npm - @thebookingkit/server - Versions diffs - 0.1.2 → 0.1.5 - Mend

@thebookingkit/server 0.1.2 → 0.1.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (95) hide show

package/README.md +2 -2
package/dist/adapters/calendar-adapter.d.ts +47 -0
package/dist/adapters/calendar-adapter.d.ts.map +1 -0
package/dist/adapters/calendar-adapter.js +2 -0
package/dist/adapters/calendar-adapter.js.map +1 -0
package/dist/adapters/email-adapter.d.ts +65 -0
package/dist/adapters/email-adapter.d.ts.map +1 -0
package/dist/adapters/email-adapter.js +41 -0
package/dist/adapters/email-adapter.js.map +1 -0
package/dist/adapters/index.d.ts +9 -0
package/dist/adapters/index.d.ts.map +1 -0
package/dist/adapters/index.js +3 -0
package/dist/adapters/index.js.map +1 -0
package/dist/adapters/job-adapter.d.ts +26 -0
package/dist/adapters/job-adapter.d.ts.map +1 -0
package/dist/adapters/job-adapter.js +13 -0
package/dist/adapters/job-adapter.js.map +1 -0
package/dist/adapters/payment-adapter.d.ts +106 -0
package/dist/adapters/payment-adapter.d.ts.map +1 -0
package/dist/adapters/payment-adapter.js +8 -0
package/dist/adapters/payment-adapter.js.map +1 -0
package/dist/adapters/sms-adapter.d.ts +33 -0
package/dist/adapters/sms-adapter.d.ts.map +1 -0
package/dist/adapters/sms-adapter.js +8 -0
package/dist/adapters/sms-adapter.js.map +1 -0
package/{src/adapters/storage-adapter.ts → dist/adapters/storage-adapter.d.ts} +5 -4
package/dist/adapters/storage-adapter.d.ts.map +1 -0
package/dist/adapters/storage-adapter.js +2 -0
package/dist/adapters/storage-adapter.js.map +1 -0
package/dist/api.d.ts +223 -0
package/dist/api.d.ts.map +1 -0
package/dist/api.js +286 -0
package/dist/api.js.map +1 -0
package/dist/auth.d.ts +71 -0
package/dist/auth.d.ts.map +1 -0
package/dist/auth.js +90 -0
package/dist/auth.js.map +1 -0
package/dist/booking-tokens.d.ts +23 -0
package/dist/booking-tokens.d.ts.map +1 -0
package/dist/booking-tokens.js +52 -0
package/dist/booking-tokens.js.map +1 -0
package/dist/email-templates.d.ts +32 -0
package/dist/email-templates.d.ts.map +1 -0
package/{src/email-templates.ts → dist/email-templates.js} +14 -34
package/dist/email-templates.js.map +1 -0
package/dist/index.d.ts +13 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +22 -0
package/dist/index.js.map +1 -0
package/dist/multi-tenancy.d.ts +123 -0
package/dist/multi-tenancy.d.ts.map +1 -0
package/dist/multi-tenancy.js +197 -0
package/dist/multi-tenancy.js.map +1 -0
package/dist/notification-jobs.d.ts +143 -0
package/dist/notification-jobs.d.ts.map +1 -0
package/dist/notification-jobs.js +278 -0
package/dist/notification-jobs.js.map +1 -0
package/dist/serialization-retry.d.ts +28 -0
package/dist/serialization-retry.d.ts.map +1 -0
package/dist/serialization-retry.js +71 -0
package/dist/serialization-retry.js.map +1 -0
package/dist/webhooks.d.ts +164 -0
package/dist/webhooks.d.ts.map +1 -0
package/dist/webhooks.js +239 -0
package/dist/webhooks.js.map +1 -0
package/dist/workflows.d.ts +169 -0
package/dist/workflows.d.ts.map +1 -0
package/dist/workflows.js +271 -0
package/dist/workflows.js.map +1 -0
package/package.json +21 -2
package/CHANGELOG.md +0 -9
package/src/__tests__/api.test.ts +0 -354
package/src/__tests__/auth.test.ts +0 -111
package/src/__tests__/concurrent-booking.test.ts +0 -170
package/src/__tests__/multi-tenancy.test.ts +0 -267
package/src/__tests__/serialization-retry.test.ts +0 -76
package/src/__tests__/webhooks.test.ts +0 -412
package/src/__tests__/workflows.test.ts +0 -422
package/src/adapters/calendar-adapter.ts +0 -49
package/src/adapters/email-adapter.ts +0 -108
package/src/adapters/index.ts +0 -36
package/src/adapters/job-adapter.ts +0 -26
package/src/adapters/payment-adapter.ts +0 -118
package/src/adapters/sms-adapter.ts +0 -35
package/src/api.ts +0 -446
package/src/auth.ts +0 -146
package/src/booking-tokens.ts +0 -61
package/src/index.ts +0 -192
package/src/multi-tenancy.ts +0 -301
package/src/notification-jobs.ts +0 -428
package/src/serialization-retry.ts +0 -94
package/src/webhooks.ts +0 -378
package/src/workflows.ts +0 -441
package/tsconfig.json +0 -9
package/vitest.config.ts +0 -7

package/dist/auth.js ADDED Viewed

@@ -0,0 +1,90 @@
+import { UnauthorizedError, ForbiddenError } from "@thebookingkit/core";
+const ROLE_HIERARCHY = {
+    admin: 3,
+    provider: 2,
+    member: 1,
+};
+/**
+ * Middleware wrapper that injects the authenticated user into every request.
+ *
+ * - Rejects unauthenticated requests with 401.
+ * - Optionally checks user role.
+ * - Passes the authenticated user to the handler.
+ *
+ * @example
+ * ```ts
+ * // In a Next.js API route
+ * export const GET = withAuth(authAdapter, async (req) => {
+ *   const userId = req.user.id;
+ *   // Provider can only access their own data
+ *   const bookings = await db.query.bookings.findMany({
+ *     where: eq(bookings.providerId, userId)
+ *   });
+ *   return Response.json(bookings);
+ * });
+ * ```
+ */
+export function withAuth(adapter, handler, options) {
+    return async (req) => {
+        try {
+            // Try to get user from session first
+            let user = await adapter.getCurrentUser(req);
+            // If no session, try Bearer token
+            if (!user) {
+                const authHeader = req.headers.get("authorization");
+                if (authHeader?.startsWith("Bearer ")) {
+                    const token = authHeader.slice(7);
+                    user = await adapter.verifyToken(token);
+                }
+            }
+            if (!user) {
+                throw new UnauthorizedError();
+            }
+            // Check required role if specified — use hierarchy so admin satisfies provider requirement
+            if (options?.requiredRole) {
+                const userLevel = ROLE_HIERARCHY[user.role ?? ""] ?? 0;
+                const requiredLevel = ROLE_HIERARCHY[options.requiredRole] ?? 0;
+                if (userLevel < requiredLevel) {
+                    throw new ForbiddenError();
+                }
+            }
+            // Inject user into request
+            const authReq = req;
+            authReq.user = user;
+            return await handler(authReq);
+        }
+        catch (error) {
+            if (error instanceof UnauthorizedError) {
+                return Response.json({ error: error.message, code: error.code }, { status: 401 });
+            }
+            if (error instanceof ForbiddenError) {
+                return Response.json({ error: error.message, code: error.code }, { status: 403 });
+            }
+            return Response.json({ error: "Internal server error", code: "INTERNAL_ERROR" }, { status: 500 });
+        }
+    };
+}
+/**
+ * Helper to scope database queries to the authenticated user.
+ * Providers can only access their own rows (user_id matches).
+ *
+ * @example
+ * ```ts
+ * const provider = await assertOwnership(db, providers, req.user.id, providerId);
+ * ```
+ */
+export function assertProviderOwnership(userId, resourceUserId) {
+    if (userId !== resourceUserId) {
+        throw new ForbiddenError("You do not have permission to access this provider's data.");
+    }
+}
+/**
+ * Helper to verify customer access to their own bookings.
+ * Customers can only access bookings where customer_email matches.
+ */
+export function assertCustomerAccess(userEmail, bookingCustomerEmail) {
+    if (userEmail !== bookingCustomerEmail) {
+        throw new ForbiddenError("You do not have permission to access this booking.");
+    }
+}
+//# sourceMappingURL=auth.js.map

package/dist/auth.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"auth.js","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAyCxE,MAAM,cAAc,GAA2B;IAC7C,KAAK,EAAE,CAAC;IACR,QAAQ,EAAE,CAAC;IACX,MAAM,EAAE,CAAC;CACV,CAAC;AAEF;;;;;;;;;;;;;;;;;;;GAmBG;AACH,MAAM,UAAU,QAAQ,CACtB,OAAoB,EACpB,OAAyD,EACzD,OAAyB;IAEzB,OAAO,KAAK,EAAE,GAAY,EAAqB,EAAE;QAC/C,IAAI,CAAC;YACH,qCAAqC;YACrC,IAAI,IAAI,GAAG,MAAM,OAAO,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC;YAE7C,kCAAkC;YAClC,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;gBACpD,IAAI,UAAU,EAAE,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;oBACtC,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;oBAClC,IAAI,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;gBAC1C,CAAC;YACH,CAAC;YAED,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,MAAM,IAAI,iBAAiB,EAAE,CAAC;YAChC,CAAC;YAED,2FAA2F;YAC3F,IAAI,OAAO,EAAE,YAAY,EAAE,CAAC;gBAC1B,MAAM,SAAS,GAAG,cAAc,CAAC,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC,IAAI,CAAC,CAAC;gBACvD,MAAM,aAAa,GAAG,cAAc,CAAC,OAAO,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;gBAChE,IAAI,SAAS,GAAG,aAAa,EAAE,CAAC;oBAC9B,MAAM,IAAI,cAAc,EAAE,CAAC;gBAC7B,CAAC;YACH,CAAC;YAED,2BAA2B;YAC3B,MAAM,OAAO,GAAG,GAA2B,CAAC;YAC5C,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;YAEpB,OAAO,MAAM,OAAO,CAAC,OAAO,CAAC,CAAC;QAChC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,iBAAiB,EAAE,CAAC;gBACvC,OAAO,QAAQ,CAAC,IAAI,CAClB,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,EAC1C,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;YACJ,CAAC;YACD,IAAI,KAAK,YAAY,cAAc,EAAE,CAAC;gBACpC,OAAO,QAAQ,CAAC,IAAI,CAClB,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,EAC1C,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;YACJ,CAAC;YACD,OAAO,QAAQ,CAAC,IAAI,CAClB,EAAE,KAAK,EAAE,uBAAuB,EAAE,IAAI,EAAE,gBAAgB,EAAE,EAC1D,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;QACJ,CAAC;IACH,CAAC,CAAC;AACJ,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,uBAAuB,CACrC,MAAc,EACd,cAAsB;IAEtB,IAAI,MAAM,KAAK,cAAc,EAAE,CAAC;QAC9B,MAAM,IAAI,cAAc,CACtB,4DAA4D,CAC7D,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,oBAAoB,CAClC,SAAiB,EACjB,oBAA4B;IAE5B,IAAI,SAAS,KAAK,oBAAoB,EAAE,CAAC;QACvC,MAAM,IAAI,cAAc,CACtB,oDAAoD,CACrD,CAAC;IACJ,CAAC;AACH,CAAC"}

package/dist/booking-tokens.d.ts ADDED Viewed

@@ -0,0 +1,23 @@
+/**
+ * Generate a signed booking management token.
+ *
+ * The token is a signed payload containing the booking ID and expiry time.
+ * It allows customers to view/manage their booking without authentication.
+ *
+ * @param bookingId - The booking UUID
+ * @param expiresAt - When the token expires
+ * @param secret - HMAC signing secret
+ */
+export declare function generateBookingToken(bookingId: string, expiresAt: Date, secret: string): string;
+/**
+ * Verify and decode a booking management token.
+ *
+ * @param token - The base64url-encoded token
+ * @param secret - HMAC signing secret (must match generation)
+ * @returns The booking ID if valid, null if invalid or expired
+ */
+export declare function verifyBookingToken(token: string, secret: string): {
+    bookingId: string;
+    expiresAt: Date;
+} | null;
+//# sourceMappingURL=booking-tokens.d.ts.map

package/dist/booking-tokens.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"booking-tokens.d.ts","sourceRoot":"","sources":["../src/booking-tokens.ts"],"names":[],"mappings":"AAEA;;;;;;;;;GASG;AACH,wBAAgB,oBAAoB,CAClC,SAAS,EAAE,MAAM,EACjB,SAAS,EAAE,IAAI,EACf,MAAM,EAAE,MAAM,GACb,MAAM,CAMR;AAED;;;;;;GAMG;AACH,wBAAgB,kBAAkB,CAChC,KAAK,EAAE,MAAM,EACb,MAAM,EAAE,MAAM,GACb;IAAE,SAAS,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,IAAI,CAAA;CAAE,GAAG,IAAI,CA0B/C"}

package/dist/booking-tokens.js ADDED Viewed

@@ -0,0 +1,52 @@
+import { createHmac, timingSafeEqual } from "crypto";
+/**
+ * Generate a signed booking management token.
+ *
+ * The token is a signed payload containing the booking ID and expiry time.
+ * It allows customers to view/manage their booking without authentication.
+ *
+ * @param bookingId - The booking UUID
+ * @param expiresAt - When the token expires
+ * @param secret - HMAC signing secret
+ */
+export function generateBookingToken(bookingId, expiresAt, secret) {
+    const payload = `${bookingId}:${expiresAt.getTime()}`;
+    const signature = createHmac("sha256", secret)
+        .update(payload)
+        .digest("hex");
+    return Buffer.from(`${payload}:${signature}`).toString("base64url");
+}
+/**
+ * Verify and decode a booking management token.
+ *
+ * @param token - The base64url-encoded token
+ * @param secret - HMAC signing secret (must match generation)
+ * @returns The booking ID if valid, null if invalid or expired
+ */
+export function verifyBookingToken(token, secret) {
+    try {
+        const decoded = Buffer.from(token, "base64url").toString("utf-8");
+        const parts = decoded.split(":");
+        if (parts.length !== 3)
+            return null;
+        const [bookingId, expiresAtStr, signature] = parts;
+        const expiresAt = new Date(Number(expiresAtStr));
+        // Check expiry
+        if (expiresAt < new Date())
+            return null;
+        // Verify signature
+        const payload = `${bookingId}:${expiresAtStr}`;
+        const expectedSig = createHmac("sha256", secret)
+            .update(payload)
+            .digest("hex");
+        const a = Buffer.from(expectedSig, "hex");
+        const b = Buffer.from(signature, "hex");
+        if (a.length !== b.length || !timingSafeEqual(a, b))
+            return null;
+        return { bookingId, expiresAt };
+    }
+    catch {
+        return null;
+    }
+}
+//# sourceMappingURL=booking-tokens.js.map

package/dist/booking-tokens.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"booking-tokens.js","sourceRoot":"","sources":["../src/booking-tokens.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,eAAe,EAAE,MAAM,QAAQ,CAAC;AAErD;;;;;;;;;GASG;AACH,MAAM,UAAU,oBAAoB,CAClC,SAAiB,EACjB,SAAe,EACf,MAAc;IAEd,MAAM,OAAO,GAAG,GAAG,SAAS,IAAI,SAAS,CAAC,OAAO,EAAE,EAAE,CAAC;IACtD,MAAM,SAAS,GAAG,UAAU,CAAC,QAAQ,EAAE,MAAM,CAAC;SAC3C,MAAM,CAAC,OAAO,CAAC;SACf,MAAM,CAAC,KAAK,CAAC,CAAC;IACjB,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,OAAO,IAAI,SAAS,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;AACtE,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,kBAAkB,CAChC,KAAa,EACb,MAAc;IAEd,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAClE,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACjC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;QAEpC,MAAM,CAAC,SAAS,EAAE,YAAY,EAAE,SAAS,CAAC,GAAG,KAAK,CAAC;QACnD,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC;QAEjD,eAAe;QACf,IAAI,SAAS,GAAG,IAAI,IAAI,EAAE;YAAE,OAAO,IAAI,CAAC;QAExC,mBAAmB;QACnB,MAAM,OAAO,GAAG,GAAG,SAAS,IAAI,YAAY,EAAE,CAAC;QAC/C,MAAM,WAAW,GAAG,UAAU,CAAC,QAAQ,EAAE,MAAM,CAAC;aAC7C,MAAM,CAAC,OAAO,CAAC;aACf,MAAM,CAAC,KAAK,CAAC,CAAC;QAEjB,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC;QAC1C,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;QACxC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM,IAAI,CAAC,eAAe,CAAC,CAAC,EAAE,CAAC,CAAC;YAAE,OAAO,IAAI,CAAC;QAEjE,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC;IAClC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC"}

package/dist/email-templates.d.ts ADDED Viewed

@@ -0,0 +1,32 @@
+/** Variables available in email templates */
+export interface EmailTemplateVars {
+    bookingId: string;
+    eventTitle: string;
+    providerName: string;
+    customerName: string;
+    customerEmail: string;
+    date: string;
+    time: string;
+    duration: string;
+    timezone: string;
+    location?: string;
+    managementUrl?: string;
+    unsubscribeUrl?: string;
+    cancelReason?: string;
+    oldDate?: string;
+    oldTime?: string;
+    newDate?: string;
+    newTime?: string;
+}
+export declare function interpolateTemplate(template: string, vars: EmailTemplateVars): string;
+/** Default booking confirmation email template (HTML) */
+export declare const CONFIRMATION_EMAIL_HTML: string;
+/** Default booking confirmation email (plain text) */
+export declare const CONFIRMATION_EMAIL_TEXT: string;
+/** Default reminder email template */
+export declare const REMINDER_EMAIL_HTML: string;
+/** Default cancellation email template */
+export declare const CANCELLATION_EMAIL_HTML: string;
+/** Default reschedule email template */
+export declare const RESCHEDULE_EMAIL_HTML: string;
+//# sourceMappingURL=email-templates.d.ts.map

package/dist/email-templates.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"email-templates.d.ts","sourceRoot":"","sources":["../src/email-templates.ts"],"names":[],"mappings":"AAAA,6CAA6C;AAC7C,MAAM,WAAW,iBAAiB;IAChC,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAeD,wBAAgB,mBAAmB,CACjC,QAAQ,EAAE,MAAM,EAChB,IAAI,EAAE,iBAAiB,GACtB,MAAM,CAKR;AAED,yDAAyD;AACzD,eAAO,MAAM,uBAAuB,QAqB5B,CAAC;AAET,sDAAsD;AACtD,eAAO,MAAM,uBAAuB,QAgB5B,CAAC;AAET,sCAAsC;AACtC,eAAO,MAAM,mBAAmB,QAoBxB,CAAC;AAET,0CAA0C;AAC1C,eAAO,MAAM,uBAAuB,QAc5B,CAAC;AAET,wCAAwC;AACxC,eAAO,MAAM,qBAAqB,QAoB1B,CAAC"}

package/{src/email-templates.ts → dist/email-templates.js} RENAMED Viewed

@@ -1,38 +1,21 @@
-/** Variables available in email templates */
-export interface EmailTemplateVars {
-  bookingId: string;
-  eventTitle: string;
-  providerName: string;
-  customerName: string;
-  customerEmail: string;
-  date: string;
-  time: string;
-  duration: string;
-  timezone: string;
-  location?: string;
-  managementUrl?: string;
-  unsubscribeUrl?: string;
-  cancelReason?: string;
-  oldDate?: string;
-  oldTime?: string;
-  newDate?: string;
-  newTime?: string;
-}
 /**
  * Interpolate template variables into a template string.
  * Variables use the format `{variableName}`.
  */
-export function interpolateTemplate(
-  template: string,
-  vars: EmailTemplateVars,
-): string {
-  return template.replace(/\{(\w+)\}/g, (match, key) => {
-    const value = (vars as unknown as Record<string, string | undefined>)[key];
-    return value ?? match;
-  });
+function escapeHtml(str) {
+    return str
+        .replace(/&/g, "&amp;")
+        .replace(/</g, "&lt;")
+        .replace(/>/g, "&gt;")
+        .replace(/"/g, "&quot;")
+        .replace(/'/g, "&#39;");
+}
+export function interpolateTemplate(template, vars) {
+    return template.replace(/\{(\w+)\}/g, (match, key) => {
+        const value = vars[key];
+        return value != null ? escapeHtml(value) : match;
+    });
 }
 /** Default booking confirmation email template (HTML) */
 export const CONFIRMATION_EMAIL_HTML = `
 <div style="font-family: sans-serif; max-width: 600px; margin: 0 auto;">
@@ -56,7 +39,6 @@ export const CONFIRMATION_EMAIL_HTML = `
   </p>
 </div>
 `.trim();
 /** Default booking confirmation email (plain text) */
 export const CONFIRMATION_EMAIL_TEXT = `
 Booking Confirmed
@@ -75,7 +57,6 @@ Manage your booking: {managementUrl}
 To unsubscribe: {unsubscribeUrl}
 `.trim();
 /** Default reminder email template */
 export const REMINDER_EMAIL_HTML = `
 <div style="font-family: sans-serif; max-width: 600px; margin: 0 auto;">
@@ -98,7 +79,6 @@ export const REMINDER_EMAIL_HTML = `
   </p>
 </div>
 `.trim();
 /** Default cancellation email template */
 export const CANCELLATION_EMAIL_HTML = `
 <div style="font-family: sans-serif; max-width: 600px; margin: 0 auto;">
@@ -115,7 +95,6 @@ export const CANCELLATION_EMAIL_HTML = `
   </p>
 </div>
 `.trim();
 /** Default reschedule email template */
 export const RESCHEDULE_EMAIL_HTML = `
 <div style="font-family: sans-serif; max-width: 600px; margin: 0 auto;">
@@ -138,3 +117,4 @@ export const RESCHEDULE_EMAIL_HTML = `
   </p>
 </div>
 `.trim();
+//# sourceMappingURL=email-templates.js.map

package/dist/email-templates.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"email-templates.js","sourceRoot":"","sources":["../src/email-templates.ts"],"names":[],"mappings":"AAqBA;;;GAGG;AACH,SAAS,UAAU,CAAC,GAAW;IAC7B,OAAO,GAAG;SACP,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC;SACtB,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC;SACrB,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC;SACrB,OAAO,CAAC,IAAI,EAAE,QAAQ,CAAC;SACvB,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;AAC5B,CAAC;AAED,MAAM,UAAU,mBAAmB,CACjC,QAAgB,EAChB,IAAuB;IAEvB,OAAO,QAAQ,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;QACnD,MAAM,KAAK,GAAI,IAAsD,CAAC,GAAG,CAAC,CAAC;QAC3E,OAAO,KAAK,IAAI,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;IACnD,CAAC,CAAC,CAAC;AACL,CAAC;AAED,yDAAyD;AACzD,MAAM,CAAC,MAAM,uBAAuB,GAAG;;;;;;;;;;;;;;;;;;;;;CAqBtC,CAAC,IAAI,EAAE,CAAC;AAET,sDAAsD;AACtD,MAAM,CAAC,MAAM,uBAAuB,GAAG;;;;;;;;;;;;;;;;CAgBtC,CAAC,IAAI,EAAE,CAAC;AAET,sCAAsC;AACtC,MAAM,CAAC,MAAM,mBAAmB,GAAG;;;;;;;;;;;;;;;;;;;;CAoBlC,CAAC,IAAI,EAAE,CAAC;AAET,0CAA0C;AAC1C,MAAM,CAAC,MAAM,uBAAuB,GAAG;;;;;;;;;;;;;;CActC,CAAC,IAAI,EAAE,CAAC;AAET,wCAAwC;AACxC,MAAM,CAAC,MAAM,qBAAqB,GAAG;;;;;;;;;;;;;;;;;;;;CAoBpC,CAAC,IAAI,EAAE,CAAC"}

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,13 @@
+export { BookingConflictError, SerializationRetryExhaustedError, UnauthorizedError, ForbiddenError, } from "@thebookingkit/core";
+export { withSerializableRetry, type SerializableRetryOptions, } from "./serialization-retry.js";
+export { withAuth, assertProviderOwnership, assertCustomerAccess, type AuthUser, type AuthSession, type AuthAdapter, type AuthenticatedRequest, type WithAuthOptions, } from "./auth.js";
+export type { EmailAdapter, SendEmailOptions, EmailResult, EmailDeliveryStatus, EmailAttachment, CalendarAdapter, CalendarEventOptions, CalendarEventResult, CalendarConflict, JobAdapter, StorageAdapter, SmsAdapter, SendSmsOptions, SmsResult, PaymentAdapter, CreatePaymentIntentOptions, CreatePaymentIntentResult, CreateSetupIntentOptions, CreateSetupIntentResult, CaptureResult, RefundResult, } from "./adapters/index.js";
+export { generateICSAttachment, JOB_NAMES } from "./adapters/index.js";
+export { generateBookingToken, verifyBookingToken, } from "./booking-tokens.js";
+export { sendConfirmationEmail, sendReminderEmail, sendCancellationEmail, sendRescheduleEmail, scheduleAutoReject, syncBookingToCalendar, deleteBookingFromCalendar, formatDateTimeForEmail, formatDurationForEmail, type NotificationBookingData, type ConfirmationEmailPayload, type ReminderEmailPayload, type CancellationEmailPayload, type RescheduleEmailPayload, type CalendarSyncPayload, type CalendarDeletePayload, type AutoRejectPendingPayload, } from "./notification-jobs.js";
+export { interpolateTemplate, CONFIRMATION_EMAIL_HTML, CONFIRMATION_EMAIL_TEXT, REMINDER_EMAIL_HTML, CANCELLATION_EMAIL_HTML, RESCHEDULE_EMAIL_HTML, type EmailTemplateVars, } from "./email-templates.js";
+export { resolveTemplateVariables, evaluateConditions, validateWorkflow, matchWorkflows, DEFAULT_TEMPLATES, TEMPLATE_VARIABLES, WorkflowValidationError, type WorkflowTrigger, type WorkflowActionType, type ConditionOperator, type WorkflowCondition, type EmailActionConfig, type SmsActionConfig, type WebhookActionConfig, type StatusUpdateActionConfig, type CalendarEventActionConfig, type WorkflowAction, type WorkflowDefinition, type WorkflowContext, type WorkflowLogEntry, } from "./workflows.js";
+export { signWebhookPayload, verifyWebhookSignature, createWebhookEnvelope, resolvePayloadTemplate, matchWebhookSubscriptions, getRetryDelay, isSuccessResponse, validateWebhookSubscription, WebhookValidationError, DEFAULT_RETRY_CONFIG, WEBHOOK_TRIGGERS, SIGNATURE_HEADER, TIMESTAMP_HEADER, DEFAULT_TOLERANCE_SECONDS, type WebhookTrigger, type WebhookAttendee, type WebhookPayload, type WebhookEnvelope, type WebhookSubscription, type WebhookDeliveryResult, type WebhookRetryConfig, type WebhookVerificationResult, } from "./webhooks.js";
+export { createErrorResponse, createSuccessResponse, createPaginatedResponse, generateApiKey, hashApiKey, verifyApiKey, hasScope, isKeyExpired, checkRateLimit, encodeCursor, decodeCursor, validateSlotQueryParams, parseSortParam, API_ERROR_CODES, type ApiError, type ApiErrorResponse, type ApiSuccessResponse, type ApiMeta, type PaginatedResponse, type ApiErrorCode, type ApiKeyRecord, type ApiKeyScope, type GeneratedApiKey, type RateLimitState, type RateLimitResult, type ValidationDetail, type ValidationResult, } from "./api.js";
+export { resolveEffectiveSettings, getRolePermissions, roleHasPermission, assertOrgPermission, assertTenantScope, buildOrgBookingUrl, parseOrgBookingPath, TenantAuthorizationError, GLOBAL_DEFAULTS, type OrgRole, type OrgMember, type OrgBranding, type OrgSettings, type ProviderSettings, type EventTypeSettings, type GlobalDefaults, type ResolvedSettings, type OrgPermission, } from "./multi-tenancy.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EACL,oBAAoB,EACpB,gCAAgC,EAChC,iBAAiB,EACjB,cAAc,GACf,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EACL,qBAAqB,EACrB,KAAK,wBAAwB,GAC9B,MAAM,0BAA0B,CAAC;AAGlC,OAAO,EACL,QAAQ,EACR,uBAAuB,EACvB,oBAAoB,EACpB,KAAK,QAAQ,EACb,KAAK,WAAW,EAChB,KAAK,WAAW,EAChB,KAAK,oBAAoB,EACzB,KAAK,eAAe,GACrB,MAAM,WAAW,CAAC;AAGnB,YAAY,EACV,YAAY,EACZ,gBAAgB,EAChB,WAAW,EACX,mBAAmB,EACnB,eAAe,EACf,eAAe,EACf,oBAAoB,EACpB,mBAAmB,EACnB,gBAAgB,EAChB,UAAU,EACV,cAAc,EACd,UAAU,EACV,cAAc,EACd,SAAS,EACT,cAAc,EACd,0BAA0B,EAC1B,yBAAyB,EACzB,wBAAwB,EACxB,uBAAuB,EACvB,aAAa,EACb,YAAY,GACb,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EAAE,qBAAqB,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAGvE,OAAO,EACL,oBAAoB,EACpB,kBAAkB,GACnB,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EACL,qBAAqB,EACrB,iBAAiB,EACjB,qBAAqB,EACrB,mBAAmB,EACnB,kBAAkB,EAClB,qBAAqB,EACrB,yBAAyB,EACzB,sBAAsB,EACtB,sBAAsB,EACtB,KAAK,uBAAuB,EAC5B,KAAK,wBAAwB,EAC7B,KAAK,oBAAoB,EACzB,KAAK,wBAAwB,EAC7B,KAAK,sBAAsB,EAC3B,KAAK,mBAAmB,EACxB,KAAK,qBAAqB,EAC1B,KAAK,wBAAwB,GAC9B,MAAM,wBAAwB,CAAC;AAGhC,OAAO,EACL,mBAAmB,EACnB,uBAAuB,EACvB,uBAAuB,EACvB,mBAAmB,EACnB,uBAAuB,EACvB,qBAAqB,EACrB,KAAK,iBAAiB,GACvB,MAAM,sBAAsB,CAAC;AAG9B,OAAO,EACL,wBAAwB,EACxB,kBAAkB,EAClB,gBAAgB,EAChB,cAAc,EACd,iBAAiB,EACjB,kBAAkB,EAClB,uBAAuB,EACvB,KAAK,eAAe,EACpB,KAAK,kBAAkB,EACvB,KAAK,iBAAiB,EACtB,KAAK,iBAAiB,EACtB,KAAK,iBAAiB,EACtB,KAAK,eAAe,EACpB,KAAK,mBAAmB,EACxB,KAAK,wBAAwB,EAC7B,KAAK,yBAAyB,EAC9B,KAAK,cAAc,EACnB,KAAK,kBAAkB,EACvB,KAAK,eAAe,EACpB,KAAK,gBAAgB,GACtB,MAAM,gBAAgB,CAAC;AAGxB,OAAO,EACL,kBAAkB,EAClB,sBAAsB,EACtB,qBAAqB,EACrB,sBAAsB,EACtB,yBAAyB,EACzB,aAAa,EACb,iBAAiB,EACjB,2BAA2B,EAC3B,sBAAsB,EACtB,oBAAoB,EACpB,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,EAChB,yBAAyB,EACzB,KAAK,cAAc,EACnB,KAAK,eAAe,EACpB,KAAK,cAAc,EACnB,KAAK,eAAe,EACpB,KAAK,mBAAmB,EACxB,KAAK,qBAAqB,EAC1B,KAAK,kBAAkB,EACvB,KAAK,yBAAyB,GAC/B,MAAM,eAAe,CAAC;AAGvB,OAAO,EACL,mBAAmB,EACnB,qBAAqB,EACrB,uBAAuB,EACvB,cAAc,EACd,UAAU,EACV,YAAY,EACZ,QAAQ,EACR,YAAY,EACZ,cAAc,EACd,YAAY,EACZ,YAAY,EACZ,uBAAuB,EACvB,cAAc,EACd,eAAe,EACf,KAAK,QAAQ,EACb,KAAK,gBAAgB,EACrB,KAAK,kBAAkB,EACvB,KAAK,OAAO,EACZ,KAAK,iBAAiB,EACtB,KAAK,YAAY,EACjB,KAAK,YAAY,EACjB,KAAK,WAAW,EAChB,KAAK,eAAe,EACpB,KAAK,cAAc,EACnB,KAAK,eAAe,EACpB,KAAK,gBAAgB,EACrB,KAAK,gBAAgB,GACtB,MAAM,UAAU,CAAC;AAGlB,OAAO,EACL,wBAAwB,EACxB,kBAAkB,EAClB,iBAAiB,EACjB,mBAAmB,EACnB,iBAAiB,EACjB,kBAAkB,EAClB,mBAAmB,EACnB,wBAAwB,EACxB,eAAe,EACf,KAAK,OAAO,EACZ,KAAK,SAAS,EACd,KAAK,WAAW,EAChB,KAAK,WAAW,EAChB,KAAK,gBAAgB,EACrB,KAAK,iBAAiB,EACtB,KAAK,cAAc,EACnB,KAAK,gBAAgB,EACrB,KAAK,aAAa,GACnB,MAAM,oBAAoB,CAAC"}

package/dist/index.js ADDED Viewed

@@ -0,0 +1,22 @@
+// Re-export core errors used by server modules
+export { BookingConflictError, SerializationRetryExhaustedError, UnauthorizedError, ForbiddenError, } from "@thebookingkit/core";
+// Serialization retry utility
+export { withSerializableRetry, } from "./serialization-retry.js";
+// Auth middleware & adapters
+export { withAuth, assertProviderOwnership, assertCustomerAccess, } from "./auth.js";
+export { generateICSAttachment, JOB_NAMES } from "./adapters/index.js";
+// Booking Tokens
+export { generateBookingToken, verifyBookingToken, } from "./booking-tokens.js";
+// Notification Jobs
+export { sendConfirmationEmail, sendReminderEmail, sendCancellationEmail, sendRescheduleEmail, scheduleAutoReject, syncBookingToCalendar, deleteBookingFromCalendar, formatDateTimeForEmail, formatDurationForEmail, } from "./notification-jobs.js";
+// Email Templates
+export { interpolateTemplate, CONFIRMATION_EMAIL_HTML, CONFIRMATION_EMAIL_TEXT, REMINDER_EMAIL_HTML, CANCELLATION_EMAIL_HTML, RESCHEDULE_EMAIL_HTML, } from "./email-templates.js";
+// Workflows
+export { resolveTemplateVariables, evaluateConditions, validateWorkflow, matchWorkflows, DEFAULT_TEMPLATES, TEMPLATE_VARIABLES, WorkflowValidationError, } from "./workflows.js";
+// Webhooks
+export { signWebhookPayload, verifyWebhookSignature, createWebhookEnvelope, resolvePayloadTemplate, matchWebhookSubscriptions, getRetryDelay, isSuccessResponse, validateWebhookSubscription, WebhookValidationError, DEFAULT_RETRY_CONFIG, WEBHOOK_TRIGGERS, SIGNATURE_HEADER, TIMESTAMP_HEADER, DEFAULT_TOLERANCE_SECONDS, } from "./webhooks.js";
+// REST API Utilities
+export { createErrorResponse, createSuccessResponse, createPaginatedResponse, generateApiKey, hashApiKey, verifyApiKey, hasScope, isKeyExpired, checkRateLimit, encodeCursor, decodeCursor, validateSlotQueryParams, parseSortParam, API_ERROR_CODES, } from "./api.js";
+// Multi-Tenancy
+export { resolveEffectiveSettings, getRolePermissions, roleHasPermission, assertOrgPermission, assertTenantScope, buildOrgBookingUrl, parseOrgBookingPath, TenantAuthorizationError, GLOBAL_DEFAULTS, } from "./multi-tenancy.js";
+//# sourceMappingURL=index.js.map

package/dist/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,+CAA+C;AAC/C,OAAO,EACL,oBAAoB,EACpB,gCAAgC,EAChC,iBAAiB,EACjB,cAAc,GACf,MAAM,qBAAqB,CAAC;AAE7B,8BAA8B;AAC9B,OAAO,EACL,qBAAqB,GAEtB,MAAM,0BAA0B,CAAC;AAElC,6BAA6B;AAC7B,OAAO,EACL,QAAQ,EACR,uBAAuB,EACvB,oBAAoB,GAMrB,MAAM,WAAW,CAAC;AA0BnB,OAAO,EAAE,qBAAqB,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAEvE,iBAAiB;AACjB,OAAO,EACL,oBAAoB,EACpB,kBAAkB,GACnB,MAAM,qBAAqB,CAAC;AAE7B,oBAAoB;AACpB,OAAO,EACL,qBAAqB,EACrB,iBAAiB,EACjB,qBAAqB,EACrB,mBAAmB,EACnB,kBAAkB,EAClB,qBAAqB,EACrB,yBAAyB,EACzB,sBAAsB,EACtB,sBAAsB,GASvB,MAAM,wBAAwB,CAAC;AAEhC,kBAAkB;AAClB,OAAO,EACL,mBAAmB,EACnB,uBAAuB,EACvB,uBAAuB,EACvB,mBAAmB,EACnB,uBAAuB,EACvB,qBAAqB,GAEtB,MAAM,sBAAsB,CAAC;AAE9B,YAAY;AACZ,OAAO,EACL,wBAAwB,EACxB,kBAAkB,EAClB,gBAAgB,EAChB,cAAc,EACd,iBAAiB,EACjB,kBAAkB,EAClB,uBAAuB,GAcxB,MAAM,gBAAgB,CAAC;AAExB,WAAW;AACX,OAAO,EACL,kBAAkB,EAClB,sBAAsB,EACtB,qBAAqB,EACrB,sBAAsB,EACtB,yBAAyB,EACzB,aAAa,EACb,iBAAiB,EACjB,2BAA2B,EAC3B,sBAAsB,EACtB,oBAAoB,EACpB,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,EAChB,yBAAyB,GAS1B,MAAM,eAAe,CAAC;AAEvB,qBAAqB;AACrB,OAAO,EACL,mBAAmB,EACnB,qBAAqB,EACrB,uBAAuB,EACvB,cAAc,EACd,UAAU,EACV,YAAY,EACZ,QAAQ,EACR,YAAY,EACZ,cAAc,EACd,YAAY,EACZ,YAAY,EACZ,uBAAuB,EACvB,cAAc,EACd,eAAe,GAchB,MAAM,UAAU,CAAC;AAElB,gBAAgB;AAChB,OAAO,EACL,wBAAwB,EACxB,kBAAkB,EAClB,iBAAiB,EACjB,mBAAmB,EACnB,iBAAiB,EACjB,kBAAkB,EAClB,mBAAmB,EACnB,wBAAwB,EACxB,eAAe,GAUhB,MAAM,oBAAoB,CAAC"}

package/dist/multi-tenancy.d.ts ADDED Viewed

@@ -0,0 +1,123 @@
+/**
+ * Multi-tenancy utilities for organization-scoped deployments.
+ *
+ * Provides organization settings resolution, cascading defaults,
+ * role-based access control, and tenant authorization helpers.
+ */
+/** Organization member role */
+export type OrgRole = "owner" | "admin" | "member";
+/** Organization member */
+export interface OrgMember {
+    userId: string;
+    organizationId: string;
+    role: OrgRole;
+}
+/** Organization branding */
+export interface OrgBranding {
+    logoUrl?: string;
+    primaryColor?: string;
+    accentColor?: string;
+    fontFamily?: string;
+}
+/** Organization-level settings */
+export interface OrgSettings {
+    defaultTimezone?: string;
+    defaultCurrency?: string;
+    branding?: OrgBranding;
+    defaultBufferMinutes?: number;
+    defaultBookingLimits?: Record<string, unknown>;
+}
+/** Provider-level settings that can override org defaults */
+export interface ProviderSettings {
+    timezone?: string;
+    currency?: string;
+    branding?: Partial<OrgBranding>;
+    bufferMinutes?: number;
+    bookingLimits?: Record<string, unknown>;
+}
+/** Event type settings that can override provider defaults */
+export interface EventTypeSettings {
+    timezone?: string;
+    currency?: string;
+    bufferBefore?: number;
+    bufferAfter?: number;
+    bookingLimits?: Record<string, unknown>;
+}
+/** Global SlotKit defaults */
+export interface GlobalDefaults {
+    timezone: string;
+    currency: string;
+    bufferMinutes: number;
+}
+/** Resolved effective settings after cascading resolution */
+export interface ResolvedSettings {
+    timezone: string;
+    currency: string;
+    bufferMinutes: number;
+    branding: OrgBranding;
+    bookingLimits: Record<string, unknown>;
+}
+/** Permissions available in the system */
+export type OrgPermission = "manage:members" | "manage:teams" | "manage:event-types" | "view:all-bookings" | "view:own-bookings" | "manage:own-availability" | "view:analytics" | "manage:organization";
+/** Error thrown for multi-tenancy authorization violations */
+export declare class TenantAuthorizationError extends Error {
+    constructor(message: string);
+}
+/** System-wide defaults used as the base for cascading resolution */
+export declare const GLOBAL_DEFAULTS: GlobalDefaults;
+/**
+ * Resolve effective settings via the cascade:
+ * `event_type > provider > organization > global defaults`
+ *
+ * @param orgSettings - Organization-level settings
+ * @param providerSettings - Provider-level settings (overrides org)
+ * @param eventTypeSettings - Event type settings (overrides provider)
+ * @returns Fully resolved effective settings
+ */
+export declare function resolveEffectiveSettings(orgSettings?: OrgSettings | null, providerSettings?: ProviderSettings | null, eventTypeSettings?: EventTypeSettings | null): ResolvedSettings;
+/**
+ * Get all permissions granted to a role.
+ *
+ * @param role - The organization role
+ * @returns Array of permissions
+ */
+export declare function getRolePermissions(role: OrgRole): OrgPermission[];
+/**
+ * Check if a role has a specific permission.
+ *
+ * @param role - The organization role
+ * @param permission - The permission to check
+ * @returns Whether the role has the permission
+ */
+export declare function roleHasPermission(role: OrgRole, permission: OrgPermission): boolean;
+/**
+ * Assert that an org member has a required permission.
+ *
+ * @param member - The org member
+ * @param permission - The required permission
+ * @throws {TenantAuthorizationError} If the member lacks the permission
+ */
+export declare function assertOrgPermission(member: OrgMember, permission: OrgPermission): void;
+/**
+ * Validate that a resource belongs to the expected organization.
+ *
+ * @param resourceOrgId - Organization ID on the resource
+ * @param expectedOrgId - The org ID from the authenticated context
+ * @throws {TenantAuthorizationError} If there is a tenant mismatch
+ */
+export declare function assertTenantScope(resourceOrgId: string | null | undefined, expectedOrgId: string): void;
+export declare function buildOrgBookingUrl(orgSlug: string, providerSlug: string, eventTypeSlug: string, baseUrl: string): string;
+/**
+ * Parse an organization slug from a booking URL path.
+ *
+ * Expected format: `/{orgSlug}/{providerSlug}/{eventTypeSlug}`
+ *
+ * @param pathname - URL pathname
+ * @returns Parsed segments, or null if format is invalid
+ */
+export declare function parseOrgBookingPath(pathname: string): {
+    orgSlug: string;
+    providerSlug: string;
+    eventTypeSlug: string;
+} | null;
+//# sourceMappingURL=multi-tenancy.d.ts.map

package/dist/multi-tenancy.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"multi-tenancy.d.ts","sourceRoot":"","sources":["../src/multi-tenancy.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAMH,+BAA+B;AAC/B,MAAM,MAAM,OAAO,GAAG,OAAO,GAAG,OAAO,GAAG,QAAQ,CAAC;AAEnD,0BAA0B;AAC1B,MAAM,WAAW,SAAS;IACxB,MAAM,EAAE,MAAM,CAAC;IACf,cAAc,EAAE,MAAM,CAAC;IACvB,IAAI,EAAE,OAAO,CAAC;CACf;AAED,4BAA4B;AAC5B,MAAM,WAAW,WAAW;IAC1B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,kCAAkC;AAClC,MAAM,WAAW,WAAW;IAC1B,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,EAAE,WAAW,CAAC;IACvB,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,oBAAoB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAChD;AAED,6DAA6D;AAC7D,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC;IAChC,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,aAAa,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACzC;AAED,8DAA8D;AAC9D,MAAM,WAAW,iBAAiB;IAChC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,aAAa,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACzC;AAED,8BAA8B;AAC9B,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;CACvB;AAED,6DAA6D;AAC7D,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;IACtB,QAAQ,EAAE,WAAW,CAAC;IACtB,aAAa,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACxC;AAED,0CAA0C;AAC1C,MAAM,MAAM,aAAa,GACrB,gBAAgB,GAChB,cAAc,GACd,oBAAoB,GACpB,mBAAmB,GACnB,mBAAmB,GACnB,yBAAyB,GACzB,gBAAgB,GAChB,qBAAqB,CAAC;AAM1B,8DAA8D;AAC9D,qBAAa,wBAAyB,SAAQ,KAAK;gBACrC,OAAO,EAAE,MAAM;CAI5B;AAMD,qEAAqE;AACrE,eAAO,MAAM,eAAe,EAAE,cAI7B,CAAC;AAMF;;;;;;;;GAQG;AACH,wBAAgB,wBAAwB,CACtC,WAAW,CAAC,EAAE,WAAW,GAAG,IAAI,EAChC,gBAAgB,CAAC,EAAE,gBAAgB,GAAG,IAAI,EAC1C,iBAAiB,CAAC,EAAE,iBAAiB,GAAG,IAAI,GAC3C,gBAAgB,CA0ClB;AAgCD;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,OAAO,GAAG,aAAa,EAAE,CAEjE;AAED;;;;;;GAMG;AACH,wBAAgB,iBAAiB,CAC/B,IAAI,EAAE,OAAO,EACb,UAAU,EAAE,aAAa,GACxB,OAAO,CAET;AAED;;;;;;GAMG;AACH,wBAAgB,mBAAmB,CACjC,MAAM,EAAE,SAAS,EACjB,UAAU,EAAE,aAAa,GACxB,IAAI,CAMN;AAMD;;;;;;GAMG;AACH,wBAAgB,iBAAiB,CAC/B,aAAa,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,EACxC,aAAa,EAAE,MAAM,GACpB,IAAI,CAWN;AAaD,wBAAgB,kBAAkB,CAChC,OAAO,EAAE,MAAM,EACf,YAAY,EAAE,MAAM,EACpB,aAAa,EAAE,MAAM,EACrB,OAAO,EAAE,MAAM,GACd,MAAM,CAOR;AAED;;;;;;;GAOG;AACH,wBAAgB,mBAAmB,CAAC,QAAQ,EAAE,MAAM,GAAG;IACrD,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;CACvB,GAAG,IAAI,CASP"}