pipework 0.4.1 → 0.5.0

package/README.md

@@ -42,10 +42,30 @@ export default createManifold({
 })
 ```
 
+```typescript
+// src/domains.ts — define once, project everywhere
+import { pipe } from 'pipework'
+
+export const User = pipe.define('users', {
+  id: pipe.field.uuid().brand('UserId').primaryKey().defaultRandom(),
+  name: pipe.field.text().min(1).max(255),
+  email: pipe.field.text().email().unique(),
+  role: pipe.field.enum(['admin', 'member'] as const),
+  tenantId: pipe.field.uuid().tenant(),
+})
+
+// User.table()        → Drizzle pgTable
+// User.insertShape()  → zod validator (omits PK, optionalizes defaults)
+// User.selectShape()  → zod validator (all fields)
+// User.factory()      → test data builder with FK resolution
+// User.Select         → { id: Branded<string, 'UserId'>; name: string; ... }
+```
+
 ```typescript
 // src/server.ts — import the manifold, build your app
 import pipework from '../pipework.config.js'
 import { http, fitting, schema } from 'pipework'
+import { User } from './domains.js'
 
 const createNote = fitting
   .use()
@@ -82,34 +102,18 @@ Then scaffold your project:
 npx pipework init
 ```
 
-This creates `pipework.config.ts` at your project root — the single entry point for config, runtime instance, CLI, and test setup. See [Getting Started](docs/getting-started.md) for the full walkthrough.
-
-Database schema definitions, SQL operations, and validation are accessed through Pipework's namespaces:
-
-```typescript
-import { schema, pipe } from 'pipework'
-
-// Database schema: table definitions, column types
-const users = schema.table('users', {
-  id: schema.col.uuid('id').primaryKey().defaultRandom(),
-  name: schema.col.text('name').notNull(),
-})
-
-// Validation
-const input = schema.check.object({ name: schema.check.string().min(1) })
-
-// SQL
-const rows = await db.execute(pipe.sql`SELECT * FROM users`)
-```
+This creates `pipework.config.ts` at your project root — the single entry point for config, runtime instance, CLI, and test setup.
 
 ## Testing
 
-One-liner vitest config. Put your connection string in `.env.test`:
-
 ```typescript
-// vitest.config.ts
+// vitest.config.ts — integration tests (auto DB setup + per-test isolation)
 import { defineTestConfig } from 'pipework/vitest'
 export default defineTestConfig()
+
+// vitest.unit.config.ts — pure unit tests (no DB required)
+import { defineTestConfig } from 'pipework/vitest'
+export default defineTestConfig({ database: false })
 ```
 
 ```bash
@@ -117,51 +121,20 @@ export default defineTestConfig()
 DATABASE_URL_TEST=postgresql://user:pass@localhost:5432/myapp_test
 ```
 
-Add `"pipework/globals"` to your tsconfig types for the `db` global, then write tests directly:
-
-```typescript
-// tests/notes.test.ts
-import { pipe } from 'pipework'
+Every integration test runs in a rollback transaction. No cleanup, no state leaks. Unit test configs with `database: false` skip all DB machinery — safe to use in CI steps without a database.
 
-it('creates a note', async () => {
-  await db.execute(pipe.sql`INSERT INTO notes (title) VALUES ('Test')`)
-  const rows = await db.execute(pipe.sql`SELECT * FROM notes`)
-  expect(rows).toHaveLength(1)
-})
-```
+## Documentation
 
-Every test runs in a rollback transaction. No cleanup, no state leaks. Run with `pipework test` for automatic database setup/teardown, or use `pnpm vitest` directly.
+API documentation lives in two places:
 
-## Documentation
+- **[REFERENCE.md](REFERENCE.md)** — auto-generated from source JSDoc. Complete API surface, organized by namespace.
+- **JSDoc on every public export** — enforced by `pnpm lint:jsdoc`. Read inline in your editor or via the reference file.
 
-- **[Getting Started](https://github.com/theconstructory/pipework/blob/main/docs/getting-started.md)** — zero to running server
-- **Guides**
-  - [Monorepo](https://github.com/theconstructory/pipework/blob/main/docs/guides/monorepo.md)
-  - [Configuration](https://github.com/theconstructory/pipework/blob/main/docs/guides/configuration.md)
-  - [Handlers](https://github.com/theconstructory/pipework/blob/main/docs/guides/handlers.md)
-  - [Auth & Tenants](https://github.com/theconstructory/pipework/blob/main/docs/guides/auth-and-tenants.md)
-  - [Background Jobs](https://github.com/theconstructory/pipework/blob/main/docs/guides/jobs.md)
-  - [Temporal Records](https://github.com/theconstructory/pipework/blob/main/docs/guides/temporal.md)
-  - [Resource CRUD](https://github.com/theconstructory/pipework/blob/main/docs/guides/resources.md)
-  - [Caching](https://github.com/theconstructory/pipework/blob/main/docs/guides/caching.md)
-  - [State Machines](https://github.com/theconstructory/pipework/blob/main/docs/guides/state-machines.md)
-  - [Pipelines](https://github.com/theconstructory/pipework/blob/main/docs/guides/pipelines.md)
-  - [pgvector & Search](https://github.com/theconstructory/pipework/blob/main/docs/guides/vector.md)
-  - [RBAC](https://github.com/theconstructory/pipework/blob/main/docs/guides/rbac.md)
-  - [Audit Trail](https://github.com/theconstructory/pipework/blob/main/docs/guides/audit.md)
-  - [HTTP Security](https://github.com/theconstructory/pipework/blob/main/docs/guides/security.md)
-  - [Logging](https://github.com/theconstructory/pipework/blob/main/docs/guides/logging.md)
-  - [OpenAPI](https://github.com/theconstructory/pipework/blob/main/docs/guides/openapi.md)
-  - [Testing](https://github.com/theconstructory/pipework/blob/main/docs/guides/testing.md)
-  - [Error Handling](https://github.com/theconstructory/pipework/blob/main/docs/guides/errors.md)
-- **Recipes**
-  - [Content Pipeline](https://github.com/theconstructory/pipework/blob/main/docs/recipes/content-pipeline.md)
-  - [Flexible Entities](https://github.com/theconstructory/pipework/blob/main/docs/recipes/flexible-entities.md)
-  - [Assertion Provenance](https://github.com/theconstructory/pipework/blob/main/docs/recipes/assertion-provenance.md)
+For Claude Code users, the `/pipework` skill provides usage guidance, API reference, and project auditing.
 
 ## Design principles
 
-1. **Resolution, not reimplementation.** Wraps Drizzle, Fastify, Vitest, and Zod. Doesn't replace them.
+1. **Pipework first.** Orchestrates Drizzle, Fastify, Vitest, and Zod so your application code doesn't have to.
 2. **Constraints over conventions.** If a rule can be enforced in code, it is.
 3. **Fail at startup, not at first use.** Missing config throws immediately with what's wrong and how to fix it.
 4. **PostgreSQL-only.** No database abstraction. Build deep on Postgres features.

package/dist/audit/namespace.d.ts

@@ -1,5 +1,7 @@
 import { createAudit } from './index.js';
+/** Audit logging namespace — structured audit trail for data changes. */
 export declare const audit: {
+    /** Creates an Audit instance that writes audit records to a Postgres table. */
     create: typeof createAudit;
 };
 //# sourceMappingURL=namespace.d.ts.map

package/dist/audit/namespace.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"namespace.d.ts","sourceRoot":"","sources":["../../src/audit/namespace.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,YAAY,CAAA;AAExC,eAAO,MAAM,KAAK;;CAEjB,CAAA"}
+{"version":3,"file":"namespace.d.ts","sourceRoot":"","sources":["../../src/audit/namespace.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,YAAY,CAAA;AAExC,yEAAyE;AACzE,eAAO,MAAM,KAAK;IAChB,+EAA+E;;CAEhF,CAAA"}

package/dist/audit/namespace.js

@@ -1,5 +1,7 @@
 import { createAudit } from './index.js';
+/** Audit logging namespace — structured audit trail for data changes. */
 export const audit = {
+    /** Creates an Audit instance that writes audit records to a Postgres table. */
     create: createAudit,
 };
 //# sourceMappingURL=namespace.js.map

package/dist/audit/namespace.js.map

@@ -1 +1 @@
-{"version":3,"file":"namespace.js","sourceRoot":"","sources":["../../src/audit/namespace.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,YAAY,CAAA;AAExC,MAAM,CAAC,MAAM,KAAK,GAAG;IACnB,MAAM,EAAE,WAAW;CACpB,CAAA"}
+{"version":3,"file":"namespace.js","sourceRoot":"","sources":["../../src/audit/namespace.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,YAAY,CAAA;AAExC,yEAAyE;AACzE,MAAM,CAAC,MAAM,KAAK,GAAG;IACnB,+EAA+E;IAC/E,MAAM,EAAE,WAAW;CACpB,CAAA"}

package/dist/auth/chain.d.ts

@@ -1,20 +1,25 @@
 import type { AuthStrategy, AuthRequest, AuthContext } from './types.js';
+/** Post-authentication hook — enrich the resolved auth with additional data (roles, permissions, etc.). */
 export interface AuthEnricher<TAuth> {
     readonly name: string;
     enrich(auth: TAuth): Promise<TAuth>;
 }
+/** Resolves tenant ID from auth context — called after authentication in the chain. */
 export interface TenantResolver<TAuth> {
     resolve(auth: TAuth): string;
 }
+/** Configuration for the auth chain — strategies, enrichers, tenant resolver. */
 export interface AuthChainConfig<TAuth> {
     readonly strategies: readonly AuthStrategy<TAuth>[];
     readonly enrichers?: readonly AuthEnricher<TAuth>[];
     readonly tenantResolver?: TenantResolver<TAuth>;
 }
+/** Result of running the auth chain — resolved auth and tenant (both nullable for public routes). */
 export interface AuthChainResult<TAuth> {
     readonly auth: TAuth | null;
     readonly tenant: string | null;
 }
+/** Executes the auth chain: tries strategies in order, enriches, resolves tenant. */
 export declare function runAuthChain<TAuth>(config: AuthChainConfig<TAuth>, request: AuthRequest, options: {
     optional: boolean;
 }, context: AuthContext): Promise<AuthChainResult<TAuth>>;

package/dist/auth/chain.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"chain.d.ts","sourceRoot":"","sources":["../../src/auth/chain.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,YAAY,CAAA;AAGxE,MAAM,WAAW,YAAY,CAAC,KAAK;IACjC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAA;IACrB,MAAM,CAAC,IAAI,EAAE,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,CAAA;CACpC;AAED,MAAM,WAAW,cAAc,CAAC,KAAK;IACnC,OAAO,CAAC,IAAI,EAAE,KAAK,GAAG,MAAM,CAAA;CAC7B;AAED,MAAM,WAAW,eAAe,CAAC,KAAK;IACpC,QAAQ,CAAC,UAAU,EAAE,SAAS,YAAY,CAAC,KAAK,CAAC,EAAE,CAAA;IACnD,QAAQ,CAAC,SAAS,CAAC,EAAE,SAAS,YAAY,CAAC,KAAK,CAAC,EAAE,CAAA;IACnD,QAAQ,CAAC,cAAc,CAAC,EAAE,cAAc,CAAC,KAAK,CAAC,CAAA;CAChD;AAED,MAAM,WAAW,eAAe,CAAC,KAAK;IACpC,QAAQ,CAAC,IAAI,EAAE,KAAK,GAAG,IAAI,CAAA;IAC3B,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,CAAA;CAC/B;AAED,wBAAsB,YAAY,CAAC,KAAK,EACtC,MAAM,EAAE,eAAe,CAAC,KAAK,CAAC,EAC9B,OAAO,EAAE,WAAW,EACpB,OAAO,EAAE;IAAE,QAAQ,EAAE,OAAO,CAAA;CAAE,EAC9B,OAAO,EAAE,WAAW,GACnB,OAAO,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,CAqCjC"}
+{"version":3,"file":"chain.d.ts","sourceRoot":"","sources":["../../src/auth/chain.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,YAAY,CAAA;AAGxE,2GAA2G;AAC3G,MAAM,WAAW,YAAY,CAAC,KAAK;IACjC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAA;IACrB,MAAM,CAAC,IAAI,EAAE,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,CAAA;CACpC;AAED,uFAAuF;AACvF,MAAM,WAAW,cAAc,CAAC,KAAK;IACnC,OAAO,CAAC,IAAI,EAAE,KAAK,GAAG,MAAM,CAAA;CAC7B;AAED,iFAAiF;AACjF,MAAM,WAAW,eAAe,CAAC,KAAK;IACpC,QAAQ,CAAC,UAAU,EAAE,SAAS,YAAY,CAAC,KAAK,CAAC,EAAE,CAAA;IACnD,QAAQ,CAAC,SAAS,CAAC,EAAE,SAAS,YAAY,CAAC,KAAK,CAAC,EAAE,CAAA;IACnD,QAAQ,CAAC,cAAc,CAAC,EAAE,cAAc,CAAC,KAAK,CAAC,CAAA;CAChD;AAED,qGAAqG;AACrG,MAAM,WAAW,eAAe,CAAC,KAAK;IACpC,QAAQ,CAAC,IAAI,EAAE,KAAK,GAAG,IAAI,CAAA;IAC3B,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,CAAA;CAC/B;AAED,qFAAqF;AACrF,wBAAsB,YAAY,CAAC,KAAK,EACtC,MAAM,EAAE,eAAe,CAAC,KAAK,CAAC,EAC9B,OAAO,EAAE,WAAW,EACpB,OAAO,EAAE;IAAE,QAAQ,EAAE,OAAO,CAAA;CAAE,EAC9B,OAAO,EAAE,WAAW,GACnB,OAAO,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,CAqCjC"}

package/dist/auth/chain.js

@@ -1,4 +1,5 @@
 import { UnauthorizedError } from '../errors/index.js';
+/** Executes the auth chain: tries strategies in order, enriches, resolves tenant. */
 export async function runAuthChain(config, request, options, context) {
     let extracted = null;
     let matchedStrategy = null;

package/dist/auth/chain.js.map

@@ -1 +1 @@
-{"version":3,"file":"chain.js","sourceRoot":"","sources":["../../src/auth/chain.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAA;AAsBtD,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,MAA8B,EAC9B,OAAoB,EACpB,OAA8B,EAC9B,OAAoB;IAEpB,IAAI,SAAS,GAAiB,IAAI,CAAA;IAClC,IAAI,eAAe,GAA+B,IAAI,CAAA;IAEtD,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;QACzC,SAAS,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,CAAA;QACpD,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;YACvB,eAAe,GAAG,QAAQ,CAAA;YAC1B,MAAK;QACP,CAAC;IACH,CAAC;IAED,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;QACvB,IAAI,OAAO,CAAC,QAAQ;YAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;QACzD,MAAM,IAAI,iBAAiB,EAAE,CAAA;IAC/B,CAAC;IAED,IAAI,IAAW,CAAA;IACf,IAAI,CAAC;QACH,IAAI,GAAG,MAAM,eAAgB,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,CAAA;IAC1D,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,KAAK,YAAY,iBAAiB;YAAE,MAAM,KAAK,CAAA;QACnD,MAAM,IAAI,iBAAiB,CAAC,uBAAuB,EAAE;YACnD,QAAQ,EAAE,eAAgB,CAAC,IAAI;YAC/B,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;SAC9D,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACrB,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;YACxC,IAAI,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QACpC,CAAC;IACH,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAAC,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,CAAA;IAEhG,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAA;AACzB,CAAC;AAED,SAAS,aAAa,CAAC,IAAa;IAClC,IAAI,IAAI,KAAK,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,UAAU,IAAI,IAAI,EAAE,CAAC;QACpE,MAAM,QAAQ,GAAI,IAA8B,CAAC,QAAQ,CAAA;QACzD,IAAI,OAAO,QAAQ,KAAK,QAAQ;YAAE,OAAO,QAAQ,CAAA;IACnD,CAAC;IACD,OAAO,IAAI,CAAA;AACb,CAAC"}
+{"version":3,"file":"chain.js","sourceRoot":"","sources":["../../src/auth/chain.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAA;AA0BtD,qFAAqF;AACrF,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,MAA8B,EAC9B,OAAoB,EACpB,OAA8B,EAC9B,OAAoB;IAEpB,IAAI,SAAS,GAAiB,IAAI,CAAA;IAClC,IAAI,eAAe,GAA+B,IAAI,CAAA;IAEtD,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;QACzC,SAAS,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,CAAA;QACpD,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;YACvB,eAAe,GAAG,QAAQ,CAAA;YAC1B,MAAK;QACP,CAAC;IACH,CAAC;IAED,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;QACvB,IAAI,OAAO,CAAC,QAAQ;YAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;QACzD,MAAM,IAAI,iBAAiB,EAAE,CAAA;IAC/B,CAAC;IAED,IAAI,IAAW,CAAA;IACf,IAAI,CAAC;QACH,IAAI,GAAG,MAAM,eAAgB,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,CAAA;IAC1D,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,KAAK,YAAY,iBAAiB;YAAE,MAAM,KAAK,CAAA;QACnD,MAAM,IAAI,iBAAiB,CAAC,uBAAuB,EAAE;YACnD,QAAQ,EAAE,eAAgB,CAAC,IAAI;YAC/B,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;SAC9D,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACrB,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;YACxC,IAAI,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QACpC,CAAC;IACH,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAAC,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,CAAA;IAEhG,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAA;AACzB,CAAC;AAED,SAAS,aAAa,CAAC,IAAa;IAClC,IAAI,IAAI,KAAK,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,UAAU,IAAI,IAAI,EAAE,CAAC;QACpE,MAAM,QAAQ,GAAI,IAA8B,CAAC,QAAQ,CAAA;QACzD,IAAI,OAAO,QAAQ,KAAK,QAAQ;YAAE,OAAO,QAAQ,CAAA;IACnD,CAAC;IACD,OAAO,IAAI,CAAA;AACb,CAAC"}

package/dist/auth/cookie.d.ts

@@ -1,9 +1,11 @@
+/** Cookie configuration for token delivery — name, domain, path, secure, sameSite, httpOnly. */
 export interface CookieConfig {
     readonly name?: string;
     readonly secure?: 'auto' | boolean;
     readonly sameSite?: 'strict' | 'lax' | 'none';
     readonly path?: string;
 }
+/** CookieConfig with all defaults resolved — every field is required. */
 export interface ResolvedCookieConfig {
     readonly name: string;
     readonly secure: boolean;
@@ -11,8 +13,12 @@ export interface ResolvedCookieConfig {
     readonly path: string;
     readonly httpOnly: true;
 }
+/** Resolves a partial CookieConfig into a ResolvedCookieConfig with secure defaults. */
 export declare function resolveCookieConfig(cookie: CookieConfig, env: string): ResolvedCookieConfig;
+/** Builds a Set-Cookie header string from name, value, and resolved config. */
 export declare function buildSetCookieHeader(resolved: ResolvedCookieConfig, value: string, maxAge: number): string;
+/** Builds a Set-Cookie header that expires (clears) a cookie. */
 export declare function buildClearCookieHeader(resolved: ResolvedCookieConfig): string;
+/** Parses a Cookie header string into a Record of key-value pairs. */
 export declare function parseCookieHeader(header: string | undefined, name: string): string | undefined;
 //# sourceMappingURL=cookie.d.ts.map

package/dist/auth/cookie.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"cookie.d.ts","sourceRoot":"","sources":["../../src/auth/cookie.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,YAAY;IAC3B,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAA;IACtB,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAA;IAClC,QAAQ,CAAC,QAAQ,CAAC,EAAE,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAA;IAC7C,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAA;CACvB;AAED,MAAM,WAAW,oBAAoB;IACnC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAA;IACrB,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAA;IACxB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAA;IACzB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAA;IACrB,QAAQ,CAAC,QAAQ,EAAE,IAAI,CAAA;CACxB;AAED,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,YAAY,EAAE,GAAG,EAAE,MAAM,GAAG,oBAAoB,CAY3F;AAED,wBAAgB,oBAAoB,CAAC,QAAQ,EAAE,oBAAoB,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CAU1G;AAED,wBAAgB,sBAAsB,CAAC,QAAQ,EAAE,oBAAoB,GAAG,MAAM,CAU7E;AAED,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAY9F"}
+{"version":3,"file":"cookie.d.ts","sourceRoot":"","sources":["../../src/auth/cookie.ts"],"names":[],"mappings":"AAAA,gGAAgG;AAChG,MAAM,WAAW,YAAY;IAC3B,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAA;IACtB,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAA;IAClC,QAAQ,CAAC,QAAQ,CAAC,EAAE,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAA;IAC7C,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAA;CACvB;AAED,yEAAyE;AACzE,MAAM,WAAW,oBAAoB;IACnC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAA;IACrB,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAA;IACxB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAA;IACzB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAA;IACrB,QAAQ,CAAC,QAAQ,EAAE,IAAI,CAAA;CACxB;AAED,wFAAwF;AACxF,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,YAAY,EAAE,GAAG,EAAE,MAAM,GAAG,oBAAoB,CAY3F;AAED,+EAA+E;AAC/E,wBAAgB,oBAAoB,CAAC,QAAQ,EAAE,oBAAoB,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CAU1G;AAED,iEAAiE;AACjE,wBAAgB,sBAAsB,CAAC,QAAQ,EAAE,oBAAoB,GAAG,MAAM,CAU7E;AAED,sEAAsE;AACtE,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAY9F"}

package/dist/auth/cookie.js

@@ -1,3 +1,4 @@
+/** Resolves a partial CookieConfig into a ResolvedCookieConfig with secure defaults. */
 export function resolveCookieConfig(cookie, env) {
     const secure = cookie.secure === 'auto' || cookie.secure === undefined
         ? env === 'production'
@@ -10,6 +11,7 @@ export function resolveCookieConfig(cookie, env) {
         httpOnly: true,
     };
 }
+/** Builds a Set-Cookie header string from name, value, and resolved config. */
 export function buildSetCookieHeader(resolved, value, maxAge) {
     const parts = [
         `${resolved.name}=${encodeURIComponent(value)}`,
@@ -22,6 +24,7 @@ export function buildSetCookieHeader(resolved, value, maxAge) {
         parts.push('Secure');
     return parts.join('; ');
 }
+/** Builds a Set-Cookie header that expires (clears) a cookie. */
 export function buildClearCookieHeader(resolved) {
     const parts = [
         `${resolved.name}=`,
@@ -34,6 +37,7 @@ export function buildClearCookieHeader(resolved) {
         parts.push('Secure');
     return parts.join('; ');
 }
+/** Parses a Cookie header string into a Record of key-value pairs. */
 export function parseCookieHeader(header, name) {
     if (header === undefined)
         return undefined;

package/dist/auth/cookie.js.map

@@ -1 +1 @@
-{"version":3,"file":"cookie.js","sourceRoot":"","sources":["../../src/auth/cookie.ts"],"names":[],"mappings":"AAeA,MAAM,UAAU,mBAAmB,CAAC,MAAoB,EAAE,GAAW;IACnE,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,KAAK,MAAM,IAAI,MAAM,CAAC,MAAM,KAAK,SAAS;QACpE,CAAC,CAAC,GAAG,KAAK,YAAY;QACtB,CAAC,CAAC,MAAM,CAAC,MAAM,CAAA;IAEjB,OAAO;QACL,IAAI,EAAE,MAAM,CAAC,IAAI,IAAI,oBAAoB;QACzC,MAAM;QACN,QAAQ,EAAE,MAAM,CAAC,QAAQ,IAAI,QAAQ;QACrC,IAAI,EAAE,MAAM,CAAC,IAAI,IAAI,GAAG;QACxB,QAAQ,EAAE,IAAI;KACf,CAAA;AACH,CAAC;AAED,MAAM,UAAU,oBAAoB,CAAC,QAA8B,EAAE,KAAa,EAAE,MAAc;IAChG,MAAM,KAAK,GAAG;QACZ,GAAG,QAAQ,CAAC,IAAI,IAAI,kBAAkB,CAAC,KAAK,CAAC,EAAE;QAC/C,UAAU;QACV,QAAQ,QAAQ,CAAC,IAAI,EAAE;QACvB,WAAW,MAAM,EAAE;QACnB,YAAY,UAAU,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE;KAC5C,CAAA;IACD,IAAI,QAAQ,CAAC,MAAM;QAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;IACzC,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;AACzB,CAAC;AAED,MAAM,UAAU,sBAAsB,CAAC,QAA8B;IACnE,MAAM,KAAK,GAAG;QACZ,GAAG,QAAQ,CAAC,IAAI,GAAG;QACnB,UAAU;QACV,QAAQ,QAAQ,CAAC,IAAI,EAAE;QACvB,WAAW;QACX,YAAY,UAAU,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE;KAC5C,CAAA;IACD,IAAI,QAAQ,CAAC,MAAM;QAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;IACzC,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;AACzB,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,MAA0B,EAAE,IAAY;IACxE,IAAI,MAAM,KAAK,SAAS;QAAE,OAAO,SAAS,CAAA;IAC1C,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;QACrC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAA;QAC3B,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;QAClC,IAAI,KAAK,KAAK,CAAC,CAAC;YAAE,SAAQ;QAC1B,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,IAAI,EAAE,CAAA;QAC1C,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;YACjB,OAAO,kBAAkB,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAA;QAC5D,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAA;AAClB,CAAC;AAED,SAAS,UAAU,CAAC,CAAS;IAC3B,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;AAC/C,CAAC"}
+{"version":3,"file":"cookie.js","sourceRoot":"","sources":["../../src/auth/cookie.ts"],"names":[],"mappings":"AAiBA,wFAAwF;AACxF,MAAM,UAAU,mBAAmB,CAAC,MAAoB,EAAE,GAAW;IACnE,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,KAAK,MAAM,IAAI,MAAM,CAAC,MAAM,KAAK,SAAS;QACpE,CAAC,CAAC,GAAG,KAAK,YAAY;QACtB,CAAC,CAAC,MAAM,CAAC,MAAM,CAAA;IAEjB,OAAO;QACL,IAAI,EAAE,MAAM,CAAC,IAAI,IAAI,oBAAoB;QACzC,MAAM;QACN,QAAQ,EAAE,MAAM,CAAC,QAAQ,IAAI,QAAQ;QACrC,IAAI,EAAE,MAAM,CAAC,IAAI,IAAI,GAAG;QACxB,QAAQ,EAAE,IAAI;KACf,CAAA;AACH,CAAC;AAED,+EAA+E;AAC/E,MAAM,UAAU,oBAAoB,CAAC,QAA8B,EAAE,KAAa,EAAE,MAAc;IAChG,MAAM,KAAK,GAAG;QACZ,GAAG,QAAQ,CAAC,IAAI,IAAI,kBAAkB,CAAC,KAAK,CAAC,EAAE;QAC/C,UAAU;QACV,QAAQ,QAAQ,CAAC,IAAI,EAAE;QACvB,WAAW,MAAM,EAAE;QACnB,YAAY,UAAU,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE;KAC5C,CAAA;IACD,IAAI,QAAQ,CAAC,MAAM;QAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;IACzC,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;AACzB,CAAC;AAED,iEAAiE;AACjE,MAAM,UAAU,sBAAsB,CAAC,QAA8B;IACnE,MAAM,KAAK,GAAG;QACZ,GAAG,QAAQ,CAAC,IAAI,GAAG;QACnB,UAAU;QACV,QAAQ,QAAQ,CAAC,IAAI,EAAE;QACvB,WAAW;QACX,YAAY,UAAU,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE;KAC5C,CAAA;IACD,IAAI,QAAQ,CAAC,MAAM;QAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;IACzC,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;AACzB,CAAC;AAED,sEAAsE;AACtE,MAAM,UAAU,iBAAiB,CAAC,MAA0B,EAAE,IAAY;IACxE,IAAI,MAAM,KAAK,SAAS;QAAE,OAAO,SAAS,CAAA;IAC1C,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;QACrC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAA;QAC3B,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;QAClC,IAAI,KAAK,KAAK,CAAC,CAAC;YAAE,SAAQ;QAC1B,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,IAAI,EAAE,CAAA;QAC1C,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;YACjB,OAAO,kBAAkB,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAA;QAC5D,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAA;AAClB,CAAC;AAED,SAAS,UAAU,CAAC,CAAS;IAC3B,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;AAC/C,CAAC"}

package/dist/auth/multi-org.d.ts

@@ -1,5 +1,6 @@
 import type { DB } from '../db/index.js';
 import type { Sessions, HttpResponse, HttpRequest, HttpTokenResult } from './sessions.js';
+/** Configuration for multi-org sessions — base sessions, signing keys, org-select token TTL. */
 export interface MultiOrgConfig {
     readonly sessions: Sessions;
     readonly signing: {
@@ -15,32 +16,39 @@ export interface MultiOrgConfig {
     readonly table?: string;
     readonly resolveOrgNames?: (db: DB, orgIds: string[]) => Promise<Map<string, string>>;
 }
+/** A user's membership in an organization — userId, orgId, role. */
 export interface OrgMembership {
     readonly id: string;
     readonly orgId: string;
     readonly role: string | null;
     readonly joinedAt: Date;
 }
+/** Basic organization info — id and display name. */
 export interface OrgInfo {
     readonly id: string;
     readonly name: string;
 }
+/** Organization membership with display name — extends OrgMembership with org info. */
 export interface OrgMembershipDetail {
     readonly id: string;
     readonly name: string;
     readonly role: string | null;
 }
+/** Result when user has exactly one org — direct authentication, no org selection needed. */
 export interface AuthenticatedResult {
     readonly type: 'authenticated';
     readonly accessToken: string;
     readonly expiresIn: number;
 }
+/** Result when user has multiple orgs — returns a session token for org selection. */
 export interface OrgSelectResult {
     readonly type: 'org_select';
     readonly sessionToken: string;
     readonly orgs: readonly OrgInfo[];
 }
+/** Union result from resolveLogin() — either AuthenticatedResult or OrgSelectResult. */
 export type ResolveLoginResult = AuthenticatedResult | OrgSelectResult;
+/** Multi-org session manager — login resolution, org selection, switching, membership CRUD. */
 export interface MultiOrgSessions {
     resolveLogin(response: HttpResponse, db: DB, user: {
         id: string;
@@ -64,5 +72,6 @@ export interface MultiOrgSessions {
     }): Promise<void>;
     checkMembership(db: DB, userId: string, orgId: string): Promise<OrgMembership | null>;
 }
+/** Creates a multi-org session manager with org selection flow and membership management. */
 export declare function createMultiOrgSessions(config: MultiOrgConfig): MultiOrgSessions;
 //# sourceMappingURL=multi-org.d.ts.map

package/dist/auth/multi-org.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"multi-org.d.ts","sourceRoot":"","sources":["../../src/auth/multi-org.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,EAAE,EAAE,MAAM,gBAAgB,CAAA;AAGxC,OAAO,KAAK,EAAE,QAAQ,EAAE,YAAY,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,eAAe,CAAA;AAEzF,MAAM,WAAW,cAAc;IAC7B,QAAQ,CAAC,QAAQ,EAAE,QAAQ,CAAA;IAC3B,QAAQ,CAAC,OAAO,EAAE;QAAE,SAAS,EAAE,OAAO,CAAC;QAAC,UAAU,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE,CAAA;IAC/E,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;IACvB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAA;IACzB,QAAQ,CAAC,cAAc,CAAC,EAAE;QAAE,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,CAAA;IACzD,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAA;IACvB,QAAQ,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAA;CACtF;AAED,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAA;IACnB,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAA;IACtB,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI,CAAA;IAC5B,QAAQ,CAAC,QAAQ,EAAE,IAAI,CAAA;CACxB;AAED,MAAM,WAAW,OAAO;IACtB,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAA;IACnB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAA;CACtB;AAED,MAAM,WAAW,mBAAmB;IAClC,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAA;IACnB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAA;IACrB,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI,CAAA;CAC7B;AAED,MAAM,WAAW,mBAAmB;IAClC,QAAQ,CAAC,IAAI,EAAE,eAAe,CAAA;IAC9B,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAA;IAC5B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAA;CAC3B;AAED,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,IAAI,EAAE,YAAY,CAAA;IAC3B,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAA;IAC7B,QAAQ,CAAC,IAAI,EAAE,SAAS,OAAO,EAAE,CAAA;CAClC;AAED,MAAM,MAAM,kBAAkB,GAAG,mBAAmB,GAAG,eAAe,CAAA;AAEtE,MAAM,WAAW,gBAAgB;IAC/B,YAAY,CACV,QAAQ,EAAE,YAAY,EACtB,EAAE,EAAE,EAAE,EACN,IAAI,EAAE;QAAE,EAAE,EAAE,MAAM,CAAA;KAAE,GACnB,OAAO,CAAC,kBAAkB,CAAC,CAAA;IAE9B,SAAS,CACP,QAAQ,EAAE,YAAY,EACtB,EAAE,EAAE,EAAE,EACN,YAAY,EAAE,MAAM,EACpB,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,eAAe,CAAC,CAAA;IAE3B,SAAS,CACP,QAAQ,EAAE,YAAY,EACtB,EAAE,EAAE,EAAE,EACN,OAAO,EAAE,WAAW,EACpB,KAAK,EAAE,MAAM,EACb,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,eAAe,CAAC,CAAA;IAE3B,QAAQ,CACN,EAAE,EAAE,EAAE,EACN,MAAM,EAAE,MAAM,GACb,OAAO,CAAC;QAAE,IAAI,EAAE,SAAS,mBAAmB,EAAE,CAAA;KAAE,CAAC,CAAA;IAEpD,SAAS,CACP,EAAE,EAAE,EAAE,EACN,MAAM,EAAE;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,GACzE,OAAO,CAAC;QAAE,EAAE,EAAE,MAAM,CAAA;KAAE,CAAC,CAAA;IAE1B,YAAY,CACV,EAAE,EAAE,EAAE,EACN,MAAM,EAAE;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,GACxC,OAAO,CAAC,IAAI,CAAC,CAAA;IAEhB,eAAe,CACb,EAAE,EAAE,EAAE,EACN,MAAM,EAAE,MAAM,EACd,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,CAAA;CACjC;AAED,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,cAAc,GAAG,gBAAgB,CAoO/E"}
+{"version":3,"file":"multi-org.d.ts","sourceRoot":"","sources":["../../src/auth/multi-org.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,EAAE,EAAE,MAAM,gBAAgB,CAAA;AAGxC,OAAO,KAAK,EAAE,QAAQ,EAAE,YAAY,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,eAAe,CAAA;AAEzF,gGAAgG;AAChG,MAAM,WAAW,cAAc;IAC7B,QAAQ,CAAC,QAAQ,EAAE,QAAQ,CAAA;IAC3B,QAAQ,CAAC,OAAO,EAAE;QAAE,SAAS,EAAE,OAAO,CAAC;QAAC,UAAU,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE,CAAA;IAC/E,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;IACvB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAA;IACzB,QAAQ,CAAC,cAAc,CAAC,EAAE;QAAE,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,CAAA;IACzD,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAA;IACvB,QAAQ,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAA;CACtF;AAED,oEAAoE;AACpE,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAA;IACnB,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAA;IACtB,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI,CAAA;IAC5B,QAAQ,CAAC,QAAQ,EAAE,IAAI,CAAA;CACxB;AAED,qDAAqD;AACrD,MAAM,WAAW,OAAO;IACtB,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAA;IACnB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAA;CACtB;AAED,uFAAuF;AACvF,MAAM,WAAW,mBAAmB;IAClC,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAA;IACnB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAA;IACrB,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI,CAAA;CAC7B;AAED,6FAA6F;AAC7F,MAAM,WAAW,mBAAmB;IAClC,QAAQ,CAAC,IAAI,EAAE,eAAe,CAAA;IAC9B,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAA;IAC5B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAA;CAC3B;AAED,sFAAsF;AACtF,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,IAAI,EAAE,YAAY,CAAA;IAC3B,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAA;IAC7B,QAAQ,CAAC,IAAI,EAAE,SAAS,OAAO,EAAE,CAAA;CAClC;AAED,wFAAwF;AACxF,MAAM,MAAM,kBAAkB,GAAG,mBAAmB,GAAG,eAAe,CAAA;AAEtE,+FAA+F;AAC/F,MAAM,WAAW,gBAAgB;IAC/B,YAAY,CACV,QAAQ,EAAE,YAAY,EACtB,EAAE,EAAE,EAAE,EACN,IAAI,EAAE;QAAE,EAAE,EAAE,MAAM,CAAA;KAAE,GACnB,OAAO,CAAC,kBAAkB,CAAC,CAAA;IAE9B,SAAS,CACP,QAAQ,EAAE,YAAY,EACtB,EAAE,EAAE,EAAE,EACN,YAAY,EAAE,MAAM,EACpB,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,eAAe,CAAC,CAAA;IAE3B,SAAS,CACP,QAAQ,EAAE,YAAY,EACtB,EAAE,EAAE,EAAE,EACN,OAAO,EAAE,WAAW,EACpB,KAAK,EAAE,MAAM,EACb,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,eAAe,CAAC,CAAA;IAE3B,QAAQ,CACN,EAAE,EAAE,EAAE,EACN,MAAM,EAAE,MAAM,GACb,OAAO,CAAC;QAAE,IAAI,EAAE,SAAS,mBAAmB,EAAE,CAAA;KAAE,CAAC,CAAA;IAEpD,SAAS,CACP,EAAE,EAAE,EAAE,EACN,MAAM,EAAE;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,GACzE,OAAO,CAAC;QAAE,EAAE,EAAE,MAAM,CAAA;KAAE,CAAC,CAAA;IAE1B,YAAY,CACV,EAAE,EAAE,EAAE,EACN,MAAM,EAAE;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,GACxC,OAAO,CAAC,IAAI,CAAC,CAAA;IAEhB,eAAe,CACb,EAAE,EAAE,EAAE,EACN,MAAM,EAAE,MAAM,EACd,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,CAAA;CACjC;AAED,6FAA6F;AAC7F,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,cAAc,GAAG,gBAAgB,CAoO/E"}

package/dist/auth/multi-org.js

@@ -2,6 +2,7 @@ import { SignJWT, jwtVerify, importPKCS8, importSPKI } from 'jose';
 import { sql } from '../db/sql.js';
 import { ForbiddenError, UnauthorizedError, ConflictError, NotFoundError } from '../errors/index.js';
 import { assertValidIdentifier } from '../db/identifiers.js';
+/** Creates a multi-org session manager with org selection flow and membership management. */
 export function createMultiOrgSessions(config) {
     const tableName = config.table ?? 'pipework_user_orgs';
     assertValidIdentifier(tableName, 'multi-org membership table');

package/dist/auth/multi-org.js.map

@@ -1 +1 @@
-{"version":3,"file":"multi-org.js","sourceRoot":"","sources":["../../src/auth/multi-org.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,MAAM,CAAA;AAClE,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAA;AAElC,OAAO,EAAE,cAAc,EAAE,iBAAiB,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAA;AACpG,OAAO,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAA;AAyF5D,MAAM,UAAU,sBAAsB,CAAC,MAAsB;IAC3D,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,IAAI,oBAAoB,CAAA;IACtD,qBAAqB,CAAC,SAAS,EAAE,4BAA4B,CAAC,CAAA;IAC9D,MAAM,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,IAAI,SAAS,GAAG,CAAC,CAAA;IAEnC,MAAM,iBAAiB,GAAG,GAAG,MAAM,CAAC,QAAQ,aAAa,CAAA;IACzD,MAAM,kBAAkB,GAAG,MAAM,CAAC,cAAc,EAAE,SAAS,IAAI,KAAK,CAAA;IAEpE,IAAI,gBAAgB,GAAqB,IAAI,CAAA;IAC7C,IAAI,eAAe,GAAqB,IAAI,CAAA;IAE5C,KAAK,UAAU,aAAa;QAC1B,IAAI,gBAAgB,KAAK,IAAI,EAAE,CAAC;YAC9B,gBAAgB,GAAG,MAAM,WAAW,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,EAAE,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;QAC3F,CAAC;QACD,OAAO,gBAAgB,CAAA;IACzB,CAAC;IAED,KAAK,UAAU,YAAY;QACzB,IAAI,eAAe,KAAK,IAAI,EAAE,CAAC;YAC7B,eAAe,GAAG,MAAM,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,SAAS,EAAE,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;QACxF,CAAC;QACD,OAAO,eAAe,CAAA;IACxB,CAAC;IAED,SAAS,WAAW,CAAC,GAAW;QAC9B,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAA;QAC1C,IAAI,KAAK,KAAK,IAAI;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,GAAG,EAAE,CAAC,CAAA;QACpE,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAE,EAAE,EAAE,CAAC,CAAA;QACrC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;QACrB,QAAQ,IAAI,EAAE,CAAC;YACb,KAAK,GAAG,CAAC,CAAC,OAAO,KAAK,CAAA;YACtB,KAAK,GAAG,CAAC,CAAC,OAAO,KAAK,GAAG,EAAE,CAAA;YAC3B,KAAK,GAAG,CAAC,CAAC,OAAO,KAAK,GAAG,IAAI,CAAA;YAC7B,KAAK,GAAG,CAAC,CAAC,OAAO,KAAK,GAAG,KAAK,CAAA;YAC9B,OAAO,CAAC,CAAC,OAAO,KAAK,CAAA;QACvB,CAAC;IACH,CAAC;IAED,KAAK,UAAU,kBAAkB,CAAC,MAAc;QAC9C,MAAM,GAAG,GAAG,MAAM,aAAa,EAAE,CAAA;QACjC,MAAM,gBAAgB,GAAG,WAAW,CAAC,kBAAkB,CAAC,CAAA;QACxD,OAAO,IAAI,OAAO,CAAC,EAAE,OAAO,EAAE,YAAY,EAAE,CAAC;aAC1C,kBAAkB,CAAC,EAAE,GAAG,EAAE,MAAM,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;aACrD,UAAU,CAAC,MAAM,CAAC;aAClB,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC;aACxB,WAAW,CAAC,iBAAiB,CAAC;aAC9B,WAAW,EAAE;aACb,iBAAiB,CAAC,GAAG,gBAAgB,GAAG,CAAC;aACzC,IAAI,CAAC,GAAG,CAAC,CAAA;IACd,CAAC;IAED,KAAK,UAAU,oBAAoB,CAAC,KAAa;QAC/C,MAAM,GAAG,GAAG,MAAM,YAAY,EAAE,CAAA;QAChC,IAAI,CAAC;YACH,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,SAAS,CAAC,KAAK,EAAE,GAAG,EAAE;gBAC9C,UAAU,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC;gBACtC,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,QAAQ,EAAE,iBAAiB;aAC5B,CAAC,CAAA;YACF,IAAI,OAAO,CAAC,SAAS,CAAC,KAAK,YAAY,EAAE,CAAC;gBACxC,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAA;YAClC,CAAC;YACD,OAAO,OAAO,CAAC,GAAI,CAAA;QACrB,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,iBAAiB,CACzB,uEAAuE,CACxE,CAAA;QACH,CAAC;IACH,CAAC;IAED,KAAK,UAAU,iBAAiB,CAAC,EAAM,EAAE,MAAc,EAAE,KAAa;QACpE,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,OAAO,CAC3B,GAAG,CAAA,iBAAiB,CAAC,oBAAoB,MAAM,iBAAiB,KAAK,EAAE,CACxE,CAAA;QACD,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtB,MAAM,IAAI,cAAc,CAAC,4CAA4C,CAAC,CAAA;QACxE,CAAC;IACH,CAAC;IAED,KAAK,UAAU,YAAY,CACzB,QAAsB,EACtB,EAAM,EACN,IAAoB;QAEpB,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,OAAO,CAC3B,GAAG,CAAA,4BAA4B,CAAC,oBAAoB,IAAI,CAAC,EAAE,qBAAqB,CACjF,CAAA;QAED,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtB,MAAM,IAAI,cAAc,CACtB,kGAAkG,CACnG,CAAA;QACH,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtB,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,CAAE,CAAC,QAAQ,CAAW,CAAA;YAC1C,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,eAAe,CAAC,QAAQ,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,CAAA;YACpG,OAAO,EAAE,IAAI,EAAE,eAAe,EAAE,WAAW,EAAE,MAAM,CAAC,WAAW,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,CAAA;QAChG,CAAC;QAED,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAW,CAAC,CAAA;QACnD,IAAI,QAAQ,GAA+B,IAAI,CAAA;QAC/C,IAAI,MAAM,CAAC,eAAe,KAAK,SAAS,EAAE,CAAC;YACzC,QAAQ,GAAG,MAAM,MAAM,CAAC,eAAe,CAAC,EAAE,EAAE,MAAM,CAAC,CAAA;QACrD,CAAC;QAED,MAAM,IAAI,GAAc,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;YACxC,EAAE;YACF,IAAI,EAAE,QAAQ,EAAE,GAAG,CAAC,EAAE,CAAC,IAAI,EAAE;SAC9B,CAAC,CAAC,CAAA;QAEH,MAAM,YAAY,GAAG,MAAM,kBAAkB,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACtD,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,YAAY,EAAE,IAAI,EAAE,CAAA;IACnD,CAAC;IAED,KAAK,UAAU,SAAS,CACtB,QAAsB,EACtB,EAAM,EACN,YAAoB,EACpB,KAAa;QAEb,MAAM,MAAM,GAAG,MAAM,oBAAoB,CAAC,YAAY,CAAC,CAAA;QACvD,MAAM,iBAAiB,CAAC,EAAE,EAAE,MAAM,EAAE,KAAK,CAAC,CAAA;QAC1C,OAAO,MAAM,CAAC,QAAQ,CAAC,eAAe,CAAC,QAAQ,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,CAAA;IACvF,CAAC;IAED,KAAK,UAAU,SAAS,CACtB,QAAsB,EACtB,EAAM,EACN,QAAqB,EACrB,KAAa,EACb,MAAc;QAEd,MAAM,iBAAiB,CAAC,EAAE,EAAE,MAAM,EAAE,KAAK,CAAC,CAAA;QAC1C,OAAO,MAAM,CAAC,QAAQ,CAAC,eAAe,CAAC,QAAQ,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,CAAA;IACvF,CAAC;IAED,KAAK,UAAU,QAAQ,CACrB,EAAM,EACN,MAAc;QAEd,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,OAAO,CAC3B,GAAG,CAAA,4BAA4B,CAAC,oBAAoB,MAAM,qBAAqB,CAChF,CAAA;QAED,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAW,CAAC,CAAA;QACnD,IAAI,QAAQ,GAA+B,IAAI,CAAA;QAC/C,IAAI,MAAM,CAAC,eAAe,KAAK,SAAS,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC9D,QAAQ,GAAG,MAAM,MAAM,CAAC,eAAe,CAAC,EAAE,EAAE,MAAM,CAAC,CAAA;QACrD,CAAC;QAED,MAAM,IAAI,GAA0B,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE;YAC/C,MAAM,KAAK,GAAG,CAAC,CAAC,QAAQ,CAAW,CAAA;YACnC,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,QAAQ,EAAE,GAAG,CAAC,KAAK,CAAC,IAAI,KAAK;gBACnC,IAAI,EAAG,CAAC,CAAC,MAAM,CAAmB,IAAI,IAAI;aAC3C,CAAA;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,EAAE,IAAI,EAAE,CAAA;IACjB,CAAC;IAED,KAAK,UAAU,SAAS,CACtB,EAAM,EACN,MAA0E;QAE1E,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,IAAI,IAAI,CAAA;QAChC,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,IAAI,CAAA;QACtC,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,OAAO,CAC3B,GAAG,CAAA,eAAe,CAAC;oBACL,MAAM,CAAC,MAAM,KAAK,MAAM,CAAC,KAAK,KAAK,IAAI,KAAK,OAAO;;uBAEhD,CAClB,CAAA;QAED,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtB,MAAM,IAAI,aAAa,CAAC,gDAAgD,CAAC,CAAA;QAC3E,CAAC;QAED,OAAO,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC,CAAE,CAAC,IAAI,CAAW,EAAE,CAAA;IACzC,CAAC;IAED,KAAK,UAAU,YAAY,CACzB,EAAM,EACN,MAAyC;QAEzC,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,OAAO,CAC3B,GAAG,CAAA,eAAe,CAAC,oBAAoB,MAAM,CAAC,MAAM,iBAAiB,MAAM,CAAC,KAAK,eAAe,CACjG,CAAA;QAED,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtB,MAAM,IAAI,aAAa,CAAC,YAAY,CAAC,CAAA;QACvC,CAAC;QAED,MAAM,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,EAAE,MAAM,CAAC,MAAM,CAAC,CAAA;IACtD,CAAC;IAED,KAAK,UAAU,iBAAiB,CAC9B,EAAM,EACN,MAAc,EACd,KAAa;QAEb,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,OAAO,CAC3B,GAAG,CAAA,2CAA2C,CAAC,oBAAoB,MAAM,iBAAiB,KAAK,EAAE,CAClG,CAAA;QAED,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,IAAI,CAAA;QAElC,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAE,CAAA;QACpB,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,IAAI,CAAW;YACvB,KAAK,EAAE,GAAG,CAAC,QAAQ,CAAW;YAC9B,IAAI,EAAG,GAAG,CAAC,MAAM,CAAmB,IAAI,IAAI;YAC5C,QAAQ,EAAE,IAAI,IAAI,CAAC,GAAG,CAAC,WAAW,CAAW,CAAC;SAC/C,CAAA;IACH,CAAC;IAED,OAAO;QACL,YAAY;QACZ,SAAS;QACT,SAAS;QACT,QAAQ;QACR,SAAS;QACT,YAAY;QACZ,eAAe,EAAE,iBAAiB;KACnC,CAAA;AACH,CAAC"}
+{"version":3,"file":"multi-org.js","sourceRoot":"","sources":["../../src/auth/multi-org.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,MAAM,CAAA;AAClE,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAA;AAElC,OAAO,EAAE,cAAc,EAAE,iBAAiB,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAA;AACpG,OAAO,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAA;AAiG5D,6FAA6F;AAC7F,MAAM,UAAU,sBAAsB,CAAC,MAAsB;IAC3D,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,IAAI,oBAAoB,CAAA;IACtD,qBAAqB,CAAC,SAAS,EAAE,4BAA4B,CAAC,CAAA;IAC9D,MAAM,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,IAAI,SAAS,GAAG,CAAC,CAAA;IAEnC,MAAM,iBAAiB,GAAG,GAAG,MAAM,CAAC,QAAQ,aAAa,CAAA;IACzD,MAAM,kBAAkB,GAAG,MAAM,CAAC,cAAc,EAAE,SAAS,IAAI,KAAK,CAAA;IAEpE,IAAI,gBAAgB,GAAqB,IAAI,CAAA;IAC7C,IAAI,eAAe,GAAqB,IAAI,CAAA;IAE5C,KAAK,UAAU,aAAa;QAC1B,IAAI,gBAAgB,KAAK,IAAI,EAAE,CAAC;YAC9B,gBAAgB,GAAG,MAAM,WAAW,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,EAAE,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;QAC3F,CAAC;QACD,OAAO,gBAAgB,CAAA;IACzB,CAAC;IAED,KAAK,UAAU,YAAY;QACzB,IAAI,eAAe,KAAK,IAAI,EAAE,CAAC;YAC7B,eAAe,GAAG,MAAM,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,SAAS,EAAE,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;QACxF,CAAC;QACD,OAAO,eAAe,CAAA;IACxB,CAAC;IAED,SAAS,WAAW,CAAC,GAAW;QAC9B,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAA;QAC1C,IAAI,KAAK,KAAK,IAAI;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,GAAG,EAAE,CAAC,CAAA;QACpE,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAE,EAAE,EAAE,CAAC,CAAA;QACrC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;QACrB,QAAQ,IAAI,EAAE,CAAC;YACb,KAAK,GAAG,CAAC,CAAC,OAAO,KAAK,CAAA;YACtB,KAAK,GAAG,CAAC,CAAC,OAAO,KAAK,GAAG,EAAE,CAAA;YAC3B,KAAK,GAAG,CAAC,CAAC,OAAO,KAAK,GAAG,IAAI,CAAA;YAC7B,KAAK,GAAG,CAAC,CAAC,OAAO,KAAK,GAAG,KAAK,CAAA;YAC9B,OAAO,CAAC,CAAC,OAAO,KAAK,CAAA;QACvB,CAAC;IACH,CAAC;IAED,KAAK,UAAU,kBAAkB,CAAC,MAAc;QAC9C,MAAM,GAAG,GAAG,MAAM,aAAa,EAAE,CAAA;QACjC,MAAM,gBAAgB,GAAG,WAAW,CAAC,kBAAkB,CAAC,CAAA;QACxD,OAAO,IAAI,OAAO,CAAC,EAAE,OAAO,EAAE,YAAY,EAAE,CAAC;aAC1C,kBAAkB,CAAC,EAAE,GAAG,EAAE,MAAM,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;aACrD,UAAU,CAAC,MAAM,CAAC;aAClB,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC;aACxB,WAAW,CAAC,iBAAiB,CAAC;aAC9B,WAAW,EAAE;aACb,iBAAiB,CAAC,GAAG,gBAAgB,GAAG,CAAC;aACzC,IAAI,CAAC,GAAG,CAAC,CAAA;IACd,CAAC;IAED,KAAK,UAAU,oBAAoB,CAAC,KAAa;QAC/C,MAAM,GAAG,GAAG,MAAM,YAAY,EAAE,CAAA;QAChC,IAAI,CAAC;YACH,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,SAAS,CAAC,KAAK,EAAE,GAAG,EAAE;gBAC9C,UAAU,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC;gBACtC,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,QAAQ,EAAE,iBAAiB;aAC5B,CAAC,CAAA;YACF,IAAI,OAAO,CAAC,SAAS,CAAC,KAAK,YAAY,EAAE,CAAC;gBACxC,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAA;YAClC,CAAC;YACD,OAAO,OAAO,CAAC,GAAI,CAAA;QACrB,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,iBAAiB,CACzB,uEAAuE,CACxE,CAAA;QACH,CAAC;IACH,CAAC;IAED,KAAK,UAAU,iBAAiB,CAAC,EAAM,EAAE,MAAc,EAAE,KAAa;QACpE,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,OAAO,CAC3B,GAAG,CAAA,iBAAiB,CAAC,oBAAoB,MAAM,iBAAiB,KAAK,EAAE,CACxE,CAAA;QACD,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtB,MAAM,IAAI,cAAc,CAAC,4CAA4C,CAAC,CAAA;QACxE,CAAC;IACH,CAAC;IAED,KAAK,UAAU,YAAY,CACzB,QAAsB,EACtB,EAAM,EACN,IAAoB;QAEpB,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,OAAO,CAC3B,GAAG,CAAA,4BAA4B,CAAC,oBAAoB,IAAI,CAAC,EAAE,qBAAqB,CACjF,CAAA;QAED,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtB,MAAM,IAAI,cAAc,CACtB,kGAAkG,CACnG,CAAA;QACH,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtB,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,CAAE,CAAC,QAAQ,CAAW,CAAA;YAC1C,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,eAAe,CAAC,QAAQ,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,CAAA;YACpG,OAAO,EAAE,IAAI,EAAE,eAAe,EAAE,WAAW,EAAE,MAAM,CAAC,WAAW,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,CAAA;QAChG,CAAC;QAED,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAW,CAAC,CAAA;QACnD,IAAI,QAAQ,GAA+B,IAAI,CAAA;QAC/C,IAAI,MAAM,CAAC,eAAe,KAAK,SAAS,EAAE,CAAC;YACzC,QAAQ,GAAG,MAAM,MAAM,CAAC,eAAe,CAAC,EAAE,EAAE,MAAM,CAAC,CAAA;QACrD,CAAC;QAED,MAAM,IAAI,GAAc,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;YACxC,EAAE;YACF,IAAI,EAAE,QAAQ,EAAE,GAAG,CAAC,EAAE,CAAC,IAAI,EAAE;SAC9B,CAAC,CAAC,CAAA;QAEH,MAAM,YAAY,GAAG,MAAM,kBAAkB,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACtD,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,YAAY,EAAE,IAAI,EAAE,CAAA;IACnD,CAAC;IAED,KAAK,UAAU,SAAS,CACtB,QAAsB,EACtB,EAAM,EACN,YAAoB,EACpB,KAAa;QAEb,MAAM,MAAM,GAAG,MAAM,oBAAoB,CAAC,YAAY,CAAC,CAAA;QACvD,MAAM,iBAAiB,CAAC,EAAE,EAAE,MAAM,EAAE,KAAK,CAAC,CAAA;QAC1C,OAAO,MAAM,CAAC,QAAQ,CAAC,eAAe,CAAC,QAAQ,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,CAAA;IACvF,CAAC;IAED,KAAK,UAAU,SAAS,CACtB,QAAsB,EACtB,EAAM,EACN,QAAqB,EACrB,KAAa,EACb,MAAc;QAEd,MAAM,iBAAiB,CAAC,EAAE,EAAE,MAAM,EAAE,KAAK,CAAC,CAAA;QAC1C,OAAO,MAAM,CAAC,QAAQ,CAAC,eAAe,CAAC,QAAQ,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,CAAA;IACvF,CAAC;IAED,KAAK,UAAU,QAAQ,CACrB,EAAM,EACN,MAAc;QAEd,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,OAAO,CAC3B,GAAG,CAAA,4BAA4B,CAAC,oBAAoB,MAAM,qBAAqB,CAChF,CAAA;QAED,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAW,CAAC,CAAA;QACnD,IAAI,QAAQ,GAA+B,IAAI,CAAA;QAC/C,IAAI,MAAM,CAAC,eAAe,KAAK,SAAS,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC9D,QAAQ,GAAG,MAAM,MAAM,CAAC,eAAe,CAAC,EAAE,EAAE,MAAM,CAAC,CAAA;QACrD,CAAC;QAED,MAAM,IAAI,GAA0B,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE;YAC/C,MAAM,KAAK,GAAG,CAAC,CAAC,QAAQ,CAAW,CAAA;YACnC,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,QAAQ,EAAE,GAAG,CAAC,KAAK,CAAC,IAAI,KAAK;gBACnC,IAAI,EAAG,CAAC,CAAC,MAAM,CAAmB,IAAI,IAAI;aAC3C,CAAA;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,EAAE,IAAI,EAAE,CAAA;IACjB,CAAC;IAED,KAAK,UAAU,SAAS,CACtB,EAAM,EACN,MAA0E;QAE1E,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,IAAI,IAAI,CAAA;QAChC,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,IAAI,CAAA;QACtC,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,OAAO,CAC3B,GAAG,CAAA,eAAe,CAAC;oBACL,MAAM,CAAC,MAAM,KAAK,MAAM,CAAC,KAAK,KAAK,IAAI,KAAK,OAAO;;uBAEhD,CAClB,CAAA;QAED,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtB,MAAM,IAAI,aAAa,CAAC,gDAAgD,CAAC,CAAA;QAC3E,CAAC;QAED,OAAO,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC,CAAE,CAAC,IAAI,CAAW,EAAE,CAAA;IACzC,CAAC;IAED,KAAK,UAAU,YAAY,CACzB,EAAM,EACN,MAAyC;QAEzC,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,OAAO,CAC3B,GAAG,CAAA,eAAe,CAAC,oBAAoB,MAAM,CAAC,MAAM,iBAAiB,MAAM,CAAC,KAAK,eAAe,CACjG,CAAA;QAED,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtB,MAAM,IAAI,aAAa,CAAC,YAAY,CAAC,CAAA;QACvC,CAAC;QAED,MAAM,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,EAAE,MAAM,CAAC,MAAM,CAAC,CAAA;IACtD,CAAC;IAED,KAAK,UAAU,iBAAiB,CAC9B,EAAM,EACN,MAAc,EACd,KAAa;QAEb,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,OAAO,CAC3B,GAAG,CAAA,2CAA2C,CAAC,oBAAoB,MAAM,iBAAiB,KAAK,EAAE,CAClG,CAAA;QAED,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,IAAI,CAAA;QAElC,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAE,CAAA;QACpB,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,IAAI,CAAW;YACvB,KAAK,EAAE,GAAG,CAAC,QAAQ,CAAW;YAC9B,IAAI,EAAG,GAAG,CAAC,MAAM,CAAmB,IAAI,IAAI;YAC5C,QAAQ,EAAE,IAAI,IAAI,CAAC,GAAG,CAAC,WAAW,CAAW,CAAC;SAC/C,CAAA;IACH,CAAC;IAED,OAAO;QACL,YAAY;QACZ,SAAS;QACT,SAAS;QACT,QAAQ;QACR,SAAS;QACT,YAAY;QACZ,eAAe,EAAE,iBAAiB;KACnC,CAAA;AACH,CAAC"}

package/dist/auth/namespace.d.ts

@@ -2,13 +2,21 @@ import { createSessions } from './sessions.js';
 import { createMultiOrgSessions } from './multi-org.js';
 import { runAuthChain } from './chain.js';
 import { resolveCookieConfig, parseCookieHeader, buildSetCookieHeader, buildClearCookieHeader } from './cookie.js';
+/** Authentication namespace — session management, multi-org support, auth chain resolution. */
 export declare const auth: {
+    /** Creates a Sessions manager with JWT access/refresh tokens, rotation, and reuse detection. */
     createSessions: typeof createSessions;
+    /** Creates multi-org session management — org selection, switching, membership CRUD. */
     createMultiOrg: typeof createMultiOrgSessions;
+    /** Executes an auth chain (strategy pipeline) to resolve auth + tenant from a request. */
     runChain: typeof runAuthChain;
+    /** Resolves CookieConfig with defaults for secure cookie-based token delivery. */
     resolveCookie: typeof resolveCookieConfig;
+    /** Parses a Cookie header string into key-value pairs. */
     parseCookie: typeof parseCookieHeader;
+    /** Builds a Set-Cookie header string from name, value, and CookieConfig. */
     buildSetCookie: typeof buildSetCookieHeader;
+    /** Builds a Set-Cookie header that clears (expires) a cookie. */
     buildClearCookie: typeof buildClearCookieHeader;
 };
 //# sourceMappingURL=namespace.d.ts.map

package/dist/auth/namespace.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"namespace.d.ts","sourceRoot":"","sources":["../../src/auth/namespace.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAA;AAC9C,OAAO,EAAE,sBAAsB,EAAE,MAAM,gBAAgB,CAAA;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,YAAY,CAAA;AACzC,OAAO,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,oBAAoB,EAAE,sBAAsB,EAAE,MAAM,aAAa,CAAA;AAElH,eAAO,MAAM,IAAI;;;;;;;;CAQhB,CAAA"}
+{"version":3,"file":"namespace.d.ts","sourceRoot":"","sources":["../../src/auth/namespace.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAA;AAC9C,OAAO,EAAE,sBAAsB,EAAE,MAAM,gBAAgB,CAAA;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,YAAY,CAAA;AACzC,OAAO,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,oBAAoB,EAAE,sBAAsB,EAAE,MAAM,aAAa,CAAA;AAElH,+FAA+F;AAC/F,eAAO,MAAM,IAAI;IACf,gGAAgG;;IAEhG,wFAAwF;;IAExF,0FAA0F;;IAE1F,kFAAkF;;IAElF,0DAA0D;;IAE1D,4EAA4E;;IAE5E,iEAAiE;;CAElE,CAAA"}

package/dist/auth/namespace.js

@@ -2,13 +2,21 @@ import { createSessions } from './sessions.js';
 import { createMultiOrgSessions } from './multi-org.js';
 import { runAuthChain } from './chain.js';
 import { resolveCookieConfig, parseCookieHeader, buildSetCookieHeader, buildClearCookieHeader } from './cookie.js';
+/** Authentication namespace — session management, multi-org support, auth chain resolution. */
 export const auth = {
+    /** Creates a Sessions manager with JWT access/refresh tokens, rotation, and reuse detection. */
     createSessions,
+    /** Creates multi-org session management — org selection, switching, membership CRUD. */
     createMultiOrg: createMultiOrgSessions,
+    /** Executes an auth chain (strategy pipeline) to resolve auth + tenant from a request. */
     runChain: runAuthChain,
+    /** Resolves CookieConfig with defaults for secure cookie-based token delivery. */
     resolveCookie: resolveCookieConfig,
+    /** Parses a Cookie header string into key-value pairs. */
     parseCookie: parseCookieHeader,
+    /** Builds a Set-Cookie header string from name, value, and CookieConfig. */
     buildSetCookie: buildSetCookieHeader,
+    /** Builds a Set-Cookie header that clears (expires) a cookie. */
     buildClearCookie: buildClearCookieHeader,
 };
 //# sourceMappingURL=namespace.js.map

package/dist/auth/namespace.js.map

@@ -1 +1 @@
-{"version":3,"file":"namespace.js","sourceRoot":"","sources":["../../src/auth/namespace.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAA;AAC9C,OAAO,EAAE,sBAAsB,EAAE,MAAM,gBAAgB,CAAA;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,YAAY,CAAA;AACzC,OAAO,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,oBAAoB,EAAE,sBAAsB,EAAE,MAAM,aAAa,CAAA;AAElH,MAAM,CAAC,MAAM,IAAI,GAAG;IAClB,cAAc;IACd,cAAc,EAAE,sBAAsB;IACtC,QAAQ,EAAE,YAAY;IACtB,aAAa,EAAE,mBAAmB;IAClC,WAAW,EAAE,iBAAiB;IAC9B,cAAc,EAAE,oBAAoB;IACpC,gBAAgB,EAAE,sBAAsB;CACzC,CAAA"}
+{"version":3,"file":"namespace.js","sourceRoot":"","sources":["../../src/auth/namespace.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAA;AAC9C,OAAO,EAAE,sBAAsB,EAAE,MAAM,gBAAgB,CAAA;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,YAAY,CAAA;AACzC,OAAO,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,oBAAoB,EAAE,sBAAsB,EAAE,MAAM,aAAa,CAAA;AAElH,+FAA+F;AAC/F,MAAM,CAAC,MAAM,IAAI,GAAG;IAClB,gGAAgG;IAChG,cAAc;IACd,wFAAwF;IACxF,cAAc,EAAE,sBAAsB;IACtC,0FAA0F;IAC1F,QAAQ,EAAE,YAAY;IACtB,kFAAkF;IAClF,aAAa,EAAE,mBAAmB;IAClC,0DAA0D;IAC1D,WAAW,EAAE,iBAAiB;IAC9B,4EAA4E;IAC5E,cAAc,EAAE,oBAAoB;IACpC,iEAAiE;IACjE,gBAAgB,EAAE,sBAAsB;CACzC,CAAA"}

package/dist/auth/sessions.d.ts

@@ -1,6 +1,7 @@
 import type { DB } from '../db/index.js';
 import type { CookieConfig } from './cookie.js';
 import type { HttpRequest, HttpResponse } from '../http/types.js';
+/** Session configuration — signing keys, issuer, audience, token TTLs, refresh rotation. */
 export interface SessionConfig {
     readonly signing: {
         algorithm: 'ES256';
@@ -23,22 +24,26 @@ export interface SessionConfig {
     readonly resolveRoles?: (db: DB, userId: string, tenantId: string) => Promise<string[]>;
     readonly environment?: string;
 }
+/** Access + refresh token pair returned by issueTokens(). */
 export interface TokenPair {
     readonly accessToken: string;
     readonly refreshToken: string;
     readonly expiresIn: number;
 }
+/** Decoded JWT payload — userId, tenantId, roles, version. */
 export interface TokenPayload {
     readonly sub: string;
     readonly tid: string;
     readonly av: number;
     readonly roles: string[] | undefined;
 }
+/** Result from HTTP token operations — the token pair plus whether cookies were set. */
 export interface HttpTokenResult {
     readonly accessToken: string;
     readonly expiresIn: number;
 }
 export type { HttpRequest, HttpResponse };
+/** Session manager with JWT issue/refresh/revoke lifecycle and cookie-based HTTP helpers. */
 export interface Sessions {
     issueTokens(db: DB, user: {
         id: string;
@@ -60,5 +65,6 @@ export interface Sessions {
     revokeHttp(response: HttpResponse, db: DB, request: HttpRequest): Promise<void>;
     revokeAllHttp(response: HttpResponse, db: DB, userId: string): Promise<void>;
 }
+/** Creates a Sessions manager with JWT access/refresh tokens, rotation, reuse detection, and cookie helpers. */
 export declare function createSessions(config: SessionConfig): Sessions;
 //# sourceMappingURL=sessions.d.ts.map

package/dist/auth/sessions.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"sessions.d.ts","sourceRoot":"","sources":["../../src/auth/sessions.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,EAAE,EAAE,MAAM,gBAAgB,CAAA;AAExC,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,aAAa,CAAA;AAG/C,OAAO,KAAK,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAA;AAEjE,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,OAAO,EAAE;QAAE,SAAS,EAAE,OAAO,CAAC;QAAC,UAAU,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE,CAAA;IAC/E,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;IACvB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAA;IACzB,QAAQ,CAAC,WAAW,EAAE;QAAE,SAAS,EAAE,MAAM,CAAA;KAAE,CAAA;IAC3C,QAAQ,CAAC,YAAY,EAAE;QAAE,SAAS,EAAE,MAAM,CAAC;QAAC,WAAW,EAAE,OAAO,CAAC;QAAC,cAAc,EAAE,OAAO,CAAC;QAAC,MAAM,CAAC,EAAE,YAAY,CAAA;KAAE,CAAA;IAClH,QAAQ,CAAC,YAAY,EAAE,OAAO,CAAA;IAC9B,QAAQ,CAAC,iBAAiB,CAAC,EAAE,MAAM,CAAA;IACnC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,EAAE,CAAC,CAAA;IACvF,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAA;CAC9B;AAED,MAAM,WAAW,SAAS;IACxB,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAA;IAC5B,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAA;IAC7B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAA;CAC3B;AAED,MAAM,WAAW,YAAY;IAC3B,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAA;IACpB,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAA;IACpB,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAA;IACnB,QAAQ,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,SAAS,CAAA;CACrC;AAED,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAA;IAC5B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAA;CAC3B;AAED,YAAY,EAAE,WAAW,EAAE,YAAY,EAAE,CAAA;AAEzC,MAAM,WAAW,QAAQ;IACvB,WAAW,CAAC,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE,GAAG,OAAO,CAAC,SAAS,CAAC,CAAA;IACjG,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC,CAAA;IACzD,SAAS,CAAC,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;IAChD,WAAW,CAAC,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;IAClD,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAA;IACvD,YAAY,CAAC,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAA;IAC5E,kBAAkB,CAAC,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;IAC3C,eAAe,CAAC,QAAQ,EAAE,YAAY,EAAE,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE,GAAG,OAAO,CAAC,eAAe,CAAC,CAAA;IACnI,WAAW,CAAC,QAAQ,EAAE,YAAY,EAAE,EAAE,EAAE,EAAE,EAAE,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,eAAe,CAAC,CAAA;IAC3F,UAAU,CAAC,QAAQ,EAAE,YAAY,EAAE,EAAE,EAAE,EAAE,EAAE,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;IAC/E,aAAa,CAAC,QAAQ,EAAE,YAAY,EAAE,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;CAC7E;AAED,wBAAgB,cAAc,CAAC,MAAM,EAAE,aAAa,GAAG,QAAQ,CAmQ9D"}
+{"version":3,"file":"sessions.d.ts","sourceRoot":"","sources":["../../src/auth/sessions.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,EAAE,EAAE,MAAM,gBAAgB,CAAA;AAExC,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,aAAa,CAAA;AAG/C,OAAO,KAAK,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAA;AAEjE,4FAA4F;AAC5F,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,OAAO,EAAE;QAAE,SAAS,EAAE,OAAO,CAAC;QAAC,UAAU,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE,CAAA;IAC/E,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;IACvB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAA;IACzB,QAAQ,CAAC,WAAW,EAAE;QAAE,SAAS,EAAE,MAAM,CAAA;KAAE,CAAA;IAC3C,QAAQ,CAAC,YAAY,EAAE;QAAE,SAAS,EAAE,MAAM,CAAC;QAAC,WAAW,EAAE,OAAO,CAAC;QAAC,cAAc,EAAE,OAAO,CAAC;QAAC,MAAM,CAAC,EAAE,YAAY,CAAA;KAAE,CAAA;IAClH,QAAQ,CAAC,YAAY,EAAE,OAAO,CAAA;IAC9B,QAAQ,CAAC,iBAAiB,CAAC,EAAE,MAAM,CAAA;IACnC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,EAAE,CAAC,CAAA;IACvF,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAA;CAC9B;AAED,6DAA6D;AAC7D,MAAM,WAAW,SAAS;IACxB,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAA;IAC5B,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAA;IAC7B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAA;CAC3B;AAED,8DAA8D;AAC9D,MAAM,WAAW,YAAY;IAC3B,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAA;IACpB,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAA;IACpB,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAA;IACnB,QAAQ,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,SAAS,CAAA;CACrC;AAED,wFAAwF;AACxF,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAA;IAC5B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAA;CAC3B;AAED,YAAY,EAAE,WAAW,EAAE,YAAY,EAAE,CAAA;AAEzC,6FAA6F;AAC7F,MAAM,WAAW,QAAQ;IACvB,WAAW,CAAC,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE,GAAG,OAAO,CAAC,SAAS,CAAC,CAAA;IACjG,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC,CAAA;IACzD,SAAS,CAAC,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;IAChD,WAAW,CAAC,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;IAClD,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAA;IACvD,YAAY,CAAC,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAA;IAC5E,kBAAkB,CAAC,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;IAC3C,eAAe,CAAC,QAAQ,EAAE,YAAY,EAAE,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE,GAAG,OAAO,CAAC,eAAe,CAAC,CAAA;IACnI,WAAW,CAAC,QAAQ,EAAE,YAAY,EAAE,EAAE,EAAE,EAAE,EAAE,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,eAAe,CAAC,CAAA;IAC3F,UAAU,CAAC,QAAQ,EAAE,YAAY,EAAE,EAAE,EAAE,EAAE,EAAE,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;IAC/E,aAAa,CAAC,QAAQ,EAAE,YAAY,EAAE,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;CAC7E;AAED,gHAAgH;AAChH,wBAAgB,cAAc,CAAC,MAAM,EAAE,aAAa,GAAG,QAAQ,CAmQ9D"}

package/dist/auth/sessions.js

@@ -2,6 +2,7 @@ import { SignJWT, jwtVerify, importPKCS8, importSPKI } from 'jose';
 import { sql } from '../db/sql.js';
 import { UnauthorizedError } from '../errors/index.js';
 import { resolveCookieConfig, buildSetCookieHeader, buildClearCookieHeader, parseCookieHeader } from './cookie.js';
+/** Creates a Sessions manager with JWT access/refresh tokens, rotation, reuse detection, and cookie helpers. */
 export function createSessions(config) {
     const environment = config.environment ?? 'production';
     if (environment === 'production') {

package/dist/auth/sessions.js.map

@@ -1 +1 @@
-{"version":3,"file":"sessions.js","sourceRoot":"","sources":["../../src/auth/sessions.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,MAAM,CAAA;AAClE,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAA;AAElC,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAA;AAEtD,OAAO,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,sBAAsB,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAA;AAkDlH,MAAM,UAAU,cAAc,CAAC,MAAqB;IAClD,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,YAAY,CAAA;IACtD,IAAI,WAAW,KAAK,YAAY,EAAE,CAAC;QACjC,mBAAmB,CAAC,MAAM,CAAC,CAAA;IAC7B,CAAC;IAED,IAAI,UAAU,GAAqB,IAAI,CAAA;IACvC,IAAI,SAAS,GAAqB,IAAI,CAAA;IACtC,MAAM,YAAY,GAAG,IAAI,GAAG,EAAkD,CAAA;IAC9E,MAAM,QAAQ,GAAG,MAAM,CAAC,iBAAiB,IAAI,MAAM,CAAA;IAEnD,KAAK,UAAU,aAAa;QAC1B,IAAI,CAAC,UAAU;YAAE,UAAU,GAAG,MAAM,WAAW,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,EAAE,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;QACpG,OAAO,UAAU,CAAA;IACnB,CAAC;IAED,KAAK,UAAU,YAAY;QACzB,IAAI,CAAC,SAAS;YAAE,SAAS,GAAG,MAAM,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,SAAS,EAAE,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;QAChG,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,SAAS,WAAW,CAAC,GAAW;QAC9B,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAA;QAC1C,IAAI,CAAC,KAAK;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,GAAG,EAAE,CAAC,CAAA;QAC5D,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAE,EAAE,EAAE,CAAC,CAAA;QACrC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;QACrB,QAAQ,IAAI,EAAE,CAAC;YACb,KAAK,GAAG,CAAC,CAAC,OAAO,KAAK,CAAA;YACtB,KAAK,GAAG,CAAC,CAAC,OAAO,KAAK,GAAG,EAAE,CAAA;YAC3B,KAAK,GAAG,CAAC,CAAC,OAAO,KAAK,GAAG,IAAI,CAAA;YAC7B,KAAK,GAAG,CAAC,CAAC,OAAO,KAAK,GAAG,KAAK,CAAA;YAC9B,OAAO,CAAC,CAAC,OAAO,KAAK,CAAA;QACvB,CAAC;IACH,CAAC;IAED,KAAK,UAAU,kBAAkB,CAAC,EAAM,EAAE,MAAc;QACtD,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,OAAO,CAC3B,GAAG,CAAA,iEAAiE,MAAM;;4BAEpD,CACvB,CAAA;QACD,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,IAAI,CAAC,CAAC,CAAE,CAAC,SAAS,CAAW,CAAA;QAEzD,MAAM,QAAQ,GAAG,MAAM,EAAE,CAAC,OAAO,CAC/B,GAAG,CAAA,8DAA8D,MAAM,EAAE,CAC1E,CAAA;QACD,MAAM,GAAG,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAA;QACvB,IAAI,GAAG,KAAK,SAAS;YAAE,OAAO,CAAC,CAAA;QAC/B,OAAO,GAAG,CAAC,SAAS,CAAW,CAAA;IACjC,CAAC;IAED,KAAK,UAAU,WAAW,CACxB,EAAM,EACN,IAAwD;QAExD,MAAM,GAAG,GAAG,MAAM,aAAa,EAAE,CAAA;QACjC,MAAM,OAAO,GAAG,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,MAAM,kBAAkB,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QAC/E,MAAM,gBAAgB,GAAG,WAAW,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC,CAAA;QAElE,MAAM,WAAW,GAAG,MAAM,IAAI,OAAO,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,QAAQ,EAAE,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC;aAC1F,kBAAkB,CAAC,EAAE,GAAG,EAAE,MAAM,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;aACrD,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;aACnB,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC;aACxB,WAAW,CAAC,MAAM,CAAC,QAAQ,CAAC;aAC5B,WAAW,EAAE;aACb,iBAAiB,CAAC,GAAG,gBAAgB,GAAG,CAAC;aACzC,IAAI,CAAC,GAAG,CAAC,CAAA;QAEZ,MAAM,QAAQ,GAAG,MAAM,CAAC,UAAU,EAAE,CAAA;QACpC,MAAM,iBAAiB,GAAG,MAAM,CAAC,UAAU,EAAE,CAAA;QAC7C,MAAM,WAAW,GAAG,MAAM,SAAS,CAAC,iBAAiB,CAAC,CAAA;QACtD,MAAM,gBAAgB,GAAG,WAAW,CAAC,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,CAAA;QACnE,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,gBAAgB,GAAG,IAAI,CAAC,CAAA;QAEhE,MAAM,EAAE,CAAC,OAAO,CACd,GAAG,CAAA;oBACW,IAAI,CAAC,EAAE,KAAK,IAAI,CAAC,QAAQ,KAAK,WAAW,KAAK,QAAQ,WAAW,SAAS,CAAC,WAAW,EAAE,gBAAgB,CACvH,CAAA;QAED,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,iBAAiB,EAAE,SAAS,EAAE,gBAAgB,EAAE,CAAA;IACtF,CAAC;IAED,KAAK,UAAU,OAAO,CAAC,EAAM,EAAE,YAAoB;QACjD,MAAM,SAAS,GAAG,MAAM,SAAS,CAAC,YAAY,CAAC,CAAA;QAE/C,OAAO,EAAE,CAAC,WAAW,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE;YACjC,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,OAAO,CAC3B,GAAG,CAAA;;iCAEsB,SAAS;uBACnB,CAChB,CAAA;YAED,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACtB,MAAM,IAAI,iBAAiB,CAAC,uBAAuB,CAAC,CAAA;YACtD,CAAC;YAED,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAE,CAAA;YACpB,MAAM,MAAM,GAAG,GAAG,CAAC,SAAS,CAAW,CAAA;YACvC,MAAM,QAAQ,GAAG,GAAG,CAAC,WAAW,CAAW,CAAA;YAC3C,MAAM,QAAQ,GAAG,GAAG,CAAC,WAAW,CAAW,CAAA;YAC3C,MAAM,SAAS,GAAG,GAAG,CAAC,YAAY,CAAkB,CAAA;YACpD,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,YAAY,CAAW,CAAC,CAAA;YAEvD,IAAI,SAAS,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;gBAC3B,MAAM,IAAI,iBAAiB,CAAC,uBAAuB,CAAC,CAAA;YACtD,CAAC;YAED,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;gBACvB,IAAI,MAAM,CAAC,YAAY,CAAC,cAAc,EAAE,CAAC;oBACvC,MAAM,EAAE,CAAC,OAAO,CACd,GAAG,CAAA;oCACqB,QAAQ,+BAA+B,CAChE,CAAA;gBACH,CAAC;gBACD,MAAM,IAAI,iBAAiB,CAAC,qDAAqD,CAAC,CAAA;YACpF,CAAC;YAED,IAAI,MAAM,CAAC,YAAY,CAAC,WAAW,EAAE,CAAC;gBACpC,MAAM,EAAE,CAAC,OAAO,CACd,GAAG,CAAA,4EAA4E,SAAS,EAAE,CAC3F,CAAA;YACH,CAAC;YAED,MAAM,KAAK,GAAG,MAAM,CAAC,YAAY;gBAC/B,CAAC,CAAC,MAAM,MAAM,CAAC,YAAY,CAAC,EAAE,EAAE,MAAM,EAAE,QAAQ,CAAC;gBACjD,CAAC,CAAC,SAAS,CAAA;YAEb,OAAO,WAAW,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,CAAA;QAC5F,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,UAAU,SAAS,CAAC,EAAM,EAAE,MAAc;QAC7C,MAAM,EAAE,CAAC,OAAO,CACd,GAAG,CAAA;4BACmB,MAAM,yBAAyB,CACtD,CAAA;IACH,CAAC;IAED,KAAK,UAAU,WAAW,CAAC,EAAM,EAAE,MAAc;QAC/C,MAAM,EAAE,CAAC,OAAO,CACd,GAAG,CAAA;oBACW,MAAM;;yFAE+D,CACpF,CAAA;QACD,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;IAC7B,CAAC;IAED,KAAK,UAAU,iBAAiB,CAAC,KAAa;QAC5C,MAAM,GAAG,GAAG,MAAM,YAAY,EAAE,CAAA;QAChC,IAAI,CAAC;YACH,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,SAAS,CAAC,KAAK,EAAE,GAAG,EAAE;gBAC9C,UAAU,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC;gBACtC,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,QAAQ,EAAE,MAAM,CAAC,QAAQ;aAC1B,CAAC,CAAA;YACF,OAAO;gBACL,GAAG,EAAE,OAAO,CAAC,GAAI;gBACjB,GAAG,EAAE,OAAO,CAAC,KAAK,CAAW;gBAC7B,EAAE,EAAE,OAAO,CAAC,IAAI,CAAW;gBAC3B,KAAK,EAAE,OAAO,CAAC,OAAO,CAAyB;aAChD,CAAA;QACH,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,iBAAiB,CAAC,sBAAsB,CAAC,CAAA;QACrD,CAAC;IACH,CAAC;IAED,KAAK,UAAU,YAAY,CAAC,EAAM,EAAE,MAAc,EAAE,YAAoB;QACtE,MAAM,MAAM,GAAG,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;QACvC,IAAI,MAAM,IAAI,MAAM,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;YAC5C,OAAO,MAAM,CAAC,OAAO,KAAK,YAAY,CAAA;QACxC,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,OAAO,CAC3B,GAAG,CAAA,8DAA8D,MAAM,EAAE,CAC1E,CAAA;QACD,MAAM,cAAc,GAAG,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAE,IAAI,CAAC,CAAC,CAAE,CAAC,SAAS,CAAY,CAAC,CAAC,CAAC,CAAC,CAAA;QAC5E,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,EAAE,OAAO,EAAE,cAAc,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,EAAE,CAAC,CAAA;QACvF,OAAO,cAAc,KAAK,YAAY,CAAA;IACxC,CAAC;IAED,KAAK,UAAU,kBAAkB,CAAC,EAAM;QACtC,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,OAAO,CAC3B,GAAG,CAAA,2EAA2E,CAC/E,CAAA;QACD,OAAO,IAAI,CAAC,MAAM,CAAA;IACpB,CAAC;IAED,SAAS,eAAe;QACtB,MAAM,MAAM,GAAG,MAAM,CAAC,YAAY,CAAC,MAAM,CAAA;QACzC,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CAAC,wEAAwE,CAAC,CAAA;QAC3F,CAAC;QACD,OAAO,mBAAmB,CAAC,MAAM,EAAE,MAAM,CAAC,WAAW,IAAI,YAAY,CAAC,CAAA;IACxE,CAAC;IAED,SAAS,gBAAgB;QACvB,OAAO,WAAW,CAAC,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,CAAA;IACnD,CAAC;IAED,KAAK,UAAU,eAAe,CAC5B,QAAsB,EACtB,EAAM,EACN,IAAwD;QAExD,MAAM,QAAQ,GAAG,eAAe,EAAE,CAAA;QAClC,MAAM,IAAI,GAAG,MAAM,WAAW,CAAC,EAAE,EAAE,IAAI,CAAC,CAAA;QACxC,QAAQ,CAAC,MAAM,CAAC,YAAY,EAAE,oBAAoB,CAAC,QAAQ,EAAE,IAAI,CAAC,YAAY,EAAE,gBAAgB,EAAE,CAAC,CAAC,CAAA;QACpG,OAAO,EAAE,WAAW,EAAE,IAAI,CAAC,WAAW,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,CAAA;IACrE,CAAC;IAED,KAAK,UAAU,WAAW,CACxB,QAAsB,EACtB,EAAM,EACN,OAAoB;QAEpB,MAAM,QAAQ,GAAG,eAAe,EAAE,CAAA;QAClC,MAAM,KAAK,GAAG,iBAAiB,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAA;QACzE,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YACxB,MAAM,IAAI,iBAAiB,CAAC,8BAA8B,CAAC,CAAA;QAC7D,CAAC;QACD,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,EAAE,EAAE,KAAK,CAAC,CAAA;QACrC,QAAQ,CAAC,MAAM,CAAC,YAAY,EAAE,oBAAoB,CAAC,QAAQ,EAAE,IAAI,CAAC,YAAY,EAAE,gBAAgB,EAAE,CAAC,CAAC,CAAA;QACpG,OAAO,EAAE,WAAW,EAAE,IAAI,CAAC,WAAW,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,CAAA;IACrE,CAAC;IAED,KAAK,UAAU,UAAU,CACvB,QAAsB,EACtB,EAAM,EACN,OAAoB;QAEpB,MAAM,QAAQ,GAAG,eAAe,EAAE,CAAA;QAClC,MAAM,KAAK,GAAG,iBAAiB,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAA;QACzE,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YACxB,MAAM,IAAI,iBAAiB,CAAC,8BAA8B,CAAC,CAAA;QAC7D,CAAC;QACD,MAAM,SAAS,GAAG,MAAM,SAAS,CAAC,KAAK,CAAC,CAAA;QACxC,MAAM,EAAE,CAAC,OAAO,CACd,GAAG,CAAA;+BACsB,SAAS,yBAAyB,CAC5D,CAAA;QACD,QAAQ,CAAC,MAAM,CAAC,YAAY,EAAE,sBAAsB,CAAC,QAAQ,CAAC,CAAC,CAAA;IACjE,CAAC;IAED,KAAK,UAAU,aAAa,CAC1B,QAAsB,EACtB,EAAM,EACN,MAAc;QAEd,MAAM,QAAQ,GAAG,eAAe,EAAE,CAAA;QAClC,MAAM,SAAS,CAAC,EAAE,EAAE,MAAM,CAAC,CAAA;QAC3B,QAAQ,CAAC,MAAM,CAAC,YAAY,EAAE,sBAAsB,CAAC,QAAQ,CAAC,CAAC,CAAA;IACjE,CAAC;IAED,OAAO;QACL,WAAW,EAAE,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,iBAAiB,EAAE,YAAY,EAAE,kBAAkB;QACjG,eAAe,EAAE,WAAW,EAAE,UAAU,EAAE,aAAa;KACxD,CAAA;AACH,CAAC;AAED,MAAM,iBAAiB,GAAG;IACxB,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;CAC9E,CAAA;AAED,SAAS,mBAAmB,CAAC,MAAqB;IAChD,MAAM,QAAQ,GAAa,EAAE,CAAA;IAC7B,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,MAAM,CAAC,OAAO,CAAA;IAEhD,IAAI,UAAU,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;QAC5B,QAAQ,CAAC,IAAI,CAAC,kFAAkF,CAAC,CAAA;IACnG,CAAC;IAED,IAAI,SAAS,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAC1B,QAAQ,CAAC,IAAI,CAAC,+EAA+E,CAAC,CAAA;IAChG,CAAC;IAED,MAAM,QAAQ,GAAG,CAAC,UAAU,GAAG,SAAS,CAAC,CAAC,WAAW,EAAE,CAAA;IACvD,KAAK,MAAM,OAAO,IAAI,iBAAiB,EAAE,CAAC;QACxC,IAAI,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;YAC/B,QAAQ,CAAC,IAAI,CAAC,kCAAkC,OAAO,iCAAiC,CAAC,CAAA;YACzF,MAAK;QACP,CAAC;IACH,CAAC;IAED,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;QAClE,QAAQ,CAAC,IAAI,CAAC,oEAAoE,CAAC,CAAA;IACrF,CAAC;IAED,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CACb,uEAAuE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM;YACrH,oHAAoH,CACrH,CAAA;IACH,CAAC;AACH,CAAC;AAED,KAAK,UAAU,SAAS,CAAC,KAAa;IACpC,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAA;IACjC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;IAClC,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,CAAA;IACxD,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;AAC1C,CAAC"}
+{"version":3,"file":"sessions.js","sourceRoot":"","sources":["../../src/auth/sessions.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,MAAM,CAAA;AAClE,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAA;AAElC,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAA;AAEtD,OAAO,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,sBAAsB,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAA;AAuDlH,gHAAgH;AAChH,MAAM,UAAU,cAAc,CAAC,MAAqB;IAClD,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,YAAY,CAAA;IACtD,IAAI,WAAW,KAAK,YAAY,EAAE,CAAC;QACjC,mBAAmB,CAAC,MAAM,CAAC,CAAA;IAC7B,CAAC;IAED,IAAI,UAAU,GAAqB,IAAI,CAAA;IACvC,IAAI,SAAS,GAAqB,IAAI,CAAA;IACtC,MAAM,YAAY,GAAG,IAAI,GAAG,EAAkD,CAAA;IAC9E,MAAM,QAAQ,GAAG,MAAM,CAAC,iBAAiB,IAAI,MAAM,CAAA;IAEnD,KAAK,UAAU,aAAa;QAC1B,IAAI,CAAC,UAAU;YAAE,UAAU,GAAG,MAAM,WAAW,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,EAAE,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;QACpG,OAAO,UAAU,CAAA;IACnB,CAAC;IAED,KAAK,UAAU,YAAY;QACzB,IAAI,CAAC,SAAS;YAAE,SAAS,GAAG,MAAM,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,SAAS,EAAE,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;QAChG,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,SAAS,WAAW,CAAC,GAAW;QAC9B,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAA;QAC1C,IAAI,CAAC,KAAK;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,GAAG,EAAE,CAAC,CAAA;QAC5D,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAE,EAAE,EAAE,CAAC,CAAA;QACrC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;QACrB,QAAQ,IAAI,EAAE,CAAC;YACb,KAAK,GAAG,CAAC,CAAC,OAAO,KAAK,CAAA;YACtB,KAAK,GAAG,CAAC,CAAC,OAAO,KAAK,GAAG,EAAE,CAAA;YAC3B,KAAK,GAAG,CAAC,CAAC,OAAO,KAAK,GAAG,IAAI,CAAA;YAC7B,KAAK,GAAG,CAAC,CAAC,OAAO,KAAK,GAAG,KAAK,CAAA;YAC9B,OAAO,CAAC,CAAC,OAAO,KAAK,CAAA;QACvB,CAAC;IACH,CAAC;IAED,KAAK,UAAU,kBAAkB,CAAC,EAAM,EAAE,MAAc;QACtD,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,OAAO,CAC3B,GAAG,CAAA,iEAAiE,MAAM;;4BAEpD,CACvB,CAAA;QACD,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,IAAI,CAAC,CAAC,CAAE,CAAC,SAAS,CAAW,CAAA;QAEzD,MAAM,QAAQ,GAAG,MAAM,EAAE,CAAC,OAAO,CAC/B,GAAG,CAAA,8DAA8D,MAAM,EAAE,CAC1E,CAAA;QACD,MAAM,GAAG,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAA;QACvB,IAAI,GAAG,KAAK,SAAS;YAAE,OAAO,CAAC,CAAA;QAC/B,OAAO,GAAG,CAAC,SAAS,CAAW,CAAA;IACjC,CAAC;IAED,KAAK,UAAU,WAAW,CACxB,EAAM,EACN,IAAwD;QAExD,MAAM,GAAG,GAAG,MAAM,aAAa,EAAE,CAAA;QACjC,MAAM,OAAO,GAAG,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,MAAM,kBAAkB,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QAC/E,MAAM,gBAAgB,GAAG,WAAW,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC,CAAA;QAElE,MAAM,WAAW,GAAG,MAAM,IAAI,OAAO,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,QAAQ,EAAE,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC;aAC1F,kBAAkB,CAAC,EAAE,GAAG,EAAE,MAAM,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;aACrD,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;aACnB,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC;aACxB,WAAW,CAAC,MAAM,CAAC,QAAQ,CAAC;aAC5B,WAAW,EAAE;aACb,iBAAiB,CAAC,GAAG,gBAAgB,GAAG,CAAC;aACzC,IAAI,CAAC,GAAG,CAAC,CAAA;QAEZ,MAAM,QAAQ,GAAG,MAAM,CAAC,UAAU,EAAE,CAAA;QACpC,MAAM,iBAAiB,GAAG,MAAM,CAAC,UAAU,EAAE,CAAA;QAC7C,MAAM,WAAW,GAAG,MAAM,SAAS,CAAC,iBAAiB,CAAC,CAAA;QACtD,MAAM,gBAAgB,GAAG,WAAW,CAAC,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,CAAA;QACnE,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,gBAAgB,GAAG,IAAI,CAAC,CAAA;QAEhE,MAAM,EAAE,CAAC,OAAO,CACd,GAAG,CAAA;oBACW,IAAI,CAAC,EAAE,KAAK,IAAI,CAAC,QAAQ,KAAK,WAAW,KAAK,QAAQ,WAAW,SAAS,CAAC,WAAW,EAAE,gBAAgB,CACvH,CAAA;QAED,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,iBAAiB,EAAE,SAAS,EAAE,gBAAgB,EAAE,CAAA;IACtF,CAAC;IAED,KAAK,UAAU,OAAO,CAAC,EAAM,EAAE,YAAoB;QACjD,MAAM,SAAS,GAAG,MAAM,SAAS,CAAC,YAAY,CAAC,CAAA;QAE/C,OAAO,EAAE,CAAC,WAAW,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE;YACjC,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,OAAO,CAC3B,GAAG,CAAA;;iCAEsB,SAAS;uBACnB,CAChB,CAAA;YAED,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACtB,MAAM,IAAI,iBAAiB,CAAC,uBAAuB,CAAC,CAAA;YACtD,CAAC;YAED,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAE,CAAA;YACpB,MAAM,MAAM,GAAG,GAAG,CAAC,SAAS,CAAW,CAAA;YACvC,MAAM,QAAQ,GAAG,GAAG,CAAC,WAAW,CAAW,CAAA;YAC3C,MAAM,QAAQ,GAAG,GAAG,CAAC,WAAW,CAAW,CAAA;YAC3C,MAAM,SAAS,GAAG,GAAG,CAAC,YAAY,CAAkB,CAAA;YACpD,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,YAAY,CAAW,CAAC,CAAA;YAEvD,IAAI,SAAS,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;gBAC3B,MAAM,IAAI,iBAAiB,CAAC,uBAAuB,CAAC,CAAA;YACtD,CAAC;YAED,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;gBACvB,IAAI,MAAM,CAAC,YAAY,CAAC,cAAc,EAAE,CAAC;oBACvC,MAAM,EAAE,CAAC,OAAO,CACd,GAAG,CAAA;oCACqB,QAAQ,+BAA+B,CAChE,CAAA;gBACH,CAAC;gBACD,MAAM,IAAI,iBAAiB,CAAC,qDAAqD,CAAC,CAAA;YACpF,CAAC;YAED,IAAI,MAAM,CAAC,YAAY,CAAC,WAAW,EAAE,CAAC;gBACpC,MAAM,EAAE,CAAC,OAAO,CACd,GAAG,CAAA,4EAA4E,SAAS,EAAE,CAC3F,CAAA;YACH,CAAC;YAED,MAAM,KAAK,GAAG,MAAM,CAAC,YAAY;gBAC/B,CAAC,CAAC,MAAM,MAAM,CAAC,YAAY,CAAC,EAAE,EAAE,MAAM,EAAE,QAAQ,CAAC;gBACjD,CAAC,CAAC,SAAS,CAAA;YAEb,OAAO,WAAW,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,CAAA;QAC5F,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,UAAU,SAAS,CAAC,EAAM,EAAE,MAAc;QAC7C,MAAM,EAAE,CAAC,OAAO,CACd,GAAG,CAAA;4BACmB,MAAM,yBAAyB,CACtD,CAAA;IACH,CAAC;IAED,KAAK,UAAU,WAAW,CAAC,EAAM,EAAE,MAAc;QAC/C,MAAM,EAAE,CAAC,OAAO,CACd,GAAG,CAAA;oBACW,MAAM;;yFAE+D,CACpF,CAAA;QACD,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;IAC7B,CAAC;IAED,KAAK,UAAU,iBAAiB,CAAC,KAAa;QAC5C,MAAM,GAAG,GAAG,MAAM,YAAY,EAAE,CAAA;QAChC,IAAI,CAAC;YACH,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,SAAS,CAAC,KAAK,EAAE,GAAG,EAAE;gBAC9C,UAAU,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC;gBACtC,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,QAAQ,EAAE,MAAM,CAAC,QAAQ;aAC1B,CAAC,CAAA;YACF,OAAO;gBACL,GAAG,EAAE,OAAO,CAAC,GAAI;gBACjB,GAAG,EAAE,OAAO,CAAC,KAAK,CAAW;gBAC7B,EAAE,EAAE,OAAO,CAAC,IAAI,CAAW;gBAC3B,KAAK,EAAE,OAAO,CAAC,OAAO,CAAyB;aAChD,CAAA;QACH,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,iBAAiB,CAAC,sBAAsB,CAAC,CAAA;QACrD,CAAC;IACH,CAAC;IAED,KAAK,UAAU,YAAY,CAAC,EAAM,EAAE,MAAc,EAAE,YAAoB;QACtE,MAAM,MAAM,GAAG,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;QACvC,IAAI,MAAM,IAAI,MAAM,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;YAC5C,OAAO,MAAM,CAAC,OAAO,KAAK,YAAY,CAAA;QACxC,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,OAAO,CAC3B,GAAG,CAAA,8DAA8D,MAAM,EAAE,CAC1E,CAAA;QACD,MAAM,cAAc,GAAG,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAE,IAAI,CAAC,CAAC,CAAE,CAAC,SAAS,CAAY,CAAC,CAAC,CAAC,CAAC,CAAA;QAC5E,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,EAAE,OAAO,EAAE,cAAc,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,EAAE,CAAC,CAAA;QACvF,OAAO,cAAc,KAAK,YAAY,CAAA;IACxC,CAAC;IAED,KAAK,UAAU,kBAAkB,CAAC,EAAM;QACtC,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,OAAO,CAC3B,GAAG,CAAA,2EAA2E,CAC/E,CAAA;QACD,OAAO,IAAI,CAAC,MAAM,CAAA;IACpB,CAAC;IAED,SAAS,eAAe;QACtB,MAAM,MAAM,GAAG,MAAM,CAAC,YAAY,CAAC,MAAM,CAAA;QACzC,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CAAC,wEAAwE,CAAC,CAAA;QAC3F,CAAC;QACD,OAAO,mBAAmB,CAAC,MAAM,EAAE,MAAM,CAAC,WAAW,IAAI,YAAY,CAAC,CAAA;IACxE,CAAC;IAED,SAAS,gBAAgB;QACvB,OAAO,WAAW,CAAC,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,CAAA;IACnD,CAAC;IAED,KAAK,UAAU,eAAe,CAC5B,QAAsB,EACtB,EAAM,EACN,IAAwD;QAExD,MAAM,QAAQ,GAAG,eAAe,EAAE,CAAA;QAClC,MAAM,IAAI,GAAG,MAAM,WAAW,CAAC,EAAE,EAAE,IAAI,CAAC,CAAA;QACxC,QAAQ,CAAC,MAAM,CAAC,YAAY,EAAE,oBAAoB,CAAC,QAAQ,EAAE,IAAI,CAAC,YAAY,EAAE,gBAAgB,EAAE,CAAC,CAAC,CAAA;QACpG,OAAO,EAAE,WAAW,EAAE,IAAI,CAAC,WAAW,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,CAAA;IACrE,CAAC;IAED,KAAK,UAAU,WAAW,CACxB,QAAsB,EACtB,EAAM,EACN,OAAoB;QAEpB,MAAM,QAAQ,GAAG,eAAe,EAAE,CAAA;QAClC,MAAM,KAAK,GAAG,iBAAiB,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAA;QACzE,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YACxB,MAAM,IAAI,iBAAiB,CAAC,8BAA8B,CAAC,CAAA;QAC7D,CAAC;QACD,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,EAAE,EAAE,KAAK,CAAC,CAAA;QACrC,QAAQ,CAAC,MAAM,CAAC,YAAY,EAAE,oBAAoB,CAAC,QAAQ,EAAE,IAAI,CAAC,YAAY,EAAE,gBAAgB,EAAE,CAAC,CAAC,CAAA;QACpG,OAAO,EAAE,WAAW,EAAE,IAAI,CAAC,WAAW,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,CAAA;IACrE,CAAC;IAED,KAAK,UAAU,UAAU,CACvB,QAAsB,EACtB,EAAM,EACN,OAAoB;QAEpB,MAAM,QAAQ,GAAG,eAAe,EAAE,CAAA;QAClC,MAAM,KAAK,GAAG,iBAAiB,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAA;QACzE,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YACxB,MAAM,IAAI,iBAAiB,CAAC,8BAA8B,CAAC,CAAA;QAC7D,CAAC;QACD,MAAM,SAAS,GAAG,MAAM,SAAS,CAAC,KAAK,CAAC,CAAA;QACxC,MAAM,EAAE,CAAC,OAAO,CACd,GAAG,CAAA;+BACsB,SAAS,yBAAyB,CAC5D,CAAA;QACD,QAAQ,CAAC,MAAM,CAAC,YAAY,EAAE,sBAAsB,CAAC,QAAQ,CAAC,CAAC,CAAA;IACjE,CAAC;IAED,KAAK,UAAU,aAAa,CAC1B,QAAsB,EACtB,EAAM,EACN,MAAc;QAEd,MAAM,QAAQ,GAAG,eAAe,EAAE,CAAA;QAClC,MAAM,SAAS,CAAC,EAAE,EAAE,MAAM,CAAC,CAAA;QAC3B,QAAQ,CAAC,MAAM,CAAC,YAAY,EAAE,sBAAsB,CAAC,QAAQ,CAAC,CAAC,CAAA;IACjE,CAAC;IAED,OAAO;QACL,WAAW,EAAE,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,iBAAiB,EAAE,YAAY,EAAE,kBAAkB;QACjG,eAAe,EAAE,WAAW,EAAE,UAAU,EAAE,aAAa;KACxD,CAAA;AACH,CAAC;AAED,MAAM,iBAAiB,GAAG;IACxB,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;CAC9E,CAAA;AAED,SAAS,mBAAmB,CAAC,MAAqB;IAChD,MAAM,QAAQ,GAAa,EAAE,CAAA;IAC7B,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,MAAM,CAAC,OAAO,CAAA;IAEhD,IAAI,UAAU,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;QAC5B,QAAQ,CAAC,IAAI,CAAC,kFAAkF,CAAC,CAAA;IACnG,CAAC;IAED,IAAI,SAAS,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAC1B,QAAQ,CAAC,IAAI,CAAC,+EAA+E,CAAC,CAAA;IAChG,CAAC;IAED,MAAM,QAAQ,GAAG,CAAC,UAAU,GAAG,SAAS,CAAC,CAAC,WAAW,EAAE,CAAA;IACvD,KAAK,MAAM,OAAO,IAAI,iBAAiB,EAAE,CAAC;QACxC,IAAI,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;YAC/B,QAAQ,CAAC,IAAI,CAAC,kCAAkC,OAAO,iCAAiC,CAAC,CAAA;YACzF,MAAK;QACP,CAAC;IACH,CAAC;IAED,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;QAClE,QAAQ,CAAC,IAAI,CAAC,oEAAoE,CAAC,CAAA;IACrF,CAAC;IAED,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CACb,uEAAuE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM;YACrH,oHAAoH,CACrH,CAAA;IACH,CAAC;AACH,CAAC;AAED,KAAK,UAAU,SAAS,CAAC,KAAa;IACpC,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAA;IACjC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;IAClC,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,CAAA;IACxD,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;AAC1C,CAAC"}

package/dist/auth/types.d.ts

@@ -1,16 +1,20 @@
 import type { DB } from '../db/types.js';
+/** Runtime auth context passed to strategies — carries the resolved DB and request metadata. */
 export interface AuthContext {
     readonly db: (name?: string) => DB;
 }
+/** Pluggable auth strategy — implement authenticate() to extract auth from a request. */
 export interface AuthStrategy<TAuth> {
     readonly name: string;
     extract(request: AuthRequest, context: AuthContext): Promise<TAuth | null>;
     verify(extracted: TAuth, context: AuthContext): Promise<TAuth>;
 }
+/** Normalized request shape passed to auth strategies — headers, cookies, method, url. */
 export interface AuthRequest {
     readonly headers: Readonly<Record<string, string | undefined>>;
     readonly cookies: Readonly<Record<string, string | undefined>>;
 }
+/** Minimum auth shape — userId and tenantId. Extend for app-specific auth fields. */
 export interface BaseAuth {
     readonly userId: string;
     readonly tenantId: string;

package/dist/auth/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/auth/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,EAAE,EAAE,MAAM,gBAAgB,CAAA;AAExC,MAAM,WAAW,WAAW;IAC1B,QAAQ,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,MAAM,KAAK,EAAE,CAAA;CACnC;AAED,MAAM,WAAW,YAAY,CAAC,KAAK;IACjC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAA;IACrB,OAAO,CAAC,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,KAAK,GAAG,IAAI,CAAC,CAAA;IAC1E,MAAM,CAAC,SAAS,EAAE,KAAK,EAAE,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC,CAAA;CAC/D;AAED,MAAM,WAAW,WAAW;IAC1B,QAAQ,CAAC,OAAO,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC,CAAC,CAAA;IAC9D,QAAQ,CAAC,OAAO,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC,CAAC,CAAA;CAC/D;AAED,MAAM,WAAW,QAAQ;IACvB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;IACvB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAA;CAC1B"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/auth/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,EAAE,EAAE,MAAM,gBAAgB,CAAA;AAExC,gGAAgG;AAChG,MAAM,WAAW,WAAW;IAC1B,QAAQ,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,MAAM,KAAK,EAAE,CAAA;CACnC;AAED,yFAAyF;AACzF,MAAM,WAAW,YAAY,CAAC,KAAK;IACjC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAA;IACrB,OAAO,CAAC,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,KAAK,GAAG,IAAI,CAAC,CAAA;IAC1E,MAAM,CAAC,SAAS,EAAE,KAAK,EAAE,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC,CAAA;CAC/D;AAED,0FAA0F;AAC1F,MAAM,WAAW,WAAW;IAC1B,QAAQ,CAAC,OAAO,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC,CAAC,CAAA;IAC9D,QAAQ,CAAC,OAAO,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC,CAAC,CAAA;CAC/D;AAED,qFAAqF;AACrF,MAAM,WAAW,QAAQ;IACvB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;IACvB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAA;CAC1B"}