wabe 0.6.6 → 0.6.7

package/dist/authentication/interface.d.ts

@@ -85,6 +85,10 @@ export interface SessionConfig {
 	* Set to true to automatically store the session tokens in cookies
 	*/
 	cookieSession?: boolean;
+	/**
+	* The JWT secret used to sign the session tokens
+	*/
+	jwtSecret: string;
 }
 export interface AuthenticationConfig<T extends WabeTypes> {
 	session?: SessionConfig;

package/dist/index.js

@@ -202,7 +202,7 @@ ${$.toString("base64")}
 `))}else B.enqueue(m9.Buffer.from(`\r
 --${A}--\r
 `)),B.close()}})}function m01($,A,F){return Object.defineProperty(A,"name",{configurable:!0,enumerable:!0,value:F||A.name||$}),A}function v01($){return $?.arrayBuffer!=null}});var gY=C((x01)=>{Object.defineProperty(x01,"__esModule",{value:!0});x01.PonyfillBody=void 0;var ls1=dY(),A7=p("node:buffer"),x8=p("node:stream"),cs1=ls1.__importDefault(o11()),IB=fY(),as1=mV(),p01=xV(),v9=JA(),J4=D9(),y2;(function($){$.ReadableStream="ReadableStream",$.Blob="Blob",$.FormData="FormData",$.String="String",$.Readable="Readable",$.Buffer="Buffer",$.AsyncIterable="AsyncIterable"})(y2||(y2={}));class g01{bodyInit;options;bodyUsed=!1;contentType=null;contentLength=null;constructor($,A={}){this.bodyInit=$,this.options=A;let{bodyFactory:F,contentType:D,contentLength:B,bodyType:E,buffer:w}=is1($);this._bodyFactory=F,this.contentType=D,this.contentLength=B,this.bodyType=E,this._buffer=w}bodyType;_bodyFactory=()=>null;_generatedBody=null;_buffer;generateBody(){if(this._generatedBody?.readable?.destroyed&&this._buffer)this._generatedBody.readable=x8.Readable.from(this._buffer);if(this._generatedBody)return this._generatedBody;let $=this._bodyFactory();return this._generatedBody=$,$}handleContentLengthHeader($=!1){let A=this.headers.get("content-type");if(!A){if(this.contentType)this.headers.set("content-type",this.contentType)}else this.contentType=A;let F=this.headers.get("content-length");if($&&this.bodyInit==null&&!F)this.contentLength=0,this.headers.set("content-length","0");if(!F){if(this.contentLength)this.headers.set("content-length",this.contentLength.toString())}else this.contentLength=parseInt(F,10)}get body(){let $=this.generateBody();if($!=null){let A=$,F=$.readable;return new Proxy($.readable,{get(D,B){if(B in A){let E=A[B];if(typeof E==="function")return E.bind(A);return E}if(B in F){let E=F[B];if(typeof E==="function")return E.bind(F);return E}}})}return null}_chunks=null;_collectChunksFromReadable(){if(this._chunks)return J4.fakePromise(this._chunks);if(this.bodyType===y2.AsyncIterable){let A=this.bodyInit[Symbol.asyncIterator](),F=()=>{return A.next().then(({value:D,done:B})=>{if(this._chunks||=[],D)this._chunks.push(D);if(!B)return F();return this._chunks})};return F()}let $=this.generateBody();if(!$)return J4.fakePromise([]);return this._chunks=[],$.readable.on("data",(A)=>{this._chunks.push(A)}),new Promise((A,F)=>{$.readable.once("end",()=>{A(this._chunks)}),$.readable.once("error",(D)=>{F(D)})})}_blob=null;blob(){if(this._blob)return J4.fakePromise(this._blob);if(this.bodyType===y2.Blob)return this._blob=this.bodyInit,J4.fakePromise(this._blob);if(this._buffer)return this._blob=new IB.PonyfillBlob([this._buffer],{type:this.contentType||"",size:this.contentLength}),J4.fakePromise(this._blob);return this._collectChunksFromReadable().then(($)=>{return this._blob=new IB.PonyfillBlob($,{type:this.contentType||"",size:this.contentLength}),this._blob})}_formData=null;formData($){if(this._formData)return J4.fakePromise(this._formData);if(this.bodyType===y2.FormData)return this._formData=this.bodyInit,J4.fakePromise(this._formData);this._formData=new p01.PonyfillFormData;let A=this.generateBody();if(A==null)return J4.fakePromise(this._formData);let F={...this.options.formDataLimits,...$?.formDataLimits};return new Promise((D,B)=>{let E=cs1.default({headers:{"content-type":this.contentType||""},limits:F,defParamCharset:"utf-8"});E.on("field",(w,Z,{nameTruncated:J,valueTruncated:Y})=>{if(J)B(new Error(`Field name size exceeded: ${F?.fieldNameSize} bytes`));if(Y)B(new Error(`Field value size exceeded: ${F?.fieldSize} bytes`));this._formData.set(w,Z)}),E.on("fieldsLimit",()=>{B(new Error(`Fields limit exceeded: ${F?.fields}`))}),E.on("file",(w,Z,{filename:J,mimeType:Y})=>{let W=[];Z.on("limit",()=>{B(new Error(`File size limit exceeded: ${F?.fileSize} bytes`))}),Z.on("data",(X)=>{W.push(X)}),Z.on("close",()=>{if(Z.truncated)B(new Error(`File size limit exceeded: ${F?.fileSize} bytes`));let X=new as1.PonyfillFile(W,J,{type:Y});this._formData.set(w,X)})}),E.on("filesLimit",()=>{B(new Error(`Files limit exceeded: ${F?.files}`))}),E.on("partsLimit",()=>{B(new Error(`Parts limit exceeded: ${F?.parts}`))}),E.on("close",()=>{D(this._formData)}),E.on("error",(w="An error occurred while parsing the form data")=>{let Z=w.message||w.toString();B(new TypeError(Z,w.cause))}),A?.readable.pipe(E)})}buffer(){if(this._buffer)return J4.fakePromise(this._buffer);if(this.bodyType===y2.Blob){if(IB.hasBufferMethod(this.bodyInit))return this.bodyInit.buffer().then(($)=>{return this._buffer=$,this._buffer});if(IB.hasBytesMethod(this.bodyInit))return this.bodyInit.bytes().then(($)=>{return this._buffer=A7.Buffer.from($),this._buffer});if(IB.hasArrayBufferMethod(this.bodyInit))return this.bodyInit.arrayBuffer().then(($)=>{return this._buffer=A7.Buffer.from($,void 0,$.byteLength),this._buffer})}return this._collectChunksFromReadable().then(($)=>{if($.length===1)return this._buffer=$[0],this._buffer;return this._buffer=A7.Buffer.concat($),this._buffer})}bytes(){return this.buffer()}arrayBuffer(){return this.buffer()}_json=null;json(){if(this._json)return J4.fakePromise(this._json);return this.text().then(($)=>{try{this._json=JSON.parse($)}catch(A){if(A instanceof SyntaxError)A.message+=`, "${$}" is not valid JSON`;throw A}return this._json})}_text=null;text(){if(this._text)return J4.fakePromise(this._text);if(this.bodyType===y2.String)return this._text=this.bodyInit,J4.fakePromise(this._text);return this.buffer().then(($)=>{return this._text=$.toString("utf-8"),this._text})}}x01.PonyfillBody=g01;function is1($){if($==null)return{bodyFactory:()=>null,contentType:null,contentLength:null};if(typeof $==="string"){let A=A7.Buffer.from($),F=A.byteLength;return{bodyType:y2.String,contentType:"text/plain;charset=UTF-8",contentLength:F,buffer:A,bodyFactory(){let D=x8.Readable.from(A);return new v9.PonyfillReadableStream(D)}}}if(A7.Buffer.isBuffer($))return{bodyType:y2.Buffer,contentType:null,contentLength:$.length,buffer:$,bodyFactory(){let A=x8.Readable.from($);return new v9.PonyfillReadableStream(A)}};if(J4.isArrayBufferView($)){let A=A7.Buffer.from($.buffer,$.byteOffset,$.byteLength);return{bodyType:y2.Buffer,contentLength:$.byteLength,contentType:null,buffer:A,bodyFactory(){let F=x8.Readable.from(A);return new v9.PonyfillReadableStream(F)}}}if($ instanceof v9.PonyfillReadableStream&&$.readable!=null)return{bodyType:y2.ReadableStream,bodyFactory:()=>$,contentType:null,contentLength:null};if(ns1($))return{bodyType:y2.Blob,contentType:$.type,contentLength:$.size,bodyFactory(){return $.stream()}};if($ instanceof ArrayBuffer){let A=$.byteLength,F=A7.Buffer.from($,void 0,$.byteLength);return{bodyType:y2.Buffer,contentType:null,contentLength:A,buffer:F,bodyFactory(){let D=x8.Readable.from(F);return new v9.PonyfillReadableStream(D)}}}if($ instanceof x8.Readable)return{bodyType:y2.Readable,contentType:null,contentLength:null,bodyFactory(){return new v9.PonyfillReadableStream($)}};if(rs1($))return{bodyType:y2.String,contentType:"application/x-www-form-urlencoded;charset=UTF-8",contentLength:null,bodyFactory(){return new v9.PonyfillReadableStream(x8.Readable.from($.toString()))}};if(ss1($)){let A=Math.random().toString(36).substr(2),F=`multipart/form-data; boundary=${A}`;return{bodyType:y2.FormData,contentType:F,contentLength:null,bodyFactory(){return p01.getStreamFromFormData($,A)}}}if(ts1($))return{contentType:null,contentLength:null,bodyFactory(){return new v9.PonyfillReadableStream($)}};if($[Symbol.iterator]||$[Symbol.asyncIterator])return{contentType:null,contentLength:null,bodyType:y2.AsyncIterable,bodyFactory(){let A=x8.Readable.from($);return new v9.PonyfillReadableStream(A)}};throw new Error("Unknown body type")}function ss1($){return $?.forEach!=null}function ns1($){return $?.stream!=null&&typeof $.stream==="function"}function rs1($){return $?.sort!=null}function ts1($){return $?.getReader!=null}});var xY=C((c01)=>{Object.defineProperty(c01,"__esModule",{value:!0});c01.PonyfillHeaders=void 0;c01.isHeadersLike=F7;var os1=p("node:util"),yV=pY();function F7($){return $?.get&&$?.forEach}class l01{headersInit;_map;objectNormalizedKeysOfHeadersInit=[];objectOriginalKeysOfHeadersInit=[];_setCookies;constructor($){this.headersInit=$}_get($){let A=$.toLowerCase();if(A==="set-cookie"&&this._setCookies?.length)return this._setCookies.join(", ");if(this._map)return this._map.get(A)||null;if(this.headersInit==null)return null;if(Array.isArray(this.headersInit)){let F=this.headersInit.filter(([D])=>D.toLowerCase()===A);if(F.length===0)return null;if(F.length===1)return F[0][1];return F.map(([,D])=>D).join(", ")}else if(F7(this.headersInit))return this.headersInit.get(A);else{let F=this.headersInit[$]||this.headersInit[A];if(F!=null)return F;if(!this.objectNormalizedKeysOfHeadersInit.length)Object.keys(this.headersInit).forEach((E)=>{this.objectOriginalKeysOfHeadersInit.push(E),this.objectNormalizedKeysOfHeadersInit.push(E.toLowerCase())});let D=this.objectNormalizedKeysOfHeadersInit.indexOf(A);if(D===-1)return null;let B=this.objectOriginalKeysOfHeadersInit[D];return this.headersInit[B]}}getMap(){if(!this._map)if(this._setCookies=[],this.headersInit!=null)if(Array.isArray(this.headersInit)){this._map=new Map;for(let[$,A]of this.headersInit){let F=$.toLowerCase();if(F==="set-cookie"){this._setCookies.push(A);continue}this._map.set(F,A)}}else if(F7(this.headersInit))this._map=new Map,this.headersInit.forEach(($,A)=>{if(A==="set-cookie"){this._setCookies||=[],this._setCookies.push($);return}this._map.set(A,$)});else{this._map=new Map;for(let $ in this.headersInit){let A=this.headersInit[$];if(A!=null){let F=$.toLowerCase();if(F==="set-cookie"){this._setCookies||=[],this._setCookies.push(A);continue}this._map.set(F,A)}}}else this._map=new Map;return this._map}append($,A){let F=$.toLowerCase();if(F==="set-cookie"){this._setCookies||=[],this._setCookies.push(A);return}let D=this.getMap().get(F),B=D?`${D}, ${A}`:A;this.getMap().set(F,B)}get($){let A=this._get($);if(A==null)return null;return A.toString()}has($){if($==="set-cookie")return!!this._setCookies?.length;return!!this._get($)}set($,A){let F=$.toLowerCase();if(F==="set-cookie"){this._setCookies=[A];return}this.getMap().set(F,A)}delete($){let A=$.toLowerCase();if(A==="set-cookie"){this._setCookies=[];return}this.getMap().delete(A)}forEach($){if(this._setCookies?.forEach((A)=>{$(A,"set-cookie",this)}),!this._map){if(this.headersInit){if(Array.isArray(this.headersInit)){this.headersInit.forEach(([A,F])=>{$(F,A,this)});return}if(F7(this.headersInit)){this.headersInit.forEach($);return}Object.entries(this.headersInit).forEach(([A,F])=>{if(F!=null)$(F,A,this)})}return}this.getMap().forEach((A,F)=>{$(A,F,this)})}*_keys(){if(this._setCookies?.length)yield"set-cookie";if(!this._map){if(this.headersInit){if(Array.isArray(this.headersInit)){yield*this.headersInit.map(([$])=>$)[Symbol.iterator]();return}if(F7(this.headersInit)){yield*this.headersInit.keys();return}yield*Object.keys(this.headersInit)[Symbol.iterator]();return}}yield*this.getMap().keys()}keys(){return new yV.PonyfillIteratorObject(this._keys(),"HeadersIterator")}*_values(){if(this._setCookies?.length)yield*this._setCookies;if(!this._map){if(this.headersInit){if(Array.isArray(this.headersInit)){yield*this.headersInit.map(([,$])=>$)[Symbol.iterator]();return}if(F7(this.headersInit)){yield*this.headersInit.values();return}yield*Object.values(this.headersInit)[Symbol.iterator]();return}}yield*this.getMap().values()}values(){return new yV.PonyfillIteratorObject(this._values(),"HeadersIterator")}*_entries(){if(this._setCookies?.length)yield*this._setCookies.map(($)=>["set-cookie",$]);if(!this._map){if(this.headersInit){if(Array.isArray(this.headersInit)){yield*this.headersInit;return}if(F7(this.headersInit)){yield*this.headersInit.entries();return}yield*Object.entries(this.headersInit);return}}yield*this.getMap().entries()}entries(){return new yV.PonyfillIteratorObject(this._entries(),"HeadersIterator")}getSetCookie(){if(!this._setCookies)this.getMap();return this._setCookies}[Symbol.iterator](){return this.entries()}[Symbol.for("nodejs.util.inspect.custom")](){let $={};return this.forEach((A,F)=>{if(F==="set-cookie")$["set-cookie"]=this._setCookies||[];else $[F]=A?.includes(",")?A.split(",").map((D)=>D.trim()):A}),`Headers ${os1.inspect($)}`}}c01.PonyfillHeaders=l01});var RB=C((i01)=>{Object.defineProperty(i01,"__esModule",{value:!0});i01.PonyfillResponse=void 0;var $n1=p("node:http"),An1=gY(),yY=xY(),Fn1="application/json; charset=utf-8";class jB extends An1.PonyfillBody{headers;constructor($,A){super($||null,A);this.headers=A?.headers&&yY.isHeadersLike(A.headers)?A.headers:new yY.PonyfillHeaders(A?.headers),this.status=A?.status||200,this.statusText=A?.statusText||$n1.STATUS_CODES[this.status]||"OK",this.url=A?.url||"",this.redirected=A?.redirected||!1,this.type=A?.type||"default",this.handleContentLengthHeader()}get ok(){return this.status>=200&&this.status<300}status;statusText;url;redirected;type;clone(){return this}static error(){return new jB(null,{status:500,statusText:"Internal Server Error"})}static redirect($,A=302){if(A<300||A>399)throw new RangeError("Invalid status code");return new jB(null,{headers:{location:$},status:A})}static json($,A={}){if(A.headers=A?.headers&&yY.isHeadersLike(A.headers)?A.headers:new yY.PonyfillHeaders(A?.headers),!A.headers.has("content-type"))A.headers.set("content-type",Fn1);return new jB(JSON.stringify($),A)}}i01.PonyfillResponse=jB});var t01=C((r01)=>{Object.defineProperty(r01,"__esModule",{value:!0});r01.fetchCurl=Zn1;var n01=p("node:stream"),Dn1=p("node:stream/promises"),Bn1=p("node:tls"),En1=SY(),wn1=RB(),lV=D9();function Zn1($){let{Curl:A,CurlFeature:F,CurlPause:D,CurlProgressFunc:B}=globalThis.libcurl,E=new A;if(E.enable(F.NoDataParsing),E.setOpt("URL",$.url),process.env.NODE_TLS_REJECT_UNAUTHORIZED==="0")E.setOpt("SSL_VERIFYPEER",!1);if(process.env.NODE_EXTRA_CA_CERTS)E.setOpt("CAINFO",process.env.NODE_EXTRA_CA_CERTS);else E.setOpt("CAINFO_BLOB",Bn1.rootCertificates.join(`
-`));if(E.enable(F.StreamResponse),E.setStreamProgressCallback(function(){return $.signal.aborted?process.env.DEBUG?B.Continue:1:0}),$.bodyType==="String")E.setOpt("POSTFIELDS",$.bodyInit);else{let U=$.body!=null?lV.isNodeReadable($.body)?$.body:n01.Readable.from($.body):null;if(U)E.setOpt("UPLOAD",!0),E.setUploadStream(U)}if(process.env.DEBUG)E.setOpt("VERBOSE",!0);E.setOpt("TRANSFER_ENCODING",!1),E.setOpt("HTTP_TRANSFER_DECODING",!0),E.setOpt("FOLLOWLOCATION",$.redirect==="follow"),E.setOpt("MAXREDIRS",20),E.setOpt("ACCEPT_ENCODING",""),E.setOpt("CUSTOMREQUEST",$.method);let w=$.headersSerializer||lV.defaultHeadersSerializer,Z,J=w($.headers,(U)=>{Z=Number(U)});if(Z!=null)E.setOpt("INFILESIZE",Z);E.setOpt("HTTPHEADER",J),E.enable(F.NoHeaderParsing);let Y=En1.createDeferredPromise(),W;function X(){if(E.isOpen)try{E.pause(D.Recv)}catch(U){Y.reject(U)}}if($.signal)$.signal.addEventListener("abort",X,{once:!0});return E.once("end",function U(){try{E.close()}catch(H){Y.reject(H)}if($.signal)$.signal.removeEventListener("abort",X)}),E.once("error",function U(H){if(W&&!W.closed&&!W.destroyed)W.destroy(H);else{if(H.message==="Operation was aborted by an application callback")H.message="The operation was aborted.";Y.reject(H)}try{E.close()}catch(Q){Y.reject(Q)}}),E.once("stream",function U(H,Q,q){let V=new n01.PassThrough;Dn1.pipeline(H,V,{end:!0,signal:$.signal}).then(()=>{if(!H.destroyed)H.resume()}).catch(Y.reject);let h=q.toString("utf8").split(/\r?\n|\r/g).filter((T)=>{if(T&&!T.startsWith("HTTP/")){if($.redirect==="error"&&T.toLowerCase().includes("location")&&lV.shouldRedirect(Q)){if(!H.destroyed)H.resume();V.destroy(),Y.reject(new Error("redirect is not allowed"))}return!0}return!1}).map((T)=>T.split(/:\s(.+)/).slice(0,2)),P=new wn1.PonyfillResponse(V,{status:Q,headers:h,url:E.getInfo(A.info.REDIRECT_URL)?.toString()||$.url,redirected:Number(E.getInfo(A.info.REDIRECT_COUNT))>0});Y.resolve(P),W=V}),setImmediate(()=>{E.perform()}),Y.promise}});var LB=C((e01)=>{Object.defineProperty(e01,"__esModule",{value:!0});e01.PonyfillURL=void 0;var Yn1=dY(),Wn1=Yn1.__importDefault(p("node:buffer")),Xn1=p("node:crypto");class o01 extends URL{static blobRegistry=new Map;static createObjectURL($){let A=`blob:whatwgnode:${Xn1.randomUUID()}`;return this.blobRegistry.set(A,$),A}static revokeObjectURL($){if(!this.blobRegistry.has($))URL.revokeObjectURL($);else this.blobRegistry.delete($)}static getBlobFromURL($){return this.blobRegistry.get($)||Wn1.default?.resolveObjectURL?.($)}}e01.PonyfillURL=o01});var lY=C((D21)=>{Object.defineProperty(D21,"__esModule",{value:!0});D21.PonyfillRequest=void 0;var Un1=p("node:http"),Hn1=p("node:https"),Qn1=gY(),A21=xY(),Cn1=LB();function Gn1($){return $[Symbol.toStringTag]==="Request"}function Kn1($){return $?.href!=null}class F21 extends Qn1.PonyfillBody{constructor($,A){let F,D,B=null,E;if(typeof $==="string")F=$;else if(Kn1($))D=$;else if(Gn1($)){if($._parsedUrl)D=$._parsedUrl;else if($._url)F=$._url;else F=$.url;B=$.body,E=$}if(A!=null)B=A.body||null,E=A;super(B,A);if(this._url=F,this._parsedUrl=D,this.cache=E?.cache||"default",this.credentials=E?.credentials||"same-origin",this.headers=E?.headers&&A21.isHeadersLike(E.headers)?E.headers:new A21.PonyfillHeaders(E?.headers),this.integrity=E?.integrity||"",this.keepalive=E?.keepalive!=null?E?.keepalive:!1,this.method=E?.method?.toUpperCase()||"GET",this.mode=E?.mode||"cors",this.redirect=E?.redirect||"follow",this.referrer=E?.referrer||"about:client",this.referrerPolicy=E?.referrerPolicy||"no-referrer",this.signal=E?.signal||new AbortController().signal,this.headersSerializer=E?.headersSerializer,this.duplex=E?.duplex||"half",this.destination="document",this.priority="auto",this.method!=="GET"&&this.method!=="HEAD")this.handleContentLengthHeader(!0);if(E?.agent!=null){let w=D?.protocol||F||this.url;if(E.agent===!1)this.agent=!1;else if(w.startsWith("http:")&&E.agent instanceof Un1.Agent)this.agent=E.agent;else if(w.startsWith("https:")&&E.agent instanceof Hn1.Agent)this.agent=E.agent}}headersSerializer;cache;credentials;destination;headers;integrity;keepalive;method;mode;priority;redirect;referrer;referrerPolicy;_url;get url(){if(this._url==null)if(this._parsedUrl)this._url=this._parsedUrl.toString();else throw new TypeError("Invalid URL");return this._url}_parsedUrl;get parsedUrl(){if(this._parsedUrl==null)if(this._url!=null)this._parsedUrl=new Cn1.PonyfillURL(this._url,"http://localhost");else throw new TypeError("Invalid URL");return this._parsedUrl}duplex;agent;signal;clone(){return this}[Symbol.toStringTag]="Request"}D21.PonyfillRequest=F21});var Y21=C((J21)=>{Object.defineProperty(J21,"__esModule",{value:!0});J21.fetchNodeHttp=Z21;var w21=p("node:http"),qn1=p("node:https"),E21=p("node:stream"),zn1=p("node:stream/promises"),cY=p("node:zlib"),Vn1=lY(),un1=RB(),Pn1=LB(),cV=D9();function Mn1($){if($.startsWith("http:"))return w21.request;else if($.startsWith("https:"))return qn1.request;throw new Error(`Unsupported protocol: ${$.split(":")[0]||$}`)}function Z21($){return new Promise((A,F)=>{try{let D=Mn1($.parsedUrl?.protocol||$.url),B=$.body!=null?cV.isNodeReadable($.body)?$.body:E21.Readable.from($.body):null,w=($.headersSerializer||cV.getHeadersObj)($.headers);if(w["accept-encoding"]==null)w["accept-encoding"]="gzip, deflate, br";let Z;if($.parsedUrl)Z=D($.parsedUrl,{method:$.method,headers:w,signal:$.signal,agent:$.agent});else Z=D($.url,{method:$.method,headers:w,signal:$.signal,agent:$.agent});if(Z.once("response",(J)=>{let Y;switch(J.headers["content-encoding"]){case"x-gzip":case"gzip":Y=cY.createGunzip();break;case"x-deflate":case"deflate":Y=cY.createInflate();break;case"x-deflate-raw":case"deflate-raw":Y=cY.createInflateRaw();break;case"br":Y=cY.createBrotliDecompress();break;default:Y=new E21.PassThrough}if(J.headers.location&&cV.shouldRedirect(J.statusCode)){if($.redirect==="error"){let Q=new Error("Redirects are not allowed");F(Q),J.resume();return}if($.redirect==="follow"){let Q=new Pn1.PonyfillURL(J.headers.location,$.parsedUrl||$.url),q=Z21(new Vn1.PonyfillRequest(Q,$));A(q.then((V)=>{return V.redirected=!0,V})),J.resume();return}}zn1.pipeline(J,Y,{signal:$.signal,end:!0}).then(()=>{if(!J.destroyed)J.resume()}).catch(F);let X=J.statusCode||200,U=J.statusMessage||w21.STATUS_CODES[X];if(U==null)U="";let H=new un1.PonyfillResponse(Y,{status:X,statusText:U,headers:J.headers,url:$.url});A(H)}),Z.once("error",F),B)B.pipe(Z);else Z.end()}catch(D){F(D)}})}});var Q21=C((H21)=>{Object.defineProperty(H21,"__esModule",{value:!0});H21.fetchPonyfill=U21;var jn1=p("node:buffer"),aY=p("node:fs"),Rn1=p("node:url"),Ln1=t01(),Tn1=Y21(),Sn1=lY(),YA=RB(),On1=LB(),W21=D9(),X21=";base64";async function hn1($){let A=Rn1.fileURLToPath($);try{await aY.promises.access(A,aY.promises.constants.R_OK);let F=await aY.promises.stat(A,{bigint:!0}),D=aY.createReadStream(A);return new YA.PonyfillResponse(D,{status:200,statusText:"OK",headers:{"content-type":"application/octet-stream","last-modified":F.mtime.toUTCString()}})}catch(F){if(F.code==="ENOENT")return new YA.PonyfillResponse(null,{status:404,statusText:"Not Found"});else if(F.code==="EACCES")return new YA.PonyfillResponse(null,{status:403,statusText:"Forbidden"});throw F}}function Nn1($){let[A="text/plain",...F]=$.substring(5).split(","),D=decodeURIComponent(F.join(","));if(A.endsWith(X21)){let B=jn1.Buffer.from(D,"base64url"),E=A.slice(0,-X21.length);return new YA.PonyfillResponse(B,{status:200,statusText:"OK",headers:{"content-type":E}})}return new YA.PonyfillResponse(D,{status:200,statusText:"OK",headers:{"content-type":A}})}function dn1($){let A=On1.PonyfillURL.getBlobFromURL($);if(!A)throw new TypeError("Invalid Blob URL");return new YA.PonyfillResponse(A,{status:200,headers:{"content-type":A.type,"content-length":A.size.toString()}})}function kn1($){return $!=null&&$.href!=null}function U21($,A){if(typeof $==="string"||kn1($)){let D=new Sn1.PonyfillRequest($,A);return U21(D)}let F=$;if(F.url.startsWith("data:")){let D=Nn1(F.url);return W21.fakePromise(D)}if(F.url.startsWith("file:"))return hn1(F.url);if(F.url.startsWith("blob:")){let D=dn1(F.url);return W21.fakePromise(D)}if(globalThis.libcurl&&!F.agent)return Ln1.fetchCurl(F);return Tn1.fetchNodeHttp(F)}});var aV=C((K21)=>{Object.defineProperty(K21,"__esModule",{value:!0});K21.PonyfillTextDecoder=K21.PonyfillTextEncoder=void 0;K21.PonyfillBtoa=fn1;var TB=p("node:buffer"),vn1=D9();class C21{encoding;constructor($="utf-8"){this.encoding=$}encode($){return TB.Buffer.from($,this.encoding)}encodeInto($,A){let D=this.encode($).copy(A);return{read:D,written:D}}}K21.PonyfillTextEncoder=C21;class G21{encoding;fatal=!1;ignoreBOM=!1;constructor($="utf-8",A){if(this.encoding=$,A)this.fatal=A.fatal||!1,this.ignoreBOM=A.ignoreBOM||!1}decode($){if(TB.Buffer.isBuffer($))return $.toString(this.encoding);if(vn1.isArrayBufferView($))return TB.Buffer.from($.buffer,$.byteOffset,$.byteLength).toString(this.encoding);return TB.Buffer.from($).toString(this.encoding)}}K21.PonyfillTextDecoder=G21;function fn1($){return TB.Buffer.from($,"binary").toString("base64")}});var u21=C((z21)=>{Object.defineProperty(z21,"__esModule",{value:!0});z21.PonyfillURLSearchParams=void 0;z21.PonyfillURLSearchParams=globalThis.URLSearchParams});var nV=C((M21)=>{Object.defineProperty(M21,"__esModule",{value:!0});M21.PonyfillWritableStream=void 0;var iV=p("node:stream"),sV=D9();class P21{writable;constructor($){if($ instanceof iV.Writable)this.writable=$;else if($){let A=new iV.Writable({write(B,E,w){try{let Z=$.write?.(B,D);if(Z instanceof Promise)Z.then(()=>{w()},(J)=>{w(J)});else w()}catch(Z){w(Z)}},final(B){let E=$.close?.();if(E instanceof Promise)E.then(()=>{B()},(w)=>{B(w)});else B()}});this.writable=A;let F=new AbortController,D={signal:F.signal,error(B){A.destroy(B)}};A.once("error",(B)=>F.abort(B)),A.once("close",()=>F.abort())}else this.writable=new iV.Writable}getWriter(){let $=this.writable;return{closed:new Promise((A)=>{$.once("close",()=>{A(void 0)})}),get desiredSize(){return $.writableLength},ready:new Promise((A)=>{$.once("drain",()=>{A(void 0)})}),releaseLock(){},write(A){if(A==null)return sV.fakePromise();return new Promise((F,D)=>{$.write(A,(B)=>{if(B)D(B);else F()})})},close(){if(!$.errored&&$.closed)return sV.fakePromise();return new Promise((A,F)=>{if($.errored)F($.errored);else $.end((D)=>{if(D)F(D);else A()})})},abort(A){return new Promise((F)=>{$.destroy(A),$.once("close",F)})}}}close(){if(!this.writable.errored&&this.writable.closed)return sV.fakePromise();return new Promise(($,A)=>{if(this.writable.errored)A(this.writable.errored);else this.writable.end((F)=>{if(F)A(F);else $()})})}abort($){return new Promise((A)=>{this.writable.destroy($),this.writable.once("close",A)})}locked=!1}M21.PonyfillWritableStream=P21});var SB=C((R21)=>{Object.defineProperty(R21,"__esModule",{value:!0});R21.PonyfillTransformStream=void 0;var rV=p("node:stream"),pn1=JA(),gn1=nV();class j21{transform;writable;readable;constructor($){if($ instanceof rV.Transform)this.transform=$;else if($){let A={enqueue(D){F.push(D)},error(D){F.destroy(D)},terminate(){F.end()},get desiredSize(){return F.writableLength}},F=new rV.Transform({read(){},write(D,B,E){try{let w=$.transform?.(D,A);if(w instanceof Promise)w.then(()=>{E()},(Z)=>{E(Z)});else E()}catch(w){E(w)}},final(D){try{let B=$.flush?.(A);if(B instanceof Promise)B.then(()=>{D()},(E)=>{D(E)});else D()}catch(B){D(B)}}});this.transform=F}else this.transform=new rV.Transform;this.writable=new gn1.PonyfillWritableStream(this.transform),this.readable=new pn1.PonyfillReadableStream(this.transform)}}R21.PonyfillTransformStream=j21});var h21=C((S21)=>{Object.defineProperty(S21,"__esModule",{value:!0});S21.PonyfillCompressionStream=void 0;var iY=p("node:zlib"),xn1=SB();class T21 extends xn1.PonyfillTransformStream{static supportedFormats=globalThis.process?.version?.startsWith("v2")?["gzip","deflate","br"]:["gzip","deflate","deflate-raw","br"];constructor($){switch($){case"x-gzip":case"gzip":super(iY.createGzip());break;case"x-deflate":case"deflate":super(iY.createDeflate());break;case"deflate-raw":super(iY.createDeflateRaw());break;case"br":super(iY.createBrotliCompress());break;default:throw new Error(`Unsupported compression format: ${$}`)}}}S21.PonyfillCompressionStream=T21});var m21=C((d21)=>{Object.defineProperty(d21,"__esModule",{value:!0});d21.PonyfillDecompressionStream=void 0;var sY=p("node:zlib"),yn1=SB();class N21 extends yn1.PonyfillTransformStream{static supportedFormats=globalThis.process?.version?.startsWith("v2")?["gzip","deflate","br"]:["gzip","deflate","deflate-raw","br"];constructor($){switch($){case"x-gzip":case"gzip":super(sY.createGunzip());break;case"x-deflate":case"deflate":super(sY.createInflate());break;case"deflate-raw":super(sY.createInflateRaw());break;case"br":super(sY.createBrotliDecompress());break;default:throw new TypeError(`Unsupported compression format: '${$}'`)}}}d21.PonyfillDecompressionStream=N21});var x21=C((p21)=>{Object.defineProperty(p21,"__esModule",{value:!0});p21.PonyfillTextEncoderStream=p21.PonyfillTextDecoderStream=void 0;var v21=aV(),f21=SB();class b21 extends f21.PonyfillTransformStream{textDecoder;constructor($,A){super({transform:(F,D)=>{D.enqueue(this.textDecoder.decode(F,{stream:!0}))}});this.textDecoder=new v21.PonyfillTextDecoder($,A)}get encoding(){return this.textDecoder.encoding}get fatal(){return this.textDecoder.fatal}get ignoreBOM(){return this.textDecoder.ignoreBOM}}p21.PonyfillTextDecoderStream=b21;class _21 extends f21.PonyfillTransformStream{textEncoder;constructor($){super({transform:(A,F)=>{F.enqueue(this.textEncoder.encode(A))}});this.textEncoder=new v21.PonyfillTextEncoder($)}get encoding(){return this.textEncoder.encoding}encode($){return this.textEncoder.encode($)}}p21.PonyfillTextEncoderStream=_21});var l21=C((_0)=>{Object.defineProperty(_0,"__esModule",{value:!0});_0.TextEncoderStream=_0.TextDecoderStream=_0.IteratorObject=_0.DecompressionStream=_0.CompressionStream=_0.TransformStream=_0.WritableStream=_0.URLSearchParams=_0.URL=_0.btoa=_0.TextDecoder=_0.TextEncoder=_0.Blob=_0.FormData=_0.File=_0.ReadableStream=_0.Response=_0.Request=_0.Body=_0.Headers=_0.fetch=void 0;var cn1=Q21();Object.defineProperty(_0,"fetch",{enumerable:!0,get:function(){return cn1.fetchPonyfill}});var an1=xY();Object.defineProperty(_0,"Headers",{enumerable:!0,get:function(){return an1.PonyfillHeaders}});var in1=gY();Object.defineProperty(_0,"Body",{enumerable:!0,get:function(){return in1.PonyfillBody}});var sn1=lY();Object.defineProperty(_0,"Request",{enumerable:!0,get:function(){return sn1.PonyfillRequest}});var nn1=RB();Object.defineProperty(_0,"Response",{enumerable:!0,get:function(){return nn1.PonyfillResponse}});var rn1=JA();Object.defineProperty(_0,"ReadableStream",{enumerable:!0,get:function(){return rn1.PonyfillReadableStream}});var tn1=mV();Object.defineProperty(_0,"File",{enumerable:!0,get:function(){return tn1.PonyfillFile}});var on1=xV();Object.defineProperty(_0,"FormData",{enumerable:!0,get:function(){return on1.PonyfillFormData}});var en1=fY();Object.defineProperty(_0,"Blob",{enumerable:!0,get:function(){return en1.PonyfillBlob}});var tV=aV();Object.defineProperty(_0,"TextEncoder",{enumerable:!0,get:function(){return tV.PonyfillTextEncoder}});Object.defineProperty(_0,"TextDecoder",{enumerable:!0,get:function(){return tV.PonyfillTextDecoder}});Object.defineProperty(_0,"btoa",{enumerable:!0,get:function(){return tV.PonyfillBtoa}});var $r1=LB();Object.defineProperty(_0,"URL",{enumerable:!0,get:function(){return $r1.PonyfillURL}});var Ar1=u21();Object.defineProperty(_0,"URLSearchParams",{enumerable:!0,get:function(){return Ar1.PonyfillURLSearchParams}});var Fr1=nV();Object.defineProperty(_0,"WritableStream",{enumerable:!0,get:function(){return Fr1.PonyfillWritableStream}});var Dr1=SB();Object.defineProperty(_0,"TransformStream",{enumerable:!0,get:function(){return Dr1.PonyfillTransformStream}});var Br1=h21();Object.defineProperty(_0,"CompressionStream",{enumerable:!0,get:function(){return Br1.PonyfillCompressionStream}});var Er1=m21();Object.defineProperty(_0,"DecompressionStream",{enumerable:!0,get:function(){return Er1.PonyfillDecompressionStream}});var wr1=pY();Object.defineProperty(_0,"IteratorObject",{enumerable:!0,get:function(){return wr1.PonyfillIteratorObject}});var y21=x21();Object.defineProperty(_0,"TextDecoderStream",{enumerable:!0,get:function(){return y21.PonyfillTextDecoderStream}});Object.defineProperty(_0,"TextEncoderStream",{enumerable:!0,get:function(){return y21.PonyfillTextEncoderStream}})});var a21=C((HY0,c21)=>{var Jr1=uV(),p0;c21.exports=function $(A={}){let F={};if(F.URLPattern=globalThis.URLPattern,!F.URLPattern){let D=ae();F.URLPattern=D.URLPattern}if(A.skipPonyfill||Jr1())return{fetch:globalThis.fetch,Headers:globalThis.Headers,Request:globalThis.Request,Response:globalThis.Response,FormData:globalThis.FormData,ReadableStream:globalThis.ReadableStream,WritableStream:globalThis.WritableStream,TransformStream:globalThis.TransformStream,CompressionStream:globalThis.CompressionStream,DecompressionStream:globalThis.DecompressionStream,TextDecoderStream:globalThis.TextDecoderStream,TextEncoderStream:globalThis.TextEncoderStream,Blob:globalThis.Blob,File:globalThis.File,crypto:globalThis.crypto,btoa:globalThis.btoa,TextEncoder:globalThis.TextEncoder,TextDecoder:globalThis.TextDecoder,URLPattern:F.URLPattern,URL:globalThis.URL,URLSearchParams:globalThis.URLSearchParams};if(p0||=l21(),F.fetch=p0.fetch,F.Request=p0.Request,F.Response=p0.Response,F.Headers=p0.Headers,F.FormData=p0.FormData,F.ReadableStream=p0.ReadableStream,F.URL=p0.URL,F.URLSearchParams=p0.URLSearchParams,F.WritableStream=p0.WritableStream,F.TransformStream=p0.TransformStream,F.CompressionStream=p0.CompressionStream,F.DecompressionStream=p0.DecompressionStream,F.TextDecoderStream=p0.TextDecoderStream,F.TextEncoderStream=p0.TextEncoderStream,F.Blob=p0.Blob,F.File=p0.File,F.crypto=globalThis.crypto,F.btoa=p0.btoa,F.TextEncoder=p0.TextEncoder,F.TextDecoder=p0.TextDecoder,A.formDataLimits)F.Body=class D extends p0.Body{constructor(B,E){super(B,{formDataLimits:A.formDataLimits,...E})}},F.Request=class D extends p0.Request{constructor(B,E){super(B,{formDataLimits:A.formDataLimits,...E})}},F.Response=class D extends p0.Response{constructor(B,E){super(B,{formDataLimits:A.formDataLimits,...E})}};if(!F.crypto){let D=p("crypto");F.crypto=D.webcrypto}return F}});var n31=async($)=>{let A=$.context.wabe.config.schema?.classes?.find((F)=>F.name===$.className);if(!A)return;Object.entries(A.fields).filter(([F,D])=>D.type==="File").map(async([F])=>{let D=$.originalObject?.[F]?.name;if(!D)return;if(!$.context.wabe.controllers.file)throw new Error("No file adapter found");await $.context.wabe.controllers.file?.deleteFile(D)})},zu=($)=>n31($);var r31=async($)=>{let A=$.context.wabe.config.schema?.classes?.find((D)=>D.name===$.className);if(!A)return;let F=$.context.wabe.config.file?.urlCacheInSeconds||86400;await Promise.all(Object.entries(A.fields).filter(([D,B])=>B.type==="File").map(async([D])=>{let B=$.object?.[D];if(!B)return;let E=B.name;if(!E&&B.url)return B.url;let w=B.urlGeneratedAt;if(w&&w.getTime()+F*1000>new Date().getTime())return;if(!$.context.wabe.controllers.file)throw new Error("No file adapter found");let Z=await $.context.wabe.controllers.file?.readFile(E);return $.context.wabe.controllers.database.updateObject({className:$.className,context:$.context,id:$.object?.id||"",data:{[D]:{...B,urlGeneratedAt:new Date,url:Z||B.url}},skipHooks:!0})}))},Vu=($)=>r31($);var uu=async($)=>{let A=$.getNewData(),F=$.context.wabe.config.schema?.classes?.find((D)=>D.name===$.className);if(!F)return;await Promise.all(Object.keys(A).map(async(D)=>{let B=A[D]?.file,E=A[D]?.url;if(!B&&!E)return;if(E){$.upsertNewData(D,{url:E,isPresignedUrl:!1});return}if(F.fields[D].type!=="File"||!(B instanceof File))return;if(!$.context.wabe.controllers.file)throw new Error("No file adapter found");await $.context.wabe.controllers.file?.uploadFile(B),$.upsertNewData(D,{name:B.name,isPresignedUrl:!0})}))},Pu=($)=>uu($),Mu=($)=>uu($);var R1=($)=>({...$,isRoot:!0});class pB{className;newData;operationType;context;object;originalObject;select;constructor({newData:$,className:A,operationType:F,context:D,object:B,originalObject:E,select:w}){this.newData=$,this.className=A,this.operationType=F,this.context=D,this.object=B,this.originalObject=E,this.select=w||{}}getUser(){return this.context.user}isFieldUpdated($){return this.newData&&!!this.newData[$]}upsertNewData($,A){if(!this.newData)return;if(!this.operationType.includes("before"))throw new Error("Cannot set data in a hook that is not a before hook");this.newData[$]=A}getNewData(){return this.newData||{}}fetch(){let $=this.context.wabe.controllers.database;if(!this.object?.id)return Promise.resolve(null);return $.getObject({className:this.className,id:this.object.id,context:R1(this.context)})}async addACL($,A){let F=async(Y)=>{if(this.className==="User"){let W=this.object?.id;if(W)await this.context.wabe.controllers.database.updateObject({className:this.className,context:R1(this.context),id:W,data:{acl:Y},select:{}});return}this.upsertNewData("acl",Y)},B=(this.className==="User"?await this.context.wabe.controllers.database.getObject({className:"User",select:{acl:!0},id:this.object?.id,context:R1(this.context)}):{acl:this.getNewData().acl})?.acl||{};if(A===null){await F({...B,[$]:[]});return}let{userId:E,role:w,read:Z,write:J}=A;if(E&&w)throw new Error("Cannot specify both userId and role");if(w){let W=(await this.context.wabe.controllers.database.getObjects({className:"Role",select:{id:!0},where:{name:{equalTo:w}},context:R1(this.context)}))[0]?.id;await F({...B,[$]:[...B?.[$]||[],{roleId:W,read:Z,write:J}]});return}await F({...B,[$]:[...B?.[$]||[],{userId:E,read:Z,write:J}]})}}import{Algorithm as t31,hash as o31}from"@node-rs/argon2";var g9=($,A)=>{let F=A.wabe.config?.authentication?.customAuthenticationMethods;if(!F)throw new Error("No custom authentication methods found");let D=$.filter((w)=>w!=="secondaryFactor");if(D.length>1||D.length===0)throw new Error("One authentication method is required at the time");let B=D[0],E=F.find((w)=>w.name.toLowerCase()===B.toLowerCase());if(!E)throw new Error("No available custom authentication methods found");return E},D7=($)=>o31($,{algorithm:t31.Argon2id});var Iu=async($)=>{if(!$.isFieldUpdated("authentication")||$.getNewData().isOauth)return;let A=$.context,F=$.getNewData().authentication;if(F.emailPasswordSRP)return;let{provider:D,name:B}=g9(Object.keys(F),A),E=F[B],{authenticationDataToSave:w}=await D.onSignUp({input:E,context:A});$.upsertNewData("authentication",{[B]:w})},ju=async($)=>{if(!$.isFieldUpdated("authentication")||$.getNewData().isOauth)return;let A=$.context,F=$.getNewData().authentication;if(F.emailPasswordSRP)return;let{provider:D,name:B}=g9(Object.keys(F),A);if(!D.onUpdateAuthenticationData)return;let E=F[B];if(!$.object?.id)return;let{authenticationDataToSave:w}=await D.onUpdateAuthenticationData({context:A,input:E,userId:$.object.id});$.upsertNewData("authentication",{[B]:w})};var PA=($)=>{let A=$.search(/[a-z]/i);return $.slice(0,A)+$[A].toUpperCase()+$.slice(A+1)},x9=($)=>{let A=$.search(/[a-z]/i);return $.slice(0,A)+$[A].toLowerCase()+$.slice(A+1)},B7=($,A)=>{let F=A.schema?.classes?.find((D)=>D.name===$);if(!F)throw new Error("Class not found in schema");return F},Ru=($,A)=>{let F=A.get("Cookie");if(!F)return;let D=F.split(";").find((B)=>B.includes($));if(!D)return;return D.split("=")[1]},gB=($)=>{return $.toLowerCase().normalize("NFD").replace(/[\u0300-\u036f]/g,"").replace(/\s\s+/g," ").replace(/[\W_]+/g," ").trim()};var Lu=($)=>{if(!$.isFieldUpdated("createdAt"))$.upsertNewData("createdAt",new Date);if(!$.isFieldUpdated("updatedAt"))$.upsertNewData("updatedAt",new Date)},Tu=($)=>{$.upsertNewData("updatedAt",new Date)},Su=async($)=>{let A=B7($.className,$.context.wabe.config);Object.keys(A.fields).map((D)=>{let B=A.fields[D];if(!$.isFieldUpdated(D)&&B.type!=="Pointer"&&B.type!=="Relation"&&B.type!=="File"&&B.defaultValue!==void 0)$.upsertNewData(D,B.defaultValue)})};var Ou=async($)=>{let A=$.object?.id;await $.context.wabe.controllers.database.deleteObjects({className:"_Session",context:R1($.context),where:{user:{id:{equalTo:A}}},select:{}})};var e31=($)=>{return{beforeCreate:"create",afterCreate:"create",beforeRead:"read",afterRead:"read",beforeDelete:"delete",afterDelete:"delete",beforeUpdate:"update",afterUpdate:"update"}[$]},$91=async({className:$,operation:A,context:F})=>{let D=F.wabe.config.schema?.classes?.find((E)=>E.name===$);if(!D)throw new Error(`Class ${$} not found in schema`);return D.permissions?.[A]},xB=async($,A)=>{if($.context.isRoot)return;let F=e31(A);if(!F)throw new Error("Bad operation type provided");let D=await $91({className:$.className,operation:F,context:$.context});if(!D)throw new Error(`Permission denied to ${F} class ${$.className}`);let B=$.context.sessionId;if(!D.requireAuthentication)return;if(!B||!$.getUser())throw new Error(`Permission denied to ${F} class ${$.className}`);if(D.authorizedRoles?.includes("everyone"))return;if(D.authorizedRoles?.length===0||!D)throw new Error(`Permission denied to ${F} class ${$.className}`);let E=$.context.user?.role?.name;if(!E)throw new Error(`Permission denied to ${F} class ${$.className}`);if(!D.authorizedRoles?.includes(E))throw new Error(`Permission denied to ${F} class ${$.className}`)},hu=($)=>xB($,"beforeRead"),Nu=($)=>xB($,"beforeCreate"),du=($)=>xB($,"beforeUpdate"),ku=($)=>xB($,"beforeDelete");var WW=($,A)=>{let F=$.context.wabe.config.schema?.classes?.find((Z)=>Z.name===$.className);if(!F)return;let D=$.getUser()?.role?.name||"",B=$.context.isRoot;if(A==="beforeRead"){Object.keys($.select).map((Z)=>{let J=F.fields[Z]?.protected;if(J?.protectedOperations.includes("read")){if(B&&J.authorizedRoles.includes("rootOnly"))return;if(!J.authorizedRoles.includes(D))throw new Error("You are not authorized to read this field")}});return}let E=$.getNewData(),w=A==="beforeUpdate"?"update":"create";Object.keys(E).map((Z)=>{let J=F.fields[Z]?.protected;if(J?.protectedOperations.includes(w)){if(B&&J.authorizedRoles.includes("rootOnly"))return;if(!J.authorizedRoles.includes(D))throw new Error(`You are not authorized to ${w} this field`)}})},mu=($)=>WW($,"beforeRead"),vu=($)=>WW($,"beforeUpdate"),fu=($)=>WW($,"beforeCreate");var lB=JSON;var bu=($)=>$.toUpperCase(),_u=($)=>{let A={};return $.forEach((F,D)=>{A[D]=F}),A};var pu=($,A,F)=>{return $.document?$:{document:$,variables:A,requestHeaders:F,signal:void 0}},gu=($,A,F)=>{return $.query?$:{query:$,variables:A,requestHeaders:F,signal:void 0}},xu=($,A)=>{return $.documents?$:{documents:$,requestHeaders:A,signal:void 0}};var gE=H1(K1(),1),mT=($)=>{let A=void 0,F=$.definitions.filter((D)=>D.kind==="OperationDefinition");if(F.length===1)A=F[0]?.name?.value;return A},Y5=($)=>{if(typeof $==="string"){let F=void 0;try{let D=gE.parse($);F=mT(D)}catch(D){}return{query:$,operationName:F}}let A=mT($);return{query:gE.print($),operationName:A}};class X9 extends Error{constructor($,A){let F=`${X9.extractMessage($)}: ${JSON.stringify({response:$,request:A})}`;super(F);if(Object.setPrototypeOf(this,X9.prototype),this.response=$,this.request=A,typeof Error.captureStackTrace==="function")Error.captureStackTrace(this,X9)}static extractMessage($){return $.errors?.[0]?.message??`GraphQL Error (Code: ${$.status})`}}var C9=H1(jS(),1);var dX1="connection_init",kX1="connection_ack",LS="ping",TS="pong",mX1="subscribe",vX1="next",fX1="error",SS="complete";class A8{get type(){return this._type}get id(){return this._id}get payload(){return this._payload}constructor($,A,F){this._type=$,this._payload=A,this._id=F}get text(){let $={type:this.type};if(this.id!=null&&this.id!=null)$.id=this.id;if(this.payload!=null&&this.payload!=null)$.payload=this.payload;return JSON.stringify($)}static parse($,A){let{type:F,payload:D,id:B}=JSON.parse($);return new A8(F,A(D),B)}}class sU{constructor($,{onInit:A,onAcknowledged:F,onPing:D,onPong:B}){this.socketState={acknowledged:!1,lastRequestId:0,subscriptions:{}},this.socket=$,$.addEventListener("open",async(E)=>{this.socketState.acknowledged=!1,this.socketState.subscriptions={},$.send(_X1(A?await A():null).text)}),$.addEventListener("close",(E)=>{this.socketState.acknowledged=!1,this.socketState.subscriptions={}}),$.addEventListener("error",(E)=>{console.error(E)}),$.addEventListener("message",(E)=>{try{let w=bX1(E.data);switch(w.type){case kX1:{if(this.socketState.acknowledged)console.warn("Duplicate CONNECTION_ACK message ignored");else if(this.socketState.acknowledged=!0,F)F(w.payload);return}case LS:{if(D)D(w.payload).then((W)=>$.send(RS(W).text));else $.send(RS(null).text);return}case TS:{if(B)B(w.payload);return}}if(!this.socketState.acknowledged)return;if(w.id===void 0||w.id===null||!this.socketState.subscriptions[w.id])return;let{query:Z,variables:J,subscriber:Y}=this.socketState.subscriptions[w.id];switch(w.type){case vX1:{if(!w.payload.errors&&w.payload.data)Y.next&&Y.next(w.payload.data);if(w.payload.errors)Y.error&&Y.error(new X9({...w.payload,status:200},{query:Z,variables:J}));return}case fX1:{Y.error&&Y.error(new X9({errors:w.payload,status:200},{query:Z,variables:J}));return}case SS:{Y.complete&&Y.complete(),delete this.socketState.subscriptions[w.id];return}}}catch(w){console.error(w),$.close(1006)}$.close(4400,"Unknown graphql-ws message.")})}makeSubscribe($,A,F,D){let B=(this.socketState.lastRequestId++).toString();return this.socketState.subscriptions[B]={query:$,variables:D,subscriber:F},this.socket.send(gX1(B,{query:$,operationName:A,variables:D}).text),()=>{this.socket.send(xX1(B).text),delete this.socketState.subscriptions[B]}}rawRequest($,A){return new Promise((F,D)=>{let B;this.rawSubscribe($,{next:(E,w)=>B={data:E,extensions:w},error:D,complete:()=>F(B)},A)})}request($,A){return new Promise((F,D)=>{let B;this.subscribe($,{next:(E)=>B=E,error:D,complete:()=>F(B)},A)})}subscribe($,A,F){let{query:D,operationName:B}=Y5($);return this.makeSubscribe(D,B,A,F)}rawSubscribe($,A,F){return this.makeSubscribe($,void 0,A,F)}ping($){this.socket.send(pX1($).text)}close(){this.socket.close(1000)}}sU.PROTOCOL="graphql-transport-ws";function bX1($,A=(F)=>F){return A8.parse($,A)}function _X1($){return new A8(dX1,$)}function pX1($){return new A8(LS,$,void 0)}function RS($){return new A8(TS,$,void 0)}function gX1($,A){return new A8(mX1,A,$)}function xX1($){return new A8(SS,void 0,$)}var L7=($)=>{let A={};if($)if(typeof Headers!=="undefined"&&$ instanceof Headers||C9&&C9.Headers&&$ instanceof C9.Headers)A=_u($);else if(Array.isArray($))$.forEach(([F,D])=>{if(F&&D!==void 0)A[F]=D});else A=$;return A},OS=($)=>$.replace(/([\s,]|#[^\n\r]+)+/g," ").trim(),yX1=($)=>{if(!Array.isArray($.query)){let D=$,B=[`query=${encodeURIComponent(OS(D.query))}`];if($.variables)B.push(`variables=${encodeURIComponent(D.jsonSerializer.stringify(D.variables))}`);if(D.operationName)B.push(`operationName=${encodeURIComponent(D.operationName)}`);return B.join("&")}if(typeof $.variables!=="undefined"&&!Array.isArray($.variables))throw new Error("Cannot create query with given variable type, array expected");let A=$,F=$.query.reduce((D,B,E)=>{return D.push({query:OS(B),variables:A.variables?A.jsonSerializer.stringify(A.variables[E]):void 0}),D},[]);return`query=${encodeURIComponent(A.jsonSerializer.stringify(F))}`},lX1=($)=>async(A)=>{let{url:F,query:D,variables:B,operationName:E,fetch:w,fetchOptions:Z,middleware:J}=A,Y={...A.headers},W="",X=void 0;if($==="POST"){if(X=cX1(D,B,E,Z.jsonSerializer),typeof X==="string")Y["Content-Type"]="application/json"}else W=yX1({query:D,variables:B,operationName:E,jsonSerializer:Z.jsonSerializer??lB});let U={method:$,headers:Y,body:X,...Z},H=F,Q=U;if(J){let q=await Promise.resolve(J({...U,url:F,operationName:E,variables:B})),{url:V,...L}=q;H=V,Q=L}if(W)H=`${H}?${W}`;return await w(H,Q)};class tU{constructor($,A={}){this.url=$,this.requestConfig=A,this.rawRequest=async(...F)=>{let[D,B,E]=F,w=gu(D,B,E),{headers:Z,fetch:J=C9.default,method:Y="POST",requestMiddleware:W,responseMiddleware:X,...U}=this.requestConfig,{url:H}=this;if(w.signal!==void 0)U.signal=w.signal;let{operationName:Q}=Y5(w.query);return nU({url:H,query:w.query,variables:w.variables,headers:{...L7(rU(Z)),...L7(w.requestHeaders)},operationName:Q,fetch:J,method:Y,fetchOptions:U,middleware:W}).then((q)=>{if(X)X(q);return q}).catch((q)=>{if(X)X(q);throw q})}}async request($,...A){let[F,D]=A,B=pu($,F,D),{headers:E,fetch:w=C9.default,method:Z="POST",requestMiddleware:J,responseMiddleware:Y,...W}=this.requestConfig,{url:X}=this;if(B.signal!==void 0)W.signal=B.signal;let{query:U,operationName:H}=Y5(B.document);return nU({url:X,query:U,variables:B.variables,headers:{...L7(rU(E)),...L7(B.requestHeaders)},operationName:H,fetch:w,method:Z,fetchOptions:W,middleware:J}).then((Q)=>{if(Y)Y(Q);return Q.data}).catch((Q)=>{if(Y)Y(Q);throw Q})}batchRequests($,A){let F=xu($,A),{headers:D,...B}=this.requestConfig;if(F.signal!==void 0)B.signal=F.signal;let E=F.documents.map(({document:Z})=>Y5(Z).query),w=F.documents.map(({variables:Z})=>Z);return nU({url:this.url,query:E,variables:w,headers:{...L7(rU(D)),...L7(F.requestHeaders)},operationName:void 0,fetch:this.requestConfig.fetch??C9.default,method:this.requestConfig.method||"POST",fetchOptions:B,middleware:this.requestConfig.requestMiddleware}).then((Z)=>{if(this.requestConfig.responseMiddleware)this.requestConfig.responseMiddleware(Z);return Z.data}).catch((Z)=>{if(this.requestConfig.responseMiddleware)this.requestConfig.responseMiddleware(Z);throw Z})}setHeaders($){return this.requestConfig.headers=$,this}setHeader($,A){let{headers:F}=this.requestConfig;if(F)F[$]=A;else this.requestConfig.headers={[$]:A};return this}setEndpoint($){return this.url=$,this}}var nU=async($)=>{let{query:A,variables:F,fetchOptions:D}=$,B=lX1(bu($.method??"post")),E=Array.isArray($.query),w=await B($),Z=await aX1(w,D.jsonSerializer??lB),J=Array.isArray(Z)?!Z.some(({data:W})=>!W):Boolean(Z.data),Y=Array.isArray(Z)||!Z.errors||Array.isArray(Z.errors)&&!Z.errors.length||D.errorPolicy==="all"||D.errorPolicy==="ignore";if(w.ok&&Y&&J){let{errors:W,...X}=Array.isArray(Z)?Z:Z,U=D.errorPolicy==="ignore"?X:Z;return{...E?{data:U}:U,headers:w.headers,status:w.status}}else throw new X9({...typeof Z==="string"?{error:Z}:Z,status:w.status,headers:w.headers},{query:A,variables:F})};var cX1=($,A,F,D)=>{let B=D??lB;if(!Array.isArray($))return B.stringify({query:$,variables:A,operationName:F});if(typeof A!=="undefined"&&!Array.isArray(A))throw new Error("Cannot create request body with given variable type, array expected");let E=$.reduce((w,Z,J)=>{return w.push({query:Z,variables:A?A[J]:void 0}),w},[]);return B.stringify(E)},aX1=async($,A)=>{let F;if($.headers.forEach((D,B)=>{if(B.toLowerCase()==="content-type")F=D}),F&&(F.toLowerCase().startsWith("application/json")||F.toLowerCase().startsWith("application/graphql+json")||F.toLowerCase().startsWith("application/graphql-response+json")))return A.parse(await $.text());else return $.text()},rU=($)=>{return typeof $==="function"?$():$},oU=($,...A)=>{return $.reduce((F,D,B)=>`${F}${D}${B in A?String(A[B]):""}`,"")};var s3=H1(dZ(),1);var fl=H1(ml(),1);var vk1=Object.prototype.toString,fk1=($)=>vk1.call($)==="[object Error]",bk1=new Set(["network error","Failed to fetch","NetworkError when attempting to fetch resource.","The Internet connection appears to be offline.","Load failed","Network request failed","fetch failed","terminated"]);function wq($){if(!($&&fk1($)&&$.name==="TypeError"&&typeof $.message==="string"))return!1;if($.message==="Load failed")return $.stack===void 0;return bk1.has($.message)}class bl extends Error{constructor($){super();if($ instanceof Error)this.originalError=$,{message:$}=$;else this.originalError=new Error($),this.originalError.stack=this.stack;this.name="AbortError",this.message=$}}var vl=($,A,F)=>{let D=F.retries-(A-1);return $.attemptNumber=A,$.retriesLeft=D,$};async function Zq($,A){return new Promise((F,D)=>{A={...A},A.onFailedAttempt??=()=>{},A.shouldRetry??=()=>!0,A.retries??=10;let B=fl.default.operation(A),E=()=>{B.stop(),D(A.signal?.reason)};if(A.signal&&!A.signal.aborted)A.signal.addEventListener("abort",E,{once:!0});let w=()=>{A.signal?.removeEventListener("abort",E),B.stop()};B.attempt(async(Z)=>{try{let J=await $(Z);w(),F(J)}catch(J){try{if(!(J instanceof Error))throw new TypeError(`Non-error was thrown: "${J}". You should only throw errors.`);if(J instanceof bl)throw J.originalError;if(J instanceof TypeError&&!wq(J))throw J;if(vl(J,Z,A),!await A.shouldRetry(J))B.stop(),D(J);if(await A.onFailedAttempt(J),!B.retry(J))throw B.mainError()}catch(Y){vl(Y,Z,A),w(),D(Y)}}})})}var _k1=($)=>{if(!$)return{};return Object.keys($).reduce((F,D)=>{let B=$[D];if(B==="ASC")F[D]=1;if(B==="DESC")F[D]=-1;return F},{})},i3=($)=>{if(!$)return{};return Object.keys($).reduce((F,D)=>{let B=$[D],E=D==="id"?"_id":D;if(B?.contains||B?.contains===null)F[E]={$all:B.contains};if(B?.notContains||B?.notContains===null)F[E]={$ne:B.notContains};if(B?.equalTo||B?.equalTo===null)F[E]=E==="_id"&&typeof B.equalTo==="string"?s3.ObjectId.createFromHexString(B.equalTo):B.equalTo;if(B?.notEqualTo||B?.notEqualTo===null)F[E]={$ne:E==="_id"&&typeof B.notEqualTo==="string"?s3.ObjectId.createFromHexString(B.notEqualTo):B.notEqualTo};if(B?.greaterThan||B?.greaterThan===null)F[E]={$gt:B.greaterThan};if(B?.greaterThanOrEqualTo||B?.greaterThanOrEqualTo===null)F[E]={$gte:B.greaterThanOrEqualTo};if(B?.lessThan||B?.lessThan===null)F[E]={$lt:B.lessThan};if(B?.lessThanOrEqualTo||B?.lessThanOrEqualTo===null)F[E]={$lte:B.lessThanOrEqualTo};if(B?.in||B?.in===null)F[E]={$in:E==="_id"?B.in.filter((w)=>typeof w==="string").map((w)=>s3.ObjectId.createFromHexString(w)):B.in};if(B?.notIn||B?.notIn===null)F[E]={$nin:E==="_id"?B.notIn.filter((w)=>typeof w==="string").map((w)=>s3.ObjectId.createFromHexString(w)):B.notIn};if(B&&E==="OR")return F.$or=$.OR?.map((w)=>i3(w)),F;if(B&&E==="AND")return F.$and=$.AND?.map((w)=>i3(w)),F;if(typeof B==="object"){let w=i3(B),Z=Object.entries(w);if(Z.length>0)return{[`${E.toString()}.${Z[0][0]}`]:Z[0][1]}}return F},{})};class Jq{options;database;client;constructor($){this.options=$,this.client=new s3.MongoClient($.databaseUrl)}async connect(){let $=await Zq(()=>this.client.connect(),{retries:5,minTimeout:100,factor:2});return this.database=$.db(this.options.databaseName),$}close(){return this.client.close()}async createClassIfNotExist($,A){if(!this.database)throw new Error("Connection to database is not established");let F=A.wabe.config.schema?.classes?.find((E)=>E.name===$);if(!F)throw new Error(`${$} is not defined in schema`);let D=this.database.collection($);return(F.indexes||[]).map((E)=>D.createIndex({[E.field]:E.order==="ASC"?1:-1},{unique:!!E.unique})),D}async count($){let{className:A,where:F,context:D}=$,B=await this.createClassIfNotExist(A,D),E=i3(F);return B.countDocuments(E)}async clearDatabase(){if(!this.database)throw new Error("Connection to database is not established");let $=await this.database.collections();await Promise.all($.filter((A)=>A.collectionName!=="Role").map((A)=>A.deleteMany({})))}async getObject($){if(!this.database)throw new Error("Connection to database is not established");let{className:A,id:F,select:D,where:B,context:E}=$,w=i3(B),J=await(await this.createClassIfNotExist(A,E)).findOne({_id:new s3.ObjectId(F),...w},{projection:D?{...D,_id:1}:void 0});if(!J)throw new Error("Object not found");let{_id:Y,...W}=J;return{...W,...{id:Y.toString()}}}async getObjects($){if(!this.database)throw new Error("Connection to database is not established");let{className:A,select:F,where:D,offset:B,first:E,context:w,order:Z}=$,J=i3(D),Y=_k1(Z);return(await(await this.createClassIfNotExist(A,w)).find(J,{projection:F?{...F,_id:1}:void 0}).limit(E||0).skip(B||0).sort(Y).toArray()).map((U)=>{let{_id:H,...Q}=U;return{...Q,...{id:H.toString()}}})}async createObject($){if(!this.database)throw new Error("Connection to database is not established");let{className:A,data:F,context:D}=$;return{id:(await(await this.createClassIfNotExist(A,D)).insertOne(F,{})).insertedId.toString()}}async createObjects($){if(!this.database)throw new Error("Connection to database is not established");let{className:A,data:F,context:D}=$,E=await(await this.createClassIfNotExist(A,D)).insertMany(F,{});return Object.values(E.insertedIds).map((w)=>({id:w.toString()}))}async updateObject($){if(!this.database)throw new Error("Connection to database is not established");let{className:A,id:F,data:D,context:B,where:E}=$,w=E?i3(E):{};if((await(await this.createClassIfNotExist(A,B)).updateOne({_id:new s3.ObjectId(F),...w},{$set:D})).matchedCount===0)throw new Error("Object not found");return{id:F}}async updateObjects($){if(!this.database)throw new Error("Connection to database is not established");let{className:A,where:F,data:D,offset:B,first:E,context:w,order:Z}=$,J=i3(F),Y=await this.createClassIfNotExist(A,w),W=await w.wabe.controllers.database.getObjects({className:A,where:F,select:{id:!0},offset:B,first:E,context:R1(w),order:Z});if(W.length===0)return[];return await Y.updateMany(J,{$set:D}),Object.values(W).filter(x2).map((X)=>({id:X?.id||""}))}async deleteObject($){if(!this.database)throw new Error("Connection to database is not established");let{className:A,id:F,context:D}=$,B=i3($.where);if((await(await this.createClassIfNotExist(A,D)).deleteOne({_id:new s3.ObjectId(F),...B})).deletedCount===0)throw new Error("Object not found")}async deleteObjects($){if(!this.database)throw new Error("Connection to database is not established");let{className:A,where:F,context:D}=$,B=i3(F);await(await this.createClassIfNotExist(A,D)).deleteMany(B)}}var _l;((A)=>A.Mongo="mongo")(_l||={});class pl{adapter={};async getCustomerById(){return{email:"customer@test.com"}}async deleteCoupon(){}async updatePromotionCode(){}async createCoupon(){return{code:"",id:""}}async createPromotionCode(){return{code:"",id:""}}async validateWebhook(){return{isValid:!0,payload:{},type:""}}async createCustomer(){return""}async createPayment(){return""}async cancelSubscription(){}async getInvoices(){return[]}async getTotalRevenue(){return 0}async getAllTransactions(){return[]}async getHypotheticalSubscriptionRevenue(){return 0}}class gl{async send(){return"123456"}}var xl;((F)=>{F.EUR="eur";F.USD="usd"})(xl||={});var pk1;((F)=>{F.payment="payment";F.subscription="subscription"})(pk1||={});var gk1;((F)=>{F.Month="month";F.Year="year"})(gk1||={});import{writeFile as xk1,mkdir as yk1,rm as lk1,access as yl,constants as ll}from"node:fs/promises";import cZ from"node:path";class cl{basePath="bucket";rootPath=process.cwd();async uploadFile($){let A=cZ.join(this.rootPath,this.basePath);await yk1(A,{recursive:!0});let F=$.type,D;if(F.startsWith("text")||F.includes("json")){let B=await $.text();D=Buffer.from(B,"utf-8")}else{let B=await $.arrayBuffer();D=Buffer.from(B)}await xk1(cZ.join(A,$.name),D)}async readFile($,A){let F=cZ.join(this.rootPath,this.basePath,$);try{return await yl(F,ll.F_OK),`http://127.0.0.1:${A?.port||3000}/${this.basePath}/${$}`}catch{return null}}async deleteFile($){let A=cZ.join(this.rootPath,this.basePath,$);try{await yl(A,ll.F_OK),await lk1(A)}catch{}}}var S$=($)=>$.charAt(0).toUpperCase()+$.slice(1),x2=($)=>$!==null&&$!==void 0,al=($)=>{let A=new tU(`http://127.0.0.1:${$}/graphql`,{headers:{"Wabe-Root-Key":"0uwFvUxM$ceFuF1aEtTtZMa7DUN2NZudqgY5ve5W*QCyb58cwMj9JeoaV@d#%29v&aJzswuudVU1%nAT+rxS0Bh&OkgBYc0PH18*"}});return{...A,request:A.request}};var aZ=($)=>{if($===void 0||$===null)return[];if(typeof $==="object")return Object.values($).flatMap((A)=>aZ(A));if(typeof $==="string")return gB($).trim().split(" ").map((A)=>A.trim()).flatMap((A)=>{let F=[];for(let D=1;D<=A.length;D+=1)F.push(A.substring(0,D).toLowerCase());return F});if(typeof $==="number")return[String($)];return[]},sl=($)=>{let A=$.context.wabe.config.schema?.classes?.find((B)=>B.name===$.className)?.searchableFields;if(!A||A.length===0)return;let F=$.getNewData(),D=Object.entries(F).flatMap(([B,E])=>{if(!A.includes(B))return;return aZ(E)}).filter(x2);$.upsertNewData("search",D)},nl=($)=>{let A=$.context.wabe.config.schema?.classes?.find((Z)=>Z.name===$.className)?.searchableFields;if(!A||A.length===0)return;let F=$.getNewData(),D=Object.entries(F).flatMap(([Z,J])=>{if(!A.includes(Z))return;return aZ(J)}).filter(x2),B=Object.entries($.object||{}).flatMap(([Z,J])=>{if(!A.includes(Z)||!Object.keys(F).includes(Z))return;return aZ(J)}).filter(x2),w=[...($.object?.search||[]).filter((Z)=>!B.includes(Z)),...D];$.upsertNewData("search",w)};var rl=async($)=>{let A=$.object,F=A?.user;if(!F)return;let D=$.context.wabe.controllers.database,E=(await D.getObject({className:"User",id:F,select:{sessions:!0},context:$.context}))?.sessions?.map((w)=>w.id)||[];await D.updateObject({className:"User",id:F,context:$.context,data:{sessions:[...E,A?.id].filter(x2)}})},tl=async($)=>{let A=$.object,F=A?.user;if(!F)return;let D=$.context.wabe.controllers.database,E=(await D.getObject({className:"User",id:F,select:{sessions:!0},context:$.context}))?.sessions?.filter((w)=>w.id!==A?.id).map((w)=>w.id);await D.updateObject({className:"User",id:F,context:$.context,data:{sessions:E}})},ol=($)=>{if($.context.isRoot)return;if($.isFieldUpdated("sessions"))throw new Error("Not authorized to update user sessions")};var el=($)=>{let A=$.getNewData().authentication;if(!A)return;let F=Object.keys(A)[0],D=A[F].email;if(!D)return;if($.upsertNewData("email",D),F)$.upsertNewData("provider",F)},$c=($)=>{if($.isFieldUpdated("email"))return;el($)},Ac=($)=>{if($.isFieldUpdated("email"))return;el($)};var Fc=async($)=>{let A=$.context.wabe.config.schema?.classes?.find((D)=>D.name===$.className)?.permissions;if(!A)return;let{acl:F}=A;if($.isFieldUpdated("acl")||!F)return;if(F)await F($)},Dc=async($)=>{if($.className==="User")return;await Fc($)},Bc=async($)=>Fc($);var yB;((J)=>{J.AfterCreate="afterCreate";J.AfterUpdate="afterUpdate";J.AfterDelete="afterDelete";J.AfterRead="afterRead";J.BeforeCreate="beforeCreate";J.BeforeUpdate="beforeUpdate";J.BeforeDelete="beforeDelete";J.BeforeRead="beforeRead"})(yB||={});var Ec=async({className:$,operationType:A,priority:F,config:D})=>D.hooks?.filter((B)=>B.operationType===A&&B.priority===F&&($===B.className||!B.className))||[],ck1=($)=>$.hooks?.reduce((A,F)=>{if(!A.includes(F.priority))A.push(F.priority);return A},[]).sort((A,F)=>A-F)||[],n3=({className:$,newData:A,context:F,select:D})=>{let B=({id:Z})=>{if(!Z)return{};return F.wabe.controllers.database.getObject({className:$,context:R1(F),id:Z,skipHooks:!0})},E=async({where:Z,ids:J})=>{if(!Z&&J.length===0)return[{}];let Y=await F.wabe.controllers.database.getObjects({className:$,context:R1(F),where:Z?Z:{id:{in:J}},skipHooks:!0});if(Y.length===0)return[{}];return Y},w=ck1(F.wabe.config);return{runOnSingleObject:async(Z)=>{if(w.length===0)return{object:void 0,newData:{}};let J=await B({id:Z.id}),Y=new pB({className:$,newData:A,operationType:Z.operationType,context:F,object:J,originalObject:Z.originalObject,select:D});return await w.reduce(async(W,X)=>{await W;let U=await Ec({className:$,operationType:Z.operationType,priority:X,config:F.wabe.config});await Promise.all(U.map((H)=>H.callback(Y)))},Promise.resolve()),{object:J,newData:Y.getNewData()}},runOnMultipleObjects:async(Z)=>{if(w.length===0)return{objects:[],newData:[A||{}]};let J=await E({where:Z.where,ids:Z.ids||[]}),Y=(Z.operationType==="afterDelete"?Z.originalObjects:J)||[],W=await Promise.all(Y.map(async(X)=>{let U=(Z.originalObjects||[]).find((Q)=>Q?.id===X?.id),H=new pB({className:$,newData:A,operationType:Z.operationType,context:F,object:X,originalObject:U,select:D});return await w.reduce(async(Q,q)=>{await Q;let V=await Ec({className:$,operationType:Z.operationType,priority:q,config:F.wabe.config});await Promise.all(V.map((L)=>L.callback(H)))},Promise.resolve()),H.getNewData()}));return{objects:J,newData:W}}}},wc=()=>[{operationType:"beforeRead",priority:0,callback:hu},{operationType:"beforeUpdate",priority:0,callback:du},{operationType:"beforeCreate",priority:0,callback:Nu},{operationType:"beforeDelete",priority:0,callback:ku},{operationType:"beforeRead",priority:0,callback:mu},{operationType:"beforeUpdate",priority:0,callback:vu},{operationType:"beforeCreate",priority:0,callback:fu},{operationType:"beforeCreate",priority:1,callback:Lu},{operationType:"beforeCreate",priority:1,callback:Su},{operationType:"beforeUpdate",priority:1,callback:Tu},{operationType:"beforeCreate",priority:1,callback:Pu},{operationType:"beforeUpdate",priority:1,callback:Mu},{operationType:"afterRead",priority:1,callback:Vu},{operationType:"afterDelete",priority:1,callback:zu},{className:"User",operationType:"beforeCreate",priority:1,callback:Iu},{className:"User",operationType:"beforeUpdate",priority:1,callback:ju},{operationType:"beforeCreate",priority:3,callback:sl},{operationType:"beforeUpdate",priority:3,callback:nl},{operationType:"beforeCreate",priority:0,callback:Dc},{className:"User",operationType:"afterCreate",priority:0,callback:Bc},{className:"User",operationType:"beforeCreate",priority:2,callback:$c},{className:"User",operationType:"beforeUpdate",priority:2,callback:Ac},{className:"User",operationType:"beforeDelete",priority:1,callback:Ou},{className:"_Session",operationType:"afterCreate",priority:1,callback:rl},{className:"_Session",operationType:"afterDelete",priority:1,callback:tl},{className:"User",operationType:"beforeUpdate",priority:1,callback:ol}];class Yq{adapter;constructor($){this.adapter=$}_getSelectMinusPointersAndRelations({className:$,context:A,select:F}){let D=A.wabe.config.schema?.classes?.find((E)=>E.name.toLowerCase()===$.toLowerCase());if(!D)throw new Error("Class not found in schema");if(!F)return{pointers:{},selectWithoutPointers:{}};let B=Object.keys(D.fields).filter((E)=>D.fields[E].type==="Pointer"||D.fields[E].type==="Relation");return Object.entries(F).reduce((E,[w,Z])=>{if(!B.includes(w))return{...E,selectWithoutPointers:{...E.selectWithoutPointers,[w]:!0}};let J=D.fields[w].class;return{...E,pointers:{...E.pointers,[w]:{className:J,select:Z===!0?void 0:Z}}}},{pointers:{},selectWithoutPointers:{}})}_isRelationField({pointerField:$,currentClassName:A,context:F,originClassName:D}){if(!A)return!1;return F.wabe.config.schema?.classes?.some((B)=>B.name.toLowerCase()===D.toLowerCase()&&Object.entries(B.fields).find(([E,w])=>E===$&&w.type==="Relation"&&w.class.toLowerCase()===A.toLowerCase()))}_isPointerField({pointerField:$,currentClassName:A,context:F,originClassName:D}){if(!A)return!1;return F.wabe.config.schema?.classes?.some((B)=>B.name.toLowerCase()===D.toLowerCase()&&Object.entries(B.fields).find(([E,w])=>E===$&&w.type==="Pointer"&&w.class.toLowerCase()===A.toLowerCase()))}async _getWhereObjectWithPointerOrRelation($,A,F){let D=Object.keys(A),B=F.wabe.config.schema?.classes?.find((w)=>w.name.toLowerCase()===$.toLowerCase()),E=await D.reduce(async(w,Z)=>{let J=await w,Y=Z,W=B?.fields[Y];if(Y==="AND"||Y==="OR"){let Q=await Promise.all(A[Y].map((q)=>this._getWhereObjectWithPointerOrRelation($,q,F)));return{...J,[Y]:Q}}if(W?.type!=="Pointer"&&W?.type!=="Relation")return w;let X=W.class,U=A[Y],H=await this.getObjects({className:X,select:{id:!0},where:U,context:F});return{...w,[Y]:{in:H.map((Q)=>Q?.id).filter(x2)}}},Promise.resolve({}));return{...A,...E}}_buildWhereWithACL($,A,F){if(A.isRoot)return $;let D=A.user?.role?.id,B=A.user?.id;return{AND:[{...$},!B?{acl:{equalTo:null}}:void 0,B||D?{OR:[{acl:{equalTo:null}},B?{AND:[{acl:{users:{userId:{in:[B]}}}},{acl:{users:{[F]:{in:[!0]}}}}]}:void 0,D?{AND:[{acl:{users:{userId:{notIn:[B]}}}},{acl:{roles:{roleId:{in:[D]}}}},{acl:{roles:{[F]:{in:[!0]}}}}]}:void 0].filter(x2)}:void 0].filter(x2)}}_getFinalObjectWithPointerAndRelation({pointers:$,context:A,originClassName:F,object:D,isGraphQLCall:B}){return Object.entries($).reduce(async(E,[w,{className:Z,select:J}])=>{let Y=await E;if(this._isPointerField({originClassName:F,context:A,currentClassName:Z,pointerField:w})){if(!D[w])return{...Y,[w]:null};let U=await this.getObject({className:Z,id:D[w],context:A,select:J});return{...Y,[w]:U}}if(this._isRelationField({originClassName:F,context:A,currentClassName:Z,pointerField:w})&&D[w]){let U=await this.getObjects({className:Z,select:J,where:{id:{in:D[w]}},context:A});return{...E,[w]:B?{totalCount:U.length,edges:U.map((H)=>({node:H}))}:U}}return Y},Promise.resolve({}))}connect(){return this.adapter.connect()}close(){return this.adapter.close()}createClassIfNotExist($,A){return this.adapter.createClassIfNotExist($,A)}async count({className:$,context:A,where:F}){let D=n3({className:$,context:A,select:{}});await D?.runOnSingleObject({operationType:"beforeRead"});let B=await this.adapter.count({className:$,context:A,where:F});return await D?.runOnSingleObject({operationType:"afterRead"}),B}async clearDatabase(){await this.adapter.clearDatabase()}async getObject({select:$,className:A,context:F,skipHooks:D,id:B,where:E,isGraphQLCall:w=!1}){let{pointers:Z,selectWithoutPointers:J}=this._getSelectMinusPointersAndRelations({className:A,context:F,select:$}),Y=!D?n3({className:A,context:F,select:J}):void 0;await Y?.runOnSingleObject({operationType:"beforeRead",id:B});let W=this._buildWhereWithACL(E||{},F,"read"),X=Object.keys(Z).reduce((H,Q)=>{return H[Q]=!0,H},J);await Y?.runOnSingleObject({operationType:"afterRead",id:B});let U=await this.adapter.getObject({className:A,id:B,context:R1(F),select:!$?void 0:X,where:W});return{...U,...await this._getFinalObjectWithPointerAndRelation({context:F,originClassName:A,pointers:Z,object:U,isGraphQLCall:w})}}async getObjects({className:$,select:A,context:F,where:D,skipHooks:B,first:E,offset:w,order:Z,isGraphQLCall:J=!1}){let{pointers:Y,selectWithoutPointers:W}=this._getSelectMinusPointersAndRelations({className:$,context:F,select:A}),X=await this._getWhereObjectWithPointerOrRelation($,D||{},F),U=this._buildWhereWithACL(X||{},F,"read"),H=Object.keys(Y).reduce((V,L)=>{return V[L]=!0,V},W),Q=!B?n3({className:$,select:W,context:F}):void 0;await Q?.runOnMultipleObjects({operationType:"beforeRead",where:U}),await Q?.runOnMultipleObjects({operationType:"afterRead",where:U});let q=await this.adapter.getObjects({className:$,context:R1(F),first:E,offset:w,where:U,select:!A?void 0:H,order:Z});return Promise.all(q.map(async(V)=>({...V,...await this._getFinalObjectWithPointerAndRelation({object:V,context:F,originClassName:$,pointers:Y,isGraphQLCall:J})})))}async createObject({className:$,context:A,data:F,select:D,isGraphQLCall:B=!1}){let E=n3({className:$,context:A,newData:F,select:D}),{newData:w}=await E.runOnSingleObject({operationType:"beforeCreate"}),{id:Z}=await this.adapter.createObject({className:$,context:A,select:D,data:w});if(await E.runOnSingleObject({operationType:"afterCreate",id:Z}),D&&Object.keys(D).length===0)return null;return this.getObject({className:$,context:R1(A),select:D,id:Z,skipHooks:!0,isGraphQLCall:B})}async createObjects({data:$,select:A,className:F,context:D,first:B,offset:E,order:w,isGraphQLCall:Z=!1}){if($.length===0)return[];let J=await Promise.all($.map((U)=>n3({className:F,context:D,newData:U,select:A}))),Y=await Promise.all(J.map(async(U)=>(await U.runOnMultipleObjects({operationType:"beforeCreate"}))?.newData[0])),X=(await this.adapter.createObjects({className:F,select:A,context:D,data:Y,first:B,offset:E,order:w})).map(({id:U})=>U);if(await Promise.all(J.map((U)=>U.runOnMultipleObjects({operationType:"afterCreate",ids:X}))),A&&Object.keys(A).length===0)return[];return this.getObjects({className:F,context:D,select:A,where:{id:{in:X}},skipHooks:!0,first:B,offset:E,order:w,isGraphQLCall:Z})}async updateObject({id:$,className:A,context:F,data:D,select:B,skipHooks:E,isGraphQLCall:w=!1}){let Z=!E?n3({className:A,context:F,newData:D,select:B}):void 0,J=await Z?.runOnSingleObject({operationType:"beforeUpdate",id:$}),Y=this._buildWhereWithACL({},F,"write");if(await this.adapter.updateObject({className:A,select:B,id:$,context:F,data:J?.newData||D,where:Y}),await Z?.runOnSingleObject({operationType:"afterUpdate",id:$,originalObject:J?.object}),B&&Object.keys(B).length===0)return null;return this.getObject({className:A,context:F,select:B,id:$,isGraphQLCall:w})}async updateObjects({className:$,where:A,context:F,select:D,data:B,first:E,offset:w,order:Z,skipHooks:J,isGraphQLCall:Y=!1}){let W=await this._getWhereObjectWithPointerOrRelation($,A||{},F),X=!J?n3({className:$,context:F,newData:B,select:D}):void 0,U=this._buildWhereWithACL(W,F,"write"),H=await X?.runOnMultipleObjects({operationType:"beforeUpdate",where:U}),q=(await this.adapter.updateObjects({className:$,context:F,select:D,data:H?.newData[0]||B,where:U,first:E,offset:w,order:Z})).map((V)=>V?.id).filter(x2);if(await X?.runOnMultipleObjects({operationType:"afterUpdate",ids:q,originalObjects:H?.objects||[]}),D&&Object.keys(D).length===0)return[];return this.getObjects({className:$,context:F,select:D,where:{id:{in:q}},first:E,offset:w,order:Z,isGraphQLCall:Y})}async deleteObject({context:$,className:A,id:F,select:D,isGraphQLCall:B=!1}){let E=n3({className:A,context:$,select:D}),w=this._buildWhereWithACL({},$,"write"),Z=null;if(D&&Object.keys(D).length>0)Z=await this.getObject({className:A,select:D,id:F,context:$,isGraphQLCall:B});let J=await E.runOnSingleObject({operationType:"beforeDelete",id:F});return await this.adapter.deleteObject({className:A,context:$,select:D,id:F,where:w}),await E.runOnSingleObject({operationType:"afterDelete",originalObject:J.object}),Z}async deleteObjects({className:$,context:A,select:F,where:D,first:B,offset:E,order:w,isGraphQLCall:Z=!1}){let J=await this._getWhereObjectWithPointerOrRelation($,D||{},A),Y=n3({className:$,context:A,select:F}),W=this._buildWhereWithACL(J,A,"write"),X=[];if(F&&Object.keys(F).length>0)X=await this.getObjects({className:$,where:D,select:F,context:A,first:B,offset:E,order:w,isGraphQLCall:Z});let U=await Y.runOnMultipleObjects({operationType:"beforeDelete",where:W});return await this.adapter.deleteObjects({className:$,context:A,select:F,first:B,offset:E,where:W,order:w}),await Y.runOnMultipleObjects({operationType:"afterDelete",originalObjects:U.objects}),X}}var Zc;((F)=>{F.google="google";F.github="github"})(Zc||={});var O$;((B)=>{B.GitHub="github";B.Google="google";B.EmailPassword="emailPassword";B.PhonePassword="phonePassword"})(O$||={});var Wq;((A)=>A.EmailOTP="emailOTP")(Wq||={});import Jc from"node:crypto";var Yc=($)=>{return Jc.createHash("sha256").update($).digest("base64").split("=")[0].replaceAll("+","-").replaceAll("/","_")},vD=()=>Jc.randomBytes(60).toString("base64url");class fD{clientId;authorizeEndpoint;tokenEndpoint;redirectURI;constructor($,A,F,D){this.clientId=$,this.authorizeEndpoint=A,this.tokenEndpoint=F,this.redirectURI=D}createAuthorizationURL($){let A=Array.from(new Set($?.scopes||[])),F=new URL(this.authorizeEndpoint);if(F.searchParams.set("response_type","code"),F.searchParams.set("client_id",this.clientId),$?.state!==void 0)F.searchParams.set("state",$.state);if(A.length>0)F.searchParams.set("scope",A.join(" "));if(this.redirectURI!==null)F.searchParams.set("redirect_uri",this.redirectURI);if($?.codeVerifier!==void 0){let D=Yc($.codeVerifier);F.searchParams.set("code_challenge_method","S256"),F.searchParams.set("code_challenge",D)}return F}validateAuthorizationCode($,A){let F=new URLSearchParams;if(F.set("code",$),F.set("client_id",this.clientId),F.set("grant_type","authorization_code"),this.redirectURI!==null)F.set("redirect_uri",this.redirectURI);if(A?.codeVerifier!==void 0)F.set("code_verifier",A.codeVerifier);return this._sendTokenRequest(F,A)}async refreshAccessToken($,A){let F=new URLSearchParams;F.set("refresh_token",$),F.set("client_id",this.clientId),F.set("grant_type","refresh_token");let D=Array.from(new Set(A?.scopes??[]));if(D.length>0)F.set("scope",D.join(" "));return await this._sendTokenRequest(F,A)}async _sendTokenRequest($,A){let F=new Headers;if(F.set("Content-Type","application/x-www-form-urlencoded"),F.set("Accept","application/json"),F.set("User-Agent","wabe"),A?.credentials!==void 0)if((A?.authenticateWith||"http_basic_auth")==="http_basic_auth"){let Z=btoa(`${this.clientId}:${A.credentials}`);F.set("Authorization",`Basic ${Z}`)}else $.set("client_secret",A.credentials);let D=new Request(this.tokenEndpoint,{method:"POST",headers:F,body:$}),B=await fetch(D),E=await B.json();if(!("access_token"in E)||B.status!==200||!B.ok)throw new Error("Error in token request");return E}}var ak1="https://accounts.google.com/o/oauth2/v2/auth",ik1="https://oauth2.googleapis.com/token";class bD{client;clientSecret;constructor($){let A=$.authentication?.providers?.google;if(!A)throw new Error("Google config not found");let D=`${`http${$.isProduction?"s":""}://${$.authentication?.backDomain||"127.0.0.1:"+$.port||3000}`}/auth/oauth/callback`;this.client=new fD(A.clientId,ak1,ik1,D),this.clientSecret=A.clientSecret}createAuthorizationURL($,A,F){let D=F?.scopes??[],B=this.client.createAuthorizationURL({state:$,codeVerifier:A,scopes:[...D,"openid"]});return B.searchParams.set("access_type","offline"),B.searchParams.set("prompt","select_account"),B}async validateAuthorizationCode($,A){let{access_token:F,expires_in:D,refresh_token:B,id_token:E}=await this.client.validateAuthorizationCode($,{authenticateWith:"request_body",credentials:this.clientSecret,codeVerifier:A});return{accessToken:F,refreshToken:B,accessTokenExpiresAt:new Date(Date.now()+D*1000),idToken:E}}async refreshAccessToken($){let{access_token:A,expires_in:F}=await this.client.refreshAccessToken($,{authenticateWith:"request_body",credentials:this.clientSecret});return{accessToken:A,accessTokenExpiresAt:new Date(Date.now()+F*1000)}}async getUserInfo($){let A=await fetch(`https://www.googleapis.com/oauth2/v1/userinfo?alt=json&access_token=${$}`),{email:F,verified_email:D}=await A.json();return{email:F,verifiedEmail:D}}}var tD=H1(xs(),1);class D4{accessToken=void 0;refreshToken=void 0;getAccessTokenExpireAt($){let A=$?.authentication?.session?.accessTokenExpiresInMs;if(!A)return new Date(Date.now()+900000);return new Date(Date.now()+A)}_getRefreshTokenExpiresInMs($){let A=$?.authentication?.session?.refreshTokenExpiresInMs;if(!A)return 2592000000;return A}getRefreshTokenExpireAt($){let A=this._getRefreshTokenExpiresInMs($);return new Date(Date.now()+A)}async meFromAccessToken($,A){let F=await A.wabe.controllers.database.getObjects({className:"_Session",where:{accessToken:{equalTo:$},OR:[{accessTokenExpiresAt:{greaterThanOrEqualTo:new Date}},{refreshTokenExpiresAt:{greaterThanOrEqualTo:new Date}}]},select:{id:!0,user:!0,accessTokenExpiresAt:!0,refreshTokenExpiresAt:!0,refreshToken:!0},first:1,context:A});if(F.length===0)return{sessionId:null,user:null,accessToken:null,refreshToken:null};let D=F[0];if(!D||!D?.user)return{sessionId:null,user:null,accessToken:null,refreshToken:null};let B=D.user,E=await A.wabe.controllers.database.getObject({className:"User",select:{role:!0},context:A,id:B.id});if(new Date(D.accessTokenExpiresAt)<new Date&&new Date(D.refreshTokenExpiresAt)>=new Date&&D.refreshToken){let{accessToken:w,refreshToken:Z}=await this.refresh($,D.refreshToken,A);return{sessionId:D.id,user:{...B,role:E?.role},accessToken:w,refreshToken:Z}}return{sessionId:D.id,user:{...B,role:E?.role},accessToken:$,refreshToken:D.refreshToken}}async create($,A){this.accessToken=tD.default.sign({userId:$,iat:Date.now(),exp:this.getAccessTokenExpireAt(A.wabe.config).getTime()},import.meta.env.JWT_SECRET||"dev"),this.refreshToken=tD.default.sign({userId:$,iat:Date.now(),exp:this.getRefreshTokenExpireAt(A.wabe.config).getTime()},import.meta.env.JWT_SECRET||"dev");let F=await A.wabe.controllers.database.createObject({className:"_Session",context:R1(A),data:{accessToken:this.accessToken,accessTokenExpiresAt:this.getAccessTokenExpireAt(A.wabe.config),refreshToken:this.refreshToken,refreshTokenExpiresAt:this.getRefreshTokenExpireAt(A.wabe.config),user:$},select:{id:!0}});if(!F)throw new Error("Session not created");return{accessToken:this.accessToken,refreshToken:this.refreshToken,sessionId:F.id}}async delete($){if(!$.sessionId)return;await $.wabe.controllers.database.deleteObject({className:"_Session",context:R1($),id:$.sessionId,select:{}})}_isRefreshTokenExpired($,A){let F=$.getTime()-A;return Date.now()-F>=0.75*A}async refresh($,A,F){let D=await F.wabe.controllers.database.getObjects({className:"_Session",where:{accessToken:{equalTo:$}},select:{id:!0,user:{id:!0,role:{id:!0,name:!0}},refreshToken:!0,refreshTokenExpiresAt:!0},context:R1(F)});if(!D.length)return{accessToken:null,refreshToken:null};if(!D[0])throw new Error("Session not found");let{refreshTokenExpiresAt:B,user:E,refreshToken:w,id:Z}=D[0];if(new Date(B)<new Date(Date.now()))throw new Error("Refresh token expired");let J=this._getRefreshTokenExpiresInMs(F.wabe.config);if(!this._isRefreshTokenExpired(new Date(B),J))return{accessToken:$,refreshToken:A};if(A!==w)throw new Error("Invalid refresh token");let Y=E?.id;if(!Y)return{accessToken:null,refreshToken:null};let W=tD.default.sign({userId:Y,iat:Date.now(),exp:this.getAccessTokenExpireAt(F.wabe.config).getTime()},import.meta.env.JWT_SECRET||"dev"),X=tD.default.sign({userId:Y,iat:Date.now(),exp:this.getRefreshTokenExpireAt(F.wabe.config).getTime()},import.meta.env.JWT_SECRET||"dev");return await F.wabe.controllers.database.updateObject({className:"_Session",context:R1(F),id:Z,data:{accessToken:W,accessTokenExpiresAt:this.getAccessTokenExpireAt(F.wabe.config),refreshToken:X,refreshTokenExpiresAt:this.getRefreshTokenExpireAt(F.wabe.config)},select:{}}),{accessToken:W,refreshToken:X}}}var ys=async($,A,F)=>{let{input:{refreshToken:D,accessToken:B}}=A,E=new D4,{accessToken:w,refreshToken:Z}=await E.refresh(B,D,F);return{accessToken:w,refreshToken:Z}};var ls=async($,A,F)=>{if(await new D4().delete(F),F.wabe.config.authentication?.session?.cookieSession)F.response?.deleteCookie("accessToken"),F.response?.deleteCookie("refreshToken");return!0};var cs=async($,{input:A},F)=>{if(!A.secondFA)throw new Error("One factor is required");let D=Object.keys(A.secondFA);if(D.length>1)throw new Error("Only one factor is allowed");let{provider:B,name:E}=g9(D,F),w=await B.onVerifyChallenge({context:F,input:A.secondFA[E]});if(!w?.userId)throw new Error("Invalid challenge");let Z=new D4,{accessToken:J,refreshToken:Y}=await Z.create(w.userId,F);if(F.wabe.config.authentication?.session?.cookieSession){let W=Z.getAccessTokenExpireAt(F.wabe.config),X=Z.getRefreshTokenExpireAt(F.wabe.config);F.response?.setCookie("refreshToken",Y,{httpOnly:!0,path:"/",sameSite:"None",secure:!0,expires:X}),F.response?.setCookie("accessToken",J,{httpOnly:!0,path:"/",sameSite:"None",secure:!0,expires:W})}return{accessToken:J}};var as=($,A,F)=>{if(!F.user?.id)return{user:void 0};return{user:F.user}};var is=($,{input:A},F)=>{if(!F.user&&!F.isRoot)throw new Error("Permission denied");let D=F.wabe.controllers.email;if(!D)throw new Error("Email adapter not defined");return D.send({...A,text:A.text??void 0,html:A.html??void 0})};var dn=H1(hn(),1);import{createHash as Nn}from"node:crypto";var Kx1=5;class T8{secret;internalTotp;constructor($){this.secret=$,this.internalTotp=dn.totp.clone({window:[Kx1,0]})}generate($){let A=Nn("sha256").update(`${this.secret}:${$}`).digest("hex");return this.internalTotp.generate(A)}verify($,A){let F=Nn("sha256").update(`${this.secret}:${A}`).digest("hex");return this.internalTotp.verify({secret:F,token:$})}}var kn=async($,{input:{email:A,phone:F,password:D,otp:B}},E)=>{if(!A&&!F)throw new Error("Email or phone is required");let w=await E.wabe.controllers.database.getObjects({className:"User",where:{...A&&{email:{equalTo:A}},...F&&{authentication:{phonePassword:{phone:{equalTo:F}}}}},select:{id:!0,authentication:!0},first:1,context:R1(E)});if(w.length===0)return!0;let Z=w[0];if(!Z)return!0;let Y=new T8(E.wabe.config.rootKey).verify(B,Z.id);if(B!=="000000"&&!Y)throw new Error("Invalid OTP code");let W=F?"phonePassword":"emailPassword";return await E.wabe.controllers.database.updateObject({className:"User",id:Z.id,data:{authentication:{[W]:{...F&&{phone:Z.authentication?.phonePassword?.phone},...A&&{email:A},password:D}}},select:{},context:R1(E)}),!0};var mJ=($)=>`
+`));if(E.enable(F.StreamResponse),E.setStreamProgressCallback(function(){return $.signal.aborted?process.env.DEBUG?B.Continue:1:0}),$.bodyType==="String")E.setOpt("POSTFIELDS",$.bodyInit);else{let U=$.body!=null?lV.isNodeReadable($.body)?$.body:n01.Readable.from($.body):null;if(U)E.setOpt("UPLOAD",!0),E.setUploadStream(U)}if(process.env.DEBUG)E.setOpt("VERBOSE",!0);E.setOpt("TRANSFER_ENCODING",!1),E.setOpt("HTTP_TRANSFER_DECODING",!0),E.setOpt("FOLLOWLOCATION",$.redirect==="follow"),E.setOpt("MAXREDIRS",20),E.setOpt("ACCEPT_ENCODING",""),E.setOpt("CUSTOMREQUEST",$.method);let w=$.headersSerializer||lV.defaultHeadersSerializer,Z,J=w($.headers,(U)=>{Z=Number(U)});if(Z!=null)E.setOpt("INFILESIZE",Z);E.setOpt("HTTPHEADER",J),E.enable(F.NoHeaderParsing);let Y=En1.createDeferredPromise(),W;function X(){if(E.isOpen)try{E.pause(D.Recv)}catch(U){Y.reject(U)}}if($.signal)$.signal.addEventListener("abort",X,{once:!0});return E.once("end",function U(){try{E.close()}catch(H){Y.reject(H)}if($.signal)$.signal.removeEventListener("abort",X)}),E.once("error",function U(H){if(W&&!W.closed&&!W.destroyed)W.destroy(H);else{if(H.message==="Operation was aborted by an application callback")H.message="The operation was aborted.";Y.reject(H)}try{E.close()}catch(Q){Y.reject(Q)}}),E.once("stream",function U(H,Q,q){let V=new n01.PassThrough;Dn1.pipeline(H,V,{end:!0,signal:$.signal}).then(()=>{if(!H.destroyed)H.resume()}).catch(Y.reject);let h=q.toString("utf8").split(/\r?\n|\r/g).filter((T)=>{if(T&&!T.startsWith("HTTP/")){if($.redirect==="error"&&T.toLowerCase().includes("location")&&lV.shouldRedirect(Q)){if(!H.destroyed)H.resume();V.destroy(),Y.reject(new Error("redirect is not allowed"))}return!0}return!1}).map((T)=>T.split(/:\s(.+)/).slice(0,2)),P=new wn1.PonyfillResponse(V,{status:Q,headers:h,url:E.getInfo(A.info.REDIRECT_URL)?.toString()||$.url,redirected:Number(E.getInfo(A.info.REDIRECT_COUNT))>0});Y.resolve(P),W=V}),setImmediate(()=>{E.perform()}),Y.promise}});var LB=C((e01)=>{Object.defineProperty(e01,"__esModule",{value:!0});e01.PonyfillURL=void 0;var Yn1=dY(),Wn1=Yn1.__importDefault(p("node:buffer")),Xn1=p("node:crypto");class o01 extends URL{static blobRegistry=new Map;static createObjectURL($){let A=`blob:whatwgnode:${Xn1.randomUUID()}`;return this.blobRegistry.set(A,$),A}static revokeObjectURL($){if(!this.blobRegistry.has($))URL.revokeObjectURL($);else this.blobRegistry.delete($)}static getBlobFromURL($){return this.blobRegistry.get($)||Wn1.default?.resolveObjectURL?.($)}}e01.PonyfillURL=o01});var lY=C((D21)=>{Object.defineProperty(D21,"__esModule",{value:!0});D21.PonyfillRequest=void 0;var Un1=p("node:http"),Hn1=p("node:https"),Qn1=gY(),A21=xY(),Cn1=LB();function Gn1($){return $[Symbol.toStringTag]==="Request"}function Kn1($){return $?.href!=null}class F21 extends Qn1.PonyfillBody{constructor($,A){let F,D,B=null,E;if(typeof $==="string")F=$;else if(Kn1($))D=$;else if(Gn1($)){if($._parsedUrl)D=$._parsedUrl;else if($._url)F=$._url;else F=$.url;B=$.body,E=$}if(A!=null)B=A.body||null,E=A;super(B,A);if(this._url=F,this._parsedUrl=D,this.cache=E?.cache||"default",this.credentials=E?.credentials||"same-origin",this.headers=E?.headers&&A21.isHeadersLike(E.headers)?E.headers:new A21.PonyfillHeaders(E?.headers),this.integrity=E?.integrity||"",this.keepalive=E?.keepalive!=null?E?.keepalive:!1,this.method=E?.method?.toUpperCase()||"GET",this.mode=E?.mode||"cors",this.redirect=E?.redirect||"follow",this.referrer=E?.referrer||"about:client",this.referrerPolicy=E?.referrerPolicy||"no-referrer",this.signal=E?.signal||new AbortController().signal,this.headersSerializer=E?.headersSerializer,this.duplex=E?.duplex||"half",this.destination="document",this.priority="auto",this.method!=="GET"&&this.method!=="HEAD")this.handleContentLengthHeader(!0);if(E?.agent!=null){let w=D?.protocol||F||this.url;if(E.agent===!1)this.agent=!1;else if(w.startsWith("http:")&&E.agent instanceof Un1.Agent)this.agent=E.agent;else if(w.startsWith("https:")&&E.agent instanceof Hn1.Agent)this.agent=E.agent}}headersSerializer;cache;credentials;destination;headers;integrity;keepalive;method;mode;priority;redirect;referrer;referrerPolicy;_url;get url(){if(this._url==null)if(this._parsedUrl)this._url=this._parsedUrl.toString();else throw new TypeError("Invalid URL");return this._url}_parsedUrl;get parsedUrl(){if(this._parsedUrl==null)if(this._url!=null)this._parsedUrl=new Cn1.PonyfillURL(this._url,"http://localhost");else throw new TypeError("Invalid URL");return this._parsedUrl}duplex;agent;signal;clone(){return this}[Symbol.toStringTag]="Request"}D21.PonyfillRequest=F21});var Y21=C((J21)=>{Object.defineProperty(J21,"__esModule",{value:!0});J21.fetchNodeHttp=Z21;var w21=p("node:http"),qn1=p("node:https"),E21=p("node:stream"),zn1=p("node:stream/promises"),cY=p("node:zlib"),Vn1=lY(),un1=RB(),Pn1=LB(),cV=D9();function Mn1($){if($.startsWith("http:"))return w21.request;else if($.startsWith("https:"))return qn1.request;throw new Error(`Unsupported protocol: ${$.split(":")[0]||$}`)}function Z21($){return new Promise((A,F)=>{try{let D=Mn1($.parsedUrl?.protocol||$.url),B=$.body!=null?cV.isNodeReadable($.body)?$.body:E21.Readable.from($.body):null,w=($.headersSerializer||cV.getHeadersObj)($.headers);if(w["accept-encoding"]==null)w["accept-encoding"]="gzip, deflate, br";let Z;if($.parsedUrl)Z=D($.parsedUrl,{method:$.method,headers:w,signal:$.signal,agent:$.agent});else Z=D($.url,{method:$.method,headers:w,signal:$.signal,agent:$.agent});if(Z.once("response",(J)=>{let Y;switch(J.headers["content-encoding"]){case"x-gzip":case"gzip":Y=cY.createGunzip();break;case"x-deflate":case"deflate":Y=cY.createInflate();break;case"x-deflate-raw":case"deflate-raw":Y=cY.createInflateRaw();break;case"br":Y=cY.createBrotliDecompress();break;default:Y=new E21.PassThrough}if(J.headers.location&&cV.shouldRedirect(J.statusCode)){if($.redirect==="error"){let Q=new Error("Redirects are not allowed");F(Q),J.resume();return}if($.redirect==="follow"){let Q=new Pn1.PonyfillURL(J.headers.location,$.parsedUrl||$.url),q=Z21(new Vn1.PonyfillRequest(Q,$));A(q.then((V)=>{return V.redirected=!0,V})),J.resume();return}}zn1.pipeline(J,Y,{signal:$.signal,end:!0}).then(()=>{if(!J.destroyed)J.resume()}).catch(F);let X=J.statusCode||200,U=J.statusMessage||w21.STATUS_CODES[X];if(U==null)U="";let H=new un1.PonyfillResponse(Y,{status:X,statusText:U,headers:J.headers,url:$.url});A(H)}),Z.once("error",F),B)B.pipe(Z);else Z.end()}catch(D){F(D)}})}});var Q21=C((H21)=>{Object.defineProperty(H21,"__esModule",{value:!0});H21.fetchPonyfill=U21;var jn1=p("node:buffer"),aY=p("node:fs"),Rn1=p("node:url"),Ln1=t01(),Tn1=Y21(),Sn1=lY(),YA=RB(),On1=LB(),W21=D9(),X21=";base64";async function hn1($){let A=Rn1.fileURLToPath($);try{await aY.promises.access(A,aY.promises.constants.R_OK);let F=await aY.promises.stat(A,{bigint:!0}),D=aY.createReadStream(A);return new YA.PonyfillResponse(D,{status:200,statusText:"OK",headers:{"content-type":"application/octet-stream","last-modified":F.mtime.toUTCString()}})}catch(F){if(F.code==="ENOENT")return new YA.PonyfillResponse(null,{status:404,statusText:"Not Found"});else if(F.code==="EACCES")return new YA.PonyfillResponse(null,{status:403,statusText:"Forbidden"});throw F}}function Nn1($){let[A="text/plain",...F]=$.substring(5).split(","),D=decodeURIComponent(F.join(","));if(A.endsWith(X21)){let B=jn1.Buffer.from(D,"base64url"),E=A.slice(0,-X21.length);return new YA.PonyfillResponse(B,{status:200,statusText:"OK",headers:{"content-type":E}})}return new YA.PonyfillResponse(D,{status:200,statusText:"OK",headers:{"content-type":A}})}function dn1($){let A=On1.PonyfillURL.getBlobFromURL($);if(!A)throw new TypeError("Invalid Blob URL");return new YA.PonyfillResponse(A,{status:200,headers:{"content-type":A.type,"content-length":A.size.toString()}})}function kn1($){return $!=null&&$.href!=null}function U21($,A){if(typeof $==="string"||kn1($)){let D=new Sn1.PonyfillRequest($,A);return U21(D)}let F=$;if(F.url.startsWith("data:")){let D=Nn1(F.url);return W21.fakePromise(D)}if(F.url.startsWith("file:"))return hn1(F.url);if(F.url.startsWith("blob:")){let D=dn1(F.url);return W21.fakePromise(D)}if(globalThis.libcurl&&!F.agent)return Ln1.fetchCurl(F);return Tn1.fetchNodeHttp(F)}});var aV=C((K21)=>{Object.defineProperty(K21,"__esModule",{value:!0});K21.PonyfillTextDecoder=K21.PonyfillTextEncoder=void 0;K21.PonyfillBtoa=fn1;var TB=p("node:buffer"),vn1=D9();class C21{encoding;constructor($="utf-8"){this.encoding=$}encode($){return TB.Buffer.from($,this.encoding)}encodeInto($,A){let D=this.encode($).copy(A);return{read:D,written:D}}}K21.PonyfillTextEncoder=C21;class G21{encoding;fatal=!1;ignoreBOM=!1;constructor($="utf-8",A){if(this.encoding=$,A)this.fatal=A.fatal||!1,this.ignoreBOM=A.ignoreBOM||!1}decode($){if(TB.Buffer.isBuffer($))return $.toString(this.encoding);if(vn1.isArrayBufferView($))return TB.Buffer.from($.buffer,$.byteOffset,$.byteLength).toString(this.encoding);return TB.Buffer.from($).toString(this.encoding)}}K21.PonyfillTextDecoder=G21;function fn1($){return TB.Buffer.from($,"binary").toString("base64")}});var u21=C((z21)=>{Object.defineProperty(z21,"__esModule",{value:!0});z21.PonyfillURLSearchParams=void 0;z21.PonyfillURLSearchParams=globalThis.URLSearchParams});var nV=C((M21)=>{Object.defineProperty(M21,"__esModule",{value:!0});M21.PonyfillWritableStream=void 0;var iV=p("node:stream"),sV=D9();class P21{writable;constructor($){if($ instanceof iV.Writable)this.writable=$;else if($){let A=new iV.Writable({write(B,E,w){try{let Z=$.write?.(B,D);if(Z instanceof Promise)Z.then(()=>{w()},(J)=>{w(J)});else w()}catch(Z){w(Z)}},final(B){let E=$.close?.();if(E instanceof Promise)E.then(()=>{B()},(w)=>{B(w)});else B()}});this.writable=A;let F=new AbortController,D={signal:F.signal,error(B){A.destroy(B)}};A.once("error",(B)=>F.abort(B)),A.once("close",()=>F.abort())}else this.writable=new iV.Writable}getWriter(){let $=this.writable;return{closed:new Promise((A)=>{$.once("close",()=>{A(void 0)})}),get desiredSize(){return $.writableLength},ready:new Promise((A)=>{$.once("drain",()=>{A(void 0)})}),releaseLock(){},write(A){if(A==null)return sV.fakePromise();return new Promise((F,D)=>{$.write(A,(B)=>{if(B)D(B);else F()})})},close(){if(!$.errored&&$.closed)return sV.fakePromise();return new Promise((A,F)=>{if($.errored)F($.errored);else $.end((D)=>{if(D)F(D);else A()})})},abort(A){return new Promise((F)=>{$.destroy(A),$.once("close",F)})}}}close(){if(!this.writable.errored&&this.writable.closed)return sV.fakePromise();return new Promise(($,A)=>{if(this.writable.errored)A(this.writable.errored);else this.writable.end((F)=>{if(F)A(F);else $()})})}abort($){return new Promise((A)=>{this.writable.destroy($),this.writable.once("close",A)})}locked=!1}M21.PonyfillWritableStream=P21});var SB=C((R21)=>{Object.defineProperty(R21,"__esModule",{value:!0});R21.PonyfillTransformStream=void 0;var rV=p("node:stream"),pn1=JA(),gn1=nV();class j21{transform;writable;readable;constructor($){if($ instanceof rV.Transform)this.transform=$;else if($){let A={enqueue(D){F.push(D)},error(D){F.destroy(D)},terminate(){F.end()},get desiredSize(){return F.writableLength}},F=new rV.Transform({read(){},write(D,B,E){try{let w=$.transform?.(D,A);if(w instanceof Promise)w.then(()=>{E()},(Z)=>{E(Z)});else E()}catch(w){E(w)}},final(D){try{let B=$.flush?.(A);if(B instanceof Promise)B.then(()=>{D()},(E)=>{D(E)});else D()}catch(B){D(B)}}});this.transform=F}else this.transform=new rV.Transform;this.writable=new gn1.PonyfillWritableStream(this.transform),this.readable=new pn1.PonyfillReadableStream(this.transform)}}R21.PonyfillTransformStream=j21});var h21=C((S21)=>{Object.defineProperty(S21,"__esModule",{value:!0});S21.PonyfillCompressionStream=void 0;var iY=p("node:zlib"),xn1=SB();class T21 extends xn1.PonyfillTransformStream{static supportedFormats=globalThis.process?.version?.startsWith("v2")?["gzip","deflate","br"]:["gzip","deflate","deflate-raw","br"];constructor($){switch($){case"x-gzip":case"gzip":super(iY.createGzip());break;case"x-deflate":case"deflate":super(iY.createDeflate());break;case"deflate-raw":super(iY.createDeflateRaw());break;case"br":super(iY.createBrotliCompress());break;default:throw new Error(`Unsupported compression format: ${$}`)}}}S21.PonyfillCompressionStream=T21});var m21=C((d21)=>{Object.defineProperty(d21,"__esModule",{value:!0});d21.PonyfillDecompressionStream=void 0;var sY=p("node:zlib"),yn1=SB();class N21 extends yn1.PonyfillTransformStream{static supportedFormats=globalThis.process?.version?.startsWith("v2")?["gzip","deflate","br"]:["gzip","deflate","deflate-raw","br"];constructor($){switch($){case"x-gzip":case"gzip":super(sY.createGunzip());break;case"x-deflate":case"deflate":super(sY.createInflate());break;case"deflate-raw":super(sY.createInflateRaw());break;case"br":super(sY.createBrotliDecompress());break;default:throw new TypeError(`Unsupported compression format: '${$}'`)}}}d21.PonyfillDecompressionStream=N21});var x21=C((p21)=>{Object.defineProperty(p21,"__esModule",{value:!0});p21.PonyfillTextEncoderStream=p21.PonyfillTextDecoderStream=void 0;var v21=aV(),f21=SB();class b21 extends f21.PonyfillTransformStream{textDecoder;constructor($,A){super({transform:(F,D)=>{D.enqueue(this.textDecoder.decode(F,{stream:!0}))}});this.textDecoder=new v21.PonyfillTextDecoder($,A)}get encoding(){return this.textDecoder.encoding}get fatal(){return this.textDecoder.fatal}get ignoreBOM(){return this.textDecoder.ignoreBOM}}p21.PonyfillTextDecoderStream=b21;class _21 extends f21.PonyfillTransformStream{textEncoder;constructor($){super({transform:(A,F)=>{F.enqueue(this.textEncoder.encode(A))}});this.textEncoder=new v21.PonyfillTextEncoder($)}get encoding(){return this.textEncoder.encoding}encode($){return this.textEncoder.encode($)}}p21.PonyfillTextEncoderStream=_21});var l21=C((_0)=>{Object.defineProperty(_0,"__esModule",{value:!0});_0.TextEncoderStream=_0.TextDecoderStream=_0.IteratorObject=_0.DecompressionStream=_0.CompressionStream=_0.TransformStream=_0.WritableStream=_0.URLSearchParams=_0.URL=_0.btoa=_0.TextDecoder=_0.TextEncoder=_0.Blob=_0.FormData=_0.File=_0.ReadableStream=_0.Response=_0.Request=_0.Body=_0.Headers=_0.fetch=void 0;var cn1=Q21();Object.defineProperty(_0,"fetch",{enumerable:!0,get:function(){return cn1.fetchPonyfill}});var an1=xY();Object.defineProperty(_0,"Headers",{enumerable:!0,get:function(){return an1.PonyfillHeaders}});var in1=gY();Object.defineProperty(_0,"Body",{enumerable:!0,get:function(){return in1.PonyfillBody}});var sn1=lY();Object.defineProperty(_0,"Request",{enumerable:!0,get:function(){return sn1.PonyfillRequest}});var nn1=RB();Object.defineProperty(_0,"Response",{enumerable:!0,get:function(){return nn1.PonyfillResponse}});var rn1=JA();Object.defineProperty(_0,"ReadableStream",{enumerable:!0,get:function(){return rn1.PonyfillReadableStream}});var tn1=mV();Object.defineProperty(_0,"File",{enumerable:!0,get:function(){return tn1.PonyfillFile}});var on1=xV();Object.defineProperty(_0,"FormData",{enumerable:!0,get:function(){return on1.PonyfillFormData}});var en1=fY();Object.defineProperty(_0,"Blob",{enumerable:!0,get:function(){return en1.PonyfillBlob}});var tV=aV();Object.defineProperty(_0,"TextEncoder",{enumerable:!0,get:function(){return tV.PonyfillTextEncoder}});Object.defineProperty(_0,"TextDecoder",{enumerable:!0,get:function(){return tV.PonyfillTextDecoder}});Object.defineProperty(_0,"btoa",{enumerable:!0,get:function(){return tV.PonyfillBtoa}});var $r1=LB();Object.defineProperty(_0,"URL",{enumerable:!0,get:function(){return $r1.PonyfillURL}});var Ar1=u21();Object.defineProperty(_0,"URLSearchParams",{enumerable:!0,get:function(){return Ar1.PonyfillURLSearchParams}});var Fr1=nV();Object.defineProperty(_0,"WritableStream",{enumerable:!0,get:function(){return Fr1.PonyfillWritableStream}});var Dr1=SB();Object.defineProperty(_0,"TransformStream",{enumerable:!0,get:function(){return Dr1.PonyfillTransformStream}});var Br1=h21();Object.defineProperty(_0,"CompressionStream",{enumerable:!0,get:function(){return Br1.PonyfillCompressionStream}});var Er1=m21();Object.defineProperty(_0,"DecompressionStream",{enumerable:!0,get:function(){return Er1.PonyfillDecompressionStream}});var wr1=pY();Object.defineProperty(_0,"IteratorObject",{enumerable:!0,get:function(){return wr1.PonyfillIteratorObject}});var y21=x21();Object.defineProperty(_0,"TextDecoderStream",{enumerable:!0,get:function(){return y21.PonyfillTextDecoderStream}});Object.defineProperty(_0,"TextEncoderStream",{enumerable:!0,get:function(){return y21.PonyfillTextEncoderStream}})});var a21=C((HY0,c21)=>{var Jr1=uV(),p0;c21.exports=function $(A={}){let F={};if(F.URLPattern=globalThis.URLPattern,!F.URLPattern){let D=ae();F.URLPattern=D.URLPattern}if(A.skipPonyfill||Jr1())return{fetch:globalThis.fetch,Headers:globalThis.Headers,Request:globalThis.Request,Response:globalThis.Response,FormData:globalThis.FormData,ReadableStream:globalThis.ReadableStream,WritableStream:globalThis.WritableStream,TransformStream:globalThis.TransformStream,CompressionStream:globalThis.CompressionStream,DecompressionStream:globalThis.DecompressionStream,TextDecoderStream:globalThis.TextDecoderStream,TextEncoderStream:globalThis.TextEncoderStream,Blob:globalThis.Blob,File:globalThis.File,crypto:globalThis.crypto,btoa:globalThis.btoa,TextEncoder:globalThis.TextEncoder,TextDecoder:globalThis.TextDecoder,URLPattern:F.URLPattern,URL:globalThis.URL,URLSearchParams:globalThis.URLSearchParams};if(p0||=l21(),F.fetch=p0.fetch,F.Request=p0.Request,F.Response=p0.Response,F.Headers=p0.Headers,F.FormData=p0.FormData,F.ReadableStream=p0.ReadableStream,F.URL=p0.URL,F.URLSearchParams=p0.URLSearchParams,F.WritableStream=p0.WritableStream,F.TransformStream=p0.TransformStream,F.CompressionStream=p0.CompressionStream,F.DecompressionStream=p0.DecompressionStream,F.TextDecoderStream=p0.TextDecoderStream,F.TextEncoderStream=p0.TextEncoderStream,F.Blob=p0.Blob,F.File=p0.File,F.crypto=globalThis.crypto,F.btoa=p0.btoa,F.TextEncoder=p0.TextEncoder,F.TextDecoder=p0.TextDecoder,A.formDataLimits)F.Body=class D extends p0.Body{constructor(B,E){super(B,{formDataLimits:A.formDataLimits,...E})}},F.Request=class D extends p0.Request{constructor(B,E){super(B,{formDataLimits:A.formDataLimits,...E})}},F.Response=class D extends p0.Response{constructor(B,E){super(B,{formDataLimits:A.formDataLimits,...E})}};if(!F.crypto){let D=p("crypto");F.crypto=D.webcrypto}return F}});var n31=async($)=>{let A=$.context.wabe.config.schema?.classes?.find((F)=>F.name===$.className);if(!A)return;Object.entries(A.fields).filter(([F,D])=>D.type==="File").map(async([F])=>{let D=$.originalObject?.[F]?.name;if(!D)return;if(!$.context.wabe.controllers.file)throw new Error("No file adapter found");await $.context.wabe.controllers.file?.deleteFile(D)})},zu=($)=>n31($);var r31=async($)=>{let A=$.context.wabe.config.schema?.classes?.find((D)=>D.name===$.className);if(!A)return;let F=$.context.wabe.config.file?.urlCacheInSeconds||86400;await Promise.all(Object.entries(A.fields).filter(([D,B])=>B.type==="File").map(async([D])=>{let B=$.object?.[D];if(!B)return;let E=B.name;if(!E&&B.url)return B.url;let w=B.urlGeneratedAt;if(w&&w.getTime()+F*1000>new Date().getTime())return;if(!$.context.wabe.controllers.file)throw new Error("No file adapter found");let Z=await $.context.wabe.controllers.file?.readFile(E);return $.context.wabe.controllers.database.updateObject({className:$.className,context:$.context,id:$.object?.id||"",data:{[D]:{...B,urlGeneratedAt:new Date,url:Z||B.url}},skipHooks:!0})}))},Vu=($)=>r31($);var uu=async($)=>{let A=$.getNewData(),F=$.context.wabe.config.schema?.classes?.find((D)=>D.name===$.className);if(!F)return;await Promise.all(Object.keys(A).map(async(D)=>{let B=A[D]?.file,E=A[D]?.url;if(!B&&!E)return;if(E){$.upsertNewData(D,{url:E,isPresignedUrl:!1});return}if(F.fields[D].type!=="File"||!(B instanceof File))return;if(!$.context.wabe.controllers.file)throw new Error("No file adapter found");await $.context.wabe.controllers.file?.uploadFile(B),$.upsertNewData(D,{name:B.name,isPresignedUrl:!0})}))},Pu=($)=>uu($),Mu=($)=>uu($);var R1=($)=>({...$,isRoot:!0});class pB{className;newData;operationType;context;object;originalObject;select;constructor({newData:$,className:A,operationType:F,context:D,object:B,originalObject:E,select:w}){this.newData=$,this.className=A,this.operationType=F,this.context=D,this.object=B,this.originalObject=E,this.select=w||{}}getUser(){return this.context.user}isFieldUpdated($){return this.newData&&!!this.newData[$]}upsertNewData($,A){if(!this.newData)return;if(!this.operationType.includes("before"))throw new Error("Cannot set data in a hook that is not a before hook");this.newData[$]=A}getNewData(){return this.newData||{}}fetch(){let $=this.context.wabe.controllers.database;if(!this.object?.id)return Promise.resolve(null);return $.getObject({className:this.className,id:this.object.id,context:R1(this.context)})}async addACL($,A){let F=async(Y)=>{if(this.className==="User"){let W=this.object?.id;if(W)await this.context.wabe.controllers.database.updateObject({className:this.className,context:R1(this.context),id:W,data:{acl:Y},select:{}});return}this.upsertNewData("acl",Y)},B=(this.className==="User"?await this.context.wabe.controllers.database.getObject({className:"User",select:{acl:!0},id:this.object?.id,context:R1(this.context)}):{acl:this.getNewData().acl})?.acl||{};if(A===null){await F({...B,[$]:[]});return}let{userId:E,role:w,read:Z,write:J}=A;if(E&&w)throw new Error("Cannot specify both userId and role");if(w){let W=(await this.context.wabe.controllers.database.getObjects({className:"Role",select:{id:!0},where:{name:{equalTo:w}},context:R1(this.context)}))[0]?.id;await F({...B,[$]:[...B?.[$]||[],{roleId:W,read:Z,write:J}]});return}await F({...B,[$]:[...B?.[$]||[],{userId:E,read:Z,write:J}]})}}import{Algorithm as t31,hash as o31}from"@node-rs/argon2";var g9=($,A)=>{let F=A.wabe.config?.authentication?.customAuthenticationMethods;if(!F)throw new Error("No custom authentication methods found");let D=$.filter((w)=>w!=="secondaryFactor");if(D.length>1||D.length===0)throw new Error("One authentication method is required at the time");let B=D[0],E=F.find((w)=>w.name.toLowerCase()===B.toLowerCase());if(!E)throw new Error("No available custom authentication methods found");return E},D7=($)=>o31($,{algorithm:t31.Argon2id});var Iu=async($)=>{if(!$.isFieldUpdated("authentication")||$.getNewData().isOauth)return;let A=$.context,F=$.getNewData().authentication;if(F.emailPasswordSRP)return;let{provider:D,name:B}=g9(Object.keys(F),A),E=F[B],{authenticationDataToSave:w}=await D.onSignUp({input:E,context:A});$.upsertNewData("authentication",{[B]:w})},ju=async($)=>{if(!$.isFieldUpdated("authentication")||$.getNewData().isOauth)return;let A=$.context,F=$.getNewData().authentication;if(F.emailPasswordSRP)return;let{provider:D,name:B}=g9(Object.keys(F),A);if(!D.onUpdateAuthenticationData)return;let E=F[B];if(!$.object?.id)return;let{authenticationDataToSave:w}=await D.onUpdateAuthenticationData({context:A,input:E,userId:$.object.id});$.upsertNewData("authentication",{[B]:w})};var PA=($)=>{let A=$.search(/[a-z]/i);return $.slice(0,A)+$[A].toUpperCase()+$.slice(A+1)},x9=($)=>{let A=$.search(/[a-z]/i);return $.slice(0,A)+$[A].toLowerCase()+$.slice(A+1)},B7=($,A)=>{let F=A.schema?.classes?.find((D)=>D.name===$);if(!F)throw new Error("Class not found in schema");return F},Ru=($,A)=>{let F=A.get("Cookie");if(!F)return;let D=F.split(";").find((B)=>B.includes($));if(!D)return;return D.split("=")[1]},gB=($)=>{return $.toLowerCase().normalize("NFD").replace(/[\u0300-\u036f]/g,"").replace(/\s\s+/g," ").replace(/[\W_]+/g," ").trim()};var Lu=($)=>{if(!$.isFieldUpdated("createdAt"))$.upsertNewData("createdAt",new Date);if(!$.isFieldUpdated("updatedAt"))$.upsertNewData("updatedAt",new Date)},Tu=($)=>{$.upsertNewData("updatedAt",new Date)},Su=async($)=>{let A=B7($.className,$.context.wabe.config);Object.keys(A.fields).map((D)=>{let B=A.fields[D];if(!$.isFieldUpdated(D)&&B.type!=="Pointer"&&B.type!=="Relation"&&B.type!=="File"&&B.defaultValue!==void 0)$.upsertNewData(D,B.defaultValue)})};var Ou=async($)=>{let A=$.object?.id;await $.context.wabe.controllers.database.deleteObjects({className:"_Session",context:R1($.context),where:{user:{id:{equalTo:A}}},select:{}})};var e31=($)=>{return{beforeCreate:"create",afterCreate:"create",beforeRead:"read",afterRead:"read",beforeDelete:"delete",afterDelete:"delete",beforeUpdate:"update",afterUpdate:"update"}[$]},$91=async({className:$,operation:A,context:F})=>{let D=F.wabe.config.schema?.classes?.find((E)=>E.name===$);if(!D)throw new Error(`Class ${$} not found in schema`);return D.permissions?.[A]},xB=async($,A)=>{if($.context.isRoot)return;let F=e31(A);if(!F)throw new Error("Bad operation type provided");let D=await $91({className:$.className,operation:F,context:$.context});if(!D)throw new Error(`Permission denied to ${F} class ${$.className}`);let B=$.context.sessionId;if(!D.requireAuthentication)return;if(!B||!$.getUser())throw new Error(`Permission denied to ${F} class ${$.className}`);if(D.authorizedRoles?.includes("everyone"))return;if(D.authorizedRoles?.length===0||!D)throw new Error(`Permission denied to ${F} class ${$.className}`);let E=$.context.user?.role?.name;if(!E)throw new Error(`Permission denied to ${F} class ${$.className}`);if(!D.authorizedRoles?.includes(E))throw new Error(`Permission denied to ${F} class ${$.className}`)},hu=($)=>xB($,"beforeRead"),Nu=($)=>xB($,"beforeCreate"),du=($)=>xB($,"beforeUpdate"),ku=($)=>xB($,"beforeDelete");var WW=($,A)=>{let F=$.context.wabe.config.schema?.classes?.find((Z)=>Z.name===$.className);if(!F)return;let D=$.getUser()?.role?.name||"",B=$.context.isRoot;if(A==="beforeRead"){Object.keys($.select).map((Z)=>{let J=F.fields[Z]?.protected;if(J?.protectedOperations.includes("read")){if(B&&J.authorizedRoles.includes("rootOnly"))return;if(!J.authorizedRoles.includes(D))throw new Error("You are not authorized to read this field")}});return}let E=$.getNewData(),w=A==="beforeUpdate"?"update":"create";Object.keys(E).map((Z)=>{let J=F.fields[Z]?.protected;if(J?.protectedOperations.includes(w)){if(B&&J.authorizedRoles.includes("rootOnly"))return;if(!J.authorizedRoles.includes(D))throw new Error(`You are not authorized to ${w} this field`)}})},mu=($)=>WW($,"beforeRead"),vu=($)=>WW($,"beforeUpdate"),fu=($)=>WW($,"beforeCreate");var lB=JSON;var bu=($)=>$.toUpperCase(),_u=($)=>{let A={};return $.forEach((F,D)=>{A[D]=F}),A};var pu=($,A,F)=>{return $.document?$:{document:$,variables:A,requestHeaders:F,signal:void 0}},gu=($,A,F)=>{return $.query?$:{query:$,variables:A,requestHeaders:F,signal:void 0}},xu=($,A)=>{return $.documents?$:{documents:$,requestHeaders:A,signal:void 0}};var gE=H1(K1(),1),mT=($)=>{let A=void 0,F=$.definitions.filter((D)=>D.kind==="OperationDefinition");if(F.length===1)A=F[0]?.name?.value;return A},Y5=($)=>{if(typeof $==="string"){let F=void 0;try{let D=gE.parse($);F=mT(D)}catch(D){}return{query:$,operationName:F}}let A=mT($);return{query:gE.print($),operationName:A}};class X9 extends Error{constructor($,A){let F=`${X9.extractMessage($)}: ${JSON.stringify({response:$,request:A})}`;super(F);if(Object.setPrototypeOf(this,X9.prototype),this.response=$,this.request=A,typeof Error.captureStackTrace==="function")Error.captureStackTrace(this,X9)}static extractMessage($){return $.errors?.[0]?.message??`GraphQL Error (Code: ${$.status})`}}var C9=H1(jS(),1);var dX1="connection_init",kX1="connection_ack",LS="ping",TS="pong",mX1="subscribe",vX1="next",fX1="error",SS="complete";class A8{get type(){return this._type}get id(){return this._id}get payload(){return this._payload}constructor($,A,F){this._type=$,this._payload=A,this._id=F}get text(){let $={type:this.type};if(this.id!=null&&this.id!=null)$.id=this.id;if(this.payload!=null&&this.payload!=null)$.payload=this.payload;return JSON.stringify($)}static parse($,A){let{type:F,payload:D,id:B}=JSON.parse($);return new A8(F,A(D),B)}}class sU{constructor($,{onInit:A,onAcknowledged:F,onPing:D,onPong:B}){this.socketState={acknowledged:!1,lastRequestId:0,subscriptions:{}},this.socket=$,$.addEventListener("open",async(E)=>{this.socketState.acknowledged=!1,this.socketState.subscriptions={},$.send(_X1(A?await A():null).text)}),$.addEventListener("close",(E)=>{this.socketState.acknowledged=!1,this.socketState.subscriptions={}}),$.addEventListener("error",(E)=>{console.error(E)}),$.addEventListener("message",(E)=>{try{let w=bX1(E.data);switch(w.type){case kX1:{if(this.socketState.acknowledged)console.warn("Duplicate CONNECTION_ACK message ignored");else if(this.socketState.acknowledged=!0,F)F(w.payload);return}case LS:{if(D)D(w.payload).then((W)=>$.send(RS(W).text));else $.send(RS(null).text);return}case TS:{if(B)B(w.payload);return}}if(!this.socketState.acknowledged)return;if(w.id===void 0||w.id===null||!this.socketState.subscriptions[w.id])return;let{query:Z,variables:J,subscriber:Y}=this.socketState.subscriptions[w.id];switch(w.type){case vX1:{if(!w.payload.errors&&w.payload.data)Y.next&&Y.next(w.payload.data);if(w.payload.errors)Y.error&&Y.error(new X9({...w.payload,status:200},{query:Z,variables:J}));return}case fX1:{Y.error&&Y.error(new X9({errors:w.payload,status:200},{query:Z,variables:J}));return}case SS:{Y.complete&&Y.complete(),delete this.socketState.subscriptions[w.id];return}}}catch(w){console.error(w),$.close(1006)}$.close(4400,"Unknown graphql-ws message.")})}makeSubscribe($,A,F,D){let B=(this.socketState.lastRequestId++).toString();return this.socketState.subscriptions[B]={query:$,variables:D,subscriber:F},this.socket.send(gX1(B,{query:$,operationName:A,variables:D}).text),()=>{this.socket.send(xX1(B).text),delete this.socketState.subscriptions[B]}}rawRequest($,A){return new Promise((F,D)=>{let B;this.rawSubscribe($,{next:(E,w)=>B={data:E,extensions:w},error:D,complete:()=>F(B)},A)})}request($,A){return new Promise((F,D)=>{let B;this.subscribe($,{next:(E)=>B=E,error:D,complete:()=>F(B)},A)})}subscribe($,A,F){let{query:D,operationName:B}=Y5($);return this.makeSubscribe(D,B,A,F)}rawSubscribe($,A,F){return this.makeSubscribe($,void 0,A,F)}ping($){this.socket.send(pX1($).text)}close(){this.socket.close(1000)}}sU.PROTOCOL="graphql-transport-ws";function bX1($,A=(F)=>F){return A8.parse($,A)}function _X1($){return new A8(dX1,$)}function pX1($){return new A8(LS,$,void 0)}function RS($){return new A8(TS,$,void 0)}function gX1($,A){return new A8(mX1,A,$)}function xX1($){return new A8(SS,void 0,$)}var L7=($)=>{let A={};if($)if(typeof Headers!=="undefined"&&$ instanceof Headers||C9&&C9.Headers&&$ instanceof C9.Headers)A=_u($);else if(Array.isArray($))$.forEach(([F,D])=>{if(F&&D!==void 0)A[F]=D});else A=$;return A},OS=($)=>$.replace(/([\s,]|#[^\n\r]+)+/g," ").trim(),yX1=($)=>{if(!Array.isArray($.query)){let D=$,B=[`query=${encodeURIComponent(OS(D.query))}`];if($.variables)B.push(`variables=${encodeURIComponent(D.jsonSerializer.stringify(D.variables))}`);if(D.operationName)B.push(`operationName=${encodeURIComponent(D.operationName)}`);return B.join("&")}if(typeof $.variables!=="undefined"&&!Array.isArray($.variables))throw new Error("Cannot create query with given variable type, array expected");let A=$,F=$.query.reduce((D,B,E)=>{return D.push({query:OS(B),variables:A.variables?A.jsonSerializer.stringify(A.variables[E]):void 0}),D},[]);return`query=${encodeURIComponent(A.jsonSerializer.stringify(F))}`},lX1=($)=>async(A)=>{let{url:F,query:D,variables:B,operationName:E,fetch:w,fetchOptions:Z,middleware:J}=A,Y={...A.headers},W="",X=void 0;if($==="POST"){if(X=cX1(D,B,E,Z.jsonSerializer),typeof X==="string")Y["Content-Type"]="application/json"}else W=yX1({query:D,variables:B,operationName:E,jsonSerializer:Z.jsonSerializer??lB});let U={method:$,headers:Y,body:X,...Z},H=F,Q=U;if(J){let q=await Promise.resolve(J({...U,url:F,operationName:E,variables:B})),{url:V,...L}=q;H=V,Q=L}if(W)H=`${H}?${W}`;return await w(H,Q)};class tU{constructor($,A={}){this.url=$,this.requestConfig=A,this.rawRequest=async(...F)=>{let[D,B,E]=F,w=gu(D,B,E),{headers:Z,fetch:J=C9.default,method:Y="POST",requestMiddleware:W,responseMiddleware:X,...U}=this.requestConfig,{url:H}=this;if(w.signal!==void 0)U.signal=w.signal;let{operationName:Q}=Y5(w.query);return nU({url:H,query:w.query,variables:w.variables,headers:{...L7(rU(Z)),...L7(w.requestHeaders)},operationName:Q,fetch:J,method:Y,fetchOptions:U,middleware:W}).then((q)=>{if(X)X(q);return q}).catch((q)=>{if(X)X(q);throw q})}}async request($,...A){let[F,D]=A,B=pu($,F,D),{headers:E,fetch:w=C9.default,method:Z="POST",requestMiddleware:J,responseMiddleware:Y,...W}=this.requestConfig,{url:X}=this;if(B.signal!==void 0)W.signal=B.signal;let{query:U,operationName:H}=Y5(B.document);return nU({url:X,query:U,variables:B.variables,headers:{...L7(rU(E)),...L7(B.requestHeaders)},operationName:H,fetch:w,method:Z,fetchOptions:W,middleware:J}).then((Q)=>{if(Y)Y(Q);return Q.data}).catch((Q)=>{if(Y)Y(Q);throw Q})}batchRequests($,A){let F=xu($,A),{headers:D,...B}=this.requestConfig;if(F.signal!==void 0)B.signal=F.signal;let E=F.documents.map(({document:Z})=>Y5(Z).query),w=F.documents.map(({variables:Z})=>Z);return nU({url:this.url,query:E,variables:w,headers:{...L7(rU(D)),...L7(F.requestHeaders)},operationName:void 0,fetch:this.requestConfig.fetch??C9.default,method:this.requestConfig.method||"POST",fetchOptions:B,middleware:this.requestConfig.requestMiddleware}).then((Z)=>{if(this.requestConfig.responseMiddleware)this.requestConfig.responseMiddleware(Z);return Z.data}).catch((Z)=>{if(this.requestConfig.responseMiddleware)this.requestConfig.responseMiddleware(Z);throw Z})}setHeaders($){return this.requestConfig.headers=$,this}setHeader($,A){let{headers:F}=this.requestConfig;if(F)F[$]=A;else this.requestConfig.headers={[$]:A};return this}setEndpoint($){return this.url=$,this}}var nU=async($)=>{let{query:A,variables:F,fetchOptions:D}=$,B=lX1(bu($.method??"post")),E=Array.isArray($.query),w=await B($),Z=await aX1(w,D.jsonSerializer??lB),J=Array.isArray(Z)?!Z.some(({data:W})=>!W):Boolean(Z.data),Y=Array.isArray(Z)||!Z.errors||Array.isArray(Z.errors)&&!Z.errors.length||D.errorPolicy==="all"||D.errorPolicy==="ignore";if(w.ok&&Y&&J){let{errors:W,...X}=Array.isArray(Z)?Z:Z,U=D.errorPolicy==="ignore"?X:Z;return{...E?{data:U}:U,headers:w.headers,status:w.status}}else throw new X9({...typeof Z==="string"?{error:Z}:Z,status:w.status,headers:w.headers},{query:A,variables:F})};var cX1=($,A,F,D)=>{let B=D??lB;if(!Array.isArray($))return B.stringify({query:$,variables:A,operationName:F});if(typeof A!=="undefined"&&!Array.isArray(A))throw new Error("Cannot create request body with given variable type, array expected");let E=$.reduce((w,Z,J)=>{return w.push({query:Z,variables:A?A[J]:void 0}),w},[]);return B.stringify(E)},aX1=async($,A)=>{let F;if($.headers.forEach((D,B)=>{if(B.toLowerCase()==="content-type")F=D}),F&&(F.toLowerCase().startsWith("application/json")||F.toLowerCase().startsWith("application/graphql+json")||F.toLowerCase().startsWith("application/graphql-response+json")))return A.parse(await $.text());else return $.text()},rU=($)=>{return typeof $==="function"?$():$},oU=($,...A)=>{return $.reduce((F,D,B)=>`${F}${D}${B in A?String(A[B]):""}`,"")};var s3=H1(dZ(),1);var fl=H1(ml(),1);var vk1=Object.prototype.toString,fk1=($)=>vk1.call($)==="[object Error]",bk1=new Set(["network error","Failed to fetch","NetworkError when attempting to fetch resource.","The Internet connection appears to be offline.","Load failed","Network request failed","fetch failed","terminated"]);function wq($){if(!($&&fk1($)&&$.name==="TypeError"&&typeof $.message==="string"))return!1;if($.message==="Load failed")return $.stack===void 0;return bk1.has($.message)}class bl extends Error{constructor($){super();if($ instanceof Error)this.originalError=$,{message:$}=$;else this.originalError=new Error($),this.originalError.stack=this.stack;this.name="AbortError",this.message=$}}var vl=($,A,F)=>{let D=F.retries-(A-1);return $.attemptNumber=A,$.retriesLeft=D,$};async function Zq($,A){return new Promise((F,D)=>{A={...A},A.onFailedAttempt??=()=>{},A.shouldRetry??=()=>!0,A.retries??=10;let B=fl.default.operation(A),E=()=>{B.stop(),D(A.signal?.reason)};if(A.signal&&!A.signal.aborted)A.signal.addEventListener("abort",E,{once:!0});let w=()=>{A.signal?.removeEventListener("abort",E),B.stop()};B.attempt(async(Z)=>{try{let J=await $(Z);w(),F(J)}catch(J){try{if(!(J instanceof Error))throw new TypeError(`Non-error was thrown: "${J}". You should only throw errors.`);if(J instanceof bl)throw J.originalError;if(J instanceof TypeError&&!wq(J))throw J;if(vl(J,Z,A),!await A.shouldRetry(J))B.stop(),D(J);if(await A.onFailedAttempt(J),!B.retry(J))throw B.mainError()}catch(Y){vl(Y,Z,A),w(),D(Y)}}})})}var _k1=($)=>{if(!$)return{};return Object.keys($).reduce((F,D)=>{let B=$[D];if(B==="ASC")F[D]=1;if(B==="DESC")F[D]=-1;return F},{})},i3=($)=>{if(!$)return{};return Object.keys($).reduce((F,D)=>{let B=$[D],E=D==="id"?"_id":D;if(B?.contains||B?.contains===null)F[E]={$all:B.contains};if(B?.notContains||B?.notContains===null)F[E]={$ne:B.notContains};if(B?.equalTo||B?.equalTo===null)F[E]=E==="_id"&&typeof B.equalTo==="string"?s3.ObjectId.createFromHexString(B.equalTo):B.equalTo;if(B?.notEqualTo||B?.notEqualTo===null)F[E]={$ne:E==="_id"&&typeof B.notEqualTo==="string"?s3.ObjectId.createFromHexString(B.notEqualTo):B.notEqualTo};if(B?.greaterThan||B?.greaterThan===null)F[E]={$gt:B.greaterThan};if(B?.greaterThanOrEqualTo||B?.greaterThanOrEqualTo===null)F[E]={$gte:B.greaterThanOrEqualTo};if(B?.lessThan||B?.lessThan===null)F[E]={$lt:B.lessThan};if(B?.lessThanOrEqualTo||B?.lessThanOrEqualTo===null)F[E]={$lte:B.lessThanOrEqualTo};if(B?.in||B?.in===null)F[E]={$in:E==="_id"?B.in.filter((w)=>typeof w==="string").map((w)=>s3.ObjectId.createFromHexString(w)):B.in};if(B?.notIn||B?.notIn===null)F[E]={$nin:E==="_id"?B.notIn.filter((w)=>typeof w==="string").map((w)=>s3.ObjectId.createFromHexString(w)):B.notIn};if(B&&E==="OR")return F.$or=$.OR?.map((w)=>i3(w)),F;if(B&&E==="AND")return F.$and=$.AND?.map((w)=>i3(w)),F;if(typeof B==="object"){let w=i3(B),Z=Object.entries(w);if(Z.length>0)return{[`${E.toString()}.${Z[0][0]}`]:Z[0][1]}}return F},{})};class Jq{options;database;client;constructor($){this.options=$,this.client=new s3.MongoClient($.databaseUrl)}async connect(){let $=await Zq(()=>this.client.connect(),{retries:5,minTimeout:100,factor:2});return this.database=$.db(this.options.databaseName),$}close(){return this.client.close()}async createClassIfNotExist($,A){if(!this.database)throw new Error("Connection to database is not established");let F=A.wabe.config.schema?.classes?.find((E)=>E.name===$);if(!F)throw new Error(`${$} is not defined in schema`);let D=this.database.collection($);return(F.indexes||[]).map((E)=>D.createIndex({[E.field]:E.order==="ASC"?1:-1},{unique:!!E.unique})),D}async count($){let{className:A,where:F,context:D}=$,B=await this.createClassIfNotExist(A,D),E=i3(F);return B.countDocuments(E)}async clearDatabase(){if(!this.database)throw new Error("Connection to database is not established");let $=await this.database.collections();await Promise.all($.filter((A)=>A.collectionName!=="Role").map((A)=>A.deleteMany({})))}async getObject($){if(!this.database)throw new Error("Connection to database is not established");let{className:A,id:F,select:D,where:B,context:E}=$,w=i3(B),J=await(await this.createClassIfNotExist(A,E)).findOne({_id:new s3.ObjectId(F),...w},{projection:D?{...D,_id:1}:void 0});if(!J)throw new Error("Object not found");let{_id:Y,...W}=J;return{...W,...{id:Y.toString()}}}async getObjects($){if(!this.database)throw new Error("Connection to database is not established");let{className:A,select:F,where:D,offset:B,first:E,context:w,order:Z}=$,J=i3(D),Y=_k1(Z);return(await(await this.createClassIfNotExist(A,w)).find(J,{projection:F?{...F,_id:1}:void 0}).limit(E||0).skip(B||0).sort(Y).toArray()).map((U)=>{let{_id:H,...Q}=U;return{...Q,...{id:H.toString()}}})}async createObject($){if(!this.database)throw new Error("Connection to database is not established");let{className:A,data:F,context:D}=$;return{id:(await(await this.createClassIfNotExist(A,D)).insertOne(F,{})).insertedId.toString()}}async createObjects($){if(!this.database)throw new Error("Connection to database is not established");let{className:A,data:F,context:D}=$,E=await(await this.createClassIfNotExist(A,D)).insertMany(F,{});return Object.values(E.insertedIds).map((w)=>({id:w.toString()}))}async updateObject($){if(!this.database)throw new Error("Connection to database is not established");let{className:A,id:F,data:D,context:B,where:E}=$,w=E?i3(E):{};if((await(await this.createClassIfNotExist(A,B)).updateOne({_id:new s3.ObjectId(F),...w},{$set:D})).matchedCount===0)throw new Error("Object not found");return{id:F}}async updateObjects($){if(!this.database)throw new Error("Connection to database is not established");let{className:A,where:F,data:D,offset:B,first:E,context:w,order:Z}=$,J=i3(F),Y=await this.createClassIfNotExist(A,w),W=await w.wabe.controllers.database.getObjects({className:A,where:F,select:{id:!0},offset:B,first:E,context:R1(w),order:Z});if(W.length===0)return[];return await Y.updateMany(J,{$set:D}),Object.values(W).filter(x2).map((X)=>({id:X?.id||""}))}async deleteObject($){if(!this.database)throw new Error("Connection to database is not established");let{className:A,id:F,context:D}=$,B=i3($.where);if((await(await this.createClassIfNotExist(A,D)).deleteOne({_id:new s3.ObjectId(F),...B})).deletedCount===0)throw new Error("Object not found")}async deleteObjects($){if(!this.database)throw new Error("Connection to database is not established");let{className:A,where:F,context:D}=$,B=i3(F);await(await this.createClassIfNotExist(A,D)).deleteMany(B)}}var _l;((A)=>A.Mongo="mongo")(_l||={});class pl{adapter={};async getCustomerById(){return{email:"customer@test.com"}}async deleteCoupon(){}async updatePromotionCode(){}async createCoupon(){return{code:"",id:""}}async createPromotionCode(){return{code:"",id:""}}async validateWebhook(){return{isValid:!0,payload:{},type:""}}async createCustomer(){return""}async createPayment(){return""}async cancelSubscription(){}async getInvoices(){return[]}async getTotalRevenue(){return 0}async getAllTransactions(){return[]}async getHypotheticalSubscriptionRevenue(){return 0}}class gl{async send(){return"123456"}}var xl;((F)=>{F.EUR="eur";F.USD="usd"})(xl||={});var pk1;((F)=>{F.payment="payment";F.subscription="subscription"})(pk1||={});var gk1;((F)=>{F.Month="month";F.Year="year"})(gk1||={});import{writeFile as xk1,mkdir as yk1,rm as lk1,access as yl,constants as ll}from"node:fs/promises";import cZ from"node:path";class cl{basePath="bucket";rootPath=process.cwd();async uploadFile($){let A=cZ.join(this.rootPath,this.basePath);await yk1(A,{recursive:!0});let F=$.type,D;if(F.startsWith("text")||F.includes("json")){let B=await $.text();D=Buffer.from(B,"utf-8")}else{let B=await $.arrayBuffer();D=Buffer.from(B)}await xk1(cZ.join(A,$.name),D)}async readFile($,A){let F=cZ.join(this.rootPath,this.basePath,$);try{return await yl(F,ll.F_OK),`http://127.0.0.1:${A?.port||3000}/${this.basePath}/${$}`}catch{return null}}async deleteFile($){let A=cZ.join(this.rootPath,this.basePath,$);try{await yl(A,ll.F_OK),await lk1(A)}catch{}}}var S$=($)=>$.charAt(0).toUpperCase()+$.slice(1),x2=($)=>$!==null&&$!==void 0,al=($)=>{let A=new tU(`http://127.0.0.1:${$}/graphql`,{headers:{"Wabe-Root-Key":"0uwFvUxM$ceFuF1aEtTtZMa7DUN2NZudqgY5ve5W*QCyb58cwMj9JeoaV@d#%29v&aJzswuudVU1%nAT+rxS0Bh&OkgBYc0PH18*"}});return{...A,request:A.request}};var aZ=($)=>{if($===void 0||$===null)return[];if(typeof $==="object")return Object.values($).flatMap((A)=>aZ(A));if(typeof $==="string")return gB($).trim().split(" ").map((A)=>A.trim()).flatMap((A)=>{let F=[];for(let D=1;D<=A.length;D+=1)F.push(A.substring(0,D).toLowerCase());return F});if(typeof $==="number")return[String($)];return[]},sl=($)=>{let A=$.context.wabe.config.schema?.classes?.find((B)=>B.name===$.className)?.searchableFields;if(!A||A.length===0)return;let F=$.getNewData(),D=Object.entries(F).flatMap(([B,E])=>{if(!A.includes(B))return;return aZ(E)}).filter(x2);$.upsertNewData("search",D)},nl=($)=>{let A=$.context.wabe.config.schema?.classes?.find((Z)=>Z.name===$.className)?.searchableFields;if(!A||A.length===0)return;let F=$.getNewData(),D=Object.entries(F).flatMap(([Z,J])=>{if(!A.includes(Z))return;return aZ(J)}).filter(x2),B=Object.entries($.object||{}).flatMap(([Z,J])=>{if(!A.includes(Z)||!Object.keys(F).includes(Z))return;return aZ(J)}).filter(x2),w=[...($.object?.search||[]).filter((Z)=>!B.includes(Z)),...D];$.upsertNewData("search",w)};var rl=async($)=>{let A=$.object,F=A?.user;if(!F)return;let D=$.context.wabe.controllers.database,E=(await D.getObject({className:"User",id:F,select:{sessions:!0},context:$.context}))?.sessions?.map((w)=>w.id)||[];await D.updateObject({className:"User",id:F,context:$.context,data:{sessions:[...E,A?.id].filter(x2)}})},tl=async($)=>{let A=$.object,F=A?.user;if(!F)return;let D=$.context.wabe.controllers.database,E=(await D.getObject({className:"User",id:F,select:{sessions:!0},context:$.context}))?.sessions?.filter((w)=>w.id!==A?.id).map((w)=>w.id);await D.updateObject({className:"User",id:F,context:$.context,data:{sessions:E}})},ol=($)=>{if($.context.isRoot)return;if($.isFieldUpdated("sessions"))throw new Error("Not authorized to update user sessions")};var el=($)=>{let A=$.getNewData().authentication;if(!A)return;let F=Object.keys(A)[0],D=A[F].email;if(!D)return;if($.upsertNewData("email",D),F)$.upsertNewData("provider",F)},$c=($)=>{if($.isFieldUpdated("email"))return;el($)},Ac=($)=>{if($.isFieldUpdated("email"))return;el($)};var Fc=async($)=>{let A=$.context.wabe.config.schema?.classes?.find((D)=>D.name===$.className)?.permissions;if(!A)return;let{acl:F}=A;if($.isFieldUpdated("acl")||!F)return;if(F)await F($)},Dc=async($)=>{if($.className==="User")return;await Fc($)},Bc=async($)=>Fc($);var yB;((J)=>{J.AfterCreate="afterCreate";J.AfterUpdate="afterUpdate";J.AfterDelete="afterDelete";J.AfterRead="afterRead";J.BeforeCreate="beforeCreate";J.BeforeUpdate="beforeUpdate";J.BeforeDelete="beforeDelete";J.BeforeRead="beforeRead"})(yB||={});var Ec=async({className:$,operationType:A,priority:F,config:D})=>D.hooks?.filter((B)=>B.operationType===A&&B.priority===F&&($===B.className||!B.className))||[],ck1=($)=>$.hooks?.reduce((A,F)=>{if(!A.includes(F.priority))A.push(F.priority);return A},[]).sort((A,F)=>A-F)||[],n3=({className:$,newData:A,context:F,select:D})=>{let B=({id:Z})=>{if(!Z)return{};return F.wabe.controllers.database.getObject({className:$,context:R1(F),id:Z,skipHooks:!0})},E=async({where:Z,ids:J})=>{if(!Z&&J.length===0)return[{}];let Y=await F.wabe.controllers.database.getObjects({className:$,context:R1(F),where:Z?Z:{id:{in:J}},skipHooks:!0});if(Y.length===0)return[{}];return Y},w=ck1(F.wabe.config);return{runOnSingleObject:async(Z)=>{if(w.length===0)return{object:void 0,newData:{}};let J=await B({id:Z.id}),Y=new pB({className:$,newData:A,operationType:Z.operationType,context:F,object:J,originalObject:Z.originalObject,select:D});return await w.reduce(async(W,X)=>{await W;let U=await Ec({className:$,operationType:Z.operationType,priority:X,config:F.wabe.config});await Promise.all(U.map((H)=>H.callback(Y)))},Promise.resolve()),{object:J,newData:Y.getNewData()}},runOnMultipleObjects:async(Z)=>{if(w.length===0)return{objects:[],newData:[A||{}]};let J=await E({where:Z.where,ids:Z.ids||[]}),Y=(Z.operationType==="afterDelete"?Z.originalObjects:J)||[],W=await Promise.all(Y.map(async(X)=>{let U=(Z.originalObjects||[]).find((Q)=>Q?.id===X?.id),H=new pB({className:$,newData:A,operationType:Z.operationType,context:F,object:X,originalObject:U,select:D});return await w.reduce(async(Q,q)=>{await Q;let V=await Ec({className:$,operationType:Z.operationType,priority:q,config:F.wabe.config});await Promise.all(V.map((L)=>L.callback(H)))},Promise.resolve()),H.getNewData()}));return{objects:J,newData:W}}}},wc=()=>[{operationType:"beforeRead",priority:0,callback:hu},{operationType:"beforeUpdate",priority:0,callback:du},{operationType:"beforeCreate",priority:0,callback:Nu},{operationType:"beforeDelete",priority:0,callback:ku},{operationType:"beforeRead",priority:0,callback:mu},{operationType:"beforeUpdate",priority:0,callback:vu},{operationType:"beforeCreate",priority:0,callback:fu},{operationType:"beforeCreate",priority:1,callback:Lu},{operationType:"beforeCreate",priority:1,callback:Su},{operationType:"beforeUpdate",priority:1,callback:Tu},{operationType:"beforeCreate",priority:1,callback:Pu},{operationType:"beforeUpdate",priority:1,callback:Mu},{operationType:"afterRead",priority:1,callback:Vu},{operationType:"afterDelete",priority:1,callback:zu},{className:"User",operationType:"beforeCreate",priority:1,callback:Iu},{className:"User",operationType:"beforeUpdate",priority:1,callback:ju},{operationType:"beforeCreate",priority:3,callback:sl},{operationType:"beforeUpdate",priority:3,callback:nl},{operationType:"beforeCreate",priority:0,callback:Dc},{className:"User",operationType:"afterCreate",priority:0,callback:Bc},{className:"User",operationType:"beforeCreate",priority:2,callback:$c},{className:"User",operationType:"beforeUpdate",priority:2,callback:Ac},{className:"User",operationType:"beforeDelete",priority:1,callback:Ou},{className:"_Session",operationType:"afterCreate",priority:1,callback:rl},{className:"_Session",operationType:"afterDelete",priority:1,callback:tl},{className:"User",operationType:"beforeUpdate",priority:1,callback:ol}];class Yq{adapter;constructor($){this.adapter=$}_getSelectMinusPointersAndRelations({className:$,context:A,select:F}){let D=A.wabe.config.schema?.classes?.find((E)=>E.name.toLowerCase()===$.toLowerCase());if(!D)throw new Error("Class not found in schema");if(!F)return{pointers:{},selectWithoutPointers:{}};let B=Object.keys(D.fields).filter((E)=>D.fields[E].type==="Pointer"||D.fields[E].type==="Relation");return Object.entries(F).reduce((E,[w,Z])=>{if(!B.includes(w))return{...E,selectWithoutPointers:{...E.selectWithoutPointers,[w]:!0}};let J=D.fields[w].class;return{...E,pointers:{...E.pointers,[w]:{className:J,select:Z===!0?void 0:Z}}}},{pointers:{},selectWithoutPointers:{}})}_isRelationField({pointerField:$,currentClassName:A,context:F,originClassName:D}){if(!A)return!1;return F.wabe.config.schema?.classes?.some((B)=>B.name.toLowerCase()===D.toLowerCase()&&Object.entries(B.fields).find(([E,w])=>E===$&&w.type==="Relation"&&w.class.toLowerCase()===A.toLowerCase()))}_isPointerField({pointerField:$,currentClassName:A,context:F,originClassName:D}){if(!A)return!1;return F.wabe.config.schema?.classes?.some((B)=>B.name.toLowerCase()===D.toLowerCase()&&Object.entries(B.fields).find(([E,w])=>E===$&&w.type==="Pointer"&&w.class.toLowerCase()===A.toLowerCase()))}async _getWhereObjectWithPointerOrRelation($,A,F){let D=Object.keys(A),B=F.wabe.config.schema?.classes?.find((w)=>w.name.toLowerCase()===$.toLowerCase()),E=await D.reduce(async(w,Z)=>{let J=await w,Y=Z,W=B?.fields[Y];if(Y==="AND"||Y==="OR"){let Q=await Promise.all(A[Y].map((q)=>this._getWhereObjectWithPointerOrRelation($,q,F)));return{...J,[Y]:Q}}if(W?.type!=="Pointer"&&W?.type!=="Relation")return w;let X=W.class,U=A[Y],H=await this.getObjects({className:X,select:{id:!0},where:U,context:F});return{...w,[Y]:{in:H.map((Q)=>Q?.id).filter(x2)}}},Promise.resolve({}));return{...A,...E}}_buildWhereWithACL($,A,F){if(A.isRoot)return $;let D=A.user?.role?.id,B=A.user?.id;return{AND:[{...$},!B?{acl:{equalTo:null}}:void 0,B||D?{OR:[{acl:{equalTo:null}},B?{AND:[{acl:{users:{userId:{in:[B]}}}},{acl:{users:{[F]:{in:[!0]}}}}]}:void 0,D?{AND:[{acl:{users:{userId:{notIn:[B]}}}},{acl:{roles:{roleId:{in:[D]}}}},{acl:{roles:{[F]:{in:[!0]}}}}]}:void 0].filter(x2)}:void 0].filter(x2)}}_getFinalObjectWithPointerAndRelation({pointers:$,context:A,originClassName:F,object:D,isGraphQLCall:B}){return Object.entries($).reduce(async(E,[w,{className:Z,select:J}])=>{let Y=await E;if(this._isPointerField({originClassName:F,context:A,currentClassName:Z,pointerField:w})){if(!D[w])return{...Y,[w]:null};let U=await this.getObject({className:Z,id:D[w],context:A,select:J});return{...Y,[w]:U}}if(this._isRelationField({originClassName:F,context:A,currentClassName:Z,pointerField:w})&&D[w]){let U=await this.getObjects({className:Z,select:J,where:{id:{in:D[w]}},context:A});return{...E,[w]:B?{totalCount:U.length,edges:U.map((H)=>({node:H}))}:U}}return Y},Promise.resolve({}))}connect(){return this.adapter.connect()}close(){return this.adapter.close()}createClassIfNotExist($,A){return this.adapter.createClassIfNotExist($,A)}async count({className:$,context:A,where:F}){let D=n3({className:$,context:A,select:{}});await D?.runOnSingleObject({operationType:"beforeRead"});let B=await this.adapter.count({className:$,context:A,where:F});return await D?.runOnSingleObject({operationType:"afterRead"}),B}async clearDatabase(){await this.adapter.clearDatabase()}async getObject({select:$,className:A,context:F,skipHooks:D,id:B,where:E,isGraphQLCall:w=!1}){let{pointers:Z,selectWithoutPointers:J}=this._getSelectMinusPointersAndRelations({className:A,context:F,select:$}),Y=!D?n3({className:A,context:F,select:J}):void 0;await Y?.runOnSingleObject({operationType:"beforeRead",id:B});let W=this._buildWhereWithACL(E||{},F,"read"),X=Object.keys(Z).reduce((H,Q)=>{return H[Q]=!0,H},J);await Y?.runOnSingleObject({operationType:"afterRead",id:B});let U=await this.adapter.getObject({className:A,id:B,context:R1(F),select:!$?void 0:X,where:W});return{...U,...await this._getFinalObjectWithPointerAndRelation({context:F,originClassName:A,pointers:Z,object:U,isGraphQLCall:w})}}async getObjects({className:$,select:A,context:F,where:D,skipHooks:B,first:E,offset:w,order:Z,isGraphQLCall:J=!1}){let{pointers:Y,selectWithoutPointers:W}=this._getSelectMinusPointersAndRelations({className:$,context:F,select:A}),X=await this._getWhereObjectWithPointerOrRelation($,D||{},F),U=this._buildWhereWithACL(X||{},F,"read"),H=Object.keys(Y).reduce((V,L)=>{return V[L]=!0,V},W),Q=!B?n3({className:$,select:W,context:F}):void 0;await Q?.runOnMultipleObjects({operationType:"beforeRead",where:U}),await Q?.runOnMultipleObjects({operationType:"afterRead",where:U});let q=await this.adapter.getObjects({className:$,context:R1(F),first:E,offset:w,where:U,select:!A?void 0:H,order:Z});return Promise.all(q.map(async(V)=>({...V,...await this._getFinalObjectWithPointerAndRelation({object:V,context:F,originClassName:$,pointers:Y,isGraphQLCall:J})})))}async createObject({className:$,context:A,data:F,select:D,isGraphQLCall:B=!1}){let E=n3({className:$,context:A,newData:F,select:D}),{newData:w}=await E.runOnSingleObject({operationType:"beforeCreate"}),{id:Z}=await this.adapter.createObject({className:$,context:A,select:D,data:w});if(await E.runOnSingleObject({operationType:"afterCreate",id:Z}),D&&Object.keys(D).length===0)return null;return this.getObject({className:$,context:R1(A),select:D,id:Z,skipHooks:!0,isGraphQLCall:B})}async createObjects({data:$,select:A,className:F,context:D,first:B,offset:E,order:w,isGraphQLCall:Z=!1}){if($.length===0)return[];let J=await Promise.all($.map((U)=>n3({className:F,context:D,newData:U,select:A}))),Y=await Promise.all(J.map(async(U)=>(await U.runOnMultipleObjects({operationType:"beforeCreate"}))?.newData[0])),X=(await this.adapter.createObjects({className:F,select:A,context:D,data:Y,first:B,offset:E,order:w})).map(({id:U})=>U);if(await Promise.all(J.map((U)=>U.runOnMultipleObjects({operationType:"afterCreate",ids:X}))),A&&Object.keys(A).length===0)return[];return this.getObjects({className:F,context:D,select:A,where:{id:{in:X}},skipHooks:!0,first:B,offset:E,order:w,isGraphQLCall:Z})}async updateObject({id:$,className:A,context:F,data:D,select:B,skipHooks:E,isGraphQLCall:w=!1}){let Z=!E?n3({className:A,context:F,newData:D,select:B}):void 0,J=await Z?.runOnSingleObject({operationType:"beforeUpdate",id:$}),Y=this._buildWhereWithACL({},F,"write");if(await this.adapter.updateObject({className:A,select:B,id:$,context:F,data:J?.newData||D,where:Y}),await Z?.runOnSingleObject({operationType:"afterUpdate",id:$,originalObject:J?.object}),B&&Object.keys(B).length===0)return null;return this.getObject({className:A,context:F,select:B,id:$,isGraphQLCall:w})}async updateObjects({className:$,where:A,context:F,select:D,data:B,first:E,offset:w,order:Z,skipHooks:J,isGraphQLCall:Y=!1}){let W=await this._getWhereObjectWithPointerOrRelation($,A||{},F),X=!J?n3({className:$,context:F,newData:B,select:D}):void 0,U=this._buildWhereWithACL(W,F,"write"),H=await X?.runOnMultipleObjects({operationType:"beforeUpdate",where:U}),q=(await this.adapter.updateObjects({className:$,context:F,select:D,data:H?.newData[0]||B,where:U,first:E,offset:w,order:Z})).map((V)=>V?.id).filter(x2);if(await X?.runOnMultipleObjects({operationType:"afterUpdate",ids:q,originalObjects:H?.objects||[]}),D&&Object.keys(D).length===0)return[];return this.getObjects({className:$,context:F,select:D,where:{id:{in:q}},first:E,offset:w,order:Z,isGraphQLCall:Y})}async deleteObject({context:$,className:A,id:F,select:D,isGraphQLCall:B=!1}){let E=n3({className:A,context:$,select:D}),w=this._buildWhereWithACL({},$,"write"),Z=null;if(D&&Object.keys(D).length>0)Z=await this.getObject({className:A,select:D,id:F,context:$,isGraphQLCall:B});let J=await E.runOnSingleObject({operationType:"beforeDelete",id:F});return await this.adapter.deleteObject({className:A,context:$,select:D,id:F,where:w}),await E.runOnSingleObject({operationType:"afterDelete",originalObject:J.object}),Z}async deleteObjects({className:$,context:A,select:F,where:D,first:B,offset:E,order:w,isGraphQLCall:Z=!1}){let J=await this._getWhereObjectWithPointerOrRelation($,D||{},A),Y=n3({className:$,context:A,select:F}),W=this._buildWhereWithACL(J,A,"write"),X=[];if(F&&Object.keys(F).length>0)X=await this.getObjects({className:$,where:D,select:F,context:A,first:B,offset:E,order:w,isGraphQLCall:Z});let U=await Y.runOnMultipleObjects({operationType:"beforeDelete",where:W});return await this.adapter.deleteObjects({className:$,context:A,select:F,first:B,offset:E,where:W,order:w}),await Y.runOnMultipleObjects({operationType:"afterDelete",originalObjects:U.objects}),X}}var Zc;((F)=>{F.google="google";F.github="github"})(Zc||={});var O$;((B)=>{B.GitHub="github";B.Google="google";B.EmailPassword="emailPassword";B.PhonePassword="phonePassword"})(O$||={});var Wq;((A)=>A.EmailOTP="emailOTP")(Wq||={});import Jc from"node:crypto";var Yc=($)=>{return Jc.createHash("sha256").update($).digest("base64").split("=")[0].replaceAll("+","-").replaceAll("/","_")},vD=()=>Jc.randomBytes(60).toString("base64url");class fD{clientId;authorizeEndpoint;tokenEndpoint;redirectURI;constructor($,A,F,D){this.clientId=$,this.authorizeEndpoint=A,this.tokenEndpoint=F,this.redirectURI=D}createAuthorizationURL($){let A=Array.from(new Set($?.scopes||[])),F=new URL(this.authorizeEndpoint);if(F.searchParams.set("response_type","code"),F.searchParams.set("client_id",this.clientId),$?.state!==void 0)F.searchParams.set("state",$.state);if(A.length>0)F.searchParams.set("scope",A.join(" "));if(this.redirectURI!==null)F.searchParams.set("redirect_uri",this.redirectURI);if($?.codeVerifier!==void 0){let D=Yc($.codeVerifier);F.searchParams.set("code_challenge_method","S256"),F.searchParams.set("code_challenge",D)}return F}validateAuthorizationCode($,A){let F=new URLSearchParams;if(F.set("code",$),F.set("client_id",this.clientId),F.set("grant_type","authorization_code"),this.redirectURI!==null)F.set("redirect_uri",this.redirectURI);if(A?.codeVerifier!==void 0)F.set("code_verifier",A.codeVerifier);return this._sendTokenRequest(F,A)}async refreshAccessToken($,A){let F=new URLSearchParams;F.set("refresh_token",$),F.set("client_id",this.clientId),F.set("grant_type","refresh_token");let D=Array.from(new Set(A?.scopes??[]));if(D.length>0)F.set("scope",D.join(" "));return await this._sendTokenRequest(F,A)}async _sendTokenRequest($,A){let F=new Headers;if(F.set("Content-Type","application/x-www-form-urlencoded"),F.set("Accept","application/json"),F.set("User-Agent","wabe"),A?.credentials!==void 0)if((A?.authenticateWith||"http_basic_auth")==="http_basic_auth"){let Z=btoa(`${this.clientId}:${A.credentials}`);F.set("Authorization",`Basic ${Z}`)}else $.set("client_secret",A.credentials);let D=new Request(this.tokenEndpoint,{method:"POST",headers:F,body:$}),B=await fetch(D),E=await B.json();if(!("access_token"in E)||B.status!==200||!B.ok)throw new Error("Error in token request");return E}}var ak1="https://accounts.google.com/o/oauth2/v2/auth",ik1="https://oauth2.googleapis.com/token";class bD{client;clientSecret;constructor($){let A=$.authentication?.providers?.google;if(!A)throw new Error("Google config not found");let D=`${`http${$.isProduction?"s":""}://${$.authentication?.backDomain||"127.0.0.1:"+$.port||3000}`}/auth/oauth/callback`;this.client=new fD(A.clientId,ak1,ik1,D),this.clientSecret=A.clientSecret}createAuthorizationURL($,A,F){let D=F?.scopes??[],B=this.client.createAuthorizationURL({state:$,codeVerifier:A,scopes:[...D,"openid"]});return B.searchParams.set("access_type","offline"),B.searchParams.set("prompt","select_account"),B}async validateAuthorizationCode($,A){let{access_token:F,expires_in:D,refresh_token:B,id_token:E}=await this.client.validateAuthorizationCode($,{authenticateWith:"request_body",credentials:this.clientSecret,codeVerifier:A});return{accessToken:F,refreshToken:B,accessTokenExpiresAt:new Date(Date.now()+D*1000),idToken:E}}async refreshAccessToken($){let{access_token:A,expires_in:F}=await this.client.refreshAccessToken($,{authenticateWith:"request_body",credentials:this.clientSecret});return{accessToken:A,accessTokenExpiresAt:new Date(Date.now()+F*1000)}}async getUserInfo($){let A=await fetch(`https://www.googleapis.com/oauth2/v1/userinfo?alt=json&access_token=${$}`),{email:F,verified_email:D}=await A.json();return{email:F,verifiedEmail:D}}}var tD=H1(xs(),1);class D4{accessToken=void 0;refreshToken=void 0;getAccessTokenExpireAt($){let A=$?.authentication?.session?.accessTokenExpiresInMs;if(!A)return new Date(Date.now()+900000);return new Date(Date.now()+A)}_getRefreshTokenExpiresInMs($){let A=$?.authentication?.session?.refreshTokenExpiresInMs;if(!A)return 2592000000;return A}getRefreshTokenExpireAt($){let A=this._getRefreshTokenExpiresInMs($);return new Date(Date.now()+A)}async meFromAccessToken($,A){let F=await A.wabe.controllers.database.getObjects({className:"_Session",where:{accessToken:{equalTo:$},OR:[{accessTokenExpiresAt:{greaterThanOrEqualTo:new Date}},{refreshTokenExpiresAt:{greaterThanOrEqualTo:new Date}}]},select:{id:!0,user:!0,accessTokenExpiresAt:!0,refreshTokenExpiresAt:!0,refreshToken:!0},first:1,context:A});if(F.length===0)return{sessionId:null,user:null,accessToken:null,refreshToken:null};let D=F[0];if(!D||!D?.user)return{sessionId:null,user:null,accessToken:null,refreshToken:null};let B=D.user,E=await A.wabe.controllers.database.getObject({className:"User",select:{role:!0},context:A,id:B.id});if(new Date(D.accessTokenExpiresAt)<new Date&&new Date(D.refreshTokenExpiresAt)>=new Date&&D.refreshToken){let{accessToken:w,refreshToken:Z}=await this.refresh($,D.refreshToken,A);return{sessionId:D.id,user:{...B,role:E?.role},accessToken:w,refreshToken:Z}}return{sessionId:D.id,user:{...B,role:E?.role},accessToken:$,refreshToken:D.refreshToken}}async create($,A){this.accessToken=tD.default.sign({userId:$,iat:Date.now(),exp:this.getAccessTokenExpireAt(A.wabe.config).getTime()},A.wabe.config.authentication?.session?.jwtSecret||"dev"),this.refreshToken=tD.default.sign({userId:$,iat:Date.now(),exp:this.getRefreshTokenExpireAt(A.wabe.config).getTime()},A.wabe.config.authentication?.session?.jwtSecret||"dev");let F=await A.wabe.controllers.database.createObject({className:"_Session",context:R1(A),data:{accessToken:this.accessToken,accessTokenExpiresAt:this.getAccessTokenExpireAt(A.wabe.config),refreshToken:this.refreshToken,refreshTokenExpiresAt:this.getRefreshTokenExpireAt(A.wabe.config),user:$},select:{id:!0}});if(!F)throw new Error("Session not created");return{accessToken:this.accessToken,refreshToken:this.refreshToken,sessionId:F.id}}async delete($){if(!$.sessionId)return;await $.wabe.controllers.database.deleteObject({className:"_Session",context:R1($),id:$.sessionId,select:{}})}_isRefreshTokenExpired($,A){let F=$.getTime()-A;return Date.now()-F>=0.75*A}async refresh($,A,F){let D=await F.wabe.controllers.database.getObjects({className:"_Session",where:{accessToken:{equalTo:$}},select:{id:!0,user:{id:!0,role:{id:!0,name:!0}},refreshToken:!0,refreshTokenExpiresAt:!0},context:R1(F)});if(!D.length)return{accessToken:null,refreshToken:null};if(!D[0])throw new Error("Session not found");let{refreshTokenExpiresAt:B,user:E,refreshToken:w,id:Z}=D[0];if(new Date(B)<new Date(Date.now()))throw new Error("Refresh token expired");let J=this._getRefreshTokenExpiresInMs(F.wabe.config);if(!this._isRefreshTokenExpired(new Date(B),J))return{accessToken:$,refreshToken:A};if(A!==w)throw new Error("Invalid refresh token");let Y=E?.id;if(!Y)return{accessToken:null,refreshToken:null};let W=tD.default.sign({userId:Y,iat:Date.now(),exp:this.getAccessTokenExpireAt(F.wabe.config).getTime()},F.wabe.config.authentication?.session?.jwtSecret||"dev"),X=tD.default.sign({userId:Y,iat:Date.now(),exp:this.getRefreshTokenExpireAt(F.wabe.config).getTime()},F.wabe.config.authentication?.session?.jwtSecret||"dev");return await F.wabe.controllers.database.updateObject({className:"_Session",context:R1(F),id:Z,data:{accessToken:W,accessTokenExpiresAt:this.getAccessTokenExpireAt(F.wabe.config),refreshToken:X,refreshTokenExpiresAt:this.getRefreshTokenExpireAt(F.wabe.config)},select:{}}),{accessToken:W,refreshToken:X}}}var ys=async($,A,F)=>{let{input:{refreshToken:D,accessToken:B}}=A,E=new D4,{accessToken:w,refreshToken:Z}=await E.refresh(B,D,F);return{accessToken:w,refreshToken:Z}};var ls=async($,A,F)=>{if(await new D4().delete(F),F.wabe.config.authentication?.session?.cookieSession)F.response?.deleteCookie("accessToken"),F.response?.deleteCookie("refreshToken");return!0};var cs=async($,{input:A},F)=>{if(!A.secondFA)throw new Error("One factor is required");let D=Object.keys(A.secondFA);if(D.length>1)throw new Error("Only one factor is allowed");let{provider:B,name:E}=g9(D,F),w=await B.onVerifyChallenge({context:F,input:A.secondFA[E]});if(!w?.userId)throw new Error("Invalid challenge");let Z=new D4,{accessToken:J,refreshToken:Y}=await Z.create(w.userId,F);if(F.wabe.config.authentication?.session?.cookieSession){let W=Z.getAccessTokenExpireAt(F.wabe.config),X=Z.getRefreshTokenExpireAt(F.wabe.config);F.response?.setCookie("refreshToken",Y,{httpOnly:!0,path:"/",sameSite:"None",secure:!0,expires:X}),F.response?.setCookie("accessToken",J,{httpOnly:!0,path:"/",sameSite:"None",secure:!0,expires:W})}return{accessToken:J}};var as=($,A,F)=>{if(!F.user?.id)return{user:void 0};return{user:F.user}};var is=($,{input:A},F)=>{if(!F.user&&!F.isRoot)throw new Error("Permission denied");let D=F.wabe.controllers.email;if(!D)throw new Error("Email adapter not defined");return D.send({...A,text:A.text??void 0,html:A.html??void 0})};var dn=H1(hn(),1);import{createHash as Nn}from"node:crypto";var Kx1=5;class T8{secret;internalTotp;constructor($){this.secret=$,this.internalTotp=dn.totp.clone({window:[Kx1,0]})}generate($){let A=Nn("sha256").update(`${this.secret}:${$}`).digest("hex");return this.internalTotp.generate(A)}verify($,A){let F=Nn("sha256").update(`${this.secret}:${A}`).digest("hex");return this.internalTotp.verify({secret:F,token:$})}}var kn=async($,{input:{email:A,phone:F,password:D,otp:B}},E)=>{if(!A&&!F)throw new Error("Email or phone is required");let w=await E.wabe.controllers.database.getObjects({className:"User",where:{...A&&{email:{equalTo:A}},...F&&{authentication:{phonePassword:{phone:{equalTo:F}}}}},select:{id:!0,authentication:!0},first:1,context:R1(E)});if(w.length===0)return!0;let Z=w[0];if(!Z)return!0;let Y=new T8(E.wabe.config.rootKey).verify(B,Z.id);if(B!=="000000"&&!Y)throw new Error("Invalid OTP code");let W=F?"phonePassword":"emailPassword";return await E.wabe.controllers.database.updateObject({className:"User",id:Z.id,data:{authentication:{[W]:{...F&&{phone:Z.authentication?.phonePassword?.phone},...A&&{email:A},password:D}}},select:{},context:R1(E)}),!0};var mJ=($)=>`
   <!DOCTYPE html>
   <html lang="en">
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "wabe",
-  "version": "0.6.6",
+  "version": "0.6.7",
   "description": "Your backend in minutes not days",
   "homepage": "https://wabe.dev",
   "author": {