@prmichaelsen/agentbase-core 0.1.1 → 0.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +204 -87
- package/dist/client/api-types.generated.d.ts +4024 -0
- package/dist/client/api-types.generated.d.ts.map +1 -0
- package/dist/client/api-types.generated.js +6 -0
- package/dist/client/api-types.generated.js.map +1 -0
- package/dist/client/app.d.ts +126 -0
- package/dist/client/app.d.ts.map +1 -0
- package/dist/client/app.js +107 -0
- package/dist/client/app.js.map +1 -0
- package/dist/client/http-transport.d.ts +42 -0
- package/dist/client/http-transport.d.ts.map +1 -0
- package/dist/client/http-transport.js +113 -0
- package/dist/client/http-transport.js.map +1 -0
- package/dist/client/index.d.ts +6 -0
- package/dist/client/index.d.ts.map +1 -0
- package/dist/client/index.js +9 -0
- package/dist/client/index.js.map +1 -0
- package/dist/client/oauth.d.ts +86 -0
- package/dist/client/oauth.d.ts.map +1 -0
- package/dist/client/oauth.js +148 -0
- package/dist/client/oauth.js.map +1 -0
- package/dist/client/svc.d.ts +511 -0
- package/dist/client/svc.d.ts.map +1 -0
- package/dist/client/svc.js +409 -0
- package/dist/client/svc.js.map +1 -0
- package/dist/config/index.d.ts +34 -0
- package/dist/config/index.d.ts.map +1 -0
- package/dist/config/index.js +50 -0
- package/dist/config/index.js.map +1 -0
- package/dist/errors/app-errors.d.ts +34 -0
- package/dist/errors/app-errors.d.ts.map +1 -0
- package/dist/errors/app-errors.js +34 -0
- package/dist/errors/app-errors.js.map +1 -0
- package/dist/errors/base.error.d.ts +8 -0
- package/dist/errors/base.error.d.ts.map +1 -0
- package/dist/errors/base.error.js +9 -0
- package/dist/errors/base.error.js.map +1 -0
- package/dist/errors/index.d.ts +6 -0
- package/dist/errors/index.d.ts.map +1 -0
- package/dist/errors/index.js +12 -0
- package/dist/errors/index.js.map +1 -0
- package/dist/index.d.ts +6 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +5 -0
- package/dist/index.js.map +1 -1
- package/dist/lib/auth/error-handler.d.ts +6 -0
- package/dist/lib/auth/error-handler.d.ts.map +1 -0
- package/dist/lib/auth/error-handler.js +18 -0
- package/dist/lib/auth/error-handler.js.map +1 -0
- package/dist/lib/auth/guards.d.ts +5 -6
- package/dist/lib/auth/guards.d.ts.map +1 -1
- package/dist/lib/auth/guards.js +7 -18
- package/dist/lib/auth/guards.js.map +1 -1
- package/dist/lib/auth/index.d.ts +1 -0
- package/dist/lib/auth/index.d.ts.map +1 -1
- package/dist/lib/auth/index.js +1 -0
- package/dist/lib/auth/index.js.map +1 -1
- package/dist/lib/auth/session.d.ts.map +1 -1
- package/dist/lib/auth/session.js +8 -7
- package/dist/lib/auth/session.js.map +1 -1
- package/dist/lib/rate-limiter.d.ts.map +1 -1
- package/dist/lib/rate-limiter.js +2 -1
- package/dist/lib/rate-limiter.js.map +1 -1
- package/dist/services/auth.interface.d.ts +15 -0
- package/dist/services/auth.interface.d.ts.map +1 -0
- package/dist/services/auth.interface.js +2 -0
- package/dist/services/auth.interface.js.map +1 -0
- package/dist/services/base.service.d.ts +17 -1
- package/dist/services/base.service.d.ts.map +1 -1
- package/dist/services/base.service.js +26 -3
- package/dist/services/base.service.js.map +1 -1
- package/dist/services/confirmation-token.service.d.ts +5 -1
- package/dist/services/confirmation-token.service.d.ts.map +1 -1
- package/dist/services/confirmation-token.service.js.map +1 -1
- package/dist/services/index.d.ts +3 -2
- package/dist/services/index.d.ts.map +1 -1
- package/dist/services/index.js +1 -1
- package/dist/services/index.js.map +1 -1
- package/dist/types/branded.d.ts +24 -0
- package/dist/types/branded.d.ts.map +1 -0
- package/dist/types/branded.js +9 -0
- package/dist/types/branded.js.map +1 -0
- package/dist/types/index.d.ts +4 -0
- package/dist/types/index.d.ts.map +1 -1
- package/dist/types/index.js +3 -1
- package/dist/types/index.js.map +1 -1
- package/dist/types/result.d.ts +20 -0
- package/dist/types/result.d.ts.map +1 -0
- package/dist/types/result.js +44 -0
- package/dist/types/result.js.map +1 -0
- package/package.json +16 -2
- package/dist/lib/auth/guards.test.d.ts +0 -2
- package/dist/lib/auth/guards.test.d.ts.map +0 -1
- package/dist/lib/auth/guards.test.js +0 -105
- package/dist/lib/auth/guards.test.js.map +0 -1
- package/dist/lib/auth/helpers.test.d.ts +0 -2
- package/dist/lib/auth/helpers.test.d.ts.map +0 -1
- package/dist/lib/auth/helpers.test.js +0 -43
- package/dist/lib/auth/helpers.test.js.map +0 -1
- package/dist/lib/auth/session.test.d.ts +0 -2
- package/dist/lib/auth/session.test.d.ts.map +0 -1
- package/dist/lib/auth/session.test.js +0 -114
- package/dist/lib/auth/session.test.js.map +0 -1
- package/dist/lib/firebase-admin.test.d.ts +0 -2
- package/dist/lib/firebase-admin.test.d.ts.map +0 -1
- package/dist/lib/firebase-admin.test.js +0 -36
- package/dist/lib/firebase-admin.test.js.map +0 -1
- package/dist/lib/firebase-client.test.d.ts +0 -2
- package/dist/lib/firebase-client.test.d.ts.map +0 -1
- package/dist/lib/firebase-client.test.js +0 -167
- package/dist/lib/firebase-client.test.js.map +0 -1
- package/dist/lib/format-time.test.d.ts +0 -2
- package/dist/lib/format-time.test.d.ts.map +0 -1
- package/dist/lib/format-time.test.js +0 -41
- package/dist/lib/format-time.test.js.map +0 -1
- package/dist/lib/linkify.test.d.ts +0 -2
- package/dist/lib/linkify.test.d.ts.map +0 -1
- package/dist/lib/linkify.test.js +0 -40
- package/dist/lib/linkify.test.js.map +0 -1
- package/dist/lib/logger.test.d.ts +0 -2
- package/dist/lib/logger.test.d.ts.map +0 -1
- package/dist/lib/logger.test.js +0 -167
- package/dist/lib/logger.test.js.map +0 -1
- package/dist/lib/rate-limiter.test.d.ts +0 -2
- package/dist/lib/rate-limiter.test.d.ts.map +0 -1
- package/dist/lib/rate-limiter.test.js +0 -70
- package/dist/lib/rate-limiter.test.js.map +0 -1
- package/dist/lib/uuid.test.d.ts +0 -2
- package/dist/lib/uuid.test.d.ts.map +0 -1
- package/dist/lib/uuid.test.js +0 -22
- package/dist/lib/uuid.test.js.map +0 -1
- package/dist/services/base.service.test.d.ts +0 -2
- package/dist/services/base.service.test.d.ts.map +0 -1
- package/dist/services/base.service.test.js +0 -62
- package/dist/services/base.service.test.js.map +0 -1
- package/dist/services/confirmation-token.service.test.d.ts +0 -2
- package/dist/services/confirmation-token.service.test.d.ts.map +0 -1
- package/dist/services/confirmation-token.service.test.js +0 -65
- package/dist/services/confirmation-token.service.test.js.map +0 -1
- package/dist/smoke.test.d.ts +0 -2
- package/dist/smoke.test.d.ts.map +0 -1
- package/dist/smoke.test.js +0 -7
- package/dist/smoke.test.js.map +0 -1
package/dist/index.d.ts
CHANGED
|
@@ -3,7 +3,13 @@ export type { Logger } from './services/base.service.js';
|
|
|
3
3
|
export { ConfirmationTokenService } from './services/confirmation-token.service.js';
|
|
4
4
|
export type { PendingAction } from './services/confirmation-token.service.js';
|
|
5
5
|
export type { AuthUser, ServerSession, AuthResult } from './types/index.js';
|
|
6
|
+
export type { Ok, Err, Result } from './types/index.js';
|
|
7
|
+
export { ok, err, isOk, isErr, mapOk, mapErr, andThen, getOrElse, tryCatch, tryCatchAsync } from './types/index.js';
|
|
8
|
+
export { AppError, ValidationError, NotFoundError, UnauthorizedError, ForbiddenError, ConflictError, RateLimitError, ExternalError, InternalError, isAppError, errorToStatusCode, } from './errors/index.js';
|
|
9
|
+
export type { ErrorKind } from './errors/index.js';
|
|
6
10
|
export { createLogger, sanitizeToken, sanitizeEmail, sanitizeUserId, sanitizeObject, authLogger, apiLogger, dbLogger, chatLogger, initFirebaseAdmin, initializeFirebase, getFirebaseApp, getFirebaseAuth, signIn, signUp, signInAnonymously, upgradeAnonymousAccount, upgradeAnonymousWithPopup, resetPassword, logout, onAuthChange, getCurrentUser, getIdToken, getServerSession, isAuthenticated, createSessionCookie, revokeSession, isRealUser, isRealUserServer, requireAuth, requireAdmin, isAdmin, formatExactTime, getRelativeTime, linkifyText, generateUUID, checkRateLimit, createRateLimitResponse, getRateLimitIdentifier, } from './lib/index.js';
|
|
7
11
|
export type { User, UserCredential, Auth } from './lib/index.js';
|
|
8
12
|
export type { RateLimitConfig, RateLimitResult } from './lib/index.js';
|
|
13
|
+
export { loadConfig, validateConfig } from './config/index.js';
|
|
14
|
+
export type { AgentbaseConfig, FirebaseAdminConfig, FirebaseClientConfig, AuthConfig } from './config/index.js';
|
|
9
15
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAA;AACxD,YAAY,EAAE,MAAM,EAAE,MAAM,4BAA4B,CAAA;AACxD,OAAO,EAAE,wBAAwB,EAAE,MAAM,0CAA0C,CAAA;AACnF,YAAY,EAAE,aAAa,EAAE,MAAM,0CAA0C,CAAA;AAG7E,YAAY,EAAE,QAAQ,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAA;AACxD,YAAY,EAAE,MAAM,EAAE,MAAM,4BAA4B,CAAA;AACxD,OAAO,EAAE,wBAAwB,EAAE,MAAM,0CAA0C,CAAA;AACnF,YAAY,EAAE,aAAa,EAAE,MAAM,0CAA0C,CAAA;AAG7E,YAAY,EAAE,QAAQ,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAC3E,YAAY,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAA;AACvD,OAAO,EAAE,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAA;AAGnH,OAAO,EACL,QAAQ,EACR,eAAe,EACf,aAAa,EACb,iBAAiB,EACjB,cAAc,EACd,aAAa,EACb,cAAc,EACd,aAAa,EACb,aAAa,EACb,UAAU,EACV,iBAAiB,GAClB,MAAM,mBAAmB,CAAA;AAC1B,YAAY,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAA;AAGlD,OAAO,EAEL,YAAY,EACZ,aAAa,EACb,aAAa,EACb,cAAc,EACd,cAAc,EACd,UAAU,EACV,SAAS,EACT,QAAQ,EACR,UAAU,EAEV,iBAAiB,EACjB,kBAAkB,EAClB,cAAc,EACd,eAAe,EACf,MAAM,EACN,MAAM,EACN,iBAAiB,EACjB,uBAAuB,EACvB,yBAAyB,EACzB,aAAa,EACb,MAAM,EACN,YAAY,EACZ,cAAc,EACd,UAAU,EAEV,gBAAgB,EAChB,eAAe,EACf,mBAAmB,EACnB,aAAa,EACb,UAAU,EACV,gBAAgB,EAChB,WAAW,EACX,YAAY,EACZ,OAAO,EAEP,eAAe,EACf,eAAe,EACf,WAAW,EACX,YAAY,EACZ,cAAc,EACd,uBAAuB,EACvB,sBAAsB,GACvB,MAAM,gBAAgB,CAAA;AAEvB,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAA;AAChE,YAAY,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAA;AAGtE,OAAO,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAA;AAC9D,YAAY,EAAE,eAAe,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAA"}
|
package/dist/index.js
CHANGED
|
@@ -3,6 +3,9 @@
|
|
|
3
3
|
// Services
|
|
4
4
|
export { BaseService } from './services/base.service.js';
|
|
5
5
|
export { ConfirmationTokenService } from './services/confirmation-token.service.js';
|
|
6
|
+
export { ok, err, isOk, isErr, mapOk, mapErr, andThen, getOrElse, tryCatch, tryCatchAsync } from './types/index.js';
|
|
7
|
+
// Errors
|
|
8
|
+
export { AppError, ValidationError, NotFoundError, UnauthorizedError, ForbiddenError, ConflictError, RateLimitError, ExternalError, InternalError, isAppError, errorToStatusCode, } from './errors/index.js';
|
|
6
9
|
// Lib — re-export everything
|
|
7
10
|
export {
|
|
8
11
|
// Logger
|
|
@@ -13,4 +16,6 @@ initFirebaseAdmin, initializeFirebase, getFirebaseApp, getFirebaseAuth, signIn,
|
|
|
13
16
|
getServerSession, isAuthenticated, createSessionCookie, revokeSession, isRealUser, isRealUserServer, requireAuth, requireAdmin, isAdmin,
|
|
14
17
|
// Utilities
|
|
15
18
|
formatExactTime, getRelativeTime, linkifyText, generateUUID, checkRateLimit, createRateLimitResponse, getRateLimitIdentifier, } from './lib/index.js';
|
|
19
|
+
// Config
|
|
20
|
+
export { loadConfig, validateConfig } from './config/index.js';
|
|
16
21
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,+BAA+B;AAC/B,uDAAuD;AAEvD,WAAW;AACX,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAA;AAExD,OAAO,EAAE,wBAAwB,EAAE,MAAM,0CAA0C,CAAA;AAMnF,6BAA6B;AAC7B,OAAO;AACL,SAAS;AACT,YAAY,EACZ,aAAa,EACb,aAAa,EACb,cAAc,EACd,cAAc,EACd,UAAU,EACV,SAAS,EACT,QAAQ,EACR,UAAU;AACV,WAAW;AACX,iBAAiB,EACjB,kBAAkB,EAClB,cAAc,EACd,eAAe,EACf,MAAM,EACN,MAAM,EACN,iBAAiB,EACjB,uBAAuB,EACvB,yBAAyB,EACzB,aAAa,EACb,MAAM,EACN,YAAY,EACZ,cAAc,EACd,UAAU;AACV,OAAO;AACP,gBAAgB,EAChB,eAAe,EACf,mBAAmB,EACnB,aAAa,EACb,UAAU,EACV,gBAAgB,EAChB,WAAW,EACX,YAAY,EACZ,OAAO;AACP,YAAY;AACZ,eAAe,EACf,eAAe,EACf,WAAW,EACX,YAAY,EACZ,cAAc,EACd,uBAAuB,EACvB,sBAAsB,GACvB,MAAM,gBAAgB,CAAA"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,+BAA+B;AAC/B,uDAAuD;AAEvD,WAAW;AACX,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAA;AAExD,OAAO,EAAE,wBAAwB,EAAE,MAAM,0CAA0C,CAAA;AAMnF,OAAO,EAAE,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAA;AAEnH,SAAS;AACT,OAAO,EACL,QAAQ,EACR,eAAe,EACf,aAAa,EACb,iBAAiB,EACjB,cAAc,EACd,aAAa,EACb,cAAc,EACd,aAAa,EACb,aAAa,EACb,UAAU,EACV,iBAAiB,GAClB,MAAM,mBAAmB,CAAA;AAG1B,6BAA6B;AAC7B,OAAO;AACL,SAAS;AACT,YAAY,EACZ,aAAa,EACb,aAAa,EACb,cAAc,EACd,cAAc,EACd,UAAU,EACV,SAAS,EACT,QAAQ,EACR,UAAU;AACV,WAAW;AACX,iBAAiB,EACjB,kBAAkB,EAClB,cAAc,EACd,eAAe,EACf,MAAM,EACN,MAAM,EACN,iBAAiB,EACjB,uBAAuB,EACvB,yBAAyB,EACzB,aAAa,EACb,MAAM,EACN,YAAY,EACZ,cAAc,EACd,UAAU;AACV,OAAO;AACP,gBAAgB,EAChB,eAAe,EACf,mBAAmB,EACnB,aAAa,EACb,UAAU,EACV,gBAAgB,EAChB,WAAW,EACX,YAAY,EACZ,OAAO;AACP,YAAY;AACZ,eAAe,EACf,eAAe,EACf,WAAW,EACX,YAAY,EACZ,cAAc,EACd,uBAAuB,EACvB,sBAAsB,GACvB,MAAM,gBAAgB,CAAA;AAKvB,SAAS;AACT,OAAO,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAA"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"error-handler.d.ts","sourceRoot":"","sources":["../../../src/lib/auth/error-handler.ts"],"names":[],"mappings":"AAEA;;;GAGG;AACH,wBAAgB,eAAe,CAAC,GAAG,EAAE,OAAO,GAAG,QAAQ,CAkBtD"}
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
import { isAppError } from '../../errors/index.js';
|
|
2
|
+
/**
|
|
3
|
+
* Convert an error to an HTTP Response.
|
|
4
|
+
* Use in route handlers to catch typed errors from guards/services.
|
|
5
|
+
*/
|
|
6
|
+
export function handleAuthError(err) {
|
|
7
|
+
if (isAppError(err)) {
|
|
8
|
+
return new Response(JSON.stringify({ error: err.message }), {
|
|
9
|
+
status: err.statusCode,
|
|
10
|
+
headers: { 'Content-Type': 'application/json' },
|
|
11
|
+
});
|
|
12
|
+
}
|
|
13
|
+
return new Response(JSON.stringify({ error: 'Internal server error' }), {
|
|
14
|
+
status: 500,
|
|
15
|
+
headers: { 'Content-Type': 'application/json' },
|
|
16
|
+
});
|
|
17
|
+
}
|
|
18
|
+
//# sourceMappingURL=error-handler.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"error-handler.js","sourceRoot":"","sources":["../../../src/lib/auth/error-handler.ts"],"names":[],"mappings":"AAAA,OAAO,EAAY,UAAU,EAAE,MAAM,uBAAuB,CAAA;AAE5D;;;GAGG;AACH,MAAM,UAAU,eAAe,CAAC,GAAY;IAC1C,IAAI,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACpB,OAAO,IAAI,QAAQ,CACjB,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,EACtC;YACE,MAAM,EAAE,GAAG,CAAC,UAAU;YACtB,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;SAChD,CACF,CAAA;IACH,CAAC;IAED,OAAO,IAAI,QAAQ,CACjB,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,uBAAuB,EAAE,CAAC,EAClD;QACE,MAAM,EAAE,GAAG;QACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;KAChD,CACF,CAAA;AACH,CAAC"}
|
|
@@ -1,15 +1,14 @@
|
|
|
1
1
|
/**
|
|
2
|
-
*
|
|
3
|
-
* @returns Response object with error if not authenticated, null if authorized
|
|
2
|
+
* Require authentication. Throws UnauthorizedError if not authenticated.
|
|
4
3
|
*/
|
|
5
|
-
export declare function requireAuth(request: Request): Promise<
|
|
4
|
+
export declare function requireAuth(request: Request): Promise<void>;
|
|
6
5
|
/**
|
|
7
|
-
*
|
|
6
|
+
* Require admin access. Throws UnauthorizedError or ForbiddenError.
|
|
8
7
|
* @param ownerEmails Comma-separated admin emails (or pass via env)
|
|
9
8
|
*/
|
|
10
|
-
export declare function requireAdmin(request: Request, ownerEmails?: string): Promise<
|
|
9
|
+
export declare function requireAdmin(request: Request, ownerEmails?: string): Promise<void>;
|
|
11
10
|
/**
|
|
12
|
-
* Check if a user is an admin
|
|
11
|
+
* Check if a user is an admin (boolean, does not throw)
|
|
13
12
|
*/
|
|
14
13
|
export declare function isAdmin(request: Request, ownerEmails?: string): Promise<boolean>;
|
|
15
14
|
//# sourceMappingURL=guards.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"guards.d.ts","sourceRoot":"","sources":["../../../src/lib/auth/guards.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"guards.d.ts","sourceRoot":"","sources":["../../../src/lib/auth/guards.ts"],"names":[],"mappings":"AAGA;;GAEG;AACH,wBAAsB,WAAW,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,CAMjE;AAED;;;GAGG;AACH,wBAAsB,YAAY,CAAC,OAAO,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAYxF;AAED;;GAEG;AACH,wBAAsB,OAAO,CAAC,OAAO,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAStF"}
|
package/dist/lib/auth/guards.js
CHANGED
|
@@ -1,41 +1,30 @@
|
|
|
1
1
|
import { getServerSession } from './session.js';
|
|
2
|
+
import { UnauthorizedError, ForbiddenError } from '../../errors/index.js';
|
|
2
3
|
/**
|
|
3
|
-
*
|
|
4
|
-
* @returns Response object with error if not authenticated, null if authorized
|
|
4
|
+
* Require authentication. Throws UnauthorizedError if not authenticated.
|
|
5
5
|
*/
|
|
6
6
|
export async function requireAuth(request) {
|
|
7
7
|
const session = await getServerSession(request);
|
|
8
8
|
if (!session || !session.user) {
|
|
9
|
-
|
|
10
|
-
status: 401,
|
|
11
|
-
headers: { 'Content-Type': 'application/json' },
|
|
12
|
-
});
|
|
9
|
+
throw new UnauthorizedError('Authentication required');
|
|
13
10
|
}
|
|
14
|
-
return null;
|
|
15
11
|
}
|
|
16
12
|
/**
|
|
17
|
-
*
|
|
13
|
+
* Require admin access. Throws UnauthorizedError or ForbiddenError.
|
|
18
14
|
* @param ownerEmails Comma-separated admin emails (or pass via env)
|
|
19
15
|
*/
|
|
20
16
|
export async function requireAdmin(request, ownerEmails) {
|
|
21
17
|
const session = await getServerSession(request);
|
|
22
18
|
if (!session || !session.user) {
|
|
23
|
-
|
|
24
|
-
status: 401,
|
|
25
|
-
headers: { 'Content-Type': 'application/json' },
|
|
26
|
-
});
|
|
19
|
+
throw new UnauthorizedError('Authentication required');
|
|
27
20
|
}
|
|
28
21
|
const emails = (ownerEmails ?? process.env.OWNER_EMAILS ?? '').split(',').map(e => e.trim());
|
|
29
22
|
if (!session.user.email || !emails.includes(session.user.email)) {
|
|
30
|
-
|
|
31
|
-
status: 403,
|
|
32
|
-
headers: { 'Content-Type': 'application/json' },
|
|
33
|
-
});
|
|
23
|
+
throw new ForbiddenError('Admin access required');
|
|
34
24
|
}
|
|
35
|
-
return null;
|
|
36
25
|
}
|
|
37
26
|
/**
|
|
38
|
-
* Check if a user is an admin
|
|
27
|
+
* Check if a user is an admin (boolean, does not throw)
|
|
39
28
|
*/
|
|
40
29
|
export async function isAdmin(request, ownerEmails) {
|
|
41
30
|
const session = await getServerSession(request);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"guards.js","sourceRoot":"","sources":["../../../src/lib/auth/guards.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;
|
|
1
|
+
{"version":3,"file":"guards.js","sourceRoot":"","sources":["../../../src/lib/auth/guards.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EAAE,iBAAiB,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAE1E;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,OAAgB;IAChD,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,OAAO,CAAC,CAAC;IAEhD,IAAI,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;QAC9B,MAAM,IAAI,iBAAiB,CAAC,yBAAyB,CAAC,CAAC;IACzD,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,OAAgB,EAAE,WAAoB;IACvE,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,OAAO,CAAC,CAAC;IAEhD,IAAI,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;QAC9B,MAAM,IAAI,iBAAiB,CAAC,yBAAyB,CAAC,CAAC;IACzD,CAAC;IAED,MAAM,MAAM,GAAG,CAAC,WAAW,IAAI,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;IAE7F,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;QAChE,MAAM,IAAI,cAAc,CAAC,uBAAuB,CAAC,CAAC;IACpD,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,OAAO,CAAC,OAAgB,EAAE,WAAoB;IAClE,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,OAAO,CAAC,CAAC;IAEhD,IAAI,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;QACrD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,MAAM,GAAG,CAAC,WAAW,IAAI,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;IAC7F,OAAO,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AAC7C,CAAC"}
|
package/dist/lib/auth/index.d.ts
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
export { getServerSession, isAuthenticated, createSessionCookie, revokeSession } from './session.js';
|
|
2
2
|
export { isRealUser, isRealUserServer } from './helpers.js';
|
|
3
3
|
export { requireAuth, requireAdmin, isAdmin } from './guards.js';
|
|
4
|
+
export { handleAuthError } from './error-handler.js';
|
|
4
5
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/lib/auth/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,eAAe,EAAE,mBAAmB,EAAE,aAAa,EAAE,MAAM,cAAc,CAAA;AACpG,OAAO,EAAE,UAAU,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAA;AAC3D,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,OAAO,EAAE,MAAM,aAAa,CAAA"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/lib/auth/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,eAAe,EAAE,mBAAmB,EAAE,aAAa,EAAE,MAAM,cAAc,CAAA;AACpG,OAAO,EAAE,UAAU,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAA;AAC3D,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,OAAO,EAAE,MAAM,aAAa,CAAA;AAChE,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAA"}
|
package/dist/lib/auth/index.js
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
export { getServerSession, isAuthenticated, createSessionCookie, revokeSession } from './session.js';
|
|
2
2
|
export { isRealUser, isRealUserServer } from './helpers.js';
|
|
3
3
|
export { requireAuth, requireAdmin, isAdmin } from './guards.js';
|
|
4
|
+
export { handleAuthError } from './error-handler.js';
|
|
4
5
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/lib/auth/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,eAAe,EAAE,mBAAmB,EAAE,aAAa,EAAE,MAAM,cAAc,CAAA;AACpG,OAAO,EAAE,UAAU,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAA;AAC3D,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,OAAO,EAAE,MAAM,aAAa,CAAA"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/lib/auth/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,eAAe,EAAE,mBAAmB,EAAE,aAAa,EAAE,MAAM,cAAc,CAAA;AACpG,OAAO,EAAE,UAAU,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAA;AAC3D,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,OAAO,EAAE,MAAM,aAAa,CAAA;AAChE,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAA"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"session.d.ts","sourceRoot":"","sources":["../../../src/lib/auth/session.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAY,aAAa,EAAE,MAAM,sBAAsB,CAAC;
|
|
1
|
+
{"version":3,"file":"session.d.ts","sourceRoot":"","sources":["../../../src/lib/auth/session.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAY,aAAa,EAAE,MAAM,sBAAsB,CAAC;AA+BpE;;;;GAIG;AACH,wBAAsB,gBAAgB,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,CAsCtF;AAED;;GAEG;AACH,wBAAsB,eAAe,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAGxE;AAED;;;;;GAKG;AACH,wBAAsB,mBAAmB,CAAC,OAAO,EAAE,MAAM,EAAE,WAAW,SAA2B,GAAG,OAAO,CAAC,MAAM,CAAC,CAYlH;AAED;;GAEG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,CAWnE"}
|
package/dist/lib/auth/session.js
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import { verifyIdToken, verifySessionCookie, createSessionCookie as createFirebaseSessionCookie } from '@prmichaelsen/firebase-admin-sdk-v8';
|
|
2
2
|
import { authLogger } from '../logger.js';
|
|
3
|
+
import { ExternalError } from '../../errors/index.js';
|
|
3
4
|
/**
|
|
4
5
|
* Get the session cookie from a request
|
|
5
6
|
*/
|
|
@@ -17,7 +18,7 @@ function getSessionCookie(request) {
|
|
|
17
18
|
return cookies.session;
|
|
18
19
|
}
|
|
19
20
|
catch (error) {
|
|
20
|
-
|
|
21
|
+
authLogger.error('Failed to parse session cookie', error);
|
|
21
22
|
return undefined;
|
|
22
23
|
}
|
|
23
24
|
}
|
|
@@ -78,12 +79,12 @@ export async function createSessionCookie(idToken, expiresInMs = 60 * 60 * 24 *
|
|
|
78
79
|
const sessionCookie = await createFirebaseSessionCookie(idToken, {
|
|
79
80
|
expiresIn: expiresInMs
|
|
80
81
|
});
|
|
81
|
-
|
|
82
|
+
authLogger.info('Session cookie created');
|
|
82
83
|
return sessionCookie;
|
|
83
84
|
}
|
|
84
85
|
catch (error) {
|
|
85
|
-
|
|
86
|
-
throw new
|
|
86
|
+
authLogger.error('Failed to create session cookie', error);
|
|
87
|
+
throw new ExternalError('Failed to create session cookie', { idTokenPrefix: idToken.substring(0, 8) });
|
|
87
88
|
}
|
|
88
89
|
}
|
|
89
90
|
/**
|
|
@@ -93,12 +94,12 @@ export async function revokeSession(request) {
|
|
|
93
94
|
try {
|
|
94
95
|
const session = await getServerSession(request);
|
|
95
96
|
if (session?.user) {
|
|
96
|
-
|
|
97
|
+
authLogger.info('Session revoked', { userId: session.user.uid });
|
|
97
98
|
}
|
|
98
99
|
}
|
|
99
100
|
catch (error) {
|
|
100
|
-
|
|
101
|
-
throw new
|
|
101
|
+
authLogger.error('Failed to revoke session', error);
|
|
102
|
+
throw new ExternalError('Failed to revoke session');
|
|
102
103
|
}
|
|
103
104
|
}
|
|
104
105
|
//# sourceMappingURL=session.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"session.js","sourceRoot":"","sources":["../../../src/lib/auth/session.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,aAAa,EACb,mBAAmB,EACnB,mBAAmB,IAAI,2BAA2B,EACnD,MAAM,qCAAqC,CAAC;AAE7C,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;
|
|
1
|
+
{"version":3,"file":"session.js","sourceRoot":"","sources":["../../../src/lib/auth/session.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,aAAa,EACb,mBAAmB,EACnB,mBAAmB,IAAI,2BAA2B,EACnD,MAAM,qCAAqC,CAAC;AAE7C,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC1C,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAEtD;;GAEG;AACH,SAAS,gBAAgB,CAAC,OAAgB;IACxC,IAAI,CAAC;QACH,MAAM,YAAY,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAEnD,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,MAAM,OAAO,GAAG,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAC5C,CAAC,GAAG,EAAE,MAAM,EAAE,EAAE;YACd,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAC/C,GAAG,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC;YAClB,OAAO,GAAG,CAAC;QACb,CAAC,EACD,EAA4B,CAC7B,CAAC;QAEF,OAAO,OAAO,CAAC,OAAO,CAAC;IACzB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,UAAU,CAAC,KAAK,CAAC,gCAAgC,EAAE,KAAc,CAAC,CAAC;QACnE,OAAO,SAAS,CAAC;IACnB,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,OAAgB;IACrD,IAAI,CAAC;QACH,UAAU,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC;QAC3C,MAAM,aAAa,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;QAEhD,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,UAAU,CAAC,KAAK,CAAC,yBAAyB,CAAC,CAAC;YAC5C,OAAO,IAAI,CAAC;QACd,CAAC;QAED,UAAU,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAC;QAEpD,IAAI,YAAY,CAAC;QACjB,IAAI,CAAC;YACH,YAAY,GAAG,MAAM,mBAAmB,CAAC,aAAa,CAAC,CAAC;QAC1D,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,UAAU,CAAC,KAAK,CAAC,kEAAkE,CAAC,CAAC;YACrF,YAAY,GAAG,MAAM,aAAa,CAAC,aAAa,CAAC,CAAC;QACpD,CAAC;QAED,UAAU,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,MAAM,EAAE,YAAY,CAAC,GAAG,EAAE,CAAC,CAAC;QAEhE,MAAM,WAAW,GAAG,YAAY,CAAC,QAAQ,EAAE,gBAAgB,KAAK,WAAW,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC;QAEnG,MAAM,IAAI,GAAa;YACrB,GAAG,EAAE,YAAY,CAAC,GAAG;YACrB,KAAK,EAAE,YAAY,CAAC,KAAK,IAAI,IAAI;YACjC,WAAW,EAAE,YAAY,CAAC,IAAI,IAAI,IAAI;YACtC,QAAQ,EAAE,YAAY,CAAC,OAAO,IAAI,IAAI;YACtC,aAAa,EAAE,YAAY,CAAC,cAAc,IAAI,KAAK;YACnD,WAAW;SACZ,CAAC;QAEF,OAAO,EAAE,IAAI,EAAE,CAAC;IAClB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,UAAU,CAAC,KAAK,CAAC,8BAA8B,EAAE,KAAc,CAAC,CAAC;QACjE,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,OAAgB;IACpD,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,OAAO,CAAC,CAAC;IAChD,OAAO,OAAO,KAAK,IAAI,CAAC;AAC1B,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,OAAe,EAAE,WAAW,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI;IAC/F,IAAI,CAAC;QACH,MAAM,aAAa,GAAG,MAAM,2BAA2B,CAAC,OAAO,EAAE;YAC/D,SAAS,EAAE,WAAW;SACvB,CAAC,CAAC;QAEH,UAAU,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;QAC1C,OAAO,aAAa,CAAC;IACvB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,UAAU,CAAC,KAAK,CAAC,iCAAiC,EAAE,KAAc,CAAC,CAAC;QACpE,MAAM,IAAI,aAAa,CAAC,iCAAiC,EAAE,EAAE,aAAa,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;IACzG,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,OAAgB;IAClD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,OAAO,CAAC,CAAC;QAEhD,IAAI,OAAO,EAAE,IAAI,EAAE,CAAC;YAClB,UAAU,CAAC,IAAI,CAAC,iBAAiB,EAAE,EAAE,MAAM,EAAE,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;QACnE,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,UAAU,CAAC,KAAK,CAAC,0BAA0B,EAAE,KAAc,CAAC,CAAC;QAC7D,MAAM,IAAI,aAAa,CAAC,0BAA0B,CAAC,CAAC;IACtD,CAAC;AACH,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rate-limiter.d.ts","sourceRoot":"","sources":["../../src/lib/rate-limiter.ts"],"names":[],"mappings":"AAAA;;;;GAIG;
|
|
1
|
+
{"version":3,"file":"rate-limiter.d.ts","sourceRoot":"","sources":["../../src/lib/rate-limiter.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,MAAM,WAAW,eAAe;IAC9B,KAAK,EAAE,MAAM,CAAA;IACb,MAAM,EAAE,MAAM,CAAA;IACd,SAAS,EAAE,MAAM,CAAA;CAClB;AAED,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,OAAO,CAAA;IAChB,KAAK,EAAE,MAAM,CAAA;IACb,SAAS,EAAE,MAAM,CAAA;IACjB,UAAU,CAAC,EAAE,MAAM,CAAA;CACpB;AAED;;GAEG;AACH,wBAAsB,cAAc,CAClC,WAAW,EAAE,GAAG,EAAG,kCAAkC;AACrD,UAAU,EAAE,MAAM,EAClB,MAAM,EAAE,eAAe,GACtB,OAAO,CAAC,eAAe,CAAC,CAqB1B;AAED;;GAEG;AACH,wBAAgB,uBAAuB,CAAC,MAAM,EAAE,eAAe,GAAG,QAAQ,CAqBzE;AAED;;;GAGG;AACH,wBAAgB,sBAAsB,CAAC,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,CAUhF"}
|
package/dist/lib/rate-limiter.js
CHANGED
|
@@ -3,6 +3,7 @@
|
|
|
3
3
|
*
|
|
4
4
|
* Provides rate limiting functionality using Cloudflare Workers Rate Limiting API
|
|
5
5
|
*/
|
|
6
|
+
import { apiLogger } from './logger.js';
|
|
6
7
|
/**
|
|
7
8
|
* Check rate limit for a request
|
|
8
9
|
*/
|
|
@@ -19,7 +20,7 @@ identifier, config) {
|
|
|
19
20
|
};
|
|
20
21
|
}
|
|
21
22
|
catch (error) {
|
|
22
|
-
|
|
23
|
+
apiLogger.error('Rate limit check failed, failing open', error);
|
|
23
24
|
// Fail open - allow request if rate limiter fails
|
|
24
25
|
return {
|
|
25
26
|
success: true,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rate-limiter.js","sourceRoot":"","sources":["../../src/lib/rate-limiter.ts"],"names":[],"mappings":"AAAA;;;;GAIG;
|
|
1
|
+
{"version":3,"file":"rate-limiter.js","sourceRoot":"","sources":["../../src/lib/rate-limiter.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAA;AAevC;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,WAAgB,EAAG,kCAAkC;AACrD,UAAkB,EAClB,MAAuB;IAEvB,MAAM,GAAG,GAAG,GAAG,MAAM,CAAC,SAAS,IAAI,UAAU,EAAE,CAAA;IAE/C,IAAI,CAAC;QACH,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,MAAM,WAAW,CAAC,KAAK,CAAC,EAAE,GAAG,EAAE,CAAC,CAAA;QAElF,OAAO;YACL,OAAO;YACP,KAAK;YACL,SAAS;YACT,UAAU;SACX,CAAA;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,SAAS,CAAC,KAAK,CAAC,uCAAuC,EAAE,KAAc,CAAC,CAAA;QACxE,kDAAkD;QAClD,OAAO;YACL,OAAO,EAAE,IAAI;YACb,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,SAAS,EAAE,MAAM,CAAC,KAAK;SACxB,CAAA;IACH,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,uBAAuB,CAAC,MAAuB;IAC7D,MAAM,UAAU,GAAG,MAAM,CAAC,UAAU,IAAI,EAAE,CAAA;IAC1C,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,IAAI,GAAG,CAAA;IACjC,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,IAAI,CAAC,CAAA;IAEvC,OAAO,IAAI,QAAQ,CACjB,IAAI,CAAC,SAAS,CAAC;QACb,KAAK,EAAE,mBAAmB;QAC1B,OAAO,EAAE,8CAA8C;QACvD,UAAU;KACX,CAAC,EACF;QACE,MAAM,EAAE,GAAG;QACX,OAAO,EAAE;YACP,cAAc,EAAE,kBAAkB;YAClC,aAAa,EAAE,UAAU,CAAC,QAAQ,EAAE;YACpC,mBAAmB,EAAE,KAAK,CAAC,QAAQ,EAAE;YACrC,uBAAuB,EAAE,SAAS,CAAC,QAAQ,EAAE;SAC9C;KACF,CACF,CAAA;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,sBAAsB,CAAC,OAAgB,EAAE,MAAe;IACtE,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,QAAQ,MAAM,EAAE,CAAA;IACzB,CAAC;IAED,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC;QACtC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC;QACtC,SAAS,CAAA;IAErB,OAAO,MAAM,EAAE,EAAE,CAAA;AACnB,CAAC"}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
import type { ServerSession } from '../types/index.js';
|
|
2
|
+
/**
|
|
3
|
+
* Server-side auth service interface.
|
|
4
|
+
* Wraps session management and authorization guards.
|
|
5
|
+
*/
|
|
6
|
+
export interface IAuthService {
|
|
7
|
+
getServerSession(request: Request): Promise<ServerSession | null>;
|
|
8
|
+
isAuthenticated(request: Request): Promise<boolean>;
|
|
9
|
+
createSessionCookie(idToken: string, expiresInMs?: number): Promise<string>;
|
|
10
|
+
revokeSession(request: Request): Promise<void>;
|
|
11
|
+
requireAuth(request: Request): Promise<void>;
|
|
12
|
+
requireAdmin(request: Request, ownerEmails?: string): Promise<void>;
|
|
13
|
+
isAdmin(request: Request, ownerEmails?: string): Promise<boolean>;
|
|
14
|
+
}
|
|
15
|
+
//# sourceMappingURL=auth.interface.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth.interface.d.ts","sourceRoot":"","sources":["../../src/services/auth.interface.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAA;AAEtD;;;GAGG;AACH,MAAM,WAAW,YAAY;IAC3B,gBAAgB,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,CAAA;IACjE,eAAe,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAA;IACnD,mBAAmB,CAAC,OAAO,EAAE,MAAM,EAAE,WAAW,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;IAC3E,aAAa,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;IAC9C,WAAW,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;IAC5C,YAAY,CAAC,OAAO,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;IACnE,OAAO,CAAC,OAAO,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAA;CAClE"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth.interface.js","sourceRoot":"","sources":["../../src/services/auth.interface.ts"],"names":[],"mappings":""}
|
|
@@ -8,12 +8,18 @@ export interface Logger {
|
|
|
8
8
|
warn(message: string, context?: Record<string, unknown>): void;
|
|
9
9
|
error(message: string, context?: Record<string, unknown>): void;
|
|
10
10
|
}
|
|
11
|
+
export declare enum ServiceState {
|
|
12
|
+
Uninitialized = "uninitialized",
|
|
13
|
+
Initialized = "initialized",
|
|
14
|
+
ShutDown = "shutdown"
|
|
15
|
+
}
|
|
11
16
|
/**
|
|
12
17
|
* Abstract base class for all services.
|
|
13
18
|
*
|
|
14
19
|
* Provides:
|
|
15
20
|
* - Constructor injection of config and logger
|
|
16
|
-
* -
|
|
21
|
+
* - Lifecycle hooks (initialize/shutdown) with state tracking
|
|
22
|
+
* - ensureInitialized() guard for methods that require initialization
|
|
17
23
|
* - Consistent naming (className from constructor.name)
|
|
18
24
|
*
|
|
19
25
|
* @example
|
|
@@ -31,7 +37,17 @@ export declare abstract class BaseService<TConfig = unknown> {
|
|
|
31
37
|
protected readonly config: TConfig;
|
|
32
38
|
protected readonly logger: Logger;
|
|
33
39
|
protected readonly name: string;
|
|
40
|
+
private _state;
|
|
34
41
|
constructor(config: TConfig, logger: Logger);
|
|
42
|
+
/**
|
|
43
|
+
* Current lifecycle state.
|
|
44
|
+
*/
|
|
45
|
+
getState(): ServiceState;
|
|
46
|
+
/**
|
|
47
|
+
* Guard: throws if service has not been initialized.
|
|
48
|
+
* Call at the start of methods that depend on initialization.
|
|
49
|
+
*/
|
|
50
|
+
protected ensureInitialized(): void;
|
|
35
51
|
/**
|
|
36
52
|
* Called once when the application starts.
|
|
37
53
|
* Override to connect to databases, warm up caches, or validate config.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"base.service.d.ts","sourceRoot":"","sources":["../../src/services/base.service.ts"],"names":[],"mappings":"AAGA;;;GAGG;AACH,MAAM,WAAW,MAAM;IACrB,KAAK,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAChE,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAC/D,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAC/D,KAAK,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;CACjE;AAED
|
|
1
|
+
{"version":3,"file":"base.service.d.ts","sourceRoot":"","sources":["../../src/services/base.service.ts"],"names":[],"mappings":"AAGA;;;GAGG;AACH,MAAM,WAAW,MAAM;IACrB,KAAK,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAChE,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAC/D,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAC/D,KAAK,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;CACjE;AAED,oBAAY,YAAY;IACtB,aAAa,kBAAkB;IAC/B,WAAW,gBAAgB;IAC3B,QAAQ,aAAa;CACtB;AAED;;;;;;;;;;;;;;;;;;;GAmBG;AACH,8BAAsB,WAAW,CAAC,OAAO,GAAG,OAAO;IAK/C,SAAS,CAAC,QAAQ,CAAC,MAAM,EAAE,OAAO;IAClC,SAAS,CAAC,QAAQ,CAAC,MAAM,EAAE,MAAM;IALnC,SAAS,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IAChC,OAAO,CAAC,MAAM,CAA4C;gBAGrC,MAAM,EAAE,OAAO,EACf,MAAM,EAAE,MAAM;IAKnC;;OAEG;IACH,QAAQ,IAAI,YAAY;IAIxB;;;OAGG;IACH,SAAS,CAAC,iBAAiB,IAAI,IAAI;IAMnC;;;OAGG;IACG,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAIjC;;;OAGG;IACG,QAAQ,IAAI,OAAO,CAAC,IAAI,CAAC;CAGhC"}
|
|
@@ -1,11 +1,18 @@
|
|
|
1
1
|
// src/services/base.service.ts
|
|
2
2
|
// Pattern: Service Base (core-sdk.service-base.md)
|
|
3
|
+
export var ServiceState;
|
|
4
|
+
(function (ServiceState) {
|
|
5
|
+
ServiceState["Uninitialized"] = "uninitialized";
|
|
6
|
+
ServiceState["Initialized"] = "initialized";
|
|
7
|
+
ServiceState["ShutDown"] = "shutdown";
|
|
8
|
+
})(ServiceState || (ServiceState = {}));
|
|
3
9
|
/**
|
|
4
10
|
* Abstract base class for all services.
|
|
5
11
|
*
|
|
6
12
|
* Provides:
|
|
7
13
|
* - Constructor injection of config and logger
|
|
8
|
-
* -
|
|
14
|
+
* - Lifecycle hooks (initialize/shutdown) with state tracking
|
|
15
|
+
* - ensureInitialized() guard for methods that require initialization
|
|
9
16
|
* - Consistent naming (className from constructor.name)
|
|
10
17
|
*
|
|
11
18
|
* @example
|
|
@@ -23,24 +30,40 @@ export class BaseService {
|
|
|
23
30
|
config;
|
|
24
31
|
logger;
|
|
25
32
|
name;
|
|
33
|
+
_state = ServiceState.Uninitialized;
|
|
26
34
|
constructor(config, logger) {
|
|
27
35
|
this.config = config;
|
|
28
36
|
this.logger = logger;
|
|
29
37
|
this.name = this.constructor.name;
|
|
30
38
|
}
|
|
39
|
+
/**
|
|
40
|
+
* Current lifecycle state.
|
|
41
|
+
*/
|
|
42
|
+
getState() {
|
|
43
|
+
return this._state;
|
|
44
|
+
}
|
|
45
|
+
/**
|
|
46
|
+
* Guard: throws if service has not been initialized.
|
|
47
|
+
* Call at the start of methods that depend on initialization.
|
|
48
|
+
*/
|
|
49
|
+
ensureInitialized() {
|
|
50
|
+
if (this._state !== ServiceState.Initialized) {
|
|
51
|
+
throw new Error(`${this.name} is not initialized (state: ${this._state})`);
|
|
52
|
+
}
|
|
53
|
+
}
|
|
31
54
|
/**
|
|
32
55
|
* Called once when the application starts.
|
|
33
56
|
* Override to connect to databases, warm up caches, or validate config.
|
|
34
57
|
*/
|
|
35
58
|
async initialize() {
|
|
36
|
-
|
|
59
|
+
this._state = ServiceState.Initialized;
|
|
37
60
|
}
|
|
38
61
|
/**
|
|
39
62
|
* Called once when the application shuts down.
|
|
40
63
|
* Override to close connections, flush buffers, or clean up resources.
|
|
41
64
|
*/
|
|
42
65
|
async shutdown() {
|
|
43
|
-
|
|
66
|
+
this._state = ServiceState.ShutDown;
|
|
44
67
|
}
|
|
45
68
|
}
|
|
46
69
|
//# sourceMappingURL=base.service.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"base.service.js","sourceRoot":"","sources":["../../src/services/base.service.ts"],"names":[],"mappings":"AAAA,+BAA+B;AAC/B,mDAAmD;AAanD
|
|
1
|
+
{"version":3,"file":"base.service.js","sourceRoot":"","sources":["../../src/services/base.service.ts"],"names":[],"mappings":"AAAA,+BAA+B;AAC/B,mDAAmD;AAanD,MAAM,CAAN,IAAY,YAIX;AAJD,WAAY,YAAY;IACtB,+CAA+B,CAAA;IAC/B,2CAA2B,CAAA;IAC3B,qCAAqB,CAAA;AACvB,CAAC,EAJW,YAAY,KAAZ,YAAY,QAIvB;AAED;;;;;;;;;;;;;;;;;;;GAmBG;AACH,MAAM,OAAgB,WAAW;IAKV;IACA;IALF,IAAI,CAAS;IACxB,MAAM,GAAiB,YAAY,CAAC,aAAa,CAAC;IAE1D,YACqB,MAAe,EACf,MAAc;QADd,WAAM,GAAN,MAAM,CAAS;QACf,WAAM,GAAN,MAAM,CAAQ;QAEjC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC;IACpC,CAAC;IAED;;OAEG;IACH,QAAQ;QACN,OAAO,IAAI,CAAC,MAAM,CAAC;IACrB,CAAC;IAED;;;OAGG;IACO,iBAAiB;QACzB,IAAI,IAAI,CAAC,MAAM,KAAK,YAAY,CAAC,WAAW,EAAE,CAAC;YAC7C,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,IAAI,+BAA+B,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;QAC7E,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,UAAU;QACd,IAAI,CAAC,MAAM,GAAG,YAAY,CAAC,WAAW,CAAC;IACzC,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,QAAQ;QACZ,IAAI,CAAC,MAAM,GAAG,YAAY,CAAC,QAAQ,CAAC;IACtC,CAAC;CACF"}
|
|
@@ -9,6 +9,10 @@ export interface PendingAction {
|
|
|
9
9
|
summary: string;
|
|
10
10
|
createdAt: number;
|
|
11
11
|
}
|
|
12
|
+
export interface IConfirmationTokenService {
|
|
13
|
+
generateToken(action: PendingAction): string;
|
|
14
|
+
consumeToken(token: string, userId: string): PendingAction | null;
|
|
15
|
+
}
|
|
12
16
|
/**
|
|
13
17
|
* Confirmation Token Service
|
|
14
18
|
*
|
|
@@ -16,7 +20,7 @@ export interface PendingAction {
|
|
|
16
20
|
* Mutating tools generate a preview + token; a confirm step consumes the token to execute.
|
|
17
21
|
* Tokens are single-use, user-scoped, and expire after TTL.
|
|
18
22
|
*/
|
|
19
|
-
export declare class ConfirmationTokenService {
|
|
23
|
+
export declare class ConfirmationTokenService implements IConfirmationTokenService {
|
|
20
24
|
private pending;
|
|
21
25
|
private ttlMs;
|
|
22
26
|
constructor(ttlMs?: number);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"confirmation-token.service.d.ts","sourceRoot":"","sources":["../../src/services/confirmation-token.service.ts"],"names":[],"mappings":"AAEA;;;GAGG;AACH,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAA;IACZ,MAAM,EAAE,MAAM,CAAA;IACd,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAC/B,OAAO,EAAE,MAAM,CAAA;IACf,SAAS,EAAE,MAAM,CAAA;CAClB;AAID;;;;;;GAMG;AACH,qBAAa,
|
|
1
|
+
{"version":3,"file":"confirmation-token.service.d.ts","sourceRoot":"","sources":["../../src/services/confirmation-token.service.ts"],"names":[],"mappings":"AAEA;;;GAGG;AACH,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAA;IACZ,MAAM,EAAE,MAAM,CAAA;IACd,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAC/B,OAAO,EAAE,MAAM,CAAA;IACf,SAAS,EAAE,MAAM,CAAA;CAClB;AAED,MAAM,WAAW,yBAAyB;IACxC,aAAa,CAAC,MAAM,EAAE,aAAa,GAAG,MAAM,CAAA;IAC5C,YAAY,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,aAAa,GAAG,IAAI,CAAA;CAClE;AAID;;;;;;GAMG;AACH,qBAAa,wBAAyB,YAAW,yBAAyB;IACxE,OAAO,CAAC,OAAO,CAAmC;IAClD,OAAO,CAAC,KAAK,CAAQ;gBAET,KAAK,GAAE,MAAuB;IAI1C;;;OAGG;IACH,aAAa,CAAC,MAAM,EAAE,aAAa,GAAG,MAAM;IAO5C;;;;;OAKG;IACH,YAAY,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,aAAa,GAAG,IAAI;IAoBjE;;OAEG;IACH,OAAO,CAAC,OAAO;CAQhB"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"confirmation-token.service.js","sourceRoot":"","sources":["../../src/services/confirmation-token.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;
|
|
1
|
+
{"version":3,"file":"confirmation-token.service.js","sourceRoot":"","sources":["../../src/services/confirmation-token.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAmBzC,MAAM,cAAc,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAA,CAAC,YAAY;AAEjD;;;;;;GAMG;AACH,MAAM,OAAO,wBAAwB;IAC3B,OAAO,GAAG,IAAI,GAAG,EAAyB,CAAA;IAC1C,KAAK,CAAQ;IAErB,YAAY,QAAgB,cAAc;QACxC,IAAI,CAAC,KAAK,GAAG,KAAK,CAAA;IACpB,CAAC;IAED;;;OAGG;IACH,aAAa,CAAC,MAAqB;QACjC,IAAI,CAAC,OAAO,EAAE,CAAA;QACd,MAAM,KAAK,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;QAC7C,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,CAAA;QAC/B,OAAO,KAAK,CAAA;IACd,CAAC;IAED;;;;;OAKG;IACH,YAAY,CAAC,KAAa,EAAE,MAAc;QACxC,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAA;QACtC,IAAI,CAAC,MAAM;YAAE,OAAO,IAAI,CAAA;QAExB,6BAA6B;QAC7B,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;QAE1B,YAAY;QACZ,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,SAAS,GAAG,IAAI,CAAC,KAAK,EAAE,CAAC;YAC/C,OAAO,IAAI,CAAA;QACb,CAAC;QAED,0BAA0B;QAC1B,IAAI,MAAM,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;YAC7B,OAAO,IAAI,CAAA;QACb,CAAC;QAED,OAAO,MAAM,CAAA;IACf,CAAC;IAED;;OAEG;IACK,OAAO;QACb,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;QACtB,KAAK,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YAC3C,IAAI,GAAG,GAAG,MAAM,CAAC,SAAS,GAAG,IAAI,CAAC,KAAK,EAAE,CAAC;gBACxC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;YAC5B,CAAC;QACH,CAAC;IACH,CAAC;CACF"}
|
package/dist/services/index.d.ts
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
|
-
export { BaseService } from './base.service.js';
|
|
1
|
+
export { BaseService, ServiceState } from './base.service.js';
|
|
2
2
|
export type { Logger } from './base.service.js';
|
|
3
3
|
export { ConfirmationTokenService } from './confirmation-token.service.js';
|
|
4
|
-
export type { PendingAction } from './confirmation-token.service.js';
|
|
4
|
+
export type { PendingAction, IConfirmationTokenService } from './confirmation-token.service.js';
|
|
5
|
+
export type { IAuthService } from './auth.interface.js';
|
|
5
6
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/services/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/services/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAA;AAC7D,YAAY,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAA;AAC/C,OAAO,EAAE,wBAAwB,EAAE,MAAM,iCAAiC,CAAA;AAC1E,YAAY,EAAE,aAAa,EAAE,yBAAyB,EAAE,MAAM,iCAAiC,CAAA;AAC/F,YAAY,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAA"}
|
package/dist/services/index.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/services/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/services/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAA;AAE7D,OAAO,EAAE,wBAAwB,EAAE,MAAM,iCAAiC,CAAA"}
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Brand utility — creates nominal types from structural ones.
|
|
3
|
+
* Prevents accidental mixing of same-shaped but semantically different values.
|
|
4
|
+
*/
|
|
5
|
+
type Brand<T, B extends string> = T & {
|
|
6
|
+
readonly __brand: B;
|
|
7
|
+
};
|
|
8
|
+
/** A Firebase user ID */
|
|
9
|
+
export type UserId = Brand<string, 'UserId'>;
|
|
10
|
+
/** A session identifier */
|
|
11
|
+
export type SessionId = Brand<string, 'SessionId'>;
|
|
12
|
+
/** A confirmation token */
|
|
13
|
+
export type TokenId = Brand<string, 'TokenId'>;
|
|
14
|
+
/** An email address */
|
|
15
|
+
export type EmailAddress = Brand<string, 'EmailAddress'>;
|
|
16
|
+
/** A Unix timestamp in milliseconds */
|
|
17
|
+
export type Timestamp = Brand<number, 'Timestamp'>;
|
|
18
|
+
export declare function toUserId(s: string): UserId;
|
|
19
|
+
export declare function toSessionId(s: string): SessionId;
|
|
20
|
+
export declare function toTokenId(s: string): TokenId;
|
|
21
|
+
export declare function toEmailAddress(s: string): EmailAddress;
|
|
22
|
+
export declare function toTimestamp(n: number): Timestamp;
|
|
23
|
+
export {};
|
|
24
|
+
//# sourceMappingURL=branded.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"branded.d.ts","sourceRoot":"","sources":["../../src/types/branded.ts"],"names":[],"mappings":"AAIA;;;GAGG;AACH,KAAK,KAAK,CAAC,CAAC,EAAE,CAAC,SAAS,MAAM,IAAI,CAAC,GAAG;IAAE,QAAQ,CAAC,OAAO,EAAE,CAAC,CAAA;CAAE,CAAA;AAE7D,yBAAyB;AACzB,MAAM,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAA;AAC5C,2BAA2B;AAC3B,MAAM,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,EAAE,WAAW,CAAC,CAAA;AAClD,2BAA2B;AAC3B,MAAM,MAAM,OAAO,GAAG,KAAK,CAAC,MAAM,EAAE,SAAS,CAAC,CAAA;AAC9C,uBAAuB;AACvB,MAAM,MAAM,YAAY,GAAG,KAAK,CAAC,MAAM,EAAE,cAAc,CAAC,CAAA;AACxD,uCAAuC;AACvC,MAAM,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,EAAE,WAAW,CAAC,CAAA;AAElD,wBAAgB,QAAQ,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,CAAuB;AAClE,wBAAgB,WAAW,CAAC,CAAC,EAAE,MAAM,GAAG,SAAS,CAA0B;AAC3E,wBAAgB,SAAS,CAAC,CAAC,EAAE,MAAM,GAAG,OAAO,CAAwB;AACrE,wBAAgB,cAAc,CAAC,CAAC,EAAE,MAAM,GAAG,YAAY,CAA6B;AACpF,wBAAgB,WAAW,CAAC,CAAC,EAAE,MAAM,GAAG,SAAS,CAA0B"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
// src/types/branded.ts
|
|
2
|
+
// Pattern: Shared Types (core-sdk.types-shared.md)
|
|
3
|
+
// Ported from remember-core
|
|
4
|
+
export function toUserId(s) { return s; }
|
|
5
|
+
export function toSessionId(s) { return s; }
|
|
6
|
+
export function toTokenId(s) { return s; }
|
|
7
|
+
export function toEmailAddress(s) { return s; }
|
|
8
|
+
export function toTimestamp(n) { return n; }
|
|
9
|
+
//# sourceMappingURL=branded.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"branded.js","sourceRoot":"","sources":["../../src/types/branded.ts"],"names":[],"mappings":"AAAA,uBAAuB;AACvB,mDAAmD;AACnD,4BAA4B;AAmB5B,MAAM,UAAU,QAAQ,CAAC,CAAS,IAAY,OAAO,CAAW,CAAA,CAAC,CAAC;AAClE,MAAM,UAAU,WAAW,CAAC,CAAS,IAAe,OAAO,CAAc,CAAA,CAAC,CAAC;AAC3E,MAAM,UAAU,SAAS,CAAC,CAAS,IAAa,OAAO,CAAY,CAAA,CAAC,CAAC;AACrE,MAAM,UAAU,cAAc,CAAC,CAAS,IAAkB,OAAO,CAAiB,CAAA,CAAC,CAAC;AACpF,MAAM,UAAU,WAAW,CAAC,CAAS,IAAe,OAAO,CAAc,CAAA,CAAC,CAAC"}
|
package/dist/types/index.d.ts
CHANGED
|
@@ -16,4 +16,8 @@ export interface AuthResult {
|
|
|
16
16
|
success: boolean;
|
|
17
17
|
error?: string;
|
|
18
18
|
}
|
|
19
|
+
export type { UserId, SessionId, TokenId, EmailAddress, Timestamp } from './branded.js';
|
|
20
|
+
export { toUserId, toSessionId, toTokenId, toEmailAddress, toTimestamp } from './branded.js';
|
|
21
|
+
export { ok, err, isOk, isErr, mapOk, mapErr, andThen, getOrElse, tryCatch, tryCatchAsync, } from './result.js';
|
|
22
|
+
export type { Ok, Err, Result } from './result.js';
|
|
19
23
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/types/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,WAAW,QAAQ;IACvB,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,aAAa,EAAE,OAAO,CAAC;IACvB,WAAW,EAAE,OAAO,CAAC;CACtB;AAED,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,QAAQ,CAAC;CAChB;AAED,MAAM,WAAW,UAAU;IACzB,OAAO,EAAE,OAAO,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/types/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,WAAW,QAAQ;IACvB,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,aAAa,EAAE,OAAO,CAAC;IACvB,WAAW,EAAE,OAAO,CAAC;CACtB;AAED,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,QAAQ,CAAC;CAChB;AAED,MAAM,WAAW,UAAU;IACzB,OAAO,EAAE,OAAO,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAGD,YAAY,EAAE,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,MAAM,cAAc,CAAA;AACvF,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,SAAS,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,cAAc,CAAA;AAG5F,OAAO,EACL,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,KAAK,EACpB,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,EACjC,QAAQ,EAAE,aAAa,GACxB,MAAM,aAAa,CAAA;AACpB,YAAY,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,aAAa,CAAA"}
|
package/dist/types/index.js
CHANGED
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* Core auth types used across agentbase projects.
|
|
3
3
|
*/
|
|
4
|
-
export {};
|
|
4
|
+
export { toUserId, toSessionId, toTokenId, toEmailAddress, toTimestamp } from './branded.js';
|
|
5
|
+
// Result type
|
|
6
|
+
export { ok, err, isOk, isErr, mapOk, mapErr, andThen, getOrElse, tryCatch, tryCatchAsync, } from './result.js';
|
|
5
7
|
//# sourceMappingURL=index.js.map
|
package/dist/types/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/types/index.ts"],"names":[],"mappings":"AAAA;;GAEG"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/types/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAsBH,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,SAAS,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,cAAc,CAAA;AAE5F,cAAc;AACd,OAAO,EACL,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,KAAK,EACpB,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,EACjC,QAAQ,EAAE,aAAa,GACxB,MAAM,aAAa,CAAA"}
|