npm - @spfn/auth - Versions diffs - 0.1.0-alpha.87 → 0.2.0-beta.1 - Mend

@spfn/auth 0.1.0-alpha.87 → 0.2.0-beta.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (151) hide show

package/README.md +1385 -1199
package/dist/config.d.ts +405 -0
package/dist/config.js +240 -0
package/dist/config.js.map +1 -0
package/dist/dto-81uR9gzF.d.ts +630 -0
package/dist/errors.d.ts +196 -0
package/dist/errors.js +173 -0
package/dist/errors.js.map +1 -0
package/dist/index.d.ts +273 -14
package/dist/index.js +511 -6665
package/dist/index.js.map +1 -1
package/dist/nextjs/api.js +345 -0
package/dist/nextjs/api.js.map +1 -0
package/dist/{adapters/nextjs → nextjs}/server.d.ts +47 -65
package/dist/nextjs/server.js +179 -0
package/dist/nextjs/server.js.map +1 -0
package/dist/server.d.ts +4328 -529
package/dist/server.js +7841 -1247
package/dist/server.js.map +1 -1
package/migrations/{0000_familiar_firebrand.sql → 0000_mysterious_colossus.sql} +53 -23
package/migrations/meta/0000_snapshot.json +281 -46
package/migrations/meta/_journal.json +2 -2
package/package.json +33 -33
package/dist/adapters/nextjs/api.d.ts +0 -446
package/dist/adapters/nextjs/api.js +0 -3279
package/dist/adapters/nextjs/api.js.map +0 -1
package/dist/adapters/nextjs/server.js +0 -3645
package/dist/adapters/nextjs/server.js.map +0 -1
package/dist/lib/api/auth-codes-verify.d.ts +0 -37
package/dist/lib/api/auth-codes-verify.js +0 -2949
package/dist/lib/api/auth-codes-verify.js.map +0 -1
package/dist/lib/api/auth-codes.d.ts +0 -37
package/dist/lib/api/auth-codes.js +0 -2949
package/dist/lib/api/auth-codes.js.map +0 -1
package/dist/lib/api/auth-exists.d.ts +0 -38
package/dist/lib/api/auth-exists.js +0 -2949
package/dist/lib/api/auth-exists.js.map +0 -1
package/dist/lib/api/auth-invitations-accept.d.ts +0 -38
package/dist/lib/api/auth-invitations-accept.js +0 -2883
package/dist/lib/api/auth-invitations-accept.js.map +0 -1
package/dist/lib/api/auth-invitations-cancel.d.ts +0 -37
package/dist/lib/api/auth-invitations-cancel.js +0 -2883
package/dist/lib/api/auth-invitations-cancel.js.map +0 -1
package/dist/lib/api/auth-invitations-delete.d.ts +0 -36
package/dist/lib/api/auth-invitations-delete.js +0 -2883
package/dist/lib/api/auth-invitations-delete.js.map +0 -1
package/dist/lib/api/auth-invitations-resend.d.ts +0 -37
package/dist/lib/api/auth-invitations-resend.js +0 -2883
package/dist/lib/api/auth-invitations-resend.js.map +0 -1
package/dist/lib/api/auth-invitations.d.ts +0 -109
package/dist/lib/api/auth-invitations.js +0 -2887
package/dist/lib/api/auth-invitations.js.map +0 -1
package/dist/lib/api/auth-keys-rotate.d.ts +0 -37
package/dist/lib/api/auth-keys-rotate.js +0 -2949
package/dist/lib/api/auth-keys-rotate.js.map +0 -1
package/dist/lib/api/auth-login.d.ts +0 -39
package/dist/lib/api/auth-login.js +0 -2949
package/dist/lib/api/auth-login.js.map +0 -1
package/dist/lib/api/auth-logout.d.ts +0 -36
package/dist/lib/api/auth-logout.js +0 -2949
package/dist/lib/api/auth-logout.js.map +0 -1
package/dist/lib/api/auth-me.d.ts +0 -50
package/dist/lib/api/auth-me.js +0 -2949
package/dist/lib/api/auth-me.js.map +0 -1
package/dist/lib/api/auth-password.d.ts +0 -36
package/dist/lib/api/auth-password.js +0 -2949
package/dist/lib/api/auth-password.js.map +0 -1
package/dist/lib/api/auth-register.d.ts +0 -38
package/dist/lib/api/auth-register.js +0 -2949
package/dist/lib/api/auth-register.js.map +0 -1
package/dist/lib/api/index.d.ts +0 -356
package/dist/lib/api/index.js +0 -3261
package/dist/lib/api/index.js.map +0 -1
package/dist/lib/config.d.ts +0 -70
package/dist/lib/config.js +0 -64
package/dist/lib/config.js.map +0 -1
package/dist/lib/contracts/auth.d.ts +0 -302
package/dist/lib/contracts/auth.js +0 -2951
package/dist/lib/contracts/auth.js.map +0 -1
package/dist/lib/contracts/index.d.ts +0 -3
package/dist/lib/contracts/index.js +0 -3190
package/dist/lib/contracts/index.js.map +0 -1
package/dist/lib/contracts/invitation.d.ts +0 -243
package/dist/lib/contracts/invitation.js +0 -2883
package/dist/lib/contracts/invitation.js.map +0 -1
package/dist/lib/crypto.d.ts +0 -76
package/dist/lib/crypto.js +0 -127
package/dist/lib/crypto.js.map +0 -1
package/dist/lib/index.d.ts +0 -4
package/dist/lib/index.js +0 -313
package/dist/lib/index.js.map +0 -1
package/dist/lib/session.d.ts +0 -68
package/dist/lib/session.js +0 -126
package/dist/lib/session.js.map +0 -1
package/dist/lib/types/api.d.ts +0 -45
package/dist/lib/types/api.js +0 -1
package/dist/lib/types/api.js.map +0 -1
package/dist/lib/types/index.d.ts +0 -3
package/dist/lib/types/index.js +0 -2647
package/dist/lib/types/index.js.map +0 -1
package/dist/lib/types/schemas.d.ts +0 -45
package/dist/lib/types/schemas.js +0 -2647
package/dist/lib/types/schemas.js.map +0 -1
package/dist/lib.js +0 -1
package/dist/lib.js.map +0 -1
package/dist/plugin.d.ts +0 -12
package/dist/plugin.js +0 -9083
package/dist/plugin.js.map +0 -1
package/dist/server/entities/index.d.ts +0 -11
package/dist/server/entities/index.js +0 -395
package/dist/server/entities/index.js.map +0 -1
package/dist/server/entities/invitations.d.ts +0 -241
package/dist/server/entities/invitations.js +0 -184
package/dist/server/entities/invitations.js.map +0 -1
package/dist/server/entities/permissions.d.ts +0 -196
package/dist/server/entities/permissions.js +0 -49
package/dist/server/entities/permissions.js.map +0 -1
package/dist/server/entities/role-permissions.d.ts +0 -107
package/dist/server/entities/role-permissions.js +0 -115
package/dist/server/entities/role-permissions.js.map +0 -1
package/dist/server/entities/roles.d.ts +0 -196
package/dist/server/entities/roles.js +0 -50
package/dist/server/entities/roles.js.map +0 -1
package/dist/server/entities/schema.d.ts +0 -14
package/dist/server/entities/schema.js +0 -7
package/dist/server/entities/schema.js.map +0 -1
package/dist/server/entities/user-permissions.d.ts +0 -163
package/dist/server/entities/user-permissions.js +0 -193
package/dist/server/entities/user-permissions.js.map +0 -1
package/dist/server/entities/user-public-keys.d.ts +0 -227
package/dist/server/entities/user-public-keys.js +0 -156
package/dist/server/entities/user-public-keys.js.map +0 -1
package/dist/server/entities/user-social-accounts.d.ts +0 -189
package/dist/server/entities/user-social-accounts.js +0 -149
package/dist/server/entities/user-social-accounts.js.map +0 -1
package/dist/server/entities/users.d.ts +0 -235
package/dist/server/entities/users.js +0 -117
package/dist/server/entities/users.js.map +0 -1
package/dist/server/entities/verification-codes.d.ts +0 -191
package/dist/server/entities/verification-codes.js +0 -49
package/dist/server/entities/verification-codes.js.map +0 -1
package/dist/server/routes/auth/index.d.ts +0 -10
package/dist/server/routes/auth/index.js +0 -4460
package/dist/server/routes/auth/index.js.map +0 -1
package/dist/server/routes/index.d.ts +0 -6
package/dist/server/routes/index.js +0 -6584
package/dist/server/routes/index.js.map +0 -1
package/dist/server/routes/invitations/index.d.ts +0 -10
package/dist/server/routes/invitations/index.js +0 -4395
package/dist/server/routes/invitations/index.js.map +0 -1
/package/dist/{lib.d.ts → nextjs/api.d.ts} +0 -0

package/dist/lib/config.d.ts DELETED Viewed

@@ -1,70 +0,0 @@
-/**
- * @spfn/auth - Global Configuration
- *
- * Manages global auth configuration including session TTL
- */
-/**
- * Cookie names used by SPFN Auth
- */
-declare const COOKIE_NAMES: {
-    /** Encrypted session data (userId, privateKey, keyId, algorithm) */
-    readonly SESSION: "spfn_session";
-    /** Current key ID (for key rotation) */
-    readonly SESSION_KEY_ID: "spfn_session_key_id";
-};
-/**
- * Parse duration string to seconds
- *
- * Supports: '30d', '12h', '45m', '3600s', or plain number
- *
- * @example
- * parseDuration('30d')   // 2592000 (30 days in seconds)
- * parseDuration('12h')   // 43200
- * parseDuration('45m')   // 2700
- * parseDuration('3600')  // 3600
- */
-declare function parseDuration(duration: string | number): number;
-/**
- * Auth configuration
- */
-interface AuthConfig {
-    /**
-     * Default session TTL in seconds or duration string
-     *
-     * Supports:
-     * - Number: seconds (e.g., 2592000)
-     * - String: '30d', '12h', '45m', '3600s'
-     *
-     * @default 7d (7 days)
-     */
-    sessionTtl?: string | number;
-}
-/**
- * Configure global auth settings
- *
- * @param config - Auth configuration
- *
- * @example
- * ```typescript
- * configureAuth({
- *   sessionTtl: '30d',  // 30 days
- * });
- * ```
- */
-declare function configureAuth(config: AuthConfig): void;
-/**
- * Get current auth configuration
- */
-declare function getAuthConfig(): AuthConfig;
-/**
- * Get session TTL in seconds
- *
- * Priority:
- * 1. Runtime override (remember parameter)
- * 2. Global config (configureAuth)
- * 3. Environment variable (SPFN_AUTH_SESSION_TTL)
- * 4. Default (7 days)
- */
-declare function getSessionTtl(override?: string | number): number;
-export { type AuthConfig, COOKIE_NAMES, configureAuth, getAuthConfig, getSessionTtl, parseDuration };

package/dist/lib/config.js DELETED Viewed

@@ -1,64 +0,0 @@
-// src/lib/config.ts
-var COOKIE_NAMES = {
-  /** Encrypted session data (userId, privateKey, keyId, algorithm) */
-  SESSION: "spfn_session",
-  /** Current key ID (for key rotation) */
-  SESSION_KEY_ID: "spfn_session_key_id"
-};
-function parseDuration(duration) {
-  if (typeof duration === "number") {
-    return duration;
-  }
-  const match = duration.match(/^(\d+)([dhms]?)$/);
-  if (!match) {
-    throw new Error(`Invalid duration format: ${duration}. Use format like '30d', '12h', '45m', '3600s', or plain number.`);
-  }
-  const value = parseInt(match[1], 10);
-  const unit = match[2] || "s";
-  switch (unit) {
-    case "d":
-      return value * 24 * 60 * 60;
-    case "h":
-      return value * 60 * 60;
-    case "m":
-      return value * 60;
-    case "s":
-      return value;
-    default:
-      throw new Error(`Unknown duration unit: ${unit}`);
-  }
-}
-var globalConfig = {
-  sessionTtl: "7d"
-  // Default: 7 days
-};
-function configureAuth(config) {
-  globalConfig = {
-    ...globalConfig,
-    ...config
-  };
-}
-function getAuthConfig() {
-  return { ...globalConfig };
-}
-function getSessionTtl(override) {
-  if (override !== void 0) {
-    return parseDuration(override);
-  }
-  if (globalConfig.sessionTtl !== void 0) {
-    return parseDuration(globalConfig.sessionTtl);
-  }
-  const envTtl = process.env.SPFN_AUTH_SESSION_TTL;
-  if (envTtl) {
-    return parseDuration(envTtl);
-  }
-  return 7 * 24 * 60 * 60;
-}
-export {
-  COOKIE_NAMES,
-  configureAuth,
-  getAuthConfig,
-  getSessionTtl,
-  parseDuration
-};
-//# sourceMappingURL=config.js.map

package/dist/lib/config.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"sources":["../../src/lib/config.ts"],"sourcesContent":["/**\n * @spfn/auth - Global Configuration\n *\n * Manages global auth configuration including session TTL\n */\n\n/**\n * Cookie names used by SPFN Auth\n */\nexport const COOKIE_NAMES = {\n /** Encrypted session data (userId, privateKey, keyId, algorithm) */\n SESSION: 'spfn_session',\n /** Current key ID (for key rotation) */\n SESSION_KEY_ID: 'spfn_session_key_id',\n} as const;\n\n/**\n * Parse duration string to seconds\n *\n * Supports: '30d', '12h', '45m', '3600s', or plain number\n *\n * @example\n * parseDuration('30d') // 2592000 (30 days in seconds)\n * parseDuration('12h') // 43200\n * parseDuration('45m') // 2700\n * parseDuration('3600') // 3600\n */\nexport function parseDuration(duration: string | number): number\n{\n if (typeof duration === 'number')\n {\n return duration;\n }\n\n const match = duration.match(/^(\\d+)([dhms]?)$/);\n if (!match)\n {\n throw new Error(`Invalid duration format: ${duration}. Use format like '30d', '12h', '45m', '3600s', or plain number.`);\n }\n\n const value = parseInt(match[1], 10);\n const unit = match[2] || 's';\n\n switch (unit)\n {\n case 'd':\n return value * 24 * 60 * 60;\n case 'h':\n return value * 60 * 60;\n case 'm':\n return value * 60;\n case 's':\n return value;\n default:\n throw new Error(`Unknown duration unit: ${unit}`);\n }\n}\n\n/**\n * Auth configuration\n */\nexport interface AuthConfig\n{\n /**\n * Default session TTL in seconds or duration string\n *\n * Supports:\n * - Number: seconds (e.g., 2592000)\n * - String: '30d', '12h', '45m', '3600s'\n *\n * @default 7d (7 days)\n */\n sessionTtl?: string | number;\n}\n\n/**\n * Global auth configuration state\n */\nlet globalConfig: AuthConfig = {\n sessionTtl: '7d', // Default: 7 days\n};\n\n/**\n * Configure global auth settings\n *\n * @param config - Auth configuration\n *\n * @example\n * ```typescript\n * configureAuth({\n * sessionTtl: '30d', // 30 days\n * });\n * ```\n */\nexport function configureAuth(config: AuthConfig): void\n{\n globalConfig = {\n ...globalConfig,\n ...config,\n };\n}\n\n/**\n * Get current auth configuration\n */\nexport function getAuthConfig(): AuthConfig\n{\n return { ...globalConfig };\n}\n\n/**\n * Get session TTL in seconds\n *\n * Priority:\n * 1. Runtime override (remember parameter)\n * 2. Global config (configureAuth)\n * 3. Environment variable (SPFN_AUTH_SESSION_TTL)\n * 4. Default (7 days)\n */\nexport function getSessionTtl(override?: string | number): number\n{\n // 1. Runtime override\n if (override !== undefined)\n {\n return parseDuration(override);\n }\n\n // 2. Global config\n if (globalConfig.sessionTtl !== undefined)\n {\n return parseDuration(globalConfig.sessionTtl);\n }\n\n // 3. Environment variable\n const envTtl = process.env.SPFN_AUTH_SESSION_TTL;\n if (envTtl)\n {\n return parseDuration(envTtl);\n }\n\n // 4. Default: 7 days\n return 7 * 24 * 60 * 60;\n}"],"mappings":";AASO,IAAM,eAAe;AAAA;AAAA,EAExB,SAAS;AAAA;AAAA,EAET,gBAAgB;AACpB;AAaO,SAAS,cAAc,UAC9B;AACI,MAAI,OAAO,aAAa,UACxB;AACI,WAAO;AAAA,EACX;AAEA,QAAM,QAAQ,SAAS,MAAM,kBAAkB;AAC/C,MAAI,CAAC,OACL;AACI,UAAM,IAAI,MAAM,4BAA4B,QAAQ,kEAAkE;AAAA,EAC1H;AAEA,QAAM,QAAQ,SAAS,MAAM,CAAC,GAAG,EAAE;AACnC,QAAM,OAAO,MAAM,CAAC,KAAK;AAEzB,UAAQ,MACR;AAAA,IACI,KAAK;AACD,aAAO,QAAQ,KAAK,KAAK;AAAA,IAC7B,KAAK;AACD,aAAO,QAAQ,KAAK;AAAA,IACxB,KAAK;AACD,aAAO,QAAQ;AAAA,IACnB,KAAK;AACD,aAAO;AAAA,IACX;AACI,YAAM,IAAI,MAAM,0BAA0B,IAAI,EAAE;AAAA,EACxD;AACJ;AAsBA,IAAI,eAA2B;AAAA,EAC3B,YAAY;AAAA;AAChB;AAcO,SAAS,cAAc,QAC9B;AACI,iBAAe;AAAA,IACX,GAAG;AAAA,IACH,GAAG;AAAA,EACP;AACJ;AAKO,SAAS,gBAChB;AACI,SAAO,EAAE,GAAG,aAAa;AAC7B;AAWO,SAAS,cAAc,UAC9B;AAEI,MAAI,aAAa,QACjB;AACI,WAAO,cAAc,QAAQ;AAAA,EACjC;AAGA,MAAI,aAAa,eAAe,QAChC;AACI,WAAO,cAAc,aAAa,UAAU;AAAA,EAChD;AAGA,QAAM,SAAS,QAAQ,IAAI;AAC3B,MAAI,QACJ;AACI,WAAO,cAAc,MAAM;AAAA,EAC/B;AAGA,SAAO,IAAI,KAAK,KAAK;AACzB;","names":[]}

package/dist/lib/contracts/auth.d.ts DELETED Viewed

@@ -1,302 +0,0 @@
-import * as _sinclair_typebox from '@sinclair/typebox';
-/**
- * @spfn/auth - Auth API Contracts
- *
- * Type-safe API contracts for authentication operations
- */
-/**
- * POST /codes - Send verification code
- *
- * Sends a 6-digit verification code to email or phone
- * Final path: /_auth/codes
- */
-declare const sendVerificationCodeContract: {
-    readonly method: "POST";
-    readonly path: "/_auth/codes";
-    readonly body: _sinclair_typebox.TObject<{
-        target: _sinclair_typebox.TString;
-        targetType: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"email">, _sinclair_typebox.TLiteral<"phone">]>;
-        purpose: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"registration">, _sinclair_typebox.TLiteral<"login">, _sinclair_typebox.TLiteral<"password_reset">]>;
-    }>;
-    readonly response: _sinclair_typebox.TUnion<[_sinclair_typebox.TObject<{
-        success: _sinclair_typebox.TLiteral<true>;
-        data: _sinclair_typebox.TObject<{
-            success: _sinclair_typebox.TBoolean;
-            expiresAt: _sinclair_typebox.TString;
-        }>;
-        message: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
-    }>, _sinclair_typebox.TObject<{
-        success: _sinclair_typebox.TLiteral<false>;
-        error: _sinclair_typebox.TObject<{
-            code: _sinclair_typebox.TString;
-            message: _sinclair_typebox.TString;
-            details: _sinclair_typebox.TOptional<_sinclair_typebox.TAny>;
-        }>;
-    }>]>;
-};
-/**
- * POST /codes/verify - Verify code (without creating account)
- *
- * Validates verification code, returns a temporary token
- * Final path: /_auth/codes/verify
- */
-declare const verifyCodeContract: {
-    readonly method: "POST";
-    readonly path: "/_auth/codes/verify";
-    readonly body: _sinclair_typebox.TObject<{
-        target: _sinclair_typebox.TString;
-        targetType: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"email">, _sinclair_typebox.TLiteral<"phone">]>;
-        code: _sinclair_typebox.TString;
-        purpose: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"registration">, _sinclair_typebox.TLiteral<"login">, _sinclair_typebox.TLiteral<"password_reset">]>;
-    }>;
-    readonly response: _sinclair_typebox.TUnion<[_sinclair_typebox.TObject<{
-        success: _sinclair_typebox.TLiteral<true>;
-        data: _sinclair_typebox.TObject<{
-            valid: _sinclair_typebox.TBoolean;
-            verificationToken: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
-        }>;
-        message: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
-    }>, _sinclair_typebox.TObject<{
-        success: _sinclair_typebox.TLiteral<false>;
-        error: _sinclair_typebox.TObject<{
-            code: _sinclair_typebox.TString;
-            message: _sinclair_typebox.TString;
-            details: _sinclair_typebox.TOptional<_sinclair_typebox.TAny>;
-        }>;
-    }>]>;
-};
-/**
- * POST /exists - Check if account exists
- *
- * Checks if an email or phone number is already registered
- * Final path: /_auth/exists (prefix added from package.json)
- */
-declare const checkAccountExistsContract: {
-    readonly method: "POST";
-    readonly path: "/_auth/exists";
-    readonly body: _sinclair_typebox.TObject<{
-        email: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
-        phone: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
-    }>;
-    readonly response: _sinclair_typebox.TUnion<[_sinclair_typebox.TObject<{
-        success: _sinclair_typebox.TLiteral<true>;
-        data: _sinclair_typebox.TObject<{
-            exists: _sinclair_typebox.TBoolean;
-            identifier: _sinclair_typebox.TString;
-            identifierType: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"email">, _sinclair_typebox.TLiteral<"phone">]>;
-        }>;
-        message: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
-    }>, _sinclair_typebox.TObject<{
-        success: _sinclair_typebox.TLiteral<false>;
-        error: _sinclair_typebox.TObject<{
-            code: _sinclair_typebox.TString;
-            message: _sinclair_typebox.TString;
-            details: _sinclair_typebox.TOptional<_sinclair_typebox.TAny>;
-        }>;
-    }>]>;
-};
-/**
- * POST /register - Register new user
- *
- * Register with email/phone and password, includes public key
- * Final path: /_auth/register (prefix added from package.json)
- */
-declare const registerContract: {
-    readonly method: "POST";
-    readonly path: "/_auth/register";
-    readonly body: _sinclair_typebox.TObject<{
-        email: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
-        phone: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
-        verificationToken: _sinclair_typebox.TString;
-        password: _sinclair_typebox.TString;
-        publicKey: _sinclair_typebox.TString;
-        keyId: _sinclair_typebox.TString;
-        fingerprint: _sinclair_typebox.TString;
-        algorithm: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"ES256">, _sinclair_typebox.TLiteral<"RS256">]>;
-        keySize: _sinclair_typebox.TOptional<_sinclair_typebox.TNumber>;
-    }>;
-    readonly response: _sinclair_typebox.TUnion<[_sinclair_typebox.TObject<{
-        success: _sinclair_typebox.TLiteral<true>;
-        data: _sinclair_typebox.TObject<{
-            userId: _sinclair_typebox.TString;
-            email: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
-            phone: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
-        }>;
-        message: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
-    }>, _sinclair_typebox.TObject<{
-        success: _sinclair_typebox.TLiteral<false>;
-        error: _sinclair_typebox.TObject<{
-            code: _sinclair_typebox.TString;
-            message: _sinclair_typebox.TString;
-            details: _sinclair_typebox.TOptional<_sinclair_typebox.TAny>;
-        }>;
-    }>]>;
-};
-/**
- * POST /login - User login
- *
- * Authenticate user with email/phone and password
- * Replaces existing key with new one
- * Final path: /_auth/login (prefix added from package.json)
- */
-declare const loginContract: {
-    readonly method: "POST";
-    readonly path: "/_auth/login";
-    readonly body: _sinclair_typebox.TObject<{
-        email: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
-        phone: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
-        password: _sinclair_typebox.TString;
-        publicKey: _sinclair_typebox.TString;
-        keyId: _sinclair_typebox.TString;
-        fingerprint: _sinclair_typebox.TString;
-        oldKeyId: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
-        algorithm: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"ES256">, _sinclair_typebox.TLiteral<"RS256">]>;
-        keySize: _sinclair_typebox.TOptional<_sinclair_typebox.TNumber>;
-    }>;
-    readonly response: _sinclair_typebox.TUnion<[_sinclair_typebox.TObject<{
-        success: _sinclair_typebox.TLiteral<true>;
-        data: _sinclair_typebox.TObject<{
-            userId: _sinclair_typebox.TString;
-            email: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
-            phone: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
-            passwordChangeRequired: _sinclair_typebox.TBoolean;
-        }>;
-        message: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
-    }>, _sinclair_typebox.TObject<{
-        success: _sinclair_typebox.TLiteral<false>;
-        error: _sinclair_typebox.TObject<{
-            code: _sinclair_typebox.TString;
-            message: _sinclair_typebox.TString;
-            details: _sinclair_typebox.TOptional<_sinclair_typebox.TAny>;
-        }>;
-    }>]>;
-};
-/**
- * POST /logout - Logout user
- *
- * Revokes current key (requires authentication)
- * Final path: /_auth/logout (prefix added from package.json)
- */
-declare const logoutContract: {
-    readonly method: "POST";
-    readonly path: "/_auth/logout";
-    readonly body: _sinclair_typebox.TObject<{}>;
-    readonly response: _sinclair_typebox.TUnion<[_sinclair_typebox.TObject<{
-        success: _sinclair_typebox.TLiteral<true>;
-        data: _sinclair_typebox.TObject<{
-            success: _sinclair_typebox.TBoolean;
-        }>;
-        message: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
-    }>, _sinclair_typebox.TObject<{
-        success: _sinclair_typebox.TLiteral<false>;
-        error: _sinclair_typebox.TObject<{
-            code: _sinclair_typebox.TString;
-            message: _sinclair_typebox.TString;
-            details: _sinclair_typebox.TOptional<_sinclair_typebox.TAny>;
-        }>;
-    }>]>;
-};
-/**
- * POST /keys/rotate - Rotate key
- *
- * Replace current key with new one (requires authentication)
- * Final path: /_auth/keys/rotate (prefix added from package.json)
- */
-declare const rotateKeyContract: {
-    readonly method: "POST";
-    readonly path: "/_auth/keys/rotate";
-    readonly body: _sinclair_typebox.TObject<{
-        publicKey: _sinclair_typebox.TString;
-        keyId: _sinclair_typebox.TString;
-        fingerprint: _sinclair_typebox.TString;
-        algorithm: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"ES256">, _sinclair_typebox.TLiteral<"RS256">]>;
-        keySize: _sinclair_typebox.TOptional<_sinclair_typebox.TNumber>;
-    }>;
-    readonly response: _sinclair_typebox.TUnion<[_sinclair_typebox.TObject<{
-        success: _sinclair_typebox.TLiteral<true>;
-        data: _sinclair_typebox.TObject<{
-            success: _sinclair_typebox.TBoolean;
-            keyId: _sinclair_typebox.TString;
-        }>;
-        message: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
-    }>, _sinclair_typebox.TObject<{
-        success: _sinclair_typebox.TLiteral<false>;
-        error: _sinclair_typebox.TObject<{
-            code: _sinclair_typebox.TString;
-            message: _sinclair_typebox.TString;
-            details: _sinclair_typebox.TOptional<_sinclair_typebox.TAny>;
-        }>;
-    }>]>;
-};
-/**
- * PUT /password - Change user password
- *
- * Allows authenticated users to change their password
- * Requires current password for verification
- * Final path: /_auth/password (prefix added from package.json)
- */
-declare const changePasswordContract: {
-    readonly method: "PUT";
-    readonly path: "/_auth/password";
-    readonly body: _sinclair_typebox.TObject<{
-        currentPassword: _sinclair_typebox.TString;
-        newPassword: _sinclair_typebox.TString;
-    }>;
-    readonly response: _sinclair_typebox.TUnion<[_sinclair_typebox.TObject<{
-        success: _sinclair_typebox.TLiteral<true>;
-        data: _sinclair_typebox.TObject<{
-            success: _sinclair_typebox.TBoolean;
-        }>;
-        message: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
-    }>, _sinclair_typebox.TObject<{
-        success: _sinclair_typebox.TLiteral<false>;
-        error: _sinclair_typebox.TObject<{
-            code: _sinclair_typebox.TString;
-            message: _sinclair_typebox.TString;
-            details: _sinclair_typebox.TOptional<_sinclair_typebox.TAny>;
-        }>;
-    }>]>;
-};
-/**
- * GET /me - Get current user info
- *
- * Returns authenticated user's information including role and permissions
- * Requires authentication
- * Final path: /_auth/me (prefix added from package.json)
- */
-declare const getMeContract: {
-    readonly method: "GET";
-    readonly path: "/_auth/me";
-    readonly body: _sinclair_typebox.TObject<{}>;
-    readonly response: _sinclair_typebox.TUnion<[_sinclair_typebox.TObject<{
-        success: _sinclair_typebox.TLiteral<true>;
-        data: _sinclair_typebox.TObject<{
-            userId: _sinclair_typebox.TString;
-            email: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
-            phone: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
-            role: _sinclair_typebox.TObject<{
-                id: _sinclair_typebox.TNumber;
-                name: _sinclair_typebox.TString;
-                displayName: _sinclair_typebox.TString;
-                priority: _sinclair_typebox.TNumber;
-            }>;
-            permissions: _sinclair_typebox.TArray<_sinclair_typebox.TObject<{
-                id: _sinclair_typebox.TNumber;
-                name: _sinclair_typebox.TString;
-                displayName: _sinclair_typebox.TString;
-                category: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
-            }>>;
-        }>;
-        message: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
-    }>, _sinclair_typebox.TObject<{
-        success: _sinclair_typebox.TLiteral<false>;
-        error: _sinclair_typebox.TObject<{
-            code: _sinclair_typebox.TString;
-            message: _sinclair_typebox.TString;
-            details: _sinclair_typebox.TOptional<_sinclair_typebox.TAny>;
-        }>;
-    }>]>;
-};
-export { changePasswordContract, checkAccountExistsContract, getMeContract, loginContract, logoutContract, registerContract, rotateKeyContract, sendVerificationCodeContract, verifyCodeContract };