@rovela-ai/sdk 0.3.34 → 0.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/admin/{styles/admin-theme.css → admin-theme.css} +1 -46
- package/dist/checkout/index.d.ts +1 -1
- package/dist/checkout/index.d.ts.map +1 -1
- package/dist/checkout/server/create-checkout-session.d.ts +10 -1
- package/dist/checkout/server/create-checkout-session.d.ts.map +1 -1
- package/dist/checkout/server/create-checkout-session.js +28 -17
- package/dist/checkout/server/create-checkout-session.js.map +1 -1
- package/dist/checkout/server/handle-webhook.d.ts.map +1 -1
- package/dist/checkout/server/handle-webhook.js +24 -26
- package/dist/checkout/server/handle-webhook.js.map +1 -1
- package/dist/checkout/server/order-service.d.ts +8 -3
- package/dist/checkout/server/order-service.d.ts.map +1 -1
- package/dist/checkout/server/order-service.js +60 -14
- package/dist/checkout/server/order-service.js.map +1 -1
- package/dist/index.d.ts +4 -4
- package/dist/index.d.ts.map +1 -1
- package/package.json +1 -2
- package/dist/admin/api/accept-invite.d.ts +0 -65
- package/dist/admin/api/accept-invite.d.ts.map +0 -1
- package/dist/admin/api/accept-invite.js +0 -115
- package/dist/admin/api/accept-invite.js.map +0 -1
- package/dist/admin/api/auth.d.ts +0 -32
- package/dist/admin/api/auth.d.ts.map +0 -1
- package/dist/admin/api/auth.js +0 -37
- package/dist/admin/api/auth.js.map +0 -1
- package/dist/admin/api/categories.d.ts +0 -68
- package/dist/admin/api/categories.d.ts.map +0 -1
- package/dist/admin/api/categories.js +0 -266
- package/dist/admin/api/categories.js.map +0 -1
- package/dist/admin/api/check.d.ts +0 -38
- package/dist/admin/api/check.d.ts.map +0 -1
- package/dist/admin/api/check.js +0 -49
- package/dist/admin/api/check.js.map +0 -1
- package/dist/admin/api/customers.d.ts +0 -77
- package/dist/admin/api/customers.d.ts.map +0 -1
- package/dist/admin/api/customers.js +0 -219
- package/dist/admin/api/customers.js.map +0 -1
- package/dist/admin/api/forgot-password.d.ts +0 -39
- package/dist/admin/api/forgot-password.d.ts.map +0 -1
- package/dist/admin/api/forgot-password.js +0 -66
- package/dist/admin/api/forgot-password.js.map +0 -1
- package/dist/admin/api/index.d.ts +0 -107
- package/dist/admin/api/index.d.ts.map +0 -1
- package/dist/admin/api/index.js +0 -127
- package/dist/admin/api/index.js.map +0 -1
- package/dist/admin/api/linked-customer.d.ts +0 -32
- package/dist/admin/api/linked-customer.d.ts.map +0 -1
- package/dist/admin/api/linked-customer.js +0 -45
- package/dist/admin/api/linked-customer.js.map +0 -1
- package/dist/admin/api/me.d.ts +0 -72
- package/dist/admin/api/me.d.ts.map +0 -1
- package/dist/admin/api/me.js +0 -177
- package/dist/admin/api/me.js.map +0 -1
- package/dist/admin/api/orders.d.ts +0 -91
- package/dist/admin/api/orders.d.ts.map +0 -1
- package/dist/admin/api/orders.js +0 -390
- package/dist/admin/api/orders.js.map +0 -1
- package/dist/admin/api/products-bulk.d.ts +0 -38
- package/dist/admin/api/products-bulk.d.ts.map +0 -1
- package/dist/admin/api/products-bulk.js +0 -135
- package/dist/admin/api/products-bulk.js.map +0 -1
- package/dist/admin/api/products-stats.d.ts +0 -34
- package/dist/admin/api/products-stats.d.ts.map +0 -1
- package/dist/admin/api/products-stats.js +0 -43
- package/dist/admin/api/products-stats.js.map +0 -1
- package/dist/admin/api/products.d.ts +0 -104
- package/dist/admin/api/products.d.ts.map +0 -1
- package/dist/admin/api/products.js +0 -491
- package/dist/admin/api/products.js.map +0 -1
- package/dist/admin/api/refund.d.ts +0 -29
- package/dist/admin/api/refund.d.ts.map +0 -1
- package/dist/admin/api/refund.js +0 -142
- package/dist/admin/api/refund.js.map +0 -1
- package/dist/admin/api/reset-password.d.ts +0 -49
- package/dist/admin/api/reset-password.d.ts.map +0 -1
- package/dist/admin/api/reset-password.js +0 -99
- package/dist/admin/api/reset-password.js.map +0 -1
- package/dist/admin/api/return.d.ts +0 -47
- package/dist/admin/api/return.d.ts.map +0 -1
- package/dist/admin/api/return.js +0 -186
- package/dist/admin/api/return.js.map +0 -1
- package/dist/admin/api/settings.d.ts +0 -49
- package/dist/admin/api/settings.d.ts.map +0 -1
- package/dist/admin/api/settings.js +0 -201
- package/dist/admin/api/settings.js.map +0 -1
- package/dist/admin/api/setup-guide.d.ts +0 -78
- package/dist/admin/api/setup-guide.d.ts.map +0 -1
- package/dist/admin/api/setup-guide.js +0 -235
- package/dist/admin/api/setup-guide.js.map +0 -1
- package/dist/admin/api/setup.d.ts +0 -60
- package/dist/admin/api/setup.d.ts.map +0 -1
- package/dist/admin/api/setup.js +0 -126
- package/dist/admin/api/setup.js.map +0 -1
- package/dist/admin/api/shipping.d.ts +0 -287
- package/dist/admin/api/shipping.d.ts.map +0 -1
- package/dist/admin/api/shipping.js +0 -746
- package/dist/admin/api/shipping.js.map +0 -1
- package/dist/admin/api/stats.d.ts +0 -43
- package/dist/admin/api/stats.d.ts.map +0 -1
- package/dist/admin/api/stats.js +0 -92
- package/dist/admin/api/stats.js.map +0 -1
- package/dist/admin/api/stripe-status.d.ts +0 -39
- package/dist/admin/api/stripe-status.d.ts.map +0 -1
- package/dist/admin/api/stripe-status.js +0 -99
- package/dist/admin/api/stripe-status.js.map +0 -1
- package/dist/admin/api/tax-zones.d.ts +0 -97
- package/dist/admin/api/tax-zones.d.ts.map +0 -1
- package/dist/admin/api/tax-zones.js +0 -265
- package/dist/admin/api/tax-zones.js.map +0 -1
- package/dist/admin/api/users.d.ts +0 -142
- package/dist/admin/api/users.d.ts.map +0 -1
- package/dist/admin/api/users.js +0 -356
- package/dist/admin/api/users.js.map +0 -1
- package/dist/admin/components/AdminAcceptInviteForm.d.ts +0 -3
- package/dist/admin/components/AdminAcceptInviteForm.d.ts.map +0 -1
- package/dist/admin/components/AdminAcceptInviteForm.js +0 -137
- package/dist/admin/components/AdminAcceptInviteForm.js.map +0 -1
- package/dist/admin/components/AdminAccountPage.d.ts +0 -10
- package/dist/admin/components/AdminAccountPage.d.ts.map +0 -1
- package/dist/admin/components/AdminAccountPage.js +0 -126
- package/dist/admin/components/AdminAccountPage.js.map +0 -1
- package/dist/admin/components/AdminBarBanner.d.ts +0 -2
- package/dist/admin/components/AdminBarBanner.d.ts.map +0 -1
- package/dist/admin/components/AdminBarBanner.js +0 -266
- package/dist/admin/components/AdminBarBanner.js.map +0 -1
- package/dist/admin/components/AdminForgotPasswordForm.d.ts +0 -8
- package/dist/admin/components/AdminForgotPasswordForm.d.ts.map +0 -1
- package/dist/admin/components/AdminForgotPasswordForm.js +0 -59
- package/dist/admin/components/AdminForgotPasswordForm.js.map +0 -1
- package/dist/admin/components/AdminGuard.d.ts +0 -40
- package/dist/admin/components/AdminGuard.d.ts.map +0 -1
- package/dist/admin/components/AdminGuard.js +0 -94
- package/dist/admin/components/AdminGuard.js.map +0 -1
- package/dist/admin/components/AdminLayout.d.ts +0 -40
- package/dist/admin/components/AdminLayout.d.ts.map +0 -1
- package/dist/admin/components/AdminLayout.js +0 -39
- package/dist/admin/components/AdminLayout.js.map +0 -1
- package/dist/admin/components/AdminLoginForm.d.ts +0 -18
- package/dist/admin/components/AdminLoginForm.d.ts.map +0 -1
- package/dist/admin/components/AdminLoginForm.js +0 -61
- package/dist/admin/components/AdminLoginForm.js.map +0 -1
- package/dist/admin/components/AdminNav.d.ts +0 -44
- package/dist/admin/components/AdminNav.d.ts.map +0 -1
- package/dist/admin/components/AdminNav.js +0 -175
- package/dist/admin/components/AdminNav.js.map +0 -1
- package/dist/admin/components/AdminResetPasswordForm.d.ts +0 -12
- package/dist/admin/components/AdminResetPasswordForm.d.ts.map +0 -1
- package/dist/admin/components/AdminResetPasswordForm.js +0 -134
- package/dist/admin/components/AdminResetPasswordForm.js.map +0 -1
- package/dist/admin/components/AdminSelect.d.ts +0 -47
- package/dist/admin/components/AdminSelect.d.ts.map +0 -1
- package/dist/admin/components/AdminSelect.js +0 -71
- package/dist/admin/components/AdminSelect.js.map +0 -1
- package/dist/admin/components/AdminSetupForm.d.ts +0 -28
- package/dist/admin/components/AdminSetupForm.d.ts.map +0 -1
- package/dist/admin/components/AdminSetupForm.js +0 -85
- package/dist/admin/components/AdminSetupForm.js.map +0 -1
- package/dist/admin/components/AdminToast.d.ts +0 -31
- package/dist/admin/components/AdminToast.d.ts.map +0 -1
- package/dist/admin/components/AdminToast.js +0 -83
- package/dist/admin/components/AdminToast.js.map +0 -1
- package/dist/admin/components/AdminUserMenu.d.ts +0 -14
- package/dist/admin/components/AdminUserMenu.d.ts.map +0 -1
- package/dist/admin/components/AdminUserMenu.js +0 -34
- package/dist/admin/components/AdminUserMenu.js.map +0 -1
- package/dist/admin/components/CategoryForm.d.ts +0 -30
- package/dist/admin/components/CategoryForm.d.ts.map +0 -1
- package/dist/admin/components/CategoryForm.js +0 -152
- package/dist/admin/components/CategoryForm.js.map +0 -1
- package/dist/admin/components/CategorySelect.d.ts +0 -32
- package/dist/admin/components/CategorySelect.d.ts.map +0 -1
- package/dist/admin/components/CategorySelect.js +0 -139
- package/dist/admin/components/CategorySelect.js.map +0 -1
- package/dist/admin/components/CustomerDetails.d.ts +0 -15
- package/dist/admin/components/CustomerDetails.d.ts.map +0 -1
- package/dist/admin/components/CustomerDetails.js +0 -177
- package/dist/admin/components/CustomerDetails.js.map +0 -1
- package/dist/admin/components/CustomerTable.d.ts +0 -13
- package/dist/admin/components/CustomerTable.d.ts.map +0 -1
- package/dist/admin/components/CustomerTable.js +0 -112
- package/dist/admin/components/CustomerTable.js.map +0 -1
- package/dist/admin/components/DeleteConfirmDialog.d.ts +0 -57
- package/dist/admin/components/DeleteConfirmDialog.d.ts.map +0 -1
- package/dist/admin/components/DeleteConfirmDialog.js +0 -46
- package/dist/admin/components/DeleteConfirmDialog.js.map +0 -1
- package/dist/admin/components/ExampleContentBanner.d.ts +0 -2
- package/dist/admin/components/ExampleContentBanner.d.ts.map +0 -1
- package/dist/admin/components/ExampleContentBanner.js +0 -153
- package/dist/admin/components/ExampleContentBanner.js.map +0 -1
- package/dist/admin/components/InventoryEditor.d.ts +0 -15
- package/dist/admin/components/InventoryEditor.d.ts.map +0 -1
- package/dist/admin/components/InventoryEditor.js +0 -86
- package/dist/admin/components/InventoryEditor.js.map +0 -1
- package/dist/admin/components/InviteUserDialog.d.ts +0 -3
- package/dist/admin/components/InviteUserDialog.d.ts.map +0 -1
- package/dist/admin/components/InviteUserDialog.js +0 -127
- package/dist/admin/components/InviteUserDialog.js.map +0 -1
- package/dist/admin/components/LogoUpload.d.ts +0 -22
- package/dist/admin/components/LogoUpload.d.ts.map +0 -1
- package/dist/admin/components/LogoUpload.js +0 -210
- package/dist/admin/components/LogoUpload.js.map +0 -1
- package/dist/admin/components/LowStockAlert.d.ts +0 -11
- package/dist/admin/components/LowStockAlert.d.ts.map +0 -1
- package/dist/admin/components/LowStockAlert.js +0 -33
- package/dist/admin/components/LowStockAlert.js.map +0 -1
- package/dist/admin/components/OrderDetails.d.ts +0 -14
- package/dist/admin/components/OrderDetails.d.ts.map +0 -1
- package/dist/admin/components/OrderDetails.js +0 -210
- package/dist/admin/components/OrderDetails.js.map +0 -1
- package/dist/admin/components/OrderStatusChart.d.ts +0 -21
- package/dist/admin/components/OrderStatusChart.d.ts.map +0 -1
- package/dist/admin/components/OrderStatusChart.js +0 -61
- package/dist/admin/components/OrderStatusChart.js.map +0 -1
- package/dist/admin/components/OrderTable.d.ts +0 -13
- package/dist/admin/components/OrderTable.d.ts.map +0 -1
- package/dist/admin/components/OrderTable.js +0 -117
- package/dist/admin/components/OrderTable.js.map +0 -1
- package/dist/admin/components/PaymentSettings.d.ts +0 -13
- package/dist/admin/components/PaymentSettings.d.ts.map +0 -1
- package/dist/admin/components/PaymentSettings.js +0 -120
- package/dist/admin/components/PaymentSettings.js.map +0 -1
- package/dist/admin/components/PeriodSelector.d.ts +0 -9
- package/dist/admin/components/PeriodSelector.d.ts.map +0 -1
- package/dist/admin/components/PeriodSelector.js +0 -19
- package/dist/admin/components/PeriodSelector.js.map +0 -1
- package/dist/admin/components/PermissionsMatrix.d.ts +0 -8
- package/dist/admin/components/PermissionsMatrix.d.ts.map +0 -1
- package/dist/admin/components/PermissionsMatrix.js +0 -70
- package/dist/admin/components/PermissionsMatrix.js.map +0 -1
- package/dist/admin/components/PrimaryMetricsRow.d.ts +0 -11
- package/dist/admin/components/PrimaryMetricsRow.d.ts.map +0 -1
- package/dist/admin/components/PrimaryMetricsRow.js +0 -73
- package/dist/admin/components/PrimaryMetricsRow.js.map +0 -1
- package/dist/admin/components/ProductForm.d.ts +0 -18
- package/dist/admin/components/ProductForm.d.ts.map +0 -1
- package/dist/admin/components/ProductForm.js +0 -261
- package/dist/admin/components/ProductForm.js.map +0 -1
- package/dist/admin/components/ProductTable.d.ts +0 -14
- package/dist/admin/components/ProductTable.d.ts.map +0 -1
- package/dist/admin/components/ProductTable.js +0 -384
- package/dist/admin/components/ProductTable.js.map +0 -1
- package/dist/admin/components/RecentOrders.d.ts +0 -11
- package/dist/admin/components/RecentOrders.d.ts.map +0 -1
- package/dist/admin/components/RecentOrders.js +0 -63
- package/dist/admin/components/RecentOrders.js.map +0 -1
- package/dist/admin/components/RefundDialog.d.ts +0 -17
- package/dist/admin/components/RefundDialog.d.ts.map +0 -1
- package/dist/admin/components/RefundDialog.js +0 -90
- package/dist/admin/components/RefundDialog.js.map +0 -1
- package/dist/admin/components/RevenueChart.d.ts +0 -23
- package/dist/admin/components/RevenueChart.d.ts.map +0 -1
- package/dist/admin/components/RevenueChart.js +0 -75
- package/dist/admin/components/RevenueChart.js.map +0 -1
- package/dist/admin/components/SEOPreview.d.ts +0 -33
- package/dist/admin/components/SEOPreview.d.ts.map +0 -1
- package/dist/admin/components/SEOPreview.js +0 -30
- package/dist/admin/components/SEOPreview.js.map +0 -1
- package/dist/admin/components/SecondaryMetricsRow.d.ts +0 -14
- package/dist/admin/components/SecondaryMetricsRow.d.ts.map +0 -1
- package/dist/admin/components/SecondaryMetricsRow.js +0 -45
- package/dist/admin/components/SecondaryMetricsRow.js.map +0 -1
- package/dist/admin/components/SetupGuide.d.ts +0 -4
- package/dist/admin/components/SetupGuide.d.ts.map +0 -1
- package/dist/admin/components/SetupGuide.js +0 -244
- package/dist/admin/components/SetupGuide.js.map +0 -1
- package/dist/admin/components/ShippingSettings.d.ts +0 -3
- package/dist/admin/components/ShippingSettings.d.ts.map +0 -1
- package/dist/admin/components/ShippingSettings.js +0 -553
- package/dist/admin/components/ShippingSettings.js.map +0 -1
- package/dist/admin/components/StatsCards.d.ts +0 -18
- package/dist/admin/components/StatsCards.d.ts.map +0 -1
- package/dist/admin/components/StatsCards.js +0 -71
- package/dist/admin/components/StatsCards.js.map +0 -1
- package/dist/admin/components/StoreSettings.d.ts +0 -19
- package/dist/admin/components/StoreSettings.d.ts.map +0 -1
- package/dist/admin/components/StoreSettings.js +0 -149
- package/dist/admin/components/StoreSettings.js.map +0 -1
- package/dist/admin/components/TagInput.d.ts +0 -29
- package/dist/admin/components/TagInput.d.ts.map +0 -1
- package/dist/admin/components/TagInput.js +0 -69
- package/dist/admin/components/TagInput.js.map +0 -1
- package/dist/admin/components/TaxSettings.d.ts +0 -12
- package/dist/admin/components/TaxSettings.d.ts.map +0 -1
- package/dist/admin/components/TaxSettings.js +0 -272
- package/dist/admin/components/TaxSettings.js.map +0 -1
- package/dist/admin/components/UsersTable.d.ts +0 -3
- package/dist/admin/components/UsersTable.d.ts.map +0 -1
- package/dist/admin/components/UsersTable.js +0 -393
- package/dist/admin/components/UsersTable.js.map +0 -1
- package/dist/admin/components/VariantManager.d.ts +0 -44
- package/dist/admin/components/VariantManager.d.ts.map +0 -1
- package/dist/admin/components/VariantManager.js +0 -325
- package/dist/admin/components/VariantManager.js.map +0 -1
- package/dist/admin/components/index.d.ts +0 -71
- package/dist/admin/components/index.d.ts.map +0 -1
- package/dist/admin/components/index.js +0 -87
- package/dist/admin/components/index.js.map +0 -1
- package/dist/admin/config.d.ts +0 -71
- package/dist/admin/config.d.ts.map +0 -1
- package/dist/admin/config.js +0 -253
- package/dist/admin/config.js.map +0 -1
- package/dist/admin/hooks/fetchAdminApi.d.ts +0 -65
- package/dist/admin/hooks/fetchAdminApi.d.ts.map +0 -1
- package/dist/admin/hooks/fetchAdminApi.js +0 -96
- package/dist/admin/hooks/fetchAdminApi.js.map +0 -1
- package/dist/admin/hooks/index.d.ts +0 -24
- package/dist/admin/hooks/index.d.ts.map +0 -1
- package/dist/admin/hooks/index.js +0 -19
- package/dist/admin/hooks/index.js.map +0 -1
- package/dist/admin/hooks/useAdminAuth.d.ts +0 -25
- package/dist/admin/hooks/useAdminAuth.d.ts.map +0 -1
- package/dist/admin/hooks/useAdminAuth.js +0 -183
- package/dist/admin/hooks/useAdminAuth.js.map +0 -1
- package/dist/admin/hooks/useAdminCategories.d.ts +0 -9
- package/dist/admin/hooks/useAdminCategories.d.ts.map +0 -1
- package/dist/admin/hooks/useAdminCategories.js +0 -112
- package/dist/admin/hooks/useAdminCategories.js.map +0 -1
- package/dist/admin/hooks/useAdminCustomers.d.ts +0 -3
- package/dist/admin/hooks/useAdminCustomers.d.ts.map +0 -1
- package/dist/admin/hooks/useAdminCustomers.js +0 -110
- package/dist/admin/hooks/useAdminCustomers.js.map +0 -1
- package/dist/admin/hooks/useAdminMe.d.ts +0 -31
- package/dist/admin/hooks/useAdminMe.d.ts.map +0 -1
- package/dist/admin/hooks/useAdminMe.js +0 -78
- package/dist/admin/hooks/useAdminMe.js.map +0 -1
- package/dist/admin/hooks/useAdminOrders.d.ts +0 -3
- package/dist/admin/hooks/useAdminOrders.d.ts.map +0 -1
- package/dist/admin/hooks/useAdminOrders.js +0 -118
- package/dist/admin/hooks/useAdminOrders.js.map +0 -1
- package/dist/admin/hooks/useAdminPermissions.d.ts +0 -3
- package/dist/admin/hooks/useAdminPermissions.d.ts.map +0 -1
- package/dist/admin/hooks/useAdminPermissions.js +0 -51
- package/dist/admin/hooks/useAdminPermissions.js.map +0 -1
- package/dist/admin/hooks/useAdminProductMetrics.d.ts +0 -3
- package/dist/admin/hooks/useAdminProductMetrics.d.ts.map +0 -1
- package/dist/admin/hooks/useAdminProductMetrics.js +0 -32
- package/dist/admin/hooks/useAdminProductMetrics.js.map +0 -1
- package/dist/admin/hooks/useAdminProducts.d.ts +0 -3
- package/dist/admin/hooks/useAdminProducts.d.ts.map +0 -1
- package/dist/admin/hooks/useAdminProducts.js +0 -132
- package/dist/admin/hooks/useAdminProducts.js.map +0 -1
- package/dist/admin/hooks/useAdminSession.d.ts +0 -23
- package/dist/admin/hooks/useAdminSession.d.ts.map +0 -1
- package/dist/admin/hooks/useAdminSession.js +0 -117
- package/dist/admin/hooks/useAdminSession.js.map +0 -1
- package/dist/admin/hooks/useAdminStats.d.ts +0 -47
- package/dist/admin/hooks/useAdminStats.d.ts.map +0 -1
- package/dist/admin/hooks/useAdminStats.js +0 -128
- package/dist/admin/hooks/useAdminStats.js.map +0 -1
- package/dist/admin/hooks/useAdminUsers.d.ts +0 -3
- package/dist/admin/hooks/useAdminUsers.d.ts.map +0 -1
- package/dist/admin/hooks/useAdminUsers.js +0 -177
- package/dist/admin/hooks/useAdminUsers.js.map +0 -1
- package/dist/admin/hooks/useLinkedCustomerStatus.d.ts +0 -3
- package/dist/admin/hooks/useLinkedCustomerStatus.d.ts.map +0 -1
- package/dist/admin/hooks/useLinkedCustomerStatus.js +0 -48
- package/dist/admin/hooks/useLinkedCustomerStatus.js.map +0 -1
- package/dist/admin/hooks/useSetupGuide.d.ts +0 -45
- package/dist/admin/hooks/useSetupGuide.d.ts.map +0 -1
- package/dist/admin/hooks/useSetupGuide.js +0 -60
- package/dist/admin/hooks/useSetupGuide.js.map +0 -1
- package/dist/admin/index.d.ts +0 -66
- package/dist/admin/index.d.ts.map +0 -1
- package/dist/admin/index.js +0 -144
- package/dist/admin/index.js.map +0 -1
- package/dist/admin/permissions.d.ts +0 -92
- package/dist/admin/permissions.d.ts.map +0 -1
- package/dist/admin/permissions.js +0 -201
- package/dist/admin/permissions.js.map +0 -1
- package/dist/admin/server/admin-invite.d.ts +0 -122
- package/dist/admin/server/admin-invite.d.ts.map +0 -1
- package/dist/admin/server/admin-invite.js +0 -235
- package/dist/admin/server/admin-invite.js.map +0 -1
- package/dist/admin/server/admin-password-reset.d.ts +0 -87
- package/dist/admin/server/admin-password-reset.d.ts.map +0 -1
- package/dist/admin/server/admin-password-reset.js +0 -220
- package/dist/admin/server/admin-password-reset.js.map +0 -1
- package/dist/admin/server/admin-self-service.d.ts +0 -86
- package/dist/admin/server/admin-self-service.d.ts.map +0 -1
- package/dist/admin/server/admin-self-service.js +0 -188
- package/dist/admin/server/admin-self-service.js.map +0 -1
- package/dist/admin/server/admin-service.d.ts +0 -130
- package/dist/admin/server/admin-service.d.ts.map +0 -1
- package/dist/admin/server/admin-service.js +0 -278
- package/dist/admin/server/admin-service.js.map +0 -1
- package/dist/admin/server/admin-session.d.ts +0 -173
- package/dist/admin/server/admin-session.d.ts.map +0 -1
- package/dist/admin/server/admin-session.js +0 -272
- package/dist/admin/server/admin-session.js.map +0 -1
- package/dist/admin/server/index.d.ts +0 -17
- package/dist/admin/server/index.d.ts.map +0 -1
- package/dist/admin/server/index.js +0 -39
- package/dist/admin/server/index.js.map +0 -1
- package/dist/admin/server/user-management.d.ts +0 -223
- package/dist/admin/server/user-management.d.ts.map +0 -1
- package/dist/admin/server/user-management.js +0 -846
- package/dist/admin/server/user-management.js.map +0 -1
- package/dist/admin/types.d.ts +0 -1172
- package/dist/admin/types.d.ts.map +0 -1
- package/dist/admin/types.js +0 -10
- package/dist/admin/types.js.map +0 -1
- package/dist/auth/api/auth.d.ts +0 -54
- package/dist/auth/api/auth.d.ts.map +0 -1
- package/dist/auth/api/auth.js +0 -59
- package/dist/auth/api/auth.js.map +0 -1
- package/dist/auth/api/forgot-password.d.ts +0 -41
- package/dist/auth/api/forgot-password.d.ts.map +0 -1
- package/dist/auth/api/forgot-password.js +0 -65
- package/dist/auth/api/forgot-password.js.map +0 -1
- package/dist/auth/api/index.d.ts +0 -36
- package/dist/auth/api/index.d.ts.map +0 -1
- package/dist/auth/api/index.js +0 -44
- package/dist/auth/api/index.js.map +0 -1
- package/dist/auth/api/register.d.ts +0 -41
- package/dist/auth/api/register.d.ts.map +0 -1
- package/dist/auth/api/register.js +0 -94
- package/dist/auth/api/register.js.map +0 -1
- package/dist/auth/api/request-refund.d.ts +0 -38
- package/dist/auth/api/request-refund.d.ts.map +0 -1
- package/dist/auth/api/request-refund.js +0 -142
- package/dist/auth/api/request-refund.js.map +0 -1
- package/dist/auth/api/request-return.d.ts +0 -39
- package/dist/auth/api/request-return.d.ts.map +0 -1
- package/dist/auth/api/request-return.js +0 -109
- package/dist/auth/api/request-return.js.map +0 -1
- package/dist/auth/api/resend-verification.d.ts +0 -41
- package/dist/auth/api/resend-verification.d.ts.map +0 -1
- package/dist/auth/api/resend-verification.js +0 -68
- package/dist/auth/api/resend-verification.js.map +0 -1
- package/dist/auth/api/reset-password.d.ts +0 -67
- package/dist/auth/api/reset-password.d.ts.map +0 -1
- package/dist/auth/api/reset-password.js +0 -106
- package/dist/auth/api/reset-password.js.map +0 -1
- package/dist/auth/api/verify-email.d.ts +0 -47
- package/dist/auth/api/verify-email.d.ts.map +0 -1
- package/dist/auth/api/verify-email.js +0 -90
- package/dist/auth/api/verify-email.js.map +0 -1
- package/dist/auth/components/AuthGuard.d.ts +0 -52
- package/dist/auth/components/AuthGuard.d.ts.map +0 -1
- package/dist/auth/components/AuthGuard.js +0 -109
- package/dist/auth/components/AuthGuard.js.map +0 -1
- package/dist/auth/components/ForgotPasswordForm.d.ts +0 -15
- package/dist/auth/components/ForgotPasswordForm.d.ts.map +0 -1
- package/dist/auth/components/ForgotPasswordForm.js +0 -43
- package/dist/auth/components/ForgotPasswordForm.js.map +0 -1
- package/dist/auth/components/Label.d.ts +0 -19
- package/dist/auth/components/Label.d.ts.map +0 -1
- package/dist/auth/components/Label.js +0 -18
- package/dist/auth/components/Label.js.map +0 -1
- package/dist/auth/components/ResetPasswordForm.d.ts +0 -18
- package/dist/auth/components/ResetPasswordForm.d.ts.map +0 -1
- package/dist/auth/components/ResetPasswordForm.js +0 -87
- package/dist/auth/components/ResetPasswordForm.js.map +0 -1
- package/dist/auth/components/SignInForm.d.ts +0 -21
- package/dist/auth/components/SignInForm.d.ts.map +0 -1
- package/dist/auth/components/SignInForm.js +0 -61
- package/dist/auth/components/SignInForm.js.map +0 -1
- package/dist/auth/components/SignUpForm.d.ts +0 -18
- package/dist/auth/components/SignUpForm.d.ts.map +0 -1
- package/dist/auth/components/SignUpForm.js +0 -78
- package/dist/auth/components/SignUpForm.js.map +0 -1
- package/dist/auth/components/UserMenu.d.ts +0 -18
- package/dist/auth/components/UserMenu.d.ts.map +0 -1
- package/dist/auth/components/UserMenu.js +0 -73
- package/dist/auth/components/UserMenu.js.map +0 -1
- package/dist/auth/components/VerifyEmailNotice.d.ts +0 -20
- package/dist/auth/components/VerifyEmailNotice.d.ts.map +0 -1
- package/dist/auth/components/VerifyEmailNotice.js +0 -57
- package/dist/auth/components/VerifyEmailNotice.js.map +0 -1
- package/dist/auth/components/index.d.ts +0 -15
- package/dist/auth/components/index.d.ts.map +0 -1
- package/dist/auth/components/index.js +0 -14
- package/dist/auth/components/index.js.map +0 -1
- package/dist/auth/config.d.ts +0 -59
- package/dist/auth/config.d.ts.map +0 -1
- package/dist/auth/config.js +0 -255
- package/dist/auth/config.js.map +0 -1
- package/dist/auth/hooks/index.d.ts +0 -7
- package/dist/auth/hooks/index.d.ts.map +0 -1
- package/dist/auth/hooks/index.js +0 -7
- package/dist/auth/hooks/index.js.map +0 -1
- package/dist/auth/hooks/useAuth.d.ts +0 -30
- package/dist/auth/hooks/useAuth.d.ts.map +0 -1
- package/dist/auth/hooks/useAuth.js +0 -261
- package/dist/auth/hooks/useAuth.js.map +0 -1
- package/dist/auth/index.d.ts +0 -55
- package/dist/auth/index.d.ts.map +0 -1
- package/dist/auth/index.js +0 -67
- package/dist/auth/index.js.map +0 -1
- package/dist/auth/server/customer-service.d.ts +0 -140
- package/dist/auth/server/customer-service.d.ts.map +0 -1
- package/dist/auth/server/customer-service.js +0 -266
- package/dist/auth/server/customer-service.js.map +0 -1
- package/dist/auth/server/customer-session.d.ts +0 -81
- package/dist/auth/server/customer-session.d.ts.map +0 -1
- package/dist/auth/server/customer-session.js +0 -115
- package/dist/auth/server/customer-session.js.map +0 -1
- package/dist/auth/server/email-sender.d.ts +0 -64
- package/dist/auth/server/email-sender.d.ts.map +0 -1
- package/dist/auth/server/email-sender.js +0 -106
- package/dist/auth/server/email-sender.js.map +0 -1
- package/dist/auth/server/index.d.ts +0 -15
- package/dist/auth/server/index.d.ts.map +0 -1
- package/dist/auth/server/index.js +0 -19
- package/dist/auth/server/index.js.map +0 -1
- package/dist/auth/server/password-reset-service.d.ts +0 -87
- package/dist/auth/server/password-reset-service.d.ts.map +0 -1
- package/dist/auth/server/password-reset-service.js +0 -198
- package/dist/auth/server/password-reset-service.js.map +0 -1
- package/dist/auth/server/password.d.ts +0 -58
- package/dist/auth/server/password.d.ts.map +0 -1
- package/dist/auth/server/password.js +0 -85
- package/dist/auth/server/password.js.map +0 -1
- package/dist/auth/server/verification-service.d.ts +0 -88
- package/dist/auth/server/verification-service.d.ts.map +0 -1
- package/dist/auth/server/verification-service.js +0 -224
- package/dist/auth/server/verification-service.js.map +0 -1
- package/dist/auth/types.d.ts +0 -311
- package/dist/auth/types.d.ts.map +0 -1
- package/dist/auth/types.js +0 -7
- package/dist/auth/types.js.map +0 -1
- package/dist/cart/CartProvider.d.ts +0 -65
- package/dist/cart/CartProvider.d.ts.map +0 -1
- package/dist/cart/CartProvider.js +0 -100
- package/dist/cart/CartProvider.js.map +0 -1
- package/dist/cart/components/AddToCartButton.d.ts +0 -77
- package/dist/cart/components/AddToCartButton.d.ts.map +0 -1
- package/dist/cart/components/AddToCartButton.js +0 -122
- package/dist/cart/components/AddToCartButton.js.map +0 -1
- package/dist/cart/components/CartDrawer.d.ts +0 -71
- package/dist/cart/components/CartDrawer.d.ts.map +0 -1
- package/dist/cart/components/CartDrawer.js +0 -117
- package/dist/cart/components/CartDrawer.js.map +0 -1
- package/dist/cart/components/CartIcon.d.ts +0 -36
- package/dist/cart/components/CartIcon.d.ts.map +0 -1
- package/dist/cart/components/CartIcon.js +0 -68
- package/dist/cart/components/CartIcon.js.map +0 -1
- package/dist/cart/components/CartItem.d.ts +0 -52
- package/dist/cart/components/CartItem.d.ts.map +0 -1
- package/dist/cart/components/CartItem.js +0 -55
- package/dist/cart/components/CartItem.js.map +0 -1
- package/dist/cart/components/CartSummary.d.ts +0 -43
- package/dist/cart/components/CartSummary.d.ts.map +0 -1
- package/dist/cart/components/CartSummary.js +0 -60
- package/dist/cart/components/CartSummary.js.map +0 -1
- package/dist/cart/components/QuantitySelector.d.ts +0 -39
- package/dist/cart/components/QuantitySelector.d.ts.map +0 -1
- package/dist/cart/components/QuantitySelector.js +0 -85
- package/dist/cart/components/QuantitySelector.js.map +0 -1
- package/dist/cart/components/index.d.ts +0 -18
- package/dist/cart/components/index.d.ts.map +0 -1
- package/dist/cart/components/index.js +0 -12
- package/dist/cart/components/index.js.map +0 -1
- package/dist/cart/index.d.ts +0 -109
- package/dist/cart/index.d.ts.map +0 -1
- package/dist/cart/index.js +0 -115
- package/dist/cart/index.js.map +0 -1
- package/dist/cart/store.d.ts +0 -150
- package/dist/cart/store.d.ts.map +0 -1
- package/dist/cart/store.js +0 -315
- package/dist/cart/store.js.map +0 -1
- package/dist/checkout/api/checkout.js +0 -112
- package/dist/checkout/api/checkout.js.map +0 -1
- package/dist/checkout/api/countries.d.ts +0 -17
- package/dist/checkout/api/countries.d.ts.map +0 -1
- package/dist/checkout/api/countries.js +0 -38
- package/dist/checkout/api/countries.js.map +0 -1
- package/dist/checkout/api/index.js +0 -11
- package/dist/checkout/api/index.js.map +0 -1
- package/dist/checkout/api/payment-status.d.ts +0 -45
- package/dist/checkout/api/payment-status.d.ts.map +0 -1
- package/dist/checkout/api/payment-status.js +0 -104
- package/dist/checkout/api/payment-status.js.map +0 -1
- package/dist/checkout/api/shipping.d.ts +0 -34
- package/dist/checkout/api/shipping.d.ts.map +0 -1
- package/dist/checkout/api/shipping.js +0 -247
- package/dist/checkout/api/shipping.js.map +0 -1
- package/dist/checkout/api/webhook.js +0 -55
- package/dist/checkout/api/webhook.js.map +0 -1
- package/dist/checkout/components/CheckoutButton.d.ts +0 -55
- package/dist/checkout/components/CheckoutButton.d.ts.map +0 -1
- package/dist/checkout/components/CheckoutButton.js +0 -132
- package/dist/checkout/components/CheckoutButton.js.map +0 -1
- package/dist/checkout/components/CheckoutFlow.d.ts +0 -53
- package/dist/checkout/components/CheckoutFlow.d.ts.map +0 -1
- package/dist/checkout/components/CheckoutFlow.js +0 -286
- package/dist/checkout/components/CheckoutFlow.js.map +0 -1
- package/dist/checkout/components/CheckoutSuccess.d.ts +0 -29
- package/dist/checkout/components/CheckoutSuccess.d.ts.map +0 -1
- package/dist/checkout/components/CheckoutSuccess.js +0 -49
- package/dist/checkout/components/CheckoutSuccess.js.map +0 -1
- package/dist/checkout/components/OrderSummary.d.ts +0 -37
- package/dist/checkout/components/OrderSummary.d.ts.map +0 -1
- package/dist/checkout/components/OrderSummary.js +0 -71
- package/dist/checkout/components/OrderSummary.js.map +0 -1
- package/dist/checkout/components/ShippingForm.d.ts +0 -30
- package/dist/checkout/components/ShippingForm.d.ts.map +0 -1
- package/dist/checkout/components/ShippingForm.js +0 -184
- package/dist/checkout/components/ShippingForm.js.map +0 -1
- package/dist/checkout/components/ShippingOptions.d.ts +0 -51
- package/dist/checkout/components/ShippingOptions.d.ts.map +0 -1
- package/dist/checkout/components/ShippingOptions.js +0 -93
- package/dist/checkout/components/ShippingOptions.js.map +0 -1
- package/dist/checkout/components/index.d.ts +0 -12
- package/dist/checkout/components/index.d.ts.map +0 -1
- package/dist/checkout/components/index.js +0 -12
- package/dist/checkout/components/index.js.map +0 -1
- package/dist/checkout/constants.d.ts +0 -244
- package/dist/checkout/constants.d.ts.map +0 -1
- package/dist/checkout/constants.js +0 -119
- package/dist/checkout/constants.js.map +0 -1
- package/dist/checkout/hooks/index.d.ts +0 -9
- package/dist/checkout/hooks/index.d.ts.map +0 -1
- package/dist/checkout/hooks/index.js +0 -8
- package/dist/checkout/hooks/index.js.map +0 -1
- package/dist/checkout/hooks/useCheckout.d.ts +0 -61
- package/dist/checkout/hooks/useCheckout.d.ts.map +0 -1
- package/dist/checkout/hooks/useCheckout.js +0 -172
- package/dist/checkout/hooks/useCheckout.js.map +0 -1
- package/dist/checkout/hooks/usePaymentStatus.d.ts +0 -42
- package/dist/checkout/hooks/usePaymentStatus.d.ts.map +0 -1
- package/dist/checkout/hooks/usePaymentStatus.js +0 -71
- package/dist/checkout/hooks/usePaymentStatus.js.map +0 -1
- package/dist/checkout/index.js +0 -135
- package/dist/checkout/index.js.map +0 -1
- package/dist/checkout/server/coupons.d.ts +0 -91
- package/dist/checkout/server/coupons.d.ts.map +0 -1
- package/dist/checkout/server/coupons.js +0 -192
- package/dist/checkout/server/coupons.js.map +0 -1
- package/dist/checkout/server/index.js +0 -10
- package/dist/checkout/server/index.js.map +0 -1
- package/dist/checkout/stripe/client.d.ts +0 -74
- package/dist/checkout/stripe/client.d.ts.map +0 -1
- package/dist/checkout/stripe/client.js +0 -175
- package/dist/checkout/stripe/client.js.map +0 -1
- package/dist/checkout/stripe/index.d.ts +0 -7
- package/dist/checkout/stripe/index.d.ts.map +0 -1
- package/dist/checkout/stripe/index.js +0 -7
- package/dist/checkout/stripe/index.js.map +0 -1
- package/dist/checkout/types.d.ts +0 -489
- package/dist/checkout/types.d.ts.map +0 -1
- package/dist/checkout/types.js +0 -8
- package/dist/checkout/types.js.map +0 -1
- package/dist/core/StoreSettingsProvider.d.ts +0 -107
- package/dist/core/StoreSettingsProvider.d.ts.map +0 -1
- package/dist/core/StoreSettingsProvider.js +0 -200
- package/dist/core/StoreSettingsProvider.js.map +0 -1
- package/dist/core/api/index.d.ts +0 -7
- package/dist/core/api/index.d.ts.map +0 -1
- package/dist/core/api/index.js +0 -7
- package/dist/core/api/index.js.map +0 -1
- package/dist/core/api/settings.d.ts +0 -42
- package/dist/core/api/settings.d.ts.map +0 -1
- package/dist/core/api/settings.js +0 -74
- package/dist/core/api/settings.js.map +0 -1
- package/dist/core/config.d.ts +0 -296
- package/dist/core/config.d.ts.map +0 -1
- package/dist/core/config.js +0 -117
- package/dist/core/config.js.map +0 -1
- package/dist/core/cookie-consent/CookieBanner.d.ts +0 -2
- package/dist/core/cookie-consent/CookieBanner.d.ts.map +0 -1
- package/dist/core/cookie-consent/CookieBanner.js +0 -243
- package/dist/core/cookie-consent/CookieBanner.js.map +0 -1
- package/dist/core/cookie-consent/CookieConsentProvider.d.ts +0 -53
- package/dist/core/cookie-consent/CookieConsentProvider.d.ts.map +0 -1
- package/dist/core/cookie-consent/CookieConsentProvider.js +0 -162
- package/dist/core/cookie-consent/CookieConsentProvider.js.map +0 -1
- package/dist/core/cookie-consent/CookiePreferencesLink.d.ts +0 -15
- package/dist/core/cookie-consent/CookiePreferencesLink.d.ts.map +0 -1
- package/dist/core/cookie-consent/CookiePreferencesLink.js +0 -12
- package/dist/core/cookie-consent/CookiePreferencesLink.js.map +0 -1
- package/dist/core/cookie-consent/index.d.ts +0 -17
- package/dist/core/cookie-consent/index.d.ts.map +0 -1
- package/dist/core/cookie-consent/index.js +0 -16
- package/dist/core/cookie-consent/index.js.map +0 -1
- package/dist/core/cookie-consent/types.d.ts +0 -31
- package/dist/core/cookie-consent/types.d.ts.map +0 -1
- package/dist/core/cookie-consent/types.js +0 -10
- package/dist/core/cookie-consent/types.js.map +0 -1
- package/dist/core/cookie-consent/useCookieConsent.d.ts +0 -14
- package/dist/core/cookie-consent/useCookieConsent.d.ts.map +0 -1
- package/dist/core/cookie-consent/useCookieConsent.js +0 -25
- package/dist/core/cookie-consent/useCookieConsent.js.map +0 -1
- package/dist/core/db/client.d.ts +0 -39
- package/dist/core/db/client.d.ts.map +0 -1
- package/dist/core/db/client.js +0 -86
- package/dist/core/db/client.js.map +0 -1
- package/dist/core/db/index.d.ts +0 -11
- package/dist/core/db/index.d.ts.map +0 -1
- package/dist/core/db/index.js +0 -36
- package/dist/core/db/index.js.map +0 -1
- package/dist/core/db/queries.d.ts +0 -1427
- package/dist/core/db/queries.d.ts.map +0 -1
- package/dist/core/db/queries.js +0 -1932
- package/dist/core/db/queries.js.map +0 -1
- package/dist/core/db/schema.d.ts +0 -3462
- package/dist/core/db/schema.d.ts.map +0 -1
- package/dist/core/db/schema.js +0 -494
- package/dist/core/db/schema.js.map +0 -1
- package/dist/core/index.d.ts +0 -22
- package/dist/core/index.d.ts.map +0 -1
- package/dist/core/index.js +0 -43
- package/dist/core/index.js.map +0 -1
- package/dist/core/server/index.d.ts +0 -18
- package/dist/core/server/index.d.ts.map +0 -1
- package/dist/core/server/index.js +0 -47
- package/dist/core/server/index.js.map +0 -1
- package/dist/core/types.d.ts +0 -283
- package/dist/core/types.d.ts.map +0 -1
- package/dist/core/types.js +0 -8
- package/dist/core/types.js.map +0 -1
- package/dist/core/utils.d.ts +0 -167
- package/dist/core/utils.d.ts.map +0 -1
- package/dist/core/utils.js +0 -351
- package/dist/core/utils.js.map +0 -1
- package/dist/emails/config.d.ts +0 -69
- package/dist/emails/config.d.ts.map +0 -1
- package/dist/emails/config.js +0 -147
- package/dist/emails/config.js.map +0 -1
- package/dist/emails/index.d.ts +0 -85
- package/dist/emails/index.d.ts.map +0 -1
- package/dist/emails/index.js +0 -110
- package/dist/emails/index.js.map +0 -1
- package/dist/emails/send/admin-auth.d.ts +0 -94
- package/dist/emails/send/admin-auth.d.ts.map +0 -1
- package/dist/emails/send/admin-auth.js +0 -118
- package/dist/emails/send/admin-auth.js.map +0 -1
- package/dist/emails/send/auth.d.ts +0 -91
- package/dist/emails/send/auth.d.ts.map +0 -1
- package/dist/emails/send/auth.js +0 -130
- package/dist/emails/send/auth.js.map +0 -1
- package/dist/emails/send/index.d.ts +0 -12
- package/dist/emails/send/index.d.ts.map +0 -1
- package/dist/emails/send/index.js +0 -18
- package/dist/emails/send/index.js.map +0 -1
- package/dist/emails/send/orders.d.ts +0 -186
- package/dist/emails/send/orders.d.ts.map +0 -1
- package/dist/emails/send/orders.js +0 -258
- package/dist/emails/send/orders.js.map +0 -1
- package/dist/emails/sender.d.ts +0 -72
- package/dist/emails/sender.d.ts.map +0 -1
- package/dist/emails/sender.js +0 -116
- package/dist/emails/sender.js.map +0 -1
- package/dist/emails/templates/admin-invite.d.ts +0 -40
- package/dist/emails/templates/admin-invite.d.ts.map +0 -1
- package/dist/emails/templates/admin-invite.js +0 -62
- package/dist/emails/templates/admin-invite.js.map +0 -1
- package/dist/emails/templates/base.d.ts +0 -109
- package/dist/emails/templates/base.d.ts.map +0 -1
- package/dist/emails/templates/base.js +0 -334
- package/dist/emails/templates/base.js.map +0 -1
- package/dist/emails/templates/email-verification.d.ts +0 -28
- package/dist/emails/templates/email-verification.d.ts.map +0 -1
- package/dist/emails/templates/email-verification.js +0 -52
- package/dist/emails/templates/email-verification.js.map +0 -1
- package/dist/emails/templates/index.d.ts +0 -16
- package/dist/emails/templates/index.d.ts.map +0 -1
- package/dist/emails/templates/index.js +0 -28
- package/dist/emails/templates/index.js.map +0 -1
- package/dist/emails/templates/order-cancelled.d.ts +0 -30
- package/dist/emails/templates/order-cancelled.d.ts.map +0 -1
- package/dist/emails/templates/order-cancelled.js +0 -83
- package/dist/emails/templates/order-cancelled.js.map +0 -1
- package/dist/emails/templates/order-confirmation.d.ts +0 -36
- package/dist/emails/templates/order-confirmation.d.ts.map +0 -1
- package/dist/emails/templates/order-confirmation.js +0 -174
- package/dist/emails/templates/order-confirmation.js.map +0 -1
- package/dist/emails/templates/order-delivered.d.ts +0 -31
- package/dist/emails/templates/order-delivered.d.ts.map +0 -1
- package/dist/emails/templates/order-delivered.js +0 -100
- package/dist/emails/templates/order-delivered.js.map +0 -1
- package/dist/emails/templates/order-shipped.d.ts +0 -32
- package/dist/emails/templates/order-shipped.d.ts.map +0 -1
- package/dist/emails/templates/order-shipped.js +0 -83
- package/dist/emails/templates/order-shipped.js.map +0 -1
- package/dist/emails/templates/password-reset.d.ts +0 -27
- package/dist/emails/templates/password-reset.d.ts.map +0 -1
- package/dist/emails/templates/password-reset.js +0 -51
- package/dist/emails/templates/password-reset.js.map +0 -1
- package/dist/emails/templates/refund-processed.d.ts +0 -32
- package/dist/emails/templates/refund-processed.d.ts.map +0 -1
- package/dist/emails/templates/refund-processed.js +0 -92
- package/dist/emails/templates/refund-processed.js.map +0 -1
- package/dist/emails/templates/welcome.d.ts +0 -27
- package/dist/emails/templates/welcome.d.ts.map +0 -1
- package/dist/emails/templates/welcome.js +0 -52
- package/dist/emails/templates/welcome.js.map +0 -1
- package/dist/emails/types.d.ts +0 -229
- package/dist/emails/types.d.ts.map +0 -1
- package/dist/emails/types.js +0 -7
- package/dist/emails/types.js.map +0 -1
- package/dist/emails/utils.d.ts +0 -94
- package/dist/emails/utils.d.ts.map +0 -1
- package/dist/emails/utils.js +0 -218
- package/dist/emails/utils.js.map +0 -1
- package/dist/index.js +0 -73
- package/dist/index.js.map +0 -1
- package/dist/media/api/delete.d.ts +0 -43
- package/dist/media/api/delete.d.ts.map +0 -1
- package/dist/media/api/delete.js +0 -124
- package/dist/media/api/delete.js.map +0 -1
- package/dist/media/api/index.d.ts +0 -17
- package/dist/media/api/index.d.ts.map +0 -1
- package/dist/media/api/index.js +0 -17
- package/dist/media/api/index.js.map +0 -1
- package/dist/media/api/presign.d.ts +0 -38
- package/dist/media/api/presign.d.ts.map +0 -1
- package/dist/media/api/presign.js +0 -130
- package/dist/media/api/presign.js.map +0 -1
- package/dist/media/components/DropZone.d.ts +0 -18
- package/dist/media/components/DropZone.d.ts.map +0 -1
- package/dist/media/components/DropZone.js +0 -107
- package/dist/media/components/DropZone.js.map +0 -1
- package/dist/media/components/ImageGalleryUpload.d.ts +0 -21
- package/dist/media/components/ImageGalleryUpload.d.ts.map +0 -1
- package/dist/media/components/ImageGalleryUpload.js +0 -195
- package/dist/media/components/ImageGalleryUpload.js.map +0 -1
- package/dist/media/components/ImageUpload.d.ts +0 -17
- package/dist/media/components/ImageUpload.d.ts.map +0 -1
- package/dist/media/components/ImageUpload.js +0 -89
- package/dist/media/components/ImageUpload.js.map +0 -1
- package/dist/media/components/index.d.ts +0 -10
- package/dist/media/components/index.d.ts.map +0 -1
- package/dist/media/components/index.js +0 -9
- package/dist/media/components/index.js.map +0 -1
- package/dist/media/config.d.ts +0 -83
- package/dist/media/config.d.ts.map +0 -1
- package/dist/media/config.js +0 -189
- package/dist/media/config.js.map +0 -1
- package/dist/media/hooks/index.d.ts +0 -8
- package/dist/media/hooks/index.d.ts.map +0 -1
- package/dist/media/hooks/index.js +0 -7
- package/dist/media/hooks/index.js.map +0 -1
- package/dist/media/hooks/useUpload.d.ts +0 -32
- package/dist/media/hooks/useUpload.d.ts.map +0 -1
- package/dist/media/hooks/useUpload.js +0 -260
- package/dist/media/hooks/useUpload.js.map +0 -1
- package/dist/media/index.d.ts +0 -57
- package/dist/media/index.d.ts.map +0 -1
- package/dist/media/index.js +0 -68
- package/dist/media/index.js.map +0 -1
- package/dist/media/server/delete.d.ts +0 -59
- package/dist/media/server/delete.d.ts.map +0 -1
- package/dist/media/server/delete.js +0 -176
- package/dist/media/server/delete.js.map +0 -1
- package/dist/media/server/index.d.ts +0 -10
- package/dist/media/server/index.d.ts.map +0 -1
- package/dist/media/server/index.js +0 -13
- package/dist/media/server/index.js.map +0 -1
- package/dist/media/server/presign.d.ts +0 -57
- package/dist/media/server/presign.d.ts.map +0 -1
- package/dist/media/server/presign.js +0 -112
- package/dist/media/server/presign.js.map +0 -1
- package/dist/media/server/r2-client.d.ts +0 -30
- package/dist/media/server/r2-client.d.ts.map +0 -1
- package/dist/media/server/r2-client.js +0 -76
- package/dist/media/server/r2-client.js.map +0 -1
- package/dist/media/types.d.ts +0 -317
- package/dist/media/types.d.ts.map +0 -1
- package/dist/media/types.js +0 -95
- package/dist/media/types.js.map +0 -1
- package/dist/products/api/categories.d.ts +0 -29
- package/dist/products/api/categories.d.ts.map +0 -1
- package/dist/products/api/categories.js +0 -46
- package/dist/products/api/categories.js.map +0 -1
- package/dist/products/api/index.d.ts +0 -24
- package/dist/products/api/index.d.ts.map +0 -1
- package/dist/products/api/index.js +0 -24
- package/dist/products/api/index.js.map +0 -1
- package/dist/products/api/product.d.ts +0 -36
- package/dist/products/api/product.d.ts.map +0 -1
- package/dist/products/api/product.js +0 -67
- package/dist/products/api/product.js.map +0 -1
- package/dist/products/api/products.d.ts +0 -41
- package/dist/products/api/products.d.ts.map +0 -1
- package/dist/products/api/products.js +0 -99
- package/dist/products/api/products.js.map +0 -1
- package/dist/products/components/CategoryNav.d.ts +0 -51
- package/dist/products/components/CategoryNav.d.ts.map +0 -1
- package/dist/products/components/CategoryNav.js +0 -110
- package/dist/products/components/CategoryNav.js.map +0 -1
- package/dist/products/components/ProductBreadcrumb.d.ts +0 -52
- package/dist/products/components/ProductBreadcrumb.d.ts.map +0 -1
- package/dist/products/components/ProductBreadcrumb.js +0 -73
- package/dist/products/components/ProductBreadcrumb.js.map +0 -1
- package/dist/products/components/ProductCard.d.ts +0 -54
- package/dist/products/components/ProductCard.d.ts.map +0 -1
- package/dist/products/components/ProductCard.js +0 -72
- package/dist/products/components/ProductCard.js.map +0 -1
- package/dist/products/components/ProductDetails.d.ts +0 -63
- package/dist/products/components/ProductDetails.d.ts.map +0 -1
- package/dist/products/components/ProductDetails.js +0 -137
- package/dist/products/components/ProductDetails.js.map +0 -1
- package/dist/products/components/ProductFilters.d.ts +0 -70
- package/dist/products/components/ProductFilters.d.ts.map +0 -1
- package/dist/products/components/ProductFilters.js +0 -125
- package/dist/products/components/ProductFilters.js.map +0 -1
- package/dist/products/components/ProductGallery.d.ts +0 -42
- package/dist/products/components/ProductGallery.d.ts.map +0 -1
- package/dist/products/components/ProductGallery.js +0 -103
- package/dist/products/components/ProductGallery.js.map +0 -1
- package/dist/products/components/ProductGrid.d.ts +0 -50
- package/dist/products/components/ProductGrid.d.ts.map +0 -1
- package/dist/products/components/ProductGrid.js +0 -81
- package/dist/products/components/ProductGrid.js.map +0 -1
- package/dist/products/components/ProductSearch.d.ts +0 -43
- package/dist/products/components/ProductSearch.d.ts.map +0 -1
- package/dist/products/components/ProductSearch.js +0 -97
- package/dist/products/components/ProductSearch.js.map +0 -1
- package/dist/products/components/ProductSort.d.ts +0 -43
- package/dist/products/components/ProductSort.d.ts.map +0 -1
- package/dist/products/components/ProductSort.js +0 -59
- package/dist/products/components/ProductSort.js.map +0 -1
- package/dist/products/components/VariantSelector.d.ts +0 -43
- package/dist/products/components/VariantSelector.d.ts.map +0 -1
- package/dist/products/components/VariantSelector.js +0 -147
- package/dist/products/components/VariantSelector.js.map +0 -1
- package/dist/products/components/index.d.ts +0 -26
- package/dist/products/components/index.d.ts.map +0 -1
- package/dist/products/components/index.js +0 -19
- package/dist/products/components/index.js.map +0 -1
- package/dist/products/hooks/index.d.ts +0 -14
- package/dist/products/hooks/index.d.ts.map +0 -1
- package/dist/products/hooks/index.js +0 -10
- package/dist/products/hooks/index.js.map +0 -1
- package/dist/products/hooks/useCategories.d.ts +0 -56
- package/dist/products/hooks/useCategories.d.ts.map +0 -1
- package/dist/products/hooks/useCategories.js +0 -126
- package/dist/products/hooks/useCategories.js.map +0 -1
- package/dist/products/hooks/useProduct.d.ts +0 -44
- package/dist/products/hooks/useProduct.d.ts.map +0 -1
- package/dist/products/hooks/useProduct.js +0 -87
- package/dist/products/hooks/useProduct.js.map +0 -1
- package/dist/products/hooks/useProductAttributes.d.ts +0 -59
- package/dist/products/hooks/useProductAttributes.d.ts.map +0 -1
- package/dist/products/hooks/useProductAttributes.js +0 -146
- package/dist/products/hooks/useProductAttributes.js.map +0 -1
- package/dist/products/hooks/useProducts.d.ts +0 -67
- package/dist/products/hooks/useProducts.d.ts.map +0 -1
- package/dist/products/hooks/useProducts.js +0 -131
- package/dist/products/hooks/useProducts.js.map +0 -1
- package/dist/products/index.d.ts +0 -94
- package/dist/products/index.d.ts.map +0 -1
- package/dist/products/index.js +0 -106
- package/dist/products/index.js.map +0 -1
- package/dist/shipping/index.d.ts +0 -8
- package/dist/shipping/index.d.ts.map +0 -1
- package/dist/shipping/index.js +0 -8
- package/dist/shipping/index.js.map +0 -1
- package/dist/shipping/shippo.d.ts +0 -85
- package/dist/shipping/shippo.d.ts.map +0 -1
- package/dist/shipping/shippo.js +0 -298
- package/dist/shipping/shippo.js.map +0 -1
- package/dist/theme/ThemeProvider.d.ts +0 -70
- package/dist/theme/ThemeProvider.d.ts.map +0 -1
- package/dist/theme/ThemeProvider.js +0 -75
- package/dist/theme/ThemeProvider.js.map +0 -1
- package/dist/theme/colors.d.ts +0 -148
- package/dist/theme/colors.d.ts.map +0 -1
- package/dist/theme/colors.js +0 -214
- package/dist/theme/colors.js.map +0 -1
- package/dist/theme/defaults.d.ts +0 -212
- package/dist/theme/defaults.d.ts.map +0 -1
- package/dist/theme/defaults.js +0 -275
- package/dist/theme/defaults.js.map +0 -1
- package/dist/theme/fonts.d.ts +0 -59
- package/dist/theme/fonts.d.ts.map +0 -1
- package/dist/theme/fonts.js +0 -196
- package/dist/theme/fonts.js.map +0 -1
- package/dist/theme/generator.d.ts +0 -50
- package/dist/theme/generator.d.ts.map +0 -1
- package/dist/theme/generator.js +0 -316
- package/dist/theme/generator.js.map +0 -1
- package/dist/theme/hooks.d.ts +0 -110
- package/dist/theme/hooks.d.ts.map +0 -1
- package/dist/theme/hooks.js +0 -101
- package/dist/theme/hooks.js.map +0 -1
- package/dist/theme/index.d.ts +0 -37
- package/dist/theme/index.d.ts.map +0 -1
- package/dist/theme/index.js +0 -49
- package/dist/theme/index.js.map +0 -1
|
@@ -1,235 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* @rovela/sdk/admin/server/admin-invite
|
|
3
|
-
*
|
|
4
|
-
* Admin invite token lifecycle: validation, acceptance, and housekeeping.
|
|
5
|
-
*
|
|
6
|
-
* Paired with `user-management.ts::inviteAdmin` which creates the token +
|
|
7
|
-
* sends the email. This file handles the INVITEE's side of the flow: they
|
|
8
|
-
* click the email link, land on `/admin/accept-invite?token=X`, and this
|
|
9
|
-
* module validates + consumes the token.
|
|
10
|
-
*
|
|
11
|
-
* # Failure modes (all graceful — no exceptions leak out)
|
|
12
|
-
*
|
|
13
|
-
* - Token unknown → `{valid: false}` / `INVALID_TOKEN`
|
|
14
|
-
* - Token expired → delete row, return `{valid: false}` with "expired"
|
|
15
|
-
* - Admin deleted → cascaded delete already removed the token;
|
|
16
|
-
* caller will see `{valid: false}`
|
|
17
|
-
* - Admin already accepted → `{valid: false}` with "already accepted"
|
|
18
|
-
* (protects against double-clicks)
|
|
19
|
-
* - Admin was deactivated → same as "already accepted" from UX point of view
|
|
20
|
-
* - Concurrent acceptance → atomic UPDATE returns 0 rows → `INVALID_STATE`
|
|
21
|
-
*
|
|
22
|
-
* # Design notes
|
|
23
|
-
*
|
|
24
|
-
* The structure mirrors `admin-password-reset.ts` from Phase 1 exactly:
|
|
25
|
-
* 1. `validate*` is non-destructive (opportunistically cleans up expired
|
|
26
|
-
* tokens but doesn't touch the admin row).
|
|
27
|
-
* 2. `accept*` is destructive — it updates the password, flips status,
|
|
28
|
-
* and deletes ALL tokens for the admin (both invite + reset tokens,
|
|
29
|
-
* so a stale reset link can't resurrect access).
|
|
30
|
-
* 3. `delete*ForAdmin` helper used by `cancelInvite` / `resendInvite` to
|
|
31
|
-
* wipe stale tokens before issuing a new one.
|
|
32
|
-
* 4. `cleanupExpired` is an optional cron hook.
|
|
33
|
-
*/
|
|
34
|
-
import { eq, lt } from 'drizzle-orm';
|
|
35
|
-
import { nanoid } from 'nanoid';
|
|
36
|
-
import { getDb } from '../../core/db/client';
|
|
37
|
-
import * as schema from '../../core/db/schema';
|
|
38
|
-
import { findAdminById, updateAdminPassword } from './admin-service';
|
|
39
|
-
import { deleteAdminPasswordResetTokens } from './admin-password-reset';
|
|
40
|
-
import { validatePassword } from '../../auth/server/password';
|
|
41
|
-
// =============================================================================
|
|
42
|
-
// Constants
|
|
43
|
-
// =============================================================================
|
|
44
|
-
/**
|
|
45
|
-
* Invite token lifetime: 72 hours. Matches industry standard
|
|
46
|
-
* (Google Workspace, GitHub, Shopify).
|
|
47
|
-
*/
|
|
48
|
-
export const INVITE_EXPIRY_MS = 72 * 60 * 60 * 1000;
|
|
49
|
-
/** Token length — nanoid(32) = ~192 bits of entropy, URL-safe. */
|
|
50
|
-
export const INVITE_TOKEN_LENGTH = 32;
|
|
51
|
-
/** Display string for the expiry duration. */
|
|
52
|
-
export const INVITE_EXPIRY_HOURS = '72';
|
|
53
|
-
// =============================================================================
|
|
54
|
-
// Token creation (used by inviteAdmin + resendAdminInvite in user-management.ts)
|
|
55
|
-
// =============================================================================
|
|
56
|
-
/**
|
|
57
|
-
* Create a new invite token for an existing `invited` admin row.
|
|
58
|
-
*
|
|
59
|
-
* The caller is responsible for:
|
|
60
|
-
* - Validating the admin exists and is in `invited` status
|
|
61
|
-
* - Deleting any existing invite tokens for this admin (via
|
|
62
|
-
* `deleteAdminInviteTokens`) before calling this to keep "one active
|
|
63
|
-
* token" semantics
|
|
64
|
-
*
|
|
65
|
-
* @returns The plain-text token that should be embedded in the email link.
|
|
66
|
-
*/
|
|
67
|
-
export async function createInviteToken(params) {
|
|
68
|
-
const db = getDb();
|
|
69
|
-
const token = nanoid(INVITE_TOKEN_LENGTH);
|
|
70
|
-
const expires = new Date(Date.now() + INVITE_EXPIRY_MS);
|
|
71
|
-
await db.insert(schema.adminInviteTokens).values({
|
|
72
|
-
adminId: params.adminId,
|
|
73
|
-
token,
|
|
74
|
-
expires,
|
|
75
|
-
invitedBy: params.invitedBy,
|
|
76
|
-
});
|
|
77
|
-
return { token, expires };
|
|
78
|
-
}
|
|
79
|
-
// =============================================================================
|
|
80
|
-
// Validate (non-destructive)
|
|
81
|
-
// =============================================================================
|
|
82
|
-
/**
|
|
83
|
-
* Validate an invite token without consuming it.
|
|
84
|
-
*
|
|
85
|
-
* Used by the accept-invite page on mount to decide between rendering the
|
|
86
|
-
* password form or an "invalid/expired" error view.
|
|
87
|
-
*
|
|
88
|
-
* Side effect: expired tokens are opportunistically deleted as part of the
|
|
89
|
-
* check. All other failure modes leave the DB untouched.
|
|
90
|
-
*/
|
|
91
|
-
export async function validateInviteToken(token) {
|
|
92
|
-
if (!token) {
|
|
93
|
-
return {
|
|
94
|
-
valid: false,
|
|
95
|
-
error: 'Invite link is missing a token. Please request a new invite.',
|
|
96
|
-
};
|
|
97
|
-
}
|
|
98
|
-
const db = getDb();
|
|
99
|
-
const [record] = await db
|
|
100
|
-
.select()
|
|
101
|
-
.from(schema.adminInviteTokens)
|
|
102
|
-
.where(eq(schema.adminInviteTokens.token, token))
|
|
103
|
-
.limit(1);
|
|
104
|
-
if (!record) {
|
|
105
|
-
return {
|
|
106
|
-
valid: false,
|
|
107
|
-
error: 'Invalid or expired invite link. Please request a new one.',
|
|
108
|
-
};
|
|
109
|
-
}
|
|
110
|
-
if (new Date() > record.expires) {
|
|
111
|
-
// Opportunistic cleanup
|
|
112
|
-
await db
|
|
113
|
-
.delete(schema.adminInviteTokens)
|
|
114
|
-
.where(eq(schema.adminInviteTokens.id, record.id));
|
|
115
|
-
return {
|
|
116
|
-
valid: false,
|
|
117
|
-
error: 'Invite link has expired. Please request a new one.',
|
|
118
|
-
};
|
|
119
|
-
}
|
|
120
|
-
const admin = await findAdminById(record.adminId);
|
|
121
|
-
if (!admin) {
|
|
122
|
-
// Cascaded delete should have prevented this — defensive
|
|
123
|
-
return {
|
|
124
|
-
valid: false,
|
|
125
|
-
error: 'Invalid or expired invite link. Please request a new one.',
|
|
126
|
-
};
|
|
127
|
-
}
|
|
128
|
-
if (admin.status !== 'invited') {
|
|
129
|
-
return {
|
|
130
|
-
valid: false,
|
|
131
|
-
error: admin.status === 'active'
|
|
132
|
-
? 'This invite has already been accepted. Please sign in with your password.'
|
|
133
|
-
: 'This invite is no longer valid.',
|
|
134
|
-
};
|
|
135
|
-
}
|
|
136
|
-
return {
|
|
137
|
-
valid: true,
|
|
138
|
-
admin: {
|
|
139
|
-
id: admin.id,
|
|
140
|
-
email: admin.email,
|
|
141
|
-
name: admin.name,
|
|
142
|
-
role: admin.role,
|
|
143
|
-
},
|
|
144
|
-
};
|
|
145
|
-
}
|
|
146
|
-
// =============================================================================
|
|
147
|
-
// Accept (destructive — consumes token, activates admin)
|
|
148
|
-
// =============================================================================
|
|
149
|
-
/**
|
|
150
|
-
* Consume an invite token and activate the invited admin.
|
|
151
|
-
*
|
|
152
|
-
* Atomically:
|
|
153
|
-
* 1. Validates the token + admin row.
|
|
154
|
-
* 2. Hashes + stores the new password via the existing
|
|
155
|
-
* `updateAdminPassword` helper.
|
|
156
|
-
* 3. Flips status from 'invited' → 'active' via an atomic guarded UPDATE
|
|
157
|
-
* (if two clicks race, the second one fails with INVALID_STATE).
|
|
158
|
-
* 4. Deletes all invite tokens for this admin (single-use batch).
|
|
159
|
-
* 5. Defensively deletes any stale password reset tokens too — a
|
|
160
|
-
* previously abandoned reset flow shouldn't grant access after the
|
|
161
|
-
* user has taken ownership of the account via accept-invite.
|
|
162
|
-
*/
|
|
163
|
-
export async function acceptAdminInvite(token, newPassword) {
|
|
164
|
-
// 1. Re-validate (fresh read — the validate* function is idempotent)
|
|
165
|
-
const validation = await validateInviteToken(token);
|
|
166
|
-
if (!validation.valid || !validation.admin) {
|
|
167
|
-
return {
|
|
168
|
-
success: false,
|
|
169
|
-
error: validation.error || 'Invalid or expired invite link.',
|
|
170
|
-
};
|
|
171
|
-
}
|
|
172
|
-
const adminId = validation.admin.id;
|
|
173
|
-
// 2. Password strength check
|
|
174
|
-
const passwordCheck = validatePassword(newPassword);
|
|
175
|
-
if (!passwordCheck.valid) {
|
|
176
|
-
return { success: false, error: passwordCheck.error };
|
|
177
|
-
}
|
|
178
|
-
const db = getDb();
|
|
179
|
-
// 3. Hash + store password (updateAdminPassword handles hashing internally)
|
|
180
|
-
await updateAdminPassword(adminId, newPassword);
|
|
181
|
-
// 4. Flip status — guarded so a concurrent accept gets rejected cleanly
|
|
182
|
-
const statusUpdate = await db
|
|
183
|
-
.update(schema.storeAdmins)
|
|
184
|
-
.set({ status: 'active' })
|
|
185
|
-
.where(eq(schema.storeAdmins.id, adminId))
|
|
186
|
-
.returning({ id: schema.storeAdmins.id, status: schema.storeAdmins.status });
|
|
187
|
-
if (statusUpdate.length === 0) {
|
|
188
|
-
// Target was deleted between validate and update — race condition
|
|
189
|
-
return {
|
|
190
|
-
success: false,
|
|
191
|
-
error: 'Admin state changed while accepting invite. Please try again.',
|
|
192
|
-
};
|
|
193
|
-
}
|
|
194
|
-
// 5. Wipe all invite tokens for this admin (single-use batch)
|
|
195
|
-
await deleteAdminInviteTokens(adminId);
|
|
196
|
-
// 6. Defensive: wipe any stale password reset tokens too
|
|
197
|
-
await deleteAdminPasswordResetTokens(adminId);
|
|
198
|
-
return { success: true };
|
|
199
|
-
}
|
|
200
|
-
// =============================================================================
|
|
201
|
-
// Housekeeping
|
|
202
|
-
// =============================================================================
|
|
203
|
-
/**
|
|
204
|
-
* Delete all invite tokens for a specific admin.
|
|
205
|
-
*
|
|
206
|
-
* Called from:
|
|
207
|
-
* - `user-management.ts::inviteAdmin` — not called; the admin is newly
|
|
208
|
-
* created so there are no tokens to delete
|
|
209
|
-
* - `user-management.ts::resendAdminInvite` — clear stale tokens before
|
|
210
|
-
* creating a new one
|
|
211
|
-
* - `acceptAdminInvite` above — invalidate the used batch
|
|
212
|
-
* - `user-management.ts::cancelAdminInvite` — cascade handles this
|
|
213
|
-
* automatically via FK, but we call explicitly for clarity
|
|
214
|
-
*/
|
|
215
|
-
export async function deleteAdminInviteTokens(adminId) {
|
|
216
|
-
const db = getDb();
|
|
217
|
-
await db
|
|
218
|
-
.delete(schema.adminInviteTokens)
|
|
219
|
-
.where(eq(schema.adminInviteTokens.adminId, adminId));
|
|
220
|
-
}
|
|
221
|
-
/**
|
|
222
|
-
* Delete all expired invite tokens. Optional hook for a periodic cleanup
|
|
223
|
-
* job. Safe to call anytime — no-op if nothing is expired.
|
|
224
|
-
*
|
|
225
|
-
* @returns Number of tokens deleted
|
|
226
|
-
*/
|
|
227
|
-
export async function cleanupExpiredInviteTokens() {
|
|
228
|
-
const db = getDb();
|
|
229
|
-
const result = await db
|
|
230
|
-
.delete(schema.adminInviteTokens)
|
|
231
|
-
.where(lt(schema.adminInviteTokens.expires, new Date()))
|
|
232
|
-
.returning({ id: schema.adminInviteTokens.id });
|
|
233
|
-
return result.length;
|
|
234
|
-
}
|
|
235
|
-
//# sourceMappingURL=admin-invite.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"admin-invite.js","sourceRoot":"","sources":["../../../src/admin/server/admin-invite.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AAEH,OAAO,EAAE,EAAE,EAAE,EAAE,EAAE,MAAM,aAAa,CAAA;AACpC,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AAC/B,OAAO,EAAE,KAAK,EAAE,MAAM,sBAAsB,CAAA;AAC5C,OAAO,KAAK,MAAM,MAAM,sBAAsB,CAAA;AAC9C,OAAO,EAAE,aAAa,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAA;AACpE,OAAO,EAAE,8BAA8B,EAAE,MAAM,wBAAwB,CAAA;AACvE,OAAO,EAAE,gBAAgB,EAAE,MAAM,4BAA4B,CAAA;AAG7D,gFAAgF;AAChF,YAAY;AACZ,gFAAgF;AAEhF;;;GAGG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAA;AAEnD,kEAAkE;AAClE,MAAM,CAAC,MAAM,mBAAmB,GAAG,EAAE,CAAA;AAErC,8CAA8C;AAC9C,MAAM,CAAC,MAAM,mBAAmB,GAAG,IAAI,CAAA;AAwBvC,gFAAgF;AAChF,iFAAiF;AACjF,gFAAgF;AAEhF;;;;;;;;;;GAUG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,MAGvC;IACC,MAAM,EAAE,GAAG,KAAK,EAAE,CAAA;IAClB,MAAM,KAAK,GAAG,MAAM,CAAC,mBAAmB,CAAC,CAAA;IACzC,MAAM,OAAO,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,gBAAgB,CAAC,CAAA;IAEvD,MAAM,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC,MAAM,CAAC;QAC/C,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,KAAK;QACL,OAAO;QACP,SAAS,EAAE,MAAM,CAAC,SAAS;KAC5B,CAAC,CAAA;IAEF,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,CAAA;AAC3B,CAAC;AAED,gFAAgF;AAChF,6BAA6B;AAC7B,gFAAgF;AAEhF;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,KAAa;IAEb,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,8DAA8D;SACtE,CAAA;IACH,CAAC;IAED,MAAM,EAAE,GAAG,KAAK,EAAE,CAAA;IAElB,MAAM,CAAC,MAAM,CAAC,GAAG,MAAM,EAAE;SACtB,MAAM,EAAE;SACR,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC;SAC9B,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,iBAAiB,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;SAChD,KAAK,CAAC,CAAC,CAAC,CAAA;IAEX,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,2DAA2D;SACnE,CAAA;IACH,CAAC;IAED,IAAI,IAAI,IAAI,EAAE,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC;QAChC,wBAAwB;QACxB,MAAM,EAAE;aACL,MAAM,CAAC,MAAM,CAAC,iBAAiB,CAAC;aAChC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,iBAAiB,CAAC,EAAE,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC,CAAA;QAEpD,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,oDAAoD;SAC5D,CAAA;IACH,CAAC;IAED,MAAM,KAAK,GAAG,MAAM,aAAa,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;IACjD,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,yDAAyD;QACzD,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,2DAA2D;SACnE,CAAA;IACH,CAAC;IAED,IAAI,KAAK,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;QAC/B,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EACH,KAAK,CAAC,MAAM,KAAK,QAAQ;gBACvB,CAAC,CAAC,2EAA2E;gBAC7E,CAAC,CAAC,iCAAiC;SACxC,CAAA;IACH,CAAC;IAED,OAAO;QACL,KAAK,EAAE,IAAI;QACX,KAAK,EAAE;YACL,EAAE,EAAE,KAAK,CAAC,EAAE;YACZ,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,IAAI,EAAE,KAAK,CAAC,IAAiB;SAC9B;KACF,CAAA;AACH,CAAC;AAED,gFAAgF;AAChF,yDAAyD;AACzD,gFAAgF;AAEhF;;;;;;;;;;;;;GAaG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,KAAa,EACb,WAAmB;IAEnB,qEAAqE;IACrE,MAAM,UAAU,GAAG,MAAM,mBAAmB,CAAC,KAAK,CAAC,CAAA;IACnD,IAAI,CAAC,UAAU,CAAC,KAAK,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;QAC3C,OAAO;YACL,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,UAAU,CAAC,KAAK,IAAI,iCAAiC;SAC7D,CAAA;IACH,CAAC;IACD,MAAM,OAAO,GAAG,UAAU,CAAC,KAAK,CAAC,EAAE,CAAA;IAEnC,6BAA6B;IAC7B,MAAM,aAAa,GAAG,gBAAgB,CAAC,WAAW,CAAC,CAAA;IACnD,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,CAAC;QACzB,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,CAAC,KAAK,EAAE,CAAA;IACvD,CAAC;IAED,MAAM,EAAE,GAAG,KAAK,EAAE,CAAA;IAElB,4EAA4E;IAC5E,MAAM,mBAAmB,CAAC,OAAO,EAAE,WAAW,CAAC,CAAA;IAE/C,wEAAwE;IACxE,MAAM,YAAY,GAAG,MAAM,EAAE;SAC1B,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC;SAC1B,GAAG,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC;SACzB,KAAK,CACJ,EAAE,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,EAAE,OAAO,CAAC,CACnC;SACA,SAAS,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,WAAW,CAAC,EAAE,EAAE,MAAM,EAAE,MAAM,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC,CAAA;IAE9E,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC9B,kEAAkE;QAClE,OAAO;YACL,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,+DAA+D;SACvE,CAAA;IACH,CAAC;IAED,8DAA8D;IAC9D,MAAM,uBAAuB,CAAC,OAAO,CAAC,CAAA;IAEtC,yDAAyD;IACzD,MAAM,8BAA8B,CAAC,OAAO,CAAC,CAAA;IAE7C,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAA;AAC1B,CAAC;AAED,gFAAgF;AAChF,eAAe;AACf,gFAAgF;AAEhF;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAAC,OAAe;IAC3D,MAAM,EAAE,GAAG,KAAK,EAAE,CAAA;IAClB,MAAM,EAAE;SACL,MAAM,CAAC,MAAM,CAAC,iBAAiB,CAAC;SAChC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,iBAAiB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAA;AACzD,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,0BAA0B;IAC9C,MAAM,EAAE,GAAG,KAAK,EAAE,CAAA;IAClB,MAAM,MAAM,GAAG,MAAM,EAAE;SACpB,MAAM,CAAC,MAAM,CAAC,iBAAiB,CAAC;SAChC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,iBAAiB,CAAC,OAAO,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;SACvD,SAAS,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,iBAAiB,CAAC,EAAE,EAAE,CAAC,CAAA;IACjD,OAAO,MAAM,CAAC,MAAM,CAAA;AACtB,CAAC"}
|
|
@@ -1,87 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* @rovela/sdk/admin/server/admin-password-reset
|
|
3
|
-
*
|
|
4
|
-
* Admin password reset token management.
|
|
5
|
-
*
|
|
6
|
-
* Mirrors `auth/server/password-reset-service.ts` (the customer version),
|
|
7
|
-
* with one critical addition: admins whose status is not 'active' are
|
|
8
|
-
* silently skipped. This blocks deactivated and invited admins from
|
|
9
|
-
* recovering access via the reset flow — deactivated admins must stay
|
|
10
|
-
* deactivated, invited admins must go through the invite-accept flow
|
|
11
|
-
* (Phase 3). The caller always receives `{success: true}` regardless
|
|
12
|
-
* to preserve enumeration safety.
|
|
13
|
-
*
|
|
14
|
-
* Each store has its own database (via Neon branches), so there's no
|
|
15
|
-
* tenant filtering. The `admin_password_reset_tokens` table was created
|
|
16
|
-
* for every active store during the Phase 0 migration.
|
|
17
|
-
*/
|
|
18
|
-
/**
|
|
19
|
-
* Request a password reset for an admin.
|
|
20
|
-
*
|
|
21
|
-
* Creates a token and sends the reset email. Always returns `{success: true}`
|
|
22
|
-
* regardless of whether the email belongs to a real admin — this prevents
|
|
23
|
-
* email enumeration attacks and keeps the HTTP response shape identical for
|
|
24
|
-
* all outcomes.
|
|
25
|
-
*
|
|
26
|
-
* Silently skipped cases (all return success without side effects):
|
|
27
|
-
* - Email doesn't belong to any admin
|
|
28
|
-
* - Admin exists but status !== 'active' (deactivated or invited)
|
|
29
|
-
* - Email sending fails (error is logged, not exposed)
|
|
30
|
-
*
|
|
31
|
-
* @param email - The admin's email address
|
|
32
|
-
* @returns Always `{success: true}` — see above
|
|
33
|
-
*
|
|
34
|
-
* @example
|
|
35
|
-
* ```typescript
|
|
36
|
-
* await requestAdminPasswordReset('owner@store.com')
|
|
37
|
-
* // Always show: "If an account exists with this email, we've sent a reset link."
|
|
38
|
-
* ```
|
|
39
|
-
*/
|
|
40
|
-
export declare function requestAdminPasswordReset(email: string): Promise<{
|
|
41
|
-
success: boolean;
|
|
42
|
-
}>;
|
|
43
|
-
/**
|
|
44
|
-
* Validate a reset token without consuming it.
|
|
45
|
-
*
|
|
46
|
-
* Used by the reset page to decide whether to show the "enter new password"
|
|
47
|
-
* form or an "invalid/expired link" error. Expired tokens are cleaned up
|
|
48
|
-
* opportunistically as a side effect.
|
|
49
|
-
*
|
|
50
|
-
* @param token - The token from the reset link
|
|
51
|
-
*/
|
|
52
|
-
export declare function validateAdminResetToken(token: string): Promise<{
|
|
53
|
-
valid: boolean;
|
|
54
|
-
error?: string;
|
|
55
|
-
}>;
|
|
56
|
-
/**
|
|
57
|
-
* Reset an admin's password using a valid token.
|
|
58
|
-
*
|
|
59
|
-
* Validates the token, updates the password via `updateAdminPassword`
|
|
60
|
-
* (which handles hashing), then deletes ALL reset tokens for that admin
|
|
61
|
-
* so a stale link can't be reused after a successful reset.
|
|
62
|
-
*
|
|
63
|
-
* @param token - The token from the reset link
|
|
64
|
-
* @param newPassword - The new plain-text password (will be hashed)
|
|
65
|
-
*/
|
|
66
|
-
export declare function resetAdminPassword(token: string, newPassword: string): Promise<{
|
|
67
|
-
success: boolean;
|
|
68
|
-
error?: string;
|
|
69
|
-
}>;
|
|
70
|
-
/**
|
|
71
|
-
* Delete all password reset tokens for a specific admin.
|
|
72
|
-
*
|
|
73
|
-
* Called at two points:
|
|
74
|
-
* 1. Before issuing a new token (clear stale ones)
|
|
75
|
-
* 2. After a successful reset (invalidate the used batch)
|
|
76
|
-
*/
|
|
77
|
-
export declare function deleteAdminPasswordResetTokens(adminId: string): Promise<void>;
|
|
78
|
-
/**
|
|
79
|
-
* Delete expired reset tokens across all admins.
|
|
80
|
-
*
|
|
81
|
-
* Optional hook for a periodic cleanup job (e.g. cron). Safe to call
|
|
82
|
-
* anytime — no-op if nothing is expired.
|
|
83
|
-
*
|
|
84
|
-
* @returns Number of tokens deleted
|
|
85
|
-
*/
|
|
86
|
-
export declare function cleanupExpiredAdminResetTokens(): Promise<number>;
|
|
87
|
-
//# sourceMappingURL=admin-password-reset.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"admin-password-reset.d.ts","sourceRoot":"","sources":["../../../src/admin/server/admin-password-reset.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAkCH;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,wBAAsB,yBAAyB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC;IACtE,OAAO,EAAE,OAAO,CAAA;CACjB,CAAC,CAoDD;AAMD;;;;;;;;GAQG;AACH,wBAAsB,uBAAuB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC;IACpE,KAAK,EAAE,OAAO,CAAA;IACd,KAAK,CAAC,EAAE,MAAM,CAAA;CACf,CAAC,CA6BD;AAMD;;;;;;;;;GASG;AACH,wBAAsB,kBAAkB,CACtC,KAAK,EAAE,MAAM,EACb,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,CAkC/C;AAMD;;;;;;GAMG;AACH,wBAAsB,8BAA8B,CAClD,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,IAAI,CAAC,CAMf;AAED;;;;;;;GAOG;AACH,wBAAsB,8BAA8B,IAAI,OAAO,CAAC,MAAM,CAAC,CAStE"}
|
|
@@ -1,220 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* @rovela/sdk/admin/server/admin-password-reset
|
|
3
|
-
*
|
|
4
|
-
* Admin password reset token management.
|
|
5
|
-
*
|
|
6
|
-
* Mirrors `auth/server/password-reset-service.ts` (the customer version),
|
|
7
|
-
* with one critical addition: admins whose status is not 'active' are
|
|
8
|
-
* silently skipped. This blocks deactivated and invited admins from
|
|
9
|
-
* recovering access via the reset flow — deactivated admins must stay
|
|
10
|
-
* deactivated, invited admins must go through the invite-accept flow
|
|
11
|
-
* (Phase 3). The caller always receives `{success: true}` regardless
|
|
12
|
-
* to preserve enumeration safety.
|
|
13
|
-
*
|
|
14
|
-
* Each store has its own database (via Neon branches), so there's no
|
|
15
|
-
* tenant filtering. The `admin_password_reset_tokens` table was created
|
|
16
|
-
* for every active store during the Phase 0 migration.
|
|
17
|
-
*/
|
|
18
|
-
import { eq, lt } from 'drizzle-orm';
|
|
19
|
-
import { nanoid } from 'nanoid';
|
|
20
|
-
import { getDb } from '../../core/db/client';
|
|
21
|
-
import * as schema from '../../core/db/schema';
|
|
22
|
-
import { findAdminByEmail, updateAdminPassword } from './admin-service';
|
|
23
|
-
import { sendAdminPasswordResetEmail } from '../../emails/send/admin-auth';
|
|
24
|
-
import { getStoreUrl } from '../../emails/config';
|
|
25
|
-
// =============================================================================
|
|
26
|
-
// Constants
|
|
27
|
-
// =============================================================================
|
|
28
|
-
/**
|
|
29
|
-
* Password reset token expiry time in milliseconds (1 hour).
|
|
30
|
-
* Matches customer reset flow.
|
|
31
|
-
*/
|
|
32
|
-
const TOKEN_EXPIRY_MS = 60 * 60 * 1000;
|
|
33
|
-
/**
|
|
34
|
-
* Token length (URL-safe, ~192 bits of entropy with nanoid).
|
|
35
|
-
*/
|
|
36
|
-
const TOKEN_LENGTH = 32;
|
|
37
|
-
/**
|
|
38
|
-
* Display string for the expiry duration — passed to the email template.
|
|
39
|
-
*/
|
|
40
|
-
const TOKEN_EXPIRY_HOURS = '1';
|
|
41
|
-
// =============================================================================
|
|
42
|
-
// Request reset
|
|
43
|
-
// =============================================================================
|
|
44
|
-
/**
|
|
45
|
-
* Request a password reset for an admin.
|
|
46
|
-
*
|
|
47
|
-
* Creates a token and sends the reset email. Always returns `{success: true}`
|
|
48
|
-
* regardless of whether the email belongs to a real admin — this prevents
|
|
49
|
-
* email enumeration attacks and keeps the HTTP response shape identical for
|
|
50
|
-
* all outcomes.
|
|
51
|
-
*
|
|
52
|
-
* Silently skipped cases (all return success without side effects):
|
|
53
|
-
* - Email doesn't belong to any admin
|
|
54
|
-
* - Admin exists but status !== 'active' (deactivated or invited)
|
|
55
|
-
* - Email sending fails (error is logged, not exposed)
|
|
56
|
-
*
|
|
57
|
-
* @param email - The admin's email address
|
|
58
|
-
* @returns Always `{success: true}` — see above
|
|
59
|
-
*
|
|
60
|
-
* @example
|
|
61
|
-
* ```typescript
|
|
62
|
-
* await requestAdminPasswordReset('owner@store.com')
|
|
63
|
-
* // Always show: "If an account exists with this email, we've sent a reset link."
|
|
64
|
-
* ```
|
|
65
|
-
*/
|
|
66
|
-
export async function requestAdminPasswordReset(email) {
|
|
67
|
-
const admin = await findAdminByEmail(email);
|
|
68
|
-
// Enumeration-safe fast exits
|
|
69
|
-
if (!admin) {
|
|
70
|
-
return { success: true };
|
|
71
|
-
}
|
|
72
|
-
// Block deactivated and invited admins from using the reset flow.
|
|
73
|
-
// Deactivated: must stay locked out. Invited: should use the invite
|
|
74
|
-
// accept flow (Phase 3), not the reset flow.
|
|
75
|
-
const status = admin.status ?? 'active';
|
|
76
|
-
if (status !== 'active') {
|
|
77
|
-
return { success: true };
|
|
78
|
-
}
|
|
79
|
-
// Clear any existing reset tokens for this admin — "only the latest
|
|
80
|
-
// reset link works" policy, same as customer flow.
|
|
81
|
-
await deleteAdminPasswordResetTokens(admin.id);
|
|
82
|
-
// Generate new token
|
|
83
|
-
const db = getDb();
|
|
84
|
-
const token = nanoid(TOKEN_LENGTH);
|
|
85
|
-
const expires = new Date(Date.now() + TOKEN_EXPIRY_MS);
|
|
86
|
-
await db.insert(schema.adminPasswordResetTokens).values({
|
|
87
|
-
adminId: admin.id,
|
|
88
|
-
token,
|
|
89
|
-
expires,
|
|
90
|
-
});
|
|
91
|
-
// Send the email. Failures are logged but never propagated — returning
|
|
92
|
-
// success keeps the enumeration-safe contract and prevents leaking
|
|
93
|
-
// infrastructure state (e.g. "Resend is down").
|
|
94
|
-
try {
|
|
95
|
-
const storeUrl = getStoreUrl();
|
|
96
|
-
const resetLink = `${storeUrl}/admin/reset-password?token=${encodeURIComponent(token)}`;
|
|
97
|
-
await sendAdminPasswordResetEmail({
|
|
98
|
-
to: email,
|
|
99
|
-
adminName: admin.name,
|
|
100
|
-
resetLink,
|
|
101
|
-
expiryTime: TOKEN_EXPIRY_HOURS,
|
|
102
|
-
});
|
|
103
|
-
}
|
|
104
|
-
catch (error) {
|
|
105
|
-
console.error('[admin-password-reset] Failed to send reset email:', error instanceof Error ? error.message : error);
|
|
106
|
-
// Do not fail the request — enumeration safety + infra privacy.
|
|
107
|
-
}
|
|
108
|
-
return { success: true };
|
|
109
|
-
}
|
|
110
|
-
// =============================================================================
|
|
111
|
-
// Validate token (non-destructive check)
|
|
112
|
-
// =============================================================================
|
|
113
|
-
/**
|
|
114
|
-
* Validate a reset token without consuming it.
|
|
115
|
-
*
|
|
116
|
-
* Used by the reset page to decide whether to show the "enter new password"
|
|
117
|
-
* form or an "invalid/expired link" error. Expired tokens are cleaned up
|
|
118
|
-
* opportunistically as a side effect.
|
|
119
|
-
*
|
|
120
|
-
* @param token - The token from the reset link
|
|
121
|
-
*/
|
|
122
|
-
export async function validateAdminResetToken(token) {
|
|
123
|
-
const db = getDb();
|
|
124
|
-
const [record] = await db
|
|
125
|
-
.select()
|
|
126
|
-
.from(schema.adminPasswordResetTokens)
|
|
127
|
-
.where(eq(schema.adminPasswordResetTokens.token, token))
|
|
128
|
-
.limit(1);
|
|
129
|
-
if (!record) {
|
|
130
|
-
return {
|
|
131
|
-
valid: false,
|
|
132
|
-
error: 'Invalid or expired reset link. Please request a new one.',
|
|
133
|
-
};
|
|
134
|
-
}
|
|
135
|
-
if (new Date() > record.expires) {
|
|
136
|
-
// Opportunistic cleanup
|
|
137
|
-
await db
|
|
138
|
-
.delete(schema.adminPasswordResetTokens)
|
|
139
|
-
.where(eq(schema.adminPasswordResetTokens.id, record.id));
|
|
140
|
-
return {
|
|
141
|
-
valid: false,
|
|
142
|
-
error: 'Reset link has expired. Please request a new one.',
|
|
143
|
-
};
|
|
144
|
-
}
|
|
145
|
-
return { valid: true };
|
|
146
|
-
}
|
|
147
|
-
// =============================================================================
|
|
148
|
-
// Reset password (consumes token)
|
|
149
|
-
// =============================================================================
|
|
150
|
-
/**
|
|
151
|
-
* Reset an admin's password using a valid token.
|
|
152
|
-
*
|
|
153
|
-
* Validates the token, updates the password via `updateAdminPassword`
|
|
154
|
-
* (which handles hashing), then deletes ALL reset tokens for that admin
|
|
155
|
-
* so a stale link can't be reused after a successful reset.
|
|
156
|
-
*
|
|
157
|
-
* @param token - The token from the reset link
|
|
158
|
-
* @param newPassword - The new plain-text password (will be hashed)
|
|
159
|
-
*/
|
|
160
|
-
export async function resetAdminPassword(token, newPassword) {
|
|
161
|
-
const db = getDb();
|
|
162
|
-
const [record] = await db
|
|
163
|
-
.select()
|
|
164
|
-
.from(schema.adminPasswordResetTokens)
|
|
165
|
-
.where(eq(schema.adminPasswordResetTokens.token, token))
|
|
166
|
-
.limit(1);
|
|
167
|
-
if (!record) {
|
|
168
|
-
return {
|
|
169
|
-
success: false,
|
|
170
|
-
error: 'Invalid or expired reset link. Please request a new one.',
|
|
171
|
-
};
|
|
172
|
-
}
|
|
173
|
-
if (new Date() > record.expires) {
|
|
174
|
-
await db
|
|
175
|
-
.delete(schema.adminPasswordResetTokens)
|
|
176
|
-
.where(eq(schema.adminPasswordResetTokens.id, record.id));
|
|
177
|
-
return {
|
|
178
|
-
success: false,
|
|
179
|
-
error: 'Reset link has expired. Please request a new one.',
|
|
180
|
-
};
|
|
181
|
-
}
|
|
182
|
-
// Hash + update via the existing admin-service helper
|
|
183
|
-
await updateAdminPassword(record.adminId, newPassword);
|
|
184
|
-
// Wipe all reset tokens for this admin — one-time use for the whole batch
|
|
185
|
-
await deleteAdminPasswordResetTokens(record.adminId);
|
|
186
|
-
return { success: true };
|
|
187
|
-
}
|
|
188
|
-
// =============================================================================
|
|
189
|
-
// Housekeeping
|
|
190
|
-
// =============================================================================
|
|
191
|
-
/**
|
|
192
|
-
* Delete all password reset tokens for a specific admin.
|
|
193
|
-
*
|
|
194
|
-
* Called at two points:
|
|
195
|
-
* 1. Before issuing a new token (clear stale ones)
|
|
196
|
-
* 2. After a successful reset (invalidate the used batch)
|
|
197
|
-
*/
|
|
198
|
-
export async function deleteAdminPasswordResetTokens(adminId) {
|
|
199
|
-
const db = getDb();
|
|
200
|
-
await db
|
|
201
|
-
.delete(schema.adminPasswordResetTokens)
|
|
202
|
-
.where(eq(schema.adminPasswordResetTokens.adminId, adminId));
|
|
203
|
-
}
|
|
204
|
-
/**
|
|
205
|
-
* Delete expired reset tokens across all admins.
|
|
206
|
-
*
|
|
207
|
-
* Optional hook for a periodic cleanup job (e.g. cron). Safe to call
|
|
208
|
-
* anytime — no-op if nothing is expired.
|
|
209
|
-
*
|
|
210
|
-
* @returns Number of tokens deleted
|
|
211
|
-
*/
|
|
212
|
-
export async function cleanupExpiredAdminResetTokens() {
|
|
213
|
-
const db = getDb();
|
|
214
|
-
const result = await db
|
|
215
|
-
.delete(schema.adminPasswordResetTokens)
|
|
216
|
-
.where(lt(schema.adminPasswordResetTokens.expires, new Date()))
|
|
217
|
-
.returning({ id: schema.adminPasswordResetTokens.id });
|
|
218
|
-
return result.length;
|
|
219
|
-
}
|
|
220
|
-
//# sourceMappingURL=admin-password-reset.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"admin-password-reset.js","sourceRoot":"","sources":["../../../src/admin/server/admin-password-reset.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,EAAE,EAAE,EAAE,EAAE,EAAE,MAAM,aAAa,CAAA;AACpC,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AAC/B,OAAO,EAAE,KAAK,EAAE,MAAM,sBAAsB,CAAA;AAC5C,OAAO,KAAK,MAAM,MAAM,sBAAsB,CAAA;AAC9C,OAAO,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAA;AACvE,OAAO,EAAE,2BAA2B,EAAE,MAAM,8BAA8B,CAAA;AAC1E,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAA;AAEjD,gFAAgF;AAChF,YAAY;AACZ,gFAAgF;AAEhF;;;GAGG;AACH,MAAM,eAAe,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAA;AAEtC;;GAEG;AACH,MAAM,YAAY,GAAG,EAAE,CAAA;AAEvB;;GAEG;AACH,MAAM,kBAAkB,GAAG,GAAG,CAAA;AAE9B,gFAAgF;AAChF,gBAAgB;AAChB,gFAAgF;AAEhF;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAAC,KAAa;IAG3D,MAAM,KAAK,GAAG,MAAM,gBAAgB,CAAC,KAAK,CAAC,CAAA;IAE3C,8BAA8B;IAC9B,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAA;IAC1B,CAAC;IAED,kEAAkE;IAClE,oEAAoE;IACpE,6CAA6C;IAC7C,MAAM,MAAM,GAAI,KAA6B,CAAC,MAAM,IAAI,QAAQ,CAAA;IAChE,IAAI,MAAM,KAAK,QAAQ,EAAE,CAAC;QACxB,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAA;IAC1B,CAAC;IAED,oEAAoE;IACpE,mDAAmD;IACnD,MAAM,8BAA8B,CAAC,KAAK,CAAC,EAAE,CAAC,CAAA;IAE9C,qBAAqB;IACrB,MAAM,EAAE,GAAG,KAAK,EAAE,CAAA;IAClB,MAAM,KAAK,GAAG,MAAM,CAAC,YAAY,CAAC,CAAA;IAClC,MAAM,OAAO,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,eAAe,CAAC,CAAA;IAEtD,MAAM,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,wBAAwB,CAAC,CAAC,MAAM,CAAC;QACtD,OAAO,EAAE,KAAK,CAAC,EAAE;QACjB,KAAK;QACL,OAAO;KACR,CAAC,CAAA;IAEF,uEAAuE;IACvE,mEAAmE;IACnE,gDAAgD;IAChD,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,WAAW,EAAE,CAAA;QAC9B,MAAM,SAAS,GAAG,GAAG,QAAQ,+BAA+B,kBAAkB,CAAC,KAAK,CAAC,EAAE,CAAA;QACvF,MAAM,2BAA2B,CAAC;YAChC,EAAE,EAAE,KAAK;YACT,SAAS,EAAE,KAAK,CAAC,IAAI;YACrB,SAAS;YACT,UAAU,EAAE,kBAAkB;SAC/B,CAAC,CAAA;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CACX,oDAAoD,EACpD,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAC/C,CAAA;QACD,gEAAgE;IAClE,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAA;AAC1B,CAAC;AAED,gFAAgF;AAChF,yCAAyC;AACzC,gFAAgF;AAEhF;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAAC,KAAa;IAIzD,MAAM,EAAE,GAAG,KAAK,EAAE,CAAA;IAElB,MAAM,CAAC,MAAM,CAAC,GAAG,MAAM,EAAE;SACtB,MAAM,EAAE;SACR,IAAI,CAAC,MAAM,CAAC,wBAAwB,CAAC;SACrC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,wBAAwB,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;SACvD,KAAK,CAAC,CAAC,CAAC,CAAA;IAEX,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,0DAA0D;SAClE,CAAA;IACH,CAAC;IAED,IAAI,IAAI,IAAI,EAAE,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC;QAChC,wBAAwB;QACxB,MAAM,EAAE;aACL,MAAM,CAAC,MAAM,CAAC,wBAAwB,CAAC;aACvC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,wBAAwB,CAAC,EAAE,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC,CAAA;QAE3D,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,mDAAmD;SAC3D,CAAA;IACH,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAA;AACxB,CAAC;AAED,gFAAgF;AAChF,kCAAkC;AAClC,gFAAgF;AAEhF;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,KAAa,EACb,WAAmB;IAEnB,MAAM,EAAE,GAAG,KAAK,EAAE,CAAA;IAElB,MAAM,CAAC,MAAM,CAAC,GAAG,MAAM,EAAE;SACtB,MAAM,EAAE;SACR,IAAI,CAAC,MAAM,CAAC,wBAAwB,CAAC;SACrC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,wBAAwB,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;SACvD,KAAK,CAAC,CAAC,CAAC,CAAA;IAEX,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO;YACL,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,0DAA0D;SAClE,CAAA;IACH,CAAC;IAED,IAAI,IAAI,IAAI,EAAE,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC;QAChC,MAAM,EAAE;aACL,MAAM,CAAC,MAAM,CAAC,wBAAwB,CAAC;aACvC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,wBAAwB,CAAC,EAAE,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC,CAAA;QAE3D,OAAO;YACL,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,mDAAmD;SAC3D,CAAA;IACH,CAAC;IAED,sDAAsD;IACtD,MAAM,mBAAmB,CAAC,MAAM,CAAC,OAAO,EAAE,WAAW,CAAC,CAAA;IAEtD,0EAA0E;IAC1E,MAAM,8BAA8B,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;IAEpD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAA;AAC1B,CAAC;AAED,gFAAgF;AAChF,eAAe;AACf,gFAAgF;AAEhF;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,8BAA8B,CAClD,OAAe;IAEf,MAAM,EAAE,GAAG,KAAK,EAAE,CAAA;IAElB,MAAM,EAAE;SACL,MAAM,CAAC,MAAM,CAAC,wBAAwB,CAAC;SACvC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,wBAAwB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAA;AAChE,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,8BAA8B;IAClD,MAAM,EAAE,GAAG,KAAK,EAAE,CAAA;IAElB,MAAM,MAAM,GAAG,MAAM,EAAE;SACpB,MAAM,CAAC,MAAM,CAAC,wBAAwB,CAAC;SACvC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,wBAAwB,CAAC,OAAO,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;SAC9D,SAAS,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,wBAAwB,CAAC,EAAE,EAAE,CAAC,CAAA;IAExD,OAAO,MAAM,CAAC,MAAM,CAAA;AACtB,CAAC"}
|
|
@@ -1,86 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* @rovela/sdk/admin/server/admin-self-service
|
|
3
|
-
*
|
|
4
|
-
* Self-service helpers for logged-in admins — change their own password,
|
|
5
|
-
* edit their own profile. Never accepts an `actor` vs `target` distinction:
|
|
6
|
-
* these operations always act on the caller themselves, enforced by the
|
|
7
|
-
* API layer passing `session.user.id` as the adminId.
|
|
8
|
-
*
|
|
9
|
-
* # What these do that admin-service.ts doesn't
|
|
10
|
-
*
|
|
11
|
-
* `admin-service.ts` has the raw CRUD helpers (`updateAdmin`,
|
|
12
|
-
* `updateAdminPassword`). Those are called from multiple contexts —
|
|
13
|
-
* forgot-password flow, invite acceptance, emergency reset, user-management
|
|
14
|
-
* actions. This file wraps them in self-service semantics:
|
|
15
|
-
*
|
|
16
|
-
* 1. `changeOwnPassword` requires the current password as proof of
|
|
17
|
-
* identity. Mere session possession isn't enough — we want defense
|
|
18
|
-
* against "attacker on coffee shop laptop" scenarios where the
|
|
19
|
-
* session cookie is borrowed.
|
|
20
|
-
*
|
|
21
|
-
* 2. `updateOwnProfile` checks email uniqueness against every other
|
|
22
|
-
* admin (not just-not-self) before persisting, to surface clean
|
|
23
|
-
* error codes to the caller.
|
|
24
|
-
*
|
|
25
|
-
* Both helpers return typed discriminated unions — they never throw on
|
|
26
|
-
* business errors, only on unexpected infra failures (DB connectivity,
|
|
27
|
-
* which the API layer catches).
|
|
28
|
-
*/
|
|
29
|
-
import type { StoreAdmin } from '../../core/db/schema';
|
|
30
|
-
export interface SelfServiceError {
|
|
31
|
-
code: 'NOT_FOUND' | 'INVALID_CREDENTIALS' | 'VALIDATION_ERROR' | 'EMAIL_EXISTS';
|
|
32
|
-
message: string;
|
|
33
|
-
}
|
|
34
|
-
export type ChangeOwnPasswordResult = {
|
|
35
|
-
ok: true;
|
|
36
|
-
} | {
|
|
37
|
-
ok: false;
|
|
38
|
-
error: SelfServiceError;
|
|
39
|
-
};
|
|
40
|
-
export type UpdateOwnProfileResult = {
|
|
41
|
-
ok: true;
|
|
42
|
-
admin: StoreAdmin;
|
|
43
|
-
} | {
|
|
44
|
-
ok: false;
|
|
45
|
-
error: SelfServiceError;
|
|
46
|
-
};
|
|
47
|
-
/**
|
|
48
|
-
* Change the logged-in admin's password.
|
|
49
|
-
*
|
|
50
|
-
* Requires the current password as proof of identity. Validates the new
|
|
51
|
-
* password via the shared `validatePassword` helper (min 8 chars). On
|
|
52
|
-
* success, bumps `session_version` (via `updateAdminPassword`), cleans up
|
|
53
|
-
* any stale reset tokens, and invalidates the in-memory session cache so
|
|
54
|
-
* other active sessions for this admin are kicked out on their next
|
|
55
|
-
* request.
|
|
56
|
-
*
|
|
57
|
-
* The admin's CURRENT session (the one that initiated this change) also
|
|
58
|
-
* carries a now-stale `sessionVersion` JWT claim, which means the next
|
|
59
|
-
* request from that session will also fail `requireAdmin`'s version
|
|
60
|
-
* check → forced logout. That's correct behavior: after a password
|
|
61
|
-
* rotation, the user must re-authenticate with the new password.
|
|
62
|
-
*
|
|
63
|
-
* If that's undesirable (the UI would need to immediately re-sign-in),
|
|
64
|
-
* the API handler can call `nextAuthSignIn` server-side after a
|
|
65
|
-
* successful change. For Phase 4, we accept the forced re-login as the
|
|
66
|
-
* honest behavior.
|
|
67
|
-
*/
|
|
68
|
-
export declare function changeOwnPassword(adminId: string, currentPassword: string, newPassword: string): Promise<ChangeOwnPasswordResult>;
|
|
69
|
-
/**
|
|
70
|
-
* Update the logged-in admin's name and/or email.
|
|
71
|
-
*
|
|
72
|
-
* Email uniqueness is checked against every OTHER admin (not self). If
|
|
73
|
-
* both fields are omitted, returns a VALIDATION_ERROR so the caller gets
|
|
74
|
-
* a clean error rather than a silent no-op.
|
|
75
|
-
*
|
|
76
|
-
* Changing email does NOT require a separate re-verification — the admin
|
|
77
|
-
* is already authenticated and the client-side confirmation dialog in
|
|
78
|
-
* `AdminAccountPage` warns them about the forgot-password implication.
|
|
79
|
-
*
|
|
80
|
-
* No sessionVersion bump — profile changes don't invalidate sessions.
|
|
81
|
-
*/
|
|
82
|
-
export declare function updateOwnProfile(adminId: string, data: {
|
|
83
|
-
name?: string;
|
|
84
|
-
email?: string;
|
|
85
|
-
}): Promise<UpdateOwnProfileResult>;
|
|
86
|
-
//# sourceMappingURL=admin-self-service.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"admin-self-service.d.ts","sourceRoot":"","sources":["../../../src/admin/server/admin-self-service.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AASH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAA;AAMtD,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EACA,WAAW,GACX,qBAAqB,GACrB,kBAAkB,GAClB,cAAc,CAAA;IAClB,OAAO,EAAE,MAAM,CAAA;CAChB;AAED,MAAM,MAAM,uBAAuB,GAC/B;IAAE,EAAE,EAAE,IAAI,CAAA;CAAE,GACZ;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,gBAAgB,CAAA;CAAE,CAAA;AAE1C,MAAM,MAAM,sBAAsB,GAC9B;IAAE,EAAE,EAAE,IAAI,CAAC;IAAC,KAAK,EAAE,UAAU,CAAA;CAAE,GAC/B;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,gBAAgB,CAAA;CAAE,CAAA;AAM1C;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,wBAAsB,iBAAiB,CACrC,OAAO,EAAE,MAAM,EACf,eAAe,EAAE,MAAM,EACvB,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,uBAAuB,CAAC,CA0DlC;AAMD;;;;;;;;;;;;GAYG;AACH,wBAAsB,gBAAgB,CACpC,OAAO,EAAE,MAAM,EACf,IAAI,EAAE;IAAE,IAAI,CAAC,EAAE,MAAM,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,GACtC,OAAO,CAAC,sBAAsB,CAAC,CAuEjC"}
|