npm - @spfn/auth - Versions diffs - 0.2.0-beta.3 → 0.2.0-beta.31 - Mend

@spfn/auth 0.2.0-beta.3 → 0.2.0-beta.31

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (26) hide show

package/README.md +689 -180
package/dist/{dto-CLYtuAom.d.ts → authenticate-Brx2N-Ip.d.ts} +413 -147
package/dist/config.d.ts +100 -44
package/dist/config.js +64 -35
package/dist/config.js.map +1 -1
package/dist/errors.d.ts +16 -2
package/dist/errors.js +12 -0
package/dist/errors.js.map +1 -1
package/dist/index.d.ts +279 -100
package/dist/index.js +47 -1
package/dist/index.js.map +1 -1
package/dist/nextjs/api.js +202 -1
package/dist/nextjs/api.js.map +1 -1
package/dist/nextjs/client.d.ts +28 -0
package/dist/nextjs/client.js +80 -0
package/dist/nextjs/client.js.map +1 -0
package/dist/nextjs/server.d.ts +89 -2
package/dist/nextjs/server.js +147 -22
package/dist/nextjs/server.js.map +1 -1
package/dist/server.d.ts +576 -360
package/dist/server.js +1089 -484
package/dist/server.js.map +1 -1
package/migrations/0001_smooth_the_fury.sql +3 -0
package/migrations/meta/0001_snapshot.json +1660 -0
package/migrations/meta/_journal.json +7 -0
package/package.json +14 -10

package/dist/errors.d.ts CHANGED Viewed

@@ -132,6 +132,18 @@ declare class VerificationTokenTargetMismatchError extends ValidationError {
         details?: Record<string, any>;
     });
 }
+/**
+ * Username Already Taken Error (409)
+ *
+ * Thrown when trying to set a username that is already in use
+ */
+declare class UsernameAlreadyTakenError extends ConflictError {
+    constructor(data?: {
+        username?: string;
+        message?: string;
+        details?: Record<string, any>;
+    });
+}
 /**
  * Insufficient Permissions Error (403)
  *
@@ -179,12 +191,14 @@ type authErrors_KeyExpiredError = KeyExpiredError;
 declare const authErrors_KeyExpiredError: typeof KeyExpiredError;
 type authErrors_TokenExpiredError = TokenExpiredError;
 declare const authErrors_TokenExpiredError: typeof TokenExpiredError;
+type authErrors_UsernameAlreadyTakenError = UsernameAlreadyTakenError;
+declare const authErrors_UsernameAlreadyTakenError: typeof UsernameAlreadyTakenError;
 type authErrors_VerificationTokenPurposeMismatchError = VerificationTokenPurposeMismatchError;
 declare const authErrors_VerificationTokenPurposeMismatchError: typeof VerificationTokenPurposeMismatchError;
 type authErrors_VerificationTokenTargetMismatchError = VerificationTokenTargetMismatchError;
 declare const authErrors_VerificationTokenTargetMismatchError: typeof VerificationTokenTargetMismatchError;
 declare namespace authErrors {
-  export { authErrors_AccountAlreadyExistsError as AccountAlreadyExistsError, authErrors_AccountDisabledError as AccountDisabledError, authErrors_InsufficientPermissionsError as InsufficientPermissionsError, authErrors_InsufficientRoleError as InsufficientRoleError, authErrors_InvalidCredentialsError as InvalidCredentialsError, authErrors_InvalidKeyFingerprintError as InvalidKeyFingerprintError, authErrors_InvalidTokenError as InvalidTokenError, authErrors_InvalidVerificationCodeError as InvalidVerificationCodeError, authErrors_InvalidVerificationTokenError as InvalidVerificationTokenError, authErrors_KeyExpiredError as KeyExpiredError, authErrors_TokenExpiredError as TokenExpiredError, authErrors_VerificationTokenPurposeMismatchError as VerificationTokenPurposeMismatchError, authErrors_VerificationTokenTargetMismatchError as VerificationTokenTargetMismatchError };
+  export { authErrors_AccountAlreadyExistsError as AccountAlreadyExistsError, authErrors_AccountDisabledError as AccountDisabledError, authErrors_InsufficientPermissionsError as InsufficientPermissionsError, authErrors_InsufficientRoleError as InsufficientRoleError, authErrors_InvalidCredentialsError as InvalidCredentialsError, authErrors_InvalidKeyFingerprintError as InvalidKeyFingerprintError, authErrors_InvalidTokenError as InvalidTokenError, authErrors_InvalidVerificationCodeError as InvalidVerificationCodeError, authErrors_InvalidVerificationTokenError as InvalidVerificationTokenError, authErrors_KeyExpiredError as KeyExpiredError, authErrors_TokenExpiredError as TokenExpiredError, authErrors_UsernameAlreadyTakenError as UsernameAlreadyTakenError, authErrors_VerificationTokenPurposeMismatchError as VerificationTokenPurposeMismatchError, authErrors_VerificationTokenTargetMismatchError as VerificationTokenTargetMismatchError };
 }
 /**
@@ -193,4 +207,4 @@ declare namespace authErrors {
 declare const authErrorRegistry: ErrorRegistry;
-export { AccountAlreadyExistsError, AccountDisabledError, authErrors as AuthError, InsufficientPermissionsError, InsufficientRoleError, InvalidCredentialsError, InvalidKeyFingerprintError, InvalidTokenError, InvalidVerificationCodeError, InvalidVerificationTokenError, KeyExpiredError, TokenExpiredError, VerificationTokenPurposeMismatchError, VerificationTokenTargetMismatchError, authErrorRegistry };
+export { AccountAlreadyExistsError, AccountDisabledError, authErrors as AuthError, InsufficientPermissionsError, InsufficientRoleError, InvalidCredentialsError, InvalidKeyFingerprintError, InvalidTokenError, InvalidVerificationCodeError, InvalidVerificationTokenError, KeyExpiredError, TokenExpiredError, UsernameAlreadyTakenError, VerificationTokenPurposeMismatchError, VerificationTokenTargetMismatchError, authErrorRegistry };

package/dist/errors.js CHANGED Viewed

@@ -21,6 +21,7 @@ __export(auth_errors_exports, {
   InvalidVerificationTokenError: () => InvalidVerificationTokenError,
   KeyExpiredError: () => KeyExpiredError,
   TokenExpiredError: () => TokenExpiredError,
+  UsernameAlreadyTakenError: () => UsernameAlreadyTakenError,
   VerificationTokenPurposeMismatchError: () => VerificationTokenPurposeMismatchError,
   VerificationTokenTargetMismatchError: () => VerificationTokenTargetMismatchError
 });
@@ -115,6 +116,15 @@ var VerificationTokenTargetMismatchError = class extends ValidationError {
     this.name = "VerificationTokenTargetMismatchError";
   }
 };
+var UsernameAlreadyTakenError = class extends ConflictError {
+  constructor(data = {}) {
+    super({
+      message: data.message || "Username is already taken",
+      details: { username: data.username, ...data.details }
+    });
+    this.name = "UsernameAlreadyTakenError";
+  }
+};
 var InsufficientPermissionsError = class extends ForbiddenError {
   constructor(data = {}) {
     const requiredPermissions = data.requiredPermissions || [];
@@ -145,6 +155,7 @@ authErrorRegistry.append([
   KeyExpiredError,
   AccountDisabledError,
   AccountAlreadyExistsError,
+  UsernameAlreadyTakenError,
   InvalidVerificationCodeError,
   InvalidVerificationTokenError,
   InvalidKeyFingerprintError,
@@ -166,6 +177,7 @@ export {
   InvalidVerificationTokenError,
   KeyExpiredError,
   TokenExpiredError,
+  UsernameAlreadyTakenError,
   VerificationTokenPurposeMismatchError,
   VerificationTokenTargetMismatchError,
   authErrorRegistry

package/dist/errors.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../src/errors/index.ts","../src/errors/auth-errors.ts"],"sourcesContent":["/*\n Auth Error Exports\n /\n\nimport { ErrorRegistry } from \"@spfn/core/errors\";\n\nimport {\n InvalidCredentialsError,\n InvalidTokenError,\n TokenExpiredError,\n KeyExpiredError,\n AccountDisabledError,\n AccountAlreadyExistsError,\n InvalidVerificationCodeError,\n InvalidVerificationTokenError,\n InvalidKeyFingerprintError,\n VerificationTokenPurposeMismatchError,\n VerificationTokenTargetMismatchError,\n InsufficientPermissionsError,\n InsufficientRoleError,\n} from './auth-errors';\n\nexport {\n InvalidCredentialsError,\n InvalidTokenError,\n TokenExpiredError,\n KeyExpiredError,\n AccountDisabledError,\n AccountAlreadyExistsError,\n InvalidVerificationCodeError,\n InvalidVerificationTokenError,\n InvalidKeyFingerprintError,\n VerificationTokenPurposeMismatchError,\n VerificationTokenTargetMismatchError,\n InsufficientPermissionsError,\n InsufficientRoleError,\n} from './auth-errors';\n\nexport const authErrorRegistry = new ErrorRegistry();\nauthErrorRegistry.append([\n InvalidCredentialsError,\n InvalidTokenError,\n TokenExpiredError,\n KeyExpiredError,\n AccountDisabledError,\n AccountAlreadyExistsError,\n InvalidVerificationCodeError,\n InvalidVerificationTokenError,\n InvalidKeyFingerprintError,\n VerificationTokenPurposeMismatchError,\n VerificationTokenTargetMismatchError,\n InsufficientPermissionsError,\n InsufficientRoleError,\n]);\n\nexport as AuthError from './auth-errors';","/*\n Authentication & Authorization Error Classes\n \n Custom error classes for auth-specific scenarios\n /\n\nimport {\n ValidationError,\n UnauthorizedError,\n ForbiddenError,\n ConflictError\n} from '@spfn/core/errors';\n\n/\n Invalid Credentials Error (401)\n \n Thrown when login credentials are incorrect\n /\nexport class InvalidCredentialsError extends UnauthorizedError\n{\n constructor(data: { message?: string; details?: Record<string, any> } = {})\n {\n super({ message: data.message \|\| 'Invalid credentials', details: data.details });\n this.name = 'InvalidCredentialsError';\n }\n}\n\n/\n Invalid Token Error (401)\n \n Thrown when authentication token is invalid or malformed\n /\nexport class InvalidTokenError extends UnauthorizedError\n{\n constructor(data: { message?: string; details?: Record<string, any> } = {})\n {\n super({ message: data.message \|\| 'Invalid authentication token', details: data.details });\n this.name = 'InvalidTokenError';\n }\n}\n\n/\n Token Expired Error (401)\n \n Thrown when authentication token has expired\n /\nexport class TokenExpiredError extends UnauthorizedError\n{\n constructor(data: { message?: string; details?: Record<string, any> } = {})\n {\n super({ message: data.message \|\| 'Authentication token has expired', details: data.details });\n this.name = 'TokenExpiredError';\n }\n}\n\n/\n Key Expired Error (401)\n \n Thrown when public key has expired\n /\nexport class KeyExpiredError extends UnauthorizedError\n{\n constructor(data: { message?: string; details?: Record<string, any> } = {})\n {\n super({ message: data.message \|\| 'Public key has expired', details: data.details });\n this.name = 'KeyExpiredError';\n }\n}\n\n/\n Account Disabled Error (403)\n \n Thrown when user account is disabled or inactive\n /\nexport class AccountDisabledError extends ForbiddenError\n{\n constructor(data: { status?: string; message?: string; details?: Record<string, any> } = {})\n {\n const status = data.status \|\| 'disabled';\n super({\n message: data.message \|\| `Account is ${status}`,\n details: { status, ...data.details }\n });\n this.name = 'AccountDisabledError';\n }\n}\n\n/\n Account Already Exists Error (409)\n \n Thrown when trying to register with existing email/phone\n /\nexport class AccountAlreadyExistsError extends ConflictError\n{\n constructor(data: { identifier?: string; identifierType?: 'email' \| 'phone'; message?: string; details?: Record<string, any> } = {})\n {\n super({\n message: data.message \|\| 'Account already exists',\n details: {\n identifier: data.identifier,\n identifierType: data.identifierType,\n ...data.details\n }\n });\n this.name = 'AccountAlreadyExistsError';\n }\n}\n\n/\n Invalid Verification Code Error (400)\n \n Thrown when verification code is invalid, expired, or already used\n /\nexport class InvalidVerificationCodeError extends ValidationError\n{\n constructor(data: { message?: string; details?: Record<string, any> } = {})\n {\n super({ message: data.message \|\| 'Invalid verification code', details: data.details });\n this.name = 'InvalidVerificationCodeError';\n }\n}\n\n/\n Invalid Verification Token Error (400)\n \n Thrown when verification token is invalid or expired\n /\nexport class InvalidVerificationTokenError extends ValidationError\n{\n constructor(data: { message?: string; details?: Record<string, any> } = {})\n {\n super({ message: data.message \|\| 'Invalid or expired verification token', details: data.details });\n this.name = 'InvalidVerificationTokenError';\n }\n}\n\n/\n Invalid Key Fingerprint Error (400)\n \n Thrown when public key fingerprint doesn't match the public key\n /\nexport class InvalidKeyFingerprintError extends ValidationError\n{\n constructor(data: { message?: string; details?: Record<string, any> } = {})\n {\n super({ message: data.message \|\| 'Invalid key fingerprint', details: data.details });\n this.name = 'InvalidKeyFingerprintError';\n }\n}\n\n/\n Verification Token Purpose Mismatch Error (400)\n \n Thrown when verification token purpose doesn't match expected purpose\n /\nexport class VerificationTokenPurposeMismatchError extends ValidationError\n{\n constructor(data: { expected?: string; actual?: string; message?: string; details?: Record<string, any> } = {})\n {\n const expected = data.expected \|\| 'unknown';\n const actual = data.actual \|\| 'unknown';\n super({\n message: data.message \|\| `Verification token is for ${actual}, but ${expected} was expected`,\n details: { expected, actual, ...data.details }\n });\n this.name = 'VerificationTokenPurposeMismatchError';\n }\n}\n\n/\n Verification Token Target Mismatch Error (400)\n \n Thrown when verification token target doesn't match provided email/phone\n /\nexport class VerificationTokenTargetMismatchError extends ValidationError\n{\n constructor(data: { message?: string; details?: Record<string, any> } = {})\n {\n super({\n message: data.message \|\| 'Verification token does not match provided email/phone',\n details: data.details\n });\n this.name = 'VerificationTokenTargetMismatchError';\n }\n}\n\n/\n Insufficient Permissions Error (403)\n \n Thrown when user lacks required permissions for the operation\n /\nexport class InsufficientPermissionsError extends ForbiddenError\n{\n constructor(data: { requiredPermissions?: string[]; message?: string; details?: Record<string, any> } = {})\n {\n const requiredPermissions = data.requiredPermissions \|\| [];\n super({\n message: data.message \|\| `Missing required permissions: ${requiredPermissions.join(', ')}`,\n details: { requiredPermissions, ...data.details }\n });\n this.name = 'InsufficientPermissionsError';\n }\n}\n\n/\n Insufficient Role Error (403)\n \n Thrown when user lacks required role for the operation\n */\nexport class InsufficientRoleError extends ForbiddenError\n{\n constructor(data: { requiredRoles?: string[]; message?: string; details?: Record<string, any> } = {})\n {\n const requiredRoles = data.requiredRoles \|\| [];\n super({\n message: data.message \|\| `Required roles: ${requiredRoles.join(', ')}`,\n details: { requiredRoles, ...data.details }\n });\n this.name = 'InsufficientRoleError';\n }\n}"],"mappings":";;;;;;;AAIA,SAAS,qBAAqB;;;ACJ9B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAMA;AAAA,EACI;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACG;AAOA,IAAM,0BAAN,cAAsC,kBAC7C;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM,EAAE,SAAS,KAAK,WAAW,uBAAuB,SAAS,KAAK,QAAQ,CAAC;AAC/E,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,oBAAN,cAAgC,kBACvC;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM,EAAE,SAAS,KAAK,WAAW,gCAAgC,SAAS,KAAK,QAAQ,CAAC;AACxF,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,oBAAN,cAAgC,kBACvC;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM,EAAE,SAAS,KAAK,WAAW,oCAAoC,SAAS,KAAK,QAAQ,CAAC;AAC5F,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,kBAAN,cAA8B,kBACrC;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM,EAAE,SAAS,KAAK,WAAW,0BAA0B,SAAS,KAAK,QAAQ,CAAC;AAClF,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,uBAAN,cAAmC,eAC1C;AAAA,EACI,YAAY,OAA6E,CAAC,GAC1F;AACI,UAAM,SAAS,KAAK,UAAU;AAC9B,UAAM;AAAA,MACF,SAAS,KAAK,WAAW,cAAc,MAAM;AAAA,MAC7C,SAAS,EAAE,QAAQ,GAAG,KAAK,QAAQ;AAAA,IACvC,CAAC;AACD,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,4BAAN,cAAwC,cAC/C;AAAA,EACI,YAAY,OAAqH,CAAC,GAClI;AACI,UAAM;AAAA,MACF,SAAS,KAAK,WAAW;AAAA,MACzB,SAAS;AAAA,QACL,YAAY,KAAK;AAAA,QACjB,gBAAgB,KAAK;AAAA,QACrB,GAAG,KAAK;AAAA,MACZ;AAAA,IACJ,CAAC;AACD,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,+BAAN,cAA2C,gBAClD;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM,EAAE,SAAS,KAAK,WAAW,6BAA6B,SAAS,KAAK,QAAQ,CAAC;AACrF,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,gCAAN,cAA4C,gBACnD;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM,EAAE,SAAS,KAAK,WAAW,yCAAyC,SAAS,KAAK,QAAQ,CAAC;AACjG,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,6BAAN,cAAyC,gBAChD;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM,EAAE,SAAS,KAAK,WAAW,2BAA2B,SAAS,KAAK,QAAQ,CAAC;AACnF,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,wCAAN,cAAoD,gBAC3D;AAAA,EACI,YAAY,OAAgG,CAAC,GAC7G;AACI,UAAM,WAAW,KAAK,YAAY;AAClC,UAAM,SAAS,KAAK,UAAU;AAC9B,UAAM;AAAA,MACF,SAAS,KAAK,WAAW,6BAA6B,MAAM,SAAS,QAAQ;AAAA,MAC7E,SAAS,EAAE,UAAU,QAAQ,GAAG,KAAK,QAAQ;AAAA,IACjD,CAAC;AACD,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,uCAAN,cAAmD,gBAC1D;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM;AAAA,MACF,SAAS,KAAK,WAAW;AAAA,MACzB,SAAS,KAAK;AAAA,IAClB,CAAC;AACD,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,+BAAN,cAA2C,eAClD;AAAA,EACI,YAAY,OAA4F,CAAC,GACzG;AACI,UAAM,sBAAsB,KAAK,uBAAuB,CAAC;AACzD,UAAM;AAAA,MACF,SAAS,KAAK,WAAW,iCAAiC,oBAAoB,KAAK,IAAI,CAAC;AAAA,MACxF,SAAS,EAAE,qBAAqB,GAAG,KAAK,QAAQ;AAAA,IACpD,CAAC;AACD,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,wBAAN,cAAoC,eAC3C;AAAA,EACI,YAAY,OAAsF,CAAC,GACnG;AACI,UAAM,gBAAgB,KAAK,iBAAiB,CAAC;AAC7C,UAAM;AAAA,MACF,SAAS,KAAK,WAAW,mBAAmB,cAAc,KAAK,IAAI,CAAC;AAAA,MACpE,SAAS,EAAE,eAAe,GAAG,KAAK,QAAQ;AAAA,IAC9C,CAAC;AACD,SAAK,OAAO;AAAA,EAChB;AACJ;;;ADtLO,IAAM,oBAAoB,IAAI,cAAc;AACnD,kBAAkB,OAAO;AAAA,EACrB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACJ,CAAC;","names":[]}
1	+ {"version":3,"sources":["../src/errors/index.ts","../src/errors/auth-errors.ts"],"sourcesContent":["/*\n Auth Error Exports\n /\n\nimport { ErrorRegistry } from \"@spfn/core/errors\";\n\nimport {\n InvalidCredentialsError,\n InvalidTokenError,\n TokenExpiredError,\n KeyExpiredError,\n AccountDisabledError,\n AccountAlreadyExistsError,\n UsernameAlreadyTakenError,\n InvalidVerificationCodeError,\n InvalidVerificationTokenError,\n InvalidKeyFingerprintError,\n VerificationTokenPurposeMismatchError,\n VerificationTokenTargetMismatchError,\n InsufficientPermissionsError,\n InsufficientRoleError,\n} from './auth-errors';\n\nexport {\n InvalidCredentialsError,\n InvalidTokenError,\n TokenExpiredError,\n KeyExpiredError,\n AccountDisabledError,\n AccountAlreadyExistsError,\n UsernameAlreadyTakenError,\n InvalidVerificationCodeError,\n InvalidVerificationTokenError,\n InvalidKeyFingerprintError,\n VerificationTokenPurposeMismatchError,\n VerificationTokenTargetMismatchError,\n InsufficientPermissionsError,\n InsufficientRoleError,\n} from './auth-errors';\n\nexport const authErrorRegistry = new ErrorRegistry();\nauthErrorRegistry.append([\n InvalidCredentialsError,\n InvalidTokenError,\n TokenExpiredError,\n KeyExpiredError,\n AccountDisabledError,\n AccountAlreadyExistsError,\n UsernameAlreadyTakenError,\n InvalidVerificationCodeError,\n InvalidVerificationTokenError,\n InvalidKeyFingerprintError,\n VerificationTokenPurposeMismatchError,\n VerificationTokenTargetMismatchError,\n InsufficientPermissionsError,\n InsufficientRoleError,\n]);\n\nexport as AuthError from './auth-errors';","/*\n Authentication & Authorization Error Classes\n \n Custom error classes for auth-specific scenarios\n /\n\nimport {\n ValidationError,\n UnauthorizedError,\n ForbiddenError,\n ConflictError\n} from '@spfn/core/errors';\n\n/\n Invalid Credentials Error (401)\n \n Thrown when login credentials are incorrect\n /\nexport class InvalidCredentialsError extends UnauthorizedError\n{\n constructor(data: { message?: string; details?: Record<string, any> } = {})\n {\n super({ message: data.message \|\| 'Invalid credentials', details: data.details });\n this.name = 'InvalidCredentialsError';\n }\n}\n\n/\n Invalid Token Error (401)\n \n Thrown when authentication token is invalid or malformed\n /\nexport class InvalidTokenError extends UnauthorizedError\n{\n constructor(data: { message?: string; details?: Record<string, any> } = {})\n {\n super({ message: data.message \|\| 'Invalid authentication token', details: data.details });\n this.name = 'InvalidTokenError';\n }\n}\n\n/\n Token Expired Error (401)\n \n Thrown when authentication token has expired\n /\nexport class TokenExpiredError extends UnauthorizedError\n{\n constructor(data: { message?: string; details?: Record<string, any> } = {})\n {\n super({ message: data.message \|\| 'Authentication token has expired', details: data.details });\n this.name = 'TokenExpiredError';\n }\n}\n\n/\n Key Expired Error (401)\n \n Thrown when public key has expired\n /\nexport class KeyExpiredError extends UnauthorizedError\n{\n constructor(data: { message?: string; details?: Record<string, any> } = {})\n {\n super({ message: data.message \|\| 'Public key has expired', details: data.details });\n this.name = 'KeyExpiredError';\n }\n}\n\n/\n Account Disabled Error (403)\n \n Thrown when user account is disabled or inactive\n /\nexport class AccountDisabledError extends ForbiddenError\n{\n constructor(data: { status?: string; message?: string; details?: Record<string, any> } = {})\n {\n const status = data.status \|\| 'disabled';\n super({\n message: data.message \|\| `Account is ${status}`,\n details: { status, ...data.details }\n });\n this.name = 'AccountDisabledError';\n }\n}\n\n/\n Account Already Exists Error (409)\n \n Thrown when trying to register with existing email/phone\n /\nexport class AccountAlreadyExistsError extends ConflictError\n{\n constructor(data: { identifier?: string; identifierType?: 'email' \| 'phone'; message?: string; details?: Record<string, any> } = {})\n {\n super({\n message: data.message \|\| 'Account already exists',\n details: {\n identifier: data.identifier,\n identifierType: data.identifierType,\n ...data.details\n }\n });\n this.name = 'AccountAlreadyExistsError';\n }\n}\n\n/\n Invalid Verification Code Error (400)\n \n Thrown when verification code is invalid, expired, or already used\n /\nexport class InvalidVerificationCodeError extends ValidationError\n{\n constructor(data: { message?: string; details?: Record<string, any> } = {})\n {\n super({ message: data.message \|\| 'Invalid verification code', details: data.details });\n this.name = 'InvalidVerificationCodeError';\n }\n}\n\n/\n Invalid Verification Token Error (400)\n \n Thrown when verification token is invalid or expired\n /\nexport class InvalidVerificationTokenError extends ValidationError\n{\n constructor(data: { message?: string; details?: Record<string, any> } = {})\n {\n super({ message: data.message \|\| 'Invalid or expired verification token', details: data.details });\n this.name = 'InvalidVerificationTokenError';\n }\n}\n\n/\n Invalid Key Fingerprint Error (400)\n \n Thrown when public key fingerprint doesn't match the public key\n /\nexport class InvalidKeyFingerprintError extends ValidationError\n{\n constructor(data: { message?: string; details?: Record<string, any> } = {})\n {\n super({ message: data.message \|\| 'Invalid key fingerprint', details: data.details });\n this.name = 'InvalidKeyFingerprintError';\n }\n}\n\n/\n Verification Token Purpose Mismatch Error (400)\n \n Thrown when verification token purpose doesn't match expected purpose\n /\nexport class VerificationTokenPurposeMismatchError extends ValidationError\n{\n constructor(data: { expected?: string; actual?: string; message?: string; details?: Record<string, any> } = {})\n {\n const expected = data.expected \|\| 'unknown';\n const actual = data.actual \|\| 'unknown';\n super({\n message: data.message \|\| `Verification token is for ${actual}, but ${expected} was expected`,\n details: { expected, actual, ...data.details }\n });\n this.name = 'VerificationTokenPurposeMismatchError';\n }\n}\n\n/\n Verification Token Target Mismatch Error (400)\n \n Thrown when verification token target doesn't match provided email/phone\n /\nexport class VerificationTokenTargetMismatchError extends ValidationError\n{\n constructor(data: { message?: string; details?: Record<string, any> } = {})\n {\n super({\n message: data.message \|\| 'Verification token does not match provided email/phone',\n details: data.details\n });\n this.name = 'VerificationTokenTargetMismatchError';\n }\n}\n\n/\n Username Already Taken Error (409)\n \n Thrown when trying to set a username that is already in use\n /\nexport class UsernameAlreadyTakenError extends ConflictError\n{\n constructor(data: { username?: string; message?: string; details?: Record<string, any> } = {})\n {\n super({\n message: data.message \|\| 'Username is already taken',\n details: { username: data.username, ...data.details }\n });\n this.name = 'UsernameAlreadyTakenError';\n }\n}\n\n/\n Insufficient Permissions Error (403)\n \n Thrown when user lacks required permissions for the operation\n /\nexport class InsufficientPermissionsError extends ForbiddenError\n{\n constructor(data: { requiredPermissions?: string[]; message?: string; details?: Record<string, any> } = {})\n {\n const requiredPermissions = data.requiredPermissions \|\| [];\n super({\n message: data.message \|\| `Missing required permissions: ${requiredPermissions.join(', ')}`,\n details: { requiredPermissions, ...data.details }\n });\n this.name = 'InsufficientPermissionsError';\n }\n}\n\n/\n Insufficient Role Error (403)\n \n Thrown when user lacks required role for the operation\n */\nexport class InsufficientRoleError extends ForbiddenError\n{\n constructor(data: { requiredRoles?: string[]; message?: string; details?: Record<string, any> } = {})\n {\n const requiredRoles = data.requiredRoles \|\| [];\n super({\n message: data.message \|\| `Required roles: ${requiredRoles.join(', ')}`,\n details: { requiredRoles, ...data.details }\n });\n this.name = 'InsufficientRoleError';\n }\n}"],"mappings":";;;;;;;AAIA,SAAS,qBAAqB;;;ACJ9B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAMA;AAAA,EACI;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACG;AAOA,IAAM,0BAAN,cAAsC,kBAC7C;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM,EAAE,SAAS,KAAK,WAAW,uBAAuB,SAAS,KAAK,QAAQ,CAAC;AAC/E,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,oBAAN,cAAgC,kBACvC;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM,EAAE,SAAS,KAAK,WAAW,gCAAgC,SAAS,KAAK,QAAQ,CAAC;AACxF,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,oBAAN,cAAgC,kBACvC;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM,EAAE,SAAS,KAAK,WAAW,oCAAoC,SAAS,KAAK,QAAQ,CAAC;AAC5F,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,kBAAN,cAA8B,kBACrC;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM,EAAE,SAAS,KAAK,WAAW,0BAA0B,SAAS,KAAK,QAAQ,CAAC;AAClF,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,uBAAN,cAAmC,eAC1C;AAAA,EACI,YAAY,OAA6E,CAAC,GAC1F;AACI,UAAM,SAAS,KAAK,UAAU;AAC9B,UAAM;AAAA,MACF,SAAS,KAAK,WAAW,cAAc,MAAM;AAAA,MAC7C,SAAS,EAAE,QAAQ,GAAG,KAAK,QAAQ;AAAA,IACvC,CAAC;AACD,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,4BAAN,cAAwC,cAC/C;AAAA,EACI,YAAY,OAAqH,CAAC,GAClI;AACI,UAAM;AAAA,MACF,SAAS,KAAK,WAAW;AAAA,MACzB,SAAS;AAAA,QACL,YAAY,KAAK;AAAA,QACjB,gBAAgB,KAAK;AAAA,QACrB,GAAG,KAAK;AAAA,MACZ;AAAA,IACJ,CAAC;AACD,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,+BAAN,cAA2C,gBAClD;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM,EAAE,SAAS,KAAK,WAAW,6BAA6B,SAAS,KAAK,QAAQ,CAAC;AACrF,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,gCAAN,cAA4C,gBACnD;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM,EAAE,SAAS,KAAK,WAAW,yCAAyC,SAAS,KAAK,QAAQ,CAAC;AACjG,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,6BAAN,cAAyC,gBAChD;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM,EAAE,SAAS,KAAK,WAAW,2BAA2B,SAAS,KAAK,QAAQ,CAAC;AACnF,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,wCAAN,cAAoD,gBAC3D;AAAA,EACI,YAAY,OAAgG,CAAC,GAC7G;AACI,UAAM,WAAW,KAAK,YAAY;AAClC,UAAM,SAAS,KAAK,UAAU;AAC9B,UAAM;AAAA,MACF,SAAS,KAAK,WAAW,6BAA6B,MAAM,SAAS,QAAQ;AAAA,MAC7E,SAAS,EAAE,UAAU,QAAQ,GAAG,KAAK,QAAQ;AAAA,IACjD,CAAC;AACD,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,uCAAN,cAAmD,gBAC1D;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM;AAAA,MACF,SAAS,KAAK,WAAW;AAAA,MACzB,SAAS,KAAK;AAAA,IAClB,CAAC;AACD,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,4BAAN,cAAwC,cAC/C;AAAA,EACI,YAAY,OAA+E,CAAC,GAC5F;AACI,UAAM;AAAA,MACF,SAAS,KAAK,WAAW;AAAA,MACzB,SAAS,EAAE,UAAU,KAAK,UAAU,GAAG,KAAK,QAAQ;AAAA,IACxD,CAAC;AACD,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,+BAAN,cAA2C,eAClD;AAAA,EACI,YAAY,OAA4F,CAAC,GACzG;AACI,UAAM,sBAAsB,KAAK,uBAAuB,CAAC;AACzD,UAAM;AAAA,MACF,SAAS,KAAK,WAAW,iCAAiC,oBAAoB,KAAK,IAAI,CAAC;AAAA,MACxF,SAAS,EAAE,qBAAqB,GAAG,KAAK,QAAQ;AAAA,IACpD,CAAC;AACD,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,wBAAN,cAAoC,eAC3C;AAAA,EACI,YAAY,OAAsF,CAAC,GACnG;AACI,UAAM,gBAAgB,KAAK,iBAAiB,CAAC;AAC7C,UAAM;AAAA,MACF,SAAS,KAAK,WAAW,mBAAmB,cAAc,KAAK,IAAI,CAAC;AAAA,MACpE,SAAS,EAAE,eAAe,GAAG,KAAK,QAAQ;AAAA,IAC9C,CAAC;AACD,SAAK,OAAO;AAAA,EAChB;AACJ;;;ADrMO,IAAM,oBAAoB,IAAI,cAAc;AACnD,kBAAkB,OAAO;AAAA,EACrB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACJ,CAAC;","names":[]}

package/dist/index.d.ts CHANGED Viewed

@@ -1,10 +1,38 @@
 import * as _spfn_core_nextjs from '@spfn/core/nextjs';
-import { R as RoleConfig, P as PermissionConfig, U as UserProfile, C as CheckAccountExistsResult, S as SendVerificationCodeResult, a as RegisterResult, L as LoginResult, b as RotateKeyResult, m as mainAuthRouter } from './dto-CLYtuAom.js';
-export { k as AuthInitOptions, A as AuthSession, I as INVITATION_STATUSES, n as InvitationStatus, K as KEY_ALGORITHM, l as KeyAlgorithmType, i as PERMISSION_CATEGORIES, j as PermissionCategory, c as ProfileInfo, e as SOCIAL_PROVIDERS, p as SocialProvider, d as USER_STATUSES, o as UserStatus, h as VERIFICATION_PURPOSES, g as VERIFICATION_TARGET_TYPES, f as VerificationPurpose, V as VerificationTargetType } from './dto-CLYtuAom.js';
+import { R as RoleConfig, P as PermissionConfig, C as CheckAccountExistsResult, S as SendVerificationCodeResult, a as RegisterResult, L as LoginResult, b as RotateKeyResult, O as OAuthStartResult, U as UserProfile, c as ProfileInfo, m as mainAuthRouter } from './authenticate-Brx2N-Ip.js';
+export { k as AuthInitOptions, A as AuthSession, I as INVITATION_STATUSES, n as InvitationStatus, K as KEY_ALGORITHM, l as KeyAlgorithmType, i as PERMISSION_CATEGORIES, j as PermissionCategory, e as SOCIAL_PROVIDERS, p as SocialProvider, d as USER_STATUSES, o as UserStatus, h as VERIFICATION_PURPOSES, g as VERIFICATION_TARGET_TYPES, f as VerificationPurpose, V as VerificationTargetType } from './authenticate-Brx2N-Ip.js';
 import * as _spfn_core_route from '@spfn/core/route';
+import { HttpMethod } from '@spfn/core/route';
 import * as _sinclair_typebox from '@sinclair/typebox';
 import '@spfn/auth/server';
+/**
+ * Email regex pattern (RFC 5322 compliant)
+ * Validates: local-part@domain.tld
+ * - Local part: alphanumeric, dots, hyphens, underscores
+ * - Domain: alphanumeric, hyphens, dots
+ * - TLD: minimum 2 characters
+ */
+declare const EMAIL_PATTERN = "^[a-zA-Z0-9._-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$";
+/**
+ * Phone regex pattern (E.164 format)
+ * Format: +[country code][number] (1-15 digits total)
+ */
+declare const PHONE_PATTERN = "^\\+[1-9]\\d{1,14}$";
+/**
+ * SHA-256 fingerprint pattern (64 hex characters)
+ */
+declare const FINGERPRINT_PATTERN = "^[a-f0-9]{64}$";
+/**
+ * UUID v4 pattern (8-4-4-4-12 format)
+ */
+declare const UUID_PATTERN = "^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$";
+/**
+ * Base64 pattern (DER encoded keys)
+ * Matches standard Base64 with padding
+ */
+declare const BASE64_PATTERN = "^[A-Za-z0-9+/]+=*$";
 /**
  * @spfn/auth - Built-in Roles and Permissions
  *
@@ -31,31 +59,16 @@ type BuiltinRoleName = keyof typeof BUILTIN_ROLE_PERMISSIONS;
 type BuiltinPermissionName = typeof BUILTIN_PERMISSIONS[keyof typeof BUILTIN_PERMISSIONS]['name'];
 /**
- * Email regex pattern (RFC 5322 compliant)
- * Validates: local-part@domain.tld
- * - Local part: alphanumeric, dots, hyphens, underscores
- * - Domain: alphanumeric, hyphens, dots
- * - TLD: minimum 2 characters
- */
-declare const EMAIL_PATTERN = "^[a-zA-Z0-9._-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$";
-/**
- * Phone regex pattern (E.164 format)
- * Format: +[country code][number] (1-15 digits total)
- */
-declare const PHONE_PATTERN = "^\\+[1-9]\\d{1,14}$";
-/**
- * SHA-256 fingerprint pattern (64 hex characters)
- */
-declare const FINGERPRINT_PATTERN = "^[a-f0-9]{64}$";
-/**
- * UUID v4 pattern (8-4-4-4-12 format)
- */
-declare const UUID_PATTERN = "^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$";
-/**
- * Base64 pattern (DER encoded keys)
- * Matches standard Base64 with padding
+ * Route Map (Auto-generated)
+ *
+ * DO NOT EDIT - This file is generated by @spfn/core:route-map generator
  */
-declare const BASE64_PATTERN = "^[A-Za-z0-9+/]+=*$";
+interface RouteInfo {
+    method: HttpMethod;
+    path: string;
+}
+declare const routeMap: Record<string, RouteInfo>;
 /**
  * Type-safe API client for auth routes
@@ -74,7 +87,140 @@ declare const BASE64_PATTERN = "^[A-Za-z0-9+/]+=*$";
  * ```
  */
 declare const authApi: _spfn_core_nextjs.Client<_spfn_core_route.Router<{
-    getUserProfile: _spfn_core_route.RouteDef<{}, {}, UserProfile>;
+    checkAccountExists: _spfn_core_route.RouteDef<{
+        body: _sinclair_typebox.TUnion<[_sinclair_typebox.TObject<{
+            email: _sinclair_typebox.TString;
+        }>, _sinclair_typebox.TObject<{
+            phone: _sinclair_typebox.TString;
+        }>]>;
+    }, {}, CheckAccountExistsResult>;
+    sendVerificationCode: _spfn_core_route.RouteDef<{
+        body: _sinclair_typebox.TObject<{
+            target: _sinclair_typebox.TString;
+            targetType: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"email">, _sinclair_typebox.TLiteral<"phone">]>;
+            purpose: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"registration">, _sinclair_typebox.TLiteral<"login">, _sinclair_typebox.TLiteral<"password_reset">, _sinclair_typebox.TLiteral<"email_change">, _sinclair_typebox.TLiteral<"phone_change">]>;
+        }>;
+    }, {}, SendVerificationCodeResult>;
+    verifyCode: _spfn_core_route.RouteDef<{
+        body: _sinclair_typebox.TObject<{
+            target: _sinclair_typebox.TString;
+            targetType: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"email">, _sinclair_typebox.TLiteral<"phone">]>;
+            code: _sinclair_typebox.TString;
+            purpose: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"registration">, _sinclair_typebox.TLiteral<"login">, _sinclair_typebox.TLiteral<"password_reset">, _sinclair_typebox.TLiteral<"email_change">, _sinclair_typebox.TLiteral<"phone_change">]>;
+        }>;
+    }, {}, {
+        valid: boolean;
+        verificationToken: string;
+    }>;
+    register: _spfn_core_route.RouteDef<{
+        body: _sinclair_typebox.TObject<{
+            email: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+            phone: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+            verificationToken: _sinclair_typebox.TString;
+            password: _sinclair_typebox.TString;
+        }>;
+    }, {
+        body: _sinclair_typebox.TObject<{
+            publicKey: _sinclair_typebox.TString;
+            keyId: _sinclair_typebox.TString;
+            fingerprint: _sinclair_typebox.TString;
+            algorithm: _sinclair_typebox.TUnion<_sinclair_typebox.TLiteral<"ES256" | "RS256">[]>;
+        }>;
+    }, RegisterResult>;
+    login: _spfn_core_route.RouteDef<{
+        body: _sinclair_typebox.TObject<{
+            email: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+            phone: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+            password: _sinclair_typebox.TString;
+        }>;
+    }, {
+        body: _sinclair_typebox.TObject<{
+            publicKey: _sinclair_typebox.TString;
+            keyId: _sinclair_typebox.TString;
+            fingerprint: _sinclair_typebox.TString;
+            algorithm: _sinclair_typebox.TUnion<_sinclair_typebox.TLiteral<"ES256" | "RS256">[]>;
+            oldKeyId: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+        }>;
+    }, LoginResult>;
+    logout: _spfn_core_route.RouteDef<{}, {}, void>;
+    rotateKey: _spfn_core_route.RouteDef<{}, {
+        body: _sinclair_typebox.TObject<{
+            publicKey: _sinclair_typebox.TString;
+            keyId: _sinclair_typebox.TString;
+            fingerprint: _sinclair_typebox.TString;
+            algorithm: _sinclair_typebox.TUnion<_sinclair_typebox.TLiteral<"ES256" | "RS256">[]>;
+        }>;
+    }, RotateKeyResult>;
+    changePassword: _spfn_core_route.RouteDef<{
+        body: _sinclair_typebox.TObject<{
+            currentPassword: _sinclair_typebox.TString;
+            newPassword: _sinclair_typebox.TString;
+        }>;
+    }, {}, void>;
+    getAuthSession: _spfn_core_route.RouteDef<{}, {}, {
+        role: {
+            id: number;
+            name: string;
+            displayName: string;
+            priority: number;
+        };
+        permissions: {
+            id: number;
+            name: string;
+            displayName: string;
+            category: "auth" | "custom" | "user" | "rbac" | "system" | undefined;
+        }[];
+        userId: number;
+        email: string | null;
+        emailVerified: boolean;
+        phoneVerified: boolean;
+    }>;
+    oauthGoogleStart: _spfn_core_route.RouteDef<{
+        query: _sinclair_typebox.TObject<{
+            state: _sinclair_typebox.TString;
+        }>;
+    }, {}, Response>;
+    oauthGoogleCallback: _spfn_core_route.RouteDef<{
+        query: _sinclair_typebox.TObject<{
+            code: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+            state: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+            error: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+            error_description: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+        }>;
+    }, {}, Response>;
+    oauthStart: _spfn_core_route.RouteDef<{
+        body: _sinclair_typebox.TObject<{
+            provider: _sinclair_typebox.TUnion<_sinclair_typebox.TLiteral<"google" | "github" | "kakao" | "naver">[]>;
+            returnUrl: _sinclair_typebox.TString;
+            publicKey: _sinclair_typebox.TString;
+            keyId: _sinclair_typebox.TString;
+            fingerprint: _sinclair_typebox.TString;
+            algorithm: _sinclair_typebox.TUnion<_sinclair_typebox.TLiteral<"ES256" | "RS256">[]>;
+        }>;
+    }, {}, OAuthStartResult>;
+    oauthProviders: _spfn_core_route.RouteDef<{}, {}, {
+        providers: ("google" | "github" | "kakao" | "naver")[];
+    }>;
+    getGoogleOAuthUrl: _spfn_core_route.RouteDef<{
+        body: _sinclair_typebox.TObject<{
+            returnUrl: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+            state: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+        }>;
+    }, {}, {
+        authUrl: string;
+    }>;
+    oauthFinalize: _spfn_core_route.RouteDef<{
+        body: _sinclair_typebox.TObject<{
+            userId: _sinclair_typebox.TString;
+            keyId: _sinclair_typebox.TString;
+            returnUrl: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+        }>;
+    }, {}, {
+        success: boolean;
+        userId: string;
+        keyId: string;
+        returnUrl: string;
+    }>;
     getInvitation: _spfn_core_route.RouteDef<{
         params: _sinclair_typebox.TObject<{
             token: _sinclair_typebox.TString;
@@ -174,100 +320,133 @@ declare const authApi: _spfn_core_nextjs.Client<_spfn_core_route.Router<{
         body: _sinclair_typebox.TObject<{
             id: _sinclair_typebox.TNumber;
         }>;
-    }, {}, Response>;
-    checkAccountExists: _spfn_core_route.RouteDef<{
-        body: _sinclair_typebox.TUnion<[_sinclair_typebox.TObject<{
-            email: _sinclair_typebox.TString;
-        }>, _sinclair_typebox.TObject<{
-            phone: _sinclair_typebox.TString;
-        }>]>;
-    }, {}, CheckAccountExistsResult>;
-    sendVerificationCode: _spfn_core_route.RouteDef<{
+    }, {}, void>;
+    getUserProfile: _spfn_core_route.RouteDef<{}, {}, UserProfile>;
+    updateUserProfile: _spfn_core_route.RouteDef<{
         body: _sinclair_typebox.TObject<{
-            target: _sinclair_typebox.TString;
-            targetType: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"email">, _sinclair_typebox.TLiteral<"phone">]>;
-            purpose: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"registration">, _sinclair_typebox.TLiteral<"login">, _sinclair_typebox.TLiteral<"password_reset">, _sinclair_typebox.TLiteral<"email_change">, _sinclair_typebox.TLiteral<"phone_change">]>;
+            displayName: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+            firstName: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+            lastName: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+            avatarUrl: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+            bio: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+            locale: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+            timezone: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+            dateOfBirth: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+            gender: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+            website: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+            location: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+            company: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+            jobTitle: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+            metadata: _sinclair_typebox.TOptional<_sinclair_typebox.TRecord<_sinclair_typebox.TString, _sinclair_typebox.TAny>>;
         }>;
-    }, {}, SendVerificationCodeResult>;
-    verifyCode: _spfn_core_route.RouteDef<{
-        body: _sinclair_typebox.TObject<{
-            target: _sinclair_typebox.TString;
-            targetType: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"email">, _sinclair_typebox.TLiteral<"phone">]>;
-            code: _sinclair_typebox.TString;
-            purpose: _sinclair_typebox.TUnion<[_sinclair_typebox.TLiteral<"registration">, _sinclair_typebox.TLiteral<"login">, _sinclair_typebox.TLiteral<"password_reset">, _sinclair_typebox.TLiteral<"email_change">, _sinclair_typebox.TLiteral<"phone_change">]>;
+    }, {}, ProfileInfo>;
+    checkUsername: _spfn_core_route.RouteDef<{
+        query: _sinclair_typebox.TObject<{
+            username: _sinclair_typebox.TString;
         }>;
     }, {}, {
-        valid: boolean;
-        verificationToken: string;
+        available: boolean;
     }>;
-    register: _spfn_core_route.RouteDef<{
-        body: _sinclair_typebox.TObject<{
-            email: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
-            phone: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
-            verificationToken: _sinclair_typebox.TString;
-            password: _sinclair_typebox.TString;
-        }>;
-    }, {
-        body: _sinclair_typebox.TObject<{
-            publicKey: _sinclair_typebox.TString;
-            keyId: _sinclair_typebox.TString;
-            fingerprint: _sinclair_typebox.TString;
-            algorithm: _sinclair_typebox.TUnion<_sinclair_typebox.TLiteral<"ES256" | "RS256">[]>;
-        }>;
-    }, RegisterResult>;
-    login: _spfn_core_route.RouteDef<{
-        body: _sinclair_typebox.TObject<{
-            email: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
-            phone: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
-            password: _sinclair_typebox.TString;
-        }>;
-    }, {
+    updateUsername: _spfn_core_route.RouteDef<{
         body: _sinclair_typebox.TObject<{
-            publicKey: _sinclair_typebox.TString;
-            keyId: _sinclair_typebox.TString;
-            fingerprint: _sinclair_typebox.TString;
-            algorithm: _sinclair_typebox.TUnion<_sinclair_typebox.TLiteral<"ES256" | "RS256">[]>;
-            oldKeyId: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+            username: _sinclair_typebox.TUnion<[_sinclair_typebox.TString, _sinclair_typebox.TNull]>;
         }>;
-    }, LoginResult>;
-    logout: _spfn_core_route.RouteDef<{
-        body: _sinclair_typebox.TObject<{}>;
-    }, {}, Response>;
-    rotateKey: _spfn_core_route.RouteDef<{
-        body: _sinclair_typebox.TObject<{}>;
-    }, {
-        body: _sinclair_typebox.TObject<{
-            publicKey: _sinclair_typebox.TString;
-            keyId: _sinclair_typebox.TString;
-            fingerprint: _sinclair_typebox.TString;
-            algorithm: _sinclair_typebox.TUnion<_sinclair_typebox.TLiteral<"ES256" | "RS256">[]>;
+    }, {}, {
+        createdAt: Date;
+        updatedAt: Date;
+        id: number;
+        email: string | null;
+        phone: string | null;
+        username: string | null;
+        passwordHash: string | null;
+        passwordChangeRequired: boolean;
+        roleId: number;
+        status: "active" | "inactive" | "suspended";
+        emailVerifiedAt: Date | null;
+        phoneVerifiedAt: Date | null;
+        lastLoginAt: Date | null;
+    }>;
+    listRoles: _spfn_core_route.RouteDef<{
+        query: _sinclair_typebox.TObject<{
+            includeInactive: _sinclair_typebox.TOptional<_sinclair_typebox.TBoolean>;
         }>;
-    }, RotateKeyResult>;
-    changePassword: _spfn_core_route.RouteDef<{
+    }, {}, {
+        roles: {
+            description: string | null;
+            id: number;
+            name: string;
+            displayName: string;
+            isBuiltin: boolean;
+            isSystem: boolean;
+            isActive: boolean;
+            priority: number;
+            createdAt: Date;
+            updatedAt: Date;
+        }[];
+    }>;
+    createAdminRole: _spfn_core_route.RouteDef<{
         body: _sinclair_typebox.TObject<{
-            currentPassword: _sinclair_typebox.TString;
-            newPassword: _sinclair_typebox.TString;
+            name: _sinclair_typebox.TString;
+            displayName: _sinclair_typebox.TString;
+            description: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+            priority: _sinclair_typebox.TOptional<_sinclair_typebox.TNumber>;
+            permissionIds: _sinclair_typebox.TOptional<_sinclair_typebox.TArray<_sinclair_typebox.TNumber>>;
         }>;
-    }, {}, Response>;
-    getAuthSession: _spfn_core_route.RouteDef<{}, {}, {
+    }, {}, {
         role: {
+            description: string | null;
             id: number;
             name: string;
             displayName: string;
+            isBuiltin: boolean;
+            isSystem: boolean;
+            isActive: boolean;
             priority: number;
+            createdAt: Date;
+            updatedAt: Date;
         };
-        permissions: {
+    }>;
+    updateAdminRole: _spfn_core_route.RouteDef<{
+        params: _sinclair_typebox.TObject<{
+            id: _sinclair_typebox.TNumber;
+        }>;
+        body: _sinclair_typebox.TObject<{
+            displayName: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+            description: _sinclair_typebox.TOptional<_sinclair_typebox.TString>;
+            priority: _sinclair_typebox.TOptional<_sinclair_typebox.TNumber>;
+            isActive: _sinclair_typebox.TOptional<_sinclair_typebox.TBoolean>;
+        }>;
+    }, {}, {
+        role: {
+            description: string | null;
             id: number;
             name: string;
             displayName: string;
-            category: "auth" | "custom" | "user" | "rbac" | "system" | undefined;
-        }[];
+            isBuiltin: boolean;
+            isSystem: boolean;
+            isActive: boolean;
+            priority: number;
+            createdAt: Date;
+            updatedAt: Date;
+        };
+    }>;
+    deleteAdminRole: _spfn_core_route.RouteDef<{
+        params: _sinclair_typebox.TObject<{
+            id: _sinclair_typebox.TNumber;
+        }>;
+    }, {}, void>;
+    updateUserRole: _spfn_core_route.RouteDef<{
+        params: _sinclair_typebox.TObject<{
+            userId: _sinclair_typebox.TNumber;
+        }>;
+        body: _sinclair_typebox.TObject<{
+            roleId: _sinclair_typebox.TNumber;
+        }>;
+    }, {}, {
         userId: number;
-        email: string | null;
-        emailVerified: boolean;
-        phoneVerified: boolean;
+        roleId: number;
     }>;
 }>>;
 type AuthRouter = typeof mainAuthRouter;
-export { type AuthRouter, BASE64_PATTERN, BUILTIN_PERMISSIONS, BUILTIN_ROLES, BUILTIN_ROLE_PERMISSIONS, type BuiltinPermissionName, type BuiltinRoleName, EMAIL_PATTERN, FINGERPRINT_PATTERN, PHONE_PATTERN, PermissionConfig, RoleConfig, UUID_PATTERN, UserProfile, authApi };
+export { type AuthRouter, BASE64_PATTERN, BUILTIN_PERMISSIONS, BUILTIN_ROLES, BUILTIN_ROLE_PERMISSIONS, type BuiltinPermissionName, type BuiltinRoleName, EMAIL_PATTERN, FINGERPRINT_PATTERN, PHONE_PATTERN, PermissionConfig, ProfileInfo, RoleConfig, UUID_PATTERN, UserProfile, authApi, routeMap as authRouteMap };

package/dist/index.js CHANGED Viewed

@@ -102,6 +102,15 @@ var VerificationTokenTargetMismatchError = class extends ValidationError {
     this.name = "VerificationTokenTargetMismatchError";
   }
 };
+var UsernameAlreadyTakenError = class extends ConflictError {
+  constructor(data = {}) {
+    super({
+      message: data.message || "Username is already taken",
+      details: { username: data.username, ...data.details }
+    });
+    this.name = "UsernameAlreadyTakenError";
+  }
+};
 var InsufficientPermissionsError = class extends ForbiddenError {
   constructor(data = {}) {
     const requiredPermissions = data.requiredPermissions || [];
@@ -132,6 +141,7 @@ authErrorRegistry.append([
   KeyExpiredError,
   AccountDisabledError,
   AccountAlreadyExistsError,
+  UsernameAlreadyTakenError,
   InvalidVerificationCodeError,
   InvalidVerificationTokenError,
   InvalidKeyFingerprintError,
@@ -141,6 +151,41 @@ authErrorRegistry.append([
   InsufficientRoleError
 ]);
+// src/generated/route-map.ts
+var routeMap = {
+  checkAccountExists: { method: "POST", path: "/_auth/exists" },
+  sendVerificationCode: { method: "POST", path: "/_auth/codes" },
+  verifyCode: { method: "POST", path: "/_auth/codes/verify" },
+  register: { method: "POST", path: "/_auth/register" },
+  login: { method: "POST", path: "/_auth/login" },
+  logout: { method: "POST", path: "/_auth/logout" },
+  rotateKey: { method: "POST", path: "/_auth/keys/rotate" },
+  changePassword: { method: "PUT", path: "/_auth/password" },
+  getAuthSession: { method: "GET", path: "/_auth/session" },
+  getInvitation: { method: "GET", path: "/_auth/invitations/:token" },
+  acceptInvitation: { method: "POST", path: "/_auth/invitations/accept" },
+  createInvitation: { method: "POST", path: "/_auth/invitations" },
+  listInvitations: { method: "GET", path: "/_auth/invitations" },
+  cancelInvitation: { method: "POST", path: "/_auth/invitations/cancel" },
+  resendInvitation: { method: "POST", path: "/_auth/invitations/resend" },
+  deleteInvitation: { method: "POST", path: "/_auth/invitations/delete" },
+  getUserProfile: { method: "GET", path: "/_auth/users/profile" },
+  updateUserProfile: { method: "PATCH", path: "/_auth/users/profile" },
+  checkUsername: { method: "GET", path: "/_auth/users/username/check" },
+  updateUsername: { method: "PATCH", path: "/_auth/users/username" },
+  oauthGoogleStart: { method: "GET", path: "/_auth/oauth/google" },
+  oauthGoogleCallback: { method: "GET", path: "/_auth/oauth/google/callback" },
+  oauthStart: { method: "POST", path: "/_auth/oauth/start" },
+  oauthProviders: { method: "GET", path: "/_auth/oauth/providers" },
+  getGoogleOAuthUrl: { method: "POST", path: "/_auth/oauth/google/url" },
+  oauthFinalize: { method: "POST", path: "/_auth/oauth/finalize" },
+  listRoles: { method: "GET", path: "/_auth/admin/roles" },
+  createAdminRole: { method: "POST", path: "/_auth/admin/roles" },
+  updateAdminRole: { method: "PATCH", path: "/_auth/admin/roles/:id" },
+  deleteAdminRole: { method: "DELETE", path: "/_auth/admin/roles/:id" },
+  updateUserRole: { method: "PATCH", path: "/_auth/admin/users/:userId/role" }
+};
 // src/lib/types.ts
 var EMAIL_PATTERN = "^[a-zA-Z0-9._-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$";
 var PHONE_PATTERN = "^\\+[1-9]\\d{1,14}$";
@@ -2941,6 +2986,7 @@ export {
   UUID_PATTERN,
   VERIFICATION_PURPOSES,
   VERIFICATION_TARGET_TYPES,
-  authApi
+  authApi,
+  routeMap as authRouteMap
 };
 //# sourceMappingURL=index.js.map