@withstudiocms/sdk 0.0.0-beta.0 → 0.1.0

package/dist/modules/util/collectors.js

@@ -0,0 +1,168 @@
+import { Data, Effect, Schema } from "@withstudiocms/effect";
+import { DBClientLive, StorageManagerResolver } from "../../context.js";
+import { resolveStorageManagerUrls } from "../../lib/storage-manager.js";
+import {
+  StudioCMSOAuthAccounts,
+  StudioCMSPageContent,
+  StudioCMSPageDataCategories,
+  StudioCMSPageDataTags,
+  StudioCMSPermissions,
+  StudioCMSUsersTable
+} from "../../tables.js";
+import { SDKFolderTree } from "./folderTree.js";
+import { SDKParsers } from "./parsers.js";
+import { slugify } from "./slugify.js";
+class CollectorError extends Data.TaggedError("CollectorError") {
+}
+const useCollectorError = (_try) => Effect.try({
+  try: _try,
+  catch: (error) => new CollectorError({ cause: error })
+});
+const SDKCollectors = Effect.gen(function* () {
+  const [
+    { withCodec },
+    { findNodesAlongPathToId },
+    { parseIdNumberArray, parseIdStringArray },
+    smResolver
+  ] = yield* Effect.all([DBClientLive, SDKFolderTree, SDKParsers, StorageManagerResolver]);
+  const resolveUrls = resolveStorageManagerUrls(smResolver);
+  const _getUserData = withCodec({
+    encoder: Schema.String,
+    decoder: Schema.UndefinedOr(StudioCMSUsersTable.Select),
+    callbackFn: (query, id) => query(
+      (db) => db.selectFrom("StudioCMSUsersTable").selectAll().where("id", "=", id).executeTakeFirst()
+    )
+  });
+  const _getPageContent = withCodec({
+    encoder: Schema.String,
+    decoder: Schema.Array(StudioCMSPageContent.Select),
+    callbackFn: (query, id) => query(
+      (db) => db.selectFrom("StudioCMSPageContent").selectAll().where("contentId", "=", id).execute()
+    )
+  });
+  const _getOAuthAccountData = withCodec({
+    encoder: Schema.String,
+    decoder: Schema.Array(StudioCMSOAuthAccounts.Select),
+    callbackFn: (query, id) => query(
+      (db) => db.selectFrom("StudioCMSOAuthAccounts").selectAll().where("userId", "=", id).execute()
+    )
+  });
+  const _getUserPermissionsData = withCodec({
+    encoder: Schema.String,
+    decoder: Schema.UndefinedOr(StudioCMSPermissions.Select),
+    callbackFn: (query, id) => query(
+      (db) => db.selectFrom("StudioCMSPermissions").selectAll().where("user", "=", id).executeTakeFirst()
+    )
+  });
+  const _transformPageDataToMetaOnly = (data) => useCollectorError(() => {
+    if (Array.isArray(data)) {
+      return data.map(
+        ({ defaultContent, multiLangContent, ...rest2 }) => rest2
+      );
+    }
+    const {
+      defaultContent: _dump1,
+      multiLangContent: _dump2,
+      ...rest
+    } = data;
+    return rest;
+  });
+  const _collectContributorData = Effect.fn(
+    (ids) => Effect.all(ids.map((id) => _getUserData(id))).pipe(
+      Effect.map((results) => results.filter((user) => !!user))
+    )
+  );
+  const collectCategories = withCodec({
+    encoder: Schema.Array(Schema.Number),
+    decoder: Schema.Array(StudioCMSPageDataCategories.Select),
+    callbackFn: (db, ids) => db(
+      (c) => c.selectFrom("StudioCMSPageDataCategories").selectAll().where("id", "in", ids).execute()
+    )
+  });
+  const collectTags = withCodec({
+    encoder: Schema.Array(Schema.Number),
+    decoder: Schema.Array(StudioCMSPageDataTags.Select),
+    callbackFn: (db, ids) => db((c) => c.selectFrom("StudioCMSPageDataTags").selectAll().where("id", "in", ids).execute())
+  });
+  function collectPageData(page, tree, metaOnly = false) {
+    return Effect.gen(function* () {
+      const [categories, tags, contributorsData, authorData] = yield* Effect.all([
+        parseIdNumberArray(page.categories || []).pipe(Effect.flatMap(collectCategories)),
+        parseIdNumberArray(page.tags || []).pipe(Effect.flatMap(collectTags)),
+        parseIdStringArray(page.contributorIds || []).pipe(Effect.flatMap(_collectContributorData)),
+        _getUserData(page.authorId)
+      ]);
+      let multiLangContent = [];
+      if (!metaOnly) {
+        multiLangContent = yield* _getPageContent(page.id);
+      }
+      const defaultContent = multiLangContent?.find(
+        (content) => content.contentLang === page.contentLang
+      );
+      const safeSlug = page.slug === "index" ? "/" : slugify(page.slug);
+      let urlRoute = safeSlug.startsWith("/") ? safeSlug : `/${safeSlug}`;
+      if (page.parentFolder) {
+        const urlParts = yield* findNodesAlongPathToId(tree, page.parentFolder);
+        const folderPath = urlParts.map(({ name }) => slugify(name)).join("/");
+        urlRoute = folderPath.length > 0 ? `/${folderPath}${safeSlug === "/" ? "" : `/${safeSlug}`}` : safeSlug;
+      }
+      let authorDataTyped;
+      if (authorData) {
+        const { email, password, ...rest } = authorData;
+        authorDataTyped = {
+          ...rest
+        };
+      }
+      let contributorsDataTyped;
+      if (contributorsData) {
+        contributorsDataTyped = contributorsData.map(({ email, password, ...rest }) => ({
+          ...rest
+        }));
+      }
+      const returnData = yield* resolveUrls(
+        {
+          ...page,
+          urlRoute,
+          categories,
+          tags,
+          authorData: authorDataTyped,
+          contributorsData: contributorsDataTyped,
+          multiLangContent,
+          defaultContent
+        },
+        ["heroImage"]
+      ).pipe(Effect.catchTag("UnknownException", (e) => new CollectorError({ cause: e })));
+      if (!returnData) {
+        return yield* new CollectorError({
+          cause: "Unknown error occurred while resolving storage manager URL"
+        });
+      }
+      if (metaOnly) {
+        return yield* _transformPageDataToMetaOnly(returnData);
+      }
+      return returnData;
+    });
+  }
+  const collectUserData = Effect.fn(
+    (user) => Effect.all([_getOAuthAccountData(user.id), _getUserPermissionsData(user.id)]).pipe(
+      Effect.map(
+        ([oAuthData, permissionsData]) => ({
+          ...user,
+          oAuthData,
+          permissionsData
+        })
+      )
+    )
+  );
+  return {
+    collectCategories,
+    collectTags,
+    collectPageData,
+    collectUserData
+  };
+});
+export {
+  CollectorError,
+  SDKCollectors,
+  useCollectorError
+};

package/dist/modules/util/folderTree.d.ts

@@ -0,0 +1,100 @@
+import { Effect } from '@withstudiocms/effect';
+import { DBClientLive } from '../../context.js';
+import type { FolderListItem, FolderNode } from '../../types.js';
+declare const FolderTreeError_base: new <A extends Record<string, any> = {}>(args: import("effect/Types").Equals<A, {}> extends true ? void : { readonly [P in keyof A as P extends "_tag" ? never : P]: A[P]; }) => import("effect/Cause").YieldableError & {
+    readonly _tag: "FolderTreeError";
+} & Readonly<A>;
+/**
+ * Custom error class for folder tree related errors.
+ */
+export declare class FolderTreeError extends FolderTreeError_base<{
+    cause: unknown;
+}> {
+}
+/**
+ * Utility function to wrap operations with FolderTreeError handling.
+ *
+ * @param _try - A function that performs the operation to be wrapped.
+ * @returns An Effect that either yields the result of the operation or a FolderTreeError.
+ */
+export declare const useFolderTreeError: <T>(_try: () => T) => Effect.Effect<T, FolderTreeError, never>;
+/**
+ * SDKFolderTree
+ *
+ * An Effect.Gen that provides utilities for constructing and querying an in-memory folder tree
+ * representation derived from the StudioCMSPageFolderStructure table.
+ *
+ * This effect:
+ * - Fetches the current folder records from the database using DBClientLive and a typed decoder.
+ * - Exposes pure and effectful helper functions for building a hierarchical tree, searching nodes
+ *   by path or id, and adding page nodes to the tree.
+ *
+ * Exposed functions and behavior:
+ * - generateFolderTree(folders: readonly tsPageFolderSelect[]): FolderNode[]
+ *   Builds a hierarchical FolderNode[] from a flat list of folder records. Each FolderNode
+ *   contains id, name, pageData, page (boolean), and children (FolderNode[]).
+ *
+ * - getFullPath(tree: FolderNode[], path: string[]): string[]
+ *   Returns the sequence of folder names from the root down to the specified path of folder names.
+ *   If the supplied path is not found, returns the longest matched prefix (or an empty array).
+ *
+ * - findNodeByPath(tree: FolderNode[], path: string[]): FolderNode | null
+ *   Locates and returns the FolderNode that exactly matches the supplied path of folder names.
+ *   Returns null if the full path does not exist.
+ *
+ * - findNodesAlongPath(tree: FolderNode[], path: string[]): FolderNode[]
+ *   Returns the array of FolderNode objects encountered along the specified path of names.
+ *   Useful for obtaining each node in the chain (root → ... → target). Returns an empty array
+ *   when no match is found.
+ *
+ * - findNodesAlongPathToId(tree: FolderNode[], id: string): FolderNode[]
+ *   Searches the tree for a node by id and returns all FolderNode objects along the path from
+ *   the root to that node. If the id is not found, an empty array is returned.
+ *
+ * - findNodeById(tree: FolderNode[], id: string): FolderNode | null
+ *   Recursively searches and returns the FolderNode with the matching id, or null when not found.
+ *
+ * - addPageToFolderTree(tree: FolderNode[], folderId: string, newPage: FolderNode): FolderNode[]
+ *   Effectful helper that inserts a new page node under the folder with folderId. If no folder
+ *   with folderId exists, the newPage is appended at the root level. Returns the updated tree.
+ *
+ * - buildFolderTree: Effect<unknown, Error, FolderNode[]>
+ *   Effect that fetches current folders from the DB and maps them to a hierarchical tree using
+ *   generateFolderTree.
+ *
+ * - getAvailableFolders: Effect<unknown, Error, FolderListItem[]>
+ *   Effect that fetches current folders from the DB and returns a light-weight list of folder
+ *   descriptors { id, name, parent } for UI lists or selection controls.
+ *
+ * Notes and guarantees:
+ * - All helpers wrap their logic in a folder-tree specific error boundary via useFolderTreeError,
+ *   so callers receive consistent errors for tree operations.
+ * - The internal representation assumes unique folder ids and uses the parent id to assemble
+ *   the hierarchy; folders with a null/undefined parent are treated as root nodes.
+ * - The effect depends on DBClientLive and a decoder for StudioCMSPageFolderStructure to ensure
+ *   type-safe database reads.
+ *
+ * @remarks
+ * Intended for use by SDK consumers that need to present, navigate, or mutate a folder hierarchy
+ * derived from persistent storage. Consumers should treat returned FolderNode[] as a mutable
+ * structure when using addPageToFolderTree; other helpers are pure and deterministic.
+ *
+ * @returns An Effect that yields an object exposing the functions described above for building
+ *          and querying folder trees.
+ */
+export declare const SDKFolderTree: Effect.Effect<{
+    generateFolderTree: (folders: readonly {
+        readonly id: string;
+        readonly name: string;
+        readonly parent?: string | null | undefined;
+    }[]) => Effect.Effect<FolderNode[], FolderTreeError, never>;
+    getFullPath: (tree: FolderNode[], path: string[]) => Effect.Effect<string[], FolderTreeError, never>;
+    findNodeByPath: (tree: FolderNode[], path: string[]) => Effect.Effect<FolderNode | null, FolderTreeError, never>;
+    findNodesAlongPath: (tree: FolderNode[], path: string[]) => Effect.Effect<FolderNode[], FolderTreeError, never>;
+    findNodesAlongPathToId: (tree: FolderNode[], id: string) => Effect.Effect<FolderNode[], FolderTreeError, never>;
+    findNodeById: (tree: FolderNode[], id: string) => Effect.Effect<FolderNode | null, FolderTreeError, never>;
+    addPageToFolderTree: (tree: FolderNode[], folderId: string, newPage: FolderNode) => Effect.Effect<FolderNode[], FolderTreeError, never>;
+    buildFolderTree: Effect.Effect<FolderNode[], import("@withstudiocms/kysely/client").DBCallbackFailure | import("@withstudiocms/kysely/core/errors").DatabaseError | FolderTreeError, never>;
+    getAvailableFolders: Effect.Effect<FolderListItem[], import("@withstudiocms/kysely/client").DBCallbackFailure | import("@withstudiocms/kysely/core/errors").DatabaseError, never>;
+}, never, DBClientLive>;
+export {};

package/dist/modules/util/folderTree.js

@@ -0,0 +1,176 @@
+import { Data, Effect, Schema } from "@withstudiocms/effect";
+import { DBClientLive } from "../../context.js";
+import { StudioCMSPageFolderStructure } from "../../tables.js";
+class FolderTreeError extends Data.TaggedError("FolderTreeError") {
+}
+const useFolderTreeError = (_try) => Effect.try({
+  try: _try,
+  catch: (error) => new FolderTreeError({ cause: error })
+});
+const SDKFolderTree = Effect.gen(function* () {
+  const { withDecoder } = yield* DBClientLive;
+  const _getCurrentFolders = withDecoder({
+    decoder: Schema.Array(StudioCMSPageFolderStructure.Select),
+    callbackFn: (query) => query((db) => db.selectFrom("StudioCMSPageFolderStructure").selectAll().execute())
+  });
+  const generateFolderTree = Effect.fn(
+    (folders) => useFolderTreeError(() => {
+      const folderMap = {};
+      for (const folder of folders) {
+        folderMap[folder.id] = {
+          id: folder.id,
+          name: folder.name,
+          pageData: null,
+          page: false,
+          children: []
+        };
+      }
+      const rootFolders = [];
+      for (const folder of folders) {
+        const childFolder = folderMap[folder.id];
+        if (!childFolder) continue;
+        if (folder.parent === null || folder.parent === void 0) {
+          rootFolders.push(childFolder);
+        } else {
+          const parentFolder = folderMap[folder.parent];
+          if (parentFolder) {
+            parentFolder.children.push(childFolder);
+          }
+        }
+      }
+      return rootFolders;
+    })
+  );
+  const getFullPath = Effect.fn(
+    (tree, path) => useFolderTreeError(() => {
+      const result = [];
+      function helper(nodes, pathParts) {
+        if (pathParts.length === 0) return false;
+        const [current, ...rest] = pathParts;
+        for (const node of nodes) {
+          if (node.name === current) {
+            result.push(node.name);
+            if (rest.length === 0 || helper(node.children, rest)) {
+              return true;
+            }
+            result.pop();
+          }
+        }
+        return false;
+      }
+      helper(tree, path);
+      return result;
+    })
+  );
+  const findNodeByPath = Effect.fn(
+    (tree, path) => useFolderTreeError(() => {
+      function _findNodeByPath(tree2, path2) {
+        if (path2.length === 0) return null;
+        const [current, ...rest] = path2;
+        for (const node of tree2) {
+          if (node.name === current) {
+            if (rest.length === 0) return node;
+            return _findNodeByPath(node.children, rest);
+          }
+        }
+        return null;
+      }
+      return _findNodeByPath(tree, path);
+    })
+  );
+  const findNodesAlongPath = Effect.fn(
+    (tree, path) => useFolderTreeError(() => {
+      const result = [];
+      function helper(nodes, pathParts) {
+        if (pathParts.length === 0) return false;
+        const [current, ...rest] = pathParts;
+        for (const node of nodes) {
+          if (node.name === current) {
+            result.push(node);
+            if (rest.length === 0 || helper(node.children, rest)) {
+              return true;
+            }
+            result.pop();
+          }
+        }
+        return false;
+      }
+      helper(tree, path);
+      return result;
+    })
+  );
+  const findNodesAlongPathToId = Effect.fn(
+    (tree, id) => useFolderTreeError(() => {
+      const path = [];
+      function helper(nodes, targetId) {
+        for (const node of nodes) {
+          path.push(node);
+          if (node.id === targetId) {
+            return true;
+          }
+          if (helper(node.children, targetId)) {
+            return true;
+          }
+          path.pop();
+        }
+        return false;
+      }
+      helper(tree, id);
+      return path;
+    })
+  );
+  const findNodeById = Effect.fn(
+    (tree, id) => useFolderTreeError(() => {
+      function _findNodeById(tree2, id2) {
+        for (const node of tree2) {
+          if (node.id === id2) {
+            return node;
+          }
+          const found = _findNodeById(node.children, id2);
+          if (found) {
+            return found;
+          }
+        }
+        return null;
+      }
+      return _findNodeById(tree, id);
+    })
+  );
+  const addPageToFolderTree = Effect.fn(function* (tree, folderId, newPage) {
+    const parentFolder = yield* findNodeById(tree, folderId);
+    if (!parentFolder) {
+      tree.push(newPage);
+      return tree;
+    }
+    parentFolder.children.push(newPage);
+    return tree;
+  });
+  const buildFolderTree = _getCurrentFolders().pipe(Effect.flatMap(generateFolderTree));
+  const getAvailableFolders = _getCurrentFolders().pipe(
+    Effect.map(
+      (folders) => folders.map(
+        (folder) => ({
+          id: folder.id,
+          name: folder.name,
+          parent: folder.parent
+        })
+      )
+    )
+  );
+  return {
+    generateFolderTree,
+    getFullPath,
+    findNodeByPath,
+    findNodesAlongPath,
+    findNodesAlongPathToId,
+    findNodeById,
+    addPageToFolderTree,
+    buildFolderTree,
+    getAvailableFolders
+  };
+});
+export {
+  FolderTreeError,
+  SDKFolderTree,
+  useFolderTreeError
+};

package/dist/modules/util/generators.d.ts

@@ -0,0 +1,83 @@
+import { Effect } from '@withstudiocms/effect';
+import type { JwtVerificationResult } from '../../types.js';
+declare const GeneratorError_base: new <A extends Record<string, any> = {}>(args: import("effect/Types").Equals<A, {}> extends true ? void : { readonly [P in keyof A as P extends "_tag" ? never : P]: A[P]; }) => import("effect/Cause").YieldableError & {
+    readonly _tag: "GeneratorError";
+} & Readonly<A>;
+/**
+ * Represents errors that occur during generator operations.
+ */
+export declare class GeneratorError extends GeneratorError_base<{
+    cause: unknown;
+}> {
+}
+/**
+ * A helper function to wrap generator operations in an Effect with error handling.
+ *
+ * @param _try - A function that performs the generator operation.
+ * @returns An Effect that either yields the result of the operation or fails with a GeneratorError.
+ */
+export declare const useGeneratorError: <A>(_try: () => A) => Effect.Effect<A, GeneratorError, never>;
+/**
+ * SDKGenerators
+ *
+ * Effect generator that builds a collection of utility functions used across the SDK.
+ *
+ * This generator:
+ * - Reads the CMS encryption key from configuration (CMS_ENCRYPTION_KEY). The key's value is kept redacted for
+ *   safety in logs and debug output; the generator uses the redacted value for cryptographic operations where needed.
+ * - Exposes utilities for creating random IDs, secure passwords, issuing JWTs for users, and verifying JWTs.
+ *
+ * Exposed utilities:
+ * - generateRandomIDNumber(length: number): number
+ *   - Generates a numeric identifier of the specified length.
+ *   - Uses Math.random() and therefore is suitable for non-cryptographic identifiers.
+ *
+ * - generateRandomPassword(length: number): string
+ *   - Produces a password of the requested length using the character set
+ *     "A-Z a-z 0-9".
+ *   - Uses crypto.getRandomValues and rejection sampling to avoid modulo bias, providing cryptographically
+ *     strong random selection from the character set.
+ *
+ * - generateToken(userId: string, noExpire?: boolean): string
+ *   - Creates a signed JSON Web Token for the supplied userId.
+ *   - By default the token is time-limited (expires in a short timeframe — implementation uses a 3 hour default).
+ *     Passing `noExpire = true` will produce a token without the automatic expiry.
+ *   - Token signing uses the CMS encryption key (redacted) via the SDK's internal JWT generation routine.
+ *
+ * - testToken(token: string): Effect.Effect<JwtVerificationResult, GeneratorError, never>
+ *   - Validates the provided JWT using the CMS encryption key.
+ *   - Verification performs:
+ *     - header algorithm check (expects HS256),
+ *     - expiration check (tokens with exp in the past are rejected),
+ *     - signature verification (HMAC SHA-256 using the configured secret).
+ *   - Returns a JwtVerificationResult indicating whether the token is valid and, if so, the userId extracted from the token.
+ *
+ * Error handling and effects:
+ * - Many operations are wrapped with the generator's error handling helpers and may fail with GeneratorError when
+ *   JSON parsing, cryptographic operations, or other wrapped computations error.
+ * - Sensitive values (CMS encryption key) are handled in redacted form to avoid accidental exposure.
+ *
+ * Security notes:
+ * - generateRandomPassword uses cryptographically secure randomness; generateRandomIDNumber does not and should not
+ *   be used where cryptographic unpredictability is required.
+ * - Tokens are signed and validated using HMAC-SHA256 (HS256). Ensure the configured CMS_ENCRYPTION_KEY is strong and
+ *   kept secret.
+ *
+ * Returns:
+ * - An object containing the four utilities: { generateRandomIDNumber, generateRandomPassword, generateToken, testToken }.
+ *
+ * Example:
+ * @example
+ * const sdk = yield* SDKGenerators;
+ * const token = yield* sdk.generateToken('user-123');
+ * const result = yield* sdk.testToken(token);
+ *
+ * @throws {GeneratorError} if any underlying generator-wrapped operation (parsing, crypto, config retrieval) fails.
+ */
+export declare const SDKGenerators: Effect.Effect<{
+    generateRandomIDNumber: (length: number) => Effect.Effect<number, GeneratorError, never>;
+    generateRandomPassword: (length: number) => Effect.Effect<string, GeneratorError, never>;
+    generateToken: (userId: string, noExpire?: boolean | undefined) => Effect.Effect<string, GeneratorError, never>;
+    testToken: (token: string) => Effect.Effect<JwtVerificationResult, GeneratorError, never>;
+}, import("effect/ConfigError").ConfigError, never>;
+export {};

package/dist/modules/util/generators.js

@@ -0,0 +1,106 @@
+import * as crypto from "node:crypto";
+import { Config, Data, Effect, Redacted } from "@withstudiocms/effect";
+class GeneratorError extends Data.TaggedError("GeneratorError") {
+}
+const useGeneratorError = (_try) => Effect.try({
+  try: _try,
+  catch: (error) => new GeneratorError({ cause: error })
+});
+const SDKGenerators = Effect.gen(function* () {
+  const redactedCMSEncryptionKey = yield* Config.redacted("CMS_ENCRYPTION_KEY");
+  const cmsEncryptionKey = Redacted.value(redactedCMSEncryptionKey);
+  const base64UrlEncode = (input) => Buffer.from(input).toString("base64").replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+  const base64UrlDecode = (input) => {
+    let newInput = input.replace(/-/g, "+").replace(/_/g, "/");
+    while (newInput.length % 4 !== 0) {
+      newInput += "=";
+    }
+    return Buffer.from(newInput, "base64").toString();
+  };
+  const generateJwt = Effect.fn(
+    (secret, payload, noExpire) => useGeneratorError(() => {
+      const header = { alg: "HS256", typ: "JWT" };
+      const currentDate = /* @__PURE__ */ new Date();
+      const thirtyYearsFromToday = Math.floor(
+        currentDate.setFullYear(currentDate.getFullYear() + 30) / 1e3
+      );
+      const exp = noExpire ? thirtyYearsFromToday : Math.floor(Date.now() / 1e3) + 86400;
+      const payloadObj = {
+        ...payload,
+        iat: Math.floor(Date.now() / 1e3),
+        // Corrected iat
+        exp
+      };
+      const encodedHeader = base64UrlEncode(JSON.stringify(header));
+      const encodedPayload = base64UrlEncode(JSON.stringify(payloadObj));
+      const signatureInput = `${encodedHeader}.${encodedPayload}`;
+      const signature = Buffer.from(
+        crypto.createHmac("sha256", secret + secret).update(signatureInput).digest()
+      ).toString("base64url");
+      return `${encodedHeader}.${encodedPayload}.${signature}`;
+    })
+  );
+  const verifyJwt = (token, secret) => Effect.gen(function* () {
+    const [encodedHeader, encodedPayload, encodedSignature] = token.split(".");
+    if (!encodedHeader || !encodedPayload || !encodedSignature) {
+      yield* Effect.logDebug("Invalid token format");
+      return { isValid: false };
+    }
+    const [header, payload] = yield* Effect.all([
+      useGeneratorError(() => JSON.parse(base64UrlDecode(encodedHeader))),
+      useGeneratorError(() => JSON.parse(base64UrlDecode(encodedPayload)))
+    ]);
+    if (header.alg !== "HS256") {
+      yield* Effect.logDebug("Invalid algorithm");
+      return { isValid: false };
+    }
+    const currentTime = Math.floor(Date.now() / 1e3);
+    if (payload.exp && currentTime > payload.exp) {
+      yield* Effect.logDebug("Token has expired");
+      return { isValid: false };
+    }
+    const signatureInput = `${encodedHeader}.${encodedPayload}`;
+    const generatedSignature = yield* useGeneratorError(() => {
+      return Buffer.from(
+        crypto.createHmac("sha256", secret + secret).update(signatureInput).digest()
+      ).toString("base64url");
+    });
+    if (generatedSignature !== encodedSignature) {
+      yield* Effect.logDebug("Invalid signature");
+      return { isValid: false };
+    }
+    return { isValid: true, userId: payload.userId };
+  });
+  const generateRandomIDNumber = Effect.fn(
+    (length) => useGeneratorError(() => Math.floor(Math.random() * 10 ** length))
+  );
+  const generateRandomPassword = Effect.fn(
+    (length) => useGeneratorError(() => {
+      const characters = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
+      let password = "";
+      const maxValidValue = Math.floor((2 ** 32 - 1) / characters.length) * characters.length;
+      while (password.length < length) {
+        const n = crypto.getRandomValues(new Uint32Array(1))[0];
+        if (n < maxValidValue) {
+          password += characters[n % characters.length];
+        }
+      }
+      return password;
+    })
+  );
+  const generateToken = Effect.fn(
+    (userId, noExpire) => generateJwt(cmsEncryptionKey, { userId }, noExpire)
+  );
+  const testToken = Effect.fn((token) => verifyJwt(token, cmsEncryptionKey));
+  return {
+    generateRandomIDNumber,
+    generateRandomPassword,
+    generateToken,
+    testToken
+  };
+});
+export {
+  GeneratorError,
+  SDKGenerators,
+  useGeneratorError
+};