@spfn/auth 0.1.0-alpha.88 → 0.2.0-beta.10

package/dist/server/entities/user-permissions.d.ts

@@ -1,163 +0,0 @@
-import * as drizzle_orm_pg_core from 'drizzle-orm/pg-core';
-
-/**
- * @spfn/auth - User-Permissions Override Entity
- *
- * Per-user permission grants/revocations
- *
- * Features:
- * - Grant additional permissions to specific users
- * - Revoke role-inherited permissions from specific users
- * - Temporary permissions with expiration
- * - Audit trail with reason field
- *
- * Priority:
- * User permissions override role permissions
- */
-declare const userPermissions: drizzle_orm_pg_core.PgTableWithColumns<{
-    name: "user_permissions";
-    schema: string;
-    columns: {
-        createdAt: drizzle_orm_pg_core.PgColumn<{
-            name: "created_at";
-            tableName: "user_permissions";
-            dataType: "date";
-            columnType: "PgTimestamp";
-            data: Date;
-            driverParam: string;
-            notNull: true;
-            hasDefault: true;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: undefined;
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        updatedAt: drizzle_orm_pg_core.PgColumn<{
-            name: "updated_at";
-            tableName: "user_permissions";
-            dataType: "date";
-            columnType: "PgTimestamp";
-            data: Date;
-            driverParam: string;
-            notNull: true;
-            hasDefault: true;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: undefined;
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        id: drizzle_orm_pg_core.PgColumn<{
-            name: "id";
-            tableName: "user_permissions";
-            dataType: "number";
-            columnType: "PgBigSerial53";
-            data: number;
-            driverParam: number;
-            notNull: true;
-            hasDefault: true;
-            isPrimaryKey: true;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: undefined;
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        userId: drizzle_orm_pg_core.PgColumn<{
-            name: "user_id";
-            tableName: "user_permissions";
-            dataType: "number";
-            columnType: "PgBigInt53";
-            data: number;
-            driverParam: string | number;
-            notNull: true;
-            hasDefault: false;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: undefined;
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        permissionId: drizzle_orm_pg_core.PgColumn<{
-            name: "permission_id";
-            tableName: "user_permissions";
-            dataType: "number";
-            columnType: "PgBigInt53";
-            data: number;
-            driverParam: string | number;
-            notNull: true;
-            hasDefault: false;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: undefined;
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        granted: drizzle_orm_pg_core.PgColumn<{
-            name: "granted";
-            tableName: "user_permissions";
-            dataType: "boolean";
-            columnType: "PgBoolean";
-            data: boolean;
-            driverParam: boolean;
-            notNull: true;
-            hasDefault: true;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: undefined;
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        reason: drizzle_orm_pg_core.PgColumn<{
-            name: "reason";
-            tableName: "user_permissions";
-            dataType: "string";
-            columnType: "PgText";
-            data: string;
-            driverParam: string;
-            notNull: false;
-            hasDefault: false;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: [string, ...string[]];
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        expiresAt: drizzle_orm_pg_core.PgColumn<{
-            name: "expires_at";
-            tableName: "user_permissions";
-            dataType: "date";
-            columnType: "PgTimestamp";
-            data: Date;
-            driverParam: string;
-            notNull: false;
-            hasDefault: false;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: undefined;
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-    };
-    dialect: "pg";
-}>;
-type UserPermission = typeof userPermissions.$inferSelect;
-type NewUserPermission = typeof userPermissions.$inferInsert;
-
-export { type NewUserPermission, type UserPermission, userPermissions };

package/dist/server/entities/user-permissions.js

@@ -1,193 +0,0 @@
-// src/server/entities/user-permissions.ts
-import { bigint as bigint2, boolean as boolean4, text as text4, timestamp as timestamp2, index as index4, unique } from "drizzle-orm/pg-core";
-import { id as id4, timestamps as timestamps4 } from "@spfn/core/db";
-
-// src/server/entities/users.ts
-import { text as text2, timestamp, check, boolean as boolean2, bigint, index as index2 } from "drizzle-orm/pg-core";
-import { id as id2, timestamps as timestamps2 } from "@spfn/core/db";
-import { sql } from "drizzle-orm";
-
-// src/server/entities/roles.ts
-import { text, boolean, integer, index } from "drizzle-orm/pg-core";
-import { id, timestamps } from "@spfn/core/db";
-
-// src/server/entities/schema.ts
-import { createFunctionSchema } from "@spfn/core/db";
-var authSchema = createFunctionSchema("@spfn/auth");
-
-// src/server/entities/roles.ts
-var roles = authSchema.table(
-  "roles",
-  {
-    // Primary key
-    id: id(),
-    // Role identifier (used in code, e.g., 'admin', 'editor')
-    // Must be unique, lowercase, kebab-case recommended
-    name: text("name").notNull().unique(),
-    // Display name for UI (e.g., 'Administrator', 'Content Editor')
-    displayName: text("display_name").notNull(),
-    // Role description
-    description: text("description"),
-    // Built-in role flag
-    // true: Core package roles (user, admin, superadmin) - cannot be deleted
-    // false: Custom or preset roles - can be deleted
-    isBuiltin: boolean("is_builtin").notNull().default(false),
-    // System role flag
-    // true: Defined in code (builtin or preset) - deletion restricted
-    // false: Runtime created custom role - fully manageable
-    isSystem: boolean("is_system").notNull().default(false),
-    // Active status
-    // false: Deactivated role (users cannot be assigned)
-    isActive: boolean("is_active").notNull().default(true),
-    // Priority level (higher = more privileged)
-    // superadmin: 100, admin: 80, user: 10
-    // Used for role hierarchy and conflict resolution
-    priority: integer("priority").notNull().default(10),
-    ...timestamps()
-  },
-  (table) => [
-    index("roles_name_idx").on(table.name),
-    index("roles_is_system_idx").on(table.isSystem),
-    index("roles_is_active_idx").on(table.isActive),
-    index("roles_is_builtin_idx").on(table.isBuiltin),
-    index("roles_priority_idx").on(table.priority)
-  ]
-);
-
-// src/server/entities/users.ts
-var users = authSchema.table(
-  "users",
-  {
-    // Identity
-    id: id2(),
-    // Email address (unique identifier)
-    // Used for: login, password reset, notifications
-    email: text2("email").unique(),
-    // Phone number in E.164 international format
-    // Format: +[country code][number] (e.g., +821012345678)
-    // Used for: SMS login, 2FA, notifications
-    phone: text2("phone").unique(),
-    // Authentication
-    // Bcrypt password hash ($2b$10$[salt][hash], 60 chars)
-    // Nullable to support OAuth-only accounts
-    passwordHash: text2("password_hash"),
-    // Force password change on next login
-    // Use cases: initial setup, security breach, policy violation
-    passwordChangeRequired: boolean2("password_change_required").notNull().default(false),
-    // Authorization (Role-Based Access Control)
-    // Foreign key to roles table
-    // References built-in roles: user (default), admin, superadmin
-    // Can also reference custom roles created at runtime
-    roleId: bigint("role_id", { mode: "number" }).references(() => roles.id).notNull(),
-    // Account status
-    // - active: Normal operation (default)
-    // - inactive: Deactivated (user request, dormant)
-    // - suspended: Locked (security incident, ToS violation)
-    status: text2(
-      "status",
-      {
-        enum: ["active", "inactive", "suspended"]
-      }
-    ).notNull().default("active"),
-    // Verification timestamps
-    // null = unverified, timestamp = verified at this time
-    // Email verification (via verification code or magic link)
-    emailVerifiedAt: timestamp("email_verified_at", { withTimezone: true }),
-    // Phone verification (via SMS OTP)
-    phoneVerifiedAt: timestamp("phone_verified_at", { withTimezone: true }),
-    // Metadata
-    // Last successful login timestamp
-    // Used for: security auditing, dormant account detection
-    lastLoginAt: timestamp("last_login_at", { withTimezone: true }),
-    ...timestamps2()
-  },
-  (table) => [
-    // Database constraints
-    // Ensure at least one identifier exists (email OR phone)
-    check(
-      "email_or_phone_check",
-      sql`${table.email} IS NOT NULL OR ${table.phone} IS NOT NULL`
-    ),
-    // Indexes for query optimization
-    index2("users_email_idx").on(table.email),
-    index2("users_phone_idx").on(table.phone),
-    index2("users_status_idx").on(table.status),
-    index2("users_role_id_idx").on(table.roleId)
-  ]
-);
-
-// src/server/entities/permissions.ts
-import { text as text3, boolean as boolean3, index as index3 } from "drizzle-orm/pg-core";
-import { id as id3, timestamps as timestamps3 } from "@spfn/core/db";
-var permissions = authSchema.table(
-  "permissions",
-  {
-    // Primary key
-    id: id3(),
-    // Permission identifier (e.g., 'user:delete', 'post:publish')
-    // Format: resource:action or namespace:resource:action
-    // Must be unique
-    name: text3("name").notNull().unique(),
-    // Display name for UI
-    displayName: text3("display_name").notNull(),
-    // Permission description
-    description: text3("description"),
-    // Category for grouping (e.g., 'user', 'post', 'admin', 'system')
-    category: text3("category"),
-    // Built-in permission flag
-    // true: Core package permissions - cannot be deleted
-    // false: Custom or preset permissions
-    isBuiltin: boolean3("is_builtin").notNull().default(false),
-    // System permission flag
-    // true: Defined in code (builtin or preset)
-    // false: Runtime created custom permission
-    isSystem: boolean3("is_system").notNull().default(false),
-    // Active status
-    // false: Deactivated permission (not enforced)
-    isActive: boolean3("is_active").notNull().default(true),
-    ...timestamps3()
-  },
-  (table) => [
-    index3("permissions_name_idx").on(table.name),
-    index3("permissions_category_idx").on(table.category),
-    index3("permissions_is_system_idx").on(table.isSystem),
-    index3("permissions_is_active_idx").on(table.isActive),
-    index3("permissions_is_builtin_idx").on(table.isBuiltin)
-  ]
-);
-
-// src/server/entities/user-permissions.ts
-var userPermissions = authSchema.table(
-  "user_permissions",
-  {
-    // Primary key
-    id: id4(),
-    // Foreign key to users table
-    userId: bigint2("user_id", { mode: "number" }).notNull().references(() => users.id, { onDelete: "cascade" }),
-    // Foreign key to permissions table
-    permissionId: bigint2("permission_id", { mode: "number" }).notNull().references(() => permissions.id, { onDelete: "cascade" }),
-    // Grant or revoke
-    // true: Grant this permission (even if role doesn't have it)
-    // false: Revoke this permission (even if role has it)
-    granted: boolean4("granted").notNull().default(true),
-    // Reason for grant/revocation (audit trail)
-    reason: text4("reason"),
-    // Expiration timestamp (optional)
-    // null: Permanent override
-    // timestamp: Permission expires at this time
-    expiresAt: timestamp2("expires_at", { withTimezone: true }),
-    ...timestamps4()
-  },
-  (table) => [
-    // Indexes for query performance
-    index4("user_permissions_user_id_idx").on(table.userId),
-    index4("user_permissions_permission_id_idx").on(table.permissionId),
-    index4("user_permissions_expires_at_idx").on(table.expiresAt),
-    // Unique constraint: one user-permission pair only
-    unique("user_permissions_unique").on(table.userId, table.permissionId)
-  ]
-);
-export {
-  userPermissions
-};
-//# sourceMappingURL=user-permissions.js.map

package/dist/server/entities/user-permissions.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../src/server/entities/user-permissions.ts","../../../src/server/entities/users.ts","../../../src/server/entities/roles.ts","../../../src/server/entities/schema.ts","../../../src/server/entities/permissions.ts"],"sourcesContent":["/**\n * @spfn/auth - User-Permissions Override Entity\n *\n * Per-user permission grants/revocations\n *\n * Features:\n * - Grant additional permissions to specific users\n * - Revoke role-inherited permissions from specific users\n * - Temporary permissions with expiration\n * - Audit trail with reason field\n *\n * Priority:\n * User permissions override role permissions\n */\n\nimport { bigint, boolean, text, timestamp, index, unique } from 'drizzle-orm/pg-core';\nimport { id, timestamps } from '@spfn/core/db';\nimport { users } from './users';\nimport { permissions } from './permissions';\nimport { authSchema } from './schema';\n\nexport const userPermissions = authSchema.table('user_permissions',\n    {\n        // Primary key\n        id: id(),\n\n        // Foreign key to users table\n        userId: bigint('user_id', { mode: 'number' })\n            .notNull()\n            .references(() => users.id, { onDelete: 'cascade' }),\n\n        // Foreign key to permissions table\n        permissionId: bigint('permission_id', { mode: 'number' })\n            .notNull()\n            .references(() => permissions.id, { onDelete: 'cascade' }),\n\n        // Grant or revoke\n        // true: Grant this permission (even if role doesn't have it)\n        // false: Revoke this permission (even if role has it)\n        granted: boolean('granted').notNull().default(true),\n\n        // Reason for grant/revocation (audit trail)\n        reason: text('reason'),\n\n        // Expiration timestamp (optional)\n        // null: Permanent override\n        // timestamp: Permission expires at this time\n        expiresAt: timestamp('expires_at', { withTimezone: true }),\n\n        ...timestamps(),\n    },\n    (table) => [\n        // Indexes for query performance\n        index('user_permissions_user_id_idx').on(table.userId),\n        index('user_permissions_permission_id_idx').on(table.permissionId),\n        index('user_permissions_expires_at_idx').on(table.expiresAt),\n\n        // Unique constraint: one user-permission pair only\n        unique('user_permissions_unique').on(table.userId, table.permissionId),\n    ]\n);\n\n// Type exports\nexport type UserPermission = typeof userPermissions.$inferSelect;\nexport type NewUserPermission = typeof userPermissions.$inferInsert;","/**\n * @spfn/auth - Users Entity\n *\n * Main user table supporting multiple authentication methods\n *\n * Features:\n * - Email or phone-based registration\n * - Password authentication (bcrypt)\n * - OAuth support (nullable passwordHash)\n * - Role-based access control (RBAC)\n * - Account status management\n * - Email/phone verification\n */\n\nimport { text, timestamp, check, boolean, bigint, index } from 'drizzle-orm/pg-core';\nimport { id, timestamps } from '@spfn/core/db';\nimport { sql } from 'drizzle-orm';\nimport { roles } from './roles';\nimport { authSchema } from './schema';\n\nexport const users = authSchema.table('users',\n    {\n        // Identity\n        id: id(),\n\n        // Email address (unique identifier)\n        // Used for: login, password reset, notifications\n        email: text('email').unique(),\n\n        // Phone number in E.164 international format\n        // Format: +[country code][number] (e.g., +821012345678)\n        // Used for: SMS login, 2FA, notifications\n        phone: text('phone').unique(),\n\n        // Authentication\n        // Bcrypt password hash ($2b$10$[salt][hash], 60 chars)\n        // Nullable to support OAuth-only accounts\n        passwordHash: text('password_hash'),\n\n        // Force password change on next login\n        // Use cases: initial setup, security breach, policy violation\n        passwordChangeRequired: boolean('password_change_required').notNull().default(false),\n\n        // Authorization (Role-Based Access Control)\n        // Foreign key to roles table\n        // References built-in roles: user (default), admin, superadmin\n        // Can also reference custom roles created at runtime\n        roleId: bigint('role_id', { mode: 'number' })\n            .references(() => roles.id)\n            .notNull(),\n\n        // Account status\n        // - active: Normal operation (default)\n        // - inactive: Deactivated (user request, dormant)\n        // - suspended: Locked (security incident, ToS violation)\n        status: text(\n            'status',\n            {\n                enum: ['active', 'inactive', 'suspended']\n            }\n        ).notNull().default('active'),\n\n        // Verification timestamps\n        // null = unverified, timestamp = verified at this time\n        // Email verification (via verification code or magic link)\n        emailVerifiedAt: timestamp('email_verified_at', { withTimezone: true }),\n\n        // Phone verification (via SMS OTP)\n        phoneVerifiedAt: timestamp('phone_verified_at', { withTimezone: true }),\n\n        // Metadata\n        // Last successful login timestamp\n        // Used for: security auditing, dormant account detection\n        lastLoginAt: timestamp('last_login_at', { withTimezone: true }),\n\n        ...timestamps(),\n    },\n    (table) => [\n        // Database constraints\n        // Ensure at least one identifier exists (email OR phone)\n        check(\n            'email_or_phone_check',\n            sql`${table.email} IS NOT NULL OR ${table.phone} IS NOT NULL`\n        ),\n\n        // Indexes for query optimization\n        index('users_email_idx').on(table.email),\n        index('users_phone_idx').on(table.phone),\n        index('users_status_idx').on(table.status),\n        index('users_role_id_idx').on(table.roleId),\n    ]\n);\n\n// Type exports\nexport type User = typeof users.$inferSelect;\nexport type NewUser = typeof users.$inferInsert;\nexport type UserStatus = 'active' | 'inactive' | 'suspended';\n\n// Helper type with computed verification status\nexport type UserWithVerification = User &\n{\n    isEmailVerified: boolean;\n    isPhoneVerified: boolean;\n};","/**\n * @spfn/auth - Roles Entity\n *\n * Role-based access control (RBAC) roles table\n *\n * Features:\n * - Built-in roles (user, admin, superadmin) - cannot be deleted\n * - System roles (preset roles) - can be deactivated\n * - Custom roles (runtime created) - fully manageable\n * - Priority-based hierarchy\n */\n\nimport { text, boolean, integer, index } from 'drizzle-orm/pg-core';\nimport { id, timestamps } from '@spfn/core/db';\nimport { authSchema } from './schema';\n\nexport const roles = authSchema.table('roles',\n    {\n        // Primary key\n        id: id(),\n\n        // Role identifier (used in code, e.g., 'admin', 'editor')\n        // Must be unique, lowercase, kebab-case recommended\n        name: text('name').notNull().unique(),\n\n        // Display name for UI (e.g., 'Administrator', 'Content Editor')\n        displayName: text('display_name').notNull(),\n\n        // Role description\n        description: text('description'),\n\n        // Built-in role flag\n        // true: Core package roles (user, admin, superadmin) - cannot be deleted\n        // false: Custom or preset roles - can be deleted\n        isBuiltin: boolean('is_builtin').notNull().default(false),\n\n        // System role flag\n        // true: Defined in code (builtin or preset) - deletion restricted\n        // false: Runtime created custom role - fully manageable\n        isSystem: boolean('is_system').notNull().default(false),\n\n        // Active status\n        // false: Deactivated role (users cannot be assigned)\n        isActive: boolean('is_active').notNull().default(true),\n\n        // Priority level (higher = more privileged)\n        // superadmin: 100, admin: 80, user: 10\n        // Used for role hierarchy and conflict resolution\n        priority: integer('priority').notNull().default(10),\n\n        ...timestamps(),\n    },\n    (table) => [\n        index('roles_name_idx').on(table.name),\n        index('roles_is_system_idx').on(table.isSystem),\n        index('roles_is_active_idx').on(table.isActive),\n        index('roles_is_builtin_idx').on(table.isBuiltin),\n        index('roles_priority_idx').on(table.priority),\n    ]\n);\n\n// Type exports\nexport type RoleEntity = typeof roles.$inferSelect;\nexport type NewRoleEntity = typeof roles.$inferInsert;\n\n// Legacy alias for backward compatibility\nexport type Role = RoleEntity;\nexport type NewRole = NewRoleEntity;","/**\n * @spfn/auth - Database Schema Definition\n *\n * Defines the 'spfn_auth' PostgreSQL schema for all auth-related tables\n */\n\nimport { createFunctionSchema } from '@spfn/core/db';\n\n/**\n * Auth schema for all authentication and authorization tables\n * Tables: users, roles, permissions, user_invitations, etc.\n */\nexport const authSchema = createFunctionSchema('@spfn/auth');","/**\n * @spfn/auth - Permissions Entity\n *\n * Granular permissions for RBAC system\n *\n * Features:\n * - Built-in permissions (auth:*, user:*, rbac:*) - required for package\n * - System permissions (preset permissions) - optional\n * - Custom permissions (app-specific) - defined by developers\n * - Category grouping for organization\n */\n\nimport { text, boolean, index } from 'drizzle-orm/pg-core';\nimport { id, timestamps } from '@spfn/core/db';\nimport { authSchema } from './schema';\n\nexport const permissions = authSchema.table('permissions',\n    {\n        // Primary key\n        id: id(),\n\n        // Permission identifier (e.g., 'user:delete', 'post:publish')\n        // Format: resource:action or namespace:resource:action\n        // Must be unique\n        name: text('name').notNull().unique(),\n\n        // Display name for UI\n        displayName: text('display_name').notNull(),\n\n        // Permission description\n        description: text('description'),\n\n        // Category for grouping (e.g., 'user', 'post', 'admin', 'system')\n        category: text('category'),\n\n        // Built-in permission flag\n        // true: Core package permissions - cannot be deleted\n        // false: Custom or preset permissions\n        isBuiltin: boolean('is_builtin').notNull().default(false),\n\n        // System permission flag\n        // true: Defined in code (builtin or preset)\n        // false: Runtime created custom permission\n        isSystem: boolean('is_system').notNull().default(false),\n\n        // Active status\n        // false: Deactivated permission (not enforced)\n        isActive: boolean('is_active').notNull().default(true),\n\n        ...timestamps(),\n    },\n    (table) => [\n        index('permissions_name_idx').on(table.name),\n        index('permissions_category_idx').on(table.category),\n        index('permissions_is_system_idx').on(table.isSystem),\n        index('permissions_is_active_idx').on(table.isActive),\n        index('permissions_is_builtin_idx').on(table.isBuiltin),\n    ]\n);\n\n// Type exports\nexport type PermissionEntity = typeof permissions.$inferSelect;\nexport type NewPermissionEntity = typeof permissions.$inferInsert;\n\n// Legacy alias for backward compatibility\nexport type Permission = PermissionEntity;\nexport type NewPermission = NewPermissionEntity;"],"mappings":";AAeA,SAAS,UAAAA,SAAQ,WAAAC,UAAS,QAAAC,OAAM,aAAAC,YAAW,SAAAC,QAAO,cAAc;AAChE,SAAS,MAAAC,KAAI,cAAAC,mBAAkB;;;ACF/B,SAAS,QAAAC,OAAM,WAAW,OAAO,WAAAC,UAAS,QAAQ,SAAAC,cAAa;AAC/D,SAAS,MAAAC,KAAI,cAAAC,mBAAkB;AAC/B,SAAS,WAAW;;;ACJpB,SAAS,MAAM,SAAS,SAAS,aAAa;AAC9C,SAAS,IAAI,kBAAkB;;;ACP/B,SAAS,4BAA4B;AAM9B,IAAM,aAAa,qBAAqB,YAAY;;;ADIpD,IAAM,QAAQ,WAAW;AAAA,EAAM;AAAA,EAClC;AAAA;AAAA,IAEI,IAAI,GAAG;AAAA;AAAA;AAAA,IAIP,MAAM,KAAK,MAAM,EAAE,QAAQ,EAAE,OAAO;AAAA;AAAA,IAGpC,aAAa,KAAK,cAAc,EAAE,QAAQ;AAAA;AAAA,IAG1C,aAAa,KAAK,aAAa;AAAA;AAAA;AAAA;AAAA,IAK/B,WAAW,QAAQ,YAAY,EAAE,QAAQ,EAAE,QAAQ,KAAK;AAAA;AAAA;AAAA;AAAA,IAKxD,UAAU,QAAQ,WAAW,EAAE,QAAQ,EAAE,QAAQ,KAAK;AAAA;AAAA;AAAA,IAItD,UAAU,QAAQ,WAAW,EAAE,QAAQ,EAAE,QAAQ,IAAI;AAAA;AAAA;AAAA;AAAA,IAKrD,UAAU,QAAQ,UAAU,EAAE,QAAQ,EAAE,QAAQ,EAAE;AAAA,IAElD,GAAG,WAAW;AAAA,EAClB;AAAA,EACA,CAAC,UAAU;AAAA,IACP,MAAM,gBAAgB,EAAE,GAAG,MAAM,IAAI;AAAA,IACrC,MAAM,qBAAqB,EAAE,GAAG,MAAM,QAAQ;AAAA,IAC9C,MAAM,qBAAqB,EAAE,GAAG,MAAM,QAAQ;AAAA,IAC9C,MAAM,sBAAsB,EAAE,GAAG,MAAM,SAAS;AAAA,IAChD,MAAM,oBAAoB,EAAE,GAAG,MAAM,QAAQ;AAAA,EACjD;AACJ;;;ADvCO,IAAM,QAAQ,WAAW;AAAA,EAAM;AAAA,EAClC;AAAA;AAAA,IAEI,IAAIC,IAAG;AAAA;AAAA;AAAA,IAIP,OAAOC,MAAK,OAAO,EAAE,OAAO;AAAA;AAAA;AAAA;AAAA,IAK5B,OAAOA,MAAK,OAAO,EAAE,OAAO;AAAA;AAAA;AAAA;AAAA,IAK5B,cAAcA,MAAK,eAAe;AAAA;AAAA;AAAA,IAIlC,wBAAwBC,SAAQ,0BAA0B,EAAE,QAAQ,EAAE,QAAQ,KAAK;AAAA;AAAA;AAAA;AAAA;AAAA,IAMnF,QAAQ,OAAO,WAAW,EAAE,MAAM,SAAS,CAAC,EACvC,WAAW,MAAM,MAAM,EAAE,EACzB,QAAQ;AAAA;AAAA;AAAA;AAAA;AAAA,IAMb,QAAQD;AAAA,MACJ;AAAA,MACA;AAAA,QACI,MAAM,CAAC,UAAU,YAAY,WAAW;AAAA,MAC5C;AAAA,IACJ,EAAE,QAAQ,EAAE,QAAQ,QAAQ;AAAA;AAAA;AAAA;AAAA,IAK5B,iBAAiB,UAAU,qBAAqB,EAAE,cAAc,KAAK,CAAC;AAAA;AAAA,IAGtE,iBAAiB,UAAU,qBAAqB,EAAE,cAAc,KAAK,CAAC;AAAA;AAAA;AAAA;AAAA,IAKtE,aAAa,UAAU,iBAAiB,EAAE,cAAc,KAAK,CAAC;AAAA,IAE9D,GAAGE,YAAW;AAAA,EAClB;AAAA,EACA,CAAC,UAAU;AAAA;AAAA;AAAA,IAGP;AAAA,MACI;AAAA,MACA,MAAM,MAAM,KAAK,mBAAmB,MAAM,KAAK;AAAA,IACnD;AAAA;AAAA,IAGAC,OAAM,iBAAiB,EAAE,GAAG,MAAM,KAAK;AAAA,IACvCA,OAAM,iBAAiB,EAAE,GAAG,MAAM,KAAK;AAAA,IACvCA,OAAM,kBAAkB,EAAE,GAAG,MAAM,MAAM;AAAA,IACzCA,OAAM,mBAAmB,EAAE,GAAG,MAAM,MAAM;AAAA,EAC9C;AACJ;;;AG/EA,SAAS,QAAAC,OAAM,WAAAC,UAAS,SAAAC,cAAa;AACrC,SAAS,MAAAC,KAAI,cAAAC,mBAAkB;AAGxB,IAAM,cAAc,WAAW;AAAA,EAAM;AAAA,EACxC;AAAA;AAAA,IAEI,IAAIC,IAAG;AAAA;AAAA;AAAA;AAAA,IAKP,MAAMC,MAAK,MAAM,EAAE,QAAQ,EAAE,OAAO;AAAA;AAAA,IAGpC,aAAaA,MAAK,cAAc,EAAE,QAAQ;AAAA;AAAA,IAG1C,aAAaA,MAAK,aAAa;AAAA;AAAA,IAG/B,UAAUA,MAAK,UAAU;AAAA;AAAA;AAAA;AAAA,IAKzB,WAAWC,SAAQ,YAAY,EAAE,QAAQ,EAAE,QAAQ,KAAK;AAAA;AAAA;AAAA;AAAA,IAKxD,UAAUA,SAAQ,WAAW,EAAE,QAAQ,EAAE,QAAQ,KAAK;AAAA;AAAA;AAAA,IAItD,UAAUA,SAAQ,WAAW,EAAE,QAAQ,EAAE,QAAQ,IAAI;AAAA,IAErD,GAAGC,YAAW;AAAA,EAClB;AAAA,EACA,CAAC,UAAU;AAAA,IACPC,OAAM,sBAAsB,EAAE,GAAG,MAAM,IAAI;AAAA,IAC3CA,OAAM,0BAA0B,EAAE,GAAG,MAAM,QAAQ;AAAA,IACnDA,OAAM,2BAA2B,EAAE,GAAG,MAAM,QAAQ;AAAA,IACpDA,OAAM,2BAA2B,EAAE,GAAG,MAAM,QAAQ;AAAA,IACpDA,OAAM,4BAA4B,EAAE,GAAG,MAAM,SAAS;AAAA,EAC1D;AACJ;;;AJrCO,IAAM,kBAAkB,WAAW;AAAA,EAAM;AAAA,EAC5C;AAAA;AAAA,IAEI,IAAIC,IAAG;AAAA;AAAA,IAGP,QAAQC,QAAO,WAAW,EAAE,MAAM,SAAS,CAAC,EACvC,QAAQ,EACR,WAAW,MAAM,MAAM,IAAI,EAAE,UAAU,UAAU,CAAC;AAAA;AAAA,IAGvD,cAAcA,QAAO,iBAAiB,EAAE,MAAM,SAAS,CAAC,EACnD,QAAQ,EACR,WAAW,MAAM,YAAY,IAAI,EAAE,UAAU,UAAU,CAAC;AAAA;AAAA;AAAA;AAAA,IAK7D,SAASC,SAAQ,SAAS,EAAE,QAAQ,EAAE,QAAQ,IAAI;AAAA;AAAA,IAGlD,QAAQC,MAAK,QAAQ;AAAA;AAAA;AAAA;AAAA,IAKrB,WAAWC,WAAU,cAAc,EAAE,cAAc,KAAK,CAAC;AAAA,IAEzD,GAAGC,YAAW;AAAA,EAClB;AAAA,EACA,CAAC,UAAU;AAAA;AAAA,IAEPC,OAAM,8BAA8B,EAAE,GAAG,MAAM,MAAM;AAAA,IACrDA,OAAM,oCAAoC,EAAE,GAAG,MAAM,YAAY;AAAA,IACjEA,OAAM,iCAAiC,EAAE,GAAG,MAAM,SAAS;AAAA;AAAA,IAG3D,OAAO,yBAAyB,EAAE,GAAG,MAAM,QAAQ,MAAM,YAAY;AAAA,EACzE;AACJ;","names":["bigint","boolean","text","timestamp","index","id","timestamps","text","boolean","index","id","timestamps","id","text","boolean","timestamps","index","text","boolean","index","id","timestamps","id","text","boolean","timestamps","index","id","bigint","boolean","text","timestamp","timestamps","index"]}

package/dist/server/entities/user-public-keys.d.ts

@@ -1,227 +0,0 @@
-import * as drizzle_orm_pg_core from 'drizzle-orm/pg-core';
-
-/**
- * @spfn/auth - User Public Keys Entity
- *
- * Stores client-generated public keys for JWT verification
- * Supports key rotation and multi-key management per user
- */
-/**
- * User Public Keys Table
- * Each user can have multiple public keys (for rotation)
- */
-declare const userPublicKeys: drizzle_orm_pg_core.PgTableWithColumns<{
-    name: "user_public_keys";
-    schema: string;
-    columns: {
-        id: drizzle_orm_pg_core.PgColumn<{
-            name: "id";
-            tableName: "user_public_keys";
-            dataType: "number";
-            columnType: "PgBigSerial53";
-            data: number;
-            driverParam: number;
-            notNull: true;
-            hasDefault: true;
-            isPrimaryKey: true;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: undefined;
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        userId: drizzle_orm_pg_core.PgColumn<{
-            name: `${string}_id`;
-            tableName: "user_public_keys";
-            dataType: "number";
-            columnType: "PgBigSerial53";
-            data: number;
-            driverParam: number;
-            notNull: true;
-            hasDefault: true;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: undefined;
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        keyId: drizzle_orm_pg_core.PgColumn<{
-            name: "key_id";
-            tableName: "user_public_keys";
-            dataType: "string";
-            columnType: "PgText";
-            data: string;
-            driverParam: string;
-            notNull: true;
-            hasDefault: false;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: [string, ...string[]];
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        publicKey: drizzle_orm_pg_core.PgColumn<{
-            name: "public_key";
-            tableName: "user_public_keys";
-            dataType: "string";
-            columnType: "PgText";
-            data: string;
-            driverParam: string;
-            notNull: true;
-            hasDefault: false;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: [string, ...string[]];
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        algorithm: drizzle_orm_pg_core.PgColumn<{
-            name: "algorithm";
-            tableName: "user_public_keys";
-            dataType: "string";
-            columnType: "PgText";
-            data: "ES256" | "RS256";
-            driverParam: string;
-            notNull: true;
-            hasDefault: true;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: ["ES256", "RS256"];
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        fingerprint: drizzle_orm_pg_core.PgColumn<{
-            name: "fingerprint";
-            tableName: "user_public_keys";
-            dataType: "string";
-            columnType: "PgText";
-            data: string;
-            driverParam: string;
-            notNull: true;
-            hasDefault: false;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: [string, ...string[]];
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        isActive: drizzle_orm_pg_core.PgColumn<{
-            name: "is_active";
-            tableName: "user_public_keys";
-            dataType: "boolean";
-            columnType: "PgBoolean";
-            data: boolean;
-            driverParam: boolean;
-            notNull: true;
-            hasDefault: true;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: undefined;
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        createdAt: drizzle_orm_pg_core.PgColumn<{
-            name: "created_at";
-            tableName: "user_public_keys";
-            dataType: "date";
-            columnType: "PgTimestamp";
-            data: Date;
-            driverParam: string;
-            notNull: true;
-            hasDefault: true;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: undefined;
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        lastUsedAt: drizzle_orm_pg_core.PgColumn<{
-            name: "last_used_at";
-            tableName: "user_public_keys";
-            dataType: "date";
-            columnType: "PgTimestamp";
-            data: Date;
-            driverParam: string;
-            notNull: false;
-            hasDefault: false;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: undefined;
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        expiresAt: drizzle_orm_pg_core.PgColumn<{
-            name: "expires_at";
-            tableName: "user_public_keys";
-            dataType: "date";
-            columnType: "PgTimestamp";
-            data: Date;
-            driverParam: string;
-            notNull: false;
-            hasDefault: false;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: undefined;
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        revokedAt: drizzle_orm_pg_core.PgColumn<{
-            name: "revoked_at";
-            tableName: "user_public_keys";
-            dataType: "date";
-            columnType: "PgTimestamp";
-            data: Date;
-            driverParam: string;
-            notNull: false;
-            hasDefault: false;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: undefined;
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-        revokedReason: drizzle_orm_pg_core.PgColumn<{
-            name: "revoked_reason";
-            tableName: "user_public_keys";
-            dataType: "string";
-            columnType: "PgText";
-            data: string;
-            driverParam: string;
-            notNull: false;
-            hasDefault: false;
-            isPrimaryKey: false;
-            isAutoincrement: false;
-            hasRuntimeDefault: false;
-            enumValues: [string, ...string[]];
-            baseColumn: never;
-            identity: undefined;
-            generated: undefined;
-        }, {}, {}>;
-    };
-    dialect: "pg";
-}>;
-type UserPublicKey = typeof userPublicKeys.$inferSelect;
-type NewUserPublicKey = typeof userPublicKeys.$inferInsert;
-
-export { type NewUserPublicKey, type UserPublicKey, userPublicKeys };