npm - @robelest/convex-auth - Versions diffs - 0.0.4-preview.2 → 0.0.4-preview.21 - Mend

@robelest/convex-auth 0.0.4-preview.2 → 0.0.4-preview.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (798) hide show

package/README.md +67 -26
package/dist/authorization/index.d.ts +63 -0
package/dist/authorization/index.d.ts.map +1 -0
package/dist/authorization/index.js +63 -0
package/dist/authorization/index.js.map +1 -0
package/dist/bin.js +6185 -0
package/dist/client/core/types.d.ts +20 -0
package/dist/client/core/types.d.ts.map +1 -0
package/dist/client/index.d.ts +2 -299
package/dist/client/index.d.ts.map +1 -1
package/dist/client/index.js +407 -534
package/dist/client/index.js.map +1 -1
package/dist/component/_generated/api.d.ts +42 -0
package/dist/component/_generated/api.d.ts.map +1 -1
package/dist/component/_generated/api.js.map +1 -1
package/dist/component/_generated/component.d.ts +2546 -90
package/dist/component/_generated/component.d.ts.map +1 -1
package/dist/component/client/core/types.d.ts +2 -0
package/dist/component/client/index.d.ts +2 -0
package/dist/component/convex.config.d.ts +2 -2
package/dist/component/functions.d.ts +11 -9
package/dist/component/functions.d.ts.map +1 -1
package/dist/component/functions.js.map +1 -1
package/dist/component/index.d.ts +7 -11
package/dist/component/index.js +2 -3
package/dist/component/model.d.ts +153 -0
package/dist/component/model.d.ts.map +1 -0
package/dist/component/model.js +349 -0
package/dist/component/model.js.map +1 -0
package/dist/component/providers/anonymous.d.ts +54 -0
package/dist/component/providers/anonymous.d.ts.map +1 -0
package/dist/component/providers/credentials.d.ts +5 -5
package/dist/component/providers/credentials.d.ts.map +1 -1
package/dist/component/providers/device.d.ts +67 -0
package/dist/component/providers/device.d.ts.map +1 -0
package/dist/component/providers/email.d.ts +62 -0
package/dist/component/providers/email.d.ts.map +1 -0
package/dist/component/providers/oauth.d.ts.map +1 -1
package/dist/component/providers/oauth.js.map +1 -1
package/dist/component/providers/passkey.d.ts +57 -0
package/dist/component/providers/passkey.d.ts.map +1 -0
package/dist/component/providers/password.d.ts +88 -0
package/dist/component/providers/password.d.ts.map +1 -0
package/dist/component/providers/phone.d.ts +48 -0
package/dist/component/providers/phone.d.ts.map +1 -0
package/dist/component/providers/sso.d.ts +50 -0
package/dist/component/providers/sso.d.ts.map +1 -0
package/dist/component/providers/totp.d.ts +45 -0
package/dist/component/providers/totp.d.ts.map +1 -0
package/dist/component/public/enterprise/audit.d.ts +73 -0
package/dist/component/public/enterprise/audit.d.ts.map +1 -0
package/dist/component/public/enterprise/audit.js +108 -0
package/dist/component/public/enterprise/audit.js.map +1 -0
package/dist/component/public/enterprise/core.d.ts +176 -0
package/dist/component/public/enterprise/core.d.ts.map +1 -0
package/dist/component/public/enterprise/core.js +292 -0
package/dist/component/public/enterprise/core.js.map +1 -0
package/dist/component/public/enterprise/domains.d.ts +174 -0
package/dist/component/public/enterprise/domains.d.ts.map +1 -0
package/dist/component/public/enterprise/domains.js +271 -0
package/dist/component/public/enterprise/domains.js.map +1 -0
package/dist/component/public/enterprise/scim.d.ts +245 -0
package/dist/component/public/enterprise/scim.d.ts.map +1 -0
package/dist/component/public/enterprise/scim.js +344 -0
package/dist/component/public/enterprise/scim.js.map +1 -0
package/dist/component/public/enterprise/secrets.d.ts +78 -0
package/dist/component/public/enterprise/secrets.d.ts.map +1 -0
package/dist/component/public/enterprise/secrets.js +118 -0
package/dist/component/public/enterprise/secrets.js.map +1 -0
package/dist/component/public/enterprise/webhooks.d.ts +211 -0
package/dist/component/public/enterprise/webhooks.d.ts.map +1 -0
package/dist/component/public/enterprise/webhooks.js +300 -0
package/dist/component/public/enterprise/webhooks.js.map +1 -0
package/dist/component/public/factors/devices.d.ts +157 -0
package/dist/component/public/factors/devices.d.ts.map +1 -0
package/dist/component/public/factors/devices.js +216 -0
package/dist/component/public/factors/devices.js.map +1 -0
package/dist/component/public/factors/passkeys.d.ts +175 -0
package/dist/component/public/factors/passkeys.d.ts.map +1 -0
package/dist/component/public/factors/passkeys.js +238 -0
package/dist/component/public/factors/passkeys.js.map +1 -0
package/dist/component/public/factors/totp.d.ts +189 -0
package/dist/component/public/factors/totp.d.ts.map +1 -0
package/dist/component/public/factors/totp.js +254 -0
package/dist/component/public/factors/totp.js.map +1 -0
package/dist/component/public/groups/core.d.ts +137 -0
package/dist/component/public/groups/core.d.ts.map +1 -0
package/dist/component/public/groups/core.js +321 -0
package/dist/component/public/groups/core.js.map +1 -0
package/dist/component/public/groups/invites.d.ts +217 -0
package/dist/component/public/groups/invites.d.ts.map +1 -0
package/dist/component/public/groups/invites.js +457 -0
package/dist/component/public/groups/invites.js.map +1 -0
package/dist/component/public/groups/members.d.ts +204 -0
package/dist/component/public/groups/members.d.ts.map +1 -0
package/dist/component/public/groups/members.js +355 -0
package/dist/component/public/groups/members.js.map +1 -0
package/dist/component/public/identity/accounts.d.ts +147 -0
package/dist/component/public/identity/accounts.d.ts.map +1 -0
package/dist/component/public/identity/accounts.js +200 -0
package/dist/component/public/identity/accounts.js.map +1 -0
package/dist/component/public/identity/codes.d.ts +104 -0
package/dist/component/public/identity/codes.d.ts.map +1 -0
package/dist/component/public/identity/codes.js +140 -0
package/dist/component/public/identity/codes.js.map +1 -0
package/dist/component/public/identity/sessions.d.ts +128 -0
package/dist/component/public/identity/sessions.d.ts.map +1 -0
package/dist/component/public/identity/sessions.js +192 -0
package/dist/component/public/identity/sessions.js.map +1 -0
package/dist/component/public/identity/tokens.d.ts +169 -0
package/dist/component/public/identity/tokens.d.ts.map +1 -0
package/dist/component/public/identity/tokens.js +227 -0
package/dist/component/public/identity/tokens.js.map +1 -0
package/dist/component/public/identity/users.d.ts +212 -0
package/dist/component/public/identity/users.d.ts.map +1 -0
package/dist/component/public/identity/users.js +311 -0
package/dist/component/public/identity/users.js.map +1 -0
package/dist/component/public/identity/verifiers.d.ts +116 -0
package/dist/component/public/identity/verifiers.d.ts.map +1 -0
package/dist/component/public/identity/verifiers.js +154 -0
package/dist/component/public/identity/verifiers.js.map +1 -0
package/dist/component/public/security/keys.d.ts +209 -0
package/dist/component/public/security/keys.d.ts.map +1 -0
package/dist/component/public/security/keys.js +319 -0
package/dist/component/public/security/keys.js.map +1 -0
package/dist/component/public/security/limits.d.ts +114 -0
package/dist/component/public/security/limits.d.ts.map +1 -0
package/dist/component/public/security/limits.js +169 -0
package/dist/component/public/security/limits.js.map +1 -0
package/dist/component/public.d.ts +24 -271
package/dist/component/public.d.ts.map +1 -1
package/dist/component/public.js +21 -1229
package/dist/component/schema.d.ts +473 -110
package/dist/component/schema.js +162 -73
package/dist/component/schema.js.map +1 -1
package/dist/component/server/auth.d.ts +318 -373
package/dist/component/server/auth.d.ts.map +1 -1
package/dist/component/server/auth.js +204 -123
package/dist/component/server/auth.js.map +1 -1
package/dist/component/server/authError.js +34 -0
package/dist/component/server/authError.js.map +1 -0
package/dist/component/server/{providers.js → config.js} +43 -12
package/dist/component/server/config.js.map +1 -0
package/dist/component/server/cookies.js +3 -0
package/dist/component/server/cookies.js.map +1 -1
package/dist/component/server/core.js +713 -0
package/dist/component/server/core.js.map +1 -0
package/dist/component/server/crypto.js +38 -0
package/dist/component/server/crypto.js.map +1 -0
package/dist/component/server/{implementation/db.js → db.js} +2 -1
package/dist/component/server/db.js.map +1 -0
package/dist/component/server/device.js +109 -0
package/dist/component/server/device.js.map +1 -0
package/dist/component/server/enterprise/config.js +46 -0
package/dist/component/server/enterprise/config.js.map +1 -0
package/dist/component/server/enterprise/domain.js +885 -0
package/dist/component/server/enterprise/domain.js.map +1 -0
package/dist/component/server/enterprise/http.js +766 -0
package/dist/component/server/enterprise/http.js.map +1 -0
package/dist/component/server/enterprise/oidc.js +248 -0
package/dist/component/server/enterprise/oidc.js.map +1 -0
package/dist/component/server/enterprise/policy.js +85 -0
package/dist/component/server/enterprise/policy.js.map +1 -0
package/dist/component/server/enterprise/saml.js +338 -0
package/dist/component/server/enterprise/saml.js.map +1 -0
package/dist/component/server/enterprise/scim.js +97 -0
package/dist/component/server/enterprise/scim.js.map +1 -0
package/dist/component/server/enterprise/shared.js +51 -0
package/dist/component/server/enterprise/shared.js.map +1 -0
package/dist/component/server/errors.d.ts +1 -0
package/dist/component/server/errors.js +24 -16
package/dist/component/server/errors.js.map +1 -1
package/dist/component/server/http.js +288 -0
package/dist/component/server/http.js.map +1 -0
package/dist/component/server/identity.js +13 -0
package/dist/component/server/identity.js.map +1 -0
package/dist/{server/implementation → component/server}/keys.js +9 -31
package/dist/component/server/keys.js.map +1 -0
package/dist/component/server/limits.js +61 -0
package/dist/component/server/limits.js.map +1 -0
package/dist/component/server/mutations/account.js +44 -0
package/dist/component/server/mutations/account.js.map +1 -0
package/dist/component/server/{implementation/mutations → mutations}/code.js +7 -4
package/dist/component/server/mutations/code.js.map +1 -0
package/dist/component/server/mutations/invalidate.js +32 -0
package/dist/component/server/mutations/invalidate.js.map +1 -0
package/dist/component/server/mutations/oauth.js +110 -0
package/dist/component/server/mutations/oauth.js.map +1 -0
package/dist/component/server/mutations/refresh.js +119 -0
package/dist/component/server/mutations/refresh.js.map +1 -0
package/dist/component/server/mutations/register.js +83 -0
package/dist/component/server/mutations/register.js.map +1 -0
package/dist/component/server/mutations/retrieve.js +65 -0
package/dist/component/server/mutations/retrieve.js.map +1 -0
package/dist/component/server/mutations/signature.js +32 -0
package/dist/component/server/mutations/signature.js.map +1 -0
package/dist/component/server/{implementation/mutations → mutations}/signin.js +2 -2
package/dist/component/server/mutations/signin.js.map +1 -0
package/dist/component/server/mutations/signout.js +27 -0
package/dist/component/server/mutations/signout.js.map +1 -0
package/dist/component/server/mutations/store/refs.js +15 -0
package/dist/component/server/mutations/store/refs.js.map +1 -0
package/dist/component/server/mutations/store.js +85 -0
package/dist/component/server/mutations/store.js.map +1 -0
package/dist/component/server/mutations/verifier.js +18 -0
package/dist/component/server/mutations/verifier.js.map +1 -0
package/dist/component/server/mutations/verify.js +98 -0
package/dist/component/server/mutations/verify.js.map +1 -0
package/dist/component/server/oauth.js +106 -60
package/dist/component/server/oauth.js.map +1 -1
package/dist/component/server/passkey.js +328 -0
package/dist/component/server/passkey.js.map +1 -0
package/dist/{server/implementation → component/server}/redirects.js +13 -11
package/dist/component/server/redirects.js.map +1 -0
package/dist/component/server/refresh.js +96 -0
package/dist/component/server/refresh.js.map +1 -0
package/dist/component/server/runtime.d.ts +136 -0
package/dist/component/server/runtime.d.ts.map +1 -0
package/dist/component/server/runtime.js +413 -0
package/dist/component/server/runtime.js.map +1 -0
package/dist/{server/implementation → component/server}/sessions.js +14 -8
package/dist/component/server/sessions.js.map +1 -0
package/dist/component/server/signin.js +201 -0
package/dist/component/server/signin.js.map +1 -0
package/dist/component/server/tokens.js +17 -0
package/dist/component/server/tokens.js.map +1 -0
package/dist/component/server/totp.js +148 -0
package/dist/component/server/totp.js.map +1 -0
package/dist/component/server/types.d.ts +387 -298
package/dist/component/server/types.d.ts.map +1 -1
package/dist/component/server/{implementation/types.js → types.js} +1 -1
package/dist/component/server/types.js.map +1 -0
package/dist/component/server/{implementation/users.js → users.js} +54 -35
package/dist/component/server/users.js.map +1 -0
package/dist/component/server/utils.js +110 -4
package/dist/component/server/utils.js.map +1 -1
package/dist/core/types.d.ts +369 -0
package/dist/core/types.d.ts.map +1 -0
package/dist/factors/device.js +105 -0
package/dist/factors/device.js.map +1 -0
package/dist/factors/passkey.js +181 -0
package/dist/factors/passkey.js.map +1 -0
package/dist/factors/totp.js +122 -0
package/dist/factors/totp.js.map +1 -0
package/dist/providers/anonymous.d.ts +3 -9
package/dist/providers/anonymous.d.ts.map +1 -1
package/dist/providers/anonymous.js +1 -18
package/dist/providers/anonymous.js.map +1 -1
package/dist/providers/credentials.d.ts +8 -10
package/dist/providers/credentials.d.ts.map +1 -1
package/dist/providers/credentials.js +3 -5
package/dist/providers/credentials.js.map +1 -1
package/dist/providers/device.d.ts +18 -10
package/dist/providers/device.d.ts.map +1 -1
package/dist/providers/device.js +4 -8
package/dist/providers/device.js.map +1 -1
package/dist/providers/email.d.ts +50 -23
package/dist/providers/email.d.ts.map +1 -1
package/dist/providers/email.js +58 -34
package/dist/providers/email.js.map +1 -1
package/dist/providers/index.d.ts +7 -3
package/dist/providers/index.js +4 -1
package/dist/providers/oauth.d.ts.map +1 -1
package/dist/providers/oauth.js.map +1 -1
package/dist/providers/passkey.d.ts +12 -9
package/dist/providers/passkey.d.ts.map +1 -1
package/dist/providers/passkey.js +1 -7
package/dist/providers/passkey.js.map +1 -1
package/dist/providers/password.d.ts +6 -12
package/dist/providers/password.d.ts.map +1 -1
package/dist/providers/password.js +189 -89
package/dist/providers/password.js.map +1 -1
package/dist/providers/phone.d.ts +40 -11
package/dist/providers/phone.d.ts.map +1 -1
package/dist/providers/phone.js +52 -21
package/dist/providers/phone.js.map +1 -1
package/dist/providers/sso.d.ts +50 -0
package/dist/providers/sso.d.ts.map +1 -0
package/dist/providers/sso.js +34 -0
package/dist/providers/sso.js.map +1 -0
package/dist/providers/totp.d.ts +12 -9
package/dist/providers/totp.d.ts.map +1 -1
package/dist/providers/totp.js +1 -7
package/dist/providers/totp.js.map +1 -1
package/dist/runtime/browser.js +68 -0
package/dist/runtime/browser.js.map +1 -0
package/dist/runtime/invite.js +51 -0
package/dist/runtime/invite.js.map +1 -0
package/dist/runtime/proxy.js +70 -0
package/dist/runtime/proxy.js.map +1 -0
package/dist/runtime/storage.js +37 -0
package/dist/runtime/storage.js.map +1 -0
package/dist/server/auth.d.ts +335 -370
package/dist/server/auth.d.ts.map +1 -1
package/dist/server/auth.js +204 -123
package/dist/server/auth.js.map +1 -1
package/dist/server/authError.d.ts +46 -0
package/dist/server/authError.d.ts.map +1 -0
package/dist/server/authError.js +34 -0
package/dist/server/authError.js.map +1 -0
package/dist/server/config.d.ts +1 -0
package/dist/server/{providers.js → config.js} +43 -12
package/dist/server/config.js.map +1 -0
package/dist/server/cookies.d.ts +1 -38
package/dist/server/cookies.js +3 -0
package/dist/server/cookies.js.map +1 -1
package/dist/server/core.d.ts +1436 -0
package/dist/server/core.d.ts.map +1 -0
package/dist/server/core.js +713 -0
package/dist/server/core.js.map +1 -0
package/dist/server/crypto.d.ts +8 -0
package/dist/server/crypto.d.ts.map +1 -0
package/dist/server/crypto.js +38 -0
package/dist/server/crypto.js.map +1 -0
package/dist/server/db.d.ts +1 -0
package/dist/server/{implementation/db.js → db.js} +2 -1
package/dist/server/db.js.map +1 -0
package/dist/server/device.d.ts +1 -0
package/dist/server/device.js +109 -0
package/dist/server/device.js.map +1 -0
package/dist/server/enterprise/config.d.ts +1 -0
package/dist/server/enterprise/config.js +46 -0
package/dist/server/enterprise/config.js.map +1 -0
package/dist/server/enterprise/domain.d.ts +409 -0
package/dist/server/enterprise/domain.d.ts.map +1 -0
package/dist/server/enterprise/domain.js +885 -0
package/dist/server/enterprise/domain.js.map +1 -0
package/dist/server/enterprise/http.d.ts +26 -0
package/dist/server/enterprise/http.d.ts.map +1 -0
package/dist/server/enterprise/http.js +766 -0
package/dist/server/enterprise/http.js.map +1 -0
package/dist/server/enterprise/oidc.d.ts +1 -0
package/dist/server/enterprise/oidc.js +248 -0
package/dist/server/enterprise/oidc.js.map +1 -0
package/dist/server/enterprise/policy.d.ts +1 -0
package/dist/server/enterprise/policy.js +85 -0
package/dist/server/enterprise/policy.js.map +1 -0
package/dist/server/enterprise/saml.d.ts +1 -0
package/dist/server/enterprise/saml.js +338 -0
package/dist/server/enterprise/saml.js.map +1 -0
package/dist/server/enterprise/scim.d.ts +1 -0
package/dist/server/enterprise/scim.js +97 -0
package/dist/server/enterprise/scim.js.map +1 -0
package/dist/server/enterprise/shared.d.ts +5 -0
package/dist/server/enterprise/shared.d.ts.map +1 -0
package/dist/server/enterprise/shared.js +51 -0
package/dist/server/enterprise/shared.js.map +1 -0
package/dist/server/enterprise/validators.d.ts +1 -0
package/dist/server/enterprise/validators.js +60 -0
package/dist/server/enterprise/validators.js.map +1 -0
package/dist/server/errors.d.ts +33 -1
package/dist/server/errors.d.ts.map +1 -1
package/dist/server/errors.js +44 -1
package/dist/server/errors.js.map +1 -1
package/dist/server/http.d.ts +59 -0
package/dist/server/http.d.ts.map +1 -0
package/dist/server/http.js +288 -0
package/dist/server/http.js.map +1 -0
package/dist/server/identity.d.ts +1 -0
package/dist/server/identity.js +13 -0
package/dist/server/identity.js.map +1 -0
package/dist/server/index.d.ts +4 -182
package/dist/server/index.js +4 -376
package/dist/server/keys.d.ts +1 -0
package/dist/{component/server/implementation → server}/keys.js +9 -31
package/dist/server/keys.js.map +1 -0
package/dist/server/limits.d.ts +1 -0
package/dist/server/limits.js +61 -0
package/dist/server/limits.js.map +1 -0
package/dist/server/mounts.d.ts +647 -0
package/dist/server/mounts.d.ts.map +1 -0
package/dist/server/mounts.js +643 -0
package/dist/server/mounts.js.map +1 -0
package/dist/server/mutations/account.d.ts +30 -0
package/dist/server/mutations/account.d.ts.map +1 -0
package/dist/server/mutations/account.js +44 -0
package/dist/server/mutations/account.js.map +1 -0
package/dist/server/mutations/code.d.ts +30 -0
package/dist/server/mutations/code.d.ts.map +1 -0
package/dist/server/{implementation/mutations → mutations}/code.js +7 -4
package/dist/server/mutations/code.js.map +1 -0
package/dist/server/mutations/index.d.ts +14 -0
package/dist/server/mutations/index.js +15 -0
package/dist/server/mutations/invalidate.d.ts +20 -0
package/dist/server/mutations/invalidate.d.ts.map +1 -0
package/dist/server/mutations/invalidate.js +32 -0
package/dist/server/mutations/invalidate.js.map +1 -0
package/dist/server/mutations/oauth.d.ts +28 -0
package/dist/server/mutations/oauth.d.ts.map +1 -0
package/dist/server/mutations/oauth.js +110 -0
package/dist/server/mutations/oauth.js.map +1 -0
package/dist/server/mutations/refresh.d.ts +21 -0
package/dist/server/mutations/refresh.d.ts.map +1 -0
package/dist/server/mutations/refresh.js +119 -0
package/dist/server/mutations/refresh.js.map +1 -0
package/dist/server/mutations/register.d.ts +38 -0
package/dist/server/mutations/register.d.ts.map +1 -0
package/dist/server/mutations/register.js +83 -0
package/dist/server/mutations/register.js.map +1 -0
package/dist/server/mutations/retrieve.d.ts +33 -0
package/dist/server/mutations/retrieve.d.ts.map +1 -0
package/dist/server/mutations/retrieve.js +65 -0
package/dist/server/mutations/retrieve.js.map +1 -0
package/dist/server/mutations/signature.d.ts +22 -0
package/dist/server/mutations/signature.d.ts.map +1 -0
package/dist/server/mutations/signature.js +32 -0
package/dist/server/mutations/signature.js.map +1 -0
package/dist/server/mutations/signin.d.ts +22 -0
package/dist/server/mutations/signin.d.ts.map +1 -0
package/dist/server/{implementation/mutations → mutations}/signin.js +2 -2
package/dist/server/mutations/signin.js.map +1 -0
package/dist/server/mutations/signout.d.ts +16 -0
package/dist/server/mutations/signout.d.ts.map +1 -0
package/dist/server/mutations/signout.js +27 -0
package/dist/server/mutations/signout.js.map +1 -0
package/dist/server/mutations/store/refs.d.ts +12 -0
package/dist/server/mutations/store/refs.d.ts.map +1 -0
package/dist/server/mutations/store/refs.js +15 -0
package/dist/server/mutations/store/refs.js.map +1 -0
package/dist/server/mutations/store.d.ts +306 -0
package/dist/server/mutations/store.d.ts.map +1 -0
package/dist/server/mutations/store.js +85 -0
package/dist/server/mutations/store.js.map +1 -0
package/dist/server/mutations/verifier.d.ts +13 -0
package/dist/server/mutations/verifier.d.ts.map +1 -0
package/dist/server/mutations/verifier.js +18 -0
package/dist/server/mutations/verifier.js.map +1 -0
package/dist/server/mutations/verify.d.ts +26 -0
package/dist/server/mutations/verify.d.ts.map +1 -0
package/dist/server/mutations/verify.js +98 -0
package/dist/server/mutations/verify.js.map +1 -0
package/dist/server/oauth.d.ts +1 -48
package/dist/server/oauth.js +107 -64
package/dist/server/oauth.js.map +1 -1
package/dist/server/passkey.d.ts +27 -0
package/dist/server/passkey.d.ts.map +1 -0
package/dist/server/passkey.js +328 -0
package/dist/server/passkey.js.map +1 -0
package/dist/server/redirects.d.ts +1 -0
package/dist/{component/server/implementation → server}/redirects.js +13 -11
package/dist/server/redirects.js.map +1 -0
package/dist/server/refresh.d.ts +1 -0
package/dist/server/refresh.js +96 -0
package/dist/server/refresh.js.map +1 -0
package/dist/server/runtime.d.ts +136 -0
package/dist/server/runtime.d.ts.map +1 -0
package/dist/server/runtime.js +413 -0
package/dist/server/runtime.js.map +1 -0
package/dist/server/sessions.d.ts +1 -0
package/dist/{component/server/implementation → server}/sessions.js +14 -8
package/dist/server/sessions.js.map +1 -0
package/dist/server/signin.d.ts +1 -0
package/dist/server/signin.js +201 -0
package/dist/server/signin.js.map +1 -0
package/dist/server/ssr.d.ts +226 -0
package/dist/server/ssr.d.ts.map +1 -0
package/dist/server/ssr.js +786 -0
package/dist/server/ssr.js.map +1 -0
package/dist/server/templates.d.ts +1 -21
package/dist/server/templates.js +2 -1
package/dist/server/templates.js.map +1 -1
package/dist/server/tokens.d.ts +1 -0
package/dist/server/tokens.js +17 -0
package/dist/server/tokens.js.map +1 -0
package/dist/server/totp.d.ts +1 -0
package/dist/server/totp.js +148 -0
package/dist/server/totp.js.map +1 -0
package/dist/server/types.d.ts +498 -306
package/dist/server/types.d.ts.map +1 -1
package/dist/server/types.js +108 -1
package/dist/server/types.js.map +1 -0
package/dist/server/users.d.ts +1 -0
package/dist/server/{implementation/users.js → users.js} +54 -35
package/dist/server/users.js.map +1 -0
package/dist/server/utils.d.ts +1 -6
package/dist/server/utils.js +110 -4
package/dist/server/utils.js.map +1 -1
package/package.json +49 -46
package/src/authorization/index.ts +83 -0
package/src/cli/bin.ts +5 -0
package/src/cli/command.ts +6 -5
package/src/cli/index.ts +456 -248
package/src/cli/keys.ts +3 -0
package/src/client/core/types.ts +437 -0
package/src/client/factors/device.ts +160 -0
package/src/client/factors/passkey.ts +282 -0
package/src/client/factors/totp.ts +150 -0
package/src/client/index.ts +745 -989
package/src/client/runtime/browser.ts +112 -0
package/src/client/runtime/invite.ts +65 -0
package/src/client/runtime/proxy.ts +111 -0
package/src/client/runtime/storage.ts +79 -0
package/src/component/_generated/api.ts +42 -0
package/src/component/_generated/component.ts +3123 -102
package/src/component/functions.ts +38 -22
package/src/component/index.ts +10 -20
package/src/component/model.ts +449 -0
package/src/component/public/enterprise/audit.ts +120 -0
package/src/component/public/enterprise/core.ts +354 -0
package/src/component/public/enterprise/domains.ts +323 -0
package/src/component/public/enterprise/scim.ts +396 -0
package/src/component/public/enterprise/secrets.ts +132 -0
package/src/component/public/enterprise/webhooks.ts +306 -0
package/src/component/public/factors/devices.ts +223 -0
package/src/component/public/factors/passkeys.ts +242 -0
package/src/component/public/factors/totp.ts +258 -0
package/src/component/public/groups/core.ts +481 -0
package/src/component/public/groups/invites.ts +602 -0
package/src/component/public/groups/members.ts +409 -0
package/src/component/public/identity/accounts.ts +206 -0
package/src/component/public/identity/codes.ts +148 -0
package/src/component/public/identity/sessions.ts +209 -0
package/src/component/public/identity/tokens.ts +250 -0
package/src/component/public/identity/users.ts +354 -0
package/src/component/public/identity/verifiers.ts +157 -0
package/src/component/public/security/keys.ts +365 -0
package/src/component/public/security/limits.ts +173 -0
package/src/component/public.ts +26 -1766
package/src/component/schema.ts +273 -100
package/src/providers/anonymous.ts +10 -20
package/src/providers/credentials.ts +14 -22
package/src/providers/device.ts +3 -14
package/src/providers/email.ts +83 -47
package/src/providers/index.ts +7 -0
package/src/providers/oauth.ts +5 -3
package/src/providers/passkey.ts +0 -13
package/src/providers/password.ts +307 -130
package/src/providers/phone.ts +81 -37
package/src/providers/sso.ts +54 -0
package/src/providers/totp.ts +0 -13
package/src/samlify.d.ts +53 -0
package/src/server/auth.ts +701 -247
package/src/server/authError.ts +44 -0
package/src/server/{providers.ts → config.ts} +84 -15
package/src/server/cookies.ts +8 -1
package/src/server/core.ts +2095 -0
package/src/server/crypto.ts +88 -0
package/src/server/{implementation/db.ts → db.ts} +90 -15
package/src/server/device.ts +221 -0
package/src/server/enterprise/config.ts +51 -0
package/src/server/enterprise/domain.ts +1751 -0
package/src/server/enterprise/http.ts +1324 -0
package/src/server/enterprise/oidc.ts +500 -0
package/src/server/enterprise/policy.ts +128 -0
package/src/server/enterprise/saml.ts +578 -0
package/src/server/enterprise/scim.ts +135 -0
package/src/server/enterprise/shared.ts +134 -0
package/src/server/enterprise/validators.ts +93 -0
package/src/server/errors.ts +130 -119
package/src/server/http.ts +531 -0
package/src/server/identity.ts +18 -0
package/src/server/index.ts +32 -650
package/src/server/{implementation/keys.ts → keys.ts} +16 -44
package/src/server/limits.ts +134 -0
package/src/server/mounts.ts +948 -0
package/src/server/mutations/account.ts +76 -0
package/src/server/{implementation/mutations → mutations}/code.ts +22 -11
package/src/server/mutations/index.ts +13 -0
package/src/server/mutations/invalidate.ts +50 -0
package/src/server/mutations/oauth.ts +237 -0
package/src/server/mutations/refresh.ts +298 -0
package/src/server/mutations/register.ts +200 -0
package/src/server/mutations/retrieve.ts +109 -0
package/src/server/mutations/signature.ts +50 -0
package/src/server/{implementation/mutations → mutations}/signin.ts +9 -7
package/src/server/mutations/signout.ts +43 -0
package/src/server/mutations/store/refs.ts +10 -0
package/src/server/mutations/store.ts +138 -0
package/src/server/mutations/verifier.ts +34 -0
package/src/server/mutations/verify.ts +202 -0
package/src/server/oauth.ts +243 -131
package/src/server/passkey.ts +784 -0
package/src/server/{implementation/redirects.ts → redirects.ts} +21 -16
package/src/server/refresh.ts +222 -0
package/src/server/runtime.ts +880 -0
package/src/server/{implementation/sessions.ts → sessions.ts} +33 -25
package/src/server/signin.ts +438 -0
package/src/server/ssr.ts +1764 -0
package/src/server/templates.ts +8 -3
package/src/server/{implementation/tokens.ts → tokens.ts} +11 -5
package/src/server/totp.ts +349 -0
package/src/server/types.ts +972 -207
package/src/server/{implementation/users.ts → users.ts} +129 -75
package/src/server/utils.ts +192 -5
package/src/test.ts +28 -4
package/dist/bin.cjs +0 -27757
package/dist/component/providers/email.js +0 -47
package/dist/component/providers/email.js.map +0 -1
package/dist/component/public.js.map +0 -1
package/dist/component/server/implementation/db.js.map +0 -1
package/dist/component/server/implementation/device.js +0 -135
package/dist/component/server/implementation/device.js.map +0 -1
package/dist/component/server/implementation/index.d.ts +0 -870
package/dist/component/server/implementation/index.d.ts.map +0 -1
package/dist/component/server/implementation/index.js +0 -610
package/dist/component/server/implementation/index.js.map +0 -1
package/dist/component/server/implementation/keys.js.map +0 -1
package/dist/component/server/implementation/mutations/account.js +0 -39
package/dist/component/server/implementation/mutations/account.js.map +0 -1
package/dist/component/server/implementation/mutations/code.js.map +0 -1
package/dist/component/server/implementation/mutations/index.js +0 -70
package/dist/component/server/implementation/mutations/index.js.map +0 -1
package/dist/component/server/implementation/mutations/invalidate.js +0 -29
package/dist/component/server/implementation/mutations/invalidate.js.map +0 -1
package/dist/component/server/implementation/mutations/oauth.js +0 -51
package/dist/component/server/implementation/mutations/oauth.js.map +0 -1
package/dist/component/server/implementation/mutations/refresh.js +0 -85
package/dist/component/server/implementation/mutations/refresh.js.map +0 -1
package/dist/component/server/implementation/mutations/register.js +0 -65
package/dist/component/server/implementation/mutations/register.js.map +0 -1
package/dist/component/server/implementation/mutations/retrieve.js +0 -50
package/dist/component/server/implementation/mutations/retrieve.js.map +0 -1
package/dist/component/server/implementation/mutations/signature.js +0 -27
package/dist/component/server/implementation/mutations/signature.js.map +0 -1
package/dist/component/server/implementation/mutations/signin.js.map +0 -1
package/dist/component/server/implementation/mutations/signout.js +0 -27
package/dist/component/server/implementation/mutations/signout.js.map +0 -1
package/dist/component/server/implementation/mutations/store.js +0 -12
package/dist/component/server/implementation/mutations/store.js.map +0 -1
package/dist/component/server/implementation/mutations/verifier.js +0 -16
package/dist/component/server/implementation/mutations/verifier.js.map +0 -1
package/dist/component/server/implementation/mutations/verify.js +0 -105
package/dist/component/server/implementation/mutations/verify.js.map +0 -1
package/dist/component/server/implementation/passkey.js +0 -307
package/dist/component/server/implementation/passkey.js.map +0 -1
package/dist/component/server/implementation/provider.js +0 -19
package/dist/component/server/implementation/provider.js.map +0 -1
package/dist/component/server/implementation/ratelimit.js +0 -48
package/dist/component/server/implementation/ratelimit.js.map +0 -1
package/dist/component/server/implementation/redirects.js.map +0 -1
package/dist/component/server/implementation/refresh.js +0 -109
package/dist/component/server/implementation/refresh.js.map +0 -1
package/dist/component/server/implementation/sessions.js.map +0 -1
package/dist/component/server/implementation/signin.js +0 -148
package/dist/component/server/implementation/signin.js.map +0 -1
package/dist/component/server/implementation/tokens.js +0 -15
package/dist/component/server/implementation/tokens.js.map +0 -1
package/dist/component/server/implementation/totp.js +0 -142
package/dist/component/server/implementation/totp.js.map +0 -1
package/dist/component/server/implementation/types.d.ts +0 -42
package/dist/component/server/implementation/types.d.ts.map +0 -1
package/dist/component/server/implementation/types.js.map +0 -1
package/dist/component/server/implementation/users.js.map +0 -1
package/dist/component/server/implementation/utils.js +0 -56
package/dist/component/server/implementation/utils.js.map +0 -1
package/dist/component/server/providers.js.map +0 -1
package/dist/component/server/templates.js +0 -84
package/dist/component/server/templates.js.map +0 -1
package/dist/server/cookies.d.ts.map +0 -1
package/dist/server/implementation/db.d.ts +0 -86
package/dist/server/implementation/db.d.ts.map +0 -1
package/dist/server/implementation/db.js.map +0 -1
package/dist/server/implementation/device.d.ts +0 -30
package/dist/server/implementation/device.d.ts.map +0 -1
package/dist/server/implementation/device.js +0 -135
package/dist/server/implementation/device.js.map +0 -1
package/dist/server/implementation/index.d.ts +0 -870
package/dist/server/implementation/index.d.ts.map +0 -1
package/dist/server/implementation/index.js +0 -610
package/dist/server/implementation/index.js.map +0 -1
package/dist/server/implementation/keys.d.ts +0 -66
package/dist/server/implementation/keys.d.ts.map +0 -1
package/dist/server/implementation/keys.js.map +0 -1
package/dist/server/implementation/mutations/account.d.ts +0 -27
package/dist/server/implementation/mutations/account.d.ts.map +0 -1
package/dist/server/implementation/mutations/account.js +0 -39
package/dist/server/implementation/mutations/account.js.map +0 -1
package/dist/server/implementation/mutations/code.d.ts +0 -29
package/dist/server/implementation/mutations/code.d.ts.map +0 -1
package/dist/server/implementation/mutations/code.js.map +0 -1
package/dist/server/implementation/mutations/index.d.ts +0 -310
package/dist/server/implementation/mutations/index.d.ts.map +0 -1
package/dist/server/implementation/mutations/index.js +0 -70
package/dist/server/implementation/mutations/index.js.map +0 -1
package/dist/server/implementation/mutations/invalidate.d.ts +0 -18
package/dist/server/implementation/mutations/invalidate.d.ts.map +0 -1
package/dist/server/implementation/mutations/invalidate.js +0 -29
package/dist/server/implementation/mutations/invalidate.js.map +0 -1
package/dist/server/implementation/mutations/oauth.d.ts +0 -23
package/dist/server/implementation/mutations/oauth.d.ts.map +0 -1
package/dist/server/implementation/mutations/oauth.js +0 -51
package/dist/server/implementation/mutations/oauth.js.map +0 -1
package/dist/server/implementation/mutations/refresh.d.ts +0 -20
package/dist/server/implementation/mutations/refresh.d.ts.map +0 -1
package/dist/server/implementation/mutations/refresh.js +0 -85
package/dist/server/implementation/mutations/refresh.js.map +0 -1
package/dist/server/implementation/mutations/register.d.ts +0 -37
package/dist/server/implementation/mutations/register.d.ts.map +0 -1
package/dist/server/implementation/mutations/register.js +0 -65
package/dist/server/implementation/mutations/register.js.map +0 -1
package/dist/server/implementation/mutations/retrieve.d.ts +0 -31
package/dist/server/implementation/mutations/retrieve.d.ts.map +0 -1
package/dist/server/implementation/mutations/retrieve.js +0 -50
package/dist/server/implementation/mutations/retrieve.js.map +0 -1
package/dist/server/implementation/mutations/signature.d.ts +0 -19
package/dist/server/implementation/mutations/signature.d.ts.map +0 -1
package/dist/server/implementation/mutations/signature.js +0 -27
package/dist/server/implementation/mutations/signature.js.map +0 -1
package/dist/server/implementation/mutations/signin.d.ts +0 -21
package/dist/server/implementation/mutations/signin.d.ts.map +0 -1
package/dist/server/implementation/mutations/signin.js.map +0 -1
package/dist/server/implementation/mutations/signout.d.ts +0 -14
package/dist/server/implementation/mutations/signout.d.ts.map +0 -1
package/dist/server/implementation/mutations/signout.js +0 -27
package/dist/server/implementation/mutations/signout.js.map +0 -1
package/dist/server/implementation/mutations/store.d.ts +0 -11
package/dist/server/implementation/mutations/store.d.ts.map +0 -1
package/dist/server/implementation/mutations/store.js +0 -12
package/dist/server/implementation/mutations/store.js.map +0 -1
package/dist/server/implementation/mutations/verifier.d.ts +0 -11
package/dist/server/implementation/mutations/verifier.d.ts.map +0 -1
package/dist/server/implementation/mutations/verifier.js +0 -16
package/dist/server/implementation/mutations/verifier.js.map +0 -1
package/dist/server/implementation/mutations/verify.d.ts +0 -25
package/dist/server/implementation/mutations/verify.d.ts.map +0 -1
package/dist/server/implementation/mutations/verify.js +0 -105
package/dist/server/implementation/mutations/verify.js.map +0 -1
package/dist/server/implementation/passkey.d.ts +0 -24
package/dist/server/implementation/passkey.d.ts.map +0 -1
package/dist/server/implementation/passkey.js +0 -307
package/dist/server/implementation/passkey.js.map +0 -1
package/dist/server/implementation/provider.d.ts +0 -10
package/dist/server/implementation/provider.d.ts.map +0 -1
package/dist/server/implementation/provider.js +0 -19
package/dist/server/implementation/provider.js.map +0 -1
package/dist/server/implementation/ratelimit.d.ts +0 -10
package/dist/server/implementation/ratelimit.d.ts.map +0 -1
package/dist/server/implementation/ratelimit.js +0 -48
package/dist/server/implementation/ratelimit.js.map +0 -1
package/dist/server/implementation/redirects.d.ts +0 -10
package/dist/server/implementation/redirects.d.ts.map +0 -1
package/dist/server/implementation/redirects.js.map +0 -1
package/dist/server/implementation/refresh.d.ts +0 -37
package/dist/server/implementation/refresh.d.ts.map +0 -1
package/dist/server/implementation/refresh.js +0 -109
package/dist/server/implementation/refresh.js.map +0 -1
package/dist/server/implementation/sessions.d.ts +0 -29
package/dist/server/implementation/sessions.d.ts.map +0 -1
package/dist/server/implementation/sessions.js.map +0 -1
package/dist/server/implementation/signin.d.ts +0 -55
package/dist/server/implementation/signin.d.ts.map +0 -1
package/dist/server/implementation/signin.js +0 -148
package/dist/server/implementation/signin.js.map +0 -1
package/dist/server/implementation/tokens.d.ts +0 -11
package/dist/server/implementation/tokens.d.ts.map +0 -1
package/dist/server/implementation/tokens.js +0 -15
package/dist/server/implementation/tokens.js.map +0 -1
package/dist/server/implementation/totp.d.ts +0 -31
package/dist/server/implementation/totp.d.ts.map +0 -1
package/dist/server/implementation/totp.js +0 -142
package/dist/server/implementation/totp.js.map +0 -1
package/dist/server/implementation/types.d.ts +0 -189
package/dist/server/implementation/types.d.ts.map +0 -1
package/dist/server/implementation/types.js +0 -97
package/dist/server/implementation/types.js.map +0 -1
package/dist/server/implementation/users.d.ts +0 -30
package/dist/server/implementation/users.d.ts.map +0 -1
package/dist/server/implementation/users.js.map +0 -1
package/dist/server/implementation/utils.d.ts +0 -19
package/dist/server/implementation/utils.d.ts.map +0 -1
package/dist/server/implementation/utils.js +0 -56
package/dist/server/implementation/utils.js.map +0 -1
package/dist/server/index.d.ts.map +0 -1
package/dist/server/index.js.map +0 -1
package/dist/server/oauth.d.ts.map +0 -1
package/dist/server/providers.d.ts +0 -72
package/dist/server/providers.d.ts.map +0 -1
package/dist/server/providers.js.map +0 -1
package/dist/server/templates.d.ts.map +0 -1
package/dist/server/utils.d.ts.map +0 -1
package/dist/server/version.d.ts +0 -5
package/dist/server/version.d.ts.map +0 -1
package/dist/server/version.js +0 -6
package/dist/server/version.js.map +0 -1
package/src/cli/utils.ts +0 -248
package/src/server/implementation/device.ts +0 -307
package/src/server/implementation/index.ts +0 -1583
package/src/server/implementation/mutations/account.ts +0 -50
package/src/server/implementation/mutations/index.ts +0 -157
package/src/server/implementation/mutations/invalidate.ts +0 -42
package/src/server/implementation/mutations/oauth.ts +0 -73
package/src/server/implementation/mutations/refresh.ts +0 -175
package/src/server/implementation/mutations/register.ts +0 -100
package/src/server/implementation/mutations/retrieve.ts +0 -79
package/src/server/implementation/mutations/signature.ts +0 -39
package/src/server/implementation/mutations/signout.ts +0 -35
package/src/server/implementation/mutations/store.ts +0 -7
package/src/server/implementation/mutations/verifier.ts +0 -24
package/src/server/implementation/mutations/verify.ts +0 -194
package/src/server/implementation/passkey.ts +0 -620
package/src/server/implementation/provider.ts +0 -36
package/src/server/implementation/ratelimit.ts +0 -79
package/src/server/implementation/refresh.ts +0 -172
package/src/server/implementation/signin.ts +0 -296
package/src/server/implementation/totp.ts +0 -342
package/src/server/implementation/types.ts +0 -444
package/src/server/implementation/utils.ts +0 -91
package/src/server/version.ts +0 -2

package/dist/component/public.js CHANGED Viewed

@@ -1,1230 +1,22 @@
-import { mutation, query } from "./functions.js";
-import { ConvexError, v } from "convex/values";
+import { accountDelete, accountGet, accountGetById, accountInsert, accountListByUser, accountPatch } from "./public/identity/accounts.js";
+import { deviceAuthorize, deviceDelete, deviceGetByCodeHash, deviceGetByUserCode, deviceInsert, deviceUpdateLastPolled } from "./public/factors/devices.js";
+import { enterpriseAuditEventCreate, enterpriseAuditEventList } from "./public/enterprise/audit.js";
+import { enterpriseCreate, enterpriseDelete, enterpriseGet, enterpriseGetByDomain, enterpriseGetByGroup, enterpriseList, enterpriseUpdate } from "./public/enterprise/core.js";
+import { enterpriseDomainAdd, enterpriseDomainDelete, enterpriseDomainList, enterpriseDomainVerificationDelete, enterpriseDomainVerificationGet, enterpriseDomainVerificationUpsert, enterpriseDomainVerify } from "./public/enterprise/domains.js";
+import { enterpriseScimConfigGetByEnterprise, enterpriseScimConfigGetByTokenHash, enterpriseScimConfigUpsert, enterpriseScimIdentityDelete, enterpriseScimIdentityGet, enterpriseScimIdentityGetByEnterpriseAndUser, enterpriseScimIdentityGetByMappedGroup, enterpriseScimIdentityGetByUser, enterpriseScimIdentityListByEnterprise, enterpriseScimIdentityUpsert } from "./public/enterprise/scim.js";
+import { enterpriseSecretDelete, enterpriseSecretGet, enterpriseSecretUpsert } from "./public/enterprise/secrets.js";
+import { enterpriseWebhookDeliveryEnqueue, enterpriseWebhookDeliveryList, enterpriseWebhookDeliveryListReady, enterpriseWebhookDeliveryPatch, enterpriseWebhookEndpointCreate, enterpriseWebhookEndpointGet, enterpriseWebhookEndpointList, enterpriseWebhookEndpointUpdate } from "./public/enterprise/webhooks.js";
+import { groupCreate, groupDelete, groupGet, groupList, groupUpdate } from "./public/groups/core.js";
+import { inviteAccept, inviteAcceptByToken, inviteCreate, inviteGet, inviteGetByTokenHash, inviteList, inviteRevoke } from "./public/groups/invites.js";
+import { memberAdd, memberGet, memberGetByGroupAndUser, memberList, memberRemove, memberResolve, memberUpdate } from "./public/groups/members.js";
+import { keyDelete, keyGetByHashedKey, keyGetById, keyInsert, keyList, keyPatch } from "./public/security/keys.js";
+import { passkeyDelete, passkeyGetByCredentialId, passkeyInsert, passkeyListByUserId, passkeyUpdateCounter, passkeyUpdateMeta } from "./public/factors/passkeys.js";
+import { rateLimitCreate, rateLimitDelete, rateLimitGet, rateLimitPatch } from "./public/security/limits.js";
+import { refreshTokenCreate, refreshTokenDeleteAll, refreshTokenGetActive, refreshTokenGetById, refreshTokenGetChildren, refreshTokenListBySession, refreshTokenPatch } from "./public/identity/tokens.js";
+import { sessionCreate, sessionDelete, sessionGetById, sessionList, sessionListByUser } from "./public/identity/sessions.js";
+import { totpDelete, totpGetById, totpGetVerifiedByUserId, totpInsert, totpListByUserId, totpMarkVerified, totpUpdateLastUsed } from "./public/factors/totp.js";
+import { userDelete, userFindByVerifiedEmail, userFindByVerifiedPhone, userGetById, userInsert, userList, userPatch, userUpsert } from "./public/identity/users.js";
+import { verificationCodeCreate, verificationCodeDelete, verificationCodeGetByAccountId, verificationCodeGetByCode } from "./public/identity/codes.js";
+import { verifierCreate, verifierDelete, verifierGetById, verifierGetBySignature, verifierPatch } from "./public/identity/verifiers.js";
-//#region src/component/public.ts
-/** Validator for a single `{ key, value }` tag pair. */
-const vTag = v.object({
-	key: v.string(),
-	value: v.string()
-});
-/** Normalize a single tag: trim + lowercase key and value. */
-function normalizeTag(tag) {
-	return {
-		key: tag.key.trim().toLowerCase(),
-		value: tag.value.trim().toLowerCase()
-	};
-}
-/**
-* Normalize and deduplicate an array of tags.
-* Deduplication is based on the normalized `key\0value` composite.
-*/
-function normalizeTags(tags) {
-	const seen = /* @__PURE__ */ new Set();
-	const result = [];
-	for (const raw of tags) {
-		const t = normalizeTag(raw);
-		const composite = `${t.key}\0${t.value}`;
-		if (!seen.has(composite)) {
-			seen.add(composite);
-			result.push(t);
-		}
-	}
-	return result;
-}
-/**
-* List users with optional filtering, sorting, and pagination.
-*
-* Returns `{ items, nextCursor }` — pass `nextCursor` back as `cursor`
-* for the next page, or `null` when exhausted.
-*/
-const userList = query({
-	args: {
-		where: v.optional(v.object({
-			email: v.optional(v.string()),
-			phone: v.optional(v.string()),
-			isAnonymous: v.optional(v.boolean()),
-			name: v.optional(v.string())
-		})),
-		limit: v.optional(v.number()),
-		cursor: v.optional(v.union(v.string(), v.null())),
-		orderBy: v.optional(v.union(v.literal("_creationTime"), v.literal("name"), v.literal("email"), v.literal("phone"))),
-		order: v.optional(v.union(v.literal("asc"), v.literal("desc")))
-	},
-	handler: async (ctx, args) => {
-		const where = args.where ?? {};
-		const limit = Math.min(Math.max(args.limit ?? 50, 1), 100);
-		const order = args.order ?? "desc";
-		let q;
-		if (where.email !== void 0) q = ctx.db.query("user").withIndex("email", (idx) => idx.eq("email", where.email));
-		else if (where.phone !== void 0) q = ctx.db.query("user").withIndex("phone", (idx) => idx.eq("phone", where.phone));
-		else q = ctx.db.query("user");
-		if (where.isAnonymous !== void 0) q = q.filter((f) => f.eq(f.field("isAnonymous"), where.isAnonymous));
-		if (where.name !== void 0) q = q.filter((f) => f.eq(f.field("name"), where.name));
-		if (where.email !== void 0 && where.phone !== void 0) q = q.filter((f) => f.eq(f.field("phone"), where.phone));
-		q = q.order(order);
-		const all = await q.collect();
-		let startIdx = 0;
-		if (args.cursor) {
-			const cursorIdx = all.findIndex((doc) => doc._id === args.cursor);
-			if (cursorIdx !== -1) startIdx = cursorIdx + 1;
-		}
-		const page = all.slice(startIdx, startIdx + limit + 1);
-		const hasMore = page.length > limit;
-		const items = hasMore ? page.slice(0, limit) : page;
-		return {
-			items,
-			nextCursor: hasMore ? items[items.length - 1]._id : null
-		};
-	}
-});
-/** Retrieve a user by their document ID. */
-const userGetById = query({
-	args: { userId: v.id("user") },
-	handler: async (ctx, { userId }) => {
-		return await ctx.db.get(userId);
-	}
-});
-/**
-* Find a user by their verified email address. Returns `null` if no user
-* has this email verified, or if multiple users share the same verified email
-* (ambiguous — should not happen in normal operation).
-*/
-const userFindByVerifiedEmail = query({
-	args: { email: v.string() },
-	handler: async (ctx, { email }) => {
-		const users = await ctx.db.query("user").withIndex("email", (q) => q.eq("email", email)).filter((q) => q.neq(q.field("emailVerificationTime"), void 0)).take(2);
-		return users.length === 1 ? users[0] : null;
-	}
-});
-/**
-* Find a user by their verified phone number. Returns `null` if no user
-* has this phone verified, or if multiple users share the same verified phone
-* (ambiguous — should not happen in normal operation).
-*/
-const userFindByVerifiedPhone = query({
-	args: { phone: v.string() },
-	handler: async (ctx, { phone }) => {
-		const users = await ctx.db.query("user").withIndex("phone", (q) => q.eq("phone", phone)).filter((q) => q.neq(q.field("phoneVerificationTime"), void 0)).take(2);
-		return users.length === 1 ? users[0] : null;
-	}
-});
-/** Insert a new user document. */
-const userInsert = mutation({
-	args: { data: v.any() },
-	handler: async (ctx, { data }) => {
-		return await ctx.db.insert("user", data);
-	}
-});
-/** Insert a new user or update an existing one. */
-const userUpsert = mutation({
-	args: {
-		userId: v.optional(v.id("user")),
-		data: v.any()
-	},
-	handler: async (ctx, { userId, data }) => {
-		if (userId !== void 0) {
-			await ctx.db.patch(userId, data);
-			return userId;
-		}
-		return await ctx.db.insert("user", data);
-	}
-});
-/** Patch an existing user document with partial data. */
-const userPatch = mutation({
-	args: {
-		userId: v.id("user"),
-		data: v.any()
-	},
-	handler: async (ctx, { userId, data }) => {
-		await ctx.db.patch(userId, data);
-	}
-});
-/** List all accounts for a user. */
-const accountListByUser = query({
-	args: { userId: v.id("user") },
-	handler: async (ctx, { userId }) => {
-		return await ctx.db.query("account").withIndex("userIdAndProvider", (q) => q.eq("userId", userId)).collect();
-	}
-});
-/** Look up an account by provider and provider-specific account ID. */
-const accountGet = query({
-	args: {
-		provider: v.string(),
-		providerAccountId: v.string()
-	},
-	handler: async (ctx, { provider, providerAccountId }) => {
-		return await ctx.db.query("account").withIndex("providerAndAccountId", (q) => q.eq("provider", provider).eq("providerAccountId", providerAccountId)).unique();
-	}
-});
-/** Retrieve an account by its document ID. */
-const accountGetById = query({
-	args: { accountId: v.id("account") },
-	handler: async (ctx, { accountId }) => {
-		return await ctx.db.get(accountId);
-	}
-});
-/** Create a new account linking a user to an auth provider. */
-const accountInsert = mutation({
-	args: {
-		userId: v.id("user"),
-		provider: v.string(),
-		providerAccountId: v.string(),
-		secret: v.optional(v.string())
-	},
-	handler: async (ctx, args) => {
-		return await ctx.db.insert("account", args);
-	}
-});
-/** Patch an existing account document with partial data. */
-const accountPatch = mutation({
-	args: {
-		accountId: v.id("account"),
-		data: v.any()
-	},
-	handler: async (ctx, { accountId, data }) => {
-		await ctx.db.patch(accountId, data);
-	}
-});
-/** Delete an account document. */
-const accountDelete = mutation({
-	args: { accountId: v.id("account") },
-	handler: async (ctx, { accountId }) => {
-		await ctx.db.delete(accountId);
-	}
-});
-/**
-* List sessions with optional filtering and pagination.
-*
-* Returns `{ items, nextCursor }`.
-*/
-const sessionList = query({
-	args: {
-		where: v.optional(v.object({ userId: v.optional(v.id("user")) })),
-		limit: v.optional(v.number()),
-		cursor: v.optional(v.union(v.string(), v.null())),
-		order: v.optional(v.union(v.literal("asc"), v.literal("desc")))
-	},
-	handler: async (ctx, args) => {
-		const where = args.where ?? {};
-		const limit = Math.min(Math.max(args.limit ?? 50, 1), 100);
-		const order = args.order ?? "desc";
-		let q;
-		if (where.userId !== void 0) q = ctx.db.query("session").withIndex("userId", (idx) => idx.eq("userId", where.userId));
-		else q = ctx.db.query("session");
-		q = q.order(order);
-		const all = await q.collect();
-		let startIdx = 0;
-		if (args.cursor) {
-			const cursorIdx = all.findIndex((doc) => doc._id === args.cursor);
-			if (cursorIdx !== -1) startIdx = cursorIdx + 1;
-		}
-		const page = all.slice(startIdx, startIdx + limit + 1);
-		const hasMore = page.length > limit;
-		const items = hasMore ? page.slice(0, limit) : page;
-		return {
-			items,
-			nextCursor: hasMore ? items[items.length - 1]._id : null
-		};
-	}
-});
-/** Create a new session for a user with an expiration time. */
-const sessionCreate = mutation({
-	args: {
-		userId: v.id("user"),
-		expirationTime: v.number()
-	},
-	handler: async (ctx, { userId, expirationTime }) => {
-		return await ctx.db.insert("session", {
-			userId,
-			expirationTime
-		});
-	}
-});
-/** Retrieve a session by its document ID. */
-const sessionGetById = query({
-	args: { sessionId: v.id("session") },
-	handler: async (ctx, { sessionId }) => {
-		return await ctx.db.get(sessionId);
-	}
-});
-/** Delete a session. No-op if the session does not exist. */
-const sessionDelete = mutation({
-	args: { sessionId: v.id("session") },
-	handler: async (ctx, { sessionId }) => {
-		if (await ctx.db.get(sessionId) !== null) await ctx.db.delete(sessionId);
-	}
-});
-/** List all sessions for a user. */
-const sessionListByUser = query({
-	args: { userId: v.id("user") },
-	handler: async (ctx, { userId }) => {
-		return await ctx.db.query("session").withIndex("userId", (q) => q.eq("userId", userId)).collect();
-	}
-});
-/** Create a new PKCE verifier, optionally linked to a session. */
-const verifierCreate = mutation({
-	args: { sessionId: v.optional(v.id("session")) },
-	handler: async (ctx, { sessionId }) => {
-		return await ctx.db.insert("verifier", { sessionId });
-	}
-});
-/** Retrieve a verifier by its document ID. */
-const verifierGetById = query({
-	args: { verifierId: v.id("verifier") },
-	handler: async (ctx, { verifierId }) => {
-		return await ctx.db.get(verifierId);
-	}
-});
-/** Look up a verifier by its cryptographic signature. */
-const verifierGetBySignature = query({
-	args: { signature: v.string() },
-	handler: async (ctx, { signature }) => {
-		return await ctx.db.query("verifier").withIndex("signature", (q) => q.eq("signature", signature)).unique();
-	}
-});
-/** Patch a verifier document with partial data. */
-const verifierPatch = mutation({
-	args: {
-		verifierId: v.id("verifier"),
-		data: v.any()
-	},
-	handler: async (ctx, { verifierId, data }) => {
-		await ctx.db.patch(verifierId, data);
-	}
-});
-/** Delete a verifier document. */
-const verifierDelete = mutation({
-	args: { verifierId: v.id("verifier") },
-	handler: async (ctx, { verifierId }) => {
-		await ctx.db.delete(verifierId);
-	}
-});
-/** Find a verification code by its associated account ID. */
-const verificationCodeGetByAccountId = query({
-	args: { accountId: v.id("account") },
-	handler: async (ctx, { accountId }) => {
-		return await ctx.db.query("verification").withIndex("accountId", (q) => q.eq("accountId", accountId)).unique();
-	}
-});
-/** Find a verification code by its code string. */
-const verificationCodeGetByCode = query({
-	args: { code: v.string() },
-	handler: async (ctx, { code }) => {
-		return await ctx.db.query("verification").withIndex("code", (q) => q.eq("code", code)).unique();
-	}
-});
-/** Create a new verification code for OTP, magic link, or OAuth flows. */
-const verificationCodeCreate = mutation({
-	args: {
-		accountId: v.id("account"),
-		provider: v.string(),
-		code: v.string(),
-		expirationTime: v.number(),
-		verifier: v.optional(v.string()),
-		emailVerified: v.optional(v.string()),
-		phoneVerified: v.optional(v.string())
-	},
-	handler: async (ctx, args) => {
-		return await ctx.db.insert("verification", args);
-	}
-});
-/** Delete a verification code document. */
-const verificationCodeDelete = mutation({
-	args: { verificationCodeId: v.id("verification") },
-	handler: async (ctx, { verificationCodeId }) => {
-		await ctx.db.delete(verificationCodeId);
-	}
-});
-/** Create a new refresh token for a session. */
-const refreshTokenCreate = mutation({
-	args: {
-		sessionId: v.id("session"),
-		expirationTime: v.number(),
-		parentRefreshTokenId: v.optional(v.id("token"))
-	},
-	handler: async (ctx, args) => {
-		return await ctx.db.insert("token", args);
-	}
-});
-/** Retrieve a refresh token by its document ID. */
-const refreshTokenGetById = query({
-	args: { refreshTokenId: v.id("token") },
-	handler: async (ctx, { refreshTokenId }) => {
-		return await ctx.db.get(refreshTokenId);
-	}
-});
-/** Patch a refresh token document with partial data. */
-const refreshTokenPatch = mutation({
-	args: {
-		refreshTokenId: v.id("token"),
-		data: v.any()
-	},
-	handler: async (ctx, { refreshTokenId, data }) => {
-		await ctx.db.patch(refreshTokenId, data);
-	}
-});
-/** Get child tokens that were created by exchanging a specific parent token. */
-const refreshTokenGetChildren = query({
-	args: {
-		sessionId: v.id("session"),
-		parentRefreshTokenId: v.id("token")
-	},
-	handler: async (ctx, { sessionId, parentRefreshTokenId }) => {
-		return await ctx.db.query("token").withIndex("sessionIdAndParentRefreshTokenId", (q) => q.eq("sessionId", sessionId).eq("parentRefreshTokenId", parentRefreshTokenId)).collect();
-	}
-});
-/** List all refresh tokens for a session. */
-const refreshTokenListBySession = query({
-	args: { sessionId: v.id("session") },
-	handler: async (ctx, { sessionId }) => {
-		return await ctx.db.query("token").withIndex("sessionIdAndParentRefreshTokenId", (q) => q.eq("sessionId", sessionId)).collect();
-	}
-});
-/** Delete all refresh tokens for a session. */
-const refreshTokenDeleteAll = mutation({
-	args: { sessionId: v.id("session") },
-	handler: async (ctx, { sessionId }) => {
-		const tokens = await ctx.db.query("token").withIndex("sessionIdAndParentRefreshTokenId", (q) => q.eq("sessionId", sessionId)).collect();
-		await Promise.all(tokens.map((token) => ctx.db.delete(token._id)));
-	}
-});
-/** Get the active (unused) refresh token for a session. */
-const refreshTokenGetActive = query({
-	args: { sessionId: v.id("session") },
-	handler: async (ctx, { sessionId }) => {
-		return await ctx.db.query("token").withIndex("sessionId", (q) => q.eq("sessionId", sessionId)).filter((q) => q.eq(q.field("firstUsedTime"), void 0)).order("desc").first();
-	}
-});
-/** Store a new passkey credential for a user. */
-const passkeyInsert = mutation({
-	args: {
-		userId: v.id("user"),
-		credentialId: v.string(),
-		publicKey: v.bytes(),
-		algorithm: v.number(),
-		counter: v.number(),
-		transports: v.optional(v.array(v.string())),
-		deviceType: v.string(),
-		backedUp: v.boolean(),
-		name: v.optional(v.string()),
-		createdAt: v.number()
-	},
-	handler: async (ctx, args) => {
-		return await ctx.db.insert("passkey", args);
-	}
-});
-/** Look up a passkey by its credential ID. */
-const passkeyGetByCredentialId = query({
-	args: { credentialId: v.string() },
-	handler: async (ctx, { credentialId }) => {
-		return await ctx.db.query("passkey").withIndex("credentialId", (q) => q.eq("credentialId", credentialId)).unique();
-	}
-});
-/** List all passkeys for a user. */
-const passkeyListByUserId = query({
-	args: { userId: v.id("user") },
-	handler: async (ctx, { userId }) => {
-		return await ctx.db.query("passkey").withIndex("userId", (q) => q.eq("userId", userId)).collect();
-	}
-});
-/** Update a passkey's counter and last used timestamp after authentication. */
-const passkeyUpdateCounter = mutation({
-	args: {
-		passkeyId: v.id("passkey"),
-		counter: v.number(),
-		lastUsedAt: v.number()
-	},
-	handler: async (ctx, { passkeyId, counter, lastUsedAt }) => {
-		await ctx.db.patch(passkeyId, {
-			counter,
-			lastUsedAt
-		});
-	}
-});
-/** Update a passkey's metadata (name). */
-const passkeyUpdateMeta = mutation({
-	args: {
-		passkeyId: v.id("passkey"),
-		data: v.any()
-	},
-	handler: async (ctx, { passkeyId, data }) => {
-		await ctx.db.patch(passkeyId, data);
-	}
-});
-/** Delete a passkey credential. */
-const passkeyDelete = mutation({
-	args: { passkeyId: v.id("passkey") },
-	handler: async (ctx, { passkeyId }) => {
-		await ctx.db.delete(passkeyId);
-	}
-});
-/** Store a new TOTP enrollment for a user. */
-const totpInsert = mutation({
-	args: {
-		userId: v.id("user"),
-		secret: v.bytes(),
-		digits: v.number(),
-		period: v.number(),
-		verified: v.boolean(),
-		name: v.optional(v.string()),
-		createdAt: v.number()
-	},
-	handler: async (ctx, args) => {
-		return await ctx.db.insert("totp", args);
-	}
-});
-/** Get a verified TOTP enrollment for a user (returns first match). */
-const totpGetVerifiedByUserId = query({
-	args: { userId: v.id("user") },
-	handler: async (ctx, { userId }) => {
-		return await ctx.db.query("totp").withIndex("userId", (q) => q.eq("userId", userId)).filter((q) => q.eq(q.field("verified"), true)).first();
-	}
-});
-/** List all TOTP enrollments for a user. */
-const totpListByUserId = query({
-	args: { userId: v.id("user") },
-	handler: async (ctx, { userId }) => {
-		return await ctx.db.query("totp").withIndex("userId", (q) => q.eq("userId", userId)).collect();
-	}
-});
-/** Get a TOTP enrollment by its ID. */
-const totpGetById = query({
-	args: { totpId: v.id("totp") },
-	handler: async (ctx, { totpId }) => {
-		return await ctx.db.get(totpId);
-	}
-});
-/** Mark a TOTP enrollment as verified (setup complete). */
-const totpMarkVerified = mutation({
-	args: {
-		totpId: v.id("totp"),
-		lastUsedAt: v.number()
-	},
-	handler: async (ctx, { totpId, lastUsedAt }) => {
-		await ctx.db.patch(totpId, {
-			verified: true,
-			lastUsedAt
-		});
-	}
-});
-/** Update a TOTP enrollment's last used timestamp. */
-const totpUpdateLastUsed = mutation({
-	args: {
-		totpId: v.id("totp"),
-		lastUsedAt: v.number()
-	},
-	handler: async (ctx, { totpId, lastUsedAt }) => {
-		await ctx.db.patch(totpId, { lastUsedAt });
-	}
-});
-/** Delete a TOTP enrollment. */
-const totpDelete = mutation({
-	args: { totpId: v.id("totp") },
-	handler: async (ctx, { totpId }) => {
-		await ctx.db.delete(totpId);
-	}
-});
-/** Look up a rate limit entry by its identifier. */
-const rateLimitGet = query({
-	args: { identifier: v.string() },
-	handler: async (ctx, { identifier }) => {
-		return await ctx.db.query("limit").withIndex("identifier", (q) => q.eq("identifier", identifier)).unique();
-	}
-});
-/** Create a new rate limit entry. */
-const rateLimitCreate = mutation({
-	args: {
-		identifier: v.string(),
-		attemptsLeft: v.number(),
-		lastAttemptTime: v.number()
-	},
-	handler: async (ctx, args) => {
-		return await ctx.db.insert("limit", args);
-	}
-});
-/** Patch a rate limit entry with partial data. */
-const rateLimitPatch = mutation({
-	args: {
-		rateLimitId: v.id("limit"),
-		data: v.any()
-	},
-	handler: async (ctx, { rateLimitId, data }) => {
-		await ctx.db.patch(rateLimitId, data);
-	}
-});
-/** Delete a rate limit entry. */
-const rateLimitDelete = mutation({
-	args: { rateLimitId: v.id("limit") },
-	handler: async (ctx, { rateLimitId }) => {
-		await ctx.db.delete(rateLimitId);
-	}
-});
-/**
-* Create a new group. Groups are hierarchical — set `parentGroupId` to nest
-* under an existing group, or omit it to create a root-level group.
-*
-* @returns The ID of the newly created group.
-*/
-const groupCreate = mutation({
-	args: {
-		name: v.string(),
-		slug: v.optional(v.string()),
-		type: v.optional(v.string()),
-		parentGroupId: v.optional(v.id("group")),
-		tags: v.optional(v.array(vTag)),
-		extend: v.optional(v.any())
-	},
-	handler: async (ctx, args) => {
-		const { tags: rawTags, ...rest } = args;
-		const normalizedTags = rawTags ? normalizeTags(rawTags) : void 0;
-		const groupId = await ctx.db.insert("group", {
-			...rest,
-			tags: normalizedTags
-		});
-		if (normalizedTags) for (const tag of normalizedTags) await ctx.db.insert("groupTag", {
-			groupId,
-			key: tag.key,
-			value: tag.value
-		});
-		return groupId;
-	}
-});
-/** Retrieve a group by its document ID. Returns `null` if not found. */
-const groupGet = query({
-	args: { groupId: v.id("group") },
-	handler: async (ctx, { groupId }) => {
-		return await ctx.db.get(groupId);
-	}
-});
-/**
-* List groups with optional filtering, sorting, and pagination.
-*
-* Returns `{ items, nextCursor }`. Empty `where` returns **all** groups.
-*/
-const groupList = query({
-	args: {
-		where: v.optional(v.object({
-			slug: v.optional(v.string()),
-			type: v.optional(v.string()),
-			parentGroupId: v.optional(v.id("group")),
-			name: v.optional(v.string()),
-			isRoot: v.optional(v.boolean()),
-			tagsAll: v.optional(v.array(vTag)),
-			tagsAny: v.optional(v.array(vTag))
-		})),
-		limit: v.optional(v.number()),
-		cursor: v.optional(v.union(v.string(), v.null())),
-		orderBy: v.optional(v.union(v.literal("_creationTime"), v.literal("name"), v.literal("slug"), v.literal("type"))),
-		order: v.optional(v.union(v.literal("asc"), v.literal("desc")))
-	},
-	handler: async (ctx, args) => {
-		const where = args.where ?? {};
-		const limit = Math.min(Math.max(args.limit ?? 50, 1), 100);
-		const order = args.order ?? "desc";
-		let tagFilteredIds = null;
-		if (where.tagsAll && where.tagsAll.length > 0) {
-			let allSet = null;
-			for (const rawTag of where.tagsAll) {
-				const t = normalizeTag(rawTag);
-				const rows = await ctx.db.query("groupTag").withIndex("by_key_value", (idx) => idx.eq("key", t.key).eq("value", t.value)).collect();
-				const ids = new Set(rows.map((r) => r.groupId));
-				if (allSet === null) allSet = ids;
-				else for (const id of allSet) if (!ids.has(id)) allSet.delete(id);
-				if (allSet.size === 0) break;
-			}
-			tagFilteredIds = allSet ?? /* @__PURE__ */ new Set();
-		}
-		if (where.tagsAny && where.tagsAny.length > 0) {
-			const anySet = /* @__PURE__ */ new Set();
-			for (const rawTag of where.tagsAny) {
-				const t = normalizeTag(rawTag);
-				const rows = await ctx.db.query("groupTag").withIndex("by_key_value", (idx) => idx.eq("key", t.key).eq("value", t.value)).collect();
-				for (const r of rows) anySet.add(r.groupId);
-			}
-			if (tagFilteredIds !== null) {
-				for (const id of tagFilteredIds) if (!anySet.has(id)) tagFilteredIds.delete(id);
-			} else tagFilteredIds = anySet;
-		}
-		let q;
-		if (where.type !== void 0 && where.parentGroupId !== void 0) q = ctx.db.query("group").withIndex("typeAndParentGroupId", (idx) => idx.eq("type", where.type).eq("parentGroupId", where.parentGroupId));
-		else if (where.slug !== void 0) q = ctx.db.query("group").withIndex("slug", (idx) => idx.eq("slug", where.slug));
-		else if (where.type !== void 0) q = ctx.db.query("group").withIndex("type", (idx) => idx.eq("type", where.type));
-		else if (where.parentGroupId !== void 0) q = ctx.db.query("group").withIndex("parentGroupId", (idx) => idx.eq("parentGroupId", where.parentGroupId));
-		else q = ctx.db.query("group");
-		if (where.name !== void 0) q = q.filter((f) => f.eq(f.field("name"), where.name));
-		if (where.isRoot === true) q = q.filter((f) => f.eq(f.field("parentGroupId"), void 0));
-		else if (where.isRoot === false) q = q.filter((f) => f.neq(f.field("parentGroupId"), void 0));
-		if (where.slug !== void 0 && where.type !== void 0) q = q.filter((f) => f.eq(f.field("slug"), where.slug));
-		q = q.order(order);
-		let all = await q.collect();
-		if (tagFilteredIds !== null) all = all.filter((doc) => tagFilteredIds.has(doc._id));
-		let startIdx = 0;
-		if (args.cursor) {
-			const cursorIdx = all.findIndex((doc) => doc._id === args.cursor);
-			if (cursorIdx !== -1) startIdx = cursorIdx + 1;
-		}
-		const page = all.slice(startIdx, startIdx + limit + 1);
-		const hasMore = page.length > limit;
-		const items = hasMore ? page.slice(0, limit) : page;
-		return {
-			items,
-			nextCursor: hasMore ? items[items.length - 1]._id : null
-		};
-	}
-});
-/** Update a group's fields (name, slug, tags, extend, parentGroupId). */
-const groupUpdate = mutation({
-	args: {
-		groupId: v.id("group"),
-		data: v.any()
-	},
-	handler: async (ctx, { groupId, data }) => {
-		if (data.tags !== void 0) {
-			const normalizedTags = Array.isArray(data.tags) ? normalizeTags(data.tags) : [];
-			const existingTags = await ctx.db.query("groupTag").withIndex("by_group", (idx) => idx.eq("groupId", groupId)).collect();
-			for (const existing of existingTags) await ctx.db.delete(existing._id);
-			for (const tag of normalizedTags) await ctx.db.insert("groupTag", {
-				groupId,
-				key: tag.key,
-				value: tag.value
-			});
-			await ctx.db.patch(groupId, {
-				...data,
-				tags: normalizedTags.length > 0 ? normalizedTags : void 0
-			});
-		} else await ctx.db.patch(groupId, data);
-	}
-});
-/**
-* Delete a group and all of its descendants. This cascades to:
-* - All child groups (recursively)
-* - All members of this group and its descendants
-* - All invites for this group and its descendants
-*/
-const groupDelete = mutation({
-	args: { groupId: v.id("group") },
-	handler: async (ctx, { groupId }) => {
-		const deleteGroup = async (id) => {
-			const children = await ctx.db.query("group").withIndex("parentGroupId", (q) => q.eq("parentGroupId", id)).collect();
-			for (const child of children) await deleteGroup(child._id);
-			const members = await ctx.db.query("member").withIndex("groupId", (q) => q.eq("groupId", id)).collect();
-			for (const member of members) await ctx.db.delete(member._id);
-			const invites = await ctx.db.query("invite").withIndex("groupId", (q) => q.eq("groupId", id)).collect();
-			for (const invite of invites) await ctx.db.delete(invite._id);
-			const tags = await ctx.db.query("groupTag").withIndex("by_group", (q) => q.eq("groupId", id)).collect();
-			for (const tag of tags) await ctx.db.delete(tag._id);
-			await ctx.db.delete(id);
-		};
-		await deleteGroup(groupId);
-	}
-});
-/**
-* Add a user as a member of a group.
-*
-* The `role` field is an application-defined string (e.g. "owner", "admin",
-* "member", "viewer"). The auth component stores it but does not enforce
-* access control — your application defines what each role means.
-*
-* Throws `ConvexError` with code `DUPLICATE_MEMBERSHIP` when the user is
-* already a member of the target group.
-*
-* @returns The ID of the new member record.
-*/
-const memberAdd = mutation({
-	args: {
-		groupId: v.id("group"),
-		userId: v.id("user"),
-		role: v.optional(v.string()),
-		status: v.optional(v.string()),
-		extend: v.optional(v.any())
-	},
-	handler: async (ctx, args) => {
-		const existingMembership = await ctx.db.query("member").withIndex("groupIdAndUserId", (q) => q.eq("groupId", args.groupId).eq("userId", args.userId)).unique();
-		if (existingMembership !== null) throw new ConvexError({
-			code: "DUPLICATE_MEMBERSHIP",
-			message: "User is already a member of this group",
-			groupId: args.groupId,
-			userId: args.userId,
-			existingMemberId: existingMembership._id
-		});
-		return await ctx.db.insert("member", args);
-	}
-});
-/** Retrieve a member record by its document ID. Returns `null` if not found. */
-const memberGet = query({
-	args: { memberId: v.id("member") },
-	handler: async (ctx, { memberId }) => {
-		return await ctx.db.get(memberId);
-	}
-});
-/**
-* List members with optional filtering, sorting, and pagination.
-*
-* Returns `{ items, nextCursor }`. Supports filtering by `groupId`,
-* `userId`, `role`, and `status`.
-*/
-const memberList = query({
-	args: {
-		where: v.optional(v.object({
-			groupId: v.optional(v.id("group")),
-			userId: v.optional(v.id("user")),
-			role: v.optional(v.string()),
-			status: v.optional(v.string())
-		})),
-		limit: v.optional(v.number()),
-		cursor: v.optional(v.union(v.string(), v.null())),
-		orderBy: v.optional(v.union(v.literal("_creationTime"), v.literal("role"), v.literal("status"))),
-		order: v.optional(v.union(v.literal("asc"), v.literal("desc")))
-	},
-	handler: async (ctx, args) => {
-		const where = args.where ?? {};
-		const limit = Math.min(Math.max(args.limit ?? 50, 1), 100);
-		const order = args.order ?? "desc";
-		let q;
-		if (where.groupId !== void 0 && where.userId !== void 0) q = ctx.db.query("member").withIndex("groupIdAndUserId", (idx) => idx.eq("groupId", where.groupId).eq("userId", where.userId));
-		else if (where.groupId !== void 0) q = ctx.db.query("member").withIndex("groupId", (idx) => idx.eq("groupId", where.groupId));
-		else if (where.userId !== void 0) q = ctx.db.query("member").withIndex("userId", (idx) => idx.eq("userId", where.userId));
-		else q = ctx.db.query("member");
-		if (where.role !== void 0) q = q.filter((f) => f.eq(f.field("role"), where.role));
-		if (where.status !== void 0) q = q.filter((f) => f.eq(f.field("status"), where.status));
-		q = q.order(order);
-		const all = await q.collect();
-		let startIdx = 0;
-		if (args.cursor) {
-			const cursorIdx = all.findIndex((doc) => doc._id === args.cursor);
-			if (cursorIdx !== -1) startIdx = cursorIdx + 1;
-		}
-		const page = all.slice(startIdx, startIdx + limit + 1);
-		const hasMore = page.length > limit;
-		const items = hasMore ? page.slice(0, limit) : page;
-		return {
-			items,
-			nextCursor: hasMore ? items[items.length - 1]._id : null
-		};
-	}
-});
-/**
-* @deprecated Use `memberList` with `where: { userId }` instead.
-* Kept for backward compatibility with generated component types.
-*/
-const memberListByUser = query({
-	args: { userId: v.id("user") },
-	handler: async (ctx, { userId }) => {
-		return await ctx.db.query("member").withIndex("userId", (q) => q.eq("userId", userId)).collect();
-	}
-});
-/**
-* Look up a specific user's membership in a specific group.
-* Returns `null` if the user is not a member of the group.
-*/
-const memberGetByGroupAndUser = query({
-	args: {
-		groupId: v.id("group"),
-		userId: v.id("user")
-	},
-	handler: async (ctx, { groupId, userId }) => {
-		return await ctx.db.query("member").withIndex("groupIdAndUserId", (q) => q.eq("groupId", groupId).eq("userId", userId)).unique();
-	}
-});
-/** Remove a member from a group by deleting the member record. */
-const memberRemove = mutation({
-	args: { memberId: v.id("member") },
-	handler: async (ctx, { memberId }) => {
-		await ctx.db.delete(memberId);
-	}
-});
-/**
-* Update a member record's fields (role, status, extend).
-*
-* Common usage: `memberUpdate({ memberId, data: { role: "admin" } })`
-*/
-const memberUpdate = mutation({
-	args: {
-		memberId: v.id("member"),
-		data: v.any()
-	},
-	handler: async (ctx, { memberId, data }) => {
-		await ctx.db.patch(memberId, data);
-	}
-});
-/**
-* Create a new platform-level invitation. Optionally set `groupId` to tie
-* the invite to a specific group. The invitation is sent to an email address
-* and includes a hashed token for secure acceptance.
-*
-* Throws `ConvexError` with code `DUPLICATE_INVITE` when a pending invite
-* already exists for the same email and scope:
-* - group invite: same `email` + same `groupId`
-* - platform invite: same `email` with no `groupId`
-*
-* @returns The ID of the new invite record.
-*/
-const inviteCreate = mutation({
-	args: {
-		groupId: v.optional(v.id("group")),
-		invitedByUserId: v.optional(v.id("user")),
-		email: v.optional(v.string()),
-		tokenHash: v.string(),
-		role: v.optional(v.string()),
-		status: v.union(v.literal("pending"), v.literal("accepted"), v.literal("revoked"), v.literal("expired")),
-		expiresTime: v.optional(v.number()),
-		extend: v.optional(v.any())
-	},
-	handler: async (ctx, args) => {
-		if (args.email !== void 0) if (args.groupId !== void 0) {
-			const existingGroupInvite = await ctx.db.query("invite").withIndex("groupIdAndStatus", (q) => q.eq("groupId", args.groupId).eq("status", "pending")).filter((q) => q.eq(q.field("email"), args.email)).first();
-			if (existingGroupInvite !== null) throw new ConvexError({
-				code: "DUPLICATE_INVITE",
-				message: "A pending invite already exists for this email in this group",
-				email: args.email,
-				groupId: args.groupId,
-				existingInviteId: existingGroupInvite._id
-			});
-		} else {
-			const existingPlatformInvite = await ctx.db.query("invite").withIndex("emailAndStatus", (q) => q.eq("email", args.email).eq("status", "pending")).filter((q) => q.eq(q.field("groupId"), void 0)).first();
-			if (existingPlatformInvite !== null) throw new ConvexError({
-				code: "DUPLICATE_INVITE",
-				message: "A pending platform invite already exists for this email",
-				email: args.email,
-				existingInviteId: existingPlatformInvite._id
-			});
-		}
-		return await ctx.db.insert("invite", args);
-	}
-});
-/** Retrieve an invite by its document ID. Returns `null` if not found. */
-const inviteGet = query({
-	args: { inviteId: v.id("invite") },
-	handler: async (ctx, { inviteId }) => {
-		return await ctx.db.get(inviteId);
-	}
-});
-/**
-* List invites with optional filtering, sorting, and pagination.
-*
-* Returns `{ items, nextCursor }`. Supports filtering by `groupId`,
-* `status`, `email`, `invitedByUserId`, `role`, `acceptedByUserId`, and `tokenHash`.
-*/
-const inviteList = query({
-	args: {
-		where: v.optional(v.object({
-			tokenHash: v.optional(v.string()),
-			groupId: v.optional(v.id("group")),
-			status: v.optional(v.union(v.literal("pending"), v.literal("accepted"), v.literal("revoked"), v.literal("expired"))),
-			email: v.optional(v.string()),
-			invitedByUserId: v.optional(v.id("user")),
-			role: v.optional(v.string()),
-			acceptedByUserId: v.optional(v.id("user"))
-		})),
-		limit: v.optional(v.number()),
-		cursor: v.optional(v.union(v.string(), v.null())),
-		orderBy: v.optional(v.union(v.literal("_creationTime"), v.literal("status"), v.literal("email"), v.literal("expiresTime"), v.literal("acceptedTime"))),
-		order: v.optional(v.union(v.literal("asc"), v.literal("desc")))
-	},
-	handler: async (ctx, args) => {
-		const where = args.where ?? {};
-		const limit = Math.min(Math.max(args.limit ?? 50, 1), 100);
-		const order = args.order ?? "desc";
-		let q;
-		if (where.tokenHash !== void 0) q = ctx.db.query("invite").withIndex("tokenHash", (idx) => idx.eq("tokenHash", where.tokenHash));
-		else if (where.role !== void 0 && where.status !== void 0 && where.acceptedByUserId !== void 0) q = ctx.db.query("invite").withIndex("roleAndStatusAndAcceptedByUserId", (idx) => idx.eq("role", where.role).eq("status", where.status).eq("acceptedByUserId", where.acceptedByUserId));
-		else if (where.groupId !== void 0 && where.status !== void 0) q = ctx.db.query("invite").withIndex("groupIdAndStatus", (idx) => idx.eq("groupId", where.groupId).eq("status", where.status));
-		else if (where.email !== void 0 && where.status !== void 0) q = ctx.db.query("invite").withIndex("emailAndStatus", (idx) => idx.eq("email", where.email).eq("status", where.status));
-		else if (where.invitedByUserId !== void 0 && where.status !== void 0) q = ctx.db.query("invite").withIndex("invitedByUserIdAndStatus", (idx) => idx.eq("invitedByUserId", where.invitedByUserId).eq("status", where.status));
-		else if (where.groupId !== void 0) q = ctx.db.query("invite").withIndex("groupId", (idx) => idx.eq("groupId", where.groupId));
-		else if (where.status !== void 0) q = ctx.db.query("invite").withIndex("status", (idx) => idx.eq("status", where.status));
-		else q = ctx.db.query("invite");
-		if (where.groupId !== void 0) q = q.filter((f) => f.eq(f.field("groupId"), where.groupId));
-		if (where.status !== void 0) q = q.filter((f) => f.eq(f.field("status"), where.status));
-		if (where.email !== void 0) q = q.filter((f) => f.eq(f.field("email"), where.email));
-		if (where.invitedByUserId !== void 0) q = q.filter((f) => f.eq(f.field("invitedByUserId"), where.invitedByUserId));
-		if (where.role !== void 0) q = q.filter((f) => f.eq(f.field("role"), where.role));
-		if (where.acceptedByUserId !== void 0) q = q.filter((f) => f.eq(f.field("acceptedByUserId"), where.acceptedByUserId));
-		if (where.tokenHash !== void 0) q = q.filter((f) => f.eq(f.field("tokenHash"), where.tokenHash));
-		q = q.order(order);
-		const all = await q.collect();
-		let startIdx = 0;
-		if (args.cursor) {
-			const cursorIdx = all.findIndex((doc) => doc._id === args.cursor);
-			if (cursorIdx !== -1) startIdx = cursorIdx + 1;
-		}
-		const page = all.slice(startIdx, startIdx + limit + 1);
-		const hasMore = page.length > limit;
-		const items = hasMore ? page.slice(0, limit) : page;
-		return {
-			items,
-			nextCursor: hasMore ? items[items.length - 1]._id : null
-		};
-	}
-});
-/**
-* Accept a pending invitation.
-*
-* Marks the invite as "accepted" and records the acceptance timestamp.
-* Throws a structured `ConvexError` when the invite doesn't exist or is not
-* currently pending.
-*
-* The caller is responsible for creating the corresponding member record.
-*/
-const inviteAccept = mutation({
-	args: {
-		inviteId: v.id("invite"),
-		acceptedByUserId: v.optional(v.id("user"))
-	},
-	handler: async (ctx, { inviteId, acceptedByUserId }) => {
-		const invite = await ctx.db.get(inviteId);
-		if (invite === null) throw new ConvexError({
-			code: "INVITE_NOT_FOUND",
-			message: "Invite not found",
-			inviteId
-		});
-		if (invite.status !== "pending") throw new ConvexError({
-			code: "INVITE_NOT_PENDING",
-			message: `Cannot accept invite with status "${invite.status}"`,
-			inviteId,
-			currentStatus: invite.status
-		});
-		await ctx.db.patch(inviteId, {
-			status: "accepted",
-			acceptedTime: Date.now(),
-			...acceptedByUserId ? { acceptedByUserId } : {}
-		});
-	}
-});
-/**
-* Revoke a pending invitation.
-*
-* Marks the invite as "revoked". Throws a structured `ConvexError` when the
-* invite doesn't exist or is not currently pending.
-*/
-const inviteRevoke = mutation({
-	args: { inviteId: v.id("invite") },
-	handler: async (ctx, { inviteId }) => {
-		const invite = await ctx.db.get(inviteId);
-		if (invite === null) throw new ConvexError({
-			code: "INVITE_NOT_FOUND",
-			message: "Invite not found",
-			inviteId
-		});
-		if (invite.status !== "pending") throw new ConvexError({
-			code: "INVITE_NOT_PENDING",
-			message: `Cannot revoke invite with status "${invite.status}"`,
-			inviteId,
-			currentStatus: invite.status
-		});
-		await ctx.db.patch(inviteId, { status: "revoked" });
-	}
-});
-/**
-* Insert a new API key record.
-*
-* The caller is responsible for hashing the raw key before passing it here —
-* this function only stores the hash and metadata.
-*/
-const keyInsert = mutation({
-	args: {
-		userId: v.id("user"),
-		prefix: v.string(),
-		hashedKey: v.string(),
-		name: v.string(),
-		scopes: v.array(v.object({
-			resource: v.string(),
-			actions: v.array(v.string())
-		})),
-		rateLimit: v.optional(v.object({
-			maxRequests: v.number(),
-			windowMs: v.number()
-		})),
-		expiresAt: v.optional(v.number())
-	},
-	handler: async (ctx, args) => {
-		return await ctx.db.insert("key", {
-			...args,
-			createdAt: Date.now(),
-			revoked: false
-		});
-	}
-});
-/**
-* Look up an API key by its SHA-256 hash.
-*
-* Used during Bearer token verification. Returns the full key record
-* (including rate limit state) or `null` if not found.
-*/
-const keyGetByHashedKey = query({
-	args: { hashedKey: v.string() },
-	handler: async (ctx, { hashedKey }) => {
-		return await ctx.db.query("key").withIndex("hashedKey", (q) => q.eq("hashedKey", hashedKey)).first();
-	}
-});
-/**
-* @deprecated Use `keyList` with `where: { userId }` instead.
-* Kept for backward compatibility with generated component types.
-*/
-const keyListByUserId = query({
-	args: { userId: v.id("user") },
-	handler: async (ctx, { userId }) => {
-		return await ctx.db.query("key").withIndex("userId", (q) => q.eq("userId", userId)).collect();
-	}
-});
-/**
-* List API keys with optional filtering, sorting, and pagination.
-*
-* Returns `{ items, nextCursor }`. Supports filtering by `userId`,
-* `revoked`, `name`, and `prefix`.
-*/
-const keyList = query({
-	args: {
-		where: v.optional(v.object({
-			userId: v.optional(v.id("user")),
-			revoked: v.optional(v.boolean()),
-			name: v.optional(v.string()),
-			prefix: v.optional(v.string())
-		})),
-		limit: v.optional(v.number()),
-		cursor: v.optional(v.union(v.string(), v.null())),
-		orderBy: v.optional(v.union(v.literal("_creationTime"), v.literal("name"), v.literal("lastUsedAt"), v.literal("expiresAt"), v.literal("revoked"))),
-		order: v.optional(v.union(v.literal("asc"), v.literal("desc")))
-	},
-	handler: async (ctx, args) => {
-		const where = args.where ?? {};
-		const limit = Math.min(Math.max(args.limit ?? 50, 1), 100);
-		const order = args.order ?? "desc";
-		let q;
-		if (where.userId !== void 0) q = ctx.db.query("key").withIndex("userId", (idx) => idx.eq("userId", where.userId));
-		else q = ctx.db.query("key");
-		if (where.revoked !== void 0) q = q.filter((f) => f.eq(f.field("revoked"), where.revoked));
-		if (where.name !== void 0) q = q.filter((f) => f.eq(f.field("name"), where.name));
-		if (where.prefix !== void 0) q = q.filter((f) => f.eq(f.field("prefix"), where.prefix));
-		q = q.order(order);
-		const all = await q.collect();
-		let startIdx = 0;
-		if (args.cursor) {
-			const cursorIdx = all.findIndex((doc) => doc._id === args.cursor);
-			if (cursorIdx !== -1) startIdx = cursorIdx + 1;
-		}
-		const page = all.slice(startIdx, startIdx + limit + 1);
-		const hasMore = page.length > limit;
-		const items = hasMore ? page.slice(0, limit) : page;
-		return {
-			items,
-			nextCursor: hasMore ? items[items.length - 1]._id : null
-		};
-	}
-});
-/** Get a single API key by document ID. */
-const keyGetById = query({
-	args: { keyId: v.id("key") },
-	handler: async (ctx, { keyId }) => {
-		return await ctx.db.get(keyId);
-	}
-});
-/**
-* Patch an API key record. Used for updating name, scopes, rate limit config,
-* revocation, and lastUsedAt / rate limit state tracking.
-*/
-const keyPatch = mutation({
-	args: {
-		keyId: v.id("key"),
-		data: v.object({
-			name: v.optional(v.string()),
-			scopes: v.optional(v.array(v.object({
-				resource: v.string(),
-				actions: v.array(v.string())
-			}))),
-			rateLimit: v.optional(v.object({
-				maxRequests: v.number(),
-				windowMs: v.number()
-			})),
-			rateLimitState: v.optional(v.object({
-				attemptsLeft: v.number(),
-				lastAttemptTime: v.number()
-			})),
-			revoked: v.optional(v.boolean()),
-			lastUsedAt: v.optional(v.number())
-		})
-	},
-	handler: async (ctx, { keyId, data }) => {
-		if (await ctx.db.get(keyId) === null) throw new ConvexError({
-			code: "KEY_NOT_FOUND",
-			message: "API key not found",
-			keyId
-		});
-		await ctx.db.patch(keyId, data);
-	}
-});
-/** Hard delete an API key record. */
-const keyDelete = mutation({
-	args: { keyId: v.id("key") },
-	handler: async (ctx, { keyId }) => {
-		if (await ctx.db.get(keyId) === null) throw new ConvexError({
-			code: "KEY_NOT_FOUND",
-			message: "API key not found",
-			keyId
-		});
-		await ctx.db.delete(keyId);
-	}
-});
-/** Insert a new device authorization record. */
-const deviceInsert = mutation({
-	args: {
-		deviceCodeHash: v.string(),
-		userCode: v.string(),
-		expiresAt: v.number(),
-		interval: v.number(),
-		status: v.union(v.literal("pending"), v.literal("authorized"), v.literal("denied"))
-	},
-	handler: async (ctx, args) => {
-		return await ctx.db.insert("device", args);
-	}
-});
-/** Look up a device authorization by its hashed device code. */
-const deviceGetByCodeHash = query({
-	args: { deviceCodeHash: v.string() },
-	handler: async (ctx, { deviceCodeHash }) => {
-		return await ctx.db.query("device").withIndex("deviceCodeHash", (q) => q.eq("deviceCodeHash", deviceCodeHash)).first();
-	}
-});
-/** Look up a pending device authorization by its user code. */
-const deviceGetByUserCode = query({
-	args: { userCode: v.string() },
-	handler: async (ctx, { userCode }) => {
-		return await ctx.db.query("device").withIndex("userCode", (q) => q.eq("userCode", userCode).eq("status", "pending")).first();
-	}
-});
-/** Authorize a device code — link it to a user and session. */
-const deviceAuthorize = mutation({
-	args: {
-		deviceId: v.id("device"),
-		userId: v.id("user"),
-		sessionId: v.id("session")
-	},
-	handler: async (ctx, { deviceId, userId, sessionId }) => {
-		await ctx.db.patch(deviceId, {
-			status: "authorized",
-			userId,
-			sessionId
-		});
-	}
-});
-/** Update the last-polled timestamp on a device authorization record. */
-const deviceUpdateLastPolled = mutation({
-	args: {
-		deviceId: v.id("device"),
-		lastPolledAt: v.number()
-	},
-	handler: async (ctx, { deviceId, lastPolledAt }) => {
-		await ctx.db.patch(deviceId, { lastPolledAt });
-	}
-});
-/** Delete a device authorization record (cleanup after use or expiry). */
-const deviceDelete = mutation({
-	args: { deviceId: v.id("device") },
-	handler: async (ctx, { deviceId }) => {
-		await ctx.db.delete(deviceId);
-	}
-});
-//#endregion
-export { accountDelete, accountGet, accountGetById, accountInsert, accountListByUser, accountPatch, deviceAuthorize, deviceDelete, deviceGetByCodeHash, deviceGetByUserCode, deviceInsert, deviceUpdateLastPolled, groupCreate, groupDelete, groupGet, groupList, groupUpdate, inviteAccept, inviteCreate, inviteGet, inviteList, inviteRevoke, keyDelete, keyGetByHashedKey, keyGetById, keyInsert, keyList, keyListByUserId, keyPatch, memberAdd, memberGet, memberGetByGroupAndUser, memberList, memberListByUser, memberRemove, memberUpdate, passkeyDelete, passkeyGetByCredentialId, passkeyInsert, passkeyListByUserId, passkeyUpdateCounter, passkeyUpdateMeta, rateLimitCreate, rateLimitDelete, rateLimitGet, rateLimitPatch, refreshTokenCreate, refreshTokenDeleteAll, refreshTokenGetActive, refreshTokenGetById, refreshTokenGetChildren, refreshTokenListBySession, refreshTokenPatch, sessionCreate, sessionDelete, sessionGetById, sessionList, sessionListByUser, totpDelete, totpGetById, totpGetVerifiedByUserId, totpInsert, totpListByUserId, totpMarkVerified, totpUpdateLastUsed, userFindByVerifiedEmail, userFindByVerifiedPhone, userGetById, userInsert, userList, userPatch, userUpsert, verificationCodeCreate, verificationCodeDelete, verificationCodeGetByAccountId, verificationCodeGetByCode, verifierCreate, verifierDelete, verifierGetById, verifierGetBySignature, verifierPatch };
-//# sourceMappingURL=public.js.map
+export { accountDelete, accountGet, accountGetById, accountInsert, accountListByUser, accountPatch, deviceAuthorize, deviceDelete, deviceGetByCodeHash, deviceGetByUserCode, deviceInsert, deviceUpdateLastPolled, enterpriseAuditEventCreate, enterpriseAuditEventList, enterpriseCreate, enterpriseDelete, enterpriseDomainAdd, enterpriseDomainDelete, enterpriseDomainList, enterpriseDomainVerificationDelete, enterpriseDomainVerificationGet, enterpriseDomainVerificationUpsert, enterpriseDomainVerify, enterpriseGet, enterpriseGetByDomain, enterpriseGetByGroup, enterpriseList, enterpriseScimConfigGetByEnterprise, enterpriseScimConfigGetByTokenHash, enterpriseScimConfigUpsert, enterpriseScimIdentityDelete, enterpriseScimIdentityGet, enterpriseScimIdentityGetByEnterpriseAndUser, enterpriseScimIdentityGetByMappedGroup, enterpriseScimIdentityGetByUser, enterpriseScimIdentityListByEnterprise, enterpriseScimIdentityUpsert, enterpriseSecretDelete, enterpriseSecretGet, enterpriseSecretUpsert, enterpriseUpdate, enterpriseWebhookDeliveryEnqueue, enterpriseWebhookDeliveryList, enterpriseWebhookDeliveryListReady, enterpriseWebhookDeliveryPatch, enterpriseWebhookEndpointCreate, enterpriseWebhookEndpointGet, enterpriseWebhookEndpointList, enterpriseWebhookEndpointUpdate, groupCreate, groupDelete, groupGet, groupList, groupUpdate, inviteAccept, inviteAcceptByToken, inviteCreate, inviteGet, inviteGetByTokenHash, inviteList, inviteRevoke, keyDelete, keyGetByHashedKey, keyGetById, keyInsert, keyList, keyPatch, memberAdd, memberGet, memberGetByGroupAndUser, memberList, memberRemove, memberResolve, memberUpdate, passkeyDelete, passkeyGetByCredentialId, passkeyInsert, passkeyListByUserId, passkeyUpdateCounter, passkeyUpdateMeta, rateLimitCreate, rateLimitDelete, rateLimitGet, rateLimitPatch, refreshTokenCreate, refreshTokenDeleteAll, refreshTokenGetActive, refreshTokenGetById, refreshTokenGetChildren, refreshTokenListBySession, refreshTokenPatch, sessionCreate, sessionDelete, sessionGetById, sessionList, sessionListByUser, totpDelete, totpGetById, totpGetVerifiedByUserId, totpInsert, totpListByUserId, totpMarkVerified, totpUpdateLastUsed, userDelete, userFindByVerifiedEmail, userFindByVerifiedPhone, userGetById, userInsert, userList, userPatch, userUpsert, verificationCodeCreate, verificationCodeDelete, verificationCodeGetByAccountId, verificationCodeGetByCode, verifierCreate, verifierDelete, verifierGetById, verifierGetBySignature, verifierPatch };