npm - @unifiedcommerce/core - Versions diffs - 0.4.4 → 0.4.5 - Mend

@unifiedcommerce/core 0.4.4 → 0.4.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (556) hide show

package/dist/adapters/console-email.d.ts +23 -0
package/dist/adapters/console-email.d.ts.map +1 -0
package/dist/adapters/console-email.js +38 -0
package/dist/auth/access.d.ts +101 -0
package/dist/auth/access.d.ts.map +1 -0
package/dist/auth/access.js +128 -0
package/dist/auth/auth-schema.d.ts +1475 -0
package/dist/auth/auth-schema.d.ts.map +1 -0
package/dist/auth/auth-schema.js +124 -0
package/dist/auth/middleware.d.ts +5 -0
package/dist/auth/middleware.d.ts.map +1 -0
package/dist/auth/middleware.js +141 -0
package/dist/auth/org.d.ts +22 -0
package/dist/auth/org.d.ts.map +1 -0
package/dist/auth/org.js +36 -0
package/dist/auth/permissions.d.ts +4 -0
package/dist/auth/permissions.d.ts.map +1 -0
package/dist/auth/permissions.js +24 -0
package/dist/auth/setup.d.ts +29 -0
package/dist/auth/setup.d.ts.map +1 -0
package/dist/auth/setup.js +117 -0
package/dist/auth/system-actor.d.ts +7 -0
package/dist/auth/system-actor.d.ts.map +1 -0
package/dist/auth/system-actor.js +17 -0
package/dist/auth/types.d.ts +11 -0
package/dist/auth/types.d.ts.map +1 -0
package/dist/auth/types.js +1 -0
package/dist/config/defaults.d.ts +3 -0
package/dist/config/defaults.d.ts.map +1 -0
package/dist/config/defaults.js +80 -0
package/dist/config/define-config.d.ts +9 -0
package/dist/config/define-config.d.ts.map +1 -0
package/dist/config/define-config.js +44 -0
package/dist/config/types.d.ts +327 -0
package/dist/config/types.d.ts.map +1 -0
package/dist/config/types.js +1 -0
package/dist/generated/plugin-manifest.d.ts +48 -0
package/dist/generated/plugin-manifest.d.ts.map +1 -0
package/dist/generated/plugin-manifest.js +20 -0
package/dist/hooks/checkout-completion.d.ts +58 -0
package/dist/hooks/checkout-completion.d.ts.map +1 -0
package/dist/hooks/checkout-completion.js +137 -0
package/dist/hooks/checkout.d.ts +99 -0
package/dist/hooks/checkout.d.ts.map +1 -0
package/dist/hooks/checkout.js +317 -0
package/dist/hooks/order-emails.d.ts +16 -0
package/dist/hooks/order-emails.d.ts.map +1 -0
package/dist/hooks/order-emails.js +44 -0
package/dist/index.d.ts +77 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +45 -0
package/dist/interfaces/mcp/agent-prompt.d.ts +16 -0
package/dist/interfaces/mcp/agent-prompt.d.ts.map +1 -0
package/dist/interfaces/mcp/agent-prompt.js +172 -0
package/dist/interfaces/mcp/context-enrichment.d.ts +39 -0
package/dist/interfaces/mcp/context-enrichment.d.ts.map +1 -0
package/dist/interfaces/mcp/context-enrichment.js +119 -0
package/dist/interfaces/mcp/server.d.ts +5 -0
package/dist/interfaces/mcp/server.d.ts.map +1 -0
package/dist/interfaces/mcp/server.js +30 -0
package/dist/interfaces/mcp/tool-builder.d.ts +120 -0
package/dist/interfaces/mcp/tool-builder.d.ts.map +1 -0
package/dist/interfaces/mcp/tool-builder.js +224 -0
package/dist/interfaces/mcp/tools/analytics.d.ts +42 -0
package/dist/interfaces/mcp/tools/analytics.d.ts.map +1 -0
package/dist/interfaces/mcp/tools/analytics.js +70 -0
package/dist/interfaces/mcp/tools/cart.d.ts +14 -0
package/dist/interfaces/mcp/tools/cart.d.ts.map +1 -0
package/dist/interfaces/mcp/tools/cart.js +47 -0
package/dist/interfaces/mcp/tools/catalog.d.ts +53 -0
package/dist/interfaces/mcp/tools/catalog.d.ts.map +1 -0
package/dist/interfaces/mcp/tools/catalog.js +284 -0
package/dist/interfaces/mcp/tools/index.d.ts +3 -0
package/dist/interfaces/mcp/tools/index.d.ts.map +1 -0
package/dist/interfaces/mcp/tools/index.js +20 -0
package/dist/interfaces/mcp/tools/inventory.d.ts +27 -0
package/dist/interfaces/mcp/tools/inventory.d.ts.map +1 -0
package/dist/interfaces/mcp/tools/inventory.js +143 -0
package/dist/interfaces/mcp/tools/orders.d.ts +18 -0
package/dist/interfaces/mcp/tools/orders.d.ts.map +1 -0
package/dist/interfaces/mcp/tools/orders.js +82 -0
package/dist/interfaces/mcp/tools/pricing.d.ts +29 -0
package/dist/interfaces/mcp/tools/pricing.d.ts.map +1 -0
package/dist/interfaces/mcp/tools/pricing.js +90 -0
package/dist/interfaces/mcp/tools/promotions.d.ts +44 -0
package/dist/interfaces/mcp/tools/promotions.d.ts.map +1 -0
package/dist/interfaces/mcp/tools/promotions.js +109 -0
package/dist/interfaces/mcp/tools/registry.d.ts +32 -0
package/dist/interfaces/mcp/tools/registry.d.ts.map +1 -0
package/dist/interfaces/mcp/tools/registry.js +55 -0
package/dist/interfaces/mcp/tools/search.d.ts +14 -0
package/dist/interfaces/mcp/tools/search.d.ts.map +1 -0
package/dist/interfaces/mcp/tools/search.js +39 -0
package/dist/interfaces/mcp/tools/webhooks.d.ts +15 -0
package/dist/interfaces/mcp/tools/webhooks.d.ts.map +1 -0
package/dist/interfaces/mcp/tools/webhooks.js +48 -0
package/dist/interfaces/mcp/transport.d.ts +20 -0
package/dist/interfaces/mcp/transport.d.ts.map +1 -0
package/dist/interfaces/mcp/transport.js +99 -0
package/dist/interfaces/rest/customer-portal.d.ts +5 -0
package/dist/interfaces/rest/customer-portal.d.ts.map +1 -0
package/dist/interfaces/rest/customer-portal.js +206 -0
package/dist/interfaces/rest/router.d.ts +164 -0
package/dist/interfaces/rest/router.d.ts.map +1 -0
package/dist/interfaces/rest/router.js +259 -0
package/dist/interfaces/rest/routes/admin-jobs.d.ts +5 -0
package/dist/interfaces/rest/routes/admin-jobs.d.ts.map +1 -0
package/dist/interfaces/rest/routes/admin-jobs.js +48 -0
package/dist/interfaces/rest/routes/audit.d.ts +5 -0
package/dist/interfaces/rest/routes/audit.d.ts.map +1 -0
package/dist/interfaces/rest/routes/audit.js +43 -0
package/dist/interfaces/rest/routes/carts.d.ts +5 -0
package/dist/interfaces/rest/routes/carts.d.ts.map +1 -0
package/dist/interfaces/rest/routes/carts.js +55 -0
package/dist/interfaces/rest/routes/catalog.d.ts +5 -0
package/dist/interfaces/rest/routes/catalog.d.ts.map +1 -0
package/dist/interfaces/rest/routes/catalog.js +256 -0
package/dist/interfaces/rest/routes/checkout.d.ts +5 -0
package/dist/interfaces/rest/routes/checkout.d.ts.map +1 -0
package/dist/interfaces/rest/routes/checkout.js +216 -0
package/dist/interfaces/rest/routes/customers.d.ts +5 -0
package/dist/interfaces/rest/routes/customers.d.ts.map +1 -0
package/dist/interfaces/rest/routes/customers.js +74 -0
package/dist/interfaces/rest/routes/entity-aliases.d.ts +18 -0
package/dist/interfaces/rest/routes/entity-aliases.d.ts.map +1 -0
package/dist/interfaces/rest/routes/entity-aliases.js +39 -0
package/dist/interfaces/rest/routes/inventory.d.ts +5 -0
package/dist/interfaces/rest/routes/inventory.d.ts.map +1 -0
package/dist/interfaces/rest/routes/inventory.js +72 -0
package/dist/interfaces/rest/routes/media.d.ts +5 -0
package/dist/interfaces/rest/routes/media.d.ts.map +1 -0
package/dist/interfaces/rest/routes/media.js +65 -0
package/dist/interfaces/rest/routes/orders.d.ts +5 -0
package/dist/interfaces/rest/routes/orders.d.ts.map +1 -0
package/dist/interfaces/rest/routes/orders.js +64 -0
package/dist/interfaces/rest/routes/payments.d.ts +5 -0
package/dist/interfaces/rest/routes/payments.d.ts.map +1 -0
package/dist/interfaces/rest/routes/payments.js +45 -0
package/dist/interfaces/rest/routes/pricing.d.ts +5 -0
package/dist/interfaces/rest/routes/pricing.d.ts.map +1 -0
package/dist/interfaces/rest/routes/pricing.js +48 -0
package/dist/interfaces/rest/routes/promotions.d.ts +5 -0
package/dist/interfaces/rest/routes/promotions.d.ts.map +1 -0
package/dist/interfaces/rest/routes/promotions.js +76 -0
package/dist/interfaces/rest/routes/search.d.ts +5 -0
package/dist/interfaces/rest/routes/search.d.ts.map +1 -0
package/dist/interfaces/rest/routes/search.js +60 -0
package/dist/interfaces/rest/routes/webhooks.d.ts +5 -0
package/dist/interfaces/rest/routes/webhooks.d.ts.map +1 -0
package/dist/interfaces/rest/routes/webhooks.js +39 -0
package/dist/interfaces/rest/schemas/admin-jobs.d.ts +327 -0
package/dist/interfaces/rest/schemas/admin-jobs.d.ts.map +1 -0
package/dist/interfaces/rest/schemas/admin-jobs.js +37 -0
package/dist/interfaces/rest/schemas/audit.d.ts +59 -0
package/dist/interfaces/rest/schemas/audit.d.ts.map +1 -0
package/dist/interfaces/rest/schemas/audit.js +43 -0
package/dist/interfaces/rest/schemas/carts.d.ts +1456 -0
package/dist/interfaces/rest/schemas/carts.d.ts.map +1 -0
package/dist/interfaces/rest/schemas/carts.js +109 -0
package/dist/interfaces/rest/schemas/catalog.d.ts +5452 -0
package/dist/interfaces/rest/schemas/catalog.d.ts.map +1 -0
package/dist/interfaces/rest/schemas/catalog.js +397 -0
package/dist/interfaces/rest/schemas/checkout.d.ts +160 -0
package/dist/interfaces/rest/schemas/checkout.d.ts.map +1 -0
package/dist/interfaces/rest/schemas/checkout.js +60 -0
package/dist/interfaces/rest/schemas/customer-portal.d.ts +2203 -0
package/dist/interfaces/rest/schemas/customer-portal.d.ts.map +1 -0
package/dist/interfaces/rest/schemas/customer-portal.js +177 -0
package/dist/interfaces/rest/schemas/customers.d.ts +422 -0
package/dist/interfaces/rest/schemas/customers.d.ts.map +1 -0
package/dist/interfaces/rest/schemas/customers.js +150 -0
package/dist/interfaces/rest/schemas/inventory.d.ts +561 -0
package/dist/interfaces/rest/schemas/inventory.d.ts.map +1 -0
package/dist/interfaces/rest/schemas/inventory.js +148 -0
package/dist/interfaces/rest/schemas/media.d.ts +303 -0
package/dist/interfaces/rest/schemas/media.d.ts.map +1 -0
package/dist/interfaces/rest/schemas/media.js +69 -0
package/dist/interfaces/rest/schemas/orders.d.ts +1792 -0
package/dist/interfaces/rest/schemas/orders.d.ts.map +1 -0
package/dist/interfaces/rest/schemas/orders.js +93 -0
package/dist/interfaces/rest/schemas/pricing.d.ts +256 -0
package/dist/interfaces/rest/schemas/pricing.d.ts.map +1 -0
package/dist/interfaces/rest/schemas/pricing.js +72 -0
package/dist/interfaces/rest/schemas/promotions.d.ts +363 -0
package/dist/interfaces/rest/schemas/promotions.d.ts.map +1 -0
package/dist/interfaces/rest/schemas/promotions.js +98 -0
package/dist/interfaces/rest/schemas/responses.d.ts +4086 -0
package/dist/interfaces/rest/schemas/responses.d.ts.map +1 -0
package/dist/interfaces/rest/schemas/responses.js +74 -0
package/dist/interfaces/rest/schemas/search.d.ts +247 -0
package/dist/interfaces/rest/schemas/search.d.ts.map +1 -0
package/dist/interfaces/rest/schemas/search.js +55 -0
package/dist/interfaces/rest/schemas/shared.d.ts +95 -0
package/dist/interfaces/rest/schemas/shared.d.ts.map +1 -0
package/dist/interfaces/rest/schemas/shared.js +51 -0
package/dist/interfaces/rest/schemas/webhooks.d.ts +221 -0
package/dist/interfaces/rest/schemas/webhooks.d.ts.map +1 -0
package/dist/interfaces/rest/schemas/webhooks.js +62 -0
package/dist/interfaces/rest/utils.d.ts +45 -0
package/dist/interfaces/rest/utils.d.ts.map +1 -0
package/dist/interfaces/rest/utils.js +71 -0
package/dist/interfaces/rest/webhook-router.d.ts +41 -0
package/dist/interfaces/rest/webhook-router.d.ts.map +1 -0
package/dist/interfaces/rest/webhook-router.js +36 -0
package/dist/kernel/compensation/executor.d.ts +21 -0
package/dist/kernel/compensation/executor.d.ts.map +1 -0
package/dist/kernel/compensation/executor.js +36 -0
package/dist/kernel/compensation/types.d.ts +25 -0
package/dist/kernel/compensation/types.d.ts.map +1 -0
package/dist/kernel/compensation/types.js +1 -0
package/dist/kernel/database/adapter.d.ts +18 -0
package/dist/kernel/database/adapter.d.ts.map +1 -0
package/dist/kernel/database/adapter.js +3 -0
package/dist/kernel/database/drizzle-db.d.ts +49 -0
package/dist/kernel/database/drizzle-db.d.ts.map +1 -0
package/dist/kernel/database/drizzle-db.js +20 -0
package/dist/kernel/database/migrate.d.ts +38 -0
package/dist/kernel/database/migrate.d.ts.map +1 -0
package/dist/kernel/database/migrate.js +61 -0
package/dist/kernel/database/plugin-types.d.ts +32 -0
package/dist/kernel/database/plugin-types.d.ts.map +1 -0
package/dist/kernel/database/plugin-types.js +10 -0
package/dist/kernel/database/schema.d.ts +24 -0
package/dist/kernel/database/schema.d.ts.map +1 -0
package/dist/kernel/database/schema.js +36 -0
package/dist/kernel/database/scoped-db.d.ts +20 -0
package/dist/kernel/database/scoped-db.d.ts.map +1 -0
package/dist/kernel/database/scoped-db.js +62 -0
package/dist/kernel/database/tx-context.d.ts +15 -0
package/dist/kernel/database/tx-context.d.ts.map +1 -0
package/dist/kernel/database/tx-context.js +19 -0
package/dist/kernel/error-mapper.d.ts +3 -0
package/dist/kernel/error-mapper.d.ts.map +1 -0
package/dist/kernel/error-mapper.js +12 -0
package/dist/kernel/errors.d.ts +38 -0
package/dist/kernel/errors.d.ts.map +1 -0
package/dist/kernel/errors.js +69 -0
package/dist/kernel/factory/repository-factory.d.ts +71 -0
package/dist/kernel/factory/repository-factory.d.ts.map +1 -0
package/dist/kernel/factory/repository-factory.js +138 -0
package/dist/kernel/hooks/create-context.d.ts +25 -0
package/dist/kernel/hooks/create-context.d.ts.map +1 -0
package/dist/kernel/hooks/create-context.js +22 -0
package/dist/kernel/hooks/executor.d.ts +12 -0
package/dist/kernel/hooks/executor.d.ts.map +1 -0
package/dist/kernel/hooks/executor.js +50 -0
package/dist/kernel/hooks/registry.d.ts +28 -0
package/dist/kernel/hooks/registry.d.ts.map +1 -0
package/dist/kernel/hooks/registry.js +58 -0
package/dist/kernel/hooks/types.d.ts +37 -0
package/dist/kernel/hooks/types.d.ts.map +1 -0
package/dist/kernel/hooks/types.js +1 -0
package/dist/kernel/http-error.d.ts +30 -0
package/dist/kernel/http-error.d.ts.map +1 -0
package/dist/kernel/http-error.js +35 -0
package/dist/kernel/jobs/adapter.d.ts +25 -0
package/dist/kernel/jobs/adapter.d.ts.map +1 -0
package/dist/kernel/jobs/adapter.js +9 -0
package/dist/kernel/jobs/drizzle-adapter.d.ts +15 -0
package/dist/kernel/jobs/drizzle-adapter.d.ts.map +1 -0
package/dist/kernel/jobs/drizzle-adapter.js +42 -0
package/dist/kernel/jobs/runner.d.ts +24 -0
package/dist/kernel/jobs/runner.d.ts.map +1 -0
package/dist/kernel/jobs/runner.js +114 -0
package/dist/kernel/jobs/schema.d.ts +280 -0
package/dist/kernel/jobs/schema.d.ts.map +1 -0
package/dist/kernel/jobs/schema.js +37 -0
package/dist/kernel/jobs/types.d.ts +30 -0
package/dist/kernel/jobs/types.d.ts.map +1 -0
package/dist/kernel/jobs/types.js +1 -0
package/dist/kernel/local-api.d.ts +103 -0
package/dist/kernel/local-api.d.ts.map +1 -0
package/dist/kernel/local-api.js +89 -0
package/dist/kernel/plugin/manifest.d.ts +90 -0
package/dist/kernel/plugin/manifest.d.ts.map +1 -0
package/dist/kernel/plugin/manifest.js +169 -0
package/dist/kernel/query/executor.d.ts +21 -0
package/dist/kernel/query/executor.d.ts.map +1 -0
package/dist/kernel/query/executor.js +128 -0
package/dist/kernel/query/registry.d.ts +33 -0
package/dist/kernel/query/registry.d.ts.map +1 -0
package/dist/kernel/query/registry.js +20 -0
package/dist/kernel/result.d.ts +36 -0
package/dist/kernel/result.d.ts.map +1 -0
package/dist/kernel/result.js +16 -0
package/dist/kernel/schema/extra-columns.d.ts +23 -0
package/dist/kernel/schema/extra-columns.d.ts.map +1 -0
package/dist/kernel/schema/extra-columns.js +10 -0
package/dist/kernel/service-registry.d.ts +109 -0
package/dist/kernel/service-registry.d.ts.map +1 -0
package/dist/kernel/service-registry.js +26 -0
package/dist/kernel/service-timing.d.ts +25 -0
package/dist/kernel/service-timing.d.ts.map +1 -0
package/dist/kernel/service-timing.js +62 -0
package/dist/kernel/state-machine/machine.d.ts +24 -0
package/dist/kernel/state-machine/machine.d.ts.map +1 -0
package/dist/kernel/state-machine/machine.js +70 -0
package/dist/modules/analytics/drizzle-adapter.d.ts +13 -0
package/dist/modules/analytics/drizzle-adapter.d.ts.map +1 -0
package/dist/modules/analytics/drizzle-adapter.js +358 -0
package/dist/modules/analytics/hooks.d.ts +13 -0
package/dist/modules/analytics/hooks.d.ts.map +1 -0
package/dist/modules/analytics/hooks.js +12 -0
package/dist/modules/analytics/models.d.ts +14 -0
package/dist/modules/analytics/models.d.ts.map +1 -0
package/dist/modules/analytics/models.js +118 -0
package/dist/modules/analytics/repository/index.d.ts +5 -0
package/dist/modules/analytics/repository/index.d.ts.map +1 -0
package/dist/modules/analytics/repository/index.js +1 -0
package/dist/modules/analytics/service.d.ts +45 -0
package/dist/modules/analytics/service.d.ts.map +1 -0
package/dist/modules/analytics/service.js +196 -0
package/dist/modules/analytics/types.d.ts +119 -0
package/dist/modules/analytics/types.d.ts.map +1 -0
package/dist/modules/analytics/types.js +25 -0
package/dist/modules/audit/hooks.d.ts +7 -0
package/dist/modules/audit/hooks.d.ts.map +1 -0
package/dist/modules/audit/hooks.js +67 -0
package/dist/modules/audit/schema.d.ts +178 -0
package/dist/modules/audit/schema.d.ts.map +1 -0
package/dist/modules/audit/schema.js +21 -0
package/dist/modules/audit/service.d.ts +38 -0
package/dist/modules/audit/service.d.ts.map +1 -0
package/dist/modules/audit/service.js +109 -0
package/dist/modules/cart/access.d.ts +11 -0
package/dist/modules/cart/access.d.ts.map +1 -0
package/dist/modules/cart/access.js +18 -0
package/dist/modules/cart/matcher.d.ts +20 -0
package/dist/modules/cart/matcher.d.ts.map +1 -0
package/dist/modules/cart/matcher.js +2 -0
package/dist/modules/cart/repository/index.d.ts +45 -0
package/dist/modules/cart/repository/index.d.ts.map +1 -0
package/dist/modules/cart/repository/index.js +158 -0
package/dist/modules/cart/schema.d.ts +359 -0
package/dist/modules/cart/schema.d.ts.map +1 -0
package/dist/modules/cart/schema.js +40 -0
package/dist/modules/cart/schemas.d.ts +29 -0
package/dist/modules/cart/schemas.d.ts.map +1 -0
package/dist/modules/cart/schemas.js +14 -0
package/dist/modules/cart/service.d.ts +63 -0
package/dist/modules/cart/service.d.ts.map +1 -0
package/dist/modules/cart/service.js +339 -0
package/dist/modules/catalog/repository/index.d.ts +106 -0
package/dist/modules/catalog/repository/index.d.ts.map +1 -0
package/dist/modules/catalog/repository/index.js +455 -0
package/dist/modules/catalog/schema.d.ts +1193 -0
package/dist/modules/catalog/schema.d.ts.map +1 -0
package/dist/modules/catalog/schema.js +149 -0
package/dist/modules/catalog/schemas.d.ts +81 -0
package/dist/modules/catalog/schemas.d.ts.map +1 -0
package/dist/modules/catalog/schemas.js +62 -0
package/dist/modules/catalog/service.d.ts +160 -0
package/dist/modules/catalog/service.d.ts.map +1 -0
package/dist/modules/catalog/service.js +759 -0
package/dist/modules/customers/repository/index.d.ts +47 -0
package/dist/modules/customers/repository/index.d.ts.map +1 -0
package/dist/modules/customers/repository/index.js +206 -0
package/dist/modules/customers/schema.d.ts +560 -0
package/dist/modules/customers/schema.d.ts.map +1 -0
package/dist/modules/customers/schema.js +60 -0
package/dist/modules/customers/service.d.ts +27 -0
package/dist/modules/customers/service.d.ts.map +1 -0
package/dist/modules/customers/service.js +106 -0
package/dist/modules/fulfillment/repository/index.d.ts +63 -0
package/dist/modules/fulfillment/repository/index.d.ts.map +1 -0
package/dist/modules/fulfillment/repository/index.js +268 -0
package/dist/modules/fulfillment/schema.d.ts +655 -0
package/dist/modules/fulfillment/schema.d.ts.map +1 -0
package/dist/modules/fulfillment/schema.js +83 -0
package/dist/modules/fulfillment/service.d.ts +58 -0
package/dist/modules/fulfillment/service.d.ts.map +1 -0
package/dist/modules/fulfillment/service.js +338 -0
package/dist/modules/fulfillment/types.d.ts +44 -0
package/dist/modules/fulfillment/types.d.ts.map +1 -0
package/dist/modules/fulfillment/types.js +1 -0
package/dist/modules/inventory/repository/index.d.ts +81 -0
package/dist/modules/inventory/repository/index.d.ts.map +1 -0
package/dist/modules/inventory/repository/index.js +310 -0
package/dist/modules/inventory/schema.d.ts +570 -0
package/dist/modules/inventory/schema.d.ts.map +1 -0
package/dist/modules/inventory/schema.js +69 -0
package/dist/modules/inventory/schemas.d.ts +31 -0
package/dist/modules/inventory/schemas.d.ts.map +1 -0
package/dist/modules/inventory/schemas.js +28 -0
package/dist/modules/inventory/service.d.ts +69 -0
package/dist/modules/inventory/service.d.ts.map +1 -0
package/dist/modules/inventory/service.js +283 -0
package/dist/modules/media/adapter.d.ts +16 -0
package/dist/modules/media/adapter.d.ts.map +1 -0
package/dist/modules/media/adapter.js +1 -0
package/dist/modules/media/repository/index.d.ts +35 -0
package/dist/modules/media/repository/index.d.ts.map +1 -0
package/dist/modules/media/repository/index.js +176 -0
package/dist/modules/media/schema.d.ts +289 -0
package/dist/modules/media/schema.d.ts.map +1 -0
package/dist/modules/media/schema.js +35 -0
package/dist/modules/media/service.d.ts +42 -0
package/dist/modules/media/service.d.ts.map +1 -0
package/dist/modules/media/service.js +89 -0
package/dist/modules/orders/repository/index.d.ts +48 -0
package/dist/modules/orders/repository/index.d.ts.map +1 -0
package/dist/modules/orders/repository/index.js +199 -0
package/dist/modules/orders/schema.d.ts +672 -0
package/dist/modules/orders/schema.d.ts.map +1 -0
package/dist/modules/orders/schema.js +63 -0
package/dist/modules/orders/service.d.ts +85 -0
package/dist/modules/orders/service.d.ts.map +1 -0
package/dist/modules/orders/service.js +313 -0
package/dist/modules/orders/stale-order-cleanup.d.ts +27 -0
package/dist/modules/orders/stale-order-cleanup.d.ts.map +1 -0
package/dist/modules/orders/stale-order-cleanup.js +55 -0
package/dist/modules/organization/service.d.ts +53 -0
package/dist/modules/organization/service.d.ts.map +1 -0
package/dist/modules/organization/service.js +151 -0
package/dist/modules/payments/adapter.d.ts +42 -0
package/dist/modules/payments/adapter.d.ts.map +1 -0
package/dist/modules/payments/adapter.js +1 -0
package/dist/modules/payments/repository/index.d.ts +5 -0
package/dist/modules/payments/repository/index.d.ts.map +1 -0
package/dist/modules/payments/repository/index.js +1 -0
package/dist/modules/payments/service.d.ts +23 -0
package/dist/modules/payments/service.d.ts.map +1 -0
package/dist/modules/payments/service.js +72 -0
package/dist/modules/pricing/repository/index.d.ts +34 -0
package/dist/modules/pricing/repository/index.d.ts.map +1 -0
package/dist/modules/pricing/repository/index.js +176 -0
package/dist/modules/pricing/schema.d.ts +565 -0
package/dist/modules/pricing/schema.d.ts.map +1 -0
package/dist/modules/pricing/schema.js +57 -0
package/dist/modules/pricing/schemas.d.ts +37 -0
package/dist/modules/pricing/schemas.d.ts.map +1 -0
package/dist/modules/pricing/schemas.js +30 -0
package/dist/modules/pricing/service.d.ts +62 -0
package/dist/modules/pricing/service.d.ts.map +1 -0
package/dist/modules/pricing/service.js +308 -0
package/dist/modules/promotions/repository/index.d.ts +41 -0
package/dist/modules/promotions/repository/index.d.ts.map +1 -0
package/dist/modules/promotions/repository/index.js +204 -0
package/dist/modules/promotions/schema.d.ts +427 -0
package/dist/modules/promotions/schema.d.ts.map +1 -0
package/dist/modules/promotions/schema.js +52 -0
package/dist/modules/promotions/schemas.d.ts +33 -0
package/dist/modules/promotions/schemas.d.ts.map +1 -0
package/dist/modules/promotions/schemas.js +32 -0
package/dist/modules/promotions/service.d.ts +80 -0
package/dist/modules/promotions/service.d.ts.map +1 -0
package/dist/modules/promotions/service.js +347 -0
package/dist/modules/search/adapter.d.ts +51 -0
package/dist/modules/search/adapter.d.ts.map +1 -0
package/dist/modules/search/adapter.js +1 -0
package/dist/modules/search/hooks.d.ts +8 -0
package/dist/modules/search/hooks.d.ts.map +1 -0
package/dist/modules/search/hooks.js +6 -0
package/dist/modules/search/repository/index.d.ts +5 -0
package/dist/modules/search/repository/index.d.ts.map +1 -0
package/dist/modules/search/repository/index.js +1 -0
package/dist/modules/search/service.d.ts +24 -0
package/dist/modules/search/service.d.ts.map +1 -0
package/dist/modules/search/service.js +217 -0
package/dist/modules/shipping/calculator.d.ts +42 -0
package/dist/modules/shipping/calculator.d.ts.map +1 -0
package/dist/modules/shipping/calculator.js +91 -0
package/dist/modules/shipping/repository/index.d.ts +5 -0
package/dist/modules/shipping/repository/index.d.ts.map +1 -0
package/dist/modules/shipping/repository/index.js +1 -0
package/dist/modules/shipping/service.d.ts +28 -0
package/dist/modules/shipping/service.d.ts.map +1 -0
package/dist/modules/shipping/service.js +20 -0
package/dist/modules/tax/adapter.d.ts +58 -0
package/dist/modules/tax/adapter.d.ts.map +1 -0
package/dist/modules/tax/adapter.js +1 -0
package/dist/modules/tax/repository/index.d.ts +5 -0
package/dist/modules/tax/repository/index.d.ts.map +1 -0
package/dist/modules/tax/repository/index.js +1 -0
package/dist/modules/tax/service.d.ts +19 -0
package/dist/modules/tax/service.d.ts.map +1 -0
package/dist/modules/tax/service.js +34 -0
package/dist/modules/webhooks/hook.d.ts +13 -0
package/dist/modules/webhooks/hook.d.ts.map +1 -0
package/dist/modules/webhooks/hook.js +29 -0
package/dist/modules/webhooks/repository/index.d.ts +40 -0
package/dist/modules/webhooks/repository/index.d.ts.map +1 -0
package/dist/modules/webhooks/repository/index.js +175 -0
package/dist/modules/webhooks/schema.d.ts +404 -0
package/dist/modules/webhooks/schema.d.ts.map +1 -0
package/dist/modules/webhooks/schema.js +40 -0
package/dist/modules/webhooks/service.d.ts +23 -0
package/dist/modules/webhooks/service.d.ts.map +1 -0
package/dist/modules/webhooks/service.js +92 -0
package/dist/modules/webhooks/signing.d.ts +2 -0
package/dist/modules/webhooks/signing.d.ts.map +1 -0
package/dist/modules/webhooks/signing.js +5 -0
package/dist/modules/webhooks/ssrf-guard.d.ts +19 -0
package/dist/modules/webhooks/ssrf-guard.d.ts.map +1 -0
package/dist/modules/webhooks/ssrf-guard.js +79 -0
package/dist/modules/webhooks/tasks.d.ts +16 -0
package/dist/modules/webhooks/tasks.d.ts.map +1 -0
package/dist/modules/webhooks/tasks.js +35 -0
package/dist/modules/webhooks/worker.d.ts +21 -0
package/dist/modules/webhooks/worker.d.ts.map +1 -0
package/dist/modules/webhooks/worker.js +113 -0
package/dist/runtime/commerce.d.ts +110 -0
package/dist/runtime/commerce.d.ts.map +1 -0
package/dist/runtime/commerce.js +37 -0
package/dist/runtime/kernel.d.ts +71 -0
package/dist/runtime/kernel.d.ts.map +1 -0
package/dist/runtime/kernel.js +306 -0
package/dist/runtime/logger.d.ts +11 -0
package/dist/runtime/logger.d.ts.map +1 -0
package/dist/runtime/logger.js +32 -0
package/dist/runtime/shutdown.d.ts +15 -0
package/dist/runtime/shutdown.d.ts.map +1 -0
package/dist/runtime/shutdown.js +34 -0
package/dist/test-utils/create-pglite-adapter.d.ts +32 -0
package/dist/test-utils/create-pglite-adapter.d.ts.map +1 -0
package/dist/test-utils/create-pglite-adapter.js +107 -0
package/dist/test-utils/create-plugin-test-app.d.ts +50 -0
package/dist/test-utils/create-plugin-test-app.d.ts.map +1 -0
package/dist/test-utils/create-plugin-test-app.js +74 -0
package/dist/test-utils/create-repository-test-harness.d.ts +8 -0
package/dist/test-utils/create-repository-test-harness.d.ts.map +1 -0
package/dist/test-utils/create-repository-test-harness.js +7 -0
package/dist/test-utils/create-test-config.d.ts +18 -0
package/dist/test-utils/create-test-config.d.ts.map +1 -0
package/dist/test-utils/create-test-config.js +172 -0
package/dist/test-utils/create-test-kernel.d.ts +3 -0
package/dist/test-utils/create-test-kernel.d.ts.map +1 -0
package/dist/test-utils/create-test-kernel.js +5 -0
package/dist/test-utils/create-test-plugin-context.d.ts +42 -0
package/dist/test-utils/create-test-plugin-context.d.ts.map +1 -0
package/dist/test-utils/create-test-plugin-context.js +46 -0
package/dist/test-utils/rest-api-test-utils.d.ts +64 -0
package/dist/test-utils/rest-api-test-utils.d.ts.map +1 -0
package/dist/test-utils/rest-api-test-utils.js +207 -0
package/dist/test-utils/test-actors.d.ts +15 -0
package/dist/test-utils/test-actors.d.ts.map +1 -0
package/dist/test-utils/test-actors.js +57 -0
package/dist/test-utils/typed-hooks.d.ts +43 -0
package/dist/test-utils/typed-hooks.d.ts.map +1 -0
package/dist/test-utils/typed-hooks.js +35 -0
package/dist/testing.d.ts +14 -0
package/dist/testing.d.ts.map +1 -0
package/dist/testing.js +13 -0
package/dist/types/commerce-types.d.ts +34 -0
package/dist/types/commerce-types.d.ts.map +1 -0
package/dist/types/commerce-types.js +1 -0
package/dist/utils/id.d.ts +2 -0
package/dist/utils/id.d.ts.map +1 -0
package/dist/utils/id.js +3 -0
package/dist/utils/logger.d.ts +3 -0
package/dist/utils/logger.d.ts.map +1 -0
package/dist/utils/logger.js +16 -0
package/dist/utils/pagination.d.ts +11 -0
package/dist/utils/pagination.d.ts.map +1 -0
package/dist/utils/pagination.js +15 -0
package/package.json +1 -1

package/dist/auth/auth-schema.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"auth-schema.d.ts","sourceRoot":"","sources":["../../src/auth/auth-schema.ts"],"names":[],"mappings":"AAQA,eAAO,MAAM,IAAI;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAaf,CAAC;AAEH,eAAO,MAAM,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAclB,CAAC;AAEH,eAAO,MAAM,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAkBlB,CAAC;AAEH,eAAO,MAAM,YAAY;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAUvB,CAAC;AAEH,eAAO,MAAM,YAAY;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAOvB,CAAC;AAEH,eAAO,MAAM,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAUjB,CAAC;AAEH,eAAO,MAAM,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAarB,CAAC;AAEH,eAAO,MAAM,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAuBjB,CAAC;AAEH,eAAO,MAAM,IAAI;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAMf,CAAC"}

package/dist/auth/auth-schema.js ADDED Viewed

@@ -0,0 +1,124 @@
+import { pgTable, text, timestamp, boolean, integer, } from "drizzle-orm/pg-core";
+export const user = pgTable("user", {
+    id: text("id").primaryKey(),
+    name: text("name").notNull(),
+    email: text("email").notNull().unique(),
+    emailVerified: boolean("email_verified").default(false).notNull(),
+    image: text("image"),
+    createdAt: timestamp("created_at").defaultNow().notNull(),
+    updatedAt: timestamp("updated_at")
+        .defaultNow()
+        .$onUpdate(() => /* @__PURE__ */ new Date())
+        .notNull(),
+    vendorId: text("vendor_id"),
+    posOperatorPin: text("pos_operator_pin"),
+});
+export const session = pgTable("session", {
+    id: text("id").primaryKey(),
+    expiresAt: timestamp("expires_at").notNull(),
+    token: text("token").notNull().unique(),
+    createdAt: timestamp("created_at").defaultNow().notNull(),
+    updatedAt: timestamp("updated_at")
+        .$onUpdate(() => /* @__PURE__ */ new Date())
+        .notNull(),
+    ipAddress: text("ip_address"),
+    userAgent: text("user_agent"),
+    userId: text("user_id")
+        .notNull()
+        .references(() => user.id, { onDelete: "cascade" }),
+    activeOrganizationId: text("active_organization_id"),
+});
+export const account = pgTable("account", {
+    id: text("id").primaryKey(),
+    accountId: text("account_id").notNull(),
+    providerId: text("provider_id").notNull(),
+    userId: text("user_id")
+        .notNull()
+        .references(() => user.id, { onDelete: "cascade" }),
+    accessToken: text("access_token"),
+    refreshToken: text("refresh_token"),
+    idToken: text("id_token"),
+    accessTokenExpiresAt: timestamp("access_token_expires_at"),
+    refreshTokenExpiresAt: timestamp("refresh_token_expires_at"),
+    scope: text("scope"),
+    password: text("password"),
+    createdAt: timestamp("created_at").defaultNow().notNull(),
+    updatedAt: timestamp("updated_at")
+        .$onUpdate(() => /* @__PURE__ */ new Date())
+        .notNull(),
+});
+export const verification = pgTable("verification", {
+    id: text("id").primaryKey(),
+    identifier: text("identifier").notNull(),
+    value: text("value").notNull(),
+    expiresAt: timestamp("expires_at").notNull(),
+    createdAt: timestamp("created_at").defaultNow().notNull(),
+    updatedAt: timestamp("updated_at")
+        .defaultNow()
+        .$onUpdate(() => /* @__PURE__ */ new Date())
+        .notNull(),
+});
+export const organization = pgTable("organization", {
+    id: text("id").primaryKey(),
+    name: text("name").notNull(),
+    slug: text("slug").notNull().unique(),
+    logo: text("logo"),
+    createdAt: timestamp("created_at").notNull(),
+    metadata: text("metadata"),
+});
+export const member = pgTable("member", {
+    id: text("id").primaryKey(),
+    organizationId: text("organization_id")
+        .notNull()
+        .references(() => organization.id, { onDelete: "cascade" }),
+    userId: text("user_id")
+        .notNull()
+        .references(() => user.id, { onDelete: "cascade" }),
+    role: text("role").default("member").notNull(),
+    createdAt: timestamp("created_at").notNull(),
+});
+export const invitation = pgTable("invitation", {
+    id: text("id").primaryKey(),
+    organizationId: text("organization_id")
+        .notNull()
+        .references(() => organization.id, { onDelete: "cascade" }),
+    email: text("email").notNull(),
+    role: text("role"),
+    status: text("status").default("pending").notNull(),
+    expiresAt: timestamp("expires_at").notNull(),
+    createdAt: timestamp("created_at").defaultNow().notNull(),
+    inviterId: text("inviter_id")
+        .notNull()
+        .references(() => user.id, { onDelete: "cascade" }),
+});
+export const apikey = pgTable("apikey", {
+    id: text("id").primaryKey(),
+    configId: text("config_id").default("default").notNull(),
+    name: text("name"),
+    start: text("start"),
+    referenceId: text("reference_id").notNull(),
+    prefix: text("prefix"),
+    key: text("key").notNull(),
+    refillInterval: integer("refill_interval"),
+    refillAmount: integer("refill_amount"),
+    lastRefillAt: timestamp("last_refill_at"),
+    enabled: boolean("enabled").default(true),
+    rateLimitEnabled: boolean("rate_limit_enabled").default(false),
+    rateLimitTimeWindow: integer("rate_limit_time_window").default(3600000),
+    rateLimitMax: integer("rate_limit_max").default(10000),
+    requestCount: integer("request_count").default(0),
+    remaining: integer("remaining"),
+    lastRequest: timestamp("last_request"),
+    expiresAt: timestamp("expires_at"),
+    createdAt: timestamp("created_at").notNull(),
+    updatedAt: timestamp("updated_at").notNull(),
+    permissions: text("permissions"),
+    metadata: text("metadata"),
+});
+export const jwks = pgTable("jwks", {
+    id: text("id").primaryKey(),
+    publicKey: text("public_key").notNull(),
+    privateKey: text("private_key").notNull(),
+    createdAt: timestamp("created_at").notNull(),
+    expiresAt: timestamp("expires_at"),
+});

package/dist/auth/middleware.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+import type { MiddlewareHandler } from "hono";
+import type { CommerceConfig } from "../config/types.js";
+import type { AuthInstance } from "./setup.js";
+export declare function authMiddleware(auth: AuthInstance, config: CommerceConfig): MiddlewareHandler;
+//# sourceMappingURL=middleware.d.ts.map

package/dist/auth/middleware.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../../src/auth/middleware.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,MAAM,CAAC;AAC9C,OAAO,KAAK,EAAmB,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAE1E,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AA0B/C,wBAAgB,cAAc,CAC5B,IAAI,EAAE,YAAY,EAClB,MAAM,EAAE,cAAc,GACrB,iBAAiB,CAsInB"}

package/dist/auth/middleware.js ADDED Viewed

@@ -0,0 +1,141 @@
+import { DEFAULT_ORG_ID } from "./org.js";
+function resolvePermissions(session, config) {
+    const role = session.session.activeOrganizationRole;
+    if (!role) {
+        return (config.auth?.customerPermissions ?? [
+            "catalog:read",
+            "cart:create",
+            "cart:read",
+            "cart:update",
+            "orders:create",
+            "orders:read:own",
+            "customers:read:self",
+            "customers:update:self",
+        ]);
+    }
+    const roleConfig = config.auth?.roles?.[role];
+    return roleConfig ? roleConfig.permissions : [];
+}
+export function authMiddleware(auth, config) {
+    return async (c, next) => {
+        const session = (await auth.api.getSession({
+            headers: c.req.raw.headers,
+        }));
+        if (session) {
+            // Better Auth's session stores activeOrganizationId, but often not the role.
+            // For single-store apps (org_default), users may never call set-active,
+            // so activeOrganizationId can be null even for valid org members.
+            let role = session.session.activeOrganizationRole;
+            let orgId = session.session.activeOrganizationId;
+            // If no active org, try to resolve the user's membership in org_default.
+            // This handles the common case where the user is a member but hasn't
+            // called organization/set-active (single-store apps, seed scripts, tests).
+            if (!role && auth.api.getFullOrganization) {
+                try {
+                    const org = await auth.api.getFullOrganization({
+                        query: { organizationId: orgId ?? DEFAULT_ORG_ID },
+                        headers: c.req.raw.headers,
+                    });
+                    if (org?.members) {
+                        const membership = org.members.find((m) => m.userId === session.user.id);
+                        if (membership) {
+                            role = membership.role;
+                            orgId = orgId ?? DEFAULT_ORG_ID;
+                        }
+                    }
+                }
+                catch {
+                    // fall through — treat as customer
+                }
+            }
+            // Also try getActiveMemberRole if active org is set
+            if (!role && orgId && auth.api.getActiveMemberRole) {
+                try {
+                    const roleResult = await auth.api.getActiveMemberRole({
+                        headers: c.req.raw.headers,
+                    });
+                    role = roleResult?.role;
+                }
+                catch {
+                    // fall through — treat as customer
+                }
+            }
+            const enrichedSession = {
+                ...session,
+                session: { ...session.session, activeOrganizationRole: role ?? null },
+            };
+            c.set("actor", {
+                type: "user",
+                userId: session.user.id,
+                email: session.user.email ?? null,
+                name: session.user.name ?? "User",
+                vendorId: session.user.vendorId ?? null,
+                organizationId: orgId ?? DEFAULT_ORG_ID,
+                role: role ?? "customer",
+                permissions: resolvePermissions(enrichedSession, config),
+            });
+            await next();
+            return;
+        }
+        // Extract API key from headers
+        const apiKeyHeader = c.req.header("x-api-key") ??
+            c.req.header("authorization")?.replace("Bearer ", "");
+        if (apiKeyHeader &&
+            config.auth?.apiKeys?.enabled &&
+            auth.api.verifyApiKey) {
+            try {
+                // Better Auth server-side calls require { body: { ... } } wrapper.
+                // Returns { valid, error, key: Omit<ApiKey,"key"> | null }.
+                // See: https://better-auth.com/docs/plugins/api-key/reference
+                const result = await auth.api.verifyApiKey({
+                    body: { key: apiKeyHeader },
+                });
+                if (result?.valid && result.key) {
+                    const apiKey = result.key;
+                    // v1.5+ renamed userId → referenceId on the apikey table.
+                    const userId = (apiKey.referenceId ?? "");
+                    const name = (apiKey.name ?? "API Key");
+                    const orgId = (apiKey.organizationId ?? DEFAULT_ORG_ID);
+                    // Better Auth stores permissions as Record<string, string[]>
+                    // (e.g. {"catalog":["read","create"]}).  Flatten to the
+                    // "resource:action" string[] format the engine expects.
+                    let permissions;
+                    const rawPerms = apiKey.permissions;
+                    if (Array.isArray(rawPerms)) {
+                        permissions = rawPerms;
+                    }
+                    else if (rawPerms && typeof rawPerms === "object") {
+                        permissions = [];
+                        for (const [resource, actions] of Object.entries(rawPerms)) {
+                            for (const action of actions) {
+                                permissions.push(`${resource}:${action}`);
+                            }
+                        }
+                    }
+                    else {
+                        permissions = config.auth?.apiKeys?.defaultPermissions ?? [];
+                    }
+                    c.set("actor", {
+                        type: "api_key",
+                        userId,
+                        email: null,
+                        name,
+                        vendorId: null,
+                        organizationId: orgId,
+                        role: "api_key",
+                        permissions,
+                    });
+                    await next();
+                    return;
+                }
+            }
+            catch {
+                // invalid, expired, or rate-limited key — fall through
+            }
+        }
+        if (!c.get("actor")) {
+            c.set("actor", null);
+        }
+        await next();
+    };
+}

package/dist/auth/org.d.ts ADDED Viewed

@@ -0,0 +1,22 @@
+/**
+ * Deterministic ID for the default organization.
+ * Auto-created on kernel boot / test setup for single-tenant deployments.
+ */
+export declare const DEFAULT_ORG_ID = "org_default";
+/**
+ * Extracts the organization ID from an actor.
+ * Falls back to the default org when the actor is null or has no org set.
+ */
+export declare function resolveOrgId(actor: unknown): string;
+/**
+ * Ensures the default organization row exists in the database.
+ * Idempotent — safe to call multiple times (no-ops if the row exists).
+ *
+ * Uses OrganizationService which creates both the org row and
+ * (when auth is available) a member record for the creator.
+ *
+ * Accepts `unknown` so callers never need casts — the function
+ * handles the Drizzle type narrowing internally.
+ */
+export declare function ensureDefaultOrg(db: unknown, storeName?: string): Promise<void>;
+//# sourceMappingURL=org.d.ts.map

package/dist/auth/org.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"org.d.ts","sourceRoot":"","sources":["../../src/auth/org.ts"],"names":[],"mappings":"AAEA;;;GAGG;AACH,eAAO,MAAM,cAAc,gBAAgB,CAAC;AAE5C;;;GAGG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,OAAO,GAAG,MAAM,CAMnD;AAED;;;;;;;;;GASG;AACH,wBAAsB,gBAAgB,CACpC,EAAE,EAAE,OAAO,EACX,SAAS,SAAkB,GAC1B,OAAO,CAAC,IAAI,CAAC,CAOf"}

package/dist/auth/org.js ADDED Viewed

@@ -0,0 +1,36 @@
+import { OrganizationService } from "../modules/organization/service.js";
+/**
+ * Deterministic ID for the default organization.
+ * Auto-created on kernel boot / test setup for single-tenant deployments.
+ */
+export const DEFAULT_ORG_ID = "org_default";
+/**
+ * Extracts the organization ID from an actor.
+ * Falls back to the default org when the actor is null or has no org set.
+ */
+export function resolveOrgId(actor) {
+    if (actor != null && typeof actor === "object" && "organizationId" in actor) {
+        const orgId = actor.organizationId;
+        if (typeof orgId === "string")
+            return orgId;
+    }
+    return DEFAULT_ORG_ID;
+}
+/**
+ * Ensures the default organization row exists in the database.
+ * Idempotent — safe to call multiple times (no-ops if the row exists).
+ *
+ * Uses OrganizationService which creates both the org row and
+ * (when auth is available) a member record for the creator.
+ *
+ * Accepts `unknown` so callers never need casts — the function
+ * handles the Drizzle type narrowing internally.
+ */
+export async function ensureDefaultOrg(db, storeName = "Default Store") {
+    const orgService = new OrganizationService(db);
+    await orgService.create({
+        id: DEFAULT_ORG_ID,
+        name: storeName,
+        slug: "default",
+    });
+}

package/dist/auth/permissions.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+import type { Actor } from "./types.js";
+export declare function assertPermission(actor: Actor | null, required: string): void;
+export declare function assertOwnership(actor: Actor | null, resourceOwnerId: string | null): void;
+//# sourceMappingURL=permissions.d.ts.map

package/dist/auth/permissions.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"permissions.d.ts","sourceRoot":"","sources":["../../src/auth/permissions.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,YAAY,CAAC;AAExC,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,KAAK,GAAG,IAAI,EAAE,QAAQ,EAAE,MAAM,GAAG,IAAI,CAc5E;AAED,wBAAgB,eAAe,CAAC,KAAK,EAAE,KAAK,GAAG,IAAI,EAAE,eAAe,EAAE,MAAM,GAAG,IAAI,GAAG,IAAI,CAQzF"}

package/dist/auth/permissions.js ADDED Viewed

@@ -0,0 +1,24 @@
+import { CommerceForbiddenError } from "../kernel/errors.js";
+export function assertPermission(actor, required) {
+    if (!actor) {
+        throw new CommerceForbiddenError("Authentication required.");
+    }
+    if (actor.permissions.includes("*:*"))
+        return;
+    const [resource] = required.split(":");
+    if (resource && actor.permissions.includes(`${resource}:*`))
+        return;
+    if (actor.permissions.includes(required))
+        return;
+    throw new CommerceForbiddenError(`Permission "${required}" is required. Your role "${actor.role}" does not include this permission.`);
+}
+export function assertOwnership(actor, resourceOwnerId) {
+    if (!actor) {
+        throw new CommerceForbiddenError("Authentication required.");
+    }
+    if (actor.permissions.includes("*:*"))
+        return;
+    if (actor.userId !== resourceOwnerId) {
+        throw new CommerceForbiddenError("You do not have access to this resource.");
+    }
+}

package/dist/auth/setup.d.ts ADDED Viewed

@@ -0,0 +1,29 @@
+import { betterAuth } from "better-auth";
+import { apiKey } from "@better-auth/api-key";
+import { organization, twoFactor, phoneNumber, jwt, bearer } from "better-auth/plugins";
+import type { CommerceConfig } from "../config/types.js";
+import type { DatabaseAdapter } from "../kernel/database/adapter.js";
+/**
+ * The auth type is inferred from `typeof betterAuth(...)` with all plugins enabled.
+ * This gives us the full API surface without manual interface maintenance.
+ *
+ * We use a type-level-only reference (never executed) to capture the complete type.
+ */
+type FullBetterAuth = ReturnType<typeof betterAuth<{
+    plugins: [
+        ReturnType<typeof organization>,
+        ReturnType<typeof bearer>,
+        ReturnType<typeof jwt>,
+        ReturnType<typeof twoFactor>,
+        ReturnType<typeof apiKey>,
+        ReturnType<typeof phoneNumber>
+    ];
+}>>;
+/**
+ * AuthInstance — inferred from Better Auth with all plugins.
+ * No manual type maintenance needed.
+ */
+export type AuthInstance = FullBetterAuth;
+export declare function createAuth(db: DatabaseAdapter, config: CommerceConfig): AuthInstance;
+export {};
+//# sourceMappingURL=setup.d.ts.map

package/dist/auth/setup.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"setup.d.ts","sourceRoot":"","sources":["../../src/auth/setup.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAEzC,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,WAAW,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AACxF,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACzD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAC;AAiBrE;;;;;GAKG;AACH,KAAK,cAAc,GAAG,UAAU,CAAC,OAAO,UAAU,CAAC;IACjD,OAAO,EAAE;QACP,UAAU,CAAC,OAAO,YAAY,CAAC;QAC/B,UAAU,CAAC,OAAO,MAAM,CAAC;QACzB,UAAU,CAAC,OAAO,GAAG,CAAC;QACtB,UAAU,CAAC,OAAO,SAAS,CAAC;QAC5B,UAAU,CAAC,OAAO,MAAM,CAAC;QACzB,UAAU,CAAC,OAAO,WAAW,CAAC;KAC/B,CAAC;CACH,CAAC,CAAC,CAAC;AAEJ;;;GAGG;AACH,MAAM,MAAM,YAAY,GAAG,cAAc,CAAC;AAE1C,wBAAgB,UAAU,CACxB,EAAE,EAAE,eAAe,EACnB,MAAM,EAAE,cAAc,GACrB,YAAY,CA+Gd"}

package/dist/auth/setup.js ADDED Viewed

@@ -0,0 +1,117 @@
+import { drizzleAdapter } from "@better-auth/drizzle-adapter";
+import { betterAuth } from "better-auth";
+import { apiKey } from "@better-auth/api-key";
+import { organization, twoFactor, phoneNumber, jwt, bearer } from "better-auth/plugins";
+import * as authSchema from "./auth-schema.js";
+function resolveAuthDbProvider(provider) {
+    if (provider === "postgres" || provider === "postgresql" || provider === "pg")
+        return "pg";
+    if (provider === "mysql")
+        return "mysql";
+    if (provider === "sqlite")
+        return "sqlite";
+    throw new Error(`Unsupported auth database provider "${provider}".`);
+}
+export function createAuth(db, config) {
+    const plugins = [
+        organization({
+            roles: (config.auth?.roles ?? {}),
+        }),
+        bearer(),
+        jwt(),
+    ];
+    if (config.auth?.twoFactor?.enabled) {
+        plugins.push(twoFactor({ issuer: config.storeName ?? "UnifiedCommerce" }));
+    }
+    const scopes = config.auth?.apiKeyScopes;
+    if (scopes && Object.keys(scopes).length > 0) {
+        const apiKeyConfigs = Object.entries(scopes).map(([scopeId, scope]) => ({
+            configId: scopeId,
+            defaultPrefix: scope.prefix,
+            ...(scope.rateLimit
+                ? {
+                    rateLimit: {
+                        enabled: true,
+                        maxRequests: scope.rateLimit.maxRequests,
+                        timeWindow: scope.rateLimit.timeWindow,
+                    },
+                }
+                : {}),
+        }));
+        plugins.push(apiKey(apiKeyConfigs));
+    }
+    else if (config.auth?.apiKeys?.enabled) {
+        plugins.push(apiKey());
+    }
+    if (config.auth?.phoneAuth) {
+        plugins.push(phoneNumber({
+            sendOTP: config.auth.phoneAuth.sendOTP,
+            verifyOTP: config.auth.phoneAuth.verifyOTP,
+            otpLength: config.auth.phoneAuth.otpLength ?? 6,
+            expiresIn: config.auth.phoneAuth.expiresIn ?? 300,
+            signUpOnVerification: config.auth.phoneAuth.signUpOnVerification ?? {
+                getTempEmail: (phone) => `${phone.replace(/\+/g, "")}@phone.local`,
+            },
+        }));
+    }
+    try {
+        const auth = betterAuth({
+            database: drizzleAdapter(db.db, {
+                provider: resolveAuthDbProvider(db.provider),
+                schema: authSchema,
+            }),
+            trustedOrigins: config.auth?.trustedOrigins ?? [],
+            emailAndPassword: {
+                enabled: true,
+                requireEmailVerification: config.auth?.requireEmailVerification ?? true,
+                sendResetPassword: async ({ user, url }) => {
+                    if (!config.email)
+                        return;
+                    await config.email.send({
+                        template: "password-reset",
+                        to: user.email,
+                        data: { resetUrl: url, userName: user.name },
+                    });
+                },
+                sendVerificationEmail: async ({ user, url }) => {
+                    if (!config.email)
+                        return;
+                    await config.email.send({
+                        template: "email-verification",
+                        to: user.email,
+                        data: { verifyUrl: url, userName: user.name },
+                    });
+                },
+            },
+            socialProviders: config.auth?.socialProviders ?? {},
+            session: {
+                expiresIn: config.auth?.sessionDuration ?? 60 * 60 * 24 * 7,
+                updateAge: 60 * 60 * 24,
+                cookieCache: {
+                    enabled: true,
+                    maxAge: 60 * 5,
+                },
+            },
+            advanced: {
+                cookiePrefix: "uc",
+                useSecureCookies: process.env.NODE_ENV === "production",
+            },
+            plugins,
+            user: {
+                additionalFields: {
+                    vendorId: { type: "string", required: false },
+                    posOperatorPin: { type: "string", required: false },
+                },
+            },
+        });
+        // The runtime return matches FullBetterAuth structurally — plugins may differ
+        // at runtime (conditional) but the API surface is a superset.
+        return auth;
+    }
+    catch (error) {
+        const message = error instanceof Error
+            ? error.message
+            : "Unknown better-auth initialization error.";
+        throw new Error(`Failed to initialize authentication: ${message}`);
+    }
+}

package/dist/auth/system-actor.d.ts ADDED Viewed

@@ -0,0 +1,7 @@
+import type { Actor } from "./types.js";
+/**
+ * Creates a system actor for internal operations (webhooks, jobs, compensation chains).
+ * System actors have full permissions and are scoped to a specific organization.
+ */
+export declare function createSystemActor(orgId?: string): Actor;
+//# sourceMappingURL=system-actor.d.ts.map

package/dist/auth/system-actor.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"system-actor.d.ts","sourceRoot":"","sources":["../../src/auth/system-actor.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,YAAY,CAAC;AAGxC;;;GAGG;AACH,wBAAgB,iBAAiB,CAAC,KAAK,GAAE,MAAuB,GAAG,KAAK,CAWvE"}

package/dist/auth/system-actor.js ADDED Viewed

@@ -0,0 +1,17 @@
+import { DEFAULT_ORG_ID } from "./org.js";
+/**
+ * Creates a system actor for internal operations (webhooks, jobs, compensation chains).
+ * System actors have full permissions and are scoped to a specific organization.
+ */
+export function createSystemActor(orgId = DEFAULT_ORG_ID) {
+    return {
+        type: "api_key",
+        userId: "system:internal",
+        email: null,
+        name: "System",
+        vendorId: null,
+        organizationId: orgId,
+        role: "system",
+        permissions: ["*:*"],
+    };
+}

package/dist/auth/types.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+export interface Actor {
+    type: "user" | "api_key";
+    userId: string;
+    email: string | null;
+    name: string;
+    vendorId: string | null;
+    organizationId: string | null;
+    role: string;
+    permissions: string[];
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/auth/types.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/auth/types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,KAAK;IACpB,IAAI,EAAE,MAAM,GAAG,SAAS,CAAC;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,cAAc,EAAE,MAAM,GAAG,IAAI,CAAC;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,EAAE,CAAC;CACvB"}

package/dist/auth/types.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/config/defaults.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+import type { CommerceConfig } from "./types.js";
+export declare const defaultConfig: Partial<CommerceConfig>;
+//# sourceMappingURL=defaults.d.ts.map

package/dist/config/defaults.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"defaults.d.ts","sourceRoot":"","sources":["../../src/config/defaults.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAEjD,eAAO,MAAM,aAAa,EAAE,OAAO,CAAC,cAAc,CA+EjD,CAAC"}