saas-backend-kit 1.0.1 → 1.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (30) hide show
  1. package/README.md +38 -6
  2. package/dist/auth/index.js +1 -1
  3. package/dist/auth/index.js.map +1 -1
  4. package/dist/auth/index.mjs +1 -1
  5. package/dist/auth/index.mjs.map +1 -1
  6. package/dist/index.js +49 -41
  7. package/dist/index.js.map +1 -1
  8. package/dist/index.mjs +49 -41
  9. package/dist/index.mjs.map +1 -1
  10. package/dist/rate-limit/index.js +1 -0
  11. package/dist/rate-limit/index.js.map +1 -1
  12. package/dist/rate-limit/index.mjs +1 -0
  13. package/dist/rate-limit/index.mjs.map +1 -1
  14. package/dist/response/index.js +51 -40
  15. package/dist/response/index.js.map +1 -1
  16. package/dist/response/index.mjs +51 -40
  17. package/dist/response/index.mjs.map +1 -1
  18. package/jest-output.json +72 -0
  19. package/jest.config.js +19 -0
  20. package/package.json +9 -7
  21. package/src/auth/jwt.ts +1 -1
  22. package/src/rate-limit/express.ts +1 -0
  23. package/src/response/index.ts +49 -40
  24. package/tests/auth.test.ts +134 -0
  25. package/tests/config.test.ts +36 -0
  26. package/tests/logger.test.ts +47 -0
  27. package/tests/notifications.test.ts +19 -0
  28. package/tests/rate-limit.test.ts +50 -0
  29. package/tests/upload.test.ts +33 -0
  30. package/tsconfig.test.json +14 -0
package/README.md CHANGED
@@ -177,14 +177,46 @@ res.error('Error message');
177
177
  ```env
178
178
  NODE_ENV=development
179
179
  PORT=3000
180
- JWT_SECRET=your-secret-key
180
+
181
+ # JWT
182
+ JWT_SECRET=your-super-secret-jwt-key-change-in-production-min-32-chars
183
+ JWT_EXPIRES_IN=7d
184
+ JWT_REFRESH_SECRET=your-super-secret-refresh-key-change-in-production
185
+ JWT_REFRESH_EXPIRES_IN=30d
186
+
187
+ # Redis
181
188
  REDIS_URL=redis://localhost:6379
182
189
 
183
- # AWS S3
184
- AWS_REGION=us-east-1
185
- AWS_ACCESS_KEY_ID=your-access-key
186
- AWS_SECRET_ACCESS_KEY=your-secret-key
187
- AWS_S3_BUCKET=your-bucket-name
190
+ # Database (optional)
191
+ DATABASE_URL=postgresql://user:password@localhost:5432/mydb
192
+
193
+ # Google OAuth (optional)
194
+ GOOGLE_CLIENT_ID=
195
+ GOOGLE_CLIENT_SECRET=
196
+ GOOGLE_REDIRECT_URI=http://localhost:3000/auth/google/callback
197
+
198
+ # Email (SMTP) (optional)
199
+ SMTP_HOST=smtp.example.com
200
+ SMTP_PORT=587
201
+ SMTP_USER=your-smtp-user
202
+ SMTP_PASS=your-smtp-password
203
+ SMTP_FROM=noreply@yourdomain.com
204
+
205
+ # Twilio SMS (optional)
206
+ TWILIO_ACCOUNT_SID=
207
+ TWILIO_AUTH_TOKEN=
208
+ TWILIO_PHONE_NUMBER=
209
+
210
+ # Slack (optional)
211
+ SLACK_WEBHOOK_URL=
212
+
213
+ # Rate Limiting
214
+ RATE_LIMIT_WINDOW=1m
215
+ RATE_LIMIT_LIMIT=100
216
+
217
+ # Logger
218
+ LOG_LEVEL=info
219
+
188
220
  ```
189
221
 
190
222
  ---
package/dist/auth/index.js CHANGED
@@ -236,7 +236,7 @@ var JWTService = class {
236
236
  return jwt__default.default.verify(token, this.refreshSecret);
237
237
  }
238
238
  refreshTokens(refreshToken) {
239
- const payload = this.verifyRefreshToken(refreshToken);
239
+ const { iat, exp, nbf, ...payload } = this.verifyRefreshToken(refreshToken);
240
240
  return this.generateTokenPair(payload);
241
241
  }
242
242
  };
package/dist/auth/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/auth/types.ts","../../src/auth/rbac.ts","../../src/auth/index.ts","../../src/config/index.ts","../../src/auth/jwt.ts","../../src/auth/oauth.ts","../../src/auth/express.ts","../../src/auth/fastify.ts"],"names":["DEFAULT_PERMISSIONS","RBACService","rbacService","z","jwt","bcrypt"],"mappings":";;;;;;;;;;;;;;;;;;;;;;AA4CaA;AA5Cb,IAAA,UAAA,GAAA,KAAA,CAAA;AAAA,EAAA,mBAAA,GAAA;AA4CO,IAAMA,2BAAA,GAAuC;AAAA,MAClD,KAAA,EAAO,CAAC,GAAG,CAAA;AAAA,MACX,IAAA,EAAM,CAAC,MAAA,EAAQ,WAAW,CAAA;AAAA,MAC1B,KAAA,EAAO,CAAC,aAAa;AAAA,KACvB;AAAA,EAAA;AAAA,CAAA,CAAA;;;AChDA,IAAA,YAAA,GAAA,EAAA;AAAA,QAAA,CAAA,YAAA,EAAA;AAAA,EAAA,WAAA,EAAA,MAAAC,mBAAA;AAAA,EAAA,WAAA,EAAA,MAAAC;AAAA,CAAA,CAAA;AAEaD,4BAAA,CAAA,CA+EAC;AAjFb,IAAA,SAAA,GAAA,KAAA,CAAA;AAAA,EAAA,kBAAA,GAAA;AAAA,IAAA,UAAA,EAAA;AAEO,IAAMD,sBAAN,MAAkB;AAAA,MACf,WAAA;AAAA,MAER,WAAA,CAAY,cAA+BD,2BAAA,EAAqB;AAC9D,QAAA,IAAA,CAAK,WAAA,GAAc,WAAA;AAAA,MACrB;AAAA,MAEA,eAAe,WAAA,EAAoC;AACjD,QAAA,IAAA,CAAK,WAAA,GAAc,WAAA;AAAA,MACrB;AAAA,MAEA,aAAA,CAAc,MAAY,UAAA,EAA8B;AACtD,QAAA,IAAI,CAAC,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,EAAG;AAC3B,UAAA,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,GAAI,EAAC;AAAA,QAC5B;AACA,QAAA,IAAI,CAAC,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,CAAE,QAAA,CAAS,UAAU,CAAA,EAAG;AAChD,UAAA,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,CAAE,IAAA,CAAK,UAAU,CAAA;AAAA,QACxC;AAAA,MACF;AAAA,MAEA,gBAAA,CAAiB,MAAY,UAAA,EAA8B;AACzD,QAAA,IAAI,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,EAAG;AAC1B,UAAA,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,GAAI,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,CAAE,MAAA,CAAO,CAAA,CAAA,KAAK,CAAA,KAAM,UAAU,CAAA;AAAA,QAC9E;AAAA,MACF;AAAA,MAEA,eAAe,IAAA,EAA0B;AACvC,QAAA,OAAO,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,IAAK,EAAC;AAAA,MACpC;AAAA,MAEA,aAAA,CAAc,MAAY,kBAAA,EAAyC;AACjE,QAAA,MAAM,eAAA,GAAkB,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA;AAEhD,QAAA,IAAI,eAAA,CAAgB,QAAA,CAAS,GAAG,CAAA,EAAG;AACjC,UAAA,OAAO,IAAA;AAAA,QACT;AAEA,QAAA,IAAI,eAAA,CAAgB,QAAA,CAAS,kBAAkB,CAAA,EAAG;AAChD,UAAA,OAAO,IAAA;AAAA,QACT;AAEA,QAAA,MAAM,CAAC,cAAA,EAAgB,aAAa,CAAA,GAAI,kBAAA,CAAmB,MAAM,GAAG,CAAA;AAEpE,QAAA,KAAA,MAAW,QAAQ,eAAA,EAAiB;AAClC,UAAA,MAAM,CAAC,MAAA,EAAQ,KAAK,CAAA,GAAI,IAAA,CAAK,MAAM,GAAG,CAAA;AAEtC,UAAA,IAAI,MAAA,KAAW,GAAA,KAAQ,KAAA,KAAU,GAAA,IAAO,UAAU,aAAA,CAAA,EAAgB;AAChE,YAAA,OAAO,IAAA;AAAA,UACT;AAEA,UAAA,IAAI,MAAA,KAAW,cAAA,KAAmB,KAAA,KAAU,GAAA,IAAO,UAAU,aAAA,CAAA,EAAgB;AAC3E,YAAA,OAAO,IAAA;AAAA,UACT;AAAA,QACF;AAEA,QAAA,OAAO,KAAA;AAAA,MACT;AAAA,MAEA,OAAA,CAAQ,UAAgB,YAAA,EAA6B;AACnD,QAAA,MAAM,SAAA,GAAoB,CAAC,OAAA,EAAS,MAAA,EAAQ,OAAO,CAAA;AACnD,QAAA,MAAM,SAAA,GAAY,SAAA,CAAU,OAAA,CAAQ,QAAe,CAAA;AACnD,QAAA,MAAM,aAAA,GAAgB,SAAA,CAAU,OAAA,CAAQ,YAAmB,CAAA;AAE3D,QAAA,IAAI,SAAA,KAAc,EAAA,IAAM,aAAA,KAAkB,EAAA,EAAI;AAC5C,UAAA,OAAO,QAAA,KAAa,YAAA;AAAA,QACtB;AAEA,QAAA,OAAO,SAAA,IAAa,aAAA;AAAA,MACtB;AAAA,MAEA,UAAU,UAAA,EAAwB;AAChC,QAAA,OAAO,CAAC,IAAA,KAAwB,IAAA,CAAK,aAAA,CAAc,MAAM,UAAU,CAAA;AAAA,MACrE;AAAA,MAEA,cAAc,YAAA,EAAoB;AAChC,QAAA,OAAO,CAAC,IAAA,KAAwB,IAAA,CAAK,OAAA,CAAQ,MAAM,YAAY,CAAA;AAAA,MACjE;AAAA,KACF;AAEO,IAAME,mBAAA,GAAc,IAAID,mBAAA,EAAY;AAAA,EAAA;AAAA,CAAA,CAAA;;;ACjF3C,UAAA,EAAA;ACEO,IAAM,SAAA,GAAYE,MAAE,MAAA,CAAO;AAAA,EAChC,QAAA,EAAUA,KAAA,CAAE,IAAA,CAAK,CAAC,aAAA,EAAe,cAAc,MAAM,CAAC,CAAA,CAAE,OAAA,CAAQ,aAAa,CAAA;AAAA,EAC7E,IAAA,EAAMA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,MAAM,CAAA;AAAA,EAC/B,YAAA,EAAcA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAClC,SAAA,EAAWA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,wBAAwB,CAAA;AAAA,EACtD,YAAYA,KAAA,CAAE,MAAA,GAAS,GAAA,CAAI,EAAE,EAAE,QAAA,EAAS;AAAA,EACxC,cAAA,EAAgBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,IAAI,CAAA;AAAA,EACvC,oBAAoBA,KAAA,CAAE,MAAA,GAAS,GAAA,CAAI,EAAE,EAAE,QAAA,EAAS;AAAA,EAChD,sBAAA,EAAwBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,KAAK,CAAA;AAAA,EAChD,gBAAA,EAAkBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACtC,oBAAA,EAAsBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC1C,mBAAA,EAAqBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACzC,SAAA,EAAWA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,SAAA,EAAWA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,KAAK,CAAA;AAAA,EACnC,SAAA,EAAWA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,SAAA,EAAWA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,SAAA,EAAWA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,kBAAA,EAAoBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACxC,iBAAA,EAAmBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACvC,mBAAA,EAAqBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACzC,iBAAA,EAAmBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACvC,iBAAA,EAAmBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,IAAI,CAAA;AAAA,EAC1C,gBAAA,EAAkBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,KAAK,CAAA;AAAA,EAC1C,SAAA,EAAWA,KAAA,CAAE,IAAA,CAAK,CAAC,OAAA,EAAS,OAAA,EAAS,MAAA,EAAQ,MAAA,EAAQ,OAAA,EAAS,OAAO,CAAC,CAAA,CAAE,QAAQ,MAAM,CAAA;AAAA,EACtF,UAAA,EAAYA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,WAAW,CAAA;AAAA,EAC1C,iBAAA,EAAmBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACvC,qBAAA,EAAuBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC3C,aAAA,EAAeA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACnC,YAAA,EAAcA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AAC3B,CAAC,CAAA;AAUD,IAAM,gBAAN,MAAoB;AAAA,EACV,MAAA,GAA2B,IAAA;AAAA,EAC3B,MAAA;AAAA,EACA,QAAA;AAAA,EAER,WAAA,CAAY,OAAA,GAAyB,EAAC,EAAG;AACvC,IAAA,IAAA,CAAK,MAAA,GAAS,QAAQ,MAAA,IAAU,SAAA;AAChC,IAAA,IAAA,CAAK,QAAA,GAAW,QAAQ,QAAA,IAAY,IAAA;AAAA,EACtC;AAAA,EAEA,IAAA,GAAkB;AAChB,IAAA,IAAI,IAAA,CAAK,MAAA,EAAQ,OAAO,IAAA,CAAK,MAAA;AAE7B,IAAA,MAAM,MAA0C,EAAC;AAEjD,IAAA,KAAA,MAAW,OAAO,MAAA,CAAO,IAAA,CAAK,IAAA,CAAK,MAAA,CAAO,KAAK,CAAA,EAAG;AAChD,MAAA,GAAA,CAAI,GAAG,CAAA,GAAI,OAAA,CAAQ,GAAA,CAAI,GAAG,CAAA;AAAA,IAC5B;AAEA,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,MAAM,MAAA,GAAS,IAAA,CAAK,MAAA,CAAO,SAAA,CAAU,GAAG,CAAA;AACxC,MAAA,IAAI,CAAC,OAAO,OAAA,EAAS;AACnB,QAAA,MAAM,SAAS,MAAA,CAAO,KAAA,CAAM,OAAO,GAAA,CAAI,CAAA,CAAA,KAAK,GAAG,CAAA,CAAE,IAAA,CAAK,IAAA,CAAK,GAAG,CAAC,CAAA,EAAA,EAAK,CAAA,CAAE,OAAO,CAAA,CAAE,CAAA,CAAE,KAAK,IAAI,CAAA;AAC1F,QAAA,MAAM,IAAI,KAAA,CAAM,CAAA,0BAAA,EAA6B,MAAM,CAAA,CAAE,CAAA;AAAA,MACvD;AACA,MAAA,IAAA,CAAK,SAAS,MAAA,CAAO,IAAA;AAAA,IACvB,CAAA,MAAO;AACL,MAAA,IAAA,CAAK,MAAA,GAAS,GAAA;AAAA,IAChB;AAEA,IAAA,OAAO,IAAA,CAAK,MAAA;AAAA,EACd;AAAA,EAEA,IAA+B,GAAA,EAAsB;AACnD,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,EAAQ,IAAA,CAAK,IAAA,EAAK;AAC5B,IAAA,OAAO,IAAA,CAAK,OAAQ,GAAG,CAAA;AAAA,EACzB;AAAA,EAEA,IAAI,GAAA,EAA8B;AAChC,IAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,GAAA,CAAI,GAAG,CAAA;AAC1B,IAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,QAAA,CAAS,OAAO,EAAE,CAAA;AACxD,IAAA,OAAO,OAAO,KAAK,CAAA;AAAA,EACrB;AAAA,EAEA,KAAK,GAAA,EAA+B;AAClC,IAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,GAAA,CAAI,GAAG,CAAA;AAC1B,IAAA,IAAI,OAAO,KAAA,KAAU,SAAA,EAAW,OAAO,KAAA;AACvC,IAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,KAAA,CAAM,aAAY,KAAM,MAAA;AAC9D,IAAA,OAAO,QAAQ,KAAK,CAAA;AAAA,EACtB;AAAA,EAEA,YAAA,GAAwB;AACtB,IAAA,OAAO,IAAA,CAAK,GAAA,CAAI,UAAU,CAAA,KAAM,YAAA;AAAA,EAClC;AAAA,EAEA,aAAA,GAAyB;AACvB,IAAA,OAAO,IAAA,CAAK,GAAA,CAAI,UAAU,CAAA,KAAM,aAAA;AAAA,EAClC;AAAA,EAEA,MAAA,GAAkB;AAChB,IAAA,OAAO,IAAA,CAAK,GAAA,CAAI,UAAU,CAAA,KAAM,MAAA;AAAA,EAClC;AAAA,EAEA,MAAA,GAAoB;AAClB,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,EAAQ,IAAA,CAAK,IAAA,EAAK;AAC5B,IAAA,OAAO,IAAA,CAAK,MAAA;AAAA,EACd;AACF,CAAA;AAEA,IAAM,YAAA,GAAe,IAAI,aAAA,EAAc;AAEhC,IAAM,MAAA,GAAS;AAAA,EACpB,IAAA,EAAM,MAAM,YAAA,CAAa,IAAA,EAAK;AAAA,EAC9B,GAAA,EAAK,CAA4B,GAAA,KAAW,YAAA,CAAa,IAAI,GAAG,CAAA;AAAA,EAChE,GAAA,EAAK,CAAC,GAAA,KAAyB,YAAA,CAAa,IAAI,GAAG,CAAA;AAAA,EACnD,IAAA,EAAM,CAAC,GAAA,KAAyB,YAAA,CAAa,KAAK,GAAG,CAAA;AAAA,EACrD,YAAA,EAAc,MAAM,YAAA,CAAa,YAAA,EAAa;AAAA,EAC9C,aAAA,EAAe,MAAM,YAAA,CAAa,aAAA,EAAc;AAAA,EAChD,MAAA,EAAQ,MAAM,YAAA,CAAa,MAAA,EAAO;AAAA,EAClC,MAAA,EAAQ,MAAM,YAAA,CAAa,MAAA,EAAO;AAAA,EAClC,MAAA,EAAQ,CAAC,OAAA,KAA4B,IAAI,cAAc,OAAO;AAChE,CAAA;;;ACtHO,IAAM,aAAN,MAAiB;AAAA,EACd,MAAA;AAAA,EACA,SAAA;AAAA,EACA,aAAA;AAAA,EACA,gBAAA;AAAA,EAER,WAAA,CAAY,OAAA,GAA4G,EAAC,EAAG;AAC1H,IAAA,IAAA,CAAK,SAAS,OAAA,CAAQ,SAAA,IAAa,MAAA,CAAO,GAAA,CAAI,YAAY,CAAA,IAAK,qCAAA;AAC/D,IAAA,IAAA,CAAK,YAAY,OAAA,CAAQ,YAAA,IAAgB,MAAA,CAAO,GAAA,CAAI,gBAAgB,CAAA,IAAK,IAAA;AACzE,IAAA,IAAA,CAAK,gBAAgB,OAAA,CAAQ,aAAA,IAAiB,OAAO,GAAA,CAAI,oBAAoB,KAAK,IAAA,CAAK,MAAA;AACvF,IAAA,IAAA,CAAK,mBAAmB,OAAA,CAAQ,gBAAA,IAAoB,MAAA,CAAO,GAAA,CAAI,wBAAwB,CAAA,IAAK,KAAA;AAAA,EAC9F;AAAA,EAEA,cAAc,OAAA,EAA6B;AACzC,IAAA,OAAOC,oBAAA,CAAI,KAAK,OAAA,EAAS,IAAA,CAAK,QAAQ,EAAE,SAAA,EAAW,IAAA,CAAK,SAAA,EAAW,CAAA;AAAA,EACrE;AAAA,EAEA,qBAAqB,OAAA,EAA6B;AAChD,IAAA,OAAOA,oBAAA,CAAI,KAAK,OAAA,EAAS,IAAA,CAAK,eAAe,EAAE,SAAA,EAAW,IAAA,CAAK,gBAAA,EAAkB,CAAA;AAAA,EACnF;AAAA,EAEA,kBAAkB,OAAA,EAAgC;AAChD,IAAA,OAAO;AAAA,MACL,WAAA,EAAa,IAAA,CAAK,aAAA,CAAc,OAAO,CAAA;AAAA,MACvC,YAAA,EAAc,IAAA,CAAK,oBAAA,CAAqB,OAAO;AAAA,KACjD;AAAA,EACF;AAAA,EAEA,YAAY,KAAA,EAA2B;AACrC,IAAA,OAAOA,oBAAA,CAAI,MAAA,CAAO,KAAA,EAAO,IAAA,CAAK,MAAM,CAAA;AAAA,EACtC;AAAA,EAEA,mBAAmB,KAAA,EAA2B;AAC5C,IAAA,OAAOA,oBAAA,CAAI,MAAA,CAAO,KAAA,EAAO,IAAA,CAAK,aAAa,CAAA;AAAA,EAC7C;AAAA,EAEA,cAAc,YAAA,EAAiC;AAC7C,IAAA,MAAM,OAAA,GAAU,IAAA,CAAK,kBAAA,CAAmB,YAAY,CAAA;AACpD,IAAA,OAAO,IAAA,CAAK,kBAAkB,OAAO,CAAA;AAAA,EACvC;AACF;AAEO,IAAM,UAAA,GAAa,IAAI,UAAA;;;AF5C9B,SAAA,EAAA;;;AGQO,IAAM,eAAN,MAAmB;AAAA,EAChB,SAAA,uBAA4C,GAAA,EAAI;AAAA,EAExD,WAAA,GAAc;AACZ,IAAA,MAAM,cAAA,GAAiB,MAAA,CAAO,GAAA,CAAI,kBAAkB,CAAA;AACpD,IAAA,MAAM,kBAAA,GAAqB,MAAA,CAAO,GAAA,CAAI,sBAAsB,CAAA;AAC5D,IAAA,MAAM,iBAAA,GAAoB,MAAA,CAAO,GAAA,CAAI,qBAAqB,CAAA;AAE1D,IAAA,IAAI,cAAA,IAAkB,sBAAsB,iBAAA,EAAmB;AAC7D,MAAA,IAAA,CAAK,iBAAiB,QAAA,EAAU;AAAA,QAC9B,IAAA,EAAM,QAAA;AAAA,QACN,QAAA,EAAU,cAAA;AAAA,QACV,YAAA,EAAc,kBAAA;AAAA,QACd,WAAA,EAAa,iBAAA;AAAA,QACb,gBAAA,EAAkB,8CAAA;AAAA,QAClB,QAAA,EAAU,qCAAA;AAAA,QACV,WAAA,EAAa;AAAA,OACd,CAAA;AAAA,IACH;AAAA,EACF;AAAA,EAEA,gBAAA,CAAiB,MAAc,QAAA,EAA+B;AAC5D,IAAA,IAAA,CAAK,SAAA,CAAU,GAAA,CAAI,IAAA,EAAM,QAAQ,CAAA;AAAA,EACnC;AAAA,EAEA,YAAY,IAAA,EAAyC;AACnD,IAAA,OAAO,IAAA,CAAK,SAAA,CAAU,GAAA,CAAI,IAAI,CAAA;AAAA,EAChC;AAAA,EAEA,mBAAA,CAAoB,cAAsB,KAAA,EAAwB;AAChE,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,WAAA,CAAY,YAAY,CAAA;AAC9C,IAAA,IAAI,CAAC,QAAA,EAAU;AACb,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,eAAA,EAAkB,YAAY,CAAA,eAAA,CAAiB,CAAA;AAAA,IACjE;AAEA,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,CAAgB;AAAA,MACjC,WAAW,QAAA,CAAS,QAAA;AAAA,MACpB,cAAc,QAAA,CAAS,WAAA;AAAA,MACvB,aAAA,EAAe,MAAA;AAAA,MACf,KAAA,EAAO,sBAAA;AAAA,MACP,OAAO,KAAA,IAAS;AAAA,KACjB,CAAA;AAED,IAAA,OAAO,GAAG,QAAA,CAAS,gBAAgB,CAAA,CAAA,EAAI,MAAA,CAAO,UAAU,CAAA,CAAA;AAAA,EAC1D;AAAA,EAEA,MAAM,YAAA,CAAa,YAAA,EAAsB,IAAA,EAAuE;AAC9G,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,WAAA,CAAY,YAAY,CAAA;AAC9C,IAAA,IAAI,CAAC,QAAA,EAAU;AACb,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,eAAA,EAAkB,YAAY,CAAA,eAAA,CAAiB,CAAA;AAAA,IACjE;AAEA,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,QAAA,CAAS,QAAA,EAAU;AAAA,MAC9C,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA,EAAS;AAAA,QACP,cAAA,EAAgB;AAAA,OAClB;AAAA,MACA,IAAA,EAAM,IAAI,eAAA,CAAgB;AAAA,QACxB,WAAW,QAAA,CAAS,QAAA;AAAA,QACpB,eAAe,QAAA,CAAS,YAAA;AAAA,QACxB,IAAA;AAAA,QACA,UAAA,EAAY,oBAAA;AAAA,QACZ,cAAc,QAAA,CAAS;AAAA,OACxB;AAAA,KACF,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,KAAA,GAAQ,MAAM,QAAA,CAAS,IAAA,EAAK;AAClC,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,6BAAA,EAAgC,KAAK,CAAA,CAAE,CAAA;AAAA,IACzD;AAEA,IAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,IAAA,EAAK;AACjC,IAAA,OAAO;AAAA,MACL,aAAa,IAAA,CAAK,YAAA;AAAA,MAClB,cAAc,IAAA,CAAK;AAAA,KACrB;AAAA,EACF;AAAA,EAEA,MAAM,WAAA,CAAY,YAAA,EAAsB,WAAA,EAA6C;AACnF,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,WAAA,CAAY,YAAY,CAAA;AAC9C,IAAA,IAAI,CAAC,QAAA,EAAU;AACb,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,eAAA,EAAkB,YAAY,CAAA,eAAA,CAAiB,CAAA;AAAA,IACjE;AAEA,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,QAAA,CAAS,WAAA,EAAa;AAAA,MACjD,OAAA,EAAS;AAAA,QACP,aAAA,EAAe,UAAU,WAAW,CAAA;AAAA;AACtC,KACD,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,KAAA,GAAQ,MAAM,QAAA,CAAS,IAAA,EAAK;AAClC,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,8BAAA,EAAiC,KAAK,CAAA,CAAE,CAAA;AAAA,IAC1D;AAEA,IAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,IAAA,EAAK;AAEjC,IAAA,OAAO;AAAA,MACL,IAAI,IAAA,CAAK,EAAA;AAAA,MACT,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,MAAM,IAAA,CAAK,IAAA;AAAA,MACX,SAAS,IAAA,CAAK;AAAA,KAChB;AAAA,EACF;AACF;AAEO,IAAM,YAAA,GAAe,IAAI,YAAA;AChHhC,SAAA,EAAA;AAwBA,IAAM,oBAAN,MAA6C;AAAA,EACnC,KAAA,uBAA+B,GAAA,EAAI;AAAA,EAE3C,MAAM,YAAY,KAAA,EAAqC;AACrD,IAAA,KAAA,MAAW,IAAA,IAAQ,IAAA,CAAK,KAAA,CAAM,MAAA,EAAO,EAAG;AACtC,MAAA,IAAI,IAAA,CAAK,KAAA,KAAU,KAAA,EAAO,OAAO,IAAA;AAAA,IACnC;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,SAAS,EAAA,EAAkC;AAC/C,IAAA,OAAO,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,EAAE,CAAA,IAAK,IAAA;AAAA,EAC/B;AAAA,EAEA,MAAM,OAAO,IAAA,EAAmC;AAC9C,IAAA,MAAM,EAAA,GAAK,KAAK,MAAA,EAAO,CAAE,SAAS,EAAE,CAAA,CAAE,MAAA,CAAO,CAAA,EAAG,CAAC,CAAA;AACjD,IAAA,MAAM,iBAAiB,MAAMC,uBAAA,CAAO,IAAA,CAAK,IAAA,CAAK,UAAU,EAAE,CAAA;AAC1D,IAAA,MAAM,IAAA,GAAa;AAAA,MACjB,EAAA;AAAA,MACA,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,QAAA,EAAU,cAAA;AAAA,MACV,IAAA,EAAM,KAAK,IAAA,IAAQ,MAAA;AAAA,MACnB,MAAM,IAAA,CAAK;AAAA,KACb;AACA,IAAA,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,EAAA,EAAI,IAAI,CAAA;AACvB,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,MAAA,CAAO,EAAA,EAAY,IAAA,EAAoC;AAC3D,IAAA,MAAM,IAAA,GAAO,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,EAAE,CAAA;AAC9B,IAAA,IAAI,CAAC,IAAA,EAAM,MAAM,IAAI,MAAM,gBAAgB,CAAA;AAC3C,IAAA,MAAM,OAAA,GAAU,EAAE,GAAG,IAAA,EAAM,GAAG,IAAA,EAAK;AACnC,IAAA,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,EAAA,EAAI,OAAO,CAAA;AAC1B,IAAA,OAAO,OAAA;AAAA,EACT;AACF,CAAA;AAEO,IAAM,cAAN,MAAkB;AAAA,EACf,SAAA;AAAA,EACA,OAAA;AAAA,EACA,WAAA,GAAuB,KAAA;AAAA,EAE/B,WAAA,CAAY,OAAA,GAAuB,EAAC,EAAG,SAAA,EAAuB;AAC5D,IAAA,IAAA,CAAK,OAAA,GAAU;AAAA,MACb,SAAA,EAAW,OAAA,CAAQ,SAAA,IAAa,OAAA,CAAQ,IAAI,UAAA,IAAc,qCAAA;AAAA,MAC1D,YAAA,EAAc,QAAQ,YAAA,IAAgB,IAAA;AAAA,MACtC,aAAA,EAAe,OAAA,CAAQ,aAAA,IAAiB,OAAA,CAAQ,IAAI,kBAAA,IAAsB,qCAAA;AAAA,MAC1E,gBAAA,EAAkB,QAAQ,gBAAA,IAAoB,KAAA;AAAA,MAC9C,cAAA,EAAgB,OAAA,CAAQ,cAAA,IAAkB,OAAA,CAAQ,IAAI,gBAAA,IAAoB,EAAA;AAAA,MAC1E,kBAAA,EAAoB,OAAA,CAAQ,kBAAA,IAAsB,OAAA,CAAQ,IAAI,oBAAA,IAAwB,EAAA;AAAA,MACtF,iBAAA,EAAmB,OAAA,CAAQ,iBAAA,IAAqB,OAAA,CAAQ,IAAI,mBAAA,IAAuB;AAAA,KACrF;AAEA,IAAA,IAAA,CAAK,SAAA,GAAY,SAAA,IAAa,IAAI,iBAAA,EAAkB;AAAA,EACtD;AAAA,EAEA,MAAM,UAAA,GAA4B;AAChC,IAAA,IAAI,IAAA,CAAK,QAAQ,cAAA,IAAkB,IAAA,CAAK,QAAQ,kBAAA,IAAsB,IAAA,CAAK,QAAQ,iBAAA,EAAmB;AACpG,MAAA,YAAA,CAAa,iBAAiB,QAAA,EAAU;AAAA,QACtC,IAAA,EAAM,QAAA;AAAA,QACN,QAAA,EAAU,KAAK,OAAA,CAAQ,cAAA;AAAA,QACvB,YAAA,EAAc,KAAK,OAAA,CAAQ,kBAAA;AAAA,QAC3B,WAAA,EAAa,KAAK,OAAA,CAAQ,iBAAA;AAAA,QAC1B,gBAAA,EAAkB,8CAAA;AAAA,QAClB,QAAA,EAAU,qCAAA;AAAA,QACV,WAAA,EAAa;AAAA,OACd,CAAA;AAAA,IACH;AACA,IAAA,IAAA,CAAK,WAAA,GAAc,IAAA;AAAA,EACrB;AAAA,EAEA,MAAM,SAAS,IAAA,EAAoG;AACjH,IAAA,MAAM,WAAW,MAAM,IAAA,CAAK,SAAA,CAAU,WAAA,CAAY,KAAK,KAAK,CAAA;AAC5D,IAAA,IAAI,QAAA,EAAU;AACZ,MAAA,MAAM,IAAI,MAAM,qBAAqB,CAAA;AAAA,IACvC;AAEA,IAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,SAAA,CAAU,OAAO,IAAI,CAAA;AAC7C,IAAA,MAAM,MAAA,GAAS,WAAW,iBAAA,CAAkB;AAAA,MAC1C,QAAQ,IAAA,CAAK,EAAA;AAAA,MACb,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,MAAM,IAAA,CAAK;AAAA,KACZ,CAAA;AAED,IAAA,OAAO,EAAE,MAAM,MAAA,EAAO;AAAA,EACxB;AAAA,EAEA,MAAM,MAAM,WAAA,EAA+G;AACzH,IAAA,MAAM,OAAO,MAAM,IAAA,CAAK,SAAA,CAAU,WAAA,CAAY,YAAY,KAAK,CAAA;AAC/D,IAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,IAAA,CAAK,QAAA,EAAU;AAC3B,MAAA,MAAM,IAAI,MAAM,qBAAqB,CAAA;AAAA,IACvC;AAEA,IAAA,MAAM,UAAU,MAAMA,uBAAA,CAAO,QAAQ,WAAA,CAAY,QAAA,EAAU,KAAK,QAAQ,CAAA;AACxE,IAAA,IAAI,CAAC,OAAA,EAAS;AACZ,MAAA,MAAM,IAAI,MAAM,qBAAqB,CAAA;AAAA,IACvC;AAEA,IAAA,MAAM,MAAA,GAAS,WAAW,iBAAA,CAAkB;AAAA,MAC1C,QAAQ,IAAA,CAAK,EAAA;AAAA,MACb,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,MAAM,IAAA,CAAK;AAAA,KACZ,CAAA;AAED,IAAA,OAAO,EAAE,MAAM,MAAA,EAAO;AAAA,EACxB;AAAA,EAEA,MAAM,QAAQ,YAAA,EAA8E;AAC1F,IAAA,OAAO,UAAA,CAAW,cAAc,YAAY,CAAA;AAAA,EAC9C;AAAA,EAEA,MAAM,iBAAiB,KAAA,EAAiC;AACtD,IAAA,OAAO,YAAA,CAAa,mBAAA,CAAoB,QAAA,EAAU,KAAK,CAAA;AAAA,EACzD;AAAA,EAEA,MAAM,qBAAqB,IAAA,EAA8F;AACvH,IAAA,MAAM,EAAE,WAAA,EAAY,GAAI,MAAM,YAAA,CAAa,YAAA,CAAa,UAAU,IAAI,CAAA;AACtE,IAAA,MAAM,QAAA,GAAW,MAAM,YAAA,CAAa,WAAA,CAAY,UAAU,WAAW,CAAA;AAErE,IAAA,IAAI,OAAO,MAAM,IAAA,CAAK,SAAA,CAAU,WAAA,CAAY,SAAS,KAAK,CAAA;AAE1D,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,IAAA,GAAO,MAAM,IAAA,CAAK,SAAA,CAAU,MAAA,CAAO;AAAA,QACjC,OAAO,QAAA,CAAS,KAAA;AAAA,QAChB,QAAA,EAAU,KAAK,MAAA,EAAO,CAAE,SAAS,EAAE,CAAA,CAAE,MAAA,CAAO,CAAA,EAAG,EAAE,CAAA;AAAA,QACjD,MAAM,QAAA,CAAS,IAAA;AAAA,QACf,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH;AAEA,IAAA,MAAM,MAAA,GAAS,WAAW,iBAAA,CAAkB;AAAA,MAC1C,QAAQ,IAAA,CAAK,EAAA;AAAA,MACb,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,MAAM,IAAA,CAAK;AAAA,KACZ,CAAA;AAED,IAAA,OAAO,EAAE,MAAM,MAAA,EAAO;AAAA,EACxB;AAAA,EAEA,aAAA,GAAgC;AAC9B,IAAA,OAAO,CAAC,GAAA,EAAc,GAAA,EAAe,IAAA,KAAuB;AAC1D,MAAA,MAAM,UAAA,GAAa,IAAI,OAAA,CAAQ,aAAA;AAE/B,MAAA,IAAI,CAAC,UAAA,IAAc,CAAC,UAAA,CAAW,UAAA,CAAW,SAAS,CAAA,EAAG;AACpD,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,qBAAqB,CAAA;AAAA,MAC5D;AAEA,MAAA,MAAM,KAAA,GAAQ,UAAA,CAAW,SAAA,CAAU,CAAC,CAAA;AAEpC,MAAA,IAAI;AACF,QAAA,MAAM,OAAA,GAAU,UAAA,CAAW,WAAA,CAAY,KAAK,CAAA;AAC5C,QAAA,GAAA,CAAI,IAAA,GAAO;AAAA,UACT,GAAG,OAAA;AAAA,UACH,IAAI,OAAA,CAAQ;AAAA,SACd;AACA,QAAA,IAAA,EAAK;AAAA,MACP,SAAS,KAAA,EAAO;AACd,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,iBAAiB,CAAA;AAAA,MACxD;AAAA,IACF,CAAA;AAAA,EACF;AAAA,EAEA,WAAA,GAA8B;AAC5B,IAAA,OAAO,CAAC,GAAA,EAAc,GAAA,EAAe,IAAA,KAAuB;AAC1D,MAAA,IAAI,CAAC,IAAI,IAAA,EAAM;AACb,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MAClE;AACA,MAAA,IAAA,EAAK;AAAA,IACP,CAAA;AAAA,EACF;AAAA,EAEA,YAAY,IAAA,EAA8B;AACxC,IAAA,OAAO,CAAC,GAAA,EAAc,GAAA,EAAe,IAAA,KAAuB;AAC1D,MAAA,IAAI,CAAC,IAAI,IAAA,EAAM;AACb,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MAClE;AACA,MAAA,IAAI,CAACH,mBAAA,CAAY,OAAA,CAAQ,IAAI,IAAA,CAAK,IAAA,EAAM,IAAI,CAAA,EAAG;AAC7C,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,4BAA4B,CAAA;AAAA,MACnE;AACA,MAAA,IAAA,EAAK;AAAA,IACP,CAAA;AAAA,EACF;AAAA,EAEA,kBAAkB,UAAA,EAAoC;AACpD,IAAA,OAAO,CAAC,GAAA,EAAc,GAAA,EAAe,IAAA,KAAuB;AAC1D,MAAA,IAAI,CAAC,IAAI,IAAA,EAAM;AACb,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MAClE;AACA,MAAA,IAAI,CAACA,mBAAA,CAAY,aAAA,CAAc,IAAI,IAAA,CAAK,IAAA,EAAM,UAAU,CAAA,EAAG;AACzD,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,4BAA4B,CAAA;AAAA,MACnE;AACA,MAAA,IAAA,EAAK;AAAA,IACP,CAAA;AAAA,EACF;AACF;AAEA,IAAI,mBAAA,GAA0C,IAAA;AAEvC,SAAS,UAAA,CAAW,SAAuB,SAAA,EAAoC;AACpF,EAAA,mBAAA,GAAsB,IAAI,WAAA,CAAY,OAAA,EAAS,SAAS,CAAA;AACxD,EAAA,OAAO,mBAAA;AACT;AAEO,SAAS,IAAA,GAAoB;AAClC,EAAA,IAAI,CAAC,mBAAA,EAAqB;AACxB,IAAA,mBAAA,GAAsB,IAAI,WAAA,EAAY;AAAA,EACxC;AACA,EAAA,OAAO,mBAAA;AACT;AAEO,IAAM,IAAA,GAAO;AAAA,EAClB,UAAA,EAAY,CAAC,OAAA,KAA0B;AACrC,IAAA,MAAM,OAAA,GAAU,WAAW,OAAO,CAAA;AAClC,IAAA,OAAO;AAAA,MACL,OAAA;AAAA,MACA,aAAA,EAAe,MAAM,OAAA,CAAQ,aAAA,EAAc;AAAA,MAC3C,WAAA,EAAa,MAAM,OAAA,CAAQ,WAAA,EAAY;AAAA,MACvC,WAAA,EAAa,CAAC,IAAA,KAAiB,OAAA,CAAQ,YAAY,IAAI,CAAA;AAAA,MACvD,iBAAA,EAAmB,CAAC,UAAA,KAAuB,OAAA,CAAQ,kBAAkB,UAAU;AAAA,KACjF;AAAA,EACF;AACF;;;AC/OO,SAAS,kBAAA,CAAmB,OAAA,EAA0B,OAAA,EAAuC,IAAA,EAA+B;AACjI,EAAA,MAAM,EAAE,aAAY,GAAI,OAAA;AAExB,EAAA,OAAA,CAAQ,QAAA,CAAS,cAAA,EAAgB,OAAO,OAAA,EAAyB,KAAA,KAAwB;AACvF,IAAA,MAAM,UAAA,GAAa,QAAQ,OAAA,CAAQ,aAAA;AAEnC,IAAA,IAAI,CAAC,UAAA,IAAc,CAAC,UAAA,CAAW,UAAA,CAAW,SAAS,CAAA,EAAG;AACpD,MAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,qBAAqB,CAAA;AAAA,IAC9D;AAEA,IAAA,MAAM,KAAA,GAAQ,UAAA,CAAW,SAAA,CAAU,CAAC,CAAA;AAEpC,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,WAAA,CAAY,YAAY,CAAA,CAAE,YAAY,KAAK,CAAA;AAC3D,MAAA,OAAA,CAAQ,IAAA,GAAO;AAAA,QACb,GAAG,OAAA;AAAA,QACH,IAAI,OAAA,CAAQ;AAAA,OACd;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,iBAAiB,CAAA;AAAA,IAC1D;AAAA,EACF,CAAC,CAAA;AAED,EAAA,OAAA,CAAQ,QAAA,CAAS,aAAA,EAAe,OAAO,OAAA,EAAyB,KAAA,KAAwB;AACtF,IAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,MAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,IACpE;AAAA,EACF,CAAC,CAAA;AAED,EAAA,OAAA,CAAQ,QAAA,CAAS,aAAA,EAAe,CAAC,IAAA,KAAiB;AAChD,IAAA,OAAO,OAAO,SAAyB,KAAA,KAAwB;AAC7D,MAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,QAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MACpE;AACA,MAAA,MAAM,EAAE,WAAA,EAAAA,YAAAA,EAAY,GAAI,MAAM,OAAA,CAAA,OAAA,EAAA,CAAA,IAAA,CAAA,OAAA,SAAA,EAAA,EAAA,YAAA,CAAA,CAAA;AAC9B,MAAA,IAAI,CAACA,YAAAA,CAAY,OAAA,CAAQ,QAAQ,IAAA,CAAK,IAAA,EAAM,IAAI,CAAA,EAAG;AACjD,QAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,4BAA4B,CAAA;AAAA,MACrE;AAAA,IACF,CAAA;AAAA,EACF,CAAC,CAAA;AAED,EAAA,OAAA,CAAQ,QAAA,CAAS,mBAAA,EAAqB,CAAC,UAAA,KAAuB;AAC5D,IAAA,OAAO,OAAO,SAAyB,KAAA,KAAwB;AAC7D,MAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,QAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MACpE;AACA,MAAA,MAAM,EAAE,WAAA,EAAAA,YAAAA,EAAY,GAAI,MAAM,OAAA,CAAA,OAAA,EAAA,CAAA,IAAA,CAAA,OAAA,SAAA,EAAA,EAAA,YAAA,CAAA,CAAA;AAC9B,MAAA,IAAI,CAACA,YAAAA,CAAY,aAAA,CAAc,QAAQ,IAAA,CAAK,IAAA,EAAM,UAAU,CAAA,EAAG;AAC7D,QAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,4BAA4B,CAAA;AAAA,MACrE;AAAA,IACF,CAAA;AAAA,EACF,CAAC,CAAA;AAED,EAAA,IAAA,EAAK;AACP","file":"index.js","sourcesContent":["export type Role = 'admin' | 'user' | 'guest' | string;\n\nexport interface User {\n id: string;\n email: string;\n password?: string;\n role: Role;\n name?: string;\n picture?: string;\n createdAt?: Date;\n updatedAt?: Date;\n}\n\nexport interface JWTPayload {\n userId: string;\n email: string;\n role: Role;\n}\n\nexport interface TokenPair {\n accessToken: string;\n refreshToken: string;\n}\n\nexport interface AuthOptions {\n jwtSecret?: string;\n jwtExpiresIn?: string;\n refreshSecret?: string;\n refreshExpiresIn?: string;\n googleClientId?: string;\n googleClientSecret?: string;\n googleRedirectUri?: string;\n}\n\nexport interface AuthUserRequest extends Request {\n user?: JWTPayload;\n}\n\nexport type Permission = string;\n\nexport interface RolePermissions {\n [role: string]: Permission[];\n}\n\nexport const DEFAULT_PERMISSIONS: RolePermissions = {\n admin: ['*'],\n user: ['read', 'write:own'],\n guest: ['read:public'],\n};\n\nexport interface LoginCredentials {\n email: string;\n password: string;\n}\n\nexport interface RegisterData extends LoginCredentials {\n name?: string;\n role?: Role;\n}\n\nexport interface OAuthProvider {\n name: string;\n clientId: string;\n clientSecret: string;\n redirectUri: string;\n authorizationUrl: string;\n tokenUrl: string;\n userInfoUrl: string;\n}\n","import { Role, Permission, RolePermissions, DEFAULT_PERMISSIONS } from './types';\n\nexport class RBACService {\n private permissions: RolePermissions;\n\n constructor(permissions: RolePermissions = DEFAULT_PERMISSIONS) {\n this.permissions = permissions;\n }\n\n setPermissions(permissions: RolePermissions): void {\n this.permissions = permissions;\n }\n\n addPermission(role: Role, permission: Permission): void {\n if (!this.permissions[role]) {\n this.permissions[role] = [];\n }\n if (!this.permissions[role].includes(permission)) {\n this.permissions[role].push(permission);\n }\n }\n\n removePermission(role: Role, permission: Permission): void {\n if (this.permissions[role]) {\n this.permissions[role] = this.permissions[role].filter(p => p !== permission);\n }\n }\n\n getPermissions(role: Role): Permission[] {\n return this.permissions[role] || [];\n }\n\n hasPermission(role: Role, requiredPermission: Permission): boolean {\n const rolePermissions = this.getPermissions(role);\n \n if (rolePermissions.includes('*')) {\n return true;\n }\n\n if (rolePermissions.includes(requiredPermission)) {\n return true;\n }\n\n const [requiredAction, requiredScope] = requiredPermission.split(':');\n \n for (const perm of rolePermissions) {\n const [action, scope] = perm.split(':');\n \n if (action === '*' && (scope === '*' || scope === requiredScope)) {\n return true;\n }\n \n if (action === requiredAction && (scope === '*' || scope === requiredScope)) {\n return true;\n }\n }\n\n return false;\n }\n\n hasRole(userRole: Role, requiredRole: Role): boolean {\n const hierarchy: Role[] = ['guest', 'user', 'admin'];\n const userIndex = hierarchy.indexOf(userRole as any);\n const requiredIndex = hierarchy.indexOf(requiredRole as any);\n \n if (userIndex === -1 || requiredIndex === -1) {\n return userRole === requiredRole;\n }\n \n return userIndex >= requiredIndex;\n }\n\n authorize(permission: Permission) {\n return (role: Role): boolean => this.hasPermission(role, permission);\n }\n\n authorizeRole(requiredRole: Role) {\n return (role: Role): boolean => this.hasRole(role, requiredRole);\n }\n}\n\nexport const rbacService = new RBACService();\n","export * from './types';\nexport * from './jwt';\nexport * from './rbac';\nexport * from './oauth';\nexport * from './express';\nexport * from './fastify';\n","import { z } from 'zod';\n\nexport const envSchema = z.object({\n NODE_ENV: z.enum(['development', 'production', 'test']).default('development'),\n PORT: z.string().default('3000'),\n DATABASE_URL: z.string().optional(),\n REDIS_URL: z.string().default('redis://localhost:6379'),\n JWT_SECRET: z.string().min(32).optional(),\n JWT_EXPIRES_IN: z.string().default('7d'),\n JWT_REFRESH_SECRET: z.string().min(32).optional(),\n JWT_REFRESH_EXPIRES_IN: z.string().default('30d'),\n GOOGLE_CLIENT_ID: z.string().optional(),\n GOOGLE_CLIENT_SECRET: z.string().optional(),\n GOOGLE_REDIRECT_URI: z.string().optional(),\n SMTP_HOST: z.string().optional(),\n SMTP_PORT: z.string().default('587'),\n SMTP_USER: z.string().optional(),\n SMTP_PASS: z.string().optional(),\n SMTP_FROM: z.string().optional(),\n TWILIO_ACCOUNT_SID: z.string().optional(),\n TWILIO_AUTH_TOKEN: z.string().optional(),\n TWILIO_PHONE_NUMBER: z.string().optional(),\n SLACK_WEBHOOK_URL: z.string().optional(),\n RATE_LIMIT_WINDOW: z.string().default('1m'),\n RATE_LIMIT_LIMIT: z.string().default('100'),\n LOG_LEVEL: z.enum(['fatal', 'error', 'warn', 'info', 'debug', 'trace']).default('info'),\n AWS_REGION: z.string().default('us-east-1'),\n AWS_ACCESS_KEY_ID: z.string().optional(),\n AWS_SECRET_ACCESS_KEY: z.string().optional(),\n AWS_S3_BUCKET: z.string().optional(),\n AWS_ENDPOINT: z.string().optional(),\n});\n\nexport type EnvConfig = z.infer<typeof envSchema>;\n\nexport interface ConfigOptions {\n schema?: z.ZodSchema;\n envPath?: string;\n validate?: boolean;\n}\n\nclass ConfigManager {\n private config: EnvConfig | null = null;\n private schema: z.ZodSchema;\n private validate: boolean;\n\n constructor(options: ConfigOptions = {}) {\n this.schema = options.schema || envSchema;\n this.validate = options.validate ?? true;\n }\n\n load(): EnvConfig {\n if (this.config) return this.config;\n\n const env: Record<string, string | undefined> = {};\n \n for (const key of Object.keys(this.schema.shape)) {\n env[key] = process.env[key];\n }\n\n if (this.validate) {\n const result = this.schema.safeParse(env);\n if (!result.success) {\n const errors = result.error.errors.map(e => `${e.path.join('.')}: ${e.message}`).join(', ');\n throw new Error(`Config validation failed: ${errors}`);\n }\n this.config = result.data;\n } else {\n this.config = env as EnvConfig;\n }\n\n return this.config;\n }\n\n get<K extends keyof EnvConfig>(key: K): EnvConfig[K] {\n if (!this.config) this.load();\n return this.config![key];\n }\n\n int(key: keyof EnvConfig): number {\n const value = this.get(key);\n if (typeof value === 'string') return parseInt(value, 10);\n return Number(value);\n }\n\n bool(key: keyof EnvConfig): boolean {\n const value = this.get(key);\n if (typeof value === 'boolean') return value;\n if (typeof value === 'string') return value.toLowerCase() === 'true';\n return Boolean(value);\n }\n\n isProduction(): boolean {\n return this.get('NODE_ENV') === 'production';\n }\n\n isDevelopment(): boolean {\n return this.get('NODE_ENV') === 'development';\n }\n\n isTest(): boolean {\n return this.get('NODE_ENV') === 'test';\n }\n\n getAll(): EnvConfig {\n if (!this.config) this.load();\n return this.config!;\n }\n}\n\nconst globalConfig = new ConfigManager();\n\nexport const config = {\n load: () => globalConfig.load(),\n get: <K extends keyof EnvConfig>(key: K) => globalConfig.get(key),\n int: (key: keyof EnvConfig) => globalConfig.int(key),\n bool: (key: keyof EnvConfig) => globalConfig.bool(key),\n isProduction: () => globalConfig.isProduction(),\n isDevelopment: () => globalConfig.isDevelopment(),\n isTest: () => globalConfig.isTest(),\n getAll: () => globalConfig.getAll(),\n create: (options?: ConfigOptions) => new ConfigManager(options),\n};\n\nexport default config;\n","import jwt from 'jsonwebtoken';\nimport { JWTPayload, TokenPair } from './types';\nimport { config } from '../config';\n\nexport class JWTService {\n private secret: string;\n private expiresIn: string;\n private refreshSecret: string;\n private refreshExpiresIn: string;\n\n constructor(options: { jwtSecret?: string; jwtExpiresIn?: string; refreshSecret?: string; refreshExpiresIn?: string } = {}) {\n this.secret = options.jwtSecret || config.get('JWT_SECRET') || 'default-secret-change-in-production';\n this.expiresIn = options.jwtExpiresIn || config.get('JWT_EXPIRES_IN') || '7d';\n this.refreshSecret = options.refreshSecret || config.get('JWT_REFRESH_SECRET') || this.secret;\n this.refreshExpiresIn = options.refreshExpiresIn || config.get('JWT_REFRESH_EXPIRES_IN') || '30d';\n }\n\n generateToken(payload: JWTPayload): string {\n return jwt.sign(payload, this.secret, { expiresIn: this.expiresIn });\n }\n\n generateRefreshToken(payload: JWTPayload): string {\n return jwt.sign(payload, this.refreshSecret, { expiresIn: this.refreshExpiresIn });\n }\n\n generateTokenPair(payload: JWTPayload): TokenPair {\n return {\n accessToken: this.generateToken(payload),\n refreshToken: this.generateRefreshToken(payload),\n };\n }\n\n verifyToken(token: string): JWTPayload {\n return jwt.verify(token, this.secret) as JWTPayload;\n }\n\n verifyRefreshToken(token: string): JWTPayload {\n return jwt.verify(token, this.refreshSecret) as JWTPayload;\n }\n\n refreshTokens(refreshToken: string): TokenPair {\n const payload = this.verifyRefreshToken(refreshToken);\n return this.generateTokenPair(payload);\n }\n}\n\nexport const jwtService = new JWTService();\n","import { OAuthProvider } from './types';\nimport { config } from '../config';\n\nexport interface OAuthUserInfo {\n id: string;\n email: string;\n name?: string;\n picture?: string;\n}\n\nexport class OAuthService {\n private providers: Map<string, OAuthProvider> = new Map();\n\n constructor() {\n const googleClientId = config.get('GOOGLE_CLIENT_ID');\n const googleClientSecret = config.get('GOOGLE_CLIENT_SECRET');\n const googleRedirectUri = config.get('GOOGLE_REDIRECT_URI');\n\n if (googleClientId && googleClientSecret && googleRedirectUri) {\n this.registerProvider('google', {\n name: 'google',\n clientId: googleClientId,\n clientSecret: googleClientSecret,\n redirectUri: googleRedirectUri,\n authorizationUrl: 'https://accounts.google.com/o/oauth2/v2/auth',\n tokenUrl: 'https://oauth2.googleapis.com/token',\n userInfoUrl: 'https://www.googleapis.com/oauth2/v2/userinfo',\n });\n }\n }\n\n registerProvider(name: string, provider: OAuthProvider): void {\n this.providers.set(name, provider);\n }\n\n getProvider(name: string): OAuthProvider | undefined {\n return this.providers.get(name);\n }\n\n getAuthorizationUrl(providerName: string, state?: string): string {\n const provider = this.getProvider(providerName);\n if (!provider) {\n throw new Error(`OAuth provider ${providerName} not registered`);\n }\n\n const params = new URLSearchParams({\n client_id: provider.clientId,\n redirect_uri: provider.redirectUri,\n response_type: 'code',\n scope: 'openid email profile',\n state: state || '',\n });\n\n return `${provider.authorizationUrl}?${params.toString()}`;\n }\n\n async exchangeCode(providerName: string, code: string): Promise<{ accessToken: string; refreshToken?: string }> {\n const provider = this.getProvider(providerName);\n if (!provider) {\n throw new Error(`OAuth provider ${providerName} not registered`);\n }\n\n const response = await fetch(provider.tokenUrl, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/x-www-form-urlencoded',\n },\n body: new URLSearchParams({\n client_id: provider.clientId,\n client_secret: provider.clientSecret,\n code,\n grant_type: 'authorization_code',\n redirect_uri: provider.redirectUri,\n }),\n });\n\n if (!response.ok) {\n const error = await response.text();\n throw new Error(`OAuth token exchange failed: ${error}`);\n }\n\n const data = await response.json();\n return {\n accessToken: data.access_token,\n refreshToken: data.refresh_token,\n };\n }\n\n async getUserInfo(providerName: string, accessToken: string): Promise<OAuthUserInfo> {\n const provider = this.getProvider(providerName);\n if (!provider) {\n throw new Error(`OAuth provider ${providerName} not registered`);\n }\n\n const response = await fetch(provider.userInfoUrl, {\n headers: {\n Authorization: `Bearer ${accessToken}`,\n },\n });\n\n if (!response.ok) {\n const error = await response.text();\n throw new Error(`OAuth user info fetch failed: ${error}`);\n }\n\n const data = await response.json();\n\n return {\n id: data.id,\n email: data.email,\n name: data.name,\n picture: data.picture,\n };\n }\n}\n\nexport const oauthService = new OAuthService();\n","import bcrypt from 'bcryptjs';\nimport { Request, Response, NextFunction, RequestHandler } from 'express';\nimport { JWTPayload, LoginCredentials, RegisterData, User, AuthOptions } from './types';\nimport { jwtService } from './jwt';\nimport { rbacService } from './rbac';\nimport { oauthService } from './oauth';\n\nexport interface AuthUser extends JWTPayload {\n id: string;\n email: string;\n role: string;\n}\n\ndeclare global {\n namespace Express {\n interface Request {\n user?: AuthUser;\n }\n }\n}\n\nexport interface UserStore {\n findByEmail(email: string): Promise<User | null>;\n findById(id: string): Promise<User | null>;\n create(data: RegisterData): Promise<User>;\n update(id: string, data: Partial<User>): Promise<User>;\n}\n\nclass InMemoryUserStore implements UserStore {\n private users: Map<string, User> = new Map();\n\n async findByEmail(email: string): Promise<User | null> {\n for (const user of this.users.values()) {\n if (user.email === email) return user;\n }\n return null;\n }\n\n async findById(id: string): Promise<User | null> {\n return this.users.get(id) || null;\n }\n\n async create(data: RegisterData): Promise<User> {\n const id = Math.random().toString(36).substr(2, 9);\n const hashedPassword = await bcrypt.hash(data.password, 10);\n const user: User = {\n id,\n email: data.email,\n password: hashedPassword,\n role: data.role || 'user',\n name: data.name,\n };\n this.users.set(id, user);\n return user;\n }\n\n async update(id: string, data: Partial<User>): Promise<User> {\n const user = this.users.get(id);\n if (!user) throw new Error('User not found');\n const updated = { ...user, ...data };\n this.users.set(id, updated);\n return updated;\n }\n}\n\nexport class AuthService {\n private userStore: UserStore;\n private options: Required<AuthOptions>;\n private initialized: boolean = false;\n\n constructor(options: AuthOptions = {}, userStore?: UserStore) {\n this.options = {\n jwtSecret: options.jwtSecret || process.env.JWT_SECRET || 'default-secret-change-in-production',\n jwtExpiresIn: options.jwtExpiresIn || '7d',\n refreshSecret: options.refreshSecret || process.env.JWT_REFRESH_SECRET || 'default-secret-change-in-production',\n refreshExpiresIn: options.refreshExpiresIn || '30d',\n googleClientId: options.googleClientId || process.env.GOOGLE_CLIENT_ID || '',\n googleClientSecret: options.googleClientSecret || process.env.GOOGLE_CLIENT_SECRET || '',\n googleRedirectUri: options.googleRedirectUri || process.env.GOOGLE_REDIRECT_URI || '',\n };\n\n this.userStore = userStore || new InMemoryUserStore();\n }\n\n async initialize(): Promise<void> {\n if (this.options.googleClientId && this.options.googleClientSecret && this.options.googleRedirectUri) {\n oauthService.registerProvider('google', {\n name: 'google',\n clientId: this.options.googleClientId,\n clientSecret: this.options.googleClientSecret,\n redirectUri: this.options.googleRedirectUri,\n authorizationUrl: 'https://accounts.google.com/o/oauth2/v2/auth',\n tokenUrl: 'https://oauth2.googleapis.com/token',\n userInfoUrl: 'https://www.googleapis.com/oauth2/v2/userinfo',\n });\n }\n this.initialized = true;\n }\n\n async register(data: RegisterData): Promise<{ user: User; tokens: { accessToken: string; refreshToken: string } }> {\n const existing = await this.userStore.findByEmail(data.email);\n if (existing) {\n throw new Error('User already exists');\n }\n\n const user = await this.userStore.create(data);\n const tokens = jwtService.generateTokenPair({\n userId: user.id,\n email: user.email,\n role: user.role,\n });\n\n return { user, tokens };\n }\n\n async login(credentials: LoginCredentials): Promise<{ user: User; tokens: { accessToken: string; refreshToken: string } }> {\n const user = await this.userStore.findByEmail(credentials.email);\n if (!user || !user.password) {\n throw new Error('Invalid credentials');\n }\n\n const isValid = await bcrypt.compare(credentials.password, user.password);\n if (!isValid) {\n throw new Error('Invalid credentials');\n }\n\n const tokens = jwtService.generateTokenPair({\n userId: user.id,\n email: user.email,\n role: user.role,\n });\n\n return { user, tokens };\n }\n\n async refresh(refreshToken: string): Promise<{ accessToken: string; refreshToken: string }> {\n return jwtService.refreshTokens(refreshToken);\n }\n\n async getGoogleAuthUrl(state?: string): Promise<string> {\n return oauthService.getAuthorizationUrl('google', state);\n }\n\n async handleGoogleCallback(code: string): Promise<{ user: User; tokens: { accessToken: string; refreshToken: string } }> {\n const { accessToken } = await oauthService.exchangeCode('google', code);\n const userInfo = await oauthService.getUserInfo('google', accessToken);\n\n let user = await this.userStore.findByEmail(userInfo.email);\n \n if (!user) {\n user = await this.userStore.create({\n email: userInfo.email,\n password: Math.random().toString(36).substr(2, 20),\n name: userInfo.name,\n role: 'user',\n });\n }\n\n const tokens = jwtService.generateTokenPair({\n userId: user.id,\n email: user.email,\n role: user.role,\n });\n\n return { user, tokens };\n }\n\n getMiddleware(): RequestHandler {\n return (req: Request, res: Response, next: NextFunction) => {\n const authHeader = req.headers.authorization;\n \n if (!authHeader || !authHeader.startsWith('Bearer ')) {\n return res.status(401).json({ error: 'No token provided' });\n }\n\n const token = authHeader.substring(7);\n \n try {\n const payload = jwtService.verifyToken(token);\n req.user = {\n ...payload,\n id: payload.userId,\n };\n next();\n } catch (error) {\n return res.status(401).json({ error: 'Invalid token' });\n }\n };\n }\n\n requireUser(): RequestHandler {\n return (req: Request, res: Response, next: NextFunction) => {\n if (!req.user) {\n return res.status(401).json({ error: 'Authentication required' });\n }\n next();\n };\n }\n\n requireRole(role: string): RequestHandler {\n return (req: Request, res: Response, next: NextFunction) => {\n if (!req.user) {\n return res.status(401).json({ error: 'Authentication required' });\n }\n if (!rbacService.hasRole(req.user.role, role)) {\n return res.status(403).json({ error: 'Insufficient permissions' });\n }\n next();\n };\n }\n\n requirePermission(permission: string): RequestHandler {\n return (req: Request, res: Response, next: NextFunction) => {\n if (!req.user) {\n return res.status(401).json({ error: 'Authentication required' });\n }\n if (!rbacService.hasPermission(req.user.role, permission)) {\n return res.status(403).json({ error: 'Insufficient permissions' });\n }\n next();\n };\n }\n}\n\nlet authServiceInstance: AuthService | null = null;\n\nexport function createAuth(options?: AuthOptions, userStore?: UserStore): AuthService {\n authServiceInstance = new AuthService(options, userStore);\n return authServiceInstance;\n}\n\nexport function auth(): AuthService {\n if (!authServiceInstance) {\n authServiceInstance = new AuthService();\n }\n return authServiceInstance;\n}\n\nexport const Auth = {\n initialize: (options?: AuthOptions) => {\n const service = createAuth(options);\n return {\n service,\n getMiddleware: () => service.getMiddleware(),\n requireUser: () => service.requireUser(),\n requireRole: (role: string) => service.requireRole(role),\n requirePermission: (permission: string) => service.requirePermission(permission),\n };\n },\n};\n","import { FastifyInstance, FastifyRequest, FastifyReply, HookHandlerDoneFunction } from 'fastify';\nimport { AuthService } from './express';\nimport { JWTPayload } from './types';\n\ndeclare module 'fastify' {\n interface FastifyRequest {\n user?: JWTPayload & { id: string };\n }\n}\n\nexport function registerAuthPlugin(fastify: FastifyInstance, options: { authService: AuthService }, done: HookHandlerDoneFunction) {\n const { authService } = options;\n\n fastify.decorate('authenticate', async (request: FastifyRequest, reply: FastifyReply) => {\n const authHeader = request.headers.authorization;\n \n if (!authHeader || !authHeader.startsWith('Bearer ')) {\n return reply.status(401).send({ error: 'No token provided' });\n }\n\n const token = authHeader.substring(7);\n \n try {\n const payload = authService['jwtService'].verifyToken(token);\n request.user = {\n ...payload,\n id: payload.userId,\n };\n } catch (error) {\n return reply.status(401).send({ error: 'Invalid token' });\n }\n });\n\n fastify.decorate('requireUser', async (request: FastifyRequest, reply: FastifyReply) => {\n if (!request.user) {\n return reply.status(401).send({ error: 'Authentication required' });\n }\n });\n\n fastify.decorate('requireRole', (role: string) => {\n return async (request: FastifyRequest, reply: FastifyReply) => {\n if (!request.user) {\n return reply.status(401).send({ error: 'Authentication required' });\n }\n const { rbacService } = await import('./rbac');\n if (!rbacService.hasRole(request.user.role, role)) {\n return reply.status(403).send({ error: 'Insufficient permissions' });\n }\n };\n });\n\n fastify.decorate('requirePermission', (permission: string) => {\n return async (request: FastifyRequest, reply: FastifyReply) => {\n if (!request.user) {\n return reply.status(401).send({ error: 'Authentication required' });\n }\n const { rbacService } = await import('./rbac');\n if (!rbacService.hasPermission(request.user.role, permission)) {\n return reply.status(403).send({ error: 'Insufficient permissions' });\n }\n };\n });\n\n done();\n}\n"]}
1
+ {"version":3,"sources":["../../src/auth/types.ts","../../src/auth/rbac.ts","../../src/auth/index.ts","../../src/config/index.ts","../../src/auth/jwt.ts","../../src/auth/oauth.ts","../../src/auth/express.ts","../../src/auth/fastify.ts"],"names":["DEFAULT_PERMISSIONS","RBACService","rbacService","z","jwt","bcrypt"],"mappings":";;;;;;;;;;;;;;;;;;;;;;AA4CaA;AA5Cb,IAAA,UAAA,GAAA,KAAA,CAAA;AAAA,EAAA,mBAAA,GAAA;AA4CO,IAAMA,2BAAA,GAAuC;AAAA,MAClD,KAAA,EAAO,CAAC,GAAG,CAAA;AAAA,MACX,IAAA,EAAM,CAAC,MAAA,EAAQ,WAAW,CAAA;AAAA,MAC1B,KAAA,EAAO,CAAC,aAAa;AAAA,KACvB;AAAA,EAAA;AAAA,CAAA,CAAA;;;AChDA,IAAA,YAAA,GAAA,EAAA;AAAA,QAAA,CAAA,YAAA,EAAA;AAAA,EAAA,WAAA,EAAA,MAAAC,mBAAA;AAAA,EAAA,WAAA,EAAA,MAAAC;AAAA,CAAA,CAAA;AAEaD,4BAAA,CAAA,CA+EAC;AAjFb,IAAA,SAAA,GAAA,KAAA,CAAA;AAAA,EAAA,kBAAA,GAAA;AAAA,IAAA,UAAA,EAAA;AAEO,IAAMD,sBAAN,MAAkB;AAAA,MACf,WAAA;AAAA,MAER,WAAA,CAAY,cAA+BD,2BAAA,EAAqB;AAC9D,QAAA,IAAA,CAAK,WAAA,GAAc,WAAA;AAAA,MACrB;AAAA,MAEA,eAAe,WAAA,EAAoC;AACjD,QAAA,IAAA,CAAK,WAAA,GAAc,WAAA;AAAA,MACrB;AAAA,MAEA,aAAA,CAAc,MAAY,UAAA,EAA8B;AACtD,QAAA,IAAI,CAAC,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,EAAG;AAC3B,UAAA,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,GAAI,EAAC;AAAA,QAC5B;AACA,QAAA,IAAI,CAAC,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,CAAE,QAAA,CAAS,UAAU,CAAA,EAAG;AAChD,UAAA,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,CAAE,IAAA,CAAK,UAAU,CAAA;AAAA,QACxC;AAAA,MACF;AAAA,MAEA,gBAAA,CAAiB,MAAY,UAAA,EAA8B;AACzD,QAAA,IAAI,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,EAAG;AAC1B,UAAA,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,GAAI,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,CAAE,MAAA,CAAO,CAAA,CAAA,KAAK,CAAA,KAAM,UAAU,CAAA;AAAA,QAC9E;AAAA,MACF;AAAA,MAEA,eAAe,IAAA,EAA0B;AACvC,QAAA,OAAO,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,IAAK,EAAC;AAAA,MACpC;AAAA,MAEA,aAAA,CAAc,MAAY,kBAAA,EAAyC;AACjE,QAAA,MAAM,eAAA,GAAkB,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA;AAEhD,QAAA,IAAI,eAAA,CAAgB,QAAA,CAAS,GAAG,CAAA,EAAG;AACjC,UAAA,OAAO,IAAA;AAAA,QACT;AAEA,QAAA,IAAI,eAAA,CAAgB,QAAA,CAAS,kBAAkB,CAAA,EAAG;AAChD,UAAA,OAAO,IAAA;AAAA,QACT;AAEA,QAAA,MAAM,CAAC,cAAA,EAAgB,aAAa,CAAA,GAAI,kBAAA,CAAmB,MAAM,GAAG,CAAA;AAEpE,QAAA,KAAA,MAAW,QAAQ,eAAA,EAAiB;AAClC,UAAA,MAAM,CAAC,MAAA,EAAQ,KAAK,CAAA,GAAI,IAAA,CAAK,MAAM,GAAG,CAAA;AAEtC,UAAA,IAAI,MAAA,KAAW,GAAA,KAAQ,KAAA,KAAU,GAAA,IAAO,UAAU,aAAA,CAAA,EAAgB;AAChE,YAAA,OAAO,IAAA;AAAA,UACT;AAEA,UAAA,IAAI,MAAA,KAAW,cAAA,KAAmB,KAAA,KAAU,GAAA,IAAO,UAAU,aAAA,CAAA,EAAgB;AAC3E,YAAA,OAAO,IAAA;AAAA,UACT;AAAA,QACF;AAEA,QAAA,OAAO,KAAA;AAAA,MACT;AAAA,MAEA,OAAA,CAAQ,UAAgB,YAAA,EAA6B;AACnD,QAAA,MAAM,SAAA,GAAoB,CAAC,OAAA,EAAS,MAAA,EAAQ,OAAO,CAAA;AACnD,QAAA,MAAM,SAAA,GAAY,SAAA,CAAU,OAAA,CAAQ,QAAe,CAAA;AACnD,QAAA,MAAM,aAAA,GAAgB,SAAA,CAAU,OAAA,CAAQ,YAAmB,CAAA;AAE3D,QAAA,IAAI,SAAA,KAAc,EAAA,IAAM,aAAA,KAAkB,EAAA,EAAI;AAC5C,UAAA,OAAO,QAAA,KAAa,YAAA;AAAA,QACtB;AAEA,QAAA,OAAO,SAAA,IAAa,aAAA;AAAA,MACtB;AAAA,MAEA,UAAU,UAAA,EAAwB;AAChC,QAAA,OAAO,CAAC,IAAA,KAAwB,IAAA,CAAK,aAAA,CAAc,MAAM,UAAU,CAAA;AAAA,MACrE;AAAA,MAEA,cAAc,YAAA,EAAoB;AAChC,QAAA,OAAO,CAAC,IAAA,KAAwB,IAAA,CAAK,OAAA,CAAQ,MAAM,YAAY,CAAA;AAAA,MACjE;AAAA,KACF;AAEO,IAAME,mBAAA,GAAc,IAAID,mBAAA,EAAY;AAAA,EAAA;AAAA,CAAA,CAAA;;;ACjF3C,UAAA,EAAA;ACEO,IAAM,SAAA,GAAYE,MAAE,MAAA,CAAO;AAAA,EAChC,QAAA,EAAUA,KAAA,CAAE,IAAA,CAAK,CAAC,aAAA,EAAe,cAAc,MAAM,CAAC,CAAA,CAAE,OAAA,CAAQ,aAAa,CAAA;AAAA,EAC7E,IAAA,EAAMA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,MAAM,CAAA;AAAA,EAC/B,YAAA,EAAcA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAClC,SAAA,EAAWA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,wBAAwB,CAAA;AAAA,EACtD,YAAYA,KAAA,CAAE,MAAA,GAAS,GAAA,CAAI,EAAE,EAAE,QAAA,EAAS;AAAA,EACxC,cAAA,EAAgBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,IAAI,CAAA;AAAA,EACvC,oBAAoBA,KAAA,CAAE,MAAA,GAAS,GAAA,CAAI,EAAE,EAAE,QAAA,EAAS;AAAA,EAChD,sBAAA,EAAwBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,KAAK,CAAA;AAAA,EAChD,gBAAA,EAAkBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACtC,oBAAA,EAAsBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC1C,mBAAA,EAAqBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACzC,SAAA,EAAWA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,SAAA,EAAWA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,KAAK,CAAA;AAAA,EACnC,SAAA,EAAWA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,SAAA,EAAWA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,SAAA,EAAWA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,kBAAA,EAAoBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACxC,iBAAA,EAAmBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACvC,mBAAA,EAAqBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACzC,iBAAA,EAAmBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACvC,iBAAA,EAAmBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,IAAI,CAAA;AAAA,EAC1C,gBAAA,EAAkBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,KAAK,CAAA;AAAA,EAC1C,SAAA,EAAWA,KAAA,CAAE,IAAA,CAAK,CAAC,OAAA,EAAS,OAAA,EAAS,MAAA,EAAQ,MAAA,EAAQ,OAAA,EAAS,OAAO,CAAC,CAAA,CAAE,QAAQ,MAAM,CAAA;AAAA,EACtF,UAAA,EAAYA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,WAAW,CAAA;AAAA,EAC1C,iBAAA,EAAmBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACvC,qBAAA,EAAuBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC3C,aAAA,EAAeA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACnC,YAAA,EAAcA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AAC3B,CAAC,CAAA;AAUD,IAAM,gBAAN,MAAoB;AAAA,EACV,MAAA,GAA2B,IAAA;AAAA,EAC3B,MAAA;AAAA,EACA,QAAA;AAAA,EAER,WAAA,CAAY,OAAA,GAAyB,EAAC,EAAG;AACvC,IAAA,IAAA,CAAK,MAAA,GAAS,QAAQ,MAAA,IAAU,SAAA;AAChC,IAAA,IAAA,CAAK,QAAA,GAAW,QAAQ,QAAA,IAAY,IAAA;AAAA,EACtC;AAAA,EAEA,IAAA,GAAkB;AAChB,IAAA,IAAI,IAAA,CAAK,MAAA,EAAQ,OAAO,IAAA,CAAK,MAAA;AAE7B,IAAA,MAAM,MAA0C,EAAC;AAEjD,IAAA,KAAA,MAAW,OAAO,MAAA,CAAO,IAAA,CAAK,IAAA,CAAK,MAAA,CAAO,KAAK,CAAA,EAAG;AAChD,MAAA,GAAA,CAAI,GAAG,CAAA,GAAI,OAAA,CAAQ,GAAA,CAAI,GAAG,CAAA;AAAA,IAC5B;AAEA,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,MAAM,MAAA,GAAS,IAAA,CAAK,MAAA,CAAO,SAAA,CAAU,GAAG,CAAA;AACxC,MAAA,IAAI,CAAC,OAAO,OAAA,EAAS;AACnB,QAAA,MAAM,SAAS,MAAA,CAAO,KAAA,CAAM,OAAO,GAAA,CAAI,CAAA,CAAA,KAAK,GAAG,CAAA,CAAE,IAAA,CAAK,IAAA,CAAK,GAAG,CAAC,CAAA,EAAA,EAAK,CAAA,CAAE,OAAO,CAAA,CAAE,CAAA,CAAE,KAAK,IAAI,CAAA;AAC1F,QAAA,MAAM,IAAI,KAAA,CAAM,CAAA,0BAAA,EAA6B,MAAM,CAAA,CAAE,CAAA;AAAA,MACvD;AACA,MAAA,IAAA,CAAK,SAAS,MAAA,CAAO,IAAA;AAAA,IACvB,CAAA,MAAO;AACL,MAAA,IAAA,CAAK,MAAA,GAAS,GAAA;AAAA,IAChB;AAEA,IAAA,OAAO,IAAA,CAAK,MAAA;AAAA,EACd;AAAA,EAEA,IAA+B,GAAA,EAAsB;AACnD,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,EAAQ,IAAA,CAAK,IAAA,EAAK;AAC5B,IAAA,OAAO,IAAA,CAAK,OAAQ,GAAG,CAAA;AAAA,EACzB;AAAA,EAEA,IAAI,GAAA,EAA8B;AAChC,IAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,GAAA,CAAI,GAAG,CAAA;AAC1B,IAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,QAAA,CAAS,OAAO,EAAE,CAAA;AACxD,IAAA,OAAO,OAAO,KAAK,CAAA;AAAA,EACrB;AAAA,EAEA,KAAK,GAAA,EAA+B;AAClC,IAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,GAAA,CAAI,GAAG,CAAA;AAC1B,IAAA,IAAI,OAAO,KAAA,KAAU,SAAA,EAAW,OAAO,KAAA;AACvC,IAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,KAAA,CAAM,aAAY,KAAM,MAAA;AAC9D,IAAA,OAAO,QAAQ,KAAK,CAAA;AAAA,EACtB;AAAA,EAEA,YAAA,GAAwB;AACtB,IAAA,OAAO,IAAA,CAAK,GAAA,CAAI,UAAU,CAAA,KAAM,YAAA;AAAA,EAClC;AAAA,EAEA,aAAA,GAAyB;AACvB,IAAA,OAAO,IAAA,CAAK,GAAA,CAAI,UAAU,CAAA,KAAM,aAAA;AAAA,EAClC;AAAA,EAEA,MAAA,GAAkB;AAChB,IAAA,OAAO,IAAA,CAAK,GAAA,CAAI,UAAU,CAAA,KAAM,MAAA;AAAA,EAClC;AAAA,EAEA,MAAA,GAAoB;AAClB,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,EAAQ,IAAA,CAAK,IAAA,EAAK;AAC5B,IAAA,OAAO,IAAA,CAAK,MAAA;AAAA,EACd;AACF,CAAA;AAEA,IAAM,YAAA,GAAe,IAAI,aAAA,EAAc;AAEhC,IAAM,MAAA,GAAS;AAAA,EACpB,IAAA,EAAM,MAAM,YAAA,CAAa,IAAA,EAAK;AAAA,EAC9B,GAAA,EAAK,CAA4B,GAAA,KAAW,YAAA,CAAa,IAAI,GAAG,CAAA;AAAA,EAChE,GAAA,EAAK,CAAC,GAAA,KAAyB,YAAA,CAAa,IAAI,GAAG,CAAA;AAAA,EACnD,IAAA,EAAM,CAAC,GAAA,KAAyB,YAAA,CAAa,KAAK,GAAG,CAAA;AAAA,EACrD,YAAA,EAAc,MAAM,YAAA,CAAa,YAAA,EAAa;AAAA,EAC9C,aAAA,EAAe,MAAM,YAAA,CAAa,aAAA,EAAc;AAAA,EAChD,MAAA,EAAQ,MAAM,YAAA,CAAa,MAAA,EAAO;AAAA,EAClC,MAAA,EAAQ,MAAM,YAAA,CAAa,MAAA,EAAO;AAAA,EAClC,MAAA,EAAQ,CAAC,OAAA,KAA4B,IAAI,cAAc,OAAO;AAChE,CAAA;;;ACtHO,IAAM,aAAN,MAAiB;AAAA,EACd,MAAA;AAAA,EACA,SAAA;AAAA,EACA,aAAA;AAAA,EACA,gBAAA;AAAA,EAER,WAAA,CAAY,OAAA,GAA4G,EAAC,EAAG;AAC1H,IAAA,IAAA,CAAK,SAAS,OAAA,CAAQ,SAAA,IAAa,MAAA,CAAO,GAAA,CAAI,YAAY,CAAA,IAAK,qCAAA;AAC/D,IAAA,IAAA,CAAK,YAAY,OAAA,CAAQ,YAAA,IAAgB,MAAA,CAAO,GAAA,CAAI,gBAAgB,CAAA,IAAK,IAAA;AACzE,IAAA,IAAA,CAAK,gBAAgB,OAAA,CAAQ,aAAA,IAAiB,OAAO,GAAA,CAAI,oBAAoB,KAAK,IAAA,CAAK,MAAA;AACvF,IAAA,IAAA,CAAK,mBAAmB,OAAA,CAAQ,gBAAA,IAAoB,MAAA,CAAO,GAAA,CAAI,wBAAwB,CAAA,IAAK,KAAA;AAAA,EAC9F;AAAA,EAEA,cAAc,OAAA,EAA6B;AACzC,IAAA,OAAOC,oBAAA,CAAI,KAAK,OAAA,EAAS,IAAA,CAAK,QAAQ,EAAE,SAAA,EAAW,IAAA,CAAK,SAAA,EAAW,CAAA;AAAA,EACrE;AAAA,EAEA,qBAAqB,OAAA,EAA6B;AAChD,IAAA,OAAOA,oBAAA,CAAI,KAAK,OAAA,EAAS,IAAA,CAAK,eAAe,EAAE,SAAA,EAAW,IAAA,CAAK,gBAAA,EAAkB,CAAA;AAAA,EACnF;AAAA,EAEA,kBAAkB,OAAA,EAAgC;AAChD,IAAA,OAAO;AAAA,MACL,WAAA,EAAa,IAAA,CAAK,aAAA,CAAc,OAAO,CAAA;AAAA,MACvC,YAAA,EAAc,IAAA,CAAK,oBAAA,CAAqB,OAAO;AAAA,KACjD;AAAA,EACF;AAAA,EAEA,YAAY,KAAA,EAA2B;AACrC,IAAA,OAAOA,oBAAA,CAAI,MAAA,CAAO,KAAA,EAAO,IAAA,CAAK,MAAM,CAAA;AAAA,EACtC;AAAA,EAEA,mBAAmB,KAAA,EAA2B;AAC5C,IAAA,OAAOA,oBAAA,CAAI,MAAA,CAAO,KAAA,EAAO,IAAA,CAAK,aAAa,CAAA;AAAA,EAC7C;AAAA,EAEA,cAAc,YAAA,EAAiC;AAC7C,IAAA,MAAM,EAAE,KAAK,GAAA,EAAK,GAAA,EAAK,GAAG,OAAA,EAAQ,GAAI,IAAA,CAAK,kBAAA,CAAmB,YAAY,CAAA;AAC1E,IAAA,OAAO,IAAA,CAAK,kBAAkB,OAAO,CAAA;AAAA,EACvC;AACF;AAEO,IAAM,UAAA,GAAa,IAAI,UAAA;;;AF5C9B,SAAA,EAAA;;;AGQO,IAAM,eAAN,MAAmB;AAAA,EAChB,SAAA,uBAA4C,GAAA,EAAI;AAAA,EAExD,WAAA,GAAc;AACZ,IAAA,MAAM,cAAA,GAAiB,MAAA,CAAO,GAAA,CAAI,kBAAkB,CAAA;AACpD,IAAA,MAAM,kBAAA,GAAqB,MAAA,CAAO,GAAA,CAAI,sBAAsB,CAAA;AAC5D,IAAA,MAAM,iBAAA,GAAoB,MAAA,CAAO,GAAA,CAAI,qBAAqB,CAAA;AAE1D,IAAA,IAAI,cAAA,IAAkB,sBAAsB,iBAAA,EAAmB;AAC7D,MAAA,IAAA,CAAK,iBAAiB,QAAA,EAAU;AAAA,QAC9B,IAAA,EAAM,QAAA;AAAA,QACN,QAAA,EAAU,cAAA;AAAA,QACV,YAAA,EAAc,kBAAA;AAAA,QACd,WAAA,EAAa,iBAAA;AAAA,QACb,gBAAA,EAAkB,8CAAA;AAAA,QAClB,QAAA,EAAU,qCAAA;AAAA,QACV,WAAA,EAAa;AAAA,OACd,CAAA;AAAA,IACH;AAAA,EACF;AAAA,EAEA,gBAAA,CAAiB,MAAc,QAAA,EAA+B;AAC5D,IAAA,IAAA,CAAK,SAAA,CAAU,GAAA,CAAI,IAAA,EAAM,QAAQ,CAAA;AAAA,EACnC;AAAA,EAEA,YAAY,IAAA,EAAyC;AACnD,IAAA,OAAO,IAAA,CAAK,SAAA,CAAU,GAAA,CAAI,IAAI,CAAA;AAAA,EAChC;AAAA,EAEA,mBAAA,CAAoB,cAAsB,KAAA,EAAwB;AAChE,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,WAAA,CAAY,YAAY,CAAA;AAC9C,IAAA,IAAI,CAAC,QAAA,EAAU;AACb,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,eAAA,EAAkB,YAAY,CAAA,eAAA,CAAiB,CAAA;AAAA,IACjE;AAEA,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,CAAgB;AAAA,MACjC,WAAW,QAAA,CAAS,QAAA;AAAA,MACpB,cAAc,QAAA,CAAS,WAAA;AAAA,MACvB,aAAA,EAAe,MAAA;AAAA,MACf,KAAA,EAAO,sBAAA;AAAA,MACP,OAAO,KAAA,IAAS;AAAA,KACjB,CAAA;AAED,IAAA,OAAO,GAAG,QAAA,CAAS,gBAAgB,CAAA,CAAA,EAAI,MAAA,CAAO,UAAU,CAAA,CAAA;AAAA,EAC1D;AAAA,EAEA,MAAM,YAAA,CAAa,YAAA,EAAsB,IAAA,EAAuE;AAC9G,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,WAAA,CAAY,YAAY,CAAA;AAC9C,IAAA,IAAI,CAAC,QAAA,EAAU;AACb,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,eAAA,EAAkB,YAAY,CAAA,eAAA,CAAiB,CAAA;AAAA,IACjE;AAEA,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,QAAA,CAAS,QAAA,EAAU;AAAA,MAC9C,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA,EAAS;AAAA,QACP,cAAA,EAAgB;AAAA,OAClB;AAAA,MACA,IAAA,EAAM,IAAI,eAAA,CAAgB;AAAA,QACxB,WAAW,QAAA,CAAS,QAAA;AAAA,QACpB,eAAe,QAAA,CAAS,YAAA;AAAA,QACxB,IAAA;AAAA,QACA,UAAA,EAAY,oBAAA;AAAA,QACZ,cAAc,QAAA,CAAS;AAAA,OACxB;AAAA,KACF,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,KAAA,GAAQ,MAAM,QAAA,CAAS,IAAA,EAAK;AAClC,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,6BAAA,EAAgC,KAAK,CAAA,CAAE,CAAA;AAAA,IACzD;AAEA,IAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,IAAA,EAAK;AACjC,IAAA,OAAO;AAAA,MACL,aAAa,IAAA,CAAK,YAAA;AAAA,MAClB,cAAc,IAAA,CAAK;AAAA,KACrB;AAAA,EACF;AAAA,EAEA,MAAM,WAAA,CAAY,YAAA,EAAsB,WAAA,EAA6C;AACnF,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,WAAA,CAAY,YAAY,CAAA;AAC9C,IAAA,IAAI,CAAC,QAAA,EAAU;AACb,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,eAAA,EAAkB,YAAY,CAAA,eAAA,CAAiB,CAAA;AAAA,IACjE;AAEA,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,QAAA,CAAS,WAAA,EAAa;AAAA,MACjD,OAAA,EAAS;AAAA,QACP,aAAA,EAAe,UAAU,WAAW,CAAA;AAAA;AACtC,KACD,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,KAAA,GAAQ,MAAM,QAAA,CAAS,IAAA,EAAK;AAClC,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,8BAAA,EAAiC,KAAK,CAAA,CAAE,CAAA;AAAA,IAC1D;AAEA,IAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,IAAA,EAAK;AAEjC,IAAA,OAAO;AAAA,MACL,IAAI,IAAA,CAAK,EAAA;AAAA,MACT,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,MAAM,IAAA,CAAK,IAAA;AAAA,MACX,SAAS,IAAA,CAAK;AAAA,KAChB;AAAA,EACF;AACF;AAEO,IAAM,YAAA,GAAe,IAAI,YAAA;AChHhC,SAAA,EAAA;AAwBA,IAAM,oBAAN,MAA6C;AAAA,EACnC,KAAA,uBAA+B,GAAA,EAAI;AAAA,EAE3C,MAAM,YAAY,KAAA,EAAqC;AACrD,IAAA,KAAA,MAAW,IAAA,IAAQ,IAAA,CAAK,KAAA,CAAM,MAAA,EAAO,EAAG;AACtC,MAAA,IAAI,IAAA,CAAK,KAAA,KAAU,KAAA,EAAO,OAAO,IAAA;AAAA,IACnC;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,SAAS,EAAA,EAAkC;AAC/C,IAAA,OAAO,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,EAAE,CAAA,IAAK,IAAA;AAAA,EAC/B;AAAA,EAEA,MAAM,OAAO,IAAA,EAAmC;AAC9C,IAAA,MAAM,EAAA,GAAK,KAAK,MAAA,EAAO,CAAE,SAAS,EAAE,CAAA,CAAE,MAAA,CAAO,CAAA,EAAG,CAAC,CAAA;AACjD,IAAA,MAAM,iBAAiB,MAAMC,uBAAA,CAAO,IAAA,CAAK,IAAA,CAAK,UAAU,EAAE,CAAA;AAC1D,IAAA,MAAM,IAAA,GAAa;AAAA,MACjB,EAAA;AAAA,MACA,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,QAAA,EAAU,cAAA;AAAA,MACV,IAAA,EAAM,KAAK,IAAA,IAAQ,MAAA;AAAA,MACnB,MAAM,IAAA,CAAK;AAAA,KACb;AACA,IAAA,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,EAAA,EAAI,IAAI,CAAA;AACvB,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,MAAA,CAAO,EAAA,EAAY,IAAA,EAAoC;AAC3D,IAAA,MAAM,IAAA,GAAO,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,EAAE,CAAA;AAC9B,IAAA,IAAI,CAAC,IAAA,EAAM,MAAM,IAAI,MAAM,gBAAgB,CAAA;AAC3C,IAAA,MAAM,OAAA,GAAU,EAAE,GAAG,IAAA,EAAM,GAAG,IAAA,EAAK;AACnC,IAAA,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,EAAA,EAAI,OAAO,CAAA;AAC1B,IAAA,OAAO,OAAA;AAAA,EACT;AACF,CAAA;AAEO,IAAM,cAAN,MAAkB;AAAA,EACf,SAAA;AAAA,EACA,OAAA;AAAA,EACA,WAAA,GAAuB,KAAA;AAAA,EAE/B,WAAA,CAAY,OAAA,GAAuB,EAAC,EAAG,SAAA,EAAuB;AAC5D,IAAA,IAAA,CAAK,OAAA,GAAU;AAAA,MACb,SAAA,EAAW,OAAA,CAAQ,SAAA,IAAa,OAAA,CAAQ,IAAI,UAAA,IAAc,qCAAA;AAAA,MAC1D,YAAA,EAAc,QAAQ,YAAA,IAAgB,IAAA;AAAA,MACtC,aAAA,EAAe,OAAA,CAAQ,aAAA,IAAiB,OAAA,CAAQ,IAAI,kBAAA,IAAsB,qCAAA;AAAA,MAC1E,gBAAA,EAAkB,QAAQ,gBAAA,IAAoB,KAAA;AAAA,MAC9C,cAAA,EAAgB,OAAA,CAAQ,cAAA,IAAkB,OAAA,CAAQ,IAAI,gBAAA,IAAoB,EAAA;AAAA,MAC1E,kBAAA,EAAoB,OAAA,CAAQ,kBAAA,IAAsB,OAAA,CAAQ,IAAI,oBAAA,IAAwB,EAAA;AAAA,MACtF,iBAAA,EAAmB,OAAA,CAAQ,iBAAA,IAAqB,OAAA,CAAQ,IAAI,mBAAA,IAAuB;AAAA,KACrF;AAEA,IAAA,IAAA,CAAK,SAAA,GAAY,SAAA,IAAa,IAAI,iBAAA,EAAkB;AAAA,EACtD;AAAA,EAEA,MAAM,UAAA,GAA4B;AAChC,IAAA,IAAI,IAAA,CAAK,QAAQ,cAAA,IAAkB,IAAA,CAAK,QAAQ,kBAAA,IAAsB,IAAA,CAAK,QAAQ,iBAAA,EAAmB;AACpG,MAAA,YAAA,CAAa,iBAAiB,QAAA,EAAU;AAAA,QACtC,IAAA,EAAM,QAAA;AAAA,QACN,QAAA,EAAU,KAAK,OAAA,CAAQ,cAAA;AAAA,QACvB,YAAA,EAAc,KAAK,OAAA,CAAQ,kBAAA;AAAA,QAC3B,WAAA,EAAa,KAAK,OAAA,CAAQ,iBAAA;AAAA,QAC1B,gBAAA,EAAkB,8CAAA;AAAA,QAClB,QAAA,EAAU,qCAAA;AAAA,QACV,WAAA,EAAa;AAAA,OACd,CAAA;AAAA,IACH;AACA,IAAA,IAAA,CAAK,WAAA,GAAc,IAAA;AAAA,EACrB;AAAA,EAEA,MAAM,SAAS,IAAA,EAAoG;AACjH,IAAA,MAAM,WAAW,MAAM,IAAA,CAAK,SAAA,CAAU,WAAA,CAAY,KAAK,KAAK,CAAA;AAC5D,IAAA,IAAI,QAAA,EAAU;AACZ,MAAA,MAAM,IAAI,MAAM,qBAAqB,CAAA;AAAA,IACvC;AAEA,IAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,SAAA,CAAU,OAAO,IAAI,CAAA;AAC7C,IAAA,MAAM,MAAA,GAAS,WAAW,iBAAA,CAAkB;AAAA,MAC1C,QAAQ,IAAA,CAAK,EAAA;AAAA,MACb,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,MAAM,IAAA,CAAK;AAAA,KACZ,CAAA;AAED,IAAA,OAAO,EAAE,MAAM,MAAA,EAAO;AAAA,EACxB;AAAA,EAEA,MAAM,MAAM,WAAA,EAA+G;AACzH,IAAA,MAAM,OAAO,MAAM,IAAA,CAAK,SAAA,CAAU,WAAA,CAAY,YAAY,KAAK,CAAA;AAC/D,IAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,IAAA,CAAK,QAAA,EAAU;AAC3B,MAAA,MAAM,IAAI,MAAM,qBAAqB,CAAA;AAAA,IACvC;AAEA,IAAA,MAAM,UAAU,MAAMA,uBAAA,CAAO,QAAQ,WAAA,CAAY,QAAA,EAAU,KAAK,QAAQ,CAAA;AACxE,IAAA,IAAI,CAAC,OAAA,EAAS;AACZ,MAAA,MAAM,IAAI,MAAM,qBAAqB,CAAA;AAAA,IACvC;AAEA,IAAA,MAAM,MAAA,GAAS,WAAW,iBAAA,CAAkB;AAAA,MAC1C,QAAQ,IAAA,CAAK,EAAA;AAAA,MACb,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,MAAM,IAAA,CAAK;AAAA,KACZ,CAAA;AAED,IAAA,OAAO,EAAE,MAAM,MAAA,EAAO;AAAA,EACxB;AAAA,EAEA,MAAM,QAAQ,YAAA,EAA8E;AAC1F,IAAA,OAAO,UAAA,CAAW,cAAc,YAAY,CAAA;AAAA,EAC9C;AAAA,EAEA,MAAM,iBAAiB,KAAA,EAAiC;AACtD,IAAA,OAAO,YAAA,CAAa,mBAAA,CAAoB,QAAA,EAAU,KAAK,CAAA;AAAA,EACzD;AAAA,EAEA,MAAM,qBAAqB,IAAA,EAA8F;AACvH,IAAA,MAAM,EAAE,WAAA,EAAY,GAAI,MAAM,YAAA,CAAa,YAAA,CAAa,UAAU,IAAI,CAAA;AACtE,IAAA,MAAM,QAAA,GAAW,MAAM,YAAA,CAAa,WAAA,CAAY,UAAU,WAAW,CAAA;AAErE,IAAA,IAAI,OAAO,MAAM,IAAA,CAAK,SAAA,CAAU,WAAA,CAAY,SAAS,KAAK,CAAA;AAE1D,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,IAAA,GAAO,MAAM,IAAA,CAAK,SAAA,CAAU,MAAA,CAAO;AAAA,QACjC,OAAO,QAAA,CAAS,KAAA;AAAA,QAChB,QAAA,EAAU,KAAK,MAAA,EAAO,CAAE,SAAS,EAAE,CAAA,CAAE,MAAA,CAAO,CAAA,EAAG,EAAE,CAAA;AAAA,QACjD,MAAM,QAAA,CAAS,IAAA;AAAA,QACf,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH;AAEA,IAAA,MAAM,MAAA,GAAS,WAAW,iBAAA,CAAkB;AAAA,MAC1C,QAAQ,IAAA,CAAK,EAAA;AAAA,MACb,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,MAAM,IAAA,CAAK;AAAA,KACZ,CAAA;AAED,IAAA,OAAO,EAAE,MAAM,MAAA,EAAO;AAAA,EACxB;AAAA,EAEA,aAAA,GAAgC;AAC9B,IAAA,OAAO,CAAC,GAAA,EAAc,GAAA,EAAe,IAAA,KAAuB;AAC1D,MAAA,MAAM,UAAA,GAAa,IAAI,OAAA,CAAQ,aAAA;AAE/B,MAAA,IAAI,CAAC,UAAA,IAAc,CAAC,UAAA,CAAW,UAAA,CAAW,SAAS,CAAA,EAAG;AACpD,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,qBAAqB,CAAA;AAAA,MAC5D;AAEA,MAAA,MAAM,KAAA,GAAQ,UAAA,CAAW,SAAA,CAAU,CAAC,CAAA;AAEpC,MAAA,IAAI;AACF,QAAA,MAAM,OAAA,GAAU,UAAA,CAAW,WAAA,CAAY,KAAK,CAAA;AAC5C,QAAA,GAAA,CAAI,IAAA,GAAO;AAAA,UACT,GAAG,OAAA;AAAA,UACH,IAAI,OAAA,CAAQ;AAAA,SACd;AACA,QAAA,IAAA,EAAK;AAAA,MACP,SAAS,KAAA,EAAO;AACd,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,iBAAiB,CAAA;AAAA,MACxD;AAAA,IACF,CAAA;AAAA,EACF;AAAA,EAEA,WAAA,GAA8B;AAC5B,IAAA,OAAO,CAAC,GAAA,EAAc,GAAA,EAAe,IAAA,KAAuB;AAC1D,MAAA,IAAI,CAAC,IAAI,IAAA,EAAM;AACb,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MAClE;AACA,MAAA,IAAA,EAAK;AAAA,IACP,CAAA;AAAA,EACF;AAAA,EAEA,YAAY,IAAA,EAA8B;AACxC,IAAA,OAAO,CAAC,GAAA,EAAc,GAAA,EAAe,IAAA,KAAuB;AAC1D,MAAA,IAAI,CAAC,IAAI,IAAA,EAAM;AACb,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MAClE;AACA,MAAA,IAAI,CAACH,mBAAA,CAAY,OAAA,CAAQ,IAAI,IAAA,CAAK,IAAA,EAAM,IAAI,CAAA,EAAG;AAC7C,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,4BAA4B,CAAA;AAAA,MACnE;AACA,MAAA,IAAA,EAAK;AAAA,IACP,CAAA;AAAA,EACF;AAAA,EAEA,kBAAkB,UAAA,EAAoC;AACpD,IAAA,OAAO,CAAC,GAAA,EAAc,GAAA,EAAe,IAAA,KAAuB;AAC1D,MAAA,IAAI,CAAC,IAAI,IAAA,EAAM;AACb,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MAClE;AACA,MAAA,IAAI,CAACA,mBAAA,CAAY,aAAA,CAAc,IAAI,IAAA,CAAK,IAAA,EAAM,UAAU,CAAA,EAAG;AACzD,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,4BAA4B,CAAA;AAAA,MACnE;AACA,MAAA,IAAA,EAAK;AAAA,IACP,CAAA;AAAA,EACF;AACF;AAEA,IAAI,mBAAA,GAA0C,IAAA;AAEvC,SAAS,UAAA,CAAW,SAAuB,SAAA,EAAoC;AACpF,EAAA,mBAAA,GAAsB,IAAI,WAAA,CAAY,OAAA,EAAS,SAAS,CAAA;AACxD,EAAA,OAAO,mBAAA;AACT;AAEO,SAAS,IAAA,GAAoB;AAClC,EAAA,IAAI,CAAC,mBAAA,EAAqB;AACxB,IAAA,mBAAA,GAAsB,IAAI,WAAA,EAAY;AAAA,EACxC;AACA,EAAA,OAAO,mBAAA;AACT;AAEO,IAAM,IAAA,GAAO;AAAA,EAClB,UAAA,EAAY,CAAC,OAAA,KAA0B;AACrC,IAAA,MAAM,OAAA,GAAU,WAAW,OAAO,CAAA;AAClC,IAAA,OAAO;AAAA,MACL,OAAA;AAAA,MACA,aAAA,EAAe,MAAM,OAAA,CAAQ,aAAA,EAAc;AAAA,MAC3C,WAAA,EAAa,MAAM,OAAA,CAAQ,WAAA,EAAY;AAAA,MACvC,WAAA,EAAa,CAAC,IAAA,KAAiB,OAAA,CAAQ,YAAY,IAAI,CAAA;AAAA,MACvD,iBAAA,EAAmB,CAAC,UAAA,KAAuB,OAAA,CAAQ,kBAAkB,UAAU;AAAA,KACjF;AAAA,EACF;AACF;;;AC/OO,SAAS,kBAAA,CAAmB,OAAA,EAA0B,OAAA,EAAuC,IAAA,EAA+B;AACjI,EAAA,MAAM,EAAE,aAAY,GAAI,OAAA;AAExB,EAAA,OAAA,CAAQ,QAAA,CAAS,cAAA,EAAgB,OAAO,OAAA,EAAyB,KAAA,KAAwB;AACvF,IAAA,MAAM,UAAA,GAAa,QAAQ,OAAA,CAAQ,aAAA;AAEnC,IAAA,IAAI,CAAC,UAAA,IAAc,CAAC,UAAA,CAAW,UAAA,CAAW,SAAS,CAAA,EAAG;AACpD,MAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,qBAAqB,CAAA;AAAA,IAC9D;AAEA,IAAA,MAAM,KAAA,GAAQ,UAAA,CAAW,SAAA,CAAU,CAAC,CAAA;AAEpC,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,WAAA,CAAY,YAAY,CAAA,CAAE,YAAY,KAAK,CAAA;AAC3D,MAAA,OAAA,CAAQ,IAAA,GAAO;AAAA,QACb,GAAG,OAAA;AAAA,QACH,IAAI,OAAA,CAAQ;AAAA,OACd;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,iBAAiB,CAAA;AAAA,IAC1D;AAAA,EACF,CAAC,CAAA;AAED,EAAA,OAAA,CAAQ,QAAA,CAAS,aAAA,EAAe,OAAO,OAAA,EAAyB,KAAA,KAAwB;AACtF,IAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,MAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,IACpE;AAAA,EACF,CAAC,CAAA;AAED,EAAA,OAAA,CAAQ,QAAA,CAAS,aAAA,EAAe,CAAC,IAAA,KAAiB;AAChD,IAAA,OAAO,OAAO,SAAyB,KAAA,KAAwB;AAC7D,MAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,QAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MACpE;AACA,MAAA,MAAM,EAAE,WAAA,EAAAA,YAAAA,EAAY,GAAI,MAAM,OAAA,CAAA,OAAA,EAAA,CAAA,IAAA,CAAA,OAAA,SAAA,EAAA,EAAA,YAAA,CAAA,CAAA;AAC9B,MAAA,IAAI,CAACA,YAAAA,CAAY,OAAA,CAAQ,QAAQ,IAAA,CAAK,IAAA,EAAM,IAAI,CAAA,EAAG;AACjD,QAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,4BAA4B,CAAA;AAAA,MACrE;AAAA,IACF,CAAA;AAAA,EACF,CAAC,CAAA;AAED,EAAA,OAAA,CAAQ,QAAA,CAAS,mBAAA,EAAqB,CAAC,UAAA,KAAuB;AAC5D,IAAA,OAAO,OAAO,SAAyB,KAAA,KAAwB;AAC7D,MAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,QAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MACpE;AACA,MAAA,MAAM,EAAE,WAAA,EAAAA,YAAAA,EAAY,GAAI,MAAM,OAAA,CAAA,OAAA,EAAA,CAAA,IAAA,CAAA,OAAA,SAAA,EAAA,EAAA,YAAA,CAAA,CAAA;AAC9B,MAAA,IAAI,CAACA,YAAAA,CAAY,aAAA,CAAc,QAAQ,IAAA,CAAK,IAAA,EAAM,UAAU,CAAA,EAAG;AAC7D,QAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,4BAA4B,CAAA;AAAA,MACrE;AAAA,IACF,CAAA;AAAA,EACF,CAAC,CAAA;AAED,EAAA,IAAA,EAAK;AACP","file":"index.js","sourcesContent":["export type Role = 'admin' | 'user' | 'guest' | string;\n\nexport interface User {\n id: string;\n email: string;\n password?: string;\n role: Role;\n name?: string;\n picture?: string;\n createdAt?: Date;\n updatedAt?: Date;\n}\n\nexport interface JWTPayload {\n userId: string;\n email: string;\n role: Role;\n}\n\nexport interface TokenPair {\n accessToken: string;\n refreshToken: string;\n}\n\nexport interface AuthOptions {\n jwtSecret?: string;\n jwtExpiresIn?: string;\n refreshSecret?: string;\n refreshExpiresIn?: string;\n googleClientId?: string;\n googleClientSecret?: string;\n googleRedirectUri?: string;\n}\n\nexport interface AuthUserRequest extends Request {\n user?: JWTPayload;\n}\n\nexport type Permission = string;\n\nexport interface RolePermissions {\n [role: string]: Permission[];\n}\n\nexport const DEFAULT_PERMISSIONS: RolePermissions = {\n admin: ['*'],\n user: ['read', 'write:own'],\n guest: ['read:public'],\n};\n\nexport interface LoginCredentials {\n email: string;\n password: string;\n}\n\nexport interface RegisterData extends LoginCredentials {\n name?: string;\n role?: Role;\n}\n\nexport interface OAuthProvider {\n name: string;\n clientId: string;\n clientSecret: string;\n redirectUri: string;\n authorizationUrl: string;\n tokenUrl: string;\n userInfoUrl: string;\n}\n","import { Role, Permission, RolePermissions, DEFAULT_PERMISSIONS } from './types';\n\nexport class RBACService {\n private permissions: RolePermissions;\n\n constructor(permissions: RolePermissions = DEFAULT_PERMISSIONS) {\n this.permissions = permissions;\n }\n\n setPermissions(permissions: RolePermissions): void {\n this.permissions = permissions;\n }\n\n addPermission(role: Role, permission: Permission): void {\n if (!this.permissions[role]) {\n this.permissions[role] = [];\n }\n if (!this.permissions[role].includes(permission)) {\n this.permissions[role].push(permission);\n }\n }\n\n removePermission(role: Role, permission: Permission): void {\n if (this.permissions[role]) {\n this.permissions[role] = this.permissions[role].filter(p => p !== permission);\n }\n }\n\n getPermissions(role: Role): Permission[] {\n return this.permissions[role] || [];\n }\n\n hasPermission(role: Role, requiredPermission: Permission): boolean {\n const rolePermissions = this.getPermissions(role);\n \n if (rolePermissions.includes('*')) {\n return true;\n }\n\n if (rolePermissions.includes(requiredPermission)) {\n return true;\n }\n\n const [requiredAction, requiredScope] = requiredPermission.split(':');\n \n for (const perm of rolePermissions) {\n const [action, scope] = perm.split(':');\n \n if (action === '*' && (scope === '*' || scope === requiredScope)) {\n return true;\n }\n \n if (action === requiredAction && (scope === '*' || scope === requiredScope)) {\n return true;\n }\n }\n\n return false;\n }\n\n hasRole(userRole: Role, requiredRole: Role): boolean {\n const hierarchy: Role[] = ['guest', 'user', 'admin'];\n const userIndex = hierarchy.indexOf(userRole as any);\n const requiredIndex = hierarchy.indexOf(requiredRole as any);\n \n if (userIndex === -1 || requiredIndex === -1) {\n return userRole === requiredRole;\n }\n \n return userIndex >= requiredIndex;\n }\n\n authorize(permission: Permission) {\n return (role: Role): boolean => this.hasPermission(role, permission);\n }\n\n authorizeRole(requiredRole: Role) {\n return (role: Role): boolean => this.hasRole(role, requiredRole);\n }\n}\n\nexport const rbacService = new RBACService();\n","export * from './types';\nexport * from './jwt';\nexport * from './rbac';\nexport * from './oauth';\nexport * from './express';\nexport * from './fastify';\n","import { z } from 'zod';\n\nexport const envSchema = z.object({\n NODE_ENV: z.enum(['development', 'production', 'test']).default('development'),\n PORT: z.string().default('3000'),\n DATABASE_URL: z.string().optional(),\n REDIS_URL: z.string().default('redis://localhost:6379'),\n JWT_SECRET: z.string().min(32).optional(),\n JWT_EXPIRES_IN: z.string().default('7d'),\n JWT_REFRESH_SECRET: z.string().min(32).optional(),\n JWT_REFRESH_EXPIRES_IN: z.string().default('30d'),\n GOOGLE_CLIENT_ID: z.string().optional(),\n GOOGLE_CLIENT_SECRET: z.string().optional(),\n GOOGLE_REDIRECT_URI: z.string().optional(),\n SMTP_HOST: z.string().optional(),\n SMTP_PORT: z.string().default('587'),\n SMTP_USER: z.string().optional(),\n SMTP_PASS: z.string().optional(),\n SMTP_FROM: z.string().optional(),\n TWILIO_ACCOUNT_SID: z.string().optional(),\n TWILIO_AUTH_TOKEN: z.string().optional(),\n TWILIO_PHONE_NUMBER: z.string().optional(),\n SLACK_WEBHOOK_URL: z.string().optional(),\n RATE_LIMIT_WINDOW: z.string().default('1m'),\n RATE_LIMIT_LIMIT: z.string().default('100'),\n LOG_LEVEL: z.enum(['fatal', 'error', 'warn', 'info', 'debug', 'trace']).default('info'),\n AWS_REGION: z.string().default('us-east-1'),\n AWS_ACCESS_KEY_ID: z.string().optional(),\n AWS_SECRET_ACCESS_KEY: z.string().optional(),\n AWS_S3_BUCKET: z.string().optional(),\n AWS_ENDPOINT: z.string().optional(),\n});\n\nexport type EnvConfig = z.infer<typeof envSchema>;\n\nexport interface ConfigOptions {\n schema?: z.ZodSchema;\n envPath?: string;\n validate?: boolean;\n}\n\nclass ConfigManager {\n private config: EnvConfig | null = null;\n private schema: z.ZodSchema;\n private validate: boolean;\n\n constructor(options: ConfigOptions = {}) {\n this.schema = options.schema || envSchema;\n this.validate = options.validate ?? true;\n }\n\n load(): EnvConfig {\n if (this.config) return this.config;\n\n const env: Record<string, string | undefined> = {};\n \n for (const key of Object.keys(this.schema.shape)) {\n env[key] = process.env[key];\n }\n\n if (this.validate) {\n const result = this.schema.safeParse(env);\n if (!result.success) {\n const errors = result.error.errors.map(e => `${e.path.join('.')}: ${e.message}`).join(', ');\n throw new Error(`Config validation failed: ${errors}`);\n }\n this.config = result.data;\n } else {\n this.config = env as EnvConfig;\n }\n\n return this.config;\n }\n\n get<K extends keyof EnvConfig>(key: K): EnvConfig[K] {\n if (!this.config) this.load();\n return this.config![key];\n }\n\n int(key: keyof EnvConfig): number {\n const value = this.get(key);\n if (typeof value === 'string') return parseInt(value, 10);\n return Number(value);\n }\n\n bool(key: keyof EnvConfig): boolean {\n const value = this.get(key);\n if (typeof value === 'boolean') return value;\n if (typeof value === 'string') return value.toLowerCase() === 'true';\n return Boolean(value);\n }\n\n isProduction(): boolean {\n return this.get('NODE_ENV') === 'production';\n }\n\n isDevelopment(): boolean {\n return this.get('NODE_ENV') === 'development';\n }\n\n isTest(): boolean {\n return this.get('NODE_ENV') === 'test';\n }\n\n getAll(): EnvConfig {\n if (!this.config) this.load();\n return this.config!;\n }\n}\n\nconst globalConfig = new ConfigManager();\n\nexport const config = {\n load: () => globalConfig.load(),\n get: <K extends keyof EnvConfig>(key: K) => globalConfig.get(key),\n int: (key: keyof EnvConfig) => globalConfig.int(key),\n bool: (key: keyof EnvConfig) => globalConfig.bool(key),\n isProduction: () => globalConfig.isProduction(),\n isDevelopment: () => globalConfig.isDevelopment(),\n isTest: () => globalConfig.isTest(),\n getAll: () => globalConfig.getAll(),\n create: (options?: ConfigOptions) => new ConfigManager(options),\n};\n\nexport default config;\n","import jwt from 'jsonwebtoken';\nimport { JWTPayload, TokenPair } from './types';\nimport { config } from '../config';\n\nexport class JWTService {\n private secret: string;\n private expiresIn: string;\n private refreshSecret: string;\n private refreshExpiresIn: string;\n\n constructor(options: { jwtSecret?: string; jwtExpiresIn?: string; refreshSecret?: string; refreshExpiresIn?: string } = {}) {\n this.secret = options.jwtSecret || config.get('JWT_SECRET') || 'default-secret-change-in-production';\n this.expiresIn = options.jwtExpiresIn || config.get('JWT_EXPIRES_IN') || '7d';\n this.refreshSecret = options.refreshSecret || config.get('JWT_REFRESH_SECRET') || this.secret;\n this.refreshExpiresIn = options.refreshExpiresIn || config.get('JWT_REFRESH_EXPIRES_IN') || '30d';\n }\n\n generateToken(payload: JWTPayload): string {\n return jwt.sign(payload, this.secret, { expiresIn: this.expiresIn });\n }\n\n generateRefreshToken(payload: JWTPayload): string {\n return jwt.sign(payload, this.refreshSecret, { expiresIn: this.refreshExpiresIn });\n }\n\n generateTokenPair(payload: JWTPayload): TokenPair {\n return {\n accessToken: this.generateToken(payload),\n refreshToken: this.generateRefreshToken(payload),\n };\n }\n\n verifyToken(token: string): JWTPayload {\n return jwt.verify(token, this.secret) as JWTPayload;\n }\n\n verifyRefreshToken(token: string): JWTPayload {\n return jwt.verify(token, this.refreshSecret) as JWTPayload;\n }\n\n refreshTokens(refreshToken: string): TokenPair {\n const { iat, exp, nbf, ...payload } = this.verifyRefreshToken(refreshToken) as JWTPayload & { iat?: number; exp?: number; nbf?: number };\n return this.generateTokenPair(payload);\n }\n}\n\nexport const jwtService = new JWTService();\n","import { OAuthProvider } from './types';\nimport { config } from '../config';\n\nexport interface OAuthUserInfo {\n id: string;\n email: string;\n name?: string;\n picture?: string;\n}\n\nexport class OAuthService {\n private providers: Map<string, OAuthProvider> = new Map();\n\n constructor() {\n const googleClientId = config.get('GOOGLE_CLIENT_ID');\n const googleClientSecret = config.get('GOOGLE_CLIENT_SECRET');\n const googleRedirectUri = config.get('GOOGLE_REDIRECT_URI');\n\n if (googleClientId && googleClientSecret && googleRedirectUri) {\n this.registerProvider('google', {\n name: 'google',\n clientId: googleClientId,\n clientSecret: googleClientSecret,\n redirectUri: googleRedirectUri,\n authorizationUrl: 'https://accounts.google.com/o/oauth2/v2/auth',\n tokenUrl: 'https://oauth2.googleapis.com/token',\n userInfoUrl: 'https://www.googleapis.com/oauth2/v2/userinfo',\n });\n }\n }\n\n registerProvider(name: string, provider: OAuthProvider): void {\n this.providers.set(name, provider);\n }\n\n getProvider(name: string): OAuthProvider | undefined {\n return this.providers.get(name);\n }\n\n getAuthorizationUrl(providerName: string, state?: string): string {\n const provider = this.getProvider(providerName);\n if (!provider) {\n throw new Error(`OAuth provider ${providerName} not registered`);\n }\n\n const params = new URLSearchParams({\n client_id: provider.clientId,\n redirect_uri: provider.redirectUri,\n response_type: 'code',\n scope: 'openid email profile',\n state: state || '',\n });\n\n return `${provider.authorizationUrl}?${params.toString()}`;\n }\n\n async exchangeCode(providerName: string, code: string): Promise<{ accessToken: string; refreshToken?: string }> {\n const provider = this.getProvider(providerName);\n if (!provider) {\n throw new Error(`OAuth provider ${providerName} not registered`);\n }\n\n const response = await fetch(provider.tokenUrl, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/x-www-form-urlencoded',\n },\n body: new URLSearchParams({\n client_id: provider.clientId,\n client_secret: provider.clientSecret,\n code,\n grant_type: 'authorization_code',\n redirect_uri: provider.redirectUri,\n }),\n });\n\n if (!response.ok) {\n const error = await response.text();\n throw new Error(`OAuth token exchange failed: ${error}`);\n }\n\n const data = await response.json();\n return {\n accessToken: data.access_token,\n refreshToken: data.refresh_token,\n };\n }\n\n async getUserInfo(providerName: string, accessToken: string): Promise<OAuthUserInfo> {\n const provider = this.getProvider(providerName);\n if (!provider) {\n throw new Error(`OAuth provider ${providerName} not registered`);\n }\n\n const response = await fetch(provider.userInfoUrl, {\n headers: {\n Authorization: `Bearer ${accessToken}`,\n },\n });\n\n if (!response.ok) {\n const error = await response.text();\n throw new Error(`OAuth user info fetch failed: ${error}`);\n }\n\n const data = await response.json();\n\n return {\n id: data.id,\n email: data.email,\n name: data.name,\n picture: data.picture,\n };\n }\n}\n\nexport const oauthService = new OAuthService();\n","import bcrypt from 'bcryptjs';\nimport { Request, Response, NextFunction, RequestHandler } from 'express';\nimport { JWTPayload, LoginCredentials, RegisterData, User, AuthOptions } from './types';\nimport { jwtService } from './jwt';\nimport { rbacService } from './rbac';\nimport { oauthService } from './oauth';\n\nexport interface AuthUser extends JWTPayload {\n id: string;\n email: string;\n role: string;\n}\n\ndeclare global {\n namespace Express {\n interface Request {\n user?: AuthUser;\n }\n }\n}\n\nexport interface UserStore {\n findByEmail(email: string): Promise<User | null>;\n findById(id: string): Promise<User | null>;\n create(data: RegisterData): Promise<User>;\n update(id: string, data: Partial<User>): Promise<User>;\n}\n\nclass InMemoryUserStore implements UserStore {\n private users: Map<string, User> = new Map();\n\n async findByEmail(email: string): Promise<User | null> {\n for (const user of this.users.values()) {\n if (user.email === email) return user;\n }\n return null;\n }\n\n async findById(id: string): Promise<User | null> {\n return this.users.get(id) || null;\n }\n\n async create(data: RegisterData): Promise<User> {\n const id = Math.random().toString(36).substr(2, 9);\n const hashedPassword = await bcrypt.hash(data.password, 10);\n const user: User = {\n id,\n email: data.email,\n password: hashedPassword,\n role: data.role || 'user',\n name: data.name,\n };\n this.users.set(id, user);\n return user;\n }\n\n async update(id: string, data: Partial<User>): Promise<User> {\n const user = this.users.get(id);\n if (!user) throw new Error('User not found');\n const updated = { ...user, ...data };\n this.users.set(id, updated);\n return updated;\n }\n}\n\nexport class AuthService {\n private userStore: UserStore;\n private options: Required<AuthOptions>;\n private initialized: boolean = false;\n\n constructor(options: AuthOptions = {}, userStore?: UserStore) {\n this.options = {\n jwtSecret: options.jwtSecret || process.env.JWT_SECRET || 'default-secret-change-in-production',\n jwtExpiresIn: options.jwtExpiresIn || '7d',\n refreshSecret: options.refreshSecret || process.env.JWT_REFRESH_SECRET || 'default-secret-change-in-production',\n refreshExpiresIn: options.refreshExpiresIn || '30d',\n googleClientId: options.googleClientId || process.env.GOOGLE_CLIENT_ID || '',\n googleClientSecret: options.googleClientSecret || process.env.GOOGLE_CLIENT_SECRET || '',\n googleRedirectUri: options.googleRedirectUri || process.env.GOOGLE_REDIRECT_URI || '',\n };\n\n this.userStore = userStore || new InMemoryUserStore();\n }\n\n async initialize(): Promise<void> {\n if (this.options.googleClientId && this.options.googleClientSecret && this.options.googleRedirectUri) {\n oauthService.registerProvider('google', {\n name: 'google',\n clientId: this.options.googleClientId,\n clientSecret: this.options.googleClientSecret,\n redirectUri: this.options.googleRedirectUri,\n authorizationUrl: 'https://accounts.google.com/o/oauth2/v2/auth',\n tokenUrl: 'https://oauth2.googleapis.com/token',\n userInfoUrl: 'https://www.googleapis.com/oauth2/v2/userinfo',\n });\n }\n this.initialized = true;\n }\n\n async register(data: RegisterData): Promise<{ user: User; tokens: { accessToken: string; refreshToken: string } }> {\n const existing = await this.userStore.findByEmail(data.email);\n if (existing) {\n throw new Error('User already exists');\n }\n\n const user = await this.userStore.create(data);\n const tokens = jwtService.generateTokenPair({\n userId: user.id,\n email: user.email,\n role: user.role,\n });\n\n return { user, tokens };\n }\n\n async login(credentials: LoginCredentials): Promise<{ user: User; tokens: { accessToken: string; refreshToken: string } }> {\n const user = await this.userStore.findByEmail(credentials.email);\n if (!user || !user.password) {\n throw new Error('Invalid credentials');\n }\n\n const isValid = await bcrypt.compare(credentials.password, user.password);\n if (!isValid) {\n throw new Error('Invalid credentials');\n }\n\n const tokens = jwtService.generateTokenPair({\n userId: user.id,\n email: user.email,\n role: user.role,\n });\n\n return { user, tokens };\n }\n\n async refresh(refreshToken: string): Promise<{ accessToken: string; refreshToken: string }> {\n return jwtService.refreshTokens(refreshToken);\n }\n\n async getGoogleAuthUrl(state?: string): Promise<string> {\n return oauthService.getAuthorizationUrl('google', state);\n }\n\n async handleGoogleCallback(code: string): Promise<{ user: User; tokens: { accessToken: string; refreshToken: string } }> {\n const { accessToken } = await oauthService.exchangeCode('google', code);\n const userInfo = await oauthService.getUserInfo('google', accessToken);\n\n let user = await this.userStore.findByEmail(userInfo.email);\n \n if (!user) {\n user = await this.userStore.create({\n email: userInfo.email,\n password: Math.random().toString(36).substr(2, 20),\n name: userInfo.name,\n role: 'user',\n });\n }\n\n const tokens = jwtService.generateTokenPair({\n userId: user.id,\n email: user.email,\n role: user.role,\n });\n\n return { user, tokens };\n }\n\n getMiddleware(): RequestHandler {\n return (req: Request, res: Response, next: NextFunction) => {\n const authHeader = req.headers.authorization;\n \n if (!authHeader || !authHeader.startsWith('Bearer ')) {\n return res.status(401).json({ error: 'No token provided' });\n }\n\n const token = authHeader.substring(7);\n \n try {\n const payload = jwtService.verifyToken(token);\n req.user = {\n ...payload,\n id: payload.userId,\n };\n next();\n } catch (error) {\n return res.status(401).json({ error: 'Invalid token' });\n }\n };\n }\n\n requireUser(): RequestHandler {\n return (req: Request, res: Response, next: NextFunction) => {\n if (!req.user) {\n return res.status(401).json({ error: 'Authentication required' });\n }\n next();\n };\n }\n\n requireRole(role: string): RequestHandler {\n return (req: Request, res: Response, next: NextFunction) => {\n if (!req.user) {\n return res.status(401).json({ error: 'Authentication required' });\n }\n if (!rbacService.hasRole(req.user.role, role)) {\n return res.status(403).json({ error: 'Insufficient permissions' });\n }\n next();\n };\n }\n\n requirePermission(permission: string): RequestHandler {\n return (req: Request, res: Response, next: NextFunction) => {\n if (!req.user) {\n return res.status(401).json({ error: 'Authentication required' });\n }\n if (!rbacService.hasPermission(req.user.role, permission)) {\n return res.status(403).json({ error: 'Insufficient permissions' });\n }\n next();\n };\n }\n}\n\nlet authServiceInstance: AuthService | null = null;\n\nexport function createAuth(options?: AuthOptions, userStore?: UserStore): AuthService {\n authServiceInstance = new AuthService(options, userStore);\n return authServiceInstance;\n}\n\nexport function auth(): AuthService {\n if (!authServiceInstance) {\n authServiceInstance = new AuthService();\n }\n return authServiceInstance;\n}\n\nexport const Auth = {\n initialize: (options?: AuthOptions) => {\n const service = createAuth(options);\n return {\n service,\n getMiddleware: () => service.getMiddleware(),\n requireUser: () => service.requireUser(),\n requireRole: (role: string) => service.requireRole(role),\n requirePermission: (permission: string) => service.requirePermission(permission),\n };\n },\n};\n","import { FastifyInstance, FastifyRequest, FastifyReply, HookHandlerDoneFunction } from 'fastify';\nimport { AuthService } from './express';\nimport { JWTPayload } from './types';\n\ndeclare module 'fastify' {\n interface FastifyRequest {\n user?: JWTPayload & { id: string };\n }\n}\n\nexport function registerAuthPlugin(fastify: FastifyInstance, options: { authService: AuthService }, done: HookHandlerDoneFunction) {\n const { authService } = options;\n\n fastify.decorate('authenticate', async (request: FastifyRequest, reply: FastifyReply) => {\n const authHeader = request.headers.authorization;\n \n if (!authHeader || !authHeader.startsWith('Bearer ')) {\n return reply.status(401).send({ error: 'No token provided' });\n }\n\n const token = authHeader.substring(7);\n \n try {\n const payload = authService['jwtService'].verifyToken(token);\n request.user = {\n ...payload,\n id: payload.userId,\n };\n } catch (error) {\n return reply.status(401).send({ error: 'Invalid token' });\n }\n });\n\n fastify.decorate('requireUser', async (request: FastifyRequest, reply: FastifyReply) => {\n if (!request.user) {\n return reply.status(401).send({ error: 'Authentication required' });\n }\n });\n\n fastify.decorate('requireRole', (role: string) => {\n return async (request: FastifyRequest, reply: FastifyReply) => {\n if (!request.user) {\n return reply.status(401).send({ error: 'Authentication required' });\n }\n const { rbacService } = await import('./rbac');\n if (!rbacService.hasRole(request.user.role, role)) {\n return reply.status(403).send({ error: 'Insufficient permissions' });\n }\n };\n });\n\n fastify.decorate('requirePermission', (permission: string) => {\n return async (request: FastifyRequest, reply: FastifyReply) => {\n if (!request.user) {\n return reply.status(401).send({ error: 'Authentication required' });\n }\n const { rbacService } = await import('./rbac');\n if (!rbacService.hasPermission(request.user.role, permission)) {\n return reply.status(403).send({ error: 'Insufficient permissions' });\n }\n };\n });\n\n done();\n}\n"]}
package/dist/auth/index.mjs CHANGED
@@ -229,7 +229,7 @@ var JWTService = class {
229
229
  return jwt.verify(token, this.refreshSecret);
230
230
  }
231
231
  refreshTokens(refreshToken) {
232
- const payload = this.verifyRefreshToken(refreshToken);
232
+ const { iat, exp, nbf, ...payload } = this.verifyRefreshToken(refreshToken);
233
233
  return this.generateTokenPair(payload);
234
234
  }
235
235
  };
package/dist/auth/index.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/auth/types.ts","../../src/auth/rbac.ts","../../src/auth/index.ts","../../src/config/index.ts","../../src/auth/jwt.ts","../../src/auth/oauth.ts","../../src/auth/express.ts","../../src/auth/fastify.ts"],"names":["rbacService"],"mappings":";;;;;;;;;;;;;;;AAAA,IA4Ca;AA5Cb,IAAA,UAAA,GAAA,KAAA,CAAA;AAAA,EAAA,mBAAA,GAAA;AA4CO,IAAM,mBAAA,GAAuC;AAAA,MAClD,KAAA,EAAO,CAAC,GAAG,CAAA;AAAA,MACX,IAAA,EAAM,CAAC,MAAA,EAAQ,WAAW,CAAA;AAAA,MAC1B,KAAA,EAAO,CAAC,aAAa;AAAA,KACvB;AAAA,EAAA;AAAA,CAAA,CAAA;;;AChDA,IAAA,YAAA,GAAA,EAAA;AAAA,QAAA,CAAA,YAAA,EAAA;AAAA,EAAA,WAAA,EAAA,MAAA,WAAA;AAAA,EAAA,WAAA,EAAA,MAAA;AAAA,CAAA,CAAA;AAAA,IAEa,WAAA,CAAA,CA+EA;AAjFb,IAAA,SAAA,GAAA,KAAA,CAAA;AAAA,EAAA,kBAAA,GAAA;AAAA,IAAA,UAAA,EAAA;AAEO,IAAM,cAAN,MAAkB;AAAA,MACf,WAAA;AAAA,MAER,WAAA,CAAY,cAA+B,mBAAA,EAAqB;AAC9D,QAAA,IAAA,CAAK,WAAA,GAAc,WAAA;AAAA,MACrB;AAAA,MAEA,eAAe,WAAA,EAAoC;AACjD,QAAA,IAAA,CAAK,WAAA,GAAc,WAAA;AAAA,MACrB;AAAA,MAEA,aAAA,CAAc,MAAY,UAAA,EAA8B;AACtD,QAAA,IAAI,CAAC,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,EAAG;AAC3B,UAAA,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,GAAI,EAAC;AAAA,QAC5B;AACA,QAAA,IAAI,CAAC,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,CAAE,QAAA,CAAS,UAAU,CAAA,EAAG;AAChD,UAAA,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,CAAE,IAAA,CAAK,UAAU,CAAA;AAAA,QACxC;AAAA,MACF;AAAA,MAEA,gBAAA,CAAiB,MAAY,UAAA,EAA8B;AACzD,QAAA,IAAI,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,EAAG;AAC1B,UAAA,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,GAAI,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,CAAE,MAAA,CAAO,CAAA,CAAA,KAAK,CAAA,KAAM,UAAU,CAAA;AAAA,QAC9E;AAAA,MACF;AAAA,MAEA,eAAe,IAAA,EAA0B;AACvC,QAAA,OAAO,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,IAAK,EAAC;AAAA,MACpC;AAAA,MAEA,aAAA,CAAc,MAAY,kBAAA,EAAyC;AACjE,QAAA,MAAM,eAAA,GAAkB,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA;AAEhD,QAAA,IAAI,eAAA,CAAgB,QAAA,CAAS,GAAG,CAAA,EAAG;AACjC,UAAA,OAAO,IAAA;AAAA,QACT;AAEA,QAAA,IAAI,eAAA,CAAgB,QAAA,CAAS,kBAAkB,CAAA,EAAG;AAChD,UAAA,OAAO,IAAA;AAAA,QACT;AAEA,QAAA,MAAM,CAAC,cAAA,EAAgB,aAAa,CAAA,GAAI,kBAAA,CAAmB,MAAM,GAAG,CAAA;AAEpE,QAAA,KAAA,MAAW,QAAQ,eAAA,EAAiB;AAClC,UAAA,MAAM,CAAC,MAAA,EAAQ,KAAK,CAAA,GAAI,IAAA,CAAK,MAAM,GAAG,CAAA;AAEtC,UAAA,IAAI,MAAA,KAAW,GAAA,KAAQ,KAAA,KAAU,GAAA,IAAO,UAAU,aAAA,CAAA,EAAgB;AAChE,YAAA,OAAO,IAAA;AAAA,UACT;AAEA,UAAA,IAAI,MAAA,KAAW,cAAA,KAAmB,KAAA,KAAU,GAAA,IAAO,UAAU,aAAA,CAAA,EAAgB;AAC3E,YAAA,OAAO,IAAA;AAAA,UACT;AAAA,QACF;AAEA,QAAA,OAAO,KAAA;AAAA,MACT;AAAA,MAEA,OAAA,CAAQ,UAAgB,YAAA,EAA6B;AACnD,QAAA,MAAM,SAAA,GAAoB,CAAC,OAAA,EAAS,MAAA,EAAQ,OAAO,CAAA;AACnD,QAAA,MAAM,SAAA,GAAY,SAAA,CAAU,OAAA,CAAQ,QAAe,CAAA;AACnD,QAAA,MAAM,aAAA,GAAgB,SAAA,CAAU,OAAA,CAAQ,YAAmB,CAAA;AAE3D,QAAA,IAAI,SAAA,KAAc,EAAA,IAAM,aAAA,KAAkB,EAAA,EAAI;AAC5C,UAAA,OAAO,QAAA,KAAa,YAAA;AAAA,QACtB;AAEA,QAAA,OAAO,SAAA,IAAa,aAAA;AAAA,MACtB;AAAA,MAEA,UAAU,UAAA,EAAwB;AAChC,QAAA,OAAO,CAAC,IAAA,KAAwB,IAAA,CAAK,aAAA,CAAc,MAAM,UAAU,CAAA;AAAA,MACrE;AAAA,MAEA,cAAc,YAAA,EAAoB;AAChC,QAAA,OAAO,CAAC,IAAA,KAAwB,IAAA,CAAK,OAAA,CAAQ,MAAM,YAAY,CAAA;AAAA,MACjE;AAAA,KACF;AAEO,IAAM,WAAA,GAAc,IAAI,WAAA,EAAY;AAAA,EAAA;AAAA,CAAA,CAAA;;;ACjF3C,UAAA,EAAA;ACEO,IAAM,SAAA,GAAY,EAAE,MAAA,CAAO;AAAA,EAChC,QAAA,EAAU,CAAA,CAAE,IAAA,CAAK,CAAC,aAAA,EAAe,cAAc,MAAM,CAAC,CAAA,CAAE,OAAA,CAAQ,aAAa,CAAA;AAAA,EAC7E,IAAA,EAAM,CAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,MAAM,CAAA;AAAA,EAC/B,YAAA,EAAc,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAClC,SAAA,EAAW,CAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,wBAAwB,CAAA;AAAA,EACtD,YAAY,CAAA,CAAE,MAAA,GAAS,GAAA,CAAI,EAAE,EAAE,QAAA,EAAS;AAAA,EACxC,cAAA,EAAgB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,IAAI,CAAA;AAAA,EACvC,oBAAoB,CAAA,CAAE,MAAA,GAAS,GAAA,CAAI,EAAE,EAAE,QAAA,EAAS;AAAA,EAChD,sBAAA,EAAwB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,KAAK,CAAA;AAAA,EAChD,gBAAA,EAAkB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACtC,oBAAA,EAAsB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC1C,mBAAA,EAAqB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACzC,SAAA,EAAW,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,SAAA,EAAW,CAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,KAAK,CAAA;AAAA,EACnC,SAAA,EAAW,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,SAAA,EAAW,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,SAAA,EAAW,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,kBAAA,EAAoB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACxC,iBAAA,EAAmB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACvC,mBAAA,EAAqB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACzC,iBAAA,EAAmB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACvC,iBAAA,EAAmB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,IAAI,CAAA;AAAA,EAC1C,gBAAA,EAAkB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,KAAK,CAAA;AAAA,EAC1C,SAAA,EAAW,CAAA,CAAE,IAAA,CAAK,CAAC,OAAA,EAAS,OAAA,EAAS,MAAA,EAAQ,MAAA,EAAQ,OAAA,EAAS,OAAO,CAAC,CAAA,CAAE,QAAQ,MAAM,CAAA;AAAA,EACtF,UAAA,EAAY,CAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,WAAW,CAAA;AAAA,EAC1C,iBAAA,EAAmB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACvC,qBAAA,EAAuB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC3C,aAAA,EAAe,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACnC,YAAA,EAAc,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AAC3B,CAAC,CAAA;AAUD,IAAM,gBAAN,MAAoB;AAAA,EACV,MAAA,GAA2B,IAAA;AAAA,EAC3B,MAAA;AAAA,EACA,QAAA;AAAA,EAER,WAAA,CAAY,OAAA,GAAyB,EAAC,EAAG;AACvC,IAAA,IAAA,CAAK,MAAA,GAAS,QAAQ,MAAA,IAAU,SAAA;AAChC,IAAA,IAAA,CAAK,QAAA,GAAW,QAAQ,QAAA,IAAY,IAAA;AAAA,EACtC;AAAA,EAEA,IAAA,GAAkB;AAChB,IAAA,IAAI,IAAA,CAAK,MAAA,EAAQ,OAAO,IAAA,CAAK,MAAA;AAE7B,IAAA,MAAM,MAA0C,EAAC;AAEjD,IAAA,KAAA,MAAW,OAAO,MAAA,CAAO,IAAA,CAAK,IAAA,CAAK,MAAA,CAAO,KAAK,CAAA,EAAG;AAChD,MAAA,GAAA,CAAI,GAAG,CAAA,GAAI,OAAA,CAAQ,GAAA,CAAI,GAAG,CAAA;AAAA,IAC5B;AAEA,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,MAAM,MAAA,GAAS,IAAA,CAAK,MAAA,CAAO,SAAA,CAAU,GAAG,CAAA;AACxC,MAAA,IAAI,CAAC,OAAO,OAAA,EAAS;AACnB,QAAA,MAAM,SAAS,MAAA,CAAO,KAAA,CAAM,OAAO,GAAA,CAAI,CAAA,CAAA,KAAK,GAAG,CAAA,CAAE,IAAA,CAAK,IAAA,CAAK,GAAG,CAAC,CAAA,EAAA,EAAK,CAAA,CAAE,OAAO,CAAA,CAAE,CAAA,CAAE,KAAK,IAAI,CAAA;AAC1F,QAAA,MAAM,IAAI,KAAA,CAAM,CAAA,0BAAA,EAA6B,MAAM,CAAA,CAAE,CAAA;AAAA,MACvD;AACA,MAAA,IAAA,CAAK,SAAS,MAAA,CAAO,IAAA;AAAA,IACvB,CAAA,MAAO;AACL,MAAA,IAAA,CAAK,MAAA,GAAS,GAAA;AAAA,IAChB;AAEA,IAAA,OAAO,IAAA,CAAK,MAAA;AAAA,EACd;AAAA,EAEA,IAA+B,GAAA,EAAsB;AACnD,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,EAAQ,IAAA,CAAK,IAAA,EAAK;AAC5B,IAAA,OAAO,IAAA,CAAK,OAAQ,GAAG,CAAA;AAAA,EACzB;AAAA,EAEA,IAAI,GAAA,EAA8B;AAChC,IAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,GAAA,CAAI,GAAG,CAAA;AAC1B,IAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,QAAA,CAAS,OAAO,EAAE,CAAA;AACxD,IAAA,OAAO,OAAO,KAAK,CAAA;AAAA,EACrB;AAAA,EAEA,KAAK,GAAA,EAA+B;AAClC,IAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,GAAA,CAAI,GAAG,CAAA;AAC1B,IAAA,IAAI,OAAO,KAAA,KAAU,SAAA,EAAW,OAAO,KAAA;AACvC,IAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,KAAA,CAAM,aAAY,KAAM,MAAA;AAC9D,IAAA,OAAO,QAAQ,KAAK,CAAA;AAAA,EACtB;AAAA,EAEA,YAAA,GAAwB;AACtB,IAAA,OAAO,IAAA,CAAK,GAAA,CAAI,UAAU,CAAA,KAAM,YAAA;AAAA,EAClC;AAAA,EAEA,aAAA,GAAyB;AACvB,IAAA,OAAO,IAAA,CAAK,GAAA,CAAI,UAAU,CAAA,KAAM,aAAA;AAAA,EAClC;AAAA,EAEA,MAAA,GAAkB;AAChB,IAAA,OAAO,IAAA,CAAK,GAAA,CAAI,UAAU,CAAA,KAAM,MAAA;AAAA,EAClC;AAAA,EAEA,MAAA,GAAoB;AAClB,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,EAAQ,IAAA,CAAK,IAAA,EAAK;AAC5B,IAAA,OAAO,IAAA,CAAK,MAAA;AAAA,EACd;AACF,CAAA;AAEA,IAAM,YAAA,GAAe,IAAI,aAAA,EAAc;AAEhC,IAAM,MAAA,GAAS;AAAA,EACpB,IAAA,EAAM,MAAM,YAAA,CAAa,IAAA,EAAK;AAAA,EAC9B,GAAA,EAAK,CAA4B,GAAA,KAAW,YAAA,CAAa,IAAI,GAAG,CAAA;AAAA,EAChE,GAAA,EAAK,CAAC,GAAA,KAAyB,YAAA,CAAa,IAAI,GAAG,CAAA;AAAA,EACnD,IAAA,EAAM,CAAC,GAAA,KAAyB,YAAA,CAAa,KAAK,GAAG,CAAA;AAAA,EACrD,YAAA,EAAc,MAAM,YAAA,CAAa,YAAA,EAAa;AAAA,EAC9C,aAAA,EAAe,MAAM,YAAA,CAAa,aAAA,EAAc;AAAA,EAChD,MAAA,EAAQ,MAAM,YAAA,CAAa,MAAA,EAAO;AAAA,EAClC,MAAA,EAAQ,MAAM,YAAA,CAAa,MAAA,EAAO;AAAA,EAClC,MAAA,EAAQ,CAAC,OAAA,KAA4B,IAAI,cAAc,OAAO;AAChE,CAAA;;;ACtHO,IAAM,aAAN,MAAiB;AAAA,EACd,MAAA;AAAA,EACA,SAAA;AAAA,EACA,aAAA;AAAA,EACA,gBAAA;AAAA,EAER,WAAA,CAAY,OAAA,GAA4G,EAAC,EAAG;AAC1H,IAAA,IAAA,CAAK,SAAS,OAAA,CAAQ,SAAA,IAAa,MAAA,CAAO,GAAA,CAAI,YAAY,CAAA,IAAK,qCAAA;AAC/D,IAAA,IAAA,CAAK,YAAY,OAAA,CAAQ,YAAA,IAAgB,MAAA,CAAO,GAAA,CAAI,gBAAgB,CAAA,IAAK,IAAA;AACzE,IAAA,IAAA,CAAK,gBAAgB,OAAA,CAAQ,aAAA,IAAiB,OAAO,GAAA,CAAI,oBAAoB,KAAK,IAAA,CAAK,MAAA;AACvF,IAAA,IAAA,CAAK,mBAAmB,OAAA,CAAQ,gBAAA,IAAoB,MAAA,CAAO,GAAA,CAAI,wBAAwB,CAAA,IAAK,KAAA;AAAA,EAC9F;AAAA,EAEA,cAAc,OAAA,EAA6B;AACzC,IAAA,OAAO,GAAA,CAAI,KAAK,OAAA,EAAS,IAAA,CAAK,QAAQ,EAAE,SAAA,EAAW,IAAA,CAAK,SAAA,EAAW,CAAA;AAAA,EACrE;AAAA,EAEA,qBAAqB,OAAA,EAA6B;AAChD,IAAA,OAAO,GAAA,CAAI,KAAK,OAAA,EAAS,IAAA,CAAK,eAAe,EAAE,SAAA,EAAW,IAAA,CAAK,gBAAA,EAAkB,CAAA;AAAA,EACnF;AAAA,EAEA,kBAAkB,OAAA,EAAgC;AAChD,IAAA,OAAO;AAAA,MACL,WAAA,EAAa,IAAA,CAAK,aAAA,CAAc,OAAO,CAAA;AAAA,MACvC,YAAA,EAAc,IAAA,CAAK,oBAAA,CAAqB,OAAO;AAAA,KACjD;AAAA,EACF;AAAA,EAEA,YAAY,KAAA,EAA2B;AACrC,IAAA,OAAO,GAAA,CAAI,MAAA,CAAO,KAAA,EAAO,IAAA,CAAK,MAAM,CAAA;AAAA,EACtC;AAAA,EAEA,mBAAmB,KAAA,EAA2B;AAC5C,IAAA,OAAO,GAAA,CAAI,MAAA,CAAO,KAAA,EAAO,IAAA,CAAK,aAAa,CAAA;AAAA,EAC7C;AAAA,EAEA,cAAc,YAAA,EAAiC;AAC7C,IAAA,MAAM,OAAA,GAAU,IAAA,CAAK,kBAAA,CAAmB,YAAY,CAAA;AACpD,IAAA,OAAO,IAAA,CAAK,kBAAkB,OAAO,CAAA;AAAA,EACvC;AACF;AAEO,IAAM,UAAA,GAAa,IAAI,UAAA;;;AF5C9B,SAAA,EAAA;;;AGQO,IAAM,eAAN,MAAmB;AAAA,EAChB,SAAA,uBAA4C,GAAA,EAAI;AAAA,EAExD,WAAA,GAAc;AACZ,IAAA,MAAM,cAAA,GAAiB,MAAA,CAAO,GAAA,CAAI,kBAAkB,CAAA;AACpD,IAAA,MAAM,kBAAA,GAAqB,MAAA,CAAO,GAAA,CAAI,sBAAsB,CAAA;AAC5D,IAAA,MAAM,iBAAA,GAAoB,MAAA,CAAO,GAAA,CAAI,qBAAqB,CAAA;AAE1D,IAAA,IAAI,cAAA,IAAkB,sBAAsB,iBAAA,EAAmB;AAC7D,MAAA,IAAA,CAAK,iBAAiB,QAAA,EAAU;AAAA,QAC9B,IAAA,EAAM,QAAA;AAAA,QACN,QAAA,EAAU,cAAA;AAAA,QACV,YAAA,EAAc,kBAAA;AAAA,QACd,WAAA,EAAa,iBAAA;AAAA,QACb,gBAAA,EAAkB,8CAAA;AAAA,QAClB,QAAA,EAAU,qCAAA;AAAA,QACV,WAAA,EAAa;AAAA,OACd,CAAA;AAAA,IACH;AAAA,EACF;AAAA,EAEA,gBAAA,CAAiB,MAAc,QAAA,EAA+B;AAC5D,IAAA,IAAA,CAAK,SAAA,CAAU,GAAA,CAAI,IAAA,EAAM,QAAQ,CAAA;AAAA,EACnC;AAAA,EAEA,YAAY,IAAA,EAAyC;AACnD,IAAA,OAAO,IAAA,CAAK,SAAA,CAAU,GAAA,CAAI,IAAI,CAAA;AAAA,EAChC;AAAA,EAEA,mBAAA,CAAoB,cAAsB,KAAA,EAAwB;AAChE,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,WAAA,CAAY,YAAY,CAAA;AAC9C,IAAA,IAAI,CAAC,QAAA,EAAU;AACb,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,eAAA,EAAkB,YAAY,CAAA,eAAA,CAAiB,CAAA;AAAA,IACjE;AAEA,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,CAAgB;AAAA,MACjC,WAAW,QAAA,CAAS,QAAA;AAAA,MACpB,cAAc,QAAA,CAAS,WAAA;AAAA,MACvB,aAAA,EAAe,MAAA;AAAA,MACf,KAAA,EAAO,sBAAA;AAAA,MACP,OAAO,KAAA,IAAS;AAAA,KACjB,CAAA;AAED,IAAA,OAAO,GAAG,QAAA,CAAS,gBAAgB,CAAA,CAAA,EAAI,MAAA,CAAO,UAAU,CAAA,CAAA;AAAA,EAC1D;AAAA,EAEA,MAAM,YAAA,CAAa,YAAA,EAAsB,IAAA,EAAuE;AAC9G,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,WAAA,CAAY,YAAY,CAAA;AAC9C,IAAA,IAAI,CAAC,QAAA,EAAU;AACb,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,eAAA,EAAkB,YAAY,CAAA,eAAA,CAAiB,CAAA;AAAA,IACjE;AAEA,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,QAAA,CAAS,QAAA,EAAU;AAAA,MAC9C,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA,EAAS;AAAA,QACP,cAAA,EAAgB;AAAA,OAClB;AAAA,MACA,IAAA,EAAM,IAAI,eAAA,CAAgB;AAAA,QACxB,WAAW,QAAA,CAAS,QAAA;AAAA,QACpB,eAAe,QAAA,CAAS,YAAA;AAAA,QACxB,IAAA;AAAA,QACA,UAAA,EAAY,oBAAA;AAAA,QACZ,cAAc,QAAA,CAAS;AAAA,OACxB;AAAA,KACF,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,KAAA,GAAQ,MAAM,QAAA,CAAS,IAAA,EAAK;AAClC,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,6BAAA,EAAgC,KAAK,CAAA,CAAE,CAAA;AAAA,IACzD;AAEA,IAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,IAAA,EAAK;AACjC,IAAA,OAAO;AAAA,MACL,aAAa,IAAA,CAAK,YAAA;AAAA,MAClB,cAAc,IAAA,CAAK;AAAA,KACrB;AAAA,EACF;AAAA,EAEA,MAAM,WAAA,CAAY,YAAA,EAAsB,WAAA,EAA6C;AACnF,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,WAAA,CAAY,YAAY,CAAA;AAC9C,IAAA,IAAI,CAAC,QAAA,EAAU;AACb,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,eAAA,EAAkB,YAAY,CAAA,eAAA,CAAiB,CAAA;AAAA,IACjE;AAEA,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,QAAA,CAAS,WAAA,EAAa;AAAA,MACjD,OAAA,EAAS;AAAA,QACP,aAAA,EAAe,UAAU,WAAW,CAAA;AAAA;AACtC,KACD,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,KAAA,GAAQ,MAAM,QAAA,CAAS,IAAA,EAAK;AAClC,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,8BAAA,EAAiC,KAAK,CAAA,CAAE,CAAA;AAAA,IAC1D;AAEA,IAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,IAAA,EAAK;AAEjC,IAAA,OAAO;AAAA,MACL,IAAI,IAAA,CAAK,EAAA;AAAA,MACT,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,MAAM,IAAA,CAAK,IAAA;AAAA,MACX,SAAS,IAAA,CAAK;AAAA,KAChB;AAAA,EACF;AACF;AAEO,IAAM,YAAA,GAAe,IAAI,YAAA;AChHhC,SAAA,EAAA;AAwBA,IAAM,oBAAN,MAA6C;AAAA,EACnC,KAAA,uBAA+B,GAAA,EAAI;AAAA,EAE3C,MAAM,YAAY,KAAA,EAAqC;AACrD,IAAA,KAAA,MAAW,IAAA,IAAQ,IAAA,CAAK,KAAA,CAAM,MAAA,EAAO,EAAG;AACtC,MAAA,IAAI,IAAA,CAAK,KAAA,KAAU,KAAA,EAAO,OAAO,IAAA;AAAA,IACnC;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,SAAS,EAAA,EAAkC;AAC/C,IAAA,OAAO,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,EAAE,CAAA,IAAK,IAAA;AAAA,EAC/B;AAAA,EAEA,MAAM,OAAO,IAAA,EAAmC;AAC9C,IAAA,MAAM,EAAA,GAAK,KAAK,MAAA,EAAO,CAAE,SAAS,EAAE,CAAA,CAAE,MAAA,CAAO,CAAA,EAAG,CAAC,CAAA;AACjD,IAAA,MAAM,iBAAiB,MAAM,MAAA,CAAO,IAAA,CAAK,IAAA,CAAK,UAAU,EAAE,CAAA;AAC1D,IAAA,MAAM,IAAA,GAAa;AAAA,MACjB,EAAA;AAAA,MACA,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,QAAA,EAAU,cAAA;AAAA,MACV,IAAA,EAAM,KAAK,IAAA,IAAQ,MAAA;AAAA,MACnB,MAAM,IAAA,CAAK;AAAA,KACb;AACA,IAAA,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,EAAA,EAAI,IAAI,CAAA;AACvB,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,MAAA,CAAO,EAAA,EAAY,IAAA,EAAoC;AAC3D,IAAA,MAAM,IAAA,GAAO,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,EAAE,CAAA;AAC9B,IAAA,IAAI,CAAC,IAAA,EAAM,MAAM,IAAI,MAAM,gBAAgB,CAAA;AAC3C,IAAA,MAAM,OAAA,GAAU,EAAE,GAAG,IAAA,EAAM,GAAG,IAAA,EAAK;AACnC,IAAA,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,EAAA,EAAI,OAAO,CAAA;AAC1B,IAAA,OAAO,OAAA;AAAA,EACT;AACF,CAAA;AAEO,IAAM,cAAN,MAAkB;AAAA,EACf,SAAA;AAAA,EACA,OAAA;AAAA,EACA,WAAA,GAAuB,KAAA;AAAA,EAE/B,WAAA,CAAY,OAAA,GAAuB,EAAC,EAAG,SAAA,EAAuB;AAC5D,IAAA,IAAA,CAAK,OAAA,GAAU;AAAA,MACb,SAAA,EAAW,OAAA,CAAQ,SAAA,IAAa,OAAA,CAAQ,IAAI,UAAA,IAAc,qCAAA;AAAA,MAC1D,YAAA,EAAc,QAAQ,YAAA,IAAgB,IAAA;AAAA,MACtC,aAAA,EAAe,OAAA,CAAQ,aAAA,IAAiB,OAAA,CAAQ,IAAI,kBAAA,IAAsB,qCAAA;AAAA,MAC1E,gBAAA,EAAkB,QAAQ,gBAAA,IAAoB,KAAA;AAAA,MAC9C,cAAA,EAAgB,OAAA,CAAQ,cAAA,IAAkB,OAAA,CAAQ,IAAI,gBAAA,IAAoB,EAAA;AAAA,MAC1E,kBAAA,EAAoB,OAAA,CAAQ,kBAAA,IAAsB,OAAA,CAAQ,IAAI,oBAAA,IAAwB,EAAA;AAAA,MACtF,iBAAA,EAAmB,OAAA,CAAQ,iBAAA,IAAqB,OAAA,CAAQ,IAAI,mBAAA,IAAuB;AAAA,KACrF;AAEA,IAAA,IAAA,CAAK,SAAA,GAAY,SAAA,IAAa,IAAI,iBAAA,EAAkB;AAAA,EACtD;AAAA,EAEA,MAAM,UAAA,GAA4B;AAChC,IAAA,IAAI,IAAA,CAAK,QAAQ,cAAA,IAAkB,IAAA,CAAK,QAAQ,kBAAA,IAAsB,IAAA,CAAK,QAAQ,iBAAA,EAAmB;AACpG,MAAA,YAAA,CAAa,iBAAiB,QAAA,EAAU;AAAA,QACtC,IAAA,EAAM,QAAA;AAAA,QACN,QAAA,EAAU,KAAK,OAAA,CAAQ,cAAA;AAAA,QACvB,YAAA,EAAc,KAAK,OAAA,CAAQ,kBAAA;AAAA,QAC3B,WAAA,EAAa,KAAK,OAAA,CAAQ,iBAAA;AAAA,QAC1B,gBAAA,EAAkB,8CAAA;AAAA,QAClB,QAAA,EAAU,qCAAA;AAAA,QACV,WAAA,EAAa;AAAA,OACd,CAAA;AAAA,IACH;AACA,IAAA,IAAA,CAAK,WAAA,GAAc,IAAA;AAAA,EACrB;AAAA,EAEA,MAAM,SAAS,IAAA,EAAoG;AACjH,IAAA,MAAM,WAAW,MAAM,IAAA,CAAK,SAAA,CAAU,WAAA,CAAY,KAAK,KAAK,CAAA;AAC5D,IAAA,IAAI,QAAA,EAAU;AACZ,MAAA,MAAM,IAAI,MAAM,qBAAqB,CAAA;AAAA,IACvC;AAEA,IAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,SAAA,CAAU,OAAO,IAAI,CAAA;AAC7C,IAAA,MAAM,MAAA,GAAS,WAAW,iBAAA,CAAkB;AAAA,MAC1C,QAAQ,IAAA,CAAK,EAAA;AAAA,MACb,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,MAAM,IAAA,CAAK;AAAA,KACZ,CAAA;AAED,IAAA,OAAO,EAAE,MAAM,MAAA,EAAO;AAAA,EACxB;AAAA,EAEA,MAAM,MAAM,WAAA,EAA+G;AACzH,IAAA,MAAM,OAAO,MAAM,IAAA,CAAK,SAAA,CAAU,WAAA,CAAY,YAAY,KAAK,CAAA;AAC/D,IAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,IAAA,CAAK,QAAA,EAAU;AAC3B,MAAA,MAAM,IAAI,MAAM,qBAAqB,CAAA;AAAA,IACvC;AAEA,IAAA,MAAM,UAAU,MAAM,MAAA,CAAO,QAAQ,WAAA,CAAY,QAAA,EAAU,KAAK,QAAQ,CAAA;AACxE,IAAA,IAAI,CAAC,OAAA,EAAS;AACZ,MAAA,MAAM,IAAI,MAAM,qBAAqB,CAAA;AAAA,IACvC;AAEA,IAAA,MAAM,MAAA,GAAS,WAAW,iBAAA,CAAkB;AAAA,MAC1C,QAAQ,IAAA,CAAK,EAAA;AAAA,MACb,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,MAAM,IAAA,CAAK;AAAA,KACZ,CAAA;AAED,IAAA,OAAO,EAAE,MAAM,MAAA,EAAO;AAAA,EACxB;AAAA,EAEA,MAAM,QAAQ,YAAA,EAA8E;AAC1F,IAAA,OAAO,UAAA,CAAW,cAAc,YAAY,CAAA;AAAA,EAC9C;AAAA,EAEA,MAAM,iBAAiB,KAAA,EAAiC;AACtD,IAAA,OAAO,YAAA,CAAa,mBAAA,CAAoB,QAAA,EAAU,KAAK,CAAA;AAAA,EACzD;AAAA,EAEA,MAAM,qBAAqB,IAAA,EAA8F;AACvH,IAAA,MAAM,EAAE,WAAA,EAAY,GAAI,MAAM,YAAA,CAAa,YAAA,CAAa,UAAU,IAAI,CAAA;AACtE,IAAA,MAAM,QAAA,GAAW,MAAM,YAAA,CAAa,WAAA,CAAY,UAAU,WAAW,CAAA;AAErE,IAAA,IAAI,OAAO,MAAM,IAAA,CAAK,SAAA,CAAU,WAAA,CAAY,SAAS,KAAK,CAAA;AAE1D,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,IAAA,GAAO,MAAM,IAAA,CAAK,SAAA,CAAU,MAAA,CAAO;AAAA,QACjC,OAAO,QAAA,CAAS,KAAA;AAAA,QAChB,QAAA,EAAU,KAAK,MAAA,EAAO,CAAE,SAAS,EAAE,CAAA,CAAE,MAAA,CAAO,CAAA,EAAG,EAAE,CAAA;AAAA,QACjD,MAAM,QAAA,CAAS,IAAA;AAAA,QACf,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH;AAEA,IAAA,MAAM,MAAA,GAAS,WAAW,iBAAA,CAAkB;AAAA,MAC1C,QAAQ,IAAA,CAAK,EAAA;AAAA,MACb,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,MAAM,IAAA,CAAK;AAAA,KACZ,CAAA;AAED,IAAA,OAAO,EAAE,MAAM,MAAA,EAAO;AAAA,EACxB;AAAA,EAEA,aAAA,GAAgC;AAC9B,IAAA,OAAO,CAAC,GAAA,EAAc,GAAA,EAAe,IAAA,KAAuB;AAC1D,MAAA,MAAM,UAAA,GAAa,IAAI,OAAA,CAAQ,aAAA;AAE/B,MAAA,IAAI,CAAC,UAAA,IAAc,CAAC,UAAA,CAAW,UAAA,CAAW,SAAS,CAAA,EAAG;AACpD,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,qBAAqB,CAAA;AAAA,MAC5D;AAEA,MAAA,MAAM,KAAA,GAAQ,UAAA,CAAW,SAAA,CAAU,CAAC,CAAA;AAEpC,MAAA,IAAI;AACF,QAAA,MAAM,OAAA,GAAU,UAAA,CAAW,WAAA,CAAY,KAAK,CAAA;AAC5C,QAAA,GAAA,CAAI,IAAA,GAAO;AAAA,UACT,GAAG,OAAA;AAAA,UACH,IAAI,OAAA,CAAQ;AAAA,SACd;AACA,QAAA,IAAA,EAAK;AAAA,MACP,SAAS,KAAA,EAAO;AACd,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,iBAAiB,CAAA;AAAA,MACxD;AAAA,IACF,CAAA;AAAA,EACF;AAAA,EAEA,WAAA,GAA8B;AAC5B,IAAA,OAAO,CAAC,GAAA,EAAc,GAAA,EAAe,IAAA,KAAuB;AAC1D,MAAA,IAAI,CAAC,IAAI,IAAA,EAAM;AACb,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MAClE;AACA,MAAA,IAAA,EAAK;AAAA,IACP,CAAA;AAAA,EACF;AAAA,EAEA,YAAY,IAAA,EAA8B;AACxC,IAAA,OAAO,CAAC,GAAA,EAAc,GAAA,EAAe,IAAA,KAAuB;AAC1D,MAAA,IAAI,CAAC,IAAI,IAAA,EAAM;AACb,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MAClE;AACA,MAAA,IAAI,CAAC,WAAA,CAAY,OAAA,CAAQ,IAAI,IAAA,CAAK,IAAA,EAAM,IAAI,CAAA,EAAG;AAC7C,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,4BAA4B,CAAA;AAAA,MACnE;AACA,MAAA,IAAA,EAAK;AAAA,IACP,CAAA;AAAA,EACF;AAAA,EAEA,kBAAkB,UAAA,EAAoC;AACpD,IAAA,OAAO,CAAC,GAAA,EAAc,GAAA,EAAe,IAAA,KAAuB;AAC1D,MAAA,IAAI,CAAC,IAAI,IAAA,EAAM;AACb,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MAClE;AACA,MAAA,IAAI,CAAC,WAAA,CAAY,aAAA,CAAc,IAAI,IAAA,CAAK,IAAA,EAAM,UAAU,CAAA,EAAG;AACzD,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,4BAA4B,CAAA;AAAA,MACnE;AACA,MAAA,IAAA,EAAK;AAAA,IACP,CAAA;AAAA,EACF;AACF;AAEA,IAAI,mBAAA,GAA0C,IAAA;AAEvC,SAAS,UAAA,CAAW,SAAuB,SAAA,EAAoC;AACpF,EAAA,mBAAA,GAAsB,IAAI,WAAA,CAAY,OAAA,EAAS,SAAS,CAAA;AACxD,EAAA,OAAO,mBAAA;AACT;AAEO,SAAS,IAAA,GAAoB;AAClC,EAAA,IAAI,CAAC,mBAAA,EAAqB;AACxB,IAAA,mBAAA,GAAsB,IAAI,WAAA,EAAY;AAAA,EACxC;AACA,EAAA,OAAO,mBAAA;AACT;AAEO,IAAM,IAAA,GAAO;AAAA,EAClB,UAAA,EAAY,CAAC,OAAA,KAA0B;AACrC,IAAA,MAAM,OAAA,GAAU,WAAW,OAAO,CAAA;AAClC,IAAA,OAAO;AAAA,MACL,OAAA;AAAA,MACA,aAAA,EAAe,MAAM,OAAA,CAAQ,aAAA,EAAc;AAAA,MAC3C,WAAA,EAAa,MAAM,OAAA,CAAQ,WAAA,EAAY;AAAA,MACvC,WAAA,EAAa,CAAC,IAAA,KAAiB,OAAA,CAAQ,YAAY,IAAI,CAAA;AAAA,MACvD,iBAAA,EAAmB,CAAC,UAAA,KAAuB,OAAA,CAAQ,kBAAkB,UAAU;AAAA,KACjF;AAAA,EACF;AACF;;;AC/OO,SAAS,kBAAA,CAAmB,OAAA,EAA0B,OAAA,EAAuC,IAAA,EAA+B;AACjI,EAAA,MAAM,EAAE,aAAY,GAAI,OAAA;AAExB,EAAA,OAAA,CAAQ,QAAA,CAAS,cAAA,EAAgB,OAAO,OAAA,EAAyB,KAAA,KAAwB;AACvF,IAAA,MAAM,UAAA,GAAa,QAAQ,OAAA,CAAQ,aAAA;AAEnC,IAAA,IAAI,CAAC,UAAA,IAAc,CAAC,UAAA,CAAW,UAAA,CAAW,SAAS,CAAA,EAAG;AACpD,MAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,qBAAqB,CAAA;AAAA,IAC9D;AAEA,IAAA,MAAM,KAAA,GAAQ,UAAA,CAAW,SAAA,CAAU,CAAC,CAAA;AAEpC,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,WAAA,CAAY,YAAY,CAAA,CAAE,YAAY,KAAK,CAAA;AAC3D,MAAA,OAAA,CAAQ,IAAA,GAAO;AAAA,QACb,GAAG,OAAA;AAAA,QACH,IAAI,OAAA,CAAQ;AAAA,OACd;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,iBAAiB,CAAA;AAAA,IAC1D;AAAA,EACF,CAAC,CAAA;AAED,EAAA,OAAA,CAAQ,QAAA,CAAS,aAAA,EAAe,OAAO,OAAA,EAAyB,KAAA,KAAwB;AACtF,IAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,MAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,IACpE;AAAA,EACF,CAAC,CAAA;AAED,EAAA,OAAA,CAAQ,QAAA,CAAS,aAAA,EAAe,CAAC,IAAA,KAAiB;AAChD,IAAA,OAAO,OAAO,SAAyB,KAAA,KAAwB;AAC7D,MAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,QAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MACpE;AACA,MAAA,MAAM,EAAE,WAAA,EAAAA,YAAAA,EAAY,GAAI,MAAM,OAAA,CAAA,OAAA,EAAA,CAAA,IAAA,CAAA,OAAA,SAAA,EAAA,EAAA,YAAA,CAAA,CAAA;AAC9B,MAAA,IAAI,CAACA,YAAAA,CAAY,OAAA,CAAQ,QAAQ,IAAA,CAAK,IAAA,EAAM,IAAI,CAAA,EAAG;AACjD,QAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,4BAA4B,CAAA;AAAA,MACrE;AAAA,IACF,CAAA;AAAA,EACF,CAAC,CAAA;AAED,EAAA,OAAA,CAAQ,QAAA,CAAS,mBAAA,EAAqB,CAAC,UAAA,KAAuB;AAC5D,IAAA,OAAO,OAAO,SAAyB,KAAA,KAAwB;AAC7D,MAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,QAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MACpE;AACA,MAAA,MAAM,EAAE,WAAA,EAAAA,YAAAA,EAAY,GAAI,MAAM,OAAA,CAAA,OAAA,EAAA,CAAA,IAAA,CAAA,OAAA,SAAA,EAAA,EAAA,YAAA,CAAA,CAAA;AAC9B,MAAA,IAAI,CAACA,YAAAA,CAAY,aAAA,CAAc,QAAQ,IAAA,CAAK,IAAA,EAAM,UAAU,CAAA,EAAG;AAC7D,QAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,4BAA4B,CAAA;AAAA,MACrE;AAAA,IACF,CAAA;AAAA,EACF,CAAC,CAAA;AAED,EAAA,IAAA,EAAK;AACP","file":"index.mjs","sourcesContent":["export type Role = 'admin' | 'user' | 'guest' | string;\n\nexport interface User {\n id: string;\n email: string;\n password?: string;\n role: Role;\n name?: string;\n picture?: string;\n createdAt?: Date;\n updatedAt?: Date;\n}\n\nexport interface JWTPayload {\n userId: string;\n email: string;\n role: Role;\n}\n\nexport interface TokenPair {\n accessToken: string;\n refreshToken: string;\n}\n\nexport interface AuthOptions {\n jwtSecret?: string;\n jwtExpiresIn?: string;\n refreshSecret?: string;\n refreshExpiresIn?: string;\n googleClientId?: string;\n googleClientSecret?: string;\n googleRedirectUri?: string;\n}\n\nexport interface AuthUserRequest extends Request {\n user?: JWTPayload;\n}\n\nexport type Permission = string;\n\nexport interface RolePermissions {\n [role: string]: Permission[];\n}\n\nexport const DEFAULT_PERMISSIONS: RolePermissions = {\n admin: ['*'],\n user: ['read', 'write:own'],\n guest: ['read:public'],\n};\n\nexport interface LoginCredentials {\n email: string;\n password: string;\n}\n\nexport interface RegisterData extends LoginCredentials {\n name?: string;\n role?: Role;\n}\n\nexport interface OAuthProvider {\n name: string;\n clientId: string;\n clientSecret: string;\n redirectUri: string;\n authorizationUrl: string;\n tokenUrl: string;\n userInfoUrl: string;\n}\n","import { Role, Permission, RolePermissions, DEFAULT_PERMISSIONS } from './types';\n\nexport class RBACService {\n private permissions: RolePermissions;\n\n constructor(permissions: RolePermissions = DEFAULT_PERMISSIONS) {\n this.permissions = permissions;\n }\n\n setPermissions(permissions: RolePermissions): void {\n this.permissions = permissions;\n }\n\n addPermission(role: Role, permission: Permission): void {\n if (!this.permissions[role]) {\n this.permissions[role] = [];\n }\n if (!this.permissions[role].includes(permission)) {\n this.permissions[role].push(permission);\n }\n }\n\n removePermission(role: Role, permission: Permission): void {\n if (this.permissions[role]) {\n this.permissions[role] = this.permissions[role].filter(p => p !== permission);\n }\n }\n\n getPermissions(role: Role): Permission[] {\n return this.permissions[role] || [];\n }\n\n hasPermission(role: Role, requiredPermission: Permission): boolean {\n const rolePermissions = this.getPermissions(role);\n \n if (rolePermissions.includes('*')) {\n return true;\n }\n\n if (rolePermissions.includes(requiredPermission)) {\n return true;\n }\n\n const [requiredAction, requiredScope] = requiredPermission.split(':');\n \n for (const perm of rolePermissions) {\n const [action, scope] = perm.split(':');\n \n if (action === '*' && (scope === '*' || scope === requiredScope)) {\n return true;\n }\n \n if (action === requiredAction && (scope === '*' || scope === requiredScope)) {\n return true;\n }\n }\n\n return false;\n }\n\n hasRole(userRole: Role, requiredRole: Role): boolean {\n const hierarchy: Role[] = ['guest', 'user', 'admin'];\n const userIndex = hierarchy.indexOf(userRole as any);\n const requiredIndex = hierarchy.indexOf(requiredRole as any);\n \n if (userIndex === -1 || requiredIndex === -1) {\n return userRole === requiredRole;\n }\n \n return userIndex >= requiredIndex;\n }\n\n authorize(permission: Permission) {\n return (role: Role): boolean => this.hasPermission(role, permission);\n }\n\n authorizeRole(requiredRole: Role) {\n return (role: Role): boolean => this.hasRole(role, requiredRole);\n }\n}\n\nexport const rbacService = new RBACService();\n","export * from './types';\nexport * from './jwt';\nexport * from './rbac';\nexport * from './oauth';\nexport * from './express';\nexport * from './fastify';\n","import { z } from 'zod';\n\nexport const envSchema = z.object({\n NODE_ENV: z.enum(['development', 'production', 'test']).default('development'),\n PORT: z.string().default('3000'),\n DATABASE_URL: z.string().optional(),\n REDIS_URL: z.string().default('redis://localhost:6379'),\n JWT_SECRET: z.string().min(32).optional(),\n JWT_EXPIRES_IN: z.string().default('7d'),\n JWT_REFRESH_SECRET: z.string().min(32).optional(),\n JWT_REFRESH_EXPIRES_IN: z.string().default('30d'),\n GOOGLE_CLIENT_ID: z.string().optional(),\n GOOGLE_CLIENT_SECRET: z.string().optional(),\n GOOGLE_REDIRECT_URI: z.string().optional(),\n SMTP_HOST: z.string().optional(),\n SMTP_PORT: z.string().default('587'),\n SMTP_USER: z.string().optional(),\n SMTP_PASS: z.string().optional(),\n SMTP_FROM: z.string().optional(),\n TWILIO_ACCOUNT_SID: z.string().optional(),\n TWILIO_AUTH_TOKEN: z.string().optional(),\n TWILIO_PHONE_NUMBER: z.string().optional(),\n SLACK_WEBHOOK_URL: z.string().optional(),\n RATE_LIMIT_WINDOW: z.string().default('1m'),\n RATE_LIMIT_LIMIT: z.string().default('100'),\n LOG_LEVEL: z.enum(['fatal', 'error', 'warn', 'info', 'debug', 'trace']).default('info'),\n AWS_REGION: z.string().default('us-east-1'),\n AWS_ACCESS_KEY_ID: z.string().optional(),\n AWS_SECRET_ACCESS_KEY: z.string().optional(),\n AWS_S3_BUCKET: z.string().optional(),\n AWS_ENDPOINT: z.string().optional(),\n});\n\nexport type EnvConfig = z.infer<typeof envSchema>;\n\nexport interface ConfigOptions {\n schema?: z.ZodSchema;\n envPath?: string;\n validate?: boolean;\n}\n\nclass ConfigManager {\n private config: EnvConfig | null = null;\n private schema: z.ZodSchema;\n private validate: boolean;\n\n constructor(options: ConfigOptions = {}) {\n this.schema = options.schema || envSchema;\n this.validate = options.validate ?? true;\n }\n\n load(): EnvConfig {\n if (this.config) return this.config;\n\n const env: Record<string, string | undefined> = {};\n \n for (const key of Object.keys(this.schema.shape)) {\n env[key] = process.env[key];\n }\n\n if (this.validate) {\n const result = this.schema.safeParse(env);\n if (!result.success) {\n const errors = result.error.errors.map(e => `${e.path.join('.')}: ${e.message}`).join(', ');\n throw new Error(`Config validation failed: ${errors}`);\n }\n this.config = result.data;\n } else {\n this.config = env as EnvConfig;\n }\n\n return this.config;\n }\n\n get<K extends keyof EnvConfig>(key: K): EnvConfig[K] {\n if (!this.config) this.load();\n return this.config![key];\n }\n\n int(key: keyof EnvConfig): number {\n const value = this.get(key);\n if (typeof value === 'string') return parseInt(value, 10);\n return Number(value);\n }\n\n bool(key: keyof EnvConfig): boolean {\n const value = this.get(key);\n if (typeof value === 'boolean') return value;\n if (typeof value === 'string') return value.toLowerCase() === 'true';\n return Boolean(value);\n }\n\n isProduction(): boolean {\n return this.get('NODE_ENV') === 'production';\n }\n\n isDevelopment(): boolean {\n return this.get('NODE_ENV') === 'development';\n }\n\n isTest(): boolean {\n return this.get('NODE_ENV') === 'test';\n }\n\n getAll(): EnvConfig {\n if (!this.config) this.load();\n return this.config!;\n }\n}\n\nconst globalConfig = new ConfigManager();\n\nexport const config = {\n load: () => globalConfig.load(),\n get: <K extends keyof EnvConfig>(key: K) => globalConfig.get(key),\n int: (key: keyof EnvConfig) => globalConfig.int(key),\n bool: (key: keyof EnvConfig) => globalConfig.bool(key),\n isProduction: () => globalConfig.isProduction(),\n isDevelopment: () => globalConfig.isDevelopment(),\n isTest: () => globalConfig.isTest(),\n getAll: () => globalConfig.getAll(),\n create: (options?: ConfigOptions) => new ConfigManager(options),\n};\n\nexport default config;\n","import jwt from 'jsonwebtoken';\nimport { JWTPayload, TokenPair } from './types';\nimport { config } from '../config';\n\nexport class JWTService {\n private secret: string;\n private expiresIn: string;\n private refreshSecret: string;\n private refreshExpiresIn: string;\n\n constructor(options: { jwtSecret?: string; jwtExpiresIn?: string; refreshSecret?: string; refreshExpiresIn?: string } = {}) {\n this.secret = options.jwtSecret || config.get('JWT_SECRET') || 'default-secret-change-in-production';\n this.expiresIn = options.jwtExpiresIn || config.get('JWT_EXPIRES_IN') || '7d';\n this.refreshSecret = options.refreshSecret || config.get('JWT_REFRESH_SECRET') || this.secret;\n this.refreshExpiresIn = options.refreshExpiresIn || config.get('JWT_REFRESH_EXPIRES_IN') || '30d';\n }\n\n generateToken(payload: JWTPayload): string {\n return jwt.sign(payload, this.secret, { expiresIn: this.expiresIn });\n }\n\n generateRefreshToken(payload: JWTPayload): string {\n return jwt.sign(payload, this.refreshSecret, { expiresIn: this.refreshExpiresIn });\n }\n\n generateTokenPair(payload: JWTPayload): TokenPair {\n return {\n accessToken: this.generateToken(payload),\n refreshToken: this.generateRefreshToken(payload),\n };\n }\n\n verifyToken(token: string): JWTPayload {\n return jwt.verify(token, this.secret) as JWTPayload;\n }\n\n verifyRefreshToken(token: string): JWTPayload {\n return jwt.verify(token, this.refreshSecret) as JWTPayload;\n }\n\n refreshTokens(refreshToken: string): TokenPair {\n const payload = this.verifyRefreshToken(refreshToken);\n return this.generateTokenPair(payload);\n }\n}\n\nexport const jwtService = new JWTService();\n","import { OAuthProvider } from './types';\nimport { config } from '../config';\n\nexport interface OAuthUserInfo {\n id: string;\n email: string;\n name?: string;\n picture?: string;\n}\n\nexport class OAuthService {\n private providers: Map<string, OAuthProvider> = new Map();\n\n constructor() {\n const googleClientId = config.get('GOOGLE_CLIENT_ID');\n const googleClientSecret = config.get('GOOGLE_CLIENT_SECRET');\n const googleRedirectUri = config.get('GOOGLE_REDIRECT_URI');\n\n if (googleClientId && googleClientSecret && googleRedirectUri) {\n this.registerProvider('google', {\n name: 'google',\n clientId: googleClientId,\n clientSecret: googleClientSecret,\n redirectUri: googleRedirectUri,\n authorizationUrl: 'https://accounts.google.com/o/oauth2/v2/auth',\n tokenUrl: 'https://oauth2.googleapis.com/token',\n userInfoUrl: 'https://www.googleapis.com/oauth2/v2/userinfo',\n });\n }\n }\n\n registerProvider(name: string, provider: OAuthProvider): void {\n this.providers.set(name, provider);\n }\n\n getProvider(name: string): OAuthProvider | undefined {\n return this.providers.get(name);\n }\n\n getAuthorizationUrl(providerName: string, state?: string): string {\n const provider = this.getProvider(providerName);\n if (!provider) {\n throw new Error(`OAuth provider ${providerName} not registered`);\n }\n\n const params = new URLSearchParams({\n client_id: provider.clientId,\n redirect_uri: provider.redirectUri,\n response_type: 'code',\n scope: 'openid email profile',\n state: state || '',\n });\n\n return `${provider.authorizationUrl}?${params.toString()}`;\n }\n\n async exchangeCode(providerName: string, code: string): Promise<{ accessToken: string; refreshToken?: string }> {\n const provider = this.getProvider(providerName);\n if (!provider) {\n throw new Error(`OAuth provider ${providerName} not registered`);\n }\n\n const response = await fetch(provider.tokenUrl, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/x-www-form-urlencoded',\n },\n body: new URLSearchParams({\n client_id: provider.clientId,\n client_secret: provider.clientSecret,\n code,\n grant_type: 'authorization_code',\n redirect_uri: provider.redirectUri,\n }),\n });\n\n if (!response.ok) {\n const error = await response.text();\n throw new Error(`OAuth token exchange failed: ${error}`);\n }\n\n const data = await response.json();\n return {\n accessToken: data.access_token,\n refreshToken: data.refresh_token,\n };\n }\n\n async getUserInfo(providerName: string, accessToken: string): Promise<OAuthUserInfo> {\n const provider = this.getProvider(providerName);\n if (!provider) {\n throw new Error(`OAuth provider ${providerName} not registered`);\n }\n\n const response = await fetch(provider.userInfoUrl, {\n headers: {\n Authorization: `Bearer ${accessToken}`,\n },\n });\n\n if (!response.ok) {\n const error = await response.text();\n throw new Error(`OAuth user info fetch failed: ${error}`);\n }\n\n const data = await response.json();\n\n return {\n id: data.id,\n email: data.email,\n name: data.name,\n picture: data.picture,\n };\n }\n}\n\nexport const oauthService = new OAuthService();\n","import bcrypt from 'bcryptjs';\nimport { Request, Response, NextFunction, RequestHandler } from 'express';\nimport { JWTPayload, LoginCredentials, RegisterData, User, AuthOptions } from './types';\nimport { jwtService } from './jwt';\nimport { rbacService } from './rbac';\nimport { oauthService } from './oauth';\n\nexport interface AuthUser extends JWTPayload {\n id: string;\n email: string;\n role: string;\n}\n\ndeclare global {\n namespace Express {\n interface Request {\n user?: AuthUser;\n }\n }\n}\n\nexport interface UserStore {\n findByEmail(email: string): Promise<User | null>;\n findById(id: string): Promise<User | null>;\n create(data: RegisterData): Promise<User>;\n update(id: string, data: Partial<User>): Promise<User>;\n}\n\nclass InMemoryUserStore implements UserStore {\n private users: Map<string, User> = new Map();\n\n async findByEmail(email: string): Promise<User | null> {\n for (const user of this.users.values()) {\n if (user.email === email) return user;\n }\n return null;\n }\n\n async findById(id: string): Promise<User | null> {\n return this.users.get(id) || null;\n }\n\n async create(data: RegisterData): Promise<User> {\n const id = Math.random().toString(36).substr(2, 9);\n const hashedPassword = await bcrypt.hash(data.password, 10);\n const user: User = {\n id,\n email: data.email,\n password: hashedPassword,\n role: data.role || 'user',\n name: data.name,\n };\n this.users.set(id, user);\n return user;\n }\n\n async update(id: string, data: Partial<User>): Promise<User> {\n const user = this.users.get(id);\n if (!user) throw new Error('User not found');\n const updated = { ...user, ...data };\n this.users.set(id, updated);\n return updated;\n }\n}\n\nexport class AuthService {\n private userStore: UserStore;\n private options: Required<AuthOptions>;\n private initialized: boolean = false;\n\n constructor(options: AuthOptions = {}, userStore?: UserStore) {\n this.options = {\n jwtSecret: options.jwtSecret || process.env.JWT_SECRET || 'default-secret-change-in-production',\n jwtExpiresIn: options.jwtExpiresIn || '7d',\n refreshSecret: options.refreshSecret || process.env.JWT_REFRESH_SECRET || 'default-secret-change-in-production',\n refreshExpiresIn: options.refreshExpiresIn || '30d',\n googleClientId: options.googleClientId || process.env.GOOGLE_CLIENT_ID || '',\n googleClientSecret: options.googleClientSecret || process.env.GOOGLE_CLIENT_SECRET || '',\n googleRedirectUri: options.googleRedirectUri || process.env.GOOGLE_REDIRECT_URI || '',\n };\n\n this.userStore = userStore || new InMemoryUserStore();\n }\n\n async initialize(): Promise<void> {\n if (this.options.googleClientId && this.options.googleClientSecret && this.options.googleRedirectUri) {\n oauthService.registerProvider('google', {\n name: 'google',\n clientId: this.options.googleClientId,\n clientSecret: this.options.googleClientSecret,\n redirectUri: this.options.googleRedirectUri,\n authorizationUrl: 'https://accounts.google.com/o/oauth2/v2/auth',\n tokenUrl: 'https://oauth2.googleapis.com/token',\n userInfoUrl: 'https://www.googleapis.com/oauth2/v2/userinfo',\n });\n }\n this.initialized = true;\n }\n\n async register(data: RegisterData): Promise<{ user: User; tokens: { accessToken: string; refreshToken: string } }> {\n const existing = await this.userStore.findByEmail(data.email);\n if (existing) {\n throw new Error('User already exists');\n }\n\n const user = await this.userStore.create(data);\n const tokens = jwtService.generateTokenPair({\n userId: user.id,\n email: user.email,\n role: user.role,\n });\n\n return { user, tokens };\n }\n\n async login(credentials: LoginCredentials): Promise<{ user: User; tokens: { accessToken: string; refreshToken: string } }> {\n const user = await this.userStore.findByEmail(credentials.email);\n if (!user || !user.password) {\n throw new Error('Invalid credentials');\n }\n\n const isValid = await bcrypt.compare(credentials.password, user.password);\n if (!isValid) {\n throw new Error('Invalid credentials');\n }\n\n const tokens = jwtService.generateTokenPair({\n userId: user.id,\n email: user.email,\n role: user.role,\n });\n\n return { user, tokens };\n }\n\n async refresh(refreshToken: string): Promise<{ accessToken: string; refreshToken: string }> {\n return jwtService.refreshTokens(refreshToken);\n }\n\n async getGoogleAuthUrl(state?: string): Promise<string> {\n return oauthService.getAuthorizationUrl('google', state);\n }\n\n async handleGoogleCallback(code: string): Promise<{ user: User; tokens: { accessToken: string; refreshToken: string } }> {\n const { accessToken } = await oauthService.exchangeCode('google', code);\n const userInfo = await oauthService.getUserInfo('google', accessToken);\n\n let user = await this.userStore.findByEmail(userInfo.email);\n \n if (!user) {\n user = await this.userStore.create({\n email: userInfo.email,\n password: Math.random().toString(36).substr(2, 20),\n name: userInfo.name,\n role: 'user',\n });\n }\n\n const tokens = jwtService.generateTokenPair({\n userId: user.id,\n email: user.email,\n role: user.role,\n });\n\n return { user, tokens };\n }\n\n getMiddleware(): RequestHandler {\n return (req: Request, res: Response, next: NextFunction) => {\n const authHeader = req.headers.authorization;\n \n if (!authHeader || !authHeader.startsWith('Bearer ')) {\n return res.status(401).json({ error: 'No token provided' });\n }\n\n const token = authHeader.substring(7);\n \n try {\n const payload = jwtService.verifyToken(token);\n req.user = {\n ...payload,\n id: payload.userId,\n };\n next();\n } catch (error) {\n return res.status(401).json({ error: 'Invalid token' });\n }\n };\n }\n\n requireUser(): RequestHandler {\n return (req: Request, res: Response, next: NextFunction) => {\n if (!req.user) {\n return res.status(401).json({ error: 'Authentication required' });\n }\n next();\n };\n }\n\n requireRole(role: string): RequestHandler {\n return (req: Request, res: Response, next: NextFunction) => {\n if (!req.user) {\n return res.status(401).json({ error: 'Authentication required' });\n }\n if (!rbacService.hasRole(req.user.role, role)) {\n return res.status(403).json({ error: 'Insufficient permissions' });\n }\n next();\n };\n }\n\n requirePermission(permission: string): RequestHandler {\n return (req: Request, res: Response, next: NextFunction) => {\n if (!req.user) {\n return res.status(401).json({ error: 'Authentication required' });\n }\n if (!rbacService.hasPermission(req.user.role, permission)) {\n return res.status(403).json({ error: 'Insufficient permissions' });\n }\n next();\n };\n }\n}\n\nlet authServiceInstance: AuthService | null = null;\n\nexport function createAuth(options?: AuthOptions, userStore?: UserStore): AuthService {\n authServiceInstance = new AuthService(options, userStore);\n return authServiceInstance;\n}\n\nexport function auth(): AuthService {\n if (!authServiceInstance) {\n authServiceInstance = new AuthService();\n }\n return authServiceInstance;\n}\n\nexport const Auth = {\n initialize: (options?: AuthOptions) => {\n const service = createAuth(options);\n return {\n service,\n getMiddleware: () => service.getMiddleware(),\n requireUser: () => service.requireUser(),\n requireRole: (role: string) => service.requireRole(role),\n requirePermission: (permission: string) => service.requirePermission(permission),\n };\n },\n};\n","import { FastifyInstance, FastifyRequest, FastifyReply, HookHandlerDoneFunction } from 'fastify';\nimport { AuthService } from './express';\nimport { JWTPayload } from './types';\n\ndeclare module 'fastify' {\n interface FastifyRequest {\n user?: JWTPayload & { id: string };\n }\n}\n\nexport function registerAuthPlugin(fastify: FastifyInstance, options: { authService: AuthService }, done: HookHandlerDoneFunction) {\n const { authService } = options;\n\n fastify.decorate('authenticate', async (request: FastifyRequest, reply: FastifyReply) => {\n const authHeader = request.headers.authorization;\n \n if (!authHeader || !authHeader.startsWith('Bearer ')) {\n return reply.status(401).send({ error: 'No token provided' });\n }\n\n const token = authHeader.substring(7);\n \n try {\n const payload = authService['jwtService'].verifyToken(token);\n request.user = {\n ...payload,\n id: payload.userId,\n };\n } catch (error) {\n return reply.status(401).send({ error: 'Invalid token' });\n }\n });\n\n fastify.decorate('requireUser', async (request: FastifyRequest, reply: FastifyReply) => {\n if (!request.user) {\n return reply.status(401).send({ error: 'Authentication required' });\n }\n });\n\n fastify.decorate('requireRole', (role: string) => {\n return async (request: FastifyRequest, reply: FastifyReply) => {\n if (!request.user) {\n return reply.status(401).send({ error: 'Authentication required' });\n }\n const { rbacService } = await import('./rbac');\n if (!rbacService.hasRole(request.user.role, role)) {\n return reply.status(403).send({ error: 'Insufficient permissions' });\n }\n };\n });\n\n fastify.decorate('requirePermission', (permission: string) => {\n return async (request: FastifyRequest, reply: FastifyReply) => {\n if (!request.user) {\n return reply.status(401).send({ error: 'Authentication required' });\n }\n const { rbacService } = await import('./rbac');\n if (!rbacService.hasPermission(request.user.role, permission)) {\n return reply.status(403).send({ error: 'Insufficient permissions' });\n }\n };\n });\n\n done();\n}\n"]}
1
+ {"version":3,"sources":["../../src/auth/types.ts","../../src/auth/rbac.ts","../../src/auth/index.ts","../../src/config/index.ts","../../src/auth/jwt.ts","../../src/auth/oauth.ts","../../src/auth/express.ts","../../src/auth/fastify.ts"],"names":["rbacService"],"mappings":";;;;;;;;;;;;;;;AAAA,IA4Ca;AA5Cb,IAAA,UAAA,GAAA,KAAA,CAAA;AAAA,EAAA,mBAAA,GAAA;AA4CO,IAAM,mBAAA,GAAuC;AAAA,MAClD,KAAA,EAAO,CAAC,GAAG,CAAA;AAAA,MACX,IAAA,EAAM,CAAC,MAAA,EAAQ,WAAW,CAAA;AAAA,MAC1B,KAAA,EAAO,CAAC,aAAa;AAAA,KACvB;AAAA,EAAA;AAAA,CAAA,CAAA;;;AChDA,IAAA,YAAA,GAAA,EAAA;AAAA,QAAA,CAAA,YAAA,EAAA;AAAA,EAAA,WAAA,EAAA,MAAA,WAAA;AAAA,EAAA,WAAA,EAAA,MAAA;AAAA,CAAA,CAAA;AAAA,IAEa,WAAA,CAAA,CA+EA;AAjFb,IAAA,SAAA,GAAA,KAAA,CAAA;AAAA,EAAA,kBAAA,GAAA;AAAA,IAAA,UAAA,EAAA;AAEO,IAAM,cAAN,MAAkB;AAAA,MACf,WAAA;AAAA,MAER,WAAA,CAAY,cAA+B,mBAAA,EAAqB;AAC9D,QAAA,IAAA,CAAK,WAAA,GAAc,WAAA;AAAA,MACrB;AAAA,MAEA,eAAe,WAAA,EAAoC;AACjD,QAAA,IAAA,CAAK,WAAA,GAAc,WAAA;AAAA,MACrB;AAAA,MAEA,aAAA,CAAc,MAAY,UAAA,EAA8B;AACtD,QAAA,IAAI,CAAC,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,EAAG;AAC3B,UAAA,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,GAAI,EAAC;AAAA,QAC5B;AACA,QAAA,IAAI,CAAC,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,CAAE,QAAA,CAAS,UAAU,CAAA,EAAG;AAChD,UAAA,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,CAAE,IAAA,CAAK,UAAU,CAAA;AAAA,QACxC;AAAA,MACF;AAAA,MAEA,gBAAA,CAAiB,MAAY,UAAA,EAA8B;AACzD,QAAA,IAAI,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,EAAG;AAC1B,UAAA,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,GAAI,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,CAAE,MAAA,CAAO,CAAA,CAAA,KAAK,CAAA,KAAM,UAAU,CAAA;AAAA,QAC9E;AAAA,MACF;AAAA,MAEA,eAAe,IAAA,EAA0B;AACvC,QAAA,OAAO,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,IAAK,EAAC;AAAA,MACpC;AAAA,MAEA,aAAA,CAAc,MAAY,kBAAA,EAAyC;AACjE,QAAA,MAAM,eAAA,GAAkB,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA;AAEhD,QAAA,IAAI,eAAA,CAAgB,QAAA,CAAS,GAAG,CAAA,EAAG;AACjC,UAAA,OAAO,IAAA;AAAA,QACT;AAEA,QAAA,IAAI,eAAA,CAAgB,QAAA,CAAS,kBAAkB,CAAA,EAAG;AAChD,UAAA,OAAO,IAAA;AAAA,QACT;AAEA,QAAA,MAAM,CAAC,cAAA,EAAgB,aAAa,CAAA,GAAI,kBAAA,CAAmB,MAAM,GAAG,CAAA;AAEpE,QAAA,KAAA,MAAW,QAAQ,eAAA,EAAiB;AAClC,UAAA,MAAM,CAAC,MAAA,EAAQ,KAAK,CAAA,GAAI,IAAA,CAAK,MAAM,GAAG,CAAA;AAEtC,UAAA,IAAI,MAAA,KAAW,GAAA,KAAQ,KAAA,KAAU,GAAA,IAAO,UAAU,aAAA,CAAA,EAAgB;AAChE,YAAA,OAAO,IAAA;AAAA,UACT;AAEA,UAAA,IAAI,MAAA,KAAW,cAAA,KAAmB,KAAA,KAAU,GAAA,IAAO,UAAU,aAAA,CAAA,EAAgB;AAC3E,YAAA,OAAO,IAAA;AAAA,UACT;AAAA,QACF;AAEA,QAAA,OAAO,KAAA;AAAA,MACT;AAAA,MAEA,OAAA,CAAQ,UAAgB,YAAA,EAA6B;AACnD,QAAA,MAAM,SAAA,GAAoB,CAAC,OAAA,EAAS,MAAA,EAAQ,OAAO,CAAA;AACnD,QAAA,MAAM,SAAA,GAAY,SAAA,CAAU,OAAA,CAAQ,QAAe,CAAA;AACnD,QAAA,MAAM,aAAA,GAAgB,SAAA,CAAU,OAAA,CAAQ,YAAmB,CAAA;AAE3D,QAAA,IAAI,SAAA,KAAc,EAAA,IAAM,aAAA,KAAkB,EAAA,EAAI;AAC5C,UAAA,OAAO,QAAA,KAAa,YAAA;AAAA,QACtB;AAEA,QAAA,OAAO,SAAA,IAAa,aAAA;AAAA,MACtB;AAAA,MAEA,UAAU,UAAA,EAAwB;AAChC,QAAA,OAAO,CAAC,IAAA,KAAwB,IAAA,CAAK,aAAA,CAAc,MAAM,UAAU,CAAA;AAAA,MACrE;AAAA,MAEA,cAAc,YAAA,EAAoB;AAChC,QAAA,OAAO,CAAC,IAAA,KAAwB,IAAA,CAAK,OAAA,CAAQ,MAAM,YAAY,CAAA;AAAA,MACjE;AAAA,KACF;AAEO,IAAM,WAAA,GAAc,IAAI,WAAA,EAAY;AAAA,EAAA;AAAA,CAAA,CAAA;;;ACjF3C,UAAA,EAAA;ACEO,IAAM,SAAA,GAAY,EAAE,MAAA,CAAO;AAAA,EAChC,QAAA,EAAU,CAAA,CAAE,IAAA,CAAK,CAAC,aAAA,EAAe,cAAc,MAAM,CAAC,CAAA,CAAE,OAAA,CAAQ,aAAa,CAAA;AAAA,EAC7E,IAAA,EAAM,CAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,MAAM,CAAA;AAAA,EAC/B,YAAA,EAAc,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAClC,SAAA,EAAW,CAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,wBAAwB,CAAA;AAAA,EACtD,YAAY,CAAA,CAAE,MAAA,GAAS,GAAA,CAAI,EAAE,EAAE,QAAA,EAAS;AAAA,EACxC,cAAA,EAAgB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,IAAI,CAAA;AAAA,EACvC,oBAAoB,CAAA,CAAE,MAAA,GAAS,GAAA,CAAI,EAAE,EAAE,QAAA,EAAS;AAAA,EAChD,sBAAA,EAAwB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,KAAK,CAAA;AAAA,EAChD,gBAAA,EAAkB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACtC,oBAAA,EAAsB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC1C,mBAAA,EAAqB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACzC,SAAA,EAAW,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,SAAA,EAAW,CAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,KAAK,CAAA;AAAA,EACnC,SAAA,EAAW,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,SAAA,EAAW,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,SAAA,EAAW,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,kBAAA,EAAoB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACxC,iBAAA,EAAmB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACvC,mBAAA,EAAqB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACzC,iBAAA,EAAmB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACvC,iBAAA,EAAmB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,IAAI,CAAA;AAAA,EAC1C,gBAAA,EAAkB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,KAAK,CAAA;AAAA,EAC1C,SAAA,EAAW,CAAA,CAAE,IAAA,CAAK,CAAC,OAAA,EAAS,OAAA,EAAS,MAAA,EAAQ,MAAA,EAAQ,OAAA,EAAS,OAAO,CAAC,CAAA,CAAE,QAAQ,MAAM,CAAA;AAAA,EACtF,UAAA,EAAY,CAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,WAAW,CAAA;AAAA,EAC1C,iBAAA,EAAmB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACvC,qBAAA,EAAuB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC3C,aAAA,EAAe,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACnC,YAAA,EAAc,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AAC3B,CAAC,CAAA;AAUD,IAAM,gBAAN,MAAoB;AAAA,EACV,MAAA,GAA2B,IAAA;AAAA,EAC3B,MAAA;AAAA,EACA,QAAA;AAAA,EAER,WAAA,CAAY,OAAA,GAAyB,EAAC,EAAG;AACvC,IAAA,IAAA,CAAK,MAAA,GAAS,QAAQ,MAAA,IAAU,SAAA;AAChC,IAAA,IAAA,CAAK,QAAA,GAAW,QAAQ,QAAA,IAAY,IAAA;AAAA,EACtC;AAAA,EAEA,IAAA,GAAkB;AAChB,IAAA,IAAI,IAAA,CAAK,MAAA,EAAQ,OAAO,IAAA,CAAK,MAAA;AAE7B,IAAA,MAAM,MAA0C,EAAC;AAEjD,IAAA,KAAA,MAAW,OAAO,MAAA,CAAO,IAAA,CAAK,IAAA,CAAK,MAAA,CAAO,KAAK,CAAA,EAAG;AAChD,MAAA,GAAA,CAAI,GAAG,CAAA,GAAI,OAAA,CAAQ,GAAA,CAAI,GAAG,CAAA;AAAA,IAC5B;AAEA,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,MAAM,MAAA,GAAS,IAAA,CAAK,MAAA,CAAO,SAAA,CAAU,GAAG,CAAA;AACxC,MAAA,IAAI,CAAC,OAAO,OAAA,EAAS;AACnB,QAAA,MAAM,SAAS,MAAA,CAAO,KAAA,CAAM,OAAO,GAAA,CAAI,CAAA,CAAA,KAAK,GAAG,CAAA,CAAE,IAAA,CAAK,IAAA,CAAK,GAAG,CAAC,CAAA,EAAA,EAAK,CAAA,CAAE,OAAO,CAAA,CAAE,CAAA,CAAE,KAAK,IAAI,CAAA;AAC1F,QAAA,MAAM,IAAI,KAAA,CAAM,CAAA,0BAAA,EAA6B,MAAM,CAAA,CAAE,CAAA;AAAA,MACvD;AACA,MAAA,IAAA,CAAK,SAAS,MAAA,CAAO,IAAA;AAAA,IACvB,CAAA,MAAO;AACL,MAAA,IAAA,CAAK,MAAA,GAAS,GAAA;AAAA,IAChB;AAEA,IAAA,OAAO,IAAA,CAAK,MAAA;AAAA,EACd;AAAA,EAEA,IAA+B,GAAA,EAAsB;AACnD,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,EAAQ,IAAA,CAAK,IAAA,EAAK;AAC5B,IAAA,OAAO,IAAA,CAAK,OAAQ,GAAG,CAAA;AAAA,EACzB;AAAA,EAEA,IAAI,GAAA,EAA8B;AAChC,IAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,GAAA,CAAI,GAAG,CAAA;AAC1B,IAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,QAAA,CAAS,OAAO,EAAE,CAAA;AACxD,IAAA,OAAO,OAAO,KAAK,CAAA;AAAA,EACrB;AAAA,EAEA,KAAK,GAAA,EAA+B;AAClC,IAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,GAAA,CAAI,GAAG,CAAA;AAC1B,IAAA,IAAI,OAAO,KAAA,KAAU,SAAA,EAAW,OAAO,KAAA;AACvC,IAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,KAAA,CAAM,aAAY,KAAM,MAAA;AAC9D,IAAA,OAAO,QAAQ,KAAK,CAAA;AAAA,EACtB;AAAA,EAEA,YAAA,GAAwB;AACtB,IAAA,OAAO,IAAA,CAAK,GAAA,CAAI,UAAU,CAAA,KAAM,YAAA;AAAA,EAClC;AAAA,EAEA,aAAA,GAAyB;AACvB,IAAA,OAAO,IAAA,CAAK,GAAA,CAAI,UAAU,CAAA,KAAM,aAAA;AAAA,EAClC;AAAA,EAEA,MAAA,GAAkB;AAChB,IAAA,OAAO,IAAA,CAAK,GAAA,CAAI,UAAU,CAAA,KAAM,MAAA;AAAA,EAClC;AAAA,EAEA,MAAA,GAAoB;AAClB,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,EAAQ,IAAA,CAAK,IAAA,EAAK;AAC5B,IAAA,OAAO,IAAA,CAAK,MAAA;AAAA,EACd;AACF,CAAA;AAEA,IAAM,YAAA,GAAe,IAAI,aAAA,EAAc;AAEhC,IAAM,MAAA,GAAS;AAAA,EACpB,IAAA,EAAM,MAAM,YAAA,CAAa,IAAA,EAAK;AAAA,EAC9B,GAAA,EAAK,CAA4B,GAAA,KAAW,YAAA,CAAa,IAAI,GAAG,CAAA;AAAA,EAChE,GAAA,EAAK,CAAC,GAAA,KAAyB,YAAA,CAAa,IAAI,GAAG,CAAA;AAAA,EACnD,IAAA,EAAM,CAAC,GAAA,KAAyB,YAAA,CAAa,KAAK,GAAG,CAAA;AAAA,EACrD,YAAA,EAAc,MAAM,YAAA,CAAa,YAAA,EAAa;AAAA,EAC9C,aAAA,EAAe,MAAM,YAAA,CAAa,aAAA,EAAc;AAAA,EAChD,MAAA,EAAQ,MAAM,YAAA,CAAa,MAAA,EAAO;AAAA,EAClC,MAAA,EAAQ,MAAM,YAAA,CAAa,MAAA,EAAO;AAAA,EAClC,MAAA,EAAQ,CAAC,OAAA,KAA4B,IAAI,cAAc,OAAO;AAChE,CAAA;;;ACtHO,IAAM,aAAN,MAAiB;AAAA,EACd,MAAA;AAAA,EACA,SAAA;AAAA,EACA,aAAA;AAAA,EACA,gBAAA;AAAA,EAER,WAAA,CAAY,OAAA,GAA4G,EAAC,EAAG;AAC1H,IAAA,IAAA,CAAK,SAAS,OAAA,CAAQ,SAAA,IAAa,MAAA,CAAO,GAAA,CAAI,YAAY,CAAA,IAAK,qCAAA;AAC/D,IAAA,IAAA,CAAK,YAAY,OAAA,CAAQ,YAAA,IAAgB,MAAA,CAAO,GAAA,CAAI,gBAAgB,CAAA,IAAK,IAAA;AACzE,IAAA,IAAA,CAAK,gBAAgB,OAAA,CAAQ,aAAA,IAAiB,OAAO,GAAA,CAAI,oBAAoB,KAAK,IAAA,CAAK,MAAA;AACvF,IAAA,IAAA,CAAK,mBAAmB,OAAA,CAAQ,gBAAA,IAAoB,MAAA,CAAO,GAAA,CAAI,wBAAwB,CAAA,IAAK,KAAA;AAAA,EAC9F;AAAA,EAEA,cAAc,OAAA,EAA6B;AACzC,IAAA,OAAO,GAAA,CAAI,KAAK,OAAA,EAAS,IAAA,CAAK,QAAQ,EAAE,SAAA,EAAW,IAAA,CAAK,SAAA,EAAW,CAAA;AAAA,EACrE;AAAA,EAEA,qBAAqB,OAAA,EAA6B;AAChD,IAAA,OAAO,GAAA,CAAI,KAAK,OAAA,EAAS,IAAA,CAAK,eAAe,EAAE,SAAA,EAAW,IAAA,CAAK,gBAAA,EAAkB,CAAA;AAAA,EACnF;AAAA,EAEA,kBAAkB,OAAA,EAAgC;AAChD,IAAA,OAAO;AAAA,MACL,WAAA,EAAa,IAAA,CAAK,aAAA,CAAc,OAAO,CAAA;AAAA,MACvC,YAAA,EAAc,IAAA,CAAK,oBAAA,CAAqB,OAAO;AAAA,KACjD;AAAA,EACF;AAAA,EAEA,YAAY,KAAA,EAA2B;AACrC,IAAA,OAAO,GAAA,CAAI,MAAA,CAAO,KAAA,EAAO,IAAA,CAAK,MAAM,CAAA;AAAA,EACtC;AAAA,EAEA,mBAAmB,KAAA,EAA2B;AAC5C,IAAA,OAAO,GAAA,CAAI,MAAA,CAAO,KAAA,EAAO,IAAA,CAAK,aAAa,CAAA;AAAA,EAC7C;AAAA,EAEA,cAAc,YAAA,EAAiC;AAC7C,IAAA,MAAM,EAAE,KAAK,GAAA,EAAK,GAAA,EAAK,GAAG,OAAA,EAAQ,GAAI,IAAA,CAAK,kBAAA,CAAmB,YAAY,CAAA;AAC1E,IAAA,OAAO,IAAA,CAAK,kBAAkB,OAAO,CAAA;AAAA,EACvC;AACF;AAEO,IAAM,UAAA,GAAa,IAAI,UAAA;;;AF5C9B,SAAA,EAAA;;;AGQO,IAAM,eAAN,MAAmB;AAAA,EAChB,SAAA,uBAA4C,GAAA,EAAI;AAAA,EAExD,WAAA,GAAc;AACZ,IAAA,MAAM,cAAA,GAAiB,MAAA,CAAO,GAAA,CAAI,kBAAkB,CAAA;AACpD,IAAA,MAAM,kBAAA,GAAqB,MAAA,CAAO,GAAA,CAAI,sBAAsB,CAAA;AAC5D,IAAA,MAAM,iBAAA,GAAoB,MAAA,CAAO,GAAA,CAAI,qBAAqB,CAAA;AAE1D,IAAA,IAAI,cAAA,IAAkB,sBAAsB,iBAAA,EAAmB;AAC7D,MAAA,IAAA,CAAK,iBAAiB,QAAA,EAAU;AAAA,QAC9B,IAAA,EAAM,QAAA;AAAA,QACN,QAAA,EAAU,cAAA;AAAA,QACV,YAAA,EAAc,kBAAA;AAAA,QACd,WAAA,EAAa,iBAAA;AAAA,QACb,gBAAA,EAAkB,8CAAA;AAAA,QAClB,QAAA,EAAU,qCAAA;AAAA,QACV,WAAA,EAAa;AAAA,OACd,CAAA;AAAA,IACH;AAAA,EACF;AAAA,EAEA,gBAAA,CAAiB,MAAc,QAAA,EAA+B;AAC5D,IAAA,IAAA,CAAK,SAAA,CAAU,GAAA,CAAI,IAAA,EAAM,QAAQ,CAAA;AAAA,EACnC;AAAA,EAEA,YAAY,IAAA,EAAyC;AACnD,IAAA,OAAO,IAAA,CAAK,SAAA,CAAU,GAAA,CAAI,IAAI,CAAA;AAAA,EAChC;AAAA,EAEA,mBAAA,CAAoB,cAAsB,KAAA,EAAwB;AAChE,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,WAAA,CAAY,YAAY,CAAA;AAC9C,IAAA,IAAI,CAAC,QAAA,EAAU;AACb,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,eAAA,EAAkB,YAAY,CAAA,eAAA,CAAiB,CAAA;AAAA,IACjE;AAEA,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,CAAgB;AAAA,MACjC,WAAW,QAAA,CAAS,QAAA;AAAA,MACpB,cAAc,QAAA,CAAS,WAAA;AAAA,MACvB,aAAA,EAAe,MAAA;AAAA,MACf,KAAA,EAAO,sBAAA;AAAA,MACP,OAAO,KAAA,IAAS;AAAA,KACjB,CAAA;AAED,IAAA,OAAO,GAAG,QAAA,CAAS,gBAAgB,CAAA,CAAA,EAAI,MAAA,CAAO,UAAU,CAAA,CAAA;AAAA,EAC1D;AAAA,EAEA,MAAM,YAAA,CAAa,YAAA,EAAsB,IAAA,EAAuE;AAC9G,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,WAAA,CAAY,YAAY,CAAA;AAC9C,IAAA,IAAI,CAAC,QAAA,EAAU;AACb,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,eAAA,EAAkB,YAAY,CAAA,eAAA,CAAiB,CAAA;AAAA,IACjE;AAEA,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,QAAA,CAAS,QAAA,EAAU;AAAA,MAC9C,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA,EAAS;AAAA,QACP,cAAA,EAAgB;AAAA,OAClB;AAAA,MACA,IAAA,EAAM,IAAI,eAAA,CAAgB;AAAA,QACxB,WAAW,QAAA,CAAS,QAAA;AAAA,QACpB,eAAe,QAAA,CAAS,YAAA;AAAA,QACxB,IAAA;AAAA,QACA,UAAA,EAAY,oBAAA;AAAA,QACZ,cAAc,QAAA,CAAS;AAAA,OACxB;AAAA,KACF,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,KAAA,GAAQ,MAAM,QAAA,CAAS,IAAA,EAAK;AAClC,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,6BAAA,EAAgC,KAAK,CAAA,CAAE,CAAA;AAAA,IACzD;AAEA,IAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,IAAA,EAAK;AACjC,IAAA,OAAO;AAAA,MACL,aAAa,IAAA,CAAK,YAAA;AAAA,MAClB,cAAc,IAAA,CAAK;AAAA,KACrB;AAAA,EACF;AAAA,EAEA,MAAM,WAAA,CAAY,YAAA,EAAsB,WAAA,EAA6C;AACnF,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,WAAA,CAAY,YAAY,CAAA;AAC9C,IAAA,IAAI,CAAC,QAAA,EAAU;AACb,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,eAAA,EAAkB,YAAY,CAAA,eAAA,CAAiB,CAAA;AAAA,IACjE;AAEA,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,QAAA,CAAS,WAAA,EAAa;AAAA,MACjD,OAAA,EAAS;AAAA,QACP,aAAA,EAAe,UAAU,WAAW,CAAA;AAAA;AACtC,KACD,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,KAAA,GAAQ,MAAM,QAAA,CAAS,IAAA,EAAK;AAClC,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,8BAAA,EAAiC,KAAK,CAAA,CAAE,CAAA;AAAA,IAC1D;AAEA,IAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,IAAA,EAAK;AAEjC,IAAA,OAAO;AAAA,MACL,IAAI,IAAA,CAAK,EAAA;AAAA,MACT,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,MAAM,IAAA,CAAK,IAAA;AAAA,MACX,SAAS,IAAA,CAAK;AAAA,KAChB;AAAA,EACF;AACF;AAEO,IAAM,YAAA,GAAe,IAAI,YAAA;AChHhC,SAAA,EAAA;AAwBA,IAAM,oBAAN,MAA6C;AAAA,EACnC,KAAA,uBAA+B,GAAA,EAAI;AAAA,EAE3C,MAAM,YAAY,KAAA,EAAqC;AACrD,IAAA,KAAA,MAAW,IAAA,IAAQ,IAAA,CAAK,KAAA,CAAM,MAAA,EAAO,EAAG;AACtC,MAAA,IAAI,IAAA,CAAK,KAAA,KAAU,KAAA,EAAO,OAAO,IAAA;AAAA,IACnC;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,SAAS,EAAA,EAAkC;AAC/C,IAAA,OAAO,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,EAAE,CAAA,IAAK,IAAA;AAAA,EAC/B;AAAA,EAEA,MAAM,OAAO,IAAA,EAAmC;AAC9C,IAAA,MAAM,EAAA,GAAK,KAAK,MAAA,EAAO,CAAE,SAAS,EAAE,CAAA,CAAE,MAAA,CAAO,CAAA,EAAG,CAAC,CAAA;AACjD,IAAA,MAAM,iBAAiB,MAAM,MAAA,CAAO,IAAA,CAAK,IAAA,CAAK,UAAU,EAAE,CAAA;AAC1D,IAAA,MAAM,IAAA,GAAa;AAAA,MACjB,EAAA;AAAA,MACA,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,QAAA,EAAU,cAAA;AAAA,MACV,IAAA,EAAM,KAAK,IAAA,IAAQ,MAAA;AAAA,MACnB,MAAM,IAAA,CAAK;AAAA,KACb;AACA,IAAA,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,EAAA,EAAI,IAAI,CAAA;AACvB,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,MAAA,CAAO,EAAA,EAAY,IAAA,EAAoC;AAC3D,IAAA,MAAM,IAAA,GAAO,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,EAAE,CAAA;AAC9B,IAAA,IAAI,CAAC,IAAA,EAAM,MAAM,IAAI,MAAM,gBAAgB,CAAA;AAC3C,IAAA,MAAM,OAAA,GAAU,EAAE,GAAG,IAAA,EAAM,GAAG,IAAA,EAAK;AACnC,IAAA,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,EAAA,EAAI,OAAO,CAAA;AAC1B,IAAA,OAAO,OAAA;AAAA,EACT;AACF,CAAA;AAEO,IAAM,cAAN,MAAkB;AAAA,EACf,SAAA;AAAA,EACA,OAAA;AAAA,EACA,WAAA,GAAuB,KAAA;AAAA,EAE/B,WAAA,CAAY,OAAA,GAAuB,EAAC,EAAG,SAAA,EAAuB;AAC5D,IAAA,IAAA,CAAK,OAAA,GAAU;AAAA,MACb,SAAA,EAAW,OAAA,CAAQ,SAAA,IAAa,OAAA,CAAQ,IAAI,UAAA,IAAc,qCAAA;AAAA,MAC1D,YAAA,EAAc,QAAQ,YAAA,IAAgB,IAAA;AAAA,MACtC,aAAA,EAAe,OAAA,CAAQ,aAAA,IAAiB,OAAA,CAAQ,IAAI,kBAAA,IAAsB,qCAAA;AAAA,MAC1E,gBAAA,EAAkB,QAAQ,gBAAA,IAAoB,KAAA;AAAA,MAC9C,cAAA,EAAgB,OAAA,CAAQ,cAAA,IAAkB,OAAA,CAAQ,IAAI,gBAAA,IAAoB,EAAA;AAAA,MAC1E,kBAAA,EAAoB,OAAA,CAAQ,kBAAA,IAAsB,OAAA,CAAQ,IAAI,oBAAA,IAAwB,EAAA;AAAA,MACtF,iBAAA,EAAmB,OAAA,CAAQ,iBAAA,IAAqB,OAAA,CAAQ,IAAI,mBAAA,IAAuB;AAAA,KACrF;AAEA,IAAA,IAAA,CAAK,SAAA,GAAY,SAAA,IAAa,IAAI,iBAAA,EAAkB;AAAA,EACtD;AAAA,EAEA,MAAM,UAAA,GAA4B;AAChC,IAAA,IAAI,IAAA,CAAK,QAAQ,cAAA,IAAkB,IAAA,CAAK,QAAQ,kBAAA,IAAsB,IAAA,CAAK,QAAQ,iBAAA,EAAmB;AACpG,MAAA,YAAA,CAAa,iBAAiB,QAAA,EAAU;AAAA,QACtC,IAAA,EAAM,QAAA;AAAA,QACN,QAAA,EAAU,KAAK,OAAA,CAAQ,cAAA;AAAA,QACvB,YAAA,EAAc,KAAK,OAAA,CAAQ,kBAAA;AAAA,QAC3B,WAAA,EAAa,KAAK,OAAA,CAAQ,iBAAA;AAAA,QAC1B,gBAAA,EAAkB,8CAAA;AAAA,QAClB,QAAA,EAAU,qCAAA;AAAA,QACV,WAAA,EAAa;AAAA,OACd,CAAA;AAAA,IACH;AACA,IAAA,IAAA,CAAK,WAAA,GAAc,IAAA;AAAA,EACrB;AAAA,EAEA,MAAM,SAAS,IAAA,EAAoG;AACjH,IAAA,MAAM,WAAW,MAAM,IAAA,CAAK,SAAA,CAAU,WAAA,CAAY,KAAK,KAAK,CAAA;AAC5D,IAAA,IAAI,QAAA,EAAU;AACZ,MAAA,MAAM,IAAI,MAAM,qBAAqB,CAAA;AAAA,IACvC;AAEA,IAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,SAAA,CAAU,OAAO,IAAI,CAAA;AAC7C,IAAA,MAAM,MAAA,GAAS,WAAW,iBAAA,CAAkB;AAAA,MAC1C,QAAQ,IAAA,CAAK,EAAA;AAAA,MACb,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,MAAM,IAAA,CAAK;AAAA,KACZ,CAAA;AAED,IAAA,OAAO,EAAE,MAAM,MAAA,EAAO;AAAA,EACxB;AAAA,EAEA,MAAM,MAAM,WAAA,EAA+G;AACzH,IAAA,MAAM,OAAO,MAAM,IAAA,CAAK,SAAA,CAAU,WAAA,CAAY,YAAY,KAAK,CAAA;AAC/D,IAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,IAAA,CAAK,QAAA,EAAU;AAC3B,MAAA,MAAM,IAAI,MAAM,qBAAqB,CAAA;AAAA,IACvC;AAEA,IAAA,MAAM,UAAU,MAAM,MAAA,CAAO,QAAQ,WAAA,CAAY,QAAA,EAAU,KAAK,QAAQ,CAAA;AACxE,IAAA,IAAI,CAAC,OAAA,EAAS;AACZ,MAAA,MAAM,IAAI,MAAM,qBAAqB,CAAA;AAAA,IACvC;AAEA,IAAA,MAAM,MAAA,GAAS,WAAW,iBAAA,CAAkB;AAAA,MAC1C,QAAQ,IAAA,CAAK,EAAA;AAAA,MACb,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,MAAM,IAAA,CAAK;AAAA,KACZ,CAAA;AAED,IAAA,OAAO,EAAE,MAAM,MAAA,EAAO;AAAA,EACxB;AAAA,EAEA,MAAM,QAAQ,YAAA,EAA8E;AAC1F,IAAA,OAAO,UAAA,CAAW,cAAc,YAAY,CAAA;AAAA,EAC9C;AAAA,EAEA,MAAM,iBAAiB,KAAA,EAAiC;AACtD,IAAA,OAAO,YAAA,CAAa,mBAAA,CAAoB,QAAA,EAAU,KAAK,CAAA;AAAA,EACzD;AAAA,EAEA,MAAM,qBAAqB,IAAA,EAA8F;AACvH,IAAA,MAAM,EAAE,WAAA,EAAY,GAAI,MAAM,YAAA,CAAa,YAAA,CAAa,UAAU,IAAI,CAAA;AACtE,IAAA,MAAM,QAAA,GAAW,MAAM,YAAA,CAAa,WAAA,CAAY,UAAU,WAAW,CAAA;AAErE,IAAA,IAAI,OAAO,MAAM,IAAA,CAAK,SAAA,CAAU,WAAA,CAAY,SAAS,KAAK,CAAA;AAE1D,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,IAAA,GAAO,MAAM,IAAA,CAAK,SAAA,CAAU,MAAA,CAAO;AAAA,QACjC,OAAO,QAAA,CAAS,KAAA;AAAA,QAChB,QAAA,EAAU,KAAK,MAAA,EAAO,CAAE,SAAS,EAAE,CAAA,CAAE,MAAA,CAAO,CAAA,EAAG,EAAE,CAAA;AAAA,QACjD,MAAM,QAAA,CAAS,IAAA;AAAA,QACf,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH;AAEA,IAAA,MAAM,MAAA,GAAS,WAAW,iBAAA,CAAkB;AAAA,MAC1C,QAAQ,IAAA,CAAK,EAAA;AAAA,MACb,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,MAAM,IAAA,CAAK;AAAA,KACZ,CAAA;AAED,IAAA,OAAO,EAAE,MAAM,MAAA,EAAO;AAAA,EACxB;AAAA,EAEA,aAAA,GAAgC;AAC9B,IAAA,OAAO,CAAC,GAAA,EAAc,GAAA,EAAe,IAAA,KAAuB;AAC1D,MAAA,MAAM,UAAA,GAAa,IAAI,OAAA,CAAQ,aAAA;AAE/B,MAAA,IAAI,CAAC,UAAA,IAAc,CAAC,UAAA,CAAW,UAAA,CAAW,SAAS,CAAA,EAAG;AACpD,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,qBAAqB,CAAA;AAAA,MAC5D;AAEA,MAAA,MAAM,KAAA,GAAQ,UAAA,CAAW,SAAA,CAAU,CAAC,CAAA;AAEpC,MAAA,IAAI;AACF,QAAA,MAAM,OAAA,GAAU,UAAA,CAAW,WAAA,CAAY,KAAK,CAAA;AAC5C,QAAA,GAAA,CAAI,IAAA,GAAO;AAAA,UACT,GAAG,OAAA;AAAA,UACH,IAAI,OAAA,CAAQ;AAAA,SACd;AACA,QAAA,IAAA,EAAK;AAAA,MACP,SAAS,KAAA,EAAO;AACd,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,iBAAiB,CAAA;AAAA,MACxD;AAAA,IACF,CAAA;AAAA,EACF;AAAA,EAEA,WAAA,GAA8B;AAC5B,IAAA,OAAO,CAAC,GAAA,EAAc,GAAA,EAAe,IAAA,KAAuB;AAC1D,MAAA,IAAI,CAAC,IAAI,IAAA,EAAM;AACb,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MAClE;AACA,MAAA,IAAA,EAAK;AAAA,IACP,CAAA;AAAA,EACF;AAAA,EAEA,YAAY,IAAA,EAA8B;AACxC,IAAA,OAAO,CAAC,GAAA,EAAc,GAAA,EAAe,IAAA,KAAuB;AAC1D,MAAA,IAAI,CAAC,IAAI,IAAA,EAAM;AACb,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MAClE;AACA,MAAA,IAAI,CAAC,WAAA,CAAY,OAAA,CAAQ,IAAI,IAAA,CAAK,IAAA,EAAM,IAAI,CAAA,EAAG;AAC7C,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,4BAA4B,CAAA;AAAA,MACnE;AACA,MAAA,IAAA,EAAK;AAAA,IACP,CAAA;AAAA,EACF;AAAA,EAEA,kBAAkB,UAAA,EAAoC;AACpD,IAAA,OAAO,CAAC,GAAA,EAAc,GAAA,EAAe,IAAA,KAAuB;AAC1D,MAAA,IAAI,CAAC,IAAI,IAAA,EAAM;AACb,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MAClE;AACA,MAAA,IAAI,CAAC,WAAA,CAAY,aAAA,CAAc,IAAI,IAAA,CAAK,IAAA,EAAM,UAAU,CAAA,EAAG;AACzD,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,4BAA4B,CAAA;AAAA,MACnE;AACA,MAAA,IAAA,EAAK;AAAA,IACP,CAAA;AAAA,EACF;AACF;AAEA,IAAI,mBAAA,GAA0C,IAAA;AAEvC,SAAS,UAAA,CAAW,SAAuB,SAAA,EAAoC;AACpF,EAAA,mBAAA,GAAsB,IAAI,WAAA,CAAY,OAAA,EAAS,SAAS,CAAA;AACxD,EAAA,OAAO,mBAAA;AACT;AAEO,SAAS,IAAA,GAAoB;AAClC,EAAA,IAAI,CAAC,mBAAA,EAAqB;AACxB,IAAA,mBAAA,GAAsB,IAAI,WAAA,EAAY;AAAA,EACxC;AACA,EAAA,OAAO,mBAAA;AACT;AAEO,IAAM,IAAA,GAAO;AAAA,EAClB,UAAA,EAAY,CAAC,OAAA,KAA0B;AACrC,IAAA,MAAM,OAAA,GAAU,WAAW,OAAO,CAAA;AAClC,IAAA,OAAO;AAAA,MACL,OAAA;AAAA,MACA,aAAA,EAAe,MAAM,OAAA,CAAQ,aAAA,EAAc;AAAA,MAC3C,WAAA,EAAa,MAAM,OAAA,CAAQ,WAAA,EAAY;AAAA,MACvC,WAAA,EAAa,CAAC,IAAA,KAAiB,OAAA,CAAQ,YAAY,IAAI,CAAA;AAAA,MACvD,iBAAA,EAAmB,CAAC,UAAA,KAAuB,OAAA,CAAQ,kBAAkB,UAAU;AAAA,KACjF;AAAA,EACF;AACF;;;AC/OO,SAAS,kBAAA,CAAmB,OAAA,EAA0B,OAAA,EAAuC,IAAA,EAA+B;AACjI,EAAA,MAAM,EAAE,aAAY,GAAI,OAAA;AAExB,EAAA,OAAA,CAAQ,QAAA,CAAS,cAAA,EAAgB,OAAO,OAAA,EAAyB,KAAA,KAAwB;AACvF,IAAA,MAAM,UAAA,GAAa,QAAQ,OAAA,CAAQ,aAAA;AAEnC,IAAA,IAAI,CAAC,UAAA,IAAc,CAAC,UAAA,CAAW,UAAA,CAAW,SAAS,CAAA,EAAG;AACpD,MAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,qBAAqB,CAAA;AAAA,IAC9D;AAEA,IAAA,MAAM,KAAA,GAAQ,UAAA,CAAW,SAAA,CAAU,CAAC,CAAA;AAEpC,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,WAAA,CAAY,YAAY,CAAA,CAAE,YAAY,KAAK,CAAA;AAC3D,MAAA,OAAA,CAAQ,IAAA,GAAO;AAAA,QACb,GAAG,OAAA;AAAA,QACH,IAAI,OAAA,CAAQ;AAAA,OACd;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,iBAAiB,CAAA;AAAA,IAC1D;AAAA,EACF,CAAC,CAAA;AAED,EAAA,OAAA,CAAQ,QAAA,CAAS,aAAA,EAAe,OAAO,OAAA,EAAyB,KAAA,KAAwB;AACtF,IAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,MAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,IACpE;AAAA,EACF,CAAC,CAAA;AAED,EAAA,OAAA,CAAQ,QAAA,CAAS,aAAA,EAAe,CAAC,IAAA,KAAiB;AAChD,IAAA,OAAO,OAAO,SAAyB,KAAA,KAAwB;AAC7D,MAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,QAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MACpE;AACA,MAAA,MAAM,EAAE,WAAA,EAAAA,YAAAA,EAAY,GAAI,MAAM,OAAA,CAAA,OAAA,EAAA,CAAA,IAAA,CAAA,OAAA,SAAA,EAAA,EAAA,YAAA,CAAA,CAAA;AAC9B,MAAA,IAAI,CAACA,YAAAA,CAAY,OAAA,CAAQ,QAAQ,IAAA,CAAK,IAAA,EAAM,IAAI,CAAA,EAAG;AACjD,QAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,4BAA4B,CAAA;AAAA,MACrE;AAAA,IACF,CAAA;AAAA,EACF,CAAC,CAAA;AAED,EAAA,OAAA,CAAQ,QAAA,CAAS,mBAAA,EAAqB,CAAC,UAAA,KAAuB;AAC5D,IAAA,OAAO,OAAO,SAAyB,KAAA,KAAwB;AAC7D,MAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,QAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MACpE;AACA,MAAA,MAAM,EAAE,WAAA,EAAAA,YAAAA,EAAY,GAAI,MAAM,OAAA,CAAA,OAAA,EAAA,CAAA,IAAA,CAAA,OAAA,SAAA,EAAA,EAAA,YAAA,CAAA,CAAA;AAC9B,MAAA,IAAI,CAACA,YAAAA,CAAY,aAAA,CAAc,QAAQ,IAAA,CAAK,IAAA,EAAM,UAAU,CAAA,EAAG;AAC7D,QAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,4BAA4B,CAAA;AAAA,MACrE;AAAA,IACF,CAAA;AAAA,EACF,CAAC,CAAA;AAED,EAAA,IAAA,EAAK;AACP","file":"index.mjs","sourcesContent":["export type Role = 'admin' | 'user' | 'guest' | string;\n\nexport interface User {\n id: string;\n email: string;\n password?: string;\n role: Role;\n name?: string;\n picture?: string;\n createdAt?: Date;\n updatedAt?: Date;\n}\n\nexport interface JWTPayload {\n userId: string;\n email: string;\n role: Role;\n}\n\nexport interface TokenPair {\n accessToken: string;\n refreshToken: string;\n}\n\nexport interface AuthOptions {\n jwtSecret?: string;\n jwtExpiresIn?: string;\n refreshSecret?: string;\n refreshExpiresIn?: string;\n googleClientId?: string;\n googleClientSecret?: string;\n googleRedirectUri?: string;\n}\n\nexport interface AuthUserRequest extends Request {\n user?: JWTPayload;\n}\n\nexport type Permission = string;\n\nexport interface RolePermissions {\n [role: string]: Permission[];\n}\n\nexport const DEFAULT_PERMISSIONS: RolePermissions = {\n admin: ['*'],\n user: ['read', 'write:own'],\n guest: ['read:public'],\n};\n\nexport interface LoginCredentials {\n email: string;\n password: string;\n}\n\nexport interface RegisterData extends LoginCredentials {\n name?: string;\n role?: Role;\n}\n\nexport interface OAuthProvider {\n name: string;\n clientId: string;\n clientSecret: string;\n redirectUri: string;\n authorizationUrl: string;\n tokenUrl: string;\n userInfoUrl: string;\n}\n","import { Role, Permission, RolePermissions, DEFAULT_PERMISSIONS } from './types';\n\nexport class RBACService {\n private permissions: RolePermissions;\n\n constructor(permissions: RolePermissions = DEFAULT_PERMISSIONS) {\n this.permissions = permissions;\n }\n\n setPermissions(permissions: RolePermissions): void {\n this.permissions = permissions;\n }\n\n addPermission(role: Role, permission: Permission): void {\n if (!this.permissions[role]) {\n this.permissions[role] = [];\n }\n if (!this.permissions[role].includes(permission)) {\n this.permissions[role].push(permission);\n }\n }\n\n removePermission(role: Role, permission: Permission): void {\n if (this.permissions[role]) {\n this.permissions[role] = this.permissions[role].filter(p => p !== permission);\n }\n }\n\n getPermissions(role: Role): Permission[] {\n return this.permissions[role] || [];\n }\n\n hasPermission(role: Role, requiredPermission: Permission): boolean {\n const rolePermissions = this.getPermissions(role);\n \n if (rolePermissions.includes('*')) {\n return true;\n }\n\n if (rolePermissions.includes(requiredPermission)) {\n return true;\n }\n\n const [requiredAction, requiredScope] = requiredPermission.split(':');\n \n for (const perm of rolePermissions) {\n const [action, scope] = perm.split(':');\n \n if (action === '*' && (scope === '*' || scope === requiredScope)) {\n return true;\n }\n \n if (action === requiredAction && (scope === '*' || scope === requiredScope)) {\n return true;\n }\n }\n\n return false;\n }\n\n hasRole(userRole: Role, requiredRole: Role): boolean {\n const hierarchy: Role[] = ['guest', 'user', 'admin'];\n const userIndex = hierarchy.indexOf(userRole as any);\n const requiredIndex = hierarchy.indexOf(requiredRole as any);\n \n if (userIndex === -1 || requiredIndex === -1) {\n return userRole === requiredRole;\n }\n \n return userIndex >= requiredIndex;\n }\n\n authorize(permission: Permission) {\n return (role: Role): boolean => this.hasPermission(role, permission);\n }\n\n authorizeRole(requiredRole: Role) {\n return (role: Role): boolean => this.hasRole(role, requiredRole);\n }\n}\n\nexport const rbacService = new RBACService();\n","export * from './types';\nexport * from './jwt';\nexport * from './rbac';\nexport * from './oauth';\nexport * from './express';\nexport * from './fastify';\n","import { z } from 'zod';\n\nexport const envSchema = z.object({\n NODE_ENV: z.enum(['development', 'production', 'test']).default('development'),\n PORT: z.string().default('3000'),\n DATABASE_URL: z.string().optional(),\n REDIS_URL: z.string().default('redis://localhost:6379'),\n JWT_SECRET: z.string().min(32).optional(),\n JWT_EXPIRES_IN: z.string().default('7d'),\n JWT_REFRESH_SECRET: z.string().min(32).optional(),\n JWT_REFRESH_EXPIRES_IN: z.string().default('30d'),\n GOOGLE_CLIENT_ID: z.string().optional(),\n GOOGLE_CLIENT_SECRET: z.string().optional(),\n GOOGLE_REDIRECT_URI: z.string().optional(),\n SMTP_HOST: z.string().optional(),\n SMTP_PORT: z.string().default('587'),\n SMTP_USER: z.string().optional(),\n SMTP_PASS: z.string().optional(),\n SMTP_FROM: z.string().optional(),\n TWILIO_ACCOUNT_SID: z.string().optional(),\n TWILIO_AUTH_TOKEN: z.string().optional(),\n TWILIO_PHONE_NUMBER: z.string().optional(),\n SLACK_WEBHOOK_URL: z.string().optional(),\n RATE_LIMIT_WINDOW: z.string().default('1m'),\n RATE_LIMIT_LIMIT: z.string().default('100'),\n LOG_LEVEL: z.enum(['fatal', 'error', 'warn', 'info', 'debug', 'trace']).default('info'),\n AWS_REGION: z.string().default('us-east-1'),\n AWS_ACCESS_KEY_ID: z.string().optional(),\n AWS_SECRET_ACCESS_KEY: z.string().optional(),\n AWS_S3_BUCKET: z.string().optional(),\n AWS_ENDPOINT: z.string().optional(),\n});\n\nexport type EnvConfig = z.infer<typeof envSchema>;\n\nexport interface ConfigOptions {\n schema?: z.ZodSchema;\n envPath?: string;\n validate?: boolean;\n}\n\nclass ConfigManager {\n private config: EnvConfig | null = null;\n private schema: z.ZodSchema;\n private validate: boolean;\n\n constructor(options: ConfigOptions = {}) {\n this.schema = options.schema || envSchema;\n this.validate = options.validate ?? true;\n }\n\n load(): EnvConfig {\n if (this.config) return this.config;\n\n const env: Record<string, string | undefined> = {};\n \n for (const key of Object.keys(this.schema.shape)) {\n env[key] = process.env[key];\n }\n\n if (this.validate) {\n const result = this.schema.safeParse(env);\n if (!result.success) {\n const errors = result.error.errors.map(e => `${e.path.join('.')}: ${e.message}`).join(', ');\n throw new Error(`Config validation failed: ${errors}`);\n }\n this.config = result.data;\n } else {\n this.config = env as EnvConfig;\n }\n\n return this.config;\n }\n\n get<K extends keyof EnvConfig>(key: K): EnvConfig[K] {\n if (!this.config) this.load();\n return this.config![key];\n }\n\n int(key: keyof EnvConfig): number {\n const value = this.get(key);\n if (typeof value === 'string') return parseInt(value, 10);\n return Number(value);\n }\n\n bool(key: keyof EnvConfig): boolean {\n const value = this.get(key);\n if (typeof value === 'boolean') return value;\n if (typeof value === 'string') return value.toLowerCase() === 'true';\n return Boolean(value);\n }\n\n isProduction(): boolean {\n return this.get('NODE_ENV') === 'production';\n }\n\n isDevelopment(): boolean {\n return this.get('NODE_ENV') === 'development';\n }\n\n isTest(): boolean {\n return this.get('NODE_ENV') === 'test';\n }\n\n getAll(): EnvConfig {\n if (!this.config) this.load();\n return this.config!;\n }\n}\n\nconst globalConfig = new ConfigManager();\n\nexport const config = {\n load: () => globalConfig.load(),\n get: <K extends keyof EnvConfig>(key: K) => globalConfig.get(key),\n int: (key: keyof EnvConfig) => globalConfig.int(key),\n bool: (key: keyof EnvConfig) => globalConfig.bool(key),\n isProduction: () => globalConfig.isProduction(),\n isDevelopment: () => globalConfig.isDevelopment(),\n isTest: () => globalConfig.isTest(),\n getAll: () => globalConfig.getAll(),\n create: (options?: ConfigOptions) => new ConfigManager(options),\n};\n\nexport default config;\n","import jwt from 'jsonwebtoken';\nimport { JWTPayload, TokenPair } from './types';\nimport { config } from '../config';\n\nexport class JWTService {\n private secret: string;\n private expiresIn: string;\n private refreshSecret: string;\n private refreshExpiresIn: string;\n\n constructor(options: { jwtSecret?: string; jwtExpiresIn?: string; refreshSecret?: string; refreshExpiresIn?: string } = {}) {\n this.secret = options.jwtSecret || config.get('JWT_SECRET') || 'default-secret-change-in-production';\n this.expiresIn = options.jwtExpiresIn || config.get('JWT_EXPIRES_IN') || '7d';\n this.refreshSecret = options.refreshSecret || config.get('JWT_REFRESH_SECRET') || this.secret;\n this.refreshExpiresIn = options.refreshExpiresIn || config.get('JWT_REFRESH_EXPIRES_IN') || '30d';\n }\n\n generateToken(payload: JWTPayload): string {\n return jwt.sign(payload, this.secret, { expiresIn: this.expiresIn });\n }\n\n generateRefreshToken(payload: JWTPayload): string {\n return jwt.sign(payload, this.refreshSecret, { expiresIn: this.refreshExpiresIn });\n }\n\n generateTokenPair(payload: JWTPayload): TokenPair {\n return {\n accessToken: this.generateToken(payload),\n refreshToken: this.generateRefreshToken(payload),\n };\n }\n\n verifyToken(token: string): JWTPayload {\n return jwt.verify(token, this.secret) as JWTPayload;\n }\n\n verifyRefreshToken(token: string): JWTPayload {\n return jwt.verify(token, this.refreshSecret) as JWTPayload;\n }\n\n refreshTokens(refreshToken: string): TokenPair {\n const { iat, exp, nbf, ...payload } = this.verifyRefreshToken(refreshToken) as JWTPayload & { iat?: number; exp?: number; nbf?: number };\n return this.generateTokenPair(payload);\n }\n}\n\nexport const jwtService = new JWTService();\n","import { OAuthProvider } from './types';\nimport { config } from '../config';\n\nexport interface OAuthUserInfo {\n id: string;\n email: string;\n name?: string;\n picture?: string;\n}\n\nexport class OAuthService {\n private providers: Map<string, OAuthProvider> = new Map();\n\n constructor() {\n const googleClientId = config.get('GOOGLE_CLIENT_ID');\n const googleClientSecret = config.get('GOOGLE_CLIENT_SECRET');\n const googleRedirectUri = config.get('GOOGLE_REDIRECT_URI');\n\n if (googleClientId && googleClientSecret && googleRedirectUri) {\n this.registerProvider('google', {\n name: 'google',\n clientId: googleClientId,\n clientSecret: googleClientSecret,\n redirectUri: googleRedirectUri,\n authorizationUrl: 'https://accounts.google.com/o/oauth2/v2/auth',\n tokenUrl: 'https://oauth2.googleapis.com/token',\n userInfoUrl: 'https://www.googleapis.com/oauth2/v2/userinfo',\n });\n }\n }\n\n registerProvider(name: string, provider: OAuthProvider): void {\n this.providers.set(name, provider);\n }\n\n getProvider(name: string): OAuthProvider | undefined {\n return this.providers.get(name);\n }\n\n getAuthorizationUrl(providerName: string, state?: string): string {\n const provider = this.getProvider(providerName);\n if (!provider) {\n throw new Error(`OAuth provider ${providerName} not registered`);\n }\n\n const params = new URLSearchParams({\n client_id: provider.clientId,\n redirect_uri: provider.redirectUri,\n response_type: 'code',\n scope: 'openid email profile',\n state: state || '',\n });\n\n return `${provider.authorizationUrl}?${params.toString()}`;\n }\n\n async exchangeCode(providerName: string, code: string): Promise<{ accessToken: string; refreshToken?: string }> {\n const provider = this.getProvider(providerName);\n if (!provider) {\n throw new Error(`OAuth provider ${providerName} not registered`);\n }\n\n const response = await fetch(provider.tokenUrl, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/x-www-form-urlencoded',\n },\n body: new URLSearchParams({\n client_id: provider.clientId,\n client_secret: provider.clientSecret,\n code,\n grant_type: 'authorization_code',\n redirect_uri: provider.redirectUri,\n }),\n });\n\n if (!response.ok) {\n const error = await response.text();\n throw new Error(`OAuth token exchange failed: ${error}`);\n }\n\n const data = await response.json();\n return {\n accessToken: data.access_token,\n refreshToken: data.refresh_token,\n };\n }\n\n async getUserInfo(providerName: string, accessToken: string): Promise<OAuthUserInfo> {\n const provider = this.getProvider(providerName);\n if (!provider) {\n throw new Error(`OAuth provider ${providerName} not registered`);\n }\n\n const response = await fetch(provider.userInfoUrl, {\n headers: {\n Authorization: `Bearer ${accessToken}`,\n },\n });\n\n if (!response.ok) {\n const error = await response.text();\n throw new Error(`OAuth user info fetch failed: ${error}`);\n }\n\n const data = await response.json();\n\n return {\n id: data.id,\n email: data.email,\n name: data.name,\n picture: data.picture,\n };\n }\n}\n\nexport const oauthService = new OAuthService();\n","import bcrypt from 'bcryptjs';\nimport { Request, Response, NextFunction, RequestHandler } from 'express';\nimport { JWTPayload, LoginCredentials, RegisterData, User, AuthOptions } from './types';\nimport { jwtService } from './jwt';\nimport { rbacService } from './rbac';\nimport { oauthService } from './oauth';\n\nexport interface AuthUser extends JWTPayload {\n id: string;\n email: string;\n role: string;\n}\n\ndeclare global {\n namespace Express {\n interface Request {\n user?: AuthUser;\n }\n }\n}\n\nexport interface UserStore {\n findByEmail(email: string): Promise<User | null>;\n findById(id: string): Promise<User | null>;\n create(data: RegisterData): Promise<User>;\n update(id: string, data: Partial<User>): Promise<User>;\n}\n\nclass InMemoryUserStore implements UserStore {\n private users: Map<string, User> = new Map();\n\n async findByEmail(email: string): Promise<User | null> {\n for (const user of this.users.values()) {\n if (user.email === email) return user;\n }\n return null;\n }\n\n async findById(id: string): Promise<User | null> {\n return this.users.get(id) || null;\n }\n\n async create(data: RegisterData): Promise<User> {\n const id = Math.random().toString(36).substr(2, 9);\n const hashedPassword = await bcrypt.hash(data.password, 10);\n const user: User = {\n id,\n email: data.email,\n password: hashedPassword,\n role: data.role || 'user',\n name: data.name,\n };\n this.users.set(id, user);\n return user;\n }\n\n async update(id: string, data: Partial<User>): Promise<User> {\n const user = this.users.get(id);\n if (!user) throw new Error('User not found');\n const updated = { ...user, ...data };\n this.users.set(id, updated);\n return updated;\n }\n}\n\nexport class AuthService {\n private userStore: UserStore;\n private options: Required<AuthOptions>;\n private initialized: boolean = false;\n\n constructor(options: AuthOptions = {}, userStore?: UserStore) {\n this.options = {\n jwtSecret: options.jwtSecret || process.env.JWT_SECRET || 'default-secret-change-in-production',\n jwtExpiresIn: options.jwtExpiresIn || '7d',\n refreshSecret: options.refreshSecret || process.env.JWT_REFRESH_SECRET || 'default-secret-change-in-production',\n refreshExpiresIn: options.refreshExpiresIn || '30d',\n googleClientId: options.googleClientId || process.env.GOOGLE_CLIENT_ID || '',\n googleClientSecret: options.googleClientSecret || process.env.GOOGLE_CLIENT_SECRET || '',\n googleRedirectUri: options.googleRedirectUri || process.env.GOOGLE_REDIRECT_URI || '',\n };\n\n this.userStore = userStore || new InMemoryUserStore();\n }\n\n async initialize(): Promise<void> {\n if (this.options.googleClientId && this.options.googleClientSecret && this.options.googleRedirectUri) {\n oauthService.registerProvider('google', {\n name: 'google',\n clientId: this.options.googleClientId,\n clientSecret: this.options.googleClientSecret,\n redirectUri: this.options.googleRedirectUri,\n authorizationUrl: 'https://accounts.google.com/o/oauth2/v2/auth',\n tokenUrl: 'https://oauth2.googleapis.com/token',\n userInfoUrl: 'https://www.googleapis.com/oauth2/v2/userinfo',\n });\n }\n this.initialized = true;\n }\n\n async register(data: RegisterData): Promise<{ user: User; tokens: { accessToken: string; refreshToken: string } }> {\n const existing = await this.userStore.findByEmail(data.email);\n if (existing) {\n throw new Error('User already exists');\n }\n\n const user = await this.userStore.create(data);\n const tokens = jwtService.generateTokenPair({\n userId: user.id,\n email: user.email,\n role: user.role,\n });\n\n return { user, tokens };\n }\n\n async login(credentials: LoginCredentials): Promise<{ user: User; tokens: { accessToken: string; refreshToken: string } }> {\n const user = await this.userStore.findByEmail(credentials.email);\n if (!user || !user.password) {\n throw new Error('Invalid credentials');\n }\n\n const isValid = await bcrypt.compare(credentials.password, user.password);\n if (!isValid) {\n throw new Error('Invalid credentials');\n }\n\n const tokens = jwtService.generateTokenPair({\n userId: user.id,\n email: user.email,\n role: user.role,\n });\n\n return { user, tokens };\n }\n\n async refresh(refreshToken: string): Promise<{ accessToken: string; refreshToken: string }> {\n return jwtService.refreshTokens(refreshToken);\n }\n\n async getGoogleAuthUrl(state?: string): Promise<string> {\n return oauthService.getAuthorizationUrl('google', state);\n }\n\n async handleGoogleCallback(code: string): Promise<{ user: User; tokens: { accessToken: string; refreshToken: string } }> {\n const { accessToken } = await oauthService.exchangeCode('google', code);\n const userInfo = await oauthService.getUserInfo('google', accessToken);\n\n let user = await this.userStore.findByEmail(userInfo.email);\n \n if (!user) {\n user = await this.userStore.create({\n email: userInfo.email,\n password: Math.random().toString(36).substr(2, 20),\n name: userInfo.name,\n role: 'user',\n });\n }\n\n const tokens = jwtService.generateTokenPair({\n userId: user.id,\n email: user.email,\n role: user.role,\n });\n\n return { user, tokens };\n }\n\n getMiddleware(): RequestHandler {\n return (req: Request, res: Response, next: NextFunction) => {\n const authHeader = req.headers.authorization;\n \n if (!authHeader || !authHeader.startsWith('Bearer ')) {\n return res.status(401).json({ error: 'No token provided' });\n }\n\n const token = authHeader.substring(7);\n \n try {\n const payload = jwtService.verifyToken(token);\n req.user = {\n ...payload,\n id: payload.userId,\n };\n next();\n } catch (error) {\n return res.status(401).json({ error: 'Invalid token' });\n }\n };\n }\n\n requireUser(): RequestHandler {\n return (req: Request, res: Response, next: NextFunction) => {\n if (!req.user) {\n return res.status(401).json({ error: 'Authentication required' });\n }\n next();\n };\n }\n\n requireRole(role: string): RequestHandler {\n return (req: Request, res: Response, next: NextFunction) => {\n if (!req.user) {\n return res.status(401).json({ error: 'Authentication required' });\n }\n if (!rbacService.hasRole(req.user.role, role)) {\n return res.status(403).json({ error: 'Insufficient permissions' });\n }\n next();\n };\n }\n\n requirePermission(permission: string): RequestHandler {\n return (req: Request, res: Response, next: NextFunction) => {\n if (!req.user) {\n return res.status(401).json({ error: 'Authentication required' });\n }\n if (!rbacService.hasPermission(req.user.role, permission)) {\n return res.status(403).json({ error: 'Insufficient permissions' });\n }\n next();\n };\n }\n}\n\nlet authServiceInstance: AuthService | null = null;\n\nexport function createAuth(options?: AuthOptions, userStore?: UserStore): AuthService {\n authServiceInstance = new AuthService(options, userStore);\n return authServiceInstance;\n}\n\nexport function auth(): AuthService {\n if (!authServiceInstance) {\n authServiceInstance = new AuthService();\n }\n return authServiceInstance;\n}\n\nexport const Auth = {\n initialize: (options?: AuthOptions) => {\n const service = createAuth(options);\n return {\n service,\n getMiddleware: () => service.getMiddleware(),\n requireUser: () => service.requireUser(),\n requireRole: (role: string) => service.requireRole(role),\n requirePermission: (permission: string) => service.requirePermission(permission),\n };\n },\n};\n","import { FastifyInstance, FastifyRequest, FastifyReply, HookHandlerDoneFunction } from 'fastify';\nimport { AuthService } from './express';\nimport { JWTPayload } from './types';\n\ndeclare module 'fastify' {\n interface FastifyRequest {\n user?: JWTPayload & { id: string };\n }\n}\n\nexport function registerAuthPlugin(fastify: FastifyInstance, options: { authService: AuthService }, done: HookHandlerDoneFunction) {\n const { authService } = options;\n\n fastify.decorate('authenticate', async (request: FastifyRequest, reply: FastifyReply) => {\n const authHeader = request.headers.authorization;\n \n if (!authHeader || !authHeader.startsWith('Bearer ')) {\n return reply.status(401).send({ error: 'No token provided' });\n }\n\n const token = authHeader.substring(7);\n \n try {\n const payload = authService['jwtService'].verifyToken(token);\n request.user = {\n ...payload,\n id: payload.userId,\n };\n } catch (error) {\n return reply.status(401).send({ error: 'Invalid token' });\n }\n });\n\n fastify.decorate('requireUser', async (request: FastifyRequest, reply: FastifyReply) => {\n if (!request.user) {\n return reply.status(401).send({ error: 'Authentication required' });\n }\n });\n\n fastify.decorate('requireRole', (role: string) => {\n return async (request: FastifyRequest, reply: FastifyReply) => {\n if (!request.user) {\n return reply.status(401).send({ error: 'Authentication required' });\n }\n const { rbacService } = await import('./rbac');\n if (!rbacService.hasRole(request.user.role, role)) {\n return reply.status(403).send({ error: 'Insufficient permissions' });\n }\n };\n });\n\n fastify.decorate('requirePermission', (permission: string) => {\n return async (request: FastifyRequest, reply: FastifyReply) => {\n if (!request.user) {\n return reply.status(401).send({ error: 'Authentication required' });\n }\n const { rbacService } = await import('./rbac');\n if (!rbacService.hasPermission(request.user.role, permission)) {\n return reply.status(403).send({ error: 'Insufficient permissions' });\n }\n };\n });\n\n done();\n}\n"]}