alepha 0.14.2 → 0.14.3

package/dist/api/users/index.d.ts

@@ -1,16 +1,17 @@
-import * as alepha1 from "alepha";
+import * as alepha23 from "alepha";
 import { Alepha, AlephaError, Page, PageQuery, Primitive, Static, StaticEncode, TNull, TObject, TOptional, TSchema, TUnion } from "alepha";
 import * as alepha_api_notifications0 from "alepha/api/notifications";
 import { VerificationController } from "alepha/api/verifications";
-import * as alepha_orm179 from "alepha/orm";
+import * as alepha_server0 from "alepha/server";
+import * as alepha_orm24 from "alepha/orm";
 import { Page as Page$1, Repository } from "alepha/orm";
-import * as alepha_server14 from "alepha/server";
-import * as alepha_logger0 from "alepha/logger";
+import { AuditService } from "alepha/api/audits";
+import * as alepha_logger5 from "alepha/logger";
 import * as alepha_bucket0 from "alepha/bucket";
+import * as alepha_server_links0 from "alepha/server/links";
 import * as alepha_cache0 from "alepha/cache";
 import { DateTime, DateTimeProvider } from "alepha/datetime";
 import { CryptoProvider, RealmPrimitive, RealmPrimitiveOptions, UserAccount } from "alepha/security";
-import * as alepha_server_links0 from "alepha/server/links";
 import { OAuth2Profile, ServerAuthProvider, WithLinkFn, WithLoginFn } from "alepha/server/auth";
 import { FileSystemProvider } from "alepha/file";
 import { FileController } from "alepha/api/files";
@@ -32,426 +33,32 @@ import "drizzle-orm/postgres-js";
 import "postgres";
 
 //#region ../../src/api/users/atoms/realmAuthSettingsAtom.d.ts
-declare const realmAuthSettingsAtom: alepha1.Atom<alepha1.TObject<{
-  displayName: alepha1.TOptional<alepha1.TString>;
-  description: alepha1.TOptional<alepha1.TString>;
-  logoUrl: alepha1.TOptional<alepha1.TString>;
-  registrationAllowed: alepha1.TBoolean;
-  emailEnabled: alepha1.TBoolean;
-  emailRequired: alepha1.TBoolean;
-  usernameEnabled: alepha1.TBoolean;
-  usernameRequired: alepha1.TBoolean;
-  phoneEnabled: alepha1.TBoolean;
-  phoneRequired: alepha1.TBoolean;
-  verifyEmailRequired: alepha1.TBoolean;
-  verifyPhoneRequired: alepha1.TBoolean;
-  firstNameLastNameEnabled: alepha1.TBoolean;
-  firstNameLastNameRequired: alepha1.TBoolean;
-  resetPasswordAllowed: alepha1.TBoolean;
-  passwordPolicy: alepha1.TObject<{
-    minLength: alepha1.TInteger;
-    requireUppercase: alepha1.TBoolean;
-    requireLowercase: alepha1.TBoolean;
-    requireNumbers: alepha1.TBoolean;
-    requireSpecialCharacters: alepha1.TBoolean;
+declare const realmAuthSettingsAtom: alepha23.Atom<alepha23.TObject<{
+  displayName: alepha23.TOptional<alepha23.TString>;
+  description: alepha23.TOptional<alepha23.TString>;
+  logoUrl: alepha23.TOptional<alepha23.TString>;
+  registrationAllowed: alepha23.TBoolean;
+  emailEnabled: alepha23.TBoolean;
+  emailRequired: alepha23.TBoolean;
+  usernameEnabled: alepha23.TBoolean;
+  usernameRequired: alepha23.TBoolean;
+  phoneEnabled: alepha23.TBoolean;
+  phoneRequired: alepha23.TBoolean;
+  verifyEmailRequired: alepha23.TBoolean;
+  verifyPhoneRequired: alepha23.TBoolean;
+  firstNameLastNameEnabled: alepha23.TBoolean;
+  firstNameLastNameRequired: alepha23.TBoolean;
+  resetPasswordAllowed: alepha23.TBoolean;
+  passwordPolicy: alepha23.TObject<{
+    minLength: alepha23.TInteger;
+    requireUppercase: alepha23.TBoolean;
+    requireLowercase: alepha23.TBoolean;
+    requireNumbers: alepha23.TBoolean;
+    requireSpecialCharacters: alepha23.TBoolean;
   }>;
 }>, "alepha.api.users.realmAuthSettings">;
 type RealmAuthSettings = Static<typeof realmAuthSettingsAtom.schema>;
 //#endregion
-//#region ../../src/api/users/entities/identities.d.ts
-declare const identities: alepha_orm179.EntityPrimitive<alepha1.TObject<{
-  id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-  version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-  createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-  updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-  userId: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_REF>;
-  password: alepha1.TOptional<alepha1.TString>;
-  provider: alepha1.TString;
-  providerUserId: alepha1.TOptional<alepha1.TString>;
-  providerData: alepha1.TOptional<alepha1.TRecord<string, alepha1.TAny>>;
-}>>;
-type IdentityEntity = Static<typeof identities.schema>;
-//#endregion
-//#region ../../src/api/users/entities/sessions.d.ts
-declare const sessions: alepha_orm179.EntityPrimitive<alepha1.TObject<{
-  id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-  version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-  createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-  updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-  refreshToken: alepha1.TString;
-  userId: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_REF>;
-  expiresAt: alepha1.TString;
-  ip: alepha1.TOptional<alepha1.TString>;
-  userAgent: alepha1.TOptional<alepha1.TObject<{
-    os: alepha1.TString;
-    browser: alepha1.TString;
-    device: alepha1.TUnsafe<"MOBILE" | "DESKTOP" | "TABLET">;
-  }>>;
-}>>;
-type SessionEntity = Static<typeof sessions.schema>;
-//#endregion
-//#region ../../src/api/users/entities/users.d.ts
-declare const DEFAULT_USER_REALM_NAME = "default";
-declare const users: alepha_orm179.EntityPrimitive<alepha1.TObject<{
-  id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-  version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-  createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-  updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-  realm: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_DEFAULT>;
-  username: alepha1.TOptional<alepha1.TString>;
-  email: alepha1.TOptional<alepha1.TString>;
-  phoneNumber: alepha1.TOptional<alepha1.TString>;
-  roles: alepha_orm179.PgAttr<alepha1.TArray<alepha1.TString>, typeof alepha_orm179.PG_DEFAULT>;
-  firstName: alepha1.TOptional<alepha1.TString>;
-  lastName: alepha1.TOptional<alepha1.TString>;
-  picture: alepha1.TOptional<alepha1.TString>;
-  enabled: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-  emailVerified: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-}>>;
-type UserEntity = Static<typeof users.schema>;
-//#endregion
-//#region ../../src/api/users/primitives/$userRealm.d.ts
-type UserRealmPrimitive = RealmPrimitive & WithLinkFn & WithLoginFn;
-/**
- * Already configured realm for user management.
- *
- * Realm contains two roles: `admin` and `user`.
- *
- * - `admin`: Has full access to all resources and permissions.
- * - `user`: Has access to their own resources and permissions, but cannot access admin-level resources.
- *
- * Realm uses session management for handling user sessions.
- *
- * Environment Variables:
- * - `APP_SECRET`: Secret key for signing tokens (if not provided in options).
- */
-declare const $userRealm: (options?: UserRealmOptions) => UserRealmPrimitive;
-interface UserRealmOptions {
-  /**
-   * Secret key for signing tokens.
-   *
-   * If not provided, the secret from the SecurityProvider will be used (usually from the APP_SECRET environment variable).
-   */
-  secret?: string;
-  /**
-   * Realm configuration options.
-   *
-   * It's already pre-configured for user management with admin and user roles.
-   */
-  realm?: Partial<RealmPrimitiveOptions>;
-  /**
-   * Override entities.
-   */
-  entities?: {
-    users?: Repository<typeof users.schema>;
-    identities?: Repository<typeof identities.schema>;
-    sessions?: Repository<typeof sessions.schema>;
-  };
-  settings?: Partial<RealmAuthSettings>;
-  identities?: {
-    credentials?: true;
-    google?: true;
-    github?: true;
-  };
-  modules?: {
-    files?: boolean;
-    audits?: boolean;
-    jobs?: boolean;
-  };
-}
-//#endregion
-//#region ../../src/api/users/providers/UserRealmProvider.d.ts
-interface UserRealmRepositories {
-  identities: Repository<typeof identities.schema>;
-  sessions: Repository<typeof sessions.schema>;
-  users: Repository<typeof users.schema>;
-}
-interface UserRealm {
-  name: string;
-  repositories: UserRealmRepositories;
-  settings: RealmAuthSettings;
-}
-declare class UserRealmProvider {
-  protected readonly alepha: Alepha;
-  protected readonly defaultIdentities: Repository<alepha1.TObject<{
-    id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-    version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-    createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-    updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-    userId: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_REF>;
-    password: alepha1.TOptional<alepha1.TString>;
-    provider: alepha1.TString;
-    providerUserId: alepha1.TOptional<alepha1.TString>;
-    providerData: alepha1.TOptional<alepha1.TRecord<string, alepha1.TAny>>;
-  }>>;
-  protected readonly defaultSessions: Repository<alepha1.TObject<{
-    id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-    version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-    createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-    updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-    refreshToken: alepha1.TString;
-    userId: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_REF>;
-    expiresAt: alepha1.TString;
-    ip: alepha1.TOptional<alepha1.TString>;
-    userAgent: alepha1.TOptional<alepha1.TObject<{
-      os: alepha1.TString;
-      browser: alepha1.TString;
-      device: alepha1.TUnsafe<"MOBILE" | "DESKTOP" | "TABLET">;
-    }>>;
-  }>>;
-  protected readonly defaultUsers: Repository<alepha1.TObject<{
-    id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-    version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-    createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-    updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-    realm: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_DEFAULT>;
-    username: alepha1.TOptional<alepha1.TString>;
-    email: alepha1.TOptional<alepha1.TString>;
-    phoneNumber: alepha1.TOptional<alepha1.TString>;
-    roles: alepha_orm179.PgAttr<alepha1.TArray<alepha1.TString>, typeof alepha_orm179.PG_DEFAULT>;
-    firstName: alepha1.TOptional<alepha1.TString>;
-    lastName: alepha1.TOptional<alepha1.TString>;
-    picture: alepha1.TOptional<alepha1.TString>;
-    enabled: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-    emailVerified: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-  }>>;
-  protected realms: Map<string, UserRealm>;
-  avatars: alepha_bucket0.BucketPrimitive;
-  protected readonly onConfigure: alepha1.HookPrimitive<"configure">;
-  register(userRealmName: string, userRealmOptions?: UserRealmOptions): UserRealm;
-  /**
-   * Gets a registered realm by name, auto-creating default if needed.
-   */
-  getRealm(userRealmName?: string): UserRealm;
-  identityRepository(userRealmName?: string): Repository<typeof identities.schema>;
-  sessionRepository(userRealmName?: string): Repository<typeof sessions.schema>;
-  userRepository(userRealmName?: string): Repository<typeof users.schema>;
-}
-//#endregion
-//#region ../../src/api/users/schemas/identityQuerySchema.d.ts
-declare const identityQuerySchema: alepha1.TObject<{
-  page: alepha1.TOptional<alepha1.TInteger>;
-  size: alepha1.TOptional<alepha1.TInteger>;
-  sort: alepha1.TOptional<alepha1.TString>;
-  userId: alepha1.TOptional<alepha1.TString>;
-  provider: alepha1.TOptional<alepha1.TString>;
-}>;
-type IdentityQuery = Static<typeof identityQuerySchema>;
-//#endregion
-//#region ../../src/api/users/services/IdentityService.d.ts
-declare class IdentityService {
-  protected readonly log: alepha_logger0.Logger;
-  protected readonly userRealmProvider: UserRealmProvider;
-  identities(userRealmName?: string): alepha_orm179.Repository<alepha1.TObject<{
-    id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-    version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-    createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-    updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-    userId: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_REF>;
-    password: alepha1.TOptional<alepha1.TString>;
-    provider: alepha1.TString;
-    providerUserId: alepha1.TOptional<alepha1.TString>;
-    providerData: alepha1.TOptional<alepha1.TRecord<string, alepha1.TAny>>;
-  }>>;
-  /**
-   * Find identities with pagination and filtering.
-   */
-  findIdentities(q?: IdentityQuery, userRealmName?: string): Promise<Page$1<IdentityEntity>>;
-  /**
-   * Get an identity by ID.
-   */
-  getIdentityById(id: string, userRealmName?: string): Promise<IdentityEntity>;
-  /**
-   * Delete an identity by ID.
-   */
-  deleteIdentity(id: string, userRealmName?: string): Promise<void>;
-}
-//#endregion
-//#region ../../src/api/users/controllers/IdentityController.d.ts
-declare class IdentityController {
-  protected readonly url = "/identities";
-  protected readonly group = "identities";
-  protected readonly identityService: IdentityService;
-  /**
-   * Find identities with pagination and filtering.
-   */
-  readonly findIdentities: alepha_server14.ActionPrimitiveFn<{
-    query: alepha1.TObject<{
-      page: alepha1.TOptional<alepha1.TInteger>;
-      size: alepha1.TOptional<alepha1.TInteger>;
-      sort: alepha1.TOptional<alepha1.TString>;
-      userId: alepha1.TOptional<alepha1.TString>;
-      provider: alepha1.TOptional<alepha1.TString>;
-      userRealmName: alepha1.TOptional<alepha1.TString>;
-    }>;
-    response: alepha1.TPage<alepha1.TObject<{
-      id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-      version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-      createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-      updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-      userId: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_REF>;
-      provider: alepha1.TString;
-      providerUserId: alepha1.TOptional<alepha1.TString>;
-      providerData: alepha1.TOptional<alepha1.TRecord<string, alepha1.TAny>>;
-    }>>;
-  }>;
-  /**
-   * Get an identity by ID.
-   */
-  readonly getIdentity: alepha_server14.ActionPrimitiveFn<{
-    params: alepha1.TObject<{
-      id: alepha1.TString;
-    }>;
-    query: alepha1.TObject<{
-      userRealmName: alepha1.TOptional<alepha1.TString>;
-    }>;
-    response: alepha1.TObject<{
-      id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-      version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-      createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-      updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-      userId: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_REF>;
-      provider: alepha1.TString;
-      providerUserId: alepha1.TOptional<alepha1.TString>;
-      providerData: alepha1.TOptional<alepha1.TRecord<string, alepha1.TAny>>;
-    }>;
-  }>;
-  /**
-   * Delete an identity.
-   */
-  readonly deleteIdentity: alepha_server14.ActionPrimitiveFn<{
-    params: alepha1.TObject<{
-      id: alepha1.TString;
-    }>;
-    query: alepha1.TObject<{
-      userRealmName: alepha1.TOptional<alepha1.TString>;
-    }>;
-    response: alepha1.TObject<{
-      ok: alepha1.TBoolean;
-      id: alepha1.TOptional<alepha1.TUnion<[alepha1.TString, alepha1.TInteger]>>;
-      count: alepha1.TOptional<alepha1.TNumber>;
-    }>;
-  }>;
-}
-//#endregion
-//#region ../../src/api/users/schemas/sessionQuerySchema.d.ts
-declare const sessionQuerySchema: alepha1.TObject<{
-  page: alepha1.TOptional<alepha1.TInteger>;
-  size: alepha1.TOptional<alepha1.TInteger>;
-  sort: alepha1.TOptional<alepha1.TString>;
-  userId: alepha1.TOptional<alepha1.TString>;
-}>;
-type SessionQuery = Static<typeof sessionQuerySchema>;
-//#endregion
-//#region ../../src/api/users/services/SessionCrudService.d.ts
-declare class SessionCrudService {
-  protected readonly log: alepha_logger0.Logger;
-  protected readonly userRealmProvider: UserRealmProvider;
-  sessions(userRealmName?: string): alepha_orm179.Repository<alepha1.TObject<{
-    id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-    version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-    createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-    updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-    refreshToken: alepha1.TString;
-    userId: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_REF>;
-    expiresAt: alepha1.TString;
-    ip: alepha1.TOptional<alepha1.TString>;
-    userAgent: alepha1.TOptional<alepha1.TObject<{
-      os: alepha1.TString;
-      browser: alepha1.TString;
-      device: alepha1.TUnsafe<"MOBILE" | "DESKTOP" | "TABLET">;
-    }>>;
-  }>>;
-  /**
-   * Find sessions with pagination and filtering.
-   */
-  findSessions(q?: SessionQuery, userRealmName?: string): Promise<Page$1<SessionEntity>>;
-  /**
-   * Get a session by ID.
-   */
-  getSessionById(id: string, userRealmName?: string): Promise<SessionEntity>;
-  /**
-   * Delete a session by ID.
-   */
-  deleteSession(id: string, userRealmName?: string): Promise<void>;
-}
-//#endregion
-//#region ../../src/api/users/controllers/SessionController.d.ts
-declare class SessionController {
-  protected readonly url = "/sessions";
-  protected readonly group = "sessions";
-  protected readonly sessionService: SessionCrudService;
-  /**
-   * Find sessions with pagination and filtering.
-   */
-  readonly findSessions: alepha_server14.ActionPrimitiveFn<{
-    query: alepha1.TObject<{
-      page: alepha1.TOptional<alepha1.TInteger>;
-      size: alepha1.TOptional<alepha1.TInteger>;
-      sort: alepha1.TOptional<alepha1.TString>;
-      userId: alepha1.TOptional<alepha1.TString>;
-      userRealmName: alepha1.TOptional<alepha1.TString>;
-    }>;
-    response: alepha1.TPage<alepha1.TObject<{
-      id: alepha1.TString;
-      version: alepha1.TNumber;
-      createdAt: alepha1.TString;
-      updatedAt: alepha1.TString;
-      refreshToken: alepha1.TString;
-      userId: alepha1.TString;
-      expiresAt: alepha1.TString;
-      ip: alepha1.TOptional<alepha1.TString>;
-      userAgent: alepha1.TOptional<alepha1.TObject<{
-        os: alepha1.TString;
-        browser: alepha1.TString;
-        device: alepha1.TUnsafe<"MOBILE" | "DESKTOP" | "TABLET">;
-      }>>;
-    }>>;
-  }>;
-  /**
-   * Get a session by ID.
-   */
-  readonly getSession: alepha_server14.ActionPrimitiveFn<{
-    params: alepha1.TObject<{
-      id: alepha1.TString;
-    }>;
-    query: alepha1.TObject<{
-      userRealmName: alepha1.TOptional<alepha1.TString>;
-    }>;
-    response: alepha1.TObject<{
-      id: alepha1.TString;
-      version: alepha1.TNumber;
-      createdAt: alepha1.TString;
-      updatedAt: alepha1.TString;
-      refreshToken: alepha1.TString;
-      userId: alepha1.TString;
-      expiresAt: alepha1.TString;
-      ip: alepha1.TOptional<alepha1.TString>;
-      userAgent: alepha1.TOptional<alepha1.TObject<{
-        os: alepha1.TString;
-        browser: alepha1.TString;
-        device: alepha1.TUnsafe<"MOBILE" | "DESKTOP" | "TABLET">;
-      }>>;
-    }>;
-  }>;
-  /**
-   * Delete a session.
-   */
-  readonly deleteSession: alepha_server14.ActionPrimitiveFn<{
-    params: alepha1.TObject<{
-      id: alepha1.TString;
-    }>;
-    query: alepha1.TObject<{
-      userRealmName: alepha1.TOptional<alepha1.TString>;
-    }>;
-    response: alepha1.TObject<{
-      ok: alepha1.TBoolean;
-      id: alepha1.TOptional<alepha1.TUnion<[alepha1.TString, alepha1.TInteger]>>;
-      count: alepha1.TOptional<alepha1.TNumber>;
-    }>;
-  }>;
-}
-//#endregion
 //#region ../../src/orm/schemas/insertSchema.d.ts
 /**
  * Transforms a TObject schema for insert operations.
@@ -1303,7 +910,7 @@ declare abstract class ModelBuilder {
 //#endregion
 //#region ../../src/orm/providers/DrizzleKitProvider.d.ts
 declare class DrizzleKitProvider {
-  protected readonly log: alepha_logger0.Logger;
+  protected readonly log: alepha_logger5.Logger;
   protected readonly alepha: Alepha;
   /**
    * Synchronize database with current schema definitions.
@@ -1339,11 +946,11 @@ declare class DrizzleKitProvider {
    */
   importDrizzleKit(): typeof DrizzleKit;
 }
-declare const devMigrationsSchema: alepha1.TObject<{
-  id: alepha1.TNumber;
-  name: alepha1.TString;
-  snapshot: alepha1.TString;
-  created_at: alepha1.TString;
+declare const devMigrationsSchema: alepha23.TObject<{
+  id: alepha23.TNumber;
+  name: alepha23.TString;
+  snapshot: alepha23.TString;
+  created_at: alepha23.TString;
 }>;
 type DevMigrations = Static<typeof devMigrationsSchema>;
 //#endregion
@@ -1351,7 +958,7 @@ type DevMigrations = Static<typeof devMigrationsSchema>;
 type SQLLike = SQLWrapper | string;
 declare abstract class DatabaseProvider {
   protected readonly alepha: Alepha;
-  protected readonly log: alepha_logger0.Logger;
+  protected readonly log: alepha_logger5.Logger;
   protected abstract readonly builder: ModelBuilder;
   protected abstract readonly kit: DrizzleKitProvider;
   abstract readonly db: PgDatabase<any>;
@@ -1374,7 +981,7 @@ declare abstract class DatabaseProvider {
   /**
    * Base migration orchestration - handles environment logic
    */
-  protected migrateDatabase(): Promise<void>;
+  migrate(): Promise<void>;
   /**
    * Production: run migrations from folder
    */
@@ -1468,7 +1075,7 @@ declare class QueryManager {
   createPagination<T>(entities: T[], limit?: number, offset?: number, sort?: Array<{
     column: string;
     direction: "asc" | "desc";
-  }>): alepha1.Page<T>;
+  }>): alepha23.Page<T>;
 }
 interface PgJoin {
   table: string;
@@ -1780,7 +1387,7 @@ interface StatementOptions {
 declare module "alepha" {
   interface Env extends Partial<Static<typeof envSchema$1>> {}
 }
-declare const envSchema$1: alepha1.TObject<{
+declare const envSchema$1: alepha23.TObject<{
   /**
    * Main configuration for database connection.
    * Accept a string in the format of a Postgres connection URL.
@@ -1788,11 +1395,11 @@ declare const envSchema$1: alepha1.TObject<{
    * or
    * Example: postgres://user:password@localhost:5432/database?sslmode=require
    */
-  DATABASE_URL: alepha1.TOptional<alepha1.TString>;
+  DATABASE_URL: alepha23.TOptional<alepha23.TString>;
   /**
    * In addition to the DATABASE_URL, you can specify the postgres schema name.
    */
-  POSTGRES_SCHEMA: alepha1.TOptional<alepha1.TString>;
+  POSTGRES_SCHEMA: alepha23.TOptional<alepha23.TString>;
 }>;
 /**
  * Bun PostgreSQL provider using Drizzle ORM with Bun's native SQL client.
@@ -1817,8 +1424,8 @@ declare const envSchema$1: alepha1.TObject<{
 /**
  * Configuration options for the Bun SQLite database provider.
  */
-declare const bunSqliteOptions: alepha1.Atom<alepha1.TObject<{
-  path: alepha1.TOptional<alepha1.TString>;
+declare const bunSqliteOptions: alepha23.Atom<alepha23.TObject<{
+  path: alepha23.TOptional<alepha23.TString>;
 }>, "alepha.postgres.bun-sqlite.options">;
 type BunSqliteProviderOptions = Static<typeof bunSqliteOptions.schema>;
 declare module "alepha" {
@@ -1855,7 +1462,7 @@ declare module "alepha" {
 declare module "alepha" {
   interface Env extends Partial<Static<typeof envSchema>> {}
 }
-declare const envSchema: alepha1.TObject<{
+declare const envSchema: alepha23.TObject<{
   /**
    * Main configuration for database connection.
    * Accept a string in the format of a Postgres connection URL.
@@ -1863,21 +1470,21 @@ declare const envSchema: alepha1.TObject<{
    * or
    * Example: postgres://user:password@localhost:5432/database?sslmode=require
    */
-  DATABASE_URL: alepha1.TOptional<alepha1.TString>;
+  DATABASE_URL: alepha23.TOptional<alepha23.TString>;
   /**
    * In addition to the DATABASE_URL, you can specify the postgres schema name.
    *
    * It will monkey patch drizzle tables.
    */
-  POSTGRES_SCHEMA: alepha1.TOptional<alepha1.TString>;
+  POSTGRES_SCHEMA: alepha23.TOptional<alepha23.TString>;
 }>;
 //#endregion
 //#region ../../src/orm/providers/drivers/NodeSqliteProvider.d.ts
 /**
  * Configuration options for the Node.js SQLite database provider.
  */
-declare const nodeSqliteOptions: alepha1.Atom<alepha1.TObject<{
-  path: alepha1.TOptional<alepha1.TString>;
+declare const nodeSqliteOptions: alepha23.Atom<alepha23.TObject<{
+  path: alepha23.TOptional<alepha23.TString>;
 }>, "alepha.postgres.node-sqlite.options">;
 type NodeSqliteProviderOptions = Static<typeof nodeSqliteOptions.schema>;
 declare module "alepha" {
@@ -1960,122 +1567,782 @@ declare module "alepha" {
   }
 }
 //#endregion
-//#region ../../src/api/users/notifications/UserNotifications.d.ts
-declare class UserNotifications {
-  readonly passwordReset: alepha_api_notifications0.NotificationPrimitive<alepha1.TObject<{
-    email: alepha1.TString;
-    code: alepha1.TString;
-    expiresInMinutes: alepha1.TNumber;
-  }>>;
-  readonly emailVerification: alepha_api_notifications0.NotificationPrimitive<alepha1.TObject<{
-    email: alepha1.TString;
-    code: alepha1.TString;
-    expiresInMinutes: alepha1.TNumber;
-  }>>;
-  readonly phoneVerification: alepha_api_notifications0.NotificationPrimitive<alepha1.TObject<{
-    phoneNumber: alepha1.TString;
-    code: alepha1.TString;
-    expiresInMinutes: alepha1.TNumber;
-  }>>;
-  readonly passwordResetLink: alepha_api_notifications0.NotificationPrimitive<alepha1.TObject<{
-    email: alepha1.TString;
-    resetUrl: alepha1.TString;
-    expiresInMinutes: alepha1.TNumber;
-  }>>;
-  readonly emailVerificationLink: alepha_api_notifications0.NotificationPrimitive<alepha1.TObject<{
-    email: alepha1.TString;
-    verifyUrl: alepha1.TString;
-    expiresInMinutes: alepha1.TNumber;
+//#region ../../src/api/users/entities/identities.d.ts
+declare const identities: alepha_orm24.EntityPrimitive<alepha23.TObject<{
+  id: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_PRIMARY_KEY>, typeof alepha_orm24.PG_DEFAULT>;
+  version: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TInteger, typeof alepha_orm24.PG_VERSION>, typeof alepha_orm24.PG_DEFAULT>;
+  createdAt: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_CREATED_AT>, typeof alepha_orm24.PG_DEFAULT>;
+  updatedAt: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_UPDATED_AT>, typeof alepha_orm24.PG_DEFAULT>;
+  userId: alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_REF>;
+  password: alepha23.TOptional<alepha23.TString>;
+  provider: alepha23.TString;
+  providerUserId: alepha23.TOptional<alepha23.TString>;
+  providerData: alepha23.TOptional<alepha23.TRecord<string, alepha23.TAny>>;
+}>>;
+type IdentityEntity = Static<typeof identities.schema>;
+//#endregion
+//#region ../../src/api/users/entities/sessions.d.ts
+declare const sessions: alepha_orm24.EntityPrimitive<alepha23.TObject<{
+  id: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_PRIMARY_KEY>, typeof alepha_orm24.PG_DEFAULT>;
+  version: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TInteger, typeof alepha_orm24.PG_VERSION>, typeof alepha_orm24.PG_DEFAULT>;
+  createdAt: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_CREATED_AT>, typeof alepha_orm24.PG_DEFAULT>;
+  updatedAt: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_UPDATED_AT>, typeof alepha_orm24.PG_DEFAULT>;
+  refreshToken: alepha23.TString;
+  userId: alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_REF>;
+  expiresAt: alepha23.TString;
+  ip: alepha23.TOptional<alepha23.TString>;
+  userAgent: alepha23.TOptional<alepha23.TObject<{
+    os: alepha23.TString;
+    browser: alepha23.TString;
+    device: alepha23.TUnsafe<"MOBILE" | "DESKTOP" | "TABLET">;
   }>>;
-}
+}>>;
+type SessionEntity = Static<typeof sessions.schema>;
 //#endregion
-//#region ../../src/api/users/schemas/completePasswordResetRequestSchema.d.ts
-/**
- * Request schema for completing a password reset.
- *
- * Requires the intent ID from Phase 1, the verification code,
- * and the new password.
- */
-declare const completePasswordResetRequestSchema: alepha1.TObject<{
-  intentId: alepha1.TString;
-  code: alepha1.TString;
-  newPassword: alepha1.TString;
-}>;
-type CompletePasswordResetRequest = Static<typeof completePasswordResetRequestSchema>;
+//#region ../../src/api/users/entities/users.d.ts
+declare const DEFAULT_USER_REALM_NAME = "default";
+declare const users: alepha_orm24.EntityPrimitive<alepha23.TObject<{
+  id: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_PRIMARY_KEY>, typeof alepha_orm24.PG_DEFAULT>;
+  version: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TInteger, typeof alepha_orm24.PG_VERSION>, typeof alepha_orm24.PG_DEFAULT>;
+  createdAt: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_CREATED_AT>, typeof alepha_orm24.PG_DEFAULT>;
+  updatedAt: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_UPDATED_AT>, typeof alepha_orm24.PG_DEFAULT>;
+  realm: alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_DEFAULT>;
+  username: alepha23.TOptional<alepha23.TString>;
+  email: alepha23.TOptional<alepha23.TString>;
+  phoneNumber: alepha23.TOptional<alepha23.TString>;
+  roles: alepha_orm24.PgAttr<alepha23.TArray<alepha23.TString>, typeof alepha_orm24.PG_DEFAULT>;
+  firstName: alepha23.TOptional<alepha23.TString>;
+  lastName: alepha23.TOptional<alepha23.TString>;
+  picture: alepha23.TOptional<alepha23.TString>;
+  enabled: alepha_orm24.PgAttr<alepha23.TBoolean, typeof alepha_orm24.PG_DEFAULT>;
+  emailVerified: alepha_orm24.PgAttr<alepha23.TBoolean, typeof alepha_orm24.PG_DEFAULT>;
+}>>;
+type UserEntity = Static<typeof users.schema>;
 //#endregion
-//#region ../../src/api/users/schemas/passwordResetIntentResponseSchema.d.ts
+//#region ../../src/api/users/primitives/$userRealm.d.ts
+type UserRealmPrimitive = RealmPrimitive & WithLinkFn & WithLoginFn;
 /**
- * Response schema for password reset intent creation.
+ * Already configured realm for user management.
  *
- * Contains the intent ID needed for Phase 2 completion,
- * along with expiration time.
- */
-declare const passwordResetIntentResponseSchema: alepha1.TObject<{
-  intentId: alepha1.TString;
-  expiresAt: alepha1.TString;
-}>;
-type PasswordResetIntentResponse = Static<typeof passwordResetIntentResponseSchema>;
-//#endregion
-//#region ../../src/api/users/services/CredentialService.d.ts
-/**
- * Intent stored in cache during the password reset flow.
+ * Realm contains two roles: `admin` and `user`.
+ *
+ * - `admin`: Has full access to all resources and permissions.
+ * - `user`: Has access to their own resources and permissions, but cannot access admin-level resources.
+ *
+ * Realm uses session management for handling user sessions.
+ *
+ * Environment Variables:
+ * - `APP_SECRET`: Secret key for signing tokens (if not provided in options).
  */
-interface PasswordResetIntent {
-  email: string;
-  userId: string;
-  identityId: string;
-  realmName?: string;
-  expiresAt: string;
-}
-declare class CredentialService {
-  protected readonly log: alepha_logger0.Logger;
-  protected readonly cryptoProvider: CryptoProvider;
-  protected readonly dateTimeProvider: DateTimeProvider;
-  protected readonly verificationController: alepha_server_links0.HttpVirtualClient<VerificationController>;
-  protected readonly userNotifications: UserNotifications;
-  protected readonly userRealmProvider: UserRealmProvider;
-  protected readonly intentCache: alepha_cache0.CachePrimitiveFn<PasswordResetIntent, any[]>;
-  users(userRealmName?: string): Repository$1<alepha1.TObject<{
-    id: PgAttr<PgAttr<alepha1.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
-    version: PgAttr<PgAttr<alepha1.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
-    createdAt: PgAttr<PgAttr<alepha1.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
-    updatedAt: PgAttr<PgAttr<alepha1.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
-    realm: PgAttr<alepha1.TString, typeof PG_DEFAULT>;
-    username: alepha1.TOptional<alepha1.TString>;
-    email: alepha1.TOptional<alepha1.TString>;
-    phoneNumber: alepha1.TOptional<alepha1.TString>;
-    roles: PgAttr<alepha1.TArray<alepha1.TString>, typeof PG_DEFAULT>;
-    firstName: alepha1.TOptional<alepha1.TString>;
-    lastName: alepha1.TOptional<alepha1.TString>;
-    picture: alepha1.TOptional<alepha1.TString>;
-    enabled: PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>;
-    emailVerified: PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>;
-  }>>;
-  sessions(userRealmName?: string): Repository$1<alepha1.TObject<{
-    id: PgAttr<PgAttr<alepha1.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
-    version: PgAttr<PgAttr<alepha1.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
-    createdAt: PgAttr<PgAttr<alepha1.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
-    updatedAt: PgAttr<PgAttr<alepha1.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
-    refreshToken: alepha1.TString;
-    userId: PgAttr<alepha1.TString, typeof PG_REF>;
-    expiresAt: alepha1.TString;
-    ip: alepha1.TOptional<alepha1.TString>;
-    userAgent: alepha1.TOptional<alepha1.TObject<{
-      os: alepha1.TString;
-      browser: alepha1.TString;
-      device: alepha1.TUnsafe<"MOBILE" | "DESKTOP" | "TABLET">;
-    }>>;
+declare const $userRealm: (options?: UserRealmOptions) => UserRealmPrimitive;
+interface UserRealmOptions {
+  /**
+   * Secret key for signing tokens.
+   *
+   * If not provided, the secret from the SecurityProvider will be used (usually from the APP_SECRET environment variable).
+   */
+  secret?: string;
+  /**
+   * Realm configuration options.
+   *
+   * It's already pre-configured for user management with admin and user roles.
+   */
+  realm?: Partial<RealmPrimitiveOptions>;
+  /**
+   * Override entities.
+   */
+  entities?: {
+    users?: Repository<typeof users.schema>;
+    identities?: Repository<typeof identities.schema>;
+    sessions?: Repository<typeof sessions.schema>;
+  };
+  settings?: Partial<RealmAuthSettings>;
+  identities?: {
+    credentials?: true;
+    google?: true;
+    github?: true;
+  };
+  modules?: {
+    files?: boolean;
+    audits?: boolean;
+    jobs?: boolean;
+  };
+}
+//#endregion
+//#region ../../src/api/users/providers/UserRealmProvider.d.ts
+interface UserRealmRepositories {
+  identities: Repository<typeof identities.schema>;
+  sessions: Repository<typeof sessions.schema>;
+  users: Repository<typeof users.schema>;
+}
+interface UserRealm {
+  name: string;
+  repositories: UserRealmRepositories;
+  settings: RealmAuthSettings;
+}
+declare class UserRealmProvider {
+  protected readonly alepha: Alepha;
+  protected readonly defaultIdentities: Repository<alepha23.TObject<{
+    id: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_PRIMARY_KEY>, typeof alepha_orm24.PG_DEFAULT>;
+    version: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TInteger, typeof alepha_orm24.PG_VERSION>, typeof alepha_orm24.PG_DEFAULT>;
+    createdAt: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_CREATED_AT>, typeof alepha_orm24.PG_DEFAULT>;
+    updatedAt: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_UPDATED_AT>, typeof alepha_orm24.PG_DEFAULT>;
+    userId: alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_REF>;
+    password: alepha23.TOptional<alepha23.TString>;
+    provider: alepha23.TString;
+    providerUserId: alepha23.TOptional<alepha23.TString>;
+    providerData: alepha23.TOptional<alepha23.TRecord<string, alepha23.TAny>>;
+  }>>;
+  protected readonly defaultSessions: Repository<alepha23.TObject<{
+    id: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_PRIMARY_KEY>, typeof alepha_orm24.PG_DEFAULT>;
+    version: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TInteger, typeof alepha_orm24.PG_VERSION>, typeof alepha_orm24.PG_DEFAULT>;
+    createdAt: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_CREATED_AT>, typeof alepha_orm24.PG_DEFAULT>;
+    updatedAt: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_UPDATED_AT>, typeof alepha_orm24.PG_DEFAULT>;
+    refreshToken: alepha23.TString;
+    userId: alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_REF>;
+    expiresAt: alepha23.TString;
+    ip: alepha23.TOptional<alepha23.TString>;
+    userAgent: alepha23.TOptional<alepha23.TObject<{
+      os: alepha23.TString;
+      browser: alepha23.TString;
+      device: alepha23.TUnsafe<"MOBILE" | "DESKTOP" | "TABLET">;
+    }>>;
+  }>>;
+  protected readonly defaultUsers: Repository<alepha23.TObject<{
+    id: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_PRIMARY_KEY>, typeof alepha_orm24.PG_DEFAULT>;
+    version: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TInteger, typeof alepha_orm24.PG_VERSION>, typeof alepha_orm24.PG_DEFAULT>;
+    createdAt: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_CREATED_AT>, typeof alepha_orm24.PG_DEFAULT>;
+    updatedAt: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_UPDATED_AT>, typeof alepha_orm24.PG_DEFAULT>;
+    realm: alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_DEFAULT>;
+    username: alepha23.TOptional<alepha23.TString>;
+    email: alepha23.TOptional<alepha23.TString>;
+    phoneNumber: alepha23.TOptional<alepha23.TString>;
+    roles: alepha_orm24.PgAttr<alepha23.TArray<alepha23.TString>, typeof alepha_orm24.PG_DEFAULT>;
+    firstName: alepha23.TOptional<alepha23.TString>;
+    lastName: alepha23.TOptional<alepha23.TString>;
+    picture: alepha23.TOptional<alepha23.TString>;
+    enabled: alepha_orm24.PgAttr<alepha23.TBoolean, typeof alepha_orm24.PG_DEFAULT>;
+    emailVerified: alepha_orm24.PgAttr<alepha23.TBoolean, typeof alepha_orm24.PG_DEFAULT>;
+  }>>;
+  protected realms: Map<string, UserRealm>;
+  avatars: alepha_bucket0.BucketPrimitive;
+  protected readonly onConfigure: alepha23.HookPrimitive<"configure">;
+  register(userRealmName: string, userRealmOptions?: UserRealmOptions): UserRealm;
+  /**
+   * Gets a registered realm by name, auto-creating default if needed.
+   */
+  getRealm(userRealmName?: string): UserRealm;
+  identityRepository(userRealmName?: string): Repository<typeof identities.schema>;
+  sessionRepository(userRealmName?: string): Repository<typeof sessions.schema>;
+  userRepository(userRealmName?: string): Repository<typeof users.schema>;
+}
+//#endregion
+//#region ../../src/api/users/schemas/identityQuerySchema.d.ts
+declare const identityQuerySchema: alepha23.TObject<{
+  page: alepha23.TOptional<alepha23.TInteger>;
+  size: alepha23.TOptional<alepha23.TInteger>;
+  sort: alepha23.TOptional<alepha23.TString>;
+  userId: alepha23.TOptional<alepha23.TString>;
+  provider: alepha23.TOptional<alepha23.TString>;
+}>;
+type IdentityQuery = Static<typeof identityQuerySchema>;
+//#endregion
+//#region ../../src/api/users/services/IdentityService.d.ts
+declare class IdentityService {
+  protected readonly log: alepha_logger5.Logger;
+  protected readonly userRealmProvider: UserRealmProvider;
+  protected readonly auditService: AuditService;
+  identities(userRealmName?: string): alepha_orm24.Repository<alepha23.TObject<{
+    id: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_PRIMARY_KEY>, typeof alepha_orm24.PG_DEFAULT>;
+    version: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TInteger, typeof alepha_orm24.PG_VERSION>, typeof alepha_orm24.PG_DEFAULT>;
+    createdAt: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_CREATED_AT>, typeof alepha_orm24.PG_DEFAULT>;
+    updatedAt: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_UPDATED_AT>, typeof alepha_orm24.PG_DEFAULT>;
+    userId: alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_REF>;
+    password: alepha23.TOptional<alepha23.TString>;
+    provider: alepha23.TString;
+    providerUserId: alepha23.TOptional<alepha23.TString>;
+    providerData: alepha23.TOptional<alepha23.TRecord<string, alepha23.TAny>>;
+  }>>;
+  /**
+   * Find identities with pagination and filtering.
+   */
+  findIdentities(q?: IdentityQuery, userRealmName?: string): Promise<Page$1<IdentityEntity>>;
+  /**
+   * Get an identity by ID.
+   */
+  getIdentityById(id: string, userRealmName?: string): Promise<IdentityEntity>;
+  /**
+   * Delete an identity by ID.
+   */
+  deleteIdentity(id: string, userRealmName?: string): Promise<void>;
+}
+//#endregion
+//#region ../../src/api/users/controllers/AdminIdentityController.d.ts
+declare class AdminIdentityController {
+  protected readonly url = "/identities";
+  protected readonly group = "admin:identities";
+  protected readonly identityService: IdentityService;
+  /**
+   * Find identities with pagination and filtering.
+   */
+  readonly findIdentities: alepha_server0.ActionPrimitiveFn<{
+    query: alepha23.TObject<{
+      page: alepha23.TOptional<alepha23.TInteger>;
+      size: alepha23.TOptional<alepha23.TInteger>;
+      sort: alepha23.TOptional<alepha23.TString>;
+      userId: alepha23.TOptional<alepha23.TString>;
+      provider: alepha23.TOptional<alepha23.TString>;
+      userRealmName: alepha23.TOptional<alepha23.TString>;
+    }>;
+    response: alepha23.TPage<alepha23.TObject<{
+      id: PgAttr<PgAttr<alepha23.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
+      version: PgAttr<PgAttr<alepha23.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
+      createdAt: PgAttr<PgAttr<alepha23.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
+      updatedAt: PgAttr<PgAttr<alepha23.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
+      userId: PgAttr<alepha23.TString, typeof PG_REF>;
+      provider: alepha23.TString;
+      providerUserId: alepha23.TOptional<alepha23.TString>;
+      providerData: alepha23.TOptional<alepha23.TRecord<string, alepha23.TAny>>;
+    }>>;
+  }>;
+  /**
+   * Get an identity by ID.
+   */
+  readonly getIdentity: alepha_server0.ActionPrimitiveFn<{
+    params: alepha23.TObject<{
+      id: alepha23.TString;
+    }>;
+    query: alepha23.TObject<{
+      userRealmName: alepha23.TOptional<alepha23.TString>;
+    }>;
+    response: alepha23.TObject<{
+      id: PgAttr<PgAttr<alepha23.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
+      version: PgAttr<PgAttr<alepha23.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
+      createdAt: PgAttr<PgAttr<alepha23.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
+      updatedAt: PgAttr<PgAttr<alepha23.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
+      userId: PgAttr<alepha23.TString, typeof PG_REF>;
+      provider: alepha23.TString;
+      providerUserId: alepha23.TOptional<alepha23.TString>;
+      providerData: alepha23.TOptional<alepha23.TRecord<string, alepha23.TAny>>;
+    }>;
+  }>;
+  /**
+   * Delete an identity.
+   */
+  readonly deleteIdentity: alepha_server0.ActionPrimitiveFn<{
+    params: alepha23.TObject<{
+      id: alepha23.TString;
+    }>;
+    query: alepha23.TObject<{
+      userRealmName: alepha23.TOptional<alepha23.TString>;
+    }>;
+    response: alepha23.TObject<{
+      ok: alepha23.TBoolean;
+      id: alepha23.TOptional<alepha23.TUnion<[alepha23.TString, alepha23.TInteger]>>;
+      count: alepha23.TOptional<alepha23.TNumber>;
+    }>;
+  }>;
+}
+//#endregion
+//#region ../../src/api/users/schemas/sessionQuerySchema.d.ts
+declare const sessionQuerySchema: alepha23.TObject<{
+  page: alepha23.TOptional<alepha23.TInteger>;
+  size: alepha23.TOptional<alepha23.TInteger>;
+  sort: alepha23.TOptional<alepha23.TString>;
+  userId: alepha23.TOptional<alepha23.TString>;
+}>;
+type SessionQuery = Static<typeof sessionQuerySchema>;
+//#endregion
+//#region ../../src/api/users/services/SessionCrudService.d.ts
+declare class SessionCrudService {
+  protected readonly log: alepha_logger5.Logger;
+  protected readonly userRealmProvider: UserRealmProvider;
+  sessions(userRealmName?: string): alepha_orm24.Repository<alepha23.TObject<{
+    id: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_PRIMARY_KEY>, typeof alepha_orm24.PG_DEFAULT>;
+    version: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TInteger, typeof alepha_orm24.PG_VERSION>, typeof alepha_orm24.PG_DEFAULT>;
+    createdAt: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_CREATED_AT>, typeof alepha_orm24.PG_DEFAULT>;
+    updatedAt: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_UPDATED_AT>, typeof alepha_orm24.PG_DEFAULT>;
+    refreshToken: alepha23.TString;
+    userId: alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_REF>;
+    expiresAt: alepha23.TString;
+    ip: alepha23.TOptional<alepha23.TString>;
+    userAgent: alepha23.TOptional<alepha23.TObject<{
+      os: alepha23.TString;
+      browser: alepha23.TString;
+      device: alepha23.TUnsafe<"MOBILE" | "DESKTOP" | "TABLET">;
+    }>>;
+  }>>;
+  /**
+   * Find sessions with pagination and filtering.
+   */
+  findSessions(q?: SessionQuery, userRealmName?: string): Promise<Page$1<SessionEntity>>;
+  /**
+   * Get a session by ID.
+   */
+  getSessionById(id: string, userRealmName?: string): Promise<SessionEntity>;
+  /**
+   * Delete a session by ID.
+   */
+  deleteSession(id: string, userRealmName?: string): Promise<void>;
+}
+//#endregion
+//#region ../../src/api/users/controllers/AdminSessionController.d.ts
+declare class AdminSessionController {
+  protected readonly url = "/sessions";
+  protected readonly group = "admin:sessions";
+  protected readonly sessionService: SessionCrudService;
+  /**
+   * Find sessions with pagination and filtering.
+   */
+  readonly findSessions: alepha_server0.ActionPrimitiveFn<{
+    query: alepha23.TObject<{
+      page: alepha23.TOptional<alepha23.TInteger>;
+      size: alepha23.TOptional<alepha23.TInteger>;
+      sort: alepha23.TOptional<alepha23.TString>;
+      userId: alepha23.TOptional<alepha23.TString>;
+      userRealmName: alepha23.TOptional<alepha23.TString>;
+    }>;
+    response: alepha23.TPage<alepha23.TObject<{
+      id: alepha23.TString;
+      version: alepha23.TNumber;
+      createdAt: alepha23.TString;
+      updatedAt: alepha23.TString;
+      refreshToken: alepha23.TString;
+      userId: alepha23.TString;
+      expiresAt: alepha23.TString;
+      ip: alepha23.TOptional<alepha23.TString>;
+      userAgent: alepha23.TOptional<alepha23.TObject<{
+        os: alepha23.TString;
+        browser: alepha23.TString;
+        device: alepha23.TUnsafe<"MOBILE" | "DESKTOP" | "TABLET">;
+      }>>;
+    }>>;
+  }>;
+  /**
+   * Get a session by ID.
+   */
+  readonly getSession: alepha_server0.ActionPrimitiveFn<{
+    params: alepha23.TObject<{
+      id: alepha23.TString;
+    }>;
+    query: alepha23.TObject<{
+      userRealmName: alepha23.TOptional<alepha23.TString>;
+    }>;
+    response: alepha23.TObject<{
+      id: alepha23.TString;
+      version: alepha23.TNumber;
+      createdAt: alepha23.TString;
+      updatedAt: alepha23.TString;
+      refreshToken: alepha23.TString;
+      userId: alepha23.TString;
+      expiresAt: alepha23.TString;
+      ip: alepha23.TOptional<alepha23.TString>;
+      userAgent: alepha23.TOptional<alepha23.TObject<{
+        os: alepha23.TString;
+        browser: alepha23.TString;
+        device: alepha23.TUnsafe<"MOBILE" | "DESKTOP" | "TABLET">;
+      }>>;
+    }>;
+  }>;
+  /**
+   * Delete a session.
+   */
+  readonly deleteSession: alepha_server0.ActionPrimitiveFn<{
+    params: alepha23.TObject<{
+      id: alepha23.TString;
+    }>;
+    query: alepha23.TObject<{
+      userRealmName: alepha23.TOptional<alepha23.TString>;
+    }>;
+    response: alepha23.TObject<{
+      ok: alepha23.TBoolean;
+      id: alepha23.TOptional<alepha23.TUnion<[alepha23.TString, alepha23.TInteger]>>;
+      count: alepha23.TOptional<alepha23.TNumber>;
+    }>;
+  }>;
+}
+//#endregion
+//#region ../../src/api/users/notifications/UserNotifications.d.ts
+declare class UserNotifications {
+  readonly passwordReset: alepha_api_notifications0.NotificationPrimitive<alepha23.TObject<{
+    email: alepha23.TString;
+    code: alepha23.TString;
+    expiresInMinutes: alepha23.TNumber;
+  }>>;
+  readonly emailVerification: alepha_api_notifications0.NotificationPrimitive<alepha23.TObject<{
+    email: alepha23.TString;
+    code: alepha23.TString;
+    expiresInMinutes: alepha23.TNumber;
+  }>>;
+  readonly phoneVerification: alepha_api_notifications0.NotificationPrimitive<alepha23.TObject<{
+    phoneNumber: alepha23.TString;
+    code: alepha23.TString;
+    expiresInMinutes: alepha23.TNumber;
+  }>>;
+  readonly passwordResetLink: alepha_api_notifications0.NotificationPrimitive<alepha23.TObject<{
+    email: alepha23.TString;
+    resetUrl: alepha23.TString;
+    expiresInMinutes: alepha23.TNumber;
+  }>>;
+  readonly emailVerificationLink: alepha_api_notifications0.NotificationPrimitive<alepha23.TObject<{
+    email: alepha23.TString;
+    verifyUrl: alepha23.TString;
+    expiresInMinutes: alepha23.TNumber;
+  }>>;
+}
+//#endregion
+//#region ../../src/api/users/schemas/createUserSchema.d.ts
+declare const createUserSchema: alepha23.TObject<{
+  id: alepha23.TOptional<PgAttr<PgAttr<alepha23.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>>;
+  version: alepha23.TOptional<PgAttr<PgAttr<alepha23.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>>;
+  email: alepha23.TOptional<alepha23.TOptional<alepha23.TString>>;
+  createdAt: alepha23.TOptional<PgAttr<PgAttr<alepha23.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>>;
+  updatedAt: alepha23.TOptional<PgAttr<PgAttr<alepha23.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>>;
+  username: alepha23.TOptional<alepha23.TOptional<alepha23.TString>>;
+  phoneNumber: alepha23.TOptional<alepha23.TOptional<alepha23.TString>>;
+  roles: alepha23.TOptional<alepha23.TArray<alepha23.TString>>;
+  firstName: alepha23.TOptional<alepha23.TOptional<alepha23.TString>>;
+  lastName: alepha23.TOptional<alepha23.TOptional<alepha23.TString>>;
+  picture: alepha23.TOptional<alepha23.TOptional<alepha23.TString>>;
+  enabled: alepha23.TOptional<PgAttr<alepha23.TBoolean, typeof PG_DEFAULT>>;
+  emailVerified: alepha23.TOptional<PgAttr<alepha23.TBoolean, typeof PG_DEFAULT>>;
+}>;
+type CreateUser = Static<typeof createUserSchema>;
+//#endregion
+//#region ../../src/api/users/schemas/updateUserSchema.d.ts
+declare const updateUserSchema: alepha23.TObject<{
+  email: alepha23.TOptional<alepha23.TOptional<alepha23.TString>>;
+  realm: alepha23.TOptional<PgAttr<alepha23.TString, typeof PG_DEFAULT>>;
+  phoneNumber: alepha23.TOptional<alepha23.TOptional<alepha23.TString>>;
+  roles: alepha23.TOptional<alepha23.TArray<alepha23.TString>>;
+  firstName: alepha23.TOptional<alepha23.TOptional<alepha23.TString>>;
+  lastName: alepha23.TOptional<alepha23.TOptional<alepha23.TString>>;
+  picture: alepha23.TOptional<alepha23.TOptional<alepha23.TString>>;
+  enabled: alepha23.TOptional<PgAttr<alepha23.TBoolean, typeof PG_DEFAULT>>;
+}>;
+type UpdateUser = Static<typeof updateUserSchema>;
+//#endregion
+//#region ../../src/api/users/schemas/userQuerySchema.d.ts
+declare const userQuerySchema: alepha23.TObject<{
+  page: alepha23.TOptional<alepha23.TInteger>;
+  size: alepha23.TOptional<alepha23.TInteger>;
+  sort: alepha23.TOptional<alepha23.TString>;
+  email: alepha23.TOptional<alepha23.TString>;
+  enabled: alepha23.TOptional<alepha23.TBoolean>;
+  emailVerified: alepha23.TOptional<alepha23.TBoolean>;
+  roles: alepha23.TOptional<alepha23.TArray<alepha23.TString>>;
+  query: alepha23.TOptional<alepha23.TString>;
+}>;
+type UserQuery = Static<typeof userQuerySchema>;
+//#endregion
+//#region ../../src/api/users/services/UserService.d.ts
+declare class UserService {
+  protected readonly log: alepha_logger5.Logger;
+  protected readonly verificationController: alepha_server_links0.HttpVirtualClient<VerificationController>;
+  protected readonly userNotifications: UserNotifications;
+  protected readonly userRealmProvider: UserRealmProvider;
+  protected readonly auditService: AuditService;
+  users(userRealmName?: string): alepha_orm24.Repository<alepha23.TObject<{
+    id: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_PRIMARY_KEY>, typeof alepha_orm24.PG_DEFAULT>;
+    version: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TInteger, typeof alepha_orm24.PG_VERSION>, typeof alepha_orm24.PG_DEFAULT>;
+    createdAt: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_CREATED_AT>, typeof alepha_orm24.PG_DEFAULT>;
+    updatedAt: alepha_orm24.PgAttr<alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_UPDATED_AT>, typeof alepha_orm24.PG_DEFAULT>;
+    realm: alepha_orm24.PgAttr<alepha23.TString, typeof alepha_orm24.PG_DEFAULT>;
+    username: alepha23.TOptional<alepha23.TString>;
+    email: alepha23.TOptional<alepha23.TString>;
+    phoneNumber: alepha23.TOptional<alepha23.TString>;
+    roles: alepha_orm24.PgAttr<alepha23.TArray<alepha23.TString>, typeof alepha_orm24.PG_DEFAULT>;
+    firstName: alepha23.TOptional<alepha23.TString>;
+    lastName: alepha23.TOptional<alepha23.TString>;
+    picture: alepha23.TOptional<alepha23.TString>;
+    enabled: alepha_orm24.PgAttr<alepha23.TBoolean, typeof alepha_orm24.PG_DEFAULT>;
+    emailVerified: alepha_orm24.PgAttr<alepha23.TBoolean, typeof alepha_orm24.PG_DEFAULT>;
+  }>>;
+  /**
+   * Request email verification for a user.
+   * @param email - The email address to verify.
+   * @param userRealmName - Optional realm name.
+   * @param method - The verification method: "code" (default) or "link".
+   * @param verifyUrl - Base URL for verification link (required when method is "link").
+   */
+  requestEmailVerification(email: string, userRealmName?: string, method?: "code" | "link", verifyUrl?: string): Promise<boolean>;
+  /**
+   * Verify a user's email using a valid verification token.
+   * Supports both code (6-digit) and link (UUID) verification tokens.
+   */
+  verifyEmail(email: string, token: string, userRealmName?: string): Promise<void>;
+  /**
+   * Check if an email is verified.
+   */
+  isEmailVerified(email: string, userRealmName?: string): Promise<boolean>;
+  /**
+   * Find users with pagination and filtering.
+   */
+  findUsers(q?: UserQuery, userRealmName?: string): Promise<Page$1<UserEntity>>;
+  /**
+   * Get a user by ID.
+   */
+  getUserById(id: string, userRealmName?: string): Promise<UserEntity>;
+  /**
+   * Create a new user.
+   */
+  createUser(data: CreateUser, userRealmName?: string): Promise<UserEntity>;
+  /**
+   * Update an existing user.
+   */
+  updateUser(id: string, data: UpdateUser, userRealmName?: string): Promise<UserEntity>;
+  /**
+   * Delete a user by ID.
+   */
+  deleteUser(id: string, userRealmName?: string): Promise<void>;
+}
+//#endregion
+//#region ../../src/api/users/controllers/AdminUserController.d.ts
+declare class AdminUserController {
+  protected readonly url = "/users";
+  protected readonly group = "admin:users";
+  protected readonly userService: UserService;
+  /**
+   * Find users with pagination and filtering.
+   */
+  readonly findUsers: alepha_server0.ActionPrimitiveFn<{
+    query: alepha23.TObject<{
+      page: alepha23.TOptional<alepha23.TInteger>;
+      size: alepha23.TOptional<alepha23.TInteger>;
+      sort: alepha23.TOptional<alepha23.TString>;
+      email: alepha23.TOptional<alepha23.TString>;
+      enabled: alepha23.TOptional<alepha23.TBoolean>;
+      emailVerified: alepha23.TOptional<alepha23.TBoolean>;
+      roles: alepha23.TOptional<alepha23.TArray<alepha23.TString>>;
+      query: alepha23.TOptional<alepha23.TString>;
+      userRealmName: alepha23.TOptional<alepha23.TString>;
+    }>;
+    response: alepha23.TPage<alepha23.TObject<{
+      id: PgAttr<PgAttr<alepha23.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
+      version: PgAttr<PgAttr<alepha23.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
+      createdAt: PgAttr<PgAttr<alepha23.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
+      updatedAt: PgAttr<PgAttr<alepha23.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
+      realm: PgAttr<alepha23.TString, typeof PG_DEFAULT>;
+      username: alepha23.TOptional<alepha23.TString>;
+      email: alepha23.TOptional<alepha23.TString>;
+      phoneNumber: alepha23.TOptional<alepha23.TString>;
+      roles: PgAttr<alepha23.TArray<alepha23.TString>, typeof PG_DEFAULT>;
+      firstName: alepha23.TOptional<alepha23.TString>;
+      lastName: alepha23.TOptional<alepha23.TString>;
+      picture: alepha23.TOptional<alepha23.TString>;
+      enabled: PgAttr<alepha23.TBoolean, typeof PG_DEFAULT>;
+      emailVerified: PgAttr<alepha23.TBoolean, typeof PG_DEFAULT>;
+    }>>;
+  }>;
+  /**
+   * Get a user by ID.
+   */
+  readonly getUser: alepha_server0.ActionPrimitiveFn<{
+    params: alepha23.TObject<{
+      id: alepha23.TString;
+    }>;
+    query: alepha23.TObject<{
+      userRealmName: alepha23.TOptional<alepha23.TString>;
+    }>;
+    response: alepha23.TObject<{
+      id: PgAttr<PgAttr<alepha23.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
+      version: PgAttr<PgAttr<alepha23.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
+      createdAt: PgAttr<PgAttr<alepha23.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
+      updatedAt: PgAttr<PgAttr<alepha23.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
+      realm: PgAttr<alepha23.TString, typeof PG_DEFAULT>;
+      username: alepha23.TOptional<alepha23.TString>;
+      email: alepha23.TOptional<alepha23.TString>;
+      phoneNumber: alepha23.TOptional<alepha23.TString>;
+      roles: PgAttr<alepha23.TArray<alepha23.TString>, typeof PG_DEFAULT>;
+      firstName: alepha23.TOptional<alepha23.TString>;
+      lastName: alepha23.TOptional<alepha23.TString>;
+      picture: alepha23.TOptional<alepha23.TString>;
+      enabled: PgAttr<alepha23.TBoolean, typeof PG_DEFAULT>;
+      emailVerified: PgAttr<alepha23.TBoolean, typeof PG_DEFAULT>;
+    }>;
+  }>;
+  /**
+   * Create a new user.
+   */
+  readonly createUser: alepha_server0.ActionPrimitiveFn<{
+    query: alepha23.TObject<{
+      userRealmName: alepha23.TOptional<alepha23.TString>;
+    }>;
+    body: alepha23.TObject<{
+      id: alepha23.TOptional<PgAttr<PgAttr<alepha23.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>>;
+      version: alepha23.TOptional<PgAttr<PgAttr<alepha23.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>>;
+      email: alepha23.TOptional<alepha23.TOptional<alepha23.TString>>;
+      createdAt: alepha23.TOptional<PgAttr<PgAttr<alepha23.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>>;
+      updatedAt: alepha23.TOptional<PgAttr<PgAttr<alepha23.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>>;
+      username: alepha23.TOptional<alepha23.TOptional<alepha23.TString>>;
+      phoneNumber: alepha23.TOptional<alepha23.TOptional<alepha23.TString>>;
+      roles: alepha23.TOptional<alepha23.TArray<alepha23.TString>>;
+      firstName: alepha23.TOptional<alepha23.TOptional<alepha23.TString>>;
+      lastName: alepha23.TOptional<alepha23.TOptional<alepha23.TString>>;
+      picture: alepha23.TOptional<alepha23.TOptional<alepha23.TString>>;
+      enabled: alepha23.TOptional<PgAttr<alepha23.TBoolean, typeof PG_DEFAULT>>;
+      emailVerified: alepha23.TOptional<PgAttr<alepha23.TBoolean, typeof PG_DEFAULT>>;
+    }>;
+    response: alepha23.TObject<{
+      id: PgAttr<PgAttr<alepha23.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
+      version: PgAttr<PgAttr<alepha23.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
+      createdAt: PgAttr<PgAttr<alepha23.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
+      updatedAt: PgAttr<PgAttr<alepha23.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
+      realm: PgAttr<alepha23.TString, typeof PG_DEFAULT>;
+      username: alepha23.TOptional<alepha23.TString>;
+      email: alepha23.TOptional<alepha23.TString>;
+      phoneNumber: alepha23.TOptional<alepha23.TString>;
+      roles: PgAttr<alepha23.TArray<alepha23.TString>, typeof PG_DEFAULT>;
+      firstName: alepha23.TOptional<alepha23.TString>;
+      lastName: alepha23.TOptional<alepha23.TString>;
+      picture: alepha23.TOptional<alepha23.TString>;
+      enabled: PgAttr<alepha23.TBoolean, typeof PG_DEFAULT>;
+      emailVerified: PgAttr<alepha23.TBoolean, typeof PG_DEFAULT>;
+    }>;
+  }>;
+  /**
+   * Update a user.
+   */
+  readonly updateUser: alepha_server0.ActionPrimitiveFn<{
+    params: alepha23.TObject<{
+      id: alepha23.TString;
+    }>;
+    query: alepha23.TObject<{
+      userRealmName: alepha23.TOptional<alepha23.TString>;
+    }>;
+    body: alepha23.TObject<{
+      email: alepha23.TOptional<alepha23.TOptional<alepha23.TString>>;
+      realm: alepha23.TOptional<PgAttr<alepha23.TString, typeof PG_DEFAULT>>;
+      phoneNumber: alepha23.TOptional<alepha23.TOptional<alepha23.TString>>;
+      roles: alepha23.TOptional<alepha23.TArray<alepha23.TString>>;
+      firstName: alepha23.TOptional<alepha23.TOptional<alepha23.TString>>;
+      lastName: alepha23.TOptional<alepha23.TOptional<alepha23.TString>>;
+      picture: alepha23.TOptional<alepha23.TOptional<alepha23.TString>>;
+      enabled: alepha23.TOptional<PgAttr<alepha23.TBoolean, typeof PG_DEFAULT>>;
+    }>;
+    response: alepha23.TObject<{
+      id: PgAttr<PgAttr<alepha23.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
+      version: PgAttr<PgAttr<alepha23.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
+      createdAt: PgAttr<PgAttr<alepha23.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
+      updatedAt: PgAttr<PgAttr<alepha23.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
+      realm: PgAttr<alepha23.TString, typeof PG_DEFAULT>;
+      username: alepha23.TOptional<alepha23.TString>;
+      email: alepha23.TOptional<alepha23.TString>;
+      phoneNumber: alepha23.TOptional<alepha23.TString>;
+      roles: PgAttr<alepha23.TArray<alepha23.TString>, typeof PG_DEFAULT>;
+      firstName: alepha23.TOptional<alepha23.TString>;
+      lastName: alepha23.TOptional<alepha23.TString>;
+      picture: alepha23.TOptional<alepha23.TString>;
+      enabled: PgAttr<alepha23.TBoolean, typeof PG_DEFAULT>;
+      emailVerified: PgAttr<alepha23.TBoolean, typeof PG_DEFAULT>;
+    }>;
+  }>;
+  /**
+   * Delete a user.
+   */
+  readonly deleteUser: alepha_server0.ActionPrimitiveFn<{
+    params: alepha23.TObject<{
+      id: alepha23.TString;
+    }>;
+    query: alepha23.TObject<{
+      userRealmName: alepha23.TOptional<alepha23.TString>;
+    }>;
+    response: alepha23.TObject<{
+      ok: alepha23.TBoolean;
+      id: alepha23.TOptional<alepha23.TUnion<[alepha23.TString, alepha23.TInteger]>>;
+      count: alepha23.TOptional<alepha23.TNumber>;
+    }>;
+  }>;
+}
+//#endregion
+//#region ../../src/api/users/schemas/completePasswordResetRequestSchema.d.ts
+/**
+ * Request schema for completing a password reset.
+ *
+ * Requires the intent ID from Phase 1, the verification code,
+ * and the new password.
+ */
+declare const completePasswordResetRequestSchema: alepha23.TObject<{
+  intentId: alepha23.TString;
+  code: alepha23.TString;
+  newPassword: alepha23.TString;
+}>;
+type CompletePasswordResetRequest = Static<typeof completePasswordResetRequestSchema>;
+//#endregion
+//#region ../../src/api/users/schemas/passwordResetIntentResponseSchema.d.ts
+/**
+ * Response schema for password reset intent creation.
+ *
+ * Contains the intent ID needed for Phase 2 completion,
+ * along with expiration time.
+ */
+declare const passwordResetIntentResponseSchema: alepha23.TObject<{
+  intentId: alepha23.TString;
+  expiresAt: alepha23.TString;
+}>;
+type PasswordResetIntentResponse = Static<typeof passwordResetIntentResponseSchema>;
+//#endregion
+//#region ../../src/api/users/services/CredentialService.d.ts
+/**
+ * Intent stored in cache during the password reset flow.
+ */
+interface PasswordResetIntent {
+  email: string;
+  userId: string;
+  identityId: string;
+  realmName?: string;
+  expiresAt: string;
+}
+declare class CredentialService {
+  protected readonly log: alepha_logger5.Logger;
+  protected readonly cryptoProvider: CryptoProvider;
+  protected readonly dateTimeProvider: DateTimeProvider;
+  protected readonly verificationController: alepha_server_links0.HttpVirtualClient<VerificationController>;
+  protected readonly userNotifications: UserNotifications;
+  protected readonly userRealmProvider: UserRealmProvider;
+  protected readonly auditService: AuditService;
+  protected readonly intentCache: alepha_cache0.CachePrimitiveFn<PasswordResetIntent, any[]>;
+  users(userRealmName?: string): Repository$1<alepha23.TObject<{
+    id: PgAttr<PgAttr<alepha23.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
+    version: PgAttr<PgAttr<alepha23.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
+    createdAt: PgAttr<PgAttr<alepha23.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
+    updatedAt: PgAttr<PgAttr<alepha23.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
+    realm: PgAttr<alepha23.TString, typeof PG_DEFAULT>;
+    username: alepha23.TOptional<alepha23.TString>;
+    email: alepha23.TOptional<alepha23.TString>;
+    phoneNumber: alepha23.TOptional<alepha23.TString>;
+    roles: PgAttr<alepha23.TArray<alepha23.TString>, typeof PG_DEFAULT>;
+    firstName: alepha23.TOptional<alepha23.TString>;
+    lastName: alepha23.TOptional<alepha23.TString>;
+    picture: alepha23.TOptional<alepha23.TString>;
+    enabled: PgAttr<alepha23.TBoolean, typeof PG_DEFAULT>;
+    emailVerified: PgAttr<alepha23.TBoolean, typeof PG_DEFAULT>;
+  }>>;
+  sessions(userRealmName?: string): Repository$1<alepha23.TObject<{
+    id: PgAttr<PgAttr<alepha23.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
+    version: PgAttr<PgAttr<alepha23.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
+    createdAt: PgAttr<PgAttr<alepha23.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
+    updatedAt: PgAttr<PgAttr<alepha23.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
+    refreshToken: alepha23.TString;
+    userId: PgAttr<alepha23.TString, typeof PG_REF>;
+    expiresAt: alepha23.TString;
+    ip: alepha23.TOptional<alepha23.TString>;
+    userAgent: alepha23.TOptional<alepha23.TObject<{
+      os: alepha23.TString;
+      browser: alepha23.TString;
+      device: alepha23.TUnsafe<"MOBILE" | "DESKTOP" | "TABLET">;
+    }>>;
   }>>;
-  identities(userRealmName?: string): Repository$1<alepha1.TObject<{
-    id: PgAttr<PgAttr<alepha1.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
-    version: PgAttr<PgAttr<alepha1.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
-    createdAt: PgAttr<PgAttr<alepha1.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
-    updatedAt: PgAttr<PgAttr<alepha1.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
-    userId: PgAttr<alepha1.TString, typeof PG_REF>;
-    password: alepha1.TOptional<alepha1.TString>;
-    provider: alepha1.TString;
-    providerUserId: alepha1.TOptional<alepha1.TString>;
-    providerData: alepha1.TOptional<alepha1.TRecord<string, alepha1.TAny>>;
+  identities(userRealmName?: string): Repository$1<alepha23.TObject<{
+    id: PgAttr<PgAttr<alepha23.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
+    version: PgAttr<PgAttr<alepha23.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
+    createdAt: PgAttr<PgAttr<alepha23.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
+    updatedAt: PgAttr<PgAttr<alepha23.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
+    userId: PgAttr<alepha23.TString, typeof PG_REF>;
+    password: alepha23.TOptional<alepha23.TString>;
+    provider: alepha23.TString;
+    providerUserId: alepha23.TOptional<alepha23.TString>;
+    providerData: alepha23.TOptional<alepha23.TRecord<string, alepha23.TAny>>;
   }>>;
   /**
    * Phase 1: Create a password reset intent.
@@ -2112,11 +2379,11 @@ declare class CredentialService {
 }
 //#endregion
 //#region ../../src/api/users/schemas/completeRegistrationRequestSchema.d.ts
-declare const completeRegistrationRequestSchema: alepha1.TObject<{
-  intentId: alepha1.TString;
-  emailCode: alepha1.TOptional<alepha1.TString>;
-  phoneCode: alepha1.TOptional<alepha1.TString>;
-  captchaToken: alepha1.TOptional<alepha1.TString>;
+declare const completeRegistrationRequestSchema: alepha23.TObject<{
+  intentId: alepha23.TString;
+  emailCode: alepha23.TOptional<alepha23.TString>;
+  phoneCode: alepha23.TOptional<alepha23.TString>;
+  captchaToken: alepha23.TOptional<alepha23.TString>;
 }>;
 type CompleteRegistrationRequest = Static<typeof completeRegistrationRequestSchema>;
 //#endregion
@@ -2125,24 +2392,24 @@ type CompleteRegistrationRequest = Static<typeof completeRegistrationRequestSche
  * Schema for user registration request body.
  * Password is always required, other fields depend on realm settings.
  */
-declare const registerRequestSchema: alepha1.TObject<{
-  password: alepha1.TString;
-  username: alepha1.TOptional<alepha1.TString>;
-  email: alepha1.TOptional<alepha1.TString>;
-  phoneNumber: alepha1.TOptional<alepha1.TString>;
-  firstName: alepha1.TOptional<alepha1.TString>;
-  lastName: alepha1.TOptional<alepha1.TString>;
-  picture: alepha1.TOptional<alepha1.TString>;
+declare const registerRequestSchema: alepha23.TObject<{
+  password: alepha23.TString;
+  username: alepha23.TOptional<alepha23.TString>;
+  email: alepha23.TOptional<alepha23.TString>;
+  phoneNumber: alepha23.TOptional<alepha23.TString>;
+  firstName: alepha23.TOptional<alepha23.TString>;
+  lastName: alepha23.TOptional<alepha23.TString>;
+  picture: alepha23.TOptional<alepha23.TString>;
 }>;
 type RegisterRequest = Static<typeof registerRequestSchema>;
 //#endregion
 //#region ../../src/api/users/schemas/registrationIntentResponseSchema.d.ts
-declare const registrationIntentResponseSchema: alepha1.TObject<{
-  intentId: alepha1.TString;
-  expectCaptcha: alepha1.TBoolean;
-  expectEmailVerification: alepha1.TBoolean;
-  expectPhoneVerification: alepha1.TBoolean;
-  expiresAt: alepha1.TString;
+declare const registrationIntentResponseSchema: alepha23.TObject<{
+  intentId: alepha23.TString;
+  expectCaptcha: alepha23.TBoolean;
+  expectEmailVerification: alepha23.TBoolean;
+  expectPhoneVerification: alepha23.TBoolean;
+  expiresAt: alepha23.TString;
 }>;
 type RegistrationIntentResponse = Static<typeof registrationIntentResponseSchema>;
 //#endregion
@@ -2169,12 +2436,13 @@ interface RegistrationIntent {
   expiresAt: string;
 }
 declare class RegistrationService {
-  protected readonly log: alepha_logger0.Logger;
+  protected readonly log: alepha_logger5.Logger;
   protected readonly dateTimeProvider: DateTimeProvider;
   protected readonly cryptoProvider: CryptoProvider;
   protected readonly verificationController: alepha_server_links0.HttpVirtualClient<VerificationController>;
   protected readonly userNotifications: UserNotifications;
   protected readonly userRealmProvider: UserRealmProvider;
+  protected readonly auditService: AuditService;
   protected readonly intentCache: alepha_cache0.CachePrimitiveFn<RegistrationIntent, any[]>;
   /**
    * Phase 1: Create a registration intent.
@@ -2212,111 +2480,6 @@ declare class RegistrationService {
   protected verifyPhoneCode(phoneNumber: string, code: string): Promise<void>;
 }
 //#endregion
-//#region ../../src/api/users/schemas/createUserSchema.d.ts
-declare const createUserSchema: alepha1.TObject<{
-  username: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-  email: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-  phoneNumber: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-  firstName: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-  lastName: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-  picture: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-  enabled: alepha1.TOptional<PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>>;
-  emailVerified: alepha1.TOptional<PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>>;
-  roles: alepha1.TOptional<alepha1.TArray<alepha1.TString>>;
-  id: alepha1.TOptional<PgAttr<PgAttr<alepha1.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>>;
-  version: alepha1.TOptional<PgAttr<PgAttr<alepha1.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>>;
-  createdAt: alepha1.TOptional<PgAttr<PgAttr<alepha1.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>>;
-  updatedAt: alepha1.TOptional<PgAttr<PgAttr<alepha1.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>>;
-}>;
-type CreateUser = Static<typeof createUserSchema>;
-//#endregion
-//#region ../../src/api/users/schemas/updateUserSchema.d.ts
-declare const updateUserSchema: alepha1.TObject<{
-  email: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-  phoneNumber: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-  firstName: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-  lastName: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-  picture: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-  enabled: alepha1.TOptional<PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>>;
-  roles: alepha1.TOptional<alepha1.TArray<alepha1.TString>>;
-  realm: alepha1.TOptional<PgAttr<alepha1.TString, typeof PG_DEFAULT>>;
-}>;
-type UpdateUser = Static<typeof updateUserSchema>;
-//#endregion
-//#region ../../src/api/users/schemas/userQuerySchema.d.ts
-declare const userQuerySchema: alepha1.TObject<{
-  page: alepha1.TOptional<alepha1.TInteger>;
-  size: alepha1.TOptional<alepha1.TInteger>;
-  sort: alepha1.TOptional<alepha1.TString>;
-  email: alepha1.TOptional<alepha1.TString>;
-  enabled: alepha1.TOptional<alepha1.TBoolean>;
-  emailVerified: alepha1.TOptional<alepha1.TBoolean>;
-  roles: alepha1.TOptional<alepha1.TArray<alepha1.TString>>;
-  query: alepha1.TOptional<alepha1.TString>;
-}>;
-type UserQuery = Static<typeof userQuerySchema>;
-//#endregion
-//#region ../../src/api/users/services/UserService.d.ts
-declare class UserService {
-  protected readonly log: alepha_logger0.Logger;
-  protected readonly verificationController: alepha_server_links0.HttpVirtualClient<VerificationController>;
-  protected readonly userNotifications: UserNotifications;
-  protected readonly userRealmProvider: UserRealmProvider;
-  users(userRealmName?: string): alepha_orm179.Repository<alepha1.TObject<{
-    id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-    version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-    createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-    updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-    realm: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_DEFAULT>;
-    username: alepha1.TOptional<alepha1.TString>;
-    email: alepha1.TOptional<alepha1.TString>;
-    phoneNumber: alepha1.TOptional<alepha1.TString>;
-    roles: alepha_orm179.PgAttr<alepha1.TArray<alepha1.TString>, typeof alepha_orm179.PG_DEFAULT>;
-    firstName: alepha1.TOptional<alepha1.TString>;
-    lastName: alepha1.TOptional<alepha1.TString>;
-    picture: alepha1.TOptional<alepha1.TString>;
-    enabled: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-    emailVerified: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-  }>>;
-  /**
-   * Request email verification for a user.
-   * @param email - The email address to verify.
-   * @param userRealmName - Optional realm name.
-   * @param method - The verification method: "code" (default) or "link".
-   * @param verifyUrl - Base URL for verification link (required when method is "link").
-   */
-  requestEmailVerification(email: string, userRealmName?: string, method?: "code" | "link", verifyUrl?: string): Promise<boolean>;
-  /**
-   * Verify a user's email using a valid verification token.
-   * Supports both code (6-digit) and link (UUID) verification tokens.
-   */
-  verifyEmail(email: string, token: string, userRealmName?: string): Promise<void>;
-  /**
-   * Check if an email is verified.
-   */
-  isEmailVerified(email: string, userRealmName?: string): Promise<boolean>;
-  /**
-   * Find users with pagination and filtering.
-   */
-  findUsers(q?: UserQuery, userRealmName?: string): Promise<Page$1<UserEntity>>;
-  /**
-   * Get a user by ID.
-   */
-  getUserById(id: string, userRealmName?: string): Promise<UserEntity>;
-  /**
-   * Create a new user.
-   */
-  createUser(data: CreateUser, userRealmName?: string): Promise<UserEntity>;
-  /**
-   * Update an existing user.
-   */
-  updateUser(id: string, data: UpdateUser, userRealmName?: string): Promise<UserEntity>;
-  /**
-   * Delete a user by ID.
-   */
-  deleteUser(id: string, userRealmName?: string): Promise<void>;
-}
-//#endregion
 //#region ../../src/api/users/controllers/UserController.d.ts
 declare class UserController {
   protected readonly url = "/users";
@@ -2328,282 +2491,131 @@ declare class UserController {
    * Phase 1: Create a registration intent.
    * Validates data, creates verification sessions, and stores intent in cache.
    */
-  readonly createRegistrationIntent: alepha_server14.ActionPrimitiveFn<{
-    body: alepha1.TObject<{
-      password: alepha1.TString;
-      username: alepha1.TOptional<alepha1.TString>;
-      email: alepha1.TOptional<alepha1.TString>;
-      phoneNumber: alepha1.TOptional<alepha1.TString>;
-      firstName: alepha1.TOptional<alepha1.TString>;
-      lastName: alepha1.TOptional<alepha1.TString>;
-      picture: alepha1.TOptional<alepha1.TString>;
-    }>;
-    query: alepha1.TObject<{
-      userRealmName: alepha1.TOptional<alepha1.TString>;
-    }>;
-    response: alepha1.TObject<{
-      intentId: alepha1.TString;
-      expectCaptcha: alepha1.TBoolean;
-      expectEmailVerification: alepha1.TBoolean;
-      expectPhoneVerification: alepha1.TBoolean;
-      expiresAt: alepha1.TString;
-    }>;
-  }>;
-  /**
-   * Find users with pagination and filtering.
-   */
-  readonly findUsers: alepha_server14.ActionPrimitiveFn<{
-    query: alepha1.TObject<{
-      page: alepha1.TOptional<alepha1.TInteger>;
-      size: alepha1.TOptional<alepha1.TInteger>;
-      sort: alepha1.TOptional<alepha1.TString>;
-      email: alepha1.TOptional<alepha1.TString>;
-      enabled: alepha1.TOptional<alepha1.TBoolean>;
-      emailVerified: alepha1.TOptional<alepha1.TBoolean>;
-      roles: alepha1.TOptional<alepha1.TArray<alepha1.TString>>;
-      query: alepha1.TOptional<alepha1.TString>;
-      userRealmName: alepha1.TOptional<alepha1.TString>;
-    }>;
-    response: alepha1.TPage<alepha1.TObject<{
-      id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-      version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-      createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-      updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-      realm: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_DEFAULT>;
-      username: alepha1.TOptional<alepha1.TString>;
-      email: alepha1.TOptional<alepha1.TString>;
-      phoneNumber: alepha1.TOptional<alepha1.TString>;
-      roles: alepha_orm179.PgAttr<alepha1.TArray<alepha1.TString>, typeof alepha_orm179.PG_DEFAULT>;
-      firstName: alepha1.TOptional<alepha1.TString>;
-      lastName: alepha1.TOptional<alepha1.TString>;
-      picture: alepha1.TOptional<alepha1.TString>;
-      enabled: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-      emailVerified: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-    }>>;
-  }>;
-  /**
-   * Get a user by ID.
-   */
-  readonly getUser: alepha_server14.ActionPrimitiveFn<{
-    params: alepha1.TObject<{
-      id: alepha1.TString;
-    }>;
-    query: alepha1.TObject<{
-      userRealmName: alepha1.TOptional<alepha1.TString>;
-    }>;
-    response: alepha1.TObject<{
-      id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-      version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-      createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-      updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-      realm: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_DEFAULT>;
-      username: alepha1.TOptional<alepha1.TString>;
-      email: alepha1.TOptional<alepha1.TString>;
-      phoneNumber: alepha1.TOptional<alepha1.TString>;
-      roles: alepha_orm179.PgAttr<alepha1.TArray<alepha1.TString>, typeof alepha_orm179.PG_DEFAULT>;
-      firstName: alepha1.TOptional<alepha1.TString>;
-      lastName: alepha1.TOptional<alepha1.TString>;
-      picture: alepha1.TOptional<alepha1.TString>;
-      enabled: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-      emailVerified: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-    }>;
-  }>;
-  /**
-   * Create a new user.
-   */
-  readonly createUser: alepha_server14.ActionPrimitiveFn<{
-    query: alepha1.TObject<{
-      userRealmName: alepha1.TOptional<alepha1.TString>;
+  readonly createRegistrationIntent: alepha_server0.ActionPrimitiveFn<{
+    body: alepha23.TObject<{
+      password: alepha23.TString;
+      username: alepha23.TOptional<alepha23.TString>;
+      email: alepha23.TOptional<alepha23.TString>;
+      phoneNumber: alepha23.TOptional<alepha23.TString>;
+      firstName: alepha23.TOptional<alepha23.TString>;
+      lastName: alepha23.TOptional<alepha23.TString>;
+      picture: alepha23.TOptional<alepha23.TString>;
     }>;
-    body: alepha1.TObject<{
-      username: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-      email: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-      phoneNumber: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-      firstName: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-      lastName: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-      picture: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-      enabled: alepha1.TOptional<alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>>;
-      emailVerified: alepha1.TOptional<alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>>;
-      roles: alepha1.TOptional<alepha1.TArray<alepha1.TString>>;
-      id: alepha1.TOptional<alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>>;
-      version: alepha1.TOptional<alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>>;
-      createdAt: alepha1.TOptional<alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>>;
-      updatedAt: alepha1.TOptional<alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>>;
+    query: alepha23.TObject<{
+      userRealmName: alepha23.TOptional<alepha23.TString>;
     }>;
-    response: alepha1.TObject<{
-      id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-      version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-      createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-      updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-      realm: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_DEFAULT>;
-      username: alepha1.TOptional<alepha1.TString>;
-      email: alepha1.TOptional<alepha1.TString>;
-      phoneNumber: alepha1.TOptional<alepha1.TString>;
-      roles: alepha_orm179.PgAttr<alepha1.TArray<alepha1.TString>, typeof alepha_orm179.PG_DEFAULT>;
-      firstName: alepha1.TOptional<alepha1.TString>;
-      lastName: alepha1.TOptional<alepha1.TString>;
-      picture: alepha1.TOptional<alepha1.TString>;
-      enabled: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-      emailVerified: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
+    response: alepha23.TObject<{
+      intentId: alepha23.TString;
+      expectCaptcha: alepha23.TBoolean;
+      expectEmailVerification: alepha23.TBoolean;
+      expectPhoneVerification: alepha23.TBoolean;
+      expiresAt: alepha23.TString;
     }>;
   }>;
   /**
    * Phase 2: Complete registration using an intent.
    * Validates verification codes and creates the user.
    */
-  readonly createUserFromIntent: alepha_server14.ActionPrimitiveFn<{
-    body: alepha1.TObject<{
-      intentId: alepha1.TString;
-      emailCode: alepha1.TOptional<alepha1.TString>;
-      phoneCode: alepha1.TOptional<alepha1.TString>;
-      captchaToken: alepha1.TOptional<alepha1.TString>;
+  readonly createUserFromIntent: alepha_server0.ActionPrimitiveFn<{
+    body: alepha23.TObject<{
+      intentId: alepha23.TString;
+      emailCode: alepha23.TOptional<alepha23.TString>;
+      phoneCode: alepha23.TOptional<alepha23.TString>;
+      captchaToken: alepha23.TOptional<alepha23.TString>;
     }>;
-    response: alepha1.TObject<{
-      id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-      version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-      createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-      updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-      realm: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_DEFAULT>;
-      username: alepha1.TOptional<alepha1.TString>;
-      email: alepha1.TOptional<alepha1.TString>;
-      phoneNumber: alepha1.TOptional<alepha1.TString>;
-      roles: alepha_orm179.PgAttr<alepha1.TArray<alepha1.TString>, typeof alepha_orm179.PG_DEFAULT>;
-      firstName: alepha1.TOptional<alepha1.TString>;
-      lastName: alepha1.TOptional<alepha1.TString>;
-      picture: alepha1.TOptional<alepha1.TString>;
-      enabled: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-      emailVerified: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-    }>;
-  }>;
-  /**
-   * Update a user.
-   */
-  readonly updateUser: alepha_server14.ActionPrimitiveFn<{
-    params: alepha1.TObject<{
-      id: alepha1.TString;
-    }>;
-    query: alepha1.TObject<{
-      userRealmName: alepha1.TOptional<alepha1.TString>;
-    }>;
-    body: alepha1.TObject<{
-      email: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-      phoneNumber: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-      firstName: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-      lastName: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-      picture: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-      enabled: alepha1.TOptional<alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>>;
-      roles: alepha1.TOptional<alepha1.TArray<alepha1.TString>>;
-      realm: alepha1.TOptional<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_DEFAULT>>;
-    }>;
-    response: alepha1.TObject<{
-      id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-      version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-      createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-      updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-      realm: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_DEFAULT>;
-      username: alepha1.TOptional<alepha1.TString>;
-      email: alepha1.TOptional<alepha1.TString>;
-      phoneNumber: alepha1.TOptional<alepha1.TString>;
-      roles: alepha_orm179.PgAttr<alepha1.TArray<alepha1.TString>, typeof alepha_orm179.PG_DEFAULT>;
-      firstName: alepha1.TOptional<alepha1.TString>;
-      lastName: alepha1.TOptional<alepha1.TString>;
-      picture: alepha1.TOptional<alepha1.TString>;
-      enabled: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-      emailVerified: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-    }>;
-  }>;
-  /**
-   * Delete a user.
-   */
-  readonly deleteUser: alepha_server14.ActionPrimitiveFn<{
-    params: alepha1.TObject<{
-      id: alepha1.TString;
-    }>;
-    query: alepha1.TObject<{
-      userRealmName: alepha1.TOptional<alepha1.TString>;
-    }>;
-    response: alepha1.TObject<{
-      ok: alepha1.TBoolean;
-      id: alepha1.TOptional<alepha1.TUnion<[alepha1.TString, alepha1.TInteger]>>;
-      count: alepha1.TOptional<alepha1.TNumber>;
+    response: alepha23.TObject<{
+      id: PgAttr<PgAttr<alepha23.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
+      version: PgAttr<PgAttr<alepha23.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
+      createdAt: PgAttr<PgAttr<alepha23.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
+      updatedAt: PgAttr<PgAttr<alepha23.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
+      realm: PgAttr<alepha23.TString, typeof PG_DEFAULT>;
+      username: alepha23.TOptional<alepha23.TString>;
+      email: alepha23.TOptional<alepha23.TString>;
+      phoneNumber: alepha23.TOptional<alepha23.TString>;
+      roles: PgAttr<alepha23.TArray<alepha23.TString>, typeof PG_DEFAULT>;
+      firstName: alepha23.TOptional<alepha23.TString>;
+      lastName: alepha23.TOptional<alepha23.TString>;
+      picture: alepha23.TOptional<alepha23.TString>;
+      enabled: PgAttr<alepha23.TBoolean, typeof PG_DEFAULT>;
+      emailVerified: PgAttr<alepha23.TBoolean, typeof PG_DEFAULT>;
     }>;
   }>;
   /**
    * Phase 1: Create a password reset intent.
    * Validates email, sends verification code, and stores intent in cache.
    */
-  readonly createPasswordResetIntent: alepha_server14.ActionPrimitiveFn<{
-    query: alepha1.TObject<{
-      userRealmName: alepha1.TOptional<alepha1.TString>;
+  readonly createPasswordResetIntent: alepha_server0.ActionPrimitiveFn<{
+    query: alepha23.TObject<{
+      userRealmName: alepha23.TOptional<alepha23.TString>;
     }>;
-    body: alepha1.TObject<{
-      email: alepha1.TString;
+    body: alepha23.TObject<{
+      email: alepha23.TString;
     }>;
-    response: alepha1.TObject<{
-      intentId: alepha1.TString;
-      expiresAt: alepha1.TString;
+    response: alepha23.TObject<{
+      intentId: alepha23.TString;
+      expiresAt: alepha23.TString;
     }>;
   }>;
   /**
    * Phase 2: Complete password reset using an intent.
    * Validates verification code, updates password, and invalidates sessions.
    */
-  readonly completePasswordReset: alepha_server14.ActionPrimitiveFn<{
-    body: alepha1.TObject<{
-      intentId: alepha1.TString;
-      code: alepha1.TString;
-      newPassword: alepha1.TString;
+  readonly completePasswordReset: alepha_server0.ActionPrimitiveFn<{
+    body: alepha23.TObject<{
+      intentId: alepha23.TString;
+      code: alepha23.TString;
+      newPassword: alepha23.TString;
     }>;
-    response: alepha1.TObject<{
-      ok: alepha1.TBoolean;
-      id: alepha1.TOptional<alepha1.TUnion<[alepha1.TString, alepha1.TInteger]>>;
-      count: alepha1.TOptional<alepha1.TNumber>;
+    response: alepha23.TObject<{
+      ok: alepha23.TBoolean;
+      id: alepha23.TOptional<alepha23.TUnion<[alepha23.TString, alepha23.TInteger]>>;
+      count: alepha23.TOptional<alepha23.TNumber>;
     }>;
   }>;
   /**
    * @deprecated Use createPasswordResetIntent instead
    */
-  requestPasswordReset: alepha_server14.ActionPrimitiveFn<{
-    query: alepha1.TObject<{
-      userRealmName: alepha1.TOptional<alepha1.TString>;
+  requestPasswordReset: alepha_server0.ActionPrimitiveFn<{
+    query: alepha23.TObject<{
+      userRealmName: alepha23.TOptional<alepha23.TString>;
     }>;
-    body: alepha1.TObject<{
-      email: alepha1.TString;
+    body: alepha23.TObject<{
+      email: alepha23.TString;
     }>;
-    response: alepha1.TObject<{
-      success: alepha1.TBoolean;
-      message: alepha1.TString;
+    response: alepha23.TObject<{
+      success: alepha23.TBoolean;
+      message: alepha23.TString;
     }>;
   }>;
   /**
    * @deprecated Use completePasswordReset instead
    */
-  validateResetToken: alepha_server14.ActionPrimitiveFn<{
-    query: alepha1.TObject<{
-      email: alepha1.TString;
-      token: alepha1.TString;
-      userRealmName: alepha1.TOptional<alepha1.TString>;
+  validateResetToken: alepha_server0.ActionPrimitiveFn<{
+    query: alepha23.TObject<{
+      email: alepha23.TString;
+      token: alepha23.TString;
+      userRealmName: alepha23.TOptional<alepha23.TString>;
     }>;
-    response: alepha1.TObject<{
-      valid: alepha1.TBoolean;
-      email: alepha1.TOptional<alepha1.TString>;
+    response: alepha23.TObject<{
+      valid: alepha23.TBoolean;
+      email: alepha23.TOptional<alepha23.TString>;
     }>;
   }>;
   /**
    * @deprecated Use completePasswordReset instead
    */
-  resetPassword: alepha_server14.ActionPrimitiveFn<{
-    query: alepha1.TObject<{
-      userRealmName: alepha1.TOptional<alepha1.TString>;
+  resetPassword: alepha_server0.ActionPrimitiveFn<{
+    query: alepha23.TObject<{
+      userRealmName: alepha23.TOptional<alepha23.TString>;
     }>;
-    body: alepha1.TObject<{
-      email: alepha1.TString;
-      token: alepha1.TString;
-      newPassword: alepha1.TString;
+    body: alepha23.TObject<{
+      email: alepha23.TString;
+      token: alepha23.TString;
+      newPassword: alepha23.TString;
     }>;
-    response: alepha1.TObject<{
-      success: alepha1.TBoolean;
-      message: alepha1.TString;
+    response: alepha23.TObject<{
+      success: alepha23.TBoolean;
+      message: alepha23.TString;
     }>;
   }>;
   /**
@@ -2612,47 +2624,47 @@ declare class UserController {
    * @param method - The verification method: "code" (default) sends a 6-digit code, "link" sends a clickable verification link.
    * @param verifyUrl - Required when method is "link". The base URL for the verification link. Token and email will be appended as query params.
    */
-  requestEmailVerification: alepha_server14.ActionPrimitiveFn<{
-    query: alepha1.TObject<{
-      userRealmName: alepha1.TOptional<alepha1.TString>;
-      method: alepha1.TOptional<alepha1.TUnsafe<"link" | "code">>;
-      verifyUrl: alepha1.TOptional<alepha1.TString>;
+  requestEmailVerification: alepha_server0.ActionPrimitiveFn<{
+    query: alepha23.TObject<{
+      userRealmName: alepha23.TOptional<alepha23.TString>;
+      method: alepha23.TOptional<alepha23.TUnsafe<"link" | "code">>;
+      verifyUrl: alepha23.TOptional<alepha23.TString>;
     }>;
-    body: alepha1.TObject<{
-      email: alepha1.TString;
+    body: alepha23.TObject<{
+      email: alepha23.TString;
     }>;
-    response: alepha1.TObject<{
-      success: alepha1.TBoolean;
-      message: alepha1.TString;
+    response: alepha23.TObject<{
+      success: alepha23.TBoolean;
+      message: alepha23.TString;
     }>;
   }>;
   /**
    * Verify email with a valid token.
    * Updates the user's emailVerified status.
    */
-  verifyEmail: alepha_server14.ActionPrimitiveFn<{
-    query: alepha1.TObject<{
-      userRealmName: alepha1.TOptional<alepha1.TString>;
+  verifyEmail: alepha_server0.ActionPrimitiveFn<{
+    query: alepha23.TObject<{
+      userRealmName: alepha23.TOptional<alepha23.TString>;
     }>;
-    body: alepha1.TObject<{
-      email: alepha1.TString;
-      token: alepha1.TString;
+    body: alepha23.TObject<{
+      email: alepha23.TString;
+      token: alepha23.TString;
     }>;
-    response: alepha1.TObject<{
-      success: alepha1.TBoolean;
-      message: alepha1.TString;
+    response: alepha23.TObject<{
+      success: alepha23.TBoolean;
+      message: alepha23.TString;
     }>;
   }>;
   /**
    * Check if an email is verified.
    */
-  checkEmailVerification: alepha_server14.ActionPrimitiveFn<{
-    query: alepha1.TObject<{
-      email: alepha1.TString;
-      userRealmName: alepha1.TOptional<alepha1.TString>;
+  checkEmailVerification: alepha_server0.ActionPrimitiveFn<{
+    query: alepha23.TObject<{
+      email: alepha23.TString;
+      userRealmName: alepha23.TOptional<alepha23.TString>;
     }>;
-    response: alepha1.TObject<{
-      verified: alepha1.TBoolean;
+    response: alepha23.TObject<{
+      verified: alepha23.TBoolean;
     }>;
   }>;
 }
@@ -2664,172 +2676,173 @@ declare class UserController {
  */
 declare class UserRealmController {
   protected readonly url = "/realms";
+  protected readonly group = "realms";
   protected readonly userRealmProvider: UserRealmProvider;
   protected readonly serverAuthProvider: ServerAuthProvider;
   /**
    * Get realm configuration settings.
    * This endpoint is not exposed in the API documentation.
    */
-  readonly getRealmConfig: alepha_server14.ActionPrimitiveFn<{
-    query: alepha1.TObject<{
-      userRealmName: alepha1.TOptional<alepha1.TString>;
+  readonly getRealmConfig: alepha_server0.ActionPrimitiveFn<{
+    query: alepha23.TObject<{
+      userRealmName: alepha23.TOptional<alepha23.TString>;
     }>;
-    response: alepha1.TObject<{
-      settings: alepha1.TObject<{
-        displayName: alepha1.TOptional<alepha1.TString>;
-        description: alepha1.TOptional<alepha1.TString>;
-        logoUrl: alepha1.TOptional<alepha1.TString>;
-        registrationAllowed: alepha1.TBoolean;
-        emailEnabled: alepha1.TBoolean;
-        emailRequired: alepha1.TBoolean;
-        usernameEnabled: alepha1.TBoolean;
-        usernameRequired: alepha1.TBoolean;
-        phoneEnabled: alepha1.TBoolean;
-        phoneRequired: alepha1.TBoolean;
-        verifyEmailRequired: alepha1.TBoolean;
-        verifyPhoneRequired: alepha1.TBoolean;
-        firstNameLastNameEnabled: alepha1.TBoolean;
-        firstNameLastNameRequired: alepha1.TBoolean;
-        resetPasswordAllowed: alepha1.TBoolean;
-        passwordPolicy: alepha1.TObject<{
-          minLength: alepha1.TInteger;
-          requireUppercase: alepha1.TBoolean;
-          requireLowercase: alepha1.TBoolean;
-          requireNumbers: alepha1.TBoolean;
-          requireSpecialCharacters: alepha1.TBoolean;
+    response: alepha23.TObject<{
+      settings: alepha23.TObject<{
+        displayName: alepha23.TOptional<alepha23.TString>;
+        description: alepha23.TOptional<alepha23.TString>;
+        logoUrl: alepha23.TOptional<alepha23.TString>;
+        registrationAllowed: alepha23.TBoolean;
+        emailEnabled: alepha23.TBoolean;
+        emailRequired: alepha23.TBoolean;
+        usernameEnabled: alepha23.TBoolean;
+        usernameRequired: alepha23.TBoolean;
+        phoneEnabled: alepha23.TBoolean;
+        phoneRequired: alepha23.TBoolean;
+        verifyEmailRequired: alepha23.TBoolean;
+        verifyPhoneRequired: alepha23.TBoolean;
+        firstNameLastNameEnabled: alepha23.TBoolean;
+        firstNameLastNameRequired: alepha23.TBoolean;
+        resetPasswordAllowed: alepha23.TBoolean;
+        passwordPolicy: alepha23.TObject<{
+          minLength: alepha23.TInteger;
+          requireUppercase: alepha23.TBoolean;
+          requireLowercase: alepha23.TBoolean;
+          requireNumbers: alepha23.TBoolean;
+          requireSpecialCharacters: alepha23.TBoolean;
         }>;
       }>;
-      realmName: alepha1.TString;
-      authenticationMethods: alepha1.TArray<alepha1.TObject<{
-        name: alepha1.TString;
-        type: alepha1.TUnsafe<"OAUTH2" | "OIDC" | "CREDENTIALS">;
+      realmName: alepha23.TString;
+      authenticationMethods: alepha23.TArray<alepha23.TObject<{
+        name: alepha23.TString;
+        type: alepha23.TUnsafe<"OAUTH2" | "OIDC" | "CREDENTIALS">;
       }>>;
     }>;
   }>;
-  readonly checkUsernameAvailability: alepha_server14.ActionPrimitiveFn<{
-    query: alepha1.TObject<{
-      userRealmName: alepha1.TOptional<alepha1.TString>;
+  readonly checkUsernameAvailability: alepha_server0.ActionPrimitiveFn<{
+    query: alepha23.TObject<{
+      userRealmName: alepha23.TOptional<alepha23.TString>;
     }>;
-    body: alepha1.TObject<{
-      username: alepha1.TString;
+    body: alepha23.TObject<{
+      username: alepha23.TString;
     }>;
-    response: alepha1.TObject<{
-      available: alepha1.TBoolean;
+    response: alepha23.TObject<{
+      available: alepha23.TBoolean;
     }>;
   }>;
 }
 //#endregion
 //#region ../../src/api/users/schemas/identityResourceSchema.d.ts
-declare const identityResourceSchema: alepha1.TObject<{
-  id: PgAttr<PgAttr<alepha1.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
-  version: PgAttr<PgAttr<alepha1.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
-  createdAt: PgAttr<PgAttr<alepha1.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
-  updatedAt: PgAttr<PgAttr<alepha1.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
-  userId: PgAttr<alepha1.TString, typeof PG_REF>;
-  provider: alepha1.TString;
-  providerUserId: alepha1.TOptional<alepha1.TString>;
-  providerData: alepha1.TOptional<alepha1.TRecord<string, alepha1.TAny>>;
+declare const identityResourceSchema: alepha23.TObject<{
+  id: PgAttr<PgAttr<alepha23.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
+  version: PgAttr<PgAttr<alepha23.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
+  createdAt: PgAttr<PgAttr<alepha23.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
+  updatedAt: PgAttr<PgAttr<alepha23.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
+  userId: PgAttr<alepha23.TString, typeof PG_REF>;
+  provider: alepha23.TString;
+  providerUserId: alepha23.TOptional<alepha23.TString>;
+  providerData: alepha23.TOptional<alepha23.TRecord<string, alepha23.TAny>>;
 }>;
 type IdentityResource = Static<typeof identityResourceSchema>;
 //#endregion
 //#region ../../src/api/users/schemas/loginSchema.d.ts
-declare const loginSchema: alepha1.TObject<{
-  username: alepha1.TString;
-  password: alepha1.TString;
+declare const loginSchema: alepha23.TObject<{
+  username: alepha23.TString;
+  password: alepha23.TString;
 }>;
 type LoginInput = Static<typeof loginSchema>;
 //#endregion
 //#region ../../src/api/users/schemas/registerSchema.d.ts
-declare const registerSchema: alepha1.TObject<{
-  username: alepha1.TString;
-  email: alepha1.TString;
-  password: alepha1.TString;
-  confirmPassword: alepha1.TString;
-  firstName: alepha1.TOptional<alepha1.TString>;
-  lastName: alepha1.TOptional<alepha1.TString>;
+declare const registerSchema: alepha23.TObject<{
+  username: alepha23.TString;
+  email: alepha23.TString;
+  password: alepha23.TString;
+  confirmPassword: alepha23.TString;
+  firstName: alepha23.TOptional<alepha23.TString>;
+  lastName: alepha23.TOptional<alepha23.TString>;
 }>;
 type RegisterInput = Static<typeof registerSchema>;
 //#endregion
 //#region ../../src/api/users/schemas/resetPasswordSchema.d.ts
-declare const resetPasswordRequestSchema: alepha1.TObject<{
-  email: alepha1.TString;
+declare const resetPasswordRequestSchema: alepha23.TObject<{
+  email: alepha23.TString;
 }>;
-declare const resetPasswordSchema: alepha1.TObject<{
-  token: alepha1.TString;
-  password: alepha1.TString;
-  confirmPassword: alepha1.TString;
+declare const resetPasswordSchema: alepha23.TObject<{
+  token: alepha23.TString;
+  password: alepha23.TString;
+  confirmPassword: alepha23.TString;
 }>;
 type ResetPasswordRequest = Static<typeof resetPasswordRequestSchema>;
 type ResetPasswordInput = Static<typeof resetPasswordSchema>;
 //#endregion
 //#region ../../src/api/users/schemas/sessionResourceSchema.d.ts
-declare const sessionResourceSchema: alepha1.TObject<{
-  id: alepha1.TString;
-  version: alepha1.TNumber;
-  createdAt: alepha1.TString;
-  updatedAt: alepha1.TString;
-  refreshToken: alepha1.TString;
-  userId: alepha1.TString;
-  expiresAt: alepha1.TString;
-  ip: alepha1.TOptional<alepha1.TString>;
-  userAgent: alepha1.TOptional<alepha1.TObject<{
-    os: alepha1.TString;
-    browser: alepha1.TString;
-    device: alepha1.TUnsafe<"MOBILE" | "DESKTOP" | "TABLET">;
+declare const sessionResourceSchema: alepha23.TObject<{
+  id: alepha23.TString;
+  version: alepha23.TNumber;
+  createdAt: alepha23.TString;
+  updatedAt: alepha23.TString;
+  refreshToken: alepha23.TString;
+  userId: alepha23.TString;
+  expiresAt: alepha23.TString;
+  ip: alepha23.TOptional<alepha23.TString>;
+  userAgent: alepha23.TOptional<alepha23.TObject<{
+    os: alepha23.TString;
+    browser: alepha23.TString;
+    device: alepha23.TUnsafe<"MOBILE" | "DESKTOP" | "TABLET">;
   }>>;
 }>;
 type SessionResource = Static<typeof sessionResourceSchema>;
 //#endregion
 //#region ../../src/api/users/schemas/userRealmConfigSchema.d.ts
-declare const userRealmConfigSchema: alepha1.TObject<{
-  settings: alepha1.TObject<{
-    displayName: alepha1.TOptional<alepha1.TString>;
-    description: alepha1.TOptional<alepha1.TString>;
-    logoUrl: alepha1.TOptional<alepha1.TString>;
-    registrationAllowed: alepha1.TBoolean;
-    emailEnabled: alepha1.TBoolean;
-    emailRequired: alepha1.TBoolean;
-    usernameEnabled: alepha1.TBoolean;
-    usernameRequired: alepha1.TBoolean;
-    phoneEnabled: alepha1.TBoolean;
-    phoneRequired: alepha1.TBoolean;
-    verifyEmailRequired: alepha1.TBoolean;
-    verifyPhoneRequired: alepha1.TBoolean;
-    firstNameLastNameEnabled: alepha1.TBoolean;
-    firstNameLastNameRequired: alepha1.TBoolean;
-    resetPasswordAllowed: alepha1.TBoolean;
-    passwordPolicy: alepha1.TObject<{
-      minLength: alepha1.TInteger;
-      requireUppercase: alepha1.TBoolean;
-      requireLowercase: alepha1.TBoolean;
-      requireNumbers: alepha1.TBoolean;
-      requireSpecialCharacters: alepha1.TBoolean;
+declare const userRealmConfigSchema: alepha23.TObject<{
+  settings: alepha23.TObject<{
+    displayName: alepha23.TOptional<alepha23.TString>;
+    description: alepha23.TOptional<alepha23.TString>;
+    logoUrl: alepha23.TOptional<alepha23.TString>;
+    registrationAllowed: alepha23.TBoolean;
+    emailEnabled: alepha23.TBoolean;
+    emailRequired: alepha23.TBoolean;
+    usernameEnabled: alepha23.TBoolean;
+    usernameRequired: alepha23.TBoolean;
+    phoneEnabled: alepha23.TBoolean;
+    phoneRequired: alepha23.TBoolean;
+    verifyEmailRequired: alepha23.TBoolean;
+    verifyPhoneRequired: alepha23.TBoolean;
+    firstNameLastNameEnabled: alepha23.TBoolean;
+    firstNameLastNameRequired: alepha23.TBoolean;
+    resetPasswordAllowed: alepha23.TBoolean;
+    passwordPolicy: alepha23.TObject<{
+      minLength: alepha23.TInteger;
+      requireUppercase: alepha23.TBoolean;
+      requireLowercase: alepha23.TBoolean;
+      requireNumbers: alepha23.TBoolean;
+      requireSpecialCharacters: alepha23.TBoolean;
     }>;
   }>;
-  realmName: alepha1.TString;
-  authenticationMethods: alepha1.TArray<alepha1.TObject<{
-    name: alepha1.TString;
-    type: alepha1.TUnsafe<"OAUTH2" | "OIDC" | "CREDENTIALS">;
+  realmName: alepha23.TString;
+  authenticationMethods: alepha23.TArray<alepha23.TObject<{
+    name: alepha23.TString;
+    type: alepha23.TUnsafe<"OAUTH2" | "OIDC" | "CREDENTIALS">;
   }>>;
 }>;
 type UserRealmConfig = Static<typeof userRealmConfigSchema>;
 //#endregion
 //#region ../../src/api/users/schemas/userResourceSchema.d.ts
-declare const userResourceSchema: alepha1.TObject<{
-  id: PgAttr<PgAttr<alepha1.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
-  version: PgAttr<PgAttr<alepha1.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
-  createdAt: PgAttr<PgAttr<alepha1.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
-  updatedAt: PgAttr<PgAttr<alepha1.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
-  realm: PgAttr<alepha1.TString, typeof PG_DEFAULT>;
-  username: alepha1.TOptional<alepha1.TString>;
-  email: alepha1.TOptional<alepha1.TString>;
-  phoneNumber: alepha1.TOptional<alepha1.TString>;
-  roles: PgAttr<alepha1.TArray<alepha1.TString>, typeof PG_DEFAULT>;
-  firstName: alepha1.TOptional<alepha1.TString>;
-  lastName: alepha1.TOptional<alepha1.TString>;
-  picture: alepha1.TOptional<alepha1.TString>;
-  enabled: PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>;
-  emailVerified: PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>;
+declare const userResourceSchema: alepha23.TObject<{
+  id: PgAttr<PgAttr<alepha23.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
+  version: PgAttr<PgAttr<alepha23.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
+  createdAt: PgAttr<PgAttr<alepha23.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
+  updatedAt: PgAttr<PgAttr<alepha23.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
+  realm: PgAttr<alepha23.TString, typeof PG_DEFAULT>;
+  username: alepha23.TOptional<alepha23.TString>;
+  email: alepha23.TOptional<alepha23.TString>;
+  phoneNumber: alepha23.TOptional<alepha23.TString>;
+  roles: PgAttr<alepha23.TArray<alepha23.TString>, typeof PG_DEFAULT>;
+  firstName: alepha23.TOptional<alepha23.TString>;
+  lastName: alepha23.TOptional<alepha23.TString>;
+  picture: alepha23.TOptional<alepha23.TString>;
+  enabled: PgAttr<alepha23.TBoolean, typeof PG_DEFAULT>;
+  emailVerified: PgAttr<alepha23.TBoolean, typeof PG_DEFAULT>;
 }>;
 type UserResource = Static<typeof userResourceSchema>;
 //#endregion
@@ -2839,50 +2852,51 @@ declare class SessionService {
   protected readonly fsp: FileSystemProvider;
   protected readonly dateTimeProvider: DateTimeProvider;
   protected readonly cryptoProvider: CryptoProvider;
-  protected readonly log: alepha_logger0.Logger;
+  protected readonly log: alepha_logger5.Logger;
   protected readonly userRealmProvider: UserRealmProvider;
   protected readonly fileController: alepha_server_links0.HttpVirtualClient<FileController>;
-  users(userRealmName?: string): Repository$1<alepha1.TObject<{
-    id: PgAttr<PgAttr<alepha1.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
-    version: PgAttr<PgAttr<alepha1.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
-    createdAt: PgAttr<PgAttr<alepha1.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
-    updatedAt: PgAttr<PgAttr<alepha1.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
-    realm: PgAttr<alepha1.TString, typeof PG_DEFAULT>;
-    username: alepha1.TOptional<alepha1.TString>;
-    email: alepha1.TOptional<alepha1.TString>;
-    phoneNumber: alepha1.TOptional<alepha1.TString>;
-    roles: PgAttr<alepha1.TArray<alepha1.TString>, typeof PG_DEFAULT>;
-    firstName: alepha1.TOptional<alepha1.TString>;
-    lastName: alepha1.TOptional<alepha1.TString>;
-    picture: alepha1.TOptional<alepha1.TString>;
-    enabled: PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>;
-    emailVerified: PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>;
+  protected readonly auditService: AuditService;
+  users(userRealmName?: string): Repository$1<alepha23.TObject<{
+    id: PgAttr<PgAttr<alepha23.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
+    version: PgAttr<PgAttr<alepha23.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
+    createdAt: PgAttr<PgAttr<alepha23.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
+    updatedAt: PgAttr<PgAttr<alepha23.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
+    realm: PgAttr<alepha23.TString, typeof PG_DEFAULT>;
+    username: alepha23.TOptional<alepha23.TString>;
+    email: alepha23.TOptional<alepha23.TString>;
+    phoneNumber: alepha23.TOptional<alepha23.TString>;
+    roles: PgAttr<alepha23.TArray<alepha23.TString>, typeof PG_DEFAULT>;
+    firstName: alepha23.TOptional<alepha23.TString>;
+    lastName: alepha23.TOptional<alepha23.TString>;
+    picture: alepha23.TOptional<alepha23.TString>;
+    enabled: PgAttr<alepha23.TBoolean, typeof PG_DEFAULT>;
+    emailVerified: PgAttr<alepha23.TBoolean, typeof PG_DEFAULT>;
   }>>;
-  sessions(userRealmName?: string): Repository$1<alepha1.TObject<{
-    id: PgAttr<PgAttr<alepha1.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
-    version: PgAttr<PgAttr<alepha1.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
-    createdAt: PgAttr<PgAttr<alepha1.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
-    updatedAt: PgAttr<PgAttr<alepha1.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
-    refreshToken: alepha1.TString;
-    userId: PgAttr<alepha1.TString, typeof PG_REF>;
-    expiresAt: alepha1.TString;
-    ip: alepha1.TOptional<alepha1.TString>;
-    userAgent: alepha1.TOptional<alepha1.TObject<{
-      os: alepha1.TString;
-      browser: alepha1.TString;
-      device: alepha1.TUnsafe<"MOBILE" | "DESKTOP" | "TABLET">;
+  sessions(userRealmName?: string): Repository$1<alepha23.TObject<{
+    id: PgAttr<PgAttr<alepha23.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
+    version: PgAttr<PgAttr<alepha23.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
+    createdAt: PgAttr<PgAttr<alepha23.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
+    updatedAt: PgAttr<PgAttr<alepha23.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
+    refreshToken: alepha23.TString;
+    userId: PgAttr<alepha23.TString, typeof PG_REF>;
+    expiresAt: alepha23.TString;
+    ip: alepha23.TOptional<alepha23.TString>;
+    userAgent: alepha23.TOptional<alepha23.TObject<{
+      os: alepha23.TString;
+      browser: alepha23.TString;
+      device: alepha23.TUnsafe<"MOBILE" | "DESKTOP" | "TABLET">;
     }>>;
   }>>;
-  identities(userRealmName?: string): Repository$1<alepha1.TObject<{
-    id: PgAttr<PgAttr<alepha1.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
-    version: PgAttr<PgAttr<alepha1.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
-    createdAt: PgAttr<PgAttr<alepha1.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
-    updatedAt: PgAttr<PgAttr<alepha1.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
-    userId: PgAttr<alepha1.TString, typeof PG_REF>;
-    password: alepha1.TOptional<alepha1.TString>;
-    provider: alepha1.TString;
-    providerUserId: alepha1.TOptional<alepha1.TString>;
-    providerData: alepha1.TOptional<alepha1.TRecord<string, alepha1.TAny>>;
+  identities(userRealmName?: string): Repository$1<alepha23.TObject<{
+    id: PgAttr<PgAttr<alepha23.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
+    version: PgAttr<PgAttr<alepha23.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
+    createdAt: PgAttr<PgAttr<alepha23.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
+    updatedAt: PgAttr<PgAttr<alepha23.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
+    userId: PgAttr<alepha23.TString, typeof PG_REF>;
+    password: alepha23.TOptional<alepha23.TString>;
+    provider: alepha23.TString;
+    providerUserId: alepha23.TOptional<alepha23.TString>;
+    providerData: alepha23.TOptional<alepha23.TRecord<string, alepha23.TAny>>;
   }>>;
   /**
    * Random delay to prevent timing attacks (50-200ms)
@@ -2898,56 +2912,56 @@ declare class SessionService {
     sessionId: string;
   }>;
   refreshSession(refreshToken: string, userRealmName?: string): Promise<{
-    user: PgStatic<alepha1.TObject<{
-      id: PgAttr<PgAttr<alepha1.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
-      version: PgAttr<PgAttr<alepha1.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
-      createdAt: PgAttr<PgAttr<alepha1.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
-      updatedAt: PgAttr<PgAttr<alepha1.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
-      realm: PgAttr<alepha1.TString, typeof PG_DEFAULT>;
-      username: alepha1.TOptional<alepha1.TString>;
-      email: alepha1.TOptional<alepha1.TString>;
-      phoneNumber: alepha1.TOptional<alepha1.TString>;
-      roles: PgAttr<alepha1.TArray<alepha1.TString>, typeof PG_DEFAULT>;
-      firstName: alepha1.TOptional<alepha1.TString>;
-      lastName: alepha1.TOptional<alepha1.TString>;
-      picture: alepha1.TOptional<alepha1.TString>;
-      enabled: PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>;
-      emailVerified: PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>;
-    }>, PgRelationMap<alepha1.TObject<{
-      id: PgAttr<PgAttr<alepha1.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
-      version: PgAttr<PgAttr<alepha1.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
-      createdAt: PgAttr<PgAttr<alepha1.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
-      updatedAt: PgAttr<PgAttr<alepha1.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
-      realm: PgAttr<alepha1.TString, typeof PG_DEFAULT>;
-      username: alepha1.TOptional<alepha1.TString>;
-      email: alepha1.TOptional<alepha1.TString>;
-      phoneNumber: alepha1.TOptional<alepha1.TString>;
-      roles: PgAttr<alepha1.TArray<alepha1.TString>, typeof PG_DEFAULT>;
-      firstName: alepha1.TOptional<alepha1.TString>;
-      lastName: alepha1.TOptional<alepha1.TString>;
-      picture: alepha1.TOptional<alepha1.TString>;
-      enabled: PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>;
-      emailVerified: PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>;
+    user: PgStatic<alepha23.TObject<{
+      id: PgAttr<PgAttr<alepha23.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
+      version: PgAttr<PgAttr<alepha23.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
+      createdAt: PgAttr<PgAttr<alepha23.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
+      updatedAt: PgAttr<PgAttr<alepha23.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
+      realm: PgAttr<alepha23.TString, typeof PG_DEFAULT>;
+      username: alepha23.TOptional<alepha23.TString>;
+      email: alepha23.TOptional<alepha23.TString>;
+      phoneNumber: alepha23.TOptional<alepha23.TString>;
+      roles: PgAttr<alepha23.TArray<alepha23.TString>, typeof PG_DEFAULT>;
+      firstName: alepha23.TOptional<alepha23.TString>;
+      lastName: alepha23.TOptional<alepha23.TString>;
+      picture: alepha23.TOptional<alepha23.TString>;
+      enabled: PgAttr<alepha23.TBoolean, typeof PG_DEFAULT>;
+      emailVerified: PgAttr<alepha23.TBoolean, typeof PG_DEFAULT>;
+    }>, PgRelationMap<alepha23.TObject<{
+      id: PgAttr<PgAttr<alepha23.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
+      version: PgAttr<PgAttr<alepha23.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
+      createdAt: PgAttr<PgAttr<alepha23.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
+      updatedAt: PgAttr<PgAttr<alepha23.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
+      realm: PgAttr<alepha23.TString, typeof PG_DEFAULT>;
+      username: alepha23.TOptional<alepha23.TString>;
+      email: alepha23.TOptional<alepha23.TString>;
+      phoneNumber: alepha23.TOptional<alepha23.TString>;
+      roles: PgAttr<alepha23.TArray<alepha23.TString>, typeof PG_DEFAULT>;
+      firstName: alepha23.TOptional<alepha23.TString>;
+      lastName: alepha23.TOptional<alepha23.TString>;
+      picture: alepha23.TOptional<alepha23.TString>;
+      enabled: PgAttr<alepha23.TBoolean, typeof PG_DEFAULT>;
+      emailVerified: PgAttr<alepha23.TBoolean, typeof PG_DEFAULT>;
     }>>>;
     expiresIn: number;
     sessionId: string;
   }>;
   deleteSession(refreshToken: string, userRealmName?: string): Promise<void>;
   link(provider: string, profile: OAuth2Profile, userRealmName?: string): Promise<{
-    username?: string | undefined;
     email?: string | undefined;
+    username?: string | undefined;
     phoneNumber?: string | undefined;
     firstName?: string | undefined;
     lastName?: string | undefined;
     picture?: string | undefined;
-    enabled: boolean;
-    emailVerified: boolean;
-    roles: string[];
     id: string;
     version: number;
     createdAt: string;
     updatedAt: string;
     realm: string;
+    roles: string[];
+    enabled: boolean;
+    emailVerified: boolean;
   } | {
     sub: string;
     email?: string;
@@ -2989,7 +3003,7 @@ declare class SessionService {
  *
  * @module alepha.api.users
  */
-declare const AlephaApiUsers: alepha1.Service<alepha1.Module>;
+declare const AlephaApiUsers: alepha23.Service<alepha23.Module>;
 //#endregion
-export { $userRealm, AlephaApiUsers, CompletePasswordResetRequest, CompleteRegistrationRequest, CreateUser, CredentialService, DEFAULT_USER_REALM_NAME, IdentityController, IdentityEntity, IdentityQuery, IdentityResource, IdentityService, LoginInput, PasswordResetIntentResponse, RealmAuthSettings, RegisterInput, RegistrationIntentResponse, RegistrationService, ResetPasswordInput, ResetPasswordRequest, SessionController, SessionCrudService, SessionEntity, SessionQuery, SessionResource, SessionService, UpdateUser, UserController, UserEntity, UserQuery, UserRealm, UserRealmConfig, UserRealmController, UserRealmOptions, UserRealmPrimitive, UserRealmProvider, UserRealmRepositories, UserResource, UserService, completePasswordResetRequestSchema, completeRegistrationRequestSchema, createUserSchema, identities, identityQuerySchema, identityResourceSchema, loginSchema, passwordResetIntentResponseSchema, realmAuthSettingsAtom, registerSchema, registrationIntentResponseSchema, resetPasswordRequestSchema, resetPasswordSchema, sessionQuerySchema, sessionResourceSchema, sessions, updateUserSchema, userQuerySchema, userRealmConfigSchema, userResourceSchema, users };
+export { $userRealm, AdminIdentityController, AdminSessionController, AdminUserController, AlephaApiUsers, CompletePasswordResetRequest, CompleteRegistrationRequest, CreateUser, CredentialService, DEFAULT_USER_REALM_NAME, IdentityEntity, IdentityQuery, IdentityResource, IdentityService, LoginInput, PasswordResetIntentResponse, RealmAuthSettings, RegisterInput, RegistrationIntentResponse, RegistrationService, ResetPasswordInput, ResetPasswordRequest, SessionCrudService, SessionEntity, SessionQuery, SessionResource, SessionService, UpdateUser, UserController, UserEntity, UserQuery, UserRealm, UserRealmConfig, UserRealmController, UserRealmOptions, UserRealmPrimitive, UserRealmProvider, UserRealmRepositories, UserResource, UserService, completePasswordResetRequestSchema, completeRegistrationRequestSchema, createUserSchema, identities, identityQuerySchema, identityResourceSchema, loginSchema, passwordResetIntentResponseSchema, realmAuthSettingsAtom, registerSchema, registrationIntentResponseSchema, resetPasswordRequestSchema, resetPasswordSchema, sessionQuerySchema, sessionResourceSchema, sessions, updateUserSchema, userQuerySchema, userRealmConfigSchema, userResourceSchema, users };
 //# sourceMappingURL=index.d.ts.map