maestro-flow 0.3.0 → 0.3.2

package/dist/routes/members.js

@@ -1,114 +0,0 @@
-import { Hono } from 'hono';
-import { eq, and } from 'drizzle-orm';
-import { users } from '../db/schema/core/users.js';
-import { organizationMembers } from '../db/schema/core/organizations.js';
-import { requireAuth } from '../middleware/auth.js';
-import { createTenantMiddleware } from '../middleware/tenant.js';
-import { requirePermission } from '../middleware/permission.js';
-import { validateBody, inviteMemberSchema, updateRoleSchema } from '../middleware/validation.js';
-export function createMemberRoutes(db, tenantManager) {
-    const memberRoutes = new Hono();
-    const tenantMiddleware = createTenantMiddleware(db, tenantManager);
-    // POST /invite — Invite a member
-    memberRoutes.post('/invite', requireAuth(), tenantMiddleware, requirePermission('member', 'invite'), validateBody(inviteMemberSchema), async (c) => {
-        const tenant = c.get('tenant');
-        const { email, role } = c.get('validatedBody');
-        // Find user by email
-        const targetUser = await db.query.users.findFirst({
-            where: eq(users.email, email),
-        });
-        if (!targetUser) {
-            return c.json({ error: 'User not found' }, 404);
-        }
-        // Check if already a member
-        const existing = await db.query.organizationMembers.findFirst({
-            where: and(eq(organizationMembers.orgId, tenant.orgId), eq(organizationMembers.userId, targetUser.id)),
-        });
-        if (existing) {
-            return c.json({ error: 'User is already a member' }, 409);
-        }
-        // Add member
-        await db.insert(organizationMembers).values({
-            orgId: tenant.orgId,
-            userId: targetUser.id,
-            role,
-        });
-        return c.json({
-            member: {
-                userId: targetUser.id,
-                email: targetUser.email,
-                displayName: targetUser.displayName,
-                role,
-            },
-        }, 201);
-    });
-    // GET / — List members
-    memberRoutes.get('/', requireAuth(), tenantMiddleware, async (c) => {
-        const tenant = c.get('tenant');
-        const members = await db.query.organizationMembers.findMany({
-            where: eq(organizationMembers.orgId, tenant.orgId),
-            with: {
-                user: {
-                    columns: {
-                        id: true,
-                        email: true,
-                        displayName: true,
-                        avatarUrl: true,
-                    },
-                },
-            },
-        });
-        return c.json({ members });
-    });
-    // PATCH /:memberId/role — Update member role
-    memberRoutes.patch('/:memberId/role', requireAuth(), tenantMiddleware, requirePermission('member', 'role'), validateBody(updateRoleSchema), async (c) => {
-        const tenant = c.get('tenant');
-        const { role } = c.get('validatedBody');
-        const memberId = c.req.param('memberId') ?? '';
-        // Find target membership
-        const targetMembership = await db.query.organizationMembers.findFirst({
-            where: and(eq(organizationMembers.id, memberId), eq(organizationMembers.orgId, tenant.orgId)),
-        });
-        if (!targetMembership) {
-            return c.json({ error: 'Member not found' }, 404);
-        }
-        // Cannot modify owner role
-        if (targetMembership.role === 'owner') {
-            return c.json({ error: 'Cannot modify owner role' }, 403);
-        }
-        // Update role
-        await db
-            .update(organizationMembers)
-            .set({ role })
-            .where(eq(organizationMembers.id, memberId));
-        return c.json({
-            member: {
-                ...targetMembership,
-                role,
-            },
-        });
-    });
-    // DELETE /:memberId — Remove member
-    memberRoutes.delete('/:memberId', requireAuth(), tenantMiddleware, requirePermission('member', 'remove'), async (c) => {
-        const tenant = c.get('tenant');
-        const memberId = c.req.param('memberId') ?? '';
-        // Find target membership
-        const targetMembership = await db.query.organizationMembers.findFirst({
-            where: and(eq(organizationMembers.id, memberId), eq(organizationMembers.orgId, tenant.orgId)),
-        });
-        if (!targetMembership) {
-            return c.json({ error: 'Member not found' }, 404);
-        }
-        // Cannot remove owner
-        if (targetMembership.role === 'owner') {
-            return c.json({ error: 'Cannot remove owner' }, 403);
-        }
-        // Remove member
-        await db
-            .delete(organizationMembers)
-            .where(eq(organizationMembers.id, memberId));
-        return c.json({ message: 'Member removed' });
-    });
-    return memberRoutes;
-}
-//# sourceMappingURL=members.js.map

package/dist/routes/members.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"members.js","sourceRoot":"","sources":["../../src/routes/members.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,aAAa,CAAC;AACtC,OAAO,EAAE,KAAK,EAAE,MAAM,4BAA4B,CAAC;AACnD,OAAO,EAAE,mBAAmB,EAAiB,MAAM,oCAAoC,CAAC;AACxF,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AACpD,OAAO,EAAE,sBAAsB,EAAE,MAAM,yBAAyB,CAAC;AACjE,OAAO,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAC;AAChE,OAAO,EAAE,YAAY,EAAE,kBAAkB,EAAE,gBAAgB,EAAE,MAAM,6BAA6B,CAAC;AAGjG,MAAM,UAAU,kBAAkB,CAChC,EAAO,EACP,aAAsC;IAEtC,MAAM,YAAY,GAAG,IAAI,IAAI,EAAE,CAAC;IAChC,MAAM,gBAAgB,GAAG,sBAAsB,CAAC,EAAE,EAAE,aAAa,CAAC,CAAC;IAEnE,iCAAiC;IACjC,YAAY,CAAC,IAAI,CACf,SAAS,EACT,WAAW,EAAE,EACb,gBAAgB,EAChB,iBAAiB,CAAC,QAAQ,EAAE,QAAQ,CAAC,EACrC,YAAY,CAAC,kBAAkB,CAAC,EAChC,KAAK,EAAE,CAAC,EAAE,EAAE;QACV,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC/B,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QAE/C,qBAAqB;QACrB,MAAM,UAAU,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,SAAS,CAAC;YAChD,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,KAAK,EAAE,KAAK,CAAC;SAC9B,CAAC,CAAC;QACH,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,gBAAgB,EAAE,EAAE,GAAG,CAAC,CAAC;QAClD,CAAC;QAED,4BAA4B;QAC5B,MAAM,QAAQ,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,SAAS,CAAC;YAC5D,KAAK,EAAE,GAAG,CACR,EAAE,CAAC,mBAAmB,CAAC,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,EAC3C,EAAE,CAAC,mBAAmB,CAAC,MAAM,EAAE,UAAU,CAAC,EAAE,CAAC,CAC9C;SACF,CAAC,CAAC;QACH,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,0BAA0B,EAAE,EAAE,GAAG,CAAC,CAAC;QAC5D,CAAC;QAED,aAAa;QACb,MAAM,EAAE,CAAC,MAAM,CAAC,mBAAmB,CAAC,CAAC,MAAM,CAAC;YAC1C,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,MAAM,EAAE,UAAU,CAAC,EAAE;YACrB,IAAI;SACL,CAAC,CAAC;QAEH,OAAO,CAAC,CAAC,IAAI,CACX;YACE,MAAM,EAAE;gBACN,MAAM,EAAE,UAAU,CAAC,EAAE;gBACrB,KAAK,EAAE,UAAU,CAAC,KAAK;gBACvB,WAAW,EAAE,UAAU,CAAC,WAAW;gBACnC,IAAI;aACL;SACF,EACD,GAAG,CACJ,CAAC;IACJ,CAAC,CACF,CAAC;IAEF,uBAAuB;IACvB,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,WAAW,EAAE,EAAE,gBAAgB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACjE,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC/B,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,QAAQ,CAAC;YAC1D,KAAK,EAAE,EAAE,CAAC,mBAAmB,CAAC,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC;YAClD,IAAI,EAAE;gBACJ,IAAI,EAAE;oBACJ,OAAO,EAAE;wBACP,EAAE,EAAE,IAAI;wBACR,KAAK,EAAE,IAAI;wBACX,WAAW,EAAE,IAAI;wBACjB,SAAS,EAAE,IAAI;qBAChB;iBACF;aACF;SACF,CAAC,CAAC;QAEH,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC;IAC7B,CAAC,CAAC,CAAC;IAEH,6CAA6C;IAC7C,YAAY,CAAC,KAAK,CAChB,iBAAiB,EACjB,WAAW,EAAE,EACb,gBAAgB,EAChB,iBAAiB,CAAC,QAAQ,EAAE,MAAM,CAAC,EACnC,YAAY,CAAC,gBAAgB,CAAC,EAC9B,KAAK,EAAE,CAAC,EAAE,EAAE;QACV,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC/B,MAAM,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QACxC,MAAM,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC;QAE/C,yBAAyB;QACzB,MAAM,gBAAgB,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,SAAS,CAAC;YACpE,KAAK,EAAE,GAAG,CACR,EAAE,CAAC,mBAAmB,CAAC,EAAE,EAAE,QAAQ,CAAC,EACpC,EAAE,CAAC,mBAAmB,CAAC,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,CAC5C;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACtB,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,kBAAkB,EAAE,EAAE,GAAG,CAAC,CAAC;QACpD,CAAC;QAED,2BAA2B;QAC3B,IAAI,gBAAgB,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;YACtC,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,0BAA0B,EAAE,EAAE,GAAG,CAAC,CAAC;QAC5D,CAAC;QAED,cAAc;QACd,MAAM,EAAE;aACL,MAAM,CAAC,mBAAmB,CAAC;aAC3B,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC;aACb,KAAK,CAAC,EAAE,CAAC,mBAAmB,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAC;QAE/C,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE;gBACN,GAAG,gBAAgB;gBACnB,IAAI;aACL;SACF,CAAC,CAAC;IACL,CAAC,CACF,CAAC;IAEF,oCAAoC;IACpC,YAAY,CAAC,MAAM,CACjB,YAAY,EACZ,WAAW,EAAE,EACb,gBAAgB,EAChB,iBAAiB,CAAC,QAAQ,EAAE,QAAQ,CAAC,EACrC,KAAK,EAAE,CAAC,EAAE,EAAE;QACV,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC/B,MAAM,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC;QAE/C,yBAAyB;QACzB,MAAM,gBAAgB,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,SAAS,CAAC;YACpE,KAAK,EAAE,GAAG,CACR,EAAE,CAAC,mBAAmB,CAAC,EAAE,EAAE,QAAQ,CAAC,EACpC,EAAE,CAAC,mBAAmB,CAAC,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,CAC5C;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACtB,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,kBAAkB,EAAE,EAAE,GAAG,CAAC,CAAC;QACpD,CAAC;QAED,sBAAsB;QACtB,IAAI,gBAAgB,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;YACtC,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,qBAAqB,EAAE,EAAE,GAAG,CAAC,CAAC;QACvD,CAAC;QAED,gBAAgB;QAChB,MAAM,EAAE;aACL,MAAM,CAAC,mBAAmB,CAAC;aAC3B,KAAK,CAAC,EAAE,CAAC,mBAAmB,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAC;QAE/C,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,gBAAgB,EAAE,CAAC,CAAC;IAC/C,CAAC,CACF,CAAC;IAEF,OAAO,YAAY,CAAC;AACtB,CAAC"}

package/dist/routes/organizations.d.ts

@@ -1,5 +0,0 @@
-import { Hono } from 'hono';
-import { TenantConnectionManager } from '../db/connection-pool.js';
-import { TenantMigrator } from '../db/tenant-migrator.js';
-export declare function createOrgRoutes(db: any, tenantManager: TenantConnectionManager, migrator: TenantMigrator): Hono;
-//# sourceMappingURL=organizations.d.ts.map

package/dist/routes/organizations.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"organizations.d.ts","sourceRoot":"","sources":["../../src/routes/organizations.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAO5B,OAAO,EAAE,uBAAuB,EAAE,MAAM,0BAA0B,CAAC;AACnE,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAE1D,wBAAgB,eAAe,CAC7B,EAAE,EAAE,GAAG,EACP,aAAa,EAAE,uBAAuB,EACtC,QAAQ,EAAE,cAAc,GACvB,IAAI,CA2HN"}

package/dist/routes/organizations.js

@@ -1,97 +0,0 @@
-import { Hono } from 'hono';
-import { eq } from 'drizzle-orm';
-import { organizations, organizationMembers } from '../db/schema/core/organizations.js';
-import { requireAuth } from '../middleware/auth.js';
-import { createTenantMiddleware } from '../middleware/tenant.js';
-import { requirePermission } from '../middleware/permission.js';
-import { validateBody, createOrgSchema, updateOrgSchema } from '../middleware/validation.js';
-export function createOrgRoutes(db, tenantManager, migrator) {
-    const orgRoutes = new Hono();
-    const tenantMiddleware = createTenantMiddleware(db, tenantManager);
-    // POST / — Create organization
-    orgRoutes.post('/', requireAuth(), validateBody(createOrgSchema), async (c) => {
-        const user = c.get('user');
-        const { name, slug } = c.get('validatedBody');
-        // Check slug uniqueness
-        const existing = await db.query.organizations.findFirst({
-            where: eq(organizations.slug, slug),
-        });
-        if (existing) {
-            return c.json({ error: 'Organization slug already exists' }, 409);
-        }
-        // Create organization
-        const [org] = await db
-            .insert(organizations)
-            .values({ name, slug, ownerId: user.id })
-            .returning({
-            id: organizations.id,
-            name: organizations.name,
-            slug: organizations.slug,
-        });
-        // Add creator as owner
-        await db.insert(organizationMembers).values({
-            orgId: org.id,
-            userId: user.id,
-            role: 'owner',
-        });
-        // Trigger tenant schema creation
-        try {
-            await tenantManager.createNewTenant(slug, migrator);
-        }
-        catch {
-            // Schema creation may fail if DB not connected; log but don't block
-        }
-        return c.json({
-            organization: {
-                id: org.id,
-                name: org.name,
-                slug: org.slug,
-                role: 'owner',
-            },
-        }, 201);
-    });
-    // GET / — List user's organizations
-    orgRoutes.get('/', requireAuth(), async (c) => {
-        const user = c.get('user');
-        const memberships = await db.query.organizationMembers.findMany({
-            where: eq(organizationMembers.userId, user.id),
-            with: { organization: true },
-        });
-        return c.json({
-            organizations: memberships.map((m) => ({
-                ...m.organization,
-                role: m.role,
-            })),
-        });
-    });
-    // GET /:slug — Get organization details
-    orgRoutes.get('/:slug', requireAuth(), tenantMiddleware, async (c) => {
-        const tenant = c.get('tenant');
-        return c.json({ organization: tenant });
-    });
-    // PATCH /:slug — Update organization
-    orgRoutes.patch('/:slug', requireAuth(), tenantMiddleware, requirePermission('org', 'update'), validateBody(updateOrgSchema), async (c) => {
-        const tenant = c.get('tenant');
-        const { name } = c.get('validatedBody');
-        if (name) {
-            await db
-                .update(organizations)
-                .set({ name, updatedAt: new Date() })
-                .where(eq(organizations.id, tenant.orgId));
-        }
-        return c.json({
-            organization: { ...tenant, name: name || tenant.slug },
-        });
-    });
-    // DELETE /:slug — Soft delete organization
-    orgRoutes.delete('/:slug', requireAuth(), tenantMiddleware, requirePermission('org', 'delete'), async (c) => {
-        const tenant = c.get('tenant');
-        await db
-            .update(organizations)
-            .set({ deletedAt: new Date() })
-            .where(eq(organizations.id, tenant.orgId));
-        return c.json({ message: 'Organization deleted' });
-    });
-    return orgRoutes;
-}
-//# sourceMappingURL=organizations.js.map

package/dist/routes/organizations.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"organizations.js","sourceRoot":"","sources":["../../src/routes/organizations.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,EAAE,EAAE,MAAM,aAAa,CAAC;AACjC,OAAO,EAAE,aAAa,EAAE,mBAAmB,EAAE,MAAM,oCAAoC,CAAC;AACxF,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AACpD,OAAO,EAAE,sBAAsB,EAAE,MAAM,yBAAyB,CAAC;AACjE,OAAO,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAC;AAChE,OAAO,EAAE,YAAY,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAI7F,MAAM,UAAU,eAAe,CAC7B,EAAO,EACP,aAAsC,EACtC,QAAwB;IAExB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,MAAM,gBAAgB,GAAG,sBAAsB,CAAC,EAAE,EAAE,aAAa,CAAC,CAAC;IAEnE,+BAA+B;IAC/B,SAAS,CAAC,IAAI,CACZ,GAAG,EACH,WAAW,EAAE,EACb,YAAY,CAAC,eAAe,CAAC,EAC7B,KAAK,EAAE,CAAC,EAAE,EAAE;QACV,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAC3B,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QAE9C,wBAAwB;QACxB,MAAM,QAAQ,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,aAAa,CAAC,SAAS,CAAC;YACtD,KAAK,EAAE,EAAE,CAAC,aAAa,CAAC,IAAI,EAAE,IAAI,CAAC;SACpC,CAAC,CAAC;QACH,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,kCAAkC,EAAE,EAAE,GAAG,CAAC,CAAC;QACpE,CAAC;QAED,sBAAsB;QACtB,MAAM,CAAC,GAAG,CAAC,GAAG,MAAM,EAAE;aACnB,MAAM,CAAC,aAAa,CAAC;aACrB,MAAM,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC;aACxC,SAAS,CAAC;YACT,EAAE,EAAE,aAAa,CAAC,EAAE;YACpB,IAAI,EAAE,aAAa,CAAC,IAAI;YACxB,IAAI,EAAE,aAAa,CAAC,IAAI;SACzB,CAAC,CAAC;QAEL,uBAAuB;QACvB,MAAM,EAAE,CAAC,MAAM,CAAC,mBAAmB,CAAC,CAAC,MAAM,CAAC;YAC1C,KAAK,EAAE,GAAG,CAAC,EAAE;YACb,MAAM,EAAE,IAAI,CAAC,EAAE;YACf,IAAI,EAAE,OAAO;SACd,CAAC,CAAC;QAEH,iCAAiC;QACjC,IAAI,CAAC;YACH,MAAM,aAAa,CAAC,eAAe,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;QACtD,CAAC;QAAC,MAAM,CAAC;YACP,oEAAoE;QACtE,CAAC;QAED,OAAO,CAAC,CAAC,IAAI,CACX;YACE,YAAY,EAAE;gBACZ,EAAE,EAAE,GAAG,CAAC,EAAE;gBACV,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,IAAI,EAAE,OAAO;aACd;SACF,EACD,GAAG,CACJ,CAAC;IACJ,CAAC,CACF,CAAC;IAEF,oCAAoC;IACpC,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,WAAW,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC5C,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAC3B,MAAM,WAAW,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,QAAQ,CAAC;YAC9D,KAAK,EAAE,EAAE,CAAC,mBAAmB,CAAC,MAAM,EAAE,IAAI,CAAC,EAAE,CAAC;YAC9C,IAAI,EAAE,EAAE,YAAY,EAAE,IAAI,EAAE;SAC7B,CAAC,CAAC;QAEH,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,aAAa,EAAE,WAAW,CAAC,GAAG,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC;gBAC1C,GAAG,CAAC,CAAC,YAAY;gBACjB,IAAI,EAAE,CAAC,CAAC,IAAI;aACb,CAAC,CAAC;SACJ,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,wCAAwC;IACxC,SAAS,CAAC,GAAG,CAAC,QAAQ,EAAE,WAAW,EAAE,EAAE,gBAAgB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACnE,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC/B,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC,CAAC;IAC1C,CAAC,CAAC,CAAC;IAEH,qCAAqC;IACrC,SAAS,CAAC,KAAK,CACb,QAAQ,EACR,WAAW,EAAE,EACb,gBAAgB,EAChB,iBAAiB,CAAC,KAAK,EAAE,QAAQ,CAAC,EAClC,YAAY,CAAC,eAAe,CAAC,EAC7B,KAAK,EAAE,CAAC,EAAE,EAAE;QACV,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC/B,MAAM,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QAExC,IAAI,IAAI,EAAE,CAAC;YACT,MAAM,EAAE;iBACL,MAAM,CAAC,aAAa,CAAC;iBACrB,GAAG,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,EAAE,CAAC;iBACpC,KAAK,CAAC,EAAE,CAAC,aAAa,CAAC,EAAE,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;QAC/C,CAAC;QAED,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,YAAY,EAAE,EAAE,GAAG,MAAM,EAAE,IAAI,EAAE,IAAI,IAAI,MAAM,CAAC,IAAI,EAAE;SACvD,CAAC,CAAC;IACL,CAAC,CACF,CAAC;IAEF,2CAA2C;IAC3C,SAAS,CAAC,MAAM,CACd,QAAQ,EACR,WAAW,EAAE,EACb,gBAAgB,EAChB,iBAAiB,CAAC,KAAK,EAAE,QAAQ,CAAC,EAClC,KAAK,EAAE,CAAC,EAAE,EAAE;QACV,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC/B,MAAM,EAAE;aACL,MAAM,CAAC,aAAa,CAAC;aACrB,GAAG,CAAC,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,EAAE,CAAC;aAC9B,KAAK,CAAC,EAAE,CAAC,aAAa,CAAC,EAAE,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;QAE7C,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,sBAAsB,EAAE,CAAC,CAAC;IACrD,CAAC,CACF,CAAC;IAEF,OAAO,SAAS,CAAC;AACnB,CAAC"}

package/dist/services/auth.service.d.ts

@@ -1,24 +0,0 @@
-export declare class ConflictError extends Error {
-    constructor(message: string);
-}
-interface RegisterInput {
-    email: string;
-    password: string;
-    displayName: string;
-}
-interface RegisterResult {
-    user: {
-        id: string;
-        email: string;
-        displayName: string;
-    };
-    organization: {
-        id: string;
-        name: string;
-        slug: string;
-        role: 'owner';
-    };
-}
-export declare function registerUser(db: any, input: RegisterInput): Promise<RegisterResult>;
-export {};
-//# sourceMappingURL=auth.service.d.ts.map

package/dist/services/auth.service.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"auth.service.d.ts","sourceRoot":"","sources":["../../src/services/auth.service.ts"],"names":[],"mappings":"AAKA,qBAAa,aAAc,SAAQ,KAAK;gBAC1B,OAAO,EAAE,MAAM;CAI5B;AAED,UAAU,aAAa;IACrB,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,UAAU,cAAc;IACtB,IAAI,EAAE;QACJ,EAAE,EAAE,MAAM,CAAC;QACX,KAAK,EAAE,MAAM,CAAC;QACd,WAAW,EAAE,MAAM,CAAC;KACrB,CAAC;IACF,YAAY,EAAE;QACZ,EAAE,EAAE,MAAM,CAAC;QACX,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,OAAO,CAAC;KACf,CAAC;CACH;AAED,wBAAsB,YAAY,CAChC,EAAE,EAAE,GAAG,EACP,KAAK,EAAE,aAAa,GACnB,OAAO,CAAC,cAAc,CAAC,CAgEzB"}

package/dist/services/auth.service.js

@@ -1,70 +0,0 @@
-import { eq } from 'drizzle-orm';
-import { users } from '../db/schema/core/users.js';
-import { organizations, organizationMembers } from '../db/schema/core/organizations.js';
-import { hashPassword } from './password.service.js';
-export class ConflictError extends Error {
-    constructor(message) {
-        super(message);
-        this.name = 'ConflictError';
-    }
-}
-export async function registerUser(db, input) {
-    // Check email uniqueness
-    const existing = await db
-        .select({ id: users.id })
-        .from(users)
-        .where(eq(users.email, input.email))
-        .limit(1);
-    if (existing.length > 0) {
-        throw new ConflictError('Email already registered');
-    }
-    // Hash password
-    const hashedPassword = await hashPassword(input.password);
-    // Create user
-    const [newUser] = await db
-        .insert(users)
-        .values({
-        email: input.email,
-        passwordHash: hashedPassword,
-        displayName: input.displayName,
-    })
-        .returning({
-        id: users.id,
-        email: users.email,
-        displayName: users.displayName,
-    });
-    // Create default organization
-    const slug = 'org-' + newUser.id.slice(0, 8);
-    const [org] = await db
-        .insert(organizations)
-        .values({
-        name: 'My Organization',
-        slug,
-        ownerId: newUser.id,
-    })
-        .returning({
-        id: organizations.id,
-        name: organizations.name,
-        slug: organizations.slug,
-    });
-    // Add user as owner
-    await db.insert(organizationMembers).values({
-        orgId: org.id,
-        userId: newUser.id,
-        role: 'owner',
-    });
-    return {
-        user: {
-            id: newUser.id,
-            email: newUser.email,
-            displayName: newUser.displayName,
-        },
-        organization: {
-            id: org.id,
-            name: org.name,
-            slug: org.slug,
-            role: 'owner',
-        },
-    };
-}
-//# sourceMappingURL=auth.service.js.map

package/dist/services/auth.service.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"auth.service.js","sourceRoot":"","sources":["../../src/services/auth.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,EAAE,EAAE,MAAM,aAAa,CAAC;AACjC,OAAO,EAAE,KAAK,EAAE,MAAM,4BAA4B,CAAC;AACnD,OAAO,EAAE,aAAa,EAAE,mBAAmB,EAAE,MAAM,oCAAoC,CAAC;AACxF,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAErD,MAAM,OAAO,aAAc,SAAQ,KAAK;IACtC,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,eAAe,CAAC;IAC9B,CAAC;CACF;AAsBD,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,EAAO,EACP,KAAoB;IAEpB,yBAAyB;IACzB,MAAM,QAAQ,GAAG,MAAM,EAAE;SACtB,MAAM,CAAC,EAAE,EAAE,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC;SACxB,IAAI,CAAC,KAAK,CAAC;SACX,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,KAAK,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;SACnC,KAAK,CAAC,CAAC,CAAC,CAAC;IAEZ,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,MAAM,IAAI,aAAa,CAAC,0BAA0B,CAAC,CAAC;IACtD,CAAC;IAED,gBAAgB;IAChB,MAAM,cAAc,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;IAE1D,cAAc;IACd,MAAM,CAAC,OAAO,CAAC,GAAG,MAAM,EAAE;SACvB,MAAM,CAAC,KAAK,CAAC;SACb,MAAM,CAAC;QACN,KAAK,EAAE,KAAK,CAAC,KAAK;QAClB,YAAY,EAAE,cAAc;QAC5B,WAAW,EAAE,KAAK,CAAC,WAAW;KAC/B,CAAC;SACD,SAAS,CAAC;QACT,EAAE,EAAE,KAAK,CAAC,EAAE;QACZ,KAAK,EAAE,KAAK,CAAC,KAAK;QAClB,WAAW,EAAE,KAAK,CAAC,WAAW;KAC/B,CAAC,CAAC;IAEL,8BAA8B;IAC9B,MAAM,IAAI,GAAG,MAAM,GAAG,OAAO,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAC7C,MAAM,CAAC,GAAG,CAAC,GAAG,MAAM,EAAE;SACnB,MAAM,CAAC,aAAa,CAAC;SACrB,MAAM,CAAC;QACN,IAAI,EAAE,iBAAiB;QACvB,IAAI;QACJ,OAAO,EAAE,OAAO,CAAC,EAAE;KACpB,CAAC;SACD,SAAS,CAAC;QACT,EAAE,EAAE,aAAa,CAAC,EAAE;QACpB,IAAI,EAAE,aAAa,CAAC,IAAI;QACxB,IAAI,EAAE,aAAa,CAAC,IAAI;KACzB,CAAC,CAAC;IAEL,oBAAoB;IACpB,MAAM,EAAE,CAAC,MAAM,CAAC,mBAAmB,CAAC,CAAC,MAAM,CAAC;QAC1C,KAAK,EAAE,GAAG,CAAC,EAAE;QACb,MAAM,EAAE,OAAO,CAAC,EAAE;QAClB,IAAI,EAAE,OAAO;KACd,CAAC,CAAC;IAEH,OAAO;QACL,IAAI,EAAE;YACJ,EAAE,EAAE,OAAO,CAAC,EAAE;YACd,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,WAAW,EAAE,OAAO,CAAC,WAAW;SACjC;QACD,YAAY,EAAE;YACZ,EAAE,EAAE,GAAG,CAAC,EAAE;YACV,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,IAAI,EAAE,OAAgB;SACvB;KACF,CAAC;AACJ,CAAC"}

package/dist/services/password.service.d.ts

@@ -1,3 +0,0 @@
-export declare function hashPassword(plain: string): Promise<string>;
-export declare function verifyPassword(plain: string, hashed: string): Promise<boolean>;
-//# sourceMappingURL=password.service.d.ts.map

package/dist/services/password.service.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"password.service.d.ts","sourceRoot":"","sources":["../../src/services/password.service.ts"],"names":[],"mappings":"AAEA,wBAAsB,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAOjE;AAED,wBAAsB,cAAc,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAMpF"}

package/dist/services/password.service.js

@@ -1,18 +0,0 @@
-import { hash, verify } from 'argon2';
-export async function hashPassword(plain) {
-    return hash(plain, {
-        type: 2, // argon2id
-        memoryCost: 65536,
-        timeCost: 3,
-        parallelism: 4,
-    });
-}
-export async function verifyPassword(plain, hashed) {
-    try {
-        return await verify(hashed, plain);
-    }
-    catch {
-        return false;
-    }
-}
-//# sourceMappingURL=password.service.js.map

package/dist/services/password.service.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"password.service.js","sourceRoot":"","sources":["../../src/services/password.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAEtC,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,KAAa;IAC9C,OAAO,IAAI,CAAC,KAAK,EAAE;QACjB,IAAI,EAAE,CAAC,EAAE,WAAW;QACpB,UAAU,EAAE,KAAK;QACjB,QAAQ,EAAE,CAAC;QACX,WAAW,EAAE,CAAC;KACf,CAAC,CAAC;AACL,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,KAAa,EAAE,MAAc;IAChE,IAAI,CAAC;QACH,OAAO,MAAM,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;IACrC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC"}

package/dist/services/rbac.service.d.ts

@@ -1,7 +0,0 @@
-export type Role = 'owner' | 'admin' | 'member' | 'guest';
-export type Permission = `${string}:${string}`;
-export declare function checkPermission(role: Role, resource: string, action: string): boolean;
-export declare function checkPermissions(role: Role, required: Permission[]): boolean;
-export declare function getRolePermissions(role: Role): Permission[];
-export declare function hasAnyPermission(role: Role, resource: string): boolean;
-//# sourceMappingURL=rbac.service.d.ts.map

package/dist/services/rbac.service.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"rbac.service.d.ts","sourceRoot":"","sources":["../../src/services/rbac.service.ts"],"names":[],"mappings":"AAEA,MAAM,MAAM,IAAI,GAAG,OAAO,GAAG,OAAO,GAAG,QAAQ,GAAG,OAAO,CAAC;AAC1D,MAAM,MAAM,UAAU,GAAG,GAAG,MAAM,IAAI,MAAM,EAAE,CAAC;AAE/C,wBAAgB,eAAe,CAAC,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAcrF;AAED,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,OAAO,CAO5E;AAED,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,IAAI,GAAG,UAAU,EAAE,CAE3D;AAED,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAKtE"}

package/dist/services/rbac.service.js

@@ -1,36 +0,0 @@
-import { PERMISSION_MATRIX } from '../db/schema/core/permissions.js';
-export function checkPermission(role, resource, action) {
-    const permissions = PERMISSION_MATRIX[role];
-    if (!permissions)
-        return false;
-    // Global wildcard
-    if (permissions.includes('*'))
-        return true;
-    // Exact match
-    if (permissions.includes(`${resource}:${action}`))
-        return true;
-    // Resource wildcard
-    if (permissions.includes(`${resource}:*`))
-        return true;
-    return false;
-}
-export function checkPermissions(role, required) {
-    return required.every((p) => {
-        const parts = p.split(':');
-        const resource = parts[0];
-        const action = parts.slice(1).join(':');
-        return checkPermission(role, resource, action);
-    });
-}
-export function getRolePermissions(role) {
-    return (PERMISSION_MATRIX[role] || []);
-}
-export function hasAnyPermission(role, resource) {
-    const permissions = PERMISSION_MATRIX[role];
-    if (!permissions)
-        return false;
-    if (permissions.includes('*'))
-        return true;
-    return permissions.some((p) => p.startsWith(`${resource}:`));
-}
-//# sourceMappingURL=rbac.service.js.map

package/dist/services/rbac.service.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"rbac.service.js","sourceRoot":"","sources":["../../src/services/rbac.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AAKrE,MAAM,UAAU,eAAe,CAAC,IAAU,EAAE,QAAgB,EAAE,MAAc;IAC1E,MAAM,WAAW,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;IAC5C,IAAI,CAAC,WAAW;QAAE,OAAO,KAAK,CAAC;IAE/B,kBAAkB;IAClB,IAAI,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAE3C,cAAc;IACd,IAAI,WAAW,CAAC,QAAQ,CAAC,GAAG,QAAQ,IAAI,MAAM,EAAE,CAAC;QAAE,OAAO,IAAI,CAAC;IAE/D,oBAAoB;IACpB,IAAI,WAAW,CAAC,QAAQ,CAAC,GAAG,QAAQ,IAAI,CAAC;QAAE,OAAO,IAAI,CAAC;IAEvD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,IAAU,EAAE,QAAsB;IACjE,OAAO,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;QAC1B,MAAM,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC3B,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QAC1B,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACxC,OAAO,eAAe,CAAC,IAAI,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,IAAU;IAC3C,OAAO,CAAC,iBAAiB,CAAC,IAAI,CAAC,IAAI,EAAE,CAAiB,CAAC;AACzD,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,IAAU,EAAE,QAAgB;IAC3D,MAAM,WAAW,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;IAC5C,IAAI,CAAC,WAAW;QAAE,OAAO,KAAK,CAAC;IAC/B,IAAI,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAC3C,OAAO,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,QAAQ,GAAG,CAAC,CAAC,CAAC;AAC/D,CAAC"}

package/dist/services/token.service.d.ts

@@ -1,18 +0,0 @@
-export interface TokenPayload {
-    sub: string;
-    email: string;
-    iat: number;
-    exp: number;
-}
-export interface TokenPair {
-    accessToken: string;
-    refreshToken: string;
-}
-export declare function generateAccessToken(userId: string, email: string): Promise<string>;
-export declare function generateRefreshToken(userId: string, db: any): Promise<string>;
-export declare function generateTokenPair(userId: string, email: string, db: any): Promise<TokenPair>;
-export declare function verifyAccessToken(token: string): Promise<TokenPayload | null>;
-export declare function rotateRefreshToken(oldToken: string, db: any): Promise<TokenPair | null>;
-export declare function revokeRefreshToken(tokenHash: string, db: any): Promise<void>;
-export declare function revokeAllUserTokens(userId: string, db: any): Promise<void>;
-//# sourceMappingURL=token.service.d.ts.map

package/dist/services/token.service.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"token.service.d.ts","sourceRoot":"","sources":["../../src/services/token.service.ts"],"names":[],"mappings":"AAKA,MAAM,WAAW,YAAY;IAC3B,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE,MAAM,CAAC;IACd,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;CACb;AAED,MAAM,WAAW,SAAS;IACxB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;CACtB;AAUD,wBAAsB,mBAAmB,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAWxF;AAED,wBAAsB,oBAAoB,CACxC,MAAM,EAAE,MAAM,EACd,EAAE,EAAE,GAAG,GACN,OAAO,CAAC,MAAM,CAAC,CAWjB;AAED,wBAAsB,iBAAiB,CACrC,MAAM,EAAE,MAAM,EACd,KAAK,EAAE,MAAM,EACb,EAAE,EAAE,GAAG,GACN,OAAO,CAAC,SAAS,CAAC,CAIpB;AAED,wBAAsB,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,GAAG,IAAI,CAAC,CAOnF;AAED,wBAAsB,kBAAkB,CACtC,QAAQ,EAAE,MAAM,EAChB,EAAE,EAAE,GAAG,GACN,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC,CAwC3B;AAED,wBAAsB,kBAAkB,CAAC,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAElF;AAED,wBAAsB,mBAAmB,CAAC,MAAM,EAAE,MAAM,EAAE,EAAE,EAAE,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAEhF"}

package/dist/services/token.service.js

@@ -1,86 +0,0 @@
-import { sign, verify } from 'hono/jwt';
-import { createHash, randomUUID } from 'crypto';
-import { eq } from 'drizzle-orm';
-import { refreshTokens } from '../db/schema/core/refresh-tokens.js';
-function getJwtSecret() {
-    const secret = process.env.JWT_SECRET;
-    if (!secret) {
-        throw new Error('JWT_SECRET environment variable is required');
-    }
-    return secret;
-}
-export async function generateAccessToken(userId, email) {
-    const now = Math.floor(Date.now() / 1000);
-    return sign({
-        sub: userId,
-        email,
-        iat: now,
-        exp: now + 15 * 60, // 15 minutes
-    }, getJwtSecret());
-}
-export async function generateRefreshToken(userId, db) {
-    const token = randomUUID();
-    const tokenHash = createHash('sha256').update(token).digest('hex');
-    await db.insert(refreshTokens).values({
-        userId,
-        tokenHash,
-        expiresAt: new Date(Date.now() + 7 * 24 * 60 * 60 * 1000), // 7 days
-    });
-    return token;
-}
-export async function generateTokenPair(userId, email, db) {
-    const accessToken = await generateAccessToken(userId, email);
-    const refreshToken = await generateRefreshToken(userId, db);
-    return { accessToken, refreshToken };
-}
-export async function verifyAccessToken(token) {
-    try {
-        const payload = await verify(token, getJwtSecret(), 'HS256');
-        return payload;
-    }
-    catch {
-        return null;
-    }
-}
-export async function rotateRefreshToken(oldToken, db) {
-    const tokenHash = createHash('sha256').update(oldToken).digest('hex');
-    // Find the stored token
-    const stored = await db.query.refreshTokens.findFirst({
-        where: eq(refreshTokens.tokenHash, tokenHash),
-    });
-    if (!stored)
-        return null;
-    // Check if token is expired
-    if (new Date() > stored.expiresAt)
-        return null;
-    // If already rotated, possible token theft — revoke all user tokens
-    if (stored.rotatedAt !== null) {
-        await db
-            .delete(refreshTokens)
-            .where(eq(refreshTokens.userId, stored.userId));
-        return null;
-    }
-    // Mark old token as rotated
-    await db
-        .update(refreshTokens)
-        .set({ rotatedAt: new Date() })
-        .where(eq(refreshTokens.id, stored.id));
-    // Generate new token pair
-    const accessToken = await generateAccessToken(stored.userId, '');
-    const newRefreshToken = randomUUID();
-    const newTokenHash = createHash('sha256').update(newRefreshToken).digest('hex');
-    await db.insert(refreshTokens).values({
-        userId: stored.userId,
-        tokenHash: newTokenHash,
-        expiresAt: new Date(Date.now() + 7 * 24 * 60 * 60 * 1000),
-        rotatedFrom: stored.id,
-    });
-    return { accessToken, refreshToken: newRefreshToken };
-}
-export async function revokeRefreshToken(tokenHash, db) {
-    await db.delete(refreshTokens).where(eq(refreshTokens.tokenHash, tokenHash));
-}
-export async function revokeAllUserTokens(userId, db) {
-    await db.delete(refreshTokens).where(eq(refreshTokens.userId, userId));
-}
-//# sourceMappingURL=token.service.js.map

package/dist/services/token.service.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"token.service.js","sourceRoot":"","sources":["../../src/services/token.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,UAAU,CAAC;AACxC,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AAChD,OAAO,EAAE,EAAE,EAAE,MAAM,aAAa,CAAC;AACjC,OAAO,EAAE,aAAa,EAAE,MAAM,qCAAqC,CAAC;AAcpE,SAAS,YAAY;IACnB,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC;IACtC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IACjE,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,MAAc,EAAE,KAAa;IACrE,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAC1C,OAAO,IAAI,CACT;QACE,GAAG,EAAE,MAAM;QACX,KAAK;QACL,GAAG,EAAE,GAAG;QACR,GAAG,EAAE,GAAG,GAAG,EAAE,GAAG,EAAE,EAAE,aAAa;KAClC,EACD,YAAY,EAAE,CACf,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,MAAc,EACd,EAAO;IAEP,MAAM,KAAK,GAAG,UAAU,EAAE,CAAC;IAC3B,MAAM,SAAS,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAEnE,MAAM,EAAE,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC;QACpC,MAAM;QACN,SAAS;QACT,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,EAAE,SAAS;KACrE,CAAC,CAAC;IAEH,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,MAAc,EACd,KAAa,EACb,EAAO;IAEP,MAAM,WAAW,GAAG,MAAM,mBAAmB,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;IAC7D,MAAM,YAAY,GAAG,MAAM,oBAAoB,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IAC5D,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,CAAC;AACvC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,KAAa;IACnD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,KAAK,EAAE,YAAY,EAAE,EAAE,OAAO,CAAC,CAAC;QAC7D,OAAO,OAAkC,CAAC;IAC5C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,QAAgB,EAChB,EAAO;IAEP,MAAM,SAAS,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAEtE,wBAAwB;IACxB,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,aAAa,CAAC,SAAS,CAAC;QACpD,KAAK,EAAE,EAAE,CAAC,aAAa,CAAC,SAAS,EAAE,SAAS,CAAC;KAC9C,CAAC,CAAC;IAEH,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IAEzB,4BAA4B;IAC5B,IAAI,IAAI,IAAI,EAAE,GAAG,MAAM,CAAC,SAAS;QAAE,OAAO,IAAI,CAAC;IAE/C,oEAAoE;IACpE,IAAI,MAAM,CAAC,SAAS,KAAK,IAAI,EAAE,CAAC;QAC9B,MAAM,EAAE;aACL,MAAM,CAAC,aAAa,CAAC;aACrB,KAAK,CAAC,EAAE,CAAC,aAAa,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC;QAClD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,4BAA4B;IAC5B,MAAM,EAAE;SACL,MAAM,CAAC,aAAa,CAAC;SACrB,GAAG,CAAC,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,EAAE,CAAC;SAC9B,KAAK,CAAC,EAAE,CAAC,aAAa,CAAC,EAAE,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAE1C,0BAA0B;IAC1B,MAAM,WAAW,GAAG,MAAM,mBAAmB,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACjE,MAAM,eAAe,GAAG,UAAU,EAAE,CAAC;IACrC,MAAM,YAAY,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAEhF,MAAM,EAAE,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC;QACpC,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,SAAS,EAAE,YAAY;QACvB,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;QACzD,WAAW,EAAE,MAAM,CAAC,EAAE;KACvB,CAAC,CAAC;IAEH,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,eAAe,EAAE,CAAC;AACxD,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,SAAiB,EAAE,EAAO;IACjE,MAAM,EAAE,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,aAAa,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC;AAC/E,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,MAAc,EAAE,EAAO;IAC/D,MAAM,EAAE,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,aAAa,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;AACzE,CAAC"}

package/dist/tools/core-memory.d.ts

@@ -1,12 +0,0 @@
-/**
- * Core Memory Tool - Simplified JSON-based memory management
- *
- * Operations: list, import, export, search
- * Storage: ~/.maestro/data/core-memory/{project-hash}.json
- *
- * Simplified from CCW's SQLite-based implementation to avoid native module dependencies.
- */
-import type { ToolSchema, CcwToolResult } from '../types/tool-schema.js';
-export declare const schema: ToolSchema;
-export declare function handler(params: Record<string, unknown>): Promise<CcwToolResult>;
-//# sourceMappingURL=core-memory.d.ts.map

package/dist/tools/core-memory.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"core-memory.d.ts","sourceRoot":"","sources":["../../src/tools/core-memory.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,OAAO,KAAK,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AA4PzE,eAAO,MAAM,MAAM,EAAE,UA+DpB,CAAC;AAIF,wBAAsB,OAAO,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,aAAa,CAAC,CAkBrF"}