@vonosan/auth 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/__tests__/passkey.test.d.ts +11 -0
- package/dist/__tests__/passkey.test.d.ts.map +1 -0
- package/dist/__tests__/passkey.test.js +87 -0
- package/dist/__tests__/passkey.test.js.map +1 -0
- package/dist/composables/useAuth.d.ts +43 -0
- package/dist/composables/useAuth.d.ts.map +1 -0
- package/dist/composables/useAuth.js +133 -0
- package/dist/composables/useAuth.js.map +1 -0
- package/dist/composables/usePasskey.d.ts +72 -0
- package/dist/composables/usePasskey.d.ts.map +1 -0
- package/dist/composables/usePasskey.js +289 -0
- package/dist/composables/usePasskey.js.map +1 -0
- package/dist/index.d.ts +29 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +37 -0
- package/dist/index.js.map +1 -0
- package/dist/lib/jwt.d.ts +30 -0
- package/dist/lib/jwt.d.ts.map +1 -0
- package/dist/lib/jwt.js +43 -0
- package/dist/lib/jwt.js.map +1 -0
- package/dist/lib/otp.d.ts +23 -0
- package/dist/lib/otp.d.ts.map +1 -0
- package/dist/lib/otp.js +50 -0
- package/dist/lib/otp.js.map +1 -0
- package/dist/lib/passkey.d.ts +139 -0
- package/dist/lib/passkey.d.ts.map +1 -0
- package/dist/lib/passkey.js +401 -0
- package/dist/lib/passkey.js.map +1 -0
- package/dist/lib/password.d.ts +20 -0
- package/dist/lib/password.d.ts.map +1 -0
- package/dist/lib/password.js +77 -0
- package/dist/lib/password.js.map +1 -0
- package/dist/middleware/auth.middleware.d.ts +50 -0
- package/dist/middleware/auth.middleware.d.ts.map +1 -0
- package/dist/middleware/auth.middleware.js +194 -0
- package/dist/middleware/auth.middleware.js.map +1 -0
- package/dist/passkey-schema.d.ts +375 -0
- package/dist/passkey-schema.d.ts.map +1 -0
- package/dist/passkey-schema.js +63 -0
- package/dist/passkey-schema.js.map +1 -0
- package/dist/routes/auth.routes.d.ts +16 -0
- package/dist/routes/auth.routes.d.ts.map +1 -0
- package/dist/routes/auth.routes.js +81 -0
- package/dist/routes/auth.routes.js.map +1 -0
- package/dist/routes/passkey.routes.d.ts +16 -0
- package/dist/routes/passkey.routes.d.ts.map +1 -0
- package/dist/routes/passkey.routes.js +127 -0
- package/dist/routes/passkey.routes.js.map +1 -0
- package/dist/schema.d.ts +547 -0
- package/dist/schema.d.ts.map +1 -0
- package/dist/schema.js +81 -0
- package/dist/schema.js.map +1 -0
- package/dist/service/auth.service.d.ts +73 -0
- package/dist/service/auth.service.d.ts.map +1 -0
- package/dist/service/auth.service.js +249 -0
- package/dist/service/auth.service.js.map +1 -0
- package/dist/service/passkey.service.d.ts +65 -0
- package/dist/service/passkey.service.d.ts.map +1 -0
- package/dist/service/passkey.service.js +202 -0
- package/dist/service/passkey.service.js.map +1 -0
- package/package.json +49 -0
|
@@ -0,0 +1,194 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* ──────────────────────────────────────────────────────────────────
|
|
3
|
+
* 🏢 Company Name: Bonifade Technologies
|
|
4
|
+
* 👨💻 Developer: Bowofade Oyerinde
|
|
5
|
+
* 🐙 GitHub: oyenet1
|
|
6
|
+
* 📅 Created Date: 2026-04-05
|
|
7
|
+
* 🔄 Updated Date: 2026-04-05
|
|
8
|
+
* ──────────────────────────────────────────────────────────────────
|
|
9
|
+
*/
|
|
10
|
+
import { createMiddleware } from 'hono/factory';
|
|
11
|
+
import { HTTPException } from 'hono/http-exception';
|
|
12
|
+
import { Logger } from 'vonosan/server';
|
|
13
|
+
import { verifyToken } from '../lib/jwt.js';
|
|
14
|
+
import { accounts, apiKeys } from '../schema.js';
|
|
15
|
+
import { eq } from 'drizzle-orm';
|
|
16
|
+
// ─── authMiddleware ───────────────────────────────────────────────────────────
|
|
17
|
+
/**
|
|
18
|
+
* `authMiddleware` — verifies the Bearer JWT, loads the account from DB,
|
|
19
|
+
* and sets `c.var.account`. Returns 401 on missing/invalid token.
|
|
20
|
+
*/
|
|
21
|
+
export const authMiddleware = createMiddleware(async (c, next) => {
|
|
22
|
+
const authHeader = c.req.header('Authorization');
|
|
23
|
+
if (!authHeader?.startsWith('Bearer ')) {
|
|
24
|
+
throw new HTTPException(401, { message: 'Unauthorized: missing token' });
|
|
25
|
+
}
|
|
26
|
+
const token = authHeader.slice(7);
|
|
27
|
+
const config = c.var.config;
|
|
28
|
+
const payload = await verifyToken(token, config.JWT_SECRET);
|
|
29
|
+
if (!payload) {
|
|
30
|
+
throw new HTTPException(401, { message: 'Unauthorized: invalid or expired token' });
|
|
31
|
+
}
|
|
32
|
+
if (!payload.sub) {
|
|
33
|
+
throw new HTTPException(401, { message: 'Unauthorized: invalid token subject' });
|
|
34
|
+
}
|
|
35
|
+
const db = c.var.db;
|
|
36
|
+
// Load account from DB to get current roles/status
|
|
37
|
+
const [account] = await db.select().from(accounts).where(eq(accounts.id, payload.sub)).limit(1);
|
|
38
|
+
if (!account || account.status !== 'active') {
|
|
39
|
+
throw new HTTPException(401, { message: 'Unauthorized: account not found or inactive' });
|
|
40
|
+
}
|
|
41
|
+
c.set('account', {
|
|
42
|
+
id: account.id,
|
|
43
|
+
email: account.email,
|
|
44
|
+
username: account.username,
|
|
45
|
+
currentRole: account.current_role,
|
|
46
|
+
roles: [account.current_role],
|
|
47
|
+
status: account.status,
|
|
48
|
+
language: account.language,
|
|
49
|
+
});
|
|
50
|
+
await next();
|
|
51
|
+
});
|
|
52
|
+
// ─── optionalAuthMiddleware ───────────────────────────────────────────────────
|
|
53
|
+
/**
|
|
54
|
+
* `optionalAuthMiddleware` — silently continues as guest on invalid/missing token.
|
|
55
|
+
* Does not set `c.var.account` if authentication fails.
|
|
56
|
+
*/
|
|
57
|
+
export const optionalAuthMiddleware = createMiddleware(async (c, next) => {
|
|
58
|
+
try {
|
|
59
|
+
const authHeader = c.req.header('Authorization');
|
|
60
|
+
if (authHeader?.startsWith('Bearer ')) {
|
|
61
|
+
const token = authHeader.slice(7);
|
|
62
|
+
const config = c.var.config;
|
|
63
|
+
const payload = await verifyToken(token, config.JWT_SECRET);
|
|
64
|
+
if (payload) {
|
|
65
|
+
if (!payload.sub) {
|
|
66
|
+
await next();
|
|
67
|
+
return;
|
|
68
|
+
}
|
|
69
|
+
const db = c.var.db;
|
|
70
|
+
const [account] = await db
|
|
71
|
+
.select()
|
|
72
|
+
.from(accounts)
|
|
73
|
+
.where(eq(accounts.id, payload.sub))
|
|
74
|
+
.limit(1);
|
|
75
|
+
if (account && account.status === 'active') {
|
|
76
|
+
c.set('account', {
|
|
77
|
+
id: account.id,
|
|
78
|
+
email: account.email,
|
|
79
|
+
username: account.username,
|
|
80
|
+
currentRole: account.current_role,
|
|
81
|
+
roles: [account.current_role],
|
|
82
|
+
status: account.status,
|
|
83
|
+
language: account.language,
|
|
84
|
+
});
|
|
85
|
+
}
|
|
86
|
+
}
|
|
87
|
+
}
|
|
88
|
+
}
|
|
89
|
+
catch (err) {
|
|
90
|
+
Logger.debug('[auth] optionalAuthMiddleware: silent failure', { error: String(err) });
|
|
91
|
+
}
|
|
92
|
+
await next();
|
|
93
|
+
});
|
|
94
|
+
// ─── Role guards ──────────────────────────────────────────────────────────────
|
|
95
|
+
/**
|
|
96
|
+
* `isAdmin` — 403 if the authenticated user is not admin or superadmin.
|
|
97
|
+
* Must be used after `authMiddleware`.
|
|
98
|
+
*/
|
|
99
|
+
export const isAdmin = createMiddleware(async (c, next) => {
|
|
100
|
+
const account = c.var.account;
|
|
101
|
+
if (!account) {
|
|
102
|
+
throw new HTTPException(401, { message: 'Unauthorized' });
|
|
103
|
+
}
|
|
104
|
+
if (!['admin', 'superadmin'].includes(account.currentRole)) {
|
|
105
|
+
throw new HTTPException(403, { message: 'Forbidden: admin access required' });
|
|
106
|
+
}
|
|
107
|
+
await next();
|
|
108
|
+
});
|
|
109
|
+
/**
|
|
110
|
+
* `isSuperAdmin` — 403 if the authenticated user is not superadmin.
|
|
111
|
+
* Must be used after `authMiddleware`.
|
|
112
|
+
*/
|
|
113
|
+
export const isSuperAdmin = createMiddleware(async (c, next) => {
|
|
114
|
+
const account = c.var.account;
|
|
115
|
+
if (!account) {
|
|
116
|
+
throw new HTTPException(401, { message: 'Unauthorized' });
|
|
117
|
+
}
|
|
118
|
+
if (account.currentRole !== 'superadmin') {
|
|
119
|
+
throw new HTTPException(403, { message: 'Forbidden: superadmin access required' });
|
|
120
|
+
}
|
|
121
|
+
await next();
|
|
122
|
+
});
|
|
123
|
+
// ─── apiKeyOrJwtMiddleware ────────────────────────────────────────────────────
|
|
124
|
+
/**
|
|
125
|
+
* `apiKeyOrJwtMiddleware` — accepts either a Bearer JWT or a `vono_*` API key.
|
|
126
|
+
* Sets `c.var.account` on success; returns 401 on failure.
|
|
127
|
+
*/
|
|
128
|
+
export const apiKeyOrJwtMiddleware = createMiddleware(async (c, next) => {
|
|
129
|
+
const authHeader = c.req.header('Authorization');
|
|
130
|
+
const config = c.var.config;
|
|
131
|
+
const db = c.var.db;
|
|
132
|
+
// Try API key first (vono_ prefix)
|
|
133
|
+
if (authHeader?.startsWith('Bearer vono_')) {
|
|
134
|
+
const rawKey = authHeader.slice(7);
|
|
135
|
+
// Hash the key for lookup
|
|
136
|
+
const { hashOtp } = await import('../lib/otp.js');
|
|
137
|
+
const keyHash = await hashOtp(rawKey);
|
|
138
|
+
const [keyRow] = await db.select().from(apiKeys).where(eq(apiKeys.key_hash, keyHash)).limit(1);
|
|
139
|
+
if (!keyRow) {
|
|
140
|
+
throw new HTTPException(401, { message: 'Unauthorized: invalid API key' });
|
|
141
|
+
}
|
|
142
|
+
const [account] = await db
|
|
143
|
+
.select()
|
|
144
|
+
.from(accounts)
|
|
145
|
+
.where(eq(accounts.id, keyRow.account_id))
|
|
146
|
+
.limit(1);
|
|
147
|
+
if (!account || account.status !== 'active') {
|
|
148
|
+
throw new HTTPException(401, { message: 'Unauthorized: account inactive' });
|
|
149
|
+
}
|
|
150
|
+
// Update last_used_at asynchronously (fire-and-forget)
|
|
151
|
+
db.update(apiKeys)
|
|
152
|
+
.set({ last_used_at: new Date() })
|
|
153
|
+
.where(eq(apiKeys.id, keyRow.id))
|
|
154
|
+
.execute()
|
|
155
|
+
.catch((err) => Logger.warn('[auth] Failed to update api key last_used_at', { error: String(err) }));
|
|
156
|
+
c.set('account', {
|
|
157
|
+
id: account.id,
|
|
158
|
+
email: account.email,
|
|
159
|
+
username: account.username,
|
|
160
|
+
currentRole: account.current_role,
|
|
161
|
+
roles: [account.current_role],
|
|
162
|
+
status: account.status,
|
|
163
|
+
language: account.language,
|
|
164
|
+
});
|
|
165
|
+
return next();
|
|
166
|
+
}
|
|
167
|
+
// Fall back to JWT
|
|
168
|
+
if (authHeader?.startsWith('Bearer ')) {
|
|
169
|
+
const token = authHeader.slice(7);
|
|
170
|
+
const payload = await verifyToken(token, config.JWT_SECRET);
|
|
171
|
+
if (!payload) {
|
|
172
|
+
throw new HTTPException(401, { message: 'Unauthorized: invalid token' });
|
|
173
|
+
}
|
|
174
|
+
if (!payload.sub) {
|
|
175
|
+
throw new HTTPException(401, { message: 'Unauthorized: invalid token subject' });
|
|
176
|
+
}
|
|
177
|
+
const [account] = await db.select().from(accounts).where(eq(accounts.id, payload.sub)).limit(1);
|
|
178
|
+
if (!account || account.status !== 'active') {
|
|
179
|
+
throw new HTTPException(401, { message: 'Unauthorized: account not found' });
|
|
180
|
+
}
|
|
181
|
+
c.set('account', {
|
|
182
|
+
id: account.id,
|
|
183
|
+
email: account.email,
|
|
184
|
+
username: account.username,
|
|
185
|
+
currentRole: account.current_role,
|
|
186
|
+
roles: [account.current_role],
|
|
187
|
+
status: account.status,
|
|
188
|
+
language: account.language,
|
|
189
|
+
});
|
|
190
|
+
return next();
|
|
191
|
+
}
|
|
192
|
+
throw new HTTPException(401, { message: 'Unauthorized: no credentials provided' });
|
|
193
|
+
});
|
|
194
|
+
//# sourceMappingURL=auth.middleware.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth.middleware.js","sourceRoot":"","sources":["../../src/middleware/auth.middleware.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAA;AAC/C,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAA;AAEnD,OAAO,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAA;AACvC,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAA;AAC3C,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,cAAc,CAAA;AAChD,OAAO,EAAE,EAAE,EAAE,MAAM,aAAa,CAAA;AAQhC,iFAAiF;AAEjF;;;GAGG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG,gBAAgB,CAC5C,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;IAChB,MAAM,UAAU,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,CAAA;IAChD,IAAI,CAAC,UAAU,EAAE,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QACvC,MAAM,IAAI,aAAa,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,6BAA6B,EAAE,CAAC,CAAA;IAC1E,CAAC;IAED,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;IACjC,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAA;IAC3B,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,KAAK,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;IAE3D,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,aAAa,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,wCAAwC,EAAE,CAAC,CAAA;IACrF,CAAC;IAED,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;QACjB,MAAM,IAAI,aAAa,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,qCAAqC,EAAE,CAAC,CAAA;IAClF,CAAC;IAED,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,EAAY,CAAA;IAE7B,mDAAmD;IACnD,MAAM,CAAC,OAAO,CAAC,GAAG,MAAM,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,QAAQ,CAAC,EAAE,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;IAE/F,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;QAC5C,MAAM,IAAI,aAAa,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,6CAA6C,EAAE,CAAC,CAAA;IAC1F,CAAC;IAED,CAAC,CAAC,GAAG,CAAC,SAAS,EAAE;QACf,EAAE,EAAE,OAAO,CAAC,EAAE;QACd,KAAK,EAAE,OAAO,CAAC,KAAK;QACpB,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,WAAW,EAAE,OAAO,CAAC,YAA0C;QAC/D,KAAK,EAAE,CAAC,OAAO,CAAC,YAA0C,CAAC;QAC3D,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,QAAQ,EAAE,OAAO,CAAC,QAAQ;KAC3B,CAAC,CAAA;IAEF,MAAM,IAAI,EAAE,CAAA;AACd,CAAC,CACF,CAAA;AAED,iFAAiF;AAEjF;;;GAGG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAG,gBAAgB,CACpD,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;IAChB,IAAI,CAAC;QACH,MAAM,UAAU,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,CAAA;QAChD,IAAI,UAAU,EAAE,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YACtC,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;YACjC,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAA;YAC3B,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,KAAK,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;YAE3D,IAAI,OAAO,EAAE,CAAC;gBACZ,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;oBACjB,MAAM,IAAI,EAAE,CAAA;oBACZ,OAAM;gBACR,CAAC;gBAED,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,EAAY,CAAA;gBAC7B,MAAM,CAAC,OAAO,CAAC,GAAG,MAAM,EAAE;qBACvB,MAAM,EAAE;qBACR,IAAI,CAAC,QAAQ,CAAC;qBACd,KAAK,CAAC,EAAE,CAAC,QAAQ,CAAC,EAAE,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC;qBACnC,KAAK,CAAC,CAAC,CAAC,CAAA;gBAEX,IAAI,OAAO,IAAI,OAAO,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;oBAC3C,CAAC,CAAC,GAAG,CAAC,SAAS,EAAE;wBACf,EAAE,EAAE,OAAO,CAAC,EAAE;wBACd,KAAK,EAAE,OAAO,CAAC,KAAK;wBACpB,QAAQ,EAAE,OAAO,CAAC,QAAQ;wBAC1B,WAAW,EAAE,OAAO,CAAC,YAA0C;wBAC/D,KAAK,EAAE,CAAC,OAAO,CAAC,YAA0C,CAAC;wBAC3D,MAAM,EAAE,OAAO,CAAC,MAAM;wBACtB,QAAQ,EAAE,OAAO,CAAC,QAAQ;qBAC3B,CAAC,CAAA;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,CAAC,KAAK,CAAC,+CAA+C,EAAE,EAAE,KAAK,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;IACvF,CAAC;IAED,MAAM,IAAI,EAAE,CAAA;AACd,CAAC,CACF,CAAA;AAED,iFAAiF;AAEjF;;;GAGG;AACH,MAAM,CAAC,MAAM,OAAO,GAAG,gBAAgB,CAA+B,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;IACtF,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,OAAO,CAAA;IAC7B,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,aAAa,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,cAAc,EAAE,CAAC,CAAA;IAC3D,CAAC;IACD,IAAI,CAAC,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;QAC3D,MAAM,IAAI,aAAa,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,kCAAkC,EAAE,CAAC,CAAA;IAC/E,CAAC;IACD,MAAM,IAAI,EAAE,CAAA;AACd,CAAC,CAAC,CAAA;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,gBAAgB,CAC1C,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;IAChB,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,OAAO,CAAA;IAC7B,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,aAAa,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,cAAc,EAAE,CAAC,CAAA;IAC3D,CAAC;IACD,IAAI,OAAO,CAAC,WAAW,KAAK,YAAY,EAAE,CAAC;QACzC,MAAM,IAAI,aAAa,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,uCAAuC,EAAE,CAAC,CAAA;IACpF,CAAC;IACD,MAAM,IAAI,EAAE,CAAA;AACd,CAAC,CACF,CAAA;AAED,iFAAiF;AAEjF;;;GAGG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAG,gBAAgB,CACnD,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;IAChB,MAAM,UAAU,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,CAAA;IAChD,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAA;IAC3B,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,EAAY,CAAA;IAE7B,mCAAmC;IACnC,IAAI,UAAU,EAAE,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;QAC3C,MAAM,MAAM,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QAElC,0BAA0B;QAC1B,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,MAAM,CAAC,eAAe,CAAC,CAAA;QACjD,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,MAAM,CAAC,CAAA;QAErC,MAAM,CAAC,MAAM,CAAC,GAAG,MAAM,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QAE9F,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,aAAa,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,+BAA+B,EAAE,CAAC,CAAA;QAC5E,CAAC;QAED,MAAM,CAAC,OAAO,CAAC,GAAG,MAAM,EAAE;aACvB,MAAM,EAAE;aACR,IAAI,CAAC,QAAQ,CAAC;aACd,KAAK,CAAC,EAAE,CAAC,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC,UAAU,CAAC,CAAC;aACzC,KAAK,CAAC,CAAC,CAAC,CAAA;QAEX,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC5C,MAAM,IAAI,aAAa,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,gCAAgC,EAAE,CAAC,CAAA;QAC7E,CAAC;QAED,uDAAuD;QACvD,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC;aACf,GAAG,CAAC,EAAE,YAAY,EAAE,IAAI,IAAI,EAAE,EAAE,CAAC;aACjC,KAAK,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC;aAChC,OAAO,EAAE;aACT,KAAK,CAAC,CAAC,GAAY,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,8CAA8C,EAAE,EAAE,KAAK,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAA;QAE/G,CAAC,CAAC,GAAG,CAAC,SAAS,EAAE;YACf,EAAE,EAAE,OAAO,CAAC,EAAE;YACd,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,WAAW,EAAE,OAAO,CAAC,YAA0C;YAC/D,KAAK,EAAE,CAAC,OAAO,CAAC,YAA0C,CAAC;YAC3D,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,QAAQ,EAAE,OAAO,CAAC,QAAQ;SAC3B,CAAC,CAAA;QAEF,OAAO,IAAI,EAAE,CAAA;IACf,CAAC;IAED,mBAAmB;IACnB,IAAI,UAAU,EAAE,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QACtC,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QACjC,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,KAAK,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;QAE3D,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,aAAa,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,6BAA6B,EAAE,CAAC,CAAA;QAC1E,CAAC;QAED,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;YACjB,MAAM,IAAI,aAAa,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,qCAAqC,EAAE,CAAC,CAAA;QAClF,CAAC;QAED,MAAM,CAAC,OAAO,CAAC,GAAG,MAAM,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,QAAQ,CAAC,EAAE,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QAE/F,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC5C,MAAM,IAAI,aAAa,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,iCAAiC,EAAE,CAAC,CAAA;QAC9E,CAAC;QAED,CAAC,CAAC,GAAG,CAAC,SAAS,EAAE;YACf,EAAE,EAAE,OAAO,CAAC,EAAE;YACd,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,WAAW,EAAE,OAAO,CAAC,YAA0C;YAC/D,KAAK,EAAE,CAAC,OAAO,CAAC,YAA0C,CAAC;YAC3D,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,QAAQ,EAAE,OAAO,CAAC,QAAQ;SAC3B,CAAC,CAAA;QAEF,OAAO,IAAI,EAAE,CAAA;IACf,CAAC;IAED,MAAM,IAAI,aAAa,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,uCAAuC,EAAE,CAAC,CAAA;AACpF,CAAC,CACF,CAAA"}
|
|
@@ -0,0 +1,375 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* ──────────────────────────────────────────────────────────────────
|
|
3
|
+
* 🏢 Company Name: Bonifade Technologies
|
|
4
|
+
* 👨💻 Developer: Bowofade Oyerinde
|
|
5
|
+
* 🐙 GitHub: oyenet1
|
|
6
|
+
* 📅 Created Date: 2026-04-05
|
|
7
|
+
* 🔄 Updated Date: 2026-04-05
|
|
8
|
+
* ──────────────────────────────────────────────────────────────────
|
|
9
|
+
*/
|
|
10
|
+
/**
|
|
11
|
+
* passkey_credentials — stores WebAuthn/Passkey credentials per account.
|
|
12
|
+
*
|
|
13
|
+
* One account can have multiple passkeys (e.g. phone + laptop + YubiKey).
|
|
14
|
+
* Each credential is identified by its credentialId (from the authenticator).
|
|
15
|
+
*/
|
|
16
|
+
export declare const passkeyCredentials: import("drizzle-orm/pg-core").PgTableWithColumns<{
|
|
17
|
+
name: "passkey_credentials";
|
|
18
|
+
schema: undefined;
|
|
19
|
+
columns: {
|
|
20
|
+
id: import("drizzle-orm/pg-core").PgColumn<{
|
|
21
|
+
name: "id";
|
|
22
|
+
tableName: "passkey_credentials";
|
|
23
|
+
dataType: "string";
|
|
24
|
+
columnType: "PgUUID";
|
|
25
|
+
data: string;
|
|
26
|
+
driverParam: string;
|
|
27
|
+
notNull: true;
|
|
28
|
+
hasDefault: true;
|
|
29
|
+
isPrimaryKey: true;
|
|
30
|
+
isAutoincrement: false;
|
|
31
|
+
hasRuntimeDefault: false;
|
|
32
|
+
enumValues: undefined;
|
|
33
|
+
baseColumn: never;
|
|
34
|
+
identity: undefined;
|
|
35
|
+
generated: undefined;
|
|
36
|
+
}, {}, {}>;
|
|
37
|
+
account_id: import("drizzle-orm/pg-core").PgColumn<{
|
|
38
|
+
name: "account_id";
|
|
39
|
+
tableName: "passkey_credentials";
|
|
40
|
+
dataType: "string";
|
|
41
|
+
columnType: "PgUUID";
|
|
42
|
+
data: string;
|
|
43
|
+
driverParam: string;
|
|
44
|
+
notNull: true;
|
|
45
|
+
hasDefault: false;
|
|
46
|
+
isPrimaryKey: false;
|
|
47
|
+
isAutoincrement: false;
|
|
48
|
+
hasRuntimeDefault: false;
|
|
49
|
+
enumValues: undefined;
|
|
50
|
+
baseColumn: never;
|
|
51
|
+
identity: undefined;
|
|
52
|
+
generated: undefined;
|
|
53
|
+
}, {}, {}>;
|
|
54
|
+
credential_id: import("drizzle-orm/pg-core").PgColumn<{
|
|
55
|
+
name: "credential_id";
|
|
56
|
+
tableName: "passkey_credentials";
|
|
57
|
+
dataType: "string";
|
|
58
|
+
columnType: "PgVarchar";
|
|
59
|
+
data: string;
|
|
60
|
+
driverParam: string;
|
|
61
|
+
notNull: true;
|
|
62
|
+
hasDefault: false;
|
|
63
|
+
isPrimaryKey: false;
|
|
64
|
+
isAutoincrement: false;
|
|
65
|
+
hasRuntimeDefault: false;
|
|
66
|
+
enumValues: [string, ...string[]];
|
|
67
|
+
baseColumn: never;
|
|
68
|
+
identity: undefined;
|
|
69
|
+
generated: undefined;
|
|
70
|
+
}, {}, {
|
|
71
|
+
length: 512;
|
|
72
|
+
}>;
|
|
73
|
+
public_key: import("drizzle-orm/pg-core").PgColumn<{
|
|
74
|
+
name: "public_key";
|
|
75
|
+
tableName: "passkey_credentials";
|
|
76
|
+
dataType: "string";
|
|
77
|
+
columnType: "PgText";
|
|
78
|
+
data: string;
|
|
79
|
+
driverParam: string;
|
|
80
|
+
notNull: true;
|
|
81
|
+
hasDefault: false;
|
|
82
|
+
isPrimaryKey: false;
|
|
83
|
+
isAutoincrement: false;
|
|
84
|
+
hasRuntimeDefault: false;
|
|
85
|
+
enumValues: [string, ...string[]];
|
|
86
|
+
baseColumn: never;
|
|
87
|
+
identity: undefined;
|
|
88
|
+
generated: undefined;
|
|
89
|
+
}, {}, {}>;
|
|
90
|
+
sign_count: import("drizzle-orm/pg-core").PgColumn<{
|
|
91
|
+
name: "sign_count";
|
|
92
|
+
tableName: "passkey_credentials";
|
|
93
|
+
dataType: "number";
|
|
94
|
+
columnType: "PgInteger";
|
|
95
|
+
data: number;
|
|
96
|
+
driverParam: string | number;
|
|
97
|
+
notNull: true;
|
|
98
|
+
hasDefault: true;
|
|
99
|
+
isPrimaryKey: false;
|
|
100
|
+
isAutoincrement: false;
|
|
101
|
+
hasRuntimeDefault: false;
|
|
102
|
+
enumValues: undefined;
|
|
103
|
+
baseColumn: never;
|
|
104
|
+
identity: undefined;
|
|
105
|
+
generated: undefined;
|
|
106
|
+
}, {}, {}>;
|
|
107
|
+
device_type: import("drizzle-orm/pg-core").PgColumn<{
|
|
108
|
+
name: "device_type";
|
|
109
|
+
tableName: "passkey_credentials";
|
|
110
|
+
dataType: "string";
|
|
111
|
+
columnType: "PgVarchar";
|
|
112
|
+
data: string;
|
|
113
|
+
driverParam: string;
|
|
114
|
+
notNull: true;
|
|
115
|
+
hasDefault: true;
|
|
116
|
+
isPrimaryKey: false;
|
|
117
|
+
isAutoincrement: false;
|
|
118
|
+
hasRuntimeDefault: false;
|
|
119
|
+
enumValues: [string, ...string[]];
|
|
120
|
+
baseColumn: never;
|
|
121
|
+
identity: undefined;
|
|
122
|
+
generated: undefined;
|
|
123
|
+
}, {}, {
|
|
124
|
+
length: 20;
|
|
125
|
+
}>;
|
|
126
|
+
backed_up: import("drizzle-orm/pg-core").PgColumn<{
|
|
127
|
+
name: "backed_up";
|
|
128
|
+
tableName: "passkey_credentials";
|
|
129
|
+
dataType: "boolean";
|
|
130
|
+
columnType: "PgBoolean";
|
|
131
|
+
data: boolean;
|
|
132
|
+
driverParam: boolean;
|
|
133
|
+
notNull: true;
|
|
134
|
+
hasDefault: true;
|
|
135
|
+
isPrimaryKey: false;
|
|
136
|
+
isAutoincrement: false;
|
|
137
|
+
hasRuntimeDefault: false;
|
|
138
|
+
enumValues: undefined;
|
|
139
|
+
baseColumn: never;
|
|
140
|
+
identity: undefined;
|
|
141
|
+
generated: undefined;
|
|
142
|
+
}, {}, {}>;
|
|
143
|
+
aaguid: import("drizzle-orm/pg-core").PgColumn<{
|
|
144
|
+
name: "aaguid";
|
|
145
|
+
tableName: "passkey_credentials";
|
|
146
|
+
dataType: "string";
|
|
147
|
+
columnType: "PgVarchar";
|
|
148
|
+
data: string;
|
|
149
|
+
driverParam: string;
|
|
150
|
+
notNull: true;
|
|
151
|
+
hasDefault: true;
|
|
152
|
+
isPrimaryKey: false;
|
|
153
|
+
isAutoincrement: false;
|
|
154
|
+
hasRuntimeDefault: false;
|
|
155
|
+
enumValues: [string, ...string[]];
|
|
156
|
+
baseColumn: never;
|
|
157
|
+
identity: undefined;
|
|
158
|
+
generated: undefined;
|
|
159
|
+
}, {}, {
|
|
160
|
+
length: 36;
|
|
161
|
+
}>;
|
|
162
|
+
transports: import("drizzle-orm/pg-core").PgColumn<{
|
|
163
|
+
name: "transports";
|
|
164
|
+
tableName: "passkey_credentials";
|
|
165
|
+
dataType: "string";
|
|
166
|
+
columnType: "PgVarchar";
|
|
167
|
+
data: string;
|
|
168
|
+
driverParam: string;
|
|
169
|
+
notNull: false;
|
|
170
|
+
hasDefault: false;
|
|
171
|
+
isPrimaryKey: false;
|
|
172
|
+
isAutoincrement: false;
|
|
173
|
+
hasRuntimeDefault: false;
|
|
174
|
+
enumValues: [string, ...string[]];
|
|
175
|
+
baseColumn: never;
|
|
176
|
+
identity: undefined;
|
|
177
|
+
generated: undefined;
|
|
178
|
+
}, {}, {
|
|
179
|
+
length: 255;
|
|
180
|
+
}>;
|
|
181
|
+
name: import("drizzle-orm/pg-core").PgColumn<{
|
|
182
|
+
name: "name";
|
|
183
|
+
tableName: "passkey_credentials";
|
|
184
|
+
dataType: "string";
|
|
185
|
+
columnType: "PgVarchar";
|
|
186
|
+
data: string;
|
|
187
|
+
driverParam: string;
|
|
188
|
+
notNull: false;
|
|
189
|
+
hasDefault: false;
|
|
190
|
+
isPrimaryKey: false;
|
|
191
|
+
isAutoincrement: false;
|
|
192
|
+
hasRuntimeDefault: false;
|
|
193
|
+
enumValues: [string, ...string[]];
|
|
194
|
+
baseColumn: never;
|
|
195
|
+
identity: undefined;
|
|
196
|
+
generated: undefined;
|
|
197
|
+
}, {}, {
|
|
198
|
+
length: 100;
|
|
199
|
+
}>;
|
|
200
|
+
last_used_at: import("drizzle-orm/pg-core").PgColumn<{
|
|
201
|
+
name: "last_used_at";
|
|
202
|
+
tableName: "passkey_credentials";
|
|
203
|
+
dataType: "date";
|
|
204
|
+
columnType: "PgTimestamp";
|
|
205
|
+
data: Date;
|
|
206
|
+
driverParam: string;
|
|
207
|
+
notNull: false;
|
|
208
|
+
hasDefault: false;
|
|
209
|
+
isPrimaryKey: false;
|
|
210
|
+
isAutoincrement: false;
|
|
211
|
+
hasRuntimeDefault: false;
|
|
212
|
+
enumValues: undefined;
|
|
213
|
+
baseColumn: never;
|
|
214
|
+
identity: undefined;
|
|
215
|
+
generated: undefined;
|
|
216
|
+
}, {}, {}>;
|
|
217
|
+
created_at: import("drizzle-orm/pg-core").PgColumn<{
|
|
218
|
+
name: "created_at";
|
|
219
|
+
tableName: "passkey_credentials";
|
|
220
|
+
dataType: "date";
|
|
221
|
+
columnType: "PgTimestamp";
|
|
222
|
+
data: Date;
|
|
223
|
+
driverParam: string;
|
|
224
|
+
notNull: true;
|
|
225
|
+
hasDefault: true;
|
|
226
|
+
isPrimaryKey: false;
|
|
227
|
+
isAutoincrement: false;
|
|
228
|
+
hasRuntimeDefault: false;
|
|
229
|
+
enumValues: undefined;
|
|
230
|
+
baseColumn: never;
|
|
231
|
+
identity: undefined;
|
|
232
|
+
generated: undefined;
|
|
233
|
+
}, {}, {}>;
|
|
234
|
+
updated_at: import("drizzle-orm/pg-core").PgColumn<{
|
|
235
|
+
name: "updated_at";
|
|
236
|
+
tableName: "passkey_credentials";
|
|
237
|
+
dataType: "date";
|
|
238
|
+
columnType: "PgTimestamp";
|
|
239
|
+
data: Date;
|
|
240
|
+
driverParam: string;
|
|
241
|
+
notNull: true;
|
|
242
|
+
hasDefault: true;
|
|
243
|
+
isPrimaryKey: false;
|
|
244
|
+
isAutoincrement: false;
|
|
245
|
+
hasRuntimeDefault: false;
|
|
246
|
+
enumValues: undefined;
|
|
247
|
+
baseColumn: never;
|
|
248
|
+
identity: undefined;
|
|
249
|
+
generated: undefined;
|
|
250
|
+
}, {}, {}>;
|
|
251
|
+
};
|
|
252
|
+
dialect: "pg";
|
|
253
|
+
}>;
|
|
254
|
+
/**
|
|
255
|
+
* passkey_challenges — temporary challenge storage for WebAuthn ceremonies.
|
|
256
|
+
*
|
|
257
|
+
* Challenges expire after 5 minutes and are deleted after use.
|
|
258
|
+
*/
|
|
259
|
+
export declare const passkeyChallenges: import("drizzle-orm/pg-core").PgTableWithColumns<{
|
|
260
|
+
name: "passkey_challenges";
|
|
261
|
+
schema: undefined;
|
|
262
|
+
columns: {
|
|
263
|
+
id: import("drizzle-orm/pg-core").PgColumn<{
|
|
264
|
+
name: "id";
|
|
265
|
+
tableName: "passkey_challenges";
|
|
266
|
+
dataType: "string";
|
|
267
|
+
columnType: "PgUUID";
|
|
268
|
+
data: string;
|
|
269
|
+
driverParam: string;
|
|
270
|
+
notNull: true;
|
|
271
|
+
hasDefault: true;
|
|
272
|
+
isPrimaryKey: true;
|
|
273
|
+
isAutoincrement: false;
|
|
274
|
+
hasRuntimeDefault: false;
|
|
275
|
+
enumValues: undefined;
|
|
276
|
+
baseColumn: never;
|
|
277
|
+
identity: undefined;
|
|
278
|
+
generated: undefined;
|
|
279
|
+
}, {}, {}>;
|
|
280
|
+
challenge: import("drizzle-orm/pg-core").PgColumn<{
|
|
281
|
+
name: "challenge";
|
|
282
|
+
tableName: "passkey_challenges";
|
|
283
|
+
dataType: "string";
|
|
284
|
+
columnType: "PgVarchar";
|
|
285
|
+
data: string;
|
|
286
|
+
driverParam: string;
|
|
287
|
+
notNull: true;
|
|
288
|
+
hasDefault: false;
|
|
289
|
+
isPrimaryKey: false;
|
|
290
|
+
isAutoincrement: false;
|
|
291
|
+
hasRuntimeDefault: false;
|
|
292
|
+
enumValues: [string, ...string[]];
|
|
293
|
+
baseColumn: never;
|
|
294
|
+
identity: undefined;
|
|
295
|
+
generated: undefined;
|
|
296
|
+
}, {}, {
|
|
297
|
+
length: 512;
|
|
298
|
+
}>;
|
|
299
|
+
type: import("drizzle-orm/pg-core").PgColumn<{
|
|
300
|
+
name: "type";
|
|
301
|
+
tableName: "passkey_challenges";
|
|
302
|
+
dataType: "string";
|
|
303
|
+
columnType: "PgVarchar";
|
|
304
|
+
data: string;
|
|
305
|
+
driverParam: string;
|
|
306
|
+
notNull: true;
|
|
307
|
+
hasDefault: false;
|
|
308
|
+
isPrimaryKey: false;
|
|
309
|
+
isAutoincrement: false;
|
|
310
|
+
hasRuntimeDefault: false;
|
|
311
|
+
enumValues: [string, ...string[]];
|
|
312
|
+
baseColumn: never;
|
|
313
|
+
identity: undefined;
|
|
314
|
+
generated: undefined;
|
|
315
|
+
}, {}, {
|
|
316
|
+
length: 20;
|
|
317
|
+
}>;
|
|
318
|
+
account_id: import("drizzle-orm/pg-core").PgColumn<{
|
|
319
|
+
name: "account_id";
|
|
320
|
+
tableName: "passkey_challenges";
|
|
321
|
+
dataType: "string";
|
|
322
|
+
columnType: "PgUUID";
|
|
323
|
+
data: string;
|
|
324
|
+
driverParam: string;
|
|
325
|
+
notNull: false;
|
|
326
|
+
hasDefault: false;
|
|
327
|
+
isPrimaryKey: false;
|
|
328
|
+
isAutoincrement: false;
|
|
329
|
+
hasRuntimeDefault: false;
|
|
330
|
+
enumValues: undefined;
|
|
331
|
+
baseColumn: never;
|
|
332
|
+
identity: undefined;
|
|
333
|
+
generated: undefined;
|
|
334
|
+
}, {}, {}>;
|
|
335
|
+
expires_at: import("drizzle-orm/pg-core").PgColumn<{
|
|
336
|
+
name: "expires_at";
|
|
337
|
+
tableName: "passkey_challenges";
|
|
338
|
+
dataType: "date";
|
|
339
|
+
columnType: "PgTimestamp";
|
|
340
|
+
data: Date;
|
|
341
|
+
driverParam: string;
|
|
342
|
+
notNull: true;
|
|
343
|
+
hasDefault: false;
|
|
344
|
+
isPrimaryKey: false;
|
|
345
|
+
isAutoincrement: false;
|
|
346
|
+
hasRuntimeDefault: false;
|
|
347
|
+
enumValues: undefined;
|
|
348
|
+
baseColumn: never;
|
|
349
|
+
identity: undefined;
|
|
350
|
+
generated: undefined;
|
|
351
|
+
}, {}, {}>;
|
|
352
|
+
created_at: import("drizzle-orm/pg-core").PgColumn<{
|
|
353
|
+
name: "created_at";
|
|
354
|
+
tableName: "passkey_challenges";
|
|
355
|
+
dataType: "date";
|
|
356
|
+
columnType: "PgTimestamp";
|
|
357
|
+
data: Date;
|
|
358
|
+
driverParam: string;
|
|
359
|
+
notNull: true;
|
|
360
|
+
hasDefault: true;
|
|
361
|
+
isPrimaryKey: false;
|
|
362
|
+
isAutoincrement: false;
|
|
363
|
+
hasRuntimeDefault: false;
|
|
364
|
+
enumValues: undefined;
|
|
365
|
+
baseColumn: never;
|
|
366
|
+
identity: undefined;
|
|
367
|
+
generated: undefined;
|
|
368
|
+
}, {}, {}>;
|
|
369
|
+
};
|
|
370
|
+
dialect: "pg";
|
|
371
|
+
}>;
|
|
372
|
+
export type PasskeyCredential = typeof passkeyCredentials.$inferSelect;
|
|
373
|
+
export type NewPasskeyCredential = typeof passkeyCredentials.$inferInsert;
|
|
374
|
+
export type PasskeyChallenge = typeof passkeyChallenges.$inferSelect;
|
|
375
|
+
//# sourceMappingURL=passkey-schema.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"passkey-schema.d.ts","sourceRoot":"","sources":["../src/passkey-schema.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAIH;;;;;GAKG;AACH,eAAO,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAwC9B,CAAA;AAED;;;;GAIG;AACH,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAqB7B,CAAA;AAED,MAAM,MAAM,iBAAiB,GAAG,OAAO,kBAAkB,CAAC,YAAY,CAAA;AACtE,MAAM,MAAM,oBAAoB,GAAG,OAAO,kBAAkB,CAAC,YAAY,CAAA;AACzE,MAAM,MAAM,gBAAgB,GAAG,OAAO,iBAAiB,CAAC,YAAY,CAAA"}
|
|
@@ -0,0 +1,63 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* ──────────────────────────────────────────────────────────────────
|
|
3
|
+
* 🏢 Company Name: Bonifade Technologies
|
|
4
|
+
* 👨💻 Developer: Bowofade Oyerinde
|
|
5
|
+
* 🐙 GitHub: oyenet1
|
|
6
|
+
* 📅 Created Date: 2026-04-05
|
|
7
|
+
* 🔄 Updated Date: 2026-04-05
|
|
8
|
+
* ──────────────────────────────────────────────────────────────────
|
|
9
|
+
*/
|
|
10
|
+
import { pgTable, uuid, varchar, text, integer, boolean, timestamp, index } from 'drizzle-orm/pg-core';
|
|
11
|
+
/**
|
|
12
|
+
* passkey_credentials — stores WebAuthn/Passkey credentials per account.
|
|
13
|
+
*
|
|
14
|
+
* One account can have multiple passkeys (e.g. phone + laptop + YubiKey).
|
|
15
|
+
* Each credential is identified by its credentialId (from the authenticator).
|
|
16
|
+
*/
|
|
17
|
+
export const passkeyCredentials = pgTable('passkey_credentials', {
|
|
18
|
+
id: uuid('id').primaryKey().defaultRandom(),
|
|
19
|
+
/** FK → accounts.id */
|
|
20
|
+
account_id: uuid('account_id').notNull(),
|
|
21
|
+
/** base64url-encoded credential ID from the authenticator */
|
|
22
|
+
credential_id: varchar('credential_id', { length: 512 }).notNull().unique(),
|
|
23
|
+
/** base64url-encoded COSE public key */
|
|
24
|
+
public_key: text('public_key').notNull(),
|
|
25
|
+
/** Replay-attack counter — must increase on every authentication */
|
|
26
|
+
sign_count: integer('sign_count').notNull().default(0),
|
|
27
|
+
/** 'platform' (device biometrics) or 'cross-platform' (security key) */
|
|
28
|
+
device_type: varchar('device_type', { length: 20 }).notNull().default('platform'),
|
|
29
|
+
/** Whether the credential is backed up to the cloud (e.g. iCloud Keychain) */
|
|
30
|
+
backed_up: boolean('backed_up').notNull().default(false),
|
|
31
|
+
/** Authenticator AAGUID — identifies the authenticator model */
|
|
32
|
+
aaguid: varchar('aaguid', { length: 36 }).notNull().default('00000000-0000-0000-0000-000000000000'),
|
|
33
|
+
/** Comma-separated transport hints: internal, usb, nfc, ble, hybrid */
|
|
34
|
+
transports: varchar('transports', { length: 255 }),
|
|
35
|
+
/** Human-readable name set by the user (e.g. "iPhone 15", "YubiKey 5") */
|
|
36
|
+
name: varchar('name', { length: 100 }),
|
|
37
|
+
last_used_at: timestamp('last_used_at'),
|
|
38
|
+
created_at: timestamp('created_at').defaultNow().notNull(),
|
|
39
|
+
updated_at: timestamp('updated_at').defaultNow().notNull(),
|
|
40
|
+
}, (table) => ({
|
|
41
|
+
accountIdx: index('passkey_credentials_account_id_idx').on(table.account_id),
|
|
42
|
+
credentialIdx: index('passkey_credentials_credential_id_idx').on(table.credential_id),
|
|
43
|
+
}));
|
|
44
|
+
/**
|
|
45
|
+
* passkey_challenges — temporary challenge storage for WebAuthn ceremonies.
|
|
46
|
+
*
|
|
47
|
+
* Challenges expire after 5 minutes and are deleted after use.
|
|
48
|
+
*/
|
|
49
|
+
export const passkeyChallenges = pgTable('passkey_challenges', {
|
|
50
|
+
id: uuid('id').primaryKey().defaultRandom(),
|
|
51
|
+
/** base64url-encoded random challenge */
|
|
52
|
+
challenge: varchar('challenge', { length: 512 }).notNull().unique(),
|
|
53
|
+
/** 'registration' or 'authentication' */
|
|
54
|
+
type: varchar('type', { length: 20 }).notNull(),
|
|
55
|
+
/** FK → accounts.id (null for registration before account exists) */
|
|
56
|
+
account_id: uuid('account_id'),
|
|
57
|
+
expires_at: timestamp('expires_at').notNull(),
|
|
58
|
+
created_at: timestamp('created_at').defaultNow().notNull(),
|
|
59
|
+
}, (table) => ({
|
|
60
|
+
challengeIdx: index('passkey_challenges_challenge_idx').on(table.challenge),
|
|
61
|
+
expiresIdx: index('passkey_challenges_expires_at_idx').on(table.expires_at),
|
|
62
|
+
}));
|
|
63
|
+
//# sourceMappingURL=passkey-schema.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"passkey-schema.js","sourceRoot":"","sources":["../src/passkey-schema.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAEtG;;;;;GAKG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,OAAO,CACvC,qBAAqB,EACrB;IACE,EAAE,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,CAAC,aAAa,EAAE;IAE3C,uBAAuB;IACvB,UAAU,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE;IAExC,6DAA6D;IAC7D,aAAa,EAAE,OAAO,CAAC,eAAe,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,MAAM,EAAE;IAE3E,wCAAwC;IACxC,UAAU,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE;IAExC,oEAAoE;IACpE,UAAU,EAAE,OAAO,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;IAEtD,wEAAwE;IACxE,WAAW,EAAE,OAAO,CAAC,aAAa,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,UAAU,CAAC;IAEjF,8EAA8E;IAC9E,SAAS,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;IAExD,gEAAgE;IAChE,MAAM,EAAE,OAAO,CAAC,QAAQ,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,sCAAsC,CAAC;IAEnG,uEAAuE;IACvE,UAAU,EAAE,OAAO,CAAC,YAAY,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC;IAElD,0EAA0E;IAC1E,IAAI,EAAE,OAAO,CAAC,MAAM,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC;IAEtC,YAAY,EAAE,SAAS,CAAC,cAAc,CAAC;IACvC,UAAU,EAAE,SAAS,CAAC,YAAY,CAAC,CAAC,UAAU,EAAE,CAAC,OAAO,EAAE;IAC1D,UAAU,EAAE,SAAS,CAAC,YAAY,CAAC,CAAC,UAAU,EAAE,CAAC,OAAO,EAAE;CAC3D,EACD,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IACV,UAAU,EAAE,KAAK,CAAC,oCAAoC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC;IAC5E,aAAa,EAAE,KAAK,CAAC,uCAAuC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,aAAa,CAAC;CACtF,CAAC,CACH,CAAA;AAED;;;;GAIG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG,OAAO,CACtC,oBAAoB,EACpB;IACE,EAAE,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,CAAC,aAAa,EAAE;IAE3C,yCAAyC;IACzC,SAAS,EAAE,OAAO,CAAC,WAAW,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,MAAM,EAAE;IAEnE,yCAAyC;IACzC,IAAI,EAAE,OAAO,CAAC,MAAM,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE;IAE/C,qEAAqE;IACrE,UAAU,EAAE,IAAI,CAAC,YAAY,CAAC;IAE9B,UAAU,EAAE,SAAS,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE;IAC7C,UAAU,EAAE,SAAS,CAAC,YAAY,CAAC,CAAC,UAAU,EAAE,CAAC,OAAO,EAAE;CAC3D,EACD,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IACV,YAAY,EAAE,KAAK,CAAC,kCAAkC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,SAAS,CAAC;IAC3E,UAAU,EAAE,KAAK,CAAC,mCAAmC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC;CAC5E,CAAC,CACH,CAAA"}
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* ──────────────────────────────────────────────────────────────────
|
|
3
|
+
* 🏢 Company Name: Bonifade Technologies
|
|
4
|
+
* 👨💻 Developer: Bowofade Oyerinde
|
|
5
|
+
* 🐙 GitHub: oyenet1
|
|
6
|
+
* 📅 Created Date: 2026-04-05
|
|
7
|
+
* 🔄 Updated Date: 2026-04-05
|
|
8
|
+
* ──────────────────────────────────────────────────────────────────
|
|
9
|
+
*/
|
|
10
|
+
import { Hono } from 'hono';
|
|
11
|
+
import type { AppVariables } from 'vonosan/types';
|
|
12
|
+
declare const authRouter: Hono<{
|
|
13
|
+
Variables: AppVariables;
|
|
14
|
+
}, import("hono/types").BlankSchema, "/">;
|
|
15
|
+
export default authRouter;
|
|
16
|
+
//# sourceMappingURL=auth.routes.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth.routes.d.ts","sourceRoot":"","sources":["../../src/routes/auth.routes.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AAG3B,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,eAAe,CAAA;AAoCjD,QAAA,MAAM,UAAU;eAAyB,YAAY;yCAAK,CAAA;AAmD1D,eAAe,UAAU,CAAA"}
|