npm - @unifiedcommerce/core - Versions diffs - 0.0.4 → 0.1.1 - Mend

@unifiedcommerce/core 0.0.4 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (179) hide show

package/dist/auth/auth-schema.d.ts +92 -0
package/dist/auth/auth-schema.d.ts.map +1 -1
package/dist/auth/auth-schema.js +7 -0
package/dist/auth/setup.d.ts.map +1 -1
package/dist/auth/setup.js +3 -1
package/package.json +1 -2
package/src/adapters/console-email.ts +0 -43
package/src/auth/access.ts +0 -187
package/src/auth/auth-schema.ts +0 -131
package/src/auth/middleware.ts +0 -161
package/src/auth/org.ts +0 -41
package/src/auth/permissions.ts +0 -28
package/src/auth/setup.ts +0 -165
package/src/auth/system-actor.ts +0 -19
package/src/auth/types.ts +0 -10
package/src/config/defaults.ts +0 -82
package/src/config/define-config.ts +0 -53
package/src/config/types.ts +0 -299
package/src/generated/plugin-capabilities.d.ts +0 -20
package/src/generated/plugin-manifest.ts +0 -23
package/src/generated/plugin-repositories.d.ts +0 -20
package/src/hooks/checkout-completion.ts +0 -262
package/src/hooks/checkout.ts +0 -677
package/src/hooks/order-emails.ts +0 -62
package/src/index.ts +0 -214
package/src/interfaces/mcp/agent-prompt.ts +0 -174
package/src/interfaces/mcp/context-enrichment.ts +0 -177
package/src/interfaces/mcp/server.ts +0 -617
package/src/interfaces/mcp/transport.ts +0 -68
package/src/interfaces/rest/customer-portal.ts +0 -299
package/src/interfaces/rest/index.ts +0 -74
package/src/interfaces/rest/router.ts +0 -334
package/src/interfaces/rest/routes/admin-jobs.ts +0 -58
package/src/interfaces/rest/routes/audit.ts +0 -50
package/src/interfaces/rest/routes/carts.ts +0 -89
package/src/interfaces/rest/routes/catalog.ts +0 -493
package/src/interfaces/rest/routes/checkout.ts +0 -283
package/src/interfaces/rest/routes/inventory.ts +0 -70
package/src/interfaces/rest/routes/media.ts +0 -86
package/src/interfaces/rest/routes/orders.ts +0 -78
package/src/interfaces/rest/routes/payments.ts +0 -60
package/src/interfaces/rest/routes/pricing.ts +0 -57
package/src/interfaces/rest/routes/promotions.ts +0 -92
package/src/interfaces/rest/routes/search.ts +0 -71
package/src/interfaces/rest/routes/webhooks.ts +0 -46
package/src/interfaces/rest/schemas/admin-jobs.ts +0 -40
package/src/interfaces/rest/schemas/audit.ts +0 -46
package/src/interfaces/rest/schemas/carts.ts +0 -125
package/src/interfaces/rest/schemas/catalog.ts +0 -450
package/src/interfaces/rest/schemas/checkout.ts +0 -66
package/src/interfaces/rest/schemas/customer-portal.ts +0 -195
package/src/interfaces/rest/schemas/inventory.ts +0 -138
package/src/interfaces/rest/schemas/media.ts +0 -75
package/src/interfaces/rest/schemas/orders.ts +0 -104
package/src/interfaces/rest/schemas/pricing.ts +0 -80
package/src/interfaces/rest/schemas/promotions.ts +0 -110
package/src/interfaces/rest/schemas/responses.ts +0 -85
package/src/interfaces/rest/schemas/search.ts +0 -58
package/src/interfaces/rest/schemas/shared.ts +0 -62
package/src/interfaces/rest/schemas/webhooks.ts +0 -68
package/src/interfaces/rest/utils.ts +0 -104
package/src/interfaces/rest/webhook-router.ts +0 -50
package/src/kernel/compensation/executor.ts +0 -61
package/src/kernel/compensation/types.ts +0 -26
package/src/kernel/database/adapter.ts +0 -13
package/src/kernel/database/drizzle-db.ts +0 -56
package/src/kernel/database/migrate.ts +0 -76
package/src/kernel/database/plugin-types.ts +0 -34
package/src/kernel/database/schema.ts +0 -49
package/src/kernel/database/scoped-db.ts +0 -68
package/src/kernel/database/tx-context.ts +0 -46
package/src/kernel/error-mapper.ts +0 -15
package/src/kernel/errors.ts +0 -89
package/src/kernel/factory/repository-factory.ts +0 -242
package/src/kernel/hooks/create-context.ts +0 -43
package/src/kernel/hooks/executor.ts +0 -88
package/src/kernel/hooks/registry.ts +0 -74
package/src/kernel/hooks/types.ts +0 -52
package/src/kernel/http-error.ts +0 -44
package/src/kernel/jobs/adapter.ts +0 -36
package/src/kernel/jobs/drizzle-adapter.ts +0 -58
package/src/kernel/jobs/runner.ts +0 -153
package/src/kernel/jobs/schema.ts +0 -46
package/src/kernel/jobs/types.ts +0 -30
package/src/kernel/local-api.ts +0 -185
package/src/kernel/plugin/manifest.ts +0 -253
package/src/kernel/query/executor.ts +0 -184
package/src/kernel/query/registry.ts +0 -46
package/src/kernel/result.ts +0 -33
package/src/kernel/schema/extra-columns.ts +0 -37
package/src/kernel/service-registry.ts +0 -76
package/src/kernel/service-timing.ts +0 -89
package/src/kernel/state-machine/machine.ts +0 -101
package/src/modules/analytics/drizzle-adapter.ts +0 -426
package/src/modules/analytics/hooks.ts +0 -11
package/src/modules/analytics/models.ts +0 -125
package/src/modules/analytics/repository/index.ts +0 -6
package/src/modules/analytics/service.ts +0 -245
package/src/modules/analytics/types.ts +0 -180
package/src/modules/audit/hooks.ts +0 -78
package/src/modules/audit/schema.ts +0 -33
package/src/modules/audit/service.ts +0 -151
package/src/modules/cart/access.ts +0 -27
package/src/modules/cart/matcher.ts +0 -26
package/src/modules/cart/repository/index.ts +0 -234
package/src/modules/cart/schema.ts +0 -42
package/src/modules/cart/schemas.ts +0 -38
package/src/modules/cart/service.ts +0 -541
package/src/modules/catalog/repository/index.ts +0 -772
package/src/modules/catalog/schema.ts +0 -203
package/src/modules/catalog/schemas.ts +0 -104
package/src/modules/catalog/service.ts +0 -1544
package/src/modules/customers/repository/index.ts +0 -327
package/src/modules/customers/schema.ts +0 -64
package/src/modules/customers/service.ts +0 -171
package/src/modules/fulfillment/repository/index.ts +0 -426
package/src/modules/fulfillment/schema.ts +0 -101
package/src/modules/fulfillment/service.ts +0 -555
package/src/modules/fulfillment/types.ts +0 -59
package/src/modules/inventory/repository/index.ts +0 -509
package/src/modules/inventory/schema.ts +0 -94
package/src/modules/inventory/schemas.ts +0 -38
package/src/modules/inventory/service.ts +0 -490
package/src/modules/media/adapter.ts +0 -17
package/src/modules/media/repository/index.ts +0 -274
package/src/modules/media/schema.ts +0 -41
package/src/modules/media/service.ts +0 -151
package/src/modules/orders/repository/index.ts +0 -287
package/src/modules/orders/schema.ts +0 -66
package/src/modules/orders/service.ts +0 -619
package/src/modules/orders/stale-order-cleanup.ts +0 -76
package/src/modules/organization/service.ts +0 -191
package/src/modules/payments/adapter.ts +0 -47
package/src/modules/payments/repository/index.ts +0 -6
package/src/modules/payments/service.ts +0 -107
package/src/modules/pricing/repository/index.ts +0 -291
package/src/modules/pricing/schema.ts +0 -71
package/src/modules/pricing/schemas.ts +0 -38
package/src/modules/pricing/service.ts +0 -494
package/src/modules/promotions/repository/index.ts +0 -325
package/src/modules/promotions/schema.ts +0 -62
package/src/modules/promotions/schemas.ts +0 -38
package/src/modules/promotions/service.ts +0 -598
package/src/modules/search/adapter.ts +0 -57
package/src/modules/search/hooks.ts +0 -12
package/src/modules/search/repository/index.ts +0 -6
package/src/modules/search/service.ts +0 -315
package/src/modules/shipping/calculator.ts +0 -188
package/src/modules/shipping/repository/index.ts +0 -6
package/src/modules/shipping/service.ts +0 -51
package/src/modules/tax/adapter.ts +0 -60
package/src/modules/tax/repository/index.ts +0 -6
package/src/modules/tax/service.ts +0 -53
package/src/modules/webhooks/hook.ts +0 -34
package/src/modules/webhooks/repository/index.ts +0 -278
package/src/modules/webhooks/schema.ts +0 -56
package/src/modules/webhooks/service.ts +0 -117
package/src/modules/webhooks/signing.ts +0 -6
package/src/modules/webhooks/ssrf-guard.ts +0 -71
package/src/modules/webhooks/tasks.ts +0 -52
package/src/modules/webhooks/worker.ts +0 -134
package/src/runtime/commerce.ts +0 -145
package/src/runtime/kernel.ts +0 -419
package/src/runtime/logger.ts +0 -36
package/src/runtime/server.ts +0 -349
package/src/runtime/shutdown.ts +0 -43
package/src/test-utils/create-pglite-adapter.ts +0 -129
package/src/test-utils/create-plugin-test-app.ts +0 -128
package/src/test-utils/create-repository-test-harness.ts +0 -16
package/src/test-utils/create-test-config.ts +0 -190
package/src/test-utils/create-test-kernel.ts +0 -7
package/src/test-utils/create-test-plugin-context.ts +0 -75
package/src/test-utils/rest-api-test-utils.ts +0 -265
package/src/test-utils/test-actors.ts +0 -62
package/src/test-utils/typed-hooks.ts +0 -54
package/src/types/commerce-types.ts +0 -34
package/src/utils/id.ts +0 -3
package/src/utils/logger.ts +0 -18
package/src/utils/pagination.ts +0 -22

package/dist/auth/auth-schema.d.ts CHANGED Viewed

@@ -1380,4 +1380,96 @@ export declare const apikey: import("drizzle-orm/pg-core").PgTableWithColumns<{
     };
     dialect: "pg";
 }>;
+export declare const jwks: import("drizzle-orm/pg-core").PgTableWithColumns<{
+    name: "jwks";
+    schema: undefined;
+    columns: {
+        id: import("drizzle-orm/pg-core").PgColumn<{
+            name: "id";
+            tableName: "jwks";
+            dataType: "string";
+            columnType: "PgText";
+            data: string;
+            driverParam: string;
+            notNull: true;
+            hasDefault: false;
+            isPrimaryKey: true;
+            isAutoincrement: false;
+            hasRuntimeDefault: false;
+            enumValues: [string, ...string[]];
+            baseColumn: never;
+            identity: undefined;
+            generated: undefined;
+        }, {}, {}>;
+        publicKey: import("drizzle-orm/pg-core").PgColumn<{
+            name: "public_key";
+            tableName: "jwks";
+            dataType: "string";
+            columnType: "PgText";
+            data: string;
+            driverParam: string;
+            notNull: true;
+            hasDefault: false;
+            isPrimaryKey: false;
+            isAutoincrement: false;
+            hasRuntimeDefault: false;
+            enumValues: [string, ...string[]];
+            baseColumn: never;
+            identity: undefined;
+            generated: undefined;
+        }, {}, {}>;
+        privateKey: import("drizzle-orm/pg-core").PgColumn<{
+            name: "private_key";
+            tableName: "jwks";
+            dataType: "string";
+            columnType: "PgText";
+            data: string;
+            driverParam: string;
+            notNull: true;
+            hasDefault: false;
+            isPrimaryKey: false;
+            isAutoincrement: false;
+            hasRuntimeDefault: false;
+            enumValues: [string, ...string[]];
+            baseColumn: never;
+            identity: undefined;
+            generated: undefined;
+        }, {}, {}>;
+        createdAt: import("drizzle-orm/pg-core").PgColumn<{
+            name: "created_at";
+            tableName: "jwks";
+            dataType: "date";
+            columnType: "PgTimestamp";
+            data: Date;
+            driverParam: string;
+            notNull: true;
+            hasDefault: false;
+            isPrimaryKey: false;
+            isAutoincrement: false;
+            hasRuntimeDefault: false;
+            enumValues: undefined;
+            baseColumn: never;
+            identity: undefined;
+            generated: undefined;
+        }, {}, {}>;
+        expiresAt: import("drizzle-orm/pg-core").PgColumn<{
+            name: "expires_at";
+            tableName: "jwks";
+            dataType: "date";
+            columnType: "PgTimestamp";
+            data: Date;
+            driverParam: string;
+            notNull: false;
+            hasDefault: false;
+            isPrimaryKey: false;
+            isAutoincrement: false;
+            hasRuntimeDefault: false;
+            enumValues: undefined;
+            baseColumn: never;
+            identity: undefined;
+            generated: undefined;
+        }, {}, {}>;
+    };
+    dialect: "pg";
+}>;
 //# sourceMappingURL=auth-schema.d.ts.map

package/dist/auth/auth-schema.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"auth-schema.d.ts","sourceRoot":"","sources":["../../src/auth/auth-schema.ts"],"names":[],"mappings":"AAQA,eAAO,MAAM,IAAI;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAaf,CAAC;AAEH,eAAO,MAAM,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAclB,CAAC;AAEH,eAAO,MAAM,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAkBlB,CAAC;AAEH,eAAO,MAAM,YAAY;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAUvB,CAAC;AAEH,eAAO,MAAM,YAAY;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAOvB,CAAC;AAEH,eAAO,MAAM,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAUjB,CAAC;AAEH,eAAO,MAAM,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAarB,CAAC;AAEH,eAAO,MAAM,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAuBjB,CAAC"}
1	+ {"version":3,"file":"auth-schema.d.ts","sourceRoot":"","sources":["../../src/auth/auth-schema.ts"],"names":[],"mappings":"AAQA,eAAO,MAAM,IAAI;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAaf,CAAC;AAEH,eAAO,MAAM,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAclB,CAAC;AAEH,eAAO,MAAM,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAkBlB,CAAC;AAEH,eAAO,MAAM,YAAY;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAUvB,CAAC;AAEH,eAAO,MAAM,YAAY;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAOvB,CAAC;AAEH,eAAO,MAAM,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAUjB,CAAC;AAEH,eAAO,MAAM,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAarB,CAAC;AAEH,eAAO,MAAM,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAuBjB,CAAC;AAEH,eAAO,MAAM,IAAI;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAMf,CAAC"}

package/dist/auth/auth-schema.js CHANGED Viewed

@@ -115,3 +115,10 @@ export const apikey = pgTable("apikey", {
     permissions: text("permissions"),
     metadata: text("metadata"),
 });
+export const jwks = pgTable("jwks", {
+    id: text("id").primaryKey(),
+    publicKey: text("public_key").notNull(),
+    privateKey: text("private_key").notNull(),
+    createdAt: timestamp("created_at").notNull(),
+    expiresAt: timestamp("expires_at"),
+});

package/dist/auth/setup.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"setup.d.ts","sourceRoot":"","sources":["../../src/auth/setup.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACzD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAC;AAgCrE,MAAM,WAAW,YAAY;IAC3B,OAAO,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC7C,GAAG,EAAE;QACH,UAAU,CAAC,KAAK,EAAE;YAAE,OAAO,EAAE,OAAO,CAAA;SAAE,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;QAC1D,mBAAmB,CAAC,EAAE,CAAC,KAAK,EAAE;YAAE,OAAO,EAAE,OAAO,CAAA;SAAE,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;QACxE,YAAY,CAAC,EAAE,CAAC,KAAK,EAAE;YACrB,IAAI,EAAE;gBAAE,GAAG,EAAE,MAAM,CAAC;gBAAC,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,CAAA;aAAE,CAAC;SAC/D,KAAK,OAAO,CAAC;YACZ,KAAK,EAAE,OAAO,CAAC;YACf,KAAK,EAAE;gBAAE,OAAO,EAAE,MAAM,CAAC;gBAAC,IAAI,EAAE,MAAM,CAAA;aAAE,GAAG,IAAI,CAAC;YAChD,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;SACrC,CAAC,CAAC;QACH,YAAY,CAAC,EAAE,CAAC,KAAK,EAAE;YACrB,IAAI,EAAE;gBACJ,IAAI,CAAC,EAAE,MAAM,CAAC;gBACd,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;gBACvC,MAAM,CAAC,EAAE,MAAM,CAAC;aACjB,CAAC;YACF,OAAO,CAAC,EAAE,OAAO,CAAC;SACnB,KAAK,OAAO,CAAC;YAAE,GAAG,EAAE,MAAM,CAAC;YAAC,EAAE,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QAC3C,qEAAqE;QACrE,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;KACxB,CAAC;IACF,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAClC,QAAQ,CAAC,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;CAC7B;AAED,wBAAgB,UAAU,CACxB,EAAE,EAAE,eAAe,EACnB,MAAM,EAAE,cAAc,GACrB,YAAY,~~CAgGd~~"}
1	+ {"version":3,"file":"setup.d.ts","sourceRoot":"","sources":["../../src/auth/setup.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACzD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAC;AAgCrE,MAAM,WAAW,YAAY;IAC3B,OAAO,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC7C,GAAG,EAAE;QACH,UAAU,CAAC,KAAK,EAAE;YAAE,OAAO,EAAE,OAAO,CAAA;SAAE,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;QAC1D,mBAAmB,CAAC,EAAE,CAAC,KAAK,EAAE;YAAE,OAAO,EAAE,OAAO,CAAA;SAAE,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;QACxE,YAAY,CAAC,EAAE,CAAC,KAAK,EAAE;YACrB,IAAI,EAAE;gBAAE,GAAG,EAAE,MAAM,CAAC;gBAAC,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,CAAA;aAAE,CAAC;SAC/D,KAAK,OAAO,CAAC;YACZ,KAAK,EAAE,OAAO,CAAC;YACf,KAAK,EAAE;gBAAE,OAAO,EAAE,MAAM,CAAC;gBAAC,IAAI,EAAE,MAAM,CAAA;aAAE,GAAG,IAAI,CAAC;YAChD,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;SACrC,CAAC,CAAC;QACH,YAAY,CAAC,EAAE,CAAC,KAAK,EAAE;YACrB,IAAI,EAAE;gBACJ,IAAI,CAAC,EAAE,MAAM,CAAC;gBACd,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;gBACvC,MAAM,CAAC,EAAE,MAAM,CAAC;aACjB,CAAC;YACF,OAAO,CAAC,EAAE,OAAO,CAAC;SACnB,KAAK,OAAO,CAAC;YAAE,GAAG,EAAE,MAAM,CAAC;YAAC,EAAE,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QAC3C,qEAAqE;QACrE,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;KACxB,CAAC;IACF,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAClC,QAAQ,CAAC,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;CAC7B;AAED,wBAAgB,UAAU,CACxB,EAAE,EAAE,eAAe,EACnB,MAAM,EAAE,cAAc,GACrB,YAAY,CAoGd"}

package/dist/auth/setup.js CHANGED Viewed

@@ -1,7 +1,7 @@
 import { drizzleAdapter } from "@better-auth/drizzle-adapter";
 import { betterAuth } from "better-auth";
 import { apiKey } from "@better-auth/api-key";
-import { organization, twoFactor, phoneNumber } from "better-auth/plugins";
+import { organization, twoFactor, phoneNumber, jwt, bearer } from "better-auth/plugins";
 import * as authSchema from "./auth-schema.js";
 function resolveAuthDbProvider(provider) {
     if (provider === "postgres" ||
@@ -22,6 +22,8 @@ export function createAuth(db, config) {
         organization({
             roles: (config.auth?.roles ?? {}),
         }),
+        bearer(),
+        jwt(),
     ];
     if (config.auth?.twoFactor?.enabled) {
         plugins.push(twoFactor({ issuer: config.storeName ?? "UnifiedCommerce" }));

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@unifiedcommerce/core",
-  "version": "0.0.4",
+  "version": "0.1.1",
   "type": "module",
   "exports": {
     ".": {
@@ -65,7 +65,6 @@
   },
   "files": [
     "dist",
-    "src",
     "README.md"
   ]
 }

package/src/adapters/console-email.ts DELETED Viewed

@@ -1,43 +0,0 @@
-/**
- * Development email adapter that logs emails to the console.
- *
- * Zero dependencies. Use this during local development to see email
- * content in the terminal without configuring Resend or an SMTP server.
- *
- * @example
- * ```typescript
- * import { consoleEmailAdapter } from "@unifiedcommerce/core";
- *
- * export default defineConfig({
- *   email: consoleEmailAdapter(),
- * });
- * ```
- */
-export function consoleEmailAdapter(): {
-  send(input: { template: string; to: string; data?: Record<string, unknown> }): Promise<void>;
-} {
-  return {
-    async send(input) {
-      const divider = "=".repeat(60);
-      const lines = [
-        "",
-        divider,
-        `  EMAIL: ${input.template}`,
-        divider,
-        `  To:       ${input.to}`,
-        `  Template: ${input.template}`,
-      ];
-      if (input.data && Object.keys(input.data).length > 0) {
-        lines.push(`  Data:`);
-        for (const [key, value] of Object.entries(input.data)) {
-          lines.push(`    ${key}: ${JSON.stringify(value)}`);
-        }
-      }
-      lines.push(divider, "");
-      console.log(lines.join("\n"));
-    },
-  };
-}

package/src/auth/access.ts DELETED Viewed

@@ -1,187 +0,0 @@
-import type { Actor } from "./types.js";
-/**
- * A WhereClause is a plain object representing database filter conditions.
- * The shape mirrors what services and repositories can accept to narrow queries.
- *
- * Example: { customerId: "abc-123" } narrows results to that customer's records.
- * Composite: { or: [{ customerId: "x" }, { organizationId: "y" }] }
- */
-export type WhereClause = Record<string, unknown>;
-/**
- * AccessResult: the return value of an access function.
- *
- * - `true`: full access, no filter needed
- * - `false`: no access at all
- * - `WhereClause`: partial access — the caller should apply this as a query filter
- */
-export type AccessResult = boolean | WhereClause;
-/**
- * AccessContext carries everything an access function needs to make a decision.
- *
- * - `actor`: the authenticated user/api-key/null (anonymous)
- * - `data`: the document being accessed (for document-level checks)
- * - `id`: the document ID (when data isn't loaded yet)
- */
-export interface AccessContext<TData = unknown> {
-  actor: Actor | null;
-  data?: TData;
-  id?: string;
-  req?: Request;
-}
-/**
- * An AccessFn evaluates access for a given context.
- * Returns boolean (full/no access) or WhereClause (filtered access).
- */
-export type AccessFn<TData = unknown> = (
-  ctx: AccessContext<TData>,
-) => AccessResult | Promise<AccessResult>;
-/**
- * Combines multiple WhereClause objects with a logical operator.
- * If there's only one clause, returns it directly (no unnecessary nesting).
- */
-function combineWhere(
-  queries: WhereClause[],
-  operator: "and" | "or",
-): WhereClause {
-  if (queries.length === 1) return queries[0]!;
-  return { [operator]: queries };
-}
-/**
- * Composes access functions with OR semantics.
- *
- * - If ANY function returns `true`, grants full access immediately (short-circuit).
- * - If one or more return WhereClause, combines them with OR.
- * - If ALL return `false`, denies access.
- *
- * Example:
- * ```typescript
- * const orderReadAccess = accessOR(isAdmin, isDocumentOwner("customerId"))
- * // Admins see all orders; customers see only their own
- * ```
- */
-export const accessOR = <TData = unknown>(
-  ...fns: Array<AccessFn<TData>>
-): AccessFn<TData> => {
-  return async (ctx) => {
-    const queries: WhereClause[] = [];
-    for (const fn of fns) {
-      const result = await fn(ctx);
-      if (result === true) return true;
-      if (result && typeof result === "object") queries.push(result);
-    }
-    if (queries.length > 0) return combineWhere(queries, "or");
-    return false;
-  };
-};
-/**
- * Composes access functions with AND semantics.
- *
- * - If ANY function returns `false`, denies access immediately (short-circuit).
- * - If one or more return WhereClause, combines them with AND.
- * - If ALL return `true`, grants full access.
- *
- * Example:
- * ```typescript
- * const restrictedAccess = accessAND(isAuthenticated, isDocumentOwner("customerId"))
- * // Must be logged in AND own the document
- * ```
- */
-export const accessAND = <TData = unknown>(
-  ...fns: Array<AccessFn<TData>>
-): AccessFn<TData> => {
-  return async (ctx) => {
-    const queries: WhereClause[] = [];
-    for (const fn of fns) {
-      const result = await fn(ctx);
-      if (result === false) return false;
-      if (result !== true && result && typeof result === "object") {
-        queries.push(result);
-      }
-    }
-    if (queries.length > 0) return combineWhere(queries, "and");
-    return true;
-  };
-};
-/**
- * Switches between two access functions based on a condition.
- *
- * Example:
- * ```typescript
- * const accessByRole = conditional(
- *   ({ actor }) => actor?.role === "vendor",
- *   isDocumentOwner("vendorId"),
- *   isAdmin,
- * )
- * ```
- */
-export const conditional = <TData = unknown>(
-  condition: ((ctx: AccessContext<TData>) => boolean) | boolean,
-  accessFn: AccessFn<TData>,
-  fallback: AccessFn<TData> = () => false,
-): AccessFn<TData> => {
-  return async (ctx) => {
-    const applies =
-      typeof condition === "function" ? condition(ctx) : condition;
-    return applies ? accessFn(ctx) : fallback(ctx);
-  };
-};
-// ─────────────────────────────────────────────────────────────────────────────
-// Built-in access functions
-// ─────────────────────────────────────────────────────────────────────────────
-/**
- * Grants access if the actor has admin or owner role (wildcard permissions).
- */
-export const isAdmin: AccessFn = ({ actor }) => {
-  if (!actor) return false;
-  return actor.permissions.includes("*:*");
-};
-/**
- * Grants access if the actor is authenticated (any role).
- */
-export const isAuthenticated: AccessFn = ({ actor }) => {
-  return actor != null;
-};
-/**
- * Returns a WhereClause that filters to documents owned by the actor.
- * The ownerField is the column name that holds the owner's user ID.
- *
- * For document-level checks (when data is provided), returns true/false.
- * For list-level checks (when data is not provided), returns a WhereClause.
- */
-export const isDocumentOwner = (
-  ownerField = "customerId",
-): AccessFn => {
-  return ({ actor, data }) => {
-    if (!actor) return false;
-    // Document-level check: compare directly
-    if (data) {
-      return (data as Record<string, unknown>)[ownerField] === actor.userId;
-    }
-    // List-level check: return a filter clause
-    return { [ownerField]: actor.userId };
-  };
-};
-/**
- * Grants access to everyone, including anonymous users.
- */
-export const publicAccess: AccessFn = () => true;
-/**
- * Denies access to everyone.
- */
-export const denyAll: AccessFn = () => false;

package/src/auth/auth-schema.ts DELETED Viewed

@@ -1,131 +0,0 @@
-import {
-  pgTable,
-  text,
-  timestamp,
-  boolean,
-  integer,
-} from "drizzle-orm/pg-core";
-export const user = pgTable("user", {
-  id: text("id").primaryKey(),
-  name: text("name").notNull(),
-  email: text("email").notNull().unique(),
-  emailVerified: boolean("email_verified").default(false).notNull(),
-  image: text("image"),
-  createdAt: timestamp("created_at").defaultNow().notNull(),
-  updatedAt: timestamp("updated_at")
-    .defaultNow()
-    .$onUpdate(() => /* @__PURE__ */ new Date())
-    .notNull(),
-  vendorId: text("vendor_id"),
-  posOperatorPin: text("pos_operator_pin"),
-});
-export const session = pgTable("session", {
-  id: text("id").primaryKey(),
-  expiresAt: timestamp("expires_at").notNull(),
-  token: text("token").notNull().unique(),
-  createdAt: timestamp("created_at").defaultNow().notNull(),
-  updatedAt: timestamp("updated_at")
-    .$onUpdate(() => /* @__PURE__ */ new Date())
-    .notNull(),
-  ipAddress: text("ip_address"),
-  userAgent: text("user_agent"),
-  userId: text("user_id")
-    .notNull()
-    .references(() => user.id, { onDelete: "cascade" }),
-  activeOrganizationId: text("active_organization_id"),
-});
-export const account = pgTable("account", {
-  id: text("id").primaryKey(),
-  accountId: text("account_id").notNull(),
-  providerId: text("provider_id").notNull(),
-  userId: text("user_id")
-    .notNull()
-    .references(() => user.id, { onDelete: "cascade" }),
-  accessToken: text("access_token"),
-  refreshToken: text("refresh_token"),
-  idToken: text("id_token"),
-  accessTokenExpiresAt: timestamp("access_token_expires_at"),
-  refreshTokenExpiresAt: timestamp("refresh_token_expires_at"),
-  scope: text("scope"),
-  password: text("password"),
-  createdAt: timestamp("created_at").defaultNow().notNull(),
-  updatedAt: timestamp("updated_at")
-    .$onUpdate(() => /* @__PURE__ */ new Date())
-    .notNull(),
-});
-export const verification = pgTable("verification", {
-  id: text("id").primaryKey(),
-  identifier: text("identifier").notNull(),
-  value: text("value").notNull(),
-  expiresAt: timestamp("expires_at").notNull(),
-  createdAt: timestamp("created_at").defaultNow().notNull(),
-  updatedAt: timestamp("updated_at")
-    .defaultNow()
-    .$onUpdate(() => /* @__PURE__ */ new Date())
-    .notNull(),
-});
-export const organization = pgTable("organization", {
-  id: text("id").primaryKey(),
-  name: text("name").notNull(),
-  slug: text("slug").notNull().unique(),
-  logo: text("logo"),
-  createdAt: timestamp("created_at").notNull(),
-  metadata: text("metadata"),
-});
-export const member = pgTable("member", {
-  id: text("id").primaryKey(),
-  organizationId: text("organization_id")
-    .notNull()
-    .references(() => organization.id, { onDelete: "cascade" }),
-  userId: text("user_id")
-    .notNull()
-    .references(() => user.id, { onDelete: "cascade" }),
-  role: text("role").default("member").notNull(),
-  createdAt: timestamp("created_at").notNull(),
-});
-export const invitation = pgTable("invitation", {
-  id: text("id").primaryKey(),
-  organizationId: text("organization_id")
-    .notNull()
-    .references(() => organization.id, { onDelete: "cascade" }),
-  email: text("email").notNull(),
-  role: text("role"),
-  status: text("status").default("pending").notNull(),
-  expiresAt: timestamp("expires_at").notNull(),
-  createdAt: timestamp("created_at").defaultNow().notNull(),
-  inviterId: text("inviter_id")
-    .notNull()
-    .references(() => user.id, { onDelete: "cascade" }),
-});
-export const apikey = pgTable("apikey", {
-  id: text("id").primaryKey(),
-  configId: text("config_id").default("default").notNull(),
-  name: text("name"),
-  start: text("start"),
-  referenceId: text("reference_id").notNull(),
-  prefix: text("prefix"),
-  key: text("key").notNull(),
-  refillInterval: integer("refill_interval"),
-  refillAmount: integer("refill_amount"),
-  lastRefillAt: timestamp("last_refill_at"),
-  enabled: boolean("enabled").default(true),
-  rateLimitEnabled: boolean("rate_limit_enabled").default(false),
-  rateLimitTimeWindow: integer("rate_limit_time_window").default(3600000),
-  rateLimitMax: integer("rate_limit_max").default(10000),
-  requestCount: integer("request_count").default(0),
-  remaining: integer("remaining"),
-  lastRequest: timestamp("last_request"),
-  expiresAt: timestamp("expires_at"),
-  createdAt: timestamp("created_at").notNull(),
-  updatedAt: timestamp("updated_at").notNull(),
-  permissions: text("permissions"),
-  metadata: text("metadata"),
-});

package/src/auth/middleware.ts DELETED Viewed

@@ -1,161 +0,0 @@
-import { timingSafeEqual } from "node:crypto";
-import type { MiddlewareHandler } from "hono";
-import type { AuthSessionLike, CommerceConfig } from "../config/types.js";
-import type { Actor } from "./types.js";
-import type { AuthInstance } from "./setup.js";
-import { DEFAULT_ORG_ID } from "./org.js";
-function resolvePermissions(
-  session: AuthSessionLike,
-  config: CommerceConfig,
-): string[] {
-  const role = session.session.activeOrganizationRole;
-  if (!role) {
-    return (
-      config.auth?.customerPermissions ?? [
-        "catalog:read",
-        "cart:create",
-        "cart:read",
-        "cart:update",
-        "orders:create",
-        "orders:read:own",
-        "customers:read:self",
-        "customers:update:self",
-      ]
-    );
-  }
-  const roleConfig = config.auth?.roles?.[role];
-  return roleConfig ? roleConfig.permissions : [];
-}
-export function authMiddleware(
-  auth: AuthInstance,
-  config: CommerceConfig,
-): MiddlewareHandler {
-  return async (c, next) => {
-    const session = (await auth.api.getSession({
-      headers: c.req.raw.headers,
-    })) as AuthSessionLike | null;
-    if (session) {
-      // Better Auth's session only stores activeOrganizationId, not the role.
-      // Resolve role via the organization plugin's server-side API when needed.
-      let role = session.session.activeOrganizationRole as string | undefined;
-      if (!role && session.session.activeOrganizationId && auth.api.getActiveMemberRole) {
-        try {
-          const roleResult = await auth.api.getActiveMemberRole({
-            headers: c.req.raw.headers,
-          });
-          role = (roleResult as Record<string, unknown>)?.role as string | undefined;
-        } catch {
-          // fall through — treat as customer
-        }
-      }
-      const enrichedSession = {
-        ...session,
-        session: { ...session.session, activeOrganizationRole: role ?? null },
-      };
-      c.set("actor", {
-        type: "user",
-        userId: session.user.id,
-        email: session.user.email ?? null,
-        name: session.user.name ?? "User",
-        vendorId: session.user.vendorId ?? null,
-        organizationId: session.session.activeOrganizationId ?? null,
-        role: role ?? "customer",
-        permissions: resolvePermissions(enrichedSession, config),
-      } satisfies Actor);
-      await next();
-      return;
-    }
-    // Extract API key from headers
-    const apiKeyHeader =
-      c.req.header("x-api-key") ??
-      c.req.header("authorization")?.replace("Bearer ", "");
-    if (
-      apiKeyHeader &&
-      config.auth?.apiKeys?.enabled &&
-      auth.api.verifyApiKey
-    ) {
-      try {
-        // Better Auth server-side calls require { body: { ... } } wrapper.
-        // Returns { valid, error, key: Omit<ApiKey,"key"> | null }.
-        // See: https://better-auth.com/docs/plugins/api-key/reference
-        const result = await auth.api.verifyApiKey({
-          body: { key: apiKeyHeader },
-        });
-        if (result?.valid && result.key) {
-          const apiKey = result.key as Record<string, unknown>;
-          // v1.5+ renamed userId → referenceId on the apikey table.
-          const userId = (apiKey.referenceId ?? "") as string;
-          const name = (apiKey.name ?? "API Key") as string;
-          const orgId = (apiKey.organizationId ?? DEFAULT_ORG_ID) as string;
-          // Better Auth stores permissions as Record<string, string[]>
-          // (e.g. {"catalog":["read","create"]}).  Flatten to the
-          // "resource:action" string[] format the engine expects.
-          let permissions: string[];
-          const rawPerms = apiKey.permissions;
-          if (Array.isArray(rawPerms)) {
-            permissions = rawPerms;
-          } else if (rawPerms && typeof rawPerms === "object") {
-            permissions = [];
-            for (const [resource, actions] of Object.entries(
-              rawPerms as Record<string, string[]>,
-            )) {
-              for (const action of actions) {
-                permissions.push(`${resource}:${action}`);
-              }
-            }
-          } else {
-            permissions = config.auth?.apiKeys?.defaultPermissions ?? [];
-          }
-          c.set("actor", {
-            type: "api_key",
-            userId,
-            email: null,
-            name,
-            vendorId: null,
-            organizationId: orgId,
-            role: "api_key",
-            permissions,
-          } satisfies Actor);
-          await next();
-          return;
-        }
-      } catch {
-        // invalid, expired, or rate-limited key — fall through
-      }
-    }
-    // Config-driven dev key (OFF by default, must be explicitly enabled)
-    if (
-      !c.get("actor") &&
-      apiKeyHeader &&
-      config.auth?.enableDevKey &&
-      config.auth.devKey &&
-      apiKeyHeader.length === config.auth.devKey.length &&
-      timingSafeEqual(Buffer.from(apiKeyHeader), Buffer.from(config.auth.devKey))
-    ) {
-      c.set("actor", {
-        type: "api_key",
-        userId: "dev-staff",
-        email: "dev@local",
-        name: "Dev Admin (dev key)",
-        vendorId: null,
-        organizationId: DEFAULT_ORG_ID,
-        role: "owner",
-        permissions: ["*:*"],
-      } satisfies Actor);
-    }
-    if (!c.get("actor")) {
-      c.set("actor", null);
-    }
-    await next();
-  };
-}