payload 3.53.0 → 3.54.0-internal.84621da

package/dist/admin/forms/Form.d.ts

@@ -8,6 +8,7 @@ export type Data = {
     [key: string]: any;
 };
 export type Row = {
+    addedByServer?: FieldState['addedByServer'];
     blockType?: string;
     collapsed?: boolean;
     customComponents?: {

package/dist/admin/forms/Form.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"Form.d.ts","sourceRoot":"","sources":["../../../src/admin/forms/Form.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,kBAAkB,EAAE,MAAM,0BAA0B,CAAA;AAElE,OAAO,KAAK,EAAE,4BAA4B,EAAE,MAAM,qBAAqB,CAAA;AACvE,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,8BAA8B,CAAA;AAC3E,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAA;AACjD,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAA;AACrE,OAAO,KAAK,EAAE,cAAc,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,sBAAsB,CAAA;AAE7E,MAAM,MAAM,IAAI,GAAG;IACjB,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAA;CACnB,CAAA;AAED,MAAM,MAAM,GAAG,GAAG;IAChB,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,SAAS,CAAC,EAAE,OAAO,CAAA;IACnB,gBAAgB,CAAC,EAAE;QACjB,QAAQ,CAAC,EAAE,KAAK,CAAC,SAAS,CAAA;KAC3B,CAAA;IACD,EAAE,EAAE,MAAM,CAAA;IACV,SAAS,CAAC,EAAE,OAAO,CAAA;IACnB,gBAAgB,CAAC,EAAE,MAAM,CAAA;CAC1B,CAAA;AAED,MAAM,MAAM,mBAAmB,GAAG;IAChC,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,GAAG,KAAK,CAAA;CACpC,CAAA;AAED,MAAM,MAAM,UAAU,GAAG;IACvB;;;;;OAKG;IACH,aAAa,CAAC,EAAE,OAAO,CAAA;IACvB,gBAAgB,CAAC,EAAE;QACjB;;;WAGG;QACH,CAAC,GAAG,EAAE,MAAM,GAAG,KAAK,CAAC,SAAS,GAAG,KAAK,CAAC,SAAS,EAAE,GAAG,SAAS,CAAA;QAC9D,UAAU,CAAC,EAAE,KAAK,CAAC,SAAS,CAAA;QAC5B,WAAW,CAAC,EAAE,KAAK,CAAC,SAAS,CAAA;QAC7B,WAAW,CAAC,EAAE,KAAK,CAAC,SAAS,CAAA;QAC7B,KAAK,CAAC,EAAE,KAAK,CAAC,SAAS,CAAA;QACvB,KAAK,CAAC,EAAE,KAAK,CAAC,SAAS,CAAA;QACvB,KAAK,CAAC,EAAE,KAAK,CAAC,SAAS,CAAA;KACxB,CAAA;IACD,eAAe,CAAC,EAAE,OAAO,CAAA;IACzB,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAA;IACrB;;;OAGG;IACH,WAAW,CAAC,EAAE,KAAK,CAAA;IACnB,aAAa,CAAC,EAAE,mBAAmB,CAAA;IACnC,YAAY,CAAC,EAAE,OAAO,CAAA;IACtB;;;;OAIG;IACH,UAAU,CAAC,EAAE,OAAO,CAAA;IACpB;;;;;;;OAOG;IACH,gBAAgB,CAAC,EAAE,MAAM,CAAA;IACzB,eAAe,CAAC,EAAE,OAAO,CAAA;IACzB,IAAI,CAAC,EAAE,GAAG,EAAE,CAAA;IACZ;;OAEG;IACH,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAA;IAC9B,KAAK,CAAC,EAAE,OAAO,CAAA;IACf,QAAQ,CAAC,EAAE,QAAQ,CAAA;IACnB,KAAK,CAAC,EAAE,OAAO,CAAA;CAChB,CAAA;AAED,MAAM,MAAM,2BAA2B,GAAG,IAAI,CAAC,UAAU,EAAE,kBAAkB,CAAC,CAAA;AAE9E,MAAM,MAAM,SAAS,GAAG;IACtB,CAAC,IAAI,EAAE,MAAM,GAAG,UAAU,CAAA;CAC3B,CAAA;AAED,MAAM,MAAM,0BAA0B,GAAG;IACvC,CAAC,IAAI,EAAE,MAAM,GAAG,2BAA2B,CAAA;CAC5C,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG;IAC/B,IAAI,CAAC,EAAE,IAAI,CAAA;IACX,cAAc,EAAE,4BAA4B,GAAG,SAAS,CAAA;IACxD,cAAc,EAAE,mBAAmB,CAAA;IACnC;;;OAGG;IACH,iBAAiB,CAAC,EAAE,SAAS,CAAA;IAC7B,cAAc,CAAC,EAAE,KAAK,GAAG,WAAW,CAAA;IACpC,SAAS,CAAC,EAAE,SAAS,CAAA;IACrB,EAAE,CAAC,EAAE,MAAM,GAAG,MAAM,CAAA;IACpB,gBAAgB,CAAC,EAAE,IAAI,CAAA;IACvB,qBAAqB,CAAC,EAAE,SAAS,CAAA;IAIjC,QAAQ,CAAC,EAAE,MAAM,kBAAkB,CAAA;IACnC,MAAM,CAAC,EAAE,MAAM,CAAA;IACf;;;;;OAKG;IACH,QAAQ,CAAC,EAAE,OAAO,CAAA;IAClB,SAAS,CAAC,EAAE,QAAQ,GAAG,QAAQ,CAAA;IAC/B,QAAQ,CAAC,EAAE,OAAO,CAAA;IAClB;;;;OAIG;IACH,eAAe,CAAC,EAAE,OAAO,CAAA;IACzB,GAAG,EAAE,cAAc,CAAA;IACnB,gBAAgB,CAAC,EAAE,OAAO,CAAA;IAC1B,UAAU,EAAE,MAAM,CAAA;IAClB,MAAM,CAAC,EAAE,UAAU,CAAA;IACnB,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,gBAAgB,CAAC,EAAE,OAAO,CAAA;CAC3B,GAAG,CACA;IACE,cAAc,EAAE,MAAM,CAAA;IAGtB,UAAU,CAAC,EAAE,MAAM,CAAA;CACpB,GACD;IACE,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,UAAU,EAAE,MAAM,CAAA;CACnB,CACJ,CAAA"}
+{"version":3,"file":"Form.d.ts","sourceRoot":"","sources":["../../../src/admin/forms/Form.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,kBAAkB,EAAE,MAAM,0BAA0B,CAAA;AAElE,OAAO,KAAK,EAAE,4BAA4B,EAAE,MAAM,qBAAqB,CAAA;AACvE,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,8BAA8B,CAAA;AAC3E,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAA;AACjD,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAA;AACrE,OAAO,KAAK,EAAE,cAAc,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,sBAAsB,CAAA;AAE7E,MAAM,MAAM,IAAI,GAAG;IACjB,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAA;CACnB,CAAA;AAED,MAAM,MAAM,GAAG,GAAG;IAChB,aAAa,CAAC,EAAE,UAAU,CAAC,eAAe,CAAC,CAAA;IAC3C,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,SAAS,CAAC,EAAE,OAAO,CAAA;IACnB,gBAAgB,CAAC,EAAE;QACjB,QAAQ,CAAC,EAAE,KAAK,CAAC,SAAS,CAAA;KAC3B,CAAA;IACD,EAAE,EAAE,MAAM,CAAA;IACV,SAAS,CAAC,EAAE,OAAO,CAAA;IACnB,gBAAgB,CAAC,EAAE,MAAM,CAAA;CAC1B,CAAA;AAED,MAAM,MAAM,mBAAmB,GAAG;IAChC,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,GAAG,KAAK,CAAA;CACpC,CAAA;AAED,MAAM,MAAM,UAAU,GAAG;IACvB;;;;;OAKG;IACH,aAAa,CAAC,EAAE,OAAO,CAAA;IACvB,gBAAgB,CAAC,EAAE;QACjB;;;WAGG;QACH,CAAC,GAAG,EAAE,MAAM,GAAG,KAAK,CAAC,SAAS,GAAG,KAAK,CAAC,SAAS,EAAE,GAAG,SAAS,CAAA;QAC9D,UAAU,CAAC,EAAE,KAAK,CAAC,SAAS,CAAA;QAC5B,WAAW,CAAC,EAAE,KAAK,CAAC,SAAS,CAAA;QAC7B,WAAW,CAAC,EAAE,KAAK,CAAC,SAAS,CAAA;QAC7B,KAAK,CAAC,EAAE,KAAK,CAAC,SAAS,CAAA;QACvB,KAAK,CAAC,EAAE,KAAK,CAAC,SAAS,CAAA;QACvB,KAAK,CAAC,EAAE,KAAK,CAAC,SAAS,CAAA;KACxB,CAAA;IACD,eAAe,CAAC,EAAE,OAAO,CAAA;IACzB,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAA;IACrB;;;OAGG;IACH,WAAW,CAAC,EAAE,KAAK,CAAA;IACnB,aAAa,CAAC,EAAE,mBAAmB,CAAA;IACnC,YAAY,CAAC,EAAE,OAAO,CAAA;IACtB;;;;OAIG;IACH,UAAU,CAAC,EAAE,OAAO,CAAA;IACpB;;;;;;;OAOG;IACH,gBAAgB,CAAC,EAAE,MAAM,CAAA;IACzB,eAAe,CAAC,EAAE,OAAO,CAAA;IACzB,IAAI,CAAC,EAAE,GAAG,EAAE,CAAA;IACZ;;OAEG;IACH,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAA;IAC9B,KAAK,CAAC,EAAE,OAAO,CAAA;IACf,QAAQ,CAAC,EAAE,QAAQ,CAAA;IACnB,KAAK,CAAC,EAAE,OAAO,CAAA;CAChB,CAAA;AAED,MAAM,MAAM,2BAA2B,GAAG,IAAI,CAAC,UAAU,EAAE,kBAAkB,CAAC,CAAA;AAE9E,MAAM,MAAM,SAAS,GAAG;IACtB,CAAC,IAAI,EAAE,MAAM,GAAG,UAAU,CAAA;CAC3B,CAAA;AAED,MAAM,MAAM,0BAA0B,GAAG;IACvC,CAAC,IAAI,EAAE,MAAM,GAAG,2BAA2B,CAAA;CAC5C,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG;IAC/B,IAAI,CAAC,EAAE,IAAI,CAAA;IACX,cAAc,EAAE,4BAA4B,GAAG,SAAS,CAAA;IACxD,cAAc,EAAE,mBAAmB,CAAA;IACnC;;;OAGG;IACH,iBAAiB,CAAC,EAAE,SAAS,CAAA;IAC7B,cAAc,CAAC,EAAE,KAAK,GAAG,WAAW,CAAA;IACpC,SAAS,CAAC,EAAE,SAAS,CAAA;IACrB,EAAE,CAAC,EAAE,MAAM,GAAG,MAAM,CAAA;IACpB,gBAAgB,CAAC,EAAE,IAAI,CAAA;IACvB,qBAAqB,CAAC,EAAE,SAAS,CAAA;IAIjC,QAAQ,CAAC,EAAE,MAAM,kBAAkB,CAAA;IACnC,MAAM,CAAC,EAAE,MAAM,CAAA;IACf;;;;;OAKG;IACH,QAAQ,CAAC,EAAE,OAAO,CAAA;IAClB,SAAS,CAAC,EAAE,QAAQ,GAAG,QAAQ,CAAA;IAC/B,QAAQ,CAAC,EAAE,OAAO,CAAA;IAClB;;;;OAIG;IACH,eAAe,CAAC,EAAE,OAAO,CAAA;IACzB,GAAG,EAAE,cAAc,CAAA;IACnB,gBAAgB,CAAC,EAAE,OAAO,CAAA;IAC1B,UAAU,EAAE,MAAM,CAAA;IAClB,MAAM,CAAC,EAAE,UAAU,CAAA;IACnB,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,gBAAgB,CAAC,EAAE,OAAO,CAAA;CAC3B,GAAG,CACA;IACE,cAAc,EAAE,MAAM,CAAA;IAGtB,UAAU,CAAC,EAAE,MAAM,CAAA;CACpB,GACD;IACE,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,UAAU,EAAE,MAAM,CAAA;CACnB,CACJ,CAAA"}

package/dist/admin/forms/Form.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/admin/forms/Form.ts"],"sourcesContent":["import { type SupportedLanguages } from '@payloadcms/translations'\n\nimport type { SanitizedDocumentPermissions } from '../../auth/types.js'\nimport type { Field, Option, Validate } from '../../fields/config/types.js'\nimport type { TypedLocale } from '../../index.js'\nimport type { DocumentPreferences } from '../../preferences/types.js'\nimport type { PayloadRequest, SelectType, Where } from '../../types/index.js'\n\nexport type Data = {\n  [key: string]: any\n}\n\nexport type Row = {\n  blockType?: string\n  collapsed?: boolean\n  customComponents?: {\n    RowLabel?: React.ReactNode\n  }\n  id: string\n  isLoading?: boolean\n  lastRenderedPath?: string\n}\n\nexport type FilterOptionsResult = {\n  [relation: string]: boolean | Where\n}\n\nexport type FieldState = {\n  /**\n   * This is used to determine if the field was added by the server.\n   * This ensures the field is not ignored by the client when merging form state.\n   * This can happen because the current local state is treated as the source of truth.\n   * See `mergeServerFormState` for more details.\n   */\n  addedByServer?: boolean\n  customComponents?: {\n    /**\n     * This is used by UI fields, as they can have arbitrary components defined if used\n     * as a vessel to bring in custom components.\n     */\n    [key: string]: React.ReactNode | React.ReactNode[] | undefined\n    AfterInput?: React.ReactNode\n    BeforeInput?: React.ReactNode\n    Description?: React.ReactNode\n    Error?: React.ReactNode\n    Field?: React.ReactNode\n    Label?: React.ReactNode\n  }\n  disableFormData?: boolean\n  errorMessage?: string\n  errorPaths?: string[]\n  /**\n   * The fieldSchema may be part of the form state if `includeSchema: true` is passed to buildFormState.\n   * This will never be in the form state of the client.\n   */\n  fieldSchema?: Field\n  filterOptions?: FilterOptionsResult\n  initialValue?: unknown\n  /**\n   * @experimental - Note: this property is experimental and may change in the future. Use at your own discretion.\n   * Every time a field is changed locally, this flag is set to true. Prevents form state from server from overwriting local changes.\n   * After merging server form state, this flag is reset.\n   */\n  isModified?: boolean\n  /**\n   * The path of the field when its custom components were last rendered.\n   * This is used to denote if a field has been rendered, and if so,\n   * what path it was rendered under last.\n   *\n   * If this path is undefined, or, if it is different\n   * from the current path of a given field, the field's components will be re-rendered.\n   */\n  lastRenderedPath?: string\n  passesCondition?: boolean\n  rows?: Row[]\n  /**\n   * The result of running `field.filterOptions` on select fields.\n   */\n  selectFilterOptions?: Option[]\n  valid?: boolean\n  validate?: Validate\n  value?: unknown\n}\n\nexport type FieldStateWithoutComponents = Omit<FieldState, 'customComponents'>\n\nexport type FormState = {\n  [path: string]: FieldState\n}\n\nexport type FormStateWithoutComponents = {\n  [path: string]: FieldStateWithoutComponents\n}\n\nexport type BuildFormStateArgs = {\n  data?: Data\n  docPermissions: SanitizedDocumentPermissions | undefined\n  docPreferences: DocumentPreferences\n  /**\n   * In case `formState` is not the top-level, document form state, this can be passed to\n   * provide the top-level form state.\n   */\n  documentFormState?: FormState\n  fallbackLocale?: false | TypedLocale\n  formState?: FormState\n  id?: number | string\n  initialBlockData?: Data\n  initialBlockFormState?: FormState\n  /*\n    If not i18n was passed, the language can be passed to init i18n\n  */\n  language?: keyof SupportedLanguages\n  locale?: string\n  /**\n   * If true, will not render RSCs and instead return a simple string in their place.\n   * This is useful for environments that lack RSC support, such as Jest.\n   * Form state can still be built, but any server components will be omitted.\n   * @default false\n   */\n  mockRSCs?: boolean\n  operation?: 'create' | 'update'\n  readOnly?: boolean\n  /**\n   * If true, will render field components within their state object.\n   * Performance optimization: Setting to `false` ensures that only fields that have changed paths will re-render, e.g. new array rows, etc.\n   * For example, you only need to render ALL fields on initial render, not on every onChange.\n   */\n  renderAllFields?: boolean\n  req: PayloadRequest\n  returnLockStatus?: boolean\n  schemaPath: string\n  select?: SelectType\n  skipValidation?: boolean\n  updateLastEdited?: boolean\n} & (\n  | {\n      collectionSlug: string\n      // Do not type it as never. This still makes it so that either collectionSlug or globalSlug is required, but makes it easier to provide both collectionSlug and globalSlug if it's\n      // unclear which one is actually available.\n      globalSlug?: string\n    }\n  | {\n      collectionSlug?: string\n      globalSlug: string\n    }\n)\n"],"names":[],"mappings":"AA8FA,WAmDC"}
+{"version":3,"sources":["../../../src/admin/forms/Form.ts"],"sourcesContent":["import { type SupportedLanguages } from '@payloadcms/translations'\n\nimport type { SanitizedDocumentPermissions } from '../../auth/types.js'\nimport type { Field, Option, Validate } from '../../fields/config/types.js'\nimport type { TypedLocale } from '../../index.js'\nimport type { DocumentPreferences } from '../../preferences/types.js'\nimport type { PayloadRequest, SelectType, Where } from '../../types/index.js'\n\nexport type Data = {\n  [key: string]: any\n}\n\nexport type Row = {\n  addedByServer?: FieldState['addedByServer']\n  blockType?: string\n  collapsed?: boolean\n  customComponents?: {\n    RowLabel?: React.ReactNode\n  }\n  id: string\n  isLoading?: boolean\n  lastRenderedPath?: string\n}\n\nexport type FilterOptionsResult = {\n  [relation: string]: boolean | Where\n}\n\nexport type FieldState = {\n  /**\n   * This is used to determine if the field was added by the server.\n   * This ensures the field is not ignored by the client when merging form state.\n   * This can happen because the current local state is treated as the source of truth.\n   * See `mergeServerFormState` for more details.\n   */\n  addedByServer?: boolean\n  customComponents?: {\n    /**\n     * This is used by UI fields, as they can have arbitrary components defined if used\n     * as a vessel to bring in custom components.\n     */\n    [key: string]: React.ReactNode | React.ReactNode[] | undefined\n    AfterInput?: React.ReactNode\n    BeforeInput?: React.ReactNode\n    Description?: React.ReactNode\n    Error?: React.ReactNode\n    Field?: React.ReactNode\n    Label?: React.ReactNode\n  }\n  disableFormData?: boolean\n  errorMessage?: string\n  errorPaths?: string[]\n  /**\n   * The fieldSchema may be part of the form state if `includeSchema: true` is passed to buildFormState.\n   * This will never be in the form state of the client.\n   */\n  fieldSchema?: Field\n  filterOptions?: FilterOptionsResult\n  initialValue?: unknown\n  /**\n   * @experimental - Note: this property is experimental and may change in the future. Use at your own discretion.\n   * Every time a field is changed locally, this flag is set to true. Prevents form state from server from overwriting local changes.\n   * After merging server form state, this flag is reset.\n   */\n  isModified?: boolean\n  /**\n   * The path of the field when its custom components were last rendered.\n   * This is used to denote if a field has been rendered, and if so,\n   * what path it was rendered under last.\n   *\n   * If this path is undefined, or, if it is different\n   * from the current path of a given field, the field's components will be re-rendered.\n   */\n  lastRenderedPath?: string\n  passesCondition?: boolean\n  rows?: Row[]\n  /**\n   * The result of running `field.filterOptions` on select fields.\n   */\n  selectFilterOptions?: Option[]\n  valid?: boolean\n  validate?: Validate\n  value?: unknown\n}\n\nexport type FieldStateWithoutComponents = Omit<FieldState, 'customComponents'>\n\nexport type FormState = {\n  [path: string]: FieldState\n}\n\nexport type FormStateWithoutComponents = {\n  [path: string]: FieldStateWithoutComponents\n}\n\nexport type BuildFormStateArgs = {\n  data?: Data\n  docPermissions: SanitizedDocumentPermissions | undefined\n  docPreferences: DocumentPreferences\n  /**\n   * In case `formState` is not the top-level, document form state, this can be passed to\n   * provide the top-level form state.\n   */\n  documentFormState?: FormState\n  fallbackLocale?: false | TypedLocale\n  formState?: FormState\n  id?: number | string\n  initialBlockData?: Data\n  initialBlockFormState?: FormState\n  /*\n    If not i18n was passed, the language can be passed to init i18n\n  */\n  language?: keyof SupportedLanguages\n  locale?: string\n  /**\n   * If true, will not render RSCs and instead return a simple string in their place.\n   * This is useful for environments that lack RSC support, such as Jest.\n   * Form state can still be built, but any server components will be omitted.\n   * @default false\n   */\n  mockRSCs?: boolean\n  operation?: 'create' | 'update'\n  readOnly?: boolean\n  /**\n   * If true, will render field components within their state object.\n   * Performance optimization: Setting to `false` ensures that only fields that have changed paths will re-render, e.g. new array rows, etc.\n   * For example, you only need to render ALL fields on initial render, not on every onChange.\n   */\n  renderAllFields?: boolean\n  req: PayloadRequest\n  returnLockStatus?: boolean\n  schemaPath: string\n  select?: SelectType\n  skipValidation?: boolean\n  updateLastEdited?: boolean\n} & (\n  | {\n      collectionSlug: string\n      // Do not type it as never. This still makes it so that either collectionSlug or globalSlug is required, but makes it easier to provide both collectionSlug and globalSlug if it's\n      // unclear which one is actually available.\n      globalSlug?: string\n    }\n  | {\n      collectionSlug?: string\n      globalSlug: string\n    }\n)\n"],"names":[],"mappings":"AA+FA,WAmDC"}

package/dist/auth/operations/logout.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"logout.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/logout.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,mCAAmC,CAAA;AACnE,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAK1D,MAAM,MAAM,SAAS,GAAG;IACtB,WAAW,CAAC,EAAE,OAAO,CAAA;IACrB,UAAU,EAAE,UAAU,CAAA;IACtB,GAAG,EAAE,cAAc,CAAA;CACpB,CAAA;AAED,eAAO,MAAM,eAAe,iBAAwB,SAAS,KAAG,OAAO,CAAC,OAAO,CAsE9E,CAAA"}
+{"version":3,"file":"logout.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/logout.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,mCAAmC,CAAA;AACnE,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAK1D,MAAM,MAAM,SAAS,GAAG;IACtB,WAAW,CAAC,EAAE,OAAO,CAAA;IACrB,UAAU,EAAE,UAAU,CAAA;IACtB,GAAG,EAAE,cAAc,CAAA;CACpB,CAAA;AAED,eAAO,MAAM,eAAe,iBAAwB,SAAS,KAAG,OAAO,CAAC,OAAO,CAyE9E,CAAA"}

package/dist/auth/operations/logout.js

@@ -43,6 +43,9 @@ export const logoutOperation = async (incomingArgs)=>{
             const sessionsAfterLogout = (userWithSessions?.sessions || []).filter((s)=>s.id !== req?.user?._sid);
             userWithSessions.sessions = sessionsAfterLogout;
         }
+        // Ensure updatedAt date is always updated
+        ;
+        userWithSessions.updatedAt = new Date().toISOString();
         await req.payload.db.updateOne({
             id: user.id,
             collection: collectionConfig.slug,

package/dist/auth/operations/logout.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/auth/operations/logout.ts"],"sourcesContent":["import { status as httpStatus } from 'http-status'\n\nimport type { Collection } from '../../collections/config/types.js'\nimport type { PayloadRequest } from '../../types/index.js'\n\nimport { APIError } from '../../errors/index.js'\nimport { appendNonTrashedFilter } from '../../utilities/appendNonTrashedFilter.js'\n\nexport type Arguments = {\n  allSessions?: boolean\n  collection: Collection\n  req: PayloadRequest\n}\n\nexport const logoutOperation = async (incomingArgs: Arguments): Promise<boolean> => {\n  let args = incomingArgs\n  const {\n    allSessions,\n    collection: { config: collectionConfig },\n    req: { user },\n    req,\n  } = incomingArgs\n\n  if (!user) {\n    throw new APIError('No User', httpStatus.BAD_REQUEST)\n  }\n  if (user.collection !== collectionConfig.slug) {\n    throw new APIError('Incorrect collection', httpStatus.FORBIDDEN)\n  }\n\n  if (collectionConfig.hooks?.afterLogout?.length) {\n    for (const hook of collectionConfig.hooks.afterLogout) {\n      args =\n        (await hook({\n          collection: args.collection?.config,\n          context: req.context,\n          req,\n        })) || args\n    }\n  }\n\n  if (collectionConfig.auth.disableLocalStrategy !== true && collectionConfig.auth.useSessions) {\n    const where = appendNonTrashedFilter({\n      enableTrash: Boolean(collectionConfig.trash),\n      trash: false,\n      where: {\n        id: {\n          equals: user.id,\n        },\n      },\n    })\n\n    const userWithSessions = await req.payload.db.findOne<{\n      id: number | string\n      sessions: { id: string }[]\n    }>({\n      collection: collectionConfig.slug,\n      req,\n      where,\n    })\n\n    if (!userWithSessions) {\n      throw new APIError('No User', httpStatus.BAD_REQUEST)\n    }\n\n    if (allSessions) {\n      userWithSessions.sessions = []\n    } else {\n      const sessionsAfterLogout = (userWithSessions?.sessions || []).filter(\n        (s) => s.id !== req?.user?._sid,\n      )\n\n      userWithSessions.sessions = sessionsAfterLogout\n    }\n\n    await req.payload.db.updateOne({\n      id: user.id,\n      collection: collectionConfig.slug,\n      data: userWithSessions,\n      returning: false,\n    })\n  }\n\n  return true\n}\n"],"names":["status","httpStatus","APIError","appendNonTrashedFilter","logoutOperation","incomingArgs","args","allSessions","collection","config","collectionConfig","req","user","BAD_REQUEST","slug","FORBIDDEN","hooks","afterLogout","length","hook","context","auth","disableLocalStrategy","useSessions","where","enableTrash","Boolean","trash","id","equals","userWithSessions","payload","db","findOne","sessions","sessionsAfterLogout","filter","s","_sid","updateOne","data","returning"],"mappings":"AAAA,SAASA,UAAUC,UAAU,QAAQ,cAAa;AAKlD,SAASC,QAAQ,QAAQ,wBAAuB;AAChD,SAASC,sBAAsB,QAAQ,4CAA2C;AAQlF,OAAO,MAAMC,kBAAkB,OAAOC;IACpC,IAAIC,OAAOD;IACX,MAAM,EACJE,WAAW,EACXC,YAAY,EAAEC,QAAQC,gBAAgB,EAAE,EACxCC,KAAK,EAAEC,IAAI,EAAE,EACbD,GAAG,EACJ,GAAGN;IAEJ,IAAI,CAACO,MAAM;QACT,MAAM,IAAIV,SAAS,WAAWD,WAAWY,WAAW;IACtD;IACA,IAAID,KAAKJ,UAAU,KAAKE,iBAAiBI,IAAI,EAAE;QAC7C,MAAM,IAAIZ,SAAS,wBAAwBD,WAAWc,SAAS;IACjE;IAEA,IAAIL,iBAAiBM,KAAK,EAAEC,aAAaC,QAAQ;QAC/C,KAAK,MAAMC,QAAQT,iBAAiBM,KAAK,CAACC,WAAW,CAAE;YACrDX,OACE,AAAC,MAAMa,KAAK;gBACVX,YAAYF,KAAKE,UAAU,EAAEC;gBAC7BW,SAAST,IAAIS,OAAO;gBACpBT;YACF,MAAOL;QACX;IACF;IAEA,IAAII,iBAAiBW,IAAI,CAACC,oBAAoB,KAAK,QAAQZ,iBAAiBW,IAAI,CAACE,WAAW,EAAE;QAC5F,MAAMC,QAAQrB,uBAAuB;YACnCsB,aAAaC,QAAQhB,iBAAiBiB,KAAK;YAC3CA,OAAO;YACPH,OAAO;gBACLI,IAAI;oBACFC,QAAQjB,KAAKgB,EAAE;gBACjB;YACF;QACF;QAEA,MAAME,mBAAmB,MAAMnB,IAAIoB,OAAO,CAACC,EAAE,CAACC,OAAO,CAGlD;YACDzB,YAAYE,iBAAiBI,IAAI;YACjCH;YACAa;QACF;QAEA,IAAI,CAACM,kBAAkB;YACrB,MAAM,IAAI5B,SAAS,WAAWD,WAAWY,WAAW;QACtD;QAEA,IAAIN,aAAa;YACfuB,iBAAiBI,QAAQ,GAAG,EAAE;QAChC,OAAO;YACL,MAAMC,sBAAsB,AAACL,CAAAA,kBAAkBI,YAAY,EAAE,AAAD,EAAGE,MAAM,CACnE,CAACC,IAAMA,EAAET,EAAE,KAAKjB,KAAKC,MAAM0B;YAG7BR,iBAAiBI,QAAQ,GAAGC;QAC9B;QAEA,MAAMxB,IAAIoB,OAAO,CAACC,EAAE,CAACO,SAAS,CAAC;YAC7BX,IAAIhB,KAAKgB,EAAE;YACXpB,YAAYE,iBAAiBI,IAAI;YACjC0B,MAAMV;YACNW,WAAW;QACb;IACF;IAEA,OAAO;AACT,EAAC"}
+{"version":3,"sources":["../../../src/auth/operations/logout.ts"],"sourcesContent":["import { status as httpStatus } from 'http-status'\n\nimport type { Collection } from '../../collections/config/types.js'\nimport type { PayloadRequest } from '../../types/index.js'\n\nimport { APIError } from '../../errors/index.js'\nimport { appendNonTrashedFilter } from '../../utilities/appendNonTrashedFilter.js'\n\nexport type Arguments = {\n  allSessions?: boolean\n  collection: Collection\n  req: PayloadRequest\n}\n\nexport const logoutOperation = async (incomingArgs: Arguments): Promise<boolean> => {\n  let args = incomingArgs\n  const {\n    allSessions,\n    collection: { config: collectionConfig },\n    req: { user },\n    req,\n  } = incomingArgs\n\n  if (!user) {\n    throw new APIError('No User', httpStatus.BAD_REQUEST)\n  }\n  if (user.collection !== collectionConfig.slug) {\n    throw new APIError('Incorrect collection', httpStatus.FORBIDDEN)\n  }\n\n  if (collectionConfig.hooks?.afterLogout?.length) {\n    for (const hook of collectionConfig.hooks.afterLogout) {\n      args =\n        (await hook({\n          collection: args.collection?.config,\n          context: req.context,\n          req,\n        })) || args\n    }\n  }\n\n  if (collectionConfig.auth.disableLocalStrategy !== true && collectionConfig.auth.useSessions) {\n    const where = appendNonTrashedFilter({\n      enableTrash: Boolean(collectionConfig.trash),\n      trash: false,\n      where: {\n        id: {\n          equals: user.id,\n        },\n      },\n    })\n\n    const userWithSessions = await req.payload.db.findOne<{\n      id: number | string\n      sessions: { id: string }[]\n    }>({\n      collection: collectionConfig.slug,\n      req,\n      where,\n    })\n\n    if (!userWithSessions) {\n      throw new APIError('No User', httpStatus.BAD_REQUEST)\n    }\n\n    if (allSessions) {\n      userWithSessions.sessions = []\n    } else {\n      const sessionsAfterLogout = (userWithSessions?.sessions || []).filter(\n        (s) => s.id !== req?.user?._sid,\n      )\n\n      userWithSessions.sessions = sessionsAfterLogout\n    }\n\n    // Ensure updatedAt date is always updated\n    ;(userWithSessions as any).updatedAt = new Date().toISOString()\n\n    await req.payload.db.updateOne({\n      id: user.id,\n      collection: collectionConfig.slug,\n      data: userWithSessions,\n      returning: false,\n    })\n  }\n\n  return true\n}\n"],"names":["status","httpStatus","APIError","appendNonTrashedFilter","logoutOperation","incomingArgs","args","allSessions","collection","config","collectionConfig","req","user","BAD_REQUEST","slug","FORBIDDEN","hooks","afterLogout","length","hook","context","auth","disableLocalStrategy","useSessions","where","enableTrash","Boolean","trash","id","equals","userWithSessions","payload","db","findOne","sessions","sessionsAfterLogout","filter","s","_sid","updatedAt","Date","toISOString","updateOne","data","returning"],"mappings":"AAAA,SAASA,UAAUC,UAAU,QAAQ,cAAa;AAKlD,SAASC,QAAQ,QAAQ,wBAAuB;AAChD,SAASC,sBAAsB,QAAQ,4CAA2C;AAQlF,OAAO,MAAMC,kBAAkB,OAAOC;IACpC,IAAIC,OAAOD;IACX,MAAM,EACJE,WAAW,EACXC,YAAY,EAAEC,QAAQC,gBAAgB,EAAE,EACxCC,KAAK,EAAEC,IAAI,EAAE,EACbD,GAAG,EACJ,GAAGN;IAEJ,IAAI,CAACO,MAAM;QACT,MAAM,IAAIV,SAAS,WAAWD,WAAWY,WAAW;IACtD;IACA,IAAID,KAAKJ,UAAU,KAAKE,iBAAiBI,IAAI,EAAE;QAC7C,MAAM,IAAIZ,SAAS,wBAAwBD,WAAWc,SAAS;IACjE;IAEA,IAAIL,iBAAiBM,KAAK,EAAEC,aAAaC,QAAQ;QAC/C,KAAK,MAAMC,QAAQT,iBAAiBM,KAAK,CAACC,WAAW,CAAE;YACrDX,OACE,AAAC,MAAMa,KAAK;gBACVX,YAAYF,KAAKE,UAAU,EAAEC;gBAC7BW,SAAST,IAAIS,OAAO;gBACpBT;YACF,MAAOL;QACX;IACF;IAEA,IAAII,iBAAiBW,IAAI,CAACC,oBAAoB,KAAK,QAAQZ,iBAAiBW,IAAI,CAACE,WAAW,EAAE;QAC5F,MAAMC,QAAQrB,uBAAuB;YACnCsB,aAAaC,QAAQhB,iBAAiBiB,KAAK;YAC3CA,OAAO;YACPH,OAAO;gBACLI,IAAI;oBACFC,QAAQjB,KAAKgB,EAAE;gBACjB;YACF;QACF;QAEA,MAAME,mBAAmB,MAAMnB,IAAIoB,OAAO,CAACC,EAAE,CAACC,OAAO,CAGlD;YACDzB,YAAYE,iBAAiBI,IAAI;YACjCH;YACAa;QACF;QAEA,IAAI,CAACM,kBAAkB;YACrB,MAAM,IAAI5B,SAAS,WAAWD,WAAWY,WAAW;QACtD;QAEA,IAAIN,aAAa;YACfuB,iBAAiBI,QAAQ,GAAG,EAAE;QAChC,OAAO;YACL,MAAMC,sBAAsB,AAACL,CAAAA,kBAAkBI,YAAY,EAAE,AAAD,EAAGE,MAAM,CACnE,CAACC,IAAMA,EAAET,EAAE,KAAKjB,KAAKC,MAAM0B;YAG7BR,iBAAiBI,QAAQ,GAAGC;QAC9B;QAEA,0CAA0C;;QACxCL,iBAAyBS,SAAS,GAAG,IAAIC,OAAOC,WAAW;QAE7D,MAAM9B,IAAIoB,OAAO,CAACC,EAAE,CAACU,SAAS,CAAC;YAC7Bd,IAAIhB,KAAKgB,EAAE;YACXpB,YAAYE,iBAAiBI,IAAI;YACjC6B,MAAMb;YACNc,WAAW;QACb;IACF;IAEA,OAAO;AACT,EAAC"}

package/dist/auth/operations/refresh.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"refresh.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/refresh.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,mCAAmC,CAAA;AACnE,OAAO,KAAK,EAAE,QAAQ,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAWpE,MAAM,MAAM,MAAM,GAAG;IACnB,GAAG,EAAE,MAAM,CAAA;IACX,cAAc,EAAE,MAAM,CAAA;IACtB,SAAS,CAAC,EAAE,OAAO,CAAA;IACnB;;;;;OAKG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,IAAI,EAAE,QAAQ,CAAA;CACf,CAAA;AAED,MAAM,MAAM,SAAS,GAAG;IACtB,UAAU,EAAE,UAAU,CAAA;IACtB,GAAG,EAAE,cAAc,CAAA;CACpB,CAAA;AAED,eAAO,MAAM,gBAAgB,iBAAwB,SAAS,KAAG,OAAO,CAAC,MAAM,CA0K9E,CAAA"}
+{"version":3,"file":"refresh.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/refresh.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,mCAAmC,CAAA;AACnE,OAAO,KAAK,EAAE,QAAQ,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAWpE,MAAM,MAAM,MAAM,GAAG;IACnB,GAAG,EAAE,MAAM,CAAA;IACX,cAAc,EAAE,MAAM,CAAA;IACtB,SAAS,CAAC,EAAE,OAAO,CAAA;IACnB;;;;;OAKG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,IAAI,EAAE,QAAQ,CAAA;CACf,CAAA;AAED,MAAM,MAAM,SAAS,GAAG;IACtB,UAAU,EAAE,UAAU,CAAA;IACtB,GAAG,EAAE,cAAc,CAAA;CACpB,CAAA;AAED,eAAO,MAAM,gBAAgB,iBAAwB,SAAS,KAAG,OAAO,CAAC,MAAM,CA6K9E,CAAA"}

package/dist/auth/operations/refresh.js

@@ -52,6 +52,8 @@ export const refreshOperation = async (incomingArgs)=>{
             const now = new Date();
             const tokenExpInMs = collectionConfig.auth.tokenExpiration * 1000;
             existingSession.expiresAt = new Date(now.getTime() + tokenExpInMs);
+            // Ensure updatedAt date is always updated
+            user.updatedAt = new Date().toISOString();
             await req.payload.db.updateOne({
                 id: user.id,
                 collection: collectionConfig.slug,

package/dist/auth/operations/refresh.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/auth/operations/refresh.ts"],"sourcesContent":["import url from 'url'\n\nimport type { Collection } from '../../collections/config/types.js'\nimport type { Document, PayloadRequest } from '../../types/index.js'\n\nimport { buildAfterOperation } from '../../collections/operations/utils.js'\nimport { Forbidden } from '../../errors/index.js'\nimport { commitTransaction } from '../../utilities/commitTransaction.js'\nimport { initTransaction } from '../../utilities/initTransaction.js'\nimport { killTransaction } from '../../utilities/killTransaction.js'\nimport { getFieldsToSign } from '../getFieldsToSign.js'\nimport { jwtSign } from '../jwt.js'\nimport { removeExpiredSessions } from '../sessions.js'\n\nexport type Result = {\n  exp: number\n  refreshedToken: string\n  setCookie?: boolean\n  /** @deprecated\n   * use:\n   * ```ts\n   * user._strategy\n   * ```\n   */\n  strategy?: string\n  user: Document\n}\n\nexport type Arguments = {\n  collection: Collection\n  req: PayloadRequest\n}\n\nexport const refreshOperation = async (incomingArgs: Arguments): Promise<Result> => {\n  let args = incomingArgs\n\n  try {\n    const shouldCommit = await initTransaction(args.req)\n\n    // /////////////////////////////////////\n    // beforeOperation - Collection\n    // /////////////////////////////////////\n\n    if (args.collection.config.hooks?.beforeOperation?.length) {\n      for (const hook of args.collection.config.hooks.beforeOperation) {\n        args =\n          (await hook({\n            args,\n            collection: args.collection?.config,\n            context: args.req.context,\n            operation: 'refresh',\n            req: args.req,\n          })) || args\n      }\n    }\n\n    // /////////////////////////////////////\n    // Refresh\n    // /////////////////////////////////////\n\n    const {\n      collection: { config: collectionConfig },\n      req,\n      req: {\n        payload: { config, secret },\n      },\n    } = args\n\n    if (!args.req.user) {\n      throw new Forbidden(args.req.t)\n    }\n\n    const parsedURL = url.parse(args.req.url!)\n    const isGraphQL = parsedURL.pathname === config.routes.graphQL\n\n    let user = await req.payload.db.findOne<any>({\n      collection: collectionConfig.slug,\n      req,\n      where: { id: { equals: args.req.user.id } },\n    })\n\n    const sid = args.req.user._sid\n\n    if (collectionConfig.auth.useSessions && !collectionConfig.auth.disableLocalStrategy) {\n      if (!Array.isArray(user.sessions) || !sid) {\n        throw new Forbidden(args.req.t)\n      }\n\n      const existingSession = user.sessions.find(({ id }: { id: number }) => id === sid)\n\n      const now = new Date()\n      const tokenExpInMs = collectionConfig.auth.tokenExpiration * 1000\n      existingSession.expiresAt = new Date(now.getTime() + tokenExpInMs)\n\n      await req.payload.db.updateOne({\n        id: user.id,\n        collection: collectionConfig.slug,\n        data: {\n          ...user,\n          sessions: removeExpiredSessions(user.sessions),\n        },\n        req,\n        returning: false,\n      })\n    }\n\n    user = await req.payload.findByID({\n      id: user.id,\n      collection: collectionConfig.slug,\n      depth: isGraphQL ? 0 : args.collection.config.auth.depth,\n      req: args.req,\n    })\n\n    if (user) {\n      user.collection = args.req.user.collection\n      user._strategy = args.req.user._strategy\n    }\n\n    let result!: Result\n\n    // /////////////////////////////////////\n    // refresh hook - Collection\n    // /////////////////////////////////////\n\n    for (const refreshHook of args.collection.config.hooks.refresh) {\n      const hookResult = await refreshHook({ args, user })\n\n      if (hookResult) {\n        result = hookResult\n        break\n      }\n    }\n\n    if (!result) {\n      const fieldsToSign = getFieldsToSign({\n        collectionConfig,\n        email: user?.email as string,\n        sid,\n        user: args?.req?.user,\n      })\n\n      const { exp, token: refreshedToken } = await jwtSign({\n        fieldsToSign,\n        secret,\n        tokenExpiration: collectionConfig.auth.tokenExpiration,\n      })\n\n      result = {\n        exp,\n        refreshedToken,\n        setCookie: true,\n        /** @deprecated\n         * use:\n         * ```ts\n         * user._strategy\n         * ```\n         */\n        strategy: args.req.user._strategy,\n        user,\n      }\n    }\n\n    // /////////////////////////////////////\n    // After Refresh - Collection\n    // /////////////////////////////////////\n\n    if (collectionConfig.hooks?.afterRefresh?.length) {\n      for (const hook of collectionConfig.hooks.afterRefresh) {\n        result =\n          (await hook({\n            collection: args.collection?.config,\n            context: args.req.context,\n            exp: result.exp,\n            req: args.req,\n            token: result.refreshedToken,\n          })) || result\n      }\n    }\n\n    // /////////////////////////////////////\n    // afterOperation - Collection\n    // /////////////////////////////////////\n\n    result = await buildAfterOperation({\n      args,\n      collection: args.collection?.config,\n      operation: 'refresh',\n      result,\n    })\n\n    // /////////////////////////////////////\n    // Return results\n    // /////////////////////////////////////\n\n    if (shouldCommit) {\n      await commitTransaction(req)\n    }\n\n    return result\n  } catch (error: unknown) {\n    await killTransaction(args.req)\n    throw error\n  }\n}\n"],"names":["url","buildAfterOperation","Forbidden","commitTransaction","initTransaction","killTransaction","getFieldsToSign","jwtSign","removeExpiredSessions","refreshOperation","incomingArgs","args","shouldCommit","req","collection","config","hooks","beforeOperation","length","hook","context","operation","collectionConfig","payload","secret","user","t","parsedURL","parse","isGraphQL","pathname","routes","graphQL","db","findOne","slug","where","id","equals","sid","_sid","auth","useSessions","disableLocalStrategy","Array","isArray","sessions","existingSession","find","now","Date","tokenExpInMs","tokenExpiration","expiresAt","getTime","updateOne","data","returning","findByID","depth","_strategy","result","refreshHook","refresh","hookResult","fieldsToSign","email","exp","token","refreshedToken","setCookie","strategy","afterRefresh","error"],"mappings":"AAAA,OAAOA,SAAS,MAAK;AAKrB,SAASC,mBAAmB,QAAQ,wCAAuC;AAC3E,SAASC,SAAS,QAAQ,wBAAuB;AACjD,SAASC,iBAAiB,QAAQ,uCAAsC;AACxE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,wBAAuB;AACvD,SAASC,OAAO,QAAQ,YAAW;AACnC,SAASC,qBAAqB,QAAQ,iBAAgB;AAqBtD,OAAO,MAAMC,mBAAmB,OAAOC;IACrC,IAAIC,OAAOD;IAEX,IAAI;QACF,MAAME,eAAe,MAAMR,gBAAgBO,KAAKE,GAAG;QAEnD,wCAAwC;QACxC,+BAA+B;QAC/B,wCAAwC;QAExC,IAAIF,KAAKG,UAAU,CAACC,MAAM,CAACC,KAAK,EAAEC,iBAAiBC,QAAQ;YACzD,KAAK,MAAMC,QAAQR,KAAKG,UAAU,CAACC,MAAM,CAACC,KAAK,CAACC,eAAe,CAAE;gBAC/DN,OACE,AAAC,MAAMQ,KAAK;oBACVR;oBACAG,YAAYH,KAAKG,UAAU,EAAEC;oBAC7BK,SAAST,KAAKE,GAAG,CAACO,OAAO;oBACzBC,WAAW;oBACXR,KAAKF,KAAKE,GAAG;gBACf,MAAOF;YACX;QACF;QAEA,wCAAwC;QACxC,UAAU;QACV,wCAAwC;QAExC,MAAM,EACJG,YAAY,EAAEC,QAAQO,gBAAgB,EAAE,EACxCT,GAAG,EACHA,KAAK,EACHU,SAAS,EAAER,MAAM,EAAES,MAAM,EAAE,EAC5B,EACF,GAAGb;QAEJ,IAAI,CAACA,KAAKE,GAAG,CAACY,IAAI,EAAE;YAClB,MAAM,IAAIvB,UAAUS,KAAKE,GAAG,CAACa,CAAC;QAChC;QAEA,MAAMC,YAAY3B,IAAI4B,KAAK,CAACjB,KAAKE,GAAG,CAACb,GAAG;QACxC,MAAM6B,YAAYF,UAAUG,QAAQ,KAAKf,OAAOgB,MAAM,CAACC,OAAO;QAE9D,IAAIP,OAAO,MAAMZ,IAAIU,OAAO,CAACU,EAAE,CAACC,OAAO,CAAM;YAC3CpB,YAAYQ,iBAAiBa,IAAI;YACjCtB;YACAuB,OAAO;gBAAEC,IAAI;oBAAEC,QAAQ3B,KAAKE,GAAG,CAACY,IAAI,CAACY,EAAE;gBAAC;YAAE;QAC5C;QAEA,MAAME,MAAM5B,KAAKE,GAAG,CAACY,IAAI,CAACe,IAAI;QAE9B,IAAIlB,iBAAiBmB,IAAI,CAACC,WAAW,IAAI,CAACpB,iBAAiBmB,IAAI,CAACE,oBAAoB,EAAE;YACpF,IAAI,CAACC,MAAMC,OAAO,CAACpB,KAAKqB,QAAQ,KAAK,CAACP,KAAK;gBACzC,MAAM,IAAIrC,UAAUS,KAAKE,GAAG,CAACa,CAAC;YAChC;YAEA,MAAMqB,kBAAkBtB,KAAKqB,QAAQ,CAACE,IAAI,CAAC,CAAC,EAAEX,EAAE,EAAkB,GAAKA,OAAOE;YAE9E,MAAMU,MAAM,IAAIC;YAChB,MAAMC,eAAe7B,iBAAiBmB,IAAI,CAACW,eAAe,GAAG;YAC7DL,gBAAgBM,SAAS,GAAG,IAAIH,KAAKD,IAAIK,OAAO,KAAKH;YAErD,MAAMtC,IAAIU,OAAO,CAACU,EAAE,CAACsB,SAAS,CAAC;gBAC7BlB,IAAIZ,KAAKY,EAAE;gBACXvB,YAAYQ,iBAAiBa,IAAI;gBACjCqB,MAAM;oBACJ,GAAG/B,IAAI;oBACPqB,UAAUtC,sBAAsBiB,KAAKqB,QAAQ;gBAC/C;gBACAjC;gBACA4C,WAAW;YACb;QACF;QAEAhC,OAAO,MAAMZ,IAAIU,OAAO,CAACmC,QAAQ,CAAC;YAChCrB,IAAIZ,KAAKY,EAAE;YACXvB,YAAYQ,iBAAiBa,IAAI;YACjCwB,OAAO9B,YAAY,IAAIlB,KAAKG,UAAU,CAACC,MAAM,CAAC0B,IAAI,CAACkB,KAAK;YACxD9C,KAAKF,KAAKE,GAAG;QACf;QAEA,IAAIY,MAAM;YACRA,KAAKX,UAAU,GAAGH,KAAKE,GAAG,CAACY,IAAI,CAACX,UAAU;YAC1CW,KAAKmC,SAAS,GAAGjD,KAAKE,GAAG,CAACY,IAAI,CAACmC,SAAS;QAC1C;QAEA,IAAIC;QAEJ,wCAAwC;QACxC,4BAA4B;QAC5B,wCAAwC;QAExC,KAAK,MAAMC,eAAenD,KAAKG,UAAU,CAACC,MAAM,CAACC,KAAK,CAAC+C,OAAO,CAAE;YAC9D,MAAMC,aAAa,MAAMF,YAAY;gBAAEnD;gBAAMc;YAAK;YAElD,IAAIuC,YAAY;gBACdH,SAASG;gBACT;YACF;QACF;QAEA,IAAI,CAACH,QAAQ;YACX,MAAMI,eAAe3D,gBAAgB;gBACnCgB;gBACA4C,OAAOzC,MAAMyC;gBACb3B;gBACAd,MAAMd,MAAME,KAAKY;YACnB;YAEA,MAAM,EAAE0C,GAAG,EAAEC,OAAOC,cAAc,EAAE,GAAG,MAAM9D,QAAQ;gBACnD0D;gBACAzC;gBACA4B,iBAAiB9B,iBAAiBmB,IAAI,CAACW,eAAe;YACxD;YAEAS,SAAS;gBACPM;gBACAE;gBACAC,WAAW;gBACX;;;;;SAKC,GACDC,UAAU5D,KAAKE,GAAG,CAACY,IAAI,CAACmC,SAAS;gBACjCnC;YACF;QACF;QAEA,wCAAwC;QACxC,6BAA6B;QAC7B,wCAAwC;QAExC,IAAIH,iBAAiBN,KAAK,EAAEwD,cAActD,QAAQ;YAChD,KAAK,MAAMC,QAAQG,iBAAiBN,KAAK,CAACwD,YAAY,CAAE;gBACtDX,SACE,AAAC,MAAM1C,KAAK;oBACVL,YAAYH,KAAKG,UAAU,EAAEC;oBAC7BK,SAAST,KAAKE,GAAG,CAACO,OAAO;oBACzB+C,KAAKN,OAAOM,GAAG;oBACftD,KAAKF,KAAKE,GAAG;oBACbuD,OAAOP,OAAOQ,cAAc;gBAC9B,MAAOR;YACX;QACF;QAEA,wCAAwC;QACxC,8BAA8B;QAC9B,wCAAwC;QAExCA,SAAS,MAAM5D,oBAAoB;YACjCU;YACAG,YAAYH,KAAKG,UAAU,EAAEC;YAC7BM,WAAW;YACXwC;QACF;QAEA,wCAAwC;QACxC,iBAAiB;QACjB,wCAAwC;QAExC,IAAIjD,cAAc;YAChB,MAAMT,kBAAkBU;QAC1B;QAEA,OAAOgD;IACT,EAAE,OAAOY,OAAgB;QACvB,MAAMpE,gBAAgBM,KAAKE,GAAG;QAC9B,MAAM4D;IACR;AACF,EAAC"}
+{"version":3,"sources":["../../../src/auth/operations/refresh.ts"],"sourcesContent":["import url from 'url'\n\nimport type { Collection } from '../../collections/config/types.js'\nimport type { Document, PayloadRequest } from '../../types/index.js'\n\nimport { buildAfterOperation } from '../../collections/operations/utils.js'\nimport { Forbidden } from '../../errors/index.js'\nimport { commitTransaction } from '../../utilities/commitTransaction.js'\nimport { initTransaction } from '../../utilities/initTransaction.js'\nimport { killTransaction } from '../../utilities/killTransaction.js'\nimport { getFieldsToSign } from '../getFieldsToSign.js'\nimport { jwtSign } from '../jwt.js'\nimport { removeExpiredSessions } from '../sessions.js'\n\nexport type Result = {\n  exp: number\n  refreshedToken: string\n  setCookie?: boolean\n  /** @deprecated\n   * use:\n   * ```ts\n   * user._strategy\n   * ```\n   */\n  strategy?: string\n  user: Document\n}\n\nexport type Arguments = {\n  collection: Collection\n  req: PayloadRequest\n}\n\nexport const refreshOperation = async (incomingArgs: Arguments): Promise<Result> => {\n  let args = incomingArgs\n\n  try {\n    const shouldCommit = await initTransaction(args.req)\n\n    // /////////////////////////////////////\n    // beforeOperation - Collection\n    // /////////////////////////////////////\n\n    if (args.collection.config.hooks?.beforeOperation?.length) {\n      for (const hook of args.collection.config.hooks.beforeOperation) {\n        args =\n          (await hook({\n            args,\n            collection: args.collection?.config,\n            context: args.req.context,\n            operation: 'refresh',\n            req: args.req,\n          })) || args\n      }\n    }\n\n    // /////////////////////////////////////\n    // Refresh\n    // /////////////////////////////////////\n\n    const {\n      collection: { config: collectionConfig },\n      req,\n      req: {\n        payload: { config, secret },\n      },\n    } = args\n\n    if (!args.req.user) {\n      throw new Forbidden(args.req.t)\n    }\n\n    const parsedURL = url.parse(args.req.url!)\n    const isGraphQL = parsedURL.pathname === config.routes.graphQL\n\n    let user = await req.payload.db.findOne<any>({\n      collection: collectionConfig.slug,\n      req,\n      where: { id: { equals: args.req.user.id } },\n    })\n\n    const sid = args.req.user._sid\n\n    if (collectionConfig.auth.useSessions && !collectionConfig.auth.disableLocalStrategy) {\n      if (!Array.isArray(user.sessions) || !sid) {\n        throw new Forbidden(args.req.t)\n      }\n\n      const existingSession = user.sessions.find(({ id }: { id: number }) => id === sid)\n\n      const now = new Date()\n      const tokenExpInMs = collectionConfig.auth.tokenExpiration * 1000\n      existingSession.expiresAt = new Date(now.getTime() + tokenExpInMs)\n\n      // Ensure updatedAt date is always updated\n      user.updatedAt = new Date().toISOString()\n\n      await req.payload.db.updateOne({\n        id: user.id,\n        collection: collectionConfig.slug,\n        data: {\n          ...user,\n          sessions: removeExpiredSessions(user.sessions),\n        },\n        req,\n        returning: false,\n      })\n    }\n\n    user = await req.payload.findByID({\n      id: user.id,\n      collection: collectionConfig.slug,\n      depth: isGraphQL ? 0 : args.collection.config.auth.depth,\n      req: args.req,\n    })\n\n    if (user) {\n      user.collection = args.req.user.collection\n      user._strategy = args.req.user._strategy\n    }\n\n    let result!: Result\n\n    // /////////////////////////////////////\n    // refresh hook - Collection\n    // /////////////////////////////////////\n\n    for (const refreshHook of args.collection.config.hooks.refresh) {\n      const hookResult = await refreshHook({ args, user })\n\n      if (hookResult) {\n        result = hookResult\n        break\n      }\n    }\n\n    if (!result) {\n      const fieldsToSign = getFieldsToSign({\n        collectionConfig,\n        email: user?.email as string,\n        sid,\n        user: args?.req?.user,\n      })\n\n      const { exp, token: refreshedToken } = await jwtSign({\n        fieldsToSign,\n        secret,\n        tokenExpiration: collectionConfig.auth.tokenExpiration,\n      })\n\n      result = {\n        exp,\n        refreshedToken,\n        setCookie: true,\n        /** @deprecated\n         * use:\n         * ```ts\n         * user._strategy\n         * ```\n         */\n        strategy: args.req.user._strategy,\n        user,\n      }\n    }\n\n    // /////////////////////////////////////\n    // After Refresh - Collection\n    // /////////////////////////////////////\n\n    if (collectionConfig.hooks?.afterRefresh?.length) {\n      for (const hook of collectionConfig.hooks.afterRefresh) {\n        result =\n          (await hook({\n            collection: args.collection?.config,\n            context: args.req.context,\n            exp: result.exp,\n            req: args.req,\n            token: result.refreshedToken,\n          })) || result\n      }\n    }\n\n    // /////////////////////////////////////\n    // afterOperation - Collection\n    // /////////////////////////////////////\n\n    result = await buildAfterOperation({\n      args,\n      collection: args.collection?.config,\n      operation: 'refresh',\n      result,\n    })\n\n    // /////////////////////////////////////\n    // Return results\n    // /////////////////////////////////////\n\n    if (shouldCommit) {\n      await commitTransaction(req)\n    }\n\n    return result\n  } catch (error: unknown) {\n    await killTransaction(args.req)\n    throw error\n  }\n}\n"],"names":["url","buildAfterOperation","Forbidden","commitTransaction","initTransaction","killTransaction","getFieldsToSign","jwtSign","removeExpiredSessions","refreshOperation","incomingArgs","args","shouldCommit","req","collection","config","hooks","beforeOperation","length","hook","context","operation","collectionConfig","payload","secret","user","t","parsedURL","parse","isGraphQL","pathname","routes","graphQL","db","findOne","slug","where","id","equals","sid","_sid","auth","useSessions","disableLocalStrategy","Array","isArray","sessions","existingSession","find","now","Date","tokenExpInMs","tokenExpiration","expiresAt","getTime","updatedAt","toISOString","updateOne","data","returning","findByID","depth","_strategy","result","refreshHook","refresh","hookResult","fieldsToSign","email","exp","token","refreshedToken","setCookie","strategy","afterRefresh","error"],"mappings":"AAAA,OAAOA,SAAS,MAAK;AAKrB,SAASC,mBAAmB,QAAQ,wCAAuC;AAC3E,SAASC,SAAS,QAAQ,wBAAuB;AACjD,SAASC,iBAAiB,QAAQ,uCAAsC;AACxE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,wBAAuB;AACvD,SAASC,OAAO,QAAQ,YAAW;AACnC,SAASC,qBAAqB,QAAQ,iBAAgB;AAqBtD,OAAO,MAAMC,mBAAmB,OAAOC;IACrC,IAAIC,OAAOD;IAEX,IAAI;QACF,MAAME,eAAe,MAAMR,gBAAgBO,KAAKE,GAAG;QAEnD,wCAAwC;QACxC,+BAA+B;QAC/B,wCAAwC;QAExC,IAAIF,KAAKG,UAAU,CAACC,MAAM,CAACC,KAAK,EAAEC,iBAAiBC,QAAQ;YACzD,KAAK,MAAMC,QAAQR,KAAKG,UAAU,CAACC,MAAM,CAACC,KAAK,CAACC,eAAe,CAAE;gBAC/DN,OACE,AAAC,MAAMQ,KAAK;oBACVR;oBACAG,YAAYH,KAAKG,UAAU,EAAEC;oBAC7BK,SAAST,KAAKE,GAAG,CAACO,OAAO;oBACzBC,WAAW;oBACXR,KAAKF,KAAKE,GAAG;gBACf,MAAOF;YACX;QACF;QAEA,wCAAwC;QACxC,UAAU;QACV,wCAAwC;QAExC,MAAM,EACJG,YAAY,EAAEC,QAAQO,gBAAgB,EAAE,EACxCT,GAAG,EACHA,KAAK,EACHU,SAAS,EAAER,MAAM,EAAES,MAAM,EAAE,EAC5B,EACF,GAAGb;QAEJ,IAAI,CAACA,KAAKE,GAAG,CAACY,IAAI,EAAE;YAClB,MAAM,IAAIvB,UAAUS,KAAKE,GAAG,CAACa,CAAC;QAChC;QAEA,MAAMC,YAAY3B,IAAI4B,KAAK,CAACjB,KAAKE,GAAG,CAACb,GAAG;QACxC,MAAM6B,YAAYF,UAAUG,QAAQ,KAAKf,OAAOgB,MAAM,CAACC,OAAO;QAE9D,IAAIP,OAAO,MAAMZ,IAAIU,OAAO,CAACU,EAAE,CAACC,OAAO,CAAM;YAC3CpB,YAAYQ,iBAAiBa,IAAI;YACjCtB;YACAuB,OAAO;gBAAEC,IAAI;oBAAEC,QAAQ3B,KAAKE,GAAG,CAACY,IAAI,CAACY,EAAE;gBAAC;YAAE;QAC5C;QAEA,MAAME,MAAM5B,KAAKE,GAAG,CAACY,IAAI,CAACe,IAAI;QAE9B,IAAIlB,iBAAiBmB,IAAI,CAACC,WAAW,IAAI,CAACpB,iBAAiBmB,IAAI,CAACE,oBAAoB,EAAE;YACpF,IAAI,CAACC,MAAMC,OAAO,CAACpB,KAAKqB,QAAQ,KAAK,CAACP,KAAK;gBACzC,MAAM,IAAIrC,UAAUS,KAAKE,GAAG,CAACa,CAAC;YAChC;YAEA,MAAMqB,kBAAkBtB,KAAKqB,QAAQ,CAACE,IAAI,CAAC,CAAC,EAAEX,EAAE,EAAkB,GAAKA,OAAOE;YAE9E,MAAMU,MAAM,IAAIC;YAChB,MAAMC,eAAe7B,iBAAiBmB,IAAI,CAACW,eAAe,GAAG;YAC7DL,gBAAgBM,SAAS,GAAG,IAAIH,KAAKD,IAAIK,OAAO,KAAKH;YAErD,0CAA0C;YAC1C1B,KAAK8B,SAAS,GAAG,IAAIL,OAAOM,WAAW;YAEvC,MAAM3C,IAAIU,OAAO,CAACU,EAAE,CAACwB,SAAS,CAAC;gBAC7BpB,IAAIZ,KAAKY,EAAE;gBACXvB,YAAYQ,iBAAiBa,IAAI;gBACjCuB,MAAM;oBACJ,GAAGjC,IAAI;oBACPqB,UAAUtC,sBAAsBiB,KAAKqB,QAAQ;gBAC/C;gBACAjC;gBACA8C,WAAW;YACb;QACF;QAEAlC,OAAO,MAAMZ,IAAIU,OAAO,CAACqC,QAAQ,CAAC;YAChCvB,IAAIZ,KAAKY,EAAE;YACXvB,YAAYQ,iBAAiBa,IAAI;YACjC0B,OAAOhC,YAAY,IAAIlB,KAAKG,UAAU,CAACC,MAAM,CAAC0B,IAAI,CAACoB,KAAK;YACxDhD,KAAKF,KAAKE,GAAG;QACf;QAEA,IAAIY,MAAM;YACRA,KAAKX,UAAU,GAAGH,KAAKE,GAAG,CAACY,IAAI,CAACX,UAAU;YAC1CW,KAAKqC,SAAS,GAAGnD,KAAKE,GAAG,CAACY,IAAI,CAACqC,SAAS;QAC1C;QAEA,IAAIC;QAEJ,wCAAwC;QACxC,4BAA4B;QAC5B,wCAAwC;QAExC,KAAK,MAAMC,eAAerD,KAAKG,UAAU,CAACC,MAAM,CAACC,KAAK,CAACiD,OAAO,CAAE;YAC9D,MAAMC,aAAa,MAAMF,YAAY;gBAAErD;gBAAMc;YAAK;YAElD,IAAIyC,YAAY;gBACdH,SAASG;gBACT;YACF;QACF;QAEA,IAAI,CAACH,QAAQ;YACX,MAAMI,eAAe7D,gBAAgB;gBACnCgB;gBACA8C,OAAO3C,MAAM2C;gBACb7B;gBACAd,MAAMd,MAAME,KAAKY;YACnB;YAEA,MAAM,EAAE4C,GAAG,EAAEC,OAAOC,cAAc,EAAE,GAAG,MAAMhE,QAAQ;gBACnD4D;gBACA3C;gBACA4B,iBAAiB9B,iBAAiBmB,IAAI,CAACW,eAAe;YACxD;YAEAW,SAAS;gBACPM;gBACAE;gBACAC,WAAW;gBACX;;;;;SAKC,GACDC,UAAU9D,KAAKE,GAAG,CAACY,IAAI,CAACqC,SAAS;gBACjCrC;YACF;QACF;QAEA,wCAAwC;QACxC,6BAA6B;QAC7B,wCAAwC;QAExC,IAAIH,iBAAiBN,KAAK,EAAE0D,cAAcxD,QAAQ;YAChD,KAAK,MAAMC,QAAQG,iBAAiBN,KAAK,CAAC0D,YAAY,CAAE;gBACtDX,SACE,AAAC,MAAM5C,KAAK;oBACVL,YAAYH,KAAKG,UAAU,EAAEC;oBAC7BK,SAAST,KAAKE,GAAG,CAACO,OAAO;oBACzBiD,KAAKN,OAAOM,GAAG;oBACfxD,KAAKF,KAAKE,GAAG;oBACbyD,OAAOP,OAAOQ,cAAc;gBAC9B,MAAOR;YACX;QACF;QAEA,wCAAwC;QACxC,8BAA8B;QAC9B,wCAAwC;QAExCA,SAAS,MAAM9D,oBAAoB;YACjCU;YACAG,YAAYH,KAAKG,UAAU,EAAEC;YAC7BM,WAAW;YACX0C;QACF;QAEA,wCAAwC;QACxC,iBAAiB;QACjB,wCAAwC;QAExC,IAAInD,cAAc;YAChB,MAAMT,kBAAkBU;QAC1B;QAEA,OAAOkD;IACT,EAAE,OAAOY,OAAgB;QACvB,MAAMtE,gBAAgBM,KAAKE,GAAG;QAC9B,MAAM8D;IACR;AACF,EAAC"}

package/dist/auth/operations/resetPassword.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"resetPassword.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/resetPassword.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,UAAU,EAA0B,MAAM,mCAAmC,CAAA;AAC3F,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAA;AACpD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAa1D,MAAM,MAAM,MAAM,GAAG;IACnB,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CAC9B,CAAA;AAED,MAAM,MAAM,SAAS,GAAG;IACtB,UAAU,EAAE,UAAU,CAAA;IACtB,IAAI,EAAE;QACJ,QAAQ,EAAE,MAAM,CAAA;QAChB,KAAK,EAAE,MAAM,CAAA;KACd,CAAA;IACD,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,GAAG,EAAE,cAAc,CAAA;CACpB,CAAA;AAED,eAAO,MAAM,sBAAsB,GAAU,KAAK,SAAS,cAAc,QACjE,SAAS,KACd,OAAO,CAAC,MAAM,CA8JhB,CAAA"}
+{"version":3,"file":"resetPassword.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/resetPassword.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,UAAU,EAA0B,MAAM,mCAAmC,CAAA;AAC3F,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAA;AACpD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAa1D,MAAM,MAAM,MAAM,GAAG;IACnB,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CAC9B,CAAA;AAED,MAAM,MAAM,SAAS,GAAG;IACtB,UAAU,EAAE,UAAU,CAAA;IACtB,IAAI,EAAE;QACJ,QAAQ,EAAE,MAAM,CAAA;QAChB,KAAK,EAAE,MAAM,CAAA;KACd,CAAA;IACD,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,GAAG,EAAE,cAAc,CAAA;CACpB,CAAA;AAED,eAAO,MAAM,sBAAsB,GAAU,KAAK,SAAS,cAAc,QACjE,SAAS,KACd,OAAO,CAAC,MAAM,CAiKhB,CAAA"}

package/dist/auth/operations/resetPassword.js

@@ -82,6 +82,8 @@ export const resetPasswordOperation = async (args)=>{
         // /////////////////////////////////////
         // Update new password
         // /////////////////////////////////////
+        // Ensure updatedAt date is always updated
+        user.updatedAt = new Date().toISOString();
         const doc = await payload.db.updateOne({
             id: user.id,
             collection: collectionConfig.slug,

package/dist/auth/operations/resetPassword.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/auth/operations/resetPassword.ts"],"sourcesContent":["import { status as httpStatus } from 'http-status'\n\nimport type { Collection, DataFromCollectionSlug } from '../../collections/config/types.js'\nimport type { CollectionSlug } from '../../index.js'\nimport type { PayloadRequest } from '../../types/index.js'\n\nimport { buildAfterOperation } from '../../collections/operations/utils.js'\nimport { APIError, Forbidden } from '../../errors/index.js'\nimport { appendNonTrashedFilter } from '../../utilities/appendNonTrashedFilter.js'\nimport { commitTransaction } from '../../utilities/commitTransaction.js'\nimport { initTransaction } from '../../utilities/initTransaction.js'\nimport { killTransaction } from '../../utilities/killTransaction.js'\nimport { getFieldsToSign } from '../getFieldsToSign.js'\nimport { jwtSign } from '../jwt.js'\nimport { authenticateLocalStrategy } from '../strategies/local/authenticate.js'\nimport { generatePasswordSaltHash } from '../strategies/local/generatePasswordSaltHash.js'\n\nexport type Result = {\n  token?: string\n  user: Record<string, unknown>\n}\n\nexport type Arguments = {\n  collection: Collection\n  data: {\n    password: string\n    token: string\n  }\n  depth?: number\n  overrideAccess?: boolean\n  req: PayloadRequest\n}\n\nexport const resetPasswordOperation = async <TSlug extends CollectionSlug>(\n  args: Arguments,\n): Promise<Result> => {\n  const {\n    collection: { config: collectionConfig },\n    data,\n    depth,\n    overrideAccess,\n    req: {\n      payload: { secret },\n      payload,\n    },\n    req,\n  } = args\n\n  if (\n    !Object.prototype.hasOwnProperty.call(data, 'token') ||\n    !Object.prototype.hasOwnProperty.call(data, 'password')\n  ) {\n    throw new APIError('Missing required data.', httpStatus.BAD_REQUEST)\n  }\n\n  if (collectionConfig.auth.disableLocalStrategy) {\n    throw new Forbidden(req.t)\n  }\n\n  try {\n    const shouldCommit = await initTransaction(req)\n\n    if (args.collection.config.hooks?.beforeOperation?.length) {\n      for (const hook of args.collection.config.hooks.beforeOperation) {\n        args =\n          (await hook({\n            args,\n            collection: args.collection?.config,\n            context: args.req.context,\n            operation: 'resetPassword',\n            req: args.req,\n          })) || args\n      }\n    }\n\n    // /////////////////////////////////////\n    // Reset Password\n    // /////////////////////////////////////\n\n    const where = appendNonTrashedFilter({\n      enableTrash: Boolean(collectionConfig.trash),\n      trash: false,\n      where: {\n        resetPasswordExpiration: { greater_than: new Date().toISOString() },\n        resetPasswordToken: { equals: data.token },\n      },\n    })\n\n    const user = await payload.db.findOne<any>({\n      collection: collectionConfig.slug,\n      req,\n      where,\n    })\n\n    if (!user) {\n      throw new APIError('Token is either invalid or has expired.', httpStatus.FORBIDDEN)\n    }\n\n    // TODO: replace this method\n    const { hash, salt } = await generatePasswordSaltHash({\n      collection: collectionConfig,\n      password: data.password,\n      req,\n    })\n\n    user.salt = salt\n    user.hash = hash\n\n    user.resetPasswordExpiration = new Date().toISOString()\n\n    if (collectionConfig.auth.verify) {\n      user._verified = Boolean(user._verified)\n    }\n    // /////////////////////////////////////\n    // beforeValidate - Collection\n    // /////////////////////////////////////\n\n    if (collectionConfig.hooks?.beforeValidate?.length) {\n      for (const hook of collectionConfig.hooks.beforeValidate) {\n        await hook({\n          collection: args.collection?.config,\n          context: req.context,\n          data: user,\n          operation: 'update',\n          req,\n        })\n      }\n    }\n\n    // /////////////////////////////////////\n    // Update new password\n    // /////////////////////////////////////\n\n    const doc = await payload.db.updateOne({\n      id: user.id,\n      collection: collectionConfig.slug,\n      data: user,\n      req,\n    })\n\n    await authenticateLocalStrategy({ doc, password: data.password })\n\n    const fieldsToSign = getFieldsToSign({\n      collectionConfig,\n      email: user.email,\n      user,\n    })\n\n    const { token } = await jwtSign({\n      fieldsToSign,\n      secret,\n      tokenExpiration: collectionConfig.auth.tokenExpiration,\n    })\n\n    const fullUser = await payload.findByID({\n      id: user.id,\n      collection: collectionConfig.slug,\n      depth,\n      overrideAccess,\n      req,\n      trash: false,\n    })\n\n    if (shouldCommit) {\n      await commitTransaction(req)\n    }\n\n    if (fullUser) {\n      fullUser.collection = collectionConfig.slug\n      fullUser._strategy = 'local-jwt'\n    }\n\n    let result: { user: DataFromCollectionSlug<TSlug> } & Result = {\n      token,\n      user: fullUser,\n    }\n\n    // /////////////////////////////////////\n    // afterOperation - Collection\n    // /////////////////////////////////////\n\n    result = await buildAfterOperation({\n      args,\n      collection: args.collection?.config,\n      operation: 'resetPassword',\n      result,\n    })\n\n    return result\n  } catch (error: unknown) {\n    await killTransaction(req)\n    throw error\n  }\n}\n"],"names":["status","httpStatus","buildAfterOperation","APIError","Forbidden","appendNonTrashedFilter","commitTransaction","initTransaction","killTransaction","getFieldsToSign","jwtSign","authenticateLocalStrategy","generatePasswordSaltHash","resetPasswordOperation","args","collection","config","collectionConfig","data","depth","overrideAccess","req","payload","secret","Object","prototype","hasOwnProperty","call","BAD_REQUEST","auth","disableLocalStrategy","t","shouldCommit","hooks","beforeOperation","length","hook","context","operation","where","enableTrash","Boolean","trash","resetPasswordExpiration","greater_than","Date","toISOString","resetPasswordToken","equals","token","user","db","findOne","slug","FORBIDDEN","hash","salt","password","verify","_verified","beforeValidate","doc","updateOne","id","fieldsToSign","email","tokenExpiration","fullUser","findByID","_strategy","result","error"],"mappings":"AAAA,SAASA,UAAUC,UAAU,QAAQ,cAAa;AAMlD,SAASC,mBAAmB,QAAQ,wCAAuC;AAC3E,SAASC,QAAQ,EAAEC,SAAS,QAAQ,wBAAuB;AAC3D,SAASC,sBAAsB,QAAQ,4CAA2C;AAClF,SAASC,iBAAiB,QAAQ,uCAAsC;AACxE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,wBAAuB;AACvD,SAASC,OAAO,QAAQ,YAAW;AACnC,SAASC,yBAAyB,QAAQ,sCAAqC;AAC/E,SAASC,wBAAwB,QAAQ,kDAAiD;AAkB1F,OAAO,MAAMC,yBAAyB,OACpCC;IAEA,MAAM,EACJC,YAAY,EAAEC,QAAQC,gBAAgB,EAAE,EACxCC,IAAI,EACJC,KAAK,EACLC,cAAc,EACdC,KAAK,EACHC,SAAS,EAAEC,MAAM,EAAE,EACnBD,OAAO,EACR,EACDD,GAAG,EACJ,GAAGP;IAEJ,IACE,CAACU,OAAOC,SAAS,CAACC,cAAc,CAACC,IAAI,CAACT,MAAM,YAC5C,CAACM,OAAOC,SAAS,CAACC,cAAc,CAACC,IAAI,CAACT,MAAM,aAC5C;QACA,MAAM,IAAIf,SAAS,0BAA0BF,WAAW2B,WAAW;IACrE;IAEA,IAAIX,iBAAiBY,IAAI,CAACC,oBAAoB,EAAE;QAC9C,MAAM,IAAI1B,UAAUiB,IAAIU,CAAC;IAC3B;IAEA,IAAI;QACF,MAAMC,eAAe,MAAMzB,gBAAgBc;QAE3C,IAAIP,KAAKC,UAAU,CAACC,MAAM,CAACiB,KAAK,EAAEC,iBAAiBC,QAAQ;YACzD,KAAK,MAAMC,QAAQtB,KAAKC,UAAU,CAACC,MAAM,CAACiB,KAAK,CAACC,eAAe,CAAE;gBAC/DpB,OACE,AAAC,MAAMsB,KAAK;oBACVtB;oBACAC,YAAYD,KAAKC,UAAU,EAAEC;oBAC7BqB,SAASvB,KAAKO,GAAG,CAACgB,OAAO;oBACzBC,WAAW;oBACXjB,KAAKP,KAAKO,GAAG;gBACf,MAAOP;YACX;QACF;QAEA,wCAAwC;QACxC,iBAAiB;QACjB,wCAAwC;QAExC,MAAMyB,QAAQlC,uBAAuB;YACnCmC,aAAaC,QAAQxB,iBAAiByB,KAAK;YAC3CA,OAAO;YACPH,OAAO;gBACLI,yBAAyB;oBAAEC,cAAc,IAAIC,OAAOC,WAAW;gBAAG;gBAClEC,oBAAoB;oBAAEC,QAAQ9B,KAAK+B,KAAK;gBAAC;YAC3C;QACF;QAEA,MAAMC,OAAO,MAAM5B,QAAQ6B,EAAE,CAACC,OAAO,CAAM;YACzCrC,YAAYE,iBAAiBoC,IAAI;YACjChC;YACAkB;QACF;QAEA,IAAI,CAACW,MAAM;YACT,MAAM,IAAI/C,SAAS,2CAA2CF,WAAWqD,SAAS;QACpF;QAEA,4BAA4B;QAC5B,MAAM,EAAEC,IAAI,EAAEC,IAAI,EAAE,GAAG,MAAM5C,yBAAyB;YACpDG,YAAYE;YACZwC,UAAUvC,KAAKuC,QAAQ;YACvBpC;QACF;QAEA6B,KAAKM,IAAI,GAAGA;QACZN,KAAKK,IAAI,GAAGA;QAEZL,KAAKP,uBAAuB,GAAG,IAAIE,OAAOC,WAAW;QAErD,IAAI7B,iBAAiBY,IAAI,CAAC6B,MAAM,EAAE;YAChCR,KAAKS,SAAS,GAAGlB,QAAQS,KAAKS,SAAS;QACzC;QACA,wCAAwC;QACxC,8BAA8B;QAC9B,wCAAwC;QAExC,IAAI1C,iBAAiBgB,KAAK,EAAE2B,gBAAgBzB,QAAQ;YAClD,KAAK,MAAMC,QAAQnB,iBAAiBgB,KAAK,CAAC2B,cAAc,CAAE;gBACxD,MAAMxB,KAAK;oBACTrB,YAAYD,KAAKC,UAAU,EAAEC;oBAC7BqB,SAAShB,IAAIgB,OAAO;oBACpBnB,MAAMgC;oBACNZ,WAAW;oBACXjB;gBACF;YACF;QACF;QAEA,wCAAwC;QACxC,sBAAsB;QACtB,wCAAwC;QAExC,MAAMwC,MAAM,MAAMvC,QAAQ6B,EAAE,CAACW,SAAS,CAAC;YACrCC,IAAIb,KAAKa,EAAE;YACXhD,YAAYE,iBAAiBoC,IAAI;YACjCnC,MAAMgC;YACN7B;QACF;QAEA,MAAMV,0BAA0B;YAAEkD;YAAKJ,UAAUvC,KAAKuC,QAAQ;QAAC;QAE/D,MAAMO,eAAevD,gBAAgB;YACnCQ;YACAgD,OAAOf,KAAKe,KAAK;YACjBf;QACF;QAEA,MAAM,EAAED,KAAK,EAAE,GAAG,MAAMvC,QAAQ;YAC9BsD;YACAzC;YACA2C,iBAAiBjD,iBAAiBY,IAAI,CAACqC,eAAe;QACxD;QAEA,MAAMC,WAAW,MAAM7C,QAAQ8C,QAAQ,CAAC;YACtCL,IAAIb,KAAKa,EAAE;YACXhD,YAAYE,iBAAiBoC,IAAI;YACjClC;YACAC;YACAC;YACAqB,OAAO;QACT;QAEA,IAAIV,cAAc;YAChB,MAAM1B,kBAAkBe;QAC1B;QAEA,IAAI8C,UAAU;YACZA,SAASpD,UAAU,GAAGE,iBAAiBoC,IAAI;YAC3Cc,SAASE,SAAS,GAAG;QACvB;QAEA,IAAIC,SAA2D;YAC7DrB;YACAC,MAAMiB;QACR;QAEA,wCAAwC;QACxC,8BAA8B;QAC9B,wCAAwC;QAExCG,SAAS,MAAMpE,oBAAoB;YACjCY;YACAC,YAAYD,KAAKC,UAAU,EAAEC;YAC7BsB,WAAW;YACXgC;QACF;QAEA,OAAOA;IACT,EAAE,OAAOC,OAAgB;QACvB,MAAM/D,gBAAgBa;QACtB,MAAMkD;IACR;AACF,EAAC"}
+{"version":3,"sources":["../../../src/auth/operations/resetPassword.ts"],"sourcesContent":["import { status as httpStatus } from 'http-status'\n\nimport type { Collection, DataFromCollectionSlug } from '../../collections/config/types.js'\nimport type { CollectionSlug } from '../../index.js'\nimport type { PayloadRequest } from '../../types/index.js'\n\nimport { buildAfterOperation } from '../../collections/operations/utils.js'\nimport { APIError, Forbidden } from '../../errors/index.js'\nimport { appendNonTrashedFilter } from '../../utilities/appendNonTrashedFilter.js'\nimport { commitTransaction } from '../../utilities/commitTransaction.js'\nimport { initTransaction } from '../../utilities/initTransaction.js'\nimport { killTransaction } from '../../utilities/killTransaction.js'\nimport { getFieldsToSign } from '../getFieldsToSign.js'\nimport { jwtSign } from '../jwt.js'\nimport { authenticateLocalStrategy } from '../strategies/local/authenticate.js'\nimport { generatePasswordSaltHash } from '../strategies/local/generatePasswordSaltHash.js'\n\nexport type Result = {\n  token?: string\n  user: Record<string, unknown>\n}\n\nexport type Arguments = {\n  collection: Collection\n  data: {\n    password: string\n    token: string\n  }\n  depth?: number\n  overrideAccess?: boolean\n  req: PayloadRequest\n}\n\nexport const resetPasswordOperation = async <TSlug extends CollectionSlug>(\n  args: Arguments,\n): Promise<Result> => {\n  const {\n    collection: { config: collectionConfig },\n    data,\n    depth,\n    overrideAccess,\n    req: {\n      payload: { secret },\n      payload,\n    },\n    req,\n  } = args\n\n  if (\n    !Object.prototype.hasOwnProperty.call(data, 'token') ||\n    !Object.prototype.hasOwnProperty.call(data, 'password')\n  ) {\n    throw new APIError('Missing required data.', httpStatus.BAD_REQUEST)\n  }\n\n  if (collectionConfig.auth.disableLocalStrategy) {\n    throw new Forbidden(req.t)\n  }\n\n  try {\n    const shouldCommit = await initTransaction(req)\n\n    if (args.collection.config.hooks?.beforeOperation?.length) {\n      for (const hook of args.collection.config.hooks.beforeOperation) {\n        args =\n          (await hook({\n            args,\n            collection: args.collection?.config,\n            context: args.req.context,\n            operation: 'resetPassword',\n            req: args.req,\n          })) || args\n      }\n    }\n\n    // /////////////////////////////////////\n    // Reset Password\n    // /////////////////////////////////////\n\n    const where = appendNonTrashedFilter({\n      enableTrash: Boolean(collectionConfig.trash),\n      trash: false,\n      where: {\n        resetPasswordExpiration: { greater_than: new Date().toISOString() },\n        resetPasswordToken: { equals: data.token },\n      },\n    })\n\n    const user = await payload.db.findOne<any>({\n      collection: collectionConfig.slug,\n      req,\n      where,\n    })\n\n    if (!user) {\n      throw new APIError('Token is either invalid or has expired.', httpStatus.FORBIDDEN)\n    }\n\n    // TODO: replace this method\n    const { hash, salt } = await generatePasswordSaltHash({\n      collection: collectionConfig,\n      password: data.password,\n      req,\n    })\n\n    user.salt = salt\n    user.hash = hash\n\n    user.resetPasswordExpiration = new Date().toISOString()\n\n    if (collectionConfig.auth.verify) {\n      user._verified = Boolean(user._verified)\n    }\n    // /////////////////////////////////////\n    // beforeValidate - Collection\n    // /////////////////////////////////////\n\n    if (collectionConfig.hooks?.beforeValidate?.length) {\n      for (const hook of collectionConfig.hooks.beforeValidate) {\n        await hook({\n          collection: args.collection?.config,\n          context: req.context,\n          data: user,\n          operation: 'update',\n          req,\n        })\n      }\n    }\n\n    // /////////////////////////////////////\n    // Update new password\n    // /////////////////////////////////////\n\n    // Ensure updatedAt date is always updated\n    user.updatedAt = new Date().toISOString()\n\n    const doc = await payload.db.updateOne({\n      id: user.id,\n      collection: collectionConfig.slug,\n      data: user,\n      req,\n    })\n\n    await authenticateLocalStrategy({ doc, password: data.password })\n\n    const fieldsToSign = getFieldsToSign({\n      collectionConfig,\n      email: user.email,\n      user,\n    })\n\n    const { token } = await jwtSign({\n      fieldsToSign,\n      secret,\n      tokenExpiration: collectionConfig.auth.tokenExpiration,\n    })\n\n    const fullUser = await payload.findByID({\n      id: user.id,\n      collection: collectionConfig.slug,\n      depth,\n      overrideAccess,\n      req,\n      trash: false,\n    })\n\n    if (shouldCommit) {\n      await commitTransaction(req)\n    }\n\n    if (fullUser) {\n      fullUser.collection = collectionConfig.slug\n      fullUser._strategy = 'local-jwt'\n    }\n\n    let result: { user: DataFromCollectionSlug<TSlug> } & Result = {\n      token,\n      user: fullUser,\n    }\n\n    // /////////////////////////////////////\n    // afterOperation - Collection\n    // /////////////////////////////////////\n\n    result = await buildAfterOperation({\n      args,\n      collection: args.collection?.config,\n      operation: 'resetPassword',\n      result,\n    })\n\n    return result\n  } catch (error: unknown) {\n    await killTransaction(req)\n    throw error\n  }\n}\n"],"names":["status","httpStatus","buildAfterOperation","APIError","Forbidden","appendNonTrashedFilter","commitTransaction","initTransaction","killTransaction","getFieldsToSign","jwtSign","authenticateLocalStrategy","generatePasswordSaltHash","resetPasswordOperation","args","collection","config","collectionConfig","data","depth","overrideAccess","req","payload","secret","Object","prototype","hasOwnProperty","call","BAD_REQUEST","auth","disableLocalStrategy","t","shouldCommit","hooks","beforeOperation","length","hook","context","operation","where","enableTrash","Boolean","trash","resetPasswordExpiration","greater_than","Date","toISOString","resetPasswordToken","equals","token","user","db","findOne","slug","FORBIDDEN","hash","salt","password","verify","_verified","beforeValidate","updatedAt","doc","updateOne","id","fieldsToSign","email","tokenExpiration","fullUser","findByID","_strategy","result","error"],"mappings":"AAAA,SAASA,UAAUC,UAAU,QAAQ,cAAa;AAMlD,SAASC,mBAAmB,QAAQ,wCAAuC;AAC3E,SAASC,QAAQ,EAAEC,SAAS,QAAQ,wBAAuB;AAC3D,SAASC,sBAAsB,QAAQ,4CAA2C;AAClF,SAASC,iBAAiB,QAAQ,uCAAsC;AACxE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,wBAAuB;AACvD,SAASC,OAAO,QAAQ,YAAW;AACnC,SAASC,yBAAyB,QAAQ,sCAAqC;AAC/E,SAASC,wBAAwB,QAAQ,kDAAiD;AAkB1F,OAAO,MAAMC,yBAAyB,OACpCC;IAEA,MAAM,EACJC,YAAY,EAAEC,QAAQC,gBAAgB,EAAE,EACxCC,IAAI,EACJC,KAAK,EACLC,cAAc,EACdC,KAAK,EACHC,SAAS,EAAEC,MAAM,EAAE,EACnBD,OAAO,EACR,EACDD,GAAG,EACJ,GAAGP;IAEJ,IACE,CAACU,OAAOC,SAAS,CAACC,cAAc,CAACC,IAAI,CAACT,MAAM,YAC5C,CAACM,OAAOC,SAAS,CAACC,cAAc,CAACC,IAAI,CAACT,MAAM,aAC5C;QACA,MAAM,IAAIf,SAAS,0BAA0BF,WAAW2B,WAAW;IACrE;IAEA,IAAIX,iBAAiBY,IAAI,CAACC,oBAAoB,EAAE;QAC9C,MAAM,IAAI1B,UAAUiB,IAAIU,CAAC;IAC3B;IAEA,IAAI;QACF,MAAMC,eAAe,MAAMzB,gBAAgBc;QAE3C,IAAIP,KAAKC,UAAU,CAACC,MAAM,CAACiB,KAAK,EAAEC,iBAAiBC,QAAQ;YACzD,KAAK,MAAMC,QAAQtB,KAAKC,UAAU,CAACC,MAAM,CAACiB,KAAK,CAACC,eAAe,CAAE;gBAC/DpB,OACE,AAAC,MAAMsB,KAAK;oBACVtB;oBACAC,YAAYD,KAAKC,UAAU,EAAEC;oBAC7BqB,SAASvB,KAAKO,GAAG,CAACgB,OAAO;oBACzBC,WAAW;oBACXjB,KAAKP,KAAKO,GAAG;gBACf,MAAOP;YACX;QACF;QAEA,wCAAwC;QACxC,iBAAiB;QACjB,wCAAwC;QAExC,MAAMyB,QAAQlC,uBAAuB;YACnCmC,aAAaC,QAAQxB,iBAAiByB,KAAK;YAC3CA,OAAO;YACPH,OAAO;gBACLI,yBAAyB;oBAAEC,cAAc,IAAIC,OAAOC,WAAW;gBAAG;gBAClEC,oBAAoB;oBAAEC,QAAQ9B,KAAK+B,KAAK;gBAAC;YAC3C;QACF;QAEA,MAAMC,OAAO,MAAM5B,QAAQ6B,EAAE,CAACC,OAAO,CAAM;YACzCrC,YAAYE,iBAAiBoC,IAAI;YACjChC;YACAkB;QACF;QAEA,IAAI,CAACW,MAAM;YACT,MAAM,IAAI/C,SAAS,2CAA2CF,WAAWqD,SAAS;QACpF;QAEA,4BAA4B;QAC5B,MAAM,EAAEC,IAAI,EAAEC,IAAI,EAAE,GAAG,MAAM5C,yBAAyB;YACpDG,YAAYE;YACZwC,UAAUvC,KAAKuC,QAAQ;YACvBpC;QACF;QAEA6B,KAAKM,IAAI,GAAGA;QACZN,KAAKK,IAAI,GAAGA;QAEZL,KAAKP,uBAAuB,GAAG,IAAIE,OAAOC,WAAW;QAErD,IAAI7B,iBAAiBY,IAAI,CAAC6B,MAAM,EAAE;YAChCR,KAAKS,SAAS,GAAGlB,QAAQS,KAAKS,SAAS;QACzC;QACA,wCAAwC;QACxC,8BAA8B;QAC9B,wCAAwC;QAExC,IAAI1C,iBAAiBgB,KAAK,EAAE2B,gBAAgBzB,QAAQ;YAClD,KAAK,MAAMC,QAAQnB,iBAAiBgB,KAAK,CAAC2B,cAAc,CAAE;gBACxD,MAAMxB,KAAK;oBACTrB,YAAYD,KAAKC,UAAU,EAAEC;oBAC7BqB,SAAShB,IAAIgB,OAAO;oBACpBnB,MAAMgC;oBACNZ,WAAW;oBACXjB;gBACF;YACF;QACF;QAEA,wCAAwC;QACxC,sBAAsB;QACtB,wCAAwC;QAExC,0CAA0C;QAC1C6B,KAAKW,SAAS,GAAG,IAAIhB,OAAOC,WAAW;QAEvC,MAAMgB,MAAM,MAAMxC,QAAQ6B,EAAE,CAACY,SAAS,CAAC;YACrCC,IAAId,KAAKc,EAAE;YACXjD,YAAYE,iBAAiBoC,IAAI;YACjCnC,MAAMgC;YACN7B;QACF;QAEA,MAAMV,0BAA0B;YAAEmD;YAAKL,UAAUvC,KAAKuC,QAAQ;QAAC;QAE/D,MAAMQ,eAAexD,gBAAgB;YACnCQ;YACAiD,OAAOhB,KAAKgB,KAAK;YACjBhB;QACF;QAEA,MAAM,EAAED,KAAK,EAAE,GAAG,MAAMvC,QAAQ;YAC9BuD;YACA1C;YACA4C,iBAAiBlD,iBAAiBY,IAAI,CAACsC,eAAe;QACxD;QAEA,MAAMC,WAAW,MAAM9C,QAAQ+C,QAAQ,CAAC;YACtCL,IAAId,KAAKc,EAAE;YACXjD,YAAYE,iBAAiBoC,IAAI;YACjClC;YACAC;YACAC;YACAqB,OAAO;QACT;QAEA,IAAIV,cAAc;YAChB,MAAM1B,kBAAkBe;QAC1B;QAEA,IAAI+C,UAAU;YACZA,SAASrD,UAAU,GAAGE,iBAAiBoC,IAAI;YAC3Ce,SAASE,SAAS,GAAG;QACvB;QAEA,IAAIC,SAA2D;YAC7DtB;YACAC,MAAMkB;QACR;QAEA,wCAAwC;QACxC,8BAA8B;QAC9B,wCAAwC;QAExCG,SAAS,MAAMrE,oBAAoB;YACjCY;YACAC,YAAYD,KAAKC,UAAU,EAAEC;YAC7BsB,WAAW;YACXiC;QACF;QAEA,OAAOA;IACT,EAAE,OAAOC,OAAgB;QACvB,MAAMhE,gBAAgBa;QACtB,MAAMmD;IACR;AACF,EAAC"}

package/dist/auth/operations/verifyEmail.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"verifyEmail.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/verifyEmail.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,mCAAmC,CAAA;AACnE,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAQ1D,MAAM,MAAM,IAAI,GAAG;IACjB,UAAU,EAAE,UAAU,CAAA;IACtB,GAAG,EAAE,cAAc,CAAA;IACnB,KAAK,EAAE,MAAM,CAAA;CACd,CAAA;AAED,eAAO,MAAM,oBAAoB,SAAgB,IAAI,KAAG,OAAO,CAAC,OAAO,CAoDtE,CAAA"}
+{"version":3,"file":"verifyEmail.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/verifyEmail.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,mCAAmC,CAAA;AACnE,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAQ1D,MAAM,MAAM,IAAI,GAAG;IACjB,UAAU,EAAE,UAAU,CAAA;IACtB,GAAG,EAAE,cAAc,CAAA;IACnB,KAAK,EAAE,MAAM,CAAA;CACd,CAAA;AAED,eAAO,MAAM,oBAAoB,SAAgB,IAAI,KAAG,OAAO,CAAC,OAAO,CAuDtE,CAAA"}

package/dist/auth/operations/verifyEmail.js

@@ -31,6 +31,8 @@ export const verifyEmailOperation = async (args)=>{
         if (!user) {
             throw new APIError('Verification token is invalid.', httpStatus.FORBIDDEN);
         }
+        // Ensure updatedAt date is always updated
+        user.updatedAt = new Date().toISOString();
         await req.payload.db.updateOne({
             id: user.id,
             collection: collection.config.slug,

package/dist/auth/operations/verifyEmail.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/auth/operations/verifyEmail.ts"],"sourcesContent":["import { status as httpStatus } from 'http-status'\n\nimport type { Collection } from '../../collections/config/types.js'\nimport type { PayloadRequest } from '../../types/index.js'\n\nimport { APIError, Forbidden } from '../../errors/index.js'\nimport { appendNonTrashedFilter } from '../../utilities/appendNonTrashedFilter.js'\nimport { commitTransaction } from '../../utilities/commitTransaction.js'\nimport { initTransaction } from '../../utilities/initTransaction.js'\nimport { killTransaction } from '../../utilities/killTransaction.js'\n\nexport type Args = {\n  collection: Collection\n  req: PayloadRequest\n  token: string\n}\n\nexport const verifyEmailOperation = async (args: Args): Promise<boolean> => {\n  const { collection, req, token } = args\n\n  if (collection.config.auth.disableLocalStrategy) {\n    throw new Forbidden(req.t)\n  }\n  if (!Object.prototype.hasOwnProperty.call(args, 'token')) {\n    throw new APIError('Missing required data.', httpStatus.BAD_REQUEST)\n  }\n\n  try {\n    const shouldCommit = await initTransaction(req)\n\n    const where = appendNonTrashedFilter({\n      enableTrash: Boolean(collection.config.trash),\n      trash: false,\n      where: {\n        _verificationToken: { equals: token },\n      },\n    })\n\n    const user = await req.payload.db.findOne<any>({\n      collection: collection.config.slug,\n      req,\n      where,\n    })\n\n    if (!user) {\n      throw new APIError('Verification token is invalid.', httpStatus.FORBIDDEN)\n    }\n\n    await req.payload.db.updateOne({\n      id: user.id,\n      collection: collection.config.slug,\n      data: {\n        ...user,\n        _verificationToken: null,\n        _verified: true,\n      },\n      req,\n      returning: false,\n    })\n\n    if (shouldCommit) {\n      await commitTransaction(req)\n    }\n\n    return true\n  } catch (error: unknown) {\n    await killTransaction(req)\n    throw error\n  }\n}\n"],"names":["status","httpStatus","APIError","Forbidden","appendNonTrashedFilter","commitTransaction","initTransaction","killTransaction","verifyEmailOperation","args","collection","req","token","config","auth","disableLocalStrategy","t","Object","prototype","hasOwnProperty","call","BAD_REQUEST","shouldCommit","where","enableTrash","Boolean","trash","_verificationToken","equals","user","payload","db","findOne","slug","FORBIDDEN","updateOne","id","data","_verified","returning","error"],"mappings":"AAAA,SAASA,UAAUC,UAAU,QAAQ,cAAa;AAKlD,SAASC,QAAQ,EAAEC,SAAS,QAAQ,wBAAuB;AAC3D,SAASC,sBAAsB,QAAQ,4CAA2C;AAClF,SAASC,iBAAiB,QAAQ,uCAAsC;AACxE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,qCAAoC;AAQpE,OAAO,MAAMC,uBAAuB,OAAOC;IACzC,MAAM,EAAEC,UAAU,EAAEC,GAAG,EAAEC,KAAK,EAAE,GAAGH;IAEnC,IAAIC,WAAWG,MAAM,CAACC,IAAI,CAACC,oBAAoB,EAAE;QAC/C,MAAM,IAAIZ,UAAUQ,IAAIK,CAAC;IAC3B;IACA,IAAI,CAACC,OAAOC,SAAS,CAACC,cAAc,CAACC,IAAI,CAACX,MAAM,UAAU;QACxD,MAAM,IAAIP,SAAS,0BAA0BD,WAAWoB,WAAW;IACrE;IAEA,IAAI;QACF,MAAMC,eAAe,MAAMhB,gBAAgBK;QAE3C,MAAMY,QAAQnB,uBAAuB;YACnCoB,aAAaC,QAAQf,WAAWG,MAAM,CAACa,KAAK;YAC5CA,OAAO;YACPH,OAAO;gBACLI,oBAAoB;oBAAEC,QAAQhB;gBAAM;YACtC;QACF;QAEA,MAAMiB,OAAO,MAAMlB,IAAImB,OAAO,CAACC,EAAE,CAACC,OAAO,CAAM;YAC7CtB,YAAYA,WAAWG,MAAM,CAACoB,IAAI;YAClCtB;YACAY;QACF;QAEA,IAAI,CAACM,MAAM;YACT,MAAM,IAAI3B,SAAS,kCAAkCD,WAAWiC,SAAS;QAC3E;QAEA,MAAMvB,IAAImB,OAAO,CAACC,EAAE,CAACI,SAAS,CAAC;YAC7BC,IAAIP,KAAKO,EAAE;YACX1B,YAAYA,WAAWG,MAAM,CAACoB,IAAI;YAClCI,MAAM;gBACJ,GAAGR,IAAI;gBACPF,oBAAoB;gBACpBW,WAAW;YACb;YACA3B;YACA4B,WAAW;QACb;QAEA,IAAIjB,cAAc;YAChB,MAAMjB,kBAAkBM;QAC1B;QAEA,OAAO;IACT,EAAE,OAAO6B,OAAgB;QACvB,MAAMjC,gBAAgBI;QACtB,MAAM6B;IACR;AACF,EAAC"}
+{"version":3,"sources":["../../../src/auth/operations/verifyEmail.ts"],"sourcesContent":["import { status as httpStatus } from 'http-status'\n\nimport type { Collection } from '../../collections/config/types.js'\nimport type { PayloadRequest } from '../../types/index.js'\n\nimport { APIError, Forbidden } from '../../errors/index.js'\nimport { appendNonTrashedFilter } from '../../utilities/appendNonTrashedFilter.js'\nimport { commitTransaction } from '../../utilities/commitTransaction.js'\nimport { initTransaction } from '../../utilities/initTransaction.js'\nimport { killTransaction } from '../../utilities/killTransaction.js'\n\nexport type Args = {\n  collection: Collection\n  req: PayloadRequest\n  token: string\n}\n\nexport const verifyEmailOperation = async (args: Args): Promise<boolean> => {\n  const { collection, req, token } = args\n\n  if (collection.config.auth.disableLocalStrategy) {\n    throw new Forbidden(req.t)\n  }\n  if (!Object.prototype.hasOwnProperty.call(args, 'token')) {\n    throw new APIError('Missing required data.', httpStatus.BAD_REQUEST)\n  }\n\n  try {\n    const shouldCommit = await initTransaction(req)\n\n    const where = appendNonTrashedFilter({\n      enableTrash: Boolean(collection.config.trash),\n      trash: false,\n      where: {\n        _verificationToken: { equals: token },\n      },\n    })\n\n    const user = await req.payload.db.findOne<any>({\n      collection: collection.config.slug,\n      req,\n      where,\n    })\n\n    if (!user) {\n      throw new APIError('Verification token is invalid.', httpStatus.FORBIDDEN)\n    }\n\n    // Ensure updatedAt date is always updated\n    user.updatedAt = new Date().toISOString()\n\n    await req.payload.db.updateOne({\n      id: user.id,\n      collection: collection.config.slug,\n      data: {\n        ...user,\n        _verificationToken: null,\n        _verified: true,\n      },\n      req,\n      returning: false,\n    })\n\n    if (shouldCommit) {\n      await commitTransaction(req)\n    }\n\n    return true\n  } catch (error: unknown) {\n    await killTransaction(req)\n    throw error\n  }\n}\n"],"names":["status","httpStatus","APIError","Forbidden","appendNonTrashedFilter","commitTransaction","initTransaction","killTransaction","verifyEmailOperation","args","collection","req","token","config","auth","disableLocalStrategy","t","Object","prototype","hasOwnProperty","call","BAD_REQUEST","shouldCommit","where","enableTrash","Boolean","trash","_verificationToken","equals","user","payload","db","findOne","slug","FORBIDDEN","updatedAt","Date","toISOString","updateOne","id","data","_verified","returning","error"],"mappings":"AAAA,SAASA,UAAUC,UAAU,QAAQ,cAAa;AAKlD,SAASC,QAAQ,EAAEC,SAAS,QAAQ,wBAAuB;AAC3D,SAASC,sBAAsB,QAAQ,4CAA2C;AAClF,SAASC,iBAAiB,QAAQ,uCAAsC;AACxE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,qCAAoC;AAQpE,OAAO,MAAMC,uBAAuB,OAAOC;IACzC,MAAM,EAAEC,UAAU,EAAEC,GAAG,EAAEC,KAAK,EAAE,GAAGH;IAEnC,IAAIC,WAAWG,MAAM,CAACC,IAAI,CAACC,oBAAoB,EAAE;QAC/C,MAAM,IAAIZ,UAAUQ,IAAIK,CAAC;IAC3B;IACA,IAAI,CAACC,OAAOC,SAAS,CAACC,cAAc,CAACC,IAAI,CAACX,MAAM,UAAU;QACxD,MAAM,IAAIP,SAAS,0BAA0BD,WAAWoB,WAAW;IACrE;IAEA,IAAI;QACF,MAAMC,eAAe,MAAMhB,gBAAgBK;QAE3C,MAAMY,QAAQnB,uBAAuB;YACnCoB,aAAaC,QAAQf,WAAWG,MAAM,CAACa,KAAK;YAC5CA,OAAO;YACPH,OAAO;gBACLI,oBAAoB;oBAAEC,QAAQhB;gBAAM;YACtC;QACF;QAEA,MAAMiB,OAAO,MAAMlB,IAAImB,OAAO,CAACC,EAAE,CAACC,OAAO,CAAM;YAC7CtB,YAAYA,WAAWG,MAAM,CAACoB,IAAI;YAClCtB;YACAY;QACF;QAEA,IAAI,CAACM,MAAM;YACT,MAAM,IAAI3B,SAAS,kCAAkCD,WAAWiC,SAAS;QAC3E;QAEA,0CAA0C;QAC1CL,KAAKM,SAAS,GAAG,IAAIC,OAAOC,WAAW;QAEvC,MAAM1B,IAAImB,OAAO,CAACC,EAAE,CAACO,SAAS,CAAC;YAC7BC,IAAIV,KAAKU,EAAE;YACX7B,YAAYA,WAAWG,MAAM,CAACoB,IAAI;YAClCO,MAAM;gBACJ,GAAGX,IAAI;gBACPF,oBAAoB;gBACpBc,WAAW;YACb;YACA9B;YACA+B,WAAW;QACb;QAEA,IAAIpB,cAAc;YAChB,MAAMjB,kBAAkBM;QAC1B;QAEA,OAAO;IACT,EAAE,OAAOgC,OAAgB;QACvB,MAAMpC,gBAAgBI;QACtB,MAAMgC;IACR;AACF,EAAC"}

package/dist/auth/sessions.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"sessions.d.ts","sourceRoot":"","sources":["../../src/auth/sessions.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,yBAAyB,EAAE,MAAM,gCAAgC,CAAA;AAC/E,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,aAAa,CAAA;AAC5C,OAAO,KAAK,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAA;AAChE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAA;AAE7C;;GAEG;AACH,eAAO,MAAM,qBAAqB,aAAc,WAAW,EAAE,kBAO5D,CAAA;AAED;;;GAGG;AACH,eAAO,MAAM,gBAAgB,8CAK1B;IACD,gBAAgB,EAAE,yBAAyB,CAAA;IAC3C,OAAO,EAAE,OAAO,CAAA;IAChB,GAAG,EAAE,cAAc,CAAA;IACnB,IAAI,EAAE,SAAS,CAAA;CAChB,KAAG,OAAO,CAAC;IAAE,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,CAiC3B,CAAA"}
+{"version":3,"file":"sessions.d.ts","sourceRoot":"","sources":["../../src/auth/sessions.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,yBAAyB,EAAE,MAAM,gCAAgC,CAAA;AAC/E,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,aAAa,CAAA;AAC5C,OAAO,KAAK,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAA;AAChE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAA;AAE7C;;GAEG;AACH,eAAO,MAAM,qBAAqB,aAAc,WAAW,EAAE,kBAO5D,CAAA;AAED;;;GAGG;AACH,eAAO,MAAM,gBAAgB,8CAK1B;IACD,gBAAgB,EAAE,yBAAyB,CAAA;IAC3C,OAAO,EAAE,OAAO,CAAA;IAChB,GAAG,EAAE,cAAc,CAAA;IACnB,IAAI,EAAE,SAAS,CAAA;CAChB,KAAG,OAAO,CAAC;IAAE,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,CAoC3B,CAAA"}

package/dist/auth/sessions.js

@@ -32,6 +32,8 @@ import { v4 as uuid } from 'uuid';
             user.sessions = removeExpiredSessions(user.sessions);
             user.sessions.push(session);
         }
+        // Ensure updatedAt date is always updated
+        user.updatedAt = new Date().toISOString();
         await payload.db.updateOne({
             id: user.id,
             collection: collectionConfig.slug,

package/dist/auth/sessions.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../src/auth/sessions.ts"],"sourcesContent":["import { v4 as uuid } from 'uuid'\n\nimport type { SanitizedCollectionConfig } from '../collections/config/types.js'\nimport type { TypedUser } from '../index.js'\nimport type { Payload, PayloadRequest } from '../types/index.js'\nimport type { UserSession } from './types.js'\n\n/**\n * Removes expired sessions from an array of sessions\n */\nexport const removeExpiredSessions = (sessions: UserSession[]) => {\n  const now = new Date()\n\n  return sessions.filter(({ expiresAt }) => {\n    const expiry = expiresAt instanceof Date ? expiresAt : new Date(expiresAt)\n    return expiry > now\n  })\n}\n\n/**\n * Adds a session to the user and removes expired sessions\n * @returns The session ID (sid) if sessions are used\n */\nexport const addSessionToUser = async ({\n  collectionConfig,\n  payload,\n  req,\n  user,\n}: {\n  collectionConfig: SanitizedCollectionConfig\n  payload: Payload\n  req: PayloadRequest\n  user: TypedUser\n}): Promise<{ sid?: string }> => {\n  let sid: string | undefined\n  if (collectionConfig.auth.useSessions) {\n    // Add session to user\n    sid = uuid()\n    const now = new Date()\n    const tokenExpInMs = collectionConfig.auth.tokenExpiration * 1000\n    const expiresAt = new Date(now.getTime() + tokenExpInMs)\n\n    const session = { id: sid, createdAt: now, expiresAt }\n\n    if (!user.sessions?.length) {\n      user.sessions = [session]\n    } else {\n      user.sessions = removeExpiredSessions(user.sessions)\n      user.sessions.push(session)\n    }\n\n    await payload.db.updateOne({\n      id: user.id,\n      collection: collectionConfig.slug,\n      data: user,\n      req,\n      returning: false,\n    })\n\n    user.collection = collectionConfig.slug\n    user._strategy = 'local-jwt'\n  }\n\n  return {\n    sid,\n  }\n}\n"],"names":["v4","uuid","removeExpiredSessions","sessions","now","Date","filter","expiresAt","expiry","addSessionToUser","collectionConfig","payload","req","user","sid","auth","useSessions","tokenExpInMs","tokenExpiration","getTime","session","id","createdAt","length","push","db","updateOne","collection","slug","data","returning","_strategy"],"mappings":"AAAA,SAASA,MAAMC,IAAI,QAAQ,OAAM;AAOjC;;CAEC,GACD,OAAO,MAAMC,wBAAwB,CAACC;IACpC,MAAMC,MAAM,IAAIC;IAEhB,OAAOF,SAASG,MAAM,CAAC,CAAC,EAAEC,SAAS,EAAE;QACnC,MAAMC,SAASD,qBAAqBF,OAAOE,YAAY,IAAIF,KAAKE;QAChE,OAAOC,SAASJ;IAClB;AACF,EAAC;AAED;;;CAGC,GACD,OAAO,MAAMK,mBAAmB,OAAO,EACrCC,gBAAgB,EAChBC,OAAO,EACPC,GAAG,EACHC,IAAI,EAML;IACC,IAAIC;IACJ,IAAIJ,iBAAiBK,IAAI,CAACC,WAAW,EAAE;QACrC,sBAAsB;QACtBF,MAAMb;QACN,MAAMG,MAAM,IAAIC;QAChB,MAAMY,eAAeP,iBAAiBK,IAAI,CAACG,eAAe,GAAG;QAC7D,MAAMX,YAAY,IAAIF,KAAKD,IAAIe,OAAO,KAAKF;QAE3C,MAAMG,UAAU;YAAEC,IAAIP;YAAKQ,WAAWlB;YAAKG;QAAU;QAErD,IAAI,CAACM,KAAKV,QAAQ,EAAEoB,QAAQ;YAC1BV,KAAKV,QAAQ,GAAG;gBAACiB;aAAQ;QAC3B,OAAO;YACLP,KAAKV,QAAQ,GAAGD,sBAAsBW,KAAKV,QAAQ;YACnDU,KAAKV,QAAQ,CAACqB,IAAI,CAACJ;QACrB;QAEA,MAAMT,QAAQc,EAAE,CAACC,SAAS,CAAC;YACzBL,IAAIR,KAAKQ,EAAE;YACXM,YAAYjB,iBAAiBkB,IAAI;YACjCC,MAAMhB;YACND;YACAkB,WAAW;QACb;QAEAjB,KAAKc,UAAU,GAAGjB,iBAAiBkB,IAAI;QACvCf,KAAKkB,SAAS,GAAG;IACnB;IAEA,OAAO;QACLjB;IACF;AACF,EAAC"}
+{"version":3,"sources":["../../src/auth/sessions.ts"],"sourcesContent":["import { v4 as uuid } from 'uuid'\n\nimport type { SanitizedCollectionConfig } from '../collections/config/types.js'\nimport type { TypedUser } from '../index.js'\nimport type { Payload, PayloadRequest } from '../types/index.js'\nimport type { UserSession } from './types.js'\n\n/**\n * Removes expired sessions from an array of sessions\n */\nexport const removeExpiredSessions = (sessions: UserSession[]) => {\n  const now = new Date()\n\n  return sessions.filter(({ expiresAt }) => {\n    const expiry = expiresAt instanceof Date ? expiresAt : new Date(expiresAt)\n    return expiry > now\n  })\n}\n\n/**\n * Adds a session to the user and removes expired sessions\n * @returns The session ID (sid) if sessions are used\n */\nexport const addSessionToUser = async ({\n  collectionConfig,\n  payload,\n  req,\n  user,\n}: {\n  collectionConfig: SanitizedCollectionConfig\n  payload: Payload\n  req: PayloadRequest\n  user: TypedUser\n}): Promise<{ sid?: string }> => {\n  let sid: string | undefined\n  if (collectionConfig.auth.useSessions) {\n    // Add session to user\n    sid = uuid()\n    const now = new Date()\n    const tokenExpInMs = collectionConfig.auth.tokenExpiration * 1000\n    const expiresAt = new Date(now.getTime() + tokenExpInMs)\n\n    const session = { id: sid, createdAt: now, expiresAt }\n\n    if (!user.sessions?.length) {\n      user.sessions = [session]\n    } else {\n      user.sessions = removeExpiredSessions(user.sessions)\n      user.sessions.push(session)\n    }\n\n    // Ensure updatedAt date is always updated\n    user.updatedAt = new Date().toISOString()\n\n    await payload.db.updateOne({\n      id: user.id,\n      collection: collectionConfig.slug,\n      data: user,\n      req,\n      returning: false,\n    })\n\n    user.collection = collectionConfig.slug\n    user._strategy = 'local-jwt'\n  }\n\n  return {\n    sid,\n  }\n}\n"],"names":["v4","uuid","removeExpiredSessions","sessions","now","Date","filter","expiresAt","expiry","addSessionToUser","collectionConfig","payload","req","user","sid","auth","useSessions","tokenExpInMs","tokenExpiration","getTime","session","id","createdAt","length","push","updatedAt","toISOString","db","updateOne","collection","slug","data","returning","_strategy"],"mappings":"AAAA,SAASA,MAAMC,IAAI,QAAQ,OAAM;AAOjC;;CAEC,GACD,OAAO,MAAMC,wBAAwB,CAACC;IACpC,MAAMC,MAAM,IAAIC;IAEhB,OAAOF,SAASG,MAAM,CAAC,CAAC,EAAEC,SAAS,EAAE;QACnC,MAAMC,SAASD,qBAAqBF,OAAOE,YAAY,IAAIF,KAAKE;QAChE,OAAOC,SAASJ;IAClB;AACF,EAAC;AAED;;;CAGC,GACD,OAAO,MAAMK,mBAAmB,OAAO,EACrCC,gBAAgB,EAChBC,OAAO,EACPC,GAAG,EACHC,IAAI,EAML;IACC,IAAIC;IACJ,IAAIJ,iBAAiBK,IAAI,CAACC,WAAW,EAAE;QACrC,sBAAsB;QACtBF,MAAMb;QACN,MAAMG,MAAM,IAAIC;QAChB,MAAMY,eAAeP,iBAAiBK,IAAI,CAACG,eAAe,GAAG;QAC7D,MAAMX,YAAY,IAAIF,KAAKD,IAAIe,OAAO,KAAKF;QAE3C,MAAMG,UAAU;YAAEC,IAAIP;YAAKQ,WAAWlB;YAAKG;QAAU;QAErD,IAAI,CAACM,KAAKV,QAAQ,EAAEoB,QAAQ;YAC1BV,KAAKV,QAAQ,GAAG;gBAACiB;aAAQ;QAC3B,OAAO;YACLP,KAAKV,QAAQ,GAAGD,sBAAsBW,KAAKV,QAAQ;YACnDU,KAAKV,QAAQ,CAACqB,IAAI,CAACJ;QACrB;QAEA,0CAA0C;QAC1CP,KAAKY,SAAS,GAAG,IAAIpB,OAAOqB,WAAW;QAEvC,MAAMf,QAAQgB,EAAE,CAACC,SAAS,CAAC;YACzBP,IAAIR,KAAKQ,EAAE;YACXQ,YAAYnB,iBAAiBoB,IAAI;YACjCC,MAAMlB;YACND;YACAoB,WAAW;QACb;QAEAnB,KAAKgB,UAAU,GAAGnB,iBAAiBoB,IAAI;QACvCjB,KAAKoB,SAAS,GAAG;IACnB;IAEA,OAAO;QACLnB;IACF;AACF,EAAC"}

package/dist/auth/strategies/local/incrementLoginAttempts.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"incrementLoginAttempts.d.ts","sourceRoot":"","sources":["../../../../src/auth/strategies/local/incrementLoginAttempts.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,yBAAyB,EAAE,MAAM,sCAAsC,CAAA;AACrF,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAA;AAE7D,OAAO,EAAmB,KAAK,OAAO,EAAE,KAAK,SAAS,EAAE,MAAM,mBAAmB,CAAA;AAGjF,KAAK,IAAI,GAAG;IACV,UAAU,EAAE,yBAAyB,CAAA;IACrC,OAAO,EAAE,OAAO,CAAA;IAChB,GAAG,EAAE,cAAc,CAAA;IACnB,IAAI,EAAE,SAAS,CAAA;CAChB,CAAA;AAID,eAAO,MAAM,sBAAsB,wCAKhC,IAAI,KAAG,OAAO,CAAC,IAAI,CAqIrB,CAAA"}
+{"version":3,"file":"incrementLoginAttempts.d.ts","sourceRoot":"","sources":["../../../../src/auth/strategies/local/incrementLoginAttempts.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,yBAAyB,EAAE,MAAM,sCAAsC,CAAA;AACrF,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAA;AAE7D,OAAO,EAAmB,KAAK,OAAO,EAAE,KAAK,SAAS,EAAE,MAAM,mBAAmB,CAAA;AAGjF,KAAK,IAAI,GAAG;IACV,UAAU,EAAE,yBAAyB,CAAA;IACrC,OAAO,EAAE,OAAO,CAAA;IAChB,GAAG,EAAE,cAAc,CAAA;IACnB,IAAI,EAAE,SAAS,CAAA;CAChB,CAAA;AAID,eAAO,MAAM,sBAAsB,wCAKhC,IAAI,KAAG,OAAO,CAAC,IAAI,CAwIrB,CAAA"}

package/dist/auth/strategies/local/incrementLoginAttempts.js

@@ -100,6 +100,8 @@ export const incrementLoginAttempts = async ({ collection, payload, req, user })
                     return sessionCreatedAt <= twentySecondsAgo;
                 });
                 user.sessions = currentUser.sessions;
+                // Ensure updatedAt date is always updated
+                user.updatedAt = new Date().toISOString();
                 await payload.db.updateOne({
                     id: user.id,
                     collection: collection.slug,

package/dist/auth/strategies/local/incrementLoginAttempts.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../src/auth/strategies/local/incrementLoginAttempts.ts"],"sourcesContent":["import type { SanitizedCollectionConfig } from '../../../collections/config/types.js'\nimport type { PayloadRequest } from '../../../types/index.js'\n\nimport { type JsonObject, type Payload, type TypedUser } from '../../../index.js'\nimport { isUserLocked } from '../../isUserLocked.js'\n\ntype Args = {\n  collection: SanitizedCollectionConfig\n  payload: Payload\n  req: PayloadRequest\n  user: TypedUser\n}\n\n// Note: this function does not use req in most updates, as we want those to be visible in parallel requests that are on a different\n// transaction. At the same time, we want updates from parallel requests to be visible here.\nexport const incrementLoginAttempts = async ({\n  collection,\n  payload,\n  req,\n  user,\n}: Args): Promise<void> => {\n  const {\n    auth: { lockTime, maxLoginAttempts },\n  } = collection\n\n  const currentTime = Date.now()\n\n  let updatedLockUntil: null | string = null\n  let updatedLoginAttempts: null | number = null\n\n  if (user.lockUntil && !isUserLocked(new Date(user.lockUntil))) {\n    // Expired lock, restart count at 1\n    const updatedUser = await payload.db.updateOne({\n      id: user.id,\n      collection: collection.slug,\n      data: {\n        lockUntil: null,\n        loginAttempts: 1,\n      },\n      req,\n      select: {\n        lockUntil: true,\n        loginAttempts: true,\n      },\n    })\n    updatedLockUntil = updatedUser.lockUntil\n    updatedLoginAttempts = updatedUser.loginAttempts\n    user.lockUntil = updatedLockUntil\n  } else {\n    const data: JsonObject = {\n      loginAttempts: {\n        $inc: 1,\n      },\n    }\n\n    const willReachMaxAttempts =\n      typeof user.loginAttempts === 'number' && user.loginAttempts + 1 >= maxLoginAttempts\n    // Lock the account if at max attempts and not already locked\n    if (willReachMaxAttempts) {\n      const lockUntil = new Date(currentTime + lockTime).toISOString()\n      data.lockUntil = lockUntil\n    }\n\n    const updatedUser = await payload.db.updateOne({\n      id: user.id,\n      collection: collection.slug,\n      data,\n      select: {\n        lockUntil: true,\n        loginAttempts: true,\n      },\n    })\n\n    updatedLockUntil = updatedUser.lockUntil\n    updatedLoginAttempts = updatedUser.loginAttempts\n  }\n\n  if (updatedLoginAttempts === null) {\n    throw new Error('Failed to update login attempts or lockUntil for user')\n  }\n\n  // Check updated latest lockUntil and loginAttempts in case there were parallel updates\n  const reachedMaxAttemptsForCurrentUser =\n    typeof updatedLoginAttempts === 'number' && updatedLoginAttempts - 1 >= maxLoginAttempts\n\n  const reachedMaxAttemptsForNextUser =\n    typeof updatedLoginAttempts === 'number' && updatedLoginAttempts >= maxLoginAttempts\n\n  if (reachedMaxAttemptsForCurrentUser) {\n    user.lockUntil = updatedLockUntil\n  }\n  user.loginAttempts = updatedLoginAttempts - 1 // -1, as the updated increment is applied for the *next* login attempt, not the current one\n\n  if (\n    reachedMaxAttemptsForNextUser &&\n    (!updatedLockUntil || !isUserLocked(new Date(updatedLockUntil)))\n  ) {\n    // If lockUntil reached max login attempts due to multiple parallel attempts but user was not locked yet,\n    const newLockUntil = new Date(currentTime + lockTime).toISOString()\n\n    await payload.db.updateOne({\n      id: user.id,\n      collection: collection.slug,\n      data: {\n        lockUntil: newLockUntil,\n      },\n      returning: false,\n    })\n\n    if (reachedMaxAttemptsForCurrentUser) {\n      user.lockUntil = newLockUntil\n    }\n\n    if (collection.auth.useSessions) {\n      // Remove all active sessions that have been created in a 20 second window. This protects\n      // against brute force attacks - example: 99 incorrect, 1 correct parallel login attempts.\n      // The correct login attempt will be finished first, as it's faster due to not having to perform\n      // an additional db update here.\n      // However, this request (the incorrect login attempt request) can kill the successful login attempt here.\n\n      // Fetch user sessions separately (do not do this in the updateOne select in order to preserve the returning: true db call optimization)\n      const currentUser = await payload.db.findOne<TypedUser>({\n        collection: collection.slug,\n        select: {\n          sessions: true,\n        },\n        where: {\n          id: {\n            equals: user.id,\n          },\n        },\n      })\n      if (currentUser?.sessions?.length) {\n        // Does not hurt also removing expired sessions\n        currentUser.sessions = currentUser.sessions.filter((session) => {\n          const sessionCreatedAt = new Date(session.createdAt)\n          const twentySecondsAgo = new Date(currentTime - 20000)\n\n          // Remove sessions created within the last 20 seconds\n          return sessionCreatedAt <= twentySecondsAgo\n        })\n\n        user.sessions = currentUser.sessions\n\n        await payload.db.updateOne({\n          id: user.id,\n          collection: collection.slug,\n          data: user,\n          returning: false,\n        })\n      }\n    }\n  }\n}\n"],"names":["isUserLocked","incrementLoginAttempts","collection","payload","req","user","auth","lockTime","maxLoginAttempts","currentTime","Date","now","updatedLockUntil","updatedLoginAttempts","lockUntil","updatedUser","db","updateOne","id","slug","data","loginAttempts","select","$inc","willReachMaxAttempts","toISOString","Error","reachedMaxAttemptsForCurrentUser","reachedMaxAttemptsForNextUser","newLockUntil","returning","useSessions","currentUser","findOne","sessions","where","equals","length","filter","session","sessionCreatedAt","createdAt","twentySecondsAgo"],"mappings":"AAIA,SAASA,YAAY,QAAQ,wBAAuB;AASpD,oIAAoI;AACpI,4FAA4F;AAC5F,OAAO,MAAMC,yBAAyB,OAAO,EAC3CC,UAAU,EACVC,OAAO,EACPC,GAAG,EACHC,IAAI,EACC;IACL,MAAM,EACJC,MAAM,EAAEC,QAAQ,EAAEC,gBAAgB,EAAE,EACrC,GAAGN;IAEJ,MAAMO,cAAcC,KAAKC,GAAG;IAE5B,IAAIC,mBAAkC;IACtC,IAAIC,uBAAsC;IAE1C,IAAIR,KAAKS,SAAS,IAAI,CAACd,aAAa,IAAIU,KAAKL,KAAKS,SAAS,IAAI;QAC7D,mCAAmC;QACnC,MAAMC,cAAc,MAAMZ,QAAQa,EAAE,CAACC,SAAS,CAAC;YAC7CC,IAAIb,KAAKa,EAAE;YACXhB,YAAYA,WAAWiB,IAAI;YAC3BC,MAAM;gBACJN,WAAW;gBACXO,eAAe;YACjB;YACAjB;YACAkB,QAAQ;gBACNR,WAAW;gBACXO,eAAe;YACjB;QACF;QACAT,mBAAmBG,YAAYD,SAAS;QACxCD,uBAAuBE,YAAYM,aAAa;QAChDhB,KAAKS,SAAS,GAAGF;IACnB,OAAO;QACL,MAAMQ,OAAmB;YACvBC,eAAe;gBACbE,MAAM;YACR;QACF;QAEA,MAAMC,uBACJ,OAAOnB,KAAKgB,aAAa,KAAK,YAAYhB,KAAKgB,aAAa,GAAG,KAAKb;QACtE,6DAA6D;QAC7D,IAAIgB,sBAAsB;YACxB,MAAMV,YAAY,IAAIJ,KAAKD,cAAcF,UAAUkB,WAAW;YAC9DL,KAAKN,SAAS,GAAGA;QACnB;QAEA,MAAMC,cAAc,MAAMZ,QAAQa,EAAE,CAACC,SAAS,CAAC;YAC7CC,IAAIb,KAAKa,EAAE;YACXhB,YAAYA,WAAWiB,IAAI;YAC3BC;YACAE,QAAQ;gBACNR,WAAW;gBACXO,eAAe;YACjB;QACF;QAEAT,mBAAmBG,YAAYD,SAAS;QACxCD,uBAAuBE,YAAYM,aAAa;IAClD;IAEA,IAAIR,yBAAyB,MAAM;QACjC,MAAM,IAAIa,MAAM;IAClB;IAEA,uFAAuF;IACvF,MAAMC,mCACJ,OAAOd,yBAAyB,YAAYA,uBAAuB,KAAKL;IAE1E,MAAMoB,gCACJ,OAAOf,yBAAyB,YAAYA,wBAAwBL;IAEtE,IAAImB,kCAAkC;QACpCtB,KAAKS,SAAS,GAAGF;IACnB;IACAP,KAAKgB,aAAa,GAAGR,uBAAuB,EAAE,4FAA4F;;IAE1I,IACEe,iCACC,CAAA,CAAChB,oBAAoB,CAACZ,aAAa,IAAIU,KAAKE,kBAAiB,GAC9D;QACA,yGAAyG;QACzG,MAAMiB,eAAe,IAAInB,KAAKD,cAAcF,UAAUkB,WAAW;QAEjE,MAAMtB,QAAQa,EAAE,CAACC,SAAS,CAAC;YACzBC,IAAIb,KAAKa,EAAE;YACXhB,YAAYA,WAAWiB,IAAI;YAC3BC,MAAM;gBACJN,WAAWe;YACb;YACAC,WAAW;QACb;QAEA,IAAIH,kCAAkC;YACpCtB,KAAKS,SAAS,GAAGe;QACnB;QAEA,IAAI3B,WAAWI,IAAI,CAACyB,WAAW,EAAE;YAC/B,yFAAyF;YACzF,0FAA0F;YAC1F,gGAAgG;YAChG,gCAAgC;YAChC,0GAA0G;YAE1G,wIAAwI;YACxI,MAAMC,cAAc,MAAM7B,QAAQa,EAAE,CAACiB,OAAO,CAAY;gBACtD/B,YAAYA,WAAWiB,IAAI;gBAC3BG,QAAQ;oBACNY,UAAU;gBACZ;gBACAC,OAAO;oBACLjB,IAAI;wBACFkB,QAAQ/B,KAAKa,EAAE;oBACjB;gBACF;YACF;YACA,IAAIc,aAAaE,UAAUG,QAAQ;gBACjC,+CAA+C;gBAC/CL,YAAYE,QAAQ,GAAGF,YAAYE,QAAQ,CAACI,MAAM,CAAC,CAACC;oBAClD,MAAMC,mBAAmB,IAAI9B,KAAK6B,QAAQE,SAAS;oBACnD,MAAMC,mBAAmB,IAAIhC,KAAKD,cAAc;oBAEhD,qDAAqD;oBACrD,OAAO+B,oBAAoBE;gBAC7B;gBAEArC,KAAK6B,QAAQ,GAAGF,YAAYE,QAAQ;gBAEpC,MAAM/B,QAAQa,EAAE,CAACC,SAAS,CAAC;oBACzBC,IAAIb,KAAKa,EAAE;oBACXhB,YAAYA,WAAWiB,IAAI;oBAC3BC,MAAMf;oBACNyB,WAAW;gBACb;YACF;QACF;IACF;AACF,EAAC"}
+{"version":3,"sources":["../../../../src/auth/strategies/local/incrementLoginAttempts.ts"],"sourcesContent":["import type { SanitizedCollectionConfig } from '../../../collections/config/types.js'\nimport type { PayloadRequest } from '../../../types/index.js'\n\nimport { type JsonObject, type Payload, type TypedUser } from '../../../index.js'\nimport { isUserLocked } from '../../isUserLocked.js'\n\ntype Args = {\n  collection: SanitizedCollectionConfig\n  payload: Payload\n  req: PayloadRequest\n  user: TypedUser\n}\n\n// Note: this function does not use req in most updates, as we want those to be visible in parallel requests that are on a different\n// transaction. At the same time, we want updates from parallel requests to be visible here.\nexport const incrementLoginAttempts = async ({\n  collection,\n  payload,\n  req,\n  user,\n}: Args): Promise<void> => {\n  const {\n    auth: { lockTime, maxLoginAttempts },\n  } = collection\n\n  const currentTime = Date.now()\n\n  let updatedLockUntil: null | string = null\n  let updatedLoginAttempts: null | number = null\n\n  if (user.lockUntil && !isUserLocked(new Date(user.lockUntil))) {\n    // Expired lock, restart count at 1\n    const updatedUser = await payload.db.updateOne({\n      id: user.id,\n      collection: collection.slug,\n      data: {\n        lockUntil: null,\n        loginAttempts: 1,\n      },\n      req,\n      select: {\n        lockUntil: true,\n        loginAttempts: true,\n      },\n    })\n    updatedLockUntil = updatedUser.lockUntil\n    updatedLoginAttempts = updatedUser.loginAttempts\n    user.lockUntil = updatedLockUntil\n  } else {\n    const data: JsonObject = {\n      loginAttempts: {\n        $inc: 1,\n      },\n    }\n\n    const willReachMaxAttempts =\n      typeof user.loginAttempts === 'number' && user.loginAttempts + 1 >= maxLoginAttempts\n    // Lock the account if at max attempts and not already locked\n    if (willReachMaxAttempts) {\n      const lockUntil = new Date(currentTime + lockTime).toISOString()\n      data.lockUntil = lockUntil\n    }\n\n    const updatedUser = await payload.db.updateOne({\n      id: user.id,\n      collection: collection.slug,\n      data,\n      select: {\n        lockUntil: true,\n        loginAttempts: true,\n      },\n    })\n\n    updatedLockUntil = updatedUser.lockUntil\n    updatedLoginAttempts = updatedUser.loginAttempts\n  }\n\n  if (updatedLoginAttempts === null) {\n    throw new Error('Failed to update login attempts or lockUntil for user')\n  }\n\n  // Check updated latest lockUntil and loginAttempts in case there were parallel updates\n  const reachedMaxAttemptsForCurrentUser =\n    typeof updatedLoginAttempts === 'number' && updatedLoginAttempts - 1 >= maxLoginAttempts\n\n  const reachedMaxAttemptsForNextUser =\n    typeof updatedLoginAttempts === 'number' && updatedLoginAttempts >= maxLoginAttempts\n\n  if (reachedMaxAttemptsForCurrentUser) {\n    user.lockUntil = updatedLockUntil\n  }\n  user.loginAttempts = updatedLoginAttempts - 1 // -1, as the updated increment is applied for the *next* login attempt, not the current one\n\n  if (\n    reachedMaxAttemptsForNextUser &&\n    (!updatedLockUntil || !isUserLocked(new Date(updatedLockUntil)))\n  ) {\n    // If lockUntil reached max login attempts due to multiple parallel attempts but user was not locked yet,\n    const newLockUntil = new Date(currentTime + lockTime).toISOString()\n\n    await payload.db.updateOne({\n      id: user.id,\n      collection: collection.slug,\n      data: {\n        lockUntil: newLockUntil,\n      },\n      returning: false,\n    })\n\n    if (reachedMaxAttemptsForCurrentUser) {\n      user.lockUntil = newLockUntil\n    }\n\n    if (collection.auth.useSessions) {\n      // Remove all active sessions that have been created in a 20 second window. This protects\n      // against brute force attacks - example: 99 incorrect, 1 correct parallel login attempts.\n      // The correct login attempt will be finished first, as it's faster due to not having to perform\n      // an additional db update here.\n      // However, this request (the incorrect login attempt request) can kill the successful login attempt here.\n\n      // Fetch user sessions separately (do not do this in the updateOne select in order to preserve the returning: true db call optimization)\n      const currentUser = await payload.db.findOne<TypedUser>({\n        collection: collection.slug,\n        select: {\n          sessions: true,\n        },\n        where: {\n          id: {\n            equals: user.id,\n          },\n        },\n      })\n      if (currentUser?.sessions?.length) {\n        // Does not hurt also removing expired sessions\n        currentUser.sessions = currentUser.sessions.filter((session) => {\n          const sessionCreatedAt = new Date(session.createdAt)\n          const twentySecondsAgo = new Date(currentTime - 20000)\n\n          // Remove sessions created within the last 20 seconds\n          return sessionCreatedAt <= twentySecondsAgo\n        })\n\n        user.sessions = currentUser.sessions\n\n        // Ensure updatedAt date is always updated\n        user.updatedAt = new Date().toISOString()\n\n        await payload.db.updateOne({\n          id: user.id,\n          collection: collection.slug,\n          data: user,\n          returning: false,\n        })\n      }\n    }\n  }\n}\n"],"names":["isUserLocked","incrementLoginAttempts","collection","payload","req","user","auth","lockTime","maxLoginAttempts","currentTime","Date","now","updatedLockUntil","updatedLoginAttempts","lockUntil","updatedUser","db","updateOne","id","slug","data","loginAttempts","select","$inc","willReachMaxAttempts","toISOString","Error","reachedMaxAttemptsForCurrentUser","reachedMaxAttemptsForNextUser","newLockUntil","returning","useSessions","currentUser","findOne","sessions","where","equals","length","filter","session","sessionCreatedAt","createdAt","twentySecondsAgo","updatedAt"],"mappings":"AAIA,SAASA,YAAY,QAAQ,wBAAuB;AASpD,oIAAoI;AACpI,4FAA4F;AAC5F,OAAO,MAAMC,yBAAyB,OAAO,EAC3CC,UAAU,EACVC,OAAO,EACPC,GAAG,EACHC,IAAI,EACC;IACL,MAAM,EACJC,MAAM,EAAEC,QAAQ,EAAEC,gBAAgB,EAAE,EACrC,GAAGN;IAEJ,MAAMO,cAAcC,KAAKC,GAAG;IAE5B,IAAIC,mBAAkC;IACtC,IAAIC,uBAAsC;IAE1C,IAAIR,KAAKS,SAAS,IAAI,CAACd,aAAa,IAAIU,KAAKL,KAAKS,SAAS,IAAI;QAC7D,mCAAmC;QACnC,MAAMC,cAAc,MAAMZ,QAAQa,EAAE,CAACC,SAAS,CAAC;YAC7CC,IAAIb,KAAKa,EAAE;YACXhB,YAAYA,WAAWiB,IAAI;YAC3BC,MAAM;gBACJN,WAAW;gBACXO,eAAe;YACjB;YACAjB;YACAkB,QAAQ;gBACNR,WAAW;gBACXO,eAAe;YACjB;QACF;QACAT,mBAAmBG,YAAYD,SAAS;QACxCD,uBAAuBE,YAAYM,aAAa;QAChDhB,KAAKS,SAAS,GAAGF;IACnB,OAAO;QACL,MAAMQ,OAAmB;YACvBC,eAAe;gBACbE,MAAM;YACR;QACF;QAEA,MAAMC,uBACJ,OAAOnB,KAAKgB,aAAa,KAAK,YAAYhB,KAAKgB,aAAa,GAAG,KAAKb;QACtE,6DAA6D;QAC7D,IAAIgB,sBAAsB;YACxB,MAAMV,YAAY,IAAIJ,KAAKD,cAAcF,UAAUkB,WAAW;YAC9DL,KAAKN,SAAS,GAAGA;QACnB;QAEA,MAAMC,cAAc,MAAMZ,QAAQa,EAAE,CAACC,SAAS,CAAC;YAC7CC,IAAIb,KAAKa,EAAE;YACXhB,YAAYA,WAAWiB,IAAI;YAC3BC;YACAE,QAAQ;gBACNR,WAAW;gBACXO,eAAe;YACjB;QACF;QAEAT,mBAAmBG,YAAYD,SAAS;QACxCD,uBAAuBE,YAAYM,aAAa;IAClD;IAEA,IAAIR,yBAAyB,MAAM;QACjC,MAAM,IAAIa,MAAM;IAClB;IAEA,uFAAuF;IACvF,MAAMC,mCACJ,OAAOd,yBAAyB,YAAYA,uBAAuB,KAAKL;IAE1E,MAAMoB,gCACJ,OAAOf,yBAAyB,YAAYA,wBAAwBL;IAEtE,IAAImB,kCAAkC;QACpCtB,KAAKS,SAAS,GAAGF;IACnB;IACAP,KAAKgB,aAAa,GAAGR,uBAAuB,EAAE,4FAA4F;;IAE1I,IACEe,iCACC,CAAA,CAAChB,oBAAoB,CAACZ,aAAa,IAAIU,KAAKE,kBAAiB,GAC9D;QACA,yGAAyG;QACzG,MAAMiB,eAAe,IAAInB,KAAKD,cAAcF,UAAUkB,WAAW;QAEjE,MAAMtB,QAAQa,EAAE,CAACC,SAAS,CAAC;YACzBC,IAAIb,KAAKa,EAAE;YACXhB,YAAYA,WAAWiB,IAAI;YAC3BC,MAAM;gBACJN,WAAWe;YACb;YACAC,WAAW;QACb;QAEA,IAAIH,kCAAkC;YACpCtB,KAAKS,SAAS,GAAGe;QACnB;QAEA,IAAI3B,WAAWI,IAAI,CAACyB,WAAW,EAAE;YAC/B,yFAAyF;YACzF,0FAA0F;YAC1F,gGAAgG;YAChG,gCAAgC;YAChC,0GAA0G;YAE1G,wIAAwI;YACxI,MAAMC,cAAc,MAAM7B,QAAQa,EAAE,CAACiB,OAAO,CAAY;gBACtD/B,YAAYA,WAAWiB,IAAI;gBAC3BG,QAAQ;oBACNY,UAAU;gBACZ;gBACAC,OAAO;oBACLjB,IAAI;wBACFkB,QAAQ/B,KAAKa,EAAE;oBACjB;gBACF;YACF;YACA,IAAIc,aAAaE,UAAUG,QAAQ;gBACjC,+CAA+C;gBAC/CL,YAAYE,QAAQ,GAAGF,YAAYE,QAAQ,CAACI,MAAM,CAAC,CAACC;oBAClD,MAAMC,mBAAmB,IAAI9B,KAAK6B,QAAQE,SAAS;oBACnD,MAAMC,mBAAmB,IAAIhC,KAAKD,cAAc;oBAEhD,qDAAqD;oBACrD,OAAO+B,oBAAoBE;gBAC7B;gBAEArC,KAAK6B,QAAQ,GAAGF,YAAYE,QAAQ;gBAEpC,0CAA0C;gBAC1C7B,KAAKsC,SAAS,GAAG,IAAIjC,OAAOe,WAAW;gBAEvC,MAAMtB,QAAQa,EAAE,CAACC,SAAS,CAAC;oBACzBC,IAAIb,KAAKa,EAAE;oBACXhB,YAAYA,WAAWiB,IAAI;oBAC3BC,MAAMf;oBACNyB,WAAW;gBACb;YACF;QACF;IACF;AACF,EAAC"}

package/dist/bin/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/bin/index.ts"],"names":[],"mappings":"AA0BA,eAAO,MAAM,GAAG,qBA6If,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/bin/index.ts"],"names":[],"mappings":"AA0BA,eAAO,MAAM,GAAG,qBAyBf,CAAA"}

package/dist/bin/index.js

@@ -1,10 +1,9 @@
-// @ts-strict-ignore
 /* eslint-disable no-console */ import { Cron } from 'croner';
 import minimist from 'minimist';
 import { pathToFileURL } from 'node:url';
 import path from 'path';
 import { findConfig } from '../config/find.js';
-import payload, { getPayload } from '../index.js';
+import { getPayload } from '../index.js';
 import { generateImportMap } from './generateImportMap/index.js';
 import { generateTypes } from './generateTypes.js';
 import { info } from './info.js';
@@ -17,16 +16,44 @@ const availableScripts = [
     'generate:types',
     'info',
     'jobs:run',
+    'jobs:handle-schedules',
     'run',
     ...migrateCommands
 ];
 export const bin = async ()=>{
     loadEnv();
+    process.env.DISABLE_PAYLOAD_HMR = 'true';
     const args = minimist(process.argv.slice(2));
     const script = (typeof args._[0] === 'string' ? args._[0] : '').toLowerCase();
+    if (args.cron) {
+        new Cron(args.cron, async ()=>{
+            // If the bin script initializes payload (getPayload), this will only happen once, as getPayload
+            // caches the payload instance on the module scope => no need to manually cache and manage getPayload initialization
+            // outside the Cron here.
+            await runBinScript({
+                args,
+                script
+            });
+        });
+        process.stdin.resume() // Keep the process alive
+        ;
+        return;
+    } else {
+        const { payload } = await runBinScript({
+            args,
+            script
+        });
+        if (payload) {
+            await payload.destroy() // close database connections after running jobs so process can exit cleanly
+            ;
+        }
+        process.exit(0);
+    }
+};
+async function runBinScript({ args, script }) {
     if (script === 'info') {
         await info();
-        return;
+        return {};
     }
     if (script === 'run') {
         const scriptPath = args._[1];
@@ -52,7 +79,7 @@ export const bin = async ()=>{
             // Restore original process.argv
             process.argv = originalArgv;
         }
-        return;
+        return {};
     }
     const configPath = findConfig();
     const configPromise = await import(pathToFileURL(configPath).toString());
@@ -76,19 +103,22 @@ export const bin = async ()=>{
             console.log(`Could not find associated bin script for the ${userBinScript.key} command`);
             console.error(err);
         }
-        return;
+        return {};
     }
     if (script.startsWith('migrate')) {
-        return migrate({
+        await migrate({
             config,
             parsedArgs: args
-        }).then(()=>process.exit(0));
+        });
+        return {};
     }
     if (script === 'generate:types') {
-        return generateTypes(config);
+        await generateTypes(config);
+        return {};
     }
     if (script === 'generate:importmap') {
-        return generateImportMap(config);
+        await generateImportMap(config);
+        return {};
     }
     if (script === 'jobs:run') {
         const payload = await getPayload({
@@ -98,50 +128,63 @@ export const bin = async ()=>{
         const limit = args.limit ? parseInt(args.limit, 10) : undefined;
         const queue = args.queue ? args.queue : undefined;
         const allQueues = !!args.allQueues;
-        if (args.cron) {
-            new Cron(args.cron, async ()=>{
-                await payload.jobs.run({
-                    allQueues,
-                    limit,
-                    queue
-                });
-            });
-            process.stdin.resume() // Keep the process alive
-            ;
-            return;
-        } else {
-            await payload.jobs.run({
+        const handleSchedules = !!args.handleSchedules;
+        if (handleSchedules) {
+            await payload.jobs.handleSchedules({
                 allQueues,
-                limit,
                 queue
             });
-            await payload.destroy() // close database connections after running jobs so process can exit cleanly
-            ;
-            process.exit(0);
         }
+        await payload.jobs.run({
+            allQueues,
+            limit,
+            queue
+        });
+        return {
+            payload
+        };
+    }
+    if (script === 'jobs:handle-schedules') {
+        const payload = await getPayload({
+            config
+        }) // Do not setup crons here - this bin script can set up its own crons
+        ;
+        const queue = args.queue ? args.queue : undefined;
+        const allQueues = !!args.allQueues;
+        await payload.jobs.handleSchedules({
+            allQueues,
+            queue
+        });
+        return {
+            payload
+        };
     }
     if (script === 'generate:db-schema') {
         // Barebones instance to access database adapter, without connecting to the DB
-        await payload.init({
+        const payload = await getPayload({
             config,
             disableDBConnect: true,
             disableOnInit: true
-        });
+        }) // Do not setup crons here
+        ;
         if (typeof payload.db.generateSchema !== 'function') {
             payload.logger.error({
                 msg: `${payload.db.packageName} does not support database schema generation`
             });
+            await payload.destroy();
             process.exit(1);
         }
         await payload.db.generateSchema({
             log: args.log === 'false' ? false : true,
             prettify: args.prettify === 'false' ? false : true
         });
-        process.exit(0);
+        return {
+            payload
+        };
     }
     console.error(script ? `Unknown command: "${script}"` : 'Please provide a command to run');
     console.log(`\nAvailable commands:\n${availableScripts.map((c)=>`  - ${c}`).join('\n')}`);
     process.exit(1);
-};
+}
 
 //# sourceMappingURL=index.js.map