npm - nucleus-core-ts - Versions diffs - 0.9.111 → 0.9.113 - Mend

nucleus-core-ts 0.9.111 → 0.9.113

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/dist/client.js +1 -1
package/dist/index.js +11 -10
package/dist/src/Client/ApiCaller/system-tables.d.ts +55 -0
package/dist/src/Client/ApiCaller/types.d.ts +142 -0
package/dist/src/ElysiaPlugin/routes/auth/cohort/index.d.ts +30 -0
package/dist/src/ElysiaPlugin/routes/auth/cohort/types.d.ts +22 -0
package/dist/src/ElysiaPlugin/routes/auth/emailExempt.d.ts +9 -0
package/dist/src/ElysiaPlugin/routes/auth/types.d.ts +1 -0
package/dist/src/types.d.ts +26 -0
package/package.json +1 -1
package/schemas/config.nucleus.json +41 -0
package/src/system.tables.json +83 -0

package/dist/src/Client/ApiCaller/system-tables.d.ts CHANGED Viewed

@@ -55,6 +55,14 @@ export declare const SYSTEM_TABLES: readonly [{
         readonly name: "is_god";
         readonly type: "boolean";
         readonly default: false;
+    }, {
+        readonly name: "cohort_id";
+        readonly type: "uuid";
+        readonly references: {
+            readonly table: "user_cohorts";
+            readonly column: "id";
+            readonly onDelete: "set null";
+        };
     }];
     readonly indexes: readonly [{
         readonly columns: readonly ["email"];
@@ -65,6 +73,53 @@ export declare const SYSTEM_TABLES: readonly [{
         readonly columns: readonly ["last_login_at"];
     }, {
         readonly columns: readonly ["is_locked", "locked_until"];
+    }, {
+        readonly columns: readonly ["cohort_id"];
+    }];
+}, {
+    readonly table_name: "user_cohorts";
+    readonly feature_set: readonly ["authentication"];
+    readonly add_base_columns: true;
+    readonly is_form_data: false;
+    readonly available_app_ids: readonly ["default_be"];
+    readonly available_schemas: readonly ["*"];
+    readonly excluded_schemas: readonly [];
+    readonly excluded_methods: readonly [];
+    readonly columns: readonly [{
+        readonly name: "name";
+        readonly type: "varchar";
+        readonly length: 255;
+        readonly notNull: true;
+    }, {
+        readonly name: "description";
+        readonly type: "text";
+    }, {
+        readonly name: "created_by";
+        readonly type: "uuid";
+        readonly references: {
+            readonly table: "users";
+            readonly column: "id";
+            readonly onDelete: "set null";
+        };
+    }, {
+        readonly name: "expires_at";
+        readonly type: "timestamptz";
+    }, {
+        readonly name: "user_count";
+        readonly type: "integer";
+        readonly notNull: true;
+        readonly default: 0;
+    }, {
+        readonly name: "metadata";
+        readonly type: "jsonb";
+        readonly default: "{}";
+    }];
+    readonly indexes: readonly [{
+        readonly columns: readonly ["name"];
+    }, {
+        readonly columns: readonly ["expires_at"];
+    }, {
+        readonly columns: readonly ["created_by"];
     }];
 }, {
     readonly table_name: "profiles";

package/dist/src/Client/ApiCaller/types.d.ts CHANGED Viewed

@@ -1617,6 +1617,7 @@ export type SystemPaymentPriceEntity = InferEntity<SystemTables, 'payment_prices
 export type SystemPaymentCustomerEntity = InferEntity<SystemTables, 'payment_customers'>;
 export type SystemPaymentSubscriptionEntity = InferEntity<SystemTables, 'payment_subscriptions'>;
 export type SystemPaymentInvoiceEntity = InferEntity<SystemTables, 'payment_invoices'>;
+export type SystemUserCohortEntity = InferEntity<SystemTables, 'user_cohorts'>;
 export type MeResponseData = {
     user: SystemUserEntity;
     profile: SystemProfileEntity | null;
@@ -3077,3 +3078,144 @@ export declare const MONITORING_ENDPOINT_CONFIGS: {
         _error: BaseErrorResponse;
     };
 };
+export type CohortPayload = {
+    name: string;
+    description?: string;
+    expiresAt?: string;
+    metadata?: Record<string, unknown>;
+};
+export type CohortUpdatePayload = {
+    id: string;
+    name?: string;
+    description?: string;
+    expiresAt?: string | null;
+    isActive?: boolean;
+    metadata?: Record<string, unknown>;
+};
+export type BulkCreateUsersPayload = {
+    users?: Array<{
+        email: string;
+        password: string;
+        profile?: {
+            firstName?: string;
+            lastName?: string;
+        };
+    }>;
+    emailPrefix?: string;
+    emailDomain?: string;
+    sharedPassword?: string;
+    count?: number;
+    roleIds?: string[];
+};
+export type BulkCreateUsersResponse = {
+    created: number;
+    skipped: number;
+    skippedEmails: string[];
+    users: Array<{
+        id: string;
+        email: string;
+    }>;
+};
+export type CohortBulkOpsResponse = {
+    affected: number;
+};
+export declare const COHORT_ENDPOINT_CONFIGS: {
+    listCohorts: {
+        key: "ADMIN_LIST_COHORTS";
+        method: "GET";
+        path: string;
+        _payload: StandardQueryParams;
+        _success: ListResponse<SystemUserCohortEntity>;
+        _error: BaseErrorResponse;
+    };
+    getCohort: {
+        key: "ADMIN_GET_COHORT";
+        method: "GET";
+        path: string;
+        _payload: {
+            id: string;
+        };
+        _success: SingleResponse<SystemUserCohortEntity & {
+            users: SystemUserEntity[];
+        }>;
+        _error: BaseErrorResponse;
+    };
+    createCohort: {
+        key: "ADMIN_CREATE_COHORT";
+        method: "POST";
+        path: string;
+        _payload: CohortPayload;
+        _success: MutationResponse<SystemUserCohortEntity>;
+        _error: BaseErrorResponse;
+    };
+    updateCohort: {
+        key: "ADMIN_UPDATE_COHORT";
+        method: "PATCH";
+        path: string;
+        _payload: CohortUpdatePayload;
+        _success: MutationResponse<SystemUserCohortEntity>;
+        _error: BaseErrorResponse;
+    };
+    deleteCohort: {
+        key: "ADMIN_DELETE_COHORT";
+        method: "DELETE";
+        path: string;
+        _payload: {
+            id: string;
+        };
+        _success: DeleteResponse;
+        _error: BaseErrorResponse;
+    };
+    bulkCreateUsers: {
+        key: "ADMIN_COHORT_BULK_CREATE";
+        method: "POST";
+        path: string;
+        _payload: BulkCreateUsersPayload & {
+            id: string;
+        };
+        _success: MutationResponse<BulkCreateUsersResponse>;
+        _error: BaseErrorResponse;
+    };
+    deactivateUsers: {
+        key: "ADMIN_COHORT_DEACTIVATE";
+        method: "POST";
+        path: string;
+        _payload: {
+            id: string;
+        };
+        _success: MutationResponse<CohortBulkOpsResponse>;
+        _error: BaseErrorResponse;
+    };
+    activateUsers: {
+        key: "ADMIN_COHORT_ACTIVATE";
+        method: "POST";
+        path: string;
+        _payload: {
+            id: string;
+        };
+        _success: MutationResponse<CohortBulkOpsResponse>;
+        _error: BaseErrorResponse;
+    };
+    deleteUsers: {
+        key: "ADMIN_COHORT_DELETE_USERS";
+        method: "POST";
+        path: string;
+        _payload: {
+            id: string;
+        };
+        _success: MutationResponse<{
+            deleted: number;
+        }>;
+        _error: BaseErrorResponse;
+    };
+    exportUsers: {
+        key: "ADMIN_COHORT_EXPORT";
+        method: "GET";
+        path: string;
+        _payload: {
+            id: string;
+        };
+        _success: string;
+        _error: BaseErrorResponse;
+    };
+};

package/dist/src/ElysiaPlugin/routes/auth/cohort/index.d.ts ADDED Viewed

@@ -0,0 +1,30 @@
+import { Elysia } from 'elysia';
+import type { CohortRouteConfig } from './types';
+export declare function createCohortRoutes(config: CohortRouteConfig): Elysia<"", {
+    decorator: {};
+    store: {};
+    derive: {};
+    resolve: {};
+}, {
+    typebox: {};
+    error: {};
+}, {
+    schema: {};
+    standaloneSchema: {};
+    macro: {};
+    macroFn: {};
+    parser: {};
+    response: {};
+}, {}, {
+    derive: {};
+    resolve: {};
+    schema: {};
+    standaloneSchema: {};
+    response: {};
+}, {
+    derive: {};
+    resolve: {};
+    schema: {};
+    standaloneSchema: {};
+    response: {};
+}>;

package/dist/src/ElysiaPlugin/routes/auth/cohort/types.d.ts ADDED Viewed

@@ -0,0 +1,22 @@
+import type { NodePgDatabase } from 'drizzle-orm/node-postgres';
+import type { Logger } from 'src/Services';
+export type CohortRouteConfig = {
+    db: NodePgDatabase | null;
+    logger: Logger;
+    cohortsTable: ReturnType<typeof import('drizzle-orm/pg-core').pgTable> | null;
+    usersTable: ReturnType<typeof import('drizzle-orm/pg-core').pgTable> | null;
+    rolesTable: ReturnType<typeof import('drizzle-orm/pg-core').pgTable> | null;
+    userRolesTable: ReturnType<typeof import('drizzle-orm/pg-core').pgTable> | null;
+    profilesTable: ReturnType<typeof import('drizzle-orm/pg-core').pgTable> | null;
+    basePath: string;
+    passwordPolicy?: {
+        minLength?: number;
+        maxLength?: number;
+        requireUppercase?: boolean;
+        requireLowercase?: boolean;
+        requireNumber?: boolean;
+        requireSpecialChar?: boolean;
+    };
+    defaultRole?: string;
+    emailExemptDomains?: string[];
+};

package/dist/src/ElysiaPlugin/routes/auth/emailExempt.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+/**
+ * Checks if an email address belongs to a domain exempted from
+ * email-based operations (notifications, verification, password reset emails,
+ * suspicious login alerts, device approval flows).
+ *
+ * Exempt users still authenticate normally and are fully audited — only
+ * outbound email operations are skipped.
+ */
+export declare function isEmailExempt(email: string, exemptDomains: string[] | undefined): boolean;

package/dist/src/ElysiaPlugin/routes/auth/types.d.ts CHANGED Viewed

@@ -35,6 +35,7 @@ export interface AuthRouteConfig {
         defaultRole?: string;
         cookieMaxAgeBufferSeconds?: number;
         cookieDomain?: string;
+        emailExemptDomains?: string[];
         accessToken?: {
             secret?: string;
             expiresIn?: string;

package/dist/src/types.d.ts CHANGED Viewed

@@ -165,6 +165,32 @@ export interface NucleusConfigOptions {
          * Use leading dot to cover all subdomains: ".vorion.ai"
          */
         cookieDomain?: string;
+        /**
+         * Email domains exempt from all email-based operations:
+         * login notifications, email verification, password reset emails,
+         * suspicious login alerts, and device approval flows.
+         * Users with matching domains still authenticate normally and are fully audited.
+         * Example: ["vorionai.com", "training.local"]
+         */
+        emailExemptDomains?: string[];
+        /**
+         * Admin user creation configuration.
+         */
+        adminCreateUser?: {
+            enabled?: boolean;
+            route?: string;
+            allowRoles?: string[];
+        };
+        /**
+         * User cohort (batch) management configuration.
+         * Cohorts group users for bulk lifecycle management (training sessions, demos, etc.)
+         */
+        cohorts?: {
+            enabled?: boolean;
+            basePath?: string;
+            /** Auto-lock cohort users when cohort expires_at is reached. Checked on startup + hourly. */
+            autoExpireLock?: boolean;
+        };
         passwordPolicy?: {
             minLength?: number;
             maxLength?: number;

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
 	"name": "nucleus-core-ts",
-	"version": "0.9.111",
+	"version": "0.9.113",
 	"description": "Production-ready, enterprise-grade TypeScript framework for building multi-tenant APIs",
 	"author": "Hidayet Can Özcan <hidayetcan@gmail.com>",
 	"license": "SEE LICENSE IN LICENSE",

package/schemas/config.nucleus.json CHANGED Viewed

@@ -136,6 +136,47 @@
           "type": "string",
           "description": "Cookie domain for cross-subdomain auth sharing. Set to env var name (e.g. \"COOKIE_DOMAIN\") or literal value (e.g. \".vorion.ai\"). Use leading dot to cover all subdomains: \".vorion.ai\""
         },
+        "emailExemptDomains": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "description": "Email domains exempt from all email-based operations: login notifications, email verification, password reset emails, suspicious login alerts, and device approval flows. Users with matching domains still authenticate normally and are fully audited. Example: [\"vorionai.com\", \"training.local\"]"
+        },
+        "adminCreateUser": {
+          "type": "object",
+          "properties": {
+            "enabled": {
+              "type": "boolean"
+            },
+            "route": {
+              "type": "string"
+            },
+            "allowRoles": {
+              "type": "array",
+              "items": {
+                "type": "string"
+              }
+            }
+          },
+          "description": "Admin user creation configuration."
+        },
+        "cohorts": {
+          "type": "object",
+          "properties": {
+            "enabled": {
+              "type": "boolean"
+            },
+            "basePath": {
+              "type": "string"
+            },
+            "autoExpireLock": {
+              "type": "boolean",
+              "description": "Auto-lock cohort users when cohort expires_at is reached. Checked on startup + hourly."
+            }
+          },
+          "description": "User cohort (batch) management configuration. Cohorts group users for bulk lifecycle management (training sessions, demos, etc.)"
+        },
         "passwordPolicy": {
           "type": "object",
           "properties": {

package/src/system.tables.json CHANGED Viewed

@@ -77,6 +77,15 @@
           "name": "is_god",
           "type": "boolean",
           "default": false
+        },
+        {
+          "name": "cohort_id",
+          "type": "uuid",
+          "references": {
+            "table": "user_cohorts",
+            "column": "id",
+            "onDelete": "set null"
+          }
         }
       ],
       "indexes": [
@@ -102,6 +111,80 @@
             "is_locked",
             "locked_until"
           ]
+        },
+        {
+          "columns": [
+            "cohort_id"
+          ]
+        }
+      ]
+    },
+    {
+      "table_name": "user_cohorts",
+      "feature_set": [
+        "authentication"
+      ],
+      "add_base_columns": true,
+      "is_form_data": false,
+      "available_app_ids": [
+        "default_be"
+      ],
+      "available_schemas": [
+        "*"
+      ],
+      "excluded_schemas": [],
+      "excluded_methods": [],
+      "columns": [
+        {
+          "name": "name",
+          "type": "varchar",
+          "length": 255,
+          "notNull": true
+        },
+        {
+          "name": "description",
+          "type": "text"
+        },
+        {
+          "name": "created_by",
+          "type": "uuid",
+          "references": {
+            "table": "users",
+            "column": "id",
+            "onDelete": "set null"
+          }
+        },
+        {
+          "name": "expires_at",
+          "type": "timestamptz"
+        },
+        {
+          "name": "user_count",
+          "type": "integer",
+          "notNull": true,
+          "default": 0
+        },
+        {
+          "name": "metadata",
+          "type": "jsonb",
+          "default": "{}"
+        }
+      ],
+      "indexes": [
+        {
+          "columns": [
+            "name"
+          ]
+        },
+        {
+          "columns": [
+            "expires_at"
+          ]
+        },
+        {
+          "columns": [
+            "created_by"
+          ]
         }
       ]
     },