@robelest/convex-auth 0.0.4-preview.25 → 0.0.4-preview.28

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (666) hide show
  1. package/README.md +43 -36
  2. package/dist/bin.js +5765 -4880
  3. package/dist/browser/index.d.ts +30 -0
  4. package/dist/browser/index.js +93 -0
  5. package/dist/browser/locks.js +11 -0
  6. package/dist/browser/navigation.js +14 -0
  7. package/dist/{factors → browser}/passkey.js +23 -32
  8. package/dist/browser/runtime.js +92 -0
  9. package/dist/client/core/types.d.ts +452 -5
  10. package/dist/client/core/types.js +17 -0
  11. package/dist/client/errors.js +19 -0
  12. package/dist/client/factors/device.js +94 -0
  13. package/dist/{factors → client/factors}/totp.js +12 -4
  14. package/dist/client/index.d.ts +47 -1
  15. package/dist/client/index.js +269 -232
  16. package/dist/client/runtime/mutex.js +24 -0
  17. package/dist/client/runtime/proxy.js +30 -0
  18. package/dist/client/runtime/storage.js +45 -0
  19. package/dist/client/services/adapters.js +7 -0
  20. package/dist/client/services/http.js +6 -0
  21. package/dist/client/services/resolve.js +13 -0
  22. package/dist/client/services/runtime.js +6 -0
  23. package/dist/component/_generated/component.d.ts +1355 -1399
  24. package/dist/component/convex.config.d.ts +2 -2
  25. package/dist/component/index.d.ts +4 -26
  26. package/dist/component/index.js +1 -1
  27. package/dist/component/model.d.ts +26 -112
  28. package/dist/component/model.js +76 -54
  29. package/dist/component/modules.js +38 -0
  30. package/dist/component/public/factors/devices.js +1 -1
  31. package/dist/component/public/factors/passkeys.js +1 -1
  32. package/dist/component/public/factors/totp.js +1 -1
  33. package/dist/component/public/groups/core.js +2 -2
  34. package/dist/component/public/groups/invites.js +1 -1
  35. package/dist/component/public/groups/members.js +1 -1
  36. package/dist/component/public/identity/accounts.js +1 -1
  37. package/dist/component/public/identity/codes.js +1 -1
  38. package/dist/component/public/identity/sessions.js +39 -2
  39. package/dist/component/public/identity/tokens.js +82 -4
  40. package/dist/component/public/identity/users.js +1 -1
  41. package/dist/component/public/identity/verifiers.js +10 -4
  42. package/dist/component/public/security/keys.js +1 -1
  43. package/dist/component/public/security/limits.js +1 -1
  44. package/dist/component/public/{enterprise → sso}/audit.js +26 -26
  45. package/dist/component/public/sso/core.js +263 -0
  46. package/dist/component/public/sso/domains.js +280 -0
  47. package/dist/component/public/{enterprise → sso}/scim.js +87 -87
  48. package/dist/component/public/sso/secrets.js +125 -0
  49. package/dist/component/public/{enterprise → sso}/webhooks.js +59 -59
  50. package/dist/component/public.js +9 -9
  51. package/dist/component/schema.d.ts +472 -393
  52. package/dist/component/schema.js +36 -35
  53. package/dist/core/index.d.ts +380 -0
  54. package/dist/core/index.js +83 -0
  55. package/dist/otel.d.ts +69 -0
  56. package/dist/otel.js +82 -0
  57. package/dist/providers/anonymous.d.ts +15 -34
  58. package/dist/providers/anonymous.js +27 -35
  59. package/dist/providers/apple.d.ts +59 -0
  60. package/dist/providers/apple.js +58 -0
  61. package/dist/providers/credentials.d.ts +18 -34
  62. package/dist/providers/credentials.js +16 -27
  63. package/dist/providers/custom.d.ts +94 -0
  64. package/dist/providers/custom.js +119 -0
  65. package/dist/providers/device.d.ts +15 -49
  66. package/dist/providers/device.js +17 -34
  67. package/dist/providers/email.d.ts +21 -38
  68. package/dist/providers/email.js +36 -55
  69. package/dist/providers/github.d.ts +54 -0
  70. package/dist/providers/github.js +75 -0
  71. package/dist/providers/google.d.ts +54 -0
  72. package/dist/providers/google.js +61 -0
  73. package/dist/providers/index.d.ts +16 -12
  74. package/dist/providers/index.js +15 -11
  75. package/dist/providers/microsoft.d.ts +57 -0
  76. package/dist/providers/microsoft.js +101 -0
  77. package/dist/providers/passkey.d.ts +19 -35
  78. package/dist/providers/passkey.js +20 -30
  79. package/dist/providers/password.d.ts +17 -18
  80. package/dist/providers/password.js +121 -143
  81. package/dist/providers/phone.d.ts +13 -28
  82. package/dist/providers/phone.js +21 -46
  83. package/dist/providers/sso.d.ts +16 -36
  84. package/dist/providers/sso.js +21 -22
  85. package/dist/providers/totp.d.ts +13 -29
  86. package/dist/providers/totp.js +17 -27
  87. package/dist/server/auth-context.d.ts +204 -0
  88. package/dist/server/auth-context.js +76 -0
  89. package/dist/server/auth.d.ts +99 -244
  90. package/dist/server/auth.js +56 -152
  91. package/dist/server/componentContext.d.ts +12 -0
  92. package/dist/server/componentContext.js +1 -0
  93. package/dist/server/config.js +6 -67
  94. package/dist/server/constants.js +6 -0
  95. package/dist/server/contract.d.ts +105 -0
  96. package/dist/server/contract.js +43 -0
  97. package/dist/server/cookies.js +3 -2
  98. package/dist/server/core.js +31 -36
  99. package/dist/server/crypto.js +34 -44
  100. package/dist/server/db.js +6 -1
  101. package/dist/server/device.js +96 -130
  102. package/dist/server/env.js +48 -0
  103. package/dist/server/errors.js +20 -0
  104. package/dist/server/http.d.ts +15 -59
  105. package/dist/server/http.js +136 -120
  106. package/dist/server/identity.js +2 -2
  107. package/dist/server/index.d.ts +5 -4
  108. package/dist/server/index.js +3 -3
  109. package/dist/server/keys.js +10 -1
  110. package/dist/server/limits.js +26 -26
  111. package/dist/server/log.js +28 -0
  112. package/dist/server/mounts.d.ts +1107 -296
  113. package/dist/server/mounts.js +315 -196
  114. package/dist/server/mutations/account.js +11 -14
  115. package/dist/server/mutations/code.js +6 -5
  116. package/dist/server/mutations/invalidate.js +9 -11
  117. package/dist/server/mutations/oauth.js +112 -73
  118. package/dist/server/mutations/refresh.js +47 -97
  119. package/dist/server/mutations/register.js +37 -35
  120. package/dist/server/mutations/retrieve.js +16 -16
  121. package/dist/server/mutations/signature.js +15 -18
  122. package/dist/server/mutations/signin.js +10 -5
  123. package/dist/server/mutations/signout.js +11 -14
  124. package/dist/server/mutations/store.js +25 -18
  125. package/dist/server/mutations/verifier.js +11 -8
  126. package/dist/server/mutations/verify.js +53 -41
  127. package/dist/server/oauth/factory.js +44 -0
  128. package/dist/server/oauth/index.js +12 -0
  129. package/dist/server/oauth/runtime.js +248 -0
  130. package/dist/server/passkey.js +331 -365
  131. package/dist/server/payloads.d.ts +16 -0
  132. package/dist/server/payloads.js +30 -0
  133. package/dist/server/{ssr.d.ts → prefetch.d.ts} +2 -2
  134. package/dist/server/prefetch.js +635 -0
  135. package/dist/server/random.js +19 -0
  136. package/dist/server/redirects.js +10 -5
  137. package/dist/server/refresh.js +14 -86
  138. package/dist/server/runtime.d.ts +531 -31
  139. package/dist/server/runtime.js +106 -267
  140. package/dist/server/secret.js +44 -0
  141. package/dist/server/services/config.js +10 -0
  142. package/dist/server/services/group.js +211 -0
  143. package/dist/server/services/logger.js +8 -0
  144. package/dist/server/services/providers.js +22 -0
  145. package/dist/server/services/refresh.js +8 -0
  146. package/dist/server/services/resolve.js +27 -0
  147. package/dist/server/services/signin.js +8 -0
  148. package/dist/server/sessions.js +35 -34
  149. package/dist/server/signin.js +229 -140
  150. package/dist/server/{enterprise → sso}/config.js +10 -3
  151. package/dist/server/sso/domain.d.ts +614 -0
  152. package/dist/server/sso/domain.js +1175 -0
  153. package/dist/server/sso/http.js +1060 -0
  154. package/dist/server/sso/oidc.js +324 -0
  155. package/dist/server/sso/policies.js +59 -0
  156. package/dist/server/sso/policy.js +139 -0
  157. package/dist/server/sso/profile.js +22 -0
  158. package/dist/server/sso/provision.js +179 -0
  159. package/dist/{component/server/enterprise → server/sso}/saml.js +142 -56
  160. package/dist/{component/server/enterprise → server/sso}/scim.js +13 -7
  161. package/dist/server/sso/shared.js +74 -0
  162. package/dist/server/sso/validators.js +88 -0
  163. package/dist/server/sso/webhook.js +94 -0
  164. package/dist/server/tokens.js +16 -4
  165. package/dist/server/totp.js +155 -164
  166. package/dist/server/types.d.ts +306 -296
  167. package/dist/server/types.js +1 -30
  168. package/dist/server/url.js +32 -0
  169. package/dist/server/users.js +74 -40
  170. package/dist/server/utils/cache.js +51 -0
  171. package/dist/server/utils/dispatch.js +36 -0
  172. package/dist/server/utils/retry.js +24 -0
  173. package/dist/server/utils/span.js +32 -0
  174. package/dist/shared/errors.js +19 -0
  175. package/dist/shared/log.js +45 -0
  176. package/{src/test.ts → dist/test.d.ts} +21 -22
  177. package/dist/test.js +51 -0
  178. package/package.json +70 -42
  179. package/dist/authorization/index.d.ts.map +0 -1
  180. package/dist/authorization/index.js.map +0 -1
  181. package/dist/client/core/types.d.ts.map +0 -1
  182. package/dist/client/index.d.ts.map +0 -1
  183. package/dist/client/index.js.map +0 -1
  184. package/dist/component/_generated/api.d.ts +0 -75
  185. package/dist/component/_generated/api.d.ts.map +0 -1
  186. package/dist/component/_generated/api.js.map +0 -1
  187. package/dist/component/_generated/component.d.ts.map +0 -1
  188. package/dist/component/_generated/dataModel.d.ts +0 -42
  189. package/dist/component/_generated/dataModel.d.ts.map +0 -1
  190. package/dist/component/_generated/server.d.ts +0 -117
  191. package/dist/component/_generated/server.d.ts.map +0 -1
  192. package/dist/component/_generated/server.js.map +0 -1
  193. package/dist/component/_virtual/rolldown_runtime.js +0 -18
  194. package/dist/component/client/core/types.d.ts +0 -2
  195. package/dist/component/client/index.d.ts +0 -1
  196. package/dist/component/convex.config.d.ts.map +0 -1
  197. package/dist/component/convex.config.js.map +0 -1
  198. package/dist/component/functions.d.ts +0 -25
  199. package/dist/component/functions.d.ts.map +0 -1
  200. package/dist/component/functions.js.map +0 -1
  201. package/dist/component/index.d.ts.map +0 -1
  202. package/dist/component/model.d.ts.map +0 -1
  203. package/dist/component/model.js.map +0 -1
  204. package/dist/component/providers/anonymous.d.ts +0 -54
  205. package/dist/component/providers/anonymous.d.ts.map +0 -1
  206. package/dist/component/providers/credentials.d.ts +0 -38
  207. package/dist/component/providers/credentials.d.ts.map +0 -1
  208. package/dist/component/providers/device.d.ts +0 -67
  209. package/dist/component/providers/device.d.ts.map +0 -1
  210. package/dist/component/providers/email.d.ts +0 -62
  211. package/dist/component/providers/email.d.ts.map +0 -1
  212. package/dist/component/providers/oauth.d.ts +0 -25
  213. package/dist/component/providers/oauth.d.ts.map +0 -1
  214. package/dist/component/providers/oauth.js +0 -13
  215. package/dist/component/providers/oauth.js.map +0 -1
  216. package/dist/component/providers/passkey.d.ts +0 -57
  217. package/dist/component/providers/passkey.d.ts.map +0 -1
  218. package/dist/component/providers/password.d.ts +0 -88
  219. package/dist/component/providers/password.d.ts.map +0 -1
  220. package/dist/component/providers/phone.d.ts +0 -48
  221. package/dist/component/providers/phone.d.ts.map +0 -1
  222. package/dist/component/providers/sso.d.ts +0 -50
  223. package/dist/component/providers/sso.d.ts.map +0 -1
  224. package/dist/component/providers/totp.d.ts +0 -45
  225. package/dist/component/providers/totp.d.ts.map +0 -1
  226. package/dist/component/public/enterprise/audit.d.ts +0 -73
  227. package/dist/component/public/enterprise/audit.d.ts.map +0 -1
  228. package/dist/component/public/enterprise/audit.js.map +0 -1
  229. package/dist/component/public/enterprise/core.d.ts +0 -176
  230. package/dist/component/public/enterprise/core.d.ts.map +0 -1
  231. package/dist/component/public/enterprise/core.js +0 -292
  232. package/dist/component/public/enterprise/core.js.map +0 -1
  233. package/dist/component/public/enterprise/domains.d.ts +0 -174
  234. package/dist/component/public/enterprise/domains.d.ts.map +0 -1
  235. package/dist/component/public/enterprise/domains.js +0 -271
  236. package/dist/component/public/enterprise/domains.js.map +0 -1
  237. package/dist/component/public/enterprise/scim.d.ts +0 -245
  238. package/dist/component/public/enterprise/scim.d.ts.map +0 -1
  239. package/dist/component/public/enterprise/scim.js.map +0 -1
  240. package/dist/component/public/enterprise/secrets.d.ts +0 -78
  241. package/dist/component/public/enterprise/secrets.d.ts.map +0 -1
  242. package/dist/component/public/enterprise/secrets.js +0 -118
  243. package/dist/component/public/enterprise/secrets.js.map +0 -1
  244. package/dist/component/public/enterprise/webhooks.d.ts +0 -211
  245. package/dist/component/public/enterprise/webhooks.d.ts.map +0 -1
  246. package/dist/component/public/enterprise/webhooks.js.map +0 -1
  247. package/dist/component/public/factors/devices.d.ts +0 -157
  248. package/dist/component/public/factors/devices.d.ts.map +0 -1
  249. package/dist/component/public/factors/devices.js.map +0 -1
  250. package/dist/component/public/factors/passkeys.d.ts +0 -175
  251. package/dist/component/public/factors/passkeys.d.ts.map +0 -1
  252. package/dist/component/public/factors/passkeys.js.map +0 -1
  253. package/dist/component/public/factors/totp.d.ts +0 -189
  254. package/dist/component/public/factors/totp.d.ts.map +0 -1
  255. package/dist/component/public/factors/totp.js.map +0 -1
  256. package/dist/component/public/groups/core.d.ts +0 -137
  257. package/dist/component/public/groups/core.d.ts.map +0 -1
  258. package/dist/component/public/groups/core.js.map +0 -1
  259. package/dist/component/public/groups/invites.d.ts +0 -217
  260. package/dist/component/public/groups/invites.d.ts.map +0 -1
  261. package/dist/component/public/groups/invites.js.map +0 -1
  262. package/dist/component/public/groups/members.d.ts +0 -204
  263. package/dist/component/public/groups/members.d.ts.map +0 -1
  264. package/dist/component/public/groups/members.js.map +0 -1
  265. package/dist/component/public/identity/accounts.d.ts +0 -147
  266. package/dist/component/public/identity/accounts.d.ts.map +0 -1
  267. package/dist/component/public/identity/accounts.js.map +0 -1
  268. package/dist/component/public/identity/codes.d.ts +0 -104
  269. package/dist/component/public/identity/codes.d.ts.map +0 -1
  270. package/dist/component/public/identity/codes.js.map +0 -1
  271. package/dist/component/public/identity/sessions.d.ts +0 -128
  272. package/dist/component/public/identity/sessions.d.ts.map +0 -1
  273. package/dist/component/public/identity/sessions.js.map +0 -1
  274. package/dist/component/public/identity/tokens.d.ts +0 -169
  275. package/dist/component/public/identity/tokens.d.ts.map +0 -1
  276. package/dist/component/public/identity/tokens.js.map +0 -1
  277. package/dist/component/public/identity/users.d.ts +0 -212
  278. package/dist/component/public/identity/users.d.ts.map +0 -1
  279. package/dist/component/public/identity/users.js.map +0 -1
  280. package/dist/component/public/identity/verifiers.d.ts +0 -116
  281. package/dist/component/public/identity/verifiers.d.ts.map +0 -1
  282. package/dist/component/public/identity/verifiers.js.map +0 -1
  283. package/dist/component/public/security/keys.d.ts +0 -209
  284. package/dist/component/public/security/keys.d.ts.map +0 -1
  285. package/dist/component/public/security/keys.js.map +0 -1
  286. package/dist/component/public/security/limits.d.ts +0 -114
  287. package/dist/component/public/security/limits.d.ts.map +0 -1
  288. package/dist/component/public/security/limits.js.map +0 -1
  289. package/dist/component/public.d.ts +0 -28
  290. package/dist/component/public.d.ts.map +0 -1
  291. package/dist/component/schema.d.ts.map +0 -1
  292. package/dist/component/schema.js.map +0 -1
  293. package/dist/component/server/auth.d.ts +0 -447
  294. package/dist/component/server/auth.d.ts.map +0 -1
  295. package/dist/component/server/auth.js +0 -254
  296. package/dist/component/server/auth.js.map +0 -1
  297. package/dist/component/server/config.js +0 -121
  298. package/dist/component/server/config.js.map +0 -1
  299. package/dist/component/server/context.js +0 -53
  300. package/dist/component/server/context.js.map +0 -1
  301. package/dist/component/server/cookies.js +0 -47
  302. package/dist/component/server/cookies.js.map +0 -1
  303. package/dist/component/server/core.js +0 -576
  304. package/dist/component/server/core.js.map +0 -1
  305. package/dist/component/server/crypto.js +0 -56
  306. package/dist/component/server/crypto.js.map +0 -1
  307. package/dist/component/server/db.js +0 -87
  308. package/dist/component/server/db.js.map +0 -1
  309. package/dist/component/server/device.js +0 -152
  310. package/dist/component/server/device.js.map +0 -1
  311. package/dist/component/server/enterprise/config.js +0 -46
  312. package/dist/component/server/enterprise/config.js.map +0 -1
  313. package/dist/component/server/enterprise/domain.js +0 -974
  314. package/dist/component/server/enterprise/domain.js.map +0 -1
  315. package/dist/component/server/enterprise/http.js +0 -787
  316. package/dist/component/server/enterprise/http.js.map +0 -1
  317. package/dist/component/server/enterprise/oidc.js +0 -248
  318. package/dist/component/server/enterprise/oidc.js.map +0 -1
  319. package/dist/component/server/enterprise/policy.js +0 -85
  320. package/dist/component/server/enterprise/policy.js.map +0 -1
  321. package/dist/component/server/enterprise/saml.js.map +0 -1
  322. package/dist/component/server/enterprise/scim.js.map +0 -1
  323. package/dist/component/server/enterprise/shared.js +0 -51
  324. package/dist/component/server/enterprise/shared.js.map +0 -1
  325. package/dist/component/server/http.d.ts +0 -85
  326. package/dist/component/server/http.d.ts.map +0 -1
  327. package/dist/component/server/http.js +0 -351
  328. package/dist/component/server/http.js.map +0 -1
  329. package/dist/component/server/identity.js +0 -16
  330. package/dist/component/server/identity.js.map +0 -1
  331. package/dist/component/server/keys.js +0 -96
  332. package/dist/component/server/keys.js.map +0 -1
  333. package/dist/component/server/limits.js +0 -52
  334. package/dist/component/server/limits.js.map +0 -1
  335. package/dist/component/server/mutations/account.js +0 -46
  336. package/dist/component/server/mutations/account.js.map +0 -1
  337. package/dist/component/server/mutations/code.js +0 -68
  338. package/dist/component/server/mutations/code.js.map +0 -1
  339. package/dist/component/server/mutations/invalidate.js +0 -32
  340. package/dist/component/server/mutations/invalidate.js.map +0 -1
  341. package/dist/component/server/mutations/oauth.js +0 -116
  342. package/dist/component/server/mutations/oauth.js.map +0 -1
  343. package/dist/component/server/mutations/refresh.js +0 -119
  344. package/dist/component/server/mutations/refresh.js.map +0 -1
  345. package/dist/component/server/mutations/register.js +0 -87
  346. package/dist/component/server/mutations/register.js.map +0 -1
  347. package/dist/component/server/mutations/retrieve.js +0 -61
  348. package/dist/component/server/mutations/retrieve.js.map +0 -1
  349. package/dist/component/server/mutations/signature.js +0 -38
  350. package/dist/component/server/mutations/signature.js.map +0 -1
  351. package/dist/component/server/mutations/signin.js +0 -27
  352. package/dist/component/server/mutations/signin.js.map +0 -1
  353. package/dist/component/server/mutations/signout.js +0 -27
  354. package/dist/component/server/mutations/signout.js.map +0 -1
  355. package/dist/component/server/mutations/store/refs.js +0 -15
  356. package/dist/component/server/mutations/store/refs.js.map +0 -1
  357. package/dist/component/server/mutations/store.js +0 -70
  358. package/dist/component/server/mutations/store.js.map +0 -1
  359. package/dist/component/server/mutations/verifier.js +0 -18
  360. package/dist/component/server/mutations/verifier.js.map +0 -1
  361. package/dist/component/server/mutations/verify.js +0 -98
  362. package/dist/component/server/mutations/verify.js.map +0 -1
  363. package/dist/component/server/oauth.js +0 -242
  364. package/dist/component/server/oauth.js.map +0 -1
  365. package/dist/component/server/passkey.js +0 -415
  366. package/dist/component/server/passkey.js.map +0 -1
  367. package/dist/component/server/redirects.js +0 -40
  368. package/dist/component/server/redirects.js.map +0 -1
  369. package/dist/component/server/refresh.js +0 -99
  370. package/dist/component/server/refresh.js.map +0 -1
  371. package/dist/component/server/runtime.d.ts +0 -136
  372. package/dist/component/server/runtime.d.ts.map +0 -1
  373. package/dist/component/server/runtime.js +0 -456
  374. package/dist/component/server/runtime.js.map +0 -1
  375. package/dist/component/server/sessions.js +0 -71
  376. package/dist/component/server/sessions.js.map +0 -1
  377. package/dist/component/server/signin.js +0 -225
  378. package/dist/component/server/signin.js.map +0 -1
  379. package/dist/component/server/tokens.js +0 -17
  380. package/dist/component/server/tokens.js.map +0 -1
  381. package/dist/component/server/totp.js +0 -208
  382. package/dist/component/server/totp.js.map +0 -1
  383. package/dist/component/server/types.d.ts +0 -949
  384. package/dist/component/server/types.d.ts.map +0 -1
  385. package/dist/component/server/types.js +0 -79
  386. package/dist/component/server/types.js.map +0 -1
  387. package/dist/component/server/users.js +0 -123
  388. package/dist/component/server/users.js.map +0 -1
  389. package/dist/component/server/utils.js +0 -140
  390. package/dist/component/server/utils.js.map +0 -1
  391. package/dist/core/types.d.ts +0 -361
  392. package/dist/core/types.d.ts.map +0 -1
  393. package/dist/factors/device.js +0 -104
  394. package/dist/factors/device.js.map +0 -1
  395. package/dist/factors/passkey.js.map +0 -1
  396. package/dist/factors/totp.js.map +0 -1
  397. package/dist/providers/anonymous.d.ts.map +0 -1
  398. package/dist/providers/anonymous.js.map +0 -1
  399. package/dist/providers/credentials.d.ts.map +0 -1
  400. package/dist/providers/credentials.js.map +0 -1
  401. package/dist/providers/device.d.ts.map +0 -1
  402. package/dist/providers/device.js.map +0 -1
  403. package/dist/providers/email.d.ts.map +0 -1
  404. package/dist/providers/email.js.map +0 -1
  405. package/dist/providers/oauth.d.ts +0 -69
  406. package/dist/providers/oauth.d.ts.map +0 -1
  407. package/dist/providers/oauth.js +0 -43
  408. package/dist/providers/oauth.js.map +0 -1
  409. package/dist/providers/passkey.d.ts.map +0 -1
  410. package/dist/providers/passkey.js.map +0 -1
  411. package/dist/providers/password.d.ts.map +0 -1
  412. package/dist/providers/password.js.map +0 -1
  413. package/dist/providers/phone.d.ts.map +0 -1
  414. package/dist/providers/phone.js.map +0 -1
  415. package/dist/providers/sso.d.ts.map +0 -1
  416. package/dist/providers/sso.js.map +0 -1
  417. package/dist/providers/totp.d.ts.map +0 -1
  418. package/dist/providers/totp.js.map +0 -1
  419. package/dist/runtime/browser.js +0 -68
  420. package/dist/runtime/browser.js.map +0 -1
  421. package/dist/runtime/invite.js.map +0 -1
  422. package/dist/runtime/proxy.js +0 -70
  423. package/dist/runtime/proxy.js.map +0 -1
  424. package/dist/runtime/storage.js +0 -37
  425. package/dist/runtime/storage.js.map +0 -1
  426. package/dist/server/auth.d.ts.map +0 -1
  427. package/dist/server/auth.js.map +0 -1
  428. package/dist/server/config.d.ts +0 -1
  429. package/dist/server/config.js.map +0 -1
  430. package/dist/server/context.d.ts +0 -1
  431. package/dist/server/context.js.map +0 -1
  432. package/dist/server/cookies.d.ts +0 -1
  433. package/dist/server/cookies.js.map +0 -1
  434. package/dist/server/core.d.ts +0 -1315
  435. package/dist/server/core.d.ts.map +0 -1
  436. package/dist/server/core.js.map +0 -1
  437. package/dist/server/crypto.d.ts +0 -8
  438. package/dist/server/crypto.d.ts.map +0 -1
  439. package/dist/server/crypto.js.map +0 -1
  440. package/dist/server/db.d.ts +0 -1
  441. package/dist/server/db.js.map +0 -1
  442. package/dist/server/device.d.ts +0 -1
  443. package/dist/server/device.js.map +0 -1
  444. package/dist/server/enterprise/config.d.ts +0 -1
  445. package/dist/server/enterprise/config.js.map +0 -1
  446. package/dist/server/enterprise/domain.d.ts +0 -401
  447. package/dist/server/enterprise/domain.d.ts.map +0 -1
  448. package/dist/server/enterprise/domain.js +0 -974
  449. package/dist/server/enterprise/domain.js.map +0 -1
  450. package/dist/server/enterprise/http.d.ts +0 -26
  451. package/dist/server/enterprise/http.d.ts.map +0 -1
  452. package/dist/server/enterprise/http.js +0 -787
  453. package/dist/server/enterprise/http.js.map +0 -1
  454. package/dist/server/enterprise/oidc.d.ts +0 -1
  455. package/dist/server/enterprise/oidc.js +0 -248
  456. package/dist/server/enterprise/oidc.js.map +0 -1
  457. package/dist/server/enterprise/policy.d.ts +0 -1
  458. package/dist/server/enterprise/policy.js +0 -85
  459. package/dist/server/enterprise/policy.js.map +0 -1
  460. package/dist/server/enterprise/saml.d.ts +0 -1
  461. package/dist/server/enterprise/saml.js +0 -338
  462. package/dist/server/enterprise/saml.js.map +0 -1
  463. package/dist/server/enterprise/scim.d.ts +0 -1
  464. package/dist/server/enterprise/scim.js +0 -97
  465. package/dist/server/enterprise/scim.js.map +0 -1
  466. package/dist/server/enterprise/shared.d.ts +0 -5
  467. package/dist/server/enterprise/shared.d.ts.map +0 -1
  468. package/dist/server/enterprise/shared.js +0 -51
  469. package/dist/server/enterprise/shared.js.map +0 -1
  470. package/dist/server/enterprise/validators.d.ts +0 -1
  471. package/dist/server/enterprise/validators.js +0 -60
  472. package/dist/server/enterprise/validators.js.map +0 -1
  473. package/dist/server/http.d.ts.map +0 -1
  474. package/dist/server/http.js.map +0 -1
  475. package/dist/server/identity.d.ts +0 -1
  476. package/dist/server/identity.js.map +0 -1
  477. package/dist/server/keys.d.ts +0 -1
  478. package/dist/server/keys.js.map +0 -1
  479. package/dist/server/limits.d.ts +0 -1
  480. package/dist/server/limits.js.map +0 -1
  481. package/dist/server/mounts.d.ts.map +0 -1
  482. package/dist/server/mounts.js.map +0 -1
  483. package/dist/server/mutations/account.d.ts +0 -29
  484. package/dist/server/mutations/account.d.ts.map +0 -1
  485. package/dist/server/mutations/account.js.map +0 -1
  486. package/dist/server/mutations/code.d.ts +0 -30
  487. package/dist/server/mutations/code.d.ts.map +0 -1
  488. package/dist/server/mutations/code.js.map +0 -1
  489. package/dist/server/mutations/index.d.ts +0 -14
  490. package/dist/server/mutations/invalidate.d.ts +0 -20
  491. package/dist/server/mutations/invalidate.d.ts.map +0 -1
  492. package/dist/server/mutations/invalidate.js.map +0 -1
  493. package/dist/server/mutations/oauth.d.ts +0 -30
  494. package/dist/server/mutations/oauth.d.ts.map +0 -1
  495. package/dist/server/mutations/oauth.js.map +0 -1
  496. package/dist/server/mutations/refresh.d.ts +0 -21
  497. package/dist/server/mutations/refresh.d.ts.map +0 -1
  498. package/dist/server/mutations/refresh.js.map +0 -1
  499. package/dist/server/mutations/register.d.ts +0 -38
  500. package/dist/server/mutations/register.d.ts.map +0 -1
  501. package/dist/server/mutations/register.js.map +0 -1
  502. package/dist/server/mutations/retrieve.d.ts +0 -33
  503. package/dist/server/mutations/retrieve.d.ts.map +0 -1
  504. package/dist/server/mutations/retrieve.js.map +0 -1
  505. package/dist/server/mutations/signature.d.ts +0 -21
  506. package/dist/server/mutations/signature.d.ts.map +0 -1
  507. package/dist/server/mutations/signature.js.map +0 -1
  508. package/dist/server/mutations/signin.d.ts +0 -22
  509. package/dist/server/mutations/signin.d.ts.map +0 -1
  510. package/dist/server/mutations/signin.js.map +0 -1
  511. package/dist/server/mutations/signout.d.ts +0 -16
  512. package/dist/server/mutations/signout.d.ts.map +0 -1
  513. package/dist/server/mutations/signout.js.map +0 -1
  514. package/dist/server/mutations/store/refs.d.ts +0 -12
  515. package/dist/server/mutations/store/refs.d.ts.map +0 -1
  516. package/dist/server/mutations/store/refs.js.map +0 -1
  517. package/dist/server/mutations/store.d.ts +0 -306
  518. package/dist/server/mutations/store.d.ts.map +0 -1
  519. package/dist/server/mutations/store.js.map +0 -1
  520. package/dist/server/mutations/verifier.d.ts +0 -13
  521. package/dist/server/mutations/verifier.d.ts.map +0 -1
  522. package/dist/server/mutations/verifier.js.map +0 -1
  523. package/dist/server/mutations/verify.d.ts +0 -26
  524. package/dist/server/mutations/verify.d.ts.map +0 -1
  525. package/dist/server/mutations/verify.js.map +0 -1
  526. package/dist/server/oauth.d.ts +0 -1
  527. package/dist/server/oauth.js +0 -242
  528. package/dist/server/oauth.js.map +0 -1
  529. package/dist/server/passkey.d.ts +0 -27
  530. package/dist/server/passkey.d.ts.map +0 -1
  531. package/dist/server/passkey.js.map +0 -1
  532. package/dist/server/redirects.d.ts +0 -1
  533. package/dist/server/redirects.js.map +0 -1
  534. package/dist/server/refresh.d.ts +0 -1
  535. package/dist/server/refresh.js.map +0 -1
  536. package/dist/server/runtime.d.ts.map +0 -1
  537. package/dist/server/runtime.js.map +0 -1
  538. package/dist/server/sessions.d.ts +0 -1
  539. package/dist/server/sessions.js.map +0 -1
  540. package/dist/server/signin.d.ts +0 -1
  541. package/dist/server/signin.js.map +0 -1
  542. package/dist/server/ssr.d.ts.map +0 -1
  543. package/dist/server/ssr.js +0 -777
  544. package/dist/server/ssr.js.map +0 -1
  545. package/dist/server/templates.d.ts +0 -1
  546. package/dist/server/templates.js.map +0 -1
  547. package/dist/server/tokens.d.ts +0 -1
  548. package/dist/server/tokens.js.map +0 -1
  549. package/dist/server/totp.d.ts +0 -1
  550. package/dist/server/totp.js.map +0 -1
  551. package/dist/server/types.d.ts.map +0 -1
  552. package/dist/server/types.js.map +0 -1
  553. package/dist/server/users.d.ts +0 -1
  554. package/dist/server/users.js.map +0 -1
  555. package/dist/server/utils.d.ts +0 -1
  556. package/dist/server/utils.js +0 -140
  557. package/dist/server/utils.js.map +0 -1
  558. package/src/authorization/index.ts +0 -83
  559. package/src/cli/bin.ts +0 -5
  560. package/src/cli/command.ts +0 -70
  561. package/src/cli/index.ts +0 -1112
  562. package/src/cli/keys.ts +0 -23
  563. package/src/client/core/types.ts +0 -437
  564. package/src/client/factors/device.ts +0 -158
  565. package/src/client/factors/passkey.ts +0 -279
  566. package/src/client/factors/totp.ts +0 -150
  567. package/src/client/index.ts +0 -1124
  568. package/src/client/runtime/browser.ts +0 -112
  569. package/src/client/runtime/invite.ts +0 -63
  570. package/src/client/runtime/proxy.ts +0 -111
  571. package/src/client/runtime/storage.ts +0 -79
  572. package/src/component/_generated/api.ts +0 -96
  573. package/src/component/_generated/component.ts +0 -3774
  574. package/src/component/_generated/dataModel.ts +0 -60
  575. package/src/component/_generated/server.ts +0 -156
  576. package/src/component/convex.config.ts +0 -5
  577. package/src/component/functions.ts +0 -104
  578. package/src/component/index.ts +0 -42
  579. package/src/component/model.ts +0 -449
  580. package/src/component/public/enterprise/audit.ts +0 -125
  581. package/src/component/public/enterprise/core.ts +0 -355
  582. package/src/component/public/enterprise/domains.ts +0 -327
  583. package/src/component/public/enterprise/scim.ts +0 -397
  584. package/src/component/public/enterprise/secrets.ts +0 -133
  585. package/src/component/public/enterprise/webhooks.ts +0 -307
  586. package/src/component/public/factors/devices.ts +0 -224
  587. package/src/component/public/factors/passkeys.ts +0 -243
  588. package/src/component/public/factors/totp.ts +0 -259
  589. package/src/component/public/groups/core.ts +0 -481
  590. package/src/component/public/groups/invites.ts +0 -608
  591. package/src/component/public/groups/members.ts +0 -410
  592. package/src/component/public/identity/accounts.ts +0 -207
  593. package/src/component/public/identity/codes.ts +0 -149
  594. package/src/component/public/identity/sessions.ts +0 -210
  595. package/src/component/public/identity/tokens.ts +0 -251
  596. package/src/component/public/identity/users.ts +0 -355
  597. package/src/component/public/identity/verifiers.ts +0 -158
  598. package/src/component/public/security/keys.ts +0 -366
  599. package/src/component/public/security/limits.ts +0 -174
  600. package/src/component/public.ts +0 -27
  601. package/src/component/schema.ts +0 -505
  602. package/src/providers/anonymous.ts +0 -99
  603. package/src/providers/credentials.ts +0 -102
  604. package/src/providers/device.ts +0 -87
  605. package/src/providers/email.ts +0 -99
  606. package/src/providers/index.ts +0 -31
  607. package/src/providers/oauth.ts +0 -117
  608. package/src/providers/passkey.ts +0 -77
  609. package/src/providers/password.ts +0 -441
  610. package/src/providers/phone.ts +0 -93
  611. package/src/providers/sso.ts +0 -54
  612. package/src/providers/totp.ts +0 -62
  613. package/src/samlify.d.ts +0 -53
  614. package/src/server/auth.ts +0 -949
  615. package/src/server/config.ts +0 -200
  616. package/src/server/context.ts +0 -90
  617. package/src/server/cookies.ts +0 -49
  618. package/src/server/core.ts +0 -2004
  619. package/src/server/crypto.ts +0 -90
  620. package/src/server/db.ts +0 -203
  621. package/src/server/device.ts +0 -254
  622. package/src/server/enterprise/config.ts +0 -51
  623. package/src/server/enterprise/domain.ts +0 -1739
  624. package/src/server/enterprise/http.ts +0 -1331
  625. package/src/server/enterprise/oidc.ts +0 -500
  626. package/src/server/enterprise/policy.ts +0 -128
  627. package/src/server/enterprise/saml.ts +0 -578
  628. package/src/server/enterprise/scim.ts +0 -135
  629. package/src/server/enterprise/shared.ts +0 -134
  630. package/src/server/enterprise/validators.ts +0 -93
  631. package/src/server/http.ts +0 -790
  632. package/src/server/identity.ts +0 -18
  633. package/src/server/index.ts +0 -40
  634. package/src/server/keys.ts +0 -158
  635. package/src/server/limits.ts +0 -107
  636. package/src/server/mounts.ts +0 -924
  637. package/src/server/mutations/account.ts +0 -62
  638. package/src/server/mutations/code.ts +0 -119
  639. package/src/server/mutations/index.ts +0 -13
  640. package/src/server/mutations/invalidate.ts +0 -50
  641. package/src/server/mutations/oauth.ts +0 -243
  642. package/src/server/mutations/refresh.ts +0 -299
  643. package/src/server/mutations/register.ts +0 -155
  644. package/src/server/mutations/retrieve.ts +0 -109
  645. package/src/server/mutations/signature.ts +0 -57
  646. package/src/server/mutations/signin.ts +0 -54
  647. package/src/server/mutations/signout.ts +0 -43
  648. package/src/server/mutations/store/refs.ts +0 -10
  649. package/src/server/mutations/store.ts +0 -123
  650. package/src/server/mutations/verifier.ts +0 -34
  651. package/src/server/mutations/verify.ts +0 -200
  652. package/src/server/oauth.ts +0 -418
  653. package/src/server/passkey.ts +0 -838
  654. package/src/server/redirects.ts +0 -59
  655. package/src/server/refresh.ts +0 -218
  656. package/src/server/runtime.ts +0 -918
  657. package/src/server/sessions.ts +0 -132
  658. package/src/server/signin.ts +0 -445
  659. package/src/server/ssr.ts +0 -1747
  660. package/src/server/templates.ts +0 -82
  661. package/src/server/tokens.ts +0 -35
  662. package/src/server/totp.ts +0 -399
  663. package/src/server/types.ts +0 -1942
  664. package/src/server/users.ts +0 -291
  665. package/src/server/utils.ts +0 -220
  666. /package/dist/{runtime → client/runtime}/invite.js +0 -0
@@ -1,576 +0,0 @@
1
- import { getSessionUserId } from "./context.js";
2
- import { materializeProvider } from "./config.js";
3
- import { TOKEN_SUB_CLAIM_DIVIDER, generateRandomString, sha256 } from "./utils.js";
4
- import { buildScopeChecker, checkKeyRateLimit, generateApiKey, hashApiKey } from "./keys.js";
5
- import { signInImpl } from "./signin.js";
6
- import { Cv } from "@robelest/fx/convex";
7
-
8
- //#region src/server/core.ts
9
- /**
10
- * Build the core auth domains that back the canonical app API surface.
11
- *
12
- * Creates the grouped `user`, `session`, `account`, `provider`, `group`,
13
- * `member`, `invite`, and `key` APIs used by the higher-level auth
14
- * factory. Each namespace wraps the underlying Convex component functions with
15
- * application-friendly helpers, result shaping, and documentation-friendly
16
- * method names.
17
- *
18
- * @param deps - Internal component wiring, provider config, and helper
19
- * functions needed to construct the domain API surface.
20
- * @returns The core domain namespaces consumed by the auth factory.
21
- */
22
- function createCoreDomains(deps) {
23
- const { config, getAuth, callInvalidateSessions, callCreateAccountFromCredentials, callRetrieveAccountWithCredentials, callModifyAccount, getEnrichCtx, inviteTokenAlphabet, inviteTokenLength } = deps;
24
- const roleDefinitions = config.authorization.roles;
25
- const getRoleDefinition = (roleId) => {
26
- return roleDefinitions[roleId] ?? null;
27
- };
28
- const normalizeRoleIds = (roleIds) => {
29
- const normalized = Array.from(new Set(roleIds ?? []));
30
- const invalid = normalized.filter((id) => getRoleDefinition(id) === null);
31
- if (invalid.length > 0) throw Cv.error({
32
- code: "INVALID_ROLE_IDS",
33
- message: "One or more role IDs are invalid.",
34
- invalidRoleIds: invalid
35
- });
36
- return normalized;
37
- };
38
- const listAllKeysByUser = async (ctx, userId) => {
39
- const items = [];
40
- let cursor = null;
41
- do {
42
- const page = await ctx.runQuery(config.component.public.keyList, {
43
- where: { userId },
44
- limit: 100,
45
- cursor
46
- });
47
- items.push(...page.items);
48
- cursor = page.nextCursor;
49
- } while (cursor !== null);
50
- return items;
51
- };
52
- const listAllMembersByUser = async (ctx, userId) => {
53
- const items = [];
54
- let cursor = null;
55
- do {
56
- const page = await ctx.runQuery(config.component.public.memberList, {
57
- where: { userId },
58
- limit: 100,
59
- cursor
60
- });
61
- items.push(...page.items);
62
- cursor = page.nextCursor;
63
- } while (cursor !== null);
64
- return items;
65
- };
66
- const resolveGrantedPermissions = (roleIds) => {
67
- const grants = /* @__PURE__ */ new Set();
68
- for (const roleId of roleIds ?? []) {
69
- const role = getRoleDefinition(roleId);
70
- if (role === null) continue;
71
- for (const grant of role.grants) grants.add(grant);
72
- }
73
- return Array.from(grants).sort();
74
- };
75
- const AUTH_CACHE = Symbol("__convexAuthCache");
76
- function cache(ctx) {
77
- if (!ctx[AUTH_CACHE]) ctx[AUTH_CACHE] = {
78
- users: /* @__PURE__ */ new Map(),
79
- groups: /* @__PURE__ */ new Map()
80
- };
81
- return ctx[AUTH_CACHE];
82
- }
83
- const user = {
84
- get: async (ctx, userId) => {
85
- const c = cache(ctx);
86
- if (c.users.has(userId)) return c.users.get(userId);
87
- const result = await ctx.runQuery(config.component.public.userGetById, { userId });
88
- c.users.set(userId, result);
89
- return result;
90
- },
91
- list: async (ctx, opts = {}) => {
92
- return await ctx.runQuery(config.component.public.userList, opts);
93
- },
94
- viewer: async (ctx) => {
95
- const userId = await getSessionUserId(ctx);
96
- if (userId === null) return null;
97
- return await user.get(ctx, userId);
98
- },
99
- update: async (ctx, userId, data) => {
100
- await ctx.runMutation(config.component.public.userPatch, {
101
- userId,
102
- data
103
- });
104
- return { userId };
105
- },
106
- setActiveGroup: async (ctx, opts) => {
107
- const doc = await user.get(ctx, opts.userId);
108
- const existingExtend = doc !== null && doc.extend !== null && typeof doc.extend === "object" && !Array.isArray(doc.extend) ? { ...doc.extend } : {};
109
- if (opts.groupId === null) {
110
- const { lastActiveGroup: _omit, ...rest } = existingExtend;
111
- await user.update(ctx, opts.userId, { extend: rest });
112
- return {
113
- userId: opts.userId,
114
- groupId: null
115
- };
116
- }
117
- await user.update(ctx, opts.userId, { extend: {
118
- ...existingExtend,
119
- lastActiveGroup: opts.groupId
120
- } });
121
- return {
122
- userId: opts.userId,
123
- groupId: opts.groupId
124
- };
125
- },
126
- getActiveGroup: async (ctx, opts) => {
127
- const doc = await user.get(ctx, opts.userId);
128
- if (doc !== null && doc.extend !== null && typeof doc.extend === "object" && !Array.isArray(doc.extend)) {
129
- const val = doc.extend.lastActiveGroup;
130
- if (typeof val === "string") return val;
131
- }
132
- return null;
133
- },
134
- delete: async (ctx, userId, opts) => {
135
- const cascade = opts?.cascade !== false;
136
- const [sessions, accounts, keys, members, passkeys, totps] = await Promise.all([
137
- ctx.runQuery(config.component.public.sessionListByUser, { userId }),
138
- ctx.runQuery(config.component.public.accountListByUser, { userId }),
139
- listAllKeysByUser(ctx, userId),
140
- listAllMembersByUser(ctx, userId),
141
- ctx.runQuery(config.component.public.passkeyListByUserId, { userId }),
142
- ctx.runQuery(config.component.public.totpListByUserId, { userId })
143
- ]);
144
- const totalLinked = sessions.length + accounts.length + keys.length + members.length + passkeys.length + totps.length;
145
- if (!cascade && totalLinked > 0) throw Cv.error({
146
- code: "INVALID_PARAMETERS",
147
- message: "The provided parameters are invalid."
148
- });
149
- const deletions = [];
150
- for (const s of sessions) deletions.push(ctx.runMutation(config.component.public.sessionDelete, { sessionId: s._id }));
151
- for (const a of accounts) deletions.push(ctx.runMutation(config.component.public.accountDelete, { accountId: a._id }));
152
- for (const k of keys) deletions.push(ctx.runMutation(config.component.public.keyDelete, { keyId: k._id }));
153
- for (const m of members) deletions.push(ctx.runMutation(config.component.public.memberRemove, { memberId: m._id }));
154
- for (const p of passkeys) deletions.push(ctx.runMutation(config.component.public.passkeyDelete, { passkeyId: p._id }));
155
- for (const t of totps) deletions.push(ctx.runMutation(config.component.public.totpDelete, { totpId: t._id }));
156
- await Promise.all(deletions);
157
- await ctx.runMutation(config.component.public.userDelete, { userId });
158
- return { userId };
159
- }
160
- };
161
- const session = {
162
- current: async (ctx) => {
163
- const identity = await ctx.auth.getUserIdentity();
164
- if (identity === null) return null;
165
- const [, sessionId] = identity.subject.split(TOKEN_SUB_CLAIM_DIVIDER);
166
- return sessionId;
167
- },
168
- invalidate: async (ctx, args) => {
169
- await callInvalidateSessions(ctx, args);
170
- return {
171
- userId: args.userId,
172
- except: args.except ?? []
173
- };
174
- },
175
- get: async (ctx, sessionId) => {
176
- return await ctx.runQuery(config.component.public.sessionGetById, { sessionId });
177
- },
178
- list: async (ctx, opts) => {
179
- return await ctx.runQuery(config.component.public.sessionListByUser, { userId: opts.userId });
180
- }
181
- };
182
- const account = {
183
- create: async (ctx, args) => {
184
- return { ...await callCreateAccountFromCredentials(ctx, args) };
185
- },
186
- get: async (ctx, args) => {
187
- const result = await callRetrieveAccountWithCredentials(ctx, args);
188
- if (typeof result === "string") return null;
189
- return result;
190
- },
191
- update: async (ctx, args) => {
192
- await callModifyAccount(ctx, args);
193
- return { accountId: args.account.id };
194
- },
195
- delete: async (ctx, accountId) => {
196
- const doc = await ctx.runQuery(config.component.public.accountGetById, { accountId });
197
- if (doc === null) throw Cv.error({
198
- code: "ACCOUNT_NOT_FOUND",
199
- message: "Account not found."
200
- });
201
- if ((await ctx.runQuery(config.component.public.accountListByUser, { userId: doc.userId })).length <= 1) throw Cv.error({
202
- code: "INVALID_PARAMETERS",
203
- message: "The provided parameters are invalid."
204
- });
205
- await ctx.runMutation(config.component.public.accountDelete, { accountId });
206
- return { accountId };
207
- },
208
- listPasskeys: async (ctx, opts) => {
209
- return await ctx.runQuery(config.component.public.passkeyListByUserId, opts);
210
- },
211
- renamePasskey: async (ctx, passkeyId, name) => {
212
- await ctx.runMutation(config.component.public.passkeyUpdateMeta, {
213
- passkeyId,
214
- data: { name }
215
- });
216
- return { passkeyId };
217
- },
218
- deletePasskey: async (ctx, passkeyId) => {
219
- await ctx.runMutation(config.component.public.passkeyDelete, { passkeyId });
220
- return { passkeyId };
221
- },
222
- listTotps: async (ctx, opts) => {
223
- return await ctx.runQuery(config.component.public.totpListByUserId, opts);
224
- },
225
- deleteTotp: async (ctx, totpId) => {
226
- await ctx.runMutation(config.component.public.totpDelete, { totpId });
227
- return { totpId };
228
- }
229
- };
230
- const provider = { signIn: async (ctx, providerConfig, args) => {
231
- const result = await signInImpl(getEnrichCtx()(ctx), materializeProvider(providerConfig), args, {
232
- generateTokens: false,
233
- allowExtraProviders: true
234
- });
235
- return result.kind === "signedIn" ? result.signedIn !== null ? {
236
- userId: result.signedIn.userId,
237
- sessionId: result.signedIn.sessionId
238
- } : null : null;
239
- } };
240
- const group = {
241
- create: async (ctx, data) => {
242
- return { groupId: await ctx.runMutation(config.component.public.groupCreate, data) };
243
- },
244
- get: async (ctx, groupId) => {
245
- const c = cache(ctx);
246
- if (c.groups.has(groupId)) return c.groups.get(groupId);
247
- const result = await ctx.runQuery(config.component.public.groupGet, { groupId });
248
- c.groups.set(groupId, result);
249
- return result;
250
- },
251
- list: async (ctx, opts) => {
252
- return await ctx.runQuery(config.component.public.groupList, {
253
- where: opts?.where,
254
- limit: opts?.limit,
255
- cursor: opts?.cursor,
256
- orderBy: opts?.orderBy,
257
- order: opts?.order
258
- });
259
- },
260
- update: async (ctx, groupId, data) => {
261
- await ctx.runMutation(config.component.public.groupUpdate, {
262
- groupId,
263
- data
264
- });
265
- return { groupId };
266
- },
267
- delete: async (ctx, groupId) => {
268
- await ctx.runMutation(config.component.public.groupDelete, { groupId });
269
- return { groupId };
270
- },
271
- ancestors: async (ctx, opts) => {
272
- const maxDepth = Math.max(0, Math.floor(opts.maxDepth ?? 32));
273
- const visited = /* @__PURE__ */ new Set();
274
- const ancestors = [];
275
- let cycleDetected = false;
276
- let maxDepthReached = false;
277
- let currentGroupId = opts.groupId;
278
- let depth = 0;
279
- let isFirst = true;
280
- while (currentGroupId !== void 0) {
281
- if (depth > maxDepth) {
282
- maxDepthReached = true;
283
- break;
284
- }
285
- if (visited.has(currentGroupId)) {
286
- cycleDetected = true;
287
- break;
288
- }
289
- visited.add(currentGroupId);
290
- const doc = await group.get(ctx, currentGroupId);
291
- if (doc === null) break;
292
- if (isFirst) {
293
- isFirst = false;
294
- if (opts.includeSelf) ancestors.push(doc);
295
- currentGroupId = doc.parentGroupId;
296
- depth += 1;
297
- continue;
298
- }
299
- ancestors.push(doc);
300
- currentGroupId = doc.parentGroupId;
301
- depth += 1;
302
- }
303
- return {
304
- ancestors,
305
- cycleDetected,
306
- maxDepthReached
307
- };
308
- }
309
- };
310
- const member = {
311
- create: async (ctx, data) => {
312
- const roleIds = normalizeRoleIds(data.roleIds);
313
- return { memberId: await ctx.runMutation(config.component.public.memberAdd, {
314
- ...data,
315
- roleIds
316
- }) };
317
- },
318
- get: async (ctx, memberId) => {
319
- return await ctx.runQuery(config.component.public.memberGet, { memberId });
320
- },
321
- list: async (ctx, opts) => {
322
- return await ctx.runQuery(config.component.public.memberList, {
323
- where: opts?.where,
324
- limit: opts?.limit,
325
- cursor: opts?.cursor,
326
- orderBy: opts?.orderBy,
327
- order: opts?.order
328
- });
329
- },
330
- delete: async (ctx, memberId) => {
331
- await ctx.runMutation(config.component.public.memberRemove, { memberId });
332
- return { memberId };
333
- },
334
- update: async (ctx, memberId, data) => {
335
- const nextData = { ...data };
336
- if ("roleIds" in nextData) nextData.roleIds = normalizeRoleIds(Array.isArray(nextData.roleIds) ? nextData.roleIds : void 0);
337
- await ctx.runMutation(config.component.public.memberUpdate, {
338
- memberId,
339
- data: nextData
340
- });
341
- return { memberId };
342
- },
343
- inspect: async (ctx, opts) => {
344
- const useAncestry = opts.ancestry === true;
345
- let membership = null;
346
- if (useAncestry) {
347
- const maxDepth = Math.max(0, Math.floor(opts.maxDepth ?? 32));
348
- membership = (await ctx.runQuery(config.component.public.memberResolve, {
349
- userId: opts.userId,
350
- groupId: opts.groupId,
351
- maxDepth,
352
- ancestry: true
353
- })).membership;
354
- } else membership = await ctx.runQuery(config.component.public.memberGetByGroupAndUser, {
355
- userId: opts.userId,
356
- groupId: opts.groupId
357
- });
358
- if (membership === null) return {
359
- membership: null,
360
- roleIds: [],
361
- grants: []
362
- };
363
- const membershipRoleIds = membership.roleIds ?? [];
364
- const membershipGrants = resolveGrantedPermissions(membershipRoleIds);
365
- return {
366
- membership,
367
- roleIds: membershipRoleIds,
368
- grants: membershipGrants
369
- };
370
- },
371
- require: async (ctx, opts) => {
372
- const validatedRoleIds = normalizeRoleIds(opts.roleIds);
373
- const requiredGrants = Array.from(new Set(opts.grants ?? []));
374
- const roleFilter = validatedRoleIds.length > 0 ? new Set(validatedRoleIds) : null;
375
- const result = await member.inspect(ctx, {
376
- userId: opts.userId,
377
- groupId: opts.groupId,
378
- ancestry: opts.ancestry,
379
- maxDepth: opts.maxDepth
380
- });
381
- if (result.membership === null) throw Cv.error({
382
- code: "NOT_A_MEMBER",
383
- message: "User is not a member of this group.",
384
- groupId: opts.groupId
385
- });
386
- if (roleFilter !== null && !result.roleIds.some((roleId) => roleFilter.has(roleId))) throw Cv.error({
387
- code: "NOT_A_MEMBER",
388
- message: "User is not a member of this group.",
389
- groupId: opts.groupId
390
- });
391
- const missingGrants = requiredGrants.filter((grant) => !result.grants.includes(grant));
392
- if (missingGrants.length > 0) throw Cv.error({
393
- code: "MISSING_GRANTS",
394
- message: "User is missing required grants.",
395
- groupId: opts.groupId,
396
- missingGrants
397
- });
398
- return result;
399
- }
400
- };
401
- const invite = {
402
- create: async (ctx, data) => {
403
- const roleIds = normalizeRoleIds(data.roleIds);
404
- const token = generateRandomString(inviteTokenLength, inviteTokenAlphabet);
405
- const tokenHash = await sha256(token);
406
- return {
407
- inviteId: await ctx.runMutation(config.component.public.inviteCreate, {
408
- ...data,
409
- roleIds,
410
- tokenHash,
411
- status: "pending"
412
- }),
413
- token
414
- };
415
- },
416
- get: async (ctx, inviteId) => {
417
- return await ctx.runQuery(config.component.public.inviteGet, { inviteId });
418
- },
419
- token: {
420
- get: async (ctx, token) => {
421
- const tokenHash = await sha256(token);
422
- return await ctx.runQuery(config.component.public.inviteGetByTokenHash, { tokenHash });
423
- },
424
- accept: async (ctx, args) => {
425
- const tokenHash = await sha256(args.token);
426
- return { ...await ctx.runMutation(config.component.public.inviteAcceptByToken, {
427
- tokenHash,
428
- acceptedByUserId: args.acceptedByUserId
429
- }) };
430
- }
431
- },
432
- list: async (ctx, opts) => {
433
- return await ctx.runQuery(config.component.public.inviteList, {
434
- where: opts?.where,
435
- limit: opts?.limit,
436
- cursor: opts?.cursor,
437
- orderBy: opts?.orderBy,
438
- order: opts?.order
439
- });
440
- },
441
- accept: async (ctx, inviteId, acceptedByUserId) => {
442
- await ctx.runMutation(config.component.public.inviteAccept, {
443
- inviteId,
444
- ...acceptedByUserId ? { acceptedByUserId } : {}
445
- });
446
- return {
447
- inviteId,
448
- acceptedByUserId: acceptedByUserId ?? null
449
- };
450
- },
451
- revoke: async (ctx, inviteId) => {
452
- await ctx.runMutation(config.component.public.inviteRevoke, { inviteId });
453
- return { inviteId };
454
- }
455
- };
456
- const key = {
457
- create: async (ctx, opts) => {
458
- const { raw, hashedKey, displayPrefix } = await generateApiKey("sk_");
459
- return {
460
- keyId: await ctx.runMutation(config.component.public.keyInsert, {
461
- userId: opts.userId,
462
- prefix: displayPrefix,
463
- hashedKey,
464
- name: opts.name,
465
- scopes: opts.scopes,
466
- rateLimit: opts.rateLimit,
467
- expiresAt: opts.expiresAt,
468
- metadata: opts.metadata
469
- }),
470
- secret: raw
471
- };
472
- },
473
- verify: async (ctx, rawKey) => {
474
- const hashedKey = await hashApiKey(rawKey);
475
- const doc = await ctx.runQuery(config.component.public.keyGetByHashedKey, { hashedKey });
476
- if (!doc) throw Cv.error({
477
- code: "INVALID_API_KEY",
478
- message: "Invalid API key."
479
- });
480
- const k = doc;
481
- if (k.revoked) throw Cv.error({
482
- code: "API_KEY_REVOKED",
483
- message: "This API key has been revoked."
484
- });
485
- if (k.expiresAt && k.expiresAt < Date.now()) throw Cv.error({
486
- code: "API_KEY_EXPIRED",
487
- message: "This API key has expired."
488
- });
489
- const patchData = { lastUsedAt: Date.now() };
490
- if (k.rateLimit) {
491
- const { limited, newState } = checkKeyRateLimit(k.rateLimit, k.rateLimitState ?? void 0);
492
- if (limited) throw Cv.error({
493
- code: "API_KEY_RATE_LIMITED",
494
- message: "API key rate limit exceeded. Please try again later."
495
- });
496
- patchData.rateLimitState = newState;
497
- }
498
- await ctx.runMutation(config.component.public.keyPatch, {
499
- keyId: k._id,
500
- data: patchData
501
- });
502
- return {
503
- userId: k.userId,
504
- keyId: k._id,
505
- scopes: buildScopeChecker(k.scopes)
506
- };
507
- },
508
- list: async (ctx, opts) => {
509
- return await ctx.runQuery(config.component.public.keyList, {
510
- where: opts?.where,
511
- limit: opts?.limit,
512
- cursor: opts?.cursor,
513
- orderBy: opts?.orderBy,
514
- order: opts?.order
515
- });
516
- },
517
- get: async (ctx, keyId) => {
518
- return await ctx.runQuery(config.component.public.keyGetById, { keyId }) ?? null;
519
- },
520
- update: async (ctx, keyId, data) => {
521
- await ctx.runMutation(config.component.public.keyPatch, {
522
- keyId,
523
- data
524
- });
525
- return { keyId };
526
- },
527
- revoke: async (ctx, keyId) => {
528
- await ctx.runMutation(config.component.public.keyPatch, {
529
- keyId,
530
- data: { revoked: true }
531
- });
532
- return { keyId };
533
- },
534
- delete: async (ctx, keyId) => {
535
- await ctx.runMutation(config.component.public.keyDelete, { keyId });
536
- return { keyId };
537
- },
538
- rotate: async (ctx, keyId, opts) => {
539
- const existing = await ctx.runQuery(config.component.public.keyGetById, { keyId });
540
- if (!existing) throw Cv.error({
541
- code: "INVALID_PARAMETERS",
542
- message: "The provided parameters are invalid."
543
- });
544
- if (existing.revoked === true) throw Cv.error({
545
- code: "API_KEY_REVOKED",
546
- message: "This API key has been revoked."
547
- });
548
- await ctx.runMutation(config.component.public.keyPatch, {
549
- keyId,
550
- data: { revoked: true }
551
- });
552
- return await key.create(ctx, {
553
- userId: existing.userId,
554
- name: opts?.name ?? existing.name,
555
- scopes: existing.scopes ?? [],
556
- rateLimit: existing.rateLimit,
557
- expiresAt: opts?.expiresAt,
558
- metadata: existing.metadata
559
- });
560
- }
561
- };
562
- return {
563
- user,
564
- session,
565
- account,
566
- provider,
567
- group,
568
- member,
569
- invite,
570
- key
571
- };
572
- }
573
-
574
- //#endregion
575
- export { createCoreDomains };
576
- //# sourceMappingURL=core.js.map