npm - @skyapp-labs/blueprint-backend-core - Versions diffs - 1.0.9 - Mend

@skyapp-labs/blueprint-backend-core 1.0.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (737) hide show

package/dist/modules/admin/services/admin-log.service.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import { Repository } from 'typeorm';
+import { AdminLog } from '../entities/admin-log.entity';
+import { AdminLogFilterDto, CreateAdminLogDto } from '../dto/admin-log.dto';
+import { PaginatedResult } from '../../../common/base/base.repository';
+export declare class AdminLogService {
+    private readonly repo;
+    constructor(repo: Repository<AdminLog>);
+    log(dto: CreateAdminLogDto): void;
+    findAll(filter: AdminLogFilterDto): Promise<PaginatedResult<AdminLog>>;
+}
+//# sourceMappingURL=admin-log.service.d.ts.map

package/dist/modules/admin/services/admin-log.service.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"admin-log.service.d.ts","sourceRoot":"","sources":["../../../../modules/admin/services/admin-log.service.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,QAAQ,EAAE,MAAM,8BAA8B,CAAC;AACxD,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AAC5E,OAAO,EAAE,eAAe,EAAE,MAAM,sCAAsC,CAAC;AAEvE,qBACa,eAAe;IAG1B,OAAO,CAAC,QAAQ,CAAC,IAAI;gBAAJ,IAAI,EAAE,UAAU,CAAC,QAAQ,CAAC;IAI5C,GAAG,CAAC,GAAG,EAAE,iBAAiB,GAAG,IAAI;IAI3B,OAAO,CAAC,MAAM,EAAE,iBAAiB,GAAG,OAAO,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;CAiC5E"}

package/dist/modules/admin/services/admin-log.service.js ADDED Viewed

@@ -0,0 +1,60 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AdminLogService = void 0;
+const common_1 = require("@nestjs/common");
+const typeorm_1 = require("@nestjs/typeorm");
+const typeorm_2 = require("typeorm");
+const admin_log_entity_1 = require("../entities/admin-log.entity");
+let AdminLogService = class AdminLogService {
+    constructor(repo) {
+        this.repo = repo;
+    }
+    log(dto) {
+        this.repo.save(this.repo.create(dto)).catch(() => undefined);
+    }
+    async findAll(filter) {
+        const page = filter.page ?? 1;
+        const limit = filter.limit ?? 20;
+        const skip = (page - 1) * limit;
+        const qb = this.repo
+            .createQueryBuilder('log')
+            .leftJoin('log.actor', 'actor')
+            .addSelect(['actor.id', 'actor.firstName', 'actor.lastName'])
+            .skip(skip)
+            .take(limit)
+            .orderBy('log.createdAt', 'DESC');
+        if (filter.actorId) {
+            qb.andWhere('log.actorId = :actorId', { actorId: filter.actorId });
+        }
+        if (filter.action) {
+            qb.andWhere('log.action LIKE :action', { action: `%${filter.action}%` });
+        }
+        if (filter.from) {
+            qb.andWhere('log.createdAt >= :from', { from: new Date(filter.from) });
+        }
+        if (filter.to) {
+            qb.andWhere('log.createdAt <= :to', { to: new Date(filter.to) });
+        }
+        const [data, total] = await qb.getManyAndCount();
+        return { data, total, page, limit, totalPages: Math.ceil(total / limit) };
+    }
+};
+exports.AdminLogService = AdminLogService;
+exports.AdminLogService = AdminLogService = __decorate([
+    (0, common_1.Injectable)(),
+    __param(0, (0, typeorm_1.InjectRepository)(admin_log_entity_1.AdminLog)),
+    __metadata("design:paramtypes", [typeorm_2.Repository])
+], AdminLogService);
+//# sourceMappingURL=admin-log.service.js.map

package/dist/modules/admin/services/admin-log.service.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"admin-log.service.js","sourceRoot":"","sources":["../../../../modules/admin/services/admin-log.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAA4C;AAC5C,6CAAmD;AACnD,qCAAqC;AACrC,mEAAwD;AAKjD,IAAM,eAAe,GAArB,MAAM,eAAe;IAC3B,YAEkB,IAA0B;QAA1B,SAAI,GAAJ,IAAI,CAAsB;IACzC,CAAC;IAGJ,GAAG,CAAC,GAAsB;QACzB,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC;IAC9D,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,MAAyB;QACtC,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,IAAI,CAAC,CAAC;QAC9B,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC;QACjC,MAAM,IAAI,GAAG,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC;QAEhC,MAAM,EAAE,GAAG,IAAI,CAAC,IAAI;aAClB,kBAAkB,CAAC,KAAK,CAAC;aACzB,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC;aAC9B,SAAS,CAAC,CAAC,UAAU,EAAE,iBAAiB,EAAE,gBAAgB,CAAC,CAAC;aAC5D,IAAI,CAAC,IAAI,CAAC;aACV,IAAI,CAAC,KAAK,CAAC;aACX,OAAO,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;QAEnC,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,EAAE,CAAC,QAAQ,CAAC,wBAAwB,EAAE,EAAE,OAAO,EAAE,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;QACpE,CAAC;QAED,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;YACnB,EAAE,CAAC,QAAQ,CAAC,yBAAyB,EAAE,EAAE,MAAM,EAAE,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;QAC1E,CAAC;QAED,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC;YACjB,EAAE,CAAC,QAAQ,CAAC,wBAAwB,EAAE,EAAE,IAAI,EAAE,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACxE,CAAC;QAED,IAAI,MAAM,CAAC,EAAE,EAAE,CAAC;YACf,EAAE,CAAC,QAAQ,CAAC,sBAAsB,EAAE,EAAE,EAAE,EAAE,IAAI,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;QAClE,CAAC;QAED,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,MAAM,EAAE,CAAC,eAAe,EAAE,CAAC;QAEjD,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,UAAU,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC,EAAE,CAAC;IAC3E,CAAC;CACD,CAAA;AA5CY,0CAAe;0BAAf,eAAe;IAD3B,IAAA,mBAAU,GAAE;IAGV,WAAA,IAAA,0BAAgB,EAAC,2BAAQ,CAAC,CAAA;qCACJ,oBAAU;GAHtB,eAAe,CA4C3B"}

package/dist/modules/auth/auth-core/auth-core.module.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+export declare class AuthCoreModule {
+}
+//# sourceMappingURL=auth-core.module.d.ts.map

package/dist/modules/auth/auth-core/auth-core.module.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"auth-core.module.d.ts","sourceRoot":"","sources":["../../../../modules/auth/auth-core/auth-core.module.ts"],"names":[],"mappings":"AAOA,qBAmBa,cAAc;CAAG"}

package/dist/modules/auth/auth-core/auth-core.module.js ADDED Viewed

@@ -0,0 +1,40 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthCoreModule = void 0;
+const common_1 = require("@nestjs/common");
+const jwt_1 = require("@nestjs/jwt");
+const passport_1 = require("@nestjs/passport");
+const config_1 = require("@nestjs/config");
+const jwt_strategy_1 = require("./strategies/jwt.strategy");
+const users_module_1 = require("../../users/users.module");
+let AuthCoreModule = class AuthCoreModule {
+};
+exports.AuthCoreModule = AuthCoreModule;
+exports.AuthCoreModule = AuthCoreModule = __decorate([
+    (0, common_1.Module)({
+        imports: [
+            config_1.ConfigModule,
+            users_module_1.UsersModule,
+            passport_1.PassportModule.register({ defaultStrategy: 'jwt' }),
+            jwt_1.JwtModule.registerAsync({
+                imports: [config_1.ConfigModule],
+                useFactory: (configService) => ({
+                    secret: configService.get('app.jwt.secret', 'change-me-in-production'),
+                    signOptions: {
+                        expiresIn: configService.get('app.jwt.expiresIn', '1d'),
+                    },
+                }),
+                inject: [config_1.ConfigService],
+            }),
+        ],
+        providers: [jwt_strategy_1.JwtStrategy],
+        exports: [jwt_1.JwtModule, passport_1.PassportModule],
+    })
+], AuthCoreModule);
+//# sourceMappingURL=auth-core.module.js.map

package/dist/modules/auth/auth-core/auth-core.module.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"auth-core.module.js","sourceRoot":"","sources":["../../../../modules/auth/auth-core/auth-core.module.ts"],"names":[],"mappings":";;;;;;;;;AAAA,2CAAwC;AACxC,qCAAwC;AACxC,+CAAkD;AAClD,2CAA6D;AAC7D,4DAAwD;AACxD,2DAAuD;AAqBhD,IAAM,cAAc,GAApB,MAAM,cAAc;CAAG,CAAA;AAAjB,wCAAc;yBAAd,cAAc;IAnB1B,IAAA,eAAM,EAAC;QACP,OAAO,EAAE;YACR,qBAAY;YACZ,0BAAW;YACX,yBAAc,CAAC,QAAQ,CAAC,EAAE,eAAe,EAAE,KAAK,EAAE,CAAC;YACnD,eAAS,CAAC,aAAa,CAAC;gBACvB,OAAO,EAAE,CAAC,qBAAY,CAAC;gBACvB,UAAU,EAAE,CAAC,aAA4B,EAAE,EAAE,CAAC,CAAC;oBAC9C,MAAM,EAAE,aAAa,CAAC,GAAG,CAAS,gBAAgB,EAAE,yBAAyB,CAAC;oBAC9E,WAAW,EAAE;wBACZ,SAAS,EAAE,aAAa,CAAC,GAAG,CAAS,mBAAmB,EAAE,IAAI,CAAS;qBACvE;iBACD,CAAC;gBACF,MAAM,EAAE,CAAC,sBAAa,CAAC;aACvB,CAAC;SACF;QACD,SAAS,EAAE,CAAC,0BAAW,CAAC;QACxB,OAAO,EAAE,CAAC,eAAS,EAAE,yBAAc,CAAC;KACpC,CAAC;GACW,cAAc,CAAG"}

package/dist/modules/auth/auth-core/strategies/jwt.strategy.d.ts ADDED Viewed

@@ -0,0 +1,18 @@
+import { Strategy } from 'passport-jwt';
+import { ConfigService } from '@nestjs/config';
+import IORedis from 'ioredis';
+import { JwtPayload } from '../../dto/token.dto';
+declare const JwtStrategy_base: new (...args: [opt: import("passport-jwt").StrategyOptionsWithRequest] | [opt: import("passport-jwt").StrategyOptionsWithoutRequest]) => Strategy & {
+    validate(...args: any[]): unknown;
+};
+export declare class JwtStrategy extends JwtStrategy_base {
+    private readonly configService;
+    private readonly redis;
+    constructor(configService: ConfigService, redis: IORedis | null);
+    validate(payload: JwtPayload): Promise<{
+        id: string;
+        permissions: string[];
+    }>;
+}
+export {};
+//# sourceMappingURL=jwt.strategy.d.ts.map

package/dist/modules/auth/auth-core/strategies/jwt.strategy.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"jwt.strategy.d.ts","sourceRoot":"","sources":["../../../../../modules/auth/auth-core/strategies/jwt.strategy.ts"],"names":[],"mappings":"AAEA,OAAO,EAAc,QAAQ,EAAE,MAAM,cAAc,CAAC;AACpD,OAAO,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAC/C,OAAO,OAAO,MAAM,SAAS,CAAC;AAE9B,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;;;;AAEjD,qBACa,WAAY,SAAQ,gBAA0B;IAEzD,OAAO,CAAC,QAAQ,CAAC,aAAa;IAG9B,OAAO,CAAC,QAAQ,CAAC,KAAK;gBAHL,aAAa,EAAE,aAAa,EAG5B,KAAK,EAAE,OAAO,GAAG,IAAI;IASjC,QAAQ,CAAC,OAAO,EAAE,UAAU;;;;CASlC"}

package/dist/modules/auth/auth-core/strategies/jwt.strategy.js ADDED Viewed

@@ -0,0 +1,45 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.JwtStrategy = void 0;
+const common_1 = require("@nestjs/common");
+const passport_1 = require("@nestjs/passport");
+const passport_jwt_1 = require("passport-jwt");
+const config_1 = require("@nestjs/config");
+const redis_module_1 = require("../../../../config/redis.module");
+let JwtStrategy = class JwtStrategy extends (0, passport_1.PassportStrategy)(passport_jwt_1.Strategy) {
+    constructor(configService, redis) {
+        super({
+            jwtFromRequest: passport_jwt_1.ExtractJwt.fromAuthHeaderAsBearerToken(),
+            ignoreExpiration: false,
+            secretOrKey: configService.get('app.jwt.secret', 'change-me-in-production'),
+        });
+        this.configService = configService;
+        this.redis = redis;
+    }
+    async validate(payload) {
+        const banned = await this.redis?.get(`user:banned:${payload.sub}`);
+        if (banned)
+            throw new common_1.UnauthorizedException('Account deactivated');
+        return { id: payload.sub, permissions: payload.permissions ?? [] };
+    }
+};
+exports.JwtStrategy = JwtStrategy;
+exports.JwtStrategy = JwtStrategy = __decorate([
+    (0, common_1.Injectable)(),
+    __param(1, (0, common_1.Optional)()),
+    __param(1, (0, common_1.Inject)(redis_module_1.REDIS_CLIENT)),
+    __metadata("design:paramtypes", [config_1.ConfigService, Object])
+], JwtStrategy);
+//# sourceMappingURL=jwt.strategy.js.map

package/dist/modules/auth/auth-core/strategies/jwt.strategy.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"jwt.strategy.js","sourceRoot":"","sources":["../../../../../modules/auth/auth-core/strategies/jwt.strategy.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAAqF;AACrF,+CAAoD;AACpD,+CAAoD;AACpD,2CAA+C;AAE/C,kEAA+D;AAIxD,IAAM,WAAW,GAAjB,MAAM,WAAY,SAAQ,IAAA,2BAAgB,EAAC,uBAAQ,CAAC;IAC1D,YACkB,aAA4B,EAG5B,KAAqB;QAEtC,KAAK,CAAC;YACL,cAAc,EAAE,yBAAU,CAAC,2BAA2B,EAAE;YACxD,gBAAgB,EAAE,KAAK;YACvB,WAAW,EAAE,aAAa,CAAC,GAAG,CAAS,gBAAgB,EAAE,yBAAyB,CAAC;SACnF,CAAC,CAAC;QATc,kBAAa,GAAb,aAAa,CAAe;QAG5B,UAAK,GAAL,KAAK,CAAgB;IAOvC,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,OAAmB;QAIjC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,EAAE,GAAG,CAAC,eAAe,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;QACnE,IAAI,MAAM;YAAE,MAAM,IAAI,8BAAqB,CAAC,qBAAqB,CAAC,CAAC;QAEnE,OAAO,EAAE,EAAE,EAAE,OAAO,CAAC,GAAG,EAAE,WAAW,EAAE,OAAO,CAAC,WAAW,IAAI,EAAE,EAAE,CAAC;IACpE,CAAC;CACD,CAAA;AAvBY,kCAAW;sBAAX,WAAW;IADvB,IAAA,mBAAU,GAAE;IAIV,WAAA,IAAA,iBAAQ,GAAE,CAAA;IACV,WAAA,IAAA,eAAM,EAAC,2BAAY,CAAC,CAAA;qCAFW,sBAAa;GAFlC,WAAW,CAuBvB"}

package/dist/modules/auth/auth.manifest.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+import type { ModuleManifest } from '../roles/types/manifest.types';
+export declare const AUTH_PERMISSIONS: {
+    readonly LOGIN: "auth:login";
+    readonly REGISTER: "auth:register";
+    readonly LOGOUT: "auth:logout";
+    readonly REFRESH: "auth:refresh";
+};
+export declare const manifest: ModuleManifest;
+//# sourceMappingURL=auth.manifest.d.ts.map

package/dist/modules/auth/auth.manifest.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"auth.manifest.d.ts","sourceRoot":"","sources":["../../../modules/auth/auth.manifest.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,+BAA+B,CAAC;AAEpE,eAAO,MAAM,gBAAgB;;;;;CAKnB,CAAC;AAEX,eAAO,MAAM,QAAQ,EAAE,cAkBtB,CAAC"}

package/dist/modules/auth/auth.manifest.js ADDED Viewed

@@ -0,0 +1,29 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.manifest = exports.AUTH_PERMISSIONS = void 0;
+exports.AUTH_PERMISSIONS = {
+    LOGIN: 'auth:login',
+    REGISTER: 'auth:register',
+    LOGOUT: 'auth:logout',
+    REFRESH: 'auth:refresh',
+};
+exports.manifest = {
+    slug: 'auth',
+    name: 'Authentication',
+    description: 'Auth and session management',
+    permissions: [
+        {
+            slug: exports.AUTH_PERMISSIONS.LOGIN,
+            name: 'Login',
+            description: 'Authenticate and receive tokens',
+        },
+        { slug: exports.AUTH_PERMISSIONS.REGISTER, name: 'Register', description: 'Create new account' },
+        { slug: exports.AUTH_PERMISSIONS.LOGOUT, name: 'Logout', description: 'End session' },
+        {
+            slug: exports.AUTH_PERMISSIONS.REFRESH,
+            name: 'Refresh token',
+            description: 'Refresh access token',
+        },
+    ],
+};
+//# sourceMappingURL=auth.manifest.js.map

package/dist/modules/auth/auth.manifest.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"auth.manifest.js","sourceRoot":"","sources":["../../../modules/auth/auth.manifest.ts"],"names":[],"mappings":";;;AAEa,QAAA,gBAAgB,GAAG;IAC/B,KAAK,EAAE,YAAY;IACnB,QAAQ,EAAE,eAAe;IACzB,MAAM,EAAE,aAAa;IACrB,OAAO,EAAE,cAAc;CACd,CAAC;AAEE,QAAA,QAAQ,GAAmB;IACvC,IAAI,EAAE,MAAM;IACZ,IAAI,EAAE,gBAAgB;IACtB,WAAW,EAAE,6BAA6B;IAC1C,WAAW,EAAE;QACZ;YACC,IAAI,EAAE,wBAAgB,CAAC,KAAK;YAC5B,IAAI,EAAE,OAAO;YACb,WAAW,EAAE,iCAAiC;SAC9C;QACD,EAAE,IAAI,EAAE,wBAAgB,CAAC,QAAQ,EAAE,IAAI,EAAE,UAAU,EAAE,WAAW,EAAE,oBAAoB,EAAE;QACxF,EAAE,IAAI,EAAE,wBAAgB,CAAC,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,aAAa,EAAE;QAC7E;YACC,IAAI,EAAE,wBAAgB,CAAC,OAAO;YAC9B,IAAI,EAAE,eAAe;YACrB,WAAW,EAAE,sBAAsB;SACnC;KACD;CACD,CAAC"}

package/dist/modules/auth/auth.module.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+export declare class AuthModule {
+}
+//# sourceMappingURL=auth.module.d.ts.map

package/dist/modules/auth/auth.module.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"auth.module.d.ts","sourceRoot":"","sources":["../../../modules/auth/auth.module.ts"],"names":[],"mappings":"AAyBA,qBAgCa,UAAU;CAAG"}

package/dist/modules/auth/auth.module.js ADDED Viewed

@@ -0,0 +1,67 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthModule = void 0;
+const common_1 = require("@nestjs/common");
+const config_1 = require("@nestjs/config");
+const typeorm_1 = require("@nestjs/typeorm");
+const auth_core_module_1 = require("./auth-core/auth-core.module");
+const auth_controller_1 = require("./controllers/auth.controller");
+const account_controller_1 = require("./controllers/account.controller");
+const provider_registry_1 = require("./providers/provider.registry");
+const native_auth_provider_module_1 = require("./providers/native/native.auth-provider.module");
+const keycloak_auth_provider_module_1 = require("./providers/keycloak/keycloak-auth-provider.module");
+const native_auth_provider_1 = require("./providers/native/native.auth-provider");
+const keycloak_auth_provider_1 = require("./providers/keycloak/keycloak.auth-provider");
+const otp_module_1 = require("../otp/otp.module");
+const users_module_1 = require("../users/users.module");
+const sessions_module_1 = require("../sessions/sessions.module");
+const otp_auth_service_1 = require("./services/otp-auth.service");
+const login_service_1 = require("./services/login.service");
+const registration_service_1 = require("./services/registration.service");
+const password_service_1 = require("./services/password.service");
+const account_service_1 = require("./services/account.service");
+const password_reset_token_entity_1 = require("./entities/password-reset-token.entity");
+const otp_controller_1 = require("./controllers/otp.controller");
+const settings_service_1 = require("../settings/services/settings.service");
+const jobs_1 = require("../../jobs");
+const roles_module_1 = require("../roles/roles.module");
+let AuthModule = class AuthModule {
+};
+exports.AuthModule = AuthModule;
+exports.AuthModule = AuthModule = __decorate([
+    (0, common_1.Module)({
+        imports: [
+            config_1.ConfigModule,
+            auth_core_module_1.AuthCoreModule,
+            otp_module_1.OtpModule,
+            users_module_1.UsersModule,
+            sessions_module_1.SessionsModule,
+            native_auth_provider_module_1.NativeAuthProviderModule,
+            keycloak_auth_provider_module_1.KeycloakAuthProviderModule,
+            typeorm_1.TypeOrmModule.forFeature([password_reset_token_entity_1.PasswordResetToken]),
+            jobs_1.JobsModule.register(),
+            roles_module_1.RolesModule,
+        ],
+        controllers: [auth_controller_1.AuthController, otp_controller_1.OtpController, account_controller_1.AccountController],
+        providers: [
+            {
+                provide: provider_registry_1.AuthProviderRegistry,
+                useFactory: (native, keycloak, settings) => new provider_registry_1.AuthProviderRegistry(settings, native, keycloak),
+                inject: [native_auth_provider_1.NativeAuthProvider, keycloak_auth_provider_1.KeycloakAuthProvider, settings_service_1.SettingsService],
+            },
+            otp_auth_service_1.OtpAuthService,
+            login_service_1.LoginService,
+            registration_service_1.RegistrationService,
+            password_service_1.PasswordService,
+            account_service_1.AccountService,
+        ],
+        exports: [auth_core_module_1.AuthCoreModule, provider_registry_1.AuthProviderRegistry, otp_module_1.OtpModule, otp_auth_service_1.OtpAuthService],
+    })
+], AuthModule);
+//# sourceMappingURL=auth.module.js.map

package/dist/modules/auth/auth.module.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"auth.module.js","sourceRoot":"","sources":["../../../modules/auth/auth.module.ts"],"names":[],"mappings":";;;;;;;;;AAAA,2CAAwC;AACxC,2CAA8C;AAC9C,6CAAgD;AAChD,mEAA8D;AAC9D,mEAA+D;AAC/D,yEAAqE;AACrE,qEAAqE;AACrE,gGAA0F;AAC1F,sGAAgG;AAChG,kFAA6E;AAC7E,wFAAmF;AACnF,kDAA8C;AAC9C,wDAAoD;AACpD,iEAA6D;AAC7D,kEAA6D;AAC7D,4DAAwD;AACxD,0EAAsE;AACtE,kEAA8D;AAC9D,gEAA4D;AAC5D,wFAA4E;AAC5E,iEAA6D;AAC7D,4EAAwE;AACxE,qCAAwC;AACxC,wDAAoD;AAkC7C,IAAM,UAAU,GAAhB,MAAM,UAAU;CAAG,CAAA;AAAb,gCAAU;qBAAV,UAAU;IAhCtB,IAAA,eAAM,EAAC;QACP,OAAO,EAAE;YACR,qBAAY;YACZ,iCAAc;YACd,sBAAS;YACT,0BAAW;YACX,gCAAc;YACd,sDAAwB;YACxB,0DAA0B;YAC1B,uBAAa,CAAC,UAAU,CAAC,CAAC,gDAAkB,CAAC,CAAC;YAC9C,iBAAU,CAAC,QAAQ,EAAE;YACrB,0BAAW;SACX;QACD,WAAW,EAAE,CAAC,gCAAc,EAAE,8BAAa,EAAE,sCAAiB,CAAC;QAC/D,SAAS,EAAE;YACV;gBACC,OAAO,EAAE,wCAAoB;gBAC7B,UAAU,EAAE,CACX,MAA0B,EAC1B,QAA8B,EAC9B,QAAyB,EACxB,EAAE,CAAC,IAAI,wCAAoB,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC;gBACzD,MAAM,EAAE,CAAC,yCAAkB,EAAE,6CAAoB,EAAE,kCAAe,CAAC;aACnE;YACD,iCAAc;YACd,4BAAY;YACZ,0CAAmB;YACnB,kCAAe;YACf,gCAAc;SACd;QACD,OAAO,EAAE,CAAC,iCAAc,EAAE,wCAAoB,EAAE,sBAAS,EAAE,iCAAc,CAAC;KAC1E,CAAC;GACW,UAAU,CAAG"}

package/dist/modules/auth/controllers/account.controller.d.ts ADDED Viewed

@@ -0,0 +1,42 @@
+import { User } from '../../users/entities/user.entity';
+import { AccountService } from '../services/account.service';
+import { PasswordService } from '../services/password.service';
+import { ChangePasswordDto, DeleteAccountConfirmDto, VerifyEmailDto } from '../dto/password.dto';
+import { TokenService } from '../../sessions/services/token.service';
+import { RefreshTokenDto } from '../dto/token.dto';
+import { Request } from 'express';
+export declare class AccountController {
+    private readonly accountService;
+    private readonly passwordService;
+    private readonly tokenService;
+    constructor(accountService: AccountService, passwordService: PasswordService, tokenService: TokenService);
+    refreshToken(body: RefreshTokenDto, req: Request): Promise<import("../dto/token.dto").TokenResponse>;
+    logout(user: User): Promise<{
+        message: string;
+    }>;
+    getActiveSessions(user: User): Promise<import("../../sessions").RefreshToken[]>;
+    revokeSession(sessionId: string, user: User): Promise<{
+        message: string;
+    }>;
+    verifyEmail(user: User, body: VerifyEmailDto): Promise<{
+        message: string;
+    }>;
+    changePassword(user: User, body: ChangePasswordDto): Promise<{
+        message: string;
+    }>;
+    requestDeletion(user: User): Promise<{
+        message: string;
+        requiresPassword: boolean;
+        verificationId?: undefined;
+        expiresAt?: undefined;
+    } | {
+        message: string;
+        verificationId: string;
+        expiresAt: number;
+        requiresPassword?: undefined;
+    }>;
+    confirmDeletion(user: User, dto: DeleteAccountConfirmDto): Promise<{
+        message: string;
+    }>;
+}
+//# sourceMappingURL=account.controller.d.ts.map

package/dist/modules/auth/controllers/account.controller.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"account.controller.d.ts","sourceRoot":"","sources":["../../../../modules/auth/controllers/account.controller.ts"],"names":[],"mappings":"AAwBA,OAAO,EAAE,IAAI,EAAE,MAAM,kCAAkC,CAAC;AACxD,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAC7D,OAAO,EAAE,eAAe,EAAE,MAAM,8BAA8B,CAAC;AAC/D,OAAO,EAAE,iBAAiB,EAAE,uBAAuB,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACjG,OAAO,EAAE,YAAY,EAAE,MAAM,uCAAuC,CAAC;AACrE,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACnD,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAKlC,qBAIa,iBAAiB;IAE5B,OAAO,CAAC,QAAQ,CAAC,cAAc;IAC/B,OAAO,CAAC,QAAQ,CAAC,eAAe;IAChC,OAAO,CAAC,QAAQ,CAAC,YAAY;gBAFZ,cAAc,EAAE,cAAc,EAC9B,eAAe,EAAE,eAAe,EAChC,YAAY,EAAE,YAAY;IAkB5C,YAAY,CAAS,IAAI,EAAE,eAAe,EAAS,GAAG,EAAE,OAAO;IAY/D,MAAM,CAAgB,IAAI,EAAE,IAAI;;;IAShC,iBAAiB,CAAgB,IAAI,EAAE,IAAI;IAW3C,aAAa,CAAoC,SAAS,EAAE,MAAM,EAAiB,IAAI,EAAE,IAAI;;;IAqB7F,WAAW,CAAgB,IAAI,EAAE,IAAI,EAAU,IAAI,EAAE,cAAc;;;IAgBnE,cAAc,CAAgB,IAAI,EAAE,IAAI,EAAU,IAAI,EAAE,iBAAiB;;;IAsBzE,eAAe,CAAgB,IAAI,EAAE,IAAI;;;;;;;;;;;IAczC,eAAe,CACC,IAAI,EAAE,IAAI,EACQ,GAAG,EAAE,uBAAuB;;;CAI9D"}

package/dist/modules/auth/controllers/account.controller.js ADDED Viewed

@@ -0,0 +1,206 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AccountController = void 0;
+const common_1 = require("@nestjs/common");
+const swagger_1 = require("@nestjs/swagger");
+const auth_guard_1 = require("../../../common/guards/auth.guard");
+const guards_1 = require("../../../common/guards");
+const decorators_1 = require("../../../common/decorators");
+const user_entity_1 = require("../../users/entities/user.entity");
+const account_service_1 = require("../services/account.service");
+const password_service_1 = require("../services/password.service");
+const password_dto_1 = require("../dto/password.dto");
+const token_service_1 = require("../../sessions/services/token.service");
+const token_dto_1 = require("../dto/token.dto");
+const common_2 = require("@nestjs/common");
+const request_utils_1 = require("../../../common/utils/request.utils");
+const config_aware_validation_pipe_1 = require("../../../common/pipes/config-aware-validation.pipe");
+let AccountController = class AccountController {
+    constructor(accountService, passwordService, tokenService) {
+        this.accountService = accountService;
+        this.passwordService = passwordService;
+        this.tokenService = tokenService;
+    }
+    refreshToken(body, req) {
+        const { ip, deviceInfo } = (0, request_utils_1.extractRequestInfo)(req);
+        return this.tokenService.rotateRefreshToken(body.refreshToken, deviceInfo, ip);
+    }
+    logout(user) {
+        return this.accountService.logout(user.id);
+    }
+    getActiveSessions(user) {
+        return this.accountService.getActiveSessions(user.id);
+    }
+    revokeSession(sessionId, user) {
+        return this.accountService.revokeSession(sessionId, user.id);
+    }
+    verifyEmail(user, body) {
+        return this.accountService.verifyEmail(user.id, body.verificationToken);
+    }
+    changePassword(user, body) {
+        return this.passwordService.changePassword(user.id, body);
+    }
+    requestDeletion(user) {
+        return this.accountService.requestDeletion(user.id);
+    }
+    confirmDeletion(user, dto) {
+        return this.accountService.confirmDeletion(user.id, dto);
+    }
+};
+exports.AccountController = AccountController;
+__decorate([
+    (0, common_1.Post)('refresh'),
+    (0, decorators_1.Public)(),
+    (0, common_1.UseGuards)(guards_1.LoginIpRateLimitGuard),
+    (0, common_1.HttpCode)(common_1.HttpStatus.OK),
+    (0, swagger_1.ApiOperation)({
+        summary: 'Refresh tokens',
+        description: 'Rotate refresh token and get a new access + refresh token pair.',
+    }),
+    (0, swagger_1.ApiBody)({ type: token_dto_1.RefreshTokenDto }),
+    (0, swagger_1.ApiOkResponse)({
+        schema: { example: { accessToken: 'jwt', refreshToken: 'id.secret', expiresIn: 900000 } },
+    }),
+    (0, swagger_1.ApiUnauthorizedResponse)({ description: 'Invalid, expired, or reused refresh token' }),
+    __param(0, (0, common_1.Body)()),
+    __param(1, (0, common_2.Req)()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [token_dto_1.RefreshTokenDto, Object]),
+    __metadata("design:returntype", void 0)
+], AccountController.prototype, "refreshToken", null);
+__decorate([
+    (0, common_1.Post)('logout'),
+    (0, common_1.HttpCode)(common_1.HttpStatus.OK),
+    (0, swagger_1.ApiOperation)({
+        summary: 'Logout',
+        description: 'Revoke all active sessions for the current user.',
+    }),
+    (0, swagger_1.ApiOkResponse)({ schema: { example: { message: 'Logged out successfully' } } }),
+    __param(0, (0, decorators_1.CurrentUser)()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [user_entity_1.User]),
+    __metadata("design:returntype", void 0)
+], AccountController.prototype, "logout", null);
+__decorate([
+    (0, common_1.Get)('sessions'),
+    (0, swagger_1.ApiOperation)({
+        summary: 'List active sessions',
+        description: 'Returns all active (non-revoked) refresh tokens for the current user.',
+    }),
+    __param(0, (0, decorators_1.CurrentUser)()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [user_entity_1.User]),
+    __metadata("design:returntype", void 0)
+], AccountController.prototype, "getActiveSessions", null);
+__decorate([
+    (0, common_1.Post)('sessions/:sessionId/revoke'),
+    (0, common_1.HttpCode)(common_1.HttpStatus.OK),
+    (0, swagger_1.ApiOperation)({
+        summary: 'Revoke a session',
+        description: 'Revoke a specific refresh token by its ID.',
+    }),
+    (0, swagger_1.ApiOkResponse)({ schema: { example: { message: 'Session revoked successfully' } } }),
+    __param(0, (0, common_1.Param)('sessionId', common_1.ParseUUIDPipe)),
+    __param(1, (0, decorators_1.CurrentUser)()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [String, user_entity_1.User]),
+    __metadata("design:returntype", void 0)
+], AccountController.prototype, "revokeSession", null);
+__decorate([
+    (0, common_1.Post)('verify-email'),
+    (0, common_1.HttpCode)(common_1.HttpStatus.OK),
+    (0, swagger_1.ApiOperation)({
+        summary: 'Verify email address',
+        description: 'Confirms ownership of the registered email using the verificationToken returned by POST /auth/verify-otp (email channel). ' +
+            'Call POST /auth/send-otp with { channel: "email", email: "..." } first, then POST /auth/verify-otp to obtain the token.',
+    }),
+    (0, swagger_1.ApiBody)({ type: password_dto_1.VerifyEmailDto }),
+    (0, swagger_1.ApiOkResponse)({ schema: { example: { message: 'Email verified successfully.' } } }),
+    (0, swagger_1.ApiUnauthorizedResponse)({
+        description: 'Invalid or expired token, or token does not match account email',
+    }),
+    (0, swagger_1.ApiBadRequestResponse)({ description: 'Account has no email address' }),
+    (0, swagger_1.ApiConflictResponse)({ description: 'Email is already verified' }),
+    __param(0, (0, decorators_1.CurrentUser)()),
+    __param(1, (0, common_1.Body)()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [user_entity_1.User, password_dto_1.VerifyEmailDto]),
+    __metadata("design:returntype", void 0)
+], AccountController.prototype, "verifyEmail", null);
+__decorate([
+    (0, common_1.Post)('account/change-password'),
+    (0, common_1.HttpCode)(common_1.HttpStatus.OK),
+    (0, swagger_1.ApiOperation)({
+        summary: 'Change password',
+        description: 'Change password for the authenticated user.',
+    }),
+    (0, swagger_1.ApiBody)({ type: password_dto_1.ChangePasswordDto }),
+    (0, swagger_1.ApiOkResponse)({ schema: { example: { message: 'Password changed successfully.' } } }),
+    (0, swagger_1.ApiUnauthorizedResponse)({ description: 'Current password is incorrect' }),
+    (0, swagger_1.ApiBadRequestResponse)({ description: 'Account has no password (phone-only auth)' }),
+    __param(0, (0, decorators_1.CurrentUser)()),
+    __param(1, (0, common_1.Body)()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [user_entity_1.User, password_dto_1.ChangePasswordDto]),
+    __metadata("design:returntype", void 0)
+], AccountController.prototype, "changePassword", null);
+__decorate([
+    (0, common_1.Post)('account/delete-request'),
+    (0, common_1.HttpCode)(common_1.HttpStatus.OK),
+    (0, swagger_1.ApiOperation)({
+        summary: 'Request account deletion (step 1)',
+        description: 'Sends an OTP to the registered phone as a deletion confirmation challenge. Returns a verificationId to use in step 2.',
+    }),
+    (0, swagger_1.ApiOkResponse)({
+        schema: {
+            example: {
+                message: 'A confirmation code has been sent to your phone.',
+                verificationId: 'uuid-v4',
+                expiresAt: 1700000000000,
+            },
+        },
+    }),
+    __param(0, (0, decorators_1.CurrentUser)()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [user_entity_1.User]),
+    __metadata("design:returntype", void 0)
+], AccountController.prototype, "requestDeletion", null);
+__decorate([
+    (0, common_1.Post)('account/delete-confirm'),
+    (0, common_1.HttpCode)(common_1.HttpStatus.OK),
+    (0, swagger_1.ApiOperation)({
+        summary: 'Confirm account deletion (step 2)',
+        description: 'Confirm deletion via phone OTP ({ verificationId, otp }) or via password ({ password }). Exactly one path must be provided.',
+    }),
+    (0, swagger_1.ApiBody)({ type: password_dto_1.DeleteAccountConfirmDto }),
+    (0, swagger_1.ApiOkResponse)({ schema: { example: { message: 'Your account has been deleted.' } } }),
+    (0, swagger_1.ApiBadRequestResponse)({ description: 'Neither or both confirmation methods provided' }),
+    __param(0, (0, decorators_1.CurrentUser)()),
+    __param(1, (0, common_1.Body)(config_aware_validation_pipe_1.ConfigAwareValidationPipe)),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [user_entity_1.User,
+        password_dto_1.DeleteAccountConfirmDto]),
+    __metadata("design:returntype", void 0)
+], AccountController.prototype, "confirmDeletion", null);
+exports.AccountController = AccountController = __decorate([
+    (0, swagger_1.ApiTags)('Account'),
+    (0, common_1.Controller)('auth'),
+    (0, common_1.UseGuards)(auth_guard_1.JwtAuthGuard),
+    (0, swagger_1.ApiBearerAuth)(),
+    __metadata("design:paramtypes", [account_service_1.AccountService,
+        password_service_1.PasswordService,
+        token_service_1.TokenService])
+], AccountController);
+//# sourceMappingURL=account.controller.js.map

package/dist/modules/auth/controllers/account.controller.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"account.controller.js","sourceRoot":"","sources":["../../../../modules/auth/controllers/account.controller.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAUwB;AACxB,6CASyB;AACzB,kEAAiE;AACjE,mDAA+D;AAC/D,2DAAiE;AACjE,kEAAwD;AACxD,iEAA6D;AAC7D,mEAA+D;AAC/D,sDAAiG;AACjG,yEAAqE;AACrE,gDAAmD;AAEnD,2CAAqC;AACrC,uEAAyE;AACzE,qGAA+F;AAMxF,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;IAC7B,YACkB,cAA8B,EAC9B,eAAgC,EAChC,YAA0B;QAF1B,mBAAc,GAAd,cAAc,CAAgB;QAC9B,oBAAe,GAAf,eAAe,CAAiB;QAChC,iBAAY,GAAZ,YAAY,CAAc;IACzC,CAAC;IAiBJ,YAAY,CAAS,IAAqB,EAAS,GAAY;QAC9D,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,GAAG,IAAA,kCAAkB,EAAC,GAAG,CAAC,CAAC;QACnD,OAAO,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,IAAI,CAAC,YAAY,EAAE,UAAU,EAAE,EAAE,CAAC,CAAC;IAChF,CAAC;IASD,MAAM,CAAgB,IAAU;QAC/B,OAAO,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC5C,CAAC;IAOD,iBAAiB,CAAgB,IAAU;QAC1C,OAAO,IAAI,CAAC,cAAc,CAAC,iBAAiB,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACvD,CAAC;IASD,aAAa,CAAoC,SAAiB,EAAiB,IAAU;QAC5F,OAAO,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;IAC9D,CAAC;IAmBD,WAAW,CAAgB,IAAU,EAAU,IAAoB;QAClE,OAAO,IAAI,CAAC,cAAc,CAAC,WAAW,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,iBAAiB,CAAC,CAAC;IACzE,CAAC;IAcD,cAAc,CAAgB,IAAU,EAAU,IAAuB;QACxE,OAAO,IAAI,CAAC,eAAe,CAAC,cAAc,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;IAC3D,CAAC;IAoBD,eAAe,CAAgB,IAAU;QACxC,OAAO,IAAI,CAAC,cAAc,CAAC,eAAe,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACrD,CAAC;IAYD,eAAe,CACC,IAAU,EACQ,GAA4B;QAE7D,OAAO,IAAI,CAAC,cAAc,CAAC,eAAe,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;IAC1D,CAAC;CACD,CAAA;AArIY,8CAAiB;AAsB7B;IAbC,IAAA,aAAI,EAAC,SAAS,CAAC;IACf,IAAA,mBAAM,GAAE;IACR,IAAA,kBAAS,EAAC,8BAAqB,CAAC;IAChC,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,gBAAgB;QACzB,WAAW,EAAE,iEAAiE;KAC9E,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,2BAAe,EAAE,CAAC;IAClC,IAAA,uBAAa,EAAC;QACd,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,WAAW,EAAE,KAAK,EAAE,YAAY,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE;KACzF,CAAC;IACD,IAAA,iCAAuB,EAAC,EAAE,WAAW,EAAE,2CAA2C,EAAE,CAAC;IACxE,WAAA,IAAA,aAAI,GAAE,CAAA;IAAyB,WAAA,IAAA,YAAG,GAAE,CAAA;;qCAAvB,2BAAe;;qDAGzC;AASD;IAPC,IAAA,aAAI,EAAC,QAAQ,CAAC;IACd,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,QAAQ;QACjB,WAAW,EAAE,kDAAkD;KAC/D,CAAC;IACD,IAAA,uBAAa,EAAC,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,yBAAyB,EAAE,EAAE,EAAE,CAAC;IACvE,WAAA,IAAA,wBAAW,GAAE,CAAA;;qCAAO,kBAAI;;+CAE/B;AAOD;IALC,IAAA,YAAG,EAAC,UAAU,CAAC;IACf,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,sBAAsB;QAC/B,WAAW,EAAE,uEAAuE;KACpF,CAAC;IACiB,WAAA,IAAA,wBAAW,GAAE,CAAA;;qCAAO,kBAAI;;0DAE1C;AASD;IAPC,IAAA,aAAI,EAAC,4BAA4B,CAAC;IAClC,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,kBAAkB;QAC3B,WAAW,EAAE,4CAA4C;KACzD,CAAC;IACD,IAAA,uBAAa,EAAC,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,8BAA8B,EAAE,EAAE,EAAE,CAAC;IACrE,WAAA,IAAA,cAAK,EAAC,WAAW,EAAE,sBAAa,CAAC,CAAA;IAAqB,WAAA,IAAA,wBAAW,GAAE,CAAA;;6CAAO,kBAAI;;sDAE5F;AAmBD;IAfC,IAAA,aAAI,EAAC,cAAc,CAAC;IACpB,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,sBAAsB;QAC/B,WAAW,EACV,4HAA4H;YAC5H,yHAAyH;KAC1H,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,6BAAc,EAAE,CAAC;IACjC,IAAA,uBAAa,EAAC,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,8BAA8B,EAAE,EAAE,EAAE,CAAC;IACnF,IAAA,iCAAuB,EAAC;QACxB,WAAW,EAAE,iEAAiE;KAC9E,CAAC;IACD,IAAA,+BAAqB,EAAC,EAAE,WAAW,EAAE,8BAA8B,EAAE,CAAC;IACtE,IAAA,6BAAmB,EAAC,EAAE,WAAW,EAAE,2BAA2B,EAAE,CAAC;IACrD,WAAA,IAAA,wBAAW,GAAE,CAAA;IAAc,WAAA,IAAA,aAAI,GAAE,CAAA;;qCAAb,kBAAI,EAAgB,6BAAc;;oDAElE;AAcD;IAVC,IAAA,aAAI,EAAC,yBAAyB,CAAC;IAC/B,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,iBAAiB;QAC1B,WAAW,EAAE,6CAA6C;KAC1D,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,gCAAiB,EAAE,CAAC;IACpC,IAAA,uBAAa,EAAC,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,gCAAgC,EAAE,EAAE,EAAE,CAAC;IACrF,IAAA,iCAAuB,EAAC,EAAE,WAAW,EAAE,+BAA+B,EAAE,CAAC;IACzE,IAAA,+BAAqB,EAAC,EAAE,WAAW,EAAE,2CAA2C,EAAE,CAAC;IACpE,WAAA,IAAA,wBAAW,GAAE,CAAA;IAAc,WAAA,IAAA,aAAI,GAAE,CAAA;;qCAAb,kBAAI,EAAgB,gCAAiB;;uDAExE;AAoBD;IAhBC,IAAA,aAAI,EAAC,wBAAwB,CAAC;IAC9B,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,mCAAmC;QAC5C,WAAW,EACV,uHAAuH;KACxH,CAAC;IACD,IAAA,uBAAa,EAAC;QACd,MAAM,EAAE;YACP,OAAO,EAAE;gBACR,OAAO,EAAE,kDAAkD;gBAC3D,cAAc,EAAE,SAAS;gBACzB,SAAS,EAAE,aAAa;aACxB;SACD;KACD,CAAC;IACe,WAAA,IAAA,wBAAW,GAAE,CAAA;;qCAAO,kBAAI;;wDAExC;AAYD;IAVC,IAAA,aAAI,EAAC,wBAAwB,CAAC;IAC9B,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,mCAAmC;QAC5C,WAAW,EACV,6HAA6H;KAC9H,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,sCAAuB,EAAE,CAAC;IAC1C,IAAA,uBAAa,EAAC,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,gCAAgC,EAAE,EAAE,EAAE,CAAC;IACrF,IAAA,+BAAqB,EAAC,EAAE,WAAW,EAAE,+CAA+C,EAAE,CAAC;IAEtF,WAAA,IAAA,wBAAW,GAAE,CAAA;IACb,WAAA,IAAA,aAAI,EAAC,wDAAyB,CAAC,CAAA;;qCADX,kBAAI;QACa,sCAAuB;;wDAG7D;4BApIW,iBAAiB;IAJ7B,IAAA,iBAAO,EAAC,SAAS,CAAC;IAClB,IAAA,mBAAU,EAAC,MAAM,CAAC;IAClB,IAAA,kBAAS,EAAC,yBAAY,CAAC;IACvB,IAAA,uBAAa,GAAE;qCAGmB,gCAAc;QACb,kCAAe;QAClB,4BAAY;GAJhC,iBAAiB,CAqI7B"}