payload 3.49.0 → 3.49.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (57) hide show
  1. package/dist/admin/forms/Field.d.ts +3 -0
  2. package/dist/admin/forms/Field.d.ts.map +1 -1
  3. package/dist/admin/forms/Field.js.map +1 -1
  4. package/dist/admin/views/document.d.ts +6 -0
  5. package/dist/admin/views/document.d.ts.map +1 -1
  6. package/dist/admin/views/document.js.map +1 -1
  7. package/dist/auth/isUserLocked.d.ts +1 -1
  8. package/dist/auth/isUserLocked.d.ts.map +1 -1
  9. package/dist/auth/isUserLocked.js +1 -1
  10. package/dist/auth/isUserLocked.js.map +1 -1
  11. package/dist/auth/operations/login.d.ts +5 -0
  12. package/dist/auth/operations/login.d.ts.map +1 -1
  13. package/dist/auth/operations/login.js +38 -4
  14. package/dist/auth/operations/login.js.map +1 -1
  15. package/dist/auth/operations/refresh.d.ts.map +1 -1
  16. package/dist/auth/operations/refresh.js +14 -5
  17. package/dist/auth/operations/refresh.js.map +1 -1
  18. package/dist/auth/strategies/local/incrementLoginAttempts.d.ts +4 -4
  19. package/dist/auth/strategies/local/incrementLoginAttempts.d.ts.map +1 -1
  20. package/dist/auth/strategies/local/incrementLoginAttempts.js +104 -27
  21. package/dist/auth/strategies/local/incrementLoginAttempts.js.map +1 -1
  22. package/dist/auth/strategies/local/resetLoginAttempts.d.ts.map +1 -1
  23. package/dist/auth/strategies/local/resetLoginAttempts.js +3 -4
  24. package/dist/auth/strategies/local/resetLoginAttempts.js.map +1 -1
  25. package/dist/collections/endpoints/findDistinct.d.ts.map +1 -1
  26. package/dist/collections/endpoints/findDistinct.js +2 -1
  27. package/dist/collections/endpoints/findDistinct.js.map +1 -1
  28. package/dist/collections/endpoints/index.js +1 -0
  29. package/dist/collections/endpoints/index.js.map +1 -1
  30. package/dist/collections/operations/findDistinct.d.ts +1 -0
  31. package/dist/collections/operations/findDistinct.d.ts.map +1 -1
  32. package/dist/collections/operations/findDistinct.js +9 -2
  33. package/dist/collections/operations/findDistinct.js.map +1 -1
  34. package/dist/collections/operations/local/findDistinct.d.ts +9 -0
  35. package/dist/collections/operations/local/findDistinct.d.ts.map +1 -1
  36. package/dist/collections/operations/local/findDistinct.js +2 -1
  37. package/dist/collections/operations/local/findDistinct.js.map +1 -1
  38. package/dist/database/queryValidation/validateSearchParams.d.ts.map +1 -1
  39. package/dist/database/queryValidation/validateSearchParams.js +15 -15
  40. package/dist/database/queryValidation/validateSearchParams.js.map +1 -1
  41. package/dist/uploads/checkFileRestrictions.d.ts.map +1 -1
  42. package/dist/uploads/checkFileRestrictions.js +9 -1
  43. package/dist/uploads/checkFileRestrictions.js.map +1 -1
  44. package/dist/uploads/detectSvgFromXml.d.ts +5 -0
  45. package/dist/uploads/detectSvgFromXml.d.ts.map +1 -0
  46. package/dist/uploads/detectSvgFromXml.js +43 -0
  47. package/dist/uploads/detectSvgFromXml.js.map +1 -0
  48. package/dist/uploads/endpoints/getFile.d.ts.map +1 -1
  49. package/dist/uploads/endpoints/getFile.js +5 -1
  50. package/dist/uploads/endpoints/getFile.js.map +1 -1
  51. package/dist/uploads/getExternalFile.d.ts.map +1 -1
  52. package/dist/uploads/getExternalFile.js +1 -1
  53. package/dist/uploads/getExternalFile.js.map +1 -1
  54. package/dist/uploads/types.d.ts +6 -1
  55. package/dist/uploads/types.d.ts.map +1 -1
  56. package/dist/uploads/types.js.map +1 -1
  57. package/package.json +2 -2
package/dist/admin/forms/Field.d.ts CHANGED
@@ -54,6 +54,9 @@ export type FieldPaths = {
54
54
  */
55
55
  path: string;
56
56
  };
57
+ /**
58
+ * TODO: This should be renamed to `FieldComponentServerProps` or similar
59
+ */
57
60
  export type ServerComponentProps = {
58
61
  clientField: ClientFieldWithOptionalType;
59
62
  clientFieldSchemaMap: ClientFieldSchemaMap;
package/dist/admin/forms/Field.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"Field.d.ts","sourceRoot":"","sources":["../../../src/admin/forms/Field.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAA;AAC1D,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,eAAe,CAAA;AAEjD,OAAO,KAAK,EAAE,yBAAyB,EAAE,MAAM,qBAAqB,CAAA;AACpE,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,KAAK,EAAE,MAAM,8BAA8B,CAAA;AACnF,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAA;AAC/C,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAA;AACrE,OAAO,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAC9E,OAAO,KAAK,EACV,oBAAoB,EACpB,SAAS,EACT,IAAI,EACJ,cAAc,EACd,SAAS,EACT,SAAS,EACT,aAAa,EACd,MAAM,aAAa,CAAA;AAEpB,MAAM,MAAM,2BAA2B,GAAG,YAAY,CAAC,WAAW,EAAE,MAAM,CAAC,CAAA;AAE3E,MAAM,MAAM,oBAAoB,GAAG;IACjC,gBAAgB,CAAC,EAAE,SAAS,CAAC,kBAAkB,CAAC,CAAA;IAChD,KAAK,EAAE,WAAW,GAAG,WAAW,GAAG,SAAS,CAAA;IAC5C,WAAW,CAAC,EAAE,OAAO,CAAA;IACrB,WAAW,CAAC,EAAE,yBAAyB,CAAA;IACvC,QAAQ,CAAC,EAAE,OAAO,CAAA;IAClB,cAAc,CAAC,EAAE,aAAa,EAAE,CAAA;IAChC;;;;;QAKI;IACJ,UAAU,CAAC,EAAE,MAAM,CAAA;CACpB,CAAA;AAGD,MAAM,MAAM,UAAU,GAAG;IACvB;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB;;OAEG;IACH,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB;;;;;OAKG;IACH,gBAAgB,CAAC,EAAE,MAAM,CAAA;IACzB;;;;;;;;;;;;;OAaG;IACH,IAAI,EAAE,MAAM,CAAA;CACb,CAAA;AAED,MAAM,MAAM,oBAAoB,GAAG;IACjC,WAAW,EAAE,2BAA2B,CAAA;IACxC,oBAAoB,EAAE,oBAAoB,CAAA;IAC1C,cAAc,EAAE,MAAM,CAAA;IACtB,IAAI,EAAE,IAAI,CAAA;IACV,KAAK,EAAE,KAAK,CAAA;IACZ;;OAEG;IACH,cAAc,EAAE,cAAc,CAAA;IAC9B;;;OAGG;IACH,SAAS,EAAE,SAAS,CAAA;IACpB,IAAI,EAAE,UAAU,CAAA;IAChB,EAAE,CAAC,EAAE,MAAM,GAAG,MAAM,CAAA;IACpB,SAAS,EAAE,SAAS,CAAA;IACpB,OAAO,EAAE,OAAO,CAAA;IAChB,WAAW,EAAE,yBAAyB,CAAA;IACtC,WAAW,EAAE,mBAAmB,CAAA;IAChC,GAAG,EAAE,cAAc,CAAA;IACnB,WAAW,EAAE,IAAI,CAAA;IACjB,IAAI,EAAE,SAAS,CAAA;IACf,KAAK,CAAC,EAAE,OAAO,CAAA;CAChB,CAAA;AAED,MAAM,MAAM,eAAe,CACzB,YAAY,SAAS,2BAA2B,GAAG,2BAA2B,IAC5E;IACF,QAAQ,CAAC,KAAK,EAAE,YAAY,CAAA;CAC7B,GAAG,IAAI,CAAC,oBAAoB,EAAE,kBAAkB,GAAG,OAAO,CAAC,CAAA;AAE5D,MAAM,MAAM,eAAe,CACzB,YAAY,SAAS,KAAK,GAAG,KAAK,EAClC,YAAY,SAAS,2BAA2B,GAAG,2BAA2B,IAC5E;IACF,QAAQ,CAAC,WAAW,EAAE,YAAY,CAAA;IAClC,QAAQ,CAAC,KAAK,EAAE,YAAY,CAAA;CAC7B,GAAG,IAAI,CAAC,oBAAoB,EAAE,OAAO,CAAC,GACrC,IAAI,CAAC,oBAAoB,EAAE,aAAa,GAAG,OAAO,CAAC,CAAA;AAErD,MAAM,MAAM,oBAAoB,CAC9B,YAAY,SAAS,2BAA2B,GAAG,2BAA2B,EAC9E,eAAe,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,IACvE,KAAK,CAAC,aAAa,CAAC,eAAe,GAAG,eAAe,CAAC,YAAY,CAAC,CAAC,CAAA;AAExE,MAAM,MAAM,oBAAoB,CAC9B,YAAY,SAAS,KAAK,GAAG,KAAK,EAClC,YAAY,SAAS,2BAA2B,GAAG,2BAA2B,EAC9E,eAAe,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,IACvE,KAAK,CAAC,aAAa,CAAC,eAAe,GAAG,eAAe,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC,CAAA"}
1
+ {"version":3,"file":"Field.d.ts","sourceRoot":"","sources":["../../../src/admin/forms/Field.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAA;AAC1D,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,eAAe,CAAA;AAEjD,OAAO,KAAK,EAAE,yBAAyB,EAAE,MAAM,qBAAqB,CAAA;AACpE,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,KAAK,EAAE,MAAM,8BAA8B,CAAA;AACnF,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAA;AAC/C,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAA;AACrE,OAAO,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAC9E,OAAO,KAAK,EACV,oBAAoB,EACpB,SAAS,EACT,IAAI,EACJ,cAAc,EACd,SAAS,EACT,SAAS,EACT,aAAa,EACd,MAAM,aAAa,CAAA;AAEpB,MAAM,MAAM,2BAA2B,GAAG,YAAY,CAAC,WAAW,EAAE,MAAM,CAAC,CAAA;AAE3E,MAAM,MAAM,oBAAoB,GAAG;IACjC,gBAAgB,CAAC,EAAE,SAAS,CAAC,kBAAkB,CAAC,CAAA;IAChD,KAAK,EAAE,WAAW,GAAG,WAAW,GAAG,SAAS,CAAA;IAC5C,WAAW,CAAC,EAAE,OAAO,CAAA;IACrB,WAAW,CAAC,EAAE,yBAAyB,CAAA;IACvC,QAAQ,CAAC,EAAE,OAAO,CAAA;IAClB,cAAc,CAAC,EAAE,aAAa,EAAE,CAAA;IAChC;;;;;QAKI;IACJ,UAAU,CAAC,EAAE,MAAM,CAAA;CACpB,CAAA;AAGD,MAAM,MAAM,UAAU,GAAG;IACvB;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB;;OAEG;IACH,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB;;;;;OAKG;IACH,gBAAgB,CAAC,EAAE,MAAM,CAAA;IACzB;;;;;;;;;;;;;OAaG;IACH,IAAI,EAAE,MAAM,CAAA;CACb,CAAA;AAED;;GAEG;AACH,MAAM,MAAM,oBAAoB,GAAG;IACjC,WAAW,EAAE,2BAA2B,CAAA;IACxC,oBAAoB,EAAE,oBAAoB,CAAA;IAC1C,cAAc,EAAE,MAAM,CAAA;IACtB,IAAI,EAAE,IAAI,CAAA;IACV,KAAK,EAAE,KAAK,CAAA;IACZ;;OAEG;IACH,cAAc,EAAE,cAAc,CAAA;IAC9B;;;OAGG;IACH,SAAS,EAAE,SAAS,CAAA;IACpB,IAAI,EAAE,UAAU,CAAA;IAChB,EAAE,CAAC,EAAE,MAAM,GAAG,MAAM,CAAA;IACpB,SAAS,EAAE,SAAS,CAAA;IACpB,OAAO,EAAE,OAAO,CAAA;IAChB,WAAW,EAAE,yBAAyB,CAAA;IACtC,WAAW,EAAE,mBAAmB,CAAA;IAChC,GAAG,EAAE,cAAc,CAAA;IACnB,WAAW,EAAE,IAAI,CAAA;IACjB,IAAI,EAAE,SAAS,CAAA;IACf,KAAK,CAAC,EAAE,OAAO,CAAA;CAChB,CAAA;AAED,MAAM,MAAM,eAAe,CACzB,YAAY,SAAS,2BAA2B,GAAG,2BAA2B,IAC5E;IACF,QAAQ,CAAC,KAAK,EAAE,YAAY,CAAA;CAC7B,GAAG,IAAI,CAAC,oBAAoB,EAAE,kBAAkB,GAAG,OAAO,CAAC,CAAA;AAE5D,MAAM,MAAM,eAAe,CACzB,YAAY,SAAS,KAAK,GAAG,KAAK,EAClC,YAAY,SAAS,2BAA2B,GAAG,2BAA2B,IAC5E;IACF,QAAQ,CAAC,WAAW,EAAE,YAAY,CAAA;IAClC,QAAQ,CAAC,KAAK,EAAE,YAAY,CAAA;CAC7B,GAAG,IAAI,CAAC,oBAAoB,EAAE,OAAO,CAAC,GACrC,IAAI,CAAC,oBAAoB,EAAE,aAAa,GAAG,OAAO,CAAC,CAAA;AAErD,MAAM,MAAM,oBAAoB,CAC9B,YAAY,SAAS,2BAA2B,GAAG,2BAA2B,EAC9E,eAAe,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,IACvE,KAAK,CAAC,aAAa,CAAC,eAAe,GAAG,eAAe,CAAC,YAAY,CAAC,CAAC,CAAA;AAExE,MAAM,MAAM,oBAAoB,CAC9B,YAAY,SAAS,KAAK,GAAG,KAAK,EAClC,YAAY,SAAS,2BAA2B,GAAG,2BAA2B,EAC9E,eAAe,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,IACvE,KAAK,CAAC,aAAa,CAAC,eAAe,GAAG,eAAe,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC,CAAA"}
package/dist/admin/forms/Field.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../src/admin/forms/Field.ts"],"sourcesContent":["import type { I18nClient } from '@payloadcms/translations'\nimport type { MarkOptional } from 'ts-essentials'\n\nimport type { SanitizedFieldPermissions } from '../../auth/types.js'\nimport type { ClientBlock, ClientField, Field } from '../../fields/config/types.js'\nimport type { TypedUser } from '../../index.js'\nimport type { DocumentPreferences } from '../../preferences/types.js'\nimport type { Operation, Payload, PayloadRequest } from '../../types/index.js'\nimport type {\n ClientFieldSchemaMap,\n ClientTab,\n Data,\n FieldSchemaMap,\n FormField,\n FormState,\n RenderedField,\n} from '../types.js'\n\nexport type ClientFieldWithOptionalType = MarkOptional<ClientField, 'type'>\n\nexport type ClientComponentProps = {\n customComponents?: FormField['customComponents']\n field: ClientBlock | ClientField | ClientTab\n forceRender?: boolean\n permissions?: SanitizedFieldPermissions\n readOnly?: boolean\n renderedBlocks?: RenderedField[]\n /**\n * Used to extract field configs from a schemaMap.\n * Does not include indexes.\n *\n * @default field.name\n **/\n schemaPath?: string\n}\n\n// TODO: maybe we can come up with a better name?\nexport type FieldPaths = {\n /**\n * @default ''\n */\n indexPath?: string\n /**\n * @default ''\n */\n parentPath?: string\n /**\n * The path built up to the point of the field\n * excluding the field name.\n *\n * @default ''\n */\n parentSchemaPath?: string\n /**\n * A built up path to access FieldState in the form state.\n * Nested fields will have a path that includes the parent field names\n * if they are nested within a group, array, block or named tab.\n *\n * Collapsibles and unnamed tabs will have arbitrary paths\n * that look like _index-0, _index-1, etc.\n *\n * Row fields will not have a path.\n *\n * @example 'parentGroupField.childTextField'\n *\n * @default field.name\n */\n path: string\n}\n\nexport type ServerComponentProps = {\n clientField: ClientFieldWithOptionalType\n clientFieldSchemaMap: ClientFieldSchemaMap\n collectionSlug: string\n data: Data\n field: Field\n /**\n * The fieldSchemaMap that is created before form state is built is made available here.\n */\n fieldSchemaMap: FieldSchemaMap\n /**\n * Server Components will also have available to the entire form state.\n * We cannot add it to ClientComponentProps as that would blow up the size of the props sent to the client.\n */\n formState: FormState\n i18n: I18nClient\n id?: number | string\n operation: Operation\n payload: Payload\n permissions: SanitizedFieldPermissions\n preferences: DocumentPreferences\n req: PayloadRequest\n siblingData: Data\n user: TypedUser\n value?: unknown\n}\n\nexport type ClientFieldBase<\n TFieldClient extends ClientFieldWithOptionalType = ClientFieldWithOptionalType,\n> = {\n readonly field: TFieldClient\n} & Omit<ClientComponentProps, 'customComponents' | 'field'>\n\nexport type ServerFieldBase<\n TFieldServer extends Field = Field,\n TFieldClient extends ClientFieldWithOptionalType = ClientFieldWithOptionalType,\n> = {\n readonly clientField: TFieldClient\n readonly field: TFieldServer\n} & Omit<ClientComponentProps, 'field'> &\n Omit<ServerComponentProps, 'clientField' | 'field'>\n\nexport type FieldClientComponent<\n TFieldClient extends ClientFieldWithOptionalType = ClientFieldWithOptionalType,\n AdditionalProps extends Record<string, unknown> = Record<string, unknown>,\n> = React.ComponentType<AdditionalProps & ClientFieldBase<TFieldClient>>\n\nexport type FieldServerComponent<\n TFieldServer extends Field = Field,\n TFieldClient extends ClientFieldWithOptionalType = ClientFieldWithOptionalType,\n AdditionalProps extends Record<string, unknown> = Record<string, unknown>,\n> = React.ComponentType<AdditionalProps & ServerFieldBase<TFieldServer, TFieldClient>>\n"],"names":[],"mappings":"AAqHA,WAIsF"}
1
+ {"version":3,"sources":["../../../src/admin/forms/Field.ts"],"sourcesContent":["import type { I18nClient } from '@payloadcms/translations'\nimport type { MarkOptional } from 'ts-essentials'\n\nimport type { SanitizedFieldPermissions } from '../../auth/types.js'\nimport type { ClientBlock, ClientField, Field } from '../../fields/config/types.js'\nimport type { TypedUser } from '../../index.js'\nimport type { DocumentPreferences } from '../../preferences/types.js'\nimport type { Operation, Payload, PayloadRequest } from '../../types/index.js'\nimport type {\n ClientFieldSchemaMap,\n ClientTab,\n Data,\n FieldSchemaMap,\n FormField,\n FormState,\n RenderedField,\n} from '../types.js'\n\nexport type ClientFieldWithOptionalType = MarkOptional<ClientField, 'type'>\n\nexport type ClientComponentProps = {\n customComponents?: FormField['customComponents']\n field: ClientBlock | ClientField | ClientTab\n forceRender?: boolean\n permissions?: SanitizedFieldPermissions\n readOnly?: boolean\n renderedBlocks?: RenderedField[]\n /**\n * Used to extract field configs from a schemaMap.\n * Does not include indexes.\n *\n * @default field.name\n **/\n schemaPath?: string\n}\n\n// TODO: maybe we can come up with a better name?\nexport type FieldPaths = {\n /**\n * @default ''\n */\n indexPath?: string\n /**\n * @default ''\n */\n parentPath?: string\n /**\n * The path built up to the point of the field\n * excluding the field name.\n *\n * @default ''\n */\n parentSchemaPath?: string\n /**\n * A built up path to access FieldState in the form state.\n * Nested fields will have a path that includes the parent field names\n * if they are nested within a group, array, block or named tab.\n *\n * Collapsibles and unnamed tabs will have arbitrary paths\n * that look like _index-0, _index-1, etc.\n *\n * Row fields will not have a path.\n *\n * @example 'parentGroupField.childTextField'\n *\n * @default field.name\n */\n path: string\n}\n\n/**\n * TODO: This should be renamed to `FieldComponentServerProps` or similar\n */\nexport type ServerComponentProps = {\n clientField: ClientFieldWithOptionalType\n clientFieldSchemaMap: ClientFieldSchemaMap\n collectionSlug: string\n data: Data\n field: Field\n /**\n * The fieldSchemaMap that is created before form state is built is made available here.\n */\n fieldSchemaMap: FieldSchemaMap\n /**\n * Server Components will also have available to the entire form state.\n * We cannot add it to ClientComponentProps as that would blow up the size of the props sent to the client.\n */\n formState: FormState\n i18n: I18nClient\n id?: number | string\n operation: Operation\n payload: Payload\n permissions: SanitizedFieldPermissions\n preferences: DocumentPreferences\n req: PayloadRequest\n siblingData: Data\n user: TypedUser\n value?: unknown\n}\n\nexport type ClientFieldBase<\n TFieldClient extends ClientFieldWithOptionalType = ClientFieldWithOptionalType,\n> = {\n readonly field: TFieldClient\n} & Omit<ClientComponentProps, 'customComponents' | 'field'>\n\nexport type ServerFieldBase<\n TFieldServer extends Field = Field,\n TFieldClient extends ClientFieldWithOptionalType = ClientFieldWithOptionalType,\n> = {\n readonly clientField: TFieldClient\n readonly field: TFieldServer\n} & Omit<ClientComponentProps, 'field'> &\n Omit<ServerComponentProps, 'clientField' | 'field'>\n\nexport type FieldClientComponent<\n TFieldClient extends ClientFieldWithOptionalType = ClientFieldWithOptionalType,\n AdditionalProps extends Record<string, unknown> = Record<string, unknown>,\n> = React.ComponentType<AdditionalProps & ClientFieldBase<TFieldClient>>\n\nexport type FieldServerComponent<\n TFieldServer extends Field = Field,\n TFieldClient extends ClientFieldWithOptionalType = ClientFieldWithOptionalType,\n AdditionalProps extends Record<string, unknown> = Record<string, unknown>,\n> = React.ComponentType<AdditionalProps & ServerFieldBase<TFieldServer, TFieldClient>>\n"],"names":[],"mappings":"AAwHA,WAIsF"}
package/dist/admin/views/document.d.ts CHANGED
@@ -2,6 +2,7 @@ import type { SanitizedPermissions } from '../../auth/types.js';
2
2
  import type { SanitizedCollectionConfig } from '../../collections/config/types.js';
3
3
  import type { PayloadComponent, SanitizedConfig, ServerProps } from '../../config/types.js';
4
4
  import type { SanitizedGlobalConfig } from '../../globals/config/types.js';
5
+ import type { PayloadRequest } from '../../types/index.js';
5
6
  import type { Data, DocumentSlots, FormState } from '../types.js';
6
7
  import type { InitPageResult, ViewTypes } from './index.js';
7
8
  export type EditViewProps = {
@@ -44,6 +45,7 @@ export type DocumentTabServerPropsOnly = {
44
45
  readonly collectionConfig?: SanitizedCollectionConfig;
45
46
  readonly globalConfig?: SanitizedGlobalConfig;
46
47
  readonly permissions: SanitizedPermissions;
48
+ readonly req: PayloadRequest;
47
49
  } & ServerProps;
48
50
  export type DocumentTabClientProps = {
49
51
  path: string;
@@ -51,9 +53,13 @@ export type DocumentTabClientProps = {
51
53
  export type DocumentTabServerProps = DocumentTabClientProps & DocumentTabServerPropsOnly;
52
54
  export type DocumentTabCondition = (args: {
53
55
  collectionConfig: SanitizedCollectionConfig;
56
+ /**
57
+ * @deprecated: Use `req.payload.config` instead. This will be removed in v4.
58
+ */
54
59
  config: SanitizedConfig;
55
60
  globalConfig: SanitizedGlobalConfig;
56
61
  permissions: SanitizedPermissions;
62
+ req: PayloadRequest;
57
63
  }) => boolean;
58
64
  export type DocumentTabConfig = {
59
65
  readonly Component?: DocumentTabComponent;
package/dist/admin/views/document.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"document.d.ts","sourceRoot":"","sources":["../../../src/admin/views/document.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAA;AAC/D,OAAO,KAAK,EAAE,yBAAyB,EAAE,MAAM,mCAAmC,CAAA;AAClF,OAAO,KAAK,EAAE,gBAAgB,EAAE,eAAe,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAA;AAC3F,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,+BAA+B,CAAA;AAC1E,OAAO,KAAK,EAAE,IAAI,EAAE,aAAa,EAAE,SAAS,EAAE,MAAM,aAAa,CAAA;AACjE,OAAO,KAAK,EAAE,cAAc,EAAE,SAAS,EAAE,MAAM,YAAY,CAAA;AAE3D,MAAM,MAAM,aAAa,GAAG;IAC1B,QAAQ,CAAC,cAAc,CAAC,EAAE,MAAM,CAAA;IAChC,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAA;CAC7B,CAAA;AACD;;GAEG;AACH,MAAM,MAAM,gCAAgC,GAAG;IAC7C;;OAEG;IACH,aAAa,CAAC,EAAE,OAAO,CAAA;IACvB;;;OAGG;IACH,6BAA6B,CAAC,EAAE,OAAO,CAAA;CACxC,CAAA;AAED,MAAM,MAAM,2BAA2B,GAAG;IACxC,GAAG,EAAE,IAAI,CAAA;IACT,eAAe,EAAE,OAAO,CAAA;IACxB,cAAc,EAAE,cAAc,CAAA;IAC9B,aAAa,EAAE,MAAM,EAAE,CAAA;IACvB,QAAQ,CAAC,EAAE,gCAAgC,CAAA;CAC5C,GAAG,WAAW,CAAA;AAEf,MAAM,MAAM,uBAAuB,GAAG,uBAAuB,GAAG,2BAA2B,CAAA;AAE3F,MAAM,MAAM,uBAAuB,GAAG;IACpC,mBAAmB,EAAE,oBAAoB,CAAA;IACzC,SAAS,EAAE,SAAS,CAAA;IACpB,QAAQ,EAAE,SAAS,CAAA;CACpB,GAAG,aAAa,CAAA;AAEjB;;GAEG;AACH,MAAM,MAAM,oBAAoB,GAAG,KAAK,GAAG,SAAS,GAAG,SAAS,GAAG,UAAU,CAAA;AAE7E,MAAM,MAAM,0BAA0B,GAAG;IACvC,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAA;IACxB,QAAQ,CAAC,gBAAgB,CAAC,EAAE,yBAAyB,CAAA;IACrD,QAAQ,CAAC,YAAY,CAAC,EAAE,qBAAqB,CAAA;IAC7C,QAAQ,CAAC,WAAW,EAAE,oBAAoB,CAAA;CAC3C,GAAG,WAAW,CAAA;AAEf,MAAM,MAAM,sBAAsB,GAAG;IACnC,IAAI,EAAE,MAAM,CAAA;CACb,CAAA;AAED,MAAM,MAAM,sBAAsB,GAAG,sBAAsB,GAAG,0BAA0B,CAAA;AAExF,MAAM,MAAM,oBAAoB,GAAG,CAAC,IAAI,EAAE;IACxC,gBAAgB,EAAE,yBAAyB,CAAA;IAC3C,MAAM,EAAE,eAAe,CAAA;IACvB,YAAY,EAAE,qBAAqB,CAAA;IACnC,WAAW,EAAE,oBAAoB,CAAA;CAClC,KAAK,OAAO,CAAA;AAIb,MAAM,MAAM,iBAAiB,GAAG;IAC9B,QAAQ,CAAC,SAAS,CAAC,EAAE,oBAAoB,CAAA;IACzC,QAAQ,CAAC,SAAS,CAAC,EAAE,oBAAoB,CAAA;IACzC,QAAQ,CAAC,IAAI,CAAC,EACV,CAAC,CAAC,IAAI,EAAE;QACN,MAAM,EAAE,MAAM,CAAA;QACd,UAAU,EAAE,yBAAyB,CAAA;QACrC,MAAM,EAAE,qBAAqB,CAAA;QAC7B,EAAE,CAAC,EAAE,MAAM,CAAA;QACX,MAAM,EAAE,eAAe,CAAC,QAAQ,CAAC,CAAA;KAClC,KAAK,MAAM,CAAC,GACb,MAAM,CAAA;IACV,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,IAAI,EAAE;QAAE,IAAI,EAAE,MAAM,CAAA;KAAE,KAAK,OAAO,CAAC,GAAG,OAAO,CAAA;IACnE,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,IAAI,EAAE;QAAE,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,MAAM,CAAA;KAAE,KAAK,MAAM,CAAC,GAAG,MAAM,CAAA;IAC5E,QAAQ,CAAC,MAAM,CAAC,EAAE,OAAO,CAAA;IACzB;;;OAGG;IACH,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAA;IACvB,QAAQ,CAAC,IAAI,CAAC,EAAE,gBAAgB,CAAA;CACjC,CAAA;AAED;;GAEG;AACH,MAAM,MAAM,oBAAoB,GAAG,gBAAgB,CAAC;IAClD,IAAI,EAAE,MAAM,CAAA;CACb,CAAC,CAAA;AAIF,MAAM,MAAM,iCAAiC,GAAG,EAAE,CAAA;AAClD,MAAM,MAAM,qCAAqC,GAAG,EAAE,GAAG,WAAW,CAAA;AACpE,MAAM,MAAM,iCAAiC,GAAG,iCAAiC,GAC/E,qCAAqC,CAAA"}
1
+ {"version":3,"file":"document.d.ts","sourceRoot":"","sources":["../../../src/admin/views/document.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAA;AAC/D,OAAO,KAAK,EAAE,yBAAyB,EAAE,MAAM,mCAAmC,CAAA;AAClF,OAAO,KAAK,EAAE,gBAAgB,EAAE,eAAe,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAA;AAC3F,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,+BAA+B,CAAA;AAC1E,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAC1D,OAAO,KAAK,EAAE,IAAI,EAAE,aAAa,EAAE,SAAS,EAAE,MAAM,aAAa,CAAA;AACjE,OAAO,KAAK,EAAE,cAAc,EAAE,SAAS,EAAE,MAAM,YAAY,CAAA;AAE3D,MAAM,MAAM,aAAa,GAAG;IAC1B,QAAQ,CAAC,cAAc,CAAC,EAAE,MAAM,CAAA;IAChC,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAA;CAC7B,CAAA;AACD;;GAEG;AACH,MAAM,MAAM,gCAAgC,GAAG;IAC7C;;OAEG;IACH,aAAa,CAAC,EAAE,OAAO,CAAA;IACvB;;;OAGG;IACH,6BAA6B,CAAC,EAAE,OAAO,CAAA;CACxC,CAAA;AAED,MAAM,MAAM,2BAA2B,GAAG;IACxC,GAAG,EAAE,IAAI,CAAA;IACT,eAAe,EAAE,OAAO,CAAA;IACxB,cAAc,EAAE,cAAc,CAAA;IAC9B,aAAa,EAAE,MAAM,EAAE,CAAA;IACvB,QAAQ,CAAC,EAAE,gCAAgC,CAAA;CAC5C,GAAG,WAAW,CAAA;AAEf,MAAM,MAAM,uBAAuB,GAAG,uBAAuB,GAAG,2BAA2B,CAAA;AAE3F,MAAM,MAAM,uBAAuB,GAAG;IACpC,mBAAmB,EAAE,oBAAoB,CAAA;IACzC,SAAS,EAAE,SAAS,CAAA;IACpB,QAAQ,EAAE,SAAS,CAAA;CACpB,GAAG,aAAa,CAAA;AAEjB;;GAEG;AACH,MAAM,MAAM,oBAAoB,GAAG,KAAK,GAAG,SAAS,GAAG,SAAS,GAAG,UAAU,CAAA;AAE7E,MAAM,MAAM,0BAA0B,GAAG;IACvC,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAA;IACxB,QAAQ,CAAC,gBAAgB,CAAC,EAAE,yBAAyB,CAAA;IACrD,QAAQ,CAAC,YAAY,CAAC,EAAE,qBAAqB,CAAA;IAC7C,QAAQ,CAAC,WAAW,EAAE,oBAAoB,CAAA;IAC1C,QAAQ,CAAC,GAAG,EAAE,cAAc,CAAA;CAC7B,GAAG,WAAW,CAAA;AAEf,MAAM,MAAM,sBAAsB,GAAG;IACnC,IAAI,EAAE,MAAM,CAAA;CACb,CAAA;AAED,MAAM,MAAM,sBAAsB,GAAG,sBAAsB,GAAG,0BAA0B,CAAA;AAExF,MAAM,MAAM,oBAAoB,GAAG,CAAC,IAAI,EAAE;IACxC,gBAAgB,EAAE,yBAAyB,CAAA;IAC3C;;OAEG;IACH,MAAM,EAAE,eAAe,CAAA;IACvB,YAAY,EAAE,qBAAqB,CAAA;IACnC,WAAW,EAAE,oBAAoB,CAAA;IACjC,GAAG,EAAE,cAAc,CAAA;CACpB,KAAK,OAAO,CAAA;AAIb,MAAM,MAAM,iBAAiB,GAAG;IAC9B,QAAQ,CAAC,SAAS,CAAC,EAAE,oBAAoB,CAAA;IACzC,QAAQ,CAAC,SAAS,CAAC,EAAE,oBAAoB,CAAA;IACzC,QAAQ,CAAC,IAAI,CAAC,EACV,CAAC,CAAC,IAAI,EAAE;QACN,MAAM,EAAE,MAAM,CAAA;QACd,UAAU,EAAE,yBAAyB,CAAA;QACrC,MAAM,EAAE,qBAAqB,CAAA;QAC7B,EAAE,CAAC,EAAE,MAAM,CAAA;QACX,MAAM,EAAE,eAAe,CAAC,QAAQ,CAAC,CAAA;KAClC,KAAK,MAAM,CAAC,GACb,MAAM,CAAA;IACV,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,IAAI,EAAE;QAAE,IAAI,EAAE,MAAM,CAAA;KAAE,KAAK,OAAO,CAAC,GAAG,OAAO,CAAA;IACnE,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,IAAI,EAAE;QAAE,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,MAAM,CAAA;KAAE,KAAK,MAAM,CAAC,GAAG,MAAM,CAAA;IAC5E,QAAQ,CAAC,MAAM,CAAC,EAAE,OAAO,CAAA;IACzB;;;OAGG;IACH,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAA;IACvB,QAAQ,CAAC,IAAI,CAAC,EAAE,gBAAgB,CAAA;CACjC,CAAA;AAED;;GAEG;AACH,MAAM,MAAM,oBAAoB,GAAG,gBAAgB,CAAC;IAClD,IAAI,EAAE,MAAM,CAAA;CACb,CAAC,CAAA;AAIF,MAAM,MAAM,iCAAiC,GAAG,EAAE,CAAA;AAClD,MAAM,MAAM,qCAAqC,GAAG,EAAE,GAAG,WAAW,CAAA;AACpE,MAAM,MAAM,iCAAiC,GAAG,iCAAiC,GAC/E,qCAAqC,CAAA"}
package/dist/admin/views/document.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../src/admin/views/document.ts"],"sourcesContent":["import type { SanitizedPermissions } from '../../auth/types.js'\nimport type { SanitizedCollectionConfig } from '../../collections/config/types.js'\nimport type { PayloadComponent, SanitizedConfig, ServerProps } from '../../config/types.js'\nimport type { SanitizedGlobalConfig } from '../../globals/config/types.js'\nimport type { Data, DocumentSlots, FormState } from '../types.js'\nimport type { InitPageResult, ViewTypes } from './index.js'\n\nexport type EditViewProps = {\n readonly collectionSlug?: string\n readonly globalSlug?: string\n}\n/**\n * Properties specific to the versions view\n */\nexport type RenderDocumentVersionsProperties = {\n /**\n * @default false\n */\n disableGutter?: boolean\n /**\n * Use createdAt cell that appends params to the url on version selection instead of redirecting user\n * @default false\n */\n useVersionDrawerCreatedAtCell?: boolean\n}\n\nexport type DocumentViewServerPropsOnly = {\n doc: Data\n hasPublishedDoc: boolean\n initPageResult: InitPageResult\n routeSegments: string[]\n versions?: RenderDocumentVersionsProperties\n} & ServerProps\n\nexport type DocumentViewServerProps = DocumentViewClientProps & DocumentViewServerPropsOnly\n\nexport type DocumentViewClientProps = {\n documentSubViewType: DocumentSubViewTypes\n formState: FormState\n viewType: ViewTypes\n} & DocumentSlots\n\n/**\n * @todo: This should be renamed to `DocumentSubViewType` (singular)\n */\nexport type DocumentSubViewTypes = 'api' | 'default' | 'version' | 'versions'\n\nexport type DocumentTabServerPropsOnly = {\n readonly apiURL?: string\n readonly collectionConfig?: SanitizedCollectionConfig\n readonly globalConfig?: SanitizedGlobalConfig\n readonly permissions: SanitizedPermissions\n} & ServerProps\n\nexport type DocumentTabClientProps = {\n path: string\n}\n\nexport type DocumentTabServerProps = DocumentTabClientProps & DocumentTabServerPropsOnly\n\nexport type DocumentTabCondition = (args: {\n collectionConfig: SanitizedCollectionConfig\n config: SanitizedConfig\n globalConfig: SanitizedGlobalConfig\n permissions: SanitizedPermissions\n}) => boolean\n\n// Everything is optional because we merge in the defaults\n// i.e. the config may override the `Default` view with a `label` but not an `href`\nexport type DocumentTabConfig = {\n readonly Component?: DocumentTabComponent\n readonly condition?: DocumentTabCondition\n readonly href?:\n | ((args: {\n apiURL: string\n collection: SanitizedCollectionConfig\n global: SanitizedGlobalConfig\n id?: string\n routes: SanitizedConfig['routes']\n }) => string)\n | string\n readonly isActive?: ((args: { href: string }) => boolean) | boolean\n readonly label?: ((args: { t: (key: string) => string }) => string) | string\n readonly newTab?: boolean\n /**\n * Sets the order to render the tab in the admin panel\n * Recommended to use increments of 100 (e.g. 0, 100, 200)\n */\n readonly order?: number\n readonly Pill?: PayloadComponent\n}\n\n/**\n * @todo: Remove this type as it's only used internally for the config (above)\n */\nexport type DocumentTabComponent = PayloadComponent<{\n path: string\n}>\n\n// BeforeDocumentControls\n\nexport type BeforeDocumentControlsClientProps = {}\nexport type BeforeDocumentControlsServerPropsOnly = {} & ServerProps\nexport type BeforeDocumentControlsServerProps = BeforeDocumentControlsClientProps &\n BeforeDocumentControlsServerPropsOnly\n"],"names":[],"mappings":"AAuGA,WACuC"}
1
+ {"version":3,"sources":["../../../src/admin/views/document.ts"],"sourcesContent":["import type { SanitizedPermissions } from '../../auth/types.js'\nimport type { SanitizedCollectionConfig } from '../../collections/config/types.js'\nimport type { PayloadComponent, SanitizedConfig, ServerProps } from '../../config/types.js'\nimport type { SanitizedGlobalConfig } from '../../globals/config/types.js'\nimport type { PayloadRequest } from '../../types/index.js'\nimport type { Data, DocumentSlots, FormState } from '../types.js'\nimport type { InitPageResult, ViewTypes } from './index.js'\n\nexport type EditViewProps = {\n readonly collectionSlug?: string\n readonly globalSlug?: string\n}\n/**\n * Properties specific to the versions view\n */\nexport type RenderDocumentVersionsProperties = {\n /**\n * @default false\n */\n disableGutter?: boolean\n /**\n * Use createdAt cell that appends params to the url on version selection instead of redirecting user\n * @default false\n */\n useVersionDrawerCreatedAtCell?: boolean\n}\n\nexport type DocumentViewServerPropsOnly = {\n doc: Data\n hasPublishedDoc: boolean\n initPageResult: InitPageResult\n routeSegments: string[]\n versions?: RenderDocumentVersionsProperties\n} & ServerProps\n\nexport type DocumentViewServerProps = DocumentViewClientProps & DocumentViewServerPropsOnly\n\nexport type DocumentViewClientProps = {\n documentSubViewType: DocumentSubViewTypes\n formState: FormState\n viewType: ViewTypes\n} & DocumentSlots\n\n/**\n * @todo: This should be renamed to `DocumentSubViewType` (singular)\n */\nexport type DocumentSubViewTypes = 'api' | 'default' | 'version' | 'versions'\n\nexport type DocumentTabServerPropsOnly = {\n readonly apiURL?: string\n readonly collectionConfig?: SanitizedCollectionConfig\n readonly globalConfig?: SanitizedGlobalConfig\n readonly permissions: SanitizedPermissions\n readonly req: PayloadRequest\n} & ServerProps\n\nexport type DocumentTabClientProps = {\n path: string\n}\n\nexport type DocumentTabServerProps = DocumentTabClientProps & DocumentTabServerPropsOnly\n\nexport type DocumentTabCondition = (args: {\n collectionConfig: SanitizedCollectionConfig\n /**\n * @deprecated: Use `req.payload.config` instead. This will be removed in v4.\n */\n config: SanitizedConfig\n globalConfig: SanitizedGlobalConfig\n permissions: SanitizedPermissions\n req: PayloadRequest\n}) => boolean\n\n// Everything is optional because we merge in the defaults\n// i.e. the config may override the `Default` view with a `label` but not an `href`\nexport type DocumentTabConfig = {\n readonly Component?: DocumentTabComponent\n readonly condition?: DocumentTabCondition\n readonly href?:\n | ((args: {\n apiURL: string\n collection: SanitizedCollectionConfig\n global: SanitizedGlobalConfig\n id?: string\n routes: SanitizedConfig['routes']\n }) => string)\n | string\n readonly isActive?: ((args: { href: string }) => boolean) | boolean\n readonly label?: ((args: { t: (key: string) => string }) => string) | string\n readonly newTab?: boolean\n /**\n * Sets the order to render the tab in the admin panel\n * Recommended to use increments of 100 (e.g. 0, 100, 200)\n */\n readonly order?: number\n readonly Pill?: PayloadComponent\n}\n\n/**\n * @todo: Remove this type as it's only used internally for the config (above)\n */\nexport type DocumentTabComponent = PayloadComponent<{\n path: string\n}>\n\n// BeforeDocumentControls\n\nexport type BeforeDocumentControlsClientProps = {}\nexport type BeforeDocumentControlsServerPropsOnly = {} & ServerProps\nexport type BeforeDocumentControlsServerProps = BeforeDocumentControlsClientProps &\n BeforeDocumentControlsServerPropsOnly\n"],"names":[],"mappings":"AA6GA,WACuC"}
package/dist/auth/isUserLocked.d.ts CHANGED
@@ -1,2 +1,2 @@
1
- export declare const isUserLocked: (date: number) => boolean;
1
+ export declare const isUserLocked: (date: Date) => boolean;
2
2
  //# sourceMappingURL=isUserLocked.d.ts.map
package/dist/auth/isUserLocked.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"isUserLocked.d.ts","sourceRoot":"","sources":["../../src/auth/isUserLocked.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,YAAY,SAAU,MAAM,KAAG,OAK3C,CAAA"}
1
+ {"version":3,"file":"isUserLocked.d.ts","sourceRoot":"","sources":["../../src/auth/isUserLocked.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,YAAY,SAAU,IAAI,KAAG,OAKzC,CAAA"}
package/dist/auth/isUserLocked.js CHANGED
@@ -2,7 +2,7 @@ export const isUserLocked = (date)=>{
2
2
  if (!date) {
3
3
  return false;
4
4
  }
5
- return date > Date.now();
5
+ return date.getTime() > Date.now();
6
6
  };
7
7
 
8
8
  //# sourceMappingURL=isUserLocked.js.map
package/dist/auth/isUserLocked.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/auth/isUserLocked.ts"],"sourcesContent":["export const isUserLocked = (date: number): boolean => {\n if (!date) {\n return false\n }\n return date > Date.now()\n}\n"],"names":["isUserLocked","date","Date","now"],"mappings":"AAAA,OAAO,MAAMA,eAAe,CAACC;IAC3B,IAAI,CAACA,MAAM;QACT,OAAO;IACT;IACA,OAAOA,OAAOC,KAAKC,GAAG;AACxB,EAAC"}
1
+ {"version":3,"sources":["../../src/auth/isUserLocked.ts"],"sourcesContent":["export const isUserLocked = (date: Date): boolean => {\n if (!date) {\n return false\n }\n return date.getTime() > Date.now()\n}\n"],"names":["isUserLocked","date","getTime","Date","now"],"mappings":"AAAA,OAAO,MAAMA,eAAe,CAACC;IAC3B,IAAI,CAACA,MAAM;QACT,OAAO;IACT;IACA,OAAOA,KAAKC,OAAO,KAAKC,KAAKC,GAAG;AAClC,EAAC"}
package/dist/auth/operations/login.d.ts CHANGED
@@ -19,6 +19,11 @@ type CheckLoginPermissionArgs = {
19
19
  req: PayloadRequest;
20
20
  user: any;
21
21
  };
22
+ /**
23
+ * Throws an error if the user is locked or does not exist.
24
+ * This does not check the login attempts, only the lock status. Whoever increments login attempts
25
+ * is responsible for locking the user properly, not whoever checks the login permission.
26
+ */
22
27
  export declare const checkLoginPermission: ({ loggingInWithUsername, req, user, }: CheckLoginPermissionArgs) => void;
23
28
  export declare const loginOperation: <TSlug extends CollectionSlug>(incomingArgs: Arguments<TSlug>) => Promise<{
24
29
  user: DataFromCollectionSlug<TSlug>;
package/dist/auth/operations/login.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"login.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/login.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,gCAAgC,EAChC,UAAU,EACV,sBAAsB,EACvB,MAAM,mCAAmC,CAAA;AAC1C,OAAO,KAAK,EAAE,cAAc,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAA;AAC/D,OAAO,KAAK,EAAE,cAAc,EAAS,MAAM,sBAAsB,CAAA;AAuBjE,MAAM,MAAM,MAAM,GAAG;IACnB,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,IAAI,CAAC,EAAE,SAAS,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,SAAS,CAAC,KAAK,SAAS,cAAc,IAAI;IACpD,UAAU,EAAE,UAAU,CAAA;IACtB,IAAI,EAAE,gCAAgC,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,CAAA;IACtD,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,GAAG,EAAE,cAAc,CAAA;IACnB,gBAAgB,CAAC,EAAE,OAAO,CAAA;CAC3B,CAAA;AAED,KAAK,wBAAwB,GAAG;IAC9B,qBAAqB,CAAC,EAAE,OAAO,CAAA;IAC/B,GAAG,EAAE,cAAc,CAAA;IACnB,IAAI,EAAE,GAAG,CAAA;CACV,CAAA;AAED,eAAO,MAAM,oBAAoB,0CAI9B,wBAAwB,SAQ1B,CAAA;AAED,eAAO,MAAM,cAAc,GAAU,KAAK,SAAS,cAAc,gBACjD,SAAS,CAAC,KAAK,CAAC,KAC7B,OAAO,CAAC;IAAE,IAAI,EAAE,sBAAsB,CAAC,KAAK,CAAC,CAAA;CAAE,GAAG,MAAM,CAsU1D,CAAA"}
1
+ {"version":3,"file":"login.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/login.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,gCAAgC,EAChC,UAAU,EACV,sBAAsB,EACvB,MAAM,mCAAmC,CAAA;AAC1C,OAAO,KAAK,EAAE,cAAc,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAA;AAC/D,OAAO,KAAK,EAAE,cAAc,EAAS,MAAM,sBAAsB,CAAA;AAuBjE,MAAM,MAAM,MAAM,GAAG;IACnB,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,IAAI,CAAC,EAAE,SAAS,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,SAAS,CAAC,KAAK,SAAS,cAAc,IAAI;IACpD,UAAU,EAAE,UAAU,CAAA;IACtB,IAAI,EAAE,gCAAgC,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,CAAA;IACtD,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,GAAG,EAAE,cAAc,CAAA;IACnB,gBAAgB,CAAC,EAAE,OAAO,CAAA;CAC3B,CAAA;AAED,KAAK,wBAAwB,GAAG;IAC9B,qBAAqB,CAAC,EAAE,OAAO,CAAA;IAC/B,GAAG,EAAE,cAAc,CAAA;IACnB,IAAI,EAAE,GAAG,CAAA;CACV,CAAA;AAED;;;;GAIG;AACH,eAAO,MAAM,oBAAoB,0CAI9B,wBAAwB,SAQ1B,CAAA;AAED,eAAO,MAAM,cAAc,GAAU,KAAK,SAAS,cAAc,gBACjD,SAAS,CAAC,KAAK,CAAC,KAC7B,OAAO,CAAC;IAAE,IAAI,EAAE,sBAAsB,CAAC,KAAK,CAAC,CAAA;CAAE,GAAG,MAAM,CAqW1D,CAAA"}
package/dist/auth/operations/login.js CHANGED
@@ -14,11 +14,15 @@ import { removeExpiredSessions } from '../removeExpiredSessions.js';
14
14
  import { authenticateLocalStrategy } from '../strategies/local/authenticate.js';
15
15
  import { incrementLoginAttempts } from '../strategies/local/incrementLoginAttempts.js';
16
16
  import { resetLoginAttempts } from '../strategies/local/resetLoginAttempts.js';
17
- export const checkLoginPermission = ({ loggingInWithUsername, req, user })=>{
17
+ /**
18
+ * Throws an error if the user is locked or does not exist.
19
+ * This does not check the login attempts, only the lock status. Whoever increments login attempts
20
+ * is responsible for locking the user properly, not whoever checks the login permission.
21
+ */ export const checkLoginPermission = ({ loggingInWithUsername, req, user })=>{
18
22
  if (!user) {
19
23
  throw new AuthenticationError(req.t, Boolean(loggingInWithUsername));
20
24
  }
21
- if (isUserLocked(new Date(user.lockUntil).getTime())) {
25
+ if (isUserLocked(new Date(user.lockUntil))) {
22
26
  throw new LockedAuth(req.t);
23
27
  }
24
28
  };
@@ -171,9 +175,15 @@ export const loginOperation = async (incomingArgs)=>{
171
175
  if (maxLoginAttemptsEnabled) {
172
176
  await incrementLoginAttempts({
173
177
  collection: collectionConfig,
174
- doc: user,
175
178
  payload: req.payload,
176
- req
179
+ req,
180
+ user
181
+ });
182
+ // Re-check login permissions and max attempts after incrementing attempts, in case parallel updates occurred
183
+ checkLoginPermission({
184
+ loggingInWithUsername: Boolean(canLoginWithUsername && sanitizedUsername),
185
+ req,
186
+ user
177
187
  });
178
188
  }
179
189
  throw new AuthenticationError(req.t);
@@ -183,6 +193,30 @@ export const loginOperation = async (incomingArgs)=>{
183
193
  t: req.t
184
194
  });
185
195
  }
196
+ /*
197
+ * Correct password accepted - re‑check that the account didn't
198
+ * get locked by parallel bad attempts in the meantime.
199
+ */ if (maxLoginAttemptsEnabled) {
200
+ const { lockUntil, loginAttempts } = await payload.db.findOne({
201
+ collection: collectionConfig.slug,
202
+ req,
203
+ select: {
204
+ lockUntil: true,
205
+ loginAttempts: true
206
+ },
207
+ where: {
208
+ id: {
209
+ equals: user.id
210
+ }
211
+ }
212
+ });
213
+ user.lockUntil = lockUntil;
214
+ user.loginAttempts = loginAttempts;
215
+ checkLoginPermission({
216
+ req,
217
+ user
218
+ });
219
+ }
186
220
  const fieldsToSignArgs = {
187
221
  collectionConfig,
188
222
  email: sanitizedEmail,
package/dist/auth/operations/login.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../src/auth/operations/login.ts"],"sourcesContent":["import { v4 as uuid } from 'uuid'\n\nimport type {\n AuthOperationsFromCollectionSlug,\n Collection,\n DataFromCollectionSlug,\n} from '../../collections/config/types.js'\nimport type { CollectionSlug, TypedUser } from '../../index.js'\nimport type { PayloadRequest, Where } from '../../types/index.js'\n\nimport { buildAfterOperation } from '../../collections/operations/utils.js'\nimport {\n AuthenticationError,\n LockedAuth,\n UnverifiedEmail,\n ValidationError,\n} from '../../errors/index.js'\nimport { afterRead } from '../../fields/hooks/afterRead/index.js'\nimport { Forbidden } from '../../index.js'\nimport { appendNonTrashedFilter } from '../../utilities/appendNonTrashedFilter.js'\nimport { killTransaction } from '../../utilities/killTransaction.js'\nimport { sanitizeInternalFields } from '../../utilities/sanitizeInternalFields.js'\nimport { getFieldsToSign } from '../getFieldsToSign.js'\nimport { getLoginOptions } from '../getLoginOptions.js'\nimport { isUserLocked } from '../isUserLocked.js'\nimport { jwtSign } from '../jwt.js'\nimport { removeExpiredSessions } from '../removeExpiredSessions.js'\nimport { authenticateLocalStrategy } from '../strategies/local/authenticate.js'\nimport { incrementLoginAttempts } from '../strategies/local/incrementLoginAttempts.js'\nimport { resetLoginAttempts } from '../strategies/local/resetLoginAttempts.js'\n\nexport type Result = {\n exp?: number\n token?: string\n user?: TypedUser\n}\n\nexport type Arguments<TSlug extends CollectionSlug> = {\n collection: Collection\n data: AuthOperationsFromCollectionSlug<TSlug>['login']\n depth?: number\n overrideAccess?: boolean\n req: PayloadRequest\n showHiddenFields?: boolean\n}\n\ntype CheckLoginPermissionArgs = {\n loggingInWithUsername?: boolean\n req: PayloadRequest\n user: any\n}\n\nexport const checkLoginPermission = ({\n loggingInWithUsername,\n req,\n user,\n}: CheckLoginPermissionArgs) => {\n if (!user) {\n throw new AuthenticationError(req.t, Boolean(loggingInWithUsername))\n }\n\n if (isUserLocked(new Date(user.lockUntil).getTime())) {\n throw new LockedAuth(req.t)\n }\n}\n\nexport const loginOperation = async <TSlug extends CollectionSlug>(\n incomingArgs: Arguments<TSlug>,\n): Promise<{ user: DataFromCollectionSlug<TSlug> } & Result> => {\n let args = incomingArgs\n\n if (args.collection.config.auth.disableLocalStrategy) {\n throw new Forbidden(args.req.t)\n }\n\n try {\n // /////////////////////////////////////\n // beforeOperation - Collection\n // /////////////////////////////////////\n\n if (args.collection.config.hooks?.beforeOperation?.length) {\n for (const hook of args.collection.config.hooks.beforeOperation) {\n args =\n (await hook({\n args,\n collection: args.collection?.config,\n context: args.req.context,\n operation: 'login',\n req: args.req,\n })) || args\n }\n }\n\n const {\n collection: { config: collectionConfig },\n data,\n depth,\n overrideAccess,\n req,\n req: {\n fallbackLocale,\n locale,\n payload,\n payload: { secret },\n },\n showHiddenFields,\n } = args\n\n // /////////////////////////////////////\n // Login\n // /////////////////////////////////////\n\n const { email: unsanitizedEmail, password } = data\n const loginWithUsername = collectionConfig.auth.loginWithUsername\n\n const sanitizedEmail =\n typeof unsanitizedEmail === 'string' ? unsanitizedEmail.toLowerCase().trim() : null\n const sanitizedUsername =\n 'username' in data && typeof data?.username === 'string'\n ? data.username.toLowerCase().trim()\n : null\n\n const { canLoginWithEmail, canLoginWithUsername } = getLoginOptions(loginWithUsername)\n\n // cannot login with email, did not provide username\n if (!canLoginWithEmail && !sanitizedUsername) {\n throw new ValidationError({\n collection: collectionConfig.slug,\n errors: [{ message: req.i18n.t('validation:required'), path: 'username' }],\n })\n }\n\n // cannot login with username, did not provide email\n if (!canLoginWithUsername && !sanitizedEmail) {\n throw new ValidationError({\n collection: collectionConfig.slug,\n errors: [{ message: req.i18n.t('validation:required'), path: 'email' }],\n })\n }\n\n // can login with either email or username, did not provide either\n if (!sanitizedUsername && !sanitizedEmail) {\n throw new ValidationError({\n collection: collectionConfig.slug,\n errors: [\n { message: req.i18n.t('validation:required'), path: 'email' },\n { message: req.i18n.t('validation:required'), path: 'username' },\n ],\n })\n }\n\n // did not provide password for login\n if (typeof password !== 'string' || password.trim() === '') {\n throw new ValidationError({\n collection: collectionConfig.slug,\n errors: [{ message: req.i18n.t('validation:required'), path: 'password' }],\n })\n }\n\n let whereConstraint: Where = {}\n const emailConstraint: Where = {\n email: {\n equals: sanitizedEmail,\n },\n }\n const usernameConstraint: Where = {\n username: {\n equals: sanitizedUsername,\n },\n }\n\n if (canLoginWithEmail && canLoginWithUsername && (sanitizedUsername || sanitizedEmail)) {\n if (sanitizedUsername) {\n whereConstraint = {\n or: [\n usernameConstraint,\n {\n email: {\n equals: sanitizedUsername,\n },\n },\n ],\n }\n } else {\n whereConstraint = {\n or: [\n emailConstraint,\n {\n username: {\n equals: sanitizedEmail,\n },\n },\n ],\n }\n }\n } else if (canLoginWithEmail && sanitizedEmail) {\n whereConstraint = emailConstraint\n } else if (canLoginWithUsername && sanitizedUsername) {\n whereConstraint = usernameConstraint\n }\n\n // Exclude trashed users\n whereConstraint = appendNonTrashedFilter({\n enableTrash: collectionConfig.trash,\n trash: false,\n where: whereConstraint,\n })\n\n let user = await payload.db.findOne<any>({\n collection: collectionConfig.slug,\n req,\n where: whereConstraint,\n })\n\n checkLoginPermission({\n loggingInWithUsername: Boolean(canLoginWithUsername && sanitizedUsername),\n req,\n user,\n })\n\n user.collection = collectionConfig.slug\n user._strategy = 'local-jwt'\n\n const authResult = await authenticateLocalStrategy({ doc: user, password })\n user = sanitizeInternalFields(user)\n\n const maxLoginAttemptsEnabled = args.collection.config.auth.maxLoginAttempts > 0\n\n if (!authResult) {\n if (maxLoginAttemptsEnabled) {\n await incrementLoginAttempts({\n collection: collectionConfig,\n doc: user,\n payload: req.payload,\n req,\n })\n }\n\n throw new AuthenticationError(req.t)\n }\n\n if (collectionConfig.auth.verify && user._verified === false) {\n throw new UnverifiedEmail({ t: req.t })\n }\n\n const fieldsToSignArgs: Parameters<typeof getFieldsToSign>[0] = {\n collectionConfig,\n email: sanitizedEmail!,\n user,\n }\n\n if (collectionConfig.auth.useSessions) {\n // Add session to user\n const newSessionID = uuid()\n const now = new Date()\n const tokenExpInMs = collectionConfig.auth.tokenExpiration * 1000\n const expiresAt = new Date(now.getTime() + tokenExpInMs)\n\n const session = { id: newSessionID, createdAt: now, expiresAt }\n\n if (!user.sessions?.length) {\n user.sessions = [session]\n } else {\n user.sessions = removeExpiredSessions(user.sessions)\n user.sessions.push(session)\n }\n\n await payload.db.updateOne({\n id: user.id,\n collection: collectionConfig.slug,\n data: user,\n req,\n returning: false,\n })\n\n user.collection = collectionConfig.slug\n user._strategy = 'local-jwt'\n\n fieldsToSignArgs.sid = newSessionID\n }\n\n const fieldsToSign = getFieldsToSign(fieldsToSignArgs)\n\n if (maxLoginAttemptsEnabled) {\n await resetLoginAttempts({\n collection: collectionConfig,\n doc: user,\n payload: req.payload,\n req,\n })\n }\n\n // /////////////////////////////////////\n // beforeLogin - Collection\n // /////////////////////////////////////\n\n if (collectionConfig.hooks?.beforeLogin?.length) {\n for (const hook of collectionConfig.hooks.beforeLogin) {\n user =\n (await hook({\n collection: args.collection?.config,\n context: args.req.context,\n req: args.req,\n user,\n })) || user\n }\n }\n\n const { exp, token } = await jwtSign({\n fieldsToSign,\n secret,\n tokenExpiration: collectionConfig.auth.tokenExpiration,\n })\n\n req.user = user\n\n // /////////////////////////////////////\n // afterLogin - Collection\n // /////////////////////////////////////\n\n if (collectionConfig.hooks?.afterLogin?.length) {\n for (const hook of collectionConfig.hooks.afterLogin) {\n user =\n (await hook({\n collection: args.collection?.config,\n context: args.req.context,\n req: args.req,\n token,\n user,\n })) || user\n }\n }\n\n // /////////////////////////////////////\n // afterRead - Fields\n // /////////////////////////////////////\n\n user = await afterRead({\n collection: collectionConfig,\n context: req.context,\n depth: depth!,\n doc: user,\n // @ts-expect-error - vestiges of when tsconfig was not strict. Feel free to improve\n draft: undefined,\n fallbackLocale: fallbackLocale!,\n global: null,\n locale: locale!,\n overrideAccess: overrideAccess!,\n req,\n showHiddenFields: showHiddenFields!,\n })\n\n // /////////////////////////////////////\n // afterRead - Collection\n // /////////////////////////////////////\n\n if (collectionConfig.hooks?.afterRead?.length) {\n for (const hook of collectionConfig.hooks.afterRead) {\n user =\n (await hook({\n collection: args.collection?.config,\n context: req.context,\n doc: user,\n req,\n })) || user\n }\n }\n\n let result: { user: DataFromCollectionSlug<TSlug> } & Result = {\n exp,\n token,\n user,\n }\n\n // /////////////////////////////////////\n // afterOperation - Collection\n // /////////////////////////////////////\n\n result = await buildAfterOperation({\n args,\n collection: args.collection?.config,\n operation: 'login',\n result,\n })\n\n // /////////////////////////////////////\n // Return results\n // /////////////////////////////////////\n\n return result\n } catch (error: unknown) {\n await killTransaction(args.req)\n throw error\n }\n}\n"],"names":["v4","uuid","buildAfterOperation","AuthenticationError","LockedAuth","UnverifiedEmail","ValidationError","afterRead","Forbidden","appendNonTrashedFilter","killTransaction","sanitizeInternalFields","getFieldsToSign","getLoginOptions","isUserLocked","jwtSign","removeExpiredSessions","authenticateLocalStrategy","incrementLoginAttempts","resetLoginAttempts","checkLoginPermission","loggingInWithUsername","req","user","t","Boolean","Date","lockUntil","getTime","loginOperation","incomingArgs","args","collection","config","auth","disableLocalStrategy","hooks","beforeOperation","length","hook","context","operation","collectionConfig","data","depth","overrideAccess","fallbackLocale","locale","payload","secret","showHiddenFields","email","unsanitizedEmail","password","loginWithUsername","sanitizedEmail","toLowerCase","trim","sanitizedUsername","username","canLoginWithEmail","canLoginWithUsername","slug","errors","message","i18n","path","whereConstraint","emailConstraint","equals","usernameConstraint","or","enableTrash","trash","where","db","findOne","_strategy","authResult","doc","maxLoginAttemptsEnabled","maxLoginAttempts","verify","_verified","fieldsToSignArgs","useSessions","newSessionID","now","tokenExpInMs","tokenExpiration","expiresAt","session","id","createdAt","sessions","push","updateOne","returning","sid","fieldsToSign","beforeLogin","exp","token","afterLogin","draft","undefined","global","result","error"],"mappings":"AAAA,SAASA,MAAMC,IAAI,QAAQ,OAAM;AAUjC,SAASC,mBAAmB,QAAQ,wCAAuC;AAC3E,SACEC,mBAAmB,EACnBC,UAAU,EACVC,eAAe,EACfC,eAAe,QACV,wBAAuB;AAC9B,SAASC,SAAS,QAAQ,wCAAuC;AACjE,SAASC,SAAS,QAAQ,iBAAgB;AAC1C,SAASC,sBAAsB,QAAQ,4CAA2C;AAClF,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,sBAAsB,QAAQ,4CAA2C;AAClF,SAASC,eAAe,QAAQ,wBAAuB;AACvD,SAASC,eAAe,QAAQ,wBAAuB;AACvD,SAASC,YAAY,QAAQ,qBAAoB;AACjD,SAASC,OAAO,QAAQ,YAAW;AACnC,SAASC,qBAAqB,QAAQ,8BAA6B;AACnE,SAASC,yBAAyB,QAAQ,sCAAqC;AAC/E,SAASC,sBAAsB,QAAQ,gDAA+C;AACtF,SAASC,kBAAkB,QAAQ,4CAA2C;AAuB9E,OAAO,MAAMC,uBAAuB,CAAC,EACnCC,qBAAqB,EACrBC,GAAG,EACHC,IAAI,EACqB;IACzB,IAAI,CAACA,MAAM;QACT,MAAM,IAAIpB,oBAAoBmB,IAAIE,CAAC,EAAEC,QAAQJ;IAC/C;IAEA,IAAIP,aAAa,IAAIY,KAAKH,KAAKI,SAAS,EAAEC,OAAO,KAAK;QACpD,MAAM,IAAIxB,WAAWkB,IAAIE,CAAC;IAC5B;AACF,EAAC;AAED,OAAO,MAAMK,iBAAiB,OAC5BC;IAEA,IAAIC,OAAOD;IAEX,IAAIC,KAAKC,UAAU,CAACC,MAAM,CAACC,IAAI,CAACC,oBAAoB,EAAE;QACpD,MAAM,IAAI3B,UAAUuB,KAAKT,GAAG,CAACE,CAAC;IAChC;IAEA,IAAI;QACF,wCAAwC;QACxC,+BAA+B;QAC/B,wCAAwC;QAExC,IAAIO,KAAKC,UAAU,CAACC,MAAM,CAACG,KAAK,EAAEC,iBAAiBC,QAAQ;YACzD,KAAK,MAAMC,QAAQR,KAAKC,UAAU,CAACC,MAAM,CAACG,KAAK,CAACC,eAAe,CAAE;gBAC/DN,OACE,AAAC,MAAMQ,KAAK;oBACVR;oBACAC,YAAYD,KAAKC,UAAU,EAAEC;oBAC7BO,SAAST,KAAKT,GAAG,CAACkB,OAAO;oBACzBC,WAAW;oBACXnB,KAAKS,KAAKT,GAAG;gBACf,MAAOS;YACX;QACF;QAEA,MAAM,EACJC,YAAY,EAAEC,QAAQS,gBAAgB,EAAE,EACxCC,IAAI,EACJC,KAAK,EACLC,cAAc,EACdvB,GAAG,EACHA,KAAK,EACHwB,cAAc,EACdC,MAAM,EACNC,OAAO,EACPA,SAAS,EAAEC,MAAM,EAAE,EACpB,EACDC,gBAAgB,EACjB,GAAGnB;QAEJ,wCAAwC;QACxC,QAAQ;QACR,wCAAwC;QAExC,MAAM,EAAEoB,OAAOC,gBAAgB,EAAEC,QAAQ,EAAE,GAAGV;QAC9C,MAAMW,oBAAoBZ,iBAAiBR,IAAI,CAACoB,iBAAiB;QAEjE,MAAMC,iBACJ,OAAOH,qBAAqB,WAAWA,iBAAiBI,WAAW,GAAGC,IAAI,KAAK;QACjF,MAAMC,oBACJ,cAAcf,QAAQ,OAAOA,MAAMgB,aAAa,WAC5ChB,KAAKgB,QAAQ,CAACH,WAAW,GAAGC,IAAI,KAChC;QAEN,MAAM,EAAEG,iBAAiB,EAAEC,oBAAoB,EAAE,GAAGhD,gBAAgByC;QAEpE,oDAAoD;QACpD,IAAI,CAACM,qBAAqB,CAACF,mBAAmB;YAC5C,MAAM,IAAIpD,gBAAgB;gBACxB0B,YAAYU,iBAAiBoB,IAAI;gBACjCC,QAAQ;oBAAC;wBAAEC,SAAS1C,IAAI2C,IAAI,CAACzC,CAAC,CAAC;wBAAwB0C,MAAM;oBAAW;iBAAE;YAC5E;QACF;QAEA,oDAAoD;QACpD,IAAI,CAACL,wBAAwB,CAACN,gBAAgB;YAC5C,MAAM,IAAIjD,gBAAgB;gBACxB0B,YAAYU,iBAAiBoB,IAAI;gBACjCC,QAAQ;oBAAC;wBAAEC,SAAS1C,IAAI2C,IAAI,CAACzC,CAAC,CAAC;wBAAwB0C,MAAM;oBAAQ;iBAAE;YACzE;QACF;QAEA,kEAAkE;QAClE,IAAI,CAACR,qBAAqB,CAACH,gBAAgB;YACzC,MAAM,IAAIjD,gBAAgB;gBACxB0B,YAAYU,iBAAiBoB,IAAI;gBACjCC,QAAQ;oBACN;wBAAEC,SAAS1C,IAAI2C,IAAI,CAACzC,CAAC,CAAC;wBAAwB0C,MAAM;oBAAQ;oBAC5D;wBAAEF,SAAS1C,IAAI2C,IAAI,CAACzC,CAAC,CAAC;wBAAwB0C,MAAM;oBAAW;iBAChE;YACH;QACF;QAEA,qCAAqC;QACrC,IAAI,OAAOb,aAAa,YAAYA,SAASI,IAAI,OAAO,IAAI;YAC1D,MAAM,IAAInD,gBAAgB;gBACxB0B,YAAYU,iBAAiBoB,IAAI;gBACjCC,QAAQ;oBAAC;wBAAEC,SAAS1C,IAAI2C,IAAI,CAACzC,CAAC,CAAC;wBAAwB0C,MAAM;oBAAW;iBAAE;YAC5E;QACF;QAEA,IAAIC,kBAAyB,CAAC;QAC9B,MAAMC,kBAAyB;YAC7BjB,OAAO;gBACLkB,QAAQd;YACV;QACF;QACA,MAAMe,qBAA4B;YAChCX,UAAU;gBACRU,QAAQX;YACV;QACF;QAEA,IAAIE,qBAAqBC,wBAAyBH,CAAAA,qBAAqBH,cAAa,GAAI;YACtF,IAAIG,mBAAmB;gBACrBS,kBAAkB;oBAChBI,IAAI;wBACFD;wBACA;4BACEnB,OAAO;gCACLkB,QAAQX;4BACV;wBACF;qBACD;gBACH;YACF,OAAO;gBACLS,kBAAkB;oBAChBI,IAAI;wBACFH;wBACA;4BACET,UAAU;gCACRU,QAAQd;4BACV;wBACF;qBACD;gBACH;YACF;QACF,OAAO,IAAIK,qBAAqBL,gBAAgB;YAC9CY,kBAAkBC;QACpB,OAAO,IAAIP,wBAAwBH,mBAAmB;YACpDS,kBAAkBG;QACpB;QAEA,wBAAwB;QACxBH,kBAAkB1D,uBAAuB;YACvC+D,aAAa9B,iBAAiB+B,KAAK;YACnCA,OAAO;YACPC,OAAOP;QACT;QAEA,IAAI5C,OAAO,MAAMyB,QAAQ2B,EAAE,CAACC,OAAO,CAAM;YACvC5C,YAAYU,iBAAiBoB,IAAI;YACjCxC;YACAoD,OAAOP;QACT;QAEA/C,qBAAqB;YACnBC,uBAAuBI,QAAQoC,wBAAwBH;YACvDpC;YACAC;QACF;QAEAA,KAAKS,UAAU,GAAGU,iBAAiBoB,IAAI;QACvCvC,KAAKsD,SAAS,GAAG;QAEjB,MAAMC,aAAa,MAAM7D,0BAA0B;YAAE8D,KAAKxD;YAAM8B;QAAS;QACzE9B,OAAOZ,uBAAuBY;QAE9B,MAAMyD,0BAA0BjD,KAAKC,UAAU,CAACC,MAAM,CAACC,IAAI,CAAC+C,gBAAgB,GAAG;QAE/E,IAAI,CAACH,YAAY;YACf,IAAIE,yBAAyB;gBAC3B,MAAM9D,uBAAuB;oBAC3Bc,YAAYU;oBACZqC,KAAKxD;oBACLyB,SAAS1B,IAAI0B,OAAO;oBACpB1B;gBACF;YACF;YAEA,MAAM,IAAInB,oBAAoBmB,IAAIE,CAAC;QACrC;QAEA,IAAIkB,iBAAiBR,IAAI,CAACgD,MAAM,IAAI3D,KAAK4D,SAAS,KAAK,OAAO;YAC5D,MAAM,IAAI9E,gBAAgB;gBAAEmB,GAAGF,IAAIE,CAAC;YAAC;QACvC;QAEA,MAAM4D,mBAA0D;YAC9D1C;YACAS,OAAOI;YACPhC;QACF;QAEA,IAAImB,iBAAiBR,IAAI,CAACmD,WAAW,EAAE;YACrC,sBAAsB;YACtB,MAAMC,eAAerF;YACrB,MAAMsF,MAAM,IAAI7D;YAChB,MAAM8D,eAAe9C,iBAAiBR,IAAI,CAACuD,eAAe,GAAG;YAC7D,MAAMC,YAAY,IAAIhE,KAAK6D,IAAI3D,OAAO,KAAK4D;YAE3C,MAAMG,UAAU;gBAAEC,IAAIN;gBAAcO,WAAWN;gBAAKG;YAAU;YAE9D,IAAI,CAACnE,KAAKuE,QAAQ,EAAExD,QAAQ;gBAC1Bf,KAAKuE,QAAQ,GAAG;oBAACH;iBAAQ;YAC3B,OAAO;gBACLpE,KAAKuE,QAAQ,GAAG9E,sBAAsBO,KAAKuE,QAAQ;gBACnDvE,KAAKuE,QAAQ,CAACC,IAAI,CAACJ;YACrB;YAEA,MAAM3C,QAAQ2B,EAAE,CAACqB,SAAS,CAAC;gBACzBJ,IAAIrE,KAAKqE,EAAE;gBACX5D,YAAYU,iBAAiBoB,IAAI;gBACjCnB,MAAMpB;gBACND;gBACA2E,WAAW;YACb;YAEA1E,KAAKS,UAAU,GAAGU,iBAAiBoB,IAAI;YACvCvC,KAAKsD,SAAS,GAAG;YAEjBO,iBAAiBc,GAAG,GAAGZ;QACzB;QAEA,MAAMa,eAAevF,gBAAgBwE;QAErC,IAAIJ,yBAAyB;YAC3B,MAAM7D,mBAAmB;gBACvBa,YAAYU;gBACZqC,KAAKxD;gBACLyB,SAAS1B,IAAI0B,OAAO;gBACpB1B;YACF;QACF;QAEA,wCAAwC;QACxC,2BAA2B;QAC3B,wCAAwC;QAExC,IAAIoB,iBAAiBN,KAAK,EAAEgE,aAAa9D,QAAQ;YAC/C,KAAK,MAAMC,QAAQG,iBAAiBN,KAAK,CAACgE,WAAW,CAAE;gBACrD7E,OACE,AAAC,MAAMgB,KAAK;oBACVP,YAAYD,KAAKC,UAAU,EAAEC;oBAC7BO,SAAST,KAAKT,GAAG,CAACkB,OAAO;oBACzBlB,KAAKS,KAAKT,GAAG;oBACbC;gBACF,MAAOA;YACX;QACF;QAEA,MAAM,EAAE8E,GAAG,EAAEC,KAAK,EAAE,GAAG,MAAMvF,QAAQ;YACnCoF;YACAlD;YACAwC,iBAAiB/C,iBAAiBR,IAAI,CAACuD,eAAe;QACxD;QAEAnE,IAAIC,IAAI,GAAGA;QAEX,wCAAwC;QACxC,0BAA0B;QAC1B,wCAAwC;QAExC,IAAImB,iBAAiBN,KAAK,EAAEmE,YAAYjE,QAAQ;YAC9C,KAAK,MAAMC,QAAQG,iBAAiBN,KAAK,CAACmE,UAAU,CAAE;gBACpDhF,OACE,AAAC,MAAMgB,KAAK;oBACVP,YAAYD,KAAKC,UAAU,EAAEC;oBAC7BO,SAAST,KAAKT,GAAG,CAACkB,OAAO;oBACzBlB,KAAKS,KAAKT,GAAG;oBACbgF;oBACA/E;gBACF,MAAOA;YACX;QACF;QAEA,wCAAwC;QACxC,qBAAqB;QACrB,wCAAwC;QAExCA,OAAO,MAAMhB,UAAU;YACrByB,YAAYU;YACZF,SAASlB,IAAIkB,OAAO;YACpBI,OAAOA;YACPmC,KAAKxD;YACL,oFAAoF;YACpFiF,OAAOC;YACP3D,gBAAgBA;YAChB4D,QAAQ;YACR3D,QAAQA;YACRF,gBAAgBA;YAChBvB;YACA4B,kBAAkBA;QACpB;QAEA,wCAAwC;QACxC,yBAAyB;QACzB,wCAAwC;QAExC,IAAIR,iBAAiBN,KAAK,EAAE7B,WAAW+B,QAAQ;YAC7C,KAAK,MAAMC,QAAQG,iBAAiBN,KAAK,CAAC7B,SAAS,CAAE;gBACnDgB,OACE,AAAC,MAAMgB,KAAK;oBACVP,YAAYD,KAAKC,UAAU,EAAEC;oBAC7BO,SAASlB,IAAIkB,OAAO;oBACpBuC,KAAKxD;oBACLD;gBACF,MAAOC;YACX;QACF;QAEA,IAAIoF,SAA2D;YAC7DN;YACAC;YACA/E;QACF;QAEA,wCAAwC;QACxC,8BAA8B;QAC9B,wCAAwC;QAExCoF,SAAS,MAAMzG,oBAAoB;YACjC6B;YACAC,YAAYD,KAAKC,UAAU,EAAEC;YAC7BQ,WAAW;YACXkE;QACF;QAEA,wCAAwC;QACxC,iBAAiB;QACjB,wCAAwC;QAExC,OAAOA;IACT,EAAE,OAAOC,OAAgB;QACvB,MAAMlG,gBAAgBqB,KAAKT,GAAG;QAC9B,MAAMsF;IACR;AACF,EAAC"}
1
+ {"version":3,"sources":["../../../src/auth/operations/login.ts"],"sourcesContent":["import { v4 as uuid } from 'uuid'\n\nimport type {\n AuthOperationsFromCollectionSlug,\n Collection,\n DataFromCollectionSlug,\n} from '../../collections/config/types.js'\nimport type { CollectionSlug, TypedUser } from '../../index.js'\nimport type { PayloadRequest, Where } from '../../types/index.js'\n\nimport { buildAfterOperation } from '../../collections/operations/utils.js'\nimport {\n AuthenticationError,\n LockedAuth,\n UnverifiedEmail,\n ValidationError,\n} from '../../errors/index.js'\nimport { afterRead } from '../../fields/hooks/afterRead/index.js'\nimport { Forbidden } from '../../index.js'\nimport { appendNonTrashedFilter } from '../../utilities/appendNonTrashedFilter.js'\nimport { killTransaction } from '../../utilities/killTransaction.js'\nimport { sanitizeInternalFields } from '../../utilities/sanitizeInternalFields.js'\nimport { getFieldsToSign } from '../getFieldsToSign.js'\nimport { getLoginOptions } from '../getLoginOptions.js'\nimport { isUserLocked } from '../isUserLocked.js'\nimport { jwtSign } from '../jwt.js'\nimport { removeExpiredSessions } from '../removeExpiredSessions.js'\nimport { authenticateLocalStrategy } from '../strategies/local/authenticate.js'\nimport { incrementLoginAttempts } from '../strategies/local/incrementLoginAttempts.js'\nimport { resetLoginAttempts } from '../strategies/local/resetLoginAttempts.js'\n\nexport type Result = {\n exp?: number\n token?: string\n user?: TypedUser\n}\n\nexport type Arguments<TSlug extends CollectionSlug> = {\n collection: Collection\n data: AuthOperationsFromCollectionSlug<TSlug>['login']\n depth?: number\n overrideAccess?: boolean\n req: PayloadRequest\n showHiddenFields?: boolean\n}\n\ntype CheckLoginPermissionArgs = {\n loggingInWithUsername?: boolean\n req: PayloadRequest\n user: any\n}\n\n/**\n * Throws an error if the user is locked or does not exist.\n * This does not check the login attempts, only the lock status. Whoever increments login attempts\n * is responsible for locking the user properly, not whoever checks the login permission.\n */\nexport const checkLoginPermission = ({\n loggingInWithUsername,\n req,\n user,\n}: CheckLoginPermissionArgs) => {\n if (!user) {\n throw new AuthenticationError(req.t, Boolean(loggingInWithUsername))\n }\n\n if (isUserLocked(new Date(user.lockUntil))) {\n throw new LockedAuth(req.t)\n }\n}\n\nexport const loginOperation = async <TSlug extends CollectionSlug>(\n incomingArgs: Arguments<TSlug>,\n): Promise<{ user: DataFromCollectionSlug<TSlug> } & Result> => {\n let args = incomingArgs\n\n if (args.collection.config.auth.disableLocalStrategy) {\n throw new Forbidden(args.req.t)\n }\n\n try {\n // /////////////////////////////////////\n // beforeOperation - Collection\n // /////////////////////////////////////\n\n if (args.collection.config.hooks?.beforeOperation?.length) {\n for (const hook of args.collection.config.hooks.beforeOperation) {\n args =\n (await hook({\n args,\n collection: args.collection?.config,\n context: args.req.context,\n operation: 'login',\n req: args.req,\n })) || args\n }\n }\n\n const {\n collection: { config: collectionConfig },\n data,\n depth,\n overrideAccess,\n req,\n req: {\n fallbackLocale,\n locale,\n payload,\n payload: { secret },\n },\n showHiddenFields,\n } = args\n\n // /////////////////////////////////////\n // Login\n // /////////////////////////////////////\n\n const { email: unsanitizedEmail, password } = data\n const loginWithUsername = collectionConfig.auth.loginWithUsername\n\n const sanitizedEmail =\n typeof unsanitizedEmail === 'string' ? unsanitizedEmail.toLowerCase().trim() : null\n const sanitizedUsername =\n 'username' in data && typeof data?.username === 'string'\n ? data.username.toLowerCase().trim()\n : null\n\n const { canLoginWithEmail, canLoginWithUsername } = getLoginOptions(loginWithUsername)\n\n // cannot login with email, did not provide username\n if (!canLoginWithEmail && !sanitizedUsername) {\n throw new ValidationError({\n collection: collectionConfig.slug,\n errors: [{ message: req.i18n.t('validation:required'), path: 'username' }],\n })\n }\n\n // cannot login with username, did not provide email\n if (!canLoginWithUsername && !sanitizedEmail) {\n throw new ValidationError({\n collection: collectionConfig.slug,\n errors: [{ message: req.i18n.t('validation:required'), path: 'email' }],\n })\n }\n\n // can login with either email or username, did not provide either\n if (!sanitizedUsername && !sanitizedEmail) {\n throw new ValidationError({\n collection: collectionConfig.slug,\n errors: [\n { message: req.i18n.t('validation:required'), path: 'email' },\n { message: req.i18n.t('validation:required'), path: 'username' },\n ],\n })\n }\n\n // did not provide password for login\n if (typeof password !== 'string' || password.trim() === '') {\n throw new ValidationError({\n collection: collectionConfig.slug,\n errors: [{ message: req.i18n.t('validation:required'), path: 'password' }],\n })\n }\n\n let whereConstraint: Where = {}\n const emailConstraint: Where = {\n email: {\n equals: sanitizedEmail,\n },\n }\n const usernameConstraint: Where = {\n username: {\n equals: sanitizedUsername,\n },\n }\n\n if (canLoginWithEmail && canLoginWithUsername && (sanitizedUsername || sanitizedEmail)) {\n if (sanitizedUsername) {\n whereConstraint = {\n or: [\n usernameConstraint,\n {\n email: {\n equals: sanitizedUsername,\n },\n },\n ],\n }\n } else {\n whereConstraint = {\n or: [\n emailConstraint,\n {\n username: {\n equals: sanitizedEmail,\n },\n },\n ],\n }\n }\n } else if (canLoginWithEmail && sanitizedEmail) {\n whereConstraint = emailConstraint\n } else if (canLoginWithUsername && sanitizedUsername) {\n whereConstraint = usernameConstraint\n }\n\n // Exclude trashed users\n whereConstraint = appendNonTrashedFilter({\n enableTrash: collectionConfig.trash,\n trash: false,\n where: whereConstraint,\n })\n\n let user = (await payload.db.findOne<TypedUser>({\n collection: collectionConfig.slug,\n req,\n where: whereConstraint,\n })) as TypedUser\n\n checkLoginPermission({\n loggingInWithUsername: Boolean(canLoginWithUsername && sanitizedUsername),\n req,\n user,\n })\n\n user.collection = collectionConfig.slug\n user._strategy = 'local-jwt'\n\n const authResult = await authenticateLocalStrategy({ doc: user, password })\n user = sanitizeInternalFields(user)\n\n const maxLoginAttemptsEnabled = args.collection.config.auth.maxLoginAttempts > 0\n\n if (!authResult) {\n if (maxLoginAttemptsEnabled) {\n await incrementLoginAttempts({\n collection: collectionConfig,\n payload: req.payload,\n req,\n user,\n })\n\n // Re-check login permissions and max attempts after incrementing attempts, in case parallel updates occurred\n checkLoginPermission({\n loggingInWithUsername: Boolean(canLoginWithUsername && sanitizedUsername),\n req,\n user,\n })\n }\n\n throw new AuthenticationError(req.t)\n }\n\n if (collectionConfig.auth.verify && user._verified === false) {\n throw new UnverifiedEmail({ t: req.t })\n }\n\n /*\n * Correct password accepted - re‑check that the account didn't\n * get locked by parallel bad attempts in the meantime.\n */\n if (maxLoginAttemptsEnabled) {\n const { lockUntil, loginAttempts } = (await payload.db.findOne<TypedUser>({\n collection: collectionConfig.slug,\n req,\n select: {\n lockUntil: true,\n loginAttempts: true,\n },\n where: { id: { equals: user.id } },\n }))!\n\n user.lockUntil = lockUntil\n user.loginAttempts = loginAttempts\n\n checkLoginPermission({\n req,\n user,\n })\n }\n\n const fieldsToSignArgs: Parameters<typeof getFieldsToSign>[0] = {\n collectionConfig,\n email: sanitizedEmail!,\n user,\n }\n\n if (collectionConfig.auth.useSessions) {\n // Add session to user\n const newSessionID = uuid()\n const now = new Date()\n const tokenExpInMs = collectionConfig.auth.tokenExpiration * 1000\n const expiresAt = new Date(now.getTime() + tokenExpInMs)\n\n const session = { id: newSessionID, createdAt: now, expiresAt }\n\n if (!user.sessions?.length) {\n user.sessions = [session]\n } else {\n user.sessions = removeExpiredSessions(user.sessions)\n user.sessions.push(session)\n }\n\n await payload.db.updateOne({\n id: user.id,\n collection: collectionConfig.slug,\n data: user,\n req,\n returning: false,\n })\n\n user.collection = collectionConfig.slug\n user._strategy = 'local-jwt'\n\n fieldsToSignArgs.sid = newSessionID\n }\n\n const fieldsToSign = getFieldsToSign(fieldsToSignArgs)\n\n if (maxLoginAttemptsEnabled) {\n await resetLoginAttempts({\n collection: collectionConfig,\n doc: user,\n payload: req.payload,\n req,\n })\n }\n\n // /////////////////////////////////////\n // beforeLogin - Collection\n // /////////////////////////////////////\n\n if (collectionConfig.hooks?.beforeLogin?.length) {\n for (const hook of collectionConfig.hooks.beforeLogin) {\n user =\n (await hook({\n collection: args.collection?.config,\n context: args.req.context,\n req: args.req,\n user,\n })) || user\n }\n }\n\n const { exp, token } = await jwtSign({\n fieldsToSign,\n secret,\n tokenExpiration: collectionConfig.auth.tokenExpiration,\n })\n\n req.user = user\n\n // /////////////////////////////////////\n // afterLogin - Collection\n // /////////////////////////////////////\n\n if (collectionConfig.hooks?.afterLogin?.length) {\n for (const hook of collectionConfig.hooks.afterLogin) {\n user =\n (await hook({\n collection: args.collection?.config,\n context: args.req.context,\n req: args.req,\n token,\n user,\n })) || user\n }\n }\n\n // /////////////////////////////////////\n // afterRead - Fields\n // /////////////////////////////////////\n\n user = await afterRead({\n collection: collectionConfig,\n context: req.context,\n depth: depth!,\n doc: user,\n // @ts-expect-error - vestiges of when tsconfig was not strict. Feel free to improve\n draft: undefined,\n fallbackLocale: fallbackLocale!,\n global: null,\n locale: locale!,\n overrideAccess: overrideAccess!,\n req,\n showHiddenFields: showHiddenFields!,\n })\n\n // /////////////////////////////////////\n // afterRead - Collection\n // /////////////////////////////////////\n\n if (collectionConfig.hooks?.afterRead?.length) {\n for (const hook of collectionConfig.hooks.afterRead) {\n user =\n (await hook({\n collection: args.collection?.config,\n context: req.context,\n doc: user,\n req,\n })) || user\n }\n }\n\n let result: { user: DataFromCollectionSlug<TSlug> } & Result = {\n exp,\n token,\n user,\n }\n\n // /////////////////////////////////////\n // afterOperation - Collection\n // /////////////////////////////////////\n\n result = await buildAfterOperation({\n args,\n collection: args.collection?.config,\n operation: 'login',\n result,\n })\n\n // /////////////////////////////////////\n // Return results\n // /////////////////////////////////////\n\n return result\n } catch (error: unknown) {\n await killTransaction(args.req)\n throw error\n }\n}\n"],"names":["v4","uuid","buildAfterOperation","AuthenticationError","LockedAuth","UnverifiedEmail","ValidationError","afterRead","Forbidden","appendNonTrashedFilter","killTransaction","sanitizeInternalFields","getFieldsToSign","getLoginOptions","isUserLocked","jwtSign","removeExpiredSessions","authenticateLocalStrategy","incrementLoginAttempts","resetLoginAttempts","checkLoginPermission","loggingInWithUsername","req","user","t","Boolean","Date","lockUntil","loginOperation","incomingArgs","args","collection","config","auth","disableLocalStrategy","hooks","beforeOperation","length","hook","context","operation","collectionConfig","data","depth","overrideAccess","fallbackLocale","locale","payload","secret","showHiddenFields","email","unsanitizedEmail","password","loginWithUsername","sanitizedEmail","toLowerCase","trim","sanitizedUsername","username","canLoginWithEmail","canLoginWithUsername","slug","errors","message","i18n","path","whereConstraint","emailConstraint","equals","usernameConstraint","or","enableTrash","trash","where","db","findOne","_strategy","authResult","doc","maxLoginAttemptsEnabled","maxLoginAttempts","verify","_verified","loginAttempts","select","id","fieldsToSignArgs","useSessions","newSessionID","now","tokenExpInMs","tokenExpiration","expiresAt","getTime","session","createdAt","sessions","push","updateOne","returning","sid","fieldsToSign","beforeLogin","exp","token","afterLogin","draft","undefined","global","result","error"],"mappings":"AAAA,SAASA,MAAMC,IAAI,QAAQ,OAAM;AAUjC,SAASC,mBAAmB,QAAQ,wCAAuC;AAC3E,SACEC,mBAAmB,EACnBC,UAAU,EACVC,eAAe,EACfC,eAAe,QACV,wBAAuB;AAC9B,SAASC,SAAS,QAAQ,wCAAuC;AACjE,SAASC,SAAS,QAAQ,iBAAgB;AAC1C,SAASC,sBAAsB,QAAQ,4CAA2C;AAClF,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,sBAAsB,QAAQ,4CAA2C;AAClF,SAASC,eAAe,QAAQ,wBAAuB;AACvD,SAASC,eAAe,QAAQ,wBAAuB;AACvD,SAASC,YAAY,QAAQ,qBAAoB;AACjD,SAASC,OAAO,QAAQ,YAAW;AACnC,SAASC,qBAAqB,QAAQ,8BAA6B;AACnE,SAASC,yBAAyB,QAAQ,sCAAqC;AAC/E,SAASC,sBAAsB,QAAQ,gDAA+C;AACtF,SAASC,kBAAkB,QAAQ,4CAA2C;AAuB9E;;;;CAIC,GACD,OAAO,MAAMC,uBAAuB,CAAC,EACnCC,qBAAqB,EACrBC,GAAG,EACHC,IAAI,EACqB;IACzB,IAAI,CAACA,MAAM;QACT,MAAM,IAAIpB,oBAAoBmB,IAAIE,CAAC,EAAEC,QAAQJ;IAC/C;IAEA,IAAIP,aAAa,IAAIY,KAAKH,KAAKI,SAAS,IAAI;QAC1C,MAAM,IAAIvB,WAAWkB,IAAIE,CAAC;IAC5B;AACF,EAAC;AAED,OAAO,MAAMI,iBAAiB,OAC5BC;IAEA,IAAIC,OAAOD;IAEX,IAAIC,KAAKC,UAAU,CAACC,MAAM,CAACC,IAAI,CAACC,oBAAoB,EAAE;QACpD,MAAM,IAAI1B,UAAUsB,KAAKR,GAAG,CAACE,CAAC;IAChC;IAEA,IAAI;QACF,wCAAwC;QACxC,+BAA+B;QAC/B,wCAAwC;QAExC,IAAIM,KAAKC,UAAU,CAACC,MAAM,CAACG,KAAK,EAAEC,iBAAiBC,QAAQ;YACzD,KAAK,MAAMC,QAAQR,KAAKC,UAAU,CAACC,MAAM,CAACG,KAAK,CAACC,eAAe,CAAE;gBAC/DN,OACE,AAAC,MAAMQ,KAAK;oBACVR;oBACAC,YAAYD,KAAKC,UAAU,EAAEC;oBAC7BO,SAAST,KAAKR,GAAG,CAACiB,OAAO;oBACzBC,WAAW;oBACXlB,KAAKQ,KAAKR,GAAG;gBACf,MAAOQ;YACX;QACF;QAEA,MAAM,EACJC,YAAY,EAAEC,QAAQS,gBAAgB,EAAE,EACxCC,IAAI,EACJC,KAAK,EACLC,cAAc,EACdtB,GAAG,EACHA,KAAK,EACHuB,cAAc,EACdC,MAAM,EACNC,OAAO,EACPA,SAAS,EAAEC,MAAM,EAAE,EACpB,EACDC,gBAAgB,EACjB,GAAGnB;QAEJ,wCAAwC;QACxC,QAAQ;QACR,wCAAwC;QAExC,MAAM,EAAEoB,OAAOC,gBAAgB,EAAEC,QAAQ,EAAE,GAAGV;QAC9C,MAAMW,oBAAoBZ,iBAAiBR,IAAI,CAACoB,iBAAiB;QAEjE,MAAMC,iBACJ,OAAOH,qBAAqB,WAAWA,iBAAiBI,WAAW,GAAGC,IAAI,KAAK;QACjF,MAAMC,oBACJ,cAAcf,QAAQ,OAAOA,MAAMgB,aAAa,WAC5ChB,KAAKgB,QAAQ,CAACH,WAAW,GAAGC,IAAI,KAChC;QAEN,MAAM,EAAEG,iBAAiB,EAAEC,oBAAoB,EAAE,GAAG/C,gBAAgBwC;QAEpE,oDAAoD;QACpD,IAAI,CAACM,qBAAqB,CAACF,mBAAmB;YAC5C,MAAM,IAAInD,gBAAgB;gBACxByB,YAAYU,iBAAiBoB,IAAI;gBACjCC,QAAQ;oBAAC;wBAAEC,SAASzC,IAAI0C,IAAI,CAACxC,CAAC,CAAC;wBAAwByC,MAAM;oBAAW;iBAAE;YAC5E;QACF;QAEA,oDAAoD;QACpD,IAAI,CAACL,wBAAwB,CAACN,gBAAgB;YAC5C,MAAM,IAAIhD,gBAAgB;gBACxByB,YAAYU,iBAAiBoB,IAAI;gBACjCC,QAAQ;oBAAC;wBAAEC,SAASzC,IAAI0C,IAAI,CAACxC,CAAC,CAAC;wBAAwByC,MAAM;oBAAQ;iBAAE;YACzE;QACF;QAEA,kEAAkE;QAClE,IAAI,CAACR,qBAAqB,CAACH,gBAAgB;YACzC,MAAM,IAAIhD,gBAAgB;gBACxByB,YAAYU,iBAAiBoB,IAAI;gBACjCC,QAAQ;oBACN;wBAAEC,SAASzC,IAAI0C,IAAI,CAACxC,CAAC,CAAC;wBAAwByC,MAAM;oBAAQ;oBAC5D;wBAAEF,SAASzC,IAAI0C,IAAI,CAACxC,CAAC,CAAC;wBAAwByC,MAAM;oBAAW;iBAChE;YACH;QACF;QAEA,qCAAqC;QACrC,IAAI,OAAOb,aAAa,YAAYA,SAASI,IAAI,OAAO,IAAI;YAC1D,MAAM,IAAIlD,gBAAgB;gBACxByB,YAAYU,iBAAiBoB,IAAI;gBACjCC,QAAQ;oBAAC;wBAAEC,SAASzC,IAAI0C,IAAI,CAACxC,CAAC,CAAC;wBAAwByC,MAAM;oBAAW;iBAAE;YAC5E;QACF;QAEA,IAAIC,kBAAyB,CAAC;QAC9B,MAAMC,kBAAyB;YAC7BjB,OAAO;gBACLkB,QAAQd;YACV;QACF;QACA,MAAMe,qBAA4B;YAChCX,UAAU;gBACRU,QAAQX;YACV;QACF;QAEA,IAAIE,qBAAqBC,wBAAyBH,CAAAA,qBAAqBH,cAAa,GAAI;YACtF,IAAIG,mBAAmB;gBACrBS,kBAAkB;oBAChBI,IAAI;wBACFD;wBACA;4BACEnB,OAAO;gCACLkB,QAAQX;4BACV;wBACF;qBACD;gBACH;YACF,OAAO;gBACLS,kBAAkB;oBAChBI,IAAI;wBACFH;wBACA;4BACET,UAAU;gCACRU,QAAQd;4BACV;wBACF;qBACD;gBACH;YACF;QACF,OAAO,IAAIK,qBAAqBL,gBAAgB;YAC9CY,kBAAkBC;QACpB,OAAO,IAAIP,wBAAwBH,mBAAmB;YACpDS,kBAAkBG;QACpB;QAEA,wBAAwB;QACxBH,kBAAkBzD,uBAAuB;YACvC8D,aAAa9B,iBAAiB+B,KAAK;YACnCA,OAAO;YACPC,OAAOP;QACT;QAEA,IAAI3C,OAAQ,MAAMwB,QAAQ2B,EAAE,CAACC,OAAO,CAAY;YAC9C5C,YAAYU,iBAAiBoB,IAAI;YACjCvC;YACAmD,OAAOP;QACT;QAEA9C,qBAAqB;YACnBC,uBAAuBI,QAAQmC,wBAAwBH;YACvDnC;YACAC;QACF;QAEAA,KAAKQ,UAAU,GAAGU,iBAAiBoB,IAAI;QACvCtC,KAAKqD,SAAS,GAAG;QAEjB,MAAMC,aAAa,MAAM5D,0BAA0B;YAAE6D,KAAKvD;YAAM6B;QAAS;QACzE7B,OAAOZ,uBAAuBY;QAE9B,MAAMwD,0BAA0BjD,KAAKC,UAAU,CAACC,MAAM,CAACC,IAAI,CAAC+C,gBAAgB,GAAG;QAE/E,IAAI,CAACH,YAAY;YACf,IAAIE,yBAAyB;gBAC3B,MAAM7D,uBAAuB;oBAC3Ba,YAAYU;oBACZM,SAASzB,IAAIyB,OAAO;oBACpBzB;oBACAC;gBACF;gBAEA,6GAA6G;gBAC7GH,qBAAqB;oBACnBC,uBAAuBI,QAAQmC,wBAAwBH;oBACvDnC;oBACAC;gBACF;YACF;YAEA,MAAM,IAAIpB,oBAAoBmB,IAAIE,CAAC;QACrC;QAEA,IAAIiB,iBAAiBR,IAAI,CAACgD,MAAM,IAAI1D,KAAK2D,SAAS,KAAK,OAAO;YAC5D,MAAM,IAAI7E,gBAAgB;gBAAEmB,GAAGF,IAAIE,CAAC;YAAC;QACvC;QAEA;;;KAGC,GACD,IAAIuD,yBAAyB;YAC3B,MAAM,EAAEpD,SAAS,EAAEwD,aAAa,EAAE,GAAI,MAAMpC,QAAQ2B,EAAE,CAACC,OAAO,CAAY;gBACxE5C,YAAYU,iBAAiBoB,IAAI;gBACjCvC;gBACA8D,QAAQ;oBACNzD,WAAW;oBACXwD,eAAe;gBACjB;gBACAV,OAAO;oBAAEY,IAAI;wBAAEjB,QAAQ7C,KAAK8D,EAAE;oBAAC;gBAAE;YACnC;YAEA9D,KAAKI,SAAS,GAAGA;YACjBJ,KAAK4D,aAAa,GAAGA;YAErB/D,qBAAqB;gBACnBE;gBACAC;YACF;QACF;QAEA,MAAM+D,mBAA0D;YAC9D7C;YACAS,OAAOI;YACP/B;QACF;QAEA,IAAIkB,iBAAiBR,IAAI,CAACsD,WAAW,EAAE;YACrC,sBAAsB;YACtB,MAAMC,eAAevF;YACrB,MAAMwF,MAAM,IAAI/D;YAChB,MAAMgE,eAAejD,iBAAiBR,IAAI,CAAC0D,eAAe,GAAG;YAC7D,MAAMC,YAAY,IAAIlE,KAAK+D,IAAII,OAAO,KAAKH;YAE3C,MAAMI,UAAU;gBAAET,IAAIG;gBAAcO,WAAWN;gBAAKG;YAAU;YAE9D,IAAI,CAACrE,KAAKyE,QAAQ,EAAE3D,QAAQ;gBAC1Bd,KAAKyE,QAAQ,GAAG;oBAACF;iBAAQ;YAC3B,OAAO;gBACLvE,KAAKyE,QAAQ,GAAGhF,sBAAsBO,KAAKyE,QAAQ;gBACnDzE,KAAKyE,QAAQ,CAACC,IAAI,CAACH;YACrB;YAEA,MAAM/C,QAAQ2B,EAAE,CAACwB,SAAS,CAAC;gBACzBb,IAAI9D,KAAK8D,EAAE;gBACXtD,YAAYU,iBAAiBoB,IAAI;gBACjCnB,MAAMnB;gBACND;gBACA6E,WAAW;YACb;YAEA5E,KAAKQ,UAAU,GAAGU,iBAAiBoB,IAAI;YACvCtC,KAAKqD,SAAS,GAAG;YAEjBU,iBAAiBc,GAAG,GAAGZ;QACzB;QAEA,MAAMa,eAAezF,gBAAgB0E;QAErC,IAAIP,yBAAyB;YAC3B,MAAM5D,mBAAmB;gBACvBY,YAAYU;gBACZqC,KAAKvD;gBACLwB,SAASzB,IAAIyB,OAAO;gBACpBzB;YACF;QACF;QAEA,wCAAwC;QACxC,2BAA2B;QAC3B,wCAAwC;QAExC,IAAImB,iBAAiBN,KAAK,EAAEmE,aAAajE,QAAQ;YAC/C,KAAK,MAAMC,QAAQG,iBAAiBN,KAAK,CAACmE,WAAW,CAAE;gBACrD/E,OACE,AAAC,MAAMe,KAAK;oBACVP,YAAYD,KAAKC,UAAU,EAAEC;oBAC7BO,SAAST,KAAKR,GAAG,CAACiB,OAAO;oBACzBjB,KAAKQ,KAAKR,GAAG;oBACbC;gBACF,MAAOA;YACX;QACF;QAEA,MAAM,EAAEgF,GAAG,EAAEC,KAAK,EAAE,GAAG,MAAMzF,QAAQ;YACnCsF;YACArD;YACA2C,iBAAiBlD,iBAAiBR,IAAI,CAAC0D,eAAe;QACxD;QAEArE,IAAIC,IAAI,GAAGA;QAEX,wCAAwC;QACxC,0BAA0B;QAC1B,wCAAwC;QAExC,IAAIkB,iBAAiBN,KAAK,EAAEsE,YAAYpE,QAAQ;YAC9C,KAAK,MAAMC,QAAQG,iBAAiBN,KAAK,CAACsE,UAAU,CAAE;gBACpDlF,OACE,AAAC,MAAMe,KAAK;oBACVP,YAAYD,KAAKC,UAAU,EAAEC;oBAC7BO,SAAST,KAAKR,GAAG,CAACiB,OAAO;oBACzBjB,KAAKQ,KAAKR,GAAG;oBACbkF;oBACAjF;gBACF,MAAOA;YACX;QACF;QAEA,wCAAwC;QACxC,qBAAqB;QACrB,wCAAwC;QAExCA,OAAO,MAAMhB,UAAU;YACrBwB,YAAYU;YACZF,SAASjB,IAAIiB,OAAO;YACpBI,OAAOA;YACPmC,KAAKvD;YACL,oFAAoF;YACpFmF,OAAOC;YACP9D,gBAAgBA;YAChB+D,QAAQ;YACR9D,QAAQA;YACRF,gBAAgBA;YAChBtB;YACA2B,kBAAkBA;QACpB;QAEA,wCAAwC;QACxC,yBAAyB;QACzB,wCAAwC;QAExC,IAAIR,iBAAiBN,KAAK,EAAE5B,WAAW8B,QAAQ;YAC7C,KAAK,MAAMC,QAAQG,iBAAiBN,KAAK,CAAC5B,SAAS,CAAE;gBACnDgB,OACE,AAAC,MAAMe,KAAK;oBACVP,YAAYD,KAAKC,UAAU,EAAEC;oBAC7BO,SAASjB,IAAIiB,OAAO;oBACpBuC,KAAKvD;oBACLD;gBACF,MAAOC;YACX;QACF;QAEA,IAAIsF,SAA2D;YAC7DN;YACAC;YACAjF;QACF;QAEA,wCAAwC;QACxC,8BAA8B;QAC9B,wCAAwC;QAExCsF,SAAS,MAAM3G,oBAAoB;YACjC4B;YACAC,YAAYD,KAAKC,UAAU,EAAEC;YAC7BQ,WAAW;YACXqE;QACF;QAEA,wCAAwC;QACxC,iBAAiB;QACjB,wCAAwC;QAExC,OAAOA;IACT,EAAE,OAAOC,OAAgB;QACvB,MAAMpG,gBAAgBoB,KAAKR,GAAG;QAC9B,MAAMwF;IACR;AACF,EAAC"}
package/dist/auth/operations/refresh.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"refresh.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/refresh.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,mCAAmC,CAAA;AACnE,OAAO,KAAK,EAAE,QAAQ,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAWpE,MAAM,MAAM,MAAM,GAAG;IACnB,GAAG,EAAE,MAAM,CAAA;IACX,cAAc,EAAE,MAAM,CAAA;IACtB,SAAS,CAAC,EAAE,OAAO,CAAA;IACnB;;;;;OAKG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,IAAI,EAAE,QAAQ,CAAA;CACf,CAAA;AAED,MAAM,MAAM,SAAS,GAAG;IACtB,UAAU,EAAE,UAAU,CAAA;IACtB,GAAG,EAAE,cAAc,CAAA;CACpB,CAAA;AAED,eAAO,MAAM,gBAAgB,iBAAwB,SAAS,KAAG,OAAO,CAAC,MAAM,CAoK9E,CAAA"}
1
+ {"version":3,"file":"refresh.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/refresh.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,mCAAmC,CAAA;AACnE,OAAO,KAAK,EAAE,QAAQ,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAWpE,MAAM,MAAM,MAAM,GAAG;IACnB,GAAG,EAAE,MAAM,CAAA;IACX,cAAc,EAAE,MAAM,CAAA;IACtB,SAAS,CAAC,EAAE,OAAO,CAAA;IACnB;;;;;OAKG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,IAAI,EAAE,QAAQ,CAAA;CACf,CAAA;AAED,MAAM,MAAM,SAAS,GAAG;IACtB,UAAU,EAAE,UAAU,CAAA;IACtB,GAAG,EAAE,cAAc,CAAA;CACpB,CAAA;AAED,eAAO,MAAM,gBAAgB,iBAAwB,SAAS,KAAG,OAAO,CAAC,MAAM,CA0K9E,CAAA"}
package/dist/auth/operations/refresh.js CHANGED
@@ -34,11 +34,14 @@ export const refreshOperation = async (incomingArgs)=>{
34
34
  }
35
35
  const parsedURL = url.parse(args.req.url);
36
36
  const isGraphQL = parsedURL.pathname === config.routes.graphQL;
37
- const user = await args.req.payload.findByID({
38
- id: args.req.user.id,
39
- collection: args.req.user.collection,
40
- depth: isGraphQL ? 0 : args.collection.config.auth.depth,
41
- req: args.req
37
+ let user = await req.payload.db.findOne({
38
+ collection: collectionConfig.slug,
39
+ req,
40
+ where: {
41
+ id: {
42
+ equals: args.req.user.id
43
+ }
44
+ }
42
45
  });
43
46
  const sid = args.req.user._sid;
44
47
  if (collectionConfig.auth.useSessions && !collectionConfig.auth.disableLocalStrategy) {
@@ -60,6 +63,12 @@ export const refreshOperation = async (incomingArgs)=>{
60
63
  returning: false
61
64
  });
62
65
  }
66
+ user = await req.payload.findByID({
67
+ id: user.id,
68
+ collection: collectionConfig.slug,
69
+ depth: isGraphQL ? 0 : args.collection.config.auth.depth,
70
+ req: args.req
71
+ });
63
72
  if (user) {
64
73
  user.collection = args.req.user.collection;
65
74
  user._strategy = args.req.user._strategy;
package/dist/auth/operations/refresh.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../src/auth/operations/refresh.ts"],"sourcesContent":["import url from 'url'\nimport { v4 as uuid } from 'uuid'\n\nimport type { Collection } from '../../collections/config/types.js'\nimport type { Document, PayloadRequest } from '../../types/index.js'\n\nimport { buildAfterOperation } from '../../collections/operations/utils.js'\nimport { Forbidden } from '../../errors/index.js'\nimport { commitTransaction } from '../../utilities/commitTransaction.js'\nimport { initTransaction } from '../../utilities/initTransaction.js'\nimport { killTransaction } from '../../utilities/killTransaction.js'\nimport { getFieldsToSign } from '../getFieldsToSign.js'\nimport { jwtSign } from '../jwt.js'\nimport { removeExpiredSessions } from '../removeExpiredSessions.js'\n\nexport type Result = {\n exp: number\n refreshedToken: string\n setCookie?: boolean\n /** @deprecated\n * use:\n * ```ts\n * user._strategy\n * ```\n */\n strategy?: string\n user: Document\n}\n\nexport type Arguments = {\n collection: Collection\n req: PayloadRequest\n}\n\nexport const refreshOperation = async (incomingArgs: Arguments): Promise<Result> => {\n let args = incomingArgs\n\n try {\n const shouldCommit = await initTransaction(args.req)\n\n // /////////////////////////////////////\n // beforeOperation - Collection\n // /////////////////////////////////////\n\n if (args.collection.config.hooks?.beforeOperation?.length) {\n for (const hook of args.collection.config.hooks.beforeOperation) {\n args =\n (await hook({\n args,\n collection: args.collection?.config,\n context: args.req.context,\n operation: 'refresh',\n req: args.req,\n })) || args\n }\n }\n\n // /////////////////////////////////////\n // Refresh\n // /////////////////////////////////////\n\n const {\n collection: { config: collectionConfig },\n req,\n req: {\n payload: { config, secret },\n },\n } = args\n\n if (!args.req.user) {\n throw new Forbidden(args.req.t)\n }\n\n const parsedURL = url.parse(args.req.url!)\n const isGraphQL = parsedURL.pathname === config.routes.graphQL\n\n const user = await args.req.payload.findByID({\n id: args.req.user.id,\n collection: args.req.user.collection,\n depth: isGraphQL ? 0 : args.collection.config.auth.depth,\n req: args.req,\n })\n\n const sid = args.req.user._sid\n\n if (collectionConfig.auth.useSessions && !collectionConfig.auth.disableLocalStrategy) {\n if (!Array.isArray(user.sessions) || !sid) {\n throw new Forbidden(args.req.t)\n }\n\n const existingSession = user.sessions.find(({ id }) => id === sid)\n\n const now = new Date()\n const tokenExpInMs = collectionConfig.auth.tokenExpiration * 1000\n existingSession.expiresAt = new Date(now.getTime() + tokenExpInMs)\n\n await req.payload.db.updateOne({\n id: user.id,\n collection: collectionConfig.slug,\n data: {\n ...user,\n sessions: removeExpiredSessions(user.sessions),\n },\n req,\n returning: false,\n })\n }\n\n if (user) {\n user.collection = args.req.user.collection\n user._strategy = args.req.user._strategy\n }\n\n let result!: Result\n\n // /////////////////////////////////////\n // refresh hook - Collection\n // /////////////////////////////////////\n\n for (const refreshHook of args.collection.config.hooks.refresh) {\n const hookResult = await refreshHook({ args, user })\n\n if (hookResult) {\n result = hookResult\n break\n }\n }\n\n if (!result) {\n const fieldsToSign = getFieldsToSign({\n collectionConfig,\n email: user?.email as string,\n sid,\n user: args?.req?.user,\n })\n\n const { exp, token: refreshedToken } = await jwtSign({\n fieldsToSign,\n secret,\n tokenExpiration: collectionConfig.auth.tokenExpiration,\n })\n\n result = {\n exp,\n refreshedToken,\n setCookie: true,\n /** @deprecated\n * use:\n * ```ts\n * user._strategy\n * ```\n */\n strategy: args.req.user._strategy,\n user,\n }\n }\n\n // /////////////////////////////////////\n // After Refresh - Collection\n // /////////////////////////////////////\n\n if (collectionConfig.hooks?.afterRefresh?.length) {\n for (const hook of collectionConfig.hooks.afterRefresh) {\n result =\n (await hook({\n collection: args.collection?.config,\n context: args.req.context,\n exp: result.exp,\n req: args.req,\n token: result.refreshedToken,\n })) || result\n }\n }\n\n // /////////////////////////////////////\n // afterOperation - Collection\n // /////////////////////////////////////\n\n result = await buildAfterOperation({\n args,\n collection: args.collection?.config,\n operation: 'refresh',\n result,\n })\n\n // /////////////////////////////////////\n // Return results\n // /////////////////////////////////////\n\n if (shouldCommit) {\n await commitTransaction(req)\n }\n\n return result\n } catch (error: unknown) {\n await killTransaction(args.req)\n throw error\n }\n}\n"],"names":["url","buildAfterOperation","Forbidden","commitTransaction","initTransaction","killTransaction","getFieldsToSign","jwtSign","removeExpiredSessions","refreshOperation","incomingArgs","args","shouldCommit","req","collection","config","hooks","beforeOperation","length","hook","context","operation","collectionConfig","payload","secret","user","t","parsedURL","parse","isGraphQL","pathname","routes","graphQL","findByID","id","depth","auth","sid","_sid","useSessions","disableLocalStrategy","Array","isArray","sessions","existingSession","find","now","Date","tokenExpInMs","tokenExpiration","expiresAt","getTime","db","updateOne","slug","data","returning","_strategy","result","refreshHook","refresh","hookResult","fieldsToSign","email","exp","token","refreshedToken","setCookie","strategy","afterRefresh","error"],"mappings":"AAAA,OAAOA,SAAS,MAAK;AAMrB,SAASC,mBAAmB,QAAQ,wCAAuC;AAC3E,SAASC,SAAS,QAAQ,wBAAuB;AACjD,SAASC,iBAAiB,QAAQ,uCAAsC;AACxE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,wBAAuB;AACvD,SAASC,OAAO,QAAQ,YAAW;AACnC,SAASC,qBAAqB,QAAQ,8BAA6B;AAqBnE,OAAO,MAAMC,mBAAmB,OAAOC;IACrC,IAAIC,OAAOD;IAEX,IAAI;QACF,MAAME,eAAe,MAAMR,gBAAgBO,KAAKE,GAAG;QAEnD,wCAAwC;QACxC,+BAA+B;QAC/B,wCAAwC;QAExC,IAAIF,KAAKG,UAAU,CAACC,MAAM,CAACC,KAAK,EAAEC,iBAAiBC,QAAQ;YACzD,KAAK,MAAMC,QAAQR,KAAKG,UAAU,CAACC,MAAM,CAACC,KAAK,CAACC,eAAe,CAAE;gBAC/DN,OACE,AAAC,MAAMQ,KAAK;oBACVR;oBACAG,YAAYH,KAAKG,UAAU,EAAEC;oBAC7BK,SAAST,KAAKE,GAAG,CAACO,OAAO;oBACzBC,WAAW;oBACXR,KAAKF,KAAKE,GAAG;gBACf,MAAOF;YACX;QACF;QAEA,wCAAwC;QACxC,UAAU;QACV,wCAAwC;QAExC,MAAM,EACJG,YAAY,EAAEC,QAAQO,gBAAgB,EAAE,EACxCT,GAAG,EACHA,KAAK,EACHU,SAAS,EAAER,MAAM,EAAES,MAAM,EAAE,EAC5B,EACF,GAAGb;QAEJ,IAAI,CAACA,KAAKE,GAAG,CAACY,IAAI,EAAE;YAClB,MAAM,IAAIvB,UAAUS,KAAKE,GAAG,CAACa,CAAC;QAChC;QAEA,MAAMC,YAAY3B,IAAI4B,KAAK,CAACjB,KAAKE,GAAG,CAACb,GAAG;QACxC,MAAM6B,YAAYF,UAAUG,QAAQ,KAAKf,OAAOgB,MAAM,CAACC,OAAO;QAE9D,MAAMP,OAAO,MAAMd,KAAKE,GAAG,CAACU,OAAO,CAACU,QAAQ,CAAC;YAC3CC,IAAIvB,KAAKE,GAAG,CAACY,IAAI,CAACS,EAAE;YACpBpB,YAAYH,KAAKE,GAAG,CAACY,IAAI,CAACX,UAAU;YACpCqB,OAAON,YAAY,IAAIlB,KAAKG,UAAU,CAACC,MAAM,CAACqB,IAAI,CAACD,KAAK;YACxDtB,KAAKF,KAAKE,GAAG;QACf;QAEA,MAAMwB,MAAM1B,KAAKE,GAAG,CAACY,IAAI,CAACa,IAAI;QAE9B,IAAIhB,iBAAiBc,IAAI,CAACG,WAAW,IAAI,CAACjB,iBAAiBc,IAAI,CAACI,oBAAoB,EAAE;YACpF,IAAI,CAACC,MAAMC,OAAO,CAACjB,KAAKkB,QAAQ,KAAK,CAACN,KAAK;gBACzC,MAAM,IAAInC,UAAUS,KAAKE,GAAG,CAACa,CAAC;YAChC;YAEA,MAAMkB,kBAAkBnB,KAAKkB,QAAQ,CAACE,IAAI,CAAC,CAAC,EAAEX,EAAE,EAAE,GAAKA,OAAOG;YAE9D,MAAMS,MAAM,IAAIC;YAChB,MAAMC,eAAe1B,iBAAiBc,IAAI,CAACa,eAAe,GAAG;YAC7DL,gBAAgBM,SAAS,GAAG,IAAIH,KAAKD,IAAIK,OAAO,KAAKH;YAErD,MAAMnC,IAAIU,OAAO,CAAC6B,EAAE,CAACC,SAAS,CAAC;gBAC7BnB,IAAIT,KAAKS,EAAE;gBACXpB,YAAYQ,iBAAiBgC,IAAI;gBACjCC,MAAM;oBACJ,GAAG9B,IAAI;oBACPkB,UAAUnC,sBAAsBiB,KAAKkB,QAAQ;gBAC/C;gBACA9B;gBACA2C,WAAW;YACb;QACF;QAEA,IAAI/B,MAAM;YACRA,KAAKX,UAAU,GAAGH,KAAKE,GAAG,CAACY,IAAI,CAACX,UAAU;YAC1CW,KAAKgC,SAAS,GAAG9C,KAAKE,GAAG,CAACY,IAAI,CAACgC,SAAS;QAC1C;QAEA,IAAIC;QAEJ,wCAAwC;QACxC,4BAA4B;QAC5B,wCAAwC;QAExC,KAAK,MAAMC,eAAehD,KAAKG,UAAU,CAACC,MAAM,CAACC,KAAK,CAAC4C,OAAO,CAAE;YAC9D,MAAMC,aAAa,MAAMF,YAAY;gBAAEhD;gBAAMc;YAAK;YAElD,IAAIoC,YAAY;gBACdH,SAASG;gBACT;YACF;QACF;QAEA,IAAI,CAACH,QAAQ;YACX,MAAMI,eAAexD,gBAAgB;gBACnCgB;gBACAyC,OAAOtC,MAAMsC;gBACb1B;gBACAZ,MAAMd,MAAME,KAAKY;YACnB;YAEA,MAAM,EAAEuC,GAAG,EAAEC,OAAOC,cAAc,EAAE,GAAG,MAAM3D,QAAQ;gBACnDuD;gBACAtC;gBACAyB,iBAAiB3B,iBAAiBc,IAAI,CAACa,eAAe;YACxD;YAEAS,SAAS;gBACPM;gBACAE;gBACAC,WAAW;gBACX;;;;;SAKC,GACDC,UAAUzD,KAAKE,GAAG,CAACY,IAAI,CAACgC,SAAS;gBACjChC;YACF;QACF;QAEA,wCAAwC;QACxC,6BAA6B;QAC7B,wCAAwC;QAExC,IAAIH,iBAAiBN,KAAK,EAAEqD,cAAcnD,QAAQ;YAChD,KAAK,MAAMC,QAAQG,iBAAiBN,KAAK,CAACqD,YAAY,CAAE;gBACtDX,SACE,AAAC,MAAMvC,KAAK;oBACVL,YAAYH,KAAKG,UAAU,EAAEC;oBAC7BK,SAAST,KAAKE,GAAG,CAACO,OAAO;oBACzB4C,KAAKN,OAAOM,GAAG;oBACfnD,KAAKF,KAAKE,GAAG;oBACboD,OAAOP,OAAOQ,cAAc;gBAC9B,MAAOR;YACX;QACF;QAEA,wCAAwC;QACxC,8BAA8B;QAC9B,wCAAwC;QAExCA,SAAS,MAAMzD,oBAAoB;YACjCU;YACAG,YAAYH,KAAKG,UAAU,EAAEC;YAC7BM,WAAW;YACXqC;QACF;QAEA,wCAAwC;QACxC,iBAAiB;QACjB,wCAAwC;QAExC,IAAI9C,cAAc;YAChB,MAAMT,kBAAkBU;QAC1B;QAEA,OAAO6C;IACT,EAAE,OAAOY,OAAgB;QACvB,MAAMjE,gBAAgBM,KAAKE,GAAG;QAC9B,MAAMyD;IACR;AACF,EAAC"}
1
+ {"version":3,"sources":["../../../src/auth/operations/refresh.ts"],"sourcesContent":["import url from 'url'\n\nimport type { Collection } from '../../collections/config/types.js'\nimport type { Document, PayloadRequest } from '../../types/index.js'\n\nimport { buildAfterOperation } from '../../collections/operations/utils.js'\nimport { Forbidden } from '../../errors/index.js'\nimport { commitTransaction } from '../../utilities/commitTransaction.js'\nimport { initTransaction } from '../../utilities/initTransaction.js'\nimport { killTransaction } from '../../utilities/killTransaction.js'\nimport { getFieldsToSign } from '../getFieldsToSign.js'\nimport { jwtSign } from '../jwt.js'\nimport { removeExpiredSessions } from '../removeExpiredSessions.js'\n\nexport type Result = {\n exp: number\n refreshedToken: string\n setCookie?: boolean\n /** @deprecated\n * use:\n * ```ts\n * user._strategy\n * ```\n */\n strategy?: string\n user: Document\n}\n\nexport type Arguments = {\n collection: Collection\n req: PayloadRequest\n}\n\nexport const refreshOperation = async (incomingArgs: Arguments): Promise<Result> => {\n let args = incomingArgs\n\n try {\n const shouldCommit = await initTransaction(args.req)\n\n // /////////////////////////////////////\n // beforeOperation - Collection\n // /////////////////////////////////////\n\n if (args.collection.config.hooks?.beforeOperation?.length) {\n for (const hook of args.collection.config.hooks.beforeOperation) {\n args =\n (await hook({\n args,\n collection: args.collection?.config,\n context: args.req.context,\n operation: 'refresh',\n req: args.req,\n })) || args\n }\n }\n\n // /////////////////////////////////////\n // Refresh\n // /////////////////////////////////////\n\n const {\n collection: { config: collectionConfig },\n req,\n req: {\n payload: { config, secret },\n },\n } = args\n\n if (!args.req.user) {\n throw new Forbidden(args.req.t)\n }\n\n const parsedURL = url.parse(args.req.url!)\n const isGraphQL = parsedURL.pathname === config.routes.graphQL\n\n let user = await req.payload.db.findOne<any>({\n collection: collectionConfig.slug,\n req,\n where: { id: { equals: args.req.user.id } },\n })\n\n const sid = args.req.user._sid\n\n if (collectionConfig.auth.useSessions && !collectionConfig.auth.disableLocalStrategy) {\n if (!Array.isArray(user.sessions) || !sid) {\n throw new Forbidden(args.req.t)\n }\n\n const existingSession = user.sessions.find(({ id }: { id: number }) => id === sid)\n\n const now = new Date()\n const tokenExpInMs = collectionConfig.auth.tokenExpiration * 1000\n existingSession.expiresAt = new Date(now.getTime() + tokenExpInMs)\n\n await req.payload.db.updateOne({\n id: user.id,\n collection: collectionConfig.slug,\n data: {\n ...user,\n sessions: removeExpiredSessions(user.sessions),\n },\n req,\n returning: false,\n })\n }\n\n user = await req.payload.findByID({\n id: user.id,\n collection: collectionConfig.slug,\n depth: isGraphQL ? 0 : args.collection.config.auth.depth,\n req: args.req,\n })\n\n if (user) {\n user.collection = args.req.user.collection\n user._strategy = args.req.user._strategy\n }\n\n let result!: Result\n\n // /////////////////////////////////////\n // refresh hook - Collection\n // /////////////////////////////////////\n\n for (const refreshHook of args.collection.config.hooks.refresh) {\n const hookResult = await refreshHook({ args, user })\n\n if (hookResult) {\n result = hookResult\n break\n }\n }\n\n if (!result) {\n const fieldsToSign = getFieldsToSign({\n collectionConfig,\n email: user?.email as string,\n sid,\n user: args?.req?.user,\n })\n\n const { exp, token: refreshedToken } = await jwtSign({\n fieldsToSign,\n secret,\n tokenExpiration: collectionConfig.auth.tokenExpiration,\n })\n\n result = {\n exp,\n refreshedToken,\n setCookie: true,\n /** @deprecated\n * use:\n * ```ts\n * user._strategy\n * ```\n */\n strategy: args.req.user._strategy,\n user,\n }\n }\n\n // /////////////////////////////////////\n // After Refresh - Collection\n // /////////////////////////////////////\n\n if (collectionConfig.hooks?.afterRefresh?.length) {\n for (const hook of collectionConfig.hooks.afterRefresh) {\n result =\n (await hook({\n collection: args.collection?.config,\n context: args.req.context,\n exp: result.exp,\n req: args.req,\n token: result.refreshedToken,\n })) || result\n }\n }\n\n // /////////////////////////////////////\n // afterOperation - Collection\n // /////////////////////////////////////\n\n result = await buildAfterOperation({\n args,\n collection: args.collection?.config,\n operation: 'refresh',\n result,\n })\n\n // /////////////////////////////////////\n // Return results\n // /////////////////////////////////////\n\n if (shouldCommit) {\n await commitTransaction(req)\n }\n\n return result\n } catch (error: unknown) {\n await killTransaction(args.req)\n throw error\n }\n}\n"],"names":["url","buildAfterOperation","Forbidden","commitTransaction","initTransaction","killTransaction","getFieldsToSign","jwtSign","removeExpiredSessions","refreshOperation","incomingArgs","args","shouldCommit","req","collection","config","hooks","beforeOperation","length","hook","context","operation","collectionConfig","payload","secret","user","t","parsedURL","parse","isGraphQL","pathname","routes","graphQL","db","findOne","slug","where","id","equals","sid","_sid","auth","useSessions","disableLocalStrategy","Array","isArray","sessions","existingSession","find","now","Date","tokenExpInMs","tokenExpiration","expiresAt","getTime","updateOne","data","returning","findByID","depth","_strategy","result","refreshHook","refresh","hookResult","fieldsToSign","email","exp","token","refreshedToken","setCookie","strategy","afterRefresh","error"],"mappings":"AAAA,OAAOA,SAAS,MAAK;AAKrB,SAASC,mBAAmB,QAAQ,wCAAuC;AAC3E,SAASC,SAAS,QAAQ,wBAAuB;AACjD,SAASC,iBAAiB,QAAQ,uCAAsC;AACxE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,wBAAuB;AACvD,SAASC,OAAO,QAAQ,YAAW;AACnC,SAASC,qBAAqB,QAAQ,8BAA6B;AAqBnE,OAAO,MAAMC,mBAAmB,OAAOC;IACrC,IAAIC,OAAOD;IAEX,IAAI;QACF,MAAME,eAAe,MAAMR,gBAAgBO,KAAKE,GAAG;QAEnD,wCAAwC;QACxC,+BAA+B;QAC/B,wCAAwC;QAExC,IAAIF,KAAKG,UAAU,CAACC,MAAM,CAACC,KAAK,EAAEC,iBAAiBC,QAAQ;YACzD,KAAK,MAAMC,QAAQR,KAAKG,UAAU,CAACC,MAAM,CAACC,KAAK,CAACC,eAAe,CAAE;gBAC/DN,OACE,AAAC,MAAMQ,KAAK;oBACVR;oBACAG,YAAYH,KAAKG,UAAU,EAAEC;oBAC7BK,SAAST,KAAKE,GAAG,CAACO,OAAO;oBACzBC,WAAW;oBACXR,KAAKF,KAAKE,GAAG;gBACf,MAAOF;YACX;QACF;QAEA,wCAAwC;QACxC,UAAU;QACV,wCAAwC;QAExC,MAAM,EACJG,YAAY,EAAEC,QAAQO,gBAAgB,EAAE,EACxCT,GAAG,EACHA,KAAK,EACHU,SAAS,EAAER,MAAM,EAAES,MAAM,EAAE,EAC5B,EACF,GAAGb;QAEJ,IAAI,CAACA,KAAKE,GAAG,CAACY,IAAI,EAAE;YAClB,MAAM,IAAIvB,UAAUS,KAAKE,GAAG,CAACa,CAAC;QAChC;QAEA,MAAMC,YAAY3B,IAAI4B,KAAK,CAACjB,KAAKE,GAAG,CAACb,GAAG;QACxC,MAAM6B,YAAYF,UAAUG,QAAQ,KAAKf,OAAOgB,MAAM,CAACC,OAAO;QAE9D,IAAIP,OAAO,MAAMZ,IAAIU,OAAO,CAACU,EAAE,CAACC,OAAO,CAAM;YAC3CpB,YAAYQ,iBAAiBa,IAAI;YACjCtB;YACAuB,OAAO;gBAAEC,IAAI;oBAAEC,QAAQ3B,KAAKE,GAAG,CAACY,IAAI,CAACY,EAAE;gBAAC;YAAE;QAC5C;QAEA,MAAME,MAAM5B,KAAKE,GAAG,CAACY,IAAI,CAACe,IAAI;QAE9B,IAAIlB,iBAAiBmB,IAAI,CAACC,WAAW,IAAI,CAACpB,iBAAiBmB,IAAI,CAACE,oBAAoB,EAAE;YACpF,IAAI,CAACC,MAAMC,OAAO,CAACpB,KAAKqB,QAAQ,KAAK,CAACP,KAAK;gBACzC,MAAM,IAAIrC,UAAUS,KAAKE,GAAG,CAACa,CAAC;YAChC;YAEA,MAAMqB,kBAAkBtB,KAAKqB,QAAQ,CAACE,IAAI,CAAC,CAAC,EAAEX,EAAE,EAAkB,GAAKA,OAAOE;YAE9E,MAAMU,MAAM,IAAIC;YAChB,MAAMC,eAAe7B,iBAAiBmB,IAAI,CAACW,eAAe,GAAG;YAC7DL,gBAAgBM,SAAS,GAAG,IAAIH,KAAKD,IAAIK,OAAO,KAAKH;YAErD,MAAMtC,IAAIU,OAAO,CAACU,EAAE,CAACsB,SAAS,CAAC;gBAC7BlB,IAAIZ,KAAKY,EAAE;gBACXvB,YAAYQ,iBAAiBa,IAAI;gBACjCqB,MAAM;oBACJ,GAAG/B,IAAI;oBACPqB,UAAUtC,sBAAsBiB,KAAKqB,QAAQ;gBAC/C;gBACAjC;gBACA4C,WAAW;YACb;QACF;QAEAhC,OAAO,MAAMZ,IAAIU,OAAO,CAACmC,QAAQ,CAAC;YAChCrB,IAAIZ,KAAKY,EAAE;YACXvB,YAAYQ,iBAAiBa,IAAI;YACjCwB,OAAO9B,YAAY,IAAIlB,KAAKG,UAAU,CAACC,MAAM,CAAC0B,IAAI,CAACkB,KAAK;YACxD9C,KAAKF,KAAKE,GAAG;QACf;QAEA,IAAIY,MAAM;YACRA,KAAKX,UAAU,GAAGH,KAAKE,GAAG,CAACY,IAAI,CAACX,UAAU;YAC1CW,KAAKmC,SAAS,GAAGjD,KAAKE,GAAG,CAACY,IAAI,CAACmC,SAAS;QAC1C;QAEA,IAAIC;QAEJ,wCAAwC;QACxC,4BAA4B;QAC5B,wCAAwC;QAExC,KAAK,MAAMC,eAAenD,KAAKG,UAAU,CAACC,MAAM,CAACC,KAAK,CAAC+C,OAAO,CAAE;YAC9D,MAAMC,aAAa,MAAMF,YAAY;gBAAEnD;gBAAMc;YAAK;YAElD,IAAIuC,YAAY;gBACdH,SAASG;gBACT;YACF;QACF;QAEA,IAAI,CAACH,QAAQ;YACX,MAAMI,eAAe3D,gBAAgB;gBACnCgB;gBACA4C,OAAOzC,MAAMyC;gBACb3B;gBACAd,MAAMd,MAAME,KAAKY;YACnB;YAEA,MAAM,EAAE0C,GAAG,EAAEC,OAAOC,cAAc,EAAE,GAAG,MAAM9D,QAAQ;gBACnD0D;gBACAzC;gBACA4B,iBAAiB9B,iBAAiBmB,IAAI,CAACW,eAAe;YACxD;YAEAS,SAAS;gBACPM;gBACAE;gBACAC,WAAW;gBACX;;;;;SAKC,GACDC,UAAU5D,KAAKE,GAAG,CAACY,IAAI,CAACmC,SAAS;gBACjCnC;YACF;QACF;QAEA,wCAAwC;QACxC,6BAA6B;QAC7B,wCAAwC;QAExC,IAAIH,iBAAiBN,KAAK,EAAEwD,cAActD,QAAQ;YAChD,KAAK,MAAMC,QAAQG,iBAAiBN,KAAK,CAACwD,YAAY,CAAE;gBACtDX,SACE,AAAC,MAAM1C,KAAK;oBACVL,YAAYH,KAAKG,UAAU,EAAEC;oBAC7BK,SAAST,KAAKE,GAAG,CAACO,OAAO;oBACzB+C,KAAKN,OAAOM,GAAG;oBACftD,KAAKF,KAAKE,GAAG;oBACbuD,OAAOP,OAAOQ,cAAc;gBAC9B,MAAOR;YACX;QACF;QAEA,wCAAwC;QACxC,8BAA8B;QAC9B,wCAAwC;QAExCA,SAAS,MAAM5D,oBAAoB;YACjCU;YACAG,YAAYH,KAAKG,UAAU,EAAEC;YAC7BM,WAAW;YACXwC;QACF;QAEA,wCAAwC;QACxC,iBAAiB;QACjB,wCAAwC;QAExC,IAAIjD,cAAc;YAChB,MAAMT,kBAAkBU;QAC1B;QAEA,OAAOgD;IACT,EAAE,OAAOY,OAAgB;QACvB,MAAMpE,gBAAgBM,KAAKE,GAAG;QAC9B,MAAM4D;IACR;AACF,EAAC"}
package/dist/auth/strategies/local/incrementLoginAttempts.d.ts CHANGED
@@ -1,12 +1,12 @@
1
- import type { SanitizedCollectionConfig, TypeWithID } from '../../../collections/config/types.js';
2
- import type { Payload } from '../../../index.js';
1
+ import type { SanitizedCollectionConfig } from '../../../collections/config/types.js';
3
2
  import type { PayloadRequest } from '../../../types/index.js';
3
+ import { type Payload, type TypedUser } from '../../../index.js';
4
4
  type Args = {
5
5
  collection: SanitizedCollectionConfig;
6
- doc: Record<string, unknown> & TypeWithID;
7
6
  payload: Payload;
8
7
  req: PayloadRequest;
8
+ user: TypedUser;
9
9
  };
10
- export declare const incrementLoginAttempts: ({ collection, doc, payload, req, }: Args) => Promise<void>;
10
+ export declare const incrementLoginAttempts: ({ collection, payload, req, user, }: Args) => Promise<void>;
11
11
  export {};
12
12
  //# sourceMappingURL=incrementLoginAttempts.d.ts.map
package/dist/auth/strategies/local/incrementLoginAttempts.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"incrementLoginAttempts.d.ts","sourceRoot":"","sources":["../../../../src/auth/strategies/local/incrementLoginAttempts.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,yBAAyB,EAAE,UAAU,EAAE,MAAM,sCAAsC,CAAA;AACjG,OAAO,KAAK,EAAc,OAAO,EAAE,MAAM,mBAAmB,CAAA;AAC5D,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAA;AAE7D,KAAK,IAAI,GAAG;IACV,UAAU,EAAE,yBAAyB,CAAA;IACrC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,UAAU,CAAA;IACzC,OAAO,EAAE,OAAO,CAAA;IAChB,GAAG,EAAE,cAAc,CAAA;CACpB,CAAA;AAED,eAAO,MAAM,sBAAsB,uCAKhC,IAAI,KAAG,OAAO,CAAC,IAAI,CA0CrB,CAAA"}
1
+ {"version":3,"file":"incrementLoginAttempts.d.ts","sourceRoot":"","sources":["../../../../src/auth/strategies/local/incrementLoginAttempts.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,yBAAyB,EAAE,MAAM,sCAAsC,CAAA;AACrF,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAA;AAE7D,OAAO,EAAmB,KAAK,OAAO,EAAE,KAAK,SAAS,EAAE,MAAM,mBAAmB,CAAA;AAGjF,KAAK,IAAI,GAAG;IACV,UAAU,EAAE,yBAAyB,CAAA;IACrC,OAAO,EAAE,OAAO,CAAA;IAChB,GAAG,EAAE,cAAc,CAAA;IACnB,IAAI,EAAE,SAAS,CAAA;CAChB,CAAA;AAID,eAAO,MAAM,sBAAsB,wCAKhC,IAAI,KAAG,OAAO,CAAC,IAAI,CAqIrB,CAAA"}