better-auth 0.0.8-beta.25 → 0.0.8-beta.26

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (32) hide show
  1. package/dist/client/plugins.d.ts +27 -32
  2. package/dist/client/plugins.js +73 -47
  3. package/dist/client/plugins.js.map +1 -1
  4. package/dist/client.d.ts +152 -140
  5. package/dist/client.js +59 -16
  6. package/dist/client.js.map +1 -1
  7. package/dist/{index-DoXcqf3v.d.ts → index-CucwXUPE.d.ts} +115 -47
  8. package/dist/index.d.ts +14 -14
  9. package/dist/index.js +98 -98
  10. package/dist/index.js.map +1 -1
  11. package/dist/{internal-adapter-B6xQsmUU.d.ts → internal-adapter-BcJ9vHzC.d.ts} +10 -3
  12. package/dist/next-js.d.ts +1 -1
  13. package/dist/plugins.d.ts +2 -2
  14. package/dist/plugins.js +111 -103
  15. package/dist/plugins.js.map +1 -1
  16. package/dist/react.d.ts +146 -140
  17. package/dist/react.js +66 -17
  18. package/dist/react.js.map +1 -1
  19. package/dist/solid-start.d.ts +1 -1
  20. package/dist/solid.d.ts +146 -142
  21. package/dist/solid.js +58 -15
  22. package/dist/solid.js.map +1 -1
  23. package/dist/svelte-kit.d.ts +1 -1
  24. package/dist/svelte.d.ts +147 -143
  25. package/dist/svelte.js +58 -15
  26. package/dist/svelte.js.map +1 -1
  27. package/dist/{types-B-mnB1YO.d.ts → types-ucl4Q6t3.d.ts} +1 -1
  28. package/dist/types.d.ts +1 -1
  29. package/dist/vue.d.ts +289 -281
  30. package/dist/vue.js +58 -15
  31. package/dist/vue.js.map +1 -1
  32. package/package.json +3 -2
package/dist/client/plugins.d.ts CHANGED
@@ -2,14 +2,14 @@ import * as nanostores from 'nanostores';
2
2
  import { A as AccessControl, S as StatementsPrimitive, R as Role } from '../statement-D6SPoYOh.js';
3
3
  import * as _better_fetch_fetch from '@better-fetch/fetch';
4
4
  import { BetterFetchOption } from '@better-fetch/fetch';
5
- import { o as organization, M as Member, I as Invitation, u as username } from '../index-DoXcqf3v.js';
6
- export { g as getPasskeyActions, c as passkeyClient, a as twoFactorClient } from '../index-DoXcqf3v.js';
5
+ import { o as organization, M as Member, I as Invitation, u as username } from '../index-CucwXUPE.js';
6
+ export { g as getPasskeyActions, c as passkeyClient, a as twoFactorClient } from '../index-CucwXUPE.js';
7
7
  import '../helper-D8dhRz72.js';
8
8
  import '../index-CcxejJTH.js';
9
9
  import 'arctic';
10
10
  import 'zod';
11
11
  import 'better-call';
12
- import '../internal-adapter-B6xQsmUU.js';
12
+ import '../internal-adapter-BcJ9vHzC.js';
13
13
  import 'kysely';
14
14
  import '@simplewebauthn/types';
15
15
 
@@ -69,33 +69,27 @@ declare const organizationClient: <O extends OrganizationClientOptions>(options?
69
69
  getAtoms: ($fetch: _better_fetch_fetch.BetterFetch) => {
70
70
  _listOrg: nanostores.PreinitializedWritableAtom<boolean>;
71
71
  _activeOrgSignal: nanostores.PreinitializedWritableAtom<boolean>;
72
- activeOrganization: nanostores.ReadableAtom<{
73
- id: string;
74
- name: string;
75
- slug: string;
76
- members: Member[];
77
- invitations: Invitation[];
78
- } | null>;
79
- listOrganizations: nanostores.ReadableAtom<{
80
- id: string;
81
- name: string;
82
- slug: string;
83
- }[] | null>;
84
- invitation: nanostores.ReadableAtom<{
85
- data: null;
86
- error: {
87
- message?: string | undefined;
88
- status: number;
89
- statusText: string;
90
- };
91
- } | {
92
- error: {
93
- message: string;
94
- status: number;
95
- data: null;
96
- };
97
- data: null;
98
- } | {
72
+ activeOrganization: nanostores.PreinitializedWritableAtom<{
73
+ data: {
74
+ id: string;
75
+ name: string;
76
+ slug: string;
77
+ members: Member[];
78
+ invitations: Invitation[];
79
+ } | null;
80
+ error: null | _better_fetch_fetch.BetterFetchError;
81
+ isPending: boolean;
82
+ }>;
83
+ listOrganizations: nanostores.PreinitializedWritableAtom<{
84
+ data: {
85
+ id: string;
86
+ name: string;
87
+ slug: string;
88
+ }[] | null;
89
+ error: null | _better_fetch_fetch.BetterFetchError;
90
+ isPending: boolean;
91
+ }>;
92
+ invitation: nanostores.PreinitializedWritableAtom<{
99
93
  data: {
100
94
  id: string;
101
95
  status: "pending" | "accepted" | "rejected" | "canceled";
@@ -108,8 +102,9 @@ declare const organizationClient: <O extends OrganizationClientOptions>(options?
108
102
  organizationSlug: string;
109
103
  inviterEmail: string;
110
104
  inviterName: string;
111
- };
112
- error: null;
105
+ } | null;
106
+ error: null | _better_fetch_fetch.BetterFetchError;
107
+ isPending: boolean;
113
108
  }>;
114
109
  };
115
110
  atomListeners: {
package/dist/client/plugins.js CHANGED
@@ -1,4 +1,5 @@
1
- import { atom, computed, task } from 'nanostores';
1
+ import { atom } from 'nanostores';
2
+ import '@better-fetch/fetch';
2
3
  import { startAuthentication, startRegistration, WebAuthnError } from '@simplewebauthn/browser';
3
4
 
4
5
  // src/plugins/organization/client.ts
@@ -105,6 +106,56 @@ defaultAc.newRole({
105
106
  member: [],
106
107
  invitation: []
107
108
  });
109
+ var useAuthQuery = (initializedAtom, path, $fetch, options) => {
110
+ const value = atom({
111
+ data: null,
112
+ error: null,
113
+ isPending: false
114
+ });
115
+ const fn = () => {
116
+ const opts = typeof options === "function" ? options() : options;
117
+ return $fetch(path, {
118
+ ...opts,
119
+ onSuccess: async (context) => {
120
+ value.set({
121
+ data: context.data,
122
+ error: null,
123
+ isPending: false
124
+ });
125
+ await opts?.onSuccess?.(context);
126
+ },
127
+ async onError(context) {
128
+ value.set({
129
+ error: context.error,
130
+ data: null,
131
+ isPending: false
132
+ });
133
+ await opts?.onError?.(context);
134
+ },
135
+ async onRequest(context) {
136
+ const currentValue = value.get();
137
+ value.set({
138
+ isPending: true,
139
+ data: currentValue.data,
140
+ error: currentValue.error
141
+ });
142
+ await opts?.onRequest?.(context);
143
+ }
144
+ });
145
+ };
146
+ fn();
147
+ initializedAtom = Array.isArray(initializedAtom) ? initializedAtom : [initializedAtom];
148
+ let firstRun = true;
149
+ for (const initAtom of initializedAtom) {
150
+ initAtom.subscribe((value2) => {
151
+ if (value2 && !firstRun) {
152
+ fn();
153
+ }
154
+ });
155
+ }
156
+ firstRun = false;
157
+ return value;
158
+ };
108
159
 
109
160
  // src/plugins/organization/client.ts
110
161
  var organizationClient = (options) => {
@@ -135,55 +186,30 @@ var organizationClient = (options) => {
135
186
  }
136
187
  }),
137
188
  getAtoms: ($fetch) => {
138
- const listOrganizations = computed(
139
- [_listOrg],
140
- () => task(async () => {
141
- const organizations = await $fetch(
142
- "/organization/list",
143
- {
144
- method: "GET"
145
- }
146
- );
147
- return organizations.data;
148
- })
189
+ const invitation = useAuthQuery(_activeISignal, "/organization/get-active-invitation", $fetch, () => ({
190
+ method: "GET",
191
+ query: {
192
+ id: _activeISignal.get()
193
+ }
194
+ }));
195
+ const listOrganizations = useAuthQuery(
196
+ _listOrg,
197
+ "/organization/list",
198
+ $fetch,
199
+ {
200
+ method: "GET"
201
+ }
149
202
  );
150
- const activeOrganization = computed(
203
+ const activeOrganization = useAuthQuery(
151
204
  [activeOrgId, _activeOrgSignal],
152
- () => task(async () => {
153
- if (!activeOrgId.get()) {
154
- return null;
155
- }
156
- const organization = await $fetch("/organization/activate", {
157
- method: "POST",
158
- credentials: "include",
159
- body: {
160
- orgId: activeOrgId.get()
161
- }
162
- });
163
- return organization.data;
164
- })
165
- );
166
- const invitation = computed(
167
- _activeISignal,
168
- () => task(async () => {
169
- if (!_activeISignal.get()) {
170
- return {
171
- error: {
172
- message: "No invitation found",
173
- status: 400,
174
- data: null
175
- },
176
- data: null
177
- };
205
+ "/organization/activate",
206
+ $fetch,
207
+ () => ({
208
+ method: "POST",
209
+ credentials: "include",
210
+ body: {
211
+ orgId: activeOrgId.get()
178
212
  }
179
- const res = await $fetch("/organization/get-active-invitation", {
180
- method: "GET",
181
- query: {
182
- id: _activeISignal.get()
183
- },
184
- credentials: "include"
185
- });
186
- return res;
187
213
  })
188
214
  );
189
215
  return {
package/dist/client/plugins.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/plugins/organization/access/src/access.ts","../../src/plugins/organization/access/statement.ts","../../src/plugins/organization/client.ts","../../src/plugins/username/client.ts","../../src/plugins/passkey/client.ts","../../src/plugins/two-factor/client.ts"],"names":[],"mappings":";;;;;;AAEO,IAAM,YAAA,GAAN,cAA2B,KAAM,CAAA;AAAA,EACvB,IAAA,CAAA;AAAA,EAChB,WAAA,CAAY,SAAiB,IAAc,EAAA;AAC1C,IAAA,KAAA,CAAM,OAAO,CAAA,CAAA;AACb,IAAA,IAAA,CAAK,IAAO,GAAA,IAAA,CAAA;AAAA,GACb;AACD,CAAA,CAAA;AAIO,IAAM,gBAAN,MAAiE;AAAA,EAEvE,YAA6B,CAAgB,EAAA;AAAhB,IAAA,IAAA,CAAA,CAAA,GAAA,CAAA,CAAA;AAC5B,IAAA,IAAA,CAAK,UAAa,GAAA,CAAA,CAAA;AAAA,GACnB;AAAA,EAHiB,UAAA,CAAA;AAAA,EAIV,QACN,UACC,EAAA;AACD,IAAO,OAAA,IAAI,KAA6B,UAAU,CAAA,CAAA;AAAA,GACnD;AACD,CAAA,CAAA;AAMO,IAAM,IAAA,GAAN,MAAM,KAAqC,CAAA;AAAA,EACjC,UAAA,CAAA;AAAA,EAEhB,YAAY,UAAyB,EAAA;AACpC,IAAA,IAAA,CAAK,UAAa,GAAA,UAAA,CAAA;AAAA,GACnB;AAAA,EAEO,SAAA,CACN,SACA,SACqB,EAAA;AACrB,IAAA,KAAA,MAAW,CAAC,iBAAA,EAAmB,gBAAgB,CAAA,IAAK,MAAO,CAAA,OAAA;AAAA,MAC1D,OAAA;AAAA,KACE,EAAA;AACF,MAAM,MAAA,cAAA,GAAiB,IAAK,CAAA,UAAA,CAAW,iBAAiB,CAAA,CAAA;AACxD,MAAA,IAAI,CAAC,cAAgB,EAAA;AACpB,QAAO,OAAA;AAAA,UACN,OAAS,EAAA,KAAA;AAAA,UACT,KAAA,EAAO,2CAA2C,iBAAiB,CAAA,CAAA;AAAA,SACpE,CAAA;AAAA,OACD;AACA,MAAM,MAAA,OAAA,GACL,SAAc,KAAA,IAAA,GACV,gBAA8B,CAAA,IAAA;AAAA,QAAK,CAAC,eAAA,KACrC,cAAe,CAAA,QAAA,CAAS,eAAe,CAAA;AAAA,UAEtC,gBAA8B,CAAA,KAAA;AAAA,QAAM,CAAC,eAAA,KACtC,cAAe,CAAA,QAAA,CAAS,eAAe,CAAA;AAAA,OACxC,CAAA;AACH,MAAA,IAAI,OAAS,EAAA;AACZ,QAAA,OAAO,EAAE,OAAQ,EAAA,CAAA;AAAA,OAClB;AACA,MAAO,OAAA;AAAA,QACN,OAAS,EAAA,KAAA;AAAA,QACT,KAAA,EAAO,oCAAoC,iBAAiB,CAAA,CAAA,CAAA;AAAA,OAC7D,CAAA;AAAA,KACD;AACA,IAAO,OAAA;AAAA,MACN,OAAS,EAAA,KAAA;AAAA,MACT,KAAO,EAAA,gBAAA;AAAA,KACR,CAAA;AAAA,GACD;AAAA,EAEA,OAAO,WAA2C,CAAW,EAAA;AAC5D,IAAM,MAAA,UAAA,GAAa,IAAK,CAAA,KAAA,CAAM,CAAC,CAAA,CAAA;AAE/B,IAAI,IAAA,OAAO,eAAe,QAAU,EAAA;AACnC,MAAM,MAAA,IAAI,YAAa,CAAA,6BAAA,EAA+B,GAAG,CAAA,CAAA;AAAA,KAC1D;AACA,IAAA,KAAA,MAAW,CAAC,QAAU,EAAA,OAAO,KAAK,MAAO,CAAA,OAAA,CAAQ,UAAU,CAAG,EAAA;AAC7D,MAAI,IAAA,OAAO,aAAa,QAAU,EAAA;AACjC,QAAM,MAAA,IAAI,YAAa,CAAA,6BAAA,EAA+B,QAAQ,CAAA,CAAA;AAAA,OAC/D;AACA,MAAA,IAAI,CAAC,KAAA,CAAM,OAAQ,CAAA,OAAO,CAAG,EAAA;AAC5B,QAAM,MAAA,IAAI,YAAa,CAAA,yBAAA,EAA2B,QAAQ,CAAA,CAAA;AAAA,OAC3D;AACA,MAAA,KAAA,IAAS,CAAI,GAAA,CAAA,EAAG,CAAI,GAAA,OAAA,CAAQ,QAAQ,CAAK,EAAA,EAAA;AACxC,QAAA,IAAI,OAAO,OAAA,CAAQ,CAAC,CAAA,KAAM,QAAU,EAAA;AACnC,UAAA,MAAM,IAAI,YAAa,CAAA,wBAAA,EAA0B,GAAG,QAAQ,CAAA,CAAA,EAAI,CAAC,CAAG,CAAA,CAAA,CAAA,CAAA;AAAA,SACrE;AAAA,OACD;AAAA,KACD;AACA,IAAO,OAAA,IAAI,MAAkB,UAAU,CAAA,CAAA;AAAA,GACxC;AAAA,EAEO,QAAmB,GAAA;AACzB,IAAO,OAAA,IAAA,CAAK,SAAU,CAAA,IAAA,CAAK,UAAU,CAAA,CAAA;AAAA,GACtC;AACD,CAAA,CAAA;;;AC7FO,IAAM,mBAAA,GAAsB,CAClC,UACI,KAAA;AACJ,EAAO,OAAA,IAAI,cAAiB,UAAU,CAAA,CAAA;AACvC,CAAA,CAAA;AAEO,IAAM,iBAAoB,GAAA;AAAA,EAChC,YAAA,EAAc,CAAC,QAAA,EAAU,QAAQ,CAAA;AAAA,EACjC,MAAQ,EAAA,CAAC,QAAU,EAAA,QAAA,EAAU,QAAQ,CAAA;AAAA,EACrC,UAAA,EAAY,CAAC,QAAA,EAAU,QAAQ,CAAA;AAChC,CAAA,CAAA;AAEO,IAAM,SAAA,GAAY,oBAAoB,iBAAiB,CAAA,CAAA;AAEvC,UAAU,OAAQ,CAAA;AAAA,EACxC,YAAA,EAAc,CAAC,QAAQ,CAAA;AAAA,EACvB,UAAA,EAAY,CAAC,QAAA,EAAU,QAAQ,CAAA;AAAA,EAC/B,MAAQ,EAAA,CAAC,QAAU,EAAA,QAAA,EAAU,QAAQ,CAAA;AACtC,CAAC,EAAA;AAEsB,UAAU,OAAQ,CAAA;AAAA,EACxC,YAAA,EAAc,CAAC,QAAA,EAAU,QAAQ,CAAA;AAAA,EACjC,MAAQ,EAAA,CAAC,QAAU,EAAA,QAAA,EAAU,QAAQ,CAAA;AAAA,EACrC,UAAA,EAAY,CAAC,QAAA,EAAU,QAAQ,CAAA;AAChC,CAAC,EAAA;AAEuB,UAAU,OAAQ,CAAA;AAAA,EACzC,cAAc,EAAC;AAAA,EACf,QAAQ,EAAC;AAAA,EACT,YAAY,EAAC;AACd,CAAC,EAAA;;;ACdY,IAAA,kBAAA,GAAqB,CACjC,OACI,KAAA;AACJ,EAAM,MAAA,WAAA,GAAc,KAAoB,IAAI,CAAA,CAAA;AAC5C,EAAM,MAAA,QAAA,GAAW,KAAc,KAAK,CAAA,CAAA;AACpC,EAAM,MAAA,gBAAA,GAAmB,KAAc,KAAK,CAAA,CAAA;AAC5C,EAAM,MAAA,cAAA,GAAiB,KAAoB,IAAI,CAAA,CAAA;AAQ/C,EAAO,OAAA;AAAA,IACN,EAAI,EAAA,cAAA;AAAA,IACJ,oBAAoB,EAAC;AAAA,IACrB,UAAA,EAAY,CAAC,MAAY,MAAA;AAAA,MACxB,YAAc,EAAA;AAAA,QACb,UAAU,KAAsB,EAAA;AAC/B,UAAA,WAAA,CAAY,IAAI,KAAK,CAAA,CAAA;AAAA,SACtB;AAAA,QACA,eAAA,EAAiB,CAAC,EAAsB,KAAA;AACvC,UAAA,cAAA,CAAe,IAAI,EAAE,CAAA,CAAA;AAAA,SACtB;AAAA,QACA,aAAA,EAAe,OAAO,IAMhB,KAAA;AACL,UAAO,OAAA,MAAM,OAAgB,8BAAgC,EAAA;AAAA,YAC5D,MAAQ,EAAA,MAAA;AAAA,YACR,IAAM,EAAA;AAAA,cACL,YAAY,IAAK,CAAA,UAAA;AAAA,aAClB;AAAA,YACA,GAAG,IAAK,CAAA,OAAA;AAAA,WACR,CAAA,CAAA;AAAA,SACF;AAAA,OACD;AAAA,KACD,CAAA;AAAA,IACA,QAAA,EAAU,CAAC,MAAW,KAAA;AACrB,MAAA,MAAM,iBAAoB,GAAA,QAAA;AAAA,QAAS,CAAC,QAAQ,CAAA;AAAA,QAAG,MAC9C,KAAK,YAAY;AAChB,UAAA,MAAM,gBAAgB,MAAM,MAAA;AAAA,YAC3B,oBAAA;AAAA,YACA;AAAA,cACC,MAAQ,EAAA,KAAA;AAAA,aACT;AAAA,WACD,CAAA;AACA,UAAA,OAAO,aAAc,CAAA,IAAA,CAAA;AAAA,SACrB,CAAA;AAAA,OACF,CAAA;AACA,MAAA,MAAM,kBAAqB,GAAA,QAAA;AAAA,QAAS,CAAC,aAAa,gBAAgB,CAAA;AAAA,QAAG,MACpE,KAAK,YAAY;AAChB,UAAI,IAAA,CAAC,WAAY,CAAA,GAAA,EAAO,EAAA;AACvB,YAAO,OAAA,IAAA,CAAA;AAAA,WACR;AACA,UAAM,MAAA,YAAA,GAAe,MAAM,MAAA,CAOzB,wBAA0B,EAAA;AAAA,YAC3B,MAAQ,EAAA,MAAA;AAAA,YACR,WAAa,EAAA,SAAA;AAAA,YACb,IAAM,EAAA;AAAA,cACL,KAAA,EAAO,YAAY,GAAI,EAAA;AAAA,aACxB;AAAA,WACA,CAAA,CAAA;AACD,UAAA,OAAO,YAAa,CAAA,IAAA,CAAA;AAAA,SACpB,CAAA;AAAA,OACF,CAAA;AACA,MAAA,MAAM,UAAa,GAAA,QAAA;AAAA,QAAS,cAAA;AAAA,QAAgB,MAC3C,KAAK,YAAY;AAChB,UAAI,IAAA,CAAC,cAAe,CAAA,GAAA,EAAO,EAAA;AAC1B,YAAO,OAAA;AAAA,cACN,KAAO,EAAA;AAAA,gBACN,OAAS,EAAA,qBAAA;AAAA,gBACT,MAAQ,EAAA,GAAA;AAAA,gBACR,IAAM,EAAA,IAAA;AAAA,eACP;AAAA,cACA,IAAM,EAAA,IAAA;AAAA,aACP,CAAA;AAAA,WACD;AACA,UAAM,MAAA,GAAA,GAAM,MAAM,MAAA,CAShB,qCAAuC,EAAA;AAAA,YACxC,MAAQ,EAAA,KAAA;AAAA,YACR,KAAO,EAAA;AAAA,cACN,EAAA,EAAI,eAAe,GAAI,EAAA;AAAA,aACxB;AAAA,YACA,WAAa,EAAA,SAAA;AAAA,WACb,CAAA,CAAA;AACD,UAAO,OAAA,GAAA,CAAA;AAAA,SACP,CAAA;AAAA,OACF,CAAA;AACA,MAAO,OAAA;AAAA,QACN,QAAA;AAAA,QACA,gBAAA;AAAA,QACA,kBAAA;AAAA,QACA,iBAAA;AAAA,QACA,UAAA;AAAA,OACD,CAAA;AAAA,KACD;AAAA,IACA,aAAe,EAAA;AAAA,MACd;AAAA,QACC,QAAQ,IAAM,EAAA;AACb,UACC,OAAA,IAAA,KAAS,0BAA0B,IAAS,KAAA,sBAAA,CAAA;AAAA,SAE9C;AAAA,QACA,MAAQ,EAAA,UAAA;AAAA,OACT;AAAA,MACA;AAAA,QACC,QAAQ,IAAM,EAAA;AACb,UAAO,OAAA,IAAA,CAAK,WAAW,eAAe,CAAA,CAAA;AAAA,SACvC;AAAA,QACA,MAAQ,EAAA,kBAAA;AAAA,OACT;AAAA,KACD;AAAA,GACD,CAAA;AACD,EAAA;;;ACpJO,IAAM,iBAAiB,MAAM;AACnC,EAAO,OAAA;AAAA,IACN,EAAI,EAAA,UAAA;AAAA,IACJ,oBAAoB,EAAC;AAAA,GACtB,CAAA;AACD,EAAA;ACOa,IAAA,iBAAA,GAAoB,CAAC,MAAwB,KAAA;AACzD,EAAM,MAAA,aAAA,GAAgB,OAAO,IAIvB,KAAA;AACL,IAAA,MAAM,WAAW,MAAM,MAAA;AAAA,MACtB,wCAAA;AAAA,MACA;AAAA,QACC,MAAQ,EAAA,MAAA;AAAA,QACR,IAAM,EAAA;AAAA,UACL,OAAO,IAAM,EAAA,KAAA;AAAA,SACd;AAAA,OACD;AAAA,KACD,CAAA;AACA,IAAI,IAAA,CAAC,SAAS,IAAM,EAAA;AACnB,MAAO,OAAA,QAAA,CAAA;AAAA,KACR;AACA,IAAI,IAAA;AACH,MAAA,MAAM,MAAM,MAAM,mBAAA;AAAA,QACjB,QAAS,CAAA,IAAA;AAAA,QACT,MAAM,QAAY,IAAA,KAAA;AAAA,OACnB,CAAA;AACA,MAAM,MAAA,QAAA,GAAW,MAAM,MAAA,CAGpB,gCAAkC,EAAA;AAAA,QACpC,IAAM,EAAA;AAAA,UACL,QAAU,EAAA,GAAA;AAAA,UACV,IAAM,EAAA,cAAA;AAAA,SACP;AAAA,OACA,CAAA,CAAA;AACD,MAAI,IAAA,CAAC,SAAS,IAAM,EAAA;AACnB,QAAO,OAAA,QAAA,CAAA;AAAA,OACR;AAAA,aACQ,CAAG,EAAA;AACX,MAAA,OAAA,CAAQ,IAAI,CAAC,CAAA,CAAA;AAAA,KACd;AAAA,GACD,CAAA;AAEA,EAAA,MAAM,kBAAkB,YAAY;AACnC,IAAA,MAAM,UAAU,MAAM,MAAA;AAAA,MACrB,oCAAA;AAAA,MACA;AAAA,QACC,MAAQ,EAAA,KAAA;AAAA,OACT;AAAA,KACD,CAAA;AACA,IAAI,IAAA,CAAC,QAAQ,IAAM,EAAA;AAClB,MAAO,OAAA,OAAA,CAAA;AAAA,KACR;AACA,IAAI,IAAA;AACH,MAAA,MAAM,GAAM,GAAA,MAAM,iBAAkB,CAAA,OAAA,CAAQ,IAAI,CAAA,CAAA;AAChD,MAAM,MAAA,QAAA,GAAW,MAAM,MAAA,CAEpB,8BAAgC,EAAA;AAAA,QAClC,IAAM,EAAA;AAAA,UACL,QAAU,EAAA,GAAA;AAAA,UACV,IAAM,EAAA,UAAA;AAAA,SACP;AAAA,OACA,CAAA,CAAA;AACD,MAAI,IAAA,CAAC,SAAS,IAAM,EAAA;AACnB,QAAO,OAAA,QAAA,CAAA;AAAA,OACR;AAAA,aACQ,CAAG,EAAA;AACX,MAAA,IAAI,aAAa,aAAe,EAAA;AAC/B,QAAI,IAAA,CAAA,CAAE,SAAS,2CAA6C,EAAA;AAC3D,UAAO,OAAA;AAAA,YACN,IAAM,EAAA,IAAA;AAAA,YACN,KAAO,EAAA;AAAA,cACN,OAAS,EAAA,uBAAA;AAAA,cACT,MAAQ,EAAA,GAAA;AAAA,cACR,UAAY,EAAA,aAAA;AAAA,aACb;AAAA,WACD,CAAA;AAAA,SACD;AAAA,OACD;AAAA,KACD;AAAA,GACD,CAAA;AACA,EAAO,OAAA;AAAA,IACN,MAAQ,EAAA;AAAA,MACP,OAAS,EAAA,aAAA;AAAA,KACV;AAAA,IACA,OAAS,EAAA;AAAA,MACR,QAAU,EAAA,eAAA;AAAA,KACX;AAAA,GACD,CAAA;AACD,EAAA;AAEO,IAAM,gBAAgB,MAAM;AAClC,EAAO,OAAA;AAAA,IACN,EAAI,EAAA,SAAA;AAAA,IACJ,oBAAoB,EAAC;AAAA,IACrB,UAAY,EAAA,CAAC,MAAW,KAAA,iBAAA,CAAkB,MAAM,CAAA;AAAA,IAChD,WAAa,EAAA;AAAA,MACZ,mBAAqB,EAAA,MAAA;AAAA,MACrB,uBAAyB,EAAA,MAAA;AAAA,KAC1B;AAAA,GACD,CAAA;AACD,EAAA;;;AC9Ga,IAAA,eAAA,GAAkB,CAC9B,OAQI,GAAA;AAAA,EACH,QAAU,EAAA,IAAA;AAAA,EACV,aAAe,EAAA,GAAA;AAChB,CACI,KAAA;AACJ,EAAO,OAAA;AAAA,IACN,EAAI,EAAA,YAAA;AAAA,IACJ,oBAAoB,EAAC;AAAA,IACrB,aAAe,EAAA;AAAA,MACd;AAAA,QACC,SAAS,CAAC,IAAA,KACT,SAAS,oBACT,IAAA,IAAA,KAAS,0BACT,IAAS,KAAA,qBAAA;AAAA,QACV,MAAQ,EAAA,gBAAA;AAAA,OACT;AAAA,KACD;AAAA,IACA,WAAa,EAAA;AAAA,MACZ,aAAe,EAAA,MAAA;AAAA,MACf,qBAAuB,EAAA,MAAA;AAAA,MACvB,oBAAsB,EAAA,MAAA;AAAA,MACtB,sBAAwB,EAAA,MAAA;AAAA,KACzB;AAAA,IACA,YAAc,EAAA;AAAA,MACb;AAAA,QACC,EAAI,EAAA,YAAA;AAAA,QACJ,IAAM,EAAA,YAAA;AAAA,QACN,KAAO,EAAA;AAAA,UACN,MAAM,UAAU,OAAS,EAAA;AACxB,YAAI,IAAA,OAAA,CAAQ,MAAM,iBAAmB,EAAA;AACpC,cAAI,IAAA,OAAA,CAAQ,QAAY,IAAA,OAAA,CAAQ,aAAe,EAAA;AAC9C,gBAAO,MAAA,CAAA,QAAA,CAAS,OAAO,OAAQ,CAAA,aAAA,CAAA;AAAA,eAChC;AAAA,aACD;AAAA,WACD;AAAA,SACD;AAAA,OACD;AAAA,KACD;AAAA,GACD,CAAA;AACD","file":"plugins.js","sourcesContent":["import type { StatementsPrimitive as Statements, Subset } from \"./types\";\n\nexport class ParsingError extends Error {\n\tpublic readonly path: string;\n\tconstructor(message: string, path: string) {\n\t\tsuper(message);\n\t\tthis.path = path;\n\t}\n}\n\ntype Connector = \"OR\" | \"AND\";\n\nexport class AccessControl<TStatements extends Statements = Statements> {\n\tprivate readonly statements: TStatements;\n\tconstructor(private readonly s: TStatements) {\n\t\tthis.statements = s;\n\t}\n\tpublic newRole<K extends keyof TStatements>(\n\t\tstatements: Subset<K, TStatements>,\n\t) {\n\t\treturn new Role<Subset<K, TStatements>>(statements);\n\t}\n}\n\nexport type AuthortizeResponse =\n\t| { success: false; error: string }\n\t| { success: true; error?: never };\n\nexport class Role<TStatements extends Statements> {\n\tpublic readonly statements: TStatements;\n\n\tconstructor(statements: TStatements) {\n\t\tthis.statements = statements;\n\t}\n\n\tpublic authorize<K extends keyof TStatements>(\n\t\trequest: Subset<K, TStatements>,\n\t\tconnector?: Connector,\n\t): AuthortizeResponse {\n\t\tfor (const [requestedResource, requestedActions] of Object.entries(\n\t\t\trequest,\n\t\t)) {\n\t\t\tconst allowedActions = this.statements[requestedResource];\n\t\t\tif (!allowedActions) {\n\t\t\t\treturn {\n\t\t\t\t\tsuccess: false,\n\t\t\t\t\terror: `You are not allowed to access resource: ${requestedResource}`,\n\t\t\t\t};\n\t\t\t}\n\t\t\tconst success =\n\t\t\t\tconnector === \"OR\"\n\t\t\t\t\t? (requestedActions as string[]).some((requestedAction) =>\n\t\t\t\t\t\t\tallowedActions.includes(requestedAction),\n\t\t\t\t\t\t)\n\t\t\t\t\t: (requestedActions as string[]).every((requestedAction) =>\n\t\t\t\t\t\t\tallowedActions.includes(requestedAction),\n\t\t\t\t\t\t);\n\t\t\tif (success) {\n\t\t\t\treturn { success };\n\t\t\t}\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: `unauthorized to access resource \"${requestedResource}\"`,\n\t\t\t};\n\t\t}\n\t\treturn {\n\t\t\tsuccess: false,\n\t\t\terror: \"Not authorized\",\n\t\t};\n\t}\n\n\tstatic fromString<TStatements extends Statements>(s: string) {\n\t\tconst statements = JSON.parse(s) as TStatements;\n\n\t\tif (typeof statements !== \"object\") {\n\t\t\tthrow new ParsingError(\"statements is not an object\", \".\");\n\t\t}\n\t\tfor (const [resource, actions] of Object.entries(statements)) {\n\t\t\tif (typeof resource !== \"string\") {\n\t\t\t\tthrow new ParsingError(\"invalid resource identifier\", resource);\n\t\t\t}\n\t\t\tif (!Array.isArray(actions)) {\n\t\t\t\tthrow new ParsingError(\"actions is not an array\", resource);\n\t\t\t}\n\t\t\tfor (let i = 0; i < actions.length; i++) {\n\t\t\t\tif (typeof actions[i] !== \"string\") {\n\t\t\t\t\tthrow new ParsingError(\"action is not a string\", `${resource}[${i}]`);\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t\treturn new Role<TStatements>(statements);\n\t}\n\n\tpublic toString(): string {\n\t\treturn JSON.stringify(this.statements);\n\t}\n}\n","import { AccessControl } from \"./src/access\";\nimport type { StatementsPrimitive } from \"./src/types\";\n\nexport const createAccessControl = <S extends StatementsPrimitive>(\n\tstatements: S,\n) => {\n\treturn new AccessControl<S>(statements);\n};\n\nexport const defaultStatements = {\n\torganization: [\"update\", \"delete\"],\n\tmember: [\"create\", \"update\", \"delete\"],\n\tinvitation: [\"create\", \"cancel\"],\n} as const;\n\nexport const defaultAc = createAccessControl(defaultStatements);\n\nexport const adminAc = defaultAc.newRole({\n\torganization: [\"update\"],\n\tinvitation: [\"create\", \"cancel\"],\n\tmember: [\"create\", \"update\", \"delete\"],\n});\n\nexport const ownerAc = defaultAc.newRole({\n\torganization: [\"update\", \"delete\"],\n\tmember: [\"create\", \"update\", \"delete\"],\n\tinvitation: [\"create\", \"cancel\"],\n});\n\nexport const memberAc = defaultAc.newRole({\n\torganization: [],\n\tmember: [],\n\tinvitation: [],\n});\n\nexport const defaultRoles = {\n\tadmin: adminAc,\n\towner: ownerAc,\n\tmember: memberAc,\n};\n","import { atom, computed, task } from \"nanostores\";\nimport type {\n\tInvitation,\n\tMember,\n\tOrganization,\n} from \"../../plugins/organization/schema\";\nimport type { Prettify } from \"../../types/helper\";\nimport { defaultStatements, type AccessControl, type Role } from \"./access\";\nimport type { AuthClientPlugin } from \"../../client/types\";\nimport type { organization } from \"./organization\";\nimport type { BetterFetchOption } from \"@better-fetch/fetch\";\n\ninterface OrganizationClientOptions {\n\tac: AccessControl;\n\troles?: {\n\t\t[key in \"admin\" | \"member\" | \"owner\"]?: Role<any>;\n\t};\n}\n\nexport const organizationClient = <O extends OrganizationClientOptions>(\n\toptions?: O,\n) => {\n\tconst activeOrgId = atom<string | null>(null);\n\tconst _listOrg = atom<boolean>(false);\n\tconst _activeOrgSignal = atom<boolean>(false);\n\tconst _activeISignal = atom<string | null>(null);\n\n\ttype DefaultStatements = typeof defaultStatements;\n\ttype Statements = O[\"ac\"] extends AccessControl<infer S>\n\t\t? S extends Record<string, Array<any>>\n\t\t\t? S & DefaultStatements\n\t\t\t: DefaultStatements\n\t\t: DefaultStatements;\n\treturn {\n\t\tid: \"organization\",\n\t\t$InferServerPlugin: {} as ReturnType<typeof organization>,\n\t\tgetActions: ($fetch) => ({\n\t\t\torganization: {\n\t\t\t\tsetActive(orgId: string | null) {\n\t\t\t\t\tactiveOrgId.set(orgId);\n\t\t\t\t},\n\t\t\t\tsetInvitationId: (id: string | null) => {\n\t\t\t\t\t_activeISignal.set(id);\n\t\t\t\t},\n\t\t\t\thasPermission: async (data: {\n\t\t\t\t\tpermission: Partial<{\n\t\t\t\t\t\t//@ts-expect-error fix this later\n\t\t\t\t\t\t[key in keyof Statements]: Statements[key][number][];\n\t\t\t\t\t}>;\n\t\t\t\t\toptions?: BetterFetchOption;\n\t\t\t\t}) => {\n\t\t\t\t\treturn await $fetch<boolean>(\"/organization/has-permission\", {\n\t\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\t\tbody: {\n\t\t\t\t\t\t\tpermission: data.permission,\n\t\t\t\t\t\t},\n\t\t\t\t\t\t...data.options,\n\t\t\t\t\t});\n\t\t\t\t},\n\t\t\t},\n\t\t}),\n\t\tgetAtoms: ($fetch) => {\n\t\t\tconst listOrganizations = computed([_listOrg], () =>\n\t\t\t\ttask(async () => {\n\t\t\t\t\tconst organizations = await $fetch<Organization[]>(\n\t\t\t\t\t\t\"/organization/list\",\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tmethod: \"GET\",\n\t\t\t\t\t\t},\n\t\t\t\t\t);\n\t\t\t\t\treturn organizations.data;\n\t\t\t\t}),\n\t\t\t);\n\t\t\tconst activeOrganization = computed([activeOrgId, _activeOrgSignal], () =>\n\t\t\t\ttask(async () => {\n\t\t\t\t\tif (!activeOrgId.get()) {\n\t\t\t\t\t\treturn null;\n\t\t\t\t\t}\n\t\t\t\t\tconst organization = await $fetch<\n\t\t\t\t\t\tPrettify<\n\t\t\t\t\t\t\tOrganization & {\n\t\t\t\t\t\t\t\tmembers: Member[];\n\t\t\t\t\t\t\t\tinvitations: Invitation[];\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t>\n\t\t\t\t\t>(\"/organization/activate\", {\n\t\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\t\tcredentials: \"include\",\n\t\t\t\t\t\tbody: {\n\t\t\t\t\t\t\torgId: activeOrgId.get(),\n\t\t\t\t\t\t},\n\t\t\t\t\t});\n\t\t\t\t\treturn organization.data;\n\t\t\t\t}),\n\t\t\t);\n\t\t\tconst invitation = computed(_activeISignal, () =>\n\t\t\t\ttask(async () => {\n\t\t\t\t\tif (!_activeISignal.get()) {\n\t\t\t\t\t\treturn {\n\t\t\t\t\t\t\terror: {\n\t\t\t\t\t\t\t\tmessage: \"No invitation found\",\n\t\t\t\t\t\t\t\tstatus: 400,\n\t\t\t\t\t\t\t\tdata: null,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tdata: null,\n\t\t\t\t\t\t};\n\t\t\t\t\t}\n\t\t\t\t\tconst res = await $fetch<\n\t\t\t\t\t\tPrettify<\n\t\t\t\t\t\t\tInvitation & {\n\t\t\t\t\t\t\t\torganizationName: string;\n\t\t\t\t\t\t\t\torganizationSlug: string;\n\t\t\t\t\t\t\t\tinviterEmail: string;\n\t\t\t\t\t\t\t\tinviterName: string;\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t>\n\t\t\t\t\t>(\"/organization/get-active-invitation\", {\n\t\t\t\t\t\tmethod: \"GET\",\n\t\t\t\t\t\tquery: {\n\t\t\t\t\t\t\tid: _activeISignal.get(),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tcredentials: \"include\",\n\t\t\t\t\t});\n\t\t\t\t\treturn res;\n\t\t\t\t}),\n\t\t\t);\n\t\t\treturn {\n\t\t\t\t_listOrg,\n\t\t\t\t_activeOrgSignal,\n\t\t\t\tactiveOrganization,\n\t\t\t\tlistOrganizations,\n\t\t\t\tinvitation,\n\t\t\t};\n\t\t},\n\t\tatomListeners: [\n\t\t\t{\n\t\t\t\tmatcher(path) {\n\t\t\t\t\treturn (\n\t\t\t\t\t\tpath === \"/organization/create\" || path === \"/organization/delete\"\n\t\t\t\t\t);\n\t\t\t\t},\n\t\t\t\tsignal: \"_listOrg\",\n\t\t\t},\n\t\t\t{\n\t\t\t\tmatcher(path) {\n\t\t\t\t\treturn path.startsWith(\"/organization\");\n\t\t\t\t},\n\t\t\t\tsignal: \"_activeOrgSignal\",\n\t\t\t},\n\t\t],\n\t} satisfies AuthClientPlugin;\n};\n","import type { username } from \".\";\nimport type { AuthClientPlugin } from \"../../client/types\";\n\nexport const usernameClient = () => {\n\treturn {\n\t\tid: \"username\",\n\t\t$InferServerPlugin: {} as ReturnType<typeof username>,\n\t} satisfies AuthClientPlugin;\n};\n","import type { BetterFetch } from \"@better-fetch/fetch\";\nimport {\n\tWebAuthnError,\n\tstartAuthentication,\n\tstartRegistration,\n} from \"@simplewebauthn/browser\";\nimport type {\n\tPublicKeyCredentialCreationOptionsJSON,\n\tPublicKeyCredentialRequestOptionsJSON,\n} from \"@simplewebauthn/types\";\nimport type { Session } from \"inspector\";\nimport type { User } from \"../../adapters/schema\";\nimport type { passkey as passkeyPl, Passkey } from \"../../plugins\";\nimport type { AuthClientPlugin } from \"../../client/types\";\n\nexport const getPasskeyActions = ($fetch: BetterFetch) => {\n\tconst signInPasskey = async (opts?: {\n\t\tautoFill?: boolean;\n\t\temail?: string;\n\t\tcallbackURL?: string;\n\t}) => {\n\t\tconst response = await $fetch<PublicKeyCredentialRequestOptionsJSON>(\n\t\t\t\"/passkey/generate-authenticate-options\",\n\t\t\t{\n\t\t\t\tmethod: \"POST\",\n\t\t\t\tbody: {\n\t\t\t\t\temail: opts?.email,\n\t\t\t\t},\n\t\t\t},\n\t\t);\n\t\tif (!response.data) {\n\t\t\treturn response;\n\t\t}\n\t\ttry {\n\t\t\tconst res = await startAuthentication(\n\t\t\t\tresponse.data,\n\t\t\t\topts?.autoFill || false,\n\t\t\t);\n\t\t\tconst verified = await $fetch<{\n\t\t\t\tsession: Session;\n\t\t\t\tuser: User;\n\t\t\t}>(\"/passkey/verify-authentication\", {\n\t\t\t\tbody: {\n\t\t\t\t\tresponse: res,\n\t\t\t\t\ttype: \"authenticate\",\n\t\t\t\t},\n\t\t\t});\n\t\t\tif (!verified.data) {\n\t\t\t\treturn verified;\n\t\t\t}\n\t\t} catch (e) {\n\t\t\tconsole.log(e);\n\t\t}\n\t};\n\n\tconst registerPasskey = async () => {\n\t\tconst options = await $fetch<PublicKeyCredentialCreationOptionsJSON>(\n\t\t\t\"/passkey/generate-register-options\",\n\t\t\t{\n\t\t\t\tmethod: \"GET\",\n\t\t\t},\n\t\t);\n\t\tif (!options.data) {\n\t\t\treturn options;\n\t\t}\n\t\ttry {\n\t\t\tconst res = await startRegistration(options.data);\n\t\t\tconst verified = await $fetch<{\n\t\t\t\tpasskey: Passkey;\n\t\t\t}>(\"/passkey/verify-registration\", {\n\t\t\t\tbody: {\n\t\t\t\t\tresponse: res,\n\t\t\t\t\ttype: \"register\",\n\t\t\t\t},\n\t\t\t});\n\t\t\tif (!verified.data) {\n\t\t\t\treturn verified;\n\t\t\t}\n\t\t} catch (e) {\n\t\t\tif (e instanceof WebAuthnError) {\n\t\t\t\tif (e.code === \"ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED\") {\n\t\t\t\t\treturn {\n\t\t\t\t\t\tdata: null,\n\t\t\t\t\t\terror: {\n\t\t\t\t\t\t\tmessage: \"previously registered\",\n\t\t\t\t\t\t\tstatus: 400,\n\t\t\t\t\t\t\tstatusText: \"BAD_REQUEST\",\n\t\t\t\t\t\t},\n\t\t\t\t\t};\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t};\n\treturn {\n\t\tsignIn: {\n\t\t\tpasskey: signInPasskey,\n\t\t},\n\t\tpasskey: {\n\t\t\tregister: registerPasskey,\n\t\t},\n\t};\n};\n\nexport const passkeyClient = () => {\n\treturn {\n\t\tid: \"passkey\",\n\t\t$InferServerPlugin: {} as ReturnType<typeof passkeyPl>,\n\t\tgetActions: ($fetch) => getPasskeyActions($fetch),\n\t\tpathMethods: {\n\t\t\t\"/passkey/register\": \"POST\",\n\t\t\t\"/passkey/authenticate\": \"POST\",\n\t\t},\n\t} satisfies AuthClientPlugin;\n};\n","import type { AuthClientPlugin } from \"../../client/types\";\nimport type { twoFactor as twoFa } from \"../../plugins/two-factor\";\n\nexport const twoFactorClient = (\n\toptions: {\n\t\ttwoFactorPage: string;\n\t\t/**\n\t\t * Redirect to the two factor page. If twoFactorPage\n\t\t * is not set this will redirect to the root path.\n\t\t * @default true\n\t\t */\n\t\tredirect?: boolean;\n\t} = {\n\t\tredirect: true,\n\t\ttwoFactorPage: \"/\",\n\t},\n) => {\n\treturn {\n\t\tid: \"two-factor\",\n\t\t$InferServerPlugin: {} as ReturnType<typeof twoFa>,\n\t\tatomListeners: [\n\t\t\t{\n\t\t\t\tmatcher: (path) =>\n\t\t\t\t\tpath === \"/two-factor/enable\" ||\n\t\t\t\t\tpath === \"/two-factor/send-otp\" ||\n\t\t\t\t\tpath === \"/two-factor/disable\",\n\t\t\t\tsignal: \"_sessionSignal\",\n\t\t\t},\n\t\t],\n\t\tpathMethods: {\n\t\t\t\"enable/totp\": \"POST\",\n\t\t\t\"/two-factor/disable\": \"POST\",\n\t\t\t\"/two-factor/enable\": \"POST\",\n\t\t\t\"/two-factor/send-otp\": \"POST\",\n\t\t},\n\t\tfetchPlugins: [\n\t\t\t{\n\t\t\t\tid: \"two-factor\",\n\t\t\t\tname: \"two-factor\",\n\t\t\t\thooks: {\n\t\t\t\t\tasync onSuccess(context) {\n\t\t\t\t\t\tif (context.data?.twoFactorRedirect) {\n\t\t\t\t\t\t\tif (options.redirect || options.twoFactorPage) {\n\t\t\t\t\t\t\t\twindow.location.href = options.twoFactorPage;\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t}\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t],\n\t} satisfies AuthClientPlugin;\n};\n"]}
1
+ {"version":3,"sources":["../../src/plugins/organization/access/src/access.ts","../../src/plugins/organization/access/statement.ts","../../src/client/query.ts","../../src/plugins/organization/client.ts","../../src/plugins/username/client.ts","../../src/plugins/passkey/client.ts","../../src/plugins/two-factor/client.ts"],"names":["value","atom"],"mappings":";;;;;;;AAEO,IAAM,YAAA,GAAN,cAA2B,KAAM,CAAA;AAAA,EACvB,IAAA,CAAA;AAAA,EAChB,WAAA,CAAY,SAAiB,IAAc,EAAA;AAC1C,IAAA,KAAA,CAAM,OAAO,CAAA,CAAA;AACb,IAAA,IAAA,CAAK,IAAO,GAAA,IAAA,CAAA;AAAA,GACb;AACD,CAAA,CAAA;AAIO,IAAM,gBAAN,MAAiE;AAAA,EAEvE,YAA6B,CAAgB,EAAA;AAAhB,IAAA,IAAA,CAAA,CAAA,GAAA,CAAA,CAAA;AAC5B,IAAA,IAAA,CAAK,UAAa,GAAA,CAAA,CAAA;AAAA,GACnB;AAAA,EAHiB,UAAA,CAAA;AAAA,EAIV,QACN,UACC,EAAA;AACD,IAAO,OAAA,IAAI,KAA6B,UAAU,CAAA,CAAA;AAAA,GACnD;AACD,CAAA,CAAA;AAMO,IAAM,IAAA,GAAN,MAAM,KAAqC,CAAA;AAAA,EACjC,UAAA,CAAA;AAAA,EAEhB,YAAY,UAAyB,EAAA;AACpC,IAAA,IAAA,CAAK,UAAa,GAAA,UAAA,CAAA;AAAA,GACnB;AAAA,EAEO,SAAA,CACN,SACA,SACqB,EAAA;AACrB,IAAA,KAAA,MAAW,CAAC,iBAAA,EAAmB,gBAAgB,CAAA,IAAK,MAAO,CAAA,OAAA;AAAA,MAC1D,OAAA;AAAA,KACE,EAAA;AACF,MAAM,MAAA,cAAA,GAAiB,IAAK,CAAA,UAAA,CAAW,iBAAiB,CAAA,CAAA;AACxD,MAAA,IAAI,CAAC,cAAgB,EAAA;AACpB,QAAO,OAAA;AAAA,UACN,OAAS,EAAA,KAAA;AAAA,UACT,KAAA,EAAO,2CAA2C,iBAAiB,CAAA,CAAA;AAAA,SACpE,CAAA;AAAA,OACD;AACA,MAAM,MAAA,OAAA,GACL,SAAc,KAAA,IAAA,GACV,gBAA8B,CAAA,IAAA;AAAA,QAAK,CAAC,eAAA,KACrC,cAAe,CAAA,QAAA,CAAS,eAAe,CAAA;AAAA,UAEtC,gBAA8B,CAAA,KAAA;AAAA,QAAM,CAAC,eAAA,KACtC,cAAe,CAAA,QAAA,CAAS,eAAe,CAAA;AAAA,OACxC,CAAA;AACH,MAAA,IAAI,OAAS,EAAA;AACZ,QAAA,OAAO,EAAE,OAAQ,EAAA,CAAA;AAAA,OAClB;AACA,MAAO,OAAA;AAAA,QACN,OAAS,EAAA,KAAA;AAAA,QACT,KAAA,EAAO,oCAAoC,iBAAiB,CAAA,CAAA,CAAA;AAAA,OAC7D,CAAA;AAAA,KACD;AACA,IAAO,OAAA;AAAA,MACN,OAAS,EAAA,KAAA;AAAA,MACT,KAAO,EAAA,gBAAA;AAAA,KACR,CAAA;AAAA,GACD;AAAA,EAEA,OAAO,WAA2C,CAAW,EAAA;AAC5D,IAAM,MAAA,UAAA,GAAa,IAAK,CAAA,KAAA,CAAM,CAAC,CAAA,CAAA;AAE/B,IAAI,IAAA,OAAO,eAAe,QAAU,EAAA;AACnC,MAAM,MAAA,IAAI,YAAa,CAAA,6BAAA,EAA+B,GAAG,CAAA,CAAA;AAAA,KAC1D;AACA,IAAA,KAAA,MAAW,CAAC,QAAU,EAAA,OAAO,KAAK,MAAO,CAAA,OAAA,CAAQ,UAAU,CAAG,EAAA;AAC7D,MAAI,IAAA,OAAO,aAAa,QAAU,EAAA;AACjC,QAAM,MAAA,IAAI,YAAa,CAAA,6BAAA,EAA+B,QAAQ,CAAA,CAAA;AAAA,OAC/D;AACA,MAAA,IAAI,CAAC,KAAA,CAAM,OAAQ,CAAA,OAAO,CAAG,EAAA;AAC5B,QAAM,MAAA,IAAI,YAAa,CAAA,yBAAA,EAA2B,QAAQ,CAAA,CAAA;AAAA,OAC3D;AACA,MAAA,KAAA,IAAS,CAAI,GAAA,CAAA,EAAG,CAAI,GAAA,OAAA,CAAQ,QAAQ,CAAK,EAAA,EAAA;AACxC,QAAA,IAAI,OAAO,OAAA,CAAQ,CAAC,CAAA,KAAM,QAAU,EAAA;AACnC,UAAA,MAAM,IAAI,YAAa,CAAA,wBAAA,EAA0B,GAAG,QAAQ,CAAA,CAAA,EAAI,CAAC,CAAG,CAAA,CAAA,CAAA,CAAA;AAAA,SACrE;AAAA,OACD;AAAA,KACD;AACA,IAAO,OAAA,IAAI,MAAkB,UAAU,CAAA,CAAA;AAAA,GACxC;AAAA,EAEO,QAAmB,GAAA;AACzB,IAAO,OAAA,IAAA,CAAK,SAAU,CAAA,IAAA,CAAK,UAAU,CAAA,CAAA;AAAA,GACtC;AACD,CAAA,CAAA;;;AC7FO,IAAM,mBAAA,GAAsB,CAClC,UACI,KAAA;AACJ,EAAO,OAAA,IAAI,cAAiB,UAAU,CAAA,CAAA;AACvC,CAAA,CAAA;AAEO,IAAM,iBAAoB,GAAA;AAAA,EAChC,YAAA,EAAc,CAAC,QAAA,EAAU,QAAQ,CAAA;AAAA,EACjC,MAAQ,EAAA,CAAC,QAAU,EAAA,QAAA,EAAU,QAAQ,CAAA;AAAA,EACrC,UAAA,EAAY,CAAC,QAAA,EAAU,QAAQ,CAAA;AAChC,CAAA,CAAA;AAEO,IAAM,SAAA,GAAY,oBAAoB,iBAAiB,CAAA,CAAA;AAEvC,UAAU,OAAQ,CAAA;AAAA,EACxC,YAAA,EAAc,CAAC,QAAQ,CAAA;AAAA,EACvB,UAAA,EAAY,CAAC,QAAA,EAAU,QAAQ,CAAA;AAAA,EAC/B,MAAQ,EAAA,CAAC,QAAU,EAAA,QAAA,EAAU,QAAQ,CAAA;AACtC,CAAC,EAAA;AAEsB,UAAU,OAAQ,CAAA;AAAA,EACxC,YAAA,EAAc,CAAC,QAAA,EAAU,QAAQ,CAAA;AAAA,EACjC,MAAQ,EAAA,CAAC,QAAU,EAAA,QAAA,EAAU,QAAQ,CAAA;AAAA,EACrC,UAAA,EAAY,CAAC,QAAA,EAAU,QAAQ,CAAA;AAChC,CAAC,EAAA;AAEuB,UAAU,OAAQ,CAAA;AAAA,EACzC,cAAc,EAAC;AAAA,EACf,QAAQ,EAAC;AAAA,EACT,YAAY,EAAC;AACd,CAAC,EAAA;AC1BM,IAAM,YAAe,GAAA,CAC3B,eAGA,EAAA,IAAA,EACA,QACA,OACI,KAAA;AACJ,EAAA,MAAM,QAAQ,IAIX,CAAA;AAAA,IACF,IAAM,EAAA,IAAA;AAAA,IACN,KAAO,EAAA,IAAA;AAAA,IACP,SAAW,EAAA,KAAA;AAAA,GACX,CAAA,CAAA;AAED,EAAA,MAAM,KAAK,MAAM;AAChB,IAAA,MAAM,IAAO,GAAA,OAAO,OAAY,KAAA,UAAA,GAAa,SAAY,GAAA,OAAA,CAAA;AACzD,IAAA,OAAO,OAAU,IAAM,EAAA;AAAA,MACtB,GAAG,IAAA;AAAA,MACH,SAAA,EAAW,OAAO,OAAY,KAAA;AAC7B,QAAA,KAAA,CAAM,GAAI,CAAA;AAAA,UACT,MAAM,OAAQ,CAAA,IAAA;AAAA,UACd,KAAO,EAAA,IAAA;AAAA,UACP,SAAW,EAAA,KAAA;AAAA,SACX,CAAA,CAAA;AACD,QAAM,MAAA,IAAA,EAAM,YAAY,OAAO,CAAA,CAAA;AAAA,OAChC;AAAA,MACA,MAAM,QAAQ,OAAS,EAAA;AACtB,QAAA,KAAA,CAAM,GAAI,CAAA;AAAA,UACT,OAAO,OAAQ,CAAA,KAAA;AAAA,UACf,IAAM,EAAA,IAAA;AAAA,UACN,SAAW,EAAA,KAAA;AAAA,SACX,CAAA,CAAA;AACD,QAAM,MAAA,IAAA,EAAM,UAAU,OAAO,CAAA,CAAA;AAAA,OAC9B;AAAA,MACA,MAAM,UAAU,OAAS,EAAA;AACxB,QAAM,MAAA,YAAA,GAAe,MAAM,GAAI,EAAA,CAAA;AAC/B,QAAA,KAAA,CAAM,GAAI,CAAA;AAAA,UACT,SAAW,EAAA,IAAA;AAAA,UACX,MAAM,YAAa,CAAA,IAAA;AAAA,UACnB,OAAO,YAAa,CAAA,KAAA;AAAA,SACpB,CAAA,CAAA;AACD,QAAM,MAAA,IAAA,EAAM,YAAY,OAAO,CAAA,CAAA;AAAA,OAChC;AAAA,KACA,CAAA,CAAA;AAAA,GACF,CAAA;AACA,EAAG,EAAA,EAAA,CAAA;AACH,EAAA,eAAA,GAAkB,MAAM,OAAQ,CAAA,eAAe,CAC5C,GAAA,eAAA,GACA,CAAC,eAAe,CAAA,CAAA;AACnB,EAAA,IAAI,QAAW,GAAA,IAAA,CAAA;AACf,EAAA,KAAA,MAAW,YAAY,eAAiB,EAAA;AACvC,IAAS,QAAA,CAAA,SAAA,CAAU,CAACA,MAAU,KAAA;AAC7B,MAAIA,IAAAA,MAAAA,IAAS,CAAC,QAAU,EAAA;AACvB,QAAG,EAAA,EAAA,CAAA;AAAA,OACJ;AAAA,KACA,CAAA,CAAA;AAAA,GACF;AACA,EAAW,QAAA,GAAA,KAAA,CAAA;AACX,EAAO,OAAA,KAAA,CAAA;AACR,CAAA,CAAA;;;AClDa,IAAA,kBAAA,GAAqB,CACjC,OACI,KAAA;AACJ,EAAM,MAAA,WAAA,GAAcC,KAAoB,IAAI,CAAA,CAAA;AAC5C,EAAM,MAAA,QAAA,GAAWA,KAAc,KAAK,CAAA,CAAA;AACpC,EAAM,MAAA,gBAAA,GAAmBA,KAAc,KAAK,CAAA,CAAA;AAC5C,EAAM,MAAA,cAAA,GAAiBA,KAAoB,IAAI,CAAA,CAAA;AAQ/C,EAAO,OAAA;AAAA,IACN,EAAI,EAAA,cAAA;AAAA,IACJ,oBAAoB,EAAC;AAAA,IACrB,UAAA,EAAY,CAAC,MAAY,MAAA;AAAA,MACxB,YAAc,EAAA;AAAA,QACb,UAAU,KAAsB,EAAA;AAC/B,UAAA,WAAA,CAAY,IAAI,KAAK,CAAA,CAAA;AAAA,SACtB;AAAA,QACA,eAAA,EAAiB,CAAC,EAAsB,KAAA;AACvC,UAAA,cAAA,CAAe,IAAI,EAAE,CAAA,CAAA;AAAA,SACtB;AAAA,QACA,aAAA,EAAe,OAAO,IAMhB,KAAA;AACL,UAAO,OAAA,MAAM,OAAgB,8BAAgC,EAAA;AAAA,YAC5D,MAAQ,EAAA,MAAA;AAAA,YACR,IAAM,EAAA;AAAA,cACL,YAAY,IAAK,CAAA,UAAA;AAAA,aAClB;AAAA,YACA,GAAG,IAAK,CAAA,OAAA;AAAA,WACR,CAAA,CAAA;AAAA,SACF;AAAA,OACD;AAAA,KACD,CAAA;AAAA,IACA,QAAA,EAAU,CAAC,MAAW,KAAA;AACrB,MAAA,MAAM,UAAa,GAAA,YAAA,CASjB,cAAgB,EAAA,qCAAA,EAAuC,QAAQ,OAAO;AAAA,QACvE,MAAQ,EAAA,KAAA;AAAA,QACR,KAAO,EAAA;AAAA,UACN,EAAA,EAAI,eAAe,GAAI,EAAA;AAAA,SACxB;AAAA,OACC,CAAA,CAAA,CAAA;AAEF,MAAA,MAAM,iBAAoB,GAAA,YAAA;AAAA,QACzB,QAAA;AAAA,QACA,oBAAA;AAAA,QACA,MAAA;AAAA,QACA;AAAA,UACC,MAAQ,EAAA,KAAA;AAAA,SACT;AAAA,OACD,CAAA;AAEA,MAAA,MAAM,kBAAqB,GAAA,YAAA;AAAA,QAQ1B,CAAC,aAAa,gBAAgB,CAAA;AAAA,QAC9B,wBAAA;AAAA,QACA,MAAA;AAAA,QACA,OAAO;AAAA,UACN,MAAQ,EAAA,MAAA;AAAA,UACR,WAAa,EAAA,SAAA;AAAA,UACb,IAAM,EAAA;AAAA,YACL,KAAA,EAAO,YAAY,GAAI,EAAA;AAAA,WACxB;AAAA,SACD,CAAA;AAAA,OACD,CAAA;AAEA,MAAO,OAAA;AAAA,QACN,QAAA;AAAA,QACA,gBAAA;AAAA,QACA,kBAAA;AAAA,QACA,iBAAA;AAAA,QACA,UAAA;AAAA,OACD,CAAA;AAAA,KACD;AAAA,IACA,aAAe,EAAA;AAAA,MACd;AAAA,QACC,QAAQ,IAAM,EAAA;AACb,UACC,OAAA,IAAA,KAAS,0BAA0B,IAAS,KAAA,sBAAA,CAAA;AAAA,SAE9C;AAAA,QACA,MAAQ,EAAA,UAAA;AAAA,OACT;AAAA,MACA;AAAA,QACC,QAAQ,IAAM,EAAA;AACb,UAAO,OAAA,IAAA,CAAK,WAAW,eAAe,CAAA,CAAA;AAAA,SACvC;AAAA,QACA,MAAQ,EAAA,kBAAA;AAAA,OACT;AAAA,KACD;AAAA,GACD,CAAA;AACD,EAAA;;;AClIO,IAAM,iBAAiB,MAAM;AACnC,EAAO,OAAA;AAAA,IACN,EAAI,EAAA,UAAA;AAAA,IACJ,oBAAoB,EAAC;AAAA,GACtB,CAAA;AACD,EAAA;ACOa,IAAA,iBAAA,GAAoB,CAAC,MAAwB,KAAA;AACzD,EAAM,MAAA,aAAA,GAAgB,OAAO,IAIvB,KAAA;AACL,IAAA,MAAM,WAAW,MAAM,MAAA;AAAA,MACtB,wCAAA;AAAA,MACA;AAAA,QACC,MAAQ,EAAA,MAAA;AAAA,QACR,IAAM,EAAA;AAAA,UACL,OAAO,IAAM,EAAA,KAAA;AAAA,SACd;AAAA,OACD;AAAA,KACD,CAAA;AACA,IAAI,IAAA,CAAC,SAAS,IAAM,EAAA;AACnB,MAAO,OAAA,QAAA,CAAA;AAAA,KACR;AACA,IAAI,IAAA;AACH,MAAA,MAAM,MAAM,MAAM,mBAAA;AAAA,QACjB,QAAS,CAAA,IAAA;AAAA,QACT,MAAM,QAAY,IAAA,KAAA;AAAA,OACnB,CAAA;AACA,MAAM,MAAA,QAAA,GAAW,MAAM,MAAA,CAGpB,gCAAkC,EAAA;AAAA,QACpC,IAAM,EAAA;AAAA,UACL,QAAU,EAAA,GAAA;AAAA,UACV,IAAM,EAAA,cAAA;AAAA,SACP;AAAA,OACA,CAAA,CAAA;AACD,MAAI,IAAA,CAAC,SAAS,IAAM,EAAA;AACnB,QAAO,OAAA,QAAA,CAAA;AAAA,OACR;AAAA,aACQ,CAAG,EAAA;AACX,MAAA,OAAA,CAAQ,IAAI,CAAC,CAAA,CAAA;AAAA,KACd;AAAA,GACD,CAAA;AAEA,EAAA,MAAM,kBAAkB,YAAY;AACnC,IAAA,MAAM,UAAU,MAAM,MAAA;AAAA,MACrB,oCAAA;AAAA,MACA;AAAA,QACC,MAAQ,EAAA,KAAA;AAAA,OACT;AAAA,KACD,CAAA;AACA,IAAI,IAAA,CAAC,QAAQ,IAAM,EAAA;AAClB,MAAO,OAAA,OAAA,CAAA;AAAA,KACR;AACA,IAAI,IAAA;AACH,MAAA,MAAM,GAAM,GAAA,MAAM,iBAAkB,CAAA,OAAA,CAAQ,IAAI,CAAA,CAAA;AAChD,MAAM,MAAA,QAAA,GAAW,MAAM,MAAA,CAEpB,8BAAgC,EAAA;AAAA,QAClC,IAAM,EAAA;AAAA,UACL,QAAU,EAAA,GAAA;AAAA,UACV,IAAM,EAAA,UAAA;AAAA,SACP;AAAA,OACA,CAAA,CAAA;AACD,MAAI,IAAA,CAAC,SAAS,IAAM,EAAA;AACnB,QAAO,OAAA,QAAA,CAAA;AAAA,OACR;AAAA,aACQ,CAAG,EAAA;AACX,MAAA,IAAI,aAAa,aAAe,EAAA;AAC/B,QAAI,IAAA,CAAA,CAAE,SAAS,2CAA6C,EAAA;AAC3D,UAAO,OAAA;AAAA,YACN,IAAM,EAAA,IAAA;AAAA,YACN,KAAO,EAAA;AAAA,cACN,OAAS,EAAA,uBAAA;AAAA,cACT,MAAQ,EAAA,GAAA;AAAA,cACR,UAAY,EAAA,aAAA;AAAA,aACb;AAAA,WACD,CAAA;AAAA,SACD;AAAA,OACD;AAAA,KACD;AAAA,GACD,CAAA;AACA,EAAO,OAAA;AAAA,IACN,MAAQ,EAAA;AAAA,MACP,OAAS,EAAA,aAAA;AAAA,KACV;AAAA,IACA,OAAS,EAAA;AAAA,MACR,QAAU,EAAA,eAAA;AAAA,KACX;AAAA,GACD,CAAA;AACD,EAAA;AAEO,IAAM,gBAAgB,MAAM;AAClC,EAAO,OAAA;AAAA,IACN,EAAI,EAAA,SAAA;AAAA,IACJ,oBAAoB,EAAC;AAAA,IACrB,UAAY,EAAA,CAAC,MAAW,KAAA,iBAAA,CAAkB,MAAM,CAAA;AAAA,IAChD,WAAa,EAAA;AAAA,MACZ,mBAAqB,EAAA,MAAA;AAAA,MACrB,uBAAyB,EAAA,MAAA;AAAA,KAC1B;AAAA,GACD,CAAA;AACD,EAAA;;;AC9Ga,IAAA,eAAA,GAAkB,CAC9B,OAQI,GAAA;AAAA,EACH,QAAU,EAAA,IAAA;AAAA,EACV,aAAe,EAAA,GAAA;AAChB,CACI,KAAA;AACJ,EAAO,OAAA;AAAA,IACN,EAAI,EAAA,YAAA;AAAA,IACJ,oBAAoB,EAAC;AAAA,IACrB,aAAe,EAAA;AAAA,MACd;AAAA,QACC,SAAS,CAAC,IAAA,KACT,SAAS,oBACT,IAAA,IAAA,KAAS,0BACT,IAAS,KAAA,qBAAA;AAAA,QACV,MAAQ,EAAA,gBAAA;AAAA,OACT;AAAA,KACD;AAAA,IACA,WAAa,EAAA;AAAA,MACZ,aAAe,EAAA,MAAA;AAAA,MACf,qBAAuB,EAAA,MAAA;AAAA,MACvB,oBAAsB,EAAA,MAAA;AAAA,MACtB,sBAAwB,EAAA,MAAA;AAAA,KACzB;AAAA,IACA,YAAc,EAAA;AAAA,MACb;AAAA,QACC,EAAI,EAAA,YAAA;AAAA,QACJ,IAAM,EAAA,YAAA;AAAA,QACN,KAAO,EAAA;AAAA,UACN,MAAM,UAAU,OAAS,EAAA;AACxB,YAAI,IAAA,OAAA,CAAQ,MAAM,iBAAmB,EAAA;AACpC,cAAI,IAAA,OAAA,CAAQ,QAAY,IAAA,OAAA,CAAQ,aAAe,EAAA;AAC9C,gBAAO,MAAA,CAAA,QAAA,CAAS,OAAO,OAAQ,CAAA,aAAA,CAAA;AAAA,eAChC;AAAA,aACD;AAAA,WACD;AAAA,SACD;AAAA,OACD;AAAA,KACD;AAAA,GACD,CAAA;AACD","file":"plugins.js","sourcesContent":["import type { StatementsPrimitive as Statements, Subset } from \"./types\";\n\nexport class ParsingError extends Error {\n\tpublic readonly path: string;\n\tconstructor(message: string, path: string) {\n\t\tsuper(message);\n\t\tthis.path = path;\n\t}\n}\n\ntype Connector = \"OR\" | \"AND\";\n\nexport class AccessControl<TStatements extends Statements = Statements> {\n\tprivate readonly statements: TStatements;\n\tconstructor(private readonly s: TStatements) {\n\t\tthis.statements = s;\n\t}\n\tpublic newRole<K extends keyof TStatements>(\n\t\tstatements: Subset<K, TStatements>,\n\t) {\n\t\treturn new Role<Subset<K, TStatements>>(statements);\n\t}\n}\n\nexport type AuthortizeResponse =\n\t| { success: false; error: string }\n\t| { success: true; error?: never };\n\nexport class Role<TStatements extends Statements> {\n\tpublic readonly statements: TStatements;\n\n\tconstructor(statements: TStatements) {\n\t\tthis.statements = statements;\n\t}\n\n\tpublic authorize<K extends keyof TStatements>(\n\t\trequest: Subset<K, TStatements>,\n\t\tconnector?: Connector,\n\t): AuthortizeResponse {\n\t\tfor (const [requestedResource, requestedActions] of Object.entries(\n\t\t\trequest,\n\t\t)) {\n\t\t\tconst allowedActions = this.statements[requestedResource];\n\t\t\tif (!allowedActions) {\n\t\t\t\treturn {\n\t\t\t\t\tsuccess: false,\n\t\t\t\t\terror: `You are not allowed to access resource: ${requestedResource}`,\n\t\t\t\t};\n\t\t\t}\n\t\t\tconst success =\n\t\t\t\tconnector === \"OR\"\n\t\t\t\t\t? (requestedActions as string[]).some((requestedAction) =>\n\t\t\t\t\t\t\tallowedActions.includes(requestedAction),\n\t\t\t\t\t\t)\n\t\t\t\t\t: (requestedActions as string[]).every((requestedAction) =>\n\t\t\t\t\t\t\tallowedActions.includes(requestedAction),\n\t\t\t\t\t\t);\n\t\t\tif (success) {\n\t\t\t\treturn { success };\n\t\t\t}\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: `unauthorized to access resource \"${requestedResource}\"`,\n\t\t\t};\n\t\t}\n\t\treturn {\n\t\t\tsuccess: false,\n\t\t\terror: \"Not authorized\",\n\t\t};\n\t}\n\n\tstatic fromString<TStatements extends Statements>(s: string) {\n\t\tconst statements = JSON.parse(s) as TStatements;\n\n\t\tif (typeof statements !== \"object\") {\n\t\t\tthrow new ParsingError(\"statements is not an object\", \".\");\n\t\t}\n\t\tfor (const [resource, actions] of Object.entries(statements)) {\n\t\t\tif (typeof resource !== \"string\") {\n\t\t\t\tthrow new ParsingError(\"invalid resource identifier\", resource);\n\t\t\t}\n\t\t\tif (!Array.isArray(actions)) {\n\t\t\t\tthrow new ParsingError(\"actions is not an array\", resource);\n\t\t\t}\n\t\t\tfor (let i = 0; i < actions.length; i++) {\n\t\t\t\tif (typeof actions[i] !== \"string\") {\n\t\t\t\t\tthrow new ParsingError(\"action is not a string\", `${resource}[${i}]`);\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t\treturn new Role<TStatements>(statements);\n\t}\n\n\tpublic toString(): string {\n\t\treturn JSON.stringify(this.statements);\n\t}\n}\n","import { AccessControl } from \"./src/access\";\nimport type { StatementsPrimitive } from \"./src/types\";\n\nexport const createAccessControl = <S extends StatementsPrimitive>(\n\tstatements: S,\n) => {\n\treturn new AccessControl<S>(statements);\n};\n\nexport const defaultStatements = {\n\torganization: [\"update\", \"delete\"],\n\tmember: [\"create\", \"update\", \"delete\"],\n\tinvitation: [\"create\", \"cancel\"],\n} as const;\n\nexport const defaultAc = createAccessControl(defaultStatements);\n\nexport const adminAc = defaultAc.newRole({\n\torganization: [\"update\"],\n\tinvitation: [\"create\", \"cancel\"],\n\tmember: [\"create\", \"update\", \"delete\"],\n});\n\nexport const ownerAc = defaultAc.newRole({\n\torganization: [\"update\", \"delete\"],\n\tmember: [\"create\", \"update\", \"delete\"],\n\tinvitation: [\"create\", \"cancel\"],\n});\n\nexport const memberAc = defaultAc.newRole({\n\torganization: [],\n\tmember: [],\n\tinvitation: [],\n});\n\nexport const defaultRoles = {\n\tadmin: adminAc,\n\towner: ownerAc,\n\tmember: memberAc,\n};\n","import {\n\tBetterFetchError,\n\ttype BetterFetch,\n\ttype BetterFetchOption,\n} from \"@better-fetch/fetch\";\nimport { atom, type PreinitializedWritableAtom } from \"nanostores\";\n\nexport const useAuthQuery = <T>(\n\tinitializedAtom:\n\t\t| PreinitializedWritableAtom<any>\n\t\t| PreinitializedWritableAtom<any>[],\n\tpath: string,\n\t$fetch: BetterFetch,\n\toptions?: (() => BetterFetchOption) | BetterFetchOption,\n) => {\n\tconst value = atom<{\n\t\tdata: null | T;\n\t\terror: null | BetterFetchError;\n\t\tisPending: boolean;\n\t}>({\n\t\tdata: null,\n\t\terror: null,\n\t\tisPending: false,\n\t});\n\n\tconst fn = () => {\n\t\tconst opts = typeof options === \"function\" ? options() : options;\n\t\treturn $fetch<T>(path, {\n\t\t\t...opts,\n\t\t\tonSuccess: async (context) => {\n\t\t\t\tvalue.set({\n\t\t\t\t\tdata: context.data,\n\t\t\t\t\terror: null,\n\t\t\t\t\tisPending: false,\n\t\t\t\t});\n\t\t\t\tawait opts?.onSuccess?.(context);\n\t\t\t},\n\t\t\tasync onError(context) {\n\t\t\t\tvalue.set({\n\t\t\t\t\terror: context.error,\n\t\t\t\t\tdata: null,\n\t\t\t\t\tisPending: false,\n\t\t\t\t});\n\t\t\t\tawait opts?.onError?.(context);\n\t\t\t},\n\t\t\tasync onRequest(context) {\n\t\t\t\tconst currentValue = value.get();\n\t\t\t\tvalue.set({\n\t\t\t\t\tisPending: true,\n\t\t\t\t\tdata: currentValue.data,\n\t\t\t\t\terror: currentValue.error,\n\t\t\t\t});\n\t\t\t\tawait opts?.onRequest?.(context);\n\t\t\t},\n\t\t});\n\t};\n\tfn();\n\tinitializedAtom = Array.isArray(initializedAtom)\n\t\t? initializedAtom\n\t\t: [initializedAtom];\n\tlet firstRun = true;\n\tfor (const initAtom of initializedAtom) {\n\t\tinitAtom.subscribe((value) => {\n\t\t\tif (value && !firstRun) {\n\t\t\t\tfn();\n\t\t\t}\n\t\t});\n\t}\n\tfirstRun = false;\n\treturn value;\n};\n","import { atom } from \"nanostores\";\nimport type {\n\tInvitation,\n\tMember,\n\tOrganization,\n} from \"../../plugins/organization/schema\";\nimport type { Prettify } from \"../../types/helper\";\nimport { defaultStatements, type AccessControl, type Role } from \"./access\";\nimport type { AuthClientPlugin } from \"../../client/types\";\nimport type { organization } from \"./organization\";\nimport type { BetterFetchOption } from \"@better-fetch/fetch\";\nimport { useAuthQuery } from \"../../client\";\n\ninterface OrganizationClientOptions {\n\tac: AccessControl;\n\troles?: {\n\t\t[key in \"admin\" | \"member\" | \"owner\"]?: Role<any>;\n\t};\n}\n\nexport const organizationClient = <O extends OrganizationClientOptions>(\n\toptions?: O,\n) => {\n\tconst activeOrgId = atom<string | null>(null);\n\tconst _listOrg = atom<boolean>(false);\n\tconst _activeOrgSignal = atom<boolean>(false);\n\tconst _activeISignal = atom<string | null>(null);\n\n\ttype DefaultStatements = typeof defaultStatements;\n\ttype Statements = O[\"ac\"] extends AccessControl<infer S>\n\t\t? S extends Record<string, Array<any>>\n\t\t\t? S & DefaultStatements\n\t\t\t: DefaultStatements\n\t\t: DefaultStatements;\n\treturn {\n\t\tid: \"organization\",\n\t\t$InferServerPlugin: {} as ReturnType<typeof organization>,\n\t\tgetActions: ($fetch) => ({\n\t\t\torganization: {\n\t\t\t\tsetActive(orgId: string | null) {\n\t\t\t\t\tactiveOrgId.set(orgId);\n\t\t\t\t},\n\t\t\t\tsetInvitationId: (id: string | null) => {\n\t\t\t\t\t_activeISignal.set(id);\n\t\t\t\t},\n\t\t\t\thasPermission: async (data: {\n\t\t\t\t\tpermission: Partial<{\n\t\t\t\t\t\t//@ts-expect-error fix this later\n\t\t\t\t\t\t[key in keyof Statements]: Statements[key][number][];\n\t\t\t\t\t}>;\n\t\t\t\t\toptions?: BetterFetchOption;\n\t\t\t\t}) => {\n\t\t\t\t\treturn await $fetch<boolean>(\"/organization/has-permission\", {\n\t\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\t\tbody: {\n\t\t\t\t\t\t\tpermission: data.permission,\n\t\t\t\t\t\t},\n\t\t\t\t\t\t...data.options,\n\t\t\t\t\t});\n\t\t\t\t},\n\t\t\t},\n\t\t}),\n\t\tgetAtoms: ($fetch) => {\n\t\t\tconst invitation = useAuthQuery<\n\t\t\t\tPrettify<\n\t\t\t\t\tInvitation & {\n\t\t\t\t\t\torganizationName: string;\n\t\t\t\t\t\torganizationSlug: string;\n\t\t\t\t\t\tinviterEmail: string;\n\t\t\t\t\t\tinviterName: string;\n\t\t\t\t\t}\n\t\t\t\t>\n\t\t\t>(_activeISignal, \"/organization/get-active-invitation\", $fetch, () => ({\n\t\t\t\tmethod: \"GET\",\n\t\t\t\tquery: {\n\t\t\t\t\tid: _activeISignal.get(),\n\t\t\t\t},\n\t\t\t}));\n\n\t\t\tconst listOrganizations = useAuthQuery<Organization[]>(\n\t\t\t\t_listOrg,\n\t\t\t\t\"/organization/list\",\n\t\t\t\t$fetch,\n\t\t\t\t{\n\t\t\t\t\tmethod: \"GET\",\n\t\t\t\t},\n\t\t\t);\n\n\t\t\tconst activeOrganization = useAuthQuery<\n\t\t\t\tPrettify<\n\t\t\t\t\tOrganization & {\n\t\t\t\t\t\tmembers: Member[];\n\t\t\t\t\t\tinvitations: Invitation[];\n\t\t\t\t\t}\n\t\t\t\t>\n\t\t\t>(\n\t\t\t\t[activeOrgId, _activeOrgSignal],\n\t\t\t\t\"/organization/activate\",\n\t\t\t\t$fetch,\n\t\t\t\t() => ({\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\tcredentials: \"include\",\n\t\t\t\t\tbody: {\n\t\t\t\t\t\torgId: activeOrgId.get(),\n\t\t\t\t\t},\n\t\t\t\t}),\n\t\t\t);\n\n\t\t\treturn {\n\t\t\t\t_listOrg,\n\t\t\t\t_activeOrgSignal,\n\t\t\t\tactiveOrganization,\n\t\t\t\tlistOrganizations,\n\t\t\t\tinvitation,\n\t\t\t};\n\t\t},\n\t\tatomListeners: [\n\t\t\t{\n\t\t\t\tmatcher(path) {\n\t\t\t\t\treturn (\n\t\t\t\t\t\tpath === \"/organization/create\" || path === \"/organization/delete\"\n\t\t\t\t\t);\n\t\t\t\t},\n\t\t\t\tsignal: \"_listOrg\",\n\t\t\t},\n\t\t\t{\n\t\t\t\tmatcher(path) {\n\t\t\t\t\treturn path.startsWith(\"/organization\");\n\t\t\t\t},\n\t\t\t\tsignal: \"_activeOrgSignal\",\n\t\t\t},\n\t\t],\n\t} satisfies AuthClientPlugin;\n};\n","import type { username } from \".\";\nimport type { AuthClientPlugin } from \"../../client/types\";\n\nexport const usernameClient = () => {\n\treturn {\n\t\tid: \"username\",\n\t\t$InferServerPlugin: {} as ReturnType<typeof username>,\n\t} satisfies AuthClientPlugin;\n};\n","import type { BetterFetch } from \"@better-fetch/fetch\";\nimport {\n\tWebAuthnError,\n\tstartAuthentication,\n\tstartRegistration,\n} from \"@simplewebauthn/browser\";\nimport type {\n\tPublicKeyCredentialCreationOptionsJSON,\n\tPublicKeyCredentialRequestOptionsJSON,\n} from \"@simplewebauthn/types\";\nimport type { Session } from \"inspector\";\nimport type { User } from \"../../adapters/schema\";\nimport type { passkey as passkeyPl, Passkey } from \"../../plugins\";\nimport type { AuthClientPlugin } from \"../../client/types\";\n\nexport const getPasskeyActions = ($fetch: BetterFetch) => {\n\tconst signInPasskey = async (opts?: {\n\t\tautoFill?: boolean;\n\t\temail?: string;\n\t\tcallbackURL?: string;\n\t}) => {\n\t\tconst response = await $fetch<PublicKeyCredentialRequestOptionsJSON>(\n\t\t\t\"/passkey/generate-authenticate-options\",\n\t\t\t{\n\t\t\t\tmethod: \"POST\",\n\t\t\t\tbody: {\n\t\t\t\t\temail: opts?.email,\n\t\t\t\t},\n\t\t\t},\n\t\t);\n\t\tif (!response.data) {\n\t\t\treturn response;\n\t\t}\n\t\ttry {\n\t\t\tconst res = await startAuthentication(\n\t\t\t\tresponse.data,\n\t\t\t\topts?.autoFill || false,\n\t\t\t);\n\t\t\tconst verified = await $fetch<{\n\t\t\t\tsession: Session;\n\t\t\t\tuser: User;\n\t\t\t}>(\"/passkey/verify-authentication\", {\n\t\t\t\tbody: {\n\t\t\t\t\tresponse: res,\n\t\t\t\t\ttype: \"authenticate\",\n\t\t\t\t},\n\t\t\t});\n\t\t\tif (!verified.data) {\n\t\t\t\treturn verified;\n\t\t\t}\n\t\t} catch (e) {\n\t\t\tconsole.log(e);\n\t\t}\n\t};\n\n\tconst registerPasskey = async () => {\n\t\tconst options = await $fetch<PublicKeyCredentialCreationOptionsJSON>(\n\t\t\t\"/passkey/generate-register-options\",\n\t\t\t{\n\t\t\t\tmethod: \"GET\",\n\t\t\t},\n\t\t);\n\t\tif (!options.data) {\n\t\t\treturn options;\n\t\t}\n\t\ttry {\n\t\t\tconst res = await startRegistration(options.data);\n\t\t\tconst verified = await $fetch<{\n\t\t\t\tpasskey: Passkey;\n\t\t\t}>(\"/passkey/verify-registration\", {\n\t\t\t\tbody: {\n\t\t\t\t\tresponse: res,\n\t\t\t\t\ttype: \"register\",\n\t\t\t\t},\n\t\t\t});\n\t\t\tif (!verified.data) {\n\t\t\t\treturn verified;\n\t\t\t}\n\t\t} catch (e) {\n\t\t\tif (e instanceof WebAuthnError) {\n\t\t\t\tif (e.code === \"ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED\") {\n\t\t\t\t\treturn {\n\t\t\t\t\t\tdata: null,\n\t\t\t\t\t\terror: {\n\t\t\t\t\t\t\tmessage: \"previously registered\",\n\t\t\t\t\t\t\tstatus: 400,\n\t\t\t\t\t\t\tstatusText: \"BAD_REQUEST\",\n\t\t\t\t\t\t},\n\t\t\t\t\t};\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t};\n\treturn {\n\t\tsignIn: {\n\t\t\tpasskey: signInPasskey,\n\t\t},\n\t\tpasskey: {\n\t\t\tregister: registerPasskey,\n\t\t},\n\t};\n};\n\nexport const passkeyClient = () => {\n\treturn {\n\t\tid: \"passkey\",\n\t\t$InferServerPlugin: {} as ReturnType<typeof passkeyPl>,\n\t\tgetActions: ($fetch) => getPasskeyActions($fetch),\n\t\tpathMethods: {\n\t\t\t\"/passkey/register\": \"POST\",\n\t\t\t\"/passkey/authenticate\": \"POST\",\n\t\t},\n\t} satisfies AuthClientPlugin;\n};\n","import type { AuthClientPlugin } from \"../../client/types\";\nimport type { twoFactor as twoFa } from \"../../plugins/two-factor\";\n\nexport const twoFactorClient = (\n\toptions: {\n\t\ttwoFactorPage: string;\n\t\t/**\n\t\t * Redirect to the two factor page. If twoFactorPage\n\t\t * is not set this will redirect to the root path.\n\t\t * @default true\n\t\t */\n\t\tredirect?: boolean;\n\t} = {\n\t\tredirect: true,\n\t\ttwoFactorPage: \"/\",\n\t},\n) => {\n\treturn {\n\t\tid: \"two-factor\",\n\t\t$InferServerPlugin: {} as ReturnType<typeof twoFa>,\n\t\tatomListeners: [\n\t\t\t{\n\t\t\t\tmatcher: (path) =>\n\t\t\t\t\tpath === \"/two-factor/enable\" ||\n\t\t\t\t\tpath === \"/two-factor/send-otp\" ||\n\t\t\t\t\tpath === \"/two-factor/disable\",\n\t\t\t\tsignal: \"_sessionSignal\",\n\t\t\t},\n\t\t],\n\t\tpathMethods: {\n\t\t\t\"enable/totp\": \"POST\",\n\t\t\t\"/two-factor/disable\": \"POST\",\n\t\t\t\"/two-factor/enable\": \"POST\",\n\t\t\t\"/two-factor/send-otp\": \"POST\",\n\t\t},\n\t\tfetchPlugins: [\n\t\t\t{\n\t\t\t\tid: \"two-factor\",\n\t\t\t\tname: \"two-factor\",\n\t\t\t\thooks: {\n\t\t\t\t\tasync onSuccess(context) {\n\t\t\t\t\t\tif (context.data?.twoFactorRedirect) {\n\t\t\t\t\t\t\tif (options.redirect || options.twoFactorPage) {\n\t\t\t\t\t\t\t\twindow.location.href = options.twoFactorPage;\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t}\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t],\n\t} satisfies AuthClientPlugin;\n};\n"]}