@rpcbase/auth 0.43.0 → 0.45.0

package/dist/api/me/handler.d.ts

@@ -0,0 +1,5 @@
+import { Api } from '../../../../api/src';
+import { AuthSessionUser } from '../../types';
+declare const _default: (api: Api<AuthSessionUser>) => void;
+export default _default;
+//# sourceMappingURL=handler.d.ts.map

package/dist/api/me/handler.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"handler.d.ts","sourceRoot":"","sources":["../../../src/api/me/handler.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAA8B,MAAM,cAAc,CAAA;AAE9D,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAA;yBAkDlC,KAAK,GAAG,CAAC,eAAe,CAAC;AAAzC,wBAGC"}

package/dist/api/me/index.d.ts

@@ -0,0 +1,16 @@
+import { z } from '../../../../vite/node_modules/zod';
+export declare const Route = "/api/rb/auth/me";
+export declare const requestSchema: z.ZodObject<{}, z.core.$strip>;
+export type RequestPayload = z.infer<typeof requestSchema>;
+export declare const responseSchema: z.ZodObject<{
+    id: z.ZodOptional<z.ZodString>;
+    email: z.ZodOptional<z.ZodString>;
+    phone: z.ZodOptional<z.ZodString>;
+    name: z.ZodOptional<z.ZodString>;
+    tenants: z.ZodDefault<z.ZodArray<z.ZodString>>;
+    current_tenant_id: z.ZodOptional<z.ZodString>;
+    signed_in_tenants: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodString>>>;
+    error: z.ZodOptional<z.ZodString>;
+}, z.core.$strip>;
+export type ResponsePayload = z.infer<typeof responseSchema>;
+//# sourceMappingURL=index.d.ts.map

package/dist/api/me/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/api/me/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAGvB,eAAO,MAAM,KAAK,oBAAoB,CAAA;AAEtC,eAAO,MAAM,aAAa,gCAAe,CAAA;AACzC,MAAM,MAAM,cAAc,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,aAAa,CAAC,CAAA;AAE1D,eAAO,MAAM,cAAc;;;;;;;;;iBASzB,CAAA;AAEF,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,cAAc,CAAC,CAAA"}

package/dist/api/sign-in/handler.d.ts

@@ -1,4 +1,5 @@
 import { Api } from '../../../../api/src';
-declare const _default: (api: Api) => void;
+import { AuthSessionUser } from '../../types';
+declare const _default: (api: Api<AuthSessionUser>) => void;
 export default _default;
 //# sourceMappingURL=handler.d.ts.map

package/dist/api/sign-in/handler.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"handler.d.ts","sourceRoot":"","sources":["../../../src/api/sign-in/handler.ts"],"names":[],"mappings":"AACA,OAAO,EAAC,GAAG,EAAiC,MAAM,cAAc,CAAA;yBA+ChD,KAAK,GAAG;AAAxB,wBAEC"}
+{"version":3,"file":"handler.d.ts","sourceRoot":"","sources":["../../../src/api/sign-in/handler.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,GAAG,EAA8B,MAAM,cAAc,CAAA;AAG9D,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAA;yBAgElC,KAAK,GAAG,CAAC,eAAe,CAAC;AAAzC,wBAEC"}

package/dist/api/sign-in/index.d.ts

@@ -2,11 +2,15 @@ import { z } from '../../../../vite/node_modules/zod';
 export declare const Route = "/api/rb/auth/sign-in";
 export declare const requestSchema: z.ZodObject<{
     email_or_phone: z.ZodDefault<z.ZodString>;
+    password: z.ZodString;
     remember_me: z.ZodDefault<z.ZodBoolean>;
 }, z.core.$strip>;
 export type RequestPayload = z.infer<typeof requestSchema>;
 export declare const responseSchema: z.ZodObject<{
     success: z.ZodBoolean;
+    error: z.ZodOptional<z.ZodString>;
+    user_id: z.ZodOptional<z.ZodString>;
+    tenant_id: z.ZodOptional<z.ZodString>;
 }, z.core.$strip>;
 export type ResponsePayload = z.infer<typeof responseSchema>;
 //# sourceMappingURL=index.d.ts.map

package/dist/api/sign-in/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/api/sign-in/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAIvB,eAAO,MAAM,KAAK,yBAAyB,CAAA;AAE3C,eAAO,MAAM,aAAa;;;iBAcxB,CAAA;AAEF,MAAM,MAAM,cAAc,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,aAAa,CAAC,CAAA;AAE1D,eAAO,MAAM,cAAc;;iBAEzB,CAAA;AAEF,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,cAAc,CAAC,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/api/sign-in/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAIvB,eAAO,MAAM,KAAK,yBAAyB,CAAA;AAE3C,eAAO,MAAM,aAAa;;;;iBAexB,CAAA;AAEF,MAAM,MAAM,cAAc,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,aAAa,CAAC,CAAA;AAE1D,eAAO,MAAM,cAAc;;;;;iBAKzB,CAAA;AAEF,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,cAAc,CAAC,CAAA"}

package/dist/api/sign-out/handler.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"handler.d.ts","sourceRoot":"","sources":["../../../src/api/sign-out/handler.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAmB,MAAM,cAAc,CAAA;yBAcnC,KAAK,GAAG;AAAxB,wBAEC"}
+{"version":3,"file":"handler.d.ts","sourceRoot":"","sources":["../../../src/api/sign-out/handler.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAO,MAAM,cAAc,CAAA;yBAkBvB,KAAK,GAAG;AAAxB,wBAEC"}

package/dist/api/sign-up/handler.d.ts

@@ -1,4 +1,5 @@
 import { Api } from '../../../../api/src';
-declare const _default: (api: Api) => void;
+import { AuthSessionUser } from '../../types';
+declare const _default: (api: Api<AuthSessionUser>) => void;
 export default _default;
 //# sourceMappingURL=handler.d.ts.map

package/dist/api/sign-up/handler.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"handler.d.ts","sourceRoot":"","sources":["../../../src/api/sign-up/handler.ts"],"names":[],"mappings":"AAGA,OAAO,EAAC,GAAG,EAA6B,MAAM,cAAc,CAAA;yBA0C5C,KAAK,GAAG;AAAxB,wBAEC"}
+{"version":3,"file":"handler.d.ts","sourceRoot":"","sources":["../../../src/api/sign-up/handler.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,GAAG,EAA8B,MAAM,cAAc,CAAA;AAG9D,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAA;yBAwFlC,KAAK,GAAG,CAAC,eAAe,CAAC;AAAzC,wBAEC"}

package/dist/api/sign-up/index.d.ts

@@ -4,10 +4,14 @@ export declare const requestSchema: z.ZodObject<{
     email_or_phone: z.ZodString;
     password: z.ZodString;
     password_confirmation: z.ZodString;
+    remember_me: z.ZodDefault<z.ZodBoolean>;
 }, z.core.$strip>;
 export type RequestPayload = z.infer<typeof requestSchema>;
 export declare const responseSchema: z.ZodObject<{
     success: z.ZodBoolean;
+    error: z.ZodOptional<z.ZodString>;
+    user_id: z.ZodOptional<z.ZodString>;
+    tenant_id: z.ZodOptional<z.ZodString>;
 }, z.core.$strip>;
 export type ResponsePayload = z.infer<typeof responseSchema>;
 //# sourceMappingURL=index.d.ts.map

package/dist/api/sign-up/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/api/sign-up/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAIvB,eAAO,MAAM,KAAK,yBAAyB,CAAA;AAE3C,eAAO,MAAM,aAAa;;;;iBAmBtB,CAAA;AAEJ,MAAM,MAAM,cAAc,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,aAAa,CAAC,CAAA;AAE1D,eAAO,MAAM,cAAc;;iBAEzB,CAAA;AAEF,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,cAAc,CAAC,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/api/sign-up/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAIvB,eAAO,MAAM,KAAK,yBAAyB,CAAA;AAE3C,eAAO,MAAM,aAAa;;;;;iBAoBtB,CAAA;AAEJ,MAAM,MAAM,cAAc,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,aAAa,CAAC,CAAA;AAE1D,eAAO,MAAM,cAAc;;;;;iBAKzB,CAAA;AAEF,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,cAAc,CAAC,CAAA"}

package/dist/components/PasswordInput/index.d.ts

@@ -0,0 +1,10 @@
+type PasswordInputProps = {
+    id: string;
+    name?: string;
+    className?: string;
+    placeholder?: string;
+    autoComplete?: string;
+};
+export declare const PasswordInput: ({ id, name, className, placeholder, autoComplete, }: PasswordInputProps) => import("react/jsx-runtime").JSX.Element;
+export {};
+//# sourceMappingURL=index.d.ts.map

package/dist/components/PasswordInput/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/components/PasswordInput/index.tsx"],"names":[],"mappings":"AAGA,KAAK,kBAAkB,GAAG;IACxB,EAAE,EAAE,MAAM,CAAA;IACV,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,YAAY,CAAC,EAAE,MAAM,CAAA;CACtB,CAAA;AAED,eAAO,MAAM,aAAa,GAAI,qDAM3B,kBAAkB,4CA0BpB,CAAA"}

package/dist/components/SignInForm/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/components/SignInForm/index.tsx"],"names":[],"mappings":"AAAA,OAAO,EAAC,SAAS,EAAY,MAAM,OAAO,CAAA;AAW1C,eAAO,MAAM,UAAU,GAAI,yBAGxB;IACD,QAAQ,EAAE,SAAS,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAA;CACnB,4CAyBA,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/components/SignInForm/index.tsx"],"names":[],"mappings":"AAAA,OAAO,EAAC,SAAS,EAAY,MAAM,OAAO,CAAA;AAW1C,eAAO,MAAM,UAAU,GAAI,yBAGxB;IACD,QAAQ,EAAE,SAAS,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAA;CACnB,4CA6CA,CAAA"}

package/dist/components/SignUpForm/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/components/SignUpForm/index.tsx"],"names":[],"mappings":"AAAA,OAAO,EAAC,SAAS,EAAY,MAAM,OAAO,CAAA;AAW1C,eAAO,MAAM,UAAU,GAAI,yBAGxB;IACD,QAAQ,EAAE,SAAS,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAA;CACnB,4CA0BA,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/components/SignUpForm/index.tsx"],"names":[],"mappings":"AAAA,OAAO,EAAC,SAAS,EAAsB,MAAM,OAAO,CAAA;AAWpD,eAAO,MAAM,UAAU,GAAI,yBAGxB;IACD,QAAQ,EAAE,SAAS,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAA;CACnB,4CAyEA,CAAA"}

package/dist/components/index.d.ts

@@ -4,4 +4,5 @@ export * from './EmailOrPhoneInput';
 export * from './SignInForm';
 export * from './SignUpForm';
 export * from './RememberMeCheckbox';
+export * from './PasswordInput';
 //# sourceMappingURL=index.d.ts.map

package/dist/components/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/components/index.ts"],"names":[],"mappings":"AAAA,cAAc,cAAc,CAAA;AAC5B,cAAc,qBAAqB,CAAA;AACnC,cAAc,qBAAqB,CAAA;AACnC,cAAc,cAAc,CAAA;AAC5B,cAAc,cAAc,CAAA;AAC5B,cAAc,sBAAsB,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/components/index.ts"],"names":[],"mappings":"AAAA,cAAc,cAAc,CAAA;AAC5B,cAAc,qBAAqB,CAAA;AACnC,cAAc,qBAAqB,CAAA;AACnC,cAAc,cAAc,CAAA;AAC5B,cAAc,cAAc,CAAA;AAC5B,cAAc,sBAAsB,CAAA;AACpC,cAAc,iBAAiB,CAAA"}

package/dist/handler-BSoyBLZM.js

@@ -0,0 +1,50 @@
+import crypto from "crypto";
+import { i as isEmail } from "./isEmail-IG0hXiQk.js";
+import { loadModel } from "@rpcbase/api";
+import { hashPassword } from "@rpcbase/server";
+import { R as Route, r as requestSchema } from "./index-r56vqjph.js";
+const signIn = async (payload, ctx) => {
+  const User = await loadModel("User", ctx);
+  const parsed = requestSchema.safeParse(payload);
+  if (!parsed.success) {
+    ctx.res.status(400);
+    return { success: false, error: "invalid_payload" };
+  }
+  const { email_or_phone, password } = parsed.data;
+  const query = isEmail(email_or_phone) ? { email: email_or_phone } : { phone: email_or_phone };
+  const user = await User.findOne(query, { password: 1, tenants: 1 });
+  if (!user?.password) {
+    ctx.res.status(401);
+    return { success: false, error: "invalid_credentials" };
+  }
+  const [salt, hashedPassword] = String(user.password).split(":");
+  if (!salt || !hashedPassword) {
+    ctx.res.status(500);
+    return { success: false, error: "invalid_password_format" };
+  }
+  const derivedKey = await hashPassword(password, salt);
+  const passwordMatches = crypto.timingSafeEqual(Buffer.from(hashedPassword, "hex"), derivedKey);
+  if (!passwordMatches) {
+    ctx.res.status(401);
+    return { success: false, error: "invalid_credentials" };
+  }
+  const tenantId = user.tenants?.[0]?.toString?.() || "00000000";
+  const signedInTenants = (user.tenants || []).map((t) => t.toString?.() || String(t)) || [tenantId];
+  if (!ctx.req.session) {
+    ctx.res.status(500);
+    return { success: false, error: "session_unavailable" };
+  }
+  ctx.req.session.user = {
+    id: user._id.toString(),
+    current_tenant_id: tenantId,
+    signed_in_tenants: signedInTenants.length ? signedInTenants : [tenantId],
+    is_entry_gate_authorized: true
+  };
+  return { success: true, user_id: user._id.toString(), tenant_id: tenantId };
+};
+const handler = (api) => {
+  api.post(Route, signIn);
+};
+export {
+  handler as default
+};

package/dist/handler-Ba3pgtfZ.js

@@ -0,0 +1,57 @@
+import { loadModel } from "@rpcbase/api";
+import { r as restrictSessionMiddleware } from "./middleware-BiMXO6Dq.js";
+import { o as object, s as string, a as array } from "./schemas-KL7REOdt.js";
+const Route = "/api/rb/auth/me";
+object({});
+object({
+  id: string().optional(),
+  email: string().email().optional(),
+  phone: string().optional(),
+  name: string().optional(),
+  tenants: array(string()).default([]),
+  current_tenant_id: string().optional(),
+  signed_in_tenants: array(string()).default([]).optional(),
+  error: string().optional()
+});
+const me = async (_payload, ctx) => {
+  const sessionUser = ctx.req.session?.user;
+  if (!sessionUser?.id) {
+    ctx.res.status(401);
+    return {
+      id: "",
+      current_tenant_id: "",
+      signed_in_tenants: [],
+      tenants: [],
+      error: "not_authenticated"
+    };
+  }
+  const User = await loadModel("User", ctx);
+  const user = await User.findById(sessionUser.id);
+  if (!user) {
+    ctx.res.status(404);
+    return {
+      id: "",
+      current_tenant_id: "",
+      signed_in_tenants: [],
+      tenants: [],
+      error: "user_not_found"
+    };
+  }
+  const tenantId = sessionUser.current_tenant_id || user.tenants?.[0]?.toString?.() || "00000000";
+  return {
+    id: user._id.toString(),
+    email: user.email,
+    phone: user.phone,
+    name: user.name,
+    tenants: (user.tenants || []).map((t) => t.toString?.() || String(t)),
+    current_tenant_id: tenantId,
+    signed_in_tenants: sessionUser.signed_in_tenants || []
+  };
+};
+const handler = (api) => {
+  api.use(Route, restrictSessionMiddleware);
+  api.get(Route, me);
+};
+export {
+  handler as default
+};

package/dist/{handler-rzI-pkuD.js → handler-CNHucHrj.js}

@@ -1,10 +1,13 @@
-import { o as object, b as boolean } from "./schemas-DKK0lkQz.js";
+import { o as object, b as boolean } from "./schemas-KL7REOdt.js";
 const Route = "/api/rb/auth/sign-out";
 object({});
 object({
   success: boolean()
 });
 const handleSignOut = async (_, ctx) => {
+  if (!ctx.req.session) {
+    return { success: true };
+  }
   await new Promise((resolve) => ctx.req.session.destroy(() => resolve()));
   return {
     success: true

package/dist/handler-rZR_dx7n.js

@@ -0,0 +1,71 @@
+import crypto from "crypto";
+import { i as isEmail } from "./isEmail-IG0hXiQk.js";
+import { loadModel } from "@rpcbase/api";
+import { hashPassword, sendEmail } from "@rpcbase/server";
+import { R as Route, r as requestSchema } from "./index-Cq04nmsE.js";
+const signUp = async (payload, ctx) => {
+  const User = await loadModel("User", ctx);
+  const Tenant = await loadModel("Tenant", ctx);
+  const parsed = requestSchema.safeParse(payload);
+  if (!parsed.success) {
+    ctx.res.status(400);
+    return { success: false, error: "invalid_payload" };
+  }
+  const { email_or_phone, password, remember_me: _remember_me } = parsed.data;
+  const is_email = isEmail(email_or_phone);
+  const query = is_email ? { email: email_or_phone } : { phone: email_or_phone };
+  const existingUser = await User.findOne(query);
+  if (existingUser) {
+    console.log("user with email or phone already exists", email_or_phone);
+    ctx.res.status(409);
+    return { success: false, error: "user_exists" };
+  }
+  const salt = crypto.randomBytes(16).toString("hex");
+  const derivedKey = await hashPassword(password, salt);
+  const hashedPassword = `${salt}:${derivedKey.toString("hex")}`;
+  const tenantId = crypto.randomUUID();
+  const user = new User({
+    ...query,
+    password: hashedPassword,
+    tenants: [tenantId]
+  });
+  await user.save();
+  if (is_email) {
+    try {
+      await sendEmail({
+        to: email_or_phone,
+        subject: "Verify your email",
+        html: "<p>Welcome to rpcbase!</p><p>We created your account. Use this email to sign in and finish verification.</p>",
+        text: "Welcome to rpcbase! We created your account. Use this email to sign in and finish verification."
+      });
+    } catch (err) {
+      console.warn("failed to send sign-up email", err);
+    }
+  }
+  try {
+    await Tenant.create({
+      tenant_id: tenantId,
+      name: query.email || query.phone
+    });
+  } catch (err) {
+    console.warn("failed to create tenant for user", err);
+  }
+  console.log("created new user", user._id.toString());
+  if (!ctx.req.session) {
+    ctx.res.status(500);
+    return { success: false, error: "session_unavailable" };
+  }
+  ctx.req.session.user = {
+    id: user._id.toString(),
+    current_tenant_id: tenantId,
+    signed_in_tenants: [tenantId],
+    is_entry_gate_authorized: true
+  };
+  return { success: true, user_id: user._id.toString(), tenant_id: tenantId };
+};
+const handler = (api) => {
+  api.post(Route, signUp);
+};
+export {
+  handler as default
+};

package/dist/{index-BYEYCL3Q.js → index-Cq04nmsE.js}

@@ -1,5 +1,5 @@
 import { i as isValidNumber } from "./isValidNumber-6pMDGLRn.js";
-import { o as object, s as string, b as boolean } from "./schemas-DKK0lkQz.js";
+import { o as object, b as boolean, s as string } from "./schemas-KL7REOdt.js";
 const Route = "/api/rb/auth/sign-up";
 const requestSchema = object({
   email_or_phone: string().nonempty("Email or phone number is required").refine(
@@ -11,13 +11,17 @@ const requestSchema = object({
     "Please enter a valid email address or phone number"
   ),
   password: string().min(8, { message: "Password must be at least 8 characters long." }),
-  password_confirmation: string().nonempty({ message: "Please confirm your password." })
+  password_confirmation: string().nonempty({ message: "Please confirm your password." }),
+  remember_me: boolean().default(true)
 }).refine((data) => data.password === data.password_confirmation, {
   message: "Passwords do not match.",
   path: ["password_confirmation"]
 });
 object({
-  success: boolean()
+  success: boolean(),
+  error: string().optional(),
+  user_id: string().optional(),
+  tenant_id: string().optional()
 });
 export {
   Route as R,

package/dist/{index-BphnyggH.js → index-r56vqjph.js}

@@ -1,5 +1,5 @@
 import { i as isValidNumber } from "./isValidNumber-6pMDGLRn.js";
-import { o as object, b as boolean, s as string } from "./schemas-DKK0lkQz.js";
+import { o as object, b as boolean, s as string } from "./schemas-KL7REOdt.js";
 const Route = "/api/rb/auth/sign-in";
 const requestSchema = object({
   email_or_phone: string().nonempty("Email or phone number is required").default("").refine(
@@ -10,10 +10,14 @@ const requestSchema = object({
     },
     "Please enter a valid email address or phone number"
   ),
+  password: string().min(1, { message: "Password is required" }),
   remember_me: boolean().default(true)
 });
 object({
-  success: boolean()
+  success: boolean(),
+  error: string().optional(),
+  user_id: string().optional(),
+  tenant_id: string().optional()
 });
 export {
   Route as R,

package/dist/index.d.ts

@@ -1,2 +1,4 @@
 export * from './components';
+export * from './middleware';
+export * from './types';
 //# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,cAAc,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,cAAc,CAAA;AAC5B,cAAc,cAAc,CAAA;AAC5B,cAAc,SAAS,CAAA"}

package/dist/index.js

@@ -2,9 +2,10 @@ import { jsxs, jsx, Fragment } from "react/jsx-runtime";
 import { useLocation, Link } from "@rpcbase/router";
 import clsx from "clsx";
 import { useFormContext, useForm, zodResolver, FormProvider } from "@rpcbase/form";
-import { useEffect } from "react";
-import { r as requestSchema } from "./index-BphnyggH.js";
-import { r as requestSchema$1 } from "./index-BYEYCL3Q.js";
+import { useEffect, useState } from "react";
+import { r as requestSchema } from "./index-r56vqjph.js";
+import { r as requestSchema$1 } from "./index-Cq04nmsE.js";
+import { b, a, r } from "./middleware-BiMXO6Dq.js";
 const LINKS_REDIRECTION_MAP = {
   "/auth/sign-in": {
     "title": "Sign Up",
@@ -113,12 +114,29 @@ const SignInForm = ({
   const methods = useForm({
     defaultValues: {
       email_or_phone: "",
+      password: "",
       remember_me: true
     },
     resolver: zodResolver(requestSchema)
   });
   const onSubmit = async (data) => {
     console.log("SUBMIT SIGNIN", data);
+    try {
+      const res = await fetch("/api/rb/auth/sign-in", {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json"
+        },
+        body: JSON.stringify(data)
+      });
+      const json = await res.json();
+      console.log("SIGN IN RESPONSE", json);
+      if (!res.ok) {
+        console.error("Sign-in failed", json);
+      }
+    } catch (err) {
+      console.error("Sign-in request error", err);
+    }
   };
   useEffect(() => {
     console.log(methods.formState.errors);
@@ -129,21 +147,55 @@ const SignUpForm = ({
   children,
   className
 }) => {
+  const [serverMessage, setServerMessage] = useState(null);
   const methods = useForm({
     defaultValues: {
       email_or_phone: "",
       password: "",
-      password_confirmation: ""
+      password_confirmation: "",
+      remember_me: true
     },
     resolver: zodResolver(requestSchema$1)
   });
   const onSubmit = async (data) => {
+    setServerMessage(null);
+    methods.clearErrors("root");
     console.log("SUBMIT SIGNUp", data);
+    try {
+      const res = await fetch("/api/rb/auth/sign-up", {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json"
+        },
+        body: JSON.stringify(data)
+      });
+      const json = await res.json();
+      console.log("SIGN UP RESPONSE", json);
+      if (!res.ok) {
+        console.error("Sign-up failed", json);
+        const message = json.error === "user_exists" ? "An account already exists with this email or phone." : "Sign-up failed. Please try again.";
+        methods.setError("root", { type: "server", message });
+        return;
+      }
+      if (!json.success) {
+        methods.setError("root", { type: "server", message: "Sign-up failed. Please try again." });
+        return;
+      }
+      setServerMessage("Account created. Check your inbox to verify your email.");
+      methods.reset();
+    } catch (err) {
+      console.error("Sign-up request error", err);
+      methods.setError("root", { type: "server", message: "Network error. Please try again." });
+    }
   };
   useEffect(() => {
     console.log(methods.formState.errors);
   }, [methods.formState.errors]);
-  return /* @__PURE__ */ jsx(FormProvider, { ...methods, children: /* @__PURE__ */ jsx("form", { method: "post", noValidate: true, className, onSubmit: methods.handleSubmit(onSubmit), children }) });
+  return /* @__PURE__ */ jsx(FormProvider, { ...methods, children: /* @__PURE__ */ jsxs("form", { method: "post", noValidate: true, className, onSubmit: methods.handleSubmit(onSubmit), children: [
+    children,
+    methods.formState.errors.root?.message && /* @__PURE__ */ jsx("p", { className: "mt-2 text-sm text-red-600", role: "alert", children: methods.formState.errors.root.message }),
+    serverMessage && /* @__PURE__ */ jsx("p", { className: "mt-2 text-sm text-green-700", role: "status", children: serverMessage })
+  ] }) });
 };
 const RememberMeCheckbox = ({
   label,
@@ -168,11 +220,40 @@ const RememberMeCheckbox = ({
     )
   ] });
 };
+const PasswordInput = ({
+  id,
+  name = "password",
+  className,
+  placeholder,
+  autoComplete = "current-password"
+}) => {
+  const { register, formState } = useFormContext();
+  const fieldError = formState.errors[name];
+  const errorMessage = typeof fieldError === "string" ? fieldError : typeof fieldError?.message === "string" ? fieldError.message : void 0;
+  return /* @__PURE__ */ jsxs(Fragment, { children: [
+    /* @__PURE__ */ jsx(
+      "input",
+      {
+        id,
+        type: "password",
+        autoComplete,
+        className,
+        placeholder,
+        ...register(name)
+      }
+    ),
+    errorMessage ? /* @__PURE__ */ jsx("p", { className: "mt-1 -mb-2 text-sm/6 text-red-500", children: errorMessage }) : null
+  ] });
+};
 export {
   AppleSignInButton,
   AuthLayout,
   EmailOrPhoneInput,
+  PasswordInput,
   RememberMeCheckbox,
   SignInForm,
-  SignUpForm
+  SignUpForm,
+  b as redirectAuthMiddleware,
+  a as requireSession,
+  r as restrictSessionMiddleware
 };

package/dist/middleware-BiMXO6Dq.js

@@ -0,0 +1,21 @@
+const isAuthenticated = (req) => {
+  return Boolean(req.session?.user?.id);
+};
+const restrictSessionMiddleware = (req, res, next) => {
+  if (isAuthenticated(req)) {
+    return next();
+  }
+  res.status(401).json({ error: "unauthorized" });
+};
+const requireSession = restrictSessionMiddleware;
+const redirectAuthMiddleware = (req, res, next) => {
+  if (req.path.startsWith("/app") && !isAuthenticated(req)) {
+    return res.redirect("/auth/sign-in");
+  }
+  next();
+};
+export {
+  requireSession as a,
+  redirectAuthMiddleware as b,
+  restrictSessionMiddleware as r
+};

package/dist/middleware.d.ts

@@ -0,0 +1,6 @@
+import { Middleware } from '../../api/src';
+import { AuthSessionUser } from './types';
+export declare const restrictSessionMiddleware: Middleware<AuthSessionUser>;
+export declare const requireSession: Middleware<AuthSessionUser>;
+export declare const redirectAuthMiddleware: Middleware<AuthSessionUser>;
+//# sourceMappingURL=middleware.d.ts.map

package/dist/middleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../src/middleware.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,cAAc,CAAA;AAE9C,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAO9C,eAAO,MAAM,yBAAyB,EAAE,UAAU,CAAC,eAAe,CAMjE,CAAA;AAED,eAAO,MAAM,cAAc,6BAA4B,CAAA;AAEvD,eAAO,MAAM,sBAAsB,EAAE,UAAU,CAAC,eAAe,CAM9D,CAAA"}

package/dist/routes.js

@@ -1,5 +1,5 @@
 const routes = Object.entries({
-  .../* @__PURE__ */ Object.assign({ "./api/sign-in/handler.ts": () => import("./handler-CSmOkoqC.js"), "./api/sign-out/handler.ts": () => import("./handler-rzI-pkuD.js"), "./api/sign-up/handler.ts": () => import("./handler-Bl5DlLdb.js") })
+  .../* @__PURE__ */ Object.assign({ "./api/me/handler.ts": () => import("./handler-Ba3pgtfZ.js"), "./api/sign-in/handler.ts": () => import("./handler-BSoyBLZM.js"), "./api/sign-out/handler.ts": () => import("./handler-CNHucHrj.js"), "./api/sign-up/handler.ts": () => import("./handler-rZR_dx7n.js") })
 }).reduce((acc, [path, mod]) => {
   acc[path.replace("./api/", "@rpcbase/auth/api/")] = mod;
   return acc;

package/dist/{schemas-DKK0lkQz.js → schemas-KL7REOdt.js}

@@ -1,29 +1,38 @@
 function $constructor(name, initializer2, params) {
   function init(inst, def) {
-    var _a;
-    Object.defineProperty(inst, "_zod", {
-      value: inst._zod ?? {},
-      enumerable: false
-    });
-    (_a = inst._zod).traits ?? (_a.traits = /* @__PURE__ */ new Set());
+    if (!inst._zod) {
+      Object.defineProperty(inst, "_zod", {
+        value: {
+          def,
+          constr: _,
+          traits: /* @__PURE__ */ new Set()
+        },
+        enumerable: false
+      });
+    }
+    if (inst._zod.traits.has(name)) {
+      return;
+    }
     inst._zod.traits.add(name);
     initializer2(inst, def);
-    for (const k in _.prototype) {
-      if (!(k in inst))
-        Object.defineProperty(inst, k, { value: _.prototype[k].bind(inst) });
+    const proto = _.prototype;
+    const keys = Object.keys(proto);
+    for (let i = 0; i < keys.length; i++) {
+      const k = keys[i];
+      if (!(k in inst)) {
+        inst[k] = proto[k].bind(inst);
+      }
     }
-    inst._zod.constr = _;
-    inst._zod.def = def;
   }
   const Parent = params?.Parent ?? Object;
   class Definition extends Parent {
   }
   Object.defineProperty(Definition, "name", { value: name });
   function _(def) {
-    var _a;
+    var _a2;
     const inst = params?.Parent ? new Definition() : this;
     init(inst, def);
-    (_a = inst._zod).deferred ?? (_a.deferred = []);
+    (_a2 = inst._zod).deferred ?? (_a2.deferred = []);
     for (const fn of inst._zod.deferred) {
       fn();
     }
@@ -126,6 +135,9 @@ function mergeDefs(...defs) {
 function esc(str) {
   return JSON.stringify(str);
 }
+function slugify(input) {
+  return input.toLowerCase().trim().replace(/[^\w\s-]/g, "").replace(/[\s_-]+/g, "-").replace(/^-+|-+$/g, "");
+}
 const captureStackTrace = "captureStackTrace" in Error ? Error.captureStackTrace : (..._args) => {
 };
 function isObject(data) {
@@ -149,6 +161,8 @@ function isPlainObject(o) {
   const ctor = o.constructor;
   if (ctor === void 0)
     return true;
+  if (typeof ctor !== "function")
+    return true;
   const prot = ctor.prototype;
   if (isObject(prot) === false)
     return false;
@@ -360,8 +374,8 @@ function aborted(x, startIndex = 0) {
 }
 function prefixIssues(path, issues) {
   return issues.map((iss) => {
-    var _a;
-    (_a = iss).path ?? (_a.path = []);
+    var _a2;
+    (_a2 = iss).path ?? (_a2.path = []);
     iss.path.unshift(path);
     return iss;
   });
@@ -565,7 +579,6 @@ const cidrv4 = /^((25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])\.){3}(25[0-
 const cidrv6 = /^(([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}|::|([0-9a-fA-F]{1,4})?::([0-9a-fA-F]{1,4}:?){0,6})\/(12[0-8]|1[01][0-9]|[1-9]?[0-9])$/;
 const base64 = /^$|^(?:[0-9a-zA-Z+/]{4})*(?:(?:[0-9a-zA-Z+/]{2}==)|(?:[0-9a-zA-Z+/]{3}=))?$/;
 const base64url = /^[A-Za-z0-9_-]*$/;
-const hostname = /^(?=.{1,253}\.?$)[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[-0-9a-zA-Z]{0,61}[0-9a-zA-Z])?)*\.?$/;
 const e164 = /^\+(?:[0-9]){6,14}[0-9]$/;
 const dateSource = `(?:(?:\\d\\d[2468][048]|\\d\\d[13579][26]|\\d\\d0[48]|[02468][048]00|[13579][26]00)-02-29|\\d{4}-(?:(?:0[13578]|1[02])-(?:0[1-9]|[12]\\d|3[01])|(?:0[469]|11)-(?:0[1-9]|[12]\\d|30)|(?:02)-(?:0[1-9]|1\\d|2[0-8])))`;
 const date$1 = /* @__PURE__ */ new RegExp(`^${dateSource}$`);
@@ -595,15 +608,15 @@ const boolean$1 = /^(?:true|false)$/i;
 const lowercase = /^[^A-Z]*$/;
 const uppercase = /^[^a-z]*$/;
 const $ZodCheck = /* @__PURE__ */ $constructor("$ZodCheck", (inst, def) => {
-  var _a;
+  var _a2;
   inst._zod ?? (inst._zod = {});
   inst._zod.def = def;
-  (_a = inst._zod).onattach ?? (_a.onattach = []);
+  (_a2 = inst._zod).onattach ?? (_a2.onattach = []);
 });
 const $ZodCheckMaxLength = /* @__PURE__ */ $constructor("$ZodCheckMaxLength", (inst, def) => {
-  var _a;
+  var _a2;
   $ZodCheck.init(inst, def);
-  (_a = inst._zod.def).when ?? (_a.when = (payload) => {
+  (_a2 = inst._zod.def).when ?? (_a2.when = (payload) => {
     const val = payload.value;
     return !nullish(val) && val.length !== void 0;
   });
@@ -630,9 +643,9 @@ const $ZodCheckMaxLength = /* @__PURE__ */ $constructor("$ZodCheckMaxLength", (i
   };
 });
 const $ZodCheckMinLength = /* @__PURE__ */ $constructor("$ZodCheckMinLength", (inst, def) => {
-  var _a;
+  var _a2;
   $ZodCheck.init(inst, def);
-  (_a = inst._zod.def).when ?? (_a.when = (payload) => {
+  (_a2 = inst._zod.def).when ?? (_a2.when = (payload) => {
     const val = payload.value;
     return !nullish(val) && val.length !== void 0;
   });
@@ -659,9 +672,9 @@ const $ZodCheckMinLength = /* @__PURE__ */ $constructor("$ZodCheckMinLength", (i
   };
 });
 const $ZodCheckLengthEquals = /* @__PURE__ */ $constructor("$ZodCheckLengthEquals", (inst, def) => {
-  var _a;
+  var _a2;
   $ZodCheck.init(inst, def);
-  (_a = inst._zod.def).when ?? (_a.when = (payload) => {
+  (_a2 = inst._zod.def).when ?? (_a2.when = (payload) => {
     const val = payload.value;
     return !nullish(val) && val.length !== void 0;
   });
@@ -690,7 +703,7 @@ const $ZodCheckLengthEquals = /* @__PURE__ */ $constructor("$ZodCheckLengthEqual
   };
 });
 const $ZodCheckStringFormat = /* @__PURE__ */ $constructor("$ZodCheckStringFormat", (inst, def) => {
-  var _a, _b;
+  var _a2, _b;
   $ZodCheck.init(inst, def);
   inst._zod.onattach.push((inst2) => {
     const bag = inst2._zod.bag;
@@ -701,7 +714,7 @@ const $ZodCheckStringFormat = /* @__PURE__ */ $constructor("$ZodCheckStringForma
     }
   });
   if (def.pattern)
-    (_a = inst._zod).check ?? (_a.check = (payload) => {
+    (_a2 = inst._zod).check ?? (_a2.check = (payload) => {
       def.pattern.lastIndex = 0;
       if (def.pattern.test(payload.value))
         return;
@@ -857,10 +870,10 @@ class Doc {
 const version = {
   major: 4,
   minor: 1,
-  patch: 12
+  patch: 13
 };
 const $ZodType = /* @__PURE__ */ $constructor("$ZodType", (inst, def) => {
-  var _a;
+  var _a2;
   inst ?? (inst = {});
   inst._zod.def = def;
   inst._zod.bag = inst._zod.bag || {};
@@ -875,7 +888,7 @@ const $ZodType = /* @__PURE__ */ $constructor("$ZodType", (inst, def) => {
     }
   }
   if (checks.length === 0) {
-    (_a = inst._zod).deferred ?? (_a.deferred = []);
+    (_a2 = inst._zod).deferred ?? (_a2.deferred = []);
     inst._zod.deferred?.push(() => {
       inst._zod.run = inst._zod.parse;
     });
@@ -1033,7 +1046,7 @@ const $ZodURL = /* @__PURE__ */ $constructor("$ZodURL", (inst, def) => {
             code: "invalid_format",
             format: "url",
             note: "Invalid hostname",
-            pattern: hostname.source,
+            pattern: def.hostname.source,
             input: payload.value,
             inst,
             continue: !def.abort
@@ -1118,18 +1131,12 @@ const $ZodISODuration = /* @__PURE__ */ $constructor("$ZodISODuration", (inst, d
 const $ZodIPv4 = /* @__PURE__ */ $constructor("$ZodIPv4", (inst, def) => {
   def.pattern ?? (def.pattern = ipv4);
   $ZodStringFormat.init(inst, def);
-  inst._zod.onattach.push((inst2) => {
-    const bag = inst2._zod.bag;
-    bag.format = `ipv4`;
-  });
+  inst._zod.bag.format = `ipv4`;
 });
 const $ZodIPv6 = /* @__PURE__ */ $constructor("$ZodIPv6", (inst, def) => {
   def.pattern ?? (def.pattern = ipv6);
   $ZodStringFormat.init(inst, def);
-  inst._zod.onattach.push((inst2) => {
-    const bag = inst2._zod.bag;
-    bag.format = `ipv6`;
-  });
+  inst._zod.bag.format = `ipv6`;
   inst._zod.check = (payload) => {
     try {
       new URL(`http://[${payload.value}]`);
@@ -1191,9 +1198,7 @@ function isValidBase64(data) {
 const $ZodBase64 = /* @__PURE__ */ $constructor("$ZodBase64", (inst, def) => {
   def.pattern ?? (def.pattern = base64);
   $ZodStringFormat.init(inst, def);
-  inst._zod.onattach.push((inst2) => {
-    inst2._zod.bag.contentEncoding = "base64";
-  });
+  inst._zod.bag.contentEncoding = "base64";
   inst._zod.check = (payload) => {
     if (isValidBase64(payload.value))
       return;
@@ -1216,9 +1221,7 @@ function isValidBase64URL(data) {
 const $ZodBase64URL = /* @__PURE__ */ $constructor("$ZodBase64URL", (inst, def) => {
   def.pattern ?? (def.pattern = base64url);
   $ZodStringFormat.init(inst, def);
-  inst._zod.onattach.push((inst2) => {
-    inst2._zod.bag.contentEncoding = "base64url";
-  });
+  inst._zod.bag.contentEncoding = "base64url";
   inst._zod.check = (payload) => {
     if (isValidBase64URL(payload.value))
       return;
@@ -1378,7 +1381,7 @@ function handleCatchall(proms, input, payload, ctx, def, inst) {
   const keySet = def.keySet;
   const _catchall = def.catchall._zod;
   const t = _catchall.def.type;
-  for (const key of Object.keys(input)) {
+  for (const key in input) {
     if (keySet.has(key))
       continue;
     if (t === "never") {
@@ -1909,8 +1912,8 @@ const $ZodReadonly = /* @__PURE__ */ $constructor("$ZodReadonly", (inst, def) =>
   $ZodType.init(inst, def);
   defineLazy(inst._zod, "propValues", () => def.innerType._zod.propValues);
   defineLazy(inst._zod, "values", () => def.innerType._zod.values);
-  defineLazy(inst._zod, "optin", () => def.innerType._zod.optin);
-  defineLazy(inst._zod, "optout", () => def.innerType._zod.optout);
+  defineLazy(inst._zod, "optin", () => def.innerType?._zod?.optin);
+  defineLazy(inst._zod, "optout", () => def.innerType?._zod?.optout);
   inst._zod.parse = (payload, ctx) => {
     if (ctx.direction === "backward") {
       return def.innerType._zod.run(payload, ctx);
@@ -1959,6 +1962,7 @@ function handleRefineResult(result, payload, input, inst) {
     payload.issues.push(issue(_iss));
   }
 }
+var _a;
 class $ZodRegistry {
   constructor() {
     this._map = /* @__PURE__ */ new WeakMap();
@@ -2005,7 +2009,8 @@ class $ZodRegistry {
 function registry() {
   return new $ZodRegistry();
 }
-const globalRegistry = /* @__PURE__ */ registry();
+(_a = globalThis).__zod_globalRegistry ?? (_a.__zod_globalRegistry = registry());
+const globalRegistry = globalThis.__zod_globalRegistry;
 function _string(Class, params) {
   return new Class({
     type: "string",
@@ -2352,6 +2357,9 @@ function _toLowerCase() {
 function _toUpperCase() {
   return _overwrite((input) => input.toUpperCase());
 }
+function _slugify() {
+  return _overwrite((input) => slugify(input));
+}
 function _array(Class, element, params) {
   return new Class({
     type: "array",
@@ -2568,6 +2576,7 @@ const _ZodString = /* @__PURE__ */ $constructor("_ZodString", (inst, def) => {
   inst.normalize = (...args) => inst.check(_normalize(...args));
   inst.toLowerCase = () => inst.check(_toLowerCase());
   inst.toUpperCase = () => inst.check(_toUpperCase());
+  inst.slugify = () => inst.check(_slugify());
 });
 const ZodString = /* @__PURE__ */ $constructor("ZodString", (inst, def) => {
   $ZodString.init(inst, def);
@@ -2966,6 +2975,7 @@ function superRefine(fn) {
   return _superRefine(fn);
 }
 export {
+  array as a,
   boolean as b,
   object as o,
   string as s

package/dist/types.d.ts

@@ -0,0 +1,7 @@
+export type AuthSessionUser = {
+    id: string;
+    current_tenant_id: string;
+    signed_in_tenants: string[];
+    is_entry_gate_authorized: boolean;
+};
+//# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,eAAe,GAAG;IAC5B,EAAE,EAAE,MAAM,CAAA;IACV,iBAAiB,EAAE,MAAM,CAAA;IACzB,iBAAiB,EAAE,MAAM,EAAE,CAAA;IAC3B,wBAAwB,EAAE,OAAO,CAAA;CAClC,CAAA"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@rpcbase/auth",
-  "version": "0.43.0",
+  "version": "0.45.0",
   "type": "module",
   "files": [
     "dist"

package/dist/handler-Bl5DlLdb.js

@@ -1,32 +0,0 @@
-import crypto from "crypto";
-import { i as isEmail } from "./isEmail-IG0hXiQk.js";
-import { loadModel } from "@rpcbase/api";
-import { hashPassword } from "@rpcbase/server";
-import { R as Route, r as requestSchema } from "./index-BYEYCL3Q.js";
-const signUp = async (payload, ctx) => {
-  const User = await loadModel("User", ctx);
-  const { email_or_phone, password } = requestSchema.parse(payload);
-  const is_email = isEmail(email_or_phone);
-  const query = is_email ? { email: email_or_phone } : { phone: email_or_phone };
-  const existingUser = await User.findOne(query);
-  if (existingUser) {
-    console.log("user with email or phone already exists", email_or_phone);
-    return { success: false };
-  }
-  const salt = crypto.randomBytes(16).toString("hex");
-  const derivedKey = await hashPassword(password, salt);
-  const hashedPassword = `${salt}:${derivedKey.toString("hex")}`;
-  const user = new User({
-    ...query,
-    password: hashedPassword
-  });
-  await user.save();
-  console.log("created new user", user._id.toString());
-  return { success: true };
-};
-const handler = (api) => {
-  api.post(Route, signUp);
-};
-export {
-  handler as default
-};

package/dist/handler-CSmOkoqC.js

@@ -1,17 +0,0 @@
-import { i as isEmail } from "./isEmail-IG0hXiQk.js";
-import { R as Route, r as requestSchema } from "./index-BphnyggH.js";
-const signIn = async (payload, ctx) => {
-  const { email_or_phone } = requestSchema.parse(payload);
-  if (isEmail(email_or_phone)) {
-    console.log("is valid email");
-  } else {
-    console.log("is not valid email");
-  }
-  return { success: true };
-};
-const handler = (api) => {
-  api.post(Route, signIn);
-};
-export {
-  handler as default
-};