npm - @open-mercato/onboarding - Versions diffs - 0.4.7-main-1768da2e43 → 0.4.7 - Mend

@open-mercato/onboarding 0.4.7-main-1768da2e43 → 0.4.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/modules/onboarding/api/get/onboarding/verify.js CHANGED Viewed

@@ -11,6 +11,7 @@ import { flattenSystemEntityIds } from "@open-mercato/shared/lib/entities/system
 import { getEntityIds } from "@open-mercato/shared/lib/encryption/entityIds";
 import { getModules } from "@open-mercato/shared/lib/modules/registry";
 const metadata = {
+  path: "/onboarding/onboarding/verify",
   GET: {
     requireAuth: false
   }

package/dist/modules/onboarding/api/get/onboarding/verify.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../../src/modules/onboarding/api/get/onboarding/verify.ts"],
-  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { onboardingVerifySchema } from '@open-mercato/onboarding/modules/onboarding/data/validators'\nimport { OnboardingService } from '@open-mercato/onboarding/modules/onboarding/lib/service'\nimport { setupInitialTenant } from '@open-mercato/core/modules/auth/lib/setup-app'\nimport { reindexEntity } from '@open-mercato/core/modules/query_index/lib/reindexer'\nimport { purgeIndexScope } from '@open-mercato/core/modules/query_index/lib/purge'\nimport { refreshCoverageSnapshot } from '@open-mercato/core/modules/query_index/lib/coverage'\nimport { flattenSystemEntityIds } from '@open-mercato/shared/lib/entities/system-entities'\nimport { getEntityIds } from '@open-mercato/shared/lib/encryption/entityIds'\nimport { getModules } from '@open-mercato/shared/lib/modules/registry'\nimport type { VectorIndexService } from '@open-mercato/search/vector'\nimport type { OpenApiMethodDoc, OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'\n\nexport const metadata = {\n  GET: {\n    requireAuth: false,\n  },\n}\n\nfunction clearAuthCookies(response: NextResponse) {\n  response.cookies.set('auth_token', '', { path: '/', maxAge: 0 })\n  response.cookies.set('session_token', '', { path: '/', maxAge: 0 })\n  response.cookies.set('om_login_tenant', '', { path: '/', maxAge: 0 })\n}\n\nfunction redirectWithStatus(baseUrl: string, status: string) {\n  const response = NextResponse.redirect(`${baseUrl}/onboarding?status=${encodeURIComponent(status)}`)\n  clearAuthCookies(response)\n  return response\n}\n\nfunction redirectToLogin(baseUrl: string, tenantId: string | null) {\n  const tenantParam = tenantId ? `?tenant=${encodeURIComponent(tenantId)}` : ''\n  const response = NextResponse.redirect(`${baseUrl}/login${tenantParam}`)\n  clearAuthCookies(response)\n  if (tenantId) {\n    response.cookies.set('om_login_tenant', tenantId, {\n      httpOnly: false,\n      sameSite: 'lax',\n      secure: process.env.NODE_ENV === 'production',\n      path: '/',\n      maxAge: 60 * 60 * 24 * 14,\n    })\n  }\n  return response\n}\n\nexport async function GET(req: Request) {\n  const url = new URL(req.url)\n  const baseUrl = process.env.APP_URL || `${url.protocol}//${url.host}`\n  const token = url.searchParams.get('token') ?? ''\n  const parsed = onboardingVerifySchema.safeParse({ token })\n  if (!parsed.success) {\n    return redirectWithStatus(baseUrl, 'invalid')\n  }\n\n  const container = await createRequestContainer()\n  const em = (container.resolve('em') as EntityManager)\n  const service = new OnboardingService(em)\n  const request = await service.findByToken(parsed.data.token)\n  if (!request) {\n    return redirectWithStatus(baseUrl, 'invalid')\n  }\n  if (request.expiresAt <= new Date() && request.status !== 'completed') {\n    return redirectWithStatus(baseUrl, 'invalid')\n  }\n  if (request.status === 'completed' && request.tenantId) {\n    return redirectToLogin(baseUrl, request.tenantId)\n  }\n  const lockWindowMs = 15 * 60 * 1000\n  const processingStartedAt = request.processingStartedAt?.getTime() ?? 0\n  const processingFresh = request.status === 'processing' && processingStartedAt > Date.now() - lockWindowMs\n  if (processingFresh) {\n    return redirectToLogin(baseUrl, request.tenantId ?? null)\n  }\n  if (request.status === 'processing' && !processingFresh) {\n    await service.resetProcessing(request)\n  }\n  if (request.status !== 'pending') {\n    return redirectWithStatus(baseUrl, 'invalid')\n  }\n  await service.startProcessing(request, new Date())\n  if (!request.passwordHash) {\n    console.error('[onboarding.verify] missing password hash for request', request.id)\n    await service.resetProcessing(request)\n    return redirectWithStatus(baseUrl, 'error')\n  }\n\n  let tenantId: string | null = null\n  let organizationId: string | null = null\n  let userId: string | null = null\n\n  try {\n    const setupResult = await setupInitialTenant(em, {\n      orgName: request.organizationName,\n      includeDerivedUsers: false,\n      failIfUserExists: true,\n      primaryUserRoles: ['admin'],\n      includeSuperadminRole: false,\n      primaryUser: {\n        email: request.email,\n        firstName: request.firstName,\n        lastName: request.lastName,\n        displayName: `${request.firstName} ${request.lastName}`.trim(),\n        hashedPassword: request.passwordHash,\n        confirm: true,\n      },\n      modules: getModules(),\n    })\n\n    tenantId = String(setupResult.tenantId)\n    organizationId = String(setupResult.organizationId)\n\n    const mainUserSnapshot = setupResult.users.find((entry) => entry.user.email === request.email)\n    if (!mainUserSnapshot) throw new Error('USER_NOT_CREATED')\n    const user = mainUserSnapshot.user\n    const resolvedUserId = String(user.id)\n    userId = resolvedUserId\n    await service.updateProvisioningIds(request, { tenantId, organizationId, userId: resolvedUserId })\n\n    // Call module seedDefaults + seedExamples hooks\n    const modules = getModules()\n    for (const mod of modules) {\n      if (mod.setup?.seedDefaults) {\n        await mod.setup.seedDefaults({ em, tenantId, organizationId, container })\n      }\n    }\n    for (const mod of modules) {\n      if (mod.setup?.seedExamples) {\n        await mod.setup.seedExamples({ em, tenantId, organizationId, container })\n      }\n    }\n    if (tenantId) {\n      let vectorService: VectorIndexService | null = null\n      try {\n        vectorService = container.resolve<VectorIndexService>('vectorIndexService')\n      } catch {\n        vectorService = null\n      }\n      const coverageRefreshKeys = new Set<string>()\n      try {\n        const allEntities = getEntityIds()\n        const entityIds = flattenSystemEntityIds(allEntities)\n        for (const entityType of entityIds) {\n          try {\n            await purgeIndexScope(em, { entityType, tenantId })\n          } catch (error) {\n            console.error('[onboarding.verify] failed to purge query index scope', { entityType, tenantId, error })\n          }\n          try {\n            await reindexEntity(em, {\n              entityType,\n              tenantId,\n              force: true,\n              emitVectorizeEvents: false,\n              vectorService: null,\n            })\n          } catch (error) {\n            console.error('[onboarding.verify] failed to reindex entity', { entityType, tenantId, error })\n          }\n          coverageRefreshKeys.add(`${entityType}|${tenantId}|__null__`)\n          if (organizationId) coverageRefreshKeys.add(`${entityType}|${tenantId}|${organizationId}`)\n        }\n      } catch (error) {\n        console.error('[onboarding.verify] failed to rebuild query indexes', { tenantId, error })\n      }\n\n      if (vectorService) {\n        try {\n          await vectorService.reindexAll({ tenantId, organizationId, purgeFirst: true })\n        } catch (error) {\n          console.error('[onboarding.verify] failed to rebuild vector indexes', { tenantId, organizationId, error })\n        }\n      }\n\n      if (coverageRefreshKeys.size) {\n        for (const entry of coverageRefreshKeys) {\n          const [entityType, tenantKey, orgKey] = entry.split('|')\n          const orgScope = orgKey === '__null__' ? null : orgKey\n          try {\n            await refreshCoverageSnapshot(\n              em,\n              {\n                entityType,\n                tenantId: tenantKey,\n                organizationId: orgScope,\n                withDeleted: false,\n              },\n            )\n          } catch (error) {\n            console.error('[onboarding.verify] failed to refresh coverage snapshot', {\n              entityType,\n              tenantId: tenantKey,\n              organizationId: orgScope,\n              error,\n            })\n          }\n        }\n      }\n    }\n\n    await service.markCompleted(request, { tenantId, organizationId, userId: resolvedUserId })\n    return redirectToLogin(baseUrl, tenantId)\n  } catch (error) {\n    if (error instanceof Error && error.message === 'USER_EXISTS') {\n      await service.resetProcessing(request)\n      return redirectWithStatus(baseUrl, 'already_exists')\n    }\n    console.error('[onboarding.verify] failed', error)\n    await service.resetProcessing(request)\n    return redirectWithStatus(baseUrl, 'error')\n  }\n}\n\nexport default GET\n\nconst onboardingTag = 'Onboarding'\n\nconst onboardingVerifyQuerySchema = z.object({\n  token: onboardingVerifySchema.shape.token,\n})\n\nconst onboardingVerifyDoc: OpenApiMethodDoc = {\n  summary: 'Verify onboarding token',\n  description: 'Validates the onboarding token, provisions the tenant, seeds demo data, and redirects the user to the login screen.',\n  tags: [onboardingTag],\n  query: onboardingVerifyQuerySchema,\n  responses: [\n    { status: 302, description: 'Redirect to onboarding UI or login' },\n  ],\n}\n\nexport const openApi: OpenApiRouteDoc = {\n  tag: onboardingTag,\n  summary: 'Onboarding verification redirect',\n  methods: {\n    GET: onboardingVerifyDoc,\n  },\n}\n"],
-  "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,8BAA8B;AACvC,SAAS,8BAA8B;AACvC,SAAS,yBAAyB;AAClC,SAAS,0BAA0B;AACnC,SAAS,qBAAqB;AAC9B,SAAS,uBAAuB;AAChC,SAAS,+BAA+B;AACxC,SAAS,8BAA8B;AACvC,SAAS,oBAAoB;AAC7B,SAAS,kBAAkB;AAIpB,MAAM,WAAW;AAAA,EACtB,KAAK;AAAA,IACH,aAAa;AAAA,EACf;AACF;AAEA,SAAS,iBAAiB,UAAwB;AAChD,WAAS,QAAQ,IAAI,cAAc,IAAI,EAAE,MAAM,KAAK,QAAQ,EAAE,CAAC;AAC/D,WAAS,QAAQ,IAAI,iBAAiB,IAAI,EAAE,MAAM,KAAK,QAAQ,EAAE,CAAC;AAClE,WAAS,QAAQ,IAAI,mBAAmB,IAAI,EAAE,MAAM,KAAK,QAAQ,EAAE,CAAC;AACtE;AAEA,SAAS,mBAAmB,SAAiB,QAAgB;AAC3D,QAAM,WAAW,aAAa,SAAS,GAAG,OAAO,sBAAsB,mBAAmB,MAAM,CAAC,EAAE;AACnG,mBAAiB,QAAQ;AACzB,SAAO;AACT;AAEA,SAAS,gBAAgB,SAAiB,UAAyB;AACjE,QAAM,cAAc,WAAW,WAAW,mBAAmB,QAAQ,CAAC,KAAK;AAC3E,QAAM,WAAW,aAAa,SAAS,GAAG,OAAO,SAAS,WAAW,EAAE;AACvE,mBAAiB,QAAQ;AACzB,MAAI,UAAU;AACZ,aAAS,QAAQ,IAAI,mBAAmB,UAAU;AAAA,MAChD,UAAU;AAAA,MACV,UAAU;AAAA,MACV,QAAQ,QAAQ,IAAI,aAAa;AAAA,MACjC,MAAM;AAAA,MACN,QAAQ,KAAK,KAAK,KAAK;AAAA,IACzB,CAAC;AAAA,EACH;AACA,SAAO;AACT;AAEA,eAAsB,IAAI,KAAc;AACtC,QAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,QAAM,UAAU,QAAQ,IAAI,WAAW,GAAG,IAAI,QAAQ,KAAK,IAAI,IAAI;AACnE,QAAM,QAAQ,IAAI,aAAa,IAAI,OAAO,KAAK;AAC/C,QAAM,SAAS,uBAAuB,UAAU,EAAE,MAAM,CAAC;AACzD,MAAI,CAAC,OAAO,SAAS;AACnB,WAAO,mBAAmB,SAAS,SAAS;AAAA,EAC9C;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,KAAM,UAAU,QAAQ,IAAI;AAClC,QAAM,UAAU,IAAI,kBAAkB,EAAE;AACxC,QAAM,UAAU,MAAM,QAAQ,YAAY,OAAO,KAAK,KAAK;AAC3D,MAAI,CAAC,SAAS;AACZ,WAAO,mBAAmB,SAAS,SAAS;AAAA,EAC9C;AACA,MAAI,QAAQ,aAAa,oBAAI,KAAK,KAAK,QAAQ,WAAW,aAAa;AACrE,WAAO,mBAAmB,SAAS,SAAS;AAAA,EAC9C;AACA,MAAI,QAAQ,WAAW,eAAe,QAAQ,UAAU;AACtD,WAAO,gBAAgB,SAAS,QAAQ,QAAQ;AAAA,EAClD;AACA,QAAM,eAAe,KAAK,KAAK;AAC/B,QAAM,sBAAsB,QAAQ,qBAAqB,QAAQ,KAAK;AACtE,QAAM,kBAAkB,QAAQ,WAAW,gBAAgB,sBAAsB,KAAK,IAAI,IAAI;AAC9F,MAAI,iBAAiB;AACnB,WAAO,gBAAgB,SAAS,QAAQ,YAAY,IAAI;AAAA,EAC1D;AACA,MAAI,QAAQ,WAAW,gBAAgB,CAAC,iBAAiB;AACvD,UAAM,QAAQ,gBAAgB,OAAO;AAAA,EACvC;AACA,MAAI,QAAQ,WAAW,WAAW;AAChC,WAAO,mBAAmB,SAAS,SAAS;AAAA,EAC9C;AACA,QAAM,QAAQ,gBAAgB,SAAS,oBAAI,KAAK,CAAC;AACjD,MAAI,CAAC,QAAQ,cAAc;AACzB,YAAQ,MAAM,yDAAyD,QAAQ,EAAE;AACjF,UAAM,QAAQ,gBAAgB,OAAO;AACrC,WAAO,mBAAmB,SAAS,OAAO;AAAA,EAC5C;AAEA,MAAI,WAA0B;AAC9B,MAAI,iBAAgC;AACpC,MAAI,SAAwB;AAE5B,MAAI;AACF,UAAM,cAAc,MAAM,mBAAmB,IAAI;AAAA,MAC/C,SAAS,QAAQ;AAAA,MACjB,qBAAqB;AAAA,MACrB,kBAAkB;AAAA,MAClB,kBAAkB,CAAC,OAAO;AAAA,MAC1B,uBAAuB;AAAA,MACvB,aAAa;AAAA,QACX,OAAO,QAAQ;AAAA,QACf,WAAW,QAAQ;AAAA,QACnB,UAAU,QAAQ;AAAA,QAClB,aAAa,GAAG,QAAQ,SAAS,IAAI,QAAQ,QAAQ,GAAG,KAAK;AAAA,QAC7D,gBAAgB,QAAQ;AAAA,QACxB,SAAS;AAAA,MACX;AAAA,MACA,SAAS,WAAW;AAAA,IACtB,CAAC;AAED,eAAW,OAAO,YAAY,QAAQ;AACtC,qBAAiB,OAAO,YAAY,cAAc;AAElD,UAAM,mBAAmB,YAAY,MAAM,KAAK,CAAC,UAAU,MAAM,KAAK,UAAU,QAAQ,KAAK;AAC7F,QAAI,CAAC,iBAAkB,OAAM,IAAI,MAAM,kBAAkB;AACzD,UAAM,OAAO,iBAAiB;AAC9B,UAAM,iBAAiB,OAAO,KAAK,EAAE;AACrC,aAAS;AACT,UAAM,QAAQ,sBAAsB,SAAS,EAAE,UAAU,gBAAgB,QAAQ,eAAe,CAAC;AAGjG,UAAM,UAAU,WAAW;AAC3B,eAAW,OAAO,SAAS;AACzB,UAAI,IAAI,OAAO,cAAc;AAC3B,cAAM,IAAI,MAAM,aAAa,EAAE,IAAI,UAAU,gBAAgB,UAAU,CAAC;AAAA,MAC1E;AAAA,IACF;AACA,eAAW,OAAO,SAAS;AACzB,UAAI,IAAI,OAAO,cAAc;AAC3B,cAAM,IAAI,MAAM,aAAa,EAAE,IAAI,UAAU,gBAAgB,UAAU,CAAC;AAAA,MAC1E;AAAA,IACF;AACA,QAAI,UAAU;AACZ,UAAI,gBAA2C;AAC/C,UAAI;AACF,wBAAgB,UAAU,QAA4B,oBAAoB;AAAA,MAC5E,QAAQ;AACN,wBAAgB;AAAA,MAClB;AACA,YAAM,sBAAsB,oBAAI,IAAY;AAC5C,UAAI;AACF,cAAM,cAAc,aAAa;AACjC,cAAM,YAAY,uBAAuB,WAAW;AACpD,mBAAW,cAAc,WAAW;AAClC,cAAI;AACF,kBAAM,gBAAgB,IAAI,EAAE,YAAY,SAAS,CAAC;AAAA,UACpD,SAAS,OAAO;AACd,oBAAQ,MAAM,yDAAyD,EAAE,YAAY,UAAU,MAAM,CAAC;AAAA,UACxG;AACA,cAAI;AACF,kBAAM,cAAc,IAAI;AAAA,cACtB;AAAA,cACA;AAAA,cACA,OAAO;AAAA,cACP,qBAAqB;AAAA,cACrB,eAAe;AAAA,YACjB,CAAC;AAAA,UACH,SAAS,OAAO;AACd,oBAAQ,MAAM,gDAAgD,EAAE,YAAY,UAAU,MAAM,CAAC;AAAA,UAC/F;AACA,8BAAoB,IAAI,GAAG,UAAU,IAAI,QAAQ,WAAW;AAC5D,cAAI,eAAgB,qBAAoB,IAAI,GAAG,UAAU,IAAI,QAAQ,IAAI,cAAc,EAAE;AAAA,QAC3F;AAAA,MACF,SAAS,OAAO;AACd,gBAAQ,MAAM,uDAAuD,EAAE,UAAU,MAAM,CAAC;AAAA,MAC1F;AAEA,UAAI,eAAe;AACjB,YAAI;AACF,gBAAM,cAAc,WAAW,EAAE,UAAU,gBAAgB,YAAY,KAAK,CAAC;AAAA,QAC/E,SAAS,OAAO;AACd,kBAAQ,MAAM,wDAAwD,EAAE,UAAU,gBAAgB,MAAM,CAAC;AAAA,QAC3G;AAAA,MACF;AAEA,UAAI,oBAAoB,MAAM;AAC5B,mBAAW,SAAS,qBAAqB;AACvC,gBAAM,CAAC,YAAY,WAAW,MAAM,IAAI,MAAM,MAAM,GAAG;AACvD,gBAAM,WAAW,WAAW,aAAa,OAAO;AAChD,cAAI;AACF,kBAAM;AAAA,cACJ;AAAA,cACA;AAAA,gBACE;AAAA,gBACA,UAAU;AAAA,gBACV,gBAAgB;AAAA,gBAChB,aAAa;AAAA,cACf;AAAA,YACF;AAAA,UACF,SAAS,OAAO;AACd,oBAAQ,MAAM,2DAA2D;AAAA,cACvE;AAAA,cACA,UAAU;AAAA,cACV,gBAAgB;AAAA,cAChB;AAAA,YACF,CAAC;AAAA,UACH;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAEA,UAAM,QAAQ,cAAc,SAAS,EAAE,UAAU,gBAAgB,QAAQ,eAAe,CAAC;AACzF,WAAO,gBAAgB,SAAS,QAAQ;AAAA,EAC1C,SAAS,OAAO;AACd,QAAI,iBAAiB,SAAS,MAAM,YAAY,eAAe;AAC7D,YAAM,QAAQ,gBAAgB,OAAO;AACrC,aAAO,mBAAmB,SAAS,gBAAgB;AAAA,IACrD;AACA,YAAQ,MAAM,8BAA8B,KAAK;AACjD,UAAM,QAAQ,gBAAgB,OAAO;AACrC,WAAO,mBAAmB,SAAS,OAAO;AAAA,EAC5C;AACF;AAEA,IAAO,iBAAQ;AAEf,MAAM,gBAAgB;AAEtB,MAAM,8BAA8B,EAAE,OAAO;AAAA,EAC3C,OAAO,uBAAuB,MAAM;AACtC,CAAC;AAED,MAAM,sBAAwC;AAAA,EAC5C,SAAS;AAAA,EACT,aAAa;AAAA,EACb,MAAM,CAAC,aAAa;AAAA,EACpB,OAAO;AAAA,EACP,WAAW;AAAA,IACT,EAAE,QAAQ,KAAK,aAAa,qCAAqC;AAAA,EACnE;AACF;AAEO,MAAM,UAA2B;AAAA,EACtC,KAAK;AAAA,EACL,SAAS;AAAA,EACT,SAAS;AAAA,IACP,KAAK;AAAA,EACP;AACF;",
+  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { onboardingVerifySchema } from '@open-mercato/onboarding/modules/onboarding/data/validators'\nimport { OnboardingService } from '@open-mercato/onboarding/modules/onboarding/lib/service'\nimport { setupInitialTenant } from '@open-mercato/core/modules/auth/lib/setup-app'\nimport { reindexEntity } from '@open-mercato/core/modules/query_index/lib/reindexer'\nimport { purgeIndexScope } from '@open-mercato/core/modules/query_index/lib/purge'\nimport { refreshCoverageSnapshot } from '@open-mercato/core/modules/query_index/lib/coverage'\nimport { flattenSystemEntityIds } from '@open-mercato/shared/lib/entities/system-entities'\nimport { getEntityIds } from '@open-mercato/shared/lib/encryption/entityIds'\nimport { getModules } from '@open-mercato/shared/lib/modules/registry'\nimport type { VectorIndexService } from '@open-mercato/search/vector'\nimport type { OpenApiMethodDoc, OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'\n\nexport const metadata = {\n  path: '/onboarding/onboarding/verify',\n  GET: {\n    requireAuth: false,\n  },\n}\n\nfunction clearAuthCookies(response: NextResponse) {\n  response.cookies.set('auth_token', '', { path: '/', maxAge: 0 })\n  response.cookies.set('session_token', '', { path: '/', maxAge: 0 })\n  response.cookies.set('om_login_tenant', '', { path: '/', maxAge: 0 })\n}\n\nfunction redirectWithStatus(baseUrl: string, status: string) {\n  const response = NextResponse.redirect(`${baseUrl}/onboarding?status=${encodeURIComponent(status)}`)\n  clearAuthCookies(response)\n  return response\n}\n\nfunction redirectToLogin(baseUrl: string, tenantId: string | null) {\n  const tenantParam = tenantId ? `?tenant=${encodeURIComponent(tenantId)}` : ''\n  const response = NextResponse.redirect(`${baseUrl}/login${tenantParam}`)\n  clearAuthCookies(response)\n  if (tenantId) {\n    response.cookies.set('om_login_tenant', tenantId, {\n      httpOnly: false,\n      sameSite: 'lax',\n      secure: process.env.NODE_ENV === 'production',\n      path: '/',\n      maxAge: 60 * 60 * 24 * 14,\n    })\n  }\n  return response\n}\n\nexport async function GET(req: Request) {\n  const url = new URL(req.url)\n  const baseUrl = process.env.APP_URL || `${url.protocol}//${url.host}`\n  const token = url.searchParams.get('token') ?? ''\n  const parsed = onboardingVerifySchema.safeParse({ token })\n  if (!parsed.success) {\n    return redirectWithStatus(baseUrl, 'invalid')\n  }\n\n  const container = await createRequestContainer()\n  const em = (container.resolve('em') as EntityManager)\n  const service = new OnboardingService(em)\n  const request = await service.findByToken(parsed.data.token)\n  if (!request) {\n    return redirectWithStatus(baseUrl, 'invalid')\n  }\n  if (request.expiresAt <= new Date() && request.status !== 'completed') {\n    return redirectWithStatus(baseUrl, 'invalid')\n  }\n  if (request.status === 'completed' && request.tenantId) {\n    return redirectToLogin(baseUrl, request.tenantId)\n  }\n  const lockWindowMs = 15 * 60 * 1000\n  const processingStartedAt = request.processingStartedAt?.getTime() ?? 0\n  const processingFresh = request.status === 'processing' && processingStartedAt > Date.now() - lockWindowMs\n  if (processingFresh) {\n    return redirectToLogin(baseUrl, request.tenantId ?? null)\n  }\n  if (request.status === 'processing' && !processingFresh) {\n    await service.resetProcessing(request)\n  }\n  if (request.status !== 'pending') {\n    return redirectWithStatus(baseUrl, 'invalid')\n  }\n  await service.startProcessing(request, new Date())\n  if (!request.passwordHash) {\n    console.error('[onboarding.verify] missing password hash for request', request.id)\n    await service.resetProcessing(request)\n    return redirectWithStatus(baseUrl, 'error')\n  }\n\n  let tenantId: string | null = null\n  let organizationId: string | null = null\n  let userId: string | null = null\n\n  try {\n    const setupResult = await setupInitialTenant(em, {\n      orgName: request.organizationName,\n      includeDerivedUsers: false,\n      failIfUserExists: true,\n      primaryUserRoles: ['admin'],\n      includeSuperadminRole: false,\n      primaryUser: {\n        email: request.email,\n        firstName: request.firstName,\n        lastName: request.lastName,\n        displayName: `${request.firstName} ${request.lastName}`.trim(),\n        hashedPassword: request.passwordHash,\n        confirm: true,\n      },\n      modules: getModules(),\n    })\n\n    tenantId = String(setupResult.tenantId)\n    organizationId = String(setupResult.organizationId)\n\n    const mainUserSnapshot = setupResult.users.find((entry) => entry.user.email === request.email)\n    if (!mainUserSnapshot) throw new Error('USER_NOT_CREATED')\n    const user = mainUserSnapshot.user\n    const resolvedUserId = String(user.id)\n    userId = resolvedUserId\n    await service.updateProvisioningIds(request, { tenantId, organizationId, userId: resolvedUserId })\n\n    // Call module seedDefaults + seedExamples hooks\n    const modules = getModules()\n    for (const mod of modules) {\n      if (mod.setup?.seedDefaults) {\n        await mod.setup.seedDefaults({ em, tenantId, organizationId, container })\n      }\n    }\n    for (const mod of modules) {\n      if (mod.setup?.seedExamples) {\n        await mod.setup.seedExamples({ em, tenantId, organizationId, container })\n      }\n    }\n    if (tenantId) {\n      let vectorService: VectorIndexService | null = null\n      try {\n        vectorService = container.resolve<VectorIndexService>('vectorIndexService')\n      } catch {\n        vectorService = null\n      }\n      const coverageRefreshKeys = new Set<string>()\n      try {\n        const allEntities = getEntityIds()\n        const entityIds = flattenSystemEntityIds(allEntities)\n        for (const entityType of entityIds) {\n          try {\n            await purgeIndexScope(em, { entityType, tenantId })\n          } catch (error) {\n            console.error('[onboarding.verify] failed to purge query index scope', { entityType, tenantId, error })\n          }\n          try {\n            await reindexEntity(em, {\n              entityType,\n              tenantId,\n              force: true,\n              emitVectorizeEvents: false,\n              vectorService: null,\n            })\n          } catch (error) {\n            console.error('[onboarding.verify] failed to reindex entity', { entityType, tenantId, error })\n          }\n          coverageRefreshKeys.add(`${entityType}|${tenantId}|__null__`)\n          if (organizationId) coverageRefreshKeys.add(`${entityType}|${tenantId}|${organizationId}`)\n        }\n      } catch (error) {\n        console.error('[onboarding.verify] failed to rebuild query indexes', { tenantId, error })\n      }\n\n      if (vectorService) {\n        try {\n          await vectorService.reindexAll({ tenantId, organizationId, purgeFirst: true })\n        } catch (error) {\n          console.error('[onboarding.verify] failed to rebuild vector indexes', { tenantId, organizationId, error })\n        }\n      }\n\n      if (coverageRefreshKeys.size) {\n        for (const entry of coverageRefreshKeys) {\n          const [entityType, tenantKey, orgKey] = entry.split('|')\n          const orgScope = orgKey === '__null__' ? null : orgKey\n          try {\n            await refreshCoverageSnapshot(\n              em,\n              {\n                entityType,\n                tenantId: tenantKey,\n                organizationId: orgScope,\n                withDeleted: false,\n              },\n            )\n          } catch (error) {\n            console.error('[onboarding.verify] failed to refresh coverage snapshot', {\n              entityType,\n              tenantId: tenantKey,\n              organizationId: orgScope,\n              error,\n            })\n          }\n        }\n      }\n    }\n\n    await service.markCompleted(request, { tenantId, organizationId, userId: resolvedUserId })\n    return redirectToLogin(baseUrl, tenantId)\n  } catch (error) {\n    if (error instanceof Error && error.message === 'USER_EXISTS') {\n      await service.resetProcessing(request)\n      return redirectWithStatus(baseUrl, 'already_exists')\n    }\n    console.error('[onboarding.verify] failed', error)\n    await service.resetProcessing(request)\n    return redirectWithStatus(baseUrl, 'error')\n  }\n}\n\nexport default GET\n\nconst onboardingTag = 'Onboarding'\n\nconst onboardingVerifyQuerySchema = z.object({\n  token: onboardingVerifySchema.shape.token,\n})\n\nconst onboardingVerifyDoc: OpenApiMethodDoc = {\n  summary: 'Verify onboarding token',\n  description: 'Validates the onboarding token, provisions the tenant, seeds demo data, and redirects the user to the login screen.',\n  tags: [onboardingTag],\n  query: onboardingVerifyQuerySchema,\n  responses: [\n    { status: 302, description: 'Redirect to onboarding UI or login' },\n  ],\n}\n\nexport const openApi: OpenApiRouteDoc = {\n  tag: onboardingTag,\n  summary: 'Onboarding verification redirect',\n  methods: {\n    GET: onboardingVerifyDoc,\n  },\n}\n"],
+  "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,8BAA8B;AACvC,SAAS,8BAA8B;AACvC,SAAS,yBAAyB;AAClC,SAAS,0BAA0B;AACnC,SAAS,qBAAqB;AAC9B,SAAS,uBAAuB;AAChC,SAAS,+BAA+B;AACxC,SAAS,8BAA8B;AACvC,SAAS,oBAAoB;AAC7B,SAAS,kBAAkB;AAIpB,MAAM,WAAW;AAAA,EACtB,MAAM;AAAA,EACN,KAAK;AAAA,IACH,aAAa;AAAA,EACf;AACF;AAEA,SAAS,iBAAiB,UAAwB;AAChD,WAAS,QAAQ,IAAI,cAAc,IAAI,EAAE,MAAM,KAAK,QAAQ,EAAE,CAAC;AAC/D,WAAS,QAAQ,IAAI,iBAAiB,IAAI,EAAE,MAAM,KAAK,QAAQ,EAAE,CAAC;AAClE,WAAS,QAAQ,IAAI,mBAAmB,IAAI,EAAE,MAAM,KAAK,QAAQ,EAAE,CAAC;AACtE;AAEA,SAAS,mBAAmB,SAAiB,QAAgB;AAC3D,QAAM,WAAW,aAAa,SAAS,GAAG,OAAO,sBAAsB,mBAAmB,MAAM,CAAC,EAAE;AACnG,mBAAiB,QAAQ;AACzB,SAAO;AACT;AAEA,SAAS,gBAAgB,SAAiB,UAAyB;AACjE,QAAM,cAAc,WAAW,WAAW,mBAAmB,QAAQ,CAAC,KAAK;AAC3E,QAAM,WAAW,aAAa,SAAS,GAAG,OAAO,SAAS,WAAW,EAAE;AACvE,mBAAiB,QAAQ;AACzB,MAAI,UAAU;AACZ,aAAS,QAAQ,IAAI,mBAAmB,UAAU;AAAA,MAChD,UAAU;AAAA,MACV,UAAU;AAAA,MACV,QAAQ,QAAQ,IAAI,aAAa;AAAA,MACjC,MAAM;AAAA,MACN,QAAQ,KAAK,KAAK,KAAK;AAAA,IACzB,CAAC;AAAA,EACH;AACA,SAAO;AACT;AAEA,eAAsB,IAAI,KAAc;AACtC,QAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,QAAM,UAAU,QAAQ,IAAI,WAAW,GAAG,IAAI,QAAQ,KAAK,IAAI,IAAI;AACnE,QAAM,QAAQ,IAAI,aAAa,IAAI,OAAO,KAAK;AAC/C,QAAM,SAAS,uBAAuB,UAAU,EAAE,MAAM,CAAC;AACzD,MAAI,CAAC,OAAO,SAAS;AACnB,WAAO,mBAAmB,SAAS,SAAS;AAAA,EAC9C;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,KAAM,UAAU,QAAQ,IAAI;AAClC,QAAM,UAAU,IAAI,kBAAkB,EAAE;AACxC,QAAM,UAAU,MAAM,QAAQ,YAAY,OAAO,KAAK,KAAK;AAC3D,MAAI,CAAC,SAAS;AACZ,WAAO,mBAAmB,SAAS,SAAS;AAAA,EAC9C;AACA,MAAI,QAAQ,aAAa,oBAAI,KAAK,KAAK,QAAQ,WAAW,aAAa;AACrE,WAAO,mBAAmB,SAAS,SAAS;AAAA,EAC9C;AACA,MAAI,QAAQ,WAAW,eAAe,QAAQ,UAAU;AACtD,WAAO,gBAAgB,SAAS,QAAQ,QAAQ;AAAA,EAClD;AACA,QAAM,eAAe,KAAK,KAAK;AAC/B,QAAM,sBAAsB,QAAQ,qBAAqB,QAAQ,KAAK;AACtE,QAAM,kBAAkB,QAAQ,WAAW,gBAAgB,sBAAsB,KAAK,IAAI,IAAI;AAC9F,MAAI,iBAAiB;AACnB,WAAO,gBAAgB,SAAS,QAAQ,YAAY,IAAI;AAAA,EAC1D;AACA,MAAI,QAAQ,WAAW,gBAAgB,CAAC,iBAAiB;AACvD,UAAM,QAAQ,gBAAgB,OAAO;AAAA,EACvC;AACA,MAAI,QAAQ,WAAW,WAAW;AAChC,WAAO,mBAAmB,SAAS,SAAS;AAAA,EAC9C;AACA,QAAM,QAAQ,gBAAgB,SAAS,oBAAI,KAAK,CAAC;AACjD,MAAI,CAAC,QAAQ,cAAc;AACzB,YAAQ,MAAM,yDAAyD,QAAQ,EAAE;AACjF,UAAM,QAAQ,gBAAgB,OAAO;AACrC,WAAO,mBAAmB,SAAS,OAAO;AAAA,EAC5C;AAEA,MAAI,WAA0B;AAC9B,MAAI,iBAAgC;AACpC,MAAI,SAAwB;AAE5B,MAAI;AACF,UAAM,cAAc,MAAM,mBAAmB,IAAI;AAAA,MAC/C,SAAS,QAAQ;AAAA,MACjB,qBAAqB;AAAA,MACrB,kBAAkB;AAAA,MAClB,kBAAkB,CAAC,OAAO;AAAA,MAC1B,uBAAuB;AAAA,MACvB,aAAa;AAAA,QACX,OAAO,QAAQ;AAAA,QACf,WAAW,QAAQ;AAAA,QACnB,UAAU,QAAQ;AAAA,QAClB,aAAa,GAAG,QAAQ,SAAS,IAAI,QAAQ,QAAQ,GAAG,KAAK;AAAA,QAC7D,gBAAgB,QAAQ;AAAA,QACxB,SAAS;AAAA,MACX;AAAA,MACA,SAAS,WAAW;AAAA,IACtB,CAAC;AAED,eAAW,OAAO,YAAY,QAAQ;AACtC,qBAAiB,OAAO,YAAY,cAAc;AAElD,UAAM,mBAAmB,YAAY,MAAM,KAAK,CAAC,UAAU,MAAM,KAAK,UAAU,QAAQ,KAAK;AAC7F,QAAI,CAAC,iBAAkB,OAAM,IAAI,MAAM,kBAAkB;AACzD,UAAM,OAAO,iBAAiB;AAC9B,UAAM,iBAAiB,OAAO,KAAK,EAAE;AACrC,aAAS;AACT,UAAM,QAAQ,sBAAsB,SAAS,EAAE,UAAU,gBAAgB,QAAQ,eAAe,CAAC;AAGjG,UAAM,UAAU,WAAW;AAC3B,eAAW,OAAO,SAAS;AACzB,UAAI,IAAI,OAAO,cAAc;AAC3B,cAAM,IAAI,MAAM,aAAa,EAAE,IAAI,UAAU,gBAAgB,UAAU,CAAC;AAAA,MAC1E;AAAA,IACF;AACA,eAAW,OAAO,SAAS;AACzB,UAAI,IAAI,OAAO,cAAc;AAC3B,cAAM,IAAI,MAAM,aAAa,EAAE,IAAI,UAAU,gBAAgB,UAAU,CAAC;AAAA,MAC1E;AAAA,IACF;AACA,QAAI,UAAU;AACZ,UAAI,gBAA2C;AAC/C,UAAI;AACF,wBAAgB,UAAU,QAA4B,oBAAoB;AAAA,MAC5E,QAAQ;AACN,wBAAgB;AAAA,MAClB;AACA,YAAM,sBAAsB,oBAAI,IAAY;AAC5C,UAAI;AACF,cAAM,cAAc,aAAa;AACjC,cAAM,YAAY,uBAAuB,WAAW;AACpD,mBAAW,cAAc,WAAW;AAClC,cAAI;AACF,kBAAM,gBAAgB,IAAI,EAAE,YAAY,SAAS,CAAC;AAAA,UACpD,SAAS,OAAO;AACd,oBAAQ,MAAM,yDAAyD,EAAE,YAAY,UAAU,MAAM,CAAC;AAAA,UACxG;AACA,cAAI;AACF,kBAAM,cAAc,IAAI;AAAA,cACtB;AAAA,cACA;AAAA,cACA,OAAO;AAAA,cACP,qBAAqB;AAAA,cACrB,eAAe;AAAA,YACjB,CAAC;AAAA,UACH,SAAS,OAAO;AACd,oBAAQ,MAAM,gDAAgD,EAAE,YAAY,UAAU,MAAM,CAAC;AAAA,UAC/F;AACA,8BAAoB,IAAI,GAAG,UAAU,IAAI,QAAQ,WAAW;AAC5D,cAAI,eAAgB,qBAAoB,IAAI,GAAG,UAAU,IAAI,QAAQ,IAAI,cAAc,EAAE;AAAA,QAC3F;AAAA,MACF,SAAS,OAAO;AACd,gBAAQ,MAAM,uDAAuD,EAAE,UAAU,MAAM,CAAC;AAAA,MAC1F;AAEA,UAAI,eAAe;AACjB,YAAI;AACF,gBAAM,cAAc,WAAW,EAAE,UAAU,gBAAgB,YAAY,KAAK,CAAC;AAAA,QAC/E,SAAS,OAAO;AACd,kBAAQ,MAAM,wDAAwD,EAAE,UAAU,gBAAgB,MAAM,CAAC;AAAA,QAC3G;AAAA,MACF;AAEA,UAAI,oBAAoB,MAAM;AAC5B,mBAAW,SAAS,qBAAqB;AACvC,gBAAM,CAAC,YAAY,WAAW,MAAM,IAAI,MAAM,MAAM,GAAG;AACvD,gBAAM,WAAW,WAAW,aAAa,OAAO;AAChD,cAAI;AACF,kBAAM;AAAA,cACJ;AAAA,cACA;AAAA,gBACE;AAAA,gBACA,UAAU;AAAA,gBACV,gBAAgB;AAAA,gBAChB,aAAa;AAAA,cACf;AAAA,YACF;AAAA,UACF,SAAS,OAAO;AACd,oBAAQ,MAAM,2DAA2D;AAAA,cACvE;AAAA,cACA,UAAU;AAAA,cACV,gBAAgB;AAAA,cAChB;AAAA,YACF,CAAC;AAAA,UACH;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAEA,UAAM,QAAQ,cAAc,SAAS,EAAE,UAAU,gBAAgB,QAAQ,eAAe,CAAC;AACzF,WAAO,gBAAgB,SAAS,QAAQ;AAAA,EAC1C,SAAS,OAAO;AACd,QAAI,iBAAiB,SAAS,MAAM,YAAY,eAAe;AAC7D,YAAM,QAAQ,gBAAgB,OAAO;AACrC,aAAO,mBAAmB,SAAS,gBAAgB;AAAA,IACrD;AACA,YAAQ,MAAM,8BAA8B,KAAK;AACjD,UAAM,QAAQ,gBAAgB,OAAO;AACrC,WAAO,mBAAmB,SAAS,OAAO;AAAA,EAC5C;AACF;AAEA,IAAO,iBAAQ;AAEf,MAAM,gBAAgB;AAEtB,MAAM,8BAA8B,EAAE,OAAO;AAAA,EAC3C,OAAO,uBAAuB,MAAM;AACtC,CAAC;AAED,MAAM,sBAAwC;AAAA,EAC5C,SAAS;AAAA,EACT,aAAa;AAAA,EACb,MAAM,CAAC,aAAa;AAAA,EACpB,OAAO;AAAA,EACP,WAAW;AAAA,IACT,EAAE,QAAQ,KAAK,aAAa,qCAAqC;AAAA,EACnE;AACF;AAEO,MAAM,UAA2B;AAAA,EACtC,KAAK;AAAA,EACL,SAAS;AAAA,EACT,SAAS;AAAA,IACP,KAAK;AAAA,EACP;AACF;",
   "names": []
 }

package/dist/modules/onboarding/api/post/onboarding.js CHANGED Viewed

@@ -12,6 +12,7 @@ import AdminNotificationEmail from "@open-mercato/onboarding/modules/onboarding/
 import { User } from "@open-mercato/core/modules/auth/data/entities";
 import { formatPasswordRequirements, getPasswordPolicy } from "@open-mercato/shared/lib/auth/passwordPolicy";
 const metadata = {
+  path: "/onboarding/onboarding",
   POST: {
     requireAuth: false
   }

package/dist/modules/onboarding/api/post/onboarding.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../src/modules/onboarding/api/post/onboarding.ts"],
-  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { loadDictionary } from '@open-mercato/shared/lib/i18n/server'\nimport { defaultLocale, locales, type Locale } from '@open-mercato/shared/lib/i18n/config'\nimport { createFallbackTranslator } from '@open-mercato/shared/lib/i18n/translate'\nimport { sendEmail } from '@open-mercato/shared/lib/email/send'\nimport { onboardingStartSchema } from '@open-mercato/onboarding/modules/onboarding/data/validators'\nimport { OnboardingService } from '@open-mercato/onboarding/modules/onboarding/lib/service'\nimport VerificationEmail from '@open-mercato/onboarding/modules/onboarding/emails/VerificationEmail'\nimport AdminNotificationEmail from '@open-mercato/onboarding/modules/onboarding/emails/AdminNotificationEmail'\nimport { User } from '@open-mercato/core/modules/auth/data/entities'\nimport type { OpenApiMethodDoc, OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'\nimport { formatPasswordRequirements, getPasswordPolicy } from '@open-mercato/shared/lib/auth/passwordPolicy'\n\nexport const metadata = {\n  POST: {\n    requireAuth: false,\n  },\n}\n\nexport async function POST(req: Request) {\n  if (process.env.SELF_SERVICE_ONBOARDING_ENABLED !== 'true') {\n    return NextResponse.json({ ok: false, error: 'Self-service onboarding is disabled.' }, { status: 404 })\n  }\n  let payload: unknown\n  try {\n    payload = await req.json()\n  } catch {\n    return NextResponse.json({ ok: false, error: 'Invalid payload' }, { status: 400 })\n  }\n\n  const rawLocale =\n    payload && typeof payload === 'object' && 'locale' in payload && typeof (payload as any).locale === 'string'\n      ? (payload as any).locale as string\n      : null\n  const locale: Locale = rawLocale && locales.includes(rawLocale as Locale)\n    ? (rawLocale as Locale)\n    : defaultLocale\n  const dict = await loadDictionary(locale)\n  const translate = createFallbackTranslator(dict)\n  const passwordRequirements = formatPasswordRequirements(\n    getPasswordPolicy(),\n    translate,\n    'onboarding.password.requirements',\n  )\n\n  const parsed = onboardingStartSchema.safeParse(payload)\n  if (!parsed.success) {\n    const fieldErrors: Record<string, string> = {}\n    for (const issue of parsed.error.issues) {\n      const path = issue.path[0]\n      if (!path) continue\n      switch (path) {\n        case 'email':\n          fieldErrors.email = translate('onboarding.errors.emailInvalid', 'Enter a valid work email.')\n          break\n        case 'firstName':\n          fieldErrors.firstName = translate('onboarding.errors.firstNameRequired', 'First name is required.')\n          break\n        case 'lastName':\n          fieldErrors.lastName = translate('onboarding.errors.lastNameRequired', 'Last name is required.')\n          break\n        case 'organizationName':\n          fieldErrors.organizationName = translate('onboarding.errors.organizationNameRequired', 'Organization name is required.')\n          break\n        case 'password':\n          fieldErrors.password = translate(\n            'onboarding.errors.passwordRequired',\n            'Password must meet the requirements: {requirements}.',\n            { requirements: passwordRequirements },\n          )\n          break\n        case 'confirmPassword':\n          fieldErrors.confirmPassword = translate('onboarding.errors.passwordMismatch', 'Passwords must match.')\n          break\n        case 'termsAccepted':\n          fieldErrors.termsAccepted = translate('onboarding.form.termsRequired', 'Please accept the terms to continue.')\n          break\n        default:\n          break\n      }\n    }\n    return NextResponse.json({\n      ok: false,\n      error: translate('onboarding.form.genericError', 'Please check the form and try again.'),\n      fieldErrors,\n    }, { status: 400 })\n  }\n\n  try {\n    const container = await createRequestContainer()\n    const em = (container.resolve('em') as EntityManager)\n\n    const existingUser = await em.findOne(User, { email: parsed.data.email })\n    if (existingUser) {\n      const message = translate('onboarding.errors.emailExists', 'We already have an account with this email. Try signing in or resetting your password.')\n      return NextResponse.json({\n        ok: false,\n        error: message,\n        fieldErrors: { email: message },\n      }, { status: 409 })\n    }\n\n    const service = new OnboardingService(em)\n    let request, token\n    try {\n      const result = await service.createOrUpdateRequest(parsed.data)\n      request = result.request\n      token = result.token\n    } catch (err) {\n      if (err instanceof Error && err.message.startsWith('PENDING_REQUEST:')) {\n        const minutes = Number(err.message.split(':')[1] || '10')\n        const message = translate('onboarding.errors.pendingRequest', 'We already have a pending verification. Please try again in about {minutes} minutes or contact the administrator.', { minutes })\n        return NextResponse.json({\n          ok: false,\n          error: message,\n          fieldErrors: { email: message },\n        }, { status: 409 })\n      }\n      throw err\n    }\n\n    const url = new URL(req.url)\n    const baseUrl = process.env.APP_URL || `${url.protocol}//${url.host}`\n    const verifyUrl = `${baseUrl}/api/onboarding/onboarding/verify?token=${token}`\n\n    const firstName = request.firstName || parsed.data.firstName\n    const subject = translate('onboarding.email.subject', 'Confirm your email to finish onboarding')\n    const emailCopy = {\n      preview: translate('onboarding.email.preview', 'Confirm your email to activate your Open Mercato workspace'),\n      heading: translate('onboarding.email.heading', 'Welcome to Open Mercato'),\n      greeting: translate('onboarding.email.greeting', 'Hi {firstName},', { firstName }),\n      body: translate(\n        'onboarding.email.body',\n        'We just need to confirm your email address to finish setting up the organization {organizationName}.',\n        { organizationName: request.organizationName },\n      ),\n      cta: translate('onboarding.email.cta', 'Confirm email & activate workspace'),\n      expiry: translate(\n        'onboarding.email.expiry',\n        \"The link will expire in 24 hours. If you didn't request this, you can safely ignore this message.\",\n      ),\n      footer: translate('onboarding.email.footer', 'Open Mercato \u00B7 Tenant onboarding service'),\n    }\n    const emailReact = VerificationEmail({ verifyUrl, copy: emailCopy })\n    try {\n      await sendEmail({ to: request.email, subject, react: emailReact })\n    } catch (err) {\n      request.lastEmailSentAt = null\n      await em.flush()\n      console.error('[onboarding.start] verification email failed', err)\n      return NextResponse.json({\n        ok: false,\n        error: translate(\n          'onboarding.errors.emailSendFailed',\n          'We could not send the verification email. Please try again or contact support.',\n        ),\n      }, { status: 502 })\n    }\n\n    const adminEmail = process.env.ADMIN_EMAIL || 'piotr@catchthetornado.com'\n    const adminSubject = translate('onboarding.email.adminSubject', 'New self-service onboarding request')\n    const adminCopy = {\n      preview: translate('onboarding.email.adminPreview', 'New onboarding request submitted'),\n      heading: translate('onboarding.email.adminHeading', 'New onboarding request'),\n      body: translate('onboarding.email.adminBody', '{firstName} {lastName} ({email}) submitted an onboarding request for {organizationName}.', {\n        firstName: request.firstName,\n        lastName: request.lastName,\n        email: request.email,\n        organizationName: request.organizationName,\n      }),\n      footer: translate('onboarding.email.adminFooter', 'You can review the tenant after verification is complete.'),\n    }\n    try {\n      await sendEmail({\n        to: adminEmail,\n        subject: adminSubject,\n        react: AdminNotificationEmail({ copy: adminCopy }),\n      })\n    } catch (err) {\n      console.error('[onboarding.start] admin email failed', err)\n    }\n\n    return NextResponse.json({ ok: true, email: request.email })\n  } catch (error) {\n    console.error('[onboarding.start] failed', error)\n    return NextResponse.json({\n      ok: false,\n      error: translate('onboarding.form.genericError', 'Something went wrong. Please try again later.'),\n    }, { status: 500 })\n  }\n}\n\nexport default POST\n\nconst onboardingTag = 'Onboarding'\n\nconst onboardingSuccessSchema = z.object({\n  ok: z.literal(true),\n  email: z.string().email(),\n})\n\nconst onboardingErrorSchema = z.object({\n  ok: z.literal(false),\n  error: z.string(),\n  fieldErrors: z.record(z.string(), z.string()).optional(),\n})\n\nconst onboardingPostDoc: OpenApiMethodDoc = {\n  summary: 'Submit onboarding request',\n  description: 'Accepts a self-service onboarding form submission and triggers email verification.',\n  tags: [onboardingTag],\n  requestBody: {\n    contentType: 'application/json',\n    schema: onboardingStartSchema,\n    description: 'Onboarding form payload with contact and organization information.',\n  },\n  responses: [\n    { status: 200, description: 'Onboarding request accepted.', schema: onboardingSuccessSchema },\n  ],\n  errors: [\n    { status: 400, description: 'Validation failed', schema: onboardingErrorSchema },\n    { status: 404, description: 'Self-service onboarding disabled', schema: onboardingErrorSchema },\n    { status: 409, description: 'Existing account or pending request', schema: onboardingErrorSchema },\n    { status: 500, description: 'Unexpected server error', schema: onboardingErrorSchema },\n  ],\n}\n\nexport const openApi: OpenApiRouteDoc = {\n  tag: onboardingTag,\n  summary: 'Self-service onboarding submission',\n  methods: {\n    POST: onboardingPostDoc,\n  },\n}\n"],
-  "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,8BAA8B;AACvC,SAAS,sBAAsB;AAC/B,SAAS,eAAe,eAA4B;AACpD,SAAS,gCAAgC;AACzC,SAAS,iBAAiB;AAC1B,SAAS,6BAA6B;AACtC,SAAS,yBAAyB;AAClC,OAAO,uBAAuB;AAC9B,OAAO,4BAA4B;AACnC,SAAS,YAAY;AAErB,SAAS,4BAA4B,yBAAyB;AAEvD,MAAM,WAAW;AAAA,EACtB,MAAM;AAAA,IACJ,aAAa;AAAA,EACf;AACF;AAEA,eAAsB,KAAK,KAAc;AACvC,MAAI,QAAQ,IAAI,oCAAoC,QAAQ;AAC1D,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,uCAAuC,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACxG;AACA,MAAI;AACJ,MAAI;AACF,cAAU,MAAM,IAAI,KAAK;AAAA,EAC3B,QAAQ;AACN,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,kBAAkB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACnF;AAEA,QAAM,YACJ,WAAW,OAAO,YAAY,YAAY,YAAY,WAAW,OAAQ,QAAgB,WAAW,WAC/F,QAAgB,SACjB;AACN,QAAM,SAAiB,aAAa,QAAQ,SAAS,SAAmB,IACnE,YACD;AACJ,QAAM,OAAO,MAAM,eAAe,MAAM;AACxC,QAAM,YAAY,yBAAyB,IAAI;AAC/C,QAAM,uBAAuB;AAAA,IAC3B,kBAAkB;AAAA,IAClB;AAAA,IACA;AAAA,EACF;AAEA,QAAM,SAAS,sBAAsB,UAAU,OAAO;AACtD,MAAI,CAAC,OAAO,SAAS;AACnB,UAAM,cAAsC,CAAC;AAC7C,eAAW,SAAS,OAAO,MAAM,QAAQ;AACvC,YAAM,OAAO,MAAM,KAAK,CAAC;AACzB,UAAI,CAAC,KAAM;AACX,cAAQ,MAAM;AAAA,QACZ,KAAK;AACH,sBAAY,QAAQ,UAAU,kCAAkC,2BAA2B;AAC3F;AAAA,QACF,KAAK;AACH,sBAAY,YAAY,UAAU,uCAAuC,yBAAyB;AAClG;AAAA,QACF,KAAK;AACH,sBAAY,WAAW,UAAU,sCAAsC,wBAAwB;AAC/F;AAAA,QACF,KAAK;AACH,sBAAY,mBAAmB,UAAU,8CAA8C,gCAAgC;AACvH;AAAA,QACF,KAAK;AACH,sBAAY,WAAW;AAAA,YACrB;AAAA,YACA;AAAA,YACA,EAAE,cAAc,qBAAqB;AAAA,UACvC;AACA;AAAA,QACF,KAAK;AACH,sBAAY,kBAAkB,UAAU,sCAAsC,uBAAuB;AACrG;AAAA,QACF,KAAK;AACH,sBAAY,gBAAgB,UAAU,iCAAiC,sCAAsC;AAC7G;AAAA,QACF;AACE;AAAA,MACJ;AAAA,IACF;AACA,WAAO,aAAa,KAAK;AAAA,MACvB,IAAI;AAAA,MACJ,OAAO,UAAU,gCAAgC,sCAAsC;AAAA,MACvF;AAAA,IACF,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACpB;AAEA,MAAI;AACF,UAAM,YAAY,MAAM,uBAAuB;AAC/C,UAAM,KAAM,UAAU,QAAQ,IAAI;AAElC,UAAM,eAAe,MAAM,GAAG,QAAQ,MAAM,EAAE,OAAO,OAAO,KAAK,MAAM,CAAC;AACxE,QAAI,cAAc;AAChB,YAAM,UAAU,UAAU,iCAAiC,wFAAwF;AACnJ,aAAO,aAAa,KAAK;AAAA,QACvB,IAAI;AAAA,QACJ,OAAO;AAAA,QACP,aAAa,EAAE,OAAO,QAAQ;AAAA,MAChC,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,IACpB;AAEA,UAAM,UAAU,IAAI,kBAAkB,EAAE;AACxC,QAAI,SAAS;AACb,QAAI;AACF,YAAM,SAAS,MAAM,QAAQ,sBAAsB,OAAO,IAAI;AAC9D,gBAAU,OAAO;AACjB,cAAQ,OAAO;AAAA,IACjB,SAAS,KAAK;AACZ,UAAI,eAAe,SAAS,IAAI,QAAQ,WAAW,kBAAkB,GAAG;AACtE,cAAM,UAAU,OAAO,IAAI,QAAQ,MAAM,GAAG,EAAE,CAAC,KAAK,IAAI;AACxD,cAAM,UAAU,UAAU,oCAAoC,qHAAqH,EAAE,QAAQ,CAAC;AAC9L,eAAO,aAAa,KAAK;AAAA,UACvB,IAAI;AAAA,UACJ,OAAO;AAAA,UACP,aAAa,EAAE,OAAO,QAAQ;AAAA,QAChC,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,MACpB;AACA,YAAM;AAAA,IACR;AAEA,UAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,UAAM,UAAU,QAAQ,IAAI,WAAW,GAAG,IAAI,QAAQ,KAAK,IAAI,IAAI;AACnE,UAAM,YAAY,GAAG,OAAO,2CAA2C,KAAK;AAE5E,UAAM,YAAY,QAAQ,aAAa,OAAO,KAAK;AACnD,UAAM,UAAU,UAAU,4BAA4B,yCAAyC;AAC/F,UAAM,YAAY;AAAA,MAChB,SAAS,UAAU,4BAA4B,4DAA4D;AAAA,MAC3G,SAAS,UAAU,4BAA4B,yBAAyB;AAAA,MACxE,UAAU,UAAU,6BAA6B,mBAAmB,EAAE,UAAU,CAAC;AAAA,MACjF,MAAM;AAAA,QACJ;AAAA,QACA;AAAA,QACA,EAAE,kBAAkB,QAAQ,iBAAiB;AAAA,MAC/C;AAAA,MACA,KAAK,UAAU,wBAAwB,oCAAoC;AAAA,MAC3E,QAAQ;AAAA,QACN;AAAA,QACA;AAAA,MACF;AAAA,MACA,QAAQ,UAAU,2BAA2B,6CAA0C;AAAA,IACzF;AACA,UAAM,aAAa,kBAAkB,EAAE,WAAW,MAAM,UAAU,CAAC;AACnE,QAAI;AACF,YAAM,UAAU,EAAE,IAAI,QAAQ,OAAO,SAAS,OAAO,WAAW,CAAC;AAAA,IACnE,SAAS,KAAK;AACZ,cAAQ,kBAAkB;AAC1B,YAAM,GAAG,MAAM;AACf,cAAQ,MAAM,gDAAgD,GAAG;AACjE,aAAO,aAAa,KAAK;AAAA,QACvB,IAAI;AAAA,QACJ,OAAO;AAAA,UACL;AAAA,UACA;AAAA,QACF;AAAA,MACF,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,IACpB;AAEA,UAAM,aAAa,QAAQ,IAAI,eAAe;AAC9C,UAAM,eAAe,UAAU,iCAAiC,qCAAqC;AACrG,UAAM,YAAY;AAAA,MAChB,SAAS,UAAU,iCAAiC,kCAAkC;AAAA,MACtF,SAAS,UAAU,iCAAiC,wBAAwB;AAAA,MAC5E,MAAM,UAAU,8BAA8B,4FAA4F;AAAA,QACxI,WAAW,QAAQ;AAAA,QACnB,UAAU,QAAQ;AAAA,QAClB,OAAO,QAAQ;AAAA,QACf,kBAAkB,QAAQ;AAAA,MAC5B,CAAC;AAAA,MACD,QAAQ,UAAU,gCAAgC,2DAA2D;AAAA,IAC/G;AACA,QAAI;AACF,YAAM,UAAU;AAAA,QACd,IAAI;AAAA,QACJ,SAAS;AAAA,QACT,OAAO,uBAAuB,EAAE,MAAM,UAAU,CAAC;AAAA,MACnD,CAAC;AAAA,IACH,SAAS,KAAK;AACZ,cAAQ,MAAM,yCAAyC,GAAG;AAAA,IAC5D;AAEA,WAAO,aAAa,KAAK,EAAE,IAAI,MAAM,OAAO,QAAQ,MAAM,CAAC;AAAA,EAC7D,SAAS,OAAO;AACd,YAAQ,MAAM,6BAA6B,KAAK;AAChD,WAAO,aAAa,KAAK;AAAA,MACvB,IAAI;AAAA,MACJ,OAAO,UAAU,gCAAgC,+CAA+C;AAAA,IAClG,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACpB;AACF;AAEA,IAAO,qBAAQ;AAEf,MAAM,gBAAgB;AAEtB,MAAM,0BAA0B,EAAE,OAAO;AAAA,EACvC,IAAI,EAAE,QAAQ,IAAI;AAAA,EAClB,OAAO,EAAE,OAAO,EAAE,MAAM;AAC1B,CAAC;AAED,MAAM,wBAAwB,EAAE,OAAO;AAAA,EACrC,IAAI,EAAE,QAAQ,KAAK;AAAA,EACnB,OAAO,EAAE,OAAO;AAAA,EAChB,aAAa,EAAE,OAAO,EAAE,OAAO,GAAG,EAAE,OAAO,CAAC,EAAE,SAAS;AACzD,CAAC;AAED,MAAM,oBAAsC;AAAA,EAC1C,SAAS;AAAA,EACT,aAAa;AAAA,EACb,MAAM,CAAC,aAAa;AAAA,EACpB,aAAa;AAAA,IACX,aAAa;AAAA,IACb,QAAQ;AAAA,IACR,aAAa;AAAA,EACf;AAAA,EACA,WAAW;AAAA,IACT,EAAE,QAAQ,KAAK,aAAa,gCAAgC,QAAQ,wBAAwB;AAAA,EAC9F;AAAA,EACA,QAAQ;AAAA,IACN,EAAE,QAAQ,KAAK,aAAa,qBAAqB,QAAQ,sBAAsB;AAAA,IAC/E,EAAE,QAAQ,KAAK,aAAa,oCAAoC,QAAQ,sBAAsB;AAAA,IAC9F,EAAE,QAAQ,KAAK,aAAa,uCAAuC,QAAQ,sBAAsB;AAAA,IACjG,EAAE,QAAQ,KAAK,aAAa,2BAA2B,QAAQ,sBAAsB;AAAA,EACvF;AACF;AAEO,MAAM,UAA2B;AAAA,EACtC,KAAK;AAAA,EACL,SAAS;AAAA,EACT,SAAS;AAAA,IACP,MAAM;AAAA,EACR;AACF;",
+  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { loadDictionary } from '@open-mercato/shared/lib/i18n/server'\nimport { defaultLocale, locales, type Locale } from '@open-mercato/shared/lib/i18n/config'\nimport { createFallbackTranslator } from '@open-mercato/shared/lib/i18n/translate'\nimport { sendEmail } from '@open-mercato/shared/lib/email/send'\nimport { onboardingStartSchema } from '@open-mercato/onboarding/modules/onboarding/data/validators'\nimport { OnboardingService } from '@open-mercato/onboarding/modules/onboarding/lib/service'\nimport VerificationEmail from '@open-mercato/onboarding/modules/onboarding/emails/VerificationEmail'\nimport AdminNotificationEmail from '@open-mercato/onboarding/modules/onboarding/emails/AdminNotificationEmail'\nimport { User } from '@open-mercato/core/modules/auth/data/entities'\nimport type { OpenApiMethodDoc, OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'\nimport { formatPasswordRequirements, getPasswordPolicy } from '@open-mercato/shared/lib/auth/passwordPolicy'\n\nexport const metadata = {\n  path: '/onboarding/onboarding',\n  POST: {\n    requireAuth: false,\n  },\n}\n\nexport async function POST(req: Request) {\n  if (process.env.SELF_SERVICE_ONBOARDING_ENABLED !== 'true') {\n    return NextResponse.json({ ok: false, error: 'Self-service onboarding is disabled.' }, { status: 404 })\n  }\n  let payload: unknown\n  try {\n    payload = await req.json()\n  } catch {\n    return NextResponse.json({ ok: false, error: 'Invalid payload' }, { status: 400 })\n  }\n\n  const rawLocale =\n    payload && typeof payload === 'object' && 'locale' in payload && typeof (payload as any).locale === 'string'\n      ? (payload as any).locale as string\n      : null\n  const locale: Locale = rawLocale && locales.includes(rawLocale as Locale)\n    ? (rawLocale as Locale)\n    : defaultLocale\n  const dict = await loadDictionary(locale)\n  const translate = createFallbackTranslator(dict)\n  const passwordRequirements = formatPasswordRequirements(\n    getPasswordPolicy(),\n    translate,\n    'onboarding.password.requirements',\n  )\n\n  const parsed = onboardingStartSchema.safeParse(payload)\n  if (!parsed.success) {\n    const fieldErrors: Record<string, string> = {}\n    for (const issue of parsed.error.issues) {\n      const path = issue.path[0]\n      if (!path) continue\n      switch (path) {\n        case 'email':\n          fieldErrors.email = translate('onboarding.errors.emailInvalid', 'Enter a valid work email.')\n          break\n        case 'firstName':\n          fieldErrors.firstName = translate('onboarding.errors.firstNameRequired', 'First name is required.')\n          break\n        case 'lastName':\n          fieldErrors.lastName = translate('onboarding.errors.lastNameRequired', 'Last name is required.')\n          break\n        case 'organizationName':\n          fieldErrors.organizationName = translate('onboarding.errors.organizationNameRequired', 'Organization name is required.')\n          break\n        case 'password':\n          fieldErrors.password = translate(\n            'onboarding.errors.passwordRequired',\n            'Password must meet the requirements: {requirements}.',\n            { requirements: passwordRequirements },\n          )\n          break\n        case 'confirmPassword':\n          fieldErrors.confirmPassword = translate('onboarding.errors.passwordMismatch', 'Passwords must match.')\n          break\n        case 'termsAccepted':\n          fieldErrors.termsAccepted = translate('onboarding.form.termsRequired', 'Please accept the terms to continue.')\n          break\n        default:\n          break\n      }\n    }\n    return NextResponse.json({\n      ok: false,\n      error: translate('onboarding.form.genericError', 'Please check the form and try again.'),\n      fieldErrors,\n    }, { status: 400 })\n  }\n\n  try {\n    const container = await createRequestContainer()\n    const em = (container.resolve('em') as EntityManager)\n\n    const existingUser = await em.findOne(User, { email: parsed.data.email })\n    if (existingUser) {\n      const message = translate('onboarding.errors.emailExists', 'We already have an account with this email. Try signing in or resetting your password.')\n      return NextResponse.json({\n        ok: false,\n        error: message,\n        fieldErrors: { email: message },\n      }, { status: 409 })\n    }\n\n    const service = new OnboardingService(em)\n    let request, token\n    try {\n      const result = await service.createOrUpdateRequest(parsed.data)\n      request = result.request\n      token = result.token\n    } catch (err) {\n      if (err instanceof Error && err.message.startsWith('PENDING_REQUEST:')) {\n        const minutes = Number(err.message.split(':')[1] || '10')\n        const message = translate('onboarding.errors.pendingRequest', 'We already have a pending verification. Please try again in about {minutes} minutes or contact the administrator.', { minutes })\n        return NextResponse.json({\n          ok: false,\n          error: message,\n          fieldErrors: { email: message },\n        }, { status: 409 })\n      }\n      throw err\n    }\n\n    const url = new URL(req.url)\n    const baseUrl = process.env.APP_URL || `${url.protocol}//${url.host}`\n    const verifyUrl = `${baseUrl}/api/onboarding/onboarding/verify?token=${token}`\n\n    const firstName = request.firstName || parsed.data.firstName\n    const subject = translate('onboarding.email.subject', 'Confirm your email to finish onboarding')\n    const emailCopy = {\n      preview: translate('onboarding.email.preview', 'Confirm your email to activate your Open Mercato workspace'),\n      heading: translate('onboarding.email.heading', 'Welcome to Open Mercato'),\n      greeting: translate('onboarding.email.greeting', 'Hi {firstName},', { firstName }),\n      body: translate(\n        'onboarding.email.body',\n        'We just need to confirm your email address to finish setting up the organization {organizationName}.',\n        { organizationName: request.organizationName },\n      ),\n      cta: translate('onboarding.email.cta', 'Confirm email & activate workspace'),\n      expiry: translate(\n        'onboarding.email.expiry',\n        \"The link will expire in 24 hours. If you didn't request this, you can safely ignore this message.\",\n      ),\n      footer: translate('onboarding.email.footer', 'Open Mercato \u00B7 Tenant onboarding service'),\n    }\n    const emailReact = VerificationEmail({ verifyUrl, copy: emailCopy })\n    try {\n      await sendEmail({ to: request.email, subject, react: emailReact })\n    } catch (err) {\n      request.lastEmailSentAt = null\n      await em.flush()\n      console.error('[onboarding.start] verification email failed', err)\n      return NextResponse.json({\n        ok: false,\n        error: translate(\n          'onboarding.errors.emailSendFailed',\n          'We could not send the verification email. Please try again or contact support.',\n        ),\n      }, { status: 502 })\n    }\n\n    const adminEmail = process.env.ADMIN_EMAIL || 'piotr@catchthetornado.com'\n    const adminSubject = translate('onboarding.email.adminSubject', 'New self-service onboarding request')\n    const adminCopy = {\n      preview: translate('onboarding.email.adminPreview', 'New onboarding request submitted'),\n      heading: translate('onboarding.email.adminHeading', 'New onboarding request'),\n      body: translate('onboarding.email.adminBody', '{firstName} {lastName} ({email}) submitted an onboarding request for {organizationName}.', {\n        firstName: request.firstName,\n        lastName: request.lastName,\n        email: request.email,\n        organizationName: request.organizationName,\n      }),\n      footer: translate('onboarding.email.adminFooter', 'You can review the tenant after verification is complete.'),\n    }\n    try {\n      await sendEmail({\n        to: adminEmail,\n        subject: adminSubject,\n        react: AdminNotificationEmail({ copy: adminCopy }),\n      })\n    } catch (err) {\n      console.error('[onboarding.start] admin email failed', err)\n    }\n\n    return NextResponse.json({ ok: true, email: request.email })\n  } catch (error) {\n    console.error('[onboarding.start] failed', error)\n    return NextResponse.json({\n      ok: false,\n      error: translate('onboarding.form.genericError', 'Something went wrong. Please try again later.'),\n    }, { status: 500 })\n  }\n}\n\nexport default POST\n\nconst onboardingTag = 'Onboarding'\n\nconst onboardingSuccessSchema = z.object({\n  ok: z.literal(true),\n  email: z.string().email(),\n})\n\nconst onboardingErrorSchema = z.object({\n  ok: z.literal(false),\n  error: z.string(),\n  fieldErrors: z.record(z.string(), z.string()).optional(),\n})\n\nconst onboardingPostDoc: OpenApiMethodDoc = {\n  summary: 'Submit onboarding request',\n  description: 'Accepts a self-service onboarding form submission and triggers email verification.',\n  tags: [onboardingTag],\n  requestBody: {\n    contentType: 'application/json',\n    schema: onboardingStartSchema,\n    description: 'Onboarding form payload with contact and organization information.',\n  },\n  responses: [\n    { status: 200, description: 'Onboarding request accepted.', schema: onboardingSuccessSchema },\n  ],\n  errors: [\n    { status: 400, description: 'Validation failed', schema: onboardingErrorSchema },\n    { status: 404, description: 'Self-service onboarding disabled', schema: onboardingErrorSchema },\n    { status: 409, description: 'Existing account or pending request', schema: onboardingErrorSchema },\n    { status: 500, description: 'Unexpected server error', schema: onboardingErrorSchema },\n  ],\n}\n\nexport const openApi: OpenApiRouteDoc = {\n  tag: onboardingTag,\n  summary: 'Self-service onboarding submission',\n  methods: {\n    POST: onboardingPostDoc,\n  },\n}\n"],
+  "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,8BAA8B;AACvC,SAAS,sBAAsB;AAC/B,SAAS,eAAe,eAA4B;AACpD,SAAS,gCAAgC;AACzC,SAAS,iBAAiB;AAC1B,SAAS,6BAA6B;AACtC,SAAS,yBAAyB;AAClC,OAAO,uBAAuB;AAC9B,OAAO,4BAA4B;AACnC,SAAS,YAAY;AAErB,SAAS,4BAA4B,yBAAyB;AAEvD,MAAM,WAAW;AAAA,EACtB,MAAM;AAAA,EACN,MAAM;AAAA,IACJ,aAAa;AAAA,EACf;AACF;AAEA,eAAsB,KAAK,KAAc;AACvC,MAAI,QAAQ,IAAI,oCAAoC,QAAQ;AAC1D,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,uCAAuC,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACxG;AACA,MAAI;AACJ,MAAI;AACF,cAAU,MAAM,IAAI,KAAK;AAAA,EAC3B,QAAQ;AACN,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,kBAAkB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACnF;AAEA,QAAM,YACJ,WAAW,OAAO,YAAY,YAAY,YAAY,WAAW,OAAQ,QAAgB,WAAW,WAC/F,QAAgB,SACjB;AACN,QAAM,SAAiB,aAAa,QAAQ,SAAS,SAAmB,IACnE,YACD;AACJ,QAAM,OAAO,MAAM,eAAe,MAAM;AACxC,QAAM,YAAY,yBAAyB,IAAI;AAC/C,QAAM,uBAAuB;AAAA,IAC3B,kBAAkB;AAAA,IAClB;AAAA,IACA;AAAA,EACF;AAEA,QAAM,SAAS,sBAAsB,UAAU,OAAO;AACtD,MAAI,CAAC,OAAO,SAAS;AACnB,UAAM,cAAsC,CAAC;AAC7C,eAAW,SAAS,OAAO,MAAM,QAAQ;AACvC,YAAM,OAAO,MAAM,KAAK,CAAC;AACzB,UAAI,CAAC,KAAM;AACX,cAAQ,MAAM;AAAA,QACZ,KAAK;AACH,sBAAY,QAAQ,UAAU,kCAAkC,2BAA2B;AAC3F;AAAA,QACF,KAAK;AACH,sBAAY,YAAY,UAAU,uCAAuC,yBAAyB;AAClG;AAAA,QACF,KAAK;AACH,sBAAY,WAAW,UAAU,sCAAsC,wBAAwB;AAC/F;AAAA,QACF,KAAK;AACH,sBAAY,mBAAmB,UAAU,8CAA8C,gCAAgC;AACvH;AAAA,QACF,KAAK;AACH,sBAAY,WAAW;AAAA,YACrB;AAAA,YACA;AAAA,YACA,EAAE,cAAc,qBAAqB;AAAA,UACvC;AACA;AAAA,QACF,KAAK;AACH,sBAAY,kBAAkB,UAAU,sCAAsC,uBAAuB;AACrG;AAAA,QACF,KAAK;AACH,sBAAY,gBAAgB,UAAU,iCAAiC,sCAAsC;AAC7G;AAAA,QACF;AACE;AAAA,MACJ;AAAA,IACF;AACA,WAAO,aAAa,KAAK;AAAA,MACvB,IAAI;AAAA,MACJ,OAAO,UAAU,gCAAgC,sCAAsC;AAAA,MACvF;AAAA,IACF,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACpB;AAEA,MAAI;AACF,UAAM,YAAY,MAAM,uBAAuB;AAC/C,UAAM,KAAM,UAAU,QAAQ,IAAI;AAElC,UAAM,eAAe,MAAM,GAAG,QAAQ,MAAM,EAAE,OAAO,OAAO,KAAK,MAAM,CAAC;AACxE,QAAI,cAAc;AAChB,YAAM,UAAU,UAAU,iCAAiC,wFAAwF;AACnJ,aAAO,aAAa,KAAK;AAAA,QACvB,IAAI;AAAA,QACJ,OAAO;AAAA,QACP,aAAa,EAAE,OAAO,QAAQ;AAAA,MAChC,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,IACpB;AAEA,UAAM,UAAU,IAAI,kBAAkB,EAAE;AACxC,QAAI,SAAS;AACb,QAAI;AACF,YAAM,SAAS,MAAM,QAAQ,sBAAsB,OAAO,IAAI;AAC9D,gBAAU,OAAO;AACjB,cAAQ,OAAO;AAAA,IACjB,SAAS,KAAK;AACZ,UAAI,eAAe,SAAS,IAAI,QAAQ,WAAW,kBAAkB,GAAG;AACtE,cAAM,UAAU,OAAO,IAAI,QAAQ,MAAM,GAAG,EAAE,CAAC,KAAK,IAAI;AACxD,cAAM,UAAU,UAAU,oCAAoC,qHAAqH,EAAE,QAAQ,CAAC;AAC9L,eAAO,aAAa,KAAK;AAAA,UACvB,IAAI;AAAA,UACJ,OAAO;AAAA,UACP,aAAa,EAAE,OAAO,QAAQ;AAAA,QAChC,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,MACpB;AACA,YAAM;AAAA,IACR;AAEA,UAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,UAAM,UAAU,QAAQ,IAAI,WAAW,GAAG,IAAI,QAAQ,KAAK,IAAI,IAAI;AACnE,UAAM,YAAY,GAAG,OAAO,2CAA2C,KAAK;AAE5E,UAAM,YAAY,QAAQ,aAAa,OAAO,KAAK;AACnD,UAAM,UAAU,UAAU,4BAA4B,yCAAyC;AAC/F,UAAM,YAAY;AAAA,MAChB,SAAS,UAAU,4BAA4B,4DAA4D;AAAA,MAC3G,SAAS,UAAU,4BAA4B,yBAAyB;AAAA,MACxE,UAAU,UAAU,6BAA6B,mBAAmB,EAAE,UAAU,CAAC;AAAA,MACjF,MAAM;AAAA,QACJ;AAAA,QACA;AAAA,QACA,EAAE,kBAAkB,QAAQ,iBAAiB;AAAA,MAC/C;AAAA,MACA,KAAK,UAAU,wBAAwB,oCAAoC;AAAA,MAC3E,QAAQ;AAAA,QACN;AAAA,QACA;AAAA,MACF;AAAA,MACA,QAAQ,UAAU,2BAA2B,6CAA0C;AAAA,IACzF;AACA,UAAM,aAAa,kBAAkB,EAAE,WAAW,MAAM,UAAU,CAAC;AACnE,QAAI;AACF,YAAM,UAAU,EAAE,IAAI,QAAQ,OAAO,SAAS,OAAO,WAAW,CAAC;AAAA,IACnE,SAAS,KAAK;AACZ,cAAQ,kBAAkB;AAC1B,YAAM,GAAG,MAAM;AACf,cAAQ,MAAM,gDAAgD,GAAG;AACjE,aAAO,aAAa,KAAK;AAAA,QACvB,IAAI;AAAA,QACJ,OAAO;AAAA,UACL;AAAA,UACA;AAAA,QACF;AAAA,MACF,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,IACpB;AAEA,UAAM,aAAa,QAAQ,IAAI,eAAe;AAC9C,UAAM,eAAe,UAAU,iCAAiC,qCAAqC;AACrG,UAAM,YAAY;AAAA,MAChB,SAAS,UAAU,iCAAiC,kCAAkC;AAAA,MACtF,SAAS,UAAU,iCAAiC,wBAAwB;AAAA,MAC5E,MAAM,UAAU,8BAA8B,4FAA4F;AAAA,QACxI,WAAW,QAAQ;AAAA,QACnB,UAAU,QAAQ;AAAA,QAClB,OAAO,QAAQ;AAAA,QACf,kBAAkB,QAAQ;AAAA,MAC5B,CAAC;AAAA,MACD,QAAQ,UAAU,gCAAgC,2DAA2D;AAAA,IAC/G;AACA,QAAI;AACF,YAAM,UAAU;AAAA,QACd,IAAI;AAAA,QACJ,SAAS;AAAA,QACT,OAAO,uBAAuB,EAAE,MAAM,UAAU,CAAC;AAAA,MACnD,CAAC;AAAA,IACH,SAAS,KAAK;AACZ,cAAQ,MAAM,yCAAyC,GAAG;AAAA,IAC5D;AAEA,WAAO,aAAa,KAAK,EAAE,IAAI,MAAM,OAAO,QAAQ,MAAM,CAAC;AAAA,EAC7D,SAAS,OAAO;AACd,YAAQ,MAAM,6BAA6B,KAAK;AAChD,WAAO,aAAa,KAAK;AAAA,MACvB,IAAI;AAAA,MACJ,OAAO,UAAU,gCAAgC,+CAA+C;AAAA,IAClG,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACpB;AACF;AAEA,IAAO,qBAAQ;AAEf,MAAM,gBAAgB;AAEtB,MAAM,0BAA0B,EAAE,OAAO;AAAA,EACvC,IAAI,EAAE,QAAQ,IAAI;AAAA,EAClB,OAAO,EAAE,OAAO,EAAE,MAAM;AAC1B,CAAC;AAED,MAAM,wBAAwB,EAAE,OAAO;AAAA,EACrC,IAAI,EAAE,QAAQ,KAAK;AAAA,EACnB,OAAO,EAAE,OAAO;AAAA,EAChB,aAAa,EAAE,OAAO,EAAE,OAAO,GAAG,EAAE,OAAO,CAAC,EAAE,SAAS;AACzD,CAAC;AAED,MAAM,oBAAsC;AAAA,EAC1C,SAAS;AAAA,EACT,aAAa;AAAA,EACb,MAAM,CAAC,aAAa;AAAA,EACpB,aAAa;AAAA,IACX,aAAa;AAAA,IACb,QAAQ;AAAA,IACR,aAAa;AAAA,EACf;AAAA,EACA,WAAW;AAAA,IACT,EAAE,QAAQ,KAAK,aAAa,gCAAgC,QAAQ,wBAAwB;AAAA,EAC9F;AAAA,EACA,QAAQ;AAAA,IACN,EAAE,QAAQ,KAAK,aAAa,qBAAqB,QAAQ,sBAAsB;AAAA,IAC/E,EAAE,QAAQ,KAAK,aAAa,oCAAoC,QAAQ,sBAAsB;AAAA,IAC9F,EAAE,QAAQ,KAAK,aAAa,uCAAuC,QAAQ,sBAAsB;AAAA,IACjG,EAAE,QAAQ,KAAK,aAAa,2BAA2B,QAAQ,sBAAsB;AAAA,EACvF;AACF;AAEO,MAAM,UAA2B;AAAA,EACtC,KAAK;AAAA,EACL,SAAS;AAAA,EACT,SAAS;AAAA,IACP,MAAM;AAAA,EACR;AACF;",
   "names": []
 }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@open-mercato/onboarding",
-  "version": "0.4.7-main-1768da2e43",
+  "version": "0.4.7",
   "type": "module",
   "main": "./dist/index.js",
   "scripts": {
@@ -68,16 +68,16 @@
       "default": "./dist/*/*/*/*/*/*.js"
     }
   },
-  "dependencies": {
-    "@open-mercato/shared": "0.4.7-main-1768da2e43"
+  "peerDependencies": {
+    "@open-mercato/shared": "0.4.7"
   },
   "devDependencies": {
+    "@open-mercato/shared": "0.4.7",
     "@types/jest": "^30.0.0",
     "jest": "^30.2.0",
     "ts-jest": "^29.4.6"
   },
   "publishConfig": {
     "access": "public"
-  },
-  "stableVersion": "0.4.6"
+  }
 }

package/src/modules/onboarding/api/get/onboarding/verify.ts CHANGED Viewed

@@ -15,6 +15,7 @@ import type { VectorIndexService } from '@open-mercato/search/vector'
 import type { OpenApiMethodDoc, OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'
 export const metadata = {
+  path: '/onboarding/onboarding/verify',
   GET: {
     requireAuth: false,
   },

package/src/modules/onboarding/api/post/onboarding.ts CHANGED Viewed

@@ -15,6 +15,7 @@ import type { OpenApiMethodDoc, OpenApiRouteDoc } from '@open-mercato/shared/lib
 import { formatPasswordRequirements, getPasswordPolicy } from '@open-mercato/shared/lib/auth/passwordPolicy'
 export const metadata = {
+  path: '/onboarding/onboarding',
   POST: {
     requireAuth: false,
   },