npm - nucleus-core-ts - Versions diffs - 0.8.156 → 0.8.158 - Mend

nucleus-core-ts 0.8.156 → 0.8.158

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/index.js +26 -26
package/package.json +1 -1

package/dist/index.js CHANGED Viewed

@@ -1,7 +1,7 @@
 // @bun
 var l5=Object.create;var{getPrototypeOf:d5,defineProperty:Si,getOwnPropertyNames:ud,getOwnPropertyDescriptor:u5}=Object,wd=Object.prototype.hasOwnProperty;var Ur=(n,r,t)=>{t=n!=null?l5(d5(n)):{};let o=r||!n||!n.__esModule?Si(t,"default",{value:n,enumerable:!0}):t;for(let c of ud(n))if(!wd.call(o,c))Si(o,c,{get:()=>n[c],enumerable:!0});return o},dd=new WeakMap,za=(n)=>{var r=dd.get(n),t;if(r)return r;if(r=Si({},"__esModule",{value:!0}),n&&typeof n==="object"||typeof n==="function")ud(n).map((o)=>!wd.call(r,o)&&Si(r,o,{get:()=>n[o],enumerable:!(t=u5(n,o))||t.enumerable}));return dd.set(n,r),r},w5=(n,r)=>()=>(r||n((r={exports:{}}).exports,r),r.exports);var ho=(n,r)=>{for(var t in r)Si(n,t,{get:r[t],enumerable:!0,configurable:!0,set:(o)=>r[t]=()=>o})};var b=(n,r)=>()=>(n&&(r=n(n=0)),r);var Vn=import.meta.require;var Z0,Dd,I0="\x1B[0m",p0="\x1B[2m",kd="\x1B[1m";var y0=b(()=>{Z0={debug:0,info:1,warn:2,error:3,fatal:4},Dd={debug:"\x1B[36m",info:"\x1B[32m",warn:"\x1B[33m",error:"\x1B[31m",fatal:"\x1B[35m"}});function Di(n,r=k5,t=new WeakSet){if(n===null||n===void 0)return n;if(typeof n!=="object")return n;if(t.has(n))return"[Circular]";if(t.add(n),Array.isArray(n))return n.map((c)=>Di(c,r,t));let o={};for(let[c,i]of Object.entries(n))if(r.some((e)=>c.toLowerCase().includes(e.toLowerCase()))&&typeof i==="string")o[c]="[REDACTED]";else if(typeof i==="object"&&i!==null)o[c]=Di(i,r,t);else o[c]=i;return o}function Md(n=4){let r=Error().stack;if(!r)return{file:"unknown",line:0,function:"unknown"};let o=r.split(`
 `)[n];if(!o)return{file:"unknown",line:0,function:"unknown"};let c=o.match(/at\s+(?:(.+?)\s+)?\(?(.+?):(\d+):(\d+)\)?/);if(!c)return{file:"unknown",line:0,function:"unknown"};let[,i,a,e]=c;return{file:a?a.split("/").pop()||a:"unknown",line:parseInt(e||"0",10),function:i?.replace(/^Object\./,"")||"anonymous"}}function T0(n){if(n instanceof Error)return{name:n.name,message:n.message,stack:n.stack,code:n.code};if(typeof n==="string")return{name:"Error",message:n};return{name:"UnknownError",message:String(n)}}function ns(n,r){if(!n&&!r)return;if(!n)return r;if(!r)return n;return{...n,...r}}function rs(n){if(n<1)return`${(n*1000).toFixed(2)}\xB5s`;if(n<1000)return`${n.toFixed(2)}ms`;return`${(n/1000).toFixed(2)}s`}function ts(n,r){let t=new WeakSet;return JSON.stringify(n,(o,c)=>{if(typeof c==="object"&&c!==null){if(t.has(c))return"[Circular]";t.add(c)}if(typeof c==="bigint")return c.toString();if(c instanceof Error)return{name:c.name,message:c.message,stack:c.stack};return c},r)}var k5;var Ba=b(()=>{k5=["password","secret","token","apiKey","api_key","authorization","cookie","credit_card","creditCard","ssn","privateKey","private_key"]});class Ua{name="console";colorize;prettyPrint;constructor(n={}){this.colorize=n.colorize??!0,this.prettyPrint=n.prettyPrint??!0}log(n){if(this.prettyPrint)this.logPretty(n);else this.logJson(n)}logJson(n){let r=ts(n);this.getConsoleMethod(n.level)(r)}logPretty(n){let r=this.getConsoleMethod(n.level),t=this.colorize?Dd[n.level]:"",o=this.colorize?I0:"",c=this.colorize?p0:"",i=this.colorize?kd:"",a=new Date(n.timestamp).toLocaleTimeString("en-US",{hour12:!1,hour:"2-digit",minute:"2-digit",second:"2-digit"}),e=n.level.toUpperCase().padEnd(5),s=n.service?`[${n.service}]`:"",f=n.correlationId?`${c}(${n.correlationId.slice(0,8)})${o}`:"",d=n.duration!==void 0?`${c}${rs(n.duration)}${o}`:"",_=`${c}${a}${o} ${t}${i}${e}${o} ${s}${f} ${n.message} ${d}`;if(r(_.trim()),n.caller)r(`  ${c}at ${n.caller.function} (${n.caller.file}:${n.caller.line})${o}`);if(n.context&&Object.keys(n.context).length>0)r(`  ${c}context:${o}`,n.context);if(n.error){if(r(`  ${t}${n.error.name}: ${n.error.message}${o}`),n.error.stack){let w=n.error.stack.split(`
-`).slice(1,4);for(let g of w)r(`  ${c}${g.trim()}${o}`)}}}getConsoleMethod(n){switch(n){case"debug":return console.debug.bind(console);case"info":return console.info.bind(console);case"warn":return console.warn.bind(console);case"error":case"fatal":return console.error.bind(console);default:return console.log.bind(console)}}}class Wa{name="database";db;table;enabled;constructor(n){this.db=n.db,this.table=n.table,this.enabled=n.enabled??!0}setDb(n){this.db=n}setTable(n){this.table=n}setEnabled(n){this.enabled=n}async write(n){if(!this.enabled||!this.db||!this.table)return;try{await this.db.insert(this.table).values({id:n.id,entityId:n.entityId,entityName:n.entityName,operationType:n.operation,userId:n.userId,ipAddress:n.ipAddress,userAgent:n.userAgent,summary:n.summary,oldValues:n.oldValues,newValues:n.newValues,path:n.path,query:n.query})}catch(r){console.error("Audit log write failed:",r)}}}class Va{name="console-audit";enabled;constructor(n={}){this.enabled=n.enabled??!0}write(n){if(!this.enabled)return;let r="\x1B[35m",t=I0,o=p0;console.log(`${o}${n.timestamp}${t} ${r}AUDIT${t} [${n.operation}] ${n.entityName}${n.entityId?`:${n.entityId}`:""} ${o}by ${n.userId||"anonymous"}${t}`)}}var os=b(()=>{y0();Ba()});import{randomUUID as M5}from"crypto";class Zr{config;transports;auditTransports;context;correlationId;static instance=null;constructor(n={},r={},t){this.config={...R5,...n},this.context=r,this.correlationId=t,this.transports=[new Ua({colorize:this.config.colorize,prettyPrint:this.config.prettyPrint})],this.auditTransports=[new Va({enabled:this.config.prettyPrint})]}static getInstance(n){if(!Zr.instance)Zr.instance=new Zr(n);return Zr.instance}static resetInstance(){Zr.instance=null}child(n,r){let t=new Zr(this.config,ns(this.context,n)||{},r||this.correlationId);return t.transports=this.transports,t.auditTransports=this.auditTransports,t}withCorrelationId(n){return this.child({},n)}addTransport(n){this.transports.push(n)}addAuditTransport(n){this.auditTransports.push(n)}setLevel(n){this.config.level=n}setAuditEnabled(n){this.config.auditEnabled=n}isAuditEnabled(){return this.config.auditEnabled}shouldLog(n){return Z0[n]>=Z0[this.config.level]}createEntry(n,r,t,o,c){let i={timestamp:new Date().toISOString(),level:n,message:r,service:this.config.service,correlationId:this.correlationId},a=ns(this.context,t);if(a&&Object.keys(a).length>0)i.context=Di(a,this.config.redactKeys);if(this.config.includeCallerInfo)i.caller=Md();if(o)i.error=T0(o);if(c!==void 0)i.duration=performance.now()-c;return i}log(n,r,t,o,c){if(!this.shouldLog(n))return;let i=this.createEntry(n,r,t,o,c);for(let a of this.transports)try{a.log(i)}catch(e){console.error(`Logger transport "${a.name}" failed:`,e)}}debug(n,r){this.log("debug",n,r)}info(n,r){this.log("info",n,r)}warn(n,r){this.log("warn",n,r)}error(n,r,t){this.log("error",n,t,r)}fatal(n,r,t){this.log("fatal",n,t,r)}time(n){let r=performance.now();return()=>{this.log("debug",`${n} completed`,void 0,void 0,r)}}async timeAsync(n,r,t){let o=performance.now();try{let c=await r();return this.log("debug",`${n} completed`,t,void 0,o),c}catch(c){throw this.log("error",`${n} failed`,t,c,o),c}}request(n){let r=n.statusCode>=500?"error":n.statusCode>=400?"warn":"info";this.log(r,`${n.method} ${n.path} ${n.statusCode}`,{method:n.method,path:n.path,statusCode:n.statusCode,durationMs:n.duration,correlationId:n.correlationId,userId:n.userId,ip:n.ip,userAgent:n.userAgent})}db(n){let r=n.error?"error":"debug";this.log(r,`DB ${n.operation} on ${n.table}`,{operation:n.operation,table:n.table,durationMs:n.duration,rowCount:n.rowCount},n.error)}async flush(){for(let n of this.transports)if(n.flush)await n.flush()}async audit(n){let r={id:M5(),timestamp:new Date().toISOString(),entityName:n.entityName,entityId:n.entityId??null,operation:n.operation,userId:n.userId??null,summary:n.summary||`${n.operation} on ${n.entityName}`,oldValues:n.oldValues||{},newValues:n.newValues||{},ipAddress:n.ipAddress||"unknown",userAgent:n.userAgent||"unknown",path:n.path||"",query:n.query||"",correlationId:this.correlationId};for(let t of this.auditTransports)try{await t.write(r)}catch(o){console.error(`Audit transport "${t.name}" failed:`,o)}}auditOnly(n){this.audit(n)}async trace(n){let r=n.log!==!1,t=n.writeAudit===!0||n.writeAudit!==!1&&this.config.auditEnabled&&n.audit;if(r)this.log(n.level||"info",n.message,n.context,n.error);if(t&&n.audit)await this.audit(n.audit)}traceSync(n){let r=n.log!==!1,t=n.writeAudit===!0||n.writeAudit!==!1&&this.config.auditEnabled&&n.audit;if(r)this.log(n.level||"info",n.message,n.context,n.error);if(t&&n.audit)this.audit(n.audit)}}var R5,H5;var cs=b(()=>{os();y0();Ba();R5={level:"info",service:"nucleus",environment:"development",redactKeys:[],colorize:!0,prettyPrint:!0,includeCallerInfo:!0,asyncBufferSize:100,flushIntervalMs:1000,auditEnabled:!1};H5=Zr.getInstance()});var Ud=w5((fD,Bd)=>{var Hd=12,C5=0,es=[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,4,4,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,6,7,7,7,7,7,7,7,7,7,7,7,7,8,7,7,10,9,9,9,11,4,4,4,4,4,4,4,4,4,4,4,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,24,36,48,60,72,84,96,0,12,12,12,0,0,0,0,0,0,0,0,0,0,0,24,0,0,0,0,0,0,0,0,0,24,24,24,0,0,0,0,0,0,0,0,0,24,24,0,0,0,0,0,0,0,0,0,0,48,48,48,0,0,0,0,0,0,0,0,0,0,48,48,0,0,0,0,0,0,0,0,0,48,0,0,0,0,0,0,0,0,0,0,127,63,63,63,0,31,15,15,15,7,7,7];function F5(n){var r=n.indexOf("%");if(r===-1)return n;var t=n.length,o="",c=0,i=0,a=r,e=Hd;while(r>-1&&r<t){var s=zd(n[r+1],4),f=zd(n[r+2],0),d=s|f,_=es[d];if(e=es[256+e+_],i=i<<6|d&es[364+_],e===Hd)o+=n.slice(c,a),o+=i<=65535?String.fromCharCode(i):String.fromCharCode(55232+(i>>10),56320+(i&1023)),i=0,c=r+3,r=a=n.indexOf("%",c);else if(e===C5)return null;else{if(r+=3,r<t&&n.charCodeAt(r)===37)continue;return null}}return o+n.slice(c)}var j5={"0":0,"1":1,"2":2,"3":3,"4":4,"5":5,"6":6,"7":7,"8":8,"9":9,a:10,A:10,b:11,B:11,c:12,C:12,d:13,D:13,e:14,E:14,f:15,F:15};function zd(n,r){var t=j5[n];return t===void 0?255:t<<r}Bd.exports=F5});import{createHash as q5,randomBytes as K5}from"crypto";var v5=32,Z5="sha256",Yd=(n="nk_live")=>{let r=K5(v5).toString("hex"),t=`${n}_${r}`,o=ws(t),c=`${n}_...${r.slice(-4)}`;return{rawKey:t,keyHash:o,keyPreview:c}},ws=(n)=>{return q5(Z5).update(n).digest("hex")},I5=(n)=>{return/^nk_(live|test)_[a-f0-9]{64}$/.test(n)},Jd=(n)=>{let r=n.get("x-api-key");if(r&&I5(r))return r;let t=n.get("authorization");if(t){let o=t.match(/^Bearer\s+(nk_(?:live|test)_[a-f0-9]{64})$/);if(o?.[1])return o[1]}return null},Xd=(n)=>{if(!n.isActive)return{valid:!1,reason:"API key is inactive"};if(n.revokedAt)return{valid:!1,reason:"API key has been revoked"};if(n.expiresAt&&new Date(n.expiresAt)<new Date)return{valid:!1,reason:"API key has expired"};return{valid:!0,record:n}},Qt=(n,r)=>{let t=new Set(n);return r.filter((o)=>t.has(o))};var Xa=()=>{};var Ld=(n)=>{return n?.trim().toLowerCase()||"unknown"},bs=(n,r)=>{return n[r.toLowerCase()]??n[r]};import p5 from"crypto";var Qd=(n)=>{let r=JSON.stringify({userAgent:Ld(n.userAgent),extra:n.extra??{}});return{hash:p5.createHash("sha256").update(r).digest("base64url"),components:n}};var gs=()=>{};var Gd=({savedFingerprint:n,requestIp:r,headers:t})=>{let o=bs(t,"user-agent"),c=bs(t,"x-forwarded-for")??r??void 0,i=Qd({userAgent:o,ipAddress:c}),a=[{field:"userAgent",saved:n.components.userAgent,received:o},{field:"ipAddress",saved:n.components.ipAddress,received:c}].find(({saved:e,received:s})=>e??(s??"")!=="");if(a)return{isValid:!1,reason:`${a.field} mismatch`,currentFingerprint:i};return{isValid:!0,currentFingerprint:i}};var ms=b(()=>{gs()});var Od=b(()=>{gs();ms()});import Nd from"crypto";var $s=(n)=>{return(Buffer.isBuffer(n)?n.toString("base64"):Buffer.from(n).toString("base64")).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,"")},xd=(n)=>{let r="=".repeat((4-n.length%4)%4),t=n.replace(/-/g,"+").replace(/_/g,"/")+r;return Buffer.from(t,"base64").toString("utf-8")},hs=(n,r,t)=>{let o=t.replace("HS","sha"),c=Nd.createHmac(o,r);return c.update(n),$s(c.digest())},Pd=(n,r,t,o)=>{let c=hs(n,t,o);return Nd.timingSafeEqual(Buffer.from(r),Buffer.from(c))},Cd=(n)=>{return $s(JSON.stringify(n))},Fd=(n)=>{return $s(JSON.stringify(n))},La=(n)=>{try{return JSON.parse(xd(n))}catch{return null}},Qa=(n)=>{try{return JSON.parse(xd(n))}catch{return null}};var Ga=()=>{};var y5=(n)=>{let r=n.split(".");if(r.length!==3)return null;let[t,o,c]=r;if(!t||!o||!c)return null;let i=La(t),a=Qa(o);if(!i||!a)return null;return{header:i,payload:a,signature:c}};var jd=b(()=>{Ga()});var zi=(n,r,t="HS256")=>{let o={alg:t,typ:"JWT"},c=Math.floor(Date.now()/1000),i={sub:n.subject,iat:c,exp:c+n.expiresInSeconds,iss:n.issuer,aud:n.audience,jti:n.jwtId,sessionId:n.sessionId,...n.customClaims},a=Cd(o),e=Fd(i),s=`${a}.${e}`,f=hs(s,r,t);return`${s}.${f}`};var qd=b(()=>{Ga()});var So=(n,r)=>{let t=n.split(".");if(t.length!==3)return{valid:!1,error:"Invalid token format: expected 3 parts"};let[o,c,i]=t;if(!o||!c||!i)return{valid:!1,error:"Invalid token format: missing parts"};let a=La(o);if(!a)return{valid:!1,error:"Invalid header: failed to decode"};if(a.typ!=="JWT")return{valid:!1,error:"Invalid header: typ must be JWT"};if(!["HS256","HS384","HS512"].includes(a.alg))return{valid:!1,error:`Unsupported algorithm: ${a.alg}`};let s=`${o}.${c}`;if(!Pd(s,i,r,a.alg))return{valid:!1,error:"Invalid signature"};let d=Qa(c);if(!d)return{valid:!1,error:"Invalid payload: failed to decode"};let _=Math.floor(Date.now()/1000);if(d.exp&&d.exp<_)return{valid:!1,error:"Token expired"};if(d.iat&&d.iat>_+60)return{valid:!1,error:"Token issued in the future"};return{valid:!0,payload:d}};var Kd=b(()=>{Ga()});var vd={};ho(vd,{verifyJWT:()=>So,signJWT:()=>zi,decodeJWT:()=>y5});var po=b(()=>{jd();qd();Kd()});var Zd=()=>{};var Id=b(()=>{Zd()});var pd="127.0.0.1",yd="3500",Td=4,yt="statestore-redis",As="pubsub-rabbitmq",Es="secretstore",Bi="configstore-redis",nu="DAPR_HOST",ru="DAPR_HTTP_PORT",tu="DAPR_HTTP_ENDPOINT",ou="DAPR_GRPC_ENDPOINT",cu="DAPR_API_TOKEN",iu=30000,au=1e4,eu=5000,Tt,Oa,st;var Gt=b(()=>{Tt={CONNECTED:"connected",DISCONNECTED:"disconnected",CONNECTING:"connecting",ERROR:"error"},Oa={HEALTHY:"healthy",UNHEALTHY:"unhealthy"},st={CONNECTION_ERROR:"DAPR_CONNECTION_ERROR",TIMEOUT_ERROR:"DAPR_TIMEOUT_ERROR",STATE_ERROR:"DAPR_STATE_ERROR",PUBSUB_ERROR:"DAPR_PUBSUB_ERROR",BINDING_ERROR:"DAPR_BINDING_ERROR",SECRET_ERROR:"DAPR_SECRET_ERROR",CONFIG_ERROR:"DAPR_CONFIG_ERROR",INVOKE_ERROR:"DAPR_INVOKE_ERROR",CRYPTO_ERROR:"DAPR_CRYPTO_ERROR",LOCK_ERROR:"DAPR_LOCK_ERROR",WORKFLOW_ERROR:"DAPR_WORKFLOW_ERROR",VALIDATION_ERROR:"DAPR_VALIDATION_ERROR"}});var ft,zc=(n,r)=>new ft(st.CONNECTION_ERROR,n,r),su=(n,r)=>new ft(st.TIMEOUT_ERROR,n,r),yo=(n,r)=>new ft(st.STATE_ERROR,n,r),Ss=(n,r)=>new ft(st.PUBSUB_ERROR,n,r),fu=(n,r)=>new ft(st.BINDING_ERROR,n,r),Ds=(n,r)=>new ft(st.SECRET_ERROR,n,r),Na=(n,r)=>new ft(st.CONFIG_ERROR,n,r),_u=(n,r)=>new ft(st.INVOKE_ERROR,n,r),ks=(n,r)=>new ft(st.CRYPTO_ERROR,n,r),Ms=(n,r)=>new ft(st.LOCK_ERROR,n,r),Do=(n,r)=>new ft(st.WORKFLOW_ERROR,n,r),Rn=async(n,r)=>{try{return await n()}catch(t){let o=t instanceof Error?t.message:String(t);throw r(o,t)}};var Ir=b(()=>{Gt();ft=class ft extends Error{code;details;constructor(n,r,t){super(r);this.name="DaprManagerError",this.code=n,this.details=t}toJSON(){return{code:this.code,message:this.message,details:this.details}}}});var lu,xa=(n="info")=>{let r=lu[n],t=(o)=>(c,...i)=>{if(lu[o]<r)return;let a=new Date().toISOString(),e=i.length>0?` ${JSON.stringify(i)}`:"";console[o](`[${a}] [Dapr] [${o.toUpperCase()}] ${c}${e}`)};return{debug:t("debug"),info:t("info"),warn:t("warn"),error:t("error")}},Ui=async(n,r,t="Operation timed out")=>{return Promise.race([n(),new Promise((o,c)=>{setTimeout(()=>{c(su(t))},r)})])},Hn=(n,r,t)=>{let o=r.filter((c)=>n[c]===void 0);if(o.length>0)throw Error(`Missing required ${t} parameters: ${o.join(", ")}`)};var _t=b(()=>{Gt();Ir();lu={debug:0,info:1,warn:2,error:3}});class Pa{client;logger;constructor(n,r){this.client=n,this.logger=r}async invoke(n,r,t,o={}){return Hn({name:n,operation:r},["name","operation"],"binding invoke"),Rn(async()=>{this.logger.debug("Invoking binding",{name:n,operation:r});let i=await(await this.client()).binding.send(n,r,t,o.metadata);return this.logger.debug("Binding invoked successfully",{name:n,operation:r}),i},(c,i)=>fu(`Failed to invoke binding ${n}: ${c}`,i))}}var Rs=b(()=>{Ir();_t()});class Ca{client;logger;constructor(n,r){this.client=n,this.logger=r}async get(n,r=Bi){if(Hn({keys:n,storeName:r},["keys","storeName"],"config get"),n.length===0)return{};return Rn(async()=>{this.logger.debug("Getting configuration",{keys:n,storeName:r});let o=await(await this.client()).configuration.get(r,n);return this.logger.debug("Configuration retrieved",{keys:n,storeName:r,itemCount:Object.keys(o.items||{}).length}),o.items||{}},(t,o)=>Na(`Failed to get configuration: ${t}`,o))}async subscribeWithKeys(n,r,t=Bi){if(Hn({keys:n,callback:r,storeName:t},["keys","callback","storeName"],"config subscribeWithKeys"),n.length===0)throw Na("At least one key must be provided for subscription");return Rn(async()=>{this.logger.debug("Subscribing to configuration updates",{keys:n,storeName:t});let c=await(await this.client()).configuration.subscribeWithKeys(t,n,async(i)=>{try{this.logger.debug("Received configuration update",{storeName:t,updatedKeys:Object.keys(i.items||{})}),await r(i)}catch(a){this.logger.error("Error in configuration subscription callback",a)}});return this.logger.debug("Configuration subscription established",{keys:n,storeName:t}),{stop:()=>{this.logger.debug("Stopping configuration subscription",{keys:n,storeName:t}),c.stop()}}},(o,c)=>Na(`Failed to subscribe to configuration updates: ${o}`,c))}async getValue(n,r=Bi){return(await this.get([n],r))[n]?.value}async getValues(n,r=Bi){let t=await this.get(n,r),o={};for(let c in t)if(t[c]?.value!==void 0)o[c]=t[c].value;return o}}var Hs=b(()=>{Gt();Ir();_t()});class Fa{client;logger;constructor(n,r){this.client=n,this.logger=r}async encrypt(n,r){return Hn({data:n,componentName:r.componentName},["data","componentName"],"crypto encrypt"),Rn(async()=>{this.logger.debug("Encrypting data",{componentName:r.componentName,keyName:r.keyName,keyWrapAlgorithm:r.keyWrapAlgorithm});let t=await this.client(),o=typeof n==="string"?Buffer.from(n):n,c={componentName:r.componentName};if(r.keyName)c.keyName=r.keyName;if(r.keyWrapAlgorithm)c.keyWrapAlgorithm=r.keyWrapAlgorithm;let i=await t.crypto.encrypt(o,c);return this.logger.debug("Data encrypted successfully",{componentName:r.componentName,inputSize:o.length,outputSize:i.length}),i},(t,o)=>ks(`Failed to encrypt data: ${t}`,o))}async decrypt(n,r){return Hn({data:n,componentName:r.componentName},["data","componentName"],"crypto decrypt"),Rn(async()=>{this.logger.debug("Decrypting data",{componentName:r.componentName});let t=await this.client(),o=typeof n==="string"?Buffer.from(n):n,c={componentName:r.componentName};if(r.keyName)c.keyName=r.keyName;if(r.keyWrapAlgorithm)c.keyWrapAlgorithm=r.keyWrapAlgorithm;let i=await t.crypto.decrypt(o,c);return this.logger.debug("Data decrypted successfully",{componentName:r.componentName,inputSize:o.length,outputSize:i.length}),i},(t,o)=>ks(`Failed to decrypt data: ${t}`,o))}async encryptString(n,r){return(await this.encrypt(n,r)).toString("base64")}async decryptString(n,r){let t=Buffer.from(n,"base64");return(await this.decrypt(t,r)).toString("utf-8")}}var zs=b(()=>{Ir();_t()});import{HttpMethod as Wi}from"@dapr/dapr";class ja{client;logger;constructor(n,r){this.client=n,this.logger=r}async invoke(n,r,t=Wi.POST,o,c={}){Hn({appId:n,methodName:r,httpMethod:t},["appId","methodName","httpMethod"],"invoke service");let i=c.timeout||iu;return Rn(async()=>{this.logger.debug("Invoking service",{appId:n,methodName:r,httpMethod:t,hasData:o!==void 0});let a=r;if(c.queryParams&&Object.keys(c.queryParams).length>0){let f=Object.entries(c.queryParams).map(([d,_])=>`${encodeURIComponent(d)}=${encodeURIComponent(_)}`).join("&");a=`${r}?${f}`}let e=await this.client(),s=await Ui(()=>e.invoker.invoke(n,a,t,o,c.headers),i,`Service invocation timed out after ${i}ms`);if(this.logger.debug("Service invoked successfully",{appId:n,methodName:r,httpMethod:t,status:s?.status}),!s)return;if("data"in s)return s.data;return s},(a,e)=>_u(`Failed to invoke service ${n}.${r}: ${a}`,e))}async get(n,r,t={}){return this.invoke(n,r,Wi.GET,void 0,t)}async post(n,r,t,o={}){return this.invoke(n,r,Wi.POST,t,o)}async put(n,r,t,o={}){return this.invoke(n,r,Wi.PUT,t,o)}async delete(n,r,t={}){return this.invoke(n,r,Wi.DELETE,void 0,t)}}var Bs=b(()=>{Gt();Ir();_t()});class qa{client;logger;constructor(n,r){this.client=n,this.logger=r}async lock(n,r,t,o){return Hn({storeName:n,resourceId:r,lockOwner:t,expiryInSeconds:o.expiryInSeconds},["storeName","resourceId","lockOwner","expiryInSeconds"],"lock"),Rn(async()=>{this.logger.debug("Acquiring lock",{storeName:n,resourceId:r,lockOwner:t});let i=await(await this.client()).lock.lock(n,r,t,o.expiryInSeconds);return this.logger.debug("Lock acquisition result",{storeName:n,resourceId:r,lockOwner:t,success:i.success}),{success:i.success}},(c,i)=>Ms(`Failed to acquire lock for resource ${r}: ${c}`,i))}async unlock(n,r,t){return Hn({storeName:n,resourceId:r,lockOwner:t},["storeName","resourceId","lockOwner"],"unlock"),Rn(async()=>{this.logger.debug("Releasing lock",{storeName:n,resourceId:r,lockOwner:t});let c=await(await this.client()).lock.unlock(n,r,t);return this.logger.debug("Lock release result",{storeName:n,resourceId:r,lockOwner:t,status:this.getLockStatusName(c.status)}),{status:c.status}},(o,c)=>Ms(`Failed to release lock for resource ${r}: ${o}`,c))}getLockStatusName(n){switch(n){case 0:return"Success";case 1:return"LockDoesNotExist";case 2:return"LockBelongsToOthers";default:return"InternalError"}}}var Us=b(()=>{Ir();_t()});class Ka{client;logger;constructor(n,r){this.client=n,this.logger=r}async publish(n,r,t={},o=As){return Hn({topic:n,data:r,pubsubName:o},["topic","data","pubsubName"],"pubsub publish"),Rn(async()=>{this.logger.debug("Publishing message to topic",{topic:n,pubsubName:o}),await(await this.client()).pubsub.publish(o,n,r,{metadata:t.metadata,contentType:t.contentType}),this.logger.debug("Message published successfully",{topic:n,pubsubName:o})},(c,i)=>Ss(`Failed to publish message to topic ${n}: ${c}`,i))}async publishBulk(n,r,t=As){if(Hn({topic:n,messages:r,pubsubName:t},["topic","messages","pubsubName"],"pubsub publishBulk"),r.length===0)return{failedEntries:[]};return Rn(async()=>{this.logger.debug("Publishing bulk messages to topic",{topic:n,pubsubName:t,messageCount:r.length});let o=await this.client(),c=r.map((e)=>{if(typeof e==="object"&&"event"in e)return{entryID:e.entryId,event:e.event,contentType:e.contentType,metadata:e.metadata};return{event:e}}),i=await o.pubsub.publishBulk(t,n,c),a=i.failedMessages?.length||0;if(a>0)this.logger.warn("Some messages failed to publish",{topic:n,pubsubName:t,failedCount:a,totalCount:r.length});else this.logger.debug("All bulk messages published successfully",{topic:n,pubsubName:t,messageCount:r.length});return{failedEntries:(i.failedMessages||[]).map((e)=>({entryId:e.message.entryID||"",error:e.error?.message||"Unknown error"}))}},(o,c)=>Ss(`Failed to publish bulk messages to topic ${n}: ${o}`,c))}createBulkPublishMessage(n,r,t,o){return{entryId:r,event:n,contentType:t,metadata:o}}}var Ws=b(()=>{Gt();Ir();_t()});class va{client;logger;constructor(n,r){this.client=n,this.logger=r}async get(n,r={},t=Es){return Hn({key:n,storeName:t},["key","storeName"],"secret get"),Rn(async()=>{this.logger.debug("Getting secret",{key:n,storeName:t});let o=await this.client(),c=r.metadata?JSON.stringify(r.metadata):void 0,i=await o.secret.get(t,n,c);return this.logger.debug("Secret retrieved",{key:n,storeName:t}),i},(o,c)=>Ds(`Failed to get secret ${n}: ${o}`,c))}async getBulk(n={},r=Es){return Hn({storeName:r},["storeName"],"secret getBulk"),Rn(async()=>{this.logger.debug("Getting all secrets",{storeName:r});let o=await(await this.client()).secret.getBulk(r);return this.logger.debug("All secrets retrieved",{storeName:r,secretCount:Object.keys(o).length}),o},(t,o)=>Ds(`Failed to get all secrets: ${t}`,o))}}var Vs=b(()=>{Gt();Ir();_t()});class Za{client;logger;constructor(n,r){this.client=n,this.logger=r}async save(n,r={},t=yt){if(Hn({stateItems:n,storeName:t},["stateItems","storeName"],"state save"),n.length===0)return;return Rn(async()=>{this.logger.debug("Saving state items",{count:n.length,storeName:t}),await(await this.client()).state.save(t,n,r),this.logger.debug("State items saved successfully",{count:n.length,storeName:t})},(o,c)=>yo(`Failed to save state items: ${o}`,c))}async get(n,r=yt){return Hn({key:n,storeName:r},["key","storeName"],"state get"),Rn(async()=>{this.logger.debug("Getting state item",{key:n,storeName:r});let o=await(await this.client()).state.get(r,n);if(this.logger.debug("State item retrieved",{key:n,storeName:r,found:o!==void 0}),o===void 0||o===null)return;if(typeof o==="string")try{return JSON.parse(o)}catch{return o}if(typeof o==="object")return o;return o},(t,o)=>yo(`Failed to get state item ${n}: ${t}`,o))}async getBulk(n,r=yt){if(Hn({keys:n,storeName:r},["keys","storeName"],"state getBulk"),n.length===0)return{};return Rn(async()=>{this.logger.debug("Getting bulk state items",{count:n.length,storeName:r});let o=await(await this.client()).state.getBulk(r,n),c={};return o.forEach((i)=>{if(i.data!==void 0)c[i.key]=i.data}),this.logger.debug("Bulk state items retrieved",{count:n.length,found:Object.keys(c).length,storeName:r}),c},(t,o)=>yo(`Failed to get bulk state items: ${t}`,o))}async delete(n,r,t,o=yt){return Hn({key:n,storeName:o},["key","storeName"],"state delete"),Rn(async()=>{this.logger.debug("Deleting state item",{key:n,storeName:o});let c=await this.client(),i={};if(r)i.etag=r;if(t)i.metadata=t;await c.state.delete(o,n,i),this.logger.debug("State item deleted",{key:n,storeName:o})},(c,i)=>yo(`Failed to delete state item ${n}: ${c}`,i))}async transaction(n,r=yt){if(Hn({operations:n,storeName:r},["operations","storeName"],"state transaction"),n.length===0)return;return Rn(async()=>{this.logger.debug("Executing state transaction",{operationCount:n.length,storeName:r});let t=await this.client(),o=n.map((c)=>({operation:c.operation,request:{key:c.request.key,value:c.request.value,etag:c.request.etag?{value:c.request.etag}:void 0,metadata:c.request.metadata}}));await t.state.transaction(r,o),this.logger.debug("State transaction executed successfully",{operationCount:n.length,storeName:r})},(t,o)=>yo(`Failed to execute state transaction: ${t}`,o))}async query(n,r=yt){return Hn({query:n,storeName:r},["query","storeName"],"state query"),Rn(async()=>{this.logger.debug("Querying state store",{storeName:r});let o=await(await this.client()).state.query(r,n);return this.logger.debug("State query executed",{storeName:r,resultCount:o.results?.length||0}),(o.results||[]).map((c)=>c.data)},(t,o)=>yo(`Failed to query state store: ${t}`,o))}async saveItem(n,r,t={},o=yt){let c={key:n,value:r};return this.save([c],t,o)}async upsert(n,r,t={},o=yt){return this.saveItem(n,r,t,o)}}var Ys=b(()=>{Gt();Ir();_t()});class Ia{client;logger;constructor(n,r){this.client=n,this.logger=r}async start(n,r,t={}){return Hn({workflowName:n},["workflowName"],"workflow start"),Rn(async()=>{this.logger.debug("Starting workflow",{workflowName:n,instanceId:t.instanceId||"auto-generated",workflowComponent:t.workflowComponent});let c=await(await this.client()).workflow.start(n,r,t.instanceId);return this.logger.debug("Workflow started",{workflowName:n,instanceId:c}),c},(o,c)=>Do(`Failed to start workflow ${n}: ${o}`,c))}async get(n){return Hn({instanceId:n},["instanceId"],"workflow get"),Rn(async()=>{this.logger.debug("Getting workflow instance",{instanceId:n});let t=await(await this.client()).workflow.get(n);return this.logger.debug("Workflow instance retrieved",{instanceId:n,workflowName:t.workflowName,runtimeStatus:t.runtimeStatus}),{instanceId:t.instanceID,workflowName:t.workflowName,createdAt:new Date(t.createdAt),lastUpdatedAt:new Date(t.lastUpdatedAt),runtimeStatus:t.runtimeStatus,properties:t.properties||{}}},(r,t)=>Do(`Failed to get workflow instance ${n}: ${r}`,t))}async terminate(n){return Hn({instanceId:n},["instanceId"],"workflow terminate"),Rn(async()=>{this.logger.debug("Terminating workflow instance",{instanceId:n}),await(await this.client()).workflow.terminate(n),this.logger.debug("Workflow instance terminated",{instanceId:n})},(r,t)=>Do(`Failed to terminate workflow instance ${n}: ${r}`,t))}async pause(n){return Hn({instanceId:n},["instanceId"],"workflow pause"),Rn(async()=>{this.logger.debug("Pausing workflow instance",{instanceId:n}),await(await this.client()).workflow.pause(n),this.logger.debug("Workflow instance paused",{instanceId:n})},(r,t)=>Do(`Failed to pause workflow instance ${n}: ${r}`,t))}async resume(n){return Hn({instanceId:n},["instanceId"],"workflow resume"),Rn(async()=>{this.logger.debug("Resuming workflow instance",{instanceId:n}),await(await this.client()).workflow.resume(n),this.logger.debug("Workflow instance resumed",{instanceId:n})},(r,t)=>Do(`Failed to resume workflow instance ${n}: ${r}`,t))}async purge(n){return Hn({instanceId:n},["instanceId"],"workflow purge"),Rn(async()=>{this.logger.debug("Purging workflow instance",{instanceId:n}),await(await this.client()).workflow.purge(n),this.logger.debug("Workflow instance purged",{instanceId:n})},(r,t)=>Do(`Failed to purge workflow instance ${n}: ${r}`,t))}async raiseEvent(n,r,t){return Hn({instanceId:n,eventName:r},["instanceId","eventName"],"workflow raiseEvent"),Rn(async()=>{this.logger.debug("Raising event for workflow instance",{instanceId:n,eventName:r}),await(await this.client()).workflow.raise(n,r,t),this.logger.debug("Event raised for workflow instance",{instanceId:n,eventName:r})},(o,c)=>Do(`Failed to raise event ${r} for workflow instance ${n}: ${o}`,c))}}var Js=b(()=>{Ir();_t()});import{CommunicationProtocolEnum as Xs,DaprClient as T5,HttpMethod as n$,LogLevel as r$}from"@dapr/dapr";class Ls{client=null;daprHost;daprPort;communicationProtocol;maxBodySizeMb;daprApiToken;logger;connectionStatus=Tt.DISCONNECTED;connectionPromise=null;constructor(n={}){this.daprHost=n.daprHost||process.env[nu]||pd,this.daprPort=n.daprPort||process.env[ru]||yd,this.communicationProtocol=n.communicationProtocol||Xs.HTTP,this.maxBodySizeMb=n.maxBodySizeMb||Td,this.daprApiToken=n.daprApiToken||process.env[cu],this.logger=n.logger||xa(),this.logger.info("DaprConnectionManager initialized",{daprHost:this.daprHost,daprPort:this.daprPort,communicationProtocol:this.communicationProtocol})}async getClient(){if(!this.client||this.connectionStatus!==Tt.CONNECTED)await this.connect();if(!this.client)throw zc("Not connected to Dapr sidecar");return this.client}async connect(){if(this.connectionPromise)return this.connectionPromise;if(this.client&&this.connectionStatus===Tt.CONNECTED)return Promise.resolve();this.connectionStatus=Tt.CONNECTING,this.connectionPromise=this.establishConnection();try{await this.connectionPromise,this.connectionStatus=Tt.CONNECTED}catch(n){throw this.connectionStatus=Tt.ERROR,n}finally{this.connectionPromise=null}}async establishConnection(){try{this.logger.info("Connecting to Dapr sidecar",{daprHost:this.daprHost,daprPort:this.daprPort,protocol:this.communicationProtocol});let n=process.env[tu]&&this.communicationProtocol===Xs.HTTP||process.env[ou]&&this.communicationProtocol===Xs.GRPC,r={communicationProtocol:this.communicationProtocol,maxBodySizeMb:this.maxBodySizeMb,logger:{level:r$.Warn}};if(!n)r.daprHost=this.daprHost,r.daprPort=this.daprPort;if(this.daprApiToken)r.daprApiToken=this.daprApiToken;await Ui(async()=>{this.client=new T5(r)},au,"Connection to Dapr sidecar timed out"),await this.healthCheck(),this.logger.info("Successfully connected to Dapr sidecar")}catch(n){throw this.logger.error("Failed to connect to Dapr sidecar",n),this.client=null,zc(`Failed to connect to Dapr sidecar at ${this.daprHost}:${this.daprPort}`,n)}}async disconnect(){if(!this.client)return;try{this.logger.info("Disconnecting from Dapr sidecar"),this.client=null,this.connectionStatus=Tt.DISCONNECTED,this.logger.info("Disconnected from Dapr sidecar")}catch(n){throw this.logger.error("Error during disconnect",n),zc("Failed to disconnect from Dapr sidecar",n)}}isConnected(){return this.client!==null&&this.connectionStatus===Tt.CONNECTED}getConnectionStatus(){return this.connectionStatus}async healthCheck(){if(!this.client)throw zc("Not connected to Dapr sidecar");try{return await Ui(async()=>{if(!this.client)throw zc("Not connected to Dapr sidecar");let n=await this.client.invoker.invoke("healthz","healthz",n$.GET);return{status:n.status===204?Oa.HEALTHY:Oa.UNHEALTHY,version:n.headers?.["dapr-version"]||"unknown"}},eu,"Health check timed out")}catch(n){return this.logger.error("Health check failed",n),{status:Oa.UNHEALTHY,version:"unknown"}}}getClientConfig(){return{daprHost:this.daprHost,daprPort:this.daprPort,communicationProtocol:this.communicationProtocol,maxBodySizeMb:this.maxBodySizeMb,hasApiToken:!!this.daprApiToken,connectionStatus:this.connectionStatus}}}var du=b(()=>{Gt();Ir();_t()});var uu=()=>{};class pa{connectionManager;logger;_state;_pubsub;_binding;_secret;_config;_invoke;_lock;_crypto;_workflow;constructor(n={}){this.logger=n.logger||xa(),this.connectionManager=new Ls(n);let r=async()=>{return this.connectionManager.getClient()};this._state=new Za(r,this.logger),this._pubsub=new Ka(r,this.logger),this._binding=new Pa(r,this.logger),this._secret=new va(r,this.logger),this._config=new Ca(r,this.logger),this._invoke=new ja(r,this.logger),this._lock=new qa(r,this.logger),this._crypto=new Fa(r,this.logger),this._workflow=new Ia(r,this.logger)}async connect(){await this.connectionManager.connect()}async disconnect(){await this.connectionManager.disconnect()}isConnected(){return this.connectionManager.isConnected()}getConnectionStatus(){return this.connectionManager.getConnectionStatus()}async healthCheck(){return this.connectionManager.healthCheck()}getClientConfig(){return this.connectionManager.getClientConfig()}get state(){return this._state}get pubsub(){return this._pubsub}get binding(){return this._binding}get secret(){return this._secret}get config(){return this._config}get invoke(){return this._invoke}get lock(){return this._lock}get crypto(){return this._crypto}get workflow(){return this._workflow}}var Zk;var Qs=b(()=>{Rs();Hs();zs();Bs();Us();Ws();Vs();Ys();Js();du();_t();Rs();Hs();zs();Bs();Us();Ws();Vs();Ys();Js();Gt();Ir();uu();Zk=new pa});import wu from"ioredis";class bu{client;constructor(n){this.client=n}async create(n,r,t){try{return{success:!0,data:t?await this.client.set(n,JSON.stringify(r),"EX",t):await this.client.set(n,JSON.stringify(r))}}catch(o){return{success:!1,error:o.message}}}async read(n){try{let r=await this.client.get(n);return{success:!0,data:r?JSON.parse(r):null}}catch(r){return{success:!1,error:r.message}}}async update(n,r,t=!0){try{return{success:!0,data:t?await this.client.set(n,JSON.stringify(r),"KEEPTTL"):await this.client.set(n,JSON.stringify(r))}}catch(o){return{success:!1,error:o.message}}}async remove(n){try{return{success:!0,data:await this.client.del(n)}}catch(r){return{success:!1,error:r.message}}}async exists(n){try{return{success:!0,data:await this.client.exists(n)===1}}catch(r){return{success:!1,error:r.message}}}getClient(){return this.client}}class gu{storeName;dapr;constructor(n){this.storeName=n;this.dapr=new pa}async create(n,r,t){try{let o=t?{ttlInSeconds:String(t)}:void 0;return await this.dapr.state.save([{key:n,value:r,metadata:o}],void 0,this.storeName),{success:!0,data:"OK"}}catch(o){return{success:!1,error:o.message}}}async read(n){try{return{success:!0,data:await this.dapr.state.get(n,this.storeName)??null}}catch(r){return{success:!1,error:r.message}}}async update(n,r,t=!0){try{return await this.dapr.state.save([{key:n,value:r}],void 0,this.storeName),{success:!0,data:"OK"}}catch(o){return{success:!1,error:o.message}}}async remove(n){try{return await this.dapr.state.delete(n,void 0,void 0,this.storeName),{success:!0,data:1}}catch(r){return{success:!1,error:r.message}}}async exists(n){try{let r=await this.dapr.state.get(n,this.storeName);return{success:!0,data:r!==void 0&&r!==null}}catch(r){return{success:!1,error:r.message}}}}class er{static instance=null;store;directClient=null;useDapr;constructor(n){if(er.instance){this.store=er.instance.store,this.directClient=er.instance.directClient,this.useDapr=er.instance.useDapr;return}if(!n)throw Error("Redis config must be provided for first initialization.");if(t$(n),this.useDapr=n.withDapr??!1,n.withDapr)this.store=new gu(n.stateStoreName??"statestore");else{let r=n.url?new wu(n.url):new wu({host:n.host,port:n.port});this.directClient=r,this.store=new bu(r)}er.instance=this}async create(n,r,t){return this.store.create(n,r,t)}async read(n){return this.store.read(n)}async update(n,r,t=!0){return this.store.update(n,r,t)}async remove(n){return this.store.remove(n)}async exists(n){return this.store.exists(n)}async keys(n){if(this.useDapr||!this.directClient)return console.warn("[RedisManager] keys() not supported in Dapr mode"),[];try{return await this.directClient.keys(n)}catch(r){return console.error("[Redis] Keys error:",r.message),[]}}async acquireLock(n,r=10){if(this.useDapr||!this.directClient){let t=await this.exists(n);if(!t.success)return{success:!1,error:t.error};if(t.data)return{success:!0,data:!1};if((await this.create(n,"1",r)).success)return{success:!0,data:!0};return{success:!1,error:"Failed to acquire lock"}}try{return{success:!0,data:await this.directClient.set(n,"1","EX",r,"NX")==="OK"}}catch(t){return{success:!1,error:t.message}}}async releaseLock(n){return this.remove(n)}async waitForLock(n,r=5000,t=50){let o=Date.now();while(Date.now()-o<r){let c=await this.exists(n);if(!c.success)return{success:!1,error:c.error};if(!c.data)return{success:!0,data:!0};await new Promise((i)=>setTimeout(i,t))}return{success:!0,data:!1}}async getOrWait(n,r=5000,t=50){let o=Date.now();while(Date.now()-o<r){let c=await this.read(n);if(!c.success)return{success:!1,error:c.error};if(c.data!==null)return{success:!0,data:c.data};await new Promise((i)=>setTimeout(i,t))}return{success:!0,data:null}}}var t$=(n)=>{if(!n)throw Error("Redis config must be provided.");if(n.withDapr){if(!n.stateStoreName)throw Error("Dapr mode requires stateStoreName.");return}let r=Boolean(n.url),t=Boolean(n.host)&&typeof n.port==="number";if(!r&&!t)throw Error("Redis config requires either url or host and port.")};var no=b(()=>{Qs()});var Gs=b(()=>{no()});var Os=b(()=>{no();po()});var Ns=b(()=>{no();po();Gs()});var $u=b(()=>{Ns()});var hu=b(()=>{Gs();Os();Ns();$u()});var Au=86400,ko=(n)=>`session:${n}`,ya=(n)=>JSON.stringify(n),Eu=(n)=>{if(!n)return null;if(typeof n==="object")return n;try{return JSON.parse(n)}catch{return null}};var Ta=async(n)=>{let r=new er,t=ko(n.sessionId),o=await r.remove(t);return o.success&&o.data>0};var ne=b(()=>{no()});import o$ from"crypto";var Su=async(n)=>{let r=new er,t=n.sessionId??o$.randomUUID(),o=Date.now(),c=(n.expiresInSeconds??Au)*1000,i=new Date(o).toISOString(),a={id:t,userId:n.userId,createdAt:i,expiresAt:new Date(o+c).toISOString(),lastActiveAt:i,clientMeta:n.clientMeta,fingerprintHash:n.fingerprintHash,deviceInfo:n.deviceInfo,refreshTokenHash:n.refreshTokenHash,loginMethod:n.loginMethod,rememberMe:n.rememberMe},e=await r.create(ko(t),ya(a));if(!e.success)return{success:!1,error:e.error};return{success:!0,session:a}};var xs=b(()=>{no()});var Du=b(()=>{po();Os();ne();xs()});var ku=b(()=>{Du()});var To=async(n)=>{let r=new er,t=ko(n.sessionId),o=await r.read(t);if(!o.success||!o.data)return null;let c=Eu(o.data);if(!c)return null;if(new Date(c.expiresAt).getTime()<=Date.now())return await Ta({sessionId:n.sessionId}),null;return c};var re=b(()=>{no();ne()});var Mu=async(n)=>{let r=await To({sessionId:n.sessionId});if(!r)return{success:!1,error:"Session not found"};let t={...r,...n.updates,lastActiveAt:n.updates.lastActiveAt??new Date().toISOString()},c=await new er().create(ko(n.sessionId),ya(t));if(!c.success)return{success:!1,error:c.error};return{success:!0,session:t}},Ps=async(n)=>{return Mu({sessionId:n,updates:{lastActiveAt:new Date().toISOString()}})};var Ru=b(()=>{no();re()});var c$=async(n)=>{let r=So(n.jwtToken,n.jwtSecret);if(!r.valid)return{isValid:!1,reason:r.error};let t=await To({sessionId:n.sessionId});if(!t)return{isValid:!1,reason:"Session not found"};let o;if(n.savedFingerprint&&n.headers&&n.requestIp){let c={};for(let[a,e]of Object.entries(n.headers))if(e!==void 0)c[a]=e;let i=Gd({savedFingerprint:n.savedFingerprint,headers:c,requestIp:n.requestIp});if(o=i.isValid,!i.isValid)return{isValid:!1,reason:i.reason??"Fingerprint mismatch"}}return{isValid:!0,context:{userId:t.userId,sessionId:t.id,fingerprintValid:o}}};var Hu=b(()=>{ms();po();re()});var zu={};ho(zu,{validateSession:()=>c$,updateSession:()=>Mu,updateLastActiveAt:()=>Ps,readSession:()=>To,generateSession:()=>Su,deleteSession:()=>Ta});var Cs=b(()=>{ne();xs();re();Ru();Hu()});var Bu=b(()=>{Od();po();Id();hu();ku();Cs()});import{eq as i$}from"drizzle-orm";function Vi(n,r,t,o,c,i){let a=[n.toLowerCase()];if(i)a.push("bulk");if(a.push(r),o){if(a.push("with"),a.push(o),c)a.push(c)}else if(t)a.push(t);return a.join(".")}function Yi(n,r,t){if(r)return`/${n}/bulk`;if(t)return`/${n}/:id`;return`/${n}`}function s$(n,r,t){let o=[],c=n.table_name,i=n.excluded_methods||[];for(let a of a$){if(i.includes(a))continue;let e=a==="PUT"||a==="PATCH"||a==="DELETE";if(o.push({action:Vi(a,c),description:`${a} access to ${c}`,path:Yi(c,!1,e&&a!=="DELETE"),method:a}),a==="GET"&&n.columns){for(let f of n.columns){if(r.skipColumns.includes(f.name))continue;o.push({action:Vi(a,c,f.name),description:`${a} access to ${c}.${f.name}`,path:Yi(c),method:a})}let s=`${c}Relations`;if(t[s]){let f=t[s];if(f?.config?.referencedTable?._?.name){let d=f.config.referencedTable._.name;o.push({action:Vi(a,c,void 0,d),description:`${a} access to ${c} with ${d}`,path:Yi(c),method:a})}}}if(a==="POST"||a==="PUT"||a==="PATCH"){if(n.columns)for(let s of n.columns){if(r.skipColumns.includes(s.name))continue;o.push({action:Vi(a,c,s.name),description:`${a} access to ${c}.${s.name}`,path:Yi(c,!1,a!=="POST"),method:a})}}}for(let a of e$){if(i.includes(a))continue;o.push({action:Vi(a,c,void 0,void 0,void 0,!0),description:`Bulk ${a} access to ${c}`,path:Yi(c,!0),method:a})}return o}async function Uu(n,r,t,o,c,i){let a=r.claims;if(!a)return i.warn("[Authorization] Claims table not found in schema"),{total:0,created:0,existing:0,claims:[]};let e=[];for(let w of o){if(c.skipTables.includes(w.table_name))continue;let g=s$(w,c,t);e.push(...g)}let s=e.filter((w,g,u)=>g===u.findIndex((m)=>m.action===w.action)),f=0,d=0,_=[];for(let w of s)try{if((await n.select().from(a).where(i$(a.action,w.action)).limit(1)).length===0)await n.insert(a).values(w),f++,_.push(w.action),i.debug(`[Authorization] Created claim: ${w.action}`);else d++}catch(g){i.error(`[Authorization] Failed to create claim: ${w.action}`,g)}return i.info(`[Authorization] Claims seeded: ${f} created, ${d} existing, ${s.length} total`),{total:s.length,created:f,existing:d,claims:_}}var a$,e$;var Wu=b(()=>{a$=["GET","POST","PUT","PATCH","DELETE"],e$=["POST","PUT","DELETE"]});var{password:f$}=globalThis.Bun;import{eq as Fs}from"drizzle-orm";async function Vu(n,r,t,o){if(!t.godminEmail||!t.godminPassword)return o.warn("[Authorization] Godmin email or password not configured, skipping godmin setup"),{success:!1};let{roles:c,users:i,userRoles:a}=r;if(!c||!i||!a)return o.error("[Authorization] Required tables not found for godmin setup"),{success:!1};try{let e,s=await n.select().from(c).where(Fs(c.name,js)).limit(1);if(s.length===0){let[g]=await n.insert(c).values({name:js,description:"God mode administrator - bypasses all authorization checks"}).returning();e=g.id,o.info(`[Authorization] Created godmin role: ${e}`)}else e=s[0].id,o.debug(`[Authorization] Godmin role already exists: ${e}`);let f,d=await n.select().from(i).where(Fs(i.email,t.godminEmail)).limit(1);if(d.length===0){let g=await f$.hash(t.godminPassword,{algorithm:"bcrypt",cost:10}),[u]=await n.insert(i).values({email:t.godminEmail,password:g,verifiedAt:new Date,isActive:!0}).returning();f=u.id,o.info(`[Authorization] Created godmin user: ${f}`)}else f=d[0].id,o.debug(`[Authorization] Godmin user already exists: ${f}`);if(!(await n.select().from(a).where(Fs(a.userId,f)).limit(1)).some((g)=>g.roleId===e))await n.insert(a).values({userId:f,roleId:e}),o.info(`[Authorization] Assigned godmin role to user: ${f}`);return{success:!0,userId:f,roleId:e}}catch(e){return o.error("[Authorization] Failed to setup godmin",e),{success:!1}}}function Bc(n){return n===js}var js="godmin";var te=()=>{};import{eq as qs,inArray as _$}from"drizzle-orm";function l$(n){return n.startsWith(Xu)}function d$(n){return{field:n.slice(Xu.length)}}function Yu(n){if(!n)return{};let r=new URLSearchParams(n),t={};for(let[o,c]of r.entries())if(l$(c))t[o]=d$(c);else t[o]=c;return t}function Ju(n,r,t){let o={};for(let[c,i]of Object.entries(n))if(typeof i==="object"&&"field"in i){if(!r){t.warn(`[Authorization] Cannot resolve self:${i.field} - userData not provided`);continue}let a=i.field,e=a.replace(/_([a-z])/g,(f,d)=>d.toUpperCase()),s;if(a in r)s=r[a];else if(e in r)s=r[e];else{t.warn(`[Authorization] Cannot resolve self:${a} - field not found in userData`);continue}o[c]=s,t.debug(`[Authorization] Resolved self:${a} -> ${s}`)}else o[c]=i;return o}function Uc(n,r,t,o){let c=[n.toLowerCase(),r];if(o)c.push("with",o);else if(t)c.push(t);return c.join(".")}function Wc(n,r){if(n===r)return!0;let t=n.split("."),o=r.split(".");if(t.length>o.length)return!1;for(let c=0;c<t.length;c++)if(t[c]!==o[c])return!1;return!0}async function oe(n){let{userId:r,method:t,entity:o,requestedFields:c,requestedRelations:i,db:a,schemaTables:e,logger:s,userData:f}=n,d=e.roles,_=e.userRoles,w=e.roleClaims,g=e.claims;if(!d||!_||!w||!g)return s.error("[Authorization] Required tables not found"),{authorized:!1,reason:"Authorization tables not configured"};try{let u=_,m=d,l=await a.select({roleId:u.roleId,roleName:m.name}).from(_).innerJoin(d,qs(u.roleId,m.id)).where(qs(u.userId,r));if(l.length===0)return{authorized:!1,reason:"User has no roles assigned"};if(l.some((Y)=>Bc(Y.roleName)))return s.debug(`[Authorization] User ${r} has godmin role, bypassing checks`),{authorized:!0};let $=l.map((Y)=>Y.roleId),E=w,U=g,W=await a.select({claimAction:U.action,scope:E.scope}).from(w).innerJoin(g,qs(E.claimId,U.id)).where(_$(E.roleId,$));if(W.length===0)return{authorized:!1,reason:"User roles have no claims assigned"};let H=Uc(t,o);if(!W.some((Y)=>Wc(Y.claimAction,H)))return{authorized:!1,reason:`No access to ${t} ${o}`};let D=[],A=[],h={},R=!1;for(let Y of W)if(Y.claimAction===H){R=!0;let z=Yu(Y.scope),J=Ju(z,f,s);Object.assign(h,J)}if(R)return{authorized:!0,scopeFilters:Object.keys(h).length>0?h:void 0};if(c)for(let Y of c){let X=Uc(t,o,Y);if(W.some((J)=>Wc(J.claimAction,X)))D.push(Y)}if(i)for(let Y of i){let X=Uc(t,o,void 0,Y);if(W.some((J)=>Wc(J.claimAction,X)))A.push(Y)}for(let Y of W){let X=Yu(Y.scope),z=Ju(X,f,s);Object.assign(h,z)}if(!(D.length>0||A.length>0)&&(c?.length||i?.length))return{authorized:!1,reason:"No access to requested fields or relations"};return{authorized:!0,allowedFields:D.length>0?D:void 0,allowedRelations:A.length>0?A:void 0,scopeFilters:Object.keys(h).length>0?h:void 0}}catch(u){return s.error("[Authorization] Check failed",u),{authorized:!1,reason:"Authorization check failed"}}}function Lu(n){let{userClaims:r,userRoles:t,method:o,entity:c,requestedFields:i,requestedRelations:a,logger:e}=n;if(r.length===0&&t.length===0)return{authorized:!1,reason:"No roles or claims in token"};if(t.some((g)=>Bc(g)))return e.debug("[Authorization:JWT] User has godmin role, bypassing checks"),{authorized:!0};let s=Uc(o,c);if(r.some((g)=>Wc(g,s)))return{authorized:!0};let d=[],_=[];if(i)for(let g of i){let u=Uc(o,c,g);if(r.some((m)=>Wc(m,u)))d.push(g)}if(a)for(let g of a){let u=Uc(o,c,void 0,g);if(r.some((m)=>Wc(m,u)))_.push(g)}if(!(d.length>0||_.length>0)&&(i?.length||a?.length))return{authorized:!1,reason:`No access to ${o} ${c}`};return{authorized:!0,allowedFields:d.length>0?d:void 0,allowedRelations:_.length>0?_:void 0}}async function Qu(n){let{idpUrl:r,accessToken:t,method:o,entity:c,requestedFields:i,requestedRelations:a,logger:e}=n;try{let s=await fetch(`${r}/auth/check`,{method:"POST",headers:{"Content-Type":"application/json",Cookie:`access_token=${t}`},body:JSON.stringify({entity:c,method:o,fields:i,relations:a})});if(!s.ok)return e.warn(`[Authorization:IDP] IDP /auth/check returned ${s.status}`),{authorized:!1,reason:`IDP authorization check failed (${s.status})`};return await s.json()}catch(s){let f=s instanceof Error?s.message:String(s);return e.error(`[Authorization:IDP] Failed to reach IDP: ${f}`),{authorized:!1,reason:"IDP authorization service unavailable"}}}function ce(n,r){if(!r||r.length===0)return n;let o=[...new Set([...["id"],...r])],c=(i)=>{let a={};for(let e of o)if(e in i)a[e]=i[e];return a};if(Array.isArray(n))return n.map(c);return c(n)}function Gu(n,r){if(!r)return n;let t=(o)=>{let c={...o};for(let i of Object.keys(c))if(typeof c[i]==="object"&&c[i]!==null&&!r.includes(i))delete c[i];return c};if(Array.isArray(n))return n.map(t);return t(n)}var Xu="self:";var Ks=b(()=>{te()});var Ou;var Nu=b(()=>{Ou={enabled:!1,autoSeedClaims:!0,skipTables:["audit_logs"],skipColumns:["id","created_at","updated_at","is_active","password","version"],excludedPaths:["/health","/swagger"],publicPaths:["/auth/login","/auth/register"]}});var vs=b(()=>{Wu();te();Ks();Nu()});function u$(n){let r=n.match(/^(\d+)(s|m|h|d)$/);if(!r||!r[1]||!r[2])return 300;let t=Number.parseInt(r[1],10);switch(r[2]){case"s":return t;case"m":return t*60;case"h":return t*3600;case"d":return t*86400;default:return 300}}function w$(){let n=new Uint8Array(24);return crypto.getRandomValues(n),Array.from(n).map((r)=>r.toString(16).padStart(2,"0")).join("")}function xu(n){let r=new Bun.CryptoHasher("sha256");return r.update(n),r.digest("hex")}function b$(n,r){if(n.length!==r.length){let a=new Uint8Array(32);return crypto.getRandomValues(a),!1}let t=new TextEncoder,o=t.encode(n),c=t.encode(r),i=0;for(let a=0;a<o.length;a++)i|=(o[a]??0)^(c[a]??0);return i===0}function nc(n,r){let t=r-n+1,o=Math.ceil(Math.log2(t)/8)||1,c=256**o,i=c-c%t,a,e=new Uint8Array(o);do crypto.getRandomValues(e),a=e.reduce((s,f,d)=>s+f*256**d,0);while(a>=i);return n+a%t}function Pu(n){let r=Zs[n],{min:t,max:o}=r.mathRange,c=["+","-","\xD7"],i=c[nc(0,c.length-1)],a=nc(t,o),e=nc(t,o),s;switch(i){case"+":s=a+e;break;case"-":if(a<e)[a,e]=[e,a];s=a-e;break;case"\xD7":a=nc(1,12),e=nc(1,12),s=a*e;break;default:s=a+e}return{question:`${a} ${i} ${e} = ?`,answer:s.toString()}}function Cu(n){let r=Zs[n],t="";for(let o=0;o<r.textLength;o++)t+="ABCDEFGHJKLMNPQRSTUVWXYZ23456789".charAt(nc(0,31));return{question:t,answer:t}}function g$(n){let r=Cu(n),t=200,o=60,c=m$(r.answer,200,60),i=`data:image/svg+xml;base64,${Buffer.from(c).toString("base64")}`;return{question:"Enter the text shown in the image",answer:r.answer,imageData:i}}function un(){let n=new Uint32Array(1);return crypto.getRandomValues(n),(n[0]??0)/4294967295}function m$(n,r,t){let o=240+un()*15,c=240+un()*15,i=240+un()*15,a=`rgb(${o}, ${c}, ${i})`,e="";for(let u=0;u<12;u++){let m=un()*r,l=un()*t,S=un()*r,$=un()*t,E=un()*100+100,U=un()*100+100,W=un()*100+100,H=1+un()*2;e+=`<line x1="${m}" y1="${l}" x2="${S}" y2="${$}" stroke="rgb(${E},${U},${W})" stroke-width="${H}"/>`}let s="";for(let u=0;u<4;u++){let m=un()*r,l=un()*t,S=un()*r,$=un()*t,E=un()*r,U=un()*t,W=un()*r,H=un()*t,k=un()*80+80,D=un()*80+80,A=un()*80+80;s+=`<path d="M${m},${l} C${S},${$} ${E},${U} ${W},${H}" stroke="rgb(${k},${D},${A})" stroke-width="2" fill="none"/>`}let f="";for(let u=0;u<80;u++){let m=un()*r,l=un()*t,S=un()*150+50,$=un()*150+50,E=un()*150+50,U=un()*3+1;f+=`<circle cx="${m}" cy="${l}" r="${U}" fill="rgb(${S},${$},${E})"/>`}let d="",_=r/(n.length+2),w=_;for(let u=0;u<n.length;u++){let m=w+u*_+(un()-0.5)*15,l=t/2+8+(un()-0.5)*12,S=(un()-0.5)*40,$=22+un()*10,E=un()*80,U=un()*80,W=un()*80,H=(un()-0.5)*15,k=0.9+un()*0.3;d+=`<text x="${m}" y="${l}" font-family="Arial, Helvetica, sans-serif" font-size="${$}" font-weight="bold" fill="rgb(${E},${U},${W})" transform="rotate(${S}, ${m}, ${l}) skewX(${H}) scale(1, ${k})" style="font-style: ${un()>0.5?"italic":"normal"}">${n[u]}</text>`}let g="";for(let u=0;u<3;u++){let m=10+un()*(t-20),l=un()*60+60,S=un()*60+60,$=un()*60+60;g+=`<line x1="0" y1="${m}" x2="${r}" y2="${m+(un()-0.5)*20}" stroke="rgb(${l},${S},${$})" stroke-width="1.5"/>`}return`<svg xmlns="http://www.w3.org/2000/svg" width="${r}" height="${t}" viewBox="0 0 ${r} ${t}">
+`).slice(1,4);for(let g of w)r(`  ${c}${g.trim()}${o}`)}}}getConsoleMethod(n){switch(n){case"debug":return console.debug.bind(console);case"info":return console.info.bind(console);case"warn":return console.warn.bind(console);case"error":case"fatal":return console.error.bind(console);default:return console.log.bind(console)}}}class Wa{name="database";db;table;enabled;constructor(n){this.db=n.db,this.table=n.table,this.enabled=n.enabled??!0}setDb(n){this.db=n}setTable(n){this.table=n}setEnabled(n){this.enabled=n}async write(n){if(!this.enabled||!this.db||!this.table)return;try{await this.db.insert(this.table).values({id:n.id,entityId:n.entityId,entityName:n.entityName,operationType:n.operation,userId:n.userId,ipAddress:n.ipAddress,userAgent:n.userAgent,summary:n.summary,oldValues:n.oldValues,newValues:n.newValues,path:n.path,query:n.query})}catch(r){console.error("Audit log write failed:",r)}}}class Va{name="console-audit";enabled;constructor(n={}){this.enabled=n.enabled??!0}write(n){if(!this.enabled)return;let r="\x1B[35m",t=I0,o=p0;console.log(`${o}${n.timestamp}${t} ${r}AUDIT${t} [${n.operation}] ${n.entityName}${n.entityId?`:${n.entityId}`:""} ${o}by ${n.userId||"anonymous"}${t}`)}}var os=b(()=>{y0();Ba()});import{randomUUID as M5}from"crypto";class Zr{config;transports;auditTransports;context;correlationId;static instance=null;constructor(n={},r={},t){this.config={...R5,...n},this.context=r,this.correlationId=t,this.transports=[new Ua({colorize:this.config.colorize,prettyPrint:this.config.prettyPrint})],this.auditTransports=[new Va({enabled:this.config.prettyPrint})]}static getInstance(n){if(!Zr.instance)Zr.instance=new Zr(n);return Zr.instance}static resetInstance(){Zr.instance=null}child(n,r){let t=new Zr(this.config,ns(this.context,n)||{},r||this.correlationId);return t.transports=this.transports,t.auditTransports=this.auditTransports,t}withCorrelationId(n){return this.child({},n)}addTransport(n){this.transports.push(n)}addAuditTransport(n){this.auditTransports.push(n)}setLevel(n){this.config.level=n}setAuditEnabled(n){this.config.auditEnabled=n}isAuditEnabled(){return this.config.auditEnabled}shouldLog(n){return Z0[n]>=Z0[this.config.level]}createEntry(n,r,t,o,c){let i={timestamp:new Date().toISOString(),level:n,message:r,service:this.config.service,correlationId:this.correlationId},a=ns(this.context,t);if(a&&Object.keys(a).length>0)i.context=Di(a,this.config.redactKeys);if(this.config.includeCallerInfo)i.caller=Md();if(o)i.error=T0(o);if(c!==void 0)i.duration=performance.now()-c;return i}log(n,r,t,o,c){if(!this.shouldLog(n))return;let i=this.createEntry(n,r,t,o,c);for(let a of this.transports)try{a.log(i)}catch(e){console.error(`Logger transport "${a.name}" failed:`,e)}}debug(n,r){this.log("debug",n,r)}info(n,r){this.log("info",n,r)}warn(n,r){this.log("warn",n,r)}error(n,r,t){this.log("error",n,t,r)}fatal(n,r,t){this.log("fatal",n,t,r)}time(n){let r=performance.now();return()=>{this.log("debug",`${n} completed`,void 0,void 0,r)}}async timeAsync(n,r,t){let o=performance.now();try{let c=await r();return this.log("debug",`${n} completed`,t,void 0,o),c}catch(c){throw this.log("error",`${n} failed`,t,c,o),c}}request(n){let r=n.statusCode>=500?"error":n.statusCode>=400?"warn":"info";this.log(r,`${n.method} ${n.path} ${n.statusCode}`,{method:n.method,path:n.path,statusCode:n.statusCode,durationMs:n.duration,correlationId:n.correlationId,userId:n.userId,ip:n.ip,userAgent:n.userAgent})}db(n){let r=n.error?"error":"debug";this.log(r,`DB ${n.operation} on ${n.table}`,{operation:n.operation,table:n.table,durationMs:n.duration,rowCount:n.rowCount},n.error)}async flush(){for(let n of this.transports)if(n.flush)await n.flush()}async audit(n){let r={id:M5(),timestamp:new Date().toISOString(),entityName:n.entityName,entityId:n.entityId??null,operation:n.operation,userId:n.userId??null,summary:n.summary||`${n.operation} on ${n.entityName}`,oldValues:n.oldValues||{},newValues:n.newValues||{},ipAddress:n.ipAddress||"unknown",userAgent:n.userAgent||"unknown",path:n.path||"",query:n.query||"",correlationId:this.correlationId};for(let t of this.auditTransports)try{await t.write(r)}catch(o){console.error(`Audit transport "${t.name}" failed:`,o)}}auditOnly(n){this.audit(n)}async trace(n){let r=n.log!==!1,t=n.writeAudit===!0||n.writeAudit!==!1&&this.config.auditEnabled&&n.audit;if(r)this.log(n.level||"info",n.message,n.context,n.error);if(t&&n.audit)await this.audit(n.audit)}traceSync(n){let r=n.log!==!1,t=n.writeAudit===!0||n.writeAudit!==!1&&this.config.auditEnabled&&n.audit;if(r)this.log(n.level||"info",n.message,n.context,n.error);if(t&&n.audit)this.audit(n.audit)}}var R5,H5;var cs=b(()=>{os();y0();Ba();R5={level:"info",service:"nucleus",environment:"development",redactKeys:[],colorize:!0,prettyPrint:!0,includeCallerInfo:!0,asyncBufferSize:100,flushIntervalMs:1000,auditEnabled:!1};H5=Zr.getInstance()});var Ud=w5((fD,Bd)=>{var Hd=12,C5=0,es=[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,4,4,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,6,7,7,7,7,7,7,7,7,7,7,7,7,8,7,7,10,9,9,9,11,4,4,4,4,4,4,4,4,4,4,4,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,24,36,48,60,72,84,96,0,12,12,12,0,0,0,0,0,0,0,0,0,0,0,24,0,0,0,0,0,0,0,0,0,24,24,24,0,0,0,0,0,0,0,0,0,24,24,0,0,0,0,0,0,0,0,0,0,48,48,48,0,0,0,0,0,0,0,0,0,0,48,48,0,0,0,0,0,0,0,0,0,48,0,0,0,0,0,0,0,0,0,0,127,63,63,63,0,31,15,15,15,7,7,7];function F5(n){var r=n.indexOf("%");if(r===-1)return n;var t=n.length,o="",c=0,i=0,a=r,e=Hd;while(r>-1&&r<t){var s=zd(n[r+1],4),f=zd(n[r+2],0),d=s|f,_=es[d];if(e=es[256+e+_],i=i<<6|d&es[364+_],e===Hd)o+=n.slice(c,a),o+=i<=65535?String.fromCharCode(i):String.fromCharCode(55232+(i>>10),56320+(i&1023)),i=0,c=r+3,r=a=n.indexOf("%",c);else if(e===C5)return null;else{if(r+=3,r<t&&n.charCodeAt(r)===37)continue;return null}}return o+n.slice(c)}var j5={"0":0,"1":1,"2":2,"3":3,"4":4,"5":5,"6":6,"7":7,"8":8,"9":9,a:10,A:10,b:11,B:11,c:12,C:12,d:13,D:13,e:14,E:14,f:15,F:15};function zd(n,r){var t=j5[n];return t===void 0?255:t<<r}Bd.exports=F5});import{createHash as q5,randomBytes as K5}from"crypto";var v5=32,Z5="sha256",Yd=(n="nk_live")=>{let r=K5(v5).toString("hex"),t=`${n}_${r}`,o=ws(t),c=`${n}_...${r.slice(-4)}`;return{rawKey:t,keyHash:o,keyPreview:c}},ws=(n)=>{return q5(Z5).update(n).digest("hex")},I5=(n)=>{return/^nk_(live|test)_[a-f0-9]{64}$/.test(n)},Jd=(n)=>{let r=n.get("x-api-key");if(r&&I5(r))return r;let t=n.get("authorization");if(t){let o=t.match(/^Bearer\s+(nk_(?:live|test)_[a-f0-9]{64})$/);if(o?.[1])return o[1]}return null},Xd=(n)=>{if(!n.isActive)return{valid:!1,reason:"API key is inactive"};if(n.revokedAt)return{valid:!1,reason:"API key has been revoked"};if(n.expiresAt&&new Date(n.expiresAt)<new Date)return{valid:!1,reason:"API key has expired"};return{valid:!0,record:n}},Qt=(n,r)=>{let t=new Set(n);return r.filter((o)=>t.has(o))};var Xa=()=>{};var Ld=(n)=>{return n?.trim().toLowerCase()||"unknown"},bs=(n,r)=>{return n[r.toLowerCase()]??n[r]};import p5 from"crypto";var Qd=(n)=>{let r=JSON.stringify({userAgent:Ld(n.userAgent),extra:n.extra??{}});return{hash:p5.createHash("sha256").update(r).digest("base64url"),components:n}};var gs=()=>{};var Gd=({savedFingerprint:n,requestIp:r,headers:t})=>{let o=bs(t,"user-agent"),c=bs(t,"x-forwarded-for")??r??void 0,i=Qd({userAgent:o,ipAddress:c}),a=[{field:"userAgent",saved:n.components.userAgent,received:o},{field:"ipAddress",saved:n.components.ipAddress,received:c}].find(({saved:e,received:s})=>e??(s??"")!=="");if(a)return{isValid:!1,reason:`${a.field} mismatch`,currentFingerprint:i};return{isValid:!0,currentFingerprint:i}};var ms=b(()=>{gs()});var Od=b(()=>{gs();ms()});import Nd from"crypto";var $s=(n)=>{return(Buffer.isBuffer(n)?n.toString("base64"):Buffer.from(n).toString("base64")).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,"")},xd=(n)=>{let r="=".repeat((4-n.length%4)%4),t=n.replace(/-/g,"+").replace(/_/g,"/")+r;return Buffer.from(t,"base64").toString("utf-8")},hs=(n,r,t)=>{let o=t.replace("HS","sha"),c=Nd.createHmac(o,r);return c.update(n),$s(c.digest())},Pd=(n,r,t,o)=>{let c=hs(n,t,o);return Nd.timingSafeEqual(Buffer.from(r),Buffer.from(c))},Cd=(n)=>{return $s(JSON.stringify(n))},Fd=(n)=>{return $s(JSON.stringify(n))},La=(n)=>{try{return JSON.parse(xd(n))}catch{return null}},Qa=(n)=>{try{return JSON.parse(xd(n))}catch{return null}};var Ga=()=>{};var y5=(n)=>{let r=n.split(".");if(r.length!==3)return null;let[t,o,c]=r;if(!t||!o||!c)return null;let i=La(t),a=Qa(o);if(!i||!a)return null;return{header:i,payload:a,signature:c}};var jd=b(()=>{Ga()});var zi=(n,r,t="HS256")=>{let o={alg:t,typ:"JWT"},c=Math.floor(Date.now()/1000),i={sub:n.subject,iat:c,exp:c+n.expiresInSeconds,iss:n.issuer,aud:n.audience,jti:n.jwtId,sessionId:n.sessionId,...n.customClaims},a=Cd(o),e=Fd(i),s=`${a}.${e}`,f=hs(s,r,t);return`${s}.${f}`};var qd=b(()=>{Ga()});var So=(n,r)=>{let t=n.split(".");if(t.length!==3)return{valid:!1,error:"Invalid token format: expected 3 parts"};let[o,c,i]=t;if(!o||!c||!i)return{valid:!1,error:"Invalid token format: missing parts"};let a=La(o);if(!a)return{valid:!1,error:"Invalid header: failed to decode"};if(a.typ!=="JWT")return{valid:!1,error:"Invalid header: typ must be JWT"};if(!["HS256","HS384","HS512"].includes(a.alg))return{valid:!1,error:`Unsupported algorithm: ${a.alg}`};let s=`${o}.${c}`;if(!Pd(s,i,r,a.alg))return{valid:!1,error:"Invalid signature"};let d=Qa(c);if(!d)return{valid:!1,error:"Invalid payload: failed to decode"};let _=Math.floor(Date.now()/1000);if(d.exp&&d.exp<_)return{valid:!1,error:"Token expired"};if(d.iat&&d.iat>_+60)return{valid:!1,error:"Token issued in the future"};return{valid:!0,payload:d}};var Kd=b(()=>{Ga()});var vd={};ho(vd,{verifyJWT:()=>So,signJWT:()=>zi,decodeJWT:()=>y5});var po=b(()=>{jd();qd();Kd()});var Zd=()=>{};var Id=b(()=>{Zd()});var pd="127.0.0.1",yd="3500",Td=4,yt="statestore-redis",As="pubsub-rabbitmq",Es="secretstore",Bi="configstore-redis",nu="DAPR_HOST",ru="DAPR_HTTP_PORT",tu="DAPR_HTTP_ENDPOINT",ou="DAPR_GRPC_ENDPOINT",cu="DAPR_API_TOKEN",iu=30000,au=1e4,eu=5000,Tt,Oa,st;var Gt=b(()=>{Tt={CONNECTED:"connected",DISCONNECTED:"disconnected",CONNECTING:"connecting",ERROR:"error"},Oa={HEALTHY:"healthy",UNHEALTHY:"unhealthy"},st={CONNECTION_ERROR:"DAPR_CONNECTION_ERROR",TIMEOUT_ERROR:"DAPR_TIMEOUT_ERROR",STATE_ERROR:"DAPR_STATE_ERROR",PUBSUB_ERROR:"DAPR_PUBSUB_ERROR",BINDING_ERROR:"DAPR_BINDING_ERROR",SECRET_ERROR:"DAPR_SECRET_ERROR",CONFIG_ERROR:"DAPR_CONFIG_ERROR",INVOKE_ERROR:"DAPR_INVOKE_ERROR",CRYPTO_ERROR:"DAPR_CRYPTO_ERROR",LOCK_ERROR:"DAPR_LOCK_ERROR",WORKFLOW_ERROR:"DAPR_WORKFLOW_ERROR",VALIDATION_ERROR:"DAPR_VALIDATION_ERROR"}});var ft,Bc=(n,r)=>new ft(st.CONNECTION_ERROR,n,r),su=(n,r)=>new ft(st.TIMEOUT_ERROR,n,r),yo=(n,r)=>new ft(st.STATE_ERROR,n,r),Ss=(n,r)=>new ft(st.PUBSUB_ERROR,n,r),fu=(n,r)=>new ft(st.BINDING_ERROR,n,r),Ds=(n,r)=>new ft(st.SECRET_ERROR,n,r),Na=(n,r)=>new ft(st.CONFIG_ERROR,n,r),_u=(n,r)=>new ft(st.INVOKE_ERROR,n,r),ks=(n,r)=>new ft(st.CRYPTO_ERROR,n,r),Ms=(n,r)=>new ft(st.LOCK_ERROR,n,r),Do=(n,r)=>new ft(st.WORKFLOW_ERROR,n,r),Rn=async(n,r)=>{try{return await n()}catch(t){let o=t instanceof Error?t.message:String(t);throw r(o,t)}};var Ir=b(()=>{Gt();ft=class ft extends Error{code;details;constructor(n,r,t){super(r);this.name="DaprManagerError",this.code=n,this.details=t}toJSON(){return{code:this.code,message:this.message,details:this.details}}}});var lu,xa=(n="info")=>{let r=lu[n],t=(o)=>(c,...i)=>{if(lu[o]<r)return;let a=new Date().toISOString(),e=i.length>0?` ${JSON.stringify(i)}`:"";console[o](`[${a}] [Dapr] [${o.toUpperCase()}] ${c}${e}`)};return{debug:t("debug"),info:t("info"),warn:t("warn"),error:t("error")}},Ui=async(n,r,t="Operation timed out")=>{return Promise.race([n(),new Promise((o,c)=>{setTimeout(()=>{c(su(t))},r)})])},Hn=(n,r,t)=>{let o=r.filter((c)=>n[c]===void 0);if(o.length>0)throw Error(`Missing required ${t} parameters: ${o.join(", ")}`)};var _t=b(()=>{Gt();Ir();lu={debug:0,info:1,warn:2,error:3}});class Pa{client;logger;constructor(n,r){this.client=n,this.logger=r}async invoke(n,r,t,o={}){return Hn({name:n,operation:r},["name","operation"],"binding invoke"),Rn(async()=>{this.logger.debug("Invoking binding",{name:n,operation:r});let i=await(await this.client()).binding.send(n,r,t,o.metadata);return this.logger.debug("Binding invoked successfully",{name:n,operation:r}),i},(c,i)=>fu(`Failed to invoke binding ${n}: ${c}`,i))}}var Rs=b(()=>{Ir();_t()});class Ca{client;logger;constructor(n,r){this.client=n,this.logger=r}async get(n,r=Bi){if(Hn({keys:n,storeName:r},["keys","storeName"],"config get"),n.length===0)return{};return Rn(async()=>{this.logger.debug("Getting configuration",{keys:n,storeName:r});let o=await(await this.client()).configuration.get(r,n);return this.logger.debug("Configuration retrieved",{keys:n,storeName:r,itemCount:Object.keys(o.items||{}).length}),o.items||{}},(t,o)=>Na(`Failed to get configuration: ${t}`,o))}async subscribeWithKeys(n,r,t=Bi){if(Hn({keys:n,callback:r,storeName:t},["keys","callback","storeName"],"config subscribeWithKeys"),n.length===0)throw Na("At least one key must be provided for subscription");return Rn(async()=>{this.logger.debug("Subscribing to configuration updates",{keys:n,storeName:t});let c=await(await this.client()).configuration.subscribeWithKeys(t,n,async(i)=>{try{this.logger.debug("Received configuration update",{storeName:t,updatedKeys:Object.keys(i.items||{})}),await r(i)}catch(a){this.logger.error("Error in configuration subscription callback",a)}});return this.logger.debug("Configuration subscription established",{keys:n,storeName:t}),{stop:()=>{this.logger.debug("Stopping configuration subscription",{keys:n,storeName:t}),c.stop()}}},(o,c)=>Na(`Failed to subscribe to configuration updates: ${o}`,c))}async getValue(n,r=Bi){return(await this.get([n],r))[n]?.value}async getValues(n,r=Bi){let t=await this.get(n,r),o={};for(let c in t)if(t[c]?.value!==void 0)o[c]=t[c].value;return o}}var Hs=b(()=>{Gt();Ir();_t()});class Fa{client;logger;constructor(n,r){this.client=n,this.logger=r}async encrypt(n,r){return Hn({data:n,componentName:r.componentName},["data","componentName"],"crypto encrypt"),Rn(async()=>{this.logger.debug("Encrypting data",{componentName:r.componentName,keyName:r.keyName,keyWrapAlgorithm:r.keyWrapAlgorithm});let t=await this.client(),o=typeof n==="string"?Buffer.from(n):n,c={componentName:r.componentName};if(r.keyName)c.keyName=r.keyName;if(r.keyWrapAlgorithm)c.keyWrapAlgorithm=r.keyWrapAlgorithm;let i=await t.crypto.encrypt(o,c);return this.logger.debug("Data encrypted successfully",{componentName:r.componentName,inputSize:o.length,outputSize:i.length}),i},(t,o)=>ks(`Failed to encrypt data: ${t}`,o))}async decrypt(n,r){return Hn({data:n,componentName:r.componentName},["data","componentName"],"crypto decrypt"),Rn(async()=>{this.logger.debug("Decrypting data",{componentName:r.componentName});let t=await this.client(),o=typeof n==="string"?Buffer.from(n):n,c={componentName:r.componentName};if(r.keyName)c.keyName=r.keyName;if(r.keyWrapAlgorithm)c.keyWrapAlgorithm=r.keyWrapAlgorithm;let i=await t.crypto.decrypt(o,c);return this.logger.debug("Data decrypted successfully",{componentName:r.componentName,inputSize:o.length,outputSize:i.length}),i},(t,o)=>ks(`Failed to decrypt data: ${t}`,o))}async encryptString(n,r){return(await this.encrypt(n,r)).toString("base64")}async decryptString(n,r){let t=Buffer.from(n,"base64");return(await this.decrypt(t,r)).toString("utf-8")}}var zs=b(()=>{Ir();_t()});import{HttpMethod as Wi}from"@dapr/dapr";class ja{client;logger;constructor(n,r){this.client=n,this.logger=r}async invoke(n,r,t=Wi.POST,o,c={}){Hn({appId:n,methodName:r,httpMethod:t},["appId","methodName","httpMethod"],"invoke service");let i=c.timeout||iu;return Rn(async()=>{this.logger.debug("Invoking service",{appId:n,methodName:r,httpMethod:t,hasData:o!==void 0});let a=r;if(c.queryParams&&Object.keys(c.queryParams).length>0){let f=Object.entries(c.queryParams).map(([d,_])=>`${encodeURIComponent(d)}=${encodeURIComponent(_)}`).join("&");a=`${r}?${f}`}let e=await this.client(),s=await Ui(()=>e.invoker.invoke(n,a,t,o,c.headers),i,`Service invocation timed out after ${i}ms`);if(this.logger.debug("Service invoked successfully",{appId:n,methodName:r,httpMethod:t,status:s?.status}),!s)return;if("data"in s)return s.data;return s},(a,e)=>_u(`Failed to invoke service ${n}.${r}: ${a}`,e))}async get(n,r,t={}){return this.invoke(n,r,Wi.GET,void 0,t)}async post(n,r,t,o={}){return this.invoke(n,r,Wi.POST,t,o)}async put(n,r,t,o={}){return this.invoke(n,r,Wi.PUT,t,o)}async delete(n,r,t={}){return this.invoke(n,r,Wi.DELETE,void 0,t)}}var Bs=b(()=>{Gt();Ir();_t()});class qa{client;logger;constructor(n,r){this.client=n,this.logger=r}async lock(n,r,t,o){return Hn({storeName:n,resourceId:r,lockOwner:t,expiryInSeconds:o.expiryInSeconds},["storeName","resourceId","lockOwner","expiryInSeconds"],"lock"),Rn(async()=>{this.logger.debug("Acquiring lock",{storeName:n,resourceId:r,lockOwner:t});let i=await(await this.client()).lock.lock(n,r,t,o.expiryInSeconds);return this.logger.debug("Lock acquisition result",{storeName:n,resourceId:r,lockOwner:t,success:i.success}),{success:i.success}},(c,i)=>Ms(`Failed to acquire lock for resource ${r}: ${c}`,i))}async unlock(n,r,t){return Hn({storeName:n,resourceId:r,lockOwner:t},["storeName","resourceId","lockOwner"],"unlock"),Rn(async()=>{this.logger.debug("Releasing lock",{storeName:n,resourceId:r,lockOwner:t});let c=await(await this.client()).lock.unlock(n,r,t);return this.logger.debug("Lock release result",{storeName:n,resourceId:r,lockOwner:t,status:this.getLockStatusName(c.status)}),{status:c.status}},(o,c)=>Ms(`Failed to release lock for resource ${r}: ${o}`,c))}getLockStatusName(n){switch(n){case 0:return"Success";case 1:return"LockDoesNotExist";case 2:return"LockBelongsToOthers";default:return"InternalError"}}}var Us=b(()=>{Ir();_t()});class Ka{client;logger;constructor(n,r){this.client=n,this.logger=r}async publish(n,r,t={},o=As){return Hn({topic:n,data:r,pubsubName:o},["topic","data","pubsubName"],"pubsub publish"),Rn(async()=>{this.logger.debug("Publishing message to topic",{topic:n,pubsubName:o}),await(await this.client()).pubsub.publish(o,n,r,{metadata:t.metadata,contentType:t.contentType}),this.logger.debug("Message published successfully",{topic:n,pubsubName:o})},(c,i)=>Ss(`Failed to publish message to topic ${n}: ${c}`,i))}async publishBulk(n,r,t=As){if(Hn({topic:n,messages:r,pubsubName:t},["topic","messages","pubsubName"],"pubsub publishBulk"),r.length===0)return{failedEntries:[]};return Rn(async()=>{this.logger.debug("Publishing bulk messages to topic",{topic:n,pubsubName:t,messageCount:r.length});let o=await this.client(),c=r.map((e)=>{if(typeof e==="object"&&"event"in e)return{entryID:e.entryId,event:e.event,contentType:e.contentType,metadata:e.metadata};return{event:e}}),i=await o.pubsub.publishBulk(t,n,c),a=i.failedMessages?.length||0;if(a>0)this.logger.warn("Some messages failed to publish",{topic:n,pubsubName:t,failedCount:a,totalCount:r.length});else this.logger.debug("All bulk messages published successfully",{topic:n,pubsubName:t,messageCount:r.length});return{failedEntries:(i.failedMessages||[]).map((e)=>({entryId:e.message.entryID||"",error:e.error?.message||"Unknown error"}))}},(o,c)=>Ss(`Failed to publish bulk messages to topic ${n}: ${o}`,c))}createBulkPublishMessage(n,r,t,o){return{entryId:r,event:n,contentType:t,metadata:o}}}var Ws=b(()=>{Gt();Ir();_t()});class va{client;logger;constructor(n,r){this.client=n,this.logger=r}async get(n,r={},t=Es){return Hn({key:n,storeName:t},["key","storeName"],"secret get"),Rn(async()=>{this.logger.debug("Getting secret",{key:n,storeName:t});let o=await this.client(),c=r.metadata?JSON.stringify(r.metadata):void 0,i=await o.secret.get(t,n,c);return this.logger.debug("Secret retrieved",{key:n,storeName:t}),i},(o,c)=>Ds(`Failed to get secret ${n}: ${o}`,c))}async getBulk(n={},r=Es){return Hn({storeName:r},["storeName"],"secret getBulk"),Rn(async()=>{this.logger.debug("Getting all secrets",{storeName:r});let o=await(await this.client()).secret.getBulk(r);return this.logger.debug("All secrets retrieved",{storeName:r,secretCount:Object.keys(o).length}),o},(t,o)=>Ds(`Failed to get all secrets: ${t}`,o))}}var Vs=b(()=>{Gt();Ir();_t()});class Za{client;logger;constructor(n,r){this.client=n,this.logger=r}async save(n,r={},t=yt){if(Hn({stateItems:n,storeName:t},["stateItems","storeName"],"state save"),n.length===0)return;return Rn(async()=>{this.logger.debug("Saving state items",{count:n.length,storeName:t}),await(await this.client()).state.save(t,n,r),this.logger.debug("State items saved successfully",{count:n.length,storeName:t})},(o,c)=>yo(`Failed to save state items: ${o}`,c))}async get(n,r=yt){return Hn({key:n,storeName:r},["key","storeName"],"state get"),Rn(async()=>{this.logger.debug("Getting state item",{key:n,storeName:r});let o=await(await this.client()).state.get(r,n);if(this.logger.debug("State item retrieved",{key:n,storeName:r,found:o!==void 0}),o===void 0||o===null)return;if(typeof o==="string")try{return JSON.parse(o)}catch{return o}if(typeof o==="object")return o;return o},(t,o)=>yo(`Failed to get state item ${n}: ${t}`,o))}async getBulk(n,r=yt){if(Hn({keys:n,storeName:r},["keys","storeName"],"state getBulk"),n.length===0)return{};return Rn(async()=>{this.logger.debug("Getting bulk state items",{count:n.length,storeName:r});let o=await(await this.client()).state.getBulk(r,n),c={};return o.forEach((i)=>{if(i.data!==void 0)c[i.key]=i.data}),this.logger.debug("Bulk state items retrieved",{count:n.length,found:Object.keys(c).length,storeName:r}),c},(t,o)=>yo(`Failed to get bulk state items: ${t}`,o))}async delete(n,r,t,o=yt){return Hn({key:n,storeName:o},["key","storeName"],"state delete"),Rn(async()=>{this.logger.debug("Deleting state item",{key:n,storeName:o});let c=await this.client(),i={};if(r)i.etag=r;if(t)i.metadata=t;await c.state.delete(o,n,i),this.logger.debug("State item deleted",{key:n,storeName:o})},(c,i)=>yo(`Failed to delete state item ${n}: ${c}`,i))}async transaction(n,r=yt){if(Hn({operations:n,storeName:r},["operations","storeName"],"state transaction"),n.length===0)return;return Rn(async()=>{this.logger.debug("Executing state transaction",{operationCount:n.length,storeName:r});let t=await this.client(),o=n.map((c)=>({operation:c.operation,request:{key:c.request.key,value:c.request.value,etag:c.request.etag?{value:c.request.etag}:void 0,metadata:c.request.metadata}}));await t.state.transaction(r,o),this.logger.debug("State transaction executed successfully",{operationCount:n.length,storeName:r})},(t,o)=>yo(`Failed to execute state transaction: ${t}`,o))}async query(n,r=yt){return Hn({query:n,storeName:r},["query","storeName"],"state query"),Rn(async()=>{this.logger.debug("Querying state store",{storeName:r});let o=await(await this.client()).state.query(r,n);return this.logger.debug("State query executed",{storeName:r,resultCount:o.results?.length||0}),(o.results||[]).map((c)=>c.data)},(t,o)=>yo(`Failed to query state store: ${t}`,o))}async saveItem(n,r,t={},o=yt){let c={key:n,value:r};return this.save([c],t,o)}async upsert(n,r,t={},o=yt){return this.saveItem(n,r,t,o)}}var Ys=b(()=>{Gt();Ir();_t()});class Ia{client;logger;constructor(n,r){this.client=n,this.logger=r}async start(n,r,t={}){return Hn({workflowName:n},["workflowName"],"workflow start"),Rn(async()=>{this.logger.debug("Starting workflow",{workflowName:n,instanceId:t.instanceId||"auto-generated",workflowComponent:t.workflowComponent});let c=await(await this.client()).workflow.start(n,r,t.instanceId);return this.logger.debug("Workflow started",{workflowName:n,instanceId:c}),c},(o,c)=>Do(`Failed to start workflow ${n}: ${o}`,c))}async get(n){return Hn({instanceId:n},["instanceId"],"workflow get"),Rn(async()=>{this.logger.debug("Getting workflow instance",{instanceId:n});let t=await(await this.client()).workflow.get(n);return this.logger.debug("Workflow instance retrieved",{instanceId:n,workflowName:t.workflowName,runtimeStatus:t.runtimeStatus}),{instanceId:t.instanceID,workflowName:t.workflowName,createdAt:new Date(t.createdAt),lastUpdatedAt:new Date(t.lastUpdatedAt),runtimeStatus:t.runtimeStatus,properties:t.properties||{}}},(r,t)=>Do(`Failed to get workflow instance ${n}: ${r}`,t))}async terminate(n){return Hn({instanceId:n},["instanceId"],"workflow terminate"),Rn(async()=>{this.logger.debug("Terminating workflow instance",{instanceId:n}),await(await this.client()).workflow.terminate(n),this.logger.debug("Workflow instance terminated",{instanceId:n})},(r,t)=>Do(`Failed to terminate workflow instance ${n}: ${r}`,t))}async pause(n){return Hn({instanceId:n},["instanceId"],"workflow pause"),Rn(async()=>{this.logger.debug("Pausing workflow instance",{instanceId:n}),await(await this.client()).workflow.pause(n),this.logger.debug("Workflow instance paused",{instanceId:n})},(r,t)=>Do(`Failed to pause workflow instance ${n}: ${r}`,t))}async resume(n){return Hn({instanceId:n},["instanceId"],"workflow resume"),Rn(async()=>{this.logger.debug("Resuming workflow instance",{instanceId:n}),await(await this.client()).workflow.resume(n),this.logger.debug("Workflow instance resumed",{instanceId:n})},(r,t)=>Do(`Failed to resume workflow instance ${n}: ${r}`,t))}async purge(n){return Hn({instanceId:n},["instanceId"],"workflow purge"),Rn(async()=>{this.logger.debug("Purging workflow instance",{instanceId:n}),await(await this.client()).workflow.purge(n),this.logger.debug("Workflow instance purged",{instanceId:n})},(r,t)=>Do(`Failed to purge workflow instance ${n}: ${r}`,t))}async raiseEvent(n,r,t){return Hn({instanceId:n,eventName:r},["instanceId","eventName"],"workflow raiseEvent"),Rn(async()=>{this.logger.debug("Raising event for workflow instance",{instanceId:n,eventName:r}),await(await this.client()).workflow.raise(n,r,t),this.logger.debug("Event raised for workflow instance",{instanceId:n,eventName:r})},(o,c)=>Do(`Failed to raise event ${r} for workflow instance ${n}: ${o}`,c))}}var Js=b(()=>{Ir();_t()});import{CommunicationProtocolEnum as Xs,DaprClient as T5,HttpMethod as n$,LogLevel as r$}from"@dapr/dapr";class Ls{client=null;daprHost;daprPort;communicationProtocol;maxBodySizeMb;daprApiToken;logger;connectionStatus=Tt.DISCONNECTED;connectionPromise=null;constructor(n={}){this.daprHost=n.daprHost||process.env[nu]||pd,this.daprPort=n.daprPort||process.env[ru]||yd,this.communicationProtocol=n.communicationProtocol||Xs.HTTP,this.maxBodySizeMb=n.maxBodySizeMb||Td,this.daprApiToken=n.daprApiToken||process.env[cu],this.logger=n.logger||xa(),this.logger.info("DaprConnectionManager initialized",{daprHost:this.daprHost,daprPort:this.daprPort,communicationProtocol:this.communicationProtocol})}async getClient(){if(!this.client||this.connectionStatus!==Tt.CONNECTED)await this.connect();if(!this.client)throw Bc("Not connected to Dapr sidecar");return this.client}async connect(){if(this.connectionPromise)return this.connectionPromise;if(this.client&&this.connectionStatus===Tt.CONNECTED)return Promise.resolve();this.connectionStatus=Tt.CONNECTING,this.connectionPromise=this.establishConnection();try{await this.connectionPromise,this.connectionStatus=Tt.CONNECTED}catch(n){throw this.connectionStatus=Tt.ERROR,n}finally{this.connectionPromise=null}}async establishConnection(){try{this.logger.info("Connecting to Dapr sidecar",{daprHost:this.daprHost,daprPort:this.daprPort,protocol:this.communicationProtocol});let n=process.env[tu]&&this.communicationProtocol===Xs.HTTP||process.env[ou]&&this.communicationProtocol===Xs.GRPC,r={communicationProtocol:this.communicationProtocol,maxBodySizeMb:this.maxBodySizeMb,logger:{level:r$.Warn}};if(!n)r.daprHost=this.daprHost,r.daprPort=this.daprPort;if(this.daprApiToken)r.daprApiToken=this.daprApiToken;await Ui(async()=>{this.client=new T5(r)},au,"Connection to Dapr sidecar timed out"),await this.healthCheck(),this.logger.info("Successfully connected to Dapr sidecar")}catch(n){throw this.logger.error("Failed to connect to Dapr sidecar",n),this.client=null,Bc(`Failed to connect to Dapr sidecar at ${this.daprHost}:${this.daprPort}`,n)}}async disconnect(){if(!this.client)return;try{this.logger.info("Disconnecting from Dapr sidecar"),this.client=null,this.connectionStatus=Tt.DISCONNECTED,this.logger.info("Disconnected from Dapr sidecar")}catch(n){throw this.logger.error("Error during disconnect",n),Bc("Failed to disconnect from Dapr sidecar",n)}}isConnected(){return this.client!==null&&this.connectionStatus===Tt.CONNECTED}getConnectionStatus(){return this.connectionStatus}async healthCheck(){if(!this.client)throw Bc("Not connected to Dapr sidecar");try{return await Ui(async()=>{if(!this.client)throw Bc("Not connected to Dapr sidecar");let n=await this.client.invoker.invoke("healthz","healthz",n$.GET);return{status:n.status===204?Oa.HEALTHY:Oa.UNHEALTHY,version:n.headers?.["dapr-version"]||"unknown"}},eu,"Health check timed out")}catch(n){return this.logger.error("Health check failed",n),{status:Oa.UNHEALTHY,version:"unknown"}}}getClientConfig(){return{daprHost:this.daprHost,daprPort:this.daprPort,communicationProtocol:this.communicationProtocol,maxBodySizeMb:this.maxBodySizeMb,hasApiToken:!!this.daprApiToken,connectionStatus:this.connectionStatus}}}var du=b(()=>{Gt();Ir();_t()});var uu=()=>{};class pa{connectionManager;logger;_state;_pubsub;_binding;_secret;_config;_invoke;_lock;_crypto;_workflow;constructor(n={}){this.logger=n.logger||xa(),this.connectionManager=new Ls(n);let r=async()=>{return this.connectionManager.getClient()};this._state=new Za(r,this.logger),this._pubsub=new Ka(r,this.logger),this._binding=new Pa(r,this.logger),this._secret=new va(r,this.logger),this._config=new Ca(r,this.logger),this._invoke=new ja(r,this.logger),this._lock=new qa(r,this.logger),this._crypto=new Fa(r,this.logger),this._workflow=new Ia(r,this.logger)}async connect(){await this.connectionManager.connect()}async disconnect(){await this.connectionManager.disconnect()}isConnected(){return this.connectionManager.isConnected()}getConnectionStatus(){return this.connectionManager.getConnectionStatus()}async healthCheck(){return this.connectionManager.healthCheck()}getClientConfig(){return this.connectionManager.getClientConfig()}get state(){return this._state}get pubsub(){return this._pubsub}get binding(){return this._binding}get secret(){return this._secret}get config(){return this._config}get invoke(){return this._invoke}get lock(){return this._lock}get crypto(){return this._crypto}get workflow(){return this._workflow}}var Zk;var Qs=b(()=>{Rs();Hs();zs();Bs();Us();Ws();Vs();Ys();Js();du();_t();Rs();Hs();zs();Bs();Us();Ws();Vs();Ys();Js();Gt();Ir();uu();Zk=new pa});import wu from"ioredis";class bu{client;constructor(n){this.client=n}async create(n,r,t){try{return{success:!0,data:t?await this.client.set(n,JSON.stringify(r),"EX",t):await this.client.set(n,JSON.stringify(r))}}catch(o){return{success:!1,error:o.message}}}async read(n){try{let r=await this.client.get(n);return{success:!0,data:r?JSON.parse(r):null}}catch(r){return{success:!1,error:r.message}}}async update(n,r,t=!0){try{return{success:!0,data:t?await this.client.set(n,JSON.stringify(r),"KEEPTTL"):await this.client.set(n,JSON.stringify(r))}}catch(o){return{success:!1,error:o.message}}}async remove(n){try{return{success:!0,data:await this.client.del(n)}}catch(r){return{success:!1,error:r.message}}}async exists(n){try{return{success:!0,data:await this.client.exists(n)===1}}catch(r){return{success:!1,error:r.message}}}getClient(){return this.client}}class gu{storeName;dapr;constructor(n){this.storeName=n;this.dapr=new pa}async create(n,r,t){try{let o=t?{ttlInSeconds:String(t)}:void 0;return await this.dapr.state.save([{key:n,value:r,metadata:o}],void 0,this.storeName),{success:!0,data:"OK"}}catch(o){return{success:!1,error:o.message}}}async read(n){try{return{success:!0,data:await this.dapr.state.get(n,this.storeName)??null}}catch(r){return{success:!1,error:r.message}}}async update(n,r,t=!0){try{return await this.dapr.state.save([{key:n,value:r}],void 0,this.storeName),{success:!0,data:"OK"}}catch(o){return{success:!1,error:o.message}}}async remove(n){try{return await this.dapr.state.delete(n,void 0,void 0,this.storeName),{success:!0,data:1}}catch(r){return{success:!1,error:r.message}}}async exists(n){try{let r=await this.dapr.state.get(n,this.storeName);return{success:!0,data:r!==void 0&&r!==null}}catch(r){return{success:!1,error:r.message}}}}class er{static instance=null;store;directClient=null;useDapr;constructor(n){if(er.instance){this.store=er.instance.store,this.directClient=er.instance.directClient,this.useDapr=er.instance.useDapr;return}if(!n)throw Error("Redis config must be provided for first initialization.");if(t$(n),this.useDapr=n.withDapr??!1,n.withDapr)this.store=new gu(n.stateStoreName??"statestore");else{let r=n.url?new wu(n.url):new wu({host:n.host,port:n.port});this.directClient=r,this.store=new bu(r)}er.instance=this}async create(n,r,t){return this.store.create(n,r,t)}async read(n){return this.store.read(n)}async update(n,r,t=!0){return this.store.update(n,r,t)}async remove(n){return this.store.remove(n)}async exists(n){return this.store.exists(n)}async keys(n){if(this.useDapr||!this.directClient)return console.warn("[RedisManager] keys() not supported in Dapr mode"),[];try{return await this.directClient.keys(n)}catch(r){return console.error("[Redis] Keys error:",r.message),[]}}async acquireLock(n,r=10){if(this.useDapr||!this.directClient){let t=await this.exists(n);if(!t.success)return{success:!1,error:t.error};if(t.data)return{success:!0,data:!1};if((await this.create(n,"1",r)).success)return{success:!0,data:!0};return{success:!1,error:"Failed to acquire lock"}}try{return{success:!0,data:await this.directClient.set(n,"1","EX",r,"NX")==="OK"}}catch(t){return{success:!1,error:t.message}}}async releaseLock(n){return this.remove(n)}async waitForLock(n,r=5000,t=50){let o=Date.now();while(Date.now()-o<r){let c=await this.exists(n);if(!c.success)return{success:!1,error:c.error};if(!c.data)return{success:!0,data:!0};await new Promise((i)=>setTimeout(i,t))}return{success:!0,data:!1}}async getOrWait(n,r=5000,t=50){let o=Date.now();while(Date.now()-o<r){let c=await this.read(n);if(!c.success)return{success:!1,error:c.error};if(c.data!==null)return{success:!0,data:c.data};await new Promise((i)=>setTimeout(i,t))}return{success:!0,data:null}}}var t$=(n)=>{if(!n)throw Error("Redis config must be provided.");if(n.withDapr){if(!n.stateStoreName)throw Error("Dapr mode requires stateStoreName.");return}let r=Boolean(n.url),t=Boolean(n.host)&&typeof n.port==="number";if(!r&&!t)throw Error("Redis config requires either url or host and port.")};var no=b(()=>{Qs()});var Gs=b(()=>{no()});var Os=b(()=>{no();po()});var Ns=b(()=>{no();po();Gs()});var $u=b(()=>{Ns()});var hu=b(()=>{Gs();Os();Ns();$u()});var Au=86400,ko=(n)=>`session:${n}`,ya=(n)=>JSON.stringify(n),Eu=(n)=>{if(!n)return null;if(typeof n==="object")return n;try{return JSON.parse(n)}catch{return null}};var Ta=async(n)=>{let r=new er,t=ko(n.sessionId),o=await r.remove(t);return o.success&&o.data>0};var ne=b(()=>{no()});import o$ from"crypto";var Su=async(n)=>{let r=new er,t=n.sessionId??o$.randomUUID(),o=Date.now(),c=(n.expiresInSeconds??Au)*1000,i=new Date(o).toISOString(),a={id:t,userId:n.userId,createdAt:i,expiresAt:new Date(o+c).toISOString(),lastActiveAt:i,clientMeta:n.clientMeta,fingerprintHash:n.fingerprintHash,deviceInfo:n.deviceInfo,refreshTokenHash:n.refreshTokenHash,loginMethod:n.loginMethod,rememberMe:n.rememberMe},e=await r.create(ko(t),ya(a));if(!e.success)return{success:!1,error:e.error};return{success:!0,session:a}};var xs=b(()=>{no()});var Du=b(()=>{po();Os();ne();xs()});var ku=b(()=>{Du()});var To=async(n)=>{let r=new er,t=ko(n.sessionId),o=await r.read(t);if(!o.success||!o.data)return null;let c=Eu(o.data);if(!c)return null;if(new Date(c.expiresAt).getTime()<=Date.now())return await Ta({sessionId:n.sessionId}),null;return c};var re=b(()=>{no();ne()});var Mu=async(n)=>{let r=await To({sessionId:n.sessionId});if(!r)return{success:!1,error:"Session not found"};let t={...r,...n.updates,lastActiveAt:n.updates.lastActiveAt??new Date().toISOString()},c=await new er().create(ko(n.sessionId),ya(t));if(!c.success)return{success:!1,error:c.error};return{success:!0,session:t}},Ps=async(n)=>{return Mu({sessionId:n,updates:{lastActiveAt:new Date().toISOString()}})};var Ru=b(()=>{no();re()});var c$=async(n)=>{let r=So(n.jwtToken,n.jwtSecret);if(!r.valid)return{isValid:!1,reason:r.error};let t=await To({sessionId:n.sessionId});if(!t)return{isValid:!1,reason:"Session not found"};let o;if(n.savedFingerprint&&n.headers&&n.requestIp){let c={};for(let[a,e]of Object.entries(n.headers))if(e!==void 0)c[a]=e;let i=Gd({savedFingerprint:n.savedFingerprint,headers:c,requestIp:n.requestIp});if(o=i.isValid,!i.isValid)return{isValid:!1,reason:i.reason??"Fingerprint mismatch"}}return{isValid:!0,context:{userId:t.userId,sessionId:t.id,fingerprintValid:o}}};var Hu=b(()=>{ms();po();re()});var zu={};ho(zu,{validateSession:()=>c$,updateSession:()=>Mu,updateLastActiveAt:()=>Ps,readSession:()=>To,generateSession:()=>Su,deleteSession:()=>Ta});var Cs=b(()=>{ne();xs();re();Ru();Hu()});var Bu=b(()=>{Od();po();Id();hu();ku();Cs()});import{eq as i$}from"drizzle-orm";function Vi(n,r,t,o,c,i){let a=[n.toLowerCase()];if(i)a.push("bulk");if(a.push(r),o){if(a.push("with"),a.push(o),c)a.push(c)}else if(t)a.push(t);return a.join(".")}function Yi(n,r,t){if(r)return`/${n}/bulk`;if(t)return`/${n}/:id`;return`/${n}`}function s$(n,r,t){let o=[],c=n.table_name,i=n.excluded_methods||[];for(let a of a$){if(i.includes(a))continue;let e=a==="PUT"||a==="PATCH"||a==="DELETE";if(o.push({action:Vi(a,c),description:`${a} access to ${c}`,path:Yi(c,!1,e&&a!=="DELETE"),method:a}),a==="GET"&&n.columns){for(let f of n.columns){if(r.skipColumns.includes(f.name))continue;o.push({action:Vi(a,c,f.name),description:`${a} access to ${c}.${f.name}`,path:Yi(c),method:a})}let s=`${c}Relations`;if(t[s]){let f=t[s];if(f?.config?.referencedTable?._?.name){let d=f.config.referencedTable._.name;o.push({action:Vi(a,c,void 0,d),description:`${a} access to ${c} with ${d}`,path:Yi(c),method:a})}}}if(a==="POST"||a==="PUT"||a==="PATCH"){if(n.columns)for(let s of n.columns){if(r.skipColumns.includes(s.name))continue;o.push({action:Vi(a,c,s.name),description:`${a} access to ${c}.${s.name}`,path:Yi(c,!1,a!=="POST"),method:a})}}}for(let a of e$){if(i.includes(a))continue;o.push({action:Vi(a,c,void 0,void 0,void 0,!0),description:`Bulk ${a} access to ${c}`,path:Yi(c,!0),method:a})}return o}async function Uu(n,r,t,o,c,i){let a=r.claims;if(!a)return i.warn("[Authorization] Claims table not found in schema"),{total:0,created:0,existing:0,claims:[]};let e=[];for(let w of o){if(c.skipTables.includes(w.table_name))continue;let g=s$(w,c,t);e.push(...g)}let s=e.filter((w,g,u)=>g===u.findIndex((m)=>m.action===w.action)),f=0,d=0,_=[];for(let w of s)try{if((await n.select().from(a).where(i$(a.action,w.action)).limit(1)).length===0)await n.insert(a).values(w),f++,_.push(w.action),i.debug(`[Authorization] Created claim: ${w.action}`);else d++}catch(g){i.error(`[Authorization] Failed to create claim: ${w.action}`,g)}return i.info(`[Authorization] Claims seeded: ${f} created, ${d} existing, ${s.length} total`),{total:s.length,created:f,existing:d,claims:_}}var a$,e$;var Wu=b(()=>{a$=["GET","POST","PUT","PATCH","DELETE"],e$=["POST","PUT","DELETE"]});var{password:f$}=globalThis.Bun;import{eq as Fs}from"drizzle-orm";async function Vu(n,r,t,o){if(!t.godminEmail||!t.godminPassword)return o.warn("[Authorization] Godmin email or password not configured, skipping godmin setup"),{success:!1};let{roles:c,users:i,userRoles:a}=r;if(!c||!i||!a)return o.error("[Authorization] Required tables not found for godmin setup"),{success:!1};try{let e,s=await n.select().from(c).where(Fs(c.name,js)).limit(1);if(s.length===0){let[g]=await n.insert(c).values({name:js,description:"God mode administrator - bypasses all authorization checks"}).returning();e=g.id,o.info(`[Authorization] Created godmin role: ${e}`)}else e=s[0].id,o.debug(`[Authorization] Godmin role already exists: ${e}`);let f,d=await n.select().from(i).where(Fs(i.email,t.godminEmail)).limit(1);if(d.length===0){let g=await f$.hash(t.godminPassword,{algorithm:"bcrypt",cost:10}),[u]=await n.insert(i).values({email:t.godminEmail,password:g,verifiedAt:new Date,isActive:!0}).returning();f=u.id,o.info(`[Authorization] Created godmin user: ${f}`)}else f=d[0].id,o.debug(`[Authorization] Godmin user already exists: ${f}`);if(!(await n.select().from(a).where(Fs(a.userId,f)).limit(1)).some((g)=>g.roleId===e))await n.insert(a).values({userId:f,roleId:e}),o.info(`[Authorization] Assigned godmin role to user: ${f}`);return{success:!0,userId:f,roleId:e}}catch(e){return o.error("[Authorization] Failed to setup godmin",e),{success:!1}}}function nc(n){return n===js}var js="godmin";var te=()=>{};import{eq as qs,inArray as _$}from"drizzle-orm";function l$(n){return n.startsWith(Xu)}function d$(n){return{field:n.slice(Xu.length)}}function Yu(n){if(!n)return{};let r=new URLSearchParams(n),t={};for(let[o,c]of r.entries())if(l$(c))t[o]=d$(c);else t[o]=c;return t}function Ju(n,r,t){let o={};for(let[c,i]of Object.entries(n))if(typeof i==="object"&&"field"in i){if(!r){t.warn(`[Authorization] Cannot resolve self:${i.field} - userData not provided`);continue}let a=i.field,e=a.replace(/_([a-z])/g,(f,d)=>d.toUpperCase()),s;if(a in r)s=r[a];else if(e in r)s=r[e];else{t.warn(`[Authorization] Cannot resolve self:${a} - field not found in userData`);continue}o[c]=s,t.debug(`[Authorization] Resolved self:${a} -> ${s}`)}else o[c]=i;return o}function Uc(n,r,t,o){let c=[n.toLowerCase(),r];if(o)c.push("with",o);else if(t)c.push(t);return c.join(".")}function Wc(n,r){if(n===r)return!0;let t=n.split("."),o=r.split(".");if(t.length>o.length)return!1;for(let c=0;c<t.length;c++)if(t[c]!==o[c])return!1;return!0}async function oe(n){let{userId:r,method:t,entity:o,requestedFields:c,requestedRelations:i,db:a,schemaTables:e,logger:s,userData:f}=n,d=e.roles,_=e.userRoles,w=e.roleClaims,g=e.claims;if(!d||!_||!w||!g)return s.error("[Authorization] Required tables not found"),{authorized:!1,reason:"Authorization tables not configured"};try{let u=_,m=d,l=await a.select({roleId:u.roleId,roleName:m.name}).from(_).innerJoin(d,qs(u.roleId,m.id)).where(qs(u.userId,r));if(l.length===0)return{authorized:!1,reason:"User has no roles assigned"};if(l.some((V)=>nc(V.roleName)))return s.debug(`[Authorization] User ${r} has godmin role, bypassing checks`),{authorized:!0};let $=l.map((V)=>V.roleId),S=w,U=g,W=await a.select({claimAction:U.action,scope:S.scope}).from(w).innerJoin(g,qs(S.claimId,U.id)).where(_$(S.roleId,$));if(W.length===0)return{authorized:!1,reason:"User roles have no claims assigned"};let H=Uc(t,o);if(!W.some((V)=>Wc(V.claimAction,H)))return{authorized:!1,reason:`No access to ${t} ${o}`};let D=[],A=[],h={},R=!1;for(let V of W)if(V.claimAction===H){R=!0;let B=Yu(V.scope),J=Ju(B,f,s);Object.assign(h,J)}if(R)return{authorized:!0,scopeFilters:Object.keys(h).length>0?h:void 0};if(c)for(let V of c){let Q=Uc(t,o,V);if(W.some((J)=>Wc(J.claimAction,Q)))D.push(V)}if(i)for(let V of i){let Q=Uc(t,o,void 0,V);if(W.some((J)=>Wc(J.claimAction,Q)))A.push(V)}for(let V of W){let Q=Yu(V.scope),B=Ju(Q,f,s);Object.assign(h,B)}if(!(D.length>0||A.length>0)&&(c?.length||i?.length))return{authorized:!1,reason:"No access to requested fields or relations"};return{authorized:!0,allowedFields:D.length>0?D:void 0,allowedRelations:A.length>0?A:void 0,scopeFilters:Object.keys(h).length>0?h:void 0}}catch(u){return s.error("[Authorization] Check failed",u),{authorized:!1,reason:"Authorization check failed"}}}function Lu(n){let{userClaims:r,userRoles:t,method:o,entity:c,requestedFields:i,requestedRelations:a,logger:e}=n;if(r.length===0&&t.length===0)return{authorized:!1,reason:"No roles or claims in token"};if(t.some((g)=>nc(g)))return e.debug("[Authorization:JWT] User has godmin role, bypassing checks"),{authorized:!0};let s=Uc(o,c);if(r.some((g)=>Wc(g,s)))return{authorized:!0};let d=[],_=[];if(i)for(let g of i){let u=Uc(o,c,g);if(r.some((m)=>Wc(m,u)))d.push(g)}if(a)for(let g of a){let u=Uc(o,c,void 0,g);if(r.some((m)=>Wc(m,u)))_.push(g)}if(!(d.length>0||_.length>0)&&(i?.length||a?.length))return{authorized:!1,reason:`No access to ${o} ${c}`};return{authorized:!0,allowedFields:d.length>0?d:void 0,allowedRelations:_.length>0?_:void 0}}async function Qu(n){let{idpUrl:r,accessToken:t,method:o,entity:c,requestedFields:i,requestedRelations:a,logger:e}=n;try{let s=await fetch(`${r}/auth/check`,{method:"POST",headers:{"Content-Type":"application/json",Cookie:`access_token=${t}`},body:JSON.stringify({entity:c,method:o,fields:i,relations:a})});if(!s.ok)return e.warn(`[Authorization:IDP] IDP /auth/check returned ${s.status}`),{authorized:!1,reason:`IDP authorization check failed (${s.status})`};return await s.json()}catch(s){let f=s instanceof Error?s.message:String(s);return e.error(`[Authorization:IDP] Failed to reach IDP: ${f}`),{authorized:!1,reason:"IDP authorization service unavailable"}}}function ce(n,r){if(!r||r.length===0)return n;let o=[...new Set([...["id"],...r])],c=(i)=>{let a={};for(let e of o)if(e in i)a[e]=i[e];return a};if(Array.isArray(n))return n.map(c);return c(n)}function Gu(n,r){if(!r)return n;let t=(o)=>{let c={...o};for(let i of Object.keys(c))if(typeof c[i]==="object"&&c[i]!==null&&!r.includes(i))delete c[i];return c};if(Array.isArray(n))return n.map(t);return t(n)}var Xu="self:";var Ks=b(()=>{te()});var Ou;var Nu=b(()=>{Ou={enabled:!1,autoSeedClaims:!0,skipTables:["audit_logs"],skipColumns:["id","created_at","updated_at","is_active","password","version"],excludedPaths:["/health","/swagger"],publicPaths:["/auth/login","/auth/register"]}});var vs=b(()=>{Wu();te();Ks();Nu()});function u$(n){let r=n.match(/^(\d+)(s|m|h|d)$/);if(!r||!r[1]||!r[2])return 300;let t=Number.parseInt(r[1],10);switch(r[2]){case"s":return t;case"m":return t*60;case"h":return t*3600;case"d":return t*86400;default:return 300}}function w$(){let n=new Uint8Array(24);return crypto.getRandomValues(n),Array.from(n).map((r)=>r.toString(16).padStart(2,"0")).join("")}function xu(n){let r=new Bun.CryptoHasher("sha256");return r.update(n),r.digest("hex")}function b$(n,r){if(n.length!==r.length){let a=new Uint8Array(32);return crypto.getRandomValues(a),!1}let t=new TextEncoder,o=t.encode(n),c=t.encode(r),i=0;for(let a=0;a<o.length;a++)i|=(o[a]??0)^(c[a]??0);return i===0}function rc(n,r){let t=r-n+1,o=Math.ceil(Math.log2(t)/8)||1,c=256**o,i=c-c%t,a,e=new Uint8Array(o);do crypto.getRandomValues(e),a=e.reduce((s,f,d)=>s+f*256**d,0);while(a>=i);return n+a%t}function Pu(n){let r=Zs[n],{min:t,max:o}=r.mathRange,c=["+","-","\xD7"],i=c[rc(0,c.length-1)],a=rc(t,o),e=rc(t,o),s;switch(i){case"+":s=a+e;break;case"-":if(a<e)[a,e]=[e,a];s=a-e;break;case"\xD7":a=rc(1,12),e=rc(1,12),s=a*e;break;default:s=a+e}return{question:`${a} ${i} ${e} = ?`,answer:s.toString()}}function Cu(n){let r=Zs[n],t="";for(let o=0;o<r.textLength;o++)t+="ABCDEFGHJKLMNPQRSTUVWXYZ23456789".charAt(rc(0,31));return{question:t,answer:t}}function g$(n){let r=Cu(n),t=200,o=60,c=m$(r.answer,200,60),i=`data:image/svg+xml;base64,${Buffer.from(c).toString("base64")}`;return{question:"Enter the text shown in the image",answer:r.answer,imageData:i}}function un(){let n=new Uint32Array(1);return crypto.getRandomValues(n),(n[0]??0)/4294967295}function m$(n,r,t){let o=240+un()*15,c=240+un()*15,i=240+un()*15,a=`rgb(${o}, ${c}, ${i})`,e="";for(let u=0;u<12;u++){let m=un()*r,l=un()*t,E=un()*r,$=un()*t,S=un()*100+100,U=un()*100+100,W=un()*100+100,H=1+un()*2;e+=`<line x1="${m}" y1="${l}" x2="${E}" y2="${$}" stroke="rgb(${S},${U},${W})" stroke-width="${H}"/>`}let s="";for(let u=0;u<4;u++){let m=un()*r,l=un()*t,E=un()*r,$=un()*t,S=un()*r,U=un()*t,W=un()*r,H=un()*t,k=un()*80+80,D=un()*80+80,A=un()*80+80;s+=`<path d="M${m},${l} C${E},${$} ${S},${U} ${W},${H}" stroke="rgb(${k},${D},${A})" stroke-width="2" fill="none"/>`}let f="";for(let u=0;u<80;u++){let m=un()*r,l=un()*t,E=un()*150+50,$=un()*150+50,S=un()*150+50,U=un()*3+1;f+=`<circle cx="${m}" cy="${l}" r="${U}" fill="rgb(${E},${$},${S})"/>`}let d="",_=r/(n.length+2),w=_;for(let u=0;u<n.length;u++){let m=w+u*_+(un()-0.5)*15,l=t/2+8+(un()-0.5)*12,E=(un()-0.5)*40,$=22+un()*10,S=un()*80,U=un()*80,W=un()*80,H=(un()-0.5)*15,k=0.9+un()*0.3;d+=`<text x="${m}" y="${l}" font-family="Arial, Helvetica, sans-serif" font-size="${$}" font-weight="bold" fill="rgb(${S},${U},${W})" transform="rotate(${E}, ${m}, ${l}) skewX(${H}) scale(1, ${k})" style="font-style: ${un()>0.5?"italic":"normal"}">${n[u]}</text>`}let g="";for(let u=0;u<3;u++){let m=10+un()*(t-20),l=un()*60+60,E=un()*60+60,$=un()*60+60;g+=`<line x1="0" y1="${m}" x2="${r}" y2="${m+(un()-0.5)*20}" stroke="rgb(${l},${E},${$})" stroke-width="1.5"/>`}return`<svg xmlns="http://www.w3.org/2000/svg" width="${r}" height="${t}" viewBox="0 0 ${r} ${t}">
 		<defs>
 			<filter id="noise" x="0%" y="0%" width="100%" height="100%">
 				<feTurbulence type="fractalNoise" baseFrequency="0.04" numOctaves="2" result="noise"/>
@@ -16,7 +16,7 @@ var l5=Object.create;var{getPrototypeOf:d5,defineProperty:Si,getOwnPropertyNames
 			${d}
 		</g>
 		${g}
-	</svg>`}function $$(n){let t=Zs[n].puzzlePieces,o=[],c=[];for(let a=0;a<t;a++)o.push({id:a,x:a%3*100,y:Math.floor(a/3)*100}),c.push(a);let i=[...o];for(let a=i.length-1;a>0;a--){let e=nc(0,a),s=i[a],f=i[e];if(s&&f)i[a]=f,i[e]=s}return{question:"Arrange the pieces in correct order",answer:c.join(","),puzzleData:{pieces:i,correctOrder:c}}}class Is{redis;logger;config;constructor(n){this.redis=n.redis,this.logger=n.logger,this.config={enabled:n.config.enabled??!0,type:n.config.type??"math",difficulty:n.config.difficulty??"medium",expiresIn:n.config.expiresIn??"5m",maxAttempts:n.config.maxAttempts??3,caseSensitive:n.config.caseSensitive??!1,rateLimit:{maxGeneratePerMinute:n.config.rateLimit?.maxGeneratePerMinute??10,maxGeneratePerHour:n.config.rateLimit?.maxGeneratePerHour??100}}}async generate(n,r,t){if(t){if(await this.checkRateLimit(t))return this.logger.warn("[CAPTCHA] Rate limit exceeded",{ipAddress:t}),{success:!1,challengeId:"",type:n??this.config.type,question:"",expiresAt:0,rateLimited:!0,message:"Too many requests. Please try again later."};await this.incrementRateLimit(t)}let o=n??this.config.type,c=r??this.config.difficulty,i=w$(),a=u$(this.config.expiresIn),e=Date.now()+a*1000,s,f,d,_;switch(o){case"math":{let l=Pu(c);s=l.question,f=l.answer;break}case"text":{let l=Cu(c);s=l.question,f=l.answer;break}case"image":{let l=g$(c);s=l.question,f=l.answer,d=l.imageData;break}case"puzzle":{let l=$$(c);s=l.question,f=l.answer,_=l.puzzleData;break}default:{let l=Pu(c);s=l.question,f=l.answer}}let w=this.config.caseSensitive?f:f.toUpperCase(),g=xu(w),u={id:i,type:o,question:s,answer:g,imageData:d,puzzleData:_,expiresAt:e,attempts:0,maxAttempts:this.config.maxAttempts,caseSensitive:this.config.caseSensitive};await this.redis.set(`captcha:${i}`,JSON.stringify(u),{ex:a}),this.logger.info("[CAPTCHA] Challenge generated",{challengeId:i,type:o,difficulty:c,expiresAt:e});let m={success:!0,challengeId:i,type:o,question:s,expiresAt:e};if(d)m.imageData=d;if(_)m.puzzleData={pieces:_.pieces};return m}async validate(n,r){let t=`captcha:${n}`,o=await this.redis.get(t);if(!o)return this.logger.warn("[CAPTCHA] Challenge not found or expired",{challengeId:n}),{success:!1,valid:!1,message:"Challenge expired or not found"};let c=JSON.parse(o);if(Date.now()>c.expiresAt)return await this.redis.del(t),this.logger.warn("[CAPTCHA] Challenge expired",{challengeId:n}),{success:!1,valid:!1,message:"Challenge expired"};if(c.attempts+=1,c.attempts>c.maxAttempts)return await this.redis.del(t),this.logger.warn("[CAPTCHA] Max attempts exceeded",{challengeId:n,attempts:c.attempts}),{success:!1,valid:!1,message:"Maximum attempts exceeded"};let i=c.caseSensitive?r.trim():r.trim().toUpperCase(),a=xu(i);if(b$(c.answer,a))return await this.redis.del(t),this.logger.info("[CAPTCHA] Challenge validated successfully",{challengeId:n}),{success:!0,valid:!0,message:"Captcha validated successfully"};let s=c.maxAttempts-c.attempts;if(s<=0)await this.redis.del(t);else{let f=Math.floor((c.expiresAt-Date.now())/1000);await this.redis.set(t,JSON.stringify(c),{ex:f})}return this.logger.warn("[CAPTCHA] Invalid answer",{challengeId:n,attemptsRemaining:s}),{success:!0,valid:!1,message:"Incorrect answer",attemptsRemaining:s}}async invalidate(n){await this.redis.del(`captcha:${n}`),this.logger.info("[CAPTCHA] Challenge invalidated",{challengeId:n})}isEnabled(){return this.config.enabled}async checkRateLimit(n){let r=`captcha_rate:${n}:minute`,t=`captcha_rate:${n}:hour`,[o,c]=await Promise.all([this.redis.get(r),this.redis.get(t)]),i=o?Number.parseInt(o,10):0,a=c?Number.parseInt(c,10):0,e=this.config.rateLimit.maxGeneratePerMinute??10,s=this.config.rateLimit.maxGeneratePerHour??100;return i>=e||a>=s}async incrementRateLimit(n){let r=`captcha_rate:${n}:minute`,t=`captcha_rate:${n}:hour`,[o,c]=await Promise.all([this.redis.get(r),this.redis.get(t)]),i=(o?Number.parseInt(o,10):0)+1,a=(c?Number.parseInt(c,10):0)+1;await Promise.all([this.redis.set(r,i.toString(),{ex:60}),this.redis.set(t,a.toString(),{ex:3600})])}}var Zs;var ps=b(()=>{Zs={easy:{mathRange:{min:1,max:10},textLength:4,puzzlePieces:4},medium:{mathRange:{min:10,max:50},textLength:6,puzzlePieces:6},hard:{mathRange:{min:50,max:100},textLength:8,puzzlePieces:9}}});import Fu from"fs";import{google as ju}from"googleapis";class ys{gmail=null;fromEmail;fromName;logger;initialized=!1;constructor(n,r){if(this.fromEmail=n.fromEmail,this.fromName=n.fromName||"Vorion",this.logger=r,n.enabled)this.initialize(n.jsonFilePath)}encodeHeaderValue(n){let r=!1;for(let o=0;o<n.length;o++)if(n.charCodeAt(o)>127){r=!0;break}if(!r)return n;return`=?UTF-8?B?${Buffer.from(n,"utf-8").toString("base64")}?=`}isAvailable(){return this.initialized&&this.gmail!==null}initialize(n){try{if(!n){this.logger.warn("[GmailService] No JSON file path provided");return}if(!Fu.existsSync(n)){this.logger.error("[GmailService] JSON file not found",{path:n});return}let r=Fu.readFileSync(n,"utf8"),t=JSON.parse(r);if(!this.fromEmail){this.logger.warn("[GmailService] From email not configured");return}if(!t?.client_email||!t?.private_key){this.logger.error("[GmailService] Invalid credentials format");return}let o=t.private_key;if(!o.includes(`
+	</svg>`}function $$(n){let t=Zs[n].puzzlePieces,o=[],c=[];for(let a=0;a<t;a++)o.push({id:a,x:a%3*100,y:Math.floor(a/3)*100}),c.push(a);let i=[...o];for(let a=i.length-1;a>0;a--){let e=rc(0,a),s=i[a],f=i[e];if(s&&f)i[a]=f,i[e]=s}return{question:"Arrange the pieces in correct order",answer:c.join(","),puzzleData:{pieces:i,correctOrder:c}}}class Is{redis;logger;config;constructor(n){this.redis=n.redis,this.logger=n.logger,this.config={enabled:n.config.enabled??!0,type:n.config.type??"math",difficulty:n.config.difficulty??"medium",expiresIn:n.config.expiresIn??"5m",maxAttempts:n.config.maxAttempts??3,caseSensitive:n.config.caseSensitive??!1,rateLimit:{maxGeneratePerMinute:n.config.rateLimit?.maxGeneratePerMinute??10,maxGeneratePerHour:n.config.rateLimit?.maxGeneratePerHour??100}}}async generate(n,r,t){if(t){if(await this.checkRateLimit(t))return this.logger.warn("[CAPTCHA] Rate limit exceeded",{ipAddress:t}),{success:!1,challengeId:"",type:n??this.config.type,question:"",expiresAt:0,rateLimited:!0,message:"Too many requests. Please try again later."};await this.incrementRateLimit(t)}let o=n??this.config.type,c=r??this.config.difficulty,i=w$(),a=u$(this.config.expiresIn),e=Date.now()+a*1000,s,f,d,_;switch(o){case"math":{let l=Pu(c);s=l.question,f=l.answer;break}case"text":{let l=Cu(c);s=l.question,f=l.answer;break}case"image":{let l=g$(c);s=l.question,f=l.answer,d=l.imageData;break}case"puzzle":{let l=$$(c);s=l.question,f=l.answer,_=l.puzzleData;break}default:{let l=Pu(c);s=l.question,f=l.answer}}let w=this.config.caseSensitive?f:f.toUpperCase(),g=xu(w),u={id:i,type:o,question:s,answer:g,imageData:d,puzzleData:_,expiresAt:e,attempts:0,maxAttempts:this.config.maxAttempts,caseSensitive:this.config.caseSensitive};await this.redis.set(`captcha:${i}`,JSON.stringify(u),{ex:a}),this.logger.info("[CAPTCHA] Challenge generated",{challengeId:i,type:o,difficulty:c,expiresAt:e});let m={success:!0,challengeId:i,type:o,question:s,expiresAt:e};if(d)m.imageData=d;if(_)m.puzzleData={pieces:_.pieces};return m}async validate(n,r){let t=`captcha:${n}`,o=await this.redis.get(t);if(!o)return this.logger.warn("[CAPTCHA] Challenge not found or expired",{challengeId:n}),{success:!1,valid:!1,message:"Challenge expired or not found"};let c=JSON.parse(o);if(Date.now()>c.expiresAt)return await this.redis.del(t),this.logger.warn("[CAPTCHA] Challenge expired",{challengeId:n}),{success:!1,valid:!1,message:"Challenge expired"};if(c.attempts+=1,c.attempts>c.maxAttempts)return await this.redis.del(t),this.logger.warn("[CAPTCHA] Max attempts exceeded",{challengeId:n,attempts:c.attempts}),{success:!1,valid:!1,message:"Maximum attempts exceeded"};let i=c.caseSensitive?r.trim():r.trim().toUpperCase(),a=xu(i);if(b$(c.answer,a))return await this.redis.del(t),this.logger.info("[CAPTCHA] Challenge validated successfully",{challengeId:n}),{success:!0,valid:!0,message:"Captcha validated successfully"};let s=c.maxAttempts-c.attempts;if(s<=0)await this.redis.del(t);else{let f=Math.floor((c.expiresAt-Date.now())/1000);await this.redis.set(t,JSON.stringify(c),{ex:f})}return this.logger.warn("[CAPTCHA] Invalid answer",{challengeId:n,attemptsRemaining:s}),{success:!0,valid:!1,message:"Incorrect answer",attemptsRemaining:s}}async invalidate(n){await this.redis.del(`captcha:${n}`),this.logger.info("[CAPTCHA] Challenge invalidated",{challengeId:n})}isEnabled(){return this.config.enabled}async checkRateLimit(n){let r=`captcha_rate:${n}:minute`,t=`captcha_rate:${n}:hour`,[o,c]=await Promise.all([this.redis.get(r),this.redis.get(t)]),i=o?Number.parseInt(o,10):0,a=c?Number.parseInt(c,10):0,e=this.config.rateLimit.maxGeneratePerMinute??10,s=this.config.rateLimit.maxGeneratePerHour??100;return i>=e||a>=s}async incrementRateLimit(n){let r=`captcha_rate:${n}:minute`,t=`captcha_rate:${n}:hour`,[o,c]=await Promise.all([this.redis.get(r),this.redis.get(t)]),i=(o?Number.parseInt(o,10):0)+1,a=(c?Number.parseInt(c,10):0)+1;await Promise.all([this.redis.set(r,i.toString(),{ex:60}),this.redis.set(t,a.toString(),{ex:3600})])}}var Zs;var ps=b(()=>{Zs={easy:{mathRange:{min:1,max:10},textLength:4,puzzlePieces:4},medium:{mathRange:{min:10,max:50},textLength:6,puzzlePieces:6},hard:{mathRange:{min:50,max:100},textLength:8,puzzlePieces:9}}});import Fu from"fs";import{google as ju}from"googleapis";class ys{gmail=null;fromEmail;fromName;logger;initialized=!1;constructor(n,r){if(this.fromEmail=n.fromEmail,this.fromName=n.fromName||"Vorion",this.logger=r,n.enabled)this.initialize(n.jsonFilePath)}encodeHeaderValue(n){let r=!1;for(let o=0;o<n.length;o++)if(n.charCodeAt(o)>127){r=!0;break}if(!r)return n;return`=?UTF-8?B?${Buffer.from(n,"utf-8").toString("base64")}?=`}isAvailable(){return this.initialized&&this.gmail!==null}initialize(n){try{if(!n){this.logger.warn("[GmailService] No JSON file path provided");return}if(!Fu.existsSync(n)){this.logger.error("[GmailService] JSON file not found",{path:n});return}let r=Fu.readFileSync(n,"utf8"),t=JSON.parse(r);if(!this.fromEmail){this.logger.warn("[GmailService] From email not configured");return}if(!t?.client_email||!t?.private_key){this.logger.error("[GmailService] Invalid credentials format");return}let o=t.private_key;if(!o.includes(`
 `)&&o.includes("\\n"))o=o.replace(/\\n/g,`
 `);let c=new ju.auth.JWT({email:t.client_email,key:o,scopes:["https://www.googleapis.com/auth/gmail.send"],subject:this.fromEmail});this.gmail=ju.gmail({version:"v1",auth:c}),this.initialized=!0,this.logger.info("[GmailService] Initialized",{serviceAccount:t.client_email,fromEmail:this.fromEmail})}catch(r){this.logger.error("[GmailService] Initialization failed",{error:r})}}createEmailMessage(n){let{to:r,subject:t,html:o,text:c,from:i,replyTo:a,attachments:e}=n,s=Array.isArray(r)?r.join(", "):r,f=i||`${this.fromName} <${this.fromEmail}>`,d=this.encodeHeaderValue(t);if(!e||e.length===0){let g=[`From: ${f}`,`To: ${s}`,`Subject: ${d}`,"MIME-Version: 1.0","Content-Type: text/html; charset=utf-8"];if(a)g.push(`Reply-To: ${a}`);return g.push("",o||c||""),Buffer.from(g.join(`
 `)).toString("base64").replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,"")}let _=`----Nucleus_${Date.now()}_${Math.random().toString(36).substring(7)}`,w=[`From: ${f}`,`To: ${s}`,`Subject: ${d}`,"MIME-Version: 1.0",`Content-Type: multipart/mixed; boundary="${_}"`];if(a)w.push(`Reply-To: ${a}`);w.push("",`--${_}`),w.push("Content-Type: text/html; charset=utf-8","Content-Transfer-Encoding: base64","",Buffer.from(o||c||"").toString("base64"),"");for(let g of e)w.push(`--${_}`,`Content-Type: ${g.contentType}`,`Content-Disposition: attachment; filename="${g.filename}"`,"Content-Transfer-Encoding: base64","",g.content.toString("base64"),"");return w.push(`--${_}--`),Buffer.from(w.join(`\r
@@ -57,7 +57,7 @@ var l5=Object.create;var{getPrototypeOf:d5,defineProperty:Si,getOwnPropertyNames
 				</div>
 			</body>
 			</html>
-		`}getActiveAlerts(){return Array.from(this.state.activeAlerts.values())}acknowledgeAlert(n){for(let[r,t]of this.state.activeAlerts)if(t.id===n)return t.acknowledged=!0,!0;return!1}clearAlert(n){this.state.activeAlerts.delete(n)}}class Ts{config;requestCount=0;responseTimes=[];errorCount=0;rateLimitBlocks=0;byEndpoint={};byMethod={};byStatus={};byErrorType={};lastCollectTime=Date.now();constructor(n){this.config=n}recordRequest(n){if(!this.config?.enabled)return;if(this.requestCount++,this.config.metrics?.responseTime!==!1){if(this.responseTimes.push(n.responseTimeMs),this.responseTimes.length>1e4)this.responseTimes=this.responseTimes.slice(-5000)}if(this.config.metrics?.requests!==!1)this.byEndpoint[n.endpoint]=(this.byEndpoint[n.endpoint]||0)+1,this.byMethod[n.method]=(this.byMethod[n.method]||0)+1,this.byStatus[String(n.status)]=(this.byStatus[String(n.status)]||0)+1;if(this.config.metrics?.errors!==!1&&n.isError){if(this.errorCount++,n.errorType)this.byErrorType[n.errorType]=(this.byErrorType[n.errorType]||0)+1}}recordRateLimitBlock(){if(!this.config?.enabled||this.config.metrics?.rateLimits===!1)return;this.rateLimitBlocks++}collect(){if(!this.config?.enabled)return null;let r=(Date.now()-this.lastCollectTime)/1000/60,t=r>0?Math.round(this.requestCount/r):0,o=r>0?Math.round(this.rateLimitBlocks/r):0,c=[...this.responseTimes].sort((e,s)=>e-s),i=c.length;return{requests:{total:this.requestCount,perMinute:t,byEndpoint:{...this.byEndpoint},byMethod:{...this.byMethod},byStatus:{...this.byStatus}},responseTime:{avg:i>0?Math.round(c.reduce((e,s)=>e+s,0)/i*100)/100:0,min:i>0?c[0]??0:0,max:i>0?c[i-1]??0:0,p50:i>0?c[Math.floor(i*0.5)]??0:0,p95:i>0?c[Math.floor(i*0.95)]??0:0,p99:i>0?c[Math.floor(i*0.99)]??0:0},errors:{total:this.errorCount,rate:this.requestCount>0?Math.round(this.errorCount/this.requestCount*100*100)/100:0,byType:{...this.byErrorType}},rateLimits:{blocked:this.rateLimitBlocks,blockedPerMinute:o}}}reset(){this.requestCount=0,this.responseTimes=[],this.errorCount=0,this.rateLimitBlocks=0,this.byEndpoint={},this.byMethod={},this.byStatus={},this.byErrorType={},this.lastCollectTime=Date.now()}getRequestsPerMinute(){let n=(Date.now()-this.lastCollectTime)/1000/60;return n>0?Math.round(this.requestCount/n):0}getErrorRate(){return this.requestCount>0?this.errorCount/this.requestCount*100:0}getRateLimitBlocksPerMinute(){let n=(Date.now()-this.lastCollectTime)/1000/60;return n>0?Math.round(this.rateLimitBlocks/n):0}getAvgResponseTime(){if(this.responseTimes.length===0)return 0;return this.responseTimes.reduce((n,r)=>n+r,0)/this.responseTimes.length}}import*as vu from"fs";import*as Mo from"os";class nf{config;lastCpuInfo=null;constructor(n){this.config=n}async collect(){if(!this.config?.enabled)return null;let n={cpu:{usage:0,cores:0},memory:{total:0,used:0,free:0,usagePercent:0,heapUsed:0,heapTotal:0},disk:{total:0,used:0,free:0,usagePercent:0},network:{bytesIn:0,bytesOut:0},process:{uptime:0,pid:0,eventLoopLag:0}};if(this.config.metrics?.cpu!==!1)n.cpu=this.collectCpu();if(this.config.metrics?.memory!==!1)n.memory=this.collectMemory();if(this.config.metrics?.disk!==!1)n.disk=await this.collectDisk();if(this.config.metrics?.network)n.network=this.collectNetwork();if(this.config.metrics?.process!==!1)n.process=await this.collectProcess();return n}collectCpu(){let n=Mo.cpus(),r=n.length,t=0,o=0;for(let i of n)t+=i.times.idle,o+=i.times.user+i.times.nice+i.times.sys+i.times.idle+i.times.irq;let c=0;if(this.lastCpuInfo){let i=t-this.lastCpuInfo.idle,a=o-this.lastCpuInfo.total;c=a>0?Math.round((1-i/a)*100*100)/100:0}return this.lastCpuInfo={idle:t,total:o},{usage:c,cores:r}}collectMemory(){let n=Mo.totalmem(),r=Mo.freemem(),t=n-r,o=Math.round(t/n*100*100)/100,c=process.memoryUsage();return{total:n,used:t,free:r,usagePercent:o,heapUsed:c.heapUsed,heapTotal:c.heapTotal}}async collectDisk(){try{let n=vu.statfsSync("/"),r=n.blocks*n.bsize,t=n.bfree*n.bsize,o=r-t,c=Math.round(o/r*100*100)/100;return{total:r,used:o,free:t,usagePercent:c}}catch{return{total:0,used:0,free:0,usagePercent:0}}}collectNetwork(){let n=Mo.networkInterfaces(),r=0,t=0;for(let o in n){let c=n[o];if(c){for(let i of c)if(!i.internal)r+=0,t+=0}}return{bytesIn:r,bytesOut:t}}async collectProcess(){let n=process.uptime(),r=process.pid,t=Date.now(),o=await new Promise((c)=>{setImmediate(()=>{c(Date.now()-t)})});return{uptime:n,pid:r,eventLoopLag:o}}}var Zu=()=>{};import{randomUUID as Iu}from"crypto";import*as pu from"os";class ae{store;memoryInterval=null;cpuInterval=null;lastCpuInfo=null;isRunning=!1;constructor(n){let r={...h$,...n};this.store={requests:[],configs:{logMemory:r.logMemory,logCpu:r.logCpu,logDapr:r.logDapr,logWebSocket:r.logWebSocket,cpuLogInterval:r.cpuLogInterval,memoryLogInterval:r.memoryLogInterval},logs:{memory:[],cpu:[],dapr:[],ws:[]},logLimits:{memory:r.memoryLogLimit,cpu:r.cpuLogLimit,dapr:r.daprLogLimit,ws:r.wsLogLimit,request:r.requestLogLimit},worker:{pid:process.pid,workerId:null,memory:null,cpu:null,updatedAt:Date.now()},allWorkers:[],daprEvents:[],wsEvents:[]}}start(){if(this.isRunning)return;if(this.isRunning=!0,this.store.configs.logMemory)this.startMemoryCollector();if(this.store.configs.logCpu)this.startCpuCollector()}stop(){if(!this.isRunning)return;if(this.isRunning=!1,this.memoryInterval)clearInterval(this.memoryInterval),this.memoryInterval=null;if(this.cpuInterval)clearInterval(this.cpuInterval),this.cpuInterval=null}startMemoryCollector(){if(this.memoryInterval)clearInterval(this.memoryInterval);let n=()=>{if(!this.store.configs.logMemory)return;let r=process.memoryUsage(),t={timestamp:Date.now(),rss:r.rss,heapUsed:r.heapUsed,heapTotal:r.heapTotal};if(this.store.logs.memory.push(t),this.store.logs.memory.length>this.store.logLimits.memory*2)this.store.logs.memory=this.store.logs.memory.slice(-this.store.logLimits.memory);this.store.worker.memory=t,this.store.worker.updatedAt=Date.now()};n(),this.memoryInterval=setInterval(n,this.store.configs.memoryLogInterval)}startCpuCollector(){if(this.cpuInterval)clearInterval(this.cpuInterval);let n=()=>{if(!this.store.configs.logCpu)return;let r=pu.cpus(),t=0,o=0,c=0,i=0;for(let f of r)t+=f.times.user,o+=f.times.sys,c+=f.times.idle,i+=f.times.user+f.times.nice+f.times.sys+f.times.idle+f.times.irq;let a=0,e=0;if(this.lastCpuInfo){let f=i-this.lastCpuInfo.total,d=c-this.lastCpuInfo.idle;if(f>0){let _=f-d;a=Math.round((t-0)/(_||1)*100*100)/100,e=Math.round((o-0)/(_||1)*100*100)/100;let w=Math.round((1-d/f)*100*100)/100;a=Math.round(w*0.7*100)/100,e=Math.round(w*0.3*100)/100}}this.lastCpuInfo={idle:c,total:i};let s={timestamp:Date.now(),user:a,system:e};if(this.store.logs.cpu.push(s),this.store.logs.cpu.length>this.store.logLimits.cpu*2)this.store.logs.cpu=this.store.logs.cpu.slice(-this.store.logLimits.cpu);this.store.worker.cpu=s,this.store.worker.updatedAt=Date.now()};n(),this.cpuInterval=setInterval(n,this.store.configs.cpuLogInterval)}recordRequest(n){if(this.store.requests.push(n),this.store.requests.length>this.store.logLimits.request*2)this.store.requests=this.store.requests.slice(-this.store.logLimits.request)}recordDaprEvent(n,r){if(!this.store.configs.logDapr)return;let t={id:Iu(),type:n,timestamp:Date.now(),...r};if(this.store.logs.dapr.push(t),this.store.daprEvents.push(t),this.store.logs.dapr.length>this.store.logLimits.dapr*2)this.store.logs.dapr=this.store.logs.dapr.slice(-this.store.logLimits.dapr);if(this.store.daprEvents.length>this.store.logLimits.dapr*2)this.store.daprEvents=this.store.daprEvents.slice(-this.store.logLimits.dapr)}recordWsEvent(n,r){if(!this.store.configs.logWebSocket)return;let t={id:Iu(),type:n,timestamp:Date.now(),...r};if(this.store.logs.ws.push(t),this.store.wsEvents.push(t),this.store.logs.ws.length>this.store.logLimits.ws*2)this.store.logs.ws=this.store.logs.ws.slice(-this.store.logLimits.ws);if(this.store.wsEvents.length>this.store.logLimits.ws*2)this.store.wsEvents=this.store.wsEvents.slice(-this.store.logLimits.ws)}getSnapshot(){return{memory:this.store.logs.memory.slice(-this.store.logLimits.memory),cpu:this.store.logs.cpu.slice(-this.store.logLimits.cpu),requests:this.store.requests.slice(-this.store.logLimits.request),dapr:this.store.logs.dapr.slice(-this.store.logLimits.dapr),ws:this.store.logs.ws.slice(-this.store.logLimits.ws),workers:this.store.allWorkers.length?this.store.allWorkers:[this.store.worker],logLimits:{...this.store.logLimits},configs:{...this.store.configs}}}getUpdatesSince(n){let r=this.store.logs.memory.filter((e)=>e.timestamp>n.memory),t=this.store.logs.cpu.filter((e)=>e.timestamp>n.cpu),o=this.store.requests.filter((e)=>e.timestamp>n.request),c=this.store.logs.dapr.filter((e)=>e.timestamp>n.dapr),i=this.store.logs.ws.filter((e)=>e.timestamp>n.ws);if(!(r.length>0||t.length>0||o.length>0||c.length>0||i.length>0))return null;return{memory:r,cpu:t,requests:o,dapr:c,ws:i,timestamp:Date.now()}}getLogs(){return{memory:this.store.logs.memory,cpu:this.store.logs.cpu,requests:this.store.requests,dapr:this.store.logs.dapr,ws:this.store.logs.ws,daprEvents:this.store.daprEvents,wsEvents:this.store.wsEvents,configs:{logMemory:this.store.configs.logMemory,logCpu:this.store.configs.logCpu,logDapr:this.store.configs.logDapr,logWebSocket:this.store.configs.logWebSocket},limits:{...this.store.logLimits}}}getSettings(){return{configs:{...this.store.configs},logLimits:{...this.store.logLimits}}}changeSettings(n){if(n.logMemory!==void 0)this.store.configs.logMemory=n.logMemory;if(n.logCpu!==void 0)this.store.configs.logCpu=n.logCpu;if(n.logDapr!==void 0)this.store.configs.logDapr=n.logDapr;if(n.logWebSocket!==void 0)this.store.configs.logWebSocket=n.logWebSocket;if(n.cpuLogInterval!==void 0){if(this.store.configs.cpuLogInterval=n.cpuLogInterval,this.isRunning&&this.store.configs.logCpu)this.startCpuCollector()}if(n.memoryLogInterval!==void 0){if(this.store.configs.memoryLogInterval=n.memoryLogInterval,this.isRunning&&this.store.configs.logMemory)this.startMemoryCollector()}if(n.memoryLogLimit!==void 0)this.store.logLimits.memory=n.memoryLogLimit;if(n.cpuLogLimit!==void 0)this.store.logLimits.cpu=n.cpuLogLimit;if(n.daprLogLimit!==void 0)this.store.logLimits.dapr=n.daprLogLimit;if(n.wsLogLimit!==void 0)this.store.logLimits.ws=n.wsLogLimit;if(n.requestLogLimit!==void 0)this.store.logLimits.request=n.requestLogLimit;return{message:"Settings updated successfully",configs:{...this.store.configs},logLimits:{...this.store.logLimits}}}getStore(){return this.store}isEnabled(){return this.isRunning}}var h$;var yu=b(()=>{h$={enabled:!0,logMemory:!0,logCpu:!0,logDapr:!0,logWebSocket:!0,memoryLogInterval:1000,cpuLogInterval:1000,memoryLogLimit:100,cpuLogLimit:100,daprLogLimit:100,wsLogLimit:100,requestLogLimit:100,streamInterval:150}});class rf{redis;logger;config;appId;flushToDb;systemCollector;applicationCollector;alertService;collectInterval=null;flushInterval=null;pendingMetrics=[];isRunning=!1;constructor(n){this.redis=n.redis,this.logger=n.logger,this.config=this.mergeConfig(n.config),this.appId=n.appId,this.flushToDb=n.flushToDb,this.systemCollector=new nf(this.config.system),this.applicationCollector=new Ts(this.config.application),this.alertService=new ie({logger:n.logger,gmail:n.gmail,config:this.config,appId:n.appId})}mergeConfig(n){return{enabled:n.enabled??Yn.enabled,system:{enabled:n.system?.enabled??Yn.system.enabled,collectInterval:n.system?.collectInterval??Yn.system.collectInterval,metrics:{cpu:n.system?.metrics?.cpu??Yn.system.metrics.cpu,memory:n.system?.metrics?.memory??Yn.system.metrics.memory,disk:n.system?.metrics?.disk??Yn.system.metrics.disk,network:n.system?.metrics?.network??Yn.system.metrics.network,process:n.system?.metrics?.process??Yn.system.metrics.process}},application:{enabled:n.application?.enabled??Yn.application.enabled,metrics:{requests:n.application?.metrics?.requests??Yn.application.metrics.requests,responseTime:n.application?.metrics?.responseTime??Yn.application.metrics.responseTime,errors:n.application?.metrics?.errors??Yn.application.metrics.errors,rateLimits:n.application?.metrics?.rateLimits??Yn.application.metrics.rateLimits}},database:{enabled:n.database?.enabled??Yn.database.enabled,metrics:{connections:n.database?.metrics?.connections??Yn.database.metrics.connections,queryTime:n.database?.metrics?.queryTime??Yn.database.metrics.queryTime,slowQueryThreshold:n.database?.metrics?.slowQueryThreshold??Yn.database.metrics.slowQueryThreshold}},redis:{enabled:n.redis?.enabled??Yn.redis.enabled},persistence:{enabled:n.persistence?.enabled??Yn.persistence.enabled,flushInterval:n.persistence?.flushInterval??Yn.persistence.flushInterval,retentionDays:n.persistence?.retentionDays??Yn.persistence.retentionDays},alerts:{enabled:n.alerts?.enabled??Yn.alerts.enabled,email:{enabled:n.alerts?.email?.enabled??Yn.alerts.email.enabled,recipients:n.alerts?.email?.recipients??Yn.alerts.email.recipients},thresholds:{cpuPercent:n.alerts?.thresholds?.cpuPercent??Yn.alerts.thresholds.cpuPercent,memoryPercent:n.alerts?.thresholds?.memoryPercent??Yn.alerts.thresholds.memoryPercent,diskPercent:n.alerts?.thresholds?.diskPercent??Yn.alerts.thresholds.diskPercent,errorRatePercent:n.alerts?.thresholds?.errorRatePercent??Yn.alerts.thresholds.errorRatePercent,responseTimeMs:n.alerts?.thresholds?.responseTimeMs??Yn.alerts.thresholds.responseTimeMs,rateLimitBlocksPerMinute:n.alerts?.thresholds?.rateLimitBlocksPerMinute??Yn.alerts.thresholds.rateLimitBlocksPerMinute},cooldown:n.alerts?.cooldown??Yn.alerts.cooldown}}}parseTimeToMs(n){let r=n.match(/^(\d+)(ms|s|m|h|d)$/);if(!r||!r[1]||!r[2])return 1e4;let t=parseInt(r[1],10);switch(r[2]){case"ms":return t;case"s":return t*1000;case"m":return t*60*1000;case"h":return t*60*60*1000;case"d":return t*24*60*60*1000;default:return 1e4}}start(){if(!this.config.enabled||this.isRunning)return;this.isRunning=!0,this.logger.info("[Monitoring] Starting monitoring service");let n=this.parseTimeToMs(this.config.system.collectInterval);if(this.collectInterval=setInterval(()=>{this.collect()},n),this.config.persistence.enabled&&this.flushToDb){let r=this.parseTimeToMs(this.config.persistence.flushInterval);this.flushInterval=setInterval(()=>{this.flush()},r)}this.collect()}stop(){if(!this.isRunning)return;if(this.isRunning=!1,this.logger.info("[Monitoring] Stopping monitoring service"),this.collectInterval)clearInterval(this.collectInterval),this.collectInterval=null;if(this.flushInterval)clearInterval(this.flushInterval),this.flushInterval=null;this.flush()}async collect(){let n=Date.now(),r={timestamp:n};if(this.config.system.enabled){let t=await this.systemCollector.collect();if(t)r.system=t,this.addMetricPoints("system",t,n)}if(this.config.application.enabled){let t=this.applicationCollector.collect();if(t)r.application=t,this.addMetricPoints("application",t,n)}if(await this.storeSnapshot(r),this.config.alerts.enabled)await this.alertService.checkAndAlert(r)}addMetricPoints(n,r,t){let o=(c,i="")=>{for(let a in c){let e=c[a],s=i?`${i}.${a}`:a;if(typeof e==="number")this.pendingMetrics.push({timestamp:t,metricType:n,metricName:s,value:e});else if(typeof e==="object"&&e!==null&&!Array.isArray(e))o(e,s)}};o(r)}async storeSnapshot(n){let r=`monitoring:${this.appId}:latest`;await this.redis.create(r,n,3600);let t=`monitoring:${this.appId}:history`,o=await this.redis.read(t),c=o.success&&o.data?o.data:[];c.push(n);let i=Date.now()-3600000,a=c.filter((e)=>e.timestamp>i);await this.redis.create(t,a,3600)}async flush(){if(this.pendingMetrics.length===0)return;if(!this.flushToDb)return;let n=[...this.pendingMetrics];this.pendingMetrics=[];try{await this.flushToDb(n),this.logger.debug(`[Monitoring] Flushed ${n.length} metrics to database`)}catch(r){this.logger.error(`[Monitoring] Failed to flush metrics: ${r}`),this.pendingMetrics=[...n,...this.pendingMetrics]}}recordRequest(n){if(!this.config.enabled||!this.config.application.enabled)return;this.applicationCollector.recordRequest(n)}recordRateLimitBlock(){if(!this.config.enabled||!this.config.application.enabled)return;this.applicationCollector.recordRateLimitBlock()}async getLatestSnapshot(){let n=`monitoring:${this.appId}:latest`,r=await this.redis.read(n);return r.success?r.data:null}async getHistory(n=60){let r=`monitoring:${this.appId}:history`,t=await this.redis.read(r);if(!t.success||!t.data)return[];let o=Date.now()-n*60000;return t.data.filter((c)=>c.timestamp>o)}getActiveAlerts(){return this.alertService.getActiveAlerts()}acknowledgeAlert(n){return this.alertService.acknowledgeAlert(n)}isEnabled(){return this.config.enabled}getConfig(){return this.config}}var Yn;var Tu=b(()=>{Zu();yu();Yn={enabled:!1,system:{enabled:!0,collectInterval:"10s",metrics:{cpu:!0,memory:!0,disk:!0,network:!1,process:!0}},application:{enabled:!0,metrics:{requests:!0,responseTime:!0,errors:!0,rateLimits:!0}},database:{enabled:!1,metrics:{connections:!0,queryTime:!0,slowQueryThreshold:"100ms"}},redis:{enabled:!1},persistence:{enabled:!0,flushInterval:"1m",retentionDays:30},alerts:{enabled:!1,email:{enabled:!1,recipients:[]},thresholds:{cpuPercent:80,memoryPercent:85,diskPercent:90,errorRatePercent:5,responseTimeMs:1000,rateLimitBlocksPerMinute:100},cooldown:"5m"}}});var nw=()=>{};import{and as Vc,desc as rw,eq as dr}from"drizzle-orm";function tf(n){let r={};for(let[t,o]of Object.entries(n)){let c=t.replace(/_([a-z])/g,(i,a)=>a.toUpperCase());r[c]=o}return r}function A$(n){let r={};for(let[t,o]of Object.entries(n)){let c=t.replace(/[A-Z]/g,(i)=>`_${i.toLowerCase()}`);r[c]=o}return r}class of{db;schemaTables;config;logger;gmailService;constructor(n){this.db=n.db,this.schemaTables=n.schemaTables,this.config=n.config,this.logger=n.logger,this.gmailService=n.gmailService}getTable(n){return this.schemaTables[n]}getCol(n,r){return n[r]}isChannelEnabled(n){let r=this.config.channels;if(!r)return n==="portal";switch(n){case"portal":return r.portal!==!1;case"email":return r.email===!0;case"sms":return r.sms?.enabled===!0;case"telegram":return r.telegram?.enabled===!0;case"webhook":return r.webhook?.enabled===!0;default:return!1}}interpolateTemplate(n,r){let t=n;for(let[o,c]of Object.entries(r))t=t.replace(new RegExp(`{{${o}}}`,"g"),String(c??""));for(let[o,c]of Object.entries(this.config.templateVariables||{}))t=t.replace(new RegExp(`{{${o}}}`,"g"),c);return t}async triggerNotifications(n){let{trigger:r,flow_id:t,entity_name:o,entity_id:c,node_id:i,context:a={}}=n,e=this.getTable("verificationNotificationRules"),s=this.getTable("verificationNotificationRecipients"),f=this.getTable("verificationNotificationChannels");if(!e||!s){this.logger.warn("[Notification] Notification tables not found");return}let d=new Date,w=await this.db.select().from(e).where(Vc(dr(this.getCol(e,"flowId"),t),dr(this.getCol(e,"trigger"),r)));this.logger.info(`[Notification] Found ${w.length} rules for trigger=${r} flow_id=${t}, filter_node_id=${i||"NONE"}`);for(let u of w)this.logger.info(`[Notification]   Rule ${u.id}: nodeId=${u.nodeId}, trigger=${u.trigger}, title=${JSON.stringify(u.titleTemplate)}`);let g=w.filter((u)=>{if(i&&u.nodeId!==i)return this.logger.info(`[Notification]   EXCLUDED rule ${u.id}: rule.nodeId=${u.nodeId} !== filter_node_id=${i}`),!1;if(u.startsAt&&new Date(u.startsAt)>d)return!1;if(u.expiresAt&&new Date(u.expiresAt)<d)return!1;return!0});for(let u of g){let m=await this.db.select().from(s).where(dr(this.getCol(s,"ruleId"),u.id)),l=["portal"];if(f){let H=await this.db.select().from(f).where(dr(this.getCol(f,"ruleId"),u.id));if(H.length>0)l=H.map((k)=>k.channel)}let S=l.filter((H)=>this.isChannelEnabled(H));if(S.length===0)continue;this.logger.info(`[Notification] Rule ${u.id}: ${m.length} recipients, ${S.length} channels (${S.join(",")})`);let $=await this.resolveRecipients(m,n.verifier_id,t,o,c);this.logger.info(`[Notification] Rule ${u.id}: resolved ${$.length} user IDs: ${$.join(", ")}`);let E={...a,entity_name:o,entity_id:c,trigger:r,decision:n.decision};this.logger.info(`[Notification] Rule ${u.id}: titleTemplate=${JSON.stringify(u.titleTemplate)}, bodyTemplate=${JSON.stringify(u.bodyTemplate)}, context=${JSON.stringify(E)}`);let U=u.titleTemplate?this.interpolateTemplate(u.titleTemplate,E):`Verification ${r.replace("on_","").replace("_"," ")}`,W=u.bodyTemplate?this.interpolateTemplate(u.bodyTemplate,E):void 0;this.logger.info(`[Notification] Rule ${u.id}: final title="${U}", body="${W}"`);for(let H of $)await this.send({user_id:H,title:U,body:W,entity_name:o,entity_id:c,type:"verification",source:`flow:${t}`,channels:S})}this.logger.debug(`[Notification] Triggered ${g.length} rules for ${r} on ${o}:${c}`)}async resolveRecipients(n,r,t,o,c){let i=new Set,a=this.getTable("user_roles"),e=this.getTable("roles");for(let s of n)switch(s.recipientType){case"user":if(s.recipientUserId)i.add(s.recipientUserId);break;case"role":if(s.recipientRole&&a&&e){let f=e,d=a,w=(await this.db.select().from(e).where(dr(f.name,s.recipientRole)).limit(1))[0];if(w){let g=await this.db.select({user_id:d.userId}).from(a).where(dr(d.roleId,w.id));for(let u of g)i.add(u.user_id)}}break;case"step_verifier":if(r)i.add(r);break;case"entity_creator":{if(o&&c){let f=this.getTable("verificationInstances");if(f){let _=(await this.db.select().from(f).where(Vc(dr(this.getCol(f,"entityName"),o),dr(this.getCol(f,"entityId"),c))).orderBy(rw(this.getCol(f,"createdAt"))).limit(1))[0];if(_?.startedBy)i.add(_.startedBy)}}break}case"all_verifiers":{if(t){let f=this.getTable("verificationVerifierConfigs");if(f){let d=await this.db.select().from(f).where(dr(this.getCol(f,"flowId"),t));this.logger.info(`[Notification] all_verifiers: found ${d.length} verifier configs for flow ${t}`);for(let _ of d){let w=_;if(this.logger.info(`[Notification] all_verifiers: config node_id=${w.nodeId}, type=${w.verifierType}, userId=${w.verifierUserId}, role=${w.verifierRole}`),w.verifierUserId)i.add(w.verifierUserId);if(w.verifierType==="role"&&w.verifierRole&&a&&e){let g=e,u=a,l=(await this.db.select().from(e).where(dr(g.name,w.verifierRole)).limit(1))[0];if(l){let S=await this.db.select({user_id:u.userId}).from(a).where(dr(u.roleId,l.id));for(let $ of S)i.add($.user_id)}}}}}break}}return Array.from(i)}async send(n){let{user_id:r,title:t,body:o,entity_name:c,entity_id:i,type:a,source:e,channels:s}=n;for(let f of s)switch(f){case"portal":await this.sendPortalNotification(r,t,o,c,i,a,e);break;case"email":await this.sendEmailNotification(r,t,o);break;case"sms":this.logger.debug(`[Notification] SMS channel not yet implemented for user ${r}`);break;case"telegram":this.logger.debug(`[Notification] Telegram channel not yet implemented for user ${r}`);break;case"webhook":this.logger.debug(`[Notification] Webhook channel not yet implemented for user ${r}`);break}}async sendPortalNotification(n,r,t,o,c,i,a){let e=this.getTable("notifications");if(!e){this.logger.warn("[Notification] notifications table not found");return}await this.db.insert(e).values(tf({user_id:n,title:r,body:t||null,entity_name:o||null,entity_id:c||null,type:i||"system",source:a||null,is_seen:!1})),this.logger.debug(`[Notification] Portal notification sent to ${n}: ${r}`)}async sendEmailNotification(n,r,t){if(!this.gmailService?.isAvailable()){this.logger.warn("[Notification] Gmail service not available for email notification");return}let o=this.getTable("users");if(!o){this.logger.warn("[Notification] users table not found");return}let i=(await this.db.select({email:this.getCol(o,"email")}).from(o).where(dr(this.getCol(o,"id"),n)).limit(1))[0];if(!i?.email){this.logger.warn(`[Notification] No email found for user ${n}`);return}await this.gmailService.sendEmail({to:i.email,subject:r,html:t||r}),this.logger.debug(`[Notification] Email notification sent to ${i.email}: ${r}`)}async getNotifications(n,r){let t=this.getTable("notifications");if(!t)return[];let o=[dr(this.getCol(t,"userId"),n)];if(r?.type)o.push(dr(this.getCol(t,"type"),r.type));return(await this.db.select().from(t).where(Vc(...o)).orderBy(rw(this.getCol(t,"createdAt"))).limit(r?.limit||50).offset(r?.offset||0)).map((a)=>A$(a))}async getUnseenCount(n){let r=this.getTable("notifications");if(!r)return 0;return(await this.db.select().from(r).where(Vc(dr(this.getCol(r,"userId"),n),dr(this.getCol(r,"isSeen"),!1)))).length}async markAsSeen(n,r){let t=this.getTable("notifications");if(!t)return!1;return await this.db.update(t).set(tf({is_seen:!0,seen_at:new Date})).where(Vc(dr(this.getCol(t,"id"),n),dr(this.getCol(t,"userId"),r))),!0}async markAllAsSeen(n){let r=this.getTable("notifications");if(!r)return 0;return(await this.db.update(r).set(tf({is_seen:!0,seen_at:new Date})).where(Vc(dr(this.getCol(r,"userId"),n),dr(this.getCol(r,"isSeen"),!1))).returning()).length}}var cf=b(()=>{nw()});function tw(n,r){if(!n.authorizationUrl)throw Error("Generic OAuth provider requires authorizationUrl");let t=n.scopes??[],o=new URLSearchParams({client_id:n.clientId,redirect_uri:n.redirectUri,response_type:"code",state:r,...t.length>0?{scope:t.join(" ")}:{},...n.extraAuthParams});return`${n.authorizationUrl}?${o.toString()}`}async function ow(n,r){if(!r.tokenUrl)throw Error("Generic OAuth provider requires tokenUrl");let t=await fetch(r.tokenUrl,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded",Accept:"application/json"},body:new URLSearchParams({code:n,client_id:r.clientId,client_secret:r.clientSecret,redirect_uri:r.redirectUri,grant_type:"authorization_code"}).toString()});if(!t.ok){let s=await t.text();throw Error(`Generic OAuth token exchange failed: ${s}`)}let o=await t.json();if(o.error)throw Error(`OAuth error: ${o.error_description||o.error}`);let c={accessToken:o.access_token,refreshToken:o.refresh_token,expiresAt:o.expires_in?new Date(Date.now()+o.expires_in*1000):void 0,scope:o.scope};if(!r.userInfoUrl)return{profile:{providerAccountId:o.access_token,rawProfile:o},tokens:c};let i=await fetch(r.userInfoUrl,{headers:{Authorization:`Bearer ${o.access_token}`}});if(!i.ok)throw Error("Failed to fetch user info from generic OAuth provider");let a=await i.json();return{profile:{providerAccountId:a.id??a.sub??a.user_id??o.access_token,email:a.email,name:a.name??a.display_name??a.username,avatarUrl:a.avatar_url??a.picture??a.photo,rawProfile:a},tokens:c}}function cw(n,r){let t=n.scopes??["read:user","user:email"];return`https://github.com/login/oauth/authorize?${new URLSearchParams({client_id:n.clientId,redirect_uri:n.redirectUri,scope:t.join(" "),state:r,...n.extraAuthParams}).toString()}`}async function iw(n,r){let t=await fetch("https://github.com/login/oauth/access_token",{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded",Accept:"application/json"},body:new URLSearchParams({code:n,client_id:r.clientId,client_secret:r.clientSecret,redirect_uri:r.redirectUri}).toString()});if(!t.ok){let f=await t.text();throw Error(`GitHub token exchange failed: ${f}`)}let o=await t.json();if(o.error)throw Error(`GitHub OAuth error: ${o.error_description||o.error}`);let c={accessToken:o.access_token,refreshToken:o.refresh_token,expiresAt:o.expires_in?new Date(Date.now()+o.expires_in*1000):void 0,scope:o.scope},i=await fetch("https://api.github.com/user",{headers:{Authorization:`Bearer ${o.access_token}`,Accept:"application/vnd.github+json"}});if(!i.ok)throw Error("Failed to fetch GitHub user info");let a=await i.json(),e=a.email;if(!e)try{let f=await fetch("https://api.github.com/user/emails",{headers:{Authorization:`Bearer ${o.access_token}`,Accept:"application/vnd.github+json"}});if(f.ok){let d=await f.json();e=d.find((w)=>w.primary&&w.verified)?.email??d[0]?.email}}catch{}return{profile:{providerAccountId:String(a.id),email:e,name:a.name??a.login,avatarUrl:a.avatar_url,rawProfile:a},tokens:c}}function aw(n,r){let t=n.scopes??["openid","email","profile"];return`https://accounts.google.com/o/oauth2/v2/auth?${new URLSearchParams({client_id:n.clientId,redirect_uri:n.redirectUri,response_type:"code",scope:t.join(" "),state:r,access_type:"offline",prompt:"select_account",...n.extraAuthParams}).toString()}`}async function ew(n,r){let t=await fetch("https://oauth2.googleapis.com/token",{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded"},body:new URLSearchParams({code:n,client_id:r.clientId,client_secret:r.clientSecret,redirect_uri:r.redirectUri,grant_type:"authorization_code"}).toString()});if(!t.ok){let s=await t.text();throw Error(`Google token exchange failed: ${s}`)}let o=await t.json(),c={accessToken:o.access_token,refreshToken:o.refresh_token,expiresAt:o.expires_in?new Date(Date.now()+o.expires_in*1000):void 0,scope:o.scope},i=await fetch("https://www.googleapis.com/oauth2/v3/userinfo",{headers:{Authorization:`Bearer ${o.access_token}`}});if(!i.ok)throw Error("Failed to fetch Google user info");let a=await i.json();return{profile:{providerAccountId:a.sub,email:a.email,name:a.name,avatarUrl:a.picture,rawProfile:a},tokens:c}}function sw(n){return`https://login.microsoftonline.com/${n.tenantId??"common"}/oauth2/v2.0`}function fw(n,r){let t=n.scopes??["openid","email","profile","User.Read"],o=new URLSearchParams({client_id:n.clientId,redirect_uri:n.redirectUri,response_type:"code",scope:t.join(" "),state:r,response_mode:"query",...n.extraAuthParams});return`${sw(n)}/authorize?${o.toString()}`}async function _w(n,r){let t=await fetch(`${sw(r)}/token`,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded"},body:new URLSearchParams({code:n,client_id:r.clientId,client_secret:r.clientSecret,redirect_uri:r.redirectUri,grant_type:"authorization_code"}).toString()});if(!t.ok){let s=await t.text();throw Error(`Microsoft token exchange failed: ${s}`)}let o=await t.json();if(o.error)throw Error(`Microsoft OAuth error: ${o.error_description||o.error}`);let c={accessToken:o.access_token,refreshToken:o.refresh_token,expiresAt:o.expires_in?new Date(Date.now()+o.expires_in*1000):void 0,scope:o.scope},i=await fetch("https://graph.microsoft.com/v1.0/me",{headers:{Authorization:`Bearer ${o.access_token}`}});if(!i.ok)throw Error("Failed to fetch Microsoft user info");let a=await i.json();return{profile:{providerAccountId:a.id,email:a.mail??a.userPrincipalName,name:a.displayName,avatarUrl:void 0,rawProfile:a},tokens:c}}import{randomBytes as E$}from"crypto";class ee{config;stateStore=new Map;cleanupInterval=null;constructor(n){this.config=n;let r=(n.stateTtlSeconds??600)*1000;this.cleanupInterval=setInterval(()=>{let t=Date.now();for(let[o,c]of this.stateStore.entries())if(c.expiresAt<t)this.stateStore.delete(o)},r)}stop(){if(this.cleanupInterval)clearInterval(this.cleanupInterval),this.cleanupInterval=null}isProviderEnabled(n){return!!(this.config.enabled&&this.config.providers[n])}getEnabledProviders(){if(!this.config.enabled)return[];return Object.keys(this.config.providers)}buildAuthorizationUrl(n,r,t){let o=this.config.providers[n];if(!o)throw Error(`OAuth provider "${n}" is not configured`);let c={provider:n,linkUserId:r,redirectUrl:t,createdAt:Date.now()},i=E$(32).toString("hex"),a=(this.config.stateTtlSeconds??600)*1000;switch(this.stateStore.set(i,{payload:c,expiresAt:Date.now()+a}),n){case"google":return aw(o,i);case"github":return cw(o,i);case"microsoft":return fw(o,i);default:return tw(o,i)}}consumeState(n){let r=this.stateStore.get(n);if(!r)return null;if(r.expiresAt<Date.now())return this.stateStore.delete(n),null;return this.stateStore.delete(n),r.payload}async exchangeCode(n,r){let t=this.config.providers[n];if(!t)throw Error(`OAuth provider "${n}" is not configured`);switch(n){case"google":return ew(r,t);case"github":return iw(r,t);case"microsoft":return _w(r,t);default:return ow(r,t)}}get allowAccountLinking(){return this.config.allowAccountLinking??!0}get autoCreateUser(){return this.config.autoCreateUser??!0}get successRedirectUrl(){return this.config.successRedirectUrl??"/"}get errorRedirectUrl(){return this.config.errorRedirectUrl??"/login"}get sendInviteOnCreate(){return this.config.sendInviteOnCreate??!1}get basePath(){return this.config.basePath??"/auth/oauth"}}var lw=()=>{};var af=b(()=>{lw()});class ef{redis;logger;config;constructor(n){this.redis=n.redis,this.logger=n.logger,this.config=this.mergeConfig(n.config)}mergeConfig(n){return{enabled:n.enabled??Sr.enabled,strategy:n.strategy??Sr.strategy,keyPrefix:n.keyPrefix??Sr.keyPrefix,authRoutes:{window:n.authRoutes?.window??Sr.authRoutes.window,max:n.authRoutes?.max??Sr.authRoutes.max,login:{window:n.authRoutes?.login?.window??se.window,max:n.authRoutes?.login?.max??se.max,blockDuration:n.authRoutes?.login?.blockDuration??se.blockDuration},register:{window:n.authRoutes?.register?.window??fe.window,max:n.authRoutes?.register?.max??fe.max,blockDuration:n.authRoutes?.register?.blockDuration??fe.blockDuration},passwordReset:{window:n.authRoutes?.passwordReset?.window??_e.window,max:n.authRoutes?.passwordReset?.max??_e.max,blockDuration:n.authRoutes?.passwordReset?.blockDuration??_e.blockDuration},magicLink:{window:n.authRoutes?.magicLink?.window??le.window,max:n.authRoutes?.magicLink?.max??le.max,blockDuration:n.authRoutes?.magicLink?.blockDuration??le.blockDuration}},publicRoutes:{window:n.publicRoutes?.window??Sr.publicRoutes.window,max:n.publicRoutes?.max??Sr.publicRoutes.max},privateRoutes:{window:n.privateRoutes?.window??Sr.privateRoutes.window,max:n.privateRoutes?.max??Sr.privateRoutes.max},byIp:n.byIp??Sr.byIp,byUserId:n.byUserId??Sr.byUserId,byEndpoint:n.byEndpoint??Sr.byEndpoint,skipSuccessfulRequests:n.skipSuccessfulRequests??Sr.skipSuccessfulRequests,headers:{remaining:n.headers?.remaining??Sr.headers.remaining,reset:n.headers?.reset??Sr.headers.reset,limit:n.headers?.limit??Sr.headers.limit},whitelist:n.whitelist??Sr.whitelist,blacklist:n.blacklist??Sr.blacklist}}parseTimeToMs(n){let r=n.match(/^(\d+)(ms|s|m|h|d)$/);if(!r||!r[1]||!r[2])return 60000;let t=parseInt(r[1],10);switch(r[2]){case"ms":return t;case"s":return t*1000;case"m":return t*60*1000;case"h":return t*60*60*1000;case"d":return t*24*60*60*1000;default:return 60000}}buildKey(n){let r=[this.config.keyPrefix,n.category];if(n.authType&&n.authType!=="other")r.push(n.authType);if(this.config.byIp&&n.ip)r.push(`ip:${n.ip}`);if(this.config.byUserId&&n.userId)r.push(`user:${n.userId}`);if(this.config.byEndpoint&&n.endpoint)r.push(`ep:${n.endpoint.replace(/\//g,"_")}`);return r.join(":")}getLimits(n,r){if(n==="auth"){if(r&&r!=="other"){let t=this.config.authRoutes[r];if(t)return t}return{window:this.config.authRoutes.window,max:this.config.authRoutes.max}}if(n==="public")return this.config.publicRoutes;return this.config.privateRoutes}isWhitelisted(n){return this.config.whitelist.some((r)=>{if(r.includes("*"))return new RegExp(`^${r.replace(/\*/g,".*")}$`).test(n);return r===n})}isBlacklisted(n){return this.config.blacklist.some((r)=>{if(r.includes("*"))return new RegExp(`^${r.replace(/\*/g,".*")}$`).test(n);return r===n})}async readRedis(n){let r=await this.redis.read(n);if(r.success)return r.data;return null}async check(n){if(!this.config.enabled)return{allowed:!0,remaining:-1,resetAt:0,limit:-1};if(this.isWhitelisted(n.ip))return{allowed:!0,remaining:-1,resetAt:0,limit:-1};if(this.isBlacklisted(n.ip))return this.logger.warn(`[RateLimit] Blacklisted IP: ${n.ip}`),{allowed:!1,remaining:0,resetAt:Date.now()+86400000,limit:0,retryAfter:86400};let r=this.buildKey(n),t=this.getLimits(n.category,n.authType),o=this.parseTimeToMs(t.window),c=`${r}:blocked`,i=await this.readRedis(c);if(i&&i.until>Date.now()){let a=Math.ceil((i.until-Date.now())/1000);return this.logger.warn(`[RateLimit] Blocked: ${r}, retry after ${a}s`),{allowed:!1,remaining:0,resetAt:i.until,limit:t.max,retryAfter:a}}if(this.config.strategy==="sliding-window")return this.slidingWindowCheck(r,t.max,o,t.blockDuration);if(this.config.strategy==="fixed-window")return this.fixedWindowCheck(r,t.max,o,t.blockDuration);return this.tokenBucketCheck(r,t.max,o)}async slidingWindowCheck(n,r,t,o){let c=Date.now(),i=c-t,a=`${n}:sw`,s=(await this.readRedis(a))?.timestamps||[];s=s.filter((w)=>w>i);let f=s.length,d=s[0],_=d!==void 0?d+t:c+t;if(f>=r){if(o){let w=this.parseTimeToMs(o);await this.redis.create(`${n}:blocked`,{until:c+w},Math.ceil(w/1000))}return{allowed:!1,remaining:0,resetAt:_,limit:r,retryAfter:Math.ceil((_-c)/1000)}}return s.push(c),await this.redis.create(a,{timestamps:s},Math.ceil(t/1000)+1),{allowed:!0,remaining:r-s.length,resetAt:_,limit:r}}async fixedWindowCheck(n,r,t,o){let c=Date.now(),i=Math.floor(c/t),a=`${n}:fw:${i}`,e=(i+1)*t,f=(await this.readRedis(a))?.count||0;if(f>=r){if(o){let d=this.parseTimeToMs(o);await this.redis.create(`${n}:blocked`,{until:c+d},Math.ceil(d/1000))}return{allowed:!1,remaining:0,resetAt:e,limit:r,retryAfter:Math.ceil((e-c)/1000)}}return await this.redis.create(a,{count:f+1},Math.ceil(t/1000)+1),{allowed:!0,remaining:r-(f+1),resetAt:e,limit:r}}async tokenBucketCheck(n,r,t){let o=Date.now(),c=r/t,i=`${n}:tb`,a=await this.readRedis(i),e=a?.tokens??r,s=a?.lastRefill??o,d=(o-s)*c;if(e=Math.min(r,e+d),e<1){let _=Math.ceil((1-e)/c);return{allowed:!1,remaining:0,resetAt:o+_,limit:r,retryAfter:Math.ceil(_/1000)}}return e-=1,await this.redis.create(i,{tokens:e,lastRefill:o},Math.ceil(t/1000)*2),{allowed:!0,remaining:Math.floor(e),resetAt:o+t,limit:r}}async decrement(n){if(!this.config.skipSuccessfulRequests)return;let r=this.buildKey(n);if(this.config.strategy==="sliding-window"){let t=`${r}:sw`,o=await this.readRedis(t);if(o?.timestamps?.length){o.timestamps.pop();let c=this.parseTimeToMs(this.getLimits(n.category,n.authType).window);await this.redis.create(t,o,Math.ceil(c/1000)+1)}}else if(this.config.strategy==="fixed-window"){let t=this.parseTimeToMs(this.getLimits(n.category,n.authType).window),o=Math.floor(Date.now()/t),c=`${r}:fw:${o}`,i=await this.readRedis(c);if(i?.count)await this.redis.create(c,{count:i.count-1},Math.ceil(t/1000)+1)}}getHeaders(n){let r={};return r[this.config.headers.remaining]=String(n.remaining),r[this.config.headers.reset]=String(Math.ceil(n.resetAt/1000)),r[this.config.headers.limit]=String(n.limit),r}isEnabled(){return this.config.enabled}}var se,fe,_e,le,Sr;var dw=b(()=>{se={window:"15m",max:5,blockDuration:"30m"},fe={window:"1h",max:3,blockDuration:"1h"},_e={window:"1h",max:3,blockDuration:"1h"},le={window:"1h",max:5,blockDuration:"1h"},Sr={enabled:!0,strategy:"sliding-window",keyPrefix:"rl:",authRoutes:{window:"1m",max:10,login:se,register:fe,passwordReset:_e,magicLink:le},publicRoutes:{window:"1m",max:100},privateRoutes:{window:"1m",max:60},byIp:!0,byUserId:!0,byEndpoint:!1,skipSuccessfulRequests:!1,headers:{remaining:"X-RateLimit-Remaining",reset:"X-RateLimit-Reset",limit:"X-RateLimit-Limit"},whitelist:[],blacklist:[]}});var uw=()=>{};import{and as Ot,desc as sf,eq as on,inArray as ww}from"drizzle-orm";function Wr(n){let r={};for(let[t,o]of Object.entries(n)){let c=t.replace(/_([a-z])/g,(i,a)=>a.toUpperCase());r[c]=o}return r}function Mr(n){let r={};for(let[t,o]of Object.entries(n)){let c=t.replace(/[A-Z]/g,(i)=>`_${i.toLowerCase()}`);r[c]=o}return r}class ff{db;schemaTables;config;logger;onNotificationTrigger;constructor(n){this.db=n.db,this.schemaTables=n.schemaTables,this.config=n.config,this.logger=n.logger}setNotificationHandler(n){this.onNotificationTrigger=n}getConnectedNotificationNodeIds(n,r,t){let o=new Set,c=(e)=>{let s=[];for(let f of t){let{sourceNodeId:d,targetNodeId:_}=f;if(d===e)s.push(_);else if(_===e)s.push(d)}return s},i=c(n);for(let e of i)if(r.find((f)=>f.nodeId===e)?.nodeType==="notification")o.add(e);for(let e of i)if(r.find((f)=>f.nodeId===e)?.nodeType==="verifier"){let f=c(e);for(let d of f){if(d===n)continue;if(r.find((w)=>w.nodeId===d)?.nodeType==="notification")o.add(d)}}let a=[...o];return this.logger.info(`[Verification] Connected notification nodes for step ${n}: [${a.join(", ")}]`),a}getTable(n){return this.schemaTables[n]}getCol(n,r){return n[r]}async listFlows(n){let r=this.getTable("verificationFlows");if(!r)return[];return(await(n?this.db.select().from(r).where(on(this.getCol(r,"entityName"),n)):this.db.select().from(r))).map((c)=>Mr(c))}async getFlow(n){let r=this.getTable("verificationFlows"),t=this.getTable("verificationSteps"),o=this.getTable("verificationEdges"),c=this.getTable("verificationVerifierConfigs"),i=this.getTable("verificationNotificationRules"),a=this.getTable("verificationNotificationRecipients"),e=this.getTable("verificationNotificationChannels");if(!r)return null;let f=(await this.db.select().from(r).where(on(this.getCol(r,"id"),n)).limit(1))[0];if(!f)return null;let d=Mr(f),w=(t?await this.db.select().from(t).where(on(this.getCol(t,"flowId"),n)):[]).map((D)=>Mr(D)),u=(o?await this.db.select().from(o).where(on(this.getCol(o,"flowId"),n)):[]).map((D)=>Mr(D)),l=(c?await this.db.select().from(c).where(on(this.getCol(c,"flowId"),n)):[]).map((D)=>Mr(D)),$=(i?await this.db.select().from(i).where(on(this.getCol(i,"flowId"),n)):[]).map((D)=>Mr(D)),E=$.map((D)=>D.id),W=(a&&E.length>0?await this.db.select().from(a).where(ww(this.getCol(a,"ruleId"),E)):[]).map((D)=>Mr(D)),k=(e&&E.length>0?await this.db.select().from(e).where(ww(this.getCol(e,"ruleId"),E)):[]).map((D)=>Mr(D));return{flow:d,graph:{steps:w,edges:u,verifier_configs:l,notification_rules:$,notification_recipients:W,notification_channels:k}}}async saveFlow(n){let r=this.getTable("verificationFlows"),t=this.getTable("verificationSteps"),o=this.getTable("verificationEdges"),c=this.getTable("verificationVerifierConfigs"),i=this.getTable("verificationNotificationRules"),a=this.getTable("verificationNotificationRecipients"),e=this.getTable("verificationNotificationChannels");if(!r||!t||!o)throw Error("Verification tables not configured");let s=await this.db.select().from(r).where(on(this.getCol(r,"id"),n.flow_id)).limit(1),f=n.flow_id;if(s.length>0)await this.db.update(r).set(Wr({entity_name:n.entity_name,name:n.name,description:n.description||null,trigger_on:n.trigger_on,trigger_fields:n.trigger_fields||null,is_draft:n.is_draft,viewport:n.viewport||null})).where(on(this.getCol(r,"id"),f));else{let[_]=await this.db.insert(r).values(Wr({id:f,entity_name:n.entity_name,name:n.name,description:n.description||null,trigger_on:n.trigger_on,trigger_fields:n.trigger_fields||null,is_draft:n.is_draft,viewport:n.viewport||null})).returning();f=_.id}if(await this.db.delete(t).where(on(this.getCol(t,"flowId"),f)),o)await this.db.delete(o).where(on(this.getCol(o,"flowId"),f));if(c)await this.db.delete(c).where(on(this.getCol(c,"flowId"),f));if(i){let w=(await this.db.select().from(i).where(on(this.getCol(i,"flowId"),f))).map((g)=>g.id);if(w.length>0){if(a)for(let g of w)await this.db.delete(a).where(on(this.getCol(a,"ruleId"),g));if(e)for(let g of w)await this.db.delete(e).where(on(this.getCol(e,"ruleId"),g))}await this.db.delete(i).where(on(this.getCol(i,"flowId"),f))}let{graph:d}=n;if(d.steps.length>0)await this.db.insert(t).values(d.steps.map((_)=>Wr({flow_id:f,entity_name:n.entity_name,node_id:_.node_id,node_type:_.node_type,step_order:_.step_order,name:_.name||null,description:_.description||null,position_x:_.position_x,position_y:_.position_y,width:_.width||null,height:_.height||null,style:_.style||null,data:_.data||null})));if(d.edges.length>0&&o)await this.db.insert(o).values(d.edges.map((_)=>Wr({flow_id:f,edge_id:_.edge_id,source_node_id:_.source_node_id,target_node_id:_.target_node_id,source_handle:_.source_handle||null,target_handle:_.target_handle||null,edge_type:_.edge_type,label:_.label||null,condition:_.condition||null,style:_.style||null,animated:_.animated})));if(d.verifier_configs.length>0&&c)await this.db.insert(c).values(d.verifier_configs.map((_)=>Wr({flow_id:f,node_id:_.node_id,verifier_type:_.verifier_type,verifier_user_id:_.verifier_user_id||null,verifier_role:_.verifier_role||null,require_signature:_.require_signature,all_must_approve:_.all_must_approve})));if(this.logger.info(`[Verification] Save: ${d.notification_rules.length} rules, ${d.notification_recipients.length} recipients, ${d.notification_channels.length} channels`),d.notification_rules.length>0&&i)for(let _ of d.notification_rules){this.logger.info(`[Verification] Saving notification rule: node_id=${_.node_id}, trigger=${_.trigger}, title_template=${JSON.stringify(_.title_template)}, body_template=${JSON.stringify(_.body_template)}`);let[w]=await this.db.insert(i).values(Wr({flow_id:f,node_id:_.node_id,trigger:_.trigger,title_template:_.title_template||null,body_template:_.body_template||null,starts_at:_.starts_at||null,expires_at:_.expires_at||null})).returning(),g=w.id,u=d.notification_recipients.filter((l)=>l.rule_id===_.node_id);if(u.length>0&&a)await this.db.insert(a).values(u.map((l)=>Wr({rule_id:g,recipient_type:l.recipient_type,recipient_user_id:l.recipient_user_id||null,recipient_role:l.recipient_role||null})));let m=d.notification_channels.filter((l)=>l.rule_id===_.node_id);if(m.length>0&&e)await this.db.insert(e).values(m.map((l)=>Wr({rule_id:g,channel:l.channel})))}return this.logger.info(`[Verification] Flow saved: ${f} for ${n.entity_name}`),{success:!0,flow_id:f}}async publishFlow(n){let r=this.getTable("verificationFlows");if(!r)return{success:!1,message:"Flow table not configured"};return await this.db.update(r).set(Wr({is_draft:!1,published_at:new Date})).where(on(this.getCol(r,"id"),n)),this.logger.info(`[Verification] Flow published: ${n}`),{success:!0,message:"Flow published"}}async deleteFlow(n){let r=this.getTable("verificationFlows");if(!r)return{success:!1,message:"Flow table not configured"};return await this.db.delete(r).where(on(this.getCol(r,"id"),n)),this.logger.info(`[Verification] Flow deleted: ${n}`),{success:!0,message:"Flow deleted"}}async startFlow(n){let r=this.getTable("verificationFlows"),t=this.getTable("verificationSteps"),o=this.getTable("verificationEdges"),c=this.getTable("verificationVerifierConfigs"),i=this.getTable("verificationInstances"),a=this.getTable("verificationRequirements"),e=this.getTable("user_roles");if(!r||!t||!o||!i||!a)return{success:!1,message:"Verification tables not configured"};let f=(await this.db.select().from(r).where(Ot(on(this.getCol(r,"id"),n.flow_id),on(this.getCol(r,"isDraft"),!1))).limit(1))[0];if(!f)return{success:!1,message:"Published flow not found"};if((await this.db.select().from(i).where(Ot(on(this.getCol(i,"entityName"),n.entity_name),on(this.getCol(i,"entityId"),n.entity_id),on(this.getCol(i,"status"),"active"))).limit(1)).length>0)return{success:!1,message:"An active verification instance already exists for this entity"};let _=await this.db.select().from(t).where(on(this.getCol(t,"flowId"),n.flow_id)),w=await this.db.select().from(o).where(on(this.getCol(o,"flowId"),n.flow_id)),g=_.filter((l)=>l.nodeType==="step");if(g.sort((l,S)=>l.stepOrder-S.stepOrder),g.length===0)return{success:!1,message:"Flow has no step nodes"};let[u]=await this.db.insert(i).values(Wr({flow_id:n.flow_id,entity_name:n.entity_name,entity_id:n.entity_id,started_by:n.started_by||null,status:"active",current_step_order:1,started_at:new Date})).returning(),m=u.id;if(await this.materializeRequirementsForStep(m,n.flow_id,n.entity_name,n.entity_id,1,_,w,c,a,e),this.onNotificationTrigger){let l=g[0],S=l?.nodeId,$=S?this.getConnectedNotificationNodeIds(S,_,w):[],E={flow_name:f.name,step_name:l?.name||"Step 1",step_order:1,total_steps:g.length};if($.length>0)for(let U of $)await this.onNotificationTrigger({trigger:"on_flow_started",flow_id:n.flow_id,entity_name:n.entity_name,entity_id:n.entity_id,node_id:U,context:E});else await this.onNotificationTrigger({trigger:"on_flow_started",flow_id:n.flow_id,entity_name:n.entity_name,entity_id:n.entity_id,context:E})}return this.logger.info(`[Verification] Flow started: instance ${m} for ${n.entity_name}:${n.entity_id}`),{success:!0,instance_id:m,message:"Flow started"}}async materializeRequirementsForStep(n,r,t,o,c,i,a,e,s,f){if(!s)return;let d=i.find((l)=>l.nodeType==="step"&&l.stepOrder===c);if(!d)return;let _=d.nodeId,g=a.filter((l)=>l.targetNodeId===_).map((l)=>l.sourceNodeId),u=i.filter((l)=>l.nodeType==="verifier"&&g.includes(l.nodeId));if(u.length===0)return;let m=[];if(e)m=await this.db.select().from(e).where(on(this.getCol(e,"flowId"),r));for(let l of u){let S=l.nodeId,$=m.find((W)=>W.nodeId===S);if(!$)continue;let{verifierType:E,allMustApprove:U}=$;if(E==="role"&&U&&f){let W=this.getTable("roles");if(W){let H=W,k=f,A=(await this.db.select().from(W).where(on(H.name,$.verifierRole)).limit(1))[0];if(A){let h=await this.db.select({user_id:k.userId}).from(f).where(on(k.roleId,A.id));for(let R of h)await this.db.insert(s).values(Wr({instance_id:n,step_node_id:_,verifier_node_id:S,entity_name:t,entity_id:o,verifier_type:"user",verifier_user_id:R.user_id,verifier_role:$.verifierRole||null,require_signature:$.requireSignature,all_must_approve:!0,step_order:c,status:"pending"}))}}}else await this.db.insert(s).values(Wr({instance_id:n,step_node_id:_,verifier_node_id:S,entity_name:t,entity_id:o,verifier_type:E,verifier_user_id:$.verifierUserId||null,verifier_role:$.verifierRole||null,require_signature:$.requireSignature,all_must_approve:U,step_order:c,status:"pending"}))}if(this.onNotificationTrigger){let l=this.getConnectedNotificationNodeIds(_,i,a);if(this.logger.info(`[Verification] on_step_reached: stepNodeId=${_}, connectedNotifIds=[${l.join(", ")}]`),l.length>0)for(let S of l)this.logger.info(`[Verification] Triggering on_step_reached for notifNodeId=${S}`),await this.onNotificationTrigger({trigger:"on_step_reached",flow_id:r,entity_name:t,entity_id:o,node_id:S,context:{step_name:d.name||`Step ${c}`,step_order:c}});else await this.onNotificationTrigger({trigger:"on_step_reached",flow_id:r,entity_name:t,entity_id:o,context:{step_name:d.name||`Step ${c}`,step_order:c}})}}async getStatus(n,r){let t=this.getTable("verificationInstances"),o=this.getTable("verificationFlows"),c=this.getTable("verificationSteps"),i=this.getTable("verifications"),a=this.getTable("verificationRequirements"),e={entity_name:n,entity_id:r,instance:null,flow:null,current_step:0,total_steps:0,is_completed:!1,is_rejected:!1,verifications:[],pending_requirements:[]};if(!t||!o||!i||!a)return this.logger.error("[Verification] Required tables not found"),e;let f=(await this.db.select().from(t).where(Ot(on(this.getCol(t,"entityName"),n),on(this.getCol(t,"entityId"),r))).orderBy(sf(this.getCol(t,"createdAt"))).limit(1))[0];if(!f)return e;let d=Mr(f),_=await this.db.select().from(o).where(on(this.getCol(o,"id"),d.flow_id)).limit(1),w=_[0]?Mr(_[0]):void 0,u=(c?await this.db.select().from(c).where(Ot(on(this.getCol(c,"flowId"),d.flow_id),on(this.getCol(c,"nodeType"),"step"))):[]).length,l=(await this.db.select().from(i).where(on(this.getCol(i,"instanceId"),d.id)).orderBy(sf(this.getCol(i,"createdAt")))).map((E)=>Mr(E)),$=(await this.db.select().from(a).where(Ot(on(this.getCol(a,"instanceId"),d.id),on(this.getCol(a,"status"),"pending")))).map((E)=>Mr(E));return{entity_name:n,entity_id:r,instance:d,flow:w||null,current_step:d.current_step_order,total_steps:u,is_completed:d.status==="completed",is_rejected:d.status==="rejected",verifications:l,pending_requirements:$}}async decide(n){let{entity_name:r,entity_id:t,user_id:o,decision:c,reason:i,signature_id:a,diff:e}=n,s=this.getTable("verifications"),f=this.getTable("verificationRequirements"),d=this.getTable("verificationInstances"),_=this.getTable("verificationSteps"),w=this.getTable("verificationEdges"),g=this.getTable("verificationVerifierConfigs"),u=this.getTable("user_roles"),m=this.getTable("roles");if(!s||!f||!d)return{success:!1,message:"Verification tables not configured"};let l=await this.getStatus(r,t);if(!l.instance||l.instance.status!=="active")return{success:!1,message:"No active verification instance"};let S=l.pending_requirements.filter((D)=>D.step_order===l.current_step);if(S.length===0)return{success:!1,message:"No pending requirements for current step"};let $=null;for(let D of S){if(D.verifier_type==="user"&&D.verifier_user_id===o){$=D;break}if(D.verifier_type==="role"&&D.verifier_role&&u&&m){let A=u,h=m;if((await this.db.select({role_name:h.name}).from(u).innerJoin(m,on(A.roleId,h.id)).where(on(A.userId,o))).some((Y)=>Y.role_name===D.verifier_role)){$=D;break}}}if(!$)return{success:!1,message:"User is not authorized to verify at this step"};if($.require_signature&&!a)return{success:!1,message:"Signature is required for this verification step"};let[E]=await this.db.insert(s).values(Wr({instance_id:l.instance.id,requirement_id:$.id,verifier_id:o,signature_id:a||null,entity_name:r,entity_id:t,step_order:l.current_step,decision:c,reason:i||null,diff:e||null})).returning();if(await this.db.update(f).set({status:c}).where(on(this.getCol(f,"id"),$.id)),this.onNotificationTrigger&&l.instance){let D=`Step ${l.current_step}`,A=[],h=[];if(_){A=await this.db.select().from(_).where(on(this.getCol(_,"flowId"),l.instance.flow_id));let X=A.find((z)=>z.nodeId===$.step_node_id);if(X?.name)D=X.name}if(w)h=await this.db.select().from(w).where(on(this.getCol(w,"flowId"),l.instance.flow_id));let R=c==="approved"?"on_approved":"on_rejected",B={flow_name:l.flow?.name||"",step_name:D,step_order:l.current_step,total_steps:l.total_steps,decision:c},Y=this.getConnectedNotificationNodeIds($.step_node_id,A,h);if(Y.length>0)for(let X of Y)await this.onNotificationTrigger({trigger:R,flow_id:l.instance.flow_id,entity_name:r,entity_id:t,node_id:X,verifier_id:o,decision:c,context:B});else await this.onNotificationTrigger({trigger:R,flow_id:l.instance.flow_id,entity_name:r,entity_id:t,verifier_id:o,decision:c,context:B})}if(c==="rejected"){await this.db.update(d).set(Wr({status:"rejected",completed_at:new Date})).where(on(this.getCol(d,"id"),l.instance.id));let D;if(this.config.autoResetOnRejection){this.logger.info(`[Verification] Flow rejected for ${r}:${t}, auto-restarting from step 1`);let A=await this.startFlow({flow_id:l.instance.flow_id,entity_name:r,entity_id:t,started_by:l.instance.started_by});if(A.success)D=A.instance_id}return{success:!0,message:this.config.autoResetOnRejection?"Verification rejected \u2014 flow restarted from step 1":"Verification rejected",verification:E,flow_completed:!1,new_instance_id:D}}let U=$.id,W=S.filter((D)=>D.id!==U);if(W.length>0)return{success:!0,message:`Step ${l.current_step} partially approved, ${W.length} verifier(s) remaining`,verification:E,flow_completed:!1};let H=l.current_step+1;if(H>l.total_steps){if(await this.db.update(d).set(Wr({status:"completed",completed_at:new Date})).where(on(this.getCol(d,"id"),l.instance.id)),this.onNotificationTrigger){let D=[],A=[];if(_)D=await this.db.select().from(_).where(on(this.getCol(_,"flowId"),l.instance.flow_id));if(w)A=await this.db.select().from(w).where(on(this.getCol(w,"flowId"),l.instance.flow_id));let h=$.step_node_id,R=this.getConnectedNotificationNodeIds(h,D,A),B={flow_name:l.flow?.name||"",step_order:l.current_step,total_steps:l.total_steps};if(R.length>0)for(let Y of R)await this.onNotificationTrigger({trigger:"on_flow_completed",flow_id:l.instance.flow_id,entity_name:r,entity_id:t,node_id:Y,context:B});else await this.onNotificationTrigger({trigger:"on_flow_completed",flow_id:l.instance.flow_id,entity_name:r,entity_id:t,context:B})}return{success:!0,message:"Verification flow completed",verification:E,flow_completed:!0}}if(await this.db.update(d).set(Wr({current_step_order:H})).where(on(this.getCol(d,"id"),l.instance.id)),_&&w){let D=await this.db.select().from(_).where(on(this.getCol(_,"flowId"),l.instance.flow_id)),A=await this.db.select().from(w).where(on(this.getCol(w,"flowId"),l.instance.flow_id));await this.materializeRequirementsForStep(l.instance.id,l.instance.flow_id,r,t,H,D,A,g,f,u)}return{success:!0,message:`Step ${l.current_step} approved, moving to step ${H}`,verification:E,flow_completed:!1,next_step:H}}async startFlowForEntity(n){let r=this.getTable("verificationFlows");if(!r)return{success:!1,message:"Flow table not configured"};let o=(await this.db.select().from(r).where(Ot(on(this.getCol(r,"entityName"),n.entity_name),on(this.getCol(r,"isDraft"),!1))).limit(1))[0];if(!o)return{success:!1,message:`No published flow found for entity '${n.entity_name}'`};return this.startFlow({flow_id:o.id,entity_name:n.entity_name,entity_id:n.entity_id,started_by:n.started_by})}async listEntityStatuses(n){let r=this.getTable("verificationInstances"),t=this.getTable("verificationFlows"),o=this.getTable("verificationSteps"),c={items:[],total:0,page:1,limit:20};if(!r||!t)return c;let i=n.page||1,a=n.limit||20,e=(i-1)*a,s=[on(this.getCol(r,"entityName"),n.entity_name)];if(n.status)s.push(on(this.getCol(r,"status"),n.status));let f=s.length===1?s[0]:Ot(...s),_=(await this.db.select().from(r).where(f).orderBy(sf(this.getCol(r,"createdAt")))).map((m)=>Mr(m)),w=_.length,g=_.slice(e,e+a),u=[];for(let m of g){let l=m.flow_id,S=await this.db.select().from(t).where(on(this.getCol(t,"id"),l)).limit(1),$=S[0]?Mr(S[0]):void 0,E=0;if(o)E=(await this.db.select().from(o).where(Ot(on(this.getCol(o,"flowId"),l),on(this.getCol(o,"nodeType"),"step")))).length;u.push({instance_id:m.id,entity_name:m.entity_name,entity_id:m.entity_id,flow_id:l,flow_name:$?.name||"Unknown",status:m.status,current_step_order:m.current_step_order,total_steps:E,started_by:m.started_by,started_at:m.started_at,completed_at:m.completed_at})}return{items:u,total:w,page:i,limit:a}}async getPending(n){let r=this.getTable("verificationRequirements"),t=this.getTable("verificationInstances"),o=this.getTable("verificationFlows"),c=this.getTable("verificationSteps"),i=this.getTable("user_roles"),a=this.getTable("roles");if(this.logger.info(`[Verification.getPending] userId=${n}, tables: req=${!!r} inst=${!!t} flow=${!!o} steps=${!!c} roles=${!!a} userRoles=${!!i}`),!r||!t||!o)return this.logger.warn("[Verification.getPending] Missing required tables, returning empty"),[];let e=i,s=a,d=(i&&a?await this.db.select({role_name:s.name}).from(i).innerJoin(a,on(e.roleId,s.id)).where(on(e.userId,n)):[]).map((u)=>u.role_name),w=(await this.db.select().from(r).where(on(this.getCol(r,"status"),"pending"))).map((u)=>Mr(u));this.logger.info(`[Verification.getPending] Found ${w.length} pending requirements, userRoles=${JSON.stringify(d)}`);for(let u of w)this.logger.info(`[Verification.getPending] Req: verifier_type=${u.verifier_type} verifier_user_id=${u.verifier_user_id} verifier_role=${u.verifier_role} step_order=${u.step_order} entity=${u.entity_name}/${u.entity_id}`);let g=[];for(let u of w){if(!(u.verifier_type==="user"&&u.verifier_user_id===n||u.verifier_type==="role"&&d.includes(u.verifier_role))){this.logger.info(`[Verification.getPending] Skipping req: canVerify=false (type=${u.verifier_type}, reqUserId=${u.verifier_user_id}, loggedInUserId=${n})`);continue}let l=await this.db.select().from(t).where(Ot(on(this.getCol(t,"id"),u.instance_id),on(this.getCol(t,"status"),"active"))).limit(1),S=l[0]?Mr(l[0]):void 0;if(!S)continue;if(S.current_step_order!==u.step_order)continue;let $=await this.db.select().from(o).where(on(this.getCol(o,"id"),S.flow_id)).limit(1),E=$[0]?Mr($[0]):void 0;if(!E)continue;let U;if(c&&u.step_node_id){let H=(await this.db.select().from(c).where(Ot(on(this.getCol(c,"flowId"),S.flow_id),on(this.getCol(c,"nodeId"),u.step_node_id))).limit(1))[0];if(H?.name)U=H.name}g.push({instance_id:S.id,entity_name:u.entity_name,entity_id:u.entity_id,flow_name:E.name,step_order:u.step_order,step_name:U,require_signature:u.require_signature,created_at:u.created_at})}return g}}var _f=b(()=>{uw()});var lf=b(()=>{Xa();Bu();vs();ps();qu();Ku();Tu();cf();af();dw();_f()});import{access as CR,mkdir as R$}from"fs/promises";import{dirname as H$,resolve as gw}from"path";var Xi,wf,Ln=(n)=>{if(!n||typeof n!=="string")throw sr("INVALID_PATH","Path must be a non-empty string",n,"resolvePath");return gw(n)},ro=(n)=>{let r=Ln(n);return H$(r)},$t=async(n)=>{let r=gw(n);try{await R$(r,{recursive:!0})}catch(t){if(t.code!=="EEXIST")throw sr("DIRECTORY_CREATE_FAILED",`Failed to create directory: ${r}`,r,"ensureDirectory")}},bf=(n)=>{let r=n,t=0;while(r>=1024&&t<wf.length-1)r/=1024,t++;return`${r.toFixed(2)} ${wf[t]}`},mw=(n,r)=>{return n.toLowerCase().endsWith(r.toLowerCase())},gf=(n,r)=>{let t=r.startsWith(".")?r:`.${r}`;if(mw(n,t))return n;return`${n}${t}`},sr=(n,r,t,o)=>{return{code:n,message:r,path:t,operation:o||"unknown"}},de=(n)=>{try{return JSON.stringify(n,null,2)}catch{return"{}"}},mf=async(n,r,t=Xi.maxConcurrency)=>{let o=[];for(let c=0;c<n.length;c+=t){let i=n.slice(c,c+t),a=[];for(let s of i)a.push(r(s));let e=await Promise.allSettled(a);o.push(...e)}return o},ue=(n,r={})=>{let t=[],o=[],c=r.strict??!0;if(n.defaultEncoding!==void 0){if(!["utf-8","utf8","ascii","base64","hex"].includes(n.defaultEncoding))t.push(`Invalid defaultEncoding: ${n.defaultEncoding}`)}if(n.maxConcurrency!==void 0){if(!Number.isInteger(n.maxConcurrency)||n.maxConcurrency<1)t.push("maxConcurrency must be a positive integer");if(n.maxConcurrency>50)o.push("maxConcurrency > 50 may cause performance issues")}if(n.defaultCreateDir!==void 0&&typeof n.defaultCreateDir!=="boolean")t.push("defaultCreateDir must be a boolean");if(n.defaultRecursive!==void 0&&typeof n.defaultRecursive!=="boolean")t.push("defaultRecursive must be a boolean");if(c&&!r.allowUnknownKeys){let i=["defaultEncoding","defaultCreateDir","defaultRecursive","maxConcurrency"],a=Object.keys(n);for(let e of a)if(!i.includes(e))t.push(`Unknown configuration key: ${e}`)}return{isValid:t.length===0,errors:t,warnings:o}},$w=(n,r=Xi)=>{let t=ue(n);if(!t.isValid)throw sr("CONFIG_VALIDATION_FAILED",`Configuration validation failed: ${t.errors.join(", ")}`,void 0,"mergeConfig");return{...r,...n}},hw=(n)=>{let r=(i)=>({read:Boolean(i&4),write:Boolean(i&2),execute:Boolean(i&1)}),t=n>>6&7,o=n>>3&7,c=n&7;return{owner:r(t),group:r(o),others:r(c)}},Aw=(n)=>{return Number.isInteger(n)&&n>=0&&n<=511};var Yc=b(()=>{Xi={defaultEncoding:"utf-8",defaultCreateDir:!0,defaultRecursive:!0,maxConcurrency:5},wf=["B","KB","MB","GB","TB"]});import{copyFile as $f,rename as hf,unlink as z$}from"fs/promises";import{basename as Ew,dirname as Sw,extname as B$,join as U$}from"path";var we,W$=(n,r=".tmp")=>{let t=Ln(n),o=Date.now(),c=Math.random().toString(36).substring(2,8);return`${t}${r}.${o}.${c}`},Dw=(n,r,t=!0)=>{let o=Ln(n),c=r?Ln(r):Sw(o),i=Ew(o),a=B$(i),e=Ew(i,a),s=t?`.${new Date().toISOString().replace(/[:.]/g,"-")}`:"",f=`${e}.backup${s}${a}`;return U$(c,f)},Li=async({path:n,data:r,tempSuffix:t=we.tempSuffix,backup:o=we.backup,sync:c=we.sync})=>{let i=Ln(n),a=W$(i,t),e;try{if(await $t(ro(i)),o){if(await Bun.file(i).exists())e=Dw(i),await $f(i,e)}let s=await Bun.write(a,r);return await hf(a,i),{success:!0,bytesWritten:s,tempPath:a,backupPath:e}}catch(s){try{await z$(a)}catch{}throw sr("ATOMIC_WRITE_FAILED",`Atomic write failed: ${s}`,i,"atomicWrite")}},kw=async(n,r,t={})=>{let o=JSON.stringify(r,null,2);return Li({path:n,data:o,...t})},Af=async({sourcePath:n,backupDir:r,keepOriginal:t=!0,timestamp:o=we.timestamp})=>{let c=Ln(n);if(!await Bun.file(c).exists())throw sr("SOURCE_NOT_FOUND",`Source file not found: ${n}`,c,"createBackup");let a=Dw(c,r,o);if(await $t(Sw(a)),t)await $f(c,a);else await hf(c,a);return a},Ef=async(n,r,t=!1)=>{let o=Ln(n),c=Ln(r);if(!await Bun.file(o).exists())throw sr("BACKUP_NOT_FOUND",`Backup file not found: ${n}`,o,"restoreFromBackup");try{if(await $t(ro(c)),t)await hf(o,c);else await $f(o,c);return!0}catch(a){return console.error(`Error restoring from backup ${n}:`,a),!1}},Mw=async(n,r,t={})=>{let o=Ln(n),c=Bun.file(o),i;try{if(await c.exists())i=await Af({sourcePath:o,keepOriginal:!0,timestamp:!0});let a=await c.exists()?await c.text():"",e=await r(a),s=await Li({path:o,data:e,backup:!1,...t});return{success:s.success,bytesWritten:s.bytesWritten,tempPath:s.tempPath,backupPath:i}}catch(a){if(i)try{await Ef(i,o,!1)}catch(e){console.error("Rollback failed:",e)}throw a}},Rw=async(n)=>{let r=[],t=[];for(let o of n)try{let c=await Li(o);r.push(c)}catch(c){t.push({operation:o,error:c})}return{successful:r,failed:t}};var Hw=b(()=>{Yc();we={tempSuffix:".tmp",backup:!1,sync:!0,timestamp:!0}});import{chmod as V$,stat as Y$}from"fs/promises";var J$,Ro=async(n,r)=>{let t=Ln(n);if(!Aw(r))throw sr("INVALID_PERMISSION_MODE",`Invalid permission mode: ${r.toString(8)}`,t,"setFilePermissions");try{return await V$(t,r),!0}catch(o){return console.error(`Error setting permissions for ${n}:`,o),!1}},rc=async(n)=>{let r=Ln(n);try{let o=(await Y$(r)).mode&511,c=hw(o);return{path:r,mode:o,owner:c.owner,group:c.group,others:c.others}}catch(t){throw sr("PERMISSION_READ_FAILED",`Failed to read permissions: ${t}`,r,"getFilePermissions")}},zw=async(n,r)=>{try{return((await rc(n)).mode&r)===r}catch{return!1}},Bw=async(n)=>{let t=(await rc(n)).mode|256;return Ro(n,t)},Uw=async(n)=>{let t=(await rc(n)).mode|128;return Ro(n,t)},Ww=async(n)=>{let t=(await rc(n)).mode|64;return Ro(n,t)},Vw=async(n)=>{let t=(await rc(n)).mode&-147;return Ro(n,t)},Yw=async(n,r)=>{let t=J$[r];return Ro(n,t)};var Jw=b(()=>{Yc();J$={OWNER_READ_WRITE:384,OWNER_ALL:448,GROUP_READ:416,GROUP_READ_WRITE:432,ALL_READ:420,ALL_READ_WRITE:438,ALL_READ_EXECUTE:493,ALL_FULL:511,READ_ONLY:292,EXECUTABLE:493}});var X$,be=async(n,r={})=>{let t=Ln(n),o={...X$,...r};await $t(ro(t));let i=Bun.file(t).writer({highWaterMark:o.highWaterMark}),a=!1;return{write:(s)=>{if(a)throw sr("WRITER_CLOSED","Cannot write to closed writer",t,"streamWrite");try{let f=i.write(s);if(o.autoFlush)i.flush();return f}catch(f){throw sr("WRITE_FAILED",`Failed to write chunk: ${f}`,t,"streamWrite")}},flush:()=>{if(a)return 0;try{return i.flush()}catch(s){throw sr("FLUSH_FAILED",`Failed to flush writer: ${s}`,t,"streamFlush")}},end:async(s)=>{if(a)return 0;try{let f=await i.end(s);return a=!0,f}catch(f){throw a=!0,sr("END_FAILED",`Failed to end writer: ${f}`,t,"streamEnd")}},ref:()=>{if(!a)i.ref()},unref:()=>{if(!a)i.unref()}}},Sf=async(n,r,t={})=>{let o=await be(n,t),c=0;try{for(let i of r){let a=o.write(i);c+=a}return await o.flush(),await o.end(),c}catch(i){try{await o.end(i)}catch{}throw i}},Xw=async(n,r,t={})=>{let o=Ln(n),c=Bun.file(o),i=await c.exists()?await c.arrayBuffer():new ArrayBuffer(0),a=[];if(i.byteLength>0)a.push(i);return a.push(...r),Sf(o,a,t)},Lw=async(n,r,t={})=>{let o=Ln(n),c=Bun.file(o);if(!await c.exists())throw sr("SOURCE_NOT_FOUND",`Source file not found: ${n}`,o,"copyFileStream");let i=c.stream(),a=await be(r,t),e=0;try{let s=i.getReader();while(!0){let{done:f,value:d}=await s.read();if(f)break;let _=a.write(d);e+=_}return await a.flush(),await a.end(),e}catch(s){try{await a.end(s)}catch{}throw s}},Qw=async(n,r)=>{let t=Ln(n),o=Bun.file(t);if(!await o.exists())throw sr("FILE_NOT_FOUND",`File not found: ${n}`,t,"readFileStream");let i=o.stream().getReader();try{while(!0){let{done:a,value:e}=await i.read();if(a)break;await r(e)}}finally{i.releaseLock()}};var Gw=b(()=>{Yc();X$={highWaterMark:1048576,autoFlush:!0,closeOnEnd:!0}});import{readdir as L$,rm as Q$,rmdir as G$,stat as O$}from"fs/promises";import{extname as N$,join as x$}from"path";class Ho{static instance;config;constructor(){this.config={...Xi}}static getInstance(){if(!Ho.instance)Ho.instance=new Ho;return Ho.instance}async createFile({dir:n,name:r,data:t,options:o={}}){let c=Ln(x$(n,r));if(o.createDir!==!1)await $t(ro(c));let i=o.type?new Blob([t],{type:o.type}):t;return await Bun.write(c,i)}async createJsonFile(n,r,t){let o=gf(r,".json"),c=de(t);return this.createFile({dir:n,name:o,data:c,options:{type:"application/json"}})}async createDirectory({path:n}){await $t(n)}async readFile({path:n,format:r="text"}){let t=Ln(n),o=Bun.file(t);if(!await o.exists())throw sr("FILE_NOT_FOUND",`File not found: ${n}`,t,"readFile");switch(r){case"text":return await o.text();case"json":return await o.json();case"buffer":return await o.arrayBuffer();case"bytes":return await o.bytes();case"stream":return o.stream();default:return await o.text()}}async readJsonFile(n){return this.readFile({path:n,format:"json"})}async getFileInfo(n){let r=Ln(n),t=Bun.file(r),o=n.split("/").pop()||n,c=null;try{c=await O$(r)}catch{}return{name:o,path:r,size:t.size,type:t.type,exists:await t.exists(),extension:N$(o),createdAt:c?.birthtime,modifiedAt:c?.mtime}}async readDirectory({path:n,recursive:r=!1}){let t=Ln(n);return await L$(t,{recursive:r,encoding:"utf8"})}async getFilesByExtension(n,r){let t=await this.readDirectory({path:n}),o=r.startsWith(".")?r:`.${r}`;return t.filter((c)=>c.endsWith(o))}async updateFile({path:n,data:r,mode:t="overwrite"}){let o=Ln(n);if(t==="append"){let i=await this.readFile({path:n,format:"text"})+r;return await Bun.write(o,i)}return await Bun.write(o,r)}async updateJsonFile(n,r,t=!1){let o=r;if(t)try{let c=await this.readJsonFile(n);if(typeof c==="object"&&c!==null&&!Array.isArray(c)&&typeof r==="object"&&r!==null&&!Array.isArray(r))o={...c,...r}}catch{}return this.updateFile({path:n,data:de(o),mode:"overwrite"})}async appendToFile(n,r){return this.updateFile({path:n,data:r,mode:"append"})}async deleteFile(n){try{let r=Ln(n);return await Bun.file(r).delete(),!0}catch(r){return console.error(`Error deleting file ${n}:`,r),!1}}async deleteDirectory({path:n,recursive:r=!1}){try{let t=Ln(n);if(r)await Q$(t,{recursive:!0,force:!0});else await G$(t);return!0}catch(t){return console.error(`Error deleting directory ${n}:`,t),!1}}async deleteFiles(n){let r=await mf(n,async(c)=>{if(!await this.deleteFile(c))throw Error(`Failed to delete: ${c}`);return c}),t=[],o=[];for(let c=0;c<r.length;c++){let i=r[c],a=n[c];if(i?.status==="fulfilled")t.push(a||"");else o.push(a||"")}return{success:t,failed:o}}async exists(n){let r=Ln(n);return await Bun.file(r).exists()}async copyFile(n,r){let t=Ln(n),o=Ln(r),c=Bun.file(t);if(!await c.exists())throw sr("SOURCE_NOT_FOUND",`Source file not found: ${n}`,t,"copyFile");return await $t(ro(o)),await Bun.write(o,c)}async moveFile(n,r){try{return await this.copyFile(n,r),await this.deleteFile(n),!0}catch(t){return console.error(`Error moving file from ${n} to ${r}:`,t),!1}}getFormattedFileSize(n){return bf(n)}getConfig(){return{...this.config}}updateConfig(n){let r=ue(n);if(r.isValid){let t=$w(n,this.config);Object.assign(this.config,t)}return r}validateConfiguration(n){return ue(n)}async createStreamWriter(n,r={}){return be(n,r)}async writeStream(n,r,t={}){return Sf(n,r,t)}async appendStream(n,r,t={}){return Xw(n,r,t)}async copyFileStream(n,r,t={}){return Lw(n,r,t)}async readFileStream(n,r){return Qw(n,r)}async setPermissions(n,r){return Ro(n,r)}async setPermissionsAdvanced(n){return Ro(n.path,n.mode)}async getPermissions(n){return rc(n)}async checkPermissions(n,r){return zw(n,r)}async makeFileReadable(n){return Bw(n)}async makeFileWritable(n){return Uw(n)}async makeFileExecutable(n){return Ww(n)}async makeFileReadOnly(n){return Vw(n)}async setCommonPermission(n,r){return Yw(n,r)}async atomicWrite(n){return Li(n)}async atomicJsonWrite(n,r,t={}){return kw(n,r,t)}async createFileBackup(n){return Af(n)}async restoreFileFromBackup(n,r,t=!1){return Ef(n,r,t)}async safeFileUpdate(n,r,t={}){return Mw(n,r,t)}async batchAtomicOperations(n){return Rw(n)}}var Df=b(()=>{Hw();Jw();Gw();Yc()});var Nt;var ge=b(()=>{Df();Yc();Df();Nt=Ho.getInstance()});import{Pool as $7}from"pg";var Ow=()=>{};var Nw=b(()=>{Qs();ge();Ow();no()});function Mf(n,r){let t=(n.get("cookie")?.split(";")||[]).reduce((o,c)=>{let[i,a]=c.trim().split("=");if(i&&a)o[i]=a;return o},{});return{access_token:t[r.access_token]||n.get("authorization")?.split(" ")[1],refresh_token:t[r.refresh_token],session_token:t[r.session_token]}}function Rf(n){if(!n.redis){console.log("Redis not configured, skipping");return}if(n.redis.withDapr){kf=new er({withDapr:!0,stateStoreName:n.redis.stateStoreName});return}let r=n.redis.url?process.env[n.redis.url]:void 0,t=n.redis.host?process.env[n.redis.host]:void 0,o=n.redis.port?parseInt(process.env[n.redis.port]||"",10):void 0;kf=new er({url:r,host:t,port:Number.isNaN(o)?void 0:o})}function me(){return kf}function pr(n){if(typeof n==="number")return n;if(!n||n.trim()==="")throw Error("Time string cannot be empty");let r=n.trim().match(/^(\d+(?:\.\d+)?)\s*([smhdwMy])$/);if(!r||!r[1]||!r[2])throw Error(`Invalid time format: "${n}". Expected format: "75s", "10m", "2h", "1d", "1w", "2M", "1y"`);let t=parseFloat(r[1]),o=r[2],i={s:1,m:60,h:3600,d:86400,w:604800,M:2592000,y:31536000}[o];if(i===void 0)throw Error(`Unknown time unit: "${o}"`);let a=Math.floor(t*i);if(a<=0)throw Error(`Time value must be positive: "${n}"`);return a}function Pw({sessionData:n,options:r,refreshTokenId:t,roles:o,claims:c}){let i=r.authentication?.accessToken?.secret;if(!i)throw Error("Access token secret env name is not configured");let a=process.env[i];if(!a)throw Error(`Access token secret env "${i}" is not set`);return zi({subject:n.userId,issuer:r.authentication?.accessToken?.issuer,audience:r.authentication?.accessToken?.audience,algorithm:r.authentication?.accessToken?.algorithm,expiresInSeconds:pr(r.authentication?.accessToken?.expiresIn??"15m"),sessionId:n.id,customClaims:{refreshTokenId:t,...o&&o.length>0?{roles:o}:{},...c&&c.length>0?{claims:c}:{}}},a)}function ht(n,r){return n?{entityName:n.entity_name,entityId:n.entity_id===" - "?null:n.entity_id,operation:n.operation_type,userId:n.user_id==="unknown"?null:n.user_id,summary:r,ipAddress:n.ip_address,userAgent:n.user_agent,path:n.path,query:n.query}:void 0}function P$(n){let r={},t={};for(let[o,c]of Object.entries(n)){let i=o.match(/^(\w+)\[\d*\]\[(\w+)\]$/),a=i?.[1],e=i?.[2];if(a&&e){if(!t[a])t[a]={};let s=t[a];if(!s[e])s[e]=[];let f=s[e];if(Array.isArray(c))for(let d of c)f.push(d);else f.push(c)}else r[o]=c}for(let[o,c]of Object.entries(t)){let i=Object.keys(c);if(i.length===0)continue;let a=Math.max(...i.map((s)=>(c[s]||[]).length)),e=[];for(let s=0;s<a;s++){let f={};for(let d of i)f[d]=(c[d]||[])[s];e.push(f)}r[o]=e}return r}function Hf(n){let r=P$(n),t=(a)=>{if(a===void 0||a===null)return;if(typeof a==="object")return a;if(typeof a==="string")try{return JSON.parse(a)}catch{return}return},o=r.page?parseInt(r.page,10):1,c=r.limit?parseInt(r.limit,10):20,i=r.offset?parseInt(r.offset,10):(o-1)*c;return{page:o,limit:c,offset:i,search:r.search,searchFields:r.searchFields?r.searchFields.split(","):void 0,filters:t(r.filters),sort:t(r.sort),select:r.select?r.select.split(","):void 0,with:t(r.with),distinct:r.distinct==="true",distinctOn:r.distinctOn?r.distinctOn.split(","):void 0}}function Cw(n,r,t,o){let c=Math.ceil(o/r),i=n<c,a=n>1;return{page:n,limit:r,offset:t,totalItems:o,totalPages:c,hasNextPage:i,hasPrevPage:a,nextPage:i?n+1:null,prevPage:a?n-1:null}}function F$(n){let r=["varchar","char","text","uuid","citext","bit","varbit"],t=["integer","smallint","bigint","serial","smallserial","bigserial","real","doublePrecision","numeric","decimal"],o=["boolean"];if(r.includes(n))return(c)=>({valid:typeof c==="string",expectedType:"string"});if(t.includes(n))return(c)=>({valid:typeof c==="number",expectedType:"number"});if(o.includes(n))return(c)=>({valid:typeof c==="boolean",expectedType:"boolean"});if(n==="json"||n==="jsonb")return(c)=>({valid:typeof c==="object",expectedType:"object"});return()=>({valid:!0,expectedType:"any"})}function zo(n,r,t=!1){let o=[];for(let c of r){let i=n[c.name]??n[c.name.replace(/_([a-z])/g,(s,f)=>f.toUpperCase())],a=c.notNull&&!c.nullable&&c.default===void 0&&!c.defaultRaw;if(i===void 0||i===null){if(a&&!t)o.push({field:c.name,message:c.validation?.customMessage||`${c.name} is required`});continue}let e=F$(c.type)(i);if(!e.valid){o.push({field:c.name,message:c.validation?.customMessage||`${c.name} must be of type ${e.expectedType}`});continue}if(typeof i==="string"){let s=i.length;if(c.length&&s>c.length)o.push({field:c.name,message:c.validation?.customMessage||`${c.name} exceeds max length of ${c.length}`});if(c.validation?.minLength&&s<c.validation.minLength)o.push({field:c.name,message:c.validation.customMessage||`${c.name} must be at least ${c.validation.minLength} characters`});if(c.validation?.maxLength&&s>c.validation.maxLength)o.push({field:c.name,message:c.validation.customMessage||`${c.name} must be at most ${c.validation.maxLength} characters`});if(c.validation?.pattern){if(!new RegExp(c.validation.pattern).test(i))o.push({field:c.name,message:c.validation.customMessage||`${c.name} does not match required pattern`})}if(c.validation?.format){let f=C$[c.validation.format];if(f&&!f.test(i))o.push({field:c.name,message:c.validation.customMessage||`${c.name} must be a valid ${c.validation.format}`})}}if(typeof i==="number"){if(c.validation?.min!==void 0&&i<c.validation.min)o.push({field:c.name,message:c.validation.customMessage||`${c.name} must be at least ${c.validation.min}`});if(c.validation?.max!==void 0&&i>c.validation.max)o.push({field:c.name,message:c.validation.customMessage||`${c.name} must be at most ${c.validation.max}`})}if(c.enumValues&&c.enumValues.length>0){if(!c.enumValues.includes(i))o.push({field:c.name,message:c.validation?.customMessage||`${c.name} must be one of: ${c.enumValues.join(", ")}`})}}return{valid:o.length===0,errors:o}}function q$(n){return n.replace(/[&<>"'`=/]/g,(r)=>j$[r]||r)}function K$(n){return n.replace(/<[^>]*>/g,"")}function v$(n){let r=n.split("@"),t=r[0],o=r[1];if(!t||!o)return n;let c=t.split("+")[0];if(!c)return n;return`${c.replace(/\./g,"")}@${o.toLowerCase()}`}function Z$(n){return n.toLowerCase().trim().replace(/[^\w\s-]/g,"").replace(/[\s_-]+/g,"-").replace(/^-+|-+$/g,"")}function I$(n,r){if(n===null||n===void 0)return n;switch(r){case"trim":return typeof n==="string"?n.trim():n;case"lowercase":return typeof n==="string"?n.toLowerCase():n;case"uppercase":return typeof n==="string"?n.toUpperCase():n;case"escapeHtml":return typeof n==="string"?q$(n):n;case"stripTags":return typeof n==="string"?K$(n):n;case"normalizeEmail":return typeof n==="string"?v$(n):n;case"toNumber":if(typeof n==="number")return n;if(typeof n==="string"){let t=Number(n);return Number.isNaN(t)?n:t}return n;case"toBoolean":if(typeof n==="boolean")return n;if(typeof n==="string"){let t=n.toLowerCase();if(t==="true"||t==="1"||t==="yes")return!0;if(t==="false"||t==="0"||t==="no")return!1}if(typeof n==="number")return n!==0;return n;case"slugify":return typeof n==="string"?Z$(n):n;default:return n}}function Bo(n,r){let t={},o=(c)=>c.replace(/_([a-z])/g,(i,a)=>a.toUpperCase());for(let c of Object.keys(n)){let i=n[c],a=c.replace(/[A-Z]/g,(f)=>`_${f.toLowerCase()}`),e=r.find((f)=>f.name===c||f.name===a);if(e?.sanitize&&e.sanitize.length>0)for(let f of e.sanitize)i=I$(i,f);if(e&&(e.type==="timestamp"||e.type==="timestamptz"||e.type==="date")&&typeof i==="string"){let f=new Date(i);if(!Number.isNaN(f.getTime()))i=f}let s=c.includes("_")?o(c):c;t[s]=i}return t}async function Fw(n,r,t){let o=new er,c=`${y$}${n}`,i=`${p$}${n}:${r}`,a=await o.read(i);if(a.success&&a.data)return{success:!0,accessToken:a.data,fromCache:!0};let e=await o.acquireLock(c,T$);if(!e.success)return{success:!1,error:e.error};if(e.data)try{let _=t();return await o.create(i,_,xw),{success:!0,accessToken:_,fromCache:!1}}finally{await o.releaseLock(c)}let s=await o.waitForLock(c,nh,50);if(!s.success)return{success:!1,error:s.error};if(!s.data)return{success:!1,error:"Lock wait timeout"};let f=await o.read(i);if(f.success&&f.data)return{success:!0,accessToken:f.data,fromCache:!0};let d=t();return await o.create(i,d,xw),{success:!0,accessToken:d,fromCache:!1}}function jw(n){let r=[],t={};if(n.database?.url){let o=process.env[n.database.url];if(!o)r.push({field:"database.url",envName:n.database.url,message:`Environment variable "${n.database.url}" is not set. Please set it in your .env file.`});else t.databaseUrl=o}if(n.redis&&!n.redis.withDapr)if(n.redis.url){let o=process.env[n.redis.url];if(!o)r.push({field:"redis.url",envName:n.redis.url,message:`Environment variable "${n.redis.url}" is not set. Please set it in your .env file.`});else t.redisUrl=o}else{if(n.redis.host){if(!process.env[n.redis.host])r.push({field:"redis.host",envName:n.redis.host,message:`Environment variable "${n.redis.host}" is not set. Please set it in your .env file.`})}if(n.redis.port){if(!process.env[n.redis.port])r.push({field:"redis.port",envName:n.redis.port,message:`Environment variable "${n.redis.port}" is not set. Please set it in your .env file.`})}}if(n.authentication?.enabled){if(!n.authentication.mode)r.push({field:"authentication.mode",envName:"",message:'authentication.mode is required when authentication is enabled. Use "full" for IDP/standalone services, "consumer" for resource servers.'});if(n.authentication.accessToken?.secret){let c=process.env[n.authentication.accessToken.secret];if(!c)r.push({field:"authentication.accessToken.secret",envName:n.authentication.accessToken.secret,message:`Environment variable "${n.authentication.accessToken.secret}" is not set. Please set it in your .env file.`});else t.accessTokenSecret=c}else r.push({field:"authentication.accessToken.secret",envName:"",message:"authentication.accessToken.secret is required when authentication is enabled."});let o=n.authentication.mode==="consumer";if(n.authentication.refreshToken?.secret){let c=process.env[n.authentication.refreshToken.secret];if(!c)r.push({field:"authentication.refreshToken.secret",envName:n.authentication.refreshToken.secret,message:`Environment variable "${n.authentication.refreshToken.secret}" is not set. Please set it in your .env file.`});else t.refreshTokenSecret=c}else if(!o)r.push({field:"authentication.refreshToken.secret",envName:"",message:"authentication.refreshToken.secret is required when authentication is enabled."});if(n.authentication.sessionToken?.secret){let c=process.env[n.authentication.sessionToken.secret];if(!c)r.push({field:"authentication.sessionToken.secret",envName:n.authentication.sessionToken.secret,message:`Environment variable "${n.authentication.sessionToken.secret}" is not set. Please set it in your .env file.`});else t.sessionTokenSecret=c}else if(!o)r.push({field:"authentication.sessionToken.secret",envName:"",message:"authentication.sessionToken.secret is required when authentication is enabled."})}if(n.authentication?.oauth?.enabled&&n.authentication.oauth.providers){let o={};for(let[c,i]of Object.entries(n.authentication.oauth.providers)){if(!i)continue;let{clientId:a,clientSecret:e,redirectUri:s}=i,f=process.env[a],d=process.env[e],_=process.env[s]??s;if(!f)r.push({field:`authentication.oauth.providers.${c}.clientId`,envName:a,message:`Environment variable "${a}" is not set (OAuth ${c} clientId).`});if(!d)r.push({field:`authentication.oauth.providers.${c}.clientSecret`,envName:e,message:`Environment variable "${e}" is not set (OAuth ${c} clientSecret).`});if(f&&d)o[c]={clientId:f,clientSecret:d,redirectUri:_,scopes:i.scopes,authorizationUrl:i.authorizationUrl,tokenUrl:i.tokenUrl,userInfoUrl:i.userInfoUrl,extraAuthParams:i.extraAuthParams}}if(Object.keys(o).length>0)t.oauthProviders=o}return{valid:r.length===0,errors:r,resolved:t}}async function qw(n,r){let{Pool:t}=await import("pg"),c=new URL(n).pathname.replace("/","");if(!c)return;let i=new URL(n);i.pathname="/postgres";let a=new t({connectionString:i.toString()});try{if((await a.query("SELECT 1 FROM pg_database WHERE datname = $1",[c])).rowCount===0)r.info(`[Database] Creating database "${c}"...`),await a.query(`CREATE DATABASE "${c}" TEMPLATE template0`),r.info(`[Database] Database "${c}" created successfully`);else r.info(`[Database] Database "${c}" exists`)}catch(e){let s=e instanceof Error?e.message:String(e);r.warn(`[Database] Could not auto-create database: ${s}`)}finally{await a.end()}}var kf=null,C$,j$,p$="access_token:",y$="refresh_lock:",T$=5,nh=3000,xw=60;var Qi=b(()=>{Nw();lf();C$={email:/^[^\s@]+@[^\s@]+\.[^\s@]+$/,url:/^https?:\/\/.+/,uuid:/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i,date:/^\d{4}-\d{2}-\d{2}$/,datetime:/^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}/,time:/^\d{2}:\d{2}:\d{2}$/,uri:/^[a-z][a-z0-9+.-]*:/i,ipv4:/^(\d{1,3}\.){3}\d{1,3}$/,ipv6:/^([0-9a-f]{1,4}:){7}[0-9a-f]{1,4}$/i};j$={"&":"&amp;","<":"&lt;",">":"&gt;",'"':"&quot;","'":"&#x27;","/":"&#x2F;","`":"&#96;","=":"&#x3D;"}});import $e from"path";import rh,{t as he}from"elysia";function zf(n){if(!n)return tc;return{enabled:n.enabled??tc.enabled,basePath:n.basePath??tc.basePath,cacheMaxAge:n.cacheMaxAge??tc.cacheMaxAge,enableRangeRequests:n.enableRangeRequests??tc.enableRangeRequests,enableEtag:n.enableEtag??tc.enableEtag,corsOrigins:n.corsOrigins??tc.corsOrigins}}function th(n){let r=["image/","video/","audio/","text/","application/pdf"];for(let t of r)if(n.startsWith(t)||n===t)return"inline";return"attachment"}function oh(n){return n.replace(/[^A-Za-z0-9._-]+/g,"_").replace(/_{2,}/g,"_").slice(0,200)}function Bf(n){let{cdn:r,storagePath:t,logger:o,getFileRecord:c}=n,i=new rh({prefix:r.basePath});if(!r.enabled)return i;return i.get("/:id",async({params:a,request:e,set:s})=>{let{id:f}=a,d=e.headers.get("x-schema-name")||void 0,_,w,g;if(c){let h=await c(f,d);if(!h)return s.status=404,{success:!1,message:"File not found"};_=$e.join(h.path,h.name),w=h.name,g=h.mimeType||h.mime_type||"application/octet-stream"}else _=$e.join(t,f),w=f,g="application/octet-stream";if(!await Nt.exists(_))return s.status=404,{success:!1,message:"Physical file not found"};let m=await Nt.getFileInfo(_),l=new Date(m.modifiedAt||Date.now()).toUTCString(),S=r.enableEtag?`"${m.size}-${m.modifiedAt?.getTime()||Date.now()}"`:void 0,$={"Cache-Control":`public, max-age=${r.cacheMaxAge}`,"Last-Modified":l};if(S)$.ETag=S;if(r.corsOrigins.length>0)$["Access-Control-Allow-Origin"]=r.corsOrigins[0]==="*"?"*":r.corsOrigins.join(", "),$["Access-Control-Allow-Methods"]="GET, HEAD, OPTIONS";let E=e.headers.get("if-none-match");if(S&&E===S)return new Response(null,{status:304,headers:$});let U=Bun.file(_),W=e.headers.get("range");if(r.enableRangeRequests&&W){let h=W.match(/bytes=(\d*)-(\d*)/);if(!h)return s.status=416,new Response("Range not satisfiable",{status:416,headers:{"Content-Range":`bytes */${m.size}`,"Content-Type":g,...$}});let R=h[1]||"0",B=h[2]||"",Y=parseInt(R,10),X=B?parseInt(B,10):m.size-1;if(Y>=m.size||X>=m.size||Y>X)return new Response("Range not satisfiable",{status:416,headers:{"Content-Range":`bytes */${m.size}`,"Content-Type":g,...$}});let z=X-Y+1,J=U.slice(Y,X+1);return new Response(J,{status:206,headers:{"Content-Range":`bytes ${Y}-${X}/${m.size}`,"Accept-Ranges":"bytes","Content-Length":z.toString(),"Content-Type":g,...$}})}let H=th(g),k=oh(w),D=encodeURIComponent(w),A=`${H}; filename="${k}"; filename*=UTF-8''${D}`;return new Response(U,{status:200,headers:{"Content-Length":m.size.toString(),"Content-Type":g,"Accept-Ranges":r.enableRangeRequests?"bytes":"none","Content-Disposition":A,...$}})},{params:he.Object({id:he.String()}),detail:{tags:["CDN"],summary:"Get file by ID",description:"Serve file with streaming, range requests, and caching support"}}),i.head("/:id",async({params:a,request:e,set:s})=>{let{id:f}=a,d=e.headers.get("x-schema-name")||void 0,_,w;if(c){let $=await c(f,d);if(!$)return s.status=404,new Response(null,{status:404});_=$e.join($.path,$.name),w=$.mime_type||"application/octet-stream"}else _=$e.join(t,f),w="application/octet-stream";if(!await Nt.exists(_))return s.status=404,new Response(null,{status:404});let u=await Nt.getFileInfo(_),m=new Date(u.modifiedAt||Date.now()).toUTCString(),l=r.enableEtag?`"${u.size}-${u.modifiedAt?.getTime()||Date.now()}"`:void 0,S={"Content-Length":u.size.toString(),"Content-Type":w,"Accept-Ranges":r.enableRangeRequests?"bytes":"none","Cache-Control":`public, max-age=${r.cacheMaxAge}`,"Last-Modified":m};if(l)S.ETag=l;if(r.corsOrigins.length>0)S["Access-Control-Allow-Origin"]=r.corsOrigins[0]==="*"?"*":r.corsOrigins.join(", "),S["Access-Control-Allow-Methods"]="GET, HEAD, OPTIONS";return new Response(null,{status:200,headers:S})},{params:he.Object({id:he.String()}),detail:{tags:["CDN"],summary:"Get file metadata",description:"Get file headers without body for preflight checks"}}),o.info(`[CDN] Routes enabled at ${r.basePath}`),i}var tc;var Kw=b(()=>{ge();tc={enabled:!0,basePath:"/cdn",cacheMaxAge:86400,enableRangeRequests:!0,enableEtag:!0,corsOrigins:["*"]}});import{randomUUID as ch}from"crypto";import Uf from"path";function Gi(n){if(!n)return to;return{enabled:n.enabled??to.enabled,basePath:n.basePath??to.basePath,maxFileSizeBytes:n.maxFileSizeBytes??to.maxFileSizeBytes,allowedMimeTypes:n.allowedMimeTypes??to.allowedMimeTypes,blockedMimeTypes:n.blockedMimeTypes??to.blockedMimeTypes,formData:{filesField:n.formData?.filesField??to.formData.filesField,dataField:n.formData?.dataField??to.formData.dataField,maxFiles:n.formData?.maxFiles??to.formData.maxFiles}}}function Oi(n,r){let t={data:{},files:[]};if(!n||typeof n!=="object")return t;let o=n,c=o[r.formData.dataField];if(c){if(typeof c==="string")try{t.data=JSON.parse(c)}catch{t.data={}}else if(typeof c==="object")t.data=c}let i=o[r.formData.filesField];if(i){if(i instanceof File)t.files=[i];else if(Array.isArray(i))t.files=i.filter((a)=>a instanceof File)}return t}function Wf(n,r){if(n.size>r.maxFileSizeBytes)return{valid:!1,error:`File ${n.name} exceeds maximum size of ${r.maxFileSizeBytes} bytes`};if(r.blockedMimeTypes.length>0&&r.blockedMimeTypes.includes(n.type))return{valid:!1,error:`File type ${n.type} is not allowed`};if(r.allowedMimeTypes.length>0&&!r.allowedMimeTypes.includes(n.type))return{valid:!1,error:`File type ${n.type} is not in allowed list`};return{valid:!0}}async function Vf(n,r,t){let o=ch(),c=Uf.extname(n.name),i=`${o}${c}`,a=t?Uf.join(r.basePath,t):r.basePath,e=await n.arrayBuffer(),s=new Uint8Array(e);return await Nt.createFile({dir:a,name:i,data:s,options:{type:n.type,createDir:!0}}),{id:o,name:i,originalName:n.name,path:a,mimeType:n.type,size:n.size,createdAt:new Date}}async function Ni(n,r,t){let o=[],c=[];for(let i of n.slice(0,r.formData.maxFiles)){let a=Wf(i,r);if(!a.valid){c.push({file:i.name,error:a.error||"Unknown error"});continue}try{let e=await Vf(i,r,t);o.push(e)}catch(e){c.push({file:i.name,error:e instanceof Error?e.message:"Upload failed"})}}return{success:o,failed:c}}async function vw(n,r){try{let t=Uf.join(n,r);return await Nt.deleteFile(t)}catch{return!1}}var to;var Zw=b(()=>{ge();to={enabled:!1,basePath:"./uploads",maxFileSizeBytes:104857600,allowedMimeTypes:[],blockedMimeTypes:["application/x-executable","application/x-msdos-program"],formData:{filesField:"files",dataField:"data",maxFiles:10}}});var Iw={};ho(Iw,{validateFile:()=>Wf,uploadFiles:()=>Ni,uploadFile:()=>Vf,parseFormDataBody:()=>Oi,mergeStorageConfig:()=>Gi,mergeCdnConfig:()=>zf,deleteFile:()=>vw,createCdnRoutes:()=>Bf});var Ae=b(()=>{Kw();Zw()});import{eq as Zf,sql as ao}from"drizzle-orm";import{Elysia as y3,t as If}from"elysia";function ze(n,r="public"){let{db:t,logger:o,usersTable:c}=n,i=new y3;return i.post("/auth/admin/change-user-id",async(a)=>{if(!t||!c)return{success:!1,message:"Database not configured"};let e=a.request.headers.get("x-user-id");if(!e)return a.set.status=401,{success:!1,message:"Unauthorized"};let f=(await t.select().from(c).where(Zf(c.id,e)).limit(1))[0];if(!f||!f.isGod)return a.set.status=403,{success:!1,message:"Forbidden: godmin privileges required"};let{currentId:d,newId:_}=a.body;if(!d||!_)return a.set.status=400,{success:!1,message:"currentId and newId are required"};if(d===_)return a.set.status=400,{success:!1,message:"New ID must be different from current ID"};if(!/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i.test(_))return a.set.status=400,{success:!1,message:"newId must be a valid UUID"};let u=(await t.select().from(c).where(Zf(c.id,d)).limit(1))[0];if(!u)return a.set.status=404,{success:!1,message:"User not found"};if((await t.select().from(c).where(Zf(c.id,_)).limit(1)).length>0)return a.set.status=409,{success:!1,message:"A user with this ID already exists"};try{let l=await t.execute(ao`
+		`}getActiveAlerts(){return Array.from(this.state.activeAlerts.values())}acknowledgeAlert(n){for(let[r,t]of this.state.activeAlerts)if(t.id===n)return t.acknowledged=!0,!0;return!1}clearAlert(n){this.state.activeAlerts.delete(n)}}class Ts{config;requestCount=0;responseTimes=[];errorCount=0;rateLimitBlocks=0;byEndpoint={};byMethod={};byStatus={};byErrorType={};lastCollectTime=Date.now();constructor(n){this.config=n}recordRequest(n){if(!this.config?.enabled)return;if(this.requestCount++,this.config.metrics?.responseTime!==!1){if(this.responseTimes.push(n.responseTimeMs),this.responseTimes.length>1e4)this.responseTimes=this.responseTimes.slice(-5000)}if(this.config.metrics?.requests!==!1)this.byEndpoint[n.endpoint]=(this.byEndpoint[n.endpoint]||0)+1,this.byMethod[n.method]=(this.byMethod[n.method]||0)+1,this.byStatus[String(n.status)]=(this.byStatus[String(n.status)]||0)+1;if(this.config.metrics?.errors!==!1&&n.isError){if(this.errorCount++,n.errorType)this.byErrorType[n.errorType]=(this.byErrorType[n.errorType]||0)+1}}recordRateLimitBlock(){if(!this.config?.enabled||this.config.metrics?.rateLimits===!1)return;this.rateLimitBlocks++}collect(){if(!this.config?.enabled)return null;let r=(Date.now()-this.lastCollectTime)/1000/60,t=r>0?Math.round(this.requestCount/r):0,o=r>0?Math.round(this.rateLimitBlocks/r):0,c=[...this.responseTimes].sort((e,s)=>e-s),i=c.length;return{requests:{total:this.requestCount,perMinute:t,byEndpoint:{...this.byEndpoint},byMethod:{...this.byMethod},byStatus:{...this.byStatus}},responseTime:{avg:i>0?Math.round(c.reduce((e,s)=>e+s,0)/i*100)/100:0,min:i>0?c[0]??0:0,max:i>0?c[i-1]??0:0,p50:i>0?c[Math.floor(i*0.5)]??0:0,p95:i>0?c[Math.floor(i*0.95)]??0:0,p99:i>0?c[Math.floor(i*0.99)]??0:0},errors:{total:this.errorCount,rate:this.requestCount>0?Math.round(this.errorCount/this.requestCount*100*100)/100:0,byType:{...this.byErrorType}},rateLimits:{blocked:this.rateLimitBlocks,blockedPerMinute:o}}}reset(){this.requestCount=0,this.responseTimes=[],this.errorCount=0,this.rateLimitBlocks=0,this.byEndpoint={},this.byMethod={},this.byStatus={},this.byErrorType={},this.lastCollectTime=Date.now()}getRequestsPerMinute(){let n=(Date.now()-this.lastCollectTime)/1000/60;return n>0?Math.round(this.requestCount/n):0}getErrorRate(){return this.requestCount>0?this.errorCount/this.requestCount*100:0}getRateLimitBlocksPerMinute(){let n=(Date.now()-this.lastCollectTime)/1000/60;return n>0?Math.round(this.rateLimitBlocks/n):0}getAvgResponseTime(){if(this.responseTimes.length===0)return 0;return this.responseTimes.reduce((n,r)=>n+r,0)/this.responseTimes.length}}import*as vu from"fs";import*as Mo from"os";class nf{config;lastCpuInfo=null;constructor(n){this.config=n}async collect(){if(!this.config?.enabled)return null;let n={cpu:{usage:0,cores:0},memory:{total:0,used:0,free:0,usagePercent:0,heapUsed:0,heapTotal:0},disk:{total:0,used:0,free:0,usagePercent:0},network:{bytesIn:0,bytesOut:0},process:{uptime:0,pid:0,eventLoopLag:0}};if(this.config.metrics?.cpu!==!1)n.cpu=this.collectCpu();if(this.config.metrics?.memory!==!1)n.memory=this.collectMemory();if(this.config.metrics?.disk!==!1)n.disk=await this.collectDisk();if(this.config.metrics?.network)n.network=this.collectNetwork();if(this.config.metrics?.process!==!1)n.process=await this.collectProcess();return n}collectCpu(){let n=Mo.cpus(),r=n.length,t=0,o=0;for(let i of n)t+=i.times.idle,o+=i.times.user+i.times.nice+i.times.sys+i.times.idle+i.times.irq;let c=0;if(this.lastCpuInfo){let i=t-this.lastCpuInfo.idle,a=o-this.lastCpuInfo.total;c=a>0?Math.round((1-i/a)*100*100)/100:0}return this.lastCpuInfo={idle:t,total:o},{usage:c,cores:r}}collectMemory(){let n=Mo.totalmem(),r=Mo.freemem(),t=n-r,o=Math.round(t/n*100*100)/100,c=process.memoryUsage();return{total:n,used:t,free:r,usagePercent:o,heapUsed:c.heapUsed,heapTotal:c.heapTotal}}async collectDisk(){try{let n=vu.statfsSync("/"),r=n.blocks*n.bsize,t=n.bfree*n.bsize,o=r-t,c=Math.round(o/r*100*100)/100;return{total:r,used:o,free:t,usagePercent:c}}catch{return{total:0,used:0,free:0,usagePercent:0}}}collectNetwork(){let n=Mo.networkInterfaces(),r=0,t=0;for(let o in n){let c=n[o];if(c){for(let i of c)if(!i.internal)r+=0,t+=0}}return{bytesIn:r,bytesOut:t}}async collectProcess(){let n=process.uptime(),r=process.pid,t=Date.now(),o=await new Promise((c)=>{setImmediate(()=>{c(Date.now()-t)})});return{uptime:n,pid:r,eventLoopLag:o}}}var Zu=()=>{};import{randomUUID as Iu}from"crypto";import*as pu from"os";class ae{store;memoryInterval=null;cpuInterval=null;lastCpuInfo=null;isRunning=!1;constructor(n){let r={...h$,...n};this.store={requests:[],configs:{logMemory:r.logMemory,logCpu:r.logCpu,logDapr:r.logDapr,logWebSocket:r.logWebSocket,cpuLogInterval:r.cpuLogInterval,memoryLogInterval:r.memoryLogInterval},logs:{memory:[],cpu:[],dapr:[],ws:[]},logLimits:{memory:r.memoryLogLimit,cpu:r.cpuLogLimit,dapr:r.daprLogLimit,ws:r.wsLogLimit,request:r.requestLogLimit},worker:{pid:process.pid,workerId:null,memory:null,cpu:null,updatedAt:Date.now()},allWorkers:[],daprEvents:[],wsEvents:[]}}start(){if(this.isRunning)return;if(this.isRunning=!0,this.store.configs.logMemory)this.startMemoryCollector();if(this.store.configs.logCpu)this.startCpuCollector()}stop(){if(!this.isRunning)return;if(this.isRunning=!1,this.memoryInterval)clearInterval(this.memoryInterval),this.memoryInterval=null;if(this.cpuInterval)clearInterval(this.cpuInterval),this.cpuInterval=null}startMemoryCollector(){if(this.memoryInterval)clearInterval(this.memoryInterval);let n=()=>{if(!this.store.configs.logMemory)return;let r=process.memoryUsage(),t={timestamp:Date.now(),rss:r.rss,heapUsed:r.heapUsed,heapTotal:r.heapTotal};if(this.store.logs.memory.push(t),this.store.logs.memory.length>this.store.logLimits.memory*2)this.store.logs.memory=this.store.logs.memory.slice(-this.store.logLimits.memory);this.store.worker.memory=t,this.store.worker.updatedAt=Date.now()};n(),this.memoryInterval=setInterval(n,this.store.configs.memoryLogInterval)}startCpuCollector(){if(this.cpuInterval)clearInterval(this.cpuInterval);let n=()=>{if(!this.store.configs.logCpu)return;let r=pu.cpus(),t=0,o=0,c=0,i=0;for(let f of r)t+=f.times.user,o+=f.times.sys,c+=f.times.idle,i+=f.times.user+f.times.nice+f.times.sys+f.times.idle+f.times.irq;let a=0,e=0;if(this.lastCpuInfo){let f=i-this.lastCpuInfo.total,d=c-this.lastCpuInfo.idle;if(f>0){let _=f-d;a=Math.round((t-0)/(_||1)*100*100)/100,e=Math.round((o-0)/(_||1)*100*100)/100;let w=Math.round((1-d/f)*100*100)/100;a=Math.round(w*0.7*100)/100,e=Math.round(w*0.3*100)/100}}this.lastCpuInfo={idle:c,total:i};let s={timestamp:Date.now(),user:a,system:e};if(this.store.logs.cpu.push(s),this.store.logs.cpu.length>this.store.logLimits.cpu*2)this.store.logs.cpu=this.store.logs.cpu.slice(-this.store.logLimits.cpu);this.store.worker.cpu=s,this.store.worker.updatedAt=Date.now()};n(),this.cpuInterval=setInterval(n,this.store.configs.cpuLogInterval)}recordRequest(n){if(this.store.requests.push(n),this.store.requests.length>this.store.logLimits.request*2)this.store.requests=this.store.requests.slice(-this.store.logLimits.request)}recordDaprEvent(n,r){if(!this.store.configs.logDapr)return;let t={id:Iu(),type:n,timestamp:Date.now(),...r};if(this.store.logs.dapr.push(t),this.store.daprEvents.push(t),this.store.logs.dapr.length>this.store.logLimits.dapr*2)this.store.logs.dapr=this.store.logs.dapr.slice(-this.store.logLimits.dapr);if(this.store.daprEvents.length>this.store.logLimits.dapr*2)this.store.daprEvents=this.store.daprEvents.slice(-this.store.logLimits.dapr)}recordWsEvent(n,r){if(!this.store.configs.logWebSocket)return;let t={id:Iu(),type:n,timestamp:Date.now(),...r};if(this.store.logs.ws.push(t),this.store.wsEvents.push(t),this.store.logs.ws.length>this.store.logLimits.ws*2)this.store.logs.ws=this.store.logs.ws.slice(-this.store.logLimits.ws);if(this.store.wsEvents.length>this.store.logLimits.ws*2)this.store.wsEvents=this.store.wsEvents.slice(-this.store.logLimits.ws)}getSnapshot(){return{memory:this.store.logs.memory.slice(-this.store.logLimits.memory),cpu:this.store.logs.cpu.slice(-this.store.logLimits.cpu),requests:this.store.requests.slice(-this.store.logLimits.request),dapr:this.store.logs.dapr.slice(-this.store.logLimits.dapr),ws:this.store.logs.ws.slice(-this.store.logLimits.ws),workers:this.store.allWorkers.length?this.store.allWorkers:[this.store.worker],logLimits:{...this.store.logLimits},configs:{...this.store.configs}}}getUpdatesSince(n){let r=this.store.logs.memory.filter((e)=>e.timestamp>n.memory),t=this.store.logs.cpu.filter((e)=>e.timestamp>n.cpu),o=this.store.requests.filter((e)=>e.timestamp>n.request),c=this.store.logs.dapr.filter((e)=>e.timestamp>n.dapr),i=this.store.logs.ws.filter((e)=>e.timestamp>n.ws);if(!(r.length>0||t.length>0||o.length>0||c.length>0||i.length>0))return null;return{memory:r,cpu:t,requests:o,dapr:c,ws:i,timestamp:Date.now()}}getLogs(){return{memory:this.store.logs.memory,cpu:this.store.logs.cpu,requests:this.store.requests,dapr:this.store.logs.dapr,ws:this.store.logs.ws,daprEvents:this.store.daprEvents,wsEvents:this.store.wsEvents,configs:{logMemory:this.store.configs.logMemory,logCpu:this.store.configs.logCpu,logDapr:this.store.configs.logDapr,logWebSocket:this.store.configs.logWebSocket},limits:{...this.store.logLimits}}}getSettings(){return{configs:{...this.store.configs},logLimits:{...this.store.logLimits}}}changeSettings(n){if(n.logMemory!==void 0)this.store.configs.logMemory=n.logMemory;if(n.logCpu!==void 0)this.store.configs.logCpu=n.logCpu;if(n.logDapr!==void 0)this.store.configs.logDapr=n.logDapr;if(n.logWebSocket!==void 0)this.store.configs.logWebSocket=n.logWebSocket;if(n.cpuLogInterval!==void 0){if(this.store.configs.cpuLogInterval=n.cpuLogInterval,this.isRunning&&this.store.configs.logCpu)this.startCpuCollector()}if(n.memoryLogInterval!==void 0){if(this.store.configs.memoryLogInterval=n.memoryLogInterval,this.isRunning&&this.store.configs.logMemory)this.startMemoryCollector()}if(n.memoryLogLimit!==void 0)this.store.logLimits.memory=n.memoryLogLimit;if(n.cpuLogLimit!==void 0)this.store.logLimits.cpu=n.cpuLogLimit;if(n.daprLogLimit!==void 0)this.store.logLimits.dapr=n.daprLogLimit;if(n.wsLogLimit!==void 0)this.store.logLimits.ws=n.wsLogLimit;if(n.requestLogLimit!==void 0)this.store.logLimits.request=n.requestLogLimit;return{message:"Settings updated successfully",configs:{...this.store.configs},logLimits:{...this.store.logLimits}}}getStore(){return this.store}isEnabled(){return this.isRunning}}var h$;var yu=b(()=>{h$={enabled:!0,logMemory:!0,logCpu:!0,logDapr:!0,logWebSocket:!0,memoryLogInterval:1000,cpuLogInterval:1000,memoryLogLimit:100,cpuLogLimit:100,daprLogLimit:100,wsLogLimit:100,requestLogLimit:100,streamInterval:150}});class rf{redis;logger;config;appId;flushToDb;systemCollector;applicationCollector;alertService;collectInterval=null;flushInterval=null;pendingMetrics=[];isRunning=!1;constructor(n){this.redis=n.redis,this.logger=n.logger,this.config=this.mergeConfig(n.config),this.appId=n.appId,this.flushToDb=n.flushToDb,this.systemCollector=new nf(this.config.system),this.applicationCollector=new Ts(this.config.application),this.alertService=new ie({logger:n.logger,gmail:n.gmail,config:this.config,appId:n.appId})}mergeConfig(n){return{enabled:n.enabled??Yn.enabled,system:{enabled:n.system?.enabled??Yn.system.enabled,collectInterval:n.system?.collectInterval??Yn.system.collectInterval,metrics:{cpu:n.system?.metrics?.cpu??Yn.system.metrics.cpu,memory:n.system?.metrics?.memory??Yn.system.metrics.memory,disk:n.system?.metrics?.disk??Yn.system.metrics.disk,network:n.system?.metrics?.network??Yn.system.metrics.network,process:n.system?.metrics?.process??Yn.system.metrics.process}},application:{enabled:n.application?.enabled??Yn.application.enabled,metrics:{requests:n.application?.metrics?.requests??Yn.application.metrics.requests,responseTime:n.application?.metrics?.responseTime??Yn.application.metrics.responseTime,errors:n.application?.metrics?.errors??Yn.application.metrics.errors,rateLimits:n.application?.metrics?.rateLimits??Yn.application.metrics.rateLimits}},database:{enabled:n.database?.enabled??Yn.database.enabled,metrics:{connections:n.database?.metrics?.connections??Yn.database.metrics.connections,queryTime:n.database?.metrics?.queryTime??Yn.database.metrics.queryTime,slowQueryThreshold:n.database?.metrics?.slowQueryThreshold??Yn.database.metrics.slowQueryThreshold}},redis:{enabled:n.redis?.enabled??Yn.redis.enabled},persistence:{enabled:n.persistence?.enabled??Yn.persistence.enabled,flushInterval:n.persistence?.flushInterval??Yn.persistence.flushInterval,retentionDays:n.persistence?.retentionDays??Yn.persistence.retentionDays},alerts:{enabled:n.alerts?.enabled??Yn.alerts.enabled,email:{enabled:n.alerts?.email?.enabled??Yn.alerts.email.enabled,recipients:n.alerts?.email?.recipients??Yn.alerts.email.recipients},thresholds:{cpuPercent:n.alerts?.thresholds?.cpuPercent??Yn.alerts.thresholds.cpuPercent,memoryPercent:n.alerts?.thresholds?.memoryPercent??Yn.alerts.thresholds.memoryPercent,diskPercent:n.alerts?.thresholds?.diskPercent??Yn.alerts.thresholds.diskPercent,errorRatePercent:n.alerts?.thresholds?.errorRatePercent??Yn.alerts.thresholds.errorRatePercent,responseTimeMs:n.alerts?.thresholds?.responseTimeMs??Yn.alerts.thresholds.responseTimeMs,rateLimitBlocksPerMinute:n.alerts?.thresholds?.rateLimitBlocksPerMinute??Yn.alerts.thresholds.rateLimitBlocksPerMinute},cooldown:n.alerts?.cooldown??Yn.alerts.cooldown}}}parseTimeToMs(n){let r=n.match(/^(\d+)(ms|s|m|h|d)$/);if(!r||!r[1]||!r[2])return 1e4;let t=parseInt(r[1],10);switch(r[2]){case"ms":return t;case"s":return t*1000;case"m":return t*60*1000;case"h":return t*60*60*1000;case"d":return t*24*60*60*1000;default:return 1e4}}start(){if(!this.config.enabled||this.isRunning)return;this.isRunning=!0,this.logger.info("[Monitoring] Starting monitoring service");let n=this.parseTimeToMs(this.config.system.collectInterval);if(this.collectInterval=setInterval(()=>{this.collect()},n),this.config.persistence.enabled&&this.flushToDb){let r=this.parseTimeToMs(this.config.persistence.flushInterval);this.flushInterval=setInterval(()=>{this.flush()},r)}this.collect()}stop(){if(!this.isRunning)return;if(this.isRunning=!1,this.logger.info("[Monitoring] Stopping monitoring service"),this.collectInterval)clearInterval(this.collectInterval),this.collectInterval=null;if(this.flushInterval)clearInterval(this.flushInterval),this.flushInterval=null;this.flush()}async collect(){let n=Date.now(),r={timestamp:n};if(this.config.system.enabled){let t=await this.systemCollector.collect();if(t)r.system=t,this.addMetricPoints("system",t,n)}if(this.config.application.enabled){let t=this.applicationCollector.collect();if(t)r.application=t,this.addMetricPoints("application",t,n)}if(await this.storeSnapshot(r),this.config.alerts.enabled)await this.alertService.checkAndAlert(r)}addMetricPoints(n,r,t){let o=(c,i="")=>{for(let a in c){let e=c[a],s=i?`${i}.${a}`:a;if(typeof e==="number")this.pendingMetrics.push({timestamp:t,metricType:n,metricName:s,value:e});else if(typeof e==="object"&&e!==null&&!Array.isArray(e))o(e,s)}};o(r)}async storeSnapshot(n){let r=`monitoring:${this.appId}:latest`;await this.redis.create(r,n,3600);let t=`monitoring:${this.appId}:history`,o=await this.redis.read(t),c=o.success&&o.data?o.data:[];c.push(n);let i=Date.now()-3600000,a=c.filter((e)=>e.timestamp>i);await this.redis.create(t,a,3600)}async flush(){if(this.pendingMetrics.length===0)return;if(!this.flushToDb)return;let n=[...this.pendingMetrics];this.pendingMetrics=[];try{await this.flushToDb(n),this.logger.debug(`[Monitoring] Flushed ${n.length} metrics to database`)}catch(r){this.logger.error(`[Monitoring] Failed to flush metrics: ${r}`),this.pendingMetrics=[...n,...this.pendingMetrics]}}recordRequest(n){if(!this.config.enabled||!this.config.application.enabled)return;this.applicationCollector.recordRequest(n)}recordRateLimitBlock(){if(!this.config.enabled||!this.config.application.enabled)return;this.applicationCollector.recordRateLimitBlock()}async getLatestSnapshot(){let n=`monitoring:${this.appId}:latest`,r=await this.redis.read(n);return r.success?r.data:null}async getHistory(n=60){let r=`monitoring:${this.appId}:history`,t=await this.redis.read(r);if(!t.success||!t.data)return[];let o=Date.now()-n*60000;return t.data.filter((c)=>c.timestamp>o)}getActiveAlerts(){return this.alertService.getActiveAlerts()}acknowledgeAlert(n){return this.alertService.acknowledgeAlert(n)}isEnabled(){return this.config.enabled}getConfig(){return this.config}}var Yn;var Tu=b(()=>{Zu();yu();Yn={enabled:!1,system:{enabled:!0,collectInterval:"10s",metrics:{cpu:!0,memory:!0,disk:!0,network:!1,process:!0}},application:{enabled:!0,metrics:{requests:!0,responseTime:!0,errors:!0,rateLimits:!0}},database:{enabled:!1,metrics:{connections:!0,queryTime:!0,slowQueryThreshold:"100ms"}},redis:{enabled:!1},persistence:{enabled:!0,flushInterval:"1m",retentionDays:30},alerts:{enabled:!1,email:{enabled:!1,recipients:[]},thresholds:{cpuPercent:80,memoryPercent:85,diskPercent:90,errorRatePercent:5,responseTimeMs:1000,rateLimitBlocksPerMinute:100},cooldown:"5m"}}});var nw=()=>{};import{and as Vc,desc as rw,eq as dr}from"drizzle-orm";function tf(n){let r={};for(let[t,o]of Object.entries(n)){let c=t.replace(/_([a-z])/g,(i,a)=>a.toUpperCase());r[c]=o}return r}function A$(n){let r={};for(let[t,o]of Object.entries(n)){let c=t.replace(/[A-Z]/g,(i)=>`_${i.toLowerCase()}`);r[c]=o}return r}class of{db;schemaTables;config;logger;gmailService;constructor(n){this.db=n.db,this.schemaTables=n.schemaTables,this.config=n.config,this.logger=n.logger,this.gmailService=n.gmailService}getTable(n){return this.schemaTables[n]}getCol(n,r){return n[r]}isChannelEnabled(n){let r=this.config.channels;if(!r)return n==="portal";switch(n){case"portal":return r.portal!==!1;case"email":return r.email===!0;case"sms":return r.sms?.enabled===!0;case"telegram":return r.telegram?.enabled===!0;case"webhook":return r.webhook?.enabled===!0;default:return!1}}interpolateTemplate(n,r){let t=n;for(let[o,c]of Object.entries(r))t=t.replace(new RegExp(`{{${o}}}`,"g"),String(c??""));for(let[o,c]of Object.entries(this.config.templateVariables||{}))t=t.replace(new RegExp(`{{${o}}}`,"g"),c);return t}async triggerNotifications(n){let{trigger:r,flow_id:t,entity_name:o,entity_id:c,node_id:i,context:a={}}=n,e=this.getTable("verificationNotificationRules"),s=this.getTable("verificationNotificationRecipients"),f=this.getTable("verificationNotificationChannels");if(!e||!s){this.logger.warn("[Notification] Notification tables not found");return}let d=new Date,w=await this.db.select().from(e).where(Vc(dr(this.getCol(e,"flowId"),t),dr(this.getCol(e,"trigger"),r)));this.logger.info(`[Notification] Found ${w.length} rules for trigger=${r} flow_id=${t}, filter_node_id=${i||"NONE"}`);for(let u of w)this.logger.info(`[Notification]   Rule ${u.id}: nodeId=${u.nodeId}, trigger=${u.trigger}, title=${JSON.stringify(u.titleTemplate)}`);let g=w.filter((u)=>{if(i&&u.nodeId!==i)return this.logger.info(`[Notification]   EXCLUDED rule ${u.id}: rule.nodeId=${u.nodeId} !== filter_node_id=${i}`),!1;if(u.startsAt&&new Date(u.startsAt)>d)return!1;if(u.expiresAt&&new Date(u.expiresAt)<d)return!1;return!0});for(let u of g){let m=await this.db.select().from(s).where(dr(this.getCol(s,"ruleId"),u.id)),l=["portal"];if(f){let H=await this.db.select().from(f).where(dr(this.getCol(f,"ruleId"),u.id));if(H.length>0)l=H.map((k)=>k.channel)}let E=l.filter((H)=>this.isChannelEnabled(H));if(E.length===0)continue;this.logger.info(`[Notification] Rule ${u.id}: ${m.length} recipients, ${E.length} channels (${E.join(",")})`);let $=await this.resolveRecipients(m,n.verifier_id,t,o,c);this.logger.info(`[Notification] Rule ${u.id}: resolved ${$.length} user IDs: ${$.join(", ")}`);let S={...a,entity_name:o,entity_id:c,trigger:r,decision:n.decision};this.logger.info(`[Notification] Rule ${u.id}: titleTemplate=${JSON.stringify(u.titleTemplate)}, bodyTemplate=${JSON.stringify(u.bodyTemplate)}, context=${JSON.stringify(S)}`);let U=u.titleTemplate?this.interpolateTemplate(u.titleTemplate,S):`Verification ${r.replace("on_","").replace("_"," ")}`,W=u.bodyTemplate?this.interpolateTemplate(u.bodyTemplate,S):void 0;this.logger.info(`[Notification] Rule ${u.id}: final title="${U}", body="${W}"`);for(let H of $)await this.send({user_id:H,title:U,body:W,entity_name:o,entity_id:c,type:"verification",source:`flow:${t}`,channels:E})}this.logger.debug(`[Notification] Triggered ${g.length} rules for ${r} on ${o}:${c}`)}async resolveRecipients(n,r,t,o,c){let i=new Set,a=this.getTable("user_roles"),e=this.getTable("roles");for(let s of n)switch(s.recipientType){case"user":if(s.recipientUserId)i.add(s.recipientUserId);break;case"role":if(s.recipientRole&&a&&e){let f=e,d=a,w=(await this.db.select().from(e).where(dr(f.name,s.recipientRole)).limit(1))[0];if(w){let g=await this.db.select({user_id:d.userId}).from(a).where(dr(d.roleId,w.id));for(let u of g)i.add(u.user_id)}}break;case"step_verifier":if(r)i.add(r);break;case"entity_creator":{if(o&&c){let f=this.getTable("verificationInstances");if(f){let _=(await this.db.select().from(f).where(Vc(dr(this.getCol(f,"entityName"),o),dr(this.getCol(f,"entityId"),c))).orderBy(rw(this.getCol(f,"createdAt"))).limit(1))[0];if(_?.startedBy)i.add(_.startedBy)}}break}case"all_verifiers":{if(t){let f=this.getTable("verificationVerifierConfigs");if(f){let d=await this.db.select().from(f).where(dr(this.getCol(f,"flowId"),t));this.logger.info(`[Notification] all_verifiers: found ${d.length} verifier configs for flow ${t}`);for(let _ of d){let w=_;if(this.logger.info(`[Notification] all_verifiers: config node_id=${w.nodeId}, type=${w.verifierType}, userId=${w.verifierUserId}, role=${w.verifierRole}`),w.verifierUserId)i.add(w.verifierUserId);if(w.verifierType==="role"&&w.verifierRole&&a&&e){let g=e,u=a,l=(await this.db.select().from(e).where(dr(g.name,w.verifierRole)).limit(1))[0];if(l){let E=await this.db.select({user_id:u.userId}).from(a).where(dr(u.roleId,l.id));for(let $ of E)i.add($.user_id)}}}}}break}}return Array.from(i)}async send(n){let{user_id:r,title:t,body:o,entity_name:c,entity_id:i,type:a,source:e,channels:s}=n;for(let f of s)switch(f){case"portal":await this.sendPortalNotification(r,t,o,c,i,a,e);break;case"email":await this.sendEmailNotification(r,t,o);break;case"sms":this.logger.debug(`[Notification] SMS channel not yet implemented for user ${r}`);break;case"telegram":this.logger.debug(`[Notification] Telegram channel not yet implemented for user ${r}`);break;case"webhook":this.logger.debug(`[Notification] Webhook channel not yet implemented for user ${r}`);break}}async sendPortalNotification(n,r,t,o,c,i,a){let e=this.getTable("notifications");if(!e){this.logger.warn("[Notification] notifications table not found");return}await this.db.insert(e).values(tf({user_id:n,title:r,body:t||null,entity_name:o||null,entity_id:c||null,type:i||"system",source:a||null,is_seen:!1})),this.logger.debug(`[Notification] Portal notification sent to ${n}: ${r}`)}async sendEmailNotification(n,r,t){if(!this.gmailService?.isAvailable()){this.logger.warn("[Notification] Gmail service not available for email notification");return}let o=this.getTable("users");if(!o){this.logger.warn("[Notification] users table not found");return}let i=(await this.db.select({email:this.getCol(o,"email")}).from(o).where(dr(this.getCol(o,"id"),n)).limit(1))[0];if(!i?.email){this.logger.warn(`[Notification] No email found for user ${n}`);return}await this.gmailService.sendEmail({to:i.email,subject:r,html:t||r}),this.logger.debug(`[Notification] Email notification sent to ${i.email}: ${r}`)}async getNotifications(n,r){let t=this.getTable("notifications");if(!t)return[];let o=[dr(this.getCol(t,"userId"),n)];if(r?.type)o.push(dr(this.getCol(t,"type"),r.type));return(await this.db.select().from(t).where(Vc(...o)).orderBy(rw(this.getCol(t,"createdAt"))).limit(r?.limit||50).offset(r?.offset||0)).map((a)=>A$(a))}async getUnseenCount(n){let r=this.getTable("notifications");if(!r)return 0;return(await this.db.select().from(r).where(Vc(dr(this.getCol(r,"userId"),n),dr(this.getCol(r,"isSeen"),!1)))).length}async markAsSeen(n,r){let t=this.getTable("notifications");if(!t)return!1;return await this.db.update(t).set(tf({is_seen:!0,seen_at:new Date})).where(Vc(dr(this.getCol(t,"id"),n),dr(this.getCol(t,"userId"),r))),!0}async markAllAsSeen(n){let r=this.getTable("notifications");if(!r)return 0;return(await this.db.update(r).set(tf({is_seen:!0,seen_at:new Date})).where(Vc(dr(this.getCol(r,"userId"),n),dr(this.getCol(r,"isSeen"),!1))).returning()).length}}var cf=b(()=>{nw()});function tw(n,r){if(!n.authorizationUrl)throw Error("Generic OAuth provider requires authorizationUrl");let t=n.scopes??[],o=new URLSearchParams({client_id:n.clientId,redirect_uri:n.redirectUri,response_type:"code",state:r,...t.length>0?{scope:t.join(" ")}:{},...n.extraAuthParams});return`${n.authorizationUrl}?${o.toString()}`}async function ow(n,r){if(!r.tokenUrl)throw Error("Generic OAuth provider requires tokenUrl");let t=await fetch(r.tokenUrl,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded",Accept:"application/json"},body:new URLSearchParams({code:n,client_id:r.clientId,client_secret:r.clientSecret,redirect_uri:r.redirectUri,grant_type:"authorization_code"}).toString()});if(!t.ok){let s=await t.text();throw Error(`Generic OAuth token exchange failed: ${s}`)}let o=await t.json();if(o.error)throw Error(`OAuth error: ${o.error_description||o.error}`);let c={accessToken:o.access_token,refreshToken:o.refresh_token,expiresAt:o.expires_in?new Date(Date.now()+o.expires_in*1000):void 0,scope:o.scope};if(!r.userInfoUrl)return{profile:{providerAccountId:o.access_token,rawProfile:o},tokens:c};let i=await fetch(r.userInfoUrl,{headers:{Authorization:`Bearer ${o.access_token}`}});if(!i.ok)throw Error("Failed to fetch user info from generic OAuth provider");let a=await i.json();return{profile:{providerAccountId:a.id??a.sub??a.user_id??o.access_token,email:a.email,name:a.name??a.display_name??a.username,avatarUrl:a.avatar_url??a.picture??a.photo,rawProfile:a},tokens:c}}function cw(n,r){let t=n.scopes??["read:user","user:email"];return`https://github.com/login/oauth/authorize?${new URLSearchParams({client_id:n.clientId,redirect_uri:n.redirectUri,scope:t.join(" "),state:r,...n.extraAuthParams}).toString()}`}async function iw(n,r){let t=await fetch("https://github.com/login/oauth/access_token",{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded",Accept:"application/json"},body:new URLSearchParams({code:n,client_id:r.clientId,client_secret:r.clientSecret,redirect_uri:r.redirectUri}).toString()});if(!t.ok){let f=await t.text();throw Error(`GitHub token exchange failed: ${f}`)}let o=await t.json();if(o.error)throw Error(`GitHub OAuth error: ${o.error_description||o.error}`);let c={accessToken:o.access_token,refreshToken:o.refresh_token,expiresAt:o.expires_in?new Date(Date.now()+o.expires_in*1000):void 0,scope:o.scope},i=await fetch("https://api.github.com/user",{headers:{Authorization:`Bearer ${o.access_token}`,Accept:"application/vnd.github+json"}});if(!i.ok)throw Error("Failed to fetch GitHub user info");let a=await i.json(),e=a.email;if(!e)try{let f=await fetch("https://api.github.com/user/emails",{headers:{Authorization:`Bearer ${o.access_token}`,Accept:"application/vnd.github+json"}});if(f.ok){let d=await f.json();e=d.find((w)=>w.primary&&w.verified)?.email??d[0]?.email}}catch{}return{profile:{providerAccountId:String(a.id),email:e,name:a.name??a.login,avatarUrl:a.avatar_url,rawProfile:a},tokens:c}}function aw(n,r){let t=n.scopes??["openid","email","profile"];return`https://accounts.google.com/o/oauth2/v2/auth?${new URLSearchParams({client_id:n.clientId,redirect_uri:n.redirectUri,response_type:"code",scope:t.join(" "),state:r,access_type:"offline",prompt:"select_account",...n.extraAuthParams}).toString()}`}async function ew(n,r){let t=await fetch("https://oauth2.googleapis.com/token",{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded"},body:new URLSearchParams({code:n,client_id:r.clientId,client_secret:r.clientSecret,redirect_uri:r.redirectUri,grant_type:"authorization_code"}).toString()});if(!t.ok){let s=await t.text();throw Error(`Google token exchange failed: ${s}`)}let o=await t.json(),c={accessToken:o.access_token,refreshToken:o.refresh_token,expiresAt:o.expires_in?new Date(Date.now()+o.expires_in*1000):void 0,scope:o.scope},i=await fetch("https://www.googleapis.com/oauth2/v3/userinfo",{headers:{Authorization:`Bearer ${o.access_token}`}});if(!i.ok)throw Error("Failed to fetch Google user info");let a=await i.json();return{profile:{providerAccountId:a.sub,email:a.email,name:a.name,avatarUrl:a.picture,rawProfile:a},tokens:c}}function sw(n){return`https://login.microsoftonline.com/${n.tenantId??"common"}/oauth2/v2.0`}function fw(n,r){let t=n.scopes??["openid","email","profile","User.Read"],o=new URLSearchParams({client_id:n.clientId,redirect_uri:n.redirectUri,response_type:"code",scope:t.join(" "),state:r,response_mode:"query",...n.extraAuthParams});return`${sw(n)}/authorize?${o.toString()}`}async function _w(n,r){let t=await fetch(`${sw(r)}/token`,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded"},body:new URLSearchParams({code:n,client_id:r.clientId,client_secret:r.clientSecret,redirect_uri:r.redirectUri,grant_type:"authorization_code"}).toString()});if(!t.ok){let s=await t.text();throw Error(`Microsoft token exchange failed: ${s}`)}let o=await t.json();if(o.error)throw Error(`Microsoft OAuth error: ${o.error_description||o.error}`);let c={accessToken:o.access_token,refreshToken:o.refresh_token,expiresAt:o.expires_in?new Date(Date.now()+o.expires_in*1000):void 0,scope:o.scope},i=await fetch("https://graph.microsoft.com/v1.0/me",{headers:{Authorization:`Bearer ${o.access_token}`}});if(!i.ok)throw Error("Failed to fetch Microsoft user info");let a=await i.json();return{profile:{providerAccountId:a.id,email:a.mail??a.userPrincipalName,name:a.displayName,avatarUrl:void 0,rawProfile:a},tokens:c}}import{randomBytes as E$}from"crypto";class ee{config;stateStore=new Map;cleanupInterval=null;constructor(n){this.config=n;let r=(n.stateTtlSeconds??600)*1000;this.cleanupInterval=setInterval(()=>{let t=Date.now();for(let[o,c]of this.stateStore.entries())if(c.expiresAt<t)this.stateStore.delete(o)},r)}stop(){if(this.cleanupInterval)clearInterval(this.cleanupInterval),this.cleanupInterval=null}isProviderEnabled(n){return!!(this.config.enabled&&this.config.providers[n])}getEnabledProviders(){if(!this.config.enabled)return[];return Object.keys(this.config.providers)}buildAuthorizationUrl(n,r,t){let o=this.config.providers[n];if(!o)throw Error(`OAuth provider "${n}" is not configured`);let c={provider:n,linkUserId:r,redirectUrl:t,createdAt:Date.now()},i=E$(32).toString("hex"),a=(this.config.stateTtlSeconds??600)*1000;switch(this.stateStore.set(i,{payload:c,expiresAt:Date.now()+a}),n){case"google":return aw(o,i);case"github":return cw(o,i);case"microsoft":return fw(o,i);default:return tw(o,i)}}consumeState(n){let r=this.stateStore.get(n);if(!r)return null;if(r.expiresAt<Date.now())return this.stateStore.delete(n),null;return this.stateStore.delete(n),r.payload}async exchangeCode(n,r){let t=this.config.providers[n];if(!t)throw Error(`OAuth provider "${n}" is not configured`);switch(n){case"google":return ew(r,t);case"github":return iw(r,t);case"microsoft":return _w(r,t);default:return ow(r,t)}}get allowAccountLinking(){return this.config.allowAccountLinking??!0}get autoCreateUser(){return this.config.autoCreateUser??!0}get successRedirectUrl(){return this.config.successRedirectUrl??"/"}get errorRedirectUrl(){return this.config.errorRedirectUrl??"/login"}get sendInviteOnCreate(){return this.config.sendInviteOnCreate??!1}get basePath(){return this.config.basePath??"/auth/oauth"}}var lw=()=>{};var af=b(()=>{lw()});class ef{redis;logger;config;constructor(n){this.redis=n.redis,this.logger=n.logger,this.config=this.mergeConfig(n.config)}mergeConfig(n){return{enabled:n.enabled??Sr.enabled,strategy:n.strategy??Sr.strategy,keyPrefix:n.keyPrefix??Sr.keyPrefix,authRoutes:{window:n.authRoutes?.window??Sr.authRoutes.window,max:n.authRoutes?.max??Sr.authRoutes.max,login:{window:n.authRoutes?.login?.window??se.window,max:n.authRoutes?.login?.max??se.max,blockDuration:n.authRoutes?.login?.blockDuration??se.blockDuration},register:{window:n.authRoutes?.register?.window??fe.window,max:n.authRoutes?.register?.max??fe.max,blockDuration:n.authRoutes?.register?.blockDuration??fe.blockDuration},passwordReset:{window:n.authRoutes?.passwordReset?.window??_e.window,max:n.authRoutes?.passwordReset?.max??_e.max,blockDuration:n.authRoutes?.passwordReset?.blockDuration??_e.blockDuration},magicLink:{window:n.authRoutes?.magicLink?.window??le.window,max:n.authRoutes?.magicLink?.max??le.max,blockDuration:n.authRoutes?.magicLink?.blockDuration??le.blockDuration}},publicRoutes:{window:n.publicRoutes?.window??Sr.publicRoutes.window,max:n.publicRoutes?.max??Sr.publicRoutes.max},privateRoutes:{window:n.privateRoutes?.window??Sr.privateRoutes.window,max:n.privateRoutes?.max??Sr.privateRoutes.max},byIp:n.byIp??Sr.byIp,byUserId:n.byUserId??Sr.byUserId,byEndpoint:n.byEndpoint??Sr.byEndpoint,skipSuccessfulRequests:n.skipSuccessfulRequests??Sr.skipSuccessfulRequests,headers:{remaining:n.headers?.remaining??Sr.headers.remaining,reset:n.headers?.reset??Sr.headers.reset,limit:n.headers?.limit??Sr.headers.limit},whitelist:n.whitelist??Sr.whitelist,blacklist:n.blacklist??Sr.blacklist}}parseTimeToMs(n){let r=n.match(/^(\d+)(ms|s|m|h|d)$/);if(!r||!r[1]||!r[2])return 60000;let t=parseInt(r[1],10);switch(r[2]){case"ms":return t;case"s":return t*1000;case"m":return t*60*1000;case"h":return t*60*60*1000;case"d":return t*24*60*60*1000;default:return 60000}}buildKey(n){let r=[this.config.keyPrefix,n.category];if(n.authType&&n.authType!=="other")r.push(n.authType);if(this.config.byIp&&n.ip)r.push(`ip:${n.ip}`);if(this.config.byUserId&&n.userId)r.push(`user:${n.userId}`);if(this.config.byEndpoint&&n.endpoint)r.push(`ep:${n.endpoint.replace(/\//g,"_")}`);return r.join(":")}getLimits(n,r){if(n==="auth"){if(r&&r!=="other"){let t=this.config.authRoutes[r];if(t)return t}return{window:this.config.authRoutes.window,max:this.config.authRoutes.max}}if(n==="public")return this.config.publicRoutes;return this.config.privateRoutes}isWhitelisted(n){return this.config.whitelist.some((r)=>{if(r.includes("*"))return new RegExp(`^${r.replace(/\*/g,".*")}$`).test(n);return r===n})}isBlacklisted(n){return this.config.blacklist.some((r)=>{if(r.includes("*"))return new RegExp(`^${r.replace(/\*/g,".*")}$`).test(n);return r===n})}async readRedis(n){let r=await this.redis.read(n);if(r.success)return r.data;return null}async check(n){if(!this.config.enabled)return{allowed:!0,remaining:-1,resetAt:0,limit:-1};if(this.isWhitelisted(n.ip))return{allowed:!0,remaining:-1,resetAt:0,limit:-1};if(this.isBlacklisted(n.ip))return this.logger.warn(`[RateLimit] Blacklisted IP: ${n.ip}`),{allowed:!1,remaining:0,resetAt:Date.now()+86400000,limit:0,retryAfter:86400};let r=this.buildKey(n),t=this.getLimits(n.category,n.authType),o=this.parseTimeToMs(t.window),c=`${r}:blocked`,i=await this.readRedis(c);if(i&&i.until>Date.now()){let a=Math.ceil((i.until-Date.now())/1000);return this.logger.warn(`[RateLimit] Blocked: ${r}, retry after ${a}s`),{allowed:!1,remaining:0,resetAt:i.until,limit:t.max,retryAfter:a}}if(this.config.strategy==="sliding-window")return this.slidingWindowCheck(r,t.max,o,t.blockDuration);if(this.config.strategy==="fixed-window")return this.fixedWindowCheck(r,t.max,o,t.blockDuration);return this.tokenBucketCheck(r,t.max,o)}async slidingWindowCheck(n,r,t,o){let c=Date.now(),i=c-t,a=`${n}:sw`,s=(await this.readRedis(a))?.timestamps||[];s=s.filter((w)=>w>i);let f=s.length,d=s[0],_=d!==void 0?d+t:c+t;if(f>=r){if(o){let w=this.parseTimeToMs(o);await this.redis.create(`${n}:blocked`,{until:c+w},Math.ceil(w/1000))}return{allowed:!1,remaining:0,resetAt:_,limit:r,retryAfter:Math.ceil((_-c)/1000)}}return s.push(c),await this.redis.create(a,{timestamps:s},Math.ceil(t/1000)+1),{allowed:!0,remaining:r-s.length,resetAt:_,limit:r}}async fixedWindowCheck(n,r,t,o){let c=Date.now(),i=Math.floor(c/t),a=`${n}:fw:${i}`,e=(i+1)*t,f=(await this.readRedis(a))?.count||0;if(f>=r){if(o){let d=this.parseTimeToMs(o);await this.redis.create(`${n}:blocked`,{until:c+d},Math.ceil(d/1000))}return{allowed:!1,remaining:0,resetAt:e,limit:r,retryAfter:Math.ceil((e-c)/1000)}}return await this.redis.create(a,{count:f+1},Math.ceil(t/1000)+1),{allowed:!0,remaining:r-(f+1),resetAt:e,limit:r}}async tokenBucketCheck(n,r,t){let o=Date.now(),c=r/t,i=`${n}:tb`,a=await this.readRedis(i),e=a?.tokens??r,s=a?.lastRefill??o,d=(o-s)*c;if(e=Math.min(r,e+d),e<1){let _=Math.ceil((1-e)/c);return{allowed:!1,remaining:0,resetAt:o+_,limit:r,retryAfter:Math.ceil(_/1000)}}return e-=1,await this.redis.create(i,{tokens:e,lastRefill:o},Math.ceil(t/1000)*2),{allowed:!0,remaining:Math.floor(e),resetAt:o+t,limit:r}}async decrement(n){if(!this.config.skipSuccessfulRequests)return;let r=this.buildKey(n);if(this.config.strategy==="sliding-window"){let t=`${r}:sw`,o=await this.readRedis(t);if(o?.timestamps?.length){o.timestamps.pop();let c=this.parseTimeToMs(this.getLimits(n.category,n.authType).window);await this.redis.create(t,o,Math.ceil(c/1000)+1)}}else if(this.config.strategy==="fixed-window"){let t=this.parseTimeToMs(this.getLimits(n.category,n.authType).window),o=Math.floor(Date.now()/t),c=`${r}:fw:${o}`,i=await this.readRedis(c);if(i?.count)await this.redis.create(c,{count:i.count-1},Math.ceil(t/1000)+1)}}getHeaders(n){let r={};return r[this.config.headers.remaining]=String(n.remaining),r[this.config.headers.reset]=String(Math.ceil(n.resetAt/1000)),r[this.config.headers.limit]=String(n.limit),r}isEnabled(){return this.config.enabled}}var se,fe,_e,le,Sr;var dw=b(()=>{se={window:"15m",max:5,blockDuration:"30m"},fe={window:"1h",max:3,blockDuration:"1h"},_e={window:"1h",max:3,blockDuration:"1h"},le={window:"1h",max:5,blockDuration:"1h"},Sr={enabled:!0,strategy:"sliding-window",keyPrefix:"rl:",authRoutes:{window:"1m",max:10,login:se,register:fe,passwordReset:_e,magicLink:le},publicRoutes:{window:"1m",max:100},privateRoutes:{window:"1m",max:60},byIp:!0,byUserId:!0,byEndpoint:!1,skipSuccessfulRequests:!1,headers:{remaining:"X-RateLimit-Remaining",reset:"X-RateLimit-Reset",limit:"X-RateLimit-Limit"},whitelist:[],blacklist:[]}});var uw=()=>{};import{and as Ot,desc as sf,eq as on,inArray as ww}from"drizzle-orm";function Wr(n){let r={};for(let[t,o]of Object.entries(n)){let c=t.replace(/_([a-z])/g,(i,a)=>a.toUpperCase());r[c]=o}return r}function Mr(n){let r={};for(let[t,o]of Object.entries(n)){let c=t.replace(/[A-Z]/g,(i)=>`_${i.toLowerCase()}`);r[c]=o}return r}class ff{db;schemaTables;config;logger;onNotificationTrigger;constructor(n){this.db=n.db,this.schemaTables=n.schemaTables,this.config=n.config,this.logger=n.logger}setNotificationHandler(n){this.onNotificationTrigger=n}getConnectedNotificationNodeIds(n,r,t){let o=new Set,c=(e)=>{let s=[];for(let f of t){let{sourceNodeId:d,targetNodeId:_}=f;if(d===e)s.push(_);else if(_===e)s.push(d)}return s},i=c(n);for(let e of i)if(r.find((f)=>f.nodeId===e)?.nodeType==="notification")o.add(e);for(let e of i)if(r.find((f)=>f.nodeId===e)?.nodeType==="verifier"){let f=c(e);for(let d of f){if(d===n)continue;if(r.find((w)=>w.nodeId===d)?.nodeType==="notification")o.add(d)}}let a=[...o];return this.logger.info(`[Verification] Connected notification nodes for step ${n}: [${a.join(", ")}]`),a}getTable(n){return this.schemaTables[n]}getCol(n,r){return n[r]}async listFlows(n){let r=this.getTable("verificationFlows");if(!r)return[];return(await(n?this.db.select().from(r).where(on(this.getCol(r,"entityName"),n)):this.db.select().from(r))).map((c)=>Mr(c))}async getFlow(n){let r=this.getTable("verificationFlows"),t=this.getTable("verificationSteps"),o=this.getTable("verificationEdges"),c=this.getTable("verificationVerifierConfigs"),i=this.getTable("verificationNotificationRules"),a=this.getTable("verificationNotificationRecipients"),e=this.getTable("verificationNotificationChannels");if(!r)return null;let f=(await this.db.select().from(r).where(on(this.getCol(r,"id"),n)).limit(1))[0];if(!f)return null;let d=Mr(f),w=(t?await this.db.select().from(t).where(on(this.getCol(t,"flowId"),n)):[]).map((D)=>Mr(D)),u=(o?await this.db.select().from(o).where(on(this.getCol(o,"flowId"),n)):[]).map((D)=>Mr(D)),l=(c?await this.db.select().from(c).where(on(this.getCol(c,"flowId"),n)):[]).map((D)=>Mr(D)),$=(i?await this.db.select().from(i).where(on(this.getCol(i,"flowId"),n)):[]).map((D)=>Mr(D)),S=$.map((D)=>D.id),W=(a&&S.length>0?await this.db.select().from(a).where(ww(this.getCol(a,"ruleId"),S)):[]).map((D)=>Mr(D)),k=(e&&S.length>0?await this.db.select().from(e).where(ww(this.getCol(e,"ruleId"),S)):[]).map((D)=>Mr(D));return{flow:d,graph:{steps:w,edges:u,verifier_configs:l,notification_rules:$,notification_recipients:W,notification_channels:k}}}async saveFlow(n){let r=this.getTable("verificationFlows"),t=this.getTable("verificationSteps"),o=this.getTable("verificationEdges"),c=this.getTable("verificationVerifierConfigs"),i=this.getTable("verificationNotificationRules"),a=this.getTable("verificationNotificationRecipients"),e=this.getTable("verificationNotificationChannels");if(!r||!t||!o)throw Error("Verification tables not configured");let s=await this.db.select().from(r).where(on(this.getCol(r,"id"),n.flow_id)).limit(1),f=n.flow_id;if(s.length>0)await this.db.update(r).set(Wr({entity_name:n.entity_name,name:n.name,description:n.description||null,trigger_on:n.trigger_on,trigger_fields:n.trigger_fields||null,is_draft:n.is_draft,viewport:n.viewport||null})).where(on(this.getCol(r,"id"),f));else{let[_]=await this.db.insert(r).values(Wr({id:f,entity_name:n.entity_name,name:n.name,description:n.description||null,trigger_on:n.trigger_on,trigger_fields:n.trigger_fields||null,is_draft:n.is_draft,viewport:n.viewport||null})).returning();f=_.id}if(await this.db.delete(t).where(on(this.getCol(t,"flowId"),f)),o)await this.db.delete(o).where(on(this.getCol(o,"flowId"),f));if(c)await this.db.delete(c).where(on(this.getCol(c,"flowId"),f));if(i){let w=(await this.db.select().from(i).where(on(this.getCol(i,"flowId"),f))).map((g)=>g.id);if(w.length>0){if(a)for(let g of w)await this.db.delete(a).where(on(this.getCol(a,"ruleId"),g));if(e)for(let g of w)await this.db.delete(e).where(on(this.getCol(e,"ruleId"),g))}await this.db.delete(i).where(on(this.getCol(i,"flowId"),f))}let{graph:d}=n;if(d.steps.length>0)await this.db.insert(t).values(d.steps.map((_)=>Wr({flow_id:f,entity_name:n.entity_name,node_id:_.node_id,node_type:_.node_type,step_order:_.step_order,name:_.name||null,description:_.description||null,position_x:_.position_x,position_y:_.position_y,width:_.width||null,height:_.height||null,style:_.style||null,data:_.data||null})));if(d.edges.length>0&&o)await this.db.insert(o).values(d.edges.map((_)=>Wr({flow_id:f,edge_id:_.edge_id,source_node_id:_.source_node_id,target_node_id:_.target_node_id,source_handle:_.source_handle||null,target_handle:_.target_handle||null,edge_type:_.edge_type,label:_.label||null,condition:_.condition||null,style:_.style||null,animated:_.animated})));if(d.verifier_configs.length>0&&c)await this.db.insert(c).values(d.verifier_configs.map((_)=>Wr({flow_id:f,node_id:_.node_id,verifier_type:_.verifier_type,verifier_user_id:_.verifier_user_id||null,verifier_role:_.verifier_role||null,require_signature:_.require_signature,all_must_approve:_.all_must_approve})));if(this.logger.info(`[Verification] Save: ${d.notification_rules.length} rules, ${d.notification_recipients.length} recipients, ${d.notification_channels.length} channels`),d.notification_rules.length>0&&i)for(let _ of d.notification_rules){this.logger.info(`[Verification] Saving notification rule: node_id=${_.node_id}, trigger=${_.trigger}, title_template=${JSON.stringify(_.title_template)}, body_template=${JSON.stringify(_.body_template)}`);let[w]=await this.db.insert(i).values(Wr({flow_id:f,node_id:_.node_id,trigger:_.trigger,title_template:_.title_template||null,body_template:_.body_template||null,starts_at:_.starts_at||null,expires_at:_.expires_at||null})).returning(),g=w.id,u=d.notification_recipients.filter((l)=>l.rule_id===_.node_id);if(u.length>0&&a)await this.db.insert(a).values(u.map((l)=>Wr({rule_id:g,recipient_type:l.recipient_type,recipient_user_id:l.recipient_user_id||null,recipient_role:l.recipient_role||null})));let m=d.notification_channels.filter((l)=>l.rule_id===_.node_id);if(m.length>0&&e)await this.db.insert(e).values(m.map((l)=>Wr({rule_id:g,channel:l.channel})))}return this.logger.info(`[Verification] Flow saved: ${f} for ${n.entity_name}`),{success:!0,flow_id:f}}async publishFlow(n){let r=this.getTable("verificationFlows");if(!r)return{success:!1,message:"Flow table not configured"};return await this.db.update(r).set(Wr({is_draft:!1,published_at:new Date})).where(on(this.getCol(r,"id"),n)),this.logger.info(`[Verification] Flow published: ${n}`),{success:!0,message:"Flow published"}}async deleteFlow(n){let r=this.getTable("verificationFlows");if(!r)return{success:!1,message:"Flow table not configured"};return await this.db.delete(r).where(on(this.getCol(r,"id"),n)),this.logger.info(`[Verification] Flow deleted: ${n}`),{success:!0,message:"Flow deleted"}}async startFlow(n){let r=this.getTable("verificationFlows"),t=this.getTable("verificationSteps"),o=this.getTable("verificationEdges"),c=this.getTable("verificationVerifierConfigs"),i=this.getTable("verificationInstances"),a=this.getTable("verificationRequirements"),e=this.getTable("user_roles");if(!r||!t||!o||!i||!a)return{success:!1,message:"Verification tables not configured"};let f=(await this.db.select().from(r).where(Ot(on(this.getCol(r,"id"),n.flow_id),on(this.getCol(r,"isDraft"),!1))).limit(1))[0];if(!f)return{success:!1,message:"Published flow not found"};if((await this.db.select().from(i).where(Ot(on(this.getCol(i,"entityName"),n.entity_name),on(this.getCol(i,"entityId"),n.entity_id),on(this.getCol(i,"status"),"active"))).limit(1)).length>0)return{success:!1,message:"An active verification instance already exists for this entity"};let _=await this.db.select().from(t).where(on(this.getCol(t,"flowId"),n.flow_id)),w=await this.db.select().from(o).where(on(this.getCol(o,"flowId"),n.flow_id)),g=_.filter((l)=>l.nodeType==="step");if(g.sort((l,E)=>l.stepOrder-E.stepOrder),g.length===0)return{success:!1,message:"Flow has no step nodes"};let[u]=await this.db.insert(i).values(Wr({flow_id:n.flow_id,entity_name:n.entity_name,entity_id:n.entity_id,started_by:n.started_by||null,status:"active",current_step_order:1,started_at:new Date})).returning(),m=u.id;if(await this.materializeRequirementsForStep(m,n.flow_id,n.entity_name,n.entity_id,1,_,w,c,a,e),this.onNotificationTrigger){let l=g[0],E=l?.nodeId,$=E?this.getConnectedNotificationNodeIds(E,_,w):[],S={flow_name:f.name,step_name:l?.name||"Step 1",step_order:1,total_steps:g.length};if($.length>0)for(let U of $)await this.onNotificationTrigger({trigger:"on_flow_started",flow_id:n.flow_id,entity_name:n.entity_name,entity_id:n.entity_id,node_id:U,context:S});else await this.onNotificationTrigger({trigger:"on_flow_started",flow_id:n.flow_id,entity_name:n.entity_name,entity_id:n.entity_id,context:S})}return this.logger.info(`[Verification] Flow started: instance ${m} for ${n.entity_name}:${n.entity_id}`),{success:!0,instance_id:m,message:"Flow started"}}async materializeRequirementsForStep(n,r,t,o,c,i,a,e,s,f){if(!s)return;let d=i.find((l)=>l.nodeType==="step"&&l.stepOrder===c);if(!d)return;let _=d.nodeId,g=a.filter((l)=>l.targetNodeId===_).map((l)=>l.sourceNodeId),u=i.filter((l)=>l.nodeType==="verifier"&&g.includes(l.nodeId));if(u.length===0)return;let m=[];if(e)m=await this.db.select().from(e).where(on(this.getCol(e,"flowId"),r));for(let l of u){let E=l.nodeId,$=m.find((W)=>W.nodeId===E);if(!$)continue;let{verifierType:S,allMustApprove:U}=$;if(S==="role"&&U&&f){let W=this.getTable("roles");if(W){let H=W,k=f,A=(await this.db.select().from(W).where(on(H.name,$.verifierRole)).limit(1))[0];if(A){let h=await this.db.select({user_id:k.userId}).from(f).where(on(k.roleId,A.id));for(let R of h)await this.db.insert(s).values(Wr({instance_id:n,step_node_id:_,verifier_node_id:E,entity_name:t,entity_id:o,verifier_type:"user",verifier_user_id:R.user_id,verifier_role:$.verifierRole||null,require_signature:$.requireSignature,all_must_approve:!0,step_order:c,status:"pending"}))}}}else await this.db.insert(s).values(Wr({instance_id:n,step_node_id:_,verifier_node_id:E,entity_name:t,entity_id:o,verifier_type:S,verifier_user_id:$.verifierUserId||null,verifier_role:$.verifierRole||null,require_signature:$.requireSignature,all_must_approve:U,step_order:c,status:"pending"}))}if(this.onNotificationTrigger){let l=this.getConnectedNotificationNodeIds(_,i,a);if(this.logger.info(`[Verification] on_step_reached: stepNodeId=${_}, connectedNotifIds=[${l.join(", ")}]`),l.length>0)for(let E of l)this.logger.info(`[Verification] Triggering on_step_reached for notifNodeId=${E}`),await this.onNotificationTrigger({trigger:"on_step_reached",flow_id:r,entity_name:t,entity_id:o,node_id:E,context:{step_name:d.name||`Step ${c}`,step_order:c}});else await this.onNotificationTrigger({trigger:"on_step_reached",flow_id:r,entity_name:t,entity_id:o,context:{step_name:d.name||`Step ${c}`,step_order:c}})}}async getStatus(n,r){let t=this.getTable("verificationInstances"),o=this.getTable("verificationFlows"),c=this.getTable("verificationSteps"),i=this.getTable("verifications"),a=this.getTable("verificationRequirements"),e={entity_name:n,entity_id:r,instance:null,flow:null,current_step:0,total_steps:0,is_completed:!1,is_rejected:!1,verifications:[],pending_requirements:[]};if(!t||!o||!i||!a)return this.logger.error("[Verification] Required tables not found"),e;let f=(await this.db.select().from(t).where(Ot(on(this.getCol(t,"entityName"),n),on(this.getCol(t,"entityId"),r))).orderBy(sf(this.getCol(t,"createdAt"))).limit(1))[0];if(!f)return e;let d=Mr(f),_=await this.db.select().from(o).where(on(this.getCol(o,"id"),d.flow_id)).limit(1),w=_[0]?Mr(_[0]):void 0,u=(c?await this.db.select().from(c).where(Ot(on(this.getCol(c,"flowId"),d.flow_id),on(this.getCol(c,"nodeType"),"step"))):[]).length,l=(await this.db.select().from(i).where(on(this.getCol(i,"instanceId"),d.id)).orderBy(sf(this.getCol(i,"createdAt")))).map((S)=>Mr(S)),$=(await this.db.select().from(a).where(Ot(on(this.getCol(a,"instanceId"),d.id),on(this.getCol(a,"status"),"pending")))).map((S)=>Mr(S));return{entity_name:n,entity_id:r,instance:d,flow:w||null,current_step:d.current_step_order,total_steps:u,is_completed:d.status==="completed",is_rejected:d.status==="rejected",verifications:l,pending_requirements:$}}async decide(n){let{entity_name:r,entity_id:t,user_id:o,decision:c,reason:i,signature_id:a,diff:e}=n,s=this.getTable("verifications"),f=this.getTable("verificationRequirements"),d=this.getTable("verificationInstances"),_=this.getTable("verificationSteps"),w=this.getTable("verificationEdges"),g=this.getTable("verificationVerifierConfigs"),u=this.getTable("user_roles"),m=this.getTable("roles");if(!s||!f||!d)return{success:!1,message:"Verification tables not configured"};let l=await this.getStatus(r,t);if(!l.instance||l.instance.status!=="active")return{success:!1,message:"No active verification instance"};let E=l.pending_requirements.filter((D)=>D.step_order===l.current_step);if(E.length===0)return{success:!1,message:"No pending requirements for current step"};let $=null;for(let D of E){if(D.verifier_type==="user"&&D.verifier_user_id===o){$=D;break}if(D.verifier_type==="role"&&D.verifier_role&&u&&m){let A=u,h=m;if((await this.db.select({role_name:h.name}).from(u).innerJoin(m,on(A.roleId,h.id)).where(on(A.userId,o))).some((V)=>V.role_name===D.verifier_role)){$=D;break}}}if(!$)return{success:!1,message:"User is not authorized to verify at this step"};if($.require_signature&&!a)return{success:!1,message:"Signature is required for this verification step"};let[S]=await this.db.insert(s).values(Wr({instance_id:l.instance.id,requirement_id:$.id,verifier_id:o,signature_id:a||null,entity_name:r,entity_id:t,step_order:l.current_step,decision:c,reason:i||null,diff:e||null})).returning();if(await this.db.update(f).set({status:c}).where(on(this.getCol(f,"id"),$.id)),this.onNotificationTrigger&&l.instance){let D=`Step ${l.current_step}`,A=[],h=[];if(_){A=await this.db.select().from(_).where(on(this.getCol(_,"flowId"),l.instance.flow_id));let Q=A.find((B)=>B.nodeId===$.step_node_id);if(Q?.name)D=Q.name}if(w)h=await this.db.select().from(w).where(on(this.getCol(w,"flowId"),l.instance.flow_id));let R=c==="approved"?"on_approved":"on_rejected",z={flow_name:l.flow?.name||"",step_name:D,step_order:l.current_step,total_steps:l.total_steps,decision:c},V=this.getConnectedNotificationNodeIds($.step_node_id,A,h);if(V.length>0)for(let Q of V)await this.onNotificationTrigger({trigger:R,flow_id:l.instance.flow_id,entity_name:r,entity_id:t,node_id:Q,verifier_id:o,decision:c,context:z});else await this.onNotificationTrigger({trigger:R,flow_id:l.instance.flow_id,entity_name:r,entity_id:t,verifier_id:o,decision:c,context:z})}if(c==="rejected"){await this.db.update(d).set(Wr({status:"rejected",completed_at:new Date})).where(on(this.getCol(d,"id"),l.instance.id));let D;if(this.config.autoResetOnRejection){this.logger.info(`[Verification] Flow rejected for ${r}:${t}, auto-restarting from step 1`);let A=await this.startFlow({flow_id:l.instance.flow_id,entity_name:r,entity_id:t,started_by:l.instance.started_by});if(A.success)D=A.instance_id}return{success:!0,message:this.config.autoResetOnRejection?"Verification rejected \u2014 flow restarted from step 1":"Verification rejected",verification:S,flow_completed:!1,new_instance_id:D}}let U=$.id,W=E.filter((D)=>D.id!==U);if(W.length>0)return{success:!0,message:`Step ${l.current_step} partially approved, ${W.length} verifier(s) remaining`,verification:S,flow_completed:!1};let H=l.current_step+1;if(H>l.total_steps){if(await this.db.update(d).set(Wr({status:"completed",completed_at:new Date})).where(on(this.getCol(d,"id"),l.instance.id)),this.onNotificationTrigger){let D=[],A=[];if(_)D=await this.db.select().from(_).where(on(this.getCol(_,"flowId"),l.instance.flow_id));if(w)A=await this.db.select().from(w).where(on(this.getCol(w,"flowId"),l.instance.flow_id));let h=$.step_node_id,R=this.getConnectedNotificationNodeIds(h,D,A),z={flow_name:l.flow?.name||"",step_order:l.current_step,total_steps:l.total_steps};if(R.length>0)for(let V of R)await this.onNotificationTrigger({trigger:"on_flow_completed",flow_id:l.instance.flow_id,entity_name:r,entity_id:t,node_id:V,context:z});else await this.onNotificationTrigger({trigger:"on_flow_completed",flow_id:l.instance.flow_id,entity_name:r,entity_id:t,context:z})}return{success:!0,message:"Verification flow completed",verification:S,flow_completed:!0}}if(await this.db.update(d).set(Wr({current_step_order:H})).where(on(this.getCol(d,"id"),l.instance.id)),_&&w){let D=await this.db.select().from(_).where(on(this.getCol(_,"flowId"),l.instance.flow_id)),A=await this.db.select().from(w).where(on(this.getCol(w,"flowId"),l.instance.flow_id));await this.materializeRequirementsForStep(l.instance.id,l.instance.flow_id,r,t,H,D,A,g,f,u)}return{success:!0,message:`Step ${l.current_step} approved, moving to step ${H}`,verification:S,flow_completed:!1,next_step:H}}async startFlowForEntity(n){let r=this.getTable("verificationFlows");if(!r)return{success:!1,message:"Flow table not configured"};let o=(await this.db.select().from(r).where(Ot(on(this.getCol(r,"entityName"),n.entity_name),on(this.getCol(r,"isDraft"),!1))).limit(1))[0];if(!o)return{success:!1,message:`No published flow found for entity '${n.entity_name}'`};return this.startFlow({flow_id:o.id,entity_name:n.entity_name,entity_id:n.entity_id,started_by:n.started_by})}async listEntityStatuses(n){let r=this.getTable("verificationInstances"),t=this.getTable("verificationFlows"),o=this.getTable("verificationSteps"),c={items:[],total:0,page:1,limit:20};if(!r||!t)return c;let i=n.page||1,a=n.limit||20,e=(i-1)*a,s=[on(this.getCol(r,"entityName"),n.entity_name)];if(n.status)s.push(on(this.getCol(r,"status"),n.status));let f=s.length===1?s[0]:Ot(...s),_=(await this.db.select().from(r).where(f).orderBy(sf(this.getCol(r,"createdAt")))).map((m)=>Mr(m)),w=_.length,g=_.slice(e,e+a),u=[];for(let m of g){let l=m.flow_id,E=await this.db.select().from(t).where(on(this.getCol(t,"id"),l)).limit(1),$=E[0]?Mr(E[0]):void 0,S=0;if(o)S=(await this.db.select().from(o).where(Ot(on(this.getCol(o,"flowId"),l),on(this.getCol(o,"nodeType"),"step")))).length;u.push({instance_id:m.id,entity_name:m.entity_name,entity_id:m.entity_id,flow_id:l,flow_name:$?.name||"Unknown",status:m.status,current_step_order:m.current_step_order,total_steps:S,started_by:m.started_by,started_at:m.started_at,completed_at:m.completed_at})}return{items:u,total:w,page:i,limit:a}}async getPending(n){let r=this.getTable("verificationRequirements"),t=this.getTable("verificationInstances"),o=this.getTable("verificationFlows"),c=this.getTable("verificationSteps"),i=this.getTable("user_roles"),a=this.getTable("roles");if(this.logger.info(`[Verification.getPending] userId=${n}, tables: req=${!!r} inst=${!!t} flow=${!!o} steps=${!!c} roles=${!!a} userRoles=${!!i}`),!r||!t||!o)return this.logger.warn("[Verification.getPending] Missing required tables, returning empty"),[];let e=i,s=a,d=(i&&a?await this.db.select({role_name:s.name}).from(i).innerJoin(a,on(e.roleId,s.id)).where(on(e.userId,n)):[]).map((u)=>u.role_name),w=(await this.db.select().from(r).where(on(this.getCol(r,"status"),"pending"))).map((u)=>Mr(u));this.logger.info(`[Verification.getPending] Found ${w.length} pending requirements, userRoles=${JSON.stringify(d)}`);for(let u of w)this.logger.info(`[Verification.getPending] Req: verifier_type=${u.verifier_type} verifier_user_id=${u.verifier_user_id} verifier_role=${u.verifier_role} step_order=${u.step_order} entity=${u.entity_name}/${u.entity_id}`);let g=[];for(let u of w){if(!(u.verifier_type==="user"&&u.verifier_user_id===n||u.verifier_type==="role"&&d.includes(u.verifier_role))){this.logger.info(`[Verification.getPending] Skipping req: canVerify=false (type=${u.verifier_type}, reqUserId=${u.verifier_user_id}, loggedInUserId=${n})`);continue}let l=await this.db.select().from(t).where(Ot(on(this.getCol(t,"id"),u.instance_id),on(this.getCol(t,"status"),"active"))).limit(1),E=l[0]?Mr(l[0]):void 0;if(!E)continue;if(E.current_step_order!==u.step_order)continue;let $=await this.db.select().from(o).where(on(this.getCol(o,"id"),E.flow_id)).limit(1),S=$[0]?Mr($[0]):void 0;if(!S)continue;let U;if(c&&u.step_node_id){let H=(await this.db.select().from(c).where(Ot(on(this.getCol(c,"flowId"),E.flow_id),on(this.getCol(c,"nodeId"),u.step_node_id))).limit(1))[0];if(H?.name)U=H.name}g.push({instance_id:E.id,entity_name:u.entity_name,entity_id:u.entity_id,flow_name:S.name,step_order:u.step_order,step_name:U,require_signature:u.require_signature,created_at:u.created_at})}return g}}var _f=b(()=>{uw()});var lf=b(()=>{Xa();Bu();vs();ps();qu();Ku();Tu();cf();af();dw();_f()});import{access as CR,mkdir as R$}from"fs/promises";import{dirname as H$,resolve as gw}from"path";var Xi,wf,Ln=(n)=>{if(!n||typeof n!=="string")throw sr("INVALID_PATH","Path must be a non-empty string",n,"resolvePath");return gw(n)},ro=(n)=>{let r=Ln(n);return H$(r)},$t=async(n)=>{let r=gw(n);try{await R$(r,{recursive:!0})}catch(t){if(t.code!=="EEXIST")throw sr("DIRECTORY_CREATE_FAILED",`Failed to create directory: ${r}`,r,"ensureDirectory")}},bf=(n)=>{let r=n,t=0;while(r>=1024&&t<wf.length-1)r/=1024,t++;return`${r.toFixed(2)} ${wf[t]}`},mw=(n,r)=>{return n.toLowerCase().endsWith(r.toLowerCase())},gf=(n,r)=>{let t=r.startsWith(".")?r:`.${r}`;if(mw(n,t))return n;return`${n}${t}`},sr=(n,r,t,o)=>{return{code:n,message:r,path:t,operation:o||"unknown"}},de=(n)=>{try{return JSON.stringify(n,null,2)}catch{return"{}"}},mf=async(n,r,t=Xi.maxConcurrency)=>{let o=[];for(let c=0;c<n.length;c+=t){let i=n.slice(c,c+t),a=[];for(let s of i)a.push(r(s));let e=await Promise.allSettled(a);o.push(...e)}return o},ue=(n,r={})=>{let t=[],o=[],c=r.strict??!0;if(n.defaultEncoding!==void 0){if(!["utf-8","utf8","ascii","base64","hex"].includes(n.defaultEncoding))t.push(`Invalid defaultEncoding: ${n.defaultEncoding}`)}if(n.maxConcurrency!==void 0){if(!Number.isInteger(n.maxConcurrency)||n.maxConcurrency<1)t.push("maxConcurrency must be a positive integer");if(n.maxConcurrency>50)o.push("maxConcurrency > 50 may cause performance issues")}if(n.defaultCreateDir!==void 0&&typeof n.defaultCreateDir!=="boolean")t.push("defaultCreateDir must be a boolean");if(n.defaultRecursive!==void 0&&typeof n.defaultRecursive!=="boolean")t.push("defaultRecursive must be a boolean");if(c&&!r.allowUnknownKeys){let i=["defaultEncoding","defaultCreateDir","defaultRecursive","maxConcurrency"],a=Object.keys(n);for(let e of a)if(!i.includes(e))t.push(`Unknown configuration key: ${e}`)}return{isValid:t.length===0,errors:t,warnings:o}},$w=(n,r=Xi)=>{let t=ue(n);if(!t.isValid)throw sr("CONFIG_VALIDATION_FAILED",`Configuration validation failed: ${t.errors.join(", ")}`,void 0,"mergeConfig");return{...r,...n}},hw=(n)=>{let r=(i)=>({read:Boolean(i&4),write:Boolean(i&2),execute:Boolean(i&1)}),t=n>>6&7,o=n>>3&7,c=n&7;return{owner:r(t),group:r(o),others:r(c)}},Aw=(n)=>{return Number.isInteger(n)&&n>=0&&n<=511};var Yc=b(()=>{Xi={defaultEncoding:"utf-8",defaultCreateDir:!0,defaultRecursive:!0,maxConcurrency:5},wf=["B","KB","MB","GB","TB"]});import{copyFile as $f,rename as hf,unlink as z$}from"fs/promises";import{basename as Ew,dirname as Sw,extname as B$,join as U$}from"path";var we,W$=(n,r=".tmp")=>{let t=Ln(n),o=Date.now(),c=Math.random().toString(36).substring(2,8);return`${t}${r}.${o}.${c}`},Dw=(n,r,t=!0)=>{let o=Ln(n),c=r?Ln(r):Sw(o),i=Ew(o),a=B$(i),e=Ew(i,a),s=t?`.${new Date().toISOString().replace(/[:.]/g,"-")}`:"",f=`${e}.backup${s}${a}`;return U$(c,f)},Li=async({path:n,data:r,tempSuffix:t=we.tempSuffix,backup:o=we.backup,sync:c=we.sync})=>{let i=Ln(n),a=W$(i,t),e;try{if(await $t(ro(i)),o){if(await Bun.file(i).exists())e=Dw(i),await $f(i,e)}let s=await Bun.write(a,r);return await hf(a,i),{success:!0,bytesWritten:s,tempPath:a,backupPath:e}}catch(s){try{await z$(a)}catch{}throw sr("ATOMIC_WRITE_FAILED",`Atomic write failed: ${s}`,i,"atomicWrite")}},kw=async(n,r,t={})=>{let o=JSON.stringify(r,null,2);return Li({path:n,data:o,...t})},Af=async({sourcePath:n,backupDir:r,keepOriginal:t=!0,timestamp:o=we.timestamp})=>{let c=Ln(n);if(!await Bun.file(c).exists())throw sr("SOURCE_NOT_FOUND",`Source file not found: ${n}`,c,"createBackup");let a=Dw(c,r,o);if(await $t(Sw(a)),t)await $f(c,a);else await hf(c,a);return a},Ef=async(n,r,t=!1)=>{let o=Ln(n),c=Ln(r);if(!await Bun.file(o).exists())throw sr("BACKUP_NOT_FOUND",`Backup file not found: ${n}`,o,"restoreFromBackup");try{if(await $t(ro(c)),t)await hf(o,c);else await $f(o,c);return!0}catch(a){return console.error(`Error restoring from backup ${n}:`,a),!1}},Mw=async(n,r,t={})=>{let o=Ln(n),c=Bun.file(o),i;try{if(await c.exists())i=await Af({sourcePath:o,keepOriginal:!0,timestamp:!0});let a=await c.exists()?await c.text():"",e=await r(a),s=await Li({path:o,data:e,backup:!1,...t});return{success:s.success,bytesWritten:s.bytesWritten,tempPath:s.tempPath,backupPath:i}}catch(a){if(i)try{await Ef(i,o,!1)}catch(e){console.error("Rollback failed:",e)}throw a}},Rw=async(n)=>{let r=[],t=[];for(let o of n)try{let c=await Li(o);r.push(c)}catch(c){t.push({operation:o,error:c})}return{successful:r,failed:t}};var Hw=b(()=>{Yc();we={tempSuffix:".tmp",backup:!1,sync:!0,timestamp:!0}});import{chmod as V$,stat as Y$}from"fs/promises";var J$,Ro=async(n,r)=>{let t=Ln(n);if(!Aw(r))throw sr("INVALID_PERMISSION_MODE",`Invalid permission mode: ${r.toString(8)}`,t,"setFilePermissions");try{return await V$(t,r),!0}catch(o){return console.error(`Error setting permissions for ${n}:`,o),!1}},tc=async(n)=>{let r=Ln(n);try{let o=(await Y$(r)).mode&511,c=hw(o);return{path:r,mode:o,owner:c.owner,group:c.group,others:c.others}}catch(t){throw sr("PERMISSION_READ_FAILED",`Failed to read permissions: ${t}`,r,"getFilePermissions")}},zw=async(n,r)=>{try{return((await tc(n)).mode&r)===r}catch{return!1}},Bw=async(n)=>{let t=(await tc(n)).mode|256;return Ro(n,t)},Uw=async(n)=>{let t=(await tc(n)).mode|128;return Ro(n,t)},Ww=async(n)=>{let t=(await tc(n)).mode|64;return Ro(n,t)},Vw=async(n)=>{let t=(await tc(n)).mode&-147;return Ro(n,t)},Yw=async(n,r)=>{let t=J$[r];return Ro(n,t)};var Jw=b(()=>{Yc();J$={OWNER_READ_WRITE:384,OWNER_ALL:448,GROUP_READ:416,GROUP_READ_WRITE:432,ALL_READ:420,ALL_READ_WRITE:438,ALL_READ_EXECUTE:493,ALL_FULL:511,READ_ONLY:292,EXECUTABLE:493}});var X$,be=async(n,r={})=>{let t=Ln(n),o={...X$,...r};await $t(ro(t));let i=Bun.file(t).writer({highWaterMark:o.highWaterMark}),a=!1;return{write:(s)=>{if(a)throw sr("WRITER_CLOSED","Cannot write to closed writer",t,"streamWrite");try{let f=i.write(s);if(o.autoFlush)i.flush();return f}catch(f){throw sr("WRITE_FAILED",`Failed to write chunk: ${f}`,t,"streamWrite")}},flush:()=>{if(a)return 0;try{return i.flush()}catch(s){throw sr("FLUSH_FAILED",`Failed to flush writer: ${s}`,t,"streamFlush")}},end:async(s)=>{if(a)return 0;try{let f=await i.end(s);return a=!0,f}catch(f){throw a=!0,sr("END_FAILED",`Failed to end writer: ${f}`,t,"streamEnd")}},ref:()=>{if(!a)i.ref()},unref:()=>{if(!a)i.unref()}}},Sf=async(n,r,t={})=>{let o=await be(n,t),c=0;try{for(let i of r){let a=o.write(i);c+=a}return await o.flush(),await o.end(),c}catch(i){try{await o.end(i)}catch{}throw i}},Xw=async(n,r,t={})=>{let o=Ln(n),c=Bun.file(o),i=await c.exists()?await c.arrayBuffer():new ArrayBuffer(0),a=[];if(i.byteLength>0)a.push(i);return a.push(...r),Sf(o,a,t)},Lw=async(n,r,t={})=>{let o=Ln(n),c=Bun.file(o);if(!await c.exists())throw sr("SOURCE_NOT_FOUND",`Source file not found: ${n}`,o,"copyFileStream");let i=c.stream(),a=await be(r,t),e=0;try{let s=i.getReader();while(!0){let{done:f,value:d}=await s.read();if(f)break;let _=a.write(d);e+=_}return await a.flush(),await a.end(),e}catch(s){try{await a.end(s)}catch{}throw s}},Qw=async(n,r)=>{let t=Ln(n),o=Bun.file(t);if(!await o.exists())throw sr("FILE_NOT_FOUND",`File not found: ${n}`,t,"readFileStream");let i=o.stream().getReader();try{while(!0){let{done:a,value:e}=await i.read();if(a)break;await r(e)}}finally{i.releaseLock()}};var Gw=b(()=>{Yc();X$={highWaterMark:1048576,autoFlush:!0,closeOnEnd:!0}});import{readdir as L$,rm as Q$,rmdir as G$,stat as O$}from"fs/promises";import{extname as N$,join as x$}from"path";class Ho{static instance;config;constructor(){this.config={...Xi}}static getInstance(){if(!Ho.instance)Ho.instance=new Ho;return Ho.instance}async createFile({dir:n,name:r,data:t,options:o={}}){let c=Ln(x$(n,r));if(o.createDir!==!1)await $t(ro(c));let i=o.type?new Blob([t],{type:o.type}):t;return await Bun.write(c,i)}async createJsonFile(n,r,t){let o=gf(r,".json"),c=de(t);return this.createFile({dir:n,name:o,data:c,options:{type:"application/json"}})}async createDirectory({path:n}){await $t(n)}async readFile({path:n,format:r="text"}){let t=Ln(n),o=Bun.file(t);if(!await o.exists())throw sr("FILE_NOT_FOUND",`File not found: ${n}`,t,"readFile");switch(r){case"text":return await o.text();case"json":return await o.json();case"buffer":return await o.arrayBuffer();case"bytes":return await o.bytes();case"stream":return o.stream();default:return await o.text()}}async readJsonFile(n){return this.readFile({path:n,format:"json"})}async getFileInfo(n){let r=Ln(n),t=Bun.file(r),o=n.split("/").pop()||n,c=null;try{c=await O$(r)}catch{}return{name:o,path:r,size:t.size,type:t.type,exists:await t.exists(),extension:N$(o),createdAt:c?.birthtime,modifiedAt:c?.mtime}}async readDirectory({path:n,recursive:r=!1}){let t=Ln(n);return await L$(t,{recursive:r,encoding:"utf8"})}async getFilesByExtension(n,r){let t=await this.readDirectory({path:n}),o=r.startsWith(".")?r:`.${r}`;return t.filter((c)=>c.endsWith(o))}async updateFile({path:n,data:r,mode:t="overwrite"}){let o=Ln(n);if(t==="append"){let i=await this.readFile({path:n,format:"text"})+r;return await Bun.write(o,i)}return await Bun.write(o,r)}async updateJsonFile(n,r,t=!1){let o=r;if(t)try{let c=await this.readJsonFile(n);if(typeof c==="object"&&c!==null&&!Array.isArray(c)&&typeof r==="object"&&r!==null&&!Array.isArray(r))o={...c,...r}}catch{}return this.updateFile({path:n,data:de(o),mode:"overwrite"})}async appendToFile(n,r){return this.updateFile({path:n,data:r,mode:"append"})}async deleteFile(n){try{let r=Ln(n);return await Bun.file(r).delete(),!0}catch(r){return console.error(`Error deleting file ${n}:`,r),!1}}async deleteDirectory({path:n,recursive:r=!1}){try{let t=Ln(n);if(r)await Q$(t,{recursive:!0,force:!0});else await G$(t);return!0}catch(t){return console.error(`Error deleting directory ${n}:`,t),!1}}async deleteFiles(n){let r=await mf(n,async(c)=>{if(!await this.deleteFile(c))throw Error(`Failed to delete: ${c}`);return c}),t=[],o=[];for(let c=0;c<r.length;c++){let i=r[c],a=n[c];if(i?.status==="fulfilled")t.push(a||"");else o.push(a||"")}return{success:t,failed:o}}async exists(n){let r=Ln(n);return await Bun.file(r).exists()}async copyFile(n,r){let t=Ln(n),o=Ln(r),c=Bun.file(t);if(!await c.exists())throw sr("SOURCE_NOT_FOUND",`Source file not found: ${n}`,t,"copyFile");return await $t(ro(o)),await Bun.write(o,c)}async moveFile(n,r){try{return await this.copyFile(n,r),await this.deleteFile(n),!0}catch(t){return console.error(`Error moving file from ${n} to ${r}:`,t),!1}}getFormattedFileSize(n){return bf(n)}getConfig(){return{...this.config}}updateConfig(n){let r=ue(n);if(r.isValid){let t=$w(n,this.config);Object.assign(this.config,t)}return r}validateConfiguration(n){return ue(n)}async createStreamWriter(n,r={}){return be(n,r)}async writeStream(n,r,t={}){return Sf(n,r,t)}async appendStream(n,r,t={}){return Xw(n,r,t)}async copyFileStream(n,r,t={}){return Lw(n,r,t)}async readFileStream(n,r){return Qw(n,r)}async setPermissions(n,r){return Ro(n,r)}async setPermissionsAdvanced(n){return Ro(n.path,n.mode)}async getPermissions(n){return tc(n)}async checkPermissions(n,r){return zw(n,r)}async makeFileReadable(n){return Bw(n)}async makeFileWritable(n){return Uw(n)}async makeFileExecutable(n){return Ww(n)}async makeFileReadOnly(n){return Vw(n)}async setCommonPermission(n,r){return Yw(n,r)}async atomicWrite(n){return Li(n)}async atomicJsonWrite(n,r,t={}){return kw(n,r,t)}async createFileBackup(n){return Af(n)}async restoreFileFromBackup(n,r,t=!1){return Ef(n,r,t)}async safeFileUpdate(n,r,t={}){return Mw(n,r,t)}async batchAtomicOperations(n){return Rw(n)}}var Df=b(()=>{Hw();Jw();Gw();Yc()});var Nt;var ge=b(()=>{Df();Yc();Df();Nt=Ho.getInstance()});import{Pool as $7}from"pg";var Ow=()=>{};var Nw=b(()=>{Qs();ge();Ow();no()});function Mf(n,r){let t=(n.get("cookie")?.split(";")||[]).reduce((o,c)=>{let[i,a]=c.trim().split("=");if(i&&a)o[i]=a;return o},{});return{access_token:t[r.access_token]||n.get("authorization")?.split(" ")[1],refresh_token:t[r.refresh_token],session_token:t[r.session_token]}}function Rf(n){if(!n.redis){console.log("Redis not configured, skipping");return}if(n.redis.withDapr){kf=new er({withDapr:!0,stateStoreName:n.redis.stateStoreName});return}let r=n.redis.url?process.env[n.redis.url]:void 0,t=n.redis.host?process.env[n.redis.host]:void 0,o=n.redis.port?parseInt(process.env[n.redis.port]||"",10):void 0;kf=new er({url:r,host:t,port:Number.isNaN(o)?void 0:o})}function me(){return kf}function pr(n){if(typeof n==="number")return n;if(!n||n.trim()==="")throw Error("Time string cannot be empty");let r=n.trim().match(/^(\d+(?:\.\d+)?)\s*([smhdwMy])$/);if(!r||!r[1]||!r[2])throw Error(`Invalid time format: "${n}". Expected format: "75s", "10m", "2h", "1d", "1w", "2M", "1y"`);let t=parseFloat(r[1]),o=r[2],i={s:1,m:60,h:3600,d:86400,w:604800,M:2592000,y:31536000}[o];if(i===void 0)throw Error(`Unknown time unit: "${o}"`);let a=Math.floor(t*i);if(a<=0)throw Error(`Time value must be positive: "${n}"`);return a}function Pw({sessionData:n,options:r,refreshTokenId:t,roles:o,claims:c}){let i=r.authentication?.accessToken?.secret;if(!i)throw Error("Access token secret env name is not configured");let a=process.env[i];if(!a)throw Error(`Access token secret env "${i}" is not set`);return zi({subject:n.userId,issuer:r.authentication?.accessToken?.issuer,audience:r.authentication?.accessToken?.audience,algorithm:r.authentication?.accessToken?.algorithm,expiresInSeconds:pr(r.authentication?.accessToken?.expiresIn??"15m"),sessionId:n.id,customClaims:{refreshTokenId:t,...o&&o.length>0?{roles:o}:{},...c&&c.length>0?{claims:c}:{}}},a)}function ht(n,r){return n?{entityName:n.entity_name,entityId:n.entity_id===" - "?null:n.entity_id,operation:n.operation_type,userId:n.user_id==="unknown"?null:n.user_id,summary:r,ipAddress:n.ip_address,userAgent:n.user_agent,path:n.path,query:n.query}:void 0}function P$(n){let r={},t={};for(let[o,c]of Object.entries(n)){let i=o.match(/^(\w+)\[\d*\]\[(\w+)\]$/),a=i?.[1],e=i?.[2];if(a&&e){if(!t[a])t[a]={};let s=t[a];if(!s[e])s[e]=[];let f=s[e];if(Array.isArray(c))for(let d of c)f.push(d);else f.push(c)}else r[o]=c}for(let[o,c]of Object.entries(t)){let i=Object.keys(c);if(i.length===0)continue;let a=Math.max(...i.map((s)=>(c[s]||[]).length)),e=[];for(let s=0;s<a;s++){let f={};for(let d of i)f[d]=(c[d]||[])[s];e.push(f)}r[o]=e}return r}function Hf(n){let r=P$(n),t=(a)=>{if(a===void 0||a===null)return;if(typeof a==="object")return a;if(typeof a==="string")try{return JSON.parse(a)}catch{return}return},o=r.page?parseInt(r.page,10):1,c=r.limit?parseInt(r.limit,10):20,i=r.offset?parseInt(r.offset,10):(o-1)*c;return{page:o,limit:c,offset:i,search:r.search,searchFields:r.searchFields?r.searchFields.split(","):void 0,filters:t(r.filters),sort:t(r.sort),select:r.select?r.select.split(","):void 0,with:t(r.with),distinct:r.distinct==="true",distinctOn:r.distinctOn?r.distinctOn.split(","):void 0}}function Cw(n,r,t,o){let c=Math.ceil(o/r),i=n<c,a=n>1;return{page:n,limit:r,offset:t,totalItems:o,totalPages:c,hasNextPage:i,hasPrevPage:a,nextPage:i?n+1:null,prevPage:a?n-1:null}}function F$(n){let r=["varchar","char","text","uuid","citext","bit","varbit"],t=["integer","smallint","bigint","serial","smallserial","bigserial","real","doublePrecision","numeric","decimal"],o=["boolean"];if(r.includes(n))return(c)=>({valid:typeof c==="string",expectedType:"string"});if(t.includes(n))return(c)=>({valid:typeof c==="number",expectedType:"number"});if(o.includes(n))return(c)=>({valid:typeof c==="boolean",expectedType:"boolean"});if(n==="json"||n==="jsonb")return(c)=>({valid:typeof c==="object",expectedType:"object"});return()=>({valid:!0,expectedType:"any"})}function zo(n,r,t=!1){let o=[];for(let c of r){let i=n[c.name]??n[c.name.replace(/_([a-z])/g,(s,f)=>f.toUpperCase())],a=c.notNull&&!c.nullable&&c.default===void 0&&!c.defaultRaw;if(i===void 0||i===null){if(a&&!t)o.push({field:c.name,message:c.validation?.customMessage||`${c.name} is required`});continue}let e=F$(c.type)(i);if(!e.valid){o.push({field:c.name,message:c.validation?.customMessage||`${c.name} must be of type ${e.expectedType}`});continue}if(typeof i==="string"){let s=i.length;if(c.length&&s>c.length)o.push({field:c.name,message:c.validation?.customMessage||`${c.name} exceeds max length of ${c.length}`});if(c.validation?.minLength&&s<c.validation.minLength)o.push({field:c.name,message:c.validation.customMessage||`${c.name} must be at least ${c.validation.minLength} characters`});if(c.validation?.maxLength&&s>c.validation.maxLength)o.push({field:c.name,message:c.validation.customMessage||`${c.name} must be at most ${c.validation.maxLength} characters`});if(c.validation?.pattern){if(!new RegExp(c.validation.pattern).test(i))o.push({field:c.name,message:c.validation.customMessage||`${c.name} does not match required pattern`})}if(c.validation?.format){let f=C$[c.validation.format];if(f&&!f.test(i))o.push({field:c.name,message:c.validation.customMessage||`${c.name} must be a valid ${c.validation.format}`})}}if(typeof i==="number"){if(c.validation?.min!==void 0&&i<c.validation.min)o.push({field:c.name,message:c.validation.customMessage||`${c.name} must be at least ${c.validation.min}`});if(c.validation?.max!==void 0&&i>c.validation.max)o.push({field:c.name,message:c.validation.customMessage||`${c.name} must be at most ${c.validation.max}`})}if(c.enumValues&&c.enumValues.length>0){if(!c.enumValues.includes(i))o.push({field:c.name,message:c.validation?.customMessage||`${c.name} must be one of: ${c.enumValues.join(", ")}`})}}return{valid:o.length===0,errors:o}}function q$(n){return n.replace(/[&<>"'`=/]/g,(r)=>j$[r]||r)}function K$(n){return n.replace(/<[^>]*>/g,"")}function v$(n){let r=n.split("@"),t=r[0],o=r[1];if(!t||!o)return n;let c=t.split("+")[0];if(!c)return n;return`${c.replace(/\./g,"")}@${o.toLowerCase()}`}function Z$(n){return n.toLowerCase().trim().replace(/[^\w\s-]/g,"").replace(/[\s_-]+/g,"-").replace(/^-+|-+$/g,"")}function I$(n,r){if(n===null||n===void 0)return n;switch(r){case"trim":return typeof n==="string"?n.trim():n;case"lowercase":return typeof n==="string"?n.toLowerCase():n;case"uppercase":return typeof n==="string"?n.toUpperCase():n;case"escapeHtml":return typeof n==="string"?q$(n):n;case"stripTags":return typeof n==="string"?K$(n):n;case"normalizeEmail":return typeof n==="string"?v$(n):n;case"toNumber":if(typeof n==="number")return n;if(typeof n==="string"){let t=Number(n);return Number.isNaN(t)?n:t}return n;case"toBoolean":if(typeof n==="boolean")return n;if(typeof n==="string"){let t=n.toLowerCase();if(t==="true"||t==="1"||t==="yes")return!0;if(t==="false"||t==="0"||t==="no")return!1}if(typeof n==="number")return n!==0;return n;case"slugify":return typeof n==="string"?Z$(n):n;default:return n}}function Bo(n,r){let t={},o=(c)=>c.replace(/_([a-z])/g,(i,a)=>a.toUpperCase());for(let c of Object.keys(n)){let i=n[c],a=c.replace(/[A-Z]/g,(f)=>`_${f.toLowerCase()}`),e=r.find((f)=>f.name===c||f.name===a);if(e?.sanitize&&e.sanitize.length>0)for(let f of e.sanitize)i=I$(i,f);if(e&&(e.type==="timestamp"||e.type==="timestamptz"||e.type==="date")&&typeof i==="string"){let f=new Date(i);if(!Number.isNaN(f.getTime()))i=f}let s=c.includes("_")?o(c):c;t[s]=i}return t}async function Fw(n,r,t){let o=new er,c=`${y$}${n}`,i=`${p$}${n}:${r}`,a=await o.read(i);if(a.success&&a.data)return{success:!0,accessToken:a.data,fromCache:!0};let e=await o.acquireLock(c,T$);if(!e.success)return{success:!1,error:e.error};if(e.data)try{let _=t();return await o.create(i,_,xw),{success:!0,accessToken:_,fromCache:!1}}finally{await o.releaseLock(c)}let s=await o.waitForLock(c,nh,50);if(!s.success)return{success:!1,error:s.error};if(!s.data)return{success:!1,error:"Lock wait timeout"};let f=await o.read(i);if(f.success&&f.data)return{success:!0,accessToken:f.data,fromCache:!0};let d=t();return await o.create(i,d,xw),{success:!0,accessToken:d,fromCache:!1}}function jw(n){let r=[],t={};if(n.database?.url){let o=process.env[n.database.url];if(!o)r.push({field:"database.url",envName:n.database.url,message:`Environment variable "${n.database.url}" is not set. Please set it in your .env file.`});else t.databaseUrl=o}if(n.redis&&!n.redis.withDapr)if(n.redis.url){let o=process.env[n.redis.url];if(!o)r.push({field:"redis.url",envName:n.redis.url,message:`Environment variable "${n.redis.url}" is not set. Please set it in your .env file.`});else t.redisUrl=o}else{if(n.redis.host){if(!process.env[n.redis.host])r.push({field:"redis.host",envName:n.redis.host,message:`Environment variable "${n.redis.host}" is not set. Please set it in your .env file.`})}if(n.redis.port){if(!process.env[n.redis.port])r.push({field:"redis.port",envName:n.redis.port,message:`Environment variable "${n.redis.port}" is not set. Please set it in your .env file.`})}}if(n.authentication?.enabled){if(!n.authentication.mode)r.push({field:"authentication.mode",envName:"",message:'authentication.mode is required when authentication is enabled. Use "full" for IDP/standalone services, "consumer" for resource servers.'});if(n.authentication.accessToken?.secret){let c=process.env[n.authentication.accessToken.secret];if(!c)r.push({field:"authentication.accessToken.secret",envName:n.authentication.accessToken.secret,message:`Environment variable "${n.authentication.accessToken.secret}" is not set. Please set it in your .env file.`});else t.accessTokenSecret=c}else r.push({field:"authentication.accessToken.secret",envName:"",message:"authentication.accessToken.secret is required when authentication is enabled."});let o=n.authentication.mode==="consumer";if(n.authentication.refreshToken?.secret){let c=process.env[n.authentication.refreshToken.secret];if(!c)r.push({field:"authentication.refreshToken.secret",envName:n.authentication.refreshToken.secret,message:`Environment variable "${n.authentication.refreshToken.secret}" is not set. Please set it in your .env file.`});else t.refreshTokenSecret=c}else if(!o)r.push({field:"authentication.refreshToken.secret",envName:"",message:"authentication.refreshToken.secret is required when authentication is enabled."});if(n.authentication.sessionToken?.secret){let c=process.env[n.authentication.sessionToken.secret];if(!c)r.push({field:"authentication.sessionToken.secret",envName:n.authentication.sessionToken.secret,message:`Environment variable "${n.authentication.sessionToken.secret}" is not set. Please set it in your .env file.`});else t.sessionTokenSecret=c}else if(!o)r.push({field:"authentication.sessionToken.secret",envName:"",message:"authentication.sessionToken.secret is required when authentication is enabled."})}if(n.authentication?.oauth?.enabled&&n.authentication.oauth.providers){let o={};for(let[c,i]of Object.entries(n.authentication.oauth.providers)){if(!i)continue;let{clientId:a,clientSecret:e,redirectUri:s}=i,f=process.env[a],d=process.env[e],_=process.env[s]??s;if(!f)r.push({field:`authentication.oauth.providers.${c}.clientId`,envName:a,message:`Environment variable "${a}" is not set (OAuth ${c} clientId).`});if(!d)r.push({field:`authentication.oauth.providers.${c}.clientSecret`,envName:e,message:`Environment variable "${e}" is not set (OAuth ${c} clientSecret).`});if(f&&d)o[c]={clientId:f,clientSecret:d,redirectUri:_,scopes:i.scopes,authorizationUrl:i.authorizationUrl,tokenUrl:i.tokenUrl,userInfoUrl:i.userInfoUrl,extraAuthParams:i.extraAuthParams}}if(Object.keys(o).length>0)t.oauthProviders=o}return{valid:r.length===0,errors:r,resolved:t}}async function qw(n,r){let{Pool:t}=await import("pg"),c=new URL(n).pathname.replace("/","");if(!c)return;let i=new URL(n);i.pathname="/postgres";let a=new t({connectionString:i.toString()});try{if((await a.query("SELECT 1 FROM pg_database WHERE datname = $1",[c])).rowCount===0)r.info(`[Database] Creating database "${c}"...`),await a.query(`CREATE DATABASE "${c}" TEMPLATE template0`),r.info(`[Database] Database "${c}" created successfully`);else r.info(`[Database] Database "${c}" exists`)}catch(e){let s=e instanceof Error?e.message:String(e);r.warn(`[Database] Could not auto-create database: ${s}`)}finally{await a.end()}}var kf=null,C$,j$,p$="access_token:",y$="refresh_lock:",T$=5,nh=3000,xw=60;var Qi=b(()=>{Nw();lf();C$={email:/^[^\s@]+@[^\s@]+\.[^\s@]+$/,url:/^https?:\/\/.+/,uuid:/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i,date:/^\d{4}-\d{2}-\d{2}$/,datetime:/^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}/,time:/^\d{2}:\d{2}:\d{2}$/,uri:/^[a-z][a-z0-9+.-]*:/i,ipv4:/^(\d{1,3}\.){3}\d{1,3}$/,ipv6:/^([0-9a-f]{1,4}:){7}[0-9a-f]{1,4}$/i};j$={"&":"&amp;","<":"&lt;",">":"&gt;",'"':"&quot;","'":"&#x27;","/":"&#x2F;","`":"&#96;","=":"&#x3D;"}});import $e from"path";import rh,{t as he}from"elysia";function zf(n){if(!n)return oc;return{enabled:n.enabled??oc.enabled,basePath:n.basePath??oc.basePath,cacheMaxAge:n.cacheMaxAge??oc.cacheMaxAge,enableRangeRequests:n.enableRangeRequests??oc.enableRangeRequests,enableEtag:n.enableEtag??oc.enableEtag,corsOrigins:n.corsOrigins??oc.corsOrigins}}function th(n){let r=["image/","video/","audio/","text/","application/pdf"];for(let t of r)if(n.startsWith(t)||n===t)return"inline";return"attachment"}function oh(n){return n.replace(/[^A-Za-z0-9._-]+/g,"_").replace(/_{2,}/g,"_").slice(0,200)}function Bf(n){let{cdn:r,storagePath:t,logger:o,getFileRecord:c}=n,i=new rh({prefix:r.basePath});if(!r.enabled)return i;return i.get("/:id",async({params:a,request:e,set:s})=>{let{id:f}=a,d=e.headers.get("x-schema-name")||void 0,_,w,g;if(c){let h=await c(f,d);if(!h)return s.status=404,{success:!1,message:"File not found"};_=$e.join(h.path,h.name),w=h.name,g=h.mimeType||h.mime_type||"application/octet-stream"}else _=$e.join(t,f),w=f,g="application/octet-stream";if(!await Nt.exists(_))return s.status=404,{success:!1,message:"Physical file not found"};let m=await Nt.getFileInfo(_),l=new Date(m.modifiedAt||Date.now()).toUTCString(),E=r.enableEtag?`"${m.size}-${m.modifiedAt?.getTime()||Date.now()}"`:void 0,$={"Cache-Control":`public, max-age=${r.cacheMaxAge}`,"Last-Modified":l};if(E)$.ETag=E;if(r.corsOrigins.length>0)$["Access-Control-Allow-Origin"]=r.corsOrigins[0]==="*"?"*":r.corsOrigins.join(", "),$["Access-Control-Allow-Methods"]="GET, HEAD, OPTIONS";let S=e.headers.get("if-none-match");if(E&&S===E)return new Response(null,{status:304,headers:$});let U=Bun.file(_),W=e.headers.get("range");if(r.enableRangeRequests&&W){let h=W.match(/bytes=(\d*)-(\d*)/);if(!h)return s.status=416,new Response("Range not satisfiable",{status:416,headers:{"Content-Range":`bytes */${m.size}`,"Content-Type":g,...$}});let R=h[1]||"0",z=h[2]||"",V=parseInt(R,10),Q=z?parseInt(z,10):m.size-1;if(V>=m.size||Q>=m.size||V>Q)return new Response("Range not satisfiable",{status:416,headers:{"Content-Range":`bytes */${m.size}`,"Content-Type":g,...$}});let B=Q-V+1,J=U.slice(V,Q+1);return new Response(J,{status:206,headers:{"Content-Range":`bytes ${V}-${Q}/${m.size}`,"Accept-Ranges":"bytes","Content-Length":B.toString(),"Content-Type":g,...$}})}let H=th(g),k=oh(w),D=encodeURIComponent(w),A=`${H}; filename="${k}"; filename*=UTF-8''${D}`;return new Response(U,{status:200,headers:{"Content-Length":m.size.toString(),"Content-Type":g,"Accept-Ranges":r.enableRangeRequests?"bytes":"none","Content-Disposition":A,...$}})},{params:he.Object({id:he.String()}),detail:{tags:["CDN"],summary:"Get file by ID",description:"Serve file with streaming, range requests, and caching support"}}),i.head("/:id",async({params:a,request:e,set:s})=>{let{id:f}=a,d=e.headers.get("x-schema-name")||void 0,_,w;if(c){let $=await c(f,d);if(!$)return s.status=404,new Response(null,{status:404});_=$e.join($.path,$.name),w=$.mime_type||"application/octet-stream"}else _=$e.join(t,f),w="application/octet-stream";if(!await Nt.exists(_))return s.status=404,new Response(null,{status:404});let u=await Nt.getFileInfo(_),m=new Date(u.modifiedAt||Date.now()).toUTCString(),l=r.enableEtag?`"${u.size}-${u.modifiedAt?.getTime()||Date.now()}"`:void 0,E={"Content-Length":u.size.toString(),"Content-Type":w,"Accept-Ranges":r.enableRangeRequests?"bytes":"none","Cache-Control":`public, max-age=${r.cacheMaxAge}`,"Last-Modified":m};if(l)E.ETag=l;if(r.corsOrigins.length>0)E["Access-Control-Allow-Origin"]=r.corsOrigins[0]==="*"?"*":r.corsOrigins.join(", "),E["Access-Control-Allow-Methods"]="GET, HEAD, OPTIONS";return new Response(null,{status:200,headers:E})},{params:he.Object({id:he.String()}),detail:{tags:["CDN"],summary:"Get file metadata",description:"Get file headers without body for preflight checks"}}),o.info(`[CDN] Routes enabled at ${r.basePath}`),i}var oc;var Kw=b(()=>{ge();oc={enabled:!0,basePath:"/cdn",cacheMaxAge:86400,enableRangeRequests:!0,enableEtag:!0,corsOrigins:["*"]}});import{randomUUID as ch}from"crypto";import Uf from"path";function Gi(n){if(!n)return to;return{enabled:n.enabled??to.enabled,basePath:n.basePath??to.basePath,maxFileSizeBytes:n.maxFileSizeBytes??to.maxFileSizeBytes,allowedMimeTypes:n.allowedMimeTypes??to.allowedMimeTypes,blockedMimeTypes:n.blockedMimeTypes??to.blockedMimeTypes,formData:{filesField:n.formData?.filesField??to.formData.filesField,dataField:n.formData?.dataField??to.formData.dataField,maxFiles:n.formData?.maxFiles??to.formData.maxFiles}}}function Oi(n,r){let t={data:{},files:[]};if(!n||typeof n!=="object")return t;let o=n,c=o[r.formData.dataField];if(c){if(typeof c==="string")try{t.data=JSON.parse(c)}catch{t.data={}}else if(typeof c==="object")t.data=c}let i=o[r.formData.filesField];if(i){if(i instanceof File)t.files=[i];else if(Array.isArray(i))t.files=i.filter((a)=>a instanceof File)}return t}function Wf(n,r){if(n.size>r.maxFileSizeBytes)return{valid:!1,error:`File ${n.name} exceeds maximum size of ${r.maxFileSizeBytes} bytes`};if(r.blockedMimeTypes.length>0&&r.blockedMimeTypes.includes(n.type))return{valid:!1,error:`File type ${n.type} is not allowed`};if(r.allowedMimeTypes.length>0&&!r.allowedMimeTypes.includes(n.type))return{valid:!1,error:`File type ${n.type} is not in allowed list`};return{valid:!0}}async function Vf(n,r,t){let o=ch(),c=Uf.extname(n.name),i=`${o}${c}`,a=t?Uf.join(r.basePath,t):r.basePath,e=await n.arrayBuffer(),s=new Uint8Array(e);return await Nt.createFile({dir:a,name:i,data:s,options:{type:n.type,createDir:!0}}),{id:o,name:i,originalName:n.name,path:a,mimeType:n.type,size:n.size,createdAt:new Date}}async function Ni(n,r,t){let o=[],c=[];for(let i of n.slice(0,r.formData.maxFiles)){let a=Wf(i,r);if(!a.valid){c.push({file:i.name,error:a.error||"Unknown error"});continue}try{let e=await Vf(i,r,t);o.push(e)}catch(e){c.push({file:i.name,error:e instanceof Error?e.message:"Upload failed"})}}return{success:o,failed:c}}async function vw(n,r){try{let t=Uf.join(n,r);return await Nt.deleteFile(t)}catch{return!1}}var to;var Zw=b(()=>{ge();to={enabled:!1,basePath:"./uploads",maxFileSizeBytes:104857600,allowedMimeTypes:[],blockedMimeTypes:["application/x-executable","application/x-msdos-program"],formData:{filesField:"files",dataField:"data",maxFiles:10}}});var Iw={};ho(Iw,{validateFile:()=>Wf,uploadFiles:()=>Ni,uploadFile:()=>Vf,parseFormDataBody:()=>Oi,mergeStorageConfig:()=>Gi,mergeCdnConfig:()=>zf,deleteFile:()=>vw,createCdnRoutes:()=>Bf});var Ae=b(()=>{Kw();Zw()});import{eq as Zf,sql as ao}from"drizzle-orm";import{Elysia as y3,t as If}from"elysia";function ze(n,r="public"){let{db:t,logger:o,usersTable:c}=n,i=new y3;return i.post("/auth/admin/change-user-id",async(a)=>{if(!t||!c)return{success:!1,message:"Database not configured"};let e=a.request.headers.get("x-user-id");if(!e)return a.set.status=401,{success:!1,message:"Unauthorized"};let f=(await t.select().from(c).where(Zf(c.id,e)).limit(1))[0];if(!f||!f.isGod)return a.set.status=403,{success:!1,message:"Forbidden: godmin privileges required"};let{currentId:d,newId:_}=a.body;if(!d||!_)return a.set.status=400,{success:!1,message:"currentId and newId are required"};if(d===_)return a.set.status=400,{success:!1,message:"New ID must be different from current ID"};if(!/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i.test(_))return a.set.status=400,{success:!1,message:"newId must be a valid UUID"};let u=(await t.select().from(c).where(Zf(c.id,d)).limit(1))[0];if(!u)return a.set.status=404,{success:!1,message:"User not found"};if((await t.select().from(c).where(Zf(c.id,_)).limit(1)).length>0)return a.set.status=409,{success:!1,message:"A user with this ID already exists"};try{let l=await t.execute(ao`
 					SELECT
 						tc.constraint_name,
 						tc.table_name,
@@ -76,19 +76,19 @@ var l5=Object.create;var{getPrototypeOf:d5,defineProperty:Si,getOwnPropertyNames
 						AND ccu.table_name = 'users'
 						AND ccu.column_name = 'id'
 						AND tc.table_schema = ${r}
-				`),$=(Array.isArray(l)?l:l.rows||[]).map((z)=>{let J=z;return{constraint_name:String(J.constraint_name||""),table_name:String(J.table_name||""),column_name:String(J.column_name||""),delete_rule:String(J.delete_rule||"NO ACTION")}}),E=await t.execute(ao`
+				`),$=(Array.isArray(l)?l:l.rows||[]).map((B)=>{let J=B;return{constraint_name:String(J.constraint_name||""),table_name:String(J.table_name||""),column_name:String(J.column_name||""),delete_rule:String(J.delete_rule||"NO ACTION")}}),S=await t.execute(ao`
 					SELECT table_name, column_name
 					FROM information_schema.columns
 					WHERE column_name = 'user_id'
 						AND table_schema = ${r}
 						AND table_name != 'users'
-				`),W=(Array.isArray(E)?E:E.rows||[]).map((z)=>{let J=z;return{table_name:String(J.table_name||""),column_name:String(J.column_name||"")}}),H=await t.execute(ao`
+				`),W=(Array.isArray(S)?S:S.rows||[]).map((B)=>{let J=B;return{table_name:String(J.table_name||""),column_name:String(J.column_name||"")}}),H=await t.execute(ao`
 					SELECT table_name, column_name
 					FROM information_schema.columns
 					WHERE column_name IN ('created_by', 'updated_by')
 						AND table_schema = ${r}
 						AND data_type = 'uuid'
-				`),D=(Array.isArray(H)?H:H.rows||[]).map((z)=>{let J=z;return{table_name:String(J.table_name||""),column_name:String(J.column_name||"")}}),A=await t.execute(ao`
+				`),D=(Array.isArray(H)?H:H.rows||[]).map((B)=>{let J=B;return{table_name:String(J.table_name||""),column_name:String(J.column_name||"")}}),A=await t.execute(ao`
 					SELECT c1.table_name
 					FROM information_schema.columns c1
 					JOIN information_schema.columns c2
@@ -98,24 +98,24 @@ var l5=Object.create;var{getPrototypeOf:d5,defineProperty:Si,getOwnPropertyNames
 						AND c2.column_name = 'owner_type'
 						AND c1.table_schema = ${r}
 						AND c1.data_type = 'uuid'
-				`),R=(Array.isArray(A)?A:A.rows||[]).map((z)=>String(z.table_name||""));o.info("[AUTH] Change User ID - discovered schema references",{fkConstraints:$.map((z)=>`${z.table_name}.${z.column_name} (${z.constraint_name})`),userIdColumns:W.map((z)=>`${z.table_name}.${z.column_name}`),auditColumns:D.map((z)=>`${z.table_name}.${z.column_name}`),polyTables:R});let B=new Map,Y=(z,J)=>{if(!B.has(z))B.set(z,new Set);B.get(z)?.add(J)};for(let z of $)Y(z.table_name,z.column_name);for(let z of W)Y(z.table_name,z.column_name);for(let z of D)Y(z.table_name,z.column_name);o.info("[AUTH] Change User ID - all column updates to execute",{updates:Array.from(B.entries()).map(([z,J])=>`${z}: [${Array.from(J).join(", ")}]`)}),await t.transaction(async(z)=>{for(let J of $)await z.execute(ao.raw(`ALTER TABLE "${r}"."${J.table_name}" DROP CONSTRAINT "${J.constraint_name}"`));await z.execute(ao.raw(`UPDATE "${r}"."users" SET "id" = '${_}' WHERE "id" = '${d}'`));for(let[J,G]of B.entries())for(let F of G)await z.execute(ao.raw(`UPDATE "${r}"."${J}" SET "${F}" = '${_}' WHERE "${F}" = '${d}'`));for(let J of R)await z.execute(ao.raw(`UPDATE "${r}"."${J}" SET "owner_id" = '${_}' WHERE "owner_id" = '${d}' AND "owner_type" IN ('user', 'users', 'User')`));for(let J of $){let G=J.delete_rule==="CASCADE"?"ON DELETE CASCADE":J.delete_rule==="SET NULL"?"ON DELETE SET NULL":"";await z.execute(ao.raw(`ALTER TABLE "${r}"."${J.table_name}" ADD CONSTRAINT "${J.constraint_name}" FOREIGN KEY ("${J.column_name}") REFERENCES "${r}"."users" ("id") ${G}`))}});let X=[...new Set([...$.map((z)=>z.table_name),...W.map((z)=>z.table_name),...D.map((z)=>z.table_name),...R])];return o.info("[AUTH] User ID changed successfully",{godminId:e,currentId:d,newId:_,email:u.email,affectedTables:X,fkConstraintsDroppedAndReadded:$.length}),await o.audit({entityName:"users",entityId:_,operation:"CHANGE_USER_ID",userId:e,summary:`Godmin changed user ID: ${d} \u2192 ${_} (${u.email})`,oldValues:{id:d},newValues:{id:_},ipAddress:a.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||"unknown",userAgent:a.request.headers.get("user-agent")||"unknown",path:new URL(a.request.url).pathname,query:""}),{success:!0,data:{oldId:d,newId:_,email:u.email,affectedTables:X}}}catch(l){return o.error("[AUTH] Failed to change user ID",{error:l instanceof Error?l.message:String(l),stack:l instanceof Error?l.stack:void 0,currentId:d,newId:_}),a.set.status=500,{success:!1,message:l instanceof Error?l.message:"Failed to change user ID"}}},{body:If.Object({currentId:If.String(),newId:If.String()}),detail:{tags:["Authentication"],summary:"Change User ID",description:"Godmin: change a user's UUID while preserving all FK relations, audit columns, and polymorphic references"}}),i}var pf=()=>{};import{eq as yf}from"drizzle-orm";import{Elysia as T3,t as Ob}from"elysia";function Be(n,r,t,o,c,i){let{db:a,logger:e,usersTable:s}=n,f=new T3,d={accessTokenName:i?.accessTokenName||"access_token",refreshTokenName:i?.refreshTokenName||"refresh_token",sessionTokenName:i?.sessionTokenName||"session_token",accessTokenMaxAge:i?.accessTokenMaxAge||900,refreshTokenMaxAge:i?.refreshTokenMaxAge||604800,sessionTokenMaxAge:i?.sessionTokenMaxAge||900,secure:i?.secure??!0,sameSite:i?.sameSite||"strict",path:i?.path||"/"};return f.post("/auth/admin/impersonate",async(_)=>{if(!a||!s)return{success:!1,message:"Database not configured"};let w=_.request.headers.get("x-user-id");if(!w)return _.set.status=401,{success:!1,message:"Unauthorized"};let{targetUserId:g}=_.body,m=(await a.select().from(s).where(yf(s.id,w)).limit(1))[0];if(!m||!m.isGod)return _.set.status=403,{success:!1,message:"Forbidden: godmin privileges required"};if(w===g)return _.set.status=400,{success:!1,message:"Cannot impersonate yourself"};let S=(await a.select().from(s).where(yf(s.id,g)).limit(1))[0];if(!S)return _.set.status=404,{success:!1,message:"Target user not found"};let $=r(g),E=t(g),U=_.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||"unknown",W={userId:g,deviceInfo:{deviceName:"Impersonation Session",browserName:"Admin",osName:"Admin",ipAddress:U},loginMethod:"impersonation"},H=await o(W);if(c)await c(H,W);e.info("[AUTH] Impersonation started",{godminId:w,targetUserId:g,targetEmail:S.email}),await e.audit({entityName:"users",entityId:g,operation:"IMPERSONATE_START",userId:w,summary:`Godmin ${m.email} started impersonating ${S.email}`,ipAddress:_.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||"unknown",userAgent:_.request.headers.get("user-agent")||"unknown",path:new URL(_.request.url).pathname,query:""});let k=d.secure?"; Secure":"",D=`; Path=${d.path}; HttpOnly; SameSite=${d.sameSite}${k}`,A=[`${d.accessTokenName}=${$}${D}; Max-Age=${d.accessTokenMaxAge}`,`${d.refreshTokenName}=${E}${D}; Max-Age=${d.refreshTokenMaxAge}`,`${d.sessionTokenName}=${H}${D}; Max-Age=${d.sessionTokenMaxAge}`,`nucleus_impersonating_as=${g}${D}; Max-Age=${d.sessionTokenMaxAge}`,`nucleus_godmin_id=${w}${D}; Max-Age=${d.sessionTokenMaxAge}`,`nucleus_impersonating_email=${encodeURIComponent(String(S.email))}${D}; Max-Age=${d.sessionTokenMaxAge}`],h=JSON.stringify({success:!0,data:{targetUser:{id:S.id,email:S.email},godminId:w,sessionId:H}}),R=new Headers;R.set("Content-Type","application/json");for(let B of A)R.append("Set-Cookie",B);return new Response(h,{status:200,headers:R})},{body:Ob.Object({targetUserId:Ob.String()}),detail:{tags:["Authentication"],summary:"Impersonate User",description:"Godmin: start a session as another user"}}),f.post("/auth/admin/impersonate/stop",async(_)=>{if(!a||!s)return{success:!1,message:"Database not configured"};let w=_.request.headers.get("cookie")||"",u=Object.fromEntries(w.split(";").map((B)=>{let[Y,...X]=B.trim().split("=");return[Y?.trim(),X.join("=")]})).nucleus_godmin_id;if(!u)return _.set.status=400,{success:!1,message:"No active impersonation session"};let l=(await a.select().from(s).where(yf(s.id,u)).limit(1))[0];if(!l)return _.set.status=404,{success:!1,message:"Godmin user not found"};let S=r(u),$=t(u),E=_.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||"unknown",U={userId:u,deviceInfo:{deviceName:"Restored Admin Session",browserName:"Admin",osName:"Admin",ipAddress:E},loginMethod:"impersonation_stop"},W=await o(U);if(c)await c(W,U);e.info("[AUTH] Impersonation stopped",{godminId:u}),await e.audit({entityName:"users",entityId:u,operation:"IMPERSONATE_STOP",userId:u,summary:`Godmin ${l.email} stopped impersonation`,ipAddress:_.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||"unknown",userAgent:_.request.headers.get("user-agent")||"unknown",path:new URL(_.request.url).pathname,query:""});let H=d.secure?"; Secure":"",k=`; Path=${d.path}; HttpOnly; SameSite=${d.sameSite}${H}`,D=`; Path=${d.path}; HttpOnly; SameSite=${d.sameSite}${H}; Max-Age=0`,A=[`${d.accessTokenName}=${S}${k}; Max-Age=${d.accessTokenMaxAge}`,`${d.refreshTokenName}=${$}${k}; Max-Age=${d.refreshTokenMaxAge}`,`${d.sessionTokenName}=${W}${k}; Max-Age=${d.sessionTokenMaxAge}`,`nucleus_impersonating_as=deleted${D}`,`nucleus_godmin_id=deleted${D}`,`nucleus_impersonating_email=deleted${D}`],h=JSON.stringify({success:!0,data:{godminUser:{id:l.id,email:l.email},sessionId:W}}),R=new Headers;R.set("Content-Type","application/json");for(let B of A)R.append("Set-Cookie",B);return new Response(h,{status:200,headers:R})},{detail:{tags:["Authentication"],summary:"Stop Impersonation",description:"Godmin: restore own session after impersonation"}}),f}var Tf=()=>{};import{and as Ue,count as nA,eq as Ar,sql as rA}from"drizzle-orm";function We(n,r,t){let o=t.route||"/auth/api-keys",c=r.apiKeysTable,{db:i,logger:a}=r;if(!c||!i){a.warn("[API_KEYS] api_keys table or database not available. Skipping API key routes.");return}let e=t.keyPrefix||"nk_live",s=t.maxKeysPerUser||10,f=t.preventApiKeyManagement??!1;n.post(o,async({request:d,set:_})=>{if(f)return _.status=403,{isSuccess:!1,message:"API key management is disabled via configuration",data:null};if(d.headers.get("x-auth-type")==="api_key")return _.status=403,{isSuccess:!1,message:"API keys cannot be created using another API key",data:null};let g=d.headers.get("x-user-id");if(!g)return _.status=401,{isSuccess:!1,message:"Unauthenticated",data:null};let u;try{u=await d.json()}catch{return _.status=400,{isSuccess:!1,message:"Invalid request body",data:null}}if(!u.name||typeof u.name!=="string"||u.name.trim().length===0)return _.status=400,{isSuccess:!1,message:"Name is required",data:null};if(u.ownerType==="application"){if(!(t.allowApplicationKeys??!0))return _.status=403,{isSuccess:!1,message:"Application API keys are not allowed",data:null};if(!u.applicationName||u.applicationName.trim().length===0)return _.status=400,{isSuccess:!1,message:"Application name is required for application keys",data:null}}if(((await i.select({count:nA()}).from(c).where(Ue(Ar(Kn(c,"userId"),g),Ar(Kn(c,"isActive"),!0))))[0]?.count||0)>=s)return _.status=400,{isSuccess:!1,message:`Maximum API key limit reached (${s})`,data:null};let S=await Nb(r,g),$=await xb(r,g),E=u.allowedRoles||[],U=u.allowedClaims||[],W=u.allowedScopes||[],H=Qt(S,E),k=Qt($,U);if(E.length>0&&H.length!==E.length){let X=E.filter((z)=>!S.includes(z));return _.status=403,{isSuccess:!1,message:`Cannot assign roles you do not have: ${X.join(", ")}`,data:null}}if(U.length>0&&k.length!==U.length){let X=U.filter((z)=>!$.includes(z));return _.status=403,{isSuccess:!1,message:`Cannot assign claims you do not have: ${X.join(", ")}`,data:null}}if(W.length>0){let X=await Pb(r,g);if(Qt(X,W).length!==W.length){let J=W.filter((G)=>!X.includes(G));return _.status=403,{isSuccess:!1,message:`Cannot assign scopes you do not have: ${J.join(", ")}`,data:null}}}let A=((X)=>X.filter((z)=>!Bc(z)))(E.length>0?H:S),h=U.length>0?k:$,R=null,B=u.expiresIn||t.defaultExpiresIn;if(B){let X=pr(B);R=new Date(Date.now()+X*1000)}let Y=Yd(e);try{return await i.insert(c).values({userId:g,name:u.name.trim(),description:u.description?.trim()||null,keyHash:Y.keyHash,keyPreview:Y.keyPreview,ownerType:u.ownerType||"personal",applicationName:u.applicationName?.trim()||null,allowedRoles:A,allowedClaims:h,allowedScopes:W,expiresAt:R,usageCount:0,createdAt:new Date,updatedAt:new Date}),a.info("[API_KEYS] API key created",{userId:g,ownerType:u.ownerType||"personal",applicationName:u.applicationName,rolesCount:A.length,claimsCount:h.length,expiresAt:R?.toISOString()||"never"}),{isSuccess:!0,message:"API key created successfully. Save this key \u2014 it will not be shown again.",data:{key:Y.rawKey,keyPreview:Y.keyPreview,name:u.name.trim(),ownerType:u.ownerType||"personal",applicationName:u.applicationName||null,allowedRoles:A,allowedClaims:h,allowedScopes:W,expiresAt:R?.toISOString()||null}}}catch(X){return a.error("[API_KEYS] Failed to create API key",{error:X,userId:g}),_.status=500,{isSuccess:!1,message:"Failed to create API key",data:null}}}),n.get(o,async({request:d,set:_})=>{let w=d.headers.get("x-user-id");if(!w)return _.status=401,{isSuccess:!1,message:"Unauthenticated",data:null};let u=(await i.select().from(c).where(Ar(Kn(c,"userId"),w)).orderBy(rA`created_at DESC`)).map((m)=>n_(m));return{isSuccess:!0,data:{items:u,totalCount:u.length}}}),n.get(`${o}/:id`,async({params:d,request:_,set:w})=>{let g=_.headers.get("x-user-id");if(!g)return w.status=401,{isSuccess:!1,message:"Unauthenticated",data:null};let u=d.id,l=(await i.select().from(c).where(Ue(Ar(Kn(c,"id"),u),Ar(Kn(c,"userId"),g))).limit(1))[0];if(!l)return w.status=404,{isSuccess:!1,message:"API key not found",data:null};return{isSuccess:!0,data:n_(l)}}),n.patch(`${o}/:id`,async({params:d,request:_,set:w})=>{if(f)return w.status=403,{isSuccess:!1,message:"API key management is disabled via configuration",data:null};if(_.headers.get("x-auth-type")==="api_key")return w.status=403,{isSuccess:!1,message:"API keys cannot be modified using another API key",data:null};let u=_.headers.get("x-user-id");if(!u)return w.status=401,{isSuccess:!1,message:"Unauthenticated",data:null};let m=d.id,l;try{l=await _.json()}catch{return w.status=400,{isSuccess:!1,message:"Invalid request body",data:null}}let $=(await i.select().from(c).where(Ue(Ar(Kn(c,"id"),m),Ar(Kn(c,"userId"),u))).limit(1))[0];if(!$)return w.status=404,{isSuccess:!1,message:"API key not found",data:null};if($.revokedAt)return w.status=400,{isSuccess:!1,message:"Cannot modify a revoked API key",data:null};let E=await Nb(r,u),U=await xb(r,u),W={updatedAt:new Date};if(l.name!==void 0){if(typeof l.name!=="string"||l.name.trim().length===0)return w.status=400,{isSuccess:!1,message:"Name cannot be empty",data:null};W.name=l.name.trim()}if(l.description!==void 0)W.description=l.description?.trim()||null;if(l.allowedRoles!==void 0){if(Qt(E,l.allowedRoles).length!==l.allowedRoles.length){let k=l.allowedRoles.filter((D)=>!E.includes(D));return w.status=403,{isSuccess:!1,message:`Cannot assign roles you do not have: ${k.join(", ")}`,data:null}}W.allowedRoles=l.allowedRoles.filter((k)=>!Bc(k))}if(l.allowedClaims!==void 0){if(Qt(U,l.allowedClaims).length!==l.allowedClaims.length){let k=l.allowedClaims.filter((D)=>!U.includes(D));return w.status=403,{isSuccess:!1,message:`Cannot assign claims you do not have: ${k.join(", ")}`,data:null}}W.allowedClaims=l.allowedClaims}if(l.allowedScopes!==void 0){if(l.allowedScopes.length>0){let H=await Pb(r,u);if(Qt(H,l.allowedScopes).length!==l.allowedScopes.length){let D=l.allowedScopes.filter((A)=>!H.includes(A));return w.status=403,{isSuccess:!1,message:`Cannot assign scopes you do not have: ${D.join(", ")}`,data:null}}}W.allowedScopes=l.allowedScopes}try{await i.update(c).set(W).where(Ar(Kn(c,"id"),m)),a.info("[API_KEYS] API key updated",{keyId:m,userId:u});let H=await i.select().from(c).where(Ar(Kn(c,"id"),m)).limit(1);return{isSuccess:!0,message:"API key updated successfully",data:n_(H[0])}}catch(H){return a.error("[API_KEYS] Failed to update API key",{error:H,keyId:m,userId:u}),w.status=500,{isSuccess:!1,message:"Failed to update API key",data:null}}}),n.delete(`${o}/:id`,async({params:d,request:_,set:w})=>{if(_.headers.get("x-auth-type")==="api_key")return w.status=403,{isSuccess:!1,message:"API keys cannot be revoked using another API key",data:null};let u=_.headers.get("x-user-id");if(!u)return w.status=401,{isSuccess:!1,message:"Unauthenticated",data:null};let m=d.id,l={};try{let U=await _.clone().text();if(U)l=JSON.parse(U)}catch{}let $=(await i.select().from(c).where(Ue(Ar(Kn(c,"id"),m),Ar(Kn(c,"userId"),u))).limit(1))[0];if(!$)return w.status=404,{isSuccess:!1,message:"API key not found",data:null};if($.revokedAt)return w.status=400,{isSuccess:!1,message:"API key is already revoked",data:null};try{return await i.update(c).set({isActive:!1,revokedAt:new Date,revokedReason:l.reason||"user_revoked",updatedAt:new Date}).where(Ar(Kn(c,"id"),m)),a.info("[API_KEYS] API key revoked",{keyId:m,userId:u,reason:l.reason||"user_revoked"}),{isSuccess:!0,message:"API key revoked successfully",data:null}}catch(E){return a.error("[API_KEYS] Failed to revoke API key",{error:E,keyId:m,userId:u}),w.status=500,{isSuccess:!1,message:"Failed to revoke API key",data:null}}}),a.info(`[API_KEYS] Routes registered at ${o}`)}var Kn=(n,r)=>n[r],Nb=async(n,r)=>{if(!n.db||!n.userRolesTable||!n.rolesTable)return[];return(await n.db.select({name:Kn(n.rolesTable,"name")}).from(n.userRolesTable).innerJoin(n.rolesTable,Ar(Kn(n.rolesTable,"id"),Kn(n.userRolesTable,"roleId"))).where(Ar(Kn(n.userRolesTable,"userId"),r))).map((o)=>o.name).filter((o)=>o!==void 0)},xb=async(n,r)=>{if(!n.db||!n.userRolesTable||!n.roleClaimsTable||!n.claimsTable)return[];let t=await n.db.select({action:Kn(n.claimsTable,"action")}).from(n.userRolesTable).innerJoin(n.roleClaimsTable,Ar(Kn(n.roleClaimsTable,"roleId"),Kn(n.userRolesTable,"roleId"))).innerJoin(n.claimsTable,Ar(Kn(n.claimsTable,"id"),Kn(n.roleClaimsTable,"claimId"))).where(Ar(Kn(n.userRolesTable,"userId"),r)),o=new Set(t.map((c)=>c.action));return Array.from(o).filter((c)=>c!==void 0)},Pb=async(n,r)=>{if(!n.db||!n.userRolesTable||!n.roleClaimsTable)return[];let t=await n.db.select({scope:Kn(n.roleClaimsTable,"scope")}).from(n.userRolesTable).innerJoin(n.roleClaimsTable,Ar(Kn(n.roleClaimsTable,"roleId"),Kn(n.userRolesTable,"roleId"))).where(Ar(Kn(n.userRolesTable,"userId"),r)),o=new Set(t.map((c)=>c.scope).filter((c)=>c!==null&&c!==void 0&&c.length>0));return Array.from(o)},n_=(n)=>{let{keyHash:r,...t}=n;return t};var r_=b(()=>{Xa();te();Qi()});import{Elysia as tA,t as Gr}from"elysia";function Cb(n){let{captchaService:r,logger:t,basePath:o="/auth/captcha"}=n,c=new tA;if(!r.isEnabled())return c;return c.get(`${o}/generate`,async(i)=>{let{type:a,difficulty:e}=i.query,s=i.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||i.request.headers.get("x-real-ip")?.trim()||i.request.headers.get("cf-connecting-ip")?.trim()||"unknown",f=await r.generate(a,e,s);if(f.rateLimited)return i.set.status=429,{success:!1,message:f.message??"Too many requests. Please try again later."};return t.info("[CAPTCHA] Challenge generated via endpoint",{challengeId:f.challengeId,type:f.type,ipAddress:s}),{success:!0,data:{challengeId:f.challengeId,type:f.type,question:f.question,expiresAt:f.expiresAt,...f.imageData?{imageData:f.imageData}:{},...f.puzzleData?{puzzleData:{pieces:f.puzzleData.pieces}}:{}}}},{query:oA,detail:{tags:["Captcha"],summary:"Generate Captcha",description:"Generate a new captcha challenge"}}),c.post(`${o}/validate`,async(i)=>{let{challengeId:a,answer:e}=i.body,s=await r.validate(a,e);if(!s.valid)i.set.status=400;return s},{body:cA,detail:{tags:["Captcha"],summary:"Validate Captcha",description:"Validate a captcha answer"}}),c}var oA,cA;var Fb=b(()=>{oA=Gr.Object({type:Gr.Optional(Gr.Union([Gr.Literal("math"),Gr.Literal("image"),Gr.Literal("puzzle"),Gr.Literal("text")])),difficulty:Gr.Optional(Gr.Union([Gr.Literal("easy"),Gr.Literal("medium"),Gr.Literal("hard")]))}),cA=Gr.Object({challengeId:Gr.String(),answer:Gr.String()})});function jb(n,r){let{db:t,logger:o}=n,c=r.route||"/auth/check";return(i)=>i.post(c,async(a)=>{let{body:e,request:s,set:f}=a,d=s.headers.get("x-user-id");if(!d)return f.status=401,{isSuccess:!1,message:"Unauthenticated",data:null};if(!t)return f.status=503,{isSuccess:!1,message:"Authorization service unavailable",data:null};let _=n.schemaTables;if(!_)return f.status=503,{isSuccess:!1,message:"Authorization tables not available",data:null};let{entity:w,method:g,fields:u,relations:m}=e;if(!w||!g)return f.status=400,{isSuccess:!1,message:"entity and method are required",data:null};let l=await oe({userId:d,method:g,entity:w,requestedFields:u,requestedRelations:m,db:t,schemaTables:_,logger:o});return{isSuccess:!0,message:l.authorized?"Authorized":"Forbidden",data:{authorized:l.authorized,reason:l.reason,allowedFields:l.allowedFields,allowedRelations:l.allowedRelations,scopeFilters:l.scopeFilters}}},{detail:{tags:["Auth"],summary:"Check authorization for a given entity and method",description:"Allows consumer/resource servers to perform full claim checks (including scope) against the IDP's authorization system."}})}var qb=b(()=>{Ks()});import iA from"crypto";var{password:aA}=globalThis.Bun;async function Xo(n){return await aA.hash(n,{algorithm:"bcrypt",cost:10})}function Ve(){return iA.randomBytes(32).toString("hex")}function Ic(n){let r=n.match(/^(\d+)(s|m|h|d)$/);if(!r||!r[1]||!r[2])return 86400000;let t=Number.parseInt(r[1],10);switch(r[2]){case"s":return t*1000;case"m":return t*60*1000;case"h":return t*60*60*1000;case"d":return t*24*60*60*1000;default:return 86400000}}function Kb(n){let r=[];if(n.length<8)r.push("Password must be at least 8 characters");if(!/[A-Z]/.test(n))r.push("Password must contain uppercase letter");if(!/[a-z]/.test(n))r.push("Password must contain lowercase letter");if(!/[0-9]/.test(n))r.push("Password must contain a number");return{valid:r.length===0,errors:r}}var pc=()=>{};import{sql as Ye}from"drizzle-orm";import{Elysia as eA,t as Je}from"elysia";function Xe(n){let{authConfig:r,registerConfig:t,emailService:o,appName:c}=n,{db:i,logger:a,usersTable:e}=r,s=new eA;if(!t.enabled||!t.emailVerification?.enabled)return s;let f="/verify-email",d="/resend-verification";return s.get(f,async(_)=>{if(!i||!e)return{success:!1,message:"Database not configured"};let w=_.query.token;if(!w)return{success:!1,message:"Verification token is required"};let g=await i.select().from(e).where(Ye`email_verification_token = ${w}`).limit(1);if(g.length===0)return a.warn("[AUTH] Email verification failed - invalid token"),{success:!1,message:"Invalid or expired verification token"};let u=g[0],m=u.emailVerificationTokenExpiresAt;if(m&&new Date>new Date(m))return a.warn("[AUTH] Email verification failed - token expired",{userId:u.id,email:u.email}),{success:!1,message:"Verification token has expired. Please request a new one."};if(await i.update(e).set({verifiedAt:new Date,emailVerificationToken:null,emailVerificationTokenExpiresAt:null}).where(Ye`id = ${u.id}`),a.info("[AUTH] Email verified successfully",{userId:u.id,email:u.email}),t.emailVerification?.templates?.welcome?.enabled&&o?.isAvailable())o.sendWelcomeEmail(u.email,u.email.split("@")[0]||"User",c||"Nucleus").catch((S)=>{a.error("[AUTH] Failed to send welcome email after verification",{email:u.email,error:S})});return{success:!0,message:"Email verified successfully. You can now log in.",data:{redirectUrl:t.emailVerification?.redirectUrl||"/login",verified:!0}}},{query:Je.Object({token:Je.String()}),detail:{tags:["Authentication"],summary:"Verify Email",description:"Verify user email address using the verification token"}}),s.post(d,async(_)=>{if(!i||!e)return{success:!1,message:"Database not configured"};if(!o?.isAvailable())return{success:!1,message:"Email service not available"};let{email:w}=_.body,g=await i.select().from(e).where(Ye`email = ${w}`).limit(1);if(g.length===0)return{success:!0,message:"If your email is registered, you will receive a verification email."};let u=g[0];if(u.verifiedAt)return{success:!1,message:"Email is already verified"};let m=t.emailVerification?.maxResendAttempts||3,l=u.emailVerificationAttempts||0;if(l>=m)return a.warn("[AUTH] Resend verification failed - max attempts reached",{email:w,attempts:l}),{success:!1,message:"Maximum resend attempts reached. Please contact support.",data:{maxAttemptsReached:!0,attemptsUsed:l,maxAttempts:m}};let S=t.emailVerification?.resendCooldown||"60s",$=Ic(S),E=u.emailVerificationSentAt;if(E){let h=Date.now()-new Date(E).getTime();if(h<$){let R=Math.ceil(($-h)/1000);return{success:!1,message:`Please wait ${R} seconds before requesting another verification email.`,data:{cooldownRemaining:R,canResendAt:new Date(Date.now()+R*1000).toISOString()}}}}let U=Ve(),W=t.emailVerification?.tokenExpiresIn||"24h",H=new Date(Date.now()+Ic(W));await i.update(e).set({emailVerificationToken:U,emailVerificationTokenExpiresAt:H,emailVerificationSentAt:new Date,emailVerificationAttempts:l+1}).where(Ye`id = ${u.id}`);let D=`${(t.emailVerification?.redirectUrl||"http://localhost:3000/login").replace("/login","/verify-email")}?token=${U}`,A=await o.sendVerificationEmail(w,w.split("@")[0]||"User",D,c||"Nucleus");if(A.success)return a.info("[AUTH] Verification email resent",{email:w}),{success:!0,message:"Verification email sent. Please check your inbox.",data:{cooldownSeconds:Math.ceil($/1000),canResendAt:new Date(Date.now()+$).toISOString(),attemptsRemaining:m-(l+1)}};return a.error("[AUTH] Failed to resend verification email",{email:w,error:A.error}),{success:!1,message:"Failed to send verification email. Please try again later."}},{body:Je.Object({email:Je.String({format:"email"})}),detail:{tags:["Authentication"],summary:"Resend Verification Email",description:"Resend the email verification link to the user"}}),s}var t_=b(()=>{pc()});import vb from"crypto";function yc(){return vb.randomBytes(32).toString("hex")}function Mt(n){return vb.createHash("sha256").update(n).digest("hex")}function Tc(n){let r=n.match(/^(\d+)(s|m|h|d)$/);if(!r?.[1]||!r[2])return 900000;let t=parseInt(r[1],10);switch(r[2]){case"s":return t*1000;case"m":return t*60*1000;case"h":return t*60*60*1000;case"d":return t*24*60*60*1000;default:return 900000}}var yi=()=>{};import{eq as sA}from"drizzle-orm";import{Elysia as fA,t as Le}from"elysia";function Qe(n,r,t,o,c,i){let{db:a,logger:e,usersTable:s}=n,f=r.route||"/auth/invite",d=r.tokenExpiresIn||"7d",_=r.redirectUrl||"",w=new fA;if(!r.enabled)return w;if(w.post(f,async(g)=>{if(!a||!s)return{success:!1,message:"Database not configured"};if(!t?.isAvailable())return e.error("[AUTH] Invite requested but email service not available"),{success:!1,message:"Email service not available"};let{email:u}=g.body,m=await a.select().from(s).where(sA(s.email,u)).limit(1),l;if(m.length>0){let H=m[0];if(H.verifiedAt||H.password)return e.warn("[AUTH] Invite failed - user already verified",{email:u}),{success:!1,message:"User with this email is already verified"};l=H.id,e.info("[AUTH] Resending invitation to existing unverified user",{userId:l,email:u})}else{let H={email:u,password:null,emailVerified:!1,isLocked:!1,createdAt:new Date,updatedAt:new Date},D=(await a.insert(s).values(H).returning())[0];if(!D)return e.error("[AUTH] Failed to create invited user",{email:u}),{success:!1,message:"Failed to create user"};l=D.id,e.info("[AUTH] Invited user created",{userId:l,email:u})}let S=yc(),$=Mt(S),E=new Date(Date.now()+Tc(d));await o({userId:l,email:u,tokenHash:$,expiresAt:E});let U=_?`${_}?token=${S}&invite=true`:`/auth/magic-link/verify?token=${S}`,W=await t.sendInvitationEmail(u,U,c||"Nucleus");if(!W.success)return e.error("[AUTH] Failed to send invitation email",{email:u,error:W.error}),{success:!0,message:"User created but failed to send invitation email",data:{id:l,email:u}};return e.info("[AUTH] Invitation email sent",{email:u,userId:l}),{success:!0,message:"Invitation sent successfully",data:{id:l,email:u}}},{body:_A,detail:{tags:["Authentication"],summary:"Invite User",description:"Invite a new user by sending them an email with a magic link to set their password"}}),i)w.post(`${f}/verify`,async(g)=>{let{token:u}=g.body;if(!u)return{success:!1,message:"Token is required"};let m=Mt(u),l=await i(m);if(!l)return e.warn("[AUTH] Invalid invite verify token"),{success:!1,message:"Invalid or expired token"};if(new Date>l.expiresAt)return e.warn("[AUTH] Expired invite verify token",{email:l.email}),{success:!1,message:"Invalid or expired token"};return e.info("[AUTH] Invite token verified (not consumed)",{email:l.email,userId:l.userId}),{success:!0,data:{userId:l.userId,email:l.email}}},{body:Le.Object({token:Le.String()}),detail:{tags:["Authentication"],summary:"Verify Invite Token",description:"Validate an invite token without consuming it. Returns user info if valid."}});return w}var _A;var o_=b(()=>{yi();_A=Le.Object({email:Le.String({format:"email"})})});import{t as cr}from"elysia";var c_,lA;var i_=b(()=>{c_=cr.Object({email:cr.String({format:"email"}),password:cr.String({minLength:1}),rememberMe:cr.Optional(cr.Boolean()),captchaId:cr.Optional(cr.String()),captchaAnswer:cr.Optional(cr.String()),deviceHint:cr.Optional(cr.String())}),lA=cr.Object({success:cr.Boolean(),message:cr.Optional(cr.String()),data:cr.Optional(cr.Object({user:cr.Object({id:cr.String(),email:cr.String()}),accessToken:cr.String(),refreshToken:cr.String()}))})});var{password:dA}=globalThis.Bun;async function Ge(n,r){try{return await dA.verify(n,r)}catch{return!1}}function Oe(n,r,t){let o=n.toLowerCase(),c=["headlesschrome","headless","phantomjs","nightmare","selenium","webdriver","puppeteer","playwright"],i=["bot","crawler","spider","scraper","curl","wget","python-requests","python-urllib","java/","httpclient","go-http-client","node-fetch","axios","postman","insomnia","httpie"],a=c.some((l)=>o.includes(l)),e=i.some((l)=>o.includes(l)),s=a||e,f=[];if(a)f.push("headless_browser");if(e)f.push("bot_user_agent");if(!o||o.length<10)f.push("missing_or_short_ua");if(o==="mozilla/5.0")f.push("generic_ua");if(o.includes("nucleusserveraction")||o.includes("serveraction"))f.push("server_action");let d="unknown";if(o.includes("ipad"))d="tablet";else if(o.includes("iphone"))d="mobile";else if(o.includes("macintosh")||o.includes("windows")&&!o.includes("windows phone")||o.includes("linux")&&!o.includes("android"))d="desktop";else if(o.includes("tablet")||o.includes("android")&&o.includes("tablet"))d="tablet";else if(o.includes("mobile")||o.includes("android"))d="mobile";let _,w;if(a)_="Headless Browser";else if(e)_="Bot/Crawler";else if(o.includes("chrome")&&!o.includes("edg")){_="Chrome";let l=n.match(/Chrome\/(\d+\.\d+)/i);if(l?.[1])w=l[1]}else if(o.includes("firefox")){_="Firefox";let l=n.match(/Firefox\/(\d+\.\d+)/i);if(l?.[1])w=l[1]}else if(o.includes("safari")&&!o.includes("chrome")){_="Safari";let l=n.match(/Version\/(\d+\.\d+)/i);if(l?.[1])w=l[1]}else if(o.includes("edg")){_="Edge";let l=n.match(/Edg\/(\d+\.\d+)/i);if(l?.[1])w=l[1]}let g,u;if(o.includes("windows nt 10"))g="Windows",u="10/11";else if(o.includes("windows nt"))g="Windows";else if(o.includes("mac os x")){g="macOS";let l=n.match(/Mac OS X (\d+[._]\d+)/i);if(l?.[1])u=l[1].replace("_",".")}else if(o.includes("android")){g="Android";let l=n.match(/Android (\d+\.?\d*)/i);if(l?.[1])u=l[1]}else if(o.includes("iphone")||o.includes("ipad")){g="iOS";let l=n.match(/OS (\d+[._]\d+)/i);if(l?.[1])u=l[1].replace("_",".")}else if(o.includes("linux"))g="Linux";return{deviceName:_&&g?`${_} on ${g}`:"Unknown Device",deviceType:d,browserName:_,browserVersion:w,osName:g,osVersion:u,ipAddress:r,userAgent:n,deviceHint:t,locationCountry:void 0,locationCity:void 0,isHeadless:a,isBot:e,isSuspicious:s,suspiciousPatterns:f}}var Ne=()=>{};import{eq as a_}from"drizzle-orm";import{Elysia as uA}from"elysia";function xe(n,r,t,o,c,i,a,e,s){let{db:f,logger:d,usersTable:_}=n,w=r.route||"/auth/login",g={accessTokenName:a?.accessTokenName||"access_token",refreshTokenName:a?.refreshTokenName||"refresh_token",sessionTokenName:a?.sessionTokenName||"session_token",accessTokenMaxAge:a?.accessTokenMaxAge||900,refreshTokenMaxAge:a?.refreshTokenMaxAge||604800,sessionTokenMaxAge:a?.sessionTokenMaxAge||900,secure:a?.secure??!0,httpOnly:a?.httpOnly??!0,sameSite:a?.sameSite||"strict",path:a?.path||"/",domain:a?.domain},u=new uA;if(!r.enabled)return u;return u.post(w,async(m)=>{if(!f||!_)return{success:!1,message:"Database not configured"};let{email:l,password:S,rememberMe:$,captchaId:E,captchaAnswer:U,deviceHint:W}=m.body;if(s?.isEnabled()){if(!E||!U)return m.set.status=400,{success:!1,message:"Captcha is required"};let rn=await s.validate(E,U);if(!rn.valid)return m.set.status=400,{success:!1,message:rn.message||"Invalid captcha",attemptsRemaining:rn.attemptsRemaining}}let k=(await f.select().from(_).where(a_(_.email,l)).limit(1))[0],D=new URL(m.request.url),A=m.request.headers.get("cf-connecting-ip")?.trim()||m.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||m.request.headers.get("x-real-ip")?.trim()||"unknown",h=m.request.headers.get("user-agent")||"unknown";if(!k)return d.warn("[AUTH] Login failed - user not found",{email:l}),await d.audit({entityName:"users",operation:"LOGIN_FAILED",summary:`Login failed: user not found (${l})`,ipAddress:A,userAgent:h,path:D.pathname,query:D.search}),{success:!1,message:"Invalid email or password"};if(k.isLocked)return d.warn("[AUTH] Login failed - account locked",{email:l,userId:k.id}),await d.audit({entityName:"users",entityId:k.id,operation:"LOGIN_FAILED",userId:k.id,summary:`Login failed: account locked (${l})`,ipAddress:A,userAgent:h,path:D.pathname,query:D.search}),{success:!1,message:"Account is locked"};if(!await Ge(S,k.password)){let rn=(k.failedLoginAttempts||0)+1;return await f.update(_).set({failedLoginAttempts:rn,isLocked:rn>=5,lockedUntil:rn>=5?new Date(Date.now()+1800000):null}).where(a_(_.id,k.id)),d.warn("[AUTH] Login failed - invalid password",{email:l,failedAttempts:rn}),await d.audit({entityName:"users",entityId:k.id,operation:"LOGIN_FAILED",userId:k.id,summary:`Login failed: invalid password (${l}, attempt ${rn})`,ipAddress:A,userAgent:h,path:D.pathname,query:D.search}),{success:!1,message:"Invalid email or password"}}await f.update(_).set({failedLoginAttempts:0,lastLoginAt:new Date,loginCount:(k.loginCount||0)+1}).where(a_(_.id,k.id));let B={};m.request.headers.forEach((rn,hn)=>{B[hn]=rn}),d.info("[AUTH] Login request headers",{headers:B});let Y=m.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim(),X=(rn)=>!rn||rn==="127.0.0.1"||rn==="::1"||rn==="localhost"||rn.startsWith("10.")||rn.startsWith("192.168.")||rn.startsWith("172."),z=m.request.headers.get("cf-connecting-ip")?.trim()||m.request.headers.get("true-client-ip")?.trim()||(!X(Y)?Y:void 0)||m.request.headers.get("x-real-ip")?.trim()||m.request.headers.get("x-client-ip")?.trim()||Y||"127.0.0.1",J=m.request.headers.get("user-agent")||"Unknown Browser";d.info("[AUTH] Parsed device info",{ipAddress:z,userAgent:J});let G=Oe(J,z,W);try{if(!X(z)){let rn=await fetch(`http://ip-api.com/json/${z}?fields=country,city`);if(rn.ok){let hn=await rn.json();if(hn.country)G.locationCountry=hn.country;if(hn.city)G.locationCity=hn.city}}}catch{}let F=[],N=[],x=n.userRolesTable,y=n.rolesTable,O=n.roleClaimsTable,q=n.claimsTable;if(f&&x&&y)try{let{eq:rn,inArray:hn}=await import("drizzle-orm"),Tn=(await f.select().from(x).where(rn(x.userId,k.id))).map((Nr)=>Nr.roleId);if(Tn.length>0){if(F=(await f.select().from(y).where(hn(y.id,Tn))).map((Qr)=>Qr.name),O&&q){let Qr=await f.select().from(O).innerJoin(q,rn(O.claimId,q.id)).where(hn(O.roleId,Tn)),$r=new Set;for(let ar of Qr){let Ha=ar.claims?.action;if(Ha)$r.add(Ha)}N=Array.from($r)}}}catch{}let Z=t(k.id,F.length>0?F:void 0,N.length>0?N:void 0),nn=o(k.id),j=m.request.headers.get("origin")||m.request.headers.get("referer")?.replace(/\/[^/]*$/,"")||void 0,I={userId:k.id,deviceInfo:G,loginMethod:"password",rememberMe:$,requestOrigin:j},K=await c(I),tn=!1,wn=K;if(i){let rn=await i(K,I);if(rn?.requiresApproval){if(tn=!0,rn.sessionId)wn=rn.sessionId}}if(tn)return m.set.status=202,new Response(JSON.stringify({success:!1,requiresApproval:!0,sessionId:wn,message:"Login requires approval. Please check your email to approve this device."}),{status:202,headers:{"Content-Type":"application/json"}});d.info("[AUTH] Login successful",{userId:k.id,email:l,rememberMe:$}),await d.audit({entityName:"users",entityId:k.id,operation:"LOGIN",userId:k.id,summary:`${l} logged in successfully`,ipAddress:z,userAgent:J,path:D.pathname,query:D.search});let ln={accessToken:{setHeadersEnabled:e?.accessToken?.setHeadersEnabled??!0,returnJson:e?.accessToken?.returnJson??!0},refreshToken:{setHeadersEnabled:e?.refreshToken?.setHeadersEnabled??!0,returnJson:e?.refreshToken?.returnJson??!0},sessionToken:{setHeadersEnabled:e?.sessionToken?.setHeadersEnabled??!0,returnJson:e?.sessionToken?.returnJson??!0}},Qn=g.secure?"; Secure":"",qn=g.domain?`; Domain=${g.domain}`:"",gn=`; Path=${g.path}; HttpOnly; SameSite=${g.sameSite}${Qn}${qn}`,Gn=[];if(ln.accessToken.setHeadersEnabled)Gn.push(`${g.accessTokenName}=${Z}${gn}; Max-Age=${g.accessTokenMaxAge}`);if(ln.refreshToken.setHeadersEnabled)Gn.push(`${g.refreshTokenName}=${nn}${gn}; Max-Age=${g.refreshTokenMaxAge}`);if(ln.sessionToken.setHeadersEnabled)Gn.push(`${g.sessionTokenName}=${K}${gn}; Max-Age=${g.sessionTokenMaxAge}`);m.set.headers["x-session-id"]=K;let Un={user:{id:k.id,email:k.email}};if(ln.accessToken.returnJson)Un.accessToken=Z;if(ln.refreshToken.returnJson)Un.refreshToken=nn;if(ln.sessionToken.returnJson)Un.sessionId=K;let En=JSON.stringify({success:!0,data:Un}),Sn=new Headers;Sn.set("Content-Type","application/json"),Sn.set("x-session-id",K);for(let rn of Gn)Sn.append("Set-Cookie",rn);return new Response(En,{status:200,headers:Sn})},{body:c_,detail:{tags:["Authentication"],summary:"Login",description:"Authenticate user with email and password"}}),u}var e_=b(()=>{i_();Ne();i_()});function Zb(n){let r=n?.path||"/",t=n?.sameSite||"Strict",o=n?.secure!==!1?"; Secure":"",c=n?.domain?`; Domain=${n.domain}`:"",i=n?.accessTokenName||"access_token",a=n?.refreshTokenName||"refresh_token",e=n?.sessionTokenName||"session_token",s=`; Path=${r}; HttpOnly; SameSite=${t}${o}${c}; Max-Age=0`;return{"Set-Cookie":[`${i}=${s}`,`${a}=${s}`,`${e}=${s}`].join(", ")}}import{t as Pe}from"elysia";var wA;var Ib=b(()=>{wA=Pe.Object({success:Pe.Boolean(),message:Pe.Optional(Pe.String())})});import{Elysia as bA}from"elysia";function Ce(n,r,t,o,c){let{logger:i}=n,a=r.route||"/auth/logout",e=new bA;if(!r.enabled)return e;return e.post(a,async(s)=>{let f=s.request.headers.get("x-session-id"),d=s.request.headers.get("x-user-id");if(f){if(await t(f),o)await o(f,"user_logout")}let _=Zb(c);for(let[g,u]of Object.entries(_))s.set.headers[g]=u;i.info("[AUTH] Logout successful",{userId:d,sessionId:f});let w=new URL(s.request.url);return i.audit({entityName:"users",entityId:d||void 0,operation:"LOGOUT",userId:d||void 0,summary:`User logged out${f?` (session: ${f.substring(0,8)}...)`:""}`,ipAddress:s.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||s.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:s.request.headers.get("user-agent")||"unknown",path:w.pathname,query:w.search}),{success:!0,message:"Logged out successfully"}},{detail:{tags:["Authentication"],summary:"Logout",description:"Logout and invalidate session"}}),e}var s_=b(()=>{Ib()});var Yr={};ho(Yr,{IsUndefined:()=>_r,IsUint8Array:()=>so,IsSymbol:()=>u_,IsString:()=>Fn,IsRegExp:()=>na,IsObject:()=>On,IsNumber:()=>Tr,IsNull:()=>d_,IsIterator:()=>l_,IsFunction:()=>__,IsDate:()=>fc,IsBoolean:()=>eo,IsBigInt:()=>Ti,IsAsyncIterator:()=>f_,IsArray:()=>fr,HasPropertyKey:()=>Fe});function Fe(n,r){return r in n}function f_(n){return On(n)&&!fr(n)&&!so(n)&&Symbol.asyncIterator in n}function fr(n){return Array.isArray(n)}function Ti(n){return typeof n==="bigint"}function eo(n){return typeof n==="boolean"}function fc(n){return n instanceof globalThis.Date}function __(n){return typeof n==="function"}function l_(n){return On(n)&&!fr(n)&&!so(n)&&Symbol.iterator in n}function d_(n){return n===null}function Tr(n){return typeof n==="number"}function On(n){return typeof n==="object"&&n!==null}function na(n){return n instanceof globalThis.RegExp}function Fn(n){return typeof n==="string"}function u_(n){return typeof n==="symbol"}function so(n){return n instanceof globalThis.Uint8Array}function _r(n){return n===void 0}function gA(n){return n.map((r)=>je(r))}function mA(n){return new Date(n.getTime())}function $A(n){return new Uint8Array(n)}function hA(n){return new RegExp(n.source,n.flags)}function AA(n){let r={};for(let t of Object.getOwnPropertyNames(n))r[t]=je(n[t]);for(let t of Object.getOwnPropertySymbols(n))r[t]=je(n[t]);return r}function je(n){return fr(n)?gA(n):fc(n)?mA(n):so(n)?$A(n):na(n)?hA(n):On(n)?AA(n):n}function In(n){return je(n)}var Pr=()=>{};function ni(n,r){return r===void 0?In(n):In({...r,...n})}var qe=b(()=>{Pr()});var w_=b(()=>{qe();Pr()});function pb(n){return n!==null&&typeof n==="object"}function yb(n){return globalThis.Array.isArray(n)&&!globalThis.ArrayBuffer.isView(n)}function Tb(n){return n===void 0}function n1(n){return typeof n==="number"}var r1=()=>{};var Ke;var t1=b(()=>{r1();(function(n){n.InstanceMode="default",n.ExactOptionalPropertyTypes=!1,n.AllowArrayObject=!1,n.AllowNaN=!1,n.AllowNullVoid=!1;function r(a,e){return n.ExactOptionalPropertyTypes?e in a:a[e]!==void 0}n.IsExactOptionalProperty=r;function t(a){let e=pb(a);return n.AllowArrayObject?e:e&&!yb(a)}n.IsObjectLike=t;function o(a){return t(a)&&!(a instanceof Date)&&!(a instanceof Uint8Array)}n.IsRecordLike=o;function c(a){return n.AllowNaN?n1(a):Number.isFinite(a)}n.IsNumberLike=c;function i(a){let e=Tb(a);return n.AllowNullVoid?e||a===null:e}n.IsVoidLike=i})(Ke||(Ke={}))});function EA(n){return globalThis.Object.freeze(n).map((r)=>ra(r))}function SA(n){return n}function DA(n){return n}function kA(n){return n}function MA(n){let r={};for(let t of Object.getOwnPropertyNames(n))r[t]=ra(n[t]);for(let t of Object.getOwnPropertySymbols(n))r[t]=ra(n[t]);return globalThis.Object.freeze(r)}function ra(n){return fr(n)?EA(n):fc(n)?SA(n):so(n)?DA(n):na(n)?kA(n):On(n)?MA(n):n}var o1=()=>{};function L(n,r){let t=r!==void 0?{...r,...n}:n;switch(Ke.InstanceMode){case"freeze":return ra(t);case"clone":return In(t);default:return t}}var en=b(()=>{t1();o1();Pr()});var fo=b(()=>{en()});var Hr;var c1=b(()=>{Hr=class Hr extends Error{constructor(n){super(n)}}});var Ft=b(()=>{c1()});var ur,Rt,zr,lt,C;var ta=b(()=>{ur=Symbol.for("TypeBox.Transform"),Rt=Symbol.for("TypeBox.Readonly"),zr=Symbol.for("TypeBox.Optional"),lt=Symbol.for("TypeBox.Hint"),C=Symbol.for("TypeBox.Kind")});var fn=b(()=>{ta()});function ri(n){return On(n)&&n[Rt]==="Readonly"}function Cr(n){return On(n)&&n[zr]==="Optional"}function b_(n){return Dn(n,"Any")}function g_(n){return Dn(n,"Argument")}function Ht(n){return Dn(n,"Array")}function _c(n){return Dn(n,"AsyncIterator")}function lc(n){return Dn(n,"BigInt")}function _o(n){return Dn(n,"Boolean")}function zt(n){return Dn(n,"Computed")}function Bt(n){return Dn(n,"Constructor")}function RA(n){return Dn(n,"Date")}function Ut(n){return Dn(n,"Function")}function Wt(n){return Dn(n,"Integer")}function rr(n){return Dn(n,"Intersect")}function dc(n){return Dn(n,"Iterator")}function Dn(n,r){return On(n)&&C in n&&n[C]===r}function ve(n){return eo(n)||Tr(n)||Fn(n)}function nt(n){return Dn(n,"Literal")}function rt(n){return Dn(n,"MappedKey")}function pn(n){return Dn(n,"MappedResult")}function Lo(n){return Dn(n,"Never")}function HA(n){return Dn(n,"Not")}function oa(n){return Dn(n,"Null")}function Vt(n){return Dn(n,"Number")}function lr(n){return Dn(n,"Object")}function uc(n){return Dn(n,"Promise")}function wc(n){return Dn(n,"Record")}function ir(n){return Dn(n,"Ref")}function m_(n){return Dn(n,"RegExp")}function lo(n){return Dn(n,"String")}function ca(n){return Dn(n,"Symbol")}function tt(n){return Dn(n,"TemplateLiteral")}function zA(n){return Dn(n,"This")}function Qo(n){return On(n)&&ur in n}function ot(n){return Dn(n,"Tuple")}function ia(n){return Dn(n,"Undefined")}function kn(n){return Dn(n,"Union")}function BA(n){return Dn(n,"Uint8Array")}function UA(n){return Dn(n,"Unknown")}function WA(n){return Dn(n,"Unsafe")}function VA(n){return Dn(n,"Void")}function YA(n){return On(n)&&C in n&&Fn(n[C])}function ct(n){return b_(n)||g_(n)||Ht(n)||_o(n)||lc(n)||_c(n)||zt(n)||Bt(n)||RA(n)||Ut(n)||Wt(n)||rr(n)||dc(n)||nt(n)||rt(n)||pn(n)||Lo(n)||HA(n)||oa(n)||Vt(n)||lr(n)||uc(n)||wc(n)||ir(n)||m_(n)||lo(n)||ca(n)||tt(n)||zA(n)||ot(n)||ia(n)||kn(n)||BA(n)||UA(n)||WA(n)||VA(n)||YA(n)}var zn=b(()=>{fn()});var M={};ho(M,{TypeGuardUnknownTypeError:()=>i1,IsVoid:()=>q1,IsUnsafe:()=>j1,IsUnknown:()=>F1,IsUnionLiteral:()=>PA,IsUnion:()=>A_,IsUndefined:()=>P1,IsUint8Array:()=>C1,IsTuple:()=>x1,IsTransform:()=>N1,IsThis:()=>O1,IsTemplateLiteral:()=>G1,IsSymbol:()=>Q1,IsString:()=>L1,IsSchema:()=>kr,IsRegExp:()=>X1,IsRef:()=>J1,IsRecursive:()=>xA,IsRecord:()=>Y1,IsReadonly:()=>QA,IsProperties:()=>Ze,IsPromise:()=>V1,IsOptional:()=>GA,IsObject:()=>W1,IsNumber:()=>U1,IsNull:()=>B1,IsNot:()=>z1,IsNever:()=>H1,IsMappedResult:()=>R1,IsMappedKey:()=>M1,IsLiteralValue:()=>k1,IsLiteralString:()=>S1,IsLiteralNumber:()=>D1,IsLiteralBoolean:()=>NA,IsLiteral:()=>ea,IsKindOf:()=>$n,IsKind:()=>K1,IsIterator:()=>E1,IsIntersect:()=>A1,IsInteger:()=>h1,IsImport:()=>OA,IsFunction:()=>$1,IsDate:()=>m1,IsConstructor:()=>g1,IsComputed:()=>b1,IsBoolean:()=>w1,IsBigInt:()=>u1,IsAsyncIterator:()=>d1,IsArray:()=>l1,IsArgument:()=>_1,IsAny:()=>f1});function a1(n){try{return new RegExp(n),!0}catch{return!1}}function $_(n){if(!Fn(n))return!1;for(let r=0;r<n.length;r++){let t=n.charCodeAt(r);if(t>=7&&t<=13||t===27||t===127)return!1}return!0}function e1(n){return h_(n)||kr(n)}function aa(n){return _r(n)||Ti(n)}function jn(n){return _r(n)||Tr(n)}function h_(n){return _r(n)||eo(n)}function Nn(n){return _r(n)||Fn(n)}function XA(n){return _r(n)||Fn(n)&&$_(n)&&a1(n)}function LA(n){return _r(n)||Fn(n)&&$_(n)}function s1(n){return _r(n)||kr(n)}function QA(n){return On(n)&&n[Rt]==="Readonly"}function GA(n){return On(n)&&n[zr]==="Optional"}function f1(n){return $n(n,"Any")&&Nn(n.$id)}function _1(n){return $n(n,"Argument")&&Tr(n.index)}function l1(n){return $n(n,"Array")&&n.type==="array"&&Nn(n.$id)&&kr(n.items)&&jn(n.minItems)&&jn(n.maxItems)&&h_(n.uniqueItems)&&s1(n.contains)&&jn(n.minContains)&&jn(n.maxContains)}function d1(n){return $n(n,"AsyncIterator")&&n.type==="AsyncIterator"&&Nn(n.$id)&&kr(n.items)}function u1(n){return $n(n,"BigInt")&&n.type==="bigint"&&Nn(n.$id)&&aa(n.exclusiveMaximum)&&aa(n.exclusiveMinimum)&&aa(n.maximum)&&aa(n.minimum)&&aa(n.multipleOf)}function w1(n){return $n(n,"Boolean")&&n.type==="boolean"&&Nn(n.$id)}function b1(n){return $n(n,"Computed")&&Fn(n.target)&&fr(n.parameters)&&n.parameters.every((r)=>kr(r))}function g1(n){return $n(n,"Constructor")&&n.type==="Constructor"&&Nn(n.$id)&&fr(n.parameters)&&n.parameters.every((r)=>kr(r))&&kr(n.returns)}function m1(n){return $n(n,"Date")&&n.type==="Date"&&Nn(n.$id)&&jn(n.exclusiveMaximumTimestamp)&&jn(n.exclusiveMinimumTimestamp)&&jn(n.maximumTimestamp)&&jn(n.minimumTimestamp)&&jn(n.multipleOfTimestamp)}function $1(n){return $n(n,"Function")&&n.type==="Function"&&Nn(n.$id)&&fr(n.parameters)&&n.parameters.every((r)=>kr(r))&&kr(n.returns)}function OA(n){return $n(n,"Import")&&Fe(n,"$defs")&&On(n.$defs)&&Ze(n.$defs)&&Fe(n,"$ref")&&Fn(n.$ref)&&n.$ref in n.$defs}function h1(n){return $n(n,"Integer")&&n.type==="integer"&&Nn(n.$id)&&jn(n.exclusiveMaximum)&&jn(n.exclusiveMinimum)&&jn(n.maximum)&&jn(n.minimum)&&jn(n.multipleOf)}function Ze(n){return On(n)&&Object.entries(n).every(([r,t])=>$_(r)&&kr(t))}function A1(n){return $n(n,"Intersect")&&(Fn(n.type)&&n.type!=="object"?!1:!0)&&fr(n.allOf)&&n.allOf.every((r)=>kr(r)&&!N1(r))&&Nn(n.type)&&(h_(n.unevaluatedProperties)||s1(n.unevaluatedProperties))&&Nn(n.$id)}function E1(n){return $n(n,"Iterator")&&n.type==="Iterator"&&Nn(n.$id)&&kr(n.items)}function $n(n,r){return On(n)&&C in n&&n[C]===r}function S1(n){return ea(n)&&Fn(n.const)}function D1(n){return ea(n)&&Tr(n.const)}function NA(n){return ea(n)&&eo(n.const)}function ea(n){return $n(n,"Literal")&&Nn(n.$id)&&k1(n.const)}function k1(n){return eo(n)||Tr(n)||Fn(n)}function M1(n){return $n(n,"MappedKey")&&fr(n.keys)&&n.keys.every((r)=>Tr(r)||Fn(r))}function R1(n){return $n(n,"MappedResult")&&Ze(n.properties)}function H1(n){return $n(n,"Never")&&On(n.not)&&Object.getOwnPropertyNames(n.not).length===0}function z1(n){return $n(n,"Not")&&kr(n.not)}function B1(n){return $n(n,"Null")&&n.type==="null"&&Nn(n.$id)}function U1(n){return $n(n,"Number")&&n.type==="number"&&Nn(n.$id)&&jn(n.exclusiveMaximum)&&jn(n.exclusiveMinimum)&&jn(n.maximum)&&jn(n.minimum)&&jn(n.multipleOf)}function W1(n){return $n(n,"Object")&&n.type==="object"&&Nn(n.$id)&&Ze(n.properties)&&e1(n.additionalProperties)&&jn(n.minProperties)&&jn(n.maxProperties)}function V1(n){return $n(n,"Promise")&&n.type==="Promise"&&Nn(n.$id)&&kr(n.item)}function Y1(n){return $n(n,"Record")&&n.type==="object"&&Nn(n.$id)&&e1(n.additionalProperties)&&On(n.patternProperties)&&((r)=>{let t=Object.getOwnPropertyNames(r.patternProperties);return t.length===1&&a1(t[0])&&On(r.patternProperties)&&kr(r.patternProperties[t[0]])})(n)}function xA(n){return On(n)&&lt in n&&n[lt]==="Recursive"}function J1(n){return $n(n,"Ref")&&Nn(n.$id)&&Fn(n.$ref)}function X1(n){return $n(n,"RegExp")&&Nn(n.$id)&&Fn(n.source)&&Fn(n.flags)&&jn(n.maxLength)&&jn(n.minLength)}function L1(n){return $n(n,"String")&&n.type==="string"&&Nn(n.$id)&&jn(n.minLength)&&jn(n.maxLength)&&XA(n.pattern)&&LA(n.format)}function Q1(n){return $n(n,"Symbol")&&n.type==="symbol"&&Nn(n.$id)}function G1(n){return $n(n,"TemplateLiteral")&&n.type==="string"&&Fn(n.pattern)&&n.pattern[0]==="^"&&n.pattern[n.pattern.length-1]==="$"}function O1(n){return $n(n,"This")&&Nn(n.$id)&&Fn(n.$ref)}function N1(n){return On(n)&&ur in n}function x1(n){return $n(n,"Tuple")&&n.type==="array"&&Nn(n.$id)&&Tr(n.minItems)&&Tr(n.maxItems)&&n.minItems===n.maxItems&&(_r(n.items)&&_r(n.additionalItems)&&n.minItems===0||fr(n.items)&&n.items.every((r)=>kr(r)))}function P1(n){return $n(n,"Undefined")&&n.type==="undefined"&&Nn(n.$id)}function PA(n){return A_(n)&&n.anyOf.every((r)=>S1(r)||D1(r))}function A_(n){return $n(n,"Union")&&Nn(n.$id)&&On(n)&&fr(n.anyOf)&&n.anyOf.every((r)=>kr(r))}function C1(n){return $n(n,"Uint8Array")&&n.type==="Uint8Array"&&Nn(n.$id)&&jn(n.minByteLength)&&jn(n.maxByteLength)}function F1(n){return $n(n,"Unknown")&&Nn(n.$id)}function j1(n){return $n(n,"Unsafe")}function q1(n){return $n(n,"Void")&&n.type==="void"&&Nn(n.$id)}function K1(n){return On(n)&&C in n&&Fn(n[C])&&!JA.includes(n[C])}function kr(n){return On(n)&&(f1(n)||_1(n)||l1(n)||w1(n)||u1(n)||d1(n)||b1(n)||g1(n)||m1(n)||$1(n)||h1(n)||A1(n)||E1(n)||ea(n)||M1(n)||R1(n)||H1(n)||z1(n)||B1(n)||U1(n)||W1(n)||V1(n)||Y1(n)||J1(n)||X1(n)||L1(n)||Q1(n)||G1(n)||O1(n)||x1(n)||P1(n)||A_(n)||C1(n)||F1(n)||j1(n)||q1(n)||K1(n))}var i1,JA;var v1=b(()=>{fn();Ft();i1=class i1 extends Hr{};JA=["Argument","Any","Array","AsyncIterator","BigInt","Boolean","Computed","Constructor","Date","Enum","Function","Integer","Intersect","Iterator","Literal","MappedKey","MappedResult","Not","Null","Number","Object","Promise","Record","Ref","RegExp","String","Symbol","TemplateLiteral","This","Tuple","Undefined","Union","Uint8Array","Unknown","Void"]});var E_=b(()=>{zn();v1()});var Z1=()=>{};var I1="(true|false)",Ie="(0|[1-9][0-9]*)",p1="(.*)",Go="^(0|[1-9][0-9]*)$",Oo="^(.*)$",y1="^(?!.*)$";var sa=()=>{};var T1=()=>{};var ng=()=>{};var rg=b(()=>{T1();ng()});function tg(n,r){return n.includes(r)}function og(n){return[...new Set(n)]}function jA(n,r){return n.filter((t)=>r.includes(t))}function qA(n,r){return n.reduce((t,o)=>{return jA(t,o)},r)}function cg(n){return n.length===1?n[0]:n.length>1?qA(n.slice(1),n[0]):[]}function ig(n){let r=[];for(let t of n)r.push(...t);return r}var fa=()=>{};function No(n){return L({[C]:"Any"},n)}var ag=b(()=>{fo();fn()});var _a=b(()=>{ag()});function ti(n,r){return L({[C]:"Array",type:"array",items:n},r)}var eg=b(()=>{en();fn()});var la=b(()=>{eg()});function sg(n){return L({[C]:"Argument",index:n})}var fg=b(()=>{en();fn()});var S_=b(()=>{fg()});function oi(n,r){return L({[C]:"AsyncIterator",type:"AsyncIterator",items:n},r)}var _g=b(()=>{fn();en()});var da=b(()=>{_g()});function vn(n,r,t){return L({[C]:"Computed",target:n,parameters:r},t)}var lg=b(()=>{fo();ta()});var xo=b(()=>{lg()});function KA(n,r){let{[r]:t,...o}=n;return o}function tr(n,r){return r.reduce((t,o)=>KA(t,o),n)}var wo=()=>{};function Mn(n){return L({[C]:"Never",not:{}},n)}var dg=b(()=>{en();fn()});var Br=b(()=>{dg()});var ug=()=>{};function Bn(n){return L({[C]:"MappedResult",properties:n})}var D_=b(()=>{en();fn()});function ci(n,r,t){return L({[C]:"Constructor",type:"Constructor",parameters:n,returns:r},t)}var wg=b(()=>{en();fn()});var ua=b(()=>{wg()});function jt(n,r,t){return L({[C]:"Function",type:"Function",parameters:n,returns:r},t)}var bg=b(()=>{en();fn()});var bc=b(()=>{bg()});function wa(n,r){return L({[C]:"Union",anyOf:n},r)}var k_=b(()=>{en();fn()});function vA(n){return n.some((r)=>Cr(r))}function gg(n){return n.map((r)=>Cr(r)?ZA(r):r)}function ZA(n){return tr(n,[zr])}function IA(n,r){return vA(n)?Jr(wa(gg(n),r)):wa(gg(n),r)}function qt(n,r){return n.length===1?L(n[0],r):n.length===0?Mn(r):IA(n,r)}var mg=b(()=>{en();fn();wo();Br();bo();k_();zn()});var $g=()=>{};function Jn(n,r){return n.length===0?Mn(r):n.length===1?L(n[0],r):wa(n,r)}var hg=b(()=>{Br();en();k_()});var wr=b(()=>{mg();$g();hg()});function pA(n){return n.replace(/\\\$/g,"$").replace(/\\\*/g,"*").replace(/\\\^/g,"^").replace(/\\\|/g,"|").replace(/\\\(/g,"(").replace(/\\\)/g,")")}function R_(n,r,t){return n[r]===t&&n.charCodeAt(r-1)!==92}function go(n,r){return R_(n,r,"(")}function ba(n,r){return R_(n,r,")")}function Ag(n,r){return R_(n,r,"|")}function yA(n){if(!(go(n,0)&&ba(n,n.length-1)))return!1;let r=0;for(let t=0;t<n.length;t++){if(go(n,t))r+=1;if(ba(n,t))r-=1;if(r===0&&t!==n.length-1)return!1}return!0}function TA(n){return n.slice(1,n.length-1)}function nE(n){let r=0;for(let t=0;t<n.length;t++){if(go(n,t))r+=1;if(ba(n,t))r-=1;if(Ag(n,t)&&r===0)return!0}return!1}function rE(n){for(let r=0;r<n.length;r++)if(go(n,r))return!0;return!1}function tE(n){let[r,t]=[0,0],o=[];for(let i=0;i<n.length;i++){if(go(n,i))r+=1;if(ba(n,i))r-=1;if(Ag(n,i)&&r===0){let a=n.slice(t,i);if(a.length>0)o.push(ii(a));t=i+1}}let c=n.slice(t);if(c.length>0)o.push(ii(c));if(o.length===0)return{type:"const",const:""};if(o.length===1)return o[0];return{type:"or",expr:o}}function oE(n){function r(c,i){if(!go(c,i))throw new M_("TemplateLiteralParser: Index must point to open parens");let a=0;for(let e=i;e<c.length;e++){if(go(c,e))a+=1;if(ba(c,e))a-=1;if(a===0)return[i,e]}throw new M_("TemplateLiteralParser: Unclosed group parens in expression")}function t(c,i){for(let a=i;a<c.length;a++)if(go(c,a))return[i,a];return[i,c.length]}let o=[];for(let c=0;c<n.length;c++)if(go(n,c)){let[i,a]=r(n,c),e=n.slice(i,a+1);o.push(ii(e)),c=a}else{let[i,a]=t(n,c),e=n.slice(i,a);if(e.length>0)o.push(ii(e));c=a-1}return o.length===0?{type:"const",const:""}:o.length===1?o[0]:{type:"and",expr:o}}function ii(n){return yA(n)?ii(TA(n)):nE(n)?tE(n):rE(n)?oE(n):{type:"const",const:pA(n)}}function ai(n){return ii(n.slice(1,n.length-1))}var M_;var pe=b(()=>{Ft();M_=class M_ extends Hr{}});function cE(n){return n.type==="or"&&n.expr.length===2&&n.expr[0].type==="const"&&n.expr[0].const==="0"&&n.expr[1].type==="const"&&n.expr[1].const==="[1-9][0-9]*"}function iE(n){return n.type==="or"&&n.expr.length===2&&n.expr[0].type==="const"&&n.expr[0].const==="true"&&n.expr[1].type==="const"&&n.expr[1].const==="false"}function aE(n){return n.type==="const"&&n.const===".*"}function gc(n){return cE(n)||aE(n)?!1:iE(n)?!0:n.type==="and"?n.expr.every((r)=>gc(r)):n.type==="or"?n.expr.every((r)=>gc(r)):n.type==="const"?!0:(()=>{throw new Eg("Unknown expression type")})()}function Sg(n){let r=ai(n.pattern);return gc(r)}var Eg;var H_=b(()=>{pe();Ft();Eg=class Eg extends Hr{}});function*kg(n){if(n.length===1)return yield*n[0];for(let r of n[0])for(let t of kg(n.slice(1)))yield`${r}${t}`}function*eE(n){return yield*kg(n.expr.map((r)=>[...ga(r)]))}function*sE(n){for(let r of n.expr)yield*ga(r)}function*fE(n){return yield n.const}function*ga(n){return n.type==="and"?yield*eE(n):n.type==="or"?yield*sE(n):n.type==="const"?yield*fE(n):(()=>{throw new Dg("Unknown expression")})()}function ye(n){let r=ai(n.pattern);return gc(r)?[...ga(r)]:[]}var Dg;var z_=b(()=>{H_();pe();Ft();Dg=class Dg extends Hr{}});function Wn(n,r){return L({[C]:"Literal",const:n,type:typeof n},r)}var Mg=b(()=>{en();fn()});var Fr=b(()=>{Mg()});function Te(n){return L({[C]:"Boolean",type:"boolean"},n)}var Rg=b(()=>{fn();fo()});var n0=b(()=>{Rg()});function ei(n){return L({[C]:"BigInt",type:"bigint"},n)}var Hg=b(()=>{fn();fo()});var ma=b(()=>{Hg()});function dt(n){return L({[C]:"Number",type:"number"},n)}var zg=b(()=>{en();fn()});var mc=b(()=>{zg()});function Yt(n){return L({[C]:"String",type:"string"},n)}var Bg=b(()=>{en();fn()});var si=b(()=>{Bg()});function*_E(n){let r=n.trim().replace(/"|'/g,"");return r==="boolean"?yield Te():r==="number"?yield dt():r==="bigint"?yield ei():r==="string"?yield Yt():yield(()=>{let t=r.split("|").map((o)=>Wn(o.trim()));return t.length===0?Mn():t.length===1?t[0]:qt(t)})()}function*lE(n){if(n[1]!=="{"){let r=Wn("$"),t=B_(n.slice(1));return yield*[r,...t]}for(let r=2;r<n.length;r++)if(n[r]==="}"){let t=_E(n.slice(2,r)),o=B_(n.slice(r+1));return yield*[...t,...o]}yield Wn(n)}function*B_(n){for(let r=0;r<n.length;r++)if(n[r]==="$"){let t=Wn(n.slice(0,r)),o=lE(n.slice(r));return yield*[t,...o]}yield Wn(n)}function Ug(n){return[...B_(n)]}var U_=b(()=>{Fr();n0();ma();mc();si();wr();Br()});function dE(n){return n.replace(/[.*+?^${}()|[\]\\]/g,"\\$&")}function Vg(n,r){return tt(n)?n.pattern.slice(1,n.pattern.length-1):kn(n)?`(${n.anyOf.map((t)=>Vg(t,r)).join("|")})`:Vt(n)?`${r}${Ie}`:Wt(n)?`${r}${Ie}`:lc(n)?`${r}${Ie}`:lo(n)?`${r}${p1}`:nt(n)?`${r}${dE(n.const.toString())}`:_o(n)?`${r}${I1}`:(()=>{throw new Wg(`Unexpected Kind '${n[C]}'`)})()}function W_(n){return`^${n.map((r)=>Vg(r,"")).join("")}$`}var Wg;var V_=b(()=>{sa();fn();Ft();zn();Wg=class Wg extends Hr{}});function $c(n){let t=ye(n).map((o)=>Wn(o));return qt(t)}var Yg=b(()=>{wr();Fr();z_()});function r0(n,r){let t=Fn(n)?W_(Ug(n)):W_(n);return L({[C]:"TemplateLiteral",type:"string",pattern:t},r)}var Jg=b(()=>{en();U_();V_();fn()});var mo=b(()=>{H_();z_();U_();pe();V_();Yg();Jg()});function uE(n){return ye(n).map((t)=>t.toString())}function wE(n){let r=[];for(let t of n)r.push(...jr(t));return r}function bE(n){return[n.toString()]}function jr(n){return[...new Set(tt(n)?uE(n):kn(n)?wE(n.anyOf):nt(n)?bE(n.const):Vt(n)?["[number]"]:Wt(n)?["[number]"]:[])]}var t0=b(()=>{mo();zn()});function gE(n,r,t){let o={};for(let c of Object.getOwnPropertyNames(r))o[c]=Po(n,jr(r[c]),t);return o}function mE(n,r,t){return gE(n,r.properties,t)}function Xg(n,r,t){let o=mE(n,r,t);return Bn(o)}var Y_=b(()=>{Er();t0();Kt()});function Qg(n,r){return n.map((t)=>Gg(t,r))}function $E(n){return n.filter((r)=>!Lo(r))}function hE(n,r){return o0($E(Qg(n,r)))}function AE(n){return n.some((r)=>Lo(r))?[]:n}function EE(n,r){return qt(AE(Qg(n,r)))}function SE(n,r){return r in n?n[r]:r==="[number]"?qt(n):Mn()}function DE(n,r){return r==="[number]"?n:Mn()}function kE(n,r){return r in n?n[r]:Mn()}function Gg(n,r){return rr(n)?hE(n.allOf,r):kn(n)?EE(n.anyOf,r):ot(n)?SE(n.items??[],r):Ht(n)?DE(n.items,r):lr(n)?kE(n.properties,r):Mn()}function J_(n,r){return r.map((t)=>Gg(n,t))}function Lg(n,r){return qt(J_(n,r))}function Po(n,r,t){if(ir(n)||ir(r)){if(!ct(n)||!ct(r))throw new Hr("Index types using Ref parameters require both Type and Key to be of TSchema");return vn("Index",[n,r])}if(pn(r))return Xg(n,r,t);if(rt(r))return Og(n,r,t);return L(ct(r)?Lg(n,jr(r)):Lg(n,r),t)}var X_=b(()=>{en();Ft();xo();Br();ut();wr();t0();L_();Y_();zn()});function ME(n,r,t){return{[r]:Po(n,[r],In(t))}}function RE(n,r,t){return r.reduce((o,c)=>{return{...o,...ME(n,c,t)}},{})}function HE(n,r,t){return RE(n,r.keys,t)}function Og(n,r,t){let o=HE(n,r,t);return Bn(o)}var L_=b(()=>{X_();Er();Pr()});var Kt=b(()=>{L_();Y_();t0();X_()});function fi(n,r){return L({[C]:"Iterator",type:"Iterator",items:n},r)}var Ng=b(()=>{en();fn()});var $a=b(()=>{Ng()});function zE(n){return globalThis.Object.keys(n).filter((r)=>!Cr(n[r]))}function BE(n,r){let t=zE(n),o=t.length>0?{[C]:"Object",type:"object",required:t,properties:n}:{[C]:"Object",type:"object",properties:n};return L(o,r)}var xn;var xg=b(()=>{en();fn();zn();xn=BE});var it=b(()=>{xg()});function c0(n,r){return L({[C]:"Promise",type:"Promise",item:n},r)}var Pg=b(()=>{en();fn()});var i0=b(()=>{Pg()});function UE(n){return L(tr(n,[Rt]))}function WE(n){return L({...n,[Rt]:"Readonly"})}function VE(n,r){return r===!1?UE(n):WE(n)}function qr(n,r){let t=r??!0;return pn(n)?Cg(n,t):VE(n,t)}var Q_=b(()=>{en();fn();wo();G_();zn()});function YE(n,r){let t={};for(let o of globalThis.Object.getOwnPropertyNames(n))t[o]=qr(n[o],r);return t}function JE(n,r){return YE(n.properties,r)}function Cg(n,r){let t=JE(n,r);return Bn(t)}var G_=b(()=>{Er();Q_()});var hc=b(()=>{G_();Q_()});function wt(n,r){return L(n.length>0?{[C]:"Tuple",type:"array",items:n,additionalItems:!1,minItems:n.length,maxItems:n.length}:{[C]:"Tuple",type:"array",minItems:n.length,maxItems:n.length},r)}var Fg=b(()=>{en();fn()});var Co=b(()=>{Fg()});function jg(n,r){return n in r?bt(n,r[n]):Bn(r)}function XE(n){return{[n]:Wn(n)}}function LE(n){let r={};for(let t of n)r[t]=Wn(t);return r}function QE(n,r){return tg(r,n)?XE(n):LE(r)}function GE(n,r){let t=QE(n,r);return jg(n,t)}function ha(n,r){return r.map((t)=>bt(n,t))}function OE(n,r){let t={};for(let o of globalThis.Object.getOwnPropertyNames(r))t[o]=bt(n,r[o]);return t}function bt(n,r){let t={...r};return Cr(r)?Jr(bt(n,tr(r,[zr]))):ri(r)?qr(bt(n,tr(r,[Rt]))):pn(r)?jg(n,r.properties):rt(r)?GE(n,r.keys):Bt(r)?ci(ha(n,r.parameters),bt(n,r.returns),t):Ut(r)?jt(ha(n,r.parameters),bt(n,r.returns),t):_c(r)?oi(bt(n,r.items),t):dc(r)?fi(bt(n,r.items),t):rr(r)?Xr(ha(n,r.allOf),t):kn(r)?Jn(ha(n,r.anyOf),t):ot(r)?wt(ha(n,r.items??[]),t):lr(r)?xn(OE(n,r.properties),t):Ht(r)?ti(bt(n,r.items),t):uc(r)?c0(bt(n,r.item),t):r}function NE(n,r){let t={};for(let o of n)t[o]=bt(o,r);return t}function qg(n,r,t){let o=ct(n)?jr(n):n,c=r({[C]:"MappedKey",keys:o}),i=NE(o,c);return xn(i,t)}var Kg=b(()=>{fn();wo();la();da();ua();bc();Kt();ut();$a();Fr();it();bo();i0();hc();Co();wr();fa();D_();zn()});var Er=b(()=>{ug();D_();Kg()});function xE(n){return L(tr(n,[zr]))}function PE(n){return L({...n,[zr]:"Optional"})}function CE(n,r){return r===!1?xE(n):PE(n)}function Jr(n,r){let t=r??!0;return pn(n)?vg(n,t):CE(n,t)}var O_=b(()=>{en();fn();wo();N_();zn()});function FE(n,r){let t={};for(let o of globalThis.Object.getOwnPropertyNames(n))t[o]=Jr(n[o],r);return t}function jE(n,r){return FE(n.properties,r)}function vg(n,r){let t=jE(n,r);return Bn(t)}var N_=b(()=>{Er();O_()});var bo=b(()=>{N_();O_()});function Aa(n,r={}){let t=n.every((c)=>lr(c)),o=ct(r.unevaluatedProperties)?{unevaluatedProperties:r.unevaluatedProperties}:{};return L(r.unevaluatedProperties===!1||ct(r.unevaluatedProperties)||t?{...o,[C]:"Intersect",type:"object",allOf:n}:{...o,[C]:"Intersect",allOf:n},r)}var x_=b(()=>{en();fn();zn()});function qE(n){return n.every((r)=>Cr(r))}function KE(n){return tr(n,[zr])}function Zg(n){return n.map((r)=>Cr(r)?KE(r):r)}function vE(n,r){return qE(n)?Jr(Aa(Zg(n),r)):Aa(Zg(n),r)}function o0(n,r={}){if(n.length===1)return L(n[0],r);if(n.length===0)return Mn(r);if(n.some((t)=>Qo(t)))throw Error("Cannot intersect transform types");return vE(n,r)}var Ig=b(()=>{fn();en();wo();Br();bo();x_();zn()});var pg=()=>{};function Xr(n,r){if(n.length===1)return L(n[0],r);if(n.length===0)return Mn(r);if(n.some((t)=>Qo(t)))throw Error("Cannot intersect transform types");return Aa(n,r)}var yg=b(()=>{en();Br();x_();zn()});var ut=b(()=>{Ig();pg();yg()});function vt(...n){let[r,t]=typeof n[0]==="string"?[n[0],n[1]]:[n[0].$id,n[1]];if(typeof r!=="string")throw new Hr("Ref: $ref must be a string");return L({[C]:"Ref",$ref:r},t)}var Tg=b(()=>{Ft();en();fn()});var Ac=b(()=>{Tg()});function ZE(n,r){return vn("Awaited",[vn(n,r)])}function IE(n){return vn("Awaited",[vt(n)])}function pE(n){return Xr(nm(n))}function yE(n){return Jn(nm(n))}function TE(n){return _i(n)}function nm(n){return n.map((r)=>_i(r))}function _i(n,r){return L(zt(n)?ZE(n.target,n.parameters):rr(n)?pE(n.allOf):kn(n)?yE(n.anyOf):uc(n)?TE(n.item):ir(n)?IE(n.$ref):n,r)}var rm=b(()=>{en();xo();ut();wr();Ac();zn()});var a0=b(()=>{rm()});function tm(n){let r=[];for(let t of n)r.push(Ea(t));return r}function n4(n){let r=tm(n);return ig(r)}function r4(n){let r=tm(n);return cg(r)}function t4(n){return n.map((r,t)=>t.toString())}function o4(n){return["[number]"]}function c4(n){return globalThis.Object.getOwnPropertyNames(n)}function i4(n){if(!a4)return[];return globalThis.Object.getOwnPropertyNames(n).map((t)=>{return t[0]==="^"&&t[t.length-1]==="$"?t.slice(1,t.length-1):t})}function Ea(n){return rr(n)?n4(n.allOf):kn(n)?r4(n.anyOf):ot(n)?t4(n.items??[]):Ht(n)?o4(n.items):lr(n)?c4(n.properties):wc(n)?i4(n.patternProperties):[]}var a4=!1;var P_=b(()=>{fa();zn()});function e4(n,r){return vn("KeyOf",[vn(n,r)])}function s4(n){return vn("KeyOf",[vt(n)])}function f4(n,r){let t=Ea(n),o=_4(t),c=qt(o);return L(c,r)}function _4(n){return n.map((r)=>r==="[number]"?dt():Wn(r))}function li(n,r){return zt(n)?e4(n.target,n.parameters):ir(n)?s4(n.$ref):pn(n)?om(n,r):f4(n,r)}var C_=b(()=>{en();Fr();mc();xo();Ac();P_();wr();F_();zn()});function l4(n,r){let t={};for(let o of globalThis.Object.getOwnPropertyNames(n))t[o]=li(n[o],In(r));return t}function d4(n,r){return l4(n.properties,r)}function om(n,r){let t=d4(n,r);return Bn(t)}var F_=b(()=>{Er();C_();Pr()});var cm=()=>{};var Sa=b(()=>{F_();cm();P_();C_()});function u4(n){let r=[];for(let t of n)r.push(...Ea(t));return og(r)}function w4(n){return n.filter((r)=>!Lo(r))}function b4(n,r){let t=[];for(let o of n)t.push(...J_(o,[r]));return w4(t)}function g4(n,r){let t={};for(let o of r)t[o]=o0(b4(n,o));return t}function im(n,r){let t=u4(n),o=g4(n,t);return xn(o,r)}var am=b(()=>{ut();Kt();Sa();it();fa();zn()});var j_=b(()=>{am()});function e0(n){return L({[C]:"Date",type:"Date"},n)}var em=b(()=>{fn();en()});var s0=b(()=>{em()});function f0(n){return L({[C]:"Null",type:"null"},n)}var sm=b(()=>{en();fn()});var _0=b(()=>{sm()});function l0(n){return L({[C]:"Symbol",type:"symbol"},n)}var fm=b(()=>{en();fn()});var d0=b(()=>{fm()});function u0(n){return L({[C]:"Undefined",type:"undefined"},n)}var _m=b(()=>{en();fn()});var w0=b(()=>{_m()});function b0(n){return L({[C]:"Uint8Array",type:"Uint8Array"},n)}var lm=b(()=>{en();fn()});var g0=b(()=>{lm()});function Fo(n){return L({[C]:"Unknown"},n)}var dm=b(()=>{en();fn()});var di=b(()=>{dm()});function m4(n){return n.map((r)=>q_(r,!1))}function $4(n){let r={};for(let t of globalThis.Object.getOwnPropertyNames(n))r[t]=qr(q_(n[t],!1));return r}function m0(n,r){return r===!0?n:qr(n)}function q_(n,r){return f_(n)?m0(No(),r):l_(n)?m0(No(),r):fr(n)?qr(wt(m4(n))):so(n)?b0():fc(n)?e0():On(n)?m0(xn($4(n)),r):__(n)?m0(jt([],Fo()),r):_r(n)?u0():d_(n)?f0():u_(n)?l0():Ti(n)?ei():Tr(n)?Wn(n):eo(n)?Wn(n):Fn(n)?Wn(n):xn({})}function um(n,r){return L(q_(n,!0),r)}var wm=b(()=>{_a();ma();s0();bc();Fr();_0();it();d0();Co();hc();w0();g0();di();fo()});var K_=b(()=>{wm()});function bm(n,r){return Bt(n)?wt(n.parameters,r):Mn(r)}var gm=b(()=>{Co();Br();zn()});var v_=b(()=>{gm()});function mm(n,r){if(_r(n))throw Error("Enum undefined or empty");let t=globalThis.Object.getOwnPropertyNames(n).filter((i)=>isNaN(i)).map((i)=>n[i]),c=[...new Set(t)].map((i)=>Wn(i));return Jn(c,{...r,[lt]:"Enum"})}var $m=b(()=>{Fr();fn();wr()});var Z_=b(()=>{$m()});function gt(n){return n===Q.False?n:Q.True}function ui(n){throw new Dm(n)}function br(n){return M.IsNever(n)||M.IsIntersect(n)||M.IsUnion(n)||M.IsUnknown(n)||M.IsAny(n)}function gr(n,r){return M.IsNever(r)?Rm(n,r):M.IsIntersect(r)?$0(n,r):M.IsUnion(r)?nl(n,r):M.IsUnknown(r)?Um(n,r):M.IsAny(r)?T_(n,r):ui("StructuralRight")}function T_(n,r){return Q.True}function h4(n,r){return M.IsIntersect(r)?$0(n,r):M.IsUnion(r)&&r.anyOf.some((t)=>M.IsAny(t)||M.IsUnknown(t))?Q.True:M.IsUnion(r)?Q.Union:M.IsUnknown(r)?Q.True:M.IsAny(r)?Q.True:Q.Union}function A4(n,r){return M.IsUnknown(n)?Q.False:M.IsAny(n)?Q.Union:M.IsNever(n)?Q.True:Q.False}function E4(n,r){return M.IsObject(r)&&h0(r)?Q.True:br(r)?gr(n,r):!M.IsArray(r)?Q.False:gt(Pn(n.items,r.items))}function S4(n,r){return br(r)?gr(n,r):!M.IsAsyncIterator(r)?Q.False:gt(Pn(n.items,r.items))}function D4(n,r){return br(r)?gr(n,r):M.IsObject(r)?Lr(n,r):M.IsRecord(r)?mt(n,r):M.IsBigInt(r)?Q.True:Q.False}function km(n,r){return M.IsLiteralBoolean(n)?Q.True:M.IsBoolean(n)?Q.True:Q.False}function k4(n,r){return br(r)?gr(n,r):M.IsObject(r)?Lr(n,r):M.IsRecord(r)?mt(n,r):M.IsBoolean(r)?Q.True:Q.False}function M4(n,r){return br(r)?gr(n,r):M.IsObject(r)?Lr(n,r):!M.IsConstructor(r)?Q.False:n.parameters.length>r.parameters.length?Q.False:!n.parameters.every((t,o)=>gt(Pn(r.parameters[o],t))===Q.True)?Q.False:gt(Pn(n.returns,r.returns))}function R4(n,r){return br(r)?gr(n,r):M.IsObject(r)?Lr(n,r):M.IsRecord(r)?mt(n,r):M.IsDate(r)?Q.True:Q.False}function H4(n,r){return br(r)?gr(n,r):M.IsObject(r)?Lr(n,r):!M.IsFunction(r)?Q.False:n.parameters.length>r.parameters.length?Q.False:!n.parameters.every((t,o)=>gt(Pn(r.parameters[o],t))===Q.True)?Q.False:gt(Pn(n.returns,r.returns))}function Mm(n,r){return M.IsLiteral(n)&&Yr.IsNumber(n.const)?Q.True:M.IsNumber(n)||M.IsInteger(n)?Q.True:Q.False}function z4(n,r){return M.IsInteger(r)||M.IsNumber(r)?Q.True:br(r)?gr(n,r):M.IsObject(r)?Lr(n,r):M.IsRecord(r)?mt(n,r):Q.False}function $0(n,r){return r.allOf.every((t)=>Pn(n,t)===Q.True)?Q.True:Q.False}function B4(n,r){return n.allOf.some((t)=>Pn(t,r)===Q.True)?Q.True:Q.False}function U4(n,r){return br(r)?gr(n,r):!M.IsIterator(r)?Q.False:gt(Pn(n.items,r.items))}function W4(n,r){return M.IsLiteral(r)&&r.const===n.const?Q.True:br(r)?gr(n,r):M.IsObject(r)?Lr(n,r):M.IsRecord(r)?mt(n,r):M.IsString(r)?Bm(n,r):M.IsNumber(r)?Hm(n,r):M.IsInteger(r)?Mm(n,r):M.IsBoolean(r)?km(n,r):Q.False}function Rm(n,r){return Q.False}function V4(n,r){return Q.True}function hm(n){let[r,t]=[n,0];while(!0){if(!M.IsNot(r))break;r=r.not,t+=1}return t%2===0?r:Fo()}function Y4(n,r){return M.IsNot(n)?Pn(hm(n),r):M.IsNot(r)?Pn(n,hm(r)):ui("Invalid fallthrough for Not")}function J4(n,r){return br(r)?gr(n,r):M.IsObject(r)?Lr(n,r):M.IsRecord(r)?mt(n,r):M.IsNull(r)?Q.True:Q.False}function Hm(n,r){return M.IsLiteralNumber(n)?Q.True:M.IsNumber(n)||M.IsInteger(n)?Q.True:Q.False}function X4(n,r){return br(r)?gr(n,r):M.IsObject(r)?Lr(n,r):M.IsRecord(r)?mt(n,r):M.IsInteger(r)||M.IsNumber(r)?Q.True:Q.False}function Kr(n,r){return Object.getOwnPropertyNames(n.properties).length===r}function Am(n){return h0(n)}function Em(n){return Kr(n,0)||Kr(n,1)&&"description"in n.properties&&M.IsUnion(n.properties.description)&&n.properties.description.anyOf.length===2&&(M.IsString(n.properties.description.anyOf[0])&&M.IsUndefined(n.properties.description.anyOf[1])||M.IsString(n.properties.description.anyOf[1])&&M.IsUndefined(n.properties.description.anyOf[0]))}function I_(n){return Kr(n,0)}function Sm(n){return Kr(n,0)}function L4(n){return Kr(n,0)}function Q4(n){return Kr(n,0)}function G4(n){return h0(n)}function O4(n){let r=dt();return Kr(n,0)||Kr(n,1)&&"length"in n.properties&&gt(Pn(n.properties.length,r))===Q.True}function N4(n){return Kr(n,0)}function h0(n){let r=dt();return Kr(n,0)||Kr(n,1)&&"length"in n.properties&&gt(Pn(n.properties.length,r))===Q.True}function x4(n){let r=jt([No()],No());return Kr(n,0)||Kr(n,1)&&"then"in n.properties&&gt(Pn(n.properties.then,r))===Q.True}function zm(n,r){return Pn(n,r)===Q.False?Q.False:M.IsOptional(n)&&!M.IsOptional(r)?Q.False:Q.True}function Lr(n,r){return M.IsUnknown(n)?Q.False:M.IsAny(n)?Q.Union:M.IsNever(n)||M.IsLiteralString(n)&&Am(r)||M.IsLiteralNumber(n)&&I_(r)||M.IsLiteralBoolean(n)&&Sm(r)||M.IsSymbol(n)&&Em(r)||M.IsBigInt(n)&&L4(r)||M.IsString(n)&&Am(r)||M.IsSymbol(n)&&Em(r)||M.IsNumber(n)&&I_(r)||M.IsInteger(n)&&I_(r)||M.IsBoolean(n)&&Sm(r)||M.IsUint8Array(n)&&G4(r)||M.IsDate(n)&&Q4(r)||M.IsConstructor(n)&&N4(r)||M.IsFunction(n)&&O4(r)?Q.True:M.IsRecord(n)&&M.IsString(p_(n))?(()=>{return r[lt]==="Record"?Q.True:Q.False})():M.IsRecord(n)&&M.IsNumber(p_(n))?(()=>{return Kr(r,0)?Q.True:Q.False})():Q.False}function P4(n,r){return br(r)?gr(n,r):M.IsRecord(r)?mt(n,r):!M.IsObject(r)?Q.False:(()=>{for(let t of Object.getOwnPropertyNames(r.properties)){if(!(t in n.properties)&&!M.IsOptional(r.properties[t]))return Q.False;if(M.IsOptional(r.properties[t]))return Q.True;if(zm(n.properties[t],r.properties[t])===Q.False)return Q.False}return Q.True})()}function C4(n,r){return br(r)?gr(n,r):M.IsObject(r)&&x4(r)?Q.True:!M.IsPromise(r)?Q.False:gt(Pn(n.item,r.item))}function p_(n){return Go in n.patternProperties?dt():(Oo in n.patternProperties)?Yt():ui("Unknown record key pattern")}function y_(n){return Go in n.patternProperties?n.patternProperties[Go]:(Oo in n.patternProperties)?n.patternProperties[Oo]:ui("Unable to get record value schema")}function mt(n,r){let[t,o]=[p_(r),y_(r)];return M.IsLiteralString(n)&&M.IsNumber(t)&&gt(Pn(n,o))===Q.True?Q.True:M.IsUint8Array(n)&&M.IsNumber(t)?Pn(n,o):M.IsString(n)&&M.IsNumber(t)?Pn(n,o):M.IsArray(n)&&M.IsNumber(t)?Pn(n,o):M.IsObject(n)?(()=>{for(let c of Object.getOwnPropertyNames(n.properties))if(zm(o,n.properties[c])===Q.False)return Q.False;return Q.True})():Q.False}function F4(n,r){return br(r)?gr(n,r):M.IsObject(r)?Lr(n,r):!M.IsRecord(r)?Q.False:Pn(y_(n),y_(r))}function j4(n,r){let t=M.IsRegExp(n)?Yt():n,o=M.IsRegExp(r)?Yt():r;return Pn(t,o)}function Bm(n,r){return M.IsLiteral(n)&&Yr.IsString(n.const)?Q.True:M.IsString(n)?Q.True:Q.False}function q4(n,r){return br(r)?gr(n,r):M.IsObject(r)?Lr(n,r):M.IsRecord(r)?mt(n,r):M.IsString(r)?Q.True:Q.False}function K4(n,r){return br(r)?gr(n,r):M.IsObject(r)?Lr(n,r):M.IsRecord(r)?mt(n,r):M.IsSymbol(r)?Q.True:Q.False}function v4(n,r){return M.IsTemplateLiteral(n)?Pn($c(n),r):M.IsTemplateLiteral(r)?Pn(n,$c(r)):ui("Invalid fallthrough for TemplateLiteral")}function Z4(n,r){return M.IsArray(r)&&n.items!==void 0&&n.items.every((t)=>Pn(t,r.items)===Q.True)}function I4(n,r){return M.IsNever(n)?Q.True:M.IsUnknown(n)?Q.False:M.IsAny(n)?Q.Union:Q.False}function p4(n,r){return br(r)?gr(n,r):M.IsObject(r)&&h0(r)?Q.True:M.IsArray(r)&&Z4(n,r)?Q.True:!M.IsTuple(r)?Q.False:Yr.IsUndefined(n.items)&&!Yr.IsUndefined(r.items)||!Yr.IsUndefined(n.items)&&Yr.IsUndefined(r.items)?Q.False:Yr.IsUndefined(n.items)&&!Yr.IsUndefined(r.items)?Q.True:n.items.every((t,o)=>Pn(t,r.items[o])===Q.True)?Q.True:Q.False}function y4(n,r){return br(r)?gr(n,r):M.IsObject(r)?Lr(n,r):M.IsRecord(r)?mt(n,r):M.IsUint8Array(r)?Q.True:Q.False}function T4(n,r){return br(r)?gr(n,r):M.IsObject(r)?Lr(n,r):M.IsRecord(r)?mt(n,r):M.IsVoid(r)?t6(n,r):M.IsUndefined(r)?Q.True:Q.False}function nl(n,r){return r.anyOf.some((t)=>Pn(n,t)===Q.True)?Q.True:Q.False}function n6(n,r){return n.anyOf.every((t)=>Pn(t,r)===Q.True)?Q.True:Q.False}function Um(n,r){return Q.True}function r6(n,r){return M.IsNever(r)?Rm(n,r):M.IsIntersect(r)?$0(n,r):M.IsUnion(r)?nl(n,r):M.IsAny(r)?T_(n,r):M.IsString(r)?Bm(n,r):M.IsNumber(r)?Hm(n,r):M.IsInteger(r)?Mm(n,r):M.IsBoolean(r)?km(n,r):M.IsArray(r)?A4(n,r):M.IsTuple(r)?I4(n,r):M.IsObject(r)?Lr(n,r):M.IsUnknown(r)?Q.True:Q.False}function t6(n,r){return M.IsUndefined(n)?Q.True:M.IsUndefined(n)?Q.True:Q.False}function o6(n,r){return M.IsIntersect(r)?$0(n,r):M.IsUnion(r)?nl(n,r):M.IsUnknown(r)?Um(n,r):M.IsAny(r)?T_(n,r):M.IsObject(r)?Lr(n,r):M.IsVoid(r)?Q.True:Q.False}function Pn(n,r){return M.IsTemplateLiteral(n)||M.IsTemplateLiteral(r)?v4(n,r):M.IsRegExp(n)||M.IsRegExp(r)?j4(n,r):M.IsNot(n)||M.IsNot(r)?Y4(n,r):M.IsAny(n)?h4(n,r):M.IsArray(n)?E4(n,r):M.IsBigInt(n)?D4(n,r):M.IsBoolean(n)?k4(n,r):M.IsAsyncIterator(n)?S4(n,r):M.IsConstructor(n)?M4(n,r):M.IsDate(n)?R4(n,r):M.IsFunction(n)?H4(n,r):M.IsInteger(n)?z4(n,r):M.IsIntersect(n)?B4(n,r):M.IsIterator(n)?U4(n,r):M.IsLiteral(n)?W4(n,r):M.IsNever(n)?V4(n,r):M.IsNull(n)?J4(n,r):M.IsNumber(n)?X4(n,r):M.IsObject(n)?P4(n,r):M.IsRecord(n)?F4(n,r):M.IsString(n)?q4(n,r):M.IsSymbol(n)?K4(n,r):M.IsTuple(n)?p4(n,r):M.IsPromise(n)?C4(n,r):M.IsUint8Array(n)?y4(n,r):M.IsUndefined(n)?T4(n,r):M.IsUnion(n)?n6(n,r):M.IsUnknown(n)?r6(n,r):M.IsVoid(n)?o6(n,r):ui(`Unknown left type operand '${n[C]}'`)}function jo(n,r){return Pn(n,r)}var Dm,Q;var rl=b(()=>{_a();bc();mc();si();di();mo();sa();fn();Ft();E_();Dm=class Dm extends Hr{};(function(n){n[n.Union=0]="Union",n[n.True=1]="True",n[n.False=2]="False"})(Q||(Q={}))});function c6(n,r,t,o,c){let i={};for(let a of globalThis.Object.getOwnPropertyNames(n))i[a]=wi(n[a],r,t,o,In(c));return i}function i6(n,r,t,o,c){return c6(n.properties,r,t,o,c)}function Wm(n,r,t,o,c){let i=i6(n,r,t,o,c);return Bn(i)}var tl=b(()=>{Er();A0();Pr()});function a6(n,r,t,o){let c=jo(n,r);return c===Q.Union?Jn([t,o]):c===Q.True?t:o}function wi(n,r,t,o,c){return pn(n)?Wm(n,r,t,o,c):rt(n)?L(Vm(n,r,t,o,c)):L(a6(n,r,t,o),c)}var A0=b(()=>{en();wr();rl();ol();tl();zn()});function e6(n,r,t,o,c){return{[n]:wi(Wn(n),r,t,o,In(c))}}function s6(n,r,t,o,c){return n.reduce((i,a)=>{return{...i,...e6(a,r,t,o,c)}},{})}function f6(n,r,t,o,c){return s6(n.keys,r,t,o,c)}function Vm(n,r,t,o,c){let i=f6(n,r,t,o,c);return Bn(i)}var ol=b(()=>{Er();Fr();A0();Pr()});var Ym=()=>{};var Da=b(()=>{rl();ol();tl();Ym();A0()});function Jm(n,r){return bi($c(n),r)}var cl=b(()=>{E0();mo()});function _6(n,r){let t=n.filter((o)=>jo(o,r)===Q.False);return t.length===1?t[0]:Jn(t)}function bi(n,r,t={}){if(tt(n))return L(Jm(n,r),t);if(pn(n))return L(Xm(n,r),t);return L(kn(n)?_6(n.anyOf,r):jo(n,r)!==Q.False?Mn():n,t)}var E0=b(()=>{en();wr();Br();Da();il();cl();zn()});function l6(n,r){let t={};for(let o of globalThis.Object.getOwnPropertyNames(n))t[o]=bi(n[o],r);return t}function d6(n,r){return l6(n.properties,r)}function Xm(n,r){let t=d6(n,r);return Bn(t)}var il=b(()=>{Er();E0()});var al=b(()=>{il();cl();E0()});function Lm(n,r){return gi($c(n),r)}var el=b(()=>{S0();mo()});function u6(n,r){let t=n.filter((o)=>jo(o,r)!==Q.False);return t.length===1?t[0]:Jn(t)}function gi(n,r,t){if(tt(n))return L(Lm(n,r),t);if(pn(n))return L(Qm(n,r),t);return L(kn(n)?u6(n.anyOf,r):jo(n,r)!==Q.False?n:Mn(),t)}var S0=b(()=>{en();wr();Br();Da();sl();el();zn()});function w6(n,r){let t={};for(let o of globalThis.Object.getOwnPropertyNames(n))t[o]=gi(n[o],r);return t}function b6(n,r){return w6(n.properties,r)}function Qm(n,r){let t=b6(n,r);return Bn(t)}var sl=b(()=>{Er();S0()});var fl=b(()=>{sl();el();S0()});function Gm(n,r){return Bt(n)?L(n.returns,r):Mn(r)}var Om=b(()=>{en();Br();zn()});var _l=b(()=>{Om()});function D0(n){return qr(Jr(n))}var Nm=b(()=>{hc();bo()});var k0=b(()=>{Nm()});function Ec(n,r,t){return L({[C]:"Record",type:"object",patternProperties:{[n]:r}},t)}function ll(n,r,t){let o={};for(let c of n)o[c]=r;return xn(o,{...t,[lt]:"Record"})}function g6(n,r,t){return Sg(n)?ll(jr(n),r,t):Ec(n.pattern,r,t)}function m6(n,r,t){return ll(jr(Jn(n)),r,t)}function $6(n,r,t){return ll([n.toString()],r,t)}function h6(n,r,t){return Ec(n.source,r,t)}function A6(n,r,t){let o=_r(n.pattern)?Oo:n.pattern;return Ec(o,r,t)}function E6(n,r,t){return Ec(Oo,r,t)}function S6(n,r,t){return Ec(y1,r,t)}function D6(n,r,t){return xn({true:r,false:r},t)}function k6(n,r,t){return Ec(Go,r,t)}function M6(n,r,t){return Ec(Go,r,t)}function M0(n,r,t={}){return kn(n)?m6(n.anyOf,r,t):tt(n)?g6(n,r,t):nt(n)?$6(n.const,r,t):_o(n)?D6(n,r,t):Wt(n)?k6(n,r,t):Vt(n)?M6(n,r,t):m_(n)?h6(n,r,t):lo(n)?A6(n,r,t):b_(n)?E6(n,r,t):Lo(n)?S6(n,r,t):Mn(t)}function R0(n){return globalThis.Object.getOwnPropertyNames(n.patternProperties)[0]}function xm(n){let r=R0(n);return r===Oo?Yt():r===Go?dt():Yt({pattern:r})}function H0(n){return n.patternProperties[R0(n)]}var Pm=b(()=>{en();fn();Br();mc();it();si();wr();mo();sa();Kt();zn()});var ka=b(()=>{Pm()});function R6(n,r){return r.parameters=Ma(n,r.parameters),r.returns=Jt(n,r.returns),r}function H6(n,r){return r.parameters=Ma(n,r.parameters),r.returns=Jt(n,r.returns),r}function z6(n,r){return r.allOf=Ma(n,r.allOf),r}function B6(n,r){return r.anyOf=Ma(n,r.anyOf),r}function U6(n,r){if(_r(r.items))return r;return r.items=Ma(n,r.items),r}function W6(n,r){return r.items=Jt(n,r.items),r}function V6(n,r){return r.items=Jt(n,r.items),r}function Y6(n,r){return r.items=Jt(n,r.items),r}function J6(n,r){return r.item=Jt(n,r.item),r}function X6(n,r){let t=O6(n,r.properties);return{...r,...xn(t)}}function L6(n,r){let t=Jt(n,xm(r)),o=Jt(n,H0(r)),c=M0(t,o);return{...r,...c}}function Q6(n,r){return r.index in n?n[r.index]:Fo()}function G6(n,r){let t=ri(r),o=Cr(r),c=Jt(n,r);return t&&o?D0(c):t&&!o?qr(c):!t&&o?Jr(c):c}function O6(n,r){return globalThis.Object.getOwnPropertyNames(r).reduce((t,o)=>{return{...t,[o]:G6(n,r[o])}},{})}function Ma(n,r){return r.map((t)=>Jt(n,t))}function Jt(n,r){return Bt(r)?R6(n,r):Ut(r)?H6(n,r):rr(r)?z6(n,r):kn(r)?B6(n,r):ot(r)?U6(n,r):Ht(r)?W6(n,r):_c(r)?V6(n,r):dc(r)?Y6(n,r):uc(r)?J6(n,r):lr(r)?X6(n,r):wc(r)?L6(n,r):g_(r)?Q6(n,r):r}function Cm(n,r){return Jt(r,ni(n))}var Fm=b(()=>{qe();di();k0();hc();bo();it();ka();zn()});var dl=b(()=>{Fm()});function jm(n){return L({[C]:"Integer",type:"integer"},n)}var qm=b(()=>{en();fn()});var ul=b(()=>{qm()});function N6(n,r,t){return{[n]:Xt(Wn(n),r,In(t))}}function x6(n,r,t){return n.reduce((c,i)=>{return{...c,...N6(i,r,t)}},{})}function P6(n,r,t){return x6(n.keys,r,t)}function Km(n,r,t){let o=P6(n,r,t);return Bn(o)}var wl=b(()=>{Er();Sc();Fr();Pr()});function C6(n){let[r,t]=[n.slice(0,1),n.slice(1)];return[r.toLowerCase(),t].join("")}function F6(n){let[r,t]=[n.slice(0,1),n.slice(1)];return[r.toUpperCase(),t].join("")}function j6(n){return n.toUpperCase()}function q6(n){return n.toLowerCase()}function K6(n,r,t){let o=ai(n.pattern);if(!gc(o))return{...n,pattern:vm(n.pattern,r)};let a=[...ga(o)].map((f)=>Wn(f)),e=Zm(a,r),s=Jn(e);return r0([s],t)}function vm(n,r){return typeof n==="string"?r==="Uncapitalize"?C6(n):r==="Capitalize"?F6(n):r==="Uppercase"?j6(n):r==="Lowercase"?q6(n):n:n.toString()}function Zm(n,r){return n.map((t)=>Xt(t,r))}function Xt(n,r,t={}){return rt(n)?Km(n,r,t):tt(n)?K6(n,r,t):kn(n)?Jn(Zm(n.anyOf,r),t):nt(n)?Wn(vm(n.const,r),t):L(n,t)}var Sc=b(()=>{en();mo();wl();Fr();wr();zn()});function Im(n,r={}){return Xt(n,"Capitalize",r)}var pm=b(()=>{Sc()});function ym(n,r={}){return Xt(n,"Lowercase",r)}var Tm=b(()=>{Sc()});function n2(n,r={}){return Xt(n,"Uncapitalize",r)}var r2=b(()=>{Sc()});function t2(n,r={}){return Xt(n,"Uppercase",r)}var o2=b(()=>{Sc()});var bl=b(()=>{pm();wl();Sc();Tm();r2();o2()});function v6(n,r,t){let o={};for(let c of globalThis.Object.getOwnPropertyNames(n))o[c]=qo(n[c],r,In(t));return o}function Z6(n,r,t){return v6(n.properties,r,t)}function c2(n,r,t){let o=Z6(n,r,t);return Bn(o)}var gl=b(()=>{Er();z0();Pr()});function I6(n,r){return n.map((t)=>ml(t,r))}function p6(n,r){return n.map((t)=>ml(t,r))}function y6(n,r){let{[r]:t,...o}=n;return o}function T6(n,r){return r.reduce((t,o)=>y6(t,o),n)}function n8(n,r,t){let o=tr(n,[ur,"$id","required","properties"]),c=T6(t,r);return xn(c,o)}function r8(n){let r=n.reduce((t,o)=>ve(o)?[...t,Wn(o)]:t,[]);return Jn(r)}function ml(n,r){return rr(n)?Xr(I6(n.allOf,r)):kn(n)?Jn(p6(n.anyOf,r)):lr(n)?n8(n,r,n.properties):xn({})}function qo(n,r,t){let o=fr(r)?r8(r):r,c=ct(r)?jr(r):r,i=ir(n),a=ir(r);return pn(n)?c2(n,c,t):rt(r)?i2(n,r,t):i&&a?vn("Omit",[n,o],t):!i&&a?vn("Omit",[n,o],t):i&&!a?vn("Omit",[n,o],t):L({...ml(n,c),...t})}var z0=b(()=>{en();ta();xo();Fr();Kt();ut();wr();it();$l();gl();zn()});function t8(n,r,t){return{[r]:qo(n,[r],In(t))}}function o8(n,r,t){return r.reduce((o,c)=>{return{...o,...t8(n,c,t)}},{})}function c8(n,r,t){return o8(n,r.keys,t)}function i2(n,r,t){let o=c8(n,r,t);return Bn(o)}var $l=b(()=>{Er();z0();Pr()});var B0=b(()=>{$l();gl();z0()});function i8(n,r,t){let o={};for(let c of globalThis.Object.getOwnPropertyNames(n))o[c]=Ko(n[c],r,In(t));return o}function a8(n,r,t){return i8(n.properties,r,t)}function a2(n,r,t){let o=a8(n,r,t);return Bn(o)}var hl=b(()=>{Er();U0();Pr()});function e8(n,r){return n.map((t)=>Al(t,r))}function s8(n,r){return n.map((t)=>Al(t,r))}function f8(n,r){let t={};for(let o of r)if(o in n)t[o]=n[o];return t}function _8(n,r,t){let o=tr(n,[ur,"$id","required","properties"]),c=f8(t,r);return xn(c,o)}function l8(n){let r=n.reduce((t,o)=>ve(o)?[...t,Wn(o)]:t,[]);return Jn(r)}function Al(n,r){return rr(n)?Xr(e8(n.allOf,r)):kn(n)?Jn(s8(n.anyOf,r)):lr(n)?_8(n,r,n.properties):xn({})}function Ko(n,r,t){let o=fr(r)?l8(r):r,c=ct(r)?jr(r):r,i=ir(n),a=ir(r);return pn(n)?a2(n,c,t):rt(r)?e2(n,r,t):i&&a?vn("Pick",[n,o],t):!i&&a?vn("Pick",[n,o],t):i&&!a?vn("Pick",[n,o],t):L({...Al(n,c),...t})}var U0=b(()=>{en();xo();ut();Fr();it();wr();Kt();ta();zn();El();hl()});function d8(n,r,t){return{[r]:Ko(n,[r],In(t))}}function u8(n,r,t){return r.reduce((o,c)=>{return{...o,...d8(n,c,t)}},{})}function w8(n,r,t){return u8(n,r.keys,t)}function e2(n,r,t){let o=w8(n,r,t);return Bn(o)}var El=b(()=>{Er();U0();Pr()});var W0=b(()=>{El();hl();U0()});function b8(n,r){return vn("Partial",[vn(n,r)])}function g8(n){return vn("Partial",[vt(n)])}function m8(n){let r={};for(let t of globalThis.Object.getOwnPropertyNames(n))r[t]=Jr(n[t]);return r}function $8(n,r){let t=tr(n,[ur,"$id","required","properties"]),o=m8(r);return xn(o,t)}function s2(n){return n.map((r)=>f2(r))}function f2(n){return zt(n)?b8(n.target,n.parameters):ir(n)?g8(n.$ref):rr(n)?Xr(s2(n.allOf)):kn(n)?Jn(s2(n.anyOf)):lr(n)?$8(n,n.properties):lc(n)?n:_o(n)?n:Wt(n)?n:nt(n)?n:oa(n)?n:Vt(n)?n:lo(n)?n:ca(n)?n:ia(n)?n:xn({})}function mi(n,r){if(pn(n))return _2(n,r);else return L({...f2(n),...r})}var Sl=b(()=>{en();xo();bo();it();ut();wr();Ac();wo();fn();Dl();zn()});function h8(n,r){let t={};for(let o of globalThis.Object.getOwnPropertyNames(n))t[o]=mi(n[o],In(r));return t}function A8(n,r){return h8(n.properties,r)}function _2(n,r){let t=A8(n,r);return Bn(t)}var Dl=b(()=>{Er();Sl();Pr()});var V0=b(()=>{Dl();Sl()});function E8(n,r){return vn("Required",[vn(n,r)])}function S8(n){return vn("Required",[vt(n)])}function D8(n){let r={};for(let t of globalThis.Object.getOwnPropertyNames(n))r[t]=tr(n[t],[zr]);return r}function k8(n,r){let t=tr(n,[ur,"$id","required","properties"]),o=D8(r);return xn(o,t)}function l2(n){return n.map((r)=>d2(r))}function d2(n){return zt(n)?E8(n.target,n.parameters):ir(n)?S8(n.$ref):rr(n)?Xr(l2(n.allOf)):kn(n)?Jn(l2(n.anyOf)):lr(n)?k8(n,n.properties):lc(n)?n:_o(n)?n:Wt(n)?n:nt(n)?n:oa(n)?n:Vt(n)?n:lo(n)?n:ca(n)?n:ia(n)?n:xn({})}function $i(n,r){if(pn(n))return u2(n,r);else return L({...d2(n),...r})}var kl=b(()=>{en();xo();it();ut();wr();Ac();fn();wo();Ml();zn()});function M8(n,r){let t={};for(let o of globalThis.Object.getOwnPropertyNames(n))t[o]=$i(n[o],r);return t}function R8(n,r){return M8(n.properties,r)}function u2(n,r){let t=R8(n,r);return Bn(t)}var Ml=b(()=>{Er();kl()});var Y0=b(()=>{Ml();kl()});function H8(n,r){return r.map((t)=>{return ir(t)?Rl(n,t.$ref):at(n,t)})}function Rl(n,r){return r in n?ir(n[r])?Rl(n,n[r].$ref):at(n,n[r]):Mn()}function z8(n){return _i(n[0])}function B8(n){return Po(n[0],n[1])}function U8(n){return li(n[0])}function W8(n){return mi(n[0])}function V8(n){return qo(n[0],n[1])}function Y8(n){return Ko(n[0],n[1])}function J8(n){return $i(n[0])}function X8(n,r,t){let o=H8(n,t);return r==="Awaited"?z8(o):r==="Index"?B8(o):r==="KeyOf"?U8(o):r==="Partial"?W8(o):r==="Omit"?V8(o):r==="Pick"?Y8(o):r==="Required"?J8(o):Mn()}function L8(n,r){return ti(at(n,r))}function Q8(n,r){return oi(at(n,r))}function G8(n,r,t){return ci(Ra(n,r),at(n,t))}function O8(n,r,t){return jt(Ra(n,r),at(n,t))}function N8(n,r){return Xr(Ra(n,r))}function x8(n,r){return fi(at(n,r))}function P8(n,r){return xn(globalThis.Object.keys(r).reduce((t,o)=>{return{...t,[o]:at(n,r[o])}},{}))}function C8(n,r){let[t,o]=[at(n,H0(r)),R0(r)],c=ni(r);return c.patternProperties[o]=t,c}function F8(n,r){return ir(r)?{...Rl(n,r.$ref),[ur]:r[ur]}:r}function j8(n,r){return wt(Ra(n,r))}function q8(n,r){return Jn(Ra(n,r))}function Ra(n,r){return r.map((t)=>at(n,t))}function at(n,r){return Cr(r)?L(at(n,tr(r,[zr])),r):ri(r)?L(at(n,tr(r,[Rt])),r):Qo(r)?L(F8(n,r),r):Ht(r)?L(L8(n,r.items),r):_c(r)?L(Q8(n,r.items),r):zt(r)?L(X8(n,r.target,r.parameters)):Bt(r)?L(G8(n,r.parameters,r.returns),r):Ut(r)?L(O8(n,r.parameters,r.returns),r):rr(r)?L(N8(n,r.allOf),r):dc(r)?L(x8(n,r.items),r):lr(r)?L(P8(n,r.properties),r):wc(r)?L(C8(n,r)):ot(r)?L(j8(n,r.items||[]),r):kn(r)?L(q8(n,r.anyOf),r):r}function K8(n,r){return r in n?at(n,n[r]):Mn()}function w2(n){return globalThis.Object.getOwnPropertyNames(n).reduce((r,t)=>{return{...r,[t]:K8(n,t)}},{})}var b2=b(()=>{fo();w_();wo();la();a0();da();ua();Kt();bc();ut();$a();Sa();it();B0();W0();Br();V0();ka();Y0();Co();wr();fn();zn()});class g2{constructor(n){let r=w2(n),t=this.WithIdentifiers(r);this.$defs=t}Import(n,r){let t={...this.$defs,[n]:L(this.$defs[n],r)};return L({[C]:"Import",$defs:t,$ref:n})}WithIdentifiers(n){return globalThis.Object.getOwnPropertyNames(n).reduce((r,t)=>{return{...r,[t]:{...n[t],$id:t}}},{})}}function m2(n){return new g2(n)}var $2=b(()=>{fo();fn();b2()});var Hl=b(()=>{$2()});function h2(n,r){return L({[C]:"Not",not:n},r)}var A2=b(()=>{en();fn()});var zl=b(()=>{A2()});function E2(n,r){return Ut(n)?wt(n.parameters,r):Mn()}var S2=b(()=>{Co();Br();zn()});var Bl=b(()=>{S2()});function D2(n,r={}){if(_r(r.$id))r.$id=`T${v8++}`;let t=ni(n({[C]:"This",$ref:`${r.$id}`}));return t.$id=r.$id,L({[lt]:"Recursive",...t},r)}var v8=0;var k2=b(()=>{qe();en();fn()});var Ul=b(()=>{k2()});function M2(n,r){let t=Fn(n)?new globalThis.RegExp(n):n;return L({[C]:"RegExp",type:"RegExp",source:t.source,flags:t.flags},r)}var R2=b(()=>{en();fn()});var Wl=b(()=>{R2()});function Z8(n){return rr(n)?n.allOf:kn(n)?n.anyOf:ot(n)?n.items??[]:[]}function H2(n){return Z8(n)}var z2=b(()=>{zn()});var Vl=b(()=>{z2()});function B2(n,r){return Ut(n)?L(n.returns,r):Mn(r)}var U2=b(()=>{en();Br();zn()});var Yl=b(()=>{U2()});var W2=()=>{};var V2=()=>{};var Y2=b(()=>{W2();V2()});var J2=()=>{};var X2=b(()=>{J2()});class L2{constructor(n){this.schema=n}Decode(n){return new Q2(this.schema,n)}}class Q2{constructor(n,r){this.schema=n,this.decode=r}EncodeTransform(n,r){let c={Encode:(i)=>r[ur].Encode(n(i)),Decode:(i)=>this.decode(r[ur].Decode(i))};return{...r,[ur]:c}}EncodeSchema(n,r){let t={Decode:this.decode,Encode:n};return{...r,[ur]:t}}Encode(n){return Qo(this.schema)?this.EncodeTransform(n,this.schema):this.EncodeSchema(n,this.schema)}}function G2(n){return new L2(n)}var O2=b(()=>{fn();zn()});var Jl=b(()=>{O2()});function N2(n={}){return L({[C]:n[C]??"Unsafe"},n)}var x2=b(()=>{en();fn()});var Xl=b(()=>{x2()});function P2(n){return L({[C]:"Void",type:"void"},n)}var C2=b(()=>{en();fn()});var Ll=b(()=>{C2()});var Ql={};ho(Ql,{Void:()=>P2,Uppercase:()=>t2,Unsafe:()=>N2,Unknown:()=>Fo,Union:()=>Jn,Undefined:()=>u0,Uncapitalize:()=>n2,Uint8Array:()=>b0,Tuple:()=>wt,Transform:()=>G2,TemplateLiteral:()=>r0,Symbol:()=>l0,String:()=>Yt,ReturnType:()=>B2,Rest:()=>H2,Required:()=>$i,RegExp:()=>M2,Ref:()=>vt,Recursive:()=>D2,Record:()=>M0,ReadonlyOptional:()=>D0,Readonly:()=>qr,Promise:()=>c0,Pick:()=>Ko,Partial:()=>mi,Parameters:()=>E2,Optional:()=>Jr,Omit:()=>qo,Object:()=>xn,Number:()=>dt,Null:()=>f0,Not:()=>h2,Never:()=>Mn,Module:()=>m2,Mapped:()=>qg,Lowercase:()=>ym,Literal:()=>Wn,KeyOf:()=>li,Iterator:()=>fi,Intersect:()=>Xr,Integer:()=>jm,Instantiate:()=>Cm,InstanceType:()=>Gm,Index:()=>Po,Function:()=>jt,Extract:()=>gi,Extends:()=>wi,Exclude:()=>bi,Enum:()=>mm,Date:()=>e0,ConstructorParameters:()=>bm,Constructor:()=>ci,Const:()=>um,Composite:()=>im,Capitalize:()=>Im,Boolean:()=>Te,BigInt:()=>ei,Awaited:()=>_i,AsyncIterator:()=>oi,Array:()=>ti,Argument:()=>sg,Any:()=>No});var F2=b(()=>{_a();S_();la();da();a0();ma();n0();j_();K_();ua();v_();s0();Z_();al();Da();fl();bc();Kt();_l();dl();ul();ut();bl();$a();Sa();Fr();Er();Hl();Br();zl();_0();mc();it();B0();bo();Bl();V0();W0();i0();hc();k0();ka();Ul();Ac();Wl();Y0();Vl();Yl();si();d0();mo();Jl();Co();g0();w0();wr();di();Xl();Ll()});var mr;var j2=b(()=>{F2();mr=Ql});var q2=b(()=>{w_();fo();Ft();E_();Z1();sa();rg();fa();fn();_a();la();S_();da();a0();ma();n0();j_();K_();ua();v_();s0();Z_();al();Da();fl();bc();Kt();_l();dl();ul();ut();$a();bl();Sa();Fr();Hl();Er();Br();zl();_0();mc();it();B0();bo();Bl();V0();W0();i0();hc();k0();ka();Ul();Ac();Wl();Y0();Vl();Yl();Y2();X2();si();d0();mo();Jl();Co();g0();w0();wr();di();Xl();Ll();j2()});var Gl,Ol,CF,FF;var Nl=b(()=>{q2();Gl=mr.Object({email:mr.String({format:"email"})}),Ol=mr.Object({token:mr.String()}),CF=mr.Object({success:mr.Boolean(),message:mr.Optional(mr.String())}),FF=mr.Object({success:mr.Boolean(),message:mr.Optional(mr.String()),data:mr.Optional(mr.Object({user:mr.Object({id:mr.String(),email:mr.String()}),accessToken:mr.String(),refreshToken:mr.String()}))})});import{eq as xl}from"drizzle-orm";import{Elysia as I8}from"elysia";function J0(n,r,t,o,c,i,a,e,s,f){let{db:d,logger:_,usersTable:w}=n,g=r.route||"/auth/magic-link",u=r.verifyRoute||"/auth/magic-link/verify",m=r.expiresIn||"15m",l=r.redirectUrl||"",S=new I8;if(!r.enabled)return S;return S.post(g,async($)=>{if(!d||!w)return{success:!1,message:"Database not configured"};if(!t?.isAvailable())return _.error("[AUTH] Magic link requested but email service not available"),{success:!1,message:"Email service not available"};let{email:E}=$.body,W=(await d.select().from(w).where(xl(w.email,E)).limit(1))[0];if(!W)return _.info("[AUTH] Magic link requested for non-existent email",{email:E}),{success:!0,message:"If an account exists, a magic link has been sent"};if(W.isLocked)return _.warn("[AUTH] Magic link requested for locked account",{email:E}),{success:!0,message:"If an account exists, a magic link has been sent"};let H=yc(),k=Mt(H),D=new Date(Date.now()+Tc(m));await a({userId:W.id,email:E,tokenHash:k,expiresAt:D});let A=l?`${l}?token=${H}`:`${u}?token=${H}`,h=await t.sendMagicLinkEmail(E,A,f);if(!h.success)return _.error("[AUTH] Failed to send magic link email",{email:E,error:h.error}),{success:!1,message:"Failed to send email"};return _.info("[AUTH] Magic link sent",{email:E,userId:W.id}),{success:!0,message:"If an account exists, a magic link has been sent"}},{body:Gl,detail:{tags:["Authentication"],summary:"Request Magic Link",description:"Send a magic link to the user's email for passwordless login"}}),S.get(u,async($)=>{if(!d||!w)return{success:!1,message:"Database not configured"};let E=$.query.token;if(!E)return{success:!1,message:"Token is required"};let U=Mt(E),W=await e(U);if(!W)return _.warn("[AUTH] Invalid magic link token"),{success:!1,message:"Invalid or expired token"};if(new Date>W.expiresAt)return await s(U),_.warn("[AUTH] Expired magic link token",{email:W.email}),{success:!1,message:"Invalid or expired token"};let k=(await d.select().from(w).where(xl(w.id,W.userId)).limit(1))[0];if(!k)return await s(U),{success:!1,message:"User not found"};await s(U),await d.update(w).set({lastLoginAt:new Date,loginCount:(k.loginCount||0)+1,emailVerified:!0}).where(xl(w.id,k.id));let D=$.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||$.request.headers.get("x-real-ip")?.trim()||"unknown",A=$.request.headers.get("user-agent")||"",h=o(k.id),R=c(k.id),B=await i({userId:k.id,deviceInfo:{ipAddress:D,userAgent:A,deviceType:"unknown"},loginMethod:"magic_link"});return _.info("[AUTH] Magic link login successful",{userId:k.id,email:k.email}),$.set.headers["x-session-id"]=B,{success:!0,data:{user:{id:k.id,email:k.email},accessToken:h,refreshToken:R}}},{query:Ol,detail:{tags:["Authentication"],summary:"Verify Magic Link",description:"Verify magic link token and login user"}}),S}var Pl=b(()=>{Nl();yi();Nl()});import{eq as hi}from"drizzle-orm";import{Elysia as p8}from"elysia";function X0(n,r,t,o,c){let{db:i,logger:a,usersTable:e}=n,s=r.route||"/auth/me",f=new p8;if(!r.enabled)return f;return f.get(s,async(d)=>{if(!i||!e)return{success:!1,message:"Database not configured"};let _=d.request.headers.get("x-user-id");if(!_)return d.set.status=401,{success:!1,message:"Unauthorized"};let g=(await i.select().from(e).where(hi(e.id,_)).limit(1))[0];if(!g)return d.set.status=404,{success:!1,message:"User not found"};let{password:u,...m}=g,l=null,S=[],$=[],E=[],U=[];if(r.includeProfile&&t){let H=t.profiles;if(H&&i)l=(await i.select().from(H).where(hi(H.userId,_)).limit(1))[0]||null}if(r.includeAddresses&&t){let H=t.addresses;if(H&&i)S=await i.select().from(H).where(hi(H.ownerId,_))}if(r.includePhones&&t){let H=t.phones;if(H&&i)$=await i.select().from(H).where(hi(H.ownerId,_))}if(r.includeFiles&&t){let H=t.files;if(H&&i)E=await i.select().from(H).where(hi(H.uploadedBy,_))}if(r.includeRoles&&t){let{userRoles:H,roles:k}=t;if(H&&k&&i){let A=(await i.select().from(H).where(hi(H.userId,_))).map((h)=>h.roleId);if(A.length>0){let{inArray:h}=await import("drizzle-orm");U=await i.select().from(k).where(h(k.id,A))}}}return a.info("[AUTH] Me endpoint accessed",{userId:_}),JSON.parse(JSON.stringify({success:!0,data:{user:m,profile:l,addresses:S,phones:$,files:E,roles:U}},(H,k)=>typeof k==="bigint"?Number(k):k))},{detail:{tags:["Authentication"],summary:"Get current user",description:"Get the currently authenticated user with profile, addresses, phones and files"}}),f}var Cl=()=>{};import{and as L0,eq as Or}from"drizzle-orm";import{Elysia as y8}from"elysia";function K2(n,r,t,o,c,i,a,e,s,f,d){let{db:_,logger:w,usersTable:g}=n,u=r.basePath,m={accessTokenName:a?.accessTokenName||"access_token",refreshTokenName:a?.refreshTokenName||"refresh_token",sessionTokenName:a?.sessionTokenName||"session_token",accessTokenMaxAge:a?.accessTokenMaxAge||900,refreshTokenMaxAge:a?.refreshTokenMaxAge||604800,sessionTokenMaxAge:a?.sessionTokenMaxAge||900,secure:a?.secure??!0,httpOnly:a?.httpOnly??!0,sameSite:a?.sameSite||"lax",path:a?.path||"/",domain:a?.domain},l={accessToken:{setHeadersEnabled:e?.accessToken?.setHeadersEnabled??!0,returnJson:e?.accessToken?.returnJson??!0},refreshToken:{setHeadersEnabled:e?.refreshToken?.setHeadersEnabled??!0,returnJson:e?.refreshToken?.returnJson??!0},sessionToken:{setHeadersEnabled:e?.sessionToken?.setHeadersEnabled??!0,returnJson:e?.sessionToken?.returnJson??!0}},S=new y8;return S.get(`${u}/:provider`,async($)=>{let E=$.params.provider;if(!r.isProviderEnabled(E))return $.set.status=404,{success:!1,message:`OAuth provider "${E}" is not enabled`};let U=$.query.link_user_id,W=$.query.redirect_url,H=r.buildAuthorizationUrl(E,U,W);return $.set.status=302,$.set.headers.Location=H,null},{detail:{tags:["Authentication"],summary:"OAuth Redirect",description:"Redirects to the OAuth provider authorization page"}}),S.get(`${u}/:provider/callback`,async($)=>{let E=$.params.provider,U=$.query,{code:W,state:H,error:k,error_description:D}=U,A=r.errorRedirectUrl;if(k)return w.warn("[OAUTH] Provider returned error",{provider:E,error:k,error_description:D}),$.set.status=302,$.set.headers.Location=`${A}?error=${encodeURIComponent(D||k)}`,null;if(!W||!H)return $.set.status=302,$.set.headers.Location=`${A}?error=missing_code_or_state`,null;let h=r.consumeState(H);if(!h)return w.warn("[OAUTH] Invalid or expired state",{provider:E,state:H}),$.set.status=302,$.set.headers.Location=`${A}?error=invalid_state`,null;if(h.provider!==E)return w.warn("[OAUTH] State provider mismatch",{expected:h.provider,got:E}),$.set.status=302,$.set.headers.Location=`${A}?error=provider_mismatch`,null;if(!_||!g)return $.set.status=302,$.set.headers.Location=`${A}?error=server_error`,null;let R;try{R=await r.exchangeCode(E,W)}catch(ln){return w.error("[OAUTH] Code exchange failed",{provider:E,error:ln}),$.set.status=302,$.set.headers.Location=`${A}?error=token_exchange_failed`,null}let{profile:B,tokens:Y}=R,X=n.oauthAccountsTable,z=null;if(h.linkUserId&&r.allowAccountLinking){if(z=h.linkUserId,X){let Qn=await _.select().from(X).where(L0(Or(X.provider,E),Or(X.providerAccountId,B.providerAccountId))).limit(1);if(Qn.length>0){let qn=Qn[0];if(qn.userId!==z)return $.set.status=302,$.set.headers.Location=`${A}?error=account_already_linked_to_another_user`,null;await _.update(X).set({accessToken:Y.accessToken,refreshToken:Y.refreshToken??null,tokenExpiresAt:Y.expiresAt??null,scope:Y.scope??null,rawProfile:B.rawProfile,lastUsedAt:new Date}).where(Or(X.id,qn.id))}else await _.insert(X).values({userId:z,provider:E,providerAccountId:B.providerAccountId,providerEmail:B.email??null,providerName:B.name??null,providerAvatarUrl:B.avatarUrl??null,accessToken:Y.accessToken,refreshToken:Y.refreshToken??null,tokenExpiresAt:Y.expiresAt??null,scope:Y.scope??null,rawProfile:B.rawProfile,isPrimary:!1,lastUsedAt:new Date})}w.info("[OAUTH] Account linked successfully",{userId:z,provider:E});let ln=h.redirectUrl||r.successRedirectUrl;return $.set.status=302,$.set.headers.Location=`${ln}?linked=true&provider=${E}`,null}if(X){let ln=await _.select().from(X).where(L0(Or(X.provider,E),Or(X.providerAccountId,B.providerAccountId))).limit(1);if(ln.length>0){let Qn=ln[0];z=Qn.userId,await _.update(X).set({accessToken:Y.accessToken,refreshToken:Y.refreshToken??null,tokenExpiresAt:Y.expiresAt??null,scope:Y.scope??null,rawProfile:B.rawProfile,lastUsedAt:new Date}).where(Or(X.id,Qn.id))}}if(!z&&B.email){let ln=await _.select().from(g).where(Or(g.email,B.email)).limit(1);if(ln.length>0){if(z=ln[0].id,X)await _.insert(X).values({userId:z,provider:E,providerAccountId:B.providerAccountId,providerEmail:B.email??null,providerName:B.name??null,providerAvatarUrl:B.avatarUrl??null,accessToken:Y.accessToken,refreshToken:Y.refreshToken??null,tokenExpiresAt:Y.expiresAt??null,scope:Y.scope??null,rawProfile:B.rawProfile,isPrimary:!1,lastUsedAt:new Date}).onConflictDoNothing();w.info("[OAUTH] Merged OAuth account with existing user by email",{userId:z,provider:E,email:B.email})}}if(!z){if(!r.autoCreateUser)return $.set.status=302,$.set.headers.Location=`${A}?error=user_not_found`,null;let ln=B.email??`${E}_${B.providerAccountId}@oauth.local`;if(z=(await _.insert(g).values({email:ln,password:null,verifiedAt:B.email?new Date:null,isActive:!0}).returning())[0].id,X)await _.insert(X).values({userId:z,provider:E,providerAccountId:B.providerAccountId,providerEmail:B.email??null,providerName:B.name??null,providerAvatarUrl:B.avatarUrl??null,accessToken:Y.accessToken,refreshToken:Y.refreshToken??null,tokenExpiresAt:Y.expiresAt??null,scope:Y.scope??null,rawProfile:B.rawProfile,isPrimary:!0,lastUsedAt:new Date});if(w.info("[OAUTH] Created new user via OAuth",{userId:z,provider:E,email:B.email}),r.sendInviteOnCreate&&B.email&&s?.isAvailable()&&f)try{let gn=yc(),Gn=Mt(gn),Un=new Date(Date.now()+Tc("7d"));await f({userId:z,email:B.email,tokenHash:Gn,expiresAt:Un});let Sn=`${r.successRedirectUrl.replace(/\/$/,"").replace(/\/[^/]+$/,"/set-password")}?token=${gn}`;await s.sendEmail({to:B.email,subject:`Welcome to ${d??"the platform"} \u2014 Set your password`,html:`
-								<p>Hi${B.name?` ${B.name}`:""},</p>
-								<p>Your account has been created via ${E} login. You can optionally set a password to also sign in with your email and password.</p>
+				`),R=(Array.isArray(A)?A:A.rows||[]).map((B)=>String(B.table_name||""));o.info("[AUTH] Change User ID - discovered schema references",{fkConstraints:$.map((B)=>`${B.table_name}.${B.column_name} (${B.constraint_name})`),userIdColumns:W.map((B)=>`${B.table_name}.${B.column_name}`),auditColumns:D.map((B)=>`${B.table_name}.${B.column_name}`),polyTables:R});let z=new Map,V=(B,J)=>{if(!z.has(B))z.set(B,new Set);z.get(B)?.add(J)};for(let B of $)V(B.table_name,B.column_name);for(let B of W)V(B.table_name,B.column_name);for(let B of D)V(B.table_name,B.column_name);o.info("[AUTH] Change User ID - all column updates to execute",{updates:Array.from(z.entries()).map(([B,J])=>`${B}: [${Array.from(J).join(", ")}]`)}),await t.transaction(async(B)=>{for(let J of $)await B.execute(ao.raw(`ALTER TABLE "${r}"."${J.table_name}" DROP CONSTRAINT "${J.constraint_name}"`));await B.execute(ao.raw(`UPDATE "${r}"."users" SET "id" = '${_}' WHERE "id" = '${d}'`));for(let[J,G]of z.entries())for(let F of G)await B.execute(ao.raw(`UPDATE "${r}"."${J}" SET "${F}" = '${_}' WHERE "${F}" = '${d}'`));for(let J of R)await B.execute(ao.raw(`UPDATE "${r}"."${J}" SET "owner_id" = '${_}' WHERE "owner_id" = '${d}' AND "owner_type" IN ('user', 'users', 'User')`));for(let J of $){let G=J.delete_rule==="CASCADE"?"ON DELETE CASCADE":J.delete_rule==="SET NULL"?"ON DELETE SET NULL":"";await B.execute(ao.raw(`ALTER TABLE "${r}"."${J.table_name}" ADD CONSTRAINT "${J.constraint_name}" FOREIGN KEY ("${J.column_name}") REFERENCES "${r}"."users" ("id") ${G}`))}});let Q=[...new Set([...$.map((B)=>B.table_name),...W.map((B)=>B.table_name),...D.map((B)=>B.table_name),...R])];return o.info("[AUTH] User ID changed successfully",{godminId:e,currentId:d,newId:_,email:u.email,affectedTables:Q,fkConstraintsDroppedAndReadded:$.length}),await o.audit({entityName:"users",entityId:_,operation:"CHANGE_USER_ID",userId:e,summary:`Godmin changed user ID: ${d} \u2192 ${_} (${u.email})`,oldValues:{id:d},newValues:{id:_},ipAddress:a.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||"unknown",userAgent:a.request.headers.get("user-agent")||"unknown",path:new URL(a.request.url).pathname,query:""}),{success:!0,data:{oldId:d,newId:_,email:u.email,affectedTables:Q}}}catch(l){return o.error("[AUTH] Failed to change user ID",{error:l instanceof Error?l.message:String(l),stack:l instanceof Error?l.stack:void 0,currentId:d,newId:_}),a.set.status=500,{success:!1,message:l instanceof Error?l.message:"Failed to change user ID"}}},{body:If.Object({currentId:If.String(),newId:If.String()}),detail:{tags:["Authentication"],summary:"Change User ID",description:"Godmin: change a user's UUID while preserving all FK relations, audit columns, and polymorphic references"}}),i}var pf=()=>{};import{eq as yf}from"drizzle-orm";import{Elysia as T3,t as Ob}from"elysia";function Be(n,r,t,o,c,i){let{db:a,logger:e,usersTable:s}=n,f=new T3,d={accessTokenName:i?.accessTokenName||"access_token",refreshTokenName:i?.refreshTokenName||"refresh_token",sessionTokenName:i?.sessionTokenName||"session_token",accessTokenMaxAge:i?.accessTokenMaxAge||900,refreshTokenMaxAge:i?.refreshTokenMaxAge||604800,sessionTokenMaxAge:i?.sessionTokenMaxAge||900,secure:i?.secure??!0,sameSite:i?.sameSite||"strict",path:i?.path||"/"};return f.post("/auth/admin/impersonate",async(_)=>{if(!a||!s)return{success:!1,message:"Database not configured"};let w=_.request.headers.get("x-user-id");if(!w)return _.set.status=401,{success:!1,message:"Unauthorized"};let{targetUserId:g}=_.body,m=(await a.select().from(s).where(yf(s.id,w)).limit(1))[0];if(!m||!m.isGod)return _.set.status=403,{success:!1,message:"Forbidden: godmin privileges required"};if(w===g)return _.set.status=400,{success:!1,message:"Cannot impersonate yourself"};let E=(await a.select().from(s).where(yf(s.id,g)).limit(1))[0];if(!E)return _.set.status=404,{success:!1,message:"Target user not found"};let $=r(g),S=t(g),U=_.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||"unknown",W={userId:g,deviceInfo:{deviceName:"Impersonation Session",browserName:"Admin",osName:"Admin",ipAddress:U},loginMethod:"impersonation"},H=await o(W);if(c)await c(H,W);e.info("[AUTH] Impersonation started",{godminId:w,targetUserId:g,targetEmail:E.email}),await e.audit({entityName:"users",entityId:g,operation:"IMPERSONATE_START",userId:w,summary:`Godmin ${m.email} started impersonating ${E.email}`,ipAddress:_.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||"unknown",userAgent:_.request.headers.get("user-agent")||"unknown",path:new URL(_.request.url).pathname,query:""});let k=d.secure?"; Secure":"",D=`; Path=${d.path}; HttpOnly; SameSite=${d.sameSite}${k}`,A=[`${d.accessTokenName}=${$}${D}; Max-Age=${d.accessTokenMaxAge}`,`${d.refreshTokenName}=${S}${D}; Max-Age=${d.refreshTokenMaxAge}`,`${d.sessionTokenName}=${H}${D}; Max-Age=${d.sessionTokenMaxAge}`,`nucleus_impersonating_as=${g}${D}; Max-Age=${d.sessionTokenMaxAge}`,`nucleus_godmin_id=${w}${D}; Max-Age=${d.sessionTokenMaxAge}`,`nucleus_impersonating_email=${encodeURIComponent(String(E.email))}${D}; Max-Age=${d.sessionTokenMaxAge}`],h=JSON.stringify({success:!0,data:{targetUser:{id:E.id,email:E.email},godminId:w,sessionId:H}}),R=new Headers;R.set("Content-Type","application/json");for(let z of A)R.append("Set-Cookie",z);return new Response(h,{status:200,headers:R})},{body:Ob.Object({targetUserId:Ob.String()}),detail:{tags:["Authentication"],summary:"Impersonate User",description:"Godmin: start a session as another user"}}),f.post("/auth/admin/impersonate/stop",async(_)=>{if(!a||!s)return{success:!1,message:"Database not configured"};let w=_.request.headers.get("cookie")||"",u=Object.fromEntries(w.split(";").map((z)=>{let[V,...Q]=z.trim().split("=");return[V?.trim(),Q.join("=")]})).nucleus_godmin_id;if(!u)return _.set.status=400,{success:!1,message:"No active impersonation session"};let l=(await a.select().from(s).where(yf(s.id,u)).limit(1))[0];if(!l)return _.set.status=404,{success:!1,message:"Godmin user not found"};let E=r(u),$=t(u),S=_.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||"unknown",U={userId:u,deviceInfo:{deviceName:"Restored Admin Session",browserName:"Admin",osName:"Admin",ipAddress:S},loginMethod:"impersonation_stop"},W=await o(U);if(c)await c(W,U);e.info("[AUTH] Impersonation stopped",{godminId:u}),await e.audit({entityName:"users",entityId:u,operation:"IMPERSONATE_STOP",userId:u,summary:`Godmin ${l.email} stopped impersonation`,ipAddress:_.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||"unknown",userAgent:_.request.headers.get("user-agent")||"unknown",path:new URL(_.request.url).pathname,query:""});let H=d.secure?"; Secure":"",k=`; Path=${d.path}; HttpOnly; SameSite=${d.sameSite}${H}`,D=`; Path=${d.path}; HttpOnly; SameSite=${d.sameSite}${H}; Max-Age=0`,A=[`${d.accessTokenName}=${E}${k}; Max-Age=${d.accessTokenMaxAge}`,`${d.refreshTokenName}=${$}${k}; Max-Age=${d.refreshTokenMaxAge}`,`${d.sessionTokenName}=${W}${k}; Max-Age=${d.sessionTokenMaxAge}`,`nucleus_impersonating_as=deleted${D}`,`nucleus_godmin_id=deleted${D}`,`nucleus_impersonating_email=deleted${D}`],h=JSON.stringify({success:!0,data:{godminUser:{id:l.id,email:l.email},sessionId:W}}),R=new Headers;R.set("Content-Type","application/json");for(let z of A)R.append("Set-Cookie",z);return new Response(h,{status:200,headers:R})},{detail:{tags:["Authentication"],summary:"Stop Impersonation",description:"Godmin: restore own session after impersonation"}}),f}var Tf=()=>{};import{and as Ue,count as nA,eq as Ar,sql as rA}from"drizzle-orm";function We(n,r,t){let o=t.route||"/auth/api-keys",c=r.apiKeysTable,{db:i,logger:a}=r;if(!c||!i){a.warn("[API_KEYS] api_keys table or database not available. Skipping API key routes.");return}let e=t.keyPrefix||"nk_live",s=t.maxKeysPerUser||10,f=t.preventApiKeyManagement??!1;n.post(o,async({request:d,set:_})=>{if(f)return _.status=403,{isSuccess:!1,message:"API key management is disabled via configuration",data:null};if(d.headers.get("x-auth-type")==="api_key")return _.status=403,{isSuccess:!1,message:"API keys cannot be created using another API key",data:null};let g=d.headers.get("x-user-id");if(!g)return _.status=401,{isSuccess:!1,message:"Unauthenticated",data:null};let u;try{u=await d.json()}catch{return _.status=400,{isSuccess:!1,message:"Invalid request body",data:null}}if(!u.name||typeof u.name!=="string"||u.name.trim().length===0)return _.status=400,{isSuccess:!1,message:"Name is required",data:null};if(u.ownerType==="application"){if(!(t.allowApplicationKeys??!0))return _.status=403,{isSuccess:!1,message:"Application API keys are not allowed",data:null};if(!u.applicationName||u.applicationName.trim().length===0)return _.status=400,{isSuccess:!1,message:"Application name is required for application keys",data:null}}if(((await i.select({count:nA()}).from(c).where(Ue(Ar(Kn(c,"userId"),g),Ar(Kn(c,"isActive"),!0))))[0]?.count||0)>=s)return _.status=400,{isSuccess:!1,message:`Maximum API key limit reached (${s})`,data:null};let E=await Nb(r,g),$=await xb(r,g),S=E.some((V)=>nc(V)),U=u.allowedRoles||[],W=u.allowedClaims||[],H=u.allowedScopes||[],k=(V)=>V.filter((Q)=>!nc(Q)),D,A;if(S)D=U.length>0?k(U):[],A=W.length>0?W:$;else{let V=Qt(E,U),Q=Qt($,W);if(U.length>0&&V.length!==U.length){let B=U.filter((J)=>!E.includes(J));return _.status=403,{isSuccess:!1,message:`Cannot assign roles you do not have: ${B.join(", ")}`,data:null}}if(W.length>0&&Q.length!==W.length){let B=W.filter((J)=>!$.includes(J));return _.status=403,{isSuccess:!1,message:`Cannot assign claims you do not have: ${B.join(", ")}`,data:null}}if(H.length>0){let B=await Pb(r,g);if(Qt(B,H).length!==H.length){let G=H.filter((F)=>!B.includes(F));return _.status=403,{isSuccess:!1,message:`Cannot assign scopes you do not have: ${G.join(", ")}`,data:null}}}D=k(U.length>0?V:E),A=W.length>0?Q:$}let h=null,R=u.expiresIn||t.defaultExpiresIn;if(R){let V=pr(R);h=new Date(Date.now()+V*1000)}let z=Yd(e);try{return await i.insert(c).values({userId:g,name:u.name.trim(),description:u.description?.trim()||null,keyHash:z.keyHash,keyPreview:z.keyPreview,ownerType:u.ownerType||"personal",applicationName:u.applicationName?.trim()||null,allowedRoles:D,allowedClaims:A,allowedScopes:H,expiresAt:h,isActive:!0,usageCount:0,createdAt:new Date,updatedAt:new Date}),a.info("[API_KEYS] API key created",{userId:g,ownerType:u.ownerType||"personal",applicationName:u.applicationName,rolesCount:D.length,claimsCount:A.length,expiresAt:h?.toISOString()||"never"}),{isSuccess:!0,message:"API key created successfully. Save this key \u2014 it will not be shown again.",data:{key:z.rawKey,keyPreview:z.keyPreview,name:u.name.trim(),ownerType:u.ownerType||"personal",applicationName:u.applicationName||null,allowedRoles:D,allowedClaims:A,allowedScopes:H,expiresAt:h?.toISOString()||null}}}catch(V){let Q=V instanceof Error?V.message:String(V);return a.error("[API_KEYS] Failed to create API key",{error:Q,userId:g}),_.status=500,{isSuccess:!1,message:`Failed to create API key: ${Q}`,data:null}}}),n.get(o,async({request:d,set:_})=>{let w=d.headers.get("x-user-id");if(!w)return _.status=401,{isSuccess:!1,message:"Unauthenticated",data:null};let u=(await i.select().from(c).where(Ar(Kn(c,"userId"),w)).orderBy(rA`created_at DESC`)).map((m)=>n_(m));return{isSuccess:!0,data:{items:u,totalCount:u.length}}}),n.get(`${o}/:id`,async({params:d,request:_,set:w})=>{let g=_.headers.get("x-user-id");if(!g)return w.status=401,{isSuccess:!1,message:"Unauthenticated",data:null};let u=d.id,l=(await i.select().from(c).where(Ue(Ar(Kn(c,"id"),u),Ar(Kn(c,"userId"),g))).limit(1))[0];if(!l)return w.status=404,{isSuccess:!1,message:"API key not found",data:null};return{isSuccess:!0,data:n_(l)}}),n.patch(`${o}/:id`,async({params:d,request:_,set:w})=>{if(f)return w.status=403,{isSuccess:!1,message:"API key management is disabled via configuration",data:null};if(_.headers.get("x-auth-type")==="api_key")return w.status=403,{isSuccess:!1,message:"API keys cannot be modified using another API key",data:null};let u=_.headers.get("x-user-id");if(!u)return w.status=401,{isSuccess:!1,message:"Unauthenticated",data:null};let m=d.id,l;try{l=await _.json()}catch{return w.status=400,{isSuccess:!1,message:"Invalid request body",data:null}}let $=(await i.select().from(c).where(Ue(Ar(Kn(c,"id"),m),Ar(Kn(c,"userId"),u))).limit(1))[0];if(!$)return w.status=404,{isSuccess:!1,message:"API key not found",data:null};if($.revokedAt)return w.status=400,{isSuccess:!1,message:"Cannot modify a revoked API key",data:null};let S=await Nb(r,u),U=await xb(r,u),W={updatedAt:new Date};if(l.name!==void 0){if(typeof l.name!=="string"||l.name.trim().length===0)return w.status=400,{isSuccess:!1,message:"Name cannot be empty",data:null};W.name=l.name.trim()}if(l.description!==void 0)W.description=l.description?.trim()||null;if(l.allowedRoles!==void 0){if(Qt(S,l.allowedRoles).length!==l.allowedRoles.length){let k=l.allowedRoles.filter((D)=>!S.includes(D));return w.status=403,{isSuccess:!1,message:`Cannot assign roles you do not have: ${k.join(", ")}`,data:null}}W.allowedRoles=l.allowedRoles.filter((k)=>!nc(k))}if(l.allowedClaims!==void 0){if(Qt(U,l.allowedClaims).length!==l.allowedClaims.length){let k=l.allowedClaims.filter((D)=>!U.includes(D));return w.status=403,{isSuccess:!1,message:`Cannot assign claims you do not have: ${k.join(", ")}`,data:null}}W.allowedClaims=l.allowedClaims}if(l.allowedScopes!==void 0){if(l.allowedScopes.length>0){let H=await Pb(r,u);if(Qt(H,l.allowedScopes).length!==l.allowedScopes.length){let D=l.allowedScopes.filter((A)=>!H.includes(A));return w.status=403,{isSuccess:!1,message:`Cannot assign scopes you do not have: ${D.join(", ")}`,data:null}}}W.allowedScopes=l.allowedScopes}try{await i.update(c).set(W).where(Ar(Kn(c,"id"),m)),a.info("[API_KEYS] API key updated",{keyId:m,userId:u});let H=await i.select().from(c).where(Ar(Kn(c,"id"),m)).limit(1);return{isSuccess:!0,message:"API key updated successfully",data:n_(H[0])}}catch(H){return a.error("[API_KEYS] Failed to update API key",{error:H,keyId:m,userId:u}),w.status=500,{isSuccess:!1,message:"Failed to update API key",data:null}}}),n.delete(`${o}/:id`,async({params:d,request:_,set:w})=>{if(_.headers.get("x-auth-type")==="api_key")return w.status=403,{isSuccess:!1,message:"API keys cannot be revoked using another API key",data:null};let u=_.headers.get("x-user-id");if(!u)return w.status=401,{isSuccess:!1,message:"Unauthenticated",data:null};let m=d.id,l={};try{let U=await _.clone().text();if(U)l=JSON.parse(U)}catch{}let $=(await i.select().from(c).where(Ue(Ar(Kn(c,"id"),m),Ar(Kn(c,"userId"),u))).limit(1))[0];if(!$)return w.status=404,{isSuccess:!1,message:"API key not found",data:null};if($.revokedAt)return w.status=400,{isSuccess:!1,message:"API key is already revoked",data:null};try{return await i.update(c).set({isActive:!1,revokedAt:new Date,revokedReason:l.reason||"user_revoked",updatedAt:new Date}).where(Ar(Kn(c,"id"),m)),a.info("[API_KEYS] API key revoked",{keyId:m,userId:u,reason:l.reason||"user_revoked"}),{isSuccess:!0,message:"API key revoked successfully",data:null}}catch(S){return a.error("[API_KEYS] Failed to revoke API key",{error:S,keyId:m,userId:u}),w.status=500,{isSuccess:!1,message:"Failed to revoke API key",data:null}}}),a.info(`[API_KEYS] Routes registered at ${o}`)}var Kn=(n,r)=>n[r],Nb=async(n,r)=>{if(!n.db||!n.userRolesTable||!n.rolesTable)return[];return(await n.db.select({name:Kn(n.rolesTable,"name")}).from(n.userRolesTable).innerJoin(n.rolesTable,Ar(Kn(n.rolesTable,"id"),Kn(n.userRolesTable,"roleId"))).where(Ar(Kn(n.userRolesTable,"userId"),r))).map((o)=>o.name).filter((o)=>o!==void 0)},xb=async(n,r)=>{if(!n.db||!n.userRolesTable||!n.roleClaimsTable||!n.claimsTable)return[];let t=await n.db.select({action:Kn(n.claimsTable,"action")}).from(n.userRolesTable).innerJoin(n.roleClaimsTable,Ar(Kn(n.roleClaimsTable,"roleId"),Kn(n.userRolesTable,"roleId"))).innerJoin(n.claimsTable,Ar(Kn(n.claimsTable,"id"),Kn(n.roleClaimsTable,"claimId"))).where(Ar(Kn(n.userRolesTable,"userId"),r)),o=new Set(t.map((c)=>c.action));return Array.from(o).filter((c)=>c!==void 0)},Pb=async(n,r)=>{if(!n.db||!n.userRolesTable||!n.roleClaimsTable)return[];let t=await n.db.select({scope:Kn(n.roleClaimsTable,"scope")}).from(n.userRolesTable).innerJoin(n.roleClaimsTable,Ar(Kn(n.roleClaimsTable,"roleId"),Kn(n.userRolesTable,"roleId"))).where(Ar(Kn(n.userRolesTable,"userId"),r)),o=new Set(t.map((c)=>c.scope).filter((c)=>c!==null&&c!==void 0&&c.length>0));return Array.from(o)},n_=(n)=>{let{keyHash:r,...t}=n;return t};var r_=b(()=>{Xa();te();Qi()});import{Elysia as tA,t as Gr}from"elysia";function Cb(n){let{captchaService:r,logger:t,basePath:o="/auth/captcha"}=n,c=new tA;if(!r.isEnabled())return c;return c.get(`${o}/generate`,async(i)=>{let{type:a,difficulty:e}=i.query,s=i.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||i.request.headers.get("x-real-ip")?.trim()||i.request.headers.get("cf-connecting-ip")?.trim()||"unknown",f=await r.generate(a,e,s);if(f.rateLimited)return i.set.status=429,{success:!1,message:f.message??"Too many requests. Please try again later."};return t.info("[CAPTCHA] Challenge generated via endpoint",{challengeId:f.challengeId,type:f.type,ipAddress:s}),{success:!0,data:{challengeId:f.challengeId,type:f.type,question:f.question,expiresAt:f.expiresAt,...f.imageData?{imageData:f.imageData}:{},...f.puzzleData?{puzzleData:{pieces:f.puzzleData.pieces}}:{}}}},{query:oA,detail:{tags:["Captcha"],summary:"Generate Captcha",description:"Generate a new captcha challenge"}}),c.post(`${o}/validate`,async(i)=>{let{challengeId:a,answer:e}=i.body,s=await r.validate(a,e);if(!s.valid)i.set.status=400;return s},{body:cA,detail:{tags:["Captcha"],summary:"Validate Captcha",description:"Validate a captcha answer"}}),c}var oA,cA;var Fb=b(()=>{oA=Gr.Object({type:Gr.Optional(Gr.Union([Gr.Literal("math"),Gr.Literal("image"),Gr.Literal("puzzle"),Gr.Literal("text")])),difficulty:Gr.Optional(Gr.Union([Gr.Literal("easy"),Gr.Literal("medium"),Gr.Literal("hard")]))}),cA=Gr.Object({challengeId:Gr.String(),answer:Gr.String()})});function jb(n,r){let{db:t,logger:o}=n,c=r.route||"/auth/check";return(i)=>i.post(c,async(a)=>{let{body:e,request:s,set:f}=a,d=s.headers.get("x-user-id");if(!d)return f.status=401,{isSuccess:!1,message:"Unauthenticated",data:null};if(!t)return f.status=503,{isSuccess:!1,message:"Authorization service unavailable",data:null};let _=n.schemaTables;if(!_)return f.status=503,{isSuccess:!1,message:"Authorization tables not available",data:null};let{entity:w,method:g,fields:u,relations:m}=e;if(!w||!g)return f.status=400,{isSuccess:!1,message:"entity and method are required",data:null};let l=await oe({userId:d,method:g,entity:w,requestedFields:u,requestedRelations:m,db:t,schemaTables:_,logger:o});return{isSuccess:!0,message:l.authorized?"Authorized":"Forbidden",data:{authorized:l.authorized,reason:l.reason,allowedFields:l.allowedFields,allowedRelations:l.allowedRelations,scopeFilters:l.scopeFilters}}},{detail:{tags:["Auth"],summary:"Check authorization for a given entity and method",description:"Allows consumer/resource servers to perform full claim checks (including scope) against the IDP's authorization system."}})}var qb=b(()=>{Ks()});import iA from"crypto";var{password:aA}=globalThis.Bun;async function Xo(n){return await aA.hash(n,{algorithm:"bcrypt",cost:10})}function Ve(){return iA.randomBytes(32).toString("hex")}function Ic(n){let r=n.match(/^(\d+)(s|m|h|d)$/);if(!r||!r[1]||!r[2])return 86400000;let t=Number.parseInt(r[1],10);switch(r[2]){case"s":return t*1000;case"m":return t*60*1000;case"h":return t*60*60*1000;case"d":return t*24*60*60*1000;default:return 86400000}}function Kb(n){let r=[];if(n.length<8)r.push("Password must be at least 8 characters");if(!/[A-Z]/.test(n))r.push("Password must contain uppercase letter");if(!/[a-z]/.test(n))r.push("Password must contain lowercase letter");if(!/[0-9]/.test(n))r.push("Password must contain a number");return{valid:r.length===0,errors:r}}var pc=()=>{};import{sql as Ye}from"drizzle-orm";import{Elysia as eA,t as Je}from"elysia";function Xe(n){let{authConfig:r,registerConfig:t,emailService:o,appName:c}=n,{db:i,logger:a,usersTable:e}=r,s=new eA;if(!t.enabled||!t.emailVerification?.enabled)return s;let f="/verify-email",d="/resend-verification";return s.get(f,async(_)=>{if(!i||!e)return{success:!1,message:"Database not configured"};let w=_.query.token;if(!w)return{success:!1,message:"Verification token is required"};let g=await i.select().from(e).where(Ye`email_verification_token = ${w}`).limit(1);if(g.length===0)return a.warn("[AUTH] Email verification failed - invalid token"),{success:!1,message:"Invalid or expired verification token"};let u=g[0],m=u.emailVerificationTokenExpiresAt;if(m&&new Date>new Date(m))return a.warn("[AUTH] Email verification failed - token expired",{userId:u.id,email:u.email}),{success:!1,message:"Verification token has expired. Please request a new one."};if(await i.update(e).set({verifiedAt:new Date,emailVerificationToken:null,emailVerificationTokenExpiresAt:null}).where(Ye`id = ${u.id}`),a.info("[AUTH] Email verified successfully",{userId:u.id,email:u.email}),t.emailVerification?.templates?.welcome?.enabled&&o?.isAvailable())o.sendWelcomeEmail(u.email,u.email.split("@")[0]||"User",c||"Nucleus").catch((E)=>{a.error("[AUTH] Failed to send welcome email after verification",{email:u.email,error:E})});return{success:!0,message:"Email verified successfully. You can now log in.",data:{redirectUrl:t.emailVerification?.redirectUrl||"/login",verified:!0}}},{query:Je.Object({token:Je.String()}),detail:{tags:["Authentication"],summary:"Verify Email",description:"Verify user email address using the verification token"}}),s.post(d,async(_)=>{if(!i||!e)return{success:!1,message:"Database not configured"};if(!o?.isAvailable())return{success:!1,message:"Email service not available"};let{email:w}=_.body,g=await i.select().from(e).where(Ye`email = ${w}`).limit(1);if(g.length===0)return{success:!0,message:"If your email is registered, you will receive a verification email."};let u=g[0];if(u.verifiedAt)return{success:!1,message:"Email is already verified"};let m=t.emailVerification?.maxResendAttempts||3,l=u.emailVerificationAttempts||0;if(l>=m)return a.warn("[AUTH] Resend verification failed - max attempts reached",{email:w,attempts:l}),{success:!1,message:"Maximum resend attempts reached. Please contact support.",data:{maxAttemptsReached:!0,attemptsUsed:l,maxAttempts:m}};let E=t.emailVerification?.resendCooldown||"60s",$=Ic(E),S=u.emailVerificationSentAt;if(S){let h=Date.now()-new Date(S).getTime();if(h<$){let R=Math.ceil(($-h)/1000);return{success:!1,message:`Please wait ${R} seconds before requesting another verification email.`,data:{cooldownRemaining:R,canResendAt:new Date(Date.now()+R*1000).toISOString()}}}}let U=Ve(),W=t.emailVerification?.tokenExpiresIn||"24h",H=new Date(Date.now()+Ic(W));await i.update(e).set({emailVerificationToken:U,emailVerificationTokenExpiresAt:H,emailVerificationSentAt:new Date,emailVerificationAttempts:l+1}).where(Ye`id = ${u.id}`);let D=`${(t.emailVerification?.redirectUrl||"http://localhost:3000/login").replace("/login","/verify-email")}?token=${U}`,A=await o.sendVerificationEmail(w,w.split("@")[0]||"User",D,c||"Nucleus");if(A.success)return a.info("[AUTH] Verification email resent",{email:w}),{success:!0,message:"Verification email sent. Please check your inbox.",data:{cooldownSeconds:Math.ceil($/1000),canResendAt:new Date(Date.now()+$).toISOString(),attemptsRemaining:m-(l+1)}};return a.error("[AUTH] Failed to resend verification email",{email:w,error:A.error}),{success:!1,message:"Failed to send verification email. Please try again later."}},{body:Je.Object({email:Je.String({format:"email"})}),detail:{tags:["Authentication"],summary:"Resend Verification Email",description:"Resend the email verification link to the user"}}),s}var t_=b(()=>{pc()});import vb from"crypto";function yc(){return vb.randomBytes(32).toString("hex")}function Mt(n){return vb.createHash("sha256").update(n).digest("hex")}function Tc(n){let r=n.match(/^(\d+)(s|m|h|d)$/);if(!r?.[1]||!r[2])return 900000;let t=parseInt(r[1],10);switch(r[2]){case"s":return t*1000;case"m":return t*60*1000;case"h":return t*60*60*1000;case"d":return t*24*60*60*1000;default:return 900000}}var yi=()=>{};import{eq as sA}from"drizzle-orm";import{Elysia as fA,t as Le}from"elysia";function Qe(n,r,t,o,c,i){let{db:a,logger:e,usersTable:s}=n,f=r.route||"/auth/invite",d=r.tokenExpiresIn||"7d",_=r.redirectUrl||"",w=new fA;if(!r.enabled)return w;if(w.post(f,async(g)=>{if(!a||!s)return{success:!1,message:"Database not configured"};if(!t?.isAvailable())return e.error("[AUTH] Invite requested but email service not available"),{success:!1,message:"Email service not available"};let{email:u}=g.body,m=await a.select().from(s).where(sA(s.email,u)).limit(1),l;if(m.length>0){let H=m[0];if(H.verifiedAt||H.password)return e.warn("[AUTH] Invite failed - user already verified",{email:u}),{success:!1,message:"User with this email is already verified"};l=H.id,e.info("[AUTH] Resending invitation to existing unverified user",{userId:l,email:u})}else{let H={email:u,password:null,emailVerified:!1,isLocked:!1,createdAt:new Date,updatedAt:new Date},D=(await a.insert(s).values(H).returning())[0];if(!D)return e.error("[AUTH] Failed to create invited user",{email:u}),{success:!1,message:"Failed to create user"};l=D.id,e.info("[AUTH] Invited user created",{userId:l,email:u})}let E=yc(),$=Mt(E),S=new Date(Date.now()+Tc(d));await o({userId:l,email:u,tokenHash:$,expiresAt:S});let U=_?`${_}?token=${E}&invite=true`:`/auth/magic-link/verify?token=${E}`,W=await t.sendInvitationEmail(u,U,c||"Nucleus");if(!W.success)return e.error("[AUTH] Failed to send invitation email",{email:u,error:W.error}),{success:!0,message:"User created but failed to send invitation email",data:{id:l,email:u}};return e.info("[AUTH] Invitation email sent",{email:u,userId:l}),{success:!0,message:"Invitation sent successfully",data:{id:l,email:u}}},{body:_A,detail:{tags:["Authentication"],summary:"Invite User",description:"Invite a new user by sending them an email with a magic link to set their password"}}),i)w.post(`${f}/verify`,async(g)=>{let{token:u}=g.body;if(!u)return{success:!1,message:"Token is required"};let m=Mt(u),l=await i(m);if(!l)return e.warn("[AUTH] Invalid invite verify token"),{success:!1,message:"Invalid or expired token"};if(new Date>l.expiresAt)return e.warn("[AUTH] Expired invite verify token",{email:l.email}),{success:!1,message:"Invalid or expired token"};return e.info("[AUTH] Invite token verified (not consumed)",{email:l.email,userId:l.userId}),{success:!0,data:{userId:l.userId,email:l.email}}},{body:Le.Object({token:Le.String()}),detail:{tags:["Authentication"],summary:"Verify Invite Token",description:"Validate an invite token without consuming it. Returns user info if valid."}});return w}var _A;var o_=b(()=>{yi();_A=Le.Object({email:Le.String({format:"email"})})});import{t as cr}from"elysia";var c_,lA;var i_=b(()=>{c_=cr.Object({email:cr.String({format:"email"}),password:cr.String({minLength:1}),rememberMe:cr.Optional(cr.Boolean()),captchaId:cr.Optional(cr.String()),captchaAnswer:cr.Optional(cr.String()),deviceHint:cr.Optional(cr.String())}),lA=cr.Object({success:cr.Boolean(),message:cr.Optional(cr.String()),data:cr.Optional(cr.Object({user:cr.Object({id:cr.String(),email:cr.String()}),accessToken:cr.String(),refreshToken:cr.String()}))})});var{password:dA}=globalThis.Bun;async function Ge(n,r){try{return await dA.verify(n,r)}catch{return!1}}function Oe(n,r,t){let o=n.toLowerCase(),c=["headlesschrome","headless","phantomjs","nightmare","selenium","webdriver","puppeteer","playwright"],i=["bot","crawler","spider","scraper","curl","wget","python-requests","python-urllib","java/","httpclient","go-http-client","node-fetch","axios","postman","insomnia","httpie"],a=c.some((l)=>o.includes(l)),e=i.some((l)=>o.includes(l)),s=a||e,f=[];if(a)f.push("headless_browser");if(e)f.push("bot_user_agent");if(!o||o.length<10)f.push("missing_or_short_ua");if(o==="mozilla/5.0")f.push("generic_ua");if(o.includes("nucleusserveraction")||o.includes("serveraction"))f.push("server_action");let d="unknown";if(o.includes("ipad"))d="tablet";else if(o.includes("iphone"))d="mobile";else if(o.includes("macintosh")||o.includes("windows")&&!o.includes("windows phone")||o.includes("linux")&&!o.includes("android"))d="desktop";else if(o.includes("tablet")||o.includes("android")&&o.includes("tablet"))d="tablet";else if(o.includes("mobile")||o.includes("android"))d="mobile";let _,w;if(a)_="Headless Browser";else if(e)_="Bot/Crawler";else if(o.includes("chrome")&&!o.includes("edg")){_="Chrome";let l=n.match(/Chrome\/(\d+\.\d+)/i);if(l?.[1])w=l[1]}else if(o.includes("firefox")){_="Firefox";let l=n.match(/Firefox\/(\d+\.\d+)/i);if(l?.[1])w=l[1]}else if(o.includes("safari")&&!o.includes("chrome")){_="Safari";let l=n.match(/Version\/(\d+\.\d+)/i);if(l?.[1])w=l[1]}else if(o.includes("edg")){_="Edge";let l=n.match(/Edg\/(\d+\.\d+)/i);if(l?.[1])w=l[1]}let g,u;if(o.includes("windows nt 10"))g="Windows",u="10/11";else if(o.includes("windows nt"))g="Windows";else if(o.includes("mac os x")){g="macOS";let l=n.match(/Mac OS X (\d+[._]\d+)/i);if(l?.[1])u=l[1].replace("_",".")}else if(o.includes("android")){g="Android";let l=n.match(/Android (\d+\.?\d*)/i);if(l?.[1])u=l[1]}else if(o.includes("iphone")||o.includes("ipad")){g="iOS";let l=n.match(/OS (\d+[._]\d+)/i);if(l?.[1])u=l[1].replace("_",".")}else if(o.includes("linux"))g="Linux";return{deviceName:_&&g?`${_} on ${g}`:"Unknown Device",deviceType:d,browserName:_,browserVersion:w,osName:g,osVersion:u,ipAddress:r,userAgent:n,deviceHint:t,locationCountry:void 0,locationCity:void 0,isHeadless:a,isBot:e,isSuspicious:s,suspiciousPatterns:f}}var Ne=()=>{};import{eq as a_}from"drizzle-orm";import{Elysia as uA}from"elysia";function xe(n,r,t,o,c,i,a,e,s){let{db:f,logger:d,usersTable:_}=n,w=r.route||"/auth/login",g={accessTokenName:a?.accessTokenName||"access_token",refreshTokenName:a?.refreshTokenName||"refresh_token",sessionTokenName:a?.sessionTokenName||"session_token",accessTokenMaxAge:a?.accessTokenMaxAge||900,refreshTokenMaxAge:a?.refreshTokenMaxAge||604800,sessionTokenMaxAge:a?.sessionTokenMaxAge||900,secure:a?.secure??!0,httpOnly:a?.httpOnly??!0,sameSite:a?.sameSite||"strict",path:a?.path||"/",domain:a?.domain},u=new uA;if(!r.enabled)return u;return u.post(w,async(m)=>{if(!f||!_)return{success:!1,message:"Database not configured"};let{email:l,password:E,rememberMe:$,captchaId:S,captchaAnswer:U,deviceHint:W}=m.body;if(s?.isEnabled()){if(!S||!U)return m.set.status=400,{success:!1,message:"Captcha is required"};let rn=await s.validate(S,U);if(!rn.valid)return m.set.status=400,{success:!1,message:rn.message||"Invalid captcha",attemptsRemaining:rn.attemptsRemaining}}let k=(await f.select().from(_).where(a_(_.email,l)).limit(1))[0],D=new URL(m.request.url),A=m.request.headers.get("cf-connecting-ip")?.trim()||m.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||m.request.headers.get("x-real-ip")?.trim()||"unknown",h=m.request.headers.get("user-agent")||"unknown";if(!k)return d.warn("[AUTH] Login failed - user not found",{email:l}),await d.audit({entityName:"users",operation:"LOGIN_FAILED",summary:`Login failed: user not found (${l})`,ipAddress:A,userAgent:h,path:D.pathname,query:D.search}),{success:!1,message:"Invalid email or password"};if(k.isLocked)return d.warn("[AUTH] Login failed - account locked",{email:l,userId:k.id}),await d.audit({entityName:"users",entityId:k.id,operation:"LOGIN_FAILED",userId:k.id,summary:`Login failed: account locked (${l})`,ipAddress:A,userAgent:h,path:D.pathname,query:D.search}),{success:!1,message:"Account is locked"};if(!await Ge(E,k.password)){let rn=(k.failedLoginAttempts||0)+1;return await f.update(_).set({failedLoginAttempts:rn,isLocked:rn>=5,lockedUntil:rn>=5?new Date(Date.now()+1800000):null}).where(a_(_.id,k.id)),d.warn("[AUTH] Login failed - invalid password",{email:l,failedAttempts:rn}),await d.audit({entityName:"users",entityId:k.id,operation:"LOGIN_FAILED",userId:k.id,summary:`Login failed: invalid password (${l}, attempt ${rn})`,ipAddress:A,userAgent:h,path:D.pathname,query:D.search}),{success:!1,message:"Invalid email or password"}}await f.update(_).set({failedLoginAttempts:0,lastLoginAt:new Date,loginCount:(k.loginCount||0)+1}).where(a_(_.id,k.id));let z={};m.request.headers.forEach((rn,hn)=>{z[hn]=rn}),d.info("[AUTH] Login request headers",{headers:z});let V=m.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim(),Q=(rn)=>!rn||rn==="127.0.0.1"||rn==="::1"||rn==="localhost"||rn.startsWith("10.")||rn.startsWith("192.168.")||rn.startsWith("172."),B=m.request.headers.get("cf-connecting-ip")?.trim()||m.request.headers.get("true-client-ip")?.trim()||(!Q(V)?V:void 0)||m.request.headers.get("x-real-ip")?.trim()||m.request.headers.get("x-client-ip")?.trim()||V||"127.0.0.1",J=m.request.headers.get("user-agent")||"Unknown Browser";d.info("[AUTH] Parsed device info",{ipAddress:B,userAgent:J});let G=Oe(J,B,W);try{if(!Q(B)){let rn=await fetch(`http://ip-api.com/json/${B}?fields=country,city`);if(rn.ok){let hn=await rn.json();if(hn.country)G.locationCountry=hn.country;if(hn.city)G.locationCity=hn.city}}}catch{}let F=[],N=[],x=n.userRolesTable,y=n.rolesTable,O=n.roleClaimsTable,q=n.claimsTable;if(f&&x&&y)try{let{eq:rn,inArray:hn}=await import("drizzle-orm"),Tn=(await f.select().from(x).where(rn(x.userId,k.id))).map((Nr)=>Nr.roleId);if(Tn.length>0){if(F=(await f.select().from(y).where(hn(y.id,Tn))).map((Qr)=>Qr.name),O&&q){let Qr=await f.select().from(O).innerJoin(q,rn(O.claimId,q.id)).where(hn(O.roleId,Tn)),$r=new Set;for(let ar of Qr){let Ha=ar.claims?.action;if(Ha)$r.add(Ha)}N=Array.from($r)}}}catch{}let Z=t(k.id,F.length>0?F:void 0,N.length>0?N:void 0),nn=o(k.id),j=m.request.headers.get("origin")||m.request.headers.get("referer")?.replace(/\/[^/]*$/,"")||void 0,I={userId:k.id,deviceInfo:G,loginMethod:"password",rememberMe:$,requestOrigin:j},K=await c(I),tn=!1,wn=K;if(i){let rn=await i(K,I);if(rn?.requiresApproval){if(tn=!0,rn.sessionId)wn=rn.sessionId}}if(tn)return m.set.status=202,new Response(JSON.stringify({success:!1,requiresApproval:!0,sessionId:wn,message:"Login requires approval. Please check your email to approve this device."}),{status:202,headers:{"Content-Type":"application/json"}});d.info("[AUTH] Login successful",{userId:k.id,email:l,rememberMe:$}),await d.audit({entityName:"users",entityId:k.id,operation:"LOGIN",userId:k.id,summary:`${l} logged in successfully`,ipAddress:B,userAgent:J,path:D.pathname,query:D.search});let ln={accessToken:{setHeadersEnabled:e?.accessToken?.setHeadersEnabled??!0,returnJson:e?.accessToken?.returnJson??!0},refreshToken:{setHeadersEnabled:e?.refreshToken?.setHeadersEnabled??!0,returnJson:e?.refreshToken?.returnJson??!0},sessionToken:{setHeadersEnabled:e?.sessionToken?.setHeadersEnabled??!0,returnJson:e?.sessionToken?.returnJson??!0}},Qn=g.secure?"; Secure":"",qn=g.domain?`; Domain=${g.domain}`:"",gn=`; Path=${g.path}; HttpOnly; SameSite=${g.sameSite}${Qn}${qn}`,Gn=[];if(ln.accessToken.setHeadersEnabled)Gn.push(`${g.accessTokenName}=${Z}${gn}; Max-Age=${g.accessTokenMaxAge}`);if(ln.refreshToken.setHeadersEnabled)Gn.push(`${g.refreshTokenName}=${nn}${gn}; Max-Age=${g.refreshTokenMaxAge}`);if(ln.sessionToken.setHeadersEnabled)Gn.push(`${g.sessionTokenName}=${K}${gn}; Max-Age=${g.sessionTokenMaxAge}`);m.set.headers["x-session-id"]=K;let Un={user:{id:k.id,email:k.email}};if(ln.accessToken.returnJson)Un.accessToken=Z;if(ln.refreshToken.returnJson)Un.refreshToken=nn;if(ln.sessionToken.returnJson)Un.sessionId=K;let En=JSON.stringify({success:!0,data:Un}),Sn=new Headers;Sn.set("Content-Type","application/json"),Sn.set("x-session-id",K);for(let rn of Gn)Sn.append("Set-Cookie",rn);return new Response(En,{status:200,headers:Sn})},{body:c_,detail:{tags:["Authentication"],summary:"Login",description:"Authenticate user with email and password"}}),u}var e_=b(()=>{i_();Ne();i_()});function Zb(n){let r=n?.path||"/",t=n?.sameSite||"Strict",o=n?.secure!==!1?"; Secure":"",c=n?.domain?`; Domain=${n.domain}`:"",i=n?.accessTokenName||"access_token",a=n?.refreshTokenName||"refresh_token",e=n?.sessionTokenName||"session_token",s=`; Path=${r}; HttpOnly; SameSite=${t}${o}${c}; Max-Age=0`;return{"Set-Cookie":[`${i}=${s}`,`${a}=${s}`,`${e}=${s}`].join(", ")}}import{t as Pe}from"elysia";var wA;var Ib=b(()=>{wA=Pe.Object({success:Pe.Boolean(),message:Pe.Optional(Pe.String())})});import{Elysia as bA}from"elysia";function Ce(n,r,t,o,c){let{logger:i}=n,a=r.route||"/auth/logout",e=new bA;if(!r.enabled)return e;return e.post(a,async(s)=>{let f=s.request.headers.get("x-session-id"),d=s.request.headers.get("x-user-id");if(f){if(await t(f),o)await o(f,"user_logout")}let _=Zb(c);for(let[g,u]of Object.entries(_))s.set.headers[g]=u;i.info("[AUTH] Logout successful",{userId:d,sessionId:f});let w=new URL(s.request.url);return i.audit({entityName:"users",entityId:d||void 0,operation:"LOGOUT",userId:d||void 0,summary:`User logged out${f?` (session: ${f.substring(0,8)}...)`:""}`,ipAddress:s.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||s.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:s.request.headers.get("user-agent")||"unknown",path:w.pathname,query:w.search}),{success:!0,message:"Logged out successfully"}},{detail:{tags:["Authentication"],summary:"Logout",description:"Logout and invalidate session"}}),e}var s_=b(()=>{Ib()});var Yr={};ho(Yr,{IsUndefined:()=>_r,IsUint8Array:()=>so,IsSymbol:()=>u_,IsString:()=>Fn,IsRegExp:()=>na,IsObject:()=>On,IsNumber:()=>Tr,IsNull:()=>d_,IsIterator:()=>l_,IsFunction:()=>__,IsDate:()=>_c,IsBoolean:()=>eo,IsBigInt:()=>Ti,IsAsyncIterator:()=>f_,IsArray:()=>fr,HasPropertyKey:()=>Fe});function Fe(n,r){return r in n}function f_(n){return On(n)&&!fr(n)&&!so(n)&&Symbol.asyncIterator in n}function fr(n){return Array.isArray(n)}function Ti(n){return typeof n==="bigint"}function eo(n){return typeof n==="boolean"}function _c(n){return n instanceof globalThis.Date}function __(n){return typeof n==="function"}function l_(n){return On(n)&&!fr(n)&&!so(n)&&Symbol.iterator in n}function d_(n){return n===null}function Tr(n){return typeof n==="number"}function On(n){return typeof n==="object"&&n!==null}function na(n){return n instanceof globalThis.RegExp}function Fn(n){return typeof n==="string"}function u_(n){return typeof n==="symbol"}function so(n){return n instanceof globalThis.Uint8Array}function _r(n){return n===void 0}function gA(n){return n.map((r)=>je(r))}function mA(n){return new Date(n.getTime())}function $A(n){return new Uint8Array(n)}function hA(n){return new RegExp(n.source,n.flags)}function AA(n){let r={};for(let t of Object.getOwnPropertyNames(n))r[t]=je(n[t]);for(let t of Object.getOwnPropertySymbols(n))r[t]=je(n[t]);return r}function je(n){return fr(n)?gA(n):_c(n)?mA(n):so(n)?$A(n):na(n)?hA(n):On(n)?AA(n):n}function In(n){return je(n)}var Pr=()=>{};function ni(n,r){return r===void 0?In(n):In({...r,...n})}var qe=b(()=>{Pr()});var w_=b(()=>{qe();Pr()});function pb(n){return n!==null&&typeof n==="object"}function yb(n){return globalThis.Array.isArray(n)&&!globalThis.ArrayBuffer.isView(n)}function Tb(n){return n===void 0}function n1(n){return typeof n==="number"}var r1=()=>{};var Ke;var t1=b(()=>{r1();(function(n){n.InstanceMode="default",n.ExactOptionalPropertyTypes=!1,n.AllowArrayObject=!1,n.AllowNaN=!1,n.AllowNullVoid=!1;function r(a,e){return n.ExactOptionalPropertyTypes?e in a:a[e]!==void 0}n.IsExactOptionalProperty=r;function t(a){let e=pb(a);return n.AllowArrayObject?e:e&&!yb(a)}n.IsObjectLike=t;function o(a){return t(a)&&!(a instanceof Date)&&!(a instanceof Uint8Array)}n.IsRecordLike=o;function c(a){return n.AllowNaN?n1(a):Number.isFinite(a)}n.IsNumberLike=c;function i(a){let e=Tb(a);return n.AllowNullVoid?e||a===null:e}n.IsVoidLike=i})(Ke||(Ke={}))});function EA(n){return globalThis.Object.freeze(n).map((r)=>ra(r))}function SA(n){return n}function DA(n){return n}function kA(n){return n}function MA(n){let r={};for(let t of Object.getOwnPropertyNames(n))r[t]=ra(n[t]);for(let t of Object.getOwnPropertySymbols(n))r[t]=ra(n[t]);return globalThis.Object.freeze(r)}function ra(n){return fr(n)?EA(n):_c(n)?SA(n):so(n)?DA(n):na(n)?kA(n):On(n)?MA(n):n}var o1=()=>{};function X(n,r){let t=r!==void 0?{...r,...n}:n;switch(Ke.InstanceMode){case"freeze":return ra(t);case"clone":return In(t);default:return t}}var en=b(()=>{t1();o1();Pr()});var fo=b(()=>{en()});var Hr;var c1=b(()=>{Hr=class Hr extends Error{constructor(n){super(n)}}});var Ft=b(()=>{c1()});var ur,Rt,zr,lt,C;var ta=b(()=>{ur=Symbol.for("TypeBox.Transform"),Rt=Symbol.for("TypeBox.Readonly"),zr=Symbol.for("TypeBox.Optional"),lt=Symbol.for("TypeBox.Hint"),C=Symbol.for("TypeBox.Kind")});var fn=b(()=>{ta()});function ri(n){return On(n)&&n[Rt]==="Readonly"}function Cr(n){return On(n)&&n[zr]==="Optional"}function b_(n){return Dn(n,"Any")}function g_(n){return Dn(n,"Argument")}function Ht(n){return Dn(n,"Array")}function lc(n){return Dn(n,"AsyncIterator")}function dc(n){return Dn(n,"BigInt")}function _o(n){return Dn(n,"Boolean")}function zt(n){return Dn(n,"Computed")}function Bt(n){return Dn(n,"Constructor")}function RA(n){return Dn(n,"Date")}function Ut(n){return Dn(n,"Function")}function Wt(n){return Dn(n,"Integer")}function rr(n){return Dn(n,"Intersect")}function uc(n){return Dn(n,"Iterator")}function Dn(n,r){return On(n)&&C in n&&n[C]===r}function ve(n){return eo(n)||Tr(n)||Fn(n)}function nt(n){return Dn(n,"Literal")}function rt(n){return Dn(n,"MappedKey")}function pn(n){return Dn(n,"MappedResult")}function Lo(n){return Dn(n,"Never")}function HA(n){return Dn(n,"Not")}function oa(n){return Dn(n,"Null")}function Vt(n){return Dn(n,"Number")}function lr(n){return Dn(n,"Object")}function wc(n){return Dn(n,"Promise")}function bc(n){return Dn(n,"Record")}function ir(n){return Dn(n,"Ref")}function m_(n){return Dn(n,"RegExp")}function lo(n){return Dn(n,"String")}function ca(n){return Dn(n,"Symbol")}function tt(n){return Dn(n,"TemplateLiteral")}function zA(n){return Dn(n,"This")}function Qo(n){return On(n)&&ur in n}function ot(n){return Dn(n,"Tuple")}function ia(n){return Dn(n,"Undefined")}function kn(n){return Dn(n,"Union")}function BA(n){return Dn(n,"Uint8Array")}function UA(n){return Dn(n,"Unknown")}function WA(n){return Dn(n,"Unsafe")}function VA(n){return Dn(n,"Void")}function YA(n){return On(n)&&C in n&&Fn(n[C])}function ct(n){return b_(n)||g_(n)||Ht(n)||_o(n)||dc(n)||lc(n)||zt(n)||Bt(n)||RA(n)||Ut(n)||Wt(n)||rr(n)||uc(n)||nt(n)||rt(n)||pn(n)||Lo(n)||HA(n)||oa(n)||Vt(n)||lr(n)||wc(n)||bc(n)||ir(n)||m_(n)||lo(n)||ca(n)||tt(n)||zA(n)||ot(n)||ia(n)||kn(n)||BA(n)||UA(n)||WA(n)||VA(n)||YA(n)}var zn=b(()=>{fn()});var M={};ho(M,{TypeGuardUnknownTypeError:()=>i1,IsVoid:()=>q1,IsUnsafe:()=>j1,IsUnknown:()=>F1,IsUnionLiteral:()=>PA,IsUnion:()=>A_,IsUndefined:()=>P1,IsUint8Array:()=>C1,IsTuple:()=>x1,IsTransform:()=>N1,IsThis:()=>O1,IsTemplateLiteral:()=>G1,IsSymbol:()=>Q1,IsString:()=>L1,IsSchema:()=>kr,IsRegExp:()=>X1,IsRef:()=>J1,IsRecursive:()=>xA,IsRecord:()=>Y1,IsReadonly:()=>QA,IsProperties:()=>Ze,IsPromise:()=>V1,IsOptional:()=>GA,IsObject:()=>W1,IsNumber:()=>U1,IsNull:()=>B1,IsNot:()=>z1,IsNever:()=>H1,IsMappedResult:()=>R1,IsMappedKey:()=>M1,IsLiteralValue:()=>k1,IsLiteralString:()=>S1,IsLiteralNumber:()=>D1,IsLiteralBoolean:()=>NA,IsLiteral:()=>ea,IsKindOf:()=>$n,IsKind:()=>K1,IsIterator:()=>E1,IsIntersect:()=>A1,IsInteger:()=>h1,IsImport:()=>OA,IsFunction:()=>$1,IsDate:()=>m1,IsConstructor:()=>g1,IsComputed:()=>b1,IsBoolean:()=>w1,IsBigInt:()=>u1,IsAsyncIterator:()=>d1,IsArray:()=>l1,IsArgument:()=>_1,IsAny:()=>f1});function a1(n){try{return new RegExp(n),!0}catch{return!1}}function $_(n){if(!Fn(n))return!1;for(let r=0;r<n.length;r++){let t=n.charCodeAt(r);if(t>=7&&t<=13||t===27||t===127)return!1}return!0}function e1(n){return h_(n)||kr(n)}function aa(n){return _r(n)||Ti(n)}function jn(n){return _r(n)||Tr(n)}function h_(n){return _r(n)||eo(n)}function Nn(n){return _r(n)||Fn(n)}function XA(n){return _r(n)||Fn(n)&&$_(n)&&a1(n)}function LA(n){return _r(n)||Fn(n)&&$_(n)}function s1(n){return _r(n)||kr(n)}function QA(n){return On(n)&&n[Rt]==="Readonly"}function GA(n){return On(n)&&n[zr]==="Optional"}function f1(n){return $n(n,"Any")&&Nn(n.$id)}function _1(n){return $n(n,"Argument")&&Tr(n.index)}function l1(n){return $n(n,"Array")&&n.type==="array"&&Nn(n.$id)&&kr(n.items)&&jn(n.minItems)&&jn(n.maxItems)&&h_(n.uniqueItems)&&s1(n.contains)&&jn(n.minContains)&&jn(n.maxContains)}function d1(n){return $n(n,"AsyncIterator")&&n.type==="AsyncIterator"&&Nn(n.$id)&&kr(n.items)}function u1(n){return $n(n,"BigInt")&&n.type==="bigint"&&Nn(n.$id)&&aa(n.exclusiveMaximum)&&aa(n.exclusiveMinimum)&&aa(n.maximum)&&aa(n.minimum)&&aa(n.multipleOf)}function w1(n){return $n(n,"Boolean")&&n.type==="boolean"&&Nn(n.$id)}function b1(n){return $n(n,"Computed")&&Fn(n.target)&&fr(n.parameters)&&n.parameters.every((r)=>kr(r))}function g1(n){return $n(n,"Constructor")&&n.type==="Constructor"&&Nn(n.$id)&&fr(n.parameters)&&n.parameters.every((r)=>kr(r))&&kr(n.returns)}function m1(n){return $n(n,"Date")&&n.type==="Date"&&Nn(n.$id)&&jn(n.exclusiveMaximumTimestamp)&&jn(n.exclusiveMinimumTimestamp)&&jn(n.maximumTimestamp)&&jn(n.minimumTimestamp)&&jn(n.multipleOfTimestamp)}function $1(n){return $n(n,"Function")&&n.type==="Function"&&Nn(n.$id)&&fr(n.parameters)&&n.parameters.every((r)=>kr(r))&&kr(n.returns)}function OA(n){return $n(n,"Import")&&Fe(n,"$defs")&&On(n.$defs)&&Ze(n.$defs)&&Fe(n,"$ref")&&Fn(n.$ref)&&n.$ref in n.$defs}function h1(n){return $n(n,"Integer")&&n.type==="integer"&&Nn(n.$id)&&jn(n.exclusiveMaximum)&&jn(n.exclusiveMinimum)&&jn(n.maximum)&&jn(n.minimum)&&jn(n.multipleOf)}function Ze(n){return On(n)&&Object.entries(n).every(([r,t])=>$_(r)&&kr(t))}function A1(n){return $n(n,"Intersect")&&(Fn(n.type)&&n.type!=="object"?!1:!0)&&fr(n.allOf)&&n.allOf.every((r)=>kr(r)&&!N1(r))&&Nn(n.type)&&(h_(n.unevaluatedProperties)||s1(n.unevaluatedProperties))&&Nn(n.$id)}function E1(n){return $n(n,"Iterator")&&n.type==="Iterator"&&Nn(n.$id)&&kr(n.items)}function $n(n,r){return On(n)&&C in n&&n[C]===r}function S1(n){return ea(n)&&Fn(n.const)}function D1(n){return ea(n)&&Tr(n.const)}function NA(n){return ea(n)&&eo(n.const)}function ea(n){return $n(n,"Literal")&&Nn(n.$id)&&k1(n.const)}function k1(n){return eo(n)||Tr(n)||Fn(n)}function M1(n){return $n(n,"MappedKey")&&fr(n.keys)&&n.keys.every((r)=>Tr(r)||Fn(r))}function R1(n){return $n(n,"MappedResult")&&Ze(n.properties)}function H1(n){return $n(n,"Never")&&On(n.not)&&Object.getOwnPropertyNames(n.not).length===0}function z1(n){return $n(n,"Not")&&kr(n.not)}function B1(n){return $n(n,"Null")&&n.type==="null"&&Nn(n.$id)}function U1(n){return $n(n,"Number")&&n.type==="number"&&Nn(n.$id)&&jn(n.exclusiveMaximum)&&jn(n.exclusiveMinimum)&&jn(n.maximum)&&jn(n.minimum)&&jn(n.multipleOf)}function W1(n){return $n(n,"Object")&&n.type==="object"&&Nn(n.$id)&&Ze(n.properties)&&e1(n.additionalProperties)&&jn(n.minProperties)&&jn(n.maxProperties)}function V1(n){return $n(n,"Promise")&&n.type==="Promise"&&Nn(n.$id)&&kr(n.item)}function Y1(n){return $n(n,"Record")&&n.type==="object"&&Nn(n.$id)&&e1(n.additionalProperties)&&On(n.patternProperties)&&((r)=>{let t=Object.getOwnPropertyNames(r.patternProperties);return t.length===1&&a1(t[0])&&On(r.patternProperties)&&kr(r.patternProperties[t[0]])})(n)}function xA(n){return On(n)&&lt in n&&n[lt]==="Recursive"}function J1(n){return $n(n,"Ref")&&Nn(n.$id)&&Fn(n.$ref)}function X1(n){return $n(n,"RegExp")&&Nn(n.$id)&&Fn(n.source)&&Fn(n.flags)&&jn(n.maxLength)&&jn(n.minLength)}function L1(n){return $n(n,"String")&&n.type==="string"&&Nn(n.$id)&&jn(n.minLength)&&jn(n.maxLength)&&XA(n.pattern)&&LA(n.format)}function Q1(n){return $n(n,"Symbol")&&n.type==="symbol"&&Nn(n.$id)}function G1(n){return $n(n,"TemplateLiteral")&&n.type==="string"&&Fn(n.pattern)&&n.pattern[0]==="^"&&n.pattern[n.pattern.length-1]==="$"}function O1(n){return $n(n,"This")&&Nn(n.$id)&&Fn(n.$ref)}function N1(n){return On(n)&&ur in n}function x1(n){return $n(n,"Tuple")&&n.type==="array"&&Nn(n.$id)&&Tr(n.minItems)&&Tr(n.maxItems)&&n.minItems===n.maxItems&&(_r(n.items)&&_r(n.additionalItems)&&n.minItems===0||fr(n.items)&&n.items.every((r)=>kr(r)))}function P1(n){return $n(n,"Undefined")&&n.type==="undefined"&&Nn(n.$id)}function PA(n){return A_(n)&&n.anyOf.every((r)=>S1(r)||D1(r))}function A_(n){return $n(n,"Union")&&Nn(n.$id)&&On(n)&&fr(n.anyOf)&&n.anyOf.every((r)=>kr(r))}function C1(n){return $n(n,"Uint8Array")&&n.type==="Uint8Array"&&Nn(n.$id)&&jn(n.minByteLength)&&jn(n.maxByteLength)}function F1(n){return $n(n,"Unknown")&&Nn(n.$id)}function j1(n){return $n(n,"Unsafe")}function q1(n){return $n(n,"Void")&&n.type==="void"&&Nn(n.$id)}function K1(n){return On(n)&&C in n&&Fn(n[C])&&!JA.includes(n[C])}function kr(n){return On(n)&&(f1(n)||_1(n)||l1(n)||w1(n)||u1(n)||d1(n)||b1(n)||g1(n)||m1(n)||$1(n)||h1(n)||A1(n)||E1(n)||ea(n)||M1(n)||R1(n)||H1(n)||z1(n)||B1(n)||U1(n)||W1(n)||V1(n)||Y1(n)||J1(n)||X1(n)||L1(n)||Q1(n)||G1(n)||O1(n)||x1(n)||P1(n)||A_(n)||C1(n)||F1(n)||j1(n)||q1(n)||K1(n))}var i1,JA;var v1=b(()=>{fn();Ft();i1=class i1 extends Hr{};JA=["Argument","Any","Array","AsyncIterator","BigInt","Boolean","Computed","Constructor","Date","Enum","Function","Integer","Intersect","Iterator","Literal","MappedKey","MappedResult","Not","Null","Number","Object","Promise","Record","Ref","RegExp","String","Symbol","TemplateLiteral","This","Tuple","Undefined","Union","Uint8Array","Unknown","Void"]});var E_=b(()=>{zn();v1()});var Z1=()=>{};var I1="(true|false)",Ie="(0|[1-9][0-9]*)",p1="(.*)",Go="^(0|[1-9][0-9]*)$",Oo="^(.*)$",y1="^(?!.*)$";var sa=()=>{};var T1=()=>{};var ng=()=>{};var rg=b(()=>{T1();ng()});function tg(n,r){return n.includes(r)}function og(n){return[...new Set(n)]}function jA(n,r){return n.filter((t)=>r.includes(t))}function qA(n,r){return n.reduce((t,o)=>{return jA(t,o)},r)}function cg(n){return n.length===1?n[0]:n.length>1?qA(n.slice(1),n[0]):[]}function ig(n){let r=[];for(let t of n)r.push(...t);return r}var fa=()=>{};function No(n){return X({[C]:"Any"},n)}var ag=b(()=>{fo();fn()});var _a=b(()=>{ag()});function ti(n,r){return X({[C]:"Array",type:"array",items:n},r)}var eg=b(()=>{en();fn()});var la=b(()=>{eg()});function sg(n){return X({[C]:"Argument",index:n})}var fg=b(()=>{en();fn()});var S_=b(()=>{fg()});function oi(n,r){return X({[C]:"AsyncIterator",type:"AsyncIterator",items:n},r)}var _g=b(()=>{fn();en()});var da=b(()=>{_g()});function vn(n,r,t){return X({[C]:"Computed",target:n,parameters:r},t)}var lg=b(()=>{fo();ta()});var xo=b(()=>{lg()});function KA(n,r){let{[r]:t,...o}=n;return o}function tr(n,r){return r.reduce((t,o)=>KA(t,o),n)}var wo=()=>{};function Mn(n){return X({[C]:"Never",not:{}},n)}var dg=b(()=>{en();fn()});var Br=b(()=>{dg()});var ug=()=>{};function Bn(n){return X({[C]:"MappedResult",properties:n})}var D_=b(()=>{en();fn()});function ci(n,r,t){return X({[C]:"Constructor",type:"Constructor",parameters:n,returns:r},t)}var wg=b(()=>{en();fn()});var ua=b(()=>{wg()});function jt(n,r,t){return X({[C]:"Function",type:"Function",parameters:n,returns:r},t)}var bg=b(()=>{en();fn()});var gc=b(()=>{bg()});function wa(n,r){return X({[C]:"Union",anyOf:n},r)}var k_=b(()=>{en();fn()});function vA(n){return n.some((r)=>Cr(r))}function gg(n){return n.map((r)=>Cr(r)?ZA(r):r)}function ZA(n){return tr(n,[zr])}function IA(n,r){return vA(n)?Jr(wa(gg(n),r)):wa(gg(n),r)}function qt(n,r){return n.length===1?X(n[0],r):n.length===0?Mn(r):IA(n,r)}var mg=b(()=>{en();fn();wo();Br();bo();k_();zn()});var $g=()=>{};function Jn(n,r){return n.length===0?Mn(r):n.length===1?X(n[0],r):wa(n,r)}var hg=b(()=>{Br();en();k_()});var wr=b(()=>{mg();$g();hg()});function pA(n){return n.replace(/\\\$/g,"$").replace(/\\\*/g,"*").replace(/\\\^/g,"^").replace(/\\\|/g,"|").replace(/\\\(/g,"(").replace(/\\\)/g,")")}function R_(n,r,t){return n[r]===t&&n.charCodeAt(r-1)!==92}function go(n,r){return R_(n,r,"(")}function ba(n,r){return R_(n,r,")")}function Ag(n,r){return R_(n,r,"|")}function yA(n){if(!(go(n,0)&&ba(n,n.length-1)))return!1;let r=0;for(let t=0;t<n.length;t++){if(go(n,t))r+=1;if(ba(n,t))r-=1;if(r===0&&t!==n.length-1)return!1}return!0}function TA(n){return n.slice(1,n.length-1)}function nE(n){let r=0;for(let t=0;t<n.length;t++){if(go(n,t))r+=1;if(ba(n,t))r-=1;if(Ag(n,t)&&r===0)return!0}return!1}function rE(n){for(let r=0;r<n.length;r++)if(go(n,r))return!0;return!1}function tE(n){let[r,t]=[0,0],o=[];for(let i=0;i<n.length;i++){if(go(n,i))r+=1;if(ba(n,i))r-=1;if(Ag(n,i)&&r===0){let a=n.slice(t,i);if(a.length>0)o.push(ii(a));t=i+1}}let c=n.slice(t);if(c.length>0)o.push(ii(c));if(o.length===0)return{type:"const",const:""};if(o.length===1)return o[0];return{type:"or",expr:o}}function oE(n){function r(c,i){if(!go(c,i))throw new M_("TemplateLiteralParser: Index must point to open parens");let a=0;for(let e=i;e<c.length;e++){if(go(c,e))a+=1;if(ba(c,e))a-=1;if(a===0)return[i,e]}throw new M_("TemplateLiteralParser: Unclosed group parens in expression")}function t(c,i){for(let a=i;a<c.length;a++)if(go(c,a))return[i,a];return[i,c.length]}let o=[];for(let c=0;c<n.length;c++)if(go(n,c)){let[i,a]=r(n,c),e=n.slice(i,a+1);o.push(ii(e)),c=a}else{let[i,a]=t(n,c),e=n.slice(i,a);if(e.length>0)o.push(ii(e));c=a-1}return o.length===0?{type:"const",const:""}:o.length===1?o[0]:{type:"and",expr:o}}function ii(n){return yA(n)?ii(TA(n)):nE(n)?tE(n):rE(n)?oE(n):{type:"const",const:pA(n)}}function ai(n){return ii(n.slice(1,n.length-1))}var M_;var pe=b(()=>{Ft();M_=class M_ extends Hr{}});function cE(n){return n.type==="or"&&n.expr.length===2&&n.expr[0].type==="const"&&n.expr[0].const==="0"&&n.expr[1].type==="const"&&n.expr[1].const==="[1-9][0-9]*"}function iE(n){return n.type==="or"&&n.expr.length===2&&n.expr[0].type==="const"&&n.expr[0].const==="true"&&n.expr[1].type==="const"&&n.expr[1].const==="false"}function aE(n){return n.type==="const"&&n.const===".*"}function mc(n){return cE(n)||aE(n)?!1:iE(n)?!0:n.type==="and"?n.expr.every((r)=>mc(r)):n.type==="or"?n.expr.every((r)=>mc(r)):n.type==="const"?!0:(()=>{throw new Eg("Unknown expression type")})()}function Sg(n){let r=ai(n.pattern);return mc(r)}var Eg;var H_=b(()=>{pe();Ft();Eg=class Eg extends Hr{}});function*kg(n){if(n.length===1)return yield*n[0];for(let r of n[0])for(let t of kg(n.slice(1)))yield`${r}${t}`}function*eE(n){return yield*kg(n.expr.map((r)=>[...ga(r)]))}function*sE(n){for(let r of n.expr)yield*ga(r)}function*fE(n){return yield n.const}function*ga(n){return n.type==="and"?yield*eE(n):n.type==="or"?yield*sE(n):n.type==="const"?yield*fE(n):(()=>{throw new Dg("Unknown expression")})()}function ye(n){let r=ai(n.pattern);return mc(r)?[...ga(r)]:[]}var Dg;var z_=b(()=>{H_();pe();Ft();Dg=class Dg extends Hr{}});function Wn(n,r){return X({[C]:"Literal",const:n,type:typeof n},r)}var Mg=b(()=>{en();fn()});var Fr=b(()=>{Mg()});function Te(n){return X({[C]:"Boolean",type:"boolean"},n)}var Rg=b(()=>{fn();fo()});var n0=b(()=>{Rg()});function ei(n){return X({[C]:"BigInt",type:"bigint"},n)}var Hg=b(()=>{fn();fo()});var ma=b(()=>{Hg()});function dt(n){return X({[C]:"Number",type:"number"},n)}var zg=b(()=>{en();fn()});var $c=b(()=>{zg()});function Yt(n){return X({[C]:"String",type:"string"},n)}var Bg=b(()=>{en();fn()});var si=b(()=>{Bg()});function*_E(n){let r=n.trim().replace(/"|'/g,"");return r==="boolean"?yield Te():r==="number"?yield dt():r==="bigint"?yield ei():r==="string"?yield Yt():yield(()=>{let t=r.split("|").map((o)=>Wn(o.trim()));return t.length===0?Mn():t.length===1?t[0]:qt(t)})()}function*lE(n){if(n[1]!=="{"){let r=Wn("$"),t=B_(n.slice(1));return yield*[r,...t]}for(let r=2;r<n.length;r++)if(n[r]==="}"){let t=_E(n.slice(2,r)),o=B_(n.slice(r+1));return yield*[...t,...o]}yield Wn(n)}function*B_(n){for(let r=0;r<n.length;r++)if(n[r]==="$"){let t=Wn(n.slice(0,r)),o=lE(n.slice(r));return yield*[t,...o]}yield Wn(n)}function Ug(n){return[...B_(n)]}var U_=b(()=>{Fr();n0();ma();$c();si();wr();Br()});function dE(n){return n.replace(/[.*+?^${}()|[\]\\]/g,"\\$&")}function Vg(n,r){return tt(n)?n.pattern.slice(1,n.pattern.length-1):kn(n)?`(${n.anyOf.map((t)=>Vg(t,r)).join("|")})`:Vt(n)?`${r}${Ie}`:Wt(n)?`${r}${Ie}`:dc(n)?`${r}${Ie}`:lo(n)?`${r}${p1}`:nt(n)?`${r}${dE(n.const.toString())}`:_o(n)?`${r}${I1}`:(()=>{throw new Wg(`Unexpected Kind '${n[C]}'`)})()}function W_(n){return`^${n.map((r)=>Vg(r,"")).join("")}$`}var Wg;var V_=b(()=>{sa();fn();Ft();zn();Wg=class Wg extends Hr{}});function hc(n){let t=ye(n).map((o)=>Wn(o));return qt(t)}var Yg=b(()=>{wr();Fr();z_()});function r0(n,r){let t=Fn(n)?W_(Ug(n)):W_(n);return X({[C]:"TemplateLiteral",type:"string",pattern:t},r)}var Jg=b(()=>{en();U_();V_();fn()});var mo=b(()=>{H_();z_();U_();pe();V_();Yg();Jg()});function uE(n){return ye(n).map((t)=>t.toString())}function wE(n){let r=[];for(let t of n)r.push(...jr(t));return r}function bE(n){return[n.toString()]}function jr(n){return[...new Set(tt(n)?uE(n):kn(n)?wE(n.anyOf):nt(n)?bE(n.const):Vt(n)?["[number]"]:Wt(n)?["[number]"]:[])]}var t0=b(()=>{mo();zn()});function gE(n,r,t){let o={};for(let c of Object.getOwnPropertyNames(r))o[c]=Po(n,jr(r[c]),t);return o}function mE(n,r,t){return gE(n,r.properties,t)}function Xg(n,r,t){let o=mE(n,r,t);return Bn(o)}var Y_=b(()=>{Er();t0();Kt()});function Qg(n,r){return n.map((t)=>Gg(t,r))}function $E(n){return n.filter((r)=>!Lo(r))}function hE(n,r){return o0($E(Qg(n,r)))}function AE(n){return n.some((r)=>Lo(r))?[]:n}function EE(n,r){return qt(AE(Qg(n,r)))}function SE(n,r){return r in n?n[r]:r==="[number]"?qt(n):Mn()}function DE(n,r){return r==="[number]"?n:Mn()}function kE(n,r){return r in n?n[r]:Mn()}function Gg(n,r){return rr(n)?hE(n.allOf,r):kn(n)?EE(n.anyOf,r):ot(n)?SE(n.items??[],r):Ht(n)?DE(n.items,r):lr(n)?kE(n.properties,r):Mn()}function J_(n,r){return r.map((t)=>Gg(n,t))}function Lg(n,r){return qt(J_(n,r))}function Po(n,r,t){if(ir(n)||ir(r)){if(!ct(n)||!ct(r))throw new Hr("Index types using Ref parameters require both Type and Key to be of TSchema");return vn("Index",[n,r])}if(pn(r))return Xg(n,r,t);if(rt(r))return Og(n,r,t);return X(ct(r)?Lg(n,jr(r)):Lg(n,r),t)}var X_=b(()=>{en();Ft();xo();Br();ut();wr();t0();L_();Y_();zn()});function ME(n,r,t){return{[r]:Po(n,[r],In(t))}}function RE(n,r,t){return r.reduce((o,c)=>{return{...o,...ME(n,c,t)}},{})}function HE(n,r,t){return RE(n,r.keys,t)}function Og(n,r,t){let o=HE(n,r,t);return Bn(o)}var L_=b(()=>{X_();Er();Pr()});var Kt=b(()=>{L_();Y_();t0();X_()});function fi(n,r){return X({[C]:"Iterator",type:"Iterator",items:n},r)}var Ng=b(()=>{en();fn()});var $a=b(()=>{Ng()});function zE(n){return globalThis.Object.keys(n).filter((r)=>!Cr(n[r]))}function BE(n,r){let t=zE(n),o=t.length>0?{[C]:"Object",type:"object",required:t,properties:n}:{[C]:"Object",type:"object",properties:n};return X(o,r)}var xn;var xg=b(()=>{en();fn();zn();xn=BE});var it=b(()=>{xg()});function c0(n,r){return X({[C]:"Promise",type:"Promise",item:n},r)}var Pg=b(()=>{en();fn()});var i0=b(()=>{Pg()});function UE(n){return X(tr(n,[Rt]))}function WE(n){return X({...n,[Rt]:"Readonly"})}function VE(n,r){return r===!1?UE(n):WE(n)}function qr(n,r){let t=r??!0;return pn(n)?Cg(n,t):VE(n,t)}var Q_=b(()=>{en();fn();wo();G_();zn()});function YE(n,r){let t={};for(let o of globalThis.Object.getOwnPropertyNames(n))t[o]=qr(n[o],r);return t}function JE(n,r){return YE(n.properties,r)}function Cg(n,r){let t=JE(n,r);return Bn(t)}var G_=b(()=>{Er();Q_()});var Ac=b(()=>{G_();Q_()});function wt(n,r){return X(n.length>0?{[C]:"Tuple",type:"array",items:n,additionalItems:!1,minItems:n.length,maxItems:n.length}:{[C]:"Tuple",type:"array",minItems:n.length,maxItems:n.length},r)}var Fg=b(()=>{en();fn()});var Co=b(()=>{Fg()});function jg(n,r){return n in r?bt(n,r[n]):Bn(r)}function XE(n){return{[n]:Wn(n)}}function LE(n){let r={};for(let t of n)r[t]=Wn(t);return r}function QE(n,r){return tg(r,n)?XE(n):LE(r)}function GE(n,r){let t=QE(n,r);return jg(n,t)}function ha(n,r){return r.map((t)=>bt(n,t))}function OE(n,r){let t={};for(let o of globalThis.Object.getOwnPropertyNames(r))t[o]=bt(n,r[o]);return t}function bt(n,r){let t={...r};return Cr(r)?Jr(bt(n,tr(r,[zr]))):ri(r)?qr(bt(n,tr(r,[Rt]))):pn(r)?jg(n,r.properties):rt(r)?GE(n,r.keys):Bt(r)?ci(ha(n,r.parameters),bt(n,r.returns),t):Ut(r)?jt(ha(n,r.parameters),bt(n,r.returns),t):lc(r)?oi(bt(n,r.items),t):uc(r)?fi(bt(n,r.items),t):rr(r)?Xr(ha(n,r.allOf),t):kn(r)?Jn(ha(n,r.anyOf),t):ot(r)?wt(ha(n,r.items??[]),t):lr(r)?xn(OE(n,r.properties),t):Ht(r)?ti(bt(n,r.items),t):wc(r)?c0(bt(n,r.item),t):r}function NE(n,r){let t={};for(let o of n)t[o]=bt(o,r);return t}function qg(n,r,t){let o=ct(n)?jr(n):n,c=r({[C]:"MappedKey",keys:o}),i=NE(o,c);return xn(i,t)}var Kg=b(()=>{fn();wo();la();da();ua();gc();Kt();ut();$a();Fr();it();bo();i0();Ac();Co();wr();fa();D_();zn()});var Er=b(()=>{ug();D_();Kg()});function xE(n){return X(tr(n,[zr]))}function PE(n){return X({...n,[zr]:"Optional"})}function CE(n,r){return r===!1?xE(n):PE(n)}function Jr(n,r){let t=r??!0;return pn(n)?vg(n,t):CE(n,t)}var O_=b(()=>{en();fn();wo();N_();zn()});function FE(n,r){let t={};for(let o of globalThis.Object.getOwnPropertyNames(n))t[o]=Jr(n[o],r);return t}function jE(n,r){return FE(n.properties,r)}function vg(n,r){let t=jE(n,r);return Bn(t)}var N_=b(()=>{Er();O_()});var bo=b(()=>{N_();O_()});function Aa(n,r={}){let t=n.every((c)=>lr(c)),o=ct(r.unevaluatedProperties)?{unevaluatedProperties:r.unevaluatedProperties}:{};return X(r.unevaluatedProperties===!1||ct(r.unevaluatedProperties)||t?{...o,[C]:"Intersect",type:"object",allOf:n}:{...o,[C]:"Intersect",allOf:n},r)}var x_=b(()=>{en();fn();zn()});function qE(n){return n.every((r)=>Cr(r))}function KE(n){return tr(n,[zr])}function Zg(n){return n.map((r)=>Cr(r)?KE(r):r)}function vE(n,r){return qE(n)?Jr(Aa(Zg(n),r)):Aa(Zg(n),r)}function o0(n,r={}){if(n.length===1)return X(n[0],r);if(n.length===0)return Mn(r);if(n.some((t)=>Qo(t)))throw Error("Cannot intersect transform types");return vE(n,r)}var Ig=b(()=>{fn();en();wo();Br();bo();x_();zn()});var pg=()=>{};function Xr(n,r){if(n.length===1)return X(n[0],r);if(n.length===0)return Mn(r);if(n.some((t)=>Qo(t)))throw Error("Cannot intersect transform types");return Aa(n,r)}var yg=b(()=>{en();Br();x_();zn()});var ut=b(()=>{Ig();pg();yg()});function vt(...n){let[r,t]=typeof n[0]==="string"?[n[0],n[1]]:[n[0].$id,n[1]];if(typeof r!=="string")throw new Hr("Ref: $ref must be a string");return X({[C]:"Ref",$ref:r},t)}var Tg=b(()=>{Ft();en();fn()});var Ec=b(()=>{Tg()});function ZE(n,r){return vn("Awaited",[vn(n,r)])}function IE(n){return vn("Awaited",[vt(n)])}function pE(n){return Xr(nm(n))}function yE(n){return Jn(nm(n))}function TE(n){return _i(n)}function nm(n){return n.map((r)=>_i(r))}function _i(n,r){return X(zt(n)?ZE(n.target,n.parameters):rr(n)?pE(n.allOf):kn(n)?yE(n.anyOf):wc(n)?TE(n.item):ir(n)?IE(n.$ref):n,r)}var rm=b(()=>{en();xo();ut();wr();Ec();zn()});var a0=b(()=>{rm()});function tm(n){let r=[];for(let t of n)r.push(Ea(t));return r}function n4(n){let r=tm(n);return ig(r)}function r4(n){let r=tm(n);return cg(r)}function t4(n){return n.map((r,t)=>t.toString())}function o4(n){return["[number]"]}function c4(n){return globalThis.Object.getOwnPropertyNames(n)}function i4(n){if(!a4)return[];return globalThis.Object.getOwnPropertyNames(n).map((t)=>{return t[0]==="^"&&t[t.length-1]==="$"?t.slice(1,t.length-1):t})}function Ea(n){return rr(n)?n4(n.allOf):kn(n)?r4(n.anyOf):ot(n)?t4(n.items??[]):Ht(n)?o4(n.items):lr(n)?c4(n.properties):bc(n)?i4(n.patternProperties):[]}var a4=!1;var P_=b(()=>{fa();zn()});function e4(n,r){return vn("KeyOf",[vn(n,r)])}function s4(n){return vn("KeyOf",[vt(n)])}function f4(n,r){let t=Ea(n),o=_4(t),c=qt(o);return X(c,r)}function _4(n){return n.map((r)=>r==="[number]"?dt():Wn(r))}function li(n,r){return zt(n)?e4(n.target,n.parameters):ir(n)?s4(n.$ref):pn(n)?om(n,r):f4(n,r)}var C_=b(()=>{en();Fr();$c();xo();Ec();P_();wr();F_();zn()});function l4(n,r){let t={};for(let o of globalThis.Object.getOwnPropertyNames(n))t[o]=li(n[o],In(r));return t}function d4(n,r){return l4(n.properties,r)}function om(n,r){let t=d4(n,r);return Bn(t)}var F_=b(()=>{Er();C_();Pr()});var cm=()=>{};var Sa=b(()=>{F_();cm();P_();C_()});function u4(n){let r=[];for(let t of n)r.push(...Ea(t));return og(r)}function w4(n){return n.filter((r)=>!Lo(r))}function b4(n,r){let t=[];for(let o of n)t.push(...J_(o,[r]));return w4(t)}function g4(n,r){let t={};for(let o of r)t[o]=o0(b4(n,o));return t}function im(n,r){let t=u4(n),o=g4(n,t);return xn(o,r)}var am=b(()=>{ut();Kt();Sa();it();fa();zn()});var j_=b(()=>{am()});function e0(n){return X({[C]:"Date",type:"Date"},n)}var em=b(()=>{fn();en()});var s0=b(()=>{em()});function f0(n){return X({[C]:"Null",type:"null"},n)}var sm=b(()=>{en();fn()});var _0=b(()=>{sm()});function l0(n){return X({[C]:"Symbol",type:"symbol"},n)}var fm=b(()=>{en();fn()});var d0=b(()=>{fm()});function u0(n){return X({[C]:"Undefined",type:"undefined"},n)}var _m=b(()=>{en();fn()});var w0=b(()=>{_m()});function b0(n){return X({[C]:"Uint8Array",type:"Uint8Array"},n)}var lm=b(()=>{en();fn()});var g0=b(()=>{lm()});function Fo(n){return X({[C]:"Unknown"},n)}var dm=b(()=>{en();fn()});var di=b(()=>{dm()});function m4(n){return n.map((r)=>q_(r,!1))}function $4(n){let r={};for(let t of globalThis.Object.getOwnPropertyNames(n))r[t]=qr(q_(n[t],!1));return r}function m0(n,r){return r===!0?n:qr(n)}function q_(n,r){return f_(n)?m0(No(),r):l_(n)?m0(No(),r):fr(n)?qr(wt(m4(n))):so(n)?b0():_c(n)?e0():On(n)?m0(xn($4(n)),r):__(n)?m0(jt([],Fo()),r):_r(n)?u0():d_(n)?f0():u_(n)?l0():Ti(n)?ei():Tr(n)?Wn(n):eo(n)?Wn(n):Fn(n)?Wn(n):xn({})}function um(n,r){return X(q_(n,!0),r)}var wm=b(()=>{_a();ma();s0();gc();Fr();_0();it();d0();Co();Ac();w0();g0();di();fo()});var K_=b(()=>{wm()});function bm(n,r){return Bt(n)?wt(n.parameters,r):Mn(r)}var gm=b(()=>{Co();Br();zn()});var v_=b(()=>{gm()});function mm(n,r){if(_r(n))throw Error("Enum undefined or empty");let t=globalThis.Object.getOwnPropertyNames(n).filter((i)=>isNaN(i)).map((i)=>n[i]),c=[...new Set(t)].map((i)=>Wn(i));return Jn(c,{...r,[lt]:"Enum"})}var $m=b(()=>{Fr();fn();wr()});var Z_=b(()=>{$m()});function gt(n){return n===L.False?n:L.True}function ui(n){throw new Dm(n)}function br(n){return M.IsNever(n)||M.IsIntersect(n)||M.IsUnion(n)||M.IsUnknown(n)||M.IsAny(n)}function gr(n,r){return M.IsNever(r)?Rm(n,r):M.IsIntersect(r)?$0(n,r):M.IsUnion(r)?nl(n,r):M.IsUnknown(r)?Um(n,r):M.IsAny(r)?T_(n,r):ui("StructuralRight")}function T_(n,r){return L.True}function h4(n,r){return M.IsIntersect(r)?$0(n,r):M.IsUnion(r)&&r.anyOf.some((t)=>M.IsAny(t)||M.IsUnknown(t))?L.True:M.IsUnion(r)?L.Union:M.IsUnknown(r)?L.True:M.IsAny(r)?L.True:L.Union}function A4(n,r){return M.IsUnknown(n)?L.False:M.IsAny(n)?L.Union:M.IsNever(n)?L.True:L.False}function E4(n,r){return M.IsObject(r)&&h0(r)?L.True:br(r)?gr(n,r):!M.IsArray(r)?L.False:gt(Pn(n.items,r.items))}function S4(n,r){return br(r)?gr(n,r):!M.IsAsyncIterator(r)?L.False:gt(Pn(n.items,r.items))}function D4(n,r){return br(r)?gr(n,r):M.IsObject(r)?Lr(n,r):M.IsRecord(r)?mt(n,r):M.IsBigInt(r)?L.True:L.False}function km(n,r){return M.IsLiteralBoolean(n)?L.True:M.IsBoolean(n)?L.True:L.False}function k4(n,r){return br(r)?gr(n,r):M.IsObject(r)?Lr(n,r):M.IsRecord(r)?mt(n,r):M.IsBoolean(r)?L.True:L.False}function M4(n,r){return br(r)?gr(n,r):M.IsObject(r)?Lr(n,r):!M.IsConstructor(r)?L.False:n.parameters.length>r.parameters.length?L.False:!n.parameters.every((t,o)=>gt(Pn(r.parameters[o],t))===L.True)?L.False:gt(Pn(n.returns,r.returns))}function R4(n,r){return br(r)?gr(n,r):M.IsObject(r)?Lr(n,r):M.IsRecord(r)?mt(n,r):M.IsDate(r)?L.True:L.False}function H4(n,r){return br(r)?gr(n,r):M.IsObject(r)?Lr(n,r):!M.IsFunction(r)?L.False:n.parameters.length>r.parameters.length?L.False:!n.parameters.every((t,o)=>gt(Pn(r.parameters[o],t))===L.True)?L.False:gt(Pn(n.returns,r.returns))}function Mm(n,r){return M.IsLiteral(n)&&Yr.IsNumber(n.const)?L.True:M.IsNumber(n)||M.IsInteger(n)?L.True:L.False}function z4(n,r){return M.IsInteger(r)||M.IsNumber(r)?L.True:br(r)?gr(n,r):M.IsObject(r)?Lr(n,r):M.IsRecord(r)?mt(n,r):L.False}function $0(n,r){return r.allOf.every((t)=>Pn(n,t)===L.True)?L.True:L.False}function B4(n,r){return n.allOf.some((t)=>Pn(t,r)===L.True)?L.True:L.False}function U4(n,r){return br(r)?gr(n,r):!M.IsIterator(r)?L.False:gt(Pn(n.items,r.items))}function W4(n,r){return M.IsLiteral(r)&&r.const===n.const?L.True:br(r)?gr(n,r):M.IsObject(r)?Lr(n,r):M.IsRecord(r)?mt(n,r):M.IsString(r)?Bm(n,r):M.IsNumber(r)?Hm(n,r):M.IsInteger(r)?Mm(n,r):M.IsBoolean(r)?km(n,r):L.False}function Rm(n,r){return L.False}function V4(n,r){return L.True}function hm(n){let[r,t]=[n,0];while(!0){if(!M.IsNot(r))break;r=r.not,t+=1}return t%2===0?r:Fo()}function Y4(n,r){return M.IsNot(n)?Pn(hm(n),r):M.IsNot(r)?Pn(n,hm(r)):ui("Invalid fallthrough for Not")}function J4(n,r){return br(r)?gr(n,r):M.IsObject(r)?Lr(n,r):M.IsRecord(r)?mt(n,r):M.IsNull(r)?L.True:L.False}function Hm(n,r){return M.IsLiteralNumber(n)?L.True:M.IsNumber(n)||M.IsInteger(n)?L.True:L.False}function X4(n,r){return br(r)?gr(n,r):M.IsObject(r)?Lr(n,r):M.IsRecord(r)?mt(n,r):M.IsInteger(r)||M.IsNumber(r)?L.True:L.False}function Kr(n,r){return Object.getOwnPropertyNames(n.properties).length===r}function Am(n){return h0(n)}function Em(n){return Kr(n,0)||Kr(n,1)&&"description"in n.properties&&M.IsUnion(n.properties.description)&&n.properties.description.anyOf.length===2&&(M.IsString(n.properties.description.anyOf[0])&&M.IsUndefined(n.properties.description.anyOf[1])||M.IsString(n.properties.description.anyOf[1])&&M.IsUndefined(n.properties.description.anyOf[0]))}function I_(n){return Kr(n,0)}function Sm(n){return Kr(n,0)}function L4(n){return Kr(n,0)}function Q4(n){return Kr(n,0)}function G4(n){return h0(n)}function O4(n){let r=dt();return Kr(n,0)||Kr(n,1)&&"length"in n.properties&&gt(Pn(n.properties.length,r))===L.True}function N4(n){return Kr(n,0)}function h0(n){let r=dt();return Kr(n,0)||Kr(n,1)&&"length"in n.properties&&gt(Pn(n.properties.length,r))===L.True}function x4(n){let r=jt([No()],No());return Kr(n,0)||Kr(n,1)&&"then"in n.properties&&gt(Pn(n.properties.then,r))===L.True}function zm(n,r){return Pn(n,r)===L.False?L.False:M.IsOptional(n)&&!M.IsOptional(r)?L.False:L.True}function Lr(n,r){return M.IsUnknown(n)?L.False:M.IsAny(n)?L.Union:M.IsNever(n)||M.IsLiteralString(n)&&Am(r)||M.IsLiteralNumber(n)&&I_(r)||M.IsLiteralBoolean(n)&&Sm(r)||M.IsSymbol(n)&&Em(r)||M.IsBigInt(n)&&L4(r)||M.IsString(n)&&Am(r)||M.IsSymbol(n)&&Em(r)||M.IsNumber(n)&&I_(r)||M.IsInteger(n)&&I_(r)||M.IsBoolean(n)&&Sm(r)||M.IsUint8Array(n)&&G4(r)||M.IsDate(n)&&Q4(r)||M.IsConstructor(n)&&N4(r)||M.IsFunction(n)&&O4(r)?L.True:M.IsRecord(n)&&M.IsString(p_(n))?(()=>{return r[lt]==="Record"?L.True:L.False})():M.IsRecord(n)&&M.IsNumber(p_(n))?(()=>{return Kr(r,0)?L.True:L.False})():L.False}function P4(n,r){return br(r)?gr(n,r):M.IsRecord(r)?mt(n,r):!M.IsObject(r)?L.False:(()=>{for(let t of Object.getOwnPropertyNames(r.properties)){if(!(t in n.properties)&&!M.IsOptional(r.properties[t]))return L.False;if(M.IsOptional(r.properties[t]))return L.True;if(zm(n.properties[t],r.properties[t])===L.False)return L.False}return L.True})()}function C4(n,r){return br(r)?gr(n,r):M.IsObject(r)&&x4(r)?L.True:!M.IsPromise(r)?L.False:gt(Pn(n.item,r.item))}function p_(n){return Go in n.patternProperties?dt():(Oo in n.patternProperties)?Yt():ui("Unknown record key pattern")}function y_(n){return Go in n.patternProperties?n.patternProperties[Go]:(Oo in n.patternProperties)?n.patternProperties[Oo]:ui("Unable to get record value schema")}function mt(n,r){let[t,o]=[p_(r),y_(r)];return M.IsLiteralString(n)&&M.IsNumber(t)&&gt(Pn(n,o))===L.True?L.True:M.IsUint8Array(n)&&M.IsNumber(t)?Pn(n,o):M.IsString(n)&&M.IsNumber(t)?Pn(n,o):M.IsArray(n)&&M.IsNumber(t)?Pn(n,o):M.IsObject(n)?(()=>{for(let c of Object.getOwnPropertyNames(n.properties))if(zm(o,n.properties[c])===L.False)return L.False;return L.True})():L.False}function F4(n,r){return br(r)?gr(n,r):M.IsObject(r)?Lr(n,r):!M.IsRecord(r)?L.False:Pn(y_(n),y_(r))}function j4(n,r){let t=M.IsRegExp(n)?Yt():n,o=M.IsRegExp(r)?Yt():r;return Pn(t,o)}function Bm(n,r){return M.IsLiteral(n)&&Yr.IsString(n.const)?L.True:M.IsString(n)?L.True:L.False}function q4(n,r){return br(r)?gr(n,r):M.IsObject(r)?Lr(n,r):M.IsRecord(r)?mt(n,r):M.IsString(r)?L.True:L.False}function K4(n,r){return br(r)?gr(n,r):M.IsObject(r)?Lr(n,r):M.IsRecord(r)?mt(n,r):M.IsSymbol(r)?L.True:L.False}function v4(n,r){return M.IsTemplateLiteral(n)?Pn(hc(n),r):M.IsTemplateLiteral(r)?Pn(n,hc(r)):ui("Invalid fallthrough for TemplateLiteral")}function Z4(n,r){return M.IsArray(r)&&n.items!==void 0&&n.items.every((t)=>Pn(t,r.items)===L.True)}function I4(n,r){return M.IsNever(n)?L.True:M.IsUnknown(n)?L.False:M.IsAny(n)?L.Union:L.False}function p4(n,r){return br(r)?gr(n,r):M.IsObject(r)&&h0(r)?L.True:M.IsArray(r)&&Z4(n,r)?L.True:!M.IsTuple(r)?L.False:Yr.IsUndefined(n.items)&&!Yr.IsUndefined(r.items)||!Yr.IsUndefined(n.items)&&Yr.IsUndefined(r.items)?L.False:Yr.IsUndefined(n.items)&&!Yr.IsUndefined(r.items)?L.True:n.items.every((t,o)=>Pn(t,r.items[o])===L.True)?L.True:L.False}function y4(n,r){return br(r)?gr(n,r):M.IsObject(r)?Lr(n,r):M.IsRecord(r)?mt(n,r):M.IsUint8Array(r)?L.True:L.False}function T4(n,r){return br(r)?gr(n,r):M.IsObject(r)?Lr(n,r):M.IsRecord(r)?mt(n,r):M.IsVoid(r)?t6(n,r):M.IsUndefined(r)?L.True:L.False}function nl(n,r){return r.anyOf.some((t)=>Pn(n,t)===L.True)?L.True:L.False}function n6(n,r){return n.anyOf.every((t)=>Pn(t,r)===L.True)?L.True:L.False}function Um(n,r){return L.True}function r6(n,r){return M.IsNever(r)?Rm(n,r):M.IsIntersect(r)?$0(n,r):M.IsUnion(r)?nl(n,r):M.IsAny(r)?T_(n,r):M.IsString(r)?Bm(n,r):M.IsNumber(r)?Hm(n,r):M.IsInteger(r)?Mm(n,r):M.IsBoolean(r)?km(n,r):M.IsArray(r)?A4(n,r):M.IsTuple(r)?I4(n,r):M.IsObject(r)?Lr(n,r):M.IsUnknown(r)?L.True:L.False}function t6(n,r){return M.IsUndefined(n)?L.True:M.IsUndefined(n)?L.True:L.False}function o6(n,r){return M.IsIntersect(r)?$0(n,r):M.IsUnion(r)?nl(n,r):M.IsUnknown(r)?Um(n,r):M.IsAny(r)?T_(n,r):M.IsObject(r)?Lr(n,r):M.IsVoid(r)?L.True:L.False}function Pn(n,r){return M.IsTemplateLiteral(n)||M.IsTemplateLiteral(r)?v4(n,r):M.IsRegExp(n)||M.IsRegExp(r)?j4(n,r):M.IsNot(n)||M.IsNot(r)?Y4(n,r):M.IsAny(n)?h4(n,r):M.IsArray(n)?E4(n,r):M.IsBigInt(n)?D4(n,r):M.IsBoolean(n)?k4(n,r):M.IsAsyncIterator(n)?S4(n,r):M.IsConstructor(n)?M4(n,r):M.IsDate(n)?R4(n,r):M.IsFunction(n)?H4(n,r):M.IsInteger(n)?z4(n,r):M.IsIntersect(n)?B4(n,r):M.IsIterator(n)?U4(n,r):M.IsLiteral(n)?W4(n,r):M.IsNever(n)?V4(n,r):M.IsNull(n)?J4(n,r):M.IsNumber(n)?X4(n,r):M.IsObject(n)?P4(n,r):M.IsRecord(n)?F4(n,r):M.IsString(n)?q4(n,r):M.IsSymbol(n)?K4(n,r):M.IsTuple(n)?p4(n,r):M.IsPromise(n)?C4(n,r):M.IsUint8Array(n)?y4(n,r):M.IsUndefined(n)?T4(n,r):M.IsUnion(n)?n6(n,r):M.IsUnknown(n)?r6(n,r):M.IsVoid(n)?o6(n,r):ui(`Unknown left type operand '${n[C]}'`)}function jo(n,r){return Pn(n,r)}var Dm,L;var rl=b(()=>{_a();gc();$c();si();di();mo();sa();fn();Ft();E_();Dm=class Dm extends Hr{};(function(n){n[n.Union=0]="Union",n[n.True=1]="True",n[n.False=2]="False"})(L||(L={}))});function c6(n,r,t,o,c){let i={};for(let a of globalThis.Object.getOwnPropertyNames(n))i[a]=wi(n[a],r,t,o,In(c));return i}function i6(n,r,t,o,c){return c6(n.properties,r,t,o,c)}function Wm(n,r,t,o,c){let i=i6(n,r,t,o,c);return Bn(i)}var tl=b(()=>{Er();A0();Pr()});function a6(n,r,t,o){let c=jo(n,r);return c===L.Union?Jn([t,o]):c===L.True?t:o}function wi(n,r,t,o,c){return pn(n)?Wm(n,r,t,o,c):rt(n)?X(Vm(n,r,t,o,c)):X(a6(n,r,t,o),c)}var A0=b(()=>{en();wr();rl();ol();tl();zn()});function e6(n,r,t,o,c){return{[n]:wi(Wn(n),r,t,o,In(c))}}function s6(n,r,t,o,c){return n.reduce((i,a)=>{return{...i,...e6(a,r,t,o,c)}},{})}function f6(n,r,t,o,c){return s6(n.keys,r,t,o,c)}function Vm(n,r,t,o,c){let i=f6(n,r,t,o,c);return Bn(i)}var ol=b(()=>{Er();Fr();A0();Pr()});var Ym=()=>{};var Da=b(()=>{rl();ol();tl();Ym();A0()});function Jm(n,r){return bi(hc(n),r)}var cl=b(()=>{E0();mo()});function _6(n,r){let t=n.filter((o)=>jo(o,r)===L.False);return t.length===1?t[0]:Jn(t)}function bi(n,r,t={}){if(tt(n))return X(Jm(n,r),t);if(pn(n))return X(Xm(n,r),t);return X(kn(n)?_6(n.anyOf,r):jo(n,r)!==L.False?Mn():n,t)}var E0=b(()=>{en();wr();Br();Da();il();cl();zn()});function l6(n,r){let t={};for(let o of globalThis.Object.getOwnPropertyNames(n))t[o]=bi(n[o],r);return t}function d6(n,r){return l6(n.properties,r)}function Xm(n,r){let t=d6(n,r);return Bn(t)}var il=b(()=>{Er();E0()});var al=b(()=>{il();cl();E0()});function Lm(n,r){return gi(hc(n),r)}var el=b(()=>{S0();mo()});function u6(n,r){let t=n.filter((o)=>jo(o,r)!==L.False);return t.length===1?t[0]:Jn(t)}function gi(n,r,t){if(tt(n))return X(Lm(n,r),t);if(pn(n))return X(Qm(n,r),t);return X(kn(n)?u6(n.anyOf,r):jo(n,r)!==L.False?n:Mn(),t)}var S0=b(()=>{en();wr();Br();Da();sl();el();zn()});function w6(n,r){let t={};for(let o of globalThis.Object.getOwnPropertyNames(n))t[o]=gi(n[o],r);return t}function b6(n,r){return w6(n.properties,r)}function Qm(n,r){let t=b6(n,r);return Bn(t)}var sl=b(()=>{Er();S0()});var fl=b(()=>{sl();el();S0()});function Gm(n,r){return Bt(n)?X(n.returns,r):Mn(r)}var Om=b(()=>{en();Br();zn()});var _l=b(()=>{Om()});function D0(n){return qr(Jr(n))}var Nm=b(()=>{Ac();bo()});var k0=b(()=>{Nm()});function Sc(n,r,t){return X({[C]:"Record",type:"object",patternProperties:{[n]:r}},t)}function ll(n,r,t){let o={};for(let c of n)o[c]=r;return xn(o,{...t,[lt]:"Record"})}function g6(n,r,t){return Sg(n)?ll(jr(n),r,t):Sc(n.pattern,r,t)}function m6(n,r,t){return ll(jr(Jn(n)),r,t)}function $6(n,r,t){return ll([n.toString()],r,t)}function h6(n,r,t){return Sc(n.source,r,t)}function A6(n,r,t){let o=_r(n.pattern)?Oo:n.pattern;return Sc(o,r,t)}function E6(n,r,t){return Sc(Oo,r,t)}function S6(n,r,t){return Sc(y1,r,t)}function D6(n,r,t){return xn({true:r,false:r},t)}function k6(n,r,t){return Sc(Go,r,t)}function M6(n,r,t){return Sc(Go,r,t)}function M0(n,r,t={}){return kn(n)?m6(n.anyOf,r,t):tt(n)?g6(n,r,t):nt(n)?$6(n.const,r,t):_o(n)?D6(n,r,t):Wt(n)?k6(n,r,t):Vt(n)?M6(n,r,t):m_(n)?h6(n,r,t):lo(n)?A6(n,r,t):b_(n)?E6(n,r,t):Lo(n)?S6(n,r,t):Mn(t)}function R0(n){return globalThis.Object.getOwnPropertyNames(n.patternProperties)[0]}function xm(n){let r=R0(n);return r===Oo?Yt():r===Go?dt():Yt({pattern:r})}function H0(n){return n.patternProperties[R0(n)]}var Pm=b(()=>{en();fn();Br();$c();it();si();wr();mo();sa();Kt();zn()});var ka=b(()=>{Pm()});function R6(n,r){return r.parameters=Ma(n,r.parameters),r.returns=Jt(n,r.returns),r}function H6(n,r){return r.parameters=Ma(n,r.parameters),r.returns=Jt(n,r.returns),r}function z6(n,r){return r.allOf=Ma(n,r.allOf),r}function B6(n,r){return r.anyOf=Ma(n,r.anyOf),r}function U6(n,r){if(_r(r.items))return r;return r.items=Ma(n,r.items),r}function W6(n,r){return r.items=Jt(n,r.items),r}function V6(n,r){return r.items=Jt(n,r.items),r}function Y6(n,r){return r.items=Jt(n,r.items),r}function J6(n,r){return r.item=Jt(n,r.item),r}function X6(n,r){let t=O6(n,r.properties);return{...r,...xn(t)}}function L6(n,r){let t=Jt(n,xm(r)),o=Jt(n,H0(r)),c=M0(t,o);return{...r,...c}}function Q6(n,r){return r.index in n?n[r.index]:Fo()}function G6(n,r){let t=ri(r),o=Cr(r),c=Jt(n,r);return t&&o?D0(c):t&&!o?qr(c):!t&&o?Jr(c):c}function O6(n,r){return globalThis.Object.getOwnPropertyNames(r).reduce((t,o)=>{return{...t,[o]:G6(n,r[o])}},{})}function Ma(n,r){return r.map((t)=>Jt(n,t))}function Jt(n,r){return Bt(r)?R6(n,r):Ut(r)?H6(n,r):rr(r)?z6(n,r):kn(r)?B6(n,r):ot(r)?U6(n,r):Ht(r)?W6(n,r):lc(r)?V6(n,r):uc(r)?Y6(n,r):wc(r)?J6(n,r):lr(r)?X6(n,r):bc(r)?L6(n,r):g_(r)?Q6(n,r):r}function Cm(n,r){return Jt(r,ni(n))}var Fm=b(()=>{qe();di();k0();Ac();bo();it();ka();zn()});var dl=b(()=>{Fm()});function jm(n){return X({[C]:"Integer",type:"integer"},n)}var qm=b(()=>{en();fn()});var ul=b(()=>{qm()});function N6(n,r,t){return{[n]:Xt(Wn(n),r,In(t))}}function x6(n,r,t){return n.reduce((c,i)=>{return{...c,...N6(i,r,t)}},{})}function P6(n,r,t){return x6(n.keys,r,t)}function Km(n,r,t){let o=P6(n,r,t);return Bn(o)}var wl=b(()=>{Er();Dc();Fr();Pr()});function C6(n){let[r,t]=[n.slice(0,1),n.slice(1)];return[r.toLowerCase(),t].join("")}function F6(n){let[r,t]=[n.slice(0,1),n.slice(1)];return[r.toUpperCase(),t].join("")}function j6(n){return n.toUpperCase()}function q6(n){return n.toLowerCase()}function K6(n,r,t){let o=ai(n.pattern);if(!mc(o))return{...n,pattern:vm(n.pattern,r)};let a=[...ga(o)].map((f)=>Wn(f)),e=Zm(a,r),s=Jn(e);return r0([s],t)}function vm(n,r){return typeof n==="string"?r==="Uncapitalize"?C6(n):r==="Capitalize"?F6(n):r==="Uppercase"?j6(n):r==="Lowercase"?q6(n):n:n.toString()}function Zm(n,r){return n.map((t)=>Xt(t,r))}function Xt(n,r,t={}){return rt(n)?Km(n,r,t):tt(n)?K6(n,r,t):kn(n)?Jn(Zm(n.anyOf,r),t):nt(n)?Wn(vm(n.const,r),t):X(n,t)}var Dc=b(()=>{en();mo();wl();Fr();wr();zn()});function Im(n,r={}){return Xt(n,"Capitalize",r)}var pm=b(()=>{Dc()});function ym(n,r={}){return Xt(n,"Lowercase",r)}var Tm=b(()=>{Dc()});function n2(n,r={}){return Xt(n,"Uncapitalize",r)}var r2=b(()=>{Dc()});function t2(n,r={}){return Xt(n,"Uppercase",r)}var o2=b(()=>{Dc()});var bl=b(()=>{pm();wl();Dc();Tm();r2();o2()});function v6(n,r,t){let o={};for(let c of globalThis.Object.getOwnPropertyNames(n))o[c]=qo(n[c],r,In(t));return o}function Z6(n,r,t){return v6(n.properties,r,t)}function c2(n,r,t){let o=Z6(n,r,t);return Bn(o)}var gl=b(()=>{Er();z0();Pr()});function I6(n,r){return n.map((t)=>ml(t,r))}function p6(n,r){return n.map((t)=>ml(t,r))}function y6(n,r){let{[r]:t,...o}=n;return o}function T6(n,r){return r.reduce((t,o)=>y6(t,o),n)}function n8(n,r,t){let o=tr(n,[ur,"$id","required","properties"]),c=T6(t,r);return xn(c,o)}function r8(n){let r=n.reduce((t,o)=>ve(o)?[...t,Wn(o)]:t,[]);return Jn(r)}function ml(n,r){return rr(n)?Xr(I6(n.allOf,r)):kn(n)?Jn(p6(n.anyOf,r)):lr(n)?n8(n,r,n.properties):xn({})}function qo(n,r,t){let o=fr(r)?r8(r):r,c=ct(r)?jr(r):r,i=ir(n),a=ir(r);return pn(n)?c2(n,c,t):rt(r)?i2(n,r,t):i&&a?vn("Omit",[n,o],t):!i&&a?vn("Omit",[n,o],t):i&&!a?vn("Omit",[n,o],t):X({...ml(n,c),...t})}var z0=b(()=>{en();ta();xo();Fr();Kt();ut();wr();it();$l();gl();zn()});function t8(n,r,t){return{[r]:qo(n,[r],In(t))}}function o8(n,r,t){return r.reduce((o,c)=>{return{...o,...t8(n,c,t)}},{})}function c8(n,r,t){return o8(n,r.keys,t)}function i2(n,r,t){let o=c8(n,r,t);return Bn(o)}var $l=b(()=>{Er();z0();Pr()});var B0=b(()=>{$l();gl();z0()});function i8(n,r,t){let o={};for(let c of globalThis.Object.getOwnPropertyNames(n))o[c]=Ko(n[c],r,In(t));return o}function a8(n,r,t){return i8(n.properties,r,t)}function a2(n,r,t){let o=a8(n,r,t);return Bn(o)}var hl=b(()=>{Er();U0();Pr()});function e8(n,r){return n.map((t)=>Al(t,r))}function s8(n,r){return n.map((t)=>Al(t,r))}function f8(n,r){let t={};for(let o of r)if(o in n)t[o]=n[o];return t}function _8(n,r,t){let o=tr(n,[ur,"$id","required","properties"]),c=f8(t,r);return xn(c,o)}function l8(n){let r=n.reduce((t,o)=>ve(o)?[...t,Wn(o)]:t,[]);return Jn(r)}function Al(n,r){return rr(n)?Xr(e8(n.allOf,r)):kn(n)?Jn(s8(n.anyOf,r)):lr(n)?_8(n,r,n.properties):xn({})}function Ko(n,r,t){let o=fr(r)?l8(r):r,c=ct(r)?jr(r):r,i=ir(n),a=ir(r);return pn(n)?a2(n,c,t):rt(r)?e2(n,r,t):i&&a?vn("Pick",[n,o],t):!i&&a?vn("Pick",[n,o],t):i&&!a?vn("Pick",[n,o],t):X({...Al(n,c),...t})}var U0=b(()=>{en();xo();ut();Fr();it();wr();Kt();ta();zn();El();hl()});function d8(n,r,t){return{[r]:Ko(n,[r],In(t))}}function u8(n,r,t){return r.reduce((o,c)=>{return{...o,...d8(n,c,t)}},{})}function w8(n,r,t){return u8(n,r.keys,t)}function e2(n,r,t){let o=w8(n,r,t);return Bn(o)}var El=b(()=>{Er();U0();Pr()});var W0=b(()=>{El();hl();U0()});function b8(n,r){return vn("Partial",[vn(n,r)])}function g8(n){return vn("Partial",[vt(n)])}function m8(n){let r={};for(let t of globalThis.Object.getOwnPropertyNames(n))r[t]=Jr(n[t]);return r}function $8(n,r){let t=tr(n,[ur,"$id","required","properties"]),o=m8(r);return xn(o,t)}function s2(n){return n.map((r)=>f2(r))}function f2(n){return zt(n)?b8(n.target,n.parameters):ir(n)?g8(n.$ref):rr(n)?Xr(s2(n.allOf)):kn(n)?Jn(s2(n.anyOf)):lr(n)?$8(n,n.properties):dc(n)?n:_o(n)?n:Wt(n)?n:nt(n)?n:oa(n)?n:Vt(n)?n:lo(n)?n:ca(n)?n:ia(n)?n:xn({})}function mi(n,r){if(pn(n))return _2(n,r);else return X({...f2(n),...r})}var Sl=b(()=>{en();xo();bo();it();ut();wr();Ec();wo();fn();Dl();zn()});function h8(n,r){let t={};for(let o of globalThis.Object.getOwnPropertyNames(n))t[o]=mi(n[o],In(r));return t}function A8(n,r){return h8(n.properties,r)}function _2(n,r){let t=A8(n,r);return Bn(t)}var Dl=b(()=>{Er();Sl();Pr()});var V0=b(()=>{Dl();Sl()});function E8(n,r){return vn("Required",[vn(n,r)])}function S8(n){return vn("Required",[vt(n)])}function D8(n){let r={};for(let t of globalThis.Object.getOwnPropertyNames(n))r[t]=tr(n[t],[zr]);return r}function k8(n,r){let t=tr(n,[ur,"$id","required","properties"]),o=D8(r);return xn(o,t)}function l2(n){return n.map((r)=>d2(r))}function d2(n){return zt(n)?E8(n.target,n.parameters):ir(n)?S8(n.$ref):rr(n)?Xr(l2(n.allOf)):kn(n)?Jn(l2(n.anyOf)):lr(n)?k8(n,n.properties):dc(n)?n:_o(n)?n:Wt(n)?n:nt(n)?n:oa(n)?n:Vt(n)?n:lo(n)?n:ca(n)?n:ia(n)?n:xn({})}function $i(n,r){if(pn(n))return u2(n,r);else return X({...d2(n),...r})}var kl=b(()=>{en();xo();it();ut();wr();Ec();fn();wo();Ml();zn()});function M8(n,r){let t={};for(let o of globalThis.Object.getOwnPropertyNames(n))t[o]=$i(n[o],r);return t}function R8(n,r){return M8(n.properties,r)}function u2(n,r){let t=R8(n,r);return Bn(t)}var Ml=b(()=>{Er();kl()});var Y0=b(()=>{Ml();kl()});function H8(n,r){return r.map((t)=>{return ir(t)?Rl(n,t.$ref):at(n,t)})}function Rl(n,r){return r in n?ir(n[r])?Rl(n,n[r].$ref):at(n,n[r]):Mn()}function z8(n){return _i(n[0])}function B8(n){return Po(n[0],n[1])}function U8(n){return li(n[0])}function W8(n){return mi(n[0])}function V8(n){return qo(n[0],n[1])}function Y8(n){return Ko(n[0],n[1])}function J8(n){return $i(n[0])}function X8(n,r,t){let o=H8(n,t);return r==="Awaited"?z8(o):r==="Index"?B8(o):r==="KeyOf"?U8(o):r==="Partial"?W8(o):r==="Omit"?V8(o):r==="Pick"?Y8(o):r==="Required"?J8(o):Mn()}function L8(n,r){return ti(at(n,r))}function Q8(n,r){return oi(at(n,r))}function G8(n,r,t){return ci(Ra(n,r),at(n,t))}function O8(n,r,t){return jt(Ra(n,r),at(n,t))}function N8(n,r){return Xr(Ra(n,r))}function x8(n,r){return fi(at(n,r))}function P8(n,r){return xn(globalThis.Object.keys(r).reduce((t,o)=>{return{...t,[o]:at(n,r[o])}},{}))}function C8(n,r){let[t,o]=[at(n,H0(r)),R0(r)],c=ni(r);return c.patternProperties[o]=t,c}function F8(n,r){return ir(r)?{...Rl(n,r.$ref),[ur]:r[ur]}:r}function j8(n,r){return wt(Ra(n,r))}function q8(n,r){return Jn(Ra(n,r))}function Ra(n,r){return r.map((t)=>at(n,t))}function at(n,r){return Cr(r)?X(at(n,tr(r,[zr])),r):ri(r)?X(at(n,tr(r,[Rt])),r):Qo(r)?X(F8(n,r),r):Ht(r)?X(L8(n,r.items),r):lc(r)?X(Q8(n,r.items),r):zt(r)?X(X8(n,r.target,r.parameters)):Bt(r)?X(G8(n,r.parameters,r.returns),r):Ut(r)?X(O8(n,r.parameters,r.returns),r):rr(r)?X(N8(n,r.allOf),r):uc(r)?X(x8(n,r.items),r):lr(r)?X(P8(n,r.properties),r):bc(r)?X(C8(n,r)):ot(r)?X(j8(n,r.items||[]),r):kn(r)?X(q8(n,r.anyOf),r):r}function K8(n,r){return r in n?at(n,n[r]):Mn()}function w2(n){return globalThis.Object.getOwnPropertyNames(n).reduce((r,t)=>{return{...r,[t]:K8(n,t)}},{})}var b2=b(()=>{fo();w_();wo();la();a0();da();ua();Kt();gc();ut();$a();Sa();it();B0();W0();Br();V0();ka();Y0();Co();wr();fn();zn()});class g2{constructor(n){let r=w2(n),t=this.WithIdentifiers(r);this.$defs=t}Import(n,r){let t={...this.$defs,[n]:X(this.$defs[n],r)};return X({[C]:"Import",$defs:t,$ref:n})}WithIdentifiers(n){return globalThis.Object.getOwnPropertyNames(n).reduce((r,t)=>{return{...r,[t]:{...n[t],$id:t}}},{})}}function m2(n){return new g2(n)}var $2=b(()=>{fo();fn();b2()});var Hl=b(()=>{$2()});function h2(n,r){return X({[C]:"Not",not:n},r)}var A2=b(()=>{en();fn()});var zl=b(()=>{A2()});function E2(n,r){return Ut(n)?wt(n.parameters,r):Mn()}var S2=b(()=>{Co();Br();zn()});var Bl=b(()=>{S2()});function D2(n,r={}){if(_r(r.$id))r.$id=`T${v8++}`;let t=ni(n({[C]:"This",$ref:`${r.$id}`}));return t.$id=r.$id,X({[lt]:"Recursive",...t},r)}var v8=0;var k2=b(()=>{qe();en();fn()});var Ul=b(()=>{k2()});function M2(n,r){let t=Fn(n)?new globalThis.RegExp(n):n;return X({[C]:"RegExp",type:"RegExp",source:t.source,flags:t.flags},r)}var R2=b(()=>{en();fn()});var Wl=b(()=>{R2()});function Z8(n){return rr(n)?n.allOf:kn(n)?n.anyOf:ot(n)?n.items??[]:[]}function H2(n){return Z8(n)}var z2=b(()=>{zn()});var Vl=b(()=>{z2()});function B2(n,r){return Ut(n)?X(n.returns,r):Mn(r)}var U2=b(()=>{en();Br();zn()});var Yl=b(()=>{U2()});var W2=()=>{};var V2=()=>{};var Y2=b(()=>{W2();V2()});var J2=()=>{};var X2=b(()=>{J2()});class L2{constructor(n){this.schema=n}Decode(n){return new Q2(this.schema,n)}}class Q2{constructor(n,r){this.schema=n,this.decode=r}EncodeTransform(n,r){let c={Encode:(i)=>r[ur].Encode(n(i)),Decode:(i)=>this.decode(r[ur].Decode(i))};return{...r,[ur]:c}}EncodeSchema(n,r){let t={Decode:this.decode,Encode:n};return{...r,[ur]:t}}Encode(n){return Qo(this.schema)?this.EncodeTransform(n,this.schema):this.EncodeSchema(n,this.schema)}}function G2(n){return new L2(n)}var O2=b(()=>{fn();zn()});var Jl=b(()=>{O2()});function N2(n={}){return X({[C]:n[C]??"Unsafe"},n)}var x2=b(()=>{en();fn()});var Xl=b(()=>{x2()});function P2(n){return X({[C]:"Void",type:"void"},n)}var C2=b(()=>{en();fn()});var Ll=b(()=>{C2()});var Ql={};ho(Ql,{Void:()=>P2,Uppercase:()=>t2,Unsafe:()=>N2,Unknown:()=>Fo,Union:()=>Jn,Undefined:()=>u0,Uncapitalize:()=>n2,Uint8Array:()=>b0,Tuple:()=>wt,Transform:()=>G2,TemplateLiteral:()=>r0,Symbol:()=>l0,String:()=>Yt,ReturnType:()=>B2,Rest:()=>H2,Required:()=>$i,RegExp:()=>M2,Ref:()=>vt,Recursive:()=>D2,Record:()=>M0,ReadonlyOptional:()=>D0,Readonly:()=>qr,Promise:()=>c0,Pick:()=>Ko,Partial:()=>mi,Parameters:()=>E2,Optional:()=>Jr,Omit:()=>qo,Object:()=>xn,Number:()=>dt,Null:()=>f0,Not:()=>h2,Never:()=>Mn,Module:()=>m2,Mapped:()=>qg,Lowercase:()=>ym,Literal:()=>Wn,KeyOf:()=>li,Iterator:()=>fi,Intersect:()=>Xr,Integer:()=>jm,Instantiate:()=>Cm,InstanceType:()=>Gm,Index:()=>Po,Function:()=>jt,Extract:()=>gi,Extends:()=>wi,Exclude:()=>bi,Enum:()=>mm,Date:()=>e0,ConstructorParameters:()=>bm,Constructor:()=>ci,Const:()=>um,Composite:()=>im,Capitalize:()=>Im,Boolean:()=>Te,BigInt:()=>ei,Awaited:()=>_i,AsyncIterator:()=>oi,Array:()=>ti,Argument:()=>sg,Any:()=>No});var F2=b(()=>{_a();S_();la();da();a0();ma();n0();j_();K_();ua();v_();s0();Z_();al();Da();fl();gc();Kt();_l();dl();ul();ut();bl();$a();Sa();Fr();Er();Hl();Br();zl();_0();$c();it();B0();bo();Bl();V0();W0();i0();Ac();k0();ka();Ul();Ec();Wl();Y0();Vl();Yl();si();d0();mo();Jl();Co();g0();w0();wr();di();Xl();Ll()});var mr;var j2=b(()=>{F2();mr=Ql});var q2=b(()=>{w_();fo();Ft();E_();Z1();sa();rg();fa();fn();_a();la();S_();da();a0();ma();n0();j_();K_();ua();v_();s0();Z_();al();Da();fl();gc();Kt();_l();dl();ul();ut();$a();bl();Sa();Fr();Hl();Er();Br();zl();_0();$c();it();B0();bo();Bl();V0();W0();i0();Ac();k0();ka();Ul();Ec();Wl();Y0();Vl();Yl();Y2();X2();si();d0();mo();Jl();Co();g0();w0();wr();di();Xl();Ll();j2()});var Gl,Ol,CF,FF;var Nl=b(()=>{q2();Gl=mr.Object({email:mr.String({format:"email"})}),Ol=mr.Object({token:mr.String()}),CF=mr.Object({success:mr.Boolean(),message:mr.Optional(mr.String())}),FF=mr.Object({success:mr.Boolean(),message:mr.Optional(mr.String()),data:mr.Optional(mr.Object({user:mr.Object({id:mr.String(),email:mr.String()}),accessToken:mr.String(),refreshToken:mr.String()}))})});import{eq as xl}from"drizzle-orm";import{Elysia as I8}from"elysia";function J0(n,r,t,o,c,i,a,e,s,f){let{db:d,logger:_,usersTable:w}=n,g=r.route||"/auth/magic-link",u=r.verifyRoute||"/auth/magic-link/verify",m=r.expiresIn||"15m",l=r.redirectUrl||"",E=new I8;if(!r.enabled)return E;return E.post(g,async($)=>{if(!d||!w)return{success:!1,message:"Database not configured"};if(!t?.isAvailable())return _.error("[AUTH] Magic link requested but email service not available"),{success:!1,message:"Email service not available"};let{email:S}=$.body,W=(await d.select().from(w).where(xl(w.email,S)).limit(1))[0];if(!W)return _.info("[AUTH] Magic link requested for non-existent email",{email:S}),{success:!0,message:"If an account exists, a magic link has been sent"};if(W.isLocked)return _.warn("[AUTH] Magic link requested for locked account",{email:S}),{success:!0,message:"If an account exists, a magic link has been sent"};let H=yc(),k=Mt(H),D=new Date(Date.now()+Tc(m));await a({userId:W.id,email:S,tokenHash:k,expiresAt:D});let A=l?`${l}?token=${H}`:`${u}?token=${H}`,h=await t.sendMagicLinkEmail(S,A,f);if(!h.success)return _.error("[AUTH] Failed to send magic link email",{email:S,error:h.error}),{success:!1,message:"Failed to send email"};return _.info("[AUTH] Magic link sent",{email:S,userId:W.id}),{success:!0,message:"If an account exists, a magic link has been sent"}},{body:Gl,detail:{tags:["Authentication"],summary:"Request Magic Link",description:"Send a magic link to the user's email for passwordless login"}}),E.get(u,async($)=>{if(!d||!w)return{success:!1,message:"Database not configured"};let S=$.query.token;if(!S)return{success:!1,message:"Token is required"};let U=Mt(S),W=await e(U);if(!W)return _.warn("[AUTH] Invalid magic link token"),{success:!1,message:"Invalid or expired token"};if(new Date>W.expiresAt)return await s(U),_.warn("[AUTH] Expired magic link token",{email:W.email}),{success:!1,message:"Invalid or expired token"};let k=(await d.select().from(w).where(xl(w.id,W.userId)).limit(1))[0];if(!k)return await s(U),{success:!1,message:"User not found"};await s(U),await d.update(w).set({lastLoginAt:new Date,loginCount:(k.loginCount||0)+1,emailVerified:!0}).where(xl(w.id,k.id));let D=$.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||$.request.headers.get("x-real-ip")?.trim()||"unknown",A=$.request.headers.get("user-agent")||"",h=o(k.id),R=c(k.id),z=await i({userId:k.id,deviceInfo:{ipAddress:D,userAgent:A,deviceType:"unknown"},loginMethod:"magic_link"});return _.info("[AUTH] Magic link login successful",{userId:k.id,email:k.email}),$.set.headers["x-session-id"]=z,{success:!0,data:{user:{id:k.id,email:k.email},accessToken:h,refreshToken:R}}},{query:Ol,detail:{tags:["Authentication"],summary:"Verify Magic Link",description:"Verify magic link token and login user"}}),E}var Pl=b(()=>{Nl();yi();Nl()});import{eq as hi}from"drizzle-orm";import{Elysia as p8}from"elysia";function X0(n,r,t,o,c){let{db:i,logger:a,usersTable:e}=n,s=r.route||"/auth/me",f=new p8;if(!r.enabled)return f;return f.get(s,async(d)=>{if(!i||!e)return{success:!1,message:"Database not configured"};let _=d.request.headers.get("x-user-id");if(!_)return d.set.status=401,{success:!1,message:"Unauthorized"};let g=(await i.select().from(e).where(hi(e.id,_)).limit(1))[0];if(!g)return d.set.status=404,{success:!1,message:"User not found"};let{password:u,...m}=g,l=null,E=[],$=[],S=[],U=[];if(r.includeProfile&&t){let H=t.profiles;if(H&&i)l=(await i.select().from(H).where(hi(H.userId,_)).limit(1))[0]||null}if(r.includeAddresses&&t){let H=t.addresses;if(H&&i)E=await i.select().from(H).where(hi(H.ownerId,_))}if(r.includePhones&&t){let H=t.phones;if(H&&i)$=await i.select().from(H).where(hi(H.ownerId,_))}if(r.includeFiles&&t){let H=t.files;if(H&&i)S=await i.select().from(H).where(hi(H.uploadedBy,_))}if(r.includeRoles&&t){let{userRoles:H,roles:k}=t;if(H&&k&&i){let A=(await i.select().from(H).where(hi(H.userId,_))).map((h)=>h.roleId);if(A.length>0){let{inArray:h}=await import("drizzle-orm");U=await i.select().from(k).where(h(k.id,A))}}}return a.info("[AUTH] Me endpoint accessed",{userId:_}),JSON.parse(JSON.stringify({success:!0,data:{user:m,profile:l,addresses:E,phones:$,files:S,roles:U}},(H,k)=>typeof k==="bigint"?Number(k):k))},{detail:{tags:["Authentication"],summary:"Get current user",description:"Get the currently authenticated user with profile, addresses, phones and files"}}),f}var Cl=()=>{};import{and as L0,eq as Or}from"drizzle-orm";import{Elysia as y8}from"elysia";function K2(n,r,t,o,c,i,a,e,s,f,d){let{db:_,logger:w,usersTable:g}=n,u=r.basePath,m={accessTokenName:a?.accessTokenName||"access_token",refreshTokenName:a?.refreshTokenName||"refresh_token",sessionTokenName:a?.sessionTokenName||"session_token",accessTokenMaxAge:a?.accessTokenMaxAge||900,refreshTokenMaxAge:a?.refreshTokenMaxAge||604800,sessionTokenMaxAge:a?.sessionTokenMaxAge||900,secure:a?.secure??!0,httpOnly:a?.httpOnly??!0,sameSite:a?.sameSite||"lax",path:a?.path||"/",domain:a?.domain},l={accessToken:{setHeadersEnabled:e?.accessToken?.setHeadersEnabled??!0,returnJson:e?.accessToken?.returnJson??!0},refreshToken:{setHeadersEnabled:e?.refreshToken?.setHeadersEnabled??!0,returnJson:e?.refreshToken?.returnJson??!0},sessionToken:{setHeadersEnabled:e?.sessionToken?.setHeadersEnabled??!0,returnJson:e?.sessionToken?.returnJson??!0}},E=new y8;return E.get(`${u}/:provider`,async($)=>{let S=$.params.provider;if(!r.isProviderEnabled(S))return $.set.status=404,{success:!1,message:`OAuth provider "${S}" is not enabled`};let U=$.query.link_user_id,W=$.query.redirect_url,H=r.buildAuthorizationUrl(S,U,W);return $.set.status=302,$.set.headers.Location=H,null},{detail:{tags:["Authentication"],summary:"OAuth Redirect",description:"Redirects to the OAuth provider authorization page"}}),E.get(`${u}/:provider/callback`,async($)=>{let S=$.params.provider,U=$.query,{code:W,state:H,error:k,error_description:D}=U,A=r.errorRedirectUrl;if(k)return w.warn("[OAUTH] Provider returned error",{provider:S,error:k,error_description:D}),$.set.status=302,$.set.headers.Location=`${A}?error=${encodeURIComponent(D||k)}`,null;if(!W||!H)return $.set.status=302,$.set.headers.Location=`${A}?error=missing_code_or_state`,null;let h=r.consumeState(H);if(!h)return w.warn("[OAUTH] Invalid or expired state",{provider:S,state:H}),$.set.status=302,$.set.headers.Location=`${A}?error=invalid_state`,null;if(h.provider!==S)return w.warn("[OAUTH] State provider mismatch",{expected:h.provider,got:S}),$.set.status=302,$.set.headers.Location=`${A}?error=provider_mismatch`,null;if(!_||!g)return $.set.status=302,$.set.headers.Location=`${A}?error=server_error`,null;let R;try{R=await r.exchangeCode(S,W)}catch(ln){return w.error("[OAUTH] Code exchange failed",{provider:S,error:ln}),$.set.status=302,$.set.headers.Location=`${A}?error=token_exchange_failed`,null}let{profile:z,tokens:V}=R,Q=n.oauthAccountsTable,B=null;if(h.linkUserId&&r.allowAccountLinking){if(B=h.linkUserId,Q){let Qn=await _.select().from(Q).where(L0(Or(Q.provider,S),Or(Q.providerAccountId,z.providerAccountId))).limit(1);if(Qn.length>0){let qn=Qn[0];if(qn.userId!==B)return $.set.status=302,$.set.headers.Location=`${A}?error=account_already_linked_to_another_user`,null;await _.update(Q).set({accessToken:V.accessToken,refreshToken:V.refreshToken??null,tokenExpiresAt:V.expiresAt??null,scope:V.scope??null,rawProfile:z.rawProfile,lastUsedAt:new Date}).where(Or(Q.id,qn.id))}else await _.insert(Q).values({userId:B,provider:S,providerAccountId:z.providerAccountId,providerEmail:z.email??null,providerName:z.name??null,providerAvatarUrl:z.avatarUrl??null,accessToken:V.accessToken,refreshToken:V.refreshToken??null,tokenExpiresAt:V.expiresAt??null,scope:V.scope??null,rawProfile:z.rawProfile,isPrimary:!1,lastUsedAt:new Date})}w.info("[OAUTH] Account linked successfully",{userId:B,provider:S});let ln=h.redirectUrl||r.successRedirectUrl;return $.set.status=302,$.set.headers.Location=`${ln}?linked=true&provider=${S}`,null}if(Q){let ln=await _.select().from(Q).where(L0(Or(Q.provider,S),Or(Q.providerAccountId,z.providerAccountId))).limit(1);if(ln.length>0){let Qn=ln[0];B=Qn.userId,await _.update(Q).set({accessToken:V.accessToken,refreshToken:V.refreshToken??null,tokenExpiresAt:V.expiresAt??null,scope:V.scope??null,rawProfile:z.rawProfile,lastUsedAt:new Date}).where(Or(Q.id,Qn.id))}}if(!B&&z.email){let ln=await _.select().from(g).where(Or(g.email,z.email)).limit(1);if(ln.length>0){if(B=ln[0].id,Q)await _.insert(Q).values({userId:B,provider:S,providerAccountId:z.providerAccountId,providerEmail:z.email??null,providerName:z.name??null,providerAvatarUrl:z.avatarUrl??null,accessToken:V.accessToken,refreshToken:V.refreshToken??null,tokenExpiresAt:V.expiresAt??null,scope:V.scope??null,rawProfile:z.rawProfile,isPrimary:!1,lastUsedAt:new Date}).onConflictDoNothing();w.info("[OAUTH] Merged OAuth account with existing user by email",{userId:B,provider:S,email:z.email})}}if(!B){if(!r.autoCreateUser)return $.set.status=302,$.set.headers.Location=`${A}?error=user_not_found`,null;let ln=z.email??`${S}_${z.providerAccountId}@oauth.local`;if(B=(await _.insert(g).values({email:ln,password:null,verifiedAt:z.email?new Date:null,isActive:!0}).returning())[0].id,Q)await _.insert(Q).values({userId:B,provider:S,providerAccountId:z.providerAccountId,providerEmail:z.email??null,providerName:z.name??null,providerAvatarUrl:z.avatarUrl??null,accessToken:V.accessToken,refreshToken:V.refreshToken??null,tokenExpiresAt:V.expiresAt??null,scope:V.scope??null,rawProfile:z.rawProfile,isPrimary:!0,lastUsedAt:new Date});if(w.info("[OAUTH] Created new user via OAuth",{userId:B,provider:S,email:z.email}),r.sendInviteOnCreate&&z.email&&s?.isAvailable()&&f)try{let gn=yc(),Gn=Mt(gn),Un=new Date(Date.now()+Tc("7d"));await f({userId:B,email:z.email,tokenHash:Gn,expiresAt:Un});let Sn=`${r.successRedirectUrl.replace(/\/$/,"").replace(/\/[^/]+$/,"/set-password")}?token=${gn}`;await s.sendEmail({to:z.email,subject:`Welcome to ${d??"the platform"} \u2014 Set your password`,html:`
+								<p>Hi${z.name?` ${z.name}`:""},</p>
+								<p>Your account has been created via ${S} login. You can optionally set a password to also sign in with your email and password.</p>
 								<p><a href="${Sn}">Set your password</a></p>
-								<p>This link expires in 7 days. If you don't want to set a password, you can always sign in with ${E}.</p>
-							`}),w.info("[OAUTH] Invite email sent to new OAuth user",{userId:z,email:B.email,provider:E})}catch(gn){w.warn("[OAUTH] Failed to send invite email",{userId:z,error:gn})}}await _.update(g).set({lastLoginAt:new Date}).where(Or(g.id,z));let J=$.request.headers.get("cf-connecting-ip")?.trim()||$.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||$.request.headers.get("x-real-ip")?.trim()||"127.0.0.1",G=$.request.headers.get("user-agent")||"Unknown Browser",F=Oe(G,J),N=t(z),x=o(z),y=$.request.headers.get("origin")||$.request.headers.get("referer")?.replace(/\/[^/]*$/,"")||void 0,O={userId:z,deviceInfo:F,loginMethod:`oauth:${E}`,rememberMe:!0,requestOrigin:y},q=await c(O),Z=!1;if(i){if((await i(q,O))?.requiresApproval)Z=!0}if(Z){w.info("[OAUTH] Login requires device approval",{userId:z,provider:E});let ln=h.redirectUrl||r.successRedirectUrl;return $.set.status=302,$.set.headers.Location=`${ln}?requires_approval=true&provider=${E}`,null}await w.audit({entityName:"users",entityId:z,operation:"LOGIN",userId:z,summary:`${B.email??B.providerAccountId} logged in via OAuth (${E})`,ipAddress:J,userAgent:G,path:`${u}/${E}/callback`,query:""});let nn=m.secure?"; Secure":"",j=m.domain?`; Domain=${m.domain}`:"",I=`; Path=${m.path}; HttpOnly; SameSite=${m.sameSite}${nn}${j}`,K=[];if(l.accessToken.setHeadersEnabled)K.push(`${m.accessTokenName}=${N}${I}; Max-Age=${m.accessTokenMaxAge}`);if(l.refreshToken.setHeadersEnabled)K.push(`${m.refreshTokenName}=${x}${I}; Max-Age=${m.refreshTokenMaxAge}`);if(l.sessionToken.setHeadersEnabled)K.push(`${m.sessionTokenName}=${q}${I}; Max-Age=${m.sessionTokenMaxAge}`);let tn=h.redirectUrl||r.successRedirectUrl,wn=new Headers;wn.set("Location",tn);for(let ln of K)wn.append("Set-Cookie",ln);return new Response(null,{status:302,headers:wn})},{detail:{tags:["Authentication"],summary:"OAuth Callback",description:"Handles the OAuth provider callback, creates session and sets cookies"}}),S.get(`${u}/providers`,()=>{return{success:!0,data:{providers:r.getEnabledProviders()}}},{detail:{tags:["Authentication"],summary:"List OAuth Providers",description:"Returns the list of enabled OAuth providers"}}),S.get(`${u}/link/:provider`,async($)=>{let E=$.params.provider;if(!r.isProviderEnabled(E))return $.set.status=404,{success:!1,message:`OAuth provider "${E}" is not enabled`};if(!r.allowAccountLinking)return $.set.status=403,{success:!1,message:"Account linking is disabled"};let U=$.request.headers.get("x-user-id");if(!U)return $.set.status=401,{success:!1,message:"Authentication required to link accounts"};let W=$.query.redirect_url,H=r.buildAuthorizationUrl(E,U,W);return $.set.status=302,$.set.headers.Location=H,null},{detail:{tags:["Authentication"],summary:"Link OAuth Account",description:"Redirects to provider to link an OAuth account to the current user"}}),S.delete(`${u}/unlink/:provider`,async($)=>{let E=$.params.provider,U=$.request.headers.get("x-user-id");if(!U)return $.set.status=401,{success:!1,message:"Authentication required"};if(!_)return $.set.status=500,{success:!1,message:"Database not configured"};let W=n.oauthAccountsTable;if(!W)return $.set.status=500,{success:!1,message:"OAuth accounts table not configured"};if((await _.select().from(W).where(L0(Or(W.userId,U),Or(W.provider,E))).limit(1)).length===0)return{success:!1,message:`No linked ${E} account found`};let A=!!(await _.select().from(g).where(Or(g.id,U)).limit(1))[0]?.password,h=await _.select().from(W).where(Or(W.userId,U));if(!A&&h.length<=1)return $.set.status=400,{success:!1,message:"Cannot unlink the only login method. Set a password first."};return await _.delete(W).where(L0(Or(W.userId,U),Or(W.provider,E))),w.info("[OAUTH] Account unlinked",{userId:U,provider:E}),{success:!0,message:`${E} account unlinked successfully`}},{detail:{tags:["Authentication"],summary:"Unlink OAuth Account",description:"Removes a linked OAuth account from the current user"}}),S.get(`${u}/accounts`,async($)=>{let E=$.request.headers.get("x-user-id");if(!E)return $.set.status=401,{success:!1,message:"Authentication required"};if(!_)return $.set.status=500,{success:!1,message:"Database not configured"};let U=n.oauthAccountsTable;if(!U)return{success:!0,data:{accounts:[]}};return{success:!0,data:{accounts:(await _.select().from(U).where(Or(U.userId,E))).map((k)=>({id:k.id,provider:k.provider,providerEmail:k.providerEmail,providerName:k.providerName,providerAvatarUrl:k.providerAvatarUrl,isPrimary:k.isPrimary,lastUsedAt:k.lastUsedAt,createdAt:k.createdAt}))}}},{detail:{tags:["Authentication"],summary:"List Linked OAuth Accounts",description:"Returns all OAuth accounts linked to the current user"}}),S}var v2=b(()=>{Ne();yi()});import{t as vo}from"elysia";var Fl,T8;var jl=b(()=>{Fl=vo.Object({currentPassword:vo.String({minLength:1}),newPassword:vo.String({minLength:8}),confirmPassword:vo.String({minLength:8})}),T8=vo.Object({success:vo.Boolean(),message:vo.Optional(vo.String())})});function Z2(n,r){return n===r}import{eq as I2}from"drizzle-orm";import{Elysia as nS}from"elysia";function Q0(n,r){let{db:t,logger:o,usersTable:c}=n,i=r.route||"/auth/password-change",a=new nS;if(!r.enabled)return a;return a.post(i,async(e)=>{if(!t||!c)return e.set.status=500,{success:!1,message:"Database not configured"};let s=e.request.headers.get("x-user-id");if(!s)return e.set.status=401,{success:!1,message:"Authentication required"};let{currentPassword:f,newPassword:d,confirmPassword:_}=e.body;if(!Z2(d,_))return e.set.status=422,{success:!1,message:"New passwords do not match"};let g=(await t.select().from(c).where(I2(c.id,s)).limit(1))[0];if(!g)return e.set.status=404,{success:!1,message:"User not found"};let u=await Ge(f,g.password),m=new URL(e.request.url),l=e.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||e.request.headers.get("x-real-ip")?.trim()||"unknown",S=e.request.headers.get("user-agent")||"unknown";if(!u)return o.warn("[AUTH] Password change failed - invalid current password",{userId:s}),o.audit({entityName:"users",entityId:s,operation:"PASSWORD_CHANGE_FAILED",userId:s,summary:"Password change failed: invalid current password",ipAddress:l,userAgent:S,path:m.pathname,query:m.search}),e.set.status=400,{success:!1,message:"Current password is incorrect"};let $=await Xo(d);return await t.update(c).set({password:$,updatedAt:new Date}).where(I2(c.id,s)),o.info("[AUTH] Password change successful",{userId:s}),o.audit({entityName:"users",entityId:s,operation:"PASSWORD_CHANGE",userId:s,summary:"Password changed successfully",ipAddress:l,userAgent:S,path:m.pathname,query:m.search}),{success:!0,message:"Password changed successfully"}},{body:Fl,detail:{tags:["Authentication"],summary:"Change Password",description:"Change password for authenticated user"}}),a}var ql=b(()=>{Ne();pc();jl();jl()});import{t as Zt}from"elysia";var Kl,vl,rS;var Zl=b(()=>{Kl=Zt.Object({email:Zt.String({format:"email"})}),vl=Zt.Object({token:Zt.String(),newPassword:Zt.String({minLength:8}),confirmPassword:Zt.String({minLength:8})}),rS=Zt.Object({success:Zt.Boolean(),message:Zt.Optional(Zt.String())})});import{randomBytes as tS}from"crypto";function p2(){return tS(32).toString("hex")}function y2(n){return new Date>n}var T2=()=>{};import{Elysia as oS}from"elysia";function G0(n,r,t,o,c,i){let{db:a,logger:e,usersTable:s}=n,f=r.route||"/auth/password-reset",d=new oS;if(!r.enabled)return d;return d.post(`${f}/request`,async(_)=>{if(!a||!s)return{success:!1,message:"Database not configured"};let{email:w}=_.body,{eq:g}=await import("drizzle-orm"),m=(await a.select().from(s).where(g(s.email,w)).limit(1))[0];if(!m)return{success:!0,message:"If email exists, reset link will be sent"};let l=p2(),S=new Date(Date.now()+3600000);if(await t(m.id,l,S),i)try{await i(w,l),e.info("[AUTH] Password reset email sent",{email:w})}catch(E){e.error("[AUTH] Failed to send password reset email",{email:w,error:E})}else e.warn("[AUTH] sendResetEmail not configured - email not sent",{email:w});e.info("[AUTH] Password reset requested",{userId:m.id,email:w});let $=new URL(_.request.url);return e.audit({entityName:"users",entityId:m.id,operation:"PASSWORD_RESET_REQUEST",userId:m.id,summary:`Password reset requested for ${w}`,ipAddress:_.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||_.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:_.request.headers.get("user-agent")||"unknown",path:$.pathname,query:$.search}),{success:!0,message:"If email exists, reset link will be sent"}},{body:Kl,detail:{tags:["Authentication"],summary:"Request Password Reset",description:"Request a password reset email"}}),d.post(`${f}/confirm`,async(_)=>{if(!a||!s)return{success:!1,message:"Database not configured"};let{token:w,newPassword:g,confirmPassword:u}=_.body;if(g!==u)return{success:!1,message:"Passwords do not match"};let m=await o(w);if(!m)return{success:!1,message:"Invalid or expired reset token"};if(y2(m.expiresAt))return await c(w),{success:!1,message:"Reset token has expired"};let l=await Xo(g),{eq:S}=await import("drizzle-orm");await a.update(s).set({password:l}).where(S(s.id,m.userId)),await c(w),e.info("[AUTH] Password reset successful",{userId:m.userId});let $=new URL(_.request.url);return e.audit({entityName:"users",entityId:m.userId,operation:"PASSWORD_RESET",userId:m.userId,summary:"Password reset completed successfully",ipAddress:_.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||_.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:_.request.headers.get("user-agent")||"unknown",path:$.pathname,query:$.search}),{success:!0,message:"Password has been reset"}},{body:vl,detail:{tags:["Authentication"],summary:"Confirm Password Reset",description:"Reset password with token"}}),d}var Il=b(()=>{pc();Zl();T2();Zl()});import{t as $o}from"elysia";var pl,cS;var yl=b(()=>{pl=$o.Object({newPassword:$o.String({minLength:8}),userId:$o.Optional($o.String()),token:$o.Optional($o.String())}),cS=$o.Object({success:$o.Boolean(),message:$o.String()})});import{eq as n5}from"drizzle-orm";import{Elysia as iS}from"elysia";function O0(n,r,t,o){let{db:c,logger:i,usersTable:a}=n,e=r.route||"/auth/password-set",s=new iS;if(!r.enabled)return s;return s.post(e,async(f)=>{if(i.info("[AUTH] Password set request received"),!c||!a)return i.error("[AUTH] Password set failed - database not configured"),{success:!1,message:"Database not configured"};let{newPassword:d,userId:_,token:w}=f.body,g=_;if(w&&t&&o){let $=Mt(w),E=await t($);if(!E)return i.warn("[AUTH] Password set failed - invalid token"),{success:!1,message:"Invalid or expired token"};if(new Date>E.expiresAt)return await o($),i.warn("[AUTH] Password set failed - expired token",{email:E.email}),{success:!1,message:"Invalid or expired token"};g=E.userId,i.info("[AUTH] Password set - userId resolved from token",{userId:g,email:E.email})}if(!g)return i.warn("[AUTH] Password set failed - no userId in payload or token"),{success:!1,message:"User ID or token required"};let m=(await c.select().from(a).where(n5(a.id,g)).limit(1))[0];if(i.info("[AUTH] Password set - user found",{found:!!m,hasPassword:!!m?.password}),!m)return{success:!1,message:"User not found"};if(m.password)return i.warn("[AUTH] Password set failed - user already has password",{userId:g}),{success:!1,message:"Password already set. Use password change instead."};let l=await Xo(d);i.info("[AUTH] Password set - updating user with verifiedAt",{userId:g});let S=await c.update(a).set({password:l,verifiedAt:new Date,updatedAt:new Date}).where(n5(a.id,g));if(i.info("[AUTH] Password set successful for invited user",{userId:g,updateResult:S}),w&&o){let $=Mt(w);await o($),i.info("[AUTH] Invite token consumed after password set",{userId:g})}return{success:!0,message:"Password set successfully"}},{body:pl,detail:{tags:["Authentication"],summary:"Set Password",description:"Set password for the first time (for invited users who do not have a password yet)"}}),s}var Tl=b(()=>{yi();pc();yl();yl()});function nd(n){let r=n.match(/^(\d+)([smhd])$/);if(!r)return 900;let t=r[1],o=r[2];if(!t||!o)return 900;let c=parseInt(t,10);switch(o){case"s":return c;case"m":return c*60;case"h":return c*3600;case"d":return c*86400;default:return 900}}import{t as Dc}from"elysia";var aS;var r5=b(()=>{aS=Dc.Object({success:Dc.Boolean(),message:Dc.Optional(Dc.String()),data:Dc.Optional(Dc.Object({accessToken:Dc.String()}))})});import{Elysia as eS}from"elysia";function N0(n,r,t,o,c,i,a,e){let{logger:s,authentication:f}=n,d=r.route||"/auth/refresh",_=new eS;if(!r.enabled)return _;return _.post(d,async(w)=>{let g=f?.refreshToken?.name||"refresh_token",u=f?.accessToken?.name||"access_token",m=w.request.headers.get("x-refresh-token");if(!m){let x=w.request.headers.get("cookie");if(x)m=x.split(";").reduce((O,q)=>{let[Z,nn]=q.trim().split("=");if(Z&&nn)O[Z]=nn;return O},{})[g]||null}if(!m)return w.set.status=401,{success:!1,message:"Refresh token required"};let l=t(m);if(!l.valid||!l.payload)return s.warn("[AUTH] Refresh failed - invalid token"),w.set.status=401,{success:!1,message:"Invalid refresh token"};let S=l.payload.sub,$=o(S),E=c?c(S):null,U=i?.accessToken?.setHeadersEnabled??!0,W=i?.accessToken?.returnJson??!0,H=i?.refreshToken?.setHeadersEnabled??!0,k=i?.refreshToken?.returnJson??!1,D=f?.accessToken?.expiresIn||"15m",A=Math.max(0,nd(D)-(a??0)),h=f?.refreshToken?.expiresIn||"7d",R=nd(h),B=new Headers;B.set("Content-Type","application/json");let Y=e?.path||"/",X=e?.sameSite||"Strict",z=e?.secure!==!1?"; Secure":"",J=e?.domain?`; Domain=${e.domain}`:"",G=`; Path=${Y}; HttpOnly; SameSite=${X}${z}${J}`;if(U)B.append("Set-Cookie",`${u}=${$}${G}; Max-Age=${A}`);if(E&&H)B.append("Set-Cookie",`${g}=${E}${G}; Max-Age=${R}`);s.info("[AUTH] Token refresh successful",{userId:S,rotatedRefreshToken:!!E});let F={};if(W)F.accessToken=$;if(E&&k)F.refreshToken=E;let N=JSON.stringify({success:!0,data:F});return new Response(N,{status:200,headers:B})},{detail:{tags:["Authentication"],summary:"Refresh Token",description:"Get new access token using refresh token"}}),_}var rd=b(()=>{r5()});import{t as vr}from"elysia";var td,sS;var od=b(()=>{td=vr.Object({email:vr.String({format:"email"}),password:vr.String({minLength:8}),confirmPassword:vr.Optional(vr.String({minLength:8}))}),sS=vr.Object({success:vr.Boolean(),message:vr.Optional(vr.String()),data:vr.Optional(vr.Object({user:vr.Object({id:vr.String(),email:vr.String()})}))})});import{eq as fS}from"drizzle-orm";import{Elysia as _S}from"elysia";function x0(n,r,t,o,c,i,a,e,s,f){let{db:d,logger:_,usersTable:w}=n,g=r.route||"/auth/register",u={accessTokenName:a?.accessTokenName||"access_token",refreshTokenName:a?.refreshTokenName||"refresh_token",sessionTokenName:a?.sessionTokenName||"session_token",accessTokenMaxAge:a?.accessTokenMaxAge||900,refreshTokenMaxAge:a?.refreshTokenMaxAge||604800,sessionTokenMaxAge:a?.sessionTokenMaxAge||900,secure:a?.secure??!0,httpOnly:a?.httpOnly??!0,sameSite:a?.sameSite||"strict",path:a?.path||"/"},m=new _S;if(!r.enabled)return m;return m.post(g,async(l)=>{if(!d||!w)return l.set.status=500,{success:!1,message:"Database not configured"};let{email:S,password:$,confirmPassword:E}=l.body;if(E&&$!==E)return l.set.status=400,{success:!1,message:"Passwords do not match"};let U=Kb($);if(!U.valid)return l.set.status=400,{success:!1,message:"Password too weak",errors:U.errors};let W=await d.select().from(w).where(fS(w.email,S)).limit(1),H=new URL(l.request.url),k=l.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||l.request.headers.get("x-real-ip")?.trim()||"unknown",D=l.request.headers.get("user-agent")||"unknown";if(W.length>0)return _.warn("[AUTH] Registration failed - email exists",{email:S}),_.audit({entityName:"users",operation:"REGISTER_FAILED",summary:`Registration failed: email already exists (${S})`,ipAddress:k,userAgent:D,path:H.pathname,query:H.search}),l.set.status=409,{success:!1,message:"Email already registered"};let A=await Xo($),h=r.emailVerification?.enabled&&s?.isAvailable(),R=h?Ve():null,B=r.emailVerification?.tokenExpiresIn||"24h",Y=h?new Date(Date.now()+Ic(B)):null,X={email:S,password:A};if(h&&R)X.emailVerificationToken=R,X.emailVerificationTokenExpiresAt=Y,X.emailVerificationSentAt=new Date,X.emailVerificationAttempts=1;let J=(await d.insert(w).values(X).returning())[0];if(_.info("[AUTH] Registration successful",{userId:J.id,email:S,emailVerificationEnabled:h}),_.audit({entityName:"users",entityId:J.id,operation:"REGISTER",userId:J.id,summary:`New user registered: ${S}`,ipAddress:k,userAgent:D,path:H.pathname,query:H.search}),h&&s&&R){let F=`${(r.emailVerification?.redirectUrl||"http://localhost:3000/login").replace("/login","/verify-email")}?token=${R}`;s.sendVerificationEmail(S,S.split("@")[0]||"User",F,f||"Nucleus").then((O)=>{if(O.success)_.info("[AUTH] Verification email sent",{email:S});else _.error("[AUTH] Failed to send verification email",{email:S,error:O.error})}).catch((O)=>{_.error("[AUTH] Failed to send verification email",{email:S,error:O})});let N=r.emailVerification?.resendCooldown||"60s",x=Ic(N)/1000,y=r.emailVerification?.maxResendAttempts||3;return{success:!0,message:"Registration successful. Please check your email to verify your account.",data:{user:{id:J.id,email:J.email},emailVerificationRequired:!0,verification:{cooldownSeconds:x,canResendAt:new Date(Date.now()+x*1000).toISOString(),attemptsRemaining:y-1,maxAttempts:y}}}}if(t)t(S,S.split("@")[0]||"User").catch((G)=>{_.error("[AUTH] Failed to send welcome email",{email:S,error:G})});if(o&&c&&i){let G=l.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||l.request.headers.get("x-real-ip")?.trim()||"unknown",F=l.request.headers.get("user-agent")||"",N=o(J.id),x=c(J.id),y=await i({userId:J.id,deviceInfo:{ipAddress:G,userAgent:F},loginMethod:"register"}),O={accessToken:{setHeadersEnabled:e?.accessToken?.setHeadersEnabled??!0,returnJson:e?.accessToken?.returnJson??!0},refreshToken:{setHeadersEnabled:e?.refreshToken?.setHeadersEnabled??!0,returnJson:e?.refreshToken?.returnJson??!0},sessionToken:{setHeadersEnabled:e?.sessionToken?.setHeadersEnabled??!0,returnJson:e?.sessionToken?.returnJson??!0}},q=u.secure?"; Secure":"",Z=`; Path=${u.path}; HttpOnly; SameSite=${u.sameSite}${q}`,nn=[];if(O.accessToken.setHeadersEnabled)nn.push(`${u.accessTokenName}=${N}${Z}; Max-Age=${u.accessTokenMaxAge}`);if(O.refreshToken.setHeadersEnabled)nn.push(`${u.refreshTokenName}=${x}${Z}; Max-Age=${u.refreshTokenMaxAge}`);if(O.sessionToken.setHeadersEnabled)nn.push(`${u.sessionTokenName}=${y}${Z}; Max-Age=${u.sessionTokenMaxAge}`);let j={user:{id:J.id,email:J.email}};if(O.accessToken.returnJson)j.accessToken=N;if(O.refreshToken.returnJson)j.refreshToken=x;if(O.sessionToken.returnJson)j.sessionId=y;let I=JSON.stringify({success:!0,data:j}),K=new Headers;K.set("Content-Type","application/json"),K.set("x-session-id",y);for(let tn of nn)K.append("Set-Cookie",tn);return new Response(I,{status:200,headers:K})}return{success:!0,data:{user:{id:J.id,email:J.email}}}},{body:td,detail:{tags:["Authentication"],summary:"Register",description:"Register a new user account"}}),m}var cd=b(()=>{od();pc();od()});import{t as an}from"elysia";var t5,lS,id,ad,yj;var ed=b(()=>{t5=an.Object({id:an.String(),deviceName:an.Optional(an.String()),deviceType:an.Optional(an.String()),browserName:an.Optional(an.String()),browserVersion:an.Optional(an.String()),osName:an.Optional(an.String()),osVersion:an.Optional(an.String()),ipAddress:an.String(),locationCountry:an.Optional(an.String()),locationCity:an.Optional(an.String()),lastActivityAt:an.String(),createdAt:an.String(),isCurrent:an.Boolean(),loginMethod:an.Optional(an.String()),trustScore:an.Optional(an.Number())}),lS=an.Object({success:an.Boolean(),data:an.Optional(an.Object({sessions:an.Array(t5),currentSessionId:an.Optional(an.String()),totalCount:an.Number()})),message:an.Optional(an.String())}),id=an.Object({reason:an.Optional(an.String())}),ad=an.Object({excludeCurrent:an.Optional(an.Boolean()),reason:an.Optional(an.String())}),yj=an.Object({success:an.Boolean(),data:an.Optional(an.Object({recentActivity:an.Array(an.Object({sessionId:an.String(),action:an.String(),ipAddress:an.String(),timestamp:an.String(),deviceInfo:an.Optional(an.String())}))})),message:an.Optional(an.String())})});function P0(n){let r=(o,c)=>n[o]??n[c],t=(o,c)=>{let i=n[o]??n[c];if(!i)return;return i instanceof Date?i.toISOString():String(i)};return{id:n.id,deviceName:r("device_name","deviceName"),deviceType:r("device_type","deviceType"),deviceFingerprint:r("device_fingerprint","deviceFingerprint"),browserName:r("browser_name","browserName"),browserVersion:r("browser_version","browserVersion"),osName:r("os_name","osName"),osVersion:r("os_version","osVersion"),ipAddress:r("ip_address","ipAddress"),locationCountry:r("location_country","locationCountry"),locationCity:r("location_city","locationCity"),lastActivityAt:t("last_activity_at","lastActivityAt"),createdAt:t("created_at","createdAt"),isCurrent:r("is_current","isCurrent"),loginMethod:r("login_method","loginMethod"),trustScore:r("trust_score","trustScore")}}var o5=()=>{};import{and as Zo,desc as c5,eq as Zn,isNull as i5}from"drizzle-orm";import{Elysia as dS}from"elysia";function C0(n,r,t){let{db:o,logger:c}=n,i=r.route||"/auth/sessions",a=new dS;if(!r.enabled||!t)return a;let e=t,s=(u)=>{let m=u.replace(/([A-Z])/g,"_$1").toLowerCase();return e[u]||e[m]};a.get(i,async(u)=>{if(!o)return{success:!1,message:"Database not configured"};let m=u.request.headers.get("x-user-id");if(!m)return{success:!1,message:"Authentication required"};let l=u.request.headers.get("x-session-id"),S=await o.select().from(t).where(Zo(Zn(s("userId"),m),Zn(s("isActive"),!0),i5(s("revokedAt")))).orderBy(c5(s("lastActivityAt"))),$=S.filter((U)=>{let W=U,H=(W.deviceFingerprint||"").toLowerCase(),k=W.ipAddress||"";return!((!H||H==="--"||H==="--unknown"||H.includes("bot/crawler")||H.includes("headless")||H.includes("unknown-unknown"))&&(k==="127.0.0.1"||k==="::1"||k==="localhost"||!k))}),E=$.map((U)=>{let W=U,H=P0(W);return H.isCurrent=W.id===l,H});return c.info("[AUTH] Sessions list retrieved",{userId:m,totalInDb:S.length,filteredCount:$.length,hiddenBotSessions:S.length-$.length}),{success:!0,data:{sessions:E,currentSessionId:l,totalCount:$.length}}},{detail:{tags:["Authentication"],summary:"List active sessions",description:"Get all active sessions for the current user"}}),a.get(`${i}/current`,async(u)=>{if(!o)return{success:!1,message:"Database not configured"};let m=u.request.headers.get("x-user-id"),l=u.request.headers.get("x-session-id");if(!m||!l)return{success:!1,message:"Authentication required"};let S=await o.select().from(t).where(Zn(s("id"),l)).limit(1);if(S.length===0)return{success:!1,message:"Session not found"};let $=S[0],E=P0($);return E.isCurrent=!0,{success:!0,data:E}},{detail:{tags:["Authentication"],summary:"Get current session",description:"Get details of the current session"}}),a.delete(`${i}/:sessionId`,async(u)=>{if(!o)return{success:!1,message:"Database not configured"};let m=u.request.headers.get("x-user-id");if(!m)return{success:!1,message:"Authentication required"};let{sessionId:l}=u.params,S=u.body,$=u.request.headers.get("x-session-id");if((await o.select().from(t).where(Zo(Zn(s("id"),l),Zn(s("userId"),m))).limit(1)).length===0)return{success:!1,message:"Session not found"};let U=l===$;await o.update(t).set({isActive:!1,revokedAt:new Date,revokedReason:U?"user_logout":S.reason||"user_revoked"}).where(Zn(s("id"),l)),c.info("[AUTH] Session revoked",{userId:m,sessionId:l,isCurrentSession:U,reason:S.reason||"user_revoked"});let W=new URL(u.request.url);return c.audit({entityName:"user_sessions",entityId:l,operation:U?"LOGOUT":"SESSION_REVOKE",userId:m||void 0,summary:U?"User logged out via session revoke":`Session revoked (${l.substring(0,8)}...)`,ipAddress:u.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||u.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:u.request.headers.get("user-agent")||"unknown",path:W.pathname,query:W.search}),{success:!0,message:U?"Logged out successfully":"Session revoked successfully"}},{body:id,detail:{tags:["Authentication"],summary:"Revoke session",description:"Revoke a specific session by ID"}}),a.delete(`${i}/all`,async(u)=>{if(!o)return{success:!1,message:"Database not configured"};let m=u.request.headers.get("x-user-id");if(!m)return{success:!1,message:"Authentication required"};let l=u.body,S=u.request.headers.get("x-session-id"),$=o.update(t).set({isActive:!1,revokedAt:new Date,revokedReason:l.reason||"user_revoked"}).where(Zo(Zn(s("userId"),m),Zn(s("isActive"),!0)));if(l.excludeCurrent&&S){let{ne:U}=await import("drizzle-orm");$=o.update(t).set({isActive:!1,revokedAt:new Date,revokedReason:l.reason||"user_revoked"}).where(Zo(Zn(s("userId"),m),Zn(s("isActive"),!0),U(s("id"),S)))}await $,c.info("[AUTH] All sessions revoked",{userId:m,excludeCurrent:l.excludeCurrent,reason:l.reason||"user_revoked"});let E=new URL(u.request.url);return c.audit({entityName:"user_sessions",operation:"SESSION_REVOKE_ALL",userId:m||void 0,summary:l.excludeCurrent?"All other sessions revoked":"All sessions revoked",ipAddress:u.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||u.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:u.request.headers.get("user-agent")||"unknown",path:E.pathname,query:E.search}),{success:!0,message:l.excludeCurrent?"All other sessions revoked successfully":"All sessions revoked successfully"}},{body:ad,detail:{tags:["Authentication"],summary:"Revoke all sessions",description:"Revoke all sessions for the current user (optionally exclude current)"}}),a.get(`${i}/stats`,async(u)=>{if(!o)return{success:!1,message:"Database not configured"};let m=u.request.headers.get("x-user-id");if(!m)return{success:!1,message:"Authentication required"};let{count:l,countDistinct:S}=await import("drizzle-orm"),$=await o.select({count:l()}).from(t).where(Zo(Zn(s("userId"),m),Zn(s("isActive"),!0),i5(s("revokedAt")))),E=await o.select({count:S(s("deviceFingerprint"))}).from(t).where(Zo(Zn(s("userId"),m),Zn(s("isActive"),!0))),U=await o.select({count:S(s("ipAddress"))}).from(t).where(Zo(Zn(s("userId"),m),Zn(s("isActive"),!0)));return{success:!0,data:{activeSessions:$[0]?.count||0,uniqueDevices:E[0]?.count||0,uniqueIpAddresses:U[0]?.count||0}}},{detail:{tags:["Authentication"],summary:"Session statistics",description:"Get session statistics for the current user"}});let f=86400000,d=(u,m,l)=>{let S=m?u==="approve"?"\u2705":"\uD83D\uDEAB":"\u274C",$=m?u==="approve"?"Device Approved":"Device Rejected":"Action Failed",E=r.brandName||"Nucleus";return`<!DOCTYPE html>
+								<p>This link expires in 7 days. If you don't want to set a password, you can always sign in with ${S}.</p>
+							`}),w.info("[OAUTH] Invite email sent to new OAuth user",{userId:B,email:z.email,provider:S})}catch(gn){w.warn("[OAUTH] Failed to send invite email",{userId:B,error:gn})}}await _.update(g).set({lastLoginAt:new Date}).where(Or(g.id,B));let J=$.request.headers.get("cf-connecting-ip")?.trim()||$.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||$.request.headers.get("x-real-ip")?.trim()||"127.0.0.1",G=$.request.headers.get("user-agent")||"Unknown Browser",F=Oe(G,J),N=t(B),x=o(B),y=$.request.headers.get("origin")||$.request.headers.get("referer")?.replace(/\/[^/]*$/,"")||void 0,O={userId:B,deviceInfo:F,loginMethod:`oauth:${S}`,rememberMe:!0,requestOrigin:y},q=await c(O),Z=!1;if(i){if((await i(q,O))?.requiresApproval)Z=!0}if(Z){w.info("[OAUTH] Login requires device approval",{userId:B,provider:S});let ln=h.redirectUrl||r.successRedirectUrl;return $.set.status=302,$.set.headers.Location=`${ln}?requires_approval=true&provider=${S}`,null}await w.audit({entityName:"users",entityId:B,operation:"LOGIN",userId:B,summary:`${z.email??z.providerAccountId} logged in via OAuth (${S})`,ipAddress:J,userAgent:G,path:`${u}/${S}/callback`,query:""});let nn=m.secure?"; Secure":"",j=m.domain?`; Domain=${m.domain}`:"",I=`; Path=${m.path}; HttpOnly; SameSite=${m.sameSite}${nn}${j}`,K=[];if(l.accessToken.setHeadersEnabled)K.push(`${m.accessTokenName}=${N}${I}; Max-Age=${m.accessTokenMaxAge}`);if(l.refreshToken.setHeadersEnabled)K.push(`${m.refreshTokenName}=${x}${I}; Max-Age=${m.refreshTokenMaxAge}`);if(l.sessionToken.setHeadersEnabled)K.push(`${m.sessionTokenName}=${q}${I}; Max-Age=${m.sessionTokenMaxAge}`);let tn=h.redirectUrl||r.successRedirectUrl,wn=new Headers;wn.set("Location",tn);for(let ln of K)wn.append("Set-Cookie",ln);return new Response(null,{status:302,headers:wn})},{detail:{tags:["Authentication"],summary:"OAuth Callback",description:"Handles the OAuth provider callback, creates session and sets cookies"}}),E.get(`${u}/providers`,()=>{return{success:!0,data:{providers:r.getEnabledProviders()}}},{detail:{tags:["Authentication"],summary:"List OAuth Providers",description:"Returns the list of enabled OAuth providers"}}),E.get(`${u}/link/:provider`,async($)=>{let S=$.params.provider;if(!r.isProviderEnabled(S))return $.set.status=404,{success:!1,message:`OAuth provider "${S}" is not enabled`};if(!r.allowAccountLinking)return $.set.status=403,{success:!1,message:"Account linking is disabled"};let U=$.request.headers.get("x-user-id");if(!U)return $.set.status=401,{success:!1,message:"Authentication required to link accounts"};let W=$.query.redirect_url,H=r.buildAuthorizationUrl(S,U,W);return $.set.status=302,$.set.headers.Location=H,null},{detail:{tags:["Authentication"],summary:"Link OAuth Account",description:"Redirects to provider to link an OAuth account to the current user"}}),E.delete(`${u}/unlink/:provider`,async($)=>{let S=$.params.provider,U=$.request.headers.get("x-user-id");if(!U)return $.set.status=401,{success:!1,message:"Authentication required"};if(!_)return $.set.status=500,{success:!1,message:"Database not configured"};let W=n.oauthAccountsTable;if(!W)return $.set.status=500,{success:!1,message:"OAuth accounts table not configured"};if((await _.select().from(W).where(L0(Or(W.userId,U),Or(W.provider,S))).limit(1)).length===0)return{success:!1,message:`No linked ${S} account found`};let A=!!(await _.select().from(g).where(Or(g.id,U)).limit(1))[0]?.password,h=await _.select().from(W).where(Or(W.userId,U));if(!A&&h.length<=1)return $.set.status=400,{success:!1,message:"Cannot unlink the only login method. Set a password first."};return await _.delete(W).where(L0(Or(W.userId,U),Or(W.provider,S))),w.info("[OAUTH] Account unlinked",{userId:U,provider:S}),{success:!0,message:`${S} account unlinked successfully`}},{detail:{tags:["Authentication"],summary:"Unlink OAuth Account",description:"Removes a linked OAuth account from the current user"}}),E.get(`${u}/accounts`,async($)=>{let S=$.request.headers.get("x-user-id");if(!S)return $.set.status=401,{success:!1,message:"Authentication required"};if(!_)return $.set.status=500,{success:!1,message:"Database not configured"};let U=n.oauthAccountsTable;if(!U)return{success:!0,data:{accounts:[]}};return{success:!0,data:{accounts:(await _.select().from(U).where(Or(U.userId,S))).map((k)=>({id:k.id,provider:k.provider,providerEmail:k.providerEmail,providerName:k.providerName,providerAvatarUrl:k.providerAvatarUrl,isPrimary:k.isPrimary,lastUsedAt:k.lastUsedAt,createdAt:k.createdAt}))}}},{detail:{tags:["Authentication"],summary:"List Linked OAuth Accounts",description:"Returns all OAuth accounts linked to the current user"}}),E}var v2=b(()=>{Ne();yi()});import{t as vo}from"elysia";var Fl,T8;var jl=b(()=>{Fl=vo.Object({currentPassword:vo.String({minLength:1}),newPassword:vo.String({minLength:8}),confirmPassword:vo.String({minLength:8})}),T8=vo.Object({success:vo.Boolean(),message:vo.Optional(vo.String())})});function Z2(n,r){return n===r}import{eq as I2}from"drizzle-orm";import{Elysia as nS}from"elysia";function Q0(n,r){let{db:t,logger:o,usersTable:c}=n,i=r.route||"/auth/password-change",a=new nS;if(!r.enabled)return a;return a.post(i,async(e)=>{if(!t||!c)return e.set.status=500,{success:!1,message:"Database not configured"};let s=e.request.headers.get("x-user-id");if(!s)return e.set.status=401,{success:!1,message:"Authentication required"};let{currentPassword:f,newPassword:d,confirmPassword:_}=e.body;if(!Z2(d,_))return e.set.status=422,{success:!1,message:"New passwords do not match"};let g=(await t.select().from(c).where(I2(c.id,s)).limit(1))[0];if(!g)return e.set.status=404,{success:!1,message:"User not found"};let u=await Ge(f,g.password),m=new URL(e.request.url),l=e.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||e.request.headers.get("x-real-ip")?.trim()||"unknown",E=e.request.headers.get("user-agent")||"unknown";if(!u)return o.warn("[AUTH] Password change failed - invalid current password",{userId:s}),o.audit({entityName:"users",entityId:s,operation:"PASSWORD_CHANGE_FAILED",userId:s,summary:"Password change failed: invalid current password",ipAddress:l,userAgent:E,path:m.pathname,query:m.search}),e.set.status=400,{success:!1,message:"Current password is incorrect"};let $=await Xo(d);return await t.update(c).set({password:$,updatedAt:new Date}).where(I2(c.id,s)),o.info("[AUTH] Password change successful",{userId:s}),o.audit({entityName:"users",entityId:s,operation:"PASSWORD_CHANGE",userId:s,summary:"Password changed successfully",ipAddress:l,userAgent:E,path:m.pathname,query:m.search}),{success:!0,message:"Password changed successfully"}},{body:Fl,detail:{tags:["Authentication"],summary:"Change Password",description:"Change password for authenticated user"}}),a}var ql=b(()=>{Ne();pc();jl();jl()});import{t as Zt}from"elysia";var Kl,vl,rS;var Zl=b(()=>{Kl=Zt.Object({email:Zt.String({format:"email"})}),vl=Zt.Object({token:Zt.String(),newPassword:Zt.String({minLength:8}),confirmPassword:Zt.String({minLength:8})}),rS=Zt.Object({success:Zt.Boolean(),message:Zt.Optional(Zt.String())})});import{randomBytes as tS}from"crypto";function p2(){return tS(32).toString("hex")}function y2(n){return new Date>n}var T2=()=>{};import{Elysia as oS}from"elysia";function G0(n,r,t,o,c,i){let{db:a,logger:e,usersTable:s}=n,f=r.route||"/auth/password-reset",d=new oS;if(!r.enabled)return d;return d.post(`${f}/request`,async(_)=>{if(!a||!s)return{success:!1,message:"Database not configured"};let{email:w}=_.body,{eq:g}=await import("drizzle-orm"),m=(await a.select().from(s).where(g(s.email,w)).limit(1))[0];if(!m)return{success:!0,message:"If email exists, reset link will be sent"};let l=p2(),E=new Date(Date.now()+3600000);if(await t(m.id,l,E),i)try{await i(w,l),e.info("[AUTH] Password reset email sent",{email:w})}catch(S){e.error("[AUTH] Failed to send password reset email",{email:w,error:S})}else e.warn("[AUTH] sendResetEmail not configured - email not sent",{email:w});e.info("[AUTH] Password reset requested",{userId:m.id,email:w});let $=new URL(_.request.url);return e.audit({entityName:"users",entityId:m.id,operation:"PASSWORD_RESET_REQUEST",userId:m.id,summary:`Password reset requested for ${w}`,ipAddress:_.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||_.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:_.request.headers.get("user-agent")||"unknown",path:$.pathname,query:$.search}),{success:!0,message:"If email exists, reset link will be sent"}},{body:Kl,detail:{tags:["Authentication"],summary:"Request Password Reset",description:"Request a password reset email"}}),d.post(`${f}/confirm`,async(_)=>{if(!a||!s)return{success:!1,message:"Database not configured"};let{token:w,newPassword:g,confirmPassword:u}=_.body;if(g!==u)return{success:!1,message:"Passwords do not match"};let m=await o(w);if(!m)return{success:!1,message:"Invalid or expired reset token"};if(y2(m.expiresAt))return await c(w),{success:!1,message:"Reset token has expired"};let l=await Xo(g),{eq:E}=await import("drizzle-orm");await a.update(s).set({password:l}).where(E(s.id,m.userId)),await c(w),e.info("[AUTH] Password reset successful",{userId:m.userId});let $=new URL(_.request.url);return e.audit({entityName:"users",entityId:m.userId,operation:"PASSWORD_RESET",userId:m.userId,summary:"Password reset completed successfully",ipAddress:_.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||_.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:_.request.headers.get("user-agent")||"unknown",path:$.pathname,query:$.search}),{success:!0,message:"Password has been reset"}},{body:vl,detail:{tags:["Authentication"],summary:"Confirm Password Reset",description:"Reset password with token"}}),d}var Il=b(()=>{pc();Zl();T2();Zl()});import{t as $o}from"elysia";var pl,cS;var yl=b(()=>{pl=$o.Object({newPassword:$o.String({minLength:8}),userId:$o.Optional($o.String()),token:$o.Optional($o.String())}),cS=$o.Object({success:$o.Boolean(),message:$o.String()})});import{eq as n5}from"drizzle-orm";import{Elysia as iS}from"elysia";function O0(n,r,t,o){let{db:c,logger:i,usersTable:a}=n,e=r.route||"/auth/password-set",s=new iS;if(!r.enabled)return s;return s.post(e,async(f)=>{if(i.info("[AUTH] Password set request received"),!c||!a)return i.error("[AUTH] Password set failed - database not configured"),{success:!1,message:"Database not configured"};let{newPassword:d,userId:_,token:w}=f.body,g=_;if(w&&t&&o){let $=Mt(w),S=await t($);if(!S)return i.warn("[AUTH] Password set failed - invalid token"),{success:!1,message:"Invalid or expired token"};if(new Date>S.expiresAt)return await o($),i.warn("[AUTH] Password set failed - expired token",{email:S.email}),{success:!1,message:"Invalid or expired token"};g=S.userId,i.info("[AUTH] Password set - userId resolved from token",{userId:g,email:S.email})}if(!g)return i.warn("[AUTH] Password set failed - no userId in payload or token"),{success:!1,message:"User ID or token required"};let m=(await c.select().from(a).where(n5(a.id,g)).limit(1))[0];if(i.info("[AUTH] Password set - user found",{found:!!m,hasPassword:!!m?.password}),!m)return{success:!1,message:"User not found"};if(m.password)return i.warn("[AUTH] Password set failed - user already has password",{userId:g}),{success:!1,message:"Password already set. Use password change instead."};let l=await Xo(d);i.info("[AUTH] Password set - updating user with verifiedAt",{userId:g});let E=await c.update(a).set({password:l,verifiedAt:new Date,updatedAt:new Date}).where(n5(a.id,g));if(i.info("[AUTH] Password set successful for invited user",{userId:g,updateResult:E}),w&&o){let $=Mt(w);await o($),i.info("[AUTH] Invite token consumed after password set",{userId:g})}return{success:!0,message:"Password set successfully"}},{body:pl,detail:{tags:["Authentication"],summary:"Set Password",description:"Set password for the first time (for invited users who do not have a password yet)"}}),s}var Tl=b(()=>{yi();pc();yl();yl()});function nd(n){let r=n.match(/^(\d+)([smhd])$/);if(!r)return 900;let t=r[1],o=r[2];if(!t||!o)return 900;let c=parseInt(t,10);switch(o){case"s":return c;case"m":return c*60;case"h":return c*3600;case"d":return c*86400;default:return 900}}import{t as kc}from"elysia";var aS;var r5=b(()=>{aS=kc.Object({success:kc.Boolean(),message:kc.Optional(kc.String()),data:kc.Optional(kc.Object({accessToken:kc.String()}))})});import{Elysia as eS}from"elysia";function N0(n,r,t,o,c,i,a,e){let{logger:s,authentication:f}=n,d=r.route||"/auth/refresh",_=new eS;if(!r.enabled)return _;return _.post(d,async(w)=>{let g=f?.refreshToken?.name||"refresh_token",u=f?.accessToken?.name||"access_token",m=w.request.headers.get("x-refresh-token");if(!m){let x=w.request.headers.get("cookie");if(x)m=x.split(";").reduce((O,q)=>{let[Z,nn]=q.trim().split("=");if(Z&&nn)O[Z]=nn;return O},{})[g]||null}if(!m)return w.set.status=401,{success:!1,message:"Refresh token required"};let l=t(m);if(!l.valid||!l.payload)return s.warn("[AUTH] Refresh failed - invalid token"),w.set.status=401,{success:!1,message:"Invalid refresh token"};let E=l.payload.sub,$=o(E),S=c?c(E):null,U=i?.accessToken?.setHeadersEnabled??!0,W=i?.accessToken?.returnJson??!0,H=i?.refreshToken?.setHeadersEnabled??!0,k=i?.refreshToken?.returnJson??!1,D=f?.accessToken?.expiresIn||"15m",A=Math.max(0,nd(D)-(a??0)),h=f?.refreshToken?.expiresIn||"7d",R=nd(h),z=new Headers;z.set("Content-Type","application/json");let V=e?.path||"/",Q=e?.sameSite||"Strict",B=e?.secure!==!1?"; Secure":"",J=e?.domain?`; Domain=${e.domain}`:"",G=`; Path=${V}; HttpOnly; SameSite=${Q}${B}${J}`;if(U)z.append("Set-Cookie",`${u}=${$}${G}; Max-Age=${A}`);if(S&&H)z.append("Set-Cookie",`${g}=${S}${G}; Max-Age=${R}`);s.info("[AUTH] Token refresh successful",{userId:E,rotatedRefreshToken:!!S});let F={};if(W)F.accessToken=$;if(S&&k)F.refreshToken=S;let N=JSON.stringify({success:!0,data:F});return new Response(N,{status:200,headers:z})},{detail:{tags:["Authentication"],summary:"Refresh Token",description:"Get new access token using refresh token"}}),_}var rd=b(()=>{r5()});import{t as vr}from"elysia";var td,sS;var od=b(()=>{td=vr.Object({email:vr.String({format:"email"}),password:vr.String({minLength:8}),confirmPassword:vr.Optional(vr.String({minLength:8}))}),sS=vr.Object({success:vr.Boolean(),message:vr.Optional(vr.String()),data:vr.Optional(vr.Object({user:vr.Object({id:vr.String(),email:vr.String()})}))})});import{eq as fS}from"drizzle-orm";import{Elysia as _S}from"elysia";function x0(n,r,t,o,c,i,a,e,s,f){let{db:d,logger:_,usersTable:w}=n,g=r.route||"/auth/register",u={accessTokenName:a?.accessTokenName||"access_token",refreshTokenName:a?.refreshTokenName||"refresh_token",sessionTokenName:a?.sessionTokenName||"session_token",accessTokenMaxAge:a?.accessTokenMaxAge||900,refreshTokenMaxAge:a?.refreshTokenMaxAge||604800,sessionTokenMaxAge:a?.sessionTokenMaxAge||900,secure:a?.secure??!0,httpOnly:a?.httpOnly??!0,sameSite:a?.sameSite||"strict",path:a?.path||"/"},m=new _S;if(!r.enabled)return m;return m.post(g,async(l)=>{if(!d||!w)return l.set.status=500,{success:!1,message:"Database not configured"};let{email:E,password:$,confirmPassword:S}=l.body;if(S&&$!==S)return l.set.status=400,{success:!1,message:"Passwords do not match"};let U=Kb($);if(!U.valid)return l.set.status=400,{success:!1,message:"Password too weak",errors:U.errors};let W=await d.select().from(w).where(fS(w.email,E)).limit(1),H=new URL(l.request.url),k=l.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||l.request.headers.get("x-real-ip")?.trim()||"unknown",D=l.request.headers.get("user-agent")||"unknown";if(W.length>0)return _.warn("[AUTH] Registration failed - email exists",{email:E}),_.audit({entityName:"users",operation:"REGISTER_FAILED",summary:`Registration failed: email already exists (${E})`,ipAddress:k,userAgent:D,path:H.pathname,query:H.search}),l.set.status=409,{success:!1,message:"Email already registered"};let A=await Xo($),h=r.emailVerification?.enabled&&s?.isAvailable(),R=h?Ve():null,z=r.emailVerification?.tokenExpiresIn||"24h",V=h?new Date(Date.now()+Ic(z)):null,Q={email:E,password:A};if(h&&R)Q.emailVerificationToken=R,Q.emailVerificationTokenExpiresAt=V,Q.emailVerificationSentAt=new Date,Q.emailVerificationAttempts=1;let J=(await d.insert(w).values(Q).returning())[0];if(_.info("[AUTH] Registration successful",{userId:J.id,email:E,emailVerificationEnabled:h}),_.audit({entityName:"users",entityId:J.id,operation:"REGISTER",userId:J.id,summary:`New user registered: ${E}`,ipAddress:k,userAgent:D,path:H.pathname,query:H.search}),h&&s&&R){let F=`${(r.emailVerification?.redirectUrl||"http://localhost:3000/login").replace("/login","/verify-email")}?token=${R}`;s.sendVerificationEmail(E,E.split("@")[0]||"User",F,f||"Nucleus").then((O)=>{if(O.success)_.info("[AUTH] Verification email sent",{email:E});else _.error("[AUTH] Failed to send verification email",{email:E,error:O.error})}).catch((O)=>{_.error("[AUTH] Failed to send verification email",{email:E,error:O})});let N=r.emailVerification?.resendCooldown||"60s",x=Ic(N)/1000,y=r.emailVerification?.maxResendAttempts||3;return{success:!0,message:"Registration successful. Please check your email to verify your account.",data:{user:{id:J.id,email:J.email},emailVerificationRequired:!0,verification:{cooldownSeconds:x,canResendAt:new Date(Date.now()+x*1000).toISOString(),attemptsRemaining:y-1,maxAttempts:y}}}}if(t)t(E,E.split("@")[0]||"User").catch((G)=>{_.error("[AUTH] Failed to send welcome email",{email:E,error:G})});if(o&&c&&i){let G=l.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||l.request.headers.get("x-real-ip")?.trim()||"unknown",F=l.request.headers.get("user-agent")||"",N=o(J.id),x=c(J.id),y=await i({userId:J.id,deviceInfo:{ipAddress:G,userAgent:F},loginMethod:"register"}),O={accessToken:{setHeadersEnabled:e?.accessToken?.setHeadersEnabled??!0,returnJson:e?.accessToken?.returnJson??!0},refreshToken:{setHeadersEnabled:e?.refreshToken?.setHeadersEnabled??!0,returnJson:e?.refreshToken?.returnJson??!0},sessionToken:{setHeadersEnabled:e?.sessionToken?.setHeadersEnabled??!0,returnJson:e?.sessionToken?.returnJson??!0}},q=u.secure?"; Secure":"",Z=`; Path=${u.path}; HttpOnly; SameSite=${u.sameSite}${q}`,nn=[];if(O.accessToken.setHeadersEnabled)nn.push(`${u.accessTokenName}=${N}${Z}; Max-Age=${u.accessTokenMaxAge}`);if(O.refreshToken.setHeadersEnabled)nn.push(`${u.refreshTokenName}=${x}${Z}; Max-Age=${u.refreshTokenMaxAge}`);if(O.sessionToken.setHeadersEnabled)nn.push(`${u.sessionTokenName}=${y}${Z}; Max-Age=${u.sessionTokenMaxAge}`);let j={user:{id:J.id,email:J.email}};if(O.accessToken.returnJson)j.accessToken=N;if(O.refreshToken.returnJson)j.refreshToken=x;if(O.sessionToken.returnJson)j.sessionId=y;let I=JSON.stringify({success:!0,data:j}),K=new Headers;K.set("Content-Type","application/json"),K.set("x-session-id",y);for(let tn of nn)K.append("Set-Cookie",tn);return new Response(I,{status:200,headers:K})}return{success:!0,data:{user:{id:J.id,email:J.email}}}},{body:td,detail:{tags:["Authentication"],summary:"Register",description:"Register a new user account"}}),m}var cd=b(()=>{od();pc();od()});import{t as an}from"elysia";var t5,lS,id,ad,yj;var ed=b(()=>{t5=an.Object({id:an.String(),deviceName:an.Optional(an.String()),deviceType:an.Optional(an.String()),browserName:an.Optional(an.String()),browserVersion:an.Optional(an.String()),osName:an.Optional(an.String()),osVersion:an.Optional(an.String()),ipAddress:an.String(),locationCountry:an.Optional(an.String()),locationCity:an.Optional(an.String()),lastActivityAt:an.String(),createdAt:an.String(),isCurrent:an.Boolean(),loginMethod:an.Optional(an.String()),trustScore:an.Optional(an.Number())}),lS=an.Object({success:an.Boolean(),data:an.Optional(an.Object({sessions:an.Array(t5),currentSessionId:an.Optional(an.String()),totalCount:an.Number()})),message:an.Optional(an.String())}),id=an.Object({reason:an.Optional(an.String())}),ad=an.Object({excludeCurrent:an.Optional(an.Boolean()),reason:an.Optional(an.String())}),yj=an.Object({success:an.Boolean(),data:an.Optional(an.Object({recentActivity:an.Array(an.Object({sessionId:an.String(),action:an.String(),ipAddress:an.String(),timestamp:an.String(),deviceInfo:an.Optional(an.String())}))})),message:an.Optional(an.String())})});function P0(n){let r=(o,c)=>n[o]??n[c],t=(o,c)=>{let i=n[o]??n[c];if(!i)return;return i instanceof Date?i.toISOString():String(i)};return{id:n.id,deviceName:r("device_name","deviceName"),deviceType:r("device_type","deviceType"),deviceFingerprint:r("device_fingerprint","deviceFingerprint"),browserName:r("browser_name","browserName"),browserVersion:r("browser_version","browserVersion"),osName:r("os_name","osName"),osVersion:r("os_version","osVersion"),ipAddress:r("ip_address","ipAddress"),locationCountry:r("location_country","locationCountry"),locationCity:r("location_city","locationCity"),lastActivityAt:t("last_activity_at","lastActivityAt"),createdAt:t("created_at","createdAt"),isCurrent:r("is_current","isCurrent"),loginMethod:r("login_method","loginMethod"),trustScore:r("trust_score","trustScore")}}var o5=()=>{};import{and as Zo,desc as c5,eq as Zn,isNull as i5}from"drizzle-orm";import{Elysia as dS}from"elysia";function C0(n,r,t){let{db:o,logger:c}=n,i=r.route||"/auth/sessions",a=new dS;if(!r.enabled||!t)return a;let e=t,s=(u)=>{let m=u.replace(/([A-Z])/g,"_$1").toLowerCase();return e[u]||e[m]};a.get(i,async(u)=>{if(!o)return{success:!1,message:"Database not configured"};let m=u.request.headers.get("x-user-id");if(!m)return{success:!1,message:"Authentication required"};let l=u.request.headers.get("x-session-id"),E=await o.select().from(t).where(Zo(Zn(s("userId"),m),Zn(s("isActive"),!0),i5(s("revokedAt")))).orderBy(c5(s("lastActivityAt"))),$=E.filter((U)=>{let W=U,H=(W.deviceFingerprint||"").toLowerCase(),k=W.ipAddress||"";return!((!H||H==="--"||H==="--unknown"||H.includes("bot/crawler")||H.includes("headless")||H.includes("unknown-unknown"))&&(k==="127.0.0.1"||k==="::1"||k==="localhost"||!k))}),S=$.map((U)=>{let W=U,H=P0(W);return H.isCurrent=W.id===l,H});return c.info("[AUTH] Sessions list retrieved",{userId:m,totalInDb:E.length,filteredCount:$.length,hiddenBotSessions:E.length-$.length}),{success:!0,data:{sessions:S,currentSessionId:l,totalCount:$.length}}},{detail:{tags:["Authentication"],summary:"List active sessions",description:"Get all active sessions for the current user"}}),a.get(`${i}/current`,async(u)=>{if(!o)return{success:!1,message:"Database not configured"};let m=u.request.headers.get("x-user-id"),l=u.request.headers.get("x-session-id");if(!m||!l)return{success:!1,message:"Authentication required"};let E=await o.select().from(t).where(Zn(s("id"),l)).limit(1);if(E.length===0)return{success:!1,message:"Session not found"};let $=E[0],S=P0($);return S.isCurrent=!0,{success:!0,data:S}},{detail:{tags:["Authentication"],summary:"Get current session",description:"Get details of the current session"}}),a.delete(`${i}/:sessionId`,async(u)=>{if(!o)return{success:!1,message:"Database not configured"};let m=u.request.headers.get("x-user-id");if(!m)return{success:!1,message:"Authentication required"};let{sessionId:l}=u.params,E=u.body,$=u.request.headers.get("x-session-id");if((await o.select().from(t).where(Zo(Zn(s("id"),l),Zn(s("userId"),m))).limit(1)).length===0)return{success:!1,message:"Session not found"};let U=l===$;await o.update(t).set({isActive:!1,revokedAt:new Date,revokedReason:U?"user_logout":E.reason||"user_revoked"}).where(Zn(s("id"),l)),c.info("[AUTH] Session revoked",{userId:m,sessionId:l,isCurrentSession:U,reason:E.reason||"user_revoked"});let W=new URL(u.request.url);return c.audit({entityName:"user_sessions",entityId:l,operation:U?"LOGOUT":"SESSION_REVOKE",userId:m||void 0,summary:U?"User logged out via session revoke":`Session revoked (${l.substring(0,8)}...)`,ipAddress:u.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||u.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:u.request.headers.get("user-agent")||"unknown",path:W.pathname,query:W.search}),{success:!0,message:U?"Logged out successfully":"Session revoked successfully"}},{body:id,detail:{tags:["Authentication"],summary:"Revoke session",description:"Revoke a specific session by ID"}}),a.delete(`${i}/all`,async(u)=>{if(!o)return{success:!1,message:"Database not configured"};let m=u.request.headers.get("x-user-id");if(!m)return{success:!1,message:"Authentication required"};let l=u.body,E=u.request.headers.get("x-session-id"),$=o.update(t).set({isActive:!1,revokedAt:new Date,revokedReason:l.reason||"user_revoked"}).where(Zo(Zn(s("userId"),m),Zn(s("isActive"),!0)));if(l.excludeCurrent&&E){let{ne:U}=await import("drizzle-orm");$=o.update(t).set({isActive:!1,revokedAt:new Date,revokedReason:l.reason||"user_revoked"}).where(Zo(Zn(s("userId"),m),Zn(s("isActive"),!0),U(s("id"),E)))}await $,c.info("[AUTH] All sessions revoked",{userId:m,excludeCurrent:l.excludeCurrent,reason:l.reason||"user_revoked"});let S=new URL(u.request.url);return c.audit({entityName:"user_sessions",operation:"SESSION_REVOKE_ALL",userId:m||void 0,summary:l.excludeCurrent?"All other sessions revoked":"All sessions revoked",ipAddress:u.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||u.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:u.request.headers.get("user-agent")||"unknown",path:S.pathname,query:S.search}),{success:!0,message:l.excludeCurrent?"All other sessions revoked successfully":"All sessions revoked successfully"}},{body:ad,detail:{tags:["Authentication"],summary:"Revoke all sessions",description:"Revoke all sessions for the current user (optionally exclude current)"}}),a.get(`${i}/stats`,async(u)=>{if(!o)return{success:!1,message:"Database not configured"};let m=u.request.headers.get("x-user-id");if(!m)return{success:!1,message:"Authentication required"};let{count:l,countDistinct:E}=await import("drizzle-orm"),$=await o.select({count:l()}).from(t).where(Zo(Zn(s("userId"),m),Zn(s("isActive"),!0),i5(s("revokedAt")))),S=await o.select({count:E(s("deviceFingerprint"))}).from(t).where(Zo(Zn(s("userId"),m),Zn(s("isActive"),!0))),U=await o.select({count:E(s("ipAddress"))}).from(t).where(Zo(Zn(s("userId"),m),Zn(s("isActive"),!0)));return{success:!0,data:{activeSessions:$[0]?.count||0,uniqueDevices:S[0]?.count||0,uniqueIpAddresses:U[0]?.count||0}}},{detail:{tags:["Authentication"],summary:"Session statistics",description:"Get session statistics for the current user"}});let f=86400000,d=(u,m,l)=>{let E=m?u==="approve"?"\u2705":"\uD83D\uDEAB":"\u274C",$=m?u==="approve"?"Device Approved":"Device Rejected":"Action Failed",S=r.brandName||"Nucleus";return`<!DOCTYPE html>
 <html><head><meta charset="utf-8"><meta name="viewport" content="width=device-width,initial-scale=1.0">
-<title>${$} \u2014 ${E}</title>
+<title>${$} \u2014 ${S}</title>
 <style>*{box-sizing:border-box}body{margin:0;padding:0;background-color:#f4f4f5;font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',Roboto,sans-serif;}</style>
 </head><body>
 <table width="100%" cellpadding="0" cellspacing="0" style="background-color:#f4f4f5;padding:40px 20px;min-height:100vh;">
 <tr><td align="center" valign="top">
 <table width="100%" cellpadding="0" cellspacing="0" style="max-width:480px;background-color:#ffffff;border-radius:12px;overflow:hidden;box-shadow:0 1px 3px rgba(0,0,0,0.1);">
 <tr><td style="background-color:#18181b;padding:20px 24px;">
-  <h1 style="margin:0;color:#fbbf24;font-size:18px;font-weight:700;letter-spacing:-0.02em;">${E}</h1>
+  <h1 style="margin:0;color:#fbbf24;font-size:18px;font-weight:700;letter-spacing:-0.02em;">${S}</h1>
 </td></tr>
 <tr><td style="padding:32px;text-align:center;">
-  <div style="font-size:48px;margin-bottom:16px;">${S}</div>
+  <div style="font-size:48px;margin-bottom:16px;">${E}</div>
   <h2 style="margin:0 0 8px;color:#111827;font-size:20px;font-weight:700;">${$}</h2>
   <p style="margin:0;color:#6b7280;font-size:14px;line-height:1.6;">${l}</p>
   <p style="margin:24px 0 0;color:#9ca3af;font-size:12px;">You can close this tab now.</p>
@@ -123,22 +123,22 @@ var l5=Object.create;var{getPrototypeOf:d5,defineProperty:Si,getOwnPropertyNames
 </table>
 </td></tr>
 </table>
-</body></html>`},_=async(u)=>{if((u.request.headers.get("content-type")||"").includes("application/x-www-form-urlencoded")){let S=await u.request.clone().text();return{token:new URLSearchParams(S).get("token"),isFormSubmission:!0}}return{token:u.body?.token||null,isFormSubmission:!1}};a.post(`${i}/approve`,async(u)=>{if(!o)return{success:!1,message:"Database not configured"};let{token:m,isFormSubmission:l}=await _(u);if(!m){if(l)return new Response(d("approve",!1,"Token is required"),{status:400,headers:{"Content-Type":"text/html; charset=utf-8"}});return{success:!1,message:"Token is required"}}let S=await o.select().from(t).where(Zn(s("approvalToken"),m)).limit(1);if(S.length===0){if(l)return new Response(d("approve",!1,"This approval link is invalid or has already been used."),{status:404,headers:{"Content-Type":"text/html; charset=utf-8"}});return{success:!1,message:"Invalid or expired approval token"}}let $=S[0];if($.approvalStatus!=="pending"){if(l)return new Response(d("approve",!0,"This device has already been processed."),{status:200,headers:{"Content-Type":"text/html; charset=utf-8"}});return{success:!1,message:"Session already processed"}}let E=$.approvalRequestedAt||$.approval_requested_at;if(E){let U=new Date(E).getTime();if(Date.now()-U>f){await o.update(t).set({approvalStatus:"rejected",isActive:!1,revokedAt:new Date,revokedReason:"approval_token_expired",approvalRespondedAt:new Date,approvalToken:null}).where(Zn(s("id"),$.id)),c.info("[AUTH] Approval token expired",{sessionId:$.id});let W="This approval link has expired (24h limit). Please log in again.";if(l)return new Response(d("approve",!1,W),{status:410,headers:{"Content-Type":"text/html; charset=utf-8"}});return{success:!1,message:W}}}if(await o.update(t).set({approvalStatus:"approved",isActive:!0,approvalRespondedAt:new Date,approvalToken:null}).where(Zn(s("id"),$.id)),c.info("[AUTH] Device approved",{sessionId:$.id,userId:$.userId}),l)return new Response(d("approve",!0,"The device has been approved and can now access the account."),{status:200,headers:{"Content-Type":"text/html; charset=utf-8"}});return{success:!0,message:"Device approved successfully"}},{detail:{tags:["Authentication"],summary:"Approve pending device",description:"Approve a pending device login request"}}),a.post(`${i}/reject`,async(u)=>{if(!o)return{success:!1,message:"Database not configured"};let{token:m,isFormSubmission:l}=await _(u);if(!m){if(l)return new Response(d("reject",!1,"Token is required"),{status:400,headers:{"Content-Type":"text/html; charset=utf-8"}});return{success:!1,message:"Token is required"}}let S=await o.select().from(t).where(Zn(s("approvalToken"),m)).limit(1);if(S.length===0){if(l)return new Response(d("reject",!1,"This approval link is invalid or has already been used."),{status:404,headers:{"Content-Type":"text/html; charset=utf-8"}});return{success:!1,message:"Invalid or expired approval token"}}let $=S[0];if($.approvalStatus!=="pending"){if(l)return new Response(d("reject",!0,"This device has already been processed."),{status:200,headers:{"Content-Type":"text/html; charset=utf-8"}});return{success:!1,message:"Session already processed"}}let E=$.approvalRequestedAt||$.approval_requested_at,U=E?Date.now()-new Date(E).getTime()>f:!1;await o.update(t).set({approvalStatus:"rejected",isActive:!1,revokedAt:new Date,revokedReason:U?"approval_token_expired":"user_rejected",approvalRespondedAt:new Date,approvalToken:null}).where(Zn(s("id"),$.id)),c.info("[AUTH] Device rejected",{sessionId:$.id,userId:$.userId,isExpired:U});let W=U?"Approval link has expired. The session was automatically rejected.":"Device rejected and blocked. The login attempt has been denied.";if(l)return new Response(d("reject",!0,W),{status:200,headers:{"Content-Type":"text/html; charset=utf-8"}});return{success:!0,message:W}},{detail:{tags:["Authentication"],summary:"Reject pending device",description:"Reject a pending device login request"}}),a.get(`${i}/pending`,async(u)=>{if(!o)return{success:!1,message:"Database not configured"};let m=u.request.headers.get("x-user-id");if(!m)return{success:!1,message:"Authentication required"};let l=await o.select().from(t).where(Zo(Zn(s("userId"),m),Zn(s("approvalStatus"),"pending"))).orderBy(c5(s("createdAt")));return{success:!0,data:{sessions:l.map(($)=>{let E=$;return{...P0(E),approvalStatus:E.approval_status||E.approvalStatus,approvalToken:E.approval_token||E.approvalToken,approvalRequestedAt:E.approval_requested_at?.toISOString()||E.approvalRequestedAt?.toISOString()}}),totalCount:l.length}}},{detail:{tags:["Authentication"],summary:"List pending devices",description:"Get all pending device approval requests for the current user"}});let w=r.brandName||"Nucleus",g=(u,m,l,S)=>{let $=m==="approve",E=$?"#16a34a":"#dc2626",U=$?"Approve Device":"Reject & Block",W=$?"\u2713":"\u2717",H;if(S==="invalid")H=`
+</body></html>`},_=async(u)=>{if((u.request.headers.get("content-type")||"").includes("application/x-www-form-urlencoded")){let E=await u.request.clone().text();return{token:new URLSearchParams(E).get("token"),isFormSubmission:!0}}return{token:u.body?.token||null,isFormSubmission:!1}};a.post(`${i}/approve`,async(u)=>{if(!o)return{success:!1,message:"Database not configured"};let{token:m,isFormSubmission:l}=await _(u);if(!m){if(l)return new Response(d("approve",!1,"Token is required"),{status:400,headers:{"Content-Type":"text/html; charset=utf-8"}});return{success:!1,message:"Token is required"}}let E=await o.select().from(t).where(Zn(s("approvalToken"),m)).limit(1);if(E.length===0){if(l)return new Response(d("approve",!1,"This approval link is invalid or has already been used."),{status:404,headers:{"Content-Type":"text/html; charset=utf-8"}});return{success:!1,message:"Invalid or expired approval token"}}let $=E[0];if($.approvalStatus!=="pending"){if(l)return new Response(d("approve",!0,"This device has already been processed."),{status:200,headers:{"Content-Type":"text/html; charset=utf-8"}});return{success:!1,message:"Session already processed"}}let S=$.approvalRequestedAt||$.approval_requested_at;if(S){let U=new Date(S).getTime();if(Date.now()-U>f){await o.update(t).set({approvalStatus:"rejected",isActive:!1,revokedAt:new Date,revokedReason:"approval_token_expired",approvalRespondedAt:new Date,approvalToken:null}).where(Zn(s("id"),$.id)),c.info("[AUTH] Approval token expired",{sessionId:$.id});let W="This approval link has expired (24h limit). Please log in again.";if(l)return new Response(d("approve",!1,W),{status:410,headers:{"Content-Type":"text/html; charset=utf-8"}});return{success:!1,message:W}}}if(await o.update(t).set({approvalStatus:"approved",isActive:!0,approvalRespondedAt:new Date,approvalToken:null}).where(Zn(s("id"),$.id)),c.info("[AUTH] Device approved",{sessionId:$.id,userId:$.userId}),l)return new Response(d("approve",!0,"The device has been approved and can now access the account."),{status:200,headers:{"Content-Type":"text/html; charset=utf-8"}});return{success:!0,message:"Device approved successfully"}},{detail:{tags:["Authentication"],summary:"Approve pending device",description:"Approve a pending device login request"}}),a.post(`${i}/reject`,async(u)=>{if(!o)return{success:!1,message:"Database not configured"};let{token:m,isFormSubmission:l}=await _(u);if(!m){if(l)return new Response(d("reject",!1,"Token is required"),{status:400,headers:{"Content-Type":"text/html; charset=utf-8"}});return{success:!1,message:"Token is required"}}let E=await o.select().from(t).where(Zn(s("approvalToken"),m)).limit(1);if(E.length===0){if(l)return new Response(d("reject",!1,"This approval link is invalid or has already been used."),{status:404,headers:{"Content-Type":"text/html; charset=utf-8"}});return{success:!1,message:"Invalid or expired approval token"}}let $=E[0];if($.approvalStatus!=="pending"){if(l)return new Response(d("reject",!0,"This device has already been processed."),{status:200,headers:{"Content-Type":"text/html; charset=utf-8"}});return{success:!1,message:"Session already processed"}}let S=$.approvalRequestedAt||$.approval_requested_at,U=S?Date.now()-new Date(S).getTime()>f:!1;await o.update(t).set({approvalStatus:"rejected",isActive:!1,revokedAt:new Date,revokedReason:U?"approval_token_expired":"user_rejected",approvalRespondedAt:new Date,approvalToken:null}).where(Zn(s("id"),$.id)),c.info("[AUTH] Device rejected",{sessionId:$.id,userId:$.userId,isExpired:U});let W=U?"Approval link has expired. The session was automatically rejected.":"Device rejected and blocked. The login attempt has been denied.";if(l)return new Response(d("reject",!0,W),{status:200,headers:{"Content-Type":"text/html; charset=utf-8"}});return{success:!0,message:W}},{detail:{tags:["Authentication"],summary:"Reject pending device",description:"Reject a pending device login request"}}),a.get(`${i}/pending`,async(u)=>{if(!o)return{success:!1,message:"Database not configured"};let m=u.request.headers.get("x-user-id");if(!m)return{success:!1,message:"Authentication required"};let l=await o.select().from(t).where(Zo(Zn(s("userId"),m),Zn(s("approvalStatus"),"pending"))).orderBy(c5(s("createdAt")));return{success:!0,data:{sessions:l.map(($)=>{let S=$;return{...P0(S),approvalStatus:S.approval_status||S.approvalStatus,approvalToken:S.approval_token||S.approvalToken,approvalRequestedAt:S.approval_requested_at?.toISOString()||S.approvalRequestedAt?.toISOString()}}),totalCount:l.length}}},{detail:{tags:["Authentication"],summary:"List pending devices",description:"Get all pending device approval requests for the current user"}});let w=r.brandName||"Nucleus",g=(u,m,l,E)=>{let $=m==="approve",S=$?"#16a34a":"#dc2626",U=$?"Approve Device":"Reject & Block",W=$?"\u2713":"\u2717",H;if(E==="invalid")H=`
 				<div style="text-align:center;padding:40px 20px;">
 					<div style="font-size:48px;margin-bottom:16px;">\u26A0\uFE0F</div>
 					<h2 style="margin:0 0 8px;color:#111827;font-size:20px;">Invalid Token</h2>
 					<p style="color:#6b7280;font-size:14px;">This approval link is invalid or has already been used.</p>
-				</div>`;else if(S==="expired")H=`
+				</div>`;else if(E==="expired")H=`
 				<div style="text-align:center;padding:40px 20px;">
 					<div style="font-size:48px;margin-bottom:16px;">\u23F0</div>
 					<h2 style="margin:0 0 8px;color:#111827;font-size:20px;">Link Expired</h2>
 					<p style="color:#6b7280;font-size:14px;">This approval link has expired (24h limit). The user needs to log in again.</p>
-				</div>`;else if(S==="already_processed"){let k=u.approvalStatus||u.approval_status;H=`
+				</div>`;else if(E==="already_processed"){let k=u.approvalStatus||u.approval_status;H=`
 				<div style="text-align:center;padding:40px 20px;">
 					<div style="font-size:48px;margin-bottom:16px;">${k==="approved"?"\u2705":"\uD83D\uDEAB"}</div>
 					<h2 style="margin:0 0 8px;color:#111827;font-size:20px;">Already Processed</h2>
 					<p style="color:#6b7280;font-size:14px;">This device has ${k==="approved"?"already been approved":"already been rejected"}. No further action needed.</p>
-				</div>`}else{let k=u.deviceName||u.device_name||"Unknown",D=u.browserName||u.browser_name||"Unknown",A=u.browserVersion||u.browser_version||"",h=u.osName||u.os_name||"Unknown",R=u.osVersion||u.os_version||"",B=u.ipAddress||u.ip_address||"Unknown",Y=u.createdAt||u.created_at,X=Y?new Date(Y).toLocaleString("en-US",{dateStyle:"medium",timeStyle:"short"}):"Unknown";H=`
+				</div>`}else{let k=u.deviceName||u.device_name||"Unknown",D=u.browserName||u.browser_name||"Unknown",A=u.browserVersion||u.browser_version||"",h=u.osName||u.os_name||"Unknown",R=u.osVersion||u.os_version||"",z=u.ipAddress||u.ip_address||"Unknown",V=u.createdAt||u.created_at,Q=V?new Date(V).toLocaleString("en-US",{dateStyle:"medium",timeStyle:"short"}):"Unknown";H=`
 				<h2 style="margin:0 0 8px;color:#111827;font-size:20px;font-weight:700;">
 					${$?"Approve this device?":"Reject this device?"}
 				</h2>
@@ -148,12 +148,12 @@ var l5=Object.create;var{getPrototypeOf:d5,defineProperty:Si,getOwnPropertyNames
 				<table width="100%" cellpadding="0" cellspacing="0" style="background-color:#f9fafb;border:1px solid #e5e7eb;border-radius:8px;margin:16px 0;">
 					<tr><td style="padding:12px 16px;border-bottom:1px solid #e5e7eb;width:100px;"><span style="color:#6b7280;font-size:12px;">Device</span></td><td style="padding:12px 16px;border-bottom:1px solid #e5e7eb;"><strong style="color:#111827;font-size:13px;">${k}</strong></td></tr>
 					<tr><td style="padding:12px 16px;border-bottom:1px solid #e5e7eb;"><span style="color:#6b7280;font-size:12px;">Browser</span></td><td style="padding:12px 16px;border-bottom:1px solid #e5e7eb;"><span style="color:#111827;font-size:13px;">${D} ${A} on ${h} ${R}</span></td></tr>
-					<tr><td style="padding:12px 16px;border-bottom:1px solid #e5e7eb;"><span style="color:#6b7280;font-size:12px;">IP Address</span></td><td style="padding:12px 16px;border-bottom:1px solid #e5e7eb;"><span style="color:#111827;font-size:13px;">${B}</span></td></tr>
-					<tr><td style="padding:12px 16px;"><span style="color:#6b7280;font-size:12px;">Time</span></td><td style="padding:12px 16px;"><span style="color:#111827;font-size:13px;">${X}</span></td></tr>
+					<tr><td style="padding:12px 16px;border-bottom:1px solid #e5e7eb;"><span style="color:#6b7280;font-size:12px;">IP Address</span></td><td style="padding:12px 16px;border-bottom:1px solid #e5e7eb;"><span style="color:#111827;font-size:13px;">${z}</span></td></tr>
+					<tr><td style="padding:12px 16px;"><span style="color:#6b7280;font-size:12px;">Time</span></td><td style="padding:12px 16px;"><span style="color:#111827;font-size:13px;">${Q}</span></td></tr>
 				</table>
 				<form method="POST" action="${i}/${m}" style="margin:24px 0 0;">
 					<input type="hidden" name="token" value="${l}" />
-					<button type="submit" style="width:100%;padding:14px 24px;background-color:${E};color:#ffffff;border:none;border-radius:8px;font-size:15px;font-weight:600;cursor:pointer;">
+					<button type="submit" style="width:100%;padding:14px 24px;background-color:${S};color:#ffffff;border:none;border-radius:8px;font-size:15px;font-weight:600;cursor:pointer;">
 						${W} ${U}
 					</button>
 				</form>
@@ -172,10 +172,10 @@ var l5=Object.create;var{getPrototypeOf:d5,defineProperty:Si,getOwnPropertyNames
 </table>
 </td></tr>
 </table>
-</body></html>`};return a.get(`${i}/approve-page`,async(u)=>{if(!o)return new Response("Service unavailable",{status:503});let l=new URL(u.request.url).searchParams.get("token");if(!l){let W=g({},"approve","","invalid");return new Response(W,{status:400,headers:{"Content-Type":"text/html; charset=utf-8"}})}let S=await o.select().from(t).where(Zn(s("approvalToken"),l)).limit(1);if(S.length===0){let W=g({},"approve",l,"invalid");return new Response(W,{status:404,headers:{"Content-Type":"text/html; charset=utf-8"}})}let $=S[0];if($.approvalStatus!=="pending"&&$.approval_status!=="pending"){let W=g($,"approve",l,"already_processed");return new Response(W,{status:200,headers:{"Content-Type":"text/html; charset=utf-8"}})}let E=$.approvalRequestedAt||$.approval_requested_at;if(E&&Date.now()-new Date(E).getTime()>f){let W=g($,"approve",l,"expired");return new Response(W,{status:410,headers:{"Content-Type":"text/html; charset=utf-8"}})}let U=g($,"approve",l,"pending");return new Response(U,{status:200,headers:{"Content-Type":"text/html; charset=utf-8"}})},{detail:{tags:["Authentication"],summary:"Approval page",description:"Standalone HTML page for approving a device (no frontend auth required)"}}),a.get(`${i}/reject-page`,async(u)=>{if(!o)return new Response("Service unavailable",{status:503});let l=new URL(u.request.url).searchParams.get("token");if(!l){let W=g({},"reject","","invalid");return new Response(W,{status:400,headers:{"Content-Type":"text/html; charset=utf-8"}})}let S=await o.select().from(t).where(Zn(s("approvalToken"),l)).limit(1);if(S.length===0){let W=g({},"reject",l,"invalid");return new Response(W,{status:404,headers:{"Content-Type":"text/html; charset=utf-8"}})}let $=S[0];if($.approvalStatus!=="pending"&&$.approval_status!=="pending"){let W=g($,"reject",l,"already_processed");return new Response(W,{status:200,headers:{"Content-Type":"text/html; charset=utf-8"}})}let E=$.approvalRequestedAt||$.approval_requested_at;if(E&&Date.now()-new Date(E).getTime()>f){let W=g($,"reject",l,"expired");return new Response(W,{status:410,headers:{"Content-Type":"text/html; charset=utf-8"}})}let U=g($,"reject",l,"pending");return new Response(U,{status:200,headers:{"Content-Type":"text/html; charset=utf-8"}})},{detail:{tags:["Authentication"],summary:"Rejection page",description:"Standalone HTML page for rejecting a device (no frontend auth required)"}}),a.get(`${i}/approval-status`,async(u)=>{if(!o)return{success:!1,message:"Database not configured"};let l=new URL(u.request.url).searchParams.get("sessionId");if(!l)return{success:!1,message:"sessionId is required"};let S=await o.select().from(t).where(Zn(s("id"),l)).limit(1);if(S.length===0)return{success:!1,message:"Session not found"};let $=S[0];return{success:!0,data:{approvalStatus:$.approvalStatus||$.approval_status||"unknown",isActive:$.isActive||$.is_active}}},{detail:{tags:["Authentication"],summary:"Check approval status",description:"Poll the approval status of a pending session (used by login form)"}}),a}var sd=b(()=>{ed();o5();ed()});var e5={};ho(e5,{createSessionsRoute:()=>C0,createRegisterRoute:()=>x0,createRefreshRoute:()=>N0,createPasswordSetRoute:()=>O0,createPasswordResetRoute:()=>G0,createPasswordChangeRoute:()=>Q0,createMeRoute:()=>X0,createMagicLinkRoute:()=>J0,createLogoutRoute:()=>Ce,createLoginRoute:()=>xe,createInviteRoute:()=>Qe,createImpersonateRoute:()=>Be,createEmailVerificationRoutes:()=>Xe,createChangeUserIdRoute:()=>ze,createAuthRoutes:()=>a5,createApiKeyRoutes:()=>We});function a5(n,r){let{authConfig:t,features:o,helpers:c}=r;if(r.oauthAccountsTable)t.oauthAccountsTable=r.oauthAccountsTable;if(r.schemaTables)t.schemaTables=r.schemaTables;let i=t.authentication?.cookieMaxAgeBufferSeconds??0,a=t.authentication?.cookieDomain,e=a?process.env[a]??a:void 0,s=e==="localhost"||e===".localhost"?void 0:e,f={accessTokenName:t.authentication?.accessToken?.name||"access_token",refreshTokenName:t.authentication?.refreshToken?.name||"refresh_token",sessionTokenName:t.authentication?.sessionToken?.name||"session_token",accessTokenMaxAge:Math.max(0,pr(t.authentication?.accessToken?.expiresIn||"15m")-i),refreshTokenMaxAge:pr(t.authentication?.refreshToken?.expiresIn||"7d"),sessionTokenMaxAge:pr(t.authentication?.sessionToken?.expiresIn||"30d"),domain:s};if(t.logger.info("[AUTH] Cookie config created",{accessTokenMaxAge:f.accessTokenMaxAge,refreshTokenMaxAge:f.refreshTokenMaxAge,sessionTokenMaxAge:f.sessionTokenMaxAge,accessTokenExpiresIn:t.authentication?.accessToken?.expiresIn,sessionTokenExpiresIn:t.authentication?.sessionToken?.expiresIn}),o.login?.enabled){let _=xe(t,o.login,c.signAccessToken,c.signRefreshToken,c.createSession,c.saveSessionToDb,f,r.tokenResponseConfig);n.use(_)}if(o.register?.enabled){let _=x0(t,o.register,c.sendWelcomeEmail,c.signAccessToken,c.signRefreshToken,c.createSession,f,r.tokenResponseConfig,r.emailService,r.appName);if(n.use(_),o.register.emailVerification?.enabled){let w=Xe({authConfig:t,registerConfig:o.register,emailService:r.emailService,appName:r.appName});n.use(w)}}if(o.logout?.enabled){let _=Ce(t,o.logout,c.destroySession,c.revokeSessionInDb,f);n.use(_)}if(o.refresh?.enabled){let _=N0(t,o.refresh,c.verifyRefreshToken,c.signAccessToken,c.signRefreshToken,r.tokenResponseConfig,i,f);n.use(_)}if(o.passwordReset?.enabled&&c.storeResetToken&&c.getResetToken&&c.deleteResetToken){let _=G0(t,o.passwordReset,c.storeResetToken,c.getResetToken,c.deleteResetToken,c.sendResetEmail);n.use(_)}if(o.passwordChange?.enabled){let _=Q0(t,o.passwordChange);n.use(_)}if(o.passwordSet?.enabled){let _=O0(t,o.passwordSet,c.getMagicToken,c.deleteMagicToken);n.use(_)}if(o.sessions?.enabled&&r.sessionsTable){let _=C0(t,o.sessions,r.sessionsTable);n.use(_)}if(o.magicLink?.enabled&&r.emailService?.isAvailable()&&c.storeMagicToken&&c.getMagicToken&&c.deleteMagicToken){let _=J0(t,o.magicLink,r.emailService,c.signAccessToken,c.signRefreshToken,c.createSession,c.storeMagicToken,c.getMagicToken,c.deleteMagicToken,r.appName);n.use(_)}if(o.me?.enabled){let _=X0(t,o.me,r.schemaTables||{},r.schemaRelations||{},r.databaseUrl);n.use(_)}if(o.invite?.enabled&&r.emailService?.isAvailable()&&c.storeMagicToken){let _=Qe(t,o.invite,r.emailService,c.storeMagicToken,r.appName,c.getMagicToken);n.use(_)}if(o.captcha?.enabled&&r.captchaService){let _=Cb({captchaService:r.captchaService,logger:t.logger,basePath:o.captcha.route||"/auth/captcha"});n.use(_)}if(o.oauth?.enabled&&o.oauth.providers){let _=new ee(o.oauth),w=K2(t,_,c.signAccessToken,c.signRefreshToken,c.createSession,c.saveSessionToDb,f,r.tokenResponseConfig,r.emailService,c.storeMagicToken,r.appName);n.use(w)}if(o.apiKeys?.enabled&&r.apiKeysTable)t.apiKeysTable=r.apiKeysTable,We(n,t,o.apiKeys);let d=jb(t,{route:"/auth/check",isPublic:!1,enabled:!0});if(n.use(d),r.admin?.impersonate?.enabled!==!1){let _=Be(t,c.signAccessToken,c.signRefreshToken,c.createSession,c.saveSessionToDb,f);n.use(_)}if(r.admin?.changeUserId?.enabled!==!1){let _=ze(t,r.schemaName||"public");n.use(_)}return n}var fd=b(()=>{af();Qi();pf();Tf();r_();Fb();qb();t_();o_();e_();s_();Pl();Cl();v2();ql();Il();Tl();rd();cd();sd();pf();Tf();r_();t_();o_();e_();s_();Pl();Cl();ql();Il();Tl();rd();cd();sd()});import{batch as q0,createStore as b5}from"h-state";import{useEffectEvent as g5}from"react";function m5(n){let r={};for(let t of Object.keys(n))r[t]={isPending:!1,data:null,error:null,code:null};return r}function $5(n,r){let{useStore:t}=b5(m5(n),{_callEndpoint:(o)=>async(c,i)=>{if(!o[c])return;q0(()=>{o[c].isPending=!0,o[c].error=null});try{let e=await r(c,i.payload);if(q0(()=>{if(o[c].isPending=!1,o[c].code=e.code??null,e.isSuccess&&e.data!==void 0)o[c].data=e.data,o[c].error=null;else o[c].error=e.errors??null}),e.isSuccess)i.onAfterHandle?.(e.data??e);else i.onErrorHandle?.(e.errors??{message:"Request failed"},e.code)}catch(e){q0(()=>{o[c].isPending=!1,o[c].error={message:e instanceof Error?e.message:"Unknown error"}}),i.onErrorHandle?.({message:e instanceof Error?e.message:"Unknown error"},null)}}});return function(){let c=t(),i=g5((e,s)=>{c._callEndpoint(e,s)}),a={};for(let e of Object.keys(n)){let s=(f)=>{i(e,f)};a[e]={state:c[e],start:s}}return a}}var bd={$schema:"../schemas/nucleus.tables.schema.json",tables:[{table_name:"users",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"email",type:"varchar",length:255},{name:"password",type:"varchar",length:255},{name:"verified_at",type:"timestamp"},{name:"email_verification_token",type:"varchar",length:255},{name:"email_verification_token_expires_at",type:"timestamp"},{name:"email_verification_sent_at",type:"timestamp"},{name:"email_verification_attempts",type:"integer",default:0},{name:"last_login_at",type:"timestamp"},{name:"login_count",type:"integer",default:0},{name:"is_locked",type:"boolean",default:!1},{name:"locked_until",type:"timestamp"},{name:"failed_login_attempts",type:"integer",default:0},{name:"is_god",type:"boolean",default:!1}],indexes:[{columns:["email"],unique:!0},{columns:["email","is_active"]},{columns:["last_login_at"]},{columns:["is_locked","locked_until"]}]},{table_name:"profiles",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id"}},{name:"first_name",type:"varchar",length:100,notNull:!0},{name:"last_name",type:"varchar",length:100,notNull:!0}],indexes:[{columns:["user_id"],unique:!0},{columns:["first_name","last_name"]}]},{table_name:"roles",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"name",type:"varchar",length:100,notNull:!0},{name:"description",type:"varchar",length:500}],indexes:[{columns:["name"],unique:!0}]},{table_name:"claims",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"action",type:"varchar",length:100,notNull:!0},{name:"description",type:"varchar",length:500},{name:"path",type:"varchar",length:200,notNull:!0},{name:"method",type:"varchar",length:10,notNull:!0}],indexes:[{columns:["action"],unique:!0},{columns:["path","method"]}]},{table_name:"user_roles",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"role_id",type:"uuid",notNull:!0,references:{table:"roles",column:"id",onDelete:"cascade"}}],indexes:[{columns:["user_id"]},{columns:["role_id"]}],constraints:{unique:[{name:"unique_user_role",columns:["user_id","role_id"]}]}},{table_name:"role_claims",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"role_id",type:"uuid",notNull:!0,references:{table:"roles",column:"id",onDelete:"cascade"}},{name:"claim_id",type:"uuid",notNull:!0,references:{table:"claims",column:"id",onDelete:"cascade"}},{name:"scope",type:"text"}],indexes:[{columns:["role_id"]},{columns:["claim_id"]},{columns:["role_id","claim_id","scope"]}]},{table_name:"files",feature_set:["storage"],add_base_columns:!0,is_form_data:!0,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"name",type:"varchar",length:255,notNull:!0},{name:"original_name",type:"varchar",length:255,notNull:!0},{name:"type",type:"varchar",length:50,enumValues:["image","document","video","audio","profile_picture"]},{name:"path",type:"varchar",length:500,notNull:!0},{name:"size",type:"bigint",mode:"number",notNull:!0},{name:"mime_type",type:"varchar",length:100,notNull:!0},{name:"extension",type:"varchar",length:10,notNull:!0},{name:"uploaded_by",type:"uuid",references:{table:"users",column:"id"}}],indexes:[{columns:["type"]},{columns:["uploaded_by"]},{columns:["size"]}]},{table_name:"addresses",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"owner_type",type:"varchar",length:50,notNull:!0,enumValues:["user","company","contact"]},{name:"owner_id",type:"uuid",notNull:!0},{name:"name",type:"varchar",length:100,notNull:!0},{name:"street",type:"varchar",length:255},{name:"city",type:"varchar",length:100},{name:"state",type:"varchar",length:50},{name:"zip",type:"varchar",length:20},{name:"country",type:"varchar",length:50,default:"US"},{name:"latitude",type:"decimal",precision:10,scale:8},{name:"longitude",type:"decimal",precision:11,scale:8},{name:"neighborhood",type:"varchar",length:100},{name:"apartment",type:"varchar",length:50},{name:"province",type:"varchar",length:100},{name:"district",type:"varchar",length:100},{name:"type",type:"varchar",length:50}],indexes:[{columns:["city","state"]},{columns:["latitude","longitude"]},{columns:["type"]},{columns:["owner_type","owner_id"]}]},{table_name:"phones",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"owner_type",type:"varchar",length:50,notNull:!0,enumValues:["user","company","contact"]},{name:"owner_id",type:"uuid",notNull:!0},{name:"name",type:"varchar",length:100,notNull:!0},{name:"type",type:"varchar",length:50,enumValues:["mobile","office","fax"]},{name:"number",type:"varchar",length:20,notNull:!0},{name:"country_code",type:"varchar",length:10,notNull:!0,default:"+1"},{name:"extension",type:"varchar",length:10}],indexes:[{columns:["number"]},{columns:["type"]},{columns:["owner_type","owner_id"]}]},{table_name:"notifications",feature_set:["notification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"user_id",type:"uuid",notNull:!0},{name:"title",type:"varchar",length:255,notNull:!0},{name:"body",type:"varchar",length:1000},{name:"entity_name",type:"varchar",length:100},{name:"entity_id",type:"uuid"},{name:"type",type:"varchar",length:50,notNull:!0,default:"system",enumValues:["verification","system","custom"]},{name:"source",type:"varchar",length:100},{name:"is_seen",type:"boolean",notNull:!0,default:!1},{name:"seen_at",type:"timestamptz"}],indexes:[{columns:["user_id","created_at"]},{columns:["is_seen"]},{columns:["type"]},{columns:["user_id","type","is_seen"]}]},{table_name:"tenants",feature_set:["multi-tenant"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["main"],excluded_schemas:[],excluded_methods:[],columns:[{name:"subdomain",type:"varchar",length:100,notNull:!0,unique:!0},{name:"company_id",type:"uuid",notNull:!0},{name:"schema_name",type:"varchar",length:100,notNull:!0,unique:!0},{name:"company_name",type:"varchar",length:255},{name:"god_admin_email",type:"varchar",length:255}],indexes:[]},{table_name:"verifications",feature_set:["verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"instance_id",type:"uuid",notNull:!0,references:{table:"verificationInstances",column:"id",onDelete:"cascade"}},{name:"requirement_id",type:"uuid",notNull:!0,references:{table:"verificationRequirements",column:"id"}},{name:"verifier_id",type:"uuid",notNull:!0,references:{table:"users",column:"id"}},{name:"signature_id",type:"uuid",references:{table:"files",column:"id"}},{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"entity_id",type:"uuid",notNull:!0},{name:"step_order",type:"integer",notNull:!0,default:1},{name:"decision",type:"varchar",length:50,notNull:!0,default:"pending",enumValues:["approved","rejected","pending"]},{name:"reason",type:"text"},{name:"diff",type:"jsonb"}],indexes:[{columns:["instance_id"]},{columns:["requirement_id"]},{columns:["verifier_id"]},{columns:["entity_name","entity_id"]},{columns:["entity_name","entity_id","step_order"]},{columns:["decision"]}]},{table_name:"verificationRequirements",feature_set:["verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"instance_id",type:"uuid",notNull:!0,references:{table:"verificationInstances",column:"id",onDelete:"cascade"}},{name:"step_node_id",type:"varchar",length:100,notNull:!0},{name:"verifier_node_id",type:"varchar",length:100,notNull:!0},{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"entity_id",type:"uuid",notNull:!0},{name:"verifier_type",type:"varchar",length:30,notNull:!0,enumValues:["user","role"]},{name:"verifier_user_id",type:"uuid"},{name:"verifier_role",type:"varchar",length:100},{name:"require_signature",type:"boolean",notNull:!0,default:!1},{name:"all_must_approve",type:"boolean",notNull:!0,default:!1},{name:"step_order",type:"integer",notNull:!0,default:1},{name:"status",type:"varchar",length:30,notNull:!0,default:"pending",enumValues:["pending","approved","rejected"]}],indexes:[{columns:["instance_id"]},{columns:["instance_id","step_order"]},{columns:["entity_name","entity_id"]},{columns:["verifier_user_id"]},{columns:["status"]}]},{table_name:"verificationFlows",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"name",type:"varchar",length:255,notNull:!0},{name:"description",type:"text"},{name:"trigger_on",type:"varchar",length:50,notNull:!0,default:"update",enumValues:["create","update","delete","manual"]},{name:"trigger_fields",type:"jsonb"},{name:"is_draft",type:"boolean",notNull:!0,default:!0},{name:"published_at",type:"timestamptz"},{name:"viewport",type:"jsonb"}],indexes:[{columns:["entity_name"]},{columns:["entity_name","trigger_on"]},{columns:["is_draft"]}]},{table_name:"verificationSteps",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id",onDelete:"cascade"}},{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"node_id",type:"varchar",length:100,notNull:!0},{name:"node_type",type:"varchar",length:50,notNull:!0,default:"step",enumValues:["step","verifier","notification"]},{name:"step_order",type:"integer",notNull:!0,default:1},{name:"name",type:"varchar",length:255},{name:"description",type:"text"},{name:"position_x",type:"numeric",notNull:!0,default:0},{name:"position_y",type:"numeric",notNull:!0,default:0},{name:"width",type:"numeric"},{name:"height",type:"numeric"},{name:"style",type:"jsonb"},{name:"data",type:"jsonb"}],indexes:[{columns:["flow_id"]},{columns:["entity_name"]},{columns:["flow_id","node_id"],unique:!0},{columns:["entity_name","step_order"]}]},{table_name:"verificationEdges",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id",onDelete:"cascade"}},{name:"edge_id",type:"varchar",length:100,notNull:!0},{name:"source_node_id",type:"varchar",length:100,notNull:!0},{name:"target_node_id",type:"varchar",length:100,notNull:!0},{name:"source_handle",type:"varchar",length:50},{name:"target_handle",type:"varchar",length:50},{name:"edge_type",type:"varchar",length:50,default:"default",enumValues:["default","conditional","success","failure"]},{name:"label",type:"varchar",length:255},{name:"condition",type:"jsonb"},{name:"style",type:"jsonb"},{name:"animated",type:"boolean",default:!1}],indexes:[{columns:["flow_id"]},{columns:["flow_id","edge_id"],unique:!0},{columns:["source_node_id"]},{columns:["target_node_id"]}]},{table_name:"verificationNotificationRules",feature_set:["verification","notification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id",onDelete:"cascade"}},{name:"node_id",type:"varchar",length:100,notNull:!0},{name:"trigger",type:"varchar",length:50,notNull:!0,enumValues:["on_flow_started","on_step_reached","on_approved","on_rejected","on_flow_completed"]},{name:"title_template",type:"varchar",length:255},{name:"body_template",type:"text"},{name:"starts_at",type:"timestamptz"},{name:"expires_at",type:"timestamptz"}],indexes:[{columns:["flow_id"]},{columns:["flow_id","node_id"],unique:!0},{columns:["trigger"]}]},{table_name:"verificationNotificationRecipients",feature_set:["verification","notification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"rule_id",type:"uuid",notNull:!0,references:{table:"verificationNotificationRules",column:"id",onDelete:"cascade"}},{name:"recipient_type",type:"varchar",length:30,notNull:!0,enumValues:["user","role","all_verifiers","step_verifier","entity_creator"]},{name:"recipient_user_id",type:"uuid"},{name:"recipient_role",type:"varchar",length:100}],indexes:[{columns:["rule_id"]},{columns:["recipient_type"]}]},{table_name:"verificationVerifierConfigs",feature_set:["verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id",onDelete:"cascade"}},{name:"node_id",type:"varchar",length:100,notNull:!0},{name:"verifier_type",type:"varchar",length:30,notNull:!0,enumValues:["user","role"]},{name:"verifier_user_id",type:"uuid"},{name:"verifier_role",type:"varchar",length:100},{name:"require_signature",type:"boolean",notNull:!0,default:!1},{name:"all_must_approve",type:"boolean",notNull:!0,default:!1}],indexes:[{columns:["flow_id"]},{columns:["flow_id","node_id"],unique:!0},{columns:["verifier_type"]}]},{table_name:"verificationInstances",feature_set:["verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id"}},{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"entity_id",type:"uuid",notNull:!0},{name:"started_by",type:"uuid",references:{table:"users",column:"id"}},{name:"status",type:"varchar",length:30,notNull:!0,default:"active",enumValues:["active","completed","rejected","cancelled"]},{name:"current_step_order",type:"integer",notNull:!0,default:1},{name:"started_at",type:"timestamptz",notNull:!0,defaultRaw:"now()"},{name:"completed_at",type:"timestamptz"}],indexes:[{columns:["flow_id"]},{columns:["entity_name","entity_id"]},{columns:["entity_name","entity_id","status"]},{columns:["status"]},{columns:["started_by"]}]},{table_name:"verificationNotificationChannels",feature_set:["verification","notification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"rule_id",type:"uuid",notNull:!0,references:{table:"verificationNotificationRules",column:"id",onDelete:"cascade"}},{name:"channel",type:"varchar",length:30,notNull:!0,enumValues:["portal","email","sms","telegram","webhook"]}],indexes:[{columns:["rule_id"]},{columns:["rule_id","channel"],unique:!0},{columns:["channel"]}]},{table_name:"user_sessions",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","PATCH"],columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"token_hash",type:"varchar",length:255,notNull:!0},{name:"refresh_token_hash",type:"varchar",length:255},{name:"device_fingerprint",type:"varchar",length:255},{name:"device_name",type:"varchar",length:100},{name:"device_type",type:"varchar",length:50,enumValues:["desktop","mobile","tablet","unknown"]},{name:"browser_name",type:"varchar",length:50},{name:"browser_version",type:"varchar",length:20},{name:"os_name",type:"varchar",length:50},{name:"os_version",type:"varchar",length:20},{name:"ip_address",type:"varchar",length:45,notNull:!0},{name:"location_country",type:"varchar",length:100},{name:"location_city",type:"varchar",length:100},{name:"location_coordinates",type:"varchar",length:50},{name:"last_activity_at",type:"timestamptz",notNull:!0,defaultRaw:"now()"},{name:"expires_at",type:"timestamptz",notNull:!0},{name:"revoked_at",type:"timestamptz"},{name:"revoked_reason",type:"varchar",length:100,enumValues:["user_logout","user_revoked","admin_revoked","security_concern","password_changed","expired","replaced"]},{name:"is_current",type:"boolean",notNull:!0,default:!1},{name:"login_method",type:"varchar",length:50,enumValues:["password","oauth_google","oauth_github","oauth_microsoft","magic_link","sso","api_key"]},{name:"remember_me",type:"boolean",notNull:!0,default:!1},{name:"trust_score",type:"integer",default:100},{name:"approval_status",type:"varchar",length:20,default:"approved",enumValues:["approved","pending","rejected"]},{name:"approval_token",type:"varchar",length:64},{name:"approval_requested_at",type:"timestamptz"},{name:"approval_responded_at",type:"timestamptz"}],indexes:[{columns:["user_id"]},{columns:["token_hash"],unique:!0},{columns:["refresh_token_hash"]},{columns:["user_id","is_active"]},{columns:["expires_at"]},{columns:["device_fingerprint"]},{columns:["ip_address"]},{columns:["last_activity_at"]},{columns:["approval_status"]},{columns:["approval_token"]}]},{table_name:"password_reset_tokens",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","PATCH","DELETE"],columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"token_hash",type:"varchar",length:255,notNull:!0},{name:"expires_at",type:"timestamptz",notNull:!0},{name:"used_at",type:"timestamptz"}],indexes:[{columns:["token_hash"],unique:!0},{columns:["user_id"]},{columns:["expires_at"]}]},{table_name:"magic_link_tokens",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","PATCH","DELETE"],columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"email",type:"varchar",length:255,notNull:!0},{name:"token_hash",type:"varchar",length:255,notNull:!0},{name:"expires_at",type:"timestamptz",notNull:!0},{name:"used_at",type:"timestamptz"}],indexes:[{columns:["token_hash"],unique:!0},{columns:["user_id"]},{columns:["email"]},{columns:["expires_at"]}]},{table_name:"audit_logs",feature_set:["audit"],add_base_columns:!1,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","DELETE","PATCH","TOGGLE","VERIFICATION"],columns:[{name:"id",type:"uuid",primaryKey:!0,defaultRaw:"gen_random_uuid()"},{name:"entity_id",type:"uuid"},{name:"entity_name",type:"text",notNull:!0},{name:"operation_type",type:"text",notNull:!0},{name:"user_id",type:"uuid"},{name:"ip_address",type:"text"},{name:"user_agent",type:"text"},{name:"summary",type:"text"},{name:"old_values",type:"jsonb"},{name:"new_values",type:"jsonb"},{name:"created_at",type:"timestamp",notNull:!0,defaultRaw:"now()"},{name:"path",type:"text"},{name:"query",type:"text"}],indexes:[{columns:["entity_id"]},{columns:["entity_name"]},{columns:["user_id"]},{columns:["created_at"]}]},{table_name:"oauth_accounts",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!1,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"provider",type:"varchar",length:50,notNull:!0,enumValues:["google","github","microsoft","discord","facebook","twitter","apple","custom"]},{name:"provider_account_id",type:"varchar",length:255,notNull:!0},{name:"provider_email",type:"varchar",length:255},{name:"provider_name",type:"varchar",length:255},{name:"provider_avatar_url",type:"text"},{name:"access_token",type:"text"},{name:"refresh_token",type:"text"},{name:"token_expires_at",type:"timestamp"},{name:"scope",type:"text"},{name:"raw_profile",type:"jsonb"},{name:"is_primary",type:"boolean",notNull:!0,default:!1},{name:"last_used_at",type:"timestamp"}],indexes:[{columns:["user_id"]},{columns:["provider","provider_account_id"],unique:!0},{columns:["provider_email"]},{columns:["user_id","provider"]}],constraints:{unique:[{name:"unique_provider_account",columns:["provider","provider_account_id"]}]}},{table_name:"api_keys",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","PATCH"],bulk_endpoints_enabled:!1,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"name",type:"varchar",length:255,notNull:!0},{name:"description",type:"text"},{name:"key_hash",type:"varchar",length:255,notNull:!0},{name:"key_preview",type:"varchar",length:12,notNull:!0},{name:"owner_type",type:"varchar",length:30,notNull:!0,default:"personal",enumValues:["personal","application"]},{name:"application_name",type:"varchar",length:255},{name:"allowed_roles",type:"jsonb",notNull:!0,default:"[]"},{name:"allowed_claims",type:"jsonb",notNull:!0,default:"[]"},{name:"allowed_scopes",type:"jsonb",notNull:!0,default:"[]"},{name:"expires_at",type:"timestamptz"},{name:"last_used_at",type:"timestamptz"},{name:"last_used_ip",type:"varchar",length:45},{name:"usage_count",type:"integer",notNull:!0,default:0},{name:"revoked_at",type:"timestamptz"},{name:"revoked_reason",type:"varchar",length:255}],indexes:[{columns:["key_hash"],unique:!0},{columns:["user_id"]},{columns:["user_id","is_active"]},{columns:["owner_type"]},{columns:["expires_at"]},{columns:["last_used_at"]}]}]};var K0={login:{key:"LOGIN",method:"POST",defaultRoute:"/auth/login",defaultIsPublic:!0,_payload:void 0,_success:void 0,_error:void 0},register:{key:"REGISTER",method:"POST",defaultRoute:"/auth/register",defaultIsPublic:!0,_payload:void 0,_success:void 0,_error:void 0},logout:{key:"LOGOUT",method:"POST",defaultRoute:"/auth/logout",defaultIsPublic:!1,_payload:void 0,_success:void 0,_error:void 0},refresh:{key:"REFRESH",method:"POST",defaultRoute:"/auth/refresh",defaultIsPublic:!1,_payload:void 0,_success:void 0,_error:void 0},me:{key:"ME",method:"GET",defaultRoute:"/auth/me",defaultIsPublic:!1,_payload:void 0,_success:void 0,_error:void 0},passwordChange:{key:"PASSWORD_CHANGE",method:"POST",defaultRoute:"/auth/password-change",defaultIsPublic:!1,_payload:void 0,_success:void 0,_error:void 0},passwordSet:{key:"PASSWORD_SET",method:"POST",defaultRoute:"/auth/password-set",defaultIsPublic:!1,_payload:void 0,_success:void 0,_error:void 0},passwordReset:{key:"PASSWORD_RESET_REQUEST",method:"POST",defaultRoute:"/auth/password-reset",defaultIsPublic:!0,subEndpoints:[{key:"PASSWORD_RESET_REQUEST",method:"POST",suffix:"/request",_payload:void 0,_success:void 0,_error:void 0},{key:"PASSWORD_RESET_CONFIRM",method:"POST",suffix:"/confirm",_payload:void 0,_success:void 0,_error:void 0}]},sessions:{key:"SESSIONS",method:"GET",defaultRoute:"/auth/sessions",defaultIsPublic:!1,subEndpoints:[{key:"SESSIONS",method:"GET",suffix:"",_payload:void 0,_success:void 0,_error:void 0},{key:"SESSIONS_CURRENT",method:"GET",suffix:"/current",_payload:void 0,_success:void 0,_error:void 0},{key:"SESSIONS_STATS",method:"GET",suffix:"/stats",_payload:void 0,_success:void 0,_error:void 0},{key:"SESSIONS_PENDING",method:"GET",suffix:"/pending",_payload:void 0,_success:void 0,_error:void 0},{key:"SESSIONS_REVOKE",method:"DELETE",suffix:"/:sessionId",_payload:void 0,_success:void 0,_error:void 0},{key:"SESSIONS_REVOKE_ALL",method:"DELETE",suffix:"/all",_payload:void 0,_success:void 0,_error:void 0},{key:"SESSIONS_APPROVE",method:"POST",suffix:"/approve",_payload:void 0,_success:void 0,_error:void 0},{key:"SESSIONS_REJECT",method:"POST",suffix:"/reject",_payload:void 0,_success:void 0,_error:void 0}]},magicLink:{key:"MAGIC_LINK",method:"POST",defaultRoute:"/auth/magic-link",defaultIsPublic:!0,subEndpoints:[{key:"MAGIC_LINK",method:"POST",suffix:"",_payload:void 0,_success:void 0,_error:void 0},{key:"MAGIC_LINK_VERIFY",method:"GET",suffix:"/verify",routeKey:"verifyRoute",_payload:void 0,_success:void 0,_error:void 0}]},invite:{key:"INVITE",method:"POST",defaultRoute:"/auth/invite",defaultIsPublic:!1,subEndpoints:[{key:"INVITE",method:"POST",suffix:"",_payload:void 0,_success:void 0,_error:void 0},{key:"INVITE_VERIFY",method:"POST",suffix:"/verify",_payload:void 0,_success:void 0,_error:void 0}]},emailVerification:{key:"VERIFY_EMAIL",method:"GET",defaultRoute:"/verify-email",defaultIsPublic:!0,subEndpoints:[{key:"VERIFY_EMAIL",method:"GET",suffix:"",_payload:void 0,_success:void 0,_error:void 0},{key:"RESEND_VERIFICATION",method:"POST",suffix:"",routeKey:"resendRoute",defaultRoute:"/resend-verification",_payload:void 0,_success:void 0,_error:void 0}]},captcha:{key:"CAPTCHA",method:"GET",defaultRoute:"/auth/captcha",defaultIsPublic:!0,subEndpoints:[{key:"CAPTCHA_GENERATE",method:"GET",suffix:"/generate",_payload:void 0,_success:void 0,_error:void 0},{key:"CAPTCHA_VALIDATE",method:"POST",suffix:"/validate",_payload:void 0,_success:void 0,_error:void 0}]},oauth:{key:"OAUTH_PROVIDERS",method:"GET",defaultRoute:"/auth/oauth/providers",defaultIsPublic:!0,subEndpoints:[{key:"OAUTH_PROVIDERS",method:"GET",suffix:"/providers",_payload:void 0,_success:void 0,_error:void 0},{key:"OAUTH_REDIRECT",method:"GET",suffix:"/:provider",_payload:void 0,_success:void 0,_error:void 0},{key:"OAUTH_ACCOUNTS",method:"GET",suffix:"/accounts",_payload:void 0,_success:void 0,_error:void 0},{key:"OAUTH_UNLINK",method:"DELETE",suffix:"/unlink/:provider",_payload:void 0,_success:void 0,_error:void 0}]},apiKeys:{key:"API_KEYS",method:"GET",defaultRoute:"/auth/api-keys",defaultIsPublic:!1,subEndpoints:[{key:"API_KEYS_CREATE",method:"POST",suffix:"",_payload:void 0,_success:void 0,_error:void 0},{key:"API_KEYS_LIST",method:"GET",suffix:"",_payload:void 0,_success:void 0,_error:void 0},{key:"API_KEYS_DETAIL",method:"GET",suffix:"/:id",_payload:void 0,_success:void 0,_error:void 0},{key:"API_KEYS_UPDATE",method:"PATCH",suffix:"/:id",_payload:void 0,_success:void 0,_error:void 0},{key:"API_KEYS_REVOKE",method:"DELETE",suffix:"/:id",_payload:void 0,_success:void 0,_error:void 0}]}},gd={healthCheck:{key:"MONITORING_HEALTH_CHECK",method:"GET",suffix:"/health",_payload:void 0,_success:void 0,_error:void 0},getSettings:{key:"MONITORING_GET_SETTINGS",method:"GET",suffix:"/settings",_payload:void 0,_success:void 0,_error:void 0},changeSettings:{key:"MONITORING_CHANGE_SETTINGS",method:"PATCH",suffix:"/settings",_payload:void 0,_success:void 0,_error:void 0},getLogs:{key:"MONITORING_GET_LOGS",method:"GET",suffix:"/logs",_payload:void 0,_success:void 0,_error:void 0}};var A5=["profiles","addresses","phones","files","users","roles","claims","user_roles","role_claims","audit_logs"],E5=bd.tables.filter((n)=>A5.includes(n.table_name));function Mc(n){return n.replace(/([a-z])([A-Z])/g,"$1_$2").replace(/[\s-]+/g,"_").toUpperCase()}function S5(n){return n.replace(/_([a-z])/g,(r,t)=>t.toUpperCase())}function v0(n){if(n.endsWith("ies"))return`${n.slice(0,-3)}y`;if(n.endsWith("ses"))return`${n.slice(0,-2)}`;if(n.endsWith("s"))return n.slice(0,-1);return n}function Lt(n,r){let t=Mc(n),o=Mc(v0(n));switch(r){case"GET":return`GET_${t}`;case"POST":return`ADD_${o}`;case"PUT":return`UPDATE_${o}`;case"PATCH":return`PATCH_${o}`;case"DELETE":return`DELETE_${o}`}}function kc(n,r){let t=Mc(n);switch(r){case"POST":return`BULK_ADD_${t}`;case"PUT":return`BULK_UPDATE_${t}`;case"DELETE":return`BULK_DELETE_${t}`}}function Ao(n,r){if(!n.excluded_methods)return!1;let t={GET:"GET",POST:"POST",PUT:"PUT",PATCH:"PATCH",DELETE:"DELETE"};return n.excluded_methods.includes(t[r])}function md(n){let r={};for(let t of n.entities){let o=t.table_name,c=`/${o}`,i=t.serviceId;if(!Ao(t,"GET")){r[Lt(o,"GET")]={method:"GET",path:c,isPublic:t.is_public?.GET??!1,serviceId:i,_payload:void 0,_success:void 0,_error:void 0};let a=Mc(v0(o));r[`GET_${a}_BY_ID`]={method:"GET",path:`${c}/:id`,isPublic:t.is_public?.GET??!1,serviceId:i,_payload:void 0,_success:void 0,_error:void 0},r[`GET_${Mc(o)}_DISTINCT`]={method:"GET",path:`${c}/distinct/:field`,isPublic:t.is_public?.GET??!1,serviceId:i,_payload:void 0,_success:void 0,_error:void 0}}if(!Ao(t,"POST"))r[Lt(o,"POST")]={method:"POST",path:c,isPublic:t.is_public?.POST??!1,isFormData:t.is_form_data,serviceId:i,_payload:void 0,_success:void 0,_error:void 0};if(!Ao(t,"PUT"))r[Lt(o,"PUT")]={method:"PUT",path:`${c}/:id`,isPublic:t.is_public?.PUT??!1,isFormData:t.is_form_data,serviceId:i,_payload:void 0,_success:void 0,_error:void 0};if(!Ao(t,"PATCH"))r[Lt(o,"PATCH")]={method:"PATCH",path:`${c}/:id`,isPublic:t.is_public?.PATCH??!1,serviceId:i,_payload:void 0,_success:void 0,_error:void 0};if(!Ao(t,"DELETE"))r[Lt(o,"DELETE")]={method:"DELETE",path:`${c}/:id`,isPublic:t.is_public?.DELETE??!1,serviceId:i,_payload:void 0,_success:void 0,_error:void 0};if(t.bulk_endpoints_enabled){if(!Ao(t,"POST"))r[kc(o,"POST")]={method:"POST",path:`${c}/bulk`,isPublic:t.is_public?.POST??!1,serviceId:i,_payload:void 0,_success:void 0,_error:void 0};if(!Ao(t,"PUT"))r[kc(o,"PUT")]={method:"PUT",path:`${c}/bulk`,isPublic:t.is_public?.PUT??!1,serviceId:i,_payload:void 0,_success:void 0,_error:void 0};if(!Ao(t,"DELETE"))r[kc(o,"DELETE")]={method:"DELETE",path:`${c}/bulk`,isPublic:t.is_public?.DELETE??!1,serviceId:i,_payload:void 0,_success:void 0,_error:void 0}}}return r}function $d(n){let r={},t=n.authentication;if(!t?.enabled)return r;for(let[o,c]of Object.entries(K0)){let i=t[o];if(!i?.enabled)continue;let a=i,e=a.route||c.defaultRoute,s=a.isPublic??c.defaultIsPublic;if("subEndpoints"in c&&c.subEndpoints)for(let f of c.subEndpoints){let d="routeKey"in f&&f.routeKey&&i[f.routeKey]?String(i[f.routeKey]):("defaultRoute"in f)&&f.defaultRoute?String(f.defaultRoute):`${e}${f.suffix}`;r[f.key]={method:f.method,path:d,isPublic:f.key==="MAGIC_LINK_VERIFY"?!0:s,_payload:f._payload,_success:f._success,_error:f._error}}else if("_payload"in c)r[c.key]={method:c.method,path:e,isPublic:s,_payload:c._payload,_success:c._success,_error:c._error}}return r}function hd(){let n={};for(let r of E5){let t=r.table_name,c=`/${S5(t)}`,i=t==="files";n[Lt(t,"GET")]={method:"GET",path:c,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0};let a=Mc(v0(t));if(n[`GET_${a}_BY_ID`]={method:"GET",path:`${c}/:id`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},n[Lt(t,"POST")]={method:"POST",path:c,isPublic:!1,isFormData:i,_payload:void 0,_success:void 0,_error:void 0},n[Lt(t,"PUT")]={method:"PUT",path:`${c}/:id`,isPublic:!1,isFormData:i,_payload:void 0,_success:void 0,_error:void 0},n[Lt(t,"PATCH")]={method:"PATCH",path:`${c}/:id`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},n[Lt(t,"DELETE")]={method:"DELETE",path:`${c}/:id`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},r.bulk_endpoints_enabled)n[kc(t,"POST")]={method:"POST",path:`${c}/bulk`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},n[kc(t,"PUT")]={method:"PUT",path:`${c}/bulk`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},n[kc(t,"DELETE")]={method:"DELETE",path:`${c}/bulk`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0}}return n}function Ad(n){let r={},t=n.liveMonitoring;if(!t?.enabled)return r;let o=t.basePath||"/monitoring";for(let c of Object.values(gd))r[c.key]={method:c.method,path:`${o}${c.suffix}`,isPublic:!1,_payload:c._payload,_success:c._success,_error:c._error};return r}function Ed(n){let r={};if(!n.authentication?.enabled)return r;return r.ADMIN_IMPERSONATE={method:"POST",path:"/auth/admin/impersonate",isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},r.ADMIN_IMPERSONATE_STOP={method:"POST",path:"/auth/admin/impersonate/stop",isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},r.ADMIN_CHANGE_USER_ID={method:"POST",path:"/auth/admin/change-user-id",isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},r}function Sd(n){let r={},t=n.verification,o=n.notification;if(!t?.enabled)return r;let c=t.endpoints?.basePath||"/verifications",i=t.flowEndpoints?.basePath||"/verification-flows",a=o?.endpoints?.basePath||"/notifications";if(r.VERIFICATION_STATUS={method:"GET",path:`${c}/status/:entity_name/:entity_id`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},r.VERIFICATION_DECIDE={method:"POST",path:`${c}/:entity_name/:entity_id/decide`,isPublic:!1,skipCamelCase:!0,_payload:void 0,_success:void 0,_error:void 0},r.VERIFICATION_PENDING={method:"GET",path:`${c}/pending`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},r.VERIFICATION_HISTORY={method:"GET",path:`${c}/history/:entity_name/:entity_id`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},r.VERIFICATION_START={method:"POST",path:`${c}/start`,isPublic:!1,skipCamelCase:!0,_payload:void 0,_success:void 0,_error:void 0},r.VERIFICATION_START_FOR_ENTITY={method:"POST",path:`${c}/start-for-entity`,isPublic:!1,skipCamelCase:!0,_payload:void 0,_success:void 0,_error:void 0},r.VERIFICATION_ENTITY_STATUSES={method:"GET",path:`${c}/statuses/:entity_name`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},t.flowEndpoints?.enabled)r.FLOW_LIST={method:"GET",path:i,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},r.FLOW_GET={method:"GET",path:`${i}/:flow_id`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},r.FLOW_SAVE={method:"POST",path:i,isPublic:!1,skipCamelCase:!0,_payload:void 0,_success:void 0,_error:void 0},r.FLOW_PUBLISH={method:"POST",path:`${i}/:flow_id/publish`,isPublic:!1,skipCamelCase:!0,_payload:void 0,_success:void 0,_error:void 0},r.FLOW_DELETE={method:"DELETE",path:`${i}/:flow_id`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0};if(o?.enabled&&o.endpoints?.enabled)r.NOTIFICATION_LIST={method:"GET",path:a,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},r.NOTIFICATION_UNSEEN_COUNT={method:"GET",path:`${a}/unseen-count`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},r.NOTIFICATION_MARK_SEEN={method:"POST",path:`${a}/:notification_id/seen`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},r.NOTIFICATION_MARK_ALL_SEEN={method:"POST",path:`${a}/seen-all`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0};return r}function D5(n,r){let t=md(n),o=$d(n),c=Ed(n),i=hd(),a=Ad(n),e=Sd(n);return{...t,...o,...c,...i,...a,...e,...r??{}}}cs();import{randomUUID as z5}from"crypto";var B5={timeout:30000,retries:0,retryDelay:1000,debug:!1};class ki{config;logger;constructor(n={}){this.config={...B5,...n},this.logger=new Zr({service:"ServerFetch",prettyPrint:this.config.debug,colorize:this.config.debug,auditEnabled:!1})}buildUrl(n){if(n.startsWith("http://")||n.startsWith("https://"))return n;return this.config.baseUrl?`${this.config.baseUrl}${n}`:n}buildHeaders(n){let r=new Headers;if(this.config.defaultHeaders)for(let[t,o]of Object.entries(this.config.defaultHeaders))r.set(t,o);if(n)if(n instanceof Headers)n.forEach((t,o)=>{r.set(o,t)});else if(Array.isArray(n))for(let[t,o]of n)r.set(t,o);else for(let[t,o]of Object.entries(n))r.set(t,o);return r}parseResponseHeaders(n){let r={};if(n.forEach((t,o)=>{if(o.toLowerCase()==="set-cookie"){let c=r[o];r[o]=c?`${c}, ${t}`:t}else r[o]=t}),typeof n.getSetCookie==="function"){let t=n.getSetCookie();if(t.length>0)r["set-cookie"]=t.join(", ")}return r}async executeWithTimeout(n,r,t){let o=new AbortController,c=setTimeout(()=>o.abort(),r);try{return await Promise.race([n,new Promise((a,e)=>{o.signal.addEventListener("abort",()=>{e(Error(`Request timeout after ${r}ms`))})})])}finally{clearTimeout(c)}}async fetch(n){let r=z5(),t=performance.now(),o=this.buildUrl(n.url),c=this.buildHeaders(n.headers),i=n.timeout??this.config.timeout??30000,a=n.retries??this.config.retries??0,e=n.retryDelay??this.config.retryDelay??1000,s;if(n.body)if(typeof n.body==="object"&&!(n.body instanceof FormData)&&!(n.body instanceof URLSearchParams)&&!(n.body instanceof Blob)&&!(n.body instanceof ArrayBuffer)){if(s=JSON.stringify(n.body),!c.has("content-type"))c.set("content-type","application/json")}else s=n.body;this.logger.debug(`[${r}] ${n.method} ${o}`,{method:n.method,url:o,hasBody:!!s});let f=null,d=0;while(d<=a)try{let w=await this.executeWithTimeout(fetch(o,{method:n.method,headers:c,body:s}),i,r),g=performance.now()-t,u=this.parseResponseHeaders(w.headers),m,l,S=await w.text();if(S)try{let E=JSON.parse(S);if(w.ok)m=E;else l=E}catch{if(!w.ok)l={message:S||w.statusText}}else if(!w.ok)l={message:w.statusText};let $={isSuccess:w.ok,response:m,errors:l,code:w.status,headers:u,durationMs:g,requestId:r,createdAt:new Date};if(w.ok)this.logger.info(`[${r}] ${n.method} ${o} ${w.status}`,{method:n.method,url:o,statusCode:w.status,durationMs:Math.round(g)});else this.logger.warn(`[${r}] ${n.method} ${o} ${w.status}`,{method:n.method,url:o,statusCode:w.status,durationMs:Math.round(g),error:l});return $}catch(w){if(f=w instanceof Error?w:Error(String(w)),d++,d<=a)this.logger.warn(`[${r}] Retry ${d}/${a} after error`,{method:n.method,url:o,error:f.message,attempt:d,retries:a}),await new Promise((g)=>setTimeout(g,e))}let _=performance.now()-t;return this.logger.error(`[${r}] ${n.method} ${o} failed`,f,{method:n.method,url:o,durationMs:Math.round(_),attempts:d}),{isSuccess:!1,response:void 0,errors:{message:f?.message||"Unknown error"},code:null,headers:{},durationMs:_,requestId:r,createdAt:new Date}}async get(n,r){return this.fetch({...r,url:n,method:"GET"})}async post(n,r,t){return this.fetch({...t,url:n,method:"POST",body:r})}async put(n,r,t){return this.fetch({...t,url:n,method:"PUT",body:r})}async patch(n,r,t){return this.fetch({...t,url:n,method:"PATCH",body:r})}async delete(n,r){return this.fetch({...r,url:n,method:"DELETE"})}}var U5=new ki;var W5={accessToken:"access_token",refreshToken:"refresh_token",sessionToken:"session_token"};function V5(n){let r=[],t="";for(let o=0;o<n.length;o++){let c=n[o];if(c===","){let i=n.slice(o+1).trimStart();if(/^[a-zA-Z0-9_-]+=/.test(i)){r.push(t.trim()),t="";continue}}t+=c}if(t.trim())r.push(t.trim());return r}function Y5(n,r){let t={},o=["x-forwarded-for","x-real-ip","user-agent","accept-language","x-request-id","x-client-ip","cf-connecting-ip","true-client-ip"];for(let s of o){let f=n.get(s);if(f)t[s]=f}if(!t["user-agent"])t["user-agent"]="Nucleus-ServerAction/1.0";let c=n.get(`x-${r.accessToken}`),i=n.get(`x-${r.refreshToken}`),a=n.get(`x-${r.sessionToken}`);if(c)t[`x-${r.accessToken}`]=c;if(i)t[`x-${r.refreshToken}`]=i;if(a)t[`x-${r.sessionToken}`]=a;let e=n.get("cookie");if(e)t.cookie=e;return t}function J5(n){return n.replace(/_([a-z])/g,(r,t)=>t.toUpperCase())}function is(n){let r={};for(let[t,o]of Object.entries(n)){let c=t.startsWith("_")?t:J5(t);if(o instanceof Date)r[c]=o.toISOString();else if(o&&typeof o==="object"&&!Array.isArray(o))r[c]=is(o);else r[c]=o}return r}function X5(n,r){let t=new URLSearchParams,o=(i,a)=>{if(a===void 0||a===null)return;if(Array.isArray(a))for(let e of a)o(`${i}[]`,e);else if(a instanceof Date)t.append(i,a.toISOString());else if(typeof a==="object")for(let[e,s]of Object.entries(a))o(`${i}[${e}]`,s);else t.append(i,String(a))};for(let[i,a]of Object.entries(r))o(i,a);let c=t.toString();if(!c)return n;return n.includes("?")?`${n}&${c}`:`${n}?${c}`}function L5(n,r,t,o){let c={...W5,...r.tokenNames},i=new ki({baseUrl:r.baseUrl,debug:r.debug,timeout:30000,retries:0});return async function(e,s){let f=n[e];if(!f)return{isSuccess:!1,errors:{message:`Endpoint "${e}" not found`},code:404};let d=await t(),_=await o(),w={};if(_.forEach((H,k)=>{w[k]=H}),(f.path.includes("/auth/login")||f.path.includes("/auth/oauth"))&&f.method==="POST")try{d.delete(c.accessToken),d.delete(c.refreshToken),d.delete(c.sessionToken)}catch(H){}let u=Y5(_,c),m=f.path,l,S=new Set,$=/:([a-zA-Z_][a-zA-Z0-9_]*)/g,E=$.exec(m);while(E!==null){if(E[1])S.add(E[1]);E=$.exec(m)}if(s&&typeof s==="object"&&!(s instanceof FormData)){let H=s;for(let[k,D]of Object.entries(H))if(D!=null){if(S.has(k))m=m.replace(`:${k}`,String(D));else if(k.startsWith("_")&&S.has(k.substring(1)))m=m.replace(`:${k.substring(1)}`,String(D));else if(k==="id"&&S.has("id"))m=m.replace(":id",String(D))}}if(f.method==="GET"&&s&&typeof s==="object"){let H={...s};for(let k of S)delete H[k],delete H[`_${k}`];m=X5(m,H)}else if(s!==void 0){if(f.isFormData&&s instanceof FormData)l=s;else if(Array.isArray(s)){if(l=s.map((H)=>H&&typeof H==="object"?is(H):H),!u["content-type"])u["content-type"]="application/json"}else if(l=f.skipCamelCase?s:is(s),!u["content-type"])u["content-type"]="application/json"}let U=await i.fetch({url:m,method:f.method,headers:u,body:l});if(U.headers["set-cookie"])try{let H=U.headers["set-cookie"],k=V5(H);for(let D of k){let[A,...h]=D.split(";");if(!A)continue;let[R,B]=A.split("=");if(R&&B){let Y={};for(let X of h){let[z,J]=X.trim().split("=");if(!z)continue;let G=z.toLowerCase();if(G==="path")Y.path=J;else if(G==="domain")Y.domain=J;else if(G==="max-age")Y.maxAge=Number(J);else if(G==="expires"&&J)Y.expires=new Date(J);else if(G==="httponly")Y.httpOnly=!0;else if(G==="secure")Y.secure=!0;else if(G==="samesite")Y.sameSite=J}d.set(R.trim(),B.trim(),Y)}}}catch(H){console.warn("[ServerFactory] Failed to process Set-Cookie headers:",H instanceof Error?H.message:String(H))}let W=U.response;if(U.isSuccess&&W&&typeof W==="object"&&!Array.isArray(W)){let H=W;if("success"in H&&!("data"in H)){let{success:k,message:D,error:A,...h}=H;W={success:k,...D!==void 0?{message:D}:{},...A!==void 0?{error:A}:{},...Object.keys(h).length>0?{data:h}:{}}}}return{isSuccess:U.isSuccess,data:W,errors:U.errors,code:U.code,message:U.isSuccess?void 0:U.errors?.message}}}import{batch as Q5,createStore as G5}from"h-state";var O5={connection:{status:"disconnected",clientId:null,subscribedTopics:[],error:null,reconnectAttempt:0},events:[],maxEvents:100},{useStore:as}=G5(O5,{setConnectionStatus:(n)=>(r)=>{n.connection.status=r},setClientId:(n)=>(r)=>{n.connection.clientId=r},setSubscribedTopics:(n)=>(r)=>{n.connection.subscribedTopics=r},setError:(n)=>(r)=>{n.connection.error=r},setReconnectAttempt:(n)=>(r)=>{n.connection.reconnectAttempt=r},addEvent:(n)=>(r)=>{let t=[r,...n.events];n.events=t.slice(0,n.maxEvents)},clearEvents:(n)=>()=>{n.events=[]},reset:(n)=>()=>{Q5(()=>{n.connection.status="disconnected",n.connection.clientId=null,n.connection.subscribedTopics=[],n.connection.error=null,n.connection.reconnectAttempt=0,n.events=[]})}});import{useEffect as Rd,useEffectEvent as Io,useRef as Mi}from"react";function N5(n){if(n.wsUrl){let i=n.wsUrl.replace(/\/$/,""),a=n.wsPath||"/api/events/subscribe",e=(n.topics||["*"]).join(",");return`${i}${a}?userId=${encodeURIComponent(n.userId)}&topics=${encodeURIComponent(e)}`}if(typeof window>"u")return"";let r=window.location.protocol==="https:"?"wss:":"ws:",t=window.location.host,o=n.wsPath||"/api/events/subscribe",c=(n.topics||["*"]).join(",");return`${r}//${t}${o}?userId=${encodeURIComponent(n.userId)}&topics=${encodeURIComponent(c)}`}var x5=0;function P5(n){let r=as(),t=Mi(null),o=Mi(null),c=Mi(null),i=Mi(!1),a=Mi(n);a.current=n;let e=n.autoReconnect??!0,s=n.maxReconnectAttempts??10,f=n.reconnectBaseDelay??1000,d=n.reconnectMaxDelay??30000,_=n.heartbeatInterval??30000,w=n.debug??!1,g=(...D)=>{if(w)console.log("[usePubSub]",...D)},u=()=>{if(o.current)clearInterval(o.current),o.current=null},m=()=>{if(c.current)clearTimeout(c.current),c.current=null},l=(D)=>{u(),o.current=setInterval(()=>{if(D.readyState===WebSocket.OPEN)D.send(JSON.stringify({type:"ping"}))},_)},S=Io((D)=>{try{let A=JSON.parse(D.data);switch(A.type){case"connected":r.setConnectionStatus("connected"),r.setClientId(A.clientId),r.setSubscribedTopics(A.subscribedTopics),r.setReconnectAttempt(0),r.setError(null),g("Connected, clientId:",A.clientId);break;case"subscribed":r.setSubscribedTopics(A.topics),g("Subscribed to:",A.topics);break;case"event":{let h={id:`evt_${Date.now()}_${x5++}`,topic:A.topic,data:A.data,timestamp:A.timestamp,receivedAt:Date.now(),messageId:A.messageId,isRedelivery:A.isRedelivery};if(r.addEvent(h),A.messageId&&t.current?.readyState===WebSocket.OPEN)t.current.send(JSON.stringify({type:"ack",messageId:A.messageId}));break}case"pong":break;case"error":r.setError(Error(A.error)),g("Server error:",A.error);break}}catch{g("Failed to parse message")}}),$=Io((D)=>{if(i.current)return;if(!e)return;if(D>=s){r.setConnectionStatus("disconnected"),r.setError(Error("Max reconnection attempts reached")),g("Max reconnect attempts reached");return}let A=Math.min(f*2**D,d);g(`Reconnecting in ${A}ms (attempt ${D+1}/${s})`),r.setConnectionStatus("reconnecting"),r.setReconnectAttempt(D+1),m(),c.current=setTimeout(()=>{if(!i.current)E()},A)}),E=Io(()=>{if(i.current)return;if(t.current?.readyState===WebSocket.OPEN)return;if(!a.current.userId)return;if(t.current){if(t.current.onopen=null,t.current.onmessage=null,t.current.onerror=null,t.current.onclose=null,t.current.readyState===WebSocket.OPEN||t.current.readyState===WebSocket.CONNECTING)t.current.close();t.current=null}let D=N5(a.current);if(!D)return;r.setConnectionStatus("connecting"),r.setError(null),g("Connecting to:",D);let A=new WebSocket(D);t.current=A,A.onopen=()=>{g("WebSocket opened"),l(A)},A.onmessage=S,A.onerror=()=>{g("WebSocket error"),r.setError(Error("WebSocket connection error"))},A.onclose=(h)=>{if(g("WebSocket closed",h.code,h.reason),u(),r.setConnectionStatus("disconnected"),r.setClientId(null),!i.current&&h.code!==4001){let R=r.connection.reconnectAttempt;$(R)}}}),U=Io(()=>{if(u(),m(),t.current){if(t.current.onopen=null,t.current.onmessage=null,t.current.onerror=null,t.current.onclose=null,t.current.readyState===WebSocket.OPEN||t.current.readyState===WebSocket.CONNECTING)t.current.close();t.current=null}r.setConnectionStatus("disconnected"),r.setClientId(null)}),W=Io((D)=>{if(t.current?.readyState!==WebSocket.OPEN)return;t.current.send(JSON.stringify({type:"subscribe",topics:D}))}),H=Io((D)=>{if(t.current?.readyState!==WebSocket.OPEN)return;t.current.send(JSON.stringify({type:"unsubscribe",topics:D}))}),k=Io((D)=>{return r.events.filter((A)=>A.topic===D)});return Rd(()=>{if(i.current=!1,n.userId)E();return()=>{i.current=!0,U()}},[n.userId]),Rd(()=>{if(r.connection.status==="connected"&&n.topics)W(n.topics)},[n.topics?.join(",")]),{isConnected:r.connection.status==="connected",isConnecting:r.connection.status==="connecting"||r.connection.status==="reconnecting",clientId:r.connection.clientId,subscribedTopics:r.connection.subscribedTopics,events:r.events,error:r.connection.error,reconnectAttempt:r.connection.reconnectAttempt,connect:E,disconnect:U,subscribe:W,unsubscribe:H,clearEvents:r.clearEvents,getEventsByTopic:k}}import{randomUUID as uS}from"crypto";var us=Ur(Ud(),1);import{Elysia as Ja,NotFoundError as Hc}from"elysia";var et,Eo,pt=typeof Bun<"u"&&!!Bun.file;function Rc(){if(et||(et=process.getBuiltinModule("fs/promises")),Eo||(Eo=process.getBuiltinModule("path")),!Eo){console.warn("@elysiajs/static require path to be available.");return}return[et,Eo]}async function Wd(n){if(et||Rc(),pt){let r=new Bun.Glob("**/*.html"),t=[];for await(let o of r.scan(n))t.push(Eo.join(n,o));return t}return[]}async function ss(n){if(et||Rc(),pt){let t=new Bun.Glob("**/*"),o=[];for await(let c of t.scan(n))o.push(Eo.join(n,c));return o}let r=await et.readdir(n).catch(()=>[]);return(await Promise.all(r.map(async(t)=>{let o=n+Eo.sep+t,c=await et.stat(o).catch(()=>null);return c?c.isDirectory()?await ss(o):[Eo.resolve(n,o)]:[]}))).flat()}function fs(n){return et||Rc(),et.stat(n).then(()=>!0,()=>!1)}class _s{constructor(n=250,r=10800){this.max=n,this.ttl=r,this.map=new Map}get(n){let r=this.map.get(n);if(r)return r[1]<=Date.now()?void this.delete(n):(this.map.delete(n),this.map.set(n,r),r[0])}set(n,r){if(this.interval||(this.interval=setInterval(()=>{let t=Date.now();for(let[o,c]of this.map)c[1]<=t&&this.map.delete(o)},this.ttl)),this.map.has(n))this.map.delete(n);else if(this.map.size>=this.max){let t=this.map.keys().next().value;t!==void 0&&this.delete(t)}this.map.set(n,[r,Date.now()+this.ttl*1000])}delete(n){this.map.get(n)&&this.map.delete(n)}clear(){this.map.clear()}size(){return this.map.size}[Symbol.dispose](){this.interval&&clearInterval(this.interval)}}function ls(n,r,t){if(n["cache-control"]&&/no-cache|no-store/.test(n["cache-control"]))return!1;if("if-none-match"in n){let o=n["if-none-match"];return o==="*"?!0:o===null||typeof r!="string"?!1:o===r}if(n["if-modified-since"]){let o=n["if-modified-since"];try{return et.stat(t).then((c)=>{if(c.mtime!==void 0&&c.mtime.getTime()<=Date.parse(o))return!0})}catch{}}return!1}var Ya;function Ri(n){return pt?Bun.file(n):(et||Rc(),et.readFile(n))}async function ds(n){return pt?new Bun.CryptoHasher("md5").update(await n.arrayBuffer()).digest("base64"):(Ya||(Ya=process.getBuiltinModule("crypto")),Ya?Ya.createHash("md5").update(n).digest("base64"):void console.warn("[@elysiajs/static] crypto is required to generate etag."))}var Hi=(n)=>{if(!n)return!1;for(let r in n)return!0;return!1};async function Vd({assets:n="public",prefix:r="/public",staticLimit:t=1024,alwaysStatic:o=!1,ignorePatterns:c=[".DS_Store",".git",".env"],headers:i,maxAge:a=86400,directive:e="public",etag:s=!0,extension:f=!0,indexHTML:d=!0,decodeURI:_,silent:w}={}){if(typeof process>"u"||typeof process.getBuiltinModule>"u")return w||console.warn("[@elysiajs/static] require process.getBuiltinModule. Static plugin is disabled"),new Ja;let g=Rc();if(!g)return new Ja;let[u,m]=g,l=m.sep!=="/"?(H)=>H.replace(/\\/g,"/"):(H)=>H,S=new _s;r===m.sep&&(r="");let $=m.resolve(n),E=c.length?(H)=>c.find((k)=>typeof k=="string"?k.includes(H):k.test(H)):()=>!1,U=new Ja({name:"static",seed:r});if(o){let H=await ss(m.resolve(n));if(H.length<=t)for(let k of H){let D=function({headers:Y}){if(B){let J=ls(Y,B,k);if(J===!0)return new Response(null,{status:304,headers:Hi(i)?i:void 0});if(J!==!1){let G=S.get(h);return G?G.clone():J.then((F)=>{if(F)return new Response(null,{status:304,headers:i||void 0});let N=new Response(R,{headers:Object.assign({"Cache-Control":a?`${e}, max-age=${a}`:e},i,B?{Etag:B}:{})});return S.set(r,N),N.clone()})}}let X=S.get(h);if(X)return X.clone();let z=new Response(R,{headers:Object.assign({"Cache-Control":a?`${e}, max-age=${a}`:e},i,B?{Etag:B}:{})});return S.set(h,z),z.clone()};var W=D;if(!k||E(k))continue;let A=k.replace($,"");_&&(A=us.default(A)??A);let h=l(m.join(r,A));if(pt&&k.endsWith(".html")){let Y=await import(k);U.get(h,Y.default),d&&h.endsWith("/index.html")&&U.get(h.replace("/index.html",""),Y.default);continue}f||(h=l(h.slice(0,h.lastIndexOf("."))));let R=pt?Ri(k):await Ri(k);if(!R)return w||console.warn(`[@elysiajs/static] Failed to load file: ${k}`),new Ja;let B=await ds(R);U.get(h,s?D:new Response(R,Hi(i)?{headers:i}:void 0)),d&&h.endsWith("/index.html")&&U.get(h.replace("/index.html",""),s?D:new Response(R,Hi(i)?{headers:i}:void 0))}return U}if(!(`GET_${r}/*`in U.routeTree)){if(pt){let H=await Wd(m.resolve(n));for(let k of H){if(!k||E(k))continue;let D=k.replace($,""),A=l(m.join(r,D)),h=await import(k);U.get(A,h.default),d&&A.endsWith("/index.html")&&U.get(A.replace("/index.html",""),h.default)}}U.onError(()=>{}).get(`${r.endsWith("/")?r.slice(0,-1):r}/*`,async({params:H,headers:k})=>{let D=l(m.join(n,_?us.default(H["*"])??H["*"]:H["*"]));if(E(D))throw new Hc;let A=S.get(D);if(A)return A.clone();try{let h=await u.stat(D).catch(()=>null);if(!h)throw new Hc;if(!d&&h.isDirectory())throw new Hc;let R;if(!pt&&d){let X=m.join(D,"index.html"),z=S.get(X);if(z)return z.clone();await fs(X)&&(R=await Ri(X))}if(!R&&!h.isDirectory()&&await fs(D))R=await Ri(D);else throw new Hc;if(!s)return new Response(R,Hi(i)?{headers:i}:void 0);let B=await ds(R);if(B&&await ls(k,B,D))return new Response(null,{status:304});let Y=new Response(R,{headers:Object.assign({"Cache-Control":a?`${e}, max-age=${a}`:e},i,B?{Etag:B}:{})});return S.set(D,Y),Y.clone()}catch(h){throw h instanceof Hc?h:(w||console.error("[@elysiajs/static]",h),new Hc)}})}return U}lf();Xa();ps();import{pushSchema as wS}from"drizzle-kit/api";import{and as Ai,eq as yn}from"drizzle-orm";import{drizzle as bS}from"drizzle-orm/node-postgres";import{pgSchema as gS}from"drizzle-orm/pg-core";import mS from"elysia";var Ji=[{table_name:"users",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"email",type:"varchar",length:255},{name:"password",type:"varchar",length:255},{name:"verified_at",type:"timestamp"},{name:"email_verification_token",type:"varchar",length:255},{name:"email_verification_token_expires_at",type:"timestamp"},{name:"email_verification_sent_at",type:"timestamp"},{name:"email_verification_attempts",type:"integer",default:0},{name:"last_login_at",type:"timestamp"},{name:"login_count",type:"integer",default:0},{name:"is_locked",type:"boolean",default:!1},{name:"locked_until",type:"timestamp"},{name:"failed_login_attempts",type:"integer",default:0},{name:"is_god",type:"boolean",default:!1}],indexes:[{columns:["email"],unique:!0},{columns:["email","is_active"]},{columns:["last_login_at"]},{columns:["is_locked","locked_until"]}]},{table_name:"profiles",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id"}},{name:"first_name",type:"varchar",length:100,notNull:!0},{name:"last_name",type:"varchar",length:100,notNull:!0}],indexes:[{columns:["user_id"],unique:!0},{columns:["first_name","last_name"]}]},{table_name:"roles",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"name",type:"varchar",length:100,notNull:!0},{name:"description",type:"varchar",length:500}],indexes:[{columns:["name"],unique:!0}]},{table_name:"claims",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"action",type:"varchar",length:100,notNull:!0},{name:"description",type:"varchar",length:500},{name:"path",type:"varchar",length:200,notNull:!0},{name:"method",type:"varchar",length:10,notNull:!0}],indexes:[{columns:["action"],unique:!0},{columns:["path","method"]}]},{table_name:"user_roles",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"role_id",type:"uuid",notNull:!0,references:{table:"roles",column:"id",onDelete:"cascade"}}],indexes:[{columns:["user_id"]},{columns:["role_id"]}],constraints:{unique:[{name:"unique_user_role",columns:["user_id","role_id"]}]}},{table_name:"role_claims",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"role_id",type:"uuid",notNull:!0,references:{table:"roles",column:"id",onDelete:"cascade"}},{name:"claim_id",type:"uuid",notNull:!0,references:{table:"claims",column:"id",onDelete:"cascade"}},{name:"scope",type:"text"}],indexes:[{columns:["role_id"]},{columns:["claim_id"]},{columns:["role_id","claim_id","scope"]}]},{table_name:"files",feature_set:["storage"],add_base_columns:!0,is_form_data:!0,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"name",type:"varchar",length:255,notNull:!0},{name:"original_name",type:"varchar",length:255,notNull:!0},{name:"type",type:"varchar",length:50,enumValues:["image","document","video","audio","profile_picture"]},{name:"path",type:"varchar",length:500,notNull:!0},{name:"size",type:"bigint",mode:"number",notNull:!0},{name:"mime_type",type:"varchar",length:100,notNull:!0},{name:"extension",type:"varchar",length:10,notNull:!0},{name:"uploaded_by",type:"uuid",references:{table:"users",column:"id"}}],indexes:[{columns:["type"]},{columns:["uploaded_by"]},{columns:["size"]}]},{table_name:"addresses",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"owner_type",type:"varchar",length:50,notNull:!0,enumValues:["user","company","contact"]},{name:"owner_id",type:"uuid",notNull:!0},{name:"name",type:"varchar",length:100,notNull:!0},{name:"street",type:"varchar",length:255},{name:"city",type:"varchar",length:100},{name:"state",type:"varchar",length:50},{name:"zip",type:"varchar",length:20},{name:"country",type:"varchar",length:50,default:"US"},{name:"latitude",type:"decimal",precision:10,scale:8},{name:"longitude",type:"decimal",precision:11,scale:8},{name:"neighborhood",type:"varchar",length:100},{name:"apartment",type:"varchar",length:50},{name:"province",type:"varchar",length:100},{name:"district",type:"varchar",length:100},{name:"type",type:"varchar",length:50}],indexes:[{columns:["city","state"]},{columns:["latitude","longitude"]},{columns:["type"]},{columns:["owner_type","owner_id"]}]},{table_name:"phones",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"owner_type",type:"varchar",length:50,notNull:!0,enumValues:["user","company","contact"]},{name:"owner_id",type:"uuid",notNull:!0},{name:"name",type:"varchar",length:100,notNull:!0},{name:"type",type:"varchar",length:50,enumValues:["mobile","office","fax"]},{name:"number",type:"varchar",length:20,notNull:!0},{name:"country_code",type:"varchar",length:10,notNull:!0,default:"+1"},{name:"extension",type:"varchar",length:10}],indexes:[{columns:["number"]},{columns:["type"]},{columns:["owner_type","owner_id"]}]},{table_name:"notifications",feature_set:["notification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"user_id",type:"uuid",notNull:!0},{name:"title",type:"varchar",length:255,notNull:!0},{name:"body",type:"varchar",length:1000},{name:"entity_name",type:"varchar",length:100},{name:"entity_id",type:"uuid"},{name:"type",type:"varchar",length:50,notNull:!0,default:"system",enumValues:["verification","system","custom"]},{name:"source",type:"varchar",length:100},{name:"is_seen",type:"boolean",notNull:!0,default:!1},{name:"seen_at",type:"timestamptz"}],indexes:[{columns:["user_id","created_at"]},{columns:["is_seen"]},{columns:["type"]},{columns:["user_id","type","is_seen"]}]},{table_name:"tenants",feature_set:["multi-tenant"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["main"],excluded_schemas:[],excluded_methods:[],columns:[{name:"subdomain",type:"varchar",length:100,notNull:!0,unique:!0},{name:"company_id",type:"uuid",notNull:!0},{name:"schema_name",type:"varchar",length:100,notNull:!0,unique:!0},{name:"company_name",type:"varchar",length:255},{name:"god_admin_email",type:"varchar",length:255}],indexes:[]},{table_name:"verifications",feature_set:["verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"instance_id",type:"uuid",notNull:!0,references:{table:"verificationInstances",column:"id",onDelete:"cascade"}},{name:"requirement_id",type:"uuid",notNull:!0,references:{table:"verificationRequirements",column:"id"}},{name:"verifier_id",type:"uuid",notNull:!0,references:{table:"users",column:"id"}},{name:"signature_id",type:"uuid",references:{table:"files",column:"id"}},{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"entity_id",type:"uuid",notNull:!0},{name:"step_order",type:"integer",notNull:!0,default:1},{name:"decision",type:"varchar",length:50,notNull:!0,default:"pending",enumValues:["approved","rejected","pending"]},{name:"reason",type:"text"},{name:"diff",type:"jsonb"}],indexes:[{columns:["instance_id"]},{columns:["requirement_id"]},{columns:["verifier_id"]},{columns:["entity_name","entity_id"]},{columns:["entity_name","entity_id","step_order"]},{columns:["decision"]}]},{table_name:"verificationRequirements",feature_set:["verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"instance_id",type:"uuid",notNull:!0,references:{table:"verificationInstances",column:"id",onDelete:"cascade"}},{name:"step_node_id",type:"varchar",length:100,notNull:!0},{name:"verifier_node_id",type:"varchar",length:100,notNull:!0},{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"entity_id",type:"uuid",notNull:!0},{name:"verifier_type",type:"varchar",length:30,notNull:!0,enumValues:["user","role"]},{name:"verifier_user_id",type:"uuid"},{name:"verifier_role",type:"varchar",length:100},{name:"require_signature",type:"boolean",notNull:!0,default:!1},{name:"all_must_approve",type:"boolean",notNull:!0,default:!1},{name:"step_order",type:"integer",notNull:!0,default:1},{name:"status",type:"varchar",length:30,notNull:!0,default:"pending",enumValues:["pending","approved","rejected"]}],indexes:[{columns:["instance_id"]},{columns:["instance_id","step_order"]},{columns:["entity_name","entity_id"]},{columns:["verifier_user_id"]},{columns:["status"]}]},{table_name:"verificationFlows",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"name",type:"varchar",length:255,notNull:!0},{name:"description",type:"text"},{name:"trigger_on",type:"varchar",length:50,notNull:!0,default:"update",enumValues:["create","update","delete","manual"]},{name:"trigger_fields",type:"jsonb"},{name:"is_draft",type:"boolean",notNull:!0,default:!0},{name:"published_at",type:"timestamptz"},{name:"viewport",type:"jsonb"}],indexes:[{columns:["entity_name"]},{columns:["entity_name","trigger_on"]},{columns:["is_draft"]}]},{table_name:"verificationSteps",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id",onDelete:"cascade"}},{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"node_id",type:"varchar",length:100,notNull:!0},{name:"node_type",type:"varchar",length:50,notNull:!0,default:"step",enumValues:["step","verifier","notification"]},{name:"step_order",type:"integer",notNull:!0,default:1},{name:"name",type:"varchar",length:255},{name:"description",type:"text"},{name:"position_x",type:"numeric",notNull:!0,default:0},{name:"position_y",type:"numeric",notNull:!0,default:0},{name:"width",type:"numeric"},{name:"height",type:"numeric"},{name:"style",type:"jsonb"},{name:"data",type:"jsonb"}],indexes:[{columns:["flow_id"]},{columns:["entity_name"]},{columns:["flow_id","node_id"],unique:!0},{columns:["entity_name","step_order"]}]},{table_name:"verificationEdges",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id",onDelete:"cascade"}},{name:"edge_id",type:"varchar",length:100,notNull:!0},{name:"source_node_id",type:"varchar",length:100,notNull:!0},{name:"target_node_id",type:"varchar",length:100,notNull:!0},{name:"source_handle",type:"varchar",length:50},{name:"target_handle",type:"varchar",length:50},{name:"edge_type",type:"varchar",length:50,default:"default",enumValues:["default","conditional","success","failure"]},{name:"label",type:"varchar",length:255},{name:"condition",type:"jsonb"},{name:"style",type:"jsonb"},{name:"animated",type:"boolean",default:!1}],indexes:[{columns:["flow_id"]},{columns:["flow_id","edge_id"],unique:!0},{columns:["source_node_id"]},{columns:["target_node_id"]}]},{table_name:"verificationNotificationRules",feature_set:["verification","notification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id",onDelete:"cascade"}},{name:"node_id",type:"varchar",length:100,notNull:!0},{name:"trigger",type:"varchar",length:50,notNull:!0,enumValues:["on_flow_started","on_step_reached","on_approved","on_rejected","on_flow_completed"]},{name:"title_template",type:"varchar",length:255},{name:"body_template",type:"text"},{name:"starts_at",type:"timestamptz"},{name:"expires_at",type:"timestamptz"}],indexes:[{columns:["flow_id"]},{columns:["flow_id","node_id"],unique:!0},{columns:["trigger"]}]},{table_name:"verificationNotificationRecipients",feature_set:["verification","notification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"rule_id",type:"uuid",notNull:!0,references:{table:"verificationNotificationRules",column:"id",onDelete:"cascade"}},{name:"recipient_type",type:"varchar",length:30,notNull:!0,enumValues:["user","role","all_verifiers","step_verifier","entity_creator"]},{name:"recipient_user_id",type:"uuid"},{name:"recipient_role",type:"varchar",length:100}],indexes:[{columns:["rule_id"]},{columns:["recipient_type"]}]},{table_name:"verificationVerifierConfigs",feature_set:["verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id",onDelete:"cascade"}},{name:"node_id",type:"varchar",length:100,notNull:!0},{name:"verifier_type",type:"varchar",length:30,notNull:!0,enumValues:["user","role"]},{name:"verifier_user_id",type:"uuid"},{name:"verifier_role",type:"varchar",length:100},{name:"require_signature",type:"boolean",notNull:!0,default:!1},{name:"all_must_approve",type:"boolean",notNull:!0,default:!1}],indexes:[{columns:["flow_id"]},{columns:["flow_id","node_id"],unique:!0},{columns:["verifier_type"]}]},{table_name:"verificationInstances",feature_set:["verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id"}},{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"entity_id",type:"uuid",notNull:!0},{name:"started_by",type:"uuid",references:{table:"users",column:"id"}},{name:"status",type:"varchar",length:30,notNull:!0,default:"active",enumValues:["active","completed","rejected","cancelled"]},{name:"current_step_order",type:"integer",notNull:!0,default:1},{name:"started_at",type:"timestamptz",notNull:!0,defaultRaw:"now()"},{name:"completed_at",type:"timestamptz"}],indexes:[{columns:["flow_id"]},{columns:["entity_name","entity_id"]},{columns:["entity_name","entity_id","status"]},{columns:["status"]},{columns:["started_by"]}]},{table_name:"verificationNotificationChannels",feature_set:["verification","notification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"rule_id",type:"uuid",notNull:!0,references:{table:"verificationNotificationRules",column:"id",onDelete:"cascade"}},{name:"channel",type:"varchar",length:30,notNull:!0,enumValues:["portal","email","sms","telegram","webhook"]}],indexes:[{columns:["rule_id"]},{columns:["rule_id","channel"],unique:!0},{columns:["channel"]}]},{table_name:"user_sessions",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","PATCH"],columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"token_hash",type:"varchar",length:255,notNull:!0},{name:"refresh_token_hash",type:"varchar",length:255},{name:"device_fingerprint",type:"varchar",length:255},{name:"device_name",type:"varchar",length:100},{name:"device_type",type:"varchar",length:50,enumValues:["desktop","mobile","tablet","unknown"]},{name:"browser_name",type:"varchar",length:50},{name:"browser_version",type:"varchar",length:20},{name:"os_name",type:"varchar",length:50},{name:"os_version",type:"varchar",length:20},{name:"ip_address",type:"varchar",length:45,notNull:!0},{name:"location_country",type:"varchar",length:100},{name:"location_city",type:"varchar",length:100},{name:"location_coordinates",type:"varchar",length:50},{name:"last_activity_at",type:"timestamptz",notNull:!0,defaultRaw:"now()"},{name:"expires_at",type:"timestamptz",notNull:!0},{name:"revoked_at",type:"timestamptz"},{name:"revoked_reason",type:"varchar",length:100,enumValues:["user_logout","user_revoked","admin_revoked","security_concern","password_changed","expired","replaced"]},{name:"is_current",type:"boolean",notNull:!0,default:!1},{name:"login_method",type:"varchar",length:50,enumValues:["password","oauth_google","oauth_github","oauth_microsoft","magic_link","sso","api_key"]},{name:"remember_me",type:"boolean",notNull:!0,default:!1},{name:"trust_score",type:"integer",default:100},{name:"approval_status",type:"varchar",length:20,default:"approved",enumValues:["approved","pending","rejected"]},{name:"approval_token",type:"varchar",length:64},{name:"approval_requested_at",type:"timestamptz"},{name:"approval_responded_at",type:"timestamptz"}],indexes:[{columns:["user_id"]},{columns:["token_hash"],unique:!0},{columns:["refresh_token_hash"]},{columns:["user_id","is_active"]},{columns:["expires_at"]},{columns:["device_fingerprint"]},{columns:["ip_address"]},{columns:["last_activity_at"]},{columns:["approval_status"]},{columns:["approval_token"]}]},{table_name:"password_reset_tokens",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","PATCH","DELETE"],columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"token_hash",type:"varchar",length:255,notNull:!0},{name:"expires_at",type:"timestamptz",notNull:!0},{name:"used_at",type:"timestamptz"}],indexes:[{columns:["token_hash"],unique:!0},{columns:["user_id"]},{columns:["expires_at"]}]},{table_name:"magic_link_tokens",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","PATCH","DELETE"],columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"email",type:"varchar",length:255,notNull:!0},{name:"token_hash",type:"varchar",length:255,notNull:!0},{name:"expires_at",type:"timestamptz",notNull:!0},{name:"used_at",type:"timestamptz"}],indexes:[{columns:["token_hash"],unique:!0},{columns:["user_id"]},{columns:["email"]},{columns:["expires_at"]}]},{table_name:"audit_logs",feature_set:["audit"],add_base_columns:!1,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","DELETE","PATCH","TOGGLE","VERIFICATION"],columns:[{name:"id",type:"uuid",primaryKey:!0,defaultRaw:"gen_random_uuid()"},{name:"entity_id",type:"uuid"},{name:"entity_name",type:"text",notNull:!0},{name:"operation_type",type:"text",notNull:!0},{name:"user_id",type:"uuid"},{name:"ip_address",type:"text"},{name:"user_agent",type:"text"},{name:"summary",type:"text"},{name:"old_values",type:"jsonb"},{name:"new_values",type:"jsonb"},{name:"created_at",type:"timestamp",notNull:!0,defaultRaw:"now()"},{name:"path",type:"text"},{name:"query",type:"text"}],indexes:[{columns:["entity_id"]},{columns:["entity_name"]},{columns:["user_id"]},{columns:["created_at"]}]},{table_name:"oauth_accounts",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!1,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"provider",type:"varchar",length:50,notNull:!0,enumValues:["google","github","microsoft","discord","facebook","twitter","apple","custom"]},{name:"provider_account_id",type:"varchar",length:255,notNull:!0},{name:"provider_email",type:"varchar",length:255},{name:"provider_name",type:"varchar",length:255},{name:"provider_avatar_url",type:"text"},{name:"access_token",type:"text"},{name:"refresh_token",type:"text"},{name:"token_expires_at",type:"timestamp"},{name:"scope",type:"text"},{name:"raw_profile",type:"jsonb"},{name:"is_primary",type:"boolean",notNull:!0,default:!1},{name:"last_used_at",type:"timestamp"}],indexes:[{columns:["user_id"]},{columns:["provider","provider_account_id"],unique:!0},{columns:["provider_email"]},{columns:["user_id","provider"]}],constraints:{unique:[{name:"unique_provider_account",columns:["provider","provider_account_id"]}]}}];var S$={GET:["GET"],POST:["POST"],PUT:["PUT"],DELETE:["DELETE"],PATCH:["PATCH"],TOGGLE:["PATCH"],VERIFICATION:["POST"]};function D$(n,r){let t=[],o=n.authentication;if(!o)return t;if(o.login?.enabled&&o.login?.isPublic)t.push({path:o.login.route||`${r}/auth/login`,method:"POST",source:"auth"});if(o.register?.enabled&&o.register?.isPublic)t.push({path:o.register.route||`${r}/auth/register`,method:"POST",source:"auth"});if(o.logout?.enabled&&o.logout?.isPublic)t.push({path:o.logout.route||`${r}/auth/logout`,method:"POST",source:"auth"});if(o.refresh?.enabled&&o.refresh?.isPublic)t.push({path:o.refresh.route||`${r}/auth/refresh`,method:"POST",source:"auth"});if(o.passwordReset?.enabled&&o.passwordReset?.isPublic){let c=o.passwordReset.route||`${r}/auth/password-reset`;t.push({path:`${c}/request`,method:"POST",source:"auth"},{path:`${c}/confirm`,method:"POST",source:"auth"})}if(o.passwordChange?.enabled&&o.passwordChange?.isPublic)t.push({path:o.passwordChange.route||`${r}/auth/password-change`,method:"POST",source:"auth"});if(o.magicLink?.enabled&&o.magicLink?.isPublic)t.push({path:o.magicLink.route||`${r}/auth/magic-link`,method:"POST",source:"auth"},{path:o.magicLink.verifyRoute||`${r}/auth/magic-link/verify`,method:"GET",source:"auth"});if(o.register?.enabled&&o.register?.emailVerification?.enabled)t.push({path:`${r}/verify-email`,method:"GET",source:"auth"},{path:`${r}/resend-verification`,method:"POST",source:"auth"});if(o.invite?.enabled&&o.invite?.isPublic)t.push({path:o.invite.route||`${r}/auth/invite`,method:"POST",source:"auth"});if(o.invite?.enabled){let c=o.invite.route||`${r}/auth/invite`;t.push({path:`${c}/verify`,method:"POST",source:"auth"})}if(o.passwordSet?.enabled)t.push({path:o.passwordSet.route||`${r}/auth/password-set`,method:"POST",source:"auth"});if(o.captcha?.enabled&&o.captcha?.isPublic){let c=o.captcha.route||`${r}/auth/captcha`;t.push({path:`${c}/generate`,method:"GET",source:"auth"},{path:`${c}/validate`,method:"POST",source:"auth"})}if(o.sessions?.enabled){let c=o.sessions.route||`${r}/auth/sessions`;t.push({path:`${c}/approve`,method:"POST",source:"auth"},{path:`${c}/reject`,method:"POST",source:"auth"},{path:`${c}/approve-page`,method:"GET",source:"auth"},{path:`${c}/reject-page`,method:"GET",source:"auth"},{path:`${c}/approval-status`,method:"GET",source:"auth"})}if(o.oauth?.enabled){let c=o.oauth.basePath||`${r}/auth/oauth`,i=["google","github","microsoft","discord","facebook","twitter","apple","custom"];t.push({path:`${c}/providers`,method:"GET",source:"auth"});for(let a of i)t.push({path:`${c}/${a}`,method:"GET",source:"auth"},{path:`${c}/${a}/callback`,method:"GET",source:"auth"})}return t}function bw(n,r,t){let o=[];for(let c of n){if(!c.is_public)continue;let i=`${r}/${t}/${c.table_name}`;for(let[a,e]of Object.entries(c.is_public)){if(!e)continue;let s=S$[a];if(!s)continue;for(let f of s)if(f==="GET")o.push({path:i,method:"GET",source:"entity"}),o.push({path:`${i}/:id`,method:"GET",source:"entity"});else if(f==="POST")o.push({path:i,method:"POST",source:"entity"});else if(f==="PUT"||f==="PATCH")o.push({path:`${i}/:id`,method:f,source:"entity"});else if(f==="DELETE")o.push({path:`${i}/:id`,method:"DELETE",source:"entity"})}}return o}function k$(n,r,t){return bw(n,r,t)}function df(n,r,t="",o="public"){let c=D$(n,t),i=bw(n.entities||[],t,o),a=k$(r,t,o),e=[];if(n.pubsub?.enabled){let f=n.pubsub.basePath||"/subs",d=n.pubsub.wsPath||"/api/events/subscribe";e.push({path:`${f}/:topic`,method:"POST",source:"system"},{path:d,method:"GET",source:"system"})}let s=[{path:"/nucleus-core",method:"GET",source:"custom"},{path:"/public",method:"GET",source:"custom"},{path:"/docs",method:"GET",source:"custom"},{path:"/docs/json",method:"GET",source:"custom"},{path:"/swagger",method:"GET",source:"custom"},{path:"/swagger/json",method:"GET",source:"custom"}];return[...c,...i,...a,...e,...s]}function uf(n,r,t){let o=r.replace(/\/$/,""),c=t.toUpperCase();for(let i of n){if(i.method!==c)continue;if(M$(i.path,o))return!0}return!1}function M$(n,r){if(n===r)return!0;let t=n.split("/").filter(Boolean),o=r.split("/").filter(Boolean);if(t.length!==o.length)return!1;for(let c=0;c<t.length;c++){let i=t[c],a=o[c];if(i?.startsWith(":"))continue;if(i!==a)return!1}return!0}import{asc as ah,desc as eh,eq as Dr,ilike as yw,inArray as sh,notInArray as fh,or as _h}from"drizzle-orm";import{drizzle as lh}from"drizzle-orm/node-postgres";import{Elysia as dh,t as Cn}from"elysia";vs();Qi();Ae();import{t as or}from"elysia";function ih(n){let r={};if(!n||n.length===0)return or.Object({},{additionalProperties:!0});for(let t of n)switch(t.type?.toLowerCase()||"string"){case"integer":case"int":case"serial":case"bigserial":case"numeric":case"decimal":r[t.name]=t.notNull?or.Number():or.Optional(or.Number());break;case"boolean":r[t.name]=t.notNull?or.Boolean():or.Optional(or.Boolean());break;case"timestamp":case"timestamptz":case"date":r[t.name]=t.notNull?or.String({format:"date-time"}):or.Optional(or.String({format:"date-time"}));break;case"json":case"jsonb":r[t.name]=or.Optional(or.Unknown());break;case"uuid":r[t.name]=t.notNull?or.String({format:"uuid"}):or.Optional(or.String({format:"uuid"}));break;default:r[t.name]=t.notNull?or.String():or.Optional(or.String())}return or.Object(r,{additionalProperties:!0})}function pw(n){return or.Array(or.Object({id:or.String(),data:ih(n)}))}function Yf(n,r){let{db:t,schemaTables:o,schemaRelations:c,entities:i,logger:a,databaseUrl:e,storage:s,authorization:f,authMode:d,idpUrl:_}=r,w=Gi(s),g=f?.enabled??!1,u=d==="consumer";if(!t)return n;let m=Object.keys(o),l=i.map((A)=>A.table_name),S=m.filter((A)=>!l.includes(A)),$=["userSessions","passwordResetTokens","magicLinkTokens"],E=["passwordResetTokens","magicLinkTokens"],U=["files"];function W(A){return A.replace(/_([a-z])/g,(h,R)=>R.toUpperCase())}let H=new Map(Ji.map((A)=>[W(A.table_name),A])),k=S.filter((A)=>{if(E.includes(A)&&!r.emailServiceAvailable)return a.info(`Skipping ${A} routes - email service not available`),!1;return!0}).map((A)=>{let h=H.get(A);return{table_name:A,group_name:$.includes(A)?"Authentication":A,is_form_data:U.includes(A),bulk_endpoints_enabled:h?.bulk_endpoints_enabled??!1,excluded_methods:h?.excluded_methods?[...h.excluded_methods]:[],columns:h?.columns?[...h.columns]:void 0}}),D=[...i,...k];a.info(`All entities: ${D.map((A)=>A.table_name).join(", ")}`);for(let A of D){let h=A.table_name,R=A.group_name||A.table_name,B=o[h];if(!B)continue;let Y=c[`${h}Relations`];a.info(`Creating routes for table: ${h}`);let X=B,z=X.id,J=t,G=(O)=>X[O]??X[W(O)],F=pw(A.columns),N=Cn.Array(Cn.String()),x=async(O,q,Z,nn)=>{let j=O.headers.get("x-user-id");if(!g||!j)return null;if(u){let I=(O.headers.get("x-user-claims")||"").split(",").filter(Boolean),K=(O.headers.get("x-user-roles")||"").split(",").filter(Boolean);if(_){let tn=O.headers.get("x-access-token")||(O.headers.get("cookie")||"").match(/access_token=([^;]+)/)?.[1]||"";return Qu({idpUrl:_,accessToken:tn,method:q,entity:A.table_name,requestedFields:Z,requestedRelations:nn,logger:a})}return Lu({userClaims:I,userRoles:K,method:q,entity:A.table_name,requestedFields:Z,requestedRelations:nn,logger:a})}return oe({userId:j,method:q,entity:A.table_name,requestedFields:Z,requestedRelations:nn,db:J,schemaTables:o,logger:a})},y=new dh({prefix:`/${h}`});if(!A.excluded_methods?.includes("GET"))y.get("/",async(O)=>{if(!J)return{success:!1,message:"DB not initialized"};let q=A.columns?.map((En)=>En.name),Z=Object.keys(c).filter((En)=>En.startsWith(`${A.table_name}Relations`)).map((En)=>En.replace("Relations","")),nn=await x(O.request,"GET",q,Z);if(nn&&!nn.authorized)return{success:!1,message:nn.reason||"Unauthorized",status:403};let j=Hf(O.query),I=[];if(g&&nn?.scopeFilters)for(let[En,Sn]of Object.entries(nn.scopeFilters)){let rn=G(En);if(rn)I.push(Dr(rn,Sn))}if(j.search&&j.searchFields){let En=j.searchFields.map((Sn)=>{let rn=Sn.trim(),hn=G(rn);return hn?yw(hn,`%${j.search}%`):null}).filter((Sn)=>Sn!==null);if(En.length>0){let Sn=_h(...En);if(Sn)I.push(Sn)}}if(j.filters){let{ne:En,gt:Sn,gte:rn,lt:hn,lte:Xn,like:Tn,isNull:Nr,isNotNull:Qr}=await import("drizzle-orm");for(let $r of j.filters){let ar=G($r.field);if(!ar)continue;switch($r.operator){case"eq":I.push(Dr(ar,$r.value));break;case"neq":I.push(En(ar,$r.value));break;case"gt":I.push(Sn(ar,$r.value));break;case"gte":I.push(rn(ar,$r.value));break;case"lt":I.push(hn(ar,$r.value));break;case"lte":I.push(Xn(ar,$r.value));break;case"like":I.push(Tn(ar,$r.value));break;case"ilike":I.push(yw(ar,$r.value));break;case"in":I.push(sh(ar,$r.value));break;case"notIn":I.push(fh(ar,$r.value));break;case"isNull":I.push(Nr(ar));break;case"isNotNull":I.push(Qr(ar));break}}}let K=J.select().from(B);if(I.length>0){let{and:En}=await import("drizzle-orm"),Sn=En(...I);if(Sn)K=K.where(Sn)}if(j.sort&&j.sort.length>0){let En=j.sort.map((Sn)=>{let rn=G(Sn.field);if(!rn)return null;return Sn.direction==="desc"?eh(rn):ah(rn)}).filter((Sn)=>Sn!==null);if(En.length>0)K=K.orderBy(...En)}let tn=j.page??1,wn=j.limit??20,ln=j.offset??(tn-1)*wn,Qn=J.select().from(B);if(I.length>0){let{and:En}=await import("drizzle-orm"),Sn=En(...I);if(Sn)Qn.where(Sn)}let gn=(await Qn).length;K=K.limit(wn).offset(ln);let Gn=await K,Un=Cw(tn,wn,ln,gn);if(g&&nn?.allowedFields)Gn=ce(Gn,nn.allowedFields);return{success:!0,data:{items:Gn,meta:Un}}},{detail:{tags:[R],summary:`List ${h}`,description:`Get paginated list of ${h} records with filtering, sorting, and search`}}),y.get("/:id",async(O)=>{if(!J||!z)return{success:!1,message:"No id column or DB"};let q=O.params,Z=Hf(O.query),nn=A.columns?.map((wn)=>wn.name),j=Z.with?.map((wn)=>wn.name),I=await x(O.request,"GET",nn,j);if(I&&!I.authorized)return{success:!1,message:I.reason||"Unauthorized",status:403};if(Z.with&&Z.with.length>0&&Y&&e){let wn=g&&I?.allowedRelations?Z.with.filter((qn)=>I.allowedRelations?.includes(qn.name)??!1):Z.with,Qn=await lh(e,{schema:{...o,...c}}).query[A.table_name]?.findFirst({where:Dr(z,q.id),with:wn.reduce((qn,gn)=>{return qn[gn.name]=gn.limit?{limit:gn.limit}:!0,qn},{})});if(g&&I?.allowedFields&&Qn)Qn=ce(Qn,I.allowedFields);if(g&&I?.allowedRelations&&Qn)Qn=Gu(Qn,I.allowedRelations);return{success:!0,data:Qn||null}}let tn=(await J.select().from(B).where(Dr(z,q.id)))[0]||null;if(g&&I?.allowedFields&&tn)tn=ce(tn,I.allowedFields);return{success:!0,data:tn}},{detail:{tags:[R],summary:`Get ${h} by ID`,description:`Get a single ${h} record by its ID with optional relations`}}),y.get("/distinct/:field",async(O)=>{if(!J)return{success:!1,message:"DB not initialized"};let q=O.params,Z=G(q.field);if(!Z)return{success:!1,message:"Field not found"};return{success:!0,data:await J.selectDistinct({value:Z}).from(B)}},{detail:{tags:[R],summary:`Get distinct ${h} values`,description:`Get distinct values for a specific field in ${h}`}});if(!A.excluded_methods?.includes("POST"))if(A.is_form_data&&w.enabled)y.post("/",async(O)=>{if(!J)return{success:!1,message:"DB not initialized"};let q=O.request.headers.get("x-user-id"),{data:Z,files:nn}=Oi(O.body,w),j=Z;if(A.columns){j=Bo(j,A.columns);let tn=zo(j,A.columns,!1);if(!tn.valid)return{success:!1,message:"Validation failed",errors:tn.errors}}let I=null;if(nn.length>0){if(I=await Ni(nn,w,A.table_name),I.failed.length>0&&I.success.length===0)return{success:!1,message:"File upload failed",errors:I.failed};if(I.success.length>0){let tn=I.success[0];if(tn){let wn=tn.originalName.split(".").pop()||"";j={...j,id:tn.id,name:tn.name,originalName:tn.originalName,path:tn.path,mimeType:tn.mimeType,size:tn.size,extension:wn,uploadedBy:q}}}}if(q)j.createdBy=q;let K=await J.insert(B).values(j).returning();{let tn=new URL(O.request.url);a.audit({entityName:A.table_name,entityId:String(K[0]?.id??""),operation:"CREATE",userId:q||void 0,summary:`Created ${A.table_name}`,newValues:K[0],ipAddress:O.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||O.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:O.request.headers.get("user-agent")||"unknown",path:tn.pathname,query:tn.search})}return{success:!0,data:K[0]}},{type:"formdata",body:Cn.Object({[w.formData.dataField]:Cn.Optional(Cn.Union([Cn.String(),Cn.Any()])),[w.formData.filesField]:Cn.Optional(Cn.Union([Cn.File(),Cn.Array(Cn.File())]))}),detail:{tags:[R],summary:`Create ${h} with files`,description:`Create a new ${h} record with file upload support`}});else y.post("/",async(O)=>{if(!J)return{success:!1,message:"DB not initialized"};let q=O.body,Z=O.request.headers.get("x-user-id");if(A.columns){q=Bo(q,A.columns);let j=zo(q,A.columns,!1);if(!j.valid)return{success:!1,message:"Validation failed",errors:j.errors}}if(Z)q.createdBy=Z;let nn=await J.insert(B).values(q).returning();if(h==="userRoles"&&q.roleId&&q.userId)try{let{roles:j,users:I}=o;if(j&&I){if((await J.select().from(j).where(Dr(j.id,q.roleId)).limit(1))[0]?.name==="godmin")await J.update(I).set({isGod:!0}).where(Dr(I.id,q.userId))}}catch(j){a.warn("[Entity] Failed to sync is_god flag on userRole create")}{let j=new URL(O.request.url);a.audit({entityName:A.table_name,entityId:String(nn[0]?.id??""),operation:"CREATE",userId:Z||void 0,summary:`Created ${A.table_name}`,newValues:nn[0],ipAddress:O.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||O.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:O.request.headers.get("user-agent")||"unknown",path:j.pathname,query:j.search})}return{success:!0,data:nn[0]}},{body:Cn.Object({},{additionalProperties:!0}),detail:{tags:[R],summary:`Create ${h}`,description:`Create a new ${h} record`}});if(!A.excluded_methods?.includes("PUT"))if(A.is_form_data&&w.enabled)y.put("/:id",async(O)=>{if(!J||!z)return{success:!1,message:"No id column or DB"};let q=O.params,Z=O.request.headers.get("x-user-id"),{data:nn,files:j}=Oi(O.body,w),I=nn,K=await J.select().from(B).where(Dr(z,q.id)).limit(1);if(A.columns){I=Bo(I,A.columns);let ln=zo(I,A.columns,!1);if(!ln.valid)return{success:!1,message:"Validation failed",errors:ln.errors}}let tn=null;if(j.length>0)tn=await Ni(j,w,A.table_name);let wn=await J.update(B).set(I).where(Dr(z,q.id)).returning();{let ln=new URL(O.request.url);a.audit({entityName:A.table_name,entityId:q.id,operation:"UPDATE",userId:Z||void 0,summary:`Updated ${A.table_name} (${q.id})`,oldValues:K[0],newValues:wn[0],ipAddress:O.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||O.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:O.request.headers.get("user-agent")||"unknown",path:ln.pathname,query:ln.search})}return{success:!0,data:{record:wn[0],files:tn?.success||[],fileErrors:tn?.failed||[]}}},{type:"formdata",body:Cn.Object({[w.formData.dataField]:Cn.Optional(Cn.Union([Cn.String(),Cn.Any()])),[w.formData.filesField]:Cn.Optional(Cn.Union([Cn.File(),Cn.Array(Cn.File())]))}),detail:{tags:[R],summary:`Update ${h} with files`,description:`Full update of ${h} record with file upload support`}});else y.put("/:id",async(O)=>{if(!J||!z)return{success:!1,message:"No id column or DB"};let{params:q,body:Z}=O,nn=O.request.headers.get("x-user-id"),j=await J.select().from(B).where(Dr(z,q.id)).limit(1);if(A.columns){Z=Bo(Z,A.columns);let K=zo(Z,A.columns,!1);if(!K.valid)return{success:!1,message:"Validation failed",errors:K.errors}}if(Z.updatedAt=new Date,nn)Z.updatedBy=nn;let I=await J.update(B).set(Z).where(Dr(z,q.id)).returning();{let K=new URL(O.request.url);a.audit({entityName:A.table_name,entityId:q.id,operation:"UPDATE",userId:nn||void 0,summary:`Updated ${A.table_name} (${q.id})`,oldValues:j[0],newValues:I[0],ipAddress:O.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||O.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:O.request.headers.get("user-agent")||"unknown",path:K.pathname,query:K.search})}return{success:!0,data:I[0]}},{body:Cn.Object({},{additionalProperties:!0}),detail:{tags:[R],summary:`Update ${h}`,description:`Full update of ${h} record`}});if(!A.excluded_methods?.includes("PATCH"))y.patch("/:id",async(O)=>{if(!J||!z)return{success:!1,message:"No id column or DB"};let{params:q,body:Z}=O,nn=O.request.headers.get("x-user-id"),j=await J.select().from(B).where(Dr(z,q.id)).limit(1);if(A.columns){Z=Bo(Z,A.columns);let K=zo(Z,A.columns,!0);if(!K.valid)return{success:!1,message:"Validation failed",errors:K.errors}}if(Z.updatedAt=new Date,nn)Z.updatedBy=nn;let I=await J.update(B).set(Z).where(Dr(z,q.id)).returning();{let K=new URL(O.request.url);a.audit({entityName:A.table_name,entityId:q.id,operation:"PATCH",userId:nn||void 0,summary:`Patched ${A.table_name} (${q.id})`,oldValues:j[0],newValues:I[0],ipAddress:O.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||O.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:O.request.headers.get("user-agent")||"unknown",path:K.pathname,query:K.search})}return{success:!0,data:I[0]}},{body:Cn.Object({},{additionalProperties:!0}),detail:{tags:[R],summary:`Patch ${h}`,description:`Partial update of ${h} record`}});if(!A.excluded_methods?.includes("DELETE"))y.delete("/:id",async(O)=>{if(!J||!z)return{success:!1,message:"No id column or DB"};let q=O.params,Z=O.request.headers.get("x-user-id"),nn=await J.select().from(B).where(Dr(z,q.id)).limit(1);if(await J.delete(B).where(Dr(z,q.id)),h==="userRoles"&&nn[0])try{let j=nn[0],I=o.roles,K=o.users;if(I&&K&&j.roleId&&j.userId){if((await J.select().from(I).where(Dr(I.id,j.roleId)).limit(1))[0]?.name==="godmin")await J.update(K).set({isGod:!1}).where(Dr(K.id,j.userId))}}catch(j){a.warn("[Entity] Failed to sync is_god flag on userRole delete")}{let j=new URL(O.request.url);a.audit({entityName:A.table_name,entityId:q.id,operation:"DELETE",userId:Z||void 0,summary:`Deleted ${A.table_name} (${q.id})`,oldValues:nn[0],ipAddress:O.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||O.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:O.request.headers.get("user-agent")||"unknown",path:j.pathname,query:j.search})}return{success:!0,data:null}},{detail:{tags:[R],summary:`Delete ${h}`,description:`Delete a ${h} record`}});if(A.bulk_endpoints_enabled){if(!A.excluded_methods?.includes("POST"))y.post("/bulk",async(O)=>{if(!J)return{success:!1,message:"DB not initialized"};let q=O.body;if(!Array.isArray(q))return{success:!1,message:"Body must be an array"};let Z=O.request.headers.get("x-user-id");try{let nn=[];for(let I of q){let K=I;if(A.columns){K=Bo(K,A.columns);let tn=zo(K,A.columns,!1);if(!tn.valid)return{success:!1,message:"Validation failed",errors:tn.errors}}if(Z)K.createdBy=Z;nn.push(K)}return{success:!0,data:await J.transaction(async(I)=>{let K=[];for(let tn of nn){let wn=await I.insert(B).values(tn).returning();K.push(wn[0])}return K})}}catch(nn){return{success:!1,message:nn instanceof Error?nn.message:"Transaction failed"}}},{body:Cn.Array(Cn.Object({},{additionalProperties:!0})),detail:{tags:[R],summary:`Bulk create ${h}`,description:`Create multiple ${h} records`}});if(!A.excluded_methods?.includes("PUT"))y.put("/bulk",async(O)=>{if(!J||!z)return{success:!1,message:"No id column or DB"};let q=O.body;if(!Array.isArray(q))return{success:!1,message:"Body must be an array"};let Z=O.request.headers.get("x-user-id");try{return{success:!0,data:await J.transaction(async(j)=>{let I=[];for(let K of q){let tn=K.data;if(A.columns){tn=Bo(tn,A.columns);let ln=zo(tn,A.columns,!0);if(!ln.valid)return{success:!1,message:"Validation failed",errors:ln.errors}}if(tn.updatedAt=new Date,Z)tn.updatedBy=Z;let wn=await j.update(B).set(tn).where(Dr(z,K.id)).returning();I.push(wn[0])}return I})}}catch(nn){return{success:!1,message:nn instanceof Error?nn.message:"Transaction failed"}}},{body:F,detail:{tags:[R],summary:`Bulk update ${h}`,description:`Update multiple ${h} records`}});if(!A.excluded_methods?.includes("DELETE"))y.delete("/bulk",async(O)=>{if(!J||!z)return{success:!1,message:"No id column or DB"};let q=O.body;if(!Array.isArray(q))return{success:!1,message:"Body must be an array of ids"};try{return await J.transaction(async(Z)=>{for(let nn of q)await Z.delete(B).where(Dr(z,nn))}),{success:!0,data:{deleted:q.length}}}catch(Z){return{success:!1,message:Z instanceof Error?Z.message:"Transaction failed"}}},{body:N,detail:{tags:[R],summary:`Bulk delete ${h}`,description:`Delete multiple ${h} records`}})}n.use(y)}return n}import uh,{t as xi}from"elysia";function wh(n){let r=n.match(/^(\d+)(ms|s|m|h)$/);if(!r||!r[1]||!r[2])return 5000;let t=parseInt(r[1],10);switch(r[2]){case"ms":return t;case"s":return t*1000;case"m":return t*60*1000;case"h":return t*60*60*1000;default:return 5000}}function Jf(n){let{monitoringService:r,logger:t,endpoints:o}=n,c=new uh({prefix:o.basePath});if(!o.enabled)return c;if(o.stream.enabled)c.get(o.stream.path,async function*({request:i}){t.info("[Monitoring] SSE stream connected");let a=wh(o.stream.interval),e=!0;i.signal.addEventListener("abort",()=>{e=!1,t.info("[Monitoring] SSE stream disconnected")});let s=await r.getLatestSnapshot();if(s)yield{event:"snapshot",data:JSON.stringify(s)};while(e){if(await new Promise((_)=>setTimeout(_,a)),!e)break;let f=await r.getLatestSnapshot();if(f)yield{event:"snapshot",data:JSON.stringify(f)};let d=r.getActiveAlerts();if(d.length>0)yield{event:"alerts",data:JSON.stringify(d)}}},{detail:{tags:["Monitoring"],summary:"Stream real-time monitoring data",description:"Server-Sent Events stream for real-time monitoring metrics"}});if(o.snapshot.enabled)c.get(o.snapshot.path,async()=>{let i=await r.getLatestSnapshot();if(!i)return{isSuccess:!1,message:"No monitoring data available",data:null};return{isSuccess:!0,message:"Current monitoring snapshot",data:i}},{detail:{tags:["Monitoring"],summary:"Get current monitoring snapshot",description:"Returns the latest monitoring metrics snapshot"}});if(o.history.enabled)c.get(o.history.path,async({query:i})=>{let a=Math.min(i.minutes?parseInt(String(i.minutes),10):60,o.history.maxMinutes),e=await r.getHistory(a);return{isSuccess:!0,message:`Monitoring history for last ${a} minutes`,data:{minutes:a,count:e.length,snapshots:e}}},{query:xi.Object({minutes:xi.Optional(xi.Numeric())}),detail:{tags:["Monitoring"],summary:"Get monitoring history",description:"Returns historical monitoring data for the specified time range"}});if(o.alerts.enabled)c.get(o.alerts.path,()=>{let i=r.getActiveAlerts();return{isSuccess:!0,message:"Active alerts",data:{count:i.length,alerts:i}}},{detail:{tags:["Monitoring"],summary:"Get active alerts",description:"Returns all currently active monitoring alerts"}}),c.post(`${o.alerts.path}/:alertId/acknowledge`,({params:i})=>{if(!r.acknowledgeAlert(i.alertId))return{isSuccess:!1,message:"Alert not found",data:null};return{isSuccess:!0,message:"Alert acknowledged",data:{alertId:i.alertId}}},{params:xi.Object({alertId:xi.String()}),detail:{tags:["Monitoring"],summary:"Acknowledge an alert",description:"Mark an alert as acknowledged"}});return t.info(`[Monitoring] Routes enabled at ${o.basePath} (stream: ${o.stream.enabled}, snapshot: ${o.snapshot.enabled}, history: ${o.history.enabled}, alerts: ${o.alerts.enabled})`),c}import bh,{t as yr}from"elysia";var gh={"Content-Type":"text/event-stream; charset=utf-8","Cache-Control":"no-cache, no-transform",Connection:"keep-alive"},mh=new TextEncoder,Xf=(n,r)=>{let t=typeof r==="string"?r:JSON.stringify(r);return mh.encode(`event: ${n}
+</body></html>`};return a.get(`${i}/approve-page`,async(u)=>{if(!o)return new Response("Service unavailable",{status:503});let l=new URL(u.request.url).searchParams.get("token");if(!l){let W=g({},"approve","","invalid");return new Response(W,{status:400,headers:{"Content-Type":"text/html; charset=utf-8"}})}let E=await o.select().from(t).where(Zn(s("approvalToken"),l)).limit(1);if(E.length===0){let W=g({},"approve",l,"invalid");return new Response(W,{status:404,headers:{"Content-Type":"text/html; charset=utf-8"}})}let $=E[0];if($.approvalStatus!=="pending"&&$.approval_status!=="pending"){let W=g($,"approve",l,"already_processed");return new Response(W,{status:200,headers:{"Content-Type":"text/html; charset=utf-8"}})}let S=$.approvalRequestedAt||$.approval_requested_at;if(S&&Date.now()-new Date(S).getTime()>f){let W=g($,"approve",l,"expired");return new Response(W,{status:410,headers:{"Content-Type":"text/html; charset=utf-8"}})}let U=g($,"approve",l,"pending");return new Response(U,{status:200,headers:{"Content-Type":"text/html; charset=utf-8"}})},{detail:{tags:["Authentication"],summary:"Approval page",description:"Standalone HTML page for approving a device (no frontend auth required)"}}),a.get(`${i}/reject-page`,async(u)=>{if(!o)return new Response("Service unavailable",{status:503});let l=new URL(u.request.url).searchParams.get("token");if(!l){let W=g({},"reject","","invalid");return new Response(W,{status:400,headers:{"Content-Type":"text/html; charset=utf-8"}})}let E=await o.select().from(t).where(Zn(s("approvalToken"),l)).limit(1);if(E.length===0){let W=g({},"reject",l,"invalid");return new Response(W,{status:404,headers:{"Content-Type":"text/html; charset=utf-8"}})}let $=E[0];if($.approvalStatus!=="pending"&&$.approval_status!=="pending"){let W=g($,"reject",l,"already_processed");return new Response(W,{status:200,headers:{"Content-Type":"text/html; charset=utf-8"}})}let S=$.approvalRequestedAt||$.approval_requested_at;if(S&&Date.now()-new Date(S).getTime()>f){let W=g($,"reject",l,"expired");return new Response(W,{status:410,headers:{"Content-Type":"text/html; charset=utf-8"}})}let U=g($,"reject",l,"pending");return new Response(U,{status:200,headers:{"Content-Type":"text/html; charset=utf-8"}})},{detail:{tags:["Authentication"],summary:"Rejection page",description:"Standalone HTML page for rejecting a device (no frontend auth required)"}}),a.get(`${i}/approval-status`,async(u)=>{if(!o)return{success:!1,message:"Database not configured"};let l=new URL(u.request.url).searchParams.get("sessionId");if(!l)return{success:!1,message:"sessionId is required"};let E=await o.select().from(t).where(Zn(s("id"),l)).limit(1);if(E.length===0)return{success:!1,message:"Session not found"};let $=E[0];return{success:!0,data:{approvalStatus:$.approvalStatus||$.approval_status||"unknown",isActive:$.isActive||$.is_active}}},{detail:{tags:["Authentication"],summary:"Check approval status",description:"Poll the approval status of a pending session (used by login form)"}}),a}var sd=b(()=>{ed();o5();ed()});var e5={};ho(e5,{createSessionsRoute:()=>C0,createRegisterRoute:()=>x0,createRefreshRoute:()=>N0,createPasswordSetRoute:()=>O0,createPasswordResetRoute:()=>G0,createPasswordChangeRoute:()=>Q0,createMeRoute:()=>X0,createMagicLinkRoute:()=>J0,createLogoutRoute:()=>Ce,createLoginRoute:()=>xe,createInviteRoute:()=>Qe,createImpersonateRoute:()=>Be,createEmailVerificationRoutes:()=>Xe,createChangeUserIdRoute:()=>ze,createAuthRoutes:()=>a5,createApiKeyRoutes:()=>We});function a5(n,r){let{authConfig:t,features:o,helpers:c}=r;if(r.oauthAccountsTable)t.oauthAccountsTable=r.oauthAccountsTable;if(r.schemaTables)t.schemaTables=r.schemaTables;let i=t.authentication?.cookieMaxAgeBufferSeconds??0,a=t.authentication?.cookieDomain,e=a?process.env[a]??a:void 0,s=e==="localhost"||e===".localhost"?void 0:e,f={accessTokenName:t.authentication?.accessToken?.name||"access_token",refreshTokenName:t.authentication?.refreshToken?.name||"refresh_token",sessionTokenName:t.authentication?.sessionToken?.name||"session_token",accessTokenMaxAge:Math.max(0,pr(t.authentication?.accessToken?.expiresIn||"15m")-i),refreshTokenMaxAge:pr(t.authentication?.refreshToken?.expiresIn||"7d"),sessionTokenMaxAge:pr(t.authentication?.sessionToken?.expiresIn||"30d"),domain:s};if(t.logger.info("[AUTH] Cookie config created",{accessTokenMaxAge:f.accessTokenMaxAge,refreshTokenMaxAge:f.refreshTokenMaxAge,sessionTokenMaxAge:f.sessionTokenMaxAge,accessTokenExpiresIn:t.authentication?.accessToken?.expiresIn,sessionTokenExpiresIn:t.authentication?.sessionToken?.expiresIn}),o.login?.enabled){let _=xe(t,o.login,c.signAccessToken,c.signRefreshToken,c.createSession,c.saveSessionToDb,f,r.tokenResponseConfig);n.use(_)}if(o.register?.enabled){let _=x0(t,o.register,c.sendWelcomeEmail,c.signAccessToken,c.signRefreshToken,c.createSession,f,r.tokenResponseConfig,r.emailService,r.appName);if(n.use(_),o.register.emailVerification?.enabled){let w=Xe({authConfig:t,registerConfig:o.register,emailService:r.emailService,appName:r.appName});n.use(w)}}if(o.logout?.enabled){let _=Ce(t,o.logout,c.destroySession,c.revokeSessionInDb,f);n.use(_)}if(o.refresh?.enabled){let _=N0(t,o.refresh,c.verifyRefreshToken,c.signAccessToken,c.signRefreshToken,r.tokenResponseConfig,i,f);n.use(_)}if(o.passwordReset?.enabled&&c.storeResetToken&&c.getResetToken&&c.deleteResetToken){let _=G0(t,o.passwordReset,c.storeResetToken,c.getResetToken,c.deleteResetToken,c.sendResetEmail);n.use(_)}if(o.passwordChange?.enabled){let _=Q0(t,o.passwordChange);n.use(_)}if(o.passwordSet?.enabled){let _=O0(t,o.passwordSet,c.getMagicToken,c.deleteMagicToken);n.use(_)}if(o.sessions?.enabled&&r.sessionsTable){let _=C0(t,o.sessions,r.sessionsTable);n.use(_)}if(o.magicLink?.enabled&&r.emailService?.isAvailable()&&c.storeMagicToken&&c.getMagicToken&&c.deleteMagicToken){let _=J0(t,o.magicLink,r.emailService,c.signAccessToken,c.signRefreshToken,c.createSession,c.storeMagicToken,c.getMagicToken,c.deleteMagicToken,r.appName);n.use(_)}if(o.me?.enabled){let _=X0(t,o.me,r.schemaTables||{},r.schemaRelations||{},r.databaseUrl);n.use(_)}if(o.invite?.enabled&&r.emailService?.isAvailable()&&c.storeMagicToken){let _=Qe(t,o.invite,r.emailService,c.storeMagicToken,r.appName,c.getMagicToken);n.use(_)}if(o.captcha?.enabled&&r.captchaService){let _=Cb({captchaService:r.captchaService,logger:t.logger,basePath:o.captcha.route||"/auth/captcha"});n.use(_)}if(o.oauth?.enabled&&o.oauth.providers){let _=new ee(o.oauth),w=K2(t,_,c.signAccessToken,c.signRefreshToken,c.createSession,c.saveSessionToDb,f,r.tokenResponseConfig,r.emailService,c.storeMagicToken,r.appName);n.use(w)}if(o.apiKeys?.enabled&&r.apiKeysTable)t.apiKeysTable=r.apiKeysTable,We(n,t,o.apiKeys);let d=jb(t,{route:"/auth/check",isPublic:!1,enabled:!0});if(n.use(d),r.admin?.impersonate?.enabled!==!1){let _=Be(t,c.signAccessToken,c.signRefreshToken,c.createSession,c.saveSessionToDb,f);n.use(_)}if(r.admin?.changeUserId?.enabled!==!1){let _=ze(t,r.schemaName||"public");n.use(_)}return n}var fd=b(()=>{af();Qi();pf();Tf();r_();Fb();qb();t_();o_();e_();s_();Pl();Cl();v2();ql();Il();Tl();rd();cd();sd();pf();Tf();r_();t_();o_();e_();s_();Pl();Cl();ql();Il();Tl();rd();cd();sd()});import{batch as q0,createStore as b5}from"h-state";import{useEffectEvent as g5}from"react";function m5(n){let r={};for(let t of Object.keys(n))r[t]={isPending:!1,data:null,error:null,code:null};return r}function $5(n,r){let{useStore:t}=b5(m5(n),{_callEndpoint:(o)=>async(c,i)=>{if(!o[c])return;q0(()=>{o[c].isPending=!0,o[c].error=null});try{let e=await r(c,i.payload);if(q0(()=>{if(o[c].isPending=!1,o[c].code=e.code??null,e.isSuccess&&e.data!==void 0)o[c].data=e.data,o[c].error=null;else o[c].error=e.errors??null}),e.isSuccess)i.onAfterHandle?.(e.data??e);else i.onErrorHandle?.(e.errors??{message:"Request failed"},e.code)}catch(e){q0(()=>{o[c].isPending=!1,o[c].error={message:e instanceof Error?e.message:"Unknown error"}}),i.onErrorHandle?.({message:e instanceof Error?e.message:"Unknown error"},null)}}});return function(){let c=t(),i=g5((e,s)=>{c._callEndpoint(e,s)}),a={};for(let e of Object.keys(n)){let s=(f)=>{i(e,f)};a[e]={state:c[e],start:s}}return a}}var bd={$schema:"../schemas/nucleus.tables.schema.json",tables:[{table_name:"users",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"email",type:"varchar",length:255},{name:"password",type:"varchar",length:255},{name:"verified_at",type:"timestamp"},{name:"email_verification_token",type:"varchar",length:255},{name:"email_verification_token_expires_at",type:"timestamp"},{name:"email_verification_sent_at",type:"timestamp"},{name:"email_verification_attempts",type:"integer",default:0},{name:"last_login_at",type:"timestamp"},{name:"login_count",type:"integer",default:0},{name:"is_locked",type:"boolean",default:!1},{name:"locked_until",type:"timestamp"},{name:"failed_login_attempts",type:"integer",default:0},{name:"is_god",type:"boolean",default:!1}],indexes:[{columns:["email"],unique:!0},{columns:["email","is_active"]},{columns:["last_login_at"]},{columns:["is_locked","locked_until"]}]},{table_name:"profiles",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id"}},{name:"first_name",type:"varchar",length:100,notNull:!0},{name:"last_name",type:"varchar",length:100,notNull:!0}],indexes:[{columns:["user_id"],unique:!0},{columns:["first_name","last_name"]}]},{table_name:"roles",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"name",type:"varchar",length:100,notNull:!0},{name:"description",type:"varchar",length:500}],indexes:[{columns:["name"],unique:!0}]},{table_name:"claims",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"action",type:"varchar",length:100,notNull:!0},{name:"description",type:"varchar",length:500},{name:"path",type:"varchar",length:200,notNull:!0},{name:"method",type:"varchar",length:10,notNull:!0}],indexes:[{columns:["action"],unique:!0},{columns:["path","method"]}]},{table_name:"user_roles",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"role_id",type:"uuid",notNull:!0,references:{table:"roles",column:"id",onDelete:"cascade"}}],indexes:[{columns:["user_id"]},{columns:["role_id"]}],constraints:{unique:[{name:"unique_user_role",columns:["user_id","role_id"]}]}},{table_name:"role_claims",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"role_id",type:"uuid",notNull:!0,references:{table:"roles",column:"id",onDelete:"cascade"}},{name:"claim_id",type:"uuid",notNull:!0,references:{table:"claims",column:"id",onDelete:"cascade"}},{name:"scope",type:"text"}],indexes:[{columns:["role_id"]},{columns:["claim_id"]},{columns:["role_id","claim_id","scope"]}]},{table_name:"files",feature_set:["storage"],add_base_columns:!0,is_form_data:!0,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"name",type:"varchar",length:255,notNull:!0},{name:"original_name",type:"varchar",length:255,notNull:!0},{name:"type",type:"varchar",length:50,enumValues:["image","document","video","audio","profile_picture"]},{name:"path",type:"varchar",length:500,notNull:!0},{name:"size",type:"bigint",mode:"number",notNull:!0},{name:"mime_type",type:"varchar",length:100,notNull:!0},{name:"extension",type:"varchar",length:10,notNull:!0},{name:"uploaded_by",type:"uuid",references:{table:"users",column:"id"}}],indexes:[{columns:["type"]},{columns:["uploaded_by"]},{columns:["size"]}]},{table_name:"addresses",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"owner_type",type:"varchar",length:50,notNull:!0,enumValues:["user","company","contact"]},{name:"owner_id",type:"uuid",notNull:!0},{name:"name",type:"varchar",length:100,notNull:!0},{name:"street",type:"varchar",length:255},{name:"city",type:"varchar",length:100},{name:"state",type:"varchar",length:50},{name:"zip",type:"varchar",length:20},{name:"country",type:"varchar",length:50,default:"US"},{name:"latitude",type:"decimal",precision:10,scale:8},{name:"longitude",type:"decimal",precision:11,scale:8},{name:"neighborhood",type:"varchar",length:100},{name:"apartment",type:"varchar",length:50},{name:"province",type:"varchar",length:100},{name:"district",type:"varchar",length:100},{name:"type",type:"varchar",length:50}],indexes:[{columns:["city","state"]},{columns:["latitude","longitude"]},{columns:["type"]},{columns:["owner_type","owner_id"]}]},{table_name:"phones",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"owner_type",type:"varchar",length:50,notNull:!0,enumValues:["user","company","contact"]},{name:"owner_id",type:"uuid",notNull:!0},{name:"name",type:"varchar",length:100,notNull:!0},{name:"type",type:"varchar",length:50,enumValues:["mobile","office","fax"]},{name:"number",type:"varchar",length:20,notNull:!0},{name:"country_code",type:"varchar",length:10,notNull:!0,default:"+1"},{name:"extension",type:"varchar",length:10}],indexes:[{columns:["number"]},{columns:["type"]},{columns:["owner_type","owner_id"]}]},{table_name:"notifications",feature_set:["notification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"user_id",type:"uuid",notNull:!0},{name:"title",type:"varchar",length:255,notNull:!0},{name:"body",type:"varchar",length:1000},{name:"entity_name",type:"varchar",length:100},{name:"entity_id",type:"uuid"},{name:"type",type:"varchar",length:50,notNull:!0,default:"system",enumValues:["verification","system","custom"]},{name:"source",type:"varchar",length:100},{name:"is_seen",type:"boolean",notNull:!0,default:!1},{name:"seen_at",type:"timestamptz"}],indexes:[{columns:["user_id","created_at"]},{columns:["is_seen"]},{columns:["type"]},{columns:["user_id","type","is_seen"]}]},{table_name:"tenants",feature_set:["multi-tenant"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["main"],excluded_schemas:[],excluded_methods:[],columns:[{name:"subdomain",type:"varchar",length:100,notNull:!0,unique:!0},{name:"company_id",type:"uuid",notNull:!0},{name:"schema_name",type:"varchar",length:100,notNull:!0,unique:!0},{name:"company_name",type:"varchar",length:255},{name:"god_admin_email",type:"varchar",length:255}],indexes:[]},{table_name:"verifications",feature_set:["verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"instance_id",type:"uuid",notNull:!0,references:{table:"verificationInstances",column:"id",onDelete:"cascade"}},{name:"requirement_id",type:"uuid",notNull:!0,references:{table:"verificationRequirements",column:"id"}},{name:"verifier_id",type:"uuid",notNull:!0,references:{table:"users",column:"id"}},{name:"signature_id",type:"uuid",references:{table:"files",column:"id"}},{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"entity_id",type:"uuid",notNull:!0},{name:"step_order",type:"integer",notNull:!0,default:1},{name:"decision",type:"varchar",length:50,notNull:!0,default:"pending",enumValues:["approved","rejected","pending"]},{name:"reason",type:"text"},{name:"diff",type:"jsonb"}],indexes:[{columns:["instance_id"]},{columns:["requirement_id"]},{columns:["verifier_id"]},{columns:["entity_name","entity_id"]},{columns:["entity_name","entity_id","step_order"]},{columns:["decision"]}]},{table_name:"verificationRequirements",feature_set:["verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"instance_id",type:"uuid",notNull:!0,references:{table:"verificationInstances",column:"id",onDelete:"cascade"}},{name:"step_node_id",type:"varchar",length:100,notNull:!0},{name:"verifier_node_id",type:"varchar",length:100,notNull:!0},{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"entity_id",type:"uuid",notNull:!0},{name:"verifier_type",type:"varchar",length:30,notNull:!0,enumValues:["user","role"]},{name:"verifier_user_id",type:"uuid"},{name:"verifier_role",type:"varchar",length:100},{name:"require_signature",type:"boolean",notNull:!0,default:!1},{name:"all_must_approve",type:"boolean",notNull:!0,default:!1},{name:"step_order",type:"integer",notNull:!0,default:1},{name:"status",type:"varchar",length:30,notNull:!0,default:"pending",enumValues:["pending","approved","rejected"]}],indexes:[{columns:["instance_id"]},{columns:["instance_id","step_order"]},{columns:["entity_name","entity_id"]},{columns:["verifier_user_id"]},{columns:["status"]}]},{table_name:"verificationFlows",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"name",type:"varchar",length:255,notNull:!0},{name:"description",type:"text"},{name:"trigger_on",type:"varchar",length:50,notNull:!0,default:"update",enumValues:["create","update","delete","manual"]},{name:"trigger_fields",type:"jsonb"},{name:"is_draft",type:"boolean",notNull:!0,default:!0},{name:"published_at",type:"timestamptz"},{name:"viewport",type:"jsonb"}],indexes:[{columns:["entity_name"]},{columns:["entity_name","trigger_on"]},{columns:["is_draft"]}]},{table_name:"verificationSteps",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id",onDelete:"cascade"}},{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"node_id",type:"varchar",length:100,notNull:!0},{name:"node_type",type:"varchar",length:50,notNull:!0,default:"step",enumValues:["step","verifier","notification"]},{name:"step_order",type:"integer",notNull:!0,default:1},{name:"name",type:"varchar",length:255},{name:"description",type:"text"},{name:"position_x",type:"numeric",notNull:!0,default:0},{name:"position_y",type:"numeric",notNull:!0,default:0},{name:"width",type:"numeric"},{name:"height",type:"numeric"},{name:"style",type:"jsonb"},{name:"data",type:"jsonb"}],indexes:[{columns:["flow_id"]},{columns:["entity_name"]},{columns:["flow_id","node_id"],unique:!0},{columns:["entity_name","step_order"]}]},{table_name:"verificationEdges",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id",onDelete:"cascade"}},{name:"edge_id",type:"varchar",length:100,notNull:!0},{name:"source_node_id",type:"varchar",length:100,notNull:!0},{name:"target_node_id",type:"varchar",length:100,notNull:!0},{name:"source_handle",type:"varchar",length:50},{name:"target_handle",type:"varchar",length:50},{name:"edge_type",type:"varchar",length:50,default:"default",enumValues:["default","conditional","success","failure"]},{name:"label",type:"varchar",length:255},{name:"condition",type:"jsonb"},{name:"style",type:"jsonb"},{name:"animated",type:"boolean",default:!1}],indexes:[{columns:["flow_id"]},{columns:["flow_id","edge_id"],unique:!0},{columns:["source_node_id"]},{columns:["target_node_id"]}]},{table_name:"verificationNotificationRules",feature_set:["verification","notification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id",onDelete:"cascade"}},{name:"node_id",type:"varchar",length:100,notNull:!0},{name:"trigger",type:"varchar",length:50,notNull:!0,enumValues:["on_flow_started","on_step_reached","on_approved","on_rejected","on_flow_completed"]},{name:"title_template",type:"varchar",length:255},{name:"body_template",type:"text"},{name:"starts_at",type:"timestamptz"},{name:"expires_at",type:"timestamptz"}],indexes:[{columns:["flow_id"]},{columns:["flow_id","node_id"],unique:!0},{columns:["trigger"]}]},{table_name:"verificationNotificationRecipients",feature_set:["verification","notification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"rule_id",type:"uuid",notNull:!0,references:{table:"verificationNotificationRules",column:"id",onDelete:"cascade"}},{name:"recipient_type",type:"varchar",length:30,notNull:!0,enumValues:["user","role","all_verifiers","step_verifier","entity_creator"]},{name:"recipient_user_id",type:"uuid"},{name:"recipient_role",type:"varchar",length:100}],indexes:[{columns:["rule_id"]},{columns:["recipient_type"]}]},{table_name:"verificationVerifierConfigs",feature_set:["verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id",onDelete:"cascade"}},{name:"node_id",type:"varchar",length:100,notNull:!0},{name:"verifier_type",type:"varchar",length:30,notNull:!0,enumValues:["user","role"]},{name:"verifier_user_id",type:"uuid"},{name:"verifier_role",type:"varchar",length:100},{name:"require_signature",type:"boolean",notNull:!0,default:!1},{name:"all_must_approve",type:"boolean",notNull:!0,default:!1}],indexes:[{columns:["flow_id"]},{columns:["flow_id","node_id"],unique:!0},{columns:["verifier_type"]}]},{table_name:"verificationInstances",feature_set:["verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id"}},{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"entity_id",type:"uuid",notNull:!0},{name:"started_by",type:"uuid",references:{table:"users",column:"id"}},{name:"status",type:"varchar",length:30,notNull:!0,default:"active",enumValues:["active","completed","rejected","cancelled"]},{name:"current_step_order",type:"integer",notNull:!0,default:1},{name:"started_at",type:"timestamptz",notNull:!0,defaultRaw:"now()"},{name:"completed_at",type:"timestamptz"}],indexes:[{columns:["flow_id"]},{columns:["entity_name","entity_id"]},{columns:["entity_name","entity_id","status"]},{columns:["status"]},{columns:["started_by"]}]},{table_name:"verificationNotificationChannels",feature_set:["verification","notification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"rule_id",type:"uuid",notNull:!0,references:{table:"verificationNotificationRules",column:"id",onDelete:"cascade"}},{name:"channel",type:"varchar",length:30,notNull:!0,enumValues:["portal","email","sms","telegram","webhook"]}],indexes:[{columns:["rule_id"]},{columns:["rule_id","channel"],unique:!0},{columns:["channel"]}]},{table_name:"user_sessions",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","PATCH"],columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"token_hash",type:"varchar",length:255,notNull:!0},{name:"refresh_token_hash",type:"varchar",length:255},{name:"device_fingerprint",type:"varchar",length:255},{name:"device_name",type:"varchar",length:100},{name:"device_type",type:"varchar",length:50,enumValues:["desktop","mobile","tablet","unknown"]},{name:"browser_name",type:"varchar",length:50},{name:"browser_version",type:"varchar",length:20},{name:"os_name",type:"varchar",length:50},{name:"os_version",type:"varchar",length:20},{name:"ip_address",type:"varchar",length:45,notNull:!0},{name:"location_country",type:"varchar",length:100},{name:"location_city",type:"varchar",length:100},{name:"location_coordinates",type:"varchar",length:50},{name:"last_activity_at",type:"timestamptz",notNull:!0,defaultRaw:"now()"},{name:"expires_at",type:"timestamptz",notNull:!0},{name:"revoked_at",type:"timestamptz"},{name:"revoked_reason",type:"varchar",length:100,enumValues:["user_logout","user_revoked","admin_revoked","security_concern","password_changed","expired","replaced"]},{name:"is_current",type:"boolean",notNull:!0,default:!1},{name:"login_method",type:"varchar",length:50,enumValues:["password","oauth_google","oauth_github","oauth_microsoft","magic_link","sso","api_key"]},{name:"remember_me",type:"boolean",notNull:!0,default:!1},{name:"trust_score",type:"integer",default:100},{name:"approval_status",type:"varchar",length:20,default:"approved",enumValues:["approved","pending","rejected"]},{name:"approval_token",type:"varchar",length:64},{name:"approval_requested_at",type:"timestamptz"},{name:"approval_responded_at",type:"timestamptz"}],indexes:[{columns:["user_id"]},{columns:["token_hash"],unique:!0},{columns:["refresh_token_hash"]},{columns:["user_id","is_active"]},{columns:["expires_at"]},{columns:["device_fingerprint"]},{columns:["ip_address"]},{columns:["last_activity_at"]},{columns:["approval_status"]},{columns:["approval_token"]}]},{table_name:"password_reset_tokens",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","PATCH","DELETE"],columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"token_hash",type:"varchar",length:255,notNull:!0},{name:"expires_at",type:"timestamptz",notNull:!0},{name:"used_at",type:"timestamptz"}],indexes:[{columns:["token_hash"],unique:!0},{columns:["user_id"]},{columns:["expires_at"]}]},{table_name:"magic_link_tokens",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","PATCH","DELETE"],columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"email",type:"varchar",length:255,notNull:!0},{name:"token_hash",type:"varchar",length:255,notNull:!0},{name:"expires_at",type:"timestamptz",notNull:!0},{name:"used_at",type:"timestamptz"}],indexes:[{columns:["token_hash"],unique:!0},{columns:["user_id"]},{columns:["email"]},{columns:["expires_at"]}]},{table_name:"audit_logs",feature_set:["audit"],add_base_columns:!1,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","DELETE","PATCH","TOGGLE","VERIFICATION"],columns:[{name:"id",type:"uuid",primaryKey:!0,defaultRaw:"gen_random_uuid()"},{name:"entity_id",type:"uuid"},{name:"entity_name",type:"text",notNull:!0},{name:"operation_type",type:"text",notNull:!0},{name:"user_id",type:"uuid"},{name:"ip_address",type:"text"},{name:"user_agent",type:"text"},{name:"summary",type:"text"},{name:"old_values",type:"jsonb"},{name:"new_values",type:"jsonb"},{name:"created_at",type:"timestamp",notNull:!0,defaultRaw:"now()"},{name:"path",type:"text"},{name:"query",type:"text"}],indexes:[{columns:["entity_id"]},{columns:["entity_name"]},{columns:["user_id"]},{columns:["created_at"]}]},{table_name:"oauth_accounts",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!1,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"provider",type:"varchar",length:50,notNull:!0,enumValues:["google","github","microsoft","discord","facebook","twitter","apple","custom"]},{name:"provider_account_id",type:"varchar",length:255,notNull:!0},{name:"provider_email",type:"varchar",length:255},{name:"provider_name",type:"varchar",length:255},{name:"provider_avatar_url",type:"text"},{name:"access_token",type:"text"},{name:"refresh_token",type:"text"},{name:"token_expires_at",type:"timestamp"},{name:"scope",type:"text"},{name:"raw_profile",type:"jsonb"},{name:"is_primary",type:"boolean",notNull:!0,default:!1},{name:"last_used_at",type:"timestamp"}],indexes:[{columns:["user_id"]},{columns:["provider","provider_account_id"],unique:!0},{columns:["provider_email"]},{columns:["user_id","provider"]}],constraints:{unique:[{name:"unique_provider_account",columns:["provider","provider_account_id"]}]}},{table_name:"api_keys",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","PATCH"],bulk_endpoints_enabled:!1,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"name",type:"varchar",length:255,notNull:!0},{name:"description",type:"text"},{name:"key_hash",type:"varchar",length:255,notNull:!0},{name:"key_preview",type:"varchar",length:12,notNull:!0},{name:"owner_type",type:"varchar",length:30,notNull:!0,default:"personal",enumValues:["personal","application"]},{name:"application_name",type:"varchar",length:255},{name:"allowed_roles",type:"jsonb",notNull:!0,default:"[]"},{name:"allowed_claims",type:"jsonb",notNull:!0,default:"[]"},{name:"allowed_scopes",type:"jsonb",notNull:!0,default:"[]"},{name:"expires_at",type:"timestamptz"},{name:"last_used_at",type:"timestamptz"},{name:"last_used_ip",type:"varchar",length:45},{name:"usage_count",type:"integer",notNull:!0,default:0},{name:"revoked_at",type:"timestamptz"},{name:"revoked_reason",type:"varchar",length:255}],indexes:[{columns:["key_hash"],unique:!0},{columns:["user_id"]},{columns:["user_id","is_active"]},{columns:["owner_type"]},{columns:["expires_at"]},{columns:["last_used_at"]}]}]};var K0={login:{key:"LOGIN",method:"POST",defaultRoute:"/auth/login",defaultIsPublic:!0,_payload:void 0,_success:void 0,_error:void 0},register:{key:"REGISTER",method:"POST",defaultRoute:"/auth/register",defaultIsPublic:!0,_payload:void 0,_success:void 0,_error:void 0},logout:{key:"LOGOUT",method:"POST",defaultRoute:"/auth/logout",defaultIsPublic:!1,_payload:void 0,_success:void 0,_error:void 0},refresh:{key:"REFRESH",method:"POST",defaultRoute:"/auth/refresh",defaultIsPublic:!1,_payload:void 0,_success:void 0,_error:void 0},me:{key:"ME",method:"GET",defaultRoute:"/auth/me",defaultIsPublic:!1,_payload:void 0,_success:void 0,_error:void 0},passwordChange:{key:"PASSWORD_CHANGE",method:"POST",defaultRoute:"/auth/password-change",defaultIsPublic:!1,_payload:void 0,_success:void 0,_error:void 0},passwordSet:{key:"PASSWORD_SET",method:"POST",defaultRoute:"/auth/password-set",defaultIsPublic:!1,_payload:void 0,_success:void 0,_error:void 0},passwordReset:{key:"PASSWORD_RESET_REQUEST",method:"POST",defaultRoute:"/auth/password-reset",defaultIsPublic:!0,subEndpoints:[{key:"PASSWORD_RESET_REQUEST",method:"POST",suffix:"/request",_payload:void 0,_success:void 0,_error:void 0},{key:"PASSWORD_RESET_CONFIRM",method:"POST",suffix:"/confirm",_payload:void 0,_success:void 0,_error:void 0}]},sessions:{key:"SESSIONS",method:"GET",defaultRoute:"/auth/sessions",defaultIsPublic:!1,subEndpoints:[{key:"SESSIONS",method:"GET",suffix:"",_payload:void 0,_success:void 0,_error:void 0},{key:"SESSIONS_CURRENT",method:"GET",suffix:"/current",_payload:void 0,_success:void 0,_error:void 0},{key:"SESSIONS_STATS",method:"GET",suffix:"/stats",_payload:void 0,_success:void 0,_error:void 0},{key:"SESSIONS_PENDING",method:"GET",suffix:"/pending",_payload:void 0,_success:void 0,_error:void 0},{key:"SESSIONS_REVOKE",method:"DELETE",suffix:"/:sessionId",_payload:void 0,_success:void 0,_error:void 0},{key:"SESSIONS_REVOKE_ALL",method:"DELETE",suffix:"/all",_payload:void 0,_success:void 0,_error:void 0},{key:"SESSIONS_APPROVE",method:"POST",suffix:"/approve",_payload:void 0,_success:void 0,_error:void 0},{key:"SESSIONS_REJECT",method:"POST",suffix:"/reject",_payload:void 0,_success:void 0,_error:void 0}]},magicLink:{key:"MAGIC_LINK",method:"POST",defaultRoute:"/auth/magic-link",defaultIsPublic:!0,subEndpoints:[{key:"MAGIC_LINK",method:"POST",suffix:"",_payload:void 0,_success:void 0,_error:void 0},{key:"MAGIC_LINK_VERIFY",method:"GET",suffix:"/verify",routeKey:"verifyRoute",_payload:void 0,_success:void 0,_error:void 0}]},invite:{key:"INVITE",method:"POST",defaultRoute:"/auth/invite",defaultIsPublic:!1,subEndpoints:[{key:"INVITE",method:"POST",suffix:"",_payload:void 0,_success:void 0,_error:void 0},{key:"INVITE_VERIFY",method:"POST",suffix:"/verify",_payload:void 0,_success:void 0,_error:void 0}]},emailVerification:{key:"VERIFY_EMAIL",method:"GET",defaultRoute:"/verify-email",defaultIsPublic:!0,subEndpoints:[{key:"VERIFY_EMAIL",method:"GET",suffix:"",_payload:void 0,_success:void 0,_error:void 0},{key:"RESEND_VERIFICATION",method:"POST",suffix:"",routeKey:"resendRoute",defaultRoute:"/resend-verification",_payload:void 0,_success:void 0,_error:void 0}]},captcha:{key:"CAPTCHA",method:"GET",defaultRoute:"/auth/captcha",defaultIsPublic:!0,subEndpoints:[{key:"CAPTCHA_GENERATE",method:"GET",suffix:"/generate",_payload:void 0,_success:void 0,_error:void 0},{key:"CAPTCHA_VALIDATE",method:"POST",suffix:"/validate",_payload:void 0,_success:void 0,_error:void 0}]},oauth:{key:"OAUTH_PROVIDERS",method:"GET",defaultRoute:"/auth/oauth/providers",defaultIsPublic:!0,subEndpoints:[{key:"OAUTH_PROVIDERS",method:"GET",suffix:"/providers",_payload:void 0,_success:void 0,_error:void 0},{key:"OAUTH_REDIRECT",method:"GET",suffix:"/:provider",_payload:void 0,_success:void 0,_error:void 0},{key:"OAUTH_ACCOUNTS",method:"GET",suffix:"/accounts",_payload:void 0,_success:void 0,_error:void 0},{key:"OAUTH_UNLINK",method:"DELETE",suffix:"/unlink/:provider",_payload:void 0,_success:void 0,_error:void 0}]},apiKeys:{key:"API_KEYS",method:"GET",defaultRoute:"/auth/api-keys",defaultIsPublic:!1,subEndpoints:[{key:"API_KEYS_CREATE",method:"POST",suffix:"",_payload:void 0,_success:void 0,_error:void 0},{key:"API_KEYS_LIST",method:"GET",suffix:"",_payload:void 0,_success:void 0,_error:void 0},{key:"API_KEYS_DETAIL",method:"GET",suffix:"/:id",_payload:void 0,_success:void 0,_error:void 0},{key:"API_KEYS_UPDATE",method:"PATCH",suffix:"/:id",_payload:void 0,_success:void 0,_error:void 0},{key:"API_KEYS_REVOKE",method:"DELETE",suffix:"/:id",_payload:void 0,_success:void 0,_error:void 0}]}},gd={healthCheck:{key:"MONITORING_HEALTH_CHECK",method:"GET",suffix:"/health",_payload:void 0,_success:void 0,_error:void 0},getSettings:{key:"MONITORING_GET_SETTINGS",method:"GET",suffix:"/settings",_payload:void 0,_success:void 0,_error:void 0},changeSettings:{key:"MONITORING_CHANGE_SETTINGS",method:"PATCH",suffix:"/settings",_payload:void 0,_success:void 0,_error:void 0},getLogs:{key:"MONITORING_GET_LOGS",method:"GET",suffix:"/logs",_payload:void 0,_success:void 0,_error:void 0}};var A5=["profiles","addresses","phones","files","users","roles","claims","user_roles","role_claims","audit_logs"],E5=bd.tables.filter((n)=>A5.includes(n.table_name));function Rc(n){return n.replace(/([a-z])([A-Z])/g,"$1_$2").replace(/[\s-]+/g,"_").toUpperCase()}function S5(n){return n.replace(/_([a-z])/g,(r,t)=>t.toUpperCase())}function v0(n){if(n.endsWith("ies"))return`${n.slice(0,-3)}y`;if(n.endsWith("ses"))return`${n.slice(0,-2)}`;if(n.endsWith("s"))return n.slice(0,-1);return n}function Lt(n,r){let t=Rc(n),o=Rc(v0(n));switch(r){case"GET":return`GET_${t}`;case"POST":return`ADD_${o}`;case"PUT":return`UPDATE_${o}`;case"PATCH":return`PATCH_${o}`;case"DELETE":return`DELETE_${o}`}}function Mc(n,r){let t=Rc(n);switch(r){case"POST":return`BULK_ADD_${t}`;case"PUT":return`BULK_UPDATE_${t}`;case"DELETE":return`BULK_DELETE_${t}`}}function Ao(n,r){if(!n.excluded_methods)return!1;let t={GET:"GET",POST:"POST",PUT:"PUT",PATCH:"PATCH",DELETE:"DELETE"};return n.excluded_methods.includes(t[r])}function md(n){let r={};for(let t of n.entities){let o=t.table_name,c=`/${o}`,i=t.serviceId;if(!Ao(t,"GET")){r[Lt(o,"GET")]={method:"GET",path:c,isPublic:t.is_public?.GET??!1,serviceId:i,_payload:void 0,_success:void 0,_error:void 0};let a=Rc(v0(o));r[`GET_${a}_BY_ID`]={method:"GET",path:`${c}/:id`,isPublic:t.is_public?.GET??!1,serviceId:i,_payload:void 0,_success:void 0,_error:void 0},r[`GET_${Rc(o)}_DISTINCT`]={method:"GET",path:`${c}/distinct/:field`,isPublic:t.is_public?.GET??!1,serviceId:i,_payload:void 0,_success:void 0,_error:void 0}}if(!Ao(t,"POST"))r[Lt(o,"POST")]={method:"POST",path:c,isPublic:t.is_public?.POST??!1,isFormData:t.is_form_data,serviceId:i,_payload:void 0,_success:void 0,_error:void 0};if(!Ao(t,"PUT"))r[Lt(o,"PUT")]={method:"PUT",path:`${c}/:id`,isPublic:t.is_public?.PUT??!1,isFormData:t.is_form_data,serviceId:i,_payload:void 0,_success:void 0,_error:void 0};if(!Ao(t,"PATCH"))r[Lt(o,"PATCH")]={method:"PATCH",path:`${c}/:id`,isPublic:t.is_public?.PATCH??!1,serviceId:i,_payload:void 0,_success:void 0,_error:void 0};if(!Ao(t,"DELETE"))r[Lt(o,"DELETE")]={method:"DELETE",path:`${c}/:id`,isPublic:t.is_public?.DELETE??!1,serviceId:i,_payload:void 0,_success:void 0,_error:void 0};if(t.bulk_endpoints_enabled){if(!Ao(t,"POST"))r[Mc(o,"POST")]={method:"POST",path:`${c}/bulk`,isPublic:t.is_public?.POST??!1,serviceId:i,_payload:void 0,_success:void 0,_error:void 0};if(!Ao(t,"PUT"))r[Mc(o,"PUT")]={method:"PUT",path:`${c}/bulk`,isPublic:t.is_public?.PUT??!1,serviceId:i,_payload:void 0,_success:void 0,_error:void 0};if(!Ao(t,"DELETE"))r[Mc(o,"DELETE")]={method:"DELETE",path:`${c}/bulk`,isPublic:t.is_public?.DELETE??!1,serviceId:i,_payload:void 0,_success:void 0,_error:void 0}}}return r}function $d(n){let r={},t=n.authentication;if(!t?.enabled)return r;for(let[o,c]of Object.entries(K0)){let i=t[o];if(!i?.enabled)continue;let a=i,e=a.route||c.defaultRoute,s=a.isPublic??c.defaultIsPublic;if("subEndpoints"in c&&c.subEndpoints)for(let f of c.subEndpoints){let d="routeKey"in f&&f.routeKey&&i[f.routeKey]?String(i[f.routeKey]):("defaultRoute"in f)&&f.defaultRoute?String(f.defaultRoute):`${e}${f.suffix}`;r[f.key]={method:f.method,path:d,isPublic:f.key==="MAGIC_LINK_VERIFY"?!0:s,_payload:f._payload,_success:f._success,_error:f._error}}else if("_payload"in c)r[c.key]={method:c.method,path:e,isPublic:s,_payload:c._payload,_success:c._success,_error:c._error}}return r}function hd(){let n={};for(let r of E5){let t=r.table_name,c=`/${S5(t)}`,i=t==="files";n[Lt(t,"GET")]={method:"GET",path:c,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0};let a=Rc(v0(t));if(n[`GET_${a}_BY_ID`]={method:"GET",path:`${c}/:id`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},n[Lt(t,"POST")]={method:"POST",path:c,isPublic:!1,isFormData:i,_payload:void 0,_success:void 0,_error:void 0},n[Lt(t,"PUT")]={method:"PUT",path:`${c}/:id`,isPublic:!1,isFormData:i,_payload:void 0,_success:void 0,_error:void 0},n[Lt(t,"PATCH")]={method:"PATCH",path:`${c}/:id`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},n[Lt(t,"DELETE")]={method:"DELETE",path:`${c}/:id`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},r.bulk_endpoints_enabled)n[Mc(t,"POST")]={method:"POST",path:`${c}/bulk`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},n[Mc(t,"PUT")]={method:"PUT",path:`${c}/bulk`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},n[Mc(t,"DELETE")]={method:"DELETE",path:`${c}/bulk`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0}}return n}function Ad(n){let r={},t=n.liveMonitoring;if(!t?.enabled)return r;let o=t.basePath||"/monitoring";for(let c of Object.values(gd))r[c.key]={method:c.method,path:`${o}${c.suffix}`,isPublic:!1,_payload:c._payload,_success:c._success,_error:c._error};return r}function Ed(n){let r={};if(!n.authentication?.enabled)return r;return r.ADMIN_IMPERSONATE={method:"POST",path:"/auth/admin/impersonate",isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},r.ADMIN_IMPERSONATE_STOP={method:"POST",path:"/auth/admin/impersonate/stop",isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},r.ADMIN_CHANGE_USER_ID={method:"POST",path:"/auth/admin/change-user-id",isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},r}function Sd(n){let r={},t=n.verification,o=n.notification;if(!t?.enabled)return r;let c=t.endpoints?.basePath||"/verifications",i=t.flowEndpoints?.basePath||"/verification-flows",a=o?.endpoints?.basePath||"/notifications";if(r.VERIFICATION_STATUS={method:"GET",path:`${c}/status/:entity_name/:entity_id`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},r.VERIFICATION_DECIDE={method:"POST",path:`${c}/:entity_name/:entity_id/decide`,isPublic:!1,skipCamelCase:!0,_payload:void 0,_success:void 0,_error:void 0},r.VERIFICATION_PENDING={method:"GET",path:`${c}/pending`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},r.VERIFICATION_HISTORY={method:"GET",path:`${c}/history/:entity_name/:entity_id`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},r.VERIFICATION_START={method:"POST",path:`${c}/start`,isPublic:!1,skipCamelCase:!0,_payload:void 0,_success:void 0,_error:void 0},r.VERIFICATION_START_FOR_ENTITY={method:"POST",path:`${c}/start-for-entity`,isPublic:!1,skipCamelCase:!0,_payload:void 0,_success:void 0,_error:void 0},r.VERIFICATION_ENTITY_STATUSES={method:"GET",path:`${c}/statuses/:entity_name`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},t.flowEndpoints?.enabled)r.FLOW_LIST={method:"GET",path:i,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},r.FLOW_GET={method:"GET",path:`${i}/:flow_id`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},r.FLOW_SAVE={method:"POST",path:i,isPublic:!1,skipCamelCase:!0,_payload:void 0,_success:void 0,_error:void 0},r.FLOW_PUBLISH={method:"POST",path:`${i}/:flow_id/publish`,isPublic:!1,skipCamelCase:!0,_payload:void 0,_success:void 0,_error:void 0},r.FLOW_DELETE={method:"DELETE",path:`${i}/:flow_id`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0};if(o?.enabled&&o.endpoints?.enabled)r.NOTIFICATION_LIST={method:"GET",path:a,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},r.NOTIFICATION_UNSEEN_COUNT={method:"GET",path:`${a}/unseen-count`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},r.NOTIFICATION_MARK_SEEN={method:"POST",path:`${a}/:notification_id/seen`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},r.NOTIFICATION_MARK_ALL_SEEN={method:"POST",path:`${a}/seen-all`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0};return r}function D5(n,r){let t=md(n),o=$d(n),c=Ed(n),i=hd(),a=Ad(n),e=Sd(n);return{...t,...o,...c,...i,...a,...e,...r??{}}}cs();import{randomUUID as z5}from"crypto";var B5={timeout:30000,retries:0,retryDelay:1000,debug:!1};class ki{config;logger;constructor(n={}){this.config={...B5,...n},this.logger=new Zr({service:"ServerFetch",prettyPrint:this.config.debug,colorize:this.config.debug,auditEnabled:!1})}buildUrl(n){if(n.startsWith("http://")||n.startsWith("https://"))return n;return this.config.baseUrl?`${this.config.baseUrl}${n}`:n}buildHeaders(n){let r=new Headers;if(this.config.defaultHeaders)for(let[t,o]of Object.entries(this.config.defaultHeaders))r.set(t,o);if(n)if(n instanceof Headers)n.forEach((t,o)=>{r.set(o,t)});else if(Array.isArray(n))for(let[t,o]of n)r.set(t,o);else for(let[t,o]of Object.entries(n))r.set(t,o);return r}parseResponseHeaders(n){let r={};if(n.forEach((t,o)=>{if(o.toLowerCase()==="set-cookie"){let c=r[o];r[o]=c?`${c}, ${t}`:t}else r[o]=t}),typeof n.getSetCookie==="function"){let t=n.getSetCookie();if(t.length>0)r["set-cookie"]=t.join(", ")}return r}async executeWithTimeout(n,r,t){let o=new AbortController,c=setTimeout(()=>o.abort(),r);try{return await Promise.race([n,new Promise((a,e)=>{o.signal.addEventListener("abort",()=>{e(Error(`Request timeout after ${r}ms`))})})])}finally{clearTimeout(c)}}async fetch(n){let r=z5(),t=performance.now(),o=this.buildUrl(n.url),c=this.buildHeaders(n.headers),i=n.timeout??this.config.timeout??30000,a=n.retries??this.config.retries??0,e=n.retryDelay??this.config.retryDelay??1000,s;if(n.body)if(typeof n.body==="object"&&!(n.body instanceof FormData)&&!(n.body instanceof URLSearchParams)&&!(n.body instanceof Blob)&&!(n.body instanceof ArrayBuffer)){if(s=JSON.stringify(n.body),!c.has("content-type"))c.set("content-type","application/json")}else s=n.body;this.logger.debug(`[${r}] ${n.method} ${o}`,{method:n.method,url:o,hasBody:!!s});let f=null,d=0;while(d<=a)try{let w=await this.executeWithTimeout(fetch(o,{method:n.method,headers:c,body:s}),i,r),g=performance.now()-t,u=this.parseResponseHeaders(w.headers),m,l,E=await w.text();if(E)try{let S=JSON.parse(E);if(w.ok)m=S;else l=S}catch{if(!w.ok)l={message:E||w.statusText}}else if(!w.ok)l={message:w.statusText};let $={isSuccess:w.ok,response:m,errors:l,code:w.status,headers:u,durationMs:g,requestId:r,createdAt:new Date};if(w.ok)this.logger.info(`[${r}] ${n.method} ${o} ${w.status}`,{method:n.method,url:o,statusCode:w.status,durationMs:Math.round(g)});else this.logger.warn(`[${r}] ${n.method} ${o} ${w.status}`,{method:n.method,url:o,statusCode:w.status,durationMs:Math.round(g),error:l});return $}catch(w){if(f=w instanceof Error?w:Error(String(w)),d++,d<=a)this.logger.warn(`[${r}] Retry ${d}/${a} after error`,{method:n.method,url:o,error:f.message,attempt:d,retries:a}),await new Promise((g)=>setTimeout(g,e))}let _=performance.now()-t;return this.logger.error(`[${r}] ${n.method} ${o} failed`,f,{method:n.method,url:o,durationMs:Math.round(_),attempts:d}),{isSuccess:!1,response:void 0,errors:{message:f?.message||"Unknown error"},code:null,headers:{},durationMs:_,requestId:r,createdAt:new Date}}async get(n,r){return this.fetch({...r,url:n,method:"GET"})}async post(n,r,t){return this.fetch({...t,url:n,method:"POST",body:r})}async put(n,r,t){return this.fetch({...t,url:n,method:"PUT",body:r})}async patch(n,r,t){return this.fetch({...t,url:n,method:"PATCH",body:r})}async delete(n,r){return this.fetch({...r,url:n,method:"DELETE"})}}var U5=new ki;var W5={accessToken:"access_token",refreshToken:"refresh_token",sessionToken:"session_token"};function V5(n){let r=[],t="";for(let o=0;o<n.length;o++){let c=n[o];if(c===","){let i=n.slice(o+1).trimStart();if(/^[a-zA-Z0-9_-]+=/.test(i)){r.push(t.trim()),t="";continue}}t+=c}if(t.trim())r.push(t.trim());return r}function Y5(n,r){let t={},o=["x-forwarded-for","x-real-ip","user-agent","accept-language","x-request-id","x-client-ip","cf-connecting-ip","true-client-ip"];for(let s of o){let f=n.get(s);if(f)t[s]=f}if(!t["user-agent"])t["user-agent"]="Nucleus-ServerAction/1.0";let c=n.get(`x-${r.accessToken}`),i=n.get(`x-${r.refreshToken}`),a=n.get(`x-${r.sessionToken}`);if(c)t[`x-${r.accessToken}`]=c;if(i)t[`x-${r.refreshToken}`]=i;if(a)t[`x-${r.sessionToken}`]=a;let e=n.get("cookie");if(e)t.cookie=e;return t}function J5(n){return n.replace(/_([a-z])/g,(r,t)=>t.toUpperCase())}function is(n){let r={};for(let[t,o]of Object.entries(n)){let c=t.startsWith("_")?t:J5(t);if(o instanceof Date)r[c]=o.toISOString();else if(o&&typeof o==="object"&&!Array.isArray(o))r[c]=is(o);else r[c]=o}return r}function X5(n,r){let t=new URLSearchParams,o=(i,a)=>{if(a===void 0||a===null)return;if(Array.isArray(a))for(let e of a)o(`${i}[]`,e);else if(a instanceof Date)t.append(i,a.toISOString());else if(typeof a==="object")for(let[e,s]of Object.entries(a))o(`${i}[${e}]`,s);else t.append(i,String(a))};for(let[i,a]of Object.entries(r))o(i,a);let c=t.toString();if(!c)return n;return n.includes("?")?`${n}&${c}`:`${n}?${c}`}function L5(n,r,t,o){let c={...W5,...r.tokenNames},i=new ki({baseUrl:r.baseUrl,debug:r.debug,timeout:30000,retries:0});return async function(e,s){let f=n[e];if(!f)return{isSuccess:!1,errors:{message:`Endpoint "${e}" not found`},code:404};let d=await t(),_=await o(),w={};if(_.forEach((H,k)=>{w[k]=H}),(f.path.includes("/auth/login")||f.path.includes("/auth/oauth"))&&f.method==="POST")try{d.delete(c.accessToken),d.delete(c.refreshToken),d.delete(c.sessionToken)}catch(H){}let u=Y5(_,c),m=f.path,l,E=new Set,$=/:([a-zA-Z_][a-zA-Z0-9_]*)/g,S=$.exec(m);while(S!==null){if(S[1])E.add(S[1]);S=$.exec(m)}if(s&&typeof s==="object"&&!(s instanceof FormData)){let H=s;for(let[k,D]of Object.entries(H))if(D!=null){if(E.has(k))m=m.replace(`:${k}`,String(D));else if(k.startsWith("_")&&E.has(k.substring(1)))m=m.replace(`:${k.substring(1)}`,String(D));else if(k==="id"&&E.has("id"))m=m.replace(":id",String(D))}}if(f.method==="GET"&&s&&typeof s==="object"){let H={...s};for(let k of E)delete H[k],delete H[`_${k}`];m=X5(m,H)}else if(s!==void 0){if(f.isFormData&&s instanceof FormData)l=s;else if(Array.isArray(s)){if(l=s.map((H)=>H&&typeof H==="object"?is(H):H),!u["content-type"])u["content-type"]="application/json"}else if(l=f.skipCamelCase?s:is(s),!u["content-type"])u["content-type"]="application/json"}let U=await i.fetch({url:m,method:f.method,headers:u,body:l});if(U.headers["set-cookie"])try{let H=U.headers["set-cookie"],k=V5(H);for(let D of k){let[A,...h]=D.split(";");if(!A)continue;let[R,z]=A.split("=");if(R&&z){let V={};for(let Q of h){let[B,J]=Q.trim().split("=");if(!B)continue;let G=B.toLowerCase();if(G==="path")V.path=J;else if(G==="domain")V.domain=J;else if(G==="max-age")V.maxAge=Number(J);else if(G==="expires"&&J)V.expires=new Date(J);else if(G==="httponly")V.httpOnly=!0;else if(G==="secure")V.secure=!0;else if(G==="samesite")V.sameSite=J}d.set(R.trim(),z.trim(),V)}}}catch(H){console.warn("[ServerFactory] Failed to process Set-Cookie headers:",H instanceof Error?H.message:String(H))}let W=U.response;if(U.isSuccess&&W&&typeof W==="object"&&!Array.isArray(W)){let H=W;if("success"in H&&!("data"in H)){let{success:k,message:D,error:A,...h}=H;W={success:k,...D!==void 0?{message:D}:{},...A!==void 0?{error:A}:{},...Object.keys(h).length>0?{data:h}:{}}}}return{isSuccess:U.isSuccess,data:W,errors:U.errors,code:U.code,message:U.isSuccess?void 0:U.errors?.message}}}import{batch as Q5,createStore as G5}from"h-state";var O5={connection:{status:"disconnected",clientId:null,subscribedTopics:[],error:null,reconnectAttempt:0},events:[],maxEvents:100},{useStore:as}=G5(O5,{setConnectionStatus:(n)=>(r)=>{n.connection.status=r},setClientId:(n)=>(r)=>{n.connection.clientId=r},setSubscribedTopics:(n)=>(r)=>{n.connection.subscribedTopics=r},setError:(n)=>(r)=>{n.connection.error=r},setReconnectAttempt:(n)=>(r)=>{n.connection.reconnectAttempt=r},addEvent:(n)=>(r)=>{let t=[r,...n.events];n.events=t.slice(0,n.maxEvents)},clearEvents:(n)=>()=>{n.events=[]},reset:(n)=>()=>{Q5(()=>{n.connection.status="disconnected",n.connection.clientId=null,n.connection.subscribedTopics=[],n.connection.error=null,n.connection.reconnectAttempt=0,n.events=[]})}});import{useEffect as Rd,useEffectEvent as Io,useRef as Mi}from"react";function N5(n){if(n.wsUrl){let i=n.wsUrl.replace(/\/$/,""),a=n.wsPath||"/api/events/subscribe",e=(n.topics||["*"]).join(",");return`${i}${a}?userId=${encodeURIComponent(n.userId)}&topics=${encodeURIComponent(e)}`}if(typeof window>"u")return"";let r=window.location.protocol==="https:"?"wss:":"ws:",t=window.location.host,o=n.wsPath||"/api/events/subscribe",c=(n.topics||["*"]).join(",");return`${r}//${t}${o}?userId=${encodeURIComponent(n.userId)}&topics=${encodeURIComponent(c)}`}var x5=0;function P5(n){let r=as(),t=Mi(null),o=Mi(null),c=Mi(null),i=Mi(!1),a=Mi(n);a.current=n;let e=n.autoReconnect??!0,s=n.maxReconnectAttempts??10,f=n.reconnectBaseDelay??1000,d=n.reconnectMaxDelay??30000,_=n.heartbeatInterval??30000,w=n.debug??!1,g=(...D)=>{if(w)console.log("[usePubSub]",...D)},u=()=>{if(o.current)clearInterval(o.current),o.current=null},m=()=>{if(c.current)clearTimeout(c.current),c.current=null},l=(D)=>{u(),o.current=setInterval(()=>{if(D.readyState===WebSocket.OPEN)D.send(JSON.stringify({type:"ping"}))},_)},E=Io((D)=>{try{let A=JSON.parse(D.data);switch(A.type){case"connected":r.setConnectionStatus("connected"),r.setClientId(A.clientId),r.setSubscribedTopics(A.subscribedTopics),r.setReconnectAttempt(0),r.setError(null),g("Connected, clientId:",A.clientId);break;case"subscribed":r.setSubscribedTopics(A.topics),g("Subscribed to:",A.topics);break;case"event":{let h={id:`evt_${Date.now()}_${x5++}`,topic:A.topic,data:A.data,timestamp:A.timestamp,receivedAt:Date.now(),messageId:A.messageId,isRedelivery:A.isRedelivery};if(r.addEvent(h),A.messageId&&t.current?.readyState===WebSocket.OPEN)t.current.send(JSON.stringify({type:"ack",messageId:A.messageId}));break}case"pong":break;case"error":r.setError(Error(A.error)),g("Server error:",A.error);break}}catch{g("Failed to parse message")}}),$=Io((D)=>{if(i.current)return;if(!e)return;if(D>=s){r.setConnectionStatus("disconnected"),r.setError(Error("Max reconnection attempts reached")),g("Max reconnect attempts reached");return}let A=Math.min(f*2**D,d);g(`Reconnecting in ${A}ms (attempt ${D+1}/${s})`),r.setConnectionStatus("reconnecting"),r.setReconnectAttempt(D+1),m(),c.current=setTimeout(()=>{if(!i.current)S()},A)}),S=Io(()=>{if(i.current)return;if(t.current?.readyState===WebSocket.OPEN)return;if(!a.current.userId)return;if(t.current){if(t.current.onopen=null,t.current.onmessage=null,t.current.onerror=null,t.current.onclose=null,t.current.readyState===WebSocket.OPEN||t.current.readyState===WebSocket.CONNECTING)t.current.close();t.current=null}let D=N5(a.current);if(!D)return;r.setConnectionStatus("connecting"),r.setError(null),g("Connecting to:",D);let A=new WebSocket(D);t.current=A,A.onopen=()=>{g("WebSocket opened"),l(A)},A.onmessage=E,A.onerror=()=>{g("WebSocket error"),r.setError(Error("WebSocket connection error"))},A.onclose=(h)=>{if(g("WebSocket closed",h.code,h.reason),u(),r.setConnectionStatus("disconnected"),r.setClientId(null),!i.current&&h.code!==4001){let R=r.connection.reconnectAttempt;$(R)}}}),U=Io(()=>{if(u(),m(),t.current){if(t.current.onopen=null,t.current.onmessage=null,t.current.onerror=null,t.current.onclose=null,t.current.readyState===WebSocket.OPEN||t.current.readyState===WebSocket.CONNECTING)t.current.close();t.current=null}r.setConnectionStatus("disconnected"),r.setClientId(null)}),W=Io((D)=>{if(t.current?.readyState!==WebSocket.OPEN)return;t.current.send(JSON.stringify({type:"subscribe",topics:D}))}),H=Io((D)=>{if(t.current?.readyState!==WebSocket.OPEN)return;t.current.send(JSON.stringify({type:"unsubscribe",topics:D}))}),k=Io((D)=>{return r.events.filter((A)=>A.topic===D)});return Rd(()=>{if(i.current=!1,n.userId)S();return()=>{i.current=!0,U()}},[n.userId]),Rd(()=>{if(r.connection.status==="connected"&&n.topics)W(n.topics)},[n.topics?.join(",")]),{isConnected:r.connection.status==="connected",isConnecting:r.connection.status==="connecting"||r.connection.status==="reconnecting",clientId:r.connection.clientId,subscribedTopics:r.connection.subscribedTopics,events:r.events,error:r.connection.error,reconnectAttempt:r.connection.reconnectAttempt,connect:S,disconnect:U,subscribe:W,unsubscribe:H,clearEvents:r.clearEvents,getEventsByTopic:k}}import{randomUUID as uS}from"crypto";var us=Ur(Ud(),1);import{Elysia as Ja,NotFoundError as zc}from"elysia";var et,Eo,pt=typeof Bun<"u"&&!!Bun.file;function Hc(){if(et||(et=process.getBuiltinModule("fs/promises")),Eo||(Eo=process.getBuiltinModule("path")),!Eo){console.warn("@elysiajs/static require path to be available.");return}return[et,Eo]}async function Wd(n){if(et||Hc(),pt){let r=new Bun.Glob("**/*.html"),t=[];for await(let o of r.scan(n))t.push(Eo.join(n,o));return t}return[]}async function ss(n){if(et||Hc(),pt){let t=new Bun.Glob("**/*"),o=[];for await(let c of t.scan(n))o.push(Eo.join(n,c));return o}let r=await et.readdir(n).catch(()=>[]);return(await Promise.all(r.map(async(t)=>{let o=n+Eo.sep+t,c=await et.stat(o).catch(()=>null);return c?c.isDirectory()?await ss(o):[Eo.resolve(n,o)]:[]}))).flat()}function fs(n){return et||Hc(),et.stat(n).then(()=>!0,()=>!1)}class _s{constructor(n=250,r=10800){this.max=n,this.ttl=r,this.map=new Map}get(n){let r=this.map.get(n);if(r)return r[1]<=Date.now()?void this.delete(n):(this.map.delete(n),this.map.set(n,r),r[0])}set(n,r){if(this.interval||(this.interval=setInterval(()=>{let t=Date.now();for(let[o,c]of this.map)c[1]<=t&&this.map.delete(o)},this.ttl)),this.map.has(n))this.map.delete(n);else if(this.map.size>=this.max){let t=this.map.keys().next().value;t!==void 0&&this.delete(t)}this.map.set(n,[r,Date.now()+this.ttl*1000])}delete(n){this.map.get(n)&&this.map.delete(n)}clear(){this.map.clear()}size(){return this.map.size}[Symbol.dispose](){this.interval&&clearInterval(this.interval)}}function ls(n,r,t){if(n["cache-control"]&&/no-cache|no-store/.test(n["cache-control"]))return!1;if("if-none-match"in n){let o=n["if-none-match"];return o==="*"?!0:o===null||typeof r!="string"?!1:o===r}if(n["if-modified-since"]){let o=n["if-modified-since"];try{return et.stat(t).then((c)=>{if(c.mtime!==void 0&&c.mtime.getTime()<=Date.parse(o))return!0})}catch{}}return!1}var Ya;function Ri(n){return pt?Bun.file(n):(et||Hc(),et.readFile(n))}async function ds(n){return pt?new Bun.CryptoHasher("md5").update(await n.arrayBuffer()).digest("base64"):(Ya||(Ya=process.getBuiltinModule("crypto")),Ya?Ya.createHash("md5").update(n).digest("base64"):void console.warn("[@elysiajs/static] crypto is required to generate etag."))}var Hi=(n)=>{if(!n)return!1;for(let r in n)return!0;return!1};async function Vd({assets:n="public",prefix:r="/public",staticLimit:t=1024,alwaysStatic:o=!1,ignorePatterns:c=[".DS_Store",".git",".env"],headers:i,maxAge:a=86400,directive:e="public",etag:s=!0,extension:f=!0,indexHTML:d=!0,decodeURI:_,silent:w}={}){if(typeof process>"u"||typeof process.getBuiltinModule>"u")return w||console.warn("[@elysiajs/static] require process.getBuiltinModule. Static plugin is disabled"),new Ja;let g=Hc();if(!g)return new Ja;let[u,m]=g,l=m.sep!=="/"?(H)=>H.replace(/\\/g,"/"):(H)=>H,E=new _s;r===m.sep&&(r="");let $=m.resolve(n),S=c.length?(H)=>c.find((k)=>typeof k=="string"?k.includes(H):k.test(H)):()=>!1,U=new Ja({name:"static",seed:r});if(o){let H=await ss(m.resolve(n));if(H.length<=t)for(let k of H){let D=function({headers:V}){if(z){let J=ls(V,z,k);if(J===!0)return new Response(null,{status:304,headers:Hi(i)?i:void 0});if(J!==!1){let G=E.get(h);return G?G.clone():J.then((F)=>{if(F)return new Response(null,{status:304,headers:i||void 0});let N=new Response(R,{headers:Object.assign({"Cache-Control":a?`${e}, max-age=${a}`:e},i,z?{Etag:z}:{})});return E.set(r,N),N.clone()})}}let Q=E.get(h);if(Q)return Q.clone();let B=new Response(R,{headers:Object.assign({"Cache-Control":a?`${e}, max-age=${a}`:e},i,z?{Etag:z}:{})});return E.set(h,B),B.clone()};var W=D;if(!k||S(k))continue;let A=k.replace($,"");_&&(A=us.default(A)??A);let h=l(m.join(r,A));if(pt&&k.endsWith(".html")){let V=await import(k);U.get(h,V.default),d&&h.endsWith("/index.html")&&U.get(h.replace("/index.html",""),V.default);continue}f||(h=l(h.slice(0,h.lastIndexOf("."))));let R=pt?Ri(k):await Ri(k);if(!R)return w||console.warn(`[@elysiajs/static] Failed to load file: ${k}`),new Ja;let z=await ds(R);U.get(h,s?D:new Response(R,Hi(i)?{headers:i}:void 0)),d&&h.endsWith("/index.html")&&U.get(h.replace("/index.html",""),s?D:new Response(R,Hi(i)?{headers:i}:void 0))}return U}if(!(`GET_${r}/*`in U.routeTree)){if(pt){let H=await Wd(m.resolve(n));for(let k of H){if(!k||S(k))continue;let D=k.replace($,""),A=l(m.join(r,D)),h=await import(k);U.get(A,h.default),d&&A.endsWith("/index.html")&&U.get(A.replace("/index.html",""),h.default)}}U.onError(()=>{}).get(`${r.endsWith("/")?r.slice(0,-1):r}/*`,async({params:H,headers:k})=>{let D=l(m.join(n,_?us.default(H["*"])??H["*"]:H["*"]));if(S(D))throw new zc;let A=E.get(D);if(A)return A.clone();try{let h=await u.stat(D).catch(()=>null);if(!h)throw new zc;if(!d&&h.isDirectory())throw new zc;let R;if(!pt&&d){let Q=m.join(D,"index.html"),B=E.get(Q);if(B)return B.clone();await fs(Q)&&(R=await Ri(Q))}if(!R&&!h.isDirectory()&&await fs(D))R=await Ri(D);else throw new zc;if(!s)return new Response(R,Hi(i)?{headers:i}:void 0);let z=await ds(R);if(z&&await ls(k,z,D))return new Response(null,{status:304});let V=new Response(R,{headers:Object.assign({"Cache-Control":a?`${e}, max-age=${a}`:e},i,z?{Etag:z}:{})});return E.set(D,V),V.clone()}catch(h){throw h instanceof zc?h:(w||console.error("[@elysiajs/static]",h),new zc)}})}return U}lf();Xa();ps();import{pushSchema as wS}from"drizzle-kit/api";import{and as Ai,eq as yn}from"drizzle-orm";import{drizzle as bS}from"drizzle-orm/node-postgres";import{pgSchema as gS}from"drizzle-orm/pg-core";import mS from"elysia";var Ji=[{table_name:"users",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"email",type:"varchar",length:255},{name:"password",type:"varchar",length:255},{name:"verified_at",type:"timestamp"},{name:"email_verification_token",type:"varchar",length:255},{name:"email_verification_token_expires_at",type:"timestamp"},{name:"email_verification_sent_at",type:"timestamp"},{name:"email_verification_attempts",type:"integer",default:0},{name:"last_login_at",type:"timestamp"},{name:"login_count",type:"integer",default:0},{name:"is_locked",type:"boolean",default:!1},{name:"locked_until",type:"timestamp"},{name:"failed_login_attempts",type:"integer",default:0},{name:"is_god",type:"boolean",default:!1}],indexes:[{columns:["email"],unique:!0},{columns:["email","is_active"]},{columns:["last_login_at"]},{columns:["is_locked","locked_until"]}]},{table_name:"profiles",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id"}},{name:"first_name",type:"varchar",length:100,notNull:!0},{name:"last_name",type:"varchar",length:100,notNull:!0}],indexes:[{columns:["user_id"],unique:!0},{columns:["first_name","last_name"]}]},{table_name:"roles",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"name",type:"varchar",length:100,notNull:!0},{name:"description",type:"varchar",length:500}],indexes:[{columns:["name"],unique:!0}]},{table_name:"claims",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"action",type:"varchar",length:100,notNull:!0},{name:"description",type:"varchar",length:500},{name:"path",type:"varchar",length:200,notNull:!0},{name:"method",type:"varchar",length:10,notNull:!0}],indexes:[{columns:["action"],unique:!0},{columns:["path","method"]}]},{table_name:"user_roles",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"role_id",type:"uuid",notNull:!0,references:{table:"roles",column:"id",onDelete:"cascade"}}],indexes:[{columns:["user_id"]},{columns:["role_id"]}],constraints:{unique:[{name:"unique_user_role",columns:["user_id","role_id"]}]}},{table_name:"role_claims",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"role_id",type:"uuid",notNull:!0,references:{table:"roles",column:"id",onDelete:"cascade"}},{name:"claim_id",type:"uuid",notNull:!0,references:{table:"claims",column:"id",onDelete:"cascade"}},{name:"scope",type:"text"}],indexes:[{columns:["role_id"]},{columns:["claim_id"]},{columns:["role_id","claim_id","scope"]}]},{table_name:"files",feature_set:["storage"],add_base_columns:!0,is_form_data:!0,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"name",type:"varchar",length:255,notNull:!0},{name:"original_name",type:"varchar",length:255,notNull:!0},{name:"type",type:"varchar",length:50,enumValues:["image","document","video","audio","profile_picture"]},{name:"path",type:"varchar",length:500,notNull:!0},{name:"size",type:"bigint",mode:"number",notNull:!0},{name:"mime_type",type:"varchar",length:100,notNull:!0},{name:"extension",type:"varchar",length:10,notNull:!0},{name:"uploaded_by",type:"uuid",references:{table:"users",column:"id"}}],indexes:[{columns:["type"]},{columns:["uploaded_by"]},{columns:["size"]}]},{table_name:"addresses",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"owner_type",type:"varchar",length:50,notNull:!0,enumValues:["user","company","contact"]},{name:"owner_id",type:"uuid",notNull:!0},{name:"name",type:"varchar",length:100,notNull:!0},{name:"street",type:"varchar",length:255},{name:"city",type:"varchar",length:100},{name:"state",type:"varchar",length:50},{name:"zip",type:"varchar",length:20},{name:"country",type:"varchar",length:50,default:"US"},{name:"latitude",type:"decimal",precision:10,scale:8},{name:"longitude",type:"decimal",precision:11,scale:8},{name:"neighborhood",type:"varchar",length:100},{name:"apartment",type:"varchar",length:50},{name:"province",type:"varchar",length:100},{name:"district",type:"varchar",length:100},{name:"type",type:"varchar",length:50}],indexes:[{columns:["city","state"]},{columns:["latitude","longitude"]},{columns:["type"]},{columns:["owner_type","owner_id"]}]},{table_name:"phones",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"owner_type",type:"varchar",length:50,notNull:!0,enumValues:["user","company","contact"]},{name:"owner_id",type:"uuid",notNull:!0},{name:"name",type:"varchar",length:100,notNull:!0},{name:"type",type:"varchar",length:50,enumValues:["mobile","office","fax"]},{name:"number",type:"varchar",length:20,notNull:!0},{name:"country_code",type:"varchar",length:10,notNull:!0,default:"+1"},{name:"extension",type:"varchar",length:10}],indexes:[{columns:["number"]},{columns:["type"]},{columns:["owner_type","owner_id"]}]},{table_name:"notifications",feature_set:["notification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"user_id",type:"uuid",notNull:!0},{name:"title",type:"varchar",length:255,notNull:!0},{name:"body",type:"varchar",length:1000},{name:"entity_name",type:"varchar",length:100},{name:"entity_id",type:"uuid"},{name:"type",type:"varchar",length:50,notNull:!0,default:"system",enumValues:["verification","system","custom"]},{name:"source",type:"varchar",length:100},{name:"is_seen",type:"boolean",notNull:!0,default:!1},{name:"seen_at",type:"timestamptz"}],indexes:[{columns:["user_id","created_at"]},{columns:["is_seen"]},{columns:["type"]},{columns:["user_id","type","is_seen"]}]},{table_name:"tenants",feature_set:["multi-tenant"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["main"],excluded_schemas:[],excluded_methods:[],columns:[{name:"subdomain",type:"varchar",length:100,notNull:!0,unique:!0},{name:"company_id",type:"uuid",notNull:!0},{name:"schema_name",type:"varchar",length:100,notNull:!0,unique:!0},{name:"company_name",type:"varchar",length:255},{name:"god_admin_email",type:"varchar",length:255}],indexes:[]},{table_name:"verifications",feature_set:["verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"instance_id",type:"uuid",notNull:!0,references:{table:"verificationInstances",column:"id",onDelete:"cascade"}},{name:"requirement_id",type:"uuid",notNull:!0,references:{table:"verificationRequirements",column:"id"}},{name:"verifier_id",type:"uuid",notNull:!0,references:{table:"users",column:"id"}},{name:"signature_id",type:"uuid",references:{table:"files",column:"id"}},{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"entity_id",type:"uuid",notNull:!0},{name:"step_order",type:"integer",notNull:!0,default:1},{name:"decision",type:"varchar",length:50,notNull:!0,default:"pending",enumValues:["approved","rejected","pending"]},{name:"reason",type:"text"},{name:"diff",type:"jsonb"}],indexes:[{columns:["instance_id"]},{columns:["requirement_id"]},{columns:["verifier_id"]},{columns:["entity_name","entity_id"]},{columns:["entity_name","entity_id","step_order"]},{columns:["decision"]}]},{table_name:"verificationRequirements",feature_set:["verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"instance_id",type:"uuid",notNull:!0,references:{table:"verificationInstances",column:"id",onDelete:"cascade"}},{name:"step_node_id",type:"varchar",length:100,notNull:!0},{name:"verifier_node_id",type:"varchar",length:100,notNull:!0},{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"entity_id",type:"uuid",notNull:!0},{name:"verifier_type",type:"varchar",length:30,notNull:!0,enumValues:["user","role"]},{name:"verifier_user_id",type:"uuid"},{name:"verifier_role",type:"varchar",length:100},{name:"require_signature",type:"boolean",notNull:!0,default:!1},{name:"all_must_approve",type:"boolean",notNull:!0,default:!1},{name:"step_order",type:"integer",notNull:!0,default:1},{name:"status",type:"varchar",length:30,notNull:!0,default:"pending",enumValues:["pending","approved","rejected"]}],indexes:[{columns:["instance_id"]},{columns:["instance_id","step_order"]},{columns:["entity_name","entity_id"]},{columns:["verifier_user_id"]},{columns:["status"]}]},{table_name:"verificationFlows",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"name",type:"varchar",length:255,notNull:!0},{name:"description",type:"text"},{name:"trigger_on",type:"varchar",length:50,notNull:!0,default:"update",enumValues:["create","update","delete","manual"]},{name:"trigger_fields",type:"jsonb"},{name:"is_draft",type:"boolean",notNull:!0,default:!0},{name:"published_at",type:"timestamptz"},{name:"viewport",type:"jsonb"}],indexes:[{columns:["entity_name"]},{columns:["entity_name","trigger_on"]},{columns:["is_draft"]}]},{table_name:"verificationSteps",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id",onDelete:"cascade"}},{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"node_id",type:"varchar",length:100,notNull:!0},{name:"node_type",type:"varchar",length:50,notNull:!0,default:"step",enumValues:["step","verifier","notification"]},{name:"step_order",type:"integer",notNull:!0,default:1},{name:"name",type:"varchar",length:255},{name:"description",type:"text"},{name:"position_x",type:"numeric",notNull:!0,default:0},{name:"position_y",type:"numeric",notNull:!0,default:0},{name:"width",type:"numeric"},{name:"height",type:"numeric"},{name:"style",type:"jsonb"},{name:"data",type:"jsonb"}],indexes:[{columns:["flow_id"]},{columns:["entity_name"]},{columns:["flow_id","node_id"],unique:!0},{columns:["entity_name","step_order"]}]},{table_name:"verificationEdges",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id",onDelete:"cascade"}},{name:"edge_id",type:"varchar",length:100,notNull:!0},{name:"source_node_id",type:"varchar",length:100,notNull:!0},{name:"target_node_id",type:"varchar",length:100,notNull:!0},{name:"source_handle",type:"varchar",length:50},{name:"target_handle",type:"varchar",length:50},{name:"edge_type",type:"varchar",length:50,default:"default",enumValues:["default","conditional","success","failure"]},{name:"label",type:"varchar",length:255},{name:"condition",type:"jsonb"},{name:"style",type:"jsonb"},{name:"animated",type:"boolean",default:!1}],indexes:[{columns:["flow_id"]},{columns:["flow_id","edge_id"],unique:!0},{columns:["source_node_id"]},{columns:["target_node_id"]}]},{table_name:"verificationNotificationRules",feature_set:["verification","notification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id",onDelete:"cascade"}},{name:"node_id",type:"varchar",length:100,notNull:!0},{name:"trigger",type:"varchar",length:50,notNull:!0,enumValues:["on_flow_started","on_step_reached","on_approved","on_rejected","on_flow_completed"]},{name:"title_template",type:"varchar",length:255},{name:"body_template",type:"text"},{name:"starts_at",type:"timestamptz"},{name:"expires_at",type:"timestamptz"}],indexes:[{columns:["flow_id"]},{columns:["flow_id","node_id"],unique:!0},{columns:["trigger"]}]},{table_name:"verificationNotificationRecipients",feature_set:["verification","notification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"rule_id",type:"uuid",notNull:!0,references:{table:"verificationNotificationRules",column:"id",onDelete:"cascade"}},{name:"recipient_type",type:"varchar",length:30,notNull:!0,enumValues:["user","role","all_verifiers","step_verifier","entity_creator"]},{name:"recipient_user_id",type:"uuid"},{name:"recipient_role",type:"varchar",length:100}],indexes:[{columns:["rule_id"]},{columns:["recipient_type"]}]},{table_name:"verificationVerifierConfigs",feature_set:["verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id",onDelete:"cascade"}},{name:"node_id",type:"varchar",length:100,notNull:!0},{name:"verifier_type",type:"varchar",length:30,notNull:!0,enumValues:["user","role"]},{name:"verifier_user_id",type:"uuid"},{name:"verifier_role",type:"varchar",length:100},{name:"require_signature",type:"boolean",notNull:!0,default:!1},{name:"all_must_approve",type:"boolean",notNull:!0,default:!1}],indexes:[{columns:["flow_id"]},{columns:["flow_id","node_id"],unique:!0},{columns:["verifier_type"]}]},{table_name:"verificationInstances",feature_set:["verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id"}},{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"entity_id",type:"uuid",notNull:!0},{name:"started_by",type:"uuid",references:{table:"users",column:"id"}},{name:"status",type:"varchar",length:30,notNull:!0,default:"active",enumValues:["active","completed","rejected","cancelled"]},{name:"current_step_order",type:"integer",notNull:!0,default:1},{name:"started_at",type:"timestamptz",notNull:!0,defaultRaw:"now()"},{name:"completed_at",type:"timestamptz"}],indexes:[{columns:["flow_id"]},{columns:["entity_name","entity_id"]},{columns:["entity_name","entity_id","status"]},{columns:["status"]},{columns:["started_by"]}]},{table_name:"verificationNotificationChannels",feature_set:["verification","notification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"rule_id",type:"uuid",notNull:!0,references:{table:"verificationNotificationRules",column:"id",onDelete:"cascade"}},{name:"channel",type:"varchar",length:30,notNull:!0,enumValues:["portal","email","sms","telegram","webhook"]}],indexes:[{columns:["rule_id"]},{columns:["rule_id","channel"],unique:!0},{columns:["channel"]}]},{table_name:"user_sessions",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","PATCH"],columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"token_hash",type:"varchar",length:255,notNull:!0},{name:"refresh_token_hash",type:"varchar",length:255},{name:"device_fingerprint",type:"varchar",length:255},{name:"device_name",type:"varchar",length:100},{name:"device_type",type:"varchar",length:50,enumValues:["desktop","mobile","tablet","unknown"]},{name:"browser_name",type:"varchar",length:50},{name:"browser_version",type:"varchar",length:20},{name:"os_name",type:"varchar",length:50},{name:"os_version",type:"varchar",length:20},{name:"ip_address",type:"varchar",length:45,notNull:!0},{name:"location_country",type:"varchar",length:100},{name:"location_city",type:"varchar",length:100},{name:"location_coordinates",type:"varchar",length:50},{name:"last_activity_at",type:"timestamptz",notNull:!0,defaultRaw:"now()"},{name:"expires_at",type:"timestamptz",notNull:!0},{name:"revoked_at",type:"timestamptz"},{name:"revoked_reason",type:"varchar",length:100,enumValues:["user_logout","user_revoked","admin_revoked","security_concern","password_changed","expired","replaced"]},{name:"is_current",type:"boolean",notNull:!0,default:!1},{name:"login_method",type:"varchar",length:50,enumValues:["password","oauth_google","oauth_github","oauth_microsoft","magic_link","sso","api_key"]},{name:"remember_me",type:"boolean",notNull:!0,default:!1},{name:"trust_score",type:"integer",default:100},{name:"approval_status",type:"varchar",length:20,default:"approved",enumValues:["approved","pending","rejected"]},{name:"approval_token",type:"varchar",length:64},{name:"approval_requested_at",type:"timestamptz"},{name:"approval_responded_at",type:"timestamptz"}],indexes:[{columns:["user_id"]},{columns:["token_hash"],unique:!0},{columns:["refresh_token_hash"]},{columns:["user_id","is_active"]},{columns:["expires_at"]},{columns:["device_fingerprint"]},{columns:["ip_address"]},{columns:["last_activity_at"]},{columns:["approval_status"]},{columns:["approval_token"]}]},{table_name:"password_reset_tokens",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","PATCH","DELETE"],columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"token_hash",type:"varchar",length:255,notNull:!0},{name:"expires_at",type:"timestamptz",notNull:!0},{name:"used_at",type:"timestamptz"}],indexes:[{columns:["token_hash"],unique:!0},{columns:["user_id"]},{columns:["expires_at"]}]},{table_name:"magic_link_tokens",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","PATCH","DELETE"],columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"email",type:"varchar",length:255,notNull:!0},{name:"token_hash",type:"varchar",length:255,notNull:!0},{name:"expires_at",type:"timestamptz",notNull:!0},{name:"used_at",type:"timestamptz"}],indexes:[{columns:["token_hash"],unique:!0},{columns:["user_id"]},{columns:["email"]},{columns:["expires_at"]}]},{table_name:"audit_logs",feature_set:["audit"],add_base_columns:!1,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","DELETE","PATCH","TOGGLE","VERIFICATION"],columns:[{name:"id",type:"uuid",primaryKey:!0,defaultRaw:"gen_random_uuid()"},{name:"entity_id",type:"uuid"},{name:"entity_name",type:"text",notNull:!0},{name:"operation_type",type:"text",notNull:!0},{name:"user_id",type:"uuid"},{name:"ip_address",type:"text"},{name:"user_agent",type:"text"},{name:"summary",type:"text"},{name:"old_values",type:"jsonb"},{name:"new_values",type:"jsonb"},{name:"created_at",type:"timestamp",notNull:!0,defaultRaw:"now()"},{name:"path",type:"text"},{name:"query",type:"text"}],indexes:[{columns:["entity_id"]},{columns:["entity_name"]},{columns:["user_id"]},{columns:["created_at"]}]},{table_name:"oauth_accounts",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!1,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"provider",type:"varchar",length:50,notNull:!0,enumValues:["google","github","microsoft","discord","facebook","twitter","apple","custom"]},{name:"provider_account_id",type:"varchar",length:255,notNull:!0},{name:"provider_email",type:"varchar",length:255},{name:"provider_name",type:"varchar",length:255},{name:"provider_avatar_url",type:"text"},{name:"access_token",type:"text"},{name:"refresh_token",type:"text"},{name:"token_expires_at",type:"timestamp"},{name:"scope",type:"text"},{name:"raw_profile",type:"jsonb"},{name:"is_primary",type:"boolean",notNull:!0,default:!1},{name:"last_used_at",type:"timestamp"}],indexes:[{columns:["user_id"]},{columns:["provider","provider_account_id"],unique:!0},{columns:["provider_email"]},{columns:["user_id","provider"]}],constraints:{unique:[{name:"unique_provider_account",columns:["provider","provider_account_id"]}]}}];var S$={GET:["GET"],POST:["POST"],PUT:["PUT"],DELETE:["DELETE"],PATCH:["PATCH"],TOGGLE:["PATCH"],VERIFICATION:["POST"]};function D$(n,r){let t=[],o=n.authentication;if(!o)return t;if(o.login?.enabled&&o.login?.isPublic)t.push({path:o.login.route||`${r}/auth/login`,method:"POST",source:"auth"});if(o.register?.enabled&&o.register?.isPublic)t.push({path:o.register.route||`${r}/auth/register`,method:"POST",source:"auth"});if(o.logout?.enabled&&o.logout?.isPublic)t.push({path:o.logout.route||`${r}/auth/logout`,method:"POST",source:"auth"});if(o.refresh?.enabled&&o.refresh?.isPublic)t.push({path:o.refresh.route||`${r}/auth/refresh`,method:"POST",source:"auth"});if(o.passwordReset?.enabled&&o.passwordReset?.isPublic){let c=o.passwordReset.route||`${r}/auth/password-reset`;t.push({path:`${c}/request`,method:"POST",source:"auth"},{path:`${c}/confirm`,method:"POST",source:"auth"})}if(o.passwordChange?.enabled&&o.passwordChange?.isPublic)t.push({path:o.passwordChange.route||`${r}/auth/password-change`,method:"POST",source:"auth"});if(o.magicLink?.enabled&&o.magicLink?.isPublic)t.push({path:o.magicLink.route||`${r}/auth/magic-link`,method:"POST",source:"auth"},{path:o.magicLink.verifyRoute||`${r}/auth/magic-link/verify`,method:"GET",source:"auth"});if(o.register?.enabled&&o.register?.emailVerification?.enabled)t.push({path:`${r}/verify-email`,method:"GET",source:"auth"},{path:`${r}/resend-verification`,method:"POST",source:"auth"});if(o.invite?.enabled&&o.invite?.isPublic)t.push({path:o.invite.route||`${r}/auth/invite`,method:"POST",source:"auth"});if(o.invite?.enabled){let c=o.invite.route||`${r}/auth/invite`;t.push({path:`${c}/verify`,method:"POST",source:"auth"})}if(o.passwordSet?.enabled)t.push({path:o.passwordSet.route||`${r}/auth/password-set`,method:"POST",source:"auth"});if(o.captcha?.enabled&&o.captcha?.isPublic){let c=o.captcha.route||`${r}/auth/captcha`;t.push({path:`${c}/generate`,method:"GET",source:"auth"},{path:`${c}/validate`,method:"POST",source:"auth"})}if(o.sessions?.enabled){let c=o.sessions.route||`${r}/auth/sessions`;t.push({path:`${c}/approve`,method:"POST",source:"auth"},{path:`${c}/reject`,method:"POST",source:"auth"},{path:`${c}/approve-page`,method:"GET",source:"auth"},{path:`${c}/reject-page`,method:"GET",source:"auth"},{path:`${c}/approval-status`,method:"GET",source:"auth"})}if(o.oauth?.enabled){let c=o.oauth.basePath||`${r}/auth/oauth`,i=["google","github","microsoft","discord","facebook","twitter","apple","custom"];t.push({path:`${c}/providers`,method:"GET",source:"auth"});for(let a of i)t.push({path:`${c}/${a}`,method:"GET",source:"auth"},{path:`${c}/${a}/callback`,method:"GET",source:"auth"})}return t}function bw(n,r,t){let o=[];for(let c of n){if(!c.is_public)continue;let i=`${r}/${t}/${c.table_name}`;for(let[a,e]of Object.entries(c.is_public)){if(!e)continue;let s=S$[a];if(!s)continue;for(let f of s)if(f==="GET")o.push({path:i,method:"GET",source:"entity"}),o.push({path:`${i}/:id`,method:"GET",source:"entity"});else if(f==="POST")o.push({path:i,method:"POST",source:"entity"});else if(f==="PUT"||f==="PATCH")o.push({path:`${i}/:id`,method:f,source:"entity"});else if(f==="DELETE")o.push({path:`${i}/:id`,method:"DELETE",source:"entity"})}}return o}function k$(n,r,t){return bw(n,r,t)}function df(n,r,t="",o="public"){let c=D$(n,t),i=bw(n.entities||[],t,o),a=k$(r,t,o),e=[];if(n.pubsub?.enabled){let f=n.pubsub.basePath||"/subs",d=n.pubsub.wsPath||"/api/events/subscribe";e.push({path:`${f}/:topic`,method:"POST",source:"system"},{path:d,method:"GET",source:"system"})}let s=[{path:"/nucleus-core",method:"GET",source:"custom"},{path:"/public",method:"GET",source:"custom"},{path:"/docs",method:"GET",source:"custom"},{path:"/docs/json",method:"GET",source:"custom"},{path:"/swagger",method:"GET",source:"custom"},{path:"/swagger/json",method:"GET",source:"custom"}];return[...c,...i,...a,...e,...s]}function uf(n,r,t){let o=r.replace(/\/$/,""),c=t.toUpperCase();for(let i of n){if(i.method!==c)continue;if(M$(i.path,o))return!0}return!1}function M$(n,r){if(n===r)return!0;let t=n.split("/").filter(Boolean),o=r.split("/").filter(Boolean);if(t.length!==o.length)return!1;for(let c=0;c<t.length;c++){let i=t[c],a=o[c];if(i?.startsWith(":"))continue;if(i!==a)return!1}return!0}import{asc as ah,desc as eh,eq as Dr,ilike as yw,inArray as sh,notInArray as fh,or as _h}from"drizzle-orm";import{drizzle as lh}from"drizzle-orm/node-postgres";import{Elysia as dh,t as Cn}from"elysia";vs();Qi();Ae();import{t as or}from"elysia";function ih(n){let r={};if(!n||n.length===0)return or.Object({},{additionalProperties:!0});for(let t of n)switch(t.type?.toLowerCase()||"string"){case"integer":case"int":case"serial":case"bigserial":case"numeric":case"decimal":r[t.name]=t.notNull?or.Number():or.Optional(or.Number());break;case"boolean":r[t.name]=t.notNull?or.Boolean():or.Optional(or.Boolean());break;case"timestamp":case"timestamptz":case"date":r[t.name]=t.notNull?or.String({format:"date-time"}):or.Optional(or.String({format:"date-time"}));break;case"json":case"jsonb":r[t.name]=or.Optional(or.Unknown());break;case"uuid":r[t.name]=t.notNull?or.String({format:"uuid"}):or.Optional(or.String({format:"uuid"}));break;default:r[t.name]=t.notNull?or.String():or.Optional(or.String())}return or.Object(r,{additionalProperties:!0})}function pw(n){return or.Array(or.Object({id:or.String(),data:ih(n)}))}function Yf(n,r){let{db:t,schemaTables:o,schemaRelations:c,entities:i,logger:a,databaseUrl:e,storage:s,authorization:f,authMode:d,idpUrl:_}=r,w=Gi(s),g=f?.enabled??!1,u=d==="consumer";if(!t)return n;let m=Object.keys(o),l=i.map((A)=>A.table_name),E=m.filter((A)=>!l.includes(A)),$=["userSessions","passwordResetTokens","magicLinkTokens"],S=["passwordResetTokens","magicLinkTokens"],U=["files"];function W(A){return A.replace(/_([a-z])/g,(h,R)=>R.toUpperCase())}let H=new Map(Ji.map((A)=>[W(A.table_name),A])),k=E.filter((A)=>{if(S.includes(A)&&!r.emailServiceAvailable)return a.info(`Skipping ${A} routes - email service not available`),!1;return!0}).map((A)=>{let h=H.get(A);return{table_name:A,group_name:$.includes(A)?"Authentication":A,is_form_data:U.includes(A),bulk_endpoints_enabled:h?.bulk_endpoints_enabled??!1,excluded_methods:h?.excluded_methods?[...h.excluded_methods]:[],columns:h?.columns?[...h.columns]:void 0}}),D=[...i,...k];a.info(`All entities: ${D.map((A)=>A.table_name).join(", ")}`);for(let A of D){let h=A.table_name,R=A.group_name||A.table_name,z=o[h];if(!z)continue;let V=c[`${h}Relations`];a.info(`Creating routes for table: ${h}`);let Q=z,B=Q.id,J=t,G=(O)=>Q[O]??Q[W(O)],F=pw(A.columns),N=Cn.Array(Cn.String()),x=async(O,q,Z,nn)=>{let j=O.headers.get("x-user-id");if(!g||!j)return null;if(u){let I=(O.headers.get("x-user-claims")||"").split(",").filter(Boolean),K=(O.headers.get("x-user-roles")||"").split(",").filter(Boolean);if(_){let tn=O.headers.get("x-access-token")||(O.headers.get("cookie")||"").match(/access_token=([^;]+)/)?.[1]||"";return Qu({idpUrl:_,accessToken:tn,method:q,entity:A.table_name,requestedFields:Z,requestedRelations:nn,logger:a})}return Lu({userClaims:I,userRoles:K,method:q,entity:A.table_name,requestedFields:Z,requestedRelations:nn,logger:a})}return oe({userId:j,method:q,entity:A.table_name,requestedFields:Z,requestedRelations:nn,db:J,schemaTables:o,logger:a})},y=new dh({prefix:`/${h}`});if(!A.excluded_methods?.includes("GET"))y.get("/",async(O)=>{if(!J)return{success:!1,message:"DB not initialized"};let q=A.columns?.map((En)=>En.name),Z=Object.keys(c).filter((En)=>En.startsWith(`${A.table_name}Relations`)).map((En)=>En.replace("Relations","")),nn=await x(O.request,"GET",q,Z);if(nn&&!nn.authorized)return{success:!1,message:nn.reason||"Unauthorized",status:403};let j=Hf(O.query),I=[];if(g&&nn?.scopeFilters)for(let[En,Sn]of Object.entries(nn.scopeFilters)){let rn=G(En);if(rn)I.push(Dr(rn,Sn))}if(j.search&&j.searchFields){let En=j.searchFields.map((Sn)=>{let rn=Sn.trim(),hn=G(rn);return hn?yw(hn,`%${j.search}%`):null}).filter((Sn)=>Sn!==null);if(En.length>0){let Sn=_h(...En);if(Sn)I.push(Sn)}}if(j.filters){let{ne:En,gt:Sn,gte:rn,lt:hn,lte:Xn,like:Tn,isNull:Nr,isNotNull:Qr}=await import("drizzle-orm");for(let $r of j.filters){let ar=G($r.field);if(!ar)continue;switch($r.operator){case"eq":I.push(Dr(ar,$r.value));break;case"neq":I.push(En(ar,$r.value));break;case"gt":I.push(Sn(ar,$r.value));break;case"gte":I.push(rn(ar,$r.value));break;case"lt":I.push(hn(ar,$r.value));break;case"lte":I.push(Xn(ar,$r.value));break;case"like":I.push(Tn(ar,$r.value));break;case"ilike":I.push(yw(ar,$r.value));break;case"in":I.push(sh(ar,$r.value));break;case"notIn":I.push(fh(ar,$r.value));break;case"isNull":I.push(Nr(ar));break;case"isNotNull":I.push(Qr(ar));break}}}let K=J.select().from(z);if(I.length>0){let{and:En}=await import("drizzle-orm"),Sn=En(...I);if(Sn)K=K.where(Sn)}if(j.sort&&j.sort.length>0){let En=j.sort.map((Sn)=>{let rn=G(Sn.field);if(!rn)return null;return Sn.direction==="desc"?eh(rn):ah(rn)}).filter((Sn)=>Sn!==null);if(En.length>0)K=K.orderBy(...En)}let tn=j.page??1,wn=j.limit??20,ln=j.offset??(tn-1)*wn,Qn=J.select().from(z);if(I.length>0){let{and:En}=await import("drizzle-orm"),Sn=En(...I);if(Sn)Qn.where(Sn)}let gn=(await Qn).length;K=K.limit(wn).offset(ln);let Gn=await K,Un=Cw(tn,wn,ln,gn);if(g&&nn?.allowedFields)Gn=ce(Gn,nn.allowedFields);return{success:!0,data:{items:Gn,meta:Un}}},{detail:{tags:[R],summary:`List ${h}`,description:`Get paginated list of ${h} records with filtering, sorting, and search`}}),y.get("/:id",async(O)=>{if(!J||!B)return{success:!1,message:"No id column or DB"};let q=O.params,Z=Hf(O.query),nn=A.columns?.map((wn)=>wn.name),j=Z.with?.map((wn)=>wn.name),I=await x(O.request,"GET",nn,j);if(I&&!I.authorized)return{success:!1,message:I.reason||"Unauthorized",status:403};if(Z.with&&Z.with.length>0&&V&&e){let wn=g&&I?.allowedRelations?Z.with.filter((qn)=>I.allowedRelations?.includes(qn.name)??!1):Z.with,Qn=await lh(e,{schema:{...o,...c}}).query[A.table_name]?.findFirst({where:Dr(B,q.id),with:wn.reduce((qn,gn)=>{return qn[gn.name]=gn.limit?{limit:gn.limit}:!0,qn},{})});if(g&&I?.allowedFields&&Qn)Qn=ce(Qn,I.allowedFields);if(g&&I?.allowedRelations&&Qn)Qn=Gu(Qn,I.allowedRelations);return{success:!0,data:Qn||null}}let tn=(await J.select().from(z).where(Dr(B,q.id)))[0]||null;if(g&&I?.allowedFields&&tn)tn=ce(tn,I.allowedFields);return{success:!0,data:tn}},{detail:{tags:[R],summary:`Get ${h} by ID`,description:`Get a single ${h} record by its ID with optional relations`}}),y.get("/distinct/:field",async(O)=>{if(!J)return{success:!1,message:"DB not initialized"};let q=O.params,Z=G(q.field);if(!Z)return{success:!1,message:"Field not found"};return{success:!0,data:await J.selectDistinct({value:Z}).from(z)}},{detail:{tags:[R],summary:`Get distinct ${h} values`,description:`Get distinct values for a specific field in ${h}`}});if(!A.excluded_methods?.includes("POST"))if(A.is_form_data&&w.enabled)y.post("/",async(O)=>{if(!J)return{success:!1,message:"DB not initialized"};let q=O.request.headers.get("x-user-id"),{data:Z,files:nn}=Oi(O.body,w),j=Z;if(A.columns){j=Bo(j,A.columns);let tn=zo(j,A.columns,!1);if(!tn.valid)return{success:!1,message:"Validation failed",errors:tn.errors}}let I=null;if(nn.length>0){if(I=await Ni(nn,w,A.table_name),I.failed.length>0&&I.success.length===0)return{success:!1,message:"File upload failed",errors:I.failed};if(I.success.length>0){let tn=I.success[0];if(tn){let wn=tn.originalName.split(".").pop()||"";j={...j,id:tn.id,name:tn.name,originalName:tn.originalName,path:tn.path,mimeType:tn.mimeType,size:tn.size,extension:wn,uploadedBy:q}}}}if(q)j.createdBy=q;let K=await J.insert(z).values(j).returning();{let tn=new URL(O.request.url);a.audit({entityName:A.table_name,entityId:String(K[0]?.id??""),operation:"CREATE",userId:q||void 0,summary:`Created ${A.table_name}`,newValues:K[0],ipAddress:O.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||O.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:O.request.headers.get("user-agent")||"unknown",path:tn.pathname,query:tn.search})}return{success:!0,data:K[0]}},{type:"formdata",body:Cn.Object({[w.formData.dataField]:Cn.Optional(Cn.Union([Cn.String(),Cn.Any()])),[w.formData.filesField]:Cn.Optional(Cn.Union([Cn.File(),Cn.Array(Cn.File())]))}),detail:{tags:[R],summary:`Create ${h} with files`,description:`Create a new ${h} record with file upload support`}});else y.post("/",async(O)=>{if(!J)return{success:!1,message:"DB not initialized"};let q=O.body,Z=O.request.headers.get("x-user-id");if(A.columns){q=Bo(q,A.columns);let j=zo(q,A.columns,!1);if(!j.valid)return{success:!1,message:"Validation failed",errors:j.errors}}if(Z)q.createdBy=Z;let nn=await J.insert(z).values(q).returning();if(h==="userRoles"&&q.roleId&&q.userId)try{let{roles:j,users:I}=o;if(j&&I){if((await J.select().from(j).where(Dr(j.id,q.roleId)).limit(1))[0]?.name==="godmin")await J.update(I).set({isGod:!0}).where(Dr(I.id,q.userId))}}catch(j){a.warn("[Entity] Failed to sync is_god flag on userRole create")}{let j=new URL(O.request.url);a.audit({entityName:A.table_name,entityId:String(nn[0]?.id??""),operation:"CREATE",userId:Z||void 0,summary:`Created ${A.table_name}`,newValues:nn[0],ipAddress:O.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||O.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:O.request.headers.get("user-agent")||"unknown",path:j.pathname,query:j.search})}return{success:!0,data:nn[0]}},{body:Cn.Object({},{additionalProperties:!0}),detail:{tags:[R],summary:`Create ${h}`,description:`Create a new ${h} record`}});if(!A.excluded_methods?.includes("PUT"))if(A.is_form_data&&w.enabled)y.put("/:id",async(O)=>{if(!J||!B)return{success:!1,message:"No id column or DB"};let q=O.params,Z=O.request.headers.get("x-user-id"),{data:nn,files:j}=Oi(O.body,w),I=nn,K=await J.select().from(z).where(Dr(B,q.id)).limit(1);if(A.columns){I=Bo(I,A.columns);let ln=zo(I,A.columns,!1);if(!ln.valid)return{success:!1,message:"Validation failed",errors:ln.errors}}let tn=null;if(j.length>0)tn=await Ni(j,w,A.table_name);let wn=await J.update(z).set(I).where(Dr(B,q.id)).returning();{let ln=new URL(O.request.url);a.audit({entityName:A.table_name,entityId:q.id,operation:"UPDATE",userId:Z||void 0,summary:`Updated ${A.table_name} (${q.id})`,oldValues:K[0],newValues:wn[0],ipAddress:O.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||O.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:O.request.headers.get("user-agent")||"unknown",path:ln.pathname,query:ln.search})}return{success:!0,data:{record:wn[0],files:tn?.success||[],fileErrors:tn?.failed||[]}}},{type:"formdata",body:Cn.Object({[w.formData.dataField]:Cn.Optional(Cn.Union([Cn.String(),Cn.Any()])),[w.formData.filesField]:Cn.Optional(Cn.Union([Cn.File(),Cn.Array(Cn.File())]))}),detail:{tags:[R],summary:`Update ${h} with files`,description:`Full update of ${h} record with file upload support`}});else y.put("/:id",async(O)=>{if(!J||!B)return{success:!1,message:"No id column or DB"};let{params:q,body:Z}=O,nn=O.request.headers.get("x-user-id"),j=await J.select().from(z).where(Dr(B,q.id)).limit(1);if(A.columns){Z=Bo(Z,A.columns);let K=zo(Z,A.columns,!1);if(!K.valid)return{success:!1,message:"Validation failed",errors:K.errors}}if(Z.updatedAt=new Date,nn)Z.updatedBy=nn;let I=await J.update(z).set(Z).where(Dr(B,q.id)).returning();{let K=new URL(O.request.url);a.audit({entityName:A.table_name,entityId:q.id,operation:"UPDATE",userId:nn||void 0,summary:`Updated ${A.table_name} (${q.id})`,oldValues:j[0],newValues:I[0],ipAddress:O.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||O.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:O.request.headers.get("user-agent")||"unknown",path:K.pathname,query:K.search})}return{success:!0,data:I[0]}},{body:Cn.Object({},{additionalProperties:!0}),detail:{tags:[R],summary:`Update ${h}`,description:`Full update of ${h} record`}});if(!A.excluded_methods?.includes("PATCH"))y.patch("/:id",async(O)=>{if(!J||!B)return{success:!1,message:"No id column or DB"};let{params:q,body:Z}=O,nn=O.request.headers.get("x-user-id"),j=await J.select().from(z).where(Dr(B,q.id)).limit(1);if(A.columns){Z=Bo(Z,A.columns);let K=zo(Z,A.columns,!0);if(!K.valid)return{success:!1,message:"Validation failed",errors:K.errors}}if(Z.updatedAt=new Date,nn)Z.updatedBy=nn;let I=await J.update(z).set(Z).where(Dr(B,q.id)).returning();{let K=new URL(O.request.url);a.audit({entityName:A.table_name,entityId:q.id,operation:"PATCH",userId:nn||void 0,summary:`Patched ${A.table_name} (${q.id})`,oldValues:j[0],newValues:I[0],ipAddress:O.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||O.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:O.request.headers.get("user-agent")||"unknown",path:K.pathname,query:K.search})}return{success:!0,data:I[0]}},{body:Cn.Object({},{additionalProperties:!0}),detail:{tags:[R],summary:`Patch ${h}`,description:`Partial update of ${h} record`}});if(!A.excluded_methods?.includes("DELETE"))y.delete("/:id",async(O)=>{if(!J||!B)return{success:!1,message:"No id column or DB"};let q=O.params,Z=O.request.headers.get("x-user-id"),nn=await J.select().from(z).where(Dr(B,q.id)).limit(1);if(await J.delete(z).where(Dr(B,q.id)),h==="userRoles"&&nn[0])try{let j=nn[0],I=o.roles,K=o.users;if(I&&K&&j.roleId&&j.userId){if((await J.select().from(I).where(Dr(I.id,j.roleId)).limit(1))[0]?.name==="godmin")await J.update(K).set({isGod:!1}).where(Dr(K.id,j.userId))}}catch(j){a.warn("[Entity] Failed to sync is_god flag on userRole delete")}{let j=new URL(O.request.url);a.audit({entityName:A.table_name,entityId:q.id,operation:"DELETE",userId:Z||void 0,summary:`Deleted ${A.table_name} (${q.id})`,oldValues:nn[0],ipAddress:O.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||O.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:O.request.headers.get("user-agent")||"unknown",path:j.pathname,query:j.search})}return{success:!0,data:null}},{detail:{tags:[R],summary:`Delete ${h}`,description:`Delete a ${h} record`}});if(A.bulk_endpoints_enabled){if(!A.excluded_methods?.includes("POST"))y.post("/bulk",async(O)=>{if(!J)return{success:!1,message:"DB not initialized"};let q=O.body;if(!Array.isArray(q))return{success:!1,message:"Body must be an array"};let Z=O.request.headers.get("x-user-id");try{let nn=[];for(let I of q){let K=I;if(A.columns){K=Bo(K,A.columns);let tn=zo(K,A.columns,!1);if(!tn.valid)return{success:!1,message:"Validation failed",errors:tn.errors}}if(Z)K.createdBy=Z;nn.push(K)}return{success:!0,data:await J.transaction(async(I)=>{let K=[];for(let tn of nn){let wn=await I.insert(z).values(tn).returning();K.push(wn[0])}return K})}}catch(nn){return{success:!1,message:nn instanceof Error?nn.message:"Transaction failed"}}},{body:Cn.Array(Cn.Object({},{additionalProperties:!0})),detail:{tags:[R],summary:`Bulk create ${h}`,description:`Create multiple ${h} records`}});if(!A.excluded_methods?.includes("PUT"))y.put("/bulk",async(O)=>{if(!J||!B)return{success:!1,message:"No id column or DB"};let q=O.body;if(!Array.isArray(q))return{success:!1,message:"Body must be an array"};let Z=O.request.headers.get("x-user-id");try{return{success:!0,data:await J.transaction(async(j)=>{let I=[];for(let K of q){let tn=K.data;if(A.columns){tn=Bo(tn,A.columns);let ln=zo(tn,A.columns,!0);if(!ln.valid)return{success:!1,message:"Validation failed",errors:ln.errors}}if(tn.updatedAt=new Date,Z)tn.updatedBy=Z;let wn=await j.update(z).set(tn).where(Dr(B,K.id)).returning();I.push(wn[0])}return I})}}catch(nn){return{success:!1,message:nn instanceof Error?nn.message:"Transaction failed"}}},{body:F,detail:{tags:[R],summary:`Bulk update ${h}`,description:`Update multiple ${h} records`}});if(!A.excluded_methods?.includes("DELETE"))y.delete("/bulk",async(O)=>{if(!J||!B)return{success:!1,message:"No id column or DB"};let q=O.body;if(!Array.isArray(q))return{success:!1,message:"Body must be an array of ids"};try{return await J.transaction(async(Z)=>{for(let nn of q)await Z.delete(z).where(Dr(B,nn))}),{success:!0,data:{deleted:q.length}}}catch(Z){return{success:!1,message:Z instanceof Error?Z.message:"Transaction failed"}}},{body:N,detail:{tags:[R],summary:`Bulk delete ${h}`,description:`Delete multiple ${h} records`}})}n.use(y)}return n}import uh,{t as xi}from"elysia";function wh(n){let r=n.match(/^(\d+)(ms|s|m|h)$/);if(!r||!r[1]||!r[2])return 5000;let t=parseInt(r[1],10);switch(r[2]){case"ms":return t;case"s":return t*1000;case"m":return t*60*1000;case"h":return t*60*60*1000;default:return 5000}}function Jf(n){let{monitoringService:r,logger:t,endpoints:o}=n,c=new uh({prefix:o.basePath});if(!o.enabled)return c;if(o.stream.enabled)c.get(o.stream.path,async function*({request:i}){t.info("[Monitoring] SSE stream connected");let a=wh(o.stream.interval),e=!0;i.signal.addEventListener("abort",()=>{e=!1,t.info("[Monitoring] SSE stream disconnected")});let s=await r.getLatestSnapshot();if(s)yield{event:"snapshot",data:JSON.stringify(s)};while(e){if(await new Promise((_)=>setTimeout(_,a)),!e)break;let f=await r.getLatestSnapshot();if(f)yield{event:"snapshot",data:JSON.stringify(f)};let d=r.getActiveAlerts();if(d.length>0)yield{event:"alerts",data:JSON.stringify(d)}}},{detail:{tags:["Monitoring"],summary:"Stream real-time monitoring data",description:"Server-Sent Events stream for real-time monitoring metrics"}});if(o.snapshot.enabled)c.get(o.snapshot.path,async()=>{let i=await r.getLatestSnapshot();if(!i)return{isSuccess:!1,message:"No monitoring data available",data:null};return{isSuccess:!0,message:"Current monitoring snapshot",data:i}},{detail:{tags:["Monitoring"],summary:"Get current monitoring snapshot",description:"Returns the latest monitoring metrics snapshot"}});if(o.history.enabled)c.get(o.history.path,async({query:i})=>{let a=Math.min(i.minutes?parseInt(String(i.minutes),10):60,o.history.maxMinutes),e=await r.getHistory(a);return{isSuccess:!0,message:`Monitoring history for last ${a} minutes`,data:{minutes:a,count:e.length,snapshots:e}}},{query:xi.Object({minutes:xi.Optional(xi.Numeric())}),detail:{tags:["Monitoring"],summary:"Get monitoring history",description:"Returns historical monitoring data for the specified time range"}});if(o.alerts.enabled)c.get(o.alerts.path,()=>{let i=r.getActiveAlerts();return{isSuccess:!0,message:"Active alerts",data:{count:i.length,alerts:i}}},{detail:{tags:["Monitoring"],summary:"Get active alerts",description:"Returns all currently active monitoring alerts"}}),c.post(`${o.alerts.path}/:alertId/acknowledge`,({params:i})=>{if(!r.acknowledgeAlert(i.alertId))return{isSuccess:!1,message:"Alert not found",data:null};return{isSuccess:!0,message:"Alert acknowledged",data:{alertId:i.alertId}}},{params:xi.Object({alertId:xi.String()}),detail:{tags:["Monitoring"],summary:"Acknowledge an alert",description:"Mark an alert as acknowledged"}});return t.info(`[Monitoring] Routes enabled at ${o.basePath} (stream: ${o.stream.enabled}, snapshot: ${o.snapshot.enabled}, history: ${o.history.enabled}, alerts: ${o.alerts.enabled})`),c}import bh,{t as yr}from"elysia";var gh={"Content-Type":"text/event-stream; charset=utf-8","Cache-Control":"no-cache, no-transform",Connection:"keep-alive"},mh=new TextEncoder,Xf=(n,r)=>{let t=typeof r==="string"?r:JSON.stringify(r);return mh.encode(`event: ${n}
 data: ${t}
-`)};function Tw(n){let{getService:r,logger:t,basePath:o,streamInterval:c}=n,i=new bh({prefix:o}),a=()=>{let e=r();if(!e)throw Error("Live monitoring service not initialized");return e};return i.get("/health",()=>{let e=r();return{status:e?"ok":"initializing",timestamp:Date.now(),monitoring:e?.isEnabled()??!1}},{detail:{tags:["Live Monitoring"],summary:"Health check for live monitoring"}}),i.get("/settings",()=>{return a().getSettings()},{detail:{tags:["Live Monitoring"],summary:"Get live monitoring settings"}}),i.patch("/settings",({body:e})=>{return a().changeSettings(e)},{body:yr.Partial(yr.Object({logMemory:yr.Boolean(),logCpu:yr.Boolean(),logDapr:yr.Boolean(),logWebSocket:yr.Boolean(),memoryLogInterval:yr.Number(),cpuLogInterval:yr.Number(),memoryLogLimit:yr.Number(),cpuLogLimit:yr.Number(),daprLogLimit:yr.Number(),wsLogLimit:yr.Number(),requestLogLimit:yr.Number()})),detail:{tags:["Live Monitoring"],summary:"Change live monitoring settings"}}),i.get("/logs",()=>{return a().getLogs()},{detail:{tags:["Live Monitoring"],summary:"Get all live monitoring logs"}}),i.get("/logs/stream",({request:e})=>{let s=e.signal,f,d=a(),_=d.getSnapshot(),w={memory:_.memory.length?_.memory[_.memory.length-1]?.timestamp??0:0,cpu:_.cpu.length?_.cpu[_.cpu.length-1]?.timestamp??0:0,request:_.requests.length?_.requests[_.requests.length-1]?.timestamp??0:0,dapr:_.dapr.length?_.dapr[_.dapr.length-1]?.timestamp??0:0,ws:_.ws.length?_.ws[_.ws.length-1]?.timestamp??0:0},g=new ReadableStream({start(u){let m=!1;u.enqueue(Xf("snapshot",_));let S=setInterval(()=>{if(m)return;let E=d.getUpdatesSince(w);if(!E){u.enqueue(Xf("heartbeat",{timestamp:Date.now()}));return}if(E.memory.length)w.memory=E.memory[E.memory.length-1]?.timestamp??w.memory;if(E.cpu.length)w.cpu=E.cpu[E.cpu.length-1]?.timestamp??w.cpu;if(E.requests.length)w.request=E.requests[E.requests.length-1]?.timestamp??w.request;if(E.dapr.length)w.dapr=E.dapr[E.dapr.length-1]?.timestamp??w.dapr;if(E.ws.length)w.ws=E.ws[E.ws.length-1]?.timestamp??w.ws;u.enqueue(Xf("update",E))},c),$=()=>{if(m)return;m=!0,clearInterval(S),s?.removeEventListener("abort",$);try{u.close()}catch{}};f=$,s?.addEventListener("abort",$)},cancel(){f?.()}});return new Response(g,{headers:gh})},{detail:{tags:["Live Monitoring"],summary:"Stream real-time live monitoring data via SSE"}}),t.info(`[LiveMonitoring] Routes enabled at ${o} (stream interval: ${c}ms)`),i}import Sh from"elysia";var Pi=new Map;var nb=null;function $h(){let n=Date.now();for(let[r,t]of Pi)if(n-t>1e4)Pi.delete(r)}var oc={totalSent:0,totalAcked:0,totalFailed:0,averageLatencyMs:0};function rb(){if(nb)return;nb=setInterval($h,30000)}function Lf(){return`msg_${Date.now()}_${Math.random().toString(36).substring(2,11)}`}async function Qf(n,r,t){if(!r.userId)return;let o=`pubsub:pending:user:${r.userId}:${r.messageId}`,c=`pubsub:user:pending-set:${r.userId}`;await n.create(o,r,t);let i=await n.read(c),a=i.success&&i.data?i.data:[];if(!a.includes(r.messageId))a.push(r.messageId),await n.create(c,a,t)}async function tb(n,r,t,o){let c=`${r}:${t}`;if(Pi.has(c))return!1;let i=`pubsub:pending:user:${r}:${t}`,a=`pubsub:user:pending-set:${r}`,e=`pubsub:ack:${r}:${t}`,s=await n.read(i);if(!s.success||!s.data)return Pi.set(c,Date.now()),!1;Pi.set(c,Date.now());let f=s.data,d={messageId:t,clientId:f.clientId,ackedAt:Date.now()};await n.create(e,d,60),await n.remove(i);let _=await n.read(a),g=(_.success&&_.data?_.data:[]).filter((m)=>m!==t);if(g.length>0)await n.create(a,g,o);else await n.remove(a);let u=Date.now()-f.sentAt;return Ah(u),!0}async function ob(n,r){if(!r)return[];let t=`pubsub:user:pending-set:${r}`,o=await n.read(t),c=o.success&&o.data?o.data:[],i=[];for(let a of c){let e=`pubsub:pending:user:${r}:${a}`,s=await n.read(e);if(s.success&&s.data)i.push(s.data)}return i.sort((a,e)=>a.sentAt-e.sentAt),i}async function cb(n,r){if(!r)return 0;let t=`pubsub:user:pending-set:${r}`,o=await n.read(t);return(o.success&&o.data?o.data:[]).length}async function ib(n,r,t,o,c){let i=`pubsub:pending:user:${r}:${t}`,a=await n.read(i);if(!a.success||!a.data)return!1;let e={...a.data,retryCount:a.data.retryCount+1};if(e.retryCount>=c)return await hh(n,r,t),Eh(),!1;return await n.create(i,e,o),!0}async function hh(n,r,t){let o=`pubsub:pending:user:${r}:${t}`,c=`pubsub:user:pending-set:${r}`;await n.remove(o);let i=await n.read(c),e=(i.success&&i.data?i.data:[]).filter((s)=>s!==t);if(e.length>0)await n.create(c,e,300);else await n.remove(c)}function Gf(){oc.totalSent++}function Ah(n){oc.totalAcked++,oc.averageLatencyMs=(oc.averageLatencyMs*(oc.totalAcked-1)+n)/oc.totalAcked}function Eh(){oc.totalFailed++}var hr=new Map,Ci=new Map;function ab(n){let{redis:r,logger:t}=n,o=n.ack.ttlSeconds,c=n.ack.enabled,i=n.ack.maxRetries,a=n.presence.enabled,e=n.presence.debounceMs,s=n.maxClientsPerUser;function f(){return`client_${Date.now()}_${Math.random().toString(36).substring(2,9)}`}function d(k,D,A,h){let R=g(A);if(R.length>=s){let B=R[0];if(B)t.info("[PubSub] Max clients reached, closing oldest",{userId:A,oldestClientId:B}),_(B)}hr.set(k,{ws:D,userId:A,subscribedTopics:new Set(h),connectedAt:Date.now(),pendingAcks:new Map}),t.info("[PubSub] Client registered",{clientId:k,userId:A,topics:h,totalClients:hr.size})}function _(k){let D=hr.get(k);if(!D)return;let A=D.userId;if(hr.delete(k),t.info("[PubSub] Client unregistered",{clientId:k,userId:A,totalClients:hr.size}),a&&A){if(g(A).length===0)U(A,"offline")}}function w(k,D){let A=hr.get(k);if(A)A.subscribedTopics=new Set(D)}function g(k){let D=[];for(let[A,h]of hr)if(h.userId===k)D.push(A);return D}function u(){let k=new Set;for(let[,D]of hr)if(D.userId)k.add(D.userId);return k}function m(){return hr.size}function l(k,D){let A=hr.get(k);if(!A)return!1;try{return A.ws.send(JSON.stringify(D)),!0}catch{return hr.delete(k),!1}}function S(k,D){let A=Lf(),h=Date.now(),R=JSON.stringify({type:"event",messageId:c?A:void 0,topic:k,data:D,timestamp:h}),B=0;for(let[Y,X]of hr)if(X.subscribedTopics.has("*")||X.subscribedTopics.has(k))try{if(X.ws.send(R),B++,c){if(X.pendingAcks.set(A,{sentAt:h,retryCount:0}),Gf(),X.userId)Qf(r,{messageId:A,topic:k,clientId:Y,userId:X.userId,data:D,sentAt:h,retryCount:0,maxRetries:i},o).catch(()=>{})}}catch{hr.delete(Y)}t.info("[PubSub] Broadcasted event",{topic:k,messageId:A,sentCount:B})}function $(k,D,A){let h=Lf(),R=Date.now(),B=JSON.stringify({type:"event",messageId:c?h:void 0,topic:D,data:A,timestamp:R}),Y=0,X=!1;for(let[z,J]of hr){if(J.userId!==k)continue;if(!J.subscribedTopics.has("*")&&!J.subscribedTopics.has(D))continue;try{if(J.ws.send(B),Y++,X=!0,c)J.pendingAcks.set(h,{sentAt:R,retryCount:0}),Gf()}catch{hr.delete(z)}}if(c)Qf(r,{messageId:h,topic:D,clientId:X?"delivered":"pending",userId:k,data:A,sentAt:R,retryCount:0,maxRetries:i},o).catch(()=>{});t.info("[PubSub] Broadcasted to user",{userId:k,topic:D,messageId:h,sentCount:Y,storedForOffline:!X})}function E(k,D,A){let h=Date.now(),R=JSON.stringify({type:"event",topic:D,data:A,timestamp:h});for(let[B,Y]of hr){if(Y.userId!==k)continue;if(!Y.subscribedTopics.has("*")&&!Y.subscribedTopics.has(D))continue;try{Y.ws.send(R)}catch{hr.delete(B)}}}function U(k,D){let A=`${k}:${D}`,h=Date.now(),R=Ci.get(A);if(R&&h-R<e)return;if(Ci.set(A,h),Ci.size>1000){let Y=h-e*2;for(let[X,z]of Ci)if(z<Y)Ci.delete(X)}let B=u();for(let Y of B)if(Y!==k)E(Y,"user-presence",{type:"user-presence",data:{userId:k,status:D}})}async function W(k,D){if(!c)return!0;let A=hr.get(k);if(!A)return!1;if(A.pendingAcks.get(D))A.pendingAcks.delete(D);if(A.userId)return tb(r,A.userId,D,o);return!0}async function H(k,D){if(!c)return 0;let A=hr.get(D);if(!A||A.userId!==k)return 0;let h=await ob(r,k);if(h.length===0)return 0;t.info("[PubSub] Delivering pending messages",{userId:k,count:h.length});let R=0;for(let B of h){if(!A.subscribedTopics.has("*")&&!A.subscribedTopics.has(B.topic))continue;let Y=JSON.stringify({type:"event",messageId:B.messageId,topic:B.topic,data:B.data,timestamp:B.sentAt,isRedelivery:!0});try{A.ws.send(Y),A.pendingAcks.set(B.messageId,{sentAt:Date.now(),retryCount:B.retryCount+1}),await ib(r,k,B.messageId,o,i),R++}catch{break}}return R}return{generateClientId:f,registerClient:d,unregisterClient:_,updateClientTopics:w,getClientsByUser:g,getConnectedUserIds:u,getClientCount:m,sendToClient:l,broadcastEvent:S,broadcastToUser:$,broadcastToUserNoAck:E,broadcastPresenceToOthers:U,handleClientAck:W,deliverPendingMessages:H,getPendingMessageCount:(k)=>cb(r,k)}}function Of(n){let{logger:r,getLiveMonitoringService:t}=n,o=ab(n);if(n.ack.enabled)rb();let c=null,i=new Sh;return i.onStart(()=>{if(n.cleanupIntervalMs>0)c=setInterval(()=>{r.info("[PubSub] Periodic cleanup running",{totalClients:o.getClientCount()})},n.cleanupIntervalMs);r.info("[PubSub] Routes initialized",{basePath:n.basePath,wsPath:n.wsPath,ackEnabled:n.ack.enabled,presenceEnabled:n.presence.enabled})}),i.onStop(()=>{if(c)clearInterval(c),c=null}),i.post(`${n.basePath}/:topic`,async({params:a,body:e,request:s,set:f})=>{let d=a.topic,_;try{if(!e){let g=await s.text();_=JSON.parse(g)}else _=e}catch{return f.status=200,{status:"DROP"}}r.info("[PubSub] Dapr event received",{topic:d,eventId:_.id,source:_.source});let w=_.data?.user_id;if(w)o.broadcastToUser(w,d,_);else o.broadcastEvent(d,_);return t?.()?.recordDaprEvent("pubsub_subscribe",{topic:d,success:!0,metadata:{eventId:_.id,source:_.source,userId:w||null}}),f.status=200,{status:"SUCCESS"}}),i.ws(n.wsPath,{idleTimeout:n.wsIdleTimeout,open(a){let e=a.data?.query||{};if(!e.userId){a.send(JSON.stringify({type:"error",error:"userId is required for WebSocket connection",timestamp:Date.now()})),a.close(4001,"userId is required"),t?.()?.recordWsEvent("error",{success:!1,error:"userId is required"});return}let s=o.generateClientId(),f=e.topics?.split(",").map((_)=>_.trim())||["*"];if(a.data.clientId=s,o.registerClient(s,a,e.userId,f),a.send(JSON.stringify({type:"connected",clientId:s,subscribedTopics:f,timestamp:Date.now()})),t?.()?.recordWsEvent("connection",{clientId:s,userId:e.userId,topic:f.join(","),success:!0}),n.presence.enabled)o.broadcastPresenceToOthers(e.userId,"online");let d=e.userId;if(n.ack.enabled&&d)o.getPendingMessageCount(d).then((_)=>{if(_>0)r.info("[PubSub] Delivering pending messages",{userId:d,count:_}),o.deliverPendingMessages(d,s).catch(()=>{})}).catch(()=>{})},message(a,e){let s=a.data.clientId;try{let f=null;if(typeof e==="string")f=JSON.parse(e);else if(e&&typeof e==="object"){if(f="type"in e?e:null,typeof f==="string")f=JSON.parse(f)}if(!f?.type)return;switch(t?.()?.recordWsEvent("message",{clientId:s,messageType:f.type,success:!0,dataSize:typeof e==="string"?e.length:0}),f.type){case"subscribe":if(Array.isArray(f.topics))o.updateClientTopics(s,f.topics),o.sendToClient(s,{type:"subscribed",topics:f.topics,timestamp:Date.now()});break;case"unsubscribe":r.info("[PubSub] Unsubscribe request",{clientId:s,topics:f.topics});break;case"ping":o.sendToClient(s,{type:"pong",timestamp:Date.now()});break;case"ack":if(f.messageId)o.handleClientAck(s,f.messageId).catch(()=>{});break}}catch{r.warn("[PubSub] Failed to parse client message",{clientId:s})}},close(a,e,s){let f=a.data.clientId;if(f)o.unregisterClient(f);t?.()?.recordWsEvent("close",{clientId:f,success:!0,metadata:{code:e,reason:s||""}}),r.info("[PubSub] Client disconnected",{clientId:f,code:e,reason:s})}}),{plugin:i,clientManager:o}}cf();_f();import{Elysia as Ee,t as v}from"elysia";function eb(n){let{db:r,schemaTables:t,config:o,logger:c}=n,i=new ff({db:r,schemaTables:t,config:o,logger:c}),a=new of({db:r,schemaTables:t,config:n.notificationConfig||{enabled:!1},logger:c,gmailService:n.gmailService});i.setNotificationHandler(async(w)=>{if(!n.notificationConfig?.enabled)return;await a.triggerNotifications({trigger:w.trigger,flow_id:w.flow_id,entity_name:w.entity_name,entity_id:w.entity_id,node_id:w.node_id,verifier_id:w.verifier_id,decision:w.decision,context:w.context})});let e=o.endpoints?.basePath||"/verifications",s=o.flowEndpoints?.basePath||"/verification-flows",f=n.notificationConfig?.endpoints?.basePath||"/notifications",d=new Ee,_=new Ee({prefix:e});if(_.get("/status/:entity_name/:entity_id",async({params:w})=>{return{success:!0,data:await i.getStatus(w.entity_name,w.entity_id)}},{params:v.Object({entity_name:v.String(),entity_id:v.String()})}),_.post("/:entity_name/:entity_id/decide",async({params:w,body:g,request:u})=>{let m=u.headers.get("x-user-id");if(!m)return{success:!1,message:"User ID required",status:401};return await i.decide({entity_name:w.entity_name,entity_id:w.entity_id,user_id:m,decision:g.decision,reason:g.reason,signature_id:g.signature_id,diff:g.diff})},{params:v.Object({entity_name:v.String(),entity_id:v.String()}),body:v.Object({decision:v.Union([v.Literal("approved"),v.Literal("rejected")]),reason:v.Optional(v.String()),signature_id:v.Optional(v.String()),diff:v.Optional(v.Record(v.String(),v.Unknown()))})}),_.get("/pending",async({request:w})=>{let g=w.headers.get("x-user-id");if(!g)return{success:!1,message:"User ID required",status:401};return{success:!0,data:await i.getPending(g)}}),_.get("/history/:entity_name/:entity_id",async({params:w})=>{let g=await i.getStatus(w.entity_name,w.entity_id);return{success:!0,data:{verifications:g.verifications,current_step:g.current_step,total_steps:g.total_steps,is_completed:g.is_completed,is_rejected:g.is_rejected}}},{params:v.Object({entity_name:v.String(),entity_id:v.String()})}),_.post("/start",async({body:w,request:g})=>{let u=g.headers.get("x-user-id");return await i.startFlow({flow_id:w.flow_id,entity_name:w.entity_name,entity_id:w.entity_id,started_by:u||void 0})},{body:v.Object({flow_id:v.String(),entity_name:v.String(),entity_id:v.String()})}),_.post("/start-for-entity",async({body:w,request:g})=>{let u=g.headers.get("x-user-id");return await i.startFlowForEntity({entity_name:w.entity_name,entity_id:w.entity_id,started_by:u||void 0})},{body:v.Object({entity_name:v.String(),entity_id:v.String()})}),_.get("/statuses/:entity_name",async({params:w,query:g})=>{return{success:!0,data:await i.listEntityStatuses({entity_name:w.entity_name,status:g.status||void 0,page:g.page?Number(g.page):void 0,limit:g.limit?Number(g.limit):void 0})}},{params:v.Object({entity_name:v.String()}),query:v.Object({status:v.Optional(v.String()),page:v.Optional(v.String()),limit:v.Optional(v.String())})}),d.use(_),c.info(`[Verification] Routes registered at ${e}`),o.flowEndpoints?.enabled!==!1){let w=new Ee({prefix:s});w.get("/",async({query:g})=>{return{success:!0,data:await i.listFlows(g.entity_name||void 0)}},{query:v.Object({entity_name:v.Optional(v.String())})}),w.get("/:flow_id",async({params:g})=>{let u=await i.getFlow(g.flow_id);if(!u)return{success:!1,message:"Flow not found"};return{success:!0,data:u}},{params:v.Object({flow_id:v.String()})}),w.post("/",async({body:g})=>{return await i.saveFlow(g)},{body:v.Object({flow_id:v.String(),entity_name:v.String(),name:v.String(),description:v.Optional(v.String()),trigger_on:v.Union([v.Literal("create"),v.Literal("update"),v.Literal("delete"),v.Literal("manual")]),trigger_fields:v.Optional(v.Array(v.String())),is_draft:v.Boolean(),viewport:v.Optional(v.Object({x:v.Number(),y:v.Number(),zoom:v.Number()})),graph:v.Object({steps:v.Array(v.Any()),edges:v.Array(v.Any()),verifier_configs:v.Array(v.Any()),notification_rules:v.Array(v.Any()),notification_recipients:v.Array(v.Any()),notification_channels:v.Array(v.Any())})})}),w.post("/:flow_id/publish",async({params:g})=>{return await i.publishFlow(g.flow_id)},{params:v.Object({flow_id:v.String()})}),w.delete("/:flow_id",async({params:g})=>{return await i.deleteFlow(g.flow_id)},{params:v.Object({flow_id:v.String()})}),d.use(w),c.info(`[Verification] Flow routes registered at ${s}`)}if(n.notificationConfig?.enabled&&n.notificationConfig?.endpoints?.enabled!==!1){let w=new Ee({prefix:f});w.get("/",async({request:g,query:u})=>{let m=g.headers.get("x-user-id");if(!m)return{success:!1,message:"User ID required"};return{success:!0,data:await a.getNotifications(m,{limit:u.limit?Number(u.limit):void 0,offset:u.offset?Number(u.offset):void 0,type:u.type||void 0})}},{query:v.Object({limit:v.Optional(v.String()),offset:v.Optional(v.String()),type:v.Optional(v.String())})}),w.get("/unseen-count",async({request:g})=>{let u=g.headers.get("x-user-id");if(!u)return{success:!1,message:"User ID required"};return{success:!0,data:{count:await a.getUnseenCount(u)}}}),w.post("/:notification_id/seen",async({params:g,request:u})=>{let m=u.headers.get("x-user-id");if(!m)return{success:!1,message:"User ID required"};let l=await a.markAsSeen(g.notification_id,m);return{success:l,message:l?"Marked as seen":"Failed"}},{params:v.Object({notification_id:v.String()})}),w.post("/seen-all",async({request:g})=>{let u=g.headers.get("x-user-id");if(!u)return{success:!1,message:"User ID required"};return{success:!0,data:{count:await a.markAllAsSeen(u)}}}),d.use(w),c.info(`[Notification] Routes registered at ${f}`)}return{routes:d,verificationService:i,notificationService:a}}import{Elysia as F3}from"elysia";var sb=`/* basic theme */
+`)};function Tw(n){let{getService:r,logger:t,basePath:o,streamInterval:c}=n,i=new bh({prefix:o}),a=()=>{let e=r();if(!e)throw Error("Live monitoring service not initialized");return e};return i.get("/health",()=>{let e=r();return{status:e?"ok":"initializing",timestamp:Date.now(),monitoring:e?.isEnabled()??!1}},{detail:{tags:["Live Monitoring"],summary:"Health check for live monitoring"}}),i.get("/settings",()=>{return a().getSettings()},{detail:{tags:["Live Monitoring"],summary:"Get live monitoring settings"}}),i.patch("/settings",({body:e})=>{return a().changeSettings(e)},{body:yr.Partial(yr.Object({logMemory:yr.Boolean(),logCpu:yr.Boolean(),logDapr:yr.Boolean(),logWebSocket:yr.Boolean(),memoryLogInterval:yr.Number(),cpuLogInterval:yr.Number(),memoryLogLimit:yr.Number(),cpuLogLimit:yr.Number(),daprLogLimit:yr.Number(),wsLogLimit:yr.Number(),requestLogLimit:yr.Number()})),detail:{tags:["Live Monitoring"],summary:"Change live monitoring settings"}}),i.get("/logs",()=>{return a().getLogs()},{detail:{tags:["Live Monitoring"],summary:"Get all live monitoring logs"}}),i.get("/logs/stream",({request:e})=>{let s=e.signal,f,d=a(),_=d.getSnapshot(),w={memory:_.memory.length?_.memory[_.memory.length-1]?.timestamp??0:0,cpu:_.cpu.length?_.cpu[_.cpu.length-1]?.timestamp??0:0,request:_.requests.length?_.requests[_.requests.length-1]?.timestamp??0:0,dapr:_.dapr.length?_.dapr[_.dapr.length-1]?.timestamp??0:0,ws:_.ws.length?_.ws[_.ws.length-1]?.timestamp??0:0},g=new ReadableStream({start(u){let m=!1;u.enqueue(Xf("snapshot",_));let E=setInterval(()=>{if(m)return;let S=d.getUpdatesSince(w);if(!S){u.enqueue(Xf("heartbeat",{timestamp:Date.now()}));return}if(S.memory.length)w.memory=S.memory[S.memory.length-1]?.timestamp??w.memory;if(S.cpu.length)w.cpu=S.cpu[S.cpu.length-1]?.timestamp??w.cpu;if(S.requests.length)w.request=S.requests[S.requests.length-1]?.timestamp??w.request;if(S.dapr.length)w.dapr=S.dapr[S.dapr.length-1]?.timestamp??w.dapr;if(S.ws.length)w.ws=S.ws[S.ws.length-1]?.timestamp??w.ws;u.enqueue(Xf("update",S))},c),$=()=>{if(m)return;m=!0,clearInterval(E),s?.removeEventListener("abort",$);try{u.close()}catch{}};f=$,s?.addEventListener("abort",$)},cancel(){f?.()}});return new Response(g,{headers:gh})},{detail:{tags:["Live Monitoring"],summary:"Stream real-time live monitoring data via SSE"}}),t.info(`[LiveMonitoring] Routes enabled at ${o} (stream interval: ${c}ms)`),i}import Sh from"elysia";var Pi=new Map;var nb=null;function $h(){let n=Date.now();for(let[r,t]of Pi)if(n-t>1e4)Pi.delete(r)}var cc={totalSent:0,totalAcked:0,totalFailed:0,averageLatencyMs:0};function rb(){if(nb)return;nb=setInterval($h,30000)}function Lf(){return`msg_${Date.now()}_${Math.random().toString(36).substring(2,11)}`}async function Qf(n,r,t){if(!r.userId)return;let o=`pubsub:pending:user:${r.userId}:${r.messageId}`,c=`pubsub:user:pending-set:${r.userId}`;await n.create(o,r,t);let i=await n.read(c),a=i.success&&i.data?i.data:[];if(!a.includes(r.messageId))a.push(r.messageId),await n.create(c,a,t)}async function tb(n,r,t,o){let c=`${r}:${t}`;if(Pi.has(c))return!1;let i=`pubsub:pending:user:${r}:${t}`,a=`pubsub:user:pending-set:${r}`,e=`pubsub:ack:${r}:${t}`,s=await n.read(i);if(!s.success||!s.data)return Pi.set(c,Date.now()),!1;Pi.set(c,Date.now());let f=s.data,d={messageId:t,clientId:f.clientId,ackedAt:Date.now()};await n.create(e,d,60),await n.remove(i);let _=await n.read(a),g=(_.success&&_.data?_.data:[]).filter((m)=>m!==t);if(g.length>0)await n.create(a,g,o);else await n.remove(a);let u=Date.now()-f.sentAt;return Ah(u),!0}async function ob(n,r){if(!r)return[];let t=`pubsub:user:pending-set:${r}`,o=await n.read(t),c=o.success&&o.data?o.data:[],i=[];for(let a of c){let e=`pubsub:pending:user:${r}:${a}`,s=await n.read(e);if(s.success&&s.data)i.push(s.data)}return i.sort((a,e)=>a.sentAt-e.sentAt),i}async function cb(n,r){if(!r)return 0;let t=`pubsub:user:pending-set:${r}`,o=await n.read(t);return(o.success&&o.data?o.data:[]).length}async function ib(n,r,t,o,c){let i=`pubsub:pending:user:${r}:${t}`,a=await n.read(i);if(!a.success||!a.data)return!1;let e={...a.data,retryCount:a.data.retryCount+1};if(e.retryCount>=c)return await hh(n,r,t),Eh(),!1;return await n.create(i,e,o),!0}async function hh(n,r,t){let o=`pubsub:pending:user:${r}:${t}`,c=`pubsub:user:pending-set:${r}`;await n.remove(o);let i=await n.read(c),e=(i.success&&i.data?i.data:[]).filter((s)=>s!==t);if(e.length>0)await n.create(c,e,300);else await n.remove(c)}function Gf(){cc.totalSent++}function Ah(n){cc.totalAcked++,cc.averageLatencyMs=(cc.averageLatencyMs*(cc.totalAcked-1)+n)/cc.totalAcked}function Eh(){cc.totalFailed++}var hr=new Map,Ci=new Map;function ab(n){let{redis:r,logger:t}=n,o=n.ack.ttlSeconds,c=n.ack.enabled,i=n.ack.maxRetries,a=n.presence.enabled,e=n.presence.debounceMs,s=n.maxClientsPerUser;function f(){return`client_${Date.now()}_${Math.random().toString(36).substring(2,9)}`}function d(k,D,A,h){let R=g(A);if(R.length>=s){let z=R[0];if(z)t.info("[PubSub] Max clients reached, closing oldest",{userId:A,oldestClientId:z}),_(z)}hr.set(k,{ws:D,userId:A,subscribedTopics:new Set(h),connectedAt:Date.now(),pendingAcks:new Map}),t.info("[PubSub] Client registered",{clientId:k,userId:A,topics:h,totalClients:hr.size})}function _(k){let D=hr.get(k);if(!D)return;let A=D.userId;if(hr.delete(k),t.info("[PubSub] Client unregistered",{clientId:k,userId:A,totalClients:hr.size}),a&&A){if(g(A).length===0)U(A,"offline")}}function w(k,D){let A=hr.get(k);if(A)A.subscribedTopics=new Set(D)}function g(k){let D=[];for(let[A,h]of hr)if(h.userId===k)D.push(A);return D}function u(){let k=new Set;for(let[,D]of hr)if(D.userId)k.add(D.userId);return k}function m(){return hr.size}function l(k,D){let A=hr.get(k);if(!A)return!1;try{return A.ws.send(JSON.stringify(D)),!0}catch{return hr.delete(k),!1}}function E(k,D){let A=Lf(),h=Date.now(),R=JSON.stringify({type:"event",messageId:c?A:void 0,topic:k,data:D,timestamp:h}),z=0;for(let[V,Q]of hr)if(Q.subscribedTopics.has("*")||Q.subscribedTopics.has(k))try{if(Q.ws.send(R),z++,c){if(Q.pendingAcks.set(A,{sentAt:h,retryCount:0}),Gf(),Q.userId)Qf(r,{messageId:A,topic:k,clientId:V,userId:Q.userId,data:D,sentAt:h,retryCount:0,maxRetries:i},o).catch(()=>{})}}catch{hr.delete(V)}t.info("[PubSub] Broadcasted event",{topic:k,messageId:A,sentCount:z})}function $(k,D,A){let h=Lf(),R=Date.now(),z=JSON.stringify({type:"event",messageId:c?h:void 0,topic:D,data:A,timestamp:R}),V=0,Q=!1;for(let[B,J]of hr){if(J.userId!==k)continue;if(!J.subscribedTopics.has("*")&&!J.subscribedTopics.has(D))continue;try{if(J.ws.send(z),V++,Q=!0,c)J.pendingAcks.set(h,{sentAt:R,retryCount:0}),Gf()}catch{hr.delete(B)}}if(c)Qf(r,{messageId:h,topic:D,clientId:Q?"delivered":"pending",userId:k,data:A,sentAt:R,retryCount:0,maxRetries:i},o).catch(()=>{});t.info("[PubSub] Broadcasted to user",{userId:k,topic:D,messageId:h,sentCount:V,storedForOffline:!Q})}function S(k,D,A){let h=Date.now(),R=JSON.stringify({type:"event",topic:D,data:A,timestamp:h});for(let[z,V]of hr){if(V.userId!==k)continue;if(!V.subscribedTopics.has("*")&&!V.subscribedTopics.has(D))continue;try{V.ws.send(R)}catch{hr.delete(z)}}}function U(k,D){let A=`${k}:${D}`,h=Date.now(),R=Ci.get(A);if(R&&h-R<e)return;if(Ci.set(A,h),Ci.size>1000){let V=h-e*2;for(let[Q,B]of Ci)if(B<V)Ci.delete(Q)}let z=u();for(let V of z)if(V!==k)S(V,"user-presence",{type:"user-presence",data:{userId:k,status:D}})}async function W(k,D){if(!c)return!0;let A=hr.get(k);if(!A)return!1;if(A.pendingAcks.get(D))A.pendingAcks.delete(D);if(A.userId)return tb(r,A.userId,D,o);return!0}async function H(k,D){if(!c)return 0;let A=hr.get(D);if(!A||A.userId!==k)return 0;let h=await ob(r,k);if(h.length===0)return 0;t.info("[PubSub] Delivering pending messages",{userId:k,count:h.length});let R=0;for(let z of h){if(!A.subscribedTopics.has("*")&&!A.subscribedTopics.has(z.topic))continue;let V=JSON.stringify({type:"event",messageId:z.messageId,topic:z.topic,data:z.data,timestamp:z.sentAt,isRedelivery:!0});try{A.ws.send(V),A.pendingAcks.set(z.messageId,{sentAt:Date.now(),retryCount:z.retryCount+1}),await ib(r,k,z.messageId,o,i),R++}catch{break}}return R}return{generateClientId:f,registerClient:d,unregisterClient:_,updateClientTopics:w,getClientsByUser:g,getConnectedUserIds:u,getClientCount:m,sendToClient:l,broadcastEvent:E,broadcastToUser:$,broadcastToUserNoAck:S,broadcastPresenceToOthers:U,handleClientAck:W,deliverPendingMessages:H,getPendingMessageCount:(k)=>cb(r,k)}}function Of(n){let{logger:r,getLiveMonitoringService:t}=n,o=ab(n);if(n.ack.enabled)rb();let c=null,i=new Sh;return i.onStart(()=>{if(n.cleanupIntervalMs>0)c=setInterval(()=>{r.info("[PubSub] Periodic cleanup running",{totalClients:o.getClientCount()})},n.cleanupIntervalMs);r.info("[PubSub] Routes initialized",{basePath:n.basePath,wsPath:n.wsPath,ackEnabled:n.ack.enabled,presenceEnabled:n.presence.enabled})}),i.onStop(()=>{if(c)clearInterval(c),c=null}),i.post(`${n.basePath}/:topic`,async({params:a,body:e,request:s,set:f})=>{let d=a.topic,_;try{if(!e){let g=await s.text();_=JSON.parse(g)}else _=e}catch{return f.status=200,{status:"DROP"}}r.info("[PubSub] Dapr event received",{topic:d,eventId:_.id,source:_.source});let w=_.data?.user_id;if(w)o.broadcastToUser(w,d,_);else o.broadcastEvent(d,_);return t?.()?.recordDaprEvent("pubsub_subscribe",{topic:d,success:!0,metadata:{eventId:_.id,source:_.source,userId:w||null}}),f.status=200,{status:"SUCCESS"}}),i.ws(n.wsPath,{idleTimeout:n.wsIdleTimeout,open(a){let e=a.data?.query||{};if(!e.userId){a.send(JSON.stringify({type:"error",error:"userId is required for WebSocket connection",timestamp:Date.now()})),a.close(4001,"userId is required"),t?.()?.recordWsEvent("error",{success:!1,error:"userId is required"});return}let s=o.generateClientId(),f=e.topics?.split(",").map((_)=>_.trim())||["*"];if(a.data.clientId=s,o.registerClient(s,a,e.userId,f),a.send(JSON.stringify({type:"connected",clientId:s,subscribedTopics:f,timestamp:Date.now()})),t?.()?.recordWsEvent("connection",{clientId:s,userId:e.userId,topic:f.join(","),success:!0}),n.presence.enabled)o.broadcastPresenceToOthers(e.userId,"online");let d=e.userId;if(n.ack.enabled&&d)o.getPendingMessageCount(d).then((_)=>{if(_>0)r.info("[PubSub] Delivering pending messages",{userId:d,count:_}),o.deliverPendingMessages(d,s).catch(()=>{})}).catch(()=>{})},message(a,e){let s=a.data.clientId;try{let f=null;if(typeof e==="string")f=JSON.parse(e);else if(e&&typeof e==="object"){if(f="type"in e?e:null,typeof f==="string")f=JSON.parse(f)}if(!f?.type)return;switch(t?.()?.recordWsEvent("message",{clientId:s,messageType:f.type,success:!0,dataSize:typeof e==="string"?e.length:0}),f.type){case"subscribe":if(Array.isArray(f.topics))o.updateClientTopics(s,f.topics),o.sendToClient(s,{type:"subscribed",topics:f.topics,timestamp:Date.now()});break;case"unsubscribe":r.info("[PubSub] Unsubscribe request",{clientId:s,topics:f.topics});break;case"ping":o.sendToClient(s,{type:"pong",timestamp:Date.now()});break;case"ack":if(f.messageId)o.handleClientAck(s,f.messageId).catch(()=>{});break}}catch{r.warn("[PubSub] Failed to parse client message",{clientId:s})}},close(a,e,s){let f=a.data.clientId;if(f)o.unregisterClient(f);t?.()?.recordWsEvent("close",{clientId:f,success:!0,metadata:{code:e,reason:s||""}}),r.info("[PubSub] Client disconnected",{clientId:f,code:e,reason:s})}}),{plugin:i,clientManager:o}}cf();_f();import{Elysia as Ee,t as v}from"elysia";function eb(n){let{db:r,schemaTables:t,config:o,logger:c}=n,i=new ff({db:r,schemaTables:t,config:o,logger:c}),a=new of({db:r,schemaTables:t,config:n.notificationConfig||{enabled:!1},logger:c,gmailService:n.gmailService});i.setNotificationHandler(async(w)=>{if(!n.notificationConfig?.enabled)return;await a.triggerNotifications({trigger:w.trigger,flow_id:w.flow_id,entity_name:w.entity_name,entity_id:w.entity_id,node_id:w.node_id,verifier_id:w.verifier_id,decision:w.decision,context:w.context})});let e=o.endpoints?.basePath||"/verifications",s=o.flowEndpoints?.basePath||"/verification-flows",f=n.notificationConfig?.endpoints?.basePath||"/notifications",d=new Ee,_=new Ee({prefix:e});if(_.get("/status/:entity_name/:entity_id",async({params:w})=>{return{success:!0,data:await i.getStatus(w.entity_name,w.entity_id)}},{params:v.Object({entity_name:v.String(),entity_id:v.String()})}),_.post("/:entity_name/:entity_id/decide",async({params:w,body:g,request:u})=>{let m=u.headers.get("x-user-id");if(!m)return{success:!1,message:"User ID required",status:401};return await i.decide({entity_name:w.entity_name,entity_id:w.entity_id,user_id:m,decision:g.decision,reason:g.reason,signature_id:g.signature_id,diff:g.diff})},{params:v.Object({entity_name:v.String(),entity_id:v.String()}),body:v.Object({decision:v.Union([v.Literal("approved"),v.Literal("rejected")]),reason:v.Optional(v.String()),signature_id:v.Optional(v.String()),diff:v.Optional(v.Record(v.String(),v.Unknown()))})}),_.get("/pending",async({request:w})=>{let g=w.headers.get("x-user-id");if(!g)return{success:!1,message:"User ID required",status:401};return{success:!0,data:await i.getPending(g)}}),_.get("/history/:entity_name/:entity_id",async({params:w})=>{let g=await i.getStatus(w.entity_name,w.entity_id);return{success:!0,data:{verifications:g.verifications,current_step:g.current_step,total_steps:g.total_steps,is_completed:g.is_completed,is_rejected:g.is_rejected}}},{params:v.Object({entity_name:v.String(),entity_id:v.String()})}),_.post("/start",async({body:w,request:g})=>{let u=g.headers.get("x-user-id");return await i.startFlow({flow_id:w.flow_id,entity_name:w.entity_name,entity_id:w.entity_id,started_by:u||void 0})},{body:v.Object({flow_id:v.String(),entity_name:v.String(),entity_id:v.String()})}),_.post("/start-for-entity",async({body:w,request:g})=>{let u=g.headers.get("x-user-id");return await i.startFlowForEntity({entity_name:w.entity_name,entity_id:w.entity_id,started_by:u||void 0})},{body:v.Object({entity_name:v.String(),entity_id:v.String()})}),_.get("/statuses/:entity_name",async({params:w,query:g})=>{return{success:!0,data:await i.listEntityStatuses({entity_name:w.entity_name,status:g.status||void 0,page:g.page?Number(g.page):void 0,limit:g.limit?Number(g.limit):void 0})}},{params:v.Object({entity_name:v.String()}),query:v.Object({status:v.Optional(v.String()),page:v.Optional(v.String()),limit:v.Optional(v.String())})}),d.use(_),c.info(`[Verification] Routes registered at ${e}`),o.flowEndpoints?.enabled!==!1){let w=new Ee({prefix:s});w.get("/",async({query:g})=>{return{success:!0,data:await i.listFlows(g.entity_name||void 0)}},{query:v.Object({entity_name:v.Optional(v.String())})}),w.get("/:flow_id",async({params:g})=>{let u=await i.getFlow(g.flow_id);if(!u)return{success:!1,message:"Flow not found"};return{success:!0,data:u}},{params:v.Object({flow_id:v.String()})}),w.post("/",async({body:g})=>{return await i.saveFlow(g)},{body:v.Object({flow_id:v.String(),entity_name:v.String(),name:v.String(),description:v.Optional(v.String()),trigger_on:v.Union([v.Literal("create"),v.Literal("update"),v.Literal("delete"),v.Literal("manual")]),trigger_fields:v.Optional(v.Array(v.String())),is_draft:v.Boolean(),viewport:v.Optional(v.Object({x:v.Number(),y:v.Number(),zoom:v.Number()})),graph:v.Object({steps:v.Array(v.Any()),edges:v.Array(v.Any()),verifier_configs:v.Array(v.Any()),notification_rules:v.Array(v.Any()),notification_recipients:v.Array(v.Any()),notification_channels:v.Array(v.Any())})})}),w.post("/:flow_id/publish",async({params:g})=>{return await i.publishFlow(g.flow_id)},{params:v.Object({flow_id:v.String()})}),w.delete("/:flow_id",async({params:g})=>{return await i.deleteFlow(g.flow_id)},{params:v.Object({flow_id:v.String()})}),d.use(w),c.info(`[Verification] Flow routes registered at ${s}`)}if(n.notificationConfig?.enabled&&n.notificationConfig?.endpoints?.enabled!==!1){let w=new Ee({prefix:f});w.get("/",async({request:g,query:u})=>{let m=g.headers.get("x-user-id");if(!m)return{success:!1,message:"User ID required"};return{success:!0,data:await a.getNotifications(m,{limit:u.limit?Number(u.limit):void 0,offset:u.offset?Number(u.offset):void 0,type:u.type||void 0})}},{query:v.Object({limit:v.Optional(v.String()),offset:v.Optional(v.String()),type:v.Optional(v.String())})}),w.get("/unseen-count",async({request:g})=>{let u=g.headers.get("x-user-id");if(!u)return{success:!1,message:"User ID required"};return{success:!0,data:{count:await a.getUnseenCount(u)}}}),w.post("/:notification_id/seen",async({params:g,request:u})=>{let m=u.headers.get("x-user-id");if(!m)return{success:!1,message:"User ID required"};let l=await a.markAsSeen(g.notification_id,m);return{success:l,message:l?"Marked as seen":"Failed"}},{params:v.Object({notification_id:v.String()})}),w.post("/seen-all",async({request:g})=>{let u=g.headers.get("x-user-id");if(!u)return{success:!1,message:"User ID required"};return{success:!0,data:{count:await a.markAllAsSeen(u)}}}),d.use(w),c.info(`[Notification] Routes registered at ${f}`)}return{routes:d,verificationService:i,notificationService:a}}import{Elysia as F3}from"elysia";var sb=`/* basic theme */
 :root {
   --scalar-text-decoration: underline;
   --scalar-text-decoration-hover: underline;
@@ -1540,7 +1540,7 @@ data: ${t}
 *::selection {
   background-color: color-mix(in srgb, var(--scalar-color-accent), transparent 70%);
 }
-`;var V={};ho(V,{void:()=>a3,util:()=>An,unknown:()=>c3,union:()=>_3,undefined:()=>r3,tuple:()=>u3,transformer:()=>D3,symbol:()=>n3,string:()=>Hb,strictObject:()=>f3,setErrorMap:()=>Mh,set:()=>g3,record:()=>w3,quotelessJson:()=>Dh,promise:()=>S3,preprocess:()=>R3,pipeline:()=>H3,ostring:()=>z3,optional:()=>k3,onumber:()=>B3,oboolean:()=>U3,objectUtil:()=>Nf,object:()=>s3,number:()=>zb,nullable:()=>M3,null:()=>t3,never:()=>i3,nativeEnum:()=>E3,nan:()=>ph,map:()=>b3,makeIssue:()=>Fi,literal:()=>h3,lazy:()=>$3,late:()=>Zh,isValid:()=>Uo,isDirty:()=>ke,isAsync:()=>Xc,isAborted:()=>De,intersection:()=>d3,instanceof:()=>Ih,getParsedType:()=>xt,getErrorMap:()=>Jc,function:()=>m3,enum:()=>A3,effect:()=>D3,discriminatedUnion:()=>l3,defaultErrorMap:()=>oo,datetimeRegex:()=>kb,date:()=>Th,custom:()=>Rb,coerce:()=>W3,boolean:()=>Bb,bigint:()=>yh,array:()=>e3,any:()=>o3,addIssueToContext:()=>T,ZodVoid:()=>qi,ZodUnknown:()=>Wo,ZodUnion:()=>xc,ZodUndefined:()=>Oc,ZodType:()=>mn,ZodTuple:()=>Ct,ZodTransformer:()=>kt,ZodSymbol:()=>ji,ZodString:()=>At,ZodSet:()=>ec,ZodSchema:()=>mn,ZodRecord:()=>Ki,ZodReadonly:()=>vc,ZodPromise:()=>sc,ZodPipeline:()=>Ii,ZodParsedType:()=>p,ZodOptional:()=>St,ZodObject:()=>nr,ZodNumber:()=>Vo,ZodNullable:()=>io,ZodNull:()=>Nc,ZodNever:()=>Pt,ZodNativeEnum:()=>jc,ZodNaN:()=>Zi,ZodMap:()=>vi,ZodLiteral:()=>Fc,ZodLazy:()=>Cc,ZodIssueCode:()=>P,ZodIntersection:()=>Pc,ZodFunction:()=>Qc,ZodFirstPartyTypeKind:()=>_n,ZodError:()=>xr,ZodEnum:()=>Jo,ZodEffects:()=>kt,ZodDiscriminatedUnion:()=>Me,ZodDefault:()=>qc,ZodDate:()=>ic,ZodCatch:()=>Kc,ZodBranded:()=>Re,ZodBoolean:()=>Gc,ZodBigInt:()=>Yo,ZodArray:()=>Et,ZodAny:()=>ac,Schema:()=>mn,ParseStatus:()=>Rr,OK:()=>Vr,NEVER:()=>V3,INVALID:()=>sn,EMPTY_PATH:()=>Rh,DIRTY:()=>cc,BRAND:()=>vh});var An;(function(n){n.assertEqual=(c)=>{};function r(c){}n.assertIs=r;function t(c){throw Error()}n.assertNever=t,n.arrayToEnum=(c)=>{let i={};for(let a of c)i[a]=a;return i},n.getValidEnumValues=(c)=>{let i=n.objectKeys(c).filter((e)=>typeof c[c[e]]!=="number"),a={};for(let e of i)a[e]=c[e];return n.objectValues(a)},n.objectValues=(c)=>{return n.objectKeys(c).map(function(i){return c[i]})},n.objectKeys=typeof Object.keys==="function"?(c)=>Object.keys(c):(c)=>{let i=[];for(let a in c)if(Object.prototype.hasOwnProperty.call(c,a))i.push(a);return i},n.find=(c,i)=>{for(let a of c)if(i(a))return a;return},n.isInteger=typeof Number.isInteger==="function"?(c)=>Number.isInteger(c):(c)=>typeof c==="number"&&Number.isFinite(c)&&Math.floor(c)===c;function o(c,i=" | "){return c.map((a)=>typeof a==="string"?`'${a}'`:a).join(i)}n.joinValues=o,n.jsonStringifyReplacer=(c,i)=>{if(typeof i==="bigint")return i.toString();return i}})(An||(An={}));var Nf;(function(n){n.mergeShapes=(r,t)=>{return{...r,...t}}})(Nf||(Nf={}));var p=An.arrayToEnum(["string","nan","number","integer","float","boolean","date","bigint","symbol","function","undefined","null","array","object","unknown","promise","void","never","map","set"]),xt=(n)=>{switch(typeof n){case"undefined":return p.undefined;case"string":return p.string;case"number":return Number.isNaN(n)?p.nan:p.number;case"boolean":return p.boolean;case"function":return p.function;case"bigint":return p.bigint;case"symbol":return p.symbol;case"object":if(Array.isArray(n))return p.array;if(n===null)return p.null;if(n.then&&typeof n.then==="function"&&n.catch&&typeof n.catch==="function")return p.promise;if(typeof Map<"u"&&n instanceof Map)return p.map;if(typeof Set<"u"&&n instanceof Set)return p.set;if(typeof Date<"u"&&n instanceof Date)return p.date;return p.object;default:return p.unknown}};var P=An.arrayToEnum(["invalid_type","invalid_literal","custom","invalid_union","invalid_union_discriminator","invalid_enum_value","unrecognized_keys","invalid_arguments","invalid_return_type","invalid_date","invalid_string","too_small","too_big","invalid_intersection_types","not_multiple_of","not_finite"]),Dh=(n)=>{return JSON.stringify(n,null,2).replace(/"([^"]+)":/g,"$1:")};class xr extends Error{get errors(){return this.issues}constructor(n){super();this.issues=[],this.addIssue=(t)=>{this.issues=[...this.issues,t]},this.addIssues=(t=[])=>{this.issues=[...this.issues,...t]};let r=new.target.prototype;if(Object.setPrototypeOf)Object.setPrototypeOf(this,r);else this.__proto__=r;this.name="ZodError",this.issues=n}format(n){let r=n||function(c){return c.message},t={_errors:[]},o=(c)=>{for(let i of c.issues)if(i.code==="invalid_union")i.unionErrors.map(o);else if(i.code==="invalid_return_type")o(i.returnTypeError);else if(i.code==="invalid_arguments")o(i.argumentsError);else if(i.path.length===0)t._errors.push(r(i));else{let a=t,e=0;while(e<i.path.length){let s=i.path[e];if(e!==i.path.length-1)a[s]=a[s]||{_errors:[]};else a[s]=a[s]||{_errors:[]},a[s]._errors.push(r(i));a=a[s],e++}}};return o(this),t}static assert(n){if(!(n instanceof xr))throw Error(`Not a ZodError: ${n}`)}toString(){return this.message}get message(){return JSON.stringify(this.issues,An.jsonStringifyReplacer,2)}get isEmpty(){return this.issues.length===0}flatten(n=(r)=>r.message){let r={},t=[];for(let o of this.issues)if(o.path.length>0){let c=o.path[0];r[c]=r[c]||[],r[c].push(n(o))}else t.push(n(o));return{formErrors:t,fieldErrors:r}}get formErrors(){return this.flatten()}}xr.create=(n)=>{return new xr(n)};var kh=(n,r)=>{let t;switch(n.code){case P.invalid_type:if(n.received===p.undefined)t="Required";else t=`Expected ${n.expected}, received ${n.received}`;break;case P.invalid_literal:t=`Invalid literal value, expected ${JSON.stringify(n.expected,An.jsonStringifyReplacer)}`;break;case P.unrecognized_keys:t=`Unrecognized key(s) in object: ${An.joinValues(n.keys,", ")}`;break;case P.invalid_union:t="Invalid input";break;case P.invalid_union_discriminator:t=`Invalid discriminator value. Expected ${An.joinValues(n.options)}`;break;case P.invalid_enum_value:t=`Invalid enum value. Expected ${An.joinValues(n.options)}, received '${n.received}'`;break;case P.invalid_arguments:t="Invalid function arguments";break;case P.invalid_return_type:t="Invalid function return type";break;case P.invalid_date:t="Invalid date";break;case P.invalid_string:if(typeof n.validation==="object")if("includes"in n.validation){if(t=`Invalid input: must include "${n.validation.includes}"`,typeof n.validation.position==="number")t=`${t} at one or more positions greater than or equal to ${n.validation.position}`}else if("startsWith"in n.validation)t=`Invalid input: must start with "${n.validation.startsWith}"`;else if("endsWith"in n.validation)t=`Invalid input: must end with "${n.validation.endsWith}"`;else An.assertNever(n.validation);else if(n.validation!=="regex")t=`Invalid ${n.validation}`;else t="Invalid";break;case P.too_small:if(n.type==="array")t=`Array must contain ${n.exact?"exactly":n.inclusive?"at least":"more than"} ${n.minimum} element(s)`;else if(n.type==="string")t=`String must contain ${n.exact?"exactly":n.inclusive?"at least":"over"} ${n.minimum} character(s)`;else if(n.type==="number")t=`Number must be ${n.exact?"exactly equal to ":n.inclusive?"greater than or equal to ":"greater than "}${n.minimum}`;else if(n.type==="bigint")t=`Number must be ${n.exact?"exactly equal to ":n.inclusive?"greater than or equal to ":"greater than "}${n.minimum}`;else if(n.type==="date")t=`Date must be ${n.exact?"exactly equal to ":n.inclusive?"greater than or equal to ":"greater than "}${new Date(Number(n.minimum))}`;else t="Invalid input";break;case P.too_big:if(n.type==="array")t=`Array must contain ${n.exact?"exactly":n.inclusive?"at most":"less than"} ${n.maximum} element(s)`;else if(n.type==="string")t=`String must contain ${n.exact?"exactly":n.inclusive?"at most":"under"} ${n.maximum} character(s)`;else if(n.type==="number")t=`Number must be ${n.exact?"exactly":n.inclusive?"less than or equal to":"less than"} ${n.maximum}`;else if(n.type==="bigint")t=`BigInt must be ${n.exact?"exactly":n.inclusive?"less than or equal to":"less than"} ${n.maximum}`;else if(n.type==="date")t=`Date must be ${n.exact?"exactly":n.inclusive?"smaller than or equal to":"smaller than"} ${new Date(Number(n.maximum))}`;else t="Invalid input";break;case P.custom:t="Invalid input";break;case P.invalid_intersection_types:t="Intersection results could not be merged";break;case P.not_multiple_of:t=`Number must be a multiple of ${n.multipleOf}`;break;case P.not_finite:t="Number must be finite";break;default:t=r.defaultError,An.assertNever(n)}return{message:t}},oo=kh;var hb=oo;function Mh(n){hb=n}function Jc(){return hb}var Fi=(n)=>{let{data:r,path:t,errorMaps:o,issueData:c}=n,i=[...t,...c.path||[]],a={...c,path:i};if(c.message!==void 0)return{...c,path:i,message:c.message};let e="",s=o.filter((f)=>!!f).slice().reverse();for(let f of s)e=f(a,{data:r,defaultError:e}).message;return{...c,path:i,message:e}},Rh=[];function T(n,r){let t=Jc(),o=Fi({issueData:r,data:n.data,path:n.path,errorMaps:[n.common.contextualErrorMap,n.schemaErrorMap,t,t===oo?void 0:oo].filter((c)=>!!c)});n.common.issues.push(o)}class Rr{constructor(){this.value="valid"}dirty(){if(this.value==="valid")this.value="dirty"}abort(){if(this.value!=="aborted")this.value="aborted"}static mergeArray(n,r){let t=[];for(let o of r){if(o.status==="aborted")return sn;if(o.status==="dirty")n.dirty();t.push(o.value)}return{status:n.value,value:t}}static async mergeObjectAsync(n,r){let t=[];for(let o of r){let c=await o.key,i=await o.value;t.push({key:c,value:i})}return Rr.mergeObjectSync(n,t)}static mergeObjectSync(n,r){let t={};for(let o of r){let{key:c,value:i}=o;if(c.status==="aborted")return sn;if(i.status==="aborted")return sn;if(c.status==="dirty")n.dirty();if(i.status==="dirty")n.dirty();if(c.value!=="__proto__"&&(typeof i.value<"u"||o.alwaysSet))t[c.value]=i.value}return{status:n.value,value:t}}}var sn=Object.freeze({status:"aborted"}),cc=(n)=>({status:"dirty",value:n}),Vr=(n)=>({status:"valid",value:n}),De=(n)=>n.status==="aborted",ke=(n)=>n.status==="dirty",Uo=(n)=>n.status==="valid",Xc=(n)=>typeof Promise<"u"&&n instanceof Promise;var cn;(function(n){n.errToObj=(r)=>typeof r==="string"?{message:r}:r||{},n.toString=(r)=>typeof r==="string"?r:r?.message})(cn||(cn={}));class Dt{constructor(n,r,t,o){this._cachedPath=[],this.parent=n,this.data=r,this._path=t,this._key=o}get path(){if(!this._cachedPath.length)if(Array.isArray(this._key))this._cachedPath.push(...this._path,...this._key);else this._cachedPath.push(...this._path,this._key);return this._cachedPath}}var Ab=(n,r)=>{if(Uo(r))return{success:!0,data:r.value};else{if(!n.common.issues.length)throw Error("Validation failed but no issues detected.");return{success:!1,get error(){if(this._error)return this._error;let t=new xr(n.common.issues);return this._error=t,this._error}}}};function bn(n){if(!n)return{};let{errorMap:r,invalid_type_error:t,required_error:o,description:c}=n;if(r&&(t||o))throw Error(`Can't use "invalid_type_error" or "required_error" in conjunction with custom error map.`);if(r)return{errorMap:r,description:c};return{errorMap:(a,e)=>{let{message:s}=n;if(a.code==="invalid_enum_value")return{message:s??e.defaultError};if(typeof e.data>"u")return{message:s??o??e.defaultError};if(a.code!=="invalid_type")return{message:e.defaultError};return{message:s??t??e.defaultError}},description:c}}class mn{get description(){return this._def.description}_getType(n){return xt(n.data)}_getOrReturnCtx(n,r){return r||{common:n.parent.common,data:n.data,parsedType:xt(n.data),schemaErrorMap:this._def.errorMap,path:n.path,parent:n.parent}}_processInputParams(n){return{status:new Rr,ctx:{common:n.parent.common,data:n.data,parsedType:xt(n.data),schemaErrorMap:this._def.errorMap,path:n.path,parent:n.parent}}}_parseSync(n){let r=this._parse(n);if(Xc(r))throw Error("Synchronous parse encountered promise.");return r}_parseAsync(n){let r=this._parse(n);return Promise.resolve(r)}parse(n,r){let t=this.safeParse(n,r);if(t.success)return t.data;throw t.error}safeParse(n,r){let t={common:{issues:[],async:r?.async??!1,contextualErrorMap:r?.errorMap},path:r?.path||[],schemaErrorMap:this._def.errorMap,parent:null,data:n,parsedType:xt(n)},o=this._parseSync({data:n,path:t.path,parent:t});return Ab(t,o)}"~validate"(n){let r={common:{issues:[],async:!!this["~standard"].async},path:[],schemaErrorMap:this._def.errorMap,parent:null,data:n,parsedType:xt(n)};if(!this["~standard"].async)try{let t=this._parseSync({data:n,path:[],parent:r});return Uo(t)?{value:t.value}:{issues:r.common.issues}}catch(t){if(t?.message?.toLowerCase()?.includes("encountered"))this["~standard"].async=!0;r.common={issues:[],async:!0}}return this._parseAsync({data:n,path:[],parent:r}).then((t)=>Uo(t)?{value:t.value}:{issues:r.common.issues})}async parseAsync(n,r){let t=await this.safeParseAsync(n,r);if(t.success)return t.data;throw t.error}async safeParseAsync(n,r){let t={common:{issues:[],contextualErrorMap:r?.errorMap,async:!0},path:r?.path||[],schemaErrorMap:this._def.errorMap,parent:null,data:n,parsedType:xt(n)},o=this._parse({data:n,path:t.path,parent:t}),c=await(Xc(o)?o:Promise.resolve(o));return Ab(t,c)}refine(n,r){let t=(o)=>{if(typeof r==="string"||typeof r>"u")return{message:r};else if(typeof r==="function")return r(o);else return r};return this._refinement((o,c)=>{let i=n(o),a=()=>c.addIssue({code:P.custom,...t(o)});if(typeof Promise<"u"&&i instanceof Promise)return i.then((e)=>{if(!e)return a(),!1;else return!0});if(!i)return a(),!1;else return!0})}refinement(n,r){return this._refinement((t,o)=>{if(!n(t))return o.addIssue(typeof r==="function"?r(t,o):r),!1;else return!0})}_refinement(n){return new kt({schema:this,typeName:_n.ZodEffects,effect:{type:"refinement",refinement:n}})}superRefine(n){return this._refinement(n)}constructor(n){this.spa=this.safeParseAsync,this._def=n,this.parse=this.parse.bind(this),this.safeParse=this.safeParse.bind(this),this.parseAsync=this.parseAsync.bind(this),this.safeParseAsync=this.safeParseAsync.bind(this),this.spa=this.spa.bind(this),this.refine=this.refine.bind(this),this.refinement=this.refinement.bind(this),this.superRefine=this.superRefine.bind(this),this.optional=this.optional.bind(this),this.nullable=this.nullable.bind(this),this.nullish=this.nullish.bind(this),this.array=this.array.bind(this),this.promise=this.promise.bind(this),this.or=this.or.bind(this),this.and=this.and.bind(this),this.transform=this.transform.bind(this),this.brand=this.brand.bind(this),this.default=this.default.bind(this),this.catch=this.catch.bind(this),this.describe=this.describe.bind(this),this.pipe=this.pipe.bind(this),this.readonly=this.readonly.bind(this),this.isNullable=this.isNullable.bind(this),this.isOptional=this.isOptional.bind(this),this["~standard"]={version:1,vendor:"zod",validate:(r)=>this["~validate"](r)}}optional(){return St.create(this,this._def)}nullable(){return io.create(this,this._def)}nullish(){return this.nullable().optional()}array(){return Et.create(this)}promise(){return sc.create(this,this._def)}or(n){return xc.create([this,n],this._def)}and(n){return Pc.create(this,n,this._def)}transform(n){return new kt({...bn(this._def),schema:this,typeName:_n.ZodEffects,effect:{type:"transform",transform:n}})}default(n){let r=typeof n==="function"?n:()=>n;return new qc({...bn(this._def),innerType:this,defaultValue:r,typeName:_n.ZodDefault})}brand(){return new Re({typeName:_n.ZodBranded,type:this,...bn(this._def)})}catch(n){let r=typeof n==="function"?n:()=>n;return new Kc({...bn(this._def),innerType:this,catchValue:r,typeName:_n.ZodCatch})}describe(n){return new this.constructor({...this._def,description:n})}pipe(n){return Ii.create(this,n)}readonly(){return vc.create(this)}isOptional(){return this.safeParse(void 0).success}isNullable(){return this.safeParse(null).success}}var Hh=/^c[^\s-]{8,}$/i,zh=/^[0-9a-z]+$/,Bh=/^[0-9A-HJKMNP-TV-Z]{26}$/i,Uh=/^[0-9a-fA-F]{8}\b-[0-9a-fA-F]{4}\b-[0-9a-fA-F]{4}\b-[0-9a-fA-F]{4}\b-[0-9a-fA-F]{12}$/i,Wh=/^[a-z0-9_-]{21}$/i,Vh=/^[A-Za-z0-9-_]+\.[A-Za-z0-9-_]+\.[A-Za-z0-9-_]*$/,Yh=/^[-+]?P(?!$)(?:(?:[-+]?\d+Y)|(?:[-+]?\d+[.,]\d+Y$))?(?:(?:[-+]?\d+M)|(?:[-+]?\d+[.,]\d+M$))?(?:(?:[-+]?\d+W)|(?:[-+]?\d+[.,]\d+W$))?(?:(?:[-+]?\d+D)|(?:[-+]?\d+[.,]\d+D$))?(?:T(?=[\d+-])(?:(?:[-+]?\d+H)|(?:[-+]?\d+[.,]\d+H$))?(?:(?:[-+]?\d+M)|(?:[-+]?\d+[.,]\d+M$))?(?:[-+]?\d+(?:[.,]\d+)?S)?)??$/,Jh=/^(?!\.)(?!.*\.\.)([A-Z0-9_'+\-\.]*)[A-Z0-9_+-]@([A-Z0-9][A-Z0-9\-]*\.)+[A-Z]{2,}$/i,Xh="^(\\p{Extended_Pictographic}|\\p{Emoji_Component})+$",xf,Lh=/^(?:(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])\.){3}(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])$/,Qh=/^(?:(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])\.){3}(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])\/(3[0-2]|[12]?[0-9])$/,Gh=/^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$/,Oh=/^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))\/(12[0-8]|1[01][0-9]|[1-9]?[0-9])$/,Nh=/^([0-9a-zA-Z+/]{4})*(([0-9a-zA-Z+/]{2}==)|([0-9a-zA-Z+/]{3}=))?$/,xh=/^([0-9a-zA-Z-_]{4})*(([0-9a-zA-Z-_]{2}(==)?)|([0-9a-zA-Z-_]{3}(=)?))?$/,Sb="((\\d\\d[2468][048]|\\d\\d[13579][26]|\\d\\d0[48]|[02468][048]00|[13579][26]00)-02-29|\\d{4}-((0[13578]|1[02])-(0[1-9]|[12]\\d|3[01])|(0[469]|11)-(0[1-9]|[12]\\d|30)|(02)-(0[1-9]|1\\d|2[0-8])))",Ph=new RegExp(`^${Sb}$`);function Db(n){let r="[0-5]\\d";if(n.precision)r=`${r}\\.\\d{${n.precision}}`;else if(n.precision==null)r=`${r}(\\.\\d+)?`;let t=n.precision?"+":"?";return`([01]\\d|2[0-3]):[0-5]\\d(:${r})${t}`}function Ch(n){return new RegExp(`^${Db(n)}$`)}function kb(n){let r=`${Sb}T${Db(n)}`,t=[];if(t.push(n.local?"Z?":"Z"),n.offset)t.push("([+-]\\d{2}:?\\d{2})");return r=`${r}(${t.join("|")})`,new RegExp(`^${r}$`)}function Fh(n,r){if((r==="v4"||!r)&&Lh.test(n))return!0;if((r==="v6"||!r)&&Gh.test(n))return!0;return!1}function jh(n,r){if(!Vh.test(n))return!1;try{let[t]=n.split(".");if(!t)return!1;let o=t.replace(/-/g,"+").replace(/_/g,"/").padEnd(t.length+(4-t.length%4)%4,"="),c=JSON.parse(atob(o));if(typeof c!=="object"||c===null)return!1;if("typ"in c&&c?.typ!=="JWT")return!1;if(!c.alg)return!1;if(r&&c.alg!==r)return!1;return!0}catch{return!1}}function qh(n,r){if((r==="v4"||!r)&&Qh.test(n))return!0;if((r==="v6"||!r)&&Oh.test(n))return!0;return!1}class At extends mn{_parse(n){if(this._def.coerce)n.data=String(n.data);if(this._getType(n)!==p.string){let c=this._getOrReturnCtx(n);return T(c,{code:P.invalid_type,expected:p.string,received:c.parsedType}),sn}let t=new Rr,o=void 0;for(let c of this._def.checks)if(c.kind==="min"){if(n.data.length<c.value)o=this._getOrReturnCtx(n,o),T(o,{code:P.too_small,minimum:c.value,type:"string",inclusive:!0,exact:!1,message:c.message}),t.dirty()}else if(c.kind==="max"){if(n.data.length>c.value)o=this._getOrReturnCtx(n,o),T(o,{code:P.too_big,maximum:c.value,type:"string",inclusive:!0,exact:!1,message:c.message}),t.dirty()}else if(c.kind==="length"){let i=n.data.length>c.value,a=n.data.length<c.value;if(i||a){if(o=this._getOrReturnCtx(n,o),i)T(o,{code:P.too_big,maximum:c.value,type:"string",inclusive:!0,exact:!0,message:c.message});else if(a)T(o,{code:P.too_small,minimum:c.value,type:"string",inclusive:!0,exact:!0,message:c.message});t.dirty()}}else if(c.kind==="email"){if(!Jh.test(n.data))o=this._getOrReturnCtx(n,o),T(o,{validation:"email",code:P.invalid_string,message:c.message}),t.dirty()}else if(c.kind==="emoji"){if(!xf)xf=new RegExp(Xh,"u");if(!xf.test(n.data))o=this._getOrReturnCtx(n,o),T(o,{validation:"emoji",code:P.invalid_string,message:c.message}),t.dirty()}else if(c.kind==="uuid"){if(!Uh.test(n.data))o=this._getOrReturnCtx(n,o),T(o,{validation:"uuid",code:P.invalid_string,message:c.message}),t.dirty()}else if(c.kind==="nanoid"){if(!Wh.test(n.data))o=this._getOrReturnCtx(n,o),T(o,{validation:"nanoid",code:P.invalid_string,message:c.message}),t.dirty()}else if(c.kind==="cuid"){if(!Hh.test(n.data))o=this._getOrReturnCtx(n,o),T(o,{validation:"cuid",code:P.invalid_string,message:c.message}),t.dirty()}else if(c.kind==="cuid2"){if(!zh.test(n.data))o=this._getOrReturnCtx(n,o),T(o,{validation:"cuid2",code:P.invalid_string,message:c.message}),t.dirty()}else if(c.kind==="ulid"){if(!Bh.test(n.data))o=this._getOrReturnCtx(n,o),T(o,{validation:"ulid",code:P.invalid_string,message:c.message}),t.dirty()}else if(c.kind==="url")try{new URL(n.data)}catch{o=this._getOrReturnCtx(n,o),T(o,{validation:"url",code:P.invalid_string,message:c.message}),t.dirty()}else if(c.kind==="regex"){if(c.regex.lastIndex=0,!c.regex.test(n.data))o=this._getOrReturnCtx(n,o),T(o,{validation:"regex",code:P.invalid_string,message:c.message}),t.dirty()}else if(c.kind==="trim")n.data=n.data.trim();else if(c.kind==="includes"){if(!n.data.includes(c.value,c.position))o=this._getOrReturnCtx(n,o),T(o,{code:P.invalid_string,validation:{includes:c.value,position:c.position},message:c.message}),t.dirty()}else if(c.kind==="toLowerCase")n.data=n.data.toLowerCase();else if(c.kind==="toUpperCase")n.data=n.data.toUpperCase();else if(c.kind==="startsWith"){if(!n.data.startsWith(c.value))o=this._getOrReturnCtx(n,o),T(o,{code:P.invalid_string,validation:{startsWith:c.value},message:c.message}),t.dirty()}else if(c.kind==="endsWith"){if(!n.data.endsWith(c.value))o=this._getOrReturnCtx(n,o),T(o,{code:P.invalid_string,validation:{endsWith:c.value},message:c.message}),t.dirty()}else if(c.kind==="datetime"){if(!kb(c).test(n.data))o=this._getOrReturnCtx(n,o),T(o,{code:P.invalid_string,validation:"datetime",message:c.message}),t.dirty()}else if(c.kind==="date"){if(!Ph.test(n.data))o=this._getOrReturnCtx(n,o),T(o,{code:P.invalid_string,validation:"date",message:c.message}),t.dirty()}else if(c.kind==="time"){if(!Ch(c).test(n.data))o=this._getOrReturnCtx(n,o),T(o,{code:P.invalid_string,validation:"time",message:c.message}),t.dirty()}else if(c.kind==="duration"){if(!Yh.test(n.data))o=this._getOrReturnCtx(n,o),T(o,{validation:"duration",code:P.invalid_string,message:c.message}),t.dirty()}else if(c.kind==="ip"){if(!Fh(n.data,c.version))o=this._getOrReturnCtx(n,o),T(o,{validation:"ip",code:P.invalid_string,message:c.message}),t.dirty()}else if(c.kind==="jwt"){if(!jh(n.data,c.alg))o=this._getOrReturnCtx(n,o),T(o,{validation:"jwt",code:P.invalid_string,message:c.message}),t.dirty()}else if(c.kind==="cidr"){if(!qh(n.data,c.version))o=this._getOrReturnCtx(n,o),T(o,{validation:"cidr",code:P.invalid_string,message:c.message}),t.dirty()}else if(c.kind==="base64"){if(!Nh.test(n.data))o=this._getOrReturnCtx(n,o),T(o,{validation:"base64",code:P.invalid_string,message:c.message}),t.dirty()}else if(c.kind==="base64url"){if(!xh.test(n.data))o=this._getOrReturnCtx(n,o),T(o,{validation:"base64url",code:P.invalid_string,message:c.message}),t.dirty()}else An.assertNever(c);return{status:t.value,value:n.data}}_regex(n,r,t){return this.refinement((o)=>n.test(o),{validation:r,code:P.invalid_string,...cn.errToObj(t)})}_addCheck(n){return new At({...this._def,checks:[...this._def.checks,n]})}email(n){return this._addCheck({kind:"email",...cn.errToObj(n)})}url(n){return this._addCheck({kind:"url",...cn.errToObj(n)})}emoji(n){return this._addCheck({kind:"emoji",...cn.errToObj(n)})}uuid(n){return this._addCheck({kind:"uuid",...cn.errToObj(n)})}nanoid(n){return this._addCheck({kind:"nanoid",...cn.errToObj(n)})}cuid(n){return this._addCheck({kind:"cuid",...cn.errToObj(n)})}cuid2(n){return this._addCheck({kind:"cuid2",...cn.errToObj(n)})}ulid(n){return this._addCheck({kind:"ulid",...cn.errToObj(n)})}base64(n){return this._addCheck({kind:"base64",...cn.errToObj(n)})}base64url(n){return this._addCheck({kind:"base64url",...cn.errToObj(n)})}jwt(n){return this._addCheck({kind:"jwt",...cn.errToObj(n)})}ip(n){return this._addCheck({kind:"ip",...cn.errToObj(n)})}cidr(n){return this._addCheck({kind:"cidr",...cn.errToObj(n)})}datetime(n){if(typeof n==="string")return this._addCheck({kind:"datetime",precision:null,offset:!1,local:!1,message:n});return this._addCheck({kind:"datetime",precision:typeof n?.precision>"u"?null:n?.precision,offset:n?.offset??!1,local:n?.local??!1,...cn.errToObj(n?.message)})}date(n){return this._addCheck({kind:"date",message:n})}time(n){if(typeof n==="string")return this._addCheck({kind:"time",precision:null,message:n});return this._addCheck({kind:"time",precision:typeof n?.precision>"u"?null:n?.precision,...cn.errToObj(n?.message)})}duration(n){return this._addCheck({kind:"duration",...cn.errToObj(n)})}regex(n,r){return this._addCheck({kind:"regex",regex:n,...cn.errToObj(r)})}includes(n,r){return this._addCheck({kind:"includes",value:n,position:r?.position,...cn.errToObj(r?.message)})}startsWith(n,r){return this._addCheck({kind:"startsWith",value:n,...cn.errToObj(r)})}endsWith(n,r){return this._addCheck({kind:"endsWith",value:n,...cn.errToObj(r)})}min(n,r){return this._addCheck({kind:"min",value:n,...cn.errToObj(r)})}max(n,r){return this._addCheck({kind:"max",value:n,...cn.errToObj(r)})}length(n,r){return this._addCheck({kind:"length",value:n,...cn.errToObj(r)})}nonempty(n){return this.min(1,cn.errToObj(n))}trim(){return new At({...this._def,checks:[...this._def.checks,{kind:"trim"}]})}toLowerCase(){return new At({...this._def,checks:[...this._def.checks,{kind:"toLowerCase"}]})}toUpperCase(){return new At({...this._def,checks:[...this._def.checks,{kind:"toUpperCase"}]})}get isDatetime(){return!!this._def.checks.find((n)=>n.kind==="datetime")}get isDate(){return!!this._def.checks.find((n)=>n.kind==="date")}get isTime(){return!!this._def.checks.find((n)=>n.kind==="time")}get isDuration(){return!!this._def.checks.find((n)=>n.kind==="duration")}get isEmail(){return!!this._def.checks.find((n)=>n.kind==="email")}get isURL(){return!!this._def.checks.find((n)=>n.kind==="url")}get isEmoji(){return!!this._def.checks.find((n)=>n.kind==="emoji")}get isUUID(){return!!this._def.checks.find((n)=>n.kind==="uuid")}get isNANOID(){return!!this._def.checks.find((n)=>n.kind==="nanoid")}get isCUID(){return!!this._def.checks.find((n)=>n.kind==="cuid")}get isCUID2(){return!!this._def.checks.find((n)=>n.kind==="cuid2")}get isULID(){return!!this._def.checks.find((n)=>n.kind==="ulid")}get isIP(){return!!this._def.checks.find((n)=>n.kind==="ip")}get isCIDR(){return!!this._def.checks.find((n)=>n.kind==="cidr")}get isBase64(){return!!this._def.checks.find((n)=>n.kind==="base64")}get isBase64url(){return!!this._def.checks.find((n)=>n.kind==="base64url")}get minLength(){let n=null;for(let r of this._def.checks)if(r.kind==="min"){if(n===null||r.value>n)n=r.value}return n}get maxLength(){let n=null;for(let r of this._def.checks)if(r.kind==="max"){if(n===null||r.value<n)n=r.value}return n}}At.create=(n)=>{return new At({checks:[],typeName:_n.ZodString,coerce:n?.coerce??!1,...bn(n)})};function Kh(n,r){let t=(n.toString().split(".")[1]||"").length,o=(r.toString().split(".")[1]||"").length,c=t>o?t:o,i=Number.parseInt(n.toFixed(c).replace(".","")),a=Number.parseInt(r.toFixed(c).replace(".",""));return i%a/10**c}class Vo extends mn{constructor(){super(...arguments);this.min=this.gte,this.max=this.lte,this.step=this.multipleOf}_parse(n){if(this._def.coerce)n.data=Number(n.data);if(this._getType(n)!==p.number){let c=this._getOrReturnCtx(n);return T(c,{code:P.invalid_type,expected:p.number,received:c.parsedType}),sn}let t=void 0,o=new Rr;for(let c of this._def.checks)if(c.kind==="int"){if(!An.isInteger(n.data))t=this._getOrReturnCtx(n,t),T(t,{code:P.invalid_type,expected:"integer",received:"float",message:c.message}),o.dirty()}else if(c.kind==="min"){if(c.inclusive?n.data<c.value:n.data<=c.value)t=this._getOrReturnCtx(n,t),T(t,{code:P.too_small,minimum:c.value,type:"number",inclusive:c.inclusive,exact:!1,message:c.message}),o.dirty()}else if(c.kind==="max"){if(c.inclusive?n.data>c.value:n.data>=c.value)t=this._getOrReturnCtx(n,t),T(t,{code:P.too_big,maximum:c.value,type:"number",inclusive:c.inclusive,exact:!1,message:c.message}),o.dirty()}else if(c.kind==="multipleOf"){if(Kh(n.data,c.value)!==0)t=this._getOrReturnCtx(n,t),T(t,{code:P.not_multiple_of,multipleOf:c.value,message:c.message}),o.dirty()}else if(c.kind==="finite"){if(!Number.isFinite(n.data))t=this._getOrReturnCtx(n,t),T(t,{code:P.not_finite,message:c.message}),o.dirty()}else An.assertNever(c);return{status:o.value,value:n.data}}gte(n,r){return this.setLimit("min",n,!0,cn.toString(r))}gt(n,r){return this.setLimit("min",n,!1,cn.toString(r))}lte(n,r){return this.setLimit("max",n,!0,cn.toString(r))}lt(n,r){return this.setLimit("max",n,!1,cn.toString(r))}setLimit(n,r,t,o){return new Vo({...this._def,checks:[...this._def.checks,{kind:n,value:r,inclusive:t,message:cn.toString(o)}]})}_addCheck(n){return new Vo({...this._def,checks:[...this._def.checks,n]})}int(n){return this._addCheck({kind:"int",message:cn.toString(n)})}positive(n){return this._addCheck({kind:"min",value:0,inclusive:!1,message:cn.toString(n)})}negative(n){return this._addCheck({kind:"max",value:0,inclusive:!1,message:cn.toString(n)})}nonpositive(n){return this._addCheck({kind:"max",value:0,inclusive:!0,message:cn.toString(n)})}nonnegative(n){return this._addCheck({kind:"min",value:0,inclusive:!0,message:cn.toString(n)})}multipleOf(n,r){return this._addCheck({kind:"multipleOf",value:n,message:cn.toString(r)})}finite(n){return this._addCheck({kind:"finite",message:cn.toString(n)})}safe(n){return this._addCheck({kind:"min",inclusive:!0,value:Number.MIN_SAFE_INTEGER,message:cn.toString(n)})._addCheck({kind:"max",inclusive:!0,value:Number.MAX_SAFE_INTEGER,message:cn.toString(n)})}get minValue(){let n=null;for(let r of this._def.checks)if(r.kind==="min"){if(n===null||r.value>n)n=r.value}return n}get maxValue(){let n=null;for(let r of this._def.checks)if(r.kind==="max"){if(n===null||r.value<n)n=r.value}return n}get isInt(){return!!this._def.checks.find((n)=>n.kind==="int"||n.kind==="multipleOf"&&An.isInteger(n.value))}get isFinite(){let n=null,r=null;for(let t of this._def.checks)if(t.kind==="finite"||t.kind==="int"||t.kind==="multipleOf")return!0;else if(t.kind==="min"){if(r===null||t.value>r)r=t.value}else if(t.kind==="max"){if(n===null||t.value<n)n=t.value}return Number.isFinite(r)&&Number.isFinite(n)}}Vo.create=(n)=>{return new Vo({checks:[],typeName:_n.ZodNumber,coerce:n?.coerce||!1,...bn(n)})};class Yo extends mn{constructor(){super(...arguments);this.min=this.gte,this.max=this.lte}_parse(n){if(this._def.coerce)try{n.data=BigInt(n.data)}catch{return this._getInvalidInput(n)}if(this._getType(n)!==p.bigint)return this._getInvalidInput(n);let t=void 0,o=new Rr;for(let c of this._def.checks)if(c.kind==="min"){if(c.inclusive?n.data<c.value:n.data<=c.value)t=this._getOrReturnCtx(n,t),T(t,{code:P.too_small,type:"bigint",minimum:c.value,inclusive:c.inclusive,message:c.message}),o.dirty()}else if(c.kind==="max"){if(c.inclusive?n.data>c.value:n.data>=c.value)t=this._getOrReturnCtx(n,t),T(t,{code:P.too_big,type:"bigint",maximum:c.value,inclusive:c.inclusive,message:c.message}),o.dirty()}else if(c.kind==="multipleOf"){if(n.data%c.value!==BigInt(0))t=this._getOrReturnCtx(n,t),T(t,{code:P.not_multiple_of,multipleOf:c.value,message:c.message}),o.dirty()}else An.assertNever(c);return{status:o.value,value:n.data}}_getInvalidInput(n){let r=this._getOrReturnCtx(n);return T(r,{code:P.invalid_type,expected:p.bigint,received:r.parsedType}),sn}gte(n,r){return this.setLimit("min",n,!0,cn.toString(r))}gt(n,r){return this.setLimit("min",n,!1,cn.toString(r))}lte(n,r){return this.setLimit("max",n,!0,cn.toString(r))}lt(n,r){return this.setLimit("max",n,!1,cn.toString(r))}setLimit(n,r,t,o){return new Yo({...this._def,checks:[...this._def.checks,{kind:n,value:r,inclusive:t,message:cn.toString(o)}]})}_addCheck(n){return new Yo({...this._def,checks:[...this._def.checks,n]})}positive(n){return this._addCheck({kind:"min",value:BigInt(0),inclusive:!1,message:cn.toString(n)})}negative(n){return this._addCheck({kind:"max",value:BigInt(0),inclusive:!1,message:cn.toString(n)})}nonpositive(n){return this._addCheck({kind:"max",value:BigInt(0),inclusive:!0,message:cn.toString(n)})}nonnegative(n){return this._addCheck({kind:"min",value:BigInt(0),inclusive:!0,message:cn.toString(n)})}multipleOf(n,r){return this._addCheck({kind:"multipleOf",value:n,message:cn.toString(r)})}get minValue(){let n=null;for(let r of this._def.checks)if(r.kind==="min"){if(n===null||r.value>n)n=r.value}return n}get maxValue(){let n=null;for(let r of this._def.checks)if(r.kind==="max"){if(n===null||r.value<n)n=r.value}return n}}Yo.create=(n)=>{return new Yo({checks:[],typeName:_n.ZodBigInt,coerce:n?.coerce??!1,...bn(n)})};class Gc extends mn{_parse(n){if(this._def.coerce)n.data=Boolean(n.data);if(this._getType(n)!==p.boolean){let t=this._getOrReturnCtx(n);return T(t,{code:P.invalid_type,expected:p.boolean,received:t.parsedType}),sn}return Vr(n.data)}}Gc.create=(n)=>{return new Gc({typeName:_n.ZodBoolean,coerce:n?.coerce||!1,...bn(n)})};class ic extends mn{_parse(n){if(this._def.coerce)n.data=new Date(n.data);if(this._getType(n)!==p.date){let c=this._getOrReturnCtx(n);return T(c,{code:P.invalid_type,expected:p.date,received:c.parsedType}),sn}if(Number.isNaN(n.data.getTime())){let c=this._getOrReturnCtx(n);return T(c,{code:P.invalid_date}),sn}let t=new Rr,o=void 0;for(let c of this._def.checks)if(c.kind==="min"){if(n.data.getTime()<c.value)o=this._getOrReturnCtx(n,o),T(o,{code:P.too_small,message:c.message,inclusive:!0,exact:!1,minimum:c.value,type:"date"}),t.dirty()}else if(c.kind==="max"){if(n.data.getTime()>c.value)o=this._getOrReturnCtx(n,o),T(o,{code:P.too_big,message:c.message,inclusive:!0,exact:!1,maximum:c.value,type:"date"}),t.dirty()}else An.assertNever(c);return{status:t.value,value:new Date(n.data.getTime())}}_addCheck(n){return new ic({...this._def,checks:[...this._def.checks,n]})}min(n,r){return this._addCheck({kind:"min",value:n.getTime(),message:cn.toString(r)})}max(n,r){return this._addCheck({kind:"max",value:n.getTime(),message:cn.toString(r)})}get minDate(){let n=null;for(let r of this._def.checks)if(r.kind==="min"){if(n===null||r.value>n)n=r.value}return n!=null?new Date(n):null}get maxDate(){let n=null;for(let r of this._def.checks)if(r.kind==="max"){if(n===null||r.value<n)n=r.value}return n!=null?new Date(n):null}}ic.create=(n)=>{return new ic({checks:[],coerce:n?.coerce||!1,typeName:_n.ZodDate,...bn(n)})};class ji extends mn{_parse(n){if(this._getType(n)!==p.symbol){let t=this._getOrReturnCtx(n);return T(t,{code:P.invalid_type,expected:p.symbol,received:t.parsedType}),sn}return Vr(n.data)}}ji.create=(n)=>{return new ji({typeName:_n.ZodSymbol,...bn(n)})};class Oc extends mn{_parse(n){if(this._getType(n)!==p.undefined){let t=this._getOrReturnCtx(n);return T(t,{code:P.invalid_type,expected:p.undefined,received:t.parsedType}),sn}return Vr(n.data)}}Oc.create=(n)=>{return new Oc({typeName:_n.ZodUndefined,...bn(n)})};class Nc extends mn{_parse(n){if(this._getType(n)!==p.null){let t=this._getOrReturnCtx(n);return T(t,{code:P.invalid_type,expected:p.null,received:t.parsedType}),sn}return Vr(n.data)}}Nc.create=(n)=>{return new Nc({typeName:_n.ZodNull,...bn(n)})};class ac extends mn{constructor(){super(...arguments);this._any=!0}_parse(n){return Vr(n.data)}}ac.create=(n)=>{return new ac({typeName:_n.ZodAny,...bn(n)})};class Wo extends mn{constructor(){super(...arguments);this._unknown=!0}_parse(n){return Vr(n.data)}}Wo.create=(n)=>{return new Wo({typeName:_n.ZodUnknown,...bn(n)})};class Pt extends mn{_parse(n){let r=this._getOrReturnCtx(n);return T(r,{code:P.invalid_type,expected:p.never,received:r.parsedType}),sn}}Pt.create=(n)=>{return new Pt({typeName:_n.ZodNever,...bn(n)})};class qi extends mn{_parse(n){if(this._getType(n)!==p.undefined){let t=this._getOrReturnCtx(n);return T(t,{code:P.invalid_type,expected:p.void,received:t.parsedType}),sn}return Vr(n.data)}}qi.create=(n)=>{return new qi({typeName:_n.ZodVoid,...bn(n)})};class Et extends mn{_parse(n){let{ctx:r,status:t}=this._processInputParams(n),o=this._def;if(r.parsedType!==p.array)return T(r,{code:P.invalid_type,expected:p.array,received:r.parsedType}),sn;if(o.exactLength!==null){let i=r.data.length>o.exactLength.value,a=r.data.length<o.exactLength.value;if(i||a)T(r,{code:i?P.too_big:P.too_small,minimum:a?o.exactLength.value:void 0,maximum:i?o.exactLength.value:void 0,type:"array",inclusive:!0,exact:!0,message:o.exactLength.message}),t.dirty()}if(o.minLength!==null){if(r.data.length<o.minLength.value)T(r,{code:P.too_small,minimum:o.minLength.value,type:"array",inclusive:!0,exact:!1,message:o.minLength.message}),t.dirty()}if(o.maxLength!==null){if(r.data.length>o.maxLength.value)T(r,{code:P.too_big,maximum:o.maxLength.value,type:"array",inclusive:!0,exact:!1,message:o.maxLength.message}),t.dirty()}if(r.common.async)return Promise.all([...r.data].map((i,a)=>{return o.type._parseAsync(new Dt(r,i,r.path,a))})).then((i)=>{return Rr.mergeArray(t,i)});let c=[...r.data].map((i,a)=>{return o.type._parseSync(new Dt(r,i,r.path,a))});return Rr.mergeArray(t,c)}get element(){return this._def.type}min(n,r){return new Et({...this._def,minLength:{value:n,message:cn.toString(r)}})}max(n,r){return new Et({...this._def,maxLength:{value:n,message:cn.toString(r)}})}length(n,r){return new Et({...this._def,exactLength:{value:n,message:cn.toString(r)}})}nonempty(n){return this.min(1,n)}}Et.create=(n,r)=>{return new Et({type:n,minLength:null,maxLength:null,exactLength:null,typeName:_n.ZodArray,...bn(r)})};function Lc(n){if(n instanceof nr){let r={};for(let t in n.shape){let o=n.shape[t];r[t]=St.create(Lc(o))}return new nr({...n._def,shape:()=>r})}else if(n instanceof Et)return new Et({...n._def,type:Lc(n.element)});else if(n instanceof St)return St.create(Lc(n.unwrap()));else if(n instanceof io)return io.create(Lc(n.unwrap()));else if(n instanceof Ct)return Ct.create(n.items.map((r)=>Lc(r)));else return n}class nr extends mn{constructor(){super(...arguments);this._cached=null,this.nonstrict=this.passthrough,this.augment=this.extend}_getCached(){if(this._cached!==null)return this._cached;let n=this._def.shape(),r=An.objectKeys(n);return this._cached={shape:n,keys:r},this._cached}_parse(n){if(this._getType(n)!==p.object){let s=this._getOrReturnCtx(n);return T(s,{code:P.invalid_type,expected:p.object,received:s.parsedType}),sn}let{status:t,ctx:o}=this._processInputParams(n),{shape:c,keys:i}=this._getCached(),a=[];if(!(this._def.catchall instanceof Pt&&this._def.unknownKeys==="strip")){for(let s in o.data)if(!i.includes(s))a.push(s)}let e=[];for(let s of i){let f=c[s],d=o.data[s];e.push({key:{status:"valid",value:s},value:f._parse(new Dt(o,d,o.path,s)),alwaysSet:s in o.data})}if(this._def.catchall instanceof Pt){let s=this._def.unknownKeys;if(s==="passthrough")for(let f of a)e.push({key:{status:"valid",value:f},value:{status:"valid",value:o.data[f]}});else if(s==="strict"){if(a.length>0)T(o,{code:P.unrecognized_keys,keys:a}),t.dirty()}else if(s==="strip");else throw Error("Internal ZodObject error: invalid unknownKeys value.")}else{let s=this._def.catchall;for(let f of a){let d=o.data[f];e.push({key:{status:"valid",value:f},value:s._parse(new Dt(o,d,o.path,f)),alwaysSet:f in o.data})}}if(o.common.async)return Promise.resolve().then(async()=>{let s=[];for(let f of e){let d=await f.key,_=await f.value;s.push({key:d,value:_,alwaysSet:f.alwaysSet})}return s}).then((s)=>{return Rr.mergeObjectSync(t,s)});else return Rr.mergeObjectSync(t,e)}get shape(){return this._def.shape()}strict(n){return cn.errToObj,new nr({...this._def,unknownKeys:"strict",...n!==void 0?{errorMap:(r,t)=>{let o=this._def.errorMap?.(r,t).message??t.defaultError;if(r.code==="unrecognized_keys")return{message:cn.errToObj(n).message??o};return{message:o}}}:{}})}strip(){return new nr({...this._def,unknownKeys:"strip"})}passthrough(){return new nr({...this._def,unknownKeys:"passthrough"})}extend(n){return new nr({...this._def,shape:()=>({...this._def.shape(),...n})})}merge(n){return new nr({unknownKeys:n._def.unknownKeys,catchall:n._def.catchall,shape:()=>({...this._def.shape(),...n._def.shape()}),typeName:_n.ZodObject})}setKey(n,r){return this.augment({[n]:r})}catchall(n){return new nr({...this._def,catchall:n})}pick(n){let r={};for(let t of An.objectKeys(n))if(n[t]&&this.shape[t])r[t]=this.shape[t];return new nr({...this._def,shape:()=>r})}omit(n){let r={};for(let t of An.objectKeys(this.shape))if(!n[t])r[t]=this.shape[t];return new nr({...this._def,shape:()=>r})}deepPartial(){return Lc(this)}partial(n){let r={};for(let t of An.objectKeys(this.shape)){let o=this.shape[t];if(n&&!n[t])r[t]=o;else r[t]=o.optional()}return new nr({...this._def,shape:()=>r})}required(n){let r={};for(let t of An.objectKeys(this.shape))if(n&&!n[t])r[t]=this.shape[t];else{let c=this.shape[t];while(c instanceof St)c=c._def.innerType;r[t]=c}return new nr({...this._def,shape:()=>r})}keyof(){return Mb(An.objectKeys(this.shape))}}nr.create=(n,r)=>{return new nr({shape:()=>n,unknownKeys:"strip",catchall:Pt.create(),typeName:_n.ZodObject,...bn(r)})};nr.strictCreate=(n,r)=>{return new nr({shape:()=>n,unknownKeys:"strict",catchall:Pt.create(),typeName:_n.ZodObject,...bn(r)})};nr.lazycreate=(n,r)=>{return new nr({shape:n,unknownKeys:"strip",catchall:Pt.create(),typeName:_n.ZodObject,...bn(r)})};class xc extends mn{_parse(n){let{ctx:r}=this._processInputParams(n),t=this._def.options;function o(c){for(let a of c)if(a.result.status==="valid")return a.result;for(let a of c)if(a.result.status==="dirty")return r.common.issues.push(...a.ctx.common.issues),a.result;let i=c.map((a)=>new xr(a.ctx.common.issues));return T(r,{code:P.invalid_union,unionErrors:i}),sn}if(r.common.async)return Promise.all(t.map(async(c)=>{let i={...r,common:{...r.common,issues:[]},parent:null};return{result:await c._parseAsync({data:r.data,path:r.path,parent:i}),ctx:i}})).then(o);else{let c=void 0,i=[];for(let e of t){let s={...r,common:{...r.common,issues:[]},parent:null},f=e._parseSync({data:r.data,path:r.path,parent:s});if(f.status==="valid")return f;else if(f.status==="dirty"&&!c)c={result:f,ctx:s};if(s.common.issues.length)i.push(s.common.issues)}if(c)return r.common.issues.push(...c.ctx.common.issues),c.result;let a=i.map((e)=>new xr(e));return T(r,{code:P.invalid_union,unionErrors:a}),sn}}get options(){return this._def.options}}xc.create=(n,r)=>{return new xc({options:n,typeName:_n.ZodUnion,...bn(r)})};var co=(n)=>{if(n instanceof Cc)return co(n.schema);else if(n instanceof kt)return co(n.innerType());else if(n instanceof Fc)return[n.value];else if(n instanceof Jo)return n.options;else if(n instanceof jc)return An.objectValues(n.enum);else if(n instanceof qc)return co(n._def.innerType);else if(n instanceof Oc)return[void 0];else if(n instanceof Nc)return[null];else if(n instanceof St)return[void 0,...co(n.unwrap())];else if(n instanceof io)return[null,...co(n.unwrap())];else if(n instanceof Re)return co(n.unwrap());else if(n instanceof vc)return co(n.unwrap());else if(n instanceof Kc)return co(n._def.innerType);else return[]};class Me extends mn{_parse(n){let{ctx:r}=this._processInputParams(n);if(r.parsedType!==p.object)return T(r,{code:P.invalid_type,expected:p.object,received:r.parsedType}),sn;let t=this.discriminator,o=r.data[t],c=this.optionsMap.get(o);if(!c)return T(r,{code:P.invalid_union_discriminator,options:Array.from(this.optionsMap.keys()),path:[t]}),sn;if(r.common.async)return c._parseAsync({data:r.data,path:r.path,parent:r});else return c._parseSync({data:r.data,path:r.path,parent:r})}get discriminator(){return this._def.discriminator}get options(){return this._def.options}get optionsMap(){return this._def.optionsMap}static create(n,r,t){let o=new Map;for(let c of r){let i=co(c.shape[n]);if(!i.length)throw Error(`A discriminator value for key \`${n}\` could not be extracted from all schema options`);for(let a of i){if(o.has(a))throw Error(`Discriminator property ${String(n)} has duplicate value ${String(a)}`);o.set(a,c)}}return new Me({typeName:_n.ZodDiscriminatedUnion,discriminator:n,options:r,optionsMap:o,...bn(t)})}}function Pf(n,r){let t=xt(n),o=xt(r);if(n===r)return{valid:!0,data:n};else if(t===p.object&&o===p.object){let c=An.objectKeys(r),i=An.objectKeys(n).filter((e)=>c.indexOf(e)!==-1),a={...n,...r};for(let e of i){let s=Pf(n[e],r[e]);if(!s.valid)return{valid:!1};a[e]=s.data}return{valid:!0,data:a}}else if(t===p.array&&o===p.array){if(n.length!==r.length)return{valid:!1};let c=[];for(let i=0;i<n.length;i++){let a=n[i],e=r[i],s=Pf(a,e);if(!s.valid)return{valid:!1};c.push(s.data)}return{valid:!0,data:c}}else if(t===p.date&&o===p.date&&+n===+r)return{valid:!0,data:n};else return{valid:!1}}class Pc extends mn{_parse(n){let{status:r,ctx:t}=this._processInputParams(n),o=(c,i)=>{if(De(c)||De(i))return sn;let a=Pf(c.value,i.value);if(!a.valid)return T(t,{code:P.invalid_intersection_types}),sn;if(ke(c)||ke(i))r.dirty();return{status:r.value,value:a.data}};if(t.common.async)return Promise.all([this._def.left._parseAsync({data:t.data,path:t.path,parent:t}),this._def.right._parseAsync({data:t.data,path:t.path,parent:t})]).then(([c,i])=>o(c,i));else return o(this._def.left._parseSync({data:t.data,path:t.path,parent:t}),this._def.right._parseSync({data:t.data,path:t.path,parent:t}))}}Pc.create=(n,r,t)=>{return new Pc({left:n,right:r,typeName:_n.ZodIntersection,...bn(t)})};class Ct extends mn{_parse(n){let{status:r,ctx:t}=this._processInputParams(n);if(t.parsedType!==p.array)return T(t,{code:P.invalid_type,expected:p.array,received:t.parsedType}),sn;if(t.data.length<this._def.items.length)return T(t,{code:P.too_small,minimum:this._def.items.length,inclusive:!0,exact:!1,type:"array"}),sn;if(!this._def.rest&&t.data.length>this._def.items.length)T(t,{code:P.too_big,maximum:this._def.items.length,inclusive:!0,exact:!1,type:"array"}),r.dirty();let c=[...t.data].map((i,a)=>{let e=this._def.items[a]||this._def.rest;if(!e)return null;return e._parse(new Dt(t,i,t.path,a))}).filter((i)=>!!i);if(t.common.async)return Promise.all(c).then((i)=>{return Rr.mergeArray(r,i)});else return Rr.mergeArray(r,c)}get items(){return this._def.items}rest(n){return new Ct({...this._def,rest:n})}}Ct.create=(n,r)=>{if(!Array.isArray(n))throw Error("You must pass an array of schemas to z.tuple([ ... ])");return new Ct({items:n,typeName:_n.ZodTuple,rest:null,...bn(r)})};class Ki extends mn{get keySchema(){return this._def.keyType}get valueSchema(){return this._def.valueType}_parse(n){let{status:r,ctx:t}=this._processInputParams(n);if(t.parsedType!==p.object)return T(t,{code:P.invalid_type,expected:p.object,received:t.parsedType}),sn;let o=[],c=this._def.keyType,i=this._def.valueType;for(let a in t.data)o.push({key:c._parse(new Dt(t,a,t.path,a)),value:i._parse(new Dt(t,t.data[a],t.path,a)),alwaysSet:a in t.data});if(t.common.async)return Rr.mergeObjectAsync(r,o);else return Rr.mergeObjectSync(r,o)}get element(){return this._def.valueType}static create(n,r,t){if(r instanceof mn)return new Ki({keyType:n,valueType:r,typeName:_n.ZodRecord,...bn(t)});return new Ki({keyType:At.create(),valueType:n,typeName:_n.ZodRecord,...bn(r)})}}class vi extends mn{get keySchema(){return this._def.keyType}get valueSchema(){return this._def.valueType}_parse(n){let{status:r,ctx:t}=this._processInputParams(n);if(t.parsedType!==p.map)return T(t,{code:P.invalid_type,expected:p.map,received:t.parsedType}),sn;let o=this._def.keyType,c=this._def.valueType,i=[...t.data.entries()].map(([a,e],s)=>{return{key:o._parse(new Dt(t,a,t.path,[s,"key"])),value:c._parse(new Dt(t,e,t.path,[s,"value"]))}});if(t.common.async){let a=new Map;return Promise.resolve().then(async()=>{for(let e of i){let s=await e.key,f=await e.value;if(s.status==="aborted"||f.status==="aborted")return sn;if(s.status==="dirty"||f.status==="dirty")r.dirty();a.set(s.value,f.value)}return{status:r.value,value:a}})}else{let a=new Map;for(let e of i){let{key:s,value:f}=e;if(s.status==="aborted"||f.status==="aborted")return sn;if(s.status==="dirty"||f.status==="dirty")r.dirty();a.set(s.value,f.value)}return{status:r.value,value:a}}}}vi.create=(n,r,t)=>{return new vi({valueType:r,keyType:n,typeName:_n.ZodMap,...bn(t)})};class ec extends mn{_parse(n){let{status:r,ctx:t}=this._processInputParams(n);if(t.parsedType!==p.set)return T(t,{code:P.invalid_type,expected:p.set,received:t.parsedType}),sn;let o=this._def;if(o.minSize!==null){if(t.data.size<o.minSize.value)T(t,{code:P.too_small,minimum:o.minSize.value,type:"set",inclusive:!0,exact:!1,message:o.minSize.message}),r.dirty()}if(o.maxSize!==null){if(t.data.size>o.maxSize.value)T(t,{code:P.too_big,maximum:o.maxSize.value,type:"set",inclusive:!0,exact:!1,message:o.maxSize.message}),r.dirty()}let c=this._def.valueType;function i(e){let s=new Set;for(let f of e){if(f.status==="aborted")return sn;if(f.status==="dirty")r.dirty();s.add(f.value)}return{status:r.value,value:s}}let a=[...t.data.values()].map((e,s)=>c._parse(new Dt(t,e,t.path,s)));if(t.common.async)return Promise.all(a).then((e)=>i(e));else return i(a)}min(n,r){return new ec({...this._def,minSize:{value:n,message:cn.toString(r)}})}max(n,r){return new ec({...this._def,maxSize:{value:n,message:cn.toString(r)}})}size(n,r){return this.min(n,r).max(n,r)}nonempty(n){return this.min(1,n)}}ec.create=(n,r)=>{return new ec({valueType:n,minSize:null,maxSize:null,typeName:_n.ZodSet,...bn(r)})};class Qc extends mn{constructor(){super(...arguments);this.validate=this.implement}_parse(n){let{ctx:r}=this._processInputParams(n);if(r.parsedType!==p.function)return T(r,{code:P.invalid_type,expected:p.function,received:r.parsedType}),sn;function t(a,e){return Fi({data:a,path:r.path,errorMaps:[r.common.contextualErrorMap,r.schemaErrorMap,Jc(),oo].filter((s)=>!!s),issueData:{code:P.invalid_arguments,argumentsError:e}})}function o(a,e){return Fi({data:a,path:r.path,errorMaps:[r.common.contextualErrorMap,r.schemaErrorMap,Jc(),oo].filter((s)=>!!s),issueData:{code:P.invalid_return_type,returnTypeError:e}})}let c={errorMap:r.common.contextualErrorMap},i=r.data;if(this._def.returns instanceof sc){let a=this;return Vr(async function(...e){let s=new xr([]),f=await a._def.args.parseAsync(e,c).catch((w)=>{throw s.addIssue(t(e,w)),s}),d=await Reflect.apply(i,this,f);return await a._def.returns._def.type.parseAsync(d,c).catch((w)=>{throw s.addIssue(o(d,w)),s})})}else{let a=this;return Vr(function(...e){let s=a._def.args.safeParse(e,c);if(!s.success)throw new xr([t(e,s.error)]);let f=Reflect.apply(i,this,s.data),d=a._def.returns.safeParse(f,c);if(!d.success)throw new xr([o(f,d.error)]);return d.data})}}parameters(){return this._def.args}returnType(){return this._def.returns}args(...n){return new Qc({...this._def,args:Ct.create(n).rest(Wo.create())})}returns(n){return new Qc({...this._def,returns:n})}implement(n){return this.parse(n)}strictImplement(n){return this.parse(n)}static create(n,r,t){return new Qc({args:n?n:Ct.create([]).rest(Wo.create()),returns:r||Wo.create(),typeName:_n.ZodFunction,...bn(t)})}}class Cc extends mn{get schema(){return this._def.getter()}_parse(n){let{ctx:r}=this._processInputParams(n);return this._def.getter()._parse({data:r.data,path:r.path,parent:r})}}Cc.create=(n,r)=>{return new Cc({getter:n,typeName:_n.ZodLazy,...bn(r)})};class Fc extends mn{_parse(n){if(n.data!==this._def.value){let r=this._getOrReturnCtx(n);return T(r,{received:r.data,code:P.invalid_literal,expected:this._def.value}),sn}return{status:"valid",value:n.data}}get value(){return this._def.value}}Fc.create=(n,r)=>{return new Fc({value:n,typeName:_n.ZodLiteral,...bn(r)})};function Mb(n,r){return new Jo({values:n,typeName:_n.ZodEnum,...bn(r)})}class Jo extends mn{_parse(n){if(typeof n.data!=="string"){let r=this._getOrReturnCtx(n),t=this._def.values;return T(r,{expected:An.joinValues(t),received:r.parsedType,code:P.invalid_type}),sn}if(!this._cache)this._cache=new Set(this._def.values);if(!this._cache.has(n.data)){let r=this._getOrReturnCtx(n),t=this._def.values;return T(r,{received:r.data,code:P.invalid_enum_value,options:t}),sn}return Vr(n.data)}get options(){return this._def.values}get enum(){let n={};for(let r of this._def.values)n[r]=r;return n}get Values(){let n={};for(let r of this._def.values)n[r]=r;return n}get Enum(){let n={};for(let r of this._def.values)n[r]=r;return n}extract(n,r=this._def){return Jo.create(n,{...this._def,...r})}exclude(n,r=this._def){return Jo.create(this.options.filter((t)=>!n.includes(t)),{...this._def,...r})}}Jo.create=Mb;class jc extends mn{_parse(n){let r=An.getValidEnumValues(this._def.values),t=this._getOrReturnCtx(n);if(t.parsedType!==p.string&&t.parsedType!==p.number){let o=An.objectValues(r);return T(t,{expected:An.joinValues(o),received:t.parsedType,code:P.invalid_type}),sn}if(!this._cache)this._cache=new Set(An.getValidEnumValues(this._def.values));if(!this._cache.has(n.data)){let o=An.objectValues(r);return T(t,{received:t.data,code:P.invalid_enum_value,options:o}),sn}return Vr(n.data)}get enum(){return this._def.values}}jc.create=(n,r)=>{return new jc({values:n,typeName:_n.ZodNativeEnum,...bn(r)})};class sc extends mn{unwrap(){return this._def.type}_parse(n){let{ctx:r}=this._processInputParams(n);if(r.parsedType!==p.promise&&r.common.async===!1)return T(r,{code:P.invalid_type,expected:p.promise,received:r.parsedType}),sn;let t=r.parsedType===p.promise?r.data:Promise.resolve(r.data);return Vr(t.then((o)=>{return this._def.type.parseAsync(o,{path:r.path,errorMap:r.common.contextualErrorMap})}))}}sc.create=(n,r)=>{return new sc({type:n,typeName:_n.ZodPromise,...bn(r)})};class kt extends mn{innerType(){return this._def.schema}sourceType(){return this._def.schema._def.typeName===_n.ZodEffects?this._def.schema.sourceType():this._def.schema}_parse(n){let{status:r,ctx:t}=this._processInputParams(n),o=this._def.effect||null,c={addIssue:(i)=>{if(T(t,i),i.fatal)r.abort();else r.dirty()},get path(){return t.path}};if(c.addIssue=c.addIssue.bind(c),o.type==="preprocess"){let i=o.transform(t.data,c);if(t.common.async)return Promise.resolve(i).then(async(a)=>{if(r.value==="aborted")return sn;let e=await this._def.schema._parseAsync({data:a,path:t.path,parent:t});if(e.status==="aborted")return sn;if(e.status==="dirty")return cc(e.value);if(r.value==="dirty")return cc(e.value);return e});else{if(r.value==="aborted")return sn;let a=this._def.schema._parseSync({data:i,path:t.path,parent:t});if(a.status==="aborted")return sn;if(a.status==="dirty")return cc(a.value);if(r.value==="dirty")return cc(a.value);return a}}if(o.type==="refinement"){let i=(a)=>{let e=o.refinement(a,c);if(t.common.async)return Promise.resolve(e);if(e instanceof Promise)throw Error("Async refinement encountered during synchronous parse operation. Use .parseAsync instead.");return a};if(t.common.async===!1){let a=this._def.schema._parseSync({data:t.data,path:t.path,parent:t});if(a.status==="aborted")return sn;if(a.status==="dirty")r.dirty();return i(a.value),{status:r.value,value:a.value}}else return this._def.schema._parseAsync({data:t.data,path:t.path,parent:t}).then((a)=>{if(a.status==="aborted")return sn;if(a.status==="dirty")r.dirty();return i(a.value).then(()=>{return{status:r.value,value:a.value}})})}if(o.type==="transform")if(t.common.async===!1){let i=this._def.schema._parseSync({data:t.data,path:t.path,parent:t});if(!Uo(i))return sn;let a=o.transform(i.value,c);if(a instanceof Promise)throw Error("Asynchronous transform encountered during synchronous parse operation. Use .parseAsync instead.");return{status:r.value,value:a}}else return this._def.schema._parseAsync({data:t.data,path:t.path,parent:t}).then((i)=>{if(!Uo(i))return sn;return Promise.resolve(o.transform(i.value,c)).then((a)=>({status:r.value,value:a}))});An.assertNever(o)}}kt.create=(n,r,t)=>{return new kt({schema:n,typeName:_n.ZodEffects,effect:r,...bn(t)})};kt.createWithPreprocess=(n,r,t)=>{return new kt({schema:r,effect:{type:"preprocess",transform:n},typeName:_n.ZodEffects,...bn(t)})};class St extends mn{_parse(n){if(this._getType(n)===p.undefined)return Vr(void 0);return this._def.innerType._parse(n)}unwrap(){return this._def.innerType}}St.create=(n,r)=>{return new St({innerType:n,typeName:_n.ZodOptional,...bn(r)})};class io extends mn{_parse(n){if(this._getType(n)===p.null)return Vr(null);return this._def.innerType._parse(n)}unwrap(){return this._def.innerType}}io.create=(n,r)=>{return new io({innerType:n,typeName:_n.ZodNullable,...bn(r)})};class qc extends mn{_parse(n){let{ctx:r}=this._processInputParams(n),t=r.data;if(r.parsedType===p.undefined)t=this._def.defaultValue();return this._def.innerType._parse({data:t,path:r.path,parent:r})}removeDefault(){return this._def.innerType}}qc.create=(n,r)=>{return new qc({innerType:n,typeName:_n.ZodDefault,defaultValue:typeof r.default==="function"?r.default:()=>r.default,...bn(r)})};class Kc extends mn{_parse(n){let{ctx:r}=this._processInputParams(n),t={...r,common:{...r.common,issues:[]}},o=this._def.innerType._parse({data:t.data,path:t.path,parent:{...t}});if(Xc(o))return o.then((c)=>{return{status:"valid",value:c.status==="valid"?c.value:this._def.catchValue({get error(){return new xr(t.common.issues)},input:t.data})}});else return{status:"valid",value:o.status==="valid"?o.value:this._def.catchValue({get error(){return new xr(t.common.issues)},input:t.data})}}removeCatch(){return this._def.innerType}}Kc.create=(n,r)=>{return new Kc({innerType:n,typeName:_n.ZodCatch,catchValue:typeof r.catch==="function"?r.catch:()=>r.catch,...bn(r)})};class Zi extends mn{_parse(n){if(this._getType(n)!==p.nan){let t=this._getOrReturnCtx(n);return T(t,{code:P.invalid_type,expected:p.nan,received:t.parsedType}),sn}return{status:"valid",value:n.data}}}Zi.create=(n)=>{return new Zi({typeName:_n.ZodNaN,...bn(n)})};var vh=Symbol("zod_brand");class Re extends mn{_parse(n){let{ctx:r}=this._processInputParams(n),t=r.data;return this._def.type._parse({data:t,path:r.path,parent:r})}unwrap(){return this._def.type}}class Ii extends mn{_parse(n){let{status:r,ctx:t}=this._processInputParams(n);if(t.common.async)return(async()=>{let c=await this._def.in._parseAsync({data:t.data,path:t.path,parent:t});if(c.status==="aborted")return sn;if(c.status==="dirty")return r.dirty(),cc(c.value);else return this._def.out._parseAsync({data:c.value,path:t.path,parent:t})})();else{let o=this._def.in._parseSync({data:t.data,path:t.path,parent:t});if(o.status==="aborted")return sn;if(o.status==="dirty")return r.dirty(),{status:"dirty",value:o.value};else return this._def.out._parseSync({data:o.value,path:t.path,parent:t})}}static create(n,r){return new Ii({in:n,out:r,typeName:_n.ZodPipeline})}}class vc extends mn{_parse(n){let r=this._def.innerType._parse(n),t=(o)=>{if(Uo(o))o.value=Object.freeze(o.value);return o};return Xc(r)?r.then((o)=>t(o)):t(r)}unwrap(){return this._def.innerType}}vc.create=(n,r)=>{return new vc({innerType:n,typeName:_n.ZodReadonly,...bn(r)})};function Eb(n,r){let t=typeof n==="function"?n(r):typeof n==="string"?{message:n}:n;return typeof t==="string"?{message:t}:t}function Rb(n,r={},t){if(n)return ac.create().superRefine((o,c)=>{let i=n(o);if(i instanceof Promise)return i.then((a)=>{if(!a){let e=Eb(r,o),s=e.fatal??t??!0;c.addIssue({code:"custom",...e,fatal:s})}});if(!i){let a=Eb(r,o),e=a.fatal??t??!0;c.addIssue({code:"custom",...a,fatal:e})}return});return ac.create()}var Zh={object:nr.lazycreate},_n;(function(n){n.ZodString="ZodString",n.ZodNumber="ZodNumber",n.ZodNaN="ZodNaN",n.ZodBigInt="ZodBigInt",n.ZodBoolean="ZodBoolean",n.ZodDate="ZodDate",n.ZodSymbol="ZodSymbol",n.ZodUndefined="ZodUndefined",n.ZodNull="ZodNull",n.ZodAny="ZodAny",n.ZodUnknown="ZodUnknown",n.ZodNever="ZodNever",n.ZodVoid="ZodVoid",n.ZodArray="ZodArray",n.ZodObject="ZodObject",n.ZodUnion="ZodUnion",n.ZodDiscriminatedUnion="ZodDiscriminatedUnion",n.ZodIntersection="ZodIntersection",n.ZodTuple="ZodTuple",n.ZodRecord="ZodRecord",n.ZodMap="ZodMap",n.ZodSet="ZodSet",n.ZodFunction="ZodFunction",n.ZodLazy="ZodLazy",n.ZodLiteral="ZodLiteral",n.ZodEnum="ZodEnum",n.ZodEffects="ZodEffects",n.ZodNativeEnum="ZodNativeEnum",n.ZodOptional="ZodOptional",n.ZodNullable="ZodNullable",n.ZodDefault="ZodDefault",n.ZodCatch="ZodCatch",n.ZodPromise="ZodPromise",n.ZodBranded="ZodBranded",n.ZodPipeline="ZodPipeline",n.ZodReadonly="ZodReadonly"})(_n||(_n={}));var Ih=(n,r={message:`Input not instance of ${n.name}`})=>Rb((t)=>t instanceof n,r),Hb=At.create,zb=Vo.create,ph=Zi.create,yh=Yo.create,Bb=Gc.create,Th=ic.create,n3=ji.create,r3=Oc.create,t3=Nc.create,o3=ac.create,c3=Wo.create,i3=Pt.create,a3=qi.create,e3=Et.create,s3=nr.create,f3=nr.strictCreate,_3=xc.create,l3=Me.create,d3=Pc.create,u3=Ct.create,w3=Ki.create,b3=vi.create,g3=ec.create,m3=Qc.create,$3=Cc.create,h3=Fc.create,A3=Jo.create,E3=jc.create,S3=sc.create,D3=kt.create,k3=St.create,M3=io.create,R3=kt.createWithPreprocess,H3=Ii.create,z3=()=>Hb().optional(),B3=()=>zb().optional(),U3=()=>Bb().optional(),W3={string:(n)=>At.create({...n,coerce:!0}),number:(n)=>Vo.create({...n,coerce:!0}),boolean:(n)=>Gc.create({...n,coerce:!0}),bigint:(n)=>Yo.create({...n,coerce:!0}),date:(n)=>ic.create({...n,coerce:!0})};var V3=sn;var Y3=V.object({name:V.string().regex(/^x-/),component:V.unknown()}),Ub=V.function().returns(V.object({name:V.string(),extensions:V.array(Y3)}));var Wb=[["--theme-","--scalar-"],["--sidebar-","--scalar-sidebar-"]],J3=Wb.map(([n])=>n);function He(n){if(!J3.some((t)=>n.includes(t)))return n;return console.warn("DEPRECATION WARNING: It looks like you're using legacy CSS variables in your custom CSS string. Please migrate them to use the updated prefixes. See https://github.com/scalar/scalar/blob/main/documentation/themes.md#theme-prefix-changes"),Wb.reduce((t,[o,c])=>t.replaceAll(o,c),n)}var X3=V.enum(["alternate","default","moon","purple","solarized","bluePlanet","deepSpace","saturn","kepler","elysiajs","fastify","mars","none"]),L3=V.enum(["a","b","c","d","e","f","g","h","i","j","k","l","m","n","o","p","q","r","s","t","u","v","w","x","y","z"]),Q3=V.enum(["adonisjs","docusaurus","dotnet","elysiajs","express","fastapi","fastify","go","hono","html","laravel","litestar","nestjs","nextjs","nitro","nuxt","platformatic","react","rust","vue"]).nullable(),Yb=V.object({url:V.string().optional(),content:V.union([V.string(),V.record(V.any()),V.function().returns(V.record(V.any())),V.null()]).optional(),title:V.string().optional(),slug:V.string().optional()}),G3=V.object({basePath:V.string()}),Jb=V.object({url:V.string().optional(),content:V.union([V.string(),V.record(V.any()),V.function().returns(V.record(V.any())),V.null()]).optional(),title:V.string().optional(),slug:V.string().optional(),spec:Yb.optional(),authentication:V.any().optional(),baseServerURL:V.string().optional(),hideClientButton:V.boolean().optional().default(!1).catch(!1),proxyUrl:V.string().optional(),searchHotKey:L3.optional(),servers:V.array(V.any()).optional(),showSidebar:V.boolean().optional().default(!0).catch(!0),theme:X3.optional().default("default").catch("default"),_integration:Q3.optional(),onRequestSent:V.function().args(V.string()).returns(V.void()).optional()}),Vb="https://api.scalar.com/request-proxy",Cf="https://proxy.scalar.com",O3=Jb.merge(V.object({layout:V.enum(["modern","classic"]).optional().default("modern").catch("modern"),proxy:V.string().optional(),plugins:V.array(Ub).optional(),isEditable:V.boolean().optional().default(!1).catch(!1),isLoading:V.boolean().optional().default(!1).catch(!1),hideModels:V.boolean().optional().default(!1).catch(!1),hideDownloadButton:V.boolean().optional().default(!1).catch(!1),hideTestRequestButton:V.boolean().optional().default(!1).catch(!1),hideSearch:V.boolean().optional().default(!1).catch(!1),darkMode:V.boolean().optional(),forceDarkModeState:V.enum(["dark","light"]).optional(),hideDarkModeToggle:V.boolean().optional().default(!1).catch(!1),metaData:V.any().optional(),favicon:V.string().optional(),hiddenClients:V.union([V.record(V.union([V.boolean(),V.array(V.string())])),V.array(V.string()),V.literal(!0)]).optional(),defaultHttpClient:V.object({targetKey:V.custom(),clientKey:V.string()}).optional(),customCss:V.string().optional(),onSpecUpdate:V.function().args(V.string()).returns(V.void()).optional(),onServerChange:V.function().args(V.string()).returns(V.void()).optional(),onDocumentSelect:V.function().returns(V.void().or(V.void().promise())).optional(),onLoaded:V.function().returns(V.void().or(V.void().promise())).optional(),onShowMore:V.function().args(V.string()).returns(V.void().or(V.void().promise())).optional(),onSidebarClick:V.function().args(V.string()).returns(V.void().or(V.void().promise())).optional(),pathRouting:G3.optional(),generateHeadingSlug:V.function().args(V.object({slug:V.string().default("headingSlug")})).returns(V.string()).optional(),generateModelSlug:V.function().args(V.object({name:V.string().default("modelName")})).returns(V.string()).optional(),generateTagSlug:V.function().args(V.object({name:V.string().default("tagName")})).returns(V.string()).optional(),generateOperationSlug:V.function().args(V.object({path:V.string(),operationId:V.string().optional(),method:V.string(),summary:V.string().optional()})).returns(V.string()).optional(),generateWebhookSlug:V.function().args(V.object({name:V.string(),method:V.string().optional()})).returns(V.string()).optional(),redirect:V.function().args(V.string()).returns(V.string().nullable().optional()).optional(),withDefaultFonts:V.boolean().optional().default(!0).catch(!0),defaultOpenAllTags:V.boolean().optional(),tagsSorter:V.union([V.literal("alpha"),V.function().args(V.any(),V.any()).returns(V.number())]).optional(),operationsSorter:V.union([V.literal("alpha"),V.literal("method"),V.function().args(V.any(),V.any()).returns(V.number())]).optional()})),N3=(n)=>{let r={...n};if(r.spec?.url)console.warn("[DEPRECATED] You're using the deprecated 'spec.url' attribute. Remove the spec prefix and move the 'url' attribute to the top level."),r.url=r.spec.url,delete r.spec;if(r.spec?.content)console.warn("[DEPRECATED] You're using the deprecated 'spec.content' attribute. Remove the spec prefix and move the 'content' attribute to the top level."),r.content=r.spec.content,delete r.spec;if(r.customCss)r.customCss=He(r.customCss);if(r.proxy){if(console.warn("[DEPRECATED] You're using the deprecated 'proxy' attribute, rename it to 'proxyUrl' or update the package."),!r.proxyUrl)r.proxyUrl=r.proxy;delete r.proxy}if(r.proxyUrl===Vb)console.warn(`[DEPRECATED] Warning: configuration.proxyUrl points to our old proxy (${Vb}).`),console.warn(`[DEPRECATED] We are overwriting the value and use the new proxy URL (${Cf}) instead.`),console.warn(`[DEPRECATED] Action Required: You should manually update your configuration to use the new URL (${Cf}). Read more: https://github.com/scalar/scalar`),r.proxyUrl=Cf;return r},x3=O3.transform(N3);var P3=V.object({cdn:V.string().optional().default("https://cdn.jsdelivr.net/npm/@scalar/api-reference"),pageTitle:V.string().optional().default("Scalar API Reference")});var C3={alternate:sb,default:lb,moon:bb,elysiajs:Se,fastify:db,purple:gb,solarized:$b,bluePlanet:fb,deepSpace:_b,saturn:mb,kepler:ub,mars:wb};var Hz=Object.keys(C3);import{replaceSchemaType as v3,t as jf}from"elysia";function Ff(n){return"type"in n||"properties"in n||"items"in n}function j3(n,r){return(n==="createdAt"||n==="updatedAt")&&"anyOf"in r&&Array.isArray(r.anyOf)}function Qb(n){if(!Ff(n)||typeof n!=="object"||n===null)return n;let r={...n};return Object.entries(r).forEach(([t,o])=>{if(Ff(o))if(j3(t,o)){let c=o.anyOf?.find((i)=>Ff(i)&&i.format==="date-time");if(c){let i={type:"string",format:"date-time",default:c.default};r[t]=i}}else r[t]=Qb(o)}),r}var q3=(n,r,t,o,c)=>{let i=JSON.parse(o);if(i.components&&i.components.schemas)i.components.schemas=Object.fromEntries(Object.entries(i.components.schemas).map(([e,s])=>[e,Qb(s)]));let a=JSON.stringify(i);return`<!DOCTYPE html>
+`;var Y={};ho(Y,{void:()=>a3,util:()=>An,unknown:()=>c3,union:()=>_3,undefined:()=>r3,tuple:()=>u3,transformer:()=>D3,symbol:()=>n3,string:()=>Hb,strictObject:()=>f3,setErrorMap:()=>Mh,set:()=>g3,record:()=>w3,quotelessJson:()=>Dh,promise:()=>S3,preprocess:()=>R3,pipeline:()=>H3,ostring:()=>z3,optional:()=>k3,onumber:()=>B3,oboolean:()=>U3,objectUtil:()=>Nf,object:()=>s3,number:()=>zb,nullable:()=>M3,null:()=>t3,never:()=>i3,nativeEnum:()=>E3,nan:()=>ph,map:()=>b3,makeIssue:()=>Fi,literal:()=>h3,lazy:()=>$3,late:()=>Zh,isValid:()=>Uo,isDirty:()=>ke,isAsync:()=>Xc,isAborted:()=>De,intersection:()=>d3,instanceof:()=>Ih,getParsedType:()=>xt,getErrorMap:()=>Jc,function:()=>m3,enum:()=>A3,effect:()=>D3,discriminatedUnion:()=>l3,defaultErrorMap:()=>oo,datetimeRegex:()=>kb,date:()=>Th,custom:()=>Rb,coerce:()=>W3,boolean:()=>Bb,bigint:()=>yh,array:()=>e3,any:()=>o3,addIssueToContext:()=>T,ZodVoid:()=>qi,ZodUnknown:()=>Wo,ZodUnion:()=>xc,ZodUndefined:()=>Oc,ZodType:()=>mn,ZodTuple:()=>Ct,ZodTransformer:()=>kt,ZodSymbol:()=>ji,ZodString:()=>At,ZodSet:()=>sc,ZodSchema:()=>mn,ZodRecord:()=>Ki,ZodReadonly:()=>vc,ZodPromise:()=>fc,ZodPipeline:()=>Ii,ZodParsedType:()=>p,ZodOptional:()=>St,ZodObject:()=>nr,ZodNumber:()=>Vo,ZodNullable:()=>io,ZodNull:()=>Nc,ZodNever:()=>Pt,ZodNativeEnum:()=>jc,ZodNaN:()=>Zi,ZodMap:()=>vi,ZodLiteral:()=>Fc,ZodLazy:()=>Cc,ZodIssueCode:()=>P,ZodIntersection:()=>Pc,ZodFunction:()=>Qc,ZodFirstPartyTypeKind:()=>_n,ZodError:()=>xr,ZodEnum:()=>Jo,ZodEffects:()=>kt,ZodDiscriminatedUnion:()=>Me,ZodDefault:()=>qc,ZodDate:()=>ac,ZodCatch:()=>Kc,ZodBranded:()=>Re,ZodBoolean:()=>Gc,ZodBigInt:()=>Yo,ZodArray:()=>Et,ZodAny:()=>ec,Schema:()=>mn,ParseStatus:()=>Rr,OK:()=>Vr,NEVER:()=>V3,INVALID:()=>sn,EMPTY_PATH:()=>Rh,DIRTY:()=>ic,BRAND:()=>vh});var An;(function(n){n.assertEqual=(c)=>{};function r(c){}n.assertIs=r;function t(c){throw Error()}n.assertNever=t,n.arrayToEnum=(c)=>{let i={};for(let a of c)i[a]=a;return i},n.getValidEnumValues=(c)=>{let i=n.objectKeys(c).filter((e)=>typeof c[c[e]]!=="number"),a={};for(let e of i)a[e]=c[e];return n.objectValues(a)},n.objectValues=(c)=>{return n.objectKeys(c).map(function(i){return c[i]})},n.objectKeys=typeof Object.keys==="function"?(c)=>Object.keys(c):(c)=>{let i=[];for(let a in c)if(Object.prototype.hasOwnProperty.call(c,a))i.push(a);return i},n.find=(c,i)=>{for(let a of c)if(i(a))return a;return},n.isInteger=typeof Number.isInteger==="function"?(c)=>Number.isInteger(c):(c)=>typeof c==="number"&&Number.isFinite(c)&&Math.floor(c)===c;function o(c,i=" | "){return c.map((a)=>typeof a==="string"?`'${a}'`:a).join(i)}n.joinValues=o,n.jsonStringifyReplacer=(c,i)=>{if(typeof i==="bigint")return i.toString();return i}})(An||(An={}));var Nf;(function(n){n.mergeShapes=(r,t)=>{return{...r,...t}}})(Nf||(Nf={}));var p=An.arrayToEnum(["string","nan","number","integer","float","boolean","date","bigint","symbol","function","undefined","null","array","object","unknown","promise","void","never","map","set"]),xt=(n)=>{switch(typeof n){case"undefined":return p.undefined;case"string":return p.string;case"number":return Number.isNaN(n)?p.nan:p.number;case"boolean":return p.boolean;case"function":return p.function;case"bigint":return p.bigint;case"symbol":return p.symbol;case"object":if(Array.isArray(n))return p.array;if(n===null)return p.null;if(n.then&&typeof n.then==="function"&&n.catch&&typeof n.catch==="function")return p.promise;if(typeof Map<"u"&&n instanceof Map)return p.map;if(typeof Set<"u"&&n instanceof Set)return p.set;if(typeof Date<"u"&&n instanceof Date)return p.date;return p.object;default:return p.unknown}};var P=An.arrayToEnum(["invalid_type","invalid_literal","custom","invalid_union","invalid_union_discriminator","invalid_enum_value","unrecognized_keys","invalid_arguments","invalid_return_type","invalid_date","invalid_string","too_small","too_big","invalid_intersection_types","not_multiple_of","not_finite"]),Dh=(n)=>{return JSON.stringify(n,null,2).replace(/"([^"]+)":/g,"$1:")};class xr extends Error{get errors(){return this.issues}constructor(n){super();this.issues=[],this.addIssue=(t)=>{this.issues=[...this.issues,t]},this.addIssues=(t=[])=>{this.issues=[...this.issues,...t]};let r=new.target.prototype;if(Object.setPrototypeOf)Object.setPrototypeOf(this,r);else this.__proto__=r;this.name="ZodError",this.issues=n}format(n){let r=n||function(c){return c.message},t={_errors:[]},o=(c)=>{for(let i of c.issues)if(i.code==="invalid_union")i.unionErrors.map(o);else if(i.code==="invalid_return_type")o(i.returnTypeError);else if(i.code==="invalid_arguments")o(i.argumentsError);else if(i.path.length===0)t._errors.push(r(i));else{let a=t,e=0;while(e<i.path.length){let s=i.path[e];if(e!==i.path.length-1)a[s]=a[s]||{_errors:[]};else a[s]=a[s]||{_errors:[]},a[s]._errors.push(r(i));a=a[s],e++}}};return o(this),t}static assert(n){if(!(n instanceof xr))throw Error(`Not a ZodError: ${n}`)}toString(){return this.message}get message(){return JSON.stringify(this.issues,An.jsonStringifyReplacer,2)}get isEmpty(){return this.issues.length===0}flatten(n=(r)=>r.message){let r={},t=[];for(let o of this.issues)if(o.path.length>0){let c=o.path[0];r[c]=r[c]||[],r[c].push(n(o))}else t.push(n(o));return{formErrors:t,fieldErrors:r}}get formErrors(){return this.flatten()}}xr.create=(n)=>{return new xr(n)};var kh=(n,r)=>{let t;switch(n.code){case P.invalid_type:if(n.received===p.undefined)t="Required";else t=`Expected ${n.expected}, received ${n.received}`;break;case P.invalid_literal:t=`Invalid literal value, expected ${JSON.stringify(n.expected,An.jsonStringifyReplacer)}`;break;case P.unrecognized_keys:t=`Unrecognized key(s) in object: ${An.joinValues(n.keys,", ")}`;break;case P.invalid_union:t="Invalid input";break;case P.invalid_union_discriminator:t=`Invalid discriminator value. Expected ${An.joinValues(n.options)}`;break;case P.invalid_enum_value:t=`Invalid enum value. Expected ${An.joinValues(n.options)}, received '${n.received}'`;break;case P.invalid_arguments:t="Invalid function arguments";break;case P.invalid_return_type:t="Invalid function return type";break;case P.invalid_date:t="Invalid date";break;case P.invalid_string:if(typeof n.validation==="object")if("includes"in n.validation){if(t=`Invalid input: must include "${n.validation.includes}"`,typeof n.validation.position==="number")t=`${t} at one or more positions greater than or equal to ${n.validation.position}`}else if("startsWith"in n.validation)t=`Invalid input: must start with "${n.validation.startsWith}"`;else if("endsWith"in n.validation)t=`Invalid input: must end with "${n.validation.endsWith}"`;else An.assertNever(n.validation);else if(n.validation!=="regex")t=`Invalid ${n.validation}`;else t="Invalid";break;case P.too_small:if(n.type==="array")t=`Array must contain ${n.exact?"exactly":n.inclusive?"at least":"more than"} ${n.minimum} element(s)`;else if(n.type==="string")t=`String must contain ${n.exact?"exactly":n.inclusive?"at least":"over"} ${n.minimum} character(s)`;else if(n.type==="number")t=`Number must be ${n.exact?"exactly equal to ":n.inclusive?"greater than or equal to ":"greater than "}${n.minimum}`;else if(n.type==="bigint")t=`Number must be ${n.exact?"exactly equal to ":n.inclusive?"greater than or equal to ":"greater than "}${n.minimum}`;else if(n.type==="date")t=`Date must be ${n.exact?"exactly equal to ":n.inclusive?"greater than or equal to ":"greater than "}${new Date(Number(n.minimum))}`;else t="Invalid input";break;case P.too_big:if(n.type==="array")t=`Array must contain ${n.exact?"exactly":n.inclusive?"at most":"less than"} ${n.maximum} element(s)`;else if(n.type==="string")t=`String must contain ${n.exact?"exactly":n.inclusive?"at most":"under"} ${n.maximum} character(s)`;else if(n.type==="number")t=`Number must be ${n.exact?"exactly":n.inclusive?"less than or equal to":"less than"} ${n.maximum}`;else if(n.type==="bigint")t=`BigInt must be ${n.exact?"exactly":n.inclusive?"less than or equal to":"less than"} ${n.maximum}`;else if(n.type==="date")t=`Date must be ${n.exact?"exactly":n.inclusive?"smaller than or equal to":"smaller than"} ${new Date(Number(n.maximum))}`;else t="Invalid input";break;case P.custom:t="Invalid input";break;case P.invalid_intersection_types:t="Intersection results could not be merged";break;case P.not_multiple_of:t=`Number must be a multiple of ${n.multipleOf}`;break;case P.not_finite:t="Number must be finite";break;default:t=r.defaultError,An.assertNever(n)}return{message:t}},oo=kh;var hb=oo;function Mh(n){hb=n}function Jc(){return hb}var Fi=(n)=>{let{data:r,path:t,errorMaps:o,issueData:c}=n,i=[...t,...c.path||[]],a={...c,path:i};if(c.message!==void 0)return{...c,path:i,message:c.message};let e="",s=o.filter((f)=>!!f).slice().reverse();for(let f of s)e=f(a,{data:r,defaultError:e}).message;return{...c,path:i,message:e}},Rh=[];function T(n,r){let t=Jc(),o=Fi({issueData:r,data:n.data,path:n.path,errorMaps:[n.common.contextualErrorMap,n.schemaErrorMap,t,t===oo?void 0:oo].filter((c)=>!!c)});n.common.issues.push(o)}class Rr{constructor(){this.value="valid"}dirty(){if(this.value==="valid")this.value="dirty"}abort(){if(this.value!=="aborted")this.value="aborted"}static mergeArray(n,r){let t=[];for(let o of r){if(o.status==="aborted")return sn;if(o.status==="dirty")n.dirty();t.push(o.value)}return{status:n.value,value:t}}static async mergeObjectAsync(n,r){let t=[];for(let o of r){let c=await o.key,i=await o.value;t.push({key:c,value:i})}return Rr.mergeObjectSync(n,t)}static mergeObjectSync(n,r){let t={};for(let o of r){let{key:c,value:i}=o;if(c.status==="aborted")return sn;if(i.status==="aborted")return sn;if(c.status==="dirty")n.dirty();if(i.status==="dirty")n.dirty();if(c.value!=="__proto__"&&(typeof i.value<"u"||o.alwaysSet))t[c.value]=i.value}return{status:n.value,value:t}}}var sn=Object.freeze({status:"aborted"}),ic=(n)=>({status:"dirty",value:n}),Vr=(n)=>({status:"valid",value:n}),De=(n)=>n.status==="aborted",ke=(n)=>n.status==="dirty",Uo=(n)=>n.status==="valid",Xc=(n)=>typeof Promise<"u"&&n instanceof Promise;var cn;(function(n){n.errToObj=(r)=>typeof r==="string"?{message:r}:r||{},n.toString=(r)=>typeof r==="string"?r:r?.message})(cn||(cn={}));class Dt{constructor(n,r,t,o){this._cachedPath=[],this.parent=n,this.data=r,this._path=t,this._key=o}get path(){if(!this._cachedPath.length)if(Array.isArray(this._key))this._cachedPath.push(...this._path,...this._key);else this._cachedPath.push(...this._path,this._key);return this._cachedPath}}var Ab=(n,r)=>{if(Uo(r))return{success:!0,data:r.value};else{if(!n.common.issues.length)throw Error("Validation failed but no issues detected.");return{success:!1,get error(){if(this._error)return this._error;let t=new xr(n.common.issues);return this._error=t,this._error}}}};function bn(n){if(!n)return{};let{errorMap:r,invalid_type_error:t,required_error:o,description:c}=n;if(r&&(t||o))throw Error(`Can't use "invalid_type_error" or "required_error" in conjunction with custom error map.`);if(r)return{errorMap:r,description:c};return{errorMap:(a,e)=>{let{message:s}=n;if(a.code==="invalid_enum_value")return{message:s??e.defaultError};if(typeof e.data>"u")return{message:s??o??e.defaultError};if(a.code!=="invalid_type")return{message:e.defaultError};return{message:s??t??e.defaultError}},description:c}}class mn{get description(){return this._def.description}_getType(n){return xt(n.data)}_getOrReturnCtx(n,r){return r||{common:n.parent.common,data:n.data,parsedType:xt(n.data),schemaErrorMap:this._def.errorMap,path:n.path,parent:n.parent}}_processInputParams(n){return{status:new Rr,ctx:{common:n.parent.common,data:n.data,parsedType:xt(n.data),schemaErrorMap:this._def.errorMap,path:n.path,parent:n.parent}}}_parseSync(n){let r=this._parse(n);if(Xc(r))throw Error("Synchronous parse encountered promise.");return r}_parseAsync(n){let r=this._parse(n);return Promise.resolve(r)}parse(n,r){let t=this.safeParse(n,r);if(t.success)return t.data;throw t.error}safeParse(n,r){let t={common:{issues:[],async:r?.async??!1,contextualErrorMap:r?.errorMap},path:r?.path||[],schemaErrorMap:this._def.errorMap,parent:null,data:n,parsedType:xt(n)},o=this._parseSync({data:n,path:t.path,parent:t});return Ab(t,o)}"~validate"(n){let r={common:{issues:[],async:!!this["~standard"].async},path:[],schemaErrorMap:this._def.errorMap,parent:null,data:n,parsedType:xt(n)};if(!this["~standard"].async)try{let t=this._parseSync({data:n,path:[],parent:r});return Uo(t)?{value:t.value}:{issues:r.common.issues}}catch(t){if(t?.message?.toLowerCase()?.includes("encountered"))this["~standard"].async=!0;r.common={issues:[],async:!0}}return this._parseAsync({data:n,path:[],parent:r}).then((t)=>Uo(t)?{value:t.value}:{issues:r.common.issues})}async parseAsync(n,r){let t=await this.safeParseAsync(n,r);if(t.success)return t.data;throw t.error}async safeParseAsync(n,r){let t={common:{issues:[],contextualErrorMap:r?.errorMap,async:!0},path:r?.path||[],schemaErrorMap:this._def.errorMap,parent:null,data:n,parsedType:xt(n)},o=this._parse({data:n,path:t.path,parent:t}),c=await(Xc(o)?o:Promise.resolve(o));return Ab(t,c)}refine(n,r){let t=(o)=>{if(typeof r==="string"||typeof r>"u")return{message:r};else if(typeof r==="function")return r(o);else return r};return this._refinement((o,c)=>{let i=n(o),a=()=>c.addIssue({code:P.custom,...t(o)});if(typeof Promise<"u"&&i instanceof Promise)return i.then((e)=>{if(!e)return a(),!1;else return!0});if(!i)return a(),!1;else return!0})}refinement(n,r){return this._refinement((t,o)=>{if(!n(t))return o.addIssue(typeof r==="function"?r(t,o):r),!1;else return!0})}_refinement(n){return new kt({schema:this,typeName:_n.ZodEffects,effect:{type:"refinement",refinement:n}})}superRefine(n){return this._refinement(n)}constructor(n){this.spa=this.safeParseAsync,this._def=n,this.parse=this.parse.bind(this),this.safeParse=this.safeParse.bind(this),this.parseAsync=this.parseAsync.bind(this),this.safeParseAsync=this.safeParseAsync.bind(this),this.spa=this.spa.bind(this),this.refine=this.refine.bind(this),this.refinement=this.refinement.bind(this),this.superRefine=this.superRefine.bind(this),this.optional=this.optional.bind(this),this.nullable=this.nullable.bind(this),this.nullish=this.nullish.bind(this),this.array=this.array.bind(this),this.promise=this.promise.bind(this),this.or=this.or.bind(this),this.and=this.and.bind(this),this.transform=this.transform.bind(this),this.brand=this.brand.bind(this),this.default=this.default.bind(this),this.catch=this.catch.bind(this),this.describe=this.describe.bind(this),this.pipe=this.pipe.bind(this),this.readonly=this.readonly.bind(this),this.isNullable=this.isNullable.bind(this),this.isOptional=this.isOptional.bind(this),this["~standard"]={version:1,vendor:"zod",validate:(r)=>this["~validate"](r)}}optional(){return St.create(this,this._def)}nullable(){return io.create(this,this._def)}nullish(){return this.nullable().optional()}array(){return Et.create(this)}promise(){return fc.create(this,this._def)}or(n){return xc.create([this,n],this._def)}and(n){return Pc.create(this,n,this._def)}transform(n){return new kt({...bn(this._def),schema:this,typeName:_n.ZodEffects,effect:{type:"transform",transform:n}})}default(n){let r=typeof n==="function"?n:()=>n;return new qc({...bn(this._def),innerType:this,defaultValue:r,typeName:_n.ZodDefault})}brand(){return new Re({typeName:_n.ZodBranded,type:this,...bn(this._def)})}catch(n){let r=typeof n==="function"?n:()=>n;return new Kc({...bn(this._def),innerType:this,catchValue:r,typeName:_n.ZodCatch})}describe(n){return new this.constructor({...this._def,description:n})}pipe(n){return Ii.create(this,n)}readonly(){return vc.create(this)}isOptional(){return this.safeParse(void 0).success}isNullable(){return this.safeParse(null).success}}var Hh=/^c[^\s-]{8,}$/i,zh=/^[0-9a-z]+$/,Bh=/^[0-9A-HJKMNP-TV-Z]{26}$/i,Uh=/^[0-9a-fA-F]{8}\b-[0-9a-fA-F]{4}\b-[0-9a-fA-F]{4}\b-[0-9a-fA-F]{4}\b-[0-9a-fA-F]{12}$/i,Wh=/^[a-z0-9_-]{21}$/i,Vh=/^[A-Za-z0-9-_]+\.[A-Za-z0-9-_]+\.[A-Za-z0-9-_]*$/,Yh=/^[-+]?P(?!$)(?:(?:[-+]?\d+Y)|(?:[-+]?\d+[.,]\d+Y$))?(?:(?:[-+]?\d+M)|(?:[-+]?\d+[.,]\d+M$))?(?:(?:[-+]?\d+W)|(?:[-+]?\d+[.,]\d+W$))?(?:(?:[-+]?\d+D)|(?:[-+]?\d+[.,]\d+D$))?(?:T(?=[\d+-])(?:(?:[-+]?\d+H)|(?:[-+]?\d+[.,]\d+H$))?(?:(?:[-+]?\d+M)|(?:[-+]?\d+[.,]\d+M$))?(?:[-+]?\d+(?:[.,]\d+)?S)?)??$/,Jh=/^(?!\.)(?!.*\.\.)([A-Z0-9_'+\-\.]*)[A-Z0-9_+-]@([A-Z0-9][A-Z0-9\-]*\.)+[A-Z]{2,}$/i,Xh="^(\\p{Extended_Pictographic}|\\p{Emoji_Component})+$",xf,Lh=/^(?:(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])\.){3}(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])$/,Qh=/^(?:(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])\.){3}(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])\/(3[0-2]|[12]?[0-9])$/,Gh=/^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$/,Oh=/^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))\/(12[0-8]|1[01][0-9]|[1-9]?[0-9])$/,Nh=/^([0-9a-zA-Z+/]{4})*(([0-9a-zA-Z+/]{2}==)|([0-9a-zA-Z+/]{3}=))?$/,xh=/^([0-9a-zA-Z-_]{4})*(([0-9a-zA-Z-_]{2}(==)?)|([0-9a-zA-Z-_]{3}(=)?))?$/,Sb="((\\d\\d[2468][048]|\\d\\d[13579][26]|\\d\\d0[48]|[02468][048]00|[13579][26]00)-02-29|\\d{4}-((0[13578]|1[02])-(0[1-9]|[12]\\d|3[01])|(0[469]|11)-(0[1-9]|[12]\\d|30)|(02)-(0[1-9]|1\\d|2[0-8])))",Ph=new RegExp(`^${Sb}$`);function Db(n){let r="[0-5]\\d";if(n.precision)r=`${r}\\.\\d{${n.precision}}`;else if(n.precision==null)r=`${r}(\\.\\d+)?`;let t=n.precision?"+":"?";return`([01]\\d|2[0-3]):[0-5]\\d(:${r})${t}`}function Ch(n){return new RegExp(`^${Db(n)}$`)}function kb(n){let r=`${Sb}T${Db(n)}`,t=[];if(t.push(n.local?"Z?":"Z"),n.offset)t.push("([+-]\\d{2}:?\\d{2})");return r=`${r}(${t.join("|")})`,new RegExp(`^${r}$`)}function Fh(n,r){if((r==="v4"||!r)&&Lh.test(n))return!0;if((r==="v6"||!r)&&Gh.test(n))return!0;return!1}function jh(n,r){if(!Vh.test(n))return!1;try{let[t]=n.split(".");if(!t)return!1;let o=t.replace(/-/g,"+").replace(/_/g,"/").padEnd(t.length+(4-t.length%4)%4,"="),c=JSON.parse(atob(o));if(typeof c!=="object"||c===null)return!1;if("typ"in c&&c?.typ!=="JWT")return!1;if(!c.alg)return!1;if(r&&c.alg!==r)return!1;return!0}catch{return!1}}function qh(n,r){if((r==="v4"||!r)&&Qh.test(n))return!0;if((r==="v6"||!r)&&Oh.test(n))return!0;return!1}class At extends mn{_parse(n){if(this._def.coerce)n.data=String(n.data);if(this._getType(n)!==p.string){let c=this._getOrReturnCtx(n);return T(c,{code:P.invalid_type,expected:p.string,received:c.parsedType}),sn}let t=new Rr,o=void 0;for(let c of this._def.checks)if(c.kind==="min"){if(n.data.length<c.value)o=this._getOrReturnCtx(n,o),T(o,{code:P.too_small,minimum:c.value,type:"string",inclusive:!0,exact:!1,message:c.message}),t.dirty()}else if(c.kind==="max"){if(n.data.length>c.value)o=this._getOrReturnCtx(n,o),T(o,{code:P.too_big,maximum:c.value,type:"string",inclusive:!0,exact:!1,message:c.message}),t.dirty()}else if(c.kind==="length"){let i=n.data.length>c.value,a=n.data.length<c.value;if(i||a){if(o=this._getOrReturnCtx(n,o),i)T(o,{code:P.too_big,maximum:c.value,type:"string",inclusive:!0,exact:!0,message:c.message});else if(a)T(o,{code:P.too_small,minimum:c.value,type:"string",inclusive:!0,exact:!0,message:c.message});t.dirty()}}else if(c.kind==="email"){if(!Jh.test(n.data))o=this._getOrReturnCtx(n,o),T(o,{validation:"email",code:P.invalid_string,message:c.message}),t.dirty()}else if(c.kind==="emoji"){if(!xf)xf=new RegExp(Xh,"u");if(!xf.test(n.data))o=this._getOrReturnCtx(n,o),T(o,{validation:"emoji",code:P.invalid_string,message:c.message}),t.dirty()}else if(c.kind==="uuid"){if(!Uh.test(n.data))o=this._getOrReturnCtx(n,o),T(o,{validation:"uuid",code:P.invalid_string,message:c.message}),t.dirty()}else if(c.kind==="nanoid"){if(!Wh.test(n.data))o=this._getOrReturnCtx(n,o),T(o,{validation:"nanoid",code:P.invalid_string,message:c.message}),t.dirty()}else if(c.kind==="cuid"){if(!Hh.test(n.data))o=this._getOrReturnCtx(n,o),T(o,{validation:"cuid",code:P.invalid_string,message:c.message}),t.dirty()}else if(c.kind==="cuid2"){if(!zh.test(n.data))o=this._getOrReturnCtx(n,o),T(o,{validation:"cuid2",code:P.invalid_string,message:c.message}),t.dirty()}else if(c.kind==="ulid"){if(!Bh.test(n.data))o=this._getOrReturnCtx(n,o),T(o,{validation:"ulid",code:P.invalid_string,message:c.message}),t.dirty()}else if(c.kind==="url")try{new URL(n.data)}catch{o=this._getOrReturnCtx(n,o),T(o,{validation:"url",code:P.invalid_string,message:c.message}),t.dirty()}else if(c.kind==="regex"){if(c.regex.lastIndex=0,!c.regex.test(n.data))o=this._getOrReturnCtx(n,o),T(o,{validation:"regex",code:P.invalid_string,message:c.message}),t.dirty()}else if(c.kind==="trim")n.data=n.data.trim();else if(c.kind==="includes"){if(!n.data.includes(c.value,c.position))o=this._getOrReturnCtx(n,o),T(o,{code:P.invalid_string,validation:{includes:c.value,position:c.position},message:c.message}),t.dirty()}else if(c.kind==="toLowerCase")n.data=n.data.toLowerCase();else if(c.kind==="toUpperCase")n.data=n.data.toUpperCase();else if(c.kind==="startsWith"){if(!n.data.startsWith(c.value))o=this._getOrReturnCtx(n,o),T(o,{code:P.invalid_string,validation:{startsWith:c.value},message:c.message}),t.dirty()}else if(c.kind==="endsWith"){if(!n.data.endsWith(c.value))o=this._getOrReturnCtx(n,o),T(o,{code:P.invalid_string,validation:{endsWith:c.value},message:c.message}),t.dirty()}else if(c.kind==="datetime"){if(!kb(c).test(n.data))o=this._getOrReturnCtx(n,o),T(o,{code:P.invalid_string,validation:"datetime",message:c.message}),t.dirty()}else if(c.kind==="date"){if(!Ph.test(n.data))o=this._getOrReturnCtx(n,o),T(o,{code:P.invalid_string,validation:"date",message:c.message}),t.dirty()}else if(c.kind==="time"){if(!Ch(c).test(n.data))o=this._getOrReturnCtx(n,o),T(o,{code:P.invalid_string,validation:"time",message:c.message}),t.dirty()}else if(c.kind==="duration"){if(!Yh.test(n.data))o=this._getOrReturnCtx(n,o),T(o,{validation:"duration",code:P.invalid_string,message:c.message}),t.dirty()}else if(c.kind==="ip"){if(!Fh(n.data,c.version))o=this._getOrReturnCtx(n,o),T(o,{validation:"ip",code:P.invalid_string,message:c.message}),t.dirty()}else if(c.kind==="jwt"){if(!jh(n.data,c.alg))o=this._getOrReturnCtx(n,o),T(o,{validation:"jwt",code:P.invalid_string,message:c.message}),t.dirty()}else if(c.kind==="cidr"){if(!qh(n.data,c.version))o=this._getOrReturnCtx(n,o),T(o,{validation:"cidr",code:P.invalid_string,message:c.message}),t.dirty()}else if(c.kind==="base64"){if(!Nh.test(n.data))o=this._getOrReturnCtx(n,o),T(o,{validation:"base64",code:P.invalid_string,message:c.message}),t.dirty()}else if(c.kind==="base64url"){if(!xh.test(n.data))o=this._getOrReturnCtx(n,o),T(o,{validation:"base64url",code:P.invalid_string,message:c.message}),t.dirty()}else An.assertNever(c);return{status:t.value,value:n.data}}_regex(n,r,t){return this.refinement((o)=>n.test(o),{validation:r,code:P.invalid_string,...cn.errToObj(t)})}_addCheck(n){return new At({...this._def,checks:[...this._def.checks,n]})}email(n){return this._addCheck({kind:"email",...cn.errToObj(n)})}url(n){return this._addCheck({kind:"url",...cn.errToObj(n)})}emoji(n){return this._addCheck({kind:"emoji",...cn.errToObj(n)})}uuid(n){return this._addCheck({kind:"uuid",...cn.errToObj(n)})}nanoid(n){return this._addCheck({kind:"nanoid",...cn.errToObj(n)})}cuid(n){return this._addCheck({kind:"cuid",...cn.errToObj(n)})}cuid2(n){return this._addCheck({kind:"cuid2",...cn.errToObj(n)})}ulid(n){return this._addCheck({kind:"ulid",...cn.errToObj(n)})}base64(n){return this._addCheck({kind:"base64",...cn.errToObj(n)})}base64url(n){return this._addCheck({kind:"base64url",...cn.errToObj(n)})}jwt(n){return this._addCheck({kind:"jwt",...cn.errToObj(n)})}ip(n){return this._addCheck({kind:"ip",...cn.errToObj(n)})}cidr(n){return this._addCheck({kind:"cidr",...cn.errToObj(n)})}datetime(n){if(typeof n==="string")return this._addCheck({kind:"datetime",precision:null,offset:!1,local:!1,message:n});return this._addCheck({kind:"datetime",precision:typeof n?.precision>"u"?null:n?.precision,offset:n?.offset??!1,local:n?.local??!1,...cn.errToObj(n?.message)})}date(n){return this._addCheck({kind:"date",message:n})}time(n){if(typeof n==="string")return this._addCheck({kind:"time",precision:null,message:n});return this._addCheck({kind:"time",precision:typeof n?.precision>"u"?null:n?.precision,...cn.errToObj(n?.message)})}duration(n){return this._addCheck({kind:"duration",...cn.errToObj(n)})}regex(n,r){return this._addCheck({kind:"regex",regex:n,...cn.errToObj(r)})}includes(n,r){return this._addCheck({kind:"includes",value:n,position:r?.position,...cn.errToObj(r?.message)})}startsWith(n,r){return this._addCheck({kind:"startsWith",value:n,...cn.errToObj(r)})}endsWith(n,r){return this._addCheck({kind:"endsWith",value:n,...cn.errToObj(r)})}min(n,r){return this._addCheck({kind:"min",value:n,...cn.errToObj(r)})}max(n,r){return this._addCheck({kind:"max",value:n,...cn.errToObj(r)})}length(n,r){return this._addCheck({kind:"length",value:n,...cn.errToObj(r)})}nonempty(n){return this.min(1,cn.errToObj(n))}trim(){return new At({...this._def,checks:[...this._def.checks,{kind:"trim"}]})}toLowerCase(){return new At({...this._def,checks:[...this._def.checks,{kind:"toLowerCase"}]})}toUpperCase(){return new At({...this._def,checks:[...this._def.checks,{kind:"toUpperCase"}]})}get isDatetime(){return!!this._def.checks.find((n)=>n.kind==="datetime")}get isDate(){return!!this._def.checks.find((n)=>n.kind==="date")}get isTime(){return!!this._def.checks.find((n)=>n.kind==="time")}get isDuration(){return!!this._def.checks.find((n)=>n.kind==="duration")}get isEmail(){return!!this._def.checks.find((n)=>n.kind==="email")}get isURL(){return!!this._def.checks.find((n)=>n.kind==="url")}get isEmoji(){return!!this._def.checks.find((n)=>n.kind==="emoji")}get isUUID(){return!!this._def.checks.find((n)=>n.kind==="uuid")}get isNANOID(){return!!this._def.checks.find((n)=>n.kind==="nanoid")}get isCUID(){return!!this._def.checks.find((n)=>n.kind==="cuid")}get isCUID2(){return!!this._def.checks.find((n)=>n.kind==="cuid2")}get isULID(){return!!this._def.checks.find((n)=>n.kind==="ulid")}get isIP(){return!!this._def.checks.find((n)=>n.kind==="ip")}get isCIDR(){return!!this._def.checks.find((n)=>n.kind==="cidr")}get isBase64(){return!!this._def.checks.find((n)=>n.kind==="base64")}get isBase64url(){return!!this._def.checks.find((n)=>n.kind==="base64url")}get minLength(){let n=null;for(let r of this._def.checks)if(r.kind==="min"){if(n===null||r.value>n)n=r.value}return n}get maxLength(){let n=null;for(let r of this._def.checks)if(r.kind==="max"){if(n===null||r.value<n)n=r.value}return n}}At.create=(n)=>{return new At({checks:[],typeName:_n.ZodString,coerce:n?.coerce??!1,...bn(n)})};function Kh(n,r){let t=(n.toString().split(".")[1]||"").length,o=(r.toString().split(".")[1]||"").length,c=t>o?t:o,i=Number.parseInt(n.toFixed(c).replace(".","")),a=Number.parseInt(r.toFixed(c).replace(".",""));return i%a/10**c}class Vo extends mn{constructor(){super(...arguments);this.min=this.gte,this.max=this.lte,this.step=this.multipleOf}_parse(n){if(this._def.coerce)n.data=Number(n.data);if(this._getType(n)!==p.number){let c=this._getOrReturnCtx(n);return T(c,{code:P.invalid_type,expected:p.number,received:c.parsedType}),sn}let t=void 0,o=new Rr;for(let c of this._def.checks)if(c.kind==="int"){if(!An.isInteger(n.data))t=this._getOrReturnCtx(n,t),T(t,{code:P.invalid_type,expected:"integer",received:"float",message:c.message}),o.dirty()}else if(c.kind==="min"){if(c.inclusive?n.data<c.value:n.data<=c.value)t=this._getOrReturnCtx(n,t),T(t,{code:P.too_small,minimum:c.value,type:"number",inclusive:c.inclusive,exact:!1,message:c.message}),o.dirty()}else if(c.kind==="max"){if(c.inclusive?n.data>c.value:n.data>=c.value)t=this._getOrReturnCtx(n,t),T(t,{code:P.too_big,maximum:c.value,type:"number",inclusive:c.inclusive,exact:!1,message:c.message}),o.dirty()}else if(c.kind==="multipleOf"){if(Kh(n.data,c.value)!==0)t=this._getOrReturnCtx(n,t),T(t,{code:P.not_multiple_of,multipleOf:c.value,message:c.message}),o.dirty()}else if(c.kind==="finite"){if(!Number.isFinite(n.data))t=this._getOrReturnCtx(n,t),T(t,{code:P.not_finite,message:c.message}),o.dirty()}else An.assertNever(c);return{status:o.value,value:n.data}}gte(n,r){return this.setLimit("min",n,!0,cn.toString(r))}gt(n,r){return this.setLimit("min",n,!1,cn.toString(r))}lte(n,r){return this.setLimit("max",n,!0,cn.toString(r))}lt(n,r){return this.setLimit("max",n,!1,cn.toString(r))}setLimit(n,r,t,o){return new Vo({...this._def,checks:[...this._def.checks,{kind:n,value:r,inclusive:t,message:cn.toString(o)}]})}_addCheck(n){return new Vo({...this._def,checks:[...this._def.checks,n]})}int(n){return this._addCheck({kind:"int",message:cn.toString(n)})}positive(n){return this._addCheck({kind:"min",value:0,inclusive:!1,message:cn.toString(n)})}negative(n){return this._addCheck({kind:"max",value:0,inclusive:!1,message:cn.toString(n)})}nonpositive(n){return this._addCheck({kind:"max",value:0,inclusive:!0,message:cn.toString(n)})}nonnegative(n){return this._addCheck({kind:"min",value:0,inclusive:!0,message:cn.toString(n)})}multipleOf(n,r){return this._addCheck({kind:"multipleOf",value:n,message:cn.toString(r)})}finite(n){return this._addCheck({kind:"finite",message:cn.toString(n)})}safe(n){return this._addCheck({kind:"min",inclusive:!0,value:Number.MIN_SAFE_INTEGER,message:cn.toString(n)})._addCheck({kind:"max",inclusive:!0,value:Number.MAX_SAFE_INTEGER,message:cn.toString(n)})}get minValue(){let n=null;for(let r of this._def.checks)if(r.kind==="min"){if(n===null||r.value>n)n=r.value}return n}get maxValue(){let n=null;for(let r of this._def.checks)if(r.kind==="max"){if(n===null||r.value<n)n=r.value}return n}get isInt(){return!!this._def.checks.find((n)=>n.kind==="int"||n.kind==="multipleOf"&&An.isInteger(n.value))}get isFinite(){let n=null,r=null;for(let t of this._def.checks)if(t.kind==="finite"||t.kind==="int"||t.kind==="multipleOf")return!0;else if(t.kind==="min"){if(r===null||t.value>r)r=t.value}else if(t.kind==="max"){if(n===null||t.value<n)n=t.value}return Number.isFinite(r)&&Number.isFinite(n)}}Vo.create=(n)=>{return new Vo({checks:[],typeName:_n.ZodNumber,coerce:n?.coerce||!1,...bn(n)})};class Yo extends mn{constructor(){super(...arguments);this.min=this.gte,this.max=this.lte}_parse(n){if(this._def.coerce)try{n.data=BigInt(n.data)}catch{return this._getInvalidInput(n)}if(this._getType(n)!==p.bigint)return this._getInvalidInput(n);let t=void 0,o=new Rr;for(let c of this._def.checks)if(c.kind==="min"){if(c.inclusive?n.data<c.value:n.data<=c.value)t=this._getOrReturnCtx(n,t),T(t,{code:P.too_small,type:"bigint",minimum:c.value,inclusive:c.inclusive,message:c.message}),o.dirty()}else if(c.kind==="max"){if(c.inclusive?n.data>c.value:n.data>=c.value)t=this._getOrReturnCtx(n,t),T(t,{code:P.too_big,type:"bigint",maximum:c.value,inclusive:c.inclusive,message:c.message}),o.dirty()}else if(c.kind==="multipleOf"){if(n.data%c.value!==BigInt(0))t=this._getOrReturnCtx(n,t),T(t,{code:P.not_multiple_of,multipleOf:c.value,message:c.message}),o.dirty()}else An.assertNever(c);return{status:o.value,value:n.data}}_getInvalidInput(n){let r=this._getOrReturnCtx(n);return T(r,{code:P.invalid_type,expected:p.bigint,received:r.parsedType}),sn}gte(n,r){return this.setLimit("min",n,!0,cn.toString(r))}gt(n,r){return this.setLimit("min",n,!1,cn.toString(r))}lte(n,r){return this.setLimit("max",n,!0,cn.toString(r))}lt(n,r){return this.setLimit("max",n,!1,cn.toString(r))}setLimit(n,r,t,o){return new Yo({...this._def,checks:[...this._def.checks,{kind:n,value:r,inclusive:t,message:cn.toString(o)}]})}_addCheck(n){return new Yo({...this._def,checks:[...this._def.checks,n]})}positive(n){return this._addCheck({kind:"min",value:BigInt(0),inclusive:!1,message:cn.toString(n)})}negative(n){return this._addCheck({kind:"max",value:BigInt(0),inclusive:!1,message:cn.toString(n)})}nonpositive(n){return this._addCheck({kind:"max",value:BigInt(0),inclusive:!0,message:cn.toString(n)})}nonnegative(n){return this._addCheck({kind:"min",value:BigInt(0),inclusive:!0,message:cn.toString(n)})}multipleOf(n,r){return this._addCheck({kind:"multipleOf",value:n,message:cn.toString(r)})}get minValue(){let n=null;for(let r of this._def.checks)if(r.kind==="min"){if(n===null||r.value>n)n=r.value}return n}get maxValue(){let n=null;for(let r of this._def.checks)if(r.kind==="max"){if(n===null||r.value<n)n=r.value}return n}}Yo.create=(n)=>{return new Yo({checks:[],typeName:_n.ZodBigInt,coerce:n?.coerce??!1,...bn(n)})};class Gc extends mn{_parse(n){if(this._def.coerce)n.data=Boolean(n.data);if(this._getType(n)!==p.boolean){let t=this._getOrReturnCtx(n);return T(t,{code:P.invalid_type,expected:p.boolean,received:t.parsedType}),sn}return Vr(n.data)}}Gc.create=(n)=>{return new Gc({typeName:_n.ZodBoolean,coerce:n?.coerce||!1,...bn(n)})};class ac extends mn{_parse(n){if(this._def.coerce)n.data=new Date(n.data);if(this._getType(n)!==p.date){let c=this._getOrReturnCtx(n);return T(c,{code:P.invalid_type,expected:p.date,received:c.parsedType}),sn}if(Number.isNaN(n.data.getTime())){let c=this._getOrReturnCtx(n);return T(c,{code:P.invalid_date}),sn}let t=new Rr,o=void 0;for(let c of this._def.checks)if(c.kind==="min"){if(n.data.getTime()<c.value)o=this._getOrReturnCtx(n,o),T(o,{code:P.too_small,message:c.message,inclusive:!0,exact:!1,minimum:c.value,type:"date"}),t.dirty()}else if(c.kind==="max"){if(n.data.getTime()>c.value)o=this._getOrReturnCtx(n,o),T(o,{code:P.too_big,message:c.message,inclusive:!0,exact:!1,maximum:c.value,type:"date"}),t.dirty()}else An.assertNever(c);return{status:t.value,value:new Date(n.data.getTime())}}_addCheck(n){return new ac({...this._def,checks:[...this._def.checks,n]})}min(n,r){return this._addCheck({kind:"min",value:n.getTime(),message:cn.toString(r)})}max(n,r){return this._addCheck({kind:"max",value:n.getTime(),message:cn.toString(r)})}get minDate(){let n=null;for(let r of this._def.checks)if(r.kind==="min"){if(n===null||r.value>n)n=r.value}return n!=null?new Date(n):null}get maxDate(){let n=null;for(let r of this._def.checks)if(r.kind==="max"){if(n===null||r.value<n)n=r.value}return n!=null?new Date(n):null}}ac.create=(n)=>{return new ac({checks:[],coerce:n?.coerce||!1,typeName:_n.ZodDate,...bn(n)})};class ji extends mn{_parse(n){if(this._getType(n)!==p.symbol){let t=this._getOrReturnCtx(n);return T(t,{code:P.invalid_type,expected:p.symbol,received:t.parsedType}),sn}return Vr(n.data)}}ji.create=(n)=>{return new ji({typeName:_n.ZodSymbol,...bn(n)})};class Oc extends mn{_parse(n){if(this._getType(n)!==p.undefined){let t=this._getOrReturnCtx(n);return T(t,{code:P.invalid_type,expected:p.undefined,received:t.parsedType}),sn}return Vr(n.data)}}Oc.create=(n)=>{return new Oc({typeName:_n.ZodUndefined,...bn(n)})};class Nc extends mn{_parse(n){if(this._getType(n)!==p.null){let t=this._getOrReturnCtx(n);return T(t,{code:P.invalid_type,expected:p.null,received:t.parsedType}),sn}return Vr(n.data)}}Nc.create=(n)=>{return new Nc({typeName:_n.ZodNull,...bn(n)})};class ec extends mn{constructor(){super(...arguments);this._any=!0}_parse(n){return Vr(n.data)}}ec.create=(n)=>{return new ec({typeName:_n.ZodAny,...bn(n)})};class Wo extends mn{constructor(){super(...arguments);this._unknown=!0}_parse(n){return Vr(n.data)}}Wo.create=(n)=>{return new Wo({typeName:_n.ZodUnknown,...bn(n)})};class Pt extends mn{_parse(n){let r=this._getOrReturnCtx(n);return T(r,{code:P.invalid_type,expected:p.never,received:r.parsedType}),sn}}Pt.create=(n)=>{return new Pt({typeName:_n.ZodNever,...bn(n)})};class qi extends mn{_parse(n){if(this._getType(n)!==p.undefined){let t=this._getOrReturnCtx(n);return T(t,{code:P.invalid_type,expected:p.void,received:t.parsedType}),sn}return Vr(n.data)}}qi.create=(n)=>{return new qi({typeName:_n.ZodVoid,...bn(n)})};class Et extends mn{_parse(n){let{ctx:r,status:t}=this._processInputParams(n),o=this._def;if(r.parsedType!==p.array)return T(r,{code:P.invalid_type,expected:p.array,received:r.parsedType}),sn;if(o.exactLength!==null){let i=r.data.length>o.exactLength.value,a=r.data.length<o.exactLength.value;if(i||a)T(r,{code:i?P.too_big:P.too_small,minimum:a?o.exactLength.value:void 0,maximum:i?o.exactLength.value:void 0,type:"array",inclusive:!0,exact:!0,message:o.exactLength.message}),t.dirty()}if(o.minLength!==null){if(r.data.length<o.minLength.value)T(r,{code:P.too_small,minimum:o.minLength.value,type:"array",inclusive:!0,exact:!1,message:o.minLength.message}),t.dirty()}if(o.maxLength!==null){if(r.data.length>o.maxLength.value)T(r,{code:P.too_big,maximum:o.maxLength.value,type:"array",inclusive:!0,exact:!1,message:o.maxLength.message}),t.dirty()}if(r.common.async)return Promise.all([...r.data].map((i,a)=>{return o.type._parseAsync(new Dt(r,i,r.path,a))})).then((i)=>{return Rr.mergeArray(t,i)});let c=[...r.data].map((i,a)=>{return o.type._parseSync(new Dt(r,i,r.path,a))});return Rr.mergeArray(t,c)}get element(){return this._def.type}min(n,r){return new Et({...this._def,minLength:{value:n,message:cn.toString(r)}})}max(n,r){return new Et({...this._def,maxLength:{value:n,message:cn.toString(r)}})}length(n,r){return new Et({...this._def,exactLength:{value:n,message:cn.toString(r)}})}nonempty(n){return this.min(1,n)}}Et.create=(n,r)=>{return new Et({type:n,minLength:null,maxLength:null,exactLength:null,typeName:_n.ZodArray,...bn(r)})};function Lc(n){if(n instanceof nr){let r={};for(let t in n.shape){let o=n.shape[t];r[t]=St.create(Lc(o))}return new nr({...n._def,shape:()=>r})}else if(n instanceof Et)return new Et({...n._def,type:Lc(n.element)});else if(n instanceof St)return St.create(Lc(n.unwrap()));else if(n instanceof io)return io.create(Lc(n.unwrap()));else if(n instanceof Ct)return Ct.create(n.items.map((r)=>Lc(r)));else return n}class nr extends mn{constructor(){super(...arguments);this._cached=null,this.nonstrict=this.passthrough,this.augment=this.extend}_getCached(){if(this._cached!==null)return this._cached;let n=this._def.shape(),r=An.objectKeys(n);return this._cached={shape:n,keys:r},this._cached}_parse(n){if(this._getType(n)!==p.object){let s=this._getOrReturnCtx(n);return T(s,{code:P.invalid_type,expected:p.object,received:s.parsedType}),sn}let{status:t,ctx:o}=this._processInputParams(n),{shape:c,keys:i}=this._getCached(),a=[];if(!(this._def.catchall instanceof Pt&&this._def.unknownKeys==="strip")){for(let s in o.data)if(!i.includes(s))a.push(s)}let e=[];for(let s of i){let f=c[s],d=o.data[s];e.push({key:{status:"valid",value:s},value:f._parse(new Dt(o,d,o.path,s)),alwaysSet:s in o.data})}if(this._def.catchall instanceof Pt){let s=this._def.unknownKeys;if(s==="passthrough")for(let f of a)e.push({key:{status:"valid",value:f},value:{status:"valid",value:o.data[f]}});else if(s==="strict"){if(a.length>0)T(o,{code:P.unrecognized_keys,keys:a}),t.dirty()}else if(s==="strip");else throw Error("Internal ZodObject error: invalid unknownKeys value.")}else{let s=this._def.catchall;for(let f of a){let d=o.data[f];e.push({key:{status:"valid",value:f},value:s._parse(new Dt(o,d,o.path,f)),alwaysSet:f in o.data})}}if(o.common.async)return Promise.resolve().then(async()=>{let s=[];for(let f of e){let d=await f.key,_=await f.value;s.push({key:d,value:_,alwaysSet:f.alwaysSet})}return s}).then((s)=>{return Rr.mergeObjectSync(t,s)});else return Rr.mergeObjectSync(t,e)}get shape(){return this._def.shape()}strict(n){return cn.errToObj,new nr({...this._def,unknownKeys:"strict",...n!==void 0?{errorMap:(r,t)=>{let o=this._def.errorMap?.(r,t).message??t.defaultError;if(r.code==="unrecognized_keys")return{message:cn.errToObj(n).message??o};return{message:o}}}:{}})}strip(){return new nr({...this._def,unknownKeys:"strip"})}passthrough(){return new nr({...this._def,unknownKeys:"passthrough"})}extend(n){return new nr({...this._def,shape:()=>({...this._def.shape(),...n})})}merge(n){return new nr({unknownKeys:n._def.unknownKeys,catchall:n._def.catchall,shape:()=>({...this._def.shape(),...n._def.shape()}),typeName:_n.ZodObject})}setKey(n,r){return this.augment({[n]:r})}catchall(n){return new nr({...this._def,catchall:n})}pick(n){let r={};for(let t of An.objectKeys(n))if(n[t]&&this.shape[t])r[t]=this.shape[t];return new nr({...this._def,shape:()=>r})}omit(n){let r={};for(let t of An.objectKeys(this.shape))if(!n[t])r[t]=this.shape[t];return new nr({...this._def,shape:()=>r})}deepPartial(){return Lc(this)}partial(n){let r={};for(let t of An.objectKeys(this.shape)){let o=this.shape[t];if(n&&!n[t])r[t]=o;else r[t]=o.optional()}return new nr({...this._def,shape:()=>r})}required(n){let r={};for(let t of An.objectKeys(this.shape))if(n&&!n[t])r[t]=this.shape[t];else{let c=this.shape[t];while(c instanceof St)c=c._def.innerType;r[t]=c}return new nr({...this._def,shape:()=>r})}keyof(){return Mb(An.objectKeys(this.shape))}}nr.create=(n,r)=>{return new nr({shape:()=>n,unknownKeys:"strip",catchall:Pt.create(),typeName:_n.ZodObject,...bn(r)})};nr.strictCreate=(n,r)=>{return new nr({shape:()=>n,unknownKeys:"strict",catchall:Pt.create(),typeName:_n.ZodObject,...bn(r)})};nr.lazycreate=(n,r)=>{return new nr({shape:n,unknownKeys:"strip",catchall:Pt.create(),typeName:_n.ZodObject,...bn(r)})};class xc extends mn{_parse(n){let{ctx:r}=this._processInputParams(n),t=this._def.options;function o(c){for(let a of c)if(a.result.status==="valid")return a.result;for(let a of c)if(a.result.status==="dirty")return r.common.issues.push(...a.ctx.common.issues),a.result;let i=c.map((a)=>new xr(a.ctx.common.issues));return T(r,{code:P.invalid_union,unionErrors:i}),sn}if(r.common.async)return Promise.all(t.map(async(c)=>{let i={...r,common:{...r.common,issues:[]},parent:null};return{result:await c._parseAsync({data:r.data,path:r.path,parent:i}),ctx:i}})).then(o);else{let c=void 0,i=[];for(let e of t){let s={...r,common:{...r.common,issues:[]},parent:null},f=e._parseSync({data:r.data,path:r.path,parent:s});if(f.status==="valid")return f;else if(f.status==="dirty"&&!c)c={result:f,ctx:s};if(s.common.issues.length)i.push(s.common.issues)}if(c)return r.common.issues.push(...c.ctx.common.issues),c.result;let a=i.map((e)=>new xr(e));return T(r,{code:P.invalid_union,unionErrors:a}),sn}}get options(){return this._def.options}}xc.create=(n,r)=>{return new xc({options:n,typeName:_n.ZodUnion,...bn(r)})};var co=(n)=>{if(n instanceof Cc)return co(n.schema);else if(n instanceof kt)return co(n.innerType());else if(n instanceof Fc)return[n.value];else if(n instanceof Jo)return n.options;else if(n instanceof jc)return An.objectValues(n.enum);else if(n instanceof qc)return co(n._def.innerType);else if(n instanceof Oc)return[void 0];else if(n instanceof Nc)return[null];else if(n instanceof St)return[void 0,...co(n.unwrap())];else if(n instanceof io)return[null,...co(n.unwrap())];else if(n instanceof Re)return co(n.unwrap());else if(n instanceof vc)return co(n.unwrap());else if(n instanceof Kc)return co(n._def.innerType);else return[]};class Me extends mn{_parse(n){let{ctx:r}=this._processInputParams(n);if(r.parsedType!==p.object)return T(r,{code:P.invalid_type,expected:p.object,received:r.parsedType}),sn;let t=this.discriminator,o=r.data[t],c=this.optionsMap.get(o);if(!c)return T(r,{code:P.invalid_union_discriminator,options:Array.from(this.optionsMap.keys()),path:[t]}),sn;if(r.common.async)return c._parseAsync({data:r.data,path:r.path,parent:r});else return c._parseSync({data:r.data,path:r.path,parent:r})}get discriminator(){return this._def.discriminator}get options(){return this._def.options}get optionsMap(){return this._def.optionsMap}static create(n,r,t){let o=new Map;for(let c of r){let i=co(c.shape[n]);if(!i.length)throw Error(`A discriminator value for key \`${n}\` could not be extracted from all schema options`);for(let a of i){if(o.has(a))throw Error(`Discriminator property ${String(n)} has duplicate value ${String(a)}`);o.set(a,c)}}return new Me({typeName:_n.ZodDiscriminatedUnion,discriminator:n,options:r,optionsMap:o,...bn(t)})}}function Pf(n,r){let t=xt(n),o=xt(r);if(n===r)return{valid:!0,data:n};else if(t===p.object&&o===p.object){let c=An.objectKeys(r),i=An.objectKeys(n).filter((e)=>c.indexOf(e)!==-1),a={...n,...r};for(let e of i){let s=Pf(n[e],r[e]);if(!s.valid)return{valid:!1};a[e]=s.data}return{valid:!0,data:a}}else if(t===p.array&&o===p.array){if(n.length!==r.length)return{valid:!1};let c=[];for(let i=0;i<n.length;i++){let a=n[i],e=r[i],s=Pf(a,e);if(!s.valid)return{valid:!1};c.push(s.data)}return{valid:!0,data:c}}else if(t===p.date&&o===p.date&&+n===+r)return{valid:!0,data:n};else return{valid:!1}}class Pc extends mn{_parse(n){let{status:r,ctx:t}=this._processInputParams(n),o=(c,i)=>{if(De(c)||De(i))return sn;let a=Pf(c.value,i.value);if(!a.valid)return T(t,{code:P.invalid_intersection_types}),sn;if(ke(c)||ke(i))r.dirty();return{status:r.value,value:a.data}};if(t.common.async)return Promise.all([this._def.left._parseAsync({data:t.data,path:t.path,parent:t}),this._def.right._parseAsync({data:t.data,path:t.path,parent:t})]).then(([c,i])=>o(c,i));else return o(this._def.left._parseSync({data:t.data,path:t.path,parent:t}),this._def.right._parseSync({data:t.data,path:t.path,parent:t}))}}Pc.create=(n,r,t)=>{return new Pc({left:n,right:r,typeName:_n.ZodIntersection,...bn(t)})};class Ct extends mn{_parse(n){let{status:r,ctx:t}=this._processInputParams(n);if(t.parsedType!==p.array)return T(t,{code:P.invalid_type,expected:p.array,received:t.parsedType}),sn;if(t.data.length<this._def.items.length)return T(t,{code:P.too_small,minimum:this._def.items.length,inclusive:!0,exact:!1,type:"array"}),sn;if(!this._def.rest&&t.data.length>this._def.items.length)T(t,{code:P.too_big,maximum:this._def.items.length,inclusive:!0,exact:!1,type:"array"}),r.dirty();let c=[...t.data].map((i,a)=>{let e=this._def.items[a]||this._def.rest;if(!e)return null;return e._parse(new Dt(t,i,t.path,a))}).filter((i)=>!!i);if(t.common.async)return Promise.all(c).then((i)=>{return Rr.mergeArray(r,i)});else return Rr.mergeArray(r,c)}get items(){return this._def.items}rest(n){return new Ct({...this._def,rest:n})}}Ct.create=(n,r)=>{if(!Array.isArray(n))throw Error("You must pass an array of schemas to z.tuple([ ... ])");return new Ct({items:n,typeName:_n.ZodTuple,rest:null,...bn(r)})};class Ki extends mn{get keySchema(){return this._def.keyType}get valueSchema(){return this._def.valueType}_parse(n){let{status:r,ctx:t}=this._processInputParams(n);if(t.parsedType!==p.object)return T(t,{code:P.invalid_type,expected:p.object,received:t.parsedType}),sn;let o=[],c=this._def.keyType,i=this._def.valueType;for(let a in t.data)o.push({key:c._parse(new Dt(t,a,t.path,a)),value:i._parse(new Dt(t,t.data[a],t.path,a)),alwaysSet:a in t.data});if(t.common.async)return Rr.mergeObjectAsync(r,o);else return Rr.mergeObjectSync(r,o)}get element(){return this._def.valueType}static create(n,r,t){if(r instanceof mn)return new Ki({keyType:n,valueType:r,typeName:_n.ZodRecord,...bn(t)});return new Ki({keyType:At.create(),valueType:n,typeName:_n.ZodRecord,...bn(r)})}}class vi extends mn{get keySchema(){return this._def.keyType}get valueSchema(){return this._def.valueType}_parse(n){let{status:r,ctx:t}=this._processInputParams(n);if(t.parsedType!==p.map)return T(t,{code:P.invalid_type,expected:p.map,received:t.parsedType}),sn;let o=this._def.keyType,c=this._def.valueType,i=[...t.data.entries()].map(([a,e],s)=>{return{key:o._parse(new Dt(t,a,t.path,[s,"key"])),value:c._parse(new Dt(t,e,t.path,[s,"value"]))}});if(t.common.async){let a=new Map;return Promise.resolve().then(async()=>{for(let e of i){let s=await e.key,f=await e.value;if(s.status==="aborted"||f.status==="aborted")return sn;if(s.status==="dirty"||f.status==="dirty")r.dirty();a.set(s.value,f.value)}return{status:r.value,value:a}})}else{let a=new Map;for(let e of i){let{key:s,value:f}=e;if(s.status==="aborted"||f.status==="aborted")return sn;if(s.status==="dirty"||f.status==="dirty")r.dirty();a.set(s.value,f.value)}return{status:r.value,value:a}}}}vi.create=(n,r,t)=>{return new vi({valueType:r,keyType:n,typeName:_n.ZodMap,...bn(t)})};class sc extends mn{_parse(n){let{status:r,ctx:t}=this._processInputParams(n);if(t.parsedType!==p.set)return T(t,{code:P.invalid_type,expected:p.set,received:t.parsedType}),sn;let o=this._def;if(o.minSize!==null){if(t.data.size<o.minSize.value)T(t,{code:P.too_small,minimum:o.minSize.value,type:"set",inclusive:!0,exact:!1,message:o.minSize.message}),r.dirty()}if(o.maxSize!==null){if(t.data.size>o.maxSize.value)T(t,{code:P.too_big,maximum:o.maxSize.value,type:"set",inclusive:!0,exact:!1,message:o.maxSize.message}),r.dirty()}let c=this._def.valueType;function i(e){let s=new Set;for(let f of e){if(f.status==="aborted")return sn;if(f.status==="dirty")r.dirty();s.add(f.value)}return{status:r.value,value:s}}let a=[...t.data.values()].map((e,s)=>c._parse(new Dt(t,e,t.path,s)));if(t.common.async)return Promise.all(a).then((e)=>i(e));else return i(a)}min(n,r){return new sc({...this._def,minSize:{value:n,message:cn.toString(r)}})}max(n,r){return new sc({...this._def,maxSize:{value:n,message:cn.toString(r)}})}size(n,r){return this.min(n,r).max(n,r)}nonempty(n){return this.min(1,n)}}sc.create=(n,r)=>{return new sc({valueType:n,minSize:null,maxSize:null,typeName:_n.ZodSet,...bn(r)})};class Qc extends mn{constructor(){super(...arguments);this.validate=this.implement}_parse(n){let{ctx:r}=this._processInputParams(n);if(r.parsedType!==p.function)return T(r,{code:P.invalid_type,expected:p.function,received:r.parsedType}),sn;function t(a,e){return Fi({data:a,path:r.path,errorMaps:[r.common.contextualErrorMap,r.schemaErrorMap,Jc(),oo].filter((s)=>!!s),issueData:{code:P.invalid_arguments,argumentsError:e}})}function o(a,e){return Fi({data:a,path:r.path,errorMaps:[r.common.contextualErrorMap,r.schemaErrorMap,Jc(),oo].filter((s)=>!!s),issueData:{code:P.invalid_return_type,returnTypeError:e}})}let c={errorMap:r.common.contextualErrorMap},i=r.data;if(this._def.returns instanceof fc){let a=this;return Vr(async function(...e){let s=new xr([]),f=await a._def.args.parseAsync(e,c).catch((w)=>{throw s.addIssue(t(e,w)),s}),d=await Reflect.apply(i,this,f);return await a._def.returns._def.type.parseAsync(d,c).catch((w)=>{throw s.addIssue(o(d,w)),s})})}else{let a=this;return Vr(function(...e){let s=a._def.args.safeParse(e,c);if(!s.success)throw new xr([t(e,s.error)]);let f=Reflect.apply(i,this,s.data),d=a._def.returns.safeParse(f,c);if(!d.success)throw new xr([o(f,d.error)]);return d.data})}}parameters(){return this._def.args}returnType(){return this._def.returns}args(...n){return new Qc({...this._def,args:Ct.create(n).rest(Wo.create())})}returns(n){return new Qc({...this._def,returns:n})}implement(n){return this.parse(n)}strictImplement(n){return this.parse(n)}static create(n,r,t){return new Qc({args:n?n:Ct.create([]).rest(Wo.create()),returns:r||Wo.create(),typeName:_n.ZodFunction,...bn(t)})}}class Cc extends mn{get schema(){return this._def.getter()}_parse(n){let{ctx:r}=this._processInputParams(n);return this._def.getter()._parse({data:r.data,path:r.path,parent:r})}}Cc.create=(n,r)=>{return new Cc({getter:n,typeName:_n.ZodLazy,...bn(r)})};class Fc extends mn{_parse(n){if(n.data!==this._def.value){let r=this._getOrReturnCtx(n);return T(r,{received:r.data,code:P.invalid_literal,expected:this._def.value}),sn}return{status:"valid",value:n.data}}get value(){return this._def.value}}Fc.create=(n,r)=>{return new Fc({value:n,typeName:_n.ZodLiteral,...bn(r)})};function Mb(n,r){return new Jo({values:n,typeName:_n.ZodEnum,...bn(r)})}class Jo extends mn{_parse(n){if(typeof n.data!=="string"){let r=this._getOrReturnCtx(n),t=this._def.values;return T(r,{expected:An.joinValues(t),received:r.parsedType,code:P.invalid_type}),sn}if(!this._cache)this._cache=new Set(this._def.values);if(!this._cache.has(n.data)){let r=this._getOrReturnCtx(n),t=this._def.values;return T(r,{received:r.data,code:P.invalid_enum_value,options:t}),sn}return Vr(n.data)}get options(){return this._def.values}get enum(){let n={};for(let r of this._def.values)n[r]=r;return n}get Values(){let n={};for(let r of this._def.values)n[r]=r;return n}get Enum(){let n={};for(let r of this._def.values)n[r]=r;return n}extract(n,r=this._def){return Jo.create(n,{...this._def,...r})}exclude(n,r=this._def){return Jo.create(this.options.filter((t)=>!n.includes(t)),{...this._def,...r})}}Jo.create=Mb;class jc extends mn{_parse(n){let r=An.getValidEnumValues(this._def.values),t=this._getOrReturnCtx(n);if(t.parsedType!==p.string&&t.parsedType!==p.number){let o=An.objectValues(r);return T(t,{expected:An.joinValues(o),received:t.parsedType,code:P.invalid_type}),sn}if(!this._cache)this._cache=new Set(An.getValidEnumValues(this._def.values));if(!this._cache.has(n.data)){let o=An.objectValues(r);return T(t,{received:t.data,code:P.invalid_enum_value,options:o}),sn}return Vr(n.data)}get enum(){return this._def.values}}jc.create=(n,r)=>{return new jc({values:n,typeName:_n.ZodNativeEnum,...bn(r)})};class fc extends mn{unwrap(){return this._def.type}_parse(n){let{ctx:r}=this._processInputParams(n);if(r.parsedType!==p.promise&&r.common.async===!1)return T(r,{code:P.invalid_type,expected:p.promise,received:r.parsedType}),sn;let t=r.parsedType===p.promise?r.data:Promise.resolve(r.data);return Vr(t.then((o)=>{return this._def.type.parseAsync(o,{path:r.path,errorMap:r.common.contextualErrorMap})}))}}fc.create=(n,r)=>{return new fc({type:n,typeName:_n.ZodPromise,...bn(r)})};class kt extends mn{innerType(){return this._def.schema}sourceType(){return this._def.schema._def.typeName===_n.ZodEffects?this._def.schema.sourceType():this._def.schema}_parse(n){let{status:r,ctx:t}=this._processInputParams(n),o=this._def.effect||null,c={addIssue:(i)=>{if(T(t,i),i.fatal)r.abort();else r.dirty()},get path(){return t.path}};if(c.addIssue=c.addIssue.bind(c),o.type==="preprocess"){let i=o.transform(t.data,c);if(t.common.async)return Promise.resolve(i).then(async(a)=>{if(r.value==="aborted")return sn;let e=await this._def.schema._parseAsync({data:a,path:t.path,parent:t});if(e.status==="aborted")return sn;if(e.status==="dirty")return ic(e.value);if(r.value==="dirty")return ic(e.value);return e});else{if(r.value==="aborted")return sn;let a=this._def.schema._parseSync({data:i,path:t.path,parent:t});if(a.status==="aborted")return sn;if(a.status==="dirty")return ic(a.value);if(r.value==="dirty")return ic(a.value);return a}}if(o.type==="refinement"){let i=(a)=>{let e=o.refinement(a,c);if(t.common.async)return Promise.resolve(e);if(e instanceof Promise)throw Error("Async refinement encountered during synchronous parse operation. Use .parseAsync instead.");return a};if(t.common.async===!1){let a=this._def.schema._parseSync({data:t.data,path:t.path,parent:t});if(a.status==="aborted")return sn;if(a.status==="dirty")r.dirty();return i(a.value),{status:r.value,value:a.value}}else return this._def.schema._parseAsync({data:t.data,path:t.path,parent:t}).then((a)=>{if(a.status==="aborted")return sn;if(a.status==="dirty")r.dirty();return i(a.value).then(()=>{return{status:r.value,value:a.value}})})}if(o.type==="transform")if(t.common.async===!1){let i=this._def.schema._parseSync({data:t.data,path:t.path,parent:t});if(!Uo(i))return sn;let a=o.transform(i.value,c);if(a instanceof Promise)throw Error("Asynchronous transform encountered during synchronous parse operation. Use .parseAsync instead.");return{status:r.value,value:a}}else return this._def.schema._parseAsync({data:t.data,path:t.path,parent:t}).then((i)=>{if(!Uo(i))return sn;return Promise.resolve(o.transform(i.value,c)).then((a)=>({status:r.value,value:a}))});An.assertNever(o)}}kt.create=(n,r,t)=>{return new kt({schema:n,typeName:_n.ZodEffects,effect:r,...bn(t)})};kt.createWithPreprocess=(n,r,t)=>{return new kt({schema:r,effect:{type:"preprocess",transform:n},typeName:_n.ZodEffects,...bn(t)})};class St extends mn{_parse(n){if(this._getType(n)===p.undefined)return Vr(void 0);return this._def.innerType._parse(n)}unwrap(){return this._def.innerType}}St.create=(n,r)=>{return new St({innerType:n,typeName:_n.ZodOptional,...bn(r)})};class io extends mn{_parse(n){if(this._getType(n)===p.null)return Vr(null);return this._def.innerType._parse(n)}unwrap(){return this._def.innerType}}io.create=(n,r)=>{return new io({innerType:n,typeName:_n.ZodNullable,...bn(r)})};class qc extends mn{_parse(n){let{ctx:r}=this._processInputParams(n),t=r.data;if(r.parsedType===p.undefined)t=this._def.defaultValue();return this._def.innerType._parse({data:t,path:r.path,parent:r})}removeDefault(){return this._def.innerType}}qc.create=(n,r)=>{return new qc({innerType:n,typeName:_n.ZodDefault,defaultValue:typeof r.default==="function"?r.default:()=>r.default,...bn(r)})};class Kc extends mn{_parse(n){let{ctx:r}=this._processInputParams(n),t={...r,common:{...r.common,issues:[]}},o=this._def.innerType._parse({data:t.data,path:t.path,parent:{...t}});if(Xc(o))return o.then((c)=>{return{status:"valid",value:c.status==="valid"?c.value:this._def.catchValue({get error(){return new xr(t.common.issues)},input:t.data})}});else return{status:"valid",value:o.status==="valid"?o.value:this._def.catchValue({get error(){return new xr(t.common.issues)},input:t.data})}}removeCatch(){return this._def.innerType}}Kc.create=(n,r)=>{return new Kc({innerType:n,typeName:_n.ZodCatch,catchValue:typeof r.catch==="function"?r.catch:()=>r.catch,...bn(r)})};class Zi extends mn{_parse(n){if(this._getType(n)!==p.nan){let t=this._getOrReturnCtx(n);return T(t,{code:P.invalid_type,expected:p.nan,received:t.parsedType}),sn}return{status:"valid",value:n.data}}}Zi.create=(n)=>{return new Zi({typeName:_n.ZodNaN,...bn(n)})};var vh=Symbol("zod_brand");class Re extends mn{_parse(n){let{ctx:r}=this._processInputParams(n),t=r.data;return this._def.type._parse({data:t,path:r.path,parent:r})}unwrap(){return this._def.type}}class Ii extends mn{_parse(n){let{status:r,ctx:t}=this._processInputParams(n);if(t.common.async)return(async()=>{let c=await this._def.in._parseAsync({data:t.data,path:t.path,parent:t});if(c.status==="aborted")return sn;if(c.status==="dirty")return r.dirty(),ic(c.value);else return this._def.out._parseAsync({data:c.value,path:t.path,parent:t})})();else{let o=this._def.in._parseSync({data:t.data,path:t.path,parent:t});if(o.status==="aborted")return sn;if(o.status==="dirty")return r.dirty(),{status:"dirty",value:o.value};else return this._def.out._parseSync({data:o.value,path:t.path,parent:t})}}static create(n,r){return new Ii({in:n,out:r,typeName:_n.ZodPipeline})}}class vc extends mn{_parse(n){let r=this._def.innerType._parse(n),t=(o)=>{if(Uo(o))o.value=Object.freeze(o.value);return o};return Xc(r)?r.then((o)=>t(o)):t(r)}unwrap(){return this._def.innerType}}vc.create=(n,r)=>{return new vc({innerType:n,typeName:_n.ZodReadonly,...bn(r)})};function Eb(n,r){let t=typeof n==="function"?n(r):typeof n==="string"?{message:n}:n;return typeof t==="string"?{message:t}:t}function Rb(n,r={},t){if(n)return ec.create().superRefine((o,c)=>{let i=n(o);if(i instanceof Promise)return i.then((a)=>{if(!a){let e=Eb(r,o),s=e.fatal??t??!0;c.addIssue({code:"custom",...e,fatal:s})}});if(!i){let a=Eb(r,o),e=a.fatal??t??!0;c.addIssue({code:"custom",...a,fatal:e})}return});return ec.create()}var Zh={object:nr.lazycreate},_n;(function(n){n.ZodString="ZodString",n.ZodNumber="ZodNumber",n.ZodNaN="ZodNaN",n.ZodBigInt="ZodBigInt",n.ZodBoolean="ZodBoolean",n.ZodDate="ZodDate",n.ZodSymbol="ZodSymbol",n.ZodUndefined="ZodUndefined",n.ZodNull="ZodNull",n.ZodAny="ZodAny",n.ZodUnknown="ZodUnknown",n.ZodNever="ZodNever",n.ZodVoid="ZodVoid",n.ZodArray="ZodArray",n.ZodObject="ZodObject",n.ZodUnion="ZodUnion",n.ZodDiscriminatedUnion="ZodDiscriminatedUnion",n.ZodIntersection="ZodIntersection",n.ZodTuple="ZodTuple",n.ZodRecord="ZodRecord",n.ZodMap="ZodMap",n.ZodSet="ZodSet",n.ZodFunction="ZodFunction",n.ZodLazy="ZodLazy",n.ZodLiteral="ZodLiteral",n.ZodEnum="ZodEnum",n.ZodEffects="ZodEffects",n.ZodNativeEnum="ZodNativeEnum",n.ZodOptional="ZodOptional",n.ZodNullable="ZodNullable",n.ZodDefault="ZodDefault",n.ZodCatch="ZodCatch",n.ZodPromise="ZodPromise",n.ZodBranded="ZodBranded",n.ZodPipeline="ZodPipeline",n.ZodReadonly="ZodReadonly"})(_n||(_n={}));var Ih=(n,r={message:`Input not instance of ${n.name}`})=>Rb((t)=>t instanceof n,r),Hb=At.create,zb=Vo.create,ph=Zi.create,yh=Yo.create,Bb=Gc.create,Th=ac.create,n3=ji.create,r3=Oc.create,t3=Nc.create,o3=ec.create,c3=Wo.create,i3=Pt.create,a3=qi.create,e3=Et.create,s3=nr.create,f3=nr.strictCreate,_3=xc.create,l3=Me.create,d3=Pc.create,u3=Ct.create,w3=Ki.create,b3=vi.create,g3=sc.create,m3=Qc.create,$3=Cc.create,h3=Fc.create,A3=Jo.create,E3=jc.create,S3=fc.create,D3=kt.create,k3=St.create,M3=io.create,R3=kt.createWithPreprocess,H3=Ii.create,z3=()=>Hb().optional(),B3=()=>zb().optional(),U3=()=>Bb().optional(),W3={string:(n)=>At.create({...n,coerce:!0}),number:(n)=>Vo.create({...n,coerce:!0}),boolean:(n)=>Gc.create({...n,coerce:!0}),bigint:(n)=>Yo.create({...n,coerce:!0}),date:(n)=>ac.create({...n,coerce:!0})};var V3=sn;var Y3=Y.object({name:Y.string().regex(/^x-/),component:Y.unknown()}),Ub=Y.function().returns(Y.object({name:Y.string(),extensions:Y.array(Y3)}));var Wb=[["--theme-","--scalar-"],["--sidebar-","--scalar-sidebar-"]],J3=Wb.map(([n])=>n);function He(n){if(!J3.some((t)=>n.includes(t)))return n;return console.warn("DEPRECATION WARNING: It looks like you're using legacy CSS variables in your custom CSS string. Please migrate them to use the updated prefixes. See https://github.com/scalar/scalar/blob/main/documentation/themes.md#theme-prefix-changes"),Wb.reduce((t,[o,c])=>t.replaceAll(o,c),n)}var X3=Y.enum(["alternate","default","moon","purple","solarized","bluePlanet","deepSpace","saturn","kepler","elysiajs","fastify","mars","none"]),L3=Y.enum(["a","b","c","d","e","f","g","h","i","j","k","l","m","n","o","p","q","r","s","t","u","v","w","x","y","z"]),Q3=Y.enum(["adonisjs","docusaurus","dotnet","elysiajs","express","fastapi","fastify","go","hono","html","laravel","litestar","nestjs","nextjs","nitro","nuxt","platformatic","react","rust","vue"]).nullable(),Yb=Y.object({url:Y.string().optional(),content:Y.union([Y.string(),Y.record(Y.any()),Y.function().returns(Y.record(Y.any())),Y.null()]).optional(),title:Y.string().optional(),slug:Y.string().optional()}),G3=Y.object({basePath:Y.string()}),Jb=Y.object({url:Y.string().optional(),content:Y.union([Y.string(),Y.record(Y.any()),Y.function().returns(Y.record(Y.any())),Y.null()]).optional(),title:Y.string().optional(),slug:Y.string().optional(),spec:Yb.optional(),authentication:Y.any().optional(),baseServerURL:Y.string().optional(),hideClientButton:Y.boolean().optional().default(!1).catch(!1),proxyUrl:Y.string().optional(),searchHotKey:L3.optional(),servers:Y.array(Y.any()).optional(),showSidebar:Y.boolean().optional().default(!0).catch(!0),theme:X3.optional().default("default").catch("default"),_integration:Q3.optional(),onRequestSent:Y.function().args(Y.string()).returns(Y.void()).optional()}),Vb="https://api.scalar.com/request-proxy",Cf="https://proxy.scalar.com",O3=Jb.merge(Y.object({layout:Y.enum(["modern","classic"]).optional().default("modern").catch("modern"),proxy:Y.string().optional(),plugins:Y.array(Ub).optional(),isEditable:Y.boolean().optional().default(!1).catch(!1),isLoading:Y.boolean().optional().default(!1).catch(!1),hideModels:Y.boolean().optional().default(!1).catch(!1),hideDownloadButton:Y.boolean().optional().default(!1).catch(!1),hideTestRequestButton:Y.boolean().optional().default(!1).catch(!1),hideSearch:Y.boolean().optional().default(!1).catch(!1),darkMode:Y.boolean().optional(),forceDarkModeState:Y.enum(["dark","light"]).optional(),hideDarkModeToggle:Y.boolean().optional().default(!1).catch(!1),metaData:Y.any().optional(),favicon:Y.string().optional(),hiddenClients:Y.union([Y.record(Y.union([Y.boolean(),Y.array(Y.string())])),Y.array(Y.string()),Y.literal(!0)]).optional(),defaultHttpClient:Y.object({targetKey:Y.custom(),clientKey:Y.string()}).optional(),customCss:Y.string().optional(),onSpecUpdate:Y.function().args(Y.string()).returns(Y.void()).optional(),onServerChange:Y.function().args(Y.string()).returns(Y.void()).optional(),onDocumentSelect:Y.function().returns(Y.void().or(Y.void().promise())).optional(),onLoaded:Y.function().returns(Y.void().or(Y.void().promise())).optional(),onShowMore:Y.function().args(Y.string()).returns(Y.void().or(Y.void().promise())).optional(),onSidebarClick:Y.function().args(Y.string()).returns(Y.void().or(Y.void().promise())).optional(),pathRouting:G3.optional(),generateHeadingSlug:Y.function().args(Y.object({slug:Y.string().default("headingSlug")})).returns(Y.string()).optional(),generateModelSlug:Y.function().args(Y.object({name:Y.string().default("modelName")})).returns(Y.string()).optional(),generateTagSlug:Y.function().args(Y.object({name:Y.string().default("tagName")})).returns(Y.string()).optional(),generateOperationSlug:Y.function().args(Y.object({path:Y.string(),operationId:Y.string().optional(),method:Y.string(),summary:Y.string().optional()})).returns(Y.string()).optional(),generateWebhookSlug:Y.function().args(Y.object({name:Y.string(),method:Y.string().optional()})).returns(Y.string()).optional(),redirect:Y.function().args(Y.string()).returns(Y.string().nullable().optional()).optional(),withDefaultFonts:Y.boolean().optional().default(!0).catch(!0),defaultOpenAllTags:Y.boolean().optional(),tagsSorter:Y.union([Y.literal("alpha"),Y.function().args(Y.any(),Y.any()).returns(Y.number())]).optional(),operationsSorter:Y.union([Y.literal("alpha"),Y.literal("method"),Y.function().args(Y.any(),Y.any()).returns(Y.number())]).optional()})),N3=(n)=>{let r={...n};if(r.spec?.url)console.warn("[DEPRECATED] You're using the deprecated 'spec.url' attribute. Remove the spec prefix and move the 'url' attribute to the top level."),r.url=r.spec.url,delete r.spec;if(r.spec?.content)console.warn("[DEPRECATED] You're using the deprecated 'spec.content' attribute. Remove the spec prefix and move the 'content' attribute to the top level."),r.content=r.spec.content,delete r.spec;if(r.customCss)r.customCss=He(r.customCss);if(r.proxy){if(console.warn("[DEPRECATED] You're using the deprecated 'proxy' attribute, rename it to 'proxyUrl' or update the package."),!r.proxyUrl)r.proxyUrl=r.proxy;delete r.proxy}if(r.proxyUrl===Vb)console.warn(`[DEPRECATED] Warning: configuration.proxyUrl points to our old proxy (${Vb}).`),console.warn(`[DEPRECATED] We are overwriting the value and use the new proxy URL (${Cf}) instead.`),console.warn(`[DEPRECATED] Action Required: You should manually update your configuration to use the new URL (${Cf}). Read more: https://github.com/scalar/scalar`),r.proxyUrl=Cf;return r},x3=O3.transform(N3);var P3=Y.object({cdn:Y.string().optional().default("https://cdn.jsdelivr.net/npm/@scalar/api-reference"),pageTitle:Y.string().optional().default("Scalar API Reference")});var C3={alternate:sb,default:lb,moon:bb,elysiajs:Se,fastify:db,purple:gb,solarized:$b,bluePlanet:fb,deepSpace:_b,saturn:mb,kepler:ub,mars:wb};var Hz=Object.keys(C3);import{replaceSchemaType as v3,t as jf}from"elysia";function Ff(n){return"type"in n||"properties"in n||"items"in n}function j3(n,r){return(n==="createdAt"||n==="updatedAt")&&"anyOf"in r&&Array.isArray(r.anyOf)}function Qb(n){if(!Ff(n)||typeof n!=="object"||n===null)return n;let r={...n};return Object.entries(r).forEach(([t,o])=>{if(Ff(o))if(j3(t,o)){let c=o.anyOf?.find((i)=>Ff(i)&&i.format==="date-time");if(c){let i={type:"string",format:"date-time",default:c.default};r[t]=i}}else r[t]=Qb(o)}),r}var q3=(n,r,t,o,c)=>{let i=JSON.parse(o);if(i.components&&i.components.schemas)i.components.schemas=Object.fromEntries(Object.entries(i.components.schemas).map(([e,s])=>[e,Qb(s)]));let a=JSON.stringify(i);return`<!DOCTYPE html>
 <html lang="en">
 <head>
     <meta charset="utf-8" />
@@ -1616,7 +1616,7 @@ data: ${t}
     </script>
     <script src="${o?o:`https://cdn.jsdelivr.net/npm/@scalar/api-reference@${r}/dist/browser/standalone.min.js`}" crossorigin></script>
   </body>
-</html>`;var Kf=Symbol.for("TypeBox.Kind"),Z3=(n)=>n.split("/").map((r)=>{if(r.startsWith(":")){if(r=r.slice(1,r.length),r.endsWith("?"))r=r.slice(0,-1);r=`{${r}}`}return r}).join("/"),qf=(n,r,t)=>{if(r===void 0)return[];if(typeof r==="string")if(r in t)r=t[r];else throw Error(`Can't find model ${r}`);return Object.entries(r?.properties??[]).map(([o,c])=>{let{type:i=void 0,description:a,examples:e,...s}=c;return{description:a,examples:e,schema:{type:i,...s},in:n,name:o,required:r.required?.includes(o)??!1}})},pi=(n,r)=>{if(typeof r==="object"&&["void","undefined","null"].includes(r.type))return;let t={};for(let o of n)t[o]={schema:typeof r==="string"?{$ref:`#/components/schemas/${r}`}:("$ref"in r)&&(Kf in r)&&r[Kf]==="Ref"?{...r,$ref:`#/components/schemas/${r.$ref}`}:v3({...r},{from:jf.Ref(""),to:({$ref:c,...i})=>{if(!c.startsWith("#/components/schemas/"))return jf.Ref(`#/components/schemas/${c}`,i);return jf.Ref(c,i)}})};return t},Xb=(n)=>n.charAt(0).toUpperCase()+n.slice(1),I3=(n,r)=>{let t=n.toLowerCase();if(r==="/")return t+"Index";for(let o of r.split("/"))if(o.charCodeAt(0)===123)t+="By"+Xb(o.slice(1,-1));else t+=Xb(o);return t},Zc=(n)=>{if(!n)return;if(typeof n==="string")return n;if(Array.isArray(n))return[...n];return{...n}},Lb=({schema:n,path:r,method:t,hook:o,models:c})=>{if(o=Zc(o),o.parse&&!Array.isArray(o.parse))o.parse=[o.parse];let i=o.parse?.map((g)=>{switch(typeof g){case"string":return g;case"object":if(g&&typeof g?.fn!=="string")return;switch(g?.fn){case"json":case"application/json":return"application/json";case"text":case"text/plain":return"text/plain";case"urlencoded":case"application/x-www-form-urlencoded":return"application/x-www-form-urlencoded";case"arrayBuffer":case"application/octet-stream":return"application/octet-stream";case"formdata":case"multipart/form-data":return"multipart/form-data"}}}).filter((g)=>g!==void 0);if(!i||i.length===0)i=["application/json","multipart/form-data","text/plain"];r=Z3(r);let a=typeof i==="string"?[i]:i??["application/json"],e=Zc(o?.body),s=Zc(o?.params),f=Zc(o?.headers),d=Zc(o?.query),_=Zc(o?.response);if(typeof _==="object")if(Kf in _){let{type:g,properties:u,required:m,additionalProperties:l,patternProperties:S,$ref:$,...E}=_;_={"200":{...E,description:E.description,content:pi(a,g==="object"||g==="array"?{type:g,properties:u,patternProperties:S,items:_.items,required:m}:_)}}}else Object.entries(_).forEach(([g,u])=>{if(typeof u==="string"){if(!c[u])return;let{type:m,properties:l,required:S,additionalProperties:$,patternProperties:E,...U}=c[u];_[g]={...U,description:U.description,content:pi(a,u)}}else{let{type:m,properties:l,required:S,additionalProperties:$,patternProperties:E,...U}=u;_[g]={...U,description:U.description,content:pi(a,m==="object"||m==="array"?{type:m,properties:l,patternProperties:E,items:u.items,required:S}:u)}}});else if(typeof _==="string"){if(!(_ in c))return;let{type:g,properties:u,required:m,$ref:l,additionalProperties:S,patternProperties:$,...E}=c[_];_={"200":{...E,content:pi(a,_)}}}let w=[...qf("header",f,c),...qf("path",s,c),...qf("query",d,c)];n[r]={...n[r]?n[r]:{},[t.toLowerCase()]:{...f||s||d||e?{parameters:w}:{},..._?{responses:_}:{},operationId:o?.detail?.operationId??I3(t,r),...o?.detail,...e?{requestBody:{required:!0,content:pi(a,typeof e==="string"?{$ref:`#/components/schemas/${e}`}:e)}}:null}}},p3=(n,{excludeStaticFile:r=!0,exclude:t=[]})=>{let o={};for(let[c,i]of Object.entries(n))if(!t.some((a)=>{if(typeof a==="string")return c===a;return a.test(c)})&&!c.includes("*")&&(r?!c.includes("."):!0))Object.keys(i).forEach((a)=>{let e=i[a];if(c.includes("{")){if(!e.parameters)e.parameters=[];e.parameters=[...c.split("/").filter((s)=>s.startsWith("{")&&!e.parameters.find((f)=>f.in==="path"&&f.name===s.slice(1,s.length-1))).map((s)=>({schema:{type:"string"},in:"path",name:s.slice(1,s.length-1),required:!0})),...e.parameters]}if(!e.responses)e.responses={200:{}}}),o[c]=i;return o},Gb=({provider:n="scalar",scalarVersion:r="latest",scalarCDN:t="",scalarConfig:o={},documentation:c={},version:i="5.9.0",excludeStaticFile:a=!0,path:e="/swagger",specPath:s=`${e}/json`,exclude:f=[],swaggerOptions:d={},theme:_=`https://unpkg.com/swagger-ui-dist@${i}/swagger-ui.css`,autoDarkMode:w=!0,excludeMethods:g=["OPTIONS"],excludeTags:u=[]}={})=>{let m={},l=0;if(!i)i=`https://unpkg.com/swagger-ui-dist@${i}/swagger-ui.css`;let S={title:"Elysia Documentation",description:"Development documentation",version:"0.0.0",...c.info},$=s.startsWith("/")?s.slice(1):s,E=new F3({name:"@elysiajs/swagger"}),U=new Response(n==="swagger-ui"?q3(S,i,_,JSON.stringify({url:$,dom_id:"#swagger-ui",...d},(W,H)=>typeof H==="function"?void 0:H),w):K3(S,r,{spec:{url:$,...o.spec},...o,_integration:"elysiajs"},t),{headers:{"content-type":"text/html; charset=utf8"}});return E.get(e,U,{detail:{hide:!0}}).get(s,function(){let H=E.getGlobalRoutes();if(H.length!==l){let k=["GET","PUT","POST","DELETE","OPTIONS","HEAD","PATCH","TRACE"];l=H.length,H.forEach((D)=>{if(D.hooks?.detail?.hide===!0)return;if(g.includes(D.method))return;if(k.includes(D.method)===!1&&D.method!=="ALL")return;if(D.method==="ALL")k.forEach((A)=>{Lb({schema:m,hook:D.hooks,method:A,path:D.path,models:E.getGlobalDefinitions?.().type,contentType:D.hooks.type})});else Lb({schema:m,hook:D.hooks,method:D.method,path:D.path,models:E.getGlobalDefinitions?.().type,contentType:D.hooks.type})})}return{openapi:"3.0.3",...{...c,tags:c.tags?.filter((k)=>!u?.includes(k?.name)),info:{title:"Elysia Documentation",description:"Development documentation",version:"0.0.0",...c.info}},paths:{...p3(m,{excludeStaticFile:a,exclude:Array.isArray(f)?f:[f]}),...c.paths},components:{...c.components,schemas:{...E.getGlobalDefinitions?.().type,...c.components?.schemas}}}},{detail:{hide:!0}}),E};function vf(n){if(n?.enabled===!1)return null;let r={path:n?.path??"/swagger",provider:n?.provider??"scalar",excludeStaticFile:n?.excludeStaticFile??!0,exclude:n?.exclude??[],documentation:{info:{title:n?.documentation?.info?.title??"Nucleus API",description:n?.documentation?.info?.description??"Auto-generated API documentation",version:n?.documentation?.info?.version??"1.0.0",contact:n?.documentation?.info?.contact,license:n?.documentation?.info?.license},tags:n?.documentation?.tags??[],servers:n?.documentation?.servers},scalarConfig:n?.scalarConfig};return Gb(r)}Qi();fd();Ae();var $S=(n)=>{let r=new Map;for(let t of n){let o=r.get(t.table_name),c=t.columns??o?.columns;r.set(t.table_name,{...o||{},...t,columns:c})}return Array.from(r.values())},hS=(n)=>({table_name:n.table_name,excluded_methods:n.excluded_methods?[...n.excluded_methods]:void 0,columns:n.columns?n.columns.map((r)=>({name:r.name,type:r.type})):void 0}),AS=(n)=>{let r=[];for(let[t,o]of Object.entries(n)){if(!o||typeof o!=="object")continue;let c=o,i=c._;if(i?.name){r.push({table_name:i.name});continue}let a=Object.getOwnPropertySymbols(c);for(let e of a){let s=c[e];if(s&&typeof s==="object"){let f=s;if(f.name&&typeof f.name==="string"){r.push({table_name:f.name});break}}}}return r};async function ES(n){let r=new mS;if(r.get("/health",()=>({status:"ok",timestamp:Date.now()})),n.staticAssets!==!1){let h=Vn("path"),R=Vn("fs"),B;if(typeof n.staticAssets==="string")B=n.staticAssets;else{let Y=h.join(process.cwd(),"public"),X="";for(let z of["nucleus-core-ts","nucleus-core"])try{let J=Vn.resolve(`${z}/package.json`),G=h.join(h.dirname(J),"public");if(R.existsSync(G)){X=G;break}}catch{}if(X)B=X;else if(R.existsSync(Y))B=Y;else B=Y}try{r.use(await Vd({prefix:"/nucleus-core",assets:B}))}catch{}}let t=[],o,c=process.cwd();if(typeof n.options==="string"){let h=Vn("fs"),R=Vn("path"),B=R.isAbsolute(n.options)?n.options:R.resolve(process.cwd(),n.options);c=R.dirname(B);let Y=h.readFileSync(B,"utf-8");o=JSON.parse(Y)}else o=n.options;if(o.email?.gmail?.json_file_path){let h=Vn("path"),R=o.email.gmail.json_file_path;if(!h.isAbsolute(R))o.email.gmail.json_file_path=h.resolve(c,R)}let{authentication:i,audit:a,entities:e,database:s}=o,f=o.mode==="development",d=new Zr({service:o.appId||"nucleus",prettyPrint:f,colorize:f,auditEnabled:a?.enabled??!1}),_=jw(o);if(!_.valid){for(let h of _.errors)d.error(`[CONFIG] ${h.message}`,{field:h.field,envName:h.envName});throw Error("Nucleus configuration error: Missing required environment variables. Check logs for details.")}let{resolved:w}=_,g={access_token:i?.accessToken?.name||"access_token",refresh_token:i?.refreshToken?.name||"refresh_token",session_token:i?.sessionToken?.name||"session_token"},u=s?.schemas?.[0]||"main",m=gS(u);if(w.databaseUrl)await qw(w.databaseUrl,d);let l=w.databaseUrl?bS(w.databaseUrl):null,S={},$={};if(n.schema){let R=Vn("path").resolve(process.cwd(),n.schema),B=Vn(R);S=B.createAllTablesForSchema?B.createAllTablesForSchema(m):{}}if(n.relations){let R=Vn("path").resolve(process.cwd(),n.relations);$=Vn(R)}let E=vf(n.swagger);if(E)r.use(E);let U=n.systemTables||[];t=df(o,U,"",u),d.info(`[AUTH] Built ${t.length} public routes`);let W=null,H=null,k=null,D=null;if(o.email?.gmail?.enabled&&o.email.gmail.json_file_path)d.info("[GmailService] Initializing...",{jsonFilePath:o.email.gmail.json_file_path,fromEmail:o.email.gmail.from_email}),D=new ys({enabled:!0,jsonFilePath:o.email.gmail.json_file_path,fromEmail:o.email.gmail.from_email||"",fromName:o.email.gmail.from_name},d),d.info("[GmailService] isAvailable:",{available:D.isAvailable()});if(o.liveMonitoring?.enabled){let h=o.liveMonitoring.basePath||"/monitoring",R=o.liveMonitoring.streamInterval||150;r.use(Tw({getService:()=>k,logger:d,basePath:h,streamInterval:R}))}r.onStart(async()=>{Rf(o);let h=me();if(h&&o.rateLimit?.enabled!==!1)W=new ef({redis:h,logger:d,config:o.rateLimit||{}}),d.info(`[RateLimit] Enabled with strategy: ${o.rateLimit?.strategy||"sliding-window"}`);if(h&&o.monitoring?.enabled){if(H=new rf({redis:h,logger:d,gmail:D||void 0,config:o.monitoring,appId:o.appId}),H.start(),d.info("[Monitoring] Service started"),o.monitoring.endpoints?.enabled){let Y={enabled:!0,basePath:o.monitoring.endpoints.basePath||"/monitoring",stream:{enabled:o.monitoring.endpoints.stream?.enabled!==!1,path:o.monitoring.endpoints.stream?.path||"/stream",interval:o.monitoring.endpoints.stream?.interval||"5s"},snapshot:{enabled:o.monitoring.endpoints.snapshot?.enabled!==!1,path:o.monitoring.endpoints.snapshot?.path||"/snapshot"},history:{enabled:o.monitoring.endpoints.history?.enabled!==!1,path:o.monitoring.endpoints.history?.path||"/history",maxMinutes:o.monitoring.endpoints.history?.maxMinutes||60},alerts:{enabled:o.monitoring.endpoints.alerts?.enabled!==!1,path:o.monitoring.endpoints.alerts?.path||"/alerts"}};r.use(Jf({monitoringService:H,logger:d,endpoints:Y}))}}if(o.liveMonitoring?.enabled)k=new ae(o.liveMonitoring),k.start(),d.info("[LiveMonitoring] Service started");let R=i?.mode==="consumer",B=R&&e?new Set(e.map((Y)=>Y.table_name.replace(/_([a-z])/g,(X,z)=>z.toUpperCase()))):null;if(B){let Y=o,X=Y.verification?.enabled===!0,z=Y.notification?.enabled===!0,J=Y.audit?.enabled===!0;for(let G of Ji)if(G.feature_set.some((x)=>{if(x==="authentication"||x==="authorization")return!1;if(x==="verification")return X;if(x==="notification")return z;if(x==="audit")return J;return!1})){let x=G.table_name.replace(/_([a-z])/g,(y,O)=>O.toUpperCase());B.add(x)}}if(l&&n.schema){let z=await import(Vn("path").resolve(process.cwd(),n.schema)),J=S.auditLogs||z.auditLogs;if(a?.enabled&&J)d.addAuditTransport(new Wa({db:l,table:J,enabled:!0}));try{d.info(`Syncing schema to database (target: ${u})...`);let{sql:F}=await import("drizzle-orm");await l.execute(F.raw(`CREATE SCHEMA IF NOT EXISTS "${u}"`));try{let N=Object.fromEntries(Object.entries(S).filter(([O,q])=>{if(q===void 0||q===null)return!1;if(B&&!B.has(O))return!1;if(typeof q==="object"&&q!==null)return Object.getOwnPropertySymbols(q).length>0||q._!==void 0;return!1})),x=Object.keys(N);if(d.info("[Schema] Tables to sync:",{tables:x,count:x.length,mode:R?"consumer":"full"}),!R){let O=N.users;if(O){let q=Object.getOwnPropertyNames(O).filter((Z)=>!Z.startsWith("_"));d.info("[Schema] Users table columns:",{columns:q})}}await(await wS({schema:m,...N},l,[u])).apply(),d.info("[Schema] pushSchema completed successfully")}catch(N){let x=N instanceof Error?N.message:String(N);d.warn(`[Schema] pushSchema warning: ${x}`)}console.log("Schema sync completed")}catch(F){let N=F instanceof Error?F.message:String(F);console.error("Schema sync failed:",N)}if(console.log("Database connection established"),o.authorization?.enabled&&!R){let F={...Ou,...o.authorization};if(F.autoSeedClaims){let N=AS(S),x=Ji.map((Z)=>hS(Z)),y=o.entities||[],O=o.authorization?.externalEntities||[],q=$S([...N,...y,...x,...n.systemTables||[],...O]);d.info("[Authorization] Seeding claims...",{schemaEntities:N.length,systemEntities:x.length,configEntities:y.length,externalEntities:O.length,totalEntities:q.length}),await Uu(l,S,$,q,F,d)}if(F.godminEmail&&F.godminPassword)d.info("[Authorization] Setting up godmin..."),await Vu(l,S,F,d);d.info("[Authorization] Enabled")}let G=S.userSessions;if(!R&&G&&o.authentication?.sessions?.enabled){let{lt:F}=await import("drizzle-orm"),N=await l.update(G).set({isActive:!1,revokedAt:new Date,revokedReason:"expired"}).where(Ai(yn(G.isActive,!0),F(G.expiresAt,new Date)));d.info("[AUTH] Expired sessions cleanup completed",{expiredCount:N}),setInterval(async()=>{try{await l.update(G).set({isActive:!1,revokedAt:new Date,revokedReason:"expired"}).where(Ai(yn(G.isActive,!0),F(G.expiresAt,new Date)));let x=86400000,y=new Date(Date.now()-x);await l.update(G).set({isActive:!1,revokedAt:new Date,revokedReason:"approval_token_expired",approvalStatus:"rejected",approvalToken:null}).where(Ai(yn(G.approvalStatus,"pending"),F(G.approvalRequestedAt,y)))}catch(x){d.warn("[AUTH] Session cleanup failed",{error:x})}},3600000)}}}).onRequest(async({request:h,set:R})=>{h.headers.delete("x-user-id"),h.headers.delete("x-auth-type"),h.headers.delete("x-api-key-id"),h.headers.delete("x-api-key-owner-type"),h.headers.delete("x-user-roles"),h.headers.delete("x-user-claims"),h.headers.delete("x-session-id"),h.headers.delete("x-access-token"),h.headers.delete("x-refresh-token");let B=Date.now();h.headers.set("x-request-start-time",String(B));let Y=new URL(h.url),X=Y.pathname,z=h.method,J=Y.search,G=h.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||h.headers.get("x-real-ip")?.trim()||"unknown",F=h.headers.get("user-agent")||"unknown",N,x={};if(h.method!=="GET"&&h.method!=="HEAD")try{let Z=await h.clone().text();x=Z?JSON.parse(Z):{}}catch{x={}}let y=a?.enabled?{id:uS(),user_id:"unknown",entity_name:X.split("/").filter(Boolean)[0]||"root",entity_id:null,operation_type:z,summary:"",old_values:{},new_values:x,ip_address:G,user_agent:F,timestamp:new Date().toISOString(),path:X,query:J}:null,O=uf(t,X,z);if(W){let q=O?"public":"private",Z;if(X.includes("/auth/login"))Z="login";else if(X.includes("/auth/register"))Z="register";else if(X.includes("/auth/password-reset"))Z="passwordReset";else if(X.includes("/auth/magic-link"))Z="magicLink";else if(X.includes("/sessions/approve")||X.includes("/sessions/reject"))Z="login";let nn=Z?"auth":q,j=await W.check({ip:G,endpoint:X,category:nn,authType:Z}),I=W.getHeaders(j);for(let[K,tn]of Object.entries(I))R.headers[K]=tn;if(!j.allowed){if(R.status=429,j.retryAfter)R.headers["Retry-After"]=String(j.retryAfter);if(d.warn(`[RateLimit] Blocked request from ${G} to ${X}`),H)H.recordRateLimitBlock();return new Response(JSON.stringify({error:"Too Many Requests",retryAfter:j.retryAfter}),{status:429,headers:{"Content-Type":"application/json"}})}}if(X==="/health")return;if(i?.enabled&&!O){let q=Jd(h.headers),Z=S.apiKeys;if(q&&i.apiKeys?.enabled&&Z&&l){let j=ws(q),K=(await l.select().from(Z).where(yn(Z.keyHash,j)).limit(1))[0];if(!K)return R.status=401,d.traceSync({message:"Invalid API key",level:"warn",context:{path:X,method:z},audit:ht(y,"Invalid API key")}),Error("Invalid API key");let tn=Xd(K);if(!tn.valid)return R.status=401,d.traceSync({message:`API key rejected: ${tn.reason}`,level:"warn",context:{path:X,method:z,keyId:K.id},audit:ht(y,`API key rejected: ${tn.reason}`)}),Error(tn.reason);let wn=K.userId,ln=K.allowedRoles||[],Qn=K.allowedClaims||[],qn=ln,gn=Qn,Gn=S.userRoles,Un=S.roles,En=S.roleClaims,Sn=S.claims;if(Gn&&Un){let hn=(await l.select({name:Un.name}).from(Gn).innerJoin(Un,yn(Un.id,Gn.roleId)).where(yn(Gn.userId,wn))).map((Xn)=>Xn.name).filter((Xn)=>Xn!==void 0);qn=Qt(hn,ln)}if(Gn&&En&&Sn){let rn=await l.select({action:Sn.action}).from(Gn).innerJoin(En,yn(En.roleId,Gn.roleId)).innerJoin(Sn,yn(Sn.id,En.claimId)).where(yn(Gn.userId,wn)),hn=[...new Set(rn.map((Xn)=>Xn.action).filter((Xn)=>Xn!==void 0))];gn=Qt(hn,Qn)}if(l.update(Z).set({lastUsedAt:new Date,lastUsedIp:G,usageCount:K.usageCount+1}).where(yn(Z.id,K.id)).catch(()=>{}),qn=qn.filter((rn)=>rn!=="godmin"),h.headers.set("x-user-id",wn),h.headers.set("x-auth-type","api_key"),h.headers.set("x-api-key-id",K.id),h.headers.set("x-api-key-owner-type",K.ownerType||"personal"),qn.length>0)h.headers.set("x-user-roles",qn.join(","));if(gn.length>0)h.headers.set("x-user-claims",gn.join(","));d.info("[AUTH] API key authenticated",{userId:wn,keyId:K.id,ownerType:K.ownerType,path:X,method:z,effectiveRoles:qn.length,effectiveClaims:gn.length});return}if(!i.accessToken?.secret)return R.status=500,d.traceSync({message:"Authentication secrets not defined",level:"error",context:{path:X,method:z},audit:ht(y,"Authentication secrets not defined")}),Error("One or more authentication secrets are not defined");if(i.mode==="consumer"){N=Mf(h.headers,g);let j=So(N.access_token||"",w.accessTokenSecret||"");if(!j.valid)return R.status=401,d.traceSync({message:"Invalid or missing access token",level:"warn",context:{path:X,method:z},audit:ht(y,"Invalid or missing access token")}),Error("Unauthenticated");let I=j.payload.sub,K=j.payload.roles,tn=j.payload.claims;if(h.headers.set("x-access-token",N.access_token||""),h.headers.set("x-user-id",I||""),K&&K.length>0)h.headers.set("x-user-roles",K.join(","));if(tn&&tn.length>0)h.headers.set("x-user-claims",tn.join(","))}else{if(!i.refreshToken?.secret||!i.sessionToken?.secret)return R.status=500,d.traceSync({message:"Authentication secrets not defined",level:"error",context:{path:X,method:z},audit:ht(y,"Authentication secrets not defined")}),Error("One or more authentication secrets are not defined");if(N=Mf(h.headers,g),!N.session_token)return R.status=401,d.traceSync({message:"No session token",level:"warn",context:{path:X,method:z},audit:ht(y,"No session token")}),Error("Unauthenticated");let j=await To({sessionId:N.session_token});if(!j)return R.status=401,d.traceSync({message:"Invalid session",level:"warn",context:{path:X,method:z,sessionId:N.session_token},audit:ht(y,"Invalid session")}),Error("Unauthenticated");let I=S.userSessions;if(I&&l){let Un=(await l.select().from(I).where(yn(I.id,N.session_token)).limit(1))[0],En=Un?.revokedAt!==null&&Un?.revokedAt!==void 0&&!(typeof Un?.revokedAt==="object"&&Object.keys(Un.revokedAt).length===0);if(!Un||Un.isActive===!1||En)return R.status=401,d.traceSync({message:"Session revoked or inactive",level:"warn",context:{path:X,method:z,sessionId:N.session_token,isActive:Un?.isActive,revokedAt:Un?.revokedAt},audit:ht(y,"Session revoked")}),Error("Session has been revoked");if(Un.expiresAt&&new Date(Un.expiresAt)<new Date)return R.status=401,d.traceSync({message:"Session expired",level:"warn",context:{path:X,method:z,sessionId:N.session_token,expiresAt:Un.expiresAt},audit:ht(y,"Session expired")}),Error("Session has expired")}if(j.lastActiveAt&&i.sessions?.inactivityTimeout){let Gn=new Date(j.lastActiveAt).getTime(),Un=pr(i.sessions.inactivityTimeout)*1000;if(Date.now()-Gn>Un)return R.status=401,d.traceSync({message:"Session inactive timeout",level:"warn",context:{path:X,method:z,sessionId:N.session_token,lastActiveAt:j.lastActiveAt},audit:ht(y,"Session inactive timeout")}),Error("Session expired due to inactivity")}Ps(N.session_token).catch(()=>{});let K=S.userSessions;if(K&&l)l.update(K).set({lastActivityAt:new Date}).where(yn(K.id,N.session_token)).catch(()=>{});let tn=So(N.access_token||"",w.accessTokenSecret||""),wn=N.access_token?tn.valid:!1,ln=N.refresh_token?So(N.refresh_token,w.refreshTokenSecret||"").valid:!1;if(!wn&&ln&&N.refresh_token&&j.rememberMe===!0){let Gn=await Fw(j.userId,j.id,()=>Pw({refreshTokenId:N.refresh_token,options:o,sessionData:j}));if(Gn.success&&Gn.accessToken){N.access_token=Gn.accessToken;let Un=i.cookieDomain,En=Un?process.env[Un]??Un:void 0,Sn=En?`; Domain=${En}`:"",rn=`${g.access_token}=${Gn.accessToken}; Path=/; HttpOnly; SameSite=Strict; Secure; Max-Age=${pr(i.accessToken.expiresIn??"15m")}${Sn}`;R.headers["Set-Cookie"]=rn}}let Qn=tn.valid?tn.payload.sub:j.userId,qn=tn.valid?tn.payload.roles:void 0,gn=tn.valid?tn.payload.claims:void 0;if(h.headers.set("x-access-token",N.access_token||""),h.headers.set("x-refresh-token",N.refresh_token||""),h.headers.set("x-session-id",N.session_token||""),h.headers.set("x-user-id",Qn||""),qn&&qn.length>0)h.headers.set("x-user-roles",qn.join(","));if(gn&&gn.length>0)h.headers.set("x-user-claims",gn.join(","))}}}).onAfterHandle(({request:h,set:R})=>{if(H){let B=h.headers.get("x-request-start-time"),Y=B?parseInt(B,10):Date.now(),X=Date.now()-Y,z=new URL(h.url),J=typeof R.status==="number"?R.status:200;H.recordRequest({endpoint:z.pathname,method:h.method,status:J,responseTimeMs:X,isError:J>=400,errorType:J>=500?"server_error":J>=400?"client_error":void 0})}if(k){let B=new URL(h.url),Y={};h.headers.forEach((X,z)=>{Y[z]=X}),k.recordRequest({path:B.pathname,method:h.method,timestamp:Date.now(),headers:Y})}}).onError((h)=>{let{set:R,code:B,error:Y}=h,X=typeof B==="number"?B:500,z="Internal Server Error";if(Y instanceof Error){let J=Y.cause,G=J?.code;if(G==="23505")z=`Duplicate value: ${J?.detail||"A record with this value already exists"}`;else if(G==="23503")z=`Invalid reference: ${J?.detail||"Referenced record does not exist"}`;else if(G==="23502")z=`Missing required field: ${J?.column||J?.detail||"A required field is empty"}`;else if(G==="22P02")z=`Invalid input: ${J?.routine==="string_to_uuid"?"Invalid ID format":J?.detail||"Invalid data format"}`;else if(G)z=`Database error (${G}): ${J?.detail||J?.message||Y.message}`;else z=Y.message}return R.status=X,Response.json({isSuccess:!1,message:z,status:X,errors:[{message:z}],data:null})}),d.info("Creating routes for entities"),Yf(r,{db:l,schemaTables:S,schemaRelations:$,entities:e,logger:d,databaseUrl:w.databaseUrl,storage:o.storage,authorization:o.authorization,authMode:i?.mode,idpUrl:i?.idpUrl?process.env[i.idpUrl]||i.idpUrl:void 0,emailServiceAvailable:!!(o.email?.gmail?.enabled&&o.email.gmail.json_file_path)});let A=i?.mode==="consumer";if(i?.enabled&&!A&&l){let h=S.users,R=S.userSessions||S.user_sessions||S.sessions;if(!R&&i.sessions?.enabled)d.warn("[AUTH] sessions is enabled but user_sessions table not found in schema. Disabling sessions.");if(h){Rf(o);let{createAuthRoutes:B}=(fd(),za(e5)),{signJWT:Y,verifyJWT:X}=(po(),za(vd)),{generateSession:z,deleteSession:J}=(Cs(),za(zu));B(r,{authConfig:{db:l,logger:d,usersTable:h,sessionsTable:R,userRolesTable:S.userRoles,rolesTable:S.roles,roleClaimsTable:S.roleClaims,claimsTable:S.claims,authentication:{enabled:i.enabled,cookieDomain:o.authentication?.cookieDomain,accessToken:i.accessToken,refreshToken:i.refreshToken,sessionToken:i.sessionToken}},features:{login:i.login,register:i.register,logout:i.logout,refresh:i.refresh,passwordReset:(()=>{let G=!!(o.email?.gmail?.enabled&&o.email.gmail.json_file_path);if(i.passwordReset?.enabled&&!G)return d.warn("[AUTH] passwordReset is enabled but no email provider is configured. Disabling passwordReset."),{...i.passwordReset,enabled:!1};return i.passwordReset})(),passwordChange:i.passwordChange,passwordSet:i.passwordSet,sessions:i.sessions,magicLink:(()=>{let G=!!(o.email?.gmail?.enabled&&o.email.gmail.json_file_path);if(i.magicLink?.enabled&&!G)return d.warn("[AUTH] magicLink is enabled but no email provider is configured. Disabling magicLink."),{...i.magicLink,enabled:!1};return i.magicLink})(),me:i.me||{enabled:!0,route:"/auth/me"},invite:(()=>{let G=!!(o.email?.gmail?.enabled&&o.email.gmail.json_file_path);if(i.invite?.enabled&&!G)return d.warn("[AUTH] invite is enabled but no email provider is configured. Disabling invite."),{...i.invite,enabled:!1};return i.invite})(),captcha:i.captcha,oauth:i.oauth?.enabled&&w.oauthProviders?{...i.oauth,providers:w.oauthProviders}:void 0,apiKeys:i.apiKeys?.enabled?{enabled:!0,route:i.apiKeys.route,keyPrefix:i.apiKeys.keyPrefix,maxKeysPerUser:i.apiKeys.maxKeysPerUser,defaultExpiresIn:i.apiKeys.defaultExpiresIn,allowApplicationKeys:i.apiKeys.allowApplicationKeys,preventApiKeyManagement:i.apiKeys.preventApiKeyManagement}:void 0},sessionsTable:R,oauthAccountsTable:S.oauthAccounts,apiKeysTable:S.apiKeys,schemaTables:S,schemaRelations:$,databaseUrl:w.databaseUrl,admin:{impersonate:{enabled:!0},changeUserId:{enabled:!0}},schemaName:u,emailService:D,appName:o.appId,captchaService:(()=>{let G=me();if(!i.captcha?.enabled||!G)return null;return new Is({redis:{get:async(N)=>{let x=await G.read(N);return x.success?x.data:null},set:async(N,x,y)=>{await G.create(N,x,y?.ex)},del:async(N)=>{await G.remove(N)}},logger:d,config:{enabled:!0,type:i.captcha.type||"math",difficulty:i.captcha.difficulty||"medium",expiresIn:i.captcha.expiresIn||"5m",maxAttempts:i.captcha.maxAttempts||3,caseSensitive:i.captcha.caseSensitive??!1}})})(),tokenResponseConfig:{accessToken:{setHeadersEnabled:i.accessToken?.setHeadersEnabled??!0,returnJson:i.accessToken?.returnJson??!0},refreshToken:{setHeadersEnabled:i.refreshToken?.setHeadersEnabled??!0,returnJson:i.refreshToken?.returnJson??!0},sessionToken:{setHeadersEnabled:i.sessionToken?.setHeadersEnabled??!0,returnJson:i.sessionToken?.returnJson??!0}},helpers:{signAccessToken:(G,F,N)=>Y({subject:G,expiresInSeconds:pr(i.accessToken?.expiresIn||"15m"),issuer:i.accessToken?.issuer,audience:i.accessToken?.audience,customClaims:{...F&&F.length>0?{roles:F}:{},...N&&N.length>0?{claims:N}:{}}},w.accessTokenSecret||"",i.accessToken?.algorithm||"HS256"),signRefreshToken:(G)=>Y({subject:G,expiresInSeconds:pr(i.refreshToken?.expiresIn||"7d"),issuer:i.refreshToken?.issuer,audience:i.refreshToken?.audience},w.refreshTokenSecret||"",i.refreshToken?.algorithm||"HS256"),verifyRefreshToken:(G)=>X(G,w.refreshTokenSecret||""),createSession:async(G)=>{let F=await z({userId:G.userId,deviceInfo:G.deviceInfo});return F.success?F.session.id:""},destroySession:async(G)=>J({sessionId:G}),saveSessionToDb:async(G,F)=>{if(!R||!l)return;let N=i.sessions,x=F.deviceInfo||{},y=x.deviceHint?`${x.browserName||""}-${x.osName||""}-${x.deviceType||""}-${x.deviceHint}`:`${x.browserName||""}-${x.osName||""}-${x.deviceType||""}`,O=await l.select().from(R).where(Ai(yn(R.userId,F.userId),yn(R.isActive,!0))),q=y&&!y.includes("--unknown")&&!y.includes("Bot/Crawler")&&!y.includes("Headless")&&y!=="--"&&y!=="--unknown",Z=await l.select().from(R).where(yn(R.userId,F.userId)),nn=q?!O.some((rn)=>rn.deviceFingerprint===y):!1,j=q?Z.some((rn)=>{let hn=rn;return hn.deviceFingerprint===y&&hn.approvalStatus==="approved"}):!1,I=O.some((rn)=>rn.approvalStatus==="approved"),K=F.loginMethod==="impersonation"||F.loginMethod==="impersonation_stop",tn=F.loginMethod?.startsWith("oauth:"),wn=!K&&N?.trustNewDevices===!1&&nn&&!j&&q&&I;d.info("[AUTH] Device fingerprint analysis",{userId:F.userId,deviceFingerprint:y,hasValidFingerprint:q,isNewDevice:nn,wasPreviouslyApproved:j,loginMethod:F.loginMethod,isImpersonationLogin:K,isOAuthLogin:tn,existingSessionCount:O.length,hasAnyApprovedSession:I,requiresApproval:wn});let ln=null,Qn="approved";if(wn){let rn=Z.find((Xn)=>{let Tn=Xn;return Tn.deviceFingerprint===y&&(Tn.approvalStatus==="pending"||Tn.approval_status==="pending")&&Tn.approvalToken});if(rn){let Xn=rn,Tn=Xn.approvalRequestedAt||Xn.approval_requested_at;if(Tn?Date.now()-new Date(Tn).getTime()<86400000:!0)return d.info("[AUTH] Reusing existing pending session for same device",{userId:F.userId,deviceFingerprint:y,existingSessionId:Xn.id}),{requiresApproval:!0,sessionId:Xn.id}}let{randomBytes:hn}=await import("crypto");ln=hn(32).toString("hex"),Qn="pending",d.info("[AUTH] New device requires approval",{userId:F.userId,deviceFingerprint:y,ipAddress:x.ipAddress})}let qn=O.filter((rn)=>{let hn=rn,Xn=(hn.deviceFingerprint||"").toLowerCase(),Tn=hn.ipAddress||"",Nr=(hn.userAgent||"").toLowerCase(),Qr=!Xn||Xn==="--"||Xn==="--unknown"||Xn.includes("bot/crawler")||Xn.includes("headless")||Xn.includes("unknown-unknown"),$r=Nr.includes("nucleusserveraction")||Nr.includes("serveraction")||Nr.includes("node-fetch")||Nr.includes("undici");return Qr&&(Tn==="127.0.0.1"||Tn==="::1"||Tn==="localhost"||!Tn)||$r});if(qn.length>0){for(let rn of qn)await l.update(R).set({isActive:!1,revokedAt:new Date,revokedReason:"bot_session_cleanup"}).where(yn(R.id,rn.id));d.info("[AUTH] Cleaned up stale bot/crawler sessions",{userId:F.userId,cleanedCount:qn.length})}if(!N?.allowMultipleDevices&&O.length>0){if(O.filter((hn)=>hn.deviceFingerprint===y).length===0&&nn)for(let hn of O)await l.update(R).set({isActive:!1,revokedAt:new Date,revokedReason:"new_device_login"}).where(yn(R.id,hn.id))}if(N?.maxActiveSessions){let{count:rn}=await import("drizzle-orm"),Xn=(await l.select({count:rn()}).from(R).where(Ai(yn(R.userId,F.userId),yn(R.isActive,!0))))[0]?.count||0;if(Xn>=N.maxActiveSessions){let{asc:Tn}=await import("drizzle-orm"),Nr=await l.select().from(R).where(Ai(yn(R.userId,F.userId),yn(R.isActive,!0))).orderBy(Tn(R.createdAt)).limit(Xn-N.maxActiveSessions+1);for(let Qr of Nr)await l.update(R).set({isActive:!1,revokedAt:new Date,revokedReason:"max_sessions_exceeded"}).where(yn(R.id,Qr.id))}}let gn=100;if(x.isHeadless)gn-=50;if(x.isBot)gn-=40;if(x.isSuspicious)d.warn("[AUTH] Suspicious login detected",{userId:F.userId,suspiciousPatterns:x.suspiciousPatterns,userAgent:x.userAgent,ipAddress:x.ipAddress});if(nn)gn-=25;if(!x.ipAddress||x.ipAddress==="unknown")gn-=20;if(!x.browserName)gn-=15;if(!x.osName)gn-=15;if(!x.deviceType||x.deviceType==="unknown")gn-=10;if(!x.deviceName||x.deviceName==="Unknown Device")gn-=5;let Gn=y&&!y.includes("--unknown")&&y!=="--",Un=x.ipAddress&&x.ipAddress!=="unknown";if(Gn){if(O.filter((hn)=>hn.deviceFingerprint===y).length>0)gn+=20}if(Un){if(O.filter((hn)=>hn.ipAddress===x.ipAddress).length>0)gn+=15}gn=Math.max(0,Math.min(100,gn));let En=50;if(await l.insert(R).values({id:G,userId:F.userId,tokenHash:G,deviceFingerprint:y,deviceName:x.deviceName,deviceType:x.deviceType,browserName:x.browserName,browserVersion:x.browserVersion,osName:x.osName,osVersion:x.osVersion,ipAddress:x.ipAddress,locationCountry:x.locationCountry,locationCity:x.locationCity,loginMethod:F.loginMethod||"password",rememberMe:F.rememberMe??!1,trustScore:gn,lastActivityAt:new Date,createdAt:new Date,expiresAt:new Date(Date.now()+pr(i.sessionToken?.expiresIn||"30d")*1000),isActive:Qn==="approved",approvalStatus:Qn,approvalToken:ln,approvalRequestedAt:wn?new Date:null}),!K&&D&&(N?.notifyOnNewDevice&&nn||gn<En||wn)){let rn=S.users;if(rn){let Xn=(await l.select().from(rn).where(yn(rn.id,F.userId)).limit(1))[0];if(Xn?.email){let Tn=gn<En,Nr=i.sessions?.route||"/auth/sessions",Qr=i.sessions?.approvalRedirectUrl||"",$r=!Qr||Qr.endsWith("/devices"),ar;if(!$r)ar=Qr;else{let It=F.requestOrigin;if(!It&&Qr)try{It=new URL(Qr).origin}catch{}ar=`${It||"http://localhost:9000"}${Nr}`}let Ha=ln?`${ar}/approve-page?token=${ln}`:"",s5=ln?`${ar}/reject-page?token=${ln}`:"",F0,j0,Ei=o.appId||"Nucleus",f5=new Date().toLocaleString("en-US",{dateStyle:"medium",timeStyle:"short"}),_5=`${x.browserName||"Unknown"} ${x.browserVersion||""} on ${x.osName||"Unknown"} ${x.osVersion||""}`,_d=(It)=>`
+</html>`;var Kf=Symbol.for("TypeBox.Kind"),Z3=(n)=>n.split("/").map((r)=>{if(r.startsWith(":")){if(r=r.slice(1,r.length),r.endsWith("?"))r=r.slice(0,-1);r=`{${r}}`}return r}).join("/"),qf=(n,r,t)=>{if(r===void 0)return[];if(typeof r==="string")if(r in t)r=t[r];else throw Error(`Can't find model ${r}`);return Object.entries(r?.properties??[]).map(([o,c])=>{let{type:i=void 0,description:a,examples:e,...s}=c;return{description:a,examples:e,schema:{type:i,...s},in:n,name:o,required:r.required?.includes(o)??!1}})},pi=(n,r)=>{if(typeof r==="object"&&["void","undefined","null"].includes(r.type))return;let t={};for(let o of n)t[o]={schema:typeof r==="string"?{$ref:`#/components/schemas/${r}`}:("$ref"in r)&&(Kf in r)&&r[Kf]==="Ref"?{...r,$ref:`#/components/schemas/${r.$ref}`}:v3({...r},{from:jf.Ref(""),to:({$ref:c,...i})=>{if(!c.startsWith("#/components/schemas/"))return jf.Ref(`#/components/schemas/${c}`,i);return jf.Ref(c,i)}})};return t},Xb=(n)=>n.charAt(0).toUpperCase()+n.slice(1),I3=(n,r)=>{let t=n.toLowerCase();if(r==="/")return t+"Index";for(let o of r.split("/"))if(o.charCodeAt(0)===123)t+="By"+Xb(o.slice(1,-1));else t+=Xb(o);return t},Zc=(n)=>{if(!n)return;if(typeof n==="string")return n;if(Array.isArray(n))return[...n];return{...n}},Lb=({schema:n,path:r,method:t,hook:o,models:c})=>{if(o=Zc(o),o.parse&&!Array.isArray(o.parse))o.parse=[o.parse];let i=o.parse?.map((g)=>{switch(typeof g){case"string":return g;case"object":if(g&&typeof g?.fn!=="string")return;switch(g?.fn){case"json":case"application/json":return"application/json";case"text":case"text/plain":return"text/plain";case"urlencoded":case"application/x-www-form-urlencoded":return"application/x-www-form-urlencoded";case"arrayBuffer":case"application/octet-stream":return"application/octet-stream";case"formdata":case"multipart/form-data":return"multipart/form-data"}}}).filter((g)=>g!==void 0);if(!i||i.length===0)i=["application/json","multipart/form-data","text/plain"];r=Z3(r);let a=typeof i==="string"?[i]:i??["application/json"],e=Zc(o?.body),s=Zc(o?.params),f=Zc(o?.headers),d=Zc(o?.query),_=Zc(o?.response);if(typeof _==="object")if(Kf in _){let{type:g,properties:u,required:m,additionalProperties:l,patternProperties:E,$ref:$,...S}=_;_={"200":{...S,description:S.description,content:pi(a,g==="object"||g==="array"?{type:g,properties:u,patternProperties:E,items:_.items,required:m}:_)}}}else Object.entries(_).forEach(([g,u])=>{if(typeof u==="string"){if(!c[u])return;let{type:m,properties:l,required:E,additionalProperties:$,patternProperties:S,...U}=c[u];_[g]={...U,description:U.description,content:pi(a,u)}}else{let{type:m,properties:l,required:E,additionalProperties:$,patternProperties:S,...U}=u;_[g]={...U,description:U.description,content:pi(a,m==="object"||m==="array"?{type:m,properties:l,patternProperties:S,items:u.items,required:E}:u)}}});else if(typeof _==="string"){if(!(_ in c))return;let{type:g,properties:u,required:m,$ref:l,additionalProperties:E,patternProperties:$,...S}=c[_];_={"200":{...S,content:pi(a,_)}}}let w=[...qf("header",f,c),...qf("path",s,c),...qf("query",d,c)];n[r]={...n[r]?n[r]:{},[t.toLowerCase()]:{...f||s||d||e?{parameters:w}:{},..._?{responses:_}:{},operationId:o?.detail?.operationId??I3(t,r),...o?.detail,...e?{requestBody:{required:!0,content:pi(a,typeof e==="string"?{$ref:`#/components/schemas/${e}`}:e)}}:null}}},p3=(n,{excludeStaticFile:r=!0,exclude:t=[]})=>{let o={};for(let[c,i]of Object.entries(n))if(!t.some((a)=>{if(typeof a==="string")return c===a;return a.test(c)})&&!c.includes("*")&&(r?!c.includes("."):!0))Object.keys(i).forEach((a)=>{let e=i[a];if(c.includes("{")){if(!e.parameters)e.parameters=[];e.parameters=[...c.split("/").filter((s)=>s.startsWith("{")&&!e.parameters.find((f)=>f.in==="path"&&f.name===s.slice(1,s.length-1))).map((s)=>({schema:{type:"string"},in:"path",name:s.slice(1,s.length-1),required:!0})),...e.parameters]}if(!e.responses)e.responses={200:{}}}),o[c]=i;return o},Gb=({provider:n="scalar",scalarVersion:r="latest",scalarCDN:t="",scalarConfig:o={},documentation:c={},version:i="5.9.0",excludeStaticFile:a=!0,path:e="/swagger",specPath:s=`${e}/json`,exclude:f=[],swaggerOptions:d={},theme:_=`https://unpkg.com/swagger-ui-dist@${i}/swagger-ui.css`,autoDarkMode:w=!0,excludeMethods:g=["OPTIONS"],excludeTags:u=[]}={})=>{let m={},l=0;if(!i)i=`https://unpkg.com/swagger-ui-dist@${i}/swagger-ui.css`;let E={title:"Elysia Documentation",description:"Development documentation",version:"0.0.0",...c.info},$=s.startsWith("/")?s.slice(1):s,S=new F3({name:"@elysiajs/swagger"}),U=new Response(n==="swagger-ui"?q3(E,i,_,JSON.stringify({url:$,dom_id:"#swagger-ui",...d},(W,H)=>typeof H==="function"?void 0:H),w):K3(E,r,{spec:{url:$,...o.spec},...o,_integration:"elysiajs"},t),{headers:{"content-type":"text/html; charset=utf8"}});return S.get(e,U,{detail:{hide:!0}}).get(s,function(){let H=S.getGlobalRoutes();if(H.length!==l){let k=["GET","PUT","POST","DELETE","OPTIONS","HEAD","PATCH","TRACE"];l=H.length,H.forEach((D)=>{if(D.hooks?.detail?.hide===!0)return;if(g.includes(D.method))return;if(k.includes(D.method)===!1&&D.method!=="ALL")return;if(D.method==="ALL")k.forEach((A)=>{Lb({schema:m,hook:D.hooks,method:A,path:D.path,models:S.getGlobalDefinitions?.().type,contentType:D.hooks.type})});else Lb({schema:m,hook:D.hooks,method:D.method,path:D.path,models:S.getGlobalDefinitions?.().type,contentType:D.hooks.type})})}return{openapi:"3.0.3",...{...c,tags:c.tags?.filter((k)=>!u?.includes(k?.name)),info:{title:"Elysia Documentation",description:"Development documentation",version:"0.0.0",...c.info}},paths:{...p3(m,{excludeStaticFile:a,exclude:Array.isArray(f)?f:[f]}),...c.paths},components:{...c.components,schemas:{...S.getGlobalDefinitions?.().type,...c.components?.schemas}}}},{detail:{hide:!0}}),S};function vf(n){if(n?.enabled===!1)return null;let r={path:n?.path??"/swagger",provider:n?.provider??"scalar",excludeStaticFile:n?.excludeStaticFile??!0,exclude:n?.exclude??[],documentation:{info:{title:n?.documentation?.info?.title??"Nucleus API",description:n?.documentation?.info?.description??"Auto-generated API documentation",version:n?.documentation?.info?.version??"1.0.0",contact:n?.documentation?.info?.contact,license:n?.documentation?.info?.license},tags:n?.documentation?.tags??[],servers:n?.documentation?.servers},scalarConfig:n?.scalarConfig};return Gb(r)}Qi();fd();Ae();var $S=(n)=>{let r=new Map;for(let t of n){let o=r.get(t.table_name),c=t.columns??o?.columns;r.set(t.table_name,{...o||{},...t,columns:c})}return Array.from(r.values())},hS=(n)=>({table_name:n.table_name,excluded_methods:n.excluded_methods?[...n.excluded_methods]:void 0,columns:n.columns?n.columns.map((r)=>({name:r.name,type:r.type})):void 0}),AS=(n)=>{let r=[];for(let[t,o]of Object.entries(n)){if(!o||typeof o!=="object")continue;let c=o,i=c._;if(i?.name){r.push({table_name:i.name});continue}let a=Object.getOwnPropertySymbols(c);for(let e of a){let s=c[e];if(s&&typeof s==="object"){let f=s;if(f.name&&typeof f.name==="string"){r.push({table_name:f.name});break}}}}return r};async function ES(n){let r=new mS;if(r.get("/health",()=>({status:"ok",timestamp:Date.now()})),n.staticAssets!==!1){let h=Vn("path"),R=Vn("fs"),z;if(typeof n.staticAssets==="string")z=n.staticAssets;else{let V=h.join(process.cwd(),"public"),Q="";for(let B of["nucleus-core-ts","nucleus-core"])try{let J=Vn.resolve(`${B}/package.json`),G=h.join(h.dirname(J),"public");if(R.existsSync(G)){Q=G;break}}catch{}if(Q)z=Q;else if(R.existsSync(V))z=V;else z=V}try{r.use(await Vd({prefix:"/nucleus-core",assets:z}))}catch{}}let t=[],o,c=process.cwd();if(typeof n.options==="string"){let h=Vn("fs"),R=Vn("path"),z=R.isAbsolute(n.options)?n.options:R.resolve(process.cwd(),n.options);c=R.dirname(z);let V=h.readFileSync(z,"utf-8");o=JSON.parse(V)}else o=n.options;if(o.email?.gmail?.json_file_path){let h=Vn("path"),R=o.email.gmail.json_file_path;if(!h.isAbsolute(R))o.email.gmail.json_file_path=h.resolve(c,R)}let{authentication:i,audit:a,entities:e,database:s}=o,f=o.mode==="development",d=new Zr({service:o.appId||"nucleus",prettyPrint:f,colorize:f,auditEnabled:a?.enabled??!1}),_=jw(o);if(!_.valid){for(let h of _.errors)d.error(`[CONFIG] ${h.message}`,{field:h.field,envName:h.envName});throw Error("Nucleus configuration error: Missing required environment variables. Check logs for details.")}let{resolved:w}=_,g={access_token:i?.accessToken?.name||"access_token",refresh_token:i?.refreshToken?.name||"refresh_token",session_token:i?.sessionToken?.name||"session_token"},u=s?.schemas?.[0]||"main",m=gS(u);if(w.databaseUrl)await qw(w.databaseUrl,d);let l=w.databaseUrl?bS(w.databaseUrl):null,E={},$={};if(n.schema){let R=Vn("path").resolve(process.cwd(),n.schema),z=Vn(R);E=z.createAllTablesForSchema?z.createAllTablesForSchema(m):{}}if(n.relations){let R=Vn("path").resolve(process.cwd(),n.relations);$=Vn(R)}let S=vf(n.swagger);if(S)r.use(S);let U=n.systemTables||[];t=df(o,U,"",u),d.info(`[AUTH] Built ${t.length} public routes`);let W=null,H=null,k=null,D=null;if(o.email?.gmail?.enabled&&o.email.gmail.json_file_path)d.info("[GmailService] Initializing...",{jsonFilePath:o.email.gmail.json_file_path,fromEmail:o.email.gmail.from_email}),D=new ys({enabled:!0,jsonFilePath:o.email.gmail.json_file_path,fromEmail:o.email.gmail.from_email||"",fromName:o.email.gmail.from_name},d),d.info("[GmailService] isAvailable:",{available:D.isAvailable()});if(o.liveMonitoring?.enabled){let h=o.liveMonitoring.basePath||"/monitoring",R=o.liveMonitoring.streamInterval||150;r.use(Tw({getService:()=>k,logger:d,basePath:h,streamInterval:R}))}r.onStart(async()=>{Rf(o);let h=me();if(h&&o.rateLimit?.enabled!==!1)W=new ef({redis:h,logger:d,config:o.rateLimit||{}}),d.info(`[RateLimit] Enabled with strategy: ${o.rateLimit?.strategy||"sliding-window"}`);if(h&&o.monitoring?.enabled){if(H=new rf({redis:h,logger:d,gmail:D||void 0,config:o.monitoring,appId:o.appId}),H.start(),d.info("[Monitoring] Service started"),o.monitoring.endpoints?.enabled){let V={enabled:!0,basePath:o.monitoring.endpoints.basePath||"/monitoring",stream:{enabled:o.monitoring.endpoints.stream?.enabled!==!1,path:o.monitoring.endpoints.stream?.path||"/stream",interval:o.monitoring.endpoints.stream?.interval||"5s"},snapshot:{enabled:o.monitoring.endpoints.snapshot?.enabled!==!1,path:o.monitoring.endpoints.snapshot?.path||"/snapshot"},history:{enabled:o.monitoring.endpoints.history?.enabled!==!1,path:o.monitoring.endpoints.history?.path||"/history",maxMinutes:o.monitoring.endpoints.history?.maxMinutes||60},alerts:{enabled:o.monitoring.endpoints.alerts?.enabled!==!1,path:o.monitoring.endpoints.alerts?.path||"/alerts"}};r.use(Jf({monitoringService:H,logger:d,endpoints:V}))}}if(o.liveMonitoring?.enabled)k=new ae(o.liveMonitoring),k.start(),d.info("[LiveMonitoring] Service started");let R=i?.mode==="consumer",z=R&&e?new Set(e.map((V)=>V.table_name.replace(/_([a-z])/g,(Q,B)=>B.toUpperCase()))):null;if(z){let V=o,Q=V.verification?.enabled===!0,B=V.notification?.enabled===!0,J=V.audit?.enabled===!0;for(let G of Ji)if(G.feature_set.some((x)=>{if(x==="authentication"||x==="authorization")return!1;if(x==="verification")return Q;if(x==="notification")return B;if(x==="audit")return J;return!1})){let x=G.table_name.replace(/_([a-z])/g,(y,O)=>O.toUpperCase());z.add(x)}}if(l&&n.schema){let B=await import(Vn("path").resolve(process.cwd(),n.schema)),J=E.auditLogs||B.auditLogs;if(a?.enabled&&J)d.addAuditTransport(new Wa({db:l,table:J,enabled:!0}));try{d.info(`Syncing schema to database (target: ${u})...`);let{sql:F}=await import("drizzle-orm");await l.execute(F.raw(`CREATE SCHEMA IF NOT EXISTS "${u}"`));try{let N=Object.fromEntries(Object.entries(E).filter(([O,q])=>{if(q===void 0||q===null)return!1;if(z&&!z.has(O))return!1;if(typeof q==="object"&&q!==null)return Object.getOwnPropertySymbols(q).length>0||q._!==void 0;return!1})),x=Object.keys(N);if(d.info("[Schema] Tables to sync:",{tables:x,count:x.length,mode:R?"consumer":"full"}),!R){let O=N.users;if(O){let q=Object.getOwnPropertyNames(O).filter((Z)=>!Z.startsWith("_"));d.info("[Schema] Users table columns:",{columns:q})}}await(await wS({schema:m,...N},l,[u])).apply(),d.info("[Schema] pushSchema completed successfully")}catch(N){let x=N instanceof Error?N.message:String(N);d.warn(`[Schema] pushSchema warning: ${x}`)}console.log("Schema sync completed")}catch(F){let N=F instanceof Error?F.message:String(F);console.error("Schema sync failed:",N)}if(console.log("Database connection established"),o.authorization?.enabled&&!R){let F={...Ou,...o.authorization};if(F.autoSeedClaims){let N=AS(E),x=Ji.map((Z)=>hS(Z)),y=o.entities||[],O=o.authorization?.externalEntities||[],q=$S([...N,...y,...x,...n.systemTables||[],...O]);d.info("[Authorization] Seeding claims...",{schemaEntities:N.length,systemEntities:x.length,configEntities:y.length,externalEntities:O.length,totalEntities:q.length}),await Uu(l,E,$,q,F,d)}if(F.godminEmail&&F.godminPassword)d.info("[Authorization] Setting up godmin..."),await Vu(l,E,F,d);d.info("[Authorization] Enabled")}let G=E.userSessions;if(!R&&G&&o.authentication?.sessions?.enabled){let{lt:F}=await import("drizzle-orm"),N=await l.update(G).set({isActive:!1,revokedAt:new Date,revokedReason:"expired"}).where(Ai(yn(G.isActive,!0),F(G.expiresAt,new Date)));d.info("[AUTH] Expired sessions cleanup completed",{expiredCount:N}),setInterval(async()=>{try{await l.update(G).set({isActive:!1,revokedAt:new Date,revokedReason:"expired"}).where(Ai(yn(G.isActive,!0),F(G.expiresAt,new Date)));let x=86400000,y=new Date(Date.now()-x);await l.update(G).set({isActive:!1,revokedAt:new Date,revokedReason:"approval_token_expired",approvalStatus:"rejected",approvalToken:null}).where(Ai(yn(G.approvalStatus,"pending"),F(G.approvalRequestedAt,y)))}catch(x){d.warn("[AUTH] Session cleanup failed",{error:x})}},3600000)}}}).onRequest(async({request:h,set:R})=>{h.headers.delete("x-user-id"),h.headers.delete("x-auth-type"),h.headers.delete("x-api-key-id"),h.headers.delete("x-api-key-owner-type"),h.headers.delete("x-user-roles"),h.headers.delete("x-user-claims"),h.headers.delete("x-session-id"),h.headers.delete("x-access-token"),h.headers.delete("x-refresh-token");let z=Date.now();h.headers.set("x-request-start-time",String(z));let V=new URL(h.url),Q=V.pathname,B=h.method,J=V.search,G=h.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||h.headers.get("x-real-ip")?.trim()||"unknown",F=h.headers.get("user-agent")||"unknown",N,x={};if(h.method!=="GET"&&h.method!=="HEAD")try{let Z=await h.clone().text();x=Z?JSON.parse(Z):{}}catch{x={}}let y=a?.enabled?{id:uS(),user_id:"unknown",entity_name:Q.split("/").filter(Boolean)[0]||"root",entity_id:null,operation_type:B,summary:"",old_values:{},new_values:x,ip_address:G,user_agent:F,timestamp:new Date().toISOString(),path:Q,query:J}:null,O=uf(t,Q,B);if(W){let q=O?"public":"private",Z;if(Q.includes("/auth/login"))Z="login";else if(Q.includes("/auth/register"))Z="register";else if(Q.includes("/auth/password-reset"))Z="passwordReset";else if(Q.includes("/auth/magic-link"))Z="magicLink";else if(Q.includes("/sessions/approve")||Q.includes("/sessions/reject"))Z="login";let nn=Z?"auth":q,j=await W.check({ip:G,endpoint:Q,category:nn,authType:Z}),I=W.getHeaders(j);for(let[K,tn]of Object.entries(I))R.headers[K]=tn;if(!j.allowed){if(R.status=429,j.retryAfter)R.headers["Retry-After"]=String(j.retryAfter);if(d.warn(`[RateLimit] Blocked request from ${G} to ${Q}`),H)H.recordRateLimitBlock();return new Response(JSON.stringify({error:"Too Many Requests",retryAfter:j.retryAfter}),{status:429,headers:{"Content-Type":"application/json"}})}}if(Q==="/health")return;if(i?.enabled&&!O){let q=Jd(h.headers),Z=E.apiKeys;if(q&&i.apiKeys?.enabled&&Z&&l){let j=ws(q),K=(await l.select().from(Z).where(yn(Z.keyHash,j)).limit(1))[0];if(!K)return R.status=401,d.traceSync({message:"Invalid API key",level:"warn",context:{path:Q,method:B},audit:ht(y,"Invalid API key")}),Error("Invalid API key");let tn=Xd(K);if(!tn.valid)return R.status=401,d.traceSync({message:`API key rejected: ${tn.reason}`,level:"warn",context:{path:Q,method:B,keyId:K.id},audit:ht(y,`API key rejected: ${tn.reason}`)}),Error(tn.reason);let wn=K.userId,ln=K.allowedRoles||[],Qn=K.allowedClaims||[],qn=ln,gn=Qn,Gn=E.userRoles,Un=E.roles,En=E.roleClaims,Sn=E.claims;if(Gn&&Un){let hn=(await l.select({name:Un.name}).from(Gn).innerJoin(Un,yn(Un.id,Gn.roleId)).where(yn(Gn.userId,wn))).map((Xn)=>Xn.name).filter((Xn)=>Xn!==void 0);qn=Qt(hn,ln)}if(Gn&&En&&Sn){let rn=await l.select({action:Sn.action}).from(Gn).innerJoin(En,yn(En.roleId,Gn.roleId)).innerJoin(Sn,yn(Sn.id,En.claimId)).where(yn(Gn.userId,wn)),hn=[...new Set(rn.map((Xn)=>Xn.action).filter((Xn)=>Xn!==void 0))];gn=Qt(hn,Qn)}if(l.update(Z).set({lastUsedAt:new Date,lastUsedIp:G,usageCount:K.usageCount+1}).where(yn(Z.id,K.id)).catch(()=>{}),qn=qn.filter((rn)=>rn!=="godmin"),h.headers.set("x-user-id",wn),h.headers.set("x-auth-type","api_key"),h.headers.set("x-api-key-id",K.id),h.headers.set("x-api-key-owner-type",K.ownerType||"personal"),qn.length>0)h.headers.set("x-user-roles",qn.join(","));if(gn.length>0)h.headers.set("x-user-claims",gn.join(","));d.info("[AUTH] API key authenticated",{userId:wn,keyId:K.id,ownerType:K.ownerType,path:Q,method:B,effectiveRoles:qn.length,effectiveClaims:gn.length});return}if(!i.accessToken?.secret)return R.status=500,d.traceSync({message:"Authentication secrets not defined",level:"error",context:{path:Q,method:B},audit:ht(y,"Authentication secrets not defined")}),Error("One or more authentication secrets are not defined");if(i.mode==="consumer"){N=Mf(h.headers,g);let j=So(N.access_token||"",w.accessTokenSecret||"");if(!j.valid)return R.status=401,d.traceSync({message:"Invalid or missing access token",level:"warn",context:{path:Q,method:B},audit:ht(y,"Invalid or missing access token")}),Error("Unauthenticated");let I=j.payload.sub,K=j.payload.roles,tn=j.payload.claims;if(h.headers.set("x-access-token",N.access_token||""),h.headers.set("x-user-id",I||""),K&&K.length>0)h.headers.set("x-user-roles",K.join(","));if(tn&&tn.length>0)h.headers.set("x-user-claims",tn.join(","))}else{if(!i.refreshToken?.secret||!i.sessionToken?.secret)return R.status=500,d.traceSync({message:"Authentication secrets not defined",level:"error",context:{path:Q,method:B},audit:ht(y,"Authentication secrets not defined")}),Error("One or more authentication secrets are not defined");if(N=Mf(h.headers,g),!N.session_token)return R.status=401,d.traceSync({message:"No session token",level:"warn",context:{path:Q,method:B},audit:ht(y,"No session token")}),Error("Unauthenticated");let j=await To({sessionId:N.session_token});if(!j)return R.status=401,d.traceSync({message:"Invalid session",level:"warn",context:{path:Q,method:B,sessionId:N.session_token},audit:ht(y,"Invalid session")}),Error("Unauthenticated");let I=E.userSessions;if(I&&l){let Un=(await l.select().from(I).where(yn(I.id,N.session_token)).limit(1))[0],En=Un?.revokedAt!==null&&Un?.revokedAt!==void 0&&!(typeof Un?.revokedAt==="object"&&Object.keys(Un.revokedAt).length===0);if(!Un||Un.isActive===!1||En)return R.status=401,d.traceSync({message:"Session revoked or inactive",level:"warn",context:{path:Q,method:B,sessionId:N.session_token,isActive:Un?.isActive,revokedAt:Un?.revokedAt},audit:ht(y,"Session revoked")}),Error("Session has been revoked");if(Un.expiresAt&&new Date(Un.expiresAt)<new Date)return R.status=401,d.traceSync({message:"Session expired",level:"warn",context:{path:Q,method:B,sessionId:N.session_token,expiresAt:Un.expiresAt},audit:ht(y,"Session expired")}),Error("Session has expired")}if(j.lastActiveAt&&i.sessions?.inactivityTimeout){let Gn=new Date(j.lastActiveAt).getTime(),Un=pr(i.sessions.inactivityTimeout)*1000;if(Date.now()-Gn>Un)return R.status=401,d.traceSync({message:"Session inactive timeout",level:"warn",context:{path:Q,method:B,sessionId:N.session_token,lastActiveAt:j.lastActiveAt},audit:ht(y,"Session inactive timeout")}),Error("Session expired due to inactivity")}Ps(N.session_token).catch(()=>{});let K=E.userSessions;if(K&&l)l.update(K).set({lastActivityAt:new Date}).where(yn(K.id,N.session_token)).catch(()=>{});let tn=So(N.access_token||"",w.accessTokenSecret||""),wn=N.access_token?tn.valid:!1,ln=N.refresh_token?So(N.refresh_token,w.refreshTokenSecret||"").valid:!1;if(!wn&&ln&&N.refresh_token&&j.rememberMe===!0){let Gn=await Fw(j.userId,j.id,()=>Pw({refreshTokenId:N.refresh_token,options:o,sessionData:j}));if(Gn.success&&Gn.accessToken){N.access_token=Gn.accessToken;let Un=i.cookieDomain,En=Un?process.env[Un]??Un:void 0,Sn=En?`; Domain=${En}`:"",rn=`${g.access_token}=${Gn.accessToken}; Path=/; HttpOnly; SameSite=Strict; Secure; Max-Age=${pr(i.accessToken.expiresIn??"15m")}${Sn}`;R.headers["Set-Cookie"]=rn}}let Qn=tn.valid?tn.payload.sub:j.userId,qn=tn.valid?tn.payload.roles:void 0,gn=tn.valid?tn.payload.claims:void 0;if(h.headers.set("x-access-token",N.access_token||""),h.headers.set("x-refresh-token",N.refresh_token||""),h.headers.set("x-session-id",N.session_token||""),h.headers.set("x-user-id",Qn||""),qn&&qn.length>0)h.headers.set("x-user-roles",qn.join(","));if(gn&&gn.length>0)h.headers.set("x-user-claims",gn.join(","))}}}).onAfterHandle(({request:h,set:R})=>{if(H){let z=h.headers.get("x-request-start-time"),V=z?parseInt(z,10):Date.now(),Q=Date.now()-V,B=new URL(h.url),J=typeof R.status==="number"?R.status:200;H.recordRequest({endpoint:B.pathname,method:h.method,status:J,responseTimeMs:Q,isError:J>=400,errorType:J>=500?"server_error":J>=400?"client_error":void 0})}if(k){let z=new URL(h.url),V={};h.headers.forEach((Q,B)=>{V[B]=Q}),k.recordRequest({path:z.pathname,method:h.method,timestamp:Date.now(),headers:V})}}).onError((h)=>{let{set:R,code:z,error:V}=h,Q=typeof z==="number"?z:500,B="Internal Server Error";if(V instanceof Error){let J=V.cause,G=J?.code;if(G==="23505")B=`Duplicate value: ${J?.detail||"A record with this value already exists"}`;else if(G==="23503")B=`Invalid reference: ${J?.detail||"Referenced record does not exist"}`;else if(G==="23502")B=`Missing required field: ${J?.column||J?.detail||"A required field is empty"}`;else if(G==="22P02")B=`Invalid input: ${J?.routine==="string_to_uuid"?"Invalid ID format":J?.detail||"Invalid data format"}`;else if(G)B=`Database error (${G}): ${J?.detail||J?.message||V.message}`;else B=V.message}return R.status=Q,Response.json({isSuccess:!1,message:B,status:Q,errors:[{message:B}],data:null})}),d.info("Creating routes for entities"),Yf(r,{db:l,schemaTables:E,schemaRelations:$,entities:e,logger:d,databaseUrl:w.databaseUrl,storage:o.storage,authorization:o.authorization,authMode:i?.mode,idpUrl:i?.idpUrl?process.env[i.idpUrl]||i.idpUrl:void 0,emailServiceAvailable:!!(o.email?.gmail?.enabled&&o.email.gmail.json_file_path)});let A=i?.mode==="consumer";if(i?.enabled&&!A&&l){let h=E.users,R=E.userSessions||E.user_sessions||E.sessions;if(!R&&i.sessions?.enabled)d.warn("[AUTH] sessions is enabled but user_sessions table not found in schema. Disabling sessions.");if(h){Rf(o);let{createAuthRoutes:z}=(fd(),za(e5)),{signJWT:V,verifyJWT:Q}=(po(),za(vd)),{generateSession:B,deleteSession:J}=(Cs(),za(zu));z(r,{authConfig:{db:l,logger:d,usersTable:h,sessionsTable:R,userRolesTable:E.userRoles,rolesTable:E.roles,roleClaimsTable:E.roleClaims,claimsTable:E.claims,authentication:{enabled:i.enabled,cookieDomain:o.authentication?.cookieDomain,accessToken:i.accessToken,refreshToken:i.refreshToken,sessionToken:i.sessionToken}},features:{login:i.login,register:i.register,logout:i.logout,refresh:i.refresh,passwordReset:(()=>{let G=!!(o.email?.gmail?.enabled&&o.email.gmail.json_file_path);if(i.passwordReset?.enabled&&!G)return d.warn("[AUTH] passwordReset is enabled but no email provider is configured. Disabling passwordReset."),{...i.passwordReset,enabled:!1};return i.passwordReset})(),passwordChange:i.passwordChange,passwordSet:i.passwordSet,sessions:i.sessions,magicLink:(()=>{let G=!!(o.email?.gmail?.enabled&&o.email.gmail.json_file_path);if(i.magicLink?.enabled&&!G)return d.warn("[AUTH] magicLink is enabled but no email provider is configured. Disabling magicLink."),{...i.magicLink,enabled:!1};return i.magicLink})(),me:i.me||{enabled:!0,route:"/auth/me"},invite:(()=>{let G=!!(o.email?.gmail?.enabled&&o.email.gmail.json_file_path);if(i.invite?.enabled&&!G)return d.warn("[AUTH] invite is enabled but no email provider is configured. Disabling invite."),{...i.invite,enabled:!1};return i.invite})(),captcha:i.captcha,oauth:i.oauth?.enabled&&w.oauthProviders?{...i.oauth,providers:w.oauthProviders}:void 0,apiKeys:i.apiKeys?.enabled?{enabled:!0,route:i.apiKeys.route,keyPrefix:i.apiKeys.keyPrefix,maxKeysPerUser:i.apiKeys.maxKeysPerUser,defaultExpiresIn:i.apiKeys.defaultExpiresIn,allowApplicationKeys:i.apiKeys.allowApplicationKeys,preventApiKeyManagement:i.apiKeys.preventApiKeyManagement}:void 0},sessionsTable:R,oauthAccountsTable:E.oauthAccounts,apiKeysTable:E.apiKeys,schemaTables:E,schemaRelations:$,databaseUrl:w.databaseUrl,admin:{impersonate:{enabled:!0},changeUserId:{enabled:!0}},schemaName:u,emailService:D,appName:o.appId,captchaService:(()=>{let G=me();if(!i.captcha?.enabled||!G)return null;return new Is({redis:{get:async(N)=>{let x=await G.read(N);return x.success?x.data:null},set:async(N,x,y)=>{await G.create(N,x,y?.ex)},del:async(N)=>{await G.remove(N)}},logger:d,config:{enabled:!0,type:i.captcha.type||"math",difficulty:i.captcha.difficulty||"medium",expiresIn:i.captcha.expiresIn||"5m",maxAttempts:i.captcha.maxAttempts||3,caseSensitive:i.captcha.caseSensitive??!1}})})(),tokenResponseConfig:{accessToken:{setHeadersEnabled:i.accessToken?.setHeadersEnabled??!0,returnJson:i.accessToken?.returnJson??!0},refreshToken:{setHeadersEnabled:i.refreshToken?.setHeadersEnabled??!0,returnJson:i.refreshToken?.returnJson??!0},sessionToken:{setHeadersEnabled:i.sessionToken?.setHeadersEnabled??!0,returnJson:i.sessionToken?.returnJson??!0}},helpers:{signAccessToken:(G,F,N)=>V({subject:G,expiresInSeconds:pr(i.accessToken?.expiresIn||"15m"),issuer:i.accessToken?.issuer,audience:i.accessToken?.audience,customClaims:{...F&&F.length>0?{roles:F}:{},...N&&N.length>0?{claims:N}:{}}},w.accessTokenSecret||"",i.accessToken?.algorithm||"HS256"),signRefreshToken:(G)=>V({subject:G,expiresInSeconds:pr(i.refreshToken?.expiresIn||"7d"),issuer:i.refreshToken?.issuer,audience:i.refreshToken?.audience},w.refreshTokenSecret||"",i.refreshToken?.algorithm||"HS256"),verifyRefreshToken:(G)=>Q(G,w.refreshTokenSecret||""),createSession:async(G)=>{let F=await B({userId:G.userId,deviceInfo:G.deviceInfo});return F.success?F.session.id:""},destroySession:async(G)=>J({sessionId:G}),saveSessionToDb:async(G,F)=>{if(!R||!l)return;let N=i.sessions,x=F.deviceInfo||{},y=x.deviceHint?`${x.browserName||""}-${x.osName||""}-${x.deviceType||""}-${x.deviceHint}`:`${x.browserName||""}-${x.osName||""}-${x.deviceType||""}`,O=await l.select().from(R).where(Ai(yn(R.userId,F.userId),yn(R.isActive,!0))),q=y&&!y.includes("--unknown")&&!y.includes("Bot/Crawler")&&!y.includes("Headless")&&y!=="--"&&y!=="--unknown",Z=await l.select().from(R).where(yn(R.userId,F.userId)),nn=q?!O.some((rn)=>rn.deviceFingerprint===y):!1,j=q?Z.some((rn)=>{let hn=rn;return hn.deviceFingerprint===y&&hn.approvalStatus==="approved"}):!1,I=O.some((rn)=>rn.approvalStatus==="approved"),K=F.loginMethod==="impersonation"||F.loginMethod==="impersonation_stop",tn=F.loginMethod?.startsWith("oauth:"),wn=!K&&N?.trustNewDevices===!1&&nn&&!j&&q&&I;d.info("[AUTH] Device fingerprint analysis",{userId:F.userId,deviceFingerprint:y,hasValidFingerprint:q,isNewDevice:nn,wasPreviouslyApproved:j,loginMethod:F.loginMethod,isImpersonationLogin:K,isOAuthLogin:tn,existingSessionCount:O.length,hasAnyApprovedSession:I,requiresApproval:wn});let ln=null,Qn="approved";if(wn){let rn=Z.find((Xn)=>{let Tn=Xn;return Tn.deviceFingerprint===y&&(Tn.approvalStatus==="pending"||Tn.approval_status==="pending")&&Tn.approvalToken});if(rn){let Xn=rn,Tn=Xn.approvalRequestedAt||Xn.approval_requested_at;if(Tn?Date.now()-new Date(Tn).getTime()<86400000:!0)return d.info("[AUTH] Reusing existing pending session for same device",{userId:F.userId,deviceFingerprint:y,existingSessionId:Xn.id}),{requiresApproval:!0,sessionId:Xn.id}}let{randomBytes:hn}=await import("crypto");ln=hn(32).toString("hex"),Qn="pending",d.info("[AUTH] New device requires approval",{userId:F.userId,deviceFingerprint:y,ipAddress:x.ipAddress})}let qn=O.filter((rn)=>{let hn=rn,Xn=(hn.deviceFingerprint||"").toLowerCase(),Tn=hn.ipAddress||"",Nr=(hn.userAgent||"").toLowerCase(),Qr=!Xn||Xn==="--"||Xn==="--unknown"||Xn.includes("bot/crawler")||Xn.includes("headless")||Xn.includes("unknown-unknown"),$r=Nr.includes("nucleusserveraction")||Nr.includes("serveraction")||Nr.includes("node-fetch")||Nr.includes("undici");return Qr&&(Tn==="127.0.0.1"||Tn==="::1"||Tn==="localhost"||!Tn)||$r});if(qn.length>0){for(let rn of qn)await l.update(R).set({isActive:!1,revokedAt:new Date,revokedReason:"bot_session_cleanup"}).where(yn(R.id,rn.id));d.info("[AUTH] Cleaned up stale bot/crawler sessions",{userId:F.userId,cleanedCount:qn.length})}if(!N?.allowMultipleDevices&&O.length>0){if(O.filter((hn)=>hn.deviceFingerprint===y).length===0&&nn)for(let hn of O)await l.update(R).set({isActive:!1,revokedAt:new Date,revokedReason:"new_device_login"}).where(yn(R.id,hn.id))}if(N?.maxActiveSessions){let{count:rn}=await import("drizzle-orm"),Xn=(await l.select({count:rn()}).from(R).where(Ai(yn(R.userId,F.userId),yn(R.isActive,!0))))[0]?.count||0;if(Xn>=N.maxActiveSessions){let{asc:Tn}=await import("drizzle-orm"),Nr=await l.select().from(R).where(Ai(yn(R.userId,F.userId),yn(R.isActive,!0))).orderBy(Tn(R.createdAt)).limit(Xn-N.maxActiveSessions+1);for(let Qr of Nr)await l.update(R).set({isActive:!1,revokedAt:new Date,revokedReason:"max_sessions_exceeded"}).where(yn(R.id,Qr.id))}}let gn=100;if(x.isHeadless)gn-=50;if(x.isBot)gn-=40;if(x.isSuspicious)d.warn("[AUTH] Suspicious login detected",{userId:F.userId,suspiciousPatterns:x.suspiciousPatterns,userAgent:x.userAgent,ipAddress:x.ipAddress});if(nn)gn-=25;if(!x.ipAddress||x.ipAddress==="unknown")gn-=20;if(!x.browserName)gn-=15;if(!x.osName)gn-=15;if(!x.deviceType||x.deviceType==="unknown")gn-=10;if(!x.deviceName||x.deviceName==="Unknown Device")gn-=5;let Gn=y&&!y.includes("--unknown")&&y!=="--",Un=x.ipAddress&&x.ipAddress!=="unknown";if(Gn){if(O.filter((hn)=>hn.deviceFingerprint===y).length>0)gn+=20}if(Un){if(O.filter((hn)=>hn.ipAddress===x.ipAddress).length>0)gn+=15}gn=Math.max(0,Math.min(100,gn));let En=50;if(await l.insert(R).values({id:G,userId:F.userId,tokenHash:G,deviceFingerprint:y,deviceName:x.deviceName,deviceType:x.deviceType,browserName:x.browserName,browserVersion:x.browserVersion,osName:x.osName,osVersion:x.osVersion,ipAddress:x.ipAddress,locationCountry:x.locationCountry,locationCity:x.locationCity,loginMethod:F.loginMethod||"password",rememberMe:F.rememberMe??!1,trustScore:gn,lastActivityAt:new Date,createdAt:new Date,expiresAt:new Date(Date.now()+pr(i.sessionToken?.expiresIn||"30d")*1000),isActive:Qn==="approved",approvalStatus:Qn,approvalToken:ln,approvalRequestedAt:wn?new Date:null}),!K&&D&&(N?.notifyOnNewDevice&&nn||gn<En||wn)){let rn=E.users;if(rn){let Xn=(await l.select().from(rn).where(yn(rn.id,F.userId)).limit(1))[0];if(Xn?.email){let Tn=gn<En,Nr=i.sessions?.route||"/auth/sessions",Qr=i.sessions?.approvalRedirectUrl||"",$r=!Qr||Qr.endsWith("/devices"),ar;if(!$r)ar=Qr;else{let It=F.requestOrigin;if(!It&&Qr)try{It=new URL(Qr).origin}catch{}ar=`${It||"http://localhost:9000"}${Nr}`}let Ha=ln?`${ar}/approve-page?token=${ln}`:"",s5=ln?`${ar}/reject-page?token=${ln}`:"",F0,j0,Ei=o.appId||"Nucleus",f5=new Date().toLocaleString("en-US",{dateStyle:"medium",timeStyle:"short"}),_5=`${x.browserName||"Unknown"} ${x.browserVersion||""} on ${x.osName||"Unknown"} ${x.osVersion||""}`,_d=(It)=>`
 <!DOCTYPE html>
 <html><head><meta charset="utf-8"><meta name="viewport" content="width=device-width,initial-scale=1.0"></head>
 <body style="margin:0;padding:0;background-color:#f4f4f5;font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',Roboto,sans-serif;">
@@ -1658,4 +1658,4 @@ ${It}
   ${It}
   ${ld}
   <p style="margin:16px 0 0;color:#6b7280;font-size:13px;">If this wasn't you, please secure your account immediately.</p>
-`)}D?.sendEmail({to:Xn.email,subject:F0,html:j0}).catch((It)=>{d.warn("[AUTH] Failed to send login notification email",{error:It,userId:F.userId,trustScore:gn,requiresApproval:wn})})}}}return d.info("[AUTH] Session saved to DB",{sessionId:G,userId:F.userId,isNewDevice:nn,requiresApproval:wn,deviceFingerprint:y,ipAddress:x.ipAddress}),{requiresApproval:wn,sessionId:G}},storeResetToken:async(G,F,N)=>{let x=S.passwordResetTokens;if(!x||!l)return;await l.insert(x).values({userId:G,tokenHash:F,expiresAt:N})},getResetToken:async(G)=>{let{eq:F}=Vn("drizzle-orm"),N=S.passwordResetTokens;if(!N||!l)return null;let y=(await l.select().from(N).where(F(N.tokenHash,G)).limit(1))[0];if(!y||y.usedAt)return null;return{userId:y.userId,expiresAt:y.expiresAt}},deleteResetToken:async(G)=>{let{eq:F}=Vn("drizzle-orm"),N=S.passwordResetTokens;if(!N||!l)return;await l.delete(N).where(F(N.tokenHash,G))},revokeSessionInDb:async(G,F)=>{if(!R||!l)return;await l.update(R).set({isActive:!1,revokedAt:new Date,revokedReason:F}).where(yn(R.id,G)),d.info("[AUTH] Session revoked in DB",{sessionId:G,reason:F})},sendResetEmail:async(G,F)=>{if(!D?.isAvailable()){d.warn("[AUTH] Cannot send reset email - gmail service not available");return}let N=`${i.passwordReset?.redirectUrl||"http://localhost:3000/reset-password"}?token=${F}`;await D.sendEmail({to:G,subject:"Password Reset Request",html:`<p>Click the link to reset your password:</p><a href="${N}">${N}</a>`})},storeMagicToken:async(G)=>{let F=S.magicLinkTokens;if(!F||!l)return;await l.insert(F).values({userId:G.userId,email:G.email,tokenHash:G.tokenHash,expiresAt:G.expiresAt})},getMagicToken:async(G)=>{let{eq:F}=Vn("drizzle-orm"),N=S.magicLinkTokens;if(!N||!l)return null;let y=(await l.select().from(N).where(F(N.tokenHash,G)).limit(1))[0];if(!y||y.usedAt)return null;return{userId:y.userId,email:y.email,tokenHash:y.tokenHash,expiresAt:y.expiresAt}},deleteMagicToken:async(G)=>{let{eq:F}=Vn("drizzle-orm"),N=S.magicLinkTokens;if(!N||!l)return;await l.delete(N).where(F(N.tokenHash,G))}}}),d.info("[AUTH] Routes registered")}}if(o.storage?.enabled&&o.storage?.cdn?.enabled){let{createCdnRoutes:h,mergeCdnConfig:R,mergeStorageConfig:B}=(Ae(),za(Iw)),Y=R(o.storage.cdn),X=B(o.storage),z=S.files;r.use(h({cdn:Y,storagePath:X.basePath,logger:d,getFileRecord:z&&l?async(J)=>{let G=z,F=await l.select().from(G).where(yn(G.id,J)).limit(1);if(F.length===0)return null;let N=F[0];return{id:N.id,name:N.name,path:N.path,mime_type:N.mimeType||N.mime_type}}:void 0})),d.info(`[Storage] CDN routes enabled at ${Y.basePath}`)}if(o.verification?.enabled&&l){let{routes:h}=eb({db:l,schemaTables:S,config:o.verification,notificationConfig:o.notification,logger:d,gmailService:D||void 0});r.use(h)}if(o.pubsub?.enabled){let h=me();if(h){let R=o.pubsub,{plugin:B}=Of({redis:h,logger:d,basePath:R.basePath||"/subs",wsPath:R.wsPath||"/api/events/subscribe",pubsubName:R.pubsubName||"pubsub-redis",maxClientsPerUser:R.maxClientsPerUser??10,wsIdleTimeout:R.wsIdleTimeout??120,ack:{enabled:R.ack?.enabled??!0,ttlSeconds:R.ack?.ttlSeconds??300,maxRetries:R.ack?.maxRetries??3,retryIntervalMs:R.ack?.retryIntervalMs??5000},presence:{enabled:R.presence?.enabled??!0,debounceMs:R.presence?.debounceMs??5000},cleanupIntervalMs:R.cleanupIntervalMs??60000,getLiveMonitoringService:()=>k});r.use(B),d.info("[PubSub] Enabled",{basePath:R.basePath||"/subs",wsPath:R.wsPath||"/api/events/subscribe"})}else d.warn("[PubSub] pubsub is enabled but Redis is not configured. Disabling PubSub.")}return r.onStart(()=>{let h=Number(process.env.PORT)||3000,R=o.appId||"nucleus",B=o.mode||"production";console.log(""),console.log(`  \x1B[32m\uD83D\uDE80 ${R}\x1B[0m \x1B[90mv${Date.now()}\x1B[0m`),console.log(`  \x1B[36m\u279C\x1B[0m  Local:   \x1B[36mhttp://localhost:${h}\x1B[0m`),console.log(`  \x1B[36m\u279C\x1B[0m  Mode:    \x1B[33m${B}\x1B[0m`),console.log("")}),r}export{as as usePubSubStore,P5 as usePubSub,U5 as serverFetch,Sd as generateVerificationEndpoints,hd as generateSystemTableEndpoints,Ad as generateMonitoringEndpoints,md as generateEndpointsFromConfig,$d as generateAuthEndpoints,D5 as generateAllEndpoints,Ed as generateAdminEndpoints,L5 as createServerFactory,$5 as createApiHook,ki as ServerFetch,ES as NucleusElysiaPlugin,K0 as AUTH_ENDPOINT_CONFIGS};
+`)}D?.sendEmail({to:Xn.email,subject:F0,html:j0}).catch((It)=>{d.warn("[AUTH] Failed to send login notification email",{error:It,userId:F.userId,trustScore:gn,requiresApproval:wn})})}}}return d.info("[AUTH] Session saved to DB",{sessionId:G,userId:F.userId,isNewDevice:nn,requiresApproval:wn,deviceFingerprint:y,ipAddress:x.ipAddress}),{requiresApproval:wn,sessionId:G}},storeResetToken:async(G,F,N)=>{let x=E.passwordResetTokens;if(!x||!l)return;await l.insert(x).values({userId:G,tokenHash:F,expiresAt:N})},getResetToken:async(G)=>{let{eq:F}=Vn("drizzle-orm"),N=E.passwordResetTokens;if(!N||!l)return null;let y=(await l.select().from(N).where(F(N.tokenHash,G)).limit(1))[0];if(!y||y.usedAt)return null;return{userId:y.userId,expiresAt:y.expiresAt}},deleteResetToken:async(G)=>{let{eq:F}=Vn("drizzle-orm"),N=E.passwordResetTokens;if(!N||!l)return;await l.delete(N).where(F(N.tokenHash,G))},revokeSessionInDb:async(G,F)=>{if(!R||!l)return;await l.update(R).set({isActive:!1,revokedAt:new Date,revokedReason:F}).where(yn(R.id,G)),d.info("[AUTH] Session revoked in DB",{sessionId:G,reason:F})},sendResetEmail:async(G,F)=>{if(!D?.isAvailable()){d.warn("[AUTH] Cannot send reset email - gmail service not available");return}let N=`${i.passwordReset?.redirectUrl||"http://localhost:3000/reset-password"}?token=${F}`;await D.sendEmail({to:G,subject:"Password Reset Request",html:`<p>Click the link to reset your password:</p><a href="${N}">${N}</a>`})},storeMagicToken:async(G)=>{let F=E.magicLinkTokens;if(!F||!l)return;await l.insert(F).values({userId:G.userId,email:G.email,tokenHash:G.tokenHash,expiresAt:G.expiresAt})},getMagicToken:async(G)=>{let{eq:F}=Vn("drizzle-orm"),N=E.magicLinkTokens;if(!N||!l)return null;let y=(await l.select().from(N).where(F(N.tokenHash,G)).limit(1))[0];if(!y||y.usedAt)return null;return{userId:y.userId,email:y.email,tokenHash:y.tokenHash,expiresAt:y.expiresAt}},deleteMagicToken:async(G)=>{let{eq:F}=Vn("drizzle-orm"),N=E.magicLinkTokens;if(!N||!l)return;await l.delete(N).where(F(N.tokenHash,G))}}}),d.info("[AUTH] Routes registered")}}if(o.storage?.enabled&&o.storage?.cdn?.enabled){let{createCdnRoutes:h,mergeCdnConfig:R,mergeStorageConfig:z}=(Ae(),za(Iw)),V=R(o.storage.cdn),Q=z(o.storage),B=E.files;r.use(h({cdn:V,storagePath:Q.basePath,logger:d,getFileRecord:B&&l?async(J)=>{let G=B,F=await l.select().from(G).where(yn(G.id,J)).limit(1);if(F.length===0)return null;let N=F[0];return{id:N.id,name:N.name,path:N.path,mime_type:N.mimeType||N.mime_type}}:void 0})),d.info(`[Storage] CDN routes enabled at ${V.basePath}`)}if(o.verification?.enabled&&l){let{routes:h}=eb({db:l,schemaTables:E,config:o.verification,notificationConfig:o.notification,logger:d,gmailService:D||void 0});r.use(h)}if(o.pubsub?.enabled){let h=me();if(h){let R=o.pubsub,{plugin:z}=Of({redis:h,logger:d,basePath:R.basePath||"/subs",wsPath:R.wsPath||"/api/events/subscribe",pubsubName:R.pubsubName||"pubsub-redis",maxClientsPerUser:R.maxClientsPerUser??10,wsIdleTimeout:R.wsIdleTimeout??120,ack:{enabled:R.ack?.enabled??!0,ttlSeconds:R.ack?.ttlSeconds??300,maxRetries:R.ack?.maxRetries??3,retryIntervalMs:R.ack?.retryIntervalMs??5000},presence:{enabled:R.presence?.enabled??!0,debounceMs:R.presence?.debounceMs??5000},cleanupIntervalMs:R.cleanupIntervalMs??60000,getLiveMonitoringService:()=>k});r.use(z),d.info("[PubSub] Enabled",{basePath:R.basePath||"/subs",wsPath:R.wsPath||"/api/events/subscribe"})}else d.warn("[PubSub] pubsub is enabled but Redis is not configured. Disabling PubSub.")}return r.onStart(()=>{let h=Number(process.env.PORT)||3000,R=o.appId||"nucleus",z=o.mode||"production";console.log(""),console.log(`  \x1B[32m\uD83D\uDE80 ${R}\x1B[0m \x1B[90mv${Date.now()}\x1B[0m`),console.log(`  \x1B[36m\u279C\x1B[0m  Local:   \x1B[36mhttp://localhost:${h}\x1B[0m`),console.log(`  \x1B[36m\u279C\x1B[0m  Mode:    \x1B[33m${z}\x1B[0m`),console.log("")}),r}export{as as usePubSubStore,P5 as usePubSub,U5 as serverFetch,Sd as generateVerificationEndpoints,hd as generateSystemTableEndpoints,Ad as generateMonitoringEndpoints,md as generateEndpointsFromConfig,$d as generateAuthEndpoints,D5 as generateAllEndpoints,Ed as generateAdminEndpoints,L5 as createServerFactory,$5 as createApiHook,ki as ServerFetch,ES as NucleusElysiaPlugin,K0 as AUTH_ENDPOINT_CONFIGS};