@spfn/auth 0.2.0-beta.1 → 0.2.0-beta.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +169 -168
- package/dist/{dto-81uR9gzF.d.ts → authenticate-CU6_zQaa.d.ts} +184 -169
- package/dist/config.d.ts +4 -0
- package/dist/config.js +4 -0
- package/dist/config.js.map +1 -1
- package/dist/index.d.ts +146 -119
- package/dist/index.js +24 -1
- package/dist/index.js.map +1 -1
- package/dist/nextjs/api.js +1 -1
- package/dist/nextjs/api.js.map +1 -1
- package/dist/nextjs/server.js +0 -2
- package/dist/nextjs/server.js.map +1 -1
- package/dist/server.d.ts +171 -403
- package/dist/server.js +217 -461
- package/dist/server.js.map +1 -1
- package/migrations/0000_premium_famine.sql +292 -0
- package/migrations/meta/0000_snapshot.json +1 -1
- package/migrations/meta/_journal.json +2 -2
- package/package.json +8 -11
- package/migrations/0000_mysterious_colossus.sql +0 -197
|
@@ -0,0 +1,292 @@
|
|
|
1
|
+
CREATE SCHEMA IF NOT EXISTS "spfn_auth";
|
|
2
|
+
--> statement-breakpoint
|
|
3
|
+
CREATE TABLE IF NOT EXISTS "spfn_auth"."users" (
|
|
4
|
+
"id" bigserial PRIMARY KEY NOT NULL,
|
|
5
|
+
"email" text,
|
|
6
|
+
"phone" text,
|
|
7
|
+
"password_hash" text,
|
|
8
|
+
"password_change_required" boolean DEFAULT false NOT NULL,
|
|
9
|
+
"role_id" bigserial NOT NULL,
|
|
10
|
+
"status" text DEFAULT 'active' NOT NULL,
|
|
11
|
+
"email_verified_at" timestamp with time zone,
|
|
12
|
+
"phone_verified_at" timestamp with time zone,
|
|
13
|
+
"last_login_at" timestamp with time zone,
|
|
14
|
+
"created_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
15
|
+
"updated_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
16
|
+
CONSTRAINT "users_email_unique" UNIQUE("email"),
|
|
17
|
+
CONSTRAINT "users_phone_unique" UNIQUE("phone"),
|
|
18
|
+
CONSTRAINT "email_or_phone_check" CHECK ("spfn_auth"."users"."email" IS NOT NULL OR "spfn_auth"."users"."phone" IS NOT NULL)
|
|
19
|
+
);
|
|
20
|
+
--> statement-breakpoint
|
|
21
|
+
CREATE TABLE IF NOT EXISTS "spfn_auth"."user_profiles" (
|
|
22
|
+
"id" bigserial PRIMARY KEY NOT NULL,
|
|
23
|
+
"user_id" bigserial NOT NULL,
|
|
24
|
+
"display_name" text NOT NULL,
|
|
25
|
+
"first_name" text,
|
|
26
|
+
"last_name" text,
|
|
27
|
+
"avatar_url" text,
|
|
28
|
+
"bio" text,
|
|
29
|
+
"locale" text DEFAULT 'en',
|
|
30
|
+
"timezone" text DEFAULT 'UTC',
|
|
31
|
+
"date_of_birth" text,
|
|
32
|
+
"gender" text,
|
|
33
|
+
"website" text,
|
|
34
|
+
"location" text,
|
|
35
|
+
"company" text,
|
|
36
|
+
"job_title" text,
|
|
37
|
+
"metadata" jsonb,
|
|
38
|
+
"created_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
39
|
+
"updated_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
40
|
+
CONSTRAINT "user_profiles_user_id_unique" UNIQUE("user_id")
|
|
41
|
+
);
|
|
42
|
+
--> statement-breakpoint
|
|
43
|
+
CREATE TABLE IF NOT EXISTS "spfn_auth"."user_public_keys" (
|
|
44
|
+
"id" bigserial PRIMARY KEY NOT NULL,
|
|
45
|
+
"user_id" bigserial NOT NULL,
|
|
46
|
+
"key_id" text NOT NULL,
|
|
47
|
+
"public_key" text NOT NULL,
|
|
48
|
+
"algorithm" text DEFAULT 'ES256' NOT NULL,
|
|
49
|
+
"fingerprint" text NOT NULL,
|
|
50
|
+
"is_active" boolean DEFAULT true NOT NULL,
|
|
51
|
+
"created_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
52
|
+
"last_used_at" timestamp with time zone,
|
|
53
|
+
"expires_at" timestamp with time zone,
|
|
54
|
+
"revoked_at" timestamp with time zone,
|
|
55
|
+
"revoked_reason" text,
|
|
56
|
+
CONSTRAINT "user_public_keys_key_id_unique" UNIQUE("key_id")
|
|
57
|
+
);
|
|
58
|
+
--> statement-breakpoint
|
|
59
|
+
CREATE TABLE IF NOT EXISTS "spfn_auth"."user_social_accounts" (
|
|
60
|
+
"id" bigserial PRIMARY KEY NOT NULL,
|
|
61
|
+
"user_id" bigserial NOT NULL,
|
|
62
|
+
"provider" text NOT NULL,
|
|
63
|
+
"provider_user_id" text NOT NULL,
|
|
64
|
+
"provider_email" text,
|
|
65
|
+
"access_token" text,
|
|
66
|
+
"refresh_token" text,
|
|
67
|
+
"token_expires_at" timestamp with time zone,
|
|
68
|
+
"created_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
69
|
+
"updated_at" timestamp with time zone DEFAULT now() NOT NULL
|
|
70
|
+
);
|
|
71
|
+
--> statement-breakpoint
|
|
72
|
+
CREATE TABLE IF NOT EXISTS "spfn_auth"."verification_codes" (
|
|
73
|
+
"id" bigserial PRIMARY KEY NOT NULL,
|
|
74
|
+
"target" text NOT NULL,
|
|
75
|
+
"target_type" text NOT NULL,
|
|
76
|
+
"code" text NOT NULL,
|
|
77
|
+
"purpose" text NOT NULL,
|
|
78
|
+
"expires_at" timestamp with time zone NOT NULL,
|
|
79
|
+
"used_at" timestamp with time zone,
|
|
80
|
+
"attempts" integer DEFAULT 0 NOT NULL,
|
|
81
|
+
"created_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
82
|
+
"updated_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
83
|
+
CONSTRAINT "attempts_limit_check" CHECK ("spfn_auth"."verification_codes"."attempts" >= 0 AND "spfn_auth"."verification_codes"."attempts" <= 10)
|
|
84
|
+
);
|
|
85
|
+
--> statement-breakpoint
|
|
86
|
+
CREATE TABLE IF NOT EXISTS "spfn_auth"."user_invitations" (
|
|
87
|
+
"id" bigserial PRIMARY KEY NOT NULL,
|
|
88
|
+
"email" text NOT NULL,
|
|
89
|
+
"token" text NOT NULL,
|
|
90
|
+
"role_id" bigserial NOT NULL,
|
|
91
|
+
"invited_by_id" bigserial NOT NULL,
|
|
92
|
+
"status" text DEFAULT 'pending' NOT NULL,
|
|
93
|
+
"expires_at" timestamp with time zone NOT NULL,
|
|
94
|
+
"accepted_at" timestamp with time zone,
|
|
95
|
+
"cancelled_at" timestamp with time zone,
|
|
96
|
+
"metadata" jsonb,
|
|
97
|
+
"created_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
98
|
+
"updated_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
99
|
+
CONSTRAINT "user_invitations_token_unique" UNIQUE("token")
|
|
100
|
+
);
|
|
101
|
+
--> statement-breakpoint
|
|
102
|
+
CREATE TABLE IF NOT EXISTS "spfn_auth"."roles" (
|
|
103
|
+
"id" bigserial PRIMARY KEY NOT NULL,
|
|
104
|
+
"name" text NOT NULL,
|
|
105
|
+
"display_name" text NOT NULL,
|
|
106
|
+
"description" text,
|
|
107
|
+
"is_builtin" boolean DEFAULT false NOT NULL,
|
|
108
|
+
"is_system" boolean DEFAULT false NOT NULL,
|
|
109
|
+
"is_active" boolean DEFAULT true NOT NULL,
|
|
110
|
+
"priority" integer DEFAULT 10 NOT NULL,
|
|
111
|
+
"created_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
112
|
+
"updated_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
113
|
+
CONSTRAINT "roles_name_unique" UNIQUE("name")
|
|
114
|
+
);
|
|
115
|
+
--> statement-breakpoint
|
|
116
|
+
CREATE TABLE IF NOT EXISTS "spfn_auth"."permissions" (
|
|
117
|
+
"id" bigserial PRIMARY KEY NOT NULL,
|
|
118
|
+
"name" text NOT NULL,
|
|
119
|
+
"display_name" text NOT NULL,
|
|
120
|
+
"description" text,
|
|
121
|
+
"category" text,
|
|
122
|
+
"is_builtin" boolean DEFAULT false NOT NULL,
|
|
123
|
+
"is_system" boolean DEFAULT false NOT NULL,
|
|
124
|
+
"is_active" boolean DEFAULT true NOT NULL,
|
|
125
|
+
"metadata" jsonb,
|
|
126
|
+
"created_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
127
|
+
"updated_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
128
|
+
CONSTRAINT "permissions_name_unique" UNIQUE("name")
|
|
129
|
+
);
|
|
130
|
+
--> statement-breakpoint
|
|
131
|
+
CREATE TABLE IF NOT EXISTS "spfn_auth"."role_permissions" (
|
|
132
|
+
"id" bigserial PRIMARY KEY NOT NULL,
|
|
133
|
+
"role_id" bigserial NOT NULL,
|
|
134
|
+
"permission_id" bigserial NOT NULL,
|
|
135
|
+
"created_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
136
|
+
"updated_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
137
|
+
CONSTRAINT "role_permissions_unique" UNIQUE("role_id","permission_id")
|
|
138
|
+
);
|
|
139
|
+
--> statement-breakpoint
|
|
140
|
+
CREATE TABLE IF NOT EXISTS "spfn_auth"."user_permissions" (
|
|
141
|
+
"id" bigserial PRIMARY KEY NOT NULL,
|
|
142
|
+
"user_id" bigserial NOT NULL,
|
|
143
|
+
"permission_id" bigserial NOT NULL,
|
|
144
|
+
"granted" boolean DEFAULT true NOT NULL,
|
|
145
|
+
"reason" text,
|
|
146
|
+
"expires_at" timestamp with time zone,
|
|
147
|
+
"created_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
148
|
+
"updated_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
149
|
+
CONSTRAINT "user_permissions_unique" UNIQUE("user_id","permission_id")
|
|
150
|
+
);
|
|
151
|
+
--> statement-breakpoint
|
|
152
|
+
DO $$
|
|
153
|
+
BEGIN
|
|
154
|
+
IF NOT EXISTS (SELECT 1 FROM pg_constraint WHERE conname = 'users_role_id_roles_id_fk') THEN
|
|
155
|
+
ALTER TABLE "spfn_auth"."users" ADD CONSTRAINT "users_role_id_roles_id_fk" FOREIGN KEY ("role_id") REFERENCES "spfn_auth"."roles"("id") ON DELETE cascade ON UPDATE no action;
|
|
156
|
+
END IF;
|
|
157
|
+
END $$;
|
|
158
|
+
--> statement-breakpoint
|
|
159
|
+
DO $$
|
|
160
|
+
BEGIN
|
|
161
|
+
IF NOT EXISTS (SELECT 1 FROM pg_constraint WHERE conname = 'user_profiles_user_id_users_id_fk') THEN
|
|
162
|
+
ALTER TABLE "spfn_auth"."user_profiles" ADD CONSTRAINT "user_profiles_user_id_users_id_fk" FOREIGN KEY ("user_id") REFERENCES "spfn_auth"."users"("id") ON DELETE cascade ON UPDATE no action;
|
|
163
|
+
END IF;
|
|
164
|
+
END $$;
|
|
165
|
+
--> statement-breakpoint
|
|
166
|
+
DO $$
|
|
167
|
+
BEGIN
|
|
168
|
+
IF NOT EXISTS (SELECT 1 FROM pg_constraint WHERE conname = 'user_public_keys_user_id_users_id_fk') THEN
|
|
169
|
+
ALTER TABLE "spfn_auth"."user_public_keys" ADD CONSTRAINT "user_public_keys_user_id_users_id_fk" FOREIGN KEY ("user_id") REFERENCES "spfn_auth"."users"("id") ON DELETE cascade ON UPDATE no action;
|
|
170
|
+
END IF;
|
|
171
|
+
END $$;
|
|
172
|
+
--> statement-breakpoint
|
|
173
|
+
DO $$
|
|
174
|
+
BEGIN
|
|
175
|
+
IF NOT EXISTS (SELECT 1 FROM pg_constraint WHERE conname = 'user_social_accounts_user_id_users_id_fk') THEN
|
|
176
|
+
ALTER TABLE "spfn_auth"."user_social_accounts" ADD CONSTRAINT "user_social_accounts_user_id_users_id_fk" FOREIGN KEY ("user_id") REFERENCES "spfn_auth"."users"("id") ON DELETE cascade ON UPDATE no action;
|
|
177
|
+
END IF;
|
|
178
|
+
END $$;
|
|
179
|
+
--> statement-breakpoint
|
|
180
|
+
DO $$
|
|
181
|
+
BEGIN
|
|
182
|
+
IF NOT EXISTS (SELECT 1 FROM pg_constraint WHERE conname = 'user_invitations_role_id_roles_id_fk') THEN
|
|
183
|
+
ALTER TABLE "spfn_auth"."user_invitations" ADD CONSTRAINT "user_invitations_role_id_roles_id_fk" FOREIGN KEY ("role_id") REFERENCES "spfn_auth"."roles"("id") ON DELETE cascade ON UPDATE no action;
|
|
184
|
+
END IF;
|
|
185
|
+
END $$;
|
|
186
|
+
--> statement-breakpoint
|
|
187
|
+
DO $$
|
|
188
|
+
BEGIN
|
|
189
|
+
IF NOT EXISTS (SELECT 1 FROM pg_constraint WHERE conname = 'user_invitations_invited_by_id_users_id_fk') THEN
|
|
190
|
+
ALTER TABLE "spfn_auth"."user_invitations" ADD CONSTRAINT "user_invitations_invited_by_id_users_id_fk" FOREIGN KEY ("invited_by_id") REFERENCES "spfn_auth"."users"("id") ON DELETE cascade ON UPDATE no action;
|
|
191
|
+
END IF;
|
|
192
|
+
END $$;
|
|
193
|
+
--> statement-breakpoint
|
|
194
|
+
DO $$
|
|
195
|
+
BEGIN
|
|
196
|
+
IF NOT EXISTS (SELECT 1 FROM pg_constraint WHERE conname = 'role_permissions_role_id_roles_id_fk') THEN
|
|
197
|
+
ALTER TABLE "spfn_auth"."role_permissions" ADD CONSTRAINT "role_permissions_role_id_roles_id_fk" FOREIGN KEY ("role_id") REFERENCES "spfn_auth"."roles"("id") ON DELETE cascade ON UPDATE no action;
|
|
198
|
+
END IF;
|
|
199
|
+
END $$;
|
|
200
|
+
--> statement-breakpoint
|
|
201
|
+
DO $$
|
|
202
|
+
BEGIN
|
|
203
|
+
IF NOT EXISTS (SELECT 1 FROM pg_constraint WHERE conname = 'role_permissions_permission_id_permissions_id_fk') THEN
|
|
204
|
+
ALTER TABLE "spfn_auth"."role_permissions" ADD CONSTRAINT "role_permissions_permission_id_permissions_id_fk" FOREIGN KEY ("permission_id") REFERENCES "spfn_auth"."permissions"("id") ON DELETE cascade ON UPDATE no action;
|
|
205
|
+
END IF;
|
|
206
|
+
END $$;
|
|
207
|
+
--> statement-breakpoint
|
|
208
|
+
DO $$
|
|
209
|
+
BEGIN
|
|
210
|
+
IF NOT EXISTS (SELECT 1 FROM pg_constraint WHERE conname = 'user_permissions_user_id_users_id_fk') THEN
|
|
211
|
+
ALTER TABLE "spfn_auth"."user_permissions" ADD CONSTRAINT "user_permissions_user_id_users_id_fk" FOREIGN KEY ("user_id") REFERENCES "spfn_auth"."users"("id") ON DELETE cascade ON UPDATE no action;
|
|
212
|
+
END IF;
|
|
213
|
+
END $$;
|
|
214
|
+
--> statement-breakpoint
|
|
215
|
+
DO $$
|
|
216
|
+
BEGIN
|
|
217
|
+
IF NOT EXISTS (SELECT 1 FROM pg_constraint WHERE conname = 'user_permissions_permission_id_permissions_id_fk') THEN
|
|
218
|
+
ALTER TABLE "spfn_auth"."user_permissions" ADD CONSTRAINT "user_permissions_permission_id_permissions_id_fk" FOREIGN KEY ("permission_id") REFERENCES "spfn_auth"."permissions"("id") ON DELETE cascade ON UPDATE no action;
|
|
219
|
+
END IF;
|
|
220
|
+
END $$;
|
|
221
|
+
--> statement-breakpoint
|
|
222
|
+
CREATE INDEX IF NOT EXISTS "users_email_idx" ON "spfn_auth"."users" USING btree ("email");
|
|
223
|
+
--> statement-breakpoint
|
|
224
|
+
CREATE INDEX IF NOT EXISTS "users_phone_idx" ON "spfn_auth"."users" USING btree ("phone");
|
|
225
|
+
--> statement-breakpoint
|
|
226
|
+
CREATE INDEX IF NOT EXISTS "users_status_idx" ON "spfn_auth"."users" USING btree ("status");
|
|
227
|
+
--> statement-breakpoint
|
|
228
|
+
CREATE INDEX IF NOT EXISTS "users_role_id_idx" ON "spfn_auth"."users" USING btree ("role_id");
|
|
229
|
+
--> statement-breakpoint
|
|
230
|
+
CREATE INDEX IF NOT EXISTS "user_profiles_user_id_idx" ON "spfn_auth"."user_profiles" USING btree ("user_id");
|
|
231
|
+
--> statement-breakpoint
|
|
232
|
+
CREATE INDEX IF NOT EXISTS "user_profiles_display_name_idx" ON "spfn_auth"."user_profiles" USING btree ("display_name");
|
|
233
|
+
--> statement-breakpoint
|
|
234
|
+
CREATE INDEX IF NOT EXISTS "user_profiles_locale_idx" ON "spfn_auth"."user_profiles" USING btree ("locale");
|
|
235
|
+
--> statement-breakpoint
|
|
236
|
+
CREATE INDEX IF NOT EXISTS "user_public_keys_user_id_idx" ON "spfn_auth"."user_public_keys" USING btree ("user_id");
|
|
237
|
+
--> statement-breakpoint
|
|
238
|
+
CREATE INDEX IF NOT EXISTS "user_public_keys_key_id_idx" ON "spfn_auth"."user_public_keys" USING btree ("key_id");
|
|
239
|
+
--> statement-breakpoint
|
|
240
|
+
CREATE INDEX IF NOT EXISTS "user_public_keys_active_idx" ON "spfn_auth"."user_public_keys" USING btree ("is_active");
|
|
241
|
+
--> statement-breakpoint
|
|
242
|
+
CREATE INDEX IF NOT EXISTS "user_public_keys_fingerprint_idx" ON "spfn_auth"."user_public_keys" USING btree ("fingerprint");
|
|
243
|
+
--> statement-breakpoint
|
|
244
|
+
CREATE INDEX IF NOT EXISTS "user_social_accounts_user_id_idx" ON "spfn_auth"."user_social_accounts" USING btree ("user_id");
|
|
245
|
+
--> statement-breakpoint
|
|
246
|
+
CREATE INDEX IF NOT EXISTS "user_social_accounts_provider_idx" ON "spfn_auth"."user_social_accounts" USING btree ("provider");
|
|
247
|
+
--> statement-breakpoint
|
|
248
|
+
CREATE UNIQUE INDEX IF NOT EXISTS "provider_user_unique_idx" ON "spfn_auth"."user_social_accounts" USING btree ("provider","provider_user_id");
|
|
249
|
+
--> statement-breakpoint
|
|
250
|
+
CREATE INDEX IF NOT EXISTS "target_purpose_idx" ON "spfn_auth"."verification_codes" USING btree ("target","purpose","expires_at");
|
|
251
|
+
--> statement-breakpoint
|
|
252
|
+
CREATE INDEX IF NOT EXISTS "invitations_token_idx" ON "spfn_auth"."user_invitations" USING btree ("token");
|
|
253
|
+
--> statement-breakpoint
|
|
254
|
+
CREATE INDEX IF NOT EXISTS "invitations_email_idx" ON "spfn_auth"."user_invitations" USING btree ("email");
|
|
255
|
+
--> statement-breakpoint
|
|
256
|
+
CREATE INDEX IF NOT EXISTS "invitations_status_idx" ON "spfn_auth"."user_invitations" USING btree ("status");
|
|
257
|
+
--> statement-breakpoint
|
|
258
|
+
CREATE INDEX IF NOT EXISTS "invitations_invited_by_idx" ON "spfn_auth"."user_invitations" USING btree ("invited_by_id");
|
|
259
|
+
--> statement-breakpoint
|
|
260
|
+
CREATE INDEX IF NOT EXISTS "invitations_expires_at_idx" ON "spfn_auth"."user_invitations" USING btree ("expires_at");
|
|
261
|
+
--> statement-breakpoint
|
|
262
|
+
CREATE INDEX IF NOT EXISTS "invitations_role_id_idx" ON "spfn_auth"."user_invitations" USING btree ("role_id");
|
|
263
|
+
--> statement-breakpoint
|
|
264
|
+
CREATE INDEX IF NOT EXISTS "roles_name_idx" ON "spfn_auth"."roles" USING btree ("name");
|
|
265
|
+
--> statement-breakpoint
|
|
266
|
+
CREATE INDEX IF NOT EXISTS "roles_is_system_idx" ON "spfn_auth"."roles" USING btree ("is_system");
|
|
267
|
+
--> statement-breakpoint
|
|
268
|
+
CREATE INDEX IF NOT EXISTS "roles_is_active_idx" ON "spfn_auth"."roles" USING btree ("is_active");
|
|
269
|
+
--> statement-breakpoint
|
|
270
|
+
CREATE INDEX IF NOT EXISTS "roles_is_builtin_idx" ON "spfn_auth"."roles" USING btree ("is_builtin");
|
|
271
|
+
--> statement-breakpoint
|
|
272
|
+
CREATE INDEX IF NOT EXISTS "roles_priority_idx" ON "spfn_auth"."roles" USING btree ("priority");
|
|
273
|
+
--> statement-breakpoint
|
|
274
|
+
CREATE INDEX IF NOT EXISTS "permissions_name_idx" ON "spfn_auth"."permissions" USING btree ("name");
|
|
275
|
+
--> statement-breakpoint
|
|
276
|
+
CREATE INDEX IF NOT EXISTS "permissions_category_idx" ON "spfn_auth"."permissions" USING btree ("category");
|
|
277
|
+
--> statement-breakpoint
|
|
278
|
+
CREATE INDEX IF NOT EXISTS "permissions_is_system_idx" ON "spfn_auth"."permissions" USING btree ("is_system");
|
|
279
|
+
--> statement-breakpoint
|
|
280
|
+
CREATE INDEX IF NOT EXISTS "permissions_is_active_idx" ON "spfn_auth"."permissions" USING btree ("is_active");
|
|
281
|
+
--> statement-breakpoint
|
|
282
|
+
CREATE INDEX IF NOT EXISTS "permissions_is_builtin_idx" ON "spfn_auth"."permissions" USING btree ("is_builtin");
|
|
283
|
+
--> statement-breakpoint
|
|
284
|
+
CREATE INDEX IF NOT EXISTS "role_permissions_role_id_idx" ON "spfn_auth"."role_permissions" USING btree ("role_id");
|
|
285
|
+
--> statement-breakpoint
|
|
286
|
+
CREATE INDEX IF NOT EXISTS "role_permissions_permission_id_idx" ON "spfn_auth"."role_permissions" USING btree ("permission_id");
|
|
287
|
+
--> statement-breakpoint
|
|
288
|
+
CREATE INDEX IF NOT EXISTS "user_permissions_user_id_idx" ON "spfn_auth"."user_permissions" USING btree ("user_id");
|
|
289
|
+
--> statement-breakpoint
|
|
290
|
+
CREATE INDEX IF NOT EXISTS "user_permissions_permission_id_idx" ON "spfn_auth"."user_permissions" USING btree ("permission_id");
|
|
291
|
+
--> statement-breakpoint
|
|
292
|
+
CREATE INDEX IF NOT EXISTS "user_permissions_expires_at_idx" ON "spfn_auth"."user_permissions" USING btree ("expires_at");
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@spfn/auth",
|
|
3
|
-
"version": "0.2.0-beta.
|
|
3
|
+
"version": "0.2.0-beta.11",
|
|
4
4
|
"type": "module",
|
|
5
5
|
"description": "Authentication, authorization, and RBAC module for SPFN",
|
|
6
6
|
"main": "./dist/index.js",
|
|
@@ -76,11 +76,12 @@
|
|
|
76
76
|
},
|
|
77
77
|
"dependencies": {
|
|
78
78
|
"bcryptjs": "^2.4.3",
|
|
79
|
-
"drizzle-orm": "^0.
|
|
79
|
+
"drizzle-orm": "^0.45.0",
|
|
80
80
|
"jose": "^6.1.0",
|
|
81
81
|
"jsonwebtoken": "^9.0.2",
|
|
82
82
|
"postgres": "^3.4.0",
|
|
83
|
-
"@spfn/core": "0.2.0-beta.
|
|
83
|
+
"@spfn/core": "0.2.0-beta.11",
|
|
84
|
+
"@spfn/notification": "0.1.0-beta.1"
|
|
84
85
|
},
|
|
85
86
|
"devDependencies": {
|
|
86
87
|
"@types/bcryptjs": "^2.4.6",
|
|
@@ -92,31 +93,27 @@
|
|
|
92
93
|
"drizzle-kit": "^0.31.6",
|
|
93
94
|
"hono": "^4.10.6",
|
|
94
95
|
"madge": "^8.0.0",
|
|
95
|
-
"next": "16.0.
|
|
96
|
+
"next": "^16.0.0",
|
|
96
97
|
"tsup": "^8.5.0",
|
|
97
98
|
"tsx": "^4.20.6",
|
|
98
99
|
"typescript": "^5.3.3",
|
|
99
100
|
"vitest": "^4.0.6",
|
|
100
|
-
"spfn": "0.2.0-beta.
|
|
101
|
+
"spfn": "0.2.0-beta.7"
|
|
101
102
|
},
|
|
102
103
|
"peerDependencies": {
|
|
103
|
-
"@aws-sdk/client-sns": "^3.0.0",
|
|
104
104
|
"next": "^15.0.0 || ^16.0.0"
|
|
105
105
|
},
|
|
106
106
|
"peerDependenciesMeta": {
|
|
107
|
-
"@aws-sdk/client-sns": {
|
|
108
|
-
"optional": true
|
|
109
|
-
},
|
|
110
107
|
"next": {
|
|
111
108
|
"optional": true
|
|
112
109
|
}
|
|
113
110
|
},
|
|
114
111
|
"scripts": {
|
|
115
|
-
"build": "pnpm check:circular &&
|
|
112
|
+
"build": "pnpm check:circular && tsup",
|
|
116
113
|
"watch": "tsup --watch",
|
|
117
114
|
"dev": "tsup --watch",
|
|
118
115
|
"type-check": "tsc --noEmit",
|
|
119
|
-
"clean": "rm -rf dist
|
|
116
|
+
"clean": "rm -rf dist",
|
|
120
117
|
"db:generate": "drizzle-kit generate",
|
|
121
118
|
"codegen": "spfn codegen run",
|
|
122
119
|
"test": "vitest run",
|
|
@@ -1,197 +0,0 @@
|
|
|
1
|
-
CREATE SCHEMA "spfn_auth";
|
|
2
|
-
--> statement-breakpoint
|
|
3
|
-
CREATE TABLE "spfn_auth"."users" (
|
|
4
|
-
"id" bigserial PRIMARY KEY NOT NULL,
|
|
5
|
-
"email" text,
|
|
6
|
-
"phone" text,
|
|
7
|
-
"password_hash" text,
|
|
8
|
-
"password_change_required" boolean DEFAULT false NOT NULL,
|
|
9
|
-
"role_id" bigserial NOT NULL,
|
|
10
|
-
"status" text DEFAULT 'active' NOT NULL,
|
|
11
|
-
"email_verified_at" timestamp with time zone,
|
|
12
|
-
"phone_verified_at" timestamp with time zone,
|
|
13
|
-
"last_login_at" timestamp with time zone,
|
|
14
|
-
"created_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
15
|
-
"updated_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
16
|
-
CONSTRAINT "users_email_unique" UNIQUE("email"),
|
|
17
|
-
CONSTRAINT "users_phone_unique" UNIQUE("phone"),
|
|
18
|
-
CONSTRAINT "email_or_phone_check" CHECK ("spfn_auth"."users"."email" IS NOT NULL OR "spfn_auth"."users"."phone" IS NOT NULL)
|
|
19
|
-
);
|
|
20
|
-
--> statement-breakpoint
|
|
21
|
-
CREATE TABLE "spfn_auth"."user_profiles" (
|
|
22
|
-
"id" bigserial PRIMARY KEY NOT NULL,
|
|
23
|
-
"user_id" bigserial NOT NULL,
|
|
24
|
-
"display_name" text NOT NULL,
|
|
25
|
-
"first_name" text,
|
|
26
|
-
"last_name" text,
|
|
27
|
-
"avatar_url" text,
|
|
28
|
-
"bio" text,
|
|
29
|
-
"locale" text DEFAULT 'en',
|
|
30
|
-
"timezone" text DEFAULT 'UTC',
|
|
31
|
-
"date_of_birth" text,
|
|
32
|
-
"gender" text,
|
|
33
|
-
"website" text,
|
|
34
|
-
"location" text,
|
|
35
|
-
"company" text,
|
|
36
|
-
"job_title" text,
|
|
37
|
-
"metadata" jsonb,
|
|
38
|
-
"created_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
39
|
-
"updated_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
40
|
-
CONSTRAINT "user_profiles_user_id_unique" UNIQUE("user_id")
|
|
41
|
-
);
|
|
42
|
-
--> statement-breakpoint
|
|
43
|
-
CREATE TABLE "spfn_auth"."user_public_keys" (
|
|
44
|
-
"id" bigserial PRIMARY KEY NOT NULL,
|
|
45
|
-
"user_id" bigserial NOT NULL,
|
|
46
|
-
"key_id" text NOT NULL,
|
|
47
|
-
"public_key" text NOT NULL,
|
|
48
|
-
"algorithm" text DEFAULT 'ES256' NOT NULL,
|
|
49
|
-
"fingerprint" text NOT NULL,
|
|
50
|
-
"is_active" boolean DEFAULT true NOT NULL,
|
|
51
|
-
"created_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
52
|
-
"last_used_at" timestamp with time zone,
|
|
53
|
-
"expires_at" timestamp with time zone,
|
|
54
|
-
"revoked_at" timestamp with time zone,
|
|
55
|
-
"revoked_reason" text,
|
|
56
|
-
CONSTRAINT "user_public_keys_key_id_unique" UNIQUE("key_id")
|
|
57
|
-
);
|
|
58
|
-
--> statement-breakpoint
|
|
59
|
-
CREATE TABLE "spfn_auth"."user_social_accounts" (
|
|
60
|
-
"id" bigserial PRIMARY KEY NOT NULL,
|
|
61
|
-
"user_id" bigserial NOT NULL,
|
|
62
|
-
"provider" text NOT NULL,
|
|
63
|
-
"provider_user_id" text NOT NULL,
|
|
64
|
-
"provider_email" text,
|
|
65
|
-
"access_token" text,
|
|
66
|
-
"refresh_token" text,
|
|
67
|
-
"token_expires_at" timestamp with time zone,
|
|
68
|
-
"created_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
69
|
-
"updated_at" timestamp with time zone DEFAULT now() NOT NULL
|
|
70
|
-
);
|
|
71
|
-
--> statement-breakpoint
|
|
72
|
-
CREATE TABLE "spfn_auth"."verification_codes" (
|
|
73
|
-
"id" bigserial PRIMARY KEY NOT NULL,
|
|
74
|
-
"target" text NOT NULL,
|
|
75
|
-
"target_type" text NOT NULL,
|
|
76
|
-
"code" text NOT NULL,
|
|
77
|
-
"purpose" text NOT NULL,
|
|
78
|
-
"expires_at" timestamp with time zone NOT NULL,
|
|
79
|
-
"used_at" timestamp with time zone,
|
|
80
|
-
"attempts" integer DEFAULT 0 NOT NULL,
|
|
81
|
-
"created_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
82
|
-
"updated_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
83
|
-
CONSTRAINT "attempts_limit_check" CHECK ("spfn_auth"."verification_codes"."attempts" >= 0 AND "spfn_auth"."verification_codes"."attempts" <= 10)
|
|
84
|
-
);
|
|
85
|
-
--> statement-breakpoint
|
|
86
|
-
CREATE TABLE "spfn_auth"."user_invitations" (
|
|
87
|
-
"id" bigserial PRIMARY KEY NOT NULL,
|
|
88
|
-
"email" text NOT NULL,
|
|
89
|
-
"token" text NOT NULL,
|
|
90
|
-
"role_id" bigserial NOT NULL,
|
|
91
|
-
"invited_by_id" bigserial NOT NULL,
|
|
92
|
-
"status" text DEFAULT 'pending' NOT NULL,
|
|
93
|
-
"expires_at" timestamp with time zone NOT NULL,
|
|
94
|
-
"accepted_at" timestamp with time zone,
|
|
95
|
-
"cancelled_at" timestamp with time zone,
|
|
96
|
-
"metadata" jsonb,
|
|
97
|
-
"created_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
98
|
-
"updated_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
99
|
-
CONSTRAINT "user_invitations_token_unique" UNIQUE("token")
|
|
100
|
-
);
|
|
101
|
-
--> statement-breakpoint
|
|
102
|
-
CREATE TABLE "spfn_auth"."roles" (
|
|
103
|
-
"id" bigserial PRIMARY KEY NOT NULL,
|
|
104
|
-
"name" text NOT NULL,
|
|
105
|
-
"display_name" text NOT NULL,
|
|
106
|
-
"description" text,
|
|
107
|
-
"is_builtin" boolean DEFAULT false NOT NULL,
|
|
108
|
-
"is_system" boolean DEFAULT false NOT NULL,
|
|
109
|
-
"is_active" boolean DEFAULT true NOT NULL,
|
|
110
|
-
"priority" integer DEFAULT 10 NOT NULL,
|
|
111
|
-
"created_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
112
|
-
"updated_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
113
|
-
CONSTRAINT "roles_name_unique" UNIQUE("name")
|
|
114
|
-
);
|
|
115
|
-
--> statement-breakpoint
|
|
116
|
-
CREATE TABLE "spfn_auth"."permissions" (
|
|
117
|
-
"id" bigserial PRIMARY KEY NOT NULL,
|
|
118
|
-
"name" text NOT NULL,
|
|
119
|
-
"display_name" text NOT NULL,
|
|
120
|
-
"description" text,
|
|
121
|
-
"category" text,
|
|
122
|
-
"is_builtin" boolean DEFAULT false NOT NULL,
|
|
123
|
-
"is_system" boolean DEFAULT false NOT NULL,
|
|
124
|
-
"is_active" boolean DEFAULT true NOT NULL,
|
|
125
|
-
"metadata" jsonb,
|
|
126
|
-
"created_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
127
|
-
"updated_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
128
|
-
CONSTRAINT "permissions_name_unique" UNIQUE("name")
|
|
129
|
-
);
|
|
130
|
-
--> statement-breakpoint
|
|
131
|
-
CREATE TABLE "spfn_auth"."role_permissions" (
|
|
132
|
-
"id" bigserial PRIMARY KEY NOT NULL,
|
|
133
|
-
"role_id" bigserial NOT NULL,
|
|
134
|
-
"permission_id" bigserial NOT NULL,
|
|
135
|
-
"created_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
136
|
-
"updated_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
137
|
-
CONSTRAINT "role_permissions_unique" UNIQUE("role_id","permission_id")
|
|
138
|
-
);
|
|
139
|
-
--> statement-breakpoint
|
|
140
|
-
CREATE TABLE "spfn_auth"."user_permissions" (
|
|
141
|
-
"id" bigserial PRIMARY KEY NOT NULL,
|
|
142
|
-
"user_id" bigserial NOT NULL,
|
|
143
|
-
"permission_id" bigserial NOT NULL,
|
|
144
|
-
"granted" boolean DEFAULT true NOT NULL,
|
|
145
|
-
"reason" text,
|
|
146
|
-
"expires_at" timestamp with time zone,
|
|
147
|
-
"created_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
148
|
-
"updated_at" timestamp with time zone DEFAULT now() NOT NULL,
|
|
149
|
-
CONSTRAINT "user_permissions_unique" UNIQUE("user_id","permission_id")
|
|
150
|
-
);
|
|
151
|
-
--> statement-breakpoint
|
|
152
|
-
ALTER TABLE "spfn_auth"."users" ADD CONSTRAINT "users_role_id_roles_id_fk" FOREIGN KEY ("role_id") REFERENCES "spfn_auth"."roles"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
|
|
153
|
-
ALTER TABLE "spfn_auth"."user_profiles" ADD CONSTRAINT "user_profiles_user_id_users_id_fk" FOREIGN KEY ("user_id") REFERENCES "spfn_auth"."users"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
|
|
154
|
-
ALTER TABLE "spfn_auth"."user_public_keys" ADD CONSTRAINT "user_public_keys_user_id_users_id_fk" FOREIGN KEY ("user_id") REFERENCES "spfn_auth"."users"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
|
|
155
|
-
ALTER TABLE "spfn_auth"."user_social_accounts" ADD CONSTRAINT "user_social_accounts_user_id_users_id_fk" FOREIGN KEY ("user_id") REFERENCES "spfn_auth"."users"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
|
|
156
|
-
ALTER TABLE "spfn_auth"."user_invitations" ADD CONSTRAINT "user_invitations_role_id_roles_id_fk" FOREIGN KEY ("role_id") REFERENCES "spfn_auth"."roles"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
|
|
157
|
-
ALTER TABLE "spfn_auth"."user_invitations" ADD CONSTRAINT "user_invitations_invited_by_id_users_id_fk" FOREIGN KEY ("invited_by_id") REFERENCES "spfn_auth"."users"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
|
|
158
|
-
ALTER TABLE "spfn_auth"."role_permissions" ADD CONSTRAINT "role_permissions_role_id_roles_id_fk" FOREIGN KEY ("role_id") REFERENCES "spfn_auth"."roles"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
|
|
159
|
-
ALTER TABLE "spfn_auth"."role_permissions" ADD CONSTRAINT "role_permissions_permission_id_permissions_id_fk" FOREIGN KEY ("permission_id") REFERENCES "spfn_auth"."permissions"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
|
|
160
|
-
ALTER TABLE "spfn_auth"."user_permissions" ADD CONSTRAINT "user_permissions_user_id_users_id_fk" FOREIGN KEY ("user_id") REFERENCES "spfn_auth"."users"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
|
|
161
|
-
ALTER TABLE "spfn_auth"."user_permissions" ADD CONSTRAINT "user_permissions_permission_id_permissions_id_fk" FOREIGN KEY ("permission_id") REFERENCES "spfn_auth"."permissions"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
|
|
162
|
-
CREATE INDEX "users_email_idx" ON "spfn_auth"."users" USING btree ("email");--> statement-breakpoint
|
|
163
|
-
CREATE INDEX "users_phone_idx" ON "spfn_auth"."users" USING btree ("phone");--> statement-breakpoint
|
|
164
|
-
CREATE INDEX "users_status_idx" ON "spfn_auth"."users" USING btree ("status");--> statement-breakpoint
|
|
165
|
-
CREATE INDEX "users_role_id_idx" ON "spfn_auth"."users" USING btree ("role_id");--> statement-breakpoint
|
|
166
|
-
CREATE INDEX "user_profiles_user_id_idx" ON "spfn_auth"."user_profiles" USING btree ("user_id");--> statement-breakpoint
|
|
167
|
-
CREATE INDEX "user_profiles_display_name_idx" ON "spfn_auth"."user_profiles" USING btree ("display_name");--> statement-breakpoint
|
|
168
|
-
CREATE INDEX "user_profiles_locale_idx" ON "spfn_auth"."user_profiles" USING btree ("locale");--> statement-breakpoint
|
|
169
|
-
CREATE INDEX "user_public_keys_user_id_idx" ON "spfn_auth"."user_public_keys" USING btree ("user_id");--> statement-breakpoint
|
|
170
|
-
CREATE INDEX "user_public_keys_key_id_idx" ON "spfn_auth"."user_public_keys" USING btree ("key_id");--> statement-breakpoint
|
|
171
|
-
CREATE INDEX "user_public_keys_active_idx" ON "spfn_auth"."user_public_keys" USING btree ("is_active");--> statement-breakpoint
|
|
172
|
-
CREATE INDEX "user_public_keys_fingerprint_idx" ON "spfn_auth"."user_public_keys" USING btree ("fingerprint");--> statement-breakpoint
|
|
173
|
-
CREATE INDEX "user_social_accounts_user_id_idx" ON "spfn_auth"."user_social_accounts" USING btree ("user_id");--> statement-breakpoint
|
|
174
|
-
CREATE INDEX "user_social_accounts_provider_idx" ON "spfn_auth"."user_social_accounts" USING btree ("provider");--> statement-breakpoint
|
|
175
|
-
CREATE UNIQUE INDEX "provider_user_unique_idx" ON "spfn_auth"."user_social_accounts" USING btree ("provider","provider_user_id");--> statement-breakpoint
|
|
176
|
-
CREATE INDEX "target_purpose_idx" ON "spfn_auth"."verification_codes" USING btree ("target","purpose","expires_at");--> statement-breakpoint
|
|
177
|
-
CREATE INDEX "invitations_token_idx" ON "spfn_auth"."user_invitations" USING btree ("token");--> statement-breakpoint
|
|
178
|
-
CREATE INDEX "invitations_email_idx" ON "spfn_auth"."user_invitations" USING btree ("email");--> statement-breakpoint
|
|
179
|
-
CREATE INDEX "invitations_status_idx" ON "spfn_auth"."user_invitations" USING btree ("status");--> statement-breakpoint
|
|
180
|
-
CREATE INDEX "invitations_invited_by_idx" ON "spfn_auth"."user_invitations" USING btree ("invited_by_id");--> statement-breakpoint
|
|
181
|
-
CREATE INDEX "invitations_expires_at_idx" ON "spfn_auth"."user_invitations" USING btree ("expires_at");--> statement-breakpoint
|
|
182
|
-
CREATE INDEX "invitations_role_id_idx" ON "spfn_auth"."user_invitations" USING btree ("role_id");--> statement-breakpoint
|
|
183
|
-
CREATE INDEX "roles_name_idx" ON "spfn_auth"."roles" USING btree ("name");--> statement-breakpoint
|
|
184
|
-
CREATE INDEX "roles_is_system_idx" ON "spfn_auth"."roles" USING btree ("is_system");--> statement-breakpoint
|
|
185
|
-
CREATE INDEX "roles_is_active_idx" ON "spfn_auth"."roles" USING btree ("is_active");--> statement-breakpoint
|
|
186
|
-
CREATE INDEX "roles_is_builtin_idx" ON "spfn_auth"."roles" USING btree ("is_builtin");--> statement-breakpoint
|
|
187
|
-
CREATE INDEX "roles_priority_idx" ON "spfn_auth"."roles" USING btree ("priority");--> statement-breakpoint
|
|
188
|
-
CREATE INDEX "permissions_name_idx" ON "spfn_auth"."permissions" USING btree ("name");--> statement-breakpoint
|
|
189
|
-
CREATE INDEX "permissions_category_idx" ON "spfn_auth"."permissions" USING btree ("category");--> statement-breakpoint
|
|
190
|
-
CREATE INDEX "permissions_is_system_idx" ON "spfn_auth"."permissions" USING btree ("is_system");--> statement-breakpoint
|
|
191
|
-
CREATE INDEX "permissions_is_active_idx" ON "spfn_auth"."permissions" USING btree ("is_active");--> statement-breakpoint
|
|
192
|
-
CREATE INDEX "permissions_is_builtin_idx" ON "spfn_auth"."permissions" USING btree ("is_builtin");--> statement-breakpoint
|
|
193
|
-
CREATE INDEX "role_permissions_role_id_idx" ON "spfn_auth"."role_permissions" USING btree ("role_id");--> statement-breakpoint
|
|
194
|
-
CREATE INDEX "role_permissions_permission_id_idx" ON "spfn_auth"."role_permissions" USING btree ("permission_id");--> statement-breakpoint
|
|
195
|
-
CREATE INDEX "user_permissions_user_id_idx" ON "spfn_auth"."user_permissions" USING btree ("user_id");--> statement-breakpoint
|
|
196
|
-
CREATE INDEX "user_permissions_permission_id_idx" ON "spfn_auth"."user_permissions" USING btree ("permission_id");--> statement-breakpoint
|
|
197
|
-
CREATE INDEX "user_permissions_expires_at_idx" ON "spfn_auth"."user_permissions" USING btree ("expires_at");
|