@tinyrack/tinyauth-server 0.0.7

package/dist/routes/api/oauth/index.js

@@ -0,0 +1,11 @@
+import { Hono } from 'hono';
+import { oauthProviderAuthorizeGet } from "./_provider/authorize/get.js";
+import { oauthProviderCallbackGet } from "./_provider/callback/get.js";
+import { oauthProviderCallbackPost } from "./_provider/callback/post.js";
+import { oauthProviderDelete } from "./_provider/delete.js";
+export const oauthRoutes = new Hono()
+    .route('/', oauthProviderAuthorizeGet)
+    .route('/', oauthProviderCallbackGet)
+    .route('/', oauthProviderCallbackPost)
+    .route('/', oauthProviderDelete);
+//# sourceMappingURL=index.js.map

package/dist/routes/api/oauth/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/routes/api/oauth/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAE5B,OAAO,EAAE,yBAAyB,EAAE,MAAM,8BAA8B,CAAC;AACzE,OAAO,EAAE,wBAAwB,EAAE,MAAM,6BAA6B,CAAC;AACvE,OAAO,EAAE,yBAAyB,EAAE,MAAM,8BAA8B,CAAC;AACzE,OAAO,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AAE5D,MAAM,CAAC,MAAM,WAAW,GAAG,IAAI,IAAI,EAAU;KAC1C,KAAK,CAAC,GAAG,EAAE,yBAAyB,CAAC;KACrC,KAAK,CAAC,GAAG,EAAE,wBAAwB,CAAC;KACpC,KAAK,CAAC,GAAG,EAAE,yBAAyB,CAAC;KACrC,KAAK,CAAC,GAAG,EAAE,mBAAmB,CAAC,CAAC"}

package/dist/routes/api/terms/consent/post.d.ts

@@ -0,0 +1,29 @@
+import type { AppEnv } from '../../../../lib/app-env.ts';
+/**
+ * POST /api/terms/consent
+ *
+ * Record user consent for terms of service.
+ */
+export declare const termsConsentPost: import("hono/hono-base").HonoBase<AppEnv, {
+    "/terms/consent": {
+        $post: {
+            input: {
+                json: {
+                    consents: {
+                        termsId: string;
+                        agreed: boolean;
+                        consentType?: "explicit" | "implicit" | undefined;
+                    }[];
+                    registrationToken?: string | undefined;
+                };
+            };
+            output: {
+                ok: true;
+                recorded: number;
+            };
+            outputFormat: "json";
+            status: 200;
+        };
+    };
+}, "/", "/terms/consent">;
+//# sourceMappingURL=post.d.ts.map

package/dist/routes/api/terms/consent/post.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"post.d.ts","sourceRoot":"","sources":["../../../../../src/routes/api/terms/consent/post.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,4BAA4B,CAAC;AAOzD;;;;GAIG;AACH,eAAO,MAAM,gBAAgB;;;;;;;;;;;;;;;;;;;;;yBAmI5B,CAAC"}

package/dist/routes/api/terms/consent/post.js

@@ -0,0 +1,111 @@
+import { Hono } from 'hono';
+import { describeRoute, resolver, validator } from 'hono-openapi';
+import { z } from 'zod';
+import { OPENAPI_SECURITY } from "../../../../lib/openapi.js";
+import { TAGS } from "../../../../lib/swagger-tags.js";
+import { verifyAuth } from "../../../../middleware/auth.js";
+import { e } from "../../../../schemas/error.js";
+import { termsSchema } from "../../../../schemas/terms.js";
+/**
+ * POST /api/terms/consent
+ *
+ * Record user consent for terms of service.
+ */
+export const termsConsentPost = new Hono().post('/terms/consent', describeRoute({
+    tags: [TAGS.TERMS],
+    security: OPENAPI_SECURITY.optionalCookieSession,
+    summary: 'Submit terms consent',
+    description: 'Record user consent decisions for terms of service. ' +
+        'Required terms must be agreed to. ' +
+        'For pending OAuth registration, this also completes user registration.',
+    responses: {
+        200: {
+            content: {
+                'application/json': {
+                    schema: resolver(termsSchema.TermsConsentResponse),
+                },
+            },
+            description: 'Success',
+        },
+        400: {
+            content: {
+                'application/json': {
+                    schema: resolver(z.union([e.ValidationError.Schema, e.OAuthSessionExpired.Schema])),
+                },
+            },
+            description: 'Validation error or OAuth session expired',
+        },
+        401: {
+            content: {
+                'application/json': {
+                    schema: resolver(e.Unauthorized.Schema),
+                },
+            },
+            description: 'Unauthorized',
+        },
+        403: {
+            content: {
+                'application/json': {
+                    schema: resolver(e.RegistrationEmailNotAllowed.Schema),
+                },
+            },
+            description: 'Registration email not allowed',
+        },
+    },
+}), validator('json', termsSchema.TermsConsentRequest), verifyAuth({ optional: true }), async (c) => {
+    const body = c.req.valid('json');
+    const { consents, registrationToken } = body;
+    const session = c.var.session;
+    const { mikro, termsService, oauthConnectService } = c.var.services;
+    // Check for pending OAuth registration (stored in DB, referenced by token)
+    if (registrationToken) {
+        const pendingRegistration = await mikro.pendingOAuthRegistration.findValidByToken(registrationToken);
+        if (!pendingRegistration) {
+            throw new e.OAuthSessionExpired.Error();
+        }
+        // Validate explicit terms consent
+        const validation = await termsService.validateExplicitConsents(consents);
+        if (!validation.valid) {
+            throw new e.ValidationError.Error(`Missing required terms: ${validation.missingTerms.join(', ')}`);
+        }
+        // Complete OAuth registration
+        const result = await oauthConnectService.completeOAuthRegistration({
+            providerId: pendingRegistration.providerId,
+            tokens: {
+                access_token: pendingRegistration.accessToken,
+                refresh_token: pendingRegistration.refreshToken ?? undefined,
+                expires_in: pendingRegistration.expiresIn ?? undefined,
+                token_type: pendingRegistration.tokenType,
+            },
+            userInfo: pendingRegistration.userInfo,
+            consents,
+        });
+        // Set user session
+        session.setUserSession(result.user.sub);
+        // Clean up: remove DB record
+        await mikro.pendingOAuthRegistration.consumeByToken(registrationToken);
+        return c.json({
+            ok: true,
+            recorded: consents.length,
+            registered: true,
+        }, 200);
+    }
+    // Standard flow: authenticated user recording consent
+    const verifiedAuth = c.var.verifiedUser;
+    if (!verifiedAuth) {
+        throw new e.Unauthorized.Error();
+    }
+    // Validate and record consents
+    const { validation, records } = await termsService.validateAndRecordConsents({
+        userSub: verifiedAuth.user.sub,
+        consents,
+    });
+    if (!validation.valid) {
+        throw new e.ValidationError.Error(`Missing required terms: ${validation.missingTerms.join(', ')}`);
+    }
+    return c.json({
+        ok: true,
+        recorded: records.length,
+    }, 200);
+});
+//# sourceMappingURL=post.js.map

package/dist/routes/api/terms/consent/post.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"post.js","sourceRoot":"","sources":["../../../../../src/routes/api/terms/consent/post.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAClE,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,gBAAgB,EAAE,MAAM,4BAA4B,CAAC;AAC9D,OAAO,EAAE,IAAI,EAAE,MAAM,iCAAiC,CAAC;AACvD,OAAO,EAAE,UAAU,EAAE,MAAM,gCAAgC,CAAC;AAC5D,OAAO,EAAE,CAAC,EAAE,MAAM,8BAA8B,CAAC;AACjD,OAAO,EAAE,WAAW,EAAE,MAAM,8BAA8B,CAAC;AAE3D;;;;GAIG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,IAAI,IAAI,EAAU,CAAC,IAAI,CACrD,gBAAgB,EAChB,aAAa,CAAC;IACZ,IAAI,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC;IAClB,QAAQ,EAAE,gBAAgB,CAAC,qBAAqB;IAChD,OAAO,EAAE,sBAAsB;IAC/B,WAAW,EACT,sDAAsD;QACtD,oCAAoC;QACpC,wEAAwE;IAC1E,SAAS,EAAE;QACT,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CAAC,WAAW,CAAC,oBAAoB,CAAC;iBACnD;aACF;YACD,WAAW,EAAE,SAAS;SACvB;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CACd,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,MAAM,EAAE,CAAC,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAC,CAClE;iBACF;aACF;YACD,WAAW,EAAE,2CAA2C;SACzD;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,MAAM,CAAC;iBACxC;aACF;YACD,WAAW,EAAE,cAAc;SAC5B;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,2BAA2B,CAAC,MAAM,CAAC;iBACvD;aACF;YACD,WAAW,EAAE,gCAAgC;SAC9C;KACF;CACF,CAAC,EACF,SAAS,CAAC,MAAM,EAAE,WAAW,CAAC,mBAAmB,CAAC,EAClD,UAAU,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,EAC9B,KAAK,EAAE,CAAC,EAAE,EAAE;IACV,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACjC,MAAM,EAAE,QAAQ,EAAE,iBAAiB,EAAE,GAAG,IAAI,CAAC;IAC7C,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC;IAC9B,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,mBAAmB,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC;IAEpE,2EAA2E;IAC3E,IAAI,iBAAiB,EAAE,CAAC;QACtB,MAAM,mBAAmB,GACvB,MAAM,KAAK,CAAC,wBAAwB,CAAC,gBAAgB,CACnD,iBAAiB,CAClB,CAAC;QAEJ,IAAI,CAAC,mBAAmB,EAAE,CAAC;YACzB,MAAM,IAAI,CAAC,CAAC,mBAAmB,CAAC,KAAK,EAAE,CAAC;QAC1C,CAAC;QAED,kCAAkC;QAClC,MAAM,UAAU,GAAG,MAAM,YAAY,CAAC,wBAAwB,CAAC,QAAQ,CAAC,CAAC;QAEzE,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;YACtB,MAAM,IAAI,CAAC,CAAC,eAAe,CAAC,KAAK,CAC/B,2BAA2B,UAAU,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAChE,CAAC;QACJ,CAAC;QAED,8BAA8B;QAC9B,MAAM,MAAM,GAAG,MAAM,mBAAmB,CAAC,yBAAyB,CAAC;YACjE,UAAU,EAAE,mBAAmB,CAAC,UAAU;YAC1C,MAAM,EAAE;gBACN,YAAY,EAAE,mBAAmB,CAAC,WAAW;gBAC7C,aAAa,EAAE,mBAAmB,CAAC,YAAY,IAAI,SAAS;gBAC5D,UAAU,EAAE,mBAAmB,CAAC,SAAS,IAAI,SAAS;gBACtD,UAAU,EAAE,mBAAmB,CAAC,SAAS;aAC1C;YACD,QAAQ,EAAE,mBAAmB,CAAC,QAAQ;YACtC,QAAQ;SACT,CAAC,CAAC;QAEH,mBAAmB;QACnB,OAAO,CAAC,cAAc,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAExC,6BAA6B;QAC7B,MAAM,KAAK,CAAC,wBAAwB,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC;QAEvE,OAAO,CAAC,CAAC,IAAI,CACX;YACE,EAAE,EAAE,IAAa;YACjB,QAAQ,EAAE,QAAQ,CAAC,MAAM;YACzB,UAAU,EAAE,IAAI;SACjB,EACD,GAAG,CACJ,CAAC;IACJ,CAAC;IAED,sDAAsD;IACtD,MAAM,YAAY,GAAG,CAAC,CAAC,GAAG,CAAC,YAAY,CAAC;IACxC,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,MAAM,IAAI,CAAC,CAAC,YAAY,CAAC,KAAK,EAAE,CAAC;IACnC,CAAC;IAED,+BAA+B;IAC/B,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,GAC3B,MAAM,YAAY,CAAC,yBAAyB,CAAC;QAC3C,OAAO,EAAE,YAAY,CAAC,IAAI,CAAC,GAAG;QAC9B,QAAQ;KACT,CAAC,CAAC;IAEL,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;QACtB,MAAM,IAAI,CAAC,CAAC,eAAe,CAAC,KAAK,CAC/B,2BAA2B,UAAU,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAChE,CAAC;IACJ,CAAC;IAED,OAAO,CAAC,CAAC,IAAI,CACX;QACE,EAAE,EAAE,IAAa;QACjB,QAAQ,EAAE,OAAO,CAAC,MAAM;KACzB,EACD,GAAG,CACJ,CAAC;AACJ,CAAC,CACF,CAAC"}

package/dist/routes/api/terms/get.d.ts

@@ -0,0 +1,40 @@
+import type { AppEnv } from '../../../lib/app-env.ts';
+/**
+ * GET /api/terms
+ *
+ * Returns list of terms with user consent status.
+ * Can be called by both authenticated and unauthenticated users.
+ */
+export declare const termsGet: import("hono/hono-base").HonoBase<AppEnv, {
+    "/terms": {
+        $get: {
+            input: {
+                query: {
+                    lang?: string | string[];
+                };
+            };
+            output: {
+                terms: {
+                    userConsent: {
+                        agreedAt: string | null;
+                        agreed: boolean;
+                        agreedVersion: string | null;
+                        consentType: "explicit" | "implicit" | null;
+                        requiresUpdate: boolean;
+                    } | null;
+                    id: string;
+                    required: boolean;
+                    consentMode: "explicit" | "implicit";
+                    version: string;
+                    title: string;
+                    type: import("../../../services/terms.service.ts").TermsContentType;
+                    content: string;
+                }[];
+                pendingTerms: string[];
+            };
+            outputFormat: "json";
+            status: 200;
+        };
+    };
+}, "/", "/terms">;
+//# sourceMappingURL=get.d.ts.map

package/dist/routes/api/terms/get.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"get.d.ts","sourceRoot":"","sources":["../../../../src/routes/api/terms/get.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,yBAAyB,CAAC;AAOtD;;;;;GAKG;AACH,eAAO,MAAM,QAAQ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAsDpB,CAAC"}

package/dist/routes/api/terms/get.js

@@ -0,0 +1,53 @@
+import { Hono } from 'hono';
+import { describeRoute, resolver, validator } from 'hono-openapi';
+import { z } from 'zod';
+import { OPENAPI_SECURITY } from "../../../lib/openapi.js";
+import { TAGS } from "../../../lib/swagger-tags.js";
+import { verifyAuth } from "../../../middleware/auth.js";
+import { f } from "../../../schemas/field.js";
+import { termsSchema } from "../../../schemas/terms.js";
+/**
+ * GET /api/terms
+ *
+ * Returns list of terms with user consent status.
+ * Can be called by both authenticated and unauthenticated users.
+ */
+export const termsGet = new Hono().get('/terms', describeRoute({
+    tags: [TAGS.TERMS],
+    security: OPENAPI_SECURITY.optionalCookieSession,
+    summary: 'Get terms of service',
+    description: 'Returns list of terms with consent mode and user consent status. ' +
+        'If user is authenticated, includes their consent history.',
+    responses: {
+        200: {
+            content: {
+                'application/json': {
+                    schema: resolver(termsSchema.TermsResponse),
+                },
+            },
+            description: 'Success',
+        },
+    },
+}), validator('query', z.object({
+    lang: f.languageCode,
+})), verifyAuth({ optional: true }), async (c) => {
+    const query = c.req.valid('query');
+    const { lang } = query;
+    const { termsService } = c.var.services;
+    const userSub = c.var.verifiedUser?.user.sub ?? null;
+    const terms = await termsService.getGlobalTermsWithConsent(userSub, lang);
+    const pendingTerms = termsService.getPendingFromLocalizedTerms(terms);
+    return c.json({
+        terms: terms.map((t) => ({
+            ...t,
+            userConsent: t.userConsent
+                ? {
+                    ...t.userConsent,
+                    agreedAt: t.userConsent.agreedAt?.toISOString() ?? null,
+                }
+                : null,
+        })),
+        pendingTerms,
+    }, 200);
+});
+//# sourceMappingURL=get.js.map

package/dist/routes/api/terms/get.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"get.js","sourceRoot":"","sources":["../../../../src/routes/api/terms/get.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAClE,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,IAAI,EAAE,MAAM,8BAA8B,CAAC;AACpD,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,EAAE,CAAC,EAAE,MAAM,2BAA2B,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AAExD;;;;;GAKG;AACH,MAAM,CAAC,MAAM,QAAQ,GAAG,IAAI,IAAI,EAAU,CAAC,GAAG,CAC5C,QAAQ,EACR,aAAa,CAAC;IACZ,IAAI,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC;IAClB,QAAQ,EAAE,gBAAgB,CAAC,qBAAqB;IAChD,OAAO,EAAE,sBAAsB;IAC/B,WAAW,EACT,mEAAmE;QACnE,2DAA2D;IAC7D,SAAS,EAAE;QACT,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CAAC,WAAW,CAAC,aAAa,CAAC;iBAC5C;aACF;YACD,WAAW,EAAE,SAAS;SACvB;KACF;CACF,CAAC,EACF,SAAS,CACP,OAAO,EACP,CAAC,CAAC,MAAM,CAAC;IACP,IAAI,EAAE,CAAC,CAAC,YAAY;CACrB,CAAC,CACH,EACD,UAAU,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,EAC9B,KAAK,EAAE,CAAC,EAAE,EAAE;IACV,MAAM,KAAK,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IACnC,MAAM,EAAE,IAAI,EAAE,GAAG,KAAK,CAAC;IACvB,MAAM,EAAE,YAAY,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC;IAExC,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,YAAY,EAAE,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC;IAErD,MAAM,KAAK,GAAG,MAAM,YAAY,CAAC,yBAAyB,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IAE1E,MAAM,YAAY,GAAG,YAAY,CAAC,4BAA4B,CAAC,KAAK,CAAC,CAAC;IAEtE,OAAO,CAAC,CAAC,IAAI,CACX;QACE,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACvB,GAAG,CAAC;YACJ,WAAW,EAAE,CAAC,CAAC,WAAW;gBACxB,CAAC,CAAC;oBACE,GAAG,CAAC,CAAC,WAAW;oBAChB,QAAQ,EAAE,CAAC,CAAC,WAAW,CAAC,QAAQ,EAAE,WAAW,EAAE,IAAI,IAAI;iBACxD;gBACH,CAAC,CAAC,IAAI;SACT,CAAC,CAAC;QACH,YAAY;KACb,EACD,GAAG,CACJ,CAAC;AACJ,CAAC,CACF,CAAC"}

package/dist/routes/api/terms/index.d.ts

@@ -0,0 +1,55 @@
+import type { AppEnv } from '../../../lib/app-env.ts';
+export declare const termsRoutes: import("hono/hono-base").HonoBase<AppEnv, import("hono/types").BlankSchema | import("hono/types").MergeSchemaPath<{
+    "/terms": {
+        $get: {
+            input: {
+                query: {
+                    lang?: string | string[];
+                };
+            };
+            output: {
+                terms: {
+                    userConsent: {
+                        agreedAt: string | null;
+                        agreed: boolean;
+                        agreedVersion: string | null;
+                        consentType: "explicit" | "implicit" | null;
+                        requiresUpdate: boolean;
+                    } | null;
+                    id: string;
+                    required: boolean;
+                    consentMode: "explicit" | "implicit";
+                    version: string;
+                    title: string;
+                    type: import("../../../services/terms.service.ts").TermsContentType;
+                    content: string;
+                }[];
+                pendingTerms: string[];
+            };
+            outputFormat: "json";
+            status: 200;
+        };
+    };
+}, "/"> | import("hono/types").MergeSchemaPath<{
+    "/terms/consent": {
+        $post: {
+            input: {
+                json: {
+                    consents: {
+                        termsId: string;
+                        agreed: boolean;
+                        consentType?: "explicit" | "implicit" | undefined;
+                    }[];
+                    registrationToken?: string | undefined;
+                };
+            };
+            output: {
+                ok: true;
+                recorded: number;
+            };
+            outputFormat: "json";
+            status: 200;
+        };
+    };
+}, "/">, "/", "/">;
+//# sourceMappingURL=index.d.ts.map

package/dist/routes/api/terms/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/routes/api/terms/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,yBAAyB,CAAC;AAItD,eAAO,MAAM,WAAW;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;kBAEO,CAAC"}

package/dist/routes/api/terms/index.js

@@ -0,0 +1,7 @@
+import { Hono } from 'hono';
+import { termsConsentPost } from "./consent/post.js";
+import { termsGet } from "./get.js";
+export const termsRoutes = new Hono()
+    .route('/', termsGet)
+    .route('/', termsConsentPost);
+//# sourceMappingURL=index.js.map

package/dist/routes/api/terms/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/routes/api/terms/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAE5B,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EAAE,QAAQ,EAAE,MAAM,UAAU,CAAC;AAEpC,MAAM,CAAC,MAAM,WAAW,GAAG,IAAI,IAAI,EAAU;KAC1C,KAAK,CAAC,GAAG,EAAE,QAAQ,CAAC;KACpB,KAAK,CAAC,GAAG,EAAE,gBAAgB,CAAC,CAAC"}

package/dist/routes/api/user/delete.d.ts

@@ -0,0 +1,21 @@
+import type { AppEnv } from '../../../lib/app-env.ts';
+/**
+ * DELETE /api/user
+ *
+ * Request account deletion (soft delete).
+ */
+export declare const userDelete: import("hono/hono-base").HonoBase<AppEnv, {
+    "/user": {
+        $delete: {
+            input: {};
+            output: {
+                ok: true;
+                deleted_at: string;
+                permanent_deletion_at: string;
+            };
+            outputFormat: "json";
+            status: 200;
+        };
+    };
+}, "/", "/user">;
+//# sourceMappingURL=delete.d.ts.map

package/dist/routes/api/user/delete.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"delete.d.ts","sourceRoot":"","sources":["../../../../src/routes/api/user/delete.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,yBAAyB,CAAC;AAQtD;;;;GAIG;AACH,eAAO,MAAM,UAAU;;;;;;;;;;;;;gBA8FtB,CAAC"}

package/dist/routes/api/user/delete.js

@@ -0,0 +1,89 @@
+import { Hono } from 'hono';
+import { describeRoute, resolver } from 'hono-openapi';
+import { z } from 'zod';
+import { calculatePermanentDeletionDate } from "../../../lib/duration.js";
+import { OPENAPI_SECURITY } from "../../../lib/openapi.js";
+import { TAGS } from "../../../lib/swagger-tags.js";
+import { verifyAuth } from "../../../middleware/auth.js";
+import { e } from "../../../schemas/error.js";
+import { r } from "../../../schemas/response.js";
+/**
+ * DELETE /api/user
+ *
+ * Request account deletion (soft delete).
+ */
+export const userDelete = new Hono().delete('/user', describeRoute({
+    tags: [TAGS.USER],
+    security: OPENAPI_SECURITY.cookieSession,
+    summary: 'Delete Account',
+    description: 'Request account deletion. The account will be soft-deleted and ' +
+        'permanently removed after the configured retention period.',
+    responses: {
+        200: {
+            content: {
+                'application/json': {
+                    schema: resolver(r.AccountDeletionResponse),
+                },
+            },
+            description: 'Success',
+        },
+        400: {
+            content: {
+                'application/json': {
+                    schema: resolver(e.AccountAlreadyDeleted.Schema),
+                },
+            },
+            description: 'Account already deleted',
+        },
+        401: {
+            content: {
+                'application/json': {
+                    schema: resolver(e.Unauthorized.Schema),
+                },
+            },
+            description: 'Unauthorized',
+        },
+        403: {
+            content: {
+                'application/json': {
+                    schema: resolver(z.union([
+                        e.AccountDeletionDisabled.Schema,
+                        e.UserNotEditable.Schema,
+                    ])),
+                },
+            },
+            description: 'Account deletion disabled or user not editable',
+        },
+        404: {
+            content: {
+                'application/json': {
+                    schema: resolver(e.UserNotFound.Schema),
+                },
+            },
+            description: 'User not found',
+        },
+    },
+}), verifyAuth(), async (c) => {
+    const { config, mikro } = c.var.services;
+    const session = c.var.session;
+    if (!config.account_deletion.enabled) {
+        throw new e.AccountDeletionDisabled.Error();
+    }
+    const { user: userEntity } = c.var.verifiedUser;
+    if (userEntity.managed_by === 'config') {
+        throw new e.UserNotEditable.Error();
+    }
+    if (userEntity.deleted_at !== null) {
+        throw new e.AccountAlreadyDeleted.Error();
+    }
+    userEntity.deleted_at = new Date();
+    await mikro.em.flush();
+    session.delete();
+    const permanentDeletionDate = calculatePermanentDeletionDate(userEntity.deleted_at, config.account_deletion.retention);
+    return c.json({
+        ok: true,
+        deleted_at: userEntity.deleted_at.toISOString(),
+        permanent_deletion_at: permanentDeletionDate.toISOString(),
+    }, 200);
+});
+//# sourceMappingURL=delete.js.map

package/dist/routes/api/user/delete.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"delete.js","sourceRoot":"","sources":["../../../../src/routes/api/user/delete.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,cAAc,CAAC;AACvD,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,8BAA8B,EAAE,MAAM,0BAA0B,CAAC;AAC1E,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,IAAI,EAAE,MAAM,8BAA8B,CAAC;AACpD,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,EAAE,CAAC,EAAE,MAAM,2BAA2B,CAAC;AAC9C,OAAO,EAAE,CAAC,EAAE,MAAM,8BAA8B,CAAC;AAEjD;;;;GAIG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,IAAI,IAAI,EAAU,CAAC,MAAM,CACjD,OAAO,EACP,aAAa,CAAC;IACZ,IAAI,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC;IACjB,QAAQ,EAAE,gBAAgB,CAAC,aAAa;IACxC,OAAO,EAAE,gBAAgB;IACzB,WAAW,EACT,iEAAiE;QACjE,4DAA4D;IAC9D,SAAS,EAAE;QACT,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,uBAAuB,CAAC;iBAC5C;aACF;YACD,WAAW,EAAE,SAAS;SACvB;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,qBAAqB,CAAC,MAAM,CAAC;iBACjD;aACF;YACD,WAAW,EAAE,yBAAyB;SACvC;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,MAAM,CAAC;iBACxC;aACF;YACD,WAAW,EAAE,cAAc;SAC5B;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CACd,CAAC,CAAC,KAAK,CAAC;wBACN,CAAC,CAAC,uBAAuB,CAAC,MAAM;wBAChC,CAAC,CAAC,eAAe,CAAC,MAAM;qBACzB,CAAC,CACH;iBACF;aACF;YACD,WAAW,EAAE,gDAAgD;SAC9D;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,MAAM,CAAC;iBACxC;aACF;YACD,WAAW,EAAE,gBAAgB;SAC9B;KACF;CACF,CAAC,EACF,UAAU,EAAE,EACZ,KAAK,EAAE,CAAC,EAAE,EAAE;IACV,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC;IACzC,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC;IAE9B,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC,OAAO,EAAE,CAAC;QACrC,MAAM,IAAI,CAAC,CAAC,uBAAuB,CAAC,KAAK,EAAE,CAAC;IAC9C,CAAC;IACD,MAAM,EAAE,IAAI,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,YAAY,CAAC;IAEhD,IAAI,UAAU,CAAC,UAAU,KAAK,QAAQ,EAAE,CAAC;QACvC,MAAM,IAAI,CAAC,CAAC,eAAe,CAAC,KAAK,EAAE,CAAC;IACtC,CAAC;IAED,IAAI,UAAU,CAAC,UAAU,KAAK,IAAI,EAAE,CAAC;QACnC,MAAM,IAAI,CAAC,CAAC,qBAAqB,CAAC,KAAK,EAAE,CAAC;IAC5C,CAAC;IAED,UAAU,CAAC,UAAU,GAAG,IAAI,IAAI,EAAE,CAAC;IACnC,MAAM,KAAK,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;IAEvB,OAAO,CAAC,MAAM,EAAE,CAAC;IAEjB,MAAM,qBAAqB,GAAG,8BAA8B,CAC1D,UAAU,CAAC,UAAU,EACrB,MAAM,CAAC,gBAAgB,CAAC,SAAS,CAClC,CAAC;IAEF,OAAO,CAAC,CAAC,IAAI,CACX;QACE,EAAE,EAAE,IAAI;QACR,UAAU,EAAE,UAAU,CAAC,UAAU,CAAC,WAAW,EAAE;QAC/C,qBAAqB,EAAE,qBAAqB,CAAC,WAAW,EAAE;KAC3D,EACD,GAAG,CACJ,CAAC;AACJ,CAAC,CACF,CAAC"}