hazo_auth 7.0.2 → 9.0.0

package/dist/lib/legal/legal_docs_service.d.ts

@@ -0,0 +1,49 @@
+/**
+ * Write legal acceptance records. Call from:
+ * - registration_service (bundled with register POST, pre-session)
+ * - legal_docs_accept route (authenticated, post-login)
+ *
+ * Inserts one row per doc into hazo_legal_acceptances (audit history) and
+ * merges the result into the denormalised hazo_users.legal_acceptance JSONB
+ * column for fast "has this user accepted the current version?" queries.
+ */
+export declare function write_legal_acceptance(adapter: any, user_id: string, accepted: Record<string, {
+    hash: string;
+}>, ip: string | null, user_agent: string | null): Promise<void>;
+/**
+ * Publish a doc version as the new required version (admin action).
+ * Upserts hazo_legal_doc_versions keyed on doc_key.
+ */
+export declare function publish_doc_version(adapter: any, doc_key: string, required_hash: string, published_by_user_id: string): Promise<{
+    published_at: string;
+}>;
+/**
+ * Return required version info keyed by doc_key.
+ */
+export declare function get_required_versions(adapter: any, doc_keys: string[]): Promise<Record<string, {
+    required_hash: string;
+    published_at: string;
+}>>;
+/**
+ * Return acceptance history for a user across all doc keys, newest first.
+ */
+export declare function get_user_acceptance_history(adapter: any, user_id: string): Promise<Array<{
+    doc_key: string;
+    doc_hash: string;
+    accepted_at: string;
+    ip: string | null;
+    user_agent: string | null;
+}>>;
+/**
+ * Count how many users have accepted the current required hash for a doc key.
+ * Returns { current, total } where current is users on the required_hash and
+ * total is all users in the system (including those with no legal_acceptance data).
+ *
+ * Note: This performs an in-process scan over all users.  For large user bases
+ * consider a dedicated SQL query in a future optimisation.
+ */
+export declare function get_compliance_count(adapter: any, doc_key: string, required_hash: string): Promise<{
+    current: number;
+    total: number;
+}>;
+//# sourceMappingURL=legal_docs_service.d.ts.map

package/dist/lib/legal/legal_docs_service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"legal_docs_service.d.ts","sourceRoot":"","sources":["../../../src/lib/legal/legal_docs_service.ts"],"names":[],"mappings":"AAcA;;;;;;;;GAQG;AACH,wBAAsB,sBAAsB,CAC1C,OAAO,EAAE,GAAG,EACZ,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE;IAAE,IAAI,EAAE,MAAM,CAAA;CAAE,CAAC,EAC1C,EAAE,EAAE,MAAM,GAAG,IAAI,EACjB,UAAU,EAAE,MAAM,GAAG,IAAI,GACxB,OAAO,CAAC,IAAI,CAAC,CAwCf;AAED;;;GAGG;AACH,wBAAsB,mBAAmB,CACvC,OAAO,EAAE,GAAG,EACZ,OAAO,EAAE,MAAM,EACf,aAAa,EAAE,MAAM,EACrB,oBAAoB,EAAE,MAAM,GAC3B,OAAO,CAAC;IAAE,YAAY,EAAE,MAAM,CAAA;CAAE,CAAC,CA2BnC;AAED;;GAEG;AACH,wBAAsB,qBAAqB,CACzC,OAAO,EAAE,GAAG,EACZ,QAAQ,EAAE,MAAM,EAAE,GACjB,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE;IAAE,aAAa,EAAE,MAAM,CAAC;IAAC,YAAY,EAAE,MAAM,CAAA;CAAE,CAAC,CAAC,CAoB1E;AAED;;GAEG;AACH,wBAAsB,2BAA2B,CAC/C,OAAO,EAAE,GAAG,EACZ,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,KAAK,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,EAAE,EAAE,MAAM,GAAG,IAAI,CAAC;IAClB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;CAC3B,CAAC,CAAC,CAeF;AAED;;;;;;;GAOG;AACH,wBAAsB,oBAAoB,CACxC,OAAO,EAAE,GAAG,EACZ,OAAO,EAAE,MAAM,EACf,aAAa,EAAE,MAAM,GACpB,OAAO,CAAC;IAAE,OAAO,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC,CAkB7C"}

package/dist/lib/legal/legal_docs_service.js

@@ -0,0 +1,141 @@
+// file_description: service functions for the legal document acceptance system
+// section: imports
+import { createCrudService } from 'hazo_connect/server';
+import { generateRequestId } from 'hazo_core';
+// section: helpers
+function generate_id() {
+    return generateRequestId().slice(4);
+}
+// section: exports
+/**
+ * Write legal acceptance records. Call from:
+ * - registration_service (bundled with register POST, pre-session)
+ * - legal_docs_accept route (authenticated, post-login)
+ *
+ * Inserts one row per doc into hazo_legal_acceptances (audit history) and
+ * merges the result into the denormalised hazo_users.legal_acceptance JSONB
+ * column for fast "has this user accepted the current version?" queries.
+ */
+export async function write_legal_acceptance(adapter, user_id, accepted, ip, user_agent) {
+    var _a;
+    const now = new Date().toISOString();
+    // 1. Insert one history row per doc
+    const history_service = createCrudService(adapter, 'hazo_legal_acceptances');
+    for (const [doc_key, { hash }] of Object.entries(accepted)) {
+        await history_service.insert({
+            id: generate_id(),
+            user_id,
+            doc_key,
+            doc_hash: hash,
+            accepted_at: now,
+            ip,
+            user_agent,
+        });
+    }
+    // 2. Merge into denormalized JSONB on hazo_users
+    const users_service = createCrudService(adapter, 'hazo_users');
+    const rows = await users_service.findBy({ id: user_id });
+    const existing_raw = (_a = rows[0]) === null || _a === void 0 ? void 0 : _a.legal_acceptance;
+    let existing = {};
+    if (existing_raw) {
+        try {
+            existing = typeof existing_raw === 'string'
+                ? JSON.parse(existing_raw)
+                : existing_raw;
+        }
+        catch ( /* corrupt — start fresh */_b) { /* corrupt — start fresh */ }
+    }
+    const updated = Object.assign({}, existing);
+    for (const [doc_key, { hash }] of Object.entries(accepted)) {
+        updated[doc_key] = { hash, accepted_at: now, ip, user_agent };
+    }
+    await users_service.updateById(user_id, {
+        legal_acceptance: JSON.stringify(updated),
+        changed_at: now,
+    });
+}
+/**
+ * Publish a doc version as the new required version (admin action).
+ * Upserts hazo_legal_doc_versions keyed on doc_key.
+ */
+export async function publish_doc_version(adapter, doc_key, required_hash, published_by_user_id) {
+    const now = new Date().toISOString();
+    // createCrudService with doc_key as primary key so updateById works correctly
+    const versions_service = createCrudService(adapter, 'hazo_legal_doc_versions', {
+        primaryKeys: ['doc_key'],
+        autoId: false,
+    });
+    const existing = await versions_service.findBy({ doc_key });
+    if (existing.length > 0) {
+        await versions_service.updateById(doc_key, {
+            required_hash,
+            published_at: now,
+            published_by_user_id,
+        });
+    }
+    else {
+        await versions_service.insert({
+            doc_key,
+            required_hash,
+            published_at: now,
+            published_by_user_id,
+        });
+    }
+    return { published_at: now };
+}
+/**
+ * Return required version info keyed by doc_key.
+ */
+export async function get_required_versions(adapter, doc_keys) {
+    if (doc_keys.length === 0)
+        return {};
+    const versions_service = createCrudService(adapter, 'hazo_legal_doc_versions', {
+        primaryKeys: ['doc_key'],
+        autoId: false,
+    });
+    const rows = await versions_service.list((qb) => qb.whereIn('doc_key', doc_keys).select(['doc_key', 'required_hash', 'published_at']));
+    const result = {};
+    for (const row of rows) {
+        result[String(row.doc_key)] = {
+            required_hash: String(row.required_hash),
+            published_at: String(row.published_at),
+        };
+    }
+    return result;
+}
+/**
+ * Return acceptance history for a user across all doc keys, newest first.
+ */
+export async function get_user_acceptance_history(adapter, user_id) {
+    const history_service = createCrudService(adapter, 'hazo_legal_acceptances');
+    return history_service.list((qb) => qb
+        .where('user_id', 'eq', user_id)
+        .select(['doc_key', 'doc_hash', 'accepted_at', 'ip', 'user_agent'])
+        .order('accepted_at', 'desc'));
+}
+/**
+ * Count how many users have accepted the current required hash for a doc key.
+ * Returns { current, total } where current is users on the required_hash and
+ * total is all users in the system (including those with no legal_acceptance data).
+ *
+ * Note: This performs an in-process scan over all users.  For large user bases
+ * consider a dedicated SQL query in a future optimisation.
+ */
+export async function get_compliance_count(adapter, doc_key, required_hash) {
+    var _a, _b;
+    const users_service = createCrudService(adapter, 'hazo_users');
+    const all_users = await users_service.list((qb) => qb.select(['id', 'legal_acceptance']));
+    let current = 0;
+    for (const user of all_users) {
+        let map = {};
+        try {
+            map = typeof user.legal_acceptance === 'string'
+                ? JSON.parse(user.legal_acceptance)
+                : ((_a = user.legal_acceptance) !== null && _a !== void 0 ? _a : {});
+        }
+        catch ( /* ignore corrupt rows */_c) { /* ignore corrupt rows */ }
+        if (((_b = map[doc_key]) === null || _b === void 0 ? void 0 : _b.hash) === required_hash)
+            current++;
+    }
+    return { current, total: all_users.length };
+}

package/dist/lib/legal/legal_docs_types.d.ts

@@ -0,0 +1,25 @@
+export interface LegalDocConfig {
+    key: string;
+    title: string;
+    path: string;
+}
+export interface LegalDocsConfig {
+    docs: LegalDocConfig[];
+    display_mode: 'separate' | 'combined';
+}
+export interface LegalDoc {
+    key: string;
+    title: string;
+    content: string;
+    hash: string;
+    required_hash: string | null;
+    required_published_at: string | null;
+}
+export interface LegalAcceptanceRecord {
+    hash: string;
+    accepted_at: string;
+    ip: string | null;
+    user_agent: string | null;
+}
+export type LegalAcceptanceMap = Record<string, LegalAcceptanceRecord>;
+//# sourceMappingURL=legal_docs_types.d.ts.map

package/dist/lib/legal/legal_docs_types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"legal_docs_types.d.ts","sourceRoot":"","sources":["../../../src/lib/legal/legal_docs_types.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,cAAc;IAC7B,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,cAAc,EAAE,CAAC;IACvB,YAAY,EAAE,UAAU,GAAG,UAAU,CAAC;CACvC;AAED,MAAM,WAAW,QAAQ;IACvB,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,qBAAqB,EAAE,MAAM,GAAG,IAAI,CAAC;CACtC;AAED,MAAM,WAAW,qBAAqB;IACpC,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,EAAE,EAAE,MAAM,GAAG,IAAI,CAAC;IAClB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;CAC3B;AAGD,MAAM,MAAM,kBAAkB,GAAG,MAAM,CAAC,MAAM,EAAE,qBAAqB,CAAC,CAAC"}

package/dist/lib/legal/legal_docs_types.js

@@ -0,0 +1,2 @@
+// file_description: shared types for the legal document acceptance system
+export {};

package/dist/lib/services/email_service.d.ts

@@ -1,4 +1,4 @@
-import type { EmailerConfig } from "hazo_notify";
+import type { EmailerConfig } from "hazo_notify/adapters/email";
 import type { HazoConnectInstance } from "hazo_notify/template_manager";
 export type EmailOptions = {
     to: string;

package/dist/lib/services/email_service.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"email_service.d.ts","sourceRoot":"","sources":["../../../src/lib/services/email_service.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,aAAa,EAAoB,MAAM,aAAa,CAAC;AACnE,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,8BAA8B,CAAC;AAGxE,MAAM,MAAM,YAAY,GAAG;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG,iBAAiB,GAAG,oBAAoB,GAAG,kBAAkB,GAAG,iBAAiB,CAAC;AAElH,MAAM,MAAM,iBAAiB,GAAG;IAC9B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAAC;CACnC,CAAC;AAiBF;;;;GAIG;AACH,wBAAgB,wBAAwB,CAAC,MAAM,EAAE,aAAa,GAAG,IAAI,CAEpE;AAED;;;;;;GAMG;AACH,wBAAgB,uBAAuB,CAAC,QAAQ,EAAE,mBAAmB,GAAG,IAAI,CAE3E;AAgMD;;;;GAIG;AACH,wBAAsB,UAAU,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,CAwErG;AAED;;;;;;;;;;GAUG;AACH,wBAAsB,mBAAmB,CACvC,aAAa,EAAE,iBAAiB,EAChC,EAAE,EAAE,MAAM,EACV,IAAI,EAAE,iBAAiB,GACtB,OAAO,CAAC;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,CAyF/C"}
+{"version":3,"file":"email_service.d.ts","sourceRoot":"","sources":["../../../src/lib/services/email_service.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,aAAa,EAAoB,MAAM,4BAA4B,CAAC;AAClF,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,8BAA8B,CAAC;AAGxE,MAAM,MAAM,YAAY,GAAG;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG,iBAAiB,GAAG,oBAAoB,GAAG,kBAAkB,GAAG,iBAAiB,CAAC;AAElH,MAAM,MAAM,iBAAiB,GAAG;IAC9B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAAC;CACnC,CAAC;AAiBF;;;;GAIG;AACH,wBAAgB,wBAAwB,CAAC,MAAM,EAAE,aAAa,GAAG,IAAI,CAEpE;AAED;;;;;;GAMG;AACH,wBAAgB,uBAAuB,CAAC,QAAQ,EAAE,mBAAmB,GAAG,IAAI,CAE3E;AAmMD;;;;GAIG;AACH,wBAAsB,UAAU,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,CA4ErG;AAED;;;;;;;;;;GAUG;AACH,wBAAsB,mBAAmB,CACvC,aAAa,EAAE,iBAAiB,EAChC,EAAE,EAAE,MAAM,EACV,IAAI,EAAE,iBAAiB,GACtB,OAAO,CAAC;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,CA4F/C"}

package/dist/lib/services/email_service.js

@@ -1,6 +1,7 @@
 // file_description: service for sending emails with template support
 // section: imports
 import { create_app_logger } from "../app_logger.js";
+import { HazoConfigError, optional_import } from "hazo_core";
 import { read_config_section } from "../config/config_loader.server.js";
 // section: singleton
 /**
@@ -49,8 +50,11 @@ async function get_hazo_notify_instance() {
         });
         try {
             // Dynamic import to avoid build-time issues with hazo_notify
-            const hazo_notify_module = await import("hazo_notify");
-            const { load_emailer_config } = hazo_notify_module;
+            const hazo_notify_email_module = await optional_import('hazo_notify/adapters/email');
+            if (!hazo_notify_email_module) {
+                throw new Error("hazo_notify is not installed");
+            }
+            const { load_emailer_config } = hazo_notify_email_module;
             hazo_notify_config = load_emailer_config();
         }
         catch (error) {
@@ -60,7 +64,7 @@ async function get_hazo_notify_instance() {
                 line_number: 0,
                 error: error_message,
             });
-            throw new Error(`Failed to load hazo_notify config: ${error_message}`);
+            throw new HazoConfigError({ code: 'HAZO_AUTH_CONFIG', pkg: 'hazo_auth', message: `Failed to load hazo_notify config: ${error_message}` });
         }
     }
     return hazo_notify_config;
@@ -217,8 +221,12 @@ export async function send_email(options) {
         // Get hazo_notify configuration instance
         const notify_config = await get_hazo_notify_instance();
         // Dynamic import to avoid build-time issues with hazo_notify
-        const hazo_notify_module = await import("hazo_notify");
-        const { send_email: hazo_notify_send_email } = hazo_notify_module;
+        const hazo_notify_email_module = await optional_import('hazo_notify/adapters/email');
+        if (!hazo_notify_email_module) {
+            throw new Error("hazo_notify is not installed");
+        }
+        const { get_email_provider } = hazo_notify_email_module;
+        const provider = get_email_provider(notify_config);
         // Get from email and from name (hazo_auth_config overrides hazo_notify_config)
         // Priority: 1. options.from (explicit parameter), 2. hazo_auth_config.from_email, 3. hazo_notify_config.from_email
         const from_email = options.from || await get_email_from(notify_config);
@@ -233,7 +241,7 @@ export async function send_email(options) {
             from_name: from_name,
         };
         // Send email using hazo_notify
-        const result = await hazo_notify_send_email(hazo_notify_options, notify_config);
+        const result = await provider.send_email(hazo_notify_options, notify_config);
         if (result.success) {
             logger.info("email_sent", {
                 filename: "email_service.ts",
@@ -306,9 +314,13 @@ export async function send_template_email(template_type, to, data) {
             }
         }
         if (!hazo_notify_connect) {
-            throw new Error("hazo_notify connect not initialized. Call set_hazo_notify_connect() " +
-                "from instrumentation.ts with the same HazoConnectInstance you pass " +
-                "to init_template_manager({ hazo_connect_factory }).");
+            throw new HazoConfigError({
+                code: 'HAZO_AUTH_CONFIG',
+                pkg: 'hazo_auth',
+                message: "hazo_notify connect not initialized. Call set_hazo_notify_connect() " +
+                    "from instrumentation.ts with the same HazoConnectInstance you pass " +
+                    "to init_template_manager({ hazo_connect_factory }).",
+            });
         }
         const notify_config = await get_hazo_notify_instance();
         const from = await get_email_from(notify_config);

package/dist/lib/services/firm_service.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"firm_service.d.ts","sourceRoot":"","sources":["../../../src/lib/services/firm_service.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAC;AAIvD,OAAO,EAAgB,KAAK,WAAW,EAAE,MAAM,iBAAiB,CAAC;AACjE,OAAO,EAAqB,KAAK,SAAS,EAAE,MAAM,sBAAsB,CAAC;AAIzE,MAAM,MAAM,cAAc,GAAG;IAC3B,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE,MAAM,CAAC;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG;IAC7B,OAAO,EAAE,OAAO,CAAC;IACjB,KAAK,CAAC,EAAE,WAAW,CAAC;IACpB,UAAU,CAAC,EAAE,SAAS,CAAC;IACvB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,CAAC;AAWF;;;GAGG;AACH,wBAAsB,iBAAiB,CACrC,OAAO,EAAE,kBAAkB,GAC1B,OAAO,CAAC;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,CAqEjE;AAqFD;;;GAGG;AACH,wBAAsB,WAAW,CAC/B,OAAO,EAAE,kBAAkB,EAC3B,IAAI,EAAE,cAAc,GACnB,OAAO,CAAC,gBAAgB,CAAC,CA4E3B;AAED;;GAEG;AACH,wBAAsB,gBAAgB,CACpC,OAAO,EAAE,kBAAkB,EAC3B,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,CAmCjE"}
+{"version":3,"file":"firm_service.d.ts","sourceRoot":"","sources":["../../../src/lib/services/firm_service.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAC;AAKvD,OAAO,EAAgB,KAAK,WAAW,EAAE,MAAM,iBAAiB,CAAC;AACjE,OAAO,EAAqB,KAAK,SAAS,EAAE,MAAM,sBAAsB,CAAC;AAIzE,MAAM,MAAM,cAAc,GAAG;IAC3B,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE,MAAM,CAAC;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG;IAC7B,OAAO,EAAE,OAAO,CAAC;IACjB,KAAK,CAAC,EAAE,WAAW,CAAC;IACpB,UAAU,CAAC,EAAE,SAAS,CAAC;IACvB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,CAAC;AAWF;;;GAGG;AACH,wBAAsB,iBAAiB,CACrC,OAAO,EAAE,kBAAkB,GAC1B,OAAO,CAAC;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,CAqEjE;AAqFD;;;GAGG;AACH,wBAAsB,WAAW,CAC/B,OAAO,EAAE,kBAAkB,EAC3B,IAAI,EAAE,cAAc,GACnB,OAAO,CAAC,gBAAgB,CAAC,CA4E3B;AAED;;GAEG;AACH,wBAAsB,gBAAgB,CACpC,OAAO,EAAE,kBAAkB,EAC3B,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,CAmCjE"}

package/dist/lib/services/firm_service.js

@@ -1,4 +1,5 @@
 import { createCrudService } from "hazo_connect/server";
+import { generateRequestId } from "hazo_core";
 import { create_app_logger } from "../app_logger.js";
 import { sanitize_error_for_user } from "../utils/error_sanitizer.js";
 import { create_scope } from "./scope_service.js";
@@ -101,7 +102,7 @@ async function assign_owner_permissions(adapter, role_id) {
             let permission_id;
             if (!Array.isArray(permissions) || permissions.length === 0) {
                 // Create permission with generated UUID
-                const perm_id = crypto.randomUUID();
+                const perm_id = generateRequestId().slice(4);
                 const inserted = await permission_service.insert({
                     id: perm_id,
                     permission_name: perm_name,

package/dist/lib/services/otp_service.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"otp_service.d.ts","sourceRoot":"","sources":["../../../src/lib/services/otp_service.ts"],"names":[],"mappings":"AAAA,OAAO,aAAa,CAAC;AAUrB;;;GAGG;AACH,wBAAgB,iBAAiB,IAAI,MAAM,CAG1C;AAED,wBAAsB,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAEjE;AAED,wBAAsB,eAAe,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAMtF;AAID,MAAM,MAAM,qBAAqB,GAC7B;IAAE,EAAE,EAAE,IAAI,CAAA;CAAE,GACZ;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,cAAc,CAAC;IAAC,mBAAmB,EAAE,MAAM,CAAA;CAAE,CAAC;AAItE;;;;;;;;;;;GAWG;AACH,wBAAsB,iBAAiB,CAAC,IAAI,EAAE;IAC5C,KAAK,EAAE,MAAM,CAAC;IACd,EAAE,EAAE,MAAM,CAAC;CACZ,GAAG,OAAO,CAAC,qBAAqB,CAAC,CAmHjC;AAID,MAAM,MAAM,oBAAoB,GAC5B;IAAE,EAAE,EAAE,IAAI,CAAC;IAAC,OAAO,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAC;IAAC,aAAa,EAAE,MAAM,CAAA;CAAE,GACnE;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,oBAAoB,GAAG,SAAS,CAAA;CAAE,CAAC;AAE3D,wBAAsB,gBAAgB,CAAC,IAAI,EAAE;IAC3C,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;CACZ,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAsHhC"}
+{"version":3,"file":"otp_service.d.ts","sourceRoot":"","sources":["../../../src/lib/services/otp_service.ts"],"names":[],"mappings":"AAAA,OAAO,aAAa,CAAC;AAWrB;;;GAGG;AACH,wBAAgB,iBAAiB,IAAI,MAAM,CAG1C;AAED,wBAAsB,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAEjE;AAED,wBAAsB,eAAe,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAMtF;AAID,MAAM,MAAM,qBAAqB,GAC7B;IAAE,EAAE,EAAE,IAAI,CAAA;CAAE,GACZ;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,cAAc,CAAC;IAAC,mBAAmB,EAAE,MAAM,CAAA;CAAE,CAAC;AAItE;;;;;;;;;;;GAWG;AACH,wBAAsB,iBAAiB,CAAC,IAAI,EAAE;IAC5C,KAAK,EAAE,MAAM,CAAC;IACd,EAAE,EAAE,MAAM,CAAC;CACZ,GAAG,OAAO,CAAC,qBAAqB,CAAC,CAmHjC;AAID,MAAM,MAAM,oBAAoB,GAC5B;IAAE,EAAE,EAAE,IAAI,CAAC;IAAC,OAAO,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAC;IAAC,aAAa,EAAE,MAAM,CAAA;CAAE,GACnE;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,oBAAoB,GAAG,SAAS,CAAA;CAAE,CAAC;AAE3D,wBAAsB,gBAAgB,CAAC,IAAI,EAAE;IAC3C,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;CACZ,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAsHhC"}

package/dist/lib/services/otp_service.js

@@ -1,5 +1,6 @@
 import "server-only";
 import crypto from "node:crypto";
+import { generateRequestId } from "hazo_core";
 import argon2 from "argon2";
 import { createCrudService } from "hazo_connect/server";
 import { get_otp_config, hazo_auth_otp_session_ttl_seconds } from "../otp_config.server.js";
@@ -102,7 +103,7 @@ export async function request_email_otp(args) {
     const code = generate_otp_code();
     const otp_hash = await hash_otp_code(code);
     const expires_at = new Date(Date.now() + cfg.code_ttl_seconds * 1000).toISOString();
-    const row_id = crypto.randomUUID();
+    const row_id = generateRequestId().slice(4);
     await otp_table.insert({
         id: row_id,
         user_id: existing_user ? String(existing_user.id) : null,
@@ -191,7 +192,7 @@ export async function verify_email_otp(args) {
     }
     else if (cfg.auto_register) {
         // Create user + bind scope/role
-        const new_user_id = crypto.randomUUID();
+        const new_user_id = generateRequestId().slice(4);
         await users_table.insert({
             id: new_user_id,
             email_address: email,

package/dist/lib/services/profile_picture_service.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"profile_picture_service.d.ts","sourceRoot":"","sources":["../../../src/lib/services/profile_picture_service.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAC;AASvD,OAAO,EAAuB,KAAK,sBAAsB,EAAE,MAAM,iCAAiC,CAAC;AAGnG,MAAM,MAAM,oBAAoB,GAAG,sBAAsB,CAAC;AAE1D,MAAM,MAAM,2BAA2B,GAAG;IACxC,mBAAmB,EAAE,MAAM,CAAC;IAC5B,cAAc,EAAE,oBAAoB,CAAC;CACtC,CAAC;AAEF,MAAM,MAAM,mBAAmB,GAAG;IAChC,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,OAAO,CAAC;IAClB,MAAM,EAAE,SAAS,GAAG,cAAc,CAAC;CACpC,CAAC;AA2DF;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,CAOrE;AAED;;;GAGG;AACH,wBAAgB,sBAAsB,IAAI,MAAM,EAAE,CAyBjD;AAED;;;;;;GAMG;AACH,wBAAgB,4BAA4B,CAC1C,QAAQ,EAAE,MAAM,EAChB,IAAI,GAAE,MAAU,EAChB,SAAS,GAAE,MAAW,GACrB,mBAAmB,CA6FrB;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,EAAE,CAI7D;AAED;;;;;GAKG;AACH,wBAAgB,sBAAsB,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAcxF;AAED;;;GAGG;AACH,wBAAgB,kBAAkB,IAAI,SAAS,GAAG,cAAc,GAAG,IAAI,CAGtE;AAED;;GAEG;AACH,wBAAgB,mBAAmB,IAAI,IAAI,CAG1C;AA4DD,wBAAsB,2BAA2B,CAC/C,UAAU,EAAE,MAAM,EAClB,SAAS,CAAC,EAAE,MAAM,GACjB,OAAO,CAAC,2BAA2B,GAAG,IAAI,CAAC,CA+D7C;AAED;;;;;;;GAOG;AACH,wBAAsB,2BAA2B,CAC/C,OAAO,EAAE,kBAAkB,EAC3B,OAAO,EAAE,MAAM,EACf,mBAAmB,EAAE,MAAM,EAC3B,cAAc,EAAE,oBAAoB,GACnC,OAAO,CAAC;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,CAsB/C"}
+{"version":3,"file":"profile_picture_service.d.ts","sourceRoot":"","sources":["../../../src/lib/services/profile_picture_service.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAC;AAUvD,OAAO,EAAuB,KAAK,sBAAsB,EAAE,MAAM,iCAAiC,CAAC;AAGnG,MAAM,MAAM,oBAAoB,GAAG,sBAAsB,CAAC;AAE1D,MAAM,MAAM,2BAA2B,GAAG;IACxC,mBAAmB,EAAE,MAAM,CAAC;IAC5B,cAAc,EAAE,oBAAoB,CAAC;CACtC,CAAC;AAEF,MAAM,MAAM,mBAAmB,GAAG;IAChC,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,OAAO,CAAC;IAClB,MAAM,EAAE,SAAS,GAAG,cAAc,CAAC;CACpC,CAAC;AA2DF;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,CAOrE;AAED;;;GAGG;AACH,wBAAgB,sBAAsB,IAAI,MAAM,EAAE,CAyBjD;AAED;;;;;;GAMG;AACH,wBAAgB,4BAA4B,CAC1C,QAAQ,EAAE,MAAM,EAChB,IAAI,GAAE,MAAU,EAChB,SAAS,GAAE,MAAW,GACrB,mBAAmB,CA6FrB;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,EAAE,CAI7D;AAED;;;;;GAKG;AACH,wBAAgB,sBAAsB,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAcxF;AAED;;;GAGG;AACH,wBAAgB,kBAAkB,IAAI,SAAS,GAAG,cAAc,GAAG,IAAI,CAGtE;AAED;;GAEG;AACH,wBAAgB,mBAAmB,IAAI,IAAI,CAG1C;AA4DD,wBAAsB,2BAA2B,CAC/C,UAAU,EAAE,MAAM,EAClB,SAAS,CAAC,EAAE,MAAM,GACjB,OAAO,CAAC,2BAA2B,GAAG,IAAI,CAAC,CA+D7C;AAED;;;;;;;GAOG;AACH,wBAAsB,2BAA2B,CAC/C,OAAO,EAAE,kBAAkB,EAC3B,OAAO,EAAE,MAAM,EACf,mBAAmB,EAAE,MAAM,EAC3B,cAAc,EAAE,oBAAoB,GACnC,OAAO,CAAC;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,CAsB/C"}

package/dist/lib/services/profile_picture_service.js

@@ -1,5 +1,6 @@
 import { createCrudService } from "hazo_connect/server";
 import gravatarUrl from "gravatar-url";
+import { fetchWithRequestId } from "hazo_core";
 import { get_profile_picture_config } from "../profile_picture_config.server.js";
 import { get_ui_sizes_config } from "../ui_sizes_config.server.js";
 import { get_file_types_config } from "../file_types_config.server.js";
@@ -248,7 +249,7 @@ async function check_gravatar_exists(email) {
         const uiSizes = get_ui_sizes_config();
         const gravatar_url = get_gravatar_url(email, uiSizes.gravatar_size);
         // Make HEAD request to check if image exists without downloading it
-        const response = await fetch(gravatar_url, {
+        const response = await fetchWithRequestId(gravatar_url, {
             method: 'HEAD',
             // Add timeout to prevent hanging
             signal: AbortSignal.timeout(5000) // 5 second timeout

package/dist/lib/services/registration_service.d.ts

@@ -4,6 +4,11 @@ export type RegistrationData = {
     password: string;
     name?: string;
     url_on_logon?: string;
+    legal_accepted?: Record<string, {
+        hash: string;
+    }>;
+    ip?: string | null;
+    user_agent?: string | null;
 };
 export type RegistrationResult = {
     success: boolean;

package/dist/lib/services/registration_service.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"registration_service.d.ts","sourceRoot":"","sources":["../../../src/lib/services/registration_service.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAC;AAkBvD,MAAM,MAAM,gBAAgB,GAAG;IAC7B,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG;IAC/B,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,CAAC;AAGF;;;;;GAKG;AACH,wBAAsB,aAAa,CACjC,OAAO,EAAE,kBAAkB,EAC3B,IAAI,EAAE,gBAAgB,GACrB,OAAO,CAAC,kBAAkB,CAAC,CAwJ7B"}
+{"version":3,"file":"registration_service.d.ts","sourceRoot":"","sources":["../../../src/lib/services/registration_service.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAC;AAmBvD,MAAM,MAAM,gBAAgB,GAAG;IAC7B,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,cAAc,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE;QAAE,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAClD,EAAE,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC5B,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG;IAC/B,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,CAAC;AAGF;;;;;GAKG;AACH,wBAAsB,aAAa,CACjC,OAAO,EAAE,kBAAkB,EAC3B,IAAI,EAAE,gBAAgB,GACrB,OAAO,CAAC,kBAAkB,CAAC,CAmK7B"}

package/dist/lib/services/registration_service.js

@@ -10,6 +10,7 @@ import { send_template_email } from "./email_service.js";
 import { sanitize_error_for_user } from "../utils/error_sanitizer.js";
 import { get_line_number } from "../utils/api_route_helpers.js";
 import { is_user_types_enabled, get_default_user_type, } from "../user_types_config.server.js";
+import { write_legal_acceptance } from "../legal/legal_docs_service.js";
 // section: helpers
 /**
  * Registers a new user in the database using hazo_connect
@@ -18,6 +19,7 @@ import { is_user_types_enabled, get_default_user_type, } from "../user_types_con
  * @returns Registration result with success status and user_id or error
  */
 export async function register_user(adapter, data) {
+    var _a, _b;
     try {
         const { email, password, name, url_on_logon } = data;
         // Create CRUD service for hazo_users table
@@ -130,6 +132,10 @@ export async function register_user(adapter, data) {
                 });
             }
         }
+        // Write legal acceptance records if provided
+        if (data.legal_accepted && Object.keys(data.legal_accepted).length > 0) {
+            await write_legal_acceptance(adapter, user_id, data.legal_accepted, (_a = data.ip) !== null && _a !== void 0 ? _a : null, (_b = data.user_agent) !== null && _b !== void 0 ? _b : null);
+        }
         return {
             success: true,
             user_id,

package/dist/lib/services/relationship_service.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"relationship_service.d.ts","sourceRoot":"","sources":["../../../src/lib/services/relationship_service.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAC;AAOvD,MAAM,MAAM,eAAe,GAAG;IAC5B,cAAc,EAAE,MAAM,CAAC;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,aAAa,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACzC,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG;IAC/B,EAAE,EAAE,MAAM,CAAC;IACX,cAAc,EAAE,MAAM,CAAC;IACvB,aAAa,EAAE,MAAM,CAAC;IACtB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,iBAAiB,EAAE,OAAO,CAAC;IAC3B,gBAAgB,EAAE,OAAO,CAAC;IAC1B,UAAU,EAAE,OAAO,CAAC;IACpB,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG;IACzB,eAAe,EAAE,MAAM,CAAC;IACxB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,iBAAiB,EAAE,OAAO,CAAC;IAC3B,gBAAgB,EAAE,OAAO,CAAC;IAC1B,UAAU,EAAE,OAAO,CAAC;IACpB,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,mBAAmB,EAAE,MAAM,GAAG,IAAI,CAAC;IACnC,aAAa,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAC9C,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,yBAAyB,GAAG;IACtC,OAAO,EAAE,OAAO,CAAC;IACjB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,EAAE,YAAY,EAAE,CAAC;IAC1B,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,CAAC;AAMF,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,OAAO,CAG3E;AAED,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,MAAM,GAAG,IAAI,CAGjF;AAQD;;;;;;GAMG;AACH,wBAAsB,oBAAoB,CACxC,OAAO,EAAE,kBAAkB,EAC3B,IAAI,EAAE,eAAe,GACpB,OAAO,CAAC,yBAAyB,CAAC,CA6FpC;AAED;;;;;GAKG;AACH,wBAAsB,aAAa,CACjC,OAAO,EAAE,kBAAkB,EAC3B,cAAc,EAAE,MAAM,GACrB,OAAO,CAAC,yBAAyB,CAAC,CA+DpC;AAED;;;;;;;GAOG;AACH,wBAAsB,mBAAmB,CACvC,OAAO,EAAE,kBAAkB,EAC3B,eAAe,EAAE,MAAM,EACvB,cAAc,EAAE,MAAM,EACtB,OAAO,EAAE;IAAE,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAAC,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAAC,UAAU,CAAC,EAAE,OAAO,CAAA;CAAE,GACzF,OAAO,CAAC,yBAAyB,CAAC,CA8BpC;AAED;;;;;;;GAOG;AACH,wBAAsB,mBAAmB,CACvC,OAAO,EAAE,kBAAkB,EAC3B,eAAe,EAAE,MAAM,EACvB,cAAc,EAAE,MAAM,EACtB,iBAAiB,GAAE,OAAe,GACjC,OAAO,CAAC,yBAAyB,CAAC,CAoCpC;AAED;;;;;;GAMG;AACH,wBAAsB,wBAAwB,CAC5C,OAAO,EAAE,kBAAkB,EAC3B,cAAc,EAAE,MAAM,GACrB,OAAO,CAAC,yBAAyB,CAAC,CA2CpC;AAED;;;;;;;;;GASG;AACH,wBAAsB,oBAAoB,CACxC,OAAO,EAAE,kBAAkB,EAC3B,eAAe,EAAE,MAAM,EACvB,cAAc,EAAE,MAAM,EACtB,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,yBAAyB,CAAC,CAiDpC;AAED;;;;;;;;GAQG;AACH,wBAAsB,mBAAmB,CACvC,OAAO,EAAE,kBAAkB,EAC3B,cAAc,EAAE,MAAM,EACtB,aAAa,EAAE,MAAM,EACrB,GAAG,EAAE,MAAM,GACV,OAAO,CAAC;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,aAAa,CAAC,EAAE,MAAM,CAAC;IAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAAC,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,CA8CzH;AAED;;;;;;GAMG;AACH,wBAAsB,+BAA+B,CACnD,OAAO,EAAE,kBAAkB,EAC3B,eAAe,EAAE,MAAM,EACvB,cAAc,EAAE,MAAM,GACrB,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,CAmBzC"}
+{"version":3,"file":"relationship_service.d.ts","sourceRoot":"","sources":["../../../src/lib/services/relationship_service.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAC;AAQvD,MAAM,MAAM,eAAe,GAAG;IAC5B,cAAc,EAAE,MAAM,CAAC;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,aAAa,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACzC,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG;IAC/B,EAAE,EAAE,MAAM,CAAC;IACX,cAAc,EAAE,MAAM,CAAC;IACvB,aAAa,EAAE,MAAM,CAAC;IACtB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,iBAAiB,EAAE,OAAO,CAAC;IAC3B,gBAAgB,EAAE,OAAO,CAAC;IAC1B,UAAU,EAAE,OAAO,CAAC;IACpB,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG;IACzB,eAAe,EAAE,MAAM,CAAC;IACxB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,iBAAiB,EAAE,OAAO,CAAC;IAC3B,gBAAgB,EAAE,OAAO,CAAC;IAC1B,UAAU,EAAE,OAAO,CAAC;IACpB,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,mBAAmB,EAAE,MAAM,GAAG,IAAI,CAAC;IACnC,aAAa,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAC9C,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,yBAAyB,GAAG;IACtC,OAAO,EAAE,OAAO,CAAC;IACjB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,EAAE,YAAY,EAAE,CAAC;IAC1B,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,CAAC;AAMF,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,OAAO,CAG3E;AAED,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,MAAM,GAAG,IAAI,CAGjF;AAQD;;;;;;GAMG;AACH,wBAAsB,oBAAoB,CACxC,OAAO,EAAE,kBAAkB,EAC3B,IAAI,EAAE,eAAe,GACpB,OAAO,CAAC,yBAAyB,CAAC,CA6FpC;AAED;;;;;GAKG;AACH,wBAAsB,aAAa,CACjC,OAAO,EAAE,kBAAkB,EAC3B,cAAc,EAAE,MAAM,GACrB,OAAO,CAAC,yBAAyB,CAAC,CA+DpC;AAED;;;;;;;GAOG;AACH,wBAAsB,mBAAmB,CACvC,OAAO,EAAE,kBAAkB,EAC3B,eAAe,EAAE,MAAM,EACvB,cAAc,EAAE,MAAM,EACtB,OAAO,EAAE;IAAE,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAAC,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAAC,UAAU,CAAC,EAAE,OAAO,CAAA;CAAE,GACzF,OAAO,CAAC,yBAAyB,CAAC,CA8BpC;AAED;;;;;;;GAOG;AACH,wBAAsB,mBAAmB,CACvC,OAAO,EAAE,kBAAkB,EAC3B,eAAe,EAAE,MAAM,EACvB,cAAc,EAAE,MAAM,EACtB,iBAAiB,GAAE,OAAe,GACjC,OAAO,CAAC,yBAAyB,CAAC,CAoCpC;AAED;;;;;;GAMG;AACH,wBAAsB,wBAAwB,CAC5C,OAAO,EAAE,kBAAkB,EAC3B,cAAc,EAAE,MAAM,GACrB,OAAO,CAAC,yBAAyB,CAAC,CA2CpC;AAED;;;;;;;;;GASG;AACH,wBAAsB,oBAAoB,CACxC,OAAO,EAAE,kBAAkB,EAC3B,eAAe,EAAE,MAAM,EACvB,cAAc,EAAE,MAAM,EACtB,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,yBAAyB,CAAC,CAiDpC;AAED;;;;;;;;GAQG;AACH,wBAAsB,mBAAmB,CACvC,OAAO,EAAE,kBAAkB,EAC3B,cAAc,EAAE,MAAM,EACtB,aAAa,EAAE,MAAM,EACrB,GAAG,EAAE,MAAM,GACV,OAAO,CAAC;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,aAAa,CAAC,EAAE,MAAM,CAAC;IAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAAC,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,CA8CzH;AAED;;;;;;GAMG;AACH,wBAAsB,+BAA+B,CACnD,OAAO,EAAE,kBAAkB,EAC3B,eAAe,EAAE,MAAM,EACvB,cAAc,EAAE,MAAM,GACrB,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,CAmBzC"}

package/dist/lib/services/relationship_service.js

@@ -1,4 +1,5 @@
 import { createCrudService } from "hazo_connect/server";
+import { generateRequestId } from "hazo_core";
 import argon2 from "argon2";
 import { create_app_logger } from "../app_logger.js";
 import { get_relationships_config, get_allowed_relationship_types } from "../relationships_config.server.js";
@@ -16,7 +17,7 @@ export function get_display_email(email) {
     return is_sentinel_email(email) ? null : email;
 }
 function generate_sentinel_email() {
-    return `${SENTINEL_PREFIX}${crypto.randomUUID()}${SENTINEL_DOMAIN}`;
+    return `${SENTINEL_PREFIX}${generateRequestId().slice(4)}${SENTINEL_DOMAIN}`;
 }
 // section: helpers
 /**
@@ -66,8 +67,8 @@ export async function create_managed_child(adapter, data) {
             pin_hash = await argon2.hash(data.pin);
         }
         // Generate IDs
-        const child_user_id = crypto.randomUUID();
-        const relationship_id = crypto.randomUUID();
+        const child_user_id = generateRequestId().slice(4);
+        const relationship_id = generateRequestId().slice(4);
         const now = new Date().toISOString();
         // Insert managed child user
         await users_service.insert({
@@ -276,7 +277,7 @@ export async function create_self_relationship(adapter, parent_user_id) {
             };
         }
         const config = get_relationships_config();
-        const relationship_id = crypto.randomUUID();
+        const relationship_id = generateRequestId().slice(4);
         const now = new Date().toISOString();
         await relationships_service.insert({
             id: relationship_id,

package/dist/lib/services/session_token_service.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"session_token_service.d.ts","sourceRoot":"","sources":["../../../src/lib/services/session_token_service.ts"],"names":[],"mappings":"AAQA,MAAM,MAAM,mBAAmB,GAAG;IAChC,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;CACb,CAAC;AAEF,MAAM,MAAM,0BAA0B,GAAG;IACvC,KAAK,EAAE,OAAO,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B,CAAC;AAuCF;;;;;;GAMG;AACH,wBAAsB,oBAAoB,CACxC,OAAO,EAAE,MAAM,EACf,KAAK,EAAE,MAAM,EACb,kBAAkB,CAAC,EAAE,MAAM,EAC3B,WAAW,CAAC,EAAE,MAAM,GACnB,OAAO,CAAC,MAAM,CAAC,CA4CjB;AAED;;;;;GAKG;AACH,wBAAsB,sBAAsB,CAC1C,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,0BAA0B,CAAC,CAkDrC"}
+{"version":3,"file":"session_token_service.d.ts","sourceRoot":"","sources":["../../../src/lib/services/session_token_service.ts"],"names":[],"mappings":"AASA,MAAM,MAAM,mBAAmB,GAAG;IAChC,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;CACb,CAAC;AAEF,MAAM,MAAM,0BAA0B,GAAG;IACvC,KAAK,EAAE,OAAO,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B,CAAC;AAuCF;;;;;;GAMG;AACH,wBAAsB,oBAAoB,CACxC,OAAO,EAAE,MAAM,EACf,KAAK,EAAE,MAAM,EACb,kBAAkB,CAAC,EAAE,MAAM,EAC3B,WAAW,CAAC,EAAE,MAAM,GACnB,OAAO,CAAC,MAAM,CAAC,CA4CjB;AAED;;;;;GAKG;AACH,wBAAsB,sBAAsB,CAC1C,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,0BAA0B,CAAC,CAkDrC"}

package/dist/lib/services/session_token_service.js

@@ -2,6 +2,7 @@
 // Uses jose library for Edge-compatible JWT operations
 // section: imports
 import { SignJWT, jwtVerify } from "jose";
+import { HazoConfigError, HazoAuthError } from "hazo_core";
 import { create_app_logger } from "../app_logger.js";
 import { get_filename, get_line_number } from "../utils/api_route_helpers.js";
 // section: helpers
@@ -19,7 +20,7 @@ function get_jwt_secret() {
             line_number: get_line_number(),
             error: "JWT_SECRET environment variable is required",
         });
-        throw new Error("JWT_SECRET environment variable is required");
+        throw new HazoConfigError({ code: 'HAZO_AUTH_CONFIG', pkg: 'hazo_auth', message: 'JWT_SECRET environment variable is required' });
     }
     // Convert string secret to Uint8Array for jose
     return new TextEncoder().encode(jwt_secret);
@@ -79,7 +80,7 @@ export async function create_session_token(user_id, email, managed_by_user_id, t
             error_message,
             error_stack,
         });
-        throw new Error("Failed to create session token");
+        throw new HazoAuthError({ code: 'HAZO_AUTH_INVALID_TOKEN', pkg: 'hazo_auth', message: 'Failed to create session token' });
     }
 }
 /**

package/dist/lib/utils/api_route_helpers.d.ts

@@ -1,13 +1,2 @@
-/**
- * Gets the filename from the call stack
- * This is a simplified version that extracts the filename from the error stack
- * @returns Filename or "route.ts" as default
- */
-export declare function get_filename(): string;
-/**
- * Gets the line number from the call stack
- * This is a simplified version that extracts the line number from the error stack
- * @returns Line number or 0
- */
-export declare function get_line_number(): number;
+export { get_filename, get_line_number } from 'hazo_logs';
 //# sourceMappingURL=api_route_helpers.d.ts.map

package/dist/lib/utils/api_route_helpers.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"api_route_helpers.d.ts","sourceRoot":"","sources":["../../../src/lib/utils/api_route_helpers.ts"],"names":[],"mappings":"AAEA;;;;GAIG;AACH,wBAAgB,YAAY,IAAI,MAAM,CAsBrC;AAED;;;;GAIG;AACH,wBAAgB,eAAe,IAAI,MAAM,CAsBxC"}
+{"version":3,"file":"api_route_helpers.d.ts","sourceRoot":"","sources":["../../../src/lib/utils/api_route_helpers.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,YAAY,EAAE,eAAe,EAAE,MAAM,WAAW,CAAC"}

package/dist/lib/utils/api_route_helpers.js

@@ -1,58 +1,5 @@
 // file_description: shared helper functions for API routes to get filename and line number
-// section: helpers
-/**
- * Gets the filename from the call stack
- * This is a simplified version that extracts the filename from the error stack
- * @returns Filename or "route.ts" as default
- */
-export function get_filename() {
-    try {
-        const stack = new Error().stack;
-        if (!stack) {
-            return "route.ts";
-        }
-        // Parse stack trace to find the caller's file
-        const lines = stack.split("\n");
-        // Skip Error line and get_filename line, get the actual caller
-        for (let i = 2; i < lines.length; i++) {
-            const line = lines[i];
-            // Match file paths in stack trace (e.g., "at /path/to/file.ts:123:45")
-            const match = line.match(/([^/\\]+\.tsx?):(\d+):(\d+)/);
-            if (match) {
-                return match[1];
-            }
-        }
-        return "route.ts";
-    }
-    catch (_a) {
-        return "route.ts";
-    }
-}
-/**
- * Gets the line number from the call stack
- * This is a simplified version that extracts the line number from the error stack
- * @returns Line number or 0
- */
-export function get_line_number() {
-    try {
-        const stack = new Error().stack;
-        if (!stack) {
-            return 0;
-        }
-        // Parse stack trace to find the caller's line number
-        const lines = stack.split("\n");
-        // Skip Error line and get_line_number line, get the actual caller
-        for (let i = 2; i < lines.length; i++) {
-            const line = lines[i];
-            // Match line numbers in stack trace (e.g., "at /path/to/file.ts:123:45")
-            const match = line.match(/([^/\\]+\.tsx?):(\d+):(\d+)/);
-            if (match) {
-                return parseInt(match[2], 10) || 0;
-            }
-        }
-        return 0;
-    }
-    catch (_a) {
-        return 0;
-    }
-}
+// Canonical location moved to hazo_logs/src/lib/utils/caller_info.ts.
+// This re-export maintains backward compatibility for hazo_auth consumers.
+// Will be removed in hazo_auth v9 — import from 'hazo_logs' directly.
+export { get_filename, get_line_number } from 'hazo_logs';