npm - @wopr-network/platform-core - Versions diffs - 0.1.0 - Mend

@wopr-network/platform-core 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (694) hide show

package/biome.json +61 -0
package/dist/admin/admin-audit-log-repository.d.ts +33 -0
package/dist/admin/admin-audit-log-repository.js +102 -0
package/dist/admin/audit-log.d.ts +49 -0
package/dist/admin/audit-log.js +63 -0
package/dist/admin/index.d.ts +6 -0
package/dist/admin/index.js +3 -0
package/dist/admin/role-store.d.ts +37 -0
package/dist/admin/role-store.js +106 -0
package/dist/auth/api-key-repository.d.ts +11 -0
package/dist/auth/api-key-repository.js +33 -0
package/dist/auth/api-key-repository.test.d.ts +1 -0
package/dist/auth/api-key-repository.test.js +46 -0
package/dist/auth/auth.test.d.ts +1 -0
package/dist/auth/auth.test.js +140 -0
package/dist/auth/better-auth.d.ts +42 -0
package/dist/auth/better-auth.js +196 -0
package/dist/auth/index.d.ts +186 -0
package/dist/auth/index.js +422 -0
package/dist/auth/login-history-repository.d.ts +14 -0
package/dist/auth/login-history-repository.js +15 -0
package/dist/auth/login-history-repository.test.d.ts +1 -0
package/dist/auth/login-history-repository.test.js +47 -0
package/dist/auth/middleware.d.ts +55 -0
package/dist/auth/middleware.js +101 -0
package/dist/auth/middleware.test.d.ts +1 -0
package/dist/auth/middleware.test.js +213 -0
package/dist/auth/scoped-tokens.test.d.ts +1 -0
package/dist/auth/scoped-tokens.test.js +306 -0
package/dist/auth/tenant-access.test.d.ts +1 -0
package/dist/auth/tenant-access.test.js +62 -0
package/dist/auth/user-creator.d.ts +9 -0
package/dist/auth/user-creator.js +47 -0
package/dist/auth/user-creator.test.d.ts +1 -0
package/dist/auth/user-creator.test.js +78 -0
package/dist/auth/user-role-repository.d.ts +31 -0
package/dist/auth/user-role-repository.js +53 -0
package/dist/auth/user-role-repository.test.d.ts +1 -0
package/dist/auth/user-role-repository.test.js +122 -0
package/dist/billing/drizzle-webhook-seen-repository.d.ts +10 -0
package/dist/billing/drizzle-webhook-seen-repository.js +28 -0
package/dist/billing/index.d.ts +7 -0
package/dist/billing/index.js +7 -0
package/dist/billing/payment-processor.d.ts +127 -0
package/dist/billing/payment-processor.js +8 -0
package/dist/billing/payment-processor.test.d.ts +1 -0
package/dist/billing/payment-processor.test.js +71 -0
package/dist/billing/payram/cents-credits-boundary.test.d.ts +1 -0
package/dist/billing/payram/cents-credits-boundary.test.js +75 -0
package/dist/billing/payram/charge-store.d.ts +41 -0
package/dist/billing/payram/charge-store.js +72 -0
package/dist/billing/payram/charge-store.test.d.ts +1 -0
package/dist/billing/payram/charge-store.test.js +64 -0
package/dist/billing/payram/checkout.d.ts +15 -0
package/dist/billing/payram/checkout.js +24 -0
package/dist/billing/payram/checkout.test.d.ts +1 -0
package/dist/billing/payram/checkout.test.js +74 -0
package/dist/billing/payram/client.d.ts +7 -0
package/dist/billing/payram/client.js +15 -0
package/dist/billing/payram/client.test.d.ts +1 -0
package/dist/billing/payram/client.test.js +52 -0
package/dist/billing/payram/index.d.ts +8 -0
package/dist/billing/payram/index.js +4 -0
package/dist/billing/payram/types.d.ts +40 -0
package/dist/billing/payram/types.js +1 -0
package/dist/billing/payram/webhook.d.ts +19 -0
package/dist/billing/payram/webhook.js +67 -0
package/dist/billing/payram/webhook.test.d.ts +7 -0
package/dist/billing/payram/webhook.test.js +248 -0
package/dist/billing/stripe/cents-credits-boundary.test.d.ts +1 -0
package/dist/billing/stripe/cents-credits-boundary.test.js +62 -0
package/dist/billing/stripe/checkout.d.ts +20 -0
package/dist/billing/stripe/checkout.js +63 -0
package/dist/billing/stripe/checkout.test.d.ts +1 -0
package/dist/billing/stripe/checkout.test.js +148 -0
package/dist/billing/stripe/client.d.ts +14 -0
package/dist/billing/stripe/client.js +33 -0
package/dist/billing/stripe/client.test.d.ts +1 -0
package/dist/billing/stripe/client.test.js +58 -0
package/dist/billing/stripe/credit-prices.d.ts +63 -0
package/dist/billing/stripe/credit-prices.js +81 -0
package/dist/billing/stripe/credit-prices.test.d.ts +1 -0
package/dist/billing/stripe/credit-prices.test.js +87 -0
package/dist/billing/stripe/index.d.ts +14 -0
package/dist/billing/stripe/index.js +8 -0
package/dist/billing/stripe/payment-methods-detach-all.test.d.ts +1 -0
package/dist/billing/stripe/payment-methods-detach-all.test.js +40 -0
package/dist/billing/stripe/payment-methods.d.ts +25 -0
package/dist/billing/stripe/payment-methods.js +53 -0
package/dist/billing/stripe/payment-methods.test.d.ts +1 -0
package/dist/billing/stripe/payment-methods.test.js +122 -0
package/dist/billing/stripe/portal.d.ts +10 -0
package/dist/billing/stripe/portal.js +16 -0
package/dist/billing/stripe/portal.test.d.ts +1 -0
package/dist/billing/stripe/portal.test.js +48 -0
package/dist/billing/stripe/setup-intent.d.ts +16 -0
package/dist/billing/stripe/setup-intent.js +22 -0
package/dist/billing/stripe/setup-intent.test.d.ts +1 -0
package/dist/billing/stripe/setup-intent.test.js +58 -0
package/dist/billing/stripe/stripe-payment-processor.d.ts +49 -0
package/dist/billing/stripe/stripe-payment-processor.js +166 -0
package/dist/billing/stripe/stripe-payment-processor.test.d.ts +1 -0
package/dist/billing/stripe/stripe-payment-processor.test.js +413 -0
package/dist/billing/stripe/tenant-store.d.ts +56 -0
package/dist/billing/stripe/tenant-store.js +119 -0
package/dist/billing/stripe/tenant-store.test.d.ts +1 -0
package/dist/billing/stripe/tenant-store.test.js +97 -0
package/dist/billing/stripe/types.d.ts +49 -0
package/dist/billing/stripe/types.js +1 -0
package/dist/billing/webhook-seen-repository.d.ts +14 -0
package/dist/billing/webhook-seen-repository.js +13 -0
package/dist/config/billing-env.test.d.ts +1 -0
package/dist/config/billing-env.test.js +48 -0
package/dist/config/index.d.ts +46 -0
package/dist/config/index.js +38 -0
package/dist/config/logger.d.ts +2 -0
package/dist/config/logger.js +11 -0
package/dist/config/provider-endpoints.d.ts +6 -0
package/dist/config/provider-endpoints.js +12 -0
package/dist/credits/auto-topup-charge.d.ts +27 -0
package/dist/credits/auto-topup-charge.js +139 -0
package/dist/credits/auto-topup-charge.test.d.ts +1 -0
package/dist/credits/auto-topup-charge.test.js +242 -0
package/dist/credits/auto-topup-event-log-repository.d.ts +16 -0
package/dist/credits/auto-topup-event-log-repository.js +18 -0
package/dist/credits/auto-topup-event-log-repository.test.d.ts +1 -0
package/dist/credits/auto-topup-event-log-repository.test.js +83 -0
package/dist/credits/auto-topup-schedule.d.ts +27 -0
package/dist/credits/auto-topup-schedule.js +66 -0
package/dist/credits/auto-topup-schedule.test.d.ts +1 -0
package/dist/credits/auto-topup-schedule.test.js +145 -0
package/dist/credits/auto-topup-settings-repository.d.ts +54 -0
package/dist/credits/auto-topup-settings-repository.js +184 -0
package/dist/credits/auto-topup-settings-repository.test.d.ts +1 -0
package/dist/credits/auto-topup-settings-repository.test.js +104 -0
package/dist/credits/auto-topup-usage.d.ts +22 -0
package/dist/credits/auto-topup-usage.js +56 -0
package/dist/credits/auto-topup-usage.test.d.ts +1 -0
package/dist/credits/auto-topup-usage.test.js +181 -0
package/dist/credits/credit-expiry-cron.d.ts +19 -0
package/dist/credits/credit-expiry-cron.js +50 -0
package/dist/credits/credit-expiry-cron.test.d.ts +1 -0
package/dist/credits/credit-expiry-cron.test.js +67 -0
package/dist/credits/credit-ledger-extra.test.d.ts +1 -0
package/dist/credits/credit-ledger-extra.test.js +40 -0
package/dist/credits/credit-ledger.bench.d.ts +1 -0
package/dist/credits/credit-ledger.bench.js +33 -0
package/dist/credits/credit-ledger.d.ts +130 -0
package/dist/credits/credit-ledger.js +293 -0
package/dist/credits/credit-ledger.test.d.ts +4 -0
package/dist/credits/credit-ledger.test.js +203 -0
package/dist/credits/credit-transaction-repository.d.ts +17 -0
package/dist/credits/credit-transaction-repository.js +35 -0
package/dist/credits/credit-transaction-repository.test.d.ts +1 -0
package/dist/credits/credit-transaction-repository.test.js +232 -0
package/dist/credits/credit.d.ts +75 -0
package/dist/credits/credit.js +139 -0
package/dist/credits/credit.test.d.ts +1 -0
package/dist/credits/credit.test.js +196 -0
package/dist/credits/dividend-cron.d.ts +29 -0
package/dist/credits/dividend-cron.js +88 -0
package/dist/credits/dividend-cron.test.d.ts +1 -0
package/dist/credits/dividend-cron.test.js +128 -0
package/dist/credits/dividend-repository.d.ts +29 -0
package/dist/credits/dividend-repository.js +126 -0
package/dist/credits/dividend-repository.test.d.ts +1 -0
package/dist/credits/dividend-repository.test.js +176 -0
package/dist/credits/index.d.ts +9 -0
package/dist/credits/index.js +5 -0
package/dist/credits/repository-types.d.ts +29 -0
package/dist/credits/repository-types.js +1 -0
package/dist/credits/signup-grant.d.ts +12 -0
package/dist/credits/signup-grant.js +35 -0
package/dist/credits/signup-grant.test.d.ts +1 -0
package/dist/credits/signup-grant.test.js +51 -0
package/dist/credits/tenant-customer-repository.d.ts +30 -0
package/dist/credits/tenant-customer-repository.js +5 -0
package/dist/db/auth-user-repository.d.ts +46 -0
package/dist/db/auth-user-repository.js +90 -0
package/dist/db/credit-column.d.ts +27 -0
package/dist/db/credit-column.js +13 -0
package/dist/db/index.d.ts +14 -0
package/dist/db/index.js +8 -0
package/dist/db/schema/account-deletion-requests.d.ts +203 -0
package/dist/db/schema/account-deletion-requests.js +36 -0
package/dist/db/schema/account-export-requests.d.ts +148 -0
package/dist/db/schema/account-export-requests.js +19 -0
package/dist/db/schema/admin-audit.d.ts +194 -0
package/dist/db/schema/admin-audit.js +21 -0
package/dist/db/schema/admin-users.d.ts +177 -0
package/dist/db/schema/admin-users.js +23 -0
package/dist/db/schema/affiliate-fraud.d.ts +160 -0
package/dist/db/schema/affiliate-fraud.js +18 -0
package/dist/db/schema/affiliate.d.ts +277 -0
package/dist/db/schema/affiliate.js +32 -0
package/dist/db/schema/coupon-codes.d.ts +143 -0
package/dist/db/schema/coupon-codes.js +17 -0
package/dist/db/schema/credit-auto-topup-settings.d.ts +232 -0
package/dist/db/schema/credit-auto-topup-settings.js +27 -0
package/dist/db/schema/credit-auto-topup.d.ts +130 -0
package/dist/db/schema/credit-auto-topup.js +21 -0
package/dist/db/schema/credits.d.ts +283 -0
package/dist/db/schema/credits.js +38 -0
package/dist/db/schema/dividend-distributions.d.ts +130 -0
package/dist/db/schema/dividend-distributions.js +19 -0
package/dist/db/schema/email-notifications.d.ts +99 -0
package/dist/db/schema/email-notifications.js +21 -0
package/dist/db/schema/index.d.ts +33 -0
package/dist/db/schema/index.js +33 -0
package/dist/db/schema/meter-events.d.ts +599 -0
package/dist/db/schema/meter-events.js +55 -0
package/dist/db/schema/notification-preferences.d.ts +165 -0
package/dist/db/schema/notification-preferences.js +18 -0
package/dist/db/schema/notification-queue.d.ts +236 -0
package/dist/db/schema/notification-queue.js +40 -0
package/dist/db/schema/org-memberships.d.ts +63 -0
package/dist/db/schema/org-memberships.js +15 -0
package/dist/db/schema/organization-members.d.ts +235 -0
package/dist/db/schema/organization-members.js +27 -0
package/dist/db/schema/payram.d.ts +164 -0
package/dist/db/schema/payram.js +21 -0
package/dist/db/schema/platform-api-keys.d.ts +143 -0
package/dist/db/schema/platform-api-keys.js +20 -0
package/dist/db/schema/promotion-redemptions.d.ts +143 -0
package/dist/db/schema/promotion-redemptions.js +18 -0
package/dist/db/schema/promotions.d.ts +445 -0
package/dist/db/schema/promotions.js +48 -0
package/dist/db/schema/provider-credentials.d.ts +201 -0
package/dist/db/schema/provider-credentials.js +36 -0
package/dist/db/schema/rate-limit-entries.d.ts +75 -0
package/dist/db/schema/rate-limit-entries.js +7 -0
package/dist/db/schema/secret-audit-log.d.ts +109 -0
package/dist/db/schema/secret-audit-log.js +15 -0
package/dist/db/schema/session-usage.d.ts +194 -0
package/dist/db/schema/session-usage.js +19 -0
package/dist/db/schema/spending-limits.d.ts +92 -0
package/dist/db/schema/spending-limits.js +8 -0
package/dist/db/schema/tenant-addons.d.ts +58 -0
package/dist/db/schema/tenant-addons.js +9 -0
package/dist/db/schema/tenant-api-keys.d.ts +131 -0
package/dist/db/schema/tenant-api-keys.js +21 -0
package/dist/db/schema/tenant-capability-settings.d.ts +79 -0
package/dist/db/schema/tenant-capability-settings.js +12 -0
package/dist/db/schema/tenant-customers.d.ts +303 -0
package/dist/db/schema/tenant-customers.js +25 -0
package/dist/db/schema/tenants.d.ts +126 -0
package/dist/db/schema/tenants.js +18 -0
package/dist/db/schema/user-roles.d.ts +98 -0
package/dist/db/schema/user-roles.js +18 -0
package/dist/db/schema/webhook-seen-events.d.ts +58 -0
package/dist/db/schema/webhook-seen-events.js +9 -0
package/dist/email/billing-emails.d.ts +51 -0
package/dist/email/billing-emails.js +163 -0
package/dist/email/billing-emails.test.d.ts +1 -0
package/dist/email/billing-emails.test.js +162 -0
package/dist/email/client.d.ts +51 -0
package/dist/email/client.js +102 -0
package/dist/email/client.test.d.ts +1 -0
package/dist/email/client.test.js +120 -0
package/dist/email/drizzle-billing-email-repository.d.ts +21 -0
package/dist/email/drizzle-billing-email-repository.js +36 -0
package/dist/email/drizzle-billing-email-repository.test.d.ts +1 -0
package/dist/email/drizzle-billing-email-repository.test.js +42 -0
package/dist/email/index.d.ts +33 -0
package/dist/email/index.js +22 -0
package/dist/email/notification-preferences-store.d.ts +12 -0
package/dist/email/notification-preferences-store.js +82 -0
package/dist/email/notification-preferences-store.test.d.ts +1 -0
package/dist/email/notification-preferences-store.test.js +86 -0
package/dist/email/notification-queue-store.d.ts +25 -0
package/dist/email/notification-queue-store.js +97 -0
package/dist/email/notification-queue-store.test.d.ts +1 -0
package/dist/email/notification-queue-store.test.js +177 -0
package/dist/email/notification-repository-types.d.ts +70 -0
package/dist/email/notification-repository-types.js +6 -0
package/dist/email/notification-service.d.ts +41 -0
package/dist/email/notification-service.js +196 -0
package/dist/email/notification-service.test.d.ts +1 -0
package/dist/email/notification-service.test.js +160 -0
package/dist/email/notification-templates.d.ts +18 -0
package/dist/email/notification-templates.js +574 -0
package/dist/email/notification-templates.test.d.ts +1 -0
package/dist/email/notification-templates.test.js +238 -0
package/dist/email/notification-worker.d.ts +24 -0
package/dist/email/notification-worker.js +109 -0
package/dist/email/notification-worker.test.d.ts +1 -0
package/dist/email/notification-worker.test.js +153 -0
package/dist/email/require-verified.d.ts +25 -0
package/dist/email/require-verified.js +52 -0
package/dist/email/require-verified.test.d.ts +1 -0
package/dist/email/require-verified.test.js +62 -0
package/dist/email/resend-adapter.d.ts +47 -0
package/dist/email/resend-adapter.js +137 -0
package/dist/email/resend-adapter.test.d.ts +1 -0
package/dist/email/resend-adapter.test.js +190 -0
package/dist/email/templates.d.ts +22 -0
package/dist/email/templates.js +359 -0
package/dist/email/templates.test.d.ts +1 -0
package/dist/email/templates.test.js +170 -0
package/dist/email/verification.d.ts +42 -0
package/dist/email/verification.js +83 -0
package/dist/email/verification.test.d.ts +1 -0
package/dist/email/verification.test.js +141 -0
package/dist/index.d.ts +13 -0
package/dist/index.js +23 -0
package/dist/metering/aggregator.d.ts +54 -0
package/dist/metering/aggregator.js +123 -0
package/dist/metering/aggregator.test.d.ts +1 -0
package/dist/metering/aggregator.test.js +179 -0
package/dist/metering/dlq.d.ts +31 -0
package/dist/metering/dlq.js +82 -0
package/dist/metering/dlq.test.d.ts +1 -0
package/dist/metering/dlq.test.js +117 -0
package/dist/metering/drizzle-usage-summary-repository.d.ts +67 -0
package/dist/metering/drizzle-usage-summary-repository.js +98 -0
package/dist/metering/emitter.d.ts +66 -0
package/dist/metering/emitter.js +185 -0
package/dist/metering/emitter.test.d.ts +1 -0
package/dist/metering/emitter.test.js +171 -0
package/dist/metering/index.d.ts +11 -0
package/dist/metering/index.js +5 -0
package/dist/metering/load-test.bench.d.ts +1 -0
package/dist/metering/load-test.bench.js +103 -0
package/dist/metering/meter-event-repository.d.ts +33 -0
package/dist/metering/meter-event-repository.js +58 -0
package/dist/metering/meter-repositories.test.d.ts +1 -0
package/dist/metering/meter-repositories.test.js +419 -0
package/dist/metering/metering.test.d.ts +1 -0
package/dist/metering/metering.test.js +1046 -0
package/dist/metering/reconciliation-cron.d.ts +37 -0
package/dist/metering/reconciliation-cron.js +85 -0
package/dist/metering/reconciliation-cron.test.d.ts +1 -0
package/dist/metering/reconciliation-cron.test.js +162 -0
package/dist/metering/reconciliation-repository.d.ts +27 -0
package/dist/metering/reconciliation-repository.js +43 -0
package/dist/metering/reconciliation-repository.test.d.ts +1 -0
package/dist/metering/reconciliation-repository.test.js +160 -0
package/dist/metering/types.d.ts +88 -0
package/dist/metering/types.js +1 -0
package/dist/metering/wal.d.ts +49 -0
package/dist/metering/wal.js +124 -0
package/dist/metering/wal.test.d.ts +1 -0
package/dist/metering/wal.test.js +175 -0
package/dist/middleware/csrf.d.ts +24 -0
package/dist/middleware/csrf.js +80 -0
package/dist/middleware/csrf.test.d.ts +1 -0
package/dist/middleware/csrf.test.js +152 -0
package/dist/middleware/drizzle-rate-limit-repository.d.ts +9 -0
package/dist/middleware/drizzle-rate-limit-repository.js +52 -0
package/dist/middleware/drizzle-rate-limit-repository.test.d.ts +1 -0
package/dist/middleware/drizzle-rate-limit-repository.test.js +74 -0
package/dist/middleware/get-client-ip.d.ts +22 -0
package/dist/middleware/get-client-ip.js +51 -0
package/dist/middleware/get-client-ip.test.d.ts +1 -0
package/dist/middleware/get-client-ip.test.js +40 -0
package/dist/middleware/index.d.ts +5 -0
package/dist/middleware/index.js +4 -0
package/dist/middleware/rate-limit-repository.d.ts +19 -0
package/dist/middleware/rate-limit-repository.js +1 -0
package/dist/middleware/rate-limit.d.ts +57 -0
package/dist/middleware/rate-limit.js +109 -0
package/dist/middleware/rate-limit.test.d.ts +1 -0
package/dist/middleware/rate-limit.test.js +247 -0
package/dist/security/credential-vault/audit-repository.d.ts +27 -0
package/dist/security/credential-vault/audit-repository.js +42 -0
package/dist/security/credential-vault/audit-repository.test.d.ts +1 -0
package/dist/security/credential-vault/audit-repository.test.js +78 -0
package/dist/security/credential-vault/credential-repository.d.ts +94 -0
package/dist/security/credential-vault/credential-repository.js +145 -0
package/dist/security/credential-vault/credential-repository.test.d.ts +1 -0
package/dist/security/credential-vault/credential-repository.test.js +206 -0
package/dist/security/credential-vault/index.d.ts +12 -0
package/dist/security/credential-vault/index.js +6 -0
package/dist/security/credential-vault/key-rotation.d.ts +18 -0
package/dist/security/credential-vault/key-rotation.js +52 -0
package/dist/security/credential-vault/key-rotation.test.d.ts +1 -0
package/dist/security/credential-vault/key-rotation.test.js +95 -0
package/dist/security/credential-vault/migrate-plaintext.d.ts +15 -0
package/dist/security/credential-vault/migrate-plaintext.js +80 -0
package/dist/security/credential-vault/migrate-plaintext.test.d.ts +1 -0
package/dist/security/credential-vault/migrate-plaintext.test.js +111 -0
package/dist/security/credential-vault/migration-check.d.ts +15 -0
package/dist/security/credential-vault/migration-check.js +71 -0
package/dist/security/credential-vault/migration-check.test.d.ts +1 -0
package/dist/security/credential-vault/migration-check.test.js +457 -0
package/dist/security/credential-vault/store.d.ts +106 -0
package/dist/security/credential-vault/store.js +181 -0
package/dist/security/credential-vault/store.test.d.ts +1 -0
package/dist/security/credential-vault/store.test.js +482 -0
package/dist/security/encryption.d.ts +22 -0
package/dist/security/encryption.js +53 -0
package/dist/security/encryption.test.d.ts +1 -0
package/dist/security/encryption.test.js +95 -0
package/dist/security/host-validation.d.ts +11 -0
package/dist/security/host-validation.js +108 -0
package/dist/security/host-validation.test.d.ts +1 -0
package/dist/security/host-validation.test.js +106 -0
package/dist/security/index.d.ts +11 -0
package/dist/security/index.js +11 -0
package/dist/security/key-audit.d.ts +16 -0
package/dist/security/key-audit.js +35 -0
package/dist/security/key-audit.test.d.ts +1 -0
package/dist/security/key-audit.test.js +50 -0
package/dist/security/key-injection.d.ts +28 -0
package/dist/security/key-injection.js +57 -0
package/dist/security/key-injection.test.d.ts +1 -0
package/dist/security/key-injection.test.js +97 -0
package/dist/security/key-validation.d.ts +16 -0
package/dist/security/key-validation.js +78 -0
package/dist/security/key-validation.test.d.ts +1 -0
package/dist/security/key-validation.test.js +87 -0
package/dist/security/redirect-allowlist.d.ts +6 -0
package/dist/security/redirect-allowlist.js +36 -0
package/dist/security/redirect-allowlist.test.d.ts +1 -0
package/dist/security/redirect-allowlist.test.js +55 -0
package/dist/security/tenant-keys/capability-settings-store.d.ts +22 -0
package/dist/security/tenant-keys/capability-settings-store.js +33 -0
package/dist/security/tenant-keys/capability-settings-store.test.d.ts +1 -0
package/dist/security/tenant-keys/capability-settings-store.test.js +77 -0
package/dist/security/tenant-keys/index.d.ts +10 -0
package/dist/security/tenant-keys/index.js +5 -0
package/dist/security/tenant-keys/key-resolution-repository.d.ts +15 -0
package/dist/security/tenant-keys/key-resolution-repository.js +18 -0
package/dist/security/tenant-keys/key-resolution-repository.test.d.ts +1 -0
package/dist/security/tenant-keys/key-resolution-repository.test.js +72 -0
package/dist/security/tenant-keys/key-resolution.d.ts +39 -0
package/dist/security/tenant-keys/key-resolution.js +59 -0
package/dist/security/tenant-keys/key-resolution.test.d.ts +1 -0
package/dist/security/tenant-keys/key-resolution.test.js +97 -0
package/dist/security/tenant-keys/org-key-resolution.d.ts +30 -0
package/dist/security/tenant-keys/org-key-resolution.js +50 -0
package/dist/security/tenant-keys/org-key-resolution.test.d.ts +1 -0
package/dist/security/tenant-keys/org-key-resolution.test.js +103 -0
package/dist/security/tenant-keys/tenant-key-repository.d.ts +36 -0
package/dist/security/tenant-keys/tenant-key-repository.js +96 -0
package/dist/security/tenant-keys/tenant-key-repository.test.d.ts +1 -0
package/dist/security/tenant-keys/tenant-key-repository.test.js +114 -0
package/dist/security/types.d.ts +35 -0
package/dist/security/types.js +15 -0
package/dist/tenancy/drizzle-org-repository.d.ts +40 -0
package/dist/tenancy/drizzle-org-repository.js +126 -0
package/dist/tenancy/index.d.ts +6 -0
package/dist/tenancy/index.js +3 -0
package/dist/tenancy/org-member-repository.d.ts +57 -0
package/dist/tenancy/org-member-repository.js +99 -0
package/dist/tenancy/org-repository.test.d.ts +1 -0
package/dist/tenancy/org-repository.test.js +143 -0
package/dist/tenancy/org-service.d.ts +70 -0
package/dist/tenancy/org-service.js +223 -0
package/dist/tenancy/org-service.test.d.ts +1 -0
package/dist/tenancy/org-service.test.js +550 -0
package/dist/test/db.d.ts +33 -0
package/dist/test/db.js +65 -0
package/dist/trpc/index.d.ts +1 -0
package/dist/trpc/index.js +1 -0
package/dist/trpc/init.d.ts +49 -0
package/dist/trpc/init.js +108 -0
package/dist/trpc/init.test.d.ts +1 -0
package/dist/trpc/init.test.js +154 -0
package/drizzle/migrations/0000_slippery_mandrill.sql +559 -0
package/drizzle/migrations/meta/0000_snapshot.json +4374 -0
package/drizzle/migrations/meta/_journal.json +13 -0
package/drizzle.config.ts +41 -0
package/package.json +64 -0
package/src/admin/admin-audit-log-repository.ts +135 -0
package/src/admin/audit-log.ts +111 -0
package/src/admin/index.ts +6 -0
package/src/admin/role-store.ts +134 -0
package/src/auth/api-key-repository.test.ts +63 -0
package/src/auth/api-key-repository.ts +46 -0
package/src/auth/auth.test.ts +166 -0
package/src/auth/better-auth.ts +216 -0
package/src/auth/index.ts +520 -0
package/src/auth/login-history-repository.test.ts +54 -0
package/src/auth/login-history-repository.ts +28 -0
package/src/auth/middleware.test.ts +264 -0
package/src/auth/middleware.ts +117 -0
package/src/auth/scoped-tokens.test.ts +362 -0
package/src/auth/tenant-access.test.ts +69 -0
package/src/auth/user-creator.test.ts +98 -0
package/src/auth/user-creator.ts +54 -0
package/src/auth/user-role-repository.test.ts +149 -0
package/src/auth/user-role-repository.ts +67 -0
package/src/billing/drizzle-webhook-seen-repository.ts +34 -0
package/src/billing/index.ts +22 -0
package/src/billing/payment-processor.test.ts +93 -0
package/src/billing/payment-processor.ts +150 -0
package/src/billing/payram/cents-credits-boundary.test.ts +84 -0
package/src/billing/payram/charge-store.test.ts +84 -0
package/src/billing/payram/charge-store.ts +109 -0
package/src/billing/payram/checkout.test.ts +99 -0
package/src/billing/payram/checkout.ts +40 -0
package/src/billing/payram/client.test.ts +62 -0
package/src/billing/payram/client.ts +21 -0
package/src/billing/payram/index.ts +14 -0
package/src/billing/payram/types.ts +44 -0
package/src/billing/payram/webhook.test.ts +318 -0
package/src/billing/payram/webhook.ts +97 -0
package/src/billing/stripe/cents-credits-boundary.test.ts +70 -0
package/src/billing/stripe/checkout.test.ts +186 -0
package/src/billing/stripe/checkout.ts +82 -0
package/src/billing/stripe/client.test.ts +64 -0
package/src/billing/stripe/client.ts +39 -0
package/src/billing/stripe/credit-prices.test.ts +114 -0
package/src/billing/stripe/credit-prices.ts +113 -0
package/src/billing/stripe/index.ts +14 -0
package/src/billing/stripe/payment-methods-detach-all.test.ts +53 -0
package/src/billing/stripe/payment-methods.test.ts +157 -0
package/src/billing/stripe/payment-methods.ts +76 -0
package/src/billing/stripe/portal.test.ts +63 -0
package/src/billing/stripe/portal.ts +25 -0
package/src/billing/stripe/setup-intent.test.ts +78 -0
package/src/billing/stripe/setup-intent.ts +34 -0
package/src/billing/stripe/stripe-payment-processor.test.ts +517 -0
package/src/billing/stripe/stripe-payment-processor.ts +255 -0
package/src/billing/stripe/tenant-store.test.ts +124 -0
package/src/billing/stripe/tenant-store.ts +151 -0
package/src/billing/stripe/types.ts +53 -0
package/src/billing/webhook-seen-repository.ts +24 -0
package/src/config/billing-env.test.ts +54 -0
package/src/config/index.ts +44 -0
package/src/config/logger.ts +12 -0
package/src/config/provider-endpoints.ts +14 -0
package/src/credits/auto-topup-charge.test.ts +292 -0
package/src/credits/auto-topup-charge.ts +171 -0
package/src/credits/auto-topup-event-log-repository.test.ts +99 -0
package/src/credits/auto-topup-event-log-repository.ts +30 -0
package/src/credits/auto-topup-schedule.test.ts +179 -0
package/src/credits/auto-topup-schedule.ts +93 -0
package/src/credits/auto-topup-settings-repository.test.ts +123 -0
package/src/credits/auto-topup-settings-repository.ts +245 -0
package/src/credits/auto-topup-usage.test.ts +220 -0
package/src/credits/auto-topup-usage.ts +68 -0
package/src/credits/credit-expiry-cron.test.ts +125 -0
package/src/credits/credit-expiry-cron.ts +76 -0
package/src/credits/credit-ledger-extra.test.ts +57 -0
package/src/credits/credit-ledger.bench.ts +56 -0
package/src/credits/credit-ledger.test.ts +276 -0
package/src/credits/credit-ledger.ts +450 -0
package/src/credits/credit-transaction-repository.test.ts +274 -0
package/src/credits/credit-transaction-repository.ts +62 -0
package/src/credits/credit.test.ts +234 -0
package/src/credits/credit.ts +160 -0
package/src/credits/dividend-cron.test.ts +158 -0
package/src/credits/dividend-cron.ts +127 -0
package/src/credits/dividend-repository.test.ts +223 -0
package/src/credits/dividend-repository.ts +182 -0
package/src/credits/index.ts +25 -0
package/src/credits/repository-types.ts +33 -0
package/src/credits/signup-grant.test.ts +63 -0
package/src/credits/signup-grant.ts +44 -0
package/src/credits/tenant-customer-repository.ts +28 -0
package/src/db/auth-user-repository.ts +124 -0
package/src/db/credit-column.ts +17 -0
package/src/db/index.ts +21 -0
package/src/db/schema/account-deletion-requests.ts +41 -0
package/src/db/schema/account-export-requests.ts +24 -0
package/src/db/schema/admin-audit.ts +26 -0
package/src/db/schema/admin-users.ts +31 -0
package/src/db/schema/affiliate-fraud.ts +23 -0
package/src/db/schema/affiliate.ts +38 -0
package/src/db/schema/coupon-codes.ts +22 -0
package/src/db/schema/credit-auto-topup-settings.ts +32 -0
package/src/db/schema/credit-auto-topup.ts +26 -0
package/src/db/schema/credits.ts +44 -0
package/src/db/schema/dividend-distributions.ts +24 -0
package/src/db/schema/email-notifications.ts +26 -0
package/src/db/schema/index.ts +33 -0
package/src/db/schema/meter-events.ts +70 -0
package/src/db/schema/notification-preferences.ts +19 -0
package/src/db/schema/notification-queue.ts +45 -0
package/src/db/schema/org-memberships.ts +20 -0
package/src/db/schema/organization-members.ts +37 -0
package/src/db/schema/payram.ts +26 -0
package/src/db/schema/platform-api-keys.ts +25 -0
package/src/db/schema/promotion-redemptions.ts +23 -0
package/src/db/schema/promotions.ts +57 -0
package/src/db/schema/provider-credentials.ts +41 -0
package/src/db/schema/rate-limit-entries.ts +12 -0
package/src/db/schema/secret-audit-log.ts +20 -0
package/src/db/schema/session-usage.ts +24 -0
package/src/db/schema/spending-limits.ts +9 -0
package/src/db/schema/tenant-addons.ts +14 -0
package/src/db/schema/tenant-api-keys.ts +26 -0
package/src/db/schema/tenant-capability-settings.ts +17 -0
package/src/db/schema/tenant-customers.ts +35 -0
package/src/db/schema/tenants.ts +23 -0
package/src/db/schema/user-roles.ts +23 -0
package/src/db/schema/webhook-seen-events.ts +14 -0
package/src/email/billing-emails.test.ts +198 -0
package/src/email/billing-emails.ts +211 -0
package/src/email/client.test.ts +149 -0
package/src/email/client.ts +137 -0
package/src/email/drizzle-billing-email-repository.test.ts +52 -0
package/src/email/drizzle-billing-email-repository.ts +59 -0
package/src/email/index.ts +57 -0
package/src/email/notification-preferences-store.test.ts +102 -0
package/src/email/notification-preferences-store.ts +90 -0
package/src/email/notification-queue-store.test.ts +215 -0
package/src/email/notification-queue-store.ts +127 -0
package/src/email/notification-repository-types.ts +101 -0
package/src/email/notification-service.test.ts +178 -0
package/src/email/notification-service.ts +265 -0
package/src/email/notification-templates.test.ts +261 -0
package/src/email/notification-templates.ts +727 -0
package/src/email/notification-worker.test.ts +189 -0
package/src/email/notification-worker.ts +133 -0
package/src/email/require-verified.ts +65 -0
package/src/email/resend-adapter.test.ts +253 -0
package/src/email/resend-adapter.ts +157 -0
package/src/email/templates.test.ts +217 -0
package/src/email/templates.ts +469 -0
package/src/email/verification.test.ts +185 -0
package/src/email/verification.ts +110 -0
package/src/index.ts +51 -0
package/src/metering/aggregator.test.ts +239 -0
package/src/metering/aggregator.ts +160 -0
package/src/metering/dlq.test.ts +134 -0
package/src/metering/dlq.ts +102 -0
package/src/metering/drizzle-usage-summary-repository.ts +167 -0
package/src/metering/emitter.test.ts +202 -0
package/src/metering/emitter.ts +227 -0
package/src/metering/index.ts +21 -0
package/src/metering/load-test.bench.ts +130 -0
package/src/metering/meter-event-repository.ts +87 -0
package/src/metering/meter-repositories.test.ts +491 -0
package/src/metering/metering.test.ts +1317 -0
package/src/metering/reconciliation-cron.test.ts +202 -0
package/src/metering/reconciliation-cron.ts +134 -0
package/src/metering/reconciliation-repository.test.ts +196 -0
package/src/metering/reconciliation-repository.ts +83 -0
package/src/metering/types.ts +93 -0
package/src/metering/wal.test.ts +222 -0
package/src/metering/wal.ts +139 -0
package/src/middleware/csrf.test.ts +178 -0
package/src/middleware/csrf.ts +101 -0
package/src/middleware/drizzle-rate-limit-repository.test.ts +97 -0
package/src/middleware/drizzle-rate-limit-repository.ts +57 -0
package/src/middleware/get-client-ip.test.ts +49 -0
package/src/middleware/get-client-ip.ts +62 -0
package/src/middleware/index.ts +12 -0
package/src/middleware/rate-limit-repository.ts +22 -0
package/src/middleware/rate-limit.test.ts +338 -0
package/src/middleware/rate-limit.ts +169 -0
package/src/security/credential-vault/audit-repository.test.ts +91 -0
package/src/security/credential-vault/audit-repository.ts +64 -0
package/src/security/credential-vault/credential-repository.test.ts +264 -0
package/src/security/credential-vault/credential-repository.ts +233 -0
package/src/security/credential-vault/index.ts +26 -0
package/src/security/credential-vault/key-rotation.test.ts +139 -0
package/src/security/credential-vault/key-rotation.ts +70 -0
package/src/security/credential-vault/migrate-plaintext.test.ts +138 -0
package/src/security/credential-vault/migrate-plaintext.ts +101 -0
package/src/security/credential-vault/migration-check.test.ts +533 -0
package/src/security/credential-vault/migration-check.ts +88 -0
package/src/security/credential-vault/store.test.ts +569 -0
package/src/security/credential-vault/store.ts +284 -0
package/src/security/encryption.test.ts +114 -0
package/src/security/encryption.ts +65 -0
package/src/security/host-validation.test.ts +136 -0
package/src/security/host-validation.ts +116 -0
package/src/security/index.ts +59 -0
package/src/security/key-audit.test.ts +57 -0
package/src/security/key-audit.ts +45 -0
package/src/security/key-injection.test.ts +131 -0
package/src/security/key-injection.ts +71 -0
package/src/security/key-validation.test.ts +111 -0
package/src/security/key-validation.ts +84 -0
package/src/security/redirect-allowlist.test.ts +70 -0
package/src/security/redirect-allowlist.ts +35 -0
package/src/security/tenant-keys/capability-settings-store.test.ts +98 -0
package/src/security/tenant-keys/capability-settings-store.ts +53 -0
package/src/security/tenant-keys/index.ts +10 -0
package/src/security/tenant-keys/key-resolution-repository.test.ts +95 -0
package/src/security/tenant-keys/key-resolution-repository.ts +31 -0
package/src/security/tenant-keys/key-resolution.test.ts +173 -0
package/src/security/tenant-keys/key-resolution.ts +87 -0
package/src/security/tenant-keys/org-key-resolution.test.ts +217 -0
package/src/security/tenant-keys/org-key-resolution.ts +76 -0
package/src/security/tenant-keys/tenant-key-repository.test.ts +143 -0
package/src/security/tenant-keys/tenant-key-repository.ts +130 -0
package/src/security/types.ts +43 -0
package/src/tenancy/drizzle-org-repository.ts +169 -0
package/src/tenancy/index.ts +6 -0
package/src/tenancy/org-member-repository.ts +159 -0
package/src/tenancy/org-repository.test.ts +172 -0
package/src/tenancy/org-service.test.ts +634 -0
package/src/tenancy/org-service.ts +290 -0
package/src/test/db.ts +97 -0
package/src/trpc/index.ts +11 -0
package/src/trpc/init.test.ts +196 -0
package/src/trpc/init.ts +138 -0
package/tsconfig.json +20 -0
package/vitest.config.ts +8 -0

package/dist/credits/dividend-repository.js ADDED Viewed

@@ -0,0 +1,126 @@
+import { and, desc, eq, gte, lt, sql } from "drizzle-orm";
+import { adminUsers } from "../db/schema/admin-users.js";
+import { creditTransactions } from "../db/schema/credits.js";
+import { dividendDistributions } from "../db/schema/dividend-distributions.js";
+import { Credit } from "./credit.js";
+export class DrizzleDividendRepository {
+    db;
+    constructor(db) {
+        this.db = db;
+    }
+    async getStats(tenantId) {
+        // 1. Pool = sum of purchase amounts from yesterday UTC
+        const poolRow = (await this.db
+            // raw SQL: Drizzle cannot express COALESCE(SUM(...), 0) aggregate
+            .select({ total: sql `COALESCE(SUM(${creditTransactions.amount}), 0)` })
+            .from(creditTransactions)
+            .where(and(eq(creditTransactions.type, "purchase"),
+        // raw SQL: Drizzle cannot express date_trunc with interval arithmetic
+        sql `${creditTransactions.createdAt}::timestamp >= date_trunc('day', timezone('UTC', now())) - INTERVAL '1 day'`, sql `${creditTransactions.createdAt}::timestamp < date_trunc('day', timezone('UTC', now()))`)))[0];
+        const poolCents = poolRow?.total ?? 0;
+        const pool = Credit.fromCents(poolCents);
+        // 2. Active users = distinct tenants with a purchase in the last 7 days
+        const activeRow = (await this.db
+            // raw SQL: Drizzle cannot express COUNT(DISTINCT col)
+            .select({ count: sql `COUNT(DISTINCT ${creditTransactions.tenantId})` })
+            .from(creditTransactions)
+            .where(and(eq(creditTransactions.type, "purchase"),
+        // raw SQL: Drizzle cannot express timestamp comparison with interval arithmetic
+        sql `${creditTransactions.createdAt}::timestamp >= timezone('UTC', now()) - INTERVAL '7 days'`)))[0];
+        const activeUsers = activeRow?.count ?? 0;
+        // 3. Per-user projection (avoid division by zero)
+        const perUser = activeUsers > 0 ? Credit.fromRaw(Math.floor(pool.toRaw() / activeUsers)) : Credit.ZERO;
+        // 4. Next distribution = midnight UTC tonight
+        const now = new Date();
+        const nextMidnight = new Date(Date.UTC(now.getUTCFullYear(), now.getUTCMonth(), now.getUTCDate() + 1, 0, 0, 0));
+        const nextDistributionAt = nextMidnight.toISOString();
+        // 5. User eligibility — last purchase within 7 days
+        const userPurchaseRow = (await this.db
+            .select({ createdAt: creditTransactions.createdAt })
+            .from(creditTransactions)
+            .where(and(eq(creditTransactions.tenantId, tenantId), eq(creditTransactions.type, "purchase")))
+            .orderBy(desc(creditTransactions.createdAt))
+            .limit(1))[0];
+        let userEligible = false;
+        let userLastPurchaseAt = null;
+        let userWindowExpiresAt = null;
+        if (userPurchaseRow) {
+            const rawTs = userPurchaseRow.createdAt;
+            // Parse the timestamp directly. PGlite may return ISO strings with or without
+            // timezone suffix. JavaScript's Date constructor handles ISO 8601 strings natively.
+            const lastPurchase = new Date(rawTs);
+            userLastPurchaseAt = lastPurchase.toISOString();
+            const windowExpiry = new Date(lastPurchase.getTime() + 7 * 24 * 60 * 60 * 1000);
+            userWindowExpiresAt = windowExpiry.toISOString();
+            userEligible = windowExpiry.getTime() > Date.now();
+        }
+        return {
+            pool,
+            activeUsers,
+            perUser,
+            nextDistributionAt,
+            userEligible,
+            userLastPurchaseAt,
+            userWindowExpiresAt,
+        };
+    }
+    async getHistory(tenantId, limit, offset) {
+        const safeLimit = Math.min(Math.max(1, limit), 250);
+        const safeOffset = Math.max(0, offset);
+        const rows = await this.db
+            .select({
+            date: dividendDistributions.date,
+            amountCents: dividendDistributions.amountCents,
+            poolCents: dividendDistributions.poolCents,
+            activeUsers: dividendDistributions.activeUsers,
+        })
+            .from(dividendDistributions)
+            .where(eq(dividendDistributions.tenantId, tenantId))
+            .orderBy(desc(dividendDistributions.date))
+            .limit(safeLimit)
+            .offset(safeOffset);
+        return rows.map((row) => ({
+            date: row.date,
+            amount: Credit.fromCents(row.amountCents),
+            pool: Credit.fromCents(row.poolCents),
+            activeUsers: row.activeUsers,
+        }));
+    }
+    async getLifetimeTotal(tenantId) {
+        const row = (await this.db
+            // raw SQL: Drizzle cannot express COALESCE(SUM(...), 0) aggregate
+            .select({ total: sql `COALESCE(SUM(${dividendDistributions.amountCents}), 0)` })
+            .from(dividendDistributions)
+            .where(eq(dividendDistributions.tenantId, tenantId)))[0];
+        return Credit.fromCents(row?.total ?? 0);
+    }
+    async getDigestTenantAggregates(windowStart, windowEnd) {
+        const rows = await this.db
+            .select({
+            tenantId: dividendDistributions.tenantId,
+            // raw SQL: Drizzle cannot express SUM/COUNT(DISTINCT)/AVG with CAST aggregates
+            totalCents: sql `SUM(${dividendDistributions.amountCents})`,
+            distributionCount: sql `COUNT(DISTINCT ${dividendDistributions.date})`,
+            avgPoolCents: sql `CAST(AVG(${dividendDistributions.poolCents}) AS INTEGER)`,
+            avgActiveUsers: sql `CAST(AVG(${dividendDistributions.activeUsers}) AS INTEGER)`,
+        })
+            .from(dividendDistributions)
+            .where(and(gte(dividendDistributions.date, windowStart), lt(dividendDistributions.date, windowEnd)))
+            .groupBy(dividendDistributions.tenantId);
+        return rows.map((row) => ({
+            tenantId: row.tenantId,
+            total: Credit.fromCents(row.totalCents),
+            distributionCount: row.distributionCount,
+            avgPool: Credit.fromCents(row.avgPoolCents),
+            avgActiveUsers: row.avgActiveUsers,
+        }));
+    }
+    async getTenantEmail(tenantId) {
+        const row = (await this.db
+            .select({ email: adminUsers.email })
+            .from(adminUsers)
+            .where(eq(adminUsers.tenantId, tenantId))
+            .limit(1))[0];
+        return row?.email;
+    }
+}

package/dist/credits/dividend-repository.test.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/credits/dividend-repository.test.js ADDED Viewed

@@ -0,0 +1,176 @@
+import crypto from "node:crypto";
+import { afterAll, beforeAll, beforeEach, describe, expect, it } from "vitest";
+import { adminUsers } from "../db/schema/admin-users.js";
+import { dividendDistributions } from "../db/schema/dividend-distributions.js";
+import { createTestDb, truncateAllTables } from "../test/db.js";
+import { Credit } from "./credit.js";
+import { CreditLedger } from "./credit-ledger.js";
+import { DrizzleDividendRepository } from "./dividend-repository.js";
+let pool;
+let db;
+beforeAll(async () => {
+    ({ db, pool } = await createTestDb());
+});
+afterAll(async () => {
+    await pool.close();
+});
+/** Insert a dividend_distributions row directly (bypassing repo — it has no write method). */
+async function seedDividend(opts) {
+    await db.insert(dividendDistributions).values({
+        id: crypto.randomUUID(),
+        tenantId: opts.tenantId,
+        date: opts.date,
+        amountCents: opts.amountCents,
+        poolCents: opts.poolCents,
+        activeUsers: opts.activeUsers,
+    });
+}
+/** Insert an admin_users row for getTenantEmail tests. */
+async function seedAdminUser(tenantId, email) {
+    await db.insert(adminUsers).values({
+        id: crypto.randomUUID(),
+        email,
+        tenantId,
+        status: "active",
+        role: "tenant_admin",
+        createdAt: Date.now(),
+    });
+}
+describe("DrizzleDividendRepository", () => {
+    let repo;
+    beforeEach(async () => {
+        await truncateAllTables(pool);
+        repo = new DrizzleDividendRepository(db);
+    });
+    // --- getHistory() ---
+    describe("getHistory()", () => {
+        it("returns empty array when tenant has no distributions", async () => {
+            const history = await repo.getHistory("nonexistent", 50, 0);
+            expect(history).toEqual([]);
+        });
+        it("returns distributions in reverse chronological order", async () => {
+            await seedDividend({ tenantId: "t1", date: "2026-01-01", amountCents: 10, poolCents: 1000, activeUsers: 5 });
+            await seedDividend({ tenantId: "t1", date: "2026-01-02", amountCents: 20, poolCents: 2000, activeUsers: 10 });
+            await seedDividend({ tenantId: "t1", date: "2026-01-03", amountCents: 30, poolCents: 3000, activeUsers: 15 });
+            const history = await repo.getHistory("t1", 50, 0);
+            expect(history).toHaveLength(3);
+            expect(history[0].date).toBe("2026-01-03");
+            expect(history[1].date).toBe("2026-01-02");
+            expect(history[2].date).toBe("2026-01-01");
+        });
+        it("converts amountCents and poolCents to Credit objects", async () => {
+            await seedDividend({ tenantId: "t1", date: "2026-01-15", amountCents: 42, poolCents: 5000, activeUsers: 8 });
+            const history = await repo.getHistory("t1", 50, 0);
+            expect(history).toHaveLength(1);
+            expect(history[0].amount.toCents()).toBe(42);
+            expect(history[0].pool.toCents()).toBe(5000);
+            expect(history[0].activeUsers).toBe(8);
+        });
+        it("respects limit and offset", async () => {
+            for (let i = 1; i <= 5; i++) {
+                await seedDividend({
+                    tenantId: "t1",
+                    date: `2026-01-0${i}`,
+                    amountCents: i * 10,
+                    poolCents: 1000,
+                    activeUsers: 5,
+                });
+            }
+            const page1 = await repo.getHistory("t1", 2, 0);
+            expect(page1).toHaveLength(2);
+            expect(page1[0].date).toBe("2026-01-05");
+            expect(page1[1].date).toBe("2026-01-04");
+            const page2 = await repo.getHistory("t1", 2, 2);
+            expect(page2).toHaveLength(2);
+            expect(page2[0].date).toBe("2026-01-03");
+        });
+        it("is tenant-isolated", async () => {
+            await seedDividend({ tenantId: "t1", date: "2026-01-01", amountCents: 10, poolCents: 1000, activeUsers: 5 });
+            await seedDividend({ tenantId: "t2", date: "2026-01-01", amountCents: 99, poolCents: 9000, activeUsers: 50 });
+            const t1History = await repo.getHistory("t1", 50, 0);
+            expect(t1History).toHaveLength(1);
+            expect(t1History[0].amount.toCents()).toBe(10);
+        });
+    });
+    // --- getLifetimeTotal() ---
+    describe("getLifetimeTotal()", () => {
+        it("returns Credit.ZERO when tenant has no distributions", async () => {
+            const total = await repo.getLifetimeTotal("nonexistent");
+            expect(total.toCents()).toBe(0);
+        });
+        it("sums all distributions for a tenant", async () => {
+            await seedDividend({ tenantId: "t1", date: "2026-01-01", amountCents: 10, poolCents: 1000, activeUsers: 5 });
+            await seedDividend({ tenantId: "t1", date: "2026-01-02", amountCents: 25, poolCents: 2000, activeUsers: 10 });
+            const total = await repo.getLifetimeTotal("t1");
+            expect(total.toCents()).toBe(35);
+        });
+        it("is tenant-isolated", async () => {
+            await seedDividend({ tenantId: "t1", date: "2026-01-01", amountCents: 10, poolCents: 1000, activeUsers: 5 });
+            await seedDividend({ tenantId: "t2", date: "2026-01-01", amountCents: 999, poolCents: 9000, activeUsers: 50 });
+            const total = await repo.getLifetimeTotal("t1");
+            expect(total.toCents()).toBe(10);
+        });
+    });
+    // --- getDigestTenantAggregates() ---
+    describe("getDigestTenantAggregates()", () => {
+        it("returns empty array when no distributions in window", async () => {
+            const result = await repo.getDigestTenantAggregates("2026-02-01", "2026-02-28");
+            expect(result).toEqual([]);
+        });
+        it("aggregates distributions per tenant within [windowStart, windowEnd)", async () => {
+            // In window
+            await seedDividend({ tenantId: "t1", date: "2026-02-01", amountCents: 10, poolCents: 1000, activeUsers: 5 });
+            await seedDividend({ tenantId: "t1", date: "2026-02-02", amountCents: 20, poolCents: 2000, activeUsers: 10 });
+            // Out of window
+            await seedDividend({ tenantId: "t1", date: "2026-03-01", amountCents: 999, poolCents: 9000, activeUsers: 50 });
+            const result = await repo.getDigestTenantAggregates("2026-02-01", "2026-03-01");
+            expect(result).toHaveLength(1);
+            expect(result[0].tenantId).toBe("t1");
+            expect(result[0].total.toCents()).toBe(30); // 10 + 20
+            expect(result[0].distributionCount).toBe(2);
+        });
+        it("returns multiple tenants", async () => {
+            await seedDividend({ tenantId: "t1", date: "2026-02-01", amountCents: 10, poolCents: 1000, activeUsers: 5 });
+            await seedDividend({ tenantId: "t2", date: "2026-02-01", amountCents: 50, poolCents: 5000, activeUsers: 20 });
+            const result = await repo.getDigestTenantAggregates("2026-02-01", "2026-03-01");
+            expect(result).toHaveLength(2);
+            const t1 = result.find((r) => r.tenantId === "t1");
+            const t2 = result.find((r) => r.tenantId === "t2");
+            expect(t1?.total.toCents()).toBe(10);
+            expect(t2?.total.toCents()).toBe(50);
+        });
+    });
+    // --- getStats() ---
+    describe("getStats()", () => {
+        it("returns zero pool and zero activeUsers when no purchase transactions exist", async () => {
+            const stats = await repo.getStats("t1");
+            expect(stats.pool.toCents()).toBe(0);
+            expect(stats.activeUsers).toBe(0);
+            expect(stats.perUser.toCents()).toBe(0);
+            expect(stats.userEligible).toBe(false);
+            expect(stats.userLastPurchaseAt).toBeNull();
+            expect(stats.userWindowExpiresAt).toBeNull();
+            expect(stats.nextDistributionAt).toEqual(expect.any(String));
+        });
+        it("marks user as eligible when they have a recent purchase", async () => {
+            const ledger = new CreditLedger(db);
+            await ledger.credit("t1", Credit.fromCents(100), "purchase", "recent buy");
+            const stats = await repo.getStats("t1");
+            expect(stats.userEligible).toBe(true);
+            expect(stats.userLastPurchaseAt).toEqual(expect.any(String));
+            expect(stats.userWindowExpiresAt).toEqual(expect.any(String));
+        });
+    });
+    // --- getTenantEmail() ---
+    describe("getTenantEmail()", () => {
+        it("returns undefined when tenant has no admin user", async () => {
+            const email = await repo.getTenantEmail("nonexistent");
+            expect(email).toBeUndefined();
+        });
+        it("returns the email for the tenant's admin user", async () => {
+            await seedAdminUser("t1", "alice@example.com");
+            const email = await repo.getTenantEmail("t1");
+            expect(email).toBe("alice@example.com");
+        });
+    });
+});

package/dist/credits/index.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+export type { AutoTopupSettings, IAutoTopupSettingsRepository, } from "./auto-topup-settings-repository.js";
+export { ALLOWED_SCHEDULE_INTERVALS, ALLOWED_THRESHOLDS, ALLOWED_TOPUP_AMOUNTS, computeNextScheduleAt, DrizzleAutoTopupSettingsRepository, } from "./auto-topup-settings-repository.js";
+export type { CreditExpiryCronConfig, CreditExpiryCronResult } from "./credit-expiry-cron.js";
+export { runCreditExpiryCron } from "./credit-expiry-cron.js";
+export type { CreditTransaction, CreditType, DebitType, HistoryOptions, ICreditLedger, TransactionType, } from "./credit-ledger.js";
+export { CreditLedger, DrizzleCreditLedger, InsufficientBalanceError } from "./credit-ledger.js";
+export { grantSignupCredits, SIGNUP_GRANT } from "./signup-grant.js";
+export { Credit } from "./credit.js";
+export type { ITenantCustomerRepository, TenantCustomerRow } from "./tenant-customer-repository.js";

package/dist/credits/index.js ADDED Viewed

@@ -0,0 +1,5 @@
+export { ALLOWED_SCHEDULE_INTERVALS, ALLOWED_THRESHOLDS, ALLOWED_TOPUP_AMOUNTS, computeNextScheduleAt, DrizzleAutoTopupSettingsRepository, } from "./auto-topup-settings-repository.js";
+export { runCreditExpiryCron } from "./credit-expiry-cron.js";
+export { CreditLedger, DrizzleCreditLedger, InsufficientBalanceError } from "./credit-ledger.js";
+export { grantSignupCredits, SIGNUP_GRANT } from "./signup-grant.js";
+export { Credit } from "./credit.js";

package/dist/credits/repository-types.d.ts ADDED Viewed

@@ -0,0 +1,29 @@
+import type { Credit } from "./credit.js";
+/** Domain type for a provisioned phone number tracked for monthly billing. */
+export interface ProvisionedPhoneNumber {
+    sid: string;
+    tenantId: string;
+    phoneNumber: string;
+    provisionedAt: string;
+    lastBilledAt: string | null;
+}
+export interface DividendStats {
+    pool: Credit;
+    activeUsers: number;
+    perUser: Credit;
+    nextDistributionAt: string;
+    userEligible: boolean;
+    userLastPurchaseAt: string | null;
+    userWindowExpiresAt: string | null;
+}
+export interface DividendHistoryEntry {
+    date: string;
+    amount: Credit;
+    pool: Credit;
+    activeUsers: number;
+}
+export interface WebhookSeenEvent {
+    eventId: string;
+    source: string;
+    seenAt: number;
+}

package/dist/credits/repository-types.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/credits/signup-grant.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import { Credit } from "./credit.js";
+import type { ICreditLedger } from "./credit-ledger.js";
+/** Signup grant amount: $5.00 */
+export declare const SIGNUP_GRANT: Credit;
+/**
+ * Grant the signup credit bonus to a newly verified tenant.
+ *
+ * Idempotent: uses `signup:<tenantId>` as referenceId to prevent double-grants.
+ *
+ * @returns true if the grant was applied, false if already granted.
+ */
+export declare function grantSignupCredits(ledger: ICreditLedger, tenantId: string): Promise<boolean>;

package/dist/credits/signup-grant.js ADDED Viewed

@@ -0,0 +1,35 @@
+import { Credit } from "./credit.js";
+/** Signup grant amount: $5.00 */
+export const SIGNUP_GRANT = Credit.fromDollars(5);
+/**
+ * Grant the signup credit bonus to a newly verified tenant.
+ *
+ * Idempotent: uses `signup:<tenantId>` as referenceId to prevent double-grants.
+ *
+ * @returns true if the grant was applied, false if already granted.
+ */
+export async function grantSignupCredits(ledger, tenantId) {
+    const refId = `signup:${tenantId}`;
+    // Idempotency check
+    if (await ledger.hasReferenceId(refId)) {
+        return false;
+    }
+    try {
+        await ledger.credit(tenantId, SIGNUP_GRANT, "signup_grant", "Welcome bonus — $5.00 credit on email verification", refId);
+    }
+    catch (err) {
+        // Concurrent verify-email request won the race and already inserted the same referenceId.
+        // Treat unique constraint violation as a no-op (idempotent).
+        if (isUniqueConstraintViolation(err))
+            return false;
+        throw err;
+    }
+    return true;
+}
+function isUniqueConstraintViolation(err) {
+    if (!(err instanceof Error))
+        return false;
+    if (err.code === "23505")
+        return true;
+    return err.message.includes("UNIQUE") || err.message.includes("duplicate key");
+}

package/dist/credits/signup-grant.test.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/credits/signup-grant.test.js ADDED Viewed

@@ -0,0 +1,51 @@
+import { afterAll, beforeAll, beforeEach, describe, expect, it, vi } from "vitest";
+import { createTestDb, truncateAllTables } from "../test/db.js";
+import { CreditLedger } from "./credit-ledger.js";
+import { grantSignupCredits, SIGNUP_GRANT } from "./signup-grant.js";
+describe("grantSignupCredits", () => {
+    let pool;
+    let db;
+    let ledger;
+    beforeAll(async () => {
+        ({ db, pool } = await createTestDb());
+    });
+    afterAll(async () => {
+        await pool.close();
+    });
+    beforeEach(async () => {
+        await truncateAllTables(pool);
+        ledger = new CreditLedger(db);
+    });
+    it("grants credits to a new tenant and returns true", async () => {
+        const result = await grantSignupCredits(ledger, "tenant-1");
+        expect(result).toBe(true);
+        expect((await ledger.balance("tenant-1")).toCents()).toBe(SIGNUP_GRANT.toCents());
+    });
+    it("returns false for duplicate grant (idempotency)", async () => {
+        await grantSignupCredits(ledger, "tenant-1");
+        const result = await grantSignupCredits(ledger, "tenant-1");
+        expect(result).toBe(false);
+        expect((await ledger.balance("tenant-1")).toCents()).toBe(SIGNUP_GRANT.toCents());
+    });
+    it("grants independently to different tenants", async () => {
+        await grantSignupCredits(ledger, "tenant-1");
+        await grantSignupCredits(ledger, "tenant-2");
+        expect((await ledger.balance("tenant-1")).toCents()).toBe(SIGNUP_GRANT.toCents());
+        expect((await ledger.balance("tenant-2")).toCents()).toBe(SIGNUP_GRANT.toCents());
+    });
+    it("SIGNUP_GRANT.toCents() equals 500", () => {
+        expect(SIGNUP_GRANT.toCents()).toBe(500);
+    });
+    it("returns false when credit() throws a unique constraint violation (TOCTOU race)", async () => {
+        // Simulate two concurrent requests: both pass hasReferenceId check,
+        // then the second credit() call loses the race and gets a unique constraint error.
+        const uniqueErr = Object.assign(new Error("duplicate key value violates unique constraint"), {
+            code: "23505",
+        });
+        const racingLedger = new CreditLedger(db);
+        vi.spyOn(racingLedger, "hasReferenceId").mockResolvedValue(false);
+        vi.spyOn(racingLedger, "credit").mockRejectedValue(uniqueErr);
+        const result = await grantSignupCredits(racingLedger, "tenant-race");
+        expect(result).toBe(false);
+    });
+});

package/dist/credits/tenant-customer-repository.d.ts ADDED Viewed

@@ -0,0 +1,30 @@
+/**
+ * Stub interface for tenant-customer repository.
+ * The Drizzle implementation lives in the billing module (extracted in Task 12).
+ */
+export interface TenantCustomerRow {
+    tenant: string;
+    processor_customer_id: string;
+    processor: string;
+    tier: string;
+    billing_hold: number;
+    inference_mode: string;
+    created_at: number;
+    updated_at: number;
+}
+export interface ITenantCustomerRepository {
+    getByTenant(tenant: string): Promise<TenantCustomerRow | null>;
+    getByProcessorCustomerId(processorCustomerId: string): Promise<TenantCustomerRow | null>;
+    upsert(row: {
+        tenant: string;
+        processorCustomerId: string;
+        tier?: string;
+    }): Promise<void>;
+    setTier(tenant: string, tier: string): Promise<void>;
+    setBillingHold(tenant: string, hold: boolean): Promise<void>;
+    hasBillingHold(tenant: string): Promise<boolean>;
+    getInferenceMode(tenant: string): Promise<string>;
+    setInferenceMode(tenant: string, mode: string): Promise<void>;
+    list(): Promise<TenantCustomerRow[]>;
+    buildCustomerIdMap(): Promise<Record<string, string>>;
+}

package/dist/credits/tenant-customer-repository.js ADDED Viewed

@@ -0,0 +1,5 @@
+/**
+ * Stub interface for tenant-customer repository.
+ * The Drizzle implementation lives in the billing module (extracted in Task 12).
+ */
+export {};

package/dist/db/auth-user-repository.d.ts ADDED Viewed

@@ -0,0 +1,46 @@
+/**
+ * Auth user repository — read/write the better-auth PostgreSQL user and account tables.
+ *
+ * Uses raw pg queries because better-auth manages its own schema
+ * independently of Drizzle.
+ */
+import type { Pool } from "pg";
+/**
+ * Ensure the twoFactorEnabled column exists on the better-auth user table.
+ * Idempotent — safe to call on every startup alongside runAuthMigrations().
+ */
+export declare function initTwoFactorSchema(pool: Pool): Promise<void>;
+export interface AuthUser {
+    id: string;
+    name: string;
+    email: string;
+    image: string | null;
+    twoFactorEnabled: boolean;
+}
+export interface LinkedAccount {
+    id: string;
+    providerId: string;
+    accountId: string;
+}
+export interface IAuthUserRepository {
+    getUser(userId: string): Promise<AuthUser | null>;
+    updateUser(userId: string, data: {
+        name?: string;
+        image?: string | null;
+    }): Promise<AuthUser>;
+    changePassword(userId: string, currentPassword: string, newPassword: string): Promise<boolean>;
+    listAccounts(userId: string): Promise<LinkedAccount[]>;
+    unlinkAccount(userId: string, providerId: string): Promise<boolean>;
+}
+export declare class BetterAuthUserRepository implements IAuthUserRepository {
+    private readonly pool;
+    constructor(pool: Pool);
+    getUser(userId: string): Promise<AuthUser | null>;
+    updateUser(userId: string, data: {
+        name?: string;
+        image?: string | null;
+    }): Promise<AuthUser>;
+    changePassword(userId: string, currentPassword: string, newPassword: string): Promise<boolean>;
+    listAccounts(userId: string): Promise<LinkedAccount[]>;
+    unlinkAccount(userId: string, providerId: string): Promise<boolean>;
+}

package/dist/db/auth-user-repository.js ADDED Viewed

@@ -0,0 +1,90 @@
+/**
+ * Auth user repository — read/write the better-auth PostgreSQL user and account tables.
+ *
+ * Uses raw pg queries because better-auth manages its own schema
+ * independently of Drizzle.
+ */
+import { hashPassword, verifyPassword } from "better-auth/crypto";
+/**
+ * Ensure the twoFactorEnabled column exists on the better-auth user table.
+ * Idempotent — safe to call on every startup alongside runAuthMigrations().
+ */
+export async function initTwoFactorSchema(pool) {
+    // raw SQL: better-auth manages its own schema outside Drizzle
+    await pool.query(`ALTER TABLE "user" ADD COLUMN IF NOT EXISTS "twoFactorEnabled" BOOLEAN NOT NULL DEFAULT false`);
+}
+export class BetterAuthUserRepository {
+    pool;
+    constructor(pool) {
+        this.pool = pool;
+    }
+    async getUser(userId) {
+        // raw SQL: better-auth manages its own schema outside Drizzle
+        const { rows } = await this.pool.query(`SELECT id, name, email, image, "twoFactorEnabled" FROM "user" WHERE id = $1`, [userId]);
+        const row = rows[0];
+        if (row)
+            row.twoFactorEnabled = row.twoFactorEnabled ?? false;
+        return row ?? null;
+    }
+    async updateUser(userId, data) {
+        const fields = [];
+        const values = [];
+        let paramIndex = 1;
+        if (data.name !== undefined) {
+            fields.push(`name = $${paramIndex++}`);
+            values.push(data.name);
+        }
+        if (data.image !== undefined) {
+            fields.push(`image = $${paramIndex++}`);
+            values.push(data.image);
+        }
+        if (fields.length > 0) {
+            values.push(userId);
+            // raw SQL: better-auth manages its own schema outside Drizzle
+            await this.pool.query(`UPDATE "user" SET ${fields.join(", ")} WHERE id = $${paramIndex}`, values);
+        }
+        // raw SQL: better-auth manages its own schema outside Drizzle
+        const { rows } = await this.pool.query(`SELECT id, name, email, image, "twoFactorEnabled" FROM "user" WHERE id = $1`, [userId]);
+        if (rows.length === 0)
+            throw new Error(`User not found: ${userId}`);
+        const result = rows[0];
+        result.twoFactorEnabled = result.twoFactorEnabled ?? false;
+        return result;
+    }
+    async changePassword(userId, currentPassword, newPassword) {
+        // raw SQL: better-auth manages its own schema outside Drizzle
+        const { rows } = await this.pool.query(`SELECT password FROM account WHERE user_id = $1 AND provider_id = 'credential'`, [userId]);
+        const row = rows[0];
+        if (!row?.password)
+            return false;
+        const valid = await verifyPassword({ hash: row.password, password: currentPassword });
+        if (!valid)
+            return false;
+        const newHash = await hashPassword(newPassword);
+        // raw SQL: better-auth manages its own schema outside Drizzle
+        await this.pool.query(`UPDATE account SET password = $1 WHERE user_id = $2 AND provider_id = 'credential'`, [
+            newHash,
+            userId,
+        ]);
+        return true;
+    }
+    async listAccounts(userId) {
+        // raw SQL: better-auth manages its own schema outside Drizzle
+        const { rows } = await this.pool.query(`SELECT id, provider_id, account_id FROM account WHERE user_id = $1`, [
+            userId,
+        ]);
+        return rows.map((r) => ({
+            id: r.id,
+            providerId: r.provider_id,
+            accountId: r.account_id,
+        }));
+    }
+    async unlinkAccount(userId, providerId) {
+        // raw SQL: better-auth manages its own schema outside Drizzle
+        const { rowCount } = await this.pool.query(`DELETE FROM account WHERE user_id = $1 AND provider_id = $2`, [
+            userId,
+            providerId,
+        ]);
+        return (rowCount ?? 0) > 0;
+    }
+}

package/dist/db/credit-column.d.ts ADDED Viewed

@@ -0,0 +1,27 @@
+import { Credit } from "../credits/credit.js";
+export declare const creditColumn: {
+    (): import("drizzle-orm/pg-core").PgCustomColumnBuilder<{
+        name: "";
+        dataType: "custom";
+        columnType: "PgCustomColumn";
+        data: Credit;
+        driverParam: string;
+        enumValues: undefined;
+    }>;
+    <TConfig extends Record<string, any>>(fieldConfig?: TConfig | undefined): import("drizzle-orm/pg-core").PgCustomColumnBuilder<{
+        name: "";
+        dataType: "custom";
+        columnType: "PgCustomColumn";
+        data: Credit;
+        driverParam: string;
+        enumValues: undefined;
+    }>;
+    <TName extends string>(dbName: TName, fieldConfig?: unknown): import("drizzle-orm/pg-core").PgCustomColumnBuilder<{
+        name: TName;
+        dataType: "custom";
+        columnType: "PgCustomColumn";
+        data: Credit;
+        driverParam: string;
+        enumValues: undefined;
+    }>;
+};