npm - @rebasepro/server-mongodb - Versions diffs - 0.0.1-canary.09e5ec5 - Mend

@rebasepro/server-mongodb 0.0.1-canary.09e5ec5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (286) hide show

package/dist/server-core/src/api/schema-editor-routes.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+import { Hono } from "hono";
+import { HonoEnv } from "./types";
+export declare function createSchemaEditorRoutes(collectionsDir: string): Hono<HonoEnv>;
+//# sourceMappingURL=schema-editor-routes.d.ts.map

package/dist/server-core/src/api/schema-editor-routes.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"schema-editor-routes.d.ts","sourceRoot":"","sources":["../../../../../server-core/src/api/schema-editor-routes.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAG5B,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAElC,wBAAgB,wBAAwB,CAAC,cAAc,EAAE,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,CAkC9E"}

package/dist/server-core/src/api/server.d.ts ADDED Viewed

@@ -0,0 +1,41 @@
+import { Hono } from "hono";
+import { DataDriver } from "@rebasepro/types";
+import { ApiConfig, HonoEnv } from "./types";
+/**
+ * Simplified API server that leverages existing Rebase infrastructure
+ * Can be used standalone or mounted on existing Hono app
+ */
+export declare class RebaseApiServer {
+    private app;
+    private router;
+    private config;
+    private driver;
+    private constructor();
+    /**
+     * Factory method to create an asynchronously initialized ApiServer instance
+     */
+    static create(config: ApiConfig & {
+        driver: DataDriver;
+    }): Promise<RebaseApiServer>;
+    /**
+     * Setup Hono middleware
+     */
+    private setupMiddleware;
+    /**
+     * Setup API routes using existing services
+     */
+    private setupRoutes;
+    /**
+     * Get the Hono router with all API routes
+     */
+    getRouter(): Hono<HonoEnv>;
+    /**
+     * Get the standalone Hono app
+     */
+    getApp(): Hono<HonoEnv>;
+    /**
+     * Start the server (standalone mode) via @hono/node-server
+     */
+    listen(port?: number, callback?: () => void): void;
+}
+//# sourceMappingURL=server.d.ts.map

package/dist/server-core/src/api/server.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../../../../server-core/src/api/server.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAO5B,OAAO,EAAE,UAAU,EAA8B,MAAM,kBAAkB,CAAC;AAC1E,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAO7C;;;GAGG;AACH,qBAAa,eAAe;IACxB,OAAO,CAAC,GAAG,CAAgB;IAC3B,OAAO,CAAC,MAAM,CAAgB;IAC9B,OAAO,CAAC,MAAM,CAAY;IAC1B,OAAO,CAAC,MAAM,CAAa;IAE3B,OAAO;IAoBP;;OAEG;WACiB,MAAM,CAAC,MAAM,EAAE,SAAS,GAAG;QAAE,MAAM,EAAE,UAAU,CAAA;KAAE,GAAG,OAAO,CAAC,eAAe,CAAC;IAmBhG;;OAEG;IACH,OAAO,CAAC,eAAe;IAyBvB;;OAEG;IACH,OAAO,CAAC,WAAW;IA4HnB;;OAEG;IACH,SAAS,IAAI,IAAI,CAAC,OAAO,CAAC;IAI1B;;OAEG;IACH,MAAM,IAAI,IAAI,CAAC,OAAO,CAAC;IAIvB;;OAEG;IACH,MAAM,CAAC,IAAI,SAAO,EAAE,QAAQ,CAAC,EAAE,MAAM,IAAI,GAAG,IAAI;CAQnD"}

package/dist/server-core/src/api/types.d.ts ADDED Viewed

@@ -0,0 +1,91 @@
+import { EntityCollection } from "@rebasepro/types";
+import { AuthResult } from "../auth/middleware";
+import { NodePgDatabase } from "drizzle-orm/node-postgres";
+import { DataDriver } from "@rebasepro/types";
+/**
+ * Hono Environment Variables
+ * Passed to generic Hono<HonoEnv> to type `c.get()`
+ */
+export type HonoEnv = {
+    Variables: {
+        user?: AuthResult | {
+            userId?: string;
+            roles?: string[];
+        };
+        driver?: DataDriver;
+    };
+};
+/**
+ * Configuration for API generation
+ */
+/**
+ * Configuration for API generation
+ */
+export interface ApiConfig {
+    collections?: EntityCollection[];
+    collectionsDir?: string;
+    basePath?: string;
+    enableGraphQL?: boolean;
+    enableREST?: boolean;
+    cors?: {
+        origin?: string | string[] | boolean;
+        credentials?: boolean;
+    };
+    /** Whether auth is required for API endpoints (default: true) */
+    requireAuth?: boolean;
+    /** Optional custom validator for authentication */
+    authValidator?: (c: import("hono").Context<import("./types").HonoEnv>) => Promise<AuthResult>;
+    pagination?: {
+        defaultLimit: number;
+        maxLimit: number;
+    };
+}
+/**
+ * Context passed to resolvers and handlers
+ */
+export interface ApiContext {
+    user?: AuthResult;
+    collections: Map<string, EntityCollection>;
+    db: NodePgDatabase;
+}
+/**
+ * Standard API response format
+ */
+export interface ApiResponse<T = unknown> {
+    data?: T;
+    error?: {
+        message: string;
+        code?: string;
+        details?: unknown;
+    };
+    meta?: {
+        total?: number;
+        page?: number;
+        limit?: number;
+        hasMore?: boolean;
+    };
+}
+/**
+ * Query options for API endpoints
+ */
+export interface QueryOptions {
+    limit?: number;
+    offset?: number;
+    where?: Record<string, unknown>;
+    orderBy?: Array<{
+        field: string;
+        direction: "asc" | "desc";
+    }>;
+    include?: string[];
+    /** Columns to return in the response (field-level selection) */
+    fields?: string[];
+}
+/**
+ * Relation resolution configuration
+ */
+export interface RelationConfig {
+    relationName: string;
+    depth?: number;
+    include?: string[];
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/server-core/src/api/types.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../../../server-core/src/api/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAChD,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAC3D,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAE9C;;;GAGG;AACH,MAAM,MAAM,OAAO,GAAG;IAClB,SAAS,EAAE;QACP,IAAI,CAAC,EAAE,UAAU,GAAG;YAAE,MAAM,CAAC,EAAE,MAAM,CAAC;YAAC,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;SAAE,CAAC;QAC1D,MAAM,CAAC,EAAE,UAAU,CAAC;KACvB,CAAA;CACJ,CAAC;AAEF;;GAEG;AACH;;GAEG;AACH,MAAM,WAAW,SAAS;IACtB,WAAW,CAAC,EAAE,gBAAgB,EAAE,CAAC;IACjC,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,IAAI,CAAC,EAAE;QACH,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,OAAO,CAAC;QACrC,WAAW,CAAC,EAAE,OAAO,CAAC;KACzB,CAAC;IACF,iEAAiE;IACjE,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,mDAAmD;IACnD,aAAa,CAAC,EAAE,CAAC,CAAC,EAAE,OAAO,MAAM,EAAE,OAAO,CAAC,OAAO,SAAS,EAAE,OAAO,CAAC,KAAK,OAAO,CAAC,UAAU,CAAC,CAAC;IAC9F,UAAU,CAAC,EAAE;QACT,YAAY,EAAE,MAAM,CAAC;QACrB,QAAQ,EAAE,MAAM,CAAC;KACpB,CAAC;CACL;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACvB,IAAI,CAAC,EAAE,UAAU,CAAC;IAClB,WAAW,EAAE,GAAG,CAAC,MAAM,EAAE,gBAAgB,CAAC,CAAC;IAC3C,EAAE,EAAE,cAAc,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW,CAAC,CAAC,GAAG,OAAO;IACpC,IAAI,CAAC,EAAE,CAAC,CAAC;IACT,KAAK,CAAC,EAAE;QACJ,OAAO,EAAE,MAAM,CAAC;QAChB,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,OAAO,CAAC,EAAE,OAAO,CAAC;KACrB,CAAC;IACF,IAAI,CAAC,EAAE;QACH,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,OAAO,CAAC,EAAE,OAAO,CAAC;KACrB,CAAC;CACL;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IACzB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAChC,OAAO,CAAC,EAAE,KAAK,CAAC;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,KAAK,GAAG,MAAM,CAAA;KAAE,CAAC,CAAC;IAC9D,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,gEAAgE;IAChE,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC3B,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;CACtB"}

package/dist/server-core/src/auth/admin-routes.d.ts ADDED Viewed

@@ -0,0 +1,17 @@
+import { Hono } from "hono";
+import { AuthModuleConfig } from "./routes";
+interface AdminRouteOptions extends AuthModuleConfig {
+    serviceKey?: string;
+    /**
+     * Callback to persistently mark bootstrap as completed.
+     * Invoked after the first admin user is promoted via POST /admin/bootstrap.
+     */
+    setBootstrapCompleted?: () => Promise<void>;
+}
+import { HonoEnv } from "../api/types";
+/**
+ * Create admin routes for user and role management
+ */
+export declare function createAdminRoutes(config: AdminRouteOptions): Hono<HonoEnv>;
+export {};
+//# sourceMappingURL=admin-routes.d.ts.map

package/dist/server-core/src/auth/admin-routes.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"admin-routes.d.ts","sourceRoot":"","sources":["../../../../../server-core/src/auth/admin-routes.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAK5B,OAAO,EAAE,gBAAgB,EAAE,MAAM,UAAU,CAAC;AAE5C,UAAU,iBAAkB,SAAQ,gBAAgB;IAChD,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB;;;OAGG;IACH,qBAAqB,CAAC,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;CAC/C;AACD,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AA4CvC;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,iBAAiB,GAAG,IAAI,CAAC,OAAO,CAAC,CAkd1E"}

package/dist/server-core/src/auth/apple-oauth.d.ts ADDED Viewed

@@ -0,0 +1,31 @@
+import type { OAuthProvider } from "./interfaces";
+/**
+ * Creates an Apple Sign In OAuth Provider integration.
+ *
+ * Apple requires a client secret that is a signed JWT, regenerated on each
+ * token exchange (valid up to 6 months). This provider handles that automatically.
+ *
+ * Required Apple Developer configuration:
+ * - Services ID (clientId)
+ * - Key ID from the private key registered with Apple
+ * - Team ID from Apple Developer account
+ * - Private key (.p8 file contents) downloaded from Apple Developer portal
+ */
+export declare function createAppleProvider(config: {
+    clientId: string;
+    teamId: string;
+    keyId: string;
+    /** The raw PEM contents of the .p8 private key file */
+    privateKey: string;
+}): OAuthProvider<{
+    code: string;
+    redirectUri: string;
+    user?: {
+        name?: {
+            firstName?: string;
+            lastName?: string;
+        };
+        email?: string;
+    };
+}>;
+//# sourceMappingURL=apple-oauth.d.ts.map

package/dist/server-core/src/auth/apple-oauth.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"apple-oauth.d.ts","sourceRoot":"","sources":["../../../../../server-core/src/auth/apple-oauth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAwB,MAAM,cAAc,CAAC;AAKxE;;;;;;;;;;;GAWG;AACH,wBAAgB,mBAAmB,CAAC,MAAM,EAAE;IACxC,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,uDAAuD;IACvD,UAAU,EAAE,MAAM,CAAC;CACtB,GAAG,aAAa,CAAC;IACN,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,IAAI,CAAC,EAAE;QAAE,IAAI,CAAC,EAAE;YAAE,SAAS,CAAC,EAAE,MAAM,CAAC;YAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;SAAE,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;CAC/E,CAAC,CAsGT"}

package/dist/server-core/src/auth/bitbucket-oauth.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import type { OAuthProvider } from "./interfaces";
+/**
+ * Creates a Bitbucket OAuth Provider integration (OAuth 2.0 consumer).
+ */
+export declare function createBitbucketProvider(config: {
+    clientId: string;
+    clientSecret: string;
+}): OAuthProvider<{
+    code: string;
+    redirectUri: string;
+}>;
+//# sourceMappingURL=bitbucket-oauth.d.ts.map

package/dist/server-core/src/auth/bitbucket-oauth.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"bitbucket-oauth.d.ts","sourceRoot":"","sources":["../../../../../server-core/src/auth/bitbucket-oauth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAwB,MAAM,cAAc,CAAC;AAGxE;;GAEG;AACH,wBAAgB,uBAAuB,CAAC,MAAM,EAAE;IAAE,QAAQ,EAAE,MAAM,CAAC;IAAC,YAAY,EAAE,MAAM,CAAA;CAAE,GAAG,aAAa,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,WAAW,EAAE,MAAM,CAAA;CAAE,CAAC,CA2EhJ"}

package/dist/server-core/src/auth/discord-oauth.d.ts ADDED Viewed

@@ -0,0 +1,15 @@
+import type { OAuthProvider } from "./interfaces";
+/**
+ * Creates a Discord OAuth2 Provider integration.
+ *
+ * Uses the authorization code flow. Requires the "identify" and "email"
+ * scopes to retrieve the user's email and profile information.
+ */
+export declare function createDiscordProvider(config: {
+    clientId: string;
+    clientSecret: string;
+}): OAuthProvider<{
+    code: string;
+    redirectUri: string;
+}>;
+//# sourceMappingURL=discord-oauth.d.ts.map

package/dist/server-core/src/auth/discord-oauth.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"discord-oauth.d.ts","sourceRoot":"","sources":["../../../../../server-core/src/auth/discord-oauth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAwB,MAAM,cAAc,CAAC;AAGxE;;;;;GAKG;AACH,wBAAgB,qBAAqB,CAAC,MAAM,EAAE;IAAE,QAAQ,EAAE,MAAM,CAAC;IAAC,YAAY,EAAE,MAAM,CAAA;CAAE,GAAG,aAAa,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,WAAW,EAAE,MAAM,CAAA;CAAE,CAAC,CAyE9I"}

package/dist/server-core/src/auth/facebook-oauth.d.ts ADDED Viewed

@@ -0,0 +1,15 @@
+import type { OAuthProvider } from "./interfaces";
+/**
+ * Creates a Facebook / Meta OAuth Provider integration.
+ *
+ * Uses the authorization code flow to exchange a code for an access token,
+ * then fetches user profile from the Facebook Graph API.
+ */
+export declare function createFacebookProvider(config: {
+    clientId: string;
+    clientSecret: string;
+}): OAuthProvider<{
+    code: string;
+    redirectUri: string;
+}>;
+//# sourceMappingURL=facebook-oauth.d.ts.map

package/dist/server-core/src/auth/facebook-oauth.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"facebook-oauth.d.ts","sourceRoot":"","sources":["../../../../../server-core/src/auth/facebook-oauth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAwB,MAAM,cAAc,CAAC;AAGxE;;;;;GAKG;AACH,wBAAgB,sBAAsB,CAAC,MAAM,EAAE;IAAE,QAAQ,EAAE,MAAM,CAAC;IAAC,YAAY,EAAE,MAAM,CAAA;CAAE,GAAG,aAAa,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,WAAW,EAAE,MAAM,CAAA;CAAE,CAAC,CA8D/I"}

package/dist/server-core/src/auth/github-oauth.d.ts ADDED Viewed

@@ -0,0 +1,16 @@
+import type { OAuthProvider } from "./interfaces";
+/**
+ * Creates a GitHub OAuth Provider integration.
+ *
+ * Flow: Frontend receives an authorization `code` via the GitHub OAuth redirect.
+ * This provider exchanges the code for an access token, then fetches the user's
+ * profile and primary email from the GitHub API.
+ */
+export declare function createGitHubProvider(config: {
+    clientId: string;
+    clientSecret: string;
+}): OAuthProvider<{
+    code: string;
+    redirectUri: string;
+}>;
+//# sourceMappingURL=github-oauth.d.ts.map

package/dist/server-core/src/auth/github-oauth.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"github-oauth.d.ts","sourceRoot":"","sources":["../../../../../server-core/src/auth/github-oauth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAwB,MAAM,cAAc,CAAC;AAGxE;;;;;;GAMG;AACH,wBAAgB,oBAAoB,CAAC,MAAM,EAAE;IAAE,QAAQ,EAAE,MAAM,CAAC;IAAC,YAAY,EAAE,MAAM,CAAA;CAAE,GAAG,aAAa,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,WAAW,EAAE,MAAM,CAAA;CAAE,CAAC,CAmG7I"}

package/dist/server-core/src/auth/gitlab-oauth.d.ts ADDED Viewed

@@ -0,0 +1,14 @@
+import type { OAuthProvider } from "./interfaces";
+/**
+ * Creates a GitLab OAuth Provider integration.
+ * Works with both GitLab.com and self-hosted instances.
+ */
+export declare function createGitLabProvider(config: {
+    clientId: string;
+    clientSecret: string;
+    baseUrl?: string;
+}): OAuthProvider<{
+    code: string;
+    redirectUri: string;
+}>;
+//# sourceMappingURL=gitlab-oauth.d.ts.map

package/dist/server-core/src/auth/gitlab-oauth.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"gitlab-oauth.d.ts","sourceRoot":"","sources":["../../../../../server-core/src/auth/gitlab-oauth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAwB,MAAM,cAAc,CAAC;AAGxE;;;GAGG;AACH,wBAAgB,oBAAoB,CAAC,MAAM,EAAE;IACzC,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC;CACpB,GAAG,aAAa,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,WAAW,EAAE,MAAM,CAAA;CAAE,CAAC,CA0DvD"}

package/dist/server-core/src/auth/google-oauth.d.ts ADDED Viewed

@@ -0,0 +1,15 @@
+import type { OAuthProvider } from "./interfaces";
+export interface GoogleUserInfo {
+    googleId: string;
+    email: string;
+    displayName: string | null;
+    photoUrl: string | null;
+    emailVerified: boolean;
+}
+/**
+ * Creates a Google OAuth Provider integration
+ */
+export declare function createGoogleProvider(clientId: string): OAuthProvider<{
+    idToken: string;
+}>;
+//# sourceMappingURL=google-oauth.d.ts.map

package/dist/server-core/src/auth/google-oauth.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"google-oauth.d.ts","sourceRoot":"","sources":["../../../../../server-core/src/auth/google-oauth.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,aAAa,EAAwB,MAAM,cAAc,CAAC;AAGxE,MAAM,WAAW,cAAc;IAC3B,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,aAAa,EAAE,OAAO,CAAC;CAC1B;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,QAAQ,EAAE,MAAM,GAAG,aAAa,CAAC;IAAE,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC,CAgCzF"}

package/dist/server-core/src/auth/index.d.ts ADDED Viewed

@@ -0,0 +1,24 @@
+export * from "./interfaces";
+export { configureJwt, generateAccessToken, verifyAccessToken, generateRefreshToken, hashRefreshToken, getRefreshTokenExpiry, getAccessTokenExpiry } from "./jwt";
+export type { JwtConfig, AccessTokenPayload } from "./jwt";
+export { hashPassword, verifyPassword, validatePasswordStrength } from "./password";
+export type { PasswordValidationResult } from "./password";
+export { createGoogleProvider } from "./google-oauth";
+export { createLinkedinProvider } from "./linkedin-oauth";
+export { createGitHubProvider } from "./github-oauth";
+export { createMicrosoftProvider } from "./microsoft-oauth";
+export { createAppleProvider } from "./apple-oauth";
+export { createFacebookProvider } from "./facebook-oauth";
+export { createTwitterProvider } from "./twitter-oauth";
+export { createDiscordProvider } from "./discord-oauth";
+export { createGitLabProvider } from "./gitlab-oauth";
+export { createBitbucketProvider } from "./bitbucket-oauth";
+export { createSlackProvider } from "./slack-oauth";
+export { createSpotifyProvider } from "./spotify-oauth";
+export { requireAuth, requireAdmin, optionalAuth, extractUserFromToken, createAuthMiddleware } from "./middleware";
+export type { AuthMiddlewareOptions, AuthResult } from "./middleware";
+export { createAuthRoutes } from "./routes";
+export type { AuthModuleConfig } from "./routes";
+export { createAdminRoutes } from "./admin-routes";
+export { createRateLimiter, defaultAuthLimiter, strictAuthLimiter } from "./rate-limiter";
+//# sourceMappingURL=index.d.ts.map

package/dist/server-core/src/auth/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../server-core/src/auth/index.ts"],"names":[],"mappings":"AACA,cAAc,cAAc,CAAC;AAE7B,OAAO,EAAE,YAAY,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,oBAAoB,EAAE,gBAAgB,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,MAAM,OAAO,CAAC;AAClK,YAAY,EAAE,SAAS,EAAE,kBAAkB,EAAE,MAAM,OAAO,CAAC;AAE3D,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,wBAAwB,EAAE,MAAM,YAAY,CAAC;AACpF,YAAY,EAAE,wBAAwB,EAAE,MAAM,YAAY,CAAC;AAG3D,OAAO,EAAE,oBAAoB,EAAE,MAAM,gBAAgB,CAAC;AACtD,OAAO,EAAE,sBAAsB,EAAE,MAAM,kBAAkB,CAAC;AAC1D,OAAO,EAAE,oBAAoB,EAAE,MAAM,gBAAgB,CAAC;AACtD,OAAO,EAAE,uBAAuB,EAAE,MAAM,mBAAmB,CAAC;AAC5D,OAAO,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AACpD,OAAO,EAAE,sBAAsB,EAAE,MAAM,kBAAkB,CAAC;AAC1D,OAAO,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC;AACxD,OAAO,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC;AACxD,OAAO,EAAE,oBAAoB,EAAE,MAAM,gBAAgB,CAAC;AACtD,OAAO,EAAE,uBAAuB,EAAE,MAAM,mBAAmB,CAAC;AAC5D,OAAO,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AACpD,OAAO,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC;AAExD,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,YAAY,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAC;AACnH,YAAY,EAAE,qBAAqB,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAGtE,OAAO,EAAE,gBAAgB,EAAE,MAAM,UAAU,CAAC;AAC5C,YAAY,EAAE,gBAAgB,EAAE,MAAM,UAAU,CAAC;AAEjD,OAAO,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAC;AAGnD,OAAO,EAAE,iBAAiB,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAC"}

package/dist/server-core/src/auth/interfaces.d.ts ADDED Viewed

@@ -0,0 +1,310 @@
+import { z } from "zod";
+/**
+ * Authentication Abstraction Interfaces
+ *
+ * These interfaces define the contracts for authentication-related operations.
+ * Implementations can use different databases (PostgreSQL, MongoDB, etc.) to
+ * store user, role, and token data.
+ */
+/**
+ * User data structure
+ */
+export interface UserData {
+    id: string;
+    email: string;
+    passwordHash?: string | null;
+    displayName?: string | null;
+    photoUrl?: string | null;
+    emailVerified: boolean;
+    emailVerificationToken?: string | null;
+    emailVerificationSentAt?: Date | null;
+    createdAt: Date;
+    updatedAt: Date;
+}
+/**
+ * Data for creating a new user
+ */
+export interface CreateUserData {
+    email: string;
+    passwordHash?: string;
+    displayName?: string;
+    photoUrl?: string;
+    emailVerified?: boolean;
+}
+/**
+ * User Identity Data (OAuth accounts linked to user)
+ */
+export interface UserIdentityData {
+    id: string;
+    userId: string;
+    provider: string;
+    providerId: string;
+    profileData?: Record<string, unknown> | null;
+    createdAt: Date;
+    updatedAt: Date;
+}
+/**
+ * Standardized profile data returned by an OAuth provider verification payload
+ */
+export interface OAuthProviderProfile {
+    providerId: string;
+    email: string;
+    displayName?: string | null;
+    photoUrl?: string | null;
+}
+/**
+ * Pluggable OAuth Provider integration strategy
+ */
+export interface OAuthProvider<T = unknown> {
+    /** The identifier of the provider (e.g. "github", "google") */
+    id: string;
+    /** Zod schema validating the expected request payload (e.g. { code: string }) */
+    schema: z.ZodSchema<T>;
+    /** Verify external tokens/codes and return a standardized user profile */
+    verify: (payload: T) => Promise<OAuthProviderProfile | null>;
+}
+/**
+ * Role data structure
+ */
+export interface RoleData {
+    id: string;
+    name: string;
+    isAdmin: boolean;
+    defaultPermissions: {
+        read?: boolean;
+        create?: boolean;
+        edit?: boolean;
+        delete?: boolean;
+    } | null;
+    collectionPermissions: Record<string, {
+        read?: boolean;
+        create?: boolean;
+        edit?: boolean;
+        delete?: boolean;
+    }> | null;
+    config: Record<string, unknown> | null;
+}
+/**
+ * Data for creating a new role
+ */
+export interface CreateRoleData {
+    id: string;
+    name: string;
+    isAdmin?: boolean;
+    defaultPermissions?: RoleData["defaultPermissions"];
+    collectionPermissions?: RoleData["collectionPermissions"];
+    config?: RoleData["config"];
+}
+/**
+ * Refresh token info
+ */
+export interface RefreshTokenInfo {
+    id: string;
+    userId: string;
+    tokenHash: string;
+    expiresAt: Date;
+    createdAt: Date;
+    userAgent?: string | null;
+    ipAddress?: string | null;
+}
+/**
+ * Password reset token info
+ */
+export interface PasswordResetTokenInfo {
+    userId: string;
+    expiresAt: Date;
+}
+/**
+ * Options for paginated user listing
+ */
+export interface ListUsersOptions {
+    /** Max results per page (default 25) */
+    limit?: number;
+    /** Number of results to skip (default 0) */
+    offset?: number;
+    /** Search term — matches against email and displayName (case-insensitive) */
+    search?: string;
+    /** Field to sort by (default "createdAt") */
+    orderBy?: string;
+    /** Sort direction (default "desc") */
+    orderDir?: "asc" | "desc";
+    /** Filter by role ID */
+    roleId?: string;
+}
+/**
+ * Result of a paginated user listing
+ */
+export interface PaginatedUsersResult {
+    users: UserData[];
+    /** Total number of users matching the filters (ignoring limit/offset) */
+    total: number;
+    limit: number;
+    offset: number;
+}
+/**
+ * Abstract user repository interface.
+ * Handles all user-related database operations.
+ */
+export interface UserRepository {
+    /**
+     * Create a new user
+     */
+    createUser(data: CreateUserData): Promise<UserData>;
+    /**
+     * Get a user by ID
+     */
+    getUserById(id: string): Promise<UserData | null>;
+    /**
+     * Get a user by email
+     */
+    getUserByEmail(email: string): Promise<UserData | null>;
+    /**
+     * Get a user by an OAuth identity
+     */
+    getUserByIdentity(provider: string, providerId: string): Promise<UserData | null>;
+    /**
+     * Get all identities linked to a user
+     */
+    getUserIdentities(userId: string): Promise<UserIdentityData[]>;
+    /**
+     * Link a new OAuth identity to a user
+     */
+    linkUserIdentity(userId: string, provider: string, providerId: string, profileData?: Record<string, unknown>): Promise<void>;
+    /**
+     * Update a user
+     */
+    updateUser(id: string, data: Partial<Omit<CreateUserData, "id">>): Promise<UserData | null>;
+    /**
+     * Delete a user
+     */
+    deleteUser(id: string): Promise<void>;
+    /**
+     * List all users (unbounded — use listUsersPaginated for large datasets)
+     */
+    listUsers(): Promise<UserData[]>;
+    /**
+     * List users with server-side pagination, search, and sorting.
+     */
+    listUsersPaginated(options?: ListUsersOptions): Promise<PaginatedUsersResult>;
+    /**
+     * Update user's password hash
+     */
+    updatePassword(id: string, passwordHash: string): Promise<void>;
+    /**
+     * Set email verification status
+     */
+    setEmailVerified(id: string, verified: boolean): Promise<void>;
+    /**
+     * Set email verification token
+     */
+    setVerificationToken(id: string, token: string | null): Promise<void>;
+    /**
+     * Find user by email verification token
+     */
+    getUserByVerificationToken(token: string): Promise<UserData | null>;
+    /**
+     * Get roles for a user
+     */
+    getUserRoles(userId: string): Promise<RoleData[]>;
+    /**
+     * Get role IDs for a user
+     */
+    getUserRoleIds(userId: string): Promise<string[]>;
+    /**
+     * Set roles for a user (replaces existing roles)
+     */
+    setUserRoles(userId: string, roleIds: string[]): Promise<void>;
+    /**
+     * Assign a specific role to a new user
+     */
+    assignDefaultRole(userId: string, roleId: string): Promise<void>;
+    /**
+     * Get user with their roles
+     */
+    getUserWithRoles(userId: string): Promise<{
+        user: UserData;
+        roles: RoleData[];
+    } | null>;
+}
+/**
+ * Abstract role repository interface.
+ * Handles all role-related database operations.
+ */
+export interface RoleRepository {
+    /**
+     * Get a role by ID
+     */
+    getRoleById(id: string): Promise<RoleData | null>;
+    /**
+     * List all roles
+     */
+    listRoles(): Promise<RoleData[]>;
+    /**
+     * Create a new role
+     */
+    createRole(data: CreateRoleData): Promise<RoleData>;
+    /**
+     * Update a role
+     */
+    updateRole(id: string, data: Partial<Omit<RoleData, "id">>): Promise<RoleData | null>;
+    /**
+     * Delete a role
+     */
+    deleteRole(id: string): Promise<void>;
+}
+/**
+ * Abstract token repository interface.
+ * Handles refresh tokens and password reset tokens.
+ */
+export interface TokenRepository {
+    /**
+     * Create a new refresh token
+     */
+    createRefreshToken(userId: string, tokenHash: string, expiresAt: Date, userAgent?: string, ipAddress?: string): Promise<void>;
+    /**
+     * Find a refresh token by hash
+     */
+    findRefreshTokenByHash(tokenHash: string): Promise<RefreshTokenInfo | null>;
+    /**
+     * Delete a refresh token by hash
+     */
+    deleteRefreshToken(tokenHash: string): Promise<void>;
+    /**
+     * Delete all refresh tokens for a user
+     */
+    deleteAllRefreshTokensForUser(userId: string): Promise<void>;
+    /**
+     * List all refresh tokens for a user
+     */
+    listRefreshTokensForUser(userId: string): Promise<RefreshTokenInfo[]>;
+    /**
+     * Delete a specific refresh token by its primary key ID
+     */
+    deleteRefreshTokenById(id: string, userId: string): Promise<void>;
+    /**
+     * Create a password reset token
+     */
+    createPasswordResetToken(userId: string, tokenHash: string, expiresAt: Date): Promise<void>;
+    /**
+     * Find a valid (not expired, not used) password reset token by hash
+     */
+    findValidPasswordResetToken(tokenHash: string): Promise<PasswordResetTokenInfo | null>;
+    /**
+     * Mark a password reset token as used
+     */
+    markPasswordResetTokenUsed(tokenHash: string): Promise<void>;
+    /**
+     * Delete all password reset tokens for a user
+     */
+    deleteAllPasswordResetTokensForUser(userId: string): Promise<void>;
+    /**
+     * Clean up expired tokens
+     */
+    deleteExpiredTokens(): Promise<void>;
+}
+/**
+ * Combined auth repository interface for convenience
+ */
+export interface AuthRepository extends UserRepository, RoleRepository, TokenRepository {
+}
+//# sourceMappingURL=interfaces.d.ts.map