saas-backend-kit 1.0.2 → 1.0.4

package/README.md

@@ -13,6 +13,8 @@
 
 </div>
 
+**Drop-in Node.js/Express starter with JWT auth, rate limiting, Redis caching, and multi-tenant support — built for SaaS products.**
+
 ---
 
 ## ✨ Features
@@ -61,6 +63,170 @@ app.listen(3000, () => logger.info('Server running'));
 
 ---
 
+## 🗄️ Database
+
+This toolkit supports both **PostgreSQL** and **MongoDB**.
+
+### PostgreSQL
+
+#### 1. Set the Database URL
+
+Add the following to your `.env` file:
+
+```env
+DATABASE_URL=postgresql://user:password@localhost:5432/mydb
+```
+
+Replace the values with your actual database credentials:
+- `user` - Your PostgreSQL username
+- `password` - Your PostgreSQL password
+- `localhost` - Database host (use `localhost` for local, or your cloud provider's host)
+- `5432` - PostgreSQL port (default is 5432)
+- `mydb` - Your database name
+
+#### 2. Using Prisma (Recommended)
+
+If you're using Prisma, create a `prisma/schema.prisma` file:
+
+```prisma
+generator client {
+  provider = "prisma-client-js"
+}
+
+datasource db {
+  provider = "postgresql"
+  url      = env("DATABASE_URL")
+}
+
+model User {
+  id        String   @id @default(uuid())
+  email     String   @unique
+  name      String?
+  createdAt DateTime @default(now())
+  updatedAt DateTime @updatedAt
+}
+```
+
+Then run migrations:
+
+```bash
+npx prisma migrate dev --name init
+```
+
+#### 3. Using pg (Native PostgreSQL Client)
+
+```typescript
+import pg from 'pg';
+const { Pool } = pg;
+
+const pool = new Pool({
+  connectionString: process.env.DATABASE_URL,
+});
+
+const result = await pool.query('SELECT * FROM users WHERE email = $1', [email]);
+```
+
+#### 4. Connection Pooling
+
+For production, ensure your database connection is properly configured:
+
+```typescript
+const pool = new Pool({
+  connectionString: process.env.DATABASE_URL,
+  max: 20,
+  idleTimeoutMillis: 30000,
+  connectionTimeoutMillis: 2000,
+});
+```
+
+---
+
+### MongoDB
+
+First, install the MongoDB driver:
+
+```bash
+npm install mongodb
+```
+
+#### 1. Set the MongoDB URL
+
+Add the following to your `.env` file:
+
+```env
+MONGODB_URL=mongodb://user:password@localhost:27017/mydb
+```
+
+Replace the values with your actual MongoDB credentials:
+- `user` - Your MongoDB username
+- `password` - Your MongoDB password
+- `localhost` - Database host
+- `27017` - MongoDB port (default is 27017)
+- `mydb` - Your database name
+
+#### 2. Using the Database Module
+
+```typescript
+import { database, config } from 'saas-backend-kit';
+
+config.load();
+
+await database.connect({
+  url: config.get('MONGODB_URL') || 'mongodb://localhost:27017/mydb',
+});
+
+const usersCollection = database.collection('users');
+
+const user = await usersCollection.findOne({ email: 'user@example.com' });
+await usersCollection.insertOne({ name: 'John', email: 'john@example.com' });
+```
+
+#### 3. Using connectTo for Custom Database Name
+
+```typescript
+await database.connectTo(
+  'mongodb://localhost:27017',
+  'mydb',
+  { maxPoolSize: 10 }
+);
+```
+
+#### 4. Connection Options
+
+```typescript
+await database.connect({
+  url: process.env.MONGODB_URL!,
+  options: {
+    maxPoolSize: 20,
+    minPoolSize: 5,
+    serverSelectionTimeoutMS: 5000,
+    socketTimeoutMS: 45000,
+    w: 'majority',
+  }
+});
+```
+
+#### 5. CRUD Operations
+
+```typescript
+const users = database.collection('users');
+
+await users.insertOne({ name: 'John', email: 'john@example.com' });
+
+const user = await users.findOne({ email: 'john@example.com' });
+
+await users.updateOne(
+  { email: 'john@example.com' },
+  { $set: { name: 'John Doe' } }
+);
+
+await users.deleteOne({ email: 'john@example.com' });
+
+const allUsers = await users.find().toArray();
+```
+
+---
+
 ## 🔐 Authentication
 
 ```typescript
@@ -187,9 +353,12 @@ JWT_REFRESH_EXPIRES_IN=30d
 # Redis
 REDIS_URL=redis://localhost:6379
 
-# Database (optional)
+# Database (PostgreSQL)
 DATABASE_URL=postgresql://user:password@localhost:5432/mydb
 
+# Database (MongoDB)
+MONGODB_URL=mongodb://user:password@localhost:27017/mydb
+
 # Google OAuth (optional)
 GOOGLE_CLIENT_ID=
 GOOGLE_CLIENT_SECRET=

package/dist/auth/index.js

@@ -111,6 +111,7 @@ var envSchema = zod.z.object({
   NODE_ENV: zod.z.enum(["development", "production", "test"]).default("development"),
   PORT: zod.z.string().default("3000"),
   DATABASE_URL: zod.z.string().optional(),
+  MONGODB_URL: zod.z.string().optional(),
   REDIS_URL: zod.z.string().default("redis://localhost:6379"),
   JWT_SECRET: zod.z.string().min(32).optional(),
   JWT_EXPIRES_IN: zod.z.string().default("7d"),

package/dist/auth/index.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../src/auth/types.ts","../../src/auth/rbac.ts","../../src/auth/index.ts","../../src/config/index.ts","../../src/auth/jwt.ts","../../src/auth/oauth.ts","../../src/auth/express.ts","../../src/auth/fastify.ts"],"names":["DEFAULT_PERMISSIONS","RBACService","rbacService","z","jwt","bcrypt"],"mappings":";;;;;;;;;;;;;;;;;;;;;;AA4CaA;AA5Cb,IAAA,UAAA,GAAA,KAAA,CAAA;AAAA,EAAA,mBAAA,GAAA;AA4CO,IAAMA,2BAAA,GAAuC;AAAA,MAClD,KAAA,EAAO,CAAC,GAAG,CAAA;AAAA,MACX,IAAA,EAAM,CAAC,MAAA,EAAQ,WAAW,CAAA;AAAA,MAC1B,KAAA,EAAO,CAAC,aAAa;AAAA,KACvB;AAAA,EAAA;AAAA,CAAA,CAAA;;;AChDA,IAAA,YAAA,GAAA,EAAA;AAAA,QAAA,CAAA,YAAA,EAAA;AAAA,EAAA,WAAA,EAAA,MAAAC,mBAAA;AAAA,EAAA,WAAA,EAAA,MAAAC;AAAA,CAAA,CAAA;AAEaD,4BAAA,CAAA,CA+EAC;AAjFb,IAAA,SAAA,GAAA,KAAA,CAAA;AAAA,EAAA,kBAAA,GAAA;AAAA,IAAA,UAAA,EAAA;AAEO,IAAMD,sBAAN,MAAkB;AAAA,MACf,WAAA;AAAA,MAER,WAAA,CAAY,cAA+BD,2BAAA,EAAqB;AAC9D,QAAA,IAAA,CAAK,WAAA,GAAc,WAAA;AAAA,MACrB;AAAA,MAEA,eAAe,WAAA,EAAoC;AACjD,QAAA,IAAA,CAAK,WAAA,GAAc,WAAA;AAAA,MACrB;AAAA,MAEA,aAAA,CAAc,MAAY,UAAA,EAA8B;AACtD,QAAA,IAAI,CAAC,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,EAAG;AAC3B,UAAA,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,GAAI,EAAC;AAAA,QAC5B;AACA,QAAA,IAAI,CAAC,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,CAAE,QAAA,CAAS,UAAU,CAAA,EAAG;AAChD,UAAA,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,CAAE,IAAA,CAAK,UAAU,CAAA;AAAA,QACxC;AAAA,MACF;AAAA,MAEA,gBAAA,CAAiB,MAAY,UAAA,EAA8B;AACzD,QAAA,IAAI,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,EAAG;AAC1B,UAAA,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,GAAI,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,CAAE,MAAA,CAAO,CAAA,CAAA,KAAK,CAAA,KAAM,UAAU,CAAA;AAAA,QAC9E;AAAA,MACF;AAAA,MAEA,eAAe,IAAA,EAA0B;AACvC,QAAA,OAAO,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,IAAK,EAAC;AAAA,MACpC;AAAA,MAEA,aAAA,CAAc,MAAY,kBAAA,EAAyC;AACjE,QAAA,MAAM,eAAA,GAAkB,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA;AAEhD,QAAA,IAAI,eAAA,CAAgB,QAAA,CAAS,GAAG,CAAA,EAAG;AACjC,UAAA,OAAO,IAAA;AAAA,QACT;AAEA,QAAA,IAAI,eAAA,CAAgB,QAAA,CAAS,kBAAkB,CAAA,EAAG;AAChD,UAAA,OAAO,IAAA;AAAA,QACT;AAEA,QAAA,MAAM,CAAC,cAAA,EAAgB,aAAa,CAAA,GAAI,kBAAA,CAAmB,MAAM,GAAG,CAAA;AAEpE,QAAA,KAAA,MAAW,QAAQ,eAAA,EAAiB;AAClC,UAAA,MAAM,CAAC,MAAA,EAAQ,KAAK,CAAA,GAAI,IAAA,CAAK,MAAM,GAAG,CAAA;AAEtC,UAAA,IAAI,MAAA,KAAW,GAAA,KAAQ,KAAA,KAAU,GAAA,IAAO,UAAU,aAAA,CAAA,EAAgB;AAChE,YAAA,OAAO,IAAA;AAAA,UACT;AAEA,UAAA,IAAI,MAAA,KAAW,cAAA,KAAmB,KAAA,KAAU,GAAA,IAAO,UAAU,aAAA,CAAA,EAAgB;AAC3E,YAAA,OAAO,IAAA;AAAA,UACT;AAAA,QACF;AAEA,QAAA,OAAO,KAAA;AAAA,MACT;AAAA,MAEA,OAAA,CAAQ,UAAgB,YAAA,EAA6B;AACnD,QAAA,MAAM,SAAA,GAAoB,CAAC,OAAA,EAAS,MAAA,EAAQ,OAAO,CAAA;AACnD,QAAA,MAAM,SAAA,GAAY,SAAA,CAAU,OAAA,CAAQ,QAAe,CAAA;AACnD,QAAA,MAAM,aAAA,GAAgB,SAAA,CAAU,OAAA,CAAQ,YAAmB,CAAA;AAE3D,QAAA,IAAI,SAAA,KAAc,EAAA,IAAM,aAAA,KAAkB,EAAA,EAAI;AAC5C,UAAA,OAAO,QAAA,KAAa,YAAA;AAAA,QACtB;AAEA,QAAA,OAAO,SAAA,IAAa,aAAA;AAAA,MACtB;AAAA,MAEA,UAAU,UAAA,EAAwB;AAChC,QAAA,OAAO,CAAC,IAAA,KAAwB,IAAA,CAAK,aAAA,CAAc,MAAM,UAAU,CAAA;AAAA,MACrE;AAAA,MAEA,cAAc,YAAA,EAAoB;AAChC,QAAA,OAAO,CAAC,IAAA,KAAwB,IAAA,CAAK,OAAA,CAAQ,MAAM,YAAY,CAAA;AAAA,MACjE;AAAA,KACF;AAEO,IAAME,mBAAA,GAAc,IAAID,mBAAA,EAAY;AAAA,EAAA;AAAA,CAAA,CAAA;;;ACjF3C,UAAA,EAAA;ACEO,IAAM,SAAA,GAAYE,MAAE,MAAA,CAAO;AAAA,EAChC,QAAA,EAAUA,KAAA,CAAE,IAAA,CAAK,CAAC,aAAA,EAAe,cAAc,MAAM,CAAC,CAAA,CAAE,OAAA,CAAQ,aAAa,CAAA;AAAA,EAC7E,IAAA,EAAMA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,MAAM,CAAA;AAAA,EAC/B,YAAA,EAAcA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAClC,SAAA,EAAWA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,wBAAwB,CAAA;AAAA,EACtD,YAAYA,KAAA,CAAE,MAAA,GAAS,GAAA,CAAI,EAAE,EAAE,QAAA,EAAS;AAAA,EACxC,cAAA,EAAgBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,IAAI,CAAA;AAAA,EACvC,oBAAoBA,KAAA,CAAE,MAAA,GAAS,GAAA,CAAI,EAAE,EAAE,QAAA,EAAS;AAAA,EAChD,sBAAA,EAAwBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,KAAK,CAAA;AAAA,EAChD,gBAAA,EAAkBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACtC,oBAAA,EAAsBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC1C,mBAAA,EAAqBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACzC,SAAA,EAAWA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,SAAA,EAAWA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,KAAK,CAAA;AAAA,EACnC,SAAA,EAAWA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,SAAA,EAAWA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,SAAA,EAAWA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,kBAAA,EAAoBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACxC,iBAAA,EAAmBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACvC,mBAAA,EAAqBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACzC,iBAAA,EAAmBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACvC,iBAAA,EAAmBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,IAAI,CAAA;AAAA,EAC1C,gBAAA,EAAkBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,KAAK,CAAA;AAAA,EAC1C,SAAA,EAAWA,KAAA,CAAE,IAAA,CAAK,CAAC,OAAA,EAAS,OAAA,EAAS,MAAA,EAAQ,MAAA,EAAQ,OAAA,EAAS,OAAO,CAAC,CAAA,CAAE,QAAQ,MAAM,CAAA;AAAA,EACtF,UAAA,EAAYA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,WAAW,CAAA;AAAA,EAC1C,iBAAA,EAAmBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACvC,qBAAA,EAAuBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC3C,aAAA,EAAeA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACnC,YAAA,EAAcA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AAC3B,CAAC,CAAA;AAUD,IAAM,gBAAN,MAAoB;AAAA,EACV,MAAA,GAA2B,IAAA;AAAA,EAC3B,MAAA;AAAA,EACA,QAAA;AAAA,EAER,WAAA,CAAY,OAAA,GAAyB,EAAC,EAAG;AACvC,IAAA,IAAA,CAAK,MAAA,GAAS,QAAQ,MAAA,IAAU,SAAA;AAChC,IAAA,IAAA,CAAK,QAAA,GAAW,QAAQ,QAAA,IAAY,IAAA;AAAA,EACtC;AAAA,EAEA,IAAA,GAAkB;AAChB,IAAA,IAAI,IAAA,CAAK,MAAA,EAAQ,OAAO,IAAA,CAAK,MAAA;AAE7B,IAAA,MAAM,MAA0C,EAAC;AAEjD,IAAA,KAAA,MAAW,OAAO,MAAA,CAAO,IAAA,CAAK,IAAA,CAAK,MAAA,CAAO,KAAK,CAAA,EAAG;AAChD,MAAA,GAAA,CAAI,GAAG,CAAA,GAAI,OAAA,CAAQ,GAAA,CAAI,GAAG,CAAA;AAAA,IAC5B;AAEA,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,MAAM,MAAA,GAAS,IAAA,CAAK,MAAA,CAAO,SAAA,CAAU,GAAG,CAAA;AACxC,MAAA,IAAI,CAAC,OAAO,OAAA,EAAS;AACnB,QAAA,MAAM,SAAS,MAAA,CAAO,KAAA,CAAM,OAAO,GAAA,CAAI,CAAA,CAAA,KAAK,GAAG,CAAA,CAAE,IAAA,CAAK,IAAA,CAAK,GAAG,CAAC,CAAA,EAAA,EAAK,CAAA,CAAE,OAAO,CAAA,CAAE,CAAA,CAAE,KAAK,IAAI,CAAA;AAC1F,QAAA,MAAM,IAAI,KAAA,CAAM,CAAA,0BAAA,EAA6B,MAAM,CAAA,CAAE,CAAA;AAAA,MACvD;AACA,MAAA,IAAA,CAAK,SAAS,MAAA,CAAO,IAAA;AAAA,IACvB,CAAA,MAAO;AACL,MAAA,IAAA,CAAK,MAAA,GAAS,GAAA;AAAA,IAChB;AAEA,IAAA,OAAO,IAAA,CAAK,MAAA;AAAA,EACd;AAAA,EAEA,IAA+B,GAAA,EAAsB;AACnD,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,EAAQ,IAAA,CAAK,IAAA,EAAK;AAC5B,IAAA,OAAO,IAAA,CAAK,OAAQ,GAAG,CAAA;AAAA,EACzB;AAAA,EAEA,IAAI,GAAA,EAA8B;AAChC,IAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,GAAA,CAAI,GAAG,CAAA;AAC1B,IAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,QAAA,CAAS,OAAO,EAAE,CAAA;AACxD,IAAA,OAAO,OAAO,KAAK,CAAA;AAAA,EACrB;AAAA,EAEA,KAAK,GAAA,EAA+B;AAClC,IAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,GAAA,CAAI,GAAG,CAAA;AAC1B,IAAA,IAAI,OAAO,KAAA,KAAU,SAAA,EAAW,OAAO,KAAA;AACvC,IAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,KAAA,CAAM,aAAY,KAAM,MAAA;AAC9D,IAAA,OAAO,QAAQ,KAAK,CAAA;AAAA,EACtB;AAAA,EAEA,YAAA,GAAwB;AACtB,IAAA,OAAO,IAAA,CAAK,GAAA,CAAI,UAAU,CAAA,KAAM,YAAA;AAAA,EAClC;AAAA,EAEA,aAAA,GAAyB;AACvB,IAAA,OAAO,IAAA,CAAK,GAAA,CAAI,UAAU,CAAA,KAAM,aAAA;AAAA,EAClC;AAAA,EAEA,MAAA,GAAkB;AAChB,IAAA,OAAO,IAAA,CAAK,GAAA,CAAI,UAAU,CAAA,KAAM,MAAA;AAAA,EAClC;AAAA,EAEA,MAAA,GAAoB;AAClB,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,EAAQ,IAAA,CAAK,IAAA,EAAK;AAC5B,IAAA,OAAO,IAAA,CAAK,MAAA;AAAA,EACd;AACF,CAAA;AAEA,IAAM,YAAA,GAAe,IAAI,aAAA,EAAc;AAEhC,IAAM,MAAA,GAAS;AAAA,EACpB,IAAA,EAAM,MAAM,YAAA,CAAa,IAAA,EAAK;AAAA,EAC9B,GAAA,EAAK,CAA4B,GAAA,KAAW,YAAA,CAAa,IAAI,GAAG,CAAA;AAAA,EAChE,GAAA,EAAK,CAAC,GAAA,KAAyB,YAAA,CAAa,IAAI,GAAG,CAAA;AAAA,EACnD,IAAA,EAAM,CAAC,GAAA,KAAyB,YAAA,CAAa,KAAK,GAAG,CAAA;AAAA,EACrD,YAAA,EAAc,MAAM,YAAA,CAAa,YAAA,EAAa;AAAA,EAC9C,aAAA,EAAe,MAAM,YAAA,CAAa,aAAA,EAAc;AAAA,EAChD,MAAA,EAAQ,MAAM,YAAA,CAAa,MAAA,EAAO;AAAA,EAClC,MAAA,EAAQ,MAAM,YAAA,CAAa,MAAA,EAAO;AAAA,EAClC,MAAA,EAAQ,CAAC,OAAA,KAA4B,IAAI,cAAc,OAAO;AAChE,CAAA;;;ACtHO,IAAM,aAAN,MAAiB;AAAA,EACd,MAAA;AAAA,EACA,SAAA;AAAA,EACA,aAAA;AAAA,EACA,gBAAA;AAAA,EAER,WAAA,CAAY,OAAA,GAA4G,EAAC,EAAG;AAC1H,IAAA,IAAA,CAAK,SAAS,OAAA,CAAQ,SAAA,IAAa,MAAA,CAAO,GAAA,CAAI,YAAY,CAAA,IAAK,qCAAA;AAC/D,IAAA,IAAA,CAAK,YAAY,OAAA,CAAQ,YAAA,IAAgB,MAAA,CAAO,GAAA,CAAI,gBAAgB,CAAA,IAAK,IAAA;AACzE,IAAA,IAAA,CAAK,gBAAgB,OAAA,CAAQ,aAAA,IAAiB,OAAO,GAAA,CAAI,oBAAoB,KAAK,IAAA,CAAK,MAAA;AACvF,IAAA,IAAA,CAAK,mBAAmB,OAAA,CAAQ,gBAAA,IAAoB,MAAA,CAAO,GAAA,CAAI,wBAAwB,CAAA,IAAK,KAAA;AAAA,EAC9F;AAAA,EAEA,cAAc,OAAA,EAA6B;AACzC,IAAA,OAAOC,oBAAA,CAAI,KAAK,OAAA,EAAS,IAAA,CAAK,QAAQ,EAAE,SAAA,EAAW,IAAA,CAAK,SAAA,EAAW,CAAA;AAAA,EACrE;AAAA,EAEA,qBAAqB,OAAA,EAA6B;AAChD,IAAA,OAAOA,oBAAA,CAAI,KAAK,OAAA,EAAS,IAAA,CAAK,eAAe,EAAE,SAAA,EAAW,IAAA,CAAK,gBAAA,EAAkB,CAAA;AAAA,EACnF;AAAA,EAEA,kBAAkB,OAAA,EAAgC;AAChD,IAAA,OAAO;AAAA,MACL,WAAA,EAAa,IAAA,CAAK,aAAA,CAAc,OAAO,CAAA;AAAA,MACvC,YAAA,EAAc,IAAA,CAAK,oBAAA,CAAqB,OAAO;AAAA,KACjD;AAAA,EACF;AAAA,EAEA,YAAY,KAAA,EAA2B;AACrC,IAAA,OAAOA,oBAAA,CAAI,MAAA,CAAO,KAAA,EAAO,IAAA,CAAK,MAAM,CAAA;AAAA,EACtC;AAAA,EAEA,mBAAmB,KAAA,EAA2B;AAC5C,IAAA,OAAOA,oBAAA,CAAI,MAAA,CAAO,KAAA,EAAO,IAAA,CAAK,aAAa,CAAA;AAAA,EAC7C;AAAA,EAEA,cAAc,YAAA,EAAiC;AAC7C,IAAA,MAAM,EAAE,KAAK,GAAA,EAAK,GAAA,EAAK,GAAG,OAAA,EAAQ,GAAI,IAAA,CAAK,kBAAA,CAAmB,YAAY,CAAA;AAC1E,IAAA,OAAO,IAAA,CAAK,kBAAkB,OAAO,CAAA;AAAA,EACvC;AACF;AAEO,IAAM,UAAA,GAAa,IAAI,UAAA;;;AF5C9B,SAAA,EAAA;;;AGQO,IAAM,eAAN,MAAmB;AAAA,EAChB,SAAA,uBAA4C,GAAA,EAAI;AAAA,EAExD,WAAA,GAAc;AACZ,IAAA,MAAM,cAAA,GAAiB,MAAA,CAAO,GAAA,CAAI,kBAAkB,CAAA;AACpD,IAAA,MAAM,kBAAA,GAAqB,MAAA,CAAO,GAAA,CAAI,sBAAsB,CAAA;AAC5D,IAAA,MAAM,iBAAA,GAAoB,MAAA,CAAO,GAAA,CAAI,qBAAqB,CAAA;AAE1D,IAAA,IAAI,cAAA,IAAkB,sBAAsB,iBAAA,EAAmB;AAC7D,MAAA,IAAA,CAAK,iBAAiB,QAAA,EAAU;AAAA,QAC9B,IAAA,EAAM,QAAA;AAAA,QACN,QAAA,EAAU,cAAA;AAAA,QACV,YAAA,EAAc,kBAAA;AAAA,QACd,WAAA,EAAa,iBAAA;AAAA,QACb,gBAAA,EAAkB,8CAAA;AAAA,QAClB,QAAA,EAAU,qCAAA;AAAA,QACV,WAAA,EAAa;AAAA,OACd,CAAA;AAAA,IACH;AAAA,EACF;AAAA,EAEA,gBAAA,CAAiB,MAAc,QAAA,EAA+B;AAC5D,IAAA,IAAA,CAAK,SAAA,CAAU,GAAA,CAAI,IAAA,EAAM,QAAQ,CAAA;AAAA,EACnC;AAAA,EAEA,YAAY,IAAA,EAAyC;AACnD,IAAA,OAAO,IAAA,CAAK,SAAA,CAAU,GAAA,CAAI,IAAI,CAAA;AAAA,EAChC;AAAA,EAEA,mBAAA,CAAoB,cAAsB,KAAA,EAAwB;AAChE,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,WAAA,CAAY,YAAY,CAAA;AAC9C,IAAA,IAAI,CAAC,QAAA,EAAU;AACb,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,eAAA,EAAkB,YAAY,CAAA,eAAA,CAAiB,CAAA;AAAA,IACjE;AAEA,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,CAAgB;AAAA,MACjC,WAAW,QAAA,CAAS,QAAA;AAAA,MACpB,cAAc,QAAA,CAAS,WAAA;AAAA,MACvB,aAAA,EAAe,MAAA;AAAA,MACf,KAAA,EAAO,sBAAA;AAAA,MACP,OAAO,KAAA,IAAS;AAAA,KACjB,CAAA;AAED,IAAA,OAAO,GAAG,QAAA,CAAS,gBAAgB,CAAA,CAAA,EAAI,MAAA,CAAO,UAAU,CAAA,CAAA;AAAA,EAC1D;AAAA,EAEA,MAAM,YAAA,CAAa,YAAA,EAAsB,IAAA,EAAuE;AAC9G,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,WAAA,CAAY,YAAY,CAAA;AAC9C,IAAA,IAAI,CAAC,QAAA,EAAU;AACb,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,eAAA,EAAkB,YAAY,CAAA,eAAA,CAAiB,CAAA;AAAA,IACjE;AAEA,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,QAAA,CAAS,QAAA,EAAU;AAAA,MAC9C,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA,EAAS;AAAA,QACP,cAAA,EAAgB;AAAA,OAClB;AAAA,MACA,IAAA,EAAM,IAAI,eAAA,CAAgB;AAAA,QACxB,WAAW,QAAA,CAAS,QAAA;AAAA,QACpB,eAAe,QAAA,CAAS,YAAA;AAAA,QACxB,IAAA;AAAA,QACA,UAAA,EAAY,oBAAA;AAAA,QACZ,cAAc,QAAA,CAAS;AAAA,OACxB;AAAA,KACF,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,KAAA,GAAQ,MAAM,QAAA,CAAS,IAAA,EAAK;AAClC,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,6BAAA,EAAgC,KAAK,CAAA,CAAE,CAAA;AAAA,IACzD;AAEA,IAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,IAAA,EAAK;AACjC,IAAA,OAAO;AAAA,MACL,aAAa,IAAA,CAAK,YAAA;AAAA,MAClB,cAAc,IAAA,CAAK;AAAA,KACrB;AAAA,EACF;AAAA,EAEA,MAAM,WAAA,CAAY,YAAA,EAAsB,WAAA,EAA6C;AACnF,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,WAAA,CAAY,YAAY,CAAA;AAC9C,IAAA,IAAI,CAAC,QAAA,EAAU;AACb,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,eAAA,EAAkB,YAAY,CAAA,eAAA,CAAiB,CAAA;AAAA,IACjE;AAEA,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,QAAA,CAAS,WAAA,EAAa;AAAA,MACjD,OAAA,EAAS;AAAA,QACP,aAAA,EAAe,UAAU,WAAW,CAAA;AAAA;AACtC,KACD,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,KAAA,GAAQ,MAAM,QAAA,CAAS,IAAA,EAAK;AAClC,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,8BAAA,EAAiC,KAAK,CAAA,CAAE,CAAA;AAAA,IAC1D;AAEA,IAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,IAAA,EAAK;AAEjC,IAAA,OAAO;AAAA,MACL,IAAI,IAAA,CAAK,EAAA;AAAA,MACT,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,MAAM,IAAA,CAAK,IAAA;AAAA,MACX,SAAS,IAAA,CAAK;AAAA,KAChB;AAAA,EACF;AACF;AAEO,IAAM,YAAA,GAAe,IAAI,YAAA;AChHhC,SAAA,EAAA;AAwBA,IAAM,oBAAN,MAA6C;AAAA,EACnC,KAAA,uBAA+B,GAAA,EAAI;AAAA,EAE3C,MAAM,YAAY,KAAA,EAAqC;AACrD,IAAA,KAAA,MAAW,IAAA,IAAQ,IAAA,CAAK,KAAA,CAAM,MAAA,EAAO,EAAG;AACtC,MAAA,IAAI,IAAA,CAAK,KAAA,KAAU,KAAA,EAAO,OAAO,IAAA;AAAA,IACnC;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,SAAS,EAAA,EAAkC;AAC/C,IAAA,OAAO,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,EAAE,CAAA,IAAK,IAAA;AAAA,EAC/B;AAAA,EAEA,MAAM,OAAO,IAAA,EAAmC;AAC9C,IAAA,MAAM,EAAA,GAAK,KAAK,MAAA,EAAO,CAAE,SAAS,EAAE,CAAA,CAAE,MAAA,CAAO,CAAA,EAAG,CAAC,CAAA;AACjD,IAAA,MAAM,iBAAiB,MAAMC,uBAAA,CAAO,IAAA,CAAK,IAAA,CAAK,UAAU,EAAE,CAAA;AAC1D,IAAA,MAAM,IAAA,GAAa;AAAA,MACjB,EAAA;AAAA,MACA,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,QAAA,EAAU,cAAA;AAAA,MACV,IAAA,EAAM,KAAK,IAAA,IAAQ,MAAA;AAAA,MACnB,MAAM,IAAA,CAAK;AAAA,KACb;AACA,IAAA,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,EAAA,EAAI,IAAI,CAAA;AACvB,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,MAAA,CAAO,EAAA,EAAY,IAAA,EAAoC;AAC3D,IAAA,MAAM,IAAA,GAAO,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,EAAE,CAAA;AAC9B,IAAA,IAAI,CAAC,IAAA,EAAM,MAAM,IAAI,MAAM,gBAAgB,CAAA;AAC3C,IAAA,MAAM,OAAA,GAAU,EAAE,GAAG,IAAA,EAAM,GAAG,IAAA,EAAK;AACnC,IAAA,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,EAAA,EAAI,OAAO,CAAA;AAC1B,IAAA,OAAO,OAAA;AAAA,EACT;AACF,CAAA;AAEO,IAAM,cAAN,MAAkB;AAAA,EACf,SAAA;AAAA,EACA,OAAA;AAAA,EACA,WAAA,GAAuB,KAAA;AAAA,EAE/B,WAAA,CAAY,OAAA,GAAuB,EAAC,EAAG,SAAA,EAAuB;AAC5D,IAAA,IAAA,CAAK,OAAA,GAAU;AAAA,MACb,SAAA,EAAW,OAAA,CAAQ,SAAA,IAAa,OAAA,CAAQ,IAAI,UAAA,IAAc,qCAAA;AAAA,MAC1D,YAAA,EAAc,QAAQ,YAAA,IAAgB,IAAA;AAAA,MACtC,aAAA,EAAe,OAAA,CAAQ,aAAA,IAAiB,OAAA,CAAQ,IAAI,kBAAA,IAAsB,qCAAA;AAAA,MAC1E,gBAAA,EAAkB,QAAQ,gBAAA,IAAoB,KAAA;AAAA,MAC9C,cAAA,EAAgB,OAAA,CAAQ,cAAA,IAAkB,OAAA,CAAQ,IAAI,gBAAA,IAAoB,EAAA;AAAA,MAC1E,kBAAA,EAAoB,OAAA,CAAQ,kBAAA,IAAsB,OAAA,CAAQ,IAAI,oBAAA,IAAwB,EAAA;AAAA,MACtF,iBAAA,EAAmB,OAAA,CAAQ,iBAAA,IAAqB,OAAA,CAAQ,IAAI,mBAAA,IAAuB;AAAA,KACrF;AAEA,IAAA,IAAA,CAAK,SAAA,GAAY,SAAA,IAAa,IAAI,iBAAA,EAAkB;AAAA,EACtD;AAAA,EAEA,MAAM,UAAA,GAA4B;AAChC,IAAA,IAAI,IAAA,CAAK,QAAQ,cAAA,IAAkB,IAAA,CAAK,QAAQ,kBAAA,IAAsB,IAAA,CAAK,QAAQ,iBAAA,EAAmB;AACpG,MAAA,YAAA,CAAa,iBAAiB,QAAA,EAAU;AAAA,QACtC,IAAA,EAAM,QAAA;AAAA,QACN,QAAA,EAAU,KAAK,OAAA,CAAQ,cAAA;AAAA,QACvB,YAAA,EAAc,KAAK,OAAA,CAAQ,kBAAA;AAAA,QAC3B,WAAA,EAAa,KAAK,OAAA,CAAQ,iBAAA;AAAA,QAC1B,gBAAA,EAAkB,8CAAA;AAAA,QAClB,QAAA,EAAU,qCAAA;AAAA,QACV,WAAA,EAAa;AAAA,OACd,CAAA;AAAA,IACH;AACA,IAAA,IAAA,CAAK,WAAA,GAAc,IAAA;AAAA,EACrB;AAAA,EAEA,MAAM,SAAS,IAAA,EAAoG;AACjH,IAAA,MAAM,WAAW,MAAM,IAAA,CAAK,SAAA,CAAU,WAAA,CAAY,KAAK,KAAK,CAAA;AAC5D,IAAA,IAAI,QAAA,EAAU;AACZ,MAAA,MAAM,IAAI,MAAM,qBAAqB,CAAA;AAAA,IACvC;AAEA,IAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,SAAA,CAAU,OAAO,IAAI,CAAA;AAC7C,IAAA,MAAM,MAAA,GAAS,WAAW,iBAAA,CAAkB;AAAA,MAC1C,QAAQ,IAAA,CAAK,EAAA;AAAA,MACb,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,MAAM,IAAA,CAAK;AAAA,KACZ,CAAA;AAED,IAAA,OAAO,EAAE,MAAM,MAAA,EAAO;AAAA,EACxB;AAAA,EAEA,MAAM,MAAM,WAAA,EAA+G;AACzH,IAAA,MAAM,OAAO,MAAM,IAAA,CAAK,SAAA,CAAU,WAAA,CAAY,YAAY,KAAK,CAAA;AAC/D,IAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,IAAA,CAAK,QAAA,EAAU;AAC3B,MAAA,MAAM,IAAI,MAAM,qBAAqB,CAAA;AAAA,IACvC;AAEA,IAAA,MAAM,UAAU,MAAMA,uBAAA,CAAO,QAAQ,WAAA,CAAY,QAAA,EAAU,KAAK,QAAQ,CAAA;AACxE,IAAA,IAAI,CAAC,OAAA,EAAS;AACZ,MAAA,MAAM,IAAI,MAAM,qBAAqB,CAAA;AAAA,IACvC;AAEA,IAAA,MAAM,MAAA,GAAS,WAAW,iBAAA,CAAkB;AAAA,MAC1C,QAAQ,IAAA,CAAK,EAAA;AAAA,MACb,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,MAAM,IAAA,CAAK;AAAA,KACZ,CAAA;AAED,IAAA,OAAO,EAAE,MAAM,MAAA,EAAO;AAAA,EACxB;AAAA,EAEA,MAAM,QAAQ,YAAA,EAA8E;AAC1F,IAAA,OAAO,UAAA,CAAW,cAAc,YAAY,CAAA;AAAA,EAC9C;AAAA,EAEA,MAAM,iBAAiB,KAAA,EAAiC;AACtD,IAAA,OAAO,YAAA,CAAa,mBAAA,CAAoB,QAAA,EAAU,KAAK,CAAA;AAAA,EACzD;AAAA,EAEA,MAAM,qBAAqB,IAAA,EAA8F;AACvH,IAAA,MAAM,EAAE,WAAA,EAAY,GAAI,MAAM,YAAA,CAAa,YAAA,CAAa,UAAU,IAAI,CAAA;AACtE,IAAA,MAAM,QAAA,GAAW,MAAM,YAAA,CAAa,WAAA,CAAY,UAAU,WAAW,CAAA;AAErE,IAAA,IAAI,OAAO,MAAM,IAAA,CAAK,SAAA,CAAU,WAAA,CAAY,SAAS,KAAK,CAAA;AAE1D,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,IAAA,GAAO,MAAM,IAAA,CAAK,SAAA,CAAU,MAAA,CAAO;AAAA,QACjC,OAAO,QAAA,CAAS,KAAA;AAAA,QAChB,QAAA,EAAU,KAAK,MAAA,EAAO,CAAE,SAAS,EAAE,CAAA,CAAE,MAAA,CAAO,CAAA,EAAG,EAAE,CAAA;AAAA,QACjD,MAAM,QAAA,CAAS,IAAA;AAAA,QACf,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH;AAEA,IAAA,MAAM,MAAA,GAAS,WAAW,iBAAA,CAAkB;AAAA,MAC1C,QAAQ,IAAA,CAAK,EAAA;AAAA,MACb,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,MAAM,IAAA,CAAK;AAAA,KACZ,CAAA;AAED,IAAA,OAAO,EAAE,MAAM,MAAA,EAAO;AAAA,EACxB;AAAA,EAEA,aAAA,GAAgC;AAC9B,IAAA,OAAO,CAAC,GAAA,EAAc,GAAA,EAAe,IAAA,KAAuB;AAC1D,MAAA,MAAM,UAAA,GAAa,IAAI,OAAA,CAAQ,aAAA;AAE/B,MAAA,IAAI,CAAC,UAAA,IAAc,CAAC,UAAA,CAAW,UAAA,CAAW,SAAS,CAAA,EAAG;AACpD,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,qBAAqB,CAAA;AAAA,MAC5D;AAEA,MAAA,MAAM,KAAA,GAAQ,UAAA,CAAW,SAAA,CAAU,CAAC,CAAA;AAEpC,MAAA,IAAI;AACF,QAAA,MAAM,OAAA,GAAU,UAAA,CAAW,WAAA,CAAY,KAAK,CAAA;AAC5C,QAAA,GAAA,CAAI,IAAA,GAAO;AAAA,UACT,GAAG,OAAA;AAAA,UACH,IAAI,OAAA,CAAQ;AAAA,SACd;AACA,QAAA,IAAA,EAAK;AAAA,MACP,SAAS,KAAA,EAAO;AACd,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,iBAAiB,CAAA;AAAA,MACxD;AAAA,IACF,CAAA;AAAA,EACF;AAAA,EAEA,WAAA,GAA8B;AAC5B,IAAA,OAAO,CAAC,GAAA,EAAc,GAAA,EAAe,IAAA,KAAuB;AAC1D,MAAA,IAAI,CAAC,IAAI,IAAA,EAAM;AACb,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MAClE;AACA,MAAA,IAAA,EAAK;AAAA,IACP,CAAA;AAAA,EACF;AAAA,EAEA,YAAY,IAAA,EAA8B;AACxC,IAAA,OAAO,CAAC,GAAA,EAAc,GAAA,EAAe,IAAA,KAAuB;AAC1D,MAAA,IAAI,CAAC,IAAI,IAAA,EAAM;AACb,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MAClE;AACA,MAAA,IAAI,CAACH,mBAAA,CAAY,OAAA,CAAQ,IAAI,IAAA,CAAK,IAAA,EAAM,IAAI,CAAA,EAAG;AAC7C,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,4BAA4B,CAAA;AAAA,MACnE;AACA,MAAA,IAAA,EAAK;AAAA,IACP,CAAA;AAAA,EACF;AAAA,EAEA,kBAAkB,UAAA,EAAoC;AACpD,IAAA,OAAO,CAAC,GAAA,EAAc,GAAA,EAAe,IAAA,KAAuB;AAC1D,MAAA,IAAI,CAAC,IAAI,IAAA,EAAM;AACb,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MAClE;AACA,MAAA,IAAI,CAACA,mBAAA,CAAY,aAAA,CAAc,IAAI,IAAA,CAAK,IAAA,EAAM,UAAU,CAAA,EAAG;AACzD,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,4BAA4B,CAAA;AAAA,MACnE;AACA,MAAA,IAAA,EAAK;AAAA,IACP,CAAA;AAAA,EACF;AACF;AAEA,IAAI,mBAAA,GAA0C,IAAA;AAEvC,SAAS,UAAA,CAAW,SAAuB,SAAA,EAAoC;AACpF,EAAA,mBAAA,GAAsB,IAAI,WAAA,CAAY,OAAA,EAAS,SAAS,CAAA;AACxD,EAAA,OAAO,mBAAA;AACT;AAEO,SAAS,IAAA,GAAoB;AAClC,EAAA,IAAI,CAAC,mBAAA,EAAqB;AACxB,IAAA,mBAAA,GAAsB,IAAI,WAAA,EAAY;AAAA,EACxC;AACA,EAAA,OAAO,mBAAA;AACT;AAEO,IAAM,IAAA,GAAO;AAAA,EAClB,UAAA,EAAY,CAAC,OAAA,KAA0B;AACrC,IAAA,MAAM,OAAA,GAAU,WAAW,OAAO,CAAA;AAClC,IAAA,OAAO;AAAA,MACL,OAAA;AAAA,MACA,aAAA,EAAe,MAAM,OAAA,CAAQ,aAAA,EAAc;AAAA,MAC3C,WAAA,EAAa,MAAM,OAAA,CAAQ,WAAA,EAAY;AAAA,MACvC,WAAA,EAAa,CAAC,IAAA,KAAiB,OAAA,CAAQ,YAAY,IAAI,CAAA;AAAA,MACvD,iBAAA,EAAmB,CAAC,UAAA,KAAuB,OAAA,CAAQ,kBAAkB,UAAU;AAAA,KACjF;AAAA,EACF;AACF;;;AC/OO,SAAS,kBAAA,CAAmB,OAAA,EAA0B,OAAA,EAAuC,IAAA,EAA+B;AACjI,EAAA,MAAM,EAAE,aAAY,GAAI,OAAA;AAExB,EAAA,OAAA,CAAQ,QAAA,CAAS,cAAA,EAAgB,OAAO,OAAA,EAAyB,KAAA,KAAwB;AACvF,IAAA,MAAM,UAAA,GAAa,QAAQ,OAAA,CAAQ,aAAA;AAEnC,IAAA,IAAI,CAAC,UAAA,IAAc,CAAC,UAAA,CAAW,UAAA,CAAW,SAAS,CAAA,EAAG;AACpD,MAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,qBAAqB,CAAA;AAAA,IAC9D;AAEA,IAAA,MAAM,KAAA,GAAQ,UAAA,CAAW,SAAA,CAAU,CAAC,CAAA;AAEpC,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,WAAA,CAAY,YAAY,CAAA,CAAE,YAAY,KAAK,CAAA;AAC3D,MAAA,OAAA,CAAQ,IAAA,GAAO;AAAA,QACb,GAAG,OAAA;AAAA,QACH,IAAI,OAAA,CAAQ;AAAA,OACd;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,iBAAiB,CAAA;AAAA,IAC1D;AAAA,EACF,CAAC,CAAA;AAED,EAAA,OAAA,CAAQ,QAAA,CAAS,aAAA,EAAe,OAAO,OAAA,EAAyB,KAAA,KAAwB;AACtF,IAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,MAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,IACpE;AAAA,EACF,CAAC,CAAA;AAED,EAAA,OAAA,CAAQ,QAAA,CAAS,aAAA,EAAe,CAAC,IAAA,KAAiB;AAChD,IAAA,OAAO,OAAO,SAAyB,KAAA,KAAwB;AAC7D,MAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,QAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MACpE;AACA,MAAA,MAAM,EAAE,WAAA,EAAAA,YAAAA,EAAY,GAAI,MAAM,OAAA,CAAA,OAAA,EAAA,CAAA,IAAA,CAAA,OAAA,SAAA,EAAA,EAAA,YAAA,CAAA,CAAA;AAC9B,MAAA,IAAI,CAACA,YAAAA,CAAY,OAAA,CAAQ,QAAQ,IAAA,CAAK,IAAA,EAAM,IAAI,CAAA,EAAG;AACjD,QAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,4BAA4B,CAAA;AAAA,MACrE;AAAA,IACF,CAAA;AAAA,EACF,CAAC,CAAA;AAED,EAAA,OAAA,CAAQ,QAAA,CAAS,mBAAA,EAAqB,CAAC,UAAA,KAAuB;AAC5D,IAAA,OAAO,OAAO,SAAyB,KAAA,KAAwB;AAC7D,MAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,QAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MACpE;AACA,MAAA,MAAM,EAAE,WAAA,EAAAA,YAAAA,EAAY,GAAI,MAAM,OAAA,CAAA,OAAA,EAAA,CAAA,IAAA,CAAA,OAAA,SAAA,EAAA,EAAA,YAAA,CAAA,CAAA;AAC9B,MAAA,IAAI,CAACA,YAAAA,CAAY,aAAA,CAAc,QAAQ,IAAA,CAAK,IAAA,EAAM,UAAU,CAAA,EAAG;AAC7D,QAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,4BAA4B,CAAA;AAAA,MACrE;AAAA,IACF,CAAA;AAAA,EACF,CAAC,CAAA;AAED,EAAA,IAAA,EAAK;AACP","file":"index.js","sourcesContent":["export type Role = 'admin' | 'user' | 'guest' | string;\n\nexport interface User {\n  id: string;\n  email: string;\n  password?: string;\n  role: Role;\n  name?: string;\n  picture?: string;\n  createdAt?: Date;\n  updatedAt?: Date;\n}\n\nexport interface JWTPayload {\n  userId: string;\n  email: string;\n  role: Role;\n}\n\nexport interface TokenPair {\n  accessToken: string;\n  refreshToken: string;\n}\n\nexport interface AuthOptions {\n  jwtSecret?: string;\n  jwtExpiresIn?: string;\n  refreshSecret?: string;\n  refreshExpiresIn?: string;\n  googleClientId?: string;\n  googleClientSecret?: string;\n  googleRedirectUri?: string;\n}\n\nexport interface AuthUserRequest extends Request {\n  user?: JWTPayload;\n}\n\nexport type Permission = string;\n\nexport interface RolePermissions {\n  [role: string]: Permission[];\n}\n\nexport const DEFAULT_PERMISSIONS: RolePermissions = {\n  admin: ['*'],\n  user: ['read', 'write:own'],\n  guest: ['read:public'],\n};\n\nexport interface LoginCredentials {\n  email: string;\n  password: string;\n}\n\nexport interface RegisterData extends LoginCredentials {\n  name?: string;\n  role?: Role;\n}\n\nexport interface OAuthProvider {\n  name: string;\n  clientId: string;\n  clientSecret: string;\n  redirectUri: string;\n  authorizationUrl: string;\n  tokenUrl: string;\n  userInfoUrl: string;\n}\n","import { Role, Permission, RolePermissions, DEFAULT_PERMISSIONS } from './types';\n\nexport class RBACService {\n  private permissions: RolePermissions;\n\n  constructor(permissions: RolePermissions = DEFAULT_PERMISSIONS) {\n    this.permissions = permissions;\n  }\n\n  setPermissions(permissions: RolePermissions): void {\n    this.permissions = permissions;\n  }\n\n  addPermission(role: Role, permission: Permission): void {\n    if (!this.permissions[role]) {\n      this.permissions[role] = [];\n    }\n    if (!this.permissions[role].includes(permission)) {\n      this.permissions[role].push(permission);\n    }\n  }\n\n  removePermission(role: Role, permission: Permission): void {\n    if (this.permissions[role]) {\n      this.permissions[role] = this.permissions[role].filter(p => p !== permission);\n    }\n  }\n\n  getPermissions(role: Role): Permission[] {\n    return this.permissions[role] || [];\n  }\n\n  hasPermission(role: Role, requiredPermission: Permission): boolean {\n    const rolePermissions = this.getPermissions(role);\n    \n    if (rolePermissions.includes('*')) {\n      return true;\n    }\n\n    if (rolePermissions.includes(requiredPermission)) {\n      return true;\n    }\n\n    const [requiredAction, requiredScope] = requiredPermission.split(':');\n    \n    for (const perm of rolePermissions) {\n      const [action, scope] = perm.split(':');\n      \n      if (action === '*' && (scope === '*' || scope === requiredScope)) {\n        return true;\n      }\n      \n      if (action === requiredAction && (scope === '*' || scope === requiredScope)) {\n        return true;\n      }\n    }\n\n    return false;\n  }\n\n  hasRole(userRole: Role, requiredRole: Role): boolean {\n    const hierarchy: Role[] = ['guest', 'user', 'admin'];\n    const userIndex = hierarchy.indexOf(userRole as any);\n    const requiredIndex = hierarchy.indexOf(requiredRole as any);\n    \n    if (userIndex === -1 || requiredIndex === -1) {\n      return userRole === requiredRole;\n    }\n    \n    return userIndex >= requiredIndex;\n  }\n\n  authorize(permission: Permission) {\n    return (role: Role): boolean => this.hasPermission(role, permission);\n  }\n\n  authorizeRole(requiredRole: Role) {\n    return (role: Role): boolean => this.hasRole(role, requiredRole);\n  }\n}\n\nexport const rbacService = new RBACService();\n","export * from './types';\nexport * from './jwt';\nexport * from './rbac';\nexport * from './oauth';\nexport * from './express';\nexport * from './fastify';\n","import { z } from 'zod';\n\nexport const envSchema = z.object({\n  NODE_ENV: z.enum(['development', 'production', 'test']).default('development'),\n  PORT: z.string().default('3000'),\n  DATABASE_URL: z.string().optional(),\n  REDIS_URL: z.string().default('redis://localhost:6379'),\n  JWT_SECRET: z.string().min(32).optional(),\n  JWT_EXPIRES_IN: z.string().default('7d'),\n  JWT_REFRESH_SECRET: z.string().min(32).optional(),\n  JWT_REFRESH_EXPIRES_IN: z.string().default('30d'),\n  GOOGLE_CLIENT_ID: z.string().optional(),\n  GOOGLE_CLIENT_SECRET: z.string().optional(),\n  GOOGLE_REDIRECT_URI: z.string().optional(),\n  SMTP_HOST: z.string().optional(),\n  SMTP_PORT: z.string().default('587'),\n  SMTP_USER: z.string().optional(),\n  SMTP_PASS: z.string().optional(),\n  SMTP_FROM: z.string().optional(),\n  TWILIO_ACCOUNT_SID: z.string().optional(),\n  TWILIO_AUTH_TOKEN: z.string().optional(),\n  TWILIO_PHONE_NUMBER: z.string().optional(),\n  SLACK_WEBHOOK_URL: z.string().optional(),\n  RATE_LIMIT_WINDOW: z.string().default('1m'),\n  RATE_LIMIT_LIMIT: z.string().default('100'),\n  LOG_LEVEL: z.enum(['fatal', 'error', 'warn', 'info', 'debug', 'trace']).default('info'),\n  AWS_REGION: z.string().default('us-east-1'),\n  AWS_ACCESS_KEY_ID: z.string().optional(),\n  AWS_SECRET_ACCESS_KEY: z.string().optional(),\n  AWS_S3_BUCKET: z.string().optional(),\n  AWS_ENDPOINT: z.string().optional(),\n});\n\nexport type EnvConfig = z.infer<typeof envSchema>;\n\nexport interface ConfigOptions {\n  schema?: z.ZodSchema;\n  envPath?: string;\n  validate?: boolean;\n}\n\nclass ConfigManager {\n  private config: EnvConfig | null = null;\n  private schema: z.ZodSchema;\n  private validate: boolean;\n\n  constructor(options: ConfigOptions = {}) {\n    this.schema = options.schema || envSchema;\n    this.validate = options.validate ?? true;\n  }\n\n  load(): EnvConfig {\n    if (this.config) return this.config;\n\n    const env: Record<string, string | undefined> = {};\n    \n    for (const key of Object.keys(this.schema.shape)) {\n      env[key] = process.env[key];\n    }\n\n    if (this.validate) {\n      const result = this.schema.safeParse(env);\n      if (!result.success) {\n        const errors = result.error.errors.map(e => `${e.path.join('.')}: ${e.message}`).join(', ');\n        throw new Error(`Config validation failed: ${errors}`);\n      }\n      this.config = result.data;\n    } else {\n      this.config = env as EnvConfig;\n    }\n\n    return this.config;\n  }\n\n  get<K extends keyof EnvConfig>(key: K): EnvConfig[K] {\n    if (!this.config) this.load();\n    return this.config![key];\n  }\n\n  int(key: keyof EnvConfig): number {\n    const value = this.get(key);\n    if (typeof value === 'string') return parseInt(value, 10);\n    return Number(value);\n  }\n\n  bool(key: keyof EnvConfig): boolean {\n    const value = this.get(key);\n    if (typeof value === 'boolean') return value;\n    if (typeof value === 'string') return value.toLowerCase() === 'true';\n    return Boolean(value);\n  }\n\n  isProduction(): boolean {\n    return this.get('NODE_ENV') === 'production';\n  }\n\n  isDevelopment(): boolean {\n    return this.get('NODE_ENV') === 'development';\n  }\n\n  isTest(): boolean {\n    return this.get('NODE_ENV') === 'test';\n  }\n\n  getAll(): EnvConfig {\n    if (!this.config) this.load();\n    return this.config!;\n  }\n}\n\nconst globalConfig = new ConfigManager();\n\nexport const config = {\n  load: () => globalConfig.load(),\n  get: <K extends keyof EnvConfig>(key: K) => globalConfig.get(key),\n  int: (key: keyof EnvConfig) => globalConfig.int(key),\n  bool: (key: keyof EnvConfig) => globalConfig.bool(key),\n  isProduction: () => globalConfig.isProduction(),\n  isDevelopment: () => globalConfig.isDevelopment(),\n  isTest: () => globalConfig.isTest(),\n  getAll: () => globalConfig.getAll(),\n  create: (options?: ConfigOptions) => new ConfigManager(options),\n};\n\nexport default config;\n","import jwt from 'jsonwebtoken';\nimport { JWTPayload, TokenPair } from './types';\nimport { config } from '../config';\n\nexport class JWTService {\n  private secret: string;\n  private expiresIn: string;\n  private refreshSecret: string;\n  private refreshExpiresIn: string;\n\n  constructor(options: { jwtSecret?: string; jwtExpiresIn?: string; refreshSecret?: string; refreshExpiresIn?: string } = {}) {\n    this.secret = options.jwtSecret || config.get('JWT_SECRET') || 'default-secret-change-in-production';\n    this.expiresIn = options.jwtExpiresIn || config.get('JWT_EXPIRES_IN') || '7d';\n    this.refreshSecret = options.refreshSecret || config.get('JWT_REFRESH_SECRET') || this.secret;\n    this.refreshExpiresIn = options.refreshExpiresIn || config.get('JWT_REFRESH_EXPIRES_IN') || '30d';\n  }\n\n  generateToken(payload: JWTPayload): string {\n    return jwt.sign(payload, this.secret, { expiresIn: this.expiresIn });\n  }\n\n  generateRefreshToken(payload: JWTPayload): string {\n    return jwt.sign(payload, this.refreshSecret, { expiresIn: this.refreshExpiresIn });\n  }\n\n  generateTokenPair(payload: JWTPayload): TokenPair {\n    return {\n      accessToken: this.generateToken(payload),\n      refreshToken: this.generateRefreshToken(payload),\n    };\n  }\n\n  verifyToken(token: string): JWTPayload {\n    return jwt.verify(token, this.secret) as JWTPayload;\n  }\n\n  verifyRefreshToken(token: string): JWTPayload {\n    return jwt.verify(token, this.refreshSecret) as JWTPayload;\n  }\n\n  refreshTokens(refreshToken: string): TokenPair {\n    const { iat, exp, nbf, ...payload } = this.verifyRefreshToken(refreshToken) as JWTPayload & { iat?: number; exp?: number; nbf?: number };\n    return this.generateTokenPair(payload);\n  }\n}\n\nexport const jwtService = new JWTService();\n","import { OAuthProvider } from './types';\nimport { config } from '../config';\n\nexport interface OAuthUserInfo {\n  id: string;\n  email: string;\n  name?: string;\n  picture?: string;\n}\n\nexport class OAuthService {\n  private providers: Map<string, OAuthProvider> = new Map();\n\n  constructor() {\n    const googleClientId = config.get('GOOGLE_CLIENT_ID');\n    const googleClientSecret = config.get('GOOGLE_CLIENT_SECRET');\n    const googleRedirectUri = config.get('GOOGLE_REDIRECT_URI');\n\n    if (googleClientId && googleClientSecret && googleRedirectUri) {\n      this.registerProvider('google', {\n        name: 'google',\n        clientId: googleClientId,\n        clientSecret: googleClientSecret,\n        redirectUri: googleRedirectUri,\n        authorizationUrl: 'https://accounts.google.com/o/oauth2/v2/auth',\n        tokenUrl: 'https://oauth2.googleapis.com/token',\n        userInfoUrl: 'https://www.googleapis.com/oauth2/v2/userinfo',\n      });\n    }\n  }\n\n  registerProvider(name: string, provider: OAuthProvider): void {\n    this.providers.set(name, provider);\n  }\n\n  getProvider(name: string): OAuthProvider | undefined {\n    return this.providers.get(name);\n  }\n\n  getAuthorizationUrl(providerName: string, state?: string): string {\n    const provider = this.getProvider(providerName);\n    if (!provider) {\n      throw new Error(`OAuth provider ${providerName} not registered`);\n    }\n\n    const params = new URLSearchParams({\n      client_id: provider.clientId,\n      redirect_uri: provider.redirectUri,\n      response_type: 'code',\n      scope: 'openid email profile',\n      state: state || '',\n    });\n\n    return `${provider.authorizationUrl}?${params.toString()}`;\n  }\n\n  async exchangeCode(providerName: string, code: string): Promise<{ accessToken: string; refreshToken?: string }> {\n    const provider = this.getProvider(providerName);\n    if (!provider) {\n      throw new Error(`OAuth provider ${providerName} not registered`);\n    }\n\n    const response = await fetch(provider.tokenUrl, {\n      method: 'POST',\n      headers: {\n        'Content-Type': 'application/x-www-form-urlencoded',\n      },\n      body: new URLSearchParams({\n        client_id: provider.clientId,\n        client_secret: provider.clientSecret,\n        code,\n        grant_type: 'authorization_code',\n        redirect_uri: provider.redirectUri,\n      }),\n    });\n\n    if (!response.ok) {\n      const error = await response.text();\n      throw new Error(`OAuth token exchange failed: ${error}`);\n    }\n\n    const data = await response.json();\n    return {\n      accessToken: data.access_token,\n      refreshToken: data.refresh_token,\n    };\n  }\n\n  async getUserInfo(providerName: string, accessToken: string): Promise<OAuthUserInfo> {\n    const provider = this.getProvider(providerName);\n    if (!provider) {\n      throw new Error(`OAuth provider ${providerName} not registered`);\n    }\n\n    const response = await fetch(provider.userInfoUrl, {\n      headers: {\n        Authorization: `Bearer ${accessToken}`,\n      },\n    });\n\n    if (!response.ok) {\n      const error = await response.text();\n      throw new Error(`OAuth user info fetch failed: ${error}`);\n    }\n\n    const data = await response.json();\n\n    return {\n      id: data.id,\n      email: data.email,\n      name: data.name,\n      picture: data.picture,\n    };\n  }\n}\n\nexport const oauthService = new OAuthService();\n","import bcrypt from 'bcryptjs';\nimport { Request, Response, NextFunction, RequestHandler } from 'express';\nimport { JWTPayload, LoginCredentials, RegisterData, User, AuthOptions } from './types';\nimport { jwtService } from './jwt';\nimport { rbacService } from './rbac';\nimport { oauthService } from './oauth';\n\nexport interface AuthUser extends JWTPayload {\n  id: string;\n  email: string;\n  role: string;\n}\n\ndeclare global {\n  namespace Express {\n    interface Request {\n      user?: AuthUser;\n    }\n  }\n}\n\nexport interface UserStore {\n  findByEmail(email: string): Promise<User | null>;\n  findById(id: string): Promise<User | null>;\n  create(data: RegisterData): Promise<User>;\n  update(id: string, data: Partial<User>): Promise<User>;\n}\n\nclass InMemoryUserStore implements UserStore {\n  private users: Map<string, User> = new Map();\n\n  async findByEmail(email: string): Promise<User | null> {\n    for (const user of this.users.values()) {\n      if (user.email === email) return user;\n    }\n    return null;\n  }\n\n  async findById(id: string): Promise<User | null> {\n    return this.users.get(id) || null;\n  }\n\n  async create(data: RegisterData): Promise<User> {\n    const id = Math.random().toString(36).substr(2, 9);\n    const hashedPassword = await bcrypt.hash(data.password, 10);\n    const user: User = {\n      id,\n      email: data.email,\n      password: hashedPassword,\n      role: data.role || 'user',\n      name: data.name,\n    };\n    this.users.set(id, user);\n    return user;\n  }\n\n  async update(id: string, data: Partial<User>): Promise<User> {\n    const user = this.users.get(id);\n    if (!user) throw new Error('User not found');\n    const updated = { ...user, ...data };\n    this.users.set(id, updated);\n    return updated;\n  }\n}\n\nexport class AuthService {\n  private userStore: UserStore;\n  private options: Required<AuthOptions>;\n  private initialized: boolean = false;\n\n  constructor(options: AuthOptions = {}, userStore?: UserStore) {\n    this.options = {\n      jwtSecret: options.jwtSecret || process.env.JWT_SECRET || 'default-secret-change-in-production',\n      jwtExpiresIn: options.jwtExpiresIn || '7d',\n      refreshSecret: options.refreshSecret || process.env.JWT_REFRESH_SECRET || 'default-secret-change-in-production',\n      refreshExpiresIn: options.refreshExpiresIn || '30d',\n      googleClientId: options.googleClientId || process.env.GOOGLE_CLIENT_ID || '',\n      googleClientSecret: options.googleClientSecret || process.env.GOOGLE_CLIENT_SECRET || '',\n      googleRedirectUri: options.googleRedirectUri || process.env.GOOGLE_REDIRECT_URI || '',\n    };\n\n    this.userStore = userStore || new InMemoryUserStore();\n  }\n\n  async initialize(): Promise<void> {\n    if (this.options.googleClientId && this.options.googleClientSecret && this.options.googleRedirectUri) {\n      oauthService.registerProvider('google', {\n        name: 'google',\n        clientId: this.options.googleClientId,\n        clientSecret: this.options.googleClientSecret,\n        redirectUri: this.options.googleRedirectUri,\n        authorizationUrl: 'https://accounts.google.com/o/oauth2/v2/auth',\n        tokenUrl: 'https://oauth2.googleapis.com/token',\n        userInfoUrl: 'https://www.googleapis.com/oauth2/v2/userinfo',\n      });\n    }\n    this.initialized = true;\n  }\n\n  async register(data: RegisterData): Promise<{ user: User; tokens: { accessToken: string; refreshToken: string } }> {\n    const existing = await this.userStore.findByEmail(data.email);\n    if (existing) {\n      throw new Error('User already exists');\n    }\n\n    const user = await this.userStore.create(data);\n    const tokens = jwtService.generateTokenPair({\n      userId: user.id,\n      email: user.email,\n      role: user.role,\n    });\n\n    return { user, tokens };\n  }\n\n  async login(credentials: LoginCredentials): Promise<{ user: User; tokens: { accessToken: string; refreshToken: string } }> {\n    const user = await this.userStore.findByEmail(credentials.email);\n    if (!user || !user.password) {\n      throw new Error('Invalid credentials');\n    }\n\n    const isValid = await bcrypt.compare(credentials.password, user.password);\n    if (!isValid) {\n      throw new Error('Invalid credentials');\n    }\n\n    const tokens = jwtService.generateTokenPair({\n      userId: user.id,\n      email: user.email,\n      role: user.role,\n    });\n\n    return { user, tokens };\n  }\n\n  async refresh(refreshToken: string): Promise<{ accessToken: string; refreshToken: string }> {\n    return jwtService.refreshTokens(refreshToken);\n  }\n\n  async getGoogleAuthUrl(state?: string): Promise<string> {\n    return oauthService.getAuthorizationUrl('google', state);\n  }\n\n  async handleGoogleCallback(code: string): Promise<{ user: User; tokens: { accessToken: string; refreshToken: string } }> {\n    const { accessToken } = await oauthService.exchangeCode('google', code);\n    const userInfo = await oauthService.getUserInfo('google', accessToken);\n\n    let user = await this.userStore.findByEmail(userInfo.email);\n    \n    if (!user) {\n      user = await this.userStore.create({\n        email: userInfo.email,\n        password: Math.random().toString(36).substr(2, 20),\n        name: userInfo.name,\n        role: 'user',\n      });\n    }\n\n    const tokens = jwtService.generateTokenPair({\n      userId: user.id,\n      email: user.email,\n      role: user.role,\n    });\n\n    return { user, tokens };\n  }\n\n  getMiddleware(): RequestHandler {\n    return (req: Request, res: Response, next: NextFunction) => {\n      const authHeader = req.headers.authorization;\n      \n      if (!authHeader || !authHeader.startsWith('Bearer ')) {\n        return res.status(401).json({ error: 'No token provided' });\n      }\n\n      const token = authHeader.substring(7);\n      \n      try {\n        const payload = jwtService.verifyToken(token);\n        req.user = {\n          ...payload,\n          id: payload.userId,\n        };\n        next();\n      } catch (error) {\n        return res.status(401).json({ error: 'Invalid token' });\n      }\n    };\n  }\n\n  requireUser(): RequestHandler {\n    return (req: Request, res: Response, next: NextFunction) => {\n      if (!req.user) {\n        return res.status(401).json({ error: 'Authentication required' });\n      }\n      next();\n    };\n  }\n\n  requireRole(role: string): RequestHandler {\n    return (req: Request, res: Response, next: NextFunction) => {\n      if (!req.user) {\n        return res.status(401).json({ error: 'Authentication required' });\n      }\n      if (!rbacService.hasRole(req.user.role, role)) {\n        return res.status(403).json({ error: 'Insufficient permissions' });\n      }\n      next();\n    };\n  }\n\n  requirePermission(permission: string): RequestHandler {\n    return (req: Request, res: Response, next: NextFunction) => {\n      if (!req.user) {\n        return res.status(401).json({ error: 'Authentication required' });\n      }\n      if (!rbacService.hasPermission(req.user.role, permission)) {\n        return res.status(403).json({ error: 'Insufficient permissions' });\n      }\n      next();\n    };\n  }\n}\n\nlet authServiceInstance: AuthService | null = null;\n\nexport function createAuth(options?: AuthOptions, userStore?: UserStore): AuthService {\n  authServiceInstance = new AuthService(options, userStore);\n  return authServiceInstance;\n}\n\nexport function auth(): AuthService {\n  if (!authServiceInstance) {\n    authServiceInstance = new AuthService();\n  }\n  return authServiceInstance;\n}\n\nexport const Auth = {\n  initialize: (options?: AuthOptions) => {\n    const service = createAuth(options);\n    return {\n      service,\n      getMiddleware: () => service.getMiddleware(),\n      requireUser: () => service.requireUser(),\n      requireRole: (role: string) => service.requireRole(role),\n      requirePermission: (permission: string) => service.requirePermission(permission),\n    };\n  },\n};\n","import { FastifyInstance, FastifyRequest, FastifyReply, HookHandlerDoneFunction } from 'fastify';\nimport { AuthService } from './express';\nimport { JWTPayload } from './types';\n\ndeclare module 'fastify' {\n  interface FastifyRequest {\n    user?: JWTPayload & { id: string };\n  }\n}\n\nexport function registerAuthPlugin(fastify: FastifyInstance, options: { authService: AuthService }, done: HookHandlerDoneFunction) {\n  const { authService } = options;\n\n  fastify.decorate('authenticate', async (request: FastifyRequest, reply: FastifyReply) => {\n    const authHeader = request.headers.authorization;\n    \n    if (!authHeader || !authHeader.startsWith('Bearer ')) {\n      return reply.status(401).send({ error: 'No token provided' });\n    }\n\n    const token = authHeader.substring(7);\n    \n    try {\n      const payload = authService['jwtService'].verifyToken(token);\n      request.user = {\n        ...payload,\n        id: payload.userId,\n      };\n    } catch (error) {\n      return reply.status(401).send({ error: 'Invalid token' });\n    }\n  });\n\n  fastify.decorate('requireUser', async (request: FastifyRequest, reply: FastifyReply) => {\n    if (!request.user) {\n      return reply.status(401).send({ error: 'Authentication required' });\n    }\n  });\n\n  fastify.decorate('requireRole', (role: string) => {\n    return async (request: FastifyRequest, reply: FastifyReply) => {\n      if (!request.user) {\n        return reply.status(401).send({ error: 'Authentication required' });\n      }\n      const { rbacService } = await import('./rbac');\n      if (!rbacService.hasRole(request.user.role, role)) {\n        return reply.status(403).send({ error: 'Insufficient permissions' });\n      }\n    };\n  });\n\n  fastify.decorate('requirePermission', (permission: string) => {\n    return async (request: FastifyRequest, reply: FastifyReply) => {\n      if (!request.user) {\n        return reply.status(401).send({ error: 'Authentication required' });\n      }\n      const { rbacService } = await import('./rbac');\n      if (!rbacService.hasPermission(request.user.role, permission)) {\n        return reply.status(403).send({ error: 'Insufficient permissions' });\n      }\n    };\n  });\n\n  done();\n}\n"]}
+{"version":3,"sources":["../../src/auth/types.ts","../../src/auth/rbac.ts","../../src/auth/index.ts","../../src/config/index.ts","../../src/auth/jwt.ts","../../src/auth/oauth.ts","../../src/auth/express.ts","../../src/auth/fastify.ts"],"names":["DEFAULT_PERMISSIONS","RBACService","rbacService","z","jwt","bcrypt"],"mappings":";;;;;;;;;;;;;;;;;;;;;;AA4CaA;AA5Cb,IAAA,UAAA,GAAA,KAAA,CAAA;AAAA,EAAA,mBAAA,GAAA;AA4CO,IAAMA,2BAAA,GAAuC;AAAA,MAClD,KAAA,EAAO,CAAC,GAAG,CAAA;AAAA,MACX,IAAA,EAAM,CAAC,MAAA,EAAQ,WAAW,CAAA;AAAA,MAC1B,KAAA,EAAO,CAAC,aAAa;AAAA,KACvB;AAAA,EAAA;AAAA,CAAA,CAAA;;;AChDA,IAAA,YAAA,GAAA,EAAA;AAAA,QAAA,CAAA,YAAA,EAAA;AAAA,EAAA,WAAA,EAAA,MAAAC,mBAAA;AAAA,EAAA,WAAA,EAAA,MAAAC;AAAA,CAAA,CAAA;AAEaD,4BAAA,CAAA,CA+EAC;AAjFb,IAAA,SAAA,GAAA,KAAA,CAAA;AAAA,EAAA,kBAAA,GAAA;AAAA,IAAA,UAAA,EAAA;AAEO,IAAMD,sBAAN,MAAkB;AAAA,MACf,WAAA;AAAA,MAER,WAAA,CAAY,cAA+BD,2BAAA,EAAqB;AAC9D,QAAA,IAAA,CAAK,WAAA,GAAc,WAAA;AAAA,MACrB;AAAA,MAEA,eAAe,WAAA,EAAoC;AACjD,QAAA,IAAA,CAAK,WAAA,GAAc,WAAA;AAAA,MACrB;AAAA,MAEA,aAAA,CAAc,MAAY,UAAA,EAA8B;AACtD,QAAA,IAAI,CAAC,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,EAAG;AAC3B,UAAA,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,GAAI,EAAC;AAAA,QAC5B;AACA,QAAA,IAAI,CAAC,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,CAAE,QAAA,CAAS,UAAU,CAAA,EAAG;AAChD,UAAA,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,CAAE,IAAA,CAAK,UAAU,CAAA;AAAA,QACxC;AAAA,MACF;AAAA,MAEA,gBAAA,CAAiB,MAAY,UAAA,EAA8B;AACzD,QAAA,IAAI,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,EAAG;AAC1B,UAAA,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,GAAI,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,CAAE,MAAA,CAAO,CAAA,CAAA,KAAK,CAAA,KAAM,UAAU,CAAA;AAAA,QAC9E;AAAA,MACF;AAAA,MAEA,eAAe,IAAA,EAA0B;AACvC,QAAA,OAAO,IAAA,CAAK,WAAA,CAAY,IAAI,CAAA,IAAK,EAAC;AAAA,MACpC;AAAA,MAEA,aAAA,CAAc,MAAY,kBAAA,EAAyC;AACjE,QAAA,MAAM,eAAA,GAAkB,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA;AAEhD,QAAA,IAAI,eAAA,CAAgB,QAAA,CAAS,GAAG,CAAA,EAAG;AACjC,UAAA,OAAO,IAAA;AAAA,QACT;AAEA,QAAA,IAAI,eAAA,CAAgB,QAAA,CAAS,kBAAkB,CAAA,EAAG;AAChD,UAAA,OAAO,IAAA;AAAA,QACT;AAEA,QAAA,MAAM,CAAC,cAAA,EAAgB,aAAa,CAAA,GAAI,kBAAA,CAAmB,MAAM,GAAG,CAAA;AAEpE,QAAA,KAAA,MAAW,QAAQ,eAAA,EAAiB;AAClC,UAAA,MAAM,CAAC,MAAA,EAAQ,KAAK,CAAA,GAAI,IAAA,CAAK,MAAM,GAAG,CAAA;AAEtC,UAAA,IAAI,MAAA,KAAW,GAAA,KAAQ,KAAA,KAAU,GAAA,IAAO,UAAU,aAAA,CAAA,EAAgB;AAChE,YAAA,OAAO,IAAA;AAAA,UACT;AAEA,UAAA,IAAI,MAAA,KAAW,cAAA,KAAmB,KAAA,KAAU,GAAA,IAAO,UAAU,aAAA,CAAA,EAAgB;AAC3E,YAAA,OAAO,IAAA;AAAA,UACT;AAAA,QACF;AAEA,QAAA,OAAO,KAAA;AAAA,MACT;AAAA,MAEA,OAAA,CAAQ,UAAgB,YAAA,EAA6B;AACnD,QAAA,MAAM,SAAA,GAAoB,CAAC,OAAA,EAAS,MAAA,EAAQ,OAAO,CAAA;AACnD,QAAA,MAAM,SAAA,GAAY,SAAA,CAAU,OAAA,CAAQ,QAAe,CAAA;AACnD,QAAA,MAAM,aAAA,GAAgB,SAAA,CAAU,OAAA,CAAQ,YAAmB,CAAA;AAE3D,QAAA,IAAI,SAAA,KAAc,EAAA,IAAM,aAAA,KAAkB,EAAA,EAAI;AAC5C,UAAA,OAAO,QAAA,KAAa,YAAA;AAAA,QACtB;AAEA,QAAA,OAAO,SAAA,IAAa,aAAA;AAAA,MACtB;AAAA,MAEA,UAAU,UAAA,EAAwB;AAChC,QAAA,OAAO,CAAC,IAAA,KAAwB,IAAA,CAAK,aAAA,CAAc,MAAM,UAAU,CAAA;AAAA,MACrE;AAAA,MAEA,cAAc,YAAA,EAAoB;AAChC,QAAA,OAAO,CAAC,IAAA,KAAwB,IAAA,CAAK,OAAA,CAAQ,MAAM,YAAY,CAAA;AAAA,MACjE;AAAA,KACF;AAEO,IAAME,mBAAA,GAAc,IAAID,mBAAA,EAAY;AAAA,EAAA;AAAA,CAAA,CAAA;;;ACjF3C,UAAA,EAAA;ACEO,IAAM,SAAA,GAAYE,MAAE,MAAA,CAAO;AAAA,EAChC,QAAA,EAAUA,KAAA,CAAE,IAAA,CAAK,CAAC,aAAA,EAAe,cAAc,MAAM,CAAC,CAAA,CAAE,OAAA,CAAQ,aAAa,CAAA;AAAA,EAC7E,IAAA,EAAMA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,MAAM,CAAA;AAAA,EAC/B,YAAA,EAAcA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAClC,WAAA,EAAaA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACjC,SAAA,EAAWA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,wBAAwB,CAAA;AAAA,EACtD,YAAYA,KAAA,CAAE,MAAA,GAAS,GAAA,CAAI,EAAE,EAAE,QAAA,EAAS;AAAA,EACxC,cAAA,EAAgBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,IAAI,CAAA;AAAA,EACvC,oBAAoBA,KAAA,CAAE,MAAA,GAAS,GAAA,CAAI,EAAE,EAAE,QAAA,EAAS;AAAA,EAChD,sBAAA,EAAwBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,KAAK,CAAA;AAAA,EAChD,gBAAA,EAAkBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACtC,oBAAA,EAAsBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC1C,mBAAA,EAAqBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACzC,SAAA,EAAWA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,SAAA,EAAWA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,KAAK,CAAA;AAAA,EACnC,SAAA,EAAWA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,SAAA,EAAWA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,SAAA,EAAWA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,kBAAA,EAAoBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACxC,iBAAA,EAAmBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACvC,mBAAA,EAAqBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACzC,iBAAA,EAAmBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACvC,iBAAA,EAAmBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,IAAI,CAAA;AAAA,EAC1C,gBAAA,EAAkBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,KAAK,CAAA;AAAA,EAC1C,SAAA,EAAWA,KAAA,CAAE,IAAA,CAAK,CAAC,OAAA,EAAS,OAAA,EAAS,MAAA,EAAQ,MAAA,EAAQ,OAAA,EAAS,OAAO,CAAC,CAAA,CAAE,QAAQ,MAAM,CAAA;AAAA,EACtF,UAAA,EAAYA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,WAAW,CAAA;AAAA,EAC1C,iBAAA,EAAmBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACvC,qBAAA,EAAuBA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC3C,aAAA,EAAeA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACnC,YAAA,EAAcA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AAC3B,CAAC,CAAA;AAUD,IAAM,gBAAN,MAAoB;AAAA,EACV,MAAA,GAA2B,IAAA;AAAA,EAC3B,MAAA;AAAA,EACA,QAAA;AAAA,EAER,WAAA,CAAY,OAAA,GAAyB,EAAC,EAAG;AACvC,IAAA,IAAA,CAAK,MAAA,GAAS,QAAQ,MAAA,IAAU,SAAA;AAChC,IAAA,IAAA,CAAK,QAAA,GAAW,QAAQ,QAAA,IAAY,IAAA;AAAA,EACtC;AAAA,EAEA,IAAA,GAAkB;AAChB,IAAA,IAAI,IAAA,CAAK,MAAA,EAAQ,OAAO,IAAA,CAAK,MAAA;AAE7B,IAAA,MAAM,MAA0C,EAAC;AAEjD,IAAA,KAAA,MAAW,OAAO,MAAA,CAAO,IAAA,CAAK,IAAA,CAAK,MAAA,CAAO,KAAK,CAAA,EAAG;AAChD,MAAA,GAAA,CAAI,GAAG,CAAA,GAAI,OAAA,CAAQ,GAAA,CAAI,GAAG,CAAA;AAAA,IAC5B;AAEA,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,MAAM,MAAA,GAAS,IAAA,CAAK,MAAA,CAAO,SAAA,CAAU,GAAG,CAAA;AACxC,MAAA,IAAI,CAAC,OAAO,OAAA,EAAS;AACnB,QAAA,MAAM,SAAS,MAAA,CAAO,KAAA,CAAM,OAAO,GAAA,CAAI,CAAA,CAAA,KAAK,GAAG,CAAA,CAAE,IAAA,CAAK,IAAA,CAAK,GAAG,CAAC,CAAA,EAAA,EAAK,CAAA,CAAE,OAAO,CAAA,CAAE,CAAA,CAAE,KAAK,IAAI,CAAA;AAC1F,QAAA,MAAM,IAAI,KAAA,CAAM,CAAA,0BAAA,EAA6B,MAAM,CAAA,CAAE,CAAA;AAAA,MACvD;AACA,MAAA,IAAA,CAAK,SAAS,MAAA,CAAO,IAAA;AAAA,IACvB,CAAA,MAAO;AACL,MAAA,IAAA,CAAK,MAAA,GAAS,GAAA;AAAA,IAChB;AAEA,IAAA,OAAO,IAAA,CAAK,MAAA;AAAA,EACd;AAAA,EAEA,IAA+B,GAAA,EAAsB;AACnD,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,EAAQ,IAAA,CAAK,IAAA,EAAK;AAC5B,IAAA,OAAO,IAAA,CAAK,OAAQ,GAAG,CAAA;AAAA,EACzB;AAAA,EAEA,IAAI,GAAA,EAA8B;AAChC,IAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,GAAA,CAAI,GAAG,CAAA;AAC1B,IAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,QAAA,CAAS,OAAO,EAAE,CAAA;AACxD,IAAA,OAAO,OAAO,KAAK,CAAA;AAAA,EACrB;AAAA,EAEA,KAAK,GAAA,EAA+B;AAClC,IAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,GAAA,CAAI,GAAG,CAAA;AAC1B,IAAA,IAAI,OAAO,KAAA,KAAU,SAAA,EAAW,OAAO,KAAA;AACvC,IAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,KAAA,CAAM,aAAY,KAAM,MAAA;AAC9D,IAAA,OAAO,QAAQ,KAAK,CAAA;AAAA,EACtB;AAAA,EAEA,YAAA,GAAwB;AACtB,IAAA,OAAO,IAAA,CAAK,GAAA,CAAI,UAAU,CAAA,KAAM,YAAA;AAAA,EAClC;AAAA,EAEA,aAAA,GAAyB;AACvB,IAAA,OAAO,IAAA,CAAK,GAAA,CAAI,UAAU,CAAA,KAAM,aAAA;AAAA,EAClC;AAAA,EAEA,MAAA,GAAkB;AAChB,IAAA,OAAO,IAAA,CAAK,GAAA,CAAI,UAAU,CAAA,KAAM,MAAA;AAAA,EAClC;AAAA,EAEA,MAAA,GAAoB;AAClB,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,EAAQ,IAAA,CAAK,IAAA,EAAK;AAC5B,IAAA,OAAO,IAAA,CAAK,MAAA;AAAA,EACd;AACF,CAAA;AAEA,IAAM,YAAA,GAAe,IAAI,aAAA,EAAc;AAEhC,IAAM,MAAA,GAAS;AAAA,EACpB,IAAA,EAAM,MAAM,YAAA,CAAa,IAAA,EAAK;AAAA,EAC9B,GAAA,EAAK,CAA4B,GAAA,KAAW,YAAA,CAAa,IAAI,GAAG,CAAA;AAAA,EAChE,GAAA,EAAK,CAAC,GAAA,KAAyB,YAAA,CAAa,IAAI,GAAG,CAAA;AAAA,EACnD,IAAA,EAAM,CAAC,GAAA,KAAyB,YAAA,CAAa,KAAK,GAAG,CAAA;AAAA,EACrD,YAAA,EAAc,MAAM,YAAA,CAAa,YAAA,EAAa;AAAA,EAC9C,aAAA,EAAe,MAAM,YAAA,CAAa,aAAA,EAAc;AAAA,EAChD,MAAA,EAAQ,MAAM,YAAA,CAAa,MAAA,EAAO;AAAA,EAClC,MAAA,EAAQ,MAAM,YAAA,CAAa,MAAA,EAAO;AAAA,EAClC,MAAA,EAAQ,CAAC,OAAA,KAA4B,IAAI,cAAc,OAAO;AAChE,CAAA;;;ACvHO,IAAM,aAAN,MAAiB;AAAA,EACd,MAAA;AAAA,EACA,SAAA;AAAA,EACA,aAAA;AAAA,EACA,gBAAA;AAAA,EAER,WAAA,CAAY,OAAA,GAA4G,EAAC,EAAG;AAC1H,IAAA,IAAA,CAAK,SAAS,OAAA,CAAQ,SAAA,IAAa,MAAA,CAAO,GAAA,CAAI,YAAY,CAAA,IAAK,qCAAA;AAC/D,IAAA,IAAA,CAAK,YAAY,OAAA,CAAQ,YAAA,IAAgB,MAAA,CAAO,GAAA,CAAI,gBAAgB,CAAA,IAAK,IAAA;AACzE,IAAA,IAAA,CAAK,gBAAgB,OAAA,CAAQ,aAAA,IAAiB,OAAO,GAAA,CAAI,oBAAoB,KAAK,IAAA,CAAK,MAAA;AACvF,IAAA,IAAA,CAAK,mBAAmB,OAAA,CAAQ,gBAAA,IAAoB,MAAA,CAAO,GAAA,CAAI,wBAAwB,CAAA,IAAK,KAAA;AAAA,EAC9F;AAAA,EAEA,cAAc,OAAA,EAA6B;AACzC,IAAA,OAAOC,oBAAA,CAAI,KAAK,OAAA,EAAS,IAAA,CAAK,QAAQ,EAAE,SAAA,EAAW,IAAA,CAAK,SAAA,EAAW,CAAA;AAAA,EACrE;AAAA,EAEA,qBAAqB,OAAA,EAA6B;AAChD,IAAA,OAAOA,oBAAA,CAAI,KAAK,OAAA,EAAS,IAAA,CAAK,eAAe,EAAE,SAAA,EAAW,IAAA,CAAK,gBAAA,EAAkB,CAAA;AAAA,EACnF;AAAA,EAEA,kBAAkB,OAAA,EAAgC;AAChD,IAAA,OAAO;AAAA,MACL,WAAA,EAAa,IAAA,CAAK,aAAA,CAAc,OAAO,CAAA;AAAA,MACvC,YAAA,EAAc,IAAA,CAAK,oBAAA,CAAqB,OAAO;AAAA,KACjD;AAAA,EACF;AAAA,EAEA,YAAY,KAAA,EAA2B;AACrC,IAAA,OAAOA,oBAAA,CAAI,MAAA,CAAO,KAAA,EAAO,IAAA,CAAK,MAAM,CAAA;AAAA,EACtC;AAAA,EAEA,mBAAmB,KAAA,EAA2B;AAC5C,IAAA,OAAOA,oBAAA,CAAI,MAAA,CAAO,KAAA,EAAO,IAAA,CAAK,aAAa,CAAA;AAAA,EAC7C;AAAA,EAEA,cAAc,YAAA,EAAiC;AAC7C,IAAA,MAAM,EAAE,KAAK,GAAA,EAAK,GAAA,EAAK,GAAG,OAAA,EAAQ,GAAI,IAAA,CAAK,kBAAA,CAAmB,YAAY,CAAA;AAC1E,IAAA,OAAO,IAAA,CAAK,kBAAkB,OAAO,CAAA;AAAA,EACvC;AACF;AAEO,IAAM,UAAA,GAAa,IAAI,UAAA;;;AF5C9B,SAAA,EAAA;;;AGQO,IAAM,eAAN,MAAmB;AAAA,EAChB,SAAA,uBAA4C,GAAA,EAAI;AAAA,EAExD,WAAA,GAAc;AACZ,IAAA,MAAM,cAAA,GAAiB,MAAA,CAAO,GAAA,CAAI,kBAAkB,CAAA;AACpD,IAAA,MAAM,kBAAA,GAAqB,MAAA,CAAO,GAAA,CAAI,sBAAsB,CAAA;AAC5D,IAAA,MAAM,iBAAA,GAAoB,MAAA,CAAO,GAAA,CAAI,qBAAqB,CAAA;AAE1D,IAAA,IAAI,cAAA,IAAkB,sBAAsB,iBAAA,EAAmB;AAC7D,MAAA,IAAA,CAAK,iBAAiB,QAAA,EAAU;AAAA,QAC9B,IAAA,EAAM,QAAA;AAAA,QACN,QAAA,EAAU,cAAA;AAAA,QACV,YAAA,EAAc,kBAAA;AAAA,QACd,WAAA,EAAa,iBAAA;AAAA,QACb,gBAAA,EAAkB,8CAAA;AAAA,QAClB,QAAA,EAAU,qCAAA;AAAA,QACV,WAAA,EAAa;AAAA,OACd,CAAA;AAAA,IACH;AAAA,EACF;AAAA,EAEA,gBAAA,CAAiB,MAAc,QAAA,EAA+B;AAC5D,IAAA,IAAA,CAAK,SAAA,CAAU,GAAA,CAAI,IAAA,EAAM,QAAQ,CAAA;AAAA,EACnC;AAAA,EAEA,YAAY,IAAA,EAAyC;AACnD,IAAA,OAAO,IAAA,CAAK,SAAA,CAAU,GAAA,CAAI,IAAI,CAAA;AAAA,EAChC;AAAA,EAEA,mBAAA,CAAoB,cAAsB,KAAA,EAAwB;AAChE,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,WAAA,CAAY,YAAY,CAAA;AAC9C,IAAA,IAAI,CAAC,QAAA,EAAU;AACb,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,eAAA,EAAkB,YAAY,CAAA,eAAA,CAAiB,CAAA;AAAA,IACjE;AAEA,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,CAAgB;AAAA,MACjC,WAAW,QAAA,CAAS,QAAA;AAAA,MACpB,cAAc,QAAA,CAAS,WAAA;AAAA,MACvB,aAAA,EAAe,MAAA;AAAA,MACf,KAAA,EAAO,sBAAA;AAAA,MACP,OAAO,KAAA,IAAS;AAAA,KACjB,CAAA;AAED,IAAA,OAAO,GAAG,QAAA,CAAS,gBAAgB,CAAA,CAAA,EAAI,MAAA,CAAO,UAAU,CAAA,CAAA;AAAA,EAC1D;AAAA,EAEA,MAAM,YAAA,CAAa,YAAA,EAAsB,IAAA,EAAuE;AAC9G,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,WAAA,CAAY,YAAY,CAAA;AAC9C,IAAA,IAAI,CAAC,QAAA,EAAU;AACb,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,eAAA,EAAkB,YAAY,CAAA,eAAA,CAAiB,CAAA;AAAA,IACjE;AAEA,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,QAAA,CAAS,QAAA,EAAU;AAAA,MAC9C,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA,EAAS;AAAA,QACP,cAAA,EAAgB;AAAA,OAClB;AAAA,MACA,IAAA,EAAM,IAAI,eAAA,CAAgB;AAAA,QACxB,WAAW,QAAA,CAAS,QAAA;AAAA,QACpB,eAAe,QAAA,CAAS,YAAA;AAAA,QACxB,IAAA;AAAA,QACA,UAAA,EAAY,oBAAA;AAAA,QACZ,cAAc,QAAA,CAAS;AAAA,OACxB;AAAA,KACF,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,KAAA,GAAQ,MAAM,QAAA,CAAS,IAAA,EAAK;AAClC,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,6BAAA,EAAgC,KAAK,CAAA,CAAE,CAAA;AAAA,IACzD;AAEA,IAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,IAAA,EAAK;AACjC,IAAA,OAAO;AAAA,MACL,aAAa,IAAA,CAAK,YAAA;AAAA,MAClB,cAAc,IAAA,CAAK;AAAA,KACrB;AAAA,EACF;AAAA,EAEA,MAAM,WAAA,CAAY,YAAA,EAAsB,WAAA,EAA6C;AACnF,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,WAAA,CAAY,YAAY,CAAA;AAC9C,IAAA,IAAI,CAAC,QAAA,EAAU;AACb,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,eAAA,EAAkB,YAAY,CAAA,eAAA,CAAiB,CAAA;AAAA,IACjE;AAEA,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,QAAA,CAAS,WAAA,EAAa;AAAA,MACjD,OAAA,EAAS;AAAA,QACP,aAAA,EAAe,UAAU,WAAW,CAAA;AAAA;AACtC,KACD,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,KAAA,GAAQ,MAAM,QAAA,CAAS,IAAA,EAAK;AAClC,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,8BAAA,EAAiC,KAAK,CAAA,CAAE,CAAA;AAAA,IAC1D;AAEA,IAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,IAAA,EAAK;AAEjC,IAAA,OAAO;AAAA,MACL,IAAI,IAAA,CAAK,EAAA;AAAA,MACT,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,MAAM,IAAA,CAAK,IAAA;AAAA,MACX,SAAS,IAAA,CAAK;AAAA,KAChB;AAAA,EACF;AACF;AAEO,IAAM,YAAA,GAAe,IAAI,YAAA;AChHhC,SAAA,EAAA;AAwBA,IAAM,oBAAN,MAA6C;AAAA,EACnC,KAAA,uBAA+B,GAAA,EAAI;AAAA,EAE3C,MAAM,YAAY,KAAA,EAAqC;AACrD,IAAA,KAAA,MAAW,IAAA,IAAQ,IAAA,CAAK,KAAA,CAAM,MAAA,EAAO,EAAG;AACtC,MAAA,IAAI,IAAA,CAAK,KAAA,KAAU,KAAA,EAAO,OAAO,IAAA;AAAA,IACnC;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,SAAS,EAAA,EAAkC;AAC/C,IAAA,OAAO,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,EAAE,CAAA,IAAK,IAAA;AAAA,EAC/B;AAAA,EAEA,MAAM,OAAO,IAAA,EAAmC;AAC9C,IAAA,MAAM,EAAA,GAAK,KAAK,MAAA,EAAO,CAAE,SAAS,EAAE,CAAA,CAAE,MAAA,CAAO,CAAA,EAAG,CAAC,CAAA;AACjD,IAAA,MAAM,iBAAiB,MAAMC,uBAAA,CAAO,IAAA,CAAK,IAAA,CAAK,UAAU,EAAE,CAAA;AAC1D,IAAA,MAAM,IAAA,GAAa;AAAA,MACjB,EAAA;AAAA,MACA,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,QAAA,EAAU,cAAA;AAAA,MACV,IAAA,EAAM,KAAK,IAAA,IAAQ,MAAA;AAAA,MACnB,MAAM,IAAA,CAAK;AAAA,KACb;AACA,IAAA,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,EAAA,EAAI,IAAI,CAAA;AACvB,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,MAAA,CAAO,EAAA,EAAY,IAAA,EAAoC;AAC3D,IAAA,MAAM,IAAA,GAAO,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,EAAE,CAAA;AAC9B,IAAA,IAAI,CAAC,IAAA,EAAM,MAAM,IAAI,MAAM,gBAAgB,CAAA;AAC3C,IAAA,MAAM,OAAA,GAAU,EAAE,GAAG,IAAA,EAAM,GAAG,IAAA,EAAK;AACnC,IAAA,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,EAAA,EAAI,OAAO,CAAA;AAC1B,IAAA,OAAO,OAAA;AAAA,EACT;AACF,CAAA;AAEO,IAAM,cAAN,MAAkB;AAAA,EACf,SAAA;AAAA,EACA,OAAA;AAAA,EACA,WAAA,GAAuB,KAAA;AAAA,EAE/B,WAAA,CAAY,OAAA,GAAuB,EAAC,EAAG,SAAA,EAAuB;AAC5D,IAAA,IAAA,CAAK,OAAA,GAAU;AAAA,MACb,SAAA,EAAW,OAAA,CAAQ,SAAA,IAAa,OAAA,CAAQ,IAAI,UAAA,IAAc,qCAAA;AAAA,MAC1D,YAAA,EAAc,QAAQ,YAAA,IAAgB,IAAA;AAAA,MACtC,aAAA,EAAe,OAAA,CAAQ,aAAA,IAAiB,OAAA,CAAQ,IAAI,kBAAA,IAAsB,qCAAA;AAAA,MAC1E,gBAAA,EAAkB,QAAQ,gBAAA,IAAoB,KAAA;AAAA,MAC9C,cAAA,EAAgB,OAAA,CAAQ,cAAA,IAAkB,OAAA,CAAQ,IAAI,gBAAA,IAAoB,EAAA;AAAA,MAC1E,kBAAA,EAAoB,OAAA,CAAQ,kBAAA,IAAsB,OAAA,CAAQ,IAAI,oBAAA,IAAwB,EAAA;AAAA,MACtF,iBAAA,EAAmB,OAAA,CAAQ,iBAAA,IAAqB,OAAA,CAAQ,IAAI,mBAAA,IAAuB;AAAA,KACrF;AAEA,IAAA,IAAA,CAAK,SAAA,GAAY,SAAA,IAAa,IAAI,iBAAA,EAAkB;AAAA,EACtD;AAAA,EAEA,MAAM,UAAA,GAA4B;AAChC,IAAA,IAAI,IAAA,CAAK,QAAQ,cAAA,IAAkB,IAAA,CAAK,QAAQ,kBAAA,IAAsB,IAAA,CAAK,QAAQ,iBAAA,EAAmB;AACpG,MAAA,YAAA,CAAa,iBAAiB,QAAA,EAAU;AAAA,QACtC,IAAA,EAAM,QAAA;AAAA,QACN,QAAA,EAAU,KAAK,OAAA,CAAQ,cAAA;AAAA,QACvB,YAAA,EAAc,KAAK,OAAA,CAAQ,kBAAA;AAAA,QAC3B,WAAA,EAAa,KAAK,OAAA,CAAQ,iBAAA;AAAA,QAC1B,gBAAA,EAAkB,8CAAA;AAAA,QAClB,QAAA,EAAU,qCAAA;AAAA,QACV,WAAA,EAAa;AAAA,OACd,CAAA;AAAA,IACH;AACA,IAAA,IAAA,CAAK,WAAA,GAAc,IAAA;AAAA,EACrB;AAAA,EAEA,MAAM,SAAS,IAAA,EAAoG;AACjH,IAAA,MAAM,WAAW,MAAM,IAAA,CAAK,SAAA,CAAU,WAAA,CAAY,KAAK,KAAK,CAAA;AAC5D,IAAA,IAAI,QAAA,EAAU;AACZ,MAAA,MAAM,IAAI,MAAM,qBAAqB,CAAA;AAAA,IACvC;AAEA,IAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,SAAA,CAAU,OAAO,IAAI,CAAA;AAC7C,IAAA,MAAM,MAAA,GAAS,WAAW,iBAAA,CAAkB;AAAA,MAC1C,QAAQ,IAAA,CAAK,EAAA;AAAA,MACb,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,MAAM,IAAA,CAAK;AAAA,KACZ,CAAA;AAED,IAAA,OAAO,EAAE,MAAM,MAAA,EAAO;AAAA,EACxB;AAAA,EAEA,MAAM,MAAM,WAAA,EAA+G;AACzH,IAAA,MAAM,OAAO,MAAM,IAAA,CAAK,SAAA,CAAU,WAAA,CAAY,YAAY,KAAK,CAAA;AAC/D,IAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,IAAA,CAAK,QAAA,EAAU;AAC3B,MAAA,MAAM,IAAI,MAAM,qBAAqB,CAAA;AAAA,IACvC;AAEA,IAAA,MAAM,UAAU,MAAMA,uBAAA,CAAO,QAAQ,WAAA,CAAY,QAAA,EAAU,KAAK,QAAQ,CAAA;AACxE,IAAA,IAAI,CAAC,OAAA,EAAS;AACZ,MAAA,MAAM,IAAI,MAAM,qBAAqB,CAAA;AAAA,IACvC;AAEA,IAAA,MAAM,MAAA,GAAS,WAAW,iBAAA,CAAkB;AAAA,MAC1C,QAAQ,IAAA,CAAK,EAAA;AAAA,MACb,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,MAAM,IAAA,CAAK;AAAA,KACZ,CAAA;AAED,IAAA,OAAO,EAAE,MAAM,MAAA,EAAO;AAAA,EACxB;AAAA,EAEA,MAAM,QAAQ,YAAA,EAA8E;AAC1F,IAAA,OAAO,UAAA,CAAW,cAAc,YAAY,CAAA;AAAA,EAC9C;AAAA,EAEA,MAAM,iBAAiB,KAAA,EAAiC;AACtD,IAAA,OAAO,YAAA,CAAa,mBAAA,CAAoB,QAAA,EAAU,KAAK,CAAA;AAAA,EACzD;AAAA,EAEA,MAAM,qBAAqB,IAAA,EAA8F;AACvH,IAAA,MAAM,EAAE,WAAA,EAAY,GAAI,MAAM,YAAA,CAAa,YAAA,CAAa,UAAU,IAAI,CAAA;AACtE,IAAA,MAAM,QAAA,GAAW,MAAM,YAAA,CAAa,WAAA,CAAY,UAAU,WAAW,CAAA;AAErE,IAAA,IAAI,OAAO,MAAM,IAAA,CAAK,SAAA,CAAU,WAAA,CAAY,SAAS,KAAK,CAAA;AAE1D,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,IAAA,GAAO,MAAM,IAAA,CAAK,SAAA,CAAU,MAAA,CAAO;AAAA,QACjC,OAAO,QAAA,CAAS,KAAA;AAAA,QAChB,QAAA,EAAU,KAAK,MAAA,EAAO,CAAE,SAAS,EAAE,CAAA,CAAE,MAAA,CAAO,CAAA,EAAG,EAAE,CAAA;AAAA,QACjD,MAAM,QAAA,CAAS,IAAA;AAAA,QACf,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH;AAEA,IAAA,MAAM,MAAA,GAAS,WAAW,iBAAA,CAAkB;AAAA,MAC1C,QAAQ,IAAA,CAAK,EAAA;AAAA,MACb,OAAO,IAAA,CAAK,KAAA;AAAA,MACZ,MAAM,IAAA,CAAK;AAAA,KACZ,CAAA;AAED,IAAA,OAAO,EAAE,MAAM,MAAA,EAAO;AAAA,EACxB;AAAA,EAEA,aAAA,GAAgC;AAC9B,IAAA,OAAO,CAAC,GAAA,EAAc,GAAA,EAAe,IAAA,KAAuB;AAC1D,MAAA,MAAM,UAAA,GAAa,IAAI,OAAA,CAAQ,aAAA;AAE/B,MAAA,IAAI,CAAC,UAAA,IAAc,CAAC,UAAA,CAAW,UAAA,CAAW,SAAS,CAAA,EAAG;AACpD,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,qBAAqB,CAAA;AAAA,MAC5D;AAEA,MAAA,MAAM,KAAA,GAAQ,UAAA,CAAW,SAAA,CAAU,CAAC,CAAA;AAEpC,MAAA,IAAI;AACF,QAAA,MAAM,OAAA,GAAU,UAAA,CAAW,WAAA,CAAY,KAAK,CAAA;AAC5C,QAAA,GAAA,CAAI,IAAA,GAAO;AAAA,UACT,GAAG,OAAA;AAAA,UACH,IAAI,OAAA,CAAQ;AAAA,SACd;AACA,QAAA,IAAA,EAAK;AAAA,MACP,SAAS,KAAA,EAAO;AACd,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,iBAAiB,CAAA;AAAA,MACxD;AAAA,IACF,CAAA;AAAA,EACF;AAAA,EAEA,WAAA,GAA8B;AAC5B,IAAA,OAAO,CAAC,GAAA,EAAc,GAAA,EAAe,IAAA,KAAuB;AAC1D,MAAA,IAAI,CAAC,IAAI,IAAA,EAAM;AACb,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MAClE;AACA,MAAA,IAAA,EAAK;AAAA,IACP,CAAA;AAAA,EACF;AAAA,EAEA,YAAY,IAAA,EAA8B;AACxC,IAAA,OAAO,CAAC,GAAA,EAAc,GAAA,EAAe,IAAA,KAAuB;AAC1D,MAAA,IAAI,CAAC,IAAI,IAAA,EAAM;AACb,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MAClE;AACA,MAAA,IAAI,CAACH,mBAAA,CAAY,OAAA,CAAQ,IAAI,IAAA,CAAK,IAAA,EAAM,IAAI,CAAA,EAAG;AAC7C,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,4BAA4B,CAAA;AAAA,MACnE;AACA,MAAA,IAAA,EAAK;AAAA,IACP,CAAA;AAAA,EACF;AAAA,EAEA,kBAAkB,UAAA,EAAoC;AACpD,IAAA,OAAO,CAAC,GAAA,EAAc,GAAA,EAAe,IAAA,KAAuB;AAC1D,MAAA,IAAI,CAAC,IAAI,IAAA,EAAM;AACb,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MAClE;AACA,MAAA,IAAI,CAACA,mBAAA,CAAY,aAAA,CAAc,IAAI,IAAA,CAAK,IAAA,EAAM,UAAU,CAAA,EAAG;AACzD,QAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,4BAA4B,CAAA;AAAA,MACnE;AACA,MAAA,IAAA,EAAK;AAAA,IACP,CAAA;AAAA,EACF;AACF;AAEA,IAAI,mBAAA,GAA0C,IAAA;AAEvC,SAAS,UAAA,CAAW,SAAuB,SAAA,EAAoC;AACpF,EAAA,mBAAA,GAAsB,IAAI,WAAA,CAAY,OAAA,EAAS,SAAS,CAAA;AACxD,EAAA,OAAO,mBAAA;AACT;AAEO,SAAS,IAAA,GAAoB;AAClC,EAAA,IAAI,CAAC,mBAAA,EAAqB;AACxB,IAAA,mBAAA,GAAsB,IAAI,WAAA,EAAY;AAAA,EACxC;AACA,EAAA,OAAO,mBAAA;AACT;AAEO,IAAM,IAAA,GAAO;AAAA,EAClB,UAAA,EAAY,CAAC,OAAA,KAA0B;AACrC,IAAA,MAAM,OAAA,GAAU,WAAW,OAAO,CAAA;AAClC,IAAA,OAAO;AAAA,MACL,OAAA;AAAA,MACA,aAAA,EAAe,MAAM,OAAA,CAAQ,aAAA,EAAc;AAAA,MAC3C,WAAA,EAAa,MAAM,OAAA,CAAQ,WAAA,EAAY;AAAA,MACvC,WAAA,EAAa,CAAC,IAAA,KAAiB,OAAA,CAAQ,YAAY,IAAI,CAAA;AAAA,MACvD,iBAAA,EAAmB,CAAC,UAAA,KAAuB,OAAA,CAAQ,kBAAkB,UAAU;AAAA,KACjF;AAAA,EACF;AACF;;;AC/OO,SAAS,kBAAA,CAAmB,OAAA,EAA0B,OAAA,EAAuC,IAAA,EAA+B;AACjI,EAAA,MAAM,EAAE,aAAY,GAAI,OAAA;AAExB,EAAA,OAAA,CAAQ,QAAA,CAAS,cAAA,EAAgB,OAAO,OAAA,EAAyB,KAAA,KAAwB;AACvF,IAAA,MAAM,UAAA,GAAa,QAAQ,OAAA,CAAQ,aAAA;AAEnC,IAAA,IAAI,CAAC,UAAA,IAAc,CAAC,UAAA,CAAW,UAAA,CAAW,SAAS,CAAA,EAAG;AACpD,MAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,qBAAqB,CAAA;AAAA,IAC9D;AAEA,IAAA,MAAM,KAAA,GAAQ,UAAA,CAAW,SAAA,CAAU,CAAC,CAAA;AAEpC,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,WAAA,CAAY,YAAY,CAAA,CAAE,YAAY,KAAK,CAAA;AAC3D,MAAA,OAAA,CAAQ,IAAA,GAAO;AAAA,QACb,GAAG,OAAA;AAAA,QACH,IAAI,OAAA,CAAQ;AAAA,OACd;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,iBAAiB,CAAA;AAAA,IAC1D;AAAA,EACF,CAAC,CAAA;AAED,EAAA,OAAA,CAAQ,QAAA,CAAS,aAAA,EAAe,OAAO,OAAA,EAAyB,KAAA,KAAwB;AACtF,IAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,MAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,IACpE;AAAA,EACF,CAAC,CAAA;AAED,EAAA,OAAA,CAAQ,QAAA,CAAS,aAAA,EAAe,CAAC,IAAA,KAAiB;AAChD,IAAA,OAAO,OAAO,SAAyB,KAAA,KAAwB;AAC7D,MAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,QAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MACpE;AACA,MAAA,MAAM,EAAE,WAAA,EAAAA,YAAAA,EAAY,GAAI,MAAM,OAAA,CAAA,OAAA,EAAA,CAAA,IAAA,CAAA,OAAA,SAAA,EAAA,EAAA,YAAA,CAAA,CAAA;AAC9B,MAAA,IAAI,CAACA,YAAAA,CAAY,OAAA,CAAQ,QAAQ,IAAA,CAAK,IAAA,EAAM,IAAI,CAAA,EAAG;AACjD,QAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,4BAA4B,CAAA;AAAA,MACrE;AAAA,IACF,CAAA;AAAA,EACF,CAAC,CAAA;AAED,EAAA,OAAA,CAAQ,QAAA,CAAS,mBAAA,EAAqB,CAAC,UAAA,KAAuB;AAC5D,IAAA,OAAO,OAAO,SAAyB,KAAA,KAAwB;AAC7D,MAAA,IAAI,CAAC,QAAQ,IAAA,EAAM;AACjB,QAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,MACpE;AACA,MAAA,MAAM,EAAE,WAAA,EAAAA,YAAAA,EAAY,GAAI,MAAM,OAAA,CAAA,OAAA,EAAA,CAAA,IAAA,CAAA,OAAA,SAAA,EAAA,EAAA,YAAA,CAAA,CAAA;AAC9B,MAAA,IAAI,CAACA,YAAAA,CAAY,aAAA,CAAc,QAAQ,IAAA,CAAK,IAAA,EAAM,UAAU,CAAA,EAAG;AAC7D,QAAA,OAAO,KAAA,CAAM,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,4BAA4B,CAAA;AAAA,MACrE;AAAA,IACF,CAAA;AAAA,EACF,CAAC,CAAA;AAED,EAAA,IAAA,EAAK;AACP","file":"index.js","sourcesContent":["export type Role = 'admin' | 'user' | 'guest' | string;\n\nexport interface User {\n  id: string;\n  email: string;\n  password?: string;\n  role: Role;\n  name?: string;\n  picture?: string;\n  createdAt?: Date;\n  updatedAt?: Date;\n}\n\nexport interface JWTPayload {\n  userId: string;\n  email: string;\n  role: Role;\n}\n\nexport interface TokenPair {\n  accessToken: string;\n  refreshToken: string;\n}\n\nexport interface AuthOptions {\n  jwtSecret?: string;\n  jwtExpiresIn?: string;\n  refreshSecret?: string;\n  refreshExpiresIn?: string;\n  googleClientId?: string;\n  googleClientSecret?: string;\n  googleRedirectUri?: string;\n}\n\nexport interface AuthUserRequest extends Request {\n  user?: JWTPayload;\n}\n\nexport type Permission = string;\n\nexport interface RolePermissions {\n  [role: string]: Permission[];\n}\n\nexport const DEFAULT_PERMISSIONS: RolePermissions = {\n  admin: ['*'],\n  user: ['read', 'write:own'],\n  guest: ['read:public'],\n};\n\nexport interface LoginCredentials {\n  email: string;\n  password: string;\n}\n\nexport interface RegisterData extends LoginCredentials {\n  name?: string;\n  role?: Role;\n}\n\nexport interface OAuthProvider {\n  name: string;\n  clientId: string;\n  clientSecret: string;\n  redirectUri: string;\n  authorizationUrl: string;\n  tokenUrl: string;\n  userInfoUrl: string;\n}\n","import { Role, Permission, RolePermissions, DEFAULT_PERMISSIONS } from './types';\n\nexport class RBACService {\n  private permissions: RolePermissions;\n\n  constructor(permissions: RolePermissions = DEFAULT_PERMISSIONS) {\n    this.permissions = permissions;\n  }\n\n  setPermissions(permissions: RolePermissions): void {\n    this.permissions = permissions;\n  }\n\n  addPermission(role: Role, permission: Permission): void {\n    if (!this.permissions[role]) {\n      this.permissions[role] = [];\n    }\n    if (!this.permissions[role].includes(permission)) {\n      this.permissions[role].push(permission);\n    }\n  }\n\n  removePermission(role: Role, permission: Permission): void {\n    if (this.permissions[role]) {\n      this.permissions[role] = this.permissions[role].filter(p => p !== permission);\n    }\n  }\n\n  getPermissions(role: Role): Permission[] {\n    return this.permissions[role] || [];\n  }\n\n  hasPermission(role: Role, requiredPermission: Permission): boolean {\n    const rolePermissions = this.getPermissions(role);\n    \n    if (rolePermissions.includes('*')) {\n      return true;\n    }\n\n    if (rolePermissions.includes(requiredPermission)) {\n      return true;\n    }\n\n    const [requiredAction, requiredScope] = requiredPermission.split(':');\n    \n    for (const perm of rolePermissions) {\n      const [action, scope] = perm.split(':');\n      \n      if (action === '*' && (scope === '*' || scope === requiredScope)) {\n        return true;\n      }\n      \n      if (action === requiredAction && (scope === '*' || scope === requiredScope)) {\n        return true;\n      }\n    }\n\n    return false;\n  }\n\n  hasRole(userRole: Role, requiredRole: Role): boolean {\n    const hierarchy: Role[] = ['guest', 'user', 'admin'];\n    const userIndex = hierarchy.indexOf(userRole as any);\n    const requiredIndex = hierarchy.indexOf(requiredRole as any);\n    \n    if (userIndex === -1 || requiredIndex === -1) {\n      return userRole === requiredRole;\n    }\n    \n    return userIndex >= requiredIndex;\n  }\n\n  authorize(permission: Permission) {\n    return (role: Role): boolean => this.hasPermission(role, permission);\n  }\n\n  authorizeRole(requiredRole: Role) {\n    return (role: Role): boolean => this.hasRole(role, requiredRole);\n  }\n}\n\nexport const rbacService = new RBACService();\n","export * from './types';\nexport * from './jwt';\nexport * from './rbac';\nexport * from './oauth';\nexport * from './express';\nexport * from './fastify';\n","import { z } from 'zod';\n\nexport const envSchema = z.object({\n  NODE_ENV: z.enum(['development', 'production', 'test']).default('development'),\n  PORT: z.string().default('3000'),\n  DATABASE_URL: z.string().optional(),\n  MONGODB_URL: z.string().optional(),\n  REDIS_URL: z.string().default('redis://localhost:6379'),\n  JWT_SECRET: z.string().min(32).optional(),\n  JWT_EXPIRES_IN: z.string().default('7d'),\n  JWT_REFRESH_SECRET: z.string().min(32).optional(),\n  JWT_REFRESH_EXPIRES_IN: z.string().default('30d'),\n  GOOGLE_CLIENT_ID: z.string().optional(),\n  GOOGLE_CLIENT_SECRET: z.string().optional(),\n  GOOGLE_REDIRECT_URI: z.string().optional(),\n  SMTP_HOST: z.string().optional(),\n  SMTP_PORT: z.string().default('587'),\n  SMTP_USER: z.string().optional(),\n  SMTP_PASS: z.string().optional(),\n  SMTP_FROM: z.string().optional(),\n  TWILIO_ACCOUNT_SID: z.string().optional(),\n  TWILIO_AUTH_TOKEN: z.string().optional(),\n  TWILIO_PHONE_NUMBER: z.string().optional(),\n  SLACK_WEBHOOK_URL: z.string().optional(),\n  RATE_LIMIT_WINDOW: z.string().default('1m'),\n  RATE_LIMIT_LIMIT: z.string().default('100'),\n  LOG_LEVEL: z.enum(['fatal', 'error', 'warn', 'info', 'debug', 'trace']).default('info'),\n  AWS_REGION: z.string().default('us-east-1'),\n  AWS_ACCESS_KEY_ID: z.string().optional(),\n  AWS_SECRET_ACCESS_KEY: z.string().optional(),\n  AWS_S3_BUCKET: z.string().optional(),\n  AWS_ENDPOINT: z.string().optional(),\n});\n\nexport type EnvConfig = z.infer<typeof envSchema>;\n\nexport interface ConfigOptions {\n  schema?: z.ZodSchema;\n  envPath?: string;\n  validate?: boolean;\n}\n\nclass ConfigManager {\n  private config: EnvConfig | null = null;\n  private schema: z.ZodSchema;\n  private validate: boolean;\n\n  constructor(options: ConfigOptions = {}) {\n    this.schema = options.schema || envSchema;\n    this.validate = options.validate ?? true;\n  }\n\n  load(): EnvConfig {\n    if (this.config) return this.config;\n\n    const env: Record<string, string | undefined> = {};\n    \n    for (const key of Object.keys(this.schema.shape)) {\n      env[key] = process.env[key];\n    }\n\n    if (this.validate) {\n      const result = this.schema.safeParse(env);\n      if (!result.success) {\n        const errors = result.error.errors.map(e => `${e.path.join('.')}: ${e.message}`).join(', ');\n        throw new Error(`Config validation failed: ${errors}`);\n      }\n      this.config = result.data;\n    } else {\n      this.config = env as EnvConfig;\n    }\n\n    return this.config;\n  }\n\n  get<K extends keyof EnvConfig>(key: K): EnvConfig[K] {\n    if (!this.config) this.load();\n    return this.config![key];\n  }\n\n  int(key: keyof EnvConfig): number {\n    const value = this.get(key);\n    if (typeof value === 'string') return parseInt(value, 10);\n    return Number(value);\n  }\n\n  bool(key: keyof EnvConfig): boolean {\n    const value = this.get(key);\n    if (typeof value === 'boolean') return value;\n    if (typeof value === 'string') return value.toLowerCase() === 'true';\n    return Boolean(value);\n  }\n\n  isProduction(): boolean {\n    return this.get('NODE_ENV') === 'production';\n  }\n\n  isDevelopment(): boolean {\n    return this.get('NODE_ENV') === 'development';\n  }\n\n  isTest(): boolean {\n    return this.get('NODE_ENV') === 'test';\n  }\n\n  getAll(): EnvConfig {\n    if (!this.config) this.load();\n    return this.config!;\n  }\n}\n\nconst globalConfig = new ConfigManager();\n\nexport const config = {\n  load: () => globalConfig.load(),\n  get: <K extends keyof EnvConfig>(key: K) => globalConfig.get(key),\n  int: (key: keyof EnvConfig) => globalConfig.int(key),\n  bool: (key: keyof EnvConfig) => globalConfig.bool(key),\n  isProduction: () => globalConfig.isProduction(),\n  isDevelopment: () => globalConfig.isDevelopment(),\n  isTest: () => globalConfig.isTest(),\n  getAll: () => globalConfig.getAll(),\n  create: (options?: ConfigOptions) => new ConfigManager(options),\n};\n\nexport default config;\n","import jwt from 'jsonwebtoken';\nimport { JWTPayload, TokenPair } from './types';\nimport { config } from '../config';\n\nexport class JWTService {\n  private secret: string;\n  private expiresIn: string;\n  private refreshSecret: string;\n  private refreshExpiresIn: string;\n\n  constructor(options: { jwtSecret?: string; jwtExpiresIn?: string; refreshSecret?: string; refreshExpiresIn?: string } = {}) {\n    this.secret = options.jwtSecret || config.get('JWT_SECRET') || 'default-secret-change-in-production';\n    this.expiresIn = options.jwtExpiresIn || config.get('JWT_EXPIRES_IN') || '7d';\n    this.refreshSecret = options.refreshSecret || config.get('JWT_REFRESH_SECRET') || this.secret;\n    this.refreshExpiresIn = options.refreshExpiresIn || config.get('JWT_REFRESH_EXPIRES_IN') || '30d';\n  }\n\n  generateToken(payload: JWTPayload): string {\n    return jwt.sign(payload, this.secret, { expiresIn: this.expiresIn });\n  }\n\n  generateRefreshToken(payload: JWTPayload): string {\n    return jwt.sign(payload, this.refreshSecret, { expiresIn: this.refreshExpiresIn });\n  }\n\n  generateTokenPair(payload: JWTPayload): TokenPair {\n    return {\n      accessToken: this.generateToken(payload),\n      refreshToken: this.generateRefreshToken(payload),\n    };\n  }\n\n  verifyToken(token: string): JWTPayload {\n    return jwt.verify(token, this.secret) as JWTPayload;\n  }\n\n  verifyRefreshToken(token: string): JWTPayload {\n    return jwt.verify(token, this.refreshSecret) as JWTPayload;\n  }\n\n  refreshTokens(refreshToken: string): TokenPair {\n    const { iat, exp, nbf, ...payload } = this.verifyRefreshToken(refreshToken) as JWTPayload & { iat?: number; exp?: number; nbf?: number };\n    return this.generateTokenPair(payload);\n  }\n}\n\nexport const jwtService = new JWTService();\n","import { OAuthProvider } from './types';\nimport { config } from '../config';\n\nexport interface OAuthUserInfo {\n  id: string;\n  email: string;\n  name?: string;\n  picture?: string;\n}\n\nexport class OAuthService {\n  private providers: Map<string, OAuthProvider> = new Map();\n\n  constructor() {\n    const googleClientId = config.get('GOOGLE_CLIENT_ID');\n    const googleClientSecret = config.get('GOOGLE_CLIENT_SECRET');\n    const googleRedirectUri = config.get('GOOGLE_REDIRECT_URI');\n\n    if (googleClientId && googleClientSecret && googleRedirectUri) {\n      this.registerProvider('google', {\n        name: 'google',\n        clientId: googleClientId,\n        clientSecret: googleClientSecret,\n        redirectUri: googleRedirectUri,\n        authorizationUrl: 'https://accounts.google.com/o/oauth2/v2/auth',\n        tokenUrl: 'https://oauth2.googleapis.com/token',\n        userInfoUrl: 'https://www.googleapis.com/oauth2/v2/userinfo',\n      });\n    }\n  }\n\n  registerProvider(name: string, provider: OAuthProvider): void {\n    this.providers.set(name, provider);\n  }\n\n  getProvider(name: string): OAuthProvider | undefined {\n    return this.providers.get(name);\n  }\n\n  getAuthorizationUrl(providerName: string, state?: string): string {\n    const provider = this.getProvider(providerName);\n    if (!provider) {\n      throw new Error(`OAuth provider ${providerName} not registered`);\n    }\n\n    const params = new URLSearchParams({\n      client_id: provider.clientId,\n      redirect_uri: provider.redirectUri,\n      response_type: 'code',\n      scope: 'openid email profile',\n      state: state || '',\n    });\n\n    return `${provider.authorizationUrl}?${params.toString()}`;\n  }\n\n  async exchangeCode(providerName: string, code: string): Promise<{ accessToken: string; refreshToken?: string }> {\n    const provider = this.getProvider(providerName);\n    if (!provider) {\n      throw new Error(`OAuth provider ${providerName} not registered`);\n    }\n\n    const response = await fetch(provider.tokenUrl, {\n      method: 'POST',\n      headers: {\n        'Content-Type': 'application/x-www-form-urlencoded',\n      },\n      body: new URLSearchParams({\n        client_id: provider.clientId,\n        client_secret: provider.clientSecret,\n        code,\n        grant_type: 'authorization_code',\n        redirect_uri: provider.redirectUri,\n      }),\n    });\n\n    if (!response.ok) {\n      const error = await response.text();\n      throw new Error(`OAuth token exchange failed: ${error}`);\n    }\n\n    const data = await response.json();\n    return {\n      accessToken: data.access_token,\n      refreshToken: data.refresh_token,\n    };\n  }\n\n  async getUserInfo(providerName: string, accessToken: string): Promise<OAuthUserInfo> {\n    const provider = this.getProvider(providerName);\n    if (!provider) {\n      throw new Error(`OAuth provider ${providerName} not registered`);\n    }\n\n    const response = await fetch(provider.userInfoUrl, {\n      headers: {\n        Authorization: `Bearer ${accessToken}`,\n      },\n    });\n\n    if (!response.ok) {\n      const error = await response.text();\n      throw new Error(`OAuth user info fetch failed: ${error}`);\n    }\n\n    const data = await response.json();\n\n    return {\n      id: data.id,\n      email: data.email,\n      name: data.name,\n      picture: data.picture,\n    };\n  }\n}\n\nexport const oauthService = new OAuthService();\n","import bcrypt from 'bcryptjs';\nimport { Request, Response, NextFunction, RequestHandler } from 'express';\nimport { JWTPayload, LoginCredentials, RegisterData, User, AuthOptions } from './types';\nimport { jwtService } from './jwt';\nimport { rbacService } from './rbac';\nimport { oauthService } from './oauth';\n\nexport interface AuthUser extends JWTPayload {\n  id: string;\n  email: string;\n  role: string;\n}\n\ndeclare global {\n  namespace Express {\n    interface Request {\n      user?: AuthUser;\n    }\n  }\n}\n\nexport interface UserStore {\n  findByEmail(email: string): Promise<User | null>;\n  findById(id: string): Promise<User | null>;\n  create(data: RegisterData): Promise<User>;\n  update(id: string, data: Partial<User>): Promise<User>;\n}\n\nclass InMemoryUserStore implements UserStore {\n  private users: Map<string, User> = new Map();\n\n  async findByEmail(email: string): Promise<User | null> {\n    for (const user of this.users.values()) {\n      if (user.email === email) return user;\n    }\n    return null;\n  }\n\n  async findById(id: string): Promise<User | null> {\n    return this.users.get(id) || null;\n  }\n\n  async create(data: RegisterData): Promise<User> {\n    const id = Math.random().toString(36).substr(2, 9);\n    const hashedPassword = await bcrypt.hash(data.password, 10);\n    const user: User = {\n      id,\n      email: data.email,\n      password: hashedPassword,\n      role: data.role || 'user',\n      name: data.name,\n    };\n    this.users.set(id, user);\n    return user;\n  }\n\n  async update(id: string, data: Partial<User>): Promise<User> {\n    const user = this.users.get(id);\n    if (!user) throw new Error('User not found');\n    const updated = { ...user, ...data };\n    this.users.set(id, updated);\n    return updated;\n  }\n}\n\nexport class AuthService {\n  private userStore: UserStore;\n  private options: Required<AuthOptions>;\n  private initialized: boolean = false;\n\n  constructor(options: AuthOptions = {}, userStore?: UserStore) {\n    this.options = {\n      jwtSecret: options.jwtSecret || process.env.JWT_SECRET || 'default-secret-change-in-production',\n      jwtExpiresIn: options.jwtExpiresIn || '7d',\n      refreshSecret: options.refreshSecret || process.env.JWT_REFRESH_SECRET || 'default-secret-change-in-production',\n      refreshExpiresIn: options.refreshExpiresIn || '30d',\n      googleClientId: options.googleClientId || process.env.GOOGLE_CLIENT_ID || '',\n      googleClientSecret: options.googleClientSecret || process.env.GOOGLE_CLIENT_SECRET || '',\n      googleRedirectUri: options.googleRedirectUri || process.env.GOOGLE_REDIRECT_URI || '',\n    };\n\n    this.userStore = userStore || new InMemoryUserStore();\n  }\n\n  async initialize(): Promise<void> {\n    if (this.options.googleClientId && this.options.googleClientSecret && this.options.googleRedirectUri) {\n      oauthService.registerProvider('google', {\n        name: 'google',\n        clientId: this.options.googleClientId,\n        clientSecret: this.options.googleClientSecret,\n        redirectUri: this.options.googleRedirectUri,\n        authorizationUrl: 'https://accounts.google.com/o/oauth2/v2/auth',\n        tokenUrl: 'https://oauth2.googleapis.com/token',\n        userInfoUrl: 'https://www.googleapis.com/oauth2/v2/userinfo',\n      });\n    }\n    this.initialized = true;\n  }\n\n  async register(data: RegisterData): Promise<{ user: User; tokens: { accessToken: string; refreshToken: string } }> {\n    const existing = await this.userStore.findByEmail(data.email);\n    if (existing) {\n      throw new Error('User already exists');\n    }\n\n    const user = await this.userStore.create(data);\n    const tokens = jwtService.generateTokenPair({\n      userId: user.id,\n      email: user.email,\n      role: user.role,\n    });\n\n    return { user, tokens };\n  }\n\n  async login(credentials: LoginCredentials): Promise<{ user: User; tokens: { accessToken: string; refreshToken: string } }> {\n    const user = await this.userStore.findByEmail(credentials.email);\n    if (!user || !user.password) {\n      throw new Error('Invalid credentials');\n    }\n\n    const isValid = await bcrypt.compare(credentials.password, user.password);\n    if (!isValid) {\n      throw new Error('Invalid credentials');\n    }\n\n    const tokens = jwtService.generateTokenPair({\n      userId: user.id,\n      email: user.email,\n      role: user.role,\n    });\n\n    return { user, tokens };\n  }\n\n  async refresh(refreshToken: string): Promise<{ accessToken: string; refreshToken: string }> {\n    return jwtService.refreshTokens(refreshToken);\n  }\n\n  async getGoogleAuthUrl(state?: string): Promise<string> {\n    return oauthService.getAuthorizationUrl('google', state);\n  }\n\n  async handleGoogleCallback(code: string): Promise<{ user: User; tokens: { accessToken: string; refreshToken: string } }> {\n    const { accessToken } = await oauthService.exchangeCode('google', code);\n    const userInfo = await oauthService.getUserInfo('google', accessToken);\n\n    let user = await this.userStore.findByEmail(userInfo.email);\n    \n    if (!user) {\n      user = await this.userStore.create({\n        email: userInfo.email,\n        password: Math.random().toString(36).substr(2, 20),\n        name: userInfo.name,\n        role: 'user',\n      });\n    }\n\n    const tokens = jwtService.generateTokenPair({\n      userId: user.id,\n      email: user.email,\n      role: user.role,\n    });\n\n    return { user, tokens };\n  }\n\n  getMiddleware(): RequestHandler {\n    return (req: Request, res: Response, next: NextFunction) => {\n      const authHeader = req.headers.authorization;\n      \n      if (!authHeader || !authHeader.startsWith('Bearer ')) {\n        return res.status(401).json({ error: 'No token provided' });\n      }\n\n      const token = authHeader.substring(7);\n      \n      try {\n        const payload = jwtService.verifyToken(token);\n        req.user = {\n          ...payload,\n          id: payload.userId,\n        };\n        next();\n      } catch (error) {\n        return res.status(401).json({ error: 'Invalid token' });\n      }\n    };\n  }\n\n  requireUser(): RequestHandler {\n    return (req: Request, res: Response, next: NextFunction) => {\n      if (!req.user) {\n        return res.status(401).json({ error: 'Authentication required' });\n      }\n      next();\n    };\n  }\n\n  requireRole(role: string): RequestHandler {\n    return (req: Request, res: Response, next: NextFunction) => {\n      if (!req.user) {\n        return res.status(401).json({ error: 'Authentication required' });\n      }\n      if (!rbacService.hasRole(req.user.role, role)) {\n        return res.status(403).json({ error: 'Insufficient permissions' });\n      }\n      next();\n    };\n  }\n\n  requirePermission(permission: string): RequestHandler {\n    return (req: Request, res: Response, next: NextFunction) => {\n      if (!req.user) {\n        return res.status(401).json({ error: 'Authentication required' });\n      }\n      if (!rbacService.hasPermission(req.user.role, permission)) {\n        return res.status(403).json({ error: 'Insufficient permissions' });\n      }\n      next();\n    };\n  }\n}\n\nlet authServiceInstance: AuthService | null = null;\n\nexport function createAuth(options?: AuthOptions, userStore?: UserStore): AuthService {\n  authServiceInstance = new AuthService(options, userStore);\n  return authServiceInstance;\n}\n\nexport function auth(): AuthService {\n  if (!authServiceInstance) {\n    authServiceInstance = new AuthService();\n  }\n  return authServiceInstance;\n}\n\nexport const Auth = {\n  initialize: (options?: AuthOptions) => {\n    const service = createAuth(options);\n    return {\n      service,\n      getMiddleware: () => service.getMiddleware(),\n      requireUser: () => service.requireUser(),\n      requireRole: (role: string) => service.requireRole(role),\n      requirePermission: (permission: string) => service.requirePermission(permission),\n    };\n  },\n};\n","import { FastifyInstance, FastifyRequest, FastifyReply, HookHandlerDoneFunction } from 'fastify';\nimport { AuthService } from './express';\nimport { JWTPayload } from './types';\n\ndeclare module 'fastify' {\n  interface FastifyRequest {\n    user?: JWTPayload & { id: string };\n  }\n}\n\nexport function registerAuthPlugin(fastify: FastifyInstance, options: { authService: AuthService }, done: HookHandlerDoneFunction) {\n  const { authService } = options;\n\n  fastify.decorate('authenticate', async (request: FastifyRequest, reply: FastifyReply) => {\n    const authHeader = request.headers.authorization;\n    \n    if (!authHeader || !authHeader.startsWith('Bearer ')) {\n      return reply.status(401).send({ error: 'No token provided' });\n    }\n\n    const token = authHeader.substring(7);\n    \n    try {\n      const payload = authService['jwtService'].verifyToken(token);\n      request.user = {\n        ...payload,\n        id: payload.userId,\n      };\n    } catch (error) {\n      return reply.status(401).send({ error: 'Invalid token' });\n    }\n  });\n\n  fastify.decorate('requireUser', async (request: FastifyRequest, reply: FastifyReply) => {\n    if (!request.user) {\n      return reply.status(401).send({ error: 'Authentication required' });\n    }\n  });\n\n  fastify.decorate('requireRole', (role: string) => {\n    return async (request: FastifyRequest, reply: FastifyReply) => {\n      if (!request.user) {\n        return reply.status(401).send({ error: 'Authentication required' });\n      }\n      const { rbacService } = await import('./rbac');\n      if (!rbacService.hasRole(request.user.role, role)) {\n        return reply.status(403).send({ error: 'Insufficient permissions' });\n      }\n    };\n  });\n\n  fastify.decorate('requirePermission', (permission: string) => {\n    return async (request: FastifyRequest, reply: FastifyReply) => {\n      if (!request.user) {\n        return reply.status(401).send({ error: 'Authentication required' });\n      }\n      const { rbacService } = await import('./rbac');\n      if (!rbacService.hasPermission(request.user.role, permission)) {\n        return reply.status(403).send({ error: 'Insufficient permissions' });\n      }\n    };\n  });\n\n  done();\n}\n"]}

package/dist/auth/index.mjs

@@ -104,6 +104,7 @@ var envSchema = z.object({
   NODE_ENV: z.enum(["development", "production", "test"]).default("development"),
   PORT: z.string().default("3000"),
   DATABASE_URL: z.string().optional(),
+  MONGODB_URL: z.string().optional(),
   REDIS_URL: z.string().default("redis://localhost:6379"),
   JWT_SECRET: z.string().min(32).optional(),
   JWT_EXPIRES_IN: z.string().default("7d"),