@uniforge/core 0.1.0-alpha.2

package/dist/session-storage/index.js

@@ -0,0 +1,271 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/session-storage/index.ts
+var session_storage_exports = {};
+__export(session_storage_exports, {
+  DualSessionStorage: () => DualSessionStorage,
+  PrismaSessionStorage: () => PrismaSessionStorage,
+  RedisSessionStorage: () => RedisSessionStorage
+});
+module.exports = __toCommonJS(session_storage_exports);
+
+// src/session-storage/prisma-session-storage.ts
+var import_client = require("@prisma/client");
+
+// src/database/utils.ts
+function recordToSession(record) {
+  const session = {
+    id: record.id,
+    shop: record.shopDomain,
+    state: record.state,
+    isOnline: record.isOnline,
+    scope: record.scope,
+    expires: record.expires ?? null,
+    createdAt: record.createdAt,
+    updatedAt: record.updatedAt
+  };
+  if (record.accessToken) {
+    session.accessToken = record.accessToken;
+  }
+  if (record.refreshToken) {
+    session.refreshToken = record.refreshToken;
+  }
+  if (record.refreshTokenExpiresAt) {
+    session.refreshTokenExpiresAt = record.refreshTokenExpiresAt;
+  }
+  if (record.onlineAccessInfo) {
+    session.onlineAccessInfo = record.onlineAccessInfo;
+  }
+  return session;
+}
+
+// src/session-storage/prisma-session-storage.ts
+var PrismaSessionStorage = class {
+  constructor(prisma) {
+    this.prisma = prisma;
+  }
+  async storeSession(session) {
+    const onlineAccessInfo = session.onlineAccessInfo ? session.onlineAccessInfo : import_client.Prisma.JsonNull;
+    const data = {
+      shopDomain: session.shop,
+      state: session.state,
+      isOnline: session.isOnline,
+      scope: session.scope,
+      expires: session.expires,
+      accessToken: session.accessToken ?? null,
+      refreshToken: session.refreshToken ?? null,
+      refreshTokenExpiresAt: session.refreshTokenExpiresAt ?? null,
+      onlineAccessInfo
+    };
+    await this.prisma.session.upsert({
+      where: { id: session.id },
+      create: {
+        id: session.id,
+        ...data
+      },
+      update: data
+    });
+    return true;
+  }
+  async loadSession(id) {
+    const record = await this.prisma.session.findUnique({ where: { id } });
+    if (!record) return void 0;
+    return recordToSession(record);
+  }
+  async deleteSession(id) {
+    try {
+      await this.prisma.session.delete({ where: { id } });
+      return true;
+    } catch {
+      return false;
+    }
+  }
+  async deleteSessions(ids) {
+    await this.prisma.session.deleteMany({ where: { id: { in: ids } } });
+    return true;
+  }
+  async findSessionsByShop(shop) {
+    const records = await this.prisma.session.findMany({
+      where: { shopDomain: shop }
+    });
+    return records.map(recordToSession);
+  }
+};
+
+// src/session-storage/redis-session-storage.ts
+var RedisSessionStorage = class {
+  constructor(redis, options) {
+    this.redis = redis;
+    this.prefix = options?.prefix ?? "uniforge:session:";
+    this.ttl = options?.ttl;
+  }
+  prefix;
+  ttl;
+  async storeSession(session) {
+    const key = this.sessionKey(session.id);
+    const data = this.serialize(session);
+    const pipeline = this.redis.pipeline();
+    if (this.ttl) {
+      pipeline.set(key, data, "EX", this.ttl);
+    } else {
+      pipeline.set(key, data);
+    }
+    pipeline.sadd(this.shopIndexKey(session.shop), session.id);
+    await pipeline.exec();
+    return true;
+  }
+  async loadSession(id) {
+    const data = await this.redis.get(this.sessionKey(id));
+    if (!data) return void 0;
+    return this.deserialize(data);
+  }
+  async deleteSession(id) {
+    const session = await this.loadSession(id);
+    const pipeline = this.redis.pipeline();
+    pipeline.del(this.sessionKey(id));
+    if (session) {
+      pipeline.srem(this.shopIndexKey(session.shop), id);
+    }
+    await pipeline.exec();
+    return true;
+  }
+  async deleteSessions(ids) {
+    if (ids.length === 0) return true;
+    const sessions = await Promise.all(ids.map((id) => this.loadSession(id)));
+    const pipeline = this.redis.pipeline();
+    for (const id of ids) {
+      pipeline.del(this.sessionKey(id));
+    }
+    for (const session of sessions) {
+      if (session) {
+        pipeline.srem(this.shopIndexKey(session.shop), session.id);
+      }
+    }
+    await pipeline.exec();
+    return true;
+  }
+  async findSessionsByShop(shop) {
+    const ids = await this.redis.smembers(this.shopIndexKey(shop));
+    if (ids.length === 0) return [];
+    const keys = ids.map((id) => this.sessionKey(id));
+    const results = await this.redis.mget(...keys);
+    const sessions = [];
+    for (const data of results) {
+      if (data) {
+        sessions.push(this.deserialize(data));
+      }
+    }
+    return sessions;
+  }
+  // ---------------------------------------------------------------------------
+  // Helpers
+  // ---------------------------------------------------------------------------
+  sessionKey(id) {
+    return `${this.prefix}${id}`;
+  }
+  shopIndexKey(shopDomain) {
+    return `${this.prefix}shop:${shopDomain}`;
+  }
+  serialize(session) {
+    return JSON.stringify({
+      ...session,
+      expires: session.expires?.toISOString() ?? null,
+      refreshTokenExpiresAt: session.refreshTokenExpiresAt?.toISOString(),
+      createdAt: session.createdAt.toISOString(),
+      updatedAt: session.updatedAt.toISOString()
+    });
+  }
+  deserialize(data) {
+    const raw = JSON.parse(data);
+    const session = {
+      id: raw.id,
+      shop: raw.shop,
+      state: raw.state,
+      isOnline: raw.isOnline,
+      scope: raw.scope,
+      expires: raw.expires ? new Date(raw.expires) : null,
+      createdAt: new Date(raw.createdAt),
+      updatedAt: new Date(raw.updatedAt)
+    };
+    if (raw.accessToken) {
+      session.accessToken = raw.accessToken;
+    }
+    if (raw.refreshToken) {
+      session.refreshToken = raw.refreshToken;
+    }
+    if (raw.refreshTokenExpiresAt) {
+      session.refreshTokenExpiresAt = new Date(raw.refreshTokenExpiresAt);
+    }
+    if (raw.onlineAccessInfo) {
+      session.onlineAccessInfo = raw.onlineAccessInfo;
+    }
+    return session;
+  }
+};
+
+// src/session-storage/dual-session-storage.ts
+var DualSessionStorage = class {
+  constructor(primary, fallback) {
+    this.primary = primary;
+    this.fallback = fallback;
+  }
+  async storeSession(session) {
+    const [primaryOk, fallbackOk] = await Promise.all([
+      this.primary.storeSession(session),
+      this.fallback.storeSession(session)
+    ]);
+    return primaryOk && fallbackOk;
+  }
+  async loadSession(id) {
+    const session = await this.primary.loadSession(id);
+    if (session) return session;
+    const fallbackSession = await this.fallback.loadSession(id);
+    if (fallbackSession) {
+      await this.primary.storeSession(fallbackSession);
+    }
+    return fallbackSession;
+  }
+  async deleteSession(id) {
+    const [primaryOk, fallbackOk] = await Promise.all([
+      this.primary.deleteSession(id),
+      this.fallback.deleteSession(id)
+    ]);
+    return primaryOk && fallbackOk;
+  }
+  async deleteSessions(ids) {
+    const [primaryOk, fallbackOk] = await Promise.all([
+      this.primary.deleteSessions(ids),
+      this.fallback.deleteSessions(ids)
+    ]);
+    return primaryOk && fallbackOk;
+  }
+  async findSessionsByShop(shop) {
+    const sessions = await this.primary.findSessionsByShop(shop);
+    if (sessions.length > 0) return sessions;
+    return this.fallback.findSessionsByShop(shop);
+  }
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  DualSessionStorage,
+  PrismaSessionStorage,
+  RedisSessionStorage
+});
+//# sourceMappingURL=index.js.map

package/dist/session-storage/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/session-storage/index.ts","../../src/session-storage/prisma-session-storage.ts","../../src/database/utils.ts","../../src/session-storage/redis-session-storage.ts","../../src/session-storage/dual-session-storage.ts"],"sourcesContent":["/**\n * @uniforge/core - Session Storage\n *\n * Pluggable session storage implementations (Prisma, Redis, Dual).\n */\n\nexport { PrismaSessionStorage } from './prisma-session-storage';\nexport { RedisSessionStorage } from './redis-session-storage';\nexport type { RedisSessionStorageOptions } from './redis-session-storage';\nexport { DualSessionStorage } from './dual-session-storage';\n","/**\n * Prisma-backed session storage.\n *\n * Persists sessions to PostgreSQL via PrismaClient.\n */\n\nimport { Prisma } from '@prisma/client';\nimport type { PrismaClient } from '@prisma/client';\nimport type { Session, SessionStorage } from '@uniforge/platform-core/auth';\nimport { recordToSession } from '../database/utils';\n\nexport class PrismaSessionStorage implements SessionStorage {\n  constructor(private readonly prisma: PrismaClient) {}\n\n  async storeSession(session: Session): Promise<boolean> {\n    const onlineAccessInfo: Prisma.NullableJsonNullValueInput | Prisma.InputJsonValue =\n      session.onlineAccessInfo\n        ? (session.onlineAccessInfo as unknown as Prisma.InputJsonValue)\n        : Prisma.JsonNull;\n\n    const data = {\n      shopDomain: session.shop,\n      state: session.state,\n      isOnline: session.isOnline,\n      scope: session.scope,\n      expires: session.expires,\n      accessToken: session.accessToken ?? null,\n      refreshToken: session.refreshToken ?? null,\n      refreshTokenExpiresAt: session.refreshTokenExpiresAt ?? null,\n      onlineAccessInfo,\n    };\n\n    await this.prisma.session.upsert({\n      where: { id: session.id },\n      create: {\n        id: session.id,\n        ...data,\n      },\n      update: data,\n    });\n    return true;\n  }\n\n  async loadSession(id: string): Promise<Session | undefined> {\n    const record = await this.prisma.session.findUnique({ where: { id } });\n    if (!record) return undefined;\n    return recordToSession(record);\n  }\n\n  async deleteSession(id: string): Promise<boolean> {\n    try {\n      await this.prisma.session.delete({ where: { id } });\n      return true;\n    } catch {\n      return false;\n    }\n  }\n\n  async deleteSessions(ids: string[]): Promise<boolean> {\n    await this.prisma.session.deleteMany({ where: { id: { in: ids } } });\n    return true;\n  }\n\n  async findSessionsByShop(shop: string): Promise<Session[]> {\n    const records = await this.prisma.session.findMany({\n      where: { shopDomain: shop },\n    });\n    return records.map(recordToSession);\n  }\n}\n","/**\n * Converters between platform-core domain types and Prisma record types.\n *\n * The Prisma models use camelCase field names (shopDomain, isOnline, etc.)\n * while platform-core types use slightly different shapes (e.g. session.shop\n * vs record.shopDomain, onlineAccessInfo as object vs JSON).\n */\n\nimport type { Session, Shop } from '@uniforge/platform-core/auth';\nimport type {\n  Shop as PrismaShop,\n  Session as PrismaSession,\n  Prisma,\n} from '@prisma/client';\n\n// ---------------------------------------------------------------------------\n// Shop converters\n// ---------------------------------------------------------------------------\n\n/** Convert a platform-core Shop to a Prisma-compatible record. */\nexport function shopToRecord(\n  shop: Shop,\n): Omit<PrismaShop, 'id'> {\n  return {\n    shopDomain: shop.shopDomain,\n    isInstalled: shop.isInstalled,\n    installedAt: shop.installedAt,\n    uninstalledAt: shop.uninstalledAt,\n    scopes: shop.scopes,\n    shopifyPlan: shop.shopifyPlan,\n    createdAt: shop.createdAt,\n    updatedAt: shop.updatedAt,\n  };\n}\n\n/** Convert a Prisma Shop record to a platform-core Shop. */\nexport function recordToShop(record: PrismaShop): Shop {\n  return {\n    shopDomain: record.shopDomain,\n    isInstalled: record.isInstalled,\n    installedAt: record.installedAt ?? null,\n    uninstalledAt: record.uninstalledAt ?? null,\n    scopes: record.scopes,\n    shopifyPlan: record.shopifyPlan ?? null,\n    createdAt: record.createdAt,\n    updatedAt: record.updatedAt,\n  };\n}\n\n// ---------------------------------------------------------------------------\n// Session converters\n// ---------------------------------------------------------------------------\n\n/** Convert a platform-core Session to a Prisma-compatible create/update input. */\nexport function sessionToRecord(\n  session: Session,\n): Omit<PrismaSession, 'createdAt' | 'updatedAt'> {\n  const record: Omit<PrismaSession, 'createdAt' | 'updatedAt'> = {\n    id: session.id,\n    shopDomain: session.shop,\n    state: session.state,\n    isOnline: session.isOnline,\n    scope: session.scope,\n    expires: session.expires,\n    accessToken: session.accessToken ?? null,\n    refreshToken: session.refreshToken ?? null,\n    refreshTokenExpiresAt: session.refreshTokenExpiresAt ?? null,\n    onlineAccessInfo: session.onlineAccessInfo\n      ? (session.onlineAccessInfo as unknown as Prisma.JsonValue)\n      : null,\n  };\n\n  return record;\n}\n\n/** Convert a Prisma Session record to a platform-core Session. */\nexport function recordToSession(record: PrismaSession): Session {\n  const session: Session = {\n    id: record.id,\n    shop: record.shopDomain,\n    state: record.state,\n    isOnline: record.isOnline,\n    scope: record.scope,\n    expires: record.expires ?? null,\n    createdAt: record.createdAt,\n    updatedAt: record.updatedAt,\n  };\n\n  if (record.accessToken) {\n    session.accessToken = record.accessToken;\n  }\n  if (record.refreshToken) {\n    session.refreshToken = record.refreshToken;\n  }\n  if (record.refreshTokenExpiresAt) {\n    session.refreshTokenExpiresAt = record.refreshTokenExpiresAt;\n  }\n  if (record.onlineAccessInfo) {\n    session.onlineAccessInfo = record.onlineAccessInfo as unknown as NonNullable<Session['onlineAccessInfo']>;\n  }\n\n  return session;\n}\n","/**\n * Redis-backed session storage.\n *\n * Stores sessions as JSON strings in Redis with an optional TTL.\n * Maintains a secondary index (Redis SET) per shop domain so that\n * findSessionsByShop is efficient.\n */\n\nimport type Redis from 'ioredis';\nimport type { Session, SessionStorage } from '@uniforge/platform-core/auth';\n\nexport interface RedisSessionStorageOptions {\n  /** Key prefix for session keys. Defaults to `uniforge:session:`. */\n  prefix?: string;\n  /** TTL for session keys in seconds. No expiry if omitted. */\n  ttl?: number;\n}\n\nexport class RedisSessionStorage implements SessionStorage {\n  private readonly prefix: string;\n  private readonly ttl: number | undefined;\n\n  constructor(\n    private readonly redis: Redis,\n    options?: RedisSessionStorageOptions,\n  ) {\n    this.prefix = options?.prefix ?? 'uniforge:session:';\n    this.ttl = options?.ttl;\n  }\n\n  async storeSession(session: Session): Promise<boolean> {\n    const key = this.sessionKey(session.id);\n    const data = this.serialize(session);\n\n    const pipeline = this.redis.pipeline();\n    if (this.ttl) {\n      pipeline.set(key, data, 'EX', this.ttl);\n    } else {\n      pipeline.set(key, data);\n    }\n    pipeline.sadd(this.shopIndexKey(session.shop), session.id);\n    await pipeline.exec();\n    return true;\n  }\n\n  async loadSession(id: string): Promise<Session | undefined> {\n    const data = await this.redis.get(this.sessionKey(id));\n    if (!data) return undefined;\n    return this.deserialize(data);\n  }\n\n  async deleteSession(id: string): Promise<boolean> {\n    const session = await this.loadSession(id);\n    const pipeline = this.redis.pipeline();\n    pipeline.del(this.sessionKey(id));\n    if (session) {\n      pipeline.srem(this.shopIndexKey(session.shop), id);\n    }\n    await pipeline.exec();\n    return true;\n  }\n\n  async deleteSessions(ids: string[]): Promise<boolean> {\n    if (ids.length === 0) return true;\n\n    // Load sessions first to find their shops for index cleanup\n    const sessions = await Promise.all(ids.map((id) => this.loadSession(id)));\n\n    const pipeline = this.redis.pipeline();\n    for (const id of ids) {\n      pipeline.del(this.sessionKey(id));\n    }\n    for (const session of sessions) {\n      if (session) {\n        pipeline.srem(this.shopIndexKey(session.shop), session.id);\n      }\n    }\n    await pipeline.exec();\n    return true;\n  }\n\n  async findSessionsByShop(shop: string): Promise<Session[]> {\n    const ids = await this.redis.smembers(this.shopIndexKey(shop));\n    if (ids.length === 0) return [];\n\n    const keys = ids.map((id) => this.sessionKey(id));\n    const results = await this.redis.mget(...keys);\n\n    const sessions: Session[] = [];\n    for (const data of results) {\n      if (data) {\n        sessions.push(this.deserialize(data));\n      }\n    }\n    return sessions;\n  }\n\n  // ---------------------------------------------------------------------------\n  // Helpers\n  // ---------------------------------------------------------------------------\n\n  private sessionKey(id: string): string {\n    return `${this.prefix}${id}`;\n  }\n\n  private shopIndexKey(shopDomain: string): string {\n    return `${this.prefix}shop:${shopDomain}`;\n  }\n\n  private serialize(session: Session): string {\n    return JSON.stringify({\n      ...session,\n      expires: session.expires?.toISOString() ?? null,\n      refreshTokenExpiresAt: session.refreshTokenExpiresAt?.toISOString(),\n      createdAt: session.createdAt.toISOString(),\n      updatedAt: session.updatedAt.toISOString(),\n    });\n  }\n\n  private deserialize(data: string): Session {\n    const raw = JSON.parse(data) as Record<string, unknown>;\n\n    const session: Session = {\n      id: raw.id as string,\n      shop: raw.shop as string,\n      state: raw.state as string,\n      isOnline: raw.isOnline as boolean,\n      scope: raw.scope as string,\n      expires: raw.expires ? new Date(raw.expires as string) : null,\n      createdAt: new Date(raw.createdAt as string),\n      updatedAt: new Date(raw.updatedAt as string),\n    };\n\n    if (raw.accessToken) {\n      session.accessToken = raw.accessToken as string;\n    }\n    if (raw.refreshToken) {\n      session.refreshToken = raw.refreshToken as string;\n    }\n    if (raw.refreshTokenExpiresAt) {\n      session.refreshTokenExpiresAt = new Date(raw.refreshTokenExpiresAt as string);\n    }\n    if (raw.onlineAccessInfo) {\n      session.onlineAccessInfo = raw.onlineAccessInfo as NonNullable<Session['onlineAccessInfo']>;\n    }\n\n    return session;\n  }\n}\n","/**\n * Dual-layer session storage.\n *\n * Writes to both primary (typically Redis) and fallback (typically Prisma)\n * storage. Reads try primary first, falling back to the secondary store\n * and back-filling primary on a hit.\n */\n\nimport type { Session, SessionStorage } from '@uniforge/platform-core/auth';\n\nexport class DualSessionStorage implements SessionStorage {\n  constructor(\n    private readonly primary: SessionStorage,\n    private readonly fallback: SessionStorage,\n  ) {}\n\n  async storeSession(session: Session): Promise<boolean> {\n    const [primaryOk, fallbackOk] = await Promise.all([\n      this.primary.storeSession(session),\n      this.fallback.storeSession(session),\n    ]);\n    return primaryOk && fallbackOk;\n  }\n\n  async loadSession(id: string): Promise<Session | undefined> {\n    const session = await this.primary.loadSession(id);\n    if (session) return session;\n\n    const fallbackSession = await this.fallback.loadSession(id);\n    if (fallbackSession) {\n      // Back-fill primary\n      await this.primary.storeSession(fallbackSession);\n    }\n    return fallbackSession;\n  }\n\n  async deleteSession(id: string): Promise<boolean> {\n    const [primaryOk, fallbackOk] = await Promise.all([\n      this.primary.deleteSession(id),\n      this.fallback.deleteSession(id),\n    ]);\n    return primaryOk && fallbackOk;\n  }\n\n  async deleteSessions(ids: string[]): Promise<boolean> {\n    const [primaryOk, fallbackOk] = await Promise.all([\n      this.primary.deleteSessions(ids),\n      this.fallback.deleteSessions(ids),\n    ]);\n    return primaryOk && fallbackOk;\n  }\n\n  async findSessionsByShop(shop: string): Promise<Session[]> {\n    const sessions = await this.primary.findSessionsByShop(shop);\n    if (sessions.length > 0) return sessions;\n    return this.fallback.findSessionsByShop(shop);\n  }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACMA,oBAAuB;;;ACsEhB,SAAS,gBAAgB,QAAgC;AAC9D,QAAM,UAAmB;AAAA,IACvB,IAAI,OAAO;AAAA,IACX,MAAM,OAAO;AAAA,IACb,OAAO,OAAO;AAAA,IACd,UAAU,OAAO;AAAA,IACjB,OAAO,OAAO;AAAA,IACd,SAAS,OAAO,WAAW;AAAA,IAC3B,WAAW,OAAO;AAAA,IAClB,WAAW,OAAO;AAAA,EACpB;AAEA,MAAI,OAAO,aAAa;AACtB,YAAQ,cAAc,OAAO;AAAA,EAC/B;AACA,MAAI,OAAO,cAAc;AACvB,YAAQ,eAAe,OAAO;AAAA,EAChC;AACA,MAAI,OAAO,uBAAuB;AAChC,YAAQ,wBAAwB,OAAO;AAAA,EACzC;AACA,MAAI,OAAO,kBAAkB;AAC3B,YAAQ,mBAAmB,OAAO;AAAA,EACpC;AAEA,SAAO;AACT;;;AD3FO,IAAM,uBAAN,MAAqD;AAAA,EAC1D,YAA6B,QAAsB;AAAtB;AAAA,EAAuB;AAAA,EAEpD,MAAM,aAAa,SAAoC;AACrD,UAAM,mBACJ,QAAQ,mBACH,QAAQ,mBACT,qBAAO;AAEb,UAAM,OAAO;AAAA,MACX,YAAY,QAAQ;AAAA,MACpB,OAAO,QAAQ;AAAA,MACf,UAAU,QAAQ;AAAA,MAClB,OAAO,QAAQ;AAAA,MACf,SAAS,QAAQ;AAAA,MACjB,aAAa,QAAQ,eAAe;AAAA,MACpC,cAAc,QAAQ,gBAAgB;AAAA,MACtC,uBAAuB,QAAQ,yBAAyB;AAAA,MACxD;AAAA,IACF;AAEA,UAAM,KAAK,OAAO,QAAQ,OAAO;AAAA,MAC/B,OAAO,EAAE,IAAI,QAAQ,GAAG;AAAA,MACxB,QAAQ;AAAA,QACN,IAAI,QAAQ;AAAA,QACZ,GAAG;AAAA,MACL;AAAA,MACA,QAAQ;AAAA,IACV,CAAC;AACD,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,YAAY,IAA0C;AAC1D,UAAM,SAAS,MAAM,KAAK,OAAO,QAAQ,WAAW,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC;AACrE,QAAI,CAAC,OAAQ,QAAO;AACpB,WAAO,gBAAgB,MAAM;AAAA,EAC/B;AAAA,EAEA,MAAM,cAAc,IAA8B;AAChD,QAAI;AACF,YAAM,KAAK,OAAO,QAAQ,OAAO,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC;AAClD,aAAO;AAAA,IACT,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,MAAM,eAAe,KAAiC;AACpD,UAAM,KAAK,OAAO,QAAQ,WAAW,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,IAAI,EAAE,EAAE,CAAC;AACnE,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,mBAAmB,MAAkC;AACzD,UAAM,UAAU,MAAM,KAAK,OAAO,QAAQ,SAAS;AAAA,MACjD,OAAO,EAAE,YAAY,KAAK;AAAA,IAC5B,CAAC;AACD,WAAO,QAAQ,IAAI,eAAe;AAAA,EACpC;AACF;;;AEnDO,IAAM,sBAAN,MAAoD;AAAA,EAIzD,YACmB,OACjB,SACA;AAFiB;AAGjB,SAAK,SAAS,SAAS,UAAU;AACjC,SAAK,MAAM,SAAS;AAAA,EACtB;AAAA,EATiB;AAAA,EACA;AAAA,EAUjB,MAAM,aAAa,SAAoC;AACrD,UAAM,MAAM,KAAK,WAAW,QAAQ,EAAE;AACtC,UAAM,OAAO,KAAK,UAAU,OAAO;AAEnC,UAAM,WAAW,KAAK,MAAM,SAAS;AACrC,QAAI,KAAK,KAAK;AACZ,eAAS,IAAI,KAAK,MAAM,MAAM,KAAK,GAAG;AAAA,IACxC,OAAO;AACL,eAAS,IAAI,KAAK,IAAI;AAAA,IACxB;AACA,aAAS,KAAK,KAAK,aAAa,QAAQ,IAAI,GAAG,QAAQ,EAAE;AACzD,UAAM,SAAS,KAAK;AACpB,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,YAAY,IAA0C;AAC1D,UAAM,OAAO,MAAM,KAAK,MAAM,IAAI,KAAK,WAAW,EAAE,CAAC;AACrD,QAAI,CAAC,KAAM,QAAO;AAClB,WAAO,KAAK,YAAY,IAAI;AAAA,EAC9B;AAAA,EAEA,MAAM,cAAc,IAA8B;AAChD,UAAM,UAAU,MAAM,KAAK,YAAY,EAAE;AACzC,UAAM,WAAW,KAAK,MAAM,SAAS;AACrC,aAAS,IAAI,KAAK,WAAW,EAAE,CAAC;AAChC,QAAI,SAAS;AACX,eAAS,KAAK,KAAK,aAAa,QAAQ,IAAI,GAAG,EAAE;AAAA,IACnD;AACA,UAAM,SAAS,KAAK;AACpB,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,eAAe,KAAiC;AACpD,QAAI,IAAI,WAAW,EAAG,QAAO;AAG7B,UAAM,WAAW,MAAM,QAAQ,IAAI,IAAI,IAAI,CAAC,OAAO,KAAK,YAAY,EAAE,CAAC,CAAC;AAExE,UAAM,WAAW,KAAK,MAAM,SAAS;AACrC,eAAW,MAAM,KAAK;AACpB,eAAS,IAAI,KAAK,WAAW,EAAE,CAAC;AAAA,IAClC;AACA,eAAW,WAAW,UAAU;AAC9B,UAAI,SAAS;AACX,iBAAS,KAAK,KAAK,aAAa,QAAQ,IAAI,GAAG,QAAQ,EAAE;AAAA,MAC3D;AAAA,IACF;AACA,UAAM,SAAS,KAAK;AACpB,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,mBAAmB,MAAkC;AACzD,UAAM,MAAM,MAAM,KAAK,MAAM,SAAS,KAAK,aAAa,IAAI,CAAC;AAC7D,QAAI,IAAI,WAAW,EAAG,QAAO,CAAC;AAE9B,UAAM,OAAO,IAAI,IAAI,CAAC,OAAO,KAAK,WAAW,EAAE,CAAC;AAChD,UAAM,UAAU,MAAM,KAAK,MAAM,KAAK,GAAG,IAAI;AAE7C,UAAM,WAAsB,CAAC;AAC7B,eAAW,QAAQ,SAAS;AAC1B,UAAI,MAAM;AACR,iBAAS,KAAK,KAAK,YAAY,IAAI,CAAC;AAAA,MACtC;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAMQ,WAAW,IAAoB;AACrC,WAAO,GAAG,KAAK,MAAM,GAAG,EAAE;AAAA,EAC5B;AAAA,EAEQ,aAAa,YAA4B;AAC/C,WAAO,GAAG,KAAK,MAAM,QAAQ,UAAU;AAAA,EACzC;AAAA,EAEQ,UAAU,SAA0B;AAC1C,WAAO,KAAK,UAAU;AAAA,MACpB,GAAG;AAAA,MACH,SAAS,QAAQ,SAAS,YAAY,KAAK;AAAA,MAC3C,uBAAuB,QAAQ,uBAAuB,YAAY;AAAA,MAClE,WAAW,QAAQ,UAAU,YAAY;AAAA,MACzC,WAAW,QAAQ,UAAU,YAAY;AAAA,IAC3C,CAAC;AAAA,EACH;AAAA,EAEQ,YAAY,MAAuB;AACzC,UAAM,MAAM,KAAK,MAAM,IAAI;AAE3B,UAAM,UAAmB;AAAA,MACvB,IAAI,IAAI;AAAA,MACR,MAAM,IAAI;AAAA,MACV,OAAO,IAAI;AAAA,MACX,UAAU,IAAI;AAAA,MACd,OAAO,IAAI;AAAA,MACX,SAAS,IAAI,UAAU,IAAI,KAAK,IAAI,OAAiB,IAAI;AAAA,MACzD,WAAW,IAAI,KAAK,IAAI,SAAmB;AAAA,MAC3C,WAAW,IAAI,KAAK,IAAI,SAAmB;AAAA,IAC7C;AAEA,QAAI,IAAI,aAAa;AACnB,cAAQ,cAAc,IAAI;AAAA,IAC5B;AACA,QAAI,IAAI,cAAc;AACpB,cAAQ,eAAe,IAAI;AAAA,IAC7B;AACA,QAAI,IAAI,uBAAuB;AAC7B,cAAQ,wBAAwB,IAAI,KAAK,IAAI,qBAA+B;AAAA,IAC9E;AACA,QAAI,IAAI,kBAAkB;AACxB,cAAQ,mBAAmB,IAAI;AAAA,IACjC;AAEA,WAAO;AAAA,EACT;AACF;;;AC1IO,IAAM,qBAAN,MAAmD;AAAA,EACxD,YACmB,SACA,UACjB;AAFiB;AACA;AAAA,EAChB;AAAA,EAEH,MAAM,aAAa,SAAoC;AACrD,UAAM,CAAC,WAAW,UAAU,IAAI,MAAM,QAAQ,IAAI;AAAA,MAChD,KAAK,QAAQ,aAAa,OAAO;AAAA,MACjC,KAAK,SAAS,aAAa,OAAO;AAAA,IACpC,CAAC;AACD,WAAO,aAAa;AAAA,EACtB;AAAA,EAEA,MAAM,YAAY,IAA0C;AAC1D,UAAM,UAAU,MAAM,KAAK,QAAQ,YAAY,EAAE;AACjD,QAAI,QAAS,QAAO;AAEpB,UAAM,kBAAkB,MAAM,KAAK,SAAS,YAAY,EAAE;AAC1D,QAAI,iBAAiB;AAEnB,YAAM,KAAK,QAAQ,aAAa,eAAe;AAAA,IACjD;AACA,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,cAAc,IAA8B;AAChD,UAAM,CAAC,WAAW,UAAU,IAAI,MAAM,QAAQ,IAAI;AAAA,MAChD,KAAK,QAAQ,cAAc,EAAE;AAAA,MAC7B,KAAK,SAAS,cAAc,EAAE;AAAA,IAChC,CAAC;AACD,WAAO,aAAa;AAAA,EACtB;AAAA,EAEA,MAAM,eAAe,KAAiC;AACpD,UAAM,CAAC,WAAW,UAAU,IAAI,MAAM,QAAQ,IAAI;AAAA,MAChD,KAAK,QAAQ,eAAe,GAAG;AAAA,MAC/B,KAAK,SAAS,eAAe,GAAG;AAAA,IAClC,CAAC;AACD,WAAO,aAAa;AAAA,EACtB;AAAA,EAEA,MAAM,mBAAmB,MAAkC;AACzD,UAAM,WAAW,MAAM,KAAK,QAAQ,mBAAmB,IAAI;AAC3D,QAAI,SAAS,SAAS,EAAG,QAAO;AAChC,WAAO,KAAK,SAAS,mBAAmB,IAAI;AAAA,EAC9C;AACF;","names":[]}

package/dist/session-storage/index.mjs

@@ -0,0 +1,242 @@
+// src/session-storage/prisma-session-storage.ts
+import { Prisma } from "@prisma/client";
+
+// src/database/utils.ts
+function recordToSession(record) {
+  const session = {
+    id: record.id,
+    shop: record.shopDomain,
+    state: record.state,
+    isOnline: record.isOnline,
+    scope: record.scope,
+    expires: record.expires ?? null,
+    createdAt: record.createdAt,
+    updatedAt: record.updatedAt
+  };
+  if (record.accessToken) {
+    session.accessToken = record.accessToken;
+  }
+  if (record.refreshToken) {
+    session.refreshToken = record.refreshToken;
+  }
+  if (record.refreshTokenExpiresAt) {
+    session.refreshTokenExpiresAt = record.refreshTokenExpiresAt;
+  }
+  if (record.onlineAccessInfo) {
+    session.onlineAccessInfo = record.onlineAccessInfo;
+  }
+  return session;
+}
+
+// src/session-storage/prisma-session-storage.ts
+var PrismaSessionStorage = class {
+  constructor(prisma) {
+    this.prisma = prisma;
+  }
+  async storeSession(session) {
+    const onlineAccessInfo = session.onlineAccessInfo ? session.onlineAccessInfo : Prisma.JsonNull;
+    const data = {
+      shopDomain: session.shop,
+      state: session.state,
+      isOnline: session.isOnline,
+      scope: session.scope,
+      expires: session.expires,
+      accessToken: session.accessToken ?? null,
+      refreshToken: session.refreshToken ?? null,
+      refreshTokenExpiresAt: session.refreshTokenExpiresAt ?? null,
+      onlineAccessInfo
+    };
+    await this.prisma.session.upsert({
+      where: { id: session.id },
+      create: {
+        id: session.id,
+        ...data
+      },
+      update: data
+    });
+    return true;
+  }
+  async loadSession(id) {
+    const record = await this.prisma.session.findUnique({ where: { id } });
+    if (!record) return void 0;
+    return recordToSession(record);
+  }
+  async deleteSession(id) {
+    try {
+      await this.prisma.session.delete({ where: { id } });
+      return true;
+    } catch {
+      return false;
+    }
+  }
+  async deleteSessions(ids) {
+    await this.prisma.session.deleteMany({ where: { id: { in: ids } } });
+    return true;
+  }
+  async findSessionsByShop(shop) {
+    const records = await this.prisma.session.findMany({
+      where: { shopDomain: shop }
+    });
+    return records.map(recordToSession);
+  }
+};
+
+// src/session-storage/redis-session-storage.ts
+var RedisSessionStorage = class {
+  constructor(redis, options) {
+    this.redis = redis;
+    this.prefix = options?.prefix ?? "uniforge:session:";
+    this.ttl = options?.ttl;
+  }
+  prefix;
+  ttl;
+  async storeSession(session) {
+    const key = this.sessionKey(session.id);
+    const data = this.serialize(session);
+    const pipeline = this.redis.pipeline();
+    if (this.ttl) {
+      pipeline.set(key, data, "EX", this.ttl);
+    } else {
+      pipeline.set(key, data);
+    }
+    pipeline.sadd(this.shopIndexKey(session.shop), session.id);
+    await pipeline.exec();
+    return true;
+  }
+  async loadSession(id) {
+    const data = await this.redis.get(this.sessionKey(id));
+    if (!data) return void 0;
+    return this.deserialize(data);
+  }
+  async deleteSession(id) {
+    const session = await this.loadSession(id);
+    const pipeline = this.redis.pipeline();
+    pipeline.del(this.sessionKey(id));
+    if (session) {
+      pipeline.srem(this.shopIndexKey(session.shop), id);
+    }
+    await pipeline.exec();
+    return true;
+  }
+  async deleteSessions(ids) {
+    if (ids.length === 0) return true;
+    const sessions = await Promise.all(ids.map((id) => this.loadSession(id)));
+    const pipeline = this.redis.pipeline();
+    for (const id of ids) {
+      pipeline.del(this.sessionKey(id));
+    }
+    for (const session of sessions) {
+      if (session) {
+        pipeline.srem(this.shopIndexKey(session.shop), session.id);
+      }
+    }
+    await pipeline.exec();
+    return true;
+  }
+  async findSessionsByShop(shop) {
+    const ids = await this.redis.smembers(this.shopIndexKey(shop));
+    if (ids.length === 0) return [];
+    const keys = ids.map((id) => this.sessionKey(id));
+    const results = await this.redis.mget(...keys);
+    const sessions = [];
+    for (const data of results) {
+      if (data) {
+        sessions.push(this.deserialize(data));
+      }
+    }
+    return sessions;
+  }
+  // ---------------------------------------------------------------------------
+  // Helpers
+  // ---------------------------------------------------------------------------
+  sessionKey(id) {
+    return `${this.prefix}${id}`;
+  }
+  shopIndexKey(shopDomain) {
+    return `${this.prefix}shop:${shopDomain}`;
+  }
+  serialize(session) {
+    return JSON.stringify({
+      ...session,
+      expires: session.expires?.toISOString() ?? null,
+      refreshTokenExpiresAt: session.refreshTokenExpiresAt?.toISOString(),
+      createdAt: session.createdAt.toISOString(),
+      updatedAt: session.updatedAt.toISOString()
+    });
+  }
+  deserialize(data) {
+    const raw = JSON.parse(data);
+    const session = {
+      id: raw.id,
+      shop: raw.shop,
+      state: raw.state,
+      isOnline: raw.isOnline,
+      scope: raw.scope,
+      expires: raw.expires ? new Date(raw.expires) : null,
+      createdAt: new Date(raw.createdAt),
+      updatedAt: new Date(raw.updatedAt)
+    };
+    if (raw.accessToken) {
+      session.accessToken = raw.accessToken;
+    }
+    if (raw.refreshToken) {
+      session.refreshToken = raw.refreshToken;
+    }
+    if (raw.refreshTokenExpiresAt) {
+      session.refreshTokenExpiresAt = new Date(raw.refreshTokenExpiresAt);
+    }
+    if (raw.onlineAccessInfo) {
+      session.onlineAccessInfo = raw.onlineAccessInfo;
+    }
+    return session;
+  }
+};
+
+// src/session-storage/dual-session-storage.ts
+var DualSessionStorage = class {
+  constructor(primary, fallback) {
+    this.primary = primary;
+    this.fallback = fallback;
+  }
+  async storeSession(session) {
+    const [primaryOk, fallbackOk] = await Promise.all([
+      this.primary.storeSession(session),
+      this.fallback.storeSession(session)
+    ]);
+    return primaryOk && fallbackOk;
+  }
+  async loadSession(id) {
+    const session = await this.primary.loadSession(id);
+    if (session) return session;
+    const fallbackSession = await this.fallback.loadSession(id);
+    if (fallbackSession) {
+      await this.primary.storeSession(fallbackSession);
+    }
+    return fallbackSession;
+  }
+  async deleteSession(id) {
+    const [primaryOk, fallbackOk] = await Promise.all([
+      this.primary.deleteSession(id),
+      this.fallback.deleteSession(id)
+    ]);
+    return primaryOk && fallbackOk;
+  }
+  async deleteSessions(ids) {
+    const [primaryOk, fallbackOk] = await Promise.all([
+      this.primary.deleteSessions(ids),
+      this.fallback.deleteSessions(ids)
+    ]);
+    return primaryOk && fallbackOk;
+  }
+  async findSessionsByShop(shop) {
+    const sessions = await this.primary.findSessionsByShop(shop);
+    if (sessions.length > 0) return sessions;
+    return this.fallback.findSessionsByShop(shop);
+  }
+};
+export {
+  DualSessionStorage,
+  PrismaSessionStorage,
+  RedisSessionStorage
+};
+//# sourceMappingURL=index.mjs.map

package/dist/session-storage/index.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/session-storage/prisma-session-storage.ts","../../src/database/utils.ts","../../src/session-storage/redis-session-storage.ts","../../src/session-storage/dual-session-storage.ts"],"sourcesContent":["/**\n * Prisma-backed session storage.\n *\n * Persists sessions to PostgreSQL via PrismaClient.\n */\n\nimport { Prisma } from '@prisma/client';\nimport type { PrismaClient } from '@prisma/client';\nimport type { Session, SessionStorage } from '@uniforge/platform-core/auth';\nimport { recordToSession } from '../database/utils';\n\nexport class PrismaSessionStorage implements SessionStorage {\n  constructor(private readonly prisma: PrismaClient) {}\n\n  async storeSession(session: Session): Promise<boolean> {\n    const onlineAccessInfo: Prisma.NullableJsonNullValueInput | Prisma.InputJsonValue =\n      session.onlineAccessInfo\n        ? (session.onlineAccessInfo as unknown as Prisma.InputJsonValue)\n        : Prisma.JsonNull;\n\n    const data = {\n      shopDomain: session.shop,\n      state: session.state,\n      isOnline: session.isOnline,\n      scope: session.scope,\n      expires: session.expires,\n      accessToken: session.accessToken ?? null,\n      refreshToken: session.refreshToken ?? null,\n      refreshTokenExpiresAt: session.refreshTokenExpiresAt ?? null,\n      onlineAccessInfo,\n    };\n\n    await this.prisma.session.upsert({\n      where: { id: session.id },\n      create: {\n        id: session.id,\n        ...data,\n      },\n      update: data,\n    });\n    return true;\n  }\n\n  async loadSession(id: string): Promise<Session | undefined> {\n    const record = await this.prisma.session.findUnique({ where: { id } });\n    if (!record) return undefined;\n    return recordToSession(record);\n  }\n\n  async deleteSession(id: string): Promise<boolean> {\n    try {\n      await this.prisma.session.delete({ where: { id } });\n      return true;\n    } catch {\n      return false;\n    }\n  }\n\n  async deleteSessions(ids: string[]): Promise<boolean> {\n    await this.prisma.session.deleteMany({ where: { id: { in: ids } } });\n    return true;\n  }\n\n  async findSessionsByShop(shop: string): Promise<Session[]> {\n    const records = await this.prisma.session.findMany({\n      where: { shopDomain: shop },\n    });\n    return records.map(recordToSession);\n  }\n}\n","/**\n * Converters between platform-core domain types and Prisma record types.\n *\n * The Prisma models use camelCase field names (shopDomain, isOnline, etc.)\n * while platform-core types use slightly different shapes (e.g. session.shop\n * vs record.shopDomain, onlineAccessInfo as object vs JSON).\n */\n\nimport type { Session, Shop } from '@uniforge/platform-core/auth';\nimport type {\n  Shop as PrismaShop,\n  Session as PrismaSession,\n  Prisma,\n} from '@prisma/client';\n\n// ---------------------------------------------------------------------------\n// Shop converters\n// ---------------------------------------------------------------------------\n\n/** Convert a platform-core Shop to a Prisma-compatible record. */\nexport function shopToRecord(\n  shop: Shop,\n): Omit<PrismaShop, 'id'> {\n  return {\n    shopDomain: shop.shopDomain,\n    isInstalled: shop.isInstalled,\n    installedAt: shop.installedAt,\n    uninstalledAt: shop.uninstalledAt,\n    scopes: shop.scopes,\n    shopifyPlan: shop.shopifyPlan,\n    createdAt: shop.createdAt,\n    updatedAt: shop.updatedAt,\n  };\n}\n\n/** Convert a Prisma Shop record to a platform-core Shop. */\nexport function recordToShop(record: PrismaShop): Shop {\n  return {\n    shopDomain: record.shopDomain,\n    isInstalled: record.isInstalled,\n    installedAt: record.installedAt ?? null,\n    uninstalledAt: record.uninstalledAt ?? null,\n    scopes: record.scopes,\n    shopifyPlan: record.shopifyPlan ?? null,\n    createdAt: record.createdAt,\n    updatedAt: record.updatedAt,\n  };\n}\n\n// ---------------------------------------------------------------------------\n// Session converters\n// ---------------------------------------------------------------------------\n\n/** Convert a platform-core Session to a Prisma-compatible create/update input. */\nexport function sessionToRecord(\n  session: Session,\n): Omit<PrismaSession, 'createdAt' | 'updatedAt'> {\n  const record: Omit<PrismaSession, 'createdAt' | 'updatedAt'> = {\n    id: session.id,\n    shopDomain: session.shop,\n    state: session.state,\n    isOnline: session.isOnline,\n    scope: session.scope,\n    expires: session.expires,\n    accessToken: session.accessToken ?? null,\n    refreshToken: session.refreshToken ?? null,\n    refreshTokenExpiresAt: session.refreshTokenExpiresAt ?? null,\n    onlineAccessInfo: session.onlineAccessInfo\n      ? (session.onlineAccessInfo as unknown as Prisma.JsonValue)\n      : null,\n  };\n\n  return record;\n}\n\n/** Convert a Prisma Session record to a platform-core Session. */\nexport function recordToSession(record: PrismaSession): Session {\n  const session: Session = {\n    id: record.id,\n    shop: record.shopDomain,\n    state: record.state,\n    isOnline: record.isOnline,\n    scope: record.scope,\n    expires: record.expires ?? null,\n    createdAt: record.createdAt,\n    updatedAt: record.updatedAt,\n  };\n\n  if (record.accessToken) {\n    session.accessToken = record.accessToken;\n  }\n  if (record.refreshToken) {\n    session.refreshToken = record.refreshToken;\n  }\n  if (record.refreshTokenExpiresAt) {\n    session.refreshTokenExpiresAt = record.refreshTokenExpiresAt;\n  }\n  if (record.onlineAccessInfo) {\n    session.onlineAccessInfo = record.onlineAccessInfo as unknown as NonNullable<Session['onlineAccessInfo']>;\n  }\n\n  return session;\n}\n","/**\n * Redis-backed session storage.\n *\n * Stores sessions as JSON strings in Redis with an optional TTL.\n * Maintains a secondary index (Redis SET) per shop domain so that\n * findSessionsByShop is efficient.\n */\n\nimport type Redis from 'ioredis';\nimport type { Session, SessionStorage } from '@uniforge/platform-core/auth';\n\nexport interface RedisSessionStorageOptions {\n  /** Key prefix for session keys. Defaults to `uniforge:session:`. */\n  prefix?: string;\n  /** TTL for session keys in seconds. No expiry if omitted. */\n  ttl?: number;\n}\n\nexport class RedisSessionStorage implements SessionStorage {\n  private readonly prefix: string;\n  private readonly ttl: number | undefined;\n\n  constructor(\n    private readonly redis: Redis,\n    options?: RedisSessionStorageOptions,\n  ) {\n    this.prefix = options?.prefix ?? 'uniforge:session:';\n    this.ttl = options?.ttl;\n  }\n\n  async storeSession(session: Session): Promise<boolean> {\n    const key = this.sessionKey(session.id);\n    const data = this.serialize(session);\n\n    const pipeline = this.redis.pipeline();\n    if (this.ttl) {\n      pipeline.set(key, data, 'EX', this.ttl);\n    } else {\n      pipeline.set(key, data);\n    }\n    pipeline.sadd(this.shopIndexKey(session.shop), session.id);\n    await pipeline.exec();\n    return true;\n  }\n\n  async loadSession(id: string): Promise<Session | undefined> {\n    const data = await this.redis.get(this.sessionKey(id));\n    if (!data) return undefined;\n    return this.deserialize(data);\n  }\n\n  async deleteSession(id: string): Promise<boolean> {\n    const session = await this.loadSession(id);\n    const pipeline = this.redis.pipeline();\n    pipeline.del(this.sessionKey(id));\n    if (session) {\n      pipeline.srem(this.shopIndexKey(session.shop), id);\n    }\n    await pipeline.exec();\n    return true;\n  }\n\n  async deleteSessions(ids: string[]): Promise<boolean> {\n    if (ids.length === 0) return true;\n\n    // Load sessions first to find their shops for index cleanup\n    const sessions = await Promise.all(ids.map((id) => this.loadSession(id)));\n\n    const pipeline = this.redis.pipeline();\n    for (const id of ids) {\n      pipeline.del(this.sessionKey(id));\n    }\n    for (const session of sessions) {\n      if (session) {\n        pipeline.srem(this.shopIndexKey(session.shop), session.id);\n      }\n    }\n    await pipeline.exec();\n    return true;\n  }\n\n  async findSessionsByShop(shop: string): Promise<Session[]> {\n    const ids = await this.redis.smembers(this.shopIndexKey(shop));\n    if (ids.length === 0) return [];\n\n    const keys = ids.map((id) => this.sessionKey(id));\n    const results = await this.redis.mget(...keys);\n\n    const sessions: Session[] = [];\n    for (const data of results) {\n      if (data) {\n        sessions.push(this.deserialize(data));\n      }\n    }\n    return sessions;\n  }\n\n  // ---------------------------------------------------------------------------\n  // Helpers\n  // ---------------------------------------------------------------------------\n\n  private sessionKey(id: string): string {\n    return `${this.prefix}${id}`;\n  }\n\n  private shopIndexKey(shopDomain: string): string {\n    return `${this.prefix}shop:${shopDomain}`;\n  }\n\n  private serialize(session: Session): string {\n    return JSON.stringify({\n      ...session,\n      expires: session.expires?.toISOString() ?? null,\n      refreshTokenExpiresAt: session.refreshTokenExpiresAt?.toISOString(),\n      createdAt: session.createdAt.toISOString(),\n      updatedAt: session.updatedAt.toISOString(),\n    });\n  }\n\n  private deserialize(data: string): Session {\n    const raw = JSON.parse(data) as Record<string, unknown>;\n\n    const session: Session = {\n      id: raw.id as string,\n      shop: raw.shop as string,\n      state: raw.state as string,\n      isOnline: raw.isOnline as boolean,\n      scope: raw.scope as string,\n      expires: raw.expires ? new Date(raw.expires as string) : null,\n      createdAt: new Date(raw.createdAt as string),\n      updatedAt: new Date(raw.updatedAt as string),\n    };\n\n    if (raw.accessToken) {\n      session.accessToken = raw.accessToken as string;\n    }\n    if (raw.refreshToken) {\n      session.refreshToken = raw.refreshToken as string;\n    }\n    if (raw.refreshTokenExpiresAt) {\n      session.refreshTokenExpiresAt = new Date(raw.refreshTokenExpiresAt as string);\n    }\n    if (raw.onlineAccessInfo) {\n      session.onlineAccessInfo = raw.onlineAccessInfo as NonNullable<Session['onlineAccessInfo']>;\n    }\n\n    return session;\n  }\n}\n","/**\n * Dual-layer session storage.\n *\n * Writes to both primary (typically Redis) and fallback (typically Prisma)\n * storage. Reads try primary first, falling back to the secondary store\n * and back-filling primary on a hit.\n */\n\nimport type { Session, SessionStorage } from '@uniforge/platform-core/auth';\n\nexport class DualSessionStorage implements SessionStorage {\n  constructor(\n    private readonly primary: SessionStorage,\n    private readonly fallback: SessionStorage,\n  ) {}\n\n  async storeSession(session: Session): Promise<boolean> {\n    const [primaryOk, fallbackOk] = await Promise.all([\n      this.primary.storeSession(session),\n      this.fallback.storeSession(session),\n    ]);\n    return primaryOk && fallbackOk;\n  }\n\n  async loadSession(id: string): Promise<Session | undefined> {\n    const session = await this.primary.loadSession(id);\n    if (session) return session;\n\n    const fallbackSession = await this.fallback.loadSession(id);\n    if (fallbackSession) {\n      // Back-fill primary\n      await this.primary.storeSession(fallbackSession);\n    }\n    return fallbackSession;\n  }\n\n  async deleteSession(id: string): Promise<boolean> {\n    const [primaryOk, fallbackOk] = await Promise.all([\n      this.primary.deleteSession(id),\n      this.fallback.deleteSession(id),\n    ]);\n    return primaryOk && fallbackOk;\n  }\n\n  async deleteSessions(ids: string[]): Promise<boolean> {\n    const [primaryOk, fallbackOk] = await Promise.all([\n      this.primary.deleteSessions(ids),\n      this.fallback.deleteSessions(ids),\n    ]);\n    return primaryOk && fallbackOk;\n  }\n\n  async findSessionsByShop(shop: string): Promise<Session[]> {\n    const sessions = await this.primary.findSessionsByShop(shop);\n    if (sessions.length > 0) return sessions;\n    return this.fallback.findSessionsByShop(shop);\n  }\n}\n"],"mappings":";AAMA,SAAS,cAAc;;;ACsEhB,SAAS,gBAAgB,QAAgC;AAC9D,QAAM,UAAmB;AAAA,IACvB,IAAI,OAAO;AAAA,IACX,MAAM,OAAO;AAAA,IACb,OAAO,OAAO;AAAA,IACd,UAAU,OAAO;AAAA,IACjB,OAAO,OAAO;AAAA,IACd,SAAS,OAAO,WAAW;AAAA,IAC3B,WAAW,OAAO;AAAA,IAClB,WAAW,OAAO;AAAA,EACpB;AAEA,MAAI,OAAO,aAAa;AACtB,YAAQ,cAAc,OAAO;AAAA,EAC/B;AACA,MAAI,OAAO,cAAc;AACvB,YAAQ,eAAe,OAAO;AAAA,EAChC;AACA,MAAI,OAAO,uBAAuB;AAChC,YAAQ,wBAAwB,OAAO;AAAA,EACzC;AACA,MAAI,OAAO,kBAAkB;AAC3B,YAAQ,mBAAmB,OAAO;AAAA,EACpC;AAEA,SAAO;AACT;;;AD3FO,IAAM,uBAAN,MAAqD;AAAA,EAC1D,YAA6B,QAAsB;AAAtB;AAAA,EAAuB;AAAA,EAEpD,MAAM,aAAa,SAAoC;AACrD,UAAM,mBACJ,QAAQ,mBACH,QAAQ,mBACT,OAAO;AAEb,UAAM,OAAO;AAAA,MACX,YAAY,QAAQ;AAAA,MACpB,OAAO,QAAQ;AAAA,MACf,UAAU,QAAQ;AAAA,MAClB,OAAO,QAAQ;AAAA,MACf,SAAS,QAAQ;AAAA,MACjB,aAAa,QAAQ,eAAe;AAAA,MACpC,cAAc,QAAQ,gBAAgB;AAAA,MACtC,uBAAuB,QAAQ,yBAAyB;AAAA,MACxD;AAAA,IACF;AAEA,UAAM,KAAK,OAAO,QAAQ,OAAO;AAAA,MAC/B,OAAO,EAAE,IAAI,QAAQ,GAAG;AAAA,MACxB,QAAQ;AAAA,QACN,IAAI,QAAQ;AAAA,QACZ,GAAG;AAAA,MACL;AAAA,MACA,QAAQ;AAAA,IACV,CAAC;AACD,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,YAAY,IAA0C;AAC1D,UAAM,SAAS,MAAM,KAAK,OAAO,QAAQ,WAAW,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC;AACrE,QAAI,CAAC,OAAQ,QAAO;AACpB,WAAO,gBAAgB,MAAM;AAAA,EAC/B;AAAA,EAEA,MAAM,cAAc,IAA8B;AAChD,QAAI;AACF,YAAM,KAAK,OAAO,QAAQ,OAAO,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC;AAClD,aAAO;AAAA,IACT,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,MAAM,eAAe,KAAiC;AACpD,UAAM,KAAK,OAAO,QAAQ,WAAW,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,IAAI,EAAE,EAAE,CAAC;AACnE,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,mBAAmB,MAAkC;AACzD,UAAM,UAAU,MAAM,KAAK,OAAO,QAAQ,SAAS;AAAA,MACjD,OAAO,EAAE,YAAY,KAAK;AAAA,IAC5B,CAAC;AACD,WAAO,QAAQ,IAAI,eAAe;AAAA,EACpC;AACF;;;AEnDO,IAAM,sBAAN,MAAoD;AAAA,EAIzD,YACmB,OACjB,SACA;AAFiB;AAGjB,SAAK,SAAS,SAAS,UAAU;AACjC,SAAK,MAAM,SAAS;AAAA,EACtB;AAAA,EATiB;AAAA,EACA;AAAA,EAUjB,MAAM,aAAa,SAAoC;AACrD,UAAM,MAAM,KAAK,WAAW,QAAQ,EAAE;AACtC,UAAM,OAAO,KAAK,UAAU,OAAO;AAEnC,UAAM,WAAW,KAAK,MAAM,SAAS;AACrC,QAAI,KAAK,KAAK;AACZ,eAAS,IAAI,KAAK,MAAM,MAAM,KAAK,GAAG;AAAA,IACxC,OAAO;AACL,eAAS,IAAI,KAAK,IAAI;AAAA,IACxB;AACA,aAAS,KAAK,KAAK,aAAa,QAAQ,IAAI,GAAG,QAAQ,EAAE;AACzD,UAAM,SAAS,KAAK;AACpB,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,YAAY,IAA0C;AAC1D,UAAM,OAAO,MAAM,KAAK,MAAM,IAAI,KAAK,WAAW,EAAE,CAAC;AACrD,QAAI,CAAC,KAAM,QAAO;AAClB,WAAO,KAAK,YAAY,IAAI;AAAA,EAC9B;AAAA,EAEA,MAAM,cAAc,IAA8B;AAChD,UAAM,UAAU,MAAM,KAAK,YAAY,EAAE;AACzC,UAAM,WAAW,KAAK,MAAM,SAAS;AACrC,aAAS,IAAI,KAAK,WAAW,EAAE,CAAC;AAChC,QAAI,SAAS;AACX,eAAS,KAAK,KAAK,aAAa,QAAQ,IAAI,GAAG,EAAE;AAAA,IACnD;AACA,UAAM,SAAS,KAAK;AACpB,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,eAAe,KAAiC;AACpD,QAAI,IAAI,WAAW,EAAG,QAAO;AAG7B,UAAM,WAAW,MAAM,QAAQ,IAAI,IAAI,IAAI,CAAC,OAAO,KAAK,YAAY,EAAE,CAAC,CAAC;AAExE,UAAM,WAAW,KAAK,MAAM,SAAS;AACrC,eAAW,MAAM,KAAK;AACpB,eAAS,IAAI,KAAK,WAAW,EAAE,CAAC;AAAA,IAClC;AACA,eAAW,WAAW,UAAU;AAC9B,UAAI,SAAS;AACX,iBAAS,KAAK,KAAK,aAAa,QAAQ,IAAI,GAAG,QAAQ,EAAE;AAAA,MAC3D;AAAA,IACF;AACA,UAAM,SAAS,KAAK;AACpB,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,mBAAmB,MAAkC;AACzD,UAAM,MAAM,MAAM,KAAK,MAAM,SAAS,KAAK,aAAa,IAAI,CAAC;AAC7D,QAAI,IAAI,WAAW,EAAG,QAAO,CAAC;AAE9B,UAAM,OAAO,IAAI,IAAI,CAAC,OAAO,KAAK,WAAW,EAAE,CAAC;AAChD,UAAM,UAAU,MAAM,KAAK,MAAM,KAAK,GAAG,IAAI;AAE7C,UAAM,WAAsB,CAAC;AAC7B,eAAW,QAAQ,SAAS;AAC1B,UAAI,MAAM;AACR,iBAAS,KAAK,KAAK,YAAY,IAAI,CAAC;AAAA,MACtC;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAMQ,WAAW,IAAoB;AACrC,WAAO,GAAG,KAAK,MAAM,GAAG,EAAE;AAAA,EAC5B;AAAA,EAEQ,aAAa,YAA4B;AAC/C,WAAO,GAAG,KAAK,MAAM,QAAQ,UAAU;AAAA,EACzC;AAAA,EAEQ,UAAU,SAA0B;AAC1C,WAAO,KAAK,UAAU;AAAA,MACpB,GAAG;AAAA,MACH,SAAS,QAAQ,SAAS,YAAY,KAAK;AAAA,MAC3C,uBAAuB,QAAQ,uBAAuB,YAAY;AAAA,MAClE,WAAW,QAAQ,UAAU,YAAY;AAAA,MACzC,WAAW,QAAQ,UAAU,YAAY;AAAA,IAC3C,CAAC;AAAA,EACH;AAAA,EAEQ,YAAY,MAAuB;AACzC,UAAM,MAAM,KAAK,MAAM,IAAI;AAE3B,UAAM,UAAmB;AAAA,MACvB,IAAI,IAAI;AAAA,MACR,MAAM,IAAI;AAAA,MACV,OAAO,IAAI;AAAA,MACX,UAAU,IAAI;AAAA,MACd,OAAO,IAAI;AAAA,MACX,SAAS,IAAI,UAAU,IAAI,KAAK,IAAI,OAAiB,IAAI;AAAA,MACzD,WAAW,IAAI,KAAK,IAAI,SAAmB;AAAA,MAC3C,WAAW,IAAI,KAAK,IAAI,SAAmB;AAAA,IAC7C;AAEA,QAAI,IAAI,aAAa;AACnB,cAAQ,cAAc,IAAI;AAAA,IAC5B;AACA,QAAI,IAAI,cAAc;AACpB,cAAQ,eAAe,IAAI;AAAA,IAC7B;AACA,QAAI,IAAI,uBAAuB;AAC7B,cAAQ,wBAAwB,IAAI,KAAK,IAAI,qBAA+B;AAAA,IAC9E;AACA,QAAI,IAAI,kBAAkB;AACxB,cAAQ,mBAAmB,IAAI;AAAA,IACjC;AAEA,WAAO;AAAA,EACT;AACF;;;AC1IO,IAAM,qBAAN,MAAmD;AAAA,EACxD,YACmB,SACA,UACjB;AAFiB;AACA;AAAA,EAChB;AAAA,EAEH,MAAM,aAAa,SAAoC;AACrD,UAAM,CAAC,WAAW,UAAU,IAAI,MAAM,QAAQ,IAAI;AAAA,MAChD,KAAK,QAAQ,aAAa,OAAO;AAAA,MACjC,KAAK,SAAS,aAAa,OAAO;AAAA,IACpC,CAAC;AACD,WAAO,aAAa;AAAA,EACtB;AAAA,EAEA,MAAM,YAAY,IAA0C;AAC1D,UAAM,UAAU,MAAM,KAAK,QAAQ,YAAY,EAAE;AACjD,QAAI,QAAS,QAAO;AAEpB,UAAM,kBAAkB,MAAM,KAAK,SAAS,YAAY,EAAE;AAC1D,QAAI,iBAAiB;AAEnB,YAAM,KAAK,QAAQ,aAAa,eAAe;AAAA,IACjD;AACA,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,cAAc,IAA8B;AAChD,UAAM,CAAC,WAAW,UAAU,IAAI,MAAM,QAAQ,IAAI;AAAA,MAChD,KAAK,QAAQ,cAAc,EAAE;AAAA,MAC7B,KAAK,SAAS,cAAc,EAAE;AAAA,IAChC,CAAC;AACD,WAAO,aAAa;AAAA,EACtB;AAAA,EAEA,MAAM,eAAe,KAAiC;AACpD,UAAM,CAAC,WAAW,UAAU,IAAI,MAAM,QAAQ,IAAI;AAAA,MAChD,KAAK,QAAQ,eAAe,GAAG;AAAA,MAC/B,KAAK,SAAS,eAAe,GAAG;AAAA,IAClC,CAAC;AACD,WAAO,aAAa;AAAA,EACtB;AAAA,EAEA,MAAM,mBAAmB,MAAkC;AACzD,UAAM,WAAW,MAAM,KAAK,QAAQ,mBAAmB,IAAI;AAC3D,QAAI,SAAS,SAAS,EAAG,QAAO;AAChC,WAAO,KAAK,SAAS,mBAAmB,IAAI;AAAA,EAC9C;AACF;","names":[]}

package/dist/webhooks/index.d.cts

@@ -0,0 +1,89 @@
+import { WebhookValidator, WebhookQueueConfig, WebhookQueue, WebhookHandler, GdprHandler } from '@uniforge/platform-core/webhooks';
+import Redis from 'ioredis';
+
+/**
+ * Webhook HMAC validation.
+ *
+ * Validates incoming Shopify webhook requests by computing
+ * HMAC-SHA256 of the raw body and comparing with the header value.
+ * Uses base64 encoding (Shopify webhooks use base64, not hex).
+ */
+
+declare function createWebhookValidator(): WebhookValidator;
+
+/**
+ * Redis-backed webhook queue.
+ *
+ * Stores webhook jobs in Redis with sorted sets for ordered processing.
+ * Supports exponential backoff retries and dead letter queue.
+ */
+
+declare function createWebhookQueue(redis: Redis, config?: WebhookQueueConfig): WebhookQueue;
+
+/**
+ * Webhook handler registry.
+ *
+ * A simple in-memory registry mapping webhook topics to their handlers.
+ */
+
+interface WebhookRegistry {
+    register(topic: string, handler: WebhookHandler): void;
+    unregister(topic: string): void;
+    getHandler(topic: string): WebhookHandler | undefined;
+    listTopics(): string[];
+}
+declare function createWebhookRegistry(): WebhookRegistry;
+
+/**
+ * Webhook queue processor.
+ *
+ * Polls the webhook queue for pending jobs and dispatches them
+ * to the appropriate handler. Handles success/failure and requeue.
+ */
+
+interface WebhookProcessorConfig {
+    pollIntervalMs?: number;
+}
+interface WebhookProcessor {
+    processNext(): Promise<boolean>;
+    start(): void;
+    stop(): void;
+}
+declare function createWebhookProcessor(queue: WebhookQueue, handlers: Map<string, WebhookHandler> | WebhookRegistry, config?: WebhookProcessorConfig): WebhookProcessor;
+
+/**
+ * GDPR webhook helpers.
+ *
+ * Wraps a GdprHandler implementation into standard WebhookHandler
+ * entries that can be registered with the webhook registry.
+ */
+
+declare function createGdprHandlers(handler: GdprHandler): Map<string, WebhookHandler>;
+
+/**
+ * Webhook middleware.
+ *
+ * Processes incoming webhook HTTP requests: validates HMAC,
+ * extracts headers, and either enqueues for async processing
+ * or dispatches synchronously to the handler.
+ */
+
+interface WebhookRequest {
+    rawBody: Buffer;
+    headers: Record<string, string>;
+}
+interface WebhookMiddlewareResult {
+    statusCode: 200 | 401 | 404 | 500;
+    body?: string;
+}
+interface WebhookMiddlewareConfig {
+    validator: WebhookValidator;
+    secret: string;
+    registry: WebhookRegistry;
+    queue?: WebhookQueue;
+}
+declare function createWebhookMiddleware(config: WebhookMiddlewareConfig): {
+    processWebhook(request: WebhookRequest): Promise<WebhookMiddlewareResult>;
+};
+
+export { type WebhookMiddlewareConfig, type WebhookMiddlewareResult, type WebhookProcessor, type WebhookProcessorConfig, type WebhookRegistry, type WebhookRequest, createGdprHandlers, createWebhookMiddleware, createWebhookProcessor, createWebhookQueue, createWebhookRegistry, createWebhookValidator };