npm - @technomoron/apicore-server - Versions diffs - 1.0.0-beta.1 - Mend

@technomoron/apicore-server 1.0.0-beta.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (171) hide show

package/LICENSE +21 -0
package/dist/cjs/api-module.cjs +34 -0
package/dist/cjs/api-module.d.ts +45 -0
package/dist/cjs/apicore-server.cjs +1561 -0
package/dist/cjs/apicore-server.d.ts +288 -0
package/dist/cjs/auth-api/auth-module.cjs +1248 -0
package/dist/cjs/auth-api/auth-module.d.ts +116 -0
package/dist/cjs/auth-api/compat-auth-storage.cjs +128 -0
package/dist/cjs/auth-api/compat-auth-storage.d.ts +57 -0
package/dist/cjs/auth-api/mem-auth-store.cjs +121 -0
package/dist/cjs/auth-api/mem-auth-store.d.ts +68 -0
package/dist/cjs/auth-api/module.cjs +25 -0
package/dist/cjs/auth-api/module.d.ts +20 -0
package/dist/cjs/auth-api/schemas.cjs +171 -0
package/dist/cjs/auth-api/schemas.d.ts +21 -0
package/dist/cjs/auth-api/sql-auth-store.cjs +179 -0
package/dist/cjs/auth-api/sql-auth-store.d.ts +87 -0
package/dist/cjs/auth-api/storage.cjs +102 -0
package/dist/cjs/auth-api/storage.d.ts +38 -0
package/dist/cjs/auth-api/types.cjs +2 -0
package/dist/cjs/auth-api/types.d.ts +34 -0
package/dist/cjs/auth-api/user-id.cjs +47 -0
package/dist/cjs/auth-api/user-id.d.ts +5 -0
package/dist/cjs/auth-cookie-options.cjs +66 -0
package/dist/cjs/auth-cookie-options.d.ts +13 -0
package/dist/cjs/base/client-info.cjs +285 -0
package/dist/cjs/base/client-info.d.ts +27 -0
package/dist/cjs/base/error-utils.cjs +50 -0
package/dist/cjs/base/error-utils.d.ts +16 -0
package/dist/cjs/base/request-utils.cjs +27 -0
package/dist/cjs/base/request-utils.d.ts +8 -0
package/dist/cjs/index.cjs +51 -0
package/dist/cjs/index.d.ts +34 -0
package/dist/cjs/limiter/auth-rate-limiter.cjs +35 -0
package/dist/cjs/limiter/auth-rate-limiter.d.ts +12 -0
package/dist/cjs/limiter/fixed-window.cjs +41 -0
package/dist/cjs/limiter/fixed-window.d.ts +11 -0
package/dist/cjs/oauth/base.cjs +7 -0
package/dist/cjs/oauth/base.d.ts +17 -0
package/dist/cjs/oauth/memory.cjs +135 -0
package/dist/cjs/oauth/memory.d.ts +22 -0
package/dist/cjs/oauth/models.cjs +47 -0
package/dist/cjs/oauth/models.d.ts +50 -0
package/dist/cjs/oauth/sequelize.cjs +159 -0
package/dist/cjs/oauth/sequelize.d.ts +30 -0
package/dist/cjs/oauth/types.cjs +3 -0
package/dist/cjs/oauth/types.d.ts +51 -0
package/dist/cjs/passkey/base.cjs +7 -0
package/dist/cjs/passkey/base.d.ts +28 -0
package/dist/cjs/passkey/config.cjs +26 -0
package/dist/cjs/passkey/config.d.ts +2 -0
package/dist/cjs/passkey/memory.cjs +123 -0
package/dist/cjs/passkey/memory.d.ts +34 -0
package/dist/cjs/passkey/models.cjs +142 -0
package/dist/cjs/passkey/models.d.ts +34 -0
package/dist/cjs/passkey/sequelize.cjs +126 -0
package/dist/cjs/passkey/sequelize.d.ts +42 -0
package/dist/cjs/passkey/service.cjs +413 -0
package/dist/cjs/passkey/service.d.ts +21 -0
package/dist/cjs/passkey/types.cjs +2 -0
package/dist/cjs/passkey/types.d.ts +84 -0
package/dist/cjs/sequelize-utils.cjs +56 -0
package/dist/cjs/sequelize-utils.d.ts +8 -0
package/dist/cjs/token/base.cjs +120 -0
package/dist/cjs/token/base.d.ts +46 -0
package/dist/cjs/token/memory.cjs +234 -0
package/dist/cjs/token/memory.d.ts +29 -0
package/dist/cjs/token/sequelize.cjs +400 -0
package/dist/cjs/token/sequelize.d.ts +58 -0
package/dist/cjs/token/types.cjs +2 -0
package/dist/cjs/token/types.d.ts +34 -0
package/dist/cjs/upload/memory.cjs +92 -0
package/dist/cjs/upload/memory.d.ts +17 -0
package/dist/cjs/upload/tus-module.cjs +270 -0
package/dist/cjs/upload/tus-module.d.ts +38 -0
package/dist/cjs/upload/types.cjs +2 -0
package/dist/cjs/upload/types.d.ts +28 -0
package/dist/cjs/user/base.cjs +53 -0
package/dist/cjs/user/base.d.ts +36 -0
package/dist/cjs/user/memory.cjs +194 -0
package/dist/cjs/user/memory.d.ts +37 -0
package/dist/cjs/user/sequelize.cjs +194 -0
package/dist/cjs/user/sequelize.d.ts +46 -0
package/dist/cjs/user/types.cjs +2 -0
package/dist/cjs/user/types.d.ts +11 -0
package/dist/esm/api-module.d.ts +45 -0
package/dist/esm/api-module.js +30 -0
package/dist/esm/apicore-server.d.ts +288 -0
package/dist/esm/apicore-server.js +1552 -0
package/dist/esm/auth-api/auth-module.d.ts +116 -0
package/dist/esm/auth-api/auth-module.js +1246 -0
package/dist/esm/auth-api/compat-auth-storage.d.ts +57 -0
package/dist/esm/auth-api/compat-auth-storage.js +124 -0
package/dist/esm/auth-api/mem-auth-store.d.ts +68 -0
package/dist/esm/auth-api/mem-auth-store.js +117 -0
package/dist/esm/auth-api/module.d.ts +20 -0
package/dist/esm/auth-api/module.js +21 -0
package/dist/esm/auth-api/schemas.d.ts +21 -0
package/dist/esm/auth-api/schemas.js +168 -0
package/dist/esm/auth-api/sql-auth-store.d.ts +87 -0
package/dist/esm/auth-api/sql-auth-store.js +175 -0
package/dist/esm/auth-api/storage.d.ts +38 -0
package/dist/esm/auth-api/storage.js +98 -0
package/dist/esm/auth-api/types.d.ts +34 -0
package/dist/esm/auth-api/types.js +1 -0
package/dist/esm/auth-api/user-id.d.ts +5 -0
package/dist/esm/auth-api/user-id.js +41 -0
package/dist/esm/auth-cookie-options.d.ts +13 -0
package/dist/esm/auth-cookie-options.js +63 -0
package/dist/esm/base/client-info.d.ts +27 -0
package/dist/esm/base/client-info.js +282 -0
package/dist/esm/base/error-utils.d.ts +16 -0
package/dist/esm/base/error-utils.js +44 -0
package/dist/esm/base/request-utils.d.ts +8 -0
package/dist/esm/base/request-utils.js +23 -0
package/dist/esm/index.d.ts +34 -0
package/dist/esm/index.js +21 -0
package/dist/esm/limiter/auth-rate-limiter.d.ts +12 -0
package/dist/esm/limiter/auth-rate-limiter.js +32 -0
package/dist/esm/limiter/fixed-window.d.ts +11 -0
package/dist/esm/limiter/fixed-window.js +37 -0
package/dist/esm/oauth/base.d.ts +17 -0
package/dist/esm/oauth/base.js +3 -0
package/dist/esm/oauth/memory.d.ts +22 -0
package/dist/esm/oauth/memory.js +128 -0
package/dist/esm/oauth/models.d.ts +50 -0
package/dist/esm/oauth/models.js +38 -0
package/dist/esm/oauth/sequelize.d.ts +30 -0
package/dist/esm/oauth/sequelize.js +148 -0
package/dist/esm/oauth/types.d.ts +51 -0
package/dist/esm/oauth/types.js +2 -0
package/dist/esm/passkey/base.d.ts +28 -0
package/dist/esm/passkey/base.js +3 -0
package/dist/esm/passkey/config.d.ts +2 -0
package/dist/esm/passkey/config.js +23 -0
package/dist/esm/passkey/memory.d.ts +34 -0
package/dist/esm/passkey/memory.js +119 -0
package/dist/esm/passkey/models.d.ts +34 -0
package/dist/esm/passkey/models.js +135 -0
package/dist/esm/passkey/sequelize.d.ts +42 -0
package/dist/esm/passkey/sequelize.js +122 -0
package/dist/esm/passkey/service.d.ts +21 -0
package/dist/esm/passkey/service.js +376 -0
package/dist/esm/passkey/types.d.ts +84 -0
package/dist/esm/passkey/types.js +1 -0
package/dist/esm/sequelize-utils.d.ts +8 -0
package/dist/esm/sequelize-utils.js +47 -0
package/dist/esm/token/base.d.ts +46 -0
package/dist/esm/token/base.js +113 -0
package/dist/esm/token/memory.d.ts +29 -0
package/dist/esm/token/memory.js +230 -0
package/dist/esm/token/sequelize.d.ts +58 -0
package/dist/esm/token/sequelize.js +396 -0
package/dist/esm/token/types.d.ts +34 -0
package/dist/esm/token/types.js +1 -0
package/dist/esm/upload/memory.d.ts +17 -0
package/dist/esm/upload/memory.js +86 -0
package/dist/esm/upload/tus-module.d.ts +38 -0
package/dist/esm/upload/tus-module.js +266 -0
package/dist/esm/upload/types.d.ts +28 -0
package/dist/esm/upload/types.js +1 -0
package/dist/esm/user/base.d.ts +36 -0
package/dist/esm/user/base.js +46 -0
package/dist/esm/user/memory.d.ts +37 -0
package/dist/esm/user/memory.js +190 -0
package/dist/esm/user/sequelize.d.ts +46 -0
package/dist/esm/user/sequelize.js +188 -0
package/dist/esm/user/types.d.ts +11 -0
package/dist/esm/user/types.js +1 -0
package/docs/swagger/openapi.json +2162 -0
package/package.json +131 -0

package/dist/cjs/token/sequelize.cjs ADDED Viewed

@@ -0,0 +1,400 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SequelizeTokenStore = void 0;
+const sequelize_1 = require("sequelize");
+const user_id_js_1 = require("../auth-api/user-id.cjs");
+const sequelize_utils_js_1 = require("../sequelize-utils.cjs");
+const base_js_1 = require("./base.cjs");
+class TokenModel extends sequelize_1.Model {
+}
+function initTokenModel(sequelize, options = {}) {
+    const tableName = (0, sequelize_utils_js_1.applyTablePrefix)(options.tablePrefix, 'jwttokens');
+    const usePrefixedIndexNames = tableName !== 'jwttokens';
+    const accessIndexName = usePrefixedIndexNames ? `${tableName}_access_unique` : 'jwt_access_unique';
+    const refreshIndexName = usePrefixedIndexNames ? `${tableName}_refresh_unique` : 'jwt_refresh_unique';
+    TokenModel.init({
+        token_id: {
+            type: (0, sequelize_utils_js_1.integerIdType)(sequelize),
+            autoIncrement: true,
+            allowNull: false,
+            primaryKey: true
+        },
+        user_id: {
+            type: sequelize_1.DataTypes.STRING(191),
+            allowNull: false
+        },
+        real_user_id: {
+            type: sequelize_1.DataTypes.STRING(191),
+            allowNull: true,
+            defaultValue: null
+        },
+        expires: {
+            type: sequelize_1.DataTypes.DATE,
+            allowNull: false
+        },
+        issued_at: {
+            type: sequelize_1.DataTypes.DATE,
+            allowNull: false,
+            defaultValue: sequelize_1.DataTypes.NOW
+        },
+        last_seen_at: {
+            type: sequelize_1.DataTypes.DATE,
+            allowNull: false,
+            defaultValue: sequelize_1.DataTypes.NOW
+        },
+        access: {
+            type: sequelize_1.DataTypes.STRING(768),
+            allowNull: false
+        },
+        refresh: {
+            type: sequelize_1.DataTypes.STRING(768),
+            allowNull: false
+        },
+        domain: {
+            type: sequelize_1.DataTypes.STRING(64),
+            allowNull: false,
+            defaultValue: ''
+        },
+        fingerprint: {
+            type: sequelize_1.DataTypes.STRING(64),
+            allowNull: false,
+            defaultValue: ''
+        },
+        label: {
+            type: sequelize_1.DataTypes.STRING(128),
+            allowNull: false,
+            defaultValue: ''
+        },
+        browser: {
+            type: sequelize_1.DataTypes.STRING(64),
+            allowNull: false,
+            defaultValue: ''
+        },
+        device: {
+            type: sequelize_1.DataTypes.STRING(64),
+            allowNull: false,
+            defaultValue: ''
+        },
+        ip: {
+            type: sequelize_1.DataTypes.STRING(45),
+            allowNull: false,
+            defaultValue: ''
+        },
+        os: {
+            type: sequelize_1.DataTypes.STRING(64),
+            allowNull: false,
+            defaultValue: ''
+        },
+        login_type: {
+            type: sequelize_1.DataTypes.STRING(64),
+            allowNull: false,
+            defaultValue: ''
+        },
+        refresh_ttl_seconds: {
+            type: sequelize_1.DataTypes.INTEGER,
+            allowNull: true,
+            defaultValue: null
+        },
+        session_cookie: {
+            type: sequelize_1.DataTypes.BOOLEAN,
+            allowNull: false,
+            defaultValue: false
+        },
+        client_id: {
+            type: sequelize_1.DataTypes.STRING(128),
+            allowNull: true,
+            defaultValue: null
+        },
+        scope: {
+            type: sequelize_1.DataTypes.TEXT,
+            allowNull: false,
+            defaultValue: '[]'
+        }
+    }, {
+        ...(0, sequelize_utils_js_1.tableOptions)(sequelize, 'jwttokens', options.tablePrefix, { timestamps: false }),
+        indexes: [
+            { name: accessIndexName, unique: true, fields: ['access'] },
+            { name: refreshIndexName, unique: true, fields: ['refresh'] }
+        ]
+    });
+    return TokenModel;
+}
+class SequelizeTokenStore extends base_js_1.TokenStore {
+    constructor(options) {
+        super();
+        if (!options?.sequelize) {
+            throw new Error('SequelizeTokenStore requires an initialised Sequelize instance');
+        }
+        this.Tokens =
+            options.tokenModel ??
+                (options.tokenModelFactory ?? initTokenModel)(options.sequelize, {
+                    tablePrefix: options.tablePrefix
+                });
+    }
+    async save(record) {
+        const normalized = this.normalizeToken(record);
+        const resolvedUserId = this.normalizeUserId(normalized.userId);
+        const resolvedRealUserId = this.resolveRealUserId(normalized.ruid);
+        const domain = normalized.domain;
+        const fingerprint = normalized.fingerprint;
+        const browser = normalized.browser;
+        const device = normalized.device;
+        const ip = normalized.ip;
+        const os = normalized.os;
+        const label = normalized.label;
+        const loginType = normalized.loginType ?? '';
+        const refreshTtlSeconds = typeof normalized.refreshTtlSeconds === 'number' && normalized.refreshTtlSeconds > 0
+            ? Math.floor(normalized.refreshTtlSeconds)
+            : null;
+        const issuedAt = normalized.issuedAt ?? new Date();
+        const lastSeenAt = normalized.lastSeenAt ?? issuedAt;
+        const sessionCookie = normalized.sessionCookie ?? false;
+        const removalWhere = { user_id: resolvedUserId };
+        if (record.domain !== undefined) {
+            removalWhere.domain = domain;
+        }
+        if (record.fingerprint !== undefined) {
+            removalWhere.fingerprint = fingerprint;
+        }
+        if (normalized.clientId) {
+            removalWhere.client_id = normalized.clientId;
+        }
+        const sequelize = this.Tokens.sequelize;
+        if (!sequelize) {
+            throw new Error('Token model is not bound to a Sequelize instance');
+        }
+        await sequelize.transaction(async (transaction) => {
+            await this.Tokens.destroy({ where: removalWhere, transaction });
+            // Access/refresh columns are unique. Remove stale collisions before insert to avoid
+            // transient uniqueness failures during retries/rotation edge-cases.
+            // Only include non-empty token values to prevent matching unrelated rows.
+            const collisionConditions = [];
+            if (normalized.accessToken) {
+                collisionConditions.push({ access: normalized.accessToken });
+            }
+            if (normalized.refreshToken) {
+                collisionConditions.push({ refresh: normalized.refreshToken });
+            }
+            if (collisionConditions.length > 0) {
+                await this.Tokens.destroy({
+                    where: { [sequelize_1.Op.or]: collisionConditions },
+                    transaction
+                });
+            }
+            await this.Tokens.create({
+                user_id: resolvedUserId,
+                real_user_id: resolvedRealUserId,
+                access: normalized.accessToken ?? '',
+                refresh: normalized.refreshToken,
+                expires: normalized.expires,
+                issued_at: issuedAt,
+                last_seen_at: lastSeenAt,
+                domain,
+                fingerprint,
+                label,
+                browser,
+                device,
+                ip,
+                os,
+                client_id: normalized.clientId ?? null,
+                scope: this.encodeScope(normalized.scope),
+                login_type: loginType,
+                refresh_ttl_seconds: refreshTtlSeconds,
+                session_cookie: sessionCookie
+            }, { transaction });
+        });
+    }
+    async get(query, opts) {
+        if (!query.refreshToken && !query.accessToken && query.userId === undefined) {
+            throw new Error('At least one token lookup field must be provided');
+        }
+        const where = {};
+        if (query.refreshToken) {
+            where.refresh = query.refreshToken;
+        }
+        if (query.accessToken) {
+            where.access = query.accessToken;
+        }
+        if (query.userId !== undefined) {
+            where.user_id = this.normalizeUserId(query.userId);
+        }
+        if (query.clientId) {
+            where.client_id = query.clientId;
+        }
+        if (query.domain !== undefined && query.domain !== null) {
+            where.domain = query.domain;
+        }
+        if (query.fingerprint !== undefined && query.fingerprint !== null) {
+            where.fingerprint = query.fingerprint;
+        }
+        if (query.label) {
+            where.label = query.label;
+        }
+        if (!(opts?.includeExpired ?? false)) {
+            where.expires = { [sequelize_1.Op.gt]: new Date() };
+        }
+        const model = await this.Tokens.findOne({ where });
+        return model ? this.toTokenRecord(model) : null;
+    }
+    async delete(query) {
+        if (!query.refreshToken && !query.accessToken && query.userId === undefined && !query.clientId) {
+            return 0;
+        }
+        const where = {};
+        if (query.refreshToken) {
+            where.refresh = query.refreshToken;
+        }
+        if (query.accessToken) {
+            where.access = query.accessToken;
+        }
+        if (query.userId !== undefined) {
+            where.user_id = this.normalizeUserId(query.userId);
+        }
+        if (query.clientId) {
+            where.client_id = query.clientId;
+        }
+        if (query.domain !== undefined && query.domain !== null) {
+            where.domain = query.domain;
+        }
+        if (query.fingerprint !== undefined && query.fingerprint !== null) {
+            where.fingerprint = query.fingerprint;
+        }
+        if (query.label) {
+            where.label = query.label;
+        }
+        return this.Tokens.destroy({ where });
+    }
+    async update(params) {
+        const where = { refresh: params.refreshToken };
+        if (params.clientId) {
+            where.client_id = params.clientId;
+        }
+        const updates = {};
+        if (params.accessToken !== undefined && params.accessToken !== null) {
+            updates.access = params.accessToken;
+        }
+        if (params.expires !== undefined && params.expires !== null) {
+            updates.expires = params.expires;
+        }
+        if (params.scope !== undefined) {
+            updates.scope = this.encodeScope(params.scope);
+        }
+        if (params.label !== undefined) {
+            updates.label = params.label ?? '';
+        }
+        if (params.domain !== undefined) {
+            updates.domain = params.domain ?? '';
+        }
+        if (params.fingerprint !== undefined) {
+            updates.fingerprint = params.fingerprint ?? '';
+        }
+        if (params.browser !== undefined) {
+            updates.browser = params.browser ?? '';
+        }
+        if (params.device !== undefined) {
+            updates.device = params.device ?? '';
+        }
+        if (params.ip !== undefined) {
+            updates.ip = params.ip ?? '';
+        }
+        if (params.os !== undefined) {
+            updates.os = params.os ?? '';
+        }
+        if (params.refreshTtlSeconds !== undefined) {
+            updates.refresh_ttl_seconds =
+                typeof params.refreshTtlSeconds === 'number' && params.refreshTtlSeconds > 0
+                    ? Math.floor(params.refreshTtlSeconds)
+                    : null;
+        }
+        if (params.loginType !== undefined) {
+            updates.login_type = params.loginType ?? '';
+        }
+        if (params.sessionCookie !== undefined) {
+            updates.session_cookie = params.sessionCookie;
+        }
+        if (params.issuedAt !== undefined && params.issuedAt !== null) {
+            updates.issued_at = params.issuedAt;
+        }
+        if (params.lastSeenAt !== undefined && params.lastSeenAt !== null) {
+            updates.last_seen_at = params.lastSeenAt;
+        }
+        if (Object.keys(updates).length === 0) {
+            return false;
+        }
+        const sequelize = this.Tokens.sequelize;
+        if (!sequelize) {
+            throw new Error('Token model is not bound to a Sequelize instance');
+        }
+        return sequelize.transaction(async (transaction) => {
+            const [updated] = await this.Tokens.update(updates, { where, transaction });
+            return updated > 0;
+        });
+    }
+    async list(userId, opts = {}) {
+        const where = { user_id: this.normalizeUserId(userId) };
+        if (!(opts.includeExpired ?? false)) {
+            where.expires = { [sequelize_1.Op.gt]: new Date() };
+        }
+        const models = await this.Tokens.findAll({
+            where,
+            order: [['issued_at', 'DESC']],
+            limit: opts.limit,
+            offset: opts.offset
+        });
+        return models.map((model) => this.toTokenRecord(model));
+    }
+    async close() {
+        return;
+    }
+    normalizeUserId(identifier) {
+        return (0, user_id_js_1.normalizeStringUserId)(identifier);
+    }
+    resolveRealUserId(ruid) {
+        if (ruid === undefined || ruid === null) {
+            return null;
+        }
+        const value = String(ruid);
+        if (value.length === 0 || value === '0') {
+            return null;
+        }
+        return value;
+    }
+    encodeScope(scope) {
+        if (!scope || (Array.isArray(scope) && scope.length === 0)) {
+            return '[]';
+        }
+        if (Array.isArray(scope)) {
+            return (0, sequelize_utils_js_1.encodeStringArray)(scope);
+        }
+        return (0, sequelize_utils_js_1.encodeStringArray)(scope.split(/\s+/).filter((entry) => entry.length > 0));
+    }
+    toTokenRecord(model) {
+        const scope = (0, sequelize_utils_js_1.decodeStringArray)(model.scope);
+        const normalized = this.normalizeToken({
+            userId: model.user_id,
+            refreshToken: model.refresh,
+            accessToken: model.access,
+            expires: model.expires,
+            issuedAt: model.issued_at,
+            lastSeenAt: model.last_seen_at,
+            domain: model.domain,
+            fingerprint: model.fingerprint,
+            label: model.label,
+            browser: model.browser,
+            device: model.device,
+            ip: model.ip,
+            os: model.os,
+            clientId: model.client_id ?? undefined,
+            scope,
+            loginType: model.login_type || undefined,
+            refreshTtlSeconds: model.refresh_ttl_seconds ?? undefined,
+            ruid: model.real_user_id ?? undefined,
+            sessionCookie: model.session_cookie
+        });
+        return {
+            ...normalized,
+            scope: normalized.scope ? [...normalized.scope] : undefined
+        };
+    }
+}
+exports.SequelizeTokenStore = SequelizeTokenStore;

package/dist/cjs/token/sequelize.d.ts ADDED Viewed

@@ -0,0 +1,58 @@
+import { CreationOptional, Model, type InferAttributes, type InferCreationAttributes, type ModelStatic, type Sequelize } from 'sequelize';
+import { TokenStore } from './base.js';
+import type { Token } from './types.js';
+declare class TokenModel extends Model<InferAttributes<TokenModel>, InferCreationAttributes<TokenModel>> implements InferAttributes<TokenModel> {
+    token_id: CreationOptional<number>;
+    user_id: string;
+    real_user_id: CreationOptional<string | null>;
+    expires: Date;
+    issued_at: CreationOptional<Date>;
+    last_seen_at: CreationOptional<Date>;
+    access: string;
+    refresh: string;
+    domain: CreationOptional<string>;
+    fingerprint: CreationOptional<string>;
+    label: CreationOptional<string>;
+    browser: CreationOptional<string>;
+    device: CreationOptional<string>;
+    ip: CreationOptional<string>;
+    os: CreationOptional<string>;
+    client_id: CreationOptional<string | null>;
+    scope: CreationOptional<string>;
+    login_type: CreationOptional<string>;
+    refresh_ttl_seconds: CreationOptional<number | null>;
+    session_cookie: CreationOptional<boolean>;
+}
+export type TokenAttributes = InferAttributes<TokenModel>;
+export type TokenCreationAttributes = InferCreationAttributes<TokenModel>;
+export interface SequelizeTokenStoreOptions {
+    sequelize: Sequelize;
+    tablePrefix?: string;
+    tokenModel?: ModelStatic<TokenModel>;
+    tokenModelFactory?: (sequelize: Sequelize, options?: {
+        tablePrefix?: string;
+    }) => ModelStatic<TokenModel>;
+}
+export declare class SequelizeTokenStore extends TokenStore {
+    readonly Tokens: ModelStatic<TokenModel>;
+    constructor(options: SequelizeTokenStoreOptions);
+    save(record: Token): Promise<void>;
+    get(query: Partial<Token>, opts?: {
+        includeExpired?: boolean;
+    }): Promise<Token | null>;
+    delete(query: Partial<Token>): Promise<number>;
+    update(params: Partial<Token> & {
+        refreshToken: string;
+    }): Promise<boolean>;
+    list(userId: string | number, opts?: {
+        limit?: number;
+        offset?: number;
+        includeExpired?: boolean;
+    }): Promise<Token[]>;
+    close(): Promise<void>;
+    private normalizeUserId;
+    private resolveRealUserId;
+    private encodeScope;
+    private toTokenRecord;
+}
+export {};

package/dist/cjs/token/types.cjs ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ Object.defineProperty(exports, "__esModule", { value: true });

package/dist/cjs/token/types.d.ts ADDED Viewed

@@ -0,0 +1,34 @@
+export type TokenStatus = 'active' | 'expired' | 'revoked';
+export interface Token {
+    accessToken: string;
+    refreshToken: string;
+    userId: string;
+    expires?: Date;
+    issuedAt?: Date;
+    lastSeenAt?: Date;
+    status?: TokenStatus;
+    ruid?: string;
+    clientId?: string;
+    /**
+     * Optional session partition key. Token stores may use `domain` and `fingerprint`
+     * to replace previous sessions that match the same bucket.
+     */
+    domain?: string;
+    /**
+     * Optional device/session fingerprint used together with `domain` for session bucketing.
+     */
+    fingerprint?: string;
+    label?: string;
+    browser?: string;
+    device?: string;
+    ip?: string;
+    os?: string;
+    scope?: string[];
+    loginType?: string;
+    refreshTtlSeconds?: number;
+    sessionCookie?: boolean;
+}
+export interface TokenPair {
+    accessToken: string;
+    refreshToken: string;
+}

package/dist/cjs/upload/memory.cjs ADDED Viewed

@@ -0,0 +1,92 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MemoryTusUploadStore = exports.TusUploadExceedsLengthError = exports.TusUploadOffsetError = void 0;
+const node_crypto_1 = require("node:crypto");
+function cloneRecord(record) {
+    return {
+        ...record,
+        metadata: { ...record.metadata },
+        createdAt: new Date(record.createdAt),
+        updatedAt: new Date(record.updatedAt),
+        ...(record.completedAt ? { completedAt: new Date(record.completedAt) } : {})
+    };
+}
+class TusUploadOffsetError extends Error {
+    constructor(currentOffset) {
+        super('Upload offset does not match current offset');
+        this.currentOffset = currentOffset;
+    }
+}
+exports.TusUploadOffsetError = TusUploadOffsetError;
+class TusUploadExceedsLengthError extends Error {
+    constructor() {
+        super('Upload exceeds declared length');
+    }
+}
+exports.TusUploadExceedsLengthError = TusUploadExceedsLengthError;
+class MemoryTusUploadStore {
+    constructor() {
+        this.uploads = new Map();
+        this.chunks = new Map();
+    }
+    async createUpload(input) {
+        const id = input.id?.trim() || (0, node_crypto_1.randomUUID)();
+        if (this.uploads.has(id)) {
+            throw new Error(`Upload ${id} already exists`);
+        }
+        const now = new Date();
+        const record = {
+            id,
+            length: Math.max(0, Math.floor(input.length)),
+            offset: 0,
+            metadata: { ...input.metadata },
+            ...(input.userId ? { userId: input.userId } : {}),
+            createdAt: now,
+            updatedAt: now
+        };
+        this.uploads.set(id, record);
+        this.chunks.set(id, []);
+        return cloneRecord(record);
+    }
+    async getUpload(uploadId) {
+        const found = this.uploads.get(uploadId);
+        return found ? cloneRecord(found) : null;
+    }
+    async appendUpload(input) {
+        const current = this.uploads.get(input.uploadId);
+        if (!current) {
+            throw new Error('Upload not found');
+        }
+        if (input.offset !== current.offset) {
+            throw new TusUploadOffsetError(current.offset);
+        }
+        const nextOffset = current.offset + input.chunk.length;
+        if (nextOffset > current.length) {
+            throw new TusUploadExceedsLengthError();
+        }
+        const now = new Date();
+        const updated = {
+            ...current,
+            offset: nextOffset,
+            updatedAt: now,
+            ...(nextOffset === current.length ? { completedAt: now } : {})
+        };
+        this.uploads.set(input.uploadId, updated);
+        if (input.chunk.length > 0) {
+            this.chunks.get(input.uploadId)?.push(Buffer.from(input.chunk));
+        }
+        return cloneRecord(updated);
+    }
+    async deleteUpload(uploadId) {
+        this.chunks.delete(uploadId);
+        return this.uploads.delete(uploadId);
+    }
+    readUpload(uploadId) {
+        const chunks = this.chunks.get(uploadId);
+        if (!chunks) {
+            return null;
+        }
+        return Buffer.concat(chunks);
+    }
+}
+exports.MemoryTusUploadStore = MemoryTusUploadStore;

package/dist/cjs/upload/memory.d.ts ADDED Viewed

@@ -0,0 +1,17 @@
+import type { TusAppendInput, TusCreateUploadInput, TusUploadRecord, TusUploadStore } from './types.js';
+export declare class TusUploadOffsetError extends Error {
+    readonly currentOffset: number;
+    constructor(currentOffset: number);
+}
+export declare class TusUploadExceedsLengthError extends Error {
+    constructor();
+}
+export declare class MemoryTusUploadStore implements TusUploadStore {
+    private readonly uploads;
+    private readonly chunks;
+    createUpload(input: TusCreateUploadInput): Promise<TusUploadRecord>;
+    getUpload(uploadId: string): Promise<TusUploadRecord | null>;
+    appendUpload(input: TusAppendInput): Promise<TusUploadRecord>;
+    deleteUpload(uploadId: string): Promise<boolean>;
+    readUpload(uploadId: string): Buffer | null;
+}