@robelest/convex-auth 0.0.4-preview.16 → 0.0.4-preview.18
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/authorization/index.d.ts +17 -0
- package/dist/authorization/index.d.ts.map +1 -0
- package/dist/authorization/index.js +17 -0
- package/dist/authorization/index.js.map +1 -0
- package/dist/client/index.js +73 -0
- package/dist/client/index.js.map +1 -1
- package/dist/component/_generated/component.d.ts +52 -0
- package/dist/component/_generated/component.d.ts.map +1 -1
- package/dist/component/convex.config.d.ts +2 -2
- package/dist/component/convex.config.d.ts.map +1 -1
- package/dist/component/index.js +2 -2
- package/dist/component/model.d.ts +75 -75
- package/dist/component/model.d.ts.map +1 -1
- package/dist/component/model.js +2 -0
- package/dist/component/model.js.map +1 -1
- package/dist/component/public/factors.d.ts.map +1 -1
- package/dist/component/public/factors.js +1 -1
- package/dist/component/public/factors.js.map +1 -1
- package/dist/component/public/groups.d.ts +10 -2
- package/dist/component/public/groups.d.ts.map +1 -1
- package/dist/component/public/groups.js +92 -8
- package/dist/component/public/groups.js.map +1 -1
- package/dist/component/public/identity.d.ts.map +1 -1
- package/dist/component/public/identity.js +3 -3
- package/dist/component/public/identity.js.map +1 -1
- package/dist/component/public/shared.d.ts +4 -4
- package/dist/component/public/shared.d.ts.map +1 -1
- package/dist/component/public.d.ts +3 -3
- package/dist/component/public.js +2 -2
- package/dist/component/schema.d.ts +13 -2
- package/dist/component/schema.js +7 -5
- package/dist/component/schema.js.map +1 -1
- package/dist/component/server/auth.d.ts +4 -25
- package/dist/component/server/auth.d.ts.map +1 -1
- package/dist/component/server/auth.js +4 -10
- package/dist/component/server/auth.js.map +1 -1
- package/dist/component/server/domains/core.js +196 -131
- package/dist/component/server/domains/core.js.map +1 -1
- package/dist/component/server/factory.d.ts +3 -3
- package/dist/component/server/signin.js +20 -1
- package/dist/component/server/signin.js.map +1 -1
- package/dist/server/auth.d.ts +4 -25
- package/dist/server/auth.d.ts.map +1 -1
- package/dist/server/auth.js +4 -10
- package/dist/server/auth.js.map +1 -1
- package/dist/server/domains/core.d.ts +73 -58
- package/dist/server/domains/core.d.ts.map +1 -1
- package/dist/server/domains/core.js +196 -131
- package/dist/server/domains/core.js.map +1 -1
- package/dist/server/http.d.ts +2 -2
- package/dist/server/http.d.ts.map +1 -1
- package/dist/server/index.d.ts +108 -69
- package/dist/server/index.d.ts.map +1 -1
- package/dist/server/index.js +138 -54
- package/dist/server/index.js.map +1 -1
- package/dist/server/mutations/code.d.ts +9 -9
- package/dist/server/mutations/index.d.ts +69 -69
- package/dist/server/mutations/invalidate.d.ts +4 -4
- package/dist/server/mutations/invalidate.d.ts.map +1 -1
- package/dist/server/mutations/oauth.d.ts +7 -7
- package/dist/server/mutations/register.d.ts +9 -9
- package/dist/server/mutations/retrieve.d.ts +6 -6
- package/dist/server/mutations/retrieve.d.ts.map +1 -1
- package/dist/server/mutations/signature.d.ts +4 -4
- package/dist/server/mutations/signature.d.ts.map +1 -1
- package/dist/server/mutations/signin.d.ts +5 -5
- package/dist/server/mutations/signin.d.ts.map +1 -1
- package/dist/server/mutations/verify.d.ts +7 -7
- package/dist/server/signin.js +20 -1
- package/dist/server/signin.js.map +1 -1
- package/dist/server/version.d.ts +1 -1
- package/dist/server/version.js +1 -1
- package/dist/server/version.js.map +1 -1
- package/package.json +9 -5
- package/src/authorization/index.ts +37 -0
- package/src/client/index.ts +122 -0
- package/src/component/_generated/component.ts +64 -0
- package/src/component/index.ts +1 -1
- package/src/component/model.ts +2 -0
- package/src/component/public/factors.ts +3 -2
- package/src/component/public/groups.ts +142 -8
- package/src/component/public/identity.ts +9 -6
- package/src/component/schema.ts +14 -2
- package/src/server/auth.ts +9 -61
- package/src/server/domains/core.ts +235 -210
- package/src/server/index.ts +158 -75
- package/src/server/signin.ts +52 -0
- package/src/server/version.ts +1 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"model.js","names":[],"sources":["../../src/component/model.ts"],"sourcesContent":["import { v } from \"convex/values\";\n\nexport const TABLES = {\n User: \"User\",\n Session: \"Session\",\n Account: \"Account\",\n AuthVerifier: \"AuthVerifier\",\n VerificationCode: \"VerificationCode\",\n RefreshToken: \"RefreshToken\",\n Passkey: \"Passkey\",\n TotpFactor: \"TotpFactor\",\n RateLimit: \"RateLimit\",\n Group: \"Group\",\n GroupTag: \"GroupTag\",\n GroupMember: \"GroupMember\",\n GroupInvite: \"GroupInvite\",\n Enterprise: \"Enterprise\",\n EnterpriseDomain: \"EnterpriseDomain\",\n EnterpriseDomainVerification: \"EnterpriseDomainVerification\",\n EnterpriseSecret: \"EnterpriseSecret\",\n EnterpriseScimConfig: \"EnterpriseScimConfig\",\n EnterpriseScimIdentity: \"EnterpriseScimIdentity\",\n EnterpriseAuditEvent: \"EnterpriseAuditEvent\",\n EnterpriseWebhookEndpoint: \"EnterpriseWebhookEndpoint\",\n EnterpriseWebhookDelivery: \"EnterpriseWebhookDelivery\",\n ApiKey: \"ApiKey\",\n DeviceCode: \"DeviceCode\",\n} as const;\n\nexport const vTag = v.object({ key: v.string(), value: v.string() });\n\nexport const vInviteStatus = v.union(\n v.literal(\"pending\"),\n v.literal(\"accepted\"),\n v.literal(\"revoked\"),\n v.literal(\"expired\"),\n);\n\nexport const vDeviceStatus = v.union(\n v.literal(\"pending\"),\n v.literal(\"authorized\"),\n v.literal(\"denied\"),\n);\n\nexport const vEnterpriseAccountLinkingPolicy = v.union(\n v.literal(\"verifiedEmail\"),\n v.literal(\"none\"),\n);\n\nexport const vEnterpriseScimReuseUserPolicy = v.union(\n v.literal(\"externalId\"),\n v.literal(\"none\"),\n);\n\nexport const vEnterpriseJitProvisioningMode = v.union(\n v.literal(\"off\"),\n v.literal(\"createUser\"),\n v.literal(\"createUserAndMembership\"),\n);\n\nexport const vEnterpriseDeprovisionMode = v.union(\n v.literal(\"soft\"),\n v.literal(\"hard\"),\n);\n\nexport const vEnterpriseStatus = v.union(\n v.literal(\"draft\"),\n v.literal(\"active\"),\n v.literal(\"disabled\"),\n);\n\nexport const vEnterprisePolicy = v.object({\n version: v.literal(1),\n identity: v.object({\n accountLinking: v.object({\n oidc: vEnterpriseAccountLinkingPolicy,\n saml: vEnterpriseAccountLinkingPolicy,\n }),\n }),\n provisioning: v.object({\n scimReuse: v.object({\n user: vEnterpriseScimReuseUserPolicy,\n }),\n jit: v.object({\n mode: vEnterpriseJitProvisioningMode,\n defaultRole: v.optional(v.string()),\n defaultRoleIds: v.optional(v.array(v.string())),\n }),\n deprovision: v.object({\n mode: vEnterpriseDeprovisionMode,\n }),\n }),\n extend: v.optional(v.any()),\n});\n\nexport const vScimStatus = v.union(\n v.literal(\"draft\"),\n v.literal(\"active\"),\n v.literal(\"disabled\"),\n);\n\nexport const vScimResourceType = v.union(v.literal(\"user\"), v.literal(\"group\"));\n\nexport const vAuditActorType = v.union(\n v.literal(\"user\"),\n v.literal(\"system\"),\n v.literal(\"scim\"),\n v.literal(\"api_key\"),\n v.literal(\"webhook\"),\n);\n\nexport const vAuditStatus = v.union(v.literal(\"success\"), v.literal(\"failure\"));\n\nexport const vWebhookEndpointStatus = v.union(\n v.literal(\"active\"),\n v.literal(\"disabled\"),\n);\n\nexport const vWebhookDeliveryStatus = v.union(\n v.literal(\"pending\"),\n v.literal(\"processing\"),\n v.literal(\"delivered\"),\n v.literal(\"failed\"),\n);\n\nexport const vInviteTokenAcceptStatus = v.union(\n v.literal(\"accepted\"),\n v.literal(\"already_accepted\"),\n);\n\nexport const vMembershipStatus = v.union(\n v.literal(\"joined\"),\n v.literal(\"already_joined\"),\n v.literal(\"not_applicable\"),\n);\n\nexport const vApiKeyScope = v.object({\n resource: v.string(),\n actions: v.array(v.string()),\n});\n\nexport const vApiKeyRateLimit = v.object({\n maxRequests: v.number(),\n windowMs: v.number(),\n});\n\nexport const vApiKeyRateLimitState = v.object({\n attemptsLeft: v.number(),\n lastAttemptTime: v.number(),\n});\n\nexport const vEnterpriseSecretKind = v.union(v.literal(\"oidc_client_secret\"));\n\nfunction vDocMeta<T extends (typeof TABLES)[keyof typeof TABLES]>(\n tableName: T,\n) {\n return {\n _id: v.id(tableName),\n _creationTime: v.number(),\n };\n}\n\nexport const vUserDoc = v.object({\n ...vDocMeta(TABLES.User),\n name: v.optional(v.string()),\n image: v.optional(v.string()),\n email: v.optional(v.string()),\n emailVerificationTime: v.optional(v.number()),\n phone: v.optional(v.string()),\n phoneVerificationTime: v.optional(v.number()),\n isAnonymous: v.optional(v.boolean()),\n extend: v.optional(v.any()),\n});\n\nexport const vSessionDoc = v.object({\n ...vDocMeta(TABLES.Session),\n userId: v.id(TABLES.User),\n expirationTime: v.number(),\n});\n\nexport const vAccountDoc = v.object({\n ...vDocMeta(TABLES.Account),\n userId: v.id(TABLES.User),\n provider: v.string(),\n providerAccountId: v.string(),\n secret: v.optional(v.string()),\n emailVerified: v.optional(v.string()),\n phoneVerified: v.optional(v.string()),\n extend: v.optional(v.any()),\n});\n\nexport const vAuthVerifierDoc = v.object({\n ...vDocMeta(TABLES.AuthVerifier),\n sessionId: v.optional(v.id(TABLES.Session)),\n signature: v.optional(v.string()),\n});\n\nexport const vVerificationCodeDoc = v.object({\n ...vDocMeta(TABLES.VerificationCode),\n accountId: v.id(TABLES.Account),\n provider: v.string(),\n code: v.string(),\n expirationTime: v.number(),\n verifier: v.optional(v.string()),\n emailVerified: v.optional(v.string()),\n phoneVerified: v.optional(v.string()),\n});\n\nexport const vRefreshTokenDoc = v.object({\n ...vDocMeta(TABLES.RefreshToken),\n sessionId: v.id(TABLES.Session),\n expirationTime: v.number(),\n firstUsedTime: v.optional(v.number()),\n parentRefreshTokenId: v.optional(v.id(TABLES.RefreshToken)),\n});\n\nexport const vPasskeyDoc = v.object({\n ...vDocMeta(TABLES.Passkey),\n userId: v.id(TABLES.User),\n credentialId: v.string(),\n publicKey: v.bytes(),\n algorithm: v.number(),\n counter: v.number(),\n transports: v.optional(v.array(v.string())),\n deviceType: v.string(),\n backedUp: v.boolean(),\n name: v.optional(v.string()),\n createdAt: v.number(),\n lastUsedAt: v.optional(v.number()),\n});\n\nexport const vTotpFactorDoc = v.object({\n ...vDocMeta(TABLES.TotpFactor),\n userId: v.id(TABLES.User),\n secret: v.bytes(),\n digits: v.number(),\n period: v.number(),\n verified: v.boolean(),\n name: v.optional(v.string()),\n createdAt: v.number(),\n lastUsedAt: v.optional(v.number()),\n});\n\nexport const vRateLimitDoc = v.object({\n ...vDocMeta(TABLES.RateLimit),\n identifier: v.string(),\n last_attempt_time: v.number(),\n attempts_left: v.number(),\n});\n\nexport const vGroupDoc = v.object({\n ...vDocMeta(TABLES.Group),\n name: v.string(),\n slug: v.optional(v.string()),\n type: v.optional(v.string()),\n parentGroupId: v.optional(v.id(TABLES.Group)),\n tags: v.optional(v.array(vTag)),\n extend: v.optional(v.any()),\n});\n\nexport const vGroupMemberDoc = v.object({\n ...vDocMeta(TABLES.GroupMember),\n groupId: v.id(TABLES.Group),\n userId: v.id(TABLES.User),\n role: v.optional(v.string()),\n roleIds: v.optional(v.array(v.string())),\n status: v.optional(v.string()),\n extend: v.optional(v.any()),\n});\n\nexport const vGroupInviteDoc = v.object({\n ...vDocMeta(TABLES.GroupInvite),\n groupId: v.optional(v.id(TABLES.Group)),\n invitedByUserId: v.optional(v.id(TABLES.User)),\n email: v.optional(v.string()),\n tokenHash: v.string(),\n role: v.optional(v.string()),\n roleIds: v.optional(v.array(v.string())),\n status: vInviteStatus,\n expiresTime: v.optional(v.number()),\n acceptedByUserId: v.optional(v.id(TABLES.User)),\n acceptedTime: v.optional(v.number()),\n extend: v.optional(v.any()),\n});\n\nexport const vApiKeyDoc = v.object({\n ...vDocMeta(TABLES.ApiKey),\n userId: v.id(TABLES.User),\n prefix: v.string(),\n hashedKey: v.string(),\n name: v.string(),\n scopes: v.array(vApiKeyScope),\n rateLimit: v.optional(vApiKeyRateLimit),\n rateLimitState: v.optional(vApiKeyRateLimitState),\n expiresAt: v.optional(v.number()),\n lastUsedAt: v.optional(v.number()),\n createdAt: v.number(),\n revoked: v.boolean(),\n metadata: v.optional(v.any()),\n});\n\nexport const vDeviceCodeDoc = v.object({\n ...vDocMeta(TABLES.DeviceCode),\n deviceCodeHash: v.string(),\n userCode: v.string(),\n expiresAt: v.number(),\n interval: v.number(),\n status: vDeviceStatus,\n userId: v.optional(v.id(TABLES.User)),\n sessionId: v.optional(v.id(TABLES.Session)),\n lastPolledAt: v.optional(v.number()),\n});\n\nexport const vEnterpriseDoc = v.object({\n ...vDocMeta(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n slug: v.optional(v.string()),\n name: v.optional(v.string()),\n status: vEnterpriseStatus,\n policy: v.optional(vEnterprisePolicy),\n config: v.optional(v.any()),\n extend: v.optional(v.any()),\n});\n\nexport const vEnterpriseDomainDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseDomain),\n enterpriseId: v.id(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n domain: v.string(),\n isPrimary: v.boolean(),\n verifiedAt: v.optional(v.number()),\n});\n\nexport const vEnterpriseDomainVerificationDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseDomainVerification),\n enterpriseId: v.id(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n domainId: v.id(TABLES.EnterpriseDomain),\n domain: v.string(),\n recordName: v.string(),\n token: v.string(),\n tokenHash: v.string(),\n requestedAt: v.number(),\n expiresAt: v.number(),\n});\n\nexport const vEnterpriseSecretDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseSecret),\n enterpriseId: v.id(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n kind: vEnterpriseSecretKind,\n ciphertext: v.string(),\n updatedAt: v.number(),\n});\n\nexport const vEnterpriseScimConfigDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseScimConfig),\n enterpriseId: v.id(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n status: vScimStatus,\n basePath: v.string(),\n tokenHash: v.string(),\n lastRotatedAt: v.optional(v.number()),\n extend: v.optional(v.any()),\n});\n\nexport const vEnterpriseScimIdentityDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseScimIdentity),\n enterpriseId: v.id(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n resourceType: vScimResourceType,\n externalId: v.string(),\n userId: v.optional(v.id(TABLES.User)),\n mappedGroupId: v.optional(v.id(TABLES.Group)),\n lastProvisionedAt: v.optional(v.number()),\n active: v.optional(v.boolean()),\n raw: v.optional(v.any()),\n});\n\nexport const vEnterpriseAuditEventDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseAuditEvent),\n enterpriseId: v.id(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n eventType: v.string(),\n actorType: vAuditActorType,\n actorId: v.optional(v.string()),\n subjectType: v.string(),\n subjectId: v.optional(v.string()),\n status: vAuditStatus,\n occurredAt: v.number(),\n requestId: v.optional(v.string()),\n ip: v.optional(v.string()),\n metadata: v.optional(v.any()),\n});\n\nexport const vEnterpriseWebhookEndpointDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseWebhookEndpoint),\n enterpriseId: v.id(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n url: v.string(),\n status: vWebhookEndpointStatus,\n secretHash: v.string(),\n subscriptions: v.array(v.string()),\n createdByUserId: v.optional(v.id(TABLES.User)),\n lastSuccessAt: v.optional(v.number()),\n lastFailureAt: v.optional(v.number()),\n failureCount: v.number(),\n extend: v.optional(v.any()),\n});\n\nexport const vEnterpriseWebhookDeliveryDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseWebhookDelivery),\n enterpriseId: v.id(TABLES.Enterprise),\n endpointId: v.id(TABLES.EnterpriseWebhookEndpoint),\n auditEventId: v.optional(v.id(TABLES.EnterpriseAuditEvent)),\n eventType: v.string(),\n status: vWebhookDeliveryStatus,\n attemptCount: v.number(),\n nextAttemptAt: v.number(),\n lastAttemptAt: v.optional(v.number()),\n lastResponseStatus: v.optional(v.number()),\n lastError: v.optional(v.string()),\n payload: v.any(),\n});\n\nexport const vRateLimitResult = v.object({\n ...vDocMeta(TABLES.RateLimit),\n identifier: v.string(),\n last_attempt_time: v.number(),\n attempts_left: v.number(),\n attemptsLeft: v.number(),\n lastAttemptTime: v.number(),\n});\n\nexport const vInviteAcceptByTokenResult = v.object({\n inviteId: v.id(TABLES.GroupInvite),\n groupId: v.union(v.id(TABLES.Group), v.null()),\n memberId: v.optional(v.id(TABLES.GroupMember)),\n inviteStatus: vInviteTokenAcceptStatus,\n membershipStatus: vMembershipStatus,\n});\n"],"mappings":";;;AAEA,MAAa,SAAS;CACpB,MAAM;CACN,SAAS;CACT,SAAS;CACT,cAAc;CACd,kBAAkB;CAClB,cAAc;CACd,SAAS;CACT,YAAY;CACZ,WAAW;CACX,OAAO;CACP,UAAU;CACV,aAAa;CACb,aAAa;CACb,YAAY;CACZ,kBAAkB;CAClB,8BAA8B;CAC9B,kBAAkB;CAClB,sBAAsB;CACtB,wBAAwB;CACxB,sBAAsB;CACtB,2BAA2B;CAC3B,2BAA2B;CAC3B,QAAQ;CACR,YAAY;CACb;AAED,MAAa,OAAO,EAAE,OAAO;CAAE,KAAK,EAAE,QAAQ;CAAE,OAAO,EAAE,QAAQ;CAAE,CAAC;AAEpE,MAAa,gBAAgB,EAAE,MAC7B,EAAE,QAAQ,UAAU,EACpB,EAAE,QAAQ,WAAW,EACrB,EAAE,QAAQ,UAAU,EACpB,EAAE,QAAQ,UAAU,CACrB;AAED,MAAa,gBAAgB,EAAE,MAC7B,EAAE,QAAQ,UAAU,EACpB,EAAE,QAAQ,aAAa,EACvB,EAAE,QAAQ,SAAS,CACpB;AAED,MAAa,kCAAkC,EAAE,MAC/C,EAAE,QAAQ,gBAAgB,EAC1B,EAAE,QAAQ,OAAO,CAClB;AAED,MAAa,iCAAiC,EAAE,MAC9C,EAAE,QAAQ,aAAa,EACvB,EAAE,QAAQ,OAAO,CAClB;AAED,MAAa,iCAAiC,EAAE,MAC9C,EAAE,QAAQ,MAAM,EAChB,EAAE,QAAQ,aAAa,EACvB,EAAE,QAAQ,0BAA0B,CACrC;AAED,MAAa,6BAA6B,EAAE,MAC1C,EAAE,QAAQ,OAAO,EACjB,EAAE,QAAQ,OAAO,CAClB;AAED,MAAa,oBAAoB,EAAE,MACjC,EAAE,QAAQ,QAAQ,EAClB,EAAE,QAAQ,SAAS,EACnB,EAAE,QAAQ,WAAW,CACtB;AAED,MAAa,oBAAoB,EAAE,OAAO;CACxC,SAAS,EAAE,QAAQ,EAAE;CACrB,UAAU,EAAE,OAAO,EACjB,gBAAgB,EAAE,OAAO;EACvB,MAAM;EACN,MAAM;EACP,CAAC,EACH,CAAC;CACF,cAAc,EAAE,OAAO;EACrB,WAAW,EAAE,OAAO,EAClB,MAAM,gCACP,CAAC;EACF,KAAK,EAAE,OAAO;GACZ,MAAM;GACN,aAAa,EAAE,SAAS,EAAE,QAAQ,CAAC;GACnC,gBAAgB,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;GAChD,CAAC;EACF,aAAa,EAAE,OAAO,EACpB,MAAM,4BACP,CAAC;EACH,CAAC;CACF,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,cAAc,EAAE,MAC3B,EAAE,QAAQ,QAAQ,EAClB,EAAE,QAAQ,SAAS,EACnB,EAAE,QAAQ,WAAW,CACtB;AAED,MAAa,oBAAoB,EAAE,MAAM,EAAE,QAAQ,OAAO,EAAE,EAAE,QAAQ,QAAQ,CAAC;AAE/E,MAAa,kBAAkB,EAAE,MAC/B,EAAE,QAAQ,OAAO,EACjB,EAAE,QAAQ,SAAS,EACnB,EAAE,QAAQ,OAAO,EACjB,EAAE,QAAQ,UAAU,EACpB,EAAE,QAAQ,UAAU,CACrB;AAED,MAAa,eAAe,EAAE,MAAM,EAAE,QAAQ,UAAU,EAAE,EAAE,QAAQ,UAAU,CAAC;AAE/E,MAAa,yBAAyB,EAAE,MACtC,EAAE,QAAQ,SAAS,EACnB,EAAE,QAAQ,WAAW,CACtB;AAED,MAAa,yBAAyB,EAAE,MACtC,EAAE,QAAQ,UAAU,EACpB,EAAE,QAAQ,aAAa,EACvB,EAAE,QAAQ,YAAY,EACtB,EAAE,QAAQ,SAAS,CACpB;AAED,MAAa,2BAA2B,EAAE,MACxC,EAAE,QAAQ,WAAW,EACrB,EAAE,QAAQ,mBAAmB,CAC9B;AAED,MAAa,oBAAoB,EAAE,MACjC,EAAE,QAAQ,SAAS,EACnB,EAAE,QAAQ,iBAAiB,EAC3B,EAAE,QAAQ,iBAAiB,CAC5B;AAED,MAAa,eAAe,EAAE,OAAO;CACnC,UAAU,EAAE,QAAQ;CACpB,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC;CAC7B,CAAC;AAEF,MAAa,mBAAmB,EAAE,OAAO;CACvC,aAAa,EAAE,QAAQ;CACvB,UAAU,EAAE,QAAQ;CACrB,CAAC;AAEF,MAAa,wBAAwB,EAAE,OAAO;CAC5C,cAAc,EAAE,QAAQ;CACxB,iBAAiB,EAAE,QAAQ;CAC5B,CAAC;AAEF,MAAa,wBAAwB,EAAE,MAAM,EAAE,QAAQ,qBAAqB,CAAC;AAE7E,SAAS,SACP,WACA;AACA,QAAO;EACL,KAAK,EAAE,GAAG,UAAU;EACpB,eAAe,EAAE,QAAQ;EAC1B;;AAGH,MAAa,WAAW,EAAE,OAAO;CAC/B,GAAG,SAAS,OAAO,KAAK;CACxB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC7B,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC7B,uBAAuB,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC7C,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC7B,uBAAuB,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC7C,aAAa,EAAE,SAAS,EAAE,SAAS,CAAC;CACpC,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,cAAc,EAAE,OAAO;CAClC,GAAG,SAAS,OAAO,QAAQ;CAC3B,QAAQ,EAAE,GAAG,OAAO,KAAK;CACzB,gBAAgB,EAAE,QAAQ;CAC3B,CAAC;AAEF,MAAa,cAAc,EAAE,OAAO;CAClC,GAAG,SAAS,OAAO,QAAQ;CAC3B,QAAQ,EAAE,GAAG,OAAO,KAAK;CACzB,UAAU,EAAE,QAAQ;CACpB,mBAAmB,EAAE,QAAQ;CAC7B,QAAQ,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC9B,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,mBAAmB,EAAE,OAAO;CACvC,GAAG,SAAS,OAAO,aAAa;CAChC,WAAW,EAAE,SAAS,EAAE,GAAG,OAAO,QAAQ,CAAC;CAC3C,WAAW,EAAE,SAAS,EAAE,QAAQ,CAAC;CAClC,CAAC;AAEF,MAAa,uBAAuB,EAAE,OAAO;CAC3C,GAAG,SAAS,OAAO,iBAAiB;CACpC,WAAW,EAAE,GAAG,OAAO,QAAQ;CAC/B,UAAU,EAAE,QAAQ;CACpB,MAAM,EAAE,QAAQ;CAChB,gBAAgB,EAAE,QAAQ;CAC1B,UAAU,EAAE,SAAS,EAAE,QAAQ,CAAC;CAChC,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACtC,CAAC;AAEF,MAAa,mBAAmB,EAAE,OAAO;CACvC,GAAG,SAAS,OAAO,aAAa;CAChC,WAAW,EAAE,GAAG,OAAO,QAAQ;CAC/B,gBAAgB,EAAE,QAAQ;CAC1B,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,sBAAsB,EAAE,SAAS,EAAE,GAAG,OAAO,aAAa,CAAC;CAC5D,CAAC;AAEF,MAAa,cAAc,EAAE,OAAO;CAClC,GAAG,SAAS,OAAO,QAAQ;CAC3B,QAAQ,EAAE,GAAG,OAAO,KAAK;CACzB,cAAc,EAAE,QAAQ;CACxB,WAAW,EAAE,OAAO;CACpB,WAAW,EAAE,QAAQ;CACrB,SAAS,EAAE,QAAQ;CACnB,YAAY,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;CAC3C,YAAY,EAAE,QAAQ;CACtB,UAAU,EAAE,SAAS;CACrB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,WAAW,EAAE,QAAQ;CACrB,YAAY,EAAE,SAAS,EAAE,QAAQ,CAAC;CACnC,CAAC;AAEF,MAAa,iBAAiB,EAAE,OAAO;CACrC,GAAG,SAAS,OAAO,WAAW;CAC9B,QAAQ,EAAE,GAAG,OAAO,KAAK;CACzB,QAAQ,EAAE,OAAO;CACjB,QAAQ,EAAE,QAAQ;CAClB,QAAQ,EAAE,QAAQ;CAClB,UAAU,EAAE,SAAS;CACrB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,WAAW,EAAE,QAAQ;CACrB,YAAY,EAAE,SAAS,EAAE,QAAQ,CAAC;CACnC,CAAC;AAEF,MAAa,gBAAgB,EAAE,OAAO;CACpC,GAAG,SAAS,OAAO,UAAU;CAC7B,YAAY,EAAE,QAAQ;CACtB,mBAAmB,EAAE,QAAQ;CAC7B,eAAe,EAAE,QAAQ;CAC1B,CAAC;AAEF,MAAa,YAAY,EAAE,OAAO;CAChC,GAAG,SAAS,OAAO,MAAM;CACzB,MAAM,EAAE,QAAQ;CAChB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,eAAe,EAAE,SAAS,EAAE,GAAG,OAAO,MAAM,CAAC;CAC7C,MAAM,EAAE,SAAS,EAAE,MAAM,KAAK,CAAC;CAC/B,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,kBAAkB,EAAE,OAAO;CACtC,GAAG,SAAS,OAAO,YAAY;CAC/B,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,QAAQ,EAAE,GAAG,OAAO,KAAK;CACzB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,SAAS,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;CACxC,QAAQ,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC9B,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,kBAAkB,EAAE,OAAO;CACtC,GAAG,SAAS,OAAO,YAAY;CAC/B,SAAS,EAAE,SAAS,EAAE,GAAG,OAAO,MAAM,CAAC;CACvC,iBAAiB,EAAE,SAAS,EAAE,GAAG,OAAO,KAAK,CAAC;CAC9C,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC7B,WAAW,EAAE,QAAQ;CACrB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,SAAS,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;CACxC,QAAQ;CACR,aAAa,EAAE,SAAS,EAAE,QAAQ,CAAC;CACnC,kBAAkB,EAAE,SAAS,EAAE,GAAG,OAAO,KAAK,CAAC;CAC/C,cAAc,EAAE,SAAS,EAAE,QAAQ,CAAC;CACpC,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,aAAa,EAAE,OAAO;CACjC,GAAG,SAAS,OAAO,OAAO;CAC1B,QAAQ,EAAE,GAAG,OAAO,KAAK;CACzB,QAAQ,EAAE,QAAQ;CAClB,WAAW,EAAE,QAAQ;CACrB,MAAM,EAAE,QAAQ;CAChB,QAAQ,EAAE,MAAM,aAAa;CAC7B,WAAW,EAAE,SAAS,iBAAiB;CACvC,gBAAgB,EAAE,SAAS,sBAAsB;CACjD,WAAW,EAAE,SAAS,EAAE,QAAQ,CAAC;CACjC,YAAY,EAAE,SAAS,EAAE,QAAQ,CAAC;CAClC,WAAW,EAAE,QAAQ;CACrB,SAAS,EAAE,SAAS;CACpB,UAAU,EAAE,SAAS,EAAE,KAAK,CAAC;CAC9B,CAAC;AAEF,MAAa,iBAAiB,EAAE,OAAO;CACrC,GAAG,SAAS,OAAO,WAAW;CAC9B,gBAAgB,EAAE,QAAQ;CAC1B,UAAU,EAAE,QAAQ;CACpB,WAAW,EAAE,QAAQ;CACrB,UAAU,EAAE,QAAQ;CACpB,QAAQ;CACR,QAAQ,EAAE,SAAS,EAAE,GAAG,OAAO,KAAK,CAAC;CACrC,WAAW,EAAE,SAAS,EAAE,GAAG,OAAO,QAAQ,CAAC;CAC3C,cAAc,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,CAAC;AAEF,MAAa,iBAAiB,EAAE,OAAO;CACrC,GAAG,SAAS,OAAO,WAAW;CAC9B,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,QAAQ;CACR,QAAQ,EAAE,SAAS,kBAAkB;CACrC,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC3B,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,uBAAuB,EAAE,OAAO;CAC3C,GAAG,SAAS,OAAO,iBAAiB;CACpC,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,QAAQ,EAAE,QAAQ;CAClB,WAAW,EAAE,SAAS;CACtB,YAAY,EAAE,SAAS,EAAE,QAAQ,CAAC;CACnC,CAAC;AAEF,MAAa,mCAAmC,EAAE,OAAO;CACvD,GAAG,SAAS,OAAO,6BAA6B;CAChD,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,UAAU,EAAE,GAAG,OAAO,iBAAiB;CACvC,QAAQ,EAAE,QAAQ;CAClB,YAAY,EAAE,QAAQ;CACtB,OAAO,EAAE,QAAQ;CACjB,WAAW,EAAE,QAAQ;CACrB,aAAa,EAAE,QAAQ;CACvB,WAAW,EAAE,QAAQ;CACtB,CAAC;AAEF,MAAa,uBAAuB,EAAE,OAAO;CAC3C,GAAG,SAAS,OAAO,iBAAiB;CACpC,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,MAAM;CACN,YAAY,EAAE,QAAQ;CACtB,WAAW,EAAE,QAAQ;CACtB,CAAC;AAEF,MAAa,2BAA2B,EAAE,OAAO;CAC/C,GAAG,SAAS,OAAO,qBAAqB;CACxC,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,QAAQ;CACR,UAAU,EAAE,QAAQ;CACpB,WAAW,EAAE,QAAQ;CACrB,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,6BAA6B,EAAE,OAAO;CACjD,GAAG,SAAS,OAAO,uBAAuB;CAC1C,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,cAAc;CACd,YAAY,EAAE,QAAQ;CACtB,QAAQ,EAAE,SAAS,EAAE,GAAG,OAAO,KAAK,CAAC;CACrC,eAAe,EAAE,SAAS,EAAE,GAAG,OAAO,MAAM,CAAC;CAC7C,mBAAmB,EAAE,SAAS,EAAE,QAAQ,CAAC;CACzC,QAAQ,EAAE,SAAS,EAAE,SAAS,CAAC;CAC/B,KAAK,EAAE,SAAS,EAAE,KAAK,CAAC;CACzB,CAAC;AAEF,MAAa,2BAA2B,EAAE,OAAO;CAC/C,GAAG,SAAS,OAAO,qBAAqB;CACxC,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,WAAW,EAAE,QAAQ;CACrB,WAAW;CACX,SAAS,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC/B,aAAa,EAAE,QAAQ;CACvB,WAAW,EAAE,SAAS,EAAE,QAAQ,CAAC;CACjC,QAAQ;CACR,YAAY,EAAE,QAAQ;CACtB,WAAW,EAAE,SAAS,EAAE,QAAQ,CAAC;CACjC,IAAI,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC1B,UAAU,EAAE,SAAS,EAAE,KAAK,CAAC;CAC9B,CAAC;AAEF,MAAa,gCAAgC,EAAE,OAAO;CACpD,GAAG,SAAS,OAAO,0BAA0B;CAC7C,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,KAAK,EAAE,QAAQ;CACf,QAAQ;CACR,YAAY,EAAE,QAAQ;CACtB,eAAe,EAAE,MAAM,EAAE,QAAQ,CAAC;CAClC,iBAAiB,EAAE,SAAS,EAAE,GAAG,OAAO,KAAK,CAAC;CAC9C,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,cAAc,EAAE,QAAQ;CACxB,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,gCAAgC,EAAE,OAAO;CACpD,GAAG,SAAS,OAAO,0BAA0B;CAC7C,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,YAAY,EAAE,GAAG,OAAO,0BAA0B;CAClD,cAAc,EAAE,SAAS,EAAE,GAAG,OAAO,qBAAqB,CAAC;CAC3D,WAAW,EAAE,QAAQ;CACrB,QAAQ;CACR,cAAc,EAAE,QAAQ;CACxB,eAAe,EAAE,QAAQ;CACzB,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,oBAAoB,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC1C,WAAW,EAAE,SAAS,EAAE,QAAQ,CAAC;CACjC,SAAS,EAAE,KAAK;CACjB,CAAC;AAEF,MAAa,mBAAmB,EAAE,OAAO;CACvC,GAAG,SAAS,OAAO,UAAU;CAC7B,YAAY,EAAE,QAAQ;CACtB,mBAAmB,EAAE,QAAQ;CAC7B,eAAe,EAAE,QAAQ;CACzB,cAAc,EAAE,QAAQ;CACxB,iBAAiB,EAAE,QAAQ;CAC5B,CAAC;AAEF,MAAa,6BAA6B,EAAE,OAAO;CACjD,UAAU,EAAE,GAAG,OAAO,YAAY;CAClC,SAAS,EAAE,MAAM,EAAE,GAAG,OAAO,MAAM,EAAE,EAAE,MAAM,CAAC;CAC9C,UAAU,EAAE,SAAS,EAAE,GAAG,OAAO,YAAY,CAAC;CAC9C,cAAc;CACd,kBAAkB;CACnB,CAAC"}
|
|
1
|
+
{"version":3,"file":"model.js","names":[],"sources":["../../src/component/model.ts"],"sourcesContent":["import { v } from \"convex/values\";\n\nexport const TABLES = {\n User: \"User\",\n Session: \"Session\",\n Account: \"Account\",\n AuthVerifier: \"AuthVerifier\",\n VerificationCode: \"VerificationCode\",\n RefreshToken: \"RefreshToken\",\n Passkey: \"Passkey\",\n TotpFactor: \"TotpFactor\",\n RateLimit: \"RateLimit\",\n Group: \"Group\",\n GroupTag: \"GroupTag\",\n GroupMember: \"GroupMember\",\n GroupInvite: \"GroupInvite\",\n Enterprise: \"Enterprise\",\n EnterpriseDomain: \"EnterpriseDomain\",\n EnterpriseDomainVerification: \"EnterpriseDomainVerification\",\n EnterpriseSecret: \"EnterpriseSecret\",\n EnterpriseScimConfig: \"EnterpriseScimConfig\",\n EnterpriseScimIdentity: \"EnterpriseScimIdentity\",\n EnterpriseAuditEvent: \"EnterpriseAuditEvent\",\n EnterpriseWebhookEndpoint: \"EnterpriseWebhookEndpoint\",\n EnterpriseWebhookDelivery: \"EnterpriseWebhookDelivery\",\n ApiKey: \"ApiKey\",\n DeviceCode: \"DeviceCode\",\n} as const;\n\nexport const vTag = v.object({ key: v.string(), value: v.string() });\n\nexport const vInviteStatus = v.union(\n v.literal(\"pending\"),\n v.literal(\"accepted\"),\n v.literal(\"revoked\"),\n v.literal(\"expired\"),\n);\n\nexport const vDeviceStatus = v.union(\n v.literal(\"pending\"),\n v.literal(\"authorized\"),\n v.literal(\"denied\"),\n);\n\nexport const vEnterpriseAccountLinkingPolicy = v.union(\n v.literal(\"verifiedEmail\"),\n v.literal(\"none\"),\n);\n\nexport const vEnterpriseScimReuseUserPolicy = v.union(\n v.literal(\"externalId\"),\n v.literal(\"none\"),\n);\n\nexport const vEnterpriseJitProvisioningMode = v.union(\n v.literal(\"off\"),\n v.literal(\"createUser\"),\n v.literal(\"createUserAndMembership\"),\n);\n\nexport const vEnterpriseDeprovisionMode = v.union(\n v.literal(\"soft\"),\n v.literal(\"hard\"),\n);\n\nexport const vEnterpriseStatus = v.union(\n v.literal(\"draft\"),\n v.literal(\"active\"),\n v.literal(\"disabled\"),\n);\n\nexport const vEnterprisePolicy = v.object({\n version: v.literal(1),\n identity: v.object({\n accountLinking: v.object({\n oidc: vEnterpriseAccountLinkingPolicy,\n saml: vEnterpriseAccountLinkingPolicy,\n }),\n }),\n provisioning: v.object({\n scimReuse: v.object({\n user: vEnterpriseScimReuseUserPolicy,\n }),\n jit: v.object({\n mode: vEnterpriseJitProvisioningMode,\n defaultRole: v.optional(v.string()),\n defaultRoleIds: v.optional(v.array(v.string())),\n }),\n deprovision: v.object({\n mode: vEnterpriseDeprovisionMode,\n }),\n }),\n extend: v.optional(v.any()),\n});\n\nexport const vScimStatus = v.union(\n v.literal(\"draft\"),\n v.literal(\"active\"),\n v.literal(\"disabled\"),\n);\n\nexport const vScimResourceType = v.union(v.literal(\"user\"), v.literal(\"group\"));\n\nexport const vAuditActorType = v.union(\n v.literal(\"user\"),\n v.literal(\"system\"),\n v.literal(\"scim\"),\n v.literal(\"api_key\"),\n v.literal(\"webhook\"),\n);\n\nexport const vAuditStatus = v.union(v.literal(\"success\"), v.literal(\"failure\"));\n\nexport const vWebhookEndpointStatus = v.union(\n v.literal(\"active\"),\n v.literal(\"disabled\"),\n);\n\nexport const vWebhookDeliveryStatus = v.union(\n v.literal(\"pending\"),\n v.literal(\"processing\"),\n v.literal(\"delivered\"),\n v.literal(\"failed\"),\n);\n\nexport const vInviteTokenAcceptStatus = v.union(\n v.literal(\"accepted\"),\n v.literal(\"already_accepted\"),\n);\n\nexport const vMembershipStatus = v.union(\n v.literal(\"joined\"),\n v.literal(\"already_joined\"),\n v.literal(\"not_applicable\"),\n);\n\nexport const vApiKeyScope = v.object({\n resource: v.string(),\n actions: v.array(v.string()),\n});\n\nexport const vApiKeyRateLimit = v.object({\n maxRequests: v.number(),\n windowMs: v.number(),\n});\n\nexport const vApiKeyRateLimitState = v.object({\n attemptsLeft: v.number(),\n lastAttemptTime: v.number(),\n});\n\nexport const vEnterpriseSecretKind = v.union(v.literal(\"oidc_client_secret\"));\n\nfunction vDocMeta<T extends (typeof TABLES)[keyof typeof TABLES]>(\n tableName: T,\n) {\n return {\n _id: v.id(tableName),\n _creationTime: v.number(),\n };\n}\n\nexport const vUserDoc = v.object({\n ...vDocMeta(TABLES.User),\n name: v.optional(v.string()),\n image: v.optional(v.string()),\n email: v.optional(v.string()),\n emailVerificationTime: v.optional(v.number()),\n phone: v.optional(v.string()),\n phoneVerificationTime: v.optional(v.number()),\n isAnonymous: v.optional(v.boolean()),\n extend: v.optional(v.any()),\n});\n\nexport const vSessionDoc = v.object({\n ...vDocMeta(TABLES.Session),\n userId: v.id(TABLES.User),\n expirationTime: v.number(),\n});\n\nexport const vAccountDoc = v.object({\n ...vDocMeta(TABLES.Account),\n userId: v.id(TABLES.User),\n provider: v.string(),\n providerAccountId: v.string(),\n secret: v.optional(v.string()),\n emailVerified: v.optional(v.string()),\n phoneVerified: v.optional(v.string()),\n extend: v.optional(v.any()),\n});\n\nexport const vAuthVerifierDoc = v.object({\n ...vDocMeta(TABLES.AuthVerifier),\n sessionId: v.optional(v.id(TABLES.Session)),\n signature: v.optional(v.string()),\n});\n\nexport const vVerificationCodeDoc = v.object({\n ...vDocMeta(TABLES.VerificationCode),\n accountId: v.id(TABLES.Account),\n provider: v.string(),\n code: v.string(),\n expirationTime: v.number(),\n verifier: v.optional(v.string()),\n emailVerified: v.optional(v.string()),\n phoneVerified: v.optional(v.string()),\n});\n\nexport const vRefreshTokenDoc = v.object({\n ...vDocMeta(TABLES.RefreshToken),\n sessionId: v.id(TABLES.Session),\n expirationTime: v.number(),\n firstUsedTime: v.optional(v.number()),\n parentRefreshTokenId: v.optional(v.id(TABLES.RefreshToken)),\n});\n\nexport const vPasskeyDoc = v.object({\n ...vDocMeta(TABLES.Passkey),\n userId: v.id(TABLES.User),\n credentialId: v.string(),\n publicKey: v.bytes(),\n algorithm: v.number(),\n counter: v.number(),\n transports: v.optional(v.array(v.string())),\n deviceType: v.string(),\n backedUp: v.boolean(),\n name: v.optional(v.string()),\n createdAt: v.number(),\n lastUsedAt: v.optional(v.number()),\n});\n\nexport const vTotpFactorDoc = v.object({\n ...vDocMeta(TABLES.TotpFactor),\n userId: v.id(TABLES.User),\n secret: v.bytes(),\n digits: v.number(),\n period: v.number(),\n verified: v.boolean(),\n name: v.optional(v.string()),\n createdAt: v.number(),\n lastUsedAt: v.optional(v.number()),\n});\n\nexport const vRateLimitDoc = v.object({\n ...vDocMeta(TABLES.RateLimit),\n identifier: v.string(),\n last_attempt_time: v.number(),\n attempts_left: v.number(),\n});\n\nexport const vGroupDoc = v.object({\n ...vDocMeta(TABLES.Group),\n name: v.string(),\n slug: v.optional(v.string()),\n type: v.optional(v.string()),\n parentGroupId: v.optional(v.id(TABLES.Group)),\n rootGroupId: v.optional(v.id(TABLES.Group)),\n isRoot: v.optional(v.boolean()),\n tags: v.optional(v.array(vTag)),\n extend: v.optional(v.any()),\n});\n\nexport const vGroupMemberDoc = v.object({\n ...vDocMeta(TABLES.GroupMember),\n groupId: v.id(TABLES.Group),\n userId: v.id(TABLES.User),\n role: v.optional(v.string()),\n roleIds: v.optional(v.array(v.string())),\n status: v.optional(v.string()),\n extend: v.optional(v.any()),\n});\n\nexport const vGroupInviteDoc = v.object({\n ...vDocMeta(TABLES.GroupInvite),\n groupId: v.optional(v.id(TABLES.Group)),\n invitedByUserId: v.optional(v.id(TABLES.User)),\n email: v.optional(v.string()),\n tokenHash: v.string(),\n role: v.optional(v.string()),\n roleIds: v.optional(v.array(v.string())),\n status: vInviteStatus,\n expiresTime: v.optional(v.number()),\n acceptedByUserId: v.optional(v.id(TABLES.User)),\n acceptedTime: v.optional(v.number()),\n extend: v.optional(v.any()),\n});\n\nexport const vApiKeyDoc = v.object({\n ...vDocMeta(TABLES.ApiKey),\n userId: v.id(TABLES.User),\n prefix: v.string(),\n hashedKey: v.string(),\n name: v.string(),\n scopes: v.array(vApiKeyScope),\n rateLimit: v.optional(vApiKeyRateLimit),\n rateLimitState: v.optional(vApiKeyRateLimitState),\n expiresAt: v.optional(v.number()),\n lastUsedAt: v.optional(v.number()),\n createdAt: v.number(),\n revoked: v.boolean(),\n metadata: v.optional(v.any()),\n});\n\nexport const vDeviceCodeDoc = v.object({\n ...vDocMeta(TABLES.DeviceCode),\n deviceCodeHash: v.string(),\n userCode: v.string(),\n expiresAt: v.number(),\n interval: v.number(),\n status: vDeviceStatus,\n userId: v.optional(v.id(TABLES.User)),\n sessionId: v.optional(v.id(TABLES.Session)),\n lastPolledAt: v.optional(v.number()),\n});\n\nexport const vEnterpriseDoc = v.object({\n ...vDocMeta(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n slug: v.optional(v.string()),\n name: v.optional(v.string()),\n status: vEnterpriseStatus,\n policy: v.optional(vEnterprisePolicy),\n config: v.optional(v.any()),\n extend: v.optional(v.any()),\n});\n\nexport const vEnterpriseDomainDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseDomain),\n enterpriseId: v.id(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n domain: v.string(),\n isPrimary: v.boolean(),\n verifiedAt: v.optional(v.number()),\n});\n\nexport const vEnterpriseDomainVerificationDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseDomainVerification),\n enterpriseId: v.id(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n domainId: v.id(TABLES.EnterpriseDomain),\n domain: v.string(),\n recordName: v.string(),\n token: v.string(),\n tokenHash: v.string(),\n requestedAt: v.number(),\n expiresAt: v.number(),\n});\n\nexport const vEnterpriseSecretDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseSecret),\n enterpriseId: v.id(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n kind: vEnterpriseSecretKind,\n ciphertext: v.string(),\n updatedAt: v.number(),\n});\n\nexport const vEnterpriseScimConfigDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseScimConfig),\n enterpriseId: v.id(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n status: vScimStatus,\n basePath: v.string(),\n tokenHash: v.string(),\n lastRotatedAt: v.optional(v.number()),\n extend: v.optional(v.any()),\n});\n\nexport const vEnterpriseScimIdentityDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseScimIdentity),\n enterpriseId: v.id(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n resourceType: vScimResourceType,\n externalId: v.string(),\n userId: v.optional(v.id(TABLES.User)),\n mappedGroupId: v.optional(v.id(TABLES.Group)),\n lastProvisionedAt: v.optional(v.number()),\n active: v.optional(v.boolean()),\n raw: v.optional(v.any()),\n});\n\nexport const vEnterpriseAuditEventDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseAuditEvent),\n enterpriseId: v.id(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n eventType: v.string(),\n actorType: vAuditActorType,\n actorId: v.optional(v.string()),\n subjectType: v.string(),\n subjectId: v.optional(v.string()),\n status: vAuditStatus,\n occurredAt: v.number(),\n requestId: v.optional(v.string()),\n ip: v.optional(v.string()),\n metadata: v.optional(v.any()),\n});\n\nexport const vEnterpriseWebhookEndpointDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseWebhookEndpoint),\n enterpriseId: v.id(TABLES.Enterprise),\n groupId: v.id(TABLES.Group),\n url: v.string(),\n status: vWebhookEndpointStatus,\n secretHash: v.string(),\n subscriptions: v.array(v.string()),\n createdByUserId: v.optional(v.id(TABLES.User)),\n lastSuccessAt: v.optional(v.number()),\n lastFailureAt: v.optional(v.number()),\n failureCount: v.number(),\n extend: v.optional(v.any()),\n});\n\nexport const vEnterpriseWebhookDeliveryDoc = v.object({\n ...vDocMeta(TABLES.EnterpriseWebhookDelivery),\n enterpriseId: v.id(TABLES.Enterprise),\n endpointId: v.id(TABLES.EnterpriseWebhookEndpoint),\n auditEventId: v.optional(v.id(TABLES.EnterpriseAuditEvent)),\n eventType: v.string(),\n status: vWebhookDeliveryStatus,\n attemptCount: v.number(),\n nextAttemptAt: v.number(),\n lastAttemptAt: v.optional(v.number()),\n lastResponseStatus: v.optional(v.number()),\n lastError: v.optional(v.string()),\n payload: v.any(),\n});\n\nexport const vRateLimitResult = v.object({\n ...vDocMeta(TABLES.RateLimit),\n identifier: v.string(),\n last_attempt_time: v.number(),\n attempts_left: v.number(),\n attemptsLeft: v.number(),\n lastAttemptTime: v.number(),\n});\n\nexport const vInviteAcceptByTokenResult = v.object({\n inviteId: v.id(TABLES.GroupInvite),\n groupId: v.union(v.id(TABLES.Group), v.null()),\n memberId: v.optional(v.id(TABLES.GroupMember)),\n inviteStatus: vInviteTokenAcceptStatus,\n membershipStatus: vMembershipStatus,\n});\n"],"mappings":";;;AAEA,MAAa,SAAS;CACpB,MAAM;CACN,SAAS;CACT,SAAS;CACT,cAAc;CACd,kBAAkB;CAClB,cAAc;CACd,SAAS;CACT,YAAY;CACZ,WAAW;CACX,OAAO;CACP,UAAU;CACV,aAAa;CACb,aAAa;CACb,YAAY;CACZ,kBAAkB;CAClB,8BAA8B;CAC9B,kBAAkB;CAClB,sBAAsB;CACtB,wBAAwB;CACxB,sBAAsB;CACtB,2BAA2B;CAC3B,2BAA2B;CAC3B,QAAQ;CACR,YAAY;CACb;AAED,MAAa,OAAO,EAAE,OAAO;CAAE,KAAK,EAAE,QAAQ;CAAE,OAAO,EAAE,QAAQ;CAAE,CAAC;AAEpE,MAAa,gBAAgB,EAAE,MAC7B,EAAE,QAAQ,UAAU,EACpB,EAAE,QAAQ,WAAW,EACrB,EAAE,QAAQ,UAAU,EACpB,EAAE,QAAQ,UAAU,CACrB;AAED,MAAa,gBAAgB,EAAE,MAC7B,EAAE,QAAQ,UAAU,EACpB,EAAE,QAAQ,aAAa,EACvB,EAAE,QAAQ,SAAS,CACpB;AAED,MAAa,kCAAkC,EAAE,MAC/C,EAAE,QAAQ,gBAAgB,EAC1B,EAAE,QAAQ,OAAO,CAClB;AAED,MAAa,iCAAiC,EAAE,MAC9C,EAAE,QAAQ,aAAa,EACvB,EAAE,QAAQ,OAAO,CAClB;AAED,MAAa,iCAAiC,EAAE,MAC9C,EAAE,QAAQ,MAAM,EAChB,EAAE,QAAQ,aAAa,EACvB,EAAE,QAAQ,0BAA0B,CACrC;AAED,MAAa,6BAA6B,EAAE,MAC1C,EAAE,QAAQ,OAAO,EACjB,EAAE,QAAQ,OAAO,CAClB;AAED,MAAa,oBAAoB,EAAE,MACjC,EAAE,QAAQ,QAAQ,EAClB,EAAE,QAAQ,SAAS,EACnB,EAAE,QAAQ,WAAW,CACtB;AAED,MAAa,oBAAoB,EAAE,OAAO;CACxC,SAAS,EAAE,QAAQ,EAAE;CACrB,UAAU,EAAE,OAAO,EACjB,gBAAgB,EAAE,OAAO;EACvB,MAAM;EACN,MAAM;EACP,CAAC,EACH,CAAC;CACF,cAAc,EAAE,OAAO;EACrB,WAAW,EAAE,OAAO,EAClB,MAAM,gCACP,CAAC;EACF,KAAK,EAAE,OAAO;GACZ,MAAM;GACN,aAAa,EAAE,SAAS,EAAE,QAAQ,CAAC;GACnC,gBAAgB,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;GAChD,CAAC;EACF,aAAa,EAAE,OAAO,EACpB,MAAM,4BACP,CAAC;EACH,CAAC;CACF,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,cAAc,EAAE,MAC3B,EAAE,QAAQ,QAAQ,EAClB,EAAE,QAAQ,SAAS,EACnB,EAAE,QAAQ,WAAW,CACtB;AAED,MAAa,oBAAoB,EAAE,MAAM,EAAE,QAAQ,OAAO,EAAE,EAAE,QAAQ,QAAQ,CAAC;AAE/E,MAAa,kBAAkB,EAAE,MAC/B,EAAE,QAAQ,OAAO,EACjB,EAAE,QAAQ,SAAS,EACnB,EAAE,QAAQ,OAAO,EACjB,EAAE,QAAQ,UAAU,EACpB,EAAE,QAAQ,UAAU,CACrB;AAED,MAAa,eAAe,EAAE,MAAM,EAAE,QAAQ,UAAU,EAAE,EAAE,QAAQ,UAAU,CAAC;AAE/E,MAAa,yBAAyB,EAAE,MACtC,EAAE,QAAQ,SAAS,EACnB,EAAE,QAAQ,WAAW,CACtB;AAED,MAAa,yBAAyB,EAAE,MACtC,EAAE,QAAQ,UAAU,EACpB,EAAE,QAAQ,aAAa,EACvB,EAAE,QAAQ,YAAY,EACtB,EAAE,QAAQ,SAAS,CACpB;AAED,MAAa,2BAA2B,EAAE,MACxC,EAAE,QAAQ,WAAW,EACrB,EAAE,QAAQ,mBAAmB,CAC9B;AAED,MAAa,oBAAoB,EAAE,MACjC,EAAE,QAAQ,SAAS,EACnB,EAAE,QAAQ,iBAAiB,EAC3B,EAAE,QAAQ,iBAAiB,CAC5B;AAED,MAAa,eAAe,EAAE,OAAO;CACnC,UAAU,EAAE,QAAQ;CACpB,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC;CAC7B,CAAC;AAEF,MAAa,mBAAmB,EAAE,OAAO;CACvC,aAAa,EAAE,QAAQ;CACvB,UAAU,EAAE,QAAQ;CACrB,CAAC;AAEF,MAAa,wBAAwB,EAAE,OAAO;CAC5C,cAAc,EAAE,QAAQ;CACxB,iBAAiB,EAAE,QAAQ;CAC5B,CAAC;AAEF,MAAa,wBAAwB,EAAE,MAAM,EAAE,QAAQ,qBAAqB,CAAC;AAE7E,SAAS,SACP,WACA;AACA,QAAO;EACL,KAAK,EAAE,GAAG,UAAU;EACpB,eAAe,EAAE,QAAQ;EAC1B;;AAGH,MAAa,WAAW,EAAE,OAAO;CAC/B,GAAG,SAAS,OAAO,KAAK;CACxB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC7B,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC7B,uBAAuB,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC7C,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC7B,uBAAuB,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC7C,aAAa,EAAE,SAAS,EAAE,SAAS,CAAC;CACpC,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,cAAc,EAAE,OAAO;CAClC,GAAG,SAAS,OAAO,QAAQ;CAC3B,QAAQ,EAAE,GAAG,OAAO,KAAK;CACzB,gBAAgB,EAAE,QAAQ;CAC3B,CAAC;AAEF,MAAa,cAAc,EAAE,OAAO;CAClC,GAAG,SAAS,OAAO,QAAQ;CAC3B,QAAQ,EAAE,GAAG,OAAO,KAAK;CACzB,UAAU,EAAE,QAAQ;CACpB,mBAAmB,EAAE,QAAQ;CAC7B,QAAQ,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC9B,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,mBAAmB,EAAE,OAAO;CACvC,GAAG,SAAS,OAAO,aAAa;CAChC,WAAW,EAAE,SAAS,EAAE,GAAG,OAAO,QAAQ,CAAC;CAC3C,WAAW,EAAE,SAAS,EAAE,QAAQ,CAAC;CAClC,CAAC;AAEF,MAAa,uBAAuB,EAAE,OAAO;CAC3C,GAAG,SAAS,OAAO,iBAAiB;CACpC,WAAW,EAAE,GAAG,OAAO,QAAQ;CAC/B,UAAU,EAAE,QAAQ;CACpB,MAAM,EAAE,QAAQ;CAChB,gBAAgB,EAAE,QAAQ;CAC1B,UAAU,EAAE,SAAS,EAAE,QAAQ,CAAC;CAChC,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACtC,CAAC;AAEF,MAAa,mBAAmB,EAAE,OAAO;CACvC,GAAG,SAAS,OAAO,aAAa;CAChC,WAAW,EAAE,GAAG,OAAO,QAAQ;CAC/B,gBAAgB,EAAE,QAAQ;CAC1B,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,sBAAsB,EAAE,SAAS,EAAE,GAAG,OAAO,aAAa,CAAC;CAC5D,CAAC;AAEF,MAAa,cAAc,EAAE,OAAO;CAClC,GAAG,SAAS,OAAO,QAAQ;CAC3B,QAAQ,EAAE,GAAG,OAAO,KAAK;CACzB,cAAc,EAAE,QAAQ;CACxB,WAAW,EAAE,OAAO;CACpB,WAAW,EAAE,QAAQ;CACrB,SAAS,EAAE,QAAQ;CACnB,YAAY,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;CAC3C,YAAY,EAAE,QAAQ;CACtB,UAAU,EAAE,SAAS;CACrB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,WAAW,EAAE,QAAQ;CACrB,YAAY,EAAE,SAAS,EAAE,QAAQ,CAAC;CACnC,CAAC;AAEF,MAAa,iBAAiB,EAAE,OAAO;CACrC,GAAG,SAAS,OAAO,WAAW;CAC9B,QAAQ,EAAE,GAAG,OAAO,KAAK;CACzB,QAAQ,EAAE,OAAO;CACjB,QAAQ,EAAE,QAAQ;CAClB,QAAQ,EAAE,QAAQ;CAClB,UAAU,EAAE,SAAS;CACrB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,WAAW,EAAE,QAAQ;CACrB,YAAY,EAAE,SAAS,EAAE,QAAQ,CAAC;CACnC,CAAC;AAEF,MAAa,gBAAgB,EAAE,OAAO;CACpC,GAAG,SAAS,OAAO,UAAU;CAC7B,YAAY,EAAE,QAAQ;CACtB,mBAAmB,EAAE,QAAQ;CAC7B,eAAe,EAAE,QAAQ;CAC1B,CAAC;AAEF,MAAa,YAAY,EAAE,OAAO;CAChC,GAAG,SAAS,OAAO,MAAM;CACzB,MAAM,EAAE,QAAQ;CAChB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,eAAe,EAAE,SAAS,EAAE,GAAG,OAAO,MAAM,CAAC;CAC7C,aAAa,EAAE,SAAS,EAAE,GAAG,OAAO,MAAM,CAAC;CAC3C,QAAQ,EAAE,SAAS,EAAE,SAAS,CAAC;CAC/B,MAAM,EAAE,SAAS,EAAE,MAAM,KAAK,CAAC;CAC/B,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,kBAAkB,EAAE,OAAO;CACtC,GAAG,SAAS,OAAO,YAAY;CAC/B,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,QAAQ,EAAE,GAAG,OAAO,KAAK;CACzB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,SAAS,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;CACxC,QAAQ,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC9B,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,kBAAkB,EAAE,OAAO;CACtC,GAAG,SAAS,OAAO,YAAY;CAC/B,SAAS,EAAE,SAAS,EAAE,GAAG,OAAO,MAAM,CAAC;CACvC,iBAAiB,EAAE,SAAS,EAAE,GAAG,OAAO,KAAK,CAAC;CAC9C,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC7B,WAAW,EAAE,QAAQ;CACrB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,SAAS,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;CACxC,QAAQ;CACR,aAAa,EAAE,SAAS,EAAE,QAAQ,CAAC;CACnC,kBAAkB,EAAE,SAAS,EAAE,GAAG,OAAO,KAAK,CAAC;CAC/C,cAAc,EAAE,SAAS,EAAE,QAAQ,CAAC;CACpC,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,aAAa,EAAE,OAAO;CACjC,GAAG,SAAS,OAAO,OAAO;CAC1B,QAAQ,EAAE,GAAG,OAAO,KAAK;CACzB,QAAQ,EAAE,QAAQ;CAClB,WAAW,EAAE,QAAQ;CACrB,MAAM,EAAE,QAAQ;CAChB,QAAQ,EAAE,MAAM,aAAa;CAC7B,WAAW,EAAE,SAAS,iBAAiB;CACvC,gBAAgB,EAAE,SAAS,sBAAsB;CACjD,WAAW,EAAE,SAAS,EAAE,QAAQ,CAAC;CACjC,YAAY,EAAE,SAAS,EAAE,QAAQ,CAAC;CAClC,WAAW,EAAE,QAAQ;CACrB,SAAS,EAAE,SAAS;CACpB,UAAU,EAAE,SAAS,EAAE,KAAK,CAAC;CAC9B,CAAC;AAEF,MAAa,iBAAiB,EAAE,OAAO;CACrC,GAAG,SAAS,OAAO,WAAW;CAC9B,gBAAgB,EAAE,QAAQ;CAC1B,UAAU,EAAE,QAAQ;CACpB,WAAW,EAAE,QAAQ;CACrB,UAAU,EAAE,QAAQ;CACpB,QAAQ;CACR,QAAQ,EAAE,SAAS,EAAE,GAAG,OAAO,KAAK,CAAC;CACrC,WAAW,EAAE,SAAS,EAAE,GAAG,OAAO,QAAQ,CAAC;CAC3C,cAAc,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,CAAC;AAEF,MAAa,iBAAiB,EAAE,OAAO;CACrC,GAAG,SAAS,OAAO,WAAW;CAC9B,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC5B,QAAQ;CACR,QAAQ,EAAE,SAAS,kBAAkB;CACrC,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC3B,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,uBAAuB,EAAE,OAAO;CAC3C,GAAG,SAAS,OAAO,iBAAiB;CACpC,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,QAAQ,EAAE,QAAQ;CAClB,WAAW,EAAE,SAAS;CACtB,YAAY,EAAE,SAAS,EAAE,QAAQ,CAAC;CACnC,CAAC;AAEF,MAAa,mCAAmC,EAAE,OAAO;CACvD,GAAG,SAAS,OAAO,6BAA6B;CAChD,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,UAAU,EAAE,GAAG,OAAO,iBAAiB;CACvC,QAAQ,EAAE,QAAQ;CAClB,YAAY,EAAE,QAAQ;CACtB,OAAO,EAAE,QAAQ;CACjB,WAAW,EAAE,QAAQ;CACrB,aAAa,EAAE,QAAQ;CACvB,WAAW,EAAE,QAAQ;CACtB,CAAC;AAEF,MAAa,uBAAuB,EAAE,OAAO;CAC3C,GAAG,SAAS,OAAO,iBAAiB;CACpC,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,MAAM;CACN,YAAY,EAAE,QAAQ;CACtB,WAAW,EAAE,QAAQ;CACtB,CAAC;AAEF,MAAa,2BAA2B,EAAE,OAAO;CAC/C,GAAG,SAAS,OAAO,qBAAqB;CACxC,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,QAAQ;CACR,UAAU,EAAE,QAAQ;CACpB,WAAW,EAAE,QAAQ;CACrB,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,6BAA6B,EAAE,OAAO;CACjD,GAAG,SAAS,OAAO,uBAAuB;CAC1C,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,cAAc;CACd,YAAY,EAAE,QAAQ;CACtB,QAAQ,EAAE,SAAS,EAAE,GAAG,OAAO,KAAK,CAAC;CACrC,eAAe,EAAE,SAAS,EAAE,GAAG,OAAO,MAAM,CAAC;CAC7C,mBAAmB,EAAE,SAAS,EAAE,QAAQ,CAAC;CACzC,QAAQ,EAAE,SAAS,EAAE,SAAS,CAAC;CAC/B,KAAK,EAAE,SAAS,EAAE,KAAK,CAAC;CACzB,CAAC;AAEF,MAAa,2BAA2B,EAAE,OAAO;CAC/C,GAAG,SAAS,OAAO,qBAAqB;CACxC,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,WAAW,EAAE,QAAQ;CACrB,WAAW;CACX,SAAS,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC/B,aAAa,EAAE,QAAQ;CACvB,WAAW,EAAE,SAAS,EAAE,QAAQ,CAAC;CACjC,QAAQ;CACR,YAAY,EAAE,QAAQ;CACtB,WAAW,EAAE,SAAS,EAAE,QAAQ,CAAC;CACjC,IAAI,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC1B,UAAU,EAAE,SAAS,EAAE,KAAK,CAAC;CAC9B,CAAC;AAEF,MAAa,gCAAgC,EAAE,OAAO;CACpD,GAAG,SAAS,OAAO,0BAA0B;CAC7C,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,SAAS,EAAE,GAAG,OAAO,MAAM;CAC3B,KAAK,EAAE,QAAQ;CACf,QAAQ;CACR,YAAY,EAAE,QAAQ;CACtB,eAAe,EAAE,MAAM,EAAE,QAAQ,CAAC;CAClC,iBAAiB,EAAE,SAAS,EAAE,GAAG,OAAO,KAAK,CAAC;CAC9C,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,cAAc,EAAE,QAAQ;CACxB,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;CAC5B,CAAC;AAEF,MAAa,gCAAgC,EAAE,OAAO;CACpD,GAAG,SAAS,OAAO,0BAA0B;CAC7C,cAAc,EAAE,GAAG,OAAO,WAAW;CACrC,YAAY,EAAE,GAAG,OAAO,0BAA0B;CAClD,cAAc,EAAE,SAAS,EAAE,GAAG,OAAO,qBAAqB,CAAC;CAC3D,WAAW,EAAE,QAAQ;CACrB,QAAQ;CACR,cAAc,EAAE,QAAQ;CACxB,eAAe,EAAE,QAAQ;CACzB,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,oBAAoB,EAAE,SAAS,EAAE,QAAQ,CAAC;CAC1C,WAAW,EAAE,SAAS,EAAE,QAAQ,CAAC;CACjC,SAAS,EAAE,KAAK;CACjB,CAAC;AAEF,MAAa,mBAAmB,EAAE,OAAO;CACvC,GAAG,SAAS,OAAO,UAAU;CAC7B,YAAY,EAAE,QAAQ;CACtB,mBAAmB,EAAE,QAAQ;CAC7B,eAAe,EAAE,QAAQ;CACzB,cAAc,EAAE,QAAQ;CACxB,iBAAiB,EAAE,QAAQ;CAC5B,CAAC;AAEF,MAAa,6BAA6B,EAAE,OAAO;CACjD,UAAU,EAAE,GAAG,OAAO,YAAY;CAClC,SAAS,EAAE,MAAM,EAAE,GAAG,OAAO,MAAM,EAAE,EAAE,MAAM,CAAC;CAC9C,UAAU,EAAE,SAAS,EAAE,GAAG,OAAO,YAAY,CAAC;CAC9C,cAAc;CACd,kBAAkB;CACnB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"factors.d.ts","names":[],"sources":["../../../src/component/public/factors.ts"],"mappings":";;;;cAgBa,aAAA;;cAoBA,wBAAA;;cAYA,mBAAA;;cAYA,oBAAA;;cAcA,iBAAA;;cAUA,aAAA;;cAcA,UAAA;;cAiBA,uBAAA;;
|
|
1
|
+
{"version":3,"file":"factors.d.ts","names":[],"sources":["../../../src/component/public/factors.ts"],"mappings":";;;;cAgBa,aAAA;;cAoBA,wBAAA;;cAYA,mBAAA;;cAYA,oBAAA;;cAcA,iBAAA;;cAUA,aAAA;;cAcA,UAAA;;cAiBA,uBAAA;;cAcA,gBAAA;;cAYA,WAAA;;cASA,gBAAA;;cAUA,kBAAA;;cAUA,UAAA;;cAcA,YAAA;AAxKb;AAAA,cA4La,eAAA;;cAiBA,cAAA;;cAmBA,eAAA;;cAcA,YAAA;;cAeA,mBAAA;AA7Nb;AAAA,cA2Oa,mBAAA;;cAcA,eAAA;;cAkBA,sBAAA;;cAUA,YAAA"}
|
|
@@ -96,7 +96,7 @@ const totpGetVerifiedByUserId = query({
|
|
|
96
96
|
args: { userId: v.id("User") },
|
|
97
97
|
returns: v.union(vTotpFactorDoc, v.null()),
|
|
98
98
|
handler: async (ctx, { userId }) => {
|
|
99
|
-
return await ctx.db.query("TotpFactor").withIndex("
|
|
99
|
+
return await ctx.db.query("TotpFactor").withIndex("user_id_verified", (q) => q.eq("userId", userId).eq("verified", true)).first();
|
|
100
100
|
}
|
|
101
101
|
});
|
|
102
102
|
/** List all TOTP enrollments for a user. */
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"factors.js","names":[],"sources":["../../../src/component/public/factors.ts"],"sourcesContent":["import {\n mutation,\n query,\n v,\n vDeviceCodeDoc,\n vDeviceStatus,\n vPasskeyDoc,\n vRateLimitResult,\n vTotpFactorDoc,\n} from \"./shared\";\n\n// ============================================================================\n// Passkeys\n// ============================================================================\n\n/** Store a new passkey credential for a user. */\nexport const passkeyInsert = mutation({\n args: {\n userId: v.id(\"User\"),\n credentialId: v.string(),\n publicKey: v.bytes(),\n algorithm: v.number(),\n counter: v.number(),\n transports: v.optional(v.array(v.string())),\n deviceType: v.string(),\n backedUp: v.boolean(),\n name: v.optional(v.string()),\n createdAt: v.number(),\n },\n returns: v.id(\"Passkey\"),\n handler: async (ctx, args) => {\n return await ctx.db.insert(\"Passkey\", args);\n },\n});\n\n/** Look up a passkey by its credential ID. */\nexport const passkeyGetByCredentialId = query({\n args: { credentialId: v.string() },\n returns: v.union(vPasskeyDoc, v.null()),\n handler: async (ctx, { credentialId }) => {\n return await ctx.db\n .query(\"Passkey\")\n .withIndex(\"credential_id\", (q) => q.eq(\"credentialId\", credentialId))\n .unique();\n },\n});\n\n/** List all passkeys for a user. */\nexport const passkeyListByUserId = query({\n args: { userId: v.id(\"User\") },\n returns: v.array(vPasskeyDoc),\n handler: async (ctx, { userId }) => {\n return await ctx.db\n .query(\"Passkey\")\n .withIndex(\"user_id\", (q) => q.eq(\"userId\", userId))\n .collect();\n },\n});\n\n/** Update a passkey's counter and last used timestamp after authentication. */\nexport const passkeyUpdateCounter = mutation({\n args: {\n passkeyId: v.id(\"Passkey\"),\n counter: v.number(),\n lastUsedAt: v.number(),\n },\n returns: v.null(),\n handler: async (ctx, { passkeyId, counter, lastUsedAt }) => {\n await ctx.db.patch(\"Passkey\", passkeyId, { counter, lastUsedAt });\n return null;\n },\n});\n\n/** Update a passkey's metadata (name). */\nexport const passkeyUpdateMeta = mutation({\n args: { passkeyId: v.id(\"Passkey\"), data: v.any() },\n returns: v.null(),\n handler: async (ctx, { passkeyId, data }) => {\n await ctx.db.patch(\"Passkey\", passkeyId, data);\n return null;\n },\n});\n\n/** Delete a passkey credential. */\nexport const passkeyDelete = mutation({\n args: { passkeyId: v.id(\"Passkey\") },\n returns: v.null(),\n handler: async (ctx, { passkeyId }) => {\n await ctx.db.delete(\"Passkey\", passkeyId);\n return null;\n },\n});\n\n// ============================================================================\n// TOTP Two-Factor Authentication\n// ============================================================================\n\n/** Store a new TOTP enrollment for a user. */\nexport const totpInsert = mutation({\n args: {\n userId: v.id(\"User\"),\n secret: v.bytes(),\n digits: v.number(),\n period: v.number(),\n verified: v.boolean(),\n name: v.optional(v.string()),\n createdAt: v.number(),\n },\n returns: v.id(\"TotpFactor\"),\n handler: async (ctx, args) => {\n return await ctx.db.insert(\"TotpFactor\", args);\n },\n});\n\n/** Get a verified TOTP enrollment for a user (returns first match). */\nexport const totpGetVerifiedByUserId = query({\n args: { userId: v.id(\"User\") },\n returns: v.union(vTotpFactorDoc, v.null()),\n handler: async (ctx, { userId }) => {\n return await ctx.db\n .query(\"TotpFactor\")\n .withIndex(\"user_id\", (q) => q.eq(\"userId\", userId))\n .filter((q) => q.eq(q.field(\"verified\"), true))\n .first();\n },\n});\n\n/** List all TOTP enrollments for a user. */\nexport const totpListByUserId = query({\n args: { userId: v.id(\"User\") },\n returns: v.array(vTotpFactorDoc),\n handler: async (ctx, { userId }) => {\n return await ctx.db\n .query(\"TotpFactor\")\n .withIndex(\"user_id\", (q) => q.eq(\"userId\", userId))\n .collect();\n },\n});\n\n/** Get a TOTP enrollment by its ID. */\nexport const totpGetById = query({\n args: { totpId: v.id(\"TotpFactor\") },\n returns: v.union(vTotpFactorDoc, v.null()),\n handler: async (ctx, { totpId }) => {\n return await ctx.db.get(\"TotpFactor\", totpId);\n },\n});\n\n/** Mark a TOTP enrollment as verified (setup complete). */\nexport const totpMarkVerified = mutation({\n args: { totpId: v.id(\"TotpFactor\"), lastUsedAt: v.number() },\n returns: v.null(),\n handler: async (ctx, { totpId, lastUsedAt }) => {\n await ctx.db.patch(\"TotpFactor\", totpId, { verified: true, lastUsedAt });\n return null;\n },\n});\n\n/** Update a TOTP enrollment's last used timestamp. */\nexport const totpUpdateLastUsed = mutation({\n args: { totpId: v.id(\"TotpFactor\"), lastUsedAt: v.number() },\n returns: v.null(),\n handler: async (ctx, { totpId, lastUsedAt }) => {\n await ctx.db.patch(\"TotpFactor\", totpId, { lastUsedAt });\n return null;\n },\n});\n\n/** Delete a TOTP enrollment. */\nexport const totpDelete = mutation({\n args: { totpId: v.id(\"TotpFactor\") },\n returns: v.null(),\n handler: async (ctx, { totpId }) => {\n await ctx.db.delete(\"TotpFactor\", totpId);\n return null;\n },\n});\n\n// ============================================================================\n// Rate Limits\n// ============================================================================\n\n/** Look up a rate limit entry by its identifier. */\nexport const rateLimitGet = query({\n args: { identifier: v.string() },\n returns: v.union(vRateLimitResult, v.null()),\n handler: async (ctx, { identifier }) => {\n const row = await ctx.db\n .query(\"RateLimit\")\n .withIndex(\"by_identifier\", (q) => q.eq(\"identifier\", identifier))\n .unique();\n if (row === null) {\n return null;\n }\n return {\n ...row,\n attemptsLeft: row.attempts_left,\n lastAttemptTime: row.last_attempt_time,\n };\n },\n});\n\n/** Create a new rate limit entry. */\nexport const rateLimitCreate = mutation({\n args: {\n identifier: v.string(),\n attemptsLeft: v.number(),\n lastAttemptTime: v.number(),\n },\n returns: v.id(\"RateLimit\"),\n handler: async (ctx, { identifier, attemptsLeft, lastAttemptTime }) => {\n return await ctx.db.insert(\"RateLimit\", {\n identifier,\n attempts_left: attemptsLeft,\n last_attempt_time: lastAttemptTime,\n });\n },\n});\n\n/** Patch a rate limit entry with partial data. */\nexport const rateLimitPatch = mutation({\n args: { rateLimitId: v.id(\"RateLimit\"), data: v.any() },\n returns: v.null(),\n handler: async (ctx, { rateLimitId, data }) => {\n const nextData: Record<string, unknown> = { ...data };\n if (nextData.attemptsLeft !== undefined) {\n nextData.attempts_left = nextData.attemptsLeft;\n delete nextData.attemptsLeft;\n }\n if (nextData.lastAttemptTime !== undefined) {\n nextData.last_attempt_time = nextData.lastAttemptTime;\n delete nextData.lastAttemptTime;\n }\n await ctx.db.patch(\"RateLimit\", rateLimitId, nextData);\n return null;\n },\n});\n\n/** Delete a rate limit entry. */\nexport const rateLimitDelete = mutation({\n args: { rateLimitId: v.id(\"RateLimit\") },\n returns: v.null(),\n handler: async (ctx, { rateLimitId }) => {\n await ctx.db.delete(\"RateLimit\", rateLimitId);\n return null;\n },\n});\n\n// ============================================================================\n// Device Authorization (RFC 8628)\n// ============================================================================\n\n/** Insert a new device authorization record. */\nexport const deviceInsert = mutation({\n args: {\n deviceCodeHash: v.string(),\n userCode: v.string(),\n expiresAt: v.number(),\n interval: v.number(),\n status: vDeviceStatus,\n },\n returns: v.id(\"DeviceCode\"),\n handler: async (ctx, args) => {\n return await ctx.db.insert(\"DeviceCode\", args);\n },\n});\n\n/** Look up a device authorization by its hashed device code. */\nexport const deviceGetByCodeHash = query({\n args: { deviceCodeHash: v.string() },\n returns: v.union(vDeviceCodeDoc, v.null()),\n handler: async (ctx, { deviceCodeHash }) => {\n return await ctx.db\n .query(\"DeviceCode\")\n .withIndex(\"device_code_hash\", (q) =>\n q.eq(\"deviceCodeHash\", deviceCodeHash),\n )\n .first();\n },\n});\n\n/** Look up a pending device authorization by its user code. */\nexport const deviceGetByUserCode = query({\n args: { userCode: v.string() },\n returns: v.union(vDeviceCodeDoc, v.null()),\n handler: async (ctx, { userCode }) => {\n return await ctx.db\n .query(\"DeviceCode\")\n .withIndex(\"user_code_status\", (q) =>\n q.eq(\"userCode\", userCode).eq(\"status\", \"pending\"),\n )\n .first();\n },\n});\n\n/** Authorize a device code — link it to a user and session. */\nexport const deviceAuthorize = mutation({\n args: {\n deviceId: v.id(\"DeviceCode\"),\n userId: v.id(\"User\"),\n sessionId: v.id(\"Session\"),\n },\n returns: v.null(),\n handler: async (ctx, { deviceId, userId, sessionId }) => {\n await ctx.db.patch(\"DeviceCode\", deviceId, {\n status: \"authorized\",\n userId,\n sessionId,\n });\n return null;\n },\n});\n\n/** Update the last-polled timestamp on a device authorization record. */\nexport const deviceUpdateLastPolled = mutation({\n args: { deviceId: v.id(\"DeviceCode\"), lastPolledAt: v.number() },\n returns: v.null(),\n handler: async (ctx, { deviceId, lastPolledAt }) => {\n await ctx.db.patch(\"DeviceCode\", deviceId, { lastPolledAt });\n return null;\n },\n});\n\n/** Delete a device authorization record (cleanup after use or expiry). */\nexport const deviceDelete = mutation({\n args: { deviceId: v.id(\"DeviceCode\") },\n returns: v.null(),\n handler: async (ctx, { deviceId }) => {\n await ctx.db.delete(\"DeviceCode\", deviceId);\n return null;\n },\n});\n"],"mappings":";;;;;;AAgBA,MAAa,gBAAgB,SAAS;CACpC,MAAM;EACJ,QAAQ,EAAE,GAAG,OAAO;EACpB,cAAc,EAAE,QAAQ;EACxB,WAAW,EAAE,OAAO;EACpB,WAAW,EAAE,QAAQ;EACrB,SAAS,EAAE,QAAQ;EACnB,YAAY,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;EAC3C,YAAY,EAAE,QAAQ;EACtB,UAAU,EAAE,SAAS;EACrB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;EAC5B,WAAW,EAAE,QAAQ;EACtB;CACD,SAAS,EAAE,GAAG,UAAU;CACxB,SAAS,OAAO,KAAK,SAAS;AAC5B,SAAO,MAAM,IAAI,GAAG,OAAO,WAAW,KAAK;;CAE9C,CAAC;;AAGF,MAAa,2BAA2B,MAAM;CAC5C,MAAM,EAAE,cAAc,EAAE,QAAQ,EAAE;CAClC,SAAS,EAAE,MAAM,aAAa,EAAE,MAAM,CAAC;CACvC,SAAS,OAAO,KAAK,EAAE,mBAAmB;AACxC,SAAO,MAAM,IAAI,GACd,MAAM,UAAU,CAChB,UAAU,kBAAkB,MAAM,EAAE,GAAG,gBAAgB,aAAa,CAAC,CACrE,QAAQ;;CAEd,CAAC;;AAGF,MAAa,sBAAsB,MAAM;CACvC,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,EAAE;CAC9B,SAAS,EAAE,MAAM,YAAY;CAC7B,SAAS,OAAO,KAAK,EAAE,aAAa;AAClC,SAAO,MAAM,IAAI,GACd,MAAM,UAAU,CAChB,UAAU,YAAY,MAAM,EAAE,GAAG,UAAU,OAAO,CAAC,CACnD,SAAS;;CAEf,CAAC;;AAGF,MAAa,uBAAuB,SAAS;CAC3C,MAAM;EACJ,WAAW,EAAE,GAAG,UAAU;EAC1B,SAAS,EAAE,QAAQ;EACnB,YAAY,EAAE,QAAQ;EACvB;CACD,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,WAAW,SAAS,iBAAiB;AAC1D,QAAM,IAAI,GAAG,MAAM,WAAW,WAAW;GAAE;GAAS;GAAY,CAAC;AACjE,SAAO;;CAEV,CAAC;;AAGF,MAAa,oBAAoB,SAAS;CACxC,MAAM;EAAE,WAAW,EAAE,GAAG,UAAU;EAAE,MAAM,EAAE,KAAK;EAAE;CACnD,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,WAAW,WAAW;AAC3C,QAAM,IAAI,GAAG,MAAM,WAAW,WAAW,KAAK;AAC9C,SAAO;;CAEV,CAAC;;AAGF,MAAa,gBAAgB,SAAS;CACpC,MAAM,EAAE,WAAW,EAAE,GAAG,UAAU,EAAE;CACpC,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,gBAAgB;AACrC,QAAM,IAAI,GAAG,OAAO,WAAW,UAAU;AACzC,SAAO;;CAEV,CAAC;;AAOF,MAAa,aAAa,SAAS;CACjC,MAAM;EACJ,QAAQ,EAAE,GAAG,OAAO;EACpB,QAAQ,EAAE,OAAO;EACjB,QAAQ,EAAE,QAAQ;EAClB,QAAQ,EAAE,QAAQ;EAClB,UAAU,EAAE,SAAS;EACrB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;EAC5B,WAAW,EAAE,QAAQ;EACtB;CACD,SAAS,EAAE,GAAG,aAAa;CAC3B,SAAS,OAAO,KAAK,SAAS;AAC5B,SAAO,MAAM,IAAI,GAAG,OAAO,cAAc,KAAK;;CAEjD,CAAC;;AAGF,MAAa,0BAA0B,MAAM;CAC3C,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,EAAE;CAC9B,SAAS,EAAE,MAAM,gBAAgB,EAAE,MAAM,CAAC;CAC1C,SAAS,OAAO,KAAK,EAAE,aAAa;AAClC,SAAO,MAAM,IAAI,GACd,MAAM,aAAa,CACnB,UAAU,YAAY,MAAM,EAAE,GAAG,UAAU,OAAO,CAAC,CACnD,QAAQ,MAAM,EAAE,GAAG,EAAE,MAAM,WAAW,EAAE,KAAK,CAAC,CAC9C,OAAO;;CAEb,CAAC;;AAGF,MAAa,mBAAmB,MAAM;CACpC,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,EAAE;CAC9B,SAAS,EAAE,MAAM,eAAe;CAChC,SAAS,OAAO,KAAK,EAAE,aAAa;AAClC,SAAO,MAAM,IAAI,GACd,MAAM,aAAa,CACnB,UAAU,YAAY,MAAM,EAAE,GAAG,UAAU,OAAO,CAAC,CACnD,SAAS;;CAEf,CAAC;;AAGF,MAAa,cAAc,MAAM;CAC/B,MAAM,EAAE,QAAQ,EAAE,GAAG,aAAa,EAAE;CACpC,SAAS,EAAE,MAAM,gBAAgB,EAAE,MAAM,CAAC;CAC1C,SAAS,OAAO,KAAK,EAAE,aAAa;AAClC,SAAO,MAAM,IAAI,GAAG,IAAI,cAAc,OAAO;;CAEhD,CAAC;;AAGF,MAAa,mBAAmB,SAAS;CACvC,MAAM;EAAE,QAAQ,EAAE,GAAG,aAAa;EAAE,YAAY,EAAE,QAAQ;EAAE;CAC5D,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,QAAQ,iBAAiB;AAC9C,QAAM,IAAI,GAAG,MAAM,cAAc,QAAQ;GAAE,UAAU;GAAM;GAAY,CAAC;AACxE,SAAO;;CAEV,CAAC;;AAGF,MAAa,qBAAqB,SAAS;CACzC,MAAM;EAAE,QAAQ,EAAE,GAAG,aAAa;EAAE,YAAY,EAAE,QAAQ;EAAE;CAC5D,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,QAAQ,iBAAiB;AAC9C,QAAM,IAAI,GAAG,MAAM,cAAc,QAAQ,EAAE,YAAY,CAAC;AACxD,SAAO;;CAEV,CAAC;;AAGF,MAAa,aAAa,SAAS;CACjC,MAAM,EAAE,QAAQ,EAAE,GAAG,aAAa,EAAE;CACpC,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,aAAa;AAClC,QAAM,IAAI,GAAG,OAAO,cAAc,OAAO;AACzC,SAAO;;CAEV,CAAC;;AAOF,MAAa,eAAe,MAAM;CAChC,MAAM,EAAE,YAAY,EAAE,QAAQ,EAAE;CAChC,SAAS,EAAE,MAAM,kBAAkB,EAAE,MAAM,CAAC;CAC5C,SAAS,OAAO,KAAK,EAAE,iBAAiB;EACtC,MAAM,MAAM,MAAM,IAAI,GACnB,MAAM,YAAY,CAClB,UAAU,kBAAkB,MAAM,EAAE,GAAG,cAAc,WAAW,CAAC,CACjE,QAAQ;AACX,MAAI,QAAQ,KACV,QAAO;AAET,SAAO;GACL,GAAG;GACH,cAAc,IAAI;GAClB,iBAAiB,IAAI;GACtB;;CAEJ,CAAC;;AAGF,MAAa,kBAAkB,SAAS;CACtC,MAAM;EACJ,YAAY,EAAE,QAAQ;EACtB,cAAc,EAAE,QAAQ;EACxB,iBAAiB,EAAE,QAAQ;EAC5B;CACD,SAAS,EAAE,GAAG,YAAY;CAC1B,SAAS,OAAO,KAAK,EAAE,YAAY,cAAc,sBAAsB;AACrE,SAAO,MAAM,IAAI,GAAG,OAAO,aAAa;GACtC;GACA,eAAe;GACf,mBAAmB;GACpB,CAAC;;CAEL,CAAC;;AAGF,MAAa,iBAAiB,SAAS;CACrC,MAAM;EAAE,aAAa,EAAE,GAAG,YAAY;EAAE,MAAM,EAAE,KAAK;EAAE;CACvD,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,aAAa,WAAW;EAC7C,MAAM,WAAoC,EAAE,GAAG,MAAM;AACrD,MAAI,SAAS,iBAAiB,QAAW;AACvC,YAAS,gBAAgB,SAAS;AAClC,UAAO,SAAS;;AAElB,MAAI,SAAS,oBAAoB,QAAW;AAC1C,YAAS,oBAAoB,SAAS;AACtC,UAAO,SAAS;;AAElB,QAAM,IAAI,GAAG,MAAM,aAAa,aAAa,SAAS;AACtD,SAAO;;CAEV,CAAC;;AAGF,MAAa,kBAAkB,SAAS;CACtC,MAAM,EAAE,aAAa,EAAE,GAAG,YAAY,EAAE;CACxC,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,kBAAkB;AACvC,QAAM,IAAI,GAAG,OAAO,aAAa,YAAY;AAC7C,SAAO;;CAEV,CAAC;;AAOF,MAAa,eAAe,SAAS;CACnC,MAAM;EACJ,gBAAgB,EAAE,QAAQ;EAC1B,UAAU,EAAE,QAAQ;EACpB,WAAW,EAAE,QAAQ;EACrB,UAAU,EAAE,QAAQ;EACpB,QAAQ;EACT;CACD,SAAS,EAAE,GAAG,aAAa;CAC3B,SAAS,OAAO,KAAK,SAAS;AAC5B,SAAO,MAAM,IAAI,GAAG,OAAO,cAAc,KAAK;;CAEjD,CAAC;;AAGF,MAAa,sBAAsB,MAAM;CACvC,MAAM,EAAE,gBAAgB,EAAE,QAAQ,EAAE;CACpC,SAAS,EAAE,MAAM,gBAAgB,EAAE,MAAM,CAAC;CAC1C,SAAS,OAAO,KAAK,EAAE,qBAAqB;AAC1C,SAAO,MAAM,IAAI,GACd,MAAM,aAAa,CACnB,UAAU,qBAAqB,MAC9B,EAAE,GAAG,kBAAkB,eAAe,CACvC,CACA,OAAO;;CAEb,CAAC;;AAGF,MAAa,sBAAsB,MAAM;CACvC,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE;CAC9B,SAAS,EAAE,MAAM,gBAAgB,EAAE,MAAM,CAAC;CAC1C,SAAS,OAAO,KAAK,EAAE,eAAe;AACpC,SAAO,MAAM,IAAI,GACd,MAAM,aAAa,CACnB,UAAU,qBAAqB,MAC9B,EAAE,GAAG,YAAY,SAAS,CAAC,GAAG,UAAU,UAAU,CACnD,CACA,OAAO;;CAEb,CAAC;;AAGF,MAAa,kBAAkB,SAAS;CACtC,MAAM;EACJ,UAAU,EAAE,GAAG,aAAa;EAC5B,QAAQ,EAAE,GAAG,OAAO;EACpB,WAAW,EAAE,GAAG,UAAU;EAC3B;CACD,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,UAAU,QAAQ,gBAAgB;AACvD,QAAM,IAAI,GAAG,MAAM,cAAc,UAAU;GACzC,QAAQ;GACR;GACA;GACD,CAAC;AACF,SAAO;;CAEV,CAAC;;AAGF,MAAa,yBAAyB,SAAS;CAC7C,MAAM;EAAE,UAAU,EAAE,GAAG,aAAa;EAAE,cAAc,EAAE,QAAQ;EAAE;CAChE,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,UAAU,mBAAmB;AAClD,QAAM,IAAI,GAAG,MAAM,cAAc,UAAU,EAAE,cAAc,CAAC;AAC5D,SAAO;;CAEV,CAAC;;AAGF,MAAa,eAAe,SAAS;CACnC,MAAM,EAAE,UAAU,EAAE,GAAG,aAAa,EAAE;CACtC,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,eAAe;AACpC,QAAM,IAAI,GAAG,OAAO,cAAc,SAAS;AAC3C,SAAO;;CAEV,CAAC"}
|
|
1
|
+
{"version":3,"file":"factors.js","names":[],"sources":["../../../src/component/public/factors.ts"],"sourcesContent":["import {\n mutation,\n query,\n v,\n vDeviceCodeDoc,\n vDeviceStatus,\n vPasskeyDoc,\n vRateLimitResult,\n vTotpFactorDoc,\n} from \"./shared\";\n\n// ============================================================================\n// Passkeys\n// ============================================================================\n\n/** Store a new passkey credential for a user. */\nexport const passkeyInsert = mutation({\n args: {\n userId: v.id(\"User\"),\n credentialId: v.string(),\n publicKey: v.bytes(),\n algorithm: v.number(),\n counter: v.number(),\n transports: v.optional(v.array(v.string())),\n deviceType: v.string(),\n backedUp: v.boolean(),\n name: v.optional(v.string()),\n createdAt: v.number(),\n },\n returns: v.id(\"Passkey\"),\n handler: async (ctx, args) => {\n return await ctx.db.insert(\"Passkey\", args);\n },\n});\n\n/** Look up a passkey by its credential ID. */\nexport const passkeyGetByCredentialId = query({\n args: { credentialId: v.string() },\n returns: v.union(vPasskeyDoc, v.null()),\n handler: async (ctx, { credentialId }) => {\n return await ctx.db\n .query(\"Passkey\")\n .withIndex(\"credential_id\", (q) => q.eq(\"credentialId\", credentialId))\n .unique();\n },\n});\n\n/** List all passkeys for a user. */\nexport const passkeyListByUserId = query({\n args: { userId: v.id(\"User\") },\n returns: v.array(vPasskeyDoc),\n handler: async (ctx, { userId }) => {\n return await ctx.db\n .query(\"Passkey\")\n .withIndex(\"user_id\", (q) => q.eq(\"userId\", userId))\n .collect();\n },\n});\n\n/** Update a passkey's counter and last used timestamp after authentication. */\nexport const passkeyUpdateCounter = mutation({\n args: {\n passkeyId: v.id(\"Passkey\"),\n counter: v.number(),\n lastUsedAt: v.number(),\n },\n returns: v.null(),\n handler: async (ctx, { passkeyId, counter, lastUsedAt }) => {\n await ctx.db.patch(\"Passkey\", passkeyId, { counter, lastUsedAt });\n return null;\n },\n});\n\n/** Update a passkey's metadata (name). */\nexport const passkeyUpdateMeta = mutation({\n args: { passkeyId: v.id(\"Passkey\"), data: v.any() },\n returns: v.null(),\n handler: async (ctx, { passkeyId, data }) => {\n await ctx.db.patch(\"Passkey\", passkeyId, data);\n return null;\n },\n});\n\n/** Delete a passkey credential. */\nexport const passkeyDelete = mutation({\n args: { passkeyId: v.id(\"Passkey\") },\n returns: v.null(),\n handler: async (ctx, { passkeyId }) => {\n await ctx.db.delete(\"Passkey\", passkeyId);\n return null;\n },\n});\n\n// ============================================================================\n// TOTP Two-Factor Authentication\n// ============================================================================\n\n/** Store a new TOTP enrollment for a user. */\nexport const totpInsert = mutation({\n args: {\n userId: v.id(\"User\"),\n secret: v.bytes(),\n digits: v.number(),\n period: v.number(),\n verified: v.boolean(),\n name: v.optional(v.string()),\n createdAt: v.number(),\n },\n returns: v.id(\"TotpFactor\"),\n handler: async (ctx, args) => {\n return await ctx.db.insert(\"TotpFactor\", args);\n },\n});\n\n/** Get a verified TOTP enrollment for a user (returns first match). */\nexport const totpGetVerifiedByUserId = query({\n args: { userId: v.id(\"User\") },\n returns: v.union(vTotpFactorDoc, v.null()),\n handler: async (ctx, { userId }) => {\n return await ctx.db\n .query(\"TotpFactor\")\n .withIndex(\"user_id_verified\", (q) =>\n q.eq(\"userId\", userId).eq(\"verified\", true),\n )\n .first();\n },\n});\n\n/** List all TOTP enrollments for a user. */\nexport const totpListByUserId = query({\n args: { userId: v.id(\"User\") },\n returns: v.array(vTotpFactorDoc),\n handler: async (ctx, { userId }) => {\n return await ctx.db\n .query(\"TotpFactor\")\n .withIndex(\"user_id\", (q) => q.eq(\"userId\", userId))\n .collect();\n },\n});\n\n/** Get a TOTP enrollment by its ID. */\nexport const totpGetById = query({\n args: { totpId: v.id(\"TotpFactor\") },\n returns: v.union(vTotpFactorDoc, v.null()),\n handler: async (ctx, { totpId }) => {\n return await ctx.db.get(\"TotpFactor\", totpId);\n },\n});\n\n/** Mark a TOTP enrollment as verified (setup complete). */\nexport const totpMarkVerified = mutation({\n args: { totpId: v.id(\"TotpFactor\"), lastUsedAt: v.number() },\n returns: v.null(),\n handler: async (ctx, { totpId, lastUsedAt }) => {\n await ctx.db.patch(\"TotpFactor\", totpId, { verified: true, lastUsedAt });\n return null;\n },\n});\n\n/** Update a TOTP enrollment's last used timestamp. */\nexport const totpUpdateLastUsed = mutation({\n args: { totpId: v.id(\"TotpFactor\"), lastUsedAt: v.number() },\n returns: v.null(),\n handler: async (ctx, { totpId, lastUsedAt }) => {\n await ctx.db.patch(\"TotpFactor\", totpId, { lastUsedAt });\n return null;\n },\n});\n\n/** Delete a TOTP enrollment. */\nexport const totpDelete = mutation({\n args: { totpId: v.id(\"TotpFactor\") },\n returns: v.null(),\n handler: async (ctx, { totpId }) => {\n await ctx.db.delete(\"TotpFactor\", totpId);\n return null;\n },\n});\n\n// ============================================================================\n// Rate Limits\n// ============================================================================\n\n/** Look up a rate limit entry by its identifier. */\nexport const rateLimitGet = query({\n args: { identifier: v.string() },\n returns: v.union(vRateLimitResult, v.null()),\n handler: async (ctx, { identifier }) => {\n const row = await ctx.db\n .query(\"RateLimit\")\n .withIndex(\"by_identifier\", (q) => q.eq(\"identifier\", identifier))\n .unique();\n if (row === null) {\n return null;\n }\n return {\n ...row,\n attemptsLeft: row.attempts_left,\n lastAttemptTime: row.last_attempt_time,\n };\n },\n});\n\n/** Create a new rate limit entry. */\nexport const rateLimitCreate = mutation({\n args: {\n identifier: v.string(),\n attemptsLeft: v.number(),\n lastAttemptTime: v.number(),\n },\n returns: v.id(\"RateLimit\"),\n handler: async (ctx, { identifier, attemptsLeft, lastAttemptTime }) => {\n return await ctx.db.insert(\"RateLimit\", {\n identifier,\n attempts_left: attemptsLeft,\n last_attempt_time: lastAttemptTime,\n });\n },\n});\n\n/** Patch a rate limit entry with partial data. */\nexport const rateLimitPatch = mutation({\n args: { rateLimitId: v.id(\"RateLimit\"), data: v.any() },\n returns: v.null(),\n handler: async (ctx, { rateLimitId, data }) => {\n const nextData: Record<string, unknown> = { ...data };\n if (nextData.attemptsLeft !== undefined) {\n nextData.attempts_left = nextData.attemptsLeft;\n delete nextData.attemptsLeft;\n }\n if (nextData.lastAttemptTime !== undefined) {\n nextData.last_attempt_time = nextData.lastAttemptTime;\n delete nextData.lastAttemptTime;\n }\n await ctx.db.patch(\"RateLimit\", rateLimitId, nextData);\n return null;\n },\n});\n\n/** Delete a rate limit entry. */\nexport const rateLimitDelete = mutation({\n args: { rateLimitId: v.id(\"RateLimit\") },\n returns: v.null(),\n handler: async (ctx, { rateLimitId }) => {\n await ctx.db.delete(\"RateLimit\", rateLimitId);\n return null;\n },\n});\n\n// ============================================================================\n// Device Authorization (RFC 8628)\n// ============================================================================\n\n/** Insert a new device authorization record. */\nexport const deviceInsert = mutation({\n args: {\n deviceCodeHash: v.string(),\n userCode: v.string(),\n expiresAt: v.number(),\n interval: v.number(),\n status: vDeviceStatus,\n },\n returns: v.id(\"DeviceCode\"),\n handler: async (ctx, args) => {\n return await ctx.db.insert(\"DeviceCode\", args);\n },\n});\n\n/** Look up a device authorization by its hashed device code. */\nexport const deviceGetByCodeHash = query({\n args: { deviceCodeHash: v.string() },\n returns: v.union(vDeviceCodeDoc, v.null()),\n handler: async (ctx, { deviceCodeHash }) => {\n return await ctx.db\n .query(\"DeviceCode\")\n .withIndex(\"device_code_hash\", (q) =>\n q.eq(\"deviceCodeHash\", deviceCodeHash),\n )\n .first();\n },\n});\n\n/** Look up a pending device authorization by its user code. */\nexport const deviceGetByUserCode = query({\n args: { userCode: v.string() },\n returns: v.union(vDeviceCodeDoc, v.null()),\n handler: async (ctx, { userCode }) => {\n return await ctx.db\n .query(\"DeviceCode\")\n .withIndex(\"user_code_status\", (q) =>\n q.eq(\"userCode\", userCode).eq(\"status\", \"pending\"),\n )\n .first();\n },\n});\n\n/** Authorize a device code — link it to a user and session. */\nexport const deviceAuthorize = mutation({\n args: {\n deviceId: v.id(\"DeviceCode\"),\n userId: v.id(\"User\"),\n sessionId: v.id(\"Session\"),\n },\n returns: v.null(),\n handler: async (ctx, { deviceId, userId, sessionId }) => {\n await ctx.db.patch(\"DeviceCode\", deviceId, {\n status: \"authorized\",\n userId,\n sessionId,\n });\n return null;\n },\n});\n\n/** Update the last-polled timestamp on a device authorization record. */\nexport const deviceUpdateLastPolled = mutation({\n args: { deviceId: v.id(\"DeviceCode\"), lastPolledAt: v.number() },\n returns: v.null(),\n handler: async (ctx, { deviceId, lastPolledAt }) => {\n await ctx.db.patch(\"DeviceCode\", deviceId, { lastPolledAt });\n return null;\n },\n});\n\n/** Delete a device authorization record (cleanup after use or expiry). */\nexport const deviceDelete = mutation({\n args: { deviceId: v.id(\"DeviceCode\") },\n returns: v.null(),\n handler: async (ctx, { deviceId }) => {\n await ctx.db.delete(\"DeviceCode\", deviceId);\n return null;\n },\n});\n"],"mappings":";;;;;;AAgBA,MAAa,gBAAgB,SAAS;CACpC,MAAM;EACJ,QAAQ,EAAE,GAAG,OAAO;EACpB,cAAc,EAAE,QAAQ;EACxB,WAAW,EAAE,OAAO;EACpB,WAAW,EAAE,QAAQ;EACrB,SAAS,EAAE,QAAQ;EACnB,YAAY,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;EAC3C,YAAY,EAAE,QAAQ;EACtB,UAAU,EAAE,SAAS;EACrB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;EAC5B,WAAW,EAAE,QAAQ;EACtB;CACD,SAAS,EAAE,GAAG,UAAU;CACxB,SAAS,OAAO,KAAK,SAAS;AAC5B,SAAO,MAAM,IAAI,GAAG,OAAO,WAAW,KAAK;;CAE9C,CAAC;;AAGF,MAAa,2BAA2B,MAAM;CAC5C,MAAM,EAAE,cAAc,EAAE,QAAQ,EAAE;CAClC,SAAS,EAAE,MAAM,aAAa,EAAE,MAAM,CAAC;CACvC,SAAS,OAAO,KAAK,EAAE,mBAAmB;AACxC,SAAO,MAAM,IAAI,GACd,MAAM,UAAU,CAChB,UAAU,kBAAkB,MAAM,EAAE,GAAG,gBAAgB,aAAa,CAAC,CACrE,QAAQ;;CAEd,CAAC;;AAGF,MAAa,sBAAsB,MAAM;CACvC,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,EAAE;CAC9B,SAAS,EAAE,MAAM,YAAY;CAC7B,SAAS,OAAO,KAAK,EAAE,aAAa;AAClC,SAAO,MAAM,IAAI,GACd,MAAM,UAAU,CAChB,UAAU,YAAY,MAAM,EAAE,GAAG,UAAU,OAAO,CAAC,CACnD,SAAS;;CAEf,CAAC;;AAGF,MAAa,uBAAuB,SAAS;CAC3C,MAAM;EACJ,WAAW,EAAE,GAAG,UAAU;EAC1B,SAAS,EAAE,QAAQ;EACnB,YAAY,EAAE,QAAQ;EACvB;CACD,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,WAAW,SAAS,iBAAiB;AAC1D,QAAM,IAAI,GAAG,MAAM,WAAW,WAAW;GAAE;GAAS;GAAY,CAAC;AACjE,SAAO;;CAEV,CAAC;;AAGF,MAAa,oBAAoB,SAAS;CACxC,MAAM;EAAE,WAAW,EAAE,GAAG,UAAU;EAAE,MAAM,EAAE,KAAK;EAAE;CACnD,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,WAAW,WAAW;AAC3C,QAAM,IAAI,GAAG,MAAM,WAAW,WAAW,KAAK;AAC9C,SAAO;;CAEV,CAAC;;AAGF,MAAa,gBAAgB,SAAS;CACpC,MAAM,EAAE,WAAW,EAAE,GAAG,UAAU,EAAE;CACpC,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,gBAAgB;AACrC,QAAM,IAAI,GAAG,OAAO,WAAW,UAAU;AACzC,SAAO;;CAEV,CAAC;;AAOF,MAAa,aAAa,SAAS;CACjC,MAAM;EACJ,QAAQ,EAAE,GAAG,OAAO;EACpB,QAAQ,EAAE,OAAO;EACjB,QAAQ,EAAE,QAAQ;EAClB,QAAQ,EAAE,QAAQ;EAClB,UAAU,EAAE,SAAS;EACrB,MAAM,EAAE,SAAS,EAAE,QAAQ,CAAC;EAC5B,WAAW,EAAE,QAAQ;EACtB;CACD,SAAS,EAAE,GAAG,aAAa;CAC3B,SAAS,OAAO,KAAK,SAAS;AAC5B,SAAO,MAAM,IAAI,GAAG,OAAO,cAAc,KAAK;;CAEjD,CAAC;;AAGF,MAAa,0BAA0B,MAAM;CAC3C,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,EAAE;CAC9B,SAAS,EAAE,MAAM,gBAAgB,EAAE,MAAM,CAAC;CAC1C,SAAS,OAAO,KAAK,EAAE,aAAa;AAClC,SAAO,MAAM,IAAI,GACd,MAAM,aAAa,CACnB,UAAU,qBAAqB,MAC9B,EAAE,GAAG,UAAU,OAAO,CAAC,GAAG,YAAY,KAAK,CAC5C,CACA,OAAO;;CAEb,CAAC;;AAGF,MAAa,mBAAmB,MAAM;CACpC,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,EAAE;CAC9B,SAAS,EAAE,MAAM,eAAe;CAChC,SAAS,OAAO,KAAK,EAAE,aAAa;AAClC,SAAO,MAAM,IAAI,GACd,MAAM,aAAa,CACnB,UAAU,YAAY,MAAM,EAAE,GAAG,UAAU,OAAO,CAAC,CACnD,SAAS;;CAEf,CAAC;;AAGF,MAAa,cAAc,MAAM;CAC/B,MAAM,EAAE,QAAQ,EAAE,GAAG,aAAa,EAAE;CACpC,SAAS,EAAE,MAAM,gBAAgB,EAAE,MAAM,CAAC;CAC1C,SAAS,OAAO,KAAK,EAAE,aAAa;AAClC,SAAO,MAAM,IAAI,GAAG,IAAI,cAAc,OAAO;;CAEhD,CAAC;;AAGF,MAAa,mBAAmB,SAAS;CACvC,MAAM;EAAE,QAAQ,EAAE,GAAG,aAAa;EAAE,YAAY,EAAE,QAAQ;EAAE;CAC5D,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,QAAQ,iBAAiB;AAC9C,QAAM,IAAI,GAAG,MAAM,cAAc,QAAQ;GAAE,UAAU;GAAM;GAAY,CAAC;AACxE,SAAO;;CAEV,CAAC;;AAGF,MAAa,qBAAqB,SAAS;CACzC,MAAM;EAAE,QAAQ,EAAE,GAAG,aAAa;EAAE,YAAY,EAAE,QAAQ;EAAE;CAC5D,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,QAAQ,iBAAiB;AAC9C,QAAM,IAAI,GAAG,MAAM,cAAc,QAAQ,EAAE,YAAY,CAAC;AACxD,SAAO;;CAEV,CAAC;;AAGF,MAAa,aAAa,SAAS;CACjC,MAAM,EAAE,QAAQ,EAAE,GAAG,aAAa,EAAE;CACpC,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,aAAa;AAClC,QAAM,IAAI,GAAG,OAAO,cAAc,OAAO;AACzC,SAAO;;CAEV,CAAC;;AAOF,MAAa,eAAe,MAAM;CAChC,MAAM,EAAE,YAAY,EAAE,QAAQ,EAAE;CAChC,SAAS,EAAE,MAAM,kBAAkB,EAAE,MAAM,CAAC;CAC5C,SAAS,OAAO,KAAK,EAAE,iBAAiB;EACtC,MAAM,MAAM,MAAM,IAAI,GACnB,MAAM,YAAY,CAClB,UAAU,kBAAkB,MAAM,EAAE,GAAG,cAAc,WAAW,CAAC,CACjE,QAAQ;AACX,MAAI,QAAQ,KACV,QAAO;AAET,SAAO;GACL,GAAG;GACH,cAAc,IAAI;GAClB,iBAAiB,IAAI;GACtB;;CAEJ,CAAC;;AAGF,MAAa,kBAAkB,SAAS;CACtC,MAAM;EACJ,YAAY,EAAE,QAAQ;EACtB,cAAc,EAAE,QAAQ;EACxB,iBAAiB,EAAE,QAAQ;EAC5B;CACD,SAAS,EAAE,GAAG,YAAY;CAC1B,SAAS,OAAO,KAAK,EAAE,YAAY,cAAc,sBAAsB;AACrE,SAAO,MAAM,IAAI,GAAG,OAAO,aAAa;GACtC;GACA,eAAe;GACf,mBAAmB;GACpB,CAAC;;CAEL,CAAC;;AAGF,MAAa,iBAAiB,SAAS;CACrC,MAAM;EAAE,aAAa,EAAE,GAAG,YAAY;EAAE,MAAM,EAAE,KAAK;EAAE;CACvD,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,aAAa,WAAW;EAC7C,MAAM,WAAoC,EAAE,GAAG,MAAM;AACrD,MAAI,SAAS,iBAAiB,QAAW;AACvC,YAAS,gBAAgB,SAAS;AAClC,UAAO,SAAS;;AAElB,MAAI,SAAS,oBAAoB,QAAW;AAC1C,YAAS,oBAAoB,SAAS;AACtC,UAAO,SAAS;;AAElB,QAAM,IAAI,GAAG,MAAM,aAAa,aAAa,SAAS;AACtD,SAAO;;CAEV,CAAC;;AAGF,MAAa,kBAAkB,SAAS;CACtC,MAAM,EAAE,aAAa,EAAE,GAAG,YAAY,EAAE;CACxC,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,kBAAkB;AACvC,QAAM,IAAI,GAAG,OAAO,aAAa,YAAY;AAC7C,SAAO;;CAEV,CAAC;;AAOF,MAAa,eAAe,SAAS;CACnC,MAAM;EACJ,gBAAgB,EAAE,QAAQ;EAC1B,UAAU,EAAE,QAAQ;EACpB,WAAW,EAAE,QAAQ;EACrB,UAAU,EAAE,QAAQ;EACpB,QAAQ;EACT;CACD,SAAS,EAAE,GAAG,aAAa;CAC3B,SAAS,OAAO,KAAK,SAAS;AAC5B,SAAO,MAAM,IAAI,GAAG,OAAO,cAAc,KAAK;;CAEjD,CAAC;;AAGF,MAAa,sBAAsB,MAAM;CACvC,MAAM,EAAE,gBAAgB,EAAE,QAAQ,EAAE;CACpC,SAAS,EAAE,MAAM,gBAAgB,EAAE,MAAM,CAAC;CAC1C,SAAS,OAAO,KAAK,EAAE,qBAAqB;AAC1C,SAAO,MAAM,IAAI,GACd,MAAM,aAAa,CACnB,UAAU,qBAAqB,MAC9B,EAAE,GAAG,kBAAkB,eAAe,CACvC,CACA,OAAO;;CAEb,CAAC;;AAGF,MAAa,sBAAsB,MAAM;CACvC,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE;CAC9B,SAAS,EAAE,MAAM,gBAAgB,EAAE,MAAM,CAAC;CAC1C,SAAS,OAAO,KAAK,EAAE,eAAe;AACpC,SAAO,MAAM,IAAI,GACd,MAAM,aAAa,CACnB,UAAU,qBAAqB,MAC9B,EAAE,GAAG,YAAY,SAAS,CAAC,GAAG,UAAU,UAAU,CACnD,CACA,OAAO;;CAEb,CAAC;;AAGF,MAAa,kBAAkB,SAAS;CACtC,MAAM;EACJ,UAAU,EAAE,GAAG,aAAa;EAC5B,QAAQ,EAAE,GAAG,OAAO;EACpB,WAAW,EAAE,GAAG,UAAU;EAC3B;CACD,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,UAAU,QAAQ,gBAAgB;AACvD,QAAM,IAAI,GAAG,MAAM,cAAc,UAAU;GACzC,QAAQ;GACR;GACA;GACD,CAAC;AACF,SAAO;;CAEV,CAAC;;AAGF,MAAa,yBAAyB,SAAS;CAC7C,MAAM;EAAE,UAAU,EAAE,GAAG,aAAa;EAAE,cAAc,EAAE,QAAQ;EAAE;CAChE,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,UAAU,mBAAmB;AAClD,QAAM,IAAI,GAAG,MAAM,cAAc,UAAU,EAAE,cAAc,CAAC;AAC5D,SAAO;;CAEV,CAAC;;AAGF,MAAa,eAAe,SAAS;CACnC,MAAM,EAAE,UAAU,EAAE,GAAG,aAAa,EAAE;CACtC,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,eAAe;AACpC,QAAM,IAAI,GAAG,OAAO,cAAc,SAAS;AAC3C,SAAO;;CAEV,CAAC"}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
declare namespace groups_d_exports {
|
|
2
|
-
export { groupCreate, groupDelete, groupGet, groupList, groupUpdate, inviteAccept, inviteAcceptByToken, inviteCreate, inviteGet, inviteGetByTokenHash, inviteList, inviteRevoke, memberAdd, memberGet, memberGetByGroupAndUser, memberList, memberListByUser, memberRemove, memberUpdate };
|
|
2
|
+
export { groupCreate, groupDelete, groupGet, groupList, groupUpdate, inviteAccept, inviteAcceptByToken, inviteCreate, inviteGet, inviteGetByTokenHash, inviteList, inviteRevoke, memberAdd, memberGet, memberGetByGroupAndUser, memberList, memberListByUser, memberRemove, memberResolve, memberUpdate };
|
|
3
3
|
}
|
|
4
4
|
/**
|
|
5
5
|
* Create a new group. Groups are hierarchical — set `parentGroupId` to nest
|
|
@@ -57,6 +57,14 @@ declare const memberListByUser: any;
|
|
|
57
57
|
* Returns `null` if the user is not a member of the group.
|
|
58
58
|
*/
|
|
59
59
|
declare const memberGetByGroupAndUser: any;
|
|
60
|
+
/**
|
|
61
|
+
* Resolve a user's membership by walking the group hierarchy from the
|
|
62
|
+
* requested group up to the root. Returns the first matching membership
|
|
63
|
+
* found. When `ancestry` is true, includes the list of traversed group IDs.
|
|
64
|
+
*
|
|
65
|
+
* This runs entirely inside the component (no cross-component RPCs per level).
|
|
66
|
+
*/
|
|
67
|
+
declare const memberResolve: any;
|
|
60
68
|
/** Remove a member from a group by deleting the member record. */
|
|
61
69
|
declare const memberRemove: any;
|
|
62
70
|
/**
|
|
@@ -112,5 +120,5 @@ declare const inviteAcceptByToken: any;
|
|
|
112
120
|
*/
|
|
113
121
|
declare const inviteRevoke: any;
|
|
114
122
|
//#endregion
|
|
115
|
-
export { groupCreate, groupDelete, groupGet, groupList, groupUpdate, groups_d_exports, inviteAccept, inviteAcceptByToken, inviteCreate, inviteGet, inviteGetByTokenHash, inviteList, inviteRevoke, memberAdd, memberGet, memberGetByGroupAndUser, memberList, memberListByUser, memberRemove, memberUpdate };
|
|
123
|
+
export { groupCreate, groupDelete, groupGet, groupList, groupUpdate, groups_d_exports, inviteAccept, inviteAcceptByToken, inviteCreate, inviteGet, inviteGetByTokenHash, inviteList, inviteRevoke, memberAdd, memberGet, memberGetByGroupAndUser, memberList, memberListByUser, memberRemove, memberResolve, memberUpdate };
|
|
116
124
|
//# sourceMappingURL=groups.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"groups.d.ts","names":[],"sources":["../../../src/component/public/groups.ts"],"mappings":";;;;;;;;;cA4Ba,WAAA;;
|
|
1
|
+
{"version":3,"file":"groups.d.ts","names":[],"sources":["../../../src/component/public/groups.ts"],"mappings":";;;;;;;;;cA4Ba,WAAA;;cA6CA,QAAA;;;;;;cAaA,SAAA;;cA8JA,WAAA;;;;;;;cA2EA,WAAA;;AAnSb;;;;;AA6CA;;;;;AAaA;cAuSa,SAAA;;cA8BA,SAAA;;AAvKb;;;;;cAqLa,UAAA;;;;;cAkFA,gBAAA;;;;;cAeA,uBAAA;;;;;AAjGb;;;cAqHa,aAAA;;cAiEA,YAAA;;;;cAYA,YAAA;AAjGb;;;;;AAoBA;;;;;AAiEA;;AArFA,cA0Ha,YAAA;;cA+EA,SAAA;AAxGb;AAAA,cAiHa,oBAAA;;;;AAxFb;;;cAyGa,UAAA;;AA1Bb;;;;;AASA;;;cAkJa,YAAA;;AAjIb;;;;;cAiLa,mBAAA;;;;;AAAb;;cAoHa,YAAA"}
|
|
@@ -22,10 +22,16 @@ const groupCreate = mutation({
|
|
|
22
22
|
handler: async (ctx, args) => {
|
|
23
23
|
const { tags: rawTags, ...rest } = args;
|
|
24
24
|
const normalizedTags = rawTags ? normalizeTags(rawTags) : void 0;
|
|
25
|
+
const isRoot = !args.parentGroupId;
|
|
26
|
+
let rootGroupId;
|
|
27
|
+
if (!isRoot && args.parentGroupId) rootGroupId = (await ctx.db.get(args.parentGroupId))?.rootGroupId ?? args.parentGroupId;
|
|
25
28
|
const groupId = await ctx.db.insert("Group", {
|
|
26
29
|
...rest,
|
|
27
|
-
tags: normalizedTags
|
|
30
|
+
tags: normalizedTags,
|
|
31
|
+
isRoot,
|
|
32
|
+
rootGroupId: isRoot ? void 0 : rootGroupId
|
|
28
33
|
});
|
|
34
|
+
if (isRoot) await ctx.db.patch(groupId, { rootGroupId: groupId });
|
|
29
35
|
if (normalizedTags) for (const tag of normalizedTags) await ctx.db.insert("GroupTag", {
|
|
30
36
|
group_id: groupId,
|
|
31
37
|
key: tag.key,
|
|
@@ -97,10 +103,10 @@ const groupList = query({
|
|
|
97
103
|
else if (where.slug !== void 0) q = ctx.db.query("Group").withIndex("slug", (idx) => idx.eq("slug", where.slug));
|
|
98
104
|
else if (where.type !== void 0) q = ctx.db.query("Group").withIndex("type", (idx) => idx.eq("type", where.type));
|
|
99
105
|
else if (where.parentGroupId !== void 0) q = ctx.db.query("Group").withIndex("parent_group_id", (idx) => idx.eq("parentGroupId", where.parentGroupId));
|
|
106
|
+
else if (where.isRoot !== void 0) q = ctx.db.query("Group").withIndex("is_root", (idx) => idx.eq("isRoot", where.isRoot));
|
|
100
107
|
else q = ctx.db.query("Group");
|
|
101
108
|
if (where.name !== void 0) q = q.filter((f) => f.eq(f.field("name"), where.name));
|
|
102
|
-
if (where.isRoot ===
|
|
103
|
-
else if (where.isRoot === false) q = q.filter((f) => f.neq(f.field("parentGroupId"), void 0));
|
|
109
|
+
if (where.isRoot !== void 0 && where.parentGroupId === void 0 && (where.type !== void 0 || where.slug !== void 0)) q = q.filter((f) => f.eq(f.field("isRoot"), where.isRoot));
|
|
104
110
|
if (where.slug !== void 0 && where.type !== void 0) q = q.filter((f) => f.eq(f.field("slug"), where.slug));
|
|
105
111
|
q = q.order(order);
|
|
106
112
|
let all = await q.collect();
|
|
@@ -127,6 +133,20 @@ const groupUpdate = mutation({
|
|
|
127
133
|
},
|
|
128
134
|
returns: v.null(),
|
|
129
135
|
handler: async (ctx, { groupId, data }) => {
|
|
136
|
+
if (data.parentGroupId !== void 0) {
|
|
137
|
+
const oldRootGroupId = (await ctx.db.get("Group", groupId))?.rootGroupId;
|
|
138
|
+
const newParentGroupId = data.parentGroupId;
|
|
139
|
+
const newIsRoot = !newParentGroupId;
|
|
140
|
+
let newRootGroupId;
|
|
141
|
+
if (newIsRoot) newRootGroupId = groupId;
|
|
142
|
+
else newRootGroupId = (await ctx.db.get("Group", newParentGroupId))?.rootGroupId ?? newParentGroupId;
|
|
143
|
+
data.isRoot = newIsRoot;
|
|
144
|
+
data.rootGroupId = newRootGroupId;
|
|
145
|
+
if (oldRootGroupId && oldRootGroupId !== newRootGroupId) {
|
|
146
|
+
const descendants = await ctx.db.query("Group").withIndex("root_group_id", (q) => q.eq("rootGroupId", oldRootGroupId)).collect();
|
|
147
|
+
for (const desc of descendants) if (desc._id !== groupId) await ctx.db.patch("Group", desc._id, { rootGroupId: newRootGroupId });
|
|
148
|
+
}
|
|
149
|
+
}
|
|
130
150
|
if (data.tags !== void 0) {
|
|
131
151
|
const normalizedTags = Array.isArray(data.tags) ? normalizeTags(data.tags) : [];
|
|
132
152
|
const existingTags = await ctx.db.query("GroupTag").withIndex("by_group", (idx) => idx.eq("group_id", groupId)).collect();
|
|
@@ -235,11 +255,18 @@ const memberList = query({
|
|
|
235
255
|
const limit = Math.min(Math.max(args.limit ?? 50, 1), 100);
|
|
236
256
|
const order = args.order ?? "desc";
|
|
237
257
|
let q;
|
|
238
|
-
if (where.groupId !== void 0 && where.userId !== void 0)
|
|
258
|
+
if (where.groupId !== void 0 && where.userId !== void 0) {
|
|
259
|
+
q = ctx.db.query("GroupMember").withIndex("group_id_user_id", (idx) => idx.eq("groupId", where.groupId).eq("userId", where.userId));
|
|
260
|
+
if (where.status !== void 0) q = q.filter((f) => f.eq(f.field("status"), where.status));
|
|
261
|
+
} else if (where.groupId !== void 0 && where.status !== void 0) q = ctx.db.query("GroupMember").withIndex("group_id_status", (idx) => idx.eq("groupId", where.groupId).eq("status", where.status));
|
|
239
262
|
else if (where.groupId !== void 0) q = ctx.db.query("GroupMember").withIndex("group_id", (idx) => idx.eq("groupId", where.groupId));
|
|
240
|
-
else if (where.userId !== void 0)
|
|
241
|
-
|
|
242
|
-
|
|
263
|
+
else if (where.userId !== void 0) {
|
|
264
|
+
q = ctx.db.query("GroupMember").withIndex("user_id", (idx) => idx.eq("userId", where.userId));
|
|
265
|
+
if (where.status !== void 0) q = q.filter((f) => f.eq(f.field("status"), where.status));
|
|
266
|
+
} else {
|
|
267
|
+
q = ctx.db.query("GroupMember");
|
|
268
|
+
if (where.status !== void 0) q = q.filter((f) => f.eq(f.field("status"), where.status));
|
|
269
|
+
}
|
|
243
270
|
q = q.order(order);
|
|
244
271
|
let all = await q.collect();
|
|
245
272
|
if (where.roleId !== void 0) all = all.filter((doc) => (doc.roleIds ?? []).includes(where.roleId));
|
|
@@ -282,6 +309,63 @@ const memberGetByGroupAndUser = query({
|
|
|
282
309
|
return await ctx.db.query("GroupMember").withIndex("group_id_user_id", (q) => q.eq("groupId", groupId).eq("userId", userId)).unique();
|
|
283
310
|
}
|
|
284
311
|
});
|
|
312
|
+
/**
|
|
313
|
+
* Resolve a user's membership by walking the group hierarchy from the
|
|
314
|
+
* requested group up to the root. Returns the first matching membership
|
|
315
|
+
* found. When `ancestry` is true, includes the list of traversed group IDs.
|
|
316
|
+
*
|
|
317
|
+
* This runs entirely inside the component (no cross-component RPCs per level).
|
|
318
|
+
*/
|
|
319
|
+
const memberResolve = query({
|
|
320
|
+
args: {
|
|
321
|
+
userId: v.id("User"),
|
|
322
|
+
groupId: v.id("Group"),
|
|
323
|
+
maxDepth: v.optional(v.number()),
|
|
324
|
+
ancestry: v.optional(v.boolean())
|
|
325
|
+
},
|
|
326
|
+
returns: v.object({
|
|
327
|
+
membership: v.union(vGroupMemberDoc, v.null()),
|
|
328
|
+
matchedGroupId: v.union(v.id("Group"), v.null()),
|
|
329
|
+
depth: v.union(v.number(), v.null()),
|
|
330
|
+
isDirect: v.boolean(),
|
|
331
|
+
isInherited: v.boolean(),
|
|
332
|
+
traversedGroupIds: v.optional(v.array(v.id("Group")))
|
|
333
|
+
}),
|
|
334
|
+
handler: async (ctx, args) => {
|
|
335
|
+
const maxDepth = Math.max(0, Math.floor(args.maxDepth ?? 32));
|
|
336
|
+
const includeAncestry = args.ancestry ?? false;
|
|
337
|
+
const visited = /* @__PURE__ */ new Set();
|
|
338
|
+
const traversedGroupIds = [];
|
|
339
|
+
let currentGroupId = args.groupId;
|
|
340
|
+
let depth = 0;
|
|
341
|
+
while (currentGroupId !== void 0 && depth <= maxDepth) {
|
|
342
|
+
if (visited.has(currentGroupId)) break;
|
|
343
|
+
visited.add(currentGroupId);
|
|
344
|
+
if (includeAncestry) traversedGroupIds.push(currentGroupId);
|
|
345
|
+
const membership = await ctx.db.query("GroupMember").withIndex("group_id_user_id", (q) => q.eq("groupId", currentGroupId).eq("userId", args.userId)).unique();
|
|
346
|
+
if (membership !== null) return {
|
|
347
|
+
membership,
|
|
348
|
+
matchedGroupId: currentGroupId,
|
|
349
|
+
depth,
|
|
350
|
+
isDirect: depth === 0,
|
|
351
|
+
isInherited: depth > 0,
|
|
352
|
+
...includeAncestry ? { traversedGroupIds } : {}
|
|
353
|
+
};
|
|
354
|
+
const groupDoc = await ctx.db.get(currentGroupId);
|
|
355
|
+
if (!groupDoc?.parentGroupId) break;
|
|
356
|
+
currentGroupId = groupDoc.parentGroupId;
|
|
357
|
+
depth++;
|
|
358
|
+
}
|
|
359
|
+
return {
|
|
360
|
+
membership: null,
|
|
361
|
+
matchedGroupId: null,
|
|
362
|
+
depth: null,
|
|
363
|
+
isDirect: false,
|
|
364
|
+
isInherited: false,
|
|
365
|
+
...includeAncestry ? { traversedGroupIds } : {}
|
|
366
|
+
};
|
|
367
|
+
}
|
|
368
|
+
});
|
|
285
369
|
/** Remove a member from a group by deleting the member record. */
|
|
286
370
|
const memberRemove = mutation({
|
|
287
371
|
args: { memberId: v.id("GroupMember") },
|
|
@@ -592,5 +676,5 @@ const inviteRevoke = mutation({
|
|
|
592
676
|
});
|
|
593
677
|
|
|
594
678
|
//#endregion
|
|
595
|
-
export { groupCreate, groupDelete, groupGet, groupList, groupUpdate, inviteAccept, inviteAcceptByToken, inviteCreate, inviteGet, inviteGetByTokenHash, inviteList, inviteRevoke, memberAdd, memberGet, memberGetByGroupAndUser, memberList, memberListByUser, memberRemove, memberUpdate };
|
|
679
|
+
export { groupCreate, groupDelete, groupGet, groupList, groupUpdate, inviteAccept, inviteAcceptByToken, inviteCreate, inviteGet, inviteGetByTokenHash, inviteList, inviteRevoke, memberAdd, memberGet, memberGetByGroupAndUser, memberList, memberListByUser, memberRemove, memberResolve, memberUpdate };
|
|
596
680
|
//# sourceMappingURL=groups.js.map
|