@prabhask5/stellar-engine 1.0.3

package/dist/actions/remoteChange.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"remoteChange.js","sourceRoot":"","sources":["../../src/actions/remoteChange.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAEH,OAAO,EACL,kBAAkB,EAClB,2BAA2B,EAC3B,4BAA4B,EAE7B,MAAM,yBAAyB,CAAC;AAajC;;GAEG;AACH,MAAM,oBAAoB,GAAqC;IAC7D,MAAM,EAAE,cAAc;IACtB,MAAM,EAAE,eAAe;IACvB,MAAM,EAAE,cAAc;IACtB,SAAS,EAAE,mBAAmB;IAC9B,SAAS,EAAE,mBAAmB;IAC9B,OAAO,EAAE,iBAAiB;IAC1B,MAAM,EAAE,cAAc;IACtB,MAAM,EAAE,cAAc;CACvB,CAAC;AAEF;;GAEG;AACH,MAAM,mBAAmB,GAAqC;IAC5D,MAAM,EAAE,GAAG;IACX,MAAM,EAAE,GAAG;IACX,MAAM,EAAE,GAAG;IACX,SAAS,EAAE,GAAG;IACd,SAAS,EAAE,GAAG;IACd,OAAO,EAAE,GAAG;IACZ,MAAM,EAAE,GAAG;IACX,MAAM,EAAE,IAAI;CACb,CAAC;AAEF,uEAAuE;AACvE,MAAM,iBAAiB,GAAG,IAAI,OAAO,EAAe,CAAC;AAErD,MAAM,UAAU,qBAAqB,CAAC,IAAiB,EAAE,OAA4B;IACnF,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,cAAc,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC;IAEzE,mCAAmC;IACnC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;IAEpC,qCAAqC;IACrC,SAAS,cAAc,CAAC,MAA0D;QAChF,gEAAgE;QAChE,IAAI,MAAM,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAChC,MAAM,UAAU,GAAG,MAAM,CAAC,CAAC,sBAAsB;YACjD,MAAM,iBAAiB,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,GAAG,IAAI,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;YACzF,IAAI,CAAC,iBAAiB;gBAAE,OAAO;QACjC,CAAC;QAED,qDAAqD;QACrD,IAAI,iBAAiB,CAAC,GAAG,CAAC,IAAI,CAAC;YAAE,OAAO;QACxC,iBAAiB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAE5B,iDAAiD;QACjD,MAAM,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC;QACrC,MAAM,QAAQ,GAAG,cAAc,IAAI,oBAAoB,CAAC,UAAU,CAAC,IAAI,cAAc,CAAC;QACtF,MAAM,QAAQ,GAAG,mBAAmB,CAAC,UAAU,CAAC,IAAI,IAAI,CAAC;QAEzD,qEAAqE;QACrE,IAAI,QAAQ,EAAE,CAAC;YACb,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;QACtC,CAAC;QAED,wBAAwB;QACxB,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAE7B,6EAA6E;QAC7E,IAAI,UAAU,KAAK,QAAQ,EAAE,CAAC;YAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,aAAa,CAAC,gCAAgC,CAAC,CAAC;YACtE,IAAI,QAAQ,EAAE,CAAC;gBACb,QAAQ,CAAC,SAAS,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;gBAC7C,UAAU,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,MAAM,CAAC,oBAAoB,CAAC,EAAE,GAAG,CAAC,CAAC;YACzE,CAAC;YAED,+BAA+B;YAC/B,MAAM,MAAM,GAAG,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;YAC9C,MAAM,CAAC,SAAS,GAAG,mBAAmB,CAAC;YACvC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;YACzB,UAAU,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,GAAG,CAAC,CAAC;QACzC,CAAC;QAED,uDAAuD;QACvD,IAAI,UAAU,KAAK,WAAW,IAAI,UAAU,KAAK,WAAW,EAAE,CAAC;YAC7D,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAChC,0DAA0D,CAC3D,CAAC;YACF,IAAI,OAAO,EAAE,CAAC;gBACZ,OAAO,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;gBAChC,UAAU,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,QAAQ,CAAC,CAAC;YACjE,CAAC;QACH,CAAC;QAED,sEAAsE;QACtE,0EAA0E;QAC1E,6DAA6D;QAC7D,IAAI,UAAU,KAAK,QAAQ;YAAE,OAAO;QAEpC,yCAAyC;QACzC,MAAM,kBAAkB,GAAG,GAAG,EAAE;YAC9B,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YAChC,iBAAiB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YAC/B,IAAI,CAAC,mBAAmB,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;QAC/D,CAAC,CAAC;QAEF,IAAI,CAAC,gBAAgB,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;QAE1D,qDAAqD;QACrD,UAAU,CAAC,GAAG,EAAE;YACd,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YAChC,iBAAiB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACjC,CAAC,EAAE,QAAQ,GAAG,GAAG,CAAC,CAAC;IACrB,CAAC;IAED,iFAAiF;IACjF,uEAAuE;IACvE,MAAM,aAAa,GAAG,kBAAkB,CAAC,eAAe,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;IAC/E,IAAI,aAAa,EAAE,CAAC;QAClB,mDAAmD;QACnD,qBAAqB,CAAC,GAAG,EAAE;YACzB,cAAc,CAAC,aAAa,CAAC,CAAC;QAChC,CAAC,CAAC,CAAC;IACL,CAAC;IAED,wEAAwE;IACxE,IAAI,eAAe,GAAG,2BAA2B,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;IACxE,IAAI,eAAe,GAAG,4BAA4B,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;IAEzE,0CAA0C;IAC1C,IAAI,iBAAiB,GAAG,eAAe,CAAC,SAAS,CAAC,CAAC,MAAM,EAAE,EAAE;QAC3D,+EAA+E;QAC/E,IAAI,CAAC,MAAM;YAAE,OAAO;QACpB,IAAI,aAAa,IAAI,MAAM,CAAC,SAAS,KAAK,aAAa,CAAC,SAAS;YAAE,OAAO;QAE1E,cAAc,CAAC,MAAM,CAAC,CAAC;IACzB,CAAC,CAAC,CAAC;IAEH,sDAAsD;IACtD,IAAI,iBAAiB,GAAG,eAAe,CAAC,SAAS,CAAC,CAAC,eAAe,EAAE,EAAE;QACpE,IAAI,eAAe,EAAE,CAAC;YACpB,qCAAqC;YACrC,MAAM,WAAW,GAAG,oBAAoB,CAAC,QAAQ,CAAC,CAAC;YACnD,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;YAEhC,mCAAmC;YACnC,IAAI,QAAQ,EAAE,CAAC;gBACb,QAAQ,CAAC,QAAQ,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;YAC5B,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,MAAM,CAAC,UAA+B;YACpC,kDAAkD;YAClD,IAAI,UAAU,CAAC,QAAQ,KAAK,QAAQ,IAAI,UAAU,CAAC,UAAU,KAAK,UAAU,EAAE,CAAC;gBAC7E,iBAAiB,EAAE,CAAC;gBACpB,iBAAiB,EAAE,CAAC;gBACpB,QAAQ,GAAG,UAAU,CAAC,QAAQ,CAAC;gBAC/B,UAAU,GAAG,UAAU,CAAC,UAAU,CAAC;gBACnC,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC;gBAC3B,cAAc,GAAG,UAAU,CAAC,cAAc,CAAC;gBAC3C,QAAQ,GAAG,UAAU,CAAC,QAAQ,CAAC;gBAC/B,eAAe,GAAG,2BAA2B,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;gBACpE,eAAe,GAAG,4BAA4B,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;gBACrE,iBAAiB,GAAG,eAAe,CAAC,SAAS,CAAC,CAAC,MAAM,EAAE,EAAE;oBACvD,IAAI,CAAC,MAAM;wBAAE,OAAO;oBACpB,cAAc,CAAC,MAAM,CAAC,CAAC;gBACzB,CAAC,CAAC,CAAC;gBACH,iBAAiB,GAAG,eAAe,CAAC,SAAS,CAAC,CAAC,eAAe,EAAE,EAAE;oBAChE,IAAI,eAAe,EAAE,CAAC;wBACpB,MAAM,WAAW,GAAG,oBAAoB,CAAC,QAAQ,CAAC,CAAC;wBACnD,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;wBAChC,IAAI,QAAQ,EAAE,CAAC;4BACb,QAAQ,CAAC,QAAQ,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;wBAC5B,CAAC;oBACH,CAAC;gBACH,CAAC,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QACD,OAAO;YACL,iBAAiB,EAAE,CAAC;YACpB,iBAAiB,EAAE,CAAC;YACpB,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;YACvC,iBAAiB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACjC,CAAC;KACF,CAAC;AACJ,CAAC;AAuBD,MAAM,UAAU,YAAY,CAAC,IAAiB,EAAE,OAA4B;IAC1E,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,EAAE,iBAAiB,EAAE,GAAG,OAAO,CAAC;IAE9E,yCAAyC;IACzC,kBAAkB,CAAC,YAAY,CAAC,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;IAExE,uCAAuC;IACvC,MAAM,uBAAuB,GAAG,GAAG,EAAE;QACnC,MAAM,WAAW,GAAG,kBAAkB,CAAC,kBAAkB,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;QAChF,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;QAC7C,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,sBAAsB,CAAC,CAAC;QAChD,CAAC;IACH,CAAC,CAAC;IAEF,0CAA0C;IAC1C,MAAM,QAAQ,GAAG,WAAW,CAAC,uBAAuB,EAAE,IAAI,CAAC,CAAC;IAC5D,uBAAuB,EAAE,CAAC;IAE1B,OAAO;QACL,MAAM,CAAC,UAA+B;YACpC,qDAAqD;YACrD,IAAI,UAAU,CAAC,QAAQ,KAAK,QAAQ,IAAI,UAAU,CAAC,UAAU,KAAK,UAAU,EAAE,CAAC;gBAC7E,kBAAkB,CAAC,WAAW,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;gBACrD,kBAAkB,CAAC,YAAY,CAC7B,UAAU,CAAC,QAAQ,EACnB,UAAU,CAAC,UAAU,EACrB,UAAU,CAAC,QAAQ,EACnB,UAAU,CAAC,MAAM,CAClB,CAAC;YACJ,CAAC;QACH,CAAC;QACD,OAAO;YACL,aAAa,CAAC,QAAQ,CAAC,CAAC;YACxB,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,sBAAsB,CAAC,CAAC;YAE9C,6CAA6C;YAC7C,MAAM,eAAe,GAAG,kBAAkB,CAAC,WAAW,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;YAE7E,gDAAgD;YAChD,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,IAAI,iBAAiB,EAAE,CAAC;gBACpD,iBAAiB,CAAC,eAAe,CAAC,CAAC;YACrC,CAAC;QACH,CAAC;KACF,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,UAAU,qBAAqB,CACnC,OAA2B,EAC3B,UAA4B;IAE5B,IAAI,CAAC,OAAO;QAAE,OAAO;IAErB,MAAM,QAAQ,GAAG,oBAAoB,CAAC,UAAU,CAAC,IAAI,cAAc,CAAC;IACpE,MAAM,QAAQ,GAAG,mBAAmB,CAAC,UAAU,CAAC,IAAI,IAAI,CAAC;IAEzD,+EAA+E;IAC/E,IAAI,UAAU,KAAK,WAAW,IAAI,UAAU,KAAK,WAAW,EAAE,CAAC;QAC7D,IAAI,iBAAiB,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;YACnC,sDAAsD;YACtD,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YACnC,KAAK,OAAO,CAAC,WAAW,CAAC;QAC3B,CAAC;IACH,CAAC;SAAM,CAAC;QACN,iDAAiD;QACjD,IAAI,iBAAiB,CAAC,GAAG,CAAC,OAAO,CAAC;YAAE,OAAO;IAC7C,CAAC;IACD,iBAAiB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAE/B,wBAAwB;IACxB,OAAO,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAEhC,qDAAqD;IACrD,IAAI,UAAU,KAAK,QAAQ,EAAE,CAAC;QAC5B,MAAM,QAAQ,GAAG,OAAO,CAAC,aAAa,CAAC,gCAAgC,CAAC,CAAC;QACzE,IAAI,QAAQ,EAAE,CAAC;YACb,QAAQ,CAAC,SAAS,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;YAC7C,UAAU,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,MAAM,CAAC,oBAAoB,CAAC,EAAE,GAAG,CAAC,CAAC;QACzE,CAAC;QAED,+BAA+B;QAC/B,MAAM,MAAM,GAAG,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;QAC9C,MAAM,CAAC,SAAS,GAAG,mBAAmB,CAAC;QACvC,OAAO,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QAC5B,UAAU,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,GAAG,CAAC,CAAC;IACzC,CAAC;IAED,uDAAuD;IACvD,IAAI,UAAU,KAAK,WAAW,IAAI,UAAU,KAAK,WAAW,EAAE,CAAC;QAC7D,MAAM,OAAO,GAAG,OAAO,CAAC,aAAa,CACnC,0DAA0D,CAC3D,CAAC;QACF,IAAI,OAAO,EAAE,CAAC;YACZ,OAAO,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAChC,UAAU,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,QAAQ,CAAC,CAAC;QACjE,CAAC;IACH,CAAC;IAED,yCAAyC;IACzC,MAAM,kBAAkB,GAAG,GAAG,EAAE;QAC9B,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACnC,iBAAiB,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAClC,OAAO,CAAC,mBAAmB,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;IAClE,CAAC,CAAC;IAEF,OAAO,CAAC,gBAAgB,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;IAE7D,mBAAmB;IACnB,UAAU,CAAC,GAAG,EAAE;QACd,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACnC,iBAAiB,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACpC,CAAC,EAAE,QAAQ,GAAG,GAAG,CAAC,CAAC;AACrB,CAAC"}

package/dist/auth/admin.d.ts

@@ -0,0 +1,12 @@
+/**
+ * Admin Check
+ *
+ * Delegates to config.auth.adminCheck or returns false.
+ */
+import type { User } from '@supabase/supabase-js';
+/**
+ * Check if a user has admin privileges.
+ * Uses the adminCheck function from engine config if provided.
+ */
+export declare function isAdmin(user: User | null): boolean;
+//# sourceMappingURL=admin.d.ts.map

package/dist/auth/admin.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"admin.d.ts","sourceRoot":"","sources":["../../src/auth/admin.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,uBAAuB,CAAC;AAGlD;;;GAGG;AACH,wBAAgB,OAAO,CAAC,IAAI,EAAE,IAAI,GAAG,IAAI,GAAG,OAAO,CAUlD"}

package/dist/auth/admin.js

@@ -0,0 +1,23 @@
+/**
+ * Admin Check
+ *
+ * Delegates to config.auth.adminCheck or returns false.
+ */
+import { getEngineConfig } from '../config';
+/**
+ * Check if a user has admin privileges.
+ * Uses the adminCheck function from engine config if provided.
+ */
+export function isAdmin(user) {
+    try {
+        const config = getEngineConfig();
+        if (config.auth?.adminCheck) {
+            return config.auth.adminCheck(user);
+        }
+    }
+    catch {
+        // Engine not initialized yet
+    }
+    return false;
+}
+//# sourceMappingURL=admin.js.map

package/dist/auth/admin.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"admin.js","sourceRoot":"","sources":["../../src/auth/admin.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EAAE,eAAe,EAAE,MAAM,WAAW,CAAC;AAE5C;;;GAGG;AACH,MAAM,UAAU,OAAO,CAAC,IAAiB;IACvC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,eAAe,EAAE,CAAC;QACjC,IAAI,MAAM,CAAC,IAAI,EAAE,UAAU,EAAE,CAAC;YAC5B,OAAO,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QACtC,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,6BAA6B;IAC/B,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC"}

package/dist/auth/offlineCredentials.d.ts

@@ -0,0 +1,41 @@
+/**
+ * Offline Credentials Management
+ * Handles caching, retrieval, and verification of user credentials for offline login
+ */
+import type { OfflineCredentials } from '../types';
+import type { User, Session } from '@supabase/supabase-js';
+/**
+ * Cache user credentials for offline login
+ * Called after successful Supabase login
+ */
+export declare function cacheOfflineCredentials(email: string, password: string, user: User, _session: Session): Promise<void>;
+/**
+ * Get cached offline credentials
+ * Returns null if no credentials are cached or if credentials are in old format
+ */
+export declare function getOfflineCredentials(): Promise<OfflineCredentials | null>;
+/**
+ * Verify email and password against cached credentials
+ * @param email - The email to verify
+ * @param password - The password to verify
+ * @param expectedUserId - The userId that the credentials should belong to
+ * @returns Object with valid boolean and optional reason for failure
+ */
+export declare function verifyOfflineCredentials(email: string, password: string, expectedUserId: string): Promise<{
+    valid: boolean;
+    reason?: string;
+}>;
+/**
+ * Update the cached password (after online password change)
+ * @param newPassword - The new password to cache
+ */
+export declare function updateOfflineCredentialsPassword(newPassword: string): Promise<void>;
+/**
+ * Update user profile in cached credentials (after online profile update)
+ */
+export declare function updateOfflineCredentialsProfile(profile: Record<string, unknown>): Promise<void>;
+/**
+ * Clear all cached offline credentials (on logout)
+ */
+export declare function clearOfflineCredentials(): Promise<void>;
+//# sourceMappingURL=offlineCredentials.d.ts.map

package/dist/auth/offlineCredentials.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"offlineCredentials.d.ts","sourceRoot":"","sources":["../../src/auth/offlineCredentials.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,UAAU,CAAC;AACnD,OAAO,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAC;AAK3D;;;GAGG;AACH,wBAAsB,uBAAuB,CAC3C,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,EAChB,IAAI,EAAE,IAAI,EACV,QAAQ,EAAE,OAAO,GAChB,OAAO,CAAC,IAAI,CAAC,CAiCf;AAED;;;GAGG;AACH,wBAAsB,qBAAqB,IAAI,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC,CAQhF;AAED;;;;;;GAMG;AACH,wBAAsB,wBAAwB,CAC5C,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,EAChB,cAAc,EAAE,MAAM,GACrB,OAAO,CAAC;IAAE,KAAK,EAAE,OAAO,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,CAmC9C;AAED;;;GAGG;AACH,wBAAsB,gCAAgC,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAWzF;AAED;;GAEG;AACH,wBAAsB,+BAA+B,CACnD,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC/B,OAAO,CAAC,IAAI,CAAC,CAWf;AAED;;GAEG;AACH,wBAAsB,uBAAuB,IAAI,OAAO,CAAC,IAAI,CAAC,CAG7D"}

package/dist/auth/offlineCredentials.js

@@ -0,0 +1,121 @@
+/**
+ * Offline Credentials Management
+ * Handles caching, retrieval, and verification of user credentials for offline login
+ */
+import { getEngineConfig } from '../config';
+import { debugWarn, debugError } from '../debug';
+const CREDENTIALS_ID = 'current_user';
+/**
+ * Cache user credentials for offline login
+ * Called after successful Supabase login
+ */
+export async function cacheOfflineCredentials(email, password, user, _session) {
+    // Validate inputs to prevent storing incomplete credentials
+    if (!email || !password) {
+        debugError('[Auth] Cannot cache credentials: email or password is empty');
+        throw new Error('Cannot cache credentials: email or password is empty');
+    }
+    const config = getEngineConfig();
+    const db = config.db;
+    // Extract profile using config's profileExtractor, or use raw metadata
+    const profile = config.auth?.profileExtractor
+        ? config.auth.profileExtractor(user.user_metadata || {})
+        : (user.user_metadata || {});
+    const credentials = {
+        id: CREDENTIALS_ID,
+        userId: user.id,
+        email: email,
+        password: password,
+        profile,
+        cachedAt: new Date().toISOString()
+    };
+    // Use put to insert or update the singleton record
+    await db.table('offlineCredentials').put(credentials);
+    // Verify the credentials were stored correctly (paranoid check)
+    const stored = await db.table('offlineCredentials').get(CREDENTIALS_ID);
+    if (!stored || !stored.password) {
+        debugError('[Auth] Credentials were not stored correctly - password missing');
+        throw new Error('Failed to store credentials: password not persisted');
+    }
+}
+/**
+ * Get cached offline credentials
+ * Returns null if no credentials are cached or if credentials are in old format
+ */
+export async function getOfflineCredentials() {
+    const db = getEngineConfig().db;
+    const credentials = await db.table('offlineCredentials').get(CREDENTIALS_ID);
+    if (!credentials) {
+        return null;
+    }
+    return credentials;
+}
+/**
+ * Verify email and password against cached credentials
+ * @param email - The email to verify
+ * @param password - The password to verify
+ * @param expectedUserId - The userId that the credentials should belong to
+ * @returns Object with valid boolean and optional reason for failure
+ */
+export async function verifyOfflineCredentials(email, password, expectedUserId) {
+    const credentials = await getOfflineCredentials();
+    if (!credentials) {
+        debugWarn('[Auth] No credentials found in database');
+        return { valid: false, reason: 'no_credentials' };
+    }
+    // SECURITY: Verify all fields match
+    if (credentials.userId !== expectedUserId) {
+        debugWarn('[Auth] Credential userId mismatch:', credentials.userId, '!==', expectedUserId);
+        return { valid: false, reason: 'user_mismatch' };
+    }
+    if (credentials.email !== email) {
+        debugWarn('[Auth] Credential email mismatch:', credentials.email, '!==', email);
+        return { valid: false, reason: 'email_mismatch' };
+    }
+    if (!credentials.password) {
+        debugWarn('[Auth] No password stored in credentials');
+        return { valid: false, reason: 'no_stored_password' };
+    }
+    if (credentials.password !== password) {
+        debugWarn('[Auth] Password mismatch (stored length:', credentials.password.length, ', entered length:', password.length, ')');
+        return { valid: false, reason: 'password_mismatch' };
+    }
+    return { valid: true };
+}
+/**
+ * Update the cached password (after online password change)
+ * @param newPassword - The new password to cache
+ */
+export async function updateOfflineCredentialsPassword(newPassword) {
+    const credentials = await getOfflineCredentials();
+    if (!credentials) {
+        return;
+    }
+    const db = getEngineConfig().db;
+    await db.table('offlineCredentials').update(CREDENTIALS_ID, {
+        password: newPassword,
+        cachedAt: new Date().toISOString()
+    });
+}
+/**
+ * Update user profile in cached credentials (after online profile update)
+ */
+export async function updateOfflineCredentialsProfile(profile) {
+    const credentials = await getOfflineCredentials();
+    if (!credentials) {
+        return;
+    }
+    const db = getEngineConfig().db;
+    await db.table('offlineCredentials').update(CREDENTIALS_ID, {
+        profile,
+        cachedAt: new Date().toISOString()
+    });
+}
+/**
+ * Clear all cached offline credentials (on logout)
+ */
+export async function clearOfflineCredentials() {
+    const db = getEngineConfig().db;
+    await db.table('offlineCredentials').delete(CREDENTIALS_ID);
+}
+//# sourceMappingURL=offlineCredentials.js.map

package/dist/auth/offlineCredentials.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"offlineCredentials.js","sourceRoot":"","sources":["../../src/auth/offlineCredentials.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,eAAe,EAAE,MAAM,WAAW,CAAC;AAG5C,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAEjD,MAAM,cAAc,GAAG,cAAc,CAAC;AAEtC;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,KAAa,EACb,QAAgB,EAChB,IAAU,EACV,QAAiB;IAEjB,4DAA4D;IAC5D,IAAI,CAAC,KAAK,IAAI,CAAC,QAAQ,EAAE,CAAC;QACxB,UAAU,CAAC,6DAA6D,CAAC,CAAC;QAC1E,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;IAC1E,CAAC;IAED,MAAM,MAAM,GAAG,eAAe,EAAE,CAAC;IACjC,MAAM,EAAE,GAAG,MAAM,CAAC,EAAG,CAAC;IAEtB,uEAAuE;IACvE,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,EAAE,gBAAgB;QAC3C,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,aAAa,IAAI,EAAE,CAAC;QACxD,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,IAAI,EAAE,CAAC,CAAC;IAE/B,MAAM,WAAW,GAAuB;QACtC,EAAE,EAAE,cAAc;QAClB,MAAM,EAAE,IAAI,CAAC,EAAE;QACf,KAAK,EAAE,KAAK;QACZ,QAAQ,EAAE,QAAQ;QAClB,OAAO;QACP,QAAQ,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACnC,CAAC;IAEF,mDAAmD;IACnD,MAAM,EAAE,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IAEtD,gEAAgE;IAChE,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IACxE,IAAI,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;QAChC,UAAU,CAAC,iEAAiE,CAAC,CAAC;QAC9E,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;IACzE,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB;IACzC,MAAM,EAAE,GAAG,eAAe,EAAE,CAAC,EAAG,CAAC;IACjC,MAAM,WAAW,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IAC7E,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,WAAiC,CAAC;AAC3C,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAC5C,KAAa,EACb,QAAgB,EAChB,cAAsB;IAEtB,MAAM,WAAW,GAAG,MAAM,qBAAqB,EAAE,CAAC;IAClD,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,SAAS,CAAC,yCAAyC,CAAC,CAAC;QACrD,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;IACpD,CAAC;IAED,oCAAoC;IACpC,IAAI,WAAW,CAAC,MAAM,KAAK,cAAc,EAAE,CAAC;QAC1C,SAAS,CAAC,oCAAoC,EAAE,WAAW,CAAC,MAAM,EAAE,KAAK,EAAE,cAAc,CAAC,CAAC;QAC3F,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,eAAe,EAAE,CAAC;IACnD,CAAC;IAED,IAAI,WAAW,CAAC,KAAK,KAAK,KAAK,EAAE,CAAC;QAChC,SAAS,CAAC,mCAAmC,EAAE,WAAW,CAAC,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;QAChF,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;IACpD,CAAC;IAED,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC;QAC1B,SAAS,CAAC,0CAA0C,CAAC,CAAC;QACtD,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,oBAAoB,EAAE,CAAC;IACxD,CAAC;IAED,IAAI,WAAW,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;QACtC,SAAS,CACP,0CAA0C,EAC1C,WAAW,CAAC,QAAQ,CAAC,MAAM,EAC3B,mBAAmB,EACnB,QAAQ,CAAC,MAAM,EACf,GAAG,CACJ,CAAC;QACF,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,mBAAmB,EAAE,CAAC;IACvD,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;AACzB,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,gCAAgC,CAAC,WAAmB;IACxE,MAAM,WAAW,GAAG,MAAM,qBAAqB,EAAE,CAAC;IAClD,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO;IACT,CAAC;IAED,MAAM,EAAE,GAAG,eAAe,EAAE,CAAC,EAAG,CAAC;IACjC,MAAM,EAAE,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,MAAM,CAAC,cAAc,EAAE;QAC1D,QAAQ,EAAE,WAAW;QACrB,QAAQ,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACnC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,+BAA+B,CACnD,OAAgC;IAEhC,MAAM,WAAW,GAAG,MAAM,qBAAqB,EAAE,CAAC;IAClD,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO;IACT,CAAC;IAED,MAAM,EAAE,GAAG,eAAe,EAAE,CAAC,EAAG,CAAC;IACjC,MAAM,EAAE,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,MAAM,CAAC,cAAc,EAAE;QAC1D,OAAO;QACP,QAAQ,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACnC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB;IAC3C,MAAM,EAAE,GAAG,eAAe,EAAE,CAAC,EAAG,CAAC;IACjC,MAAM,EAAE,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;AAC9D,CAAC"}

package/dist/auth/offlineLogin.d.ts

@@ -0,0 +1,34 @@
+/**
+ * Offline Login
+ *
+ * Provides high-level offline sign-in and credential info functions,
+ * absorbing the login page's direct use of offline auth internals.
+ */
+interface OfflineLoginResult {
+    success: boolean;
+    error?: string;
+    reason?: 'no_credentials' | 'no_stored_password' | 'user_mismatch' | 'email_mismatch' | 'password_mismatch' | 'session_failed';
+}
+/**
+ * Sign in offline using cached credentials.
+ *
+ * 1. Fetches cached offline credentials
+ * 2. Verifies email + password against cached credentials
+ * 3. Creates offline session
+ * 4. Validates session was persisted
+ * 5. Returns structured result with typed error reasons
+ */
+export declare function signInOffline(email: string, password: string): Promise<OfflineLoginResult>;
+/**
+ * Get non-sensitive display info about cached offline credentials.
+ * Returns null if no credentials cached.
+ * Used by login page to show "Sign in as X" offline UI.
+ */
+export declare function getOfflineLoginInfo(): Promise<{
+    hasCredentials: boolean;
+    email?: string;
+    firstName?: string;
+    lastName?: string;
+} | null>;
+export {};
+//# sourceMappingURL=offlineLogin.d.ts.map

package/dist/auth/offlineLogin.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"offlineLogin.d.ts","sourceRoot":"","sources":["../../src/auth/offlineLogin.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAMH,UAAU,kBAAkB;IAC1B,OAAO,EAAE,OAAO,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,gBAAgB,GAAG,oBAAoB,GAAG,eAAe,GAAG,gBAAgB,GAAG,mBAAmB,GAAG,gBAAgB,CAAC;CAChI;AAED;;;;;;;;GAQG;AACH,wBAAsB,aAAa,CACjC,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,kBAAkB,CAAC,CAoC7B;AAED;;;;GAIG;AACH,wBAAsB,mBAAmB,IAAI,OAAO,CAAC;IACnD,cAAc,EAAE,OAAO,CAAC;IACxB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB,GAAG,IAAI,CAAC,CAiBR"}

package/dist/auth/offlineLogin.js

@@ -0,0 +1,75 @@
+/**
+ * Offline Login
+ *
+ * Provides high-level offline sign-in and credential info functions,
+ * absorbing the login page's direct use of offline auth internals.
+ */
+import { getOfflineCredentials, verifyOfflineCredentials } from './offlineCredentials';
+import { createOfflineSession, getValidOfflineSession } from './offlineSession';
+import { debugLog, debugError } from '../debug';
+/**
+ * Sign in offline using cached credentials.
+ *
+ * 1. Fetches cached offline credentials
+ * 2. Verifies email + password against cached credentials
+ * 3. Creates offline session
+ * 4. Validates session was persisted
+ * 5. Returns structured result with typed error reasons
+ */
+export async function signInOffline(email, password) {
+    try {
+        // 1. Get cached credentials
+        const credentials = await getOfflineCredentials();
+        if (!credentials) {
+            return { success: false, reason: 'no_credentials' };
+        }
+        if (!credentials.password) {
+            return { success: false, reason: 'no_stored_password' };
+        }
+        // 2. Verify credentials
+        const verification = await verifyOfflineCredentials(email, password, credentials.userId);
+        if (!verification.valid) {
+            return {
+                success: false,
+                reason: verification.reason
+            };
+        }
+        // 3. Create offline session
+        await createOfflineSession(credentials.userId);
+        // 4. Validate session was persisted
+        const session = await getValidOfflineSession();
+        if (!session) {
+            return { success: false, reason: 'session_failed' };
+        }
+        debugLog('[Auth] Offline login successful');
+        return { success: true };
+    }
+    catch (e) {
+        debugError('[Auth] Offline login error:', e);
+        return { success: false, reason: 'session_failed' };
+    }
+}
+/**
+ * Get non-sensitive display info about cached offline credentials.
+ * Returns null if no credentials cached.
+ * Used by login page to show "Sign in as X" offline UI.
+ */
+export async function getOfflineLoginInfo() {
+    try {
+        const credentials = await getOfflineCredentials();
+        if (!credentials)
+            return null;
+        // Extract display info from profile
+        const profile = credentials.profile || {};
+        return {
+            hasCredentials: true,
+            email: credentials.email,
+            firstName: profile.firstName,
+            lastName: profile.lastName
+        };
+    }
+    catch {
+        return null;
+    }
+}
+//# sourceMappingURL=offlineLogin.js.map

package/dist/auth/offlineLogin.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"offlineLogin.js","sourceRoot":"","sources":["../../src/auth/offlineLogin.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,qBAAqB,EAAE,wBAAwB,EAAE,MAAM,sBAAsB,CAAC;AACvF,OAAO,EAAE,oBAAoB,EAAE,sBAAsB,EAAE,MAAM,kBAAkB,CAAC;AAChF,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAQhD;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,KAAa,EACb,QAAgB;IAEhB,IAAI,CAAC;QACH,4BAA4B;QAC5B,MAAM,WAAW,GAAG,MAAM,qBAAqB,EAAE,CAAC;QAClD,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;QACtD,CAAC;QAED,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC;YAC1B,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,oBAAoB,EAAE,CAAC;QAC1D,CAAC;QAED,wBAAwB;QACxB,MAAM,YAAY,GAAG,MAAM,wBAAwB,CAAC,KAAK,EAAE,QAAQ,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC;QACzF,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,CAAC;YACxB,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,MAAM,EAAE,YAAY,CAAC,MAAsC;aAC5D,CAAC;QACJ,CAAC;QAED,4BAA4B;QAC5B,MAAM,oBAAoB,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QAE/C,oCAAoC;QACpC,MAAM,OAAO,GAAG,MAAM,sBAAsB,EAAE,CAAC;QAC/C,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;QACtD,CAAC;QAED,QAAQ,CAAC,iCAAiC,CAAC,CAAC;QAC5C,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,UAAU,CAAC,6BAA6B,EAAE,CAAC,CAAC,CAAC;QAC7C,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;IACtD,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB;IAMvC,IAAI,CAAC;QACH,MAAM,WAAW,GAAG,MAAM,qBAAqB,EAAE,CAAC;QAClD,IAAI,CAAC,WAAW;YAAE,OAAO,IAAI,CAAC;QAE9B,oCAAoC;QACpC,MAAM,OAAO,GAAG,WAAW,CAAC,OAAO,IAAI,EAAE,CAAC;QAE1C,OAAO;YACL,cAAc,EAAE,IAAI;YACpB,KAAK,EAAE,WAAW,CAAC,KAAK;YACxB,SAAS,EAAE,OAAO,CAAC,SAA+B;YAClD,QAAQ,EAAE,OAAO,CAAC,QAA8B;SACjD,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC"}

package/dist/auth/offlineSession.d.ts

@@ -0,0 +1,22 @@
+/**
+ * Offline Session Management
+ * Handles creation, validation, and cleanup of offline sessions
+ */
+import type { OfflineSession } from '../types';
+/**
+ * Create a new offline session
+ * @param userId - The Supabase user ID
+ * @returns The created session
+ */
+export declare function createOfflineSession(userId: string): Promise<OfflineSession>;
+/**
+ * Get a valid offline session
+ * Returns null if no session exists
+ * Note: Sessions don't expire - they're only revoked on re-auth or logout
+ */
+export declare function getValidOfflineSession(): Promise<OfflineSession | null>;
+/**
+ * Clear the offline session (on logout or session invalidation)
+ */
+export declare function clearOfflineSession(): Promise<void>;
+//# sourceMappingURL=offlineSession.d.ts.map

package/dist/auth/offlineSession.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"offlineSession.d.ts","sourceRoot":"","sources":["../../src/auth/offlineSession.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;AAI/C;;;;GAIG;AACH,wBAAsB,oBAAoB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC,CAqBlF;AAYD;;;;GAIG;AACH,wBAAsB,sBAAsB,IAAI,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC,CAE7E;AAED;;GAEG;AACH,wBAAsB,mBAAmB,IAAI,OAAO,CAAC,IAAI,CAAC,CAGzD"}

package/dist/auth/offlineSession.js

@@ -0,0 +1,54 @@
+/**
+ * Offline Session Management
+ * Handles creation, validation, and cleanup of offline sessions
+ */
+import { getEngineConfig } from '../config';
+const SESSION_ID = 'current_session';
+/**
+ * Create a new offline session
+ * @param userId - The Supabase user ID
+ * @returns The created session
+ */
+export async function createOfflineSession(userId) {
+    const now = new Date();
+    const db = getEngineConfig().db;
+    const session = {
+        id: SESSION_ID,
+        userId: userId,
+        offlineToken: crypto.randomUUID(),
+        createdAt: now.toISOString()
+    };
+    // Use put to insert or update the singleton record
+    await db.table('offlineSession').put(session);
+    // Verify the session was persisted by reading it back
+    const verified = await db.table('offlineSession').get(SESSION_ID);
+    if (!verified) {
+        throw new Error('Failed to persist offline session');
+    }
+    return session;
+}
+/**
+ * Get the current offline session
+ * Returns null if no session exists
+ */
+async function getOfflineSession() {
+    const db = getEngineConfig().db;
+    const session = await db.table('offlineSession').get(SESSION_ID);
+    return session || null;
+}
+/**
+ * Get a valid offline session
+ * Returns null if no session exists
+ * Note: Sessions don't expire - they're only revoked on re-auth or logout
+ */
+export async function getValidOfflineSession() {
+    return await getOfflineSession();
+}
+/**
+ * Clear the offline session (on logout or session invalidation)
+ */
+export async function clearOfflineSession() {
+    const db = getEngineConfig().db;
+    await db.table('offlineSession').delete(SESSION_ID);
+}
+//# sourceMappingURL=offlineSession.js.map

package/dist/auth/offlineSession.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"offlineSession.js","sourceRoot":"","sources":["../../src/auth/offlineSession.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,eAAe,EAAE,MAAM,WAAW,CAAC;AAG5C,MAAM,UAAU,GAAG,iBAAiB,CAAC;AAErC;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,MAAc;IACvD,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACvB,MAAM,EAAE,GAAG,eAAe,EAAE,CAAC,EAAG,CAAC;IAEjC,MAAM,OAAO,GAAmB;QAC9B,EAAE,EAAE,UAAU;QACd,MAAM,EAAE,MAAM;QACd,YAAY,EAAE,MAAM,CAAC,UAAU,EAAE;QACjC,SAAS,EAAE,GAAG,CAAC,WAAW,EAAE;KAC7B,CAAC;IAEF,mDAAmD;IACnD,MAAM,EAAE,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAE9C,sDAAsD;IACtD,MAAM,QAAQ,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IAClE,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;IACvD,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,iBAAiB;IAC9B,MAAM,EAAE,GAAG,eAAe,EAAE,CAAC,EAAG,CAAC;IACjC,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IACjE,OAAO,OAAO,IAAI,IAAI,CAAC;AACzB,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB;IAC1C,OAAO,MAAM,iBAAiB,EAAE,CAAC;AACnC,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB;IACvC,MAAM,EAAE,GAAG,eAAe,EAAE,CAAC,EAAG,CAAC;IACjC,MAAM,EAAE,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;AACtD,CAAC"}

package/dist/auth/resolveAuthState.d.ts

@@ -0,0 +1,24 @@
+/**
+ * Auth State Resolution
+ *
+ * Determines the current authentication state by checking Supabase session,
+ * offline session, and cached credentials. Used by app layouts to determine
+ * whether user is authenticated and in which mode.
+ */
+import type { Session } from '@supabase/supabase-js';
+import type { OfflineCredentials } from '../types';
+export interface AuthStateResult {
+    session: Session | null;
+    authMode: 'supabase' | 'offline' | 'none';
+    offlineProfile: OfflineCredentials | null;
+}
+/**
+ * Resolve the current authentication state.
+ *
+ * - Online: check Supabase session validity
+ * - Offline: check localStorage session, fallback to offline session + credential matching
+ * - Handles corrupted state cleanup
+ * - Does NOT start sync engine (caller decides)
+ */
+export declare function resolveAuthState(): Promise<AuthStateResult>;
+//# sourceMappingURL=resolveAuthState.d.ts.map

package/dist/auth/resolveAuthState.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"resolveAuthState.d.ts","sourceRoot":"","sources":["../../src/auth/resolveAuthState.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAC;AACrD,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,UAAU,CAAC;AAMnD,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,OAAO,GAAG,IAAI,CAAC;IACxB,QAAQ,EAAE,UAAU,GAAG,SAAS,GAAG,MAAM,CAAC;IAC1C,cAAc,EAAE,kBAAkB,GAAG,IAAI,CAAC;CAC3C;AAED;;;;;;;GAOG;AACH,wBAAsB,gBAAgB,IAAI,OAAO,CAAC,eAAe,CAAC,CAoDjE"}

package/dist/auth/resolveAuthState.js

@@ -0,0 +1,69 @@
+/**
+ * Auth State Resolution
+ *
+ * Determines the current authentication state by checking Supabase session,
+ * offline session, and cached credentials. Used by app layouts to determine
+ * whether user is authenticated and in which mode.
+ */
+import { getSession, isSessionExpired } from '../supabase/auth';
+import { getValidOfflineSession, clearOfflineSession } from './offlineSession';
+import { getOfflineCredentials } from './offlineCredentials';
+import { debugWarn, debugError } from '../debug';
+/**
+ * Resolve the current authentication state.
+ *
+ * - Online: check Supabase session validity
+ * - Offline: check localStorage session, fallback to offline session + credential matching
+ * - Handles corrupted state cleanup
+ * - Does NOT start sync engine (caller decides)
+ */
+export async function resolveAuthState() {
+    try {
+        const isOffline = typeof navigator !== 'undefined' && !navigator.onLine;
+        // Get session once and reuse (egress optimization)
+        const session = await getSession();
+        const hasValidSession = session && !isSessionExpired(session);
+        // ONLINE: Always use Supabase authentication
+        if (!isOffline) {
+            if (hasValidSession) {
+                return { session, authMode: 'supabase', offlineProfile: null };
+            }
+            // No valid Supabase session while online - user needs to login
+            return { session: null, authMode: 'none', offlineProfile: null };
+        }
+        // OFFLINE: Try Supabase session from localStorage first, then offline session
+        if (hasValidSession) {
+            return { session, authMode: 'supabase', offlineProfile: null };
+        }
+        // No valid Supabase session - check for offline session
+        const offlineSession = await getValidOfflineSession();
+        if (offlineSession) {
+            // SECURITY: Verify offline session matches cached credentials
+            const profile = await getOfflineCredentials();
+            if (profile && profile.userId === offlineSession.userId) {
+                return { session: null, authMode: 'offline', offlineProfile: profile };
+            }
+            // Mismatch: credentials changed after session created
+            debugWarn('[Auth] Offline session userId does not match credentials - clearing session');
+            await clearOfflineSession();
+        }
+        // No valid session while offline
+        return { session: null, authMode: 'none', offlineProfile: null };
+    }
+    catch (e) {
+        // If session retrieval fails completely (corrupted auth state),
+        // clear all Supabase auth data and return no session
+        debugError('[Auth] Failed to resolve auth state, clearing auth storage:', e);
+        try {
+            if (typeof localStorage !== 'undefined') {
+                const keys = Object.keys(localStorage).filter((k) => k.startsWith('sb-'));
+                keys.forEach((k) => localStorage.removeItem(k));
+            }
+        }
+        catch {
+            // Ignore storage errors
+        }
+        return { session: null, authMode: 'none', offlineProfile: null };
+    }
+}
+//# sourceMappingURL=resolveAuthState.js.map

package/dist/auth/resolveAuthState.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"resolveAuthState.js","sourceRoot":"","sources":["../../src/auth/resolveAuthState.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,OAAO,EAAE,UAAU,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AAChE,OAAO,EAAE,sBAAsB,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAC/E,OAAO,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAC7D,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAQjD;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB;IACpC,IAAI,CAAC;QACH,MAAM,SAAS,GAAG,OAAO,SAAS,KAAK,WAAW,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC;QAExE,mDAAmD;QACnD,MAAM,OAAO,GAAG,MAAM,UAAU,EAAE,CAAC;QACnC,MAAM,eAAe,GAAG,OAAO,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;QAE9D,6CAA6C;QAC7C,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,IAAI,eAAe,EAAE,CAAC;gBACpB,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,cAAc,EAAE,IAAI,EAAE,CAAC;YACjE,CAAC;YACD,+DAA+D;YAC/D,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,CAAC;QACnE,CAAC;QAED,8EAA8E;QAC9E,IAAI,eAAe,EAAE,CAAC;YACpB,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,cAAc,EAAE,IAAI,EAAE,CAAC;QACjE,CAAC;QAED,wDAAwD;QACxD,MAAM,cAAc,GAAG,MAAM,sBAAsB,EAAE,CAAC;QAEtD,IAAI,cAAc,EAAE,CAAC;YACnB,8DAA8D;YAC9D,MAAM,OAAO,GAAG,MAAM,qBAAqB,EAAE,CAAC;YAC9C,IAAI,OAAO,IAAI,OAAO,CAAC,MAAM,KAAK,cAAc,CAAC,MAAM,EAAE,CAAC;gBACxD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,cAAc,EAAE,OAAO,EAAE,CAAC;YACzE,CAAC;YACD,sDAAsD;YACtD,SAAS,CAAC,6EAA6E,CAAC,CAAC;YACzF,MAAM,mBAAmB,EAAE,CAAC;QAC9B,CAAC;QAED,iCAAiC;QACjC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,CAAC;IACnE,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,gEAAgE;QAChE,qDAAqD;QACrD,UAAU,CAAC,6DAA6D,EAAE,CAAC,CAAC,CAAC;QAC7E,IAAI,CAAC;YACH,IAAI,OAAO,YAAY,KAAK,WAAW,EAAE,CAAC;gBACxC,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC;gBAC1E,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,YAAY,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;YAClD,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,wBAAwB;QAC1B,CAAC;QACD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,CAAC;IACnE,CAAC;AACH,CAAC"}

package/dist/config.d.ts

@@ -0,0 +1,53 @@
+import type { SupabaseClient, User } from '@supabase/supabase-js';
+import type { Session } from '@supabase/supabase-js';
+import type Dexie from 'dexie';
+import { type DatabaseConfig } from './database';
+export interface SyncEngineConfig {
+    tables: TableConfig[];
+    prefix: string;
+    /** Provide a pre-created Dexie instance (backward compat). Mutually exclusive with `database`. */
+    db?: Dexie;
+    /** Provide a pre-created Supabase client (backward compat). Engine creates one internally if not provided. */
+    supabase?: SupabaseClient;
+    /** Engine creates and owns the Dexie instance when this is provided. */
+    database?: DatabaseConfig;
+    auth?: {
+        profileExtractor?: (userMetadata: Record<string, unknown>) => Record<string, unknown>;
+        profileToMetadata?: (profile: Record<string, unknown>) => Record<string, unknown>;
+        enableOfflineAuth?: boolean;
+        sessionValidationIntervalMs?: number;
+        confirmRedirectPath?: string;
+        /** Check if a user has admin privileges */
+        adminCheck?: (user: User | null) => boolean;
+    };
+    /** Called when Supabase auth state changes (SIGNED_IN, SIGNED_OUT, etc.) */
+    onAuthStateChange?: (event: string, session: Session | null) => void;
+    /** Called when user is kicked back to login (e.g., credentials invalid on reconnect) */
+    onAuthKicked?: (message: string) => void;
+    syncDebounceMs?: number;
+    syncIntervalMs?: number;
+    tombstoneMaxAgeDays?: number;
+    visibilitySyncMinAwayMs?: number;
+    onlineReconnectCooldownMs?: number;
+}
+export interface TableConfig {
+    supabaseName: string;
+    dexieTable: string;
+    columns: string;
+    ownershipFilter?: string;
+    isSingleton?: boolean;
+    excludeFromConflict?: string[];
+    numericMergeFields?: string[];
+    onRemoteChange?: (table: string, record: Record<string, unknown>) => void;
+}
+export declare function initEngine(config: SyncEngineConfig): void;
+export declare function getEngineConfig(): SyncEngineConfig;
+/**
+ * Get the Supabase-to-Dexie table mapping derived from config.
+ */
+export declare function getTableMap(): Record<string, string>;
+/**
+ * Get columns for a specific Supabase table from config.
+ */
+export declare function getTableColumns(supabaseName: string): string;
+//# sourceMappingURL=config.d.ts.map

package/dist/config.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,IAAI,EAAE,MAAM,uBAAuB,CAAC;AAClE,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAC;AACrD,OAAO,KAAK,KAAK,MAAM,OAAO,CAAC;AAK/B,OAAO,EAAiC,KAAK,cAAc,EAAE,MAAM,YAAY,CAAC;AAEhF,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,WAAW,EAAE,CAAC;IACtB,MAAM,EAAE,MAAM,CAAC;IAEf,kGAAkG;IAClG,EAAE,CAAC,EAAE,KAAK,CAAC;IACX,8GAA8G;IAC9G,QAAQ,CAAC,EAAE,cAAc,CAAC;IAC1B,wEAAwE;IACxE,QAAQ,CAAC,EAAE,cAAc,CAAC;IAE1B,IAAI,CAAC,EAAE;QACL,gBAAgB,CAAC,EAAE,CAAC,YAAY,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACtF,iBAAiB,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAClF,iBAAiB,CAAC,EAAE,OAAO,CAAC;QAC5B,2BAA2B,CAAC,EAAE,MAAM,CAAC;QACrC,mBAAmB,CAAC,EAAE,MAAM,CAAC;QAC7B,2CAA2C;QAC3C,UAAU,CAAC,EAAE,CAAC,IAAI,EAAE,IAAI,GAAG,IAAI,KAAK,OAAO,CAAC;KAC7C,CAAC;IAEF,4EAA4E;IAC5E,iBAAiB,CAAC,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,GAAG,IAAI,KAAK,IAAI,CAAC;IACrE,wFAAwF;IACxF,YAAY,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,IAAI,CAAC;IAEzC,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,uBAAuB,CAAC,EAAE,MAAM,CAAC;IACjC,yBAAyB,CAAC,EAAE,MAAM,CAAC;CACpC;AAED,MAAM,WAAW,WAAW;IAC1B,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC/B,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC9B,cAAc,CAAC,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,IAAI,CAAC;CAC3E;AAID,wBAAgB,UAAU,CAAC,MAAM,EAAE,gBAAgB,GAAG,IAAI,CAoBzD;AAED,wBAAgB,eAAe,IAAI,gBAAgB,CAKlD;AAGD;;GAEG;AACH,wBAAgB,WAAW,IAAI,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAOpD;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,YAAY,EAAE,MAAM,GAAG,MAAM,CAO5D"}