@tenantscale/sdk 0.1.0 → 0.3.0

package/dist/index.d.ts

@@ -1,3 +1,4 @@
-export { type Tenant, type TenantUser, type TenantScaleOptions, type TenantResolver, type AuditEvent, type FeatureCheck, type ImpersonationSession, type PlanTier, type TenantSettings, TenantScaleError, PlanLimitError, UnauthorizedError, } from './types.js';
+export { type Tenant, type TenantUser, type TenantScaleOptions, type TenantScaleContext, type TenantResolver, type AuditEvent, type FeatureCheck, type ImpersonationSession, type PlanTier, type TenantSettings, type UserTenantContext, TenantScaleError, PlanLimitError, UnauthorizedError, } from './types.js';
+export { TenantScale } from './tenant-scale.js';
 export { TenantClient } from './tenant.js';
 //# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAIA,OAAO,EACL,KAAK,MAAM,EACX,KAAK,UAAU,EACf,KAAK,kBAAkB,EACvB,KAAK,cAAc,EACnB,KAAK,UAAU,EACf,KAAK,YAAY,EACjB,KAAK,oBAAoB,EACzB,KAAK,QAAQ,EACb,KAAK,cAAc,EACnB,gBAAgB,EAChB,cAAc,EACd,iBAAiB,GAClB,MAAM,YAAY,CAAA;AAEnB,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAIA,OAAO,EACL,KAAK,MAAM,EACX,KAAK,UAAU,EACf,KAAK,kBAAkB,EACvB,KAAK,kBAAkB,EACvB,KAAK,cAAc,EACnB,KAAK,UAAU,EACf,KAAK,YAAY,EACjB,KAAK,oBAAoB,EACzB,KAAK,QAAQ,EACb,KAAK,cAAc,EACnB,KAAK,iBAAiB,EACtB,gBAAgB,EAChB,cAAc,EACd,iBAAiB,GAClB,MAAM,YAAY,CAAA;AAEnB,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAA"}

package/dist/index.js

@@ -2,5 +2,6 @@
 // @tenantscale/sdk — Barrel exports
 // ──────────────────────────────────────────────────────
 export { TenantScaleError, PlanLimitError, UnauthorizedError, } from './types.js';
+export { TenantScale } from './tenant-scale.js';
 export { TenantClient } from './tenant.js';
 //# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,yDAAyD;AACzD,oCAAoC;AACpC,yDAAyD;AAEzD,OAAO,EAUL,gBAAgB,EAChB,cAAc,EACd,iBAAiB,GAClB,MAAM,YAAY,CAAA;AAEnB,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAA"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,yDAAyD;AACzD,oCAAoC;AACpC,yDAAyD;AAEzD,OAAO,EAYL,gBAAgB,EAChB,cAAc,EACd,iBAAiB,GAClB,MAAM,YAAY,CAAA;AAEnB,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAA"}

package/dist/middleware/index.d.ts

@@ -0,0 +1,6 @@
+export { tenantMiddleware, TenantClient } from './hono.js';
+export { expressMiddleware } from './express.js';
+export { createTenantSafeClient } from './query-guard.js';
+export { createUserTenantMiddleware, requireUserRole } from './user-auth.js';
+export type { UserTenantMiddlewareOptions } from './user-auth.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/middleware/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/middleware/index.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,gBAAgB,EAAE,YAAY,EAAE,MAAM,WAAW,CAAA;AAC1D,OAAO,EAAE,iBAAiB,EAAE,MAAM,cAAc,CAAA;AAChD,OAAO,EAAE,sBAAsB,EAAE,MAAM,kBAAkB,CAAA;AACzD,OAAO,EAAE,0BAA0B,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAA;AAC5E,YAAY,EAAE,2BAA2B,EAAE,MAAM,gBAAgB,CAAA"}

package/dist/middleware/index.js

@@ -0,0 +1,8 @@
+// ──────────────────────────────────────────────────────
+// Middleware barrel — import via '@tenantscale/sdk/middleware'
+// ──────────────────────────────────────────────────────
+export { tenantMiddleware, TenantClient } from './hono.js';
+export { expressMiddleware } from './express.js';
+export { createTenantSafeClient } from './query-guard.js';
+export { createUserTenantMiddleware, requireUserRole } from './user-auth.js';
+//# sourceMappingURL=index.js.map

package/dist/middleware/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/middleware/index.ts"],"names":[],"mappings":"AAAA,yDAAyD;AACzD,+DAA+D;AAC/D,yDAAyD;AAEzD,OAAO,EAAE,gBAAgB,EAAE,YAAY,EAAE,MAAM,WAAW,CAAA;AAC1D,OAAO,EAAE,iBAAiB,EAAE,MAAM,cAAc,CAAA;AAChD,OAAO,EAAE,sBAAsB,EAAE,MAAM,kBAAkB,CAAA;AACzD,OAAO,EAAE,0BAA0B,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAA"}

package/dist/middleware/query-guard.d.ts

@@ -0,0 +1,31 @@
+export type GuardMode = 'strict' | 'warn';
+export interface GuardOptions {
+    /** The tenant ID to enforce on all queries */
+    tenantId: string;
+    /**
+     * strict   — throw an error (default, prevents data leaks)
+     * warn     — log a warning and proceed (use during migration)
+     */
+    mode?: GuardMode;
+}
+/**
+ * Wrap a Supabase client so every query on every table must include
+ * `.eq('tenant_id', <tenantId>)` or explicitly call `.bypassIsolation()`.
+ *
+ * @example
+ * ```ts
+ * const supabase = createClient(url, key)
+ * const db = createTenantSafeClient(supabase, { tenantId: 'tenant-123' })
+ *
+ * // ✅ Works:
+ * await db.from('projects').select('*').eq('tenant_id', 'tenant-123')
+ *
+ * // ❌ Throws:
+ * await db.from('projects').select('*')
+ *
+ * // ✅ Admin bypass:
+ * await db.from('plans').select('*').bypassIsolation()
+ * ```
+ */
+export declare function createTenantSafeClient(supabase: any, options: GuardOptions): any;
+//# sourceMappingURL=query-guard.d.ts.map

package/dist/middleware/query-guard.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"query-guard.d.ts","sourceRoot":"","sources":["../../src/middleware/query-guard.ts"],"names":[],"mappings":"AAOA,MAAM,MAAM,SAAS,GAAG,QAAQ,GAAG,MAAM,CAAA;AAEzC,MAAM,WAAW,YAAY;IAC3B,8CAA8C;IAC9C,QAAQ,EAAE,MAAM,CAAA;IAChB;;;OAGG;IACH,IAAI,CAAC,EAAE,SAAS,CAAA;CACjB;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,sBAAsB,CACpC,QAAQ,EAAE,GAAG,EACb,OAAO,EAAE,YAAY,GACpB,GAAG,CAiBL"}

package/dist/middleware/query-guard.js

@@ -0,0 +1,137 @@
+// ──────────────────────────────────────────────────────
+// Query Guard — runtime tenant isolation enforcement
+// Wraps a Supabase client and rejects queries that don't
+// filter by tenant_id. Catches the #1 multi-tenant bug
+// at dev time instead of during a security audit.
+// ──────────────────────────────────────────────────────
+/**
+ * Wrap a Supabase client so every query on every table must include
+ * `.eq('tenant_id', <tenantId>)` or explicitly call `.bypassIsolation()`.
+ *
+ * @example
+ * ```ts
+ * const supabase = createClient(url, key)
+ * const db = createTenantSafeClient(supabase, { tenantId: 'tenant-123' })
+ *
+ * // ✅ Works:
+ * await db.from('projects').select('*').eq('tenant_id', 'tenant-123')
+ *
+ * // ❌ Throws:
+ * await db.from('projects').select('*')
+ *
+ * // ✅ Admin bypass:
+ * await db.from('plans').select('*').bypassIsolation()
+ * ```
+ */
+export function createTenantSafeClient(supabase, options) {
+    const { tenantId, mode = 'strict' } = options;
+    const strict = mode === 'strict';
+    return new Proxy(supabase, {
+        get(target, prop, receiver) {
+            if (prop === 'from') {
+                return (table) => {
+                    const rawQb = target.from(table);
+                    return wrapBuilder(rawQb, tenantId, strict, table);
+                };
+            }
+            const value = Reflect.get(target, prop, receiver);
+            if (typeof value === 'function')
+                return value.bind(target);
+            return value;
+        },
+    });
+}
+// ── Methods that return a new query builder (must wrap results) ──
+const CHAIN_METHODS = new Set([
+    'select', 'insert', 'update', 'delete', 'upsert',
+    'eq', 'neq', 'gt', 'gte', 'lt', 'lte',
+    'like', 'ilike', 'is', 'isNot', 'in', 'not',
+    'or', 'and', 'filter', 'match',
+    'contains', 'containedBy', 'overlaps',
+    'textSearch', 'csv',
+    'order', 'limit', 'range',
+]);
+function wrapBuilder(rootQb, tenantId, strict, table) {
+    let hasTenantFilter = false;
+    let bypassed = false;
+    function guardCheck() {
+        if (bypassed)
+            return;
+        if (hasTenantFilter)
+            return;
+        const msg = `[TenantScale] Query on "${table}" is missing a tenant_id filter. ` +
+            `Add .eq('tenant_id', '${tenantId}') to scope this query to the current tenant, ` +
+            `or use .bypassIsolation() for admin-only cross-tenant queries.`;
+        if (strict)
+            throw new TypeError(msg);
+        console.warn(msg);
+    }
+    // Build the proxy once, then reuse it for wrapped results.
+    // Chain methods return a new proxy on the same state.
+    function makeProxy(target) {
+        return new Proxy(target, proxyHandler);
+    }
+    // `.single()` and `.maybeSingle()` modify internal state and return `this`.
+    // We intercept them to return our proxy-wrapped `this`.
+    const TERMINAL_THIS = new Set(['single', 'maybeSingle']);
+    const proxyHandler = {
+        get(target, prop) {
+            // ── Track tenant_id filter ──
+            if (prop === 'eq') {
+                return (column, value) => {
+                    if (column === 'tenant_id')
+                        hasTenantFilter = true;
+                    const nextQb = target.eq(column, value);
+                    return makeProxy(nextQb);
+                };
+            }
+            // ── Bypass for admin routes ──
+            if (prop === 'bypassIsolation') {
+                return () => {
+                    bypassed = true;
+                    // Return a transparent pass-through proxy
+                    return new Proxy(target, {
+                        get(t, p) {
+                            if (p === 'bypassIsolation')
+                                return () => t;
+                            const v = Reflect.get(t, p);
+                            if (typeof v === 'function')
+                                return v.bind(t);
+                            return v;
+                        },
+                    });
+                };
+            }
+            // ── Intercept .then() — the HTTP request ──
+            if (prop === 'then') {
+                return (resolve, reject) => {
+                    guardCheck();
+                    return target.then(resolve, reject);
+                };
+            }
+            // ── Chain methods — wrap their return values ──
+            if (typeof prop === 'string' && CHAIN_METHODS.has(prop)) {
+                return (...args) => {
+                    const nextQb = target[prop](...args);
+                    return makeProxy(nextQb);
+                };
+            }
+            // ── Terminal-this methods (.single(), .maybeSingle()) ──
+            if (typeof prop === 'string' && TERMINAL_THIS.has(prop)) {
+                return (...args) => {
+                    const result = target[prop](...args);
+                    // single() returns `this` (the PostgrestFilterBuilder)
+                    // Wrap it so further chaining still works
+                    return makeProxy(result);
+                };
+            }
+            // ── Everything else passes through ──
+            const value = Reflect.get(target, prop, target);
+            if (typeof value === 'function')
+                return value.bind(target);
+            return value;
+        },
+    };
+    return makeProxy(rootQb);
+}
+//# sourceMappingURL=query-guard.js.map

package/dist/middleware/query-guard.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"query-guard.js","sourceRoot":"","sources":["../../src/middleware/query-guard.ts"],"names":[],"mappings":"AAAA,yDAAyD;AACzD,qDAAqD;AACrD,yDAAyD;AACzD,uDAAuD;AACvD,kDAAkD;AAClD,yDAAyD;AAczD;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,UAAU,sBAAsB,CACpC,QAAa,EACb,OAAqB;IAErB,MAAM,EAAE,QAAQ,EAAE,IAAI,GAAG,QAAQ,EAAE,GAAG,OAAO,CAAA;IAC7C,MAAM,MAAM,GAAG,IAAI,KAAK,QAAQ,CAAA;IAEhC,OAAO,IAAI,KAAK,CAAC,QAAQ,EAAE;QACzB,GAAG,CAAC,MAAM,EAAE,IAAqB,EAAE,QAAQ;YACzC,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;gBACpB,OAAO,CAAC,KAAa,EAAE,EAAE;oBACvB,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;oBAChC,OAAO,WAAW,CAAC,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,CAAC,CAAA;gBACpD,CAAC,CAAA;YACH,CAAC;YACD,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAA;YACjD,IAAI,OAAO,KAAK,KAAK,UAAU;gBAAE,OAAO,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;YAC1D,OAAO,KAAK,CAAA;QACd,CAAC;KACF,CAAC,CAAA;AACJ,CAAC;AAED,oEAAoE;AAEpE,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC;IAC5B,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ;IAChD,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK;IACrC,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK;IAC3C,IAAI,EAAE,KAAK,EAAE,QAAQ,EAAE,OAAO;IAC9B,UAAU,EAAE,aAAa,EAAE,UAAU;IACrC,YAAY,EAAE,KAAK;IACnB,OAAO,EAAE,OAAO,EAAE,OAAO;CAC1B,CAAC,CAAA;AAEF,SAAS,WAAW,CAClB,MAAW,EACX,QAAgB,EAChB,MAAe,EACf,KAAa;IAEb,IAAI,eAAe,GAAG,KAAK,CAAA;IAC3B,IAAI,QAAQ,GAAG,KAAK,CAAA;IAEpB,SAAS,UAAU;QACjB,IAAI,QAAQ;YAAE,OAAM;QACpB,IAAI,eAAe;YAAE,OAAM;QAE3B,MAAM,GAAG,GACP,2BAA2B,KAAK,mCAAmC;YACnE,yBAAyB,QAAQ,gDAAgD;YACjF,gEAAgE,CAAA;QAElE,IAAI,MAAM;YAAE,MAAM,IAAI,SAAS,CAAC,GAAG,CAAC,CAAA;QACpC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;IACnB,CAAC;IAED,2DAA2D;IAC3D,sDAAsD;IACtD,SAAS,SAAS,CAAC,MAAW;QAC5B,OAAO,IAAI,KAAK,CAAC,MAAM,EAAE,YAAY,CAAC,CAAA;IACxC,CAAC;IAED,4EAA4E;IAC5E,wDAAwD;IACxD,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC,CAAA;IAExD,MAAM,YAAY,GAAG;QACnB,GAAG,CAAC,MAAW,EAAE,IAAqB;YACpC,+BAA+B;YAC/B,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;gBAClB,OAAO,CAAC,MAAc,EAAE,KAAc,EAAE,EAAE;oBACxC,IAAI,MAAM,KAAK,WAAW;wBAAE,eAAe,GAAG,IAAI,CAAA;oBAClD,MAAM,MAAM,GAAG,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;oBACvC,OAAO,SAAS,CAAC,MAAM,CAAC,CAAA;gBAC1B,CAAC,CAAA;YACH,CAAC;YAED,gCAAgC;YAChC,IAAI,IAAI,KAAK,iBAAiB,EAAE,CAAC;gBAC/B,OAAO,GAAG,EAAE;oBACV,QAAQ,GAAG,IAAI,CAAA;oBACf,0CAA0C;oBAC1C,OAAO,IAAI,KAAK,CAAC,MAAM,EAAE;wBACvB,GAAG,CAAC,CAAC,EAAE,CAAkB;4BACvB,IAAI,CAAC,KAAK,iBAAiB;gCAAE,OAAO,GAAG,EAAE,CAAC,CAAC,CAAA;4BAC3C,MAAM,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;4BAC3B,IAAI,OAAO,CAAC,KAAK,UAAU;gCAAE,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;4BAC7C,OAAO,CAAC,CAAA;wBACV,CAAC;qBACF,CAAC,CAAA;gBACJ,CAAC,CAAA;YACH,CAAC;YAED,6CAA6C;YAC7C,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;gBACpB,OAAO,CACL,OAA6B,EAC7B,MAA6B,EAC7B,EAAE;oBACF,UAAU,EAAE,CAAA;oBACZ,OAAO,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;gBACrC,CAAC,CAAA;YACH,CAAC;YAED,iDAAiD;YACjD,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;gBACxD,OAAO,CAAC,GAAG,IAAW,EAAE,EAAE;oBACxB,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,CAAA;oBACpC,OAAO,SAAS,CAAC,MAAM,CAAC,CAAA;gBAC1B,CAAC,CAAA;YACH,CAAC;YAED,0DAA0D;YAC1D,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;gBACxD,OAAO,CAAC,GAAG,IAAW,EAAE,EAAE;oBACxB,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,CAAA;oBACpC,uDAAuD;oBACvD,0CAA0C;oBAC1C,OAAO,SAAS,CAAC,MAAM,CAAC,CAAA;gBAC1B,CAAC,CAAA;YACH,CAAC;YAED,uCAAuC;YACvC,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,EAAE,MAAM,CAAC,CAAA;YAC/C,IAAI,OAAO,KAAK,KAAK,UAAU;gBAAE,OAAO,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;YAC1D,OAAO,KAAK,CAAA;QACd,CAAC;KACF,CAAA;IAED,OAAO,SAAS,CAAC,MAAM,CAAC,CAAA;AAC1B,CAAC"}

package/dist/middleware/user-auth.d.ts

@@ -0,0 +1,53 @@
+import { type Context, type MiddlewareHandler } from 'hono';
+import { type Tenant, type TenantScaleOptions, type UserTenantContext } from '../types.js';
+declare module 'hono' {
+    interface ContextVariableMap {
+        userTenant: UserTenantContext;
+        tenant: Tenant;
+    }
+}
+/** Options for the user tenant middleware */
+export interface UserTenantMiddlewareOptions extends TenantScaleOptions {
+    /**
+     * Function that extracts the authenticated user's ID from the request.
+     * Return null/undefined if the user is not authenticated.
+     */
+    getUser: (c: Context) => string | null | undefined | Promise<string | null | undefined>;
+    /**
+     * What to do when no authenticated user is found.
+     * - 'reject': Return 401 Unauthorized (default)
+     * - 'skip': Call next() without setting userTenant — useful when some routes are public
+     */
+    onUnauthenticated?: 'reject' | 'skip';
+    /**
+     * Optional: How to determine which tenant to use when a user belongs to multiple.
+     * - 'first': Use the first tenant (default)
+     * - 'header': Read tenant from a custom header (specify via tenantHeader)
+     * - 'domain': Resolve from the request's host/domain
+     */
+    multiTenantStrategy?: 'first' | 'header' | 'domain';
+    /** Header name to use when multiTenantStrategy is 'header' (default: 'X-Tenant-ID') */
+    tenantHeader?: string;
+    /**
+     * Role values that count as "admin" for the `isAdmin` flag.
+     * Default: ['owner', 'admin']
+     * Set this to match your own role model.
+     */
+    adminRoles?: string[];
+}
+/**
+ * Creates Hono middleware that resolves a user's tenant context
+ * from your existing auth system. BYOA — Bring Your Own Auth.
+ *
+ * The developer provides `getUser(c)` which extracts the user ID
+ * from their auth provider. TenantScale looks up the tenant membership
+ * and attaches the full context to the request.
+ */
+export declare function createUserTenantMiddleware(options: UserTenantMiddlewareOptions): MiddlewareHandler;
+/**
+ * Role guard middleware — restricts routes based on user role.
+ * Must be used after `createUserTenantMiddleware()`.
+ */
+export declare function requireUserRole(...roles: string[]): MiddlewareHandler;
+export { type UserTenantContext };
+//# sourceMappingURL=user-auth.d.ts.map

package/dist/middleware/user-auth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"user-auth.d.ts","sourceRoot":"","sources":["../../src/middleware/user-auth.ts"],"names":[],"mappings":"AAoCA,OAAO,EAAE,KAAK,OAAO,EAAE,KAAK,iBAAiB,EAAE,MAAM,MAAM,CAAA;AAE3D,OAAO,EACL,KAAK,MAAM,EACX,KAAK,kBAAkB,EACvB,KAAK,iBAAiB,EAGvB,MAAM,aAAa,CAAA;AAGpB,OAAO,QAAQ,MAAM,CAAC;IACpB,UAAU,kBAAkB;QAC1B,UAAU,EAAE,iBAAiB,CAAA;QAC7B,MAAM,EAAE,MAAM,CAAA;KACf;CACF;AAED,6CAA6C;AAC7C,MAAM,WAAW,2BAA4B,SAAQ,kBAAkB;IACrE;;;OAGG;IACH,OAAO,EAAE,CAAC,CAAC,EAAE,OAAO,KAAK,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,GAAG,SAAS,CAAC,CAAA;IAEvF;;;;OAIG;IACH,iBAAiB,CAAC,EAAE,QAAQ,GAAG,MAAM,CAAA;IAErC;;;;;OAKG;IACH,mBAAmB,CAAC,EAAE,OAAO,GAAG,QAAQ,GAAG,QAAQ,CAAA;IAEnD,uFAAuF;IACvF,YAAY,CAAC,EAAE,MAAM,CAAA;IAErB;;;;OAIG;IACH,UAAU,CAAC,EAAE,MAAM,EAAE,CAAA;CACtB;AAED;;;;;;;GAOG;AACH,wBAAgB,0BAA0B,CACxC,OAAO,EAAE,2BAA2B,GACnC,iBAAiB,CA0HnB;AAED;;;GAGG;AACH,wBAAgB,eAAe,CAAC,GAAG,KAAK,EAAE,MAAM,EAAE,GAAG,iBAAiB,CAarE;AAED,OAAO,EAAE,KAAK,iBAAiB,EAAE,CAAA"}

package/dist/middleware/user-auth.js

@@ -0,0 +1,154 @@
+// ──────────────────────────────────────────────────────
+// User Auth Middleware — Bring Your Own Auth (BYOA)
+// ──────────────────────────────────────────────────────
+// Developers keep their auth provider (Clerk, Auth0, Supabase Auth,
+// Firebase, raw JWT, session cookies). TenantScale resolves the
+// tenant context from the authenticated user.
+//
+// Usage:
+// ```ts
+// import { Hono } from 'hono'
+// import { createUserTenantMiddleware } from '@tenantscale/sdk/user'
+//
+// const app = new Hono()
+//
+// // Developer's auth middleware (their own provider)
+// app.use('*', async (c, next) => {
+//   const session = await getMyAuthSession(c)  // Clerk, Auth0, etc.
+//   c.set('userId', session?.userId)
+//   await next()
+// })
+//
+// // TenantScale resolves tenant from the user
+// app.use('/api/*', createUserTenantMiddleware({
+//   apiKey: process.env.TENANTSCALE_API_KEY,
+//   baseUrl: 'https://api.tenantscale.com',
+//   getUser: (c) => c.get('userId'),
+//   onUnauthenticated: 'reject',  // or 'skip'
+// }))
+//
+// app.get('/api/projects', (c) => {
+//   const ctx = c.var.userTenant
+//   // ctx.userId, ctx.tenantId, ctx.role, ctx.tenant
+// })
+// ```
+// ──────────────────────────────────────────────────────
+import { TenantClient } from '../tenant.js';
+import { UnauthorizedError, TenantScaleError, } from '../types.js';
+/**
+ * Creates Hono middleware that resolves a user's tenant context
+ * from your existing auth system. BYOA — Bring Your Own Auth.
+ *
+ * The developer provides `getUser(c)` which extracts the user ID
+ * from their auth provider. TenantScale looks up the tenant membership
+ * and attaches the full context to the request.
+ */
+export function createUserTenantMiddleware(options) {
+    const { getUser, onUnauthenticated = 'reject', multiTenantStrategy = 'first', tenantHeader = 'X-Tenant-ID', adminRoles = ['owner', 'admin'], ...tsOptions } = options;
+    const client = new TenantClient(tsOptions);
+    return async (c, next) => {
+        // 1. Get the authenticated user from the developer's auth
+        const userId = await getUser(c);
+        if (!userId) {
+            if (onUnauthenticated === 'skip') {
+                // Let the request pass through — public routes handled downstream
+                await next();
+                return;
+            }
+            return c.json({ error: 'Authentication required' }, 401);
+        }
+        try {
+            // 2. Resolve tenant membership from TenantScale API
+            const baseUrl = tsOptions.baseUrl ?? 'https://api.tenantscale.com';
+            const apiKey = tsOptions.apiKey;
+            // Fetch user's tenant memberships
+            const res = await fetch(`${baseUrl}/v1/users/${userId}/tenants`, {
+                headers: {
+                    Authorization: `Bearer ${apiKey}`,
+                    'Content-Type': 'application/json',
+                },
+            });
+            if (!res.ok) {
+                throw new TenantScaleError(`Failed to resolve user tenants: ${res.statusText}`, 'USER_TENANT_RESOLVE_FAILED', res.status);
+            }
+            const body = await res.json();
+            if (!body.tenants || body.tenants.length === 0) {
+                return c.json({ error: 'User is not associated with any tenant' }, 403);
+            }
+            // 3. Determine which tenant to use
+            let selectedTenant;
+            if (body.tenants.length === 1 || multiTenantStrategy === 'first') {
+                selectedTenant = body.tenants[0];
+            }
+            else if (multiTenantStrategy === 'header') {
+                const requestedTenantId = c.req.header(tenantHeader);
+                const match = body.tenants.find(t => t.tenantId === requestedTenantId || t.tenantSlug === requestedTenantId);
+                if (!match) {
+                    return c.json({
+                        error: `Tenant not found or access denied`,
+                        available_tenants: body.tenants.map(t => ({
+                            id: t.tenantId,
+                            name: t.tenantName,
+                            slug: t.tenantSlug,
+                            role: t.role,
+                        })),
+                    }, 404);
+                }
+                selectedTenant = match;
+            }
+            else {
+                // 'domain' strategy — resolve from host
+                const host = c.req.header('host') ?? '';
+                const match = body.tenants.find(t => t.tenantSlug && host.startsWith(t.tenantSlug));
+                selectedTenant = match ?? body.tenants[0];
+            }
+            // 4. Build the user tenant context
+            const ctx = {
+                userId,
+                tenantId: selectedTenant.tenantId,
+                role: selectedTenant.role,
+                tenant: selectedTenant.tenant,
+                isAdmin: adminRoles.includes(selectedTenant.role),
+                tenants: body.tenants.map(t => ({
+                    tenantId: t.tenantId,
+                    tenantName: t.tenantName,
+                    tenantSlug: t.tenantSlug,
+                    role: t.role,
+                })),
+            };
+            // 5. Attach to Hono context
+            c.set('userTenant', ctx);
+            c.set('tenant', selectedTenant.tenant);
+            await next();
+        }
+        catch (err) {
+            if (err instanceof UnauthorizedError) {
+                return c.json({ error: err.message }, 401);
+            }
+            if (err instanceof TenantScaleError) {
+                return c.json({ error: err.message, code: err.code }, err.status);
+            }
+            console.error('[TenantScale] User auth error:', err);
+            return c.json({ error: 'Failed to resolve user tenant context' }, 500);
+        }
+    };
+}
+/**
+ * Role guard middleware — restricts routes based on user role.
+ * Must be used after `createUserTenantMiddleware()`.
+ */
+export function requireUserRole(...roles) {
+    return async (c, next) => {
+        const ctx = c.get('userTenant');
+        if (!ctx) {
+            return c.json({ error: 'Authentication required' }, 401);
+        }
+        if (!roles.includes(ctx.role)) {
+            return c.json({
+                error: `This endpoint requires one of these roles: ${roles.join(', ')}`,
+            }, 403);
+        }
+        await next();
+    };
+}
+//# sourceMappingURL=user-auth.js.map

package/dist/middleware/user-auth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"user-auth.js","sourceRoot":"","sources":["../../src/middleware/user-auth.ts"],"names":[],"mappings":"AAAA,yDAAyD;AACzD,oDAAoD;AACpD,yDAAyD;AACzD,oEAAoE;AACpE,gEAAgE;AAChE,8CAA8C;AAC9C,EAAE;AACF,SAAS;AACT,QAAQ;AACR,8BAA8B;AAC9B,qEAAqE;AACrE,EAAE;AACF,yBAAyB;AACzB,EAAE;AACF,sDAAsD;AACtD,oCAAoC;AACpC,qEAAqE;AACrE,qCAAqC;AACrC,iBAAiB;AACjB,KAAK;AACL,EAAE;AACF,+CAA+C;AAC/C,iDAAiD;AACjD,6CAA6C;AAC7C,4CAA4C;AAC5C,qCAAqC;AACrC,+CAA+C;AAC/C,MAAM;AACN,EAAE;AACF,oCAAoC;AACpC,iCAAiC;AACjC,sDAAsD;AACtD,KAAK;AACL,MAAM;AACN,yDAAyD;AAGzD,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAA;AAC3C,OAAO,EAIL,iBAAiB,EACjB,gBAAgB,GACjB,MAAM,aAAa,CAAA;AA4CpB;;;;;;;GAOG;AACH,MAAM,UAAU,0BAA0B,CACxC,OAAoC;IAEpC,MAAM,EACJ,OAAO,EACP,iBAAiB,GAAG,QAAQ,EAC5B,mBAAmB,GAAG,OAAO,EAC7B,YAAY,GAAG,aAAa,EAC5B,UAAU,GAAG,CAAC,OAAO,EAAE,OAAO,CAAC,EAC/B,GAAG,SAAS,EACb,GAAG,OAAO,CAAA;IAEX,MAAM,MAAM,GAAG,IAAI,YAAY,CAAC,SAAS,CAAC,CAAA;IAE1C,OAAO,KAAK,EAAE,CAAU,EAAE,IAAI,EAAE,EAAE;QAChC,0DAA0D;QAC1D,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,CAAC,CAAC,CAAA;QAE/B,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,IAAI,iBAAiB,KAAK,MAAM,EAAE,CAAC;gBACjC,kEAAkE;gBAClE,MAAM,IAAI,EAAE,CAAA;gBACZ,OAAM;YACR,CAAC;YACD,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,yBAAyB,EAAE,EAAE,GAAG,CAAC,CAAA;QAC1D,CAAC;QAED,IAAI,CAAC;YACH,oDAAoD;YACpD,MAAM,OAAO,GAAG,SAAS,CAAC,OAAO,IAAI,6BAA6B,CAAA;YAClE,MAAM,MAAM,GAAG,SAAS,CAAC,MAAM,CAAA;YAE/B,kCAAkC;YAClC,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,OAAO,aAAa,MAAM,UAAU,EAAE;gBAC/D,OAAO,EAAE;oBACP,aAAa,EAAE,UAAU,MAAM,EAAE;oBACjC,cAAc,EAAE,kBAAkB;iBACnC;aACF,CAAC,CAAA;YAEF,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACZ,MAAM,IAAI,gBAAgB,CACxB,mCAAmC,GAAG,CAAC,UAAU,EAAE,EACnD,4BAA4B,EAC5B,GAAG,CAAC,MAAM,CACX,CAAA;YACH,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAQ1B,CAAA;YAED,IAAI,CAAC,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC/C,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,wCAAwC,EAAE,EAAE,GAAG,CAAC,CAAA;YACzE,CAAC;YAED,mCAAmC;YACnC,IAAI,cAAsC,CAAA;YAE1C,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,IAAI,mBAAmB,KAAK,OAAO,EAAE,CAAC;gBACjE,cAAc,GAAG,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAA;YAClC,CAAC;iBAAM,IAAI,mBAAmB,KAAK,QAAQ,EAAE,CAAC;gBAC5C,MAAM,iBAAiB,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,CAAA;gBACpD,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAC7B,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,iBAAiB,IAAI,CAAC,CAAC,UAAU,KAAK,iBAAiB,CAC5E,CAAA;gBACD,IAAI,CAAC,KAAK,EAAE,CAAC;oBACX,OAAO,CAAC,CAAC,IAAI,CAAC;wBACZ,KAAK,EAAE,mCAAmC;wBAC1C,iBAAiB,EAAE,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;4BACxC,EAAE,EAAE,CAAC,CAAC,QAAQ;4BACd,IAAI,EAAE,CAAC,CAAC,UAAU;4BAClB,IAAI,EAAE,CAAC,CAAC,UAAU;4BAClB,IAAI,EAAE,CAAC,CAAC,IAAI;yBACb,CAAC,CAAC;qBACJ,EAAE,GAAG,CAAC,CAAA;gBACT,CAAC;gBACD,cAAc,GAAG,KAAK,CAAA;YACxB,CAAC;iBAAM,CAAC;gBACN,wCAAwC;gBACxC,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,CAAA;gBACvC,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAC7B,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU,IAAI,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,UAAU,CAAC,CACnD,CAAA;gBACD,cAAc,GAAG,KAAK,IAAI,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAA;YAC3C,CAAC;YAED,mCAAmC;YACnC,MAAM,GAAG,GAAsB;gBAC7B,MAAM;gBACN,QAAQ,EAAE,cAAc,CAAC,QAAQ;gBACjC,IAAI,EAAE,cAAc,CAAC,IAAI;gBACzB,MAAM,EAAE,cAAc,CAAC,MAAM;gBAC7B,OAAO,EAAE,UAAU,CAAC,QAAQ,CAAC,cAAc,CAAC,IAAI,CAAC;gBACjD,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;oBAC9B,QAAQ,EAAE,CAAC,CAAC,QAAQ;oBACpB,UAAU,EAAE,CAAC,CAAC,UAAU;oBACxB,UAAU,EAAE,CAAC,CAAC,UAAU;oBACxB,IAAI,EAAE,CAAC,CAAC,IAAI;iBACb,CAAC,CAAC;aACJ,CAAA;YAED,4BAA4B;YAC5B,CAAC,CAAC,GAAG,CAAC,YAAY,EAAE,GAAG,CAAC,CAAA;YACxB,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,cAAc,CAAC,MAAM,CAAC,CAAA;YAEtC,MAAM,IAAI,EAAE,CAAA;QACd,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,GAAG,YAAY,iBAAiB,EAAE,CAAC;gBACrC,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,OAAO,EAAE,EAAE,GAAG,CAAC,CAAA;YAC5C,CAAC;YACD,IAAI,GAAG,YAAY,gBAAgB,EAAE,CAAC;gBACpC,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,OAAO,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,GAAG,CAAC,MAAwC,CAAC,CAAA;YACrG,CAAC;YACD,OAAO,CAAC,KAAK,CAAC,gCAAgC,EAAE,GAAG,CAAC,CAAA;YACpD,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,uCAAuC,EAAE,EAAE,GAAG,CAAC,CAAA;QACxE,CAAC;IACH,CAAC,CAAA;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,eAAe,CAAC,GAAG,KAAe;IAChD,OAAO,KAAK,EAAE,CAAU,EAAE,IAAI,EAAE,EAAE;QAChC,MAAM,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,YAAY,CAAC,CAAA;QAC/B,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,yBAAyB,EAAE,EAAE,GAAG,CAAC,CAAA;QAC1D,CAAC;QACD,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YAC9B,OAAO,CAAC,CAAC,IAAI,CAAC;gBACZ,KAAK,EAAE,8CAA8C,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;aACxE,EAAE,GAAG,CAAC,CAAA;QACT,CAAC;QACD,MAAM,IAAI,EAAE,CAAA;IACd,CAAC,CAAA;AACH,CAAC"}

package/dist/react/index.js

@@ -13,7 +13,7 @@ export const TenantContext = createContext({
 });
 export function useTenant() {
     const ctx = useContext(TenantContext);
-    if (!ctx) {
+    if (!ctx.tenant && !ctx.loading) {
         throw new Error('useTenant must be used within a TenantProvider');
     }
     return ctx;

package/dist/react/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/react/index.ts"],"names":[],"mappings":"AAAA,yDAAyD;AACzD,4DAA4D;AAC5D,yDAAyD;AAEzD,YAAY,CAAA;AAEZ,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,OAAO,CAAA;AAejD,MAAM,CAAC,MAAM,aAAa,GAAG,aAAa,CAAqB;IAC7D,MAAM,EAAE,IAAI;IACZ,IAAI,EAAE,IAAI;IACV,OAAO,EAAE,IAAI;IACb,YAAY,EAAE,KAAK,IAAI,EAAE,GAAE,CAAC;IAC5B,UAAU,EAAE,GAAG,EAAE,CAAC,KAAK;IACvB,MAAM,EAAE,KAAK,IAAI,EAAE,GAAE,CAAC;CACvB,CAAC,CAAA;AAEF,MAAM,UAAU,SAAS;IACvB,MAAM,GAAG,GAAG,UAAU,CAAC,aAAa,CAAC,CAAA;IACrC,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAA;IACnE,CAAC;IACD,OAAO,GAAG,CAAA;AACZ,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/react/index.ts"],"names":[],"mappings":"AAAA,yDAAyD;AACzD,4DAA4D;AAC5D,yDAAyD;AAEzD,YAAY,CAAA;AAEZ,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,OAAO,CAAA;AAejD,MAAM,CAAC,MAAM,aAAa,GAAG,aAAa,CAAqB;IAC7D,MAAM,EAAE,IAAI;IACZ,IAAI,EAAE,IAAI;IACV,OAAO,EAAE,IAAI;IACb,YAAY,EAAE,KAAK,IAAI,EAAE,GAAE,CAAC;IAC5B,UAAU,EAAE,GAAG,EAAE,CAAC,KAAK;IACvB,MAAM,EAAE,KAAK,IAAI,EAAE,GAAE,CAAC;CACvB,CAAC,CAAA;AAEF,MAAM,UAAU,SAAS;IACvB,MAAM,GAAG,GAAG,UAAU,CAAC,aAAa,CAAC,CAAA;IACrC,IAAI,CAAC,GAAG,CAAC,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;QAChC,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAA;IACnE,CAAC;IACD,OAAO,GAAG,CAAA;AACZ,CAAC"}

package/dist/tenant-scale.d.ts

@@ -0,0 +1,129 @@
+import { TenantClient } from './tenant.js';
+import { type Tenant, type TenantScaleOptions, type AuditEvent } from './types.js';
+import type { Context, MiddlewareHandler } from 'hono';
+declare module 'hono' {
+    interface ContextVariableMap {
+        tenant: Tenant;
+        tenantClient: TenantClient;
+    }
+}
+export declare class TenantScale {
+    private client;
+    private apiKey;
+    constructor(options: TenantScaleOptions & {
+        apiKey?: string;
+    });
+    /**
+     * Create a new instance with a different API key.
+     * Useful when you need to switch tenants.
+     */
+    withApiKey(apiKey: string): TenantScale;
+    /**
+     * Enforces tenant isolation — extracts the API key from the
+     * Authorization header and attaches tenant context to the request.
+     *
+     * Usage:
+     *   app.use('/api/*', ts.protect())
+     */
+    protect(): MiddlewareHandler;
+    /**
+     * Logs every request to the audit trail.
+     * Place after protect() so tenant context is available.
+     *
+     * Usage:
+     *   app.use('/api/*', ts.audit())
+     */
+    audit(): MiddlewareHandler;
+    /**
+     * Requires an admin API key. Use on admin routes.
+     *
+     * Usage:
+     *   app.use('/admin/*', ts.requireAdmin())
+     */
+    requireAdmin(): MiddlewareHandler;
+    /**
+     * Get the current tenant context from a Hono context.
+     * Works after protect() middleware has run.
+     */
+    getTenant(c: Context): Tenant | undefined;
+    /**
+     * Get the current user context.
+     * (Placeholder — user resolution depends on your auth setup.)
+     */
+    getUser(c: Context): {
+        id: string;
+        email?: string;
+        role?: string;
+    } | undefined;
+    /**
+     * Log a custom audit event from within a route handler.
+     *
+     * Usage:
+     *   app.post('/api/orders', async (c) => {
+     *     await ts.logAudit(c, { action: 'order.created', resource: 'order:123' })
+     *   })
+     */
+    logAudit(c: Context, event: {
+        action: string;
+        resource: string;
+        details?: Record<string, unknown>;
+    }): Promise<void>;
+    /**
+     * List all tenants (admin only).
+     */
+    listTenants(): Promise<Tenant[]>;
+    /**
+     * Get paginated audit log (admin only).
+     */
+    getAuditLog(c: Context, opts: {
+        tenantId?: string;
+        limit?: number;
+    }): Promise<AuditEvent[]>;
+    /**
+     * Get a specific plan limit value for the current tenant.
+     * Returns null if the limit is not defined.
+     *
+     * Usage:
+     *   const maxUsers = ts.getPlanLimit(c, 'max_users')
+     *   // → 100 (or null if unlimited / not set)
+     */
+    getPlanLimit(c: Context, key: string): boolean | number | string | null;
+    /**
+     * Get all plan limits for the current tenant.
+     * Returns the merged feature map (plan defaults + tenant overrides).
+     *
+     * Usage:
+     *   const limits = ts.getPlanLimits(c)
+     *   // → { max_users: 100, audit_log_retention_days: 30, sso: true, ... }
+     */
+    getPlanLimits(c: Context): Record<string, boolean | number | string>;
+    /**
+     * Check if a usage value exceeds the plan limit.
+     * Returns true if the limit is exceeded (or is 0).
+     * Returns false if the limit is null (unlimited).
+     *
+     * Usage:
+     *   if (ts.planLimitExceeded(c, 'max_users', currentUserCount)) {
+     *     return c.json({ error: 'User limit reached' }, 403)
+     *   }
+     */
+    planLimitExceeded(c: Context, key: string, currentValue: number): boolean;
+    /**
+     * Fetch the full plan definition (metadata + limits) from the API.
+     * Use this when you need plan pricing, name, description, etc.
+     *
+     * Usage:
+     *   const plan = await ts.fetchPlan(c)
+     *   // → { id: 'pro', name: 'Pro', price_monthly: 39900, features: {...}, ... }
+     */
+    fetchPlan(c: Context): Promise<Record<string, unknown> | null>;
+    /**
+     * Fetch all available plans from the API.
+     *
+     * Usage:
+     *   const plans = await ts.fetchPlans()
+     *   // → [{ id: 'free', name: 'Free', ... }, { id: 'pro', ... }]
+     */
+    fetchPlans(): Promise<Record<string, unknown>[]>;
+}
+//# sourceMappingURL=tenant-scale.d.ts.map

package/dist/tenant-scale.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"tenant-scale.d.ts","sourceRoot":"","sources":["../src/tenant-scale.ts"],"names":[],"mappings":"AAWA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAA;AAC1C,OAAO,EAAE,KAAK,MAAM,EAAE,KAAK,kBAAkB,EAAE,KAAK,UAAU,EAAkB,MAAM,YAAY,CAAA;AAClG,OAAO,KAAK,EAAE,OAAO,EAAE,iBAAiB,EAAE,MAAM,MAAM,CAAA;AAGtD,OAAO,QAAQ,MAAM,CAAC;IACpB,UAAU,kBAAkB;QAC1B,MAAM,EAAE,MAAM,CAAA;QACd,YAAY,EAAE,YAAY,CAAA;KAC3B;CACF;AAKD,qBAAa,WAAW;IACtB,OAAO,CAAC,MAAM,CAAc;IAC5B,OAAO,CAAC,MAAM,CAAQ;gBAEV,OAAO,EAAE,kBAAkB,GAAG;QAAE,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE;IAK7D;;;OAGG;IACH,UAAU,CAAC,MAAM,EAAE,MAAM,GAAG,WAAW;IAMvC;;;;;;OAMG;IACH,OAAO,IAAI,iBAAiB;IAwB5B;;;;;;OAMG;IACH,KAAK,IAAI,iBAAiB;IAsB1B;;;;;OAKG;IACH,YAAY,IAAI,iBAAiB;IAuBjC;;;OAGG;IACH,SAAS,CAAC,CAAC,EAAE,OAAO,GAAG,MAAM,GAAG,SAAS;IAIzC;;;OAGG;IACH,OAAO,CAAC,CAAC,EAAE,OAAO,GAAG;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,SAAS;IAO9E;;;;;;;OAOG;IACG,QAAQ,CAAC,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;KAAE,GAAG,OAAO,CAAC,IAAI,CAAC;IAYzH;;OAEG;IACG,WAAW,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;IAKtC;;OAEG;IACG,WAAW,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE;QAAE,QAAQ,CAAC,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC;IAMjG;;;;;;;OAOG;IACH,YAAY,CAAC,CAAC,EAAE,OAAO,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,IAAI;IAMvE;;;;;;;OAOG;IACH,aAAa,CAAC,CAAC,EAAE,OAAO,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,CAAC;IAKpE;;;;;;;;;OASG;IACH,iBAAiB,CAAC,CAAC,EAAE,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,OAAO;IAYzE;;;;;;;OAOG;IACG,SAAS,CAAC,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAqBpE;;;;;;OAMG;IACG,UAAU,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,CAAC;CAiBvD"}