npm - alepha - Versions diffs - 0.14.2 → 0.14.4 - Mend

alepha 0.14.2 → 0.14.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (405) hide show

package/README.md +1 -1
package/dist/api/audits/index.browser.js +5 -5
package/dist/api/audits/index.browser.js.map +1 -1
package/dist/api/audits/index.d.ts +706 -785
package/dist/api/audits/index.d.ts.map +1 -1
package/dist/api/audits/index.js +13 -13
package/dist/api/audits/index.js.map +1 -1
package/dist/api/files/index.browser.js +5 -5
package/dist/api/files/index.browser.js.map +1 -1
package/dist/api/files/index.d.ts +58 -137
package/dist/api/files/index.d.ts.map +1 -1
package/dist/api/files/index.js +71 -71
package/dist/api/files/index.js.map +1 -1
package/dist/api/jobs/index.browser.js +5 -5
package/dist/api/jobs/index.browser.js.map +1 -1
package/dist/api/jobs/index.d.ts +29 -108
package/dist/api/jobs/index.d.ts.map +1 -1
package/dist/api/jobs/index.js +10 -10
package/dist/api/jobs/index.js.map +1 -1
package/dist/api/notifications/index.browser.js +10 -10
package/dist/api/notifications/index.browser.js.map +1 -1
package/dist/api/notifications/index.d.ts +504 -171
package/dist/api/notifications/index.d.ts.map +1 -1
package/dist/api/notifications/index.js +12 -12
package/dist/api/notifications/index.js.map +1 -1
package/dist/api/parameters/index.browser.js +163 -10
package/dist/api/parameters/index.browser.js.map +1 -1
package/dist/api/parameters/index.d.ts +277 -351
package/dist/api/parameters/index.d.ts.map +1 -1
package/dist/api/parameters/index.js +196 -91
package/dist/api/parameters/index.js.map +1 -1
package/dist/api/users/index.browser.js +19 -19
package/dist/api/users/index.browser.js.map +1 -1
package/dist/api/users/index.d.ts +787 -852
package/dist/api/users/index.d.ts.map +1 -1
package/dist/api/users/index.js +827 -596
package/dist/api/users/index.js.map +1 -1
package/dist/api/verifications/index.browser.js +6 -6
package/dist/api/verifications/index.browser.js.map +1 -1
package/dist/api/verifications/index.d.ts +128 -128
package/dist/api/verifications/index.d.ts.map +1 -1
package/dist/api/verifications/index.js +6 -6
package/dist/api/verifications/index.js.map +1 -1
package/dist/bin/index.d.ts +1 -2
package/dist/bin/index.js +0 -1
package/dist/bin/index.js.map +1 -1
package/dist/cli/index.d.ts +252 -131
package/dist/cli/index.d.ts.map +1 -1
package/dist/cli/index.js +595 -395
package/dist/cli/index.js.map +1 -1
package/dist/command/index.d.ts +46 -11
package/dist/command/index.d.ts.map +1 -1
package/dist/command/index.js +99 -19
package/dist/command/index.js.map +1 -1
package/dist/core/index.browser.js +40 -22
package/dist/core/index.browser.js.map +1 -1
package/dist/core/index.d.ts +45 -1
package/dist/core/index.d.ts.map +1 -1
package/dist/core/index.js +40 -22
package/dist/core/index.js.map +1 -1
package/dist/core/index.native.js +40 -22
package/dist/core/index.native.js.map +1 -1
package/dist/fake/index.js +195 -168
package/dist/fake/index.js.map +1 -1
package/dist/file/index.d.ts +8 -0
package/dist/file/index.d.ts.map +1 -1
package/dist/file/index.js +3 -0
package/dist/file/index.js.map +1 -1
package/dist/logger/index.d.ts +1 -1
package/dist/logger/index.d.ts.map +1 -1
package/dist/logger/index.js +12 -2
package/dist/logger/index.js.map +1 -1
package/dist/mcp/index.js +1 -1
package/dist/mcp/index.js.map +1 -1
package/dist/orm/index.d.ts +59 -195
package/dist/orm/index.d.ts.map +1 -1
package/dist/orm/index.js +201 -430
package/dist/orm/index.js.map +1 -1
package/dist/security/index.d.ts +1 -1
package/dist/security/index.d.ts.map +1 -1
package/dist/security/index.js +1 -1
package/dist/security/index.js.map +1 -1
package/dist/server/auth/index.d.ts +171 -155
package/dist/server/auth/index.d.ts.map +1 -1
package/dist/server/auth/index.js +0 -1
package/dist/server/auth/index.js.map +1 -1
package/dist/server/cache/index.d.ts +12 -0
package/dist/server/cache/index.d.ts.map +1 -1
package/dist/server/cache/index.js +55 -2
package/dist/server/cache/index.js.map +1 -1
package/dist/server/compress/index.d.ts +6 -0
package/dist/server/compress/index.d.ts.map +1 -1
package/dist/server/compress/index.js +38 -1
package/dist/server/compress/index.js.map +1 -1
package/dist/server/core/index.browser.js +2 -2
package/dist/server/core/index.browser.js.map +1 -1
package/dist/server/core/index.d.ts +10 -10
package/dist/server/core/index.d.ts.map +1 -1
package/dist/server/core/index.js +7 -4
package/dist/server/core/index.js.map +1 -1
package/dist/server/links/index.browser.js +22 -6
package/dist/server/links/index.browser.js.map +1 -1
package/dist/server/links/index.d.ts +46 -44
package/dist/server/links/index.d.ts.map +1 -1
package/dist/server/links/index.js +24 -41
package/dist/server/links/index.js.map +1 -1
package/dist/server/static/index.d.ts.map +1 -1
package/dist/server/static/index.js +4 -0
package/dist/server/static/index.js.map +1 -1
package/dist/server/swagger/index.d.ts +2 -1
package/dist/server/swagger/index.d.ts.map +1 -1
package/dist/server/swagger/index.js +9 -5
package/dist/server/swagger/index.js.map +1 -1
package/dist/vite/index.d.ts +101 -106
package/dist/vite/index.d.ts.map +1 -1
package/dist/vite/index.js +574 -503
package/dist/vite/index.js.map +1 -1
package/dist/websocket/index.d.ts +7 -7
package/package.json +7 -7
package/src/api/audits/controllers/{AuditController.ts → AdminAuditController.ts} +5 -6
package/src/api/audits/entities/audits.ts +5 -5
package/src/api/audits/index.browser.ts +1 -1
package/src/api/audits/index.ts +3 -3
package/src/api/audits/primitives/$audit.spec.ts +276 -0
package/src/api/audits/services/AuditService.spec.ts +495 -0
package/src/api/files/__tests__/$bucket.spec.ts +91 -0
package/src/api/files/controllers/AdminFileStatsController.spec.ts +166 -0
package/src/api/files/controllers/{StorageStatsController.ts → AdminFileStatsController.ts} +2 -2
package/src/api/files/controllers/FileController.spec.ts +558 -0
package/src/api/files/controllers/FileController.ts +4 -5
package/src/api/files/entities/files.ts +5 -5
package/src/api/files/index.browser.ts +1 -1
package/src/api/files/index.ts +4 -4
package/src/api/files/jobs/FileJobs.spec.ts +52 -0
package/src/api/files/services/FileService.spec.ts +109 -0
package/src/api/jobs/__tests__/JobController.spec.ts +343 -0
package/src/api/jobs/controllers/{JobController.ts → AdminJobController.ts} +2 -2
package/src/api/jobs/entities/jobExecutions.ts +5 -5
package/src/api/jobs/index.ts +3 -3
package/src/api/jobs/primitives/$job.spec.ts +476 -0
package/src/api/notifications/controllers/{NotificationController.ts → AdminNotificationController.ts} +4 -5
package/src/api/notifications/entities/notifications.ts +5 -5
package/src/api/notifications/index.browser.ts +1 -1
package/src/api/notifications/index.ts +4 -4
package/src/api/parameters/controllers/{ConfigController.ts → AdminConfigController.ts} +46 -107
package/src/api/parameters/entities/parameters.ts +7 -17
package/src/api/parameters/index.ts +3 -3
package/src/api/parameters/primitives/$config.spec.ts +356 -0
package/src/api/parameters/schemas/activateConfigBodySchema.ts +12 -0
package/src/api/parameters/schemas/checkScheduledResponseSchema.ts +8 -0
package/src/api/parameters/schemas/configCurrentResponseSchema.ts +13 -0
package/src/api/parameters/schemas/configHistoryResponseSchema.ts +9 -0
package/src/api/parameters/schemas/configNameParamSchema.ts +10 -0
package/src/api/parameters/schemas/configNamesResponseSchema.ts +8 -0
package/src/api/parameters/schemas/configTreeNodeSchema.ts +13 -0
package/src/api/parameters/schemas/configVersionParamSchema.ts +9 -0
package/src/api/parameters/schemas/configVersionResponseSchema.ts +9 -0
package/src/api/parameters/schemas/configsByStatusResponseSchema.ts +9 -0
package/src/api/parameters/schemas/createConfigVersionBodySchema.ts +24 -0
package/src/api/parameters/schemas/index.ts +15 -0
package/src/api/parameters/schemas/parameterResponseSchema.ts +26 -0
package/src/api/parameters/schemas/parameterStatusSchema.ts +13 -0
package/src/api/parameters/schemas/rollbackConfigBodySchema.ts +15 -0
package/src/api/parameters/schemas/statusParamSchema.ts +9 -0
package/src/api/users/__tests__/EmailVerification.spec.ts +369 -0
package/src/api/users/__tests__/PasswordReset.spec.ts +550 -0
package/src/api/users/controllers/AdminIdentityController.spec.ts +365 -0
package/src/api/users/controllers/{IdentityController.ts → AdminIdentityController.ts} +3 -4
package/src/api/users/controllers/AdminSessionController.spec.ts +274 -0
package/src/api/users/controllers/{SessionController.ts → AdminSessionController.ts} +3 -4
package/src/api/users/controllers/AdminUserController.spec.ts +372 -0
package/src/api/users/controllers/AdminUserController.ts +116 -0
package/src/api/users/controllers/UserController.ts +4 -107
package/src/api/users/controllers/UserRealmController.ts +3 -0
package/src/api/users/entities/identities.ts +6 -6
package/src/api/users/entities/sessions.ts +6 -6
package/src/api/users/entities/users.ts +9 -9
package/src/api/users/index.ts +9 -6
package/src/api/users/primitives/$userRealm.ts +13 -8
package/src/api/users/services/CredentialService.spec.ts +509 -0
package/src/api/users/services/CredentialService.ts +46 -0
package/src/api/users/services/IdentityService.ts +15 -0
package/src/api/users/services/RegistrationService.spec.ts +630 -0
package/src/api/users/services/RegistrationService.ts +18 -0
package/src/api/users/services/SessionService.spec.ts +301 -0
package/src/api/users/services/SessionService.ts +110 -1
package/src/api/users/services/UserService.ts +67 -2
package/src/api/verifications/__tests__/CodeVerification.spec.ts +318 -0
package/src/api/verifications/__tests__/LinkVerification.spec.ts +279 -0
package/src/api/verifications/entities/verifications.ts +6 -6
package/src/api/verifications/jobs/VerificationJobs.spec.ts +50 -0
package/src/batch/__tests__/startup-buffering.spec.ts +458 -0
package/src/batch/primitives/$batch.spec.ts +766 -0
package/src/batch/providers/BatchProvider.spec.ts +786 -0
package/src/bin/index.ts +0 -1
package/src/bucket/__tests__/shared.ts +194 -0
package/src/bucket/primitives/$bucket.spec.ts +104 -0
package/src/bucket/providers/FileStorageProvider.spec.ts +13 -0
package/src/bucket/providers/LocalFileStorageProvider.spec.ts +77 -0
package/src/bucket/providers/MemoryFileStorageProvider.spec.ts +82 -0
package/src/cache/core/__tests__/shared.ts +377 -0
package/src/cache/core/primitives/$cache.spec.ts +111 -0
package/src/cache/redis/__tests__/cache-redis.spec.ts +70 -0
package/src/cli/apps/AlephaCli.ts +25 -6
package/src/cli/atoms/buildOptions.ts +88 -0
package/src/cli/commands/build.ts +32 -69
package/src/cli/commands/db.ts +0 -4
package/src/cli/commands/dev.ts +34 -10
package/src/cli/commands/gen/changelog.spec.ts +315 -0
package/src/cli/commands/{changelog.ts → gen/changelog.ts} +9 -9
package/src/cli/commands/gen/env.ts +53 -0
package/src/cli/commands/gen/openapi.ts +71 -0
package/src/cli/commands/gen/resource.ts +15 -0
package/src/cli/commands/gen.ts +24 -0
package/src/cli/commands/init.ts +2 -1
package/src/cli/commands/root.ts +12 -3
package/src/cli/commands/test.ts +0 -1
package/src/cli/commands/typecheck.ts +5 -0
package/src/cli/commands/verify.ts +1 -1
package/src/cli/defineConfig.ts +49 -7
package/src/cli/index.ts +2 -2
package/src/cli/services/AlephaCliUtils.ts +105 -55
package/src/cli/services/GitMessageParser.ts +1 -1
package/src/command/helpers/Asker.spec.ts +127 -0
package/src/command/helpers/Runner.spec.ts +126 -0
package/src/command/helpers/Runner.ts +1 -1
package/src/command/primitives/$command.spec.ts +1588 -0
package/src/command/primitives/$command.ts +0 -6
package/src/command/providers/CliProvider.ts +75 -27
package/src/core/Alepha.ts +87 -0
package/src/core/__tests__/Alepha-emit.spec.ts +22 -0
package/src/core/__tests__/Alepha-graph.spec.ts +93 -0
package/src/core/__tests__/Alepha-has.spec.ts +41 -0
package/src/core/__tests__/Alepha-inject.spec.ts +93 -0
package/src/core/__tests__/Alepha-register.spec.ts +81 -0
package/src/core/__tests__/Alepha-start.spec.ts +176 -0
package/src/core/__tests__/Alepha-with.spec.ts +14 -0
package/src/core/__tests__/TypeBox-usecases.spec.ts +35 -0
package/src/core/__tests__/TypeBoxLocale.spec.ts +15 -0
package/src/core/__tests__/descriptor.spec.ts +34 -0
package/src/core/__tests__/fixtures/A.ts +5 -0
package/src/core/__tests__/pagination.spec.ts +77 -0
package/src/core/helpers/jsonSchemaToTypeBox.ts +2 -2
package/src/core/primitives/$atom.spec.ts +43 -0
package/src/core/primitives/$hook.spec.ts +130 -0
package/src/core/primitives/$inject.spec.ts +175 -0
package/src/core/primitives/$module.spec.ts +115 -0
package/src/core/providers/CodecManager.spec.ts +740 -0
package/src/core/providers/EventManager.spec.ts +762 -0
package/src/core/providers/EventManager.ts +4 -0
package/src/core/providers/StateManager.spec.ts +365 -0
package/src/core/providers/TypeProvider.spec.ts +1607 -0
package/src/core/providers/TypeProvider.ts +20 -26
package/src/datetime/primitives/$interval.spec.ts +103 -0
package/src/datetime/providers/DateTimeProvider.spec.ts +86 -0
package/src/email/primitives/$email.spec.ts +175 -0
package/src/email/providers/LocalEmailProvider.spec.ts +341 -0
package/src/fake/__tests__/keyName.example.ts +40 -0
package/src/fake/__tests__/keyName.spec.ts +152 -0
package/src/fake/__tests__/module.example.ts +32 -0
package/src/fake/providers/FakeProvider.spec.ts +438 -0
package/src/file/providers/FileSystemProvider.ts +8 -0
package/src/file/providers/NodeFileSystemProvider.spec.ts +418 -0
package/src/file/providers/NodeFileSystemProvider.ts +5 -0
package/src/file/services/FileDetector.spec.ts +591 -0
package/src/lock/core/__tests__/shared.ts +190 -0
package/src/lock/core/providers/MemoryLockProvider.spec.ts +25 -0
package/src/lock/redis/providers/RedisLockProvider.spec.ts +25 -0
package/src/logger/__tests__/SimpleFormatterProvider.spec.ts +109 -0
package/src/logger/index.ts +15 -3
package/src/logger/primitives/$logger.spec.ts +108 -0
package/src/logger/services/Logger.spec.ts +295 -0
package/src/mcp/__tests__/errors.spec.ts +175 -0
package/src/mcp/__tests__/integration.spec.ts +450 -0
package/src/mcp/helpers/jsonrpc.spec.ts +380 -0
package/src/mcp/primitives/$prompt.spec.ts +468 -0
package/src/mcp/primitives/$resource.spec.ts +390 -0
package/src/mcp/primitives/$tool.spec.ts +406 -0
package/src/mcp/providers/McpServerProvider.spec.ts +797 -0
package/src/mcp/transports/StdioMcpTransport.ts +1 -1
package/src/orm/__tests__/$repository-crud.spec.ts +276 -0
package/src/orm/__tests__/$repository-hooks.spec.ts +325 -0
package/src/orm/__tests__/$repository-orderBy.spec.ts +128 -0
package/src/orm/__tests__/$repository-pagination-sort.spec.ts +149 -0
package/src/orm/__tests__/$repository-save.spec.ts +37 -0
package/src/orm/__tests__/ModelBuilder-integration.spec.ts +490 -0
package/src/orm/__tests__/ModelBuilder-types.spec.ts +186 -0
package/src/orm/__tests__/PostgresProvider.spec.ts +46 -0
package/src/orm/__tests__/delete-returning.spec.ts +256 -0
package/src/orm/__tests__/deletedAt.spec.ts +80 -0
package/src/orm/__tests__/enums.spec.ts +315 -0
package/src/orm/__tests__/execute.spec.ts +72 -0
package/src/orm/__tests__/fixtures/bigEntitySchema.ts +65 -0
package/src/orm/__tests__/fixtures/userEntitySchema.ts +27 -0
package/src/orm/__tests__/joins.spec.ts +1114 -0
package/src/orm/__tests__/page.spec.ts +287 -0
package/src/orm/__tests__/primaryKey.spec.ts +87 -0
package/src/orm/__tests__/query-date-encoding.spec.ts +402 -0
package/src/orm/__tests__/ref-auto-onDelete.spec.ts +156 -0
package/src/orm/__tests__/references.spec.ts +102 -0
package/src/orm/__tests__/security.spec.ts +710 -0
package/src/orm/__tests__/sqlite.spec.ts +111 -0
package/src/orm/__tests__/string-operators.spec.ts +429 -0
package/src/orm/__tests__/timestamps.spec.ts +388 -0
package/src/orm/__tests__/validation.spec.ts +183 -0
package/src/orm/__tests__/version.spec.ts +64 -0
package/src/orm/helpers/parseQueryString.spec.ts +196 -0
package/src/orm/index.ts +2 -8
package/src/orm/primitives/$repository.spec.ts +137 -0
package/src/orm/primitives/$sequence.spec.ts +29 -0
package/src/orm/primitives/$transaction.spec.ts +82 -0
package/src/orm/providers/drivers/BunPostgresProvider.ts +3 -3
package/src/orm/providers/drivers/BunSqliteProvider.ts +1 -1
package/src/orm/providers/drivers/CloudflareD1Provider.ts +1 -1
package/src/orm/providers/drivers/DatabaseProvider.ts +1 -1
package/src/orm/providers/drivers/NodePostgresProvider.ts +3 -3
package/src/orm/providers/drivers/NodeSqliteProvider.ts +1 -1
package/src/orm/providers/drivers/PglitePostgresProvider.ts +2 -2
package/src/orm/services/ModelBuilder.spec.ts +575 -0
package/src/orm/services/Repository.spec.ts +137 -0
package/src/queue/core/__tests__/shared.ts +143 -0
package/src/queue/core/providers/MemoryQueueProvider.spec.ts +23 -0
package/src/queue/core/providers/WorkerProvider.spec.ts +394 -0
package/src/queue/redis/providers/RedisQueueProvider.spec.ts +23 -0
package/src/redis/__tests__/redis.spec.ts +58 -0
package/src/retry/primitives/$retry.spec.ts +234 -0
package/src/retry/providers/RetryProvider.spec.ts +438 -0
package/src/router/__tests__/match.spec.ts +252 -0
package/src/router/providers/RouterProvider.spec.ts +197 -0
package/src/scheduler/__tests__/$scheduler-cron.spec.ts +25 -0
package/src/scheduler/__tests__/$scheduler-interval.spec.ts +25 -0
package/src/scheduler/__tests__/shared.ts +77 -0
package/src/security/__tests__/bug-1-wildcard-after-start.spec.ts +229 -0
package/src/security/__tests__/bug-2-password-validation.spec.ts +245 -0
package/src/security/__tests__/bug-3-regex-vulnerability.spec.ts +407 -0
package/src/security/__tests__/bug-4-oauth2-validation.spec.ts +439 -0
package/src/security/__tests__/multi-layer-permissions.spec.ts +522 -0
package/src/security/primitives/$permission.spec.ts +30 -0
package/src/security/primitives/$permission.ts +2 -2
package/src/security/primitives/$realm.spec.ts +101 -0
package/src/security/primitives/$role.spec.ts +52 -0
package/src/security/primitives/$serviceAccount.spec.ts +61 -0
package/src/security/providers/SecurityProvider.spec.ts +350 -0
package/src/server/auth/providers/ServerAuthProvider.ts +0 -2
package/src/server/cache/providers/ServerCacheProvider.spec.ts +1125 -0
package/src/server/cache/providers/ServerCacheProvider.ts +94 -9
package/src/server/compress/providers/ServerCompressProvider.spec.ts +31 -0
package/src/server/compress/providers/ServerCompressProvider.ts +63 -2
package/src/server/cookies/providers/ServerCookiesProvider.spec.ts +253 -0
package/src/server/core/__tests__/ServerRouterProvider-getRoutes.spec.ts +334 -0
package/src/server/core/__tests__/ServerRouterProvider-requestId.spec.ts +129 -0
package/src/server/core/helpers/ServerReply.ts +2 -2
package/src/server/core/primitives/$action.spec.ts +191 -0
package/src/server/core/primitives/$route.spec.ts +65 -0
package/src/server/core/providers/ServerBodyParserProvider.spec.ts +93 -0
package/src/server/core/providers/ServerLoggerProvider.spec.ts +100 -0
package/src/server/core/providers/ServerProvider.ts +14 -2
package/src/server/core/services/HttpClient.spec.ts +123 -0
package/src/server/core/services/UserAgentParser.spec.ts +111 -0
package/src/server/cors/providers/ServerCorsProvider.spec.ts +481 -0
package/src/server/health/providers/ServerHealthProvider.spec.ts +22 -0
package/src/server/helmet/providers/ServerHelmetProvider.spec.ts +105 -0
package/src/server/links/__tests__/$action.spec.ts +238 -0
package/src/server/links/__tests__/fixtures/CrudApp.ts +122 -0
package/src/server/links/__tests__/requestId.spec.ts +120 -0
package/src/server/links/primitives/$remote.spec.ts +228 -0
package/src/server/links/providers/LinkProvider.spec.ts +54 -0
package/src/server/links/providers/LinkProvider.ts +49 -3
package/src/server/links/providers/ServerLinksProvider.ts +1 -53
package/src/server/links/schemas/apiLinksResponseSchema.ts +7 -0
package/src/server/metrics/providers/ServerMetricsProvider.spec.ts +25 -0
package/src/server/multipart/providers/ServerMultipartProvider.spec.ts +528 -0
package/src/server/proxy/primitives/$proxy.spec.ts +87 -0
package/src/server/rate-limit/__tests__/ActionRateLimit.spec.ts +211 -0
package/src/server/rate-limit/providers/ServerRateLimitProvider.spec.ts +344 -0
package/src/server/security/__tests__/BasicAuth.spec.ts +684 -0
package/src/server/security/__tests__/ServerSecurityProvider-realm.spec.ts +388 -0
package/src/server/security/providers/ServerSecurityProvider.spec.ts +123 -0
package/src/server/static/primitives/$serve.spec.ts +193 -0
package/src/server/static/providers/ServerStaticProvider.ts +10 -0
package/src/server/swagger/__tests__/ui.spec.ts +52 -0
package/src/server/swagger/primitives/$swagger.spec.ts +193 -0
package/src/server/swagger/providers/ServerSwaggerProvider.ts +19 -12
package/src/sms/primitives/$sms.spec.ts +165 -0
package/src/sms/providers/LocalSmsProvider.spec.ts +224 -0
package/src/sms/providers/MemorySmsProvider.spec.ts +193 -0
package/src/thread/primitives/$thread.spec.ts +186 -0
package/src/topic/core/__tests__/shared.ts +144 -0
package/src/topic/core/providers/MemoryTopicProvider.spec.ts +23 -0
package/src/topic/redis/providers/RedisTopicProvider.spec.ts +23 -0
package/src/vite/helpers/importViteReact.ts +13 -0
package/src/vite/index.ts +1 -21
package/src/vite/plugins/viteAlephaDev.ts +32 -5
package/src/vite/plugins/viteAlephaSsrPreload.ts +222 -0
package/src/vite/tasks/buildClient.ts +11 -0
package/src/vite/tasks/buildServer.ts +47 -3
package/src/vite/tasks/devServer.ts +69 -0
package/src/vite/tasks/index.ts +2 -1
package/src/vite/tasks/runAlepha.ts +7 -1
package/src/websocket/__tests__/$websocket-new.spec.ts +195 -0
package/src/websocket/primitives/$channel.spec.ts +30 -0
package/src/cli/assets/viteConfigTs.ts +0 -14
package/src/cli/commands/run.ts +0 -24
package/src/vite/plugins/viteAlepha.ts +0 -37
package/src/vite/plugins/viteAlephaBuild.ts +0 -281

package/dist/api/users/index.d.ts CHANGED Viewed

@@ -2,22 +2,19 @@ import * as alepha1 from "alepha";
 import { Alepha, AlephaError, Page, PageQuery, Primitive, Static, StaticEncode, TNull, TObject, TOptional, TSchema, TUnion } from "alepha";
 import * as alepha_api_notifications0 from "alepha/api/notifications";
 import { VerificationController } from "alepha/api/verifications";
-import * as alepha_orm179 from "alepha/orm";
+import * as alepha_server0 from "alepha/server";
+import * as alepha_orm0 from "alepha/orm";
 import { Page as Page$1, Repository } from "alepha/orm";
-import * as alepha_server14 from "alepha/server";
-import * as alepha_logger0 from "alepha/logger";
+import { AuditService } from "alepha/api/audits";
+import * as alepha_logger5 from "alepha/logger";
 import * as alepha_bucket0 from "alepha/bucket";
+import * as alepha_server_links2 from "alepha/server/links";
 import * as alepha_cache0 from "alepha/cache";
 import { DateTime, DateTimeProvider } from "alepha/datetime";
 import { CryptoProvider, RealmPrimitive, RealmPrimitiveOptions, UserAccount } from "alepha/security";
-import * as alepha_server_links0 from "alepha/server/links";
 import { OAuth2Profile, ServerAuthProvider, WithLinkFn, WithLoginFn } from "alepha/server/auth";
 import { FileSystemProvider } from "alepha/file";
 import { FileController } from "alepha/api/files";
-import "bun";
-import "bun:sqlite";
-import "drizzle-orm/bun-sql";
-import "drizzle-orm/bun-sqlite";
 import "drizzle-orm/d1";
 import * as drizzle_orm0 from "drizzle-orm";
 import { BuildExtraConfigColumns, SQL, SQLWrapper } from "drizzle-orm";
@@ -26,8 +23,8 @@ import { LockConfig, LockStrength, PgColumn, PgColumnBuilderBase, PgDatabase, Pg
 import { PgTransactionConfig } from "drizzle-orm/pg-core/session";
 import * as DrizzleKit from "drizzle-kit/api";
 import "alepha/retry";
-import "alepha/lock";
 import "drizzle-orm/sqlite-core";
+import "alepha/lock";
 import "drizzle-orm/postgres-js";
 import "postgres";
@@ -58,485 +55,91 @@ declare const realmAuthSettingsAtom: alepha1.Atom<alepha1.TObject<{
 }>, "alepha.api.users.realmAuthSettings">;
 type RealmAuthSettings = Static<typeof realmAuthSettingsAtom.schema>;
 //#endregion
-//#region ../../src/api/users/entities/identities.d.ts
-declare const identities: alepha_orm179.EntityPrimitive<alepha1.TObject<{
-  id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-  version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-  createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-  updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-  userId: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_REF>;
-  password: alepha1.TOptional<alepha1.TString>;
-  provider: alepha1.TString;
-  providerUserId: alepha1.TOptional<alepha1.TString>;
-  providerData: alepha1.TOptional<alepha1.TRecord<string, alepha1.TAny>>;
-}>>;
-type IdentityEntity = Static<typeof identities.schema>;
-//#endregion
-//#region ../../src/api/users/entities/sessions.d.ts
-declare const sessions: alepha_orm179.EntityPrimitive<alepha1.TObject<{
-  id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-  version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-  createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-  updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-  refreshToken: alepha1.TString;
-  userId: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_REF>;
-  expiresAt: alepha1.TString;
-  ip: alepha1.TOptional<alepha1.TString>;
-  userAgent: alepha1.TOptional<alepha1.TObject<{
-    os: alepha1.TString;
-    browser: alepha1.TString;
-    device: alepha1.TUnsafe<"MOBILE" | "DESKTOP" | "TABLET">;
-  }>>;
-}>>;
-type SessionEntity = Static<typeof sessions.schema>;
-//#endregion
-//#region ../../src/api/users/entities/users.d.ts
-declare const DEFAULT_USER_REALM_NAME = "default";
-declare const users: alepha_orm179.EntityPrimitive<alepha1.TObject<{
-  id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-  version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-  createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-  updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-  realm: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_DEFAULT>;
-  username: alepha1.TOptional<alepha1.TString>;
-  email: alepha1.TOptional<alepha1.TString>;
-  phoneNumber: alepha1.TOptional<alepha1.TString>;
-  roles: alepha_orm179.PgAttr<alepha1.TArray<alepha1.TString>, typeof alepha_orm179.PG_DEFAULT>;
-  firstName: alepha1.TOptional<alepha1.TString>;
-  lastName: alepha1.TOptional<alepha1.TString>;
-  picture: alepha1.TOptional<alepha1.TString>;
-  enabled: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-  emailVerified: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-}>>;
-type UserEntity = Static<typeof users.schema>;
-//#endregion
-//#region ../../src/api/users/primitives/$userRealm.d.ts
-type UserRealmPrimitive = RealmPrimitive & WithLinkFn & WithLoginFn;
+//#region ../../src/orm/schemas/insertSchema.d.ts
 /**
- * Already configured realm for user management.
- *
- * Realm contains two roles: `admin` and `user`.
- *
- * - `admin`: Has full access to all resources and permissions.
- * - `user`: Has access to their own resources and permissions, but cannot access admin-level resources.
- *
- * Realm uses session management for handling user sessions.
+ * Transforms a TObject schema for insert operations.
+ * All default properties at the root level are made optional.
  *
- * Environment Variables:
- * - `APP_SECRET`: Secret key for signing tokens (if not provided in options).
+ * @example
+ * Before: { name: string; age: number(default=0); }
+ * After:  { name: string; age?: number; }
  */
-declare const $userRealm: (options?: UserRealmOptions) => UserRealmPrimitive;
-interface UserRealmOptions {
-  /**
-   * Secret key for signing tokens.
-   *
-   * If not provided, the secret from the SecurityProvider will be used (usually from the APP_SECRET environment variable).
-   */
-  secret?: string;
-  /**
-   * Realm configuration options.
-   *
-   * It's already pre-configured for user management with admin and user roles.
-   */
-  realm?: Partial<RealmPrimitiveOptions>;
-  /**
-   * Override entities.
-   */
-  entities?: {
-    users?: Repository<typeof users.schema>;
-    identities?: Repository<typeof identities.schema>;
-    sessions?: Repository<typeof sessions.schema>;
-  };
-  settings?: Partial<RealmAuthSettings>;
-  identities?: {
-    credentials?: true;
-    google?: true;
-    github?: true;
-  };
-  modules?: {
-    files?: boolean;
-    audits?: boolean;
-    jobs?: boolean;
-  };
-}
-//#endregion
-//#region ../../src/api/users/providers/UserRealmProvider.d.ts
-interface UserRealmRepositories {
-  identities: Repository<typeof identities.schema>;
-  sessions: Repository<typeof sessions.schema>;
-  users: Repository<typeof users.schema>;
-}
-interface UserRealm {
-  name: string;
-  repositories: UserRealmRepositories;
-  settings: RealmAuthSettings;
-}
-declare class UserRealmProvider {
-  protected readonly alepha: Alepha;
-  protected readonly defaultIdentities: Repository<alepha1.TObject<{
-    id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-    version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-    createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-    updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-    userId: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_REF>;
-    password: alepha1.TOptional<alepha1.TString>;
-    provider: alepha1.TString;
-    providerUserId: alepha1.TOptional<alepha1.TString>;
-    providerData: alepha1.TOptional<alepha1.TRecord<string, alepha1.TAny>>;
-  }>>;
-  protected readonly defaultSessions: Repository<alepha1.TObject<{
-    id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-    version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-    createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-    updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-    refreshToken: alepha1.TString;
-    userId: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_REF>;
-    expiresAt: alepha1.TString;
-    ip: alepha1.TOptional<alepha1.TString>;
-    userAgent: alepha1.TOptional<alepha1.TObject<{
-      os: alepha1.TString;
-      browser: alepha1.TString;
-      device: alepha1.TUnsafe<"MOBILE" | "DESKTOP" | "TABLET">;
-    }>>;
-  }>>;
-  protected readonly defaultUsers: Repository<alepha1.TObject<{
-    id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-    version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-    createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-    updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-    realm: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_DEFAULT>;
-    username: alepha1.TOptional<alepha1.TString>;
-    email: alepha1.TOptional<alepha1.TString>;
-    phoneNumber: alepha1.TOptional<alepha1.TString>;
-    roles: alepha_orm179.PgAttr<alepha1.TArray<alepha1.TString>, typeof alepha_orm179.PG_DEFAULT>;
-    firstName: alepha1.TOptional<alepha1.TString>;
-    lastName: alepha1.TOptional<alepha1.TString>;
-    picture: alepha1.TOptional<alepha1.TString>;
-    enabled: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-    emailVerified: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-  }>>;
-  protected realms: Map<string, UserRealm>;
-  avatars: alepha_bucket0.BucketPrimitive;
-  protected readonly onConfigure: alepha1.HookPrimitive<"configure">;
-  register(userRealmName: string, userRealmOptions?: UserRealmOptions): UserRealm;
-  /**
-   * Gets a registered realm by name, auto-creating default if needed.
-   */
-  getRealm(userRealmName?: string): UserRealm;
-  identityRepository(userRealmName?: string): Repository<typeof identities.schema>;
-  sessionRepository(userRealmName?: string): Repository<typeof sessions.schema>;
-  userRepository(userRealmName?: string): Repository<typeof users.schema>;
-}
+type TObjectInsert<T extends TObject> = TObject<{ [K in keyof T["properties"]]: T["properties"][K] extends {
+  [PG_DEFAULT]: any;
+} | {
+  "~optional": true;
+} ? TOptional<T["properties"][K]> : T["properties"][K] }>;
 //#endregion
-//#region ../../src/api/users/schemas/identityQuerySchema.d.ts
-declare const identityQuerySchema: alepha1.TObject<{
-  page: alepha1.TOptional<alepha1.TInteger>;
-  size: alepha1.TOptional<alepha1.TInteger>;
-  sort: alepha1.TOptional<alepha1.TString>;
-  userId: alepha1.TOptional<alepha1.TString>;
-  provider: alepha1.TOptional<alepha1.TString>;
-}>;
-type IdentityQuery = Static<typeof identityQuerySchema>;
+//#region ../../src/orm/schemas/updateSchema.d.ts
+/**
+ * Transforms a TObject schema for update operations.
+ * All optional properties at the root level are made nullable (i.e., `T | null`).
+ * This allows an API endpoint to explicitly accept `null` to clear an optional field in the database.
+ *
+ * @example
+ * Before: { name?: string; age: number; }
+ * After:  { name?: string | null; age: number; }
+ */
+type TObjectUpdate<T extends TObject> = TObject<{ [K in keyof T["properties"]]: T["properties"][K] extends TOptional<infer U> ? TOptional<TUnion<[U, TNull]>> : T["properties"][K] }>;
 //#endregion
-//#region ../../src/api/users/services/IdentityService.d.ts
-declare class IdentityService {
-  protected readonly log: alepha_logger0.Logger;
-  protected readonly userRealmProvider: UserRealmProvider;
-  identities(userRealmName?: string): alepha_orm179.Repository<alepha1.TObject<{
-    id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-    version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-    createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-    updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-    userId: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_REF>;
-    password: alepha1.TOptional<alepha1.TString>;
-    provider: alepha1.TString;
-    providerUserId: alepha1.TOptional<alepha1.TString>;
-    providerData: alepha1.TOptional<alepha1.TRecord<string, alepha1.TAny>>;
-  }>>;
+//#region ../../src/orm/primitives/$entity.d.ts
+interface EntityPrimitiveOptions<T extends TObject, Keys = keyof Static<T>> {
   /**
-   * Find identities with pagination and filtering.
+   * The database table name that will be created for this entity.
+   * If not provided, name will be inferred from the $repository variable name.
    */
-  findIdentities(q?: IdentityQuery, userRealmName?: string): Promise<Page$1<IdentityEntity>>;
+  name: string;
   /**
-   * Get an identity by ID.
+   * TypeBox schema defining the table structure and column types.
    */
-  getIdentityById(id: string, userRealmName?: string): Promise<IdentityEntity>;
+  schema: T;
   /**
-   * Delete an identity by ID.
+   * Database indexes to create for query optimization.
    */
-  deleteIdentity(id: string, userRealmName?: string): Promise<void>;
-}
-//#endregion
-//#region ../../src/api/users/controllers/IdentityController.d.ts
-declare class IdentityController {
-  protected readonly url = "/identities";
-  protected readonly group = "identities";
-  protected readonly identityService: IdentityService;
+  indexes?: (Keys | {
+    /**
+     * Single column to index.
+     */
+    column: Keys;
+    /**
+     * Whether this should be a unique index (enforces uniqueness constraint).
+     */
+    unique?: boolean;
+    /**
+     * Custom name for the index. If not provided, generates name automatically.
+     */
+    name?: string;
+  } | {
+    /**
+     * Multiple columns for composite index (order matters for query optimization).
+     */
+    columns: Keys[];
+    /**
+     * Whether this should be a unique index (enforces uniqueness constraint).
+     */
+    unique?: boolean;
+    /**
+     * Custom name for the index. If not provided, generates name automatically.
+     */
+    name?: string;
+  })[];
   /**
-   * Find identities with pagination and filtering.
+   * Foreign key constraints to maintain referential integrity.
    */
-  readonly findIdentities: alepha_server14.ActionPrimitiveFn<{
-    query: alepha1.TObject<{
-      page: alepha1.TOptional<alepha1.TInteger>;
-      size: alepha1.TOptional<alepha1.TInteger>;
-      sort: alepha1.TOptional<alepha1.TString>;
-      userId: alepha1.TOptional<alepha1.TString>;
-      provider: alepha1.TOptional<alepha1.TString>;
-      userRealmName: alepha1.TOptional<alepha1.TString>;
-    }>;
-    response: alepha1.TPage<alepha1.TObject<{
-      id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-      version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-      createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-      updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-      userId: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_REF>;
-      provider: alepha1.TString;
-      providerUserId: alepha1.TOptional<alepha1.TString>;
-      providerData: alepha1.TOptional<alepha1.TRecord<string, alepha1.TAny>>;
-    }>>;
-  }>;
-  /**
-   * Get an identity by ID.
-   */
-  readonly getIdentity: alepha_server14.ActionPrimitiveFn<{
-    params: alepha1.TObject<{
-      id: alepha1.TString;
-    }>;
-    query: alepha1.TObject<{
-      userRealmName: alepha1.TOptional<alepha1.TString>;
-    }>;
-    response: alepha1.TObject<{
-      id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-      version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-      createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-      updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-      userId: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_REF>;
-      provider: alepha1.TString;
-      providerUserId: alepha1.TOptional<alepha1.TString>;
-      providerData: alepha1.TOptional<alepha1.TRecord<string, alepha1.TAny>>;
-    }>;
-  }>;
-  /**
-   * Delete an identity.
-   */
-  readonly deleteIdentity: alepha_server14.ActionPrimitiveFn<{
-    params: alepha1.TObject<{
-      id: alepha1.TString;
-    }>;
-    query: alepha1.TObject<{
-      userRealmName: alepha1.TOptional<alepha1.TString>;
-    }>;
-    response: alepha1.TObject<{
-      ok: alepha1.TBoolean;
-      id: alepha1.TOptional<alepha1.TUnion<[alepha1.TString, alepha1.TInteger]>>;
-      count: alepha1.TOptional<alepha1.TNumber>;
-    }>;
-  }>;
-}
-//#endregion
-//#region ../../src/api/users/schemas/sessionQuerySchema.d.ts
-declare const sessionQuerySchema: alepha1.TObject<{
-  page: alepha1.TOptional<alepha1.TInteger>;
-  size: alepha1.TOptional<alepha1.TInteger>;
-  sort: alepha1.TOptional<alepha1.TString>;
-  userId: alepha1.TOptional<alepha1.TString>;
-}>;
-type SessionQuery = Static<typeof sessionQuerySchema>;
-//#endregion
-//#region ../../src/api/users/services/SessionCrudService.d.ts
-declare class SessionCrudService {
-  protected readonly log: alepha_logger0.Logger;
-  protected readonly userRealmProvider: UserRealmProvider;
-  sessions(userRealmName?: string): alepha_orm179.Repository<alepha1.TObject<{
-    id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-    version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-    createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-    updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-    refreshToken: alepha1.TString;
-    userId: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_REF>;
-    expiresAt: alepha1.TString;
-    ip: alepha1.TOptional<alepha1.TString>;
-    userAgent: alepha1.TOptional<alepha1.TObject<{
-      os: alepha1.TString;
-      browser: alepha1.TString;
-      device: alepha1.TUnsafe<"MOBILE" | "DESKTOP" | "TABLET">;
-    }>>;
-  }>>;
-  /**
-   * Find sessions with pagination and filtering.
-   */
-  findSessions(q?: SessionQuery, userRealmName?: string): Promise<Page$1<SessionEntity>>;
-  /**
-   * Get a session by ID.
-   */
-  getSessionById(id: string, userRealmName?: string): Promise<SessionEntity>;
-  /**
-   * Delete a session by ID.
-   */
-  deleteSession(id: string, userRealmName?: string): Promise<void>;
-}
-//#endregion
-//#region ../../src/api/users/controllers/SessionController.d.ts
-declare class SessionController {
-  protected readonly url = "/sessions";
-  protected readonly group = "sessions";
-  protected readonly sessionService: SessionCrudService;
-  /**
-   * Find sessions with pagination and filtering.
-   */
-  readonly findSessions: alepha_server14.ActionPrimitiveFn<{
-    query: alepha1.TObject<{
-      page: alepha1.TOptional<alepha1.TInteger>;
-      size: alepha1.TOptional<alepha1.TInteger>;
-      sort: alepha1.TOptional<alepha1.TString>;
-      userId: alepha1.TOptional<alepha1.TString>;
-      userRealmName: alepha1.TOptional<alepha1.TString>;
-    }>;
-    response: alepha1.TPage<alepha1.TObject<{
-      id: alepha1.TString;
-      version: alepha1.TNumber;
-      createdAt: alepha1.TString;
-      updatedAt: alepha1.TString;
-      refreshToken: alepha1.TString;
-      userId: alepha1.TString;
-      expiresAt: alepha1.TString;
-      ip: alepha1.TOptional<alepha1.TString>;
-      userAgent: alepha1.TOptional<alepha1.TObject<{
-        os: alepha1.TString;
-        browser: alepha1.TString;
-        device: alepha1.TUnsafe<"MOBILE" | "DESKTOP" | "TABLET">;
-      }>>;
-    }>>;
-  }>;
-  /**
-   * Get a session by ID.
-   */
-  readonly getSession: alepha_server14.ActionPrimitiveFn<{
-    params: alepha1.TObject<{
-      id: alepha1.TString;
-    }>;
-    query: alepha1.TObject<{
-      userRealmName: alepha1.TOptional<alepha1.TString>;
-    }>;
-    response: alepha1.TObject<{
-      id: alepha1.TString;
-      version: alepha1.TNumber;
-      createdAt: alepha1.TString;
-      updatedAt: alepha1.TString;
-      refreshToken: alepha1.TString;
-      userId: alepha1.TString;
-      expiresAt: alepha1.TString;
-      ip: alepha1.TOptional<alepha1.TString>;
-      userAgent: alepha1.TOptional<alepha1.TObject<{
-        os: alepha1.TString;
-        browser: alepha1.TString;
-        device: alepha1.TUnsafe<"MOBILE" | "DESKTOP" | "TABLET">;
-      }>>;
-    }>;
-  }>;
-  /**
-   * Delete a session.
-   */
-  readonly deleteSession: alepha_server14.ActionPrimitiveFn<{
-    params: alepha1.TObject<{
-      id: alepha1.TString;
-    }>;
-    query: alepha1.TObject<{
-      userRealmName: alepha1.TOptional<alepha1.TString>;
-    }>;
-    response: alepha1.TObject<{
-      ok: alepha1.TBoolean;
-      id: alepha1.TOptional<alepha1.TUnion<[alepha1.TString, alepha1.TInteger]>>;
-      count: alepha1.TOptional<alepha1.TNumber>;
-    }>;
-  }>;
-}
-//#endregion
-//#region ../../src/orm/schemas/insertSchema.d.ts
-/**
- * Transforms a TObject schema for insert operations.
- * All default properties at the root level are made optional.
- *
- * @example
- * Before: { name: string; age: number(default=0); }
- * After:  { name: string; age?: number; }
- */
-type TObjectInsert<T extends TObject> = TObject<{ [K in keyof T["properties"]]: T["properties"][K] extends {
-  [PG_DEFAULT]: any;
-} | {
-  "~optional": true;
-} ? TOptional<T["properties"][K]> : T["properties"][K] }>;
-//#endregion
-//#region ../../src/orm/schemas/updateSchema.d.ts
-/**
- * Transforms a TObject schema for update operations.
- * All optional properties at the root level are made nullable (i.e., `T | null`).
- * This allows an API endpoint to explicitly accept `null` to clear an optional field in the database.
- *
- * @example
- * Before: { name?: string; age: number; }
- * After:  { name?: string | null; age: number; }
- */
-type TObjectUpdate<T extends TObject> = TObject<{ [K in keyof T["properties"]]: T["properties"][K] extends TOptional<infer U> ? TOptional<TUnion<[U, TNull]>> : T["properties"][K] }>;
-//#endregion
-//#region ../../src/orm/primitives/$entity.d.ts
-interface EntityPrimitiveOptions<T extends TObject, Keys = keyof Static<T>> {
-  /**
-   * The database table name that will be created for this entity.
-   * If not provided, name will be inferred from the $repository variable name.
-   */
-  name: string;
-  /**
-   * TypeBox schema defining the table structure and column types.
-   */
-  schema: T;
-  /**
-   * Database indexes to create for query optimization.
-   */
-  indexes?: (Keys | {
-    /**
-     * Single column to index.
-     */
-    column: Keys;
-    /**
-     * Whether this should be a unique index (enforces uniqueness constraint).
-     */
-    unique?: boolean;
-    /**
-     * Custom name for the index. If not provided, generates name automatically.
-     */
-    name?: string;
-  } | {
-    /**
-     * Multiple columns for composite index (order matters for query optimization).
-     */
-    columns: Keys[];
-    /**
-     * Whether this should be a unique index (enforces uniqueness constraint).
-     */
-    unique?: boolean;
-    /**
-     * Custom name for the index. If not provided, generates name automatically.
-     */
-    name?: string;
-  })[];
-  /**
-   * Foreign key constraints to maintain referential integrity.
-   */
-  foreignKeys?: Array<{
-    /**
-     * Optional name for the foreign key constraint.
-     */
-    name?: string;
-    /**
-     * Local columns that reference the foreign table.
-     */
-    columns: Array<keyof Static<T>>;
-    /**
-     * Referenced columns in the foreign table.
-     * Must be EntityColumn references from other entities.
-     */
-    foreignColumns: Array<() => EntityColumn<any>>;
+  foreignKeys?: Array<{
+    /**
+     * Optional name for the foreign key constraint.
+     */
+    name?: string;
+    /**
+     * Local columns that reference the foreign table.
+     */
+    columns: Array<keyof Static<T>>;
+    /**
+     * Referenced columns in the foreign table.
+     * Must be EntityColumn references from other entities.
+     */
+    foreignColumns: Array<() => EntityColumn<any>>;
   }>;
   /**
    * Additional table constraints for data validation.
@@ -1303,7 +906,7 @@ declare abstract class ModelBuilder {
 //#endregion
 //#region ../../src/orm/providers/DrizzleKitProvider.d.ts
 declare class DrizzleKitProvider {
-  protected readonly log: alepha_logger0.Logger;
+  protected readonly log: alepha_logger5.Logger;
   protected readonly alepha: Alepha;
   /**
    * Synchronize database with current schema definitions.
@@ -1351,7 +954,7 @@ type DevMigrations = Static<typeof devMigrationsSchema>;
 type SQLLike = SQLWrapper | string;
 declare abstract class DatabaseProvider {
   protected readonly alepha: Alepha;
-  protected readonly log: alepha_logger0.Logger;
+  protected readonly log: alepha_logger5.Logger;
   protected abstract readonly builder: ModelBuilder;
   protected abstract readonly kit: DrizzleKitProvider;
   abstract readonly db: PgDatabase<any>;
@@ -1374,7 +977,7 @@ declare abstract class DatabaseProvider {
   /**
    * Base migration orchestration - handles environment logic
    */
-  protected migrateDatabase(): Promise<void>;
+  migrate(): Promise<void>;
   /**
    * Production: run migrations from folder
    */
@@ -1776,81 +1379,6 @@ interface StatementOptions {
   now?: DateTime | string;
 }
 //#endregion
-//#region ../../src/orm/providers/drivers/BunPostgresProvider.d.ts
-declare module "alepha" {
-  interface Env extends Partial<Static<typeof envSchema$1>> {}
-}
-declare const envSchema$1: alepha1.TObject<{
-  /**
-   * Main configuration for database connection.
-   * Accept a string in the format of a Postgres connection URL.
-   * Example: postgres://user:password@localhost:5432/database
-   * or
-   * Example: postgres://user:password@localhost:5432/database?sslmode=require
-   */
-  DATABASE_URL: alepha1.TOptional<alepha1.TString>;
-  /**
-   * In addition to the DATABASE_URL, you can specify the postgres schema name.
-   */
-  POSTGRES_SCHEMA: alepha1.TOptional<alepha1.TString>;
-}>;
-/**
- * Bun PostgreSQL provider using Drizzle ORM with Bun's native SQL client.
- *
- * This provider uses Bun's built-in SQL class for PostgreSQL connections,
- * which provides excellent performance on the Bun runtime.
- *
- * @example
- * ```ts
- * // Set DATABASE_URL environment variable
- * // DATABASE_URL=postgres://user:password@localhost:5432/database
- *
- * // Or configure programmatically
- * alepha.with({
- *   provide: DatabaseProvider,
- *   use: BunPostgresProvider,
- * });
- * ```
- */
-//#endregion
-//#region ../../src/orm/providers/drivers/BunSqliteProvider.d.ts
-/**
- * Configuration options for the Bun SQLite database provider.
- */
-declare const bunSqliteOptions: alepha1.Atom<alepha1.TObject<{
-  path: alepha1.TOptional<alepha1.TString>;
-}>, "alepha.postgres.bun-sqlite.options">;
-type BunSqliteProviderOptions = Static<typeof bunSqliteOptions.schema>;
-declare module "alepha" {
-  interface State {
-    [bunSqliteOptions.key]: BunSqliteProviderOptions;
-  }
-}
-/**
- * Bun SQLite provider using Drizzle ORM with Bun's native SQLite client.
- *
- * This provider uses Bun's built-in `bun:sqlite` for SQLite connections,
- * which provides excellent performance on the Bun runtime.
- *
- * @example
- * ```ts
- * // Set DATABASE_URL environment variable
- * // DATABASE_URL=sqlite://./my-database.db
- *
- * // Or configure programmatically
- * alepha.with({
- *   provide: DatabaseProvider,
- *   use: BunSqliteProvider,
- * });
- *
- * // Or use options atom
- * alepha.store.mut(bunSqliteOptions, (old) => ({
- *   ...old,
- *   path: ":memory:",
- * }));
- * ```
- */
-//#endregion
 //#region ../../src/orm/providers/drivers/NodePostgresProvider.d.ts
 declare module "alepha" {
   interface Env extends Partial<Static<typeof envSchema>> {}
@@ -1960,16 +1488,411 @@ declare module "alepha" {
   }
 }
 //#endregion
-//#region ../../src/api/users/notifications/UserNotifications.d.ts
-declare class UserNotifications {
-  readonly passwordReset: alepha_api_notifications0.NotificationPrimitive<alepha1.TObject<{
-    email: alepha1.TString;
-    code: alepha1.TString;
-    expiresInMinutes: alepha1.TNumber;
-  }>>;
-  readonly emailVerification: alepha_api_notifications0.NotificationPrimitive<alepha1.TObject<{
-    email: alepha1.TString;
-    code: alepha1.TString;
+//#region ../../src/api/users/entities/identities.d.ts
+declare const identities: alepha_orm0.EntityPrimitive<alepha1.TObject<{
+  id: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_PRIMARY_KEY>, typeof alepha_orm0.PG_DEFAULT>;
+  version: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TInteger, typeof alepha_orm0.PG_VERSION>, typeof alepha_orm0.PG_DEFAULT>;
+  createdAt: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_CREATED_AT>, typeof alepha_orm0.PG_DEFAULT>;
+  updatedAt: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_UPDATED_AT>, typeof alepha_orm0.PG_DEFAULT>;
+  userId: alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_REF>;
+  password: alepha1.TOptional<alepha1.TString>;
+  provider: alepha1.TString;
+  providerUserId: alepha1.TOptional<alepha1.TString>;
+  providerData: alepha1.TOptional<alepha1.TRecord<string, alepha1.TAny>>;
+}>>;
+type IdentityEntity = Static<typeof identities.schema>;
+//#endregion
+//#region ../../src/api/users/entities/sessions.d.ts
+declare const sessions: alepha_orm0.EntityPrimitive<alepha1.TObject<{
+  id: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_PRIMARY_KEY>, typeof alepha_orm0.PG_DEFAULT>;
+  version: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TInteger, typeof alepha_orm0.PG_VERSION>, typeof alepha_orm0.PG_DEFAULT>;
+  createdAt: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_CREATED_AT>, typeof alepha_orm0.PG_DEFAULT>;
+  updatedAt: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_UPDATED_AT>, typeof alepha_orm0.PG_DEFAULT>;
+  refreshToken: alepha1.TString;
+  userId: alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_REF>;
+  expiresAt: alepha1.TString;
+  ip: alepha1.TOptional<alepha1.TString>;
+  userAgent: alepha1.TOptional<alepha1.TObject<{
+    os: alepha1.TString;
+    browser: alepha1.TString;
+    device: alepha1.TUnsafe<"MOBILE" | "DESKTOP" | "TABLET">;
+  }>>;
+}>>;
+type SessionEntity = Static<typeof sessions.schema>;
+//#endregion
+//#region ../../src/api/users/entities/users.d.ts
+declare const DEFAULT_USER_REALM_NAME = "default";
+declare const users: alepha_orm0.EntityPrimitive<alepha1.TObject<{
+  id: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_PRIMARY_KEY>, typeof alepha_orm0.PG_DEFAULT>;
+  version: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TInteger, typeof alepha_orm0.PG_VERSION>, typeof alepha_orm0.PG_DEFAULT>;
+  createdAt: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_CREATED_AT>, typeof alepha_orm0.PG_DEFAULT>;
+  updatedAt: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_UPDATED_AT>, typeof alepha_orm0.PG_DEFAULT>;
+  realm: alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_DEFAULT>;
+  username: alepha1.TOptional<alepha1.TString>;
+  email: alepha1.TOptional<alepha1.TString>;
+  phoneNumber: alepha1.TOptional<alepha1.TString>;
+  roles: alepha_orm0.PgAttr<alepha1.TArray<alepha1.TString>, typeof alepha_orm0.PG_DEFAULT>;
+  firstName: alepha1.TOptional<alepha1.TString>;
+  lastName: alepha1.TOptional<alepha1.TString>;
+  picture: alepha1.TOptional<alepha1.TString>;
+  enabled: alepha_orm0.PgAttr<alepha1.TBoolean, typeof alepha_orm0.PG_DEFAULT>;
+  emailVerified: alepha_orm0.PgAttr<alepha1.TBoolean, typeof alepha_orm0.PG_DEFAULT>;
+}>>;
+type UserEntity = Static<typeof users.schema>;
+//#endregion
+//#region ../../src/api/users/primitives/$userRealm.d.ts
+type UserRealmPrimitive = RealmPrimitive & WithLinkFn & WithLoginFn;
+/**
+ * Already configured realm for user management.
+ *
+ * Realm contains two roles: `admin` and `user`.
+ *
+ * - `admin`: Has full access to all resources and permissions.
+ * - `user`: Has access to their own resources and permissions, but cannot access admin-level resources.
+ *
+ * Realm uses session management for handling user sessions.
+ *
+ * Environment Variables:
+ * - `APP_SECRET`: Secret key for signing tokens (if not provided in options).
+ */
+declare const $userRealm: (options?: UserRealmOptions) => UserRealmPrimitive;
+interface UserRealmOptions {
+  /**
+   * Secret key for signing tokens.
+   *
+   * If not provided, the secret from the SecurityProvider will be used (usually from the APP_SECRET environment variable).
+   */
+  secret?: string;
+  /**
+   * Realm configuration options.
+   *
+   * It's already pre-configured for user management with admin and user roles.
+   */
+  realm?: Partial<RealmPrimitiveOptions>;
+  /**
+   * Override entities.
+   */
+  entities?: {
+    users?: Repository<typeof users.schema>;
+    identities?: Repository<typeof identities.schema>;
+    sessions?: Repository<typeof sessions.schema>;
+  };
+  settings?: Partial<RealmAuthSettings>;
+  identities?: {
+    credentials?: true;
+    google?: true;
+    github?: true;
+  };
+  modules?: {
+    files?: boolean;
+    audits?: boolean;
+    jobs?: boolean;
+  };
+}
+//#endregion
+//#region ../../src/api/users/providers/UserRealmProvider.d.ts
+interface UserRealmRepositories {
+  identities: Repository<typeof identities.schema>;
+  sessions: Repository<typeof sessions.schema>;
+  users: Repository<typeof users.schema>;
+}
+interface UserRealm {
+  name: string;
+  repositories: UserRealmRepositories;
+  settings: RealmAuthSettings;
+}
+declare class UserRealmProvider {
+  protected readonly alepha: Alepha;
+  protected readonly defaultIdentities: Repository<alepha1.TObject<{
+    id: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_PRIMARY_KEY>, typeof alepha_orm0.PG_DEFAULT>;
+    version: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TInteger, typeof alepha_orm0.PG_VERSION>, typeof alepha_orm0.PG_DEFAULT>;
+    createdAt: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_CREATED_AT>, typeof alepha_orm0.PG_DEFAULT>;
+    updatedAt: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_UPDATED_AT>, typeof alepha_orm0.PG_DEFAULT>;
+    userId: alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_REF>;
+    password: alepha1.TOptional<alepha1.TString>;
+    provider: alepha1.TString;
+    providerUserId: alepha1.TOptional<alepha1.TString>;
+    providerData: alepha1.TOptional<alepha1.TRecord<string, alepha1.TAny>>;
+  }>>;
+  protected readonly defaultSessions: Repository<alepha1.TObject<{
+    id: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_PRIMARY_KEY>, typeof alepha_orm0.PG_DEFAULT>;
+    version: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TInteger, typeof alepha_orm0.PG_VERSION>, typeof alepha_orm0.PG_DEFAULT>;
+    createdAt: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_CREATED_AT>, typeof alepha_orm0.PG_DEFAULT>;
+    updatedAt: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_UPDATED_AT>, typeof alepha_orm0.PG_DEFAULT>;
+    refreshToken: alepha1.TString;
+    userId: alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_REF>;
+    expiresAt: alepha1.TString;
+    ip: alepha1.TOptional<alepha1.TString>;
+    userAgent: alepha1.TOptional<alepha1.TObject<{
+      os: alepha1.TString;
+      browser: alepha1.TString;
+      device: alepha1.TUnsafe<"MOBILE" | "DESKTOP" | "TABLET">;
+    }>>;
+  }>>;
+  protected readonly defaultUsers: Repository<alepha1.TObject<{
+    id: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_PRIMARY_KEY>, typeof alepha_orm0.PG_DEFAULT>;
+    version: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TInteger, typeof alepha_orm0.PG_VERSION>, typeof alepha_orm0.PG_DEFAULT>;
+    createdAt: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_CREATED_AT>, typeof alepha_orm0.PG_DEFAULT>;
+    updatedAt: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_UPDATED_AT>, typeof alepha_orm0.PG_DEFAULT>;
+    realm: alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_DEFAULT>;
+    username: alepha1.TOptional<alepha1.TString>;
+    email: alepha1.TOptional<alepha1.TString>;
+    phoneNumber: alepha1.TOptional<alepha1.TString>;
+    roles: alepha_orm0.PgAttr<alepha1.TArray<alepha1.TString>, typeof alepha_orm0.PG_DEFAULT>;
+    firstName: alepha1.TOptional<alepha1.TString>;
+    lastName: alepha1.TOptional<alepha1.TString>;
+    picture: alepha1.TOptional<alepha1.TString>;
+    enabled: alepha_orm0.PgAttr<alepha1.TBoolean, typeof alepha_orm0.PG_DEFAULT>;
+    emailVerified: alepha_orm0.PgAttr<alepha1.TBoolean, typeof alepha_orm0.PG_DEFAULT>;
+  }>>;
+  protected realms: Map<string, UserRealm>;
+  avatars: alepha_bucket0.BucketPrimitive;
+  protected readonly onConfigure: alepha1.HookPrimitive<"configure">;
+  register(userRealmName: string, userRealmOptions?: UserRealmOptions): UserRealm;
+  /**
+   * Gets a registered realm by name, auto-creating default if needed.
+   */
+  getRealm(userRealmName?: string): UserRealm;
+  identityRepository(userRealmName?: string): Repository<typeof identities.schema>;
+  sessionRepository(userRealmName?: string): Repository<typeof sessions.schema>;
+  userRepository(userRealmName?: string): Repository<typeof users.schema>;
+}
+//#endregion
+//#region ../../src/api/users/schemas/identityQuerySchema.d.ts
+declare const identityQuerySchema: alepha1.TObject<{
+  page: alepha1.TOptional<alepha1.TInteger>;
+  size: alepha1.TOptional<alepha1.TInteger>;
+  sort: alepha1.TOptional<alepha1.TString>;
+  userId: alepha1.TOptional<alepha1.TString>;
+  provider: alepha1.TOptional<alepha1.TString>;
+}>;
+type IdentityQuery = Static<typeof identityQuerySchema>;
+//#endregion
+//#region ../../src/api/users/services/IdentityService.d.ts
+declare class IdentityService {
+  protected readonly log: alepha_logger5.Logger;
+  protected readonly userRealmProvider: UserRealmProvider;
+  protected readonly auditService: AuditService;
+  identities(userRealmName?: string): alepha_orm0.Repository<alepha1.TObject<{
+    id: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_PRIMARY_KEY>, typeof alepha_orm0.PG_DEFAULT>;
+    version: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TInteger, typeof alepha_orm0.PG_VERSION>, typeof alepha_orm0.PG_DEFAULT>;
+    createdAt: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_CREATED_AT>, typeof alepha_orm0.PG_DEFAULT>;
+    updatedAt: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_UPDATED_AT>, typeof alepha_orm0.PG_DEFAULT>;
+    userId: alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_REF>;
+    password: alepha1.TOptional<alepha1.TString>;
+    provider: alepha1.TString;
+    providerUserId: alepha1.TOptional<alepha1.TString>;
+    providerData: alepha1.TOptional<alepha1.TRecord<string, alepha1.TAny>>;
+  }>>;
+  /**
+   * Find identities with pagination and filtering.
+   */
+  findIdentities(q?: IdentityQuery, userRealmName?: string): Promise<Page$1<IdentityEntity>>;
+  /**
+   * Get an identity by ID.
+   */
+  getIdentityById(id: string, userRealmName?: string): Promise<IdentityEntity>;
+  /**
+   * Delete an identity by ID.
+   */
+  deleteIdentity(id: string, userRealmName?: string): Promise<void>;
+}
+//#endregion
+//#region ../../src/api/users/controllers/AdminIdentityController.d.ts
+declare class AdminIdentityController {
+  protected readonly url = "/identities";
+  protected readonly group = "admin:identities";
+  protected readonly identityService: IdentityService;
+  /**
+   * Find identities with pagination and filtering.
+   */
+  readonly findIdentities: alepha_server0.ActionPrimitiveFn<{
+    query: alepha1.TObject<{
+      page: alepha1.TOptional<alepha1.TInteger>;
+      size: alepha1.TOptional<alepha1.TInteger>;
+      sort: alepha1.TOptional<alepha1.TString>;
+      userId: alepha1.TOptional<alepha1.TString>;
+      provider: alepha1.TOptional<alepha1.TString>;
+      userRealmName: alepha1.TOptional<alepha1.TString>;
+    }>;
+    response: alepha1.TPage<alepha1.TObject<{
+      userId: PgAttr<alepha1.TString, typeof PG_REF>;
+      provider: alepha1.TString;
+      id: PgAttr<PgAttr<alepha1.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
+      version: PgAttr<PgAttr<alepha1.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
+      createdAt: PgAttr<PgAttr<alepha1.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
+      updatedAt: PgAttr<PgAttr<alepha1.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
+      providerUserId: alepha1.TOptional<alepha1.TString>;
+      providerData: alepha1.TOptional<alepha1.TRecord<string, alepha1.TAny>>;
+    }>>;
+  }>;
+  /**
+   * Get an identity by ID.
+   */
+  readonly getIdentity: alepha_server0.ActionPrimitiveFn<{
+    params: alepha1.TObject<{
+      id: alepha1.TString;
+    }>;
+    query: alepha1.TObject<{
+      userRealmName: alepha1.TOptional<alepha1.TString>;
+    }>;
+    response: alepha1.TObject<{
+      userId: PgAttr<alepha1.TString, typeof PG_REF>;
+      provider: alepha1.TString;
+      id: PgAttr<PgAttr<alepha1.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
+      version: PgAttr<PgAttr<alepha1.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
+      createdAt: PgAttr<PgAttr<alepha1.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
+      updatedAt: PgAttr<PgAttr<alepha1.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
+      providerUserId: alepha1.TOptional<alepha1.TString>;
+      providerData: alepha1.TOptional<alepha1.TRecord<string, alepha1.TAny>>;
+    }>;
+  }>;
+  /**
+   * Delete an identity.
+   */
+  readonly deleteIdentity: alepha_server0.ActionPrimitiveFn<{
+    params: alepha1.TObject<{
+      id: alepha1.TString;
+    }>;
+    query: alepha1.TObject<{
+      userRealmName: alepha1.TOptional<alepha1.TString>;
+    }>;
+    response: alepha1.TObject<{
+      ok: alepha1.TBoolean;
+      id: alepha1.TOptional<alepha1.TUnion<[alepha1.TString, alepha1.TInteger]>>;
+      count: alepha1.TOptional<alepha1.TNumber>;
+    }>;
+  }>;
+}
+//#endregion
+//#region ../../src/api/users/schemas/sessionQuerySchema.d.ts
+declare const sessionQuerySchema: alepha1.TObject<{
+  page: alepha1.TOptional<alepha1.TInteger>;
+  size: alepha1.TOptional<alepha1.TInteger>;
+  sort: alepha1.TOptional<alepha1.TString>;
+  userId: alepha1.TOptional<alepha1.TString>;
+}>;
+type SessionQuery = Static<typeof sessionQuerySchema>;
+//#endregion
+//#region ../../src/api/users/services/SessionCrudService.d.ts
+declare class SessionCrudService {
+  protected readonly log: alepha_logger5.Logger;
+  protected readonly userRealmProvider: UserRealmProvider;
+  sessions(userRealmName?: string): alepha_orm0.Repository<alepha1.TObject<{
+    id: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_PRIMARY_KEY>, typeof alepha_orm0.PG_DEFAULT>;
+    version: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TInteger, typeof alepha_orm0.PG_VERSION>, typeof alepha_orm0.PG_DEFAULT>;
+    createdAt: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_CREATED_AT>, typeof alepha_orm0.PG_DEFAULT>;
+    updatedAt: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_UPDATED_AT>, typeof alepha_orm0.PG_DEFAULT>;
+    refreshToken: alepha1.TString;
+    userId: alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_REF>;
+    expiresAt: alepha1.TString;
+    ip: alepha1.TOptional<alepha1.TString>;
+    userAgent: alepha1.TOptional<alepha1.TObject<{
+      os: alepha1.TString;
+      browser: alepha1.TString;
+      device: alepha1.TUnsafe<"MOBILE" | "DESKTOP" | "TABLET">;
+    }>>;
+  }>>;
+  /**
+   * Find sessions with pagination and filtering.
+   */
+  findSessions(q?: SessionQuery, userRealmName?: string): Promise<Page$1<SessionEntity>>;
+  /**
+   * Get a session by ID.
+   */
+  getSessionById(id: string, userRealmName?: string): Promise<SessionEntity>;
+  /**
+   * Delete a session by ID.
+   */
+  deleteSession(id: string, userRealmName?: string): Promise<void>;
+}
+//#endregion
+//#region ../../src/api/users/controllers/AdminSessionController.d.ts
+declare class AdminSessionController {
+  protected readonly url = "/sessions";
+  protected readonly group = "admin:sessions";
+  protected readonly sessionService: SessionCrudService;
+  /**
+   * Find sessions with pagination and filtering.
+   */
+  readonly findSessions: alepha_server0.ActionPrimitiveFn<{
+    query: alepha1.TObject<{
+      page: alepha1.TOptional<alepha1.TInteger>;
+      size: alepha1.TOptional<alepha1.TInteger>;
+      sort: alepha1.TOptional<alepha1.TString>;
+      userId: alepha1.TOptional<alepha1.TString>;
+      userRealmName: alepha1.TOptional<alepha1.TString>;
+    }>;
+    response: alepha1.TPage<alepha1.TObject<{
+      id: alepha1.TString;
+      version: alepha1.TNumber;
+      createdAt: alepha1.TString;
+      updatedAt: alepha1.TString;
+      refreshToken: alepha1.TString;
+      userId: alepha1.TString;
+      expiresAt: alepha1.TString;
+      ip: alepha1.TOptional<alepha1.TString>;
+      userAgent: alepha1.TOptional<alepha1.TObject<{
+        os: alepha1.TString;
+        browser: alepha1.TString;
+        device: alepha1.TUnsafe<"MOBILE" | "DESKTOP" | "TABLET">;
+      }>>;
+    }>>;
+  }>;
+  /**
+   * Get a session by ID.
+   */
+  readonly getSession: alepha_server0.ActionPrimitiveFn<{
+    params: alepha1.TObject<{
+      id: alepha1.TString;
+    }>;
+    query: alepha1.TObject<{
+      userRealmName: alepha1.TOptional<alepha1.TString>;
+    }>;
+    response: alepha1.TObject<{
+      id: alepha1.TString;
+      version: alepha1.TNumber;
+      createdAt: alepha1.TString;
+      updatedAt: alepha1.TString;
+      refreshToken: alepha1.TString;
+      userId: alepha1.TString;
+      expiresAt: alepha1.TString;
+      ip: alepha1.TOptional<alepha1.TString>;
+      userAgent: alepha1.TOptional<alepha1.TObject<{
+        os: alepha1.TString;
+        browser: alepha1.TString;
+        device: alepha1.TUnsafe<"MOBILE" | "DESKTOP" | "TABLET">;
+      }>>;
+    }>;
+  }>;
+  /**
+   * Delete a session.
+   */
+  readonly deleteSession: alepha_server0.ActionPrimitiveFn<{
+    params: alepha1.TObject<{
+      id: alepha1.TString;
+    }>;
+    query: alepha1.TObject<{
+      userRealmName: alepha1.TOptional<alepha1.TString>;
+    }>;
+    response: alepha1.TObject<{
+      ok: alepha1.TBoolean;
+      id: alepha1.TOptional<alepha1.TUnion<[alepha1.TString, alepha1.TInteger]>>;
+      count: alepha1.TOptional<alepha1.TNumber>;
+    }>;
+  }>;
+}
+//#endregion
+//#region ../../src/api/users/notifications/UserNotifications.d.ts
+declare class UserNotifications {
+  readonly passwordReset: alepha_api_notifications0.NotificationPrimitive<alepha1.TObject<{
+    email: alepha1.TString;
+    code: alepha1.TString;
+    expiresInMinutes: alepha1.TNumber;
+  }>>;
+  readonly emailVerification: alepha_api_notifications0.NotificationPrimitive<alepha1.TObject<{
+    email: alepha1.TString;
+    code: alepha1.TString;
     expiresInMinutes: alepha1.TNumber;
   }>>;
   readonly phoneVerification: alepha_api_notifications0.NotificationPrimitive<alepha1.TObject<{
@@ -1989,6 +1912,270 @@ declare class UserNotifications {
   }>>;
 }
 //#endregion
+//#region ../../src/api/users/schemas/createUserSchema.d.ts
+declare const createUserSchema: alepha1.TObject<{
+  id: alepha1.TOptional<PgAttr<PgAttr<alepha1.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>>;
+  version: alepha1.TOptional<PgAttr<PgAttr<alepha1.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>>;
+  email: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
+  createdAt: alepha1.TOptional<PgAttr<PgAttr<alepha1.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>>;
+  updatedAt: alepha1.TOptional<PgAttr<PgAttr<alepha1.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>>;
+  username: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
+  phoneNumber: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
+  roles: alepha1.TOptional<alepha1.TArray<alepha1.TString>>;
+  firstName: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
+  lastName: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
+  picture: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
+  enabled: alepha1.TOptional<PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>>;
+  emailVerified: alepha1.TOptional<PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>>;
+}>;
+type CreateUser = Static<typeof createUserSchema>;
+//#endregion
+//#region ../../src/api/users/schemas/updateUserSchema.d.ts
+declare const updateUserSchema: alepha1.TObject<{
+  email: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
+  realm: alepha1.TOptional<PgAttr<alepha1.TString, typeof PG_DEFAULT>>;
+  phoneNumber: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
+  roles: alepha1.TOptional<alepha1.TArray<alepha1.TString>>;
+  firstName: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
+  lastName: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
+  picture: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
+  enabled: alepha1.TOptional<PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>>;
+}>;
+type UpdateUser = Static<typeof updateUserSchema>;
+//#endregion
+//#region ../../src/api/users/schemas/userQuerySchema.d.ts
+declare const userQuerySchema: alepha1.TObject<{
+  page: alepha1.TOptional<alepha1.TInteger>;
+  size: alepha1.TOptional<alepha1.TInteger>;
+  sort: alepha1.TOptional<alepha1.TString>;
+  email: alepha1.TOptional<alepha1.TString>;
+  enabled: alepha1.TOptional<alepha1.TBoolean>;
+  emailVerified: alepha1.TOptional<alepha1.TBoolean>;
+  roles: alepha1.TOptional<alepha1.TArray<alepha1.TString>>;
+  query: alepha1.TOptional<alepha1.TString>;
+}>;
+type UserQuery = Static<typeof userQuerySchema>;
+//#endregion
+//#region ../../src/api/users/services/UserService.d.ts
+declare class UserService {
+  protected readonly log: alepha_logger5.Logger;
+  protected readonly verificationController: alepha_server_links2.HttpVirtualClient<VerificationController>;
+  protected readonly userNotifications: UserNotifications;
+  protected readonly userRealmProvider: UserRealmProvider;
+  protected readonly auditService: AuditService;
+  users(userRealmName?: string): alepha_orm0.Repository<alepha1.TObject<{
+    id: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_PRIMARY_KEY>, typeof alepha_orm0.PG_DEFAULT>;
+    version: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TInteger, typeof alepha_orm0.PG_VERSION>, typeof alepha_orm0.PG_DEFAULT>;
+    createdAt: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_CREATED_AT>, typeof alepha_orm0.PG_DEFAULT>;
+    updatedAt: alepha_orm0.PgAttr<alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_UPDATED_AT>, typeof alepha_orm0.PG_DEFAULT>;
+    realm: alepha_orm0.PgAttr<alepha1.TString, typeof alepha_orm0.PG_DEFAULT>;
+    username: alepha1.TOptional<alepha1.TString>;
+    email: alepha1.TOptional<alepha1.TString>;
+    phoneNumber: alepha1.TOptional<alepha1.TString>;
+    roles: alepha_orm0.PgAttr<alepha1.TArray<alepha1.TString>, typeof alepha_orm0.PG_DEFAULT>;
+    firstName: alepha1.TOptional<alepha1.TString>;
+    lastName: alepha1.TOptional<alepha1.TString>;
+    picture: alepha1.TOptional<alepha1.TString>;
+    enabled: alepha_orm0.PgAttr<alepha1.TBoolean, typeof alepha_orm0.PG_DEFAULT>;
+    emailVerified: alepha_orm0.PgAttr<alepha1.TBoolean, typeof alepha_orm0.PG_DEFAULT>;
+  }>>;
+  /**
+   * Request email verification for a user.
+   * @param email - The email address to verify.
+   * @param userRealmName - Optional realm name.
+   * @param method - The verification method: "code" (default) or "link".
+   * @param verifyUrl - Base URL for verification link (required when method is "link").
+   */
+  requestEmailVerification(email: string, userRealmName?: string, method?: "code" | "link", verifyUrl?: string): Promise<boolean>;
+  /**
+   * Verify a user's email using a valid verification token.
+   * Supports both code (6-digit) and link (UUID) verification tokens.
+   */
+  verifyEmail(email: string, token: string, userRealmName?: string): Promise<void>;
+  /**
+   * Check if an email is verified.
+   */
+  isEmailVerified(email: string, userRealmName?: string): Promise<boolean>;
+  /**
+   * Find users with pagination and filtering.
+   */
+  findUsers(q?: UserQuery, userRealmName?: string): Promise<Page$1<UserEntity>>;
+  /**
+   * Get a user by ID.
+   */
+  getUserById(id: string, userRealmName?: string): Promise<UserEntity>;
+  /**
+   * Create a new user.
+   */
+  createUser(data: CreateUser, userRealmName?: string): Promise<UserEntity>;
+  /**
+   * Update an existing user.
+   */
+  updateUser(id: string, data: UpdateUser, userRealmName?: string): Promise<UserEntity>;
+  /**
+   * Delete a user by ID.
+   */
+  deleteUser(id: string, userRealmName?: string): Promise<void>;
+}
+//#endregion
+//#region ../../src/api/users/controllers/AdminUserController.d.ts
+declare class AdminUserController {
+  protected readonly url = "/users";
+  protected readonly group = "admin:users";
+  protected readonly userService: UserService;
+  /**
+   * Find users with pagination and filtering.
+   */
+  readonly findUsers: alepha_server0.ActionPrimitiveFn<{
+    query: alepha1.TObject<{
+      page: alepha1.TOptional<alepha1.TInteger>;
+      size: alepha1.TOptional<alepha1.TInteger>;
+      sort: alepha1.TOptional<alepha1.TString>;
+      email: alepha1.TOptional<alepha1.TString>;
+      enabled: alepha1.TOptional<alepha1.TBoolean>;
+      emailVerified: alepha1.TOptional<alepha1.TBoolean>;
+      roles: alepha1.TOptional<alepha1.TArray<alepha1.TString>>;
+      query: alepha1.TOptional<alepha1.TString>;
+      userRealmName: alepha1.TOptional<alepha1.TString>;
+    }>;
+    response: alepha1.TPage<alepha1.TObject<{
+      id: PgAttr<PgAttr<alepha1.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
+      version: PgAttr<PgAttr<alepha1.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
+      createdAt: PgAttr<PgAttr<alepha1.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
+      updatedAt: PgAttr<PgAttr<alepha1.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
+      realm: PgAttr<alepha1.TString, typeof PG_DEFAULT>;
+      username: alepha1.TOptional<alepha1.TString>;
+      email: alepha1.TOptional<alepha1.TString>;
+      phoneNumber: alepha1.TOptional<alepha1.TString>;
+      roles: PgAttr<alepha1.TArray<alepha1.TString>, typeof PG_DEFAULT>;
+      firstName: alepha1.TOptional<alepha1.TString>;
+      lastName: alepha1.TOptional<alepha1.TString>;
+      picture: alepha1.TOptional<alepha1.TString>;
+      enabled: PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>;
+      emailVerified: PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>;
+    }>>;
+  }>;
+  /**
+   * Get a user by ID.
+   */
+  readonly getUser: alepha_server0.ActionPrimitiveFn<{
+    params: alepha1.TObject<{
+      id: alepha1.TString;
+    }>;
+    query: alepha1.TObject<{
+      userRealmName: alepha1.TOptional<alepha1.TString>;
+    }>;
+    response: alepha1.TObject<{
+      id: PgAttr<PgAttr<alepha1.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
+      version: PgAttr<PgAttr<alepha1.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
+      createdAt: PgAttr<PgAttr<alepha1.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
+      updatedAt: PgAttr<PgAttr<alepha1.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
+      realm: PgAttr<alepha1.TString, typeof PG_DEFAULT>;
+      username: alepha1.TOptional<alepha1.TString>;
+      email: alepha1.TOptional<alepha1.TString>;
+      phoneNumber: alepha1.TOptional<alepha1.TString>;
+      roles: PgAttr<alepha1.TArray<alepha1.TString>, typeof PG_DEFAULT>;
+      firstName: alepha1.TOptional<alepha1.TString>;
+      lastName: alepha1.TOptional<alepha1.TString>;
+      picture: alepha1.TOptional<alepha1.TString>;
+      enabled: PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>;
+      emailVerified: PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>;
+    }>;
+  }>;
+  /**
+   * Create a new user.
+   */
+  readonly createUser: alepha_server0.ActionPrimitiveFn<{
+    query: alepha1.TObject<{
+      userRealmName: alepha1.TOptional<alepha1.TString>;
+    }>;
+    body: alepha1.TObject<{
+      id: alepha1.TOptional<PgAttr<PgAttr<alepha1.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>>;
+      version: alepha1.TOptional<PgAttr<PgAttr<alepha1.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>>;
+      email: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
+      createdAt: alepha1.TOptional<PgAttr<PgAttr<alepha1.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>>;
+      updatedAt: alepha1.TOptional<PgAttr<PgAttr<alepha1.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>>;
+      username: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
+      phoneNumber: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
+      roles: alepha1.TOptional<alepha1.TArray<alepha1.TString>>;
+      firstName: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
+      lastName: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
+      picture: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
+      enabled: alepha1.TOptional<PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>>;
+      emailVerified: alepha1.TOptional<PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>>;
+    }>;
+    response: alepha1.TObject<{
+      id: PgAttr<PgAttr<alepha1.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
+      version: PgAttr<PgAttr<alepha1.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
+      createdAt: PgAttr<PgAttr<alepha1.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
+      updatedAt: PgAttr<PgAttr<alepha1.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
+      realm: PgAttr<alepha1.TString, typeof PG_DEFAULT>;
+      username: alepha1.TOptional<alepha1.TString>;
+      email: alepha1.TOptional<alepha1.TString>;
+      phoneNumber: alepha1.TOptional<alepha1.TString>;
+      roles: PgAttr<alepha1.TArray<alepha1.TString>, typeof PG_DEFAULT>;
+      firstName: alepha1.TOptional<alepha1.TString>;
+      lastName: alepha1.TOptional<alepha1.TString>;
+      picture: alepha1.TOptional<alepha1.TString>;
+      enabled: PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>;
+      emailVerified: PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>;
+    }>;
+  }>;
+  /**
+   * Update a user.
+   */
+  readonly updateUser: alepha_server0.ActionPrimitiveFn<{
+    params: alepha1.TObject<{
+      id: alepha1.TString;
+    }>;
+    query: alepha1.TObject<{
+      userRealmName: alepha1.TOptional<alepha1.TString>;
+    }>;
+    body: alepha1.TObject<{
+      email: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
+      realm: alepha1.TOptional<PgAttr<alepha1.TString, typeof PG_DEFAULT>>;
+      phoneNumber: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
+      roles: alepha1.TOptional<alepha1.TArray<alepha1.TString>>;
+      firstName: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
+      lastName: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
+      picture: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
+      enabled: alepha1.TOptional<PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>>;
+    }>;
+    response: alepha1.TObject<{
+      id: PgAttr<PgAttr<alepha1.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
+      version: PgAttr<PgAttr<alepha1.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
+      createdAt: PgAttr<PgAttr<alepha1.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
+      updatedAt: PgAttr<PgAttr<alepha1.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
+      realm: PgAttr<alepha1.TString, typeof PG_DEFAULT>;
+      username: alepha1.TOptional<alepha1.TString>;
+      email: alepha1.TOptional<alepha1.TString>;
+      phoneNumber: alepha1.TOptional<alepha1.TString>;
+      roles: PgAttr<alepha1.TArray<alepha1.TString>, typeof PG_DEFAULT>;
+      firstName: alepha1.TOptional<alepha1.TString>;
+      lastName: alepha1.TOptional<alepha1.TString>;
+      picture: alepha1.TOptional<alepha1.TString>;
+      enabled: PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>;
+      emailVerified: PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>;
+    }>;
+  }>;
+  /**
+   * Delete a user.
+   */
+  readonly deleteUser: alepha_server0.ActionPrimitiveFn<{
+    params: alepha1.TObject<{
+      id: alepha1.TString;
+    }>;
+    query: alepha1.TObject<{
+      userRealmName: alepha1.TOptional<alepha1.TString>;
+    }>;
+    response: alepha1.TObject<{
+      ok: alepha1.TBoolean;
+      id: alepha1.TOptional<alepha1.TUnion<[alepha1.TString, alepha1.TInteger]>>;
+      count: alepha1.TOptional<alepha1.TNumber>;
+    }>;
+  }>;
+}
+//#endregion
 //#region ../../src/api/users/schemas/completePasswordResetRequestSchema.d.ts
 /**
  * Request schema for completing a password reset.
@@ -2028,12 +2215,13 @@ interface PasswordResetIntent {
   expiresAt: string;
 }
 declare class CredentialService {
-  protected readonly log: alepha_logger0.Logger;
+  protected readonly log: alepha_logger5.Logger;
   protected readonly cryptoProvider: CryptoProvider;
   protected readonly dateTimeProvider: DateTimeProvider;
-  protected readonly verificationController: alepha_server_links0.HttpVirtualClient<VerificationController>;
+  protected readonly verificationController: alepha_server_links2.HttpVirtualClient<VerificationController>;
   protected readonly userNotifications: UserNotifications;
   protected readonly userRealmProvider: UserRealmProvider;
+  protected readonly auditService: AuditService;
   protected readonly intentCache: alepha_cache0.CachePrimitiveFn<PasswordResetIntent, any[]>;
   users(userRealmName?: string): Repository$1<alepha1.TObject<{
     id: PgAttr<PgAttr<alepha1.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
@@ -2169,12 +2357,13 @@ interface RegistrationIntent {
   expiresAt: string;
 }
 declare class RegistrationService {
-  protected readonly log: alepha_logger0.Logger;
+  protected readonly log: alepha_logger5.Logger;
   protected readonly dateTimeProvider: DateTimeProvider;
   protected readonly cryptoProvider: CryptoProvider;
-  protected readonly verificationController: alepha_server_links0.HttpVirtualClient<VerificationController>;
+  protected readonly verificationController: alepha_server_links2.HttpVirtualClient<VerificationController>;
   protected readonly userNotifications: UserNotifications;
   protected readonly userRealmProvider: UserRealmProvider;
+  protected readonly auditService: AuditService;
   protected readonly intentCache: alepha_cache0.CachePrimitiveFn<RegistrationIntent, any[]>;
   /**
    * Phase 1: Create a registration intent.
@@ -2212,111 +2401,6 @@ declare class RegistrationService {
   protected verifyPhoneCode(phoneNumber: string, code: string): Promise<void>;
 }
 //#endregion
-//#region ../../src/api/users/schemas/createUserSchema.d.ts
-declare const createUserSchema: alepha1.TObject<{
-  username: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-  email: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-  phoneNumber: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-  firstName: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-  lastName: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-  picture: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-  enabled: alepha1.TOptional<PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>>;
-  emailVerified: alepha1.TOptional<PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>>;
-  roles: alepha1.TOptional<alepha1.TArray<alepha1.TString>>;
-  id: alepha1.TOptional<PgAttr<PgAttr<alepha1.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>>;
-  version: alepha1.TOptional<PgAttr<PgAttr<alepha1.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>>;
-  createdAt: alepha1.TOptional<PgAttr<PgAttr<alepha1.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>>;
-  updatedAt: alepha1.TOptional<PgAttr<PgAttr<alepha1.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>>;
-}>;
-type CreateUser = Static<typeof createUserSchema>;
-//#endregion
-//#region ../../src/api/users/schemas/updateUserSchema.d.ts
-declare const updateUserSchema: alepha1.TObject<{
-  email: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-  phoneNumber: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-  firstName: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-  lastName: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-  picture: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-  enabled: alepha1.TOptional<PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>>;
-  roles: alepha1.TOptional<alepha1.TArray<alepha1.TString>>;
-  realm: alepha1.TOptional<PgAttr<alepha1.TString, typeof PG_DEFAULT>>;
-}>;
-type UpdateUser = Static<typeof updateUserSchema>;
-//#endregion
-//#region ../../src/api/users/schemas/userQuerySchema.d.ts
-declare const userQuerySchema: alepha1.TObject<{
-  page: alepha1.TOptional<alepha1.TInteger>;
-  size: alepha1.TOptional<alepha1.TInteger>;
-  sort: alepha1.TOptional<alepha1.TString>;
-  email: alepha1.TOptional<alepha1.TString>;
-  enabled: alepha1.TOptional<alepha1.TBoolean>;
-  emailVerified: alepha1.TOptional<alepha1.TBoolean>;
-  roles: alepha1.TOptional<alepha1.TArray<alepha1.TString>>;
-  query: alepha1.TOptional<alepha1.TString>;
-}>;
-type UserQuery = Static<typeof userQuerySchema>;
-//#endregion
-//#region ../../src/api/users/services/UserService.d.ts
-declare class UserService {
-  protected readonly log: alepha_logger0.Logger;
-  protected readonly verificationController: alepha_server_links0.HttpVirtualClient<VerificationController>;
-  protected readonly userNotifications: UserNotifications;
-  protected readonly userRealmProvider: UserRealmProvider;
-  users(userRealmName?: string): alepha_orm179.Repository<alepha1.TObject<{
-    id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-    version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-    createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-    updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-    realm: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_DEFAULT>;
-    username: alepha1.TOptional<alepha1.TString>;
-    email: alepha1.TOptional<alepha1.TString>;
-    phoneNumber: alepha1.TOptional<alepha1.TString>;
-    roles: alepha_orm179.PgAttr<alepha1.TArray<alepha1.TString>, typeof alepha_orm179.PG_DEFAULT>;
-    firstName: alepha1.TOptional<alepha1.TString>;
-    lastName: alepha1.TOptional<alepha1.TString>;
-    picture: alepha1.TOptional<alepha1.TString>;
-    enabled: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-    emailVerified: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-  }>>;
-  /**
-   * Request email verification for a user.
-   * @param email - The email address to verify.
-   * @param userRealmName - Optional realm name.
-   * @param method - The verification method: "code" (default) or "link".
-   * @param verifyUrl - Base URL for verification link (required when method is "link").
-   */
-  requestEmailVerification(email: string, userRealmName?: string, method?: "code" | "link", verifyUrl?: string): Promise<boolean>;
-  /**
-   * Verify a user's email using a valid verification token.
-   * Supports both code (6-digit) and link (UUID) verification tokens.
-   */
-  verifyEmail(email: string, token: string, userRealmName?: string): Promise<void>;
-  /**
-   * Check if an email is verified.
-   */
-  isEmailVerified(email: string, userRealmName?: string): Promise<boolean>;
-  /**
-   * Find users with pagination and filtering.
-   */
-  findUsers(q?: UserQuery, userRealmName?: string): Promise<Page$1<UserEntity>>;
-  /**
-   * Get a user by ID.
-   */
-  getUserById(id: string, userRealmName?: string): Promise<UserEntity>;
-  /**
-   * Create a new user.
-   */
-  createUser(data: CreateUser, userRealmName?: string): Promise<UserEntity>;
-  /**
-   * Update an existing user.
-   */
-  updateUser(id: string, data: UpdateUser, userRealmName?: string): Promise<UserEntity>;
-  /**
-   * Delete a user by ID.
-   */
-  deleteUser(id: string, userRealmName?: string): Promise<void>;
-}
-//#endregion
 //#region ../../src/api/users/controllers/UserController.d.ts
 declare class UserController {
   protected readonly url = "/users";
@@ -2328,7 +2412,7 @@ declare class UserController {
    * Phase 1: Create a registration intent.
    * Validates data, creates verification sessions, and stores intent in cache.
    */
-  readonly createRegistrationIntent: alepha_server14.ActionPrimitiveFn<{
+  readonly createRegistrationIntent: alepha_server0.ActionPrimitiveFn<{
     body: alepha1.TObject<{
       password: alepha1.TString;
       username: alepha1.TOptional<alepha1.TString>;
@@ -2349,109 +2433,11 @@ declare class UserController {
       expiresAt: alepha1.TString;
     }>;
   }>;
-  /**
-   * Find users with pagination and filtering.
-   */
-  readonly findUsers: alepha_server14.ActionPrimitiveFn<{
-    query: alepha1.TObject<{
-      page: alepha1.TOptional<alepha1.TInteger>;
-      size: alepha1.TOptional<alepha1.TInteger>;
-      sort: alepha1.TOptional<alepha1.TString>;
-      email: alepha1.TOptional<alepha1.TString>;
-      enabled: alepha1.TOptional<alepha1.TBoolean>;
-      emailVerified: alepha1.TOptional<alepha1.TBoolean>;
-      roles: alepha1.TOptional<alepha1.TArray<alepha1.TString>>;
-      query: alepha1.TOptional<alepha1.TString>;
-      userRealmName: alepha1.TOptional<alepha1.TString>;
-    }>;
-    response: alepha1.TPage<alepha1.TObject<{
-      id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-      version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-      createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-      updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-      realm: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_DEFAULT>;
-      username: alepha1.TOptional<alepha1.TString>;
-      email: alepha1.TOptional<alepha1.TString>;
-      phoneNumber: alepha1.TOptional<alepha1.TString>;
-      roles: alepha_orm179.PgAttr<alepha1.TArray<alepha1.TString>, typeof alepha_orm179.PG_DEFAULT>;
-      firstName: alepha1.TOptional<alepha1.TString>;
-      lastName: alepha1.TOptional<alepha1.TString>;
-      picture: alepha1.TOptional<alepha1.TString>;
-      enabled: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-      emailVerified: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-    }>>;
-  }>;
-  /**
-   * Get a user by ID.
-   */
-  readonly getUser: alepha_server14.ActionPrimitiveFn<{
-    params: alepha1.TObject<{
-      id: alepha1.TString;
-    }>;
-    query: alepha1.TObject<{
-      userRealmName: alepha1.TOptional<alepha1.TString>;
-    }>;
-    response: alepha1.TObject<{
-      id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-      version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-      createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-      updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-      realm: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_DEFAULT>;
-      username: alepha1.TOptional<alepha1.TString>;
-      email: alepha1.TOptional<alepha1.TString>;
-      phoneNumber: alepha1.TOptional<alepha1.TString>;
-      roles: alepha_orm179.PgAttr<alepha1.TArray<alepha1.TString>, typeof alepha_orm179.PG_DEFAULT>;
-      firstName: alepha1.TOptional<alepha1.TString>;
-      lastName: alepha1.TOptional<alepha1.TString>;
-      picture: alepha1.TOptional<alepha1.TString>;
-      enabled: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-      emailVerified: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-    }>;
-  }>;
-  /**
-   * Create a new user.
-   */
-  readonly createUser: alepha_server14.ActionPrimitiveFn<{
-    query: alepha1.TObject<{
-      userRealmName: alepha1.TOptional<alepha1.TString>;
-    }>;
-    body: alepha1.TObject<{
-      username: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-      email: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-      phoneNumber: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-      firstName: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-      lastName: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-      picture: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-      enabled: alepha1.TOptional<alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>>;
-      emailVerified: alepha1.TOptional<alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>>;
-      roles: alepha1.TOptional<alepha1.TArray<alepha1.TString>>;
-      id: alepha1.TOptional<alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>>;
-      version: alepha1.TOptional<alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>>;
-      createdAt: alepha1.TOptional<alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>>;
-      updatedAt: alepha1.TOptional<alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>>;
-    }>;
-    response: alepha1.TObject<{
-      id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-      version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-      createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-      updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-      realm: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_DEFAULT>;
-      username: alepha1.TOptional<alepha1.TString>;
-      email: alepha1.TOptional<alepha1.TString>;
-      phoneNumber: alepha1.TOptional<alepha1.TString>;
-      roles: alepha_orm179.PgAttr<alepha1.TArray<alepha1.TString>, typeof alepha_orm179.PG_DEFAULT>;
-      firstName: alepha1.TOptional<alepha1.TString>;
-      lastName: alepha1.TOptional<alepha1.TString>;
-      picture: alepha1.TOptional<alepha1.TString>;
-      enabled: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-      emailVerified: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-    }>;
-  }>;
   /**
    * Phase 2: Complete registration using an intent.
    * Validates verification codes and creates the user.
    */
-  readonly createUserFromIntent: alepha_server14.ActionPrimitiveFn<{
+  readonly createUserFromIntent: alepha_server0.ActionPrimitiveFn<{
     body: alepha1.TObject<{
       intentId: alepha1.TString;
       emailCode: alepha1.TOptional<alepha1.TString>;
@@ -2459,80 +2445,27 @@ declare class UserController {
       captchaToken: alepha1.TOptional<alepha1.TString>;
     }>;
     response: alepha1.TObject<{
-      id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-      version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-      createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-      updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-      realm: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_DEFAULT>;
-      username: alepha1.TOptional<alepha1.TString>;
-      email: alepha1.TOptional<alepha1.TString>;
-      phoneNumber: alepha1.TOptional<alepha1.TString>;
-      roles: alepha_orm179.PgAttr<alepha1.TArray<alepha1.TString>, typeof alepha_orm179.PG_DEFAULT>;
-      firstName: alepha1.TOptional<alepha1.TString>;
-      lastName: alepha1.TOptional<alepha1.TString>;
-      picture: alepha1.TOptional<alepha1.TString>;
-      enabled: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-      emailVerified: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-    }>;
-  }>;
-  /**
-   * Update a user.
-   */
-  readonly updateUser: alepha_server14.ActionPrimitiveFn<{
-    params: alepha1.TObject<{
-      id: alepha1.TString;
-    }>;
-    query: alepha1.TObject<{
-      userRealmName: alepha1.TOptional<alepha1.TString>;
-    }>;
-    body: alepha1.TObject<{
-      email: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-      phoneNumber: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-      firstName: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-      lastName: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-      picture: alepha1.TOptional<alepha1.TOptional<alepha1.TString>>;
-      enabled: alepha1.TOptional<alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>>;
-      roles: alepha1.TOptional<alepha1.TArray<alepha1.TString>>;
-      realm: alepha1.TOptional<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_DEFAULT>>;
-    }>;
-    response: alepha1.TObject<{
-      id: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_PRIMARY_KEY>, typeof alepha_orm179.PG_DEFAULT>;
-      version: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TInteger, typeof alepha_orm179.PG_VERSION>, typeof alepha_orm179.PG_DEFAULT>;
-      createdAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_CREATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-      updatedAt: alepha_orm179.PgAttr<alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_UPDATED_AT>, typeof alepha_orm179.PG_DEFAULT>;
-      realm: alepha_orm179.PgAttr<alepha1.TString, typeof alepha_orm179.PG_DEFAULT>;
+      id: PgAttr<PgAttr<alepha1.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
+      version: PgAttr<PgAttr<alepha1.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
+      createdAt: PgAttr<PgAttr<alepha1.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
+      updatedAt: PgAttr<PgAttr<alepha1.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
+      realm: PgAttr<alepha1.TString, typeof PG_DEFAULT>;
       username: alepha1.TOptional<alepha1.TString>;
       email: alepha1.TOptional<alepha1.TString>;
       phoneNumber: alepha1.TOptional<alepha1.TString>;
-      roles: alepha_orm179.PgAttr<alepha1.TArray<alepha1.TString>, typeof alepha_orm179.PG_DEFAULT>;
+      roles: PgAttr<alepha1.TArray<alepha1.TString>, typeof PG_DEFAULT>;
       firstName: alepha1.TOptional<alepha1.TString>;
       lastName: alepha1.TOptional<alepha1.TString>;
       picture: alepha1.TOptional<alepha1.TString>;
-      enabled: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-      emailVerified: alepha_orm179.PgAttr<alepha1.TBoolean, typeof alepha_orm179.PG_DEFAULT>;
-    }>;
-  }>;
-  /**
-   * Delete a user.
-   */
-  readonly deleteUser: alepha_server14.ActionPrimitiveFn<{
-    params: alepha1.TObject<{
-      id: alepha1.TString;
-    }>;
-    query: alepha1.TObject<{
-      userRealmName: alepha1.TOptional<alepha1.TString>;
-    }>;
-    response: alepha1.TObject<{
-      ok: alepha1.TBoolean;
-      id: alepha1.TOptional<alepha1.TUnion<[alepha1.TString, alepha1.TInteger]>>;
-      count: alepha1.TOptional<alepha1.TNumber>;
+      enabled: PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>;
+      emailVerified: PgAttr<alepha1.TBoolean, typeof PG_DEFAULT>;
     }>;
   }>;
   /**
    * Phase 1: Create a password reset intent.
    * Validates email, sends verification code, and stores intent in cache.
    */
-  readonly createPasswordResetIntent: alepha_server14.ActionPrimitiveFn<{
+  readonly createPasswordResetIntent: alepha_server0.ActionPrimitiveFn<{
     query: alepha1.TObject<{
       userRealmName: alepha1.TOptional<alepha1.TString>;
     }>;
@@ -2548,7 +2481,7 @@ declare class UserController {
    * Phase 2: Complete password reset using an intent.
    * Validates verification code, updates password, and invalidates sessions.
    */
-  readonly completePasswordReset: alepha_server14.ActionPrimitiveFn<{
+  readonly completePasswordReset: alepha_server0.ActionPrimitiveFn<{
     body: alepha1.TObject<{
       intentId: alepha1.TString;
       code: alepha1.TString;
@@ -2563,7 +2496,7 @@ declare class UserController {
   /**
    * @deprecated Use createPasswordResetIntent instead
    */
-  requestPasswordReset: alepha_server14.ActionPrimitiveFn<{
+  requestPasswordReset: alepha_server0.ActionPrimitiveFn<{
     query: alepha1.TObject<{
       userRealmName: alepha1.TOptional<alepha1.TString>;
     }>;
@@ -2578,7 +2511,7 @@ declare class UserController {
   /**
    * @deprecated Use completePasswordReset instead
    */
-  validateResetToken: alepha_server14.ActionPrimitiveFn<{
+  validateResetToken: alepha_server0.ActionPrimitiveFn<{
     query: alepha1.TObject<{
       email: alepha1.TString;
       token: alepha1.TString;
@@ -2592,7 +2525,7 @@ declare class UserController {
   /**
    * @deprecated Use completePasswordReset instead
    */
-  resetPassword: alepha_server14.ActionPrimitiveFn<{
+  resetPassword: alepha_server0.ActionPrimitiveFn<{
     query: alepha1.TObject<{
       userRealmName: alepha1.TOptional<alepha1.TString>;
     }>;
@@ -2612,7 +2545,7 @@ declare class UserController {
    * @param method - The verification method: "code" (default) sends a 6-digit code, "link" sends a clickable verification link.
    * @param verifyUrl - Required when method is "link". The base URL for the verification link. Token and email will be appended as query params.
    */
-  requestEmailVerification: alepha_server14.ActionPrimitiveFn<{
+  requestEmailVerification: alepha_server0.ActionPrimitiveFn<{
     query: alepha1.TObject<{
       userRealmName: alepha1.TOptional<alepha1.TString>;
       method: alepha1.TOptional<alepha1.TUnsafe<"link" | "code">>;
@@ -2630,7 +2563,7 @@ declare class UserController {
    * Verify email with a valid token.
    * Updates the user's emailVerified status.
    */
-  verifyEmail: alepha_server14.ActionPrimitiveFn<{
+  verifyEmail: alepha_server0.ActionPrimitiveFn<{
     query: alepha1.TObject<{
       userRealmName: alepha1.TOptional<alepha1.TString>;
     }>;
@@ -2646,7 +2579,7 @@ declare class UserController {
   /**
    * Check if an email is verified.
    */
-  checkEmailVerification: alepha_server14.ActionPrimitiveFn<{
+  checkEmailVerification: alepha_server0.ActionPrimitiveFn<{
     query: alepha1.TObject<{
       email: alepha1.TString;
       userRealmName: alepha1.TOptional<alepha1.TString>;
@@ -2664,13 +2597,14 @@ declare class UserController {
  */
 declare class UserRealmController {
   protected readonly url = "/realms";
+  protected readonly group = "realms";
   protected readonly userRealmProvider: UserRealmProvider;
   protected readonly serverAuthProvider: ServerAuthProvider;
   /**
    * Get realm configuration settings.
    * This endpoint is not exposed in the API documentation.
    */
-  readonly getRealmConfig: alepha_server14.ActionPrimitiveFn<{
+  readonly getRealmConfig: alepha_server0.ActionPrimitiveFn<{
     query: alepha1.TObject<{
       userRealmName: alepha1.TOptional<alepha1.TString>;
     }>;
@@ -2706,7 +2640,7 @@ declare class UserRealmController {
       }>>;
     }>;
   }>;
-  readonly checkUsernameAvailability: alepha_server14.ActionPrimitiveFn<{
+  readonly checkUsernameAvailability: alepha_server0.ActionPrimitiveFn<{
     query: alepha1.TObject<{
       userRealmName: alepha1.TOptional<alepha1.TString>;
     }>;
@@ -2721,12 +2655,12 @@ declare class UserRealmController {
 //#endregion
 //#region ../../src/api/users/schemas/identityResourceSchema.d.ts
 declare const identityResourceSchema: alepha1.TObject<{
+  userId: PgAttr<alepha1.TString, typeof PG_REF>;
+  provider: alepha1.TString;
   id: PgAttr<PgAttr<alepha1.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
   version: PgAttr<PgAttr<alepha1.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
   createdAt: PgAttr<PgAttr<alepha1.TString, typeof PG_CREATED_AT>, typeof PG_DEFAULT>;
   updatedAt: PgAttr<PgAttr<alepha1.TString, typeof PG_UPDATED_AT>, typeof PG_DEFAULT>;
-  userId: PgAttr<alepha1.TString, typeof PG_REF>;
-  provider: alepha1.TString;
   providerUserId: alepha1.TOptional<alepha1.TString>;
   providerData: alepha1.TOptional<alepha1.TRecord<string, alepha1.TAny>>;
 }>;
@@ -2839,9 +2773,10 @@ declare class SessionService {
   protected readonly fsp: FileSystemProvider;
   protected readonly dateTimeProvider: DateTimeProvider;
   protected readonly cryptoProvider: CryptoProvider;
-  protected readonly log: alepha_logger0.Logger;
+  protected readonly log: alepha_logger5.Logger;
   protected readonly userRealmProvider: UserRealmProvider;
-  protected readonly fileController: alepha_server_links0.HttpVirtualClient<FileController>;
+  protected readonly fileController: alepha_server_links2.HttpVirtualClient<FileController>;
+  protected readonly auditService: AuditService;
   users(userRealmName?: string): Repository$1<alepha1.TObject<{
     id: PgAttr<PgAttr<alepha1.TString, typeof PG_PRIMARY_KEY>, typeof PG_DEFAULT>;
     version: PgAttr<PgAttr<alepha1.TInteger, typeof PG_VERSION>, typeof PG_DEFAULT>;
@@ -2934,20 +2869,20 @@ declare class SessionService {
   }>;
   deleteSession(refreshToken: string, userRealmName?: string): Promise<void>;
   link(provider: string, profile: OAuth2Profile, userRealmName?: string): Promise<{
-    username?: string | undefined;
     email?: string | undefined;
+    username?: string | undefined;
     phoneNumber?: string | undefined;
     firstName?: string | undefined;
     lastName?: string | undefined;
     picture?: string | undefined;
-    enabled: boolean;
-    emailVerified: boolean;
-    roles: string[];
     id: string;
     version: number;
     createdAt: string;
     updatedAt: string;
     realm: string;
+    roles: string[];
+    enabled: boolean;
+    emailVerified: boolean;
   } | {
     sub: string;
     email?: string;
@@ -2991,5 +2926,5 @@ declare class SessionService {
  */
 declare const AlephaApiUsers: alepha1.Service<alepha1.Module>;
 //#endregion
-export { $userRealm, AlephaApiUsers, CompletePasswordResetRequest, CompleteRegistrationRequest, CreateUser, CredentialService, DEFAULT_USER_REALM_NAME, IdentityController, IdentityEntity, IdentityQuery, IdentityResource, IdentityService, LoginInput, PasswordResetIntentResponse, RealmAuthSettings, RegisterInput, RegistrationIntentResponse, RegistrationService, ResetPasswordInput, ResetPasswordRequest, SessionController, SessionCrudService, SessionEntity, SessionQuery, SessionResource, SessionService, UpdateUser, UserController, UserEntity, UserQuery, UserRealm, UserRealmConfig, UserRealmController, UserRealmOptions, UserRealmPrimitive, UserRealmProvider, UserRealmRepositories, UserResource, UserService, completePasswordResetRequestSchema, completeRegistrationRequestSchema, createUserSchema, identities, identityQuerySchema, identityResourceSchema, loginSchema, passwordResetIntentResponseSchema, realmAuthSettingsAtom, registerSchema, registrationIntentResponseSchema, resetPasswordRequestSchema, resetPasswordSchema, sessionQuerySchema, sessionResourceSchema, sessions, updateUserSchema, userQuerySchema, userRealmConfigSchema, userResourceSchema, users };
+export { $userRealm, AdminIdentityController, AdminSessionController, AdminUserController, AlephaApiUsers, CompletePasswordResetRequest, CompleteRegistrationRequest, CreateUser, CredentialService, DEFAULT_USER_REALM_NAME, IdentityEntity, IdentityQuery, IdentityResource, IdentityService, LoginInput, PasswordResetIntentResponse, RealmAuthSettings, RegisterInput, RegistrationIntentResponse, RegistrationService, ResetPasswordInput, ResetPasswordRequest, SessionCrudService, SessionEntity, SessionQuery, SessionResource, SessionService, UpdateUser, UserController, UserEntity, UserQuery, UserRealm, UserRealmConfig, UserRealmController, UserRealmOptions, UserRealmPrimitive, UserRealmProvider, UserRealmRepositories, UserResource, UserService, completePasswordResetRequestSchema, completeRegistrationRequestSchema, createUserSchema, identities, identityQuerySchema, identityResourceSchema, loginSchema, passwordResetIntentResponseSchema, realmAuthSettingsAtom, registerSchema, registrationIntentResponseSchema, resetPasswordRequestSchema, resetPasswordSchema, sessionQuerySchema, sessionResourceSchema, sessions, updateUserSchema, userQuerySchema, userRealmConfigSchema, userResourceSchema, users };
 //# sourceMappingURL=index.d.ts.map