@robelest/convex-auth 0.0.4-preview.16 → 0.0.4-preview.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (88) hide show
  1. package/dist/authorization/index.d.ts +17 -0
  2. package/dist/authorization/index.d.ts.map +1 -0
  3. package/dist/authorization/index.js +17 -0
  4. package/dist/authorization/index.js.map +1 -0
  5. package/dist/client/index.js +73 -0
  6. package/dist/client/index.js.map +1 -1
  7. package/dist/component/_generated/component.d.ts +52 -0
  8. package/dist/component/_generated/component.d.ts.map +1 -1
  9. package/dist/component/convex.config.d.ts +2 -2
  10. package/dist/component/convex.config.d.ts.map +1 -1
  11. package/dist/component/index.js +2 -2
  12. package/dist/component/model.d.ts +75 -75
  13. package/dist/component/model.d.ts.map +1 -1
  14. package/dist/component/model.js +2 -0
  15. package/dist/component/model.js.map +1 -1
  16. package/dist/component/public/factors.d.ts.map +1 -1
  17. package/dist/component/public/factors.js +1 -1
  18. package/dist/component/public/factors.js.map +1 -1
  19. package/dist/component/public/groups.d.ts +10 -2
  20. package/dist/component/public/groups.d.ts.map +1 -1
  21. package/dist/component/public/groups.js +92 -8
  22. package/dist/component/public/groups.js.map +1 -1
  23. package/dist/component/public/identity.d.ts.map +1 -1
  24. package/dist/component/public/identity.js +3 -3
  25. package/dist/component/public/identity.js.map +1 -1
  26. package/dist/component/public/shared.d.ts +4 -4
  27. package/dist/component/public/shared.d.ts.map +1 -1
  28. package/dist/component/public.d.ts +3 -3
  29. package/dist/component/public.js +2 -2
  30. package/dist/component/schema.d.ts +13 -2
  31. package/dist/component/schema.js +7 -5
  32. package/dist/component/schema.js.map +1 -1
  33. package/dist/component/server/auth.d.ts +4 -25
  34. package/dist/component/server/auth.d.ts.map +1 -1
  35. package/dist/component/server/auth.js +4 -10
  36. package/dist/component/server/auth.js.map +1 -1
  37. package/dist/component/server/domains/core.js +196 -131
  38. package/dist/component/server/domains/core.js.map +1 -1
  39. package/dist/component/server/factory.d.ts +3 -3
  40. package/dist/component/server/signin.js +20 -1
  41. package/dist/component/server/signin.js.map +1 -1
  42. package/dist/server/auth.d.ts +4 -25
  43. package/dist/server/auth.d.ts.map +1 -1
  44. package/dist/server/auth.js +4 -10
  45. package/dist/server/auth.js.map +1 -1
  46. package/dist/server/domains/core.d.ts +73 -58
  47. package/dist/server/domains/core.d.ts.map +1 -1
  48. package/dist/server/domains/core.js +196 -131
  49. package/dist/server/domains/core.js.map +1 -1
  50. package/dist/server/http.d.ts +2 -2
  51. package/dist/server/http.d.ts.map +1 -1
  52. package/dist/server/index.d.ts +108 -69
  53. package/dist/server/index.d.ts.map +1 -1
  54. package/dist/server/index.js +138 -54
  55. package/dist/server/index.js.map +1 -1
  56. package/dist/server/mutations/code.d.ts +9 -9
  57. package/dist/server/mutations/index.d.ts +69 -69
  58. package/dist/server/mutations/invalidate.d.ts +4 -4
  59. package/dist/server/mutations/invalidate.d.ts.map +1 -1
  60. package/dist/server/mutations/oauth.d.ts +7 -7
  61. package/dist/server/mutations/register.d.ts +9 -9
  62. package/dist/server/mutations/retrieve.d.ts +6 -6
  63. package/dist/server/mutations/retrieve.d.ts.map +1 -1
  64. package/dist/server/mutations/signature.d.ts +4 -4
  65. package/dist/server/mutations/signature.d.ts.map +1 -1
  66. package/dist/server/mutations/signin.d.ts +5 -5
  67. package/dist/server/mutations/signin.d.ts.map +1 -1
  68. package/dist/server/mutations/verify.d.ts +7 -7
  69. package/dist/server/signin.js +20 -1
  70. package/dist/server/signin.js.map +1 -1
  71. package/dist/server/version.d.ts +1 -1
  72. package/dist/server/version.js +1 -1
  73. package/dist/server/version.js.map +1 -1
  74. package/package.json +9 -5
  75. package/src/authorization/index.ts +37 -0
  76. package/src/client/index.ts +122 -0
  77. package/src/component/_generated/component.ts +64 -0
  78. package/src/component/index.ts +1 -1
  79. package/src/component/model.ts +2 -0
  80. package/src/component/public/factors.ts +3 -2
  81. package/src/component/public/groups.ts +142 -8
  82. package/src/component/public/identity.ts +9 -6
  83. package/src/component/schema.ts +14 -2
  84. package/src/server/auth.ts +9 -61
  85. package/src/server/domains/core.ts +235 -210
  86. package/src/server/index.ts +158 -75
  87. package/src/server/signin.ts +52 -0
  88. package/src/server/version.ts +1 -1
@@ -1 +1 @@
1
- {"version":3,"file":"model.js","names":[],"sources":["../../src/component/model.ts"],"sourcesContent":["import { v } from \"convex/values\";\n\nexport const TABLES = {\n User: \"User\",\n Session: \"Session\",\n Account: \"Account\",\n AuthVerifier: \"AuthVerifier\",\n VerificationCode: \"VerificationCode\",\n RefreshToken: \"RefreshToken\",\n Passkey: \"Passkey\",\n TotpFactor: \"TotpFactor\",\n RateLimit: \"RateLimit\",\n Group: \"Group\",\n GroupTag: \"GroupTag\",\n GroupMember: \"GroupMember\",\n GroupInvite: \"GroupInvite\",\n Enterprise: \"Enterprise\",\n EnterpriseDomain: \"EnterpriseDomain\",\n EnterpriseDomainVerification: \"EnterpriseDomainVerification\",\n EnterpriseSecret: \"EnterpriseSecret\",\n EnterpriseScimConfig: \"EnterpriseScimConfig\",\n EnterpriseScimIdentity: \"EnterpriseScimIdentity\",\n EnterpriseAuditEvent: \"EnterpriseAuditEvent\",\n EnterpriseWebhookEndpoint: \"EnterpriseWebhookEndpoint\",\n EnterpriseWebhookDelivery: \"EnterpriseWebhookDelivery\",\n ApiKey: \"ApiKey\",\n DeviceCode: \"DeviceCode\",\n} as const;\n\nexport const vTag = v.object({ key: v.string(), value: v.string() });\n\nexport const vInviteStatus = v.union(\n v.literal(\"pending\"),\n v.literal(\"accepted\"),\n v.literal(\"revoked\"),\n v.literal(\"expired\"),\n);\n\nexport const vDeviceStatus = v.union(\n v.literal(\"pending\"),\n v.literal(\"authorized\"),\n v.literal(\"denied\"),\n);\n\nexport const vEnterpriseAccountLinkingPolicy = v.union(\n v.literal(\"verifiedEmail\"),\n v.literal(\"none\"),\n);\n\nexport const vEnterpriseScimReuseUserPolicy = v.union(\n v.literal(\"externalId\"),\n v.literal(\"none\"),\n);\n\nexport const vEnterpriseJitProvisioningMode = v.union(\n v.literal(\"off\"),\n v.literal(\"createUser\"),\n v.literal(\"createUserAndMembership\"),\n);\n\nexport const vEnterpriseDeprovisionMode = v.union(\n v.literal(\"soft\"),\n v.literal(\"hard\"),\n);\n\nexport const vEnterpriseStatus = v.union(\n v.literal(\"draft\"),\n v.literal(\"active\"),\n v.literal(\"disabled\"),\n);\n\nexport const vEnterprisePolicy = v.object({\n version: v.literal(1),\n identity: v.object({\n accountLinking: v.object({\n oidc: vEnterpriseAccountLinkingPolicy,\n saml: vEnterpriseAccountLinkingPolicy,\n }),\n }),\n provisioning: v.object({\n scimReuse: v.object({\n user: vEnterpriseScimReuseUserPolicy,\n }),\n jit: v.object({\n mode: vEnterpriseJitProvisioningMode,\n defaultRole: v.optional(v.string()),\n defaultRoleIds: v.optional(v.array(v.string())),\n }),\n deprovision: v.object({\n mode: vEnterpriseDeprovisionMode,\n }),\n }),\n extend: v.optional(v.any()),\n});\n\nexport const vScimStatus = v.union(\n v.literal(\"draft\"),\n v.literal(\"active\"),\n v.literal(\"disabled\"),\n);\n\nexport const vScimResourceType = v.union(v.literal(\"user\"), v.literal(\"group\"));\n\nexport const vAuditActorType = v.union(\n v.literal(\"user\"),\n v.literal(\"system\"),\n v.literal(\"scim\"),\n v.literal(\"api_key\"),\n v.literal(\"webhook\"),\n);\n\nexport const vAuditStatus = v.union(v.literal(\"success\"), v.literal(\"failure\"));\n\nexport const vWebhookEndpointStatus = v.union(\n v.literal(\"active\"),\n v.literal(\"disabled\"),\n);\n\nexport const vWebhookDeliveryStatus = v.union(\n v.literal(\"pending\"),\n v.literal(\"processing\"),\n v.literal(\"delivered\"),\n v.literal(\"failed\"),\n);\n\nexport const vInviteTokenAcceptStatus = v.union(\n v.literal(\"accepted\"),\n v.literal(\"already_accepted\"),\n);\n\nexport const vMembershipStatus = v.union(\n v.literal(\"joined\"),\n v.literal(\"already_joined\"),\n v.literal(\"not_applicable\"),\n);\n\nexport const vApiKeyScope = v.object({\n resource: v.string(),\n actions: v.array(v.string()),\n});\n\nexport const vApiKeyRateLimit = v.object({\n maxRequests: v.number(),\n windowMs: v.number(),\n});\n\nexport const vApiKeyRateLimitState = v.object({\n attemptsLeft: v.number(),\n lastAttemptTime: v.number(),\n});\n\nexport const vEnterpriseSecretKind = v.union(v.literal(\"oidc_client_secret\"));\n\nfunction vDocMeta<T extends (typeof TABLES)[keyof typeof TABLES]>(\n tableName: T,\n) {\n return {\n _id: v.id(tableName),\n _creationTime: v.number(),\n };\n}\n\nexport const vUserDoc = v.object({\n ...vDocMeta(TABLES.User),\n name: v.optional(v.string()),\n image: v.optional(v.string()),\n email: v.optional(v.string()),\n emailVerificationTime: v.optional(v.number()),\n phone: v.optional(v.string()),\n phoneVerificationTime: v.optional(v.number()),\n isAnonymous: v.optional(v.boolean()),\n extend: v.optional(v.any()),\n});\n\nexport const vSessionDoc = v.object({\n ...vDocMeta(TABLES.Session),\n userId: v.id(TABLES.User),\n expirationTime: v.number(),\n});\n\nexport const vAccountDoc = v.object({\n ...vDocMeta(TABLES.Account),\n userId: v.id(TABLES.User),\n provider: v.string(),\n providerAccountId: v.string(),\n secret: v.optional(v.string()),\n emailVerified: v.optional(v.string()),\n phoneVerified: v.optional(v.string()),\n extend: v.optional(v.any()),\n});\n\nexport const vAuthVerifierDoc = v.object({\n ...vDocMeta(TABLES.AuthVerifier),\n sessionId: v.optional(v.id(TABLES.Session)),\n signature: v.optional(v.string()),\n});\n\nexport const vVerificationCodeDoc = v.object({\n ...vDocMeta(TABLES.VerificationCode),\n accountId: v.id(TABLES.Account),\n provider: v.string(),\n code: v.string(),\n expirationTime: v.number(),\n verifier: v.optional(v.string()),\n emailVerified: v.optional(v.string()),\n phoneVerified: v.optional(v.string()),\n});\n\nexport const vRefreshTokenDoc = v.object({\n ...vDocMeta(TABLES.RefreshToken),\n sessionId: v.id(TABLES.Session),\n expirationTime: v.number(),\n firstUsedTime: v.optional(v.number()),\n parentRefreshTokenId: v.optional(v.id(TABLES.RefreshToken)),\n});\n\nexport const vPasskeyDoc = v.object({\n ...vDocMeta(TABLES.Passkey),\n userId: v.id(TABLES.User),\n credentialId: v.string(),\n publicKey: v.bytes(),\n algorithm: v.number(),\n counter: v.number(),\n transports: v.optional(v.array(v.string())),\n deviceType: v.string(),\n backedUp: v.boolean(),\n name: v.optional(v.string()),\n createdAt: v.number(),\n lastUsedAt: v.optional(v.number()),\n});\n\nexport const vTotpFactorDoc = v.object({\n ...vDocMeta(TABLES.TotpFactor),\n userId: v.id(TABLES.User),\n secret: v.bytes(),\n digits: v.number(),\n period: v.number(),\n verified: v.boolean(),\n name: v.optional(v.string()),\n createdAt: v.number(),\n lastUsedAt: v.optional(v.number()),\n});\n\nexport const vRateLimitDoc = v.object({\n ...vDocMeta(TABLES.RateLimit),\n identifier: v.string(),\n last_attempt_time: v.number(),\n attempts_left: v.number(),\n});\n\nexport const vGroupDoc = v.object({\n ...vDocMeta(TABLES.Group),\n name: v.string(),\n slug: v.optional(v.string()),\n type: v.optional(v.string()),\n parentGroupId: v.optional(v.id(TABLES.Group)),\n tags: v.optional(v.array(vTag)),\n extend: v.optional(v.any()),\n});\n\nexport const vGroupMemberDoc = v.object({\n ...vDocMeta(TABLES.GroupMember),\n groupId: v.id(TABLES.Group),\n userId: v.id(TABLES.User),\n role: v.optional(v.string()),\n roleIds: v.optional(v.array(v.string())),\n status: v.optional(v.string()),\n extend: v.optional(v.any()),\n});\n\nexport const vGroupInviteDoc = v.object({\n ...vDocMeta(TABLES.GroupInvite),\n groupId: v.optional(v.id(TABLES.Group)),\n invitedByUserId: v.optional(v.id(TABLES.User)),\n email: v.optional(v.string()),\n tokenHash: v.string(),\n role: v.optional(v.string()),\n roleIds: v.optional(v.array(v.string())),\n status: vInviteStatus,\n expiresTime: v.optional(v.number()),\n acceptedByUserId: v.optional(v.id(TABLES.User)),\n acceptedTime: v.optional(v.number()),\n extend: v.optional(v.any()),\n});\n\nexport const vApiKeyDoc = v.object({\n ...vDocMeta(TABLES.ApiKey),\n userId: v.id(TABLES.User),\n prefix: v.string(),\n hashedKey: v.string(),\n name: v.string(),\n scopes: v.array(vApiKeyScope),\n rateLimit: v.optional(vApiKeyRateLimit),\n rateLimitState: v.optional(vApiKeyRateLimitState),\n expiresAt: v.optional(v.number()),\n lastUsedAt: v.optional(v.number()),\n createdAt: v.number(),\n revoked: v.boolean(),\n metadata: v.optional(v.any()),\n});\n\nexport const vDeviceCodeDoc = v.object({\n ...vDocMeta(TABLES.DeviceCode),\n deviceCodeHash: v.string(),\n userCode: v.string(),\n expiresAt: v.number(),\n interval: v.number(),\n status: vDeviceStatus,\n userId: v.optional(v.id(TABLES.User)),\n sessionId: v.optional(v.id(TABLES.Session)),\n lastPolledAt: v.optional(v.number()),\n});\n\nexport const vEnterpriseDoc = v.object({\n ...vDocMeta(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n slug: v.optional(v.string()),\n name: v.optional(v.string()),\n status: vEnterpriseStatus,\n policy: v.optional(vEnterprisePolicy),\n config: v.optional(v.any()),\n extend: v.optional(v.any()),\n});\n\nexport const vEnterpriseDomainDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseDomain),\n enterpriseId: v.id(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n domain: v.string(),\n isPrimary: v.boolean(),\n verifiedAt: v.optional(v.number()),\n});\n\nexport const vEnterpriseDomainVerificationDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseDomainVerification),\n enterpriseId: v.id(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n domainId: v.id(TABLES.EnterpriseDomain),\n domain: v.string(),\n recordName: v.string(),\n token: v.string(),\n tokenHash: v.string(),\n requestedAt: v.number(),\n expiresAt: v.number(),\n});\n\nexport const vEnterpriseSecretDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseSecret),\n enterpriseId: v.id(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n kind: vEnterpriseSecretKind,\n ciphertext: v.string(),\n updatedAt: v.number(),\n});\n\nexport const vEnterpriseScimConfigDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseScimConfig),\n enterpriseId: v.id(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n status: vScimStatus,\n basePath: v.string(),\n tokenHash: v.string(),\n lastRotatedAt: v.optional(v.number()),\n extend: v.optional(v.any()),\n});\n\nexport const vEnterpriseScimIdentityDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseScimIdentity),\n enterpriseId: v.id(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n resourceType: vScimResourceType,\n externalId: v.string(),\n userId: v.optional(v.id(TABLES.User)),\n mappedGroupId: v.optional(v.id(TABLES.Group)),\n lastProvisionedAt: v.optional(v.number()),\n active: v.optional(v.boolean()),\n raw: v.optional(v.any()),\n});\n\nexport const vEnterpriseAuditEventDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseAuditEvent),\n enterpriseId: v.id(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n eventType: v.string(),\n actorType: vAuditActorType,\n actorId: v.optional(v.string()),\n subjectType: v.string(),\n subjectId: v.optional(v.string()),\n status: vAuditStatus,\n occurredAt: v.number(),\n requestId: v.optional(v.string()),\n ip: v.optional(v.string()),\n metadata: v.optional(v.any()),\n});\n\nexport const vEnterpriseWebhookEndpointDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseWebhookEndpoint),\n enterpriseId: v.id(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n url: v.string(),\n status: vWebhookEndpointStatus,\n secretHash: v.string(),\n subscriptions: v.array(v.string()),\n createdByUserId: v.optional(v.id(TABLES.User)),\n lastSuccessAt: v.optional(v.number()),\n lastFailureAt: v.optional(v.number()),\n failureCount: v.number(),\n extend: v.optional(v.any()),\n});\n\nexport const vEnterpriseWebhookDeliveryDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseWebhookDelivery),\n enterpriseId: v.id(TABLES.Enterprise),\n endpointId: v.id(TABLES.EnterpriseWebhookEndpoint),\n auditEventId: v.optional(v.id(TABLES.EnterpriseAuditEvent)),\n eventType: v.string(),\n status: vWebhookDeliveryStatus,\n attemptCount: v.number(),\n nextAttemptAt: v.number(),\n lastAttemptAt: v.optional(v.number()),\n lastResponseStatus: v.optional(v.number()),\n lastError: v.optional(v.string()),\n payload: v.any(),\n});\n\nexport const vRateLimitResult = v.object({\n ...vDocMeta(TABLES.RateLimit),\n identifier: v.string(),\n last_attempt_time: v.number(),\n attempts_left: v.number(),\n attemptsLeft: v.number(),\n lastAttemptTime: v.number(),\n});\n\nexport const vInviteAcceptByTokenResult = v.object({\n inviteId: v.id(TABLES.GroupInvite),\n groupId: v.union(v.id(TABLES.Group), v.null()),\n memberId: v.optional(v.id(TABLES.GroupMember)),\n inviteStatus: vInviteTokenAcceptStatus,\n membershipStatus: vMembershipStatus,\n});\n"],"mappings":";;;AAEA,MAAa,SAAS;CACpB,MAAM;CACN,SAAS;CACT,SAAS;CACT,cAAc;CACd,kBAAkB;CAClB,cAAc;CACd,SAAS;CACT,YAAY;CACZ,WAAW;CACX,OAAO;CACP,UAAU;CACV,aAAa;CACb,aAAa;CACb,YAAY;CACZ,kBAAkB;CAClB,8BAA8B;CAC9B,kBAAkB;CAClB,sBAAsB;CACtB,wBAAwB;CACxB,sBAAsB;CACtB,2BAA2B;CAC3B,2BAA2B;CAC3B,QAAQ;CACR,YAAY;CACb;AAED,MAAa,OAAO,EAAE,OAAO;CAAE,KAAK,EAAE,QAAQ;CAAE,OAAO,EAAE,QAAQ;CAAE,CAAC;AAEpE,MAAa,gBAAgB,EAAE,MAC7B,EAAE,QAAQ,UAAU,EACpB,EAAE,QAAQ,WAAW,EACrB,EAAE,QAAQ,UAAU,EACpB,EAAE,QAAQ,UAAU,CACrB;AAED,MAAa,gBAAgB,EAAE,MAC7B,EAAE,QAAQ,UAAU,EACpB,EAAE,QAAQ,aAAa,EACvB,EAAE,QAAQ,SAAS,CACpB;AAED,MAAa,kCAAkC,EAAE,MAC/C,EAAE,QAAQ,gBAAgB,EAC1B,EAAE,QAAQ,OAAO,CAClB;AAED,MAAa,iCAAiC,EAAE,MAC9C,EAAE,QAAQ,aAAa,EACvB,EAAE,QAAQ,OAAO,CAClB;AAED,MAAa,iCAAiC,EAAE,MAC9C,EAAE,QAAQ,MAAM,EAChB,EAAE,QAAQ,aAAa,EACvB,EAAE,QAAQ,0BAA0B,CACrC;AAED,MAAa,6BAA6B,EAAE,MAC1C,EAAE,QAAQ,OAAO,EACjB,EAAE,QAAQ,OAAO,CAClB;AAED,MAAa,oBAAoB,EAAE,MACjC,EAAE,QAAQ,QAAQ,EAClB,EAAE,QAAQ,SAAS,EACnB,EAAE,QAAQ,WAAW,CACtB;AAED,MAAa,oBAAoB,EAAE,OAAO;CACxC,SAAS,EAAE,QAAQ,EAAE;CACrB,UAAU,EAAE,OAAO,EACjB,gBAAgB,EAAE,OAAO;EACvB,MAAM;EACN,MAAM;EACP,CAAC,EACH,CAAC;CACF,cAAc,EAAE,OAAO;EACrB,WAAW,EAAE,OAAO,EAClB,MAAM,gCACP,CAAC;EACF,KAAK,EAAE,OAAO;GACZ,MAAM;GACN,aAAa,EAAE,SAAS,EAAE,QAAQ,CAAC;GACnC,gBAAgB,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;GAChD,CAAC;EACF,aAAa,EAAE,OAAO,EACpB,MAAM,4BACP,CAAC;EACH,CAAC;CACF,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,cAAc,EAAE,MAC3B,EAAE,QAAQ,QAAQ,EAClB,EAAE,QAAQ,SAAS,EACnB,EAAE,QAAQ,WAAW,CACtB;AAED,MAAa,oBAAoB,EAAE,MAAM,EAAE,QAAQ,OAAO,EAAE,EAAE,QAAQ,QAAQ,CAAC;AAE/E,MAAa,kBAAkB,EAAE,MAC/B,EAAE,QAAQ,OAAO,EACjB,EAAE,QAAQ,SAAS,EACnB,EAAE,QAAQ,OAAO,EACjB,EAAE,QAAQ,UAAU,EACpB,EAAE,QAAQ,UAAU,CACrB;AAED,MAAa,eAAe,EAAE,MAAM,EAAE,QAAQ,UAAU,EAAE,EAAE,QAAQ,UAAU,CAAC;AAE/E,MAAa,yBAAyB,EAAE,MACtC,EAAE,QAAQ,SAAS,EACnB,EAAE,QAAQ,WAAW,CACtB;AAED,MAAa,yBAAyB,EAAE,MACtC,EAAE,QAAQ,UAAU,EACpB,EAAE,QAAQ,aAAa,EACvB,EAAE,QAAQ,YAAY,EACtB,EAAE,QAAQ,SAAS,CACpB;AAED,MAAa,2BAA2B,EAAE,MACxC,EAAE,QAAQ,WAAW,EACrB,EAAE,QAAQ,mBAAmB,CAC9B;AAED,MAAa,oBAAoB,EAAE,MACjC,EAAE,QAAQ,SAAS,EACnB,EAAE,QAAQ,iBAAiB,EAC3B,EAAE,QAAQ,iBAAiB,CAC5B;AAED,MAAa,eAAe,EAAE,OAAO;CACnC,UAAU,EAAE,QAAQ;CACpB,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC;CAC7B,CAAC;AAEF,MAAa,mBAAmB,EAAE,OAAO;CACvC,aAAa,EAAE,QAAQ;CACvB,UAAU,EAAE,QAAQ;CACrB,CAAC;AAEF,MAAa,wBAAwB,EAAE,OAAO;CAC5C,cAAc,EAAE,QAAQ;CACxB,iBAAiB,EAAE,QAAQ;CAC5B,CAAC;AAEF,MAAa,wBAAwB,EAAE,MAAM,EAAE,QAAQ,qBAAqB,CAAC;AAE7E,SAAS,SACP,WACA;AACA,QAAO;EACL,KAAK,EAAE,GAAG,UAAU;EACpB,eAAe,EAAE,QAAQ;EAC1B;;AAGH,MAAa,WAAW,EAAE,OAAO;CAC/B,GAAG,SAAS,OAAO,KAAK;CACxB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC7B,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC7B,uBAAuB,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC7C,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC7B,uBAAuB,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC7C,aAAa,EAAE,SAAS,EAAE,SAAS,CAAC;CACpC,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,cAAc,EAAE,OAAO;CAClC,GAAG,SAAS,OAAO,QAAQ;CAC3B,QAAQ,EAAE,GAAG,OAAO,KAAK;CACzB,gBAAgB,EAAE,QAAQ;CAC3B,CAAC;AAEF,MAAa,cAAc,EAAE,OAAO;CAClC,GAAG,SAAS,OAAO,QAAQ;CAC3B,QAAQ,EAAE,GAAG,OAAO,KAAK;CACzB,UAAU,EAAE,QAAQ;CACpB,mBAAmB,EAAE,QAAQ;CAC7B,QAAQ,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC9B,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,mBAAmB,EAAE,OAAO;CACvC,GAAG,SAAS,OAAO,aAAa;CAChC,WAAW,EAAE,SAAS,EAAE,GAAG,OAAO,QAAQ,CAAC;CAC3C,WAAW,EAAE,SAAS,EAAE,QAAQ,CAAC;CAClC,CAAC;AAEF,MAAa,uBAAuB,EAAE,OAAO;CAC3C,GAAG,SAAS,OAAO,iBAAiB;CACpC,WAAW,EAAE,GAAG,OAAO,QAAQ;CAC/B,UAAU,EAAE,QAAQ;CACpB,MAAM,EAAE,QAAQ;CAChB,gBAAgB,EAAE,QAAQ;CAC1B,UAAU,EAAE,SAAS,EAAE,QAAQ,CAAC;CAChC,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACtC,CAAC;AAEF,MAAa,mBAAmB,EAAE,OAAO;CACvC,GAAG,SAAS,OAAO,aAAa;CAChC,WAAW,EAAE,GAAG,OAAO,QAAQ;CAC/B,gBAAgB,EAAE,QAAQ;CAC1B,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,sBAAsB,EAAE,SAAS,EAAE,GAAG,OAAO,aAAa,CAAC;CAC5D,CAAC;AAEF,MAAa,cAAc,EAAE,OAAO;CAClC,GAAG,SAAS,OAAO,QAAQ;CAC3B,QAAQ,EAAE,GAAG,OAAO,KAAK;CACzB,cAAc,EAAE,QAAQ;CACxB,WAAW,EAAE,OAAO;CACpB,WAAW,EAAE,QAAQ;CACrB,SAAS,EAAE,QAAQ;CACnB,YAAY,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;CAC3C,YAAY,EAAE,QAAQ;CACtB,UAAU,EAAE,SAAS;CACrB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,WAAW,EAAE,QAAQ;CACrB,YAAY,EAAE,SAAS,EAAE,QAAQ,CAAC;CACnC,CAAC;AAEF,MAAa,iBAAiB,EAAE,OAAO;CACrC,GAAG,SAAS,OAAO,WAAW;CAC9B,QAAQ,EAAE,GAAG,OAAO,KAAK;CACzB,QAAQ,EAAE,OAAO;CACjB,QAAQ,EAAE,QAAQ;CAClB,QAAQ,EAAE,QAAQ;CAClB,UAAU,EAAE,SAAS;CACrB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,WAAW,EAAE,QAAQ;CACrB,YAAY,EAAE,SAAS,EAAE,QAAQ,CAAC;CACnC,CAAC;AAEF,MAAa,gBAAgB,EAAE,OAAO;CACpC,GAAG,SAAS,OAAO,UAAU;CAC7B,YAAY,EAAE,QAAQ;CACtB,mBAAmB,EAAE,QAAQ;CAC7B,eAAe,EAAE,QAAQ;CAC1B,CAAC;AAEF,MAAa,YAAY,EAAE,OAAO;CAChC,GAAG,SAAS,OAAO,MAAM;CACzB,MAAM,EAAE,QAAQ;CAChB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,eAAe,EAAE,SAAS,EAAE,GAAG,OAAO,MAAM,CAAC;CAC7C,MAAM,EAAE,SAAS,EAAE,MAAM,KAAK,CAAC;CAC/B,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,kBAAkB,EAAE,OAAO;CACtC,GAAG,SAAS,OAAO,YAAY;CAC/B,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,QAAQ,EAAE,GAAG,OAAO,KAAK;CACzB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,SAAS,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;CACxC,QAAQ,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC9B,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,kBAAkB,EAAE,OAAO;CACtC,GAAG,SAAS,OAAO,YAAY;CAC/B,SAAS,EAAE,SAAS,EAAE,GAAG,OAAO,MAAM,CAAC;CACvC,iBAAiB,EAAE,SAAS,EAAE,GAAG,OAAO,KAAK,CAAC;CAC9C,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC7B,WAAW,EAAE,QAAQ;CACrB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,SAAS,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;CACxC,QAAQ;CACR,aAAa,EAAE,SAAS,EAAE,QAAQ,CAAC;CACnC,kBAAkB,EAAE,SAAS,EAAE,GAAG,OAAO,KAAK,CAAC;CAC/C,cAAc,EAAE,SAAS,EAAE,QAAQ,CAAC;CACpC,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,aAAa,EAAE,OAAO;CACjC,GAAG,SAAS,OAAO,OAAO;CAC1B,QAAQ,EAAE,GAAG,OAAO,KAAK;CACzB,QAAQ,EAAE,QAAQ;CAClB,WAAW,EAAE,QAAQ;CACrB,MAAM,EAAE,QAAQ;CAChB,QAAQ,EAAE,MAAM,aAAa;CAC7B,WAAW,EAAE,SAAS,iBAAiB;CACvC,gBAAgB,EAAE,SAAS,sBAAsB;CACjD,WAAW,EAAE,SAAS,EAAE,QAAQ,CAAC;CACjC,YAAY,EAAE,SAAS,EAAE,QAAQ,CAAC;CAClC,WAAW,EAAE,QAAQ;CACrB,SAAS,EAAE,SAAS;CACpB,UAAU,EAAE,SAAS,EAAE,KAAK,CAAC;CAC9B,CAAC;AAEF,MAAa,iBAAiB,EAAE,OAAO;CACrC,GAAG,SAAS,OAAO,WAAW;CAC9B,gBAAgB,EAAE,QAAQ;CAC1B,UAAU,EAAE,QAAQ;CACpB,WAAW,EAAE,QAAQ;CACrB,UAAU,EAAE,QAAQ;CACpB,QAAQ;CACR,QAAQ,EAAE,SAAS,EAAE,GAAG,OAAO,KAAK,CAAC;CACrC,WAAW,EAAE,SAAS,EAAE,GAAG,OAAO,QAAQ,CAAC;CAC3C,cAAc,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,CAAC;AAEF,MAAa,iBAAiB,EAAE,OAAO;CACrC,GAAG,SAAS,OAAO,WAAW;CAC9B,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,QAAQ;CACR,QAAQ,EAAE,SAAS,kBAAkB;CACrC,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC3B,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,uBAAuB,EAAE,OAAO;CAC3C,GAAG,SAAS,OAAO,iBAAiB;CACpC,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,QAAQ,EAAE,QAAQ;CAClB,WAAW,EAAE,SAAS;CACtB,YAAY,EAAE,SAAS,EAAE,QAAQ,CAAC;CACnC,CAAC;AAEF,MAAa,mCAAmC,EAAE,OAAO;CACvD,GAAG,SAAS,OAAO,6BAA6B;CAChD,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,UAAU,EAAE,GAAG,OAAO,iBAAiB;CACvC,QAAQ,EAAE,QAAQ;CAClB,YAAY,EAAE,QAAQ;CACtB,OAAO,EAAE,QAAQ;CACjB,WAAW,EAAE,QAAQ;CACrB,aAAa,EAAE,QAAQ;CACvB,WAAW,EAAE,QAAQ;CACtB,CAAC;AAEF,MAAa,uBAAuB,EAAE,OAAO;CAC3C,GAAG,SAAS,OAAO,iBAAiB;CACpC,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,MAAM;CACN,YAAY,EAAE,QAAQ;CACtB,WAAW,EAAE,QAAQ;CACtB,CAAC;AAEF,MAAa,2BAA2B,EAAE,OAAO;CAC/C,GAAG,SAAS,OAAO,qBAAqB;CACxC,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,QAAQ;CACR,UAAU,EAAE,QAAQ;CACpB,WAAW,EAAE,QAAQ;CACrB,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,6BAA6B,EAAE,OAAO;CACjD,GAAG,SAAS,OAAO,uBAAuB;CAC1C,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,cAAc;CACd,YAAY,EAAE,QAAQ;CACtB,QAAQ,EAAE,SAAS,EAAE,GAAG,OAAO,KAAK,CAAC;CACrC,eAAe,EAAE,SAAS,EAAE,GAAG,OAAO,MAAM,CAAC;CAC7C,mBAAmB,EAAE,SAAS,EAAE,QAAQ,CAAC;CACzC,QAAQ,EAAE,SAAS,EAAE,SAAS,CAAC;CAC/B,KAAK,EAAE,SAAS,EAAE,KAAK,CAAC;CACzB,CAAC;AAEF,MAAa,2BAA2B,EAAE,OAAO;CAC/C,GAAG,SAAS,OAAO,qBAAqB;CACxC,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,WAAW,EAAE,QAAQ;CACrB,WAAW;CACX,SAAS,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC/B,aAAa,EAAE,QAAQ;CACvB,WAAW,EAAE,SAAS,EAAE,QAAQ,CAAC;CACjC,QAAQ;CACR,YAAY,EAAE,QAAQ;CACtB,WAAW,EAAE,SAAS,EAAE,QAAQ,CAAC;CACjC,IAAI,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC1B,UAAU,EAAE,SAAS,EAAE,KAAK,CAAC;CAC9B,CAAC;AAEF,MAAa,gCAAgC,EAAE,OAAO;CACpD,GAAG,SAAS,OAAO,0BAA0B;CAC7C,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,KAAK,EAAE,QAAQ;CACf,QAAQ;CACR,YAAY,EAAE,QAAQ;CACtB,eAAe,EAAE,MAAM,EAAE,QAAQ,CAAC;CAClC,iBAAiB,EAAE,SAAS,EAAE,GAAG,OAAO,KAAK,CAAC;CAC9C,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,cAAc,EAAE,QAAQ;CACxB,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,gCAAgC,EAAE,OAAO;CACpD,GAAG,SAAS,OAAO,0BAA0B;CAC7C,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,YAAY,EAAE,GAAG,OAAO,0BAA0B;CAClD,cAAc,EAAE,SAAS,EAAE,GAAG,OAAO,qBAAqB,CAAC;CAC3D,WAAW,EAAE,QAAQ;CACrB,QAAQ;CACR,cAAc,EAAE,QAAQ;CACxB,eAAe,EAAE,QAAQ;CACzB,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,oBAAoB,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC1C,WAAW,EAAE,SAAS,EAAE,QAAQ,CAAC;CACjC,SAAS,EAAE,KAAK;CACjB,CAAC;AAEF,MAAa,mBAAmB,EAAE,OAAO;CACvC,GAAG,SAAS,OAAO,UAAU;CAC7B,YAAY,EAAE,QAAQ;CACtB,mBAAmB,EAAE,QAAQ;CAC7B,eAAe,EAAE,QAAQ;CACzB,cAAc,EAAE,QAAQ;CACxB,iBAAiB,EAAE,QAAQ;CAC5B,CAAC;AAEF,MAAa,6BAA6B,EAAE,OAAO;CACjD,UAAU,EAAE,GAAG,OAAO,YAAY;CAClC,SAAS,EAAE,MAAM,EAAE,GAAG,OAAO,MAAM,EAAE,EAAE,MAAM,CAAC;CAC9C,UAAU,EAAE,SAAS,EAAE,GAAG,OAAO,YAAY,CAAC;CAC9C,cAAc;CACd,kBAAkB;CACnB,CAAC"}
1
+ {"version":3,"file":"model.js","names":[],"sources":["../../src/component/model.ts"],"sourcesContent":["import { v } from \"convex/values\";\n\nexport const TABLES = {\n User: \"User\",\n Session: \"Session\",\n Account: \"Account\",\n AuthVerifier: \"AuthVerifier\",\n VerificationCode: \"VerificationCode\",\n RefreshToken: \"RefreshToken\",\n Passkey: \"Passkey\",\n TotpFactor: \"TotpFactor\",\n RateLimit: \"RateLimit\",\n Group: \"Group\",\n GroupTag: \"GroupTag\",\n GroupMember: \"GroupMember\",\n GroupInvite: \"GroupInvite\",\n Enterprise: \"Enterprise\",\n EnterpriseDomain: \"EnterpriseDomain\",\n EnterpriseDomainVerification: \"EnterpriseDomainVerification\",\n EnterpriseSecret: \"EnterpriseSecret\",\n EnterpriseScimConfig: \"EnterpriseScimConfig\",\n EnterpriseScimIdentity: \"EnterpriseScimIdentity\",\n EnterpriseAuditEvent: \"EnterpriseAuditEvent\",\n EnterpriseWebhookEndpoint: \"EnterpriseWebhookEndpoint\",\n EnterpriseWebhookDelivery: \"EnterpriseWebhookDelivery\",\n ApiKey: \"ApiKey\",\n DeviceCode: \"DeviceCode\",\n} as const;\n\nexport const vTag = v.object({ key: v.string(), value: v.string() });\n\nexport const vInviteStatus = v.union(\n v.literal(\"pending\"),\n v.literal(\"accepted\"),\n v.literal(\"revoked\"),\n v.literal(\"expired\"),\n);\n\nexport const vDeviceStatus = v.union(\n v.literal(\"pending\"),\n v.literal(\"authorized\"),\n v.literal(\"denied\"),\n);\n\nexport const vEnterpriseAccountLinkingPolicy = v.union(\n v.literal(\"verifiedEmail\"),\n v.literal(\"none\"),\n);\n\nexport const vEnterpriseScimReuseUserPolicy = v.union(\n v.literal(\"externalId\"),\n v.literal(\"none\"),\n);\n\nexport const vEnterpriseJitProvisioningMode = v.union(\n v.literal(\"off\"),\n v.literal(\"createUser\"),\n v.literal(\"createUserAndMembership\"),\n);\n\nexport const vEnterpriseDeprovisionMode = v.union(\n v.literal(\"soft\"),\n v.literal(\"hard\"),\n);\n\nexport const vEnterpriseStatus = v.union(\n v.literal(\"draft\"),\n v.literal(\"active\"),\n v.literal(\"disabled\"),\n);\n\nexport const vEnterprisePolicy = v.object({\n version: v.literal(1),\n identity: v.object({\n accountLinking: v.object({\n oidc: vEnterpriseAccountLinkingPolicy,\n saml: vEnterpriseAccountLinkingPolicy,\n }),\n }),\n provisioning: v.object({\n scimReuse: v.object({\n user: vEnterpriseScimReuseUserPolicy,\n }),\n jit: v.object({\n mode: vEnterpriseJitProvisioningMode,\n defaultRole: v.optional(v.string()),\n defaultRoleIds: v.optional(v.array(v.string())),\n }),\n deprovision: v.object({\n mode: vEnterpriseDeprovisionMode,\n }),\n }),\n extend: v.optional(v.any()),\n});\n\nexport const vScimStatus = v.union(\n v.literal(\"draft\"),\n v.literal(\"active\"),\n v.literal(\"disabled\"),\n);\n\nexport const vScimResourceType = v.union(v.literal(\"user\"), v.literal(\"group\"));\n\nexport const vAuditActorType = v.union(\n v.literal(\"user\"),\n v.literal(\"system\"),\n v.literal(\"scim\"),\n v.literal(\"api_key\"),\n v.literal(\"webhook\"),\n);\n\nexport const vAuditStatus = v.union(v.literal(\"success\"), v.literal(\"failure\"));\n\nexport const vWebhookEndpointStatus = v.union(\n v.literal(\"active\"),\n v.literal(\"disabled\"),\n);\n\nexport const vWebhookDeliveryStatus = v.union(\n v.literal(\"pending\"),\n v.literal(\"processing\"),\n v.literal(\"delivered\"),\n v.literal(\"failed\"),\n);\n\nexport const vInviteTokenAcceptStatus = v.union(\n v.literal(\"accepted\"),\n v.literal(\"already_accepted\"),\n);\n\nexport const vMembershipStatus = v.union(\n v.literal(\"joined\"),\n v.literal(\"already_joined\"),\n v.literal(\"not_applicable\"),\n);\n\nexport const vApiKeyScope = v.object({\n resource: v.string(),\n actions: v.array(v.string()),\n});\n\nexport const vApiKeyRateLimit = v.object({\n maxRequests: v.number(),\n windowMs: v.number(),\n});\n\nexport const vApiKeyRateLimitState = v.object({\n attemptsLeft: v.number(),\n lastAttemptTime: v.number(),\n});\n\nexport const vEnterpriseSecretKind = v.union(v.literal(\"oidc_client_secret\"));\n\nfunction vDocMeta<T extends (typeof TABLES)[keyof typeof TABLES]>(\n tableName: T,\n) {\n return {\n _id: v.id(tableName),\n _creationTime: v.number(),\n };\n}\n\nexport const vUserDoc = v.object({\n ...vDocMeta(TABLES.User),\n name: v.optional(v.string()),\n image: v.optional(v.string()),\n email: v.optional(v.string()),\n emailVerificationTime: v.optional(v.number()),\n phone: v.optional(v.string()),\n phoneVerificationTime: v.optional(v.number()),\n isAnonymous: v.optional(v.boolean()),\n extend: v.optional(v.any()),\n});\n\nexport const vSessionDoc = v.object({\n ...vDocMeta(TABLES.Session),\n userId: v.id(TABLES.User),\n expirationTime: v.number(),\n});\n\nexport const vAccountDoc = v.object({\n ...vDocMeta(TABLES.Account),\n userId: v.id(TABLES.User),\n provider: v.string(),\n providerAccountId: v.string(),\n secret: v.optional(v.string()),\n emailVerified: v.optional(v.string()),\n phoneVerified: v.optional(v.string()),\n extend: v.optional(v.any()),\n});\n\nexport const vAuthVerifierDoc = v.object({\n ...vDocMeta(TABLES.AuthVerifier),\n sessionId: v.optional(v.id(TABLES.Session)),\n signature: v.optional(v.string()),\n});\n\nexport const vVerificationCodeDoc = v.object({\n ...vDocMeta(TABLES.VerificationCode),\n accountId: v.id(TABLES.Account),\n provider: v.string(),\n code: v.string(),\n expirationTime: v.number(),\n verifier: v.optional(v.string()),\n emailVerified: v.optional(v.string()),\n phoneVerified: v.optional(v.string()),\n});\n\nexport const vRefreshTokenDoc = v.object({\n ...vDocMeta(TABLES.RefreshToken),\n sessionId: v.id(TABLES.Session),\n expirationTime: v.number(),\n firstUsedTime: v.optional(v.number()),\n parentRefreshTokenId: v.optional(v.id(TABLES.RefreshToken)),\n});\n\nexport const vPasskeyDoc = v.object({\n ...vDocMeta(TABLES.Passkey),\n userId: v.id(TABLES.User),\n credentialId: v.string(),\n publicKey: v.bytes(),\n algorithm: v.number(),\n counter: v.number(),\n transports: v.optional(v.array(v.string())),\n deviceType: v.string(),\n backedUp: v.boolean(),\n name: v.optional(v.string()),\n createdAt: v.number(),\n lastUsedAt: v.optional(v.number()),\n});\n\nexport const vTotpFactorDoc = v.object({\n ...vDocMeta(TABLES.TotpFactor),\n userId: v.id(TABLES.User),\n secret: v.bytes(),\n digits: v.number(),\n period: v.number(),\n verified: v.boolean(),\n name: v.optional(v.string()),\n createdAt: v.number(),\n lastUsedAt: v.optional(v.number()),\n});\n\nexport const vRateLimitDoc = v.object({\n ...vDocMeta(TABLES.RateLimit),\n identifier: v.string(),\n last_attempt_time: v.number(),\n attempts_left: v.number(),\n});\n\nexport const vGroupDoc = v.object({\n ...vDocMeta(TABLES.Group),\n name: v.string(),\n slug: v.optional(v.string()),\n type: v.optional(v.string()),\n parentGroupId: v.optional(v.id(TABLES.Group)),\n rootGroupId: v.optional(v.id(TABLES.Group)),\n isRoot: v.optional(v.boolean()),\n tags: v.optional(v.array(vTag)),\n extend: v.optional(v.any()),\n});\n\nexport const vGroupMemberDoc = v.object({\n ...vDocMeta(TABLES.GroupMember),\n groupId: v.id(TABLES.Group),\n userId: v.id(TABLES.User),\n role: v.optional(v.string()),\n roleIds: v.optional(v.array(v.string())),\n status: v.optional(v.string()),\n extend: v.optional(v.any()),\n});\n\nexport const vGroupInviteDoc = v.object({\n ...vDocMeta(TABLES.GroupInvite),\n groupId: v.optional(v.id(TABLES.Group)),\n invitedByUserId: v.optional(v.id(TABLES.User)),\n email: v.optional(v.string()),\n tokenHash: v.string(),\n role: v.optional(v.string()),\n roleIds: v.optional(v.array(v.string())),\n status: vInviteStatus,\n expiresTime: v.optional(v.number()),\n acceptedByUserId: v.optional(v.id(TABLES.User)),\n acceptedTime: v.optional(v.number()),\n extend: v.optional(v.any()),\n});\n\nexport const vApiKeyDoc = v.object({\n ...vDocMeta(TABLES.ApiKey),\n userId: v.id(TABLES.User),\n prefix: v.string(),\n hashedKey: v.string(),\n name: v.string(),\n scopes: v.array(vApiKeyScope),\n rateLimit: v.optional(vApiKeyRateLimit),\n rateLimitState: v.optional(vApiKeyRateLimitState),\n expiresAt: v.optional(v.number()),\n lastUsedAt: v.optional(v.number()),\n createdAt: v.number(),\n revoked: v.boolean(),\n metadata: v.optional(v.any()),\n});\n\nexport const vDeviceCodeDoc = v.object({\n ...vDocMeta(TABLES.DeviceCode),\n deviceCodeHash: v.string(),\n userCode: v.string(),\n expiresAt: v.number(),\n interval: v.number(),\n status: vDeviceStatus,\n userId: v.optional(v.id(TABLES.User)),\n sessionId: v.optional(v.id(TABLES.Session)),\n lastPolledAt: v.optional(v.number()),\n});\n\nexport const vEnterpriseDoc = v.object({\n ...vDocMeta(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n slug: v.optional(v.string()),\n name: v.optional(v.string()),\n status: vEnterpriseStatus,\n policy: v.optional(vEnterprisePolicy),\n config: v.optional(v.any()),\n extend: v.optional(v.any()),\n});\n\nexport const vEnterpriseDomainDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseDomain),\n enterpriseId: v.id(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n domain: v.string(),\n isPrimary: v.boolean(),\n verifiedAt: v.optional(v.number()),\n});\n\nexport const vEnterpriseDomainVerificationDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseDomainVerification),\n enterpriseId: v.id(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n domainId: v.id(TABLES.EnterpriseDomain),\n domain: v.string(),\n recordName: v.string(),\n token: v.string(),\n tokenHash: v.string(),\n requestedAt: v.number(),\n expiresAt: v.number(),\n});\n\nexport const vEnterpriseSecretDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseSecret),\n enterpriseId: v.id(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n kind: vEnterpriseSecretKind,\n ciphertext: v.string(),\n updatedAt: v.number(),\n});\n\nexport const vEnterpriseScimConfigDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseScimConfig),\n enterpriseId: v.id(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n status: vScimStatus,\n basePath: v.string(),\n tokenHash: v.string(),\n lastRotatedAt: v.optional(v.number()),\n extend: v.optional(v.any()),\n});\n\nexport const vEnterpriseScimIdentityDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseScimIdentity),\n enterpriseId: v.id(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n resourceType: vScimResourceType,\n externalId: v.string(),\n userId: v.optional(v.id(TABLES.User)),\n mappedGroupId: v.optional(v.id(TABLES.Group)),\n lastProvisionedAt: v.optional(v.number()),\n active: v.optional(v.boolean()),\n raw: v.optional(v.any()),\n});\n\nexport const vEnterpriseAuditEventDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseAuditEvent),\n enterpriseId: v.id(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n eventType: v.string(),\n actorType: vAuditActorType,\n actorId: v.optional(v.string()),\n subjectType: v.string(),\n subjectId: v.optional(v.string()),\n status: vAuditStatus,\n occurredAt: v.number(),\n requestId: v.optional(v.string()),\n ip: v.optional(v.string()),\n metadata: v.optional(v.any()),\n});\n\nexport const vEnterpriseWebhookEndpointDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseWebhookEndpoint),\n enterpriseId: v.id(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n url: v.string(),\n status: vWebhookEndpointStatus,\n secretHash: v.string(),\n subscriptions: v.array(v.string()),\n createdByUserId: v.optional(v.id(TABLES.User)),\n lastSuccessAt: v.optional(v.number()),\n lastFailureAt: v.optional(v.number()),\n failureCount: v.number(),\n extend: v.optional(v.any()),\n});\n\nexport const vEnterpriseWebhookDeliveryDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseWebhookDelivery),\n enterpriseId: v.id(TABLES.Enterprise),\n endpointId: v.id(TABLES.EnterpriseWebhookEndpoint),\n auditEventId: v.optional(v.id(TABLES.EnterpriseAuditEvent)),\n eventType: v.string(),\n status: vWebhookDeliveryStatus,\n attemptCount: v.number(),\n nextAttemptAt: v.number(),\n lastAttemptAt: v.optional(v.number()),\n lastResponseStatus: v.optional(v.number()),\n lastError: v.optional(v.string()),\n payload: v.any(),\n});\n\nexport const vRateLimitResult = v.object({\n ...vDocMeta(TABLES.RateLimit),\n identifier: v.string(),\n last_attempt_time: v.number(),\n attempts_left: v.number(),\n attemptsLeft: v.number(),\n lastAttemptTime: v.number(),\n});\n\nexport const vInviteAcceptByTokenResult = v.object({\n inviteId: v.id(TABLES.GroupInvite),\n groupId: v.union(v.id(TABLES.Group), v.null()),\n memberId: v.optional(v.id(TABLES.GroupMember)),\n inviteStatus: vInviteTokenAcceptStatus,\n membershipStatus: vMembershipStatus,\n});\n"],"mappings":";;;AAEA,MAAa,SAAS;CACpB,MAAM;CACN,SAAS;CACT,SAAS;CACT,cAAc;CACd,kBAAkB;CAClB,cAAc;CACd,SAAS;CACT,YAAY;CACZ,WAAW;CACX,OAAO;CACP,UAAU;CACV,aAAa;CACb,aAAa;CACb,YAAY;CACZ,kBAAkB;CAClB,8BAA8B;CAC9B,kBAAkB;CAClB,sBAAsB;CACtB,wBAAwB;CACxB,sBAAsB;CACtB,2BAA2B;CAC3B,2BAA2B;CAC3B,QAAQ;CACR,YAAY;CACb;AAED,MAAa,OAAO,EAAE,OAAO;CAAE,KAAK,EAAE,QAAQ;CAAE,OAAO,EAAE,QAAQ;CAAE,CAAC;AAEpE,MAAa,gBAAgB,EAAE,MAC7B,EAAE,QAAQ,UAAU,EACpB,EAAE,QAAQ,WAAW,EACrB,EAAE,QAAQ,UAAU,EACpB,EAAE,QAAQ,UAAU,CACrB;AAED,MAAa,gBAAgB,EAAE,MAC7B,EAAE,QAAQ,UAAU,EACpB,EAAE,QAAQ,aAAa,EACvB,EAAE,QAAQ,SAAS,CACpB;AAED,MAAa,kCAAkC,EAAE,MAC/C,EAAE,QAAQ,gBAAgB,EAC1B,EAAE,QAAQ,OAAO,CAClB;AAED,MAAa,iCAAiC,EAAE,MAC9C,EAAE,QAAQ,aAAa,EACvB,EAAE,QAAQ,OAAO,CAClB;AAED,MAAa,iCAAiC,EAAE,MAC9C,EAAE,QAAQ,MAAM,EAChB,EAAE,QAAQ,aAAa,EACvB,EAAE,QAAQ,0BAA0B,CACrC;AAED,MAAa,6BAA6B,EAAE,MAC1C,EAAE,QAAQ,OAAO,EACjB,EAAE,QAAQ,OAAO,CAClB;AAED,MAAa,oBAAoB,EAAE,MACjC,EAAE,QAAQ,QAAQ,EAClB,EAAE,QAAQ,SAAS,EACnB,EAAE,QAAQ,WAAW,CACtB;AAED,MAAa,oBAAoB,EAAE,OAAO;CACxC,SAAS,EAAE,QAAQ,EAAE;CACrB,UAAU,EAAE,OAAO,EACjB,gBAAgB,EAAE,OAAO;EACvB,MAAM;EACN,MAAM;EACP,CAAC,EACH,CAAC;CACF,cAAc,EAAE,OAAO;EACrB,WAAW,EAAE,OAAO,EAClB,MAAM,gCACP,CAAC;EACF,KAAK,EAAE,OAAO;GACZ,MAAM;GACN,aAAa,EAAE,SAAS,EAAE,QAAQ,CAAC;GACnC,gBAAgB,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;GAChD,CAAC;EACF,aAAa,EAAE,OAAO,EACpB,MAAM,4BACP,CAAC;EACH,CAAC;CACF,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,cAAc,EAAE,MAC3B,EAAE,QAAQ,QAAQ,EAClB,EAAE,QAAQ,SAAS,EACnB,EAAE,QAAQ,WAAW,CACtB;AAED,MAAa,oBAAoB,EAAE,MAAM,EAAE,QAAQ,OAAO,EAAE,EAAE,QAAQ,QAAQ,CAAC;AAE/E,MAAa,kBAAkB,EAAE,MAC/B,EAAE,QAAQ,OAAO,EACjB,EAAE,QAAQ,SAAS,EACnB,EAAE,QAAQ,OAAO,EACjB,EAAE,QAAQ,UAAU,EACpB,EAAE,QAAQ,UAAU,CACrB;AAED,MAAa,eAAe,EAAE,MAAM,EAAE,QAAQ,UAAU,EAAE,EAAE,QAAQ,UAAU,CAAC;AAE/E,MAAa,yBAAyB,EAAE,MACtC,EAAE,QAAQ,SAAS,EACnB,EAAE,QAAQ,WAAW,CACtB;AAED,MAAa,yBAAyB,EAAE,MACtC,EAAE,QAAQ,UAAU,EACpB,EAAE,QAAQ,aAAa,EACvB,EAAE,QAAQ,YAAY,EACtB,EAAE,QAAQ,SAAS,CACpB;AAED,MAAa,2BAA2B,EAAE,MACxC,EAAE,QAAQ,WAAW,EACrB,EAAE,QAAQ,mBAAmB,CAC9B;AAED,MAAa,oBAAoB,EAAE,MACjC,EAAE,QAAQ,SAAS,EACnB,EAAE,QAAQ,iBAAiB,EAC3B,EAAE,QAAQ,iBAAiB,CAC5B;AAED,MAAa,eAAe,EAAE,OAAO;CACnC,UAAU,EAAE,QAAQ;CACpB,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC;CAC7B,CAAC;AAEF,MAAa,mBAAmB,EAAE,OAAO;CACvC,aAAa,EAAE,QAAQ;CACvB,UAAU,EAAE,QAAQ;CACrB,CAAC;AAEF,MAAa,wBAAwB,EAAE,OAAO;CAC5C,cAAc,EAAE,QAAQ;CACxB,iBAAiB,EAAE,QAAQ;CAC5B,CAAC;AAEF,MAAa,wBAAwB,EAAE,MAAM,EAAE,QAAQ,qBAAqB,CAAC;AAE7E,SAAS,SACP,WACA;AACA,QAAO;EACL,KAAK,EAAE,GAAG,UAAU;EACpB,eAAe,EAAE,QAAQ;EAC1B;;AAGH,MAAa,WAAW,EAAE,OAAO;CAC/B,GAAG,SAAS,OAAO,KAAK;CACxB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC7B,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC7B,uBAAuB,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC7C,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC7B,uBAAuB,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC7C,aAAa,EAAE,SAAS,EAAE,SAAS,CAAC;CACpC,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,cAAc,EAAE,OAAO;CAClC,GAAG,SAAS,OAAO,QAAQ;CAC3B,QAAQ,EAAE,GAAG,OAAO,KAAK;CACzB,gBAAgB,EAAE,QAAQ;CAC3B,CAAC;AAEF,MAAa,cAAc,EAAE,OAAO;CAClC,GAAG,SAAS,OAAO,QAAQ;CAC3B,QAAQ,EAAE,GAAG,OAAO,KAAK;CACzB,UAAU,EAAE,QAAQ;CACpB,mBAAmB,EAAE,QAAQ;CAC7B,QAAQ,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC9B,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,mBAAmB,EAAE,OAAO;CACvC,GAAG,SAAS,OAAO,aAAa;CAChC,WAAW,EAAE,SAAS,EAAE,GAAG,OAAO,QAAQ,CAAC;CAC3C,WAAW,EAAE,SAAS,EAAE,QAAQ,CAAC;CAClC,CAAC;AAEF,MAAa,uBAAuB,EAAE,OAAO;CAC3C,GAAG,SAAS,OAAO,iBAAiB;CACpC,WAAW,EAAE,GAAG,OAAO,QAAQ;CAC/B,UAAU,EAAE,QAAQ;CACpB,MAAM,EAAE,QAAQ;CAChB,gBAAgB,EAAE,QAAQ;CAC1B,UAAU,EAAE,SAAS,EAAE,QAAQ,CAAC;CAChC,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACtC,CAAC;AAEF,MAAa,mBAAmB,EAAE,OAAO;CACvC,GAAG,SAAS,OAAO,aAAa;CAChC,WAAW,EAAE,GAAG,OAAO,QAAQ;CAC/B,gBAAgB,EAAE,QAAQ;CAC1B,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,sBAAsB,EAAE,SAAS,EAAE,GAAG,OAAO,aAAa,CAAC;CAC5D,CAAC;AAEF,MAAa,cAAc,EAAE,OAAO;CAClC,GAAG,SAAS,OAAO,QAAQ;CAC3B,QAAQ,EAAE,GAAG,OAAO,KAAK;CACzB,cAAc,EAAE,QAAQ;CACxB,WAAW,EAAE,OAAO;CACpB,WAAW,EAAE,QAAQ;CACrB,SAAS,EAAE,QAAQ;CACnB,YAAY,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;CAC3C,YAAY,EAAE,QAAQ;CACtB,UAAU,EAAE,SAAS;CACrB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,WAAW,EAAE,QAAQ;CACrB,YAAY,EAAE,SAAS,EAAE,QAAQ,CAAC;CACnC,CAAC;AAEF,MAAa,iBAAiB,EAAE,OAAO;CACrC,GAAG,SAAS,OAAO,WAAW;CAC9B,QAAQ,EAAE,GAAG,OAAO,KAAK;CACzB,QAAQ,EAAE,OAAO;CACjB,QAAQ,EAAE,QAAQ;CAClB,QAAQ,EAAE,QAAQ;CAClB,UAAU,EAAE,SAAS;CACrB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,WAAW,EAAE,QAAQ;CACrB,YAAY,EAAE,SAAS,EAAE,QAAQ,CAAC;CACnC,CAAC;AAEF,MAAa,gBAAgB,EAAE,OAAO;CACpC,GAAG,SAAS,OAAO,UAAU;CAC7B,YAAY,EAAE,QAAQ;CACtB,mBAAmB,EAAE,QAAQ;CAC7B,eAAe,EAAE,QAAQ;CAC1B,CAAC;AAEF,MAAa,YAAY,EAAE,OAAO;CAChC,GAAG,SAAS,OAAO,MAAM;CACzB,MAAM,EAAE,QAAQ;CAChB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,eAAe,EAAE,SAAS,EAAE,GAAG,OAAO,MAAM,CAAC;CAC7C,aAAa,EAAE,SAAS,EAAE,GAAG,OAAO,MAAM,CAAC;CAC3C,QAAQ,EAAE,SAAS,EAAE,SAAS,CAAC;CAC/B,MAAM,EAAE,SAAS,EAAE,MAAM,KAAK,CAAC;CAC/B,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,kBAAkB,EAAE,OAAO;CACtC,GAAG,SAAS,OAAO,YAAY;CAC/B,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,QAAQ,EAAE,GAAG,OAAO,KAAK;CACzB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,SAAS,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;CACxC,QAAQ,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC9B,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,kBAAkB,EAAE,OAAO;CACtC,GAAG,SAAS,OAAO,YAAY;CAC/B,SAAS,EAAE,SAAS,EAAE,GAAG,OAAO,MAAM,CAAC;CACvC,iBAAiB,EAAE,SAAS,EAAE,GAAG,OAAO,KAAK,CAAC;CAC9C,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC7B,WAAW,EAAE,QAAQ;CACrB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,SAAS,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;CACxC,QAAQ;CACR,aAAa,EAAE,SAAS,EAAE,QAAQ,CAAC;CACnC,kBAAkB,EAAE,SAAS,EAAE,GAAG,OAAO,KAAK,CAAC;CAC/C,cAAc,EAAE,SAAS,EAAE,QAAQ,CAAC;CACpC,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,aAAa,EAAE,OAAO;CACjC,GAAG,SAAS,OAAO,OAAO;CAC1B,QAAQ,EAAE,GAAG,OAAO,KAAK;CACzB,QAAQ,EAAE,QAAQ;CAClB,WAAW,EAAE,QAAQ;CACrB,MAAM,EAAE,QAAQ;CAChB,QAAQ,EAAE,MAAM,aAAa;CAC7B,WAAW,EAAE,SAAS,iBAAiB;CACvC,gBAAgB,EAAE,SAAS,sBAAsB;CACjD,WAAW,EAAE,SAAS,EAAE,QAAQ,CAAC;CACjC,YAAY,EAAE,SAAS,EAAE,QAAQ,CAAC;CAClC,WAAW,EAAE,QAAQ;CACrB,SAAS,EAAE,SAAS;CACpB,UAAU,EAAE,SAAS,EAAE,KAAK,CAAC;CAC9B,CAAC;AAEF,MAAa,iBAAiB,EAAE,OAAO;CACrC,GAAG,SAAS,OAAO,WAAW;CAC9B,gBAAgB,EAAE,QAAQ;CAC1B,UAAU,EAAE,QAAQ;CACpB,WAAW,EAAE,QAAQ;CACrB,UAAU,EAAE,QAAQ;CACpB,QAAQ;CACR,QAAQ,EAAE,SAAS,EAAE,GAAG,OAAO,KAAK,CAAC;CACrC,WAAW,EAAE,SAAS,EAAE,GAAG,OAAO,QAAQ,CAAC;CAC3C,cAAc,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,CAAC;AAEF,MAAa,iBAAiB,EAAE,OAAO;CACrC,GAAG,SAAS,OAAO,WAAW;CAC9B,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,QAAQ;CACR,QAAQ,EAAE,SAAS,kBAAkB;CACrC,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC3B,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,uBAAuB,EAAE,OAAO;CAC3C,GAAG,SAAS,OAAO,iBAAiB;CACpC,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,QAAQ,EAAE,QAAQ;CAClB,WAAW,EAAE,SAAS;CACtB,YAAY,EAAE,SAAS,EAAE,QAAQ,CAAC;CACnC,CAAC;AAEF,MAAa,mCAAmC,EAAE,OAAO;CACvD,GAAG,SAAS,OAAO,6BAA6B;CAChD,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,UAAU,EAAE,GAAG,OAAO,iBAAiB;CACvC,QAAQ,EAAE,QAAQ;CAClB,YAAY,EAAE,QAAQ;CACtB,OAAO,EAAE,QAAQ;CACjB,WAAW,EAAE,QAAQ;CACrB,aAAa,EAAE,QAAQ;CACvB,WAAW,EAAE,QAAQ;CACtB,CAAC;AAEF,MAAa,uBAAuB,EAAE,OAAO;CAC3C,GAAG,SAAS,OAAO,iBAAiB;CACpC,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,MAAM;CACN,YAAY,EAAE,QAAQ;CACtB,WAAW,EAAE,QAAQ;CACtB,CAAC;AAEF,MAAa,2BAA2B,EAAE,OAAO;CAC/C,GAAG,SAAS,OAAO,qBAAqB;CACxC,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,QAAQ;CACR,UAAU,EAAE,QAAQ;CACpB,WAAW,EAAE,QAAQ;CACrB,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,6BAA6B,EAAE,OAAO;CACjD,GAAG,SAAS,OAAO,uBAAuB;CAC1C,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,cAAc;CACd,YAAY,EAAE,QAAQ;CACtB,QAAQ,EAAE,SAAS,EAAE,GAAG,OAAO,KAAK,CAAC;CACrC,eAAe,EAAE,SAAS,EAAE,GAAG,OAAO,MAAM,CAAC;CAC7C,mBAAmB,EAAE,SAAS,EAAE,QAAQ,CAAC;CACzC,QAAQ,EAAE,SAAS,EAAE,SAAS,CAAC;CAC/B,KAAK,EAAE,SAAS,EAAE,KAAK,CAAC;CACzB,CAAC;AAEF,MAAa,2BAA2B,EAAE,OAAO;CAC/C,GAAG,SAAS,OAAO,qBAAqB;CACxC,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,WAAW,EAAE,QAAQ;CACrB,WAAW;CACX,SAAS,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC/B,aAAa,EAAE,QAAQ;CACvB,WAAW,EAAE,SAAS,EAAE,QAAQ,CAAC;CACjC,QAAQ;CACR,YAAY,EAAE,QAAQ;CACtB,WAAW,EAAE,SAAS,EAAE,QAAQ,CAAC;CACjC,IAAI,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC1B,UAAU,EAAE,SAAS,EAAE,KAAK,CAAC;CAC9B,CAAC;AAEF,MAAa,gCAAgC,EAAE,OAAO;CACpD,GAAG,SAAS,OAAO,0BAA0B;CAC7C,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,KAAK,EAAE,QAAQ;CACf,QAAQ;CACR,YAAY,EAAE,QAAQ;CACtB,eAAe,EAAE,MAAM,EAAE,QAAQ,CAAC;CAClC,iBAAiB,EAAE,SAAS,EAAE,GAAG,OAAO,KAAK,CAAC;CAC9C,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,cAAc,EAAE,QAAQ;CACxB,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,gCAAgC,EAAE,OAAO;CACpD,GAAG,SAAS,OAAO,0BAA0B;CAC7C,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,YAAY,EAAE,GAAG,OAAO,0BAA0B;CAClD,cAAc,EAAE,SAAS,EAAE,GAAG,OAAO,qBAAqB,CAAC;CAC3D,WAAW,EAAE,QAAQ;CACrB,QAAQ;CACR,cAAc,EAAE,QAAQ;CACxB,eAAe,EAAE,QAAQ;CACzB,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,oBAAoB,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC1C,WAAW,EAAE,SAAS,EAAE,QAAQ,CAAC;CACjC,SAAS,EAAE,KAAK;CACjB,CAAC;AAEF,MAAa,mBAAmB,EAAE,OAAO;CACvC,GAAG,SAAS,OAAO,UAAU;CAC7B,YAAY,EAAE,QAAQ;CACtB,mBAAmB,EAAE,QAAQ;CAC7B,eAAe,EAAE,QAAQ;CACzB,cAAc,EAAE,QAAQ;CACxB,iBAAiB,EAAE,QAAQ;CAC5B,CAAC;AAEF,MAAa,6BAA6B,EAAE,OAAO;CACjD,UAAU,EAAE,GAAG,OAAO,YAAY;CAClC,SAAS,EAAE,MAAM,EAAE,GAAG,OAAO,MAAM,EAAE,EAAE,MAAM,CAAC;CAC9C,UAAU,EAAE,SAAS,EAAE,GAAG,OAAO,YAAY,CAAC;CAC9C,cAAc;CACd,kBAAkB;CACnB,CAAC"}
@@ -1 +1 @@
1
- {"version":3,"file":"factors.d.ts","names":[],"sources":["../../../src/component/public/factors.ts"],"mappings":";;;;cAgBa,aAAA;;cAoBA,wBAAA;;cAYA,mBAAA;;cAYA,oBAAA;;cAcA,iBAAA;;cAUA,aAAA;;cAcA,UAAA;;cAiBA,uBAAA;;cAaA,gBAAA;;cAYA,WAAA;;cASA,gBAAA;;cAUA,kBAAA;;cAUA,UAAA;;cAcA,YAAA;AAvKb;AAAA,cA2La,eAAA;;cAiBA,cAAA;;cAmBA,eAAA;;cAcA,YAAA;;cAeA,mBAAA;AA5Nb;AAAA,cA0Oa,mBAAA;;cAcA,eAAA;;cAkBA,sBAAA;;cAUA,YAAA"}
1
+ {"version":3,"file":"factors.d.ts","names":[],"sources":["../../../src/component/public/factors.ts"],"mappings":";;;;cAgBa,aAAA;;cAoBA,wBAAA;;cAYA,mBAAA;;cAYA,oBAAA;;cAcA,iBAAA;;cAUA,aAAA;;cAcA,UAAA;;cAiBA,uBAAA;;cAcA,gBAAA;;cAYA,WAAA;;cASA,gBAAA;;cAUA,kBAAA;;cAUA,UAAA;;cAcA,YAAA;AAxKb;AAAA,cA4La,eAAA;;cAiBA,cAAA;;cAmBA,eAAA;;cAcA,YAAA;;cAeA,mBAAA;AA7Nb;AAAA,cA2Oa,mBAAA;;cAcA,eAAA;;cAkBA,sBAAA;;cAUA,YAAA"}
@@ -96,7 +96,7 @@ const totpGetVerifiedByUserId = query({
96
96
  args: { userId: v.id("User") },
97
97
  returns: v.union(vTotpFactorDoc, v.null()),
98
98
  handler: async (ctx, { userId }) => {
99
- return await ctx.db.query("TotpFactor").withIndex("user_id", (q) => q.eq("userId", userId)).filter((q) => q.eq(q.field("verified"), true)).first();
99
+ return await ctx.db.query("TotpFactor").withIndex("user_id_verified", (q) => q.eq("userId", userId).eq("verified", true)).first();
100
100
  }
101
101
  });
102
102
  /** List all TOTP enrollments for a user. */
@@ -1 +1 @@
1
- {"version":3,"file":"factors.js","names":[],"sources":["../../../src/component/public/factors.ts"],"sourcesContent":["import {\n mutation,\n query,\n v,\n vDeviceCodeDoc,\n vDeviceStatus,\n vPasskeyDoc,\n vRateLimitResult,\n vTotpFactorDoc,\n} from \"./shared\";\n\n// ============================================================================\n// Passkeys\n// ============================================================================\n\n/** Store a new passkey credential for a user. */\nexport const passkeyInsert = mutation({\n args: {\n userId: v.id(\"User\"),\n credentialId: v.string(),\n publicKey: v.bytes(),\n algorithm: v.number(),\n counter: v.number(),\n transports: v.optional(v.array(v.string())),\n deviceType: v.string(),\n backedUp: v.boolean(),\n name: v.optional(v.string()),\n createdAt: v.number(),\n },\n returns: v.id(\"Passkey\"),\n handler: async (ctx, args) => {\n return await ctx.db.insert(\"Passkey\", args);\n },\n});\n\n/** Look up a passkey by its credential ID. */\nexport const passkeyGetByCredentialId = query({\n args: { credentialId: v.string() },\n returns: v.union(vPasskeyDoc, v.null()),\n handler: async (ctx, { credentialId }) => {\n return await ctx.db\n .query(\"Passkey\")\n .withIndex(\"credential_id\", (q) => q.eq(\"credentialId\", credentialId))\n .unique();\n },\n});\n\n/** List all passkeys for a user. */\nexport const passkeyListByUserId = query({\n args: { userId: v.id(\"User\") },\n returns: v.array(vPasskeyDoc),\n handler: async (ctx, { userId }) => {\n return await ctx.db\n .query(\"Passkey\")\n .withIndex(\"user_id\", (q) => q.eq(\"userId\", userId))\n .collect();\n },\n});\n\n/** Update a passkey's counter and last used timestamp after authentication. */\nexport const passkeyUpdateCounter = mutation({\n args: {\n passkeyId: v.id(\"Passkey\"),\n counter: v.number(),\n lastUsedAt: v.number(),\n },\n returns: v.null(),\n handler: async (ctx, { passkeyId, counter, lastUsedAt }) => {\n await ctx.db.patch(\"Passkey\", passkeyId, { counter, lastUsedAt });\n return null;\n },\n});\n\n/** Update a passkey's metadata (name). */\nexport const passkeyUpdateMeta = mutation({\n args: { passkeyId: v.id(\"Passkey\"), data: v.any() },\n returns: v.null(),\n handler: async (ctx, { passkeyId, data }) => {\n await ctx.db.patch(\"Passkey\", passkeyId, data);\n return null;\n },\n});\n\n/** Delete a passkey credential. */\nexport const passkeyDelete = mutation({\n args: { passkeyId: v.id(\"Passkey\") },\n returns: v.null(),\n handler: async (ctx, { passkeyId }) => {\n await ctx.db.delete(\"Passkey\", passkeyId);\n return null;\n },\n});\n\n// ============================================================================\n// TOTP Two-Factor Authentication\n// ============================================================================\n\n/** Store a new TOTP enrollment for a user. */\nexport const totpInsert = mutation({\n args: {\n userId: v.id(\"User\"),\n secret: v.bytes(),\n digits: v.number(),\n period: v.number(),\n verified: v.boolean(),\n name: v.optional(v.string()),\n createdAt: v.number(),\n },\n returns: v.id(\"TotpFactor\"),\n handler: async (ctx, args) => {\n return await ctx.db.insert(\"TotpFactor\", args);\n },\n});\n\n/** Get a verified TOTP enrollment for a user (returns first match). */\nexport const totpGetVerifiedByUserId = query({\n args: { userId: v.id(\"User\") },\n returns: v.union(vTotpFactorDoc, v.null()),\n handler: async (ctx, { userId }) => {\n return await ctx.db\n .query(\"TotpFactor\")\n .withIndex(\"user_id\", (q) => q.eq(\"userId\", userId))\n .filter((q) => q.eq(q.field(\"verified\"), true))\n .first();\n },\n});\n\n/** List all TOTP enrollments for a user. */\nexport const totpListByUserId = query({\n args: { userId: v.id(\"User\") },\n returns: v.array(vTotpFactorDoc),\n handler: async (ctx, { userId }) => {\n return await ctx.db\n .query(\"TotpFactor\")\n .withIndex(\"user_id\", (q) => q.eq(\"userId\", userId))\n .collect();\n },\n});\n\n/** Get a TOTP enrollment by its ID. */\nexport const totpGetById = query({\n args: { totpId: v.id(\"TotpFactor\") },\n returns: v.union(vTotpFactorDoc, v.null()),\n handler: async (ctx, { totpId }) => {\n return await ctx.db.get(\"TotpFactor\", totpId);\n },\n});\n\n/** Mark a TOTP enrollment as verified (setup complete). */\nexport const totpMarkVerified = mutation({\n args: { totpId: v.id(\"TotpFactor\"), lastUsedAt: v.number() },\n returns: v.null(),\n handler: async (ctx, { totpId, lastUsedAt }) => {\n await ctx.db.patch(\"TotpFactor\", totpId, { verified: true, lastUsedAt });\n return null;\n },\n});\n\n/** Update a TOTP enrollment's last used timestamp. */\nexport const totpUpdateLastUsed = mutation({\n args: { totpId: v.id(\"TotpFactor\"), lastUsedAt: v.number() },\n returns: v.null(),\n handler: async (ctx, { totpId, lastUsedAt }) => {\n await ctx.db.patch(\"TotpFactor\", totpId, { lastUsedAt });\n return null;\n },\n});\n\n/** Delete a TOTP enrollment. */\nexport const totpDelete = mutation({\n args: { totpId: v.id(\"TotpFactor\") },\n returns: v.null(),\n handler: async (ctx, { totpId }) => {\n await ctx.db.delete(\"TotpFactor\", totpId);\n return null;\n },\n});\n\n// ============================================================================\n// Rate Limits\n// ============================================================================\n\n/** Look up a rate limit entry by its identifier. */\nexport const rateLimitGet = query({\n args: { identifier: v.string() },\n returns: v.union(vRateLimitResult, v.null()),\n handler: async (ctx, { identifier }) => {\n const row = await ctx.db\n .query(\"RateLimit\")\n .withIndex(\"by_identifier\", (q) => q.eq(\"identifier\", identifier))\n .unique();\n if (row === null) {\n return null;\n }\n return {\n ...row,\n attemptsLeft: row.attempts_left,\n lastAttemptTime: row.last_attempt_time,\n };\n },\n});\n\n/** Create a new rate limit entry. */\nexport const rateLimitCreate = mutation({\n args: {\n identifier: v.string(),\n attemptsLeft: v.number(),\n lastAttemptTime: v.number(),\n },\n returns: v.id(\"RateLimit\"),\n handler: async (ctx, { identifier, attemptsLeft, lastAttemptTime }) => {\n return await ctx.db.insert(\"RateLimit\", {\n identifier,\n attempts_left: attemptsLeft,\n last_attempt_time: lastAttemptTime,\n });\n },\n});\n\n/** Patch a rate limit entry with partial data. */\nexport const rateLimitPatch = mutation({\n args: { rateLimitId: v.id(\"RateLimit\"), data: v.any() },\n returns: v.null(),\n handler: async (ctx, { rateLimitId, data }) => {\n const nextData: Record<string, unknown> = { ...data };\n if (nextData.attemptsLeft !== undefined) {\n nextData.attempts_left = nextData.attemptsLeft;\n delete nextData.attemptsLeft;\n }\n if (nextData.lastAttemptTime !== undefined) {\n nextData.last_attempt_time = nextData.lastAttemptTime;\n delete nextData.lastAttemptTime;\n }\n await ctx.db.patch(\"RateLimit\", rateLimitId, nextData);\n return null;\n },\n});\n\n/** Delete a rate limit entry. */\nexport const rateLimitDelete = mutation({\n args: { rateLimitId: v.id(\"RateLimit\") },\n returns: v.null(),\n handler: async (ctx, { rateLimitId }) => {\n await ctx.db.delete(\"RateLimit\", rateLimitId);\n return null;\n },\n});\n\n// ============================================================================\n// Device Authorization (RFC 8628)\n// ============================================================================\n\n/** Insert a new device authorization record. */\nexport const deviceInsert = mutation({\n args: {\n deviceCodeHash: v.string(),\n userCode: v.string(),\n expiresAt: v.number(),\n interval: v.number(),\n status: vDeviceStatus,\n },\n returns: v.id(\"DeviceCode\"),\n handler: async (ctx, args) => {\n return await ctx.db.insert(\"DeviceCode\", args);\n },\n});\n\n/** Look up a device authorization by its hashed device code. */\nexport const deviceGetByCodeHash = query({\n args: { deviceCodeHash: v.string() },\n returns: v.union(vDeviceCodeDoc, v.null()),\n handler: async (ctx, { deviceCodeHash }) => {\n return await ctx.db\n .query(\"DeviceCode\")\n .withIndex(\"device_code_hash\", (q) =>\n q.eq(\"deviceCodeHash\", deviceCodeHash),\n )\n .first();\n },\n});\n\n/** Look up a pending device authorization by its user code. */\nexport const deviceGetByUserCode = query({\n args: { userCode: v.string() },\n returns: v.union(vDeviceCodeDoc, v.null()),\n handler: async (ctx, { userCode }) => {\n return await ctx.db\n .query(\"DeviceCode\")\n .withIndex(\"user_code_status\", (q) =>\n q.eq(\"userCode\", userCode).eq(\"status\", \"pending\"),\n )\n .first();\n },\n});\n\n/** Authorize a device code — link it to a user and session. */\nexport const deviceAuthorize = mutation({\n args: {\n deviceId: v.id(\"DeviceCode\"),\n userId: v.id(\"User\"),\n sessionId: v.id(\"Session\"),\n },\n returns: v.null(),\n handler: async (ctx, { deviceId, userId, sessionId }) => {\n await ctx.db.patch(\"DeviceCode\", deviceId, {\n status: \"authorized\",\n userId,\n sessionId,\n });\n return null;\n },\n});\n\n/** Update the last-polled timestamp on a device authorization record. */\nexport const deviceUpdateLastPolled = mutation({\n args: { deviceId: v.id(\"DeviceCode\"), lastPolledAt: v.number() },\n returns: v.null(),\n handler: async (ctx, { deviceId, lastPolledAt }) => {\n await ctx.db.patch(\"DeviceCode\", deviceId, { lastPolledAt });\n return null;\n },\n});\n\n/** Delete a device authorization record (cleanup after use or expiry). */\nexport const deviceDelete = mutation({\n args: { deviceId: v.id(\"DeviceCode\") },\n returns: v.null(),\n handler: async (ctx, { deviceId }) => {\n await ctx.db.delete(\"DeviceCode\", deviceId);\n return null;\n },\n});\n"],"mappings":";;;;;;AAgBA,MAAa,gBAAgB,SAAS;CACpC,MAAM;EACJ,QAAQ,EAAE,GAAG,OAAO;EACpB,cAAc,EAAE,QAAQ;EACxB,WAAW,EAAE,OAAO;EACpB,WAAW,EAAE,QAAQ;EACrB,SAAS,EAAE,QAAQ;EACnB,YAAY,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;EAC3C,YAAY,EAAE,QAAQ;EACtB,UAAU,EAAE,SAAS;EACrB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;EAC5B,WAAW,EAAE,QAAQ;EACtB;CACD,SAAS,EAAE,GAAG,UAAU;CACxB,SAAS,OAAO,KAAK,SAAS;AAC5B,SAAO,MAAM,IAAI,GAAG,OAAO,WAAW,KAAK;;CAE9C,CAAC;;AAGF,MAAa,2BAA2B,MAAM;CAC5C,MAAM,EAAE,cAAc,EAAE,QAAQ,EAAE;CAClC,SAAS,EAAE,MAAM,aAAa,EAAE,MAAM,CAAC;CACvC,SAAS,OAAO,KAAK,EAAE,mBAAmB;AACxC,SAAO,MAAM,IAAI,GACd,MAAM,UAAU,CAChB,UAAU,kBAAkB,MAAM,EAAE,GAAG,gBAAgB,aAAa,CAAC,CACrE,QAAQ;;CAEd,CAAC;;AAGF,MAAa,sBAAsB,MAAM;CACvC,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,EAAE;CAC9B,SAAS,EAAE,MAAM,YAAY;CAC7B,SAAS,OAAO,KAAK,EAAE,aAAa;AAClC,SAAO,MAAM,IAAI,GACd,MAAM,UAAU,CAChB,UAAU,YAAY,MAAM,EAAE,GAAG,UAAU,OAAO,CAAC,CACnD,SAAS;;CAEf,CAAC;;AAGF,MAAa,uBAAuB,SAAS;CAC3C,MAAM;EACJ,WAAW,EAAE,GAAG,UAAU;EAC1B,SAAS,EAAE,QAAQ;EACnB,YAAY,EAAE,QAAQ;EACvB;CACD,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,WAAW,SAAS,iBAAiB;AAC1D,QAAM,IAAI,GAAG,MAAM,WAAW,WAAW;GAAE;GAAS;GAAY,CAAC;AACjE,SAAO;;CAEV,CAAC;;AAGF,MAAa,oBAAoB,SAAS;CACxC,MAAM;EAAE,WAAW,EAAE,GAAG,UAAU;EAAE,MAAM,EAAE,KAAK;EAAE;CACnD,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,WAAW,WAAW;AAC3C,QAAM,IAAI,GAAG,MAAM,WAAW,WAAW,KAAK;AAC9C,SAAO;;CAEV,CAAC;;AAGF,MAAa,gBAAgB,SAAS;CACpC,MAAM,EAAE,WAAW,EAAE,GAAG,UAAU,EAAE;CACpC,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,gBAAgB;AACrC,QAAM,IAAI,GAAG,OAAO,WAAW,UAAU;AACzC,SAAO;;CAEV,CAAC;;AAOF,MAAa,aAAa,SAAS;CACjC,MAAM;EACJ,QAAQ,EAAE,GAAG,OAAO;EACpB,QAAQ,EAAE,OAAO;EACjB,QAAQ,EAAE,QAAQ;EAClB,QAAQ,EAAE,QAAQ;EAClB,UAAU,EAAE,SAAS;EACrB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;EAC5B,WAAW,EAAE,QAAQ;EACtB;CACD,SAAS,EAAE,GAAG,aAAa;CAC3B,SAAS,OAAO,KAAK,SAAS;AAC5B,SAAO,MAAM,IAAI,GAAG,OAAO,cAAc,KAAK;;CAEjD,CAAC;;AAGF,MAAa,0BAA0B,MAAM;CAC3C,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,EAAE;CAC9B,SAAS,EAAE,MAAM,gBAAgB,EAAE,MAAM,CAAC;CAC1C,SAAS,OAAO,KAAK,EAAE,aAAa;AAClC,SAAO,MAAM,IAAI,GACd,MAAM,aAAa,CACnB,UAAU,YAAY,MAAM,EAAE,GAAG,UAAU,OAAO,CAAC,CACnD,QAAQ,MAAM,EAAE,GAAG,EAAE,MAAM,WAAW,EAAE,KAAK,CAAC,CAC9C,OAAO;;CAEb,CAAC;;AAGF,MAAa,mBAAmB,MAAM;CACpC,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,EAAE;CAC9B,SAAS,EAAE,MAAM,eAAe;CAChC,SAAS,OAAO,KAAK,EAAE,aAAa;AAClC,SAAO,MAAM,IAAI,GACd,MAAM,aAAa,CACnB,UAAU,YAAY,MAAM,EAAE,GAAG,UAAU,OAAO,CAAC,CACnD,SAAS;;CAEf,CAAC;;AAGF,MAAa,cAAc,MAAM;CAC/B,MAAM,EAAE,QAAQ,EAAE,GAAG,aAAa,EAAE;CACpC,SAAS,EAAE,MAAM,gBAAgB,EAAE,MAAM,CAAC;CAC1C,SAAS,OAAO,KAAK,EAAE,aAAa;AAClC,SAAO,MAAM,IAAI,GAAG,IAAI,cAAc,OAAO;;CAEhD,CAAC;;AAGF,MAAa,mBAAmB,SAAS;CACvC,MAAM;EAAE,QAAQ,EAAE,GAAG,aAAa;EAAE,YAAY,EAAE,QAAQ;EAAE;CAC5D,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,QAAQ,iBAAiB;AAC9C,QAAM,IAAI,GAAG,MAAM,cAAc,QAAQ;GAAE,UAAU;GAAM;GAAY,CAAC;AACxE,SAAO;;CAEV,CAAC;;AAGF,MAAa,qBAAqB,SAAS;CACzC,MAAM;EAAE,QAAQ,EAAE,GAAG,aAAa;EAAE,YAAY,EAAE,QAAQ;EAAE;CAC5D,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,QAAQ,iBAAiB;AAC9C,QAAM,IAAI,GAAG,MAAM,cAAc,QAAQ,EAAE,YAAY,CAAC;AACxD,SAAO;;CAEV,CAAC;;AAGF,MAAa,aAAa,SAAS;CACjC,MAAM,EAAE,QAAQ,EAAE,GAAG,aAAa,EAAE;CACpC,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,aAAa;AAClC,QAAM,IAAI,GAAG,OAAO,cAAc,OAAO;AACzC,SAAO;;CAEV,CAAC;;AAOF,MAAa,eAAe,MAAM;CAChC,MAAM,EAAE,YAAY,EAAE,QAAQ,EAAE;CAChC,SAAS,EAAE,MAAM,kBAAkB,EAAE,MAAM,CAAC;CAC5C,SAAS,OAAO,KAAK,EAAE,iBAAiB;EACtC,MAAM,MAAM,MAAM,IAAI,GACnB,MAAM,YAAY,CAClB,UAAU,kBAAkB,MAAM,EAAE,GAAG,cAAc,WAAW,CAAC,CACjE,QAAQ;AACX,MAAI,QAAQ,KACV,QAAO;AAET,SAAO;GACL,GAAG;GACH,cAAc,IAAI;GAClB,iBAAiB,IAAI;GACtB;;CAEJ,CAAC;;AAGF,MAAa,kBAAkB,SAAS;CACtC,MAAM;EACJ,YAAY,EAAE,QAAQ;EACtB,cAAc,EAAE,QAAQ;EACxB,iBAAiB,EAAE,QAAQ;EAC5B;CACD,SAAS,EAAE,GAAG,YAAY;CAC1B,SAAS,OAAO,KAAK,EAAE,YAAY,cAAc,sBAAsB;AACrE,SAAO,MAAM,IAAI,GAAG,OAAO,aAAa;GACtC;GACA,eAAe;GACf,mBAAmB;GACpB,CAAC;;CAEL,CAAC;;AAGF,MAAa,iBAAiB,SAAS;CACrC,MAAM;EAAE,aAAa,EAAE,GAAG,YAAY;EAAE,MAAM,EAAE,KAAK;EAAE;CACvD,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,aAAa,WAAW;EAC7C,MAAM,WAAoC,EAAE,GAAG,MAAM;AACrD,MAAI,SAAS,iBAAiB,QAAW;AACvC,YAAS,gBAAgB,SAAS;AAClC,UAAO,SAAS;;AAElB,MAAI,SAAS,oBAAoB,QAAW;AAC1C,YAAS,oBAAoB,SAAS;AACtC,UAAO,SAAS;;AAElB,QAAM,IAAI,GAAG,MAAM,aAAa,aAAa,SAAS;AACtD,SAAO;;CAEV,CAAC;;AAGF,MAAa,kBAAkB,SAAS;CACtC,MAAM,EAAE,aAAa,EAAE,GAAG,YAAY,EAAE;CACxC,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,kBAAkB;AACvC,QAAM,IAAI,GAAG,OAAO,aAAa,YAAY;AAC7C,SAAO;;CAEV,CAAC;;AAOF,MAAa,eAAe,SAAS;CACnC,MAAM;EACJ,gBAAgB,EAAE,QAAQ;EAC1B,UAAU,EAAE,QAAQ;EACpB,WAAW,EAAE,QAAQ;EACrB,UAAU,EAAE,QAAQ;EACpB,QAAQ;EACT;CACD,SAAS,EAAE,GAAG,aAAa;CAC3B,SAAS,OAAO,KAAK,SAAS;AAC5B,SAAO,MAAM,IAAI,GAAG,OAAO,cAAc,KAAK;;CAEjD,CAAC;;AAGF,MAAa,sBAAsB,MAAM;CACvC,MAAM,EAAE,gBAAgB,EAAE,QAAQ,EAAE;CACpC,SAAS,EAAE,MAAM,gBAAgB,EAAE,MAAM,CAAC;CAC1C,SAAS,OAAO,KAAK,EAAE,qBAAqB;AAC1C,SAAO,MAAM,IAAI,GACd,MAAM,aAAa,CACnB,UAAU,qBAAqB,MAC9B,EAAE,GAAG,kBAAkB,eAAe,CACvC,CACA,OAAO;;CAEb,CAAC;;AAGF,MAAa,sBAAsB,MAAM;CACvC,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE;CAC9B,SAAS,EAAE,MAAM,gBAAgB,EAAE,MAAM,CAAC;CAC1C,SAAS,OAAO,KAAK,EAAE,eAAe;AACpC,SAAO,MAAM,IAAI,GACd,MAAM,aAAa,CACnB,UAAU,qBAAqB,MAC9B,EAAE,GAAG,YAAY,SAAS,CAAC,GAAG,UAAU,UAAU,CACnD,CACA,OAAO;;CAEb,CAAC;;AAGF,MAAa,kBAAkB,SAAS;CACtC,MAAM;EACJ,UAAU,EAAE,GAAG,aAAa;EAC5B,QAAQ,EAAE,GAAG,OAAO;EACpB,WAAW,EAAE,GAAG,UAAU;EAC3B;CACD,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,UAAU,QAAQ,gBAAgB;AACvD,QAAM,IAAI,GAAG,MAAM,cAAc,UAAU;GACzC,QAAQ;GACR;GACA;GACD,CAAC;AACF,SAAO;;CAEV,CAAC;;AAGF,MAAa,yBAAyB,SAAS;CAC7C,MAAM;EAAE,UAAU,EAAE,GAAG,aAAa;EAAE,cAAc,EAAE,QAAQ;EAAE;CAChE,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,UAAU,mBAAmB;AAClD,QAAM,IAAI,GAAG,MAAM,cAAc,UAAU,EAAE,cAAc,CAAC;AAC5D,SAAO;;CAEV,CAAC;;AAGF,MAAa,eAAe,SAAS;CACnC,MAAM,EAAE,UAAU,EAAE,GAAG,aAAa,EAAE;CACtC,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,eAAe;AACpC,QAAM,IAAI,GAAG,OAAO,cAAc,SAAS;AAC3C,SAAO;;CAEV,CAAC"}
1
+ {"version":3,"file":"factors.js","names":[],"sources":["../../../src/component/public/factors.ts"],"sourcesContent":["import {\n mutation,\n query,\n v,\n vDeviceCodeDoc,\n vDeviceStatus,\n vPasskeyDoc,\n vRateLimitResult,\n vTotpFactorDoc,\n} from \"./shared\";\n\n// ============================================================================\n// Passkeys\n// ============================================================================\n\n/** Store a new passkey credential for a user. */\nexport const passkeyInsert = mutation({\n args: {\n userId: v.id(\"User\"),\n credentialId: v.string(),\n publicKey: v.bytes(),\n algorithm: v.number(),\n counter: v.number(),\n transports: v.optional(v.array(v.string())),\n deviceType: v.string(),\n backedUp: v.boolean(),\n name: v.optional(v.string()),\n createdAt: v.number(),\n },\n returns: v.id(\"Passkey\"),\n handler: async (ctx, args) => {\n return await ctx.db.insert(\"Passkey\", args);\n },\n});\n\n/** Look up a passkey by its credential ID. */\nexport const passkeyGetByCredentialId = query({\n args: { credentialId: v.string() },\n returns: v.union(vPasskeyDoc, v.null()),\n handler: async (ctx, { credentialId }) => {\n return await ctx.db\n .query(\"Passkey\")\n .withIndex(\"credential_id\", (q) => q.eq(\"credentialId\", credentialId))\n .unique();\n },\n});\n\n/** List all passkeys for a user. */\nexport const passkeyListByUserId = query({\n args: { userId: v.id(\"User\") },\n returns: v.array(vPasskeyDoc),\n handler: async (ctx, { userId }) => {\n return await ctx.db\n .query(\"Passkey\")\n .withIndex(\"user_id\", (q) => q.eq(\"userId\", userId))\n .collect();\n },\n});\n\n/** Update a passkey's counter and last used timestamp after authentication. */\nexport const passkeyUpdateCounter = mutation({\n args: {\n passkeyId: v.id(\"Passkey\"),\n counter: v.number(),\n lastUsedAt: v.number(),\n },\n returns: v.null(),\n handler: async (ctx, { passkeyId, counter, lastUsedAt }) => {\n await ctx.db.patch(\"Passkey\", passkeyId, { counter, lastUsedAt });\n return null;\n },\n});\n\n/** Update a passkey's metadata (name). */\nexport const passkeyUpdateMeta = mutation({\n args: { passkeyId: v.id(\"Passkey\"), data: v.any() },\n returns: v.null(),\n handler: async (ctx, { passkeyId, data }) => {\n await ctx.db.patch(\"Passkey\", passkeyId, data);\n return null;\n },\n});\n\n/** Delete a passkey credential. */\nexport const passkeyDelete = mutation({\n args: { passkeyId: v.id(\"Passkey\") },\n returns: v.null(),\n handler: async (ctx, { passkeyId }) => {\n await ctx.db.delete(\"Passkey\", passkeyId);\n return null;\n },\n});\n\n// ============================================================================\n// TOTP Two-Factor Authentication\n// ============================================================================\n\n/** Store a new TOTP enrollment for a user. */\nexport const totpInsert = mutation({\n args: {\n userId: v.id(\"User\"),\n secret: v.bytes(),\n digits: v.number(),\n period: v.number(),\n verified: v.boolean(),\n name: v.optional(v.string()),\n createdAt: v.number(),\n },\n returns: v.id(\"TotpFactor\"),\n handler: async (ctx, args) => {\n return await ctx.db.insert(\"TotpFactor\", args);\n },\n});\n\n/** Get a verified TOTP enrollment for a user (returns first match). */\nexport const totpGetVerifiedByUserId = query({\n args: { userId: v.id(\"User\") },\n returns: v.union(vTotpFactorDoc, v.null()),\n handler: async (ctx, { userId }) => {\n return await ctx.db\n .query(\"TotpFactor\")\n .withIndex(\"user_id_verified\", (q) =>\n q.eq(\"userId\", userId).eq(\"verified\", true),\n )\n .first();\n },\n});\n\n/** List all TOTP enrollments for a user. */\nexport const totpListByUserId = query({\n args: { userId: v.id(\"User\") },\n returns: v.array(vTotpFactorDoc),\n handler: async (ctx, { userId }) => {\n return await ctx.db\n .query(\"TotpFactor\")\n .withIndex(\"user_id\", (q) => q.eq(\"userId\", userId))\n .collect();\n },\n});\n\n/** Get a TOTP enrollment by its ID. */\nexport const totpGetById = query({\n args: { totpId: v.id(\"TotpFactor\") },\n returns: v.union(vTotpFactorDoc, v.null()),\n handler: async (ctx, { totpId }) => {\n return await ctx.db.get(\"TotpFactor\", totpId);\n },\n});\n\n/** Mark a TOTP enrollment as verified (setup complete). */\nexport const totpMarkVerified = mutation({\n args: { totpId: v.id(\"TotpFactor\"), lastUsedAt: v.number() },\n returns: v.null(),\n handler: async (ctx, { totpId, lastUsedAt }) => {\n await ctx.db.patch(\"TotpFactor\", totpId, { verified: true, lastUsedAt });\n return null;\n },\n});\n\n/** Update a TOTP enrollment's last used timestamp. */\nexport const totpUpdateLastUsed = mutation({\n args: { totpId: v.id(\"TotpFactor\"), lastUsedAt: v.number() },\n returns: v.null(),\n handler: async (ctx, { totpId, lastUsedAt }) => {\n await ctx.db.patch(\"TotpFactor\", totpId, { lastUsedAt });\n return null;\n },\n});\n\n/** Delete a TOTP enrollment. */\nexport const totpDelete = mutation({\n args: { totpId: v.id(\"TotpFactor\") },\n returns: v.null(),\n handler: async (ctx, { totpId }) => {\n await ctx.db.delete(\"TotpFactor\", totpId);\n return null;\n },\n});\n\n// ============================================================================\n// Rate Limits\n// ============================================================================\n\n/** Look up a rate limit entry by its identifier. */\nexport const rateLimitGet = query({\n args: { identifier: v.string() },\n returns: v.union(vRateLimitResult, v.null()),\n handler: async (ctx, { identifier }) => {\n const row = await ctx.db\n .query(\"RateLimit\")\n .withIndex(\"by_identifier\", (q) => q.eq(\"identifier\", identifier))\n .unique();\n if (row === null) {\n return null;\n }\n return {\n ...row,\n attemptsLeft: row.attempts_left,\n lastAttemptTime: row.last_attempt_time,\n };\n },\n});\n\n/** Create a new rate limit entry. */\nexport const rateLimitCreate = mutation({\n args: {\n identifier: v.string(),\n attemptsLeft: v.number(),\n lastAttemptTime: v.number(),\n },\n returns: v.id(\"RateLimit\"),\n handler: async (ctx, { identifier, attemptsLeft, lastAttemptTime }) => {\n return await ctx.db.insert(\"RateLimit\", {\n identifier,\n attempts_left: attemptsLeft,\n last_attempt_time: lastAttemptTime,\n });\n },\n});\n\n/** Patch a rate limit entry with partial data. */\nexport const rateLimitPatch = mutation({\n args: { rateLimitId: v.id(\"RateLimit\"), data: v.any() },\n returns: v.null(),\n handler: async (ctx, { rateLimitId, data }) => {\n const nextData: Record<string, unknown> = { ...data };\n if (nextData.attemptsLeft !== undefined) {\n nextData.attempts_left = nextData.attemptsLeft;\n delete nextData.attemptsLeft;\n }\n if (nextData.lastAttemptTime !== undefined) {\n nextData.last_attempt_time = nextData.lastAttemptTime;\n delete nextData.lastAttemptTime;\n }\n await ctx.db.patch(\"RateLimit\", rateLimitId, nextData);\n return null;\n },\n});\n\n/** Delete a rate limit entry. */\nexport const rateLimitDelete = mutation({\n args: { rateLimitId: v.id(\"RateLimit\") },\n returns: v.null(),\n handler: async (ctx, { rateLimitId }) => {\n await ctx.db.delete(\"RateLimit\", rateLimitId);\n return null;\n },\n});\n\n// ============================================================================\n// Device Authorization (RFC 8628)\n// ============================================================================\n\n/** Insert a new device authorization record. */\nexport const deviceInsert = mutation({\n args: {\n deviceCodeHash: v.string(),\n userCode: v.string(),\n expiresAt: v.number(),\n interval: v.number(),\n status: vDeviceStatus,\n },\n returns: v.id(\"DeviceCode\"),\n handler: async (ctx, args) => {\n return await ctx.db.insert(\"DeviceCode\", args);\n },\n});\n\n/** Look up a device authorization by its hashed device code. */\nexport const deviceGetByCodeHash = query({\n args: { deviceCodeHash: v.string() },\n returns: v.union(vDeviceCodeDoc, v.null()),\n handler: async (ctx, { deviceCodeHash }) => {\n return await ctx.db\n .query(\"DeviceCode\")\n .withIndex(\"device_code_hash\", (q) =>\n q.eq(\"deviceCodeHash\", deviceCodeHash),\n )\n .first();\n },\n});\n\n/** Look up a pending device authorization by its user code. */\nexport const deviceGetByUserCode = query({\n args: { userCode: v.string() },\n returns: v.union(vDeviceCodeDoc, v.null()),\n handler: async (ctx, { userCode }) => {\n return await ctx.db\n .query(\"DeviceCode\")\n .withIndex(\"user_code_status\", (q) =>\n q.eq(\"userCode\", userCode).eq(\"status\", \"pending\"),\n )\n .first();\n },\n});\n\n/** Authorize a device code — link it to a user and session. */\nexport const deviceAuthorize = mutation({\n args: {\n deviceId: v.id(\"DeviceCode\"),\n userId: v.id(\"User\"),\n sessionId: v.id(\"Session\"),\n },\n returns: v.null(),\n handler: async (ctx, { deviceId, userId, sessionId }) => {\n await ctx.db.patch(\"DeviceCode\", deviceId, {\n status: \"authorized\",\n userId,\n sessionId,\n });\n return null;\n },\n});\n\n/** Update the last-polled timestamp on a device authorization record. */\nexport const deviceUpdateLastPolled = mutation({\n args: { deviceId: v.id(\"DeviceCode\"), lastPolledAt: v.number() },\n returns: v.null(),\n handler: async (ctx, { deviceId, lastPolledAt }) => {\n await ctx.db.patch(\"DeviceCode\", deviceId, { lastPolledAt });\n return null;\n },\n});\n\n/** Delete a device authorization record (cleanup after use or expiry). */\nexport const deviceDelete = mutation({\n args: { deviceId: v.id(\"DeviceCode\") },\n returns: v.null(),\n handler: async (ctx, { deviceId }) => {\n await ctx.db.delete(\"DeviceCode\", deviceId);\n return null;\n },\n});\n"],"mappings":";;;;;;AAgBA,MAAa,gBAAgB,SAAS;CACpC,MAAM;EACJ,QAAQ,EAAE,GAAG,OAAO;EACpB,cAAc,EAAE,QAAQ;EACxB,WAAW,EAAE,OAAO;EACpB,WAAW,EAAE,QAAQ;EACrB,SAAS,EAAE,QAAQ;EACnB,YAAY,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;EAC3C,YAAY,EAAE,QAAQ;EACtB,UAAU,EAAE,SAAS;EACrB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;EAC5B,WAAW,EAAE,QAAQ;EACtB;CACD,SAAS,EAAE,GAAG,UAAU;CACxB,SAAS,OAAO,KAAK,SAAS;AAC5B,SAAO,MAAM,IAAI,GAAG,OAAO,WAAW,KAAK;;CAE9C,CAAC;;AAGF,MAAa,2BAA2B,MAAM;CAC5C,MAAM,EAAE,cAAc,EAAE,QAAQ,EAAE;CAClC,SAAS,EAAE,MAAM,aAAa,EAAE,MAAM,CAAC;CACvC,SAAS,OAAO,KAAK,EAAE,mBAAmB;AACxC,SAAO,MAAM,IAAI,GACd,MAAM,UAAU,CAChB,UAAU,kBAAkB,MAAM,EAAE,GAAG,gBAAgB,aAAa,CAAC,CACrE,QAAQ;;CAEd,CAAC;;AAGF,MAAa,sBAAsB,MAAM;CACvC,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,EAAE;CAC9B,SAAS,EAAE,MAAM,YAAY;CAC7B,SAAS,OAAO,KAAK,EAAE,aAAa;AAClC,SAAO,MAAM,IAAI,GACd,MAAM,UAAU,CAChB,UAAU,YAAY,MAAM,EAAE,GAAG,UAAU,OAAO,CAAC,CACnD,SAAS;;CAEf,CAAC;;AAGF,MAAa,uBAAuB,SAAS;CAC3C,MAAM;EACJ,WAAW,EAAE,GAAG,UAAU;EAC1B,SAAS,EAAE,QAAQ;EACnB,YAAY,EAAE,QAAQ;EACvB;CACD,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,WAAW,SAAS,iBAAiB;AAC1D,QAAM,IAAI,GAAG,MAAM,WAAW,WAAW;GAAE;GAAS;GAAY,CAAC;AACjE,SAAO;;CAEV,CAAC;;AAGF,MAAa,oBAAoB,SAAS;CACxC,MAAM;EAAE,WAAW,EAAE,GAAG,UAAU;EAAE,MAAM,EAAE,KAAK;EAAE;CACnD,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,WAAW,WAAW;AAC3C,QAAM,IAAI,GAAG,MAAM,WAAW,WAAW,KAAK;AAC9C,SAAO;;CAEV,CAAC;;AAGF,MAAa,gBAAgB,SAAS;CACpC,MAAM,EAAE,WAAW,EAAE,GAAG,UAAU,EAAE;CACpC,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,gBAAgB;AACrC,QAAM,IAAI,GAAG,OAAO,WAAW,UAAU;AACzC,SAAO;;CAEV,CAAC;;AAOF,MAAa,aAAa,SAAS;CACjC,MAAM;EACJ,QAAQ,EAAE,GAAG,OAAO;EACpB,QAAQ,EAAE,OAAO;EACjB,QAAQ,EAAE,QAAQ;EAClB,QAAQ,EAAE,QAAQ;EAClB,UAAU,EAAE,SAAS;EACrB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;EAC5B,WAAW,EAAE,QAAQ;EACtB;CACD,SAAS,EAAE,GAAG,aAAa;CAC3B,SAAS,OAAO,KAAK,SAAS;AAC5B,SAAO,MAAM,IAAI,GAAG,OAAO,cAAc,KAAK;;CAEjD,CAAC;;AAGF,MAAa,0BAA0B,MAAM;CAC3C,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,EAAE;CAC9B,SAAS,EAAE,MAAM,gBAAgB,EAAE,MAAM,CAAC;CAC1C,SAAS,OAAO,KAAK,EAAE,aAAa;AAClC,SAAO,MAAM,IAAI,GACd,MAAM,aAAa,CACnB,UAAU,qBAAqB,MAC9B,EAAE,GAAG,UAAU,OAAO,CAAC,GAAG,YAAY,KAAK,CAC5C,CACA,OAAO;;CAEb,CAAC;;AAGF,MAAa,mBAAmB,MAAM;CACpC,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,EAAE;CAC9B,SAAS,EAAE,MAAM,eAAe;CAChC,SAAS,OAAO,KAAK,EAAE,aAAa;AAClC,SAAO,MAAM,IAAI,GACd,MAAM,aAAa,CACnB,UAAU,YAAY,MAAM,EAAE,GAAG,UAAU,OAAO,CAAC,CACnD,SAAS;;CAEf,CAAC;;AAGF,MAAa,cAAc,MAAM;CAC/B,MAAM,EAAE,QAAQ,EAAE,GAAG,aAAa,EAAE;CACpC,SAAS,EAAE,MAAM,gBAAgB,EAAE,MAAM,CAAC;CAC1C,SAAS,OAAO,KAAK,EAAE,aAAa;AAClC,SAAO,MAAM,IAAI,GAAG,IAAI,cAAc,OAAO;;CAEhD,CAAC;;AAGF,MAAa,mBAAmB,SAAS;CACvC,MAAM;EAAE,QAAQ,EAAE,GAAG,aAAa;EAAE,YAAY,EAAE,QAAQ;EAAE;CAC5D,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,QAAQ,iBAAiB;AAC9C,QAAM,IAAI,GAAG,MAAM,cAAc,QAAQ;GAAE,UAAU;GAAM;GAAY,CAAC;AACxE,SAAO;;CAEV,CAAC;;AAGF,MAAa,qBAAqB,SAAS;CACzC,MAAM;EAAE,QAAQ,EAAE,GAAG,aAAa;EAAE,YAAY,EAAE,QAAQ;EAAE;CAC5D,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,QAAQ,iBAAiB;AAC9C,QAAM,IAAI,GAAG,MAAM,cAAc,QAAQ,EAAE,YAAY,CAAC;AACxD,SAAO;;CAEV,CAAC;;AAGF,MAAa,aAAa,SAAS;CACjC,MAAM,EAAE,QAAQ,EAAE,GAAG,aAAa,EAAE;CACpC,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,aAAa;AAClC,QAAM,IAAI,GAAG,OAAO,cAAc,OAAO;AACzC,SAAO;;CAEV,CAAC;;AAOF,MAAa,eAAe,MAAM;CAChC,MAAM,EAAE,YAAY,EAAE,QAAQ,EAAE;CAChC,SAAS,EAAE,MAAM,kBAAkB,EAAE,MAAM,CAAC;CAC5C,SAAS,OAAO,KAAK,EAAE,iBAAiB;EACtC,MAAM,MAAM,MAAM,IAAI,GACnB,MAAM,YAAY,CAClB,UAAU,kBAAkB,MAAM,EAAE,GAAG,cAAc,WAAW,CAAC,CACjE,QAAQ;AACX,MAAI,QAAQ,KACV,QAAO;AAET,SAAO;GACL,GAAG;GACH,cAAc,IAAI;GAClB,iBAAiB,IAAI;GACtB;;CAEJ,CAAC;;AAGF,MAAa,kBAAkB,SAAS;CACtC,MAAM;EACJ,YAAY,EAAE,QAAQ;EACtB,cAAc,EAAE,QAAQ;EACxB,iBAAiB,EAAE,QAAQ;EAC5B;CACD,SAAS,EAAE,GAAG,YAAY;CAC1B,SAAS,OAAO,KAAK,EAAE,YAAY,cAAc,sBAAsB;AACrE,SAAO,MAAM,IAAI,GAAG,OAAO,aAAa;GACtC;GACA,eAAe;GACf,mBAAmB;GACpB,CAAC;;CAEL,CAAC;;AAGF,MAAa,iBAAiB,SAAS;CACrC,MAAM;EAAE,aAAa,EAAE,GAAG,YAAY;EAAE,MAAM,EAAE,KAAK;EAAE;CACvD,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,aAAa,WAAW;EAC7C,MAAM,WAAoC,EAAE,GAAG,MAAM;AACrD,MAAI,SAAS,iBAAiB,QAAW;AACvC,YAAS,gBAAgB,SAAS;AAClC,UAAO,SAAS;;AAElB,MAAI,SAAS,oBAAoB,QAAW;AAC1C,YAAS,oBAAoB,SAAS;AACtC,UAAO,SAAS;;AAElB,QAAM,IAAI,GAAG,MAAM,aAAa,aAAa,SAAS;AACtD,SAAO;;CAEV,CAAC;;AAGF,MAAa,kBAAkB,SAAS;CACtC,MAAM,EAAE,aAAa,EAAE,GAAG,YAAY,EAAE;CACxC,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,kBAAkB;AACvC,QAAM,IAAI,GAAG,OAAO,aAAa,YAAY;AAC7C,SAAO;;CAEV,CAAC;;AAOF,MAAa,eAAe,SAAS;CACnC,MAAM;EACJ,gBAAgB,EAAE,QAAQ;EAC1B,UAAU,EAAE,QAAQ;EACpB,WAAW,EAAE,QAAQ;EACrB,UAAU,EAAE,QAAQ;EACpB,QAAQ;EACT;CACD,SAAS,EAAE,GAAG,aAAa;CAC3B,SAAS,OAAO,KAAK,SAAS;AAC5B,SAAO,MAAM,IAAI,GAAG,OAAO,cAAc,KAAK;;CAEjD,CAAC;;AAGF,MAAa,sBAAsB,MAAM;CACvC,MAAM,EAAE,gBAAgB,EAAE,QAAQ,EAAE;CACpC,SAAS,EAAE,MAAM,gBAAgB,EAAE,MAAM,CAAC;CAC1C,SAAS,OAAO,KAAK,EAAE,qBAAqB;AAC1C,SAAO,MAAM,IAAI,GACd,MAAM,aAAa,CACnB,UAAU,qBAAqB,MAC9B,EAAE,GAAG,kBAAkB,eAAe,CACvC,CACA,OAAO;;CAEb,CAAC;;AAGF,MAAa,sBAAsB,MAAM;CACvC,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE;CAC9B,SAAS,EAAE,MAAM,gBAAgB,EAAE,MAAM,CAAC;CAC1C,SAAS,OAAO,KAAK,EAAE,eAAe;AACpC,SAAO,MAAM,IAAI,GACd,MAAM,aAAa,CACnB,UAAU,qBAAqB,MAC9B,EAAE,GAAG,YAAY,SAAS,CAAC,GAAG,UAAU,UAAU,CACnD,CACA,OAAO;;CAEb,CAAC;;AAGF,MAAa,kBAAkB,SAAS;CACtC,MAAM;EACJ,UAAU,EAAE,GAAG,aAAa;EAC5B,QAAQ,EAAE,GAAG,OAAO;EACpB,WAAW,EAAE,GAAG,UAAU;EAC3B;CACD,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,UAAU,QAAQ,gBAAgB;AACvD,QAAM,IAAI,GAAG,MAAM,cAAc,UAAU;GACzC,QAAQ;GACR;GACA;GACD,CAAC;AACF,SAAO;;CAEV,CAAC;;AAGF,MAAa,yBAAyB,SAAS;CAC7C,MAAM;EAAE,UAAU,EAAE,GAAG,aAAa;EAAE,cAAc,EAAE,QAAQ;EAAE;CAChE,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,UAAU,mBAAmB;AAClD,QAAM,IAAI,GAAG,MAAM,cAAc,UAAU,EAAE,cAAc,CAAC;AAC5D,SAAO;;CAEV,CAAC;;AAGF,MAAa,eAAe,SAAS;CACnC,MAAM,EAAE,UAAU,EAAE,GAAG,aAAa,EAAE;CACtC,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,eAAe;AACpC,QAAM,IAAI,GAAG,OAAO,cAAc,SAAS;AAC3C,SAAO;;CAEV,CAAC"}
@@ -1,5 +1,5 @@
1
1
  declare namespace groups_d_exports {
2
- export { groupCreate, groupDelete, groupGet, groupList, groupUpdate, inviteAccept, inviteAcceptByToken, inviteCreate, inviteGet, inviteGetByTokenHash, inviteList, inviteRevoke, memberAdd, memberGet, memberGetByGroupAndUser, memberList, memberListByUser, memberRemove, memberUpdate };
2
+ export { groupCreate, groupDelete, groupGet, groupList, groupUpdate, inviteAccept, inviteAcceptByToken, inviteCreate, inviteGet, inviteGetByTokenHash, inviteList, inviteRevoke, memberAdd, memberGet, memberGetByGroupAndUser, memberList, memberListByUser, memberRemove, memberResolve, memberUpdate };
3
3
  }
4
4
  /**
5
5
  * Create a new group. Groups are hierarchical — set `parentGroupId` to nest
@@ -57,6 +57,14 @@ declare const memberListByUser: any;
57
57
  * Returns `null` if the user is not a member of the group.
58
58
  */
59
59
  declare const memberGetByGroupAndUser: any;
60
+ /**
61
+ * Resolve a user's membership by walking the group hierarchy from the
62
+ * requested group up to the root. Returns the first matching membership
63
+ * found. When `ancestry` is true, includes the list of traversed group IDs.
64
+ *
65
+ * This runs entirely inside the component (no cross-component RPCs per level).
66
+ */
67
+ declare const memberResolve: any;
60
68
  /** Remove a member from a group by deleting the member record. */
61
69
  declare const memberRemove: any;
62
70
  /**
@@ -112,5 +120,5 @@ declare const inviteAcceptByToken: any;
112
120
  */
113
121
  declare const inviteRevoke: any;
114
122
  //#endregion
115
- export { groupCreate, groupDelete, groupGet, groupList, groupUpdate, groups_d_exports, inviteAccept, inviteAcceptByToken, inviteCreate, inviteGet, inviteGetByTokenHash, inviteList, inviteRevoke, memberAdd, memberGet, memberGetByGroupAndUser, memberList, memberListByUser, memberRemove, memberUpdate };
123
+ export { groupCreate, groupDelete, groupGet, groupList, groupUpdate, groups_d_exports, inviteAccept, inviteAcceptByToken, inviteCreate, inviteGet, inviteGetByTokenHash, inviteList, inviteRevoke, memberAdd, memberGet, memberGetByGroupAndUser, memberList, memberListByUser, memberRemove, memberResolve, memberUpdate };
116
124
  //# sourceMappingURL=groups.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"groups.d.ts","names":[],"sources":["../../../src/component/public/groups.ts"],"mappings":";;;;;;;;;cA4Ba,WAAA;;cAgCA,QAAA;;;;;;cAaA,SAAA;;cAuJA,WAAA;;;;;;;cA2CA,WAAA;AA/Ob;;;;;AAgCA;;;;;AAaA;;AA7CA,cA6Sa,SAAA;;cA8BA,SAAA;AAvIb;;;;;AA2CA;AA3CA,cAqJa,UAAA;;;;AA5Cb;cAmHa,gBAAA;;;;AArFb;cAoGa,uBAAA;;cAcA,YAAA;;AApGb;;cAgHa,YAAA;;;AAzCb;;;;;AAeA;;;;;cAmDa,YAAA;;cA+EA,SAAA;;cASA,oBAAA;AAjHb;;;;;AAyBA;AAzBA,cAkIa,UAAA;;;;AA1Bb;;;;;AASA;cAkJa,YAAA;;;;AAjIb;;;cAiLa,mBAAA;;AAhDb;;;;;cAoKa,YAAA"}
1
+ {"version":3,"file":"groups.d.ts","names":[],"sources":["../../../src/component/public/groups.ts"],"mappings":";;;;;;;;;cA4Ba,WAAA;;cA6CA,QAAA;;;;;;cAaA,SAAA;;cA8JA,WAAA;;;;;;;cA2EA,WAAA;;AAnSb;;;;;AA6CA;;;;;AAaA;cAuSa,SAAA;;cA8BA,SAAA;;AAvKb;;;;;cAqLa,UAAA;;;;;cAkFA,gBAAA;;;;;cAeA,uBAAA;;;;;AAjGb;;;cAqHa,aAAA;;cAiEA,YAAA;;;;cAYA,YAAA;AAjGb;;;;;AAoBA;;;;;AAiEA;;AArFA,cA0Ha,YAAA;;cA+EA,SAAA;AAxGb;AAAA,cAiHa,oBAAA;;;;AAxFb;;;cAyGa,UAAA;;AA1Bb;;;;;AASA;;;cAkJa,YAAA;;AAjIb;;;;;cAiLa,mBAAA;;;;;AAAb;;cAoHa,YAAA"}
@@ -22,10 +22,16 @@ const groupCreate = mutation({
22
22
  handler: async (ctx, args) => {
23
23
  const { tags: rawTags, ...rest } = args;
24
24
  const normalizedTags = rawTags ? normalizeTags(rawTags) : void 0;
25
+ const isRoot = !args.parentGroupId;
26
+ let rootGroupId;
27
+ if (!isRoot && args.parentGroupId) rootGroupId = (await ctx.db.get(args.parentGroupId))?.rootGroupId ?? args.parentGroupId;
25
28
  const groupId = await ctx.db.insert("Group", {
26
29
  ...rest,
27
- tags: normalizedTags
30
+ tags: normalizedTags,
31
+ isRoot,
32
+ rootGroupId: isRoot ? void 0 : rootGroupId
28
33
  });
34
+ if (isRoot) await ctx.db.patch(groupId, { rootGroupId: groupId });
29
35
  if (normalizedTags) for (const tag of normalizedTags) await ctx.db.insert("GroupTag", {
30
36
  group_id: groupId,
31
37
  key: tag.key,
@@ -97,10 +103,10 @@ const groupList = query({
97
103
  else if (where.slug !== void 0) q = ctx.db.query("Group").withIndex("slug", (idx) => idx.eq("slug", where.slug));
98
104
  else if (where.type !== void 0) q = ctx.db.query("Group").withIndex("type", (idx) => idx.eq("type", where.type));
99
105
  else if (where.parentGroupId !== void 0) q = ctx.db.query("Group").withIndex("parent_group_id", (idx) => idx.eq("parentGroupId", where.parentGroupId));
106
+ else if (where.isRoot !== void 0) q = ctx.db.query("Group").withIndex("is_root", (idx) => idx.eq("isRoot", where.isRoot));
100
107
  else q = ctx.db.query("Group");
101
108
  if (where.name !== void 0) q = q.filter((f) => f.eq(f.field("name"), where.name));
102
- if (where.isRoot === true) q = q.filter((f) => f.eq(f.field("parentGroupId"), void 0));
103
- else if (where.isRoot === false) q = q.filter((f) => f.neq(f.field("parentGroupId"), void 0));
109
+ if (where.isRoot !== void 0 && where.parentGroupId === void 0 && (where.type !== void 0 || where.slug !== void 0)) q = q.filter((f) => f.eq(f.field("isRoot"), where.isRoot));
104
110
  if (where.slug !== void 0 && where.type !== void 0) q = q.filter((f) => f.eq(f.field("slug"), where.slug));
105
111
  q = q.order(order);
106
112
  let all = await q.collect();
@@ -127,6 +133,20 @@ const groupUpdate = mutation({
127
133
  },
128
134
  returns: v.null(),
129
135
  handler: async (ctx, { groupId, data }) => {
136
+ if (data.parentGroupId !== void 0) {
137
+ const oldRootGroupId = (await ctx.db.get("Group", groupId))?.rootGroupId;
138
+ const newParentGroupId = data.parentGroupId;
139
+ const newIsRoot = !newParentGroupId;
140
+ let newRootGroupId;
141
+ if (newIsRoot) newRootGroupId = groupId;
142
+ else newRootGroupId = (await ctx.db.get("Group", newParentGroupId))?.rootGroupId ?? newParentGroupId;
143
+ data.isRoot = newIsRoot;
144
+ data.rootGroupId = newRootGroupId;
145
+ if (oldRootGroupId && oldRootGroupId !== newRootGroupId) {
146
+ const descendants = await ctx.db.query("Group").withIndex("root_group_id", (q) => q.eq("rootGroupId", oldRootGroupId)).collect();
147
+ for (const desc of descendants) if (desc._id !== groupId) await ctx.db.patch("Group", desc._id, { rootGroupId: newRootGroupId });
148
+ }
149
+ }
130
150
  if (data.tags !== void 0) {
131
151
  const normalizedTags = Array.isArray(data.tags) ? normalizeTags(data.tags) : [];
132
152
  const existingTags = await ctx.db.query("GroupTag").withIndex("by_group", (idx) => idx.eq("group_id", groupId)).collect();
@@ -235,11 +255,18 @@ const memberList = query({
235
255
  const limit = Math.min(Math.max(args.limit ?? 50, 1), 100);
236
256
  const order = args.order ?? "desc";
237
257
  let q;
238
- if (where.groupId !== void 0 && where.userId !== void 0) q = ctx.db.query("GroupMember").withIndex("group_id_user_id", (idx) => idx.eq("groupId", where.groupId).eq("userId", where.userId));
258
+ if (where.groupId !== void 0 && where.userId !== void 0) {
259
+ q = ctx.db.query("GroupMember").withIndex("group_id_user_id", (idx) => idx.eq("groupId", where.groupId).eq("userId", where.userId));
260
+ if (where.status !== void 0) q = q.filter((f) => f.eq(f.field("status"), where.status));
261
+ } else if (where.groupId !== void 0 && where.status !== void 0) q = ctx.db.query("GroupMember").withIndex("group_id_status", (idx) => idx.eq("groupId", where.groupId).eq("status", where.status));
239
262
  else if (where.groupId !== void 0) q = ctx.db.query("GroupMember").withIndex("group_id", (idx) => idx.eq("groupId", where.groupId));
240
- else if (where.userId !== void 0) q = ctx.db.query("GroupMember").withIndex("user_id", (idx) => idx.eq("userId", where.userId));
241
- else q = ctx.db.query("GroupMember");
242
- if (where.status !== void 0) q = q.filter((f) => f.eq(f.field("status"), where.status));
263
+ else if (where.userId !== void 0) {
264
+ q = ctx.db.query("GroupMember").withIndex("user_id", (idx) => idx.eq("userId", where.userId));
265
+ if (where.status !== void 0) q = q.filter((f) => f.eq(f.field("status"), where.status));
266
+ } else {
267
+ q = ctx.db.query("GroupMember");
268
+ if (where.status !== void 0) q = q.filter((f) => f.eq(f.field("status"), where.status));
269
+ }
243
270
  q = q.order(order);
244
271
  let all = await q.collect();
245
272
  if (where.roleId !== void 0) all = all.filter((doc) => (doc.roleIds ?? []).includes(where.roleId));
@@ -282,6 +309,63 @@ const memberGetByGroupAndUser = query({
282
309
  return await ctx.db.query("GroupMember").withIndex("group_id_user_id", (q) => q.eq("groupId", groupId).eq("userId", userId)).unique();
283
310
  }
284
311
  });
312
+ /**
313
+ * Resolve a user's membership by walking the group hierarchy from the
314
+ * requested group up to the root. Returns the first matching membership
315
+ * found. When `ancestry` is true, includes the list of traversed group IDs.
316
+ *
317
+ * This runs entirely inside the component (no cross-component RPCs per level).
318
+ */
319
+ const memberResolve = query({
320
+ args: {
321
+ userId: v.id("User"),
322
+ groupId: v.id("Group"),
323
+ maxDepth: v.optional(v.number()),
324
+ ancestry: v.optional(v.boolean())
325
+ },
326
+ returns: v.object({
327
+ membership: v.union(vGroupMemberDoc, v.null()),
328
+ matchedGroupId: v.union(v.id("Group"), v.null()),
329
+ depth: v.union(v.number(), v.null()),
330
+ isDirect: v.boolean(),
331
+ isInherited: v.boolean(),
332
+ traversedGroupIds: v.optional(v.array(v.id("Group")))
333
+ }),
334
+ handler: async (ctx, args) => {
335
+ const maxDepth = Math.max(0, Math.floor(args.maxDepth ?? 32));
336
+ const includeAncestry = args.ancestry ?? false;
337
+ const visited = /* @__PURE__ */ new Set();
338
+ const traversedGroupIds = [];
339
+ let currentGroupId = args.groupId;
340
+ let depth = 0;
341
+ while (currentGroupId !== void 0 && depth <= maxDepth) {
342
+ if (visited.has(currentGroupId)) break;
343
+ visited.add(currentGroupId);
344
+ if (includeAncestry) traversedGroupIds.push(currentGroupId);
345
+ const membership = await ctx.db.query("GroupMember").withIndex("group_id_user_id", (q) => q.eq("groupId", currentGroupId).eq("userId", args.userId)).unique();
346
+ if (membership !== null) return {
347
+ membership,
348
+ matchedGroupId: currentGroupId,
349
+ depth,
350
+ isDirect: depth === 0,
351
+ isInherited: depth > 0,
352
+ ...includeAncestry ? { traversedGroupIds } : {}
353
+ };
354
+ const groupDoc = await ctx.db.get(currentGroupId);
355
+ if (!groupDoc?.parentGroupId) break;
356
+ currentGroupId = groupDoc.parentGroupId;
357
+ depth++;
358
+ }
359
+ return {
360
+ membership: null,
361
+ matchedGroupId: null,
362
+ depth: null,
363
+ isDirect: false,
364
+ isInherited: false,
365
+ ...includeAncestry ? { traversedGroupIds } : {}
366
+ };
367
+ }
368
+ });
285
369
  /** Remove a member from a group by deleting the member record. */
286
370
  const memberRemove = mutation({
287
371
  args: { memberId: v.id("GroupMember") },
@@ -592,5 +676,5 @@ const inviteRevoke = mutation({
592
676
  });
593
677
 
594
678
  //#endregion
595
- export { groupCreate, groupDelete, groupGet, groupList, groupUpdate, inviteAccept, inviteAcceptByToken, inviteCreate, inviteGet, inviteGetByTokenHash, inviteList, inviteRevoke, memberAdd, memberGet, memberGetByGroupAndUser, memberList, memberListByUser, memberRemove, memberUpdate };
679
+ export { groupCreate, groupDelete, groupGet, groupList, groupUpdate, inviteAccept, inviteAcceptByToken, inviteCreate, inviteGet, inviteGetByTokenHash, inviteList, inviteRevoke, memberAdd, memberGet, memberGetByGroupAndUser, memberList, memberListByUser, memberRemove, memberResolve, memberUpdate };
596
680
  //# sourceMappingURL=groups.js.map