stellar-drive 1.2.27 → 1.2.29

package/README.md

@@ -52,7 +52,7 @@ Building offline-first sync is notoriously difficult. stellar-drive handles the
 - **Diagnostics** -- Comprehensive runtime diagnostics covering sync, queue, realtime, conflicts, egress, and network state.
 - **Debug utilities** -- Opt-in debug logging and `window` debug utilities for browser console inspection during development.
 - **SvelteKit integration** (optional) -- Layout helpers, server handlers, email confirmation, service worker lifecycle, and auth hydration.
-- **PWA scaffolding CLI** -- `stellar-drive install pwa` generates a complete SvelteKit PWA project (34+ files) with an interactive walkthrough.
+- **PWA scaffolding CLI** -- `stellar-drive install pwa` generates a fully wired SvelteKit PWA skeleton (51 files) with auth, PIN gate, device verification, profile page, demo mode, adaptive navbar, and PWA plumbing pre-connected.
 
 ### Use cases
 
@@ -402,31 +402,156 @@ See [API Reference -- Vite Plugin](./API_REFERENCE.md#vite-plugin-stellarpwa) fo
 
 ### Install PWA
 
-Scaffold a complete offline-first SvelteKit PWA project with an interactive walkthrough:
+Scaffold a complete offline-first SvelteKit PWA skeleton with an interactive walkthrough:
 
 ```bash
 npx stellar-drive install pwa
 ```
 
-The wizard prompts for:
+Run this in an empty directory. The wizard collects four inputs, installs dependencies, and writes 51 files — a fully wired skeleton that passes `npm run validate` and `npm run cleanup` out of the box.
+
+#### Wizard prompts
 
 | Prompt | Required | Description |
 |--------|----------|-------------|
-| App Name | Yes | Full app name (e.g., "Stellar Planner") |
-| Short Name | Yes | Short name for PWA home screen (under 12 chars) |
-| Prefix | Yes | Lowercase key for localStorage, caches, SW, and Supabase table names (auto-suggested from name) |
-| Description | No | App description (default: "A self-hosted offline-first PWA") |
-
-Generates **34+ files** for a production-ready SvelteKit 2 + Svelte 5 project:
-
-- **Config files (8):** `vite.config.ts`, `tsconfig.json`, `svelte.config.js`, `eslint.config.js`, `.prettierrc`, `.prettierignore`, `knip.json`, `.gitignore`
-- **Documentation (3):** `README.md`, `ARCHITECTURE.md`, `FRAMEWORKS.md`
-- **Static assets (13):** `manifest.json`, `offline.html`, placeholder SVG icons, email template placeholders
-- **Database (1):** `supabase-schema.sql` with helper functions, example tables, and `trusted_devices` table
-- **Source files (2):** `src/app.html` (PWA-ready with iOS meta tags, SW registration), `src/app.d.ts`
-- **Route files (16):** Root layout, login, setup, profile, protected area, API endpoints, catch-all redirect
-- **Library (1):** `src/lib/types.ts` with re-exports and app-specific type stubs
-- **Git hooks (1):** `.husky/pre-commit` with lint + format + validate
+| App Name | Yes | Full app name (e.g., "Stellar Planner"). Used in page titles, manifest, and email templates. |
+| Short Name | Yes | Condensed name for the PWA home-screen icon (12 chars max). |
+| Prefix | Yes | Lowercase key used for localStorage, caches, the service worker scope, and Supabase table prefixes. Auto-suggested from the app name. |
+| Description | No | One-line description shown in the manifest (default: `"A self-hosted offline-first PWA"`). |
+
+#### What gets generated — 51 files
+
+**Project config (10)**
+
+| File | Purpose |
+|------|---------|
+| `package.json` | All deps and scripts pre-configured: `dev`, `build`, `validate`, `cleanup` |
+| `vite.config.ts` | `stellarPWA` plugin wired with your prefix; schema generation enabled |
+| `tsconfig.json` | Extends SvelteKit's generated config with strict mode |
+| `svelte.config.js` | `adapter-auto` + `vitePreprocess` |
+| `eslint.config.js` | TypeScript-aware ESLint with Svelte plugin |
+| `.prettierrc` | Consistent formatting rules |
+| `.prettierignore` | Ignores build artifacts and generated files |
+| `knip.json` | Dead-code detection configured for SvelteKit |
+| `.gitignore` | Node, SvelteKit, and environment file ignores |
+| `.env.example` | Template for `PUBLIC_SUPABASE_URL` and `PUBLIC_SUPABASE_PUBLISHABLE_DEFAULT_KEY` |
+
+**Documentation (3)**
+
+| File | Purpose |
+|------|---------|
+| `README.md` | Project-level readme linking architecture and framework docs |
+| `ARCHITECTURE.md` | Directory layout, data flow, and module responsibilities |
+| `FRAMEWORKS.md` | Technology choices, rationale, and Svelte 5 rune patterns |
+
+**Git hooks (1)**
+
+| File | Purpose |
+|------|---------|
+| `.husky/pre-commit` | Runs `npm run cleanup && npm run validate && git add -u` before every commit |
+
+**Static assets (12)**
+
+| File | Purpose |
+|------|---------|
+| `static/manifest.json` | PWA manifest with all icon sizes and display settings |
+| `static/offline.html` | Offline fallback shown by the service worker |
+| `static/icons/app.svg` | Green primary app icon (letter placeholder) |
+| `static/icons/app-dark.svg` | Dark variant for light-mode context |
+| `static/icons/maskable.svg` | Maskable icon for Android home screens |
+| `static/icons/favicon.svg` | Browser tab favicon |
+| `static/icons/monochrome.svg` | Monochrome icon for notification badges |
+| `static/icons/splash.svg` | Splash screen icon |
+| `static/icons/apple-touch.svg` | iOS Add-to-Home-Screen icon |
+| `static/signup-email.html` | Signup confirmation email template |
+| `static/change-email.html` | Email change confirmation template |
+| `static/device-verification-email.html` | Device trust OTP email template |
+
+**App core (2)**
+
+| File | Purpose |
+|------|---------|
+| `src/app.html` | PWA shell: iOS meta tags, theme color, service-worker registration script |
+| `src/app.d.ts` | SvelteKit ambient types (`App.Locals`, `App.PageData`) |
+
+**Routes (16)**
+
+| Route | File(s) | What it does |
+|-------|---------|-------------|
+| Root layout | `+layout.ts`, `+layout.svelte` | Engine bootstrap, auth resolution, adaptive navbar (top on desktop / bottom on mobile), sync status, offline toast, demo banner, PWA update prompt |
+| Home | `+page.svelte` | Protected placeholder — add your app content here |
+| Error | `+error.svelte` | SvelteKit error page with retry and home link |
+| Login | `login/+page.svelte` | PIN-based login, device linking, device verification email flow, BroadcastChannel handshake, persistent lockout countdown |
+| Email confirm | `confirm/+page.svelte` | Verifies Supabase email OTP, broadcasts `AUTH_CONFIRMED` to the login tab, then closes or redirects |
+| Setup (initial) | `setup/+page.ts`, `setup/+page.svelte` | Multi-step wizard: Supabase credentials → validate → deploy schema → create account. Guarded by `resolveSetupAccess()` — only accessible before a user account exists. |
+| Reconfigure | `setup/Reconfigure.svelte` | Single-page re-setup form for changing credentials after initial setup. Accessible from the profile settings. |
+| Profile | `profile/+page.svelte` | Full settings hub: display name, email change (with re-verification), PIN/code change, trusted devices list with revocation, debug mode toggle, diagnostics dashboard (sync, realtime, queue, egress, errors), reset database |
+| Demo | `demo/+page.svelte` | Toggle demo mode on/off with explanation and confirmation; triggers full page reload |
+| Privacy policy | `policy/+page.svelte` | Static placeholder — replace with your actual policy |
+| Config API | `api/config/+server.ts` | Returns `PUBLIC_SUPABASE_URL` and `PUBLIC_SUPABASE_PUBLISHABLE_DEFAULT_KEY` to the client |
+| Setup deploy | `api/setup/deploy/+server.ts` | Writes `.env` during initial setup, creates Supabase auth user + pushes schema SQL |
+| Setup validate | `api/setup/validate/+server.ts` | Validates Supabase credentials without writing anything |
+| Catch-all | `[...catchall]/+page.server.ts` | 302 redirect to `/` for unknown URLs |
+
+**Library (7)**
+
+| File | Purpose |
+|------|---------|
+| `src/lib/routes.ts` | `ROUTES` constants for all app paths — single source of truth |
+| `src/lib/schema.ts` | Example schema with two tables (`items`, `settings`); replace with your domain schema |
+| `src/lib/types.generated.ts` | Placeholder for Vite-plugin-generated TypeScript interfaces |
+| `src/lib/types.ts` | App-specific type stubs and re-exports |
+| `src/lib/components/UpdatePrompt.svelte` | PWA update prompt that appears when a new service worker is waiting |
+| `src/lib/demo/mockData.ts` | Mock data seeded into the demo database on each page load |
+| `src/lib/demo/config.ts` | Demo configuration wired into `initEngine()` |
+
+#### What's pre-wired
+
+The skeleton is not just file stubs — the entire auth and engine lifecycle is already connected:
+
+- **Engine bootstrap** — `initEngine()` in `+layout.ts` with your prefix, name, and demo config; `initConfig()` pulls Supabase credentials from `/api/config` at runtime
+- **Auth resolution** — `resolveRootLayout()` in the layout load determines `authMode` (`'none'` | `'offline'` | `'demo'`) and redirects unauthenticated users to login
+- **Single-user PIN gate** — login page handles first-time setup detection, `unlockSingleUser`, `setupSingleUser` inside the login flow, device linking, and persistent lockout
+- **Device verification** — email OTP flow fully wired through login → confirm → BroadcastChannel → login tab reaction
+- **Setup wizard** — multi-step Supabase credential entry, live validation, schema deploy, and user account creation; guarded so it only appears before initial setup
+- **Profile page** — change name, email (with re-verification cooldown and resend), PIN, revoke trusted devices, toggle debug mode, full diagnostics panel, and reset database
+- **Demo mode** — sandboxed IndexedDB, zero Supabase calls, mock profile, seeded data; toggle from `/demo` or profile settings
+- **Adaptive navbar** — top bar on ≥768px, fixed bottom bar on mobile; active state driven by SvelteKit's `page` store; Dynamic Island safe area padding
+- **PWA plumbing** — service worker via `stellarPWA` Vite plugin, Web App Manifest, offline fallback, `UpdatePrompt` for background updates, iOS splash/touch icons
+- **Email templates** — Supabase-compatible HTML templates for signup, email change, and device verification; drop-in replacements for the default Supabase emails
+
+#### Design theme
+
+The skeleton uses a minimal green theme derived from the email templates:
+
+| Token | Value | Use |
+|-------|-------|-----|
+| Primary | `#6B9E6B` | Buttons, active nav, focus rings, borders |
+| Card background | `#0f0f1e` | Modal and card surfaces |
+| Page background | `#111116` | App background |
+| Card border | `#3d5a3d` | Card outlines |
+| Text | `#f0f0ff` | Primary text |
+| Text secondary | `#c8c8e0` | Descriptions, labels |
+| Text muted | `#7878a0` | Hints, timestamps |
+
+All colors are CSS custom properties — override `:root` in your app's global CSS to adopt any theme.
+
+#### Building on the skeleton
+
+After scaffolding, the typical customisation path is:
+
+1. **Define your schema** — edit `src/lib/schema.ts` to replace the example tables with your domain entities; the Vite plugin auto-generates TypeScript interfaces and pushes Supabase migrations on `npm run dev`
+2. **Add app pages** — create new routes under `src/routes/`; import stores and CRUD helpers from `stellar-drive`
+3. **Wire stores** — in `+page.svelte`, create collection/detail stores with `createCollectionStore` / `createDetailStore` and refresh them with `onSyncComplete`
+4. **Customise the navbar** — the root layout's navbar lists only the home and profile links; add your app's sections to the `navItems` array in `+layout.svelte`
+5. **Replace placeholder content** — swap the privacy policy text, update icon SVGs with your actual branding, and fill in the demo mock data with representative records
+6. **Set environment variables** — copy `.env.example` to `.env` and add your Supabase project URL and publishable key; run the setup wizard on first launch to push the schema
+
+#### Prerequisites
+
+- Node.js ≥ 18
+- A [Supabase](https://supabase.com) project (free tier is sufficient)
+- `PUBLIC_SUPABASE_URL` and `PUBLIC_SUPABASE_PUBLISHABLE_DEFAULT_KEY` from the Supabase dashboard (Settings → API)
 
 ---
 
@@ -450,7 +575,8 @@ Import only what you need:
 | `stellar-drive/config` | Runtime config management (`initConfig`, `getConfig`, `setConfig`, `getDexieTableFor`) |
 | `stellar-drive/vite` | Vite plugin (`stellarPWA`) for service worker builds, asset manifests, and schema auto-generation |
 | `stellar-drive/kit` | SvelteKit helpers: server route factories, layout loaders, email confirmation, SW lifecycle, auth hydration |
-| `stellar-drive/components/*` | Svelte components: `SyncStatus`, `DeferredChangesBanner`, `DemoBanner`, `DemoBlockedMessage` |
+| `stellar-drive/toast` | Toast notifications: `addToast`, `dismissToast`, `toastStore`, `ToastVariant` type |
+| `stellar-drive/components/*` | Svelte components: `SyncStatus`, `DeferredChangesBanner`, `DemoBanner`, `DemoBlockedMessage`, `OfflineToast`, `GlobalToast` |
 
 ### Key categories at a glance
 

package/dist/auth/loginGuard.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"loginGuard.d.ts","sourceRoot":"","sources":["../../src/auth/loginGuard.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6CG;AA+CH;;;;;;;GAOG;AACH,MAAM,MAAM,gBAAgB,GAAG,aAAa,GAAG,UAAU,CAAC;AAE1D;;;;;;;GAOG;AACH,MAAM,MAAM,cAAc,GACtB;IAAE,OAAO,EAAE,IAAI,CAAC;IAAC,QAAQ,EAAE,gBAAgB,CAAA;CAAE,GAC7C;IAAE,OAAO,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,MAAM,CAAC;IAAC,YAAY,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC;AA8G7D;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAsB,sBAAsB,IAAI,OAAO,CAAC,MAAM,CAAC,CAQ9D;AAED;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,wBAAsB,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC,CAmE1E;AAED;;;;;;;;;;;GAWG;AACH,wBAAsB,cAAc,IAAI,OAAO,CAAC,IAAI,CAAC,CAUpD;AAED;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,wBAAsB,cAAc,CAAC,QAAQ,EAAE,gBAAgB,GAAG,OAAO,CAAC,IAAI,CAAC,CAgC9E;AAED;;;;;;;;;;;GAWG;AACH,wBAAsB,eAAe,IAAI,OAAO,CAAC,IAAI,CAAC,CASrD"}
+{"version":3,"file":"loginGuard.d.ts","sourceRoot":"","sources":["../../src/auth/loginGuard.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6CG;AAgDH;;;;;;;GAOG;AACH,MAAM,MAAM,gBAAgB,GAAG,aAAa,GAAG,UAAU,CAAC;AAE1D;;;;;;;GAOG;AACH,MAAM,MAAM,cAAc,GACtB;IAAE,OAAO,EAAE,IAAI,CAAC;IAAC,QAAQ,EAAE,gBAAgB,CAAA;CAAE,GAC7C;IAAE,OAAO,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,MAAM,CAAC;IAAC,YAAY,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC;AAuG7D;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAsB,sBAAsB,IAAI,OAAO,CAAC,MAAM,CAAC,CAQ9D;AAED;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,wBAAsB,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC,CAmE1E;AAED;;;;;;;;;;;GAWG;AACH,wBAAsB,cAAc,IAAI,OAAO,CAAC,IAAI,CAAC,CAUpD;AAED;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,wBAAsB,cAAc,CAAC,QAAQ,EAAE,gBAAgB,GAAG,OAAO,CAAC,IAAI,CAAC,CAgC9E;AAED;;;;;;;;;;;GAWG;AACH,wBAAsB,eAAe,IAAI,OAAO,CAAC,IAAI,CAAC,CASrD"}

package/dist/auth/loginGuard.js

@@ -45,7 +45,8 @@
  * @module auth/loginGuard
  */
 import { hashValue } from './crypto';
-import { getEngineConfig, waitForDb } from '../config';
+import { waitForDb } from '../config';
+import { getDb, TABLE } from '../database';
 import { debugLog, debugWarn } from '../debug';
 // =============================================================================
 // CONSTANTS
@@ -92,17 +93,14 @@ let consecutiveLocalFailures = 0;
  */
 async function invalidateCachedHash() {
     try {
-        const config = getEngineConfig();
-        const db = config.db;
-        if (db) {
-            const record = await db.table('singleUserConfig').get('config');
-            if (record && record.gateHash) {
-                await db.table('singleUserConfig').update('config', {
-                    gateHash: undefined,
-                    updatedAt: new Date().toISOString()
-                });
-                debugLog('[LoginGuard] Invalidated single-user gateHash');
-            }
+        const db = getDb();
+        const record = await db.table(TABLE.SINGLE_USER_CONFIG).get('config');
+        if (record && record.gateHash) {
+            await db.table(TABLE.SINGLE_USER_CONFIG).update('config', {
+                gateHash: undefined,
+                updatedAt: new Date().toISOString()
+            });
+            debugLog('[LoginGuard] Invalidated single-user gateHash');
         }
     }
     catch (e) {
@@ -123,10 +121,8 @@ async function readPersistentLockout() {
     };
     try {
         await waitForDb();
-        const db = getEngineConfig().db;
-        if (!db)
-            return zero;
-        const record = await db.table('singleUserConfig').get(PIN_LOCKOUT_KEY);
+        const db = getDb();
+        const record = await db.table(TABLE.SINGLE_USER_CONFIG).get(PIN_LOCKOUT_KEY);
         return record ?? zero;
     }
     catch {
@@ -141,10 +137,7 @@ async function readPersistentLockout() {
  */
 async function writePersistentLockout(record) {
     try {
-        const db = getEngineConfig().db;
-        if (db) {
-            await db.table('singleUserConfig').put(record);
-        }
+        await getDb().table(TABLE.SINGLE_USER_CONFIG).put(record);
     }
     catch (e) {
         debugWarn('[LoginGuard] Failed to write persistent lockout:', e);
@@ -239,12 +232,13 @@ export async function preCheckLogin(input) {
             };
         }
         let cachedHash;
-        const config = getEngineConfig();
-        const db = config.db;
-        if (db) {
-            const record = await db.table('singleUserConfig').get('config');
+        try {
+            const record = await getDb().table(TABLE.SINGLE_USER_CONFIG).get('config');
             cachedHash = record?.gateHash;
         }
+        catch {
+            /* DB not ready yet — fall through to no-cache path */
+        }
         if (cachedHash) {
             /* We have a cached hash -- compare locally before touching the network. */
             const inputHash = await hashValue(input);

package/dist/auth/loginGuard.js.map

@@ -1 +1 @@
-{"version":3,"file":"loginGuard.js","sourceRoot":"","sources":["../../src/auth/loginGuard.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6CG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC;AACrC,OAAO,EAAE,eAAe,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AACvD,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC;AAE/C,gFAAgF;AAChF,YAAY;AACZ,gFAAgF;AAEhF;;;GAGG;AACH,MAAM,uBAAuB,GAAG,CAAC,CAAC;AAElC;;;;;;GAMG;AACH,MAAM,wBAAwB,GAAoD;IAChF,EAAE,QAAQ,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC,GAAG,KAAM,EAAE,EAAE,4BAA4B;IACrE,EAAE,QAAQ,EAAE,EAAE,EAAE,UAAU,EAAE,EAAE,GAAG,KAAM,EAAE,EAAE,4BAA4B;IACvE,EAAE,QAAQ,EAAE,EAAE,EAAE,UAAU,EAAE,CAAC,GAAG,EAAE,GAAG,KAAM,EAAE,EAAE,4BAA4B;IAC3E,EAAE,QAAQ,EAAE,EAAE,EAAE,UAAU,EAAE,EAAE,GAAG,EAAE,GAAG,KAAM,EAAE,CAAC,6BAA6B;CAC7E,CAAC;AAEF,6DAA6D;AAC7D,MAAM,eAAe,GAAG,aAAa,CAAC;AAEtC,gFAAgF;AAChF,kBAAkB;AAClB,gFAAgF;AAEhF;;;GAGG;AACH,IAAI,wBAAwB,GAAG,CAAC,CAAC;AA6CjC,gFAAgF;AAChF,mBAAmB;AACnB,gFAAgF;AAEhF;;;;;;;;GAQG;AACH,KAAK,UAAU,oBAAoB;IACjC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,eAAe,EAAE,CAAC;QACjC,MAAM,EAAE,GAAG,MAAM,CAAC,EAAE,CAAC;QACrB,IAAI,EAAE,EAAE,CAAC;YACP,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAChE,IAAI,MAAM,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;gBAC9B,MAAM,EAAE,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,MAAM,CAAC,QAAQ,EAAE;oBAClD,QAAQ,EAAE,SAAS;oBACnB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;iBACpC,CAAC,CAAC;gBACH,QAAQ,CAAC,+CAA+C,CAAC,CAAC;YAC5D,CAAC;QACH,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,SAAS,CAAC,gDAAgD,EAAE,CAAC,CAAC,CAAC;IACjE,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,qBAAqB;IAClC,MAAM,IAAI,GAAqB;QAC7B,EAAE,EAAE,eAAe;QACnB,YAAY,EAAE,CAAC;QACf,YAAY,EAAE,CAAC;QACf,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAC;IACF,IAAI,CAAC;QACH,MAAM,SAAS,EAAE,CAAC;QAClB,MAAM,EAAE,GAAG,eAAe,EAAE,CAAC,EAAE,CAAC;QAChC,IAAI,CAAC,EAAE;YAAE,OAAO,IAAI,CAAC;QACrB,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QACvE,OAAQ,MAAuC,IAAI,IAAI,CAAC;IAC1D,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,KAAK,UAAU,sBAAsB,CAAC,MAAwB;IAC5D,IAAI,CAAC;QACH,MAAM,EAAE,GAAG,eAAe,EAAE,CAAC,EAAE,CAAC;QAChC,IAAI,EAAE,EAAE,CAAC;YACP,MAAM,EAAE,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACjD,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,SAAS,CAAC,kDAAkD,EAAE,CAAC,CAAC,CAAC;IACnE,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,SAAS,oBAAoB,CAAC,YAAoB;IAChD,IAAI,QAAQ,GAAG,CAAC,CAAC;IACjB,KAAK,MAAM,IAAI,IAAI,wBAAwB,EAAE,CAAC;QAC5C,IAAI,YAAY,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClC,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC;QAC7B,CAAC;IACH,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,gFAAgF;AAChF,aAAa;AACb,gFAAgF;AAEhF;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB;IAC1C,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,qBAAqB,EAAE,CAAC;QAC7C,MAAM,SAAS,GAAG,MAAM,CAAC,YAAY,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACnD,OAAO,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;IACvC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,CAAC;IACX,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,KAAa;IAC/C,IAAI,CAAC;QACH,4DAA4D;QAC5D,MAAM,aAAa,GAAG,MAAM,qBAAqB,EAAE,CAAC;QACpD,MAAM,mBAAmB,GAAG,aAAa,CAAC,YAAY,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACpE,IAAI,mBAAmB,GAAG,CAAC,EAAE,CAAC;YAC5B,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,mBAAmB,GAAG,KAAM,CAAC,CAAC;YACrD,MAAM,QAAQ,GACZ,mBAAmB,IAAI,EAAE,GAAG,KAAM;gBAChC,CAAC,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,mBAAmB,GAAG,CAAC,EAAE,GAAG,KAAM,CAAC,CAAC,QAAQ,IAAI,CAAC,IAAI,CAAC,mBAAmB,GAAG,CAAC,EAAE,GAAG,KAAM,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;gBAC5H,CAAC,CAAC,GAAG,IAAI,UAAU,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;YAC/C,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,yCAAyC,QAAQ,uBAAuB;gBAC/E,YAAY,EAAE,mBAAmB;aAClC,CAAC;QACJ,CAAC;QAED,IAAI,UAA8B,CAAC;QAEnC,MAAM,MAAM,GAAG,eAAe,EAAE,CAAC;QACjC,MAAM,EAAE,GAAG,MAAM,CAAC,EAAE,CAAC;QACrB,IAAI,EAAE,EAAE,CAAC;YACP,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAChE,UAAU,GAAG,MAAM,EAAE,QAAQ,CAAC;QAChC,CAAC;QAED,IAAI,UAAU,EAAE,CAAC;YACf,2EAA2E;YAC3E,MAAM,SAAS,GAAG,MAAM,SAAS,CAAC,KAAK,CAAC,CAAC;YAEzC,IAAI,SAAS,KAAK,UAAU,EAAE,CAAC;gBAC7B;oFACoE;gBACpE,QAAQ,CAAC,uDAAuD,CAAC,CAAC;gBAClE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,aAAa,EAAE,CAAC;YACpD,CAAC;YAED,yEAAyE;YACzE,wBAAwB,EAAE,CAAC;YAC3B,SAAS,CACP,qCAAqC,wBAAwB,IAAI,uBAAuB,GAAG,CAC5F,CAAC;YAEF,IAAI,wBAAwB,IAAI,uBAAuB,EAAE,CAAC;gBACxD;;kCAEkB;gBAClB,SAAS,CAAC,2DAA2D,CAAC,CAAC;gBACvE,MAAM,oBAAoB,EAAE,CAAC;gBAC7B,wBAAwB,GAAG,CAAC,CAAC;gBAC7B,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC;YACjD,CAAC;YAED,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,4BAA4B,EAAE,CAAC;QACjE,CAAC;QAED,qDAAqD;QACrD,QAAQ,CAAC,qDAAqD,CAAC,CAAC;QAChE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC;IACjD,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX;;6CAEqC;QACrC,SAAS,CAAC,4DAA4D,EAAE,CAAC,CAAC,CAAC;QAC3E,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC;IACjD,CAAC;AACH,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc;IAClC,wBAAwB,GAAG,CAAC,CAAC;IAC7B,kDAAkD;IAClD,MAAM,sBAAsB,CAAC;QAC3B,EAAE,EAAE,eAAe;QACnB,YAAY,EAAE,CAAC;QACf,YAAY,EAAE,CAAC;QACf,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAC,CAAC;IACH,QAAQ,CAAC,4CAA4C,CAAC,CAAC;AACzD,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,QAA0B;IAC7D,IAAI,QAAQ,KAAK,aAAa,EAAE,CAAC;QAC/B;wEACgE;QAChE,SAAS,CAAC,4DAA4D,CAAC,CAAC;QACxE,MAAM,oBAAoB,EAAE,CAAC;IAC/B,CAAC;SAAM,CAAC;QACN;6DACqD;QACrD,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,qBAAqB,EAAE,CAAC;YAC7C,MAAM,QAAQ,GAAG,MAAM,CAAC,YAAY,GAAG,CAAC,CAAC;YACzC,MAAM,eAAe,GAAG,oBAAoB,CAAC,QAAQ,CAAC,CAAC;YACvD,MAAM,YAAY,GAAG,eAAe,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC;YAE5E,IAAI,YAAY,GAAG,CAAC,EAAE,CAAC;gBACrB,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,eAAe,GAAG,KAAM,CAAC,CAAC;gBACjD,SAAS,CACP,4CAA4C,IAAI,SAAS,QAAQ,kBAAkB,CACpF,CAAC;YACJ,CAAC;YAED,MAAM,sBAAsB,CAAC;gBAC3B,EAAE,EAAE,eAAe;gBACnB,YAAY,EAAE,QAAQ;gBACtB,YAAY;gBACZ,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACpC,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,SAAS,CAAC,mDAAmD,EAAE,CAAC,CAAC,CAAC;QACpE,CAAC;IACH,CAAC;AACH,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe;IACnC,wBAAwB,GAAG,CAAC,CAAC;IAC7B,MAAM,sBAAsB,CAAC;QAC3B,EAAE,EAAE,eAAe;QACnB,YAAY,EAAE,CAAC;QACf,YAAY,EAAE,CAAC;QACf,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAC,CAAC;IACH,QAAQ,CAAC,0BAA0B,CAAC,CAAC;AACvC,CAAC"}
+{"version":3,"file":"loginGuard.js","sourceRoot":"","sources":["../../src/auth/loginGuard.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6CG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC;AACrC,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AACtC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC;AAE/C,gFAAgF;AAChF,YAAY;AACZ,gFAAgF;AAEhF;;;GAGG;AACH,MAAM,uBAAuB,GAAG,CAAC,CAAC;AAElC;;;;;;GAMG;AACH,MAAM,wBAAwB,GAAoD;IAChF,EAAE,QAAQ,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC,GAAG,KAAM,EAAE,EAAE,4BAA4B;IACrE,EAAE,QAAQ,EAAE,EAAE,EAAE,UAAU,EAAE,EAAE,GAAG,KAAM,EAAE,EAAE,4BAA4B;IACvE,EAAE,QAAQ,EAAE,EAAE,EAAE,UAAU,EAAE,CAAC,GAAG,EAAE,GAAG,KAAM,EAAE,EAAE,4BAA4B;IAC3E,EAAE,QAAQ,EAAE,EAAE,EAAE,UAAU,EAAE,EAAE,GAAG,EAAE,GAAG,KAAM,EAAE,CAAC,6BAA6B;CAC7E,CAAC;AAEF,6DAA6D;AAC7D,MAAM,eAAe,GAAG,aAAa,CAAC;AAEtC,gFAAgF;AAChF,kBAAkB;AAClB,gFAAgF;AAEhF;;;GAGG;AACH,IAAI,wBAAwB,GAAG,CAAC,CAAC;AA6CjC,gFAAgF;AAChF,mBAAmB;AACnB,gFAAgF;AAEhF;;;;;;;;GAQG;AACH,KAAK,UAAU,oBAAoB;IACjC,IAAI,CAAC;QACH,MAAM,EAAE,GAAG,KAAK,EAAE,CAAC;QACnB,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACtE,IAAI,MAAM,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YAC9B,MAAM,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,MAAM,CAAC,QAAQ,EAAE;gBACxD,QAAQ,EAAE,SAAS;gBACnB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACpC,CAAC,CAAC;YACH,QAAQ,CAAC,+CAA+C,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,SAAS,CAAC,gDAAgD,EAAE,CAAC,CAAC,CAAC;IACjE,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,qBAAqB;IAClC,MAAM,IAAI,GAAqB;QAC7B,EAAE,EAAE,eAAe;QACnB,YAAY,EAAE,CAAC;QACf,YAAY,EAAE,CAAC;QACf,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAC;IACF,IAAI,CAAC;QACH,MAAM,SAAS,EAAE,CAAC;QAClB,MAAM,EAAE,GAAG,KAAK,EAAE,CAAC;QACnB,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QAC7E,OAAQ,MAAuC,IAAI,IAAI,CAAC;IAC1D,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,KAAK,UAAU,sBAAsB,CAAC,MAAwB;IAC5D,IAAI,CAAC;QACH,MAAM,KAAK,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAC5D,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,SAAS,CAAC,kDAAkD,EAAE,CAAC,CAAC,CAAC;IACnE,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,SAAS,oBAAoB,CAAC,YAAoB;IAChD,IAAI,QAAQ,GAAG,CAAC,CAAC;IACjB,KAAK,MAAM,IAAI,IAAI,wBAAwB,EAAE,CAAC;QAC5C,IAAI,YAAY,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClC,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC;QAC7B,CAAC;IACH,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,gFAAgF;AAChF,aAAa;AACb,gFAAgF;AAEhF;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB;IAC1C,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,qBAAqB,EAAE,CAAC;QAC7C,MAAM,SAAS,GAAG,MAAM,CAAC,YAAY,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACnD,OAAO,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;IACvC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,CAAC;IACX,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,KAAa;IAC/C,IAAI,CAAC;QACH,4DAA4D;QAC5D,MAAM,aAAa,GAAG,MAAM,qBAAqB,EAAE,CAAC;QACpD,MAAM,mBAAmB,GAAG,aAAa,CAAC,YAAY,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACpE,IAAI,mBAAmB,GAAG,CAAC,EAAE,CAAC;YAC5B,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,mBAAmB,GAAG,KAAM,CAAC,CAAC;YACrD,MAAM,QAAQ,GACZ,mBAAmB,IAAI,EAAE,GAAG,KAAM;gBAChC,CAAC,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,mBAAmB,GAAG,CAAC,EAAE,GAAG,KAAM,CAAC,CAAC,QAAQ,IAAI,CAAC,IAAI,CAAC,mBAAmB,GAAG,CAAC,EAAE,GAAG,KAAM,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;gBAC5H,CAAC,CAAC,GAAG,IAAI,UAAU,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;YAC/C,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,yCAAyC,QAAQ,uBAAuB;gBAC/E,YAAY,EAAE,mBAAmB;aAClC,CAAC;QACJ,CAAC;QAED,IAAI,UAA8B,CAAC;QAEnC,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,KAAK,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAC3E,UAAU,GAAG,MAAM,EAAE,QAAQ,CAAC;QAChC,CAAC;QAAC,MAAM,CAAC;YACP,sDAAsD;QACxD,CAAC;QAED,IAAI,UAAU,EAAE,CAAC;YACf,2EAA2E;YAC3E,MAAM,SAAS,GAAG,MAAM,SAAS,CAAC,KAAK,CAAC,CAAC;YAEzC,IAAI,SAAS,KAAK,UAAU,EAAE,CAAC;gBAC7B;oFACoE;gBACpE,QAAQ,CAAC,uDAAuD,CAAC,CAAC;gBAClE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,aAAa,EAAE,CAAC;YACpD,CAAC;YAED,yEAAyE;YACzE,wBAAwB,EAAE,CAAC;YAC3B,SAAS,CACP,qCAAqC,wBAAwB,IAAI,uBAAuB,GAAG,CAC5F,CAAC;YAEF,IAAI,wBAAwB,IAAI,uBAAuB,EAAE,CAAC;gBACxD;;kCAEkB;gBAClB,SAAS,CAAC,2DAA2D,CAAC,CAAC;gBACvE,MAAM,oBAAoB,EAAE,CAAC;gBAC7B,wBAAwB,GAAG,CAAC,CAAC;gBAC7B,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC;YACjD,CAAC;YAED,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,4BAA4B,EAAE,CAAC;QACjE,CAAC;QAED,qDAAqD;QACrD,QAAQ,CAAC,qDAAqD,CAAC,CAAC;QAChE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC;IACjD,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX;;6CAEqC;QACrC,SAAS,CAAC,4DAA4D,EAAE,CAAC,CAAC,CAAC;QAC3E,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC;IACjD,CAAC;AACH,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc;IAClC,wBAAwB,GAAG,CAAC,CAAC;IAC7B,kDAAkD;IAClD,MAAM,sBAAsB,CAAC;QAC3B,EAAE,EAAE,eAAe;QACnB,YAAY,EAAE,CAAC;QACf,YAAY,EAAE,CAAC;QACf,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAC,CAAC;IACH,QAAQ,CAAC,4CAA4C,CAAC,CAAC;AACzD,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,QAA0B;IAC7D,IAAI,QAAQ,KAAK,aAAa,EAAE,CAAC;QAC/B;wEACgE;QAChE,SAAS,CAAC,4DAA4D,CAAC,CAAC;QACxE,MAAM,oBAAoB,EAAE,CAAC;IAC/B,CAAC;SAAM,CAAC;QACN;6DACqD;QACrD,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,qBAAqB,EAAE,CAAC;YAC7C,MAAM,QAAQ,GAAG,MAAM,CAAC,YAAY,GAAG,CAAC,CAAC;YACzC,MAAM,eAAe,GAAG,oBAAoB,CAAC,QAAQ,CAAC,CAAC;YACvD,MAAM,YAAY,GAAG,eAAe,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC;YAE5E,IAAI,YAAY,GAAG,CAAC,EAAE,CAAC;gBACrB,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,eAAe,GAAG,KAAM,CAAC,CAAC;gBACjD,SAAS,CACP,4CAA4C,IAAI,SAAS,QAAQ,kBAAkB,CACpF,CAAC;YACJ,CAAC;YAED,MAAM,sBAAsB,CAAC;gBAC3B,EAAE,EAAE,eAAe;gBACnB,YAAY,EAAE,QAAQ;gBACtB,YAAY;gBACZ,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACpC,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,SAAS,CAAC,mDAAmD,EAAE,CAAC,CAAC,CAAC;QACpE,CAAC;IACH,CAAC;AACH,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe;IACnC,wBAAwB,GAAG,CAAC,CAAC;IAC7B,MAAM,sBAAsB,CAAC;QAC3B,EAAE,EAAE,eAAe;QACnB,YAAY,EAAE,CAAC;QACf,YAAY,EAAE,CAAC;QACf,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAC,CAAC;IACH,QAAQ,CAAC,0BAA0B,CAAC,CAAC;AACvC,CAAC"}

package/dist/auth/offlineCredentials.d.ts

@@ -25,7 +25,7 @@
  * @module auth/offlineCredentials
  */
 import type { OfflineCredentials } from '../types';
-import type { User, Session } from '@supabase/supabase-js';
+import type { User } from '@supabase/supabase-js';
 /**
  * Cache user credentials for offline login.
  *
@@ -36,8 +36,6 @@ import type { User, Session } from '@supabase/supabase-js';
  * @param email    - The user's email address (used for offline identity matching).
  * @param password - The user's plaintext password. Will be SHA-256-hashed before storage.
  * @param user     - The Supabase `User` object, used to extract `userId` and profile data.
- * @param _session - The Supabase `Session` object. Currently unused but accepted for
- *                   API symmetry with the online auth flow (reserved for future use).
  *
  * @throws {Error} If `email` or `password` is empty (prevents storing incomplete credentials).
  * @throws {Error} If the write-back verification fails (password not persisted in IndexedDB).
@@ -46,14 +44,14 @@ import type { User, Session } from '@supabase/supabase-js';
  * ```ts
  * const { data } = await supabase.auth.signInWithPassword({ email, password });
  * if (data.user && data.session) {
- *   await cacheOfflineCredentials(email, password, data.user, data.session);
+ *   await cacheOfflineCredentials(email, password, data.user);
  * }
  * ```
  *
  * @see {@link getOfflineCredentials} to retrieve the cached credentials.
  * @see {@link clearOfflineCredentials} to remove them on logout.
  */
-export declare function cacheOfflineCredentials(email: string, password: string, user: User, _session: Session): Promise<void>;
+export declare function cacheOfflineCredentials(email: string, password: string, user: User): Promise<void>;
 /**
  * Get cached offline credentials from IndexedDB.
  *

package/dist/auth/offlineCredentials.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"offlineCredentials.d.ts","sourceRoot":"","sources":["../../src/auth/offlineCredentials.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AAGH,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,UAAU,CAAC;AACnD,OAAO,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAC;AAmB3D;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,wBAAsB,uBAAuB,CAC3C,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,EAChB,IAAI,EAAE,IAAI,EACV,QAAQ,EAAE,OAAO,GAChB,OAAO,CAAC,IAAI,CAAC,CA0Cf;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAsB,qBAAqB,IAAI,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC,CAShF;AAMD;;;;;;;;;;;;;GAaG;AACH,wBAAsB,+BAA+B,CACnD,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC/B,OAAO,CAAC,IAAI,CAAC,CAWf;AAED;;;;;;;;;;;;;GAaG;AACH,wBAAsB,uBAAuB,IAAI,OAAO,CAAC,IAAI,CAAC,CAI7D"}
+{"version":3,"file":"offlineCredentials.d.ts","sourceRoot":"","sources":["../../src/auth/offlineCredentials.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AAIH,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,UAAU,CAAC;AACnD,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,uBAAuB,CAAC;AAmBlD;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,wBAAsB,uBAAuB,CAC3C,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,EAChB,IAAI,EAAE,IAAI,GACT,OAAO,CAAC,IAAI,CAAC,CA0Cf;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAsB,qBAAqB,IAAI,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC,CAShF;AAMD;;;;;;;;;;;;;GAaG;AACH,wBAAsB,+BAA+B,CACnD,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC/B,OAAO,CAAC,IAAI,CAAC,CAWf;AAED;;;;;;;;;;;;;GAaG;AACH,wBAAsB,uBAAuB,IAAI,OAAO,CAAC,IAAI,CAAC,CAI7D"}

package/dist/auth/offlineCredentials.js

@@ -25,6 +25,7 @@
  * @module auth/offlineCredentials
  */
 import { getEngineConfig, waitForDb } from '../config';
+import { getDb, TABLE } from '../database';
 import { debugError } from '../debug';
 import { hashValue } from './crypto';
 // =============================================================================
@@ -35,7 +36,7 @@ import { hashValue } from './crypto';
  * in the `offlineCredentials` IndexedDB table. Only one credential set is
  * cached at any time.
  */
-const CREDENTIALS_ID = 'current_user';
+const CREDENTIALS_KEY = 'current_user';
 // =============================================================================
 // PUBLIC API -- Cache & Retrieve
 // =============================================================================
@@ -49,8 +50,6 @@ const CREDENTIALS_ID = 'current_user';
  * @param email    - The user's email address (used for offline identity matching).
  * @param password - The user's plaintext password. Will be SHA-256-hashed before storage.
  * @param user     - The Supabase `User` object, used to extract `userId` and profile data.
- * @param _session - The Supabase `Session` object. Currently unused but accepted for
- *                   API symmetry with the online auth flow (reserved for future use).
  *
  * @throws {Error} If `email` or `password` is empty (prevents storing incomplete credentials).
  * @throws {Error} If the write-back verification fails (password not persisted in IndexedDB).
@@ -59,14 +58,14 @@ const CREDENTIALS_ID = 'current_user';
  * ```ts
  * const { data } = await supabase.auth.signInWithPassword({ email, password });
  * if (data.user && data.session) {
- *   await cacheOfflineCredentials(email, password, data.user, data.session);
+ *   await cacheOfflineCredentials(email, password, data.user);
  * }
  * ```
  *
  * @see {@link getOfflineCredentials} to retrieve the cached credentials.
  * @see {@link clearOfflineCredentials} to remove them on logout.
  */
-export async function cacheOfflineCredentials(email, password, user, _session) {
+export async function cacheOfflineCredentials(email, password, user) {
     /* Validate inputs to prevent storing incomplete credentials that would
        cause confusing verification failures later. */
     if (!email || !password) {
@@ -75,7 +74,7 @@ export async function cacheOfflineCredentials(email, password, user, _session) {
     }
     await waitForDb();
     const config = getEngineConfig();
-    const db = config.db;
+    const db = getDb();
     /* Extract a normalized profile using the host app's profileExtractor,
        or fall back to raw Supabase user_metadata. This allows the host app
        to control which fields are available offline (e.g., firstName, role). */
@@ -84,7 +83,7 @@ export async function cacheOfflineCredentials(email, password, user, _session) {
         : user.user_metadata || {};
     const hashedPassword = await hashValue(password);
     const credentials = {
-        id: CREDENTIALS_ID,
+        id: CREDENTIALS_KEY,
         userId: user.id,
         email: email,
         password: hashedPassword,
@@ -92,12 +91,12 @@ export async function cacheOfflineCredentials(email, password, user, _session) {
         cachedAt: new Date().toISOString()
     };
     /* Use put (upsert) to insert or update the singleton record. */
-    await db.table('offlineCredentials').put(credentials);
+    await db.table(TABLE.OFFLINE_CREDENTIALS).put(credentials);
     /* Paranoid read-back: verify the credentials were stored correctly.
        IndexedDB writes can silently fail in quota-exceeded or private-browsing
        scenarios; catching this early gives a clear error instead of a mysterious
        "wrong password" on the next offline login. */
-    const stored = await db.table('offlineCredentials').get(CREDENTIALS_ID);
+    const stored = await db.table(TABLE.OFFLINE_CREDENTIALS).get(CREDENTIALS_KEY);
     if (!stored || !stored.password) {
         debugError('[Auth] Credentials were not stored correctly - password missing');
         throw new Error('Failed to store credentials: password not persisted');
@@ -122,8 +121,8 @@ export async function cacheOfflineCredentials(email, password, user, _session) {
  */
 export async function getOfflineCredentials() {
     await waitForDb();
-    const db = getEngineConfig().db;
-    const credentials = await db.table('offlineCredentials').get(CREDENTIALS_ID);
+    const db = getDb();
+    const credentials = await db.table(TABLE.OFFLINE_CREDENTIALS).get(CREDENTIALS_KEY);
     if (!credentials) {
         return null;
     }
@@ -151,8 +150,8 @@ export async function updateOfflineCredentialsProfile(profile) {
     if (!credentials) {
         return;
     }
-    const db = getEngineConfig().db;
-    await db.table('offlineCredentials').update(CREDENTIALS_ID, {
+    const db = getDb();
+    await db.table(TABLE.OFFLINE_CREDENTIALS).update(CREDENTIALS_KEY, {
         profile,
         cachedAt: new Date().toISOString()
     });
@@ -173,7 +172,7 @@ export async function updateOfflineCredentialsProfile(profile) {
  */
 export async function clearOfflineCredentials() {
     await waitForDb();
-    const db = getEngineConfig().db;
-    await db.table('offlineCredentials').delete(CREDENTIALS_ID);
+    const db = getDb();
+    await db.table(TABLE.OFFLINE_CREDENTIALS).delete(CREDENTIALS_KEY);
 }
 //# sourceMappingURL=offlineCredentials.js.map

package/dist/auth/offlineCredentials.js.map

@@ -1 +1 @@
-{"version":3,"file":"offlineCredentials.js","sourceRoot":"","sources":["../../src/auth/offlineCredentials.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AAEH,OAAO,EAAE,eAAe,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AAGvD,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AACtC,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC;AAErC,gFAAgF;AAChF,YAAY;AACZ,gFAAgF;AAEhF;;;;GAIG;AACH,MAAM,cAAc,GAAG,cAAc,CAAC;AAEtC,gFAAgF;AAChF,iCAAiC;AACjC,gFAAgF;AAEhF;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,KAAa,EACb,QAAgB,EAChB,IAAU,EACV,QAAiB;IAEjB;sDACkD;IAClD,IAAI,CAAC,KAAK,IAAI,CAAC,QAAQ,EAAE,CAAC;QACxB,UAAU,CAAC,6DAA6D,CAAC,CAAC;QAC1E,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;IAC1E,CAAC;IAED,MAAM,SAAS,EAAE,CAAC;IAClB,MAAM,MAAM,GAAG,eAAe,EAAE,CAAC;IACjC,MAAM,EAAE,GAAG,MAAM,CAAC,EAAG,CAAC;IAEtB;;gFAE4E;IAC5E,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,EAAE,gBAAgB;QAC3C,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,aAAa,IAAI,EAAE,CAAC;QACxD,CAAC,CAAC,IAAI,CAAC,aAAa,IAAI,EAAE,CAAC;IAE7B,MAAM,cAAc,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,CAAC;IAEjD,MAAM,WAAW,GAAuB;QACtC,EAAE,EAAE,cAAc;QAClB,MAAM,EAAE,IAAI,CAAC,EAAE;QACf,KAAK,EAAE,KAAK;QACZ,QAAQ,EAAE,cAAc;QACxB,OAAO;QACP,QAAQ,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACnC,CAAC;IAEF,gEAAgE;IAChE,MAAM,EAAE,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IAEtD;;;qDAGiD;IACjD,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IACxE,IAAI,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;QAChC,UAAU,CAAC,iEAAiE,CAAC,CAAC;QAC9E,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;IACzE,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB;IACzC,MAAM,SAAS,EAAE,CAAC;IAClB,MAAM,EAAE,GAAG,eAAe,EAAE,CAAC,EAAG,CAAC;IACjC,MAAM,WAAW,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IAC7E,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,WAAiC,CAAC;AAC3C,CAAC;AAED,gFAAgF;AAChF,+BAA+B;AAC/B,gFAAgF;AAEhF;;;;;;;;;;;;;GAaG;AACH,MAAM,CAAC,KAAK,UAAU,+BAA+B,CACnD,OAAgC;IAEhC,MAAM,WAAW,GAAG,MAAM,qBAAqB,EAAE,CAAC;IAClD,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO;IACT,CAAC;IAED,MAAM,EAAE,GAAG,eAAe,EAAE,CAAC,EAAG,CAAC;IACjC,MAAM,EAAE,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,MAAM,CAAC,cAAc,EAAE;QAC1D,OAAO;QACP,QAAQ,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACnC,CAAC,CAAC;AACL,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB;IAC3C,MAAM,SAAS,EAAE,CAAC;IAClB,MAAM,EAAE,GAAG,eAAe,EAAE,CAAC,EAAG,CAAC;IACjC,MAAM,EAAE,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;AAC9D,CAAC"}
+{"version":3,"file":"offlineCredentials.js","sourceRoot":"","sources":["../../src/auth/offlineCredentials.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AAEH,OAAO,EAAE,eAAe,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AACvD,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AAG3C,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AACtC,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC;AAErC,gFAAgF;AAChF,YAAY;AACZ,gFAAgF;AAEhF;;;;GAIG;AACH,MAAM,eAAe,GAAG,cAAc,CAAC;AAEvC,gFAAgF;AAChF,iCAAiC;AACjC,gFAAgF;AAEhF;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,KAAa,EACb,QAAgB,EAChB,IAAU;IAEV;sDACkD;IAClD,IAAI,CAAC,KAAK,IAAI,CAAC,QAAQ,EAAE,CAAC;QACxB,UAAU,CAAC,6DAA6D,CAAC,CAAC;QAC1E,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;IAC1E,CAAC;IAED,MAAM,SAAS,EAAE,CAAC;IAClB,MAAM,MAAM,GAAG,eAAe,EAAE,CAAC;IACjC,MAAM,EAAE,GAAG,KAAK,EAAE,CAAC;IAEnB;;gFAE4E;IAC5E,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,EAAE,gBAAgB;QAC3C,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,aAAa,IAAI,EAAE,CAAC;QACxD,CAAC,CAAC,IAAI,CAAC,aAAa,IAAI,EAAE,CAAC;IAE7B,MAAM,cAAc,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,CAAC;IAEjD,MAAM,WAAW,GAAuB;QACtC,EAAE,EAAE,eAAe;QACnB,MAAM,EAAE,IAAI,CAAC,EAAE;QACf,KAAK,EAAE,KAAK;QACZ,QAAQ,EAAE,cAAc;QACxB,OAAO;QACP,QAAQ,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACnC,CAAC;IAEF,gEAAgE;IAChE,MAAM,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IAE3D;;;qDAGiD;IACjD,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;IAC9E,IAAI,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;QAChC,UAAU,CAAC,iEAAiE,CAAC,CAAC;QAC9E,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;IACzE,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB;IACzC,MAAM,SAAS,EAAE,CAAC;IAClB,MAAM,EAAE,GAAG,KAAK,EAAE,CAAC;IACnB,MAAM,WAAW,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;IACnF,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,WAAiC,CAAC;AAC3C,CAAC;AAED,gFAAgF;AAChF,+BAA+B;AAC/B,gFAAgF;AAEhF;;;;;;;;;;;;;GAaG;AACH,MAAM,CAAC,KAAK,UAAU,+BAA+B,CACnD,OAAgC;IAEhC,MAAM,WAAW,GAAG,MAAM,qBAAqB,EAAE,CAAC;IAClD,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO;IACT,CAAC;IAED,MAAM,EAAE,GAAG,KAAK,EAAE,CAAC;IACnB,MAAM,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC,MAAM,CAAC,eAAe,EAAE;QAChE,OAAO;QACP,QAAQ,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACnC,CAAC,CAAC;AACL,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB;IAC3C,MAAM,SAAS,EAAE,CAAC;IAClB,MAAM,EAAE,GAAG,KAAK,EAAE,CAAC;IACnB,MAAM,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;AACpE,CAAC"}

package/dist/auth/offlineSession.d.ts

@@ -51,23 +51,21 @@ import type { OfflineSession } from '../types';
  * console.log('Offline token:', session.offlineToken);
  * ```
  *
- * @see {@link getValidOfflineSession} to retrieve the current session.
+ * @see {@link getOfflineSession} to retrieve the current session.
  * @see {@link clearOfflineSession} to revoke the session on logout.
  */
 export declare function createOfflineSession(userId: string): Promise<OfflineSession>;
 /**
- * Get a valid offline session.
+ * Get the current offline session from IndexedDB.
  *
- * Currently equivalent to `getOfflineSession()` (sessions do not expire),
- * but exists as a separate function to serve as the future hook for
- * adding expiration, rotation, or other validation logic without changing
- * the public API contract.
+ * Sessions do not expire — they are only revoked explicitly on re-authentication
+ * or logout. This function is the single source of truth for offline session state.
  *
- * @returns The current valid offline session, or `null` if no session exists.
+ * @returns The current offline session, or `null` if none exists.
  *
  * @example
  * ```ts
- * const session = await getValidOfflineSession();
+ * const session = await getOfflineSession();
  * if (session) {
  *   console.log('User is authenticated offline:', session.userId);
  * }
@@ -75,7 +73,7 @@ export declare function createOfflineSession(userId: string): Promise<OfflineSes
  *
  * @see {@link createOfflineSession} to create a new session after verification.
  */
-export declare function getValidOfflineSession(): Promise<OfflineSession | null>;
+export declare function getOfflineSession(): Promise<OfflineSession | null>;
 /**
  * Clear the offline session from IndexedDB.
  *

package/dist/auth/offlineSession.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"offlineSession.d.ts","sourceRoot":"","sources":["../../src/auth/offlineSession.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AAGH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;AAgB/C;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,wBAAsB,oBAAoB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC,CAwBlF;AAkBD;;;;;;;;;;;;;;;;;;;GAmBG;AACH,wBAAsB,sBAAsB,IAAI,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC,CAE7E;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAsB,mBAAmB,IAAI,OAAO,CAAC,IAAI,CAAC,CAIzD"}
+{"version":3,"file":"offlineSession.d.ts","sourceRoot":"","sources":["../../src/auth/offlineSession.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AAIH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;AAgB/C;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,wBAAsB,oBAAoB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC,CAwBlF;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAsB,iBAAiB,IAAI,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC,CAKxE;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAsB,mBAAmB,IAAI,OAAO,CAAC,IAAI,CAAC,CAIzD"}

package/dist/auth/offlineSession.js

@@ -27,7 +27,8 @@
  *
  * @module auth/offlineSession
  */
-import { getEngineConfig, waitForDb } from '../config';
+import { waitForDb } from '../config';
+import { getDb, TABLE } from '../database';
 // =============================================================================
 // CONSTANTS
 // =============================================================================
@@ -35,7 +36,7 @@ import { getEngineConfig, waitForDb } from '../config';
  * Singleton key for the offline session record in IndexedDB.
  * Only one offline session exists at any given time.
  */
-const SESSION_ID = 'current_session';
+const SESSION_KEY = 'current_session';
 // =============================================================================
 // PUBLIC API
 // =============================================================================
@@ -62,25 +63,25 @@ const SESSION_ID = 'current_session';
  * console.log('Offline token:', session.offlineToken);
  * ```
  *
- * @see {@link getValidOfflineSession} to retrieve the current session.
+ * @see {@link getOfflineSession} to retrieve the current session.
  * @see {@link clearOfflineSession} to revoke the session on logout.
  */
 export async function createOfflineSession(userId) {
     await waitForDb();
     const now = new Date();
-    const db = getEngineConfig().db;
+    const db = getDb();
     const session = {
-        id: SESSION_ID,
+        id: SESSION_KEY,
         userId: userId,
         offlineToken: crypto.randomUUID(),
         createdAt: now.toISOString()
     };
     /* Use put (upsert) to insert or update the singleton record. */
-    await db.table('offlineSession').put(session);
+    await db.table(TABLE.OFFLINE_SESSION).put(session);
     /* Verify the session was persisted by reading it back. Without this check,
        a silent write failure would leave the user in a "logged in" state with
        no session record, causing downstream auth checks to fail. */
-    const verified = await db.table('offlineSession').get(SESSION_ID);
+    const verified = await db.table(TABLE.OFFLINE_SESSION).get(SESSION_KEY);
     if (!verified) {
         throw new Error('Failed to persist offline session');
     }
@@ -89,31 +90,14 @@ export async function createOfflineSession(userId) {
 /**
  * Get the current offline session from IndexedDB.
  *
- * This is an internal helper -- external callers should use
- * {@link getValidOfflineSession} instead, which may include additional
- * validation in the future (e.g., expiration checks).
+ * Sessions do not expire — they are only revoked explicitly on re-authentication
+ * or logout. This function is the single source of truth for offline session state.
  *
  * @returns The current offline session, or `null` if none exists.
- */
-async function getOfflineSession() {
-    await waitForDb();
-    const db = getEngineConfig().db;
-    const session = await db.table('offlineSession').get(SESSION_ID);
-    return session || null;
-}
-/**
- * Get a valid offline session.
- *
- * Currently equivalent to `getOfflineSession()` (sessions do not expire),
- * but exists as a separate function to serve as the future hook for
- * adding expiration, rotation, or other validation logic without changing
- * the public API contract.
- *
- * @returns The current valid offline session, or `null` if no session exists.
  *
  * @example
  * ```ts
- * const session = await getValidOfflineSession();
+ * const session = await getOfflineSession();
  * if (session) {
  *   console.log('User is authenticated offline:', session.userId);
  * }
@@ -121,8 +105,11 @@ async function getOfflineSession() {
  *
  * @see {@link createOfflineSession} to create a new session after verification.
  */
-export async function getValidOfflineSession() {
-    return await getOfflineSession();
+export async function getOfflineSession() {
+    await waitForDb();
+    const db = getDb();
+    const session = await db.table(TABLE.OFFLINE_SESSION).get(SESSION_KEY);
+    return session || null;
 }
 /**
  * Clear the offline session from IndexedDB.
@@ -142,7 +129,7 @@ export async function getValidOfflineSession() {
  */
 export async function clearOfflineSession() {
     await waitForDb();
-    const db = getEngineConfig().db;
-    await db.table('offlineSession').delete(SESSION_ID);
+    const db = getDb();
+    await db.table(TABLE.OFFLINE_SESSION).delete(SESSION_KEY);
 }
 //# sourceMappingURL=offlineSession.js.map