npm - customer-registration - Versions diffs - 0.0.115 → 0.0.116 - Mend

customer-registration 0.0.115 → 0.0.116

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/.medusa/server/src/api/auth/customer/emailpass/register/route.js ADDED Viewed

@@ -0,0 +1,34 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.POST = void 0;
+const utils_1 = require("@medusajs/framework/utils");
+const config_1 = require("../../../../../config");
+const complete_registration_token_1 = require("../../shared/complete-registration-token");
+const parse_register_body_1 = require("../../shared/parse-register-body");
+/**
+ * Unified registration: emailpass and/or phonepass via `service.register`, depending on
+ * plugin `registration.identifier` and JSON body. Response: `{ token }` (Medusa default).
+ */
+const POST = async (req, res) => {
+    const config = req.scope.resolve(utils_1.ContainerRegistrationKeys.CONFIG_MODULE);
+    const options = (0, config_1.resolveCustomerRegistrationOptions)(config);
+    const registrationIdentifier = options.registration
+        .identifier;
+    const parsed = (0, parse_register_body_1.parseCustomerRegisterBody)(req.body, registrationIdentifier);
+    const service = req.scope.resolve(utils_1.Modules.AUTH);
+    const authData = {
+        url: req.url,
+        headers: req.headers,
+        query: req.query,
+        body: req.body,
+        protocol: req.protocol,
+    };
+    const provider = parsed.mode === "email" ? "emailpass" : "phonepass";
+    const { success, error, authIdentity } = await service.register(provider, authData);
+    if (!success || !authIdentity) {
+        throw new utils_1.MedusaError(utils_1.MedusaError.Types.INVALID_DATA, error || "Registration failed");
+    }
+    await (0, complete_registration_token_1.respondWithRegistrationToken)(req, res, authIdentity);
+};
+exports.POST = POST;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm91dGUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi8uLi8uLi9zcmMvYXBpL2F1dGgvY3VzdG9tZXIvZW1haWxwYXNzL3JlZ2lzdGVyL3JvdXRlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUVBLHFEQUlrQztBQUNsQyxrREFHOEI7QUFDOUIsMEZBQXVGO0FBQ3ZGLDBFQUd5QztBQUV6Qzs7O0dBR0c7QUFDSSxNQUFNLElBQUksR0FBRyxLQUFLLEVBQUUsR0FBa0IsRUFBRSxHQUFtQixFQUFFLEVBQUU7SUFDcEUsTUFBTSxNQUFNLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsaUNBQXlCLENBQUMsYUFBYSxDQUFDLENBQUE7SUFDekUsTUFBTSxPQUFPLEdBQUcsSUFBQSwyQ0FBa0MsRUFBQyxNQUEyQixDQUFDLENBQUE7SUFDL0UsTUFBTSxzQkFBc0IsR0FBRyxPQUFPLENBQUMsWUFBWTtTQUNoRCxVQUEwQyxDQUFBO0lBRTdDLE1BQU0sTUFBTSxHQUFHLElBQUEsK0NBQXlCLEVBQUMsR0FBRyxDQUFDLElBQUksRUFBRSxzQkFBc0IsQ0FBQyxDQUFBO0lBRTFFLE1BQU0sT0FBTyxHQUFHLEdBQUcsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLGVBQU8sQ0FBQyxJQUFJLENBQUMsQ0FBQTtJQUUvQyxNQUFNLFFBQVEsR0FBRztRQUNmLEdBQUcsRUFBRSxHQUFHLENBQUMsR0FBRztRQUNaLE9BQU8sRUFBRSxHQUFHLENBQUMsT0FBTztRQUNwQixLQUFLLEVBQUUsR0FBRyxDQUFDLEtBQUs7UUFDaEIsSUFBSSxFQUFFLEdBQUcsQ0FBQyxJQUFJO1FBQ2QsUUFBUSxFQUFFLEdBQUcsQ0FBQyxRQUFRO0tBQ0EsQ0FBQTtJQUN4QixNQUFNLFFBQVEsR0FBRyxNQUFNLENBQUMsSUFBSSxLQUFLLE9BQU8sQ0FBQyxDQUFDLENBQUMsV0FBVyxDQUFDLENBQUMsQ0FBQyxXQUFXLENBQUE7SUFFcEUsTUFBTSxFQUFFLE9BQU8sRUFBRSxLQUFLLEVBQUUsWUFBWSxFQUFFLEdBQUcsTUFBTSxPQUFPLENBQUMsUUFBUSxDQUM3RCxRQUFRLEVBQ1IsUUFBUSxDQUNULENBQUE7SUFFRCxJQUFJLENBQUMsT0FBTyxJQUFJLENBQUMsWUFBWSxFQUFFLENBQUM7UUFDOUIsTUFBTSxJQUFJLG1CQUFXLENBQ25CLG1CQUFXLENBQUMsS0FBSyxDQUFDLFlBQVksRUFDOUIsS0FBSyxJQUFJLHFCQUFxQixDQUMvQixDQUFBO0lBQ0gsQ0FBQztJQUVELE1BQU0sSUFBQSwwREFBNEIsRUFBQyxHQUFHLEVBQUUsR0FBRyxFQUFFLFlBQXVDLENBQUMsQ0FBQTtBQUN2RixDQUFDLENBQUE7QUFoQ1ksUUFBQSxJQUFJLFFBZ0NoQiJ9

package/.medusa/server/src/api/auth/customer/shared/__tests__/parse-register-body.test.js ADDED Viewed

@@ -0,0 +1,87 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const vitest_1 = require("vitest");
+const utils_1 = require("@medusajs/framework/utils");
+const parse_register_body_1 = require("../parse-register-body");
+(0, vitest_1.describe)("parseCustomerRegisterBody", () => {
+    const okCases = [
+        {
+            name: "email config",
+            body: { email: "a@b.co", password: "x" },
+            registrationIdentifier: "email",
+            want: { mode: "email" },
+        },
+        {
+            name: "phone config",
+            body: { phone: "+15551", password: "x" },
+            registrationIdentifier: "phone",
+            want: { mode: "phone" },
+        },
+        {
+            name: "both config email only",
+            body: { email: "u@v.com", password: "Secret1!" },
+            registrationIdentifier: "both",
+            want: { mode: "email" },
+        },
+    ];
+    vitest_1.it.each(okCases)("$name", ({ body, registrationIdentifier, want }) => {
+        (0, vitest_1.expect)((0, parse_register_body_1.parseCustomerRegisterBody)(body, registrationIdentifier)).toEqual(want);
+    });
+    const errCases = [
+        {
+            name: "missing password",
+            body: { email: "a@b.co" },
+            registrationIdentifier: "email",
+            wantType: utils_1.MedusaError.Types.INVALID_DATA,
+            wantSubstring: "Password is required",
+        },
+        {
+            name: "both rejects phone-only",
+            body: { phone: "+1", password: "x" },
+            registrationIdentifier: "both",
+            wantType: utils_1.MedusaError.Types.INVALID_DATA,
+            wantSubstring: "email and password is required first",
+        },
+        {
+            name: "both rejects email+phone",
+            body: { email: "a@b.co", phone: "+1", password: "x" },
+            registrationIdentifier: "both",
+            wantType: utils_1.MedusaError.Types.INVALID_DATA,
+            wantSubstring: "only email and password",
+        },
+        {
+            name: "email rejects phone-only",
+            body: { phone: "+1", password: "x" },
+            registrationIdentifier: "email",
+            wantType: utils_1.MedusaError.Types.INVALID_DATA,
+            wantSubstring: "Register with your email",
+        },
+        {
+            name: "phone rejects email-only",
+            body: { email: "a@b.co", password: "x" },
+            registrationIdentifier: "phone",
+            wantType: utils_1.MedusaError.Types.INVALID_DATA,
+            wantSubstring: "Register with your phone",
+        },
+        {
+            name: "email XOR violated",
+            body: { email: "a@b.co", phone: "+1", password: "x" },
+            registrationIdentifier: "email",
+            wantType: utils_1.MedusaError.Types.INVALID_DATA,
+            wantSubstring: "not both",
+        },
+    ];
+    vitest_1.it.each(errCases)("$name", ({ body, registrationIdentifier, wantType, wantSubstring }) => {
+        try {
+            (0, parse_register_body_1.parseCustomerRegisterBody)(body, registrationIdentifier);
+            vitest_1.expect.fail("expected MedusaError");
+        }
+        catch (e) {
+            (0, vitest_1.expect)(e).toBeInstanceOf(utils_1.MedusaError);
+            const err = e;
+            (0, vitest_1.expect)(err.type).toBe(wantType);
+            (0, vitest_1.expect)(err.message).toContain(wantSubstring);
+        }
+    });
+});
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicGFyc2UtcmVnaXN0ZXItYm9keS50ZXN0LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vc3JjL2FwaS9hdXRoL2N1c3RvbWVyL3NoYXJlZC9fX3Rlc3RzX18vcGFyc2UtcmVnaXN0ZXItYm9keS50ZXN0LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7O0FBQUEsbUNBQTZDO0FBQzdDLHFEQUF1RDtBQUN2RCxnRUFHK0I7QUFFL0IsSUFBQSxpQkFBUSxFQUFDLDJCQUEyQixFQUFFLEdBQUcsRUFBRTtJQUN6QyxNQUFNLE9BQU8sR0FLUjtRQUNIO1lBQ0UsSUFBSSxFQUFFLGNBQWM7WUFDcEIsSUFBSSxFQUFFLEVBQUUsS0FBSyxFQUFFLFFBQVEsRUFBRSxRQUFRLEVBQUUsR0FBRyxFQUFFO1lBQ3hDLHNCQUFzQixFQUFFLE9BQU87WUFDL0IsSUFBSSxFQUFFLEVBQUUsSUFBSSxFQUFFLE9BQU8sRUFBRTtTQUN4QjtRQUNEO1lBQ0UsSUFBSSxFQUFFLGNBQWM7WUFDcEIsSUFBSSxFQUFFLEVBQUUsS0FBSyxFQUFFLFFBQVEsRUFBRSxRQUFRLEVBQUUsR0FBRyxFQUFFO1lBQ3hDLHNCQUFzQixFQUFFLE9BQU87WUFDL0IsSUFBSSxFQUFFLEVBQUUsSUFBSSxFQUFFLE9BQU8sRUFBRTtTQUN4QjtRQUNEO1lBQ0UsSUFBSSxFQUFFLHdCQUF3QjtZQUM5QixJQUFJLEVBQUUsRUFBRSxLQUFLLEVBQUUsU0FBUyxFQUFFLFFBQVEsRUFBRSxVQUFVLEVBQUU7WUFDaEQsc0JBQXNCLEVBQUUsTUFBTTtZQUM5QixJQUFJLEVBQUUsRUFBRSxJQUFJLEVBQUUsT0FBTyxFQUFFO1NBQ3hCO0tBQ0YsQ0FBQTtJQUVELFdBQUUsQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFDLENBQUMsT0FBTyxFQUFFLENBQUMsRUFBRSxJQUFJLEVBQUUsc0JBQXNCLEVBQUUsSUFBSSxFQUFFLEVBQUUsRUFBRTtRQUNuRSxJQUFBLGVBQU0sRUFBQyxJQUFBLCtDQUF5QixFQUFDLElBQUksRUFBRSxzQkFBc0IsQ0FBQyxDQUFDLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxDQUFBO0lBQy9FLENBQUMsQ0FBQyxDQUFBO0lBRUYsTUFBTSxRQUFRLEdBTVQ7UUFDSDtZQUNFLElBQUksRUFBRSxrQkFBa0I7WUFDeEIsSUFBSSxFQUFFLEVBQUUsS0FBSyxFQUFFLFFBQVEsRUFBRTtZQUN6QixzQkFBc0IsRUFBRSxPQUFPO1lBQy9CLFFBQVEsRUFBRSxtQkFBVyxDQUFDLEtBQUssQ0FBQyxZQUFZO1lBQ3hDLGFBQWEsRUFBRSxzQkFBc0I7U0FDdEM7UUFDRDtZQUNFLElBQUksRUFBRSx5QkFBeUI7WUFDL0IsSUFBSSxFQUFFLEVBQUUsS0FBSyxFQUFFLElBQUksRUFBRSxRQUFRLEVBQUUsR0FBRyxFQUFFO1lBQ3BDLHNCQUFzQixFQUFFLE1BQU07WUFDOUIsUUFBUSxFQUFFLG1CQUFXLENBQUMsS0FBSyxDQUFDLFlBQVk7WUFDeEMsYUFBYSxFQUFFLHNDQUFzQztTQUN0RDtRQUNEO1lBQ0UsSUFBSSxFQUFFLDBCQUEwQjtZQUNoQyxJQUFJLEVBQUUsRUFBRSxLQUFLLEVBQUUsUUFBUSxFQUFFLEtBQUssRUFBRSxJQUFJLEVBQUUsUUFBUSxFQUFFLEdBQUcsRUFBRTtZQUNyRCxzQkFBc0IsRUFBRSxNQUFNO1lBQzlCLFFBQVEsRUFBRSxtQkFBVyxDQUFDLEtBQUssQ0FBQyxZQUFZO1lBQ3hDLGFBQWEsRUFBRSx5QkFBeUI7U0FDekM7UUFDRDtZQUNFLElBQUksRUFBRSwwQkFBMEI7WUFDaEMsSUFBSSxFQUFFLEVBQUUsS0FBSyxFQUFFLElBQUksRUFBRSxRQUFRLEVBQUUsR0FBRyxFQUFFO1lBQ3BDLHNCQUFzQixFQUFFLE9BQU87WUFDL0IsUUFBUSxFQUFFLG1CQUFXLENBQUMsS0FBSyxDQUFDLFlBQVk7WUFDeEMsYUFBYSxFQUFFLDBCQUEwQjtTQUMxQztRQUNEO1lBQ0UsSUFBSSxFQUFFLDBCQUEwQjtZQUNoQyxJQUFJLEVBQUUsRUFBRSxLQUFLLEVBQUUsUUFBUSxFQUFFLFFBQVEsRUFBRSxHQUFHLEVBQUU7WUFDeEMsc0JBQXNCLEVBQUUsT0FBTztZQUMvQixRQUFRLEVBQUUsbUJBQVcsQ0FBQyxLQUFLLENBQUMsWUFBWTtZQUN4QyxhQUFhLEVBQUUsMEJBQTBCO1NBQzFDO1FBQ0Q7WUFDRSxJQUFJLEVBQUUsb0JBQW9CO1lBQzFCLElBQUksRUFBRSxFQUFFLEtBQUssRUFBRSxRQUFRLEVBQUUsS0FBSyxFQUFFLElBQUksRUFBRSxRQUFRLEVBQUUsR0FBRyxFQUFFO1lBQ3JELHNCQUFzQixFQUFFLE9BQU87WUFDL0IsUUFBUSxFQUFFLG1CQUFXLENBQUMsS0FBSyxDQUFDLFlBQVk7WUFDeEMsYUFBYSxFQUFFLFVBQVU7U0FDMUI7S0FDRixDQUFBO0lBRUQsV0FBRSxDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsQ0FBQyxPQUFPLEVBQUUsQ0FBQyxFQUFFLElBQUksRUFBRSxzQkFBc0IsRUFBRSxRQUFRLEVBQUUsYUFBYSxFQUFFLEVBQUUsRUFBRTtRQUN2RixJQUFJLENBQUM7WUFDSCxJQUFBLCtDQUF5QixFQUFDLElBQUksRUFBRSxzQkFBc0IsQ0FBQyxDQUFBO1lBQ3ZELGVBQU0sQ0FBQyxJQUFJLENBQUMsc0JBQXNCLENBQUMsQ0FBQTtRQUNyQyxDQUFDO1FBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztZQUNYLElBQUEsZUFBTSxFQUFDLENBQUMsQ0FBQyxDQUFDLGNBQWMsQ0FBQyxtQkFBVyxDQUFDLENBQUE7WUFDckMsTUFBTSxHQUFHLEdBQUcsQ0FBZ0IsQ0FBQTtZQUM1QixJQUFBLGVBQU0sRUFBQyxHQUFHLENBQUMsSUFBSSxDQUFDLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxDQUFBO1lBQy9CLElBQUEsZUFBTSxFQUFDLEdBQUcsQ0FBQyxPQUFPLENBQUMsQ0FBQyxTQUFTLENBQUMsYUFBYSxDQUFDLENBQUE7UUFDOUMsQ0FBQztJQUNILENBQUMsQ0FBQyxDQUFBO0FBQ0osQ0FBQyxDQUFDLENBQUEifQ==

package/.medusa/server/src/api/auth/customer/shared/complete-registration-token.js ADDED Viewed

@@ -0,0 +1,34 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.respondWithRegistrationToken = respondWithRegistrationToken;
+const utils_1 = require("@medusajs/framework/utils");
+const generate_jwt_token_1 = require("@medusajs/medusa/api/auth/utils/generate-jwt-token");
+/**
+ * After a successful `authModuleService.register(...)`, issues the standard
+ * Medusa registration JWT and responds with `{ token }`.
+ */
+async function respondWithRegistrationToken(req, res, authIdentity) {
+    const config = req.scope.resolve(utils_1.ContainerRegistrationKeys.CONFIG_MODULE);
+    const { http } = config.projectConfig ?? {};
+    if (!http?.jwtSecret) {
+        throw new utils_1.MedusaError(utils_1.MedusaError.Types.INVALID_DATA, "JWT secret is not configured");
+    }
+    let token;
+    try {
+        token = await (0, generate_jwt_token_1.generateJwtTokenForAuthIdentity)({
+            authIdentity: authIdentity,
+            actorType: "customer",
+        }, {
+            secret: http.jwtSecret,
+            expiresIn: http.jwtExpiresIn || "7d",
+        });
+    }
+    catch (jwtError) {
+        throw new utils_1.MedusaError(utils_1.MedusaError.Types.UNEXPECTED_STATE, `JWT generation failed: ${jwtError instanceof Error ? jwtError.message : "Unknown error"}`);
+    }
+    if (!token || typeof token !== "string") {
+        throw new utils_1.MedusaError(utils_1.MedusaError.Types.UNEXPECTED_STATE, "Failed to generate registration token");
+    }
+    res.status(200).json({ token });
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29tcGxldGUtcmVnaXN0cmF0aW9uLXRva2VuLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vLi4vLi4vc3JjL2FwaS9hdXRoL2N1c3RvbWVyL3NoYXJlZC9jb21wbGV0ZS1yZWdpc3RyYXRpb24tdG9rZW4udHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7QUFjQSxvRUE2Q0M7QUF6REQscURBR2tDO0FBQ2xDLDJGQUFvRztBQUlwRzs7O0dBR0c7QUFDSSxLQUFLLFVBQVUsNEJBQTRCLENBQ2hELEdBQWtCLEVBQ2xCLEdBQW1CLEVBQ25CLFlBQXFDO0lBRXJDLE1BQU0sTUFBTSxHQUFHLEdBQUcsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLGlDQUF5QixDQUFDLGFBQWEsQ0FFcEQsQ0FBQTtJQUVwQixNQUFNLEVBQUUsSUFBSSxFQUFFLEdBQUcsTUFBTSxDQUFDLGFBQWEsSUFBSSxFQUFFLENBQUE7SUFFM0MsSUFBSSxDQUFDLElBQUksRUFBRSxTQUFTLEVBQUUsQ0FBQztRQUNyQixNQUFNLElBQUksbUJBQVcsQ0FDbkIsbUJBQVcsQ0FBQyxLQUFLLENBQUMsWUFBWSxFQUM5Qiw4QkFBOEIsQ0FDL0IsQ0FBQTtJQUNILENBQUM7SUFFRCxJQUFJLEtBQXlCLENBQUE7SUFDN0IsSUFBSSxDQUFDO1FBQ0gsS0FBSyxHQUFHLE1BQU0sSUFBQSxvREFBK0IsRUFDM0M7WUFDRSxZQUFZLEVBQUUsWUFBMEM7WUFDeEQsU0FBUyxFQUFFLFVBQVU7U0FDdEIsRUFDRDtZQUNFLE1BQU0sRUFBRSxJQUFJLENBQUMsU0FBUztZQUN0QixTQUFTLEVBQUUsSUFBSSxDQUFDLFlBQVksSUFBSSxJQUFJO1NBQ3JDLENBQ0YsQ0FBQTtJQUNILENBQUM7SUFBQyxPQUFPLFFBQVEsRUFBRSxDQUFDO1FBQ2xCLE1BQU0sSUFBSSxtQkFBVyxDQUNuQixtQkFBVyxDQUFDLEtBQUssQ0FBQyxnQkFBZ0IsRUFDbEMsMEJBQTBCLFFBQVEsWUFBWSxLQUFLLENBQUMsQ0FBQyxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLGVBQWUsRUFBRSxDQUMzRixDQUFBO0lBQ0gsQ0FBQztJQUVELElBQUksQ0FBQyxLQUFLLElBQUksT0FBTyxLQUFLLEtBQUssUUFBUSxFQUFFLENBQUM7UUFDeEMsTUFBTSxJQUFJLG1CQUFXLENBQ25CLG1CQUFXLENBQUMsS0FBSyxDQUFDLGdCQUFnQixFQUNsQyx1Q0FBdUMsQ0FDeEMsQ0FBQTtJQUNILENBQUM7SUFFRCxHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQyxFQUFFLEtBQUssRUFBRSxDQUFDLENBQUE7QUFDakMsQ0FBQyJ9

package/.medusa/server/src/api/auth/customer/shared/customer-login-post.js CHANGED Viewed

@@ -57,6 +57,7 @@ async function runEmailPassAuthFlow(req, res, config, authData) {
             customerId: resolvedCustomerId,
             req,
             logLabel: email,
+            loginChannel: "email",
         });
         await (0, complete_customer_login_1.completeCustomerLogin)(req, res, config, authIdentity, resolvedCustomerId, {
             kind: "email",
@@ -113,6 +114,7 @@ async function runPhonePassAuthFlow(req, res, config, authData) {
         customerId,
         req,
         logLabel,
+        loginChannel: "phone",
     });
     await (0, complete_customer_login_1.completeCustomerLogin)(req, res, config, authIdentity, customerId, {
         kind: "phone",
@@ -137,4 +139,4 @@ async function handleCustomerLogin(req, res) {
     }
     return runPhonePassAuthFlow(req, res, config, authData);
 }
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY3VzdG9tZXItbG9naW4tcG9zdC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uLy4uLy4uLy4uL3NyYy9hcGkvYXV0aC9jdXN0b21lci9zaGFyZWQvY3VzdG9tZXItbG9naW4tcG9zdC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQWlEQSxvREEyRUM7QUFLRCxvREF1RkM7QUFNRCxrREF3QkM7QUFwUEQscURBSWtDO0FBRWxDLCtDQUF1RTtBQUN2RSx1RUFBMEY7QUFDMUYsMkZBQXFGO0FBQ3JGLG1GQUEyRTtBQUMzRSx5REFHMkI7QUFFM0IsU0FBUyxZQUFZLENBQ25CLE1BQW1DO0lBRW5DLE1BQU0sUUFBUSxHQUFHLE1BQU0sQ0FBQyxJQUFJLEVBQUUsQ0FBQyxDQUFDLENBQUMsQ0FBQTtJQUNqQyxJQUFJLFFBQVEsSUFBSSxPQUFPLFFBQVEsS0FBSyxRQUFRLElBQUksQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLFFBQVEsQ0FBQyxFQUFFLENBQUM7UUFDekUsT0FBTyxRQUFRLENBQUE7SUFDakIsQ0FBQztJQUNELE1BQU0sS0FBSyxHQUFHLE1BQU0sQ0FBQyxDQUFDLENBQUMsQ0FBQTtJQUN2QixJQUFJLEtBQUssQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDLEVBQUUsQ0FBQztRQUN6QixNQUFNLEtBQUssR0FBRyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUE7UUFDdEIsSUFBSSxLQUFLLElBQUksT0FBTyxLQUFLLEtBQUssUUFBUSxJQUFJLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxLQUFLLENBQUMsRUFBRSxDQUFDO1lBQ2hFLE9BQU8sS0FBVSxDQUFBO1FBQ25CLENBQUM7SUFDSCxDQUFDO0lBQ0QsT0FBTyxTQUFTLENBQUE7QUFDbEIsQ0FBQztBQWNEOztHQUVHO0FBQ0ksS0FBSyxVQUFVLG9CQUFvQixDQUN4QyxHQUFrQixFQUNsQixHQUFtQixFQUNuQixNQUE4QyxFQUM5QyxRQUE2QjtJQUU3QixNQUFNLE9BQU8sR0FBRyxHQUFHLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxlQUFPLENBQUMsSUFBSSxDQUFtQixDQUFBO0lBRWpFLE1BQU0sRUFBRSxPQUFPLEVBQUUsS0FBSyxFQUFFLFlBQVksRUFBRSxRQUFRLEVBQUUsR0FDOUMsTUFBTSxPQUFPLENBQUMsWUFBWSxDQUFDLFdBQVcsRUFBRSxRQUFRLENBQUMsQ0FBQTtJQUVuRCxJQUFJLFFBQVEsRUFBRSxDQUFDO1FBQ2IsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUMsRUFBRSxRQUFRLEVBQUUsQ0FBQyxDQUFBO1FBQ2xDLE9BQU07SUFDUixDQUFDO0lBRUQsSUFBSSxPQUFPLElBQUksWUFBWSxFQUFFLENBQUM7UUFDNUIsTUFBTSxLQUFLLEdBQ1IsWUFBWSxDQUFDLG1CQUFpRSxFQUFFLENBQUMsQ0FBQyxDQUFDO1lBQ2xGLEVBQUUsU0FBUyxJQUFJLEVBQUUsQ0FBQTtRQUVyQixNQUFNLE9BQU8sR0FBRyxZQUFZLENBQUMsWUFFaEIsQ0FBQTtRQUNiLElBQUksVUFBVSxHQUNaLE9BQU8sT0FBTyxFQUFFLFdBQVcsS0FBSyxRQUFRLENBQUMsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxXQUFXLENBQUMsQ0FBQyxDQUFDLFNBQVMsQ0FBQTtRQUU1RSxJQUFJLENBQUMsVUFBVSxFQUFFLENBQUM7WUFDaEIsTUFBTSxjQUFjLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsZUFBTyxDQUFDLFFBQVEsQ0FFeEQsQ0FBQTtZQUNELE1BQU0sU0FBUyxHQUFHLE1BQU0sY0FBYyxDQUFDLGFBQWEsQ0FBQztnQkFDbkQsS0FBSyxFQUFFLEtBQUssQ0FBQyxXQUFXLEVBQUU7YUFDM0IsQ0FBQyxDQUFBO1lBRUYsSUFBSSxTQUFTLElBQUksU0FBUyxDQUFDLE1BQU0sR0FBRyxDQUFDLEVBQUUsQ0FBQztnQkFDdEMsVUFBVSxHQUFHLFNBQVMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUE7WUFDOUIsQ0FBQztRQUNILENBQUM7UUFFRCxNQUFNLGtCQUFrQixHQUN0QixPQUFPLFVBQVUsS0FBSyxRQUFRLElBQUksVUFBVSxDQUFDLElBQUksRUFBRSxDQUFDLE1BQU0sR0FBRyxDQUFDO1lBQzVELENBQUMsQ0FBQyxVQUFVO1lBQ1osQ0FBQyxDQUFDLFNBQVMsQ0FBQTtRQUVmLElBQUksQ0FBQyxrQkFBa0IsRUFBRSxDQUFDO1lBQ3hCLE1BQU0sSUFBSSxtQkFBVyxDQUNuQixtQkFBVyxDQUFDLEtBQUssQ0FBQyxZQUFZLEVBQzlCLG9EQUFvRCxDQUNyRCxDQUFBO1FBQ0gsQ0FBQztRQUVELE1BQU0sSUFBQSxtRUFBK0IsRUFBQztZQUNwQyxVQUFVLEVBQUUsa0JBQWtCO1lBQzlCLEdBQUc7WUFDSCxRQUFRLEVBQUUsS0FBSztTQUNoQixDQUFDLENBQUE7UUFFRixNQUFNLElBQUEsK0NBQXFCLEVBQUMsR0FBRyxFQUFFLEdBQUcsRUFBRSxNQUFNLEVBQUUsWUFBWSxFQUFFLGtCQUFrQixFQUFFO1lBQzlFLElBQUksRUFBRSxPQUFPO1lBQ2IsS0FBSztTQUNOLENBQUMsQ0FBQTtRQUNGLE9BQU07SUFDUixDQUFDO0lBRUQsT0FBTyxDQUFDLEtBQUssQ0FBQyw2Q0FBNkMsRUFBRTtRQUMzRCxPQUFPO1FBQ1AsS0FBSztRQUNMLGVBQWUsRUFBRSxDQUFDLENBQUMsWUFBWTtLQUNoQyxDQUFDLENBQUE7SUFFRixNQUFNLElBQUksbUJBQVcsQ0FDbkIsbUJBQVcsQ0FBQyxLQUFLLENBQUMsWUFBWSxFQUM5QixLQUFLLElBQUksdUJBQXVCLENBQ2pDLENBQUE7QUFDSCxDQUFDO0FBRUQ7O0dBRUc7QUFDSSxLQUFLLFVBQVUsb0JBQW9CLENBQ3hDLEdBQWtCLEVBQ2xCLEdBQW1CLEVBQ25CLE1BQThDLEVBQzlDLFFBQTZCO0lBRTdCLE1BQU0sT0FBTyxHQUFHLEdBQUcsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLGVBQU8sQ0FBQyxJQUFJLENBQW1CLENBQUE7SUFFakUsTUFBTSxFQUFFLE9BQU8sRUFBRSxLQUFLLEVBQUUsWUFBWSxFQUFFLEdBQUcsTUFBTSxPQUFPLENBQUMsWUFBWSxDQUNqRSxXQUFXLEVBQ1gsUUFBUSxDQUNULENBQUE7SUFFRCxJQUFJLENBQUMsT0FBTyxJQUFJLENBQUMsWUFBWSxFQUFFLENBQUM7UUFDOUIsTUFBTSxJQUFJLG1CQUFXLENBQ25CLG1CQUFXLENBQUMsS0FBSyxDQUFDLFlBQVksRUFDOUIsS0FBSyxJQUFJLHVCQUF1QixDQUNqQyxDQUFBO0lBQ0gsQ0FBQztJQUVELE1BQU0sS0FBSyxHQUNSLFlBQVksQ0FBQyxtQkFBaUUsRUFBRSxDQUFDLENBQUMsQ0FBQztRQUNsRixFQUFFLFNBQVMsSUFBSSxFQUFFLENBQUE7SUFFckIsTUFBTSxZQUFZLEdBQUcsWUFBWSxDQUFDLFlBRXJCLENBQUE7SUFDYixJQUFJLFVBQVUsR0FDWixPQUFPLFlBQVksRUFBRSxXQUFXLEtBQUssUUFBUTtRQUMzQyxDQUFDLENBQUMsWUFBWSxDQUFDLFdBQVc7UUFDMUIsQ0FBQyxDQUFDLFNBQVMsQ0FBQTtJQUVmLElBQUksQ0FBQyxVQUFVLEVBQUUsQ0FBQztRQUNoQixNQUFNLElBQUksR0FBRyxHQUFHLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxpQ0FBeUIsQ0FBQyxhQUFhLENBS3JFLENBQUE7UUFDRCxJQUFJLElBQUksRUFBRSxDQUFDO1lBQ1QsTUFBTSxNQUFNLEdBQUcsTUFBTSxJQUFJLENBQUMsR0FBRyxDQUMzQixpREFBaUQsRUFDakQsQ0FBQyxLQUFLLENBQUMsQ0FDUixDQUFBO1lBQ0QsTUFBTSxHQUFHLEdBQUcsWUFBWSxDQUFrQixNQUFNLENBQUMsQ0FBQTtZQUNqRCxJQUFJLEdBQUcsRUFBRSxFQUFFLEVBQUUsQ0FBQztnQkFDWixVQUFVLEdBQUcsR0FBRyxDQUFDLEVBQUUsQ0FBQTtZQUNyQixDQUFDO1FBQ0gsQ0FBQztJQUNILENBQUM7SUFFRCxJQUFJLENBQUMsVUFBVSxFQUFFLENBQUM7UUFDaEIsTUFBTSxJQUFJLG1CQUFXLENBQ25CLG1CQUFXLENBQUMsS0FBSyxDQUFDLFlBQVksRUFDOUIsb0RBQW9ELENBQ3JELENBQUE7SUFDSCxDQUFDO0lBRUQsSUFBSSxRQUFRLEdBQUcsS0FBSyxDQUFBO0lBQ3BCLE1BQU0sU0FBUyxHQUFHLEdBQUcsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLGlDQUF5QixDQUFDLGFBQWEsQ0FLMUUsQ0FBQTtJQUNELElBQUksU0FBUyxFQUFFLENBQUM7UUFDZCxNQUFNLFNBQVMsR0FBRyxNQUFNLFNBQVMsQ0FBQyxHQUFHLENBQ25DLGlEQUFpRCxFQUNqRCxDQUFDLFVBQVUsQ0FBQyxDQUNiLENBQUE7UUFDRCxNQUFNLEdBQUcsR0FBRyxZQUFZLENBQTRCLFNBQVMsQ0FBQyxDQUFBO1FBQzlELE1BQU0sQ0FBQyxHQUFHLEdBQUcsRUFBRSxLQUFLLENBQUE7UUFDcEIsSUFBSSxPQUFPLENBQUMsS0FBSyxRQUFRLElBQUksQ0FBQyxDQUFDLElBQUksRUFBRSxFQUFFLENBQUM7WUFDdEMsUUFBUSxHQUFHLENBQUMsQ0FBQyxJQUFJLEVBQUUsQ0FBQTtRQUNyQixDQUFDO0lBQ0gsQ0FBQztJQUVELE1BQU0sSUFBQSxtRUFBK0IsRUFBQztRQUNwQyxVQUFVO1FBQ1YsR0FBRztRQUNILFFBQVE7S0FDVCxDQUFDLENBQUE7SUFFRixNQUFNLElBQUEsK0NBQXFCLEVBQUMsR0FBRyxFQUFFLEdBQUcsRUFBRSxNQUFNLEVBQUUsWUFBWSxFQUFFLFVBQVUsRUFBRTtRQUN0RSxJQUFJLEVBQUUsT0FBTztRQUNiLEtBQUs7S0FDTixDQUFDLENBQUE7QUFDSixDQUFDO0FBRUQ7OztHQUdHO0FBQ0ksS0FBSyxVQUFVLG1CQUFtQixDQUN2QyxHQUFrQixFQUNsQixHQUFtQjtJQUVuQixNQUFNLE1BQU0sR0FBRyxHQUFHLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FDOUIsaUNBQXlCLENBQUMsYUFBYSxDQUNFLENBQUE7SUFFM0MsTUFBTSxZQUFZLEdBQUcsSUFBQSwyQ0FBa0MsRUFBQyxNQUFNLENBQUMsQ0FBQTtJQUMvRCxNQUFNLGVBQWUsR0FBRyxZQUFZLENBQUMsS0FBSyxDQUFDLFVBQW1DLENBQUE7SUFFOUUsTUFBTSxRQUFRLEdBQUcsSUFBQSx5REFBeUIsRUFBQyxHQUFHLENBQUMsQ0FBQTtJQUMvQyxNQUFNLFdBQVcsR0FDZixRQUFRLENBQUMsSUFBSSxLQUFLLElBQUksSUFBSSxPQUFPLFFBQVEsQ0FBQyxJQUFJLEtBQUssUUFBUSxJQUFJLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDO1FBQzFGLENBQUMsQ0FBRSxRQUFRLENBQUMsSUFBZ0M7UUFDNUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQTtJQUVSLE1BQU0sTUFBTSxHQUFHLElBQUEseUNBQXNCLEVBQUMsV0FBVyxFQUFFLGVBQWUsQ0FBQyxDQUFBO0lBRW5FLElBQUksTUFBTSxDQUFDLElBQUksS0FBSyxPQUFPLEVBQUUsQ0FBQztRQUM1QixPQUFPLG9CQUFvQixDQUFDLEdBQUcsRUFBRSxHQUFHLEVBQUUsTUFBTSxFQUFFLFFBQVEsQ0FBQyxDQUFBO0lBQ3pELENBQUM7SUFFRCxPQUFPLG9CQUFvQixDQUFDLEdBQUcsRUFBRSxHQUFHLEVBQUUsTUFBTSxFQUFFLFFBQVEsQ0FBQyxDQUFBO0FBQ3pELENBQUMifQ==
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY3VzdG9tZXItbG9naW4tcG9zdC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uLy4uLy4uLy4uL3NyYy9hcGkvYXV0aC9jdXN0b21lci9zaGFyZWQvY3VzdG9tZXItbG9naW4tcG9zdC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQWlEQSxvREE0RUM7QUFLRCxvREF3RkM7QUFNRCxrREF3QkM7QUF0UEQscURBSWtDO0FBRWxDLCtDQUF1RTtBQUN2RSx1RUFBMEY7QUFDMUYsMkZBQXFGO0FBQ3JGLG1GQUEyRTtBQUMzRSx5REFHMkI7QUFFM0IsU0FBUyxZQUFZLENBQ25CLE1BQW1DO0lBRW5DLE1BQU0sUUFBUSxHQUFHLE1BQU0sQ0FBQyxJQUFJLEVBQUUsQ0FBQyxDQUFDLENBQUMsQ0FBQTtJQUNqQyxJQUFJLFFBQVEsSUFBSSxPQUFPLFFBQVEsS0FBSyxRQUFRLElBQUksQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLFFBQVEsQ0FBQyxFQUFFLENBQUM7UUFDekUsT0FBTyxRQUFRLENBQUE7SUFDakIsQ0FBQztJQUNELE1BQU0sS0FBSyxHQUFHLE1BQU0sQ0FBQyxDQUFDLENBQUMsQ0FBQTtJQUN2QixJQUFJLEtBQUssQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDLEVBQUUsQ0FBQztRQUN6QixNQUFNLEtBQUssR0FBRyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUE7UUFDdEIsSUFBSSxLQUFLLElBQUksT0FBTyxLQUFLLEtBQUssUUFBUSxJQUFJLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxLQUFLLENBQUMsRUFBRSxDQUFDO1lBQ2hFLE9BQU8sS0FBVSxDQUFBO1FBQ25CLENBQUM7SUFDSCxDQUFDO0lBQ0QsT0FBTyxTQUFTLENBQUE7QUFDbEIsQ0FBQztBQWNEOztHQUVHO0FBQ0ksS0FBSyxVQUFVLG9CQUFvQixDQUN4QyxHQUFrQixFQUNsQixHQUFtQixFQUNuQixNQUE4QyxFQUM5QyxRQUE2QjtJQUU3QixNQUFNLE9BQU8sR0FBRyxHQUFHLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxlQUFPLENBQUMsSUFBSSxDQUFtQixDQUFBO0lBRWpFLE1BQU0sRUFBRSxPQUFPLEVBQUUsS0FBSyxFQUFFLFlBQVksRUFBRSxRQUFRLEVBQUUsR0FDOUMsTUFBTSxPQUFPLENBQUMsWUFBWSxDQUFDLFdBQVcsRUFBRSxRQUFRLENBQUMsQ0FBQTtJQUVuRCxJQUFJLFFBQVEsRUFBRSxDQUFDO1FBQ2IsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUMsRUFBRSxRQUFRLEVBQUUsQ0FBQyxDQUFBO1FBQ2xDLE9BQU07SUFDUixDQUFDO0lBRUQsSUFBSSxPQUFPLElBQUksWUFBWSxFQUFFLENBQUM7UUFDNUIsTUFBTSxLQUFLLEdBQ1IsWUFBWSxDQUFDLG1CQUFpRSxFQUFFLENBQUMsQ0FBQyxDQUFDO1lBQ2xGLEVBQUUsU0FBUyxJQUFJLEVBQUUsQ0FBQTtRQUVyQixNQUFNLE9BQU8sR0FBRyxZQUFZLENBQUMsWUFFaEIsQ0FBQTtRQUNiLElBQUksVUFBVSxHQUNaLE9BQU8sT0FBTyxFQUFFLFdBQVcsS0FBSyxRQUFRLENBQUMsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxXQUFXLENBQUMsQ0FBQyxDQUFDLFNBQVMsQ0FBQTtRQUU1RSxJQUFJLENBQUMsVUFBVSxFQUFFLENBQUM7WUFDaEIsTUFBTSxjQUFjLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsZUFBTyxDQUFDLFFBQVEsQ0FFeEQsQ0FBQTtZQUNELE1BQU0sU0FBUyxHQUFHLE1BQU0sY0FBYyxDQUFDLGFBQWEsQ0FBQztnQkFDbkQsS0FBSyxFQUFFLEtBQUssQ0FBQyxXQUFXLEVBQUU7YUFDM0IsQ0FBQyxDQUFBO1lBRUYsSUFBSSxTQUFTLElBQUksU0FBUyxDQUFDLE1BQU0sR0FBRyxDQUFDLEVBQUUsQ0FBQztnQkFDdEMsVUFBVSxHQUFHLFNBQVMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUE7WUFDOUIsQ0FBQztRQUNILENBQUM7UUFFRCxNQUFNLGtCQUFrQixHQUN0QixPQUFPLFVBQVUsS0FBSyxRQUFRLElBQUksVUFBVSxDQUFDLElBQUksRUFBRSxDQUFDLE1BQU0sR0FBRyxDQUFDO1lBQzVELENBQUMsQ0FBQyxVQUFVO1lBQ1osQ0FBQyxDQUFDLFNBQVMsQ0FBQTtRQUVmLElBQUksQ0FBQyxrQkFBa0IsRUFBRSxDQUFDO1lBQ3hCLE1BQU0sSUFBSSxtQkFBVyxDQUNuQixtQkFBVyxDQUFDLEtBQUssQ0FBQyxZQUFZLEVBQzlCLG9EQUFvRCxDQUNyRCxDQUFBO1FBQ0gsQ0FBQztRQUVELE1BQU0sSUFBQSxtRUFBK0IsRUFBQztZQUNwQyxVQUFVLEVBQUUsa0JBQWtCO1lBQzlCLEdBQUc7WUFDSCxRQUFRLEVBQUUsS0FBSztZQUNmLFlBQVksRUFBRSxPQUFPO1NBQ3RCLENBQUMsQ0FBQTtRQUVGLE1BQU0sSUFBQSwrQ0FBcUIsRUFBQyxHQUFHLEVBQUUsR0FBRyxFQUFFLE1BQU0sRUFBRSxZQUFZLEVBQUUsa0JBQWtCLEVBQUU7WUFDOUUsSUFBSSxFQUFFLE9BQU87WUFDYixLQUFLO1NBQ04sQ0FBQyxDQUFBO1FBQ0YsT0FBTTtJQUNSLENBQUM7SUFFRCxPQUFPLENBQUMsS0FBSyxDQUFDLDZDQUE2QyxFQUFFO1FBQzNELE9BQU87UUFDUCxLQUFLO1FBQ0wsZUFBZSxFQUFFLENBQUMsQ0FBQyxZQUFZO0tBQ2hDLENBQUMsQ0FBQTtJQUVGLE1BQU0sSUFBSSxtQkFBVyxDQUNuQixtQkFBVyxDQUFDLEtBQUssQ0FBQyxZQUFZLEVBQzlCLEtBQUssSUFBSSx1QkFBdUIsQ0FDakMsQ0FBQTtBQUNILENBQUM7QUFFRDs7R0FFRztBQUNJLEtBQUssVUFBVSxvQkFBb0IsQ0FDeEMsR0FBa0IsRUFDbEIsR0FBbUIsRUFDbkIsTUFBOEMsRUFDOUMsUUFBNkI7SUFFN0IsTUFBTSxPQUFPLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsZUFBTyxDQUFDLElBQUksQ0FBbUIsQ0FBQTtJQUVqRSxNQUFNLEVBQUUsT0FBTyxFQUFFLEtBQUssRUFBRSxZQUFZLEVBQUUsR0FBRyxNQUFNLE9BQU8sQ0FBQyxZQUFZLENBQ2pFLFdBQVcsRUFDWCxRQUFRLENBQ1QsQ0FBQTtJQUVELElBQUksQ0FBQyxPQUFPLElBQUksQ0FBQyxZQUFZLEVBQUUsQ0FBQztRQUM5QixNQUFNLElBQUksbUJBQVcsQ0FDbkIsbUJBQVcsQ0FBQyxLQUFLLENBQUMsWUFBWSxFQUM5QixLQUFLLElBQUksdUJBQXVCLENBQ2pDLENBQUE7SUFDSCxDQUFDO0lBRUQsTUFBTSxLQUFLLEdBQ1IsWUFBWSxDQUFDLG1CQUFpRSxFQUFFLENBQUMsQ0FBQyxDQUFDO1FBQ2xGLEVBQUUsU0FBUyxJQUFJLEVBQUUsQ0FBQTtJQUVyQixNQUFNLFlBQVksR0FBRyxZQUFZLENBQUMsWUFFckIsQ0FBQTtJQUNiLElBQUksVUFBVSxHQUNaLE9BQU8sWUFBWSxFQUFFLFdBQVcsS0FBSyxRQUFRO1FBQzNDLENBQUMsQ0FBQyxZQUFZLENBQUMsV0FBVztRQUMxQixDQUFDLENBQUMsU0FBUyxDQUFBO0lBRWYsSUFBSSxDQUFDLFVBQVUsRUFBRSxDQUFDO1FBQ2hCLE1BQU0sSUFBSSxHQUFHLEdBQUcsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLGlDQUF5QixDQUFDLGFBQWEsQ0FLckUsQ0FBQTtRQUNELElBQUksSUFBSSxFQUFFLENBQUM7WUFDVCxNQUFNLE1BQU0sR0FBRyxNQUFNLElBQUksQ0FBQyxHQUFHLENBQzNCLGlEQUFpRCxFQUNqRCxDQUFDLEtBQUssQ0FBQyxDQUNSLENBQUE7WUFDRCxNQUFNLEdBQUcsR0FBRyxZQUFZLENBQWtCLE1BQU0sQ0FBQyxDQUFBO1lBQ2pELElBQUksR0FBRyxFQUFFLEVBQUUsRUFBRSxDQUFDO2dCQUNaLFVBQVUsR0FBRyxHQUFHLENBQUMsRUFBRSxDQUFBO1lBQ3JCLENBQUM7UUFDSCxDQUFDO0lBQ0gsQ0FBQztJQUVELElBQUksQ0FBQyxVQUFVLEVBQUUsQ0FBQztRQUNoQixNQUFNLElBQUksbUJBQVcsQ0FDbkIsbUJBQVcsQ0FBQyxLQUFLLENBQUMsWUFBWSxFQUM5QixvREFBb0QsQ0FDckQsQ0FBQTtJQUNILENBQUM7SUFFRCxJQUFJLFFBQVEsR0FBRyxLQUFLLENBQUE7SUFDcEIsTUFBTSxTQUFTLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsaUNBQXlCLENBQUMsYUFBYSxDQUsxRSxDQUFBO0lBQ0QsSUFBSSxTQUFTLEVBQUUsQ0FBQztRQUNkLE1BQU0sU0FBUyxHQUFHLE1BQU0sU0FBUyxDQUFDLEdBQUcsQ0FDbkMsaURBQWlELEVBQ2pELENBQUMsVUFBVSxDQUFDLENBQ2IsQ0FBQTtRQUNELE1BQU0sR0FBRyxHQUFHLFlBQVksQ0FBNEIsU0FBUyxDQUFDLENBQUE7UUFDOUQsTUFBTSxDQUFDLEdBQUcsR0FBRyxFQUFFLEtBQUssQ0FBQTtRQUNwQixJQUFJLE9BQU8sQ0FBQyxLQUFLLFFBQVEsSUFBSSxDQUFDLENBQUMsSUFBSSxFQUFFLEVBQUUsQ0FBQztZQUN0QyxRQUFRLEdBQUcsQ0FBQyxDQUFDLElBQUksRUFBRSxDQUFBO1FBQ3JCLENBQUM7SUFDSCxDQUFDO0lBRUQsTUFBTSxJQUFBLG1FQUErQixFQUFDO1FBQ3BDLFVBQVU7UUFDVixHQUFHO1FBQ0gsUUFBUTtRQUNSLFlBQVksRUFBRSxPQUFPO0tBQ3RCLENBQUMsQ0FBQTtJQUVGLE1BQU0sSUFBQSwrQ0FBcUIsRUFBQyxHQUFHLEVBQUUsR0FBRyxFQUFFLE1BQU0sRUFBRSxZQUFZLEVBQUUsVUFBVSxFQUFFO1FBQ3RFLElBQUksRUFBRSxPQUFPO1FBQ2IsS0FBSztLQUNOLENBQUMsQ0FBQTtBQUNKLENBQUM7QUFFRDs7O0dBR0c7QUFDSSxLQUFLLFVBQVUsbUJBQW1CLENBQ3ZDLEdBQWtCLEVBQ2xCLEdBQW1CO0lBRW5CLE1BQU0sTUFBTSxHQUFHLEdBQUcsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUM5QixpQ0FBeUIsQ0FBQyxhQUFhLENBQ0UsQ0FBQTtJQUUzQyxNQUFNLFlBQVksR0FBRyxJQUFBLDJDQUFrQyxFQUFDLE1BQU0sQ0FBQyxDQUFBO0lBQy9ELE1BQU0sZUFBZSxHQUFHLFlBQVksQ0FBQyxLQUFLLENBQUMsVUFBbUMsQ0FBQTtJQUU5RSxNQUFNLFFBQVEsR0FBRyxJQUFBLHlEQUF5QixFQUFDLEdBQUcsQ0FBQyxDQUFBO0lBQy9DLE1BQU0sV0FBVyxHQUNmLFFBQVEsQ0FBQyxJQUFJLEtBQUssSUFBSSxJQUFJLE9BQU8sUUFBUSxDQUFDLElBQUksS0FBSyxRQUFRLElBQUksQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUM7UUFDMUYsQ0FBQyxDQUFFLFFBQVEsQ0FBQyxJQUFnQztRQUM1QyxDQUFDLENBQUMsRUFBRSxDQUFBO0lBRVIsTUFBTSxNQUFNLEdBQUcsSUFBQSx5Q0FBc0IsRUFBQyxXQUFXLEVBQUUsZUFBZSxDQUFDLENBQUE7SUFFbkUsSUFBSSxNQUFNLENBQUMsSUFBSSxLQUFLLE9BQU8sRUFBRSxDQUFDO1FBQzVCLE9BQU8sb0JBQW9CLENBQUMsR0FBRyxFQUFFLEdBQUcsRUFBRSxNQUFNLEVBQUUsUUFBUSxDQUFDLENBQUE7SUFDekQsQ0FBQztJQUVELE9BQU8sb0JBQW9CLENBQUMsR0FBRyxFQUFFLEdBQUcsRUFBRSxNQUFNLEVBQUUsUUFBUSxDQUFDLENBQUE7QUFDekQsQ0FBQyJ9

package/.medusa/server/src/api/auth/customer/shared/enforce-registration-verification.js CHANGED Viewed

@@ -5,10 +5,14 @@ const utils_1 = require("@medusajs/framework/utils");
 const otp_verification_1 = require("../../../../modules/otp-verification");
 const config_1 = require("../../../../config");
 /**
- * Enforces email / phone OTP verification according to `registration.identifier` and `require_verification`.
- * When phone is required but unverified, includes `pending_phone` UX (same as legacy phonepass route).
+ * Enforces OTP verification for login according to `registration.identifier` and `require_verification`.
+ *
+ * - `email` / `phone`: only that channel must be verified.
+ * - `both`: only the channel used to log in must be verified (`loginChannel`).
+ *
+ * When phone is enforced but unverified, includes `pending_phone` UX for pending number changes.
  */
-async function enforceRegistrationVerification({ customerId, req, logLabel, }) {
+async function enforceRegistrationVerification({ customerId, req, logLabel, loginChannel, }) {
     const configModule = req.scope.resolve(utils_1.ContainerRegistrationKeys.CONFIG_MODULE);
     const options = (0, config_1.resolveCustomerRegistrationOptions)(configModule);
     const { identifier, require_verification } = options.registration;
@@ -17,12 +21,14 @@ async function enforceRegistrationVerification({ customerId, req, logLabel, }) {
     }
     const otpService = req.scope.resolve(otp_verification_1.OTP_VERIFICATION_MODULE);
     const verificationStatus = await otpService.getCustomerVerificationByCustomerId(req.scope, customerId);
-    if ((identifier === "email" || identifier === "both") &&
-        !verificationStatus.email_verified) {
+    const enforceEmail = identifier === "email" ||
+        (identifier === "both" && loginChannel === "email");
+    const enforcePhone = identifier === "phone" ||
+        (identifier === "both" && loginChannel === "phone");
+    if (enforceEmail && !verificationStatus.email_verified) {
         throw new utils_1.MedusaError(utils_1.MedusaError.Types.UNAUTHORIZED, "Email not verified.");
     }
-    if ((identifier === "phone" || identifier === "both") &&
-        !verificationStatus.phone_verified) {
+    if (enforcePhone && !verificationStatus.phone_verified) {
         const knex = req.scope.resolve(utils_1.ContainerRegistrationKeys.PG_CONNECTION);
         const row = await knex.raw(`SELECT metadata->>'pending_phone' AS pending_phone FROM customer WHERE id = ? LIMIT 1`, [customerId]);
         const pendingPhone = (row.rows?.[0] ?? row[0]?.[0])?.pending_phone ?? null;
@@ -35,4 +41,4 @@ async function enforceRegistrationVerification({ customerId, req, logLabel, }) {
             : "Phone not verified.");
     }
 }
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZW5mb3JjZS1yZWdpc3RyYXRpb24tdmVyaWZpY2F0aW9uLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vLi4vLi4vc3JjL2FwaS9hdXRoL2N1c3RvbWVyL3NoYXJlZC9lbmZvcmNlLXJlZ2lzdHJhdGlvbi12ZXJpZmljYXRpb24udHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7QUFrQkEsMEVBK0RDO0FBaEZELHFEQUdrQztBQUdsQywyRUFBOEU7QUFFOUUsK0NBRzJCO0FBRTNCOzs7R0FHRztBQUNJLEtBQUssVUFBVSwrQkFBK0IsQ0FBQyxFQUNwRCxVQUFVLEVBQ1YsR0FBRyxFQUNILFFBQVEsR0FNVDtJQUNDLE1BQU0sWUFBWSxHQUFHLEdBQUcsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUNwQyxpQ0FBeUIsQ0FBQyxhQUFhLENBQ3hDLENBQUE7SUFDRCxNQUFNLE9BQU8sR0FBRyxJQUFBLDJDQUFrQyxFQUFDLFlBQVksQ0FBQyxDQUFBO0lBQ2hFLE1BQU0sRUFBRSxVQUFVLEVBQUUsb0JBQW9CLEVBQUUsR0FBRyxPQUFPLENBQUMsWUFBWSxDQUFBO0lBRWpFLElBQUksQ0FBQyxvQkFBb0IsRUFBRSxDQUFDO1FBQzFCLE9BQU07SUFDUixDQUFDO0lBRUQsTUFBTSxVQUFVLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQ2xDLDBDQUF1QixDQUN4QixDQUFBO0lBRUQsTUFBTSxrQkFBa0IsR0FBRyxNQUFNLFVBQVUsQ0FBQyxtQ0FBbUMsQ0FDN0UsR0FBRyxDQUFDLEtBQStCLEVBQ25DLFVBQVUsQ0FDWCxDQUFBO0lBRUQsSUFDRSxDQUFDLFVBQVUsS0FBSyxPQUFPLElBQUksVUFBVSxLQUFLLE1BQU0sQ0FBQztRQUNqRCxDQUFDLGtCQUFrQixDQUFDLGNBQWMsRUFDbEMsQ0FBQztRQUNELE1BQU0sSUFBSSxtQkFBVyxDQUNuQixtQkFBVyxDQUFDLEtBQUssQ0FBQyxZQUFZLEVBQzlCLHFCQUFxQixDQUN0QixDQUFBO0lBQ0gsQ0FBQztJQUVELElBQ0UsQ0FBQyxVQUFVLEtBQUssT0FBTyxJQUFJLFVBQVUsS0FBSyxNQUFNLENBQUM7UUFDakQsQ0FBQyxrQkFBa0IsQ0FBQyxjQUFjLEVBQ2xDLENBQUM7UUFDRCxNQUFNLElBQUksR0FBRyxHQUFHLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxpQ0FBeUIsQ0FBQyxhQUFhLENBQUMsQ0FBQTtRQUN2RSxNQUFNLEdBQUcsR0FBRyxNQUFNLElBQUksQ0FBQyxHQUFHLENBQ3hCLHVGQUF1RixFQUN2RixDQUFDLFVBQVUsQ0FBQyxDQUNiLENBQUE7UUFDRCxNQUFNLFlBQVksR0FDaEIsQ0FBQyxHQUFHLENBQUMsSUFBSSxFQUFFLENBQUMsQ0FBQyxDQUFDLElBQUksR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDLENBQUMsRUFBRSxhQUFhLElBQUksSUFBSSxDQUFBO1FBRXZELE9BQU8sQ0FBQyxLQUFLLENBQUMsb0NBQW9DLEVBQUU7WUFDbEQsUUFBUTtZQUNSLFVBQVU7U0FDWCxDQUFDLENBQUE7UUFFRixNQUFNLElBQUksbUJBQVcsQ0FDbkIsbUJBQVcsQ0FBQyxLQUFLLENBQUMsWUFBWSxFQUM5QixZQUFZO1lBQ1YsQ0FBQyxDQUFDLDhFQUE4RTtZQUNoRixDQUFDLENBQUMscUJBQXFCLENBQzFCLENBQUE7SUFDSCxDQUFDO0FBQ0gsQ0FBQyJ9
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZW5mb3JjZS1yZWdpc3RyYXRpb24tdmVyaWZpY2F0aW9uLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vLi4vLi4vc3JjL2FwaS9hdXRoL2N1c3RvbWVyL3NoYXJlZC9lbmZvcmNlLXJlZ2lzdHJhdGlvbi12ZXJpZmljYXRpb24udHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7QUFzQkEsMEVBb0VDO0FBekZELHFEQUdrQztBQUdsQywyRUFBOEU7QUFFOUUsK0NBRzJCO0FBRTNCOzs7Ozs7O0dBT0c7QUFDSSxLQUFLLFVBQVUsK0JBQStCLENBQUMsRUFDcEQsVUFBVSxFQUNWLEdBQUcsRUFDSCxRQUFRLEVBQ1IsWUFBWSxHQVFiO0lBQ0MsTUFBTSxZQUFZLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQ3BDLGlDQUF5QixDQUFDLGFBQWEsQ0FDeEMsQ0FBQTtJQUNELE1BQU0sT0FBTyxHQUFHLElBQUEsMkNBQWtDLEVBQUMsWUFBWSxDQUFDLENBQUE7SUFDaEUsTUFBTSxFQUFFLFVBQVUsRUFBRSxvQkFBb0IsRUFBRSxHQUFHLE9BQU8sQ0FBQyxZQUFZLENBQUE7SUFFakUsSUFBSSxDQUFDLG9CQUFvQixFQUFFLENBQUM7UUFDMUIsT0FBTTtJQUNSLENBQUM7SUFFRCxNQUFNLFVBQVUsR0FBRyxHQUFHLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FDbEMsMENBQXVCLENBQ3hCLENBQUE7SUFFRCxNQUFNLGtCQUFrQixHQUFHLE1BQU0sVUFBVSxDQUFDLG1DQUFtQyxDQUM3RSxHQUFHLENBQUMsS0FBK0IsRUFDbkMsVUFBVSxDQUNYLENBQUE7SUFFRCxNQUFNLFlBQVksR0FDaEIsVUFBVSxLQUFLLE9BQU87UUFDdEIsQ0FBQyxVQUFVLEtBQUssTUFBTSxJQUFJLFlBQVksS0FBSyxPQUFPLENBQUMsQ0FBQTtJQUVyRCxNQUFNLFlBQVksR0FDaEIsVUFBVSxLQUFLLE9BQU87UUFDdEIsQ0FBQyxVQUFVLEtBQUssTUFBTSxJQUFJLFlBQVksS0FBSyxPQUFPLENBQUMsQ0FBQTtJQUVyRCxJQUFJLFlBQVksSUFBSSxDQUFDLGtCQUFrQixDQUFDLGNBQWMsRUFBRSxDQUFDO1FBQ3ZELE1BQU0sSUFBSSxtQkFBVyxDQUNuQixtQkFBVyxDQUFDLEtBQUssQ0FBQyxZQUFZLEVBQzlCLHFCQUFxQixDQUN0QixDQUFBO0lBQ0gsQ0FBQztJQUVELElBQUksWUFBWSxJQUFJLENBQUMsa0JBQWtCLENBQUMsY0FBYyxFQUFFLENBQUM7UUFDdkQsTUFBTSxJQUFJLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsaUNBQXlCLENBQUMsYUFBYSxDQUFDLENBQUE7UUFDdkUsTUFBTSxHQUFHLEdBQUcsTUFBTSxJQUFJLENBQUMsR0FBRyxDQUN4Qix1RkFBdUYsRUFDdkYsQ0FBQyxVQUFVLENBQUMsQ0FDYixDQUFBO1FBQ0QsTUFBTSxZQUFZLEdBQ2hCLENBQUMsR0FBRyxDQUFDLElBQUksRUFBRSxDQUFDLENBQUMsQ0FBQyxJQUFJLEdBQUcsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQyxDQUFDLEVBQUUsYUFBYSxJQUFJLElBQUksQ0FBQTtRQUV2RCxPQUFPLENBQUMsS0FBSyxDQUFDLG9DQUFvQyxFQUFFO1lBQ2xELFFBQVE7WUFDUixVQUFVO1NBQ1gsQ0FBQyxDQUFBO1FBRUYsTUFBTSxJQUFJLG1CQUFXLENBQ25CLG1CQUFXLENBQUMsS0FBSyxDQUFDLFlBQVksRUFDOUIsWUFBWTtZQUNWLENBQUMsQ0FBQyw4RUFBOEU7WUFDaEYsQ0FBQyxDQUFDLHFCQUFxQixDQUMxQixDQUFBO0lBQ0gsQ0FBQztBQUNILENBQUMifQ==

package/.medusa/server/src/api/auth/customer/shared/parse-register-body.js ADDED Viewed

@@ -0,0 +1,58 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.parseCustomerRegisterBody = parseCustomerRegisterBody;
+const utils_1 = require("@medusajs/framework/utils");
+function nonEmptyString(value) {
+    if (typeof value !== "string") {
+        return undefined;
+    }
+    const t = value.trim();
+    return t.length > 0 ? t : undefined;
+}
+/**
+ * Chooses email vs phone registration from the JSON body and enforces `registration.identifier`.
+ * Requires `password` (non-empty string). For `"both"`, only `email` + `password` is allowed (no phone-only; no extra phone field).
+ */
+function parseCustomerRegisterBody(body, registrationIdentifier) {
+    const record = body !== null && typeof body === "object"
+        ? body
+        : {};
+    const password = nonEmptyString(record.password);
+    if (!password) {
+        throw new utils_1.MedusaError(utils_1.MedusaError.Types.INVALID_DATA, "Password is required.");
+    }
+    const email = nonEmptyString(record.email);
+    const phone = nonEmptyString(record.phone);
+    if (registrationIdentifier === "both") {
+        if (phone && !email) {
+            throw new utils_1.MedusaError(utils_1.MedusaError.Types.INVALID_DATA, "Registration with email and password is required first. Use email and password only on this step.");
+        }
+        if (!email) {
+            throw new utils_1.MedusaError(utils_1.MedusaError.Types.INVALID_DATA, "Email and password are required.");
+        }
+        if (phone) {
+            throw new utils_1.MedusaError(utils_1.MedusaError.Types.INVALID_DATA, "Provide only email and password. Add your phone when creating the customer.");
+        }
+        return { mode: "email" };
+    }
+    if (email && phone) {
+        throw new utils_1.MedusaError(utils_1.MedusaError.Types.INVALID_DATA, "Provide either email or phone, not both.");
+    }
+    if (!email && !phone) {
+        throw new utils_1.MedusaError(utils_1.MedusaError.Types.INVALID_DATA, "Either email or phone is required.");
+    }
+    if (registrationIdentifier === "email") {
+        if (phone && !email) {
+            throw new utils_1.MedusaError(utils_1.MedusaError.Types.INVALID_DATA, "Phone registration is not enabled for this store. Register with your email.");
+        }
+        return { mode: "email" };
+    }
+    if (registrationIdentifier === "phone") {
+        if (email && !phone) {
+            throw new utils_1.MedusaError(utils_1.MedusaError.Types.INVALID_DATA, "Email registration is not enabled for this store. Register with your phone number.");
+        }
+        return { mode: "phone" };
+    }
+    throw new utils_1.MedusaError(utils_1.MedusaError.Types.INVALID_DATA, "Invalid registration configuration.");
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicGFyc2UtcmVnaXN0ZXItYm9keS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uLy4uLy4uLy4uL3NyYy9hcGkvYXV0aC9jdXN0b21lci9zaGFyZWQvcGFyc2UtcmVnaXN0ZXItYm9keS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQW9CQSw4REFnRkM7QUFwR0QscURBQXVEO0FBUXZELFNBQVMsY0FBYyxDQUFDLEtBQWM7SUFDcEMsSUFBSSxPQUFPLEtBQUssS0FBSyxRQUFRLEVBQUUsQ0FBQztRQUM5QixPQUFPLFNBQVMsQ0FBQTtJQUNsQixDQUFDO0lBQ0QsTUFBTSxDQUFDLEdBQUcsS0FBSyxDQUFDLElBQUksRUFBRSxDQUFBO0lBQ3RCLE9BQU8sQ0FBQyxDQUFDLE1BQU0sR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsU0FBUyxDQUFBO0FBQ3JDLENBQUM7QUFFRDs7O0dBR0c7QUFDSCxTQUFnQix5QkFBeUIsQ0FDdkMsSUFBYSxFQUNiLHNCQUFvRDtJQUVwRCxNQUFNLE1BQU0sR0FDVixJQUFJLEtBQUssSUFBSSxJQUFJLE9BQU8sSUFBSSxLQUFLLFFBQVE7UUFDdkMsQ0FBQyxDQUFFLElBQWdDO1FBQ25DLENBQUMsQ0FBQyxFQUFFLENBQUE7SUFFUixNQUFNLFFBQVEsR0FBRyxjQUFjLENBQUMsTUFBTSxDQUFDLFFBQVEsQ0FBQyxDQUFBO0lBQ2hELElBQUksQ0FBQyxRQUFRLEVBQUUsQ0FBQztRQUNkLE1BQU0sSUFBSSxtQkFBVyxDQUNuQixtQkFBVyxDQUFDLEtBQUssQ0FBQyxZQUFZLEVBQzlCLHVCQUF1QixDQUN4QixDQUFBO0lBQ0gsQ0FBQztJQUVELE1BQU0sS0FBSyxHQUFHLGNBQWMsQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUE7SUFDMUMsTUFBTSxLQUFLLEdBQUcsY0FBYyxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsQ0FBQTtJQUUxQyxJQUFJLHNCQUFzQixLQUFLLE1BQU0sRUFBRSxDQUFDO1FBQ3RDLElBQUksS0FBSyxJQUFJLENBQUMsS0FBSyxFQUFFLENBQUM7WUFDcEIsTUFBTSxJQUFJLG1CQUFXLENBQ25CLG1CQUFXLENBQUMsS0FBSyxDQUFDLFlBQVksRUFDOUIsbUdBQW1HLENBQ3BHLENBQUE7UUFDSCxDQUFDO1FBQ0QsSUFBSSxDQUFDLEtBQUssRUFBRSxDQUFDO1lBQ1gsTUFBTSxJQUFJLG1CQUFXLENBQ25CLG1CQUFXLENBQUMsS0FBSyxDQUFDLFlBQVksRUFDOUIsa0NBQWtDLENBQ25DLENBQUE7UUFDSCxDQUFDO1FBQ0QsSUFBSSxLQUFLLEVBQUUsQ0FBQztZQUNWLE1BQU0sSUFBSSxtQkFBVyxDQUNuQixtQkFBVyxDQUFDLEtBQUssQ0FBQyxZQUFZLEVBQzlCLDZFQUE2RSxDQUM5RSxDQUFBO1FBQ0gsQ0FBQztRQUNELE9BQU8sRUFBRSxJQUFJLEVBQUUsT0FBTyxFQUFFLENBQUE7SUFDMUIsQ0FBQztJQUVELElBQUksS0FBSyxJQUFJLEtBQUssRUFBRSxDQUFDO1FBQ25CLE1BQU0sSUFBSSxtQkFBVyxDQUNuQixtQkFBVyxDQUFDLEtBQUssQ0FBQyxZQUFZLEVBQzlCLDBDQUEwQyxDQUMzQyxDQUFBO0lBQ0gsQ0FBQztJQUVELElBQUksQ0FBQyxLQUFLLElBQUksQ0FBQyxLQUFLLEVBQUUsQ0FBQztRQUNyQixNQUFNLElBQUksbUJBQVcsQ0FDbkIsbUJBQVcsQ0FBQyxLQUFLLENBQUMsWUFBWSxFQUM5QixvQ0FBb0MsQ0FDckMsQ0FBQTtJQUNILENBQUM7SUFFRCxJQUFJLHNCQUFzQixLQUFLLE9BQU8sRUFBRSxDQUFDO1FBQ3ZDLElBQUksS0FBSyxJQUFJLENBQUMsS0FBSyxFQUFFLENBQUM7WUFDcEIsTUFBTSxJQUFJLG1CQUFXLENBQ25CLG1CQUFXLENBQUMsS0FBSyxDQUFDLFlBQVksRUFDOUIsNkVBQTZFLENBQzlFLENBQUE7UUFDSCxDQUFDO1FBQ0QsT0FBTyxFQUFFLElBQUksRUFBRSxPQUFPLEVBQUUsQ0FBQTtJQUMxQixDQUFDO0lBRUQsSUFBSSxzQkFBc0IsS0FBSyxPQUFPLEVBQUUsQ0FBQztRQUN2QyxJQUFJLEtBQUssSUFBSSxDQUFDLEtBQUssRUFBRSxDQUFDO1lBQ3BCLE1BQU0sSUFBSSxtQkFBVyxDQUNuQixtQkFBVyxDQUFDLEtBQUssQ0FBQyxZQUFZLEVBQzlCLG9GQUFvRixDQUNyRixDQUFBO1FBQ0gsQ0FBQztRQUNELE9BQU8sRUFBRSxJQUFJLEVBQUUsT0FBTyxFQUFFLENBQUE7SUFDMUIsQ0FBQztJQUVELE1BQU0sSUFBSSxtQkFBVyxDQUNuQixtQkFBVyxDQUFDLEtBQUssQ0FBQyxZQUFZLEVBQzlCLHFDQUFxQyxDQUN0QyxDQUFBO0FBQ0gsQ0FBQyJ9

package/.medusa/server/vitest.config.mjs ADDED Viewed

@@ -0,0 +1,8 @@
+import { defineConfig } from "vitest/config";
+export default defineConfig({
+    test: {
+        include: ["src/**/*.test.ts"],
+        exclude: ["node_modules", ".medusa/**", ".medusa/server/**"],
+    },
+});
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidml0ZXN0LmNvbmZpZy5tanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi92aXRlc3QuY29uZmlnLm10cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEVBQUUsWUFBWSxFQUFFLE1BQU0sZUFBZSxDQUFBO0FBRTVDLGVBQWUsWUFBWSxDQUFDO0lBQzFCLElBQUksRUFBRTtRQUNKLE9BQU8sRUFBRSxDQUFDLGtCQUFrQixDQUFDO1FBQzdCLE9BQU8sRUFBRSxDQUFDLGNBQWMsRUFBRSxZQUFZLEVBQUUsbUJBQW1CLENBQUM7S0FDN0Q7Q0FDRixDQUFDLENBQUEifQ==

package/README.md CHANGED Viewed

@@ -13,7 +13,8 @@ A comprehensive Medusa v2 plugin that provides OTP-based verification for email
 - **Throttling & Rate Limiting**: Built-in protection against OTP spam
 - **Database Migrations**: Automatic schema updates for verification columns
 - **Account Deletion Request Flow**: Two-step OTP flow to request and confirm account deletion with optional cancel flow
-- **Phone + unified login**: `phonepass` provider for **registering** with phone + password (`POST /auth/customer/phonepass`); **login** is always `POST /auth/customer/emailpass` with `{ phone, password }` or `{ email, password }` depending on `login.identifier`
+- **Unified registration & login**: **`POST /auth/customer/emailpass/register`** creates an **emailpass** or **phonepass** identity (from JSON body + `registration.identifier`); **`POST /auth/customer/emailpass`** logs in with `{ email, password }` or `{ phone, password }` per `login.identifier`
+- **Per-channel OTP at login**: When `registration.identifier` is **`"both"`** and `require_verification` is on, **email login** only requires **email** verified; **phone login** only requires **phone** verified — you can use either method after completing that channel’s OTP
 - **Authenticated Contact Change**: Dedicated OTP-verified routes for updating phone or email — new value is embedded in the signed JWT, no metadata staging required
 ## Quick Start
@@ -77,8 +78,6 @@ npx medusa db:migrate
 4. **Use the API** — see [API Endpoints](#api-endpoints) below.
-📖 **For complete documentation, see [USAGE.md](./USAGE.md)**
 ---
 ## Installation
@@ -135,7 +134,21 @@ Controls which auth providers are accepted at login. Defaults to `registration.i
 | `"phone"` | Same endpoint with `{ "phone", "password" }` only |
 | `"both"` | Same endpoint; **either** email **or** phone (not both) plus `password` in the JSON body |
-All of the above use the **same URL**; there is no separate `/auth/customer/phonepass` **login** route in this plugin.
+Login always uses **`POST /auth/customer/emailpass`** (single URL). There is **no** `/auth/customer/phonepass` route; phone registration uses the same **`POST /auth/customer/emailpass/register`** as email registration.
+Credentials are normally sent in the **JSON body**; the same keys can be supplied on the **query string** for missing fields (see `buildUnifiedLoginAuthData`) — prefer **body** for passwords.
+### `require_verification` and login
+When **`registration.require_verification`** is **`true`** (default), login checks OTP flags **for the credential you use** (see [`enforce-registration-verification.ts`](src/api/auth/customer/shared/enforce-registration-verification.ts)):
+- **`registration.identifier: "email"`** — signing in with **email** requires **`email_verified`**.
+- **`registration.identifier: "phone"`** — signing in with **phone** requires **`phone_verified`**.
+- **`registration.identifier: "both"`** — signing in with **email** requires **`email_verified`** only (phone may still be unverified). Signing in with **phone** requires **`phone_verified`** only (email may still be unverified).
+So with **`both`**, a customer can **log in with email** after email OTP even if **phone** OTP is still pending, and the reverse for phone login.
+When **`require_verification`** is **`false`**, these checks are skipped.
 ### Full options reference
@@ -227,13 +240,12 @@ POST /store/customers/otp/verify
 ### Login & registration (customer auth)
-Implementation lives under [`src/api/auth/customer/`](src/api/auth/customer/): **`emailpass/`** (login + password reset), **`phonepass/`** (phone **registration** only), **`shared/`** (unified login: parse body, merge body/query for `AuthenticationInput`, verification, JWT).
+Implementation lives under [`src/api/auth/customer/`](src/api/auth/customer/): **`emailpass/`** (login, **register**, password reset), **`shared/`** (credential parsing, verification, JWT helpers).
 | Endpoint | Method | Description |
 |---|---|---|
-| `/auth/customer/emailpass` | POST | **Login.** JSON: `password` plus **exactly one** of `email` or `phone` (XOR), validated against `login.identifier`. Handler: [`emailpass/route.ts`](src/api/auth/customer/emailpass/route.ts) → [`handleCustomerLogin`](src/api/auth/customer/shared/customer-login-post.ts). |
-| `/auth/customer/emailpass/register` | POST | Create **emailpass** identity (standard Medusa auth route; use when registering with email). |
-| `/auth/customer/phonepass` | POST | Create **phonepass** identity only — [`phonepass/route.ts`](src/api/auth/customer/phonepass/route.ts). Returns a short-lived JWT for `POST /store/customers`. **Not** used for login. |
+| `/auth/customer/emailpass/register` | POST | **Register.** JSON: `password` plus identifier per `registration.identifier` — **`email`** only for `"email"` and `"both"` (for `"both"`, phone is added on `POST /store/customers`); **`phone`** only for `"phone"`. Dispatches to `register("emailpass")` or `register("phonepass")`. Response: `{ "token" }` (pre-customer JWT). See [`emailpass/register/route.ts`](src/api/auth/customer/emailpass/register/route.ts), [`parse-register-body.ts`](src/api/auth/customer/shared/parse-register-body.ts), [`complete-registration-token.ts`](src/api/auth/customer/shared/complete-registration-token.ts). |
+| `/auth/customer/emailpass` | POST | **Login.** JSON: `password` plus **exactly one** of `email` or `phone` (XOR), validated against `login.identifier`. Optional query params can fill missing keys (body wins). [`emailpass/route.ts`](src/api/auth/customer/emailpass/route.ts) → [`handleCustomerLogin`](src/api/auth/customer/shared/customer-login-post.ts). |
 Password reset URLs are unchanged; see [Password Reset](#password-reset).
@@ -416,8 +428,8 @@ export default defineConfig({
 ### 2. Registration flow
 ```bash
-# Step 1 — create phonepass auth identity
-POST /auth/customer/phonepass
+# Step 1 — create phonepass auth identity (unified register URL)
+POST /auth/customer/emailpass/register
 { "phone": "+15551234567", "password": "SecretPass1!" }
 # Response: { "token": "<pre-customer jwt>" }
@@ -524,12 +536,11 @@ await completePasswordReset(
 - Node.js >= 20
 - Notification module configured with at least one provider (email/SMS)
 - Database migrations applied (`npx medusa db:migrate`)
-- `phonepass` provider registered in auth module (required when `registration.identifier` is `"phone"` or `"both"`)
+- **`phonepass`** auth provider registered in `medusa-config` (required when customers can **register** or **log in** with phone — i.e. `registration.identifier` and/or `login.identifier` is `"phone"` or `"both"`)
 ## Documentation
-- **[USAGE.md](./USAGE.md)** — Complete usage guide with examples
-- **[README.md](./README.md)** — This file (overview and quick start)
+This **README** is the main overview: configuration, auth routes, OTP behaviour, and API tables.
 ## Development

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "customer-registration",
-  "version": "0.0.115",
+  "version": "0.0.116",
   "description": "Medusa plugin that overrides store customer registration, enforces email/phone verification flags, and provides OTP management module.",
   "author": "Medusa (https://medusajs.com)",
   "license": "MIT",

package/.medusa/server/src/api/auth/customer/phonepass/route.js DELETED Viewed

@@ -1,50 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.POST = void 0;
-const utils_1 = require("@medusajs/framework/utils");
-const generate_jwt_token_1 = require("@medusajs/medusa/api/auth/utils/generate-jwt-token");
-/**
- * Register a new customer with phone + password.
- *
- * On success the caller receives a short-lived JWT token. Use it as the
- * Bearer token when calling `POST /store/customers` to create the customer
- * record and link it to this auth identity.
- */
-const POST = async (req, res) => {
-    const config = req.scope.resolve(utils_1.ContainerRegistrationKeys.CONFIG_MODULE);
-    const service = req.scope.resolve(utils_1.Modules.AUTH);
-    const authData = {
-        url: req.url,
-        headers: req.headers,
-        query: req.query,
-        body: req.body,
-        protocol: req.protocol,
-    };
-    const { success, error, authIdentity } = await service.register("phonepass", authData);
-    if (!success || !authIdentity) {
-        throw new utils_1.MedusaError(utils_1.MedusaError.Types.INVALID_DATA, error || "Registration failed");
-    }
-    const { http } = config.projectConfig;
-    if (!http.jwtSecret) {
-        throw new utils_1.MedusaError(utils_1.MedusaError.Types.INVALID_DATA, "JWT secret is not configured");
-    }
-    let token;
-    try {
-        token = await (0, generate_jwt_token_1.generateJwtTokenForAuthIdentity)({
-            authIdentity,
-            actorType: "customer",
-        }, {
-            secret: http.jwtSecret,
-            expiresIn: http.jwtExpiresIn || "7d",
-        });
-    }
-    catch (jwtError) {
-        throw new utils_1.MedusaError(utils_1.MedusaError.Types.UNEXPECTED_STATE, `JWT generation failed: ${jwtError instanceof Error ? jwtError.message : "Unknown error"}`);
-    }
-    if (!token || typeof token !== "string") {
-        throw new utils_1.MedusaError(utils_1.MedusaError.Types.UNEXPECTED_STATE, "Failed to generate registration token");
-    }
-    return res.status(200).json({ token });
-};
-exports.POST = POST;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm91dGUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi8uLi9zcmMvYXBpL2F1dGgvY3VzdG9tZXIvcGhvbmVwYXNzL3JvdXRlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUVBLHFEQUlrQztBQUNsQywyRkFBb0c7QUFFcEc7Ozs7OztHQU1HO0FBQ0ksTUFBTSxJQUFJLEdBQUcsS0FBSyxFQUFFLEdBQWtCLEVBQUUsR0FBbUIsRUFBRSxFQUFFO0lBQ3BFLE1BQU0sTUFBTSxHQUFHLEdBQUcsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLGlDQUF5QixDQUFDLGFBQWEsQ0FBQyxDQUFBO0lBQ3pFLE1BQU0sT0FBTyxHQUFHLEdBQUcsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLGVBQU8sQ0FBQyxJQUFJLENBQUMsQ0FBQTtJQUUvQyxNQUFNLFFBQVEsR0FBRztRQUNmLEdBQUcsRUFBRSxHQUFHLENBQUMsR0FBRztRQUNaLE9BQU8sRUFBRSxHQUFHLENBQUMsT0FBTztRQUNwQixLQUFLLEVBQUUsR0FBRyxDQUFDLEtBQUs7UUFDaEIsSUFBSSxFQUFFLEdBQUcsQ0FBQyxJQUFJO1FBQ2QsUUFBUSxFQUFFLEdBQUcsQ0FBQyxRQUFRO0tBQ0EsQ0FBQTtJQUV4QixNQUFNLEVBQUUsT0FBTyxFQUFFLEtBQUssRUFBRSxZQUFZLEVBQUUsR0FBRyxNQUFNLE9BQU8sQ0FBQyxRQUFRLENBQzdELFdBQVcsRUFDWCxRQUFRLENBQ1QsQ0FBQTtJQUVELElBQUksQ0FBQyxPQUFPLElBQUksQ0FBQyxZQUFZLEVBQUUsQ0FBQztRQUM5QixNQUFNLElBQUksbUJBQVcsQ0FDbkIsbUJBQVcsQ0FBQyxLQUFLLENBQUMsWUFBWSxFQUM5QixLQUFLLElBQUkscUJBQXFCLENBQy9CLENBQUE7SUFDSCxDQUFDO0lBRUQsTUFBTSxFQUFFLElBQUksRUFBRSxHQUFHLE1BQU0sQ0FBQyxhQUFhLENBQUE7SUFFckMsSUFBSSxDQUFDLElBQUksQ0FBQyxTQUFTLEVBQUUsQ0FBQztRQUNwQixNQUFNLElBQUksbUJBQVcsQ0FDbkIsbUJBQVcsQ0FBQyxLQUFLLENBQUMsWUFBWSxFQUM5Qiw4QkFBOEIsQ0FDL0IsQ0FBQTtJQUNILENBQUM7SUFFRCxJQUFJLEtBQXlCLENBQUE7SUFDN0IsSUFBSSxDQUFDO1FBQ0gsS0FBSyxHQUFHLE1BQU0sSUFBQSxvREFBK0IsRUFDM0M7WUFDRSxZQUFZO1lBQ1osU0FBUyxFQUFFLFVBQVU7U0FDdEIsRUFDRDtZQUNFLE1BQU0sRUFBRSxJQUFJLENBQUMsU0FBUztZQUN0QixTQUFTLEVBQUUsSUFBSSxDQUFDLFlBQVksSUFBSSxJQUFJO1NBQ3JDLENBQ0YsQ0FBQTtJQUNILENBQUM7SUFBQyxPQUFPLFFBQVEsRUFBRSxDQUFDO1FBQ2xCLE1BQU0sSUFBSSxtQkFBVyxDQUNuQixtQkFBVyxDQUFDLEtBQUssQ0FBQyxnQkFBZ0IsRUFDbEMsMEJBQTBCLFFBQVEsWUFBWSxLQUFLLENBQUMsQ0FBQyxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLGVBQWUsRUFBRSxDQUMzRixDQUFBO0lBQ0gsQ0FBQztJQUVELElBQUksQ0FBQyxLQUFLLElBQUksT0FBTyxLQUFLLEtBQUssUUFBUSxFQUFFLENBQUM7UUFDeEMsTUFBTSxJQUFJLG1CQUFXLENBQ25CLG1CQUFXLENBQUMsS0FBSyxDQUFDLGdCQUFnQixFQUNsQyx1Q0FBdUMsQ0FDeEMsQ0FBQTtJQUNILENBQUM7SUFFRCxPQUFPLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDLEVBQUUsS0FBSyxFQUFFLENBQUMsQ0FBQTtBQUN4QyxDQUFDLENBQUE7QUE1RFksUUFBQSxJQUFJLFFBNERoQiJ9