@very_aq/codex-cli-web 0.0.1

package/server/dist/auth/session.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"session.js","sourceRoot":"","sources":["../../src/auth/session.ts"],"names":[],"mappings":";;;;;;AA8BA,4DAaC;AAGD,4DAGC;AAGD,4EA8BC;AAED,8CAkBC;AAED,kEAUC;AAED,sEAUC;AA9HD,oDAA4B;AAGf,QAAA,mBAAmB,GAAG,eAAe,CAAC;AACtC,QAAA,2BAA2B,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;AAuB5D,MAAM,UAAU,GAAG,IAAI,CAAC;AACxB,MAAM,UAAU,GAAG,IAAI,CAAC;AAExB,SAAgB,wBAAwB,CACtC,OAA0C,EAC1C,MAAc,EACd,QAAgB,IAAI,CAAC,GAAG,EAAE,EAC1B,aAAqB,mCAA2B;IAEhD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,GAAG,IAAI,CAAC,CAAC;IACxC,MAAM,YAAY,GAAa,OAAO,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;IACnG,MAAM,OAAO,GAAqB,EAAE,CAAC,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,EAAE,YAAY,EAAE,GAAG,EAAE,MAAM,GAAG,UAAU,EAAE,CAAC;IACrG,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IACtF,MAAM,UAAU,GAAG,GAAG,UAAU,IAAI,UAAU,EAAE,CAAC;IACjD,MAAM,GAAG,GAAG,IAAI,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;IACrC,OAAO,GAAG,UAAU,IAAI,GAAG,EAAE,CAAC;AAChC,CAAC;AAED,iCAAiC;AACjC,SAAgB,wBAAwB,CAAC,KAAa,EAAE,MAAc,EAAE,QAAgB,IAAI,CAAC,GAAG,EAAE;IAChG,MAAM,QAAQ,GAAG,gCAAgC,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;IACxE,OAAO,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,QAAQ,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;AAC3D,CAAC;AAED,yCAAyC;AACzC,SAAgB,gCAAgC,CAAC,KAAa,EAAE,MAAc,EAAE,QAAgB,IAAI,CAAC,GAAG,EAAE;IACxG,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IACpC,MAAM,CAAC,GAAG,EAAE,UAAU,EAAE,MAAM,CAAC,GAAG,KAAK,CAAC;IACxC,IAAI,GAAG,KAAK,UAAU,IAAI,GAAG,KAAK,UAAU;QAAE,OAAO,IAAI,CAAC;IAE1D,MAAM,UAAU,GAAG,GAAG,GAAG,IAAI,UAAU,EAAE,CAAC;IAC1C,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;IAC1C,IAAI,CAAC,qBAAqB,CAAC,QAAQ,EAAE,MAAM,CAAC;QAAE,OAAO,IAAI,CAAC;IAE1D,IAAI,OAA4C,CAAC;IACjD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAClE,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAwC,CAAC;IACnE,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CAAC,OAAO,IAAI,OAAO,OAAO,CAAC,CAAC,KAAK,QAAQ,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IAE9F,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,GAAG,IAAI,CAAC,CAAC;IACxC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,GAAG,IAAI,MAAM;QAAE,OAAO,IAAI,CAAC;IAExE,IAAI,GAAG,KAAK,UAAU,EAAE,CAAC;QACvB,OAAO,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC;IACnF,CAAC;IAED,MAAM,IAAI,GAAI,OAA4B,CAAC,CAAC,CAAC;IAC7C,IAAI,IAAI,KAAK,OAAO,IAAI,IAAI,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IACvD,OAAO,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC;AACvC,CAAC;AAED,SAAgB,iBAAiB,CAAC,MAA0B;IAC1D,IAAI,CAAC,MAAM;QAAE,OAAO,EAAE,CAAC;IACvB,MAAM,GAAG,GAA2B,EAAE,CAAC;IACvC,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;QACrC,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QAC9B,IAAI,GAAG,KAAK,CAAC,CAAC;YAAE,SAAS;QACzB,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;QACtC,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACvC,IAAI,CAAC,GAAG;YAAE,SAAS;QACnB,IAAI,CAAC;YACH,GAAG,CAAC,GAAG,CAAC,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAC;QACrC,CAAC;QAAC,MAAM,CAAC;YACP,gDAAgD;YAChD,0CAA0C;YAC1C,GAAG,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC;QACjB,CAAC;IACH,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAgB,2BAA2B,CAAC,KAAa,EAAE,IAAgD;IACzG,MAAM,IAAI,GAAG;QACX,GAAG,2BAAmB,IAAI,kBAAkB,CAAC,KAAK,CAAC,EAAE;QACrD,QAAQ;QACR,UAAU;QACV,cAAc;QACd,WAAW,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,EAAE;KACzD,CAAC;IACF,IAAI,IAAI,CAAC,MAAM;QAAE,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACrC,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACzB,CAAC;AAED,SAAgB,6BAA6B,CAAC,IAAyB;IACrE,MAAM,IAAI,GAAG;QACX,GAAG,2BAAmB,GAAG;QACzB,QAAQ;QACR,UAAU;QACV,cAAc;QACd,WAAW;KACZ,CAAC;IACF,IAAI,IAAI,CAAC,MAAM;QAAE,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACrC,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACzB,CAAC;AAED,SAAS,IAAI,CAAC,KAAa,EAAE,MAAc;IACzC,OAAO,gBAAM,CAAC,UAAU,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;AACvF,CAAC;AAED,SAAS,qBAAqB,CAAC,CAAS,EAAE,CAAS;IACjD,IAAI,CAAC;QACH,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;QACvC,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;QACvC,IAAI,EAAE,CAAC,MAAM,KAAK,EAAE,CAAC,MAAM;YAAE,OAAO,KAAK,CAAC;QAC1C,OAAO,gBAAM,CAAC,eAAe,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IACxC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC"}

package/server/dist/auth/sqlite/authDb.d.ts

@@ -0,0 +1,18 @@
+import Database from "better-sqlite3";
+/**
+ * 认证数据库句柄与事务工具。
+ */
+export type AuthDb = {
+    db: Database.Database;
+    runInTransaction: <T>(callback: () => T) => T;
+};
+/**
+ * 创建认证数据库连接所需参数。
+ */
+export type CreateAuthDbOptions = {
+    dbPath: string;
+};
+/**
+ * 创建并初始化认证数据库连接。
+ */
+export declare function createAuthDb(options: CreateAuthDbOptions): AuthDb;

package/server/dist/auth/sqlite/authDb.js

@@ -0,0 +1,26 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createAuthDb = createAuthDb;
+const node_fs_1 = __importDefault(require("node:fs"));
+const node_path_1 = __importDefault(require("node:path"));
+const better_sqlite3_1 = __importDefault(require("better-sqlite3"));
+const schema_1 = require("./schema");
+/**
+ * 创建并初始化认证数据库连接。
+ */
+function createAuthDb(options) {
+    const normalizedDbPath = node_path_1.default.resolve(String(options.dbPath ?? "").trim());
+    if (!normalizedDbPath)
+        throw new Error("auth dbPath is required");
+    const dbDirPath = node_path_1.default.dirname(normalizedDbPath);
+    node_fs_1.default.mkdirSync(dbDirPath, { recursive: true });
+    const db = new better_sqlite3_1.default(normalizedDbPath);
+    (0, schema_1.applyAuthSchema)(db);
+    const transaction = db.transaction((callback) => callback());
+    const runInTransaction = (callback) => transaction(callback);
+    return { db, runInTransaction };
+}
+//# sourceMappingURL=authDb.js.map

package/server/dist/auth/sqlite/authDb.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"authDb.js","sourceRoot":"","sources":["../../../src/auth/sqlite/authDb.ts"],"names":[],"mappings":";;;;;AAuBA,oCAaC;AApCD,sDAAyB;AACzB,0DAA6B;AAC7B,oEAAsC;AACtC,qCAA2C;AAiB3C;;GAEG;AACH,SAAgB,YAAY,CAAC,OAA4B;IACvD,MAAM,gBAAgB,GAAG,mBAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;IAC3E,IAAI,CAAC,gBAAgB;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAElE,MAAM,SAAS,GAAG,mBAAI,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC;IACjD,iBAAE,CAAC,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAE7C,MAAM,EAAE,GAAG,IAAI,wBAAQ,CAAC,gBAAgB,CAAC,CAAC;IAC1C,IAAA,wBAAe,EAAC,EAAE,CAAC,CAAC;IAEpB,MAAM,WAAW,GAAG,EAAE,CAAC,WAAW,CAAC,CAAC,QAAuB,EAAE,EAAE,CAAC,QAAQ,EAAE,CAAC,CAAC;IAC5E,MAAM,gBAAgB,GAAG,CAAI,QAAiB,EAAK,EAAE,CAAC,WAAW,CAAC,QAAQ,CAAM,CAAC;IACjF,OAAO,EAAE,EAAE,EAAE,gBAAgB,EAAE,CAAC;AAClC,CAAC"}

package/server/dist/auth/sqlite/legacyImport.d.ts

@@ -0,0 +1,22 @@
+import type { AuthDb } from "./authDb";
+/**
+ * 旧 JSON 导入执行参数。
+ */
+export type LegacyImportOptions = {
+    authDb: AuthDb;
+    usersFilePath: string;
+    userWorkspacesFilePath: string;
+};
+/**
+ * 旧 JSON 导入结果摘要。
+ */
+export type LegacyImportResult = {
+    imported: boolean;
+    importedUsers: number;
+    importedAssignedWorkspaces: number;
+    importedWorkspaceDirs: number;
+};
+/**
+ * 当 DB 为空时导入旧 JSON 配置数据。
+ */
+export declare function maybeImportLegacyJsonSettings(options: LegacyImportOptions): Promise<LegacyImportResult>;

package/server/dist/auth/sqlite/legacyImport.js

@@ -0,0 +1,208 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.maybeImportLegacyJsonSettings = maybeImportLegacyJsonSettings;
+const promises_1 = __importDefault(require("node:fs/promises"));
+const node_path_1 = __importDefault(require("node:path"));
+/**
+ * 规范化用户名输入。
+ */
+function normalizeUsername(username) {
+    return String(username ?? "").trim();
+}
+/**
+ * 规范化角色值。
+ */
+function normalizeRole(role) {
+    return role === "admin" ? "admin" : "member";
+}
+/**
+ * 去重并保序地规范化“分配工作区”。
+ */
+function normalizeAssignedWorkspaces(workspaces) {
+    const input = Array.isArray(workspaces) ? workspaces : [];
+    const seen = new Set();
+    const normalized = [];
+    for (const workspacePath of input) {
+        const trimmedWorkspacePath = String(workspacePath ?? "").trim();
+        if (!trimmedWorkspacePath)
+            continue;
+        if (seen.has(trimmedWorkspacePath))
+            continue;
+        seen.add(trimmedWorkspacePath);
+        normalized.push(trimmedWorkspacePath);
+    }
+    return normalized;
+}
+/**
+ * 去重并保序地规范化“用户保存工作目录”。
+ */
+function normalizeWorkspaceDirs(workspaceDirs) {
+    const input = Array.isArray(workspaceDirs) ? workspaceDirs : [];
+    const seen = new Set();
+    const normalized = [];
+    for (const workspaceDir of input) {
+        const resolvedWorkspaceDir = node_path_1.default.resolve(String(workspaceDir ?? "").trim());
+        if (!resolvedWorkspaceDir)
+            continue;
+        if (seen.has(resolvedWorkspaceDir))
+            continue;
+        seen.add(resolvedWorkspaceDir);
+        normalized.push(resolvedWorkspaceDir);
+    }
+    return normalized;
+}
+/**
+ * 安全读取 JSON 文件；文件不存在时返回 null。
+ */
+async function readJsonFileIfExists(filePath) {
+    const normalizedFilePath = String(filePath ?? "").trim();
+    if (!normalizedFilePath)
+        return null;
+    try {
+        const rawJson = await promises_1.default.readFile(normalizedFilePath, "utf8");
+        return JSON.parse(rawJson);
+    }
+    catch (error) {
+        if (error?.code === "ENOENT")
+            return null;
+        return null;
+    }
+}
+/**
+ * 读取并解析旧版 users.json。
+ */
+async function readLegacyUsers(filePath) {
+    const raw = await readJsonFileIfExists(filePath);
+    const users = Array.isArray(raw?.users) ? raw.users : [];
+    const seen = new Set();
+    const normalizedUsers = [];
+    for (const user of users) {
+        const username = normalizeUsername(user?.username);
+        if (!username || seen.has(username))
+            continue;
+        const passwordHash = String(user?.passwordHash ?? "").trim();
+        if (!passwordHash)
+            continue;
+        seen.add(username);
+        normalizedUsers.push({
+            username,
+            role: normalizeRole(user?.role),
+            passwordHash,
+            workspaces: normalizeAssignedWorkspaces(user?.workspaces),
+        });
+    }
+    return normalizedUsers;
+}
+/**
+ * 读取并解析旧版 user-workspaces.json。
+ */
+async function readLegacyWorkspaceEntries(filePath) {
+    const raw = await readJsonFileIfExists(filePath);
+    const users = Array.isArray(raw?.users) ? raw.users : [];
+    const seen = new Set();
+    const normalizedEntries = [];
+    for (const user of users) {
+        const username = normalizeUsername(user?.username);
+        if (!username || seen.has(username))
+            continue;
+        seen.add(username);
+        normalizedEntries.push({
+            username,
+            workspaceDirs: normalizeWorkspaceDirs(user?.workspaceDirs),
+        });
+    }
+    return normalizedEntries;
+}
+/**
+ * 当 DB 为空时导入旧 JSON 配置数据。
+ */
+async function maybeImportLegacyJsonSettings(options) {
+    const db = options.authDb.db;
+    const userCountRow = db.prepare(`SELECT COUNT(*) AS count FROM auth_users`).get();
+    const userCount = Number(userCountRow?.count ?? 0);
+    if (userCount > 0) {
+        return {
+            imported: false,
+            importedUsers: 0,
+            importedAssignedWorkspaces: 0,
+            importedWorkspaceDirs: 0,
+        };
+    }
+    const legacyUsers = await readLegacyUsers(options.usersFilePath);
+    const legacyWorkspaceEntries = await readLegacyWorkspaceEntries(options.userWorkspacesFilePath);
+    if (legacyUsers.length === 0 && legacyWorkspaceEntries.length === 0) {
+        return {
+            imported: false,
+            importedUsers: 0,
+            importedAssignedWorkspaces: 0,
+            importedWorkspaceDirs: 0,
+        };
+    }
+    const insertUserStatement = db.prepare(`
+    INSERT OR REPLACE INTO auth_users (
+      username, role, password_hash, created_at_ms, updated_at_ms
+    ) VALUES (
+      @username, @role, @passwordHash, @createdAtMs, @updatedAtMs
+    )
+  `);
+    const insertAssignedWorkspaceStatement = db.prepare(`
+    INSERT OR REPLACE INTO auth_user_assigned_workspaces (
+      username, workspace_path, ord
+    ) VALUES (
+      @username, @workspacePath, @ord
+    )
+  `);
+    const insertWorkspaceDirStatement = db.prepare(`
+    INSERT OR REPLACE INTO auth_user_workspace_dirs (
+      username, workspace_dir, ord
+    ) VALUES (
+      @username, @workspaceDir, @ord
+    )
+  `);
+    const nowMs = Date.now();
+    let importedUsers = 0;
+    let importedAssignedWorkspaces = 0;
+    let importedWorkspaceDirs = 0;
+    options.authDb.runInTransaction(() => {
+        for (const legacyUser of legacyUsers) {
+            insertUserStatement.run({
+                username: legacyUser.username,
+                role: normalizeRole(legacyUser.role),
+                passwordHash: legacyUser.passwordHash,
+                createdAtMs: nowMs,
+                updatedAtMs: nowMs,
+            });
+            importedUsers += 1;
+            for (let index = 0; index < legacyUser.workspaces.length; index += 1) {
+                const workspacePath = legacyUser.workspaces[index];
+                insertAssignedWorkspaceStatement.run({
+                    username: legacyUser.username,
+                    workspacePath,
+                    ord: index,
+                });
+                importedAssignedWorkspaces += 1;
+            }
+        }
+        for (const legacyWorkspaceEntry of legacyWorkspaceEntries) {
+            for (let index = 0; index < legacyWorkspaceEntry.workspaceDirs.length; index += 1) {
+                const workspaceDir = legacyWorkspaceEntry.workspaceDirs[index];
+                insertWorkspaceDirStatement.run({
+                    username: legacyWorkspaceEntry.username,
+                    workspaceDir,
+                    ord: index,
+                });
+                importedWorkspaceDirs += 1;
+            }
+        }
+    });
+    return {
+        imported: importedUsers > 0 || importedAssignedWorkspaces > 0 || importedWorkspaceDirs > 0,
+        importedUsers,
+        importedAssignedWorkspaces,
+        importedWorkspaceDirs,
+    };
+}
+//# sourceMappingURL=legacyImport.js.map

package/server/dist/auth/sqlite/legacyImport.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"legacyImport.js","sourceRoot":"","sources":["../../../src/auth/sqlite/legacyImport.ts"],"names":[],"mappings":";;;;;AA8JA,sEA8FC;AA5PD,gEAAkC;AAClC,0DAA6B;AAyC7B;;GAEG;AACH,SAAS,iBAAiB,CAAC,QAAiB;IAC1C,OAAO,MAAM,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;AACvC,CAAC;AAED;;GAEG;AACH,SAAS,aAAa,CAAC,IAAa;IAClC,OAAO,IAAI,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC;AAC/C,CAAC;AAED;;GAEG;AACH,SAAS,2BAA2B,CAAC,UAAmB;IACtD,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;IAC1D,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,MAAM,UAAU,GAAa,EAAE,CAAC;IAChC,KAAK,MAAM,aAAa,IAAI,KAAK,EAAE,CAAC;QAClC,MAAM,oBAAoB,GAAG,MAAM,CAAC,aAAa,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QAChE,IAAI,CAAC,oBAAoB;YAAE,SAAS;QACpC,IAAI,IAAI,CAAC,GAAG,CAAC,oBAAoB,CAAC;YAAE,SAAS;QAC7C,IAAI,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;QAC/B,UAAU,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;IACxC,CAAC;IACD,OAAO,UAAU,CAAC;AACpB,CAAC;AAED;;GAEG;AACH,SAAS,sBAAsB,CAAC,aAAsB;IACpD,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC;IAChE,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,MAAM,UAAU,GAAa,EAAE,CAAC;IAChC,KAAK,MAAM,YAAY,IAAI,KAAK,EAAE,CAAC;QACjC,MAAM,oBAAoB,GAAG,mBAAI,CAAC,OAAO,CAAC,MAAM,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAC7E,IAAI,CAAC,oBAAoB;YAAE,SAAS;QACpC,IAAI,IAAI,CAAC,GAAG,CAAC,oBAAoB,CAAC;YAAE,SAAS;QAC7C,IAAI,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;QAC/B,UAAU,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;IACxC,CAAC;IACD,OAAO,UAAU,CAAC;AACpB,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,oBAAoB,CAAC,QAAgB;IAClD,MAAM,kBAAkB,GAAG,MAAM,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;IACzD,IAAI,CAAC,kBAAkB;QAAE,OAAO,IAAI,CAAC;IAErC,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,kBAAE,CAAC,QAAQ,CAAC,kBAAkB,EAAE,MAAM,CAAC,CAAC;QAC9D,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC7B,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QACpB,IAAI,KAAK,EAAE,IAAI,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;QAC1C,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,eAAe,CAAC,QAAgB;IAC7C,MAAM,GAAG,GAAG,MAAM,oBAAoB,CAAC,QAAQ,CAAC,CAAC;IACjD,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAE,GAAW,EAAE,KAAK,CAAC,CAAC,CAAC,CAAG,GAAW,CAAC,KAAmB,CAAC,CAAC,CAAC,EAAE,CAAC;IAE1F,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,MAAM,eAAe,GAAsB,EAAE,CAAC;IAC9C,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,QAAQ,GAAG,iBAAiB,CAAE,IAAY,EAAE,QAAQ,CAAC,CAAC;QAC5D,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC;YAAE,SAAS;QAE9C,MAAM,YAAY,GAAG,MAAM,CAAE,IAAY,EAAE,YAAY,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QACtE,IAAI,CAAC,YAAY;YAAE,SAAS;QAE5B,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACnB,eAAe,CAAC,IAAI,CAAC;YACnB,QAAQ;YACR,IAAI,EAAE,aAAa,CAAE,IAAY,EAAE,IAAI,CAAC;YACxC,YAAY;YACZ,UAAU,EAAE,2BAA2B,CAAE,IAAY,EAAE,UAAU,CAAC;SACnE,CAAC,CAAC;IACL,CAAC;IACD,OAAO,eAAe,CAAC;AACzB,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,0BAA0B,CAAC,QAAgB;IACxD,MAAM,GAAG,GAAG,MAAM,oBAAoB,CAAC,QAAQ,CAAC,CAAC;IACjD,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAE,GAAW,EAAE,KAAK,CAAC,CAAC,CAAC,CAAG,GAAW,CAAC,KAAmB,CAAC,CAAC,CAAC,EAAE,CAAC;IAE1F,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,MAAM,iBAAiB,GAA2B,EAAE,CAAC;IACrD,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,QAAQ,GAAG,iBAAiB,CAAE,IAAY,EAAE,QAAQ,CAAC,CAAC;QAC5D,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC;YAAE,SAAS;QAE9C,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACnB,iBAAiB,CAAC,IAAI,CAAC;YACrB,QAAQ;YACR,aAAa,EAAE,sBAAsB,CAAE,IAAY,EAAE,aAAa,CAAC;SACpE,CAAC,CAAC;IACL,CAAC;IACD,OAAO,iBAAiB,CAAC;AAC3B,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,6BAA6B,CAAC,OAA4B;IAC9E,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;IAC7B,MAAM,YAAY,GAAG,EAAE,CAAC,OAAO,CAAC,0CAA0C,CAAC,CAAC,GAAG,EAAoC,CAAC;IACpH,MAAM,SAAS,GAAG,MAAM,CAAC,YAAY,EAAE,KAAK,IAAI,CAAC,CAAC,CAAC;IACnD,IAAI,SAAS,GAAG,CAAC,EAAE,CAAC;QAClB,OAAO;YACL,QAAQ,EAAE,KAAK;YACf,aAAa,EAAE,CAAC;YAChB,0BAA0B,EAAE,CAAC;YAC7B,qBAAqB,EAAE,CAAC;SACzB,CAAC;IACJ,CAAC;IAED,MAAM,WAAW,GAAG,MAAM,eAAe,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;IACjE,MAAM,sBAAsB,GAAG,MAAM,0BAA0B,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC;IAChG,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,IAAI,sBAAsB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACpE,OAAO;YACL,QAAQ,EAAE,KAAK;YACf,aAAa,EAAE,CAAC;YAChB,0BAA0B,EAAE,CAAC;YAC7B,qBAAqB,EAAE,CAAC;SACzB,CAAC;IACJ,CAAC;IAED,MAAM,mBAAmB,GAAG,EAAE,CAAC,OAAO,CAAC;;;;;;GAMtC,CAAC,CAAC;IAEH,MAAM,gCAAgC,GAAG,EAAE,CAAC,OAAO,CAAC;;;;;;GAMnD,CAAC,CAAC;IAEH,MAAM,2BAA2B,GAAG,EAAE,CAAC,OAAO,CAAC;;;;;;GAM9C,CAAC,CAAC;IAEH,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACzB,IAAI,aAAa,GAAG,CAAC,CAAC;IACtB,IAAI,0BAA0B,GAAG,CAAC,CAAC;IACnC,IAAI,qBAAqB,GAAG,CAAC,CAAC;IAE9B,OAAO,CAAC,MAAM,CAAC,gBAAgB,CAAC,GAAG,EAAE;QACnC,KAAK,MAAM,UAAU,IAAI,WAAW,EAAE,CAAC;YACrC,mBAAmB,CAAC,GAAG,CAAC;gBACtB,QAAQ,EAAE,UAAU,CAAC,QAAQ;gBAC7B,IAAI,EAAE,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC;gBACpC,YAAY,EAAE,UAAU,CAAC,YAAY;gBACrC,WAAW,EAAE,KAAK;gBAClB,WAAW,EAAE,KAAK;aACnB,CAAC,CAAC;YACH,aAAa,IAAI,CAAC,CAAC;YAEnB,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,UAAU,CAAC,UAAU,CAAC,MAAM,EAAE,KAAK,IAAI,CAAC,EAAE,CAAC;gBACrE,MAAM,aAAa,GAAG,UAAU,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;gBACnD,gCAAgC,CAAC,GAAG,CAAC;oBACnC,QAAQ,EAAE,UAAU,CAAC,QAAQ;oBAC7B,aAAa;oBACb,GAAG,EAAE,KAAK;iBACX,CAAC,CAAC;gBACH,0BAA0B,IAAI,CAAC,CAAC;YAClC,CAAC;QACH,CAAC;QAED,KAAK,MAAM,oBAAoB,IAAI,sBAAsB,EAAE,CAAC;YAC1D,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,oBAAoB,CAAC,aAAa,CAAC,MAAM,EAAE,KAAK,IAAI,CAAC,EAAE,CAAC;gBAClF,MAAM,YAAY,GAAG,oBAAoB,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;gBAC/D,2BAA2B,CAAC,GAAG,CAAC;oBAC9B,QAAQ,EAAE,oBAAoB,CAAC,QAAQ;oBACvC,YAAY;oBACZ,GAAG,EAAE,KAAK;iBACX,CAAC,CAAC;gBACH,qBAAqB,IAAI,CAAC,CAAC;YAC7B,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,QAAQ,EAAE,aAAa,GAAG,CAAC,IAAI,0BAA0B,GAAG,CAAC,IAAI,qBAAqB,GAAG,CAAC;QAC1F,aAAa;QACb,0BAA0B;QAC1B,qBAAqB;KACtB,CAAC;AACJ,CAAC"}

package/server/dist/auth/sqlite/schema.d.ts

@@ -0,0 +1,11 @@
+/**
+ * 仅依赖 `exec` 的 SQLite schema 初始化接口。
+ */
+type SqliteExecDb = {
+    exec: (sql: string) => unknown;
+};
+/**
+ * 初始化认证与工作区设置相关表结构。
+ */
+export declare function applyAuthSchema(db: SqliteExecDb): void;
+export {};

package/server/dist/auth/sqlite/schema.js

@@ -0,0 +1,47 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.applyAuthSchema = applyAuthSchema;
+/**
+ * 初始化认证与工作区设置相关表结构。
+ */
+function applyAuthSchema(db) {
+    db.exec(`
+    PRAGMA journal_mode=WAL;
+    PRAGMA synchronous=NORMAL;
+
+    CREATE TABLE IF NOT EXISTS auth_users (
+      username TEXT PRIMARY KEY,
+      role TEXT NOT NULL,
+      password_hash TEXT NOT NULL,
+      created_at_ms INTEGER NOT NULL,
+      updated_at_ms INTEGER NOT NULL
+    );
+
+    CREATE TABLE IF NOT EXISTS auth_user_assigned_workspaces (
+      username TEXT NOT NULL,
+      workspace_path TEXT NOT NULL,
+      ord INTEGER NOT NULL,
+      PRIMARY KEY(username, workspace_path)
+    );
+
+    CREATE INDEX IF NOT EXISTS idx_auth_assigned_workspaces_username_ord
+      ON auth_user_assigned_workspaces(username, ord);
+
+    CREATE TABLE IF NOT EXISTS auth_user_workspace_dirs (
+      username TEXT NOT NULL,
+      workspace_dir TEXT NOT NULL,
+      ord INTEGER NOT NULL,
+      PRIMARY KEY(username, workspace_dir)
+    );
+
+    CREATE INDEX IF NOT EXISTS idx_auth_workspace_dirs_username_ord
+      ON auth_user_workspace_dirs(username, ord);
+
+    CREATE TABLE IF NOT EXISTS auth_user_settings (
+      username TEXT PRIMARY KEY,
+      settings_json TEXT NOT NULL,
+      updated_at_ms INTEGER NOT NULL
+    );
+  `);
+}
+//# sourceMappingURL=schema.js.map

package/server/dist/auth/sqlite/schema.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"schema.js","sourceRoot":"","sources":["../../../src/auth/sqlite/schema.ts"],"names":[],"mappings":";;AAUA,0CAuCC;AA1CD;;GAEG;AACH,SAAgB,eAAe,CAAC,EAAgB;IAC9C,EAAE,CAAC,IAAI,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAqCP,CAAC,CAAC;AACL,CAAC"}

package/server/dist/auth/sqlite/sqliteUserStore.d.ts

@@ -0,0 +1,12 @@
+import type { UserStore } from "../userStore";
+import type { AuthDb } from "./authDb";
+/**
+ * SQLite 用户仓库创建参数。
+ */
+export type CreateSqliteUserStoreOptions = {
+    authDb: AuthDb;
+};
+/**
+ * 基于 SQLite 创建用户仓库。
+ */
+export declare function createSqliteUserStore(options: CreateSqliteUserStoreOptions): UserStore;

package/server/dist/auth/sqlite/sqliteUserStore.js

@@ -0,0 +1,194 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createSqliteUserStore = createSqliteUserStore;
+const password_1 = require("../password");
+/**
+ * 规范化用户名输入。
+ */
+function normalizeUsername(username) {
+    return String(username ?? "").trim();
+}
+/**
+ * 规范化角色值。
+ */
+function normalizeRole(role) {
+    return role === "admin" ? "admin" : "member";
+}
+/**
+ * 去重并保序地规范化分配工作区列表。
+ */
+function normalizeAssignedWorkspaces(workspaces) {
+    const seen = new Set();
+    const normalized = [];
+    for (const workspacePath of workspaces ?? []) {
+        const trimmedWorkspacePath = String(workspacePath ?? "").trim();
+        if (!trimmedWorkspacePath)
+            continue;
+        if (seen.has(trimmedWorkspacePath))
+            continue;
+        seen.add(trimmedWorkspacePath);
+        normalized.push(trimmedWorkspacePath);
+    }
+    return normalized;
+}
+/**
+ * 将数据库行映射为服务端用户结构。
+ */
+function toStoredUser(userRow, workspaces) {
+    return {
+        username: userRow.username,
+        role: normalizeRole(userRow.role),
+        passwordHash: userRow.password_hash,
+        workspaces,
+    };
+}
+/**
+ * 基于 SQLite 创建用户仓库。
+ */
+function createSqliteUserStore(options) {
+    const db = options.authDb.db;
+    const runInTransaction = options.authDb.runInTransaction;
+    const insertUserStatement = db.prepare(`
+    INSERT INTO auth_users (
+      username, role, password_hash, created_at_ms, updated_at_ms
+    ) VALUES (
+      @username, @role, @passwordHash, @createdAtMs, @updatedAtMs
+    )
+  `);
+    const getUserByUsernameStatement = db.prepare(`
+    SELECT username, role, password_hash
+    FROM auth_users
+    WHERE username = ?
+    LIMIT 1
+  `);
+    const listUsersStatement = db.prepare(`
+    SELECT username, role, password_hash
+    FROM auth_users
+    ORDER BY username ASC
+  `);
+    const updatePasswordStatement = db.prepare(`
+    UPDATE auth_users
+    SET password_hash = @passwordHash, updated_at_ms = @updatedAtMs
+    WHERE username = @username
+  `);
+    const deleteAssignedWorkspacesStatement = db.prepare(`
+    DELETE FROM auth_user_assigned_workspaces
+    WHERE username = ?
+  `);
+    const insertAssignedWorkspaceStatement = db.prepare(`
+    INSERT OR REPLACE INTO auth_user_assigned_workspaces (
+      username, workspace_path, ord
+    ) VALUES (
+      @username, @workspacePath, @ord
+    )
+  `);
+    const listAssignedWorkspacesByUsernameStatement = db.prepare(`
+    SELECT username, workspace_path
+    FROM auth_user_assigned_workspaces
+    WHERE username = ?
+    ORDER BY ord ASC
+  `);
+    const listAllAssignedWorkspacesStatement = db.prepare(`
+    SELECT username, workspace_path
+    FROM auth_user_assigned_workspaces
+    ORDER BY username ASC, ord ASC
+  `);
+    const getStoredUserSync = (username) => {
+        const userRow = getUserByUsernameStatement.get(username);
+        if (!userRow)
+            return null;
+        const workspaceRows = listAssignedWorkspacesByUsernameStatement.all(username);
+        const workspaces = workspaceRows.map((workspaceRow) => workspaceRow.workspace_path);
+        return toStoredUser(userRow, workspaces);
+    };
+    return {
+        async createUser(input) {
+            const username = normalizeUsername(input.username);
+            if (!username)
+                throw new Error("username is required");
+            const password = String(input.password ?? "");
+            if (!password)
+                throw new Error("password is required");
+            const existingUser = getUserByUsernameStatement.get(username);
+            if (existingUser)
+                throw new Error("username already exists");
+            const nowMs = Date.now();
+            const passwordHash = await (0, password_1.hashPassword)(password);
+            insertUserStatement.run({
+                username,
+                role: normalizeRole(input.role),
+                passwordHash,
+                createdAtMs: nowMs,
+                updatedAtMs: nowMs,
+            });
+            return {
+                username,
+                role: normalizeRole(input.role),
+                passwordHash,
+                workspaces: [],
+            };
+        },
+        async getUserByUsername(usernameRaw) {
+            const username = normalizeUsername(usernameRaw);
+            if (!username)
+                return null;
+            return getStoredUserSync(username);
+        },
+        async setUserPassword(usernameRaw, passwordRaw) {
+            const username = normalizeUsername(usernameRaw);
+            if (!username)
+                throw new Error("username is required");
+            const password = String(passwordRaw ?? "");
+            if (!password)
+                throw new Error("password is required");
+            const passwordHash = await (0, password_1.hashPassword)(password);
+            const result = updatePasswordStatement.run({
+                username,
+                passwordHash,
+                updatedAtMs: Date.now(),
+            });
+            if (Number(result.changes ?? 0) <= 0)
+                throw new Error("user not found");
+            const updatedUser = getStoredUserSync(username);
+            if (!updatedUser)
+                throw new Error("user not found");
+            return updatedUser;
+        },
+        async assignWorkspaces(usernameRaw, workspaces) {
+            const username = normalizeUsername(usernameRaw);
+            if (!username)
+                throw new Error("username is required");
+            const existingUser = getUserByUsernameStatement.get(username);
+            if (!existingUser)
+                throw new Error("user not found");
+            const normalizedWorkspaces = normalizeAssignedWorkspaces(workspaces);
+            runInTransaction(() => {
+                deleteAssignedWorkspacesStatement.run(username);
+                for (let index = 0; index < normalizedWorkspaces.length; index += 1) {
+                    const workspacePath = normalizedWorkspaces[index];
+                    insertAssignedWorkspaceStatement.run({
+                        username,
+                        workspacePath,
+                        ord: index,
+                    });
+                }
+            });
+            const updatedUser = getStoredUserSync(username);
+            if (!updatedUser)
+                throw new Error("user not found");
+            return updatedUser;
+        },
+        async listUsers() {
+            const userRows = listUsersStatement.all();
+            const workspaceRows = listAllAssignedWorkspacesStatement.all();
+            const workspacesByUsername = new Map();
+            for (const workspaceRow of workspaceRows) {
+                const currentWorkspaces = workspacesByUsername.get(workspaceRow.username) ?? [];
+                currentWorkspaces.push(workspaceRow.workspace_path);
+                workspacesByUsername.set(workspaceRow.username, currentWorkspaces);
+            }
+            return userRows.map((userRow) => toStoredUser(userRow, workspacesByUsername.get(userRow.username) ?? []));
+        },
+    };
+}
+//# sourceMappingURL=sqliteUserStore.js.map

package/server/dist/auth/sqlite/sqliteUserStore.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sqliteUserStore.js","sourceRoot":"","sources":["../../../src/auth/sqlite/sqliteUserStore.ts"],"names":[],"mappings":";;AA0EA,sDA+JC;AAzOD,0CAA2C;AA6B3C;;GAEG;AACH,SAAS,iBAAiB,CAAC,QAAgB;IACzC,OAAO,MAAM,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;AACvC,CAAC;AAED;;GAEG;AACH,SAAS,aAAa,CAAC,IAAc;IACnC,OAAO,IAAI,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC;AAC/C,CAAC;AAED;;GAEG;AACH,SAAS,2BAA2B,CAAC,UAAoB;IACvD,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,MAAM,UAAU,GAAa,EAAE,CAAC;IAChC,KAAK,MAAM,aAAa,IAAI,UAAU,IAAI,EAAE,EAAE,CAAC;QAC7C,MAAM,oBAAoB,GAAG,MAAM,CAAC,aAAa,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QAChE,IAAI,CAAC,oBAAoB;YAAE,SAAS;QACpC,IAAI,IAAI,CAAC,GAAG,CAAC,oBAAoB,CAAC;YAAE,SAAS;QAC7C,IAAI,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;QAC/B,UAAU,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;IACxC,CAAC;IACD,OAAO,UAAU,CAAC;AACpB,CAAC;AAED;;GAEG;AACH,SAAS,YAAY,CAAC,OAAgB,EAAE,UAAoB;IAC1D,OAAO;QACL,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,IAAI,EAAE,aAAa,CAAC,OAAO,CAAC,IAAgB,CAAC;QAC7C,YAAY,EAAE,OAAO,CAAC,aAAa;QACnC,UAAU;KACX,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAgB,qBAAqB,CAAC,OAAqC;IACzE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;IAC7B,MAAM,gBAAgB,GAAG,OAAO,CAAC,MAAM,CAAC,gBAAgB,CAAC;IAEzD,MAAM,mBAAmB,GAAG,EAAE,CAAC,OAAO,CAAC;;;;;;GAMtC,CAAC,CAAC;IAEH,MAAM,0BAA0B,GAAG,EAAE,CAAC,OAAO,CAAC;;;;;GAK7C,CAAC,CAAC;IAEH,MAAM,kBAAkB,GAAG,EAAE,CAAC,OAAO,CAAC;;;;GAIrC,CAAC,CAAC;IAEH,MAAM,uBAAuB,GAAG,EAAE,CAAC,OAAO,CAAC;;;;GAI1C,CAAC,CAAC;IAEH,MAAM,iCAAiC,GAAG,EAAE,CAAC,OAAO,CAAC;;;GAGpD,CAAC,CAAC;IAEH,MAAM,gCAAgC,GAAG,EAAE,CAAC,OAAO,CAAC;;;;;;GAMnD,CAAC,CAAC;IAEH,MAAM,yCAAyC,GAAG,EAAE,CAAC,OAAO,CAAC;;;;;GAK5D,CAAC,CAAC;IAEH,MAAM,kCAAkC,GAAG,EAAE,CAAC,OAAO,CAAC;;;;GAIrD,CAAC,CAAC;IAEH,MAAM,iBAAiB,GAAG,CAAC,QAAgB,EAAqB,EAAE;QAChE,MAAM,OAAO,GAAG,0BAA0B,CAAC,GAAG,CAAC,QAAQ,CAAwB,CAAC;QAChF,IAAI,CAAC,OAAO;YAAE,OAAO,IAAI,CAAC;QAC1B,MAAM,aAAa,GAAG,yCAAyC,CAAC,GAAG,CAAC,QAAQ,CAA2B,CAAC;QACxG,MAAM,UAAU,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC,YAAY,EAAE,EAAE,CAAC,YAAY,CAAC,cAAc,CAAC,CAAC;QACpF,OAAO,YAAY,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;IAC3C,CAAC,CAAC;IAEF,OAAO;QACL,KAAK,CAAC,UAAU,CAAC,KAAsB;YACrC,MAAM,QAAQ,GAAG,iBAAiB,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;YACnD,IAAI,CAAC,QAAQ;gBAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;YAEvD,MAAM,QAAQ,GAAG,MAAM,CAAC,KAAK,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC;YAC9C,IAAI,CAAC,QAAQ;gBAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;YAEvD,MAAM,YAAY,GAAG,0BAA0B,CAAC,GAAG,CAAC,QAAQ,CAAwB,CAAC;YACrF,IAAI,YAAY;gBAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;YAE7D,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACzB,MAAM,YAAY,GAAG,MAAM,IAAA,uBAAY,EAAC,QAAQ,CAAC,CAAC;YAClD,mBAAmB,CAAC,GAAG,CAAC;gBACtB,QAAQ;gBACR,IAAI,EAAE,aAAa,CAAC,KAAK,CAAC,IAAI,CAAC;gBAC/B,YAAY;gBACZ,WAAW,EAAE,KAAK;gBAClB,WAAW,EAAE,KAAK;aACnB,CAAC,CAAC;YAEH,OAAO;gBACL,QAAQ;gBACR,IAAI,EAAE,aAAa,CAAC,KAAK,CAAC,IAAI,CAAC;gBAC/B,YAAY;gBACZ,UAAU,EAAE,EAAE;aACf,CAAC;QACJ,CAAC;QAED,KAAK,CAAC,iBAAiB,CAAC,WAAmB;YACzC,MAAM,QAAQ,GAAG,iBAAiB,CAAC,WAAW,CAAC,CAAC;YAChD,IAAI,CAAC,QAAQ;gBAAE,OAAO,IAAI,CAAC;YAC3B,OAAO,iBAAiB,CAAC,QAAQ,CAAC,CAAC;QACrC,CAAC;QAED,KAAK,CAAC,eAAe,CAAC,WAAmB,EAAE,WAAmB;YAC5D,MAAM,QAAQ,GAAG,iBAAiB,CAAC,WAAW,CAAC,CAAC;YAChD,IAAI,CAAC,QAAQ;gBAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;YAEvD,MAAM,QAAQ,GAAG,MAAM,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC;YAC3C,IAAI,CAAC,QAAQ;gBAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;YAEvD,MAAM,YAAY,GAAG,MAAM,IAAA,uBAAY,EAAC,QAAQ,CAAC,CAAC;YAClD,MAAM,MAAM,GAAG,uBAAuB,CAAC,GAAG,CAAC;gBACzC,QAAQ;gBACR,YAAY;gBACZ,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE;aACxB,CAAC,CAAC;YACH,IAAI,MAAM,CAAC,MAAM,CAAC,OAAO,IAAI,CAAC,CAAC,IAAI,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;YAExE,MAAM,WAAW,GAAG,iBAAiB,CAAC,QAAQ,CAAC,CAAC;YAChD,IAAI,CAAC,WAAW;gBAAE,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;YACpD,OAAO,WAAW,CAAC;QACrB,CAAC;QAED,KAAK,CAAC,gBAAgB,CAAC,WAAmB,EAAE,UAAoB;YAC9D,MAAM,QAAQ,GAAG,iBAAiB,CAAC,WAAW,CAAC,CAAC;YAChD,IAAI,CAAC,QAAQ;gBAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;YAEvD,MAAM,YAAY,GAAG,0BAA0B,CAAC,GAAG,CAAC,QAAQ,CAAwB,CAAC;YACrF,IAAI,CAAC,YAAY;gBAAE,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;YAErD,MAAM,oBAAoB,GAAG,2BAA2B,CAAC,UAAU,CAAC,CAAC;YACrE,gBAAgB,CAAC,GAAG,EAAE;gBACpB,iCAAiC,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;gBAChD,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,oBAAoB,CAAC,MAAM,EAAE,KAAK,IAAI,CAAC,EAAE,CAAC;oBACpE,MAAM,aAAa,GAAG,oBAAoB,CAAC,KAAK,CAAC,CAAC;oBAClD,gCAAgC,CAAC,GAAG,CAAC;wBACnC,QAAQ;wBACR,aAAa;wBACb,GAAG,EAAE,KAAK;qBACX,CAAC,CAAC;gBACL,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,MAAM,WAAW,GAAG,iBAAiB,CAAC,QAAQ,CAAC,CAAC;YAChD,IAAI,CAAC,WAAW;gBAAE,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;YACpD,OAAO,WAAW,CAAC;QACrB,CAAC;QAED,KAAK,CAAC,SAAS;YACb,MAAM,QAAQ,GAAG,kBAAkB,CAAC,GAAG,EAAe,CAAC;YACvD,MAAM,aAAa,GAAG,kCAAkC,CAAC,GAAG,EAA4B,CAAC;YAEzF,MAAM,oBAAoB,GAAG,IAAI,GAAG,EAAoB,CAAC;YACzD,KAAK,MAAM,YAAY,IAAI,aAAa,EAAE,CAAC;gBACzC,MAAM,iBAAiB,GAAG,oBAAoB,CAAC,GAAG,CAAC,YAAY,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;gBAChF,iBAAiB,CAAC,IAAI,CAAC,YAAY,CAAC,cAAc,CAAC,CAAC;gBACpD,oBAAoB,CAAC,GAAG,CAAC,YAAY,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;YACrE,CAAC;YAED,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,oBAAoB,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;QAC5G,CAAC;KACF,CAAC;AACJ,CAAC"}

package/server/dist/auth/userStore.d.ts

@@ -0,0 +1,19 @@
+import { type AuthDb } from "./sqlite/authDb";
+import type { CreateUserInput, StoredUser } from "./userTypes";
+export type UserStore = {
+    createUser(input: CreateUserInput): Promise<StoredUser>;
+    getUserByUsername(username: string): Promise<StoredUser | null>;
+    setUserPassword(username: string, password: string): Promise<StoredUser>;
+    assignWorkspaces(username: string, workspaces: string[]): Promise<StoredUser>;
+    listUsers(): Promise<StoredUser[]>;
+};
+type CreateUserStoreOptions = {
+    filePath?: string;
+    dbPath?: string;
+    authDb?: AuthDb;
+};
+/**
+ * 创建用户仓库（当前默认使用 SQLite）。
+ */
+export declare function createUserStore(opts: CreateUserStoreOptions): Promise<UserStore>;
+export {};

package/server/dist/auth/userStore.js

@@ -0,0 +1,26 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createUserStore = createUserStore;
+const node_path_1 = __importDefault(require("node:path"));
+const authDb_1 = require("./sqlite/authDb");
+const sqliteUserStore_1 = require("./sqlite/sqliteUserStore");
+/**
+ * 解析 user store 的 SQLite 路径。
+ */
+function resolveUserStoreDbPath(opts) {
+    const rawDbPath = String(opts.dbPath ?? opts.filePath ?? "").trim();
+    if (!rawDbPath)
+        throw new Error("user store dbPath is required");
+    return node_path_1.default.resolve(rawDbPath);
+}
+/**
+ * 创建用户仓库（当前默认使用 SQLite）。
+ */
+async function createUserStore(opts) {
+    const authDb = opts.authDb ?? (0, authDb_1.createAuthDb)({ dbPath: resolveUserStoreDbPath(opts) });
+    return (0, sqliteUserStore_1.createSqliteUserStore)({ authDb });
+}
+//# sourceMappingURL=userStore.js.map

package/server/dist/auth/userStore.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"userStore.js","sourceRoot":"","sources":["../../src/auth/userStore.ts"],"names":[],"mappings":";;;;;AAuCA,0CAGC;AA1CD,0DAA6B;AAC7B,4CAA4D;AAC5D,8DAAiE;AAyBjE;;GAEG;AACH,SAAS,sBAAsB,CAAC,IAA4B;IAC1D,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;IACpE,IAAI,CAAC,SAAS;QAAE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;IACjE,OAAO,mBAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;AACjC,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,eAAe,CAAC,IAA4B;IAChE,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,IAAI,IAAA,qBAAY,EAAC,EAAE,MAAM,EAAE,sBAAsB,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACrF,OAAO,IAAA,uCAAqB,EAAC,EAAE,MAAM,EAAE,CAAC,CAAC;AAC3C,CAAC"}

package/server/dist/auth/userTypes.d.ts

@@ -0,0 +1,13 @@
+export type UserRole = "admin" | "member";
+export type StoredUser = {
+    username: string;
+    role: UserRole;
+    passwordHash: string;
+    workspaces: string[];
+};
+export type CreateUserInput = {
+    username: string;
+    password: string;
+    role: UserRole;
+};
+export type PublicUser = Omit<StoredUser, "passwordHash">;

package/server/dist/auth/userTypes.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=userTypes.js.map

package/server/dist/auth/userTypes.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"userTypes.js","sourceRoot":"","sources":["../../src/auth/userTypes.ts"],"names":[],"mappings":""}