@robelest/convex-auth 0.0.4-preview.32 → 0.0.4-preview.34

package/dist/component/schema.js

@@ -19,9 +19,19 @@ var schema_default = defineSchema({
 		phone: v.optional(v.string()),
 		phoneVerificationTime: v.optional(v.number()),
 		isAnonymous: v.optional(v.boolean()),
-		hasTotp: v.optional(v.boolean()),
+		lastActiveGroup: v.optional(v.id("Group")),
 		extend: v.optional(v.any())
 	}).index("email", ["email"]).index("email_verified", ["email", "emailVerificationTime"]).index("phone", ["phone"]).index("phone_verified", ["phone", "phoneVerificationTime"]),
+	UserEmail: defineTable({
+		userId: v.id("User"),
+		email: v.string(),
+		verificationTime: v.optional(v.number()),
+		isPrimary: v.boolean(),
+		source: v.union(v.literal("password"), v.literal("oauth"), v.literal("oidc"), v.literal("saml"), v.literal("scim")),
+		accountId: v.optional(v.id("Account")),
+		provider: v.optional(v.string()),
+		connectionId: v.optional(v.id("GroupConnection"))
+	}).index("email", ["email"]).index("email_verified", ["email", "verificationTime"]).index("user_id", ["userId"]).index("user_id_primary", ["userId", "isPrimary"]).index("connection_id_email", ["connectionId", "email"]),
 	Session: defineTable({
 		userId: v.id("User"),
 		expirationTime: v.number()

package/dist/component/session.js

@@ -0,0 +1,3 @@
+import { sessionCreate, sessionDelete, sessionGetById, sessionIssue, sessionList } from "./public/identity/sessions.js";
+
+export { sessionCreate as create, sessionDelete as delete, sessionGetById as get, sessionIssue as issue, sessionList as list };

package/dist/component/sso/audit.js

@@ -0,0 +1,3 @@
+import { groupAuditEventCreate, groupAuditEventList } from "../public/sso/audit.js";
+
+export { groupAuditEventCreate as create, groupAuditEventList as list };

package/dist/component/sso/connection/domain/verification.js

@@ -0,0 +1,3 @@
+import { groupConnectionDomainVerificationDelete, groupConnectionDomainVerificationGet, groupConnectionDomainVerificationUpsert } from "../../../public/sso/domains.js";
+
+export { groupConnectionDomainVerificationDelete as delete, groupConnectionDomainVerificationGet as get, groupConnectionDomainVerificationUpsert as upsert };

package/dist/component/sso/connection/domain.js

@@ -0,0 +1,3 @@
+import { groupConnectionDomainAdd, groupConnectionDomainDelete, groupConnectionDomainList, groupConnectionDomainVerify } from "../../public/sso/domains.js";
+
+export { groupConnectionDomainAdd as create, groupConnectionDomainDelete as delete, groupConnectionDomainList as list, groupConnectionDomainVerify as verify };

package/dist/component/sso/connection/scim/config.js

@@ -0,0 +1,3 @@
+import { groupConnectionScimConfigGet, groupConnectionScimConfigUpsert } from "../../../public/sso/scim.js";
+
+export { groupConnectionScimConfigGet as get, groupConnectionScimConfigUpsert as upsert };

package/dist/component/sso/connection/scim/identity.js

@@ -0,0 +1,3 @@
+import { groupConnectionScimIdentityDelete, groupConnectionScimIdentityGet, groupConnectionScimIdentityListByGroupConnection, groupConnectionScimIdentityUpsert } from "../../../public/sso/scim.js";
+
+export { groupConnectionScimIdentityDelete as delete, groupConnectionScimIdentityGet as get, groupConnectionScimIdentityListByGroupConnection as list, groupConnectionScimIdentityUpsert as upsert };

package/dist/component/sso/connection/secret.js

@@ -0,0 +1,3 @@
+import { groupConnectionSecretDelete, groupConnectionSecretGet, groupConnectionSecretUpsert } from "../../public/sso/secrets.js";
+
+export { groupConnectionSecretDelete as delete, groupConnectionSecretGet as get, groupConnectionSecretUpsert as upsert };

package/dist/component/sso/connection.js

@@ -0,0 +1,3 @@
+import { groupConnectionCreate, groupConnectionDelete, groupConnectionGet, groupConnectionList, groupConnectionUpdate } from "../public/sso/core.js";
+
+export { groupConnectionCreate as create, groupConnectionDelete as delete, groupConnectionGet as get, groupConnectionList as list, groupConnectionUpdate as update };

package/dist/component/sso/webhook/delivery.js

@@ -0,0 +1,3 @@
+import { groupWebhookDeliveryCreate, groupWebhookDeliveryList, groupWebhookDeliveryPatch } from "../../public/sso/webhooks.js";
+
+export { groupWebhookDeliveryCreate as create, groupWebhookDeliveryList as list, groupWebhookDeliveryPatch as update };

package/dist/component/sso/webhook/endpoint.js

@@ -0,0 +1,3 @@
+import { groupWebhookEndpointCreate, groupWebhookEndpointGet, groupWebhookEndpointList, groupWebhookEndpointUpdate } from "../../public/sso/webhooks.js";
+
+export { groupWebhookEndpointCreate as create, groupWebhookEndpointGet as get, groupWebhookEndpointList as list, groupWebhookEndpointUpdate as update };

package/dist/component/token/pkce.js

@@ -0,0 +1,3 @@
+import { verifierCreate, verifierDelete, verifierGet, verifierPatch } from "../public/identity/verifiers.js";
+
+export { verifierCreate as create, verifierDelete as delete, verifierGet as get, verifierPatch as update };

package/dist/component/token/refresh.js

@@ -0,0 +1,3 @@
+import { refreshTokenCreate, refreshTokenDeleteAll, refreshTokenExchange, refreshTokenGet, refreshTokenGetChildren, refreshTokenListBySession, refreshTokenPatch } from "../public/identity/tokens.js";
+
+export { refreshTokenCreate as create, refreshTokenDeleteAll as delete, refreshTokenExchange as exchange, refreshTokenGet as get, refreshTokenListBySession as list, refreshTokenGetChildren as listChildren, refreshTokenPatch as update };

package/dist/component/token/verification.js

@@ -0,0 +1,3 @@
+import { verificationCodeCreate, verificationCodeDelete, verificationCodeGet } from "../public/identity/codes.js";
+
+export { verificationCodeCreate as create, verificationCodeDelete as delete, verificationCodeGet as get };

package/dist/component/user/email.js

@@ -0,0 +1,3 @@
+import { userEmailListByUser, userEmailOwner, userEmailRemove, userEmailSetPrimary, userEmailUpsert } from "../public/identity/users.js";
+
+export { userEmailRemove as delete, userEmailListByUser as list, userEmailOwner as owner, userEmailSetPrimary as setPrimary, userEmailUpsert as upsert };

package/dist/component/user/key.js

@@ -0,0 +1,3 @@
+import { keyDelete, keyGet, keyInsert, keyList, keyPatch } from "../public/security/keys.js";
+
+export { keyInsert as create, keyDelete as delete, keyGet as get, keyList as list, keyPatch as update };

package/dist/component/user.js

@@ -0,0 +1,62 @@
+import { vUserDoc } from "./model.js";
+import { query } from "./functions.js";
+import { userDelete, userInsert, userList, userPatch, userUpsert } from "./public/identity/users.js";
+import { v } from "convex/values";
+
+//#region src/component/user.ts
+/**
+* `component.user.*` — the User entity surface.
+*
+* Reads collapse into one overloaded `get`; the rest are 1:1 verbs.
+*
+* @module
+*/
+/**
+* Read a user by identity. One overloaded function (single Convex
+* function with a unioned `args`/`returns`). Accepts exactly one
+* selector:
+*
+* - `{ id }`           → `Doc<"User"> | null`
+* - `{ ids }`          → `(Doc<"User"> | null)[]` (order preserved, deduped)
+* - `{ verifiedEmail }`→ `Doc<"User"> | null` (exactly-one-or-null)
+* - `{ verifiedPhone }`→ `Doc<"User"> | null` (exactly-one-or-null)
+*
+* @example
+* ```ts
+* await ctx.runQuery(component.user.get, { id: userId });
+* await ctx.runQuery(component.user.get, { ids: memberIds });
+* await ctx.runQuery(component.user.get, { verifiedEmail: "a@b.com" });
+* ```
+*/
+const get = query({
+	args: {
+		id: v.optional(v.id("User")),
+		ids: v.optional(v.array(v.id("User"))),
+		verifiedEmail: v.optional(v.string()),
+		verifiedPhone: v.optional(v.string())
+	},
+	returns: v.union(vUserDoc, v.null(), v.array(v.union(vUserDoc, v.null()))),
+	handler: async (ctx, args) => {
+		if (args.ids !== void 0) {
+			if (args.ids.length === 0) return [];
+			const unique = Array.from(new Set(args.ids));
+			const docs = await Promise.all(unique.map((id) => ctx.db.get("User", id)));
+			const byId = new Map(unique.map((id, i) => [id, docs[i] ?? null]));
+			return args.ids.map((id) => byId.get(id) ?? null);
+		}
+		if (args.verifiedEmail !== void 0) {
+			const users = await ctx.db.query("User").withIndex("email_verified", (q) => q.eq("email", args.verifiedEmail).gt("emailVerificationTime", void 0)).take(2);
+			return users.length === 1 ? users[0] : null;
+		}
+		if (args.verifiedPhone !== void 0) {
+			const users = await ctx.db.query("User").withIndex("phone_verified", (q) => q.eq("phone", args.verifiedPhone).gt("phoneVerificationTime", void 0)).take(2);
+			return users.length === 1 ? users[0] : null;
+		}
+		if (args.id === void 0) return null;
+		return await ctx.db.get("User", args.id);
+	}
+});
+
+//#endregion
+export { userInsert as create, userDelete as delete, get, userList as list, userPatch as update, userUpsert as upsert };
+//# sourceMappingURL=user.js.map

package/dist/core/index.d.ts

@@ -1,9 +1,10 @@
 import { AuthAuthorizationConfig, ConvexAuthConfig, Doc, KeyDoc, KeyScope, ScopeChecker, UserOrderBy, UserWhere } from "../server/types.js";
 import { AuthConfig, AuthContext, AuthContextConfig, AuthContextFactory, AuthContextResolver, OptionalAuthContext, UserDoc } from "../server/facade.js";
 import { ComponentCtx, ComponentReadCtx } from "../server/component/context.js";
+import "../server/identity/convex.js";
 import { AuthProfile } from "../server/payloads.js";
+import "../server/index.js";
 import "../component/index.js";
-import "../server/identity/convex.js";
 import * as convex_values0 from "convex/values";
 import * as convex_server0 from "convex/server";
 import * as fluent_convex0 from "fluent-convex";
@@ -53,26 +54,51 @@ declare function createAuthContext(component: ConvexAuthConfig["component"], con
       cursor?: string | null;
       orderBy?: UserOrderBy;
       order?: "asc" | "desc";
-    }) => Promise<any>;
+    }) => Promise<{
+      items: Doc<"User">[];
+      nextCursor: string | null;
+    }>;
     viewer: (ctx: ComponentReadCtx & {
       auth: convex_server0.Auth;
     }) => Promise<Doc<"User"> | null>;
+    email: {
+      list: (ctx: ComponentReadCtx & {
+        auth: convex_server0.Auth;
+      }, opts?: {
+        userId?: string;
+      }) => Promise<Doc<"UserEmail">[]>;
+      add: (ctx: ComponentCtx & {
+        auth: convex_server0.Auth;
+      }, email: string, opts?: {
+        userId?: string;
+      }) => Promise<{
+        email: string;
+      }>;
+      remove: (ctx: ComponentCtx & {
+        auth: convex_server0.Auth;
+      }, email: string, opts?: {
+        userId?: string;
+      }) => Promise<{
+        email: string;
+      }>;
+      primary: {
+        (ctx: ComponentReadCtx & {
+          auth: convex_server0.Auth;
+        }, opts?: {
+          userId?: string;
+        }): Promise<Doc<"UserEmail"> | null>;
+        (ctx: ComponentCtx & {
+          auth: convex_server0.Auth;
+        }, email: string, opts?: {
+          userId?: string;
+        }): Promise<{
+          email: string;
+        }>;
+      };
+    };
     update: (ctx: ComponentCtx, userId: string, data: Record<string, unknown>) => Promise<{
       userId: string;
     }>;
-    setActiveGroup: (ctx: ComponentCtx, opts: {
-      userId: string;
-      groupId: string | null;
-    }) => Promise<{
-      userId: string;
-      groupId: null;
-    } | {
-      userId: string;
-      groupId: string;
-    }>;
-    getActiveGroup: (ctx: ComponentReadCtx, opts: {
-      userId: string;
-    }) => Promise<string | null>;
     delete: (ctx: ComponentCtx, userId: string, opts?: {
       cascade?: boolean;
     }) => Promise<{
@@ -87,10 +113,10 @@ declare function createAuthContext(component: ConvexAuthConfig["component"], con
       userId: convex_values0.GenericId<"User">;
       except: convex_values0.GenericId<"Session">[];
     }>;
-    get: (ctx: ComponentReadCtx, sessionId: string) => Promise<any>;
+    get: (ctx: ComponentReadCtx, sessionId: string) => Promise<Doc<"Session"> | null>;
     list: (ctx: ComponentReadCtx, opts: {
       userId: string;
-    }) => Promise<any>;
+    }) => Promise<Doc<"Session">[]>;
   };
   account: {
     create: <DataModel extends fluent_convex0.GenericDataModel>(ctx: convex_server0.GenericActionCtx<DataModel>, args: {
@@ -138,7 +164,7 @@ declare function createAuthContext(component: ConvexAuthConfig["component"], con
     }>;
     listPasskeys: (ctx: ComponentReadCtx, opts: {
       userId: string;
-    }) => Promise<any>;
+    }) => Promise<Doc<"Passkey">[]>;
     renamePasskey: (ctx: ComponentCtx, passkeyId: string, name: string) => Promise<{
       passkeyId: string;
     }>;
@@ -147,7 +173,7 @@ declare function createAuthContext(component: ConvexAuthConfig["component"], con
     }>;
     listTotps: (ctx: ComponentReadCtx, opts: {
       userId: string;
-    }) => Promise<any>;
+    }) => Promise<Doc<"TotpFactor">[]>;
     deleteTotp: (ctx: ComponentCtx, totpId: string) => Promise<{
       totpId: string;
     }>;
@@ -169,6 +195,17 @@ declare function createAuthContext(component: ConvexAuthConfig["component"], con
     get: {
       (ctx: ComponentReadCtx, groupId: string): Promise<Doc<"Group"> | null>;
       (ctx: ComponentReadCtx, groupIds: readonly string[]): Promise<Array<Doc<"Group"> | null>>;
+      (ctx: ComponentReadCtx, selector: {
+        slug: string;
+      }): Promise<Doc<"Group"> | null>;
+      (ctx: ComponentReadCtx, groupId: string, opts: {
+        tree: true;
+      }): Promise<{
+        current: Doc<"Group">;
+        parent: Doc<"Group"> | null;
+        children: Array<Doc<"Group">>;
+        ancestors: Array<Doc<"Group">>;
+      } | null>;
     };
     list: (ctx: ComponentReadCtx, opts?: {
       where?: {
@@ -190,7 +227,10 @@ declare function createAuthContext(component: ConvexAuthConfig["component"], con
       cursor?: string | null;
       orderBy?: "_creationTime" | "name" | "slug" | "type";
       order?: "asc" | "desc";
-    }) => Promise<any>;
+    }) => Promise<{
+      items: Doc<"Group">[];
+      nextCursor: string | null;
+    }>;
     update: (ctx: ComponentCtx, groupId: string, data: Record<string, unknown>) => Promise<{
       groupId: string;
     }>;
@@ -217,8 +257,8 @@ declare function createAuthContext(component: ConvexAuthConfig["component"], con
     }) => Promise<{
       memberId: string;
     }>;
-    get: (ctx: ComponentReadCtx, memberId: string) => Promise<any>;
-    list: (ctx: ComponentReadCtx, opts?: {
+    get: (ctx: ComponentReadCtx, memberId: string) => Promise<Doc<"GroupMember"> | null>;
+    list: <O extends {
       where?: {
         groupId?: string;
         userId?: string;
@@ -229,7 +269,33 @@ declare function createAuthContext(component: ConvexAuthConfig["component"], con
       cursor?: string | null;
       orderBy?: "_creationTime" | "status";
       order?: "asc" | "desc";
-    }) => Promise<any>;
+      withGroup?: true;
+      withGrants?: true;
+    } | undefined = undefined>(ctx: ComponentReadCtx, opts?: O) => Promise<{
+      items: ({
+        _id: convex_values0.GenericId<"GroupMember">;
+        _creationTime: number;
+        extend?: any;
+        status?: string | undefined;
+        role?: string | undefined;
+        roleIds?: string[] | undefined;
+        userId: convex_values0.GenericId<"User">;
+        groupId: convex_values0.GenericId<"Group">;
+      } & {
+        _id: convex_values0.GenericId<"GroupMember">;
+        _creationTime: number;
+      } & (NonNullable<O> extends infer T_2 ? T_2 extends NonNullable<O> ? T_2 extends {
+        withGroup: true;
+      } ? {
+        group: Doc<"Group"> | null;
+      } : unknown : never : never) & (NonNullable<O> extends infer T_3 ? T_3 extends NonNullable<O> ? T_3 extends {
+        withGrants: true;
+      } ? {
+        roleIds: string[];
+        grants: string[];
+      } : unknown : never : never))[];
+      nextCursor: string | null;
+    }>;
     delete: (ctx: ComponentCtx, memberId: string) => Promise<{
       memberId: string;
     }>;
@@ -308,13 +374,19 @@ declare function createAuthContext(component: ConvexAuthConfig["component"], con
       inviteId: string;
       token: string;
     }>;
-    get: (ctx: ComponentReadCtx, inviteId: string) => Promise<any>;
+    get: (ctx: ComponentReadCtx, inviteId: string) => Promise<Doc<"GroupInvite"> | null>;
     token: {
-      get: (ctx: ComponentReadCtx, token: string) => Promise<any>;
+      get: (ctx: ComponentReadCtx, token: string) => Promise<Doc<"GroupInvite"> | null>;
       accept: (ctx: ComponentCtx, args: {
         token: string;
         acceptedByUserId: string;
-      }) => Promise<any>;
+      }) => Promise<{
+        inviteId: string;
+        groupId: string | null;
+        memberId?: string;
+        inviteStatus: string;
+        membershipStatus: string;
+      }>;
     };
     list: (ctx: ComponentReadCtx, opts?: {
       where?: {
@@ -330,7 +402,10 @@ declare function createAuthContext(component: ConvexAuthConfig["component"], con
       cursor?: string | null;
       orderBy?: "_creationTime" | "status" | "email" | "expiresTime" | "acceptedTime";
       order?: "asc" | "desc";
-    }) => Promise<any>;
+    }) => Promise<{
+      items: Doc<"GroupInvite">[];
+      nextCursor: string | null;
+    }>;
     accept: (ctx: ComponentCtx, inviteId: string, acceptedByUserId?: string) => Promise<{
       inviteId: string;
       acceptedByUserId: string | null;
@@ -370,7 +445,10 @@ declare function createAuthContext(component: ConvexAuthConfig["component"], con
       cursor?: string | null;
       orderBy?: "_creationTime" | "name" | "lastUsedAt" | "expiresAt" | "revoked";
       order?: "asc" | "desc";
-    }) => Promise<any>;
+    }) => Promise<{
+      items: Doc<"ApiKey">[];
+      nextCursor: string | null;
+    }>;
     get: (ctx: ComponentReadCtx, keyId: string) => Promise<KeyDoc | null>;
     update: (ctx: ComponentCtx, keyId: string, data: {
       name?: string;
@@ -396,6 +474,31 @@ declare function createAuthContext(component: ConvexAuthConfig["component"], con
       secret: string;
     }>;
   };
+  active: {
+    get: (ctx: ComponentReadCtx & {
+      auth: convex_server0.Auth;
+    }, opts?: {
+      userId?: string;
+    }) => Promise<{
+      groupId: string;
+      group: Doc<"Group"> | null;
+      membership: Doc<"GroupMember">;
+    } | null>;
+    set: (ctx: ComponentCtx & {
+      auth: convex_server0.Auth;
+    }, groupId: string, opts?: {
+      userId?: string;
+    }) => Promise<{
+      groupId: string;
+    }>;
+    clear: (ctx: ComponentCtx & {
+      auth: convex_server0.Auth;
+    }, opts?: {
+      userId?: string;
+    }) => Promise<{
+      groupId: null;
+    }>;
+  };
 };
 //#endregion
 export { type AuthContext, type AuthContextConfig, type OptionalAuthContext, type UserDoc, createAuthContext };

package/dist/core/index.js

@@ -57,6 +57,7 @@ function createAuthContext(component, config) {
 	});
 	const authLike = {
 		user: domains.user,
+		active: domains.active,
 		member: domains.member
 	};
 	return {
@@ -67,6 +68,7 @@ function createAuthContext(component, config) {
 		member: domains.member,
 		invite: domains.invite,
 		key: domains.key,
+		active: domains.active,
 		...createAuthContextFacade(authLike)
 	};
 }