nucleus-core-ts 0.8.69 → 0.8.71
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +1 -1
- package/package.json +2 -2
package/dist/index.js
CHANGED
|
@@ -62,7 +62,7 @@ var b2=Object.create;var{getPrototypeOf:g2,defineProperty:ta,getOwnPropertyNames
|
|
|
62
62
|
<p>Your account has been created via ${M} login. You can optionally set a password to also sign in with your email and password.</p>
|
|
63
63
|
<p><a href="${Sn}">Set your password</a></p>
|
|
64
64
|
<p>This link expires in 7 days. If you don't want to set a password, you can always sign in with ${M}.</p>
|
|
65
|
-
`}),b.info("[OAUTH] Invite email sent to new OAuth user",{userId:j,email:V.email,provider:M})}catch(ot){b.warn("[OAUTH] Failed to send invite email",{userId:j,error:ot})}}await u.update($).set({lastLoginAt:new Date}).where(kr($.id,j));let L=R.request.headers.get("cf-connecting-ip")?.trim()||R.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||R.request.headers.get("x-real-ip")?.trim()||"127.0.0.1",J=R.request.headers.get("user-agent")||"Unknown Browser",W=di(J,L),X=t(j),O=o(j),F={userId:j,deviceInfo:W,loginMethod:`oauth:${M}`,rememberMe:!0},K=await e(F);if(a)await a(K,F);await b.audit({entityName:"users",entityId:j,operation:"LOGIN",userId:j,summary:`${V.email??V.providerAccountId} logged in via OAuth (${M})`,ipAddress:L,userAgent:J,path:`${A}/${M}/callback`,query:""});let q=_.secure?"; Secure":"",rn=`; Path=${_.path}; HttpOnly; SameSite=${_.sameSite}${q}`,en=[];if(m.accessToken.setHeadersEnabled)en.push(`${_.accessTokenName}=${X}${rn}; Max-Age=${_.accessTokenMaxAge}`);if(m.refreshToken.setHeadersEnabled)en.push(`${_.refreshTokenName}=${O}${rn}; Max-Age=${_.refreshTokenMaxAge}`);if(m.sessionToken.setHeadersEnabled)en.push(`${_.sessionTokenName}=${K}${rn}; Max-Age=${_.sessionTokenMaxAge}`);let gn=g.redirectUrl||r.successRedirectUrl,Gn=new Headers;Gn.set("Location",gn);for(let T of en)Gn.append("Set-Cookie",T);return new Response(null,{status:302,headers:Gn})},{detail:{tags:["Authentication"],summary:"OAuth Callback",description:"Handles the OAuth provider callback, creates session and sets cookies"}}),E.get(`${A}/providers`,()=>{return{success:!0,data:{providers:r.getEnabledProviders()}}},{detail:{tags:["Authentication"],summary:"List OAuth Providers",description:"Returns the list of enabled OAuth providers"}}),E.get(`${A}/link/:provider`,async(R)=>{let M=R.params.provider;if(!r.isProviderEnabled(M))return R.set.status=404,{success:!1,message:`OAuth provider "${M}" is not enabled`};if(!r.allowAccountLinking)return R.set.status=403,{success:!1,message:"Account linking is disabled"};let S=R.userId;if(!S)return R.set.status=401,{success:!1,message:"Authentication required to link accounts"};let x=R.query.redirect_url,D=r.buildAuthorizationUrl(M,S,x);return R.set.status=302,R.set.headers.Location=D,null},{detail:{tags:["Authentication"],summary:"Link OAuth Account",description:"Redirects to provider to link an OAuth account to the current user"}}),E.delete(`${A}/unlink/:provider`,async(R)=>{let M=R.params.provider,S=R.userId;if(!S)return R.set.status=401,{success:!1,message:"Authentication required"};if(!u)return R.set.status=500,{success:!1,message:"Database not configured"};let x=n.oauthAccountsTable;if(!x)return R.set.status=500,{success:!1,message:"OAuth accounts table not configured"};if((await u.select().from(x).where(ss(kr(x.userId,S),kr(x.provider,M))).limit(1)).length===0)return{success:!1,message:`No linked ${M} account found`};let w=!!(await u.select().from($).where(kr($.id,S)).limit(1))[0]?.password,g=await u.select().from(x).where(kr(x.userId,S));if(!w&&g.length<=1)return R.set.status=400,{success:!1,message:"Cannot unlink the only login method. Set a password first."};return await u.delete(x).where(ss(kr(x.userId,S),kr(x.provider,M))),b.info("[OAUTH] Account unlinked",{userId:S,provider:M}),{success:!0,message:`${M} account unlinked successfully`}},{detail:{tags:["Authentication"],summary:"Unlink OAuth Account",description:"Removes a linked OAuth account from the current user"}}),E.get(`${A}/accounts`,async(R)=>{let M=R.userId;if(!M)return R.set.status=401,{success:!1,message:"Authentication required"};if(!u)return R.set.status=500,{success:!1,message:"Database not configured"};let S=n.oauthAccountsTable;if(!S)return{success:!0,data:{accounts:[]}};return{success:!0,data:{accounts:(await u.select().from(S).where(kr(S.userId,M))).map((k)=>({id:k.id,provider:k.provider,providerEmail:k.providerEmail,providerName:k.providerName,providerAvatarUrl:k.providerAvatarUrl,isPrimary:k.isPrimary,lastUsedAt:k.lastUsedAt,createdAt:k.createdAt}))}}},{detail:{tags:["Authentication"],summary:"List Linked OAuth Accounts",description:"Returns all OAuth accounts linked to the current user"}}),E}var y1=d(()=>{ui();Ba()});import{t as Ho}from"elysia";var cd,F4;var id=d(()=>{cd=Ho.Object({currentPassword:Ho.String({minLength:1}),newPassword:Ho.String({minLength:8}),confirmPassword:Ho.String({minLength:8})}),F4=Ho.Object({success:Ho.Boolean(),message:Ho.Optional(Ho.String())})});function n2(n,r){return n===r}import{eq as r2}from"drizzle-orm";import{Elysia as j4}from"elysia";function ls(n,r){let{db:t,logger:o,usersTable:e}=n,a=r.route||"/auth/password-change",c=new j4;if(!r.enabled)return c;return c.post(a,async(i)=>{if(!t||!e)return i.set.status=500,{success:!1,message:"Database not configured"};let s=i.request.headers.get("x-user-id");if(!s)return i.set.status=401,{success:!1,message:"Authentication required"};let{currentPassword:l,newPassword:f,confirmPassword:u}=i.body;if(!n2(f,u))return i.set.status=422,{success:!1,message:"New passwords do not match"};let $=(await t.select().from(e).where(r2(e.id,s)).limit(1))[0];if(!$)return i.set.status=404,{success:!1,message:"User not found"};let A=await fi(l,$.password),_=new URL(i.request.url),m=i.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||i.request.headers.get("x-real-ip")?.trim()||"unknown",E=i.request.headers.get("user-agent")||"unknown";if(!A)return o.warn("[AUTH] Password change failed - invalid current password",{userId:s}),o.audit({entityName:"users",entityId:s,operation:"PASSWORD_CHANGE_FAILED",userId:s,summary:"Password change failed: invalid current password",ipAddress:m,userAgent:E,path:_.pathname,query:_.search}),i.set.status=400,{success:!1,message:"Current password is incorrect"};let R=await go(f);return await t.update(e).set({password:R,updatedAt:new Date}).where(r2(e.id,s)),o.info("[AUTH] Password change successful",{userId:s}),o.audit({entityName:"users",entityId:s,operation:"PASSWORD_CHANGE",userId:s,summary:"Password changed successfully",ipAddress:m,userAgent:E,path:_.pathname,query:_.search}),{success:!0,message:"Password changed successfully"}},{body:cd,detail:{tags:["Authentication"],summary:"Change Password",description:"Change password for authenticated user"}}),c}var sd=d(()=>{ui();Je();id();id()});import{t as Jt}from"elysia";var ld,fd,p4;var dd=d(()=>{ld=Jt.Object({email:Jt.String({format:"email"})}),fd=Jt.Object({token:Jt.String(),newPassword:Jt.String({minLength:8}),confirmPassword:Jt.String({minLength:8})}),p4=Jt.Object({success:Jt.Boolean(),message:Jt.Optional(Jt.String())})});import{randomBytes as K4}from"crypto";function t2(){return K4(32).toString("hex")}function o2(n){return new Date>n}var e2=()=>{};import{Elysia as T4}from"elysia";function fs(n,r,t,o,e,a){let{db:c,logger:i,usersTable:s}=n,l=r.route||"/auth/password-reset",f=new T4;if(!r.enabled)return f;return f.post(`${l}/request`,async(u)=>{if(!c||!s)return{success:!1,message:"Database not configured"};let{email:b}=u.body,{eq:$}=await import("drizzle-orm"),_=(await c.select().from(s).where($(s.email,b)).limit(1))[0];if(!_)return{success:!0,message:"If email exists, reset link will be sent"};let m=t2(),E=new Date(Date.now()+3600000);if(await t(_.id,m,E),a)try{await a(b,m),i.info("[AUTH] Password reset email sent",{email:b})}catch(M){i.error("[AUTH] Failed to send password reset email",{email:b,error:M})}else i.warn("[AUTH] sendResetEmail not configured - email not sent",{email:b});i.info("[AUTH] Password reset requested",{userId:_.id,email:b});let R=new URL(u.request.url);return i.audit({entityName:"users",entityId:_.id,operation:"PASSWORD_RESET_REQUEST",userId:_.id,summary:`Password reset requested for ${b}`,ipAddress:u.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||u.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:u.request.headers.get("user-agent")||"unknown",path:R.pathname,query:R.search}),{success:!0,message:"If email exists, reset link will be sent"}},{body:ld,detail:{tags:["Authentication"],summary:"Request Password Reset",description:"Request a password reset email"}}),f.post(`${l}/confirm`,async(u)=>{if(!c||!s)return{success:!1,message:"Database not configured"};let{token:b,newPassword:$,confirmPassword:A}=u.body;if($!==A)return{success:!1,message:"Passwords do not match"};let _=await o(b);if(!_)return{success:!1,message:"Invalid or expired reset token"};if(o2(_.expiresAt))return await e(b),{success:!1,message:"Reset token has expired"};let m=await go($),{eq:E}=await import("drizzle-orm");await c.update(s).set({password:m}).where(E(s.id,_.userId)),await e(b),i.info("[AUTH] Password reset successful",{userId:_.userId});let R=new URL(u.request.url);return i.audit({entityName:"users",entityId:_.userId,operation:"PASSWORD_RESET",userId:_.userId,summary:"Password reset completed successfully",ipAddress:u.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||u.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:u.request.headers.get("user-agent")||"unknown",path:R.pathname,query:R.search}),{success:!0,message:"Password has been reset"}},{body:fd,detail:{tags:["Authentication"],summary:"Confirm Password Reset",description:"Reset password with token"}}),f}var ud=d(()=>{Je();dd();e2();dd()});import{t as yt}from"elysia";var bd,v4;var gd=d(()=>{bd=yt.Object({newPassword:yt.String({minLength:8}),userId:yt.Optional(yt.String()),token:yt.Optional(yt.String())}),v4=yt.Object({success:yt.Boolean(),message:yt.String()})});import{eq as a2}from"drizzle-orm";import{Elysia as I4}from"elysia";function ds(n,r,t,o){let{db:e,logger:a,usersTable:c}=n,i=r.route||"/auth/password-set",s=new I4;if(!r.enabled)return s;return s.post(i,async(l)=>{if(a.info("[AUTH] Password set request received"),!e||!c)return a.error("[AUTH] Password set failed - database not configured"),{success:!1,message:"Database not configured"};let{newPassword:f,userId:u,token:b}=l.body,$=u;if(b&&t&&o){let R=dt(b),M=await t(R);if(!M)return a.warn("[AUTH] Password set failed - invalid token"),{success:!1,message:"Invalid or expired token"};if(new Date>M.expiresAt)return await o(R),a.warn("[AUTH] Password set failed - expired token",{email:M.email}),{success:!1,message:"Invalid or expired token"};$=M.userId,a.info("[AUTH] Password set - userId resolved from token",{userId:$,email:M.email})}if(!$)return a.warn("[AUTH] Password set failed - no userId in payload or token"),{success:!1,message:"User ID or token required"};let _=(await e.select().from(c).where(a2(c.id,$)).limit(1))[0];if(a.info("[AUTH] Password set - user found",{found:!!_,hasPassword:!!_?.password}),!_)return{success:!1,message:"User not found"};if(_.password)return a.warn("[AUTH] Password set failed - user already has password",{userId:$}),{success:!1,message:"Password already set. Use password change instead."};let m=await go(f);a.info("[AUTH] Password set - updating user with verifiedAt",{userId:$});let E=await e.update(c).set({password:m,verifiedAt:new Date,updatedAt:new Date}).where(a2(c.id,$));if(a.info("[AUTH] Password set successful for invited user",{userId:$,updateResult:E}),b&&o){let R=dt(b);await o(R),a.info("[AUTH] Invite token consumed after password set",{userId:$})}return{success:!0,message:"Password set successfully"}},{body:bd,detail:{tags:["Authentication"],summary:"Set Password",description:"Set password for the first time (for invited users who do not have a password yet)"}}),s}var _d=d(()=>{Ba();Je();gd();gd()});function md(n){let r=n.match(/^(\d+)([smhd])$/);if(!r)return 900;let t=r[1],o=r[2];if(!t||!o)return 900;let e=parseInt(t,10);switch(o){case"s":return e;case"m":return e*60;case"h":return e*3600;case"d":return e*86400;default:return 900}}import{t as ae}from"elysia";var Z4;var c2=d(()=>{Z4=ae.Object({success:ae.Boolean(),message:ae.Optional(ae.String()),data:ae.Optional(ae.Object({accessToken:ae.String()}))})});import{Elysia as y4}from"elysia";function us(n,r,t,o,e,a,c){let{logger:i,authentication:s}=n,l=r.route||"/auth/refresh",f=new y4;if(!r.enabled)return f;return f.post(l,async(u)=>{let b=s?.refreshToken?.name||"refresh_token",$=s?.accessToken?.name||"access_token",A=u.request.headers.get("x-refresh-token");if(!A){let Q=u.request.headers.get("cookie");if(Q)A=Q.split(";").reduce((L,J)=>{let[W,X]=J.trim().split("=");if(W&&X)L[W]=X;return L},{})[b]||null}if(!A)return u.set.status=401,{success:!1,message:"Refresh token required"};let _=t(A);if(!_.valid||!_.payload)return i.warn("[AUTH] Refresh failed - invalid token"),u.set.status=401,{success:!1,message:"Invalid refresh token"};let m=_.payload.sub,E=o(m),R=e?e(m):null,M=a?.accessToken?.setHeadersEnabled??!0,S=a?.accessToken?.returnJson??!0,x=a?.refreshToken?.setHeadersEnabled??!0,D=a?.refreshToken?.returnJson??!1,k=s?.accessToken?.expiresIn||"15m",B=Math.max(0,md(k)-(c??0)),w=s?.refreshToken?.expiresIn||"7d",g=md(w),Y=new Headers;if(Y.set("Content-Type","application/json"),M)Y.append("Set-Cookie",`${$}=${E}; Path=/; HttpOnly; SameSite=Strict; Secure; Max-Age=${B}`);if(R&&x)Y.append("Set-Cookie",`${b}=${R}; Path=/; HttpOnly; SameSite=Strict; Secure; Max-Age=${g}`);i.info("[AUTH] Token refresh successful",{userId:m,rotatedRefreshToken:!!R});let V={};if(S)V.accessToken=E;if(R&&D)V.refreshToken=R;let C=JSON.stringify({success:!0,data:V});return new Response(C,{status:200,headers:Y})},{detail:{tags:["Authentication"],summary:"Refresh Token",description:"Get new access token using refresh token"}}),f}var wd=d(()=>{c2()});import{t as Yr}from"elysia";var hd,nE;var $d=d(()=>{hd=Yr.Object({email:Yr.String({format:"email"}),password:Yr.String({minLength:8}),confirmPassword:Yr.Optional(Yr.String({minLength:8}))}),nE=Yr.Object({success:Yr.Boolean(),message:Yr.Optional(Yr.String()),data:Yr.Optional(Yr.Object({user:Yr.Object({id:Yr.String(),email:Yr.String()})}))})});import{eq as rE}from"drizzle-orm";import{Elysia as tE}from"elysia";function bs(n,r,t,o,e,a,c,i,s,l){let{db:f,logger:u,usersTable:b}=n,$=r.route||"/auth/register",A={accessTokenName:c?.accessTokenName||"access_token",refreshTokenName:c?.refreshTokenName||"refresh_token",sessionTokenName:c?.sessionTokenName||"session_token",accessTokenMaxAge:c?.accessTokenMaxAge||900,refreshTokenMaxAge:c?.refreshTokenMaxAge||604800,sessionTokenMaxAge:c?.sessionTokenMaxAge||900,secure:c?.secure??!0,httpOnly:c?.httpOnly??!0,sameSite:c?.sameSite||"strict",path:c?.path||"/"},_=new tE;if(!r.enabled)return _;return _.post($,async(m)=>{if(!f||!b)return m.set.status=500,{success:!1,message:"Database not configured"};let{email:E,password:R,confirmPassword:M}=m.body;if(M&&R!==M)return m.set.status=400,{success:!1,message:"Passwords do not match"};let S=Zg(R);if(!S.valid)return m.set.status=400,{success:!1,message:"Password too weak",errors:S.errors};let x=await f.select().from(b).where(rE(b.email,E)).limit(1),D=new URL(m.request.url),k=m.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||m.request.headers.get("x-real-ip")?.trim()||"unknown",B=m.request.headers.get("user-agent")||"unknown";if(x.length>0)return u.warn("[AUTH] Registration failed - email exists",{email:E}),u.audit({entityName:"users",operation:"REGISTER_FAILED",summary:`Registration failed: email already exists (${E})`,ipAddress:k,userAgent:B,path:D.pathname,query:D.search}),m.set.status=409,{success:!1,message:"Email already registered"};let w=await go(R),g=r.emailVerification?.enabled&&s?.isAvailable(),Y=g?ei():null,V=r.emailVerification?.tokenExpiresIn||"24h",C=g?new Date(Date.now()+Ye(V)):null,Q={email:E,password:w};if(g&&Y)Q.emailVerificationToken=Y,Q.emailVerificationTokenExpiresAt=C,Q.emailVerificationSentAt=new Date,Q.emailVerificationAttempts=1;let L=(await f.insert(b).values(Q).returning())[0];if(u.info("[AUTH] Registration successful",{userId:L.id,email:E,emailVerificationEnabled:g}),u.audit({entityName:"users",entityId:L.id,operation:"REGISTER",userId:L.id,summary:`New user registered: ${E}`,ipAddress:k,userAgent:B,path:D.pathname,query:D.search}),g&&s&&Y){let W=`${(r.emailVerification?.redirectUrl||"http://localhost:3000/login").replace("/login","/verify-email")}?token=${Y}`;s.sendVerificationEmail(E,E.split("@")[0]||"User",W,l||"Nucleus").then((K)=>{if(K.success)u.info("[AUTH] Verification email sent",{email:E});else u.error("[AUTH] Failed to send verification email",{email:E,error:K.error})}).catch((K)=>{u.error("[AUTH] Failed to send verification email",{email:E,error:K})});let X=r.emailVerification?.resendCooldown||"60s",O=Ye(X)/1000,F=r.emailVerification?.maxResendAttempts||3;return{success:!0,message:"Registration successful. Please check your email to verify your account.",data:{user:{id:L.id,email:L.email},emailVerificationRequired:!0,verification:{cooldownSeconds:O,canResendAt:new Date(Date.now()+O*1000).toISOString(),attemptsRemaining:F-1,maxAttempts:F}}}}if(t)t(E,E.split("@")[0]||"User").catch((J)=>{u.error("[AUTH] Failed to send welcome email",{email:E,error:J})});if(o&&e&&a){let J=m.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||m.request.headers.get("x-real-ip")?.trim()||"unknown",W=m.request.headers.get("user-agent")||"",X=o(L.id),O=e(L.id),F=await a({userId:L.id,deviceInfo:{ipAddress:J,userAgent:W},loginMethod:"register"}),K={accessToken:{setHeadersEnabled:i?.accessToken?.setHeadersEnabled??!0,returnJson:i?.accessToken?.returnJson??!0},refreshToken:{setHeadersEnabled:i?.refreshToken?.setHeadersEnabled??!0,returnJson:i?.refreshToken?.returnJson??!0},sessionToken:{setHeadersEnabled:i?.sessionToken?.setHeadersEnabled??!0,returnJson:i?.sessionToken?.returnJson??!0}},q=A.secure?"; Secure":"",rn=`; Path=${A.path}; HttpOnly; SameSite=${A.sameSite}${q}`,en=[];if(K.accessToken.setHeadersEnabled)en.push(`${A.accessTokenName}=${X}${rn}; Max-Age=${A.accessTokenMaxAge}`);if(K.refreshToken.setHeadersEnabled)en.push(`${A.refreshTokenName}=${O}${rn}; Max-Age=${A.refreshTokenMaxAge}`);if(K.sessionToken.setHeadersEnabled)en.push(`${A.sessionTokenName}=${F}${rn}; Max-Age=${A.sessionTokenMaxAge}`);let gn={user:{id:L.id,email:L.email}};if(K.accessToken.returnJson)gn.accessToken=X;if(K.refreshToken.returnJson)gn.refreshToken=O;if(K.sessionToken.returnJson)gn.sessionId=F;let Gn=JSON.stringify({success:!0,data:gn}),T=new Headers;T.set("Content-Type","application/json"),T.set("x-session-id",F);for(let tn of en)T.append("Set-Cookie",tn);return new Response(Gn,{status:200,headers:T})}return{success:!0,data:{user:{id:L.id,email:L.email}}}},{body:hd,detail:{tags:["Authentication"],summary:"Register",description:"Register a new user account"}}),_}var Ad=d(()=>{$d();Je();$d()});import{t as I}from"elysia";var i2,oE,Rd,kd,zq;var Ed=d(()=>{i2=I.Object({id:I.String(),deviceName:I.Optional(I.String()),deviceType:I.Optional(I.String()),browserName:I.Optional(I.String()),browserVersion:I.Optional(I.String()),osName:I.Optional(I.String()),osVersion:I.Optional(I.String()),ipAddress:I.String(),locationCountry:I.Optional(I.String()),locationCity:I.Optional(I.String()),lastActivityAt:I.String(),createdAt:I.String(),isCurrent:I.Boolean(),loginMethod:I.Optional(I.String()),trustScore:I.Optional(I.Number())}),oE=I.Object({success:I.Boolean(),data:I.Optional(I.Object({sessions:I.Array(i2),currentSessionId:I.Optional(I.String()),totalCount:I.Number()})),message:I.Optional(I.String())}),Rd=I.Object({reason:I.Optional(I.String())}),kd=I.Object({excludeCurrent:I.Optional(I.Boolean()),reason:I.Optional(I.String())}),zq=I.Object({success:I.Boolean(),data:I.Optional(I.Object({recentActivity:I.Array(I.Object({sessionId:I.String(),action:I.String(),ipAddress:I.String(),timestamp:I.String(),deviceInfo:I.Optional(I.String())}))})),message:I.Optional(I.String())})});function gs(n){let r=(o,e)=>n[o]??n[e],t=(o,e)=>{let a=n[o]??n[e];if(!a)return;return a instanceof Date?a.toISOString():String(a)};return{id:n.id,deviceName:r("device_name","deviceName"),deviceType:r("device_type","deviceType"),deviceFingerprint:r("device_fingerprint","deviceFingerprint"),browserName:r("browser_name","browserName"),browserVersion:r("browser_version","browserVersion"),osName:r("os_name","osName"),osVersion:r("os_version","osVersion"),ipAddress:r("ip_address","ipAddress"),locationCountry:r("location_country","locationCountry"),locationCity:r("location_city","locationCity"),lastActivityAt:t("last_activity_at","lastActivityAt"),createdAt:t("created_at","createdAt"),isCurrent:r("is_current","isCurrent"),loginMethod:r("login_method","loginMethod"),trustScore:r("trust_score","trustScore")}}var s2=()=>{};import{and as zo,desc as l2,eq as Fn,isNull as f2}from"drizzle-orm";import{Elysia as eE}from"elysia";function _s(n,r,t){let{db:o,logger:e}=n,a=r.route||"/auth/sessions",c=new eE;if(!r.enabled||!t)return c;let i=t,s=(l)=>{let f=l.replace(/([A-Z])/g,"_$1").toLowerCase();return i[l]||i[f]};return c.get(a,async(l)=>{if(!o)return{success:!1,message:"Database not configured"};let f=l.request.headers.get("x-user-id");if(!f)return{success:!1,message:"Authentication required"};let u=l.request.headers.get("x-session-id"),b=await o.select().from(t).where(zo(Fn(s("userId"),f),Fn(s("isActive"),!0),f2(s("revokedAt")))).orderBy(l2(s("lastActivityAt"))),$=b.filter((_)=>{let m=_,E=(m.deviceFingerprint||"").toLowerCase(),R=m.ipAddress||"";return!((!E||E==="--"||E==="--unknown"||E.includes("bot/crawler")||E.includes("headless")||E.includes("unknown-unknown"))&&(R==="127.0.0.1"||R==="::1"||R==="localhost"||!R))}),A=$.map((_)=>{let m=_,E=gs(m);return E.isCurrent=m.id===u,E});return e.info("[AUTH] Sessions list retrieved",{userId:f,totalInDb:b.length,filteredCount:$.length,hiddenBotSessions:b.length-$.length}),{success:!0,data:{sessions:A,currentSessionId:u,totalCount:$.length}}},{detail:{tags:["Authentication"],summary:"List active sessions",description:"Get all active sessions for the current user"}}),c.get(`${a}/current`,async(l)=>{if(!o)return{success:!1,message:"Database not configured"};let f=l.request.headers.get("x-user-id"),u=l.request.headers.get("x-session-id");if(!f||!u)return{success:!1,message:"Authentication required"};let b=await o.select().from(t).where(Fn(s("id"),u)).limit(1);if(b.length===0)return{success:!1,message:"Session not found"};let $=b[0],A=gs($);return A.isCurrent=!0,{success:!0,data:A}},{detail:{tags:["Authentication"],summary:"Get current session",description:"Get details of the current session"}}),c.delete(`${a}/:sessionId`,async(l)=>{if(!o)return{success:!1,message:"Database not configured"};let f=l.request.headers.get("x-user-id");if(!f)return{success:!1,message:"Authentication required"};let{sessionId:u}=l.params,b=l.body,$=l.request.headers.get("x-session-id");if((await o.select().from(t).where(zo(Fn(s("id"),u),Fn(s("userId"),f))).limit(1)).length===0)return{success:!1,message:"Session not found"};let _=u===$;await o.update(t).set({isActive:!1,revokedAt:new Date,revokedReason:_?"user_logout":b.reason||"user_revoked"}).where(Fn(s("id"),u)),e.info("[AUTH] Session revoked",{userId:f,sessionId:u,isCurrentSession:_,reason:b.reason||"user_revoked"});let m=new URL(l.request.url);return e.audit({entityName:"user_sessions",entityId:u,operation:_?"LOGOUT":"SESSION_REVOKE",userId:f||void 0,summary:_?"User logged out via session revoke":`Session revoked (${u.substring(0,8)}...)`,ipAddress:l.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||l.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:l.request.headers.get("user-agent")||"unknown",path:m.pathname,query:m.search}),{success:!0,message:_?"Logged out successfully":"Session revoked successfully"}},{body:Rd,detail:{tags:["Authentication"],summary:"Revoke session",description:"Revoke a specific session by ID"}}),c.delete(`${a}/all`,async(l)=>{if(!o)return{success:!1,message:"Database not configured"};let f=l.request.headers.get("x-user-id");if(!f)return{success:!1,message:"Authentication required"};let u=l.body,b=l.request.headers.get("x-session-id"),$=o.update(t).set({isActive:!1,revokedAt:new Date,revokedReason:u.reason||"user_revoked"}).where(zo(Fn(s("userId"),f),Fn(s("isActive"),!0)));if(u.excludeCurrent&&b){let{ne:_}=await import("drizzle-orm");$=o.update(t).set({isActive:!1,revokedAt:new Date,revokedReason:u.reason||"user_revoked"}).where(zo(Fn(s("userId"),f),Fn(s("isActive"),!0),_(s("id"),b)))}await $,e.info("[AUTH] All sessions revoked",{userId:f,excludeCurrent:u.excludeCurrent,reason:u.reason||"user_revoked"});let A=new URL(l.request.url);return e.audit({entityName:"user_sessions",operation:"SESSION_REVOKE_ALL",userId:f||void 0,summary:u.excludeCurrent?"All other sessions revoked":"All sessions revoked",ipAddress:l.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||l.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:l.request.headers.get("user-agent")||"unknown",path:A.pathname,query:A.search}),{success:!0,message:u.excludeCurrent?"All other sessions revoked successfully":"All sessions revoked successfully"}},{body:kd,detail:{tags:["Authentication"],summary:"Revoke all sessions",description:"Revoke all sessions for the current user (optionally exclude current)"}}),c.get(`${a}/stats`,async(l)=>{if(!o)return{success:!1,message:"Database not configured"};let f=l.request.headers.get("x-user-id");if(!f)return{success:!1,message:"Authentication required"};let{count:u,countDistinct:b}=await import("drizzle-orm"),$=await o.select({count:u()}).from(t).where(zo(Fn(s("userId"),f),Fn(s("isActive"),!0),f2(s("revokedAt")))),A=await o.select({count:b(s("deviceFingerprint"))}).from(t).where(zo(Fn(s("userId"),f),Fn(s("isActive"),!0))),_=await o.select({count:b(s("ipAddress"))}).from(t).where(zo(Fn(s("userId"),f),Fn(s("isActive"),!0)));return{success:!0,data:{activeSessions:$[0]?.count||0,uniqueDevices:A[0]?.count||0,uniqueIpAddresses:_[0]?.count||0}}},{detail:{tags:["Authentication"],summary:"Session statistics",description:"Get session statistics for the current user"}}),c.post(`${a}/approve`,async(l)=>{if(!o)return{success:!1,message:"Database not configured"};let{token:f}=l.body;if(!f)return{success:!1,message:"Token is required"};let u=await o.select().from(t).where(Fn(s("approvalToken"),f)).limit(1);if(u.length===0)return{success:!1,message:"Invalid or expired approval token"};let b=u[0];if(b.approvalStatus!=="pending")return{success:!1,message:"Session already processed"};return await o.update(t).set({approvalStatus:"approved",isActive:!0,approvalRespondedAt:new Date,approvalToken:null}).where(Fn(s("id"),b.id)),e.info("[AUTH] Device approved",{sessionId:b.id,userId:b.userId}),{success:!0,message:"Device approved successfully"}},{detail:{tags:["Authentication"],summary:"Approve pending device",description:"Approve a pending device login request"}}),c.post(`${a}/reject`,async(l)=>{if(!o)return{success:!1,message:"Database not configured"};let{token:f}=l.body;if(!f)return{success:!1,message:"Token is required"};let u=await o.select().from(t).where(Fn(s("approvalToken"),f)).limit(1);if(u.length===0)return{success:!1,message:"Invalid or expired approval token"};let b=u[0];if(b.approvalStatus!=="pending")return{success:!1,message:"Session already processed"};return await o.update(t).set({approvalStatus:"rejected",isActive:!1,revokedAt:new Date,revokedReason:"user_rejected",approvalRespondedAt:new Date,approvalToken:null}).where(Fn(s("id"),b.id)),e.info("[AUTH] Device rejected",{sessionId:b.id,userId:b.userId}),{success:!0,message:"Device rejected and blocked"}},{detail:{tags:["Authentication"],summary:"Reject pending device",description:"Reject a pending device login request"}}),c.get(`${a}/pending`,async(l)=>{if(!o)return{success:!1,message:"Database not configured"};let f=l.request.headers.get("x-user-id");if(!f)return{success:!1,message:"Authentication required"};let u=await o.select().from(t).where(zo(Fn(s("userId"),f),Fn(s("approvalStatus"),"pending"))).orderBy(l2(s("createdAt")));return{success:!0,data:{sessions:u.map(($)=>{let A=$;return{...gs(A),approvalStatus:A.approval_status||A.approvalStatus,approvalToken:A.approval_token||A.approvalToken,approvalRequestedAt:A.approval_requested_at?.toISOString()||A.approvalRequestedAt?.toISOString()}}),totalCount:u.length}}},{detail:{tags:["Authentication"],summary:"List pending devices",description:"Get all pending device approval requests for the current user"}}),c}var Sd=d(()=>{Ed();s2();Ed()});var u2={};no(u2,{createSessionsRoute:()=>_s,createRegisterRoute:()=>bs,createRefreshRoute:()=>us,createPasswordSetRoute:()=>ds,createPasswordResetRoute:()=>fs,createPasswordChangeRoute:()=>ls,createMeRoute:()=>is,createMagicLinkRoute:()=>cs,createLogoutRoute:()=>_i,createLoginRoute:()=>bi,createInviteRoute:()=>li,createEmailVerificationRoutes:()=>ii,createAuthRoutes:()=>d2});function d2(n,r){let{authConfig:t,features:o,helpers:e}=r;if(r.oauthAccountsTable)t.oauthAccountsTable=r.oauthAccountsTable;let a=t.authentication?.cookieMaxAgeBufferSeconds??0,c={accessTokenName:t.authentication?.accessToken?.name||"access_token",refreshTokenName:t.authentication?.refreshToken?.name||"refresh_token",sessionTokenName:t.authentication?.sessionToken?.name||"session_token",accessTokenMaxAge:Math.max(0,at(t.authentication?.accessToken?.expiresIn||"15m")-a),refreshTokenMaxAge:at(t.authentication?.refreshToken?.expiresIn||"7d"),sessionTokenMaxAge:at(t.authentication?.sessionToken?.expiresIn||"30d")};if(t.logger.info("[AUTH] Cookie config created",{accessTokenMaxAge:c.accessTokenMaxAge,refreshTokenMaxAge:c.refreshTokenMaxAge,sessionTokenMaxAge:c.sessionTokenMaxAge,accessTokenExpiresIn:t.authentication?.accessToken?.expiresIn,sessionTokenExpiresIn:t.authentication?.sessionToken?.expiresIn}),o.login?.enabled){let i=bi(t,o.login,e.signAccessToken,e.signRefreshToken,e.createSession,e.saveSessionToDb,c,r.tokenResponseConfig);n.use(i)}if(o.register?.enabled){let i=bs(t,o.register,e.sendWelcomeEmail,e.signAccessToken,e.signRefreshToken,e.createSession,c,r.tokenResponseConfig,r.emailService,r.appName);if(n.use(i),o.register.emailVerification?.enabled){let s=ii({authConfig:t,registerConfig:o.register,emailService:r.emailService,appName:r.appName});n.use(s)}}if(o.logout?.enabled){let i=_i(t,o.logout,e.destroySession,e.revokeSessionInDb);n.use(i)}if(o.refresh?.enabled){let i=us(t,o.refresh,e.verifyRefreshToken,e.signAccessToken,e.signRefreshToken,r.tokenResponseConfig,a);n.use(i)}if(o.passwordReset?.enabled&&e.storeResetToken&&e.getResetToken&&e.deleteResetToken){let i=fs(t,o.passwordReset,e.storeResetToken,e.getResetToken,e.deleteResetToken,e.sendResetEmail);n.use(i)}if(o.passwordChange?.enabled){let i=ls(t,o.passwordChange);n.use(i)}if(o.passwordSet?.enabled){let i=ds(t,o.passwordSet,e.getMagicToken,e.deleteMagicToken);n.use(i)}if(o.sessions?.enabled&&r.sessionsTable){let i=_s(t,o.sessions,r.sessionsTable);n.use(i)}if(o.magicLink?.enabled&&r.emailService?.isAvailable()&&e.storeMagicToken&&e.getMagicToken&&e.deleteMagicToken){let i=cs(t,o.magicLink,r.emailService,e.signAccessToken,e.signRefreshToken,e.createSession,e.storeMagicToken,e.getMagicToken,e.deleteMagicToken,r.appName);n.use(i)}if(o.me?.enabled){let i=is(t,o.me,r.schemaTables||{},r.schemaRelations||{},r.databaseUrl);n.use(i)}if(o.invite?.enabled&&r.emailService?.isAvailable()&&e.storeMagicToken){let i=li(t,o.invite,r.emailService,e.storeMagicToken,r.appName,e.getMagicToken);n.use(i)}if(o.captcha?.enabled&&r.captchaService){let i=vg({captchaService:r.captchaService,logger:t.logger,basePath:o.captcha.route||"/auth/captcha"});n.use(i)}if(o.oauth?.enabled&&o.oauth.providers){let i=new Vc(o.oauth),s=Z1(t,i,e.signAccessToken,e.signRefreshToken,e.createSession,e.saveSessionToDb,c,r.tokenResponseConfig,r.emailService,e.storeMagicToken,r.appName);n.use(s)}return n}var Md=d(()=>{Ul();Kc();Ig();hf();$f();Ef();Sf();ed();ad();y1();sd();ud();_d();wd();Ad();Sd();hf();$f();Ef();Sf();ed();ad();sd();ud();_d();wd();Ad();Sd()});import{batch as hs,createStore as w2}from"h-state";import{useEffectEvent as h2}from"react";function $2(n){let r={};for(let t of Object.keys(n))r[t]={isPending:!1,data:null,error:null,code:null};return r}function A2(n,r){let{useStore:t}=w2($2(n),{_callEndpoint:(o)=>async(e,a)=>{if(!o[e])return;hs(()=>{o[e].isPending=!0,o[e].error=null});try{let i=await r(e,a.payload);if(hs(()=>{if(o[e].isPending=!1,o[e].code=i.code??null,i.isSuccess&&i.data!==void 0)o[e].data=i.data,o[e].error=null;else o[e].error=i.errors??null}),i.isSuccess)a.onAfterHandle?.(i.data??i);else a.onErrorHandle?.(i.errors??{message:"Request failed"},i.code)}catch(i){hs(()=>{o[e].isPending=!1,o[e].error={message:i instanceof Error?i.message:"Unknown error"}}),a.onErrorHandle?.({message:i instanceof Error?i.message:"Unknown error"},null)}}});return function(){let e=t(),a=h2((i,s)=>{e._callEndpoint(i,s)}),c={};for(let i of Object.keys(n)){let s=(l)=>{a(i,l)};c[i]={state:e[i],start:s}}return c}}var Ud={$schema:"../schemas/nucleus.tables.schema.json",tables:[{table_name:"users",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"email",type:"varchar",length:255},{name:"password",type:"varchar",length:255},{name:"verified_at",type:"timestamp"},{name:"email_verification_token",type:"varchar",length:255},{name:"email_verification_token_expires_at",type:"timestamp"},{name:"email_verification_sent_at",type:"timestamp"},{name:"email_verification_attempts",type:"integer",default:0},{name:"last_login_at",type:"timestamp"},{name:"login_count",type:"integer",default:0},{name:"is_locked",type:"boolean",default:!1},{name:"locked_until",type:"timestamp"},{name:"failed_login_attempts",type:"integer",default:0},{name:"is_god",type:"boolean",default:!1}],indexes:[{columns:["email"],unique:!0},{columns:["email","is_active"]},{columns:["last_login_at"]},{columns:["is_locked","locked_until"]}]},{table_name:"profiles",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id"}},{name:"first_name",type:"varchar",length:100,notNull:!0},{name:"last_name",type:"varchar",length:100,notNull:!0}],indexes:[{columns:["user_id"],unique:!0},{columns:["first_name","last_name"]}]},{table_name:"roles",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"name",type:"varchar",length:100,notNull:!0},{name:"description",type:"varchar",length:500}],indexes:[{columns:["name"],unique:!0}]},{table_name:"claims",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"action",type:"varchar",length:100,notNull:!0},{name:"description",type:"varchar",length:500},{name:"path",type:"varchar",length:200,notNull:!0},{name:"method",type:"varchar",length:10,notNull:!0}],indexes:[{columns:["action"],unique:!0},{columns:["path","method"]}]},{table_name:"user_roles",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"role_id",type:"uuid",notNull:!0,references:{table:"roles",column:"id",onDelete:"cascade"}}],indexes:[{columns:["user_id"]},{columns:["role_id"]}],constraints:{unique:[{name:"unique_user_role",columns:["user_id","role_id"]}]}},{table_name:"role_claims",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"role_id",type:"uuid",notNull:!0,references:{table:"roles",column:"id",onDelete:"cascade"}},{name:"claim_id",type:"uuid",notNull:!0,references:{table:"claims",column:"id",onDelete:"cascade"}},{name:"scope",type:"text"}],indexes:[{columns:["role_id"]},{columns:["claim_id"]},{columns:["role_id","claim_id","scope"]}]},{table_name:"files",feature_set:["storage"],add_base_columns:!0,is_form_data:!0,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"name",type:"varchar",length:255,notNull:!0},{name:"original_name",type:"varchar",length:255,notNull:!0},{name:"type",type:"varchar",length:50,enumValues:["image","document","video","audio","profile_picture"]},{name:"path",type:"varchar",length:500,notNull:!0},{name:"size",type:"bigint",mode:"number",notNull:!0},{name:"mime_type",type:"varchar",length:100,notNull:!0},{name:"extension",type:"varchar",length:10,notNull:!0},{name:"uploaded_by",type:"uuid",references:{table:"users",column:"id"}}],indexes:[{columns:["type"]},{columns:["uploaded_by"]},{columns:["size"]}]},{table_name:"addresses",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"owner_type",type:"varchar",length:50,notNull:!0,enumValues:["user","company","contact"]},{name:"owner_id",type:"uuid",notNull:!0},{name:"name",type:"varchar",length:100,notNull:!0},{name:"street",type:"varchar",length:255},{name:"city",type:"varchar",length:100},{name:"state",type:"varchar",length:50},{name:"zip",type:"varchar",length:20},{name:"country",type:"varchar",length:50,default:"US"},{name:"latitude",type:"decimal",precision:10,scale:8},{name:"longitude",type:"decimal",precision:11,scale:8},{name:"neighborhood",type:"varchar",length:100},{name:"apartment",type:"varchar",length:50},{name:"province",type:"varchar",length:100},{name:"district",type:"varchar",length:100},{name:"type",type:"varchar",length:50}],indexes:[{columns:["city","state"]},{columns:["latitude","longitude"]},{columns:["type"]},{columns:["owner_type","owner_id"]}]},{table_name:"phones",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"owner_type",type:"varchar",length:50,notNull:!0,enumValues:["user","company","contact"]},{name:"owner_id",type:"uuid",notNull:!0},{name:"name",type:"varchar",length:100,notNull:!0},{name:"type",type:"varchar",length:50,enumValues:["mobile","office","fax"]},{name:"number",type:"varchar",length:20,notNull:!0},{name:"country_code",type:"varchar",length:10,notNull:!0,default:"+1"},{name:"extension",type:"varchar",length:10}],indexes:[{columns:["number"]},{columns:["type"]},{columns:["owner_type","owner_id"]}]},{table_name:"notifications",feature_set:["authentication","notification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"user_id",type:"uuid",notNull:!0},{name:"title",type:"varchar",length:255,notNull:!0},{name:"body",type:"varchar",length:1000},{name:"entity_name",type:"varchar",length:100},{name:"entity_id",type:"uuid"},{name:"is_seen",type:"boolean",notNull:!0,default:!1},{name:"seen_at",type:"timestamptz"}],indexes:[{columns:["user_id","created_at"]},{columns:["is_seen"]}]},{table_name:"tenants",feature_set:["multi-tenant"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["main"],excluded_schemas:[],excluded_methods:[],columns:[{name:"subdomain",type:"varchar",length:100,notNull:!0,unique:!0},{name:"company_id",type:"uuid",notNull:!0},{name:"schema_name",type:"varchar",length:100,notNull:!0,unique:!0},{name:"company_name",type:"varchar",length:255},{name:"god_admin_email",type:"varchar",length:255}],indexes:[]},{table_name:"verifications",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"requirement_id",type:"uuid",notNull:!0,references:{table:"verificationRequirements",column:"id"}},{name:"verifier_id",type:"uuid",notNull:!0,references:{table:"users",column:"id"}},{name:"signature_id",type:"uuid",references:{table:"files",column:"id"}},{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"entity_id",type:"uuid",notNull:!0},{name:"step_order",type:"integer",notNull:!0,default:1},{name:"decision",type:"varchar",length:50,notNull:!0,default:"pending",enumValues:["approved","rejected","pending"]},{name:"reason",type:"text"},{name:"diff",type:"jsonb"}],indexes:[{columns:["requirement_id"]},{columns:["verifier_id"]},{columns:["entity_name","entity_id"]},{columns:["entity_name","entity_id","step_order"]},{columns:["decision"]}]},{table_name:"verificationRequirements",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"entity_id",type:"uuid"},{name:"entity_name",type:"varchar",length:100},{name:"verifier_type",type:"varchar",length:30,enumValues:["user","role","entity_creator"]},{name:"verifier_id",type:"uuid"},{name:"verifier_role",type:"varchar",length:50},{name:"is_signature_mandatory",type:"boolean",notNull:!0},{name:"step_order",type:"integer",notNull:!0,default:1},{name:"is_all_required",type:"boolean",notNull:!0,default:!1},{name:"connected_from_step_order",type:"integer"},{name:"position_x",type:"numeric"},{name:"position_y",type:"numeric"}],indexes:[{columns:["entity_id"]}]},{table_name:"verificationFlows",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"name",type:"varchar",length:255,notNull:!0},{name:"description",type:"text"},{name:"trigger_on",type:"varchar",length:50,notNull:!0,default:"update",enumValues:["create","update","delete","manual"]},{name:"trigger_fields",type:"jsonb"},{name:"is_draft",type:"boolean",notNull:!0,default:!0},{name:"published_at",type:"timestamptz"},{name:"viewport",type:"jsonb"}],indexes:[{columns:["entity_name"]},{columns:["entity_name","trigger_on"]},{columns:["is_draft"]}]},{table_name:"verificationSteps",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id",onDelete:"cascade"}},{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"node_id",type:"varchar",length:100,notNull:!0},{name:"node_type",type:"varchar",length:50,notNull:!0,default:"step",enumValues:["start","step","condition","notification","end"]},{name:"step_order",type:"integer",notNull:!0,default:1},{name:"name",type:"varchar",length:255},{name:"description",type:"text"},{name:"position_x",type:"numeric",notNull:!0,default:0},{name:"position_y",type:"numeric",notNull:!0,default:0},{name:"width",type:"numeric"},{name:"height",type:"numeric"},{name:"style",type:"jsonb"},{name:"data",type:"jsonb"}],indexes:[{columns:["flow_id"]},{columns:["entity_name"]},{columns:["flow_id","node_id"],unique:!0},{columns:["entity_name","step_order"]}]},{table_name:"verificationEdges",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id",onDelete:"cascade"}},{name:"edge_id",type:"varchar",length:100,notNull:!0},{name:"source_node_id",type:"varchar",length:100,notNull:!0},{name:"target_node_id",type:"varchar",length:100,notNull:!0},{name:"source_handle",type:"varchar",length:50},{name:"target_handle",type:"varchar",length:50},{name:"edge_type",type:"varchar",length:50,default:"default",enumValues:["default","conditional","success","failure"]},{name:"label",type:"varchar",length:255},{name:"condition",type:"jsonb"},{name:"style",type:"jsonb"},{name:"animated",type:"boolean",default:!1}],indexes:[{columns:["flow_id"]},{columns:["flow_id","edge_id"],unique:!0},{columns:["source_node_id"]},{columns:["target_node_id"]}]},{table_name:"verificationNotificationRules",feature_set:["authentication","verification","notification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id",onDelete:"cascade"}},{name:"step_node_id",type:"varchar",length:100},{name:"trigger",type:"varchar",length:50,notNull:!0,enumValues:["on_flow_started","on_step_reached","on_approved","on_rejected","on_flow_completed"]},{name:"channel",type:"varchar",length:20,notNull:!0,default:"portal",enumValues:["portal","email","both"]},{name:"title_template",type:"varchar",length:255},{name:"body_template",type:"text"},{name:"starts_at",type:"timestamptz"},{name:"expires_at",type:"timestamptz"}],indexes:[{columns:["flow_id"]},{columns:["flow_id","step_node_id"]},{columns:["trigger"]}]},{table_name:"verificationNotificationRecipients",feature_set:["authentication","verification","notification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"rule_id",type:"uuid",notNull:!0},{name:"recipient_type",type:"varchar",length:20,notNull:!0,enumValues:["user","role","all_verifiers","step_verifier"]},{name:"recipient_user_id",type:"uuid"},{name:"recipient_role_id",type:"uuid"},{name:"channel",type:"varchar",length:20,notNull:!0,enumValues:["portal"]}],indexes:[{columns:["rule_id"]},{columns:["recipient_type"]},{columns:["channel"]}]},{table_name:"user_sessions",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","PATCH"],columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"token_hash",type:"varchar",length:255,notNull:!0},{name:"refresh_token_hash",type:"varchar",length:255},{name:"device_fingerprint",type:"varchar",length:255},{name:"device_name",type:"varchar",length:100},{name:"device_type",type:"varchar",length:50,enumValues:["desktop","mobile","tablet","unknown"]},{name:"browser_name",type:"varchar",length:50},{name:"browser_version",type:"varchar",length:20},{name:"os_name",type:"varchar",length:50},{name:"os_version",type:"varchar",length:20},{name:"ip_address",type:"varchar",length:45,notNull:!0},{name:"location_country",type:"varchar",length:100},{name:"location_city",type:"varchar",length:100},{name:"location_coordinates",type:"varchar",length:50},{name:"last_activity_at",type:"timestamptz",notNull:!0,defaultRaw:"now()"},{name:"expires_at",type:"timestamptz",notNull:!0},{name:"revoked_at",type:"timestamptz"},{name:"revoked_reason",type:"varchar",length:100,enumValues:["user_logout","user_revoked","admin_revoked","security_concern","password_changed","expired","replaced"]},{name:"is_current",type:"boolean",notNull:!0,default:!1},{name:"login_method",type:"varchar",length:50,enumValues:["password","oauth_google","oauth_github","oauth_microsoft","magic_link","sso","api_key"]},{name:"remember_me",type:"boolean",notNull:!0,default:!1},{name:"trust_score",type:"integer",default:100},{name:"approval_status",type:"varchar",length:20,default:"approved",enumValues:["approved","pending","rejected"]},{name:"approval_token",type:"varchar",length:64},{name:"approval_requested_at",type:"timestamptz"},{name:"approval_responded_at",type:"timestamptz"}],indexes:[{columns:["user_id"]},{columns:["token_hash"],unique:!0},{columns:["refresh_token_hash"]},{columns:["user_id","is_active"]},{columns:["expires_at"]},{columns:["device_fingerprint"]},{columns:["ip_address"]},{columns:["last_activity_at"]},{columns:["approval_status"]},{columns:["approval_token"]}]},{table_name:"password_reset_tokens",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","PATCH","DELETE"],columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"token_hash",type:"varchar",length:255,notNull:!0},{name:"expires_at",type:"timestamptz",notNull:!0},{name:"used_at",type:"timestamptz"}],indexes:[{columns:["token_hash"],unique:!0},{columns:["user_id"]},{columns:["expires_at"]}]},{table_name:"magic_link_tokens",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","PATCH","DELETE"],columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"email",type:"varchar",length:255,notNull:!0},{name:"token_hash",type:"varchar",length:255,notNull:!0},{name:"expires_at",type:"timestamptz",notNull:!0},{name:"used_at",type:"timestamptz"}],indexes:[{columns:["token_hash"],unique:!0},{columns:["user_id"]},{columns:["email"]},{columns:["expires_at"]}]},{table_name:"audit_logs",feature_set:["audit"],add_base_columns:!1,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","DELETE","PATCH","TOGGLE","VERIFICATION"],columns:[{name:"id",type:"uuid",primaryKey:!0,defaultRaw:"gen_random_uuid()"},{name:"entity_id",type:"uuid"},{name:"entity_name",type:"text",notNull:!0},{name:"operation_type",type:"text",notNull:!0},{name:"user_id",type:"uuid"},{name:"ip_address",type:"text"},{name:"user_agent",type:"text"},{name:"summary",type:"text"},{name:"old_values",type:"jsonb"},{name:"new_values",type:"jsonb"},{name:"created_at",type:"timestamp",notNull:!0,defaultRaw:"now()"},{name:"path",type:"text"},{name:"query",type:"text"}],indexes:[{columns:["entity_id"]},{columns:["entity_name"]},{columns:["user_id"]},{columns:["created_at"]}]},{table_name:"oauth_accounts",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!1,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"provider",type:"varchar",length:50,notNull:!0,enumValues:["google","github","microsoft","discord","facebook","twitter","apple","custom"]},{name:"provider_account_id",type:"varchar",length:255,notNull:!0},{name:"provider_email",type:"varchar",length:255},{name:"provider_name",type:"varchar",length:255},{name:"provider_avatar_url",type:"text"},{name:"access_token",type:"text"},{name:"refresh_token",type:"text"},{name:"token_expires_at",type:"timestamp"},{name:"scope",type:"text"},{name:"raw_profile",type:"jsonb"},{name:"is_primary",type:"boolean",notNull:!0,default:!1},{name:"last_used_at",type:"timestamp"}],indexes:[{columns:["user_id"]},{columns:["provider","provider_account_id"],unique:!0},{columns:["provider_email"]},{columns:["user_id","provider"]}],constraints:{unique:[{name:"unique_provider_account",columns:["provider","provider_account_id"]}]}}]};var $s={login:{key:"LOGIN",method:"POST",defaultRoute:"/auth/login",defaultIsPublic:!0,_payload:void 0,_success:void 0,_error:void 0},register:{key:"REGISTER",method:"POST",defaultRoute:"/auth/register",defaultIsPublic:!0,_payload:void 0,_success:void 0,_error:void 0},logout:{key:"LOGOUT",method:"POST",defaultRoute:"/auth/logout",defaultIsPublic:!1,_payload:void 0,_success:void 0,_error:void 0},refresh:{key:"REFRESH",method:"POST",defaultRoute:"/auth/refresh",defaultIsPublic:!1,_payload:void 0,_success:void 0,_error:void 0},me:{key:"ME",method:"GET",defaultRoute:"/auth/me",defaultIsPublic:!1,_payload:void 0,_success:void 0,_error:void 0},passwordChange:{key:"PASSWORD_CHANGE",method:"POST",defaultRoute:"/auth/password-change",defaultIsPublic:!1,_payload:void 0,_success:void 0,_error:void 0},passwordSet:{key:"PASSWORD_SET",method:"POST",defaultRoute:"/auth/password-set",defaultIsPublic:!1,_payload:void 0,_success:void 0,_error:void 0},passwordReset:{key:"PASSWORD_RESET_REQUEST",method:"POST",defaultRoute:"/auth/password-reset",defaultIsPublic:!0,subEndpoints:[{key:"PASSWORD_RESET_REQUEST",method:"POST",suffix:"/request",_payload:void 0,_success:void 0,_error:void 0},{key:"PASSWORD_RESET_CONFIRM",method:"POST",suffix:"/confirm",_payload:void 0,_success:void 0,_error:void 0}]},sessions:{key:"SESSIONS",method:"GET",defaultRoute:"/auth/sessions",defaultIsPublic:!1,subEndpoints:[{key:"SESSIONS",method:"GET",suffix:"",_payload:void 0,_success:void 0,_error:void 0},{key:"SESSIONS_CURRENT",method:"GET",suffix:"/current",_payload:void 0,_success:void 0,_error:void 0},{key:"SESSIONS_STATS",method:"GET",suffix:"/stats",_payload:void 0,_success:void 0,_error:void 0},{key:"SESSIONS_PENDING",method:"GET",suffix:"/pending",_payload:void 0,_success:void 0,_error:void 0},{key:"SESSIONS_REVOKE",method:"DELETE",suffix:"/:sessionId",_payload:void 0,_success:void 0,_error:void 0},{key:"SESSIONS_REVOKE_ALL",method:"DELETE",suffix:"/all",_payload:void 0,_success:void 0,_error:void 0},{key:"SESSIONS_APPROVE",method:"POST",suffix:"/approve",_payload:void 0,_success:void 0,_error:void 0},{key:"SESSIONS_REJECT",method:"POST",suffix:"/reject",_payload:void 0,_success:void 0,_error:void 0}]},magicLink:{key:"MAGIC_LINK",method:"POST",defaultRoute:"/auth/magic-link",defaultIsPublic:!0,subEndpoints:[{key:"MAGIC_LINK",method:"POST",suffix:"",_payload:void 0,_success:void 0,_error:void 0},{key:"MAGIC_LINK_VERIFY",method:"GET",suffix:"/verify",routeKey:"verifyRoute",_payload:void 0,_success:void 0,_error:void 0}]},invite:{key:"INVITE",method:"POST",defaultRoute:"/auth/invite",defaultIsPublic:!1,subEndpoints:[{key:"INVITE",method:"POST",suffix:"",_payload:void 0,_success:void 0,_error:void 0},{key:"INVITE_VERIFY",method:"POST",suffix:"/verify",_payload:void 0,_success:void 0,_error:void 0}]},emailVerification:{key:"VERIFY_EMAIL",method:"GET",defaultRoute:"/verify-email",defaultIsPublic:!0,subEndpoints:[{key:"VERIFY_EMAIL",method:"GET",suffix:"",_payload:void 0,_success:void 0,_error:void 0},{key:"RESEND_VERIFICATION",method:"POST",suffix:"",routeKey:"resendRoute",defaultRoute:"/resend-verification",_payload:void 0,_success:void 0,_error:void 0}]},captcha:{key:"CAPTCHA",method:"GET",defaultRoute:"/auth/captcha",defaultIsPublic:!0,subEndpoints:[{key:"CAPTCHA_GENERATE",method:"GET",suffix:"/generate",_payload:void 0,_success:void 0,_error:void 0},{key:"CAPTCHA_VALIDATE",method:"POST",suffix:"/validate",_payload:void 0,_success:void 0,_error:void 0}]},oauth:{key:"OAUTH_PROVIDERS",method:"GET",defaultRoute:"/auth/oauth/providers",defaultIsPublic:!0,subEndpoints:[{key:"OAUTH_PROVIDERS",method:"GET",suffix:"/providers",_payload:void 0,_success:void 0,_error:void 0},{key:"OAUTH_REDIRECT",method:"GET",suffix:"/:provider",_payload:void 0,_success:void 0,_error:void 0},{key:"OAUTH_ACCOUNTS",method:"GET",suffix:"/accounts",_payload:void 0,_success:void 0,_error:void 0},{key:"OAUTH_UNLINK",method:"DELETE",suffix:"/unlink/:provider",_payload:void 0,_success:void 0,_error:void 0}]}},Bd={healthCheck:{key:"MONITORING_HEALTH_CHECK",method:"GET",suffix:"/health",_payload:void 0,_success:void 0,_error:void 0},getSettings:{key:"MONITORING_GET_SETTINGS",method:"GET",suffix:"/settings",_payload:void 0,_success:void 0,_error:void 0},changeSettings:{key:"MONITORING_CHANGE_SETTINGS",method:"PATCH",suffix:"/settings",_payload:void 0,_success:void 0,_error:void 0},getLogs:{key:"MONITORING_GET_LOGS",method:"GET",suffix:"/logs",_payload:void 0,_success:void 0,_error:void 0}};var k2=["profiles","addresses","phones","files","users","roles","claims","user_roles","role_claims","audit_logs"],E2=Ud.tables.filter((n)=>k2.includes(n.table_name));function le(n){return n.replace(/([a-z])([A-Z])/g,"$1_$2").replace(/[\s-]+/g,"_").toUpperCase()}function S2(n){return n.replace(/_([a-z])/g,(r,t)=>t.toUpperCase())}function As(n){if(n.endsWith("ies"))return`${n.slice(0,-3)}y`;if(n.endsWith("ses"))return`${n.slice(0,-2)}`;if(n.endsWith("s"))return n.slice(0,-1);return n}function kt(n,r){let t=le(n),o=le(As(n));switch(r){case"GET":return`GET_${t}`;case"POST":return`ADD_${o}`;case"PUT":return`UPDATE_${o}`;case"PATCH":return`PATCH_${o}`;case"DELETE":return`DELETE_${o}`}}function se(n,r){let t=le(n);switch(r){case"POST":return`BULK_ADD_${t}`;case"PUT":return`BULK_UPDATE_${t}`;case"DELETE":return`BULK_DELETE_${t}`}}function ro(n,r){if(!n.excluded_methods)return!1;let t={GET:"GET",POST:"POST",PUT:"PUT",PATCH:"PATCH",DELETE:"DELETE"};return n.excluded_methods.includes(t[r])}function Wd(n){let r={};for(let t of n.entities){let o=t.table_name,e=`/${o}`;if(!ro(t,"GET")){r[kt(o,"GET")]={method:"GET",path:e,isPublic:t.is_public?.GET??!1,_payload:void 0,_success:void 0,_error:void 0};let a=le(As(o));r[`GET_${a}_BY_ID`]={method:"GET",path:`${e}/:id`,isPublic:t.is_public?.GET??!1,_payload:void 0,_success:void 0,_error:void 0},r[`GET_${le(o)}_DISTINCT`]={method:"GET",path:`${e}/distinct/:field`,isPublic:t.is_public?.GET??!1,_payload:void 0,_success:void 0,_error:void 0}}if(!ro(t,"POST"))r[kt(o,"POST")]={method:"POST",path:e,isPublic:t.is_public?.POST??!1,isFormData:t.is_form_data,_payload:void 0,_success:void 0,_error:void 0};if(!ro(t,"PUT"))r[kt(o,"PUT")]={method:"PUT",path:`${e}/:id`,isPublic:t.is_public?.PUT??!1,isFormData:t.is_form_data,_payload:void 0,_success:void 0,_error:void 0};if(!ro(t,"PATCH"))r[kt(o,"PATCH")]={method:"PATCH",path:`${e}/:id`,isPublic:t.is_public?.PATCH??!1,_payload:void 0,_success:void 0,_error:void 0};if(!ro(t,"DELETE"))r[kt(o,"DELETE")]={method:"DELETE",path:`${e}/:id`,isPublic:t.is_public?.DELETE??!1,_payload:void 0,_success:void 0,_error:void 0};if(t.bulk_endpoints_enabled){if(!ro(t,"POST"))r[se(o,"POST")]={method:"POST",path:`${e}/bulk`,isPublic:t.is_public?.POST??!1,_payload:void 0,_success:void 0,_error:void 0};if(!ro(t,"PUT"))r[se(o,"PUT")]={method:"PUT",path:`${e}/bulk`,isPublic:t.is_public?.PUT??!1,_payload:void 0,_success:void 0,_error:void 0};if(!ro(t,"DELETE"))r[se(o,"DELETE")]={method:"DELETE",path:`${e}/bulk`,isPublic:t.is_public?.DELETE??!1,_payload:void 0,_success:void 0,_error:void 0}}}return r}function Yd(n){let r={},t=n.authentication;if(!t?.enabled)return r;for(let[o,e]of Object.entries($s)){let a=t[o];if(!a?.enabled)continue;let c=a.route||e.defaultRoute,i=a.isPublic??e.defaultIsPublic;if("subEndpoints"in e&&e.subEndpoints)for(let s of e.subEndpoints){let l="routeKey"in s&&s.routeKey&&a[s.routeKey]?String(a[s.routeKey]):("defaultRoute"in s)&&s.defaultRoute?String(s.defaultRoute):`${c}${s.suffix}`;r[s.key]={method:s.method,path:l,isPublic:s.key==="MAGIC_LINK_VERIFY"?!0:i,_payload:s._payload,_success:s._success,_error:s._error}}else if("_payload"in e)r[e.key]={method:e.method,path:c,isPublic:i,_payload:e._payload,_success:e._success,_error:e._error}}return r}function Jd(){let n={};for(let r of E2){let t=r.table_name,e=`/${S2(t)}`,a=t==="files";n[kt(t,"GET")]={method:"GET",path:e,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0};let c=le(As(t));if(n[`GET_${c}_BY_ID`]={method:"GET",path:`${e}/:id`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},n[kt(t,"POST")]={method:"POST",path:e,isPublic:!1,isFormData:a,_payload:void 0,_success:void 0,_error:void 0},n[kt(t,"PUT")]={method:"PUT",path:`${e}/:id`,isPublic:!1,isFormData:a,_payload:void 0,_success:void 0,_error:void 0},n[kt(t,"PATCH")]={method:"PATCH",path:`${e}/:id`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},n[kt(t,"DELETE")]={method:"DELETE",path:`${e}/:id`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},r.bulk_endpoints_enabled)n[se(t,"POST")]={method:"POST",path:`${e}/bulk`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},n[se(t,"PUT")]={method:"PUT",path:`${e}/bulk`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},n[se(t,"DELETE")]={method:"DELETE",path:`${e}/bulk`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0}}return n}function Ld(n){let r={},t=n.liveMonitoring;if(!t?.enabled)return r;let o=t.basePath||"/monitoring";for(let e of Object.values(Bd))r[e.key]={method:e.method,path:`${o}${e.suffix}`,isPublic:!1,_payload:e._payload,_success:e._success,_error:e._error};return r}function M2(n,r){let t=Wd(n),o=Yd(n),e=Jd(),a=Ld(n);return{...t,...o,...e,...a,...r??{}}}Bs();import{randomUUID as B2}from"crypto";var W2={timeout:30000,retries:0,retryDelay:1000,debug:!1};class ea{config;logger;constructor(n={}){this.config={...W2,...n},this.logger=new Jr({service:"ServerFetch",prettyPrint:this.config.debug,colorize:this.config.debug,auditEnabled:!1})}buildUrl(n){if(n.startsWith("http://")||n.startsWith("https://"))return n;return this.config.baseUrl?`${this.config.baseUrl}${n}`:n}buildHeaders(n){let r=new Headers;if(this.config.defaultHeaders)for(let[t,o]of Object.entries(this.config.defaultHeaders))r.set(t,o);if(n)if(n instanceof Headers)n.forEach((t,o)=>{r.set(o,t)});else if(Array.isArray(n))for(let[t,o]of n)r.set(t,o);else for(let[t,o]of Object.entries(n))r.set(t,o);return r}parseResponseHeaders(n){let r={};if(n.forEach((t,o)=>{if(o.toLowerCase()==="set-cookie"){let e=r[o];r[o]=e?`${e}, ${t}`:t}else r[o]=t}),typeof n.getSetCookie==="function"){let t=n.getSetCookie();if(t.length>0)r["set-cookie"]=t.join(", ")}return r}async executeWithTimeout(n,r,t){let o=new AbortController,e=setTimeout(()=>o.abort(),r);try{return await Promise.race([n,new Promise((c,i)=>{o.signal.addEventListener("abort",()=>{i(Error(`Request timeout after ${r}ms`))})})])}finally{clearTimeout(e)}}async fetch(n){let r=B2(),t=performance.now(),o=this.buildUrl(n.url),e=this.buildHeaders(n.headers),a=n.timeout??this.config.timeout??30000,c=n.retries??this.config.retries??0,i=n.retryDelay??this.config.retryDelay??1000,s;if(n.body)if(typeof n.body==="object"&&!(n.body instanceof FormData)&&!(n.body instanceof URLSearchParams)&&!(n.body instanceof Blob)&&!(n.body instanceof ArrayBuffer)){if(s=JSON.stringify(n.body),!e.has("content-type"))e.set("content-type","application/json")}else s=n.body;this.logger.debug(`[${r}] ${n.method} ${o}`,{method:n.method,url:o,hasBody:!!s});let l=null,f=0;while(f<=c)try{let b=await this.executeWithTimeout(fetch(o,{method:n.method,headers:e,body:s}),a,r),$=performance.now()-t,A=this.parseResponseHeaders(b.headers),_,m,E=await b.text();if(E)try{let M=JSON.parse(E);if(b.ok)_=M;else m=M}catch{if(!b.ok)m={message:E||b.statusText}}else if(!b.ok)m={message:b.statusText};let R={isSuccess:b.ok,response:_,errors:m,code:b.status,headers:A,durationMs:$,requestId:r,createdAt:new Date};if(b.ok)this.logger.info(`[${r}] ${n.method} ${o} ${b.status}`,{method:n.method,url:o,statusCode:b.status,durationMs:Math.round($)});else this.logger.warn(`[${r}] ${n.method} ${o} ${b.status}`,{method:n.method,url:o,statusCode:b.status,durationMs:Math.round($),error:m});return R}catch(b){if(l=b instanceof Error?b:Error(String(b)),f++,f<=c)this.logger.warn(`[${r}] Retry ${f}/${c} after error`,{method:n.method,url:o,error:l.message,attempt:f,retries:c}),await new Promise(($)=>setTimeout($,i))}let u=performance.now()-t;return this.logger.error(`[${r}] ${n.method} ${o} failed`,l,{method:n.method,url:o,durationMs:Math.round(u),attempts:f}),{isSuccess:!1,response:void 0,errors:{message:l?.message||"Unknown error"},code:null,headers:{},durationMs:u,requestId:r,createdAt:new Date}}async get(n,r){return this.fetch({...r,url:n,method:"GET"})}async post(n,r,t){return this.fetch({...t,url:n,method:"POST",body:r})}async put(n,r,t){return this.fetch({...t,url:n,method:"PUT",body:r})}async patch(n,r,t){return this.fetch({...t,url:n,method:"PATCH",body:r})}async delete(n,r){return this.fetch({...r,url:n,method:"DELETE"})}}var Y2=new ea;var J2={accessToken:"access_token",refreshToken:"refresh_token",sessionToken:"session_token"};function L2(n){let r=[],t="";for(let o=0;o<n.length;o++){let e=n[o];if(e===","){let a=n.slice(o+1).trimStart();if(/^[a-zA-Z0-9_-]+=/.test(a)){r.push(t.trim()),t="";continue}}t+=e}if(t.trim())r.push(t.trim());return r}function X2(n,r){let t={},o=["x-forwarded-for","x-real-ip","user-agent","accept-language","x-request-id","x-client-ip","cf-connecting-ip","true-client-ip"];for(let s of o){let l=n.get(s);if(l)t[s]=l}if(!t["user-agent"])t["user-agent"]="Nucleus-ServerAction/1.0";let e=n.get(`x-${r.accessToken}`),a=n.get(`x-${r.refreshToken}`),c=n.get(`x-${r.sessionToken}`);if(e)t[`x-${r.accessToken}`]=e;if(a)t[`x-${r.refreshToken}`]=a;if(c)t[`x-${r.sessionToken}`]=c;let i=n.get("cookie");if(i)t.cookie=i;return t}function V2(n){return n.replace(/_([a-z])/g,(r,t)=>t.toUpperCase())}function xd(n){let r={};for(let[t,o]of Object.entries(n)){let e=t.startsWith("_")?t:V2(t);if(o instanceof Date)r[e]=o.toISOString();else if(o&&typeof o==="object"&&!Array.isArray(o))r[e]=xd(o);else r[e]=o}return r}function C2(n,r){let t=new URLSearchParams,o=(a,c)=>{if(c===void 0||c===null)return;if(Array.isArray(c))for(let i of c)o(`${a}[]`,i);else if(c instanceof Date)t.append(a,c.toISOString());else if(typeof c==="object")for(let[i,s]of Object.entries(c))o(`${a}[${i}]`,s);else t.append(a,String(c))};for(let[a,c]of Object.entries(r))o(a,c);let e=t.toString();if(!e)return n;return n.includes("?")?`${n}&${e}`:`${n}?${e}`}function x2(n,r,t,o){let e={...J2,...r.tokenNames},a=new ea({baseUrl:r.baseUrl,debug:r.debug,timeout:30000,retries:0});return async function(i,s){let l=n[i];if(!l)return{isSuccess:!1,errors:{message:`Endpoint "${i}" not found`},code:404};let f=await t(),u=await o(),b={};u.forEach((R,M)=>{b[M]=R});let $=X2(u,e),A=l.path,_;if(s&&typeof s==="object"&&!(s instanceof FormData)){let R=s;for(let[M,S]of Object.entries(R))if(S!=null){if(M.startsWith("_"))A=A.replace(`:${M.substring(1)}`,String(S));else if(M==="id"&&A.includes(":id"))A=A.replace(":id",String(S))}}if(l.method==="GET"&&s&&typeof s==="object")A=C2(A,s);else if(s!==void 0){if(l.isFormData&&s instanceof FormData)_=s;else if(_=xd(s),!$["content-type"])$["content-type"]="application/json"}let m=await a.fetch({url:A,method:l.method,headers:$,body:_});if(m.headers["set-cookie"])try{let R=m.headers["set-cookie"],M=L2(R);for(let S of M){let[x,...D]=S.split(";");if(!x)continue;let[k,B]=x.split("=");if(k&&B){let w={};for(let g of D){let[Y,V]=g.trim().split("=");if(!Y)continue;let C=Y.toLowerCase();if(C==="path")w.path=V;else if(C==="max-age")w.maxAge=Number(V);else if(C==="expires"&&V)w.expires=new Date(V);else if(C==="httponly")w.httpOnly=!0;else if(C==="secure")w.secure=!0;else if(C==="samesite")w.sameSite=V}f.set(k.trim(),B.trim(),w)}}}catch(R){console.warn("[ServerFactory] Failed to process Set-Cookie headers:",R instanceof Error?R.message:String(R))}let E=m.response;if(m.isSuccess&&E&&typeof E==="object"&&!Array.isArray(E)){let R=E;if("success"in R&&!("data"in R)){let{success:M,message:S,error:x,...D}=R;E={success:M,...S!==void 0?{message:S}:{},...x!==void 0?{error:x}:{},...Object.keys(D).length>0?{data:D}:{}}}}return{isSuccess:m.isSuccess,data:E,errors:m.errors,code:m.code,message:m.isSuccess?void 0:m.errors?.message}}}import{useEffect as Qd,useEffectEvent as Bo,useRef as aa}from"react";import{batch as Q2,createStore as P2}from"h-state";var G2={connection:{status:"disconnected",clientId:null,subscribedTopics:[],error:null,reconnectAttempt:0},events:[],maxEvents:100},{useStore:Ws}=P2(G2,{setConnectionStatus:(n)=>(r)=>{n.connection.status=r},setClientId:(n)=>(r)=>{n.connection.clientId=r},setSubscribedTopics:(n)=>(r)=>{n.connection.subscribedTopics=r},setError:(n)=>(r)=>{n.connection.error=r},setReconnectAttempt:(n)=>(r)=>{n.connection.reconnectAttempt=r},addEvent:(n)=>(r)=>{let t=[r,...n.events];n.events=t.slice(0,n.maxEvents)},clearEvents:(n)=>()=>{n.events=[]},reset:(n)=>()=>{Q2(()=>{n.connection.status="disconnected",n.connection.clientId=null,n.connection.subscribedTopics=[],n.connection.error=null,n.connection.reconnectAttempt=0,n.events=[]})}});function O2(n){if(n.wsUrl){let a=n.wsUrl.replace(/\/$/,""),c=n.wsPath||"/api/events/subscribe",i=(n.topics||["*"]).join(",");return`${a}${c}?userId=${encodeURIComponent(n.userId)}&topics=${encodeURIComponent(i)}`}if(typeof window>"u")return"";let r=window.location.protocol==="https:"?"wss:":"ws:",t=window.location.host,o=n.wsPath||"/api/events/subscribe",e=(n.topics||["*"]).join(",");return`${r}//${t}${o}?userId=${encodeURIComponent(n.userId)}&topics=${encodeURIComponent(e)}`}var N2=0;function q2(n){let r=Ws(),t=aa(null),o=aa(null),e=aa(null),a=aa(!1),c=aa(n);c.current=n;let i=n.autoReconnect??!0,s=n.maxReconnectAttempts??10,l=n.reconnectBaseDelay??1000,f=n.reconnectMaxDelay??30000,u=n.heartbeatInterval??30000,b=n.debug??!1,$=(...B)=>{if(b)console.log("[usePubSub]",...B)},A=()=>{if(o.current)clearInterval(o.current),o.current=null},_=()=>{if(e.current)clearTimeout(e.current),e.current=null},m=(B)=>{A(),o.current=setInterval(()=>{if(B.readyState===WebSocket.OPEN)B.send(JSON.stringify({type:"ping"}))},u)},E=Bo((B)=>{try{let w=JSON.parse(B.data);switch(w.type){case"connected":r.setConnectionStatus("connected"),r.setClientId(w.clientId),r.setSubscribedTopics(w.subscribedTopics),r.setReconnectAttempt(0),r.setError(null),$("Connected, clientId:",w.clientId);break;case"subscribed":r.setSubscribedTopics(w.topics),$("Subscribed to:",w.topics);break;case"event":{let g={id:`evt_${Date.now()}_${N2++}`,topic:w.topic,data:w.data,timestamp:w.timestamp,receivedAt:Date.now(),messageId:w.messageId,isRedelivery:w.isRedelivery};if(r.addEvent(g),w.messageId&&t.current?.readyState===WebSocket.OPEN)t.current.send(JSON.stringify({type:"ack",messageId:w.messageId}));break}case"pong":break;case"error":r.setError(Error(w.error)),$("Server error:",w.error);break}}catch{$("Failed to parse message")}}),R=Bo((B)=>{if(a.current)return;if(!i)return;if(B>=s){r.setConnectionStatus("disconnected"),r.setError(Error("Max reconnection attempts reached")),$("Max reconnect attempts reached");return}let w=Math.min(l*2**B,f);$(`Reconnecting in ${w}ms (attempt ${B+1}/${s})`),r.setConnectionStatus("reconnecting"),r.setReconnectAttempt(B+1),_(),e.current=setTimeout(()=>{if(!a.current)M()},w)}),M=Bo(()=>{if(a.current)return;if(t.current?.readyState===WebSocket.OPEN)return;if(!c.current.userId)return;if(t.current){if(t.current.onopen=null,t.current.onmessage=null,t.current.onerror=null,t.current.onclose=null,t.current.readyState===WebSocket.OPEN||t.current.readyState===WebSocket.CONNECTING)t.current.close();t.current=null}let B=O2(c.current);if(!B)return;r.setConnectionStatus("connecting"),r.setError(null),$("Connecting to:",B);let w=new WebSocket(B);t.current=w,w.onopen=()=>{$("WebSocket opened"),m(w)},w.onmessage=E,w.onerror=()=>{$("WebSocket error"),r.setError(Error("WebSocket connection error"))},w.onclose=(g)=>{if($("WebSocket closed",g.code,g.reason),A(),r.setConnectionStatus("disconnected"),r.setClientId(null),!a.current&&g.code!==4001){let Y=r.connection.reconnectAttempt;R(Y)}}}),S=Bo(()=>{if(A(),_(),t.current){if(t.current.onopen=null,t.current.onmessage=null,t.current.onerror=null,t.current.onclose=null,t.current.readyState===WebSocket.OPEN||t.current.readyState===WebSocket.CONNECTING)t.current.close();t.current=null}r.setConnectionStatus("disconnected"),r.setClientId(null)}),x=Bo((B)=>{if(t.current?.readyState!==WebSocket.OPEN)return;t.current.send(JSON.stringify({type:"subscribe",topics:B}))}),D=Bo((B)=>{if(t.current?.readyState!==WebSocket.OPEN)return;t.current.send(JSON.stringify({type:"unsubscribe",topics:B}))}),k=Bo((B)=>{return r.events.filter((w)=>w.topic===B)});return Qd(()=>{if(a.current=!1,n.userId)M();return()=>{a.current=!0,S()}},[n.userId]),Qd(()=>{if(r.connection.status==="connected"&&n.topics)x(n.topics)},[n.topics?.join(",")]),{isConnected:r.connection.status==="connected",isConnecting:r.connection.status==="connecting"||r.connection.status==="reconnecting",clientId:r.connection.clientId,subscribedTopics:r.connection.subscribedTopics,events:r.events,error:r.connection.error,reconnectAttempt:r.connection.reconnectAttempt,connect:M,disconnect:S,subscribe:x,unsubscribe:D,clearEvents:r.clearEvents,getEventsByTopic:k}}import{randomUUID as aE}from"crypto";var xs=Ar(Nd(),1);import{Elysia as uc,NotFoundError as de}from"elysia";var jr,to,Lt=typeof Bun<"u"&&!!Bun.file;function fe(){if(jr||(jr=process.getBuiltinModule("fs/promises")),to||(to=process.getBuiltinModule("path")),!to){console.warn("@elysiajs/static require path to be available.");return}return[jr,to]}async function qd(n){if(jr||fe(),Lt){let r=new Bun.Glob("**/*.html"),t=[];for await(let o of r.scan(n))t.push(to.join(n,o));return t}return[]}async function Js(n){if(jr||fe(),Lt){let t=new Bun.Glob("**/*"),o=[];for await(let e of t.scan(n))o.push(to.join(n,e));return o}let r=await jr.readdir(n).catch(()=>[]);return(await Promise.all(r.map(async(t)=>{let o=n+to.sep+t,e=await jr.stat(o).catch(()=>null);return e?e.isDirectory()?await Js(o):[to.resolve(n,o)]:[]}))).flat()}function Ls(n){return jr||fe(),jr.stat(n).then(()=>!0,()=>!1)}class Xs{constructor(n=250,r=10800){this.max=n,this.ttl=r,this.map=new Map}get(n){let r=this.map.get(n);if(r)return r[1]<=Date.now()?void this.delete(n):(this.map.delete(n),this.map.set(n,r),r[0])}set(n,r){if(this.interval||(this.interval=setInterval(()=>{let t=Date.now();for(let[o,e]of this.map)e[1]<=t&&this.map.delete(o)},this.ttl)),this.map.has(n))this.map.delete(n);else if(this.map.size>=this.max){let t=this.map.keys().next().value;t!==void 0&&this.delete(t)}this.map.set(n,[r,Date.now()+this.ttl*1000])}delete(n){this.map.get(n)&&this.map.delete(n)}clear(){this.map.clear()}size(){return this.map.size}[Symbol.dispose](){this.interval&&clearInterval(this.interval)}}function Vs(n,r,t){if(n["cache-control"]&&/no-cache|no-store/.test(n["cache-control"]))return!1;if("if-none-match"in n){let o=n["if-none-match"];return o==="*"?!0:o===null||typeof r!="string"?!1:o===r}if(n["if-modified-since"]){let o=n["if-modified-since"];try{return jr.stat(t).then((e)=>{if(e.mtime!==void 0&&e.mtime.getTime()<=Date.parse(o))return!0})}catch{}}return!1}var dc;function ca(n){return Lt?Bun.file(n):(jr||fe(),jr.readFile(n))}async function Cs(n){return Lt?new Bun.CryptoHasher("md5").update(await n.arrayBuffer()).digest("base64"):(dc||(dc=process.getBuiltinModule("crypto")),dc?dc.createHash("md5").update(n).digest("base64"):void console.warn("[@elysiajs/static] crypto is required to generate etag."))}var ia=(n)=>{if(!n)return!1;for(let r in n)return!0;return!1};async function Fd({assets:n="public",prefix:r="/public",staticLimit:t=1024,alwaysStatic:o=!1,ignorePatterns:e=[".DS_Store",".git",".env"],headers:a,maxAge:c=86400,directive:i="public",etag:s=!0,extension:l=!0,indexHTML:f=!0,decodeURI:u,silent:b}={}){if(typeof process>"u"||typeof process.getBuiltinModule>"u")return b||console.warn("[@elysiajs/static] require process.getBuiltinModule. Static plugin is disabled"),new uc;let $=fe();if(!$)return new uc;let[A,_]=$,m=_.sep!=="/"?(D)=>D.replace(/\\/g,"/"):(D)=>D,E=new Xs;r===_.sep&&(r="");let R=_.resolve(n),M=e.length?(D)=>e.find((k)=>typeof k=="string"?k.includes(D):k.test(D)):()=>!1,S=new uc({name:"static",seed:r});if(o){let D=await Js(_.resolve(n));if(D.length<=t)for(let k of D){let B=function({headers:C}){if(V){let L=Vs(C,V,k);if(L===!0)return new Response(null,{status:304,headers:ia(a)?a:void 0});if(L!==!1){let J=E.get(g);return J?J.clone():L.then((W)=>{if(W)return new Response(null,{status:304,headers:a||void 0});let X=new Response(Y,{headers:Object.assign({"Cache-Control":c?`${i}, max-age=${c}`:i},a,V?{Etag:V}:{})});return E.set(r,X),X.clone()})}}let Q=E.get(g);if(Q)return Q.clone();let j=new Response(Y,{headers:Object.assign({"Cache-Control":c?`${i}, max-age=${c}`:i},a,V?{Etag:V}:{})});return E.set(g,j),j.clone()};var x=B;if(!k||M(k))continue;let w=k.replace(R,"");u&&(w=xs.default(w)??w);let g=m(_.join(r,w));if(Lt&&k.endsWith(".html")){let C=await import(k);S.get(g,C.default),f&&g.endsWith("/index.html")&&S.get(g.replace("/index.html",""),C.default);continue}l||(g=m(g.slice(0,g.lastIndexOf("."))));let Y=Lt?ca(k):await ca(k);if(!Y)return b||console.warn(`[@elysiajs/static] Failed to load file: ${k}`),new uc;let V=await Cs(Y);S.get(g,s?B:new Response(Y,ia(a)?{headers:a}:void 0)),f&&g.endsWith("/index.html")&&S.get(g.replace("/index.html",""),s?B:new Response(Y,ia(a)?{headers:a}:void 0))}return S}if(!(`GET_${r}/*`in S.routeTree)){if(Lt){let D=await qd(_.resolve(n));for(let k of D){if(!k||M(k))continue;let B=k.replace(R,""),w=m(_.join(r,B)),g=await import(k);S.get(w,g.default),f&&w.endsWith("/index.html")&&S.get(w.replace("/index.html",""),g.default)}}S.onError(()=>{}).get(`${r.endsWith("/")?r.slice(0,-1):r}/*`,async({params:D,headers:k})=>{let B=m(_.join(n,u?xs.default(D["*"])??D["*"]:D["*"]));if(M(B))throw new de;let w=E.get(B);if(w)return w.clone();try{let g=await A.stat(B).catch(()=>null);if(!g)throw new de;if(!f&&g.isDirectory())throw new de;let Y;if(!Lt&&f){let Q=_.join(B,"index.html"),j=E.get(Q);if(j)return j.clone();await Ls(Q)&&(Y=await ca(Q))}if(!Y&&!g.isDirectory()&&await Ls(B))Y=await ca(B);else throw new de;if(!s)return new Response(Y,ia(a)?{headers:a}:void 0);let V=await Cs(Y);if(V&&await Vs(k,V,B))return new Response(null,{status:304});let C=new Response(Y,{headers:Object.assign({"Cache-Control":c?`${i}, max-age=${c}`:i},a,V?{Etag:V}:{})});return E.set(B,C),C.clone()}catch(g){throw g instanceof de?g:(b||console.error("[@elysiajs/static]",g),new de)}})}return S}Jl();Sl();import{pushSchema as cE}from"drizzle-kit/api";import{and as ac,eq as br}from"drizzle-orm";import{drizzle as iE}from"drizzle-orm/node-postgres";import{pgSchema as sE}from"drizzle-orm/pg-core";import lE from"elysia";var Sb=[{table_name:"users",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"email",type:"varchar",length:255},{name:"password",type:"varchar",length:255},{name:"verified_at",type:"timestamp"},{name:"last_login_at",type:"timestamp"},{name:"login_count",type:"integer",default:0},{name:"is_locked",type:"boolean",default:!1},{name:"locked_until",type:"timestamp"},{name:"failed_login_attempts",type:"integer",default:0},{name:"is_god",type:"boolean",default:!1}],indexes:[{columns:["email"],unique:!0},{columns:["email","is_active"]},{columns:["last_login_at"]},{columns:["is_locked","locked_until"]}]},{table_name:"profiles",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id"}},{name:"first_name",type:"varchar",length:100,notNull:!0},{name:"last_name",type:"varchar",length:100,notNull:!0}],indexes:[{columns:["user_id"],unique:!0},{columns:["first_name","last_name"]}]},{table_name:"roles",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"name",type:"varchar",length:100,notNull:!0},{name:"description",type:"varchar",length:500}],indexes:[{columns:["name"],unique:!0}]},{table_name:"claims",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"action",type:"varchar",length:100,notNull:!0},{name:"description",type:"varchar",length:500},{name:"path",type:"varchar",length:200,notNull:!0},{name:"method",type:"varchar",length:10,notNull:!0}],indexes:[{columns:["action"],unique:!0},{columns:["path","method"]}]},{table_name:"user_roles",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"role_id",type:"uuid",notNull:!0,references:{table:"roles",column:"id",onDelete:"cascade"}}],indexes:[{columns:["user_id"]},{columns:["role_id"]}],constraints:{unique:[{name:"unique_user_role",columns:["user_id","role_id"]}]}},{table_name:"role_claims",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"role_id",type:"uuid",notNull:!0,references:{table:"roles",column:"id",onDelete:"cascade"}},{name:"claim_id",type:"uuid",notNull:!0,references:{table:"claims",column:"id",onDelete:"cascade"}},{name:"scope",type:"text"}],indexes:[{columns:["role_id"]},{columns:["claim_id"]},{columns:["role_id","claim_id","scope"]}]},{table_name:"files",feature_set:["storage"],add_base_columns:!0,is_form_data:!0,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"name",type:"varchar",length:255,notNull:!0},{name:"original_name",type:"varchar",length:255,notNull:!0},{name:"type",type:"varchar",length:50,enumValues:["image","document","video","audio","profile_picture"]},{name:"path",type:"varchar",length:500,notNull:!0},{name:"size",type:"bigint",mode:"number",notNull:!0},{name:"mime_type",type:"varchar",length:100,notNull:!0},{name:"extension",type:"varchar",length:10,notNull:!0},{name:"uploaded_by",type:"uuid",references:{table:"users",column:"id"}}],indexes:[{columns:["type"]},{columns:["uploaded_by"]},{columns:["size"]}]},{table_name:"addresses",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"owner_type",type:"varchar",length:50,notNull:!0,enumValues:["user","company","contact"]},{name:"owner_id",type:"uuid",notNull:!0},{name:"name",type:"varchar",length:100,notNull:!0},{name:"street",type:"varchar",length:255},{name:"city",type:"varchar",length:100},{name:"state",type:"varchar",length:50},{name:"zip",type:"varchar",length:20},{name:"country",type:"varchar",length:50,default:"US"},{name:"latitude",type:"decimal",precision:10,scale:8},{name:"longitude",type:"decimal",precision:11,scale:8},{name:"neighborhood",type:"varchar",length:100},{name:"apartment",type:"varchar",length:50},{name:"province",type:"varchar",length:100},{name:"district",type:"varchar",length:100},{name:"type",type:"varchar",length:50}],indexes:[{columns:["city","state"]},{columns:["latitude","longitude"]},{columns:["type"]},{columns:["owner_type","owner_id"]}]},{table_name:"phones",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"owner_type",type:"varchar",length:50,notNull:!0,enumValues:["user","company","contact"]},{name:"owner_id",type:"uuid",notNull:!0},{name:"name",type:"varchar",length:100,notNull:!0},{name:"type",type:"varchar",length:50,enumValues:["mobile","office","fax"]},{name:"number",type:"varchar",length:20,notNull:!0},{name:"country_code",type:"varchar",length:10,notNull:!0,default:"+1"},{name:"extension",type:"varchar",length:10}],indexes:[{columns:["number"]},{columns:["type"]},{columns:["owner_type","owner_id"]}]},{table_name:"notifications",feature_set:["authentication","notification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"user_id",type:"uuid",notNull:!0},{name:"title",type:"varchar",length:255,notNull:!0},{name:"body",type:"varchar",length:1000},{name:"entity_name",type:"varchar",length:100},{name:"entity_id",type:"uuid"},{name:"is_seen",type:"boolean",notNull:!0,default:!1},{name:"seen_at",type:"timestamptz"}],indexes:[{columns:["user_id","created_at"]},{columns:["is_seen"]}]},{table_name:"tenants",feature_set:["multi-tenant"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["main"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"subdomain",type:"varchar",length:100,notNull:!0,unique:!0},{name:"company_id",type:"uuid",notNull:!0},{name:"schema_name",type:"varchar",length:100,notNull:!0,unique:!0},{name:"company_name",type:"varchar",length:255},{name:"god_admin_email",type:"varchar",length:255}],indexes:[]},{table_name:"verifications",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"requirement_id",type:"uuid",notNull:!0,references:{table:"verificationRequirements",column:"id"}},{name:"verifier_id",type:"uuid",notNull:!0,references:{table:"users",column:"id"}},{name:"signature_id",type:"uuid",references:{table:"files",column:"id"}},{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"entity_id",type:"uuid",notNull:!0},{name:"step_order",type:"integer",notNull:!0,default:1},{name:"decision",type:"varchar",length:50,notNull:!0,default:"pending",enumValues:["approved","rejected","pending"]},{name:"reason",type:"text"},{name:"diff",type:"jsonb"}],indexes:[{columns:["requirement_id"]},{columns:["verifier_id"]},{columns:["entity_name","entity_id"]},{columns:["entity_name","entity_id","step_order"]},{columns:["decision"]}]},{table_name:"verificationRequirements",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"entity_id",type:"uuid"},{name:"entity_name",type:"varchar",length:100},{name:"verifier_type",type:"varchar",length:30,enumValues:["user","role","entity_creator"]},{name:"verifier_id",type:"uuid"},{name:"verifier_role",type:"varchar",length:50},{name:"is_signature_mandatory",type:"boolean",notNull:!0},{name:"step_order",type:"integer",notNull:!0,default:1},{name:"is_all_required",type:"boolean",notNull:!0,default:!1},{name:"connected_from_step_order",type:"integer"},{name:"position_x",type:"numeric"},{name:"position_y",type:"numeric"}],indexes:[{columns:["entity_id"]}]},{table_name:"verificationFlows",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"name",type:"varchar",length:255,notNull:!0},{name:"description",type:"text"},{name:"trigger_on",type:"varchar",length:50,notNull:!0,default:"update",enumValues:["create","update","delete","manual"]},{name:"trigger_fields",type:"jsonb"},{name:"is_draft",type:"boolean",notNull:!0,default:!0},{name:"published_at",type:"timestamptz"},{name:"viewport",type:"jsonb"}],indexes:[{columns:["entity_name"]},{columns:["entity_name","trigger_on"]},{columns:["is_draft"]}]},{table_name:"verificationSteps",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id",onDelete:"cascade"}},{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"node_id",type:"varchar",length:100,notNull:!0},{name:"node_type",type:"varchar",length:50,notNull:!0,default:"step",enumValues:["start","step","condition","notification","end"]},{name:"step_order",type:"integer",notNull:!0,default:1},{name:"name",type:"varchar",length:255},{name:"description",type:"text"},{name:"position_x",type:"numeric",notNull:!0,default:0},{name:"position_y",type:"numeric",notNull:!0,default:0},{name:"width",type:"numeric"},{name:"height",type:"numeric"},{name:"style",type:"jsonb"},{name:"data",type:"jsonb"}],indexes:[{columns:["flow_id"]},{columns:["entity_name"]},{columns:["flow_id","node_id"],unique:!0},{columns:["entity_name","step_order"]}]},{table_name:"verificationEdges",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id",onDelete:"cascade"}},{name:"edge_id",type:"varchar",length:100,notNull:!0},{name:"source_node_id",type:"varchar",length:100,notNull:!0},{name:"target_node_id",type:"varchar",length:100,notNull:!0},{name:"source_handle",type:"varchar",length:50},{name:"target_handle",type:"varchar",length:50},{name:"edge_type",type:"varchar",length:50,default:"default",enumValues:["default","conditional","success","failure"]},{name:"label",type:"varchar",length:255},{name:"condition",type:"jsonb"},{name:"style",type:"jsonb"},{name:"animated",type:"boolean",default:!1}],indexes:[{columns:["flow_id"]},{columns:["flow_id","edge_id"],unique:!0},{columns:["source_node_id"]},{columns:["target_node_id"]}]},{table_name:"verificationNotificationRules",feature_set:["authentication","verification","notification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id",onDelete:"cascade"}},{name:"step_node_id",type:"varchar",length:100},{name:"trigger",type:"varchar",length:50,notNull:!0,enumValues:["on_flow_started","on_step_reached","on_approved","on_rejected","on_flow_completed"]},{name:"channel",type:"varchar",length:20,notNull:!0,default:"portal",enumValues:["portal","email","both"]},{name:"title_template",type:"varchar",length:255},{name:"body_template",type:"text"},{name:"starts_at",type:"timestamptz"},{name:"expires_at",type:"timestamptz"}],indexes:[{columns:["flow_id"]},{columns:["flow_id","step_node_id"]},{columns:["trigger"]}]},{table_name:"verificationNotificationRecipients",feature_set:["authentication","verification","notification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"rule_id",type:"uuid",notNull:!0},{name:"recipient_type",type:"varchar",length:20,notNull:!0,enumValues:["user","role","all_verifiers","step_verifier"]},{name:"recipient_user_id",type:"uuid"},{name:"recipient_role_id",type:"uuid"},{name:"channel",type:"varchar",length:20,notNull:!0,enumValues:["portal"]}],indexes:[{columns:["rule_id"]},{columns:["recipient_type"]},{columns:["channel"]}]},{table_name:"user_sessions",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","PATCH"],bulk_endpoints_enabled:!0,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"token_hash",type:"varchar",length:255,notNull:!0},{name:"refresh_token_hash",type:"varchar",length:255},{name:"device_fingerprint",type:"varchar",length:255},{name:"device_name",type:"varchar",length:100},{name:"device_type",type:"varchar",length:50,enumValues:["desktop","mobile","tablet","unknown"]},{name:"browser_name",type:"varchar",length:50},{name:"browser_version",type:"varchar",length:20},{name:"os_name",type:"varchar",length:50},{name:"os_version",type:"varchar",length:20},{name:"ip_address",type:"varchar",length:45,notNull:!0},{name:"location_country",type:"varchar",length:100},{name:"location_city",type:"varchar",length:100},{name:"location_coordinates",type:"varchar",length:50},{name:"last_activity_at",type:"timestamptz",notNull:!0,defaultRaw:"now()"},{name:"expires_at",type:"timestamptz",notNull:!0},{name:"revoked_at",type:"timestamptz"},{name:"revoked_reason",type:"varchar",length:100,enumValues:["user_logout","user_revoked","admin_revoked","security_concern","password_changed","expired","replaced"]},{name:"is_current",type:"boolean",notNull:!0,default:!1},{name:"login_method",type:"varchar",length:50,enumValues:["password","oauth_google","oauth_github","oauth_microsoft","magic_link","sso","api_key"]},{name:"trust_score",type:"integer",default:100},{name:"approval_status",type:"varchar",length:20,default:"approved",enumValues:["approved","pending","rejected"]},{name:"approval_token",type:"varchar",length:64},{name:"approval_requested_at",type:"timestamptz"},{name:"approval_responded_at",type:"timestamptz"}],indexes:[{columns:["user_id"]},{columns:["token_hash"],unique:!0},{columns:["refresh_token_hash"]},{columns:["user_id","is_active"]},{columns:["expires_at"]},{columns:["device_fingerprint"]},{columns:["ip_address"]},{columns:["last_activity_at"]},{columns:["approval_status"]},{columns:["approval_token"]}]},{table_name:"password_reset_tokens",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","PATCH","DELETE"],bulk_endpoints_enabled:!0,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"token_hash",type:"varchar",length:255,notNull:!0},{name:"expires_at",type:"timestamptz",notNull:!0},{name:"used_at",type:"timestamptz"}],indexes:[{columns:["token_hash"],unique:!0},{columns:["user_id"]},{columns:["expires_at"]}]},{table_name:"magic_link_tokens",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","PATCH","DELETE"],bulk_endpoints_enabled:!0,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"email",type:"varchar",length:255,notNull:!0},{name:"token_hash",type:"varchar",length:255,notNull:!0},{name:"expires_at",type:"timestamptz",notNull:!0},{name:"used_at",type:"timestamptz"}],indexes:[{columns:["token_hash"],unique:!0},{columns:["user_id"]},{columns:["email"]},{columns:["expires_at"]}]},{table_name:"audit_logs",feature_set:["audit"],add_base_columns:!1,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","DELETE","PATCH","TOGGLE","VERIFICATION"],bulk_endpoints_enabled:!0,columns:[{name:"id",type:"uuid",primaryKey:!0,defaultRaw:"gen_random_uuid()"},{name:"entity_id",type:"uuid"},{name:"entity_name",type:"text",notNull:!0},{name:"operation_type",type:"text",notNull:!0},{name:"user_id",type:"uuid"},{name:"ip_address",type:"text"},{name:"user_agent",type:"text"},{name:"summary",type:"text"},{name:"old_values",type:"jsonb"},{name:"new_values",type:"jsonb"},{name:"created_at",type:"timestamp",notNull:!0,defaultRaw:"now()"},{name:"path",type:"text"},{name:"query",type:"text"}],indexes:[{columns:["entity_id"]},{columns:["entity_name"]},{columns:["user_id"]},{columns:["created_at"]}]}];var $h={GET:["GET"],POST:["POST"],PUT:["PUT"],DELETE:["DELETE"],PATCH:["PATCH"],TOGGLE:["PATCH"],VERIFICATION:["POST"]};function Ah(n,r){let t=[],o=n.authentication;if(!o)return t;if(o.login?.enabled&&o.login?.isPublic)t.push({path:o.login.route||`${r}/auth/login`,method:"POST",source:"auth"});if(o.register?.enabled&&o.register?.isPublic)t.push({path:o.register.route||`${r}/auth/register`,method:"POST",source:"auth"});if(o.logout?.enabled&&o.logout?.isPublic)t.push({path:o.logout.route||`${r}/auth/logout`,method:"POST",source:"auth"});if(o.refresh?.enabled&&o.refresh?.isPublic)t.push({path:o.refresh.route||`${r}/auth/refresh`,method:"POST",source:"auth"});if(o.passwordReset?.enabled&&o.passwordReset?.isPublic){let e=o.passwordReset.route||`${r}/auth/password-reset`;t.push({path:`${e}/request`,method:"POST",source:"auth"},{path:`${e}/confirm`,method:"POST",source:"auth"})}if(o.passwordChange?.enabled&&o.passwordChange?.isPublic)t.push({path:o.passwordChange.route||`${r}/auth/password-change`,method:"POST",source:"auth"});if(o.magicLink?.enabled&&o.magicLink?.isPublic)t.push({path:o.magicLink.route||`${r}/auth/magic-link`,method:"POST",source:"auth"},{path:o.magicLink.verifyRoute||`${r}/auth/magic-link/verify`,method:"GET",source:"auth"});if(o.register?.enabled&&o.register?.emailVerification?.enabled)t.push({path:`${r}/verify-email`,method:"GET",source:"auth"},{path:`${r}/resend-verification`,method:"POST",source:"auth"});if(o.invite?.enabled&&o.invite?.isPublic)t.push({path:o.invite.route||`${r}/auth/invite`,method:"POST",source:"auth"});if(o.invite?.enabled){let e=o.invite.route||`${r}/auth/invite`;t.push({path:`${e}/verify`,method:"POST",source:"auth"})}if(o.passwordSet?.enabled)t.push({path:o.passwordSet.route||`${r}/auth/password-set`,method:"POST",source:"auth"});if(o.captcha?.enabled&&o.captcha?.isPublic){let e=o.captcha.route||`${r}/auth/captcha`;t.push({path:`${e}/generate`,method:"GET",source:"auth"},{path:`${e}/validate`,method:"POST",source:"auth"})}if(o.oauth?.enabled){let e=o.oauth.basePath||`${r}/auth/oauth`;t.push({path:`${e}/providers`,method:"GET",source:"auth"},{path:`${e}/:provider`,method:"GET",source:"auth"},{path:`${e}/:provider/callback`,method:"GET",source:"auth"})}return t}function Mb(n,r,t){let o=[];for(let e of n){if(!e.is_public)continue;let a=`${r}/${t}/${e.table_name}`;for(let[c,i]of Object.entries(e.is_public)){if(!i)continue;let s=$h[c];if(!s)continue;for(let l of s)if(l==="GET")o.push({path:a,method:"GET",source:"entity"}),o.push({path:`${a}/:id`,method:"GET",source:"entity"});else if(l==="POST")o.push({path:a,method:"POST",source:"entity"});else if(l==="PUT"||l==="PATCH")o.push({path:`${a}/:id`,method:l,source:"entity"});else if(l==="DELETE")o.push({path:`${a}/:id`,method:"DELETE",source:"entity"})}}return o}function Rh(n,r,t){return Mb(n,r,t)}function Ll(n,r,t="",o="public"){let e=Ah(n,t),a=Mb(n.entities||[],t,o),c=Rh(r,t,o),i=[];if(n.pubsub?.enabled){let l=n.pubsub.basePath||"/subs",f=n.pubsub.wsPath||"/api/events/subscribe";i.push({path:`${l}/:topic`,method:"POST",source:"system"},{path:f,method:"GET",source:"system"})}let s=[{path:"/nucleus-core",method:"GET",source:"custom"},{path:"/public",method:"GET",source:"custom"},{path:"/docs",method:"GET",source:"custom"},{path:"/docs/json",method:"GET",source:"custom"},{path:"/swagger",method:"GET",source:"custom"},{path:"/swagger/json",method:"GET",source:"custom"}];return[...e,...a,...c,...i,...s]}function Xl(n,r,t){let o=r.replace(/\/$/,""),e=t.toUpperCase();for(let a of n){if(a.method!==e)continue;if(kh(a.path,o))return!0}return!1}function kh(n,r){if(n===r)return!0;let t=n.split("/").filter(Boolean),o=r.split("/").filter(Boolean);if(t.length!==o.length)return!1;for(let e=0;e<t.length;e++){let a=t[e],c=o[e];if(a?.startsWith(":"))continue;if(a!==c)return!1}return!0}Rl();Kc();Ic();import{asc as r5,desc as t5,eq as Sr,ilike as lg,inArray as o5,notInArray as e5,or as a5}from"drizzle-orm";import{drizzle as c5}from"drizzle-orm/node-postgres";import{Elysia as i5,t as Cn}from"elysia";import{t as Nn}from"elysia";function nf(n){let r={};if(!n||n.length===0)return Nn.Object({},{additionalProperties:!0});for(let t of n)switch(t.type?.toLowerCase()||"string"){case"integer":case"int":case"serial":case"bigserial":case"numeric":case"decimal":r[t.name]=t.notNull?Nn.Number():Nn.Optional(Nn.Number());break;case"boolean":r[t.name]=t.notNull?Nn.Boolean():Nn.Optional(Nn.Boolean());break;case"timestamp":case"timestamptz":case"date":r[t.name]=t.notNull?Nn.String({format:"date-time"}):Nn.Optional(Nn.String({format:"date-time"}));break;case"json":case"jsonb":r[t.name]=Nn.Optional(Nn.Unknown());break;case"uuid":r[t.name]=t.notNull?Nn.String({format:"uuid"}):Nn.Optional(Nn.String({format:"uuid"}));break;default:r[t.name]=t.notNull?Nn.String():Nn.Optional(Nn.String())}return Nn.Object(r,{additionalProperties:!0})}function sg(n){return Nn.Array(Nn.Object({id:Nn.String(),data:nf(n)}))}function rf(n,r){let{db:t,schemaTables:o,schemaRelations:e,entities:a,logger:c,databaseUrl:i,storage:s,authorization:l}=r,f=ma(s),u=l?.enabled??!1;if(!t)return n;let b=Object.keys(o),$=a.map((S)=>S.table_name),A=b.filter((S)=>!$.includes(S)),_=["userSessions","passwordResetTokens","magicLinkTokens"],m=["passwordResetTokens","magicLinkTokens"],E=["files"],R=A.filter((S)=>{if(m.includes(S)&&!r.emailServiceAvailable)return c.info(`Skipping ${S} routes - email service not available`),!1;return!0}).map((S)=>({table_name:S,group_name:_.includes(S)?"Authentication":S,is_form_data:E.includes(S)})),M=[...a,...R];c.info(`All entities: ${M.map((S)=>S.table_name).join(", ")}`);for(let S of M){let x=S.table_name,D=S.group_name||S.table_name,k=o[x];if(!k)continue;let B=e[`${x}Relations`];c.info(`Creating routes for table: ${x}`);let w=k,g=w.id,Y=t,V=nf(S.columns),C=Cn.Array(V),Q=sg(S.columns),j=Cn.Array(Cn.String()),L=new i5({prefix:`/${x}`});if(!S.excluded_methods?.includes("GET"))L.get("/",async(J)=>{if(!Y)return{success:!1,message:"DB not initialized"};let W=J.request.headers.get("x-user-id"),X=S.columns?.map((On)=>On.name),O=Object.keys(e).filter((On)=>On.startsWith(`${S.table_name}Relations`)).map((On)=>On.replace("Relations","")),F=null;if(u&&W){if(F=await Al({userId:W,method:"GET",entity:S.table_name,requestedFields:X,requestedRelations:O,db:Y,schemaTables:o,logger:c}),!F.authorized)return{success:!1,message:F.reason||"Unauthorized",status:403}}let K=Kl(J.query),q=[];if(u&&F?.scopeFilters)for(let[On,an]of Object.entries(F.scopeFilters)){let Sn=w[On];if(Sn)q.push(Sr(Sn,an))}if(K.search&&K.searchFields){let On=K.searchFields.map((an)=>{let Sn=w[an.trim()];return Sn?lg(Sn,`%${K.search}%`):null}).filter((an)=>an!==null);if(On.length>0){let an=a5(...On);if(an)q.push(an)}}if(K.filters){let{ne:On,gt:an,gte:Sn,lt:Er,lte:Fr,like:Uo,isNull:ie,isNotNull:ms}=await import("drizzle-orm");for(let gr of K.filters){let sr=w[gr.field];if(!sr)continue;switch(gr.operator){case"eq":q.push(Sr(sr,gr.value));break;case"neq":q.push(On(sr,gr.value));break;case"gt":q.push(an(sr,gr.value));break;case"gte":q.push(Sn(sr,gr.value));break;case"lt":q.push(Er(sr,gr.value));break;case"lte":q.push(Fr(sr,gr.value));break;case"like":q.push(Uo(sr,gr.value));break;case"ilike":q.push(lg(sr,gr.value));break;case"in":q.push(o5(sr,gr.value));break;case"notIn":q.push(e5(sr,gr.value));break;case"isNull":q.push(ie(sr));break;case"isNotNull":q.push(ms(sr));break}}}let rn=Y.select().from(k);if(q.length>0){let{and:On}=await import("drizzle-orm"),an=On(...q);if(an)rn=rn.where(an)}if(K.sort&&K.sort.length>0){let On=K.sort.map((an)=>{let Sn=w[an.field];if(!Sn)return null;return an.direction==="desc"?t5(Sn):r5(Sn)}).filter((an)=>an!==null);if(On.length>0)rn=rn.orderBy(...On)}let en=K.page??1,gn=K.limit??20,Gn=K.offset??(en-1)*gn,T=Y.select().from(k);if(q.length>0){let{and:On}=await import("drizzle-orm"),an=On(...q);if(an)T.where(an)}let Vn=(await T).length;rn=rn.limit(gn).offset(Gn);let ot=await rn,ce=ng(en,gn,Gn,Vn);if(u&&F?.allowedFields)ot=Jc(ot,F.allowedFields);return{success:!0,data:{items:ot,meta:ce}}},{detail:{tags:[D],summary:`List ${x}`,description:`Get paginated list of ${x} records with filtering, sorting, and search`}}),L.get("/:id",async(J)=>{if(!Y||!g)return{success:!1,message:"No id column or DB"};let W=J.params,X=Kl(J.query),O=J.request.headers.get("x-user-id"),F=S.columns?.map((gn)=>gn.name),K=X.with?.map((gn)=>gn.name),q=null;if(u&&O){if(q=await Al({userId:O,method:"GET",entity:S.table_name,requestedFields:F,requestedRelations:K,db:Y,schemaTables:o,logger:c}),!q.authorized)return{success:!1,message:q.reason||"Unauthorized",status:403}}if(X.with&&X.with.length>0&&B&&i){let gn=u&&q?.allowedRelations?X.with.filter((tn)=>q.allowedRelations?.includes(tn.name)??!1):X.with,T=await c5(i,{schema:{...o,...e}}).query[S.table_name]?.findFirst({where:Sr(g,W.id),with:gn.reduce((tn,Vn)=>{return tn[Vn.name]=Vn.limit?{limit:Vn.limit}:!0,tn},{})});if(u&&q?.allowedFields&&T)T=Jc(T,q.allowedFields);if(u&&q?.allowedRelations&&T)T=pu(T,q.allowedRelations);return{success:!0,data:T||null}}let en=(await Y.select().from(k).where(Sr(g,W.id)))[0]||null;if(u&&q?.allowedFields&&en)en=Jc(en,q.allowedFields);return{success:!0,data:en}},{detail:{tags:[D],summary:`Get ${x} by ID`,description:`Get a single ${x} record by its ID with optional relations`}}),L.get("/distinct/:field",async(J)=>{if(!Y)return{success:!1,message:"DB not initialized"};let W=J.params,X=w[W.field];if(!X)return{success:!1,message:"Field not found"};return{success:!0,data:await Y.selectDistinct({value:X}).from(k)}},{detail:{tags:[D],summary:`Get distinct ${x} values`,description:`Get distinct values for a specific field in ${x}`}});if(!S.excluded_methods?.includes("POST"))if(S.is_form_data&&f.enabled)L.post("/",async(J)=>{if(!Y)return{success:!1,message:"DB not initialized"};let W=J.request.headers.get("x-user-id"),{data:X,files:O}=wa(J.body,f),F=X;if(S.columns){F=_e(F,S.columns);let rn=ge(F,S.columns,!1);if(!rn.valid)return{success:!1,message:"Validation failed",errors:rn.errors}}let K=null;if(O.length>0){if(K=await ha(O,f,S.table_name),K.failed.length>0&&K.success.length===0)return{success:!1,message:"File upload failed",errors:K.failed};if(K.success.length>0){let rn=K.success[0];if(rn){let en=rn.originalName.split(".").pop()||"";F={...F,id:rn.id,name:rn.name,originalName:rn.originalName,path:rn.path,mimeType:rn.mimeType,size:rn.size,extension:en,uploadedBy:W}}}}if(W)F.createdBy=W;let q=await Y.insert(k).values(F).returning();{let rn=new URL(J.request.url);c.audit({entityName:S.table_name,entityId:String(q[0]?.id??""),operation:"CREATE",userId:W||void 0,summary:`Created ${S.table_name}`,newValues:q[0],ipAddress:J.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||J.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:J.request.headers.get("user-agent")||"unknown",path:rn.pathname,query:rn.search})}return{success:!0,data:q[0]}},{type:"formdata",body:Cn.Object({[f.formData.dataField]:Cn.Optional(Cn.Union([Cn.String(),Cn.Any()])),[f.formData.filesField]:Cn.Optional(Cn.Union([Cn.File(),Cn.Array(Cn.File())]))}),detail:{tags:[D],summary:`Create ${x} with files`,description:`Create a new ${x} record with file upload support`}});else L.post("/",async(J)=>{if(!Y)return{success:!1,message:"DB not initialized"};let W=J.body,X=J.request.headers.get("x-user-id");if(S.columns){W=_e(W,S.columns);let F=ge(W,S.columns,!1);if(!F.valid)return{success:!1,message:"Validation failed",errors:F.errors}}if(X)W.createdBy=X;let O=await Y.insert(k).values(W).returning();{let F=new URL(J.request.url);c.audit({entityName:S.table_name,entityId:String(O[0]?.id??""),operation:"CREATE",userId:X||void 0,summary:`Created ${S.table_name}`,newValues:O[0],ipAddress:J.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||J.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:J.request.headers.get("user-agent")||"unknown",path:F.pathname,query:F.search})}return{success:!0,data:O[0]}},{body:V,detail:{tags:[D],summary:`Create ${x}`,description:`Create a new ${x} record`}});if(!S.excluded_methods?.includes("PUT"))if(S.is_form_data&&f.enabled)L.put("/:id",async(J)=>{if(!Y||!g)return{success:!1,message:"No id column or DB"};let W=J.params,X=J.request.headers.get("x-user-id"),{data:O,files:F}=wa(J.body,f),K=O,q=await Y.select().from(k).where(Sr(g,W.id)).limit(1);if(S.columns){K=_e(K,S.columns);let gn=ge(K,S.columns,!1);if(!gn.valid)return{success:!1,message:"Validation failed",errors:gn.errors}}let rn=null;if(F.length>0)rn=await ha(F,f,S.table_name);let en=await Y.update(k).set(K).where(Sr(g,W.id)).returning();{let gn=new URL(J.request.url);c.audit({entityName:S.table_name,entityId:W.id,operation:"UPDATE",userId:X||void 0,summary:`Updated ${S.table_name} (${W.id})`,oldValues:q[0],newValues:en[0],ipAddress:J.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||J.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:J.request.headers.get("user-agent")||"unknown",path:gn.pathname,query:gn.search})}return{success:!0,data:{record:en[0],files:rn?.success||[],fileErrors:rn?.failed||[]}}},{type:"formdata",body:Cn.Object({[f.formData.dataField]:Cn.Optional(Cn.Union([Cn.String(),Cn.Any()])),[f.formData.filesField]:Cn.Optional(Cn.Union([Cn.File(),Cn.Array(Cn.File())]))}),detail:{tags:[D],summary:`Update ${x} with files`,description:`Full update of ${x} record with file upload support`}});else L.put("/:id",async(J)=>{if(!Y||!g)return{success:!1,message:"No id column or DB"};let{params:W,body:X}=J,O=J.request.headers.get("x-user-id"),F=await Y.select().from(k).where(Sr(g,W.id)).limit(1);if(S.columns){X=_e(X,S.columns);let q=ge(X,S.columns,!1);if(!q.valid)return{success:!1,message:"Validation failed",errors:q.errors}}if(X.updatedAt=new Date,O)X.updatedBy=O;let K=await Y.update(k).set(X).where(Sr(g,W.id)).returning();{let q=new URL(J.request.url);c.audit({entityName:S.table_name,entityId:W.id,operation:"UPDATE",userId:O||void 0,summary:`Updated ${S.table_name} (${W.id})`,oldValues:F[0],newValues:K[0],ipAddress:J.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||J.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:J.request.headers.get("user-agent")||"unknown",path:q.pathname,query:q.search})}return{success:!0,data:K[0]}},{body:V,detail:{tags:[D],summary:`Update ${x}`,description:`Full update of ${x} record`}});if(!S.excluded_methods?.includes("PATCH"))L.patch("/:id",async(J)=>{if(!Y||!g)return{success:!1,message:"No id column or DB"};let{params:W,body:X}=J,O=J.request.headers.get("x-user-id"),F=await Y.select().from(k).where(Sr(g,W.id)).limit(1);if(S.columns){X=_e(X,S.columns);let q=ge(X,S.columns,!0);if(!q.valid)return{success:!1,message:"Validation failed",errors:q.errors}}if(X.updatedAt=new Date,O)X.updatedBy=O;let K=await Y.update(k).set(X).where(Sr(g,W.id)).returning();{let q=new URL(J.request.url);c.audit({entityName:S.table_name,entityId:W.id,operation:"PATCH",userId:O||void 0,summary:`Patched ${S.table_name} (${W.id})`,oldValues:F[0],newValues:K[0],ipAddress:J.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||J.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:J.request.headers.get("user-agent")||"unknown",path:q.pathname,query:q.search})}return{success:!0,data:K[0]}},{body:V,detail:{tags:[D],summary:`Patch ${x}`,description:`Partial update of ${x} record`}});if(!S.excluded_methods?.includes("DELETE"))L.delete("/:id",async(J)=>{if(!Y||!g)return{success:!1,message:"No id column or DB"};let W=J.params,X=J.request.headers.get("x-user-id"),O=await Y.select().from(k).where(Sr(g,W.id)).limit(1);await Y.delete(k).where(Sr(g,W.id));{let F=new URL(J.request.url);c.audit({entityName:S.table_name,entityId:W.id,operation:"DELETE",userId:X||void 0,summary:`Deleted ${S.table_name} (${W.id})`,oldValues:O[0],ipAddress:J.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||J.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:J.request.headers.get("user-agent")||"unknown",path:F.pathname,query:F.search})}return{success:!0,data:null}},{detail:{tags:[D],summary:`Delete ${x}`,description:`Delete a ${x} record`}});if(S.bulk_endpoints_enabled){if(!S.excluded_methods?.includes("POST"))L.post("/bulk",async(J)=>{if(!Y)return{success:!1,message:"DB not initialized"};let W=J.body;if(!Array.isArray(W))return{success:!1,message:"Body must be an array"};try{return{success:!0,data:await Y.transaction(async(O)=>{let F=[];for(let K of W){let q=await O.insert(k).values(K).returning();F.push(q[0])}return F})}}catch(X){return{success:!1,message:X instanceof Error?X.message:"Transaction failed"}}},{body:C,detail:{tags:[D],summary:`Bulk create ${x}`,description:`Create multiple ${x} records`}});if(!S.excluded_methods?.includes("PUT"))L.put("/bulk",async(J)=>{if(!Y||!g)return{success:!1,message:"No id column or DB"};let W=J.body;if(!Array.isArray(W))return{success:!1,message:"Body must be an array"};try{return{success:!0,data:await Y.transaction(async(O)=>{let F=[];for(let K of W){let q=await O.update(k).set(K.data).where(Sr(g,K.id)).returning();F.push(q[0])}return F})}}catch(X){return{success:!1,message:X instanceof Error?X.message:"Transaction failed"}}},{body:Q,detail:{tags:[D],summary:`Bulk update ${x}`,description:`Update multiple ${x} records`}});if(!S.excluded_methods?.includes("DELETE"))L.delete("/bulk",async(J)=>{if(!Y||!g)return{success:!1,message:"No id column or DB"};let W=J.body;if(!Array.isArray(W))return{success:!1,message:"Body must be an array of ids"};try{return await Y.transaction(async(X)=>{for(let O of W)await X.delete(k).where(Sr(g,O))}),{success:!0,data:{deleted:W.length}}}catch(X){return{success:!1,message:X instanceof Error?X.message:"Transaction failed"}}},{body:j,detail:{tags:[D],summary:`Bulk delete ${x}`,description:`Delete multiple ${x} records`}})}n.use(L)}return n}import s5,{t as $a}from"elysia";function l5(n){let r=n.match(/^(\d+)(ms|s|m|h)$/);if(!r||!r[1]||!r[2])return 5000;let t=parseInt(r[1],10);switch(r[2]){case"ms":return t;case"s":return t*1000;case"m":return t*60*1000;case"h":return t*60*60*1000;default:return 5000}}function tf(n){let{monitoringService:r,logger:t,endpoints:o}=n,e=new s5({prefix:o.basePath});if(!o.enabled)return e;if(o.stream.enabled)e.get(o.stream.path,async function*({request:a}){t.info("[Monitoring] SSE stream connected");let c=l5(o.stream.interval),i=!0;a.signal.addEventListener("abort",()=>{i=!1,t.info("[Monitoring] SSE stream disconnected")});let s=await r.getLatestSnapshot();if(s)yield{event:"snapshot",data:JSON.stringify(s)};while(i){if(await new Promise((u)=>setTimeout(u,c)),!i)break;let l=await r.getLatestSnapshot();if(l)yield{event:"snapshot",data:JSON.stringify(l)};let f=r.getActiveAlerts();if(f.length>0)yield{event:"alerts",data:JSON.stringify(f)}}},{detail:{tags:["Monitoring"],summary:"Stream real-time monitoring data",description:"Server-Sent Events stream for real-time monitoring metrics"}});if(o.snapshot.enabled)e.get(o.snapshot.path,async()=>{let a=await r.getLatestSnapshot();if(!a)return{isSuccess:!1,message:"No monitoring data available",data:null};return{isSuccess:!0,message:"Current monitoring snapshot",data:a}},{detail:{tags:["Monitoring"],summary:"Get current monitoring snapshot",description:"Returns the latest monitoring metrics snapshot"}});if(o.history.enabled)e.get(o.history.path,async({query:a})=>{let c=Math.min(a.minutes?parseInt(String(a.minutes),10):60,o.history.maxMinutes),i=await r.getHistory(c);return{isSuccess:!0,message:`Monitoring history for last ${c} minutes`,data:{minutes:c,count:i.length,snapshots:i}}},{query:$a.Object({minutes:$a.Optional($a.Numeric())}),detail:{tags:["Monitoring"],summary:"Get monitoring history",description:"Returns historical monitoring data for the specified time range"}});if(o.alerts.enabled)e.get(o.alerts.path,()=>{let a=r.getActiveAlerts();return{isSuccess:!0,message:"Active alerts",data:{count:a.length,alerts:a}}},{detail:{tags:["Monitoring"],summary:"Get active alerts",description:"Returns all currently active monitoring alerts"}}),e.post(`${o.alerts.path}/:alertId/acknowledge`,({params:a})=>{if(!r.acknowledgeAlert(a.alertId))return{isSuccess:!1,message:"Alert not found",data:null};return{isSuccess:!0,message:"Alert acknowledged",data:{alertId:a.alertId}}},{params:$a.Object({alertId:$a.String()}),detail:{tags:["Monitoring"],summary:"Acknowledge an alert",description:"Mark an alert as acknowledged"}});return t.info(`[Monitoring] Routes enabled at ${o.basePath} (stream: ${o.stream.enabled}, snapshot: ${o.snapshot.enabled}, history: ${o.history.enabled}, alerts: ${o.alerts.enabled})`),e}import f5,{t as Vr}from"elysia";var d5={"Content-Type":"text/event-stream; charset=utf-8","Cache-Control":"no-cache, no-transform",Connection:"keep-alive"},u5=new TextEncoder,of=(n,r)=>{let t=typeof r==="string"?r:JSON.stringify(r);return u5.encode(`event: ${n}
|
|
65
|
+
`}),b.info("[OAUTH] Invite email sent to new OAuth user",{userId:j,email:V.email,provider:M})}catch(ot){b.warn("[OAUTH] Failed to send invite email",{userId:j,error:ot})}}await u.update($).set({lastLoginAt:new Date}).where(kr($.id,j));let L=R.request.headers.get("cf-connecting-ip")?.trim()||R.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||R.request.headers.get("x-real-ip")?.trim()||"127.0.0.1",J=R.request.headers.get("user-agent")||"Unknown Browser",W=di(J,L),X=t(j),O=o(j),F={userId:j,deviceInfo:W,loginMethod:`oauth:${M}`,rememberMe:!0},K=await e(F);if(a)await a(K,F);await b.audit({entityName:"users",entityId:j,operation:"LOGIN",userId:j,summary:`${V.email??V.providerAccountId} logged in via OAuth (${M})`,ipAddress:L,userAgent:J,path:`${A}/${M}/callback`,query:""});let q=_.secure?"; Secure":"",rn=`; Path=${_.path}; HttpOnly; SameSite=${_.sameSite}${q}`,en=[];if(m.accessToken.setHeadersEnabled)en.push(`${_.accessTokenName}=${X}${rn}; Max-Age=${_.accessTokenMaxAge}`);if(m.refreshToken.setHeadersEnabled)en.push(`${_.refreshTokenName}=${O}${rn}; Max-Age=${_.refreshTokenMaxAge}`);if(m.sessionToken.setHeadersEnabled)en.push(`${_.sessionTokenName}=${K}${rn}; Max-Age=${_.sessionTokenMaxAge}`);let gn=g.redirectUrl||r.successRedirectUrl,Gn=new Headers;Gn.set("Location",gn);for(let T of en)Gn.append("Set-Cookie",T);return new Response(null,{status:302,headers:Gn})},{detail:{tags:["Authentication"],summary:"OAuth Callback",description:"Handles the OAuth provider callback, creates session and sets cookies"}}),E.get(`${A}/providers`,()=>{return{success:!0,data:{providers:r.getEnabledProviders()}}},{detail:{tags:["Authentication"],summary:"List OAuth Providers",description:"Returns the list of enabled OAuth providers"}}),E.get(`${A}/link/:provider`,async(R)=>{let M=R.params.provider;if(!r.isProviderEnabled(M))return R.set.status=404,{success:!1,message:`OAuth provider "${M}" is not enabled`};if(!r.allowAccountLinking)return R.set.status=403,{success:!1,message:"Account linking is disabled"};let S=R.request.headers.get("x-user-id");if(!S)return R.set.status=401,{success:!1,message:"Authentication required to link accounts"};let x=R.query.redirect_url,D=r.buildAuthorizationUrl(M,S,x);return R.set.status=302,R.set.headers.Location=D,null},{detail:{tags:["Authentication"],summary:"Link OAuth Account",description:"Redirects to provider to link an OAuth account to the current user"}}),E.delete(`${A}/unlink/:provider`,async(R)=>{let M=R.params.provider,S=R.request.headers.get("x-user-id");if(!S)return R.set.status=401,{success:!1,message:"Authentication required"};if(!u)return R.set.status=500,{success:!1,message:"Database not configured"};let x=n.oauthAccountsTable;if(!x)return R.set.status=500,{success:!1,message:"OAuth accounts table not configured"};if((await u.select().from(x).where(ss(kr(x.userId,S),kr(x.provider,M))).limit(1)).length===0)return{success:!1,message:`No linked ${M} account found`};let w=!!(await u.select().from($).where(kr($.id,S)).limit(1))[0]?.password,g=await u.select().from(x).where(kr(x.userId,S));if(!w&&g.length<=1)return R.set.status=400,{success:!1,message:"Cannot unlink the only login method. Set a password first."};return await u.delete(x).where(ss(kr(x.userId,S),kr(x.provider,M))),b.info("[OAUTH] Account unlinked",{userId:S,provider:M}),{success:!0,message:`${M} account unlinked successfully`}},{detail:{tags:["Authentication"],summary:"Unlink OAuth Account",description:"Removes a linked OAuth account from the current user"}}),E.get(`${A}/accounts`,async(R)=>{let M=R.request.headers.get("x-user-id");if(!M)return R.set.status=401,{success:!1,message:"Authentication required"};if(!u)return R.set.status=500,{success:!1,message:"Database not configured"};let S=n.oauthAccountsTable;if(!S)return{success:!0,data:{accounts:[]}};return{success:!0,data:{accounts:(await u.select().from(S).where(kr(S.userId,M))).map((k)=>({id:k.id,provider:k.provider,providerEmail:k.providerEmail,providerName:k.providerName,providerAvatarUrl:k.providerAvatarUrl,isPrimary:k.isPrimary,lastUsedAt:k.lastUsedAt,createdAt:k.createdAt}))}}},{detail:{tags:["Authentication"],summary:"List Linked OAuth Accounts",description:"Returns all OAuth accounts linked to the current user"}}),E}var y1=d(()=>{ui();Ba()});import{t as Ho}from"elysia";var cd,F4;var id=d(()=>{cd=Ho.Object({currentPassword:Ho.String({minLength:1}),newPassword:Ho.String({minLength:8}),confirmPassword:Ho.String({minLength:8})}),F4=Ho.Object({success:Ho.Boolean(),message:Ho.Optional(Ho.String())})});function n2(n,r){return n===r}import{eq as r2}from"drizzle-orm";import{Elysia as j4}from"elysia";function ls(n,r){let{db:t,logger:o,usersTable:e}=n,a=r.route||"/auth/password-change",c=new j4;if(!r.enabled)return c;return c.post(a,async(i)=>{if(!t||!e)return i.set.status=500,{success:!1,message:"Database not configured"};let s=i.request.headers.get("x-user-id");if(!s)return i.set.status=401,{success:!1,message:"Authentication required"};let{currentPassword:l,newPassword:f,confirmPassword:u}=i.body;if(!n2(f,u))return i.set.status=422,{success:!1,message:"New passwords do not match"};let $=(await t.select().from(e).where(r2(e.id,s)).limit(1))[0];if(!$)return i.set.status=404,{success:!1,message:"User not found"};let A=await fi(l,$.password),_=new URL(i.request.url),m=i.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||i.request.headers.get("x-real-ip")?.trim()||"unknown",E=i.request.headers.get("user-agent")||"unknown";if(!A)return o.warn("[AUTH] Password change failed - invalid current password",{userId:s}),o.audit({entityName:"users",entityId:s,operation:"PASSWORD_CHANGE_FAILED",userId:s,summary:"Password change failed: invalid current password",ipAddress:m,userAgent:E,path:_.pathname,query:_.search}),i.set.status=400,{success:!1,message:"Current password is incorrect"};let R=await go(f);return await t.update(e).set({password:R,updatedAt:new Date}).where(r2(e.id,s)),o.info("[AUTH] Password change successful",{userId:s}),o.audit({entityName:"users",entityId:s,operation:"PASSWORD_CHANGE",userId:s,summary:"Password changed successfully",ipAddress:m,userAgent:E,path:_.pathname,query:_.search}),{success:!0,message:"Password changed successfully"}},{body:cd,detail:{tags:["Authentication"],summary:"Change Password",description:"Change password for authenticated user"}}),c}var sd=d(()=>{ui();Je();id();id()});import{t as Jt}from"elysia";var ld,fd,p4;var dd=d(()=>{ld=Jt.Object({email:Jt.String({format:"email"})}),fd=Jt.Object({token:Jt.String(),newPassword:Jt.String({minLength:8}),confirmPassword:Jt.String({minLength:8})}),p4=Jt.Object({success:Jt.Boolean(),message:Jt.Optional(Jt.String())})});import{randomBytes as K4}from"crypto";function t2(){return K4(32).toString("hex")}function o2(n){return new Date>n}var e2=()=>{};import{Elysia as T4}from"elysia";function fs(n,r,t,o,e,a){let{db:c,logger:i,usersTable:s}=n,l=r.route||"/auth/password-reset",f=new T4;if(!r.enabled)return f;return f.post(`${l}/request`,async(u)=>{if(!c||!s)return{success:!1,message:"Database not configured"};let{email:b}=u.body,{eq:$}=await import("drizzle-orm"),_=(await c.select().from(s).where($(s.email,b)).limit(1))[0];if(!_)return{success:!0,message:"If email exists, reset link will be sent"};let m=t2(),E=new Date(Date.now()+3600000);if(await t(_.id,m,E),a)try{await a(b,m),i.info("[AUTH] Password reset email sent",{email:b})}catch(M){i.error("[AUTH] Failed to send password reset email",{email:b,error:M})}else i.warn("[AUTH] sendResetEmail not configured - email not sent",{email:b});i.info("[AUTH] Password reset requested",{userId:_.id,email:b});let R=new URL(u.request.url);return i.audit({entityName:"users",entityId:_.id,operation:"PASSWORD_RESET_REQUEST",userId:_.id,summary:`Password reset requested for ${b}`,ipAddress:u.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||u.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:u.request.headers.get("user-agent")||"unknown",path:R.pathname,query:R.search}),{success:!0,message:"If email exists, reset link will be sent"}},{body:ld,detail:{tags:["Authentication"],summary:"Request Password Reset",description:"Request a password reset email"}}),f.post(`${l}/confirm`,async(u)=>{if(!c||!s)return{success:!1,message:"Database not configured"};let{token:b,newPassword:$,confirmPassword:A}=u.body;if($!==A)return{success:!1,message:"Passwords do not match"};let _=await o(b);if(!_)return{success:!1,message:"Invalid or expired reset token"};if(o2(_.expiresAt))return await e(b),{success:!1,message:"Reset token has expired"};let m=await go($),{eq:E}=await import("drizzle-orm");await c.update(s).set({password:m}).where(E(s.id,_.userId)),await e(b),i.info("[AUTH] Password reset successful",{userId:_.userId});let R=new URL(u.request.url);return i.audit({entityName:"users",entityId:_.userId,operation:"PASSWORD_RESET",userId:_.userId,summary:"Password reset completed successfully",ipAddress:u.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||u.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:u.request.headers.get("user-agent")||"unknown",path:R.pathname,query:R.search}),{success:!0,message:"Password has been reset"}},{body:fd,detail:{tags:["Authentication"],summary:"Confirm Password Reset",description:"Reset password with token"}}),f}var ud=d(()=>{Je();dd();e2();dd()});import{t as yt}from"elysia";var bd,v4;var gd=d(()=>{bd=yt.Object({newPassword:yt.String({minLength:8}),userId:yt.Optional(yt.String()),token:yt.Optional(yt.String())}),v4=yt.Object({success:yt.Boolean(),message:yt.String()})});import{eq as a2}from"drizzle-orm";import{Elysia as I4}from"elysia";function ds(n,r,t,o){let{db:e,logger:a,usersTable:c}=n,i=r.route||"/auth/password-set",s=new I4;if(!r.enabled)return s;return s.post(i,async(l)=>{if(a.info("[AUTH] Password set request received"),!e||!c)return a.error("[AUTH] Password set failed - database not configured"),{success:!1,message:"Database not configured"};let{newPassword:f,userId:u,token:b}=l.body,$=u;if(b&&t&&o){let R=dt(b),M=await t(R);if(!M)return a.warn("[AUTH] Password set failed - invalid token"),{success:!1,message:"Invalid or expired token"};if(new Date>M.expiresAt)return await o(R),a.warn("[AUTH] Password set failed - expired token",{email:M.email}),{success:!1,message:"Invalid or expired token"};$=M.userId,a.info("[AUTH] Password set - userId resolved from token",{userId:$,email:M.email})}if(!$)return a.warn("[AUTH] Password set failed - no userId in payload or token"),{success:!1,message:"User ID or token required"};let _=(await e.select().from(c).where(a2(c.id,$)).limit(1))[0];if(a.info("[AUTH] Password set - user found",{found:!!_,hasPassword:!!_?.password}),!_)return{success:!1,message:"User not found"};if(_.password)return a.warn("[AUTH] Password set failed - user already has password",{userId:$}),{success:!1,message:"Password already set. Use password change instead."};let m=await go(f);a.info("[AUTH] Password set - updating user with verifiedAt",{userId:$});let E=await e.update(c).set({password:m,verifiedAt:new Date,updatedAt:new Date}).where(a2(c.id,$));if(a.info("[AUTH] Password set successful for invited user",{userId:$,updateResult:E}),b&&o){let R=dt(b);await o(R),a.info("[AUTH] Invite token consumed after password set",{userId:$})}return{success:!0,message:"Password set successfully"}},{body:bd,detail:{tags:["Authentication"],summary:"Set Password",description:"Set password for the first time (for invited users who do not have a password yet)"}}),s}var _d=d(()=>{Ba();Je();gd();gd()});function md(n){let r=n.match(/^(\d+)([smhd])$/);if(!r)return 900;let t=r[1],o=r[2];if(!t||!o)return 900;let e=parseInt(t,10);switch(o){case"s":return e;case"m":return e*60;case"h":return e*3600;case"d":return e*86400;default:return 900}}import{t as ae}from"elysia";var Z4;var c2=d(()=>{Z4=ae.Object({success:ae.Boolean(),message:ae.Optional(ae.String()),data:ae.Optional(ae.Object({accessToken:ae.String()}))})});import{Elysia as y4}from"elysia";function us(n,r,t,o,e,a,c){let{logger:i,authentication:s}=n,l=r.route||"/auth/refresh",f=new y4;if(!r.enabled)return f;return f.post(l,async(u)=>{let b=s?.refreshToken?.name||"refresh_token",$=s?.accessToken?.name||"access_token",A=u.request.headers.get("x-refresh-token");if(!A){let Q=u.request.headers.get("cookie");if(Q)A=Q.split(";").reduce((L,J)=>{let[W,X]=J.trim().split("=");if(W&&X)L[W]=X;return L},{})[b]||null}if(!A)return u.set.status=401,{success:!1,message:"Refresh token required"};let _=t(A);if(!_.valid||!_.payload)return i.warn("[AUTH] Refresh failed - invalid token"),u.set.status=401,{success:!1,message:"Invalid refresh token"};let m=_.payload.sub,E=o(m),R=e?e(m):null,M=a?.accessToken?.setHeadersEnabled??!0,S=a?.accessToken?.returnJson??!0,x=a?.refreshToken?.setHeadersEnabled??!0,D=a?.refreshToken?.returnJson??!1,k=s?.accessToken?.expiresIn||"15m",B=Math.max(0,md(k)-(c??0)),w=s?.refreshToken?.expiresIn||"7d",g=md(w),Y=new Headers;if(Y.set("Content-Type","application/json"),M)Y.append("Set-Cookie",`${$}=${E}; Path=/; HttpOnly; SameSite=Strict; Secure; Max-Age=${B}`);if(R&&x)Y.append("Set-Cookie",`${b}=${R}; Path=/; HttpOnly; SameSite=Strict; Secure; Max-Age=${g}`);i.info("[AUTH] Token refresh successful",{userId:m,rotatedRefreshToken:!!R});let V={};if(S)V.accessToken=E;if(R&&D)V.refreshToken=R;let C=JSON.stringify({success:!0,data:V});return new Response(C,{status:200,headers:Y})},{detail:{tags:["Authentication"],summary:"Refresh Token",description:"Get new access token using refresh token"}}),f}var wd=d(()=>{c2()});import{t as Yr}from"elysia";var hd,nE;var $d=d(()=>{hd=Yr.Object({email:Yr.String({format:"email"}),password:Yr.String({minLength:8}),confirmPassword:Yr.Optional(Yr.String({minLength:8}))}),nE=Yr.Object({success:Yr.Boolean(),message:Yr.Optional(Yr.String()),data:Yr.Optional(Yr.Object({user:Yr.Object({id:Yr.String(),email:Yr.String()})}))})});import{eq as rE}from"drizzle-orm";import{Elysia as tE}from"elysia";function bs(n,r,t,o,e,a,c,i,s,l){let{db:f,logger:u,usersTable:b}=n,$=r.route||"/auth/register",A={accessTokenName:c?.accessTokenName||"access_token",refreshTokenName:c?.refreshTokenName||"refresh_token",sessionTokenName:c?.sessionTokenName||"session_token",accessTokenMaxAge:c?.accessTokenMaxAge||900,refreshTokenMaxAge:c?.refreshTokenMaxAge||604800,sessionTokenMaxAge:c?.sessionTokenMaxAge||900,secure:c?.secure??!0,httpOnly:c?.httpOnly??!0,sameSite:c?.sameSite||"strict",path:c?.path||"/"},_=new tE;if(!r.enabled)return _;return _.post($,async(m)=>{if(!f||!b)return m.set.status=500,{success:!1,message:"Database not configured"};let{email:E,password:R,confirmPassword:M}=m.body;if(M&&R!==M)return m.set.status=400,{success:!1,message:"Passwords do not match"};let S=Zg(R);if(!S.valid)return m.set.status=400,{success:!1,message:"Password too weak",errors:S.errors};let x=await f.select().from(b).where(rE(b.email,E)).limit(1),D=new URL(m.request.url),k=m.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||m.request.headers.get("x-real-ip")?.trim()||"unknown",B=m.request.headers.get("user-agent")||"unknown";if(x.length>0)return u.warn("[AUTH] Registration failed - email exists",{email:E}),u.audit({entityName:"users",operation:"REGISTER_FAILED",summary:`Registration failed: email already exists (${E})`,ipAddress:k,userAgent:B,path:D.pathname,query:D.search}),m.set.status=409,{success:!1,message:"Email already registered"};let w=await go(R),g=r.emailVerification?.enabled&&s?.isAvailable(),Y=g?ei():null,V=r.emailVerification?.tokenExpiresIn||"24h",C=g?new Date(Date.now()+Ye(V)):null,Q={email:E,password:w};if(g&&Y)Q.emailVerificationToken=Y,Q.emailVerificationTokenExpiresAt=C,Q.emailVerificationSentAt=new Date,Q.emailVerificationAttempts=1;let L=(await f.insert(b).values(Q).returning())[0];if(u.info("[AUTH] Registration successful",{userId:L.id,email:E,emailVerificationEnabled:g}),u.audit({entityName:"users",entityId:L.id,operation:"REGISTER",userId:L.id,summary:`New user registered: ${E}`,ipAddress:k,userAgent:B,path:D.pathname,query:D.search}),g&&s&&Y){let W=`${(r.emailVerification?.redirectUrl||"http://localhost:3000/login").replace("/login","/verify-email")}?token=${Y}`;s.sendVerificationEmail(E,E.split("@")[0]||"User",W,l||"Nucleus").then((K)=>{if(K.success)u.info("[AUTH] Verification email sent",{email:E});else u.error("[AUTH] Failed to send verification email",{email:E,error:K.error})}).catch((K)=>{u.error("[AUTH] Failed to send verification email",{email:E,error:K})});let X=r.emailVerification?.resendCooldown||"60s",O=Ye(X)/1000,F=r.emailVerification?.maxResendAttempts||3;return{success:!0,message:"Registration successful. Please check your email to verify your account.",data:{user:{id:L.id,email:L.email},emailVerificationRequired:!0,verification:{cooldownSeconds:O,canResendAt:new Date(Date.now()+O*1000).toISOString(),attemptsRemaining:F-1,maxAttempts:F}}}}if(t)t(E,E.split("@")[0]||"User").catch((J)=>{u.error("[AUTH] Failed to send welcome email",{email:E,error:J})});if(o&&e&&a){let J=m.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||m.request.headers.get("x-real-ip")?.trim()||"unknown",W=m.request.headers.get("user-agent")||"",X=o(L.id),O=e(L.id),F=await a({userId:L.id,deviceInfo:{ipAddress:J,userAgent:W},loginMethod:"register"}),K={accessToken:{setHeadersEnabled:i?.accessToken?.setHeadersEnabled??!0,returnJson:i?.accessToken?.returnJson??!0},refreshToken:{setHeadersEnabled:i?.refreshToken?.setHeadersEnabled??!0,returnJson:i?.refreshToken?.returnJson??!0},sessionToken:{setHeadersEnabled:i?.sessionToken?.setHeadersEnabled??!0,returnJson:i?.sessionToken?.returnJson??!0}},q=A.secure?"; Secure":"",rn=`; Path=${A.path}; HttpOnly; SameSite=${A.sameSite}${q}`,en=[];if(K.accessToken.setHeadersEnabled)en.push(`${A.accessTokenName}=${X}${rn}; Max-Age=${A.accessTokenMaxAge}`);if(K.refreshToken.setHeadersEnabled)en.push(`${A.refreshTokenName}=${O}${rn}; Max-Age=${A.refreshTokenMaxAge}`);if(K.sessionToken.setHeadersEnabled)en.push(`${A.sessionTokenName}=${F}${rn}; Max-Age=${A.sessionTokenMaxAge}`);let gn={user:{id:L.id,email:L.email}};if(K.accessToken.returnJson)gn.accessToken=X;if(K.refreshToken.returnJson)gn.refreshToken=O;if(K.sessionToken.returnJson)gn.sessionId=F;let Gn=JSON.stringify({success:!0,data:gn}),T=new Headers;T.set("Content-Type","application/json"),T.set("x-session-id",F);for(let tn of en)T.append("Set-Cookie",tn);return new Response(Gn,{status:200,headers:T})}return{success:!0,data:{user:{id:L.id,email:L.email}}}},{body:hd,detail:{tags:["Authentication"],summary:"Register",description:"Register a new user account"}}),_}var Ad=d(()=>{$d();Je();$d()});import{t as I}from"elysia";var i2,oE,Rd,kd,zq;var Ed=d(()=>{i2=I.Object({id:I.String(),deviceName:I.Optional(I.String()),deviceType:I.Optional(I.String()),browserName:I.Optional(I.String()),browserVersion:I.Optional(I.String()),osName:I.Optional(I.String()),osVersion:I.Optional(I.String()),ipAddress:I.String(),locationCountry:I.Optional(I.String()),locationCity:I.Optional(I.String()),lastActivityAt:I.String(),createdAt:I.String(),isCurrent:I.Boolean(),loginMethod:I.Optional(I.String()),trustScore:I.Optional(I.Number())}),oE=I.Object({success:I.Boolean(),data:I.Optional(I.Object({sessions:I.Array(i2),currentSessionId:I.Optional(I.String()),totalCount:I.Number()})),message:I.Optional(I.String())}),Rd=I.Object({reason:I.Optional(I.String())}),kd=I.Object({excludeCurrent:I.Optional(I.Boolean()),reason:I.Optional(I.String())}),zq=I.Object({success:I.Boolean(),data:I.Optional(I.Object({recentActivity:I.Array(I.Object({sessionId:I.String(),action:I.String(),ipAddress:I.String(),timestamp:I.String(),deviceInfo:I.Optional(I.String())}))})),message:I.Optional(I.String())})});function gs(n){let r=(o,e)=>n[o]??n[e],t=(o,e)=>{let a=n[o]??n[e];if(!a)return;return a instanceof Date?a.toISOString():String(a)};return{id:n.id,deviceName:r("device_name","deviceName"),deviceType:r("device_type","deviceType"),deviceFingerprint:r("device_fingerprint","deviceFingerprint"),browserName:r("browser_name","browserName"),browserVersion:r("browser_version","browserVersion"),osName:r("os_name","osName"),osVersion:r("os_version","osVersion"),ipAddress:r("ip_address","ipAddress"),locationCountry:r("location_country","locationCountry"),locationCity:r("location_city","locationCity"),lastActivityAt:t("last_activity_at","lastActivityAt"),createdAt:t("created_at","createdAt"),isCurrent:r("is_current","isCurrent"),loginMethod:r("login_method","loginMethod"),trustScore:r("trust_score","trustScore")}}var s2=()=>{};import{and as zo,desc as l2,eq as Fn,isNull as f2}from"drizzle-orm";import{Elysia as eE}from"elysia";function _s(n,r,t){let{db:o,logger:e}=n,a=r.route||"/auth/sessions",c=new eE;if(!r.enabled||!t)return c;let i=t,s=(l)=>{let f=l.replace(/([A-Z])/g,"_$1").toLowerCase();return i[l]||i[f]};return c.get(a,async(l)=>{if(!o)return{success:!1,message:"Database not configured"};let f=l.request.headers.get("x-user-id");if(!f)return{success:!1,message:"Authentication required"};let u=l.request.headers.get("x-session-id"),b=await o.select().from(t).where(zo(Fn(s("userId"),f),Fn(s("isActive"),!0),f2(s("revokedAt")))).orderBy(l2(s("lastActivityAt"))),$=b.filter((_)=>{let m=_,E=(m.deviceFingerprint||"").toLowerCase(),R=m.ipAddress||"";return!((!E||E==="--"||E==="--unknown"||E.includes("bot/crawler")||E.includes("headless")||E.includes("unknown-unknown"))&&(R==="127.0.0.1"||R==="::1"||R==="localhost"||!R))}),A=$.map((_)=>{let m=_,E=gs(m);return E.isCurrent=m.id===u,E});return e.info("[AUTH] Sessions list retrieved",{userId:f,totalInDb:b.length,filteredCount:$.length,hiddenBotSessions:b.length-$.length}),{success:!0,data:{sessions:A,currentSessionId:u,totalCount:$.length}}},{detail:{tags:["Authentication"],summary:"List active sessions",description:"Get all active sessions for the current user"}}),c.get(`${a}/current`,async(l)=>{if(!o)return{success:!1,message:"Database not configured"};let f=l.request.headers.get("x-user-id"),u=l.request.headers.get("x-session-id");if(!f||!u)return{success:!1,message:"Authentication required"};let b=await o.select().from(t).where(Fn(s("id"),u)).limit(1);if(b.length===0)return{success:!1,message:"Session not found"};let $=b[0],A=gs($);return A.isCurrent=!0,{success:!0,data:A}},{detail:{tags:["Authentication"],summary:"Get current session",description:"Get details of the current session"}}),c.delete(`${a}/:sessionId`,async(l)=>{if(!o)return{success:!1,message:"Database not configured"};let f=l.request.headers.get("x-user-id");if(!f)return{success:!1,message:"Authentication required"};let{sessionId:u}=l.params,b=l.body,$=l.request.headers.get("x-session-id");if((await o.select().from(t).where(zo(Fn(s("id"),u),Fn(s("userId"),f))).limit(1)).length===0)return{success:!1,message:"Session not found"};let _=u===$;await o.update(t).set({isActive:!1,revokedAt:new Date,revokedReason:_?"user_logout":b.reason||"user_revoked"}).where(Fn(s("id"),u)),e.info("[AUTH] Session revoked",{userId:f,sessionId:u,isCurrentSession:_,reason:b.reason||"user_revoked"});let m=new URL(l.request.url);return e.audit({entityName:"user_sessions",entityId:u,operation:_?"LOGOUT":"SESSION_REVOKE",userId:f||void 0,summary:_?"User logged out via session revoke":`Session revoked (${u.substring(0,8)}...)`,ipAddress:l.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||l.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:l.request.headers.get("user-agent")||"unknown",path:m.pathname,query:m.search}),{success:!0,message:_?"Logged out successfully":"Session revoked successfully"}},{body:Rd,detail:{tags:["Authentication"],summary:"Revoke session",description:"Revoke a specific session by ID"}}),c.delete(`${a}/all`,async(l)=>{if(!o)return{success:!1,message:"Database not configured"};let f=l.request.headers.get("x-user-id");if(!f)return{success:!1,message:"Authentication required"};let u=l.body,b=l.request.headers.get("x-session-id"),$=o.update(t).set({isActive:!1,revokedAt:new Date,revokedReason:u.reason||"user_revoked"}).where(zo(Fn(s("userId"),f),Fn(s("isActive"),!0)));if(u.excludeCurrent&&b){let{ne:_}=await import("drizzle-orm");$=o.update(t).set({isActive:!1,revokedAt:new Date,revokedReason:u.reason||"user_revoked"}).where(zo(Fn(s("userId"),f),Fn(s("isActive"),!0),_(s("id"),b)))}await $,e.info("[AUTH] All sessions revoked",{userId:f,excludeCurrent:u.excludeCurrent,reason:u.reason||"user_revoked"});let A=new URL(l.request.url);return e.audit({entityName:"user_sessions",operation:"SESSION_REVOKE_ALL",userId:f||void 0,summary:u.excludeCurrent?"All other sessions revoked":"All sessions revoked",ipAddress:l.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||l.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:l.request.headers.get("user-agent")||"unknown",path:A.pathname,query:A.search}),{success:!0,message:u.excludeCurrent?"All other sessions revoked successfully":"All sessions revoked successfully"}},{body:kd,detail:{tags:["Authentication"],summary:"Revoke all sessions",description:"Revoke all sessions for the current user (optionally exclude current)"}}),c.get(`${a}/stats`,async(l)=>{if(!o)return{success:!1,message:"Database not configured"};let f=l.request.headers.get("x-user-id");if(!f)return{success:!1,message:"Authentication required"};let{count:u,countDistinct:b}=await import("drizzle-orm"),$=await o.select({count:u()}).from(t).where(zo(Fn(s("userId"),f),Fn(s("isActive"),!0),f2(s("revokedAt")))),A=await o.select({count:b(s("deviceFingerprint"))}).from(t).where(zo(Fn(s("userId"),f),Fn(s("isActive"),!0))),_=await o.select({count:b(s("ipAddress"))}).from(t).where(zo(Fn(s("userId"),f),Fn(s("isActive"),!0)));return{success:!0,data:{activeSessions:$[0]?.count||0,uniqueDevices:A[0]?.count||0,uniqueIpAddresses:_[0]?.count||0}}},{detail:{tags:["Authentication"],summary:"Session statistics",description:"Get session statistics for the current user"}}),c.post(`${a}/approve`,async(l)=>{if(!o)return{success:!1,message:"Database not configured"};let{token:f}=l.body;if(!f)return{success:!1,message:"Token is required"};let u=await o.select().from(t).where(Fn(s("approvalToken"),f)).limit(1);if(u.length===0)return{success:!1,message:"Invalid or expired approval token"};let b=u[0];if(b.approvalStatus!=="pending")return{success:!1,message:"Session already processed"};return await o.update(t).set({approvalStatus:"approved",isActive:!0,approvalRespondedAt:new Date,approvalToken:null}).where(Fn(s("id"),b.id)),e.info("[AUTH] Device approved",{sessionId:b.id,userId:b.userId}),{success:!0,message:"Device approved successfully"}},{detail:{tags:["Authentication"],summary:"Approve pending device",description:"Approve a pending device login request"}}),c.post(`${a}/reject`,async(l)=>{if(!o)return{success:!1,message:"Database not configured"};let{token:f}=l.body;if(!f)return{success:!1,message:"Token is required"};let u=await o.select().from(t).where(Fn(s("approvalToken"),f)).limit(1);if(u.length===0)return{success:!1,message:"Invalid or expired approval token"};let b=u[0];if(b.approvalStatus!=="pending")return{success:!1,message:"Session already processed"};return await o.update(t).set({approvalStatus:"rejected",isActive:!1,revokedAt:new Date,revokedReason:"user_rejected",approvalRespondedAt:new Date,approvalToken:null}).where(Fn(s("id"),b.id)),e.info("[AUTH] Device rejected",{sessionId:b.id,userId:b.userId}),{success:!0,message:"Device rejected and blocked"}},{detail:{tags:["Authentication"],summary:"Reject pending device",description:"Reject a pending device login request"}}),c.get(`${a}/pending`,async(l)=>{if(!o)return{success:!1,message:"Database not configured"};let f=l.request.headers.get("x-user-id");if(!f)return{success:!1,message:"Authentication required"};let u=await o.select().from(t).where(zo(Fn(s("userId"),f),Fn(s("approvalStatus"),"pending"))).orderBy(l2(s("createdAt")));return{success:!0,data:{sessions:u.map(($)=>{let A=$;return{...gs(A),approvalStatus:A.approval_status||A.approvalStatus,approvalToken:A.approval_token||A.approvalToken,approvalRequestedAt:A.approval_requested_at?.toISOString()||A.approvalRequestedAt?.toISOString()}}),totalCount:u.length}}},{detail:{tags:["Authentication"],summary:"List pending devices",description:"Get all pending device approval requests for the current user"}}),c}var Sd=d(()=>{Ed();s2();Ed()});var u2={};no(u2,{createSessionsRoute:()=>_s,createRegisterRoute:()=>bs,createRefreshRoute:()=>us,createPasswordSetRoute:()=>ds,createPasswordResetRoute:()=>fs,createPasswordChangeRoute:()=>ls,createMeRoute:()=>is,createMagicLinkRoute:()=>cs,createLogoutRoute:()=>_i,createLoginRoute:()=>bi,createInviteRoute:()=>li,createEmailVerificationRoutes:()=>ii,createAuthRoutes:()=>d2});function d2(n,r){let{authConfig:t,features:o,helpers:e}=r;if(r.oauthAccountsTable)t.oauthAccountsTable=r.oauthAccountsTable;let a=t.authentication?.cookieMaxAgeBufferSeconds??0,c={accessTokenName:t.authentication?.accessToken?.name||"access_token",refreshTokenName:t.authentication?.refreshToken?.name||"refresh_token",sessionTokenName:t.authentication?.sessionToken?.name||"session_token",accessTokenMaxAge:Math.max(0,at(t.authentication?.accessToken?.expiresIn||"15m")-a),refreshTokenMaxAge:at(t.authentication?.refreshToken?.expiresIn||"7d"),sessionTokenMaxAge:at(t.authentication?.sessionToken?.expiresIn||"30d")};if(t.logger.info("[AUTH] Cookie config created",{accessTokenMaxAge:c.accessTokenMaxAge,refreshTokenMaxAge:c.refreshTokenMaxAge,sessionTokenMaxAge:c.sessionTokenMaxAge,accessTokenExpiresIn:t.authentication?.accessToken?.expiresIn,sessionTokenExpiresIn:t.authentication?.sessionToken?.expiresIn}),o.login?.enabled){let i=bi(t,o.login,e.signAccessToken,e.signRefreshToken,e.createSession,e.saveSessionToDb,c,r.tokenResponseConfig);n.use(i)}if(o.register?.enabled){let i=bs(t,o.register,e.sendWelcomeEmail,e.signAccessToken,e.signRefreshToken,e.createSession,c,r.tokenResponseConfig,r.emailService,r.appName);if(n.use(i),o.register.emailVerification?.enabled){let s=ii({authConfig:t,registerConfig:o.register,emailService:r.emailService,appName:r.appName});n.use(s)}}if(o.logout?.enabled){let i=_i(t,o.logout,e.destroySession,e.revokeSessionInDb);n.use(i)}if(o.refresh?.enabled){let i=us(t,o.refresh,e.verifyRefreshToken,e.signAccessToken,e.signRefreshToken,r.tokenResponseConfig,a);n.use(i)}if(o.passwordReset?.enabled&&e.storeResetToken&&e.getResetToken&&e.deleteResetToken){let i=fs(t,o.passwordReset,e.storeResetToken,e.getResetToken,e.deleteResetToken,e.sendResetEmail);n.use(i)}if(o.passwordChange?.enabled){let i=ls(t,o.passwordChange);n.use(i)}if(o.passwordSet?.enabled){let i=ds(t,o.passwordSet,e.getMagicToken,e.deleteMagicToken);n.use(i)}if(o.sessions?.enabled&&r.sessionsTable){let i=_s(t,o.sessions,r.sessionsTable);n.use(i)}if(o.magicLink?.enabled&&r.emailService?.isAvailable()&&e.storeMagicToken&&e.getMagicToken&&e.deleteMagicToken){let i=cs(t,o.magicLink,r.emailService,e.signAccessToken,e.signRefreshToken,e.createSession,e.storeMagicToken,e.getMagicToken,e.deleteMagicToken,r.appName);n.use(i)}if(o.me?.enabled){let i=is(t,o.me,r.schemaTables||{},r.schemaRelations||{},r.databaseUrl);n.use(i)}if(o.invite?.enabled&&r.emailService?.isAvailable()&&e.storeMagicToken){let i=li(t,o.invite,r.emailService,e.storeMagicToken,r.appName,e.getMagicToken);n.use(i)}if(o.captcha?.enabled&&r.captchaService){let i=vg({captchaService:r.captchaService,logger:t.logger,basePath:o.captcha.route||"/auth/captcha"});n.use(i)}if(o.oauth?.enabled&&o.oauth.providers){let i=new Vc(o.oauth),s=Z1(t,i,e.signAccessToken,e.signRefreshToken,e.createSession,e.saveSessionToDb,c,r.tokenResponseConfig,r.emailService,e.storeMagicToken,r.appName);n.use(s)}return n}var Md=d(()=>{Ul();Kc();Ig();hf();$f();Ef();Sf();ed();ad();y1();sd();ud();_d();wd();Ad();Sd();hf();$f();Ef();Sf();ed();ad();sd();ud();_d();wd();Ad();Sd()});import{batch as hs,createStore as w2}from"h-state";import{useEffectEvent as h2}from"react";function $2(n){let r={};for(let t of Object.keys(n))r[t]={isPending:!1,data:null,error:null,code:null};return r}function A2(n,r){let{useStore:t}=w2($2(n),{_callEndpoint:(o)=>async(e,a)=>{if(!o[e])return;hs(()=>{o[e].isPending=!0,o[e].error=null});try{let i=await r(e,a.payload);if(hs(()=>{if(o[e].isPending=!1,o[e].code=i.code??null,i.isSuccess&&i.data!==void 0)o[e].data=i.data,o[e].error=null;else o[e].error=i.errors??null}),i.isSuccess)a.onAfterHandle?.(i.data??i);else a.onErrorHandle?.(i.errors??{message:"Request failed"},i.code)}catch(i){hs(()=>{o[e].isPending=!1,o[e].error={message:i instanceof Error?i.message:"Unknown error"}}),a.onErrorHandle?.({message:i instanceof Error?i.message:"Unknown error"},null)}}});return function(){let e=t(),a=h2((i,s)=>{e._callEndpoint(i,s)}),c={};for(let i of Object.keys(n)){let s=(l)=>{a(i,l)};c[i]={state:e[i],start:s}}return c}}var Ud={$schema:"../schemas/nucleus.tables.schema.json",tables:[{table_name:"users",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"email",type:"varchar",length:255},{name:"password",type:"varchar",length:255},{name:"verified_at",type:"timestamp"},{name:"email_verification_token",type:"varchar",length:255},{name:"email_verification_token_expires_at",type:"timestamp"},{name:"email_verification_sent_at",type:"timestamp"},{name:"email_verification_attempts",type:"integer",default:0},{name:"last_login_at",type:"timestamp"},{name:"login_count",type:"integer",default:0},{name:"is_locked",type:"boolean",default:!1},{name:"locked_until",type:"timestamp"},{name:"failed_login_attempts",type:"integer",default:0},{name:"is_god",type:"boolean",default:!1}],indexes:[{columns:["email"],unique:!0},{columns:["email","is_active"]},{columns:["last_login_at"]},{columns:["is_locked","locked_until"]}]},{table_name:"profiles",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id"}},{name:"first_name",type:"varchar",length:100,notNull:!0},{name:"last_name",type:"varchar",length:100,notNull:!0}],indexes:[{columns:["user_id"],unique:!0},{columns:["first_name","last_name"]}]},{table_name:"roles",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"name",type:"varchar",length:100,notNull:!0},{name:"description",type:"varchar",length:500}],indexes:[{columns:["name"],unique:!0}]},{table_name:"claims",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"action",type:"varchar",length:100,notNull:!0},{name:"description",type:"varchar",length:500},{name:"path",type:"varchar",length:200,notNull:!0},{name:"method",type:"varchar",length:10,notNull:!0}],indexes:[{columns:["action"],unique:!0},{columns:["path","method"]}]},{table_name:"user_roles",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"role_id",type:"uuid",notNull:!0,references:{table:"roles",column:"id",onDelete:"cascade"}}],indexes:[{columns:["user_id"]},{columns:["role_id"]}],constraints:{unique:[{name:"unique_user_role",columns:["user_id","role_id"]}]}},{table_name:"role_claims",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"role_id",type:"uuid",notNull:!0,references:{table:"roles",column:"id",onDelete:"cascade"}},{name:"claim_id",type:"uuid",notNull:!0,references:{table:"claims",column:"id",onDelete:"cascade"}},{name:"scope",type:"text"}],indexes:[{columns:["role_id"]},{columns:["claim_id"]},{columns:["role_id","claim_id","scope"]}]},{table_name:"files",feature_set:["storage"],add_base_columns:!0,is_form_data:!0,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"name",type:"varchar",length:255,notNull:!0},{name:"original_name",type:"varchar",length:255,notNull:!0},{name:"type",type:"varchar",length:50,enumValues:["image","document","video","audio","profile_picture"]},{name:"path",type:"varchar",length:500,notNull:!0},{name:"size",type:"bigint",mode:"number",notNull:!0},{name:"mime_type",type:"varchar",length:100,notNull:!0},{name:"extension",type:"varchar",length:10,notNull:!0},{name:"uploaded_by",type:"uuid",references:{table:"users",column:"id"}}],indexes:[{columns:["type"]},{columns:["uploaded_by"]},{columns:["size"]}]},{table_name:"addresses",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"owner_type",type:"varchar",length:50,notNull:!0,enumValues:["user","company","contact"]},{name:"owner_id",type:"uuid",notNull:!0},{name:"name",type:"varchar",length:100,notNull:!0},{name:"street",type:"varchar",length:255},{name:"city",type:"varchar",length:100},{name:"state",type:"varchar",length:50},{name:"zip",type:"varchar",length:20},{name:"country",type:"varchar",length:50,default:"US"},{name:"latitude",type:"decimal",precision:10,scale:8},{name:"longitude",type:"decimal",precision:11,scale:8},{name:"neighborhood",type:"varchar",length:100},{name:"apartment",type:"varchar",length:50},{name:"province",type:"varchar",length:100},{name:"district",type:"varchar",length:100},{name:"type",type:"varchar",length:50}],indexes:[{columns:["city","state"]},{columns:["latitude","longitude"]},{columns:["type"]},{columns:["owner_type","owner_id"]}]},{table_name:"phones",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"owner_type",type:"varchar",length:50,notNull:!0,enumValues:["user","company","contact"]},{name:"owner_id",type:"uuid",notNull:!0},{name:"name",type:"varchar",length:100,notNull:!0},{name:"type",type:"varchar",length:50,enumValues:["mobile","office","fax"]},{name:"number",type:"varchar",length:20,notNull:!0},{name:"country_code",type:"varchar",length:10,notNull:!0,default:"+1"},{name:"extension",type:"varchar",length:10}],indexes:[{columns:["number"]},{columns:["type"]},{columns:["owner_type","owner_id"]}]},{table_name:"notifications",feature_set:["authentication","notification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"user_id",type:"uuid",notNull:!0},{name:"title",type:"varchar",length:255,notNull:!0},{name:"body",type:"varchar",length:1000},{name:"entity_name",type:"varchar",length:100},{name:"entity_id",type:"uuid"},{name:"is_seen",type:"boolean",notNull:!0,default:!1},{name:"seen_at",type:"timestamptz"}],indexes:[{columns:["user_id","created_at"]},{columns:["is_seen"]}]},{table_name:"tenants",feature_set:["multi-tenant"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["main"],excluded_schemas:[],excluded_methods:[],columns:[{name:"subdomain",type:"varchar",length:100,notNull:!0,unique:!0},{name:"company_id",type:"uuid",notNull:!0},{name:"schema_name",type:"varchar",length:100,notNull:!0,unique:!0},{name:"company_name",type:"varchar",length:255},{name:"god_admin_email",type:"varchar",length:255}],indexes:[]},{table_name:"verifications",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"requirement_id",type:"uuid",notNull:!0,references:{table:"verificationRequirements",column:"id"}},{name:"verifier_id",type:"uuid",notNull:!0,references:{table:"users",column:"id"}},{name:"signature_id",type:"uuid",references:{table:"files",column:"id"}},{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"entity_id",type:"uuid",notNull:!0},{name:"step_order",type:"integer",notNull:!0,default:1},{name:"decision",type:"varchar",length:50,notNull:!0,default:"pending",enumValues:["approved","rejected","pending"]},{name:"reason",type:"text"},{name:"diff",type:"jsonb"}],indexes:[{columns:["requirement_id"]},{columns:["verifier_id"]},{columns:["entity_name","entity_id"]},{columns:["entity_name","entity_id","step_order"]},{columns:["decision"]}]},{table_name:"verificationRequirements",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"entity_id",type:"uuid"},{name:"entity_name",type:"varchar",length:100},{name:"verifier_type",type:"varchar",length:30,enumValues:["user","role","entity_creator"]},{name:"verifier_id",type:"uuid"},{name:"verifier_role",type:"varchar",length:50},{name:"is_signature_mandatory",type:"boolean",notNull:!0},{name:"step_order",type:"integer",notNull:!0,default:1},{name:"is_all_required",type:"boolean",notNull:!0,default:!1},{name:"connected_from_step_order",type:"integer"},{name:"position_x",type:"numeric"},{name:"position_y",type:"numeric"}],indexes:[{columns:["entity_id"]}]},{table_name:"verificationFlows",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"name",type:"varchar",length:255,notNull:!0},{name:"description",type:"text"},{name:"trigger_on",type:"varchar",length:50,notNull:!0,default:"update",enumValues:["create","update","delete","manual"]},{name:"trigger_fields",type:"jsonb"},{name:"is_draft",type:"boolean",notNull:!0,default:!0},{name:"published_at",type:"timestamptz"},{name:"viewport",type:"jsonb"}],indexes:[{columns:["entity_name"]},{columns:["entity_name","trigger_on"]},{columns:["is_draft"]}]},{table_name:"verificationSteps",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id",onDelete:"cascade"}},{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"node_id",type:"varchar",length:100,notNull:!0},{name:"node_type",type:"varchar",length:50,notNull:!0,default:"step",enumValues:["start","step","condition","notification","end"]},{name:"step_order",type:"integer",notNull:!0,default:1},{name:"name",type:"varchar",length:255},{name:"description",type:"text"},{name:"position_x",type:"numeric",notNull:!0,default:0},{name:"position_y",type:"numeric",notNull:!0,default:0},{name:"width",type:"numeric"},{name:"height",type:"numeric"},{name:"style",type:"jsonb"},{name:"data",type:"jsonb"}],indexes:[{columns:["flow_id"]},{columns:["entity_name"]},{columns:["flow_id","node_id"],unique:!0},{columns:["entity_name","step_order"]}]},{table_name:"verificationEdges",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id",onDelete:"cascade"}},{name:"edge_id",type:"varchar",length:100,notNull:!0},{name:"source_node_id",type:"varchar",length:100,notNull:!0},{name:"target_node_id",type:"varchar",length:100,notNull:!0},{name:"source_handle",type:"varchar",length:50},{name:"target_handle",type:"varchar",length:50},{name:"edge_type",type:"varchar",length:50,default:"default",enumValues:["default","conditional","success","failure"]},{name:"label",type:"varchar",length:255},{name:"condition",type:"jsonb"},{name:"style",type:"jsonb"},{name:"animated",type:"boolean",default:!1}],indexes:[{columns:["flow_id"]},{columns:["flow_id","edge_id"],unique:!0},{columns:["source_node_id"]},{columns:["target_node_id"]}]},{table_name:"verificationNotificationRules",feature_set:["authentication","verification","notification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id",onDelete:"cascade"}},{name:"step_node_id",type:"varchar",length:100},{name:"trigger",type:"varchar",length:50,notNull:!0,enumValues:["on_flow_started","on_step_reached","on_approved","on_rejected","on_flow_completed"]},{name:"channel",type:"varchar",length:20,notNull:!0,default:"portal",enumValues:["portal","email","both"]},{name:"title_template",type:"varchar",length:255},{name:"body_template",type:"text"},{name:"starts_at",type:"timestamptz"},{name:"expires_at",type:"timestamptz"}],indexes:[{columns:["flow_id"]},{columns:["flow_id","step_node_id"]},{columns:["trigger"]}]},{table_name:"verificationNotificationRecipients",feature_set:["authentication","verification","notification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],columns:[{name:"rule_id",type:"uuid",notNull:!0},{name:"recipient_type",type:"varchar",length:20,notNull:!0,enumValues:["user","role","all_verifiers","step_verifier"]},{name:"recipient_user_id",type:"uuid"},{name:"recipient_role_id",type:"uuid"},{name:"channel",type:"varchar",length:20,notNull:!0,enumValues:["portal"]}],indexes:[{columns:["rule_id"]},{columns:["recipient_type"]},{columns:["channel"]}]},{table_name:"user_sessions",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","PATCH"],columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"token_hash",type:"varchar",length:255,notNull:!0},{name:"refresh_token_hash",type:"varchar",length:255},{name:"device_fingerprint",type:"varchar",length:255},{name:"device_name",type:"varchar",length:100},{name:"device_type",type:"varchar",length:50,enumValues:["desktop","mobile","tablet","unknown"]},{name:"browser_name",type:"varchar",length:50},{name:"browser_version",type:"varchar",length:20},{name:"os_name",type:"varchar",length:50},{name:"os_version",type:"varchar",length:20},{name:"ip_address",type:"varchar",length:45,notNull:!0},{name:"location_country",type:"varchar",length:100},{name:"location_city",type:"varchar",length:100},{name:"location_coordinates",type:"varchar",length:50},{name:"last_activity_at",type:"timestamptz",notNull:!0,defaultRaw:"now()"},{name:"expires_at",type:"timestamptz",notNull:!0},{name:"revoked_at",type:"timestamptz"},{name:"revoked_reason",type:"varchar",length:100,enumValues:["user_logout","user_revoked","admin_revoked","security_concern","password_changed","expired","replaced"]},{name:"is_current",type:"boolean",notNull:!0,default:!1},{name:"login_method",type:"varchar",length:50,enumValues:["password","oauth_google","oauth_github","oauth_microsoft","magic_link","sso","api_key"]},{name:"remember_me",type:"boolean",notNull:!0,default:!1},{name:"trust_score",type:"integer",default:100},{name:"approval_status",type:"varchar",length:20,default:"approved",enumValues:["approved","pending","rejected"]},{name:"approval_token",type:"varchar",length:64},{name:"approval_requested_at",type:"timestamptz"},{name:"approval_responded_at",type:"timestamptz"}],indexes:[{columns:["user_id"]},{columns:["token_hash"],unique:!0},{columns:["refresh_token_hash"]},{columns:["user_id","is_active"]},{columns:["expires_at"]},{columns:["device_fingerprint"]},{columns:["ip_address"]},{columns:["last_activity_at"]},{columns:["approval_status"]},{columns:["approval_token"]}]},{table_name:"password_reset_tokens",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","PATCH","DELETE"],columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"token_hash",type:"varchar",length:255,notNull:!0},{name:"expires_at",type:"timestamptz",notNull:!0},{name:"used_at",type:"timestamptz"}],indexes:[{columns:["token_hash"],unique:!0},{columns:["user_id"]},{columns:["expires_at"]}]},{table_name:"magic_link_tokens",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","PATCH","DELETE"],columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"email",type:"varchar",length:255,notNull:!0},{name:"token_hash",type:"varchar",length:255,notNull:!0},{name:"expires_at",type:"timestamptz",notNull:!0},{name:"used_at",type:"timestamptz"}],indexes:[{columns:["token_hash"],unique:!0},{columns:["user_id"]},{columns:["email"]},{columns:["expires_at"]}]},{table_name:"audit_logs",feature_set:["audit"],add_base_columns:!1,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","DELETE","PATCH","TOGGLE","VERIFICATION"],columns:[{name:"id",type:"uuid",primaryKey:!0,defaultRaw:"gen_random_uuid()"},{name:"entity_id",type:"uuid"},{name:"entity_name",type:"text",notNull:!0},{name:"operation_type",type:"text",notNull:!0},{name:"user_id",type:"uuid"},{name:"ip_address",type:"text"},{name:"user_agent",type:"text"},{name:"summary",type:"text"},{name:"old_values",type:"jsonb"},{name:"new_values",type:"jsonb"},{name:"created_at",type:"timestamp",notNull:!0,defaultRaw:"now()"},{name:"path",type:"text"},{name:"query",type:"text"}],indexes:[{columns:["entity_id"]},{columns:["entity_name"]},{columns:["user_id"]},{columns:["created_at"]}]},{table_name:"oauth_accounts",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!1,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"provider",type:"varchar",length:50,notNull:!0,enumValues:["google","github","microsoft","discord","facebook","twitter","apple","custom"]},{name:"provider_account_id",type:"varchar",length:255,notNull:!0},{name:"provider_email",type:"varchar",length:255},{name:"provider_name",type:"varchar",length:255},{name:"provider_avatar_url",type:"text"},{name:"access_token",type:"text"},{name:"refresh_token",type:"text"},{name:"token_expires_at",type:"timestamp"},{name:"scope",type:"text"},{name:"raw_profile",type:"jsonb"},{name:"is_primary",type:"boolean",notNull:!0,default:!1},{name:"last_used_at",type:"timestamp"}],indexes:[{columns:["user_id"]},{columns:["provider","provider_account_id"],unique:!0},{columns:["provider_email"]},{columns:["user_id","provider"]}],constraints:{unique:[{name:"unique_provider_account",columns:["provider","provider_account_id"]}]}}]};var $s={login:{key:"LOGIN",method:"POST",defaultRoute:"/auth/login",defaultIsPublic:!0,_payload:void 0,_success:void 0,_error:void 0},register:{key:"REGISTER",method:"POST",defaultRoute:"/auth/register",defaultIsPublic:!0,_payload:void 0,_success:void 0,_error:void 0},logout:{key:"LOGOUT",method:"POST",defaultRoute:"/auth/logout",defaultIsPublic:!1,_payload:void 0,_success:void 0,_error:void 0},refresh:{key:"REFRESH",method:"POST",defaultRoute:"/auth/refresh",defaultIsPublic:!1,_payload:void 0,_success:void 0,_error:void 0},me:{key:"ME",method:"GET",defaultRoute:"/auth/me",defaultIsPublic:!1,_payload:void 0,_success:void 0,_error:void 0},passwordChange:{key:"PASSWORD_CHANGE",method:"POST",defaultRoute:"/auth/password-change",defaultIsPublic:!1,_payload:void 0,_success:void 0,_error:void 0},passwordSet:{key:"PASSWORD_SET",method:"POST",defaultRoute:"/auth/password-set",defaultIsPublic:!1,_payload:void 0,_success:void 0,_error:void 0},passwordReset:{key:"PASSWORD_RESET_REQUEST",method:"POST",defaultRoute:"/auth/password-reset",defaultIsPublic:!0,subEndpoints:[{key:"PASSWORD_RESET_REQUEST",method:"POST",suffix:"/request",_payload:void 0,_success:void 0,_error:void 0},{key:"PASSWORD_RESET_CONFIRM",method:"POST",suffix:"/confirm",_payload:void 0,_success:void 0,_error:void 0}]},sessions:{key:"SESSIONS",method:"GET",defaultRoute:"/auth/sessions",defaultIsPublic:!1,subEndpoints:[{key:"SESSIONS",method:"GET",suffix:"",_payload:void 0,_success:void 0,_error:void 0},{key:"SESSIONS_CURRENT",method:"GET",suffix:"/current",_payload:void 0,_success:void 0,_error:void 0},{key:"SESSIONS_STATS",method:"GET",suffix:"/stats",_payload:void 0,_success:void 0,_error:void 0},{key:"SESSIONS_PENDING",method:"GET",suffix:"/pending",_payload:void 0,_success:void 0,_error:void 0},{key:"SESSIONS_REVOKE",method:"DELETE",suffix:"/:sessionId",_payload:void 0,_success:void 0,_error:void 0},{key:"SESSIONS_REVOKE_ALL",method:"DELETE",suffix:"/all",_payload:void 0,_success:void 0,_error:void 0},{key:"SESSIONS_APPROVE",method:"POST",suffix:"/approve",_payload:void 0,_success:void 0,_error:void 0},{key:"SESSIONS_REJECT",method:"POST",suffix:"/reject",_payload:void 0,_success:void 0,_error:void 0}]},magicLink:{key:"MAGIC_LINK",method:"POST",defaultRoute:"/auth/magic-link",defaultIsPublic:!0,subEndpoints:[{key:"MAGIC_LINK",method:"POST",suffix:"",_payload:void 0,_success:void 0,_error:void 0},{key:"MAGIC_LINK_VERIFY",method:"GET",suffix:"/verify",routeKey:"verifyRoute",_payload:void 0,_success:void 0,_error:void 0}]},invite:{key:"INVITE",method:"POST",defaultRoute:"/auth/invite",defaultIsPublic:!1,subEndpoints:[{key:"INVITE",method:"POST",suffix:"",_payload:void 0,_success:void 0,_error:void 0},{key:"INVITE_VERIFY",method:"POST",suffix:"/verify",_payload:void 0,_success:void 0,_error:void 0}]},emailVerification:{key:"VERIFY_EMAIL",method:"GET",defaultRoute:"/verify-email",defaultIsPublic:!0,subEndpoints:[{key:"VERIFY_EMAIL",method:"GET",suffix:"",_payload:void 0,_success:void 0,_error:void 0},{key:"RESEND_VERIFICATION",method:"POST",suffix:"",routeKey:"resendRoute",defaultRoute:"/resend-verification",_payload:void 0,_success:void 0,_error:void 0}]},captcha:{key:"CAPTCHA",method:"GET",defaultRoute:"/auth/captcha",defaultIsPublic:!0,subEndpoints:[{key:"CAPTCHA_GENERATE",method:"GET",suffix:"/generate",_payload:void 0,_success:void 0,_error:void 0},{key:"CAPTCHA_VALIDATE",method:"POST",suffix:"/validate",_payload:void 0,_success:void 0,_error:void 0}]},oauth:{key:"OAUTH_PROVIDERS",method:"GET",defaultRoute:"/auth/oauth/providers",defaultIsPublic:!0,subEndpoints:[{key:"OAUTH_PROVIDERS",method:"GET",suffix:"/providers",_payload:void 0,_success:void 0,_error:void 0},{key:"OAUTH_REDIRECT",method:"GET",suffix:"/:provider",_payload:void 0,_success:void 0,_error:void 0},{key:"OAUTH_ACCOUNTS",method:"GET",suffix:"/accounts",_payload:void 0,_success:void 0,_error:void 0},{key:"OAUTH_UNLINK",method:"DELETE",suffix:"/unlink/:provider",_payload:void 0,_success:void 0,_error:void 0}]}},Bd={healthCheck:{key:"MONITORING_HEALTH_CHECK",method:"GET",suffix:"/health",_payload:void 0,_success:void 0,_error:void 0},getSettings:{key:"MONITORING_GET_SETTINGS",method:"GET",suffix:"/settings",_payload:void 0,_success:void 0,_error:void 0},changeSettings:{key:"MONITORING_CHANGE_SETTINGS",method:"PATCH",suffix:"/settings",_payload:void 0,_success:void 0,_error:void 0},getLogs:{key:"MONITORING_GET_LOGS",method:"GET",suffix:"/logs",_payload:void 0,_success:void 0,_error:void 0}};var k2=["profiles","addresses","phones","files","users","roles","claims","user_roles","role_claims","audit_logs"],E2=Ud.tables.filter((n)=>k2.includes(n.table_name));function le(n){return n.replace(/([a-z])([A-Z])/g,"$1_$2").replace(/[\s-]+/g,"_").toUpperCase()}function S2(n){return n.replace(/_([a-z])/g,(r,t)=>t.toUpperCase())}function As(n){if(n.endsWith("ies"))return`${n.slice(0,-3)}y`;if(n.endsWith("ses"))return`${n.slice(0,-2)}`;if(n.endsWith("s"))return n.slice(0,-1);return n}function kt(n,r){let t=le(n),o=le(As(n));switch(r){case"GET":return`GET_${t}`;case"POST":return`ADD_${o}`;case"PUT":return`UPDATE_${o}`;case"PATCH":return`PATCH_${o}`;case"DELETE":return`DELETE_${o}`}}function se(n,r){let t=le(n);switch(r){case"POST":return`BULK_ADD_${t}`;case"PUT":return`BULK_UPDATE_${t}`;case"DELETE":return`BULK_DELETE_${t}`}}function ro(n,r){if(!n.excluded_methods)return!1;let t={GET:"GET",POST:"POST",PUT:"PUT",PATCH:"PATCH",DELETE:"DELETE"};return n.excluded_methods.includes(t[r])}function Wd(n){let r={};for(let t of n.entities){let o=t.table_name,e=`/${o}`;if(!ro(t,"GET")){r[kt(o,"GET")]={method:"GET",path:e,isPublic:t.is_public?.GET??!1,_payload:void 0,_success:void 0,_error:void 0};let a=le(As(o));r[`GET_${a}_BY_ID`]={method:"GET",path:`${e}/:id`,isPublic:t.is_public?.GET??!1,_payload:void 0,_success:void 0,_error:void 0},r[`GET_${le(o)}_DISTINCT`]={method:"GET",path:`${e}/distinct/:field`,isPublic:t.is_public?.GET??!1,_payload:void 0,_success:void 0,_error:void 0}}if(!ro(t,"POST"))r[kt(o,"POST")]={method:"POST",path:e,isPublic:t.is_public?.POST??!1,isFormData:t.is_form_data,_payload:void 0,_success:void 0,_error:void 0};if(!ro(t,"PUT"))r[kt(o,"PUT")]={method:"PUT",path:`${e}/:id`,isPublic:t.is_public?.PUT??!1,isFormData:t.is_form_data,_payload:void 0,_success:void 0,_error:void 0};if(!ro(t,"PATCH"))r[kt(o,"PATCH")]={method:"PATCH",path:`${e}/:id`,isPublic:t.is_public?.PATCH??!1,_payload:void 0,_success:void 0,_error:void 0};if(!ro(t,"DELETE"))r[kt(o,"DELETE")]={method:"DELETE",path:`${e}/:id`,isPublic:t.is_public?.DELETE??!1,_payload:void 0,_success:void 0,_error:void 0};if(t.bulk_endpoints_enabled){if(!ro(t,"POST"))r[se(o,"POST")]={method:"POST",path:`${e}/bulk`,isPublic:t.is_public?.POST??!1,_payload:void 0,_success:void 0,_error:void 0};if(!ro(t,"PUT"))r[se(o,"PUT")]={method:"PUT",path:`${e}/bulk`,isPublic:t.is_public?.PUT??!1,_payload:void 0,_success:void 0,_error:void 0};if(!ro(t,"DELETE"))r[se(o,"DELETE")]={method:"DELETE",path:`${e}/bulk`,isPublic:t.is_public?.DELETE??!1,_payload:void 0,_success:void 0,_error:void 0}}}return r}function Yd(n){let r={},t=n.authentication;if(!t?.enabled)return r;for(let[o,e]of Object.entries($s)){let a=t[o];if(!a?.enabled)continue;let c=a.route||e.defaultRoute,i=a.isPublic??e.defaultIsPublic;if("subEndpoints"in e&&e.subEndpoints)for(let s of e.subEndpoints){let l="routeKey"in s&&s.routeKey&&a[s.routeKey]?String(a[s.routeKey]):("defaultRoute"in s)&&s.defaultRoute?String(s.defaultRoute):`${c}${s.suffix}`;r[s.key]={method:s.method,path:l,isPublic:s.key==="MAGIC_LINK_VERIFY"?!0:i,_payload:s._payload,_success:s._success,_error:s._error}}else if("_payload"in e)r[e.key]={method:e.method,path:c,isPublic:i,_payload:e._payload,_success:e._success,_error:e._error}}return r}function Jd(){let n={};for(let r of E2){let t=r.table_name,e=`/${S2(t)}`,a=t==="files";n[kt(t,"GET")]={method:"GET",path:e,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0};let c=le(As(t));if(n[`GET_${c}_BY_ID`]={method:"GET",path:`${e}/:id`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},n[kt(t,"POST")]={method:"POST",path:e,isPublic:!1,isFormData:a,_payload:void 0,_success:void 0,_error:void 0},n[kt(t,"PUT")]={method:"PUT",path:`${e}/:id`,isPublic:!1,isFormData:a,_payload:void 0,_success:void 0,_error:void 0},n[kt(t,"PATCH")]={method:"PATCH",path:`${e}/:id`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},n[kt(t,"DELETE")]={method:"DELETE",path:`${e}/:id`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},r.bulk_endpoints_enabled)n[se(t,"POST")]={method:"POST",path:`${e}/bulk`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},n[se(t,"PUT")]={method:"PUT",path:`${e}/bulk`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0},n[se(t,"DELETE")]={method:"DELETE",path:`${e}/bulk`,isPublic:!1,_payload:void 0,_success:void 0,_error:void 0}}return n}function Ld(n){let r={},t=n.liveMonitoring;if(!t?.enabled)return r;let o=t.basePath||"/monitoring";for(let e of Object.values(Bd))r[e.key]={method:e.method,path:`${o}${e.suffix}`,isPublic:!1,_payload:e._payload,_success:e._success,_error:e._error};return r}function M2(n,r){let t=Wd(n),o=Yd(n),e=Jd(),a=Ld(n);return{...t,...o,...e,...a,...r??{}}}Bs();import{randomUUID as B2}from"crypto";var W2={timeout:30000,retries:0,retryDelay:1000,debug:!1};class ea{config;logger;constructor(n={}){this.config={...W2,...n},this.logger=new Jr({service:"ServerFetch",prettyPrint:this.config.debug,colorize:this.config.debug,auditEnabled:!1})}buildUrl(n){if(n.startsWith("http://")||n.startsWith("https://"))return n;return this.config.baseUrl?`${this.config.baseUrl}${n}`:n}buildHeaders(n){let r=new Headers;if(this.config.defaultHeaders)for(let[t,o]of Object.entries(this.config.defaultHeaders))r.set(t,o);if(n)if(n instanceof Headers)n.forEach((t,o)=>{r.set(o,t)});else if(Array.isArray(n))for(let[t,o]of n)r.set(t,o);else for(let[t,o]of Object.entries(n))r.set(t,o);return r}parseResponseHeaders(n){let r={};if(n.forEach((t,o)=>{if(o.toLowerCase()==="set-cookie"){let e=r[o];r[o]=e?`${e}, ${t}`:t}else r[o]=t}),typeof n.getSetCookie==="function"){let t=n.getSetCookie();if(t.length>0)r["set-cookie"]=t.join(", ")}return r}async executeWithTimeout(n,r,t){let o=new AbortController,e=setTimeout(()=>o.abort(),r);try{return await Promise.race([n,new Promise((c,i)=>{o.signal.addEventListener("abort",()=>{i(Error(`Request timeout after ${r}ms`))})})])}finally{clearTimeout(e)}}async fetch(n){let r=B2(),t=performance.now(),o=this.buildUrl(n.url),e=this.buildHeaders(n.headers),a=n.timeout??this.config.timeout??30000,c=n.retries??this.config.retries??0,i=n.retryDelay??this.config.retryDelay??1000,s;if(n.body)if(typeof n.body==="object"&&!(n.body instanceof FormData)&&!(n.body instanceof URLSearchParams)&&!(n.body instanceof Blob)&&!(n.body instanceof ArrayBuffer)){if(s=JSON.stringify(n.body),!e.has("content-type"))e.set("content-type","application/json")}else s=n.body;this.logger.debug(`[${r}] ${n.method} ${o}`,{method:n.method,url:o,hasBody:!!s});let l=null,f=0;while(f<=c)try{let b=await this.executeWithTimeout(fetch(o,{method:n.method,headers:e,body:s}),a,r),$=performance.now()-t,A=this.parseResponseHeaders(b.headers),_,m,E=await b.text();if(E)try{let M=JSON.parse(E);if(b.ok)_=M;else m=M}catch{if(!b.ok)m={message:E||b.statusText}}else if(!b.ok)m={message:b.statusText};let R={isSuccess:b.ok,response:_,errors:m,code:b.status,headers:A,durationMs:$,requestId:r,createdAt:new Date};if(b.ok)this.logger.info(`[${r}] ${n.method} ${o} ${b.status}`,{method:n.method,url:o,statusCode:b.status,durationMs:Math.round($)});else this.logger.warn(`[${r}] ${n.method} ${o} ${b.status}`,{method:n.method,url:o,statusCode:b.status,durationMs:Math.round($),error:m});return R}catch(b){if(l=b instanceof Error?b:Error(String(b)),f++,f<=c)this.logger.warn(`[${r}] Retry ${f}/${c} after error`,{method:n.method,url:o,error:l.message,attempt:f,retries:c}),await new Promise(($)=>setTimeout($,i))}let u=performance.now()-t;return this.logger.error(`[${r}] ${n.method} ${o} failed`,l,{method:n.method,url:o,durationMs:Math.round(u),attempts:f}),{isSuccess:!1,response:void 0,errors:{message:l?.message||"Unknown error"},code:null,headers:{},durationMs:u,requestId:r,createdAt:new Date}}async get(n,r){return this.fetch({...r,url:n,method:"GET"})}async post(n,r,t){return this.fetch({...t,url:n,method:"POST",body:r})}async put(n,r,t){return this.fetch({...t,url:n,method:"PUT",body:r})}async patch(n,r,t){return this.fetch({...t,url:n,method:"PATCH",body:r})}async delete(n,r){return this.fetch({...r,url:n,method:"DELETE"})}}var Y2=new ea;var J2={accessToken:"access_token",refreshToken:"refresh_token",sessionToken:"session_token"};function L2(n){let r=[],t="";for(let o=0;o<n.length;o++){let e=n[o];if(e===","){let a=n.slice(o+1).trimStart();if(/^[a-zA-Z0-9_-]+=/.test(a)){r.push(t.trim()),t="";continue}}t+=e}if(t.trim())r.push(t.trim());return r}function X2(n,r){let t={},o=["x-forwarded-for","x-real-ip","user-agent","accept-language","x-request-id","x-client-ip","cf-connecting-ip","true-client-ip"];for(let s of o){let l=n.get(s);if(l)t[s]=l}if(!t["user-agent"])t["user-agent"]="Nucleus-ServerAction/1.0";let e=n.get(`x-${r.accessToken}`),a=n.get(`x-${r.refreshToken}`),c=n.get(`x-${r.sessionToken}`);if(e)t[`x-${r.accessToken}`]=e;if(a)t[`x-${r.refreshToken}`]=a;if(c)t[`x-${r.sessionToken}`]=c;let i=n.get("cookie");if(i)t.cookie=i;return t}function V2(n){return n.replace(/_([a-z])/g,(r,t)=>t.toUpperCase())}function xd(n){let r={};for(let[t,o]of Object.entries(n)){let e=t.startsWith("_")?t:V2(t);if(o instanceof Date)r[e]=o.toISOString();else if(o&&typeof o==="object"&&!Array.isArray(o))r[e]=xd(o);else r[e]=o}return r}function C2(n,r){let t=new URLSearchParams,o=(a,c)=>{if(c===void 0||c===null)return;if(Array.isArray(c))for(let i of c)o(`${a}[]`,i);else if(c instanceof Date)t.append(a,c.toISOString());else if(typeof c==="object")for(let[i,s]of Object.entries(c))o(`${a}[${i}]`,s);else t.append(a,String(c))};for(let[a,c]of Object.entries(r))o(a,c);let e=t.toString();if(!e)return n;return n.includes("?")?`${n}&${e}`:`${n}?${e}`}function x2(n,r,t,o){let e={...J2,...r.tokenNames},a=new ea({baseUrl:r.baseUrl,debug:r.debug,timeout:30000,retries:0});return async function(i,s){let l=n[i];if(!l)return{isSuccess:!1,errors:{message:`Endpoint "${i}" not found`},code:404};let f=await t(),u=await o(),b={};u.forEach((R,M)=>{b[M]=R});let $=X2(u,e),A=l.path,_;if(s&&typeof s==="object"&&!(s instanceof FormData)){let R=s;for(let[M,S]of Object.entries(R))if(S!=null){if(M.startsWith("_"))A=A.replace(`:${M.substring(1)}`,String(S));else if(M==="id"&&A.includes(":id"))A=A.replace(":id",String(S))}}if(l.method==="GET"&&s&&typeof s==="object")A=C2(A,s);else if(s!==void 0){if(l.isFormData&&s instanceof FormData)_=s;else if(_=xd(s),!$["content-type"])$["content-type"]="application/json"}let m=await a.fetch({url:A,method:l.method,headers:$,body:_});if(m.headers["set-cookie"])try{let R=m.headers["set-cookie"],M=L2(R);for(let S of M){let[x,...D]=S.split(";");if(!x)continue;let[k,B]=x.split("=");if(k&&B){let w={};for(let g of D){let[Y,V]=g.trim().split("=");if(!Y)continue;let C=Y.toLowerCase();if(C==="path")w.path=V;else if(C==="max-age")w.maxAge=Number(V);else if(C==="expires"&&V)w.expires=new Date(V);else if(C==="httponly")w.httpOnly=!0;else if(C==="secure")w.secure=!0;else if(C==="samesite")w.sameSite=V}f.set(k.trim(),B.trim(),w)}}}catch(R){console.warn("[ServerFactory] Failed to process Set-Cookie headers:",R instanceof Error?R.message:String(R))}let E=m.response;if(m.isSuccess&&E&&typeof E==="object"&&!Array.isArray(E)){let R=E;if("success"in R&&!("data"in R)){let{success:M,message:S,error:x,...D}=R;E={success:M,...S!==void 0?{message:S}:{},...x!==void 0?{error:x}:{},...Object.keys(D).length>0?{data:D}:{}}}}return{isSuccess:m.isSuccess,data:E,errors:m.errors,code:m.code,message:m.isSuccess?void 0:m.errors?.message}}}import{useEffect as Qd,useEffectEvent as Bo,useRef as aa}from"react";import{batch as Q2,createStore as P2}from"h-state";var G2={connection:{status:"disconnected",clientId:null,subscribedTopics:[],error:null,reconnectAttempt:0},events:[],maxEvents:100},{useStore:Ws}=P2(G2,{setConnectionStatus:(n)=>(r)=>{n.connection.status=r},setClientId:(n)=>(r)=>{n.connection.clientId=r},setSubscribedTopics:(n)=>(r)=>{n.connection.subscribedTopics=r},setError:(n)=>(r)=>{n.connection.error=r},setReconnectAttempt:(n)=>(r)=>{n.connection.reconnectAttempt=r},addEvent:(n)=>(r)=>{let t=[r,...n.events];n.events=t.slice(0,n.maxEvents)},clearEvents:(n)=>()=>{n.events=[]},reset:(n)=>()=>{Q2(()=>{n.connection.status="disconnected",n.connection.clientId=null,n.connection.subscribedTopics=[],n.connection.error=null,n.connection.reconnectAttempt=0,n.events=[]})}});function O2(n){if(n.wsUrl){let a=n.wsUrl.replace(/\/$/,""),c=n.wsPath||"/api/events/subscribe",i=(n.topics||["*"]).join(",");return`${a}${c}?userId=${encodeURIComponent(n.userId)}&topics=${encodeURIComponent(i)}`}if(typeof window>"u")return"";let r=window.location.protocol==="https:"?"wss:":"ws:",t=window.location.host,o=n.wsPath||"/api/events/subscribe",e=(n.topics||["*"]).join(",");return`${r}//${t}${o}?userId=${encodeURIComponent(n.userId)}&topics=${encodeURIComponent(e)}`}var N2=0;function q2(n){let r=Ws(),t=aa(null),o=aa(null),e=aa(null),a=aa(!1),c=aa(n);c.current=n;let i=n.autoReconnect??!0,s=n.maxReconnectAttempts??10,l=n.reconnectBaseDelay??1000,f=n.reconnectMaxDelay??30000,u=n.heartbeatInterval??30000,b=n.debug??!1,$=(...B)=>{if(b)console.log("[usePubSub]",...B)},A=()=>{if(o.current)clearInterval(o.current),o.current=null},_=()=>{if(e.current)clearTimeout(e.current),e.current=null},m=(B)=>{A(),o.current=setInterval(()=>{if(B.readyState===WebSocket.OPEN)B.send(JSON.stringify({type:"ping"}))},u)},E=Bo((B)=>{try{let w=JSON.parse(B.data);switch(w.type){case"connected":r.setConnectionStatus("connected"),r.setClientId(w.clientId),r.setSubscribedTopics(w.subscribedTopics),r.setReconnectAttempt(0),r.setError(null),$("Connected, clientId:",w.clientId);break;case"subscribed":r.setSubscribedTopics(w.topics),$("Subscribed to:",w.topics);break;case"event":{let g={id:`evt_${Date.now()}_${N2++}`,topic:w.topic,data:w.data,timestamp:w.timestamp,receivedAt:Date.now(),messageId:w.messageId,isRedelivery:w.isRedelivery};if(r.addEvent(g),w.messageId&&t.current?.readyState===WebSocket.OPEN)t.current.send(JSON.stringify({type:"ack",messageId:w.messageId}));break}case"pong":break;case"error":r.setError(Error(w.error)),$("Server error:",w.error);break}}catch{$("Failed to parse message")}}),R=Bo((B)=>{if(a.current)return;if(!i)return;if(B>=s){r.setConnectionStatus("disconnected"),r.setError(Error("Max reconnection attempts reached")),$("Max reconnect attempts reached");return}let w=Math.min(l*2**B,f);$(`Reconnecting in ${w}ms (attempt ${B+1}/${s})`),r.setConnectionStatus("reconnecting"),r.setReconnectAttempt(B+1),_(),e.current=setTimeout(()=>{if(!a.current)M()},w)}),M=Bo(()=>{if(a.current)return;if(t.current?.readyState===WebSocket.OPEN)return;if(!c.current.userId)return;if(t.current){if(t.current.onopen=null,t.current.onmessage=null,t.current.onerror=null,t.current.onclose=null,t.current.readyState===WebSocket.OPEN||t.current.readyState===WebSocket.CONNECTING)t.current.close();t.current=null}let B=O2(c.current);if(!B)return;r.setConnectionStatus("connecting"),r.setError(null),$("Connecting to:",B);let w=new WebSocket(B);t.current=w,w.onopen=()=>{$("WebSocket opened"),m(w)},w.onmessage=E,w.onerror=()=>{$("WebSocket error"),r.setError(Error("WebSocket connection error"))},w.onclose=(g)=>{if($("WebSocket closed",g.code,g.reason),A(),r.setConnectionStatus("disconnected"),r.setClientId(null),!a.current&&g.code!==4001){let Y=r.connection.reconnectAttempt;R(Y)}}}),S=Bo(()=>{if(A(),_(),t.current){if(t.current.onopen=null,t.current.onmessage=null,t.current.onerror=null,t.current.onclose=null,t.current.readyState===WebSocket.OPEN||t.current.readyState===WebSocket.CONNECTING)t.current.close();t.current=null}r.setConnectionStatus("disconnected"),r.setClientId(null)}),x=Bo((B)=>{if(t.current?.readyState!==WebSocket.OPEN)return;t.current.send(JSON.stringify({type:"subscribe",topics:B}))}),D=Bo((B)=>{if(t.current?.readyState!==WebSocket.OPEN)return;t.current.send(JSON.stringify({type:"unsubscribe",topics:B}))}),k=Bo((B)=>{return r.events.filter((w)=>w.topic===B)});return Qd(()=>{if(a.current=!1,n.userId)M();return()=>{a.current=!0,S()}},[n.userId]),Qd(()=>{if(r.connection.status==="connected"&&n.topics)x(n.topics)},[n.topics?.join(",")]),{isConnected:r.connection.status==="connected",isConnecting:r.connection.status==="connecting"||r.connection.status==="reconnecting",clientId:r.connection.clientId,subscribedTopics:r.connection.subscribedTopics,events:r.events,error:r.connection.error,reconnectAttempt:r.connection.reconnectAttempt,connect:M,disconnect:S,subscribe:x,unsubscribe:D,clearEvents:r.clearEvents,getEventsByTopic:k}}import{randomUUID as aE}from"crypto";var xs=Ar(Nd(),1);import{Elysia as uc,NotFoundError as de}from"elysia";var jr,to,Lt=typeof Bun<"u"&&!!Bun.file;function fe(){if(jr||(jr=process.getBuiltinModule("fs/promises")),to||(to=process.getBuiltinModule("path")),!to){console.warn("@elysiajs/static require path to be available.");return}return[jr,to]}async function qd(n){if(jr||fe(),Lt){let r=new Bun.Glob("**/*.html"),t=[];for await(let o of r.scan(n))t.push(to.join(n,o));return t}return[]}async function Js(n){if(jr||fe(),Lt){let t=new Bun.Glob("**/*"),o=[];for await(let e of t.scan(n))o.push(to.join(n,e));return o}let r=await jr.readdir(n).catch(()=>[]);return(await Promise.all(r.map(async(t)=>{let o=n+to.sep+t,e=await jr.stat(o).catch(()=>null);return e?e.isDirectory()?await Js(o):[to.resolve(n,o)]:[]}))).flat()}function Ls(n){return jr||fe(),jr.stat(n).then(()=>!0,()=>!1)}class Xs{constructor(n=250,r=10800){this.max=n,this.ttl=r,this.map=new Map}get(n){let r=this.map.get(n);if(r)return r[1]<=Date.now()?void this.delete(n):(this.map.delete(n),this.map.set(n,r),r[0])}set(n,r){if(this.interval||(this.interval=setInterval(()=>{let t=Date.now();for(let[o,e]of this.map)e[1]<=t&&this.map.delete(o)},this.ttl)),this.map.has(n))this.map.delete(n);else if(this.map.size>=this.max){let t=this.map.keys().next().value;t!==void 0&&this.delete(t)}this.map.set(n,[r,Date.now()+this.ttl*1000])}delete(n){this.map.get(n)&&this.map.delete(n)}clear(){this.map.clear()}size(){return this.map.size}[Symbol.dispose](){this.interval&&clearInterval(this.interval)}}function Vs(n,r,t){if(n["cache-control"]&&/no-cache|no-store/.test(n["cache-control"]))return!1;if("if-none-match"in n){let o=n["if-none-match"];return o==="*"?!0:o===null||typeof r!="string"?!1:o===r}if(n["if-modified-since"]){let o=n["if-modified-since"];try{return jr.stat(t).then((e)=>{if(e.mtime!==void 0&&e.mtime.getTime()<=Date.parse(o))return!0})}catch{}}return!1}var dc;function ca(n){return Lt?Bun.file(n):(jr||fe(),jr.readFile(n))}async function Cs(n){return Lt?new Bun.CryptoHasher("md5").update(await n.arrayBuffer()).digest("base64"):(dc||(dc=process.getBuiltinModule("crypto")),dc?dc.createHash("md5").update(n).digest("base64"):void console.warn("[@elysiajs/static] crypto is required to generate etag."))}var ia=(n)=>{if(!n)return!1;for(let r in n)return!0;return!1};async function Fd({assets:n="public",prefix:r="/public",staticLimit:t=1024,alwaysStatic:o=!1,ignorePatterns:e=[".DS_Store",".git",".env"],headers:a,maxAge:c=86400,directive:i="public",etag:s=!0,extension:l=!0,indexHTML:f=!0,decodeURI:u,silent:b}={}){if(typeof process>"u"||typeof process.getBuiltinModule>"u")return b||console.warn("[@elysiajs/static] require process.getBuiltinModule. Static plugin is disabled"),new uc;let $=fe();if(!$)return new uc;let[A,_]=$,m=_.sep!=="/"?(D)=>D.replace(/\\/g,"/"):(D)=>D,E=new Xs;r===_.sep&&(r="");let R=_.resolve(n),M=e.length?(D)=>e.find((k)=>typeof k=="string"?k.includes(D):k.test(D)):()=>!1,S=new uc({name:"static",seed:r});if(o){let D=await Js(_.resolve(n));if(D.length<=t)for(let k of D){let B=function({headers:C}){if(V){let L=Vs(C,V,k);if(L===!0)return new Response(null,{status:304,headers:ia(a)?a:void 0});if(L!==!1){let J=E.get(g);return J?J.clone():L.then((W)=>{if(W)return new Response(null,{status:304,headers:a||void 0});let X=new Response(Y,{headers:Object.assign({"Cache-Control":c?`${i}, max-age=${c}`:i},a,V?{Etag:V}:{})});return E.set(r,X),X.clone()})}}let Q=E.get(g);if(Q)return Q.clone();let j=new Response(Y,{headers:Object.assign({"Cache-Control":c?`${i}, max-age=${c}`:i},a,V?{Etag:V}:{})});return E.set(g,j),j.clone()};var x=B;if(!k||M(k))continue;let w=k.replace(R,"");u&&(w=xs.default(w)??w);let g=m(_.join(r,w));if(Lt&&k.endsWith(".html")){let C=await import(k);S.get(g,C.default),f&&g.endsWith("/index.html")&&S.get(g.replace("/index.html",""),C.default);continue}l||(g=m(g.slice(0,g.lastIndexOf("."))));let Y=Lt?ca(k):await ca(k);if(!Y)return b||console.warn(`[@elysiajs/static] Failed to load file: ${k}`),new uc;let V=await Cs(Y);S.get(g,s?B:new Response(Y,ia(a)?{headers:a}:void 0)),f&&g.endsWith("/index.html")&&S.get(g.replace("/index.html",""),s?B:new Response(Y,ia(a)?{headers:a}:void 0))}return S}if(!(`GET_${r}/*`in S.routeTree)){if(Lt){let D=await qd(_.resolve(n));for(let k of D){if(!k||M(k))continue;let B=k.replace(R,""),w=m(_.join(r,B)),g=await import(k);S.get(w,g.default),f&&w.endsWith("/index.html")&&S.get(w.replace("/index.html",""),g.default)}}S.onError(()=>{}).get(`${r.endsWith("/")?r.slice(0,-1):r}/*`,async({params:D,headers:k})=>{let B=m(_.join(n,u?xs.default(D["*"])??D["*"]:D["*"]));if(M(B))throw new de;let w=E.get(B);if(w)return w.clone();try{let g=await A.stat(B).catch(()=>null);if(!g)throw new de;if(!f&&g.isDirectory())throw new de;let Y;if(!Lt&&f){let Q=_.join(B,"index.html"),j=E.get(Q);if(j)return j.clone();await Ls(Q)&&(Y=await ca(Q))}if(!Y&&!g.isDirectory()&&await Ls(B))Y=await ca(B);else throw new de;if(!s)return new Response(Y,ia(a)?{headers:a}:void 0);let V=await Cs(Y);if(V&&await Vs(k,V,B))return new Response(null,{status:304});let C=new Response(Y,{headers:Object.assign({"Cache-Control":c?`${i}, max-age=${c}`:i},a,V?{Etag:V}:{})});return E.set(B,C),C.clone()}catch(g){throw g instanceof de?g:(b||console.error("[@elysiajs/static]",g),new de)}})}return S}Jl();Sl();import{pushSchema as cE}from"drizzle-kit/api";import{and as ac,eq as br}from"drizzle-orm";import{drizzle as iE}from"drizzle-orm/node-postgres";import{pgSchema as sE}from"drizzle-orm/pg-core";import lE from"elysia";var Sb=[{table_name:"users",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"email",type:"varchar",length:255},{name:"password",type:"varchar",length:255},{name:"verified_at",type:"timestamp"},{name:"last_login_at",type:"timestamp"},{name:"login_count",type:"integer",default:0},{name:"is_locked",type:"boolean",default:!1},{name:"locked_until",type:"timestamp"},{name:"failed_login_attempts",type:"integer",default:0},{name:"is_god",type:"boolean",default:!1}],indexes:[{columns:["email"],unique:!0},{columns:["email","is_active"]},{columns:["last_login_at"]},{columns:["is_locked","locked_until"]}]},{table_name:"profiles",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id"}},{name:"first_name",type:"varchar",length:100,notNull:!0},{name:"last_name",type:"varchar",length:100,notNull:!0}],indexes:[{columns:["user_id"],unique:!0},{columns:["first_name","last_name"]}]},{table_name:"roles",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"name",type:"varchar",length:100,notNull:!0},{name:"description",type:"varchar",length:500}],indexes:[{columns:["name"],unique:!0}]},{table_name:"claims",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"action",type:"varchar",length:100,notNull:!0},{name:"description",type:"varchar",length:500},{name:"path",type:"varchar",length:200,notNull:!0},{name:"method",type:"varchar",length:10,notNull:!0}],indexes:[{columns:["action"],unique:!0},{columns:["path","method"]}]},{table_name:"user_roles",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"role_id",type:"uuid",notNull:!0,references:{table:"roles",column:"id",onDelete:"cascade"}}],indexes:[{columns:["user_id"]},{columns:["role_id"]}],constraints:{unique:[{name:"unique_user_role",columns:["user_id","role_id"]}]}},{table_name:"role_claims",feature_set:["authentication","authorization"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"role_id",type:"uuid",notNull:!0,references:{table:"roles",column:"id",onDelete:"cascade"}},{name:"claim_id",type:"uuid",notNull:!0,references:{table:"claims",column:"id",onDelete:"cascade"}},{name:"scope",type:"text"}],indexes:[{columns:["role_id"]},{columns:["claim_id"]},{columns:["role_id","claim_id","scope"]}]},{table_name:"files",feature_set:["storage"],add_base_columns:!0,is_form_data:!0,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"name",type:"varchar",length:255,notNull:!0},{name:"original_name",type:"varchar",length:255,notNull:!0},{name:"type",type:"varchar",length:50,enumValues:["image","document","video","audio","profile_picture"]},{name:"path",type:"varchar",length:500,notNull:!0},{name:"size",type:"bigint",mode:"number",notNull:!0},{name:"mime_type",type:"varchar",length:100,notNull:!0},{name:"extension",type:"varchar",length:10,notNull:!0},{name:"uploaded_by",type:"uuid",references:{table:"users",column:"id"}}],indexes:[{columns:["type"]},{columns:["uploaded_by"]},{columns:["size"]}]},{table_name:"addresses",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"owner_type",type:"varchar",length:50,notNull:!0,enumValues:["user","company","contact"]},{name:"owner_id",type:"uuid",notNull:!0},{name:"name",type:"varchar",length:100,notNull:!0},{name:"street",type:"varchar",length:255},{name:"city",type:"varchar",length:100},{name:"state",type:"varchar",length:50},{name:"zip",type:"varchar",length:20},{name:"country",type:"varchar",length:50,default:"US"},{name:"latitude",type:"decimal",precision:10,scale:8},{name:"longitude",type:"decimal",precision:11,scale:8},{name:"neighborhood",type:"varchar",length:100},{name:"apartment",type:"varchar",length:50},{name:"province",type:"varchar",length:100},{name:"district",type:"varchar",length:100},{name:"type",type:"varchar",length:50}],indexes:[{columns:["city","state"]},{columns:["latitude","longitude"]},{columns:["type"]},{columns:["owner_type","owner_id"]}]},{table_name:"phones",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"owner_type",type:"varchar",length:50,notNull:!0,enumValues:["user","company","contact"]},{name:"owner_id",type:"uuid",notNull:!0},{name:"name",type:"varchar",length:100,notNull:!0},{name:"type",type:"varchar",length:50,enumValues:["mobile","office","fax"]},{name:"number",type:"varchar",length:20,notNull:!0},{name:"country_code",type:"varchar",length:10,notNull:!0,default:"+1"},{name:"extension",type:"varchar",length:10}],indexes:[{columns:["number"]},{columns:["type"]},{columns:["owner_type","owner_id"]}]},{table_name:"notifications",feature_set:["authentication","notification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"user_id",type:"uuid",notNull:!0},{name:"title",type:"varchar",length:255,notNull:!0},{name:"body",type:"varchar",length:1000},{name:"entity_name",type:"varchar",length:100},{name:"entity_id",type:"uuid"},{name:"is_seen",type:"boolean",notNull:!0,default:!1},{name:"seen_at",type:"timestamptz"}],indexes:[{columns:["user_id","created_at"]},{columns:["is_seen"]}]},{table_name:"tenants",feature_set:["multi-tenant"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["main"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"subdomain",type:"varchar",length:100,notNull:!0,unique:!0},{name:"company_id",type:"uuid",notNull:!0},{name:"schema_name",type:"varchar",length:100,notNull:!0,unique:!0},{name:"company_name",type:"varchar",length:255},{name:"god_admin_email",type:"varchar",length:255}],indexes:[]},{table_name:"verifications",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"requirement_id",type:"uuid",notNull:!0,references:{table:"verificationRequirements",column:"id"}},{name:"verifier_id",type:"uuid",notNull:!0,references:{table:"users",column:"id"}},{name:"signature_id",type:"uuid",references:{table:"files",column:"id"}},{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"entity_id",type:"uuid",notNull:!0},{name:"step_order",type:"integer",notNull:!0,default:1},{name:"decision",type:"varchar",length:50,notNull:!0,default:"pending",enumValues:["approved","rejected","pending"]},{name:"reason",type:"text"},{name:"diff",type:"jsonb"}],indexes:[{columns:["requirement_id"]},{columns:["verifier_id"]},{columns:["entity_name","entity_id"]},{columns:["entity_name","entity_id","step_order"]},{columns:["decision"]}]},{table_name:"verificationRequirements",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"entity_id",type:"uuid"},{name:"entity_name",type:"varchar",length:100},{name:"verifier_type",type:"varchar",length:30,enumValues:["user","role","entity_creator"]},{name:"verifier_id",type:"uuid"},{name:"verifier_role",type:"varchar",length:50},{name:"is_signature_mandatory",type:"boolean",notNull:!0},{name:"step_order",type:"integer",notNull:!0,default:1},{name:"is_all_required",type:"boolean",notNull:!0,default:!1},{name:"connected_from_step_order",type:"integer"},{name:"position_x",type:"numeric"},{name:"position_y",type:"numeric"}],indexes:[{columns:["entity_id"]}]},{table_name:"verificationFlows",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"name",type:"varchar",length:255,notNull:!0},{name:"description",type:"text"},{name:"trigger_on",type:"varchar",length:50,notNull:!0,default:"update",enumValues:["create","update","delete","manual"]},{name:"trigger_fields",type:"jsonb"},{name:"is_draft",type:"boolean",notNull:!0,default:!0},{name:"published_at",type:"timestamptz"},{name:"viewport",type:"jsonb"}],indexes:[{columns:["entity_name"]},{columns:["entity_name","trigger_on"]},{columns:["is_draft"]}]},{table_name:"verificationSteps",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id",onDelete:"cascade"}},{name:"entity_name",type:"varchar",length:100,notNull:!0},{name:"node_id",type:"varchar",length:100,notNull:!0},{name:"node_type",type:"varchar",length:50,notNull:!0,default:"step",enumValues:["start","step","condition","notification","end"]},{name:"step_order",type:"integer",notNull:!0,default:1},{name:"name",type:"varchar",length:255},{name:"description",type:"text"},{name:"position_x",type:"numeric",notNull:!0,default:0},{name:"position_y",type:"numeric",notNull:!0,default:0},{name:"width",type:"numeric"},{name:"height",type:"numeric"},{name:"style",type:"jsonb"},{name:"data",type:"jsonb"}],indexes:[{columns:["flow_id"]},{columns:["entity_name"]},{columns:["flow_id","node_id"],unique:!0},{columns:["entity_name","step_order"]}]},{table_name:"verificationEdges",feature_set:["authentication","verification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id",onDelete:"cascade"}},{name:"edge_id",type:"varchar",length:100,notNull:!0},{name:"source_node_id",type:"varchar",length:100,notNull:!0},{name:"target_node_id",type:"varchar",length:100,notNull:!0},{name:"source_handle",type:"varchar",length:50},{name:"target_handle",type:"varchar",length:50},{name:"edge_type",type:"varchar",length:50,default:"default",enumValues:["default","conditional","success","failure"]},{name:"label",type:"varchar",length:255},{name:"condition",type:"jsonb"},{name:"style",type:"jsonb"},{name:"animated",type:"boolean",default:!1}],indexes:[{columns:["flow_id"]},{columns:["flow_id","edge_id"],unique:!0},{columns:["source_node_id"]},{columns:["target_node_id"]}]},{table_name:"verificationNotificationRules",feature_set:["authentication","verification","notification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"flow_id",type:"uuid",notNull:!0,references:{table:"verificationFlows",column:"id",onDelete:"cascade"}},{name:"step_node_id",type:"varchar",length:100},{name:"trigger",type:"varchar",length:50,notNull:!0,enumValues:["on_flow_started","on_step_reached","on_approved","on_rejected","on_flow_completed"]},{name:"channel",type:"varchar",length:20,notNull:!0,default:"portal",enumValues:["portal","email","both"]},{name:"title_template",type:"varchar",length:255},{name:"body_template",type:"text"},{name:"starts_at",type:"timestamptz"},{name:"expires_at",type:"timestamptz"}],indexes:[{columns:["flow_id"]},{columns:["flow_id","step_node_id"]},{columns:["trigger"]}]},{table_name:"verificationNotificationRecipients",feature_set:["authentication","verification","notification"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:[],bulk_endpoints_enabled:!0,columns:[{name:"rule_id",type:"uuid",notNull:!0},{name:"recipient_type",type:"varchar",length:20,notNull:!0,enumValues:["user","role","all_verifiers","step_verifier"]},{name:"recipient_user_id",type:"uuid"},{name:"recipient_role_id",type:"uuid"},{name:"channel",type:"varchar",length:20,notNull:!0,enumValues:["portal"]}],indexes:[{columns:["rule_id"]},{columns:["recipient_type"]},{columns:["channel"]}]},{table_name:"user_sessions",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","PATCH"],bulk_endpoints_enabled:!0,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"token_hash",type:"varchar",length:255,notNull:!0},{name:"refresh_token_hash",type:"varchar",length:255},{name:"device_fingerprint",type:"varchar",length:255},{name:"device_name",type:"varchar",length:100},{name:"device_type",type:"varchar",length:50,enumValues:["desktop","mobile","tablet","unknown"]},{name:"browser_name",type:"varchar",length:50},{name:"browser_version",type:"varchar",length:20},{name:"os_name",type:"varchar",length:50},{name:"os_version",type:"varchar",length:20},{name:"ip_address",type:"varchar",length:45,notNull:!0},{name:"location_country",type:"varchar",length:100},{name:"location_city",type:"varchar",length:100},{name:"location_coordinates",type:"varchar",length:50},{name:"last_activity_at",type:"timestamptz",notNull:!0,defaultRaw:"now()"},{name:"expires_at",type:"timestamptz",notNull:!0},{name:"revoked_at",type:"timestamptz"},{name:"revoked_reason",type:"varchar",length:100,enumValues:["user_logout","user_revoked","admin_revoked","security_concern","password_changed","expired","replaced"]},{name:"is_current",type:"boolean",notNull:!0,default:!1},{name:"login_method",type:"varchar",length:50,enumValues:["password","oauth_google","oauth_github","oauth_microsoft","magic_link","sso","api_key"]},{name:"trust_score",type:"integer",default:100},{name:"approval_status",type:"varchar",length:20,default:"approved",enumValues:["approved","pending","rejected"]},{name:"approval_token",type:"varchar",length:64},{name:"approval_requested_at",type:"timestamptz"},{name:"approval_responded_at",type:"timestamptz"}],indexes:[{columns:["user_id"]},{columns:["token_hash"],unique:!0},{columns:["refresh_token_hash"]},{columns:["user_id","is_active"]},{columns:["expires_at"]},{columns:["device_fingerprint"]},{columns:["ip_address"]},{columns:["last_activity_at"]},{columns:["approval_status"]},{columns:["approval_token"]}]},{table_name:"password_reset_tokens",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","PATCH","DELETE"],bulk_endpoints_enabled:!0,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"token_hash",type:"varchar",length:255,notNull:!0},{name:"expires_at",type:"timestamptz",notNull:!0},{name:"used_at",type:"timestamptz"}],indexes:[{columns:["token_hash"],unique:!0},{columns:["user_id"]},{columns:["expires_at"]}]},{table_name:"magic_link_tokens",feature_set:["authentication"],add_base_columns:!0,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","PATCH","DELETE"],bulk_endpoints_enabled:!0,columns:[{name:"user_id",type:"uuid",notNull:!0,references:{table:"users",column:"id",onDelete:"cascade"}},{name:"email",type:"varchar",length:255,notNull:!0},{name:"token_hash",type:"varchar",length:255,notNull:!0},{name:"expires_at",type:"timestamptz",notNull:!0},{name:"used_at",type:"timestamptz"}],indexes:[{columns:["token_hash"],unique:!0},{columns:["user_id"]},{columns:["email"]},{columns:["expires_at"]}]},{table_name:"audit_logs",feature_set:["audit"],add_base_columns:!1,is_form_data:!1,available_app_ids:["default_be"],available_schemas:["*"],excluded_schemas:[],excluded_methods:["POST","PUT","DELETE","PATCH","TOGGLE","VERIFICATION"],bulk_endpoints_enabled:!0,columns:[{name:"id",type:"uuid",primaryKey:!0,defaultRaw:"gen_random_uuid()"},{name:"entity_id",type:"uuid"},{name:"entity_name",type:"text",notNull:!0},{name:"operation_type",type:"text",notNull:!0},{name:"user_id",type:"uuid"},{name:"ip_address",type:"text"},{name:"user_agent",type:"text"},{name:"summary",type:"text"},{name:"old_values",type:"jsonb"},{name:"new_values",type:"jsonb"},{name:"created_at",type:"timestamp",notNull:!0,defaultRaw:"now()"},{name:"path",type:"text"},{name:"query",type:"text"}],indexes:[{columns:["entity_id"]},{columns:["entity_name"]},{columns:["user_id"]},{columns:["created_at"]}]}];var $h={GET:["GET"],POST:["POST"],PUT:["PUT"],DELETE:["DELETE"],PATCH:["PATCH"],TOGGLE:["PATCH"],VERIFICATION:["POST"]};function Ah(n,r){let t=[],o=n.authentication;if(!o)return t;if(o.login?.enabled&&o.login?.isPublic)t.push({path:o.login.route||`${r}/auth/login`,method:"POST",source:"auth"});if(o.register?.enabled&&o.register?.isPublic)t.push({path:o.register.route||`${r}/auth/register`,method:"POST",source:"auth"});if(o.logout?.enabled&&o.logout?.isPublic)t.push({path:o.logout.route||`${r}/auth/logout`,method:"POST",source:"auth"});if(o.refresh?.enabled&&o.refresh?.isPublic)t.push({path:o.refresh.route||`${r}/auth/refresh`,method:"POST",source:"auth"});if(o.passwordReset?.enabled&&o.passwordReset?.isPublic){let e=o.passwordReset.route||`${r}/auth/password-reset`;t.push({path:`${e}/request`,method:"POST",source:"auth"},{path:`${e}/confirm`,method:"POST",source:"auth"})}if(o.passwordChange?.enabled&&o.passwordChange?.isPublic)t.push({path:o.passwordChange.route||`${r}/auth/password-change`,method:"POST",source:"auth"});if(o.magicLink?.enabled&&o.magicLink?.isPublic)t.push({path:o.magicLink.route||`${r}/auth/magic-link`,method:"POST",source:"auth"},{path:o.magicLink.verifyRoute||`${r}/auth/magic-link/verify`,method:"GET",source:"auth"});if(o.register?.enabled&&o.register?.emailVerification?.enabled)t.push({path:`${r}/verify-email`,method:"GET",source:"auth"},{path:`${r}/resend-verification`,method:"POST",source:"auth"});if(o.invite?.enabled&&o.invite?.isPublic)t.push({path:o.invite.route||`${r}/auth/invite`,method:"POST",source:"auth"});if(o.invite?.enabled){let e=o.invite.route||`${r}/auth/invite`;t.push({path:`${e}/verify`,method:"POST",source:"auth"})}if(o.passwordSet?.enabled)t.push({path:o.passwordSet.route||`${r}/auth/password-set`,method:"POST",source:"auth"});if(o.captcha?.enabled&&o.captcha?.isPublic){let e=o.captcha.route||`${r}/auth/captcha`;t.push({path:`${e}/generate`,method:"GET",source:"auth"},{path:`${e}/validate`,method:"POST",source:"auth"})}if(o.oauth?.enabled){let e=o.oauth.basePath||`${r}/auth/oauth`,a=["google","github","microsoft","discord","facebook","twitter","apple","custom"];t.push({path:`${e}/providers`,method:"GET",source:"auth"});for(let c of a)t.push({path:`${e}/${c}`,method:"GET",source:"auth"},{path:`${e}/${c}/callback`,method:"GET",source:"auth"})}return t}function Mb(n,r,t){let o=[];for(let e of n){if(!e.is_public)continue;let a=`${r}/${t}/${e.table_name}`;for(let[c,i]of Object.entries(e.is_public)){if(!i)continue;let s=$h[c];if(!s)continue;for(let l of s)if(l==="GET")o.push({path:a,method:"GET",source:"entity"}),o.push({path:`${a}/:id`,method:"GET",source:"entity"});else if(l==="POST")o.push({path:a,method:"POST",source:"entity"});else if(l==="PUT"||l==="PATCH")o.push({path:`${a}/:id`,method:l,source:"entity"});else if(l==="DELETE")o.push({path:`${a}/:id`,method:"DELETE",source:"entity"})}}return o}function Rh(n,r,t){return Mb(n,r,t)}function Ll(n,r,t="",o="public"){let e=Ah(n,t),a=Mb(n.entities||[],t,o),c=Rh(r,t,o),i=[];if(n.pubsub?.enabled){let l=n.pubsub.basePath||"/subs",f=n.pubsub.wsPath||"/api/events/subscribe";i.push({path:`${l}/:topic`,method:"POST",source:"system"},{path:f,method:"GET",source:"system"})}let s=[{path:"/nucleus-core",method:"GET",source:"custom"},{path:"/public",method:"GET",source:"custom"},{path:"/docs",method:"GET",source:"custom"},{path:"/docs/json",method:"GET",source:"custom"},{path:"/swagger",method:"GET",source:"custom"},{path:"/swagger/json",method:"GET",source:"custom"}];return[...e,...a,...c,...i,...s]}function Xl(n,r,t){let o=r.replace(/\/$/,""),e=t.toUpperCase();for(let a of n){if(a.method!==e)continue;if(kh(a.path,o))return!0}return!1}function kh(n,r){if(n===r)return!0;let t=n.split("/").filter(Boolean),o=r.split("/").filter(Boolean);if(t.length!==o.length)return!1;for(let e=0;e<t.length;e++){let a=t[e],c=o[e];if(a?.startsWith(":"))continue;if(a!==c)return!1}return!0}Rl();Kc();Ic();import{asc as r5,desc as t5,eq as Sr,ilike as lg,inArray as o5,notInArray as e5,or as a5}from"drizzle-orm";import{drizzle as c5}from"drizzle-orm/node-postgres";import{Elysia as i5,t as Cn}from"elysia";import{t as Nn}from"elysia";function nf(n){let r={};if(!n||n.length===0)return Nn.Object({},{additionalProperties:!0});for(let t of n)switch(t.type?.toLowerCase()||"string"){case"integer":case"int":case"serial":case"bigserial":case"numeric":case"decimal":r[t.name]=t.notNull?Nn.Number():Nn.Optional(Nn.Number());break;case"boolean":r[t.name]=t.notNull?Nn.Boolean():Nn.Optional(Nn.Boolean());break;case"timestamp":case"timestamptz":case"date":r[t.name]=t.notNull?Nn.String({format:"date-time"}):Nn.Optional(Nn.String({format:"date-time"}));break;case"json":case"jsonb":r[t.name]=Nn.Optional(Nn.Unknown());break;case"uuid":r[t.name]=t.notNull?Nn.String({format:"uuid"}):Nn.Optional(Nn.String({format:"uuid"}));break;default:r[t.name]=t.notNull?Nn.String():Nn.Optional(Nn.String())}return Nn.Object(r,{additionalProperties:!0})}function sg(n){return Nn.Array(Nn.Object({id:Nn.String(),data:nf(n)}))}function rf(n,r){let{db:t,schemaTables:o,schemaRelations:e,entities:a,logger:c,databaseUrl:i,storage:s,authorization:l}=r,f=ma(s),u=l?.enabled??!1;if(!t)return n;let b=Object.keys(o),$=a.map((S)=>S.table_name),A=b.filter((S)=>!$.includes(S)),_=["userSessions","passwordResetTokens","magicLinkTokens"],m=["passwordResetTokens","magicLinkTokens"],E=["files"],R=A.filter((S)=>{if(m.includes(S)&&!r.emailServiceAvailable)return c.info(`Skipping ${S} routes - email service not available`),!1;return!0}).map((S)=>({table_name:S,group_name:_.includes(S)?"Authentication":S,is_form_data:E.includes(S)})),M=[...a,...R];c.info(`All entities: ${M.map((S)=>S.table_name).join(", ")}`);for(let S of M){let x=S.table_name,D=S.group_name||S.table_name,k=o[x];if(!k)continue;let B=e[`${x}Relations`];c.info(`Creating routes for table: ${x}`);let w=k,g=w.id,Y=t,V=nf(S.columns),C=Cn.Array(V),Q=sg(S.columns),j=Cn.Array(Cn.String()),L=new i5({prefix:`/${x}`});if(!S.excluded_methods?.includes("GET"))L.get("/",async(J)=>{if(!Y)return{success:!1,message:"DB not initialized"};let W=J.request.headers.get("x-user-id"),X=S.columns?.map((On)=>On.name),O=Object.keys(e).filter((On)=>On.startsWith(`${S.table_name}Relations`)).map((On)=>On.replace("Relations","")),F=null;if(u&&W){if(F=await Al({userId:W,method:"GET",entity:S.table_name,requestedFields:X,requestedRelations:O,db:Y,schemaTables:o,logger:c}),!F.authorized)return{success:!1,message:F.reason||"Unauthorized",status:403}}let K=Kl(J.query),q=[];if(u&&F?.scopeFilters)for(let[On,an]of Object.entries(F.scopeFilters)){let Sn=w[On];if(Sn)q.push(Sr(Sn,an))}if(K.search&&K.searchFields){let On=K.searchFields.map((an)=>{let Sn=w[an.trim()];return Sn?lg(Sn,`%${K.search}%`):null}).filter((an)=>an!==null);if(On.length>0){let an=a5(...On);if(an)q.push(an)}}if(K.filters){let{ne:On,gt:an,gte:Sn,lt:Er,lte:Fr,like:Uo,isNull:ie,isNotNull:ms}=await import("drizzle-orm");for(let gr of K.filters){let sr=w[gr.field];if(!sr)continue;switch(gr.operator){case"eq":q.push(Sr(sr,gr.value));break;case"neq":q.push(On(sr,gr.value));break;case"gt":q.push(an(sr,gr.value));break;case"gte":q.push(Sn(sr,gr.value));break;case"lt":q.push(Er(sr,gr.value));break;case"lte":q.push(Fr(sr,gr.value));break;case"like":q.push(Uo(sr,gr.value));break;case"ilike":q.push(lg(sr,gr.value));break;case"in":q.push(o5(sr,gr.value));break;case"notIn":q.push(e5(sr,gr.value));break;case"isNull":q.push(ie(sr));break;case"isNotNull":q.push(ms(sr));break}}}let rn=Y.select().from(k);if(q.length>0){let{and:On}=await import("drizzle-orm"),an=On(...q);if(an)rn=rn.where(an)}if(K.sort&&K.sort.length>0){let On=K.sort.map((an)=>{let Sn=w[an.field];if(!Sn)return null;return an.direction==="desc"?t5(Sn):r5(Sn)}).filter((an)=>an!==null);if(On.length>0)rn=rn.orderBy(...On)}let en=K.page??1,gn=K.limit??20,Gn=K.offset??(en-1)*gn,T=Y.select().from(k);if(q.length>0){let{and:On}=await import("drizzle-orm"),an=On(...q);if(an)T.where(an)}let Vn=(await T).length;rn=rn.limit(gn).offset(Gn);let ot=await rn,ce=ng(en,gn,Gn,Vn);if(u&&F?.allowedFields)ot=Jc(ot,F.allowedFields);return{success:!0,data:{items:ot,meta:ce}}},{detail:{tags:[D],summary:`List ${x}`,description:`Get paginated list of ${x} records with filtering, sorting, and search`}}),L.get("/:id",async(J)=>{if(!Y||!g)return{success:!1,message:"No id column or DB"};let W=J.params,X=Kl(J.query),O=J.request.headers.get("x-user-id"),F=S.columns?.map((gn)=>gn.name),K=X.with?.map((gn)=>gn.name),q=null;if(u&&O){if(q=await Al({userId:O,method:"GET",entity:S.table_name,requestedFields:F,requestedRelations:K,db:Y,schemaTables:o,logger:c}),!q.authorized)return{success:!1,message:q.reason||"Unauthorized",status:403}}if(X.with&&X.with.length>0&&B&&i){let gn=u&&q?.allowedRelations?X.with.filter((tn)=>q.allowedRelations?.includes(tn.name)??!1):X.with,T=await c5(i,{schema:{...o,...e}}).query[S.table_name]?.findFirst({where:Sr(g,W.id),with:gn.reduce((tn,Vn)=>{return tn[Vn.name]=Vn.limit?{limit:Vn.limit}:!0,tn},{})});if(u&&q?.allowedFields&&T)T=Jc(T,q.allowedFields);if(u&&q?.allowedRelations&&T)T=pu(T,q.allowedRelations);return{success:!0,data:T||null}}let en=(await Y.select().from(k).where(Sr(g,W.id)))[0]||null;if(u&&q?.allowedFields&&en)en=Jc(en,q.allowedFields);return{success:!0,data:en}},{detail:{tags:[D],summary:`Get ${x} by ID`,description:`Get a single ${x} record by its ID with optional relations`}}),L.get("/distinct/:field",async(J)=>{if(!Y)return{success:!1,message:"DB not initialized"};let W=J.params,X=w[W.field];if(!X)return{success:!1,message:"Field not found"};return{success:!0,data:await Y.selectDistinct({value:X}).from(k)}},{detail:{tags:[D],summary:`Get distinct ${x} values`,description:`Get distinct values for a specific field in ${x}`}});if(!S.excluded_methods?.includes("POST"))if(S.is_form_data&&f.enabled)L.post("/",async(J)=>{if(!Y)return{success:!1,message:"DB not initialized"};let W=J.request.headers.get("x-user-id"),{data:X,files:O}=wa(J.body,f),F=X;if(S.columns){F=_e(F,S.columns);let rn=ge(F,S.columns,!1);if(!rn.valid)return{success:!1,message:"Validation failed",errors:rn.errors}}let K=null;if(O.length>0){if(K=await ha(O,f,S.table_name),K.failed.length>0&&K.success.length===0)return{success:!1,message:"File upload failed",errors:K.failed};if(K.success.length>0){let rn=K.success[0];if(rn){let en=rn.originalName.split(".").pop()||"";F={...F,id:rn.id,name:rn.name,originalName:rn.originalName,path:rn.path,mimeType:rn.mimeType,size:rn.size,extension:en,uploadedBy:W}}}}if(W)F.createdBy=W;let q=await Y.insert(k).values(F).returning();{let rn=new URL(J.request.url);c.audit({entityName:S.table_name,entityId:String(q[0]?.id??""),operation:"CREATE",userId:W||void 0,summary:`Created ${S.table_name}`,newValues:q[0],ipAddress:J.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||J.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:J.request.headers.get("user-agent")||"unknown",path:rn.pathname,query:rn.search})}return{success:!0,data:q[0]}},{type:"formdata",body:Cn.Object({[f.formData.dataField]:Cn.Optional(Cn.Union([Cn.String(),Cn.Any()])),[f.formData.filesField]:Cn.Optional(Cn.Union([Cn.File(),Cn.Array(Cn.File())]))}),detail:{tags:[D],summary:`Create ${x} with files`,description:`Create a new ${x} record with file upload support`}});else L.post("/",async(J)=>{if(!Y)return{success:!1,message:"DB not initialized"};let W=J.body,X=J.request.headers.get("x-user-id");if(S.columns){W=_e(W,S.columns);let F=ge(W,S.columns,!1);if(!F.valid)return{success:!1,message:"Validation failed",errors:F.errors}}if(X)W.createdBy=X;let O=await Y.insert(k).values(W).returning();{let F=new URL(J.request.url);c.audit({entityName:S.table_name,entityId:String(O[0]?.id??""),operation:"CREATE",userId:X||void 0,summary:`Created ${S.table_name}`,newValues:O[0],ipAddress:J.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||J.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:J.request.headers.get("user-agent")||"unknown",path:F.pathname,query:F.search})}return{success:!0,data:O[0]}},{body:V,detail:{tags:[D],summary:`Create ${x}`,description:`Create a new ${x} record`}});if(!S.excluded_methods?.includes("PUT"))if(S.is_form_data&&f.enabled)L.put("/:id",async(J)=>{if(!Y||!g)return{success:!1,message:"No id column or DB"};let W=J.params,X=J.request.headers.get("x-user-id"),{data:O,files:F}=wa(J.body,f),K=O,q=await Y.select().from(k).where(Sr(g,W.id)).limit(1);if(S.columns){K=_e(K,S.columns);let gn=ge(K,S.columns,!1);if(!gn.valid)return{success:!1,message:"Validation failed",errors:gn.errors}}let rn=null;if(F.length>0)rn=await ha(F,f,S.table_name);let en=await Y.update(k).set(K).where(Sr(g,W.id)).returning();{let gn=new URL(J.request.url);c.audit({entityName:S.table_name,entityId:W.id,operation:"UPDATE",userId:X||void 0,summary:`Updated ${S.table_name} (${W.id})`,oldValues:q[0],newValues:en[0],ipAddress:J.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||J.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:J.request.headers.get("user-agent")||"unknown",path:gn.pathname,query:gn.search})}return{success:!0,data:{record:en[0],files:rn?.success||[],fileErrors:rn?.failed||[]}}},{type:"formdata",body:Cn.Object({[f.formData.dataField]:Cn.Optional(Cn.Union([Cn.String(),Cn.Any()])),[f.formData.filesField]:Cn.Optional(Cn.Union([Cn.File(),Cn.Array(Cn.File())]))}),detail:{tags:[D],summary:`Update ${x} with files`,description:`Full update of ${x} record with file upload support`}});else L.put("/:id",async(J)=>{if(!Y||!g)return{success:!1,message:"No id column or DB"};let{params:W,body:X}=J,O=J.request.headers.get("x-user-id"),F=await Y.select().from(k).where(Sr(g,W.id)).limit(1);if(S.columns){X=_e(X,S.columns);let q=ge(X,S.columns,!1);if(!q.valid)return{success:!1,message:"Validation failed",errors:q.errors}}if(X.updatedAt=new Date,O)X.updatedBy=O;let K=await Y.update(k).set(X).where(Sr(g,W.id)).returning();{let q=new URL(J.request.url);c.audit({entityName:S.table_name,entityId:W.id,operation:"UPDATE",userId:O||void 0,summary:`Updated ${S.table_name} (${W.id})`,oldValues:F[0],newValues:K[0],ipAddress:J.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||J.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:J.request.headers.get("user-agent")||"unknown",path:q.pathname,query:q.search})}return{success:!0,data:K[0]}},{body:V,detail:{tags:[D],summary:`Update ${x}`,description:`Full update of ${x} record`}});if(!S.excluded_methods?.includes("PATCH"))L.patch("/:id",async(J)=>{if(!Y||!g)return{success:!1,message:"No id column or DB"};let{params:W,body:X}=J,O=J.request.headers.get("x-user-id"),F=await Y.select().from(k).where(Sr(g,W.id)).limit(1);if(S.columns){X=_e(X,S.columns);let q=ge(X,S.columns,!0);if(!q.valid)return{success:!1,message:"Validation failed",errors:q.errors}}if(X.updatedAt=new Date,O)X.updatedBy=O;let K=await Y.update(k).set(X).where(Sr(g,W.id)).returning();{let q=new URL(J.request.url);c.audit({entityName:S.table_name,entityId:W.id,operation:"PATCH",userId:O||void 0,summary:`Patched ${S.table_name} (${W.id})`,oldValues:F[0],newValues:K[0],ipAddress:J.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||J.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:J.request.headers.get("user-agent")||"unknown",path:q.pathname,query:q.search})}return{success:!0,data:K[0]}},{body:V,detail:{tags:[D],summary:`Patch ${x}`,description:`Partial update of ${x} record`}});if(!S.excluded_methods?.includes("DELETE"))L.delete("/:id",async(J)=>{if(!Y||!g)return{success:!1,message:"No id column or DB"};let W=J.params,X=J.request.headers.get("x-user-id"),O=await Y.select().from(k).where(Sr(g,W.id)).limit(1);await Y.delete(k).where(Sr(g,W.id));{let F=new URL(J.request.url);c.audit({entityName:S.table_name,entityId:W.id,operation:"DELETE",userId:X||void 0,summary:`Deleted ${S.table_name} (${W.id})`,oldValues:O[0],ipAddress:J.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||J.request.headers.get("x-real-ip")?.trim()||"unknown",userAgent:J.request.headers.get("user-agent")||"unknown",path:F.pathname,query:F.search})}return{success:!0,data:null}},{detail:{tags:[D],summary:`Delete ${x}`,description:`Delete a ${x} record`}});if(S.bulk_endpoints_enabled){if(!S.excluded_methods?.includes("POST"))L.post("/bulk",async(J)=>{if(!Y)return{success:!1,message:"DB not initialized"};let W=J.body;if(!Array.isArray(W))return{success:!1,message:"Body must be an array"};try{return{success:!0,data:await Y.transaction(async(O)=>{let F=[];for(let K of W){let q=await O.insert(k).values(K).returning();F.push(q[0])}return F})}}catch(X){return{success:!1,message:X instanceof Error?X.message:"Transaction failed"}}},{body:C,detail:{tags:[D],summary:`Bulk create ${x}`,description:`Create multiple ${x} records`}});if(!S.excluded_methods?.includes("PUT"))L.put("/bulk",async(J)=>{if(!Y||!g)return{success:!1,message:"No id column or DB"};let W=J.body;if(!Array.isArray(W))return{success:!1,message:"Body must be an array"};try{return{success:!0,data:await Y.transaction(async(O)=>{let F=[];for(let K of W){let q=await O.update(k).set(K.data).where(Sr(g,K.id)).returning();F.push(q[0])}return F})}}catch(X){return{success:!1,message:X instanceof Error?X.message:"Transaction failed"}}},{body:Q,detail:{tags:[D],summary:`Bulk update ${x}`,description:`Update multiple ${x} records`}});if(!S.excluded_methods?.includes("DELETE"))L.delete("/bulk",async(J)=>{if(!Y||!g)return{success:!1,message:"No id column or DB"};let W=J.body;if(!Array.isArray(W))return{success:!1,message:"Body must be an array of ids"};try{return await Y.transaction(async(X)=>{for(let O of W)await X.delete(k).where(Sr(g,O))}),{success:!0,data:{deleted:W.length}}}catch(X){return{success:!1,message:X instanceof Error?X.message:"Transaction failed"}}},{body:j,detail:{tags:[D],summary:`Bulk delete ${x}`,description:`Delete multiple ${x} records`}})}n.use(L)}return n}import s5,{t as $a}from"elysia";function l5(n){let r=n.match(/^(\d+)(ms|s|m|h)$/);if(!r||!r[1]||!r[2])return 5000;let t=parseInt(r[1],10);switch(r[2]){case"ms":return t;case"s":return t*1000;case"m":return t*60*1000;case"h":return t*60*60*1000;default:return 5000}}function tf(n){let{monitoringService:r,logger:t,endpoints:o}=n,e=new s5({prefix:o.basePath});if(!o.enabled)return e;if(o.stream.enabled)e.get(o.stream.path,async function*({request:a}){t.info("[Monitoring] SSE stream connected");let c=l5(o.stream.interval),i=!0;a.signal.addEventListener("abort",()=>{i=!1,t.info("[Monitoring] SSE stream disconnected")});let s=await r.getLatestSnapshot();if(s)yield{event:"snapshot",data:JSON.stringify(s)};while(i){if(await new Promise((u)=>setTimeout(u,c)),!i)break;let l=await r.getLatestSnapshot();if(l)yield{event:"snapshot",data:JSON.stringify(l)};let f=r.getActiveAlerts();if(f.length>0)yield{event:"alerts",data:JSON.stringify(f)}}},{detail:{tags:["Monitoring"],summary:"Stream real-time monitoring data",description:"Server-Sent Events stream for real-time monitoring metrics"}});if(o.snapshot.enabled)e.get(o.snapshot.path,async()=>{let a=await r.getLatestSnapshot();if(!a)return{isSuccess:!1,message:"No monitoring data available",data:null};return{isSuccess:!0,message:"Current monitoring snapshot",data:a}},{detail:{tags:["Monitoring"],summary:"Get current monitoring snapshot",description:"Returns the latest monitoring metrics snapshot"}});if(o.history.enabled)e.get(o.history.path,async({query:a})=>{let c=Math.min(a.minutes?parseInt(String(a.minutes),10):60,o.history.maxMinutes),i=await r.getHistory(c);return{isSuccess:!0,message:`Monitoring history for last ${c} minutes`,data:{minutes:c,count:i.length,snapshots:i}}},{query:$a.Object({minutes:$a.Optional($a.Numeric())}),detail:{tags:["Monitoring"],summary:"Get monitoring history",description:"Returns historical monitoring data for the specified time range"}});if(o.alerts.enabled)e.get(o.alerts.path,()=>{let a=r.getActiveAlerts();return{isSuccess:!0,message:"Active alerts",data:{count:a.length,alerts:a}}},{detail:{tags:["Monitoring"],summary:"Get active alerts",description:"Returns all currently active monitoring alerts"}}),e.post(`${o.alerts.path}/:alertId/acknowledge`,({params:a})=>{if(!r.acknowledgeAlert(a.alertId))return{isSuccess:!1,message:"Alert not found",data:null};return{isSuccess:!0,message:"Alert acknowledged",data:{alertId:a.alertId}}},{params:$a.Object({alertId:$a.String()}),detail:{tags:["Monitoring"],summary:"Acknowledge an alert",description:"Mark an alert as acknowledged"}});return t.info(`[Monitoring] Routes enabled at ${o.basePath} (stream: ${o.stream.enabled}, snapshot: ${o.snapshot.enabled}, history: ${o.history.enabled}, alerts: ${o.alerts.enabled})`),e}import f5,{t as Vr}from"elysia";var d5={"Content-Type":"text/event-stream; charset=utf-8","Cache-Control":"no-cache, no-transform",Connection:"keep-alive"},u5=new TextEncoder,of=(n,r)=>{let t=typeof r==="string"?r:JSON.stringify(r);return u5.encode(`event: ${n}
|
|
66
66
|
data: ${t}
|
|
67
67
|
|
|
68
68
|
`)};function fg(n){let{getService:r,logger:t,basePath:o,streamInterval:e}=n,a=new f5({prefix:o}),c=()=>{let i=r();if(!i)throw Error("Live monitoring service not initialized");return i};return a.get("/health",()=>{let i=r();return{status:i?"ok":"initializing",timestamp:Date.now(),monitoring:i?.isEnabled()??!1}},{detail:{tags:["Live Monitoring"],summary:"Health check for live monitoring"}}),a.get("/settings",()=>{return c().getSettings()},{detail:{tags:["Live Monitoring"],summary:"Get live monitoring settings"}}),a.patch("/settings",({body:i})=>{return c().changeSettings(i)},{body:Vr.Partial(Vr.Object({logMemory:Vr.Boolean(),logCpu:Vr.Boolean(),logDapr:Vr.Boolean(),logWebSocket:Vr.Boolean(),memoryLogInterval:Vr.Number(),cpuLogInterval:Vr.Number(),memoryLogLimit:Vr.Number(),cpuLogLimit:Vr.Number(),daprLogLimit:Vr.Number(),wsLogLimit:Vr.Number(),requestLogLimit:Vr.Number()})),detail:{tags:["Live Monitoring"],summary:"Change live monitoring settings"}}),a.get("/logs",()=>{return c().getLogs()},{detail:{tags:["Live Monitoring"],summary:"Get all live monitoring logs"}}),a.get("/logs/stream",({request:i})=>{let s=i.signal,l,f=c(),u=f.getSnapshot(),b={memory:u.memory.length?u.memory[u.memory.length-1]?.timestamp??0:0,cpu:u.cpu.length?u.cpu[u.cpu.length-1]?.timestamp??0:0,request:u.requests.length?u.requests[u.requests.length-1]?.timestamp??0:0,dapr:u.dapr.length?u.dapr[u.dapr.length-1]?.timestamp??0:0,ws:u.ws.length?u.ws[u.ws.length-1]?.timestamp??0:0},$=new ReadableStream({start(A){let _=!1;A.enqueue(of("snapshot",u));let E=setInterval(()=>{if(_)return;let M=f.getUpdatesSince(b);if(!M){A.enqueue(of("heartbeat",{timestamp:Date.now()}));return}if(M.memory.length)b.memory=M.memory[M.memory.length-1]?.timestamp??b.memory;if(M.cpu.length)b.cpu=M.cpu[M.cpu.length-1]?.timestamp??b.cpu;if(M.requests.length)b.request=M.requests[M.requests.length-1]?.timestamp??b.request;if(M.dapr.length)b.dapr=M.dapr[M.dapr.length-1]?.timestamp??b.dapr;if(M.ws.length)b.ws=M.ws[M.ws.length-1]?.timestamp??b.ws;A.enqueue(of("update",M))},e),R=()=>{if(_)return;_=!0,clearInterval(E),s?.removeEventListener("abort",R);try{A.close()}catch{}};l=R,s?.addEventListener("abort",R)},cancel(){l?.()}});return new Response($,{headers:d5})},{detail:{tags:["Live Monitoring"],summary:"Stream real-time live monitoring data via SSE"}}),t.info(`[LiveMonitoring] Routes enabled at ${o} (stream interval: ${e}ms)`),a}import w5 from"elysia";var Aa=new Map;var dg=null;function b5(){let n=Date.now();for(let[r,t]of Aa)if(n-t>1e4)Aa.delete(r)}var Qo={totalSent:0,totalAcked:0,totalFailed:0,averageLatencyMs:0};function ug(){if(dg)return;dg=setInterval(b5,30000)}function ef(){return`msg_${Date.now()}_${Math.random().toString(36).substring(2,11)}`}async function af(n,r,t){if(!r.userId)return;let o=`pubsub:pending:user:${r.userId}:${r.messageId}`,e=`pubsub:user:pending-set:${r.userId}`;await n.create(o,r,t);let a=await n.read(e),c=a.success&&a.data?a.data:[];if(!c.includes(r.messageId))c.push(r.messageId),await n.create(e,c,t)}async function bg(n,r,t,o){let e=`${r}:${t}`;if(Aa.has(e))return!1;let a=`pubsub:pending:user:${r}:${t}`,c=`pubsub:user:pending-set:${r}`,i=`pubsub:ack:${r}:${t}`,s=await n.read(a);if(!s.success||!s.data)return Aa.set(e,Date.now()),!1;Aa.set(e,Date.now());let l=s.data,f={messageId:t,clientId:l.clientId,ackedAt:Date.now()};await n.create(i,f,60),await n.remove(a);let u=await n.read(c),$=(u.success&&u.data?u.data:[]).filter((_)=>_!==t);if($.length>0)await n.create(c,$,o);else await n.remove(c);let A=Date.now()-l.sentAt;return _5(A),!0}async function gg(n,r){if(!r)return[];let t=`pubsub:user:pending-set:${r}`,o=await n.read(t),e=o.success&&o.data?o.data:[],a=[];for(let c of e){let i=`pubsub:pending:user:${r}:${c}`,s=await n.read(i);if(s.success&&s.data)a.push(s.data)}return a.sort((c,i)=>c.sentAt-i.sentAt),a}async function _g(n,r){if(!r)return 0;let t=`pubsub:user:pending-set:${r}`,o=await n.read(t);return(o.success&&o.data?o.data:[]).length}async function mg(n,r,t,o,e){let a=`pubsub:pending:user:${r}:${t}`,c=await n.read(a);if(!c.success||!c.data)return!1;let i={...c.data,retryCount:c.data.retryCount+1};if(i.retryCount>=e)return await g5(n,r,t),m5(),!1;return await n.create(a,i,o),!0}async function g5(n,r,t){let o=`pubsub:pending:user:${r}:${t}`,e=`pubsub:user:pending-set:${r}`;await n.remove(o);let a=await n.read(e),i=(a.success&&a.data?a.data:[]).filter((s)=>s!==t);if(i.length>0)await n.create(e,i,300);else await n.remove(e)}function cf(){Qo.totalSent++}function _5(n){Qo.totalAcked++,Qo.averageLatencyMs=(Qo.averageLatencyMs*(Qo.totalAcked-1)+n)/Qo.totalAcked}function m5(){Qo.totalFailed++}var er=new Map,Ra=new Map;function wg(n){let{redis:r,logger:t}=n,o=n.ack.ttlSeconds,e=n.ack.enabled,a=n.ack.maxRetries,c=n.presence.enabled,i=n.presence.debounceMs,s=n.maxClientsPerUser;function l(){return`client_${Date.now()}_${Math.random().toString(36).substring(2,9)}`}function f(k,B,w,g){let Y=$(w);if(Y.length>=s){let V=Y[0];if(V)t.info("[PubSub] Max clients reached, closing oldest",{userId:w,oldestClientId:V}),u(V)}er.set(k,{ws:B,userId:w,subscribedTopics:new Set(g),connectedAt:Date.now(),pendingAcks:new Map}),t.info("[PubSub] Client registered",{clientId:k,userId:w,topics:g,totalClients:er.size})}function u(k){let B=er.get(k);if(!B)return;let w=B.userId;if(er.delete(k),t.info("[PubSub] Client unregistered",{clientId:k,userId:w,totalClients:er.size}),c&&w){if($(w).length===0)S(w,"offline")}}function b(k,B){let w=er.get(k);if(w)w.subscribedTopics=new Set(B)}function $(k){let B=[];for(let[w,g]of er)if(g.userId===k)B.push(w);return B}function A(){let k=new Set;for(let[,B]of er)if(B.userId)k.add(B.userId);return k}function _(){return er.size}function m(k,B){let w=er.get(k);if(!w)return!1;try{return w.ws.send(JSON.stringify(B)),!0}catch{return er.delete(k),!1}}function E(k,B){let w=ef(),g=Date.now(),Y=JSON.stringify({type:"event",messageId:e?w:void 0,topic:k,data:B,timestamp:g}),V=0;for(let[C,Q]of er)if(Q.subscribedTopics.has("*")||Q.subscribedTopics.has(k))try{if(Q.ws.send(Y),V++,e){if(Q.pendingAcks.set(w,{sentAt:g,retryCount:0}),cf(),Q.userId)af(r,{messageId:w,topic:k,clientId:C,userId:Q.userId,data:B,sentAt:g,retryCount:0,maxRetries:a},o).catch(()=>{})}}catch{er.delete(C)}t.info("[PubSub] Broadcasted event",{topic:k,messageId:w,sentCount:V})}function R(k,B,w){let g=ef(),Y=Date.now(),V=JSON.stringify({type:"event",messageId:e?g:void 0,topic:B,data:w,timestamp:Y}),C=0,Q=!1;for(let[j,L]of er){if(L.userId!==k)continue;if(!L.subscribedTopics.has("*")&&!L.subscribedTopics.has(B))continue;try{if(L.ws.send(V),C++,Q=!0,e)L.pendingAcks.set(g,{sentAt:Y,retryCount:0}),cf()}catch{er.delete(j)}}if(e)af(r,{messageId:g,topic:B,clientId:Q?"delivered":"pending",userId:k,data:w,sentAt:Y,retryCount:0,maxRetries:a},o).catch(()=>{});t.info("[PubSub] Broadcasted to user",{userId:k,topic:B,messageId:g,sentCount:C,storedForOffline:!Q})}function M(k,B,w){let g=Date.now(),Y=JSON.stringify({type:"event",topic:B,data:w,timestamp:g});for(let[V,C]of er){if(C.userId!==k)continue;if(!C.subscribedTopics.has("*")&&!C.subscribedTopics.has(B))continue;try{C.ws.send(Y)}catch{er.delete(V)}}}function S(k,B){let w=`${k}:${B}`,g=Date.now(),Y=Ra.get(w);if(Y&&g-Y<i)return;if(Ra.set(w,g),Ra.size>1000){let C=g-i*2;for(let[Q,j]of Ra)if(j<C)Ra.delete(Q)}let V=A();for(let C of V)if(C!==k)M(C,"user-presence",{type:"user-presence",data:{userId:k,status:B}})}async function x(k,B){if(!e)return!0;let w=er.get(k);if(!w)return!1;if(w.pendingAcks.get(B))w.pendingAcks.delete(B);if(w.userId)return bg(r,w.userId,B,o);return!0}async function D(k,B){if(!e)return 0;let w=er.get(B);if(!w||w.userId!==k)return 0;let g=await gg(r,k);if(g.length===0)return 0;t.info("[PubSub] Delivering pending messages",{userId:k,count:g.length});let Y=0;for(let V of g){if(!w.subscribedTopics.has("*")&&!w.subscribedTopics.has(V.topic))continue;let C=JSON.stringify({type:"event",messageId:V.messageId,topic:V.topic,data:V.data,timestamp:V.sentAt,isRedelivery:!0});try{w.ws.send(C),w.pendingAcks.set(V.messageId,{sentAt:Date.now(),retryCount:V.retryCount+1}),await mg(r,k,V.messageId,o,a),Y++}catch{break}}return Y}return{generateClientId:l,registerClient:f,unregisterClient:u,updateClientTopics:b,getClientsByUser:$,getConnectedUserIds:A,getClientCount:_,sendToClient:m,broadcastEvent:E,broadcastToUser:R,broadcastToUserNoAck:M,broadcastPresenceToOthers:S,handleClientAck:x,deliverPendingMessages:D,getPendingMessageCount:(k)=>_g(r,k)}}function sf(n){let{logger:r,getLiveMonitoringService:t}=n,o=wg(n);if(n.ack.enabled)ug();let e=null,a=new w5;return a.onStart(()=>{if(n.cleanupIntervalMs>0)e=setInterval(()=>{r.info("[PubSub] Periodic cleanup running",{totalClients:o.getClientCount()})},n.cleanupIntervalMs);r.info("[PubSub] Routes initialized",{basePath:n.basePath,wsPath:n.wsPath,ackEnabled:n.ack.enabled,presenceEnabled:n.presence.enabled})}),a.onStop(()=>{if(e)clearInterval(e),e=null}),a.post(`${n.basePath}/:topic`,async({params:c,body:i,request:s,set:l})=>{let f=c.topic,u;try{if(!i){let $=await s.text();u=JSON.parse($)}else u=i}catch{return l.status=200,{status:"DROP"}}r.info("[PubSub] Dapr event received",{topic:f,eventId:u.id,source:u.source});let b=u.data?.user_id;if(b)o.broadcastToUser(b,f,u);else o.broadcastEvent(f,u);return t?.()?.recordDaprEvent("pubsub_subscribe",{topic:f,success:!0,metadata:{eventId:u.id,source:u.source,userId:b||null}}),l.status=200,{status:"SUCCESS"}}),a.ws(n.wsPath,{idleTimeout:n.wsIdleTimeout,open(c){let i=c.data?.query||{};if(!i.userId){c.send(JSON.stringify({type:"error",error:"userId is required for WebSocket connection",timestamp:Date.now()})),c.close(4001,"userId is required"),t?.()?.recordWsEvent("error",{success:!1,error:"userId is required"});return}let s=o.generateClientId(),l=i.topics?.split(",").map((u)=>u.trim())||["*"];if(c.data.clientId=s,o.registerClient(s,c,i.userId,l),c.send(JSON.stringify({type:"connected",clientId:s,subscribedTopics:l,timestamp:Date.now()})),t?.()?.recordWsEvent("connection",{clientId:s,userId:i.userId,topic:l.join(","),success:!0}),n.presence.enabled)o.broadcastPresenceToOthers(i.userId,"online");let f=i.userId;if(n.ack.enabled&&f)o.getPendingMessageCount(f).then((u)=>{if(u>0)r.info("[PubSub] Delivering pending messages",{userId:f,count:u}),o.deliverPendingMessages(f,s).catch(()=>{})}).catch(()=>{})},message(c,i){let s=c.data.clientId;try{let l=null;if(typeof i==="string")l=JSON.parse(i);else if(i&&typeof i==="object"){if(l="type"in i?i:null,typeof l==="string")l=JSON.parse(l)}if(!l?.type)return;switch(t?.()?.recordWsEvent("message",{clientId:s,messageType:l.type,success:!0,dataSize:typeof i==="string"?i.length:0}),l.type){case"subscribe":if(Array.isArray(l.topics))o.updateClientTopics(s,l.topics),o.sendToClient(s,{type:"subscribed",topics:l.topics,timestamp:Date.now()});break;case"unsubscribe":r.info("[PubSub] Unsubscribe request",{clientId:s,topics:l.topics});break;case"ping":o.sendToClient(s,{type:"pong",timestamp:Date.now()});break;case"ack":if(l.messageId)o.handleClientAck(s,l.messageId).catch(()=>{});break}}catch{r.warn("[PubSub] Failed to parse client message",{clientId:s})}},close(c,i,s){let l=c.data.clientId;if(l)o.unregisterClient(l);t?.()?.recordWsEvent("close",{clientId:l,success:!0,metadata:{code:i,reason:s||""}}),r.info("[PubSub] Client disconnected",{clientId:l,code:i,reason:s})}}),{plugin:a,clientManager:o}}Yl();import{Elysia as h5,t as Kn}from"elysia";function hg(n){let{db:r,schemaTables:t,config:o,logger:e}=n,a=new Wl({db:r,schemaTables:t,config:o,logger:e}),c=o.endpoints?.basePath||"/verifications",i=new h5({prefix:c});return i.get("/status/:entity_name/:entity_id",async({params:s})=>{return{success:!0,data:await a.getStatus(s.entity_name,s.entity_id)}},{params:Kn.Object({entity_name:Kn.String(),entity_id:Kn.String()})}),i.post("/:entity_name/:entity_id/decide",async({params:s,body:l,request:f})=>{let u=f.headers.get("x-user-id");if(!u)return{success:!1,message:"User ID required",status:401};return await a.decide({entity_name:s.entity_name,entity_id:s.entity_id,user_id:u,decision:l.decision,reason:l.reason,signature_id:l.signature_id,diff:l.diff})},{params:Kn.Object({entity_name:Kn.String(),entity_id:Kn.String()}),body:Kn.Object({decision:Kn.Union([Kn.Literal("approved"),Kn.Literal("rejected")]),reason:Kn.Optional(Kn.String()),signature_id:Kn.Optional(Kn.String()),diff:Kn.Optional(Kn.Record(Kn.String(),Kn.Unknown()))})}),i.get("/pending",async({request:s})=>{let l=s.headers.get("x-user-id");if(!l)return{success:!1,message:"User ID required",status:401};return{success:!0,data:await a.getPending(l)}}),i.get("/history/:entity_name/:entity_id",async({params:s})=>{let l=await a.getStatus(s.entity_name,s.entity_id);return{success:!0,data:{verifications:l.verifications,current_step:l.current_step,total_steps:l.total_steps,is_completed:l.is_completed,is_rejected:l.is_rejected}}},{params:Kn.Object({entity_name:Kn.String(),entity_id:Kn.String()})}),e.info(`[Verification] Routes registered at ${c}`),i}import{Elysia as P$}from"elysia";var $g=`/* basic theme */
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "nucleus-core-ts",
|
|
3
|
-
"version": "0.8.
|
|
3
|
+
"version": "0.8.71",
|
|
4
4
|
"description": "Production-ready, enterprise-grade TypeScript framework for building multi-tenant APIs",
|
|
5
5
|
"author": "Hidayet Can Özcan <hidayetcan@gmail.com>",
|
|
6
6
|
"license": "SEE LICENSE IN LICENSE",
|
|
@@ -94,4 +94,4 @@
|
|
|
94
94
|
"h-state": "latest",
|
|
95
95
|
"ioredis": "latest"
|
|
96
96
|
}
|
|
97
|
-
}
|
|
97
|
+
}
|