@robelest/convex-auth 0.0.2-preview.1 → 0.0.2

package/src/server/portal.ts

@@ -0,0 +1,375 @@
+import {
+  queryGeneric,
+  mutationGeneric,
+  internalMutationGeneric,
+} from "convex/server";
+import type { HttpRouter } from "convex/server";
+import { v } from "convex/values";
+import type { ComponentApi as AuthComponentApi } from "../component/_generated/component.js";
+import { registerStaticRoutes } from "@convex-dev/self-hosting";
+
+// ============================================================================
+// Helpers
+// ============================================================================
+
+/**
+ * Check if the authenticated user is a portal admin.
+ * Portal admins are identified by having an accepted invite
+ * with `role: "portalAdmin"`.
+ */
+async function requirePortalAdmin(
+  ctx: any,
+  authComponent: AuthComponentApi,
+  userId: string,
+): Promise<void> {
+  const invites = await ctx.runQuery(authComponent.public.inviteList, {
+    status: "accepted",
+  });
+  const isAdmin = invites.some(
+    (invite: any) =>
+      invite.role === "portalAdmin" && invite.acceptedByUserId === userId,
+  );
+  if (!isAdmin) {
+    throw new Error("Not authorized: portal admin access required");
+  }
+}
+
+// ============================================================================
+// Portal() factory
+// ============================================================================
+
+/**
+ * Configure the Convex Auth Portal. Returns all the functions needed to
+ * serve the portal admin UI, manage invite links, and query auth data.
+ *
+ * The portal dogfoods the same `Auth()` instance as your app. Portal admins
+ * sign in via email magic link and are identified by accepted invites with
+ * `role: "portalAdmin"`.
+ *
+ * ```ts filename="convex/portal.ts"
+ * import { Portal } from "@robelest/convex-auth/component";
+ * import { auth } from "./auth";
+ * import { components } from "./_generated/api";
+ *
+ * export const {
+ *   hosting, getCurrentDeployment,
+ *   portalQuery, portalMutation,
+ *   validateInvite, acceptInvite, createPortalInvite,
+ *   portal,
+ * } = Portal(components.auth, components.selfHosting, auth);
+ * ```
+ *
+ * ## Setup
+ *
+ * 1. Configure an email provider in your `Auth()` config (e.g. Resend).
+ * 2. Generate an admin invite link:
+ *    `npx @robelest/convex-auth portal link [--prod]`
+ * 3. Visit the link, enter your email, click the magic link, and you're in.
+ *
+ * The portal URL is auto-derived from `CONVEX_SITE_URL` (always set by Convex).
+ * Override with `options.portalUrl` if you need a custom URL.
+ */
+export function Portal(
+  authComponent: AuthComponentApi,
+  selfHostingComponent: any,
+  auth: any,
+  options?: { portalUrl?: string },
+) {
+  const portalUrl =
+    options?.portalUrl ??
+    (process.env.CONVEX_SITE_URL
+      ? `${process.env.CONVEX_SITE_URL.replace(/\/$/, "")}/portal`
+      : "/portal");
+
+  return {
+    // ---- Self-hosting: combined internal mutation for CLI ----
+
+    /**
+     * Combined internal mutation for self-hosting operations.
+     * Used by the CLI (`@robelest/convex-auth portal upload`) to
+     * upload static assets and manage deployments.
+     */
+    hosting: internalMutationGeneric({
+      args: {
+        action: v.string(),
+        path: v.optional(v.string()),
+        storageId: v.optional(v.string()),
+        blobId: v.optional(v.string()),
+        contentType: v.optional(v.string()),
+        deploymentId: v.optional(v.string()),
+        currentDeploymentId: v.optional(v.string()),
+        limit: v.optional(v.number()),
+      },
+      handler: async (ctx: any, args: any) => {
+        switch (args.action) {
+          case "generateUploadUrl": {
+            return await ctx.storage.generateUploadUrl();
+          }
+
+          case "recordAsset": {
+            const { oldStorageId, oldBlobId } = await ctx.runMutation(
+              selfHostingComponent.lib.recordAsset,
+              {
+                path: args.path,
+                ...(args.storageId ? { storageId: args.storageId } : {}),
+                ...(args.blobId ? { blobId: args.blobId } : {}),
+                contentType: args.contentType,
+                deploymentId: args.deploymentId,
+              },
+            );
+            if (oldStorageId) {
+              try {
+                await ctx.storage.delete(oldStorageId);
+              } catch {
+                // Ignore — old file may have been in different storage
+              }
+            }
+            return oldBlobId ?? null;
+          }
+
+          case "gcOldAssets": {
+            const { storageIds, blobIds } = await ctx.runMutation(
+              selfHostingComponent.lib.gcOldAssets,
+              { currentDeploymentId: args.currentDeploymentId },
+            );
+            for (const storageId of storageIds) {
+              try {
+                await ctx.storage.delete(storageId);
+              } catch {
+                // Ignore
+              }
+            }
+            await ctx.runMutation(
+              selfHostingComponent.lib.setCurrentDeployment,
+              { deploymentId: args.currentDeploymentId },
+            );
+            return { deleted: storageIds.length, blobIds };
+          }
+
+          case "listAssets": {
+            return await ctx.runQuery(selfHostingComponent.lib.listAssets, {
+              limit: args.limit,
+            });
+          }
+
+          default:
+            throw new Error(`Unknown hosting action: ${args.action}`);
+        }
+      },
+    }),
+
+    // ---- Deployment query (public, for client live-reload) ----
+
+    getCurrentDeployment: queryGeneric({
+      args: {},
+      handler: async (ctx: any) => {
+        return await ctx.runQuery(
+          selfHostingComponent.lib.getCurrentDeployment,
+          {},
+        );
+      },
+    }),
+
+    // ---- Invite management ----
+
+    /**
+     * Validate an invite token. Returns the invite if valid and pending,
+     * or `null` otherwise. Used by the portal UI to check if an invite
+     * link is valid before showing the registration form.
+     */
+    validateInvite: queryGeneric({
+      args: { tokenHash: v.string() },
+      handler: async (ctx: any, { tokenHash }: { tokenHash: string }) => {
+        const invite = await ctx.runQuery(
+          authComponent.public.inviteGetByTokenHash,
+          { tokenHash },
+        );
+        if (!invite || invite.status !== "pending") {
+          return null;
+        }
+        if (invite.expiresTime && invite.expiresTime < Date.now()) {
+          return null;
+        }
+        return { _id: invite._id, role: invite.role };
+      },
+    }),
+
+    /**
+     * Accept a portal invite. Must be called by an authenticated user.
+     * Marks the invite as accepted and records the accepting user's ID.
+     *
+     * The portal UI calls this after the user has signed in via magic link
+     * following an invite link.
+     */
+    acceptInvite: mutationGeneric({
+      args: { tokenHash: v.string() },
+      handler: async (ctx: any, { tokenHash }: { tokenHash: string }) => {
+        const userId = await auth.user.require(ctx);
+
+        const invite = await ctx.runQuery(
+          authComponent.public.inviteGetByTokenHash,
+          { tokenHash },
+        );
+        if (!invite) {
+          throw new Error("Invalid invite token");
+        }
+        if (invite.status !== "pending") {
+          throw new Error(`Invite already ${invite.status}`);
+        }
+        if (invite.expiresTime && invite.expiresTime < Date.now()) {
+          throw new Error("Invite has expired");
+        }
+
+        await ctx.runMutation(authComponent.public.inviteAccept, {
+          inviteId: invite._id,
+          acceptedByUserId: userId,
+        });
+      },
+    }),
+
+    /**
+     * Create a portal admin invite. Internal mutation called by the CLI
+     * (`npx @robelest/convex-auth portal link`).
+     */
+    createPortalInvite: internalMutationGeneric({
+      args: { tokenHash: v.string() },
+      handler: async (ctx: any, { tokenHash }: { tokenHash: string }) => {
+        await ctx.runMutation(authComponent.public.inviteCreate, {
+          tokenHash,
+          role: "portalAdmin",
+          status: "pending" as const,
+        });
+        return { portalUrl };
+      },
+    }),
+
+    // ---- Portal data query (auth-gated) ----
+
+    /**
+     * Combined portal query for all auth data reads.
+     * Requires the caller to be an authenticated portal admin.
+     *
+     * Actions:
+     * - `listUsers` — List all users
+     * - `listSessions` — List all sessions
+     * - `getUser` — Get a single user by ID (requires `userId`)
+     * - `getUserSessions` — List sessions for a user (requires `userId`)
+     * - `getUserAccounts` — List auth accounts for a user (requires `userId`)
+     * - `isAdmin` — Check if the current user is a portal admin
+     */
+    portalQuery: queryGeneric({
+      args: {
+        action: v.string(),
+        userId: v.optional(v.string()),
+      },
+      handler: async (
+        ctx: any,
+        { action, userId }: { action: string; userId?: string },
+      ) => {
+        const currentUserId = await auth.user.require(ctx);
+
+        // Allow isAdmin check without admin requirement
+        if (action === "isAdmin") {
+          try {
+            await requirePortalAdmin(ctx, authComponent, currentUserId);
+            return true;
+          } catch {
+            return false;
+          }
+        }
+
+        await requirePortalAdmin(ctx, authComponent, currentUserId);
+
+        switch (action) {
+          case "listUsers":
+            return await ctx.runQuery(authComponent.public.userList);
+
+          case "listSessions":
+            return await ctx.runQuery(authComponent.public.sessionList);
+
+          case "getUser":
+            return await ctx.runQuery(authComponent.public.userGetById, {
+              userId: userId!,
+            });
+
+          case "getUserSessions":
+            return await ctx.runQuery(authComponent.public.sessionListByUser, {
+              userId: userId!,
+            });
+
+          case "getUserAccounts": {
+            const accounts = await ctx.runQuery(
+              authComponent.public.accountListByUser,
+              { userId: userId! },
+            );
+            // Strip secrets — never send password hashes to the frontend
+            return accounts.map(({ secret: _, ...rest }: any) => rest);
+          }
+
+          default:
+            throw new Error(`Unknown portal query action: ${action}`);
+        }
+      },
+    }),
+
+    // ---- Portal mutation (auth-gated) ----
+
+    /**
+     * Combined portal mutation for all auth data writes.
+     * Requires the caller to be an authenticated portal admin.
+     *
+     * Actions:
+     * - `revokeSession` — Revoke (delete) a session (requires `sessionId`)
+     */
+    portalMutation: mutationGeneric({
+      args: {
+        action: v.string(),
+        sessionId: v.optional(v.string()),
+      },
+      handler: async (
+        ctx: any,
+        { action, sessionId }: { action: string; sessionId?: string },
+      ) => {
+        const currentUserId = await auth.user.require(ctx);
+        await requirePortalAdmin(ctx, authComponent, currentUserId);
+
+        switch (action) {
+          case "revokeSession":
+            await ctx.runMutation(authComponent.public.sessionDelete, {
+              sessionId: sessionId!,
+            });
+            return;
+
+          default:
+            throw new Error(`Unknown portal mutation action: ${action}`);
+        }
+      },
+    }),
+
+    // ---- Portal namespace ----
+
+    portal: {
+      /**
+       * The URL where the portal is served. Used by the Svelte client
+       * as the `redirectTo` for magic link sign-in.
+       */
+      portalUrl,
+
+      /**
+       * Register HTTP routes that serve the portal static UI.
+       */
+      addHttpRoutes: (
+        http: HttpRouter,
+        opts?: { pathPrefix?: string; spaFallback?: boolean },
+      ) => {
+        const prefix = opts?.pathPrefix ?? "/portal";
+
+        // Static file serving
+        registerStaticRoutes(http, selfHostingComponent, {
+          pathPrefix: prefix,
+          spaFallback: opts?.spaFallback ?? true,
+        });
+      },
+    },
+  };
+}

package/src/server/provider_utils.ts

@@ -79,8 +79,41 @@ function materializeAndDefaultProviders(config_: ConvexAuthConfig) {
   );
   const config = { ...config_, providers };
 
+  // setEnvDefaults is from Auth.js and only works with Auth.js provider types.
+  // Filter out passkey and TOTP providers before passing to setEnvDefaults,
+  // then reinsert them at their original positions.
+  const passkeyIndices: number[] = [];
+  const passkeyProviders: AuthProviderMaterializedConfig[] = [];
+  const totpIndices: number[] = [];
+  const totpProviders: AuthProviderMaterializedConfig[] = [];
+  const filteredProviders = config.providers.filter((p, i) => {
+    if (p.type === "passkey") {
+      passkeyIndices.push(i);
+      passkeyProviders.push(p);
+      return false;
+    }
+    if (p.type === "totp") {
+      totpIndices.push(i);
+      totpProviders.push(p);
+      return false;
+    }
+    return true;
+  });
+
   // Unfortunately mutates its argument
-  setEnvDefaults(process.env, config as any);
+  const tempConfig = { ...config, providers: filteredProviders };
+  setEnvDefaults(process.env, tempConfig as any);
+
+  // Reinsert passkey and TOTP providers at their original positions
+  const merged = [...tempConfig.providers];
+  for (let i = 0; i < passkeyIndices.length; i++) {
+    merged.splice(passkeyIndices[i]!, 0, passkeyProviders[i]!);
+  }
+  for (let i = 0; i < totpIndices.length; i++) {
+    merged.splice(totpIndices[i]!, 0, totpProviders[i]!);
+  }
+  config.providers = merged;
+
   // Manually do this for new provider type
   config.providers.forEach((provider) => {
     if (provider.type === "phone") {
@@ -94,6 +127,14 @@ function materializeAndDefaultProviders(config_: ConvexAuthConfig) {
 }
 
 function providerDefaults(provider: AuthProviderMaterializedConfig) {
+  // Passkey providers don't use Auth.js options merge or OAuth normalization
+  if (provider.type === "passkey") {
+    return provider;
+  }
+  // TOTP providers don't use Auth.js options merge or OAuth normalization
+  if (provider.type === "totp") {
+    return provider;
+  }
   // TODO: Add `redirectProxyUrl` to oauth providers
   const merged = merge(
     provider,

package/src/server/types.ts

@@ -14,11 +14,11 @@ import {
   GenericMutationCtx,
 } from "convex/server";
 import { GenericId, Value } from "convex/values";
-import { ConvexCredentialsUserConfig } from "../providers/ConvexCredentials.js";
+import { CredentialsUserConfig } from "../providers/credentials.js";
 import { GenericDoc } from "./convex_types.js";
 
 /**
- * The config for the Convex Auth library, passed to `convexAuth`.
+ * The config for the Convex Auth library, passed to `Auth`.
  */
 export type ConvexAuthConfig = {
   /**
@@ -89,9 +89,9 @@ export type ConvexAuthConfig = {
      *
      * ```ts
      * import GitHub from "@auth/core/providers/github";
-     * import { convexAuth } from "@robelest/convex-auth/component";
+     * import { Auth } from "@robelest/convex-auth/component";
      *
-     * export const { auth, signIn, signOut, store } = convexAuth({
+     * export const { auth, signIn, signOut, store } = Auth({
      *   providers: [GitHub],
      *   callbacks: {
      *     async redirect({ redirectTo }) {
@@ -245,7 +245,11 @@ export type AuthProviderConfig =
   | ConvexCredentialsConfig
   | ((...args: any) => ConvexCredentialsConfig)
   | PhoneConfig
-  | ((...args: any) => PhoneConfig);
+  | ((...args: any) => PhoneConfig)
+  | PasskeyProviderConfig
+  | ((...args: any) => PasskeyProviderConfig)
+  | TotpProviderConfig
+  | ((...args: any) => TotpProviderConfig);
 
 /**
  * Extends the standard Auth.js email provider config
@@ -349,22 +353,153 @@ export type PhoneUserConfig<
 /**
  * Similar to Auth.js Credentials config.
  */
-export type ConvexCredentialsConfig = ConvexCredentialsUserConfig<any> & {
+export type ConvexCredentialsConfig = CredentialsUserConfig<any> & {
   type: "credentials";
   id: string;
 };
 
+/**
+ * Configuration for the passkey (WebAuthn) provider.
+ */
+export interface PasskeyProviderConfig {
+  id: string;
+  type: "passkey";
+  options: {
+    /** Relying Party display name. Defaults to SITE_URL hostname. */
+    rpName?: string;
+    /** Relying Party ID (hostname). Defaults to SITE_URL hostname. */
+    rpId?: string;
+    /** Allowed origins for credential verification. Defaults to SITE_URL. */
+    origin?: string | string[];
+    /** Attestation conveyance preference. Defaults to "none". */
+    attestation?: "none" | "direct";
+    /** User verification requirement. Defaults to "required". */
+    userVerification?: "required" | "preferred" | "discouraged";
+    /** Resident key (discoverable credential) preference. Defaults to "preferred". */
+    residentKey?: "required" | "preferred" | "discouraged";
+    /** Restrict to platform or cross-platform authenticators. */
+    authenticatorAttachment?: "platform" | "cross-platform";
+    /** Supported COSE algorithms. Defaults to [-7 (ES256), -257 (RS256)]. */
+    algorithms?: number[];
+    /** Challenge expiration in ms. Defaults to 300_000 (5 minutes). */
+    challengeExpirationMs?: number;
+  };
+}
+
+/**
+ * Configuration for the TOTP two-factor authentication provider.
+ */
+export interface TotpProviderConfig {
+  id: string;
+  type: "totp";
+  options: {
+    /** Issuer name shown in authenticator apps (e.g. "My App"). */
+    issuer: string;
+    /** Number of digits in each code (default: 6). */
+    digits: number;
+    /** Time period in seconds for code rotation (default: 30). */
+    period: number;
+  };
+}
+
+export type AuthAccountCredentials = {
+  id: string;
+  secret?: string;
+};
+
+export type AuthCreateAccountArgs = {
+  provider: string;
+  account: AuthAccountCredentials;
+  profile: Record<string, unknown> & {
+    email?: string;
+    phone?: string;
+    emailVerified?: boolean;
+    phoneVerified?: boolean;
+  };
+  shouldLinkViaEmail?: boolean;
+  shouldLinkViaPhone?: boolean;
+};
+
+export type AuthRetrieveAccountArgs = {
+  provider: string;
+  account: AuthAccountCredentials;
+};
+
+export type AuthUpdateAccountCredentialsArgs = {
+  provider: string;
+  account: {
+    id: string;
+    secret: string;
+  };
+};
+
+export type AuthInvalidateSessionsArgs = {
+  userId: GenericId<"user">;
+  except?: GenericId<"session">[];
+};
+
+export type AuthProviderSignInArgs = {
+  accountId?: GenericId<"account">;
+  params?: Record<string, Value | undefined>;
+};
+
+export type AuthProviderSignInResult = {
+  userId: GenericId<"user">;
+  sessionId: GenericId<"session">;
+} | null;
+
+export type AuthServerHelpers = {
+  account: {
+    create: (
+      ctx: GenericActionCtx<any>,
+      args: AuthCreateAccountArgs,
+    ) => Promise<{
+      account: GenericDoc<GenericDataModel, "account">;
+      user: GenericDoc<GenericDataModel, "user">;
+    }>;
+    get: (
+      ctx: GenericActionCtx<any>,
+      args: AuthRetrieveAccountArgs,
+    ) => Promise<{
+      account: GenericDoc<GenericDataModel, "account">;
+      user: GenericDoc<GenericDataModel, "user">;
+    }>;
+    updateCredentials: (
+      ctx: GenericActionCtx<any>,
+      args: AuthUpdateAccountCredentialsArgs,
+    ) => Promise<void>;
+  };
+  session: {
+    current: (
+      ctx: { auth: GenericActionCtx<GenericDataModel>["auth"] },
+    ) => Promise<GenericId<"session"> | null>;
+    invalidate: (
+      ctx: GenericActionCtx<any>,
+      args: AuthInvalidateSessionsArgs,
+    ) => Promise<void>;
+  };
+  provider: {
+    signIn: (
+      ctx: GenericActionCtx<any>,
+      provider: AuthProviderConfig,
+      args: AuthProviderSignInArgs,
+    ) => Promise<AuthProviderSignInResult>;
+  };
+};
+
 /**
  * Your `ActionCtx` enriched with `ctx.auth.config` field with
- * the config passed to `convexAuth`.
+ * the config passed to `Auth`.
  */
 export type GenericActionCtxWithAuthConfig<DataModel extends GenericDataModel> =
   GenericActionCtx<DataModel> & {
-    auth: { config: ConvexAuthMaterializedConfig };
+    auth: GenericActionCtx<DataModel>["auth"] & {
+      config: ConvexAuthMaterializedConfig;
+    } & AuthServerHelpers;
   };
 
 /**
- * The config for the Convex Auth library, passed to `convexAuth`,
+ * The config for the Convex Auth library, passed to `Auth`,
  * with defaults and initialized providers.
  *
  * See {@link ConvexAuthConfig}
@@ -385,7 +520,9 @@ export type AuthProviderMaterializedConfig =
   | OAuth2Config<any>
   | EmailConfig
   | PhoneConfig
-  | ConvexCredentialsConfig;
+  | ConvexCredentialsConfig
+  | PasskeyProviderConfig
+  | TotpProviderConfig;
 
 /**
  * Component function references required by core auth runtime.
@@ -441,8 +578,22 @@ export type AuthComponentApi = {
     memberUpdate: FunctionReference<"mutation", "internal">;
     inviteCreate: FunctionReference<"mutation", "internal">;
     inviteGet: FunctionReference<"query", "internal">;
+    inviteGetByTokenHash: FunctionReference<"query", "internal">;
     inviteList: FunctionReference<"query", "internal">;
     inviteAccept: FunctionReference<"mutation", "internal">;
     inviteRevoke: FunctionReference<"mutation", "internal">;
+    passkeyInsert: FunctionReference<"mutation", "internal">;
+    passkeyGetByCredentialId: FunctionReference<"query", "internal">;
+    passkeyListByUserId: FunctionReference<"query", "internal">;
+    passkeyUpdateCounter: FunctionReference<"mutation", "internal">;
+    passkeyUpdateMeta: FunctionReference<"mutation", "internal">;
+    passkeyDelete: FunctionReference<"mutation", "internal">;
+    totpInsert: FunctionReference<"mutation", "internal", any, any>;
+    totpGetVerifiedByUserId: FunctionReference<"query", "internal", any, any>;
+    totpListByUserId: FunctionReference<"query", "internal", any, any>;
+    totpGetById: FunctionReference<"query", "internal", any, any>;
+    totpMarkVerified: FunctionReference<"mutation", "internal", any, any>;
+    totpUpdateLastUsed: FunctionReference<"mutation", "internal", any, any>;
+    totpDelete: FunctionReference<"mutation", "internal", any, any>;
   };
 };

package/dist/providers/Anonymous.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"Anonymous.js","sourceRoot":"","sources":["../../src/providers/Anonymous.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,iBAAiB,MAAM,mDAAmD,CAAC;AAClF,OAAO,EAEL,aAAa,GACd,MAAM,iCAAiC,CAAC;AAoCzC;;;;GAIG;AACH,MAAM,CAAC,OAAO,UAAU,SAAS,CAC/B,SAAqC,EAAE;IAEvC,MAAM,QAAQ,GAAG,MAAM,CAAC,EAAE,IAAI,WAAW,CAAC;IAC1C,OAAO,iBAAiB,CAAY;QAClC,EAAE,EAAE,WAAW;QACf,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE;YAC/B,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC,MAAM,EAAE,GAAG,CAAC,IAAI,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC;YACvE,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,aAAa,CAAC,GAAG,EAAE;gBACxC,QAAQ;gBACR,OAAO,EAAE,EAAE,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE,EAAE;gBACpC,OAAO,EAAE,OAAc;aACxB,CAAC,CAAC;YACH,MAAM;YACN,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC;QAC9B,CAAC;QACD,GAAG,MAAM;KACV,CAAC,CAAC;AACL,CAAC"}

package/dist/providers/ConvexCredentials.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"ConvexCredentials.d.ts","sourceRoot":"","sources":["../../src/providers/ConvexCredentials.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;GAsBG;AAEH,OAAO,EACL,kBAAkB,EAClB,uBAAuB,EACvB,8BAA8B,EAC/B,MAAM,iCAAiC,CAAC;AACzC,OAAO,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AACjD,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AAEjD;;GAEG;AACH,MAAM,WAAW,2BAA2B,CAC1C,SAAS,SAAS,gBAAgB,GAAG,gBAAgB;IAErD;;;OAGG;IACH,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ;;;;;;;OAOG;IACH,SAAS,EAAE;IACT;;;;;;OAMG;IACH,WAAW,EAAE,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,KAAK,GAAG,SAAS,CAAC,CAAC,EACvD,GAAG,EAAE,8BAA8B,CAAC,SAAS,CAAC,KAC3C,OAAO,CAAC;QACX,MAAM,EAAE,SAAS,CAAC,MAAM,CAAC,CAAC;QAC1B,SAAS,CAAC,EAAE,SAAS,CAAC,SAAS,CAAC,CAAC;KAClC,GAAG,IAAI,CAAC,CAAC;IACV;;;;;;;;OAQG;IACH,MAAM,CAAC,EAAE;QACP;;WAEG;QACH,UAAU,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;QAChD;;;WAGG;QACH,YAAY,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;KAClE,CAAC;IACF;;;;OAIG;IACH,cAAc,CAAC,EAAE,CAAC,kBAAkB,GAAG,SAAS,CAAC,EAAE,CAAC;CACrD;AAED;;;GAGG;AACH,MAAM,CAAC,OAAO,UAAU,iBAAiB,CAAC,SAAS,SAAS,gBAAgB,EAC1E,MAAM,EAAE,2BAA2B,CAAC,SAAS,CAAC,GAC7C,uBAAuB,CAQzB"}

package/dist/providers/ConvexCredentials.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"ConvexCredentials.js","sourceRoot":"","sources":["../../src/providers/ConvexCredentials.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;GAsBG;AAuEH;;;GAGG;AACH,MAAM,CAAC,OAAO,UAAU,iBAAiB,CACvC,MAA8C;IAE9C,OAAO;QACL,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,aAAa;QACnB,SAAS,EAAE,KAAK,IAAI,EAAE,CAAC,IAAI;QAC3B,4BAA4B;QAC5B,OAAO,EAAE,MAAM;KAChB,CAAC;AACJ,CAAC"}

package/dist/providers/Email.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"Email.d.ts","sourceRoot":"","sources":["../../src/providers/Email.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AACjD,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAElE;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,wBAAgB,KAAK,CAAC,SAAS,SAAS,gBAAgB,EACtD,MAAM,EAAE,eAAe,CAAC,SAAS,CAAC,GAChC,IAAI,CAAC,WAAW,EAAE,yBAAyB,CAAC,GAC7C,WAAW,CAAC,SAAS,CAAC,CAuBxB"}

package/dist/providers/Email.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"Email.js","sourceRoot":"","sources":["../../src/providers/Email.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAKH;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,MAAM,UAAU,KAAK,CACnB,MAC8C;IAE9C,OAAO;QACL,EAAE,EAAE,OAAO;QACX,IAAI,EAAE,OAAO;QACb,IAAI,EAAE,OAAO;QACb,IAAI,EAAE,+BAA+B;QACrC,MAAM,EAAE,EAAE,GAAG,EAAE,EAAE,SAAS;QAC1B,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE;YACnC,IAAI,OAAO,MAAM,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;gBACrC,MAAM,IAAI,KAAK,CACb,+DAA+D,CAChE,CAAC;YACJ,CAAC;YACD,IAAI,OAAO,CAAC,iBAAiB,KAAK,MAAM,CAAC,KAAK,EAAE,CAAC;gBAC/C,MAAM,IAAI,KAAK,CACb,sDAAsD;oBACpD,wBAAwB,CAC3B,CAAC;YACJ,CAAC;QACH,CAAC;QACD,uBAAuB,EAAE,MAAM,CAAC,uBAAuB;QACvD,OAAO,EAAE,MAAM;KAChB,CAAC;AACJ,CAAC"}

package/dist/providers/Password.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"Password.js","sourceRoot":"","sources":["../../src/providers/Password.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAEH,OAAO,iBAEN,MAAM,mDAAmD,CAAC;AAC3D,OAAO,EAIL,aAAa,EACb,kBAAkB,EAClB,wBAAwB,EACxB,eAAe,EACf,iBAAiB,GAClB,MAAM,iCAAiC,CAAC;AAOzC,OAAO,EAAE,MAAM,EAAE,MAAM,OAAO,CAAC;AA4D/B;;;;;;;;GAQG;AACH,MAAM,CAAC,OAAO,UAAU,QAAQ,CAC9B,SAAoC,EAAE;IAEtC,MAAM,QAAQ,GAAG,MAAM,CAAC,EAAE,IAAI,UAAU,CAAC;IACzC,OAAO,iBAAiB,CAAY;QAClC,EAAE,EAAE,UAAU;QACd,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE;YAC/B,MAAM,IAAI,GAAG,MAAM,CAAC,IAAc,CAAC;YACnC,MAAM,kBAAkB,GACtB,IAAI,KAAK,QAAQ;gBACf,CAAC,CAAE,MAAM,CAAC,QAAmB;gBAC7B,CAAC,CAAC,IAAI,KAAK,oBAAoB;oBAC7B,CAAC,CAAE,MAAM,CAAC,WAAsB;oBAChC,CAAC,CAAC,IAAI,CAAC;YACb,IAAI,kBAAkB,KAAK,IAAI,EAAE,CAAC;gBAChC,IAAI,MAAM,CAAC,4BAA4B,KAAK,SAAS,EAAE,CAAC;oBACtD,MAAM,CAAC,4BAA4B,CAAC,kBAAkB,CAAC,CAAC;gBAC1D,CAAC;qBAAM,CAAC;oBACN,mCAAmC,CAAC,kBAAkB,CAAC,CAAC;gBAC1D,CAAC;YACH,CAAC;YACD,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC,MAAM,EAAE,GAAG,CAAC,IAAI,cAAc,CAAC,MAAM,CAAC,CAAC;YACxE,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC;YAC1B,MAAM,MAAM,GAAG,MAAM,CAAC,QAAkB,CAAC;YACzC,IAAI,OAAyC,CAAC;YAC9C,IAAI,IAAmC,CAAC;YACxC,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACtB,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;oBACzB,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;gBAChE,CAAC;gBACD,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,GAAG,EAAE;oBACvC,QAAQ;oBACR,OAAO,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE;oBAC9B,OAAO,EAAE,OAAc;oBACvB,kBAAkB,EAAE,MAAM,CAAC,MAAM,KAAK,SAAS;oBAC/C,kBAAkB,EAAE,KAAK;iBAC1B,CAAC,CAAC;gBACH,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,CAAC;YAChC,CAAC;iBAAM,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC7B,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;oBACzB,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;gBAChE,CAAC;gBACD,MAAM,SAAS,GAAG,MAAM,eAAe,CAAC,GAAG,EAAE;oBAC3C,QAAQ;oBACR,OAAO,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE;iBAC/B,CAAC,CAAC;gBACH,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;oBACvB,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;gBACzC,CAAC;gBACD,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,SAAS,CAAC,CAAC;gBAChC,0CAA0C;YAC5C,CAAC;iBAAM,IAAI,IAAI,KAAK,OAAO,EAAE,CAAC;gBAC5B,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;oBAClB,MAAM,IAAI,KAAK,CAAC,qCAAqC,QAAQ,EAAE,CAAC,CAAC;gBACnE,CAAC;gBACD,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,eAAe,CAAC,GAAG,EAAE;oBAC7C,QAAQ;oBACR,OAAO,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE;iBACvB,CAAC,CAAC;gBACH,OAAO,MAAM,iBAAiB,CAAC,GAAG,EAAE,MAAM,CAAC,KAAK,EAAE;oBAChD,SAAS,EAAE,OAAO,CAAC,GAAG;oBACtB,MAAM;iBACP,CAAC,CAAC;YACL,CAAC;iBAAM,IAAI,IAAI,KAAK,oBAAoB,EAAE,CAAC;gBACzC,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;oBAClB,MAAM,IAAI,KAAK,CAAC,qCAAqC,QAAQ,EAAE,CAAC,CAAC;gBACnE,CAAC;gBACD,IAAI,MAAM,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;oBACrC,MAAM,IAAI,KAAK,CACb,2DAA2D,CAC5D,CAAC;gBACJ,CAAC;gBACD,MAAM,MAAM,GAAG,MAAM,iBAAiB,CAAC,GAAG,EAAE,MAAM,CAAC,KAAK,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC;gBACtE,IAAI,MAAM,KAAK,IAAI,EAAE,CAAC;oBACpB,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAC;gBAClC,CAAC;gBACD,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,CAAC;gBACrC,MAAM,MAAM,GAAG,MAAM,CAAC,WAAqB,CAAC;gBAC5C,MAAM,wBAAwB,CAAC,GAAG,EAAE;oBAClC,QAAQ;oBACR,OAAO,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE;iBAC/B,CAAC,CAAC;gBACH,MAAM,kBAAkB,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;gBAC/D,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;gBAC7B,MAAM;gBACN,qDAAqD;YACvD,CAAC;iBAAM,IAAI,IAAI,KAAK,oBAAoB,EAAE,CAAC;gBACzC,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;oBACnB,MAAM,IAAI,KAAK,CAAC,yCAAyC,QAAQ,EAAE,CAAC,CAAC;gBACvE,CAAC;gBACD,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,eAAe,CAAC,GAAG,EAAE;oBAC7C,QAAQ;oBACR,OAAO,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE;iBACvB,CAAC,CAAC;gBACH,OAAO,MAAM,iBAAiB,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE;oBACjD,SAAS,EAAE,OAAO,CAAC,GAAG;oBACtB,MAAM;iBACP,CAAC,CAAC;gBACH,MAAM;YACR,CAAC;iBAAM,CAAC;gBACN,MAAM,IAAI,KAAK,CACb,0CAA0C;oBACxC,uDAAuD;oBACvD,uBAAuB,CAC1B,CAAC;YACJ,CAAC;YACD,qDAAqD;YACrD,IAAI,MAAM,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC;gBAC5C,OAAO,MAAM,iBAAiB,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE;oBACjD,SAAS,EAAE,OAAO,CAAC,GAAG;oBACtB,MAAM;iBACP,CAAC,CAAC;YACL,CAAC;YACD,MAAM;YACN,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC;QAC9B,CAAC;QACD,MAAM,EAAE;YACN,KAAK,CAAC,UAAU,CAAC,QAAgB;gBAC/B,OAAO,MAAM,IAAI,MAAM,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC3C,CAAC;YACD,KAAK,CAAC,YAAY,CAAC,QAAgB,EAAE,IAAY;gBAC/C,OAAO,MAAM,IAAI,MAAM,EAAE,CAAC,MAAM,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;YACnD,CAAC;SACF;QACD,cAAc,EAAE,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC;QAC7C,GAAG,MAAM;KACV,CAAC,CAAC;AACL,CAAC;AAED,SAAS,mCAAmC,CAAC,QAAgB;IAC3D,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACrC,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;IACtC,CAAC;AACH,CAAC;AAED,SAAS,cAAc,CAAC,MAA+B;IACrD,OAAO;QACL,KAAK,EAAE,MAAM,CAAC,KAAe;KAC9B,CAAC;AACJ,CAAC"}