npm - dineway - Versions diffs - 0.1.25 → 0.1.26 - Mend

dineway 0.1.25 → 0.1.26

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (350) hide show

package/dist/astro/routes/api/auth/invite/complete.mjs CHANGED Viewed

@@ -1,14 +1,14 @@
 import { t as OptionsRepository } from "../../../../../options-BF11H_FD.mjs";
-import "../../../../../context-types-BWspNMDr.mjs";
-import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../error-Dyf9fGZE.mjs";
-import { n as parseBody, t as isParseError } from "../../../../../parse-BBfZRZYb.mjs";
-import "../../../../../redirects-BO0fI750.mjs";
-import { c as inviteCompleteBody } from "../../../../../import-BO_gy5vZ.mjs";
+import "../../../../../context-types-BrSQNye5.mjs";
+import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../error-DLkgOP5m.mjs";
+import { n as parseBody, t as isParseError } from "../../../../../parse-D7Tu6ku4.mjs";
+import "../../../../../redirects-CoYlqu8e.mjs";
+import { c as inviteCompleteBody } from "../../../../../import-DQ4Rfh5h.mjs";
 import "../../../../../api/schemas/index.mjs";
-import { n as getPublicOrigin } from "../../../../../public-url-DuRGs0uF.mjs";
-import { n as validateAllowedOrigins, t as getConfiguredAllowedOrigins } from "../../../../../allowed-origins-3nAx5Xeo.mjs";
-import { n as createChallengeStore } from "../../../../../challenge-store-B9odzfeh.mjs";
-import { t as getPasskeyConfig } from "../../../../../passkey-config-CDew7KVU.mjs";
+import { n as getPublicOrigin } from "../../../../../public-url-BL2r8dmQ.mjs";
+import { n as validateAllowedOrigins, t as getConfiguredAllowedOrigins } from "../../../../../allowed-origins-3RuuoFjC.mjs";
+import { n as createChallengeStore } from "../../../../../challenge-store-cJam-E5R.mjs";
+import { t as getPasskeyConfig } from "../../../../../passkey-config-AX4sjpQ4.mjs";
 import { createKyselyAdapter } from "@dineway-ai/auth/adapters/kysely";
 import { InviteError, completeInvite } from "@dineway-ai/auth";
 import { registerPasskey, verifyRegistrationResponse } from "@dineway-ai/auth/passkey";

package/dist/astro/routes/api/auth/invite/index.mjs CHANGED Viewed

@@ -1,11 +1,11 @@
 import { t as OptionsRepository } from "../../../../../options-BF11H_FD.mjs";
-import "../../../../../context-types-BWspNMDr.mjs";
-import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../error-Dyf9fGZE.mjs";
-import { n as parseBody, t as isParseError } from "../../../../../parse-BBfZRZYb.mjs";
-import "../../../../../redirects-BO0fI750.mjs";
-import { l as inviteCreateBody } from "../../../../../import-BO_gy5vZ.mjs";
+import "../../../../../context-types-BrSQNye5.mjs";
+import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../error-DLkgOP5m.mjs";
+import { n as parseBody, t as isParseError } from "../../../../../parse-D7Tu6ku4.mjs";
+import "../../../../../redirects-CoYlqu8e.mjs";
+import { l as inviteCreateBody } from "../../../../../import-DQ4Rfh5h.mjs";
 import "../../../../../api/schemas/index.mjs";
-import { t as getSiteBaseUrl } from "../../../../../site-url-BketXXft.mjs";
+import { t as getSiteBaseUrl } from "../../../../../site-url-C18yBhtv.mjs";
 import { createKyselyAdapter } from "@dineway-ai/auth/adapters/kysely";
 import { InviteError, Role, createInvite } from "@dineway-ai/auth";

package/dist/astro/routes/api/auth/invite/register-options.mjs CHANGED Viewed

@@ -1,13 +1,13 @@
 import { t as OptionsRepository } from "../../../../../options-BF11H_FD.mjs";
-import "../../../../../context-types-BWspNMDr.mjs";
-import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../error-Dyf9fGZE.mjs";
-import { n as parseBody, t as isParseError } from "../../../../../parse-BBfZRZYb.mjs";
-import "../../../../../redirects-BO0fI750.mjs";
-import { u as inviteRegisterOptionsBody } from "../../../../../import-BO_gy5vZ.mjs";
+import "../../../../../context-types-BrSQNye5.mjs";
+import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../error-DLkgOP5m.mjs";
+import { n as parseBody, t as isParseError } from "../../../../../parse-D7Tu6ku4.mjs";
+import "../../../../../redirects-CoYlqu8e.mjs";
+import { u as inviteRegisterOptionsBody } from "../../../../../import-DQ4Rfh5h.mjs";
 import "../../../../../api/schemas/index.mjs";
-import { n as getPublicOrigin } from "../../../../../public-url-DuRGs0uF.mjs";
-import { n as createChallengeStore } from "../../../../../challenge-store-B9odzfeh.mjs";
-import { t as getPasskeyConfig } from "../../../../../passkey-config-CDew7KVU.mjs";
+import { n as getPublicOrigin } from "../../../../../public-url-BL2r8dmQ.mjs";
+import { n as createChallengeStore } from "../../../../../challenge-store-cJam-E5R.mjs";
+import { t as getPasskeyConfig } from "../../../../../passkey-config-AX4sjpQ4.mjs";
 import { ulid } from "ulidx";
 import { createKyselyAdapter } from "@dineway-ai/auth/adapters/kysely";
 import { InviteError, validateInvite } from "@dineway-ai/auth";

package/dist/astro/routes/api/auth/logout.mjs CHANGED Viewed

@@ -1,5 +1,5 @@
-import { n as apiSuccess, r as handleError } from "../../../../error-Dyf9fGZE.mjs";
-import { t as isSafeRedirect } from "../../../../redirect-CbEyClKc.mjs";
+import { n as apiSuccess, r as handleError } from "../../../../error-DLkgOP5m.mjs";
+import { t as isSafeRedirect } from "../../../../redirect-Ce_6Yb6z.mjs";
 //#region src/astro/routes/api/auth/logout.ts
 const prerender = false;

package/dist/astro/routes/api/auth/magic-link/send.mjs CHANGED Viewed

@@ -1,13 +1,13 @@
 import { t as OptionsRepository } from "../../../../../options-BF11H_FD.mjs";
-import "../../../../../context-types-BWspNMDr.mjs";
-import { n as apiSuccess, t as apiError } from "../../../../../error-Dyf9fGZE.mjs";
-import { n as parseBody, t as isParseError } from "../../../../../parse-BBfZRZYb.mjs";
-import "../../../../../redirects-BO0fI750.mjs";
-import { d as magicLinkSendBody } from "../../../../../import-BO_gy5vZ.mjs";
+import "../../../../../context-types-BrSQNye5.mjs";
+import { n as apiSuccess, t as apiError } from "../../../../../error-DLkgOP5m.mjs";
+import { n as parseBody, t as isParseError } from "../../../../../parse-D7Tu6ku4.mjs";
+import "../../../../../redirects-CoYlqu8e.mjs";
+import { d as magicLinkSendBody } from "../../../../../import-DQ4Rfh5h.mjs";
 import "../../../../../api/schemas/index.mjs";
-import { t as getTrustedProxyHeaders } from "../../../../../trusted-proxy-8N8sX1D1.mjs";
-import { t as getSiteBaseUrl } from "../../../../../site-url-BketXXft.mjs";
-import { n as getClientIp, t as checkRateLimit } from "../../../../../rate-limit-5ZeKz7oo.mjs";
+import { t as getTrustedProxyHeaders } from "../../../../../trusted-proxy-Bbm6PLR6.mjs";
+import { t as getSiteBaseUrl } from "../../../../../site-url-C18yBhtv.mjs";
+import { n as getClientIp, t as checkRateLimit } from "../../../../../rate-limit-BWP_kKiZ.mjs";
 import { createKyselyAdapter } from "@dineway-ai/auth/adapters/kysely";
 import { sendMagicLink } from "@dineway-ai/auth";

package/dist/astro/routes/api/auth/magic-link/verify.mjs CHANGED Viewed

@@ -1,5 +1,5 @@
-import { t as apiError } from "../../../../../error-Dyf9fGZE.mjs";
-import { t as isSafeRedirect } from "../../../../../redirect-CbEyClKc.mjs";
+import { t as apiError } from "../../../../../error-DLkgOP5m.mjs";
+import { t as isSafeRedirect } from "../../../../../redirect-Ce_6Yb6z.mjs";
 import { createKyselyAdapter } from "@dineway-ai/auth/adapters/kysely";
 import { MagicLinkError, verifyMagicLink } from "@dineway-ai/auth";

package/dist/astro/routes/api/auth/me.mjs CHANGED Viewed

@@ -1,8 +1,9 @@
-import "../../../../context-types-BWspNMDr.mjs";
-import { n as apiSuccess, t as apiError } from "../../../../error-Dyf9fGZE.mjs";
-import { n as parseBody, t as isParseError } from "../../../../parse-BBfZRZYb.mjs";
-import "../../../../redirects-BO0fI750.mjs";
-import { s as authMeActionBody } from "../../../../import-BO_gy5vZ.mjs";
+import { t as OptionsRepository } from "../../../../options-BF11H_FD.mjs";
+import "../../../../context-types-BrSQNye5.mjs";
+import { n as apiSuccess, t as apiError } from "../../../../error-DLkgOP5m.mjs";
+import { n as parseBody, t as isParseError } from "../../../../parse-D7Tu6ku4.mjs";
+import "../../../../redirects-CoYlqu8e.mjs";
+import { s as authMeActionBody } from "../../../../import-DQ4Rfh5h.mjs";
 import "../../../../api/schemas/index.mjs";
 //#region src/astro/routes/api/auth/me.ts
@@ -11,13 +12,16 @@ const GET = async ({ locals, session }) => {
 	const { user } = locals;
 	if (!user) return apiError("NOT_AUTHENTICATED", "Not authenticated", 401);
 	const isFirstLogin = !await session?.get("hasSeenWelcome");
+	let bootstrapSeeded = false;
+	if (locals.dineway?.db) bootstrapSeeded = !!await new OptionsRepository(locals.dineway.db).get("dineway:bootstrap_seeded_at");
 	return apiSuccess({
 		id: user.id,
 		email: user.email,
 		name: user.name,
 		role: user.role,
 		avatarUrl: user.avatarUrl,
-		isFirstLogin
+		isFirstLogin,
+		bootstrapSeeded
 	});
 };
 /**

package/dist/astro/routes/api/auth/mode.mjs CHANGED Viewed

@@ -1,4 +1,4 @@
-import { t as getAuthMode } from "../../../../mode-BI1kRvlT.mjs";
+import { t as getAuthMode } from "../../../../mode-Bd55iLcP.mjs";
 import { sql } from "kysely";
 //#region src/astro/routes/api/auth/mode.ts

package/dist/astro/routes/api/auth/oauth/_provider_/callback.mjs CHANGED Viewed

@@ -1,5 +1,5 @@
-import { n as getPublicOrigin } from "../../../../../../public-url-DuRGs0uF.mjs";
-import { t as createOAuthStateStore } from "../../../../../../oauth-state-store-DZs1UZwT.mjs";
+import { n as getPublicOrigin } from "../../../../../../public-url-BL2r8dmQ.mjs";
+import { t as createOAuthStateStore } from "../../../../../../oauth-state-store-BRSUEkmx.mjs";
 import { createKyselyAdapter } from "@dineway-ai/auth/adapters/kysely";
 import { OAuthError, Role, handleOAuthCallback } from "@dineway-ai/auth";

package/dist/astro/routes/api/auth/oauth/_provider_.mjs CHANGED Viewed

@@ -1,5 +1,5 @@
-import { n as getPublicOrigin } from "../../../../../public-url-DuRGs0uF.mjs";
-import { t as createOAuthStateStore } from "../../../../../oauth-state-store-DZs1UZwT.mjs";
+import { n as getPublicOrigin } from "../../../../../public-url-BL2r8dmQ.mjs";
+import { t as createOAuthStateStore } from "../../../../../oauth-state-store-BRSUEkmx.mjs";
 import { createAuthorizationUrl } from "@dineway-ai/auth";
 //#region src/astro/routes/api/auth/oauth/[provider].ts

package/dist/astro/routes/api/auth/passkey/_id_.mjs CHANGED Viewed

@@ -1,8 +1,8 @@
-import "../../../../../context-types-BWspNMDr.mjs";
-import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../error-Dyf9fGZE.mjs";
-import { n as parseBody, t as isParseError } from "../../../../../parse-BBfZRZYb.mjs";
-import "../../../../../redirects-BO0fI750.mjs";
-import { h as passkeyRenameBody } from "../../../../../import-BO_gy5vZ.mjs";
+import "../../../../../context-types-BrSQNye5.mjs";
+import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../error-DLkgOP5m.mjs";
+import { n as parseBody, t as isParseError } from "../../../../../parse-D7Tu6ku4.mjs";
+import "../../../../../redirects-CoYlqu8e.mjs";
+import { h as passkeyRenameBody } from "../../../../../import-DQ4Rfh5h.mjs";
 import "../../../../../api/schemas/index.mjs";
 import { createKyselyAdapter } from "@dineway-ai/auth/adapters/kysely";

package/dist/astro/routes/api/auth/passkey/index.mjs CHANGED Viewed

@@ -1,4 +1,4 @@
-import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../error-Dyf9fGZE.mjs";
+import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../error-DLkgOP5m.mjs";
 import { createKyselyAdapter } from "@dineway-ai/auth/adapters/kysely";
 //#region src/astro/routes/api/auth/passkey/index.ts

package/dist/astro/routes/api/auth/passkey/options.mjs CHANGED Viewed

@@ -1,15 +1,15 @@
 import { t as OptionsRepository } from "../../../../../options-BF11H_FD.mjs";
-import "../../../../../context-types-BWspNMDr.mjs";
-import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../error-Dyf9fGZE.mjs";
-import { r as parseOptionalBody, t as isParseError } from "../../../../../parse-BBfZRZYb.mjs";
-import "../../../../../redirects-BO0fI750.mjs";
-import { f as passkeyOptionsBody } from "../../../../../import-BO_gy5vZ.mjs";
+import "../../../../../context-types-BrSQNye5.mjs";
+import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../error-DLkgOP5m.mjs";
+import { r as parseOptionalBody, t as isParseError } from "../../../../../parse-D7Tu6ku4.mjs";
+import "../../../../../redirects-CoYlqu8e.mjs";
+import { f as passkeyOptionsBody } from "../../../../../import-DQ4Rfh5h.mjs";
 import "../../../../../api/schemas/index.mjs";
-import { t as getTrustedProxyHeaders } from "../../../../../trusted-proxy-8N8sX1D1.mjs";
-import { n as getPublicOrigin } from "../../../../../public-url-DuRGs0uF.mjs";
-import { n as createChallengeStore, t as cleanupExpiredChallenges } from "../../../../../challenge-store-B9odzfeh.mjs";
-import { t as getPasskeyConfig } from "../../../../../passkey-config-CDew7KVU.mjs";
-import { n as getClientIp, r as rateLimitResponse, t as checkRateLimit } from "../../../../../rate-limit-5ZeKz7oo.mjs";
+import { t as getTrustedProxyHeaders } from "../../../../../trusted-proxy-Bbm6PLR6.mjs";
+import { n as getPublicOrigin } from "../../../../../public-url-BL2r8dmQ.mjs";
+import { n as createChallengeStore, t as cleanupExpiredChallenges } from "../../../../../challenge-store-cJam-E5R.mjs";
+import { t as getPasskeyConfig } from "../../../../../passkey-config-AX4sjpQ4.mjs";
+import { n as getClientIp, r as rateLimitResponse, t as checkRateLimit } from "../../../../../rate-limit-BWP_kKiZ.mjs";
 import { createKyselyAdapter } from "@dineway-ai/auth/adapters/kysely";
 import { generateAuthenticationOptions } from "@dineway-ai/auth/passkey";

package/dist/astro/routes/api/auth/passkey/register/options.mjs CHANGED Viewed

@@ -1,13 +1,13 @@
 import { t as OptionsRepository } from "../../../../../../options-BF11H_FD.mjs";
-import "../../../../../../context-types-BWspNMDr.mjs";
-import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../../error-Dyf9fGZE.mjs";
-import { r as parseOptionalBody, t as isParseError } from "../../../../../../parse-BBfZRZYb.mjs";
-import "../../../../../../redirects-BO0fI750.mjs";
-import { p as passkeyRegisterOptionsBody } from "../../../../../../import-BO_gy5vZ.mjs";
+import "../../../../../../context-types-BrSQNye5.mjs";
+import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../../error-DLkgOP5m.mjs";
+import { r as parseOptionalBody, t as isParseError } from "../../../../../../parse-D7Tu6ku4.mjs";
+import "../../../../../../redirects-CoYlqu8e.mjs";
+import { p as passkeyRegisterOptionsBody } from "../../../../../../import-DQ4Rfh5h.mjs";
 import "../../../../../../api/schemas/index.mjs";
-import { n as getPublicOrigin } from "../../../../../../public-url-DuRGs0uF.mjs";
-import { n as createChallengeStore } from "../../../../../../challenge-store-B9odzfeh.mjs";
-import { t as getPasskeyConfig } from "../../../../../../passkey-config-CDew7KVU.mjs";
+import { n as getPublicOrigin } from "../../../../../../public-url-BL2r8dmQ.mjs";
+import { n as createChallengeStore } from "../../../../../../challenge-store-cJam-E5R.mjs";
+import { t as getPasskeyConfig } from "../../../../../../passkey-config-AX4sjpQ4.mjs";
 import { createKyselyAdapter } from "@dineway-ai/auth/adapters/kysely";
 import { generateRegistrationOptions } from "@dineway-ai/auth/passkey";

package/dist/astro/routes/api/auth/passkey/register/verify.mjs CHANGED Viewed

@@ -1,14 +1,14 @@
 import { t as OptionsRepository } from "../../../../../../options-BF11H_FD.mjs";
-import "../../../../../../context-types-BWspNMDr.mjs";
-import { n as apiSuccess, t as apiError } from "../../../../../../error-Dyf9fGZE.mjs";
-import { n as parseBody, t as isParseError } from "../../../../../../parse-BBfZRZYb.mjs";
-import "../../../../../../redirects-BO0fI750.mjs";
-import { m as passkeyRegisterVerifyBody } from "../../../../../../import-BO_gy5vZ.mjs";
+import "../../../../../../context-types-BrSQNye5.mjs";
+import { n as apiSuccess, t as apiError } from "../../../../../../error-DLkgOP5m.mjs";
+import { n as parseBody, t as isParseError } from "../../../../../../parse-D7Tu6ku4.mjs";
+import "../../../../../../redirects-CoYlqu8e.mjs";
+import { m as passkeyRegisterVerifyBody } from "../../../../../../import-DQ4Rfh5h.mjs";
 import "../../../../../../api/schemas/index.mjs";
-import { n as getPublicOrigin } from "../../../../../../public-url-DuRGs0uF.mjs";
-import { n as validateAllowedOrigins, t as getConfiguredAllowedOrigins } from "../../../../../../allowed-origins-3nAx5Xeo.mjs";
-import { n as createChallengeStore } from "../../../../../../challenge-store-B9odzfeh.mjs";
-import { t as getPasskeyConfig } from "../../../../../../passkey-config-CDew7KVU.mjs";
+import { n as getPublicOrigin } from "../../../../../../public-url-BL2r8dmQ.mjs";
+import { n as validateAllowedOrigins, t as getConfiguredAllowedOrigins } from "../../../../../../allowed-origins-3RuuoFjC.mjs";
+import { n as createChallengeStore } from "../../../../../../challenge-store-cJam-E5R.mjs";
+import { t as getPasskeyConfig } from "../../../../../../passkey-config-AX4sjpQ4.mjs";
 import { createKyselyAdapter } from "@dineway-ai/auth/adapters/kysely";
 import { registerPasskey, verifyRegistrationResponse } from "@dineway-ai/auth/passkey";

package/dist/astro/routes/api/auth/passkey/verify.mjs CHANGED Viewed

@@ -1,14 +1,14 @@
 import { t as OptionsRepository } from "../../../../../options-BF11H_FD.mjs";
-import "../../../../../context-types-BWspNMDr.mjs";
-import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../error-Dyf9fGZE.mjs";
-import { n as parseBody, t as isParseError } from "../../../../../parse-BBfZRZYb.mjs";
-import "../../../../../redirects-BO0fI750.mjs";
-import { g as passkeyVerifyBody } from "../../../../../import-BO_gy5vZ.mjs";
+import "../../../../../context-types-BrSQNye5.mjs";
+import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../error-DLkgOP5m.mjs";
+import { n as parseBody, t as isParseError } from "../../../../../parse-D7Tu6ku4.mjs";
+import "../../../../../redirects-CoYlqu8e.mjs";
+import { g as passkeyVerifyBody } from "../../../../../import-DQ4Rfh5h.mjs";
 import "../../../../../api/schemas/index.mjs";
-import { n as getPublicOrigin } from "../../../../../public-url-DuRGs0uF.mjs";
-import { n as validateAllowedOrigins, t as getConfiguredAllowedOrigins } from "../../../../../allowed-origins-3nAx5Xeo.mjs";
-import { n as createChallengeStore } from "../../../../../challenge-store-B9odzfeh.mjs";
-import { t as getPasskeyConfig } from "../../../../../passkey-config-CDew7KVU.mjs";
+import { n as getPublicOrigin } from "../../../../../public-url-BL2r8dmQ.mjs";
+import { n as validateAllowedOrigins, t as getConfiguredAllowedOrigins } from "../../../../../allowed-origins-3RuuoFjC.mjs";
+import { n as createChallengeStore } from "../../../../../challenge-store-cJam-E5R.mjs";
+import { t as getPasskeyConfig } from "../../../../../passkey-config-AX4sjpQ4.mjs";
 import { createKyselyAdapter } from "@dineway-ai/auth/adapters/kysely";
 import { PasskeyAuthenticationError, authenticateWithPasskey } from "@dineway-ai/auth/passkey";

package/dist/astro/routes/api/auth/setup-token/index.d.mts ADDED Viewed

@@ -0,0 +1,7 @@
+import { APIRoute } from "astro";
+//#region src/astro/routes/api/auth/setup-token/index.d.ts
+declare const prerender = false;
+declare const POST: APIRoute;
+//#endregion
+export { POST, prerender };

package/dist/astro/routes/api/auth/setup-token/index.mjs ADDED Viewed

@@ -0,0 +1,62 @@
+import "../../../../../base64-C1Q9yr0B.mjs";
+import "../../../../../types-D1DjBFA9.mjs";
+import { t as AuditRepository } from "../../../../../audit-NgiRzqP9.mjs";
+import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../error-DLkgOP5m.mjs";
+import { n as getPublicOrigin } from "../../../../../public-url-BL2r8dmQ.mjs";
+import { n as TOKEN_PREFIXES, r as generatePrefixedToken } from "../../../../../api-tokens-L0o9Bd7v.mjs";
+import { ulid } from "ulidx";
+import { Role } from "@dineway-ai/auth";
+//#region src/astro/routes/api/auth/setup-token/index.ts
+/**
+* POST /_dineway/api/auth/setup-token
+*
+* Session-admin-only setup-link regeneration. API-token-authenticated requests
+* are rejected to prevent PAT-to-session escalation.
+*/
+const prerender = false;
+const SETUP_TOKEN_TYPE = "setup_link";
+const SETUP_LINK_TTL_MS = 4320 * 60 * 1e3;
+const POST = async ({ locals, request, url }) => {
+	const { dineway, user } = locals;
+	if (!dineway?.db) return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	if (!user || user.role < Role.ADMIN) return apiError("FORBIDDEN", "Admin privileges required", 403);
+	if (locals.tokenScopes || locals.authToken) return apiError("FORBIDDEN", "Session authentication is required", 403);
+	try {
+		const { raw, hash } = generatePrefixedToken(TOKEN_PREFIXES.SETUP_LINK);
+		const expiresAt = new Date(Date.now() + SETUP_LINK_TTL_MS).toISOString();
+		await dineway.db.transaction().execute(async (trx) => {
+			await trx.deleteFrom("auth_tokens").where("user_id", "=", user.id).where("type", "=", SETUP_TOKEN_TYPE).execute();
+			await trx.insertInto("auth_tokens").values({
+				hash,
+				user_id: user.id,
+				email: user.email,
+				type: SETUP_TOKEN_TYPE,
+				role: null,
+				invited_by: null,
+				expires_at: expiresAt
+			}).execute();
+		});
+		const origin = getPublicOrigin(url, dineway.config);
+		const setupUrl = new URL("/_dineway/api/auth/setup-token/verify", origin);
+		setupUrl.searchParams.set("token", raw);
+		await new AuditRepository(dineway.db).log({
+			actorId: user.id,
+			actorIp: request.headers.get("x-forwarded-for") ?? void 0,
+			action: "settings_update",
+			resourceType: "auth_setup_token",
+			resourceId: ulid(),
+			details: { expiresAt },
+			status: "success"
+		});
+		return apiSuccess({
+			setupUrl: setupUrl.toString(),
+			expiresAt
+		}, 201);
+	} catch (error) {
+		return handleError(error, "Failed to create setup link", "SETUP_TOKEN_CREATE_ERROR");
+	}
+};
+//#endregion
+export { POST, prerender };

package/dist/astro/routes/api/auth/setup-token/verify.d.mts ADDED Viewed

@@ -0,0 +1,8 @@
+import { APIRoute } from "astro";
+//#region src/astro/routes/api/auth/setup-token/verify.d.ts
+declare const prerender = false;
+declare const GET: APIRoute;
+declare const POST: APIRoute;
+//#endregion
+export { GET, POST, prerender };

package/dist/astro/routes/api/auth/setup-token/verify.mjs ADDED Viewed

@@ -0,0 +1,112 @@
+import { o as hashPrefixedToken } from "../../../../../api-tokens-L0o9Bd7v.mjs";
+import { t as escapeHtml } from "../../../../../escape-r8_GbEU2.mjs";
+//#region src/astro/routes/api/auth/setup-token/verify.ts
+const prerender = false;
+const SETUP_TOKEN_TYPE = "setup_link";
+const PASSKEY_REGISTRATION_PATH = "/_dineway/admin/settings/security?bootstrap=passkey";
+const ADMIN_DASHBOARD_PATH = "/_dineway/admin";
+const HTML_HEADERS = {
+	"Content-Type": "text/html; charset=utf-8",
+	"Cache-Control": "private, no-store"
+};
+function genericFailurePage() {
+	return htmlPage("Setup link unavailable", `<p>This setup link is invalid, expired, or has already been used.</p>`, 400);
+}
+function htmlPage(title, body, status = 200) {
+	return new Response(`<!DOCTYPE html>
+<html lang="en">
+<head>
+	<meta charset="utf-8">
+	<meta name="viewport" content="width=device-width, initial-scale=1">
+	<title>${escapeHtml(title)}</title>
+	<style>
+		:root { color-scheme: light dark; font-family: Inter, ui-sans-serif, system-ui, sans-serif; }
+		body { min-height: 100vh; margin: 0; display: grid; place-items: center; background: Canvas; color: CanvasText; }
+		main { width: min(100% - 32px, 440px); }
+		h1 { margin: 0 0 12px; font-size: 1.5rem; line-height: 1.2; }
+		p { margin: 0 0 20px; color: color-mix(in srgb, CanvasText 72%, transparent); line-height: 1.5; }
+		button { width: 100%; border: 0; border-radius: 6px; padding: 12px 14px; background: #111827; color: #fff; font: inherit; font-weight: 600; cursor: pointer; }
+		@media (prefers-color-scheme: dark) { button { background: #f9fafb; color: #111827; } }
+	</style>
+</head>
+<body>
+	<main>
+		<h1>${escapeHtml(title)}</h1>
+		${body}
+	</main>
+</body>
+</html>`, {
+		status,
+		headers: HTML_HEADERS
+	});
+}
+function confirmationPage(token, email) {
+	const safeToken = escapeHtml(token);
+	return htmlPage("Complete Dineway admin setup", `<p>Continue as ${escapeHtml(email)} and register a passkey for future browser logins.</p>
+		<form method="post" action="/_dineway/api/auth/setup-token/verify">
+			<input type="hidden" name="token" value="${safeToken}">
+			<button type="submit">Complete login</button>
+		</form>`);
+}
+async function resolveSetupToken(db, rawToken) {
+	if (!rawToken?.startsWith("ec_slt_")) return null;
+	const hash = hashPrefixedToken(rawToken);
+	const row = await db.selectFrom("auth_tokens").innerJoin("users", "users.id", "auth_tokens.user_id").select([
+		"users.id as id",
+		"users.email as email",
+		"users.name as name",
+		"users.disabled as disabled",
+		"auth_tokens.expires_at as expires_at"
+	]).where("auth_tokens.hash", "=", hash).where("auth_tokens.type", "=", SETUP_TOKEN_TYPE).executeTakeFirst();
+	if (!row || row.disabled || new Date(row.expires_at) <= /* @__PURE__ */ new Date()) return null;
+	return {
+		id: row.id,
+		email: row.email,
+		name: row.name,
+		disabled: row.disabled
+	};
+}
+const GET = async ({ url, locals }) => {
+	const { dineway } = locals;
+	if (!dineway?.db) return genericFailurePage();
+	const token = url.searchParams.get("token");
+	const user = await resolveSetupToken(dineway.db, token);
+	if (!user || !token) return genericFailurePage();
+	return confirmationPage(token, user.email);
+};
+const POST = async ({ request, locals, session, redirect }) => {
+	const { dineway } = locals;
+	if (!dineway?.db) return genericFailurePage();
+	const tokenValue = (await request.formData().catch(() => null))?.get("token");
+	const token = typeof tokenValue === "string" ? tokenValue : null;
+	if (!token?.startsWith("ec_slt_")) return genericFailurePage();
+	const hash = hashPrefixedToken(token);
+	const result = await dineway.db.transaction().execute(async (trx) => {
+		const row = await trx.selectFrom("auth_tokens").innerJoin("users", "users.id", "auth_tokens.user_id").select([
+			"users.id as id",
+			"users.email as email",
+			"users.name as name",
+			"users.disabled as disabled",
+			"auth_tokens.expires_at as expires_at"
+		]).where("auth_tokens.hash", "=", hash).where("auth_tokens.type", "=", SETUP_TOKEN_TYPE).executeTakeFirst();
+		if (!row || row.disabled || new Date(row.expires_at) <= /* @__PURE__ */ new Date()) return null;
+		if (((await trx.deleteFrom("auth_tokens").where("hash", "=", hash).where("type", "=", SETUP_TOKEN_TYPE).executeTakeFirst()).numDeletedRows ?? 0n) === 0n) return null;
+		const credentialCount = await trx.selectFrom("credentials").select((eb) => eb.fn.countAll().as("count")).where("user_id", "=", row.id).executeTakeFirstOrThrow();
+		return {
+			user: {
+				id: row.id,
+				email: row.email,
+				name: row.name,
+				disabled: row.disabled
+			},
+			hasPasskeys: Number(credentialCount.count) > 0
+		};
+	});
+	if (!result) return genericFailurePage();
+	session?.set("user", { id: result.user.id });
+	return redirect(result.hasPasskeys ? ADMIN_DASHBOARD_PATH : PASSKEY_REGISTRATION_PATH);
+};
+//#endregion
+export { GET, POST, prerender };

package/dist/astro/routes/api/auth/signup/complete.mjs CHANGED Viewed

@@ -1,14 +1,14 @@
 import { t as OptionsRepository } from "../../../../../options-BF11H_FD.mjs";
-import "../../../../../context-types-BWspNMDr.mjs";
-import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../error-Dyf9fGZE.mjs";
-import { n as parseBody, t as isParseError } from "../../../../../parse-BBfZRZYb.mjs";
-import "../../../../../redirects-BO0fI750.mjs";
-import { _ as signupCompleteBody } from "../../../../../import-BO_gy5vZ.mjs";
+import "../../../../../context-types-BrSQNye5.mjs";
+import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../error-DLkgOP5m.mjs";
+import { n as parseBody, t as isParseError } from "../../../../../parse-D7Tu6ku4.mjs";
+import "../../../../../redirects-CoYlqu8e.mjs";
+import { _ as signupCompleteBody } from "../../../../../import-DQ4Rfh5h.mjs";
 import "../../../../../api/schemas/index.mjs";
-import { n as getPublicOrigin } from "../../../../../public-url-DuRGs0uF.mjs";
-import { n as validateAllowedOrigins, t as getConfiguredAllowedOrigins } from "../../../../../allowed-origins-3nAx5Xeo.mjs";
-import { n as createChallengeStore } from "../../../../../challenge-store-B9odzfeh.mjs";
-import { t as getPasskeyConfig } from "../../../../../passkey-config-CDew7KVU.mjs";
+import { n as getPublicOrigin } from "../../../../../public-url-BL2r8dmQ.mjs";
+import { n as validateAllowedOrigins, t as getConfiguredAllowedOrigins } from "../../../../../allowed-origins-3RuuoFjC.mjs";
+import { n as createChallengeStore } from "../../../../../challenge-store-cJam-E5R.mjs";
+import { t as getPasskeyConfig } from "../../../../../passkey-config-AX4sjpQ4.mjs";
 import { createKyselyAdapter } from "@dineway-ai/auth/adapters/kysely";
 import { SignupError, completeSignup } from "@dineway-ai/auth";
 import { registerPasskey, verifyRegistrationResponse } from "@dineway-ai/auth/passkey";

package/dist/astro/routes/api/auth/signup/request.mjs CHANGED Viewed

@@ -1,13 +1,13 @@
 import { t as OptionsRepository } from "../../../../../options-BF11H_FD.mjs";
-import "../../../../../context-types-BWspNMDr.mjs";
-import { n as apiSuccess, t as apiError } from "../../../../../error-Dyf9fGZE.mjs";
-import { n as parseBody, t as isParseError } from "../../../../../parse-BBfZRZYb.mjs";
-import "../../../../../redirects-BO0fI750.mjs";
-import { v as signupRequestBody } from "../../../../../import-BO_gy5vZ.mjs";
+import "../../../../../context-types-BrSQNye5.mjs";
+import { n as apiSuccess, t as apiError } from "../../../../../error-DLkgOP5m.mjs";
+import { n as parseBody, t as isParseError } from "../../../../../parse-D7Tu6ku4.mjs";
+import "../../../../../redirects-CoYlqu8e.mjs";
+import { v as signupRequestBody } from "../../../../../import-DQ4Rfh5h.mjs";
 import "../../../../../api/schemas/index.mjs";
-import { t as getTrustedProxyHeaders } from "../../../../../trusted-proxy-8N8sX1D1.mjs";
-import { t as getSiteBaseUrl } from "../../../../../site-url-BketXXft.mjs";
-import { n as getClientIp, t as checkRateLimit } from "../../../../../rate-limit-5ZeKz7oo.mjs";
+import { t as getTrustedProxyHeaders } from "../../../../../trusted-proxy-Bbm6PLR6.mjs";
+import { t as getSiteBaseUrl } from "../../../../../site-url-C18yBhtv.mjs";
+import { n as getClientIp, t as checkRateLimit } from "../../../../../rate-limit-BWP_kKiZ.mjs";
 import { createKyselyAdapter } from "@dineway-ai/auth/adapters/kysely";
 import { requestSignup } from "@dineway-ai/auth";

package/dist/astro/routes/api/auth/signup/verify.mjs CHANGED Viewed

@@ -1,4 +1,4 @@
-import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../error-Dyf9fGZE.mjs";
+import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../error-DLkgOP5m.mjs";
 import { createKyselyAdapter } from "@dineway-ai/auth/adapters/kysely";
 import { SignupError, roleFromLevel, validateSignupToken } from "@dineway-ai/auth";

package/dist/astro/routes/api/comments/_collection_/_contentId_/index.mjs CHANGED Viewed

@@ -3,17 +3,17 @@ import "../../../../../../base64-C1Q9yr0B.mjs";
 import "../../../../../../types-D1DjBFA9.mjs";
 import { t as CommentRepository } from "../../../../../../comment-BmJXz3lc.mjs";
 import "../../../../../../options-BF11H_FD.mjs";
-import "../../../../../../context-types-BWspNMDr.mjs";
-import { a as unwrapResult, i as requireDb, n as apiSuccess, r as handleError, t as apiError } from "../../../../../../error-Dyf9fGZE.mjs";
-import { n as parseBody, t as isParseError } from "../../../../../../parse-BBfZRZYb.mjs";
-import { _t as createCommentBody } from "../../../../../../redirects-BO0fI750.mjs";
-import "../../../../../../import-BO_gy5vZ.mjs";
+import "../../../../../../context-types-BrSQNye5.mjs";
+import { a as unwrapResult, i as requireDb, n as apiSuccess, r as handleError, t as apiError } from "../../../../../../error-DLkgOP5m.mjs";
+import { n as parseBody, t as isParseError } from "../../../../../../parse-D7Tu6ku4.mjs";
+import { _t as createCommentBody } from "../../../../../../redirects-CoYlqu8e.mjs";
+import "../../../../../../import-DQ4Rfh5h.mjs";
 import "../../../../../../api/schemas/index.mjs";
-import { t as extractRequestMeta } from "../../../../../../request-meta-BVx9KkL-.mjs";
-import { i as resolveSecretsCached } from "../../../../../../secrets-BIrqds5c.mjs";
-import { c as hashIp, s as handleCommentList, t as checkRateLimit } from "../../../../../../comments-85tbgZQN.mjs";
-import { t as getSiteBaseUrl } from "../../../../../../site-url-BketXXft.mjs";
-import { i as sendCommentNotification, t as createComment } from "../../../../../../service-Dada1k5R.mjs";
+import { t as extractRequestMeta } from "../../../../../../request-meta-DUGfAeXy.mjs";
+import { i as resolveSecretsCached } from "../../../../../../secrets-DfeNNoLa.mjs";
+import { c as hashIp, s as handleCommentList, t as checkRateLimit } from "../../../../../../comments-yTbeIYc2.mjs";
+import { t as getSiteBaseUrl } from "../../../../../../site-url-C18yBhtv.mjs";
+import { i as sendCommentNotification, t as createComment } from "../../../../../../service-wPGgmbUa.mjs";
 //#region src/astro/routes/api/comments/[collection]/[contentId]/index.ts
 const prerender = false;

package/dist/astro/routes/api/content/_collection_/_id_/compare.mjs CHANGED Viewed

@@ -1,5 +1,5 @@
-import { a as unwrapResult, t as apiError } from "../../../../../../error-Dyf9fGZE.mjs";
-import { n as requirePerm } from "../../../../../../authorize-BgIG3yfN.mjs";
+import { a as unwrapResult, t as apiError } from "../../../../../../error-DLkgOP5m.mjs";
+import { n as requirePerm } from "../../../../../../authorize-BbIhZi3a.mjs";
 //#region src/astro/routes/api/content/[collection]/[id]/compare.ts
 const prerender = false;

package/dist/astro/routes/api/content/_collection_/_id_/discard-draft.mjs CHANGED Viewed

@@ -1,9 +1,9 @@
 import "../../../../../../base64-C1Q9yr0B.mjs";
 import "../../../../../../types-D1DjBFA9.mjs";
-import "../../../../../../site-activity-lsCX_cqp.mjs";
-import { a as unwrapResult, o as mapErrorStatus, t as apiError } from "../../../../../../error-Dyf9fGZE.mjs";
-import { t as requireOwnerPerm } from "../../../../../../authorize-BgIG3yfN.mjs";
-import { a as extractActivityItemId, n as contentApiRouteSource, o as logContentActivity } from "../../../../../../activity-events-CjOgr0Uv.mjs";
+import "../../../../../../site-activity-KFZprBZM.mjs";
+import { a as unwrapResult, o as mapErrorStatus, t as apiError } from "../../../../../../error-DLkgOP5m.mjs";
+import { t as requireOwnerPerm } from "../../../../../../authorize-BbIhZi3a.mjs";
+import { a as extractActivityItemId, n as contentApiRouteSource, o as logContentActivity } from "../../../../../../activity-events-CpcTzKpF.mjs";
 //#region src/astro/routes/api/content/[collection]/[id]/discard-draft.ts
 const prerender = false;