@shophost/rest-api 2.0.34 → 2.0.36

package/LICENSE

@@ -1,17 +1,21 @@
-Copyright (c) 2024 Shophost. All rights reserved.
+MIT License
 
-PROPRIETARY SOFTWARE LICENSE
+Copyright (c) 2026 Abhishek Shaji
 
-This software and associated documentation files (the "Software") are the proprietary and confidential information of Shophost ("Company"). The Software is licensed, not sold.
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
 
-RESTRICTIONS:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
 
-- You may NOT use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software without explicit written permission from Shophost.
-- You may NOT reverse engineer, decompile, or disassemble the Software.
-- This Software is provided for evaluation purposes only.
-
-UNAUTHORIZED USE IS STRICTLY PROHIBITED.
-
-For licensing inquiries, please contact: [kontakt@abhishek.pl]
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -1,114 +1,124 @@
 # @shophost/rest-api
 
-A comprehensive REST API package for Shophost with TypeScript support.
+`@shophost/rest-api` is the backend package for ShopHost. It provides:
+
+- the core API app builder
+- a Next.js route handler integration
+- exported Zod/OpenAPI schemas
+- a packaged Prisma schema and CLI for database sync
 
 ## Installation
 
 ```bash
-npm install @shophost/rest-api
-# or
-pnpm add @shophost/rest-api
-# or
-yarn add @shophost/rest-api
+pnpm add @shophost/rest-api prisma @prisma/client @prisma/client-runtime-utils
 ```
 
-**⚠️ IMPORTANT LEGAL NOTICE:** This package is publicly available for download but is **proprietary software**. Installation and use requires explicit permission from Shophost. See the [License](#license) section below for details.
-
-## Exports
+Peer dependencies:
 
-This package provides 4 main entry points:
+- `next >= 14`
+- `react >= 18`
+- `react-dom >= 18`
 
-### 1. Main API (`@shophost/rest-api`)
+## Entry Points
 
-```typescript
-import "@shophost/rest-api";
-```
+- `@shophost/rest-api`
+  Exposes `buildApiApp`, `generateOpenApiSpec`, and schema exports.
+- `@shophost/rest-api/next`
+  Exposes `createNextHandler` for Next.js App Router route handlers.
+- `@shophost/rest-api/db`
+  Exposes packaged Prisma client helpers.
+- `@shophost/rest-api/schemas`
+  Exposes reusable request/response schemas.
 
-### 2. Generated client (`@shophost/client`)
-
-```typescript
-import { initClient } from "@shophost/client";
-```
+## Next.js Usage
 
-### 3. Next.js integration (`@shophost/rest-api/next`)
+Create an App Router API route:
 
-```typescript
+```ts
 import { createNextHandler } from "@shophost/rest-api/next";
-```
-
-### 4. Schemas (`@shophost/rest-api/schemas`)
 
-```typescript
-import { ManufacturerSchema } from "@shophost/rest-api/schemas";
+const handler = createNextHandler({
+  database: {
+    connectionString: process.env.DATABASE_URL!,
+    log: ["info", "warn", "error"],
+  },
+  maps: {
+    google: {
+      key: process.env.GOOGLE_PLACES_API_KEY!,
+    },
+  },
+  auth: {
+    baseURL: process.env.NEXT_PUBLIC_API_BASE_URL!,
+    domain: new URL(process.env.NEXT_PUBLIC_API_BASE_URL!).hostname.split(".").slice(-2).join("."),
+    trustedOrigins: [process.env.NEXT_PUBLIC_APP_DOMAIN!],
+    socialProviders: {
+      google: {
+        clientId: process.env.AUTH_GOOGLE_ID!,
+        clientSecret: process.env.AUTH_GOOGLE_SECRET!,
+      },
+    },
+  },
+  payment: {
+    stripe: {
+      secretKey: process.env.STRIPE_SECRET_KEY!,
+      webhookSecret: process.env.STRIPE_WEBHOOK_SECRET!,
+      resendApiKey: process.env.RESEND_API_KEY!,
+      paymentMethods: ["card", "blik"],
+    },
+  },
+});
+
+export { handler as GET, handler as POST, handler as PUT, handler as PATCH, handler as DELETE, handler as OPTIONS };
 ```
 
 ## Database Schema Sync
 
-The published package includes a CLI so a fresh project can push the packaged Prisma schema to its own database without copying `schema.prisma` into the app.
+The published package ships the Prisma schema and a CLI so a consuming app can
+push the schema without copying Prisma files into the host project.
 
-1. Add your database URL to one of these places in the consuming app:
-   - `.env.local`
-   - `.env`
-   - the shell environment
-2. Use one of these variables:
-   - `DATABASE_URL`
-   - `DATABASE_URL`
-3. Run:
+1. Set `DATABASE_URL` in `.env.local`, `.env`, or your shell.
+2. Run:
 
 ```bash
 pnpm exec shophost-rest-api db push
-# or
-npx shophost-rest-api db push
 ```
 
-Example:
-
-```env
-# .env.local
-DATABASE_URL=postgresql://user:password@host:5432/dbname?sslmode=require
-```
-
-You can pass regular Prisma `db push` flags through as well:
+You can also pass standard Prisma flags through:
 
 ```bash
 pnpm exec shophost-rest-api db push --accept-data-loss
 pnpm exec shophost-rest-api db push --url "postgresql://user:password@host:5432/dbname?sslmode=require"
 ```
 
-Notes:
-
-- `.env.local` overrides `.env`
-- `DATABASE_URL` takes precedence over `DATABASE_URL`
-- the CLI uses the `schema.prisma` and `prisma.config.ts` shipped inside `@shophost/rest-api`
+## Schemas and Utilities
 
-## Development
+Import shared schemas:
 
-To build this package:
-
-```bash
-nx build rest-api
+```ts
+import { CreateProductSchema, ProductSchema } from "@shophost/rest-api/schemas";
 ```
 
-To regenerate the OpenAPI document and frontend client:
+Import Prisma helpers owned by this package:
 
-```bash
-pnpm run client:generate
+```ts
+import { createPrismaClient, PrismaClient } from "@shophost/rest-api/db";
 ```
 
-To publish (dry-run):
+Generate the OpenAPI document:
 
-```bash
-nx npm:publish:dry-run rest-api
+```ts
+import { generateOpenApiSpec } from "@shophost/rest-api";
+
+const spec = generateOpenApiSpec();
 ```
 
-To publish:
+## Local Development
 
 ```bash
-nx npm:publish rest-api
+pnpm exec nx run rest-api:prisma:generate
+pnpm exec nx run rest-api:test
 ```
 
 ## License
 
-Proprietary - All Rights Reserved
-
-This software is proprietary and confidential. Unauthorized copying, distribution, or use is strictly prohibited. For licensing inquiries, please contact Shophost.
+MIT

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@shophost/rest-api",
-  "version": "2.0.34",
+  "version": "2.0.36",
   "type": "module",
   "bin": {
     "shophost-rest-api": "./scripts/shophost-rest-api.mjs"
@@ -56,7 +56,7 @@
     "typescript"
   ],
   "author": "Abhishek Shaji (kontakt@abhishek.pl)",
-  "license": "UNLICENSED",
+  "license": "MIT",
   "repository": {
     "type": "git",
     "url": "https://github.com/abhishek-shaji/shophost",

package/scripts/minify-dist.mjs

@@ -0,0 +1,45 @@
+import { transform } from "esbuild";
+import { readdirSync, readFileSync, writeFileSync } from "node:fs";
+import path from "node:path";
+
+const distRoot = path.resolve("dist/packages/rest-api/src");
+let count = 0;
+let savedBytes = 0;
+
+async function walk(dir) {
+  for (const entry of readdirSync(dir, { withFileTypes: true })) {
+    const full = path.join(dir, entry.name);
+    if (entry.isDirectory()) {
+      await walk(full);
+      continue;
+    }
+    if (!entry.name.endsWith(".js")) continue;
+
+    const source = readFileSync(full, "utf8");
+
+    // Preserve "use client" / "use server" directives
+    const directiveMatch = source.match(
+      /^(?:["']use (?:client|server)["'];?\s*\n?)+/
+    );
+    const directive = directiveMatch ? directiveMatch[0].trim() + "\n" : "";
+    const code = directive
+      ? source.slice(directiveMatch[0].length)
+      : source;
+
+    const result = await transform(code, {
+      minify: true,
+      loader: "js",
+      target: "es2020",
+    });
+
+    const output = directive + result.code;
+    savedBytes += source.length - output.length;
+    writeFileSync(full, output);
+    count++;
+  }
+}
+
+await walk(distRoot);
+console.log(
+  `✓ Minified ${count} files (saved ${(savedBytes / 1024).toFixed(0)} KB)`
+);

package/src/app.js

@@ -1,53 +1 @@
-import { __awaiter } from "tslib";
-import { cors } from "hono/cors";
-import { createApiRouter, createUnavailableAuth, handleAppError, } from "./core/hono/hono";
-import { buildAccessHandler, buildCartHandler, buildFileHandler, buildHealthHandler, buildLocationHandler, buildManufacturerHandler, buildOrderHandler, buildOrganizationHandler, buildPaymentHandler, buildProductCategoryHandler, buildProductHandler, buildReservationHandler, buildShippingHandler, buildShippingMethodHandler, buildWebhookHandler, } from "./features";
-const defaultCorsOptions = {
-    allowHeaders: [
-        "Content-Type",
-        "Authorization",
-        "X-Requested-With",
-        "Accept",
-        "Origin",
-        "X-CSRF-Token",
-    ],
-    allowMethods: ["GET", "POST", "PUT", "DELETE", "OPTIONS", "PATCH"],
-    credentials: true,
-    exposeHeaders: ["Content-Length", "X-Kuma-Revision"],
-    origin: ["http://localhost:3000"],
-};
-export const buildApiApp = ({ corsOptions, maps, payment, prisma, resolveAuth = () => createUnavailableAuth(), } = {}) => {
-    var _a, _b, _c, _d, _e;
-    const app = createApiRouter();
-    // cors
-    app.use("*", cors(Object.assign(Object.assign({}, defaultCorsOptions), corsOptions)));
-    // auth
-    app.use("*", (c, next) => __awaiter(void 0, void 0, void 0, function* () {
-        const auth = resolveAuth(c.req.raw, c.req.path);
-        c.set("auth", auth);
-        Object.assign(c.req.raw, { auth });
-        yield next();
-    }));
-    // error handler
-    app.onError((error) => handleAppError(error));
-    // routes
-    app.route("/", buildHealthHandler());
-    app.route("/", buildManufacturerHandler(prisma));
-    app.route("/", buildOrganizationHandler(prisma, (_b = (_a = maps === null || maps === void 0 ? void 0 : maps.google) === null || _a === void 0 ? void 0 : _a.key) !== null && _b !== void 0 ? _b : ""));
-    app.route("/", buildFileHandler(prisma));
-    app.route("/", buildProductCategoryHandler(prisma));
-    app.route("/", buildProductHandler(prisma));
-    app.route("/", buildAccessHandler(prisma));
-    app.route("/", buildShippingMethodHandler(prisma));
-    app.route("/", buildOrderHandler(prisma, payment !== null && payment !== void 0 ? payment : {}));
-    app.route("/", buildCartHandler(prisma));
-    app.route("/", buildShippingHandler(prisma, (_d = (_c = maps === null || maps === void 0 ? void 0 : maps.google) === null || _c === void 0 ? void 0 : _c.key) !== null && _d !== void 0 ? _d : ""));
-    app.route("/", buildLocationHandler(maps !== null && maps !== void 0 ? maps : {}));
-    app.route("/", buildPaymentHandler(prisma, payment !== null && payment !== void 0 ? payment : {}));
-    app.route("/", buildWebhookHandler(prisma, payment !== null && payment !== void 0 ? payment : {}));
-    if ((_e = payment === null || payment === void 0 ? void 0 : payment.stripe) === null || _e === void 0 ? void 0 : _e.resendApiKey) {
-        app.route("/", buildReservationHandler(prisma, payment.stripe.resendApiKey));
-    }
-    return app;
-};
-//# sourceMappingURL=app.js.map
+import{__awaiter as h}from"tslib";import{cors as g}from"hono/cors";import{createApiRouter as A,createUnavailableAuth as s,handleAppError as O}from"./core/hono/hono";import{buildAccessHandler as f,buildAnalyticsHandler as T,buildCartHandler as C,buildFileHandler as P,buildHealthHandler as _,buildLocationHandler as E,buildManufacturerHandler as w,buildOrderHandler as R,buildOrganizationHandler as S,buildPaymentHandler as k,buildProductCategoryHandler as q,buildProductHandler as j,buildReservationHandler as K,buildShippingHandler as L,buildShippingMethodHandler as M,buildWebhookHandler as X}from"./features";const x={allowHeaders:["Content-Type","Authorization","X-Requested-With","Accept","Origin","X-CSRF-Token"],allowMethods:["GET","POST","PUT","DELETE","OPTIONS","PATCH"],credentials:!0,exposeHeaders:["Content-Length","X-Kuma-Revision"],origin:["http://localhost:3000"]};export const buildApiApp=({corsOptions:a,maps:d,payment:l,prisma:o,resolveAuth:c=()=>s()}={})=>{var i,u,t,n,v;const e=A();return e.use("*",g(Object.assign(Object.assign({},x),a))),e.use("*",(r,H)=>h(void 0,void 0,void 0,function*(){const b=c(r.req.raw,r.req.path);r.set("auth",b),Object.assign(r.req.raw,{auth:b}),yield H()})),e.onError(r=>O(r)),e.route("/",_()),e.route("/",T(o)),e.route("/",w(o)),e.route("/",S(o,(u=(i=d?.google)===null||i===void 0?void 0:i.key)!==null&&u!==void 0?u:"")),e.route("/",P(o)),e.route("/",q(o)),e.route("/",j(o)),e.route("/",f(o)),e.route("/",M(o)),e.route("/",R(o,l??{})),e.route("/",C(o)),e.route("/",L(o,(n=(t=d?.google)===null||t===void 0?void 0:t.key)!==null&&n!==void 0?n:"")),e.route("/",E(d??{})),e.route("/",k(o,l??{})),e.route("/",X(o,l??{})),!((v=l?.stripe)===null||v===void 0)&&v.resendApiKey&&e.route("/",K(o,l.stripe.resendApiKey)),e};

package/src/app.js.map

@@ -1 +1 @@
-{"version":3,"file":"app.js","sourceRoot":"","sources":["../../../../packages/rest-api/src/app.ts"],"names":[],"mappings":";AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAEjC,OAAO,EAEL,eAAe,EACf,qBAAqB,EACrB,cAAc,GACf,MAAM,kBAAkB,CAAC;AAE1B,OAAO,EACL,kBAAkB,EAClB,gBAAgB,EAChB,gBAAgB,EAChB,kBAAkB,EAClB,oBAAoB,EACpB,wBAAwB,EACxB,iBAAiB,EACjB,wBAAwB,EACxB,mBAAmB,EACnB,2BAA2B,EAC3B,mBAAmB,EACnB,uBAAuB,EACvB,oBAAoB,EACpB,0BAA0B,EAC1B,mBAAmB,GACpB,MAAM,YAAY,CAAC;AAGpB,MAAM,kBAAkB,GAAG;IACzB,YAAY,EAAE;QACZ,cAAc;QACd,eAAe;QACf,kBAAkB;QAClB,QAAQ;QACR,QAAQ;QACR,cAAc;KACf;IACD,YAAY,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC;IAClE,WAAW,EAAE,IAAI;IACjB,aAAa,EAAE,CAAC,gBAAgB,EAAE,iBAAiB,CAAC;IACpD,MAAM,EAAE,CAAC,uBAAuB,CAAC;CAClC,CAAC;AAcF,MAAM,CAAC,MAAM,WAAW,GAAG,CAAC,EAC1B,WAAW,EACX,IAAI,EACJ,OAAO,EACP,MAAM,EACN,WAAW,GAAG,GAAG,EAAE,CAAC,qBAAqB,EAAE,MACrB,EAAE,EAAE,EAAE;;IAC5B,MAAM,GAAG,GAAG,eAAe,EAAE,CAAC;IAE9B,OAAO;IACP,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,iCAAM,kBAAkB,GAAK,WAAW,EAAG,CAAC,CAAC;IAE9D,OAAO;IACP,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,CAAO,CAAC,EAAE,IAAI,EAAE,EAAE;QAC7B,MAAM,IAAI,GAAG,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAChD,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QAEpB,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;QAEnC,MAAM,IAAI,EAAE,CAAC;IACf,CAAC,CAAA,CAAC,CAAC;IAEH,gBAAgB;IAChB,GAAG,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC,CAAC;IAE9C,SAAS;IACT,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,kBAAkB,EAAE,CAAC,CAAC;IACrC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,wBAAwB,CAAC,MAAM,CAAC,CAAC,CAAC;IACjD,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,wBAAwB,CAAC,MAAM,EAAE,MAAA,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,MAAM,0CAAE,GAAG,mCAAI,EAAE,CAAC,CAAC,CAAC;IAC1E,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,gBAAgB,CAAC,MAAM,CAAC,CAAC,CAAC;IACzC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,2BAA2B,CAAC,MAAM,CAAC,CAAC,CAAC;IACpD,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,mBAAmB,CAAC,MAAM,CAAC,CAAC,CAAC;IAC5C,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,kBAAkB,CAAC,MAAM,CAAC,CAAC,CAAC;IAC3C,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,0BAA0B,CAAC,MAAM,CAAC,CAAC,CAAC;IACnD,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,iBAAiB,CAAC,MAAM,EAAE,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,EAAE,CAAC,CAAC,CAAC;IACzD,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,gBAAgB,CAAC,MAAM,CAAC,CAAC,CAAC;IACzC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,oBAAoB,CAAC,MAAM,EAAE,MAAA,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,MAAM,0CAAE,GAAG,mCAAI,EAAE,CAAC,CAAC,CAAC;IACtE,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,oBAAoB,CAAC,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,EAAE,CAAC,CAAC,CAAC;IACjD,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,mBAAmB,CAAC,MAAM,EAAE,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,EAAE,CAAC,CAAC,CAAC;IAC3D,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,mBAAmB,CAAC,MAAM,EAAE,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,EAAE,CAAC,CAAC,CAAC;IAE3D,IAAI,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,MAAM,0CAAE,YAAY,EAAE,CAAC;QAClC,GAAG,CAAC,KAAK,CACP,GAAG,EACH,uBAAuB,CAAC,MAAM,EAAE,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAC7D,CAAC;IACJ,CAAC;IAED,OAAO,GAAG,CAAC;AACb,CAAC,CAAC"}
+{"version":3,"file":"app.js","sourceRoot":"","sources":["../../../../packages/rest-api/src/app.ts"],"names":[],"mappings":";AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAEjC,OAAO,EAEL,eAAe,EACf,qBAAqB,EACrB,cAAc,GACf,MAAM,kBAAkB,CAAC;AAE1B,OAAO,EACL,kBAAkB,EAClB,qBAAqB,EACrB,gBAAgB,EAChB,gBAAgB,EAChB,kBAAkB,EAClB,oBAAoB,EACpB,wBAAwB,EACxB,iBAAiB,EACjB,wBAAwB,EACxB,mBAAmB,EACnB,2BAA2B,EAC3B,mBAAmB,EACnB,uBAAuB,EACvB,oBAAoB,EACpB,0BAA0B,EAC1B,mBAAmB,GACpB,MAAM,YAAY,CAAC;AAGpB,MAAM,kBAAkB,GAAG;IACzB,YAAY,EAAE;QACZ,cAAc;QACd,eAAe;QACf,kBAAkB;QAClB,QAAQ;QACR,QAAQ;QACR,cAAc;KACf;IACD,YAAY,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC;IAClE,WAAW,EAAE,IAAI;IACjB,aAAa,EAAE,CAAC,gBAAgB,EAAE,iBAAiB,CAAC;IACpD,MAAM,EAAE,CAAC,uBAAuB,CAAC;CAClC,CAAC;AAcF,MAAM,CAAC,MAAM,WAAW,GAAG,CAAC,EAC1B,WAAW,EACX,IAAI,EACJ,OAAO,EACP,MAAM,EACN,WAAW,GAAG,GAAG,EAAE,CAAC,qBAAqB,EAAE,MACrB,EAAE,EAAE,EAAE;;IAC5B,MAAM,GAAG,GAAG,eAAe,EAAE,CAAC;IAE9B,OAAO;IACP,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,iCAAM,kBAAkB,GAAK,WAAW,EAAG,CAAC,CAAC;IAE9D,OAAO;IACP,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,CAAO,CAAC,EAAE,IAAI,EAAE,EAAE;QAC7B,MAAM,IAAI,GAAG,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAChD,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QAEpB,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;QAEnC,MAAM,IAAI,EAAE,CAAC;IACf,CAAC,CAAA,CAAC,CAAC;IAEH,gBAAgB;IAChB,GAAG,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC,CAAC;IAE9C,SAAS;IACT,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,kBAAkB,EAAE,CAAC,CAAC;IACrC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,qBAAqB,CAAC,MAAM,CAAC,CAAC,CAAC;IAC9C,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,wBAAwB,CAAC,MAAM,CAAC,CAAC,CAAC;IACjD,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,wBAAwB,CAAC,MAAM,EAAE,MAAA,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,MAAM,0CAAE,GAAG,mCAAI,EAAE,CAAC,CAAC,CAAC;IAC1E,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,gBAAgB,CAAC,MAAM,CAAC,CAAC,CAAC;IACzC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,2BAA2B,CAAC,MAAM,CAAC,CAAC,CAAC;IACpD,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,mBAAmB,CAAC,MAAM,CAAC,CAAC,CAAC;IAC5C,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,kBAAkB,CAAC,MAAM,CAAC,CAAC,CAAC;IAC3C,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,0BAA0B,CAAC,MAAM,CAAC,CAAC,CAAC;IACnD,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,iBAAiB,CAAC,MAAM,EAAE,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,EAAE,CAAC,CAAC,CAAC;IACzD,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,gBAAgB,CAAC,MAAM,CAAC,CAAC,CAAC;IACzC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,oBAAoB,CAAC,MAAM,EAAE,MAAA,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,MAAM,0CAAE,GAAG,mCAAI,EAAE,CAAC,CAAC,CAAC;IACtE,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,oBAAoB,CAAC,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,EAAE,CAAC,CAAC,CAAC;IACjD,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,mBAAmB,CAAC,MAAM,EAAE,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,EAAE,CAAC,CAAC,CAAC;IAC3D,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,mBAAmB,CAAC,MAAM,EAAE,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,EAAE,CAAC,CAAC,CAAC;IAE3D,IAAI,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,MAAM,0CAAE,YAAY,EAAE,CAAC;QAClC,GAAG,CAAC,KAAK,CACP,GAAG,EACH,uBAAuB,CAAC,MAAM,EAAE,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAC7D,CAAC;IACJ,CAAC;IAED,OAAO,GAAG,CAAC;AACb,CAAC,CAAC"}

package/src/core/auth/auth.schema.js

@@ -1,41 +1 @@
-import { z } from "@hono/zod-openapi";
-export const SignUpSchema = z.object({
-    email: z
-        .string()
-        .min(1, "Email is required")
-        .email("Invalid email")
-        .openapi({
-        example: "user@example.com",
-        description: "User's email address",
-    }),
-    password: z
-        .string()
-        .min(1, "Password is required")
-        .min(8, "Password must be more than 8 characters")
-        .max(32, "Password must be less than 32 characters")
-        .openapi({
-        example: "password123",
-        description: "User's password",
-    }),
-    firstname: z
-        .string()
-        .min(1, "First name is required")
-        .max(32, "First name must be less than 32 characters")
-        .openapi({
-        example: "John",
-        description: "User's first name",
-    }),
-    lastname: z
-        .string()
-        .min(1, "Last name is required")
-        .max(32, "Last name must be less than 32 characters")
-        .openapi({
-        example: "Doe",
-        description: "User's last name",
-    }),
-}).openapi("SignUp");
-export const SignInSchema = SignUpSchema.pick({
-    email: true,
-    password: true,
-}).openapi("SignIn");
-//# sourceMappingURL=auth.schema.js.map
+import{z as e}from"@hono/zod-openapi";export const SignUpSchema=e.object({email:e.string().min(1,"Email is required").email("Invalid email").openapi({example:"user@example.com",description:"User's email address"}),password:e.string().min(1,"Password is required").min(8,"Password must be more than 8 characters").max(32,"Password must be less than 32 characters").openapi({example:"password123",description:"User's password"}),firstname:e.string().min(1,"First name is required").max(32,"First name must be less than 32 characters").openapi({example:"John",description:"User's first name"}),lastname:e.string().min(1,"Last name is required").max(32,"Last name must be less than 32 characters").openapi({example:"Doe",description:"User's last name"})}).openapi("SignUp"),SignInSchema=SignUpSchema.pick({email:!0,password:!0}).openapi("SignIn");

package/src/core/auth/auth.util.js

@@ -1,44 +1 @@
-import { __awaiter } from "tslib";
-import { HttpException } from "../exceptions/http-exception";
-import { logger } from "../logging/pino";
-export const getCurrentUser = (auth) => (headers) => __awaiter(void 0, void 0, void 0, function* () {
-    const session = yield auth.api.getSession({
-        headers: headers,
-    });
-    if (!(session === null || session === void 0 ? void 0 : session.user)) {
-        throw new HttpException(401, "Unauthorized");
-    }
-    return session.user;
-});
-export const isGranted = (auth) => (headers, organizationId, accessLevel) => __awaiter(void 0, void 0, void 0, function* () {
-    if (!accessLevel) {
-        throw new Error("Resource and access level are required");
-    }
-    const session = yield auth.api.getSession({
-        headers: headers,
-    });
-    if (!(session === null || session === void 0 ? void 0 : session.user)) {
-        throw new HttpException(401, "Unauthorized");
-    }
-    const hasPermission = yield auth.api.hasPermission({
-        headers,
-        body: {
-            organizationId,
-            permissions: {
-                project: [accessLevel],
-            },
-        },
-    });
-    if (!hasPermission.success) {
-        logger.error({
-            organizationId,
-            accessLevel,
-            message: "User does not have permission",
-            userId: session.user.id,
-            hasPermission,
-        });
-        throw new HttpException(403, "Forbidden");
-    }
-    return session.user;
-});
-//# sourceMappingURL=auth.util.js.map
+import{__awaiter as d}from"tslib";import{HttpException as n}from"../exceptions/http-exception";import{logger as u}from"../logging/pino";export const getCurrentUser=r=>i=>d(void 0,void 0,void 0,function*(){const e=yield r.api.getSession({headers:i});if(!e?.user)throw new n(401,"Unauthorized");return e.user}),isGranted=r=>(i,e,s)=>d(void 0,void 0,void 0,function*(){if(!s)throw new Error("Resource and access level are required");const o=yield r.api.getSession({headers:i});if(!o?.user)throw new n(401,"Unauthorized");const t=yield r.api.hasPermission({headers:i,body:{organizationId:e,permissions:{project:[s]}}});if(!t.success)throw u.error({organizationId:e,accessLevel:s,message:"User does not have permission",userId:o.user.id,hasPermission:t}),new n(403,"Forbidden");return o.user});

package/src/core/auth/better-auth.lib.js

@@ -1,100 +1 @@
-import { betterAuth } from "better-auth";
-import { prismaAdapter } from "better-auth/adapters/prisma";
-import { nextCookies } from "better-auth/next-js";
-import { openAPI, organization } from "better-auth/plugins";
-import { createAccessControl } from "better-auth/plugins/access";
-import { getCurrentUser, isGranted } from "./auth.util";
-const statement = {
-    project: ["create", "read", "update", "delete"],
-    organization: ["create", "read", "update", "delete"],
-};
-const ac = createAccessControl(statement);
-const readOnly = ac.newRole({
-    project: ["read"],
-});
-const member = ac.newRole({
-    project: ["read"],
-});
-const manager = ac.newRole({
-    project: ["create", "read", "update", "delete"],
-});
-const admin = ac.newRole({
-    project: ["create", "read", "update", "delete"],
-    organization: ["update"],
-});
-const owner = ac.newRole({
-    project: ["create", "read", "update", "delete"],
-    organization: ["update", "delete"],
-});
-export const createAuthClient = ({ prisma, baseURL, domain, trustedOrigins, socialProviders, }) => {
-    const auth = betterAuth({
-        baseURL,
-        database: prismaAdapter(prisma, {
-            provider: "postgresql",
-        }),
-        trustedOrigins,
-        user: {
-            additionalFields: {
-                firstname: {
-                    type: "string",
-                    required: true,
-                },
-                lastname: {
-                    type: "string",
-                    required: true,
-                },
-            },
-        },
-        advanced: {
-            crossSubDomainCookies: {
-                enabled: true,
-                domain: domain,
-            },
-            useSecureCookies: domain !== "localhost",
-            defaultCookieAttributes: {
-                path: "/",
-                sameSite: "lax", // Use "none" if you need cross-site requests, but requires secure: true
-                httpOnly: true, // Prevents JavaScript access to cookies
-                secure: domain !== "localhost",
-            },
-        },
-        emailAndPassword: {
-            enabled: true,
-        },
-        socialProviders: Object.assign({}, ((socialProviders === null || socialProviders === void 0 ? void 0 : socialProviders.google)
-            ? {
-                google: {
-                    prompt: "select_account",
-                    clientId: socialProviders.google.clientId,
-                    clientSecret: socialProviders.google.clientSecret,
-                    mapProfileToUser: (profile) => {
-                        return {
-                            firstname: profile.given_name,
-                            lastname: profile.family_name,
-                        };
-                    },
-                },
-            }
-            : {})),
-        plugins: [
-            openAPI(),
-            nextCookies(),
-            organization({
-                ac,
-                roles: {
-                    member,
-                    readOnly,
-                    manager,
-                    admin,
-                    owner,
-                },
-            }),
-        ],
-    });
-    return {
-        auth,
-        getCurrentUser: getCurrentUser(auth),
-        isGranted: isGranted(auth),
-    };
-};
-//# sourceMappingURL=better-auth.lib.js.map
+import{betterAuth as l}from"better-auth";import{prismaAdapter as d}from"better-auth/adapters/prisma";import{nextCookies as c}from"better-auth/next-js";import{openAPI as p,organization as u}from"better-auth/plugins";import{createAccessControl as m}from"better-auth/plugins/access";import{getCurrentUser as g,isGranted as f}from"./auth.util";const b={project:["create","read","update","delete"],organization:["create","read","update","delete"]},e=m(b),C=e.newRole({project:["read"]}),h=e.newRole({project:["read"]}),j=e.newRole({project:["create","read","update","delete"]}),w=e.newRole({project:["create","read","update","delete"],organization:["update"]}),A=e.newRole({project:["create","read","update","delete"],organization:["update","delete"]});export const createAuthClient=({prisma:n,baseURL:s,domain:r,trustedOrigins:i,socialProviders:t})=>{const o=l({baseURL:s,database:d(n,{provider:"postgresql"}),trustedOrigins:i,user:{additionalFields:{firstname:{type:"string",required:!0},lastname:{type:"string",required:!0}}},advanced:{crossSubDomainCookies:{enabled:!0,domain:r},useSecureCookies:r!=="localhost",defaultCookieAttributes:{path:"/",sameSite:"lax",httpOnly:!0,secure:r!=="localhost"}},emailAndPassword:{enabled:!0},socialProviders:Object.assign({},t?.google?{google:{prompt:"select_account",clientId:t.google.clientId,clientSecret:t.google.clientSecret,mapProfileToUser:a=>({firstname:a.given_name,lastname:a.family_name})}}:{}),plugins:[p(),c(),u({ac:e,roles:{member:h,readOnly:C,manager:j,admin:w,owner:A}})]});return{auth:o,getCurrentUser:g(o),isGranted:f(o)}};

package/src/core/auth/generate-password-hash.util.js

@@ -1,30 +1 @@
-import { __awaiter } from "tslib";
-import crypto from "crypto";
-/**
- * Generate a random salt using crypto.
- */
-function randomBytes() {
-    return new Promise((resolve, reject) => crypto.randomBytes(32, (err, saltBuffer) => err ? reject(err) : resolve(saltBuffer)));
-}
-/**
- * Generate a hash using PBKDF2.
- */
-function pbkdf2Promisified(password, salt) {
-    return new Promise((resolve, reject) => crypto.pbkdf2(password, salt, 25000, // Number of iterations
-    512, // Key length
-    "sha256", // Digest algorithm
-    (err, hashRaw) => (err ? reject(err) : resolve(hashRaw))));
-}
-/**
- * Generate a salt and hash for the password.
- */
-export function generatePasswordSaltHash(password) {
-    return __awaiter(this, void 0, void 0, function* () {
-        const saltBuffer = yield randomBytes();
-        const salt = saltBuffer.toString("hex");
-        const hashRaw = yield pbkdf2Promisified(password, salt);
-        const hash = hashRaw.toString("hex");
-        return { hash, salt };
-    });
-}
-//# sourceMappingURL=generate-password-hash.util.js.map
+import{__awaiter as a}from"tslib";import e from"crypto";function f(){return new Promise((o,n)=>e.randomBytes(32,(t,r)=>t?n(t):o(r)))}function h(o,n){return new Promise((t,r)=>e.pbkdf2(o,n,25e3,512,"sha256",(s,i)=>s?r(s):t(i)))}export function generatePasswordSaltHash(o){return a(this,void 0,void 0,function*(){const t=(yield f()).toString("hex");return{hash:(yield h(o,t)).toString("hex"),salt:t}})}

package/src/core/auth/headers.schema.js

@@ -1,22 +1 @@
-import { z } from "@hono/zod-openapi";
-export const HeaderSchema = z
-    .object({
-    "accept-language": z.string().optional().openapi({
-        example: "en-US",
-        description: "Accept-Language header",
-        param: {
-            in: "header",
-            name: "accept-language",
-        },
-    }),
-    cookie: z.string().optional().openapi({
-        example: "session=1234567890",
-        description: "Cookie header",
-        param: {
-            in: "header",
-            name: "cookie",
-        },
-    }),
-})
-    .openapi("Headers");
-//# sourceMappingURL=headers.schema.js.map
+import{z as e}from"@hono/zod-openapi";export const HeaderSchema=e.object({"accept-language":e.string().optional().openapi({example:"en-US",description:"Accept-Language header",param:{in:"header",name:"accept-language"}}),cookie:e.string().optional().openapi({example:"session=1234567890",description:"Cookie header",param:{in:"header",name:"cookie"}})}).openapi("Headers");

package/src/core/auth/user.schema.js

@@ -1,30 +1 @@
-import { z } from "@hono/zod-openapi";
-export const UserSchema = z
-    .object({
-    id: z.string().openapi({
-        example: "clm1234567890abcdef",
-        description: "User's ID",
-    }),
-    email: z.string().openapi({
-        example: "user@example.com",
-        description: "User's email address",
-        format: "email",
-    }),
-    firstname: z.string().openapi({
-        example: "John",
-        description: "User's first name",
-    }),
-    lastname: z.string().openapi({
-        example: "Doe",
-        description: "User's last name",
-    }),
-    image: z.string().nullable().optional().openapi({
-        example: "https://example.com/image.jpg",
-        description: "User's profile image",
-    }),
-    name: z.string().nullable().optional().openapi({
-        description: "User's full name (optional)",
-    }),
-})
-    .openapi("User");
-//# sourceMappingURL=user.schema.js.map
+import{z as e}from"@hono/zod-openapi";export const UserSchema=e.object({id:e.string().openapi({example:"clm1234567890abcdef",description:"User's ID"}),email:e.string().openapi({example:"user@example.com",description:"User's email address",format:"email"}),firstname:e.string().openapi({example:"John",description:"User's first name"}),lastname:e.string().openapi({example:"Doe",description:"User's last name"}),image:e.string().nullable().optional().openapi({example:"https://example.com/image.jpg",description:"User's profile image"}),name:e.string().nullable().optional().openapi({description:"User's full name (optional)"})}).openapi("User");