npm - insforge - Versions diffs - 1.2.10 → 1.3.0 - Mend

insforge 1.2.10 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (335) hide show

package/.claude-plugin/marketplace.json +20 -20
package/.dockerignore +60 -60
package/.env.example +83 -77
package/.github/ISSUE_TEMPLATE/bug_report.yml +36 -36
package/.github/ISSUE_TEMPLATE/config.yml +11 -11
package/.github/ISSUE_TEMPLATE/feature_request.yml +26 -26
package/.github/PULL_REQUEST_TEMPLATE.md +7 -7
package/.github/copilot-instructions.md +146 -146
package/.github/workflows/build-image.yml +65 -65
package/.github/workflows/ci-premerge-check.yml +23 -23
package/.github/workflows/e2e.yml +63 -63
package/.github/workflows/lint-and-format.yml +32 -32
package/.prettierignore +64 -64
package/CHANGELOG.md +44 -44
package/CLAUDE_PLUGIN.md +104 -104
package/CODE_OF_CONDUCT.md +128 -128
package/CONTRIBUTING.md +125 -125
package/Dockerfile +30 -30
package/GITHUB_OAUTH_SETUP.md +49 -49
package/GOOGLE_OAUTH_SETUP.md +148 -148
package/LICENSE +201 -201
package/README.md +182 -182
package/assets/Dark.svg +23 -23
package/auth/package.json +28 -28
package/auth/src/lib/broadcastService.ts +117 -115
package/auth/src/pages/SignInPage.tsx +60 -57
package/auth/src/pages/SignUpPage.tsx +60 -57
package/auth/tsconfig.json +32 -32
package/auth/tsconfig.node.json +11 -11
package/backend/package.json +78 -75
package/backend/src/api/routes/ai/index.routes.ts +3 -3
package/backend/src/api/routes/auth/index.routes.ts +667 -570
package/backend/src/api/routes/auth/oauth.routes.ts +473 -448
package/backend/src/api/routes/database/advance.routes.ts +37 -16
package/backend/src/api/routes/database/index.routes.ts +78 -1
package/backend/src/api/routes/database/records.routes.ts +10 -10
package/backend/src/api/routes/database/tables.routes.ts +0 -14
package/backend/src/api/routes/docs/index.routes.ts +75 -76
package/backend/src/api/routes/email/index.routes.ts +35 -0
package/backend/src/api/routes/functions/index.routes.ts +18 -12
package/backend/src/api/routes/metadata/index.routes.ts +12 -0
package/backend/src/api/routes/realtime/channels.routes.ts +81 -0
package/backend/src/api/routes/realtime/index.routes.ts +12 -0
package/backend/src/api/routes/realtime/messages.routes.ts +48 -0
package/backend/src/api/routes/realtime/permissions.routes.ts +19 -0
package/backend/src/api/routes/storage/index.routes.ts +18 -12
package/backend/src/api/routes/usage/index.routes.ts +6 -4
package/backend/src/infra/database/database.manager.ts +14 -1
package/backend/src/infra/database/migrations/000_create-base-tables.sql +141 -141
package/backend/src/infra/database/migrations/001_create-helper-functions.sql +40 -40
package/backend/src/infra/database/migrations/002_rename-auth-tables.sql +29 -29
package/backend/src/infra/database/migrations/003_create-users-table.sql +55 -55
package/backend/src/infra/database/migrations/004_add-reload-postgrest-func.sql +23 -23
package/backend/src/infra/database/migrations/005_enable-project-admin-modify-users.sql +29 -29
package/backend/src/infra/database/migrations/006_modify-ai-usage-table.sql +24 -24
package/backend/src/infra/database/migrations/007_drop-metadata-table.sql +1 -1
package/backend/src/infra/database/migrations/008_add-system-tables.sql +76 -76
package/backend/src/infra/database/migrations/009_add-function-secrets.sql +23 -23
package/backend/src/infra/database/migrations/010_modify-ai-config-modalities.sql +93 -93
package/backend/src/infra/database/migrations/011_refactor-secrets-table.sql +15 -15
package/backend/src/infra/database/migrations/012_add-storage-uploaded-by.sql +7 -7
package/backend/src/infra/database/migrations/013_create-auth-schema-functions.sql +44 -44
package/backend/src/infra/database/migrations/014_add-updated-at-trigger-user-table.sql +7 -7
package/backend/src/infra/database/migrations/015_create-auth-config-and-email-otp-tables.sql +59 -59
package/backend/src/infra/database/migrations/016_update-auth-config-and-email-otp.sql +24 -24
package/backend/src/infra/database/migrations/017_create-realtime-schema.sql +233 -0
package/backend/src/infra/realtime/realtime.manager.ts +246 -0
package/backend/src/infra/realtime/webhook-sender.ts +82 -0
package/backend/src/infra/security/token.manager.ts +219 -125
package/backend/src/infra/socket/socket.manager.ts +198 -64
package/backend/src/providers/ai/openrouter.provider.ts +12 -9
package/backend/src/providers/email/base.provider.ts +4 -7
package/backend/src/providers/email/cloud.provider.ts +84 -0
package/backend/src/providers/oauth/apple.provider.ts +266 -0
package/backend/src/providers/oauth/index.ts +1 -0
package/backend/src/server.ts +317 -284
package/backend/src/services/ai/ai-model.service.ts +5 -5
package/backend/src/services/ai/chat-completion.service.ts +4 -4
package/backend/src/services/ai/image-generation.service.ts +3 -3
package/backend/src/services/auth/auth.service.ts +14 -0
package/backend/src/services/database/database-table.service.ts +0 -9
package/backend/src/services/database/database.service.ts +127 -0
package/backend/src/services/email/email.service.ts +5 -7
package/backend/src/services/realtime/index.ts +3 -0
package/backend/src/services/realtime/realtime-auth.service.ts +104 -0
package/backend/src/services/realtime/realtime-channel.service.ts +237 -0
package/backend/src/services/realtime/realtime-message.service.ts +260 -0
package/backend/src/types/auth.ts +11 -0
package/backend/src/types/realtime.ts +18 -0
package/backend/src/types/socket.ts +7 -31
package/backend/src/utils/cookies.ts +35 -0
package/backend/src/utils/s3-config-loader.ts +64 -0
package/backend/src/utils/seed.ts +301 -298
package/backend/src/utils/sql-parser.ts +90 -0
package/backend/tests/README.md +133 -133
package/backend/tests/cleanup-all-test-data.sh +230 -230
package/backend/tests/cloud/test-s3-multitenant.sh +131 -131
package/backend/tests/local/comprehensive-curl-tests.sh +155 -155
package/backend/tests/local/test-ai-config.sh +129 -129
package/backend/tests/local/test-ai-usage.sh +80 -80
package/backend/tests/local/test-auth-router.sh +143 -143
package/backend/tests/local/test-database-router.sh +222 -222
package/backend/tests/local/test-e2e.sh +240 -240
package/backend/tests/local/test-fk-errors.sh +96 -96
package/backend/tests/local/test-functions.sh +123 -123
package/backend/tests/local/test-id-field.sh +200 -200
package/backend/tests/local/test-logs.sh +132 -132
package/backend/tests/local/test-public-bucket.sh +264 -264
package/backend/tests/local/test-secrets.sh +249 -249
package/backend/tests/local/test-serverless-functions.sh.disabled +325 -325
package/backend/tests/local/test-traditional-rest.sh +208 -208
package/backend/tests/manual/README.md +50 -50
package/backend/tests/manual/create-large-table-simple.sql +10 -10
package/backend/tests/manual/seed-large-table.sql +100 -100
package/backend/tests/manual/setup-large-table-extras.sql +33 -33
package/backend/tests/manual/test-bulk-upsert.sh +409 -409
package/backend/tests/manual/test-database-advance.sh +296 -296
package/backend/tests/manual/test-postgrest-stability.sh +191 -191
package/backend/tests/manual/test-rawsql-export-import.sh +411 -411
package/backend/tests/manual/test-rawsql-modes.sh +244 -244
package/backend/tests/manual/test-universal-storage.sh +263 -263
package/backend/tests/manual/test-users.sql +17 -17
package/backend/tests/run-all-tests.sh +139 -139
package/backend/tests/setup.ts +0 -0
package/backend/tests/test-config.sh +338 -338
package/backend/tests/unit/analyze-query.test.ts +697 -0
package/backend/tsconfig.json +22 -22
package/claude-plugin/.claude-plugin/plugin.json +24 -24
package/claude-plugin/README.md +133 -133
package/claude-plugin/skills/insforge-schema-patterns/SKILL.md +270 -270
package/docker-compose.prod.yml +204 -200
package/docker-compose.yml +232 -228
package/docker-init/db/db-init.sql +97 -97
package/docker-init/db/jwt.sql +5 -5
package/docker-init/db/postgresql.conf +16 -16
package/docker-init/logs/vector.yml +236 -236
package/docs/README.md +44 -44
package/docs/agent-docs/real-time.md +269 -0
package/docs/changelog.mdx +119 -67
package/docs/core-concepts/ai/architecture.mdx +372 -372
package/docs/core-concepts/ai/sdk.mdx +213 -213
package/docs/core-concepts/authentication/architecture.mdx +278 -278
package/docs/core-concepts/authentication/sdk.mdx +414 -414
package/docs/core-concepts/authentication/ui-components/customization.mdx +529 -529
package/docs/core-concepts/authentication/ui-components/nextjs.mdx +221 -221
package/docs/core-concepts/authentication/ui-components/react-router.mdx +184 -184
package/docs/core-concepts/authentication/ui-components/react.mdx +129 -129
package/docs/core-concepts/database/architecture.mdx +255 -255
package/docs/core-concepts/database/sdk.mdx +382 -382
package/docs/core-concepts/email/architecture.mdx +101 -0
package/docs/core-concepts/email/sdk.mdx +53 -0
package/docs/core-concepts/functions/architecture.mdx +105 -105
package/docs/core-concepts/functions/sdk.mdx +184 -184
package/docs/core-concepts/realtime/architecture.mdx +446 -0
package/docs/core-concepts/realtime/sdk.mdx +409 -0
package/docs/core-concepts/storage/architecture.mdx +243 -243
package/docs/core-concepts/storage/sdk.mdx +253 -253
package/docs/deployment/README.md +94 -94
package/docs/deployment/deploy-to-aws-ec2.md +564 -564
package/docs/deployment/deploy-to-azure-virtual-machines.md +312 -312
package/docs/deployment/deploy-to-google-cloud-compute-engine.md +613 -613
package/docs/deployment/deploy-to-render.md +441 -441
package/docs/deprecated/insforge-auth-api.md +214 -214
package/docs/deprecated/insforge-auth-sdk.md +99 -99
package/docs/deprecated/insforge-db-api.md +358 -358
package/docs/deprecated/insforge-db-sdk.md +139 -139
package/docs/deprecated/insforge-debug-sdk.md +156 -156
package/docs/deprecated/insforge-debug.md +64 -64
package/docs/deprecated/insforge-instructions.md +123 -123
package/docs/deprecated/insforge-project.md +117 -117
package/docs/deprecated/insforge-storage-api.md +278 -278
package/docs/deprecated/insforge-storage-sdk.md +158 -158
package/docs/docs.json +232 -210
package/docs/examples/framework-guides/nextjs.mdx +131 -131
package/docs/examples/framework-guides/nuxt.mdx +165 -165
package/docs/examples/framework-guides/react.mdx +165 -165
package/docs/examples/framework-guides/svelte.mdx +153 -153
package/docs/examples/framework-guides/vue.mdx +159 -159
package/docs/examples/overview.mdx +67 -67
package/docs/favicon.svg +19 -19
package/docs/images/changelog/dec-2025/ai-integration.png +0 -0
package/docs/images/changelog/dec-2025/ai-models.webp +0 -0
package/docs/images/changelog/dec-2025/alipay-payment.webp +0 -0
package/docs/images/changelog/dec-2025/apple-login.jpg +0 -0
package/docs/images/changelog/dec-2025/mcp-installer.png +0 -0
package/docs/images/changelog/dec-2025/realtime-module.jpg +0 -0
package/docs/images/icons/ai.svg +4 -4
package/docs/images/logos/nextjs.svg +4 -4
package/docs/images/logos/nuxt.svg +4 -4
package/docs/images/logos/react.svg +5 -5
package/docs/images/logos/svelte.svg +4 -4
package/docs/images/logos/vue.svg +5 -5
package/docs/insforge-instructions-sdk.md +89 -88
package/docs/introduction.mdx +45 -45
package/docs/logo/dark.svg +22 -22
package/docs/logo/light.svg +20 -20
package/docs/partnership.mdx +651 -646
package/docs/quickstart.mdx +82 -82
package/docs/showcase.mdx +52 -52
package/docs/snippets/sdk-installation.mdx +21 -21
package/docs/snippets/service-icons.mdx +27 -27
package/examples/oauth/frontend-oauth-example.html +250 -250
package/examples/response-examples.md +443 -443
package/frontend/components.json +17 -17
package/frontend/package.json +69 -69
package/frontend/src/assets/icons/checkbox_checked.svg +6 -6
package/frontend/src/assets/icons/checkbox_undetermined.svg +6 -6
package/frontend/src/assets/icons/checked.svg +3 -3
package/frontend/src/assets/icons/connected.svg +3 -3
package/frontend/src/assets/icons/error.svg +3 -3
package/frontend/src/assets/icons/loader.svg +9 -9
package/frontend/src/assets/icons/pencil.svg +4 -4
package/frontend/src/assets/icons/refresh.svg +4 -4
package/frontend/src/assets/icons/step_active.svg +3 -3
package/frontend/src/assets/icons/step_inactive.svg +11 -11
package/frontend/src/assets/icons/warning.svg +3 -3
package/frontend/src/assets/logos/apple.svg +3 -3
package/frontend/src/assets/logos/claude_code.svg +3 -3
package/frontend/src/assets/logos/cline.svg +6 -6
package/frontend/src/assets/logos/cursor.svg +20 -20
package/frontend/src/assets/logos/discord.svg +8 -8
package/frontend/src/assets/logos/facebook.svg +3 -3
package/frontend/src/assets/logos/gemini.svg +19 -19
package/frontend/src/assets/logos/github.svg +5 -5
package/frontend/src/assets/logos/google.svg +13 -13
package/frontend/src/assets/logos/grok.svg +10 -10
package/frontend/src/assets/logos/insforge_dark.svg +15 -15
package/frontend/src/assets/logos/insforge_light.svg +15 -15
package/frontend/src/assets/logos/instagram.svg +1 -1
package/frontend/src/assets/logos/linkedin.svg +3 -3
package/frontend/src/assets/logos/openai.svg +10 -10
package/frontend/src/assets/logos/roo_code.svg +9 -9
package/frontend/src/assets/logos/spotify.svg +16 -16
package/frontend/src/assets/logos/tiktok.svg +5 -5
package/frontend/src/assets/logos/trae.svg +3 -3
package/frontend/src/assets/logos/windsurf.svg +10 -10
package/frontend/src/assets/logos/x.svg +3 -3
package/frontend/src/components/layout/AppHeader.tsx +9 -10
package/frontend/src/features/auth/components/OAuthConfigDialog.tsx +1 -0
package/frontend/src/features/auth/components/UsersDataGrid.tsx +6 -0
package/frontend/src/features/auth/helpers.tsx +8 -0
package/frontend/src/features/auth/{page → pages}/UsersPage.tsx +0 -28
package/frontend/src/features/database/components/SQLModal.tsx +75 -0
package/frontend/src/features/database/components/TableForm.tsx +0 -4
package/frontend/src/features/database/hooks/useDatabase.ts +66 -0
package/frontend/src/features/database/hooks/useTables.ts +32 -28
package/frontend/src/features/database/index.ts +1 -0
package/frontend/src/features/database/{page → pages}/FunctionsPage.tsx +29 -37
package/frontend/src/features/database/{page → pages}/IndexesPage.tsx +35 -47
package/frontend/src/features/database/{page → pages}/PoliciesPage.tsx +43 -54
package/frontend/src/features/database/{page → pages}/TablesPage.tsx +0 -42
package/frontend/src/features/database/{page → pages}/TriggersPage.tsx +35 -47
package/frontend/src/features/database/services/advance.service.ts +0 -26
package/frontend/src/features/database/services/database.service.ts +55 -0
package/frontend/src/features/database/services/table.service.ts +0 -6
package/frontend/src/features/functions/{page → pages}/FunctionsPage.tsx +21 -44
package/frontend/src/features/functions/{page → pages}/SecretsPage.tsx +11 -9
package/frontend/src/features/logs/hooks/useMcpUsage.ts +13 -66
package/frontend/src/features/realtime/components/ChannelRow.tsx +83 -0
package/frontend/src/features/realtime/components/EditChannelModal.tsx +246 -0
package/frontend/src/features/realtime/components/MessageRow.tsx +85 -0
package/frontend/src/features/realtime/components/RealtimeEmptyState.tsx +30 -0
package/frontend/src/features/realtime/hooks/useRealtime.ts +218 -0
package/frontend/src/features/realtime/index.ts +11 -0
package/frontend/src/features/realtime/pages/RealtimeChannelsPage.tsx +172 -0
package/frontend/src/features/realtime/pages/RealtimeMessagesPage.tsx +211 -0
package/frontend/src/features/realtime/pages/RealtimePermissionsPage.tsx +191 -0
package/frontend/src/features/realtime/services/realtime.service.ts +107 -0
package/frontend/src/features/storage/{page → pages}/StoragePage.tsx +1 -29
package/frontend/src/features/visualizer/components/SchemaVisualizer.tsx +3 -3
package/frontend/src/features/visualizer/{page → pages}/VisualizerPage.tsx +1 -35
package/frontend/src/lib/contexts/SocketContext.tsx +119 -75
package/frontend/src/lib/routing/AppRoutes.tsx +35 -20
package/frontend/src/lib/utils/cloudMessaging.ts +1 -1
package/frontend/src/lib/utils/menuItems.ts +24 -0
package/frontend/src/lib/utils/utils.ts +14 -1
package/frontend/tsconfig.json +25 -25
package/frontend/tsconfig.node.json +9 -9
package/functions/deno.json +24 -24
package/functions/server.ts +315 -315
package/i18n/README.ar.md +130 -130
package/i18n/README.de.md +130 -130
package/i18n/README.es.md +154 -154
package/i18n/README.fr.md +134 -134
package/i18n/README.hi.md +129 -129
package/i18n/README.ja.md +174 -174
package/i18n/README.ko.md +136 -136
package/i18n/README.pt-BR.md +131 -131
package/i18n/README.ru.md +129 -129
package/i18n/README.zh-CN.md +133 -133
package/openapi/ai.yaml +715 -715
package/openapi/auth.yaml +1244 -1244
package/openapi/email.yaml +158 -0
package/openapi/functions.yaml +475 -475
package/openapi/health.yaml +29 -29
package/openapi/logs.yaml +223 -223
package/openapi/metadata.yaml +177 -177
package/openapi/realtime.yaml +699 -0
package/openapi/records.yaml +381 -381
package/openapi/secrets.yaml +370 -370
package/openapi/storage.yaml +875 -875
package/openapi/tables.yaml +463 -463
package/package.json +97 -97
package/shared-schemas/package.json +31 -31
package/shared-schemas/src/ai.schema.ts +63 -59
package/shared-schemas/src/auth-api.schema.ts +352 -339
package/shared-schemas/src/auth.schema.ts +1 -1
package/shared-schemas/src/database-api.schema.ts +32 -1
package/shared-schemas/src/database.schema.ts +39 -0
package/shared-schemas/src/docs.schema.ts +26 -0
package/shared-schemas/src/email-api.schema.ts +30 -0
package/shared-schemas/src/index.ts +4 -0
package/shared-schemas/src/metadata.schema.ts +9 -0
package/shared-schemas/src/realtime-api.schema.ts +111 -0
package/shared-schemas/src/realtime.schema.ts +143 -0
package/shared-schemas/tsconfig.json +21 -21
package/tsconfig.json +7 -7
package/zeabur/README.md +13 -13
package/zeabur/template.yml +1032 -1032
package/.cursor/rules/cursor-rules.mdc +0 -94
package/frontend/src/features/database/hooks/useFullMetadata.ts +0 -18
package/test-gemini.sh +0 -35
package/test-usage-admin.sh +0 -57
package/test-usage.sh +0 -50
/package/frontend/src/features/ai/{page → pages}/AIPage.tsx +0 -0
/package/frontend/src/features/auth/{page → pages}/AuthMethodsPage.tsx +0 -0
/package/frontend/src/features/auth/{page → pages}/ConfigurationPage.tsx +0 -0
/package/frontend/src/features/dashboard/{page → pages}/DashboardPage.tsx +0 -0
/package/frontend/src/features/database/{page → pages}/SQLEditorPage.tsx +0 -0
/package/frontend/src/features/database/{page → pages}/TemplatesPage.tsx +0 -0
/package/frontend/src/features/login/{page → pages}/CloudLoginPage.tsx +0 -0
/package/frontend/src/features/login/{page → pages}/LoginPage.tsx +0 -0
/package/frontend/src/features/logs/{page → pages}/AuditsPage.tsx +0 -0
/package/frontend/src/features/logs/{page → pages}/LogsPage.tsx +0 -0
/package/frontend/src/features/logs/{page → pages}/MCPLogsPage.tsx +0 -0

package/shared-schemas/src/auth-api.schema.ts CHANGED Viewed

@@ -1,339 +1,352 @@
-import { z } from 'zod';
-import {
-  emailSchema,
-  passwordSchema,
-  nameSchema,
-  userIdSchema,
-  roleSchema,
-  userSchema,
-  oAuthConfigSchema,
-  oAuthProvidersSchema,
-  authConfigSchema,
-} from './auth.schema';
-// ============================================================================
-// Common schemas
-// ============================================================================
-/**
- * Pagination parameters shared across list endpoints
- */
-export const paginationSchema = z.object({
-  limit: z.string().optional(),
-  offset: z.string().optional(),
-});
-/**
- * POST /api/auth/users - Create user
- */
-export const createUserRequestSchema = z.object({
-  email: emailSchema,
-  password: passwordSchema,
-  name: nameSchema.optional(),
-});
-/**
- * POST /api/auth/sessions - Create session
- */
-export const createSessionRequestSchema = z.object({
-  email: emailSchema,
-  password: passwordSchema,
-});
-/**
- * POST /api/auth/admin/sessions - Create admin session
- */
-export const createAdminSessionRequestSchema = createSessionRequestSchema;
-export const exchangeAdminSessionRequestSchema = z.object({
-  code: z.string(),
-});
-/**
- * GET /api/auth/users - List users (query parameters)
- */
-export const listUsersRequestSchema = paginationSchema
-  .extend({
-    search: z.string().optional(),
-  })
-  .optional();
-/**
- * DELETE /api/auth/users - Delete users (batch)
- */
-export const deleteUsersRequestSchema = z.object({
-  userIds: z.array(userIdSchema).min(1, 'At least one user ID is required'),
-});
-/**
- * POST /api/auth/email/send-verification - Send verification email (code or link based on config)
- */
-export const sendVerificationEmailRequestSchema = z.object({
-  email: emailSchema,
-});
-/**
- * POST /api/auth/email/verify - Verify email with OTP
- * Uses verifyEmailMethod from auth config to determine verification type:
- * - 'code': expects email + 6-digit numeric code
- * - 'link': expects 64-char hex token only
- */
-export const verifyEmailRequestSchema = z
-  .object({
-    email: emailSchema.optional(),
-    otp: z.string().min(1),
-  })
-  .refine((data) => data.email || data.otp, {
-    message: 'Either email or otp must be provided',
-  });
-/**
- * POST /api/auth/email/send-reset-password - Send reset password email (code or link based on config)
- */
-export const sendResetPasswordEmailRequestSchema = z.object({
-  email: emailSchema,
-});
-/**
- * POST /api/auth/email/exchange-reset-password-token - Exchange reset password code for reset token
- * Used in two-step password reset flow (code method only): exchange code for token, then reset password with token
- */
-export const exchangeResetPasswordTokenRequestSchema = z.object({
-  email: emailSchema,
-  code: z.string().min(1),
-});
-/**
- * POST /api/auth/email/reset-password - Reset password with token
- * Token can be:
- * - Magic link token (from send-reset-password endpoint when method is 'link')
- * - Reset token (from exchange-reset-password-token endpoint after code verification)
- * Both use RESET_PASSWORD purpose and are verified the same way
- */
-export const resetPasswordRequestSchema = z.object({
-  newPassword: passwordSchema,
-  otp: z.string().min(1, 'OTP/token is required'),
-});
-// ============================================================================
-// Response schemas
-// ============================================================================
-/**
- * Response for POST /api/auth/users
- * Includes optional redirectTo URL when user is successfully registered and email verification is not required
- */
-export const createUserResponseSchema = z.object({
-  user: userSchema.optional(),
-  accessToken: z.string().nullable(),
-  requireEmailVerification: z.boolean().optional(),
-  redirectTo: z.string().url().optional(),
-});
-/**
- * Response for POST /api/auth/sessions
- * Includes user and access token, plus optional redirectTo URL for frontend navigation
- */
-export const createSessionResponseSchema = z.object({
-  user: userSchema,
-  accessToken: z.string(),
-  redirectTo: z.string().url().optional(),
-});
-/**
- * Response for POST /api/auth/email/verify
- * Includes user and access token, plus optional redirectTo URL for frontend navigation
- */
-export const verifyEmailResponseSchema = z.object({
-  user: userSchema,
-  accessToken: z.string(),
-  redirectTo: z.string().url().optional(),
-});
-/**
- * Response for POST /api/auth/email/exchange-reset-password-token
- * Returns reset token that can be used to reset password
- */
-export const exchangeResetPasswordTokenResponseSchema = z.object({
-  token: z.string(),
-  expiresAt: z.string().datetime(),
-});
-/**
- * Response for POST /api/auth/email/reset-password
- * Includes success message
- */
-export const resetPasswordResponseSchema = z.object({
-  message: z.string(),
-});
-/**
- * Response for POST /api/auth/admin/sessions
- */
-export const createAdminSessionResponseSchema = createUserResponseSchema;
-/**
- * Response for GET /api/auth/sessions/current
- */
-export const getCurrentSessionResponseSchema = z.object({
-  user: z.object({
-    id: userIdSchema,
-    email: emailSchema,
-    role: roleSchema,
-  }),
-});
-/**
- * Response for GET /api/auth/users
- */
-export const listUsersResponseSchema = z.object({
-  data: z.array(userSchema),
-  pagination: z.object({
-    offset: z.number(),
-    limit: z.number(),
-    total: z.number(),
-  }),
-});
-/**
- * Response for DELETE /api/auth/users
- */
-export const deleteUsersResponseSchema = z.object({
-  message: z.string(),
-  deletedCount: z.number().int().nonnegative(),
-});
-/**
- * Response for GET /api/auth/v1/google-auth and GET /api/auth/v1/github-auth
- */
-export const getOauthUrlResponseSchema = z.object({
-  authUrl: z.string().url(),
-});
-// ============================================================================
-// OAuth Configuration Management schemas
-// ============================================================================
-/**
- * POST /api/auth/oauth/configs - Create OAuth configuration
- */
-export const createOAuthConfigRequestSchema = oAuthConfigSchema
-  .omit({
-    id: true,
-    createdAt: true,
-    updatedAt: true,
-  })
-  .extend({
-    clientSecret: z.string().optional(),
-  });
-/**
- * PUT /api/auth/oauth/configs/:provider - Update OAuth configuration
- */
-export const updateOAuthConfigRequestSchema = oAuthConfigSchema
-  .omit({
-    id: true,
-    provider: true,
-    createdAt: true,
-    updatedAt: true,
-  })
-  .extend({
-    clientSecret: z.string().optional(),
-  })
-  .partial();
-/**
- * Response for GET /api/auth/oauth/configs
- */
-export const listOAuthConfigsResponseSchema = z.object({
-  data: z.array(oAuthConfigSchema),
-  count: z.number(),
-});
-// ============================================================================
-// Authentication Configuration schemas
-// ============================================================================
-/**
- * PUT /api/auth/config - Update authentication configuration
- */
-export const updateAuthConfigRequestSchema = authConfigSchema
-  .omit({
-    id: true,
-    createdAt: true,
-    updatedAt: true,
-  })
-  .partial();
-/**
- * Response for GET /api/auth/config
- */
-export const getAuthConfigResponseSchema = authConfigSchema;
-/**
- * Response for GET /api/auth/public-config - Unified public auth configuration endpoint
- * Combines OAuth providers and email auth configuration
- */
-export const getPublicAuthConfigResponseSchema = z.object({
-  oAuthProviders: z.array(oAuthProvidersSchema),
-  ...authConfigSchema.omit({
-    id: true,
-    updatedAt: true,
-    createdAt: true,
-    signInRedirectTo: true,
-  }).shape,
-});
-// ============================================================================
-// Error response schema
-// ============================================================================
-/**
- * Standard error response format for auth endpoints
- */
-export const authErrorResponseSchema = z.object({
-  error: z.string(),
-  message: z.string(),
-  statusCode: z.number().int(),
-  nextActions: z.string().optional(),
-});
-// ============================================================================
-// Type exports
-// ============================================================================
-// Request types for type-safe request handling
-export type CreateUserRequest = z.infer<typeof createUserRequestSchema>;
-export type CreateSessionRequest = z.infer<typeof createSessionRequestSchema>;
-export type CreateAdminSessionRequest = z.infer<typeof createAdminSessionRequestSchema>;
-export type ListUsersRequest = z.infer<typeof listUsersRequestSchema>;
-export type DeleteUsersRequest = z.infer<typeof deleteUsersRequestSchema>;
-export type CreateOAuthConfigRequest = z.infer<typeof createOAuthConfigRequestSchema>;
-export type UpdateOAuthConfigRequest = z.infer<typeof updateOAuthConfigRequestSchema>;
-export type UpdateAuthConfigRequest = z.infer<typeof updateAuthConfigRequestSchema>;
-export type SendVerificationEmailRequest = z.infer<typeof sendVerificationEmailRequestSchema>;
-export type VerifyEmailRequest = z.infer<typeof verifyEmailRequestSchema>;
-export type SendResetPasswordEmailRequest = z.infer<typeof sendResetPasswordEmailRequestSchema>;
-export type ExchangeResetPasswordTokenRequest = z.infer<
-  typeof exchangeResetPasswordTokenRequestSchema
->;
-export type ResetPasswordRequest = z.infer<typeof resetPasswordRequestSchema>;
-// Response types for type-safe responses
-export type CreateUserResponse = z.infer<typeof createUserResponseSchema>;
-export type CreateSessionResponse = z.infer<typeof createSessionResponseSchema>;
-export type VerifyEmailResponse = z.infer<typeof verifyEmailResponseSchema>;
-export type ExchangeResetPasswordTokenResponse = z.infer<
-  typeof exchangeResetPasswordTokenResponseSchema
->;
-export type ResetPasswordResponse = z.infer<typeof resetPasswordResponseSchema>;
-export type CreateAdminSessionResponse = z.infer<typeof createAdminSessionResponseSchema>;
-export type GetCurrentSessionResponse = z.infer<typeof getCurrentSessionResponseSchema>;
-export type ListUsersResponse = z.infer<typeof listUsersResponseSchema>;
-export type DeleteUsersResponse = z.infer<typeof deleteUsersResponseSchema>;
-export type GetOauthUrlResponse = z.infer<typeof getOauthUrlResponseSchema>;
-export type ListOAuthConfigsResponse = z.infer<typeof listOAuthConfigsResponseSchema>;
-export type GetAuthConfigResponse = z.infer<typeof getAuthConfigResponseSchema>;
-export type GetPublicAuthConfigResponse = z.infer<typeof getPublicAuthConfigResponseSchema>;
-export type AuthErrorResponse = z.infer<typeof authErrorResponseSchema>;
+import { z } from 'zod';
+import {
+  emailSchema,
+  passwordSchema,
+  nameSchema,
+  userIdSchema,
+  roleSchema,
+  userSchema,
+  oAuthConfigSchema,
+  oAuthProvidersSchema,
+  authConfigSchema,
+} from './auth.schema';
+// ============================================================================
+// Common schemas
+// ============================================================================
+/**
+ * Pagination parameters shared across list endpoints
+ */
+export const paginationSchema = z.object({
+  limit: z.string().optional(),
+  offset: z.string().optional(),
+});
+/**
+ * POST /api/auth/users - Create user
+ */
+export const createUserRequestSchema = z.object({
+  email: emailSchema,
+  password: passwordSchema,
+  name: nameSchema.optional(),
+});
+/**
+ * POST /api/auth/sessions - Create session
+ */
+export const createSessionRequestSchema = z.object({
+  email: emailSchema,
+  password: passwordSchema,
+});
+/**
+ * POST /api/auth/admin/sessions - Create admin session
+ */
+export const createAdminSessionRequestSchema = createSessionRequestSchema;
+export const exchangeAdminSessionRequestSchema = z.object({
+  code: z.string(),
+});
+/**
+ * GET /api/auth/users - List users (query parameters)
+ */
+export const listUsersRequestSchema = paginationSchema
+  .extend({
+    search: z.string().optional(),
+  })
+  .optional();
+/**
+ * DELETE /api/auth/users - Delete users (batch)
+ */
+export const deleteUsersRequestSchema = z.object({
+  userIds: z.array(userIdSchema).min(1, 'At least one user ID is required'),
+});
+/**
+ * POST /api/auth/email/send-verification - Send verification email (code or link based on config)
+ */
+export const sendVerificationEmailRequestSchema = z.object({
+  email: emailSchema,
+});
+/**
+ * POST /api/auth/email/verify - Verify email with OTP
+ * Uses verifyEmailMethod from auth config to determine verification type:
+ * - 'code': expects email + 6-digit numeric code
+ * - 'link': expects 64-char hex token only
+ */
+export const verifyEmailRequestSchema = z
+  .object({
+    email: emailSchema.optional(),
+    otp: z.string().min(1),
+  })
+  .refine((data) => data.email || data.otp, {
+    message: 'Either email or otp must be provided',
+  });
+/**
+ * POST /api/auth/email/send-reset-password - Send reset password email (code or link based on config)
+ */
+export const sendResetPasswordEmailRequestSchema = z.object({
+  email: emailSchema,
+});
+/**
+ * POST /api/auth/email/exchange-reset-password-token - Exchange reset password code for reset token
+ * Used in two-step password reset flow (code method only): exchange code for token, then reset password with token
+ */
+export const exchangeResetPasswordTokenRequestSchema = z.object({
+  email: emailSchema,
+  code: z.string().min(1),
+});
+/**
+ * POST /api/auth/email/reset-password - Reset password with token
+ * Token can be:
+ * - Magic link token (from send-reset-password endpoint when method is 'link')
+ * - Reset token (from exchange-reset-password-token endpoint after code verification)
+ * Both use RESET_PASSWORD purpose and are verified the same way
+ */
+export const resetPasswordRequestSchema = z.object({
+  newPassword: passwordSchema,
+  otp: z.string().min(1, 'OTP/token is required'),
+});
+// ============================================================================
+// Response schemas
+// ============================================================================
+/**
+ * Response for POST /api/auth/users
+ * Includes optional redirectTo URL when user is successfully registered and email verification is not required
+ */
+export const createUserResponseSchema = z.object({
+  user: userSchema.optional(),
+  accessToken: z.string().nullable(),
+  requireEmailVerification: z.boolean().optional(),
+  redirectTo: z.string().url().optional(),
+  csrfToken: z.string().nullable().optional(),
+});
+/**
+ * Response for POST /api/auth/sessions
+ * Includes user and access token, plus optional redirectTo URL for frontend navigation
+ */
+export const createSessionResponseSchema = z.object({
+  user: userSchema,
+  accessToken: z.string(),
+  redirectTo: z.string().url().optional(),
+  csrfToken: z.string().nullable().optional(),
+});
+/**
+ * Response for POST /api/auth/email/verify
+ * Includes user and access token, plus optional redirectTo URL for frontend navigation
+ */
+export const verifyEmailResponseSchema = z.object({
+  user: userSchema,
+  accessToken: z.string(),
+  redirectTo: z.string().url().optional(),
+  csrfToken: z.string().nullable().optional(),
+});
+/**
+ * Response for POST /api/auth/refresh
+ * Returns new access token and CSRF token after token refresh
+ */
+export const refreshSessionResponseSchema = z.object({
+  accessToken: z.string(),
+  user: userSchema,
+  csrfToken: z.string(),
+});
+/**
+ * Response for POST /api/auth/email/exchange-reset-password-token
+ * Returns reset token that can be used to reset password
+ */
+export const exchangeResetPasswordTokenResponseSchema = z.object({
+  token: z.string(),
+  expiresAt: z.string().datetime(),
+});
+/**
+ * Response for POST /api/auth/email/reset-password
+ * Includes success message
+ */
+export const resetPasswordResponseSchema = z.object({
+  message: z.string(),
+});
+/**
+ * Response for POST /api/auth/admin/sessions
+ */
+export const createAdminSessionResponseSchema = createUserResponseSchema;
+/**
+ * Response for GET /api/auth/sessions/current
+ */
+export const getCurrentSessionResponseSchema = z.object({
+  user: z.object({
+    id: userIdSchema,
+    email: emailSchema,
+    role: roleSchema,
+  }),
+});
+/**
+ * Response for GET /api/auth/users
+ */
+export const listUsersResponseSchema = z.object({
+  data: z.array(userSchema),
+  pagination: z.object({
+    offset: z.number(),
+    limit: z.number(),
+    total: z.number(),
+  }),
+});
+/**
+ * Response for DELETE /api/auth/users
+ */
+export const deleteUsersResponseSchema = z.object({
+  message: z.string(),
+  deletedCount: z.number().int().nonnegative(),
+});
+/**
+ * Response for GET /api/auth/v1/google-auth and GET /api/auth/v1/github-auth
+ */
+export const getOauthUrlResponseSchema = z.object({
+  authUrl: z.string().url(),
+});
+// ============================================================================
+// OAuth Configuration Management schemas
+// ============================================================================
+/**
+ * POST /api/auth/oauth/configs - Create OAuth configuration
+ */
+export const createOAuthConfigRequestSchema = oAuthConfigSchema
+  .omit({
+    id: true,
+    createdAt: true,
+    updatedAt: true,
+  })
+  .extend({
+    clientSecret: z.string().optional(),
+  });
+/**
+ * PUT /api/auth/oauth/configs/:provider - Update OAuth configuration
+ */
+export const updateOAuthConfigRequestSchema = oAuthConfigSchema
+  .omit({
+    id: true,
+    provider: true,
+    createdAt: true,
+    updatedAt: true,
+  })
+  .extend({
+    clientSecret: z.string().optional(),
+  })
+  .partial();
+/**
+ * Response for GET /api/auth/oauth/configs
+ */
+export const listOAuthConfigsResponseSchema = z.object({
+  data: z.array(oAuthConfigSchema),
+  count: z.number(),
+});
+// ============================================================================
+// Authentication Configuration schemas
+// ============================================================================
+/**
+ * PUT /api/auth/config - Update authentication configuration
+ */
+export const updateAuthConfigRequestSchema = authConfigSchema
+  .omit({
+    id: true,
+    createdAt: true,
+    updatedAt: true,
+  })
+  .partial();
+/**
+ * Response for GET /api/auth/config
+ */
+export const getAuthConfigResponseSchema = authConfigSchema;
+/**
+ * Response for GET /api/auth/public-config - Unified public auth configuration endpoint
+ * Combines OAuth providers and email auth configuration
+ */
+export const getPublicAuthConfigResponseSchema = z.object({
+  oAuthProviders: z.array(oAuthProvidersSchema),
+  ...authConfigSchema.omit({
+    id: true,
+    updatedAt: true,
+    createdAt: true,
+    signInRedirectTo: true,
+  }).shape,
+});
+// ============================================================================
+// Error response schema
+// ============================================================================
+/**
+ * Standard error response format for auth endpoints
+ */
+export const authErrorResponseSchema = z.object({
+  error: z.string(),
+  message: z.string(),
+  statusCode: z.number().int(),
+  nextActions: z.string().optional(),
+});
+// ============================================================================
+// Type exports
+// ============================================================================
+// Request types for type-safe request handling
+export type CreateUserRequest = z.infer<typeof createUserRequestSchema>;
+export type CreateSessionRequest = z.infer<typeof createSessionRequestSchema>;
+export type CreateAdminSessionRequest = z.infer<typeof createAdminSessionRequestSchema>;
+export type ListUsersRequest = z.infer<typeof listUsersRequestSchema>;
+export type DeleteUsersRequest = z.infer<typeof deleteUsersRequestSchema>;
+export type CreateOAuthConfigRequest = z.infer<typeof createOAuthConfigRequestSchema>;
+export type UpdateOAuthConfigRequest = z.infer<typeof updateOAuthConfigRequestSchema>;
+export type UpdateAuthConfigRequest = z.infer<typeof updateAuthConfigRequestSchema>;
+export type SendVerificationEmailRequest = z.infer<typeof sendVerificationEmailRequestSchema>;
+export type VerifyEmailRequest = z.infer<typeof verifyEmailRequestSchema>;
+export type SendResetPasswordEmailRequest = z.infer<typeof sendResetPasswordEmailRequestSchema>;
+export type ExchangeResetPasswordTokenRequest = z.infer<
+  typeof exchangeResetPasswordTokenRequestSchema
+>;
+export type ResetPasswordRequest = z.infer<typeof resetPasswordRequestSchema>;
+// Response types for type-safe responses
+export type CreateUserResponse = z.infer<typeof createUserResponseSchema>;
+export type CreateSessionResponse = z.infer<typeof createSessionResponseSchema>;
+export type VerifyEmailResponse = z.infer<typeof verifyEmailResponseSchema>;
+export type ExchangeResetPasswordTokenResponse = z.infer<
+  typeof exchangeResetPasswordTokenResponseSchema
+>;
+export type ResetPasswordResponse = z.infer<typeof resetPasswordResponseSchema>;
+export type CreateAdminSessionResponse = z.infer<typeof createAdminSessionResponseSchema>;
+export type GetCurrentSessionResponse = z.infer<typeof getCurrentSessionResponseSchema>;
+export type ListUsersResponse = z.infer<typeof listUsersResponseSchema>;
+export type DeleteUsersResponse = z.infer<typeof deleteUsersResponseSchema>;
+export type GetOauthUrlResponse = z.infer<typeof getOauthUrlResponseSchema>;
+export type ListOAuthConfigsResponse = z.infer<typeof listOAuthConfigsResponseSchema>;
+export type GetAuthConfigResponse = z.infer<typeof getAuthConfigResponseSchema>;
+export type GetPublicAuthConfigResponse = z.infer<typeof getPublicAuthConfigResponseSchema>;
+export type AuthErrorResponse = z.infer<typeof authErrorResponseSchema>;