@spfn/auth 0.1.0-alpha.87 → 0.2.0-beta.1

package/dist/server/entities/users.d.ts

@@ -1,235 +0,0 @@
-import * as drizzle_orm_pg_core from 'drizzle-orm/pg-core';
-
-/**
- * @spfn/auth - Users Entity
- *
- * Main user table supporting multiple authentication methods
- *
- * Features:
- * - Email or phone-based registration
- * - Password authentication (bcrypt)
- * - OAuth support (nullable passwordHash)
- * - Role-based access control (RBAC)
- * - Account status management
- * - Email/phone verification
- */
-declare const users: drizzle_orm_pg_core.PgTableWithColumns<{
-    name: "users";
-    schema: string;
-    columns: {
-        createdAt: drizzle_orm_pg_core.PgColumn<{
-            name: "created_at";
-            tableName: "users";
-            dataType: "date";
-            columnType: "PgTimestamp";
-            data: Date;
-            driverParam: string;
-            notNull: true;
-            hasDefault: true;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: undefined;
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        updatedAt: drizzle_orm_pg_core.PgColumn<{
-            name: "updated_at";
-            tableName: "users";
-            dataType: "date";
-            columnType: "PgTimestamp";
-            data: Date;
-            driverParam: string;
-            notNull: true;
-            hasDefault: true;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: undefined;
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        id: drizzle_orm_pg_core.PgColumn<{
-            name: "id";
-            tableName: "users";
-            dataType: "number";
-            columnType: "PgBigSerial53";
-            data: number;
-            driverParam: number;
-            notNull: true;
-            hasDefault: true;
-            isPrimaryKey: true;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: undefined;
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        email: drizzle_orm_pg_core.PgColumn<{
-            name: "email";
-            tableName: "users";
-            dataType: "string";
-            columnType: "PgText";
-            data: string;
-            driverParam: string;
-            notNull: false;
-            hasDefault: false;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: [string, ...string[]];
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        phone: drizzle_orm_pg_core.PgColumn<{
-            name: "phone";
-            tableName: "users";
-            dataType: "string";
-            columnType: "PgText";
-            data: string;
-            driverParam: string;
-            notNull: false;
-            hasDefault: false;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: [string, ...string[]];
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        passwordHash: drizzle_orm_pg_core.PgColumn<{
-            name: "password_hash";
-            tableName: "users";
-            dataType: "string";
-            columnType: "PgText";
-            data: string;
-            driverParam: string;
-            notNull: false;
-            hasDefault: false;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: [string, ...string[]];
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        passwordChangeRequired: drizzle_orm_pg_core.PgColumn<{
-            name: "password_change_required";
-            tableName: "users";
-            dataType: "boolean";
-            columnType: "PgBoolean";
-            data: boolean;
-            driverParam: boolean;
-            notNull: true;
-            hasDefault: true;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: undefined;
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        roleId: drizzle_orm_pg_core.PgColumn<{
-            name: "role_id";
-            tableName: "users";
-            dataType: "number";
-            columnType: "PgBigInt53";
-            data: number;
-            driverParam: string | number;
-            notNull: true;
-            hasDefault: false;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: undefined;
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        status: drizzle_orm_pg_core.PgColumn<{
-            name: "status";
-            tableName: "users";
-            dataType: "string";
-            columnType: "PgText";
-            data: "active" | "inactive" | "suspended";
-            driverParam: string;
-            notNull: true;
-            hasDefault: true;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: ["active", "inactive", "suspended"];
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        emailVerifiedAt: drizzle_orm_pg_core.PgColumn<{
-            name: "email_verified_at";
-            tableName: "users";
-            dataType: "date";
-            columnType: "PgTimestamp";
-            data: Date;
-            driverParam: string;
-            notNull: false;
-            hasDefault: false;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: undefined;
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        phoneVerifiedAt: drizzle_orm_pg_core.PgColumn<{
-            name: "phone_verified_at";
-            tableName: "users";
-            dataType: "date";
-            columnType: "PgTimestamp";
-            data: Date;
-            driverParam: string;
-            notNull: false;
-            hasDefault: false;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: undefined;
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        lastLoginAt: drizzle_orm_pg_core.PgColumn<{
-            name: "last_login_at";
-            tableName: "users";
-            dataType: "date";
-            columnType: "PgTimestamp";
-            data: Date;
-            driverParam: string;
-            notNull: false;
-            hasDefault: false;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: undefined;
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-    };
-    dialect: "pg";
-}>;
-type User = typeof users.$inferSelect;
-type NewUser = typeof users.$inferInsert;
-type UserStatus = 'active' | 'inactive' | 'suspended';
-type UserWithVerification = User & {
-    isEmailVerified: boolean;
-    isPhoneVerified: boolean;
-};
-
-export { type NewUser, type User, type UserStatus, type UserWithVerification, users };

package/dist/server/entities/users.js

@@ -1,117 +0,0 @@
-// src/server/entities/users.ts
-import { text as text2, timestamp, check, boolean as boolean2, bigint, index as index2 } from "drizzle-orm/pg-core";
-import { id as id2, timestamps as timestamps2 } from "@spfn/core/db";
-import { sql } from "drizzle-orm";
-
-// src/server/entities/roles.ts
-import { text, boolean, integer, index } from "drizzle-orm/pg-core";
-import { id, timestamps } from "@spfn/core/db";
-
-// src/server/entities/schema.ts
-import { createFunctionSchema } from "@spfn/core/db";
-var authSchema = createFunctionSchema("@spfn/auth");
-
-// src/server/entities/roles.ts
-var roles = authSchema.table(
-  "roles",
-  {
-    // Primary key
-    id: id(),
-    // Role identifier (used in code, e.g., 'admin', 'editor')
-    // Must be unique, lowercase, kebab-case recommended
-    name: text("name").notNull().unique(),
-    // Display name for UI (e.g., 'Administrator', 'Content Editor')
-    displayName: text("display_name").notNull(),
-    // Role description
-    description: text("description"),
-    // Built-in role flag
-    // true: Core package roles (user, admin, superadmin) - cannot be deleted
-    // false: Custom or preset roles - can be deleted
-    isBuiltin: boolean("is_builtin").notNull().default(false),
-    // System role flag
-    // true: Defined in code (builtin or preset) - deletion restricted
-    // false: Runtime created custom role - fully manageable
-    isSystem: boolean("is_system").notNull().default(false),
-    // Active status
-    // false: Deactivated role (users cannot be assigned)
-    isActive: boolean("is_active").notNull().default(true),
-    // Priority level (higher = more privileged)
-    // superadmin: 100, admin: 80, user: 10
-    // Used for role hierarchy and conflict resolution
-    priority: integer("priority").notNull().default(10),
-    ...timestamps()
-  },
-  (table) => [
-    index("roles_name_idx").on(table.name),
-    index("roles_is_system_idx").on(table.isSystem),
-    index("roles_is_active_idx").on(table.isActive),
-    index("roles_is_builtin_idx").on(table.isBuiltin),
-    index("roles_priority_idx").on(table.priority)
-  ]
-);
-
-// src/server/entities/users.ts
-var users = authSchema.table(
-  "users",
-  {
-    // Identity
-    id: id2(),
-    // Email address (unique identifier)
-    // Used for: login, password reset, notifications
-    email: text2("email").unique(),
-    // Phone number in E.164 international format
-    // Format: +[country code][number] (e.g., +821012345678)
-    // Used for: SMS login, 2FA, notifications
-    phone: text2("phone").unique(),
-    // Authentication
-    // Bcrypt password hash ($2b$10$[salt][hash], 60 chars)
-    // Nullable to support OAuth-only accounts
-    passwordHash: text2("password_hash"),
-    // Force password change on next login
-    // Use cases: initial setup, security breach, policy violation
-    passwordChangeRequired: boolean2("password_change_required").notNull().default(false),
-    // Authorization (Role-Based Access Control)
-    // Foreign key to roles table
-    // References built-in roles: user (default), admin, superadmin
-    // Can also reference custom roles created at runtime
-    roleId: bigint("role_id", { mode: "number" }).references(() => roles.id).notNull(),
-    // Account status
-    // - active: Normal operation (default)
-    // - inactive: Deactivated (user request, dormant)
-    // - suspended: Locked (security incident, ToS violation)
-    status: text2(
-      "status",
-      {
-        enum: ["active", "inactive", "suspended"]
-      }
-    ).notNull().default("active"),
-    // Verification timestamps
-    // null = unverified, timestamp = verified at this time
-    // Email verification (via verification code or magic link)
-    emailVerifiedAt: timestamp("email_verified_at", { withTimezone: true }),
-    // Phone verification (via SMS OTP)
-    phoneVerifiedAt: timestamp("phone_verified_at", { withTimezone: true }),
-    // Metadata
-    // Last successful login timestamp
-    // Used for: security auditing, dormant account detection
-    lastLoginAt: timestamp("last_login_at", { withTimezone: true }),
-    ...timestamps2()
-  },
-  (table) => [
-    // Database constraints
-    // Ensure at least one identifier exists (email OR phone)
-    check(
-      "email_or_phone_check",
-      sql`${table.email} IS NOT NULL OR ${table.phone} IS NOT NULL`
-    ),
-    // Indexes for query optimization
-    index2("users_email_idx").on(table.email),
-    index2("users_phone_idx").on(table.phone),
-    index2("users_status_idx").on(table.status),
-    index2("users_role_id_idx").on(table.roleId)
-  ]
-);
-export {
-  users
-};
-//# sourceMappingURL=users.js.map

package/dist/server/entities/users.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../src/server/entities/users.ts","../../../src/server/entities/roles.ts","../../../src/server/entities/schema.ts"],"sourcesContent":["/**\n * @spfn/auth - Users Entity\n *\n * Main user table supporting multiple authentication methods\n *\n * Features:\n * - Email or phone-based registration\n * - Password authentication (bcrypt)\n * - OAuth support (nullable passwordHash)\n * - Role-based access control (RBAC)\n * - Account status management\n * - Email/phone verification\n */\n\nimport { text, timestamp, check, boolean, bigint, index } from 'drizzle-orm/pg-core';\nimport { id, timestamps } from '@spfn/core/db';\nimport { sql } from 'drizzle-orm';\nimport { roles } from './roles';\nimport { authSchema } from './schema';\n\nexport const users = authSchema.table('users',\n    {\n        // Identity\n        id: id(),\n\n        // Email address (unique identifier)\n        // Used for: login, password reset, notifications\n        email: text('email').unique(),\n\n        // Phone number in E.164 international format\n        // Format: +[country code][number] (e.g., +821012345678)\n        // Used for: SMS login, 2FA, notifications\n        phone: text('phone').unique(),\n\n        // Authentication\n        // Bcrypt password hash ($2b$10$[salt][hash], 60 chars)\n        // Nullable to support OAuth-only accounts\n        passwordHash: text('password_hash'),\n\n        // Force password change on next login\n        // Use cases: initial setup, security breach, policy violation\n        passwordChangeRequired: boolean('password_change_required').notNull().default(false),\n\n        // Authorization (Role-Based Access Control)\n        // Foreign key to roles table\n        // References built-in roles: user (default), admin, superadmin\n        // Can also reference custom roles created at runtime\n        roleId: bigint('role_id', { mode: 'number' })\n            .references(() => roles.id)\n            .notNull(),\n\n        // Account status\n        // - active: Normal operation (default)\n        // - inactive: Deactivated (user request, dormant)\n        // - suspended: Locked (security incident, ToS violation)\n        status: text(\n            'status',\n            {\n                enum: ['active', 'inactive', 'suspended']\n            }\n        ).notNull().default('active'),\n\n        // Verification timestamps\n        // null = unverified, timestamp = verified at this time\n        // Email verification (via verification code or magic link)\n        emailVerifiedAt: timestamp('email_verified_at', { withTimezone: true }),\n\n        // Phone verification (via SMS OTP)\n        phoneVerifiedAt: timestamp('phone_verified_at', { withTimezone: true }),\n\n        // Metadata\n        // Last successful login timestamp\n        // Used for: security auditing, dormant account detection\n        lastLoginAt: timestamp('last_login_at', { withTimezone: true }),\n\n        ...timestamps(),\n    },\n    (table) => [\n        // Database constraints\n        // Ensure at least one identifier exists (email OR phone)\n        check(\n            'email_or_phone_check',\n            sql`${table.email} IS NOT NULL OR ${table.phone} IS NOT NULL`\n        ),\n\n        // Indexes for query optimization\n        index('users_email_idx').on(table.email),\n        index('users_phone_idx').on(table.phone),\n        index('users_status_idx').on(table.status),\n        index('users_role_id_idx').on(table.roleId),\n    ]\n);\n\n// Type exports\nexport type User = typeof users.$inferSelect;\nexport type NewUser = typeof users.$inferInsert;\nexport type UserStatus = 'active' | 'inactive' | 'suspended';\n\n// Helper type with computed verification status\nexport type UserWithVerification = User &\n{\n    isEmailVerified: boolean;\n    isPhoneVerified: boolean;\n};","/**\n * @spfn/auth - Roles Entity\n *\n * Role-based access control (RBAC) roles table\n *\n * Features:\n * - Built-in roles (user, admin, superadmin) - cannot be deleted\n * - System roles (preset roles) - can be deactivated\n * - Custom roles (runtime created) - fully manageable\n * - Priority-based hierarchy\n */\n\nimport { text, boolean, integer, index } from 'drizzle-orm/pg-core';\nimport { id, timestamps } from '@spfn/core/db';\nimport { authSchema } from './schema';\n\nexport const roles = authSchema.table('roles',\n    {\n        // Primary key\n        id: id(),\n\n        // Role identifier (used in code, e.g., 'admin', 'editor')\n        // Must be unique, lowercase, kebab-case recommended\n        name: text('name').notNull().unique(),\n\n        // Display name for UI (e.g., 'Administrator', 'Content Editor')\n        displayName: text('display_name').notNull(),\n\n        // Role description\n        description: text('description'),\n\n        // Built-in role flag\n        // true: Core package roles (user, admin, superadmin) - cannot be deleted\n        // false: Custom or preset roles - can be deleted\n        isBuiltin: boolean('is_builtin').notNull().default(false),\n\n        // System role flag\n        // true: Defined in code (builtin or preset) - deletion restricted\n        // false: Runtime created custom role - fully manageable\n        isSystem: boolean('is_system').notNull().default(false),\n\n        // Active status\n        // false: Deactivated role (users cannot be assigned)\n        isActive: boolean('is_active').notNull().default(true),\n\n        // Priority level (higher = more privileged)\n        // superadmin: 100, admin: 80, user: 10\n        // Used for role hierarchy and conflict resolution\n        priority: integer('priority').notNull().default(10),\n\n        ...timestamps(),\n    },\n    (table) => [\n        index('roles_name_idx').on(table.name),\n        index('roles_is_system_idx').on(table.isSystem),\n        index('roles_is_active_idx').on(table.isActive),\n        index('roles_is_builtin_idx').on(table.isBuiltin),\n        index('roles_priority_idx').on(table.priority),\n    ]\n);\n\n// Type exports\nexport type RoleEntity = typeof roles.$inferSelect;\nexport type NewRoleEntity = typeof roles.$inferInsert;\n\n// Legacy alias for backward compatibility\nexport type Role = RoleEntity;\nexport type NewRole = NewRoleEntity;","/**\n * @spfn/auth - Database Schema Definition\n *\n * Defines the 'spfn_auth' PostgreSQL schema for all auth-related tables\n */\n\nimport { createFunctionSchema } from '@spfn/core/db';\n\n/**\n * Auth schema for all authentication and authorization tables\n * Tables: users, roles, permissions, user_invitations, etc.\n */\nexport const authSchema = createFunctionSchema('@spfn/auth');"],"mappings":";AAcA,SAAS,QAAAA,OAAM,WAAW,OAAO,WAAAC,UAAS,QAAQ,SAAAC,cAAa;AAC/D,SAAS,MAAAC,KAAI,cAAAC,mBAAkB;AAC/B,SAAS,WAAW;;;ACJpB,SAAS,MAAM,SAAS,SAAS,aAAa;AAC9C,SAAS,IAAI,kBAAkB;;;ACP/B,SAAS,4BAA4B;AAM9B,IAAM,aAAa,qBAAqB,YAAY;;;ADIpD,IAAM,QAAQ,WAAW;AAAA,EAAM;AAAA,EAClC;AAAA;AAAA,IAEI,IAAI,GAAG;AAAA;AAAA;AAAA,IAIP,MAAM,KAAK,MAAM,EAAE,QAAQ,EAAE,OAAO;AAAA;AAAA,IAGpC,aAAa,KAAK,cAAc,EAAE,QAAQ;AAAA;AAAA,IAG1C,aAAa,KAAK,aAAa;AAAA;AAAA;AAAA;AAAA,IAK/B,WAAW,QAAQ,YAAY,EAAE,QAAQ,EAAE,QAAQ,KAAK;AAAA;AAAA;AAAA;AAAA,IAKxD,UAAU,QAAQ,WAAW,EAAE,QAAQ,EAAE,QAAQ,KAAK;AAAA;AAAA;AAAA,IAItD,UAAU,QAAQ,WAAW,EAAE,QAAQ,EAAE,QAAQ,IAAI;AAAA;AAAA;AAAA;AAAA,IAKrD,UAAU,QAAQ,UAAU,EAAE,QAAQ,EAAE,QAAQ,EAAE;AAAA,IAElD,GAAG,WAAW;AAAA,EAClB;AAAA,EACA,CAAC,UAAU;AAAA,IACP,MAAM,gBAAgB,EAAE,GAAG,MAAM,IAAI;AAAA,IACrC,MAAM,qBAAqB,EAAE,GAAG,MAAM,QAAQ;AAAA,IAC9C,MAAM,qBAAqB,EAAE,GAAG,MAAM,QAAQ;AAAA,IAC9C,MAAM,sBAAsB,EAAE,GAAG,MAAM,SAAS;AAAA,IAChD,MAAM,oBAAoB,EAAE,GAAG,MAAM,QAAQ;AAAA,EACjD;AACJ;;;ADvCO,IAAM,QAAQ,WAAW;AAAA,EAAM;AAAA,EAClC;AAAA;AAAA,IAEI,IAAIC,IAAG;AAAA;AAAA;AAAA,IAIP,OAAOC,MAAK,OAAO,EAAE,OAAO;AAAA;AAAA;AAAA;AAAA,IAK5B,OAAOA,MAAK,OAAO,EAAE,OAAO;AAAA;AAAA;AAAA;AAAA,IAK5B,cAAcA,MAAK,eAAe;AAAA;AAAA;AAAA,IAIlC,wBAAwBC,SAAQ,0BAA0B,EAAE,QAAQ,EAAE,QAAQ,KAAK;AAAA;AAAA;AAAA;AAAA;AAAA,IAMnF,QAAQ,OAAO,WAAW,EAAE,MAAM,SAAS,CAAC,EACvC,WAAW,MAAM,MAAM,EAAE,EACzB,QAAQ;AAAA;AAAA;AAAA;AAAA;AAAA,IAMb,QAAQD;AAAA,MACJ;AAAA,MACA;AAAA,QACI,MAAM,CAAC,UAAU,YAAY,WAAW;AAAA,MAC5C;AAAA,IACJ,EAAE,QAAQ,EAAE,QAAQ,QAAQ;AAAA;AAAA;AAAA;AAAA,IAK5B,iBAAiB,UAAU,qBAAqB,EAAE,cAAc,KAAK,CAAC;AAAA;AAAA,IAGtE,iBAAiB,UAAU,qBAAqB,EAAE,cAAc,KAAK,CAAC;AAAA;AAAA;AAAA;AAAA,IAKtE,aAAa,UAAU,iBAAiB,EAAE,cAAc,KAAK,CAAC;AAAA,IAE9D,GAAGE,YAAW;AAAA,EAClB;AAAA,EACA,CAAC,UAAU;AAAA;AAAA;AAAA,IAGP;AAAA,MACI;AAAA,MACA,MAAM,MAAM,KAAK,mBAAmB,MAAM,KAAK;AAAA,IACnD;AAAA;AAAA,IAGAC,OAAM,iBAAiB,EAAE,GAAG,MAAM,KAAK;AAAA,IACvCA,OAAM,iBAAiB,EAAE,GAAG,MAAM,KAAK;AAAA,IACvCA,OAAM,kBAAkB,EAAE,GAAG,MAAM,MAAM;AAAA,IACzCA,OAAM,mBAAmB,EAAE,GAAG,MAAM,MAAM;AAAA,EAC9C;AACJ;","names":["text","boolean","index","id","timestamps","id","text","boolean","timestamps","index"]}

package/dist/server/entities/verification-codes.d.ts

@@ -1,191 +0,0 @@
-import * as drizzle_orm_pg_core from 'drizzle-orm/pg-core';
-
-/**
- * @spfn/auth - Verification Codes Entity
- *
- * Stores verification codes for email and phone verification
- * Codes expire after a configurable time period
- */
-declare const verificationCodes: drizzle_orm_pg_core.PgTableWithColumns<{
-    name: "verification_codes";
-    schema: string;
-    columns: {
-        createdAt: drizzle_orm_pg_core.PgColumn<{
-            name: "created_at";
-            tableName: "verification_codes";
-            dataType: "date";
-            columnType: "PgTimestamp";
-            data: Date;
-            driverParam: string;
-            notNull: true;
-            hasDefault: true;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: undefined;
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        updatedAt: drizzle_orm_pg_core.PgColumn<{
-            name: "updated_at";
-            tableName: "verification_codes";
-            dataType: "date";
-            columnType: "PgTimestamp";
-            data: Date;
-            driverParam: string;
-            notNull: true;
-            hasDefault: true;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: undefined;
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        id: drizzle_orm_pg_core.PgColumn<{
-            name: "id";
-            tableName: "verification_codes";
-            dataType: "number";
-            columnType: "PgBigSerial53";
-            data: number;
-            driverParam: number;
-            notNull: true;
-            hasDefault: true;
-            isPrimaryKey: true;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: undefined;
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        target: drizzle_orm_pg_core.PgColumn<{
-            name: "target";
-            tableName: "verification_codes";
-            dataType: "string";
-            columnType: "PgText";
-            data: string;
-            driverParam: string;
-            notNull: true;
-            hasDefault: false;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: [string, ...string[]];
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        targetType: drizzle_orm_pg_core.PgColumn<{
-            name: "target_type";
-            tableName: "verification_codes";
-            dataType: "string";
-            columnType: "PgText";
-            data: "email" | "phone";
-            driverParam: string;
-            notNull: true;
-            hasDefault: false;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: ["email", "phone"];
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        code: drizzle_orm_pg_core.PgColumn<{
-            name: "code";
-            tableName: "verification_codes";
-            dataType: "string";
-            columnType: "PgText";
-            data: string;
-            driverParam: string;
-            notNull: true;
-            hasDefault: false;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: [string, ...string[]];
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        purpose: drizzle_orm_pg_core.PgColumn<{
-            name: "purpose";
-            tableName: "verification_codes";
-            dataType: "string";
-            columnType: "PgText";
-            data: "registration" | "login" | "password_reset" | "email_change" | "phone_change";
-            driverParam: string;
-            notNull: true;
-            hasDefault: false;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: ["registration", "login", "password_reset", "email_change", "phone_change"];
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        expiresAt: drizzle_orm_pg_core.PgColumn<{
-            name: "expires_at";
-            tableName: "verification_codes";
-            dataType: "date";
-            columnType: "PgTimestamp";
-            data: Date;
-            driverParam: string;
-            notNull: true;
-            hasDefault: false;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: undefined;
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        usedAt: drizzle_orm_pg_core.PgColumn<{
-            name: "used_at";
-            tableName: "verification_codes";
-            dataType: "date";
-            columnType: "PgTimestamp";
-            data: Date;
-            driverParam: string;
-            notNull: false;
-            hasDefault: false;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: undefined;
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        attempts: drizzle_orm_pg_core.PgColumn<{
-            name: "attempts";
-            tableName: "verification_codes";
-            dataType: "string";
-            columnType: "PgText";
-            data: string;
-            driverParam: string;
-            notNull: true;
-            hasDefault: true;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: [string, ...string[]];
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-    };
-    dialect: "pg";
-}>;
-type VerificationCode = typeof verificationCodes.$inferSelect;
-type NewVerificationCode = typeof verificationCodes.$inferInsert;
-type VerificationTargetType = 'email' | 'phone';
-type VerificationPurpose = 'registration' | 'login' | 'password_reset' | 'email_change' | 'phone_change';
-
-export { type NewVerificationCode, type VerificationCode, type VerificationPurpose, type VerificationTargetType, verificationCodes };

package/dist/server/entities/verification-codes.js

@@ -1,49 +0,0 @@
-// src/server/entities/verification-codes.ts
-import { text, timestamp, index } from "drizzle-orm/pg-core";
-import { id, timestamps } from "@spfn/core/db";
-
-// src/server/entities/schema.ts
-import { createFunctionSchema } from "@spfn/core/db";
-var authSchema = createFunctionSchema("@spfn/auth");
-
-// src/server/entities/verification-codes.ts
-var verificationCodes = authSchema.table(
-  "verification_codes",
-  {
-    id: id(),
-    // Target (email or phone)
-    target: text("target").notNull(),
-    // Email address or E.164 phone number
-    targetType: text(
-      "target_type",
-      {
-        enum: ["email", "phone"]
-      }
-    ).notNull(),
-    // Code
-    code: text("code").notNull(),
-    // 6-digit code by default (configurable)
-    // Purpose
-    purpose: text(
-      "purpose",
-      {
-        enum: ["registration", "login", "password_reset", "email_change", "phone_change"]
-      }
-    ).notNull(),
-    // Expiry
-    expiresAt: timestamp("expires_at", { withTimezone: true }).notNull(),
-    // Usage tracking
-    usedAt: timestamp("used_at", { withTimezone: true }),
-    attempts: text("attempts").notNull().default("0"),
-    // Track failed verification attempts
-    ...timestamps()
-  },
-  (table) => [
-    // Index for quick lookup by target and purpose
-    index("target_purpose_idx").on(table.target, table.purpose, table.expiresAt)
-  ]
-);
-export {
-  verificationCodes
-};
-//# sourceMappingURL=verification-codes.js.map

package/dist/server/entities/verification-codes.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../src/server/entities/verification-codes.ts","../../../src/server/entities/schema.ts"],"sourcesContent":["/**\n * @spfn/auth - Verification Codes Entity\n *\n * Stores verification codes for email and phone verification\n * Codes expire after a configurable time period\n */\n\nimport { text, timestamp, index } from 'drizzle-orm/pg-core';\nimport { id, timestamps } from '@spfn/core/db';\nimport { authSchema } from './schema';\n\nexport const verificationCodes = authSchema.table('verification_codes',\n    {\n        id: id(),\n\n        // Target (email or phone)\n        target: text('target').notNull(), // Email address or E.164 phone number\n        targetType: text(\n            'target_type',\n            {\n                enum: ['email', 'phone']\n            }\n        ).notNull(),\n\n        // Code\n        code: text('code').notNull(), // 6-digit code by default (configurable)\n\n        // Purpose\n        purpose: text(\n            'purpose',\n            {\n                enum: ['registration', 'login', 'password_reset', 'email_change', 'phone_change']\n            }\n        ).notNull(),\n\n        // Expiry\n        expiresAt: timestamp('expires_at', { withTimezone: true }).notNull(),\n\n        // Usage tracking\n        usedAt: timestamp('used_at', { withTimezone: true }),\n        attempts: text('attempts').notNull().default('0'), // Track failed verification attempts\n\n        ...timestamps(),\n    },\n    (table) => [\n        // Index for quick lookup by target and purpose\n        index('target_purpose_idx')\n            .on(table.target, table.purpose, table.expiresAt),\n    ]\n);\n\n// Type exports\nexport type VerificationCode = typeof verificationCodes.$inferSelect;\nexport type NewVerificationCode = typeof verificationCodes.$inferInsert;\nexport type VerificationTargetType = 'email' | 'phone';\nexport type VerificationPurpose = 'registration' | 'login' | 'password_reset' | 'email_change' | 'phone_change';","/**\n * @spfn/auth - Database Schema Definition\n *\n * Defines the 'spfn_auth' PostgreSQL schema for all auth-related tables\n */\n\nimport { createFunctionSchema } from '@spfn/core/db';\n\n/**\n * Auth schema for all authentication and authorization tables\n * Tables: users, roles, permissions, user_invitations, etc.\n */\nexport const authSchema = createFunctionSchema('@spfn/auth');"],"mappings":";AAOA,SAAS,MAAM,WAAW,aAAa;AACvC,SAAS,IAAI,kBAAkB;;;ACF/B,SAAS,4BAA4B;AAM9B,IAAM,aAAa,qBAAqB,YAAY;;;ADDpD,IAAM,oBAAoB,WAAW;AAAA,EAAM;AAAA,EAC9C;AAAA,IACI,IAAI,GAAG;AAAA;AAAA,IAGP,QAAQ,KAAK,QAAQ,EAAE,QAAQ;AAAA;AAAA,IAC/B,YAAY;AAAA,MACR;AAAA,MACA;AAAA,QACI,MAAM,CAAC,SAAS,OAAO;AAAA,MAC3B;AAAA,IACJ,EAAE,QAAQ;AAAA;AAAA,IAGV,MAAM,KAAK,MAAM,EAAE,QAAQ;AAAA;AAAA;AAAA,IAG3B,SAAS;AAAA,MACL;AAAA,MACA;AAAA,QACI,MAAM,CAAC,gBAAgB,SAAS,kBAAkB,gBAAgB,cAAc;AAAA,MACpF;AAAA,IACJ,EAAE,QAAQ;AAAA;AAAA,IAGV,WAAW,UAAU,cAAc,EAAE,cAAc,KAAK,CAAC,EAAE,QAAQ;AAAA;AAAA,IAGnE,QAAQ,UAAU,WAAW,EAAE,cAAc,KAAK,CAAC;AAAA,IACnD,UAAU,KAAK,UAAU,EAAE,QAAQ,EAAE,QAAQ,GAAG;AAAA;AAAA,IAEhD,GAAG,WAAW;AAAA,EAClB;AAAA,EACA,CAAC,UAAU;AAAA;AAAA,IAEP,MAAM,oBAAoB,EACrB,GAAG,MAAM,QAAQ,MAAM,SAAS,MAAM,SAAS;AAAA,EACxD;AACJ;","names":[]}

package/dist/server/routes/auth/index.d.ts

@@ -1,10 +0,0 @@
-import * as _spfn_core_route from '@spfn/core/route';
-
-/**
- * @spfn/auth - Auth Routes
- *
- * Thin route handlers that delegate to services
- */
-declare const app: _spfn_core_route.SPFNApp;
-
-export { app as default };