payload 3.74.0-internal.7eee0f6 → 3.74.0-internal.bc57c0d

package/dist/auth/operations/forgotPassword.d.ts

@@ -1,7 +1,7 @@
 import type { AuthOperationsFromCollectionSlug, Collection } from '../../collections/config/types.js';
-import type { CollectionSlug } from '../../index.js';
+import type { AuthCollectionSlug } from '../../index.js';
 import type { PayloadRequest } from '../../types/index.js';
-export type Arguments<TSlug extends CollectionSlug> = {
+export type Arguments<TSlug extends AuthCollectionSlug> = {
     collection: Collection;
     data: {
         [key: string]: unknown;
@@ -11,5 +11,5 @@ export type Arguments<TSlug extends CollectionSlug> = {
     req: PayloadRequest;
 };
 export type Result = string;
-export declare const forgotPasswordOperation: <TSlug extends CollectionSlug>(incomingArgs: Arguments<TSlug>) => Promise<null | string>;
+export declare const forgotPasswordOperation: <TSlug extends AuthCollectionSlug>(incomingArgs: Arguments<TSlug>) => Promise<null | string>;
 //# sourceMappingURL=forgotPassword.d.ts.map

package/dist/auth/operations/forgotPassword.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"forgotPassword.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/forgotPassword.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EACV,gCAAgC,EAChC,UAAU,EACX,MAAM,mCAAmC,CAAA;AAC1C,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAA;AACpD,OAAO,KAAK,EAAE,cAAc,EAAS,MAAM,sBAAsB,CAAA;AAajE,MAAM,MAAM,SAAS,CAAC,KAAK,SAAS,cAAc,IAAI;IACpD,UAAU,EAAE,UAAU,CAAA;IACtB,IAAI,EAAE;QACJ,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAA;KACvB,GAAG,gCAAgC,CAAC,KAAK,CAAC,CAAC,gBAAgB,CAAC,CAAA;IAC7D,YAAY,CAAC,EAAE,OAAO,CAAA;IACtB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,GAAG,EAAE,cAAc,CAAA;CACpB,CAAA;AAED,MAAM,MAAM,MAAM,GAAG,MAAM,CAAA;AAE3B,eAAO,MAAM,uBAAuB,GAAU,KAAK,SAAS,cAAc,gBAC1D,SAAS,CAAC,KAAK,CAAC,KAC7B,OAAO,CAAC,IAAI,GAAG,MAAM,CA6LvB,CAAA"}
+{"version":3,"file":"forgotPassword.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/forgotPassword.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EACV,gCAAgC,EAChC,UAAU,EACX,MAAM,mCAAmC,CAAA;AAC1C,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAA;AACxD,OAAO,KAAK,EAAE,cAAc,EAAS,MAAM,sBAAsB,CAAA;AAajE,MAAM,MAAM,SAAS,CAAC,KAAK,SAAS,kBAAkB,IAAI;IACxD,UAAU,EAAE,UAAU,CAAA;IACtB,IAAI,EAAE;QACJ,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAA;KACvB,GAAG,gCAAgC,CAAC,KAAK,CAAC,CAAC,gBAAgB,CAAC,CAAA;IAC7D,YAAY,CAAC,EAAE,OAAO,CAAA;IACtB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,GAAG,EAAE,cAAc,CAAA;CACpB,CAAA;AAED,MAAM,MAAM,MAAM,GAAG,MAAM,CAAA;AAE3B,eAAO,MAAM,uBAAuB,GAAU,KAAK,SAAS,kBAAkB,gBAC9D,SAAS,CAAC,KAAK,CAAC,KAC7B,OAAO,CAAC,IAAI,GAAG,MAAM,CA6LvB,CAAA"}

package/dist/auth/operations/forgotPassword.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/auth/operations/forgotPassword.ts"],"sourcesContent":["import crypto from 'crypto'\nimport { status as httpStatus } from 'http-status'\nimport { URL } from 'url'\n\nimport type {\n  AuthOperationsFromCollectionSlug,\n  Collection,\n} from '../../collections/config/types.js'\nimport type { CollectionSlug } from '../../index.js'\nimport type { PayloadRequest, Where } from '../../types/index.js'\n\nimport { buildAfterOperation } from '../../collections/operations/utilities/buildAfterOperation.js'\nimport { buildBeforeOperation } from '../../collections/operations/utilities/buildBeforeOperation.js'\nimport { APIError } from '../../errors/index.js'\nimport { Forbidden } from '../../index.js'\nimport { appendNonTrashedFilter } from '../../utilities/appendNonTrashedFilter.js'\nimport { commitTransaction } from '../../utilities/commitTransaction.js'\nimport { formatAdminURL } from '../../utilities/formatAdminURL.js'\nimport { initTransaction } from '../../utilities/initTransaction.js'\nimport { killTransaction } from '../../utilities/killTransaction.js'\nimport { getLoginOptions } from '../getLoginOptions.js'\n\nexport type Arguments<TSlug extends CollectionSlug> = {\n  collection: Collection\n  data: {\n    [key: string]: unknown\n  } & AuthOperationsFromCollectionSlug<TSlug>['forgotPassword']\n  disableEmail?: boolean\n  expiration?: number\n  req: PayloadRequest\n}\n\nexport type Result = string\n\nexport const forgotPasswordOperation = async <TSlug extends CollectionSlug>(\n  incomingArgs: Arguments<TSlug>,\n): Promise<null | string> => {\n  const loginWithUsername = incomingArgs.collection.config.auth.loginWithUsername\n  const { data } = incomingArgs\n\n  const { canLoginWithEmail, canLoginWithUsername } = getLoginOptions(loginWithUsername)\n\n  const sanitizedEmail =\n    (canLoginWithEmail && (incomingArgs.data.email || '').toLowerCase().trim()) || null\n  const sanitizedUsername =\n    'username' in data && typeof data?.username === 'string'\n      ? data.username.toLowerCase().trim()\n      : null\n\n  let args = incomingArgs\n\n  if (incomingArgs.collection.config.auth.disableLocalStrategy) {\n    throw new Forbidden(incomingArgs.req.t)\n  }\n  if (!sanitizedEmail && !sanitizedUsername) {\n    throw new APIError(\n      `Missing ${loginWithUsername ? 'username' : 'email'}.`,\n      httpStatus.BAD_REQUEST,\n    )\n  }\n\n  try {\n    const shouldCommit = await initTransaction(args.req)\n\n    // /////////////////////////////////////\n    // beforeOperation - Collection\n    // /////////////////////////////////////\n    args = await buildBeforeOperation({\n      args,\n      collection: args.collection.config,\n      operation: 'forgotPassword',\n    })\n\n    const {\n      collection: { config: collectionConfig },\n      disableEmail,\n      expiration,\n      req: {\n        payload: { config, email },\n        payload,\n      },\n      req,\n    } = args\n\n    // /////////////////////////////////////\n    // Forget password\n    // /////////////////////////////////////\n\n    let token: string = crypto.randomBytes(20).toString('hex')\n    type UserDoc = {\n      email?: string\n      id: number | string\n      resetPasswordExpiration?: string\n      resetPasswordToken?: string\n    }\n\n    if (!sanitizedEmail && !sanitizedUsername) {\n      throw new APIError(\n        `Missing ${loginWithUsername ? 'username' : 'email'}.`,\n        httpStatus.BAD_REQUEST,\n      )\n    }\n\n    let whereConstraint: Where = {}\n\n    if (canLoginWithEmail && sanitizedEmail) {\n      whereConstraint = {\n        email: {\n          equals: sanitizedEmail,\n        },\n      }\n    } else if (canLoginWithUsername && sanitizedUsername) {\n      whereConstraint = {\n        username: {\n          equals: sanitizedUsername,\n        },\n      }\n    }\n\n    // Exclude trashed users unless `trash: true`\n    whereConstraint = appendNonTrashedFilter({\n      enableTrash: collectionConfig.trash,\n      trash: false,\n      where: whereConstraint,\n    })\n\n    let user = await payload.db.findOne<UserDoc>({\n      collection: collectionConfig.slug,\n      req,\n      where: whereConstraint,\n    })\n\n    // We don't want to indicate specifically that an email was not found,\n    // as doing so could lead to the exposure of registered emails.\n    // Therefore, we prefer to fail silently.\n    if (!user) {\n      await commitTransaction(args.req)\n      return null\n    }\n\n    const resetPasswordExpiration = new Date(\n      Date.now() + (collectionConfig.auth?.forgotPassword?.expiration ?? expiration ?? 3600000),\n    ).toISOString()\n\n    user = await payload.update({\n      id: user.id,\n      collection: collectionConfig.slug,\n      data: {\n        resetPasswordExpiration,\n        resetPasswordToken: token,\n      },\n      req,\n    })\n\n    if (!disableEmail && user.email) {\n      const protocol = new URL(req.url!).protocol // includes the final :\n      const serverURL =\n        config.serverURL !== null && config.serverURL !== ''\n          ? config.serverURL\n          : `${protocol}//${req.headers.get('host')}`\n      const forgotURL = formatAdminURL({\n        adminRoute: config.routes.admin,\n        path: `${config.admin.routes.reset}/${token}`,\n        serverURL,\n      })\n      let html = `${req.t('authentication:youAreReceivingResetPassword')}\n    <a href=\"${forgotURL}\">${forgotURL}</a>\n    ${req.t('authentication:youDidNotRequestPassword')}`\n\n      if (typeof collectionConfig.auth.forgotPassword?.generateEmailHTML === 'function') {\n        html = await collectionConfig.auth.forgotPassword.generateEmailHTML({\n          req,\n          token,\n          user,\n        })\n      }\n\n      let subject = req.t('authentication:resetYourPassword')\n\n      if (typeof collectionConfig.auth.forgotPassword?.generateEmailSubject === 'function') {\n        subject = await collectionConfig.auth.forgotPassword.generateEmailSubject({\n          req,\n          token,\n          user,\n        })\n      }\n\n      await email.sendEmail({\n        from: `\"${email.defaultFromName}\" <${email.defaultFromAddress}>`,\n        html,\n        subject,\n        to: user.email,\n      })\n    }\n\n    // /////////////////////////////////////\n    // afterForgotPassword - Collection\n    // /////////////////////////////////////\n\n    if (collectionConfig.hooks?.afterForgotPassword?.length) {\n      for (const hook of collectionConfig.hooks.afterForgotPassword) {\n        await hook({ args, collection: args.collection?.config, context: req.context })\n      }\n    }\n\n    // /////////////////////////////////////\n    // afterOperation - Collection\n    // /////////////////////////////////////\n\n    token = await buildAfterOperation({\n      args,\n      collection: args.collection?.config,\n      operation: 'forgotPassword',\n      result: token,\n    })\n\n    if (shouldCommit) {\n      await commitTransaction(req)\n    }\n\n    return token\n  } catch (error: unknown) {\n    await killTransaction(args.req)\n    throw error\n  }\n}\n"],"names":["crypto","status","httpStatus","URL","buildAfterOperation","buildBeforeOperation","APIError","Forbidden","appendNonTrashedFilter","commitTransaction","formatAdminURL","initTransaction","killTransaction","getLoginOptions","forgotPasswordOperation","incomingArgs","loginWithUsername","collection","config","auth","data","canLoginWithEmail","canLoginWithUsername","sanitizedEmail","email","toLowerCase","trim","sanitizedUsername","username","args","disableLocalStrategy","req","t","BAD_REQUEST","shouldCommit","operation","collectionConfig","disableEmail","expiration","payload","token","randomBytes","toString","whereConstraint","equals","enableTrash","trash","where","user","db","findOne","slug","resetPasswordExpiration","Date","now","forgotPassword","toISOString","update","id","resetPasswordToken","protocol","url","serverURL","headers","get","forgotURL","adminRoute","routes","admin","path","reset","html","generateEmailHTML","subject","generateEmailSubject","sendEmail","from","defaultFromName","defaultFromAddress","to","hooks","afterForgotPassword","length","hook","context","result","error"],"mappings":"AAAA,OAAOA,YAAY,SAAQ;AAC3B,SAASC,UAAUC,UAAU,QAAQ,cAAa;AAClD,SAASC,GAAG,QAAQ,MAAK;AASzB,SAASC,mBAAmB,QAAQ,gEAA+D;AACnG,SAASC,oBAAoB,QAAQ,iEAAgE;AACrG,SAASC,QAAQ,QAAQ,wBAAuB;AAChD,SAASC,SAAS,QAAQ,iBAAgB;AAC1C,SAASC,sBAAsB,QAAQ,4CAA2C;AAClF,SAASC,iBAAiB,QAAQ,uCAAsC;AACxE,SAASC,cAAc,QAAQ,oCAAmC;AAClE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,wBAAuB;AAcvD,OAAO,MAAMC,0BAA0B,OACrCC;IAEA,MAAMC,oBAAoBD,aAAaE,UAAU,CAACC,MAAM,CAACC,IAAI,CAACH,iBAAiB;IAC/E,MAAM,EAAEI,IAAI,EAAE,GAAGL;IAEjB,MAAM,EAAEM,iBAAiB,EAAEC,oBAAoB,EAAE,GAAGT,gBAAgBG;IAEpE,MAAMO,iBACJ,AAACF,qBAAqB,AAACN,CAAAA,aAAaK,IAAI,CAACI,KAAK,IAAI,EAAC,EAAGC,WAAW,GAAGC,IAAI,MAAO;IACjF,MAAMC,oBACJ,cAAcP,QAAQ,OAAOA,MAAMQ,aAAa,WAC5CR,KAAKQ,QAAQ,CAACH,WAAW,GAAGC,IAAI,KAChC;IAEN,IAAIG,OAAOd;IAEX,IAAIA,aAAaE,UAAU,CAACC,MAAM,CAACC,IAAI,CAACW,oBAAoB,EAAE;QAC5D,MAAM,IAAIvB,UAAUQ,aAAagB,GAAG,CAACC,CAAC;IACxC;IACA,IAAI,CAACT,kBAAkB,CAACI,mBAAmB;QACzC,MAAM,IAAIrB,SACR,CAAC,QAAQ,EAAEU,oBAAoB,aAAa,QAAQ,CAAC,CAAC,EACtDd,WAAW+B,WAAW;IAE1B;IAEA,IAAI;QACF,MAAMC,eAAe,MAAMvB,gBAAgBkB,KAAKE,GAAG;QAEnD,wCAAwC;QACxC,+BAA+B;QAC/B,wCAAwC;QACxCF,OAAO,MAAMxB,qBAAqB;YAChCwB;YACAZ,YAAYY,KAAKZ,UAAU,CAACC,MAAM;YAClCiB,WAAW;QACb;QAEA,MAAM,EACJlB,YAAY,EAAEC,QAAQkB,gBAAgB,EAAE,EACxCC,YAAY,EACZC,UAAU,EACVP,KAAK,EACHQ,SAAS,EAAErB,MAAM,EAAEM,KAAK,EAAE,EAC1Be,OAAO,EACR,EACDR,GAAG,EACJ,GAAGF;QAEJ,wCAAwC;QACxC,kBAAkB;QAClB,wCAAwC;QAExC,IAAIW,QAAgBxC,OAAOyC,WAAW,CAAC,IAAIC,QAAQ,CAAC;QAQpD,IAAI,CAACnB,kBAAkB,CAACI,mBAAmB;YACzC,MAAM,IAAIrB,SACR,CAAC,QAAQ,EAAEU,oBAAoB,aAAa,QAAQ,CAAC,CAAC,EACtDd,WAAW+B,WAAW;QAE1B;QAEA,IAAIU,kBAAyB,CAAC;QAE9B,IAAItB,qBAAqBE,gBAAgB;YACvCoB,kBAAkB;gBAChBnB,OAAO;oBACLoB,QAAQrB;gBACV;YACF;QACF,OAAO,IAAID,wBAAwBK,mBAAmB;YACpDgB,kBAAkB;gBAChBf,UAAU;oBACRgB,QAAQjB;gBACV;YACF;QACF;QAEA,6CAA6C;QAC7CgB,kBAAkBnC,uBAAuB;YACvCqC,aAAaT,iBAAiBU,KAAK;YACnCA,OAAO;YACPC,OAAOJ;QACT;QAEA,IAAIK,OAAO,MAAMT,QAAQU,EAAE,CAACC,OAAO,CAAU;YAC3CjC,YAAYmB,iBAAiBe,IAAI;YACjCpB;YACAgB,OAAOJ;QACT;QAEA,sEAAsE;QACtE,+DAA+D;QAC/D,yCAAyC;QACzC,IAAI,CAACK,MAAM;YACT,MAAMvC,kBAAkBoB,KAAKE,GAAG;YAChC,OAAO;QACT;QAEA,MAAMqB,0BAA0B,IAAIC,KAClCA,KAAKC,GAAG,KAAMlB,CAAAA,iBAAiBjB,IAAI,EAAEoC,gBAAgBjB,cAAcA,cAAc,OAAM,GACvFkB,WAAW;QAEbR,OAAO,MAAMT,QAAQkB,MAAM,CAAC;YAC1BC,IAAIV,KAAKU,EAAE;YACXzC,YAAYmB,iBAAiBe,IAAI;YACjC/B,MAAM;gBACJgC;gBACAO,oBAAoBnB;YACtB;YACAT;QACF;QAEA,IAAI,CAACM,gBAAgBW,KAAKxB,KAAK,EAAE;YAC/B,MAAMoC,WAAW,IAAIzD,IAAI4B,IAAI8B,GAAG,EAAGD,QAAQ,CAAC,uBAAuB;;YACnE,MAAME,YACJ5C,OAAO4C,SAAS,KAAK,QAAQ5C,OAAO4C,SAAS,KAAK,KAC9C5C,OAAO4C,SAAS,GAChB,GAAGF,SAAS,EAAE,EAAE7B,IAAIgC,OAAO,CAACC,GAAG,CAAC,SAAS;YAC/C,MAAMC,YAAYvD,eAAe;gBAC/BwD,YAAYhD,OAAOiD,MAAM,CAACC,KAAK;gBAC/BC,MAAM,GAAGnD,OAAOkD,KAAK,CAACD,MAAM,CAACG,KAAK,CAAC,CAAC,EAAE9B,OAAO;gBAC7CsB;YACF;YACA,IAAIS,OAAO,GAAGxC,IAAIC,CAAC,CAAC,+CAA+C;aAC5D,EAAEiC,UAAU,EAAE,EAAEA,UAAU;IACnC,EAAElC,IAAIC,CAAC,CAAC,4CAA4C;YAElD,IAAI,OAAOI,iBAAiBjB,IAAI,CAACoC,cAAc,EAAEiB,sBAAsB,YAAY;gBACjFD,OAAO,MAAMnC,iBAAiBjB,IAAI,CAACoC,cAAc,CAACiB,iBAAiB,CAAC;oBAClEzC;oBACAS;oBACAQ;gBACF;YACF;YAEA,IAAIyB,UAAU1C,IAAIC,CAAC,CAAC;YAEpB,IAAI,OAAOI,iBAAiBjB,IAAI,CAACoC,cAAc,EAAEmB,yBAAyB,YAAY;gBACpFD,UAAU,MAAMrC,iBAAiBjB,IAAI,CAACoC,cAAc,CAACmB,oBAAoB,CAAC;oBACxE3C;oBACAS;oBACAQ;gBACF;YACF;YAEA,MAAMxB,MAAMmD,SAAS,CAAC;gBACpBC,MAAM,CAAC,CAAC,EAAEpD,MAAMqD,eAAe,CAAC,GAAG,EAAErD,MAAMsD,kBAAkB,CAAC,CAAC,CAAC;gBAChEP;gBACAE;gBACAM,IAAI/B,KAAKxB,KAAK;YAChB;QACF;QAEA,wCAAwC;QACxC,mCAAmC;QACnC,wCAAwC;QAExC,IAAIY,iBAAiB4C,KAAK,EAAEC,qBAAqBC,QAAQ;YACvD,KAAK,MAAMC,QAAQ/C,iBAAiB4C,KAAK,CAACC,mBAAmB,CAAE;gBAC7D,MAAME,KAAK;oBAAEtD;oBAAMZ,YAAYY,KAAKZ,UAAU,EAAEC;oBAAQkE,SAASrD,IAAIqD,OAAO;gBAAC;YAC/E;QACF;QAEA,wCAAwC;QACxC,8BAA8B;QAC9B,wCAAwC;QAExC5C,QAAQ,MAAMpC,oBAAoB;YAChCyB;YACAZ,YAAYY,KAAKZ,UAAU,EAAEC;YAC7BiB,WAAW;YACXkD,QAAQ7C;QACV;QAEA,IAAIN,cAAc;YAChB,MAAMzB,kBAAkBsB;QAC1B;QAEA,OAAOS;IACT,EAAE,OAAO8C,OAAgB;QACvB,MAAM1E,gBAAgBiB,KAAKE,GAAG;QAC9B,MAAMuD;IACR;AACF,EAAC"}
+{"version":3,"sources":["../../../src/auth/operations/forgotPassword.ts"],"sourcesContent":["import crypto from 'crypto'\nimport { status as httpStatus } from 'http-status'\nimport { URL } from 'url'\n\nimport type {\n  AuthOperationsFromCollectionSlug,\n  Collection,\n} from '../../collections/config/types.js'\nimport type { AuthCollectionSlug } from '../../index.js'\nimport type { PayloadRequest, Where } from '../../types/index.js'\n\nimport { buildAfterOperation } from '../../collections/operations/utilities/buildAfterOperation.js'\nimport { buildBeforeOperation } from '../../collections/operations/utilities/buildBeforeOperation.js'\nimport { APIError } from '../../errors/index.js'\nimport { Forbidden } from '../../index.js'\nimport { appendNonTrashedFilter } from '../../utilities/appendNonTrashedFilter.js'\nimport { commitTransaction } from '../../utilities/commitTransaction.js'\nimport { formatAdminURL } from '../../utilities/formatAdminURL.js'\nimport { initTransaction } from '../../utilities/initTransaction.js'\nimport { killTransaction } from '../../utilities/killTransaction.js'\nimport { getLoginOptions } from '../getLoginOptions.js'\n\nexport type Arguments<TSlug extends AuthCollectionSlug> = {\n  collection: Collection\n  data: {\n    [key: string]: unknown\n  } & AuthOperationsFromCollectionSlug<TSlug>['forgotPassword']\n  disableEmail?: boolean\n  expiration?: number\n  req: PayloadRequest\n}\n\nexport type Result = string\n\nexport const forgotPasswordOperation = async <TSlug extends AuthCollectionSlug>(\n  incomingArgs: Arguments<TSlug>,\n): Promise<null | string> => {\n  const loginWithUsername = incomingArgs.collection.config.auth.loginWithUsername\n  const { data } = incomingArgs\n\n  const { canLoginWithEmail, canLoginWithUsername } = getLoginOptions(loginWithUsername)\n\n  const sanitizedEmail =\n    (canLoginWithEmail && (incomingArgs.data.email || '').toLowerCase().trim()) || null\n  const sanitizedUsername =\n    'username' in data && typeof data?.username === 'string'\n      ? data.username.toLowerCase().trim()\n      : null\n\n  let args = incomingArgs\n\n  if (incomingArgs.collection.config.auth.disableLocalStrategy) {\n    throw new Forbidden(incomingArgs.req.t)\n  }\n  if (!sanitizedEmail && !sanitizedUsername) {\n    throw new APIError(\n      `Missing ${loginWithUsername ? 'username' : 'email'}.`,\n      httpStatus.BAD_REQUEST,\n    )\n  }\n\n  try {\n    const shouldCommit = await initTransaction(args.req)\n\n    // /////////////////////////////////////\n    // beforeOperation - Collection\n    // /////////////////////////////////////\n    args = await buildBeforeOperation({\n      args,\n      collection: args.collection.config,\n      operation: 'forgotPassword',\n    })\n\n    const {\n      collection: { config: collectionConfig },\n      disableEmail,\n      expiration,\n      req: {\n        payload: { config, email },\n        payload,\n      },\n      req,\n    } = args\n\n    // /////////////////////////////////////\n    // Forget password\n    // /////////////////////////////////////\n\n    let token: string = crypto.randomBytes(20).toString('hex')\n    type UserDoc = {\n      email?: string\n      id: number | string\n      resetPasswordExpiration?: string\n      resetPasswordToken?: string\n    }\n\n    if (!sanitizedEmail && !sanitizedUsername) {\n      throw new APIError(\n        `Missing ${loginWithUsername ? 'username' : 'email'}.`,\n        httpStatus.BAD_REQUEST,\n      )\n    }\n\n    let whereConstraint: Where = {}\n\n    if (canLoginWithEmail && sanitizedEmail) {\n      whereConstraint = {\n        email: {\n          equals: sanitizedEmail,\n        },\n      }\n    } else if (canLoginWithUsername && sanitizedUsername) {\n      whereConstraint = {\n        username: {\n          equals: sanitizedUsername,\n        },\n      }\n    }\n\n    // Exclude trashed users unless `trash: true`\n    whereConstraint = appendNonTrashedFilter({\n      enableTrash: collectionConfig.trash,\n      trash: false,\n      where: whereConstraint,\n    })\n\n    let user = await payload.db.findOne<UserDoc>({\n      collection: collectionConfig.slug,\n      req,\n      where: whereConstraint,\n    })\n\n    // We don't want to indicate specifically that an email was not found,\n    // as doing so could lead to the exposure of registered emails.\n    // Therefore, we prefer to fail silently.\n    if (!user) {\n      await commitTransaction(args.req)\n      return null\n    }\n\n    const resetPasswordExpiration = new Date(\n      Date.now() + (collectionConfig.auth?.forgotPassword?.expiration ?? expiration ?? 3600000),\n    ).toISOString()\n\n    user = await payload.update({\n      id: user.id,\n      collection: collectionConfig.slug,\n      data: {\n        resetPasswordExpiration,\n        resetPasswordToken: token,\n      },\n      req,\n    })\n\n    if (!disableEmail && user.email) {\n      const protocol = new URL(req.url!).protocol // includes the final :\n      const serverURL =\n        config.serverURL !== null && config.serverURL !== ''\n          ? config.serverURL\n          : `${protocol}//${req.headers.get('host')}`\n      const forgotURL = formatAdminURL({\n        adminRoute: config.routes.admin,\n        path: `${config.admin.routes.reset}/${token}`,\n        serverURL,\n      })\n      let html = `${req.t('authentication:youAreReceivingResetPassword')}\n    <a href=\"${forgotURL}\">${forgotURL}</a>\n    ${req.t('authentication:youDidNotRequestPassword')}`\n\n      if (typeof collectionConfig.auth.forgotPassword?.generateEmailHTML === 'function') {\n        html = await collectionConfig.auth.forgotPassword.generateEmailHTML({\n          req,\n          token,\n          user,\n        })\n      }\n\n      let subject = req.t('authentication:resetYourPassword')\n\n      if (typeof collectionConfig.auth.forgotPassword?.generateEmailSubject === 'function') {\n        subject = await collectionConfig.auth.forgotPassword.generateEmailSubject({\n          req,\n          token,\n          user,\n        })\n      }\n\n      await email.sendEmail({\n        from: `\"${email.defaultFromName}\" <${email.defaultFromAddress}>`,\n        html,\n        subject,\n        to: user.email,\n      })\n    }\n\n    // /////////////////////////////////////\n    // afterForgotPassword - Collection\n    // /////////////////////////////////////\n\n    if (collectionConfig.hooks?.afterForgotPassword?.length) {\n      for (const hook of collectionConfig.hooks.afterForgotPassword) {\n        await hook({ args, collection: args.collection?.config, context: req.context })\n      }\n    }\n\n    // /////////////////////////////////////\n    // afterOperation - Collection\n    // /////////////////////////////////////\n\n    token = await buildAfterOperation({\n      args,\n      collection: args.collection?.config,\n      operation: 'forgotPassword',\n      result: token,\n    })\n\n    if (shouldCommit) {\n      await commitTransaction(req)\n    }\n\n    return token\n  } catch (error: unknown) {\n    await killTransaction(args.req)\n    throw error\n  }\n}\n"],"names":["crypto","status","httpStatus","URL","buildAfterOperation","buildBeforeOperation","APIError","Forbidden","appendNonTrashedFilter","commitTransaction","formatAdminURL","initTransaction","killTransaction","getLoginOptions","forgotPasswordOperation","incomingArgs","loginWithUsername","collection","config","auth","data","canLoginWithEmail","canLoginWithUsername","sanitizedEmail","email","toLowerCase","trim","sanitizedUsername","username","args","disableLocalStrategy","req","t","BAD_REQUEST","shouldCommit","operation","collectionConfig","disableEmail","expiration","payload","token","randomBytes","toString","whereConstraint","equals","enableTrash","trash","where","user","db","findOne","slug","resetPasswordExpiration","Date","now","forgotPassword","toISOString","update","id","resetPasswordToken","protocol","url","serverURL","headers","get","forgotURL","adminRoute","routes","admin","path","reset","html","generateEmailHTML","subject","generateEmailSubject","sendEmail","from","defaultFromName","defaultFromAddress","to","hooks","afterForgotPassword","length","hook","context","result","error"],"mappings":"AAAA,OAAOA,YAAY,SAAQ;AAC3B,SAASC,UAAUC,UAAU,QAAQ,cAAa;AAClD,SAASC,GAAG,QAAQ,MAAK;AASzB,SAASC,mBAAmB,QAAQ,gEAA+D;AACnG,SAASC,oBAAoB,QAAQ,iEAAgE;AACrG,SAASC,QAAQ,QAAQ,wBAAuB;AAChD,SAASC,SAAS,QAAQ,iBAAgB;AAC1C,SAASC,sBAAsB,QAAQ,4CAA2C;AAClF,SAASC,iBAAiB,QAAQ,uCAAsC;AACxE,SAASC,cAAc,QAAQ,oCAAmC;AAClE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,wBAAuB;AAcvD,OAAO,MAAMC,0BAA0B,OACrCC;IAEA,MAAMC,oBAAoBD,aAAaE,UAAU,CAACC,MAAM,CAACC,IAAI,CAACH,iBAAiB;IAC/E,MAAM,EAAEI,IAAI,EAAE,GAAGL;IAEjB,MAAM,EAAEM,iBAAiB,EAAEC,oBAAoB,EAAE,GAAGT,gBAAgBG;IAEpE,MAAMO,iBACJ,AAACF,qBAAqB,AAACN,CAAAA,aAAaK,IAAI,CAACI,KAAK,IAAI,EAAC,EAAGC,WAAW,GAAGC,IAAI,MAAO;IACjF,MAAMC,oBACJ,cAAcP,QAAQ,OAAOA,MAAMQ,aAAa,WAC5CR,KAAKQ,QAAQ,CAACH,WAAW,GAAGC,IAAI,KAChC;IAEN,IAAIG,OAAOd;IAEX,IAAIA,aAAaE,UAAU,CAACC,MAAM,CAACC,IAAI,CAACW,oBAAoB,EAAE;QAC5D,MAAM,IAAIvB,UAAUQ,aAAagB,GAAG,CAACC,CAAC;IACxC;IACA,IAAI,CAACT,kBAAkB,CAACI,mBAAmB;QACzC,MAAM,IAAIrB,SACR,CAAC,QAAQ,EAAEU,oBAAoB,aAAa,QAAQ,CAAC,CAAC,EACtDd,WAAW+B,WAAW;IAE1B;IAEA,IAAI;QACF,MAAMC,eAAe,MAAMvB,gBAAgBkB,KAAKE,GAAG;QAEnD,wCAAwC;QACxC,+BAA+B;QAC/B,wCAAwC;QACxCF,OAAO,MAAMxB,qBAAqB;YAChCwB;YACAZ,YAAYY,KAAKZ,UAAU,CAACC,MAAM;YAClCiB,WAAW;QACb;QAEA,MAAM,EACJlB,YAAY,EAAEC,QAAQkB,gBAAgB,EAAE,EACxCC,YAAY,EACZC,UAAU,EACVP,KAAK,EACHQ,SAAS,EAAErB,MAAM,EAAEM,KAAK,EAAE,EAC1Be,OAAO,EACR,EACDR,GAAG,EACJ,GAAGF;QAEJ,wCAAwC;QACxC,kBAAkB;QAClB,wCAAwC;QAExC,IAAIW,QAAgBxC,OAAOyC,WAAW,CAAC,IAAIC,QAAQ,CAAC;QAQpD,IAAI,CAACnB,kBAAkB,CAACI,mBAAmB;YACzC,MAAM,IAAIrB,SACR,CAAC,QAAQ,EAAEU,oBAAoB,aAAa,QAAQ,CAAC,CAAC,EACtDd,WAAW+B,WAAW;QAE1B;QAEA,IAAIU,kBAAyB,CAAC;QAE9B,IAAItB,qBAAqBE,gBAAgB;YACvCoB,kBAAkB;gBAChBnB,OAAO;oBACLoB,QAAQrB;gBACV;YACF;QACF,OAAO,IAAID,wBAAwBK,mBAAmB;YACpDgB,kBAAkB;gBAChBf,UAAU;oBACRgB,QAAQjB;gBACV;YACF;QACF;QAEA,6CAA6C;QAC7CgB,kBAAkBnC,uBAAuB;YACvCqC,aAAaT,iBAAiBU,KAAK;YACnCA,OAAO;YACPC,OAAOJ;QACT;QAEA,IAAIK,OAAO,MAAMT,QAAQU,EAAE,CAACC,OAAO,CAAU;YAC3CjC,YAAYmB,iBAAiBe,IAAI;YACjCpB;YACAgB,OAAOJ;QACT;QAEA,sEAAsE;QACtE,+DAA+D;QAC/D,yCAAyC;QACzC,IAAI,CAACK,MAAM;YACT,MAAMvC,kBAAkBoB,KAAKE,GAAG;YAChC,OAAO;QACT;QAEA,MAAMqB,0BAA0B,IAAIC,KAClCA,KAAKC,GAAG,KAAMlB,CAAAA,iBAAiBjB,IAAI,EAAEoC,gBAAgBjB,cAAcA,cAAc,OAAM,GACvFkB,WAAW;QAEbR,OAAO,MAAMT,QAAQkB,MAAM,CAAC;YAC1BC,IAAIV,KAAKU,EAAE;YACXzC,YAAYmB,iBAAiBe,IAAI;YACjC/B,MAAM;gBACJgC;gBACAO,oBAAoBnB;YACtB;YACAT;QACF;QAEA,IAAI,CAACM,gBAAgBW,KAAKxB,KAAK,EAAE;YAC/B,MAAMoC,WAAW,IAAIzD,IAAI4B,IAAI8B,GAAG,EAAGD,QAAQ,CAAC,uBAAuB;;YACnE,MAAME,YACJ5C,OAAO4C,SAAS,KAAK,QAAQ5C,OAAO4C,SAAS,KAAK,KAC9C5C,OAAO4C,SAAS,GAChB,GAAGF,SAAS,EAAE,EAAE7B,IAAIgC,OAAO,CAACC,GAAG,CAAC,SAAS;YAC/C,MAAMC,YAAYvD,eAAe;gBAC/BwD,YAAYhD,OAAOiD,MAAM,CAACC,KAAK;gBAC/BC,MAAM,GAAGnD,OAAOkD,KAAK,CAACD,MAAM,CAACG,KAAK,CAAC,CAAC,EAAE9B,OAAO;gBAC7CsB;YACF;YACA,IAAIS,OAAO,GAAGxC,IAAIC,CAAC,CAAC,+CAA+C;aAC5D,EAAEiC,UAAU,EAAE,EAAEA,UAAU;IACnC,EAAElC,IAAIC,CAAC,CAAC,4CAA4C;YAElD,IAAI,OAAOI,iBAAiBjB,IAAI,CAACoC,cAAc,EAAEiB,sBAAsB,YAAY;gBACjFD,OAAO,MAAMnC,iBAAiBjB,IAAI,CAACoC,cAAc,CAACiB,iBAAiB,CAAC;oBAClEzC;oBACAS;oBACAQ;gBACF;YACF;YAEA,IAAIyB,UAAU1C,IAAIC,CAAC,CAAC;YAEpB,IAAI,OAAOI,iBAAiBjB,IAAI,CAACoC,cAAc,EAAEmB,yBAAyB,YAAY;gBACpFD,UAAU,MAAMrC,iBAAiBjB,IAAI,CAACoC,cAAc,CAACmB,oBAAoB,CAAC;oBACxE3C;oBACAS;oBACAQ;gBACF;YACF;YAEA,MAAMxB,MAAMmD,SAAS,CAAC;gBACpBC,MAAM,CAAC,CAAC,EAAEpD,MAAMqD,eAAe,CAAC,GAAG,EAAErD,MAAMsD,kBAAkB,CAAC,CAAC,CAAC;gBAChEP;gBACAE;gBACAM,IAAI/B,KAAKxB,KAAK;YAChB;QACF;QAEA,wCAAwC;QACxC,mCAAmC;QACnC,wCAAwC;QAExC,IAAIY,iBAAiB4C,KAAK,EAAEC,qBAAqBC,QAAQ;YACvD,KAAK,MAAMC,QAAQ/C,iBAAiB4C,KAAK,CAACC,mBAAmB,CAAE;gBAC7D,MAAME,KAAK;oBAAEtD;oBAAMZ,YAAYY,KAAKZ,UAAU,EAAEC;oBAAQkE,SAASrD,IAAIqD,OAAO;gBAAC;YAC/E;QACF;QAEA,wCAAwC;QACxC,8BAA8B;QAC9B,wCAAwC;QAExC5C,QAAQ,MAAMpC,oBAAoB;YAChCyB;YACAZ,YAAYY,KAAKZ,UAAU,EAAEC;YAC7BiB,WAAW;YACXkD,QAAQ7C;QACV;QAEA,IAAIN,cAAc;YAChB,MAAMzB,kBAAkBsB;QAC1B;QAEA,OAAOS;IACT,EAAE,OAAO8C,OAAgB;QACvB,MAAM1E,gBAAgBiB,KAAKE,GAAG;QAC9B,MAAMuD;IACR;AACF,EAAC"}

package/dist/auth/operations/local/forgotPassword.d.ts

@@ -1,8 +1,8 @@
-import type { CollectionSlug, Payload, RequestContext } from '../../../index.js';
+import type { AuthCollectionSlug, Payload, RequestContext } from '../../../index.js';
 import type { PayloadRequest } from '../../../types/index.js';
 import type { Result } from '../forgotPassword.js';
-export type Options<T extends CollectionSlug> = {
-    collection: T;
+export type Options<TSlug extends AuthCollectionSlug> = {
+    collection: TSlug;
     context?: RequestContext;
     data: {
         email: string;
@@ -11,5 +11,5 @@ export type Options<T extends CollectionSlug> = {
     expiration?: number;
     req?: Partial<PayloadRequest>;
 };
-export declare function forgotPasswordLocal<T extends CollectionSlug>(payload: Payload, options: Options<T>): Promise<Result>;
+export declare function forgotPasswordLocal<T extends AuthCollectionSlug>(payload: Payload, options: Options<T>): Promise<Result>;
 //# sourceMappingURL=forgotPassword.d.ts.map

package/dist/auth/operations/local/forgotPassword.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"forgotPassword.d.ts","sourceRoot":"","sources":["../../../../src/auth/operations/local/forgotPassword.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAA;AAChF,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAA;AAC7D,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAMlD,MAAM,MAAM,OAAO,CAAC,CAAC,SAAS,cAAc,IAAI;IAC9C,UAAU,EAAE,CAAC,CAAA;IACb,OAAO,CAAC,EAAE,cAAc,CAAA;IACxB,IAAI,EAAE;QACJ,KAAK,EAAE,MAAM,CAAA;KACd,CAAA;IACD,YAAY,CAAC,EAAE,OAAO,CAAA;IACtB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,GAAG,CAAC,EAAE,OAAO,CAAC,cAAc,CAAC,CAAA;CAC9B,CAAA;AAED,wBAAsB,mBAAmB,CAAC,CAAC,SAAS,cAAc,EAChE,OAAO,EAAE,OAAO,EAChB,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC,GAClB,OAAO,CAAC,MAAM,CAAC,CAoBjB"}
+{"version":3,"file":"forgotPassword.d.ts","sourceRoot":"","sources":["../../../../src/auth/operations/local/forgotPassword.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,kBAAkB,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAA;AACpF,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAA;AAC7D,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAMlD,MAAM,MAAM,OAAO,CAAC,KAAK,SAAS,kBAAkB,IAAI;IACtD,UAAU,EAAE,KAAK,CAAA;IACjB,OAAO,CAAC,EAAE,cAAc,CAAA;IACxB,IAAI,EAAE;QACJ,KAAK,EAAE,MAAM,CAAA;KACd,CAAA;IACD,YAAY,CAAC,EAAE,OAAO,CAAA;IACtB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,GAAG,CAAC,EAAE,OAAO,CAAC,cAAc,CAAC,CAAA;CAC9B,CAAA;AAED,wBAAsB,mBAAmB,CAAC,CAAC,SAAS,kBAAkB,EACpE,OAAO,EAAE,OAAO,EAChB,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC,GAClB,OAAO,CAAC,MAAM,CAAC,CAoBjB"}

package/dist/auth/operations/local/forgotPassword.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../src/auth/operations/local/forgotPassword.ts"],"sourcesContent":["import type { CollectionSlug, Payload, RequestContext } from '../../../index.js'\nimport type { PayloadRequest } from '../../../types/index.js'\nimport type { Result } from '../forgotPassword.js'\n\nimport { APIError } from '../../../errors/index.js'\nimport { createLocalReq } from '../../../utilities/createLocalReq.js'\nimport { forgotPasswordOperation } from '../forgotPassword.js'\n\nexport type Options<T extends CollectionSlug> = {\n  collection: T\n  context?: RequestContext\n  data: {\n    email: string\n  }\n  disableEmail?: boolean\n  expiration?: number\n  req?: Partial<PayloadRequest>\n}\n\nexport async function forgotPasswordLocal<T extends CollectionSlug>(\n  payload: Payload,\n  options: Options<T>,\n): Promise<Result> {\n  const { collection: collectionSlug, data, disableEmail, expiration } = options\n\n  const collection = payload.collections[collectionSlug]\n\n  if (!collection) {\n    throw new APIError(\n      `The collection with slug ${String(\n        collectionSlug,\n      )} can't be found. Forgot Password Operation.`,\n    )\n  }\n\n  return forgotPasswordOperation({\n    collection,\n    data,\n    disableEmail,\n    expiration,\n    req: await createLocalReq(options, payload),\n  }) as Promise<Result>\n}\n"],"names":["APIError","createLocalReq","forgotPasswordOperation","forgotPasswordLocal","payload","options","collection","collectionSlug","data","disableEmail","expiration","collections","String","req"],"mappings":"AAIA,SAASA,QAAQ,QAAQ,2BAA0B;AACnD,SAASC,cAAc,QAAQ,uCAAsC;AACrE,SAASC,uBAAuB,QAAQ,uBAAsB;AAa9D,OAAO,eAAeC,oBACpBC,OAAgB,EAChBC,OAAmB;IAEnB,MAAM,EAAEC,YAAYC,cAAc,EAAEC,IAAI,EAAEC,YAAY,EAAEC,UAAU,EAAE,GAAGL;IAEvE,MAAMC,aAAaF,QAAQO,WAAW,CAACJ,eAAe;IAEtD,IAAI,CAACD,YAAY;QACf,MAAM,IAAIN,SACR,CAAC,yBAAyB,EAAEY,OAC1BL,gBACA,2CAA2C,CAAC;IAElD;IAEA,OAAOL,wBAAwB;QAC7BI;QACAE;QACAC;QACAC;QACAG,KAAK,MAAMZ,eAAeI,SAASD;IACrC;AACF"}
+{"version":3,"sources":["../../../../src/auth/operations/local/forgotPassword.ts"],"sourcesContent":["import type { AuthCollectionSlug, Payload, RequestContext } from '../../../index.js'\nimport type { PayloadRequest } from '../../../types/index.js'\nimport type { Result } from '../forgotPassword.js'\n\nimport { APIError } from '../../../errors/index.js'\nimport { createLocalReq } from '../../../utilities/createLocalReq.js'\nimport { forgotPasswordOperation } from '../forgotPassword.js'\n\nexport type Options<TSlug extends AuthCollectionSlug> = {\n  collection: TSlug\n  context?: RequestContext\n  data: {\n    email: string\n  }\n  disableEmail?: boolean\n  expiration?: number\n  req?: Partial<PayloadRequest>\n}\n\nexport async function forgotPasswordLocal<T extends AuthCollectionSlug>(\n  payload: Payload,\n  options: Options<T>,\n): Promise<Result> {\n  const { collection: collectionSlug, data, disableEmail, expiration } = options\n\n  const collection = payload.collections[collectionSlug]\n\n  if (!collection) {\n    throw new APIError(\n      `The collection with slug ${String(\n        collectionSlug,\n      )} can't be found. Forgot Password Operation.`,\n    )\n  }\n\n  return forgotPasswordOperation({\n    collection,\n    data,\n    disableEmail,\n    expiration,\n    req: await createLocalReq(options, payload),\n  }) as Promise<Result>\n}\n"],"names":["APIError","createLocalReq","forgotPasswordOperation","forgotPasswordLocal","payload","options","collection","collectionSlug","data","disableEmail","expiration","collections","String","req"],"mappings":"AAIA,SAASA,QAAQ,QAAQ,2BAA0B;AACnD,SAASC,cAAc,QAAQ,uCAAsC;AACrE,SAASC,uBAAuB,QAAQ,uBAAsB;AAa9D,OAAO,eAAeC,oBACpBC,OAAgB,EAChBC,OAAmB;IAEnB,MAAM,EAAEC,YAAYC,cAAc,EAAEC,IAAI,EAAEC,YAAY,EAAEC,UAAU,EAAE,GAAGL;IAEvE,MAAMC,aAAaF,QAAQO,WAAW,CAACJ,eAAe;IAEtD,IAAI,CAACD,YAAY;QACf,MAAM,IAAIN,SACR,CAAC,yBAAyB,EAAEY,OAC1BL,gBACA,2CAA2C,CAAC;IAElD;IAEA,OAAOL,wBAAwB;QAC7BI;QACAE;QACAC;QACAC;QACAG,KAAK,MAAMZ,eAAeI,SAASD;IACrC;AACF"}

package/dist/auth/operations/local/login.d.ts

@@ -1,7 +1,7 @@
-import type { AuthOperationsFromCollectionSlug, CollectionSlug, DataFromCollectionSlug, Payload, RequestContext } from '../../../index.js';
+import type { AuthCollectionSlug, AuthOperationsFromCollectionSlug, Payload, RequestContext } from '../../../index.js';
 import type { PayloadRequest } from '../../../types/index.js';
-import type { Result } from '../login.js';
-export type Options<TSlug extends CollectionSlug> = {
+import type { LoginResult } from '../login.js';
+export type Options<TSlug extends AuthCollectionSlug> = {
     collection: TSlug;
     context?: RequestContext;
     data: AuthOperationsFromCollectionSlug<TSlug>['login'];
@@ -13,7 +13,5 @@ export type Options<TSlug extends CollectionSlug> = {
     showHiddenFields?: boolean;
     trash?: boolean;
 };
-export declare function loginLocal<TSlug extends CollectionSlug>(payload: Payload, options: Options<TSlug>): Promise<{
-    user: DataFromCollectionSlug<TSlug>;
-} & Result>;
+export declare function loginLocal<TSlug extends AuthCollectionSlug>(payload: Payload, options: Options<TSlug>): Promise<LoginResult<TSlug>>;
 //# sourceMappingURL=login.d.ts.map

package/dist/auth/operations/local/login.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"login.d.ts","sourceRoot":"","sources":["../../../../src/auth/operations/local/login.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,gCAAgC,EAChC,cAAc,EACd,sBAAsB,EACtB,OAAO,EACP,cAAc,EACf,MAAM,mBAAmB,CAAA;AAC1B,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAA;AAC7D,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,aAAa,CAAA;AAMzC,MAAM,MAAM,OAAO,CAAC,KAAK,SAAS,cAAc,IAAI;IAClD,UAAU,EAAE,KAAK,CAAA;IACjB,OAAO,CAAC,EAAE,cAAc,CAAA;IACxB,IAAI,EAAE,gCAAgC,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,CAAA;IACtD,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,GAAG,CAAC,EAAE,OAAO,CAAC,cAAc,CAAC,CAAA;IAC7B,gBAAgB,CAAC,EAAE,OAAO,CAAA;IAC1B,KAAK,CAAC,EAAE,OAAO,CAAA;CAChB,CAAA;AAED,wBAAsB,UAAU,CAAC,KAAK,SAAS,cAAc,EAC3D,OAAO,EAAE,OAAO,EAChB,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC,GACtB,OAAO,CAAC;IAAE,IAAI,EAAE,sBAAsB,CAAC,KAAK,CAAC,CAAA;CAAE,GAAG,MAAM,CAAC,CAiC3D"}
+{"version":3,"file":"login.d.ts","sourceRoot":"","sources":["../../../../src/auth/operations/local/login.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,kBAAkB,EAClB,gCAAgC,EAChC,OAAO,EACP,cAAc,EACf,MAAM,mBAAmB,CAAA;AAC1B,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAA;AAC7D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAM9C,MAAM,MAAM,OAAO,CAAC,KAAK,SAAS,kBAAkB,IAAI;IACtD,UAAU,EAAE,KAAK,CAAA;IACjB,OAAO,CAAC,EAAE,cAAc,CAAA;IACxB,IAAI,EAAE,gCAAgC,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,CAAA;IACtD,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,GAAG,CAAC,EAAE,OAAO,CAAC,cAAc,CAAC,CAAA;IAC7B,gBAAgB,CAAC,EAAE,OAAO,CAAA;IAC1B,KAAK,CAAC,EAAE,OAAO,CAAA;CAChB,CAAA;AAED,wBAAsB,UAAU,CAAC,KAAK,SAAS,kBAAkB,EAC/D,OAAO,EAAE,OAAO,EAChB,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC,GACtB,OAAO,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAiC7B"}

package/dist/auth/operations/local/login.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../src/auth/operations/local/login.ts"],"sourcesContent":["import type {\n  AuthOperationsFromCollectionSlug,\n  CollectionSlug,\n  DataFromCollectionSlug,\n  Payload,\n  RequestContext,\n} from '../../../index.js'\nimport type { PayloadRequest } from '../../../types/index.js'\nimport type { Result } from '../login.js'\n\nimport { APIError } from '../../../errors/index.js'\nimport { createLocalReq } from '../../../utilities/createLocalReq.js'\nimport { loginOperation } from '../login.js'\n\nexport type Options<TSlug extends CollectionSlug> = {\n  collection: TSlug\n  context?: RequestContext\n  data: AuthOperationsFromCollectionSlug<TSlug>['login']\n  depth?: number\n  fallbackLocale?: string\n  locale?: string\n  overrideAccess?: boolean\n  req?: Partial<PayloadRequest>\n  showHiddenFields?: boolean\n  trash?: boolean\n}\n\nexport async function loginLocal<TSlug extends CollectionSlug>(\n  payload: Payload,\n  options: Options<TSlug>,\n): Promise<{ user: DataFromCollectionSlug<TSlug> } & Result> {\n  const {\n    collection: collectionSlug,\n    data,\n    depth,\n    overrideAccess = true,\n    showHiddenFields,\n  } = options\n\n  const collection = payload.collections[collectionSlug]\n\n  if (!collection) {\n    throw new APIError(\n      `The collection with slug ${String(collectionSlug)} can't be found. Login Operation.`,\n    )\n  }\n\n  const args = {\n    collection,\n    data,\n    depth,\n    overrideAccess,\n    req: await createLocalReq(options, payload),\n    showHiddenFields,\n  }\n\n  const result = await loginOperation<TSlug>(args)\n\n  if (collection.config.auth.removeTokenFromResponses) {\n    delete result.token\n  }\n\n  return result\n}\n"],"names":["APIError","createLocalReq","loginOperation","loginLocal","payload","options","collection","collectionSlug","data","depth","overrideAccess","showHiddenFields","collections","String","args","req","result","config","auth","removeTokenFromResponses","token"],"mappings":"AAUA,SAASA,QAAQ,QAAQ,2BAA0B;AACnD,SAASC,cAAc,QAAQ,uCAAsC;AACrE,SAASC,cAAc,QAAQ,cAAa;AAe5C,OAAO,eAAeC,WACpBC,OAAgB,EAChBC,OAAuB;IAEvB,MAAM,EACJC,YAAYC,cAAc,EAC1BC,IAAI,EACJC,KAAK,EACLC,iBAAiB,IAAI,EACrBC,gBAAgB,EACjB,GAAGN;IAEJ,MAAMC,aAAaF,QAAQQ,WAAW,CAACL,eAAe;IAEtD,IAAI,CAACD,YAAY;QACf,MAAM,IAAIN,SACR,CAAC,yBAAyB,EAAEa,OAAON,gBAAgB,iCAAiC,CAAC;IAEzF;IAEA,MAAMO,OAAO;QACXR;QACAE;QACAC;QACAC;QACAK,KAAK,MAAMd,eAAeI,SAASD;QACnCO;IACF;IAEA,MAAMK,SAAS,MAAMd,eAAsBY;IAE3C,IAAIR,WAAWW,MAAM,CAACC,IAAI,CAACC,wBAAwB,EAAE;QACnD,OAAOH,OAAOI,KAAK;IACrB;IAEA,OAAOJ;AACT"}
+{"version":3,"sources":["../../../../src/auth/operations/local/login.ts"],"sourcesContent":["import type {\n  AuthCollectionSlug,\n  AuthOperationsFromCollectionSlug,\n  Payload,\n  RequestContext,\n} from '../../../index.js'\nimport type { PayloadRequest } from '../../../types/index.js'\nimport type { LoginResult } from '../login.js'\n\nimport { APIError } from '../../../errors/index.js'\nimport { createLocalReq } from '../../../utilities/createLocalReq.js'\nimport { loginOperation } from '../login.js'\n\nexport type Options<TSlug extends AuthCollectionSlug> = {\n  collection: TSlug\n  context?: RequestContext\n  data: AuthOperationsFromCollectionSlug<TSlug>['login']\n  depth?: number\n  fallbackLocale?: string\n  locale?: string\n  overrideAccess?: boolean\n  req?: Partial<PayloadRequest>\n  showHiddenFields?: boolean\n  trash?: boolean\n}\n\nexport async function loginLocal<TSlug extends AuthCollectionSlug>(\n  payload: Payload,\n  options: Options<TSlug>,\n): Promise<LoginResult<TSlug>> {\n  const {\n    collection: collectionSlug,\n    data,\n    depth,\n    overrideAccess = true,\n    showHiddenFields,\n  } = options\n\n  const collection = payload.collections[collectionSlug]\n\n  if (!collection) {\n    throw new APIError(\n      `The collection with slug ${String(collectionSlug)} can't be found. Login Operation.`,\n    )\n  }\n\n  const args = {\n    collection,\n    data,\n    depth,\n    overrideAccess,\n    req: await createLocalReq(options, payload),\n    showHiddenFields,\n  }\n\n  const result = await loginOperation<TSlug>(args)\n\n  if (collection.config.auth.removeTokenFromResponses) {\n    delete result.token\n  }\n\n  return result\n}\n"],"names":["APIError","createLocalReq","loginOperation","loginLocal","payload","options","collection","collectionSlug","data","depth","overrideAccess","showHiddenFields","collections","String","args","req","result","config","auth","removeTokenFromResponses","token"],"mappings":"AASA,SAASA,QAAQ,QAAQ,2BAA0B;AACnD,SAASC,cAAc,QAAQ,uCAAsC;AACrE,SAASC,cAAc,QAAQ,cAAa;AAe5C,OAAO,eAAeC,WACpBC,OAAgB,EAChBC,OAAuB;IAEvB,MAAM,EACJC,YAAYC,cAAc,EAC1BC,IAAI,EACJC,KAAK,EACLC,iBAAiB,IAAI,EACrBC,gBAAgB,EACjB,GAAGN;IAEJ,MAAMC,aAAaF,QAAQQ,WAAW,CAACL,eAAe;IAEtD,IAAI,CAACD,YAAY;QACf,MAAM,IAAIN,SACR,CAAC,yBAAyB,EAAEa,OAAON,gBAAgB,iCAAiC,CAAC;IAEzF;IAEA,MAAMO,OAAO;QACXR;QACAE;QACAC;QACAC;QACAK,KAAK,MAAMd,eAAeI,SAASD;QACnCO;IACF;IAEA,MAAMK,SAAS,MAAMd,eAAsBY;IAE3C,IAAIR,WAAWW,MAAM,CAACC,IAAI,CAACC,wBAAwB,EAAE;QACnD,OAAOH,OAAOI,KAAK;IACrB;IAEA,OAAOJ;AACT"}

package/dist/auth/operations/local/resetPassword.d.ts

@@ -1,8 +1,8 @@
-import type { CollectionSlug, Payload, RequestContext } from '../../../index.js';
+import type { AuthCollectionSlug, Payload, RequestContext } from '../../../index.js';
 import type { PayloadRequest } from '../../../types/index.js';
 import type { Result } from '../resetPassword.js';
-export type Options<T extends CollectionSlug> = {
-    collection: T;
+export type Options<TSlug extends AuthCollectionSlug> = {
+    collection: TSlug;
     context?: RequestContext;
     data: {
         password: string;
@@ -11,5 +11,5 @@ export type Options<T extends CollectionSlug> = {
     overrideAccess: boolean;
     req?: Partial<PayloadRequest>;
 };
-export declare function resetPasswordLocal<TSlug extends CollectionSlug>(payload: Payload, options: Options<TSlug>): Promise<Result>;
+export declare function resetPasswordLocal<TSlug extends AuthCollectionSlug>(payload: Payload, options: Options<TSlug>): Promise<Result>;
 //# sourceMappingURL=resetPassword.d.ts.map

package/dist/auth/operations/local/resetPassword.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"resetPassword.d.ts","sourceRoot":"","sources":["../../../../src/auth/operations/local/resetPassword.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAA;AAChF,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAA;AAC7D,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAMjD,MAAM,MAAM,OAAO,CAAC,CAAC,SAAS,cAAc,IAAI;IAC9C,UAAU,EAAE,CAAC,CAAA;IACb,OAAO,CAAC,EAAE,cAAc,CAAA;IACxB,IAAI,EAAE;QACJ,QAAQ,EAAE,MAAM,CAAA;QAChB,KAAK,EAAE,MAAM,CAAA;KACd,CAAA;IACD,cAAc,EAAE,OAAO,CAAA;IACvB,GAAG,CAAC,EAAE,OAAO,CAAC,cAAc,CAAC,CAAA;CAC9B,CAAA;AAED,wBAAsB,kBAAkB,CAAC,KAAK,SAAS,cAAc,EACnE,OAAO,EAAE,OAAO,EAChB,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC,GACtB,OAAO,CAAC,MAAM,CAAC,CAyBjB"}
+{"version":3,"file":"resetPassword.d.ts","sourceRoot":"","sources":["../../../../src/auth/operations/local/resetPassword.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,kBAAkB,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAA;AACpF,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAA;AAC7D,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAMjD,MAAM,MAAM,OAAO,CAAC,KAAK,SAAS,kBAAkB,IAAI;IACtD,UAAU,EAAE,KAAK,CAAA;IACjB,OAAO,CAAC,EAAE,cAAc,CAAA;IACxB,IAAI,EAAE;QACJ,QAAQ,EAAE,MAAM,CAAA;QAChB,KAAK,EAAE,MAAM,CAAA;KACd,CAAA;IACD,cAAc,EAAE,OAAO,CAAA;IACvB,GAAG,CAAC,EAAE,OAAO,CAAC,cAAc,CAAC,CAAA;CAC9B,CAAA;AAED,wBAAsB,kBAAkB,CAAC,KAAK,SAAS,kBAAkB,EACvE,OAAO,EAAE,OAAO,EAChB,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC,GACtB,OAAO,CAAC,MAAM,CAAC,CAyBjB"}

package/dist/auth/operations/local/resetPassword.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../src/auth/operations/local/resetPassword.ts"],"sourcesContent":["import type { CollectionSlug, Payload, RequestContext } from '../../../index.js'\nimport type { PayloadRequest } from '../../../types/index.js'\nimport type { Result } from '../resetPassword.js'\n\nimport { APIError } from '../../../errors/index.js'\nimport { createLocalReq } from '../../../utilities/createLocalReq.js'\nimport { resetPasswordOperation } from '../resetPassword.js'\n\nexport type Options<T extends CollectionSlug> = {\n  collection: T\n  context?: RequestContext\n  data: {\n    password: string\n    token: string\n  }\n  overrideAccess: boolean\n  req?: Partial<PayloadRequest>\n}\n\nexport async function resetPasswordLocal<TSlug extends CollectionSlug>(\n  payload: Payload,\n  options: Options<TSlug>,\n): Promise<Result> {\n  const { collection: collectionSlug, data, overrideAccess } = options\n\n  const collection = payload.collections[collectionSlug]\n\n  if (!collection) {\n    throw new APIError(\n      `The collection with slug ${String(\n        collectionSlug,\n      )} can't be found. Reset Password Operation.`,\n    )\n  }\n\n  const result = await resetPasswordOperation<TSlug>({\n    collection,\n    data,\n    overrideAccess,\n    req: await createLocalReq(options, payload),\n  })\n\n  if (collection.config.auth.removeTokenFromResponses) {\n    delete result.token\n  }\n\n  return result\n}\n"],"names":["APIError","createLocalReq","resetPasswordOperation","resetPasswordLocal","payload","options","collection","collectionSlug","data","overrideAccess","collections","String","result","req","config","auth","removeTokenFromResponses","token"],"mappings":"AAIA,SAASA,QAAQ,QAAQ,2BAA0B;AACnD,SAASC,cAAc,QAAQ,uCAAsC;AACrE,SAASC,sBAAsB,QAAQ,sBAAqB;AAa5D,OAAO,eAAeC,mBACpBC,OAAgB,EAChBC,OAAuB;IAEvB,MAAM,EAAEC,YAAYC,cAAc,EAAEC,IAAI,EAAEC,cAAc,EAAE,GAAGJ;IAE7D,MAAMC,aAAaF,QAAQM,WAAW,CAACH,eAAe;IAEtD,IAAI,CAACD,YAAY;QACf,MAAM,IAAIN,SACR,CAAC,yBAAyB,EAAEW,OAC1BJ,gBACA,0CAA0C,CAAC;IAEjD;IAEA,MAAMK,SAAS,MAAMV,uBAA8B;QACjDI;QACAE;QACAC;QACAI,KAAK,MAAMZ,eAAeI,SAASD;IACrC;IAEA,IAAIE,WAAWQ,MAAM,CAACC,IAAI,CAACC,wBAAwB,EAAE;QACnD,OAAOJ,OAAOK,KAAK;IACrB;IAEA,OAAOL;AACT"}
+{"version":3,"sources":["../../../../src/auth/operations/local/resetPassword.ts"],"sourcesContent":["import type { AuthCollectionSlug, Payload, RequestContext } from '../../../index.js'\nimport type { PayloadRequest } from '../../../types/index.js'\nimport type { Result } from '../resetPassword.js'\n\nimport { APIError } from '../../../errors/index.js'\nimport { createLocalReq } from '../../../utilities/createLocalReq.js'\nimport { resetPasswordOperation } from '../resetPassword.js'\n\nexport type Options<TSlug extends AuthCollectionSlug> = {\n  collection: TSlug\n  context?: RequestContext\n  data: {\n    password: string\n    token: string\n  }\n  overrideAccess: boolean\n  req?: Partial<PayloadRequest>\n}\n\nexport async function resetPasswordLocal<TSlug extends AuthCollectionSlug>(\n  payload: Payload,\n  options: Options<TSlug>,\n): Promise<Result> {\n  const { collection: collectionSlug, data, overrideAccess } = options\n\n  const collection = payload.collections[collectionSlug]\n\n  if (!collection) {\n    throw new APIError(\n      `The collection with slug ${String(\n        collectionSlug,\n      )} can't be found. Reset Password Operation.`,\n    )\n  }\n\n  const result = await resetPasswordOperation<TSlug>({\n    collection,\n    data,\n    overrideAccess,\n    req: await createLocalReq(options, payload),\n  })\n\n  if (collection.config.auth.removeTokenFromResponses) {\n    delete result.token\n  }\n\n  return result\n}\n"],"names":["APIError","createLocalReq","resetPasswordOperation","resetPasswordLocal","payload","options","collection","collectionSlug","data","overrideAccess","collections","String","result","req","config","auth","removeTokenFromResponses","token"],"mappings":"AAIA,SAASA,QAAQ,QAAQ,2BAA0B;AACnD,SAASC,cAAc,QAAQ,uCAAsC;AACrE,SAASC,sBAAsB,QAAQ,sBAAqB;AAa5D,OAAO,eAAeC,mBACpBC,OAAgB,EAChBC,OAAuB;IAEvB,MAAM,EAAEC,YAAYC,cAAc,EAAEC,IAAI,EAAEC,cAAc,EAAE,GAAGJ;IAE7D,MAAMC,aAAaF,QAAQM,WAAW,CAACH,eAAe;IAEtD,IAAI,CAACD,YAAY;QACf,MAAM,IAAIN,SACR,CAAC,yBAAyB,EAAEW,OAC1BJ,gBACA,0CAA0C,CAAC;IAEjD;IAEA,MAAMK,SAAS,MAAMV,uBAA8B;QACjDI;QACAE;QACAC;QACAI,KAAK,MAAMZ,eAAeI,SAASD;IACrC;IAEA,IAAIE,WAAWQ,MAAM,CAACC,IAAI,CAACC,wBAAwB,EAAE;QACnD,OAAOJ,OAAOK,KAAK;IACrB;IAEA,OAAOL;AACT"}

package/dist/auth/operations/local/unlock.d.ts

@@ -1,11 +1,11 @@
-import type { AuthOperationsFromCollectionSlug, CollectionSlug, Payload, RequestContext } from '../../../index.js';
+import type { AuthCollectionSlug, AuthOperationsFromCollectionSlug, Payload, RequestContext } from '../../../index.js';
 import type { PayloadRequest } from '../../../types/index.js';
-export type Options<TSlug extends CollectionSlug> = {
+export type Options<TSlug extends AuthCollectionSlug> = {
     collection: TSlug;
     context?: RequestContext;
     data: AuthOperationsFromCollectionSlug<TSlug>['unlock'];
     overrideAccess: boolean;
     req?: Partial<PayloadRequest>;
 };
-export declare function unlockLocal<TSlug extends CollectionSlug>(payload: Payload, options: Options<TSlug>): Promise<boolean>;
+export declare function unlockLocal<TSlug extends AuthCollectionSlug>(payload: Payload, options: Options<TSlug>): Promise<boolean>;
 //# sourceMappingURL=unlock.d.ts.map

package/dist/auth/operations/local/unlock.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"unlock.d.ts","sourceRoot":"","sources":["../../../../src/auth/operations/local/unlock.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,gCAAgC,EAChC,cAAc,EACd,OAAO,EACP,cAAc,EACf,MAAM,mBAAmB,CAAA;AAC1B,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAA;AAM7D,MAAM,MAAM,OAAO,CAAC,KAAK,SAAS,cAAc,IAAI;IAClD,UAAU,EAAE,KAAK,CAAA;IACjB,OAAO,CAAC,EAAE,cAAc,CAAA;IACxB,IAAI,EAAE,gCAAgC,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,CAAA;IACvD,cAAc,EAAE,OAAO,CAAA;IACvB,GAAG,CAAC,EAAE,OAAO,CAAC,cAAc,CAAC,CAAA;CAC9B,CAAA;AAED,wBAAsB,WAAW,CAAC,KAAK,SAAS,cAAc,EAC5D,OAAO,EAAE,OAAO,EAChB,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC,GACtB,OAAO,CAAC,OAAO,CAAC,CAiBlB"}
+{"version":3,"file":"unlock.d.ts","sourceRoot":"","sources":["../../../../src/auth/operations/local/unlock.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,kBAAkB,EAClB,gCAAgC,EAChC,OAAO,EACP,cAAc,EACf,MAAM,mBAAmB,CAAA;AAC1B,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAA;AAM7D,MAAM,MAAM,OAAO,CAAC,KAAK,SAAS,kBAAkB,IAAI;IACtD,UAAU,EAAE,KAAK,CAAA;IACjB,OAAO,CAAC,EAAE,cAAc,CAAA;IACxB,IAAI,EAAE,gCAAgC,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,CAAA;IACvD,cAAc,EAAE,OAAO,CAAA;IACvB,GAAG,CAAC,EAAE,OAAO,CAAC,cAAc,CAAC,CAAA;CAC9B,CAAA;AAED,wBAAsB,WAAW,CAAC,KAAK,SAAS,kBAAkB,EAChE,OAAO,EAAE,OAAO,EAChB,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC,GACtB,OAAO,CAAC,OAAO,CAAC,CAiBlB"}

package/dist/auth/operations/local/unlock.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../src/auth/operations/local/unlock.ts"],"sourcesContent":["import type {\n  AuthOperationsFromCollectionSlug,\n  CollectionSlug,\n  Payload,\n  RequestContext,\n} from '../../../index.js'\nimport type { PayloadRequest } from '../../../types/index.js'\n\nimport { APIError } from '../../../errors/index.js'\nimport { createLocalReq } from '../../../utilities/createLocalReq.js'\nimport { unlockOperation } from '../unlock.js'\n\nexport type Options<TSlug extends CollectionSlug> = {\n  collection: TSlug\n  context?: RequestContext\n  data: AuthOperationsFromCollectionSlug<TSlug>['unlock']\n  overrideAccess: boolean\n  req?: Partial<PayloadRequest>\n}\n\nexport async function unlockLocal<TSlug extends CollectionSlug>(\n  payload: Payload,\n  options: Options<TSlug>,\n): Promise<boolean> {\n  const { collection: collectionSlug, data, overrideAccess = true } = options\n\n  const collection = payload.collections[collectionSlug]\n\n  if (!collection) {\n    throw new APIError(\n      `The collection with slug ${String(collectionSlug)} can't be found. Unlock Operation.`,\n    )\n  }\n\n  return unlockOperation<TSlug>({\n    collection,\n    data,\n    overrideAccess,\n    req: await createLocalReq(options, payload),\n  })\n}\n"],"names":["APIError","createLocalReq","unlockOperation","unlockLocal","payload","options","collection","collectionSlug","data","overrideAccess","collections","String","req"],"mappings":"AAQA,SAASA,QAAQ,QAAQ,2BAA0B;AACnD,SAASC,cAAc,QAAQ,uCAAsC;AACrE,SAASC,eAAe,QAAQ,eAAc;AAU9C,OAAO,eAAeC,YACpBC,OAAgB,EAChBC,OAAuB;IAEvB,MAAM,EAAEC,YAAYC,cAAc,EAAEC,IAAI,EAAEC,iBAAiB,IAAI,EAAE,GAAGJ;IAEpE,MAAMC,aAAaF,QAAQM,WAAW,CAACH,eAAe;IAEtD,IAAI,CAACD,YAAY;QACf,MAAM,IAAIN,SACR,CAAC,yBAAyB,EAAEW,OAAOJ,gBAAgB,kCAAkC,CAAC;IAE1F;IAEA,OAAOL,gBAAuB;QAC5BI;QACAE;QACAC;QACAG,KAAK,MAAMX,eAAeI,SAASD;IACrC;AACF"}
+{"version":3,"sources":["../../../../src/auth/operations/local/unlock.ts"],"sourcesContent":["import type {\n  AuthCollectionSlug,\n  AuthOperationsFromCollectionSlug,\n  Payload,\n  RequestContext,\n} from '../../../index.js'\nimport type { PayloadRequest } from '../../../types/index.js'\n\nimport { APIError } from '../../../errors/index.js'\nimport { createLocalReq } from '../../../utilities/createLocalReq.js'\nimport { unlockOperation } from '../unlock.js'\n\nexport type Options<TSlug extends AuthCollectionSlug> = {\n  collection: TSlug\n  context?: RequestContext\n  data: AuthOperationsFromCollectionSlug<TSlug>['unlock']\n  overrideAccess: boolean\n  req?: Partial<PayloadRequest>\n}\n\nexport async function unlockLocal<TSlug extends AuthCollectionSlug>(\n  payload: Payload,\n  options: Options<TSlug>,\n): Promise<boolean> {\n  const { collection: collectionSlug, data, overrideAccess = true } = options\n\n  const collection = payload.collections[collectionSlug]\n\n  if (!collection) {\n    throw new APIError(\n      `The collection with slug ${String(collectionSlug)} can't be found. Unlock Operation.`,\n    )\n  }\n\n  return unlockOperation<TSlug>({\n    collection,\n    data,\n    overrideAccess,\n    req: await createLocalReq(options, payload),\n  })\n}\n"],"names":["APIError","createLocalReq","unlockOperation","unlockLocal","payload","options","collection","collectionSlug","data","overrideAccess","collections","String","req"],"mappings":"AAQA,SAASA,QAAQ,QAAQ,2BAA0B;AACnD,SAASC,cAAc,QAAQ,uCAAsC;AACrE,SAASC,eAAe,QAAQ,eAAc;AAU9C,OAAO,eAAeC,YACpBC,OAAgB,EAChBC,OAAuB;IAEvB,MAAM,EAAEC,YAAYC,cAAc,EAAEC,IAAI,EAAEC,iBAAiB,IAAI,EAAE,GAAGJ;IAEpE,MAAMC,aAAaF,QAAQM,WAAW,CAACH,eAAe;IAEtD,IAAI,CAACD,YAAY;QACf,MAAM,IAAIN,SACR,CAAC,yBAAyB,EAAEW,OAAOJ,gBAAgB,kCAAkC,CAAC;IAE1F;IAEA,OAAOL,gBAAuB;QAC5BI;QACAE;QACAC;QACAG,KAAK,MAAMX,eAAeI,SAASD;IACrC;AACF"}

package/dist/auth/operations/local/verifyEmail.d.ts

@@ -1,10 +1,10 @@
-import type { CollectionSlug, Payload, RequestContext } from '../../../index.js';
+import type { AuthCollectionSlug, Payload, RequestContext } from '../../../index.js';
 import type { PayloadRequest } from '../../../types/index.js';
-export type Options<T extends CollectionSlug> = {
-    collection: T;
+export type Options<TSlug extends AuthCollectionSlug> = {
+    collection: TSlug;
     context?: RequestContext;
     req?: Partial<PayloadRequest>;
     token: string;
 };
-export declare function verifyEmailLocal<T extends CollectionSlug>(payload: Payload, options: Options<T>): Promise<boolean>;
+export declare function verifyEmailLocal<T extends AuthCollectionSlug>(payload: Payload, options: Options<T>): Promise<boolean>;
 //# sourceMappingURL=verifyEmail.d.ts.map

package/dist/auth/operations/local/verifyEmail.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"verifyEmail.d.ts","sourceRoot":"","sources":["../../../../src/auth/operations/local/verifyEmail.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAA;AAChF,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAA;AAM7D,MAAM,MAAM,OAAO,CAAC,CAAC,SAAS,cAAc,IAAI;IAC9C,UAAU,EAAE,CAAC,CAAA;IACb,OAAO,CAAC,EAAE,cAAc,CAAA;IACxB,GAAG,CAAC,EAAE,OAAO,CAAC,cAAc,CAAC,CAAA;IAC7B,KAAK,EAAE,MAAM,CAAA;CACd,CAAA;AAED,wBAAsB,gBAAgB,CAAC,CAAC,SAAS,cAAc,EAC7D,OAAO,EAAE,OAAO,EAChB,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC,GAClB,OAAO,CAAC,OAAO,CAAC,CAgBlB"}
+{"version":3,"file":"verifyEmail.d.ts","sourceRoot":"","sources":["../../../../src/auth/operations/local/verifyEmail.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,kBAAkB,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAA;AACpF,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAA;AAM7D,MAAM,MAAM,OAAO,CAAC,KAAK,SAAS,kBAAkB,IAAI;IACtD,UAAU,EAAE,KAAK,CAAA;IACjB,OAAO,CAAC,EAAE,cAAc,CAAA;IACxB,GAAG,CAAC,EAAE,OAAO,CAAC,cAAc,CAAC,CAAA;IAC7B,KAAK,EAAE,MAAM,CAAA;CACd,CAAA;AAED,wBAAsB,gBAAgB,CAAC,CAAC,SAAS,kBAAkB,EACjE,OAAO,EAAE,OAAO,EAChB,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC,GAClB,OAAO,CAAC,OAAO,CAAC,CAgBlB"}

package/dist/auth/operations/local/verifyEmail.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../src/auth/operations/local/verifyEmail.ts"],"sourcesContent":["import type { CollectionSlug, Payload, RequestContext } from '../../../index.js'\nimport type { PayloadRequest } from '../../../types/index.js'\n\nimport { APIError } from '../../../errors/index.js'\nimport { createLocalReq } from '../../../utilities/createLocalReq.js'\nimport { verifyEmailOperation } from '../verifyEmail.js'\n\nexport type Options<T extends CollectionSlug> = {\n  collection: T\n  context?: RequestContext\n  req?: Partial<PayloadRequest>\n  token: string\n}\n\nexport async function verifyEmailLocal<T extends CollectionSlug>(\n  payload: Payload,\n  options: Options<T>,\n): Promise<boolean> {\n  const { collection: collectionSlug, token } = options\n\n  const collection = payload.collections[collectionSlug]\n\n  if (!collection) {\n    throw new APIError(\n      `The collection with slug ${String(collectionSlug)} can't be found. Verify Email Operation.`,\n    )\n  }\n\n  return verifyEmailOperation({\n    collection,\n    req: await createLocalReq(options, payload),\n    token,\n  })\n}\n"],"names":["APIError","createLocalReq","verifyEmailOperation","verifyEmailLocal","payload","options","collection","collectionSlug","token","collections","String","req"],"mappings":"AAGA,SAASA,QAAQ,QAAQ,2BAA0B;AACnD,SAASC,cAAc,QAAQ,uCAAsC;AACrE,SAASC,oBAAoB,QAAQ,oBAAmB;AASxD,OAAO,eAAeC,iBACpBC,OAAgB,EAChBC,OAAmB;IAEnB,MAAM,EAAEC,YAAYC,cAAc,EAAEC,KAAK,EAAE,GAAGH;IAE9C,MAAMC,aAAaF,QAAQK,WAAW,CAACF,eAAe;IAEtD,IAAI,CAACD,YAAY;QACf,MAAM,IAAIN,SACR,CAAC,yBAAyB,EAAEU,OAAOH,gBAAgB,wCAAwC,CAAC;IAEhG;IAEA,OAAOL,qBAAqB;QAC1BI;QACAK,KAAK,MAAMV,eAAeI,SAASD;QACnCI;IACF;AACF"}
+{"version":3,"sources":["../../../../src/auth/operations/local/verifyEmail.ts"],"sourcesContent":["import type { AuthCollectionSlug, Payload, RequestContext } from '../../../index.js'\nimport type { PayloadRequest } from '../../../types/index.js'\n\nimport { APIError } from '../../../errors/index.js'\nimport { createLocalReq } from '../../../utilities/createLocalReq.js'\nimport { verifyEmailOperation } from '../verifyEmail.js'\n\nexport type Options<TSlug extends AuthCollectionSlug> = {\n  collection: TSlug\n  context?: RequestContext\n  req?: Partial<PayloadRequest>\n  token: string\n}\n\nexport async function verifyEmailLocal<T extends AuthCollectionSlug>(\n  payload: Payload,\n  options: Options<T>,\n): Promise<boolean> {\n  const { collection: collectionSlug, token } = options\n\n  const collection = payload.collections[collectionSlug]\n\n  if (!collection) {\n    throw new APIError(\n      `The collection with slug ${String(collectionSlug)} can't be found. Verify Email Operation.`,\n    )\n  }\n\n  return verifyEmailOperation({\n    collection,\n    req: await createLocalReq(options, payload),\n    token,\n  })\n}\n"],"names":["APIError","createLocalReq","verifyEmailOperation","verifyEmailLocal","payload","options","collection","collectionSlug","token","collections","String","req"],"mappings":"AAGA,SAASA,QAAQ,QAAQ,2BAA0B;AACnD,SAASC,cAAc,QAAQ,uCAAsC;AACrE,SAASC,oBAAoB,QAAQ,oBAAmB;AASxD,OAAO,eAAeC,iBACpBC,OAAgB,EAChBC,OAAmB;IAEnB,MAAM,EAAEC,YAAYC,cAAc,EAAEC,KAAK,EAAE,GAAGH;IAE9C,MAAMC,aAAaF,QAAQK,WAAW,CAACF,eAAe;IAEtD,IAAI,CAACD,YAAY;QACf,MAAM,IAAIN,SACR,CAAC,yBAAyB,EAAEU,OAAOH,gBAAgB,wCAAwC,CAAC;IAEhG;IAEA,OAAOL,qBAAqB;QAC1BI;QACAK,KAAK,MAAMV,eAAeI,SAASD;QACnCI;IACF;AACF"}

package/dist/auth/operations/login.d.ts

@@ -1,12 +1,12 @@
 import type { AuthOperationsFromCollectionSlug, Collection, DataFromCollectionSlug } from '../../collections/config/types.js';
-import type { CollectionSlug, TypedUser } from '../../index.js';
+import type { AuthCollectionSlug } from '../../index.js';
 import type { PayloadRequest } from '../../types/index.js';
-export type Result = {
+export type LoginResult<TSlug extends AuthCollectionSlug> = {
     exp?: number;
     token?: string;
-    user?: TypedUser;
+    user?: DataFromCollectionSlug<TSlug>;
 };
-export type Arguments<TSlug extends CollectionSlug> = {
+export type Arguments<TSlug extends AuthCollectionSlug> = {
     collection: Collection;
     data: AuthOperationsFromCollectionSlug<TSlug>['login'];
     depth?: number;
@@ -14,19 +14,17 @@ export type Arguments<TSlug extends CollectionSlug> = {
     req: PayloadRequest;
     showHiddenFields?: boolean;
 };
-type CheckLoginPermissionArgs = {
+type CheckLoginPermissionArgs<TSlug extends AuthCollectionSlug> = {
     loggingInWithUsername?: boolean;
     req: PayloadRequest;
-    user: any;
+    user: DataFromCollectionSlug<TSlug>;
 };
 /**
  * Throws an error if the user is locked or does not exist.
  * This does not check the login attempts, only the lock status. Whoever increments login attempts
  * is responsible for locking the user properly, not whoever checks the login permission.
  */
-export declare const checkLoginPermission: ({ loggingInWithUsername, req, user, }: CheckLoginPermissionArgs) => void;
-export declare const loginOperation: <TSlug extends CollectionSlug>(incomingArgs: Arguments<TSlug>) => Promise<{
-    user: DataFromCollectionSlug<TSlug>;
-} & Result>;
+export declare const checkLoginPermission: <TSlug extends AuthCollectionSlug>({ loggingInWithUsername, req, user, }: CheckLoginPermissionArgs<TSlug>) => void;
+export declare const loginOperation: <TSlug extends AuthCollectionSlug>(incomingArgs: Arguments<TSlug>) => Promise<LoginResult<TSlug>>;
 export {};
 //# sourceMappingURL=login.d.ts.map

package/dist/auth/operations/login.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"login.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/login.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,gCAAgC,EAChC,UAAU,EACV,sBAAsB,EACvB,MAAM,mCAAmC,CAAA;AAC1C,OAAO,KAAK,EAAE,cAAc,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAA;AAC/D,OAAO,KAAK,EAAE,cAAc,EAAS,MAAM,sBAAsB,CAAA;AAwBjE,MAAM,MAAM,MAAM,GAAG;IACnB,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,IAAI,CAAC,EAAE,SAAS,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,SAAS,CAAC,KAAK,SAAS,cAAc,IAAI;IACpD,UAAU,EAAE,UAAU,CAAA;IACtB,IAAI,EAAE,gCAAgC,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,CAAA;IACtD,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,GAAG,EAAE,cAAc,CAAA;IACnB,gBAAgB,CAAC,EAAE,OAAO,CAAA;CAC3B,CAAA;AAED,KAAK,wBAAwB,GAAG;IAC9B,qBAAqB,CAAC,EAAE,OAAO,CAAA;IAC/B,GAAG,EAAE,cAAc,CAAA;IACnB,IAAI,EAAE,GAAG,CAAA;CACV,CAAA;AAED;;;;GAIG;AACH,eAAO,MAAM,oBAAoB,0CAI9B,wBAAwB,SAQ1B,CAAA;AAED,eAAO,MAAM,cAAc,GAAU,KAAK,SAAS,cAAc,gBACjD,SAAS,CAAC,KAAK,CAAC,KAC7B,OAAO,CAAC;IAAE,IAAI,EAAE,sBAAsB,CAAC,KAAK,CAAC,CAAA;CAAE,GAAG,MAAM,CA4V1D,CAAA"}
+{"version":3,"file":"login.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/login.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,gCAAgC,EAChC,UAAU,EACV,sBAAsB,EACvB,MAAM,mCAAmC,CAAA;AAC1C,OAAO,KAAK,EAAE,kBAAkB,EAAa,MAAM,gBAAgB,CAAA;AACnE,OAAO,KAAK,EAAE,cAAc,EAAS,MAAM,sBAAsB,CAAA;AAwBjE,MAAM,MAAM,WAAW,CAAC,KAAK,SAAS,kBAAkB,IAAI;IAC1D,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,IAAI,CAAC,EAAE,sBAAsB,CAAC,KAAK,CAAC,CAAA;CACrC,CAAA;AAED,MAAM,MAAM,SAAS,CAAC,KAAK,SAAS,kBAAkB,IAAI;IACxD,UAAU,EAAE,UAAU,CAAA;IACtB,IAAI,EAAE,gCAAgC,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,CAAA;IACtD,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,GAAG,EAAE,cAAc,CAAA;IACnB,gBAAgB,CAAC,EAAE,OAAO,CAAA;CAC3B,CAAA;AAED,KAAK,wBAAwB,CAAC,KAAK,SAAS,kBAAkB,IAAI;IAChE,qBAAqB,CAAC,EAAE,OAAO,CAAA;IAC/B,GAAG,EAAE,cAAc,CAAA;IACnB,IAAI,EAAE,sBAAsB,CAAC,KAAK,CAAC,CAAA;CACpC,CAAA;AAED;;;;GAIG;AACH,eAAO,MAAM,oBAAoB,GAAI,KAAK,SAAS,kBAAkB,yCAIlE,wBAAwB,CAAC,KAAK,CAAC,SAQjC,CAAA;AAED,eAAO,MAAM,cAAc,GAAU,KAAK,SAAS,kBAAkB,gBACrD,SAAS,CAAC,KAAK,CAAC,KAC7B,OAAO,CAAC,WAAW,CAAC,KAAK,CAAC,CA4V5B,CAAA"}

package/dist/auth/operations/login.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/auth/operations/login.ts"],"sourcesContent":["import type {\n  AuthOperationsFromCollectionSlug,\n  Collection,\n  DataFromCollectionSlug,\n} from '../../collections/config/types.js'\nimport type { CollectionSlug, TypedUser } from '../../index.js'\nimport type { PayloadRequest, Where } from '../../types/index.js'\n\nimport { buildAfterOperation } from '../../collections/operations/utilities/buildAfterOperation.js'\nimport { buildBeforeOperation } from '../../collections/operations/utilities/buildBeforeOperation.js'\nimport {\n  AuthenticationError,\n  LockedAuth,\n  UnverifiedEmail,\n  ValidationError,\n} from '../../errors/index.js'\nimport { afterRead } from '../../fields/hooks/afterRead/index.js'\nimport { commitTransaction, Forbidden, initTransaction } from '../../index.js'\nimport { appendNonTrashedFilter } from '../../utilities/appendNonTrashedFilter.js'\nimport { killTransaction } from '../../utilities/killTransaction.js'\nimport { sanitizeInternalFields } from '../../utilities/sanitizeInternalFields.js'\nimport { getFieldsToSign } from '../getFieldsToSign.js'\nimport { getLoginOptions } from '../getLoginOptions.js'\nimport { isUserLocked } from '../isUserLocked.js'\nimport { jwtSign } from '../jwt.js'\nimport { addSessionToUser, revokeSession } from '../sessions.js'\nimport { authenticateLocalStrategy } from '../strategies/local/authenticate.js'\nimport { incrementLoginAttempts } from '../strategies/local/incrementLoginAttempts.js'\nimport { resetLoginAttempts } from '../strategies/local/resetLoginAttempts.js'\n\nexport type Result = {\n  exp?: number\n  token?: string\n  user?: TypedUser\n}\n\nexport type Arguments<TSlug extends CollectionSlug> = {\n  collection: Collection\n  data: AuthOperationsFromCollectionSlug<TSlug>['login']\n  depth?: number\n  overrideAccess?: boolean\n  req: PayloadRequest\n  showHiddenFields?: boolean\n}\n\ntype CheckLoginPermissionArgs = {\n  loggingInWithUsername?: boolean\n  req: PayloadRequest\n  user: any\n}\n\n/**\n * Throws an error if the user is locked or does not exist.\n * This does not check the login attempts, only the lock status. Whoever increments login attempts\n * is responsible for locking the user properly, not whoever checks the login permission.\n */\nexport const checkLoginPermission = ({\n  loggingInWithUsername,\n  req,\n  user,\n}: CheckLoginPermissionArgs) => {\n  if (!user) {\n    throw new AuthenticationError(req.t, Boolean(loggingInWithUsername))\n  }\n\n  if (isUserLocked(new Date(user.lockUntil))) {\n    throw new LockedAuth(req.t)\n  }\n}\n\nexport const loginOperation = async <TSlug extends CollectionSlug>(\n  incomingArgs: Arguments<TSlug>,\n): Promise<{ user: DataFromCollectionSlug<TSlug> } & Result> => {\n  let args = incomingArgs\n\n  if (args.collection.config.auth.disableLocalStrategy) {\n    throw new Forbidden(args.req.t)\n  }\n\n  // /////////////////////////////////////\n  // beforeOperation - Collection\n  // /////////////////////////////////////\n\n  args = await buildBeforeOperation({\n    args,\n    collection: args.collection.config,\n    operation: 'login',\n  })\n\n  const {\n    collection: { config: collectionConfig },\n    data,\n    depth,\n    overrideAccess,\n    req,\n    req: {\n      fallbackLocale,\n      locale,\n      payload,\n      payload: { secret },\n    },\n    showHiddenFields,\n  } = args\n\n  // /////////////////////////////////////\n  // Login\n  // /////////////////////////////////////\n\n  const { email: unsanitizedEmail, password } = data\n  const loginWithUsername = collectionConfig.auth.loginWithUsername\n\n  const sanitizedEmail =\n    typeof unsanitizedEmail === 'string' ? unsanitizedEmail.toLowerCase().trim() : null\n  const sanitizedUsername =\n    'username' in data && typeof data?.username === 'string'\n      ? data.username.toLowerCase().trim()\n      : null\n\n  const { canLoginWithEmail, canLoginWithUsername } = getLoginOptions(loginWithUsername)\n\n  // cannot login with email, did not provide username\n  if (!canLoginWithEmail && !sanitizedUsername) {\n    throw new ValidationError({\n      collection: collectionConfig.slug,\n      errors: [{ message: req.i18n.t('validation:required'), path: 'username' }],\n    })\n  }\n\n  // cannot login with username, did not provide email\n  if (!canLoginWithUsername && !sanitizedEmail) {\n    throw new ValidationError({\n      collection: collectionConfig.slug,\n      errors: [{ message: req.i18n.t('validation:required'), path: 'email' }],\n    })\n  }\n\n  // can login with either email or username, did not provide either\n  if (!sanitizedUsername && !sanitizedEmail) {\n    throw new ValidationError({\n      collection: collectionConfig.slug,\n      errors: [\n        { message: req.i18n.t('validation:required'), path: 'email' },\n        { message: req.i18n.t('validation:required'), path: 'username' },\n      ],\n    })\n  }\n\n  // did not provide password for login\n  if (typeof password !== 'string' || password.trim() === '') {\n    throw new ValidationError({\n      collection: collectionConfig.slug,\n      errors: [{ message: req.i18n.t('validation:required'), path: 'password' }],\n    })\n  }\n\n  let whereConstraint: Where = {}\n  const emailConstraint: Where = {\n    email: {\n      equals: sanitizedEmail,\n    },\n  }\n  const usernameConstraint: Where = {\n    username: {\n      equals: sanitizedUsername,\n    },\n  }\n\n  if (canLoginWithEmail && canLoginWithUsername && (sanitizedUsername || sanitizedEmail)) {\n    if (sanitizedUsername) {\n      whereConstraint = {\n        or: [\n          usernameConstraint,\n          {\n            email: {\n              equals: sanitizedUsername,\n            },\n          },\n        ],\n      }\n    } else {\n      whereConstraint = {\n        or: [\n          emailConstraint,\n          {\n            username: {\n              equals: sanitizedEmail,\n            },\n          },\n        ],\n      }\n    }\n  } else if (canLoginWithEmail && sanitizedEmail) {\n    whereConstraint = emailConstraint\n  } else if (canLoginWithUsername && sanitizedUsername) {\n    whereConstraint = usernameConstraint\n  }\n\n  // Exclude trashed users\n  whereConstraint = appendNonTrashedFilter({\n    enableTrash: collectionConfig.trash,\n    trash: false,\n    where: whereConstraint,\n  })\n\n  let user = (await payload.db.findOne<TypedUser>({\n    collection: collectionConfig.slug,\n    req,\n    where: whereConstraint,\n  })) as TypedUser\n\n  checkLoginPermission({\n    loggingInWithUsername: Boolean(canLoginWithUsername && sanitizedUsername),\n    req,\n    user,\n  })\n\n  user.collection = collectionConfig.slug\n  user._strategy = 'local-jwt'\n\n  const authResult = await authenticateLocalStrategy({ doc: user, password })\n  user = sanitizeInternalFields(user)\n\n  const maxLoginAttemptsEnabled = args.collection.config.auth.maxLoginAttempts > 0\n\n  if (!authResult) {\n    if (maxLoginAttemptsEnabled) {\n      await incrementLoginAttempts({\n        collection: collectionConfig,\n        payload: req.payload,\n        user,\n      })\n\n      // Re-check login permissions and max attempts after incrementing attempts, in case parallel updates occurred\n      checkLoginPermission({\n        loggingInWithUsername: Boolean(canLoginWithUsername && sanitizedUsername),\n        req,\n        user,\n      })\n    }\n\n    throw new AuthenticationError(req.t)\n  }\n\n  if (collectionConfig.auth.verify && user._verified === false) {\n    throw new UnverifiedEmail({ t: req.t })\n  }\n\n  // Authentication successful - start transaction for remaining operations\n  const shouldCommit = await initTransaction(args.req)\n  let sid: string | undefined\n\n  try {\n    /*\n     * Correct password accepted - re‑check that the account didn't\n     * get locked by parallel bad attempts in the meantime.\n     */\n    if (maxLoginAttemptsEnabled) {\n      const { lockUntil, loginAttempts } = (await payload.db.findOne<TypedUser>({\n        collection: collectionConfig.slug,\n        req,\n        select: {\n          lockUntil: true,\n          loginAttempts: true,\n        },\n        where: { id: { equals: user.id } },\n      }))!\n\n      user.lockUntil = lockUntil\n      user.loginAttempts = loginAttempts\n\n      checkLoginPermission({\n        req,\n        user,\n      })\n    }\n\n    const fieldsToSignArgs: Parameters<typeof getFieldsToSign>[0] = {\n      collectionConfig,\n      email: sanitizedEmail!,\n      user,\n    }\n\n    const session = await addSessionToUser({\n      collectionConfig,\n      payload,\n      req,\n      user,\n    })\n    sid = session.sid\n\n    if (sid) {\n      fieldsToSignArgs.sid = sid\n    }\n\n    const fieldsToSign = getFieldsToSign(fieldsToSignArgs)\n\n    if (maxLoginAttemptsEnabled) {\n      await resetLoginAttempts({\n        collection: collectionConfig,\n        doc: user,\n        payload: req.payload,\n        req,\n      })\n    }\n\n    // /////////////////////////////////////\n    // beforeLogin - Collection\n    // /////////////////////////////////////\n\n    if (collectionConfig.hooks?.beforeLogin?.length) {\n      for (const hook of collectionConfig.hooks.beforeLogin) {\n        user =\n          (await hook({\n            collection: args.collection?.config,\n            context: args.req.context,\n            req: args.req,\n            user,\n          })) || user\n      }\n    }\n\n    const { exp, token } = await jwtSign({\n      fieldsToSign,\n      secret,\n      tokenExpiration: collectionConfig.auth.tokenExpiration,\n    })\n\n    req.user = user\n\n    // /////////////////////////////////////\n    // afterLogin - Collection\n    // /////////////////////////////////////\n\n    if (collectionConfig.hooks?.afterLogin?.length) {\n      for (const hook of collectionConfig.hooks.afterLogin) {\n        user =\n          (await hook({\n            collection: args.collection?.config,\n            context: args.req.context,\n            req: args.req,\n            token,\n            user,\n          })) || user\n      }\n    }\n\n    // /////////////////////////////////////\n    // afterRead - Fields\n    // /////////////////////////////////////\n\n    user = await afterRead({\n      collection: collectionConfig,\n      context: req.context,\n      depth: depth!,\n      doc: user,\n      // @ts-expect-error - vestiges of when tsconfig was not strict. Feel free to improve\n      draft: undefined,\n      fallbackLocale: fallbackLocale!,\n      global: null,\n      locale: locale!,\n      overrideAccess: overrideAccess!,\n      req,\n      showHiddenFields: showHiddenFields!,\n    })\n\n    // /////////////////////////////////////\n    // afterRead - Collection\n    // /////////////////////////////////////\n\n    if (collectionConfig.hooks?.afterRead?.length) {\n      for (const hook of collectionConfig.hooks.afterRead) {\n        user =\n          (await hook({\n            collection: args.collection?.config,\n            context: req.context,\n            doc: user,\n            req,\n          })) || user\n      }\n    }\n\n    let result: { user: DataFromCollectionSlug<TSlug> } & Result = {\n      exp,\n      token,\n      user,\n    }\n\n    // /////////////////////////////////////\n    // afterOperation - Collection\n    // /////////////////////////////////////\n\n    result = await buildAfterOperation({\n      args,\n      collection: args.collection?.config,\n      operation: 'login',\n      result,\n    })\n\n    if (shouldCommit) {\n      await commitTransaction(req)\n    }\n\n    // /////////////////////////////////////\n    // Return results\n    // /////////////////////////////////////\n\n    return result\n  } catch (error: unknown) {\n    if (sid) {\n      await revokeSession({\n        collectionConfig,\n        payload,\n        req,\n        sid,\n        user,\n      })\n    }\n    await killTransaction(args.req)\n    throw error\n  }\n}\n"],"names":["buildAfterOperation","buildBeforeOperation","AuthenticationError","LockedAuth","UnverifiedEmail","ValidationError","afterRead","commitTransaction","Forbidden","initTransaction","appendNonTrashedFilter","killTransaction","sanitizeInternalFields","getFieldsToSign","getLoginOptions","isUserLocked","jwtSign","addSessionToUser","revokeSession","authenticateLocalStrategy","incrementLoginAttempts","resetLoginAttempts","checkLoginPermission","loggingInWithUsername","req","user","t","Boolean","Date","lockUntil","loginOperation","incomingArgs","args","collection","config","auth","disableLocalStrategy","operation","collectionConfig","data","depth","overrideAccess","fallbackLocale","locale","payload","secret","showHiddenFields","email","unsanitizedEmail","password","loginWithUsername","sanitizedEmail","toLowerCase","trim","sanitizedUsername","username","canLoginWithEmail","canLoginWithUsername","slug","errors","message","i18n","path","whereConstraint","emailConstraint","equals","usernameConstraint","or","enableTrash","trash","where","db","findOne","_strategy","authResult","doc","maxLoginAttemptsEnabled","maxLoginAttempts","verify","_verified","shouldCommit","sid","loginAttempts","select","id","fieldsToSignArgs","session","fieldsToSign","hooks","beforeLogin","length","hook","context","exp","token","tokenExpiration","afterLogin","draft","undefined","global","result","error"],"mappings":"AAQA,SAASA,mBAAmB,QAAQ,gEAA+D;AACnG,SAASC,oBAAoB,QAAQ,iEAAgE;AACrG,SACEC,mBAAmB,EACnBC,UAAU,EACVC,eAAe,EACfC,eAAe,QACV,wBAAuB;AAC9B,SAASC,SAAS,QAAQ,wCAAuC;AACjE,SAASC,iBAAiB,EAAEC,SAAS,EAAEC,eAAe,QAAQ,iBAAgB;AAC9E,SAASC,sBAAsB,QAAQ,4CAA2C;AAClF,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,sBAAsB,QAAQ,4CAA2C;AAClF,SAASC,eAAe,QAAQ,wBAAuB;AACvD,SAASC,eAAe,QAAQ,wBAAuB;AACvD,SAASC,YAAY,QAAQ,qBAAoB;AACjD,SAASC,OAAO,QAAQ,YAAW;AACnC,SAASC,gBAAgB,EAAEC,aAAa,QAAQ,iBAAgB;AAChE,SAASC,yBAAyB,QAAQ,sCAAqC;AAC/E,SAASC,sBAAsB,QAAQ,gDAA+C;AACtF,SAASC,kBAAkB,QAAQ,4CAA2C;AAuB9E;;;;CAIC,GACD,OAAO,MAAMC,uBAAuB,CAAC,EACnCC,qBAAqB,EACrBC,GAAG,EACHC,IAAI,EACqB;IACzB,IAAI,CAACA,MAAM;QACT,MAAM,IAAIvB,oBAAoBsB,IAAIE,CAAC,EAAEC,QAAQJ;IAC/C;IAEA,IAAIR,aAAa,IAAIa,KAAKH,KAAKI,SAAS,IAAI;QAC1C,MAAM,IAAI1B,WAAWqB,IAAIE,CAAC;IAC5B;AACF,EAAC;AAED,OAAO,MAAMI,iBAAiB,OAC5BC;IAEA,IAAIC,OAAOD;IAEX,IAAIC,KAAKC,UAAU,CAACC,MAAM,CAACC,IAAI,CAACC,oBAAoB,EAAE;QACpD,MAAM,IAAI5B,UAAUwB,KAAKR,GAAG,CAACE,CAAC;IAChC;IAEA,wCAAwC;IACxC,+BAA+B;IAC/B,wCAAwC;IAExCM,OAAO,MAAM/B,qBAAqB;QAChC+B;QACAC,YAAYD,KAAKC,UAAU,CAACC,MAAM;QAClCG,WAAW;IACb;IAEA,MAAM,EACJJ,YAAY,EAAEC,QAAQI,gBAAgB,EAAE,EACxCC,IAAI,EACJC,KAAK,EACLC,cAAc,EACdjB,GAAG,EACHA,KAAK,EACHkB,cAAc,EACdC,MAAM,EACNC,OAAO,EACPA,SAAS,EAAEC,MAAM,EAAE,EACpB,EACDC,gBAAgB,EACjB,GAAGd;IAEJ,wCAAwC;IACxC,QAAQ;IACR,wCAAwC;IAExC,MAAM,EAAEe,OAAOC,gBAAgB,EAAEC,QAAQ,EAAE,GAAGV;IAC9C,MAAMW,oBAAoBZ,iBAAiBH,IAAI,CAACe,iBAAiB;IAEjE,MAAMC,iBACJ,OAAOH,qBAAqB,WAAWA,iBAAiBI,WAAW,GAAGC,IAAI,KAAK;IACjF,MAAMC,oBACJ,cAAcf,QAAQ,OAAOA,MAAMgB,aAAa,WAC5ChB,KAAKgB,QAAQ,CAACH,WAAW,GAAGC,IAAI,KAChC;IAEN,MAAM,EAAEG,iBAAiB,EAAEC,oBAAoB,EAAE,GAAG3C,gBAAgBoC;IAEpE,oDAAoD;IACpD,IAAI,CAACM,qBAAqB,CAACF,mBAAmB;QAC5C,MAAM,IAAIjD,gBAAgB;YACxB4B,YAAYK,iBAAiBoB,IAAI;YACjCC,QAAQ;gBAAC;oBAAEC,SAASpC,IAAIqC,IAAI,CAACnC,CAAC,CAAC;oBAAwBoC,MAAM;gBAAW;aAAE;QAC5E;IACF;IAEA,oDAAoD;IACpD,IAAI,CAACL,wBAAwB,CAACN,gBAAgB;QAC5C,MAAM,IAAI9C,gBAAgB;YACxB4B,YAAYK,iBAAiBoB,IAAI;YACjCC,QAAQ;gBAAC;oBAAEC,SAASpC,IAAIqC,IAAI,CAACnC,CAAC,CAAC;oBAAwBoC,MAAM;gBAAQ;aAAE;QACzE;IACF;IAEA,kEAAkE;IAClE,IAAI,CAACR,qBAAqB,CAACH,gBAAgB;QACzC,MAAM,IAAI9C,gBAAgB;YACxB4B,YAAYK,iBAAiBoB,IAAI;YACjCC,QAAQ;gBACN;oBAAEC,SAASpC,IAAIqC,IAAI,CAACnC,CAAC,CAAC;oBAAwBoC,MAAM;gBAAQ;gBAC5D;oBAAEF,SAASpC,IAAIqC,IAAI,CAACnC,CAAC,CAAC;oBAAwBoC,MAAM;gBAAW;aAChE;QACH;IACF;IAEA,qCAAqC;IACrC,IAAI,OAAOb,aAAa,YAAYA,SAASI,IAAI,OAAO,IAAI;QAC1D,MAAM,IAAIhD,gBAAgB;YACxB4B,YAAYK,iBAAiBoB,IAAI;YACjCC,QAAQ;gBAAC;oBAAEC,SAASpC,IAAIqC,IAAI,CAACnC,CAAC,CAAC;oBAAwBoC,MAAM;gBAAW;aAAE;QAC5E;IACF;IAEA,IAAIC,kBAAyB,CAAC;IAC9B,MAAMC,kBAAyB;QAC7BjB,OAAO;YACLkB,QAAQd;QACV;IACF;IACA,MAAMe,qBAA4B;QAChCX,UAAU;YACRU,QAAQX;QACV;IACF;IAEA,IAAIE,qBAAqBC,wBAAyBH,CAAAA,qBAAqBH,cAAa,GAAI;QACtF,IAAIG,mBAAmB;YACrBS,kBAAkB;gBAChBI,IAAI;oBACFD;oBACA;wBACEnB,OAAO;4BACLkB,QAAQX;wBACV;oBACF;iBACD;YACH;QACF,OAAO;YACLS,kBAAkB;gBAChBI,IAAI;oBACFH;oBACA;wBACET,UAAU;4BACRU,QAAQd;wBACV;oBACF;iBACD;YACH;QACF;IACF,OAAO,IAAIK,qBAAqBL,gBAAgB;QAC9CY,kBAAkBC;IACpB,OAAO,IAAIP,wBAAwBH,mBAAmB;QACpDS,kBAAkBG;IACpB;IAEA,wBAAwB;IACxBH,kBAAkBrD,uBAAuB;QACvC0D,aAAa9B,iBAAiB+B,KAAK;QACnCA,OAAO;QACPC,OAAOP;IACT;IAEA,IAAItC,OAAQ,MAAMmB,QAAQ2B,EAAE,CAACC,OAAO,CAAY;QAC9CvC,YAAYK,iBAAiBoB,IAAI;QACjClC;QACA8C,OAAOP;IACT;IAEAzC,qBAAqB;QACnBC,uBAAuBI,QAAQ8B,wBAAwBH;QACvD9B;QACAC;IACF;IAEAA,KAAKQ,UAAU,GAAGK,iBAAiBoB,IAAI;IACvCjC,KAAKgD,SAAS,GAAG;IAEjB,MAAMC,aAAa,MAAMvD,0BAA0B;QAAEwD,KAAKlD;QAAMwB;IAAS;IACzExB,OAAOb,uBAAuBa;IAE9B,MAAMmD,0BAA0B5C,KAAKC,UAAU,CAACC,MAAM,CAACC,IAAI,CAAC0C,gBAAgB,GAAG;IAE/E,IAAI,CAACH,YAAY;QACf,IAAIE,yBAAyB;YAC3B,MAAMxD,uBAAuB;gBAC3Ba,YAAYK;gBACZM,SAASpB,IAAIoB,OAAO;gBACpBnB;YACF;YAEA,6GAA6G;YAC7GH,qBAAqB;gBACnBC,uBAAuBI,QAAQ8B,wBAAwBH;gBACvD9B;gBACAC;YACF;QACF;QAEA,MAAM,IAAIvB,oBAAoBsB,IAAIE,CAAC;IACrC;IAEA,IAAIY,iBAAiBH,IAAI,CAAC2C,MAAM,IAAIrD,KAAKsD,SAAS,KAAK,OAAO;QAC5D,MAAM,IAAI3E,gBAAgB;YAAEsB,GAAGF,IAAIE,CAAC;QAAC;IACvC;IAEA,yEAAyE;IACzE,MAAMsD,eAAe,MAAMvE,gBAAgBuB,KAAKR,GAAG;IACnD,IAAIyD;IAEJ,IAAI;QACF;;;KAGC,GACD,IAAIL,yBAAyB;YAC3B,MAAM,EAAE/C,SAAS,EAAEqD,aAAa,EAAE,GAAI,MAAMtC,QAAQ2B,EAAE,CAACC,OAAO,CAAY;gBACxEvC,YAAYK,iBAAiBoB,IAAI;gBACjClC;gBACA2D,QAAQ;oBACNtD,WAAW;oBACXqD,eAAe;gBACjB;gBACAZ,OAAO;oBAAEc,IAAI;wBAAEnB,QAAQxC,KAAK2D,EAAE;oBAAC;gBAAE;YACnC;YAEA3D,KAAKI,SAAS,GAAGA;YACjBJ,KAAKyD,aAAa,GAAGA;YAErB5D,qBAAqB;gBACnBE;gBACAC;YACF;QACF;QAEA,MAAM4D,mBAA0D;YAC9D/C;YACAS,OAAOI;YACP1B;QACF;QAEA,MAAM6D,UAAU,MAAMrE,iBAAiB;YACrCqB;YACAM;YACApB;YACAC;QACF;QACAwD,MAAMK,QAAQL,GAAG;QAEjB,IAAIA,KAAK;YACPI,iBAAiBJ,GAAG,GAAGA;QACzB;QAEA,MAAMM,eAAe1E,gBAAgBwE;QAErC,IAAIT,yBAAyB;YAC3B,MAAMvD,mBAAmB;gBACvBY,YAAYK;gBACZqC,KAAKlD;gBACLmB,SAASpB,IAAIoB,OAAO;gBACpBpB;YACF;QACF;QAEA,wCAAwC;QACxC,2BAA2B;QAC3B,wCAAwC;QAExC,IAAIc,iBAAiBkD,KAAK,EAAEC,aAAaC,QAAQ;YAC/C,KAAK,MAAMC,QAAQrD,iBAAiBkD,KAAK,CAACC,WAAW,CAAE;gBACrDhE,OACE,AAAC,MAAMkE,KAAK;oBACV1D,YAAYD,KAAKC,UAAU,EAAEC;oBAC7B0D,SAAS5D,KAAKR,GAAG,CAACoE,OAAO;oBACzBpE,KAAKQ,KAAKR,GAAG;oBACbC;gBACF,MAAOA;YACX;QACF;QAEA,MAAM,EAAEoE,GAAG,EAAEC,KAAK,EAAE,GAAG,MAAM9E,QAAQ;YACnCuE;YACA1C;YACAkD,iBAAiBzD,iBAAiBH,IAAI,CAAC4D,eAAe;QACxD;QAEAvE,IAAIC,IAAI,GAAGA;QAEX,wCAAwC;QACxC,0BAA0B;QAC1B,wCAAwC;QAExC,IAAIa,iBAAiBkD,KAAK,EAAEQ,YAAYN,QAAQ;YAC9C,KAAK,MAAMC,QAAQrD,iBAAiBkD,KAAK,CAACQ,UAAU,CAAE;gBACpDvE,OACE,AAAC,MAAMkE,KAAK;oBACV1D,YAAYD,KAAKC,UAAU,EAAEC;oBAC7B0D,SAAS5D,KAAKR,GAAG,CAACoE,OAAO;oBACzBpE,KAAKQ,KAAKR,GAAG;oBACbsE;oBACArE;gBACF,MAAOA;YACX;QACF;QAEA,wCAAwC;QACxC,qBAAqB;QACrB,wCAAwC;QAExCA,OAAO,MAAMnB,UAAU;YACrB2B,YAAYK;YACZsD,SAASpE,IAAIoE,OAAO;YACpBpD,OAAOA;YACPmC,KAAKlD;YACL,oFAAoF;YACpFwE,OAAOC;YACPxD,gBAAgBA;YAChByD,QAAQ;YACRxD,QAAQA;YACRF,gBAAgBA;YAChBjB;YACAsB,kBAAkBA;QACpB;QAEA,wCAAwC;QACxC,yBAAyB;QACzB,wCAAwC;QAExC,IAAIR,iBAAiBkD,KAAK,EAAElF,WAAWoF,QAAQ;YAC7C,KAAK,MAAMC,QAAQrD,iBAAiBkD,KAAK,CAAClF,SAAS,CAAE;gBACnDmB,OACE,AAAC,MAAMkE,KAAK;oBACV1D,YAAYD,KAAKC,UAAU,EAAEC;oBAC7B0D,SAASpE,IAAIoE,OAAO;oBACpBjB,KAAKlD;oBACLD;gBACF,MAAOC;YACX;QACF;QAEA,IAAI2E,SAA2D;YAC7DP;YACAC;YACArE;QACF;QAEA,wCAAwC;QACxC,8BAA8B;QAC9B,wCAAwC;QAExC2E,SAAS,MAAMpG,oBAAoB;YACjCgC;YACAC,YAAYD,KAAKC,UAAU,EAAEC;YAC7BG,WAAW;YACX+D;QACF;QAEA,IAAIpB,cAAc;YAChB,MAAMzE,kBAAkBiB;QAC1B;QAEA,wCAAwC;QACxC,iBAAiB;QACjB,wCAAwC;QAExC,OAAO4E;IACT,EAAE,OAAOC,OAAgB;QACvB,IAAIpB,KAAK;YACP,MAAM/D,cAAc;gBAClBoB;gBACAM;gBACApB;gBACAyD;gBACAxD;YACF;QACF;QACA,MAAMd,gBAAgBqB,KAAKR,GAAG;QAC9B,MAAM6E;IACR;AACF,EAAC"}
+{"version":3,"sources":["../../../src/auth/operations/login.ts"],"sourcesContent":["import type {\n  AuthOperationsFromCollectionSlug,\n  Collection,\n  DataFromCollectionSlug,\n} from '../../collections/config/types.js'\nimport type { AuthCollectionSlug, TypedUser } from '../../index.js'\nimport type { PayloadRequest, Where } from '../../types/index.js'\n\nimport { buildAfterOperation } from '../../collections/operations/utilities/buildAfterOperation.js'\nimport { buildBeforeOperation } from '../../collections/operations/utilities/buildBeforeOperation.js'\nimport {\n  AuthenticationError,\n  LockedAuth,\n  UnverifiedEmail,\n  ValidationError,\n} from '../../errors/index.js'\nimport { afterRead } from '../../fields/hooks/afterRead/index.js'\nimport { commitTransaction, Forbidden, initTransaction } from '../../index.js'\nimport { appendNonTrashedFilter } from '../../utilities/appendNonTrashedFilter.js'\nimport { killTransaction } from '../../utilities/killTransaction.js'\nimport { sanitizeInternalFields } from '../../utilities/sanitizeInternalFields.js'\nimport { getFieldsToSign } from '../getFieldsToSign.js'\nimport { getLoginOptions } from '../getLoginOptions.js'\nimport { isUserLocked } from '../isUserLocked.js'\nimport { jwtSign } from '../jwt.js'\nimport { addSessionToUser, revokeSession } from '../sessions.js'\nimport { authenticateLocalStrategy } from '../strategies/local/authenticate.js'\nimport { incrementLoginAttempts } from '../strategies/local/incrementLoginAttempts.js'\nimport { resetLoginAttempts } from '../strategies/local/resetLoginAttempts.js'\n\nexport type LoginResult<TSlug extends AuthCollectionSlug> = {\n  exp?: number\n  token?: string\n  user?: DataFromCollectionSlug<TSlug>\n}\n\nexport type Arguments<TSlug extends AuthCollectionSlug> = {\n  collection: Collection\n  data: AuthOperationsFromCollectionSlug<TSlug>['login']\n  depth?: number\n  overrideAccess?: boolean\n  req: PayloadRequest\n  showHiddenFields?: boolean\n}\n\ntype CheckLoginPermissionArgs<TSlug extends AuthCollectionSlug> = {\n  loggingInWithUsername?: boolean\n  req: PayloadRequest\n  user: DataFromCollectionSlug<TSlug>\n}\n\n/**\n * Throws an error if the user is locked or does not exist.\n * This does not check the login attempts, only the lock status. Whoever increments login attempts\n * is responsible for locking the user properly, not whoever checks the login permission.\n */\nexport const checkLoginPermission = <TSlug extends AuthCollectionSlug>({\n  loggingInWithUsername,\n  req,\n  user,\n}: CheckLoginPermissionArgs<TSlug>) => {\n  if (!user) {\n    throw new AuthenticationError(req.t, Boolean(loggingInWithUsername))\n  }\n\n  if (isUserLocked(new Date(user.lockUntil))) {\n    throw new LockedAuth(req.t)\n  }\n}\n\nexport const loginOperation = async <TSlug extends AuthCollectionSlug>(\n  incomingArgs: Arguments<TSlug>,\n): Promise<LoginResult<TSlug>> => {\n  let args = incomingArgs\n\n  if (args.collection.config.auth.disableLocalStrategy) {\n    throw new Forbidden(args.req.t)\n  }\n\n  // /////////////////////////////////////\n  // beforeOperation - Collection\n  // /////////////////////////////////////\n\n  args = await buildBeforeOperation({\n    args,\n    collection: args.collection.config,\n    operation: 'login',\n  })\n\n  const {\n    collection: { config: collectionConfig },\n    data,\n    depth,\n    overrideAccess,\n    req,\n    req: {\n      fallbackLocale,\n      locale,\n      payload,\n      payload: { secret },\n    },\n    showHiddenFields,\n  } = args\n\n  // /////////////////////////////////////\n  // Login\n  // /////////////////////////////////////\n\n  const { email: unsanitizedEmail, password } = data\n  const loginWithUsername = collectionConfig.auth.loginWithUsername\n\n  const sanitizedEmail =\n    typeof unsanitizedEmail === 'string' ? unsanitizedEmail.toLowerCase().trim() : null\n  const sanitizedUsername =\n    'username' in data && typeof data?.username === 'string'\n      ? data.username.toLowerCase().trim()\n      : null\n\n  const { canLoginWithEmail, canLoginWithUsername } = getLoginOptions(loginWithUsername)\n\n  // cannot login with email, did not provide username\n  if (!canLoginWithEmail && !sanitizedUsername) {\n    throw new ValidationError({\n      collection: collectionConfig.slug,\n      errors: [{ message: req.i18n.t('validation:required'), path: 'username' }],\n    })\n  }\n\n  // cannot login with username, did not provide email\n  if (!canLoginWithUsername && !sanitizedEmail) {\n    throw new ValidationError({\n      collection: collectionConfig.slug,\n      errors: [{ message: req.i18n.t('validation:required'), path: 'email' }],\n    })\n  }\n\n  // can login with either email or username, did not provide either\n  if (!sanitizedUsername && !sanitizedEmail) {\n    throw new ValidationError({\n      collection: collectionConfig.slug,\n      errors: [\n        { message: req.i18n.t('validation:required'), path: 'email' },\n        { message: req.i18n.t('validation:required'), path: 'username' },\n      ],\n    })\n  }\n\n  // did not provide password for login\n  if (typeof password !== 'string' || password.trim() === '') {\n    throw new ValidationError({\n      collection: collectionConfig.slug,\n      errors: [{ message: req.i18n.t('validation:required'), path: 'password' }],\n    })\n  }\n\n  let whereConstraint: Where = {}\n  const emailConstraint: Where = {\n    email: {\n      equals: sanitizedEmail,\n    },\n  }\n  const usernameConstraint: Where = {\n    username: {\n      equals: sanitizedUsername,\n    },\n  }\n\n  if (canLoginWithEmail && canLoginWithUsername && (sanitizedUsername || sanitizedEmail)) {\n    if (sanitizedUsername) {\n      whereConstraint = {\n        or: [\n          usernameConstraint,\n          {\n            email: {\n              equals: sanitizedUsername,\n            },\n          },\n        ],\n      }\n    } else {\n      whereConstraint = {\n        or: [\n          emailConstraint,\n          {\n            username: {\n              equals: sanitizedEmail,\n            },\n          },\n        ],\n      }\n    }\n  } else if (canLoginWithEmail && sanitizedEmail) {\n    whereConstraint = emailConstraint\n  } else if (canLoginWithUsername && sanitizedUsername) {\n    whereConstraint = usernameConstraint\n  }\n\n  // Exclude trashed users\n  whereConstraint = appendNonTrashedFilter({\n    enableTrash: collectionConfig.trash,\n    trash: false,\n    where: whereConstraint,\n  })\n\n  let user = (await payload.db.findOne<TypedUser>({\n    collection: collectionConfig.slug,\n    req,\n    where: whereConstraint,\n  })) as TypedUser\n\n  checkLoginPermission({\n    loggingInWithUsername: Boolean(canLoginWithUsername && sanitizedUsername),\n    req,\n    user,\n  })\n\n  user.collection = collectionConfig.slug\n  user._strategy = 'local-jwt'\n\n  const authResult = await authenticateLocalStrategy({ doc: user, password })\n  user = sanitizeInternalFields(user)\n\n  const maxLoginAttemptsEnabled = args.collection.config.auth.maxLoginAttempts > 0\n\n  if (!authResult) {\n    if (maxLoginAttemptsEnabled) {\n      await incrementLoginAttempts({\n        collection: collectionConfig,\n        payload: req.payload,\n        user,\n      })\n\n      // Re-check login permissions and max attempts after incrementing attempts, in case parallel updates occurred\n      checkLoginPermission({\n        loggingInWithUsername: Boolean(canLoginWithUsername && sanitizedUsername),\n        req,\n        user,\n      })\n    }\n\n    throw new AuthenticationError(req.t)\n  }\n\n  if (collectionConfig.auth.verify && user._verified === false) {\n    throw new UnverifiedEmail({ t: req.t })\n  }\n\n  // Authentication successful - start transaction for remaining operations\n  const shouldCommit = await initTransaction(args.req)\n  let sid: string | undefined\n\n  try {\n    /*\n     * Correct password accepted - re‑check that the account didn't\n     * get locked by parallel bad attempts in the meantime.\n     */\n    if (maxLoginAttemptsEnabled) {\n      const { lockUntil, loginAttempts } = (await payload.db.findOne<TypedUser>({\n        collection: collectionConfig.slug,\n        req,\n        select: {\n          lockUntil: true,\n          loginAttempts: true,\n        },\n        where: { id: { equals: user.id } },\n      }))!\n\n      user.lockUntil = lockUntil\n      user.loginAttempts = loginAttempts\n\n      checkLoginPermission({\n        req,\n        user,\n      })\n    }\n\n    const fieldsToSignArgs: Parameters<typeof getFieldsToSign>[0] = {\n      collectionConfig,\n      email: sanitizedEmail!,\n      user,\n    }\n\n    const session = await addSessionToUser({\n      collectionConfig,\n      payload,\n      req,\n      user,\n    })\n    sid = session.sid\n\n    if (sid) {\n      fieldsToSignArgs.sid = sid\n    }\n\n    const fieldsToSign = getFieldsToSign(fieldsToSignArgs)\n\n    if (maxLoginAttemptsEnabled) {\n      await resetLoginAttempts({\n        collection: collectionConfig,\n        doc: user,\n        payload: req.payload,\n        req,\n      })\n    }\n\n    // /////////////////////////////////////\n    // beforeLogin - Collection\n    // /////////////////////////////////////\n\n    if (collectionConfig.hooks?.beforeLogin?.length) {\n      for (const hook of collectionConfig.hooks.beforeLogin) {\n        user =\n          (await hook({\n            collection: args.collection?.config,\n            context: args.req.context,\n            req: args.req,\n            user,\n          })) || user\n      }\n    }\n\n    const { exp, token } = await jwtSign({\n      fieldsToSign,\n      secret,\n      tokenExpiration: collectionConfig.auth.tokenExpiration,\n    })\n\n    req.user = user\n\n    // /////////////////////////////////////\n    // afterLogin - Collection\n    // /////////////////////////////////////\n\n    if (collectionConfig.hooks?.afterLogin?.length) {\n      for (const hook of collectionConfig.hooks.afterLogin) {\n        user =\n          (await hook({\n            collection: args.collection?.config,\n            context: args.req.context,\n            req: args.req,\n            token,\n            user,\n          })) || user\n      }\n    }\n\n    // /////////////////////////////////////\n    // afterRead - Fields\n    // /////////////////////////////////////\n\n    user = await afterRead({\n      collection: collectionConfig,\n      context: req.context,\n      depth: depth!,\n      doc: user,\n      // @ts-expect-error - vestiges of when tsconfig was not strict. Feel free to improve\n      draft: undefined,\n      fallbackLocale: fallbackLocale!,\n      global: null,\n      locale: locale!,\n      overrideAccess: overrideAccess!,\n      req,\n      showHiddenFields: showHiddenFields!,\n    })\n\n    // /////////////////////////////////////\n    // afterRead - Collection\n    // /////////////////////////////////////\n\n    if (collectionConfig.hooks?.afterRead?.length) {\n      for (const hook of collectionConfig.hooks.afterRead) {\n        user =\n          (await hook({\n            collection: args.collection?.config,\n            context: req.context,\n            doc: user,\n            req,\n          })) || user\n      }\n    }\n\n    let result: LoginResult<TSlug> = {\n      exp,\n      token,\n      user,\n    }\n\n    // /////////////////////////////////////\n    // afterOperation - Collection\n    // /////////////////////////////////////\n\n    result = await buildAfterOperation({\n      args,\n      collection: args.collection?.config,\n      operation: 'login',\n      result,\n    })\n\n    if (shouldCommit) {\n      await commitTransaction(req)\n    }\n\n    // /////////////////////////////////////\n    // Return results\n    // /////////////////////////////////////\n\n    return result\n  } catch (error: unknown) {\n    if (sid) {\n      await revokeSession({\n        collectionConfig,\n        payload,\n        req,\n        sid,\n        user,\n      })\n    }\n    await killTransaction(args.req)\n    throw error\n  }\n}\n"],"names":["buildAfterOperation","buildBeforeOperation","AuthenticationError","LockedAuth","UnverifiedEmail","ValidationError","afterRead","commitTransaction","Forbidden","initTransaction","appendNonTrashedFilter","killTransaction","sanitizeInternalFields","getFieldsToSign","getLoginOptions","isUserLocked","jwtSign","addSessionToUser","revokeSession","authenticateLocalStrategy","incrementLoginAttempts","resetLoginAttempts","checkLoginPermission","loggingInWithUsername","req","user","t","Boolean","Date","lockUntil","loginOperation","incomingArgs","args","collection","config","auth","disableLocalStrategy","operation","collectionConfig","data","depth","overrideAccess","fallbackLocale","locale","payload","secret","showHiddenFields","email","unsanitizedEmail","password","loginWithUsername","sanitizedEmail","toLowerCase","trim","sanitizedUsername","username","canLoginWithEmail","canLoginWithUsername","slug","errors","message","i18n","path","whereConstraint","emailConstraint","equals","usernameConstraint","or","enableTrash","trash","where","db","findOne","_strategy","authResult","doc","maxLoginAttemptsEnabled","maxLoginAttempts","verify","_verified","shouldCommit","sid","loginAttempts","select","id","fieldsToSignArgs","session","fieldsToSign","hooks","beforeLogin","length","hook","context","exp","token","tokenExpiration","afterLogin","draft","undefined","global","result","error"],"mappings":"AAQA,SAASA,mBAAmB,QAAQ,gEAA+D;AACnG,SAASC,oBAAoB,QAAQ,iEAAgE;AACrG,SACEC,mBAAmB,EACnBC,UAAU,EACVC,eAAe,EACfC,eAAe,QACV,wBAAuB;AAC9B,SAASC,SAAS,QAAQ,wCAAuC;AACjE,SAASC,iBAAiB,EAAEC,SAAS,EAAEC,eAAe,QAAQ,iBAAgB;AAC9E,SAASC,sBAAsB,QAAQ,4CAA2C;AAClF,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,sBAAsB,QAAQ,4CAA2C;AAClF,SAASC,eAAe,QAAQ,wBAAuB;AACvD,SAASC,eAAe,QAAQ,wBAAuB;AACvD,SAASC,YAAY,QAAQ,qBAAoB;AACjD,SAASC,OAAO,QAAQ,YAAW;AACnC,SAASC,gBAAgB,EAAEC,aAAa,QAAQ,iBAAgB;AAChE,SAASC,yBAAyB,QAAQ,sCAAqC;AAC/E,SAASC,sBAAsB,QAAQ,gDAA+C;AACtF,SAASC,kBAAkB,QAAQ,4CAA2C;AAuB9E;;;;CAIC,GACD,OAAO,MAAMC,uBAAuB,CAAmC,EACrEC,qBAAqB,EACrBC,GAAG,EACHC,IAAI,EAC4B;IAChC,IAAI,CAACA,MAAM;QACT,MAAM,IAAIvB,oBAAoBsB,IAAIE,CAAC,EAAEC,QAAQJ;IAC/C;IAEA,IAAIR,aAAa,IAAIa,KAAKH,KAAKI,SAAS,IAAI;QAC1C,MAAM,IAAI1B,WAAWqB,IAAIE,CAAC;IAC5B;AACF,EAAC;AAED,OAAO,MAAMI,iBAAiB,OAC5BC;IAEA,IAAIC,OAAOD;IAEX,IAAIC,KAAKC,UAAU,CAACC,MAAM,CAACC,IAAI,CAACC,oBAAoB,EAAE;QACpD,MAAM,IAAI5B,UAAUwB,KAAKR,GAAG,CAACE,CAAC;IAChC;IAEA,wCAAwC;IACxC,+BAA+B;IAC/B,wCAAwC;IAExCM,OAAO,MAAM/B,qBAAqB;QAChC+B;QACAC,YAAYD,KAAKC,UAAU,CAACC,MAAM;QAClCG,WAAW;IACb;IAEA,MAAM,EACJJ,YAAY,EAAEC,QAAQI,gBAAgB,EAAE,EACxCC,IAAI,EACJC,KAAK,EACLC,cAAc,EACdjB,GAAG,EACHA,KAAK,EACHkB,cAAc,EACdC,MAAM,EACNC,OAAO,EACPA,SAAS,EAAEC,MAAM,EAAE,EACpB,EACDC,gBAAgB,EACjB,GAAGd;IAEJ,wCAAwC;IACxC,QAAQ;IACR,wCAAwC;IAExC,MAAM,EAAEe,OAAOC,gBAAgB,EAAEC,QAAQ,EAAE,GAAGV;IAC9C,MAAMW,oBAAoBZ,iBAAiBH,IAAI,CAACe,iBAAiB;IAEjE,MAAMC,iBACJ,OAAOH,qBAAqB,WAAWA,iBAAiBI,WAAW,GAAGC,IAAI,KAAK;IACjF,MAAMC,oBACJ,cAAcf,QAAQ,OAAOA,MAAMgB,aAAa,WAC5ChB,KAAKgB,QAAQ,CAACH,WAAW,GAAGC,IAAI,KAChC;IAEN,MAAM,EAAEG,iBAAiB,EAAEC,oBAAoB,EAAE,GAAG3C,gBAAgBoC;IAEpE,oDAAoD;IACpD,IAAI,CAACM,qBAAqB,CAACF,mBAAmB;QAC5C,MAAM,IAAIjD,gBAAgB;YACxB4B,YAAYK,iBAAiBoB,IAAI;YACjCC,QAAQ;gBAAC;oBAAEC,SAASpC,IAAIqC,IAAI,CAACnC,CAAC,CAAC;oBAAwBoC,MAAM;gBAAW;aAAE;QAC5E;IACF;IAEA,oDAAoD;IACpD,IAAI,CAACL,wBAAwB,CAACN,gBAAgB;QAC5C,MAAM,IAAI9C,gBAAgB;YACxB4B,YAAYK,iBAAiBoB,IAAI;YACjCC,QAAQ;gBAAC;oBAAEC,SAASpC,IAAIqC,IAAI,CAACnC,CAAC,CAAC;oBAAwBoC,MAAM;gBAAQ;aAAE;QACzE;IACF;IAEA,kEAAkE;IAClE,IAAI,CAACR,qBAAqB,CAACH,gBAAgB;QACzC,MAAM,IAAI9C,gBAAgB;YACxB4B,YAAYK,iBAAiBoB,IAAI;YACjCC,QAAQ;gBACN;oBAAEC,SAASpC,IAAIqC,IAAI,CAACnC,CAAC,CAAC;oBAAwBoC,MAAM;gBAAQ;gBAC5D;oBAAEF,SAASpC,IAAIqC,IAAI,CAACnC,CAAC,CAAC;oBAAwBoC,MAAM;gBAAW;aAChE;QACH;IACF;IAEA,qCAAqC;IACrC,IAAI,OAAOb,aAAa,YAAYA,SAASI,IAAI,OAAO,IAAI;QAC1D,MAAM,IAAIhD,gBAAgB;YACxB4B,YAAYK,iBAAiBoB,IAAI;YACjCC,QAAQ;gBAAC;oBAAEC,SAASpC,IAAIqC,IAAI,CAACnC,CAAC,CAAC;oBAAwBoC,MAAM;gBAAW;aAAE;QAC5E;IACF;IAEA,IAAIC,kBAAyB,CAAC;IAC9B,MAAMC,kBAAyB;QAC7BjB,OAAO;YACLkB,QAAQd;QACV;IACF;IACA,MAAMe,qBAA4B;QAChCX,UAAU;YACRU,QAAQX;QACV;IACF;IAEA,IAAIE,qBAAqBC,wBAAyBH,CAAAA,qBAAqBH,cAAa,GAAI;QACtF,IAAIG,mBAAmB;YACrBS,kBAAkB;gBAChBI,IAAI;oBACFD;oBACA;wBACEnB,OAAO;4BACLkB,QAAQX;wBACV;oBACF;iBACD;YACH;QACF,OAAO;YACLS,kBAAkB;gBAChBI,IAAI;oBACFH;oBACA;wBACET,UAAU;4BACRU,QAAQd;wBACV;oBACF;iBACD;YACH;QACF;IACF,OAAO,IAAIK,qBAAqBL,gBAAgB;QAC9CY,kBAAkBC;IACpB,OAAO,IAAIP,wBAAwBH,mBAAmB;QACpDS,kBAAkBG;IACpB;IAEA,wBAAwB;IACxBH,kBAAkBrD,uBAAuB;QACvC0D,aAAa9B,iBAAiB+B,KAAK;QACnCA,OAAO;QACPC,OAAOP;IACT;IAEA,IAAItC,OAAQ,MAAMmB,QAAQ2B,EAAE,CAACC,OAAO,CAAY;QAC9CvC,YAAYK,iBAAiBoB,IAAI;QACjClC;QACA8C,OAAOP;IACT;IAEAzC,qBAAqB;QACnBC,uBAAuBI,QAAQ8B,wBAAwBH;QACvD9B;QACAC;IACF;IAEAA,KAAKQ,UAAU,GAAGK,iBAAiBoB,IAAI;IACvCjC,KAAKgD,SAAS,GAAG;IAEjB,MAAMC,aAAa,MAAMvD,0BAA0B;QAAEwD,KAAKlD;QAAMwB;IAAS;IACzExB,OAAOb,uBAAuBa;IAE9B,MAAMmD,0BAA0B5C,KAAKC,UAAU,CAACC,MAAM,CAACC,IAAI,CAAC0C,gBAAgB,GAAG;IAE/E,IAAI,CAACH,YAAY;QACf,IAAIE,yBAAyB;YAC3B,MAAMxD,uBAAuB;gBAC3Ba,YAAYK;gBACZM,SAASpB,IAAIoB,OAAO;gBACpBnB;YACF;YAEA,6GAA6G;YAC7GH,qBAAqB;gBACnBC,uBAAuBI,QAAQ8B,wBAAwBH;gBACvD9B;gBACAC;YACF;QACF;QAEA,MAAM,IAAIvB,oBAAoBsB,IAAIE,CAAC;IACrC;IAEA,IAAIY,iBAAiBH,IAAI,CAAC2C,MAAM,IAAIrD,KAAKsD,SAAS,KAAK,OAAO;QAC5D,MAAM,IAAI3E,gBAAgB;YAAEsB,GAAGF,IAAIE,CAAC;QAAC;IACvC;IAEA,yEAAyE;IACzE,MAAMsD,eAAe,MAAMvE,gBAAgBuB,KAAKR,GAAG;IACnD,IAAIyD;IAEJ,IAAI;QACF;;;KAGC,GACD,IAAIL,yBAAyB;YAC3B,MAAM,EAAE/C,SAAS,EAAEqD,aAAa,EAAE,GAAI,MAAMtC,QAAQ2B,EAAE,CAACC,OAAO,CAAY;gBACxEvC,YAAYK,iBAAiBoB,IAAI;gBACjClC;gBACA2D,QAAQ;oBACNtD,WAAW;oBACXqD,eAAe;gBACjB;gBACAZ,OAAO;oBAAEc,IAAI;wBAAEnB,QAAQxC,KAAK2D,EAAE;oBAAC;gBAAE;YACnC;YAEA3D,KAAKI,SAAS,GAAGA;YACjBJ,KAAKyD,aAAa,GAAGA;YAErB5D,qBAAqB;gBACnBE;gBACAC;YACF;QACF;QAEA,MAAM4D,mBAA0D;YAC9D/C;YACAS,OAAOI;YACP1B;QACF;QAEA,MAAM6D,UAAU,MAAMrE,iBAAiB;YACrCqB;YACAM;YACApB;YACAC;QACF;QACAwD,MAAMK,QAAQL,GAAG;QAEjB,IAAIA,KAAK;YACPI,iBAAiBJ,GAAG,GAAGA;QACzB;QAEA,MAAMM,eAAe1E,gBAAgBwE;QAErC,IAAIT,yBAAyB;YAC3B,MAAMvD,mBAAmB;gBACvBY,YAAYK;gBACZqC,KAAKlD;gBACLmB,SAASpB,IAAIoB,OAAO;gBACpBpB;YACF;QACF;QAEA,wCAAwC;QACxC,2BAA2B;QAC3B,wCAAwC;QAExC,IAAIc,iBAAiBkD,KAAK,EAAEC,aAAaC,QAAQ;YAC/C,KAAK,MAAMC,QAAQrD,iBAAiBkD,KAAK,CAACC,WAAW,CAAE;gBACrDhE,OACE,AAAC,MAAMkE,KAAK;oBACV1D,YAAYD,KAAKC,UAAU,EAAEC;oBAC7B0D,SAAS5D,KAAKR,GAAG,CAACoE,OAAO;oBACzBpE,KAAKQ,KAAKR,GAAG;oBACbC;gBACF,MAAOA;YACX;QACF;QAEA,MAAM,EAAEoE,GAAG,EAAEC,KAAK,EAAE,GAAG,MAAM9E,QAAQ;YACnCuE;YACA1C;YACAkD,iBAAiBzD,iBAAiBH,IAAI,CAAC4D,eAAe;QACxD;QAEAvE,IAAIC,IAAI,GAAGA;QAEX,wCAAwC;QACxC,0BAA0B;QAC1B,wCAAwC;QAExC,IAAIa,iBAAiBkD,KAAK,EAAEQ,YAAYN,QAAQ;YAC9C,KAAK,MAAMC,QAAQrD,iBAAiBkD,KAAK,CAACQ,UAAU,CAAE;gBACpDvE,OACE,AAAC,MAAMkE,KAAK;oBACV1D,YAAYD,KAAKC,UAAU,EAAEC;oBAC7B0D,SAAS5D,KAAKR,GAAG,CAACoE,OAAO;oBACzBpE,KAAKQ,KAAKR,GAAG;oBACbsE;oBACArE;gBACF,MAAOA;YACX;QACF;QAEA,wCAAwC;QACxC,qBAAqB;QACrB,wCAAwC;QAExCA,OAAO,MAAMnB,UAAU;YACrB2B,YAAYK;YACZsD,SAASpE,IAAIoE,OAAO;YACpBpD,OAAOA;YACPmC,KAAKlD;YACL,oFAAoF;YACpFwE,OAAOC;YACPxD,gBAAgBA;YAChByD,QAAQ;YACRxD,QAAQA;YACRF,gBAAgBA;YAChBjB;YACAsB,kBAAkBA;QACpB;QAEA,wCAAwC;QACxC,yBAAyB;QACzB,wCAAwC;QAExC,IAAIR,iBAAiBkD,KAAK,EAAElF,WAAWoF,QAAQ;YAC7C,KAAK,MAAMC,QAAQrD,iBAAiBkD,KAAK,CAAClF,SAAS,CAAE;gBACnDmB,OACE,AAAC,MAAMkE,KAAK;oBACV1D,YAAYD,KAAKC,UAAU,EAAEC;oBAC7B0D,SAASpE,IAAIoE,OAAO;oBACpBjB,KAAKlD;oBACLD;gBACF,MAAOC;YACX;QACF;QAEA,IAAI2E,SAA6B;YAC/BP;YACAC;YACArE;QACF;QAEA,wCAAwC;QACxC,8BAA8B;QAC9B,wCAAwC;QAExC2E,SAAS,MAAMpG,oBAAoB;YACjCgC;YACAC,YAAYD,KAAKC,UAAU,EAAEC;YAC7BG,WAAW;YACX+D;QACF;QAEA,IAAIpB,cAAc;YAChB,MAAMzE,kBAAkBiB;QAC1B;QAEA,wCAAwC;QACxC,iBAAiB;QACjB,wCAAwC;QAExC,OAAO4E;IACT,EAAE,OAAOC,OAAgB;QACvB,IAAIpB,KAAK;YACP,MAAM/D,cAAc;gBAClBoB;gBACAM;gBACApB;gBACAyD;gBACAxD;YACF;QACF;QACA,MAAMd,gBAAgBqB,KAAKR,GAAG;QAC9B,MAAM6E;IACR;AACF,EAAC"}

package/dist/auth/operations/registerFirstUser.d.ts

@@ -1,7 +1,7 @@
 import type { AuthOperationsFromCollectionSlug, Collection, DataFromCollectionSlug, RequiredDataFromCollectionSlug } from '../../collections/config/types.js';
-import type { CollectionSlug } from '../../index.js';
+import type { AuthCollectionSlug } from '../../index.js';
 import type { PayloadRequest } from '../../types/index.js';
-export type Arguments<TSlug extends CollectionSlug> = {
+export type Arguments<TSlug extends AuthCollectionSlug> = {
     collection: Collection;
     data: AuthOperationsFromCollectionSlug<TSlug>['registerFirstUser'] & RequiredDataFromCollectionSlug<TSlug>;
     req: PayloadRequest;
@@ -11,5 +11,5 @@ export type Result<TData> = {
     token?: string;
     user?: TData;
 };
-export declare const registerFirstUserOperation: <TSlug extends CollectionSlug>(args: Arguments<TSlug>) => Promise<Result<DataFromCollectionSlug<TSlug>>>;
+export declare const registerFirstUserOperation: <TSlug extends AuthCollectionSlug>(args: Arguments<TSlug>) => Promise<Result<DataFromCollectionSlug<TSlug>>>;
 //# sourceMappingURL=registerFirstUser.d.ts.map

package/dist/auth/operations/registerFirstUser.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"registerFirstUser.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/registerFirstUser.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,gCAAgC,EAChC,UAAU,EACV,sBAAsB,EACtB,8BAA8B,EAC/B,MAAM,mCAAmC,CAAA;AAC1C,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAA;AACpD,OAAO,KAAK,EAAE,cAAc,EAAc,MAAM,sBAAsB,CAAA;AAStE,MAAM,MAAM,SAAS,CAAC,KAAK,SAAS,cAAc,IAAI;IACpD,UAAU,EAAE,UAAU,CAAA;IACtB,IAAI,EAAE,gCAAgC,CAAC,KAAK,CAAC,CAAC,mBAAmB,CAAC,GAChE,8BAA8B,CAAC,KAAK,CAAC,CAAA;IACvC,GAAG,EAAE,cAAc,CAAA;CACpB,CAAA;AAED,MAAM,MAAM,MAAM,CAAC,KAAK,IAAI;IAC1B,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,IAAI,CAAC,EAAE,KAAK,CAAA;CACb,CAAA;AAED,eAAO,MAAM,0BAA0B,GAAU,KAAK,SAAS,cAAc,QACrE,SAAS,CAAC,KAAK,CAAC,KACrB,OAAO,CAAC,MAAM,CAAC,sBAAsB,CAAC,KAAK,CAAC,CAAC,CA8F/C,CAAA"}
+{"version":3,"file":"registerFirstUser.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/registerFirstUser.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,gCAAgC,EAChC,UAAU,EACV,sBAAsB,EACtB,8BAA8B,EAC/B,MAAM,mCAAmC,CAAA;AAC1C,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAA;AACxD,OAAO,KAAK,EAAE,cAAc,EAAc,MAAM,sBAAsB,CAAA;AAStE,MAAM,MAAM,SAAS,CAAC,KAAK,SAAS,kBAAkB,IAAI;IACxD,UAAU,EAAE,UAAU,CAAA;IACtB,IAAI,EAAE,gCAAgC,CAAC,KAAK,CAAC,CAAC,mBAAmB,CAAC,GAChE,8BAA8B,CAAC,KAAK,CAAC,CAAA;IACvC,GAAG,EAAE,cAAc,CAAA;CACpB,CAAA;AAED,MAAM,MAAM,MAAM,CAAC,KAAK,IAAI;IAC1B,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,IAAI,CAAC,EAAE,KAAK,CAAA;CACb,CAAA;AAED,eAAO,MAAM,0BAA0B,GAAU,KAAK,SAAS,kBAAkB,QACzE,SAAS,CAAC,KAAK,CAAC,KACrB,OAAO,CAAC,MAAM,CAAC,sBAAsB,CAAC,KAAK,CAAC,CAAC,CA8F/C,CAAA"}

package/dist/auth/operations/registerFirstUser.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/auth/operations/registerFirstUser.ts"],"sourcesContent":["import type {\n  AuthOperationsFromCollectionSlug,\n  Collection,\n  DataFromCollectionSlug,\n  RequiredDataFromCollectionSlug,\n} from '../../collections/config/types.js'\nimport type { CollectionSlug } from '../../index.js'\nimport type { PayloadRequest, SelectType } from '../../types/index.js'\n\nimport { Forbidden } from '../../errors/index.js'\nimport { appendNonTrashedFilter } from '../../utilities/appendNonTrashedFilter.js'\nimport { commitTransaction } from '../../utilities/commitTransaction.js'\nimport { initTransaction } from '../../utilities/initTransaction.js'\nimport { killTransaction } from '../../utilities/killTransaction.js'\nimport { ensureUsernameOrEmail } from '../ensureUsernameOrEmail.js'\n\nexport type Arguments<TSlug extends CollectionSlug> = {\n  collection: Collection\n  data: AuthOperationsFromCollectionSlug<TSlug>['registerFirstUser'] &\n    RequiredDataFromCollectionSlug<TSlug>\n  req: PayloadRequest\n}\n\nexport type Result<TData> = {\n  exp?: number\n  token?: string\n  user?: TData\n}\n\nexport const registerFirstUserOperation = async <TSlug extends CollectionSlug>(\n  args: Arguments<TSlug>,\n): Promise<Result<DataFromCollectionSlug<TSlug>>> => {\n  const {\n    collection: {\n      config,\n      config: {\n        slug,\n        auth: { verify },\n      },\n    },\n    data,\n    req,\n    req: { payload },\n  } = args\n\n  if (config.auth.disableLocalStrategy) {\n    throw new Forbidden(req.t)\n  }\n\n  try {\n    const shouldCommit = await initTransaction(req)\n\n    ensureUsernameOrEmail<TSlug>({\n      authOptions: config.auth,\n      collectionSlug: slug,\n      data,\n      operation: 'create',\n      req,\n    })\n\n    const where = appendNonTrashedFilter({\n      enableTrash: Boolean(config.trash),\n      trash: false,\n      where: {}, // no initial filter; just exclude trashed docs\n    })\n\n    const doc = await payload.db.findOne({\n      collection: config.slug,\n      req,\n      where,\n    })\n\n    if (doc) {\n      throw new Forbidden(req.t)\n    }\n\n    // /////////////////////////////////////\n    // Register first user\n    // /////////////////////////////////////\n\n    const result = await payload.create<TSlug, SelectType>({\n      collection: slug as TSlug,\n      data,\n      overrideAccess: true,\n      req,\n    })\n\n    // auto-verify (if applicable)\n    if (verify) {\n      await payload.update({\n        id: result.id,\n        collection: slug,\n        data: {\n          _verified: true,\n        },\n        req,\n      })\n    }\n\n    // /////////////////////////////////////\n    // Log in new user\n    // /////////////////////////////////////\n\n    const { exp, token } = await payload.login({\n      ...args,\n      collection: slug,\n      req,\n    })\n\n    result.collection = slug\n    result._strategy = 'local-jwt'\n\n    if (shouldCommit) {\n      await commitTransaction(req)\n    }\n\n    return {\n      exp,\n      token,\n      user: result,\n    }\n  } catch (error: unknown) {\n    await killTransaction(req)\n    throw error\n  }\n}\n"],"names":["Forbidden","appendNonTrashedFilter","commitTransaction","initTransaction","killTransaction","ensureUsernameOrEmail","registerFirstUserOperation","args","collection","config","slug","auth","verify","data","req","payload","disableLocalStrategy","t","shouldCommit","authOptions","collectionSlug","operation","where","enableTrash","Boolean","trash","doc","db","findOne","result","create","overrideAccess","update","id","_verified","exp","token","login","_strategy","user","error"],"mappings":"AASA,SAASA,SAAS,QAAQ,wBAAuB;AACjD,SAASC,sBAAsB,QAAQ,4CAA2C;AAClF,SAASC,iBAAiB,QAAQ,uCAAsC;AACxE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,qBAAqB,QAAQ,8BAA6B;AAenE,OAAO,MAAMC,6BAA6B,OACxCC;IAEA,MAAM,EACJC,YAAY,EACVC,MAAM,EACNA,QAAQ,EACNC,IAAI,EACJC,MAAM,EAAEC,MAAM,EAAE,EACjB,EACF,EACDC,IAAI,EACJC,GAAG,EACHA,KAAK,EAAEC,OAAO,EAAE,EACjB,GAAGR;IAEJ,IAAIE,OAAOE,IAAI,CAACK,oBAAoB,EAAE;QACpC,MAAM,IAAIhB,UAAUc,IAAIG,CAAC;IAC3B;IAEA,IAAI;QACF,MAAMC,eAAe,MAAMf,gBAAgBW;QAE3CT,sBAA6B;YAC3Bc,aAAaV,OAAOE,IAAI;YACxBS,gBAAgBV;YAChBG;YACAQ,WAAW;YACXP;QACF;QAEA,MAAMQ,QAAQrB,uBAAuB;YACnCsB,aAAaC,QAAQf,OAAOgB,KAAK;YACjCA,OAAO;YACPH,OAAO,CAAC;QACV;QAEA,MAAMI,MAAM,MAAMX,QAAQY,EAAE,CAACC,OAAO,CAAC;YACnCpB,YAAYC,OAAOC,IAAI;YACvBI;YACAQ;QACF;QAEA,IAAII,KAAK;YACP,MAAM,IAAI1B,UAAUc,IAAIG,CAAC;QAC3B;QAEA,wCAAwC;QACxC,sBAAsB;QACtB,wCAAwC;QAExC,MAAMY,SAAS,MAAMd,QAAQe,MAAM,CAAoB;YACrDtB,YAAYE;YACZG;YACAkB,gBAAgB;YAChBjB;QACF;QAEA,8BAA8B;QAC9B,IAAIF,QAAQ;YACV,MAAMG,QAAQiB,MAAM,CAAC;gBACnBC,IAAIJ,OAAOI,EAAE;gBACbzB,YAAYE;gBACZG,MAAM;oBACJqB,WAAW;gBACb;gBACApB;YACF;QACF;QAEA,wCAAwC;QACxC,kBAAkB;QAClB,wCAAwC;QAExC,MAAM,EAAEqB,GAAG,EAAEC,KAAK,EAAE,GAAG,MAAMrB,QAAQsB,KAAK,CAAC;YACzC,GAAG9B,IAAI;YACPC,YAAYE;YACZI;QACF;QAEAe,OAAOrB,UAAU,GAAGE;QACpBmB,OAAOS,SAAS,GAAG;QAEnB,IAAIpB,cAAc;YAChB,MAAMhB,kBAAkBY;QAC1B;QAEA,OAAO;YACLqB;YACAC;YACAG,MAAMV;QACR;IACF,EAAE,OAAOW,OAAgB;QACvB,MAAMpC,gBAAgBU;QACtB,MAAM0B;IACR;AACF,EAAC"}
+{"version":3,"sources":["../../../src/auth/operations/registerFirstUser.ts"],"sourcesContent":["import type {\n  AuthOperationsFromCollectionSlug,\n  Collection,\n  DataFromCollectionSlug,\n  RequiredDataFromCollectionSlug,\n} from '../../collections/config/types.js'\nimport type { AuthCollectionSlug } from '../../index.js'\nimport type { PayloadRequest, SelectType } from '../../types/index.js'\n\nimport { Forbidden } from '../../errors/index.js'\nimport { appendNonTrashedFilter } from '../../utilities/appendNonTrashedFilter.js'\nimport { commitTransaction } from '../../utilities/commitTransaction.js'\nimport { initTransaction } from '../../utilities/initTransaction.js'\nimport { killTransaction } from '../../utilities/killTransaction.js'\nimport { ensureUsernameOrEmail } from '../ensureUsernameOrEmail.js'\n\nexport type Arguments<TSlug extends AuthCollectionSlug> = {\n  collection: Collection\n  data: AuthOperationsFromCollectionSlug<TSlug>['registerFirstUser'] &\n    RequiredDataFromCollectionSlug<TSlug>\n  req: PayloadRequest\n}\n\nexport type Result<TData> = {\n  exp?: number\n  token?: string\n  user?: TData\n}\n\nexport const registerFirstUserOperation = async <TSlug extends AuthCollectionSlug>(\n  args: Arguments<TSlug>,\n): Promise<Result<DataFromCollectionSlug<TSlug>>> => {\n  const {\n    collection: {\n      config,\n      config: {\n        slug,\n        auth: { verify },\n      },\n    },\n    data,\n    req,\n    req: { payload },\n  } = args\n\n  if (config.auth.disableLocalStrategy) {\n    throw new Forbidden(req.t)\n  }\n\n  try {\n    const shouldCommit = await initTransaction(req)\n\n    ensureUsernameOrEmail<TSlug>({\n      authOptions: config.auth,\n      collectionSlug: slug,\n      data,\n      operation: 'create',\n      req,\n    })\n\n    const where = appendNonTrashedFilter({\n      enableTrash: Boolean(config.trash),\n      trash: false,\n      where: {}, // no initial filter; just exclude trashed docs\n    })\n\n    const doc = await payload.db.findOne({\n      collection: config.slug,\n      req,\n      where,\n    })\n\n    if (doc) {\n      throw new Forbidden(req.t)\n    }\n\n    // /////////////////////////////////////\n    // Register first user\n    // /////////////////////////////////////\n\n    const result = await payload.create<TSlug, SelectType>({\n      collection: slug as TSlug,\n      data,\n      overrideAccess: true,\n      req,\n    })\n\n    // auto-verify (if applicable)\n    if (verify) {\n      await payload.update({\n        id: result.id,\n        collection: slug,\n        data: {\n          _verified: true,\n        },\n        req,\n      })\n    }\n\n    // /////////////////////////////////////\n    // Log in new user\n    // /////////////////////////////////////\n\n    const { exp, token } = await payload.login({\n      ...args,\n      collection: slug,\n      req,\n    })\n\n    result.collection = slug\n    result._strategy = 'local-jwt'\n\n    if (shouldCommit) {\n      await commitTransaction(req)\n    }\n\n    return {\n      exp,\n      token,\n      user: result,\n    }\n  } catch (error: unknown) {\n    await killTransaction(req)\n    throw error\n  }\n}\n"],"names":["Forbidden","appendNonTrashedFilter","commitTransaction","initTransaction","killTransaction","ensureUsernameOrEmail","registerFirstUserOperation","args","collection","config","slug","auth","verify","data","req","payload","disableLocalStrategy","t","shouldCommit","authOptions","collectionSlug","operation","where","enableTrash","Boolean","trash","doc","db","findOne","result","create","overrideAccess","update","id","_verified","exp","token","login","_strategy","user","error"],"mappings":"AASA,SAASA,SAAS,QAAQ,wBAAuB;AACjD,SAASC,sBAAsB,QAAQ,4CAA2C;AAClF,SAASC,iBAAiB,QAAQ,uCAAsC;AACxE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,qBAAqB,QAAQ,8BAA6B;AAenE,OAAO,MAAMC,6BAA6B,OACxCC;IAEA,MAAM,EACJC,YAAY,EACVC,MAAM,EACNA,QAAQ,EACNC,IAAI,EACJC,MAAM,EAAEC,MAAM,EAAE,EACjB,EACF,EACDC,IAAI,EACJC,GAAG,EACHA,KAAK,EAAEC,OAAO,EAAE,EACjB,GAAGR;IAEJ,IAAIE,OAAOE,IAAI,CAACK,oBAAoB,EAAE;QACpC,MAAM,IAAIhB,UAAUc,IAAIG,CAAC;IAC3B;IAEA,IAAI;QACF,MAAMC,eAAe,MAAMf,gBAAgBW;QAE3CT,sBAA6B;YAC3Bc,aAAaV,OAAOE,IAAI;YACxBS,gBAAgBV;YAChBG;YACAQ,WAAW;YACXP;QACF;QAEA,MAAMQ,QAAQrB,uBAAuB;YACnCsB,aAAaC,QAAQf,OAAOgB,KAAK;YACjCA,OAAO;YACPH,OAAO,CAAC;QACV;QAEA,MAAMI,MAAM,MAAMX,QAAQY,EAAE,CAACC,OAAO,CAAC;YACnCpB,YAAYC,OAAOC,IAAI;YACvBI;YACAQ;QACF;QAEA,IAAII,KAAK;YACP,MAAM,IAAI1B,UAAUc,IAAIG,CAAC;QAC3B;QAEA,wCAAwC;QACxC,sBAAsB;QACtB,wCAAwC;QAExC,MAAMY,SAAS,MAAMd,QAAQe,MAAM,CAAoB;YACrDtB,YAAYE;YACZG;YACAkB,gBAAgB;YAChBjB;QACF;QAEA,8BAA8B;QAC9B,IAAIF,QAAQ;YACV,MAAMG,QAAQiB,MAAM,CAAC;gBACnBC,IAAIJ,OAAOI,EAAE;gBACbzB,YAAYE;gBACZG,MAAM;oBACJqB,WAAW;gBACb;gBACApB;YACF;QACF;QAEA,wCAAwC;QACxC,kBAAkB;QAClB,wCAAwC;QAExC,MAAM,EAAEqB,GAAG,EAAEC,KAAK,EAAE,GAAG,MAAMrB,QAAQsB,KAAK,CAAC;YACzC,GAAG9B,IAAI;YACPC,YAAYE;YACZI;QACF;QAEAe,OAAOrB,UAAU,GAAGE;QACpBmB,OAAOS,SAAS,GAAG;QAEnB,IAAIpB,cAAc;YAChB,MAAMhB,kBAAkBY;QAC1B;QAEA,OAAO;YACLqB;YACAC;YACAG,MAAMV;QACR;IACF,EAAE,OAAOW,OAAgB;QACvB,MAAMpC,gBAAgBU;QACtB,MAAM0B;IACR;AACF,EAAC"}

package/dist/auth/operations/resetPassword.d.ts

@@ -1,5 +1,5 @@
 import type { Collection } from '../../collections/config/types.js';
-import type { CollectionSlug } from '../../index.js';
+import type { AuthCollectionSlug } from '../../index.js';
 import type { PayloadRequest } from '../../types/index.js';
 export type Result = {
     token?: string;
@@ -15,5 +15,5 @@ export type Arguments = {
     overrideAccess?: boolean;
     req: PayloadRequest;
 };
-export declare const resetPasswordOperation: <TSlug extends CollectionSlug>(args: Arguments) => Promise<Result>;
+export declare const resetPasswordOperation: <TSlug extends AuthCollectionSlug>(args: Arguments) => Promise<Result>;
 //# sourceMappingURL=resetPassword.d.ts.map

package/dist/auth/operations/resetPassword.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"resetPassword.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/resetPassword.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,UAAU,EAA0B,MAAM,mCAAmC,CAAA;AAC3F,OAAO,KAAK,EAAE,cAAc,EAAe,MAAM,gBAAgB,CAAA;AACjE,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAe1D,MAAM,MAAM,MAAM,GAAG;IACnB,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CAC9B,CAAA;AAED,MAAM,MAAM,SAAS,GAAG;IACtB,UAAU,EAAE,UAAU,CAAA;IACtB,IAAI,EAAE;QACJ,QAAQ,EAAE,MAAM,CAAA;QAChB,KAAK,EAAE,MAAM,CAAA;KACd,CAAA;IACD,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,GAAG,EAAE,cAAc,CAAA;CACpB,CAAA;AAED,eAAO,MAAM,sBAAsB,GAAU,KAAK,SAAS,cAAc,QACjE,SAAS,KACd,OAAO,CAAC,MAAM,CA0NhB,CAAA"}
+{"version":3,"file":"resetPassword.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/resetPassword.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,UAAU,EAA0B,MAAM,mCAAmC,CAAA;AAC3F,OAAO,KAAK,EAAE,kBAAkB,EAAa,MAAM,gBAAgB,CAAA;AACnE,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAe1D,MAAM,MAAM,MAAM,GAAG;IACnB,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CAC9B,CAAA;AAED,MAAM,MAAM,SAAS,GAAG;IACtB,UAAU,EAAE,UAAU,CAAA;IACtB,IAAI,EAAE;QACJ,QAAQ,EAAE,MAAM,CAAA;QAChB,KAAK,EAAE,MAAM,CAAA;KACd,CAAA;IACD,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,GAAG,EAAE,cAAc,CAAA;CACpB,CAAA;AAED,eAAO,MAAM,sBAAsB,GAAU,KAAK,SAAS,kBAAkB,QACrE,SAAS,KACd,OAAO,CAAC,MAAM,CA0NhB,CAAA"}