBAAgB,UAAU,iBAAiB;AAAA,EAC9D;AACF;",
   "names": []
 }

package/dist/modules/customers/api/interactions/conflicts/route.js CHANGED Viewed

@@ -1,5 +1,6 @@
 import { NextResponse } from "next/server";
 import { z } from "zod";
+import { sql } from "kysely";
 import { CrudHttpError } from "@open-mercato/shared/lib/crud/errors";
 import { createRequestContainer } from "@open-mercato/shared/lib/di/container";
 import { getAuthFromRequest } from "@open-mercato/shared/lib/auth/server";
@@ -76,30 +77,31 @@ async function GET(req) {
     }
     const checkUserId = query.userId ?? auth.userId;
     const em = container.resolve("em").fork();
-    const knex = em.getKnex();
-    const baseQuery = knex("customer_interactions").where("tenant_id", auth.tenantId).where("status", "planned").whereNotNull("scheduled_at").whereNull("deleted_at");
+    const kysely = em.getKysely();
+    let baseQuery = kysely.selectFrom("customer_interactions").select(["id", "scheduled_at", "duration_minutes", "interaction_type"]).where("tenant_id", "=", auth.tenantId).where("status", "=", "planned").where("scheduled_at", "is not", null).where("deleted_at", "is", null);
     if (organizationIds.length === 1) {
-      baseQuery.where("organization_id", organizationIds[0]);
+      baseQuery = baseQuery.where("organization_id", "=", organizationIds[0]);
     } else if (organizationIds.length > 1) {
-      baseQuery.whereIn("organization_id", organizationIds);
+      baseQuery = baseQuery.where("organization_id", "in", organizationIds);
     }
     if (checkUserId) {
-      baseQuery.where(function() {
-        this.where("author_user_id", checkUserId).orWhere("owner_user_id", checkUserId);
-      });
+      baseQuery = baseQuery.where(
+        (eb) => eb.or([
+          eb("author_user_id", "=", checkUserId),
+          eb("owner_user_id", "=", checkUserId)
+        ])
+      );
     }
     if (query.excludeId) {
-      baseQuery.whereNot("id", query.excludeId);
+      baseQuery = baseQuery.where("id", "!=", query.excludeId);
     }
-    baseQuery.where(function() {
-      this.where("scheduled_at", "<", windowEnd.toISOString()).andWhere(
-        knex.raw(
-          "(scheduled_at + make_interval(mins => COALESCE(duration_minutes, 30))) > ?",
-          [windowStart.toISOString()]
-        )
-      );
-    });
-    const rows = await baseQuery.select("id", "scheduled_at", "duration_minutes", "interaction_type").orderBy("scheduled_at", "asc").limit(10);
+    baseQuery = baseQuery.where(
+      (eb) => eb.and([
+        eb("scheduled_at", "<", windowEnd.toISOString()),
+        eb(sql`(scheduled_at + make_interval(mins => COALESCE(duration_minutes, 30)))`, ">", windowStart.toISOString())
+      ])
+    );
+    const rows = await baseQuery.orderBy("scheduled_at", "asc").limit(10).execute();
     const decryptionScope = {
       tenantId: auth.tenantId ?? null,
       organizationId: auth.orgId ?? null