@spacelr/sdk 0.1.0

package/dist/index.js

@@ -0,0 +1,1471 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// libs/sdk/src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  BrowserTokenStorage: () => BrowserTokenStorage,
+  CodeChallengeMethod: () => CodeChallengeMethod,
+  FileVisibility: () => FileVisibility,
+  GrantType: () => GrantType,
+  MemoryTokenStorage: () => MemoryTokenStorage,
+  SharePermission: () => SharePermission,
+  SpacelrAuthError: () => SpacelrAuthError,
+  SpacelrEmailVerificationRequiredError: () => SpacelrEmailVerificationRequiredError,
+  SpacelrError: () => SpacelrError,
+  SpacelrNetworkError: () => SpacelrNetworkError,
+  SpacelrTimeoutError: () => SpacelrTimeoutError,
+  SpacelrTwoFactorRequiredError: () => SpacelrTwoFactorRequiredError,
+  createClient: () => createClient,
+  generatePKCEChallenge: () => generatePKCEChallenge
+});
+module.exports = __toCommonJS(index_exports);
+
+// libs/sdk/src/core/errors.ts
+var SpacelrError = class extends Error {
+  constructor(message, code, statusCode, details) {
+    super(message);
+    this.name = "SpacelrError";
+    this.code = code;
+    this.statusCode = statusCode;
+    this.details = details;
+  }
+};
+var SpacelrAuthError = class extends SpacelrError {
+  constructor(message, statusCode = 401, details) {
+    super(message, "AUTH_ERROR", statusCode, details);
+    this.name = "SpacelrAuthError";
+  }
+};
+var SpacelrNetworkError = class extends SpacelrError {
+  constructor(message, details) {
+    super(message, "NETWORK_ERROR", void 0, details);
+    this.name = "SpacelrNetworkError";
+  }
+};
+var SpacelrTimeoutError = class extends SpacelrError {
+  constructor(timeoutMs) {
+    super(
+      `Request timed out after ${timeoutMs}ms`,
+      "TIMEOUT_ERROR",
+      void 0,
+      { timeoutMs }
+    );
+    this.name = "SpacelrTimeoutError";
+  }
+};
+var SpacelrTwoFactorRequiredError = class extends SpacelrError {
+  constructor(twoFactorToken, details) {
+    super(
+      "Two-factor authentication required",
+      "TWO_FACTOR_REQUIRED",
+      200,
+      details
+    );
+    this.name = "SpacelrTwoFactorRequiredError";
+    this.twoFactorToken = twoFactorToken;
+  }
+};
+var SpacelrEmailVerificationRequiredError = class extends SpacelrError {
+  constructor(emailSent, details) {
+    super(
+      emailSent ? "Email verification required. A new verification email has been sent." : "Email verification required. Please check your inbox for the verification email.",
+      "EMAIL_VERIFICATION_REQUIRED",
+      200,
+      details
+    );
+    this.name = "SpacelrEmailVerificationRequiredError";
+    this.emailSent = emailSent;
+  }
+};
+
+// libs/sdk/src/core/http-client.ts
+var HttpClient = class {
+  constructor(config, tokenManager) {
+    this.config = config;
+    this.tokenManager = tokenManager;
+  }
+  async request(options) {
+    const url = this.buildUrl(options.path, options.query);
+    const headers = await this.buildHeaders(options);
+    const timeout = this.config.timeout ?? 3e4;
+    const includeCredentials = options.withCredentials ?? options.path.startsWith("/auth/");
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), timeout);
+    try {
+      const response = await fetch(url, {
+        method: options.method,
+        headers,
+        body: options.body ? JSON.stringify(options.body) : void 0,
+        signal: controller.signal,
+        ...includeCredentials && { credentials: "include" }
+      });
+      const responseBody = await this.parseResponse(response);
+      if (!response.ok) {
+        this.throwHttpError(response.status, responseBody);
+      }
+      return this.extractData(responseBody);
+    } catch (error) {
+      if (error instanceof SpacelrError) throw error;
+      if (error instanceof DOMException && error.name === "AbortError") {
+        throw new SpacelrTimeoutError(timeout);
+      }
+      throw new SpacelrNetworkError(
+        error instanceof Error ? error.message : "Network request failed"
+      );
+    } finally {
+      clearTimeout(timeoutId);
+    }
+  }
+  async uploadForm(path, formData, onProgress) {
+    const url = this.buildUrl(path);
+    const headers = await this.buildFormHeaders();
+    const timeoutMs = this.config.timeout ?? 3e4;
+    if (onProgress) {
+      return this.uploadFormWithProgress(url, headers, formData, onProgress, timeoutMs);
+    }
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), timeoutMs);
+    try {
+      const response = await fetch(url, {
+        method: "POST",
+        headers,
+        body: formData,
+        signal: controller.signal
+      });
+      const responseBody = await this.parseResponse(response);
+      if (!response.ok) {
+        this.throwHttpError(response.status, responseBody);
+      }
+      return this.extractData(responseBody);
+    } catch (error) {
+      if (error instanceof SpacelrError) throw error;
+      if (error instanceof DOMException && error.name === "AbortError") {
+        throw new SpacelrTimeoutError(timeoutMs);
+      }
+      throw new SpacelrNetworkError(
+        error instanceof Error ? error.message : "Network request failed"
+      );
+    } finally {
+      clearTimeout(timeoutId);
+    }
+  }
+  uploadFormWithProgress(url, headers, formData, onProgress, timeoutMs) {
+    return new Promise((resolve, reject) => {
+      const xhr = new XMLHttpRequest();
+      xhr.open("POST", url);
+      xhr.timeout = timeoutMs;
+      for (const [key, value] of Object.entries(headers)) {
+        xhr.setRequestHeader(key, value);
+      }
+      xhr.upload.addEventListener("progress", (e) => {
+        if (e.lengthComputable) {
+          onProgress({ loaded: e.loaded, total: e.total });
+        }
+      });
+      xhr.addEventListener("load", () => {
+        try {
+          const contentType = xhr.getResponseHeader("content-type") ?? "";
+          if (!contentType.includes("application/json")) {
+            if (xhr.status >= 200 && xhr.status < 300) {
+              resolve({ success: true, data: xhr.responseText });
+            } else {
+              reject(new SpacelrNetworkError(`HTTP ${xhr.status}: ${xhr.responseText.slice(0, 200)}`));
+            }
+            return;
+          }
+          const body = JSON.parse(xhr.responseText);
+          if (xhr.status >= 200 && xhr.status < 300) {
+            resolve(this.extractData(body));
+          } else {
+            this.throwHttpError(xhr.status, body);
+          }
+        } catch (error) {
+          if (error instanceof SpacelrError) {
+            reject(error);
+          } else {
+            reject(new SpacelrNetworkError("Failed to parse response"));
+          }
+        }
+      });
+      xhr.addEventListener("error", () => {
+        reject(new SpacelrNetworkError("Network request failed"));
+      });
+      xhr.addEventListener("timeout", () => {
+        xhr.abort();
+        reject(new SpacelrTimeoutError(timeoutMs));
+      });
+      xhr.send(formData);
+    });
+  }
+  buildUrl(path, query) {
+    const cleanPath = path.startsWith("/") ? path : `/${path}`;
+    const base = cleanPath.startsWith("/.well-known") ? new URL(this.config.apiUrl).origin : this.config.apiUrl.replace(/\/+$/, "");
+    const url = new URL(`${base}${cleanPath}`);
+    if (query) {
+      for (const [key, value] of Object.entries(query)) {
+        if (value !== void 0) {
+          url.searchParams.set(key, String(value));
+        }
+      }
+    }
+    return url.toString();
+  }
+  async buildHeaders(options) {
+    const headers = {
+      "Content-Type": "application/json",
+      "x-client-id": this.config.clientId,
+      "x-project-id": this.config.projectId,
+      ...options.headers
+    };
+    if (options.authenticated) {
+      const token = await this.tokenManager.getAccessToken();
+      if (token) {
+        headers["Authorization"] = `Bearer ${token}`;
+      }
+    }
+    return headers;
+  }
+  async buildFormHeaders() {
+    const headers = {
+      "x-client-id": this.config.clientId,
+      "x-project-id": this.config.projectId
+    };
+    const token = await this.tokenManager.getAccessToken();
+    if (token) {
+      headers["Authorization"] = `Bearer ${token}`;
+    }
+    return headers;
+  }
+  async parseResponse(response) {
+    const contentType = response.headers.get("content-type") ?? "";
+    if (contentType.includes("application/json")) {
+      return response.json();
+    }
+    const text = await response.text();
+    return { success: response.ok, data: text };
+  }
+  throwHttpError(statusCode, body) {
+    const apiBody = body;
+    const message = apiBody.error?.message ?? `HTTP ${statusCode}`;
+    const code = apiBody.error?.code ?? `HTTP_${statusCode}`;
+    const details = apiBody.error?.details;
+    if (statusCode === 401 || statusCode === 403) {
+      throw new SpacelrAuthError(message, statusCode, details);
+    }
+    throw new SpacelrError(message, code, statusCode, details);
+  }
+  extractData(body) {
+    const apiBody = body;
+    if ("success" in apiBody && apiBody.data !== void 0) {
+      const data = apiBody.data;
+      if (data["emailVerificationRequired"] === true) {
+        throw new SpacelrEmailVerificationRequiredError(data["emailSent"] === true);
+      }
+      if (data["twoFactorRequired"] === true && typeof data["twoFactorToken"] === "string") {
+        throw new SpacelrTwoFactorRequiredError(data["twoFactorToken"]);
+      }
+      return apiBody.data;
+    }
+    const rawBody = body;
+    if (rawBody["emailVerificationRequired"] === true) {
+      throw new SpacelrEmailVerificationRequiredError(rawBody["emailSent"] === true);
+    }
+    if (rawBody["twoFactorRequired"] === true && typeof rawBody["twoFactorToken"] === "string") {
+      throw new SpacelrTwoFactorRequiredError(rawBody["twoFactorToken"]);
+    }
+    return body;
+  }
+};
+
+// libs/sdk/src/core/token-storage.ts
+var MemoryTokenStorage = class {
+  constructor() {
+    this.tokens = null;
+  }
+  async getTokens() {
+    return this.tokens;
+  }
+  async setTokens(tokens) {
+    this.tokens = tokens;
+  }
+  async clearTokens() {
+    this.tokens = null;
+  }
+};
+var BrowserTokenStorage = class {
+  constructor(storageKey = "spacelr_tokens") {
+    this.storageKey = storageKey;
+  }
+  async getTokens() {
+    try {
+      const raw = localStorage.getItem(this.storageKey);
+      if (!raw) return null;
+      return JSON.parse(raw);
+    } catch {
+      return null;
+    }
+  }
+  async setTokens(tokens) {
+    try {
+      localStorage.setItem(this.storageKey, JSON.stringify(tokens));
+    } catch {
+    }
+  }
+  async clearTokens() {
+    try {
+      localStorage.removeItem(this.storageKey);
+    } catch {
+    }
+  }
+};
+
+// libs/sdk/src/core/token-manager.ts
+var TokenManager = class {
+  constructor(storage, refreshBufferSeconds = 60) {
+    this.refreshCallback = null;
+    this.refreshPromise = null;
+    this.storage = storage ?? new MemoryTokenStorage();
+    this.refreshBufferSeconds = refreshBufferSeconds;
+  }
+  setRefreshCallback(callback) {
+    this.refreshCallback = callback;
+  }
+  async getAccessToken() {
+    const tokens = await this.storage.getTokens();
+    if (!tokens) return null;
+    if (this.isTokenExpired(tokens)) {
+      const refreshed = await this.tryRefresh(tokens);
+      return refreshed?.accessToken ?? null;
+    }
+    if (this.shouldRefresh(tokens)) {
+      this.tryRefresh(tokens).catch(() => {
+      });
+    }
+    return tokens.accessToken;
+  }
+  async setTokens(tokens) {
+    await this.storage.setTokens(tokens);
+  }
+  async clearTokens() {
+    await this.storage.clearTokens();
+    this.refreshPromise = null;
+  }
+  async getStoredTokens() {
+    return this.storage.getTokens();
+  }
+  isTokenExpired(tokens) {
+    if (!tokens.expiresAt) return false;
+    return Date.now() >= tokens.expiresAt * 1e3;
+  }
+  shouldRefresh(tokens) {
+    if (!tokens.expiresAt || !tokens.refreshToken) return false;
+    const bufferMs = this.refreshBufferSeconds * 1e3;
+    return Date.now() >= tokens.expiresAt * 1e3 - bufferMs;
+  }
+  async tryRefresh(tokens) {
+    if (!tokens.refreshToken || !this.refreshCallback) return null;
+    if (this.refreshPromise) {
+      return this.refreshPromise;
+    }
+    this.refreshPromise = this.executeRefresh(tokens.refreshToken);
+    try {
+      const result = await this.refreshPromise;
+      return result;
+    } finally {
+      this.refreshPromise = null;
+    }
+  }
+  async executeRefresh(refreshToken) {
+    const callback = this.refreshCallback;
+    const newTokens = await callback(refreshToken);
+    await this.storage.setTokens(newTokens);
+    return newTokens;
+  }
+};
+
+// libs/sdk/src/types/common.ts
+var FileVisibility = /* @__PURE__ */ ((FileVisibility2) => {
+  FileVisibility2["PRIVATE"] = "private";
+  FileVisibility2["SHARED"] = "shared";
+  FileVisibility2["PUBLIC"] = "public";
+  return FileVisibility2;
+})(FileVisibility || {});
+var GrantType = /* @__PURE__ */ ((GrantType2) => {
+  GrantType2["AUTHORIZATION_CODE"] = "authorization_code";
+  GrantType2["CLIENT_CREDENTIALS"] = "client_credentials";
+  GrantType2["REFRESH_TOKEN"] = "refresh_token";
+  return GrantType2;
+})(GrantType || {});
+var CodeChallengeMethod = /* @__PURE__ */ ((CodeChallengeMethod2) => {
+  CodeChallengeMethod2["PLAIN"] = "plain";
+  CodeChallengeMethod2["S256"] = "S256";
+  return CodeChallengeMethod2;
+})(CodeChallengeMethod || {});
+var SharePermission = /* @__PURE__ */ ((SharePermission2) => {
+  SharePermission2["READ"] = "read";
+  SharePermission2["WRITE"] = "write";
+  return SharePermission2;
+})(SharePermission || {});
+
+// libs/sdk/src/core/pkce.ts
+function generateRandomBytes(length) {
+  if (typeof globalThis.crypto !== "undefined" && globalThis.crypto.getRandomValues) {
+    const bytes = new Uint8Array(length);
+    globalThis.crypto.getRandomValues(bytes);
+    return bytes;
+  }
+  const nodeCrypto = require("crypto");
+  return new Uint8Array(nodeCrypto.randomBytes(length));
+}
+function base64UrlEncode(buffer) {
+  let binary = "";
+  for (let i = 0; i < buffer.length; i++) {
+    binary += String.fromCharCode(buffer[i]);
+  }
+  const base64 = btoa(binary);
+  return base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+}
+async function sha256(input) {
+  if (typeof globalThis.crypto !== "undefined" && globalThis.crypto.subtle) {
+    const encoder = new TextEncoder();
+    const data = encoder.encode(input);
+    const hash2 = await globalThis.crypto.subtle.digest("SHA-256", data);
+    return new Uint8Array(hash2);
+  }
+  const nodeCrypto = require("crypto");
+  const hash = nodeCrypto.createHash("sha256").update(input).digest();
+  return new Uint8Array(hash);
+}
+async function generatePKCEChallenge() {
+  const randomBytes = generateRandomBytes(32);
+  const codeVerifier = base64UrlEncode(randomBytes);
+  const hashBytes = await sha256(codeVerifier);
+  const codeChallenge = base64UrlEncode(hashBytes);
+  return {
+    codeVerifier,
+    codeChallenge,
+    codeChallengeMethod: "S256" /* S256 */
+  };
+}
+
+// libs/sdk/src/core/realtime.ts
+var import_socket = require("socket.io-client");
+var RealtimeClient = class {
+  constructor(config) {
+    this.socket = null;
+    this.subscriptions = /* @__PURE__ */ new Map();
+    this.connecting = null;
+    // Store original where objects per room for reconnect resubscription
+    this.roomWhereMap = /* @__PURE__ */ new Map();
+    this.config = config;
+  }
+  async subscribe(projectId, collectionName, callback, onError, where) {
+    await this.ensureConnected();
+    const room = this.buildRoomKey(projectId, collectionName, where);
+    if (!this.subscriptions.has(room)) {
+      this.subscriptions.set(room, /* @__PURE__ */ new Set());
+    }
+    const callbacks = this.subscriptions.get(room);
+    callbacks?.add(callback);
+    if (callbacks?.size === 1) {
+      if (where && Object.keys(where).length > 0) {
+        this.roomWhereMap.set(room, where);
+      }
+      const payload = { projectId, collectionName };
+      if (where && Object.keys(where).length > 0) {
+        payload["where"] = where;
+      }
+      this.socket?.emit(
+        "subscribe",
+        payload,
+        (response) => {
+          if (response.error && onError) {
+            onError(new Error(response.error));
+          }
+        }
+      );
+    }
+    return () => {
+      const callbacks2 = this.subscriptions.get(room);
+      if (callbacks2) {
+        callbacks2.delete(callback);
+        if (callbacks2.size === 0) {
+          this.subscriptions.delete(room);
+          this.roomWhereMap.delete(room);
+          const payload = { projectId, collectionName };
+          if (where && Object.keys(where).length > 0) {
+            payload["where"] = where;
+          }
+          this.socket?.emit("unsubscribe", payload);
+        }
+      }
+    };
+  }
+  disconnect() {
+    if (this.socket) {
+      this.socket.disconnect();
+      this.socket = null;
+    }
+    this.subscriptions.clear();
+    this.roomWhereMap.clear();
+    this.connecting = null;
+  }
+  buildRoomKey(projectId, collectionName, where) {
+    const base = `db:${projectId}:${collectionName}`;
+    if (!where || Object.keys(where).length === 0) {
+      return base;
+    }
+    const filterStr = Object.keys(where).sort().map((k) => `${k}=${String(where[k])}`).join("&");
+    return `${base}?${filterStr}`;
+  }
+  async ensureConnected() {
+    if (this.socket?.connected) return;
+    if (this.connecting) {
+      return this.connecting;
+    }
+    this.connecting = this.connect();
+    try {
+      await this.connecting;
+    } finally {
+      this.connecting = null;
+    }
+  }
+  async connect() {
+    const token = await this.config.getToken();
+    if (!token) {
+      throw new Error("No authentication token available");
+    }
+    const wsUrl = this.config.baseUrl.replace(/\/api\/v\d+\/?$/, "");
+    return new Promise((resolve, reject) => {
+      let initialConnect = true;
+      this.socket = (0, import_socket.io)(`${wsUrl}/database`, {
+        auth: async (cb) => {
+          try {
+            const freshToken = await this.config.getToken();
+            cb({ token: freshToken });
+          } catch {
+            cb({ token: null });
+          }
+        },
+        transports: ["websocket"],
+        reconnection: false
+        // Disabled until first successful connect
+      });
+      this.socket.on("authenticated", () => {
+        if (initialConnect) {
+          initialConnect = false;
+          if (this.socket) {
+            this.socket.io.opts.reconnection = true;
+            this.socket.io.opts.reconnectionDelay = 1e3;
+            this.socket.io.opts.reconnectionDelayMax = 5e3;
+            this.socket.io.opts.reconnectionAttempts = 50;
+          }
+          resolve();
+        }
+      });
+      this.socket.on("connect", () => {
+        if (!initialConnect) {
+          this.resubscribeAll();
+        }
+      });
+      this.socket.on("connect_error", (err) => {
+        if (initialConnect) {
+          reject(new Error(`WebSocket connection failed: ${err.message}`));
+        }
+      });
+      this.socket.on("db:event", (event) => {
+        const base = `db:${event.projectId}:${event.collectionName}`;
+        const baseCallbacks = this.subscriptions.get(base);
+        if (baseCallbacks) {
+          for (const cb of baseCallbacks) {
+            try {
+              cb(event);
+            } catch {
+            }
+          }
+        }
+        for (const [room, callbacks] of this.subscriptions) {
+          if (room.startsWith(`${base}?`) && this.eventMatchesRoom(event, room)) {
+            for (const cb of callbacks) {
+              try {
+                cb(event);
+              } catch {
+              }
+            }
+          }
+        }
+      });
+      this.socket.on("disconnect", () => {
+      });
+    });
+  }
+  eventMatchesRoom(event, room) {
+    const base = `db:${event.projectId}:${event.collectionName}`;
+    if (room === base) return true;
+    if (!room.startsWith(`${base}?`)) return false;
+    const where = this.roomWhereMap.get(room);
+    if (!where) return true;
+    if (!event.document) return false;
+    for (const [key, value] of Object.entries(where)) {
+      const docValue = event.document[key];
+      if (Array.isArray(docValue)) {
+        if (!docValue.some((item) => String(item) === String(value))) {
+          return false;
+        }
+      } else if (String(docValue) !== String(value)) {
+        return false;
+      }
+    }
+    return true;
+  }
+  resubscribeAll() {
+    for (const [room] of this.subscriptions) {
+      const queryIdx = room.indexOf("?");
+      const basePart = queryIdx >= 0 ? room.substring(0, queryIdx) : room;
+      const parts = basePart.split(":");
+      if (parts.length >= 3) {
+        const projectId = parts[1];
+        const collectionName = parts.slice(2).join(":");
+        const payload = { projectId, collectionName };
+        const where = this.roomWhereMap.get(room);
+        if (where) {
+          payload["where"] = where;
+        }
+        this.socket?.emit(
+          "subscribe",
+          payload,
+          (response) => {
+            if (response?.error) {
+              this.subscriptions.delete(room);
+              this.roomWhereMap.delete(room);
+            }
+          }
+        );
+      }
+    }
+  }
+};
+
+// libs/sdk/src/modules/auth.module.ts
+var AuthModule = class {
+  constructor(http, tokenManager, config) {
+    this.http = http;
+    this.tokenManager = tokenManager;
+    this.config = config;
+    this.tokenManager.setRefreshCallback(async (refreshToken) => {
+      const result = await this.refresh(refreshToken);
+      const expiresAt = result.expires_in ? Math.floor(Date.now() / 1e3) + result.expires_in : void 0;
+      return {
+        accessToken: result.access_token,
+        refreshToken: result.refresh_token,
+        expiresAt
+      };
+    });
+  }
+  async login(params) {
+    const response = await this.http.request({
+      method: "POST",
+      path: "/auth/login",
+      body: params
+    });
+    await this.storeTokensFromLogin(response);
+    return response;
+  }
+  async register(params) {
+    const response = await this.http.request({
+      method: "POST",
+      path: "/auth/register",
+      body: params
+    });
+    if (response.access_token) {
+      await this.storeTokensFromRegister(response);
+    }
+    return response;
+  }
+  async refresh(refreshToken) {
+    return this.http.request({
+      method: "POST",
+      path: "/auth/refresh",
+      body: { refreshToken }
+    });
+  }
+  async getProfile() {
+    return this.http.request({
+      method: "GET",
+      path: "/auth/me",
+      authenticated: true
+    });
+  }
+  async logout() {
+    await this.http.request({
+      method: "POST",
+      path: "/auth/logout",
+      authenticated: true
+    });
+    await this.tokenManager.clearTokens();
+  }
+  async verifyEmail(token) {
+    return this.http.request({
+      method: "GET",
+      path: "/auth/verify-email",
+      query: { token }
+    });
+  }
+  async resendVerification(email) {
+    return this.http.request({
+      method: "POST",
+      path: "/auth/resend-verification",
+      body: { email }
+    });
+  }
+  async getUserInfo() {
+    return this.http.request({
+      method: "GET",
+      path: this.config.userInfoEndpoint ?? "/auth/userinfo",
+      authenticated: true
+    });
+  }
+  getAuthorizationUrl(params) {
+    const baseUrl = this.config.apiUrl.replace(/\/+$/, "");
+    const endpoint = this.config.authorizationEndpoint ?? "/auth/authorize";
+    const url = new URL(`${baseUrl}${endpoint}`);
+    url.searchParams.set("client_id", this.config.clientId);
+    url.searchParams.set("redirect_uri", params.redirectUri);
+    url.searchParams.set("response_type", params.responseType ?? "code");
+    const scope = params.scope ?? this.config.scopes?.join(" ") ?? "openid";
+    url.searchParams.set("scope", scope);
+    if (params.state) {
+      url.searchParams.set("state", params.state);
+    }
+    if (params.codeChallenge) {
+      url.searchParams.set("code_challenge", params.codeChallenge);
+    }
+    if (params.codeChallengeMethod) {
+      url.searchParams.set(
+        "code_challenge_method",
+        params.codeChallengeMethod
+      );
+    }
+    return url.toString();
+  }
+  async exchangeCode(params) {
+    const body = {
+      grant_type: params.grantType ?? "authorization_code" /* AUTHORIZATION_CODE */,
+      code: params.code,
+      redirect_uri: params.redirectUri,
+      client_id: this.config.clientId
+    };
+    if (params.clientSecret) {
+      body["client_secret"] = params.clientSecret;
+    }
+    if (params.codeVerifier) {
+      body["code_verifier"] = params.codeVerifier;
+    }
+    const tokenEndpoint = this.config.tokenEndpoint ?? "/auth/token";
+    const response = await this.http.request({
+      method: "POST",
+      path: tokenEndpoint,
+      body
+    });
+    const expiresAt = response.expires_in ? Math.floor(Date.now() / 1e3) + response.expires_in : void 0;
+    await this.tokenManager.setTokens({
+      accessToken: response.access_token,
+      refreshToken: response.refresh_token,
+      expiresAt
+    });
+    return response;
+  }
+  async generatePKCE() {
+    return generatePKCEChallenge();
+  }
+  async getOpenIDConfiguration() {
+    return this.http.request({
+      method: "GET",
+      path: "/.well-known/openid-configuration"
+    });
+  }
+  async getJWKS() {
+    return this.http.request({
+      method: "GET",
+      path: "/.well-known/jwks.json"
+    });
+  }
+  /**
+   * Request a password reset email.
+   * Always returns a generic message regardless of whether the email exists.
+   */
+  async requestPasswordReset(email) {
+    return this.http.request({
+      method: "POST",
+      path: "/auth/request-password-reset",
+      body: { email }
+    });
+  }
+  /**
+   * Reset password using a token received via email.
+   */
+  async resetPassword(token, password) {
+    return this.http.request({
+      method: "POST",
+      path: "/auth/reset-password",
+      body: { token, password }
+    });
+  }
+  /**
+   * Exchange a one-time verification code for tokens.
+   * Use this after email verification redirects the user with a ?loginCode= parameter.
+   */
+  async exchangeVerificationCode(code) {
+    const response = await this.http.request({
+      method: "POST",
+      path: "/auth/exchange-code",
+      body: { code }
+    });
+    await this.storeTokensFromLogin(response);
+    return response;
+  }
+  /**
+   * Resend a two-factor authentication code email.
+   * Call this when the user hasn't received the code or it expired.
+   */
+  async resendTwoFactorCode(token) {
+    return this.http.request({
+      method: "POST",
+      path: "/auth/resend-two-factor-code",
+      body: { token }
+    });
+  }
+  /**
+   * Verify a two-factor authentication code.
+   * Call this after catching SpacelrTwoFactorRequiredError from login().
+   */
+  async verifyTwoFactor(params) {
+    const response = await this.http.request({
+      method: "POST",
+      path: "/auth/verify-two-factor",
+      body: { token: params.token, code: params.code }
+    });
+    await this.storeTokensFromLogin(response);
+    return response;
+  }
+  async storeTokensFromLogin(response) {
+    const expiresAt = response.expires_in ? Math.floor(Date.now() / 1e3) + response.expires_in : void 0;
+    await this.tokenManager.setTokens({
+      accessToken: response.access_token,
+      refreshToken: response.refresh_token,
+      expiresAt
+    });
+  }
+  async storeTokensFromRegister(response) {
+    if (!response.access_token) return;
+    await this.tokenManager.setTokens({
+      accessToken: response.access_token,
+      refreshToken: response.refresh_token
+    });
+  }
+};
+
+// libs/sdk/src/modules/storage.module.ts
+var StorageModule = class {
+  constructor(http, tokenManager, config) {
+    this.http = http;
+    this.tokenManager = tokenManager;
+    this.config = config;
+  }
+  /**
+   * Upload a file through the gateway (no direct MinIO access).
+   * Accepts a Blob/File (browser) or ArrayBuffer/Uint8Array (Node).
+   */
+  async uploadFile(file, params, onProgress) {
+    const formData = new FormData();
+    const blob = file instanceof Blob ? file : new Blob([file], { type: params.mimeType });
+    formData.append("file", blob, params.filename);
+    if (params.visibility) formData.append("visibility", params.visibility);
+    if (params.description) formData.append("description", params.description);
+    const progressHandler = onProgress ? (e) => {
+      onProgress({
+        loaded: e.loaded,
+        total: e.total,
+        percentage: e.total > 0 ? Math.round(e.loaded / e.total * 100) : 0
+      });
+    } : void 0;
+    return this.http.uploadForm("/storage/files", formData, progressHandler);
+  }
+  /**
+   * Upload a large file using multipart upload through the gateway.
+   * Splits into parts, uploads concurrently, and completes.
+   */
+  async uploadLargeFile(file, params, onProgress) {
+    const fileSize = file instanceof Blob ? file.size : file.byteLength;
+    const concurrency = params.concurrency ?? 3;
+    const init = await this.initMultipartUpload({
+      filename: params.filename,
+      mimeType: params.mimeType,
+      totalSizeBytes: fileSize,
+      visibility: params.visibility,
+      description: params.description
+    });
+    const { partSize, totalParts, fileId } = init;
+    const completedParts = [];
+    let completedBytes = 0;
+    const partProgressMap = /* @__PURE__ */ new Map();
+    try {
+      const allPartNumbers = Array.from(
+        { length: totalParts },
+        (_, i) => i + 1
+      );
+      for (let i = 0; i < allPartNumbers.length; i += concurrency) {
+        const batch = allPartNumbers.slice(i, i + concurrency);
+        const uploads = batch.map(async (partNumber) => {
+          const start = (partNumber - 1) * partSize;
+          const end = Math.min(start + partSize, fileSize);
+          const chunkSize = end - start;
+          const chunk = file instanceof Blob ? file.slice(start, end) : new Blob([file.slice(start, end)]);
+          const formData = new FormData();
+          formData.append("file", chunk, `part-${partNumber}`);
+          formData.append("partNumber", String(partNumber));
+          const partProgress = onProgress && typeof XMLHttpRequest !== "undefined" ? (e) => {
+            const ratio = e.total > 0 ? e.loaded / e.total : 0;
+            partProgressMap.set(partNumber, Math.min(ratio * chunkSize, chunkSize));
+            const inFlightBytes = Array.from(partProgressMap.values()).reduce((sum, v) => sum + v, 0);
+            const totalLoaded = Math.min(completedBytes + inFlightBytes, fileSize);
+            onProgress({
+              loaded: totalLoaded,
+              total: fileSize,
+              percentage: fileSize > 0 ? Math.min(100, Math.round(totalLoaded / fileSize * 100)) : 0
+            });
+          } : void 0;
+          const result = await this.http.uploadForm(
+            `/storage/files/${fileId}/multipart/upload-part`,
+            formData,
+            partProgress
+          );
+          partProgressMap.delete(partNumber);
+          completedBytes += chunkSize;
+          if (onProgress) {
+            onProgress({
+              loaded: Math.min(completedBytes, fileSize),
+              total: fileSize,
+              percentage: fileSize > 0 ? Math.min(100, Math.round(completedBytes / fileSize * 100)) : 0
+            });
+          }
+          completedParts.push({
+            partNumber,
+            etag: result.etag
+          });
+        });
+        await Promise.all(uploads);
+        partProgressMap.clear();
+      }
+      completedParts.sort((a, b) => a.partNumber - b.partNumber);
+      await this.completeMultipartUpload(fileId, completedParts);
+      return this.getFileInfo(fileId);
+    } catch (error) {
+      try {
+        await this.abortMultipartUpload(fileId);
+      } catch {
+      }
+      throw error;
+    }
+  }
+  async initMultipartUpload(params) {
+    return this.http.request({
+      method: "POST",
+      path: "/storage/files/multipart/init",
+      body: params,
+      authenticated: true
+    });
+  }
+  async completeMultipartUpload(fileId, parts) {
+    return this.http.request({
+      method: "POST",
+      path: `/storage/files/${fileId}/multipart/complete`,
+      body: { parts },
+      authenticated: true
+    });
+  }
+  async abortMultipartUpload(fileId) {
+    await this.http.request({
+      method: "POST",
+      path: `/storage/files/${fileId}/multipart/abort`,
+      authenticated: true
+    });
+  }
+  async listFiles(params) {
+    return this.http.request({
+      method: "GET",
+      path: "/storage/files",
+      query: params,
+      authenticated: true
+    });
+  }
+  async listSharedFiles(params) {
+    return this.http.request({
+      method: "GET",
+      path: "/storage/shared",
+      query: params,
+      authenticated: true
+    });
+  }
+  async getFileInfo(fileId) {
+    return this.http.request({
+      method: "GET",
+      path: `/storage/files/${fileId}`,
+      authenticated: true
+    });
+  }
+  async downloadFile(fileId) {
+    const baseUrl = this.config.apiUrl.replace(/\/+$/, "");
+    const url = `${baseUrl}/storage/files/${fileId}/download`;
+    const headers = {
+      "x-client-id": this.config.clientId,
+      "x-project-id": this.config.projectId
+    };
+    const token = await this.tokenManager.getAccessToken();
+    if (token) {
+      headers["Authorization"] = `Bearer ${token}`;
+    }
+    const response = await fetch(url, { headers });
+    if (!response.ok) {
+      throw new Error(`Download failed: ${response.status}`);
+    }
+    return response.blob();
+  }
+  async getDownloadUrl(fileId) {
+    return this.http.request({
+      method: "GET",
+      path: `/storage/files/${fileId}/download-url`,
+      authenticated: true
+    });
+  }
+  async deleteFile(fileId) {
+    await this.http.request({
+      method: "DELETE",
+      path: `/storage/files/${fileId}`,
+      authenticated: true
+    });
+  }
+  async shareFile(fileId, params) {
+    await this.http.request({
+      method: "POST",
+      path: `/storage/files/${fileId}/share`,
+      body: params,
+      authenticated: true
+    });
+  }
+  async unshareFile(fileId, params) {
+    await this.http.request({
+      method: "POST",
+      path: `/storage/files/${fileId}/unshare`,
+      body: params,
+      authenticated: true
+    });
+  }
+  async updateVisibility(fileId, visibility) {
+    return this.http.request({
+      method: "PATCH",
+      path: `/storage/files/${fileId}/visibility`,
+      body: { visibility },
+      authenticated: true
+    });
+  }
+  async getQuota() {
+    return this.http.request({
+      method: "GET",
+      path: "/storage/quota",
+      authenticated: true
+    });
+  }
+  async getPublicFileUrl(fileId, projectId) {
+    const baseUrl = this.config.apiUrl.replace(/\/+$/, "");
+    const resolvedProjectId = projectId ?? this.config.projectId;
+    return `${baseUrl}/public/files/${resolvedProjectId}/${fileId}`;
+  }
+};
+
+// libs/sdk/src/modules/database.module.ts
+var QueryBuilder = class {
+  constructor(http, basePath, filter) {
+    this.http = http;
+    this.basePath = basePath;
+    this._populate = [];
+    this._filter = filter;
+  }
+  sort(sort) {
+    this._sort = sort;
+    return this;
+  }
+  limit(limit) {
+    this._limit = limit;
+    return this;
+  }
+  offset(offset) {
+    this._offset = offset;
+    return this;
+  }
+  select(fields) {
+    this._fields = fields;
+    return this;
+  }
+  populate(field, collection, foreignField) {
+    this._populate.push({ field, collection, foreignField });
+    return this;
+  }
+  async execute() {
+    const query = {};
+    if (this._filter) query["filter"] = JSON.stringify(this._filter);
+    if (this._sort) query["sort"] = JSON.stringify(this._sort);
+    if (this._limit !== void 0) query["limit"] = this._limit;
+    if (this._offset !== void 0) query["offset"] = this._offset;
+    if (this._fields) query["fields"] = this._fields.join(",");
+    if (this._populate.length) {
+      query["populate"] = this._populate.map(
+        (p) => p.foreignField ? `${p.field}:${p.collection}:${p.foreignField}` : `${p.field}:${p.collection}`
+      ).join(",");
+    }
+    return this.http.request({
+      method: "GET",
+      path: this.basePath,
+      query,
+      authenticated: true
+    });
+  }
+};
+var CollectionRef = class {
+  constructor(http, realtime, projectId, collectionName) {
+    this.http = http;
+    this.realtime = realtime;
+    this.projectId = projectId;
+    this.collectionName = collectionName;
+    this.basePath = `/db/${collectionName}`;
+  }
+  async insert(document) {
+    return this.http.request({
+      method: "POST",
+      path: this.basePath,
+      body: { documents: [document] },
+      authenticated: true
+    });
+  }
+  async insertMany(documents) {
+    return this.http.request({
+      method: "POST",
+      path: this.basePath,
+      body: { documents },
+      authenticated: true
+    });
+  }
+  find(filter) {
+    return new QueryBuilder(this.http, this.basePath, filter);
+  }
+  async findById(id, options) {
+    const query = {};
+    if (options?.populate?.length) {
+      query["populate"] = options.populate.map(
+        (p) => p.foreignField ? `${p.field}:${p.collection}:${p.foreignField}` : `${p.field}:${p.collection}`
+      ).join(",");
+    }
+    return this.http.request({
+      method: "GET",
+      path: `${this.basePath}/${id}`,
+      query,
+      authenticated: true
+    });
+  }
+  async update(id, update) {
+    return this.http.request({
+      method: "PATCH",
+      path: `${this.basePath}/${id}`,
+      body: { update },
+      authenticated: true
+    });
+  }
+  async delete(id) {
+    return this.http.request({
+      method: "DELETE",
+      path: `${this.basePath}/${id}`,
+      authenticated: true
+    });
+  }
+  async count(filter) {
+    const result = await this.http.request({
+      method: "POST",
+      path: `${this.basePath}/count`,
+      body: { filter },
+      authenticated: true
+    });
+    return result.count;
+  }
+  subscribe(handlers) {
+    if (!this.realtime) {
+      throw new Error("Realtime not available: no RealtimeClient configured");
+    }
+    let unsubscribeFn = null;
+    let pendingUnsub = false;
+    const callback = (event) => {
+      switch (event.type) {
+        case "insert":
+          if (handlers.onInsert && event.document) {
+            handlers.onInsert(event.document);
+          }
+          break;
+        case "update":
+          if (handlers.onUpdate && event.document) {
+            handlers.onUpdate(event.document);
+          }
+          break;
+        case "delete":
+          if (handlers.onDelete) {
+            handlers.onDelete(event.documentId);
+          }
+          break;
+      }
+    };
+    this.realtime.subscribe(this.projectId, this.collectionName, callback, handlers.onError, handlers.where).then((unsub) => {
+      if (pendingUnsub) {
+        unsub();
+      } else {
+        unsubscribeFn = unsub;
+      }
+    }).catch((err) => {
+      if (handlers.onError) {
+        handlers.onError(err instanceof Error ? err : new Error(String(err)));
+      }
+    });
+    return () => {
+      if (unsubscribeFn) {
+        unsubscribeFn();
+      } else {
+        pendingUnsub = true;
+      }
+    };
+  }
+};
+var DatabaseModule = class {
+  constructor(http, projectId, realtime) {
+    this.http = http;
+    this.projectId = projectId;
+    this.realtime = realtime ?? null;
+  }
+  collection(name) {
+    return new CollectionRef(this.http, this.realtime, this.projectId, name);
+  }
+};
+
+// libs/sdk/src/modules/notifications.module.ts
+var DEVICE_ID_KEY = "spacelr_device_id";
+var NotificationsModule = class {
+  constructor(http) {
+    this.http = http;
+    this.customDeviceId = null;
+    this.customDeviceName = null;
+  }
+  /** Set a custom device ID (e.g. from Capacitor Preferences for persistence beyond localStorage) */
+  setDeviceId(id) {
+    this.customDeviceId = id;
+  }
+  /** Set a custom device name (e.g. "iOS App", "macOS - Chrome") */
+  setDeviceName(name) {
+    this.customDeviceName = name;
+  }
+  /** Get or generate a stable device identifier. Custom ID takes priority over localStorage. */
+  getDeviceId() {
+    if (this.customDeviceId) return this.customDeviceId;
+    if (typeof localStorage === "undefined") return void 0;
+    let id = localStorage.getItem(DEVICE_ID_KEY);
+    if (!id) {
+      id = crypto.randomUUID();
+      localStorage.setItem(DEVICE_ID_KEY, id);
+    }
+    return id;
+  }
+  /** Get device name: custom name > auto-detected from user agent > undefined */
+  getDeviceName() {
+    if (this.customDeviceName) return this.customDeviceName;
+    return this.detectDeviceName();
+  }
+  /** Auto-detect a short device label from navigator.userAgent (e.g. "macOS - Chrome") */
+  detectDeviceName() {
+    if (typeof navigator === "undefined" || !navigator.userAgent) return void 0;
+    const ua = navigator.userAgent;
+    let os = "Unknown";
+    if (/iPad|iPhone|iPod/.test(ua)) os = "iOS";
+    else if (/Android/.test(ua)) os = "Android";
+    else if (/Mac OS X/.test(ua)) os = "macOS";
+    else if (/Windows/.test(ua)) os = "Windows";
+    else if (/Linux/.test(ua)) os = "Linux";
+    let browser = "Unknown";
+    if (/Edg\//.test(ua)) browser = "Edge";
+    else if (/OPR\/|Opera/.test(ua)) browser = "Opera";
+    else if (/Chrome\//.test(ua)) browser = "Chrome";
+    else if (/Safari\//.test(ua) && !/Chrome/.test(ua)) browser = "Safari";
+    else if (/Firefox\//.test(ua)) browser = "Firefox";
+    return `${os} - ${browser}`;
+  }
+  /** Get the VAPID public key for Web Push setup */
+  async getVapidPublicKey() {
+    return this.http.request({
+      method: "GET",
+      path: "/notifications/vapid-key",
+      authenticated: true
+    });
+  }
+  /** Register a push subscription (web, android, or ios) */
+  async subscribe(subscription, deviceName) {
+    return this.http.request({
+      method: "POST",
+      path: "/notifications/subscribe",
+      body: {
+        ...subscription,
+        deviceName: deviceName ?? this.getDeviceName(),
+        deviceId: this.getDeviceId()
+      },
+      authenticated: true
+    });
+  }
+  /** Unregister a push subscription */
+  async unsubscribe(platform, identifier) {
+    const body = { platform };
+    if (platform === "web") {
+      body["endpoint"] = identifier;
+    } else {
+      body["deviceToken"] = identifier;
+    }
+    return this.http.request({
+      method: "DELETE",
+      path: "/notifications/subscribe",
+      body,
+      authenticated: true
+    });
+  }
+  /** Get all subscriptions for the current user */
+  async getSubscriptions() {
+    return this.http.request({
+      method: "GET",
+      path: "/notifications/subscriptions",
+      authenticated: true
+    });
+  }
+  /**
+   * Helper: Register browser Web Push subscription.
+   * Requests notification permission, subscribes via Push API,
+   * and registers the subscription with the server.
+   */
+  async registerBrowserPush(serviceWorkerRegistration, deviceName) {
+    const { publicKey } = await this.getVapidPublicKey();
+    if (!publicKey) {
+      throw new Error(
+        "VAPID public key not configured on the server"
+      );
+    }
+    const permission = await Notification.requestPermission();
+    if (permission !== "granted") {
+      throw new Error(
+        `Notification permission denied: ${permission}`
+      );
+    }
+    const applicationServerKey = this.urlBase64ToUint8Array(publicKey);
+    const pushSubscription = await serviceWorkerRegistration.pushManager.subscribe({
+      userVisibleOnly: true,
+      applicationServerKey
+    });
+    const subJson = pushSubscription.toJSON();
+    const p256dh = subJson.keys?.["p256dh"];
+    const auth = subJson.keys?.["auth"];
+    if (!subJson.endpoint || !p256dh || !auth) {
+      throw new Error("Invalid push subscription: missing endpoint or keys");
+    }
+    return this.subscribe(
+      {
+        platform: "web",
+        endpoint: subJson.endpoint,
+        keys: { p256dh, auth }
+      },
+      deviceName
+    );
+  }
+  /**
+   * Helper: Register a mobile device push token (FCM or APNs).
+   */
+  async registerDevicePush(deviceToken, platform, deviceName) {
+    return this.subscribe(
+      {
+        platform,
+        deviceToken
+      },
+      deviceName
+    );
+  }
+  urlBase64ToUint8Array(base64String) {
+    const padding = "=".repeat((4 - base64String.length % 4) % 4);
+    const base64 = (base64String + padding).replace(/-/g, "+").replace(/_/g, "/");
+    const rawData = atob(base64);
+    const outputArray = new Uint8Array(rawData.length);
+    for (let i = 0; i < rawData.length; ++i) {
+      outputArray[i] = rawData.charCodeAt(i);
+    }
+    return outputArray.buffer;
+  }
+};
+
+// libs/sdk/src/client.ts
+function createClient(config) {
+  const tokenStorage = config.tokenStorage ?? (typeof window !== "undefined" && typeof window.localStorage !== "undefined" ? new BrowserTokenStorage() : new MemoryTokenStorage());
+  const tokenManager = new TokenManager(
+    tokenStorage,
+    config.refreshBufferSeconds ?? 60
+  );
+  const httpClient = new HttpClient(config, tokenManager);
+  const realtime = new RealtimeClient({
+    baseUrl: config.apiUrl,
+    getToken: () => tokenManager.getAccessToken()
+  });
+  const auth = new AuthModule(httpClient, tokenManager, config);
+  const storage = new StorageModule(httpClient, tokenManager, config);
+  const db = new DatabaseModule(httpClient, config.projectId, realtime);
+  const notifications = new NotificationsModule(httpClient);
+  return {
+    auth,
+    storage,
+    db,
+    notifications,
+    disconnect() {
+      realtime.disconnect();
+    }
+  };
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  BrowserTokenStorage,
+  CodeChallengeMethod,
+  FileVisibility,
+  GrantType,
+  MemoryTokenStorage,
+  SharePermission,
+  SpacelrAuthError,
+  SpacelrEmailVerificationRequiredError,
+  SpacelrError,
+  SpacelrNetworkError,
+  SpacelrTimeoutError,
+  SpacelrTwoFactorRequiredError,
+  createClient,
+  generatePKCEChallenge
+});
+//# sourceMappingURL=index.js.map