@zentto/platform-client 0.1.0 → 0.3.0

package/README.md

@@ -1,6 +1,8 @@
 # @zentto/platform-client
 
-Cliente oficial tipado para los servicios de plataforma Zentto: **notify**, **cache** (pronto), **auth** (pronto), **landing** (pronto).
+Cliente oficial tipado para los servicios de plataforma Zentto: **notify**, **auth**, **cache**, **landing**, **events**.
+
+Incluye circuit breaker, auto-refresh de JWT, errores tipados (AuthError, RateLimitedError, ServiceError, etc.) y event bus sobre Kafka.
 
 Úsalo desde el ERP, cualquier vertical (hotel, medical, tickets, rental, education, inmobiliario…) o un sitio externo de un tenant cliente.
 
@@ -40,7 +42,92 @@ Variables de entorno:
 | `NOTIFY_API_KEY` | — | Master key del servicio (server-to-server) |
 | `API_MASTER_KEY` | — | Fallback legacy |
 
-### Construcción manual (multi-tenant, tests)
+### Auth (zentto-auth)
+
+```ts
+import { authFromEnv, AuthClient } from "@zentto/platform-client/auth";
+
+// Service-to-service (backend) — provisioning de owners desde el ERP
+const svc = authFromEnv(); // lee AUTH_SERVICE_URL + AUTH_SERVICE_KEY
+await svc.admin.provisionOwner({
+  email, fullName, companyId, companyCode, sendMagicLink: true,
+});
+
+// User-facing (con JWT del usuario)
+const user = new AuthClient({ accessToken: jwt });
+const me = await user.me();
+```
+
+### Cache (zentto-cache)
+
+```ts
+import { cacheFromEnv } from "@zentto/platform-client/cache";
+const c = cacheFromEnv(); // lee CACHE_URL + CACHE_APP_KEY
+
+await c.gridLayouts.put("invoices-list", layoutJson, { companyId, userId });
+const res = await c.gridLayouts.get("invoices-list", { companyId, userId });
+// res.data.layout → layout guardado
+```
+
+### Events (bus Kafka)
+
+Requiere `kafkajs` como peer dependency (opcional):
+
+```bash
+npm install kafkajs
+```
+
+```ts
+import { EventBusClient } from "@zentto/platform-client/events";
+
+const bus = new EventBusClient({
+  brokers: ["kafka:9092"],
+  source: "zentto-hotel",
+  tenantCode: "ACME",
+});
+
+await bus.connect();
+
+// Producer
+await bus.publish({
+  eventType: "hotel.reservation.confirmed",
+  data: { reservationId: 42, guest: "Juan" },
+  correlationId: req.headers["x-request-id"],
+});
+
+// Consumer (otro proceso)
+bus.on(/^crm\..+/, async (evt) => {
+  console.log("got", evt.eventType, evt.data);
+});
+await bus.start();
+```
+
+Topic: `zentto.acme.hotel.reservation.confirmed`. Envelope estándar con `eventId` (dedup automática), `timestamp`, `source`, `correlationId`, `version`.
+
+### Errores tipados
+
+```ts
+import { AuthError, RateLimitedError, ServiceError } from "@zentto/platform-client";
+
+const r = await notify.email.send(...);
+if (!r.ok && r.errorInstance instanceof RateLimitedError) {
+  await wait(r.errorInstance.retryAfterSec ?? 30);
+}
+```
+
+### Landing (leads de tenants clientes)
+
+```ts
+import { LandingClient } from "@zentto/platform-client/landing";
+const landing = new LandingClient({ tenantKey: "zk_<prefix>_<secret>" });
+
+await landing.registerLead({
+  email, name, phone, topic: "sales", message, source: "acme.com",
+});
+// Cae en el crm.Lead del tenant dueño de la key.
+```
+
+### Construcción manual
 
 ```ts
 import { notify } from "@zentto/platform-client";

package/dist/auth/client.d.ts

@@ -0,0 +1,132 @@
+/**
+ * AuthClient — cliente tipado para zentto-auth (sso.zentto.net / auth.zentto.net).
+ *
+ * Expone dos modos:
+ *   - Cliente user-facing (frontend): cookies httpOnly + Bearer JWT.
+ *     Métodos: login, refresh, logout, me.
+ *   - Cliente service-to-service (backend): header `x-service-key`.
+ *     Métodos: admin.provisionOwner, admin.createMagicLink.
+ *
+ * setPassword es público (magic-link consumo), no requiere auth.
+ */
+import { type HttpConfig, type HttpResult } from "../internal/http.js";
+export interface AuthConfig {
+    baseUrl?: string;
+    /** Bearer JWT para llamadas user-facing. Opcional — algunos métodos no requieren. */
+    accessToken?: string;
+    /** Service key (`x-service-key`) para llamadas admin/provisioning. */
+    serviceKey?: string;
+    timeoutMs?: number;
+    retries?: number;
+    onError?: HttpConfig["onError"];
+}
+export interface AuthUser {
+    userId?: number;
+    username?: string;
+    email?: string;
+    displayName?: string;
+    isAdmin?: boolean;
+    mfaEnabled?: boolean;
+    [k: string]: unknown;
+}
+export interface LoginResponse {
+    user: AuthUser;
+    accessToken: string;
+    refreshToken?: string;
+    mfaChallengeToken?: string;
+}
+export interface MeResponse {
+    user: AuthUser;
+    modulos?: unknown[];
+    permisos?: unknown[];
+    companyAccesses?: unknown[];
+    defaultCompany?: unknown;
+}
+export interface ProvisionOwnerParams {
+    email: string;
+    fullName: string;
+    companyId: number;
+    companyCode: string;
+    tenantSubdomain?: string;
+    role?: string;
+    sendMagicLink?: boolean;
+    locale?: string;
+}
+export interface ProvisionOwnerResponse {
+    userId: number;
+    email: string;
+    magicLinkUrl?: string;
+    alreadyExisted?: boolean;
+}
+export interface MagicLinkParams {
+    email: string;
+    companyId: number;
+    purpose: "set_password" | "reset_password";
+    tenantSubdomain?: string;
+    ttlMinutes?: number;
+}
+export interface MagicLinkResponse {
+    url: string;
+    expiresAt: string;
+}
+export declare class AuthClient {
+    private readonly cfg;
+    private readonly serviceKey?;
+    private accessToken?;
+    private refreshInFlight?;
+    constructor(opts: AuthConfig);
+    setAccessToken(token: string | undefined): void;
+    private bearer;
+    /**
+     * Refresh coalescido: si varios requests 401 caen a la vez, solo uno
+     * llama a /auth/refresh y los demás esperan el mismo resultado.
+     */
+    private tryRefresh;
+    private service;
+    login(params: {
+        username: string;
+        password: string;
+        appId?: string;
+    }): Promise<HttpResult<LoginResponse>>;
+    loginMfa(params: {
+        mfaChallengeToken: string;
+        mfaToken: string;
+    }): Promise<HttpResult<LoginResponse>>;
+    refresh(): Promise<HttpResult<{
+        ok: boolean;
+        accessToken: string;
+    }>>;
+    logout(): Promise<HttpResult<{
+        ok: boolean;
+    }>>;
+    me(appId?: string): Promise<HttpResult<MeResponse>>;
+    registerForApp(params: {
+        email: string;
+        password: string;
+        displayName?: string;
+        appId: string;
+        role: string;
+        metadata?: Record<string, unknown>;
+    }): Promise<HttpResult<LoginResponse>>;
+    /** Consumo de magic-link (público). */
+    setPassword(params: {
+        token: string;
+        newPassword: string;
+    }): Promise<HttpResult<{
+        ok: boolean;
+        email: string;
+    }>>;
+    readonly admin: {
+        provisionOwner: (params: ProvisionOwnerParams) => Promise<HttpResult<ProvisionOwnerResponse>>;
+        createMagicLink: (params: MagicLinkParams) => Promise<HttpResult<MagicLinkResponse>>;
+    };
+}
+/**
+ * Factory desde env vars estándar:
+ *   AUTH_SERVICE_URL / AUTH_URL — default https://auth.zentto.net
+ *   AUTH_SERVICE_KEY — para llamadas admin (backend)
+ *
+ * Para user-facing, construí manualmente con `new AuthClient({ accessToken })`.
+ */
+export declare function authFromEnv(overrides?: Partial<AuthConfig>): AuthClient;
+//# sourceMappingURL=client.d.ts.map

package/dist/auth/client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../src/auth/client.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AACH,OAAO,EAAkC,KAAK,UAAU,EAAE,KAAK,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAEvG,MAAM,WAAW,UAAU;IACzB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,qFAAqF;IACrF,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,sEAAsE;IACtE,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,UAAU,CAAC,SAAS,CAAC,CAAC;CACjC;AAGD,MAAM,WAAW,QAAQ;IACvB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,CAAC,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;CACtB;AAED,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,QAAQ,CAAC;IACf,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,QAAQ,CAAC;IACf,OAAO,CAAC,EAAE,OAAO,EAAE,CAAC;IACpB,QAAQ,CAAC,EAAE,OAAO,EAAE,CAAC;IACrB,eAAe,CAAC,EAAE,OAAO,EAAE,CAAC;IAC5B,cAAc,CAAC,EAAE,OAAO,CAAC;CAC1B;AAED,MAAM,WAAW,oBAAoB;IACnC,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,sBAAsB;IACrC,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,cAAc,CAAC,EAAE,OAAO,CAAC;CAC1B;AAED,MAAM,WAAW,eAAe;IAC9B,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,cAAc,GAAG,gBAAgB,CAAC;IAC3C,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,iBAAiB;IAChC,GAAG,EAAE,MAAM,CAAC;IACZ,SAAS,EAAE,MAAM,CAAC;CACnB;AAGD,qBAAa,UAAU;IACrB,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAa;IACjC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAS;IACrC,OAAO,CAAC,WAAW,CAAC,CAAS;IAC7B,OAAO,CAAC,eAAe,CAAC,CAA8B;gBAE1C,IAAI,EAAE,UAAU;IAoB5B,cAAc,CAAC,KAAK,EAAE,MAAM,GAAG,SAAS,GAAG,IAAI;IAI/C,OAAO,CAAC,MAAM;IAId;;;OAGG;YACW,UAAU;IAexB,OAAO,CAAC,OAAO;IAMT,KAAK,CAAC,MAAM,EAAE;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;IASzG,QAAQ,CAAC,MAAM,EAAE;QAAE,iBAAiB,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;IASrG,OAAO,IAAI,OAAO,CAAC,UAAU,CAAC;QAAE,EAAE,EAAE,OAAO,CAAC;QAAC,WAAW,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAQpE,MAAM,IAAI,OAAO,CAAC,UAAU,CAAC;QAAE,EAAE,EAAE,OAAO,CAAA;KAAE,CAAC,CAAC;IAS9C,EAAE,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;IAUnD,cAAc,CAAC,MAAM,EAAE;QAC3B,KAAK,EAAE,MAAM,CAAC;QACd,QAAQ,EAAE,MAAM,CAAC;QACjB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,KAAK,EAAE,MAAM,CAAC;QACd,IAAI,EAAE,MAAM,CAAC;QACb,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;KACpC,GAAG,OAAO,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;IAQtC,uCAAuC;IACjC,WAAW,CAAC,MAAM,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,WAAW,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,UAAU,CAAC;QAAE,EAAE,EAAE,OAAO,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAStH,QAAQ,CAAC,KAAK;iCACa,oBAAoB,KAAG,OAAO,CAAC,UAAU,CAAC,sBAAsB,CAAC,CAAC;kCAQjE,eAAe,KAAG,OAAO,CAAC,UAAU,CAAC,iBAAiB,CAAC,CAAC;MAOlF;CACH;AAED;;;;;;GAMG;AACH,wBAAgB,WAAW,CAAC,SAAS,CAAC,EAAE,OAAO,CAAC,UAAU,CAAC,GAAG,UAAU,CAMvE"}

package/dist/auth/client.js

@@ -0,0 +1,157 @@
+/**
+ * AuthClient — cliente tipado para zentto-auth (sso.zentto.net / auth.zentto.net).
+ *
+ * Expone dos modos:
+ *   - Cliente user-facing (frontend): cookies httpOnly + Bearer JWT.
+ *     Métodos: login, refresh, logout, me.
+ *   - Cliente service-to-service (backend): header `x-service-key`.
+ *     Métodos: admin.provisionOwner, admin.createMagicLink.
+ *
+ * setPassword es público (magic-link consumo), no requiere auth.
+ */
+import { defaultHttpConfig, httpRequest } from "../internal/http.js";
+// ── Client ──────────────────────────────────────────────────────────────────
+export class AuthClient {
+    cfg;
+    serviceKey;
+    accessToken;
+    refreshInFlight;
+    constructor(opts) {
+        this.cfg = defaultHttpConfig({
+            baseUrl: opts.baseUrl ?? "https://auth.zentto.net",
+            timeoutMs: opts.timeoutMs,
+            retries: opts.retries,
+            onError: opts.onError,
+            // Intercepta 401 → intenta refresh + reintenta UNA vez con el nuevo Bearer.
+            // Evita que cada caller tenga que saber manejar expiración de tokens.
+            beforeRetry: async (err, ctx) => {
+                if (err.name !== "AuthError")
+                    return { retry: false };
+                if (ctx.path === "/auth/refresh")
+                    return { retry: false }; // no refresh durante refresh
+                const newToken = await this.tryRefresh();
+                if (!newToken)
+                    return { retry: false };
+                return { retry: true, headers: { Authorization: `Bearer ${newToken}` } };
+            },
+        });
+        this.accessToken = opts.accessToken;
+        this.serviceKey = opts.serviceKey;
+    }
+    setAccessToken(token) {
+        this.accessToken = token;
+    }
+    bearer() {
+        return this.accessToken ? { Authorization: `Bearer ${this.accessToken}` } : {};
+    }
+    /**
+     * Refresh coalescido: si varios requests 401 caen a la vez, solo uno
+     * llama a /auth/refresh y los demás esperan el mismo resultado.
+     */
+    async tryRefresh() {
+        if (!this.refreshInFlight) {
+            this.refreshInFlight = (async () => {
+                const res = await this.refresh();
+                const newToken = res.ok ? res.data?.accessToken : undefined;
+                if (newToken)
+                    this.accessToken = newToken;
+                return newToken;
+            })().finally(() => {
+                // Limpiar tras la resolución (con un tick de margen).
+                setTimeout(() => { this.refreshInFlight = undefined; }, 0);
+            });
+        }
+        return this.refreshInFlight;
+    }
+    service() {
+        if (!this.serviceKey)
+            throw new Error("AuthClient: serviceKey no configurada para este método");
+        return { "x-service-key": this.serviceKey };
+    }
+    // ── User-facing ──────────────────────────────────────────────────────────
+    async login(params) {
+        return httpRequest(this.cfg, {
+            method: "POST",
+            path: "/auth/login",
+            body: params,
+            credentials: "include",
+        });
+    }
+    async loginMfa(params) {
+        return httpRequest(this.cfg, {
+            method: "POST",
+            path: "/auth/login/mfa",
+            body: params,
+            credentials: "include",
+        });
+    }
+    async refresh() {
+        return httpRequest(this.cfg, {
+            method: "POST",
+            path: "/auth/refresh",
+            credentials: "include",
+        });
+    }
+    async logout() {
+        return httpRequest(this.cfg, {
+            method: "POST",
+            path: "/auth/logout",
+            credentials: "include",
+            headers: this.bearer(),
+        });
+    }
+    async me(appId) {
+        return httpRequest(this.cfg, {
+            method: "GET",
+            path: "/auth/me",
+            query: { appId },
+            headers: this.bearer(),
+            credentials: "include",
+        });
+    }
+    async registerForApp(params) {
+        return httpRequest(this.cfg, {
+            method: "POST",
+            path: "/auth/register-for-app",
+            body: params,
+        });
+    }
+    /** Consumo de magic-link (público). */
+    async setPassword(params) {
+        return httpRequest(this.cfg, {
+            method: "POST",
+            path: "/auth/set-password",
+            body: params,
+        });
+    }
+    // ── Service-to-service ───────────────────────────────────────────────────
+    admin = {
+        provisionOwner: (params) => httpRequest(this.cfg, {
+            method: "POST",
+            path: "/admin/users/provision-owner",
+            body: params,
+            headers: this.service(),
+        }),
+        createMagicLink: (params) => httpRequest(this.cfg, {
+            method: "POST",
+            path: "/admin/users/magic-link",
+            body: params,
+            headers: this.service(),
+        }),
+    };
+}
+/**
+ * Factory desde env vars estándar:
+ *   AUTH_SERVICE_URL / AUTH_URL — default https://auth.zentto.net
+ *   AUTH_SERVICE_KEY — para llamadas admin (backend)
+ *
+ * Para user-facing, construí manualmente con `new AuthClient({ accessToken })`.
+ */
+export function authFromEnv(overrides) {
+    return new AuthClient({
+        baseUrl: process.env.AUTH_SERVICE_URL ?? process.env.AUTH_URL,
+        serviceKey: process.env.AUTH_SERVICE_KEY,
+        ...overrides,
+    });
+}
+//# sourceMappingURL=client.js.map

package/dist/auth/client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../../src/auth/client.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AACH,OAAO,EAAE,iBAAiB,EAAE,WAAW,EAAoC,MAAM,qBAAqB,CAAC;AAsEvG,+EAA+E;AAC/E,MAAM,OAAO,UAAU;IACJ,GAAG,CAAa;IAChB,UAAU,CAAU;IAC7B,WAAW,CAAU;IACrB,eAAe,CAA+B;IAEtD,YAAY,IAAgB;QAC1B,IAAI,CAAC,GAAG,GAAG,iBAAiB,CAAC;YAC3B,OAAO,EAAE,IAAI,CAAC,OAAO,IAAI,yBAAyB;YAClD,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,4EAA4E;YAC5E,sEAAsE;YACtE,WAAW,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE;gBAC9B,IAAI,GAAG,CAAC,IAAI,KAAK,WAAW;oBAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;gBACtD,IAAI,GAAG,CAAC,IAAI,KAAK,eAAe;oBAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC,6BAA6B;gBACxF,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;gBACzC,IAAI,CAAC,QAAQ;oBAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;gBACvC,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,QAAQ,EAAE,EAAE,EAAE,CAAC;YAC3E,CAAC;SACF,CAAC,CAAC;QACH,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC;QACpC,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC;IACpC,CAAC;IAED,cAAc,CAAC,KAAyB;QACtC,IAAI,CAAC,WAAW,GAAG,KAAK,CAAC;IAC3B,CAAC;IAEO,MAAM;QACZ,OAAO,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,UAAU,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IACjF,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,UAAU;QACtB,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;YAC1B,IAAI,CAAC,eAAe,GAAG,CAAC,KAAK,IAAI,EAAE;gBACjC,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;gBACjC,MAAM,QAAQ,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;gBAC5D,IAAI,QAAQ;oBAAE,IAAI,CAAC,WAAW,GAAG,QAAQ,CAAC;gBAC1C,OAAO,QAAQ,CAAC;YAClB,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE;gBAChB,sDAAsD;gBACtD,UAAU,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,eAAe,GAAG,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC7D,CAAC,CAAC,CAAC;QACL,CAAC;QACD,OAAO,IAAI,CAAC,eAAe,CAAC;IAC9B,CAAC;IAEO,OAAO;QACb,IAAI,CAAC,IAAI,CAAC,UAAU;YAAE,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;QAChG,OAAO,EAAE,eAAe,EAAE,IAAI,CAAC,UAAU,EAAE,CAAC;IAC9C,CAAC;IAED,4EAA4E;IAC5E,KAAK,CAAC,KAAK,CAAC,MAA8D;QACxE,OAAO,WAAW,CAAgB,IAAI,CAAC,GAAG,EAAE;YAC1C,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,aAAa;YACnB,IAAI,EAAE,MAAM;YACZ,WAAW,EAAE,SAAS;SACvB,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,MAAuD;QACpE,OAAO,WAAW,CAAgB,IAAI,CAAC,GAAG,EAAE;YAC1C,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,iBAAiB;YACvB,IAAI,EAAE,MAAM;YACZ,WAAW,EAAE,SAAS;SACvB,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,OAAO;QACX,OAAO,WAAW,CAAC,IAAI,CAAC,GAAG,EAAE;YAC3B,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,eAAe;YACrB,WAAW,EAAE,SAAS;SACvB,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,MAAM;QACV,OAAO,WAAW,CAAC,IAAI,CAAC,GAAG,EAAE;YAC3B,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,cAAc;YACpB,WAAW,EAAE,SAAS;YACtB,OAAO,EAAE,IAAI,CAAC,MAAM,EAAE;SACvB,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,EAAE,CAAC,KAAc;QACrB,OAAO,WAAW,CAAa,IAAI,CAAC,GAAG,EAAE;YACvC,MAAM,EAAE,KAAK;YACb,IAAI,EAAE,UAAU;YAChB,KAAK,EAAE,EAAE,KAAK,EAAE;YAChB,OAAO,EAAE,IAAI,CAAC,MAAM,EAAE;YACtB,WAAW,EAAE,SAAS;SACvB,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,MAOpB;QACC,OAAO,WAAW,CAAgB,IAAI,CAAC,GAAG,EAAE;YAC1C,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,wBAAwB;YAC9B,IAAI,EAAE,MAAM;SACb,CAAC,CAAC;IACL,CAAC;IAED,uCAAuC;IACvC,KAAK,CAAC,WAAW,CAAC,MAA8C;QAC9D,OAAO,WAAW,CAAC,IAAI,CAAC,GAAG,EAAE;YAC3B,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,oBAAoB;YAC1B,IAAI,EAAE,MAAM;SACb,CAAC,CAAC;IACL,CAAC;IAED,4EAA4E;IACnE,KAAK,GAAG;QACf,cAAc,EAAE,CAAC,MAA4B,EAA+C,EAAE,CAC5F,WAAW,CAAyB,IAAI,CAAC,GAAG,EAAE;YAC5C,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,8BAA8B;YACpC,IAAI,EAAE,MAAM;YACZ,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE;SACxB,CAAC;QAEJ,eAAe,EAAE,CAAC,MAAuB,EAA0C,EAAE,CACnF,WAAW,CAAoB,IAAI,CAAC,GAAG,EAAE;YACvC,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,yBAAyB;YAC/B,IAAI,EAAE,MAAM;YACZ,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE;SACxB,CAAC;KACL,CAAC;CACH;AAED;;;;;;GAMG;AACH,MAAM,UAAU,WAAW,CAAC,SAA+B;IACzD,OAAO,IAAI,UAAU,CAAC;QACpB,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ;QAC7D,UAAU,EAAE,OAAO,CAAC,GAAG,CAAC,gBAAgB;QACxC,GAAG,SAAS;KACb,CAAC,CAAC;AACL,CAAC"}

package/dist/auth/index.d.ts

@@ -0,0 +1,2 @@
+export * from "./client.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/auth/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":"AAAA,cAAc,aAAa,CAAC"}

package/dist/auth/index.js

@@ -0,0 +1,2 @@
+export * from "./client.js";
+//# sourceMappingURL=index.js.map

package/dist/auth/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":"AAAA,cAAc,aAAa,CAAC"}

package/dist/cache/client.d.ts

@@ -0,0 +1,113 @@
+/**
+ * CacheClient — cliente tipado para zentto-cache (cache.zentto.net).
+ *
+ * Estandariza el header `x-client-key`. Cada recurso (grid-layouts,
+ * report-templates, studio-schemas, blog-posts) expone list/get/put/delete
+ * con la misma forma.
+ *
+ * Identidad del dueño del dato: `companyId` + (`userId` | `email`).
+ */
+import { type HttpConfig, type HttpResult } from "../internal/http.js";
+export interface CacheConfig {
+    baseUrl?: string;
+    /** Header `x-client-key` — identifica la app consumidora. */
+    clientKey: string;
+    timeoutMs?: number;
+    retries?: number;
+    onError?: HttpConfig["onError"];
+}
+export interface CacheIdentity {
+    companyId: number;
+    userId?: number | string;
+    email?: string;
+}
+export declare class CacheClient {
+    private readonly cfg;
+    private readonly clientKey;
+    constructor(opts: CacheConfig);
+    private headers;
+    private resource;
+    readonly gridLayouts: {
+        list: (id: CacheIdentity) => Promise<HttpResult<{
+            ok: boolean;
+        } & Record<string, string[]>>>;
+        get: (itemId: string, id: CacheIdentity) => Promise<HttpResult<{
+            ok: boolean;
+            layout?: unknown;
+            template?: unknown;
+            schema?: unknown;
+            post?: unknown;
+            updatedAt?: string;
+        }>>;
+        put: (itemId: string, value: unknown, id: CacheIdentity) => Promise<HttpResult<{
+            ok: boolean;
+        }>>;
+        delete: (itemId: string, id: CacheIdentity) => Promise<HttpResult<{
+            ok: boolean;
+        }>>;
+    };
+    readonly reportTemplates: {
+        list: (id: CacheIdentity) => Promise<HttpResult<{
+            ok: boolean;
+        } & Record<string, string[]>>>;
+        get: (itemId: string, id: CacheIdentity) => Promise<HttpResult<{
+            ok: boolean;
+            layout?: unknown;
+            template?: unknown;
+            schema?: unknown;
+            post?: unknown;
+            updatedAt?: string;
+        }>>;
+        put: (itemId: string, value: unknown, id: CacheIdentity) => Promise<HttpResult<{
+            ok: boolean;
+        }>>;
+        delete: (itemId: string, id: CacheIdentity) => Promise<HttpResult<{
+            ok: boolean;
+        }>>;
+    };
+    readonly studioSchemas: {
+        list: (id: CacheIdentity) => Promise<HttpResult<{
+            ok: boolean;
+        } & Record<string, string[]>>>;
+        get: (itemId: string, id: CacheIdentity) => Promise<HttpResult<{
+            ok: boolean;
+            layout?: unknown;
+            template?: unknown;
+            schema?: unknown;
+            post?: unknown;
+            updatedAt?: string;
+        }>>;
+        put: (itemId: string, value: unknown, id: CacheIdentity) => Promise<HttpResult<{
+            ok: boolean;
+        }>>;
+        delete: (itemId: string, id: CacheIdentity) => Promise<HttpResult<{
+            ok: boolean;
+        }>>;
+    };
+    readonly blogPosts: {
+        list: (id: CacheIdentity) => Promise<HttpResult<{
+            ok: boolean;
+        } & Record<string, string[]>>>;
+        get: (itemId: string, id: CacheIdentity) => Promise<HttpResult<{
+            ok: boolean;
+            layout?: unknown;
+            template?: unknown;
+            schema?: unknown;
+            post?: unknown;
+            updatedAt?: string;
+        }>>;
+        put: (itemId: string, value: unknown, id: CacheIdentity) => Promise<HttpResult<{
+            ok: boolean;
+        }>>;
+        delete: (itemId: string, id: CacheIdentity) => Promise<HttpResult<{
+            ok: boolean;
+        }>>;
+    };
+}
+/**
+ * Factory desde env vars:
+ *   CACHE_URL — default https://cache.zentto.net
+ *   CACHE_APP_KEY — header x-client-key (obligatoria)
+ */
+export declare function cacheFromEnv(overrides?: Partial<CacheConfig>): CacheClient;
+//# sourceMappingURL=client.d.ts.map

package/dist/cache/client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../src/cache/client.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AACH,OAAO,EAAkC,KAAK,UAAU,EAAE,KAAK,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAEvG,MAAM,WAAW,WAAW;IAC1B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,6DAA6D;IAC7D,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,UAAU,CAAC,SAAS,CAAC,CAAC;CACjC;AAED,MAAM,WAAW,aAAa;IAC5B,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IACzB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAYD,qBAAa,WAAW;IACtB,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAa;IACjC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;gBAEvB,IAAI,EAAE,WAAW;IAU7B,OAAO,CAAC,OAAO;IAIf,OAAO,CAAC,QAAQ;IA6ChB,QAAQ,CAAC,WAAW;mBA3CL,aAAa;gBAA4B,OAAO;;sBAQ7C,MAAM,MAAM,aAAa;gBAA4B,OAAO;;;;;wBAAkF,MAAM;;sBAQpJ,MAAM,sBAAqB,aAAa;gBAA4B,OAAO;;yBAiBxE,MAAM,MAAM,aAAa;gBAA4B,OAAO;;MAUf;IAClE,QAAQ,CAAC,eAAe;mBA5CT,aAAa;gBAA4B,OAAO;;sBAQ7C,MAAM,MAAM,aAAa;gBAA4B,OAAO;;;;;wBAAkF,MAAM;;sBAQpJ,MAAM,sBAAqB,aAAa;gBAA4B,OAAO;;yBAiBxE,MAAM,MAAM,aAAa;gBAA4B,OAAO;;MAWX;IACtE,QAAQ,CAAC,aAAa;mBA7CP,aAAa;gBAA4B,OAAO;;sBAQ7C,MAAM,MAAM,aAAa;gBAA4B,OAAO;;;;;wBAAkF,MAAM;;sBAQpJ,MAAM,sBAAqB,aAAa;gBAA4B,OAAO;;yBAiBxE,MAAM,MAAM,aAAa;gBAA4B,OAAO;;MAYb;IACpE,QAAQ,CAAC,SAAS;mBA9CH,aAAa;gBAA4B,OAAO;;sBAQ7C,MAAM,MAAM,aAAa;gBAA4B,OAAO;;;;;wBAAkF,MAAM;;sBAQpJ,MAAM,sBAAqB,aAAa;gBAA4B,OAAO;;yBAiBxE,MAAM,MAAM,aAAa;gBAA4B,OAAO;;MAajB;CACjE;AAED;;;;GAIG;AACH,wBAAgB,YAAY,CAAC,SAAS,CAAC,EAAE,OAAO,CAAC,WAAW,CAAC,GAAG,WAAW,CAM1E"}

package/dist/cache/client.js

@@ -0,0 +1,87 @@
+/**
+ * CacheClient — cliente tipado para zentto-cache (cache.zentto.net).
+ *
+ * Estandariza el header `x-client-key`. Cada recurso (grid-layouts,
+ * report-templates, studio-schemas, blog-posts) expone list/get/put/delete
+ * con la misma forma.
+ *
+ * Identidad del dueño del dato: `companyId` + (`userId` | `email`).
+ */
+import { defaultHttpConfig, httpRequest } from "../internal/http.js";
+function identityQuery(id) {
+    return {
+        companyId: id.companyId,
+        userId: id.userId !== undefined ? String(id.userId) : undefined,
+        email: id.email,
+    };
+}
+export class CacheClient {
+    cfg;
+    clientKey;
+    constructor(opts) {
+        this.cfg = defaultHttpConfig({
+            baseUrl: opts.baseUrl ?? "https://cache.zentto.net",
+            timeoutMs: opts.timeoutMs,
+            retries: opts.retries,
+            onError: opts.onError,
+        });
+        this.clientKey = opts.clientKey;
+    }
+    headers() {
+        return { "x-client-key": this.clientKey };
+    }
+    resource(name) {
+        return {
+            list: (id) => httpRequest(this.cfg, {
+                method: "GET",
+                path: `/v1/${name}`,
+                query: identityQuery(id),
+                headers: this.headers(),
+            }),
+            get: (itemId, id) => httpRequest(this.cfg, {
+                method: "GET",
+                path: `/v1/${name}/${encodeURIComponent(itemId)}`,
+                query: identityQuery(id),
+                headers: this.headers(),
+            }),
+            put: (itemId, value, id) => httpRequest(this.cfg, {
+                method: "PUT",
+                path: `/v1/${name}/${encodeURIComponent(itemId)}`,
+                body: {
+                    companyId: id.companyId,
+                    userId: id.userId,
+                    email: id.email,
+                    // El campo varía según el recurso; mandamos todos los shapes vistos en el server.
+                    layout: value,
+                    template: value,
+                    schema: value,
+                    post: value,
+                },
+                headers: this.headers(),
+            }),
+            delete: (itemId, id) => httpRequest(this.cfg, {
+                method: "DELETE",
+                path: `/v1/${name}/${encodeURIComponent(itemId)}`,
+                query: identityQuery(id),
+                headers: this.headers(),
+            }),
+        };
+    }
+    gridLayouts = this.resource("grid-layouts");
+    reportTemplates = this.resource("report-templates");
+    studioSchemas = this.resource("studio-schemas");
+    blogPosts = this.resource("blog-posts");
+}
+/**
+ * Factory desde env vars:
+ *   CACHE_URL — default https://cache.zentto.net
+ *   CACHE_APP_KEY — header x-client-key (obligatoria)
+ */
+export function cacheFromEnv(overrides) {
+    return new CacheClient({
+        baseUrl: process.env.CACHE_URL,
+        clientKey: process.env.CACHE_APP_KEY ?? "",
+        ...overrides,
+    });
+}
+//# sourceMappingURL=client.js.map

package/dist/cache/client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../../src/cache/client.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AACH,OAAO,EAAE,iBAAiB,EAAE,WAAW,EAAoC,MAAM,qBAAqB,CAAC;AAiBvG,SAAS,aAAa,CAAC,EAAiB;IACtC,OAAO;QACL,SAAS,EAAE,EAAE,CAAC,SAAS;QACvB,MAAM,EAAE,EAAE,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS;QAC/D,KAAK,EAAE,EAAE,CAAC,KAAK;KAChB,CAAC;AACJ,CAAC;AAID,MAAM,OAAO,WAAW;IACL,GAAG,CAAa;IAChB,SAAS,CAAS;IAEnC,YAAY,IAAiB;QAC3B,IAAI,CAAC,GAAG,GAAG,iBAAiB,CAAC;YAC3B,OAAO,EAAE,IAAI,CAAC,OAAO,IAAI,0BAA0B;YACnD,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,OAAO,EAAE,IAAI,CAAC,OAAO;SACtB,CAAC,CAAC;QACH,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;IAClC,CAAC;IAEO,OAAO;QACb,OAAO,EAAE,cAAc,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC;IAC5C,CAAC;IAEO,QAAQ,CAAmB,IAAc;QAC/C,OAAO;YACL,IAAI,EAAE,CAAC,EAAiB,EAAmE,EAAE,CAC3F,WAAW,CAAC,IAAI,CAAC,GAAG,EAAE;gBACpB,MAAM,EAAE,KAAK;gBACb,IAAI,EAAE,OAAO,IAAI,EAAE;gBACnB,KAAK,EAAE,aAAa,CAAC,EAAE,CAAC;gBACxB,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE;aACxB,CAAC;YAEJ,GAAG,EAAE,CAAC,MAAc,EAAE,EAAiB,EAAgI,EAAE,CACvK,WAAW,CAAC,IAAI,CAAC,GAAG,EAAE;gBACpB,MAAM,EAAE,KAAK;gBACb,IAAI,EAAE,OAAO,IAAI,IAAI,kBAAkB,CAAC,MAAM,CAAC,EAAE;gBACjD,KAAK,EAAE,aAAa,CAAC,EAAE,CAAC;gBACxB,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE;aACxB,CAAC;YAEJ,GAAG,EAAE,CAAC,MAAc,EAAE,KAAa,EAAE,EAAiB,EAAwC,EAAE,CAC9F,WAAW,CAAC,IAAI,CAAC,GAAG,EAAE;gBACpB,MAAM,EAAE,KAAK;gBACb,IAAI,EAAE,OAAO,IAAI,IAAI,kBAAkB,CAAC,MAAM,CAAC,EAAE;gBACjD,IAAI,EAAE;oBACJ,SAAS,EAAE,EAAE,CAAC,SAAS;oBACvB,MAAM,EAAE,EAAE,CAAC,MAAM;oBACjB,KAAK,EAAE,EAAE,CAAC,KAAK;oBACf,kFAAkF;oBAClF,MAAM,EAAE,KAAK;oBACb,QAAQ,EAAE,KAAK;oBACf,MAAM,EAAE,KAAK;oBACb,IAAI,EAAE,KAAK;iBACZ;gBACD,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE;aACxB,CAAC;YAEJ,MAAM,EAAE,CAAC,MAAc,EAAE,EAAiB,EAAwC,EAAE,CAClF,WAAW,CAAC,IAAI,CAAC,GAAG,EAAE;gBACpB,MAAM,EAAE,QAAQ;gBAChB,IAAI,EAAE,OAAO,IAAI,IAAI,kBAAkB,CAAC,MAAM,CAAC,EAAE;gBACjD,KAAK,EAAE,aAAa,CAAC,EAAE,CAAC;gBACxB,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE;aACxB,CAAC;SACL,CAAC;IACJ,CAAC;IAEQ,WAAW,GAAO,IAAI,CAAC,QAAQ,CAAU,cAAc,CAAC,CAAC;IACzD,eAAe,GAAG,IAAI,CAAC,QAAQ,CAAU,kBAAkB,CAAC,CAAC;IAC7D,aAAa,GAAK,IAAI,CAAC,QAAQ,CAAU,gBAAgB,CAAC,CAAC;IAC3D,SAAS,GAAS,IAAI,CAAC,QAAQ,CAAU,YAAY,CAAC,CAAC;CACjE;AAED;;;;GAIG;AACH,MAAM,UAAU,YAAY,CAAC,SAAgC;IAC3D,OAAO,IAAI,WAAW,CAAC;QACrB,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,SAAS;QAC9B,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,EAAE;QAC1C,GAAG,SAAS;KACb,CAAC,CAAC;AACL,CAAC"}

package/dist/cache/index.d.ts

@@ -0,0 +1,2 @@
+export * from "./client.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/cache/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/cache/index.ts"],"names":[],"mappings":"AAAA,cAAc,aAAa,CAAC"}

package/dist/cache/index.js

@@ -0,0 +1,2 @@
+export * from "./client.js";
+//# sourceMappingURL=index.js.map

package/dist/cache/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/cache/index.ts"],"names":[],"mappings":"AAAA,cAAc,aAAa,CAAC"}