weave-typescript 0.31.0 → 0.33.0

package/dist/weavesql/weavedb/auth_identity_sql.js

@@ -1,8 +1,13 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.insertAuthAuditEventQuery = exports.endSupportAccessSessionQuery = exports.createSupportAccessSessionQuery = exports.createPlatformAdminGrantQuery = exports.listActivePlatformAdminGrantsForUserQuery = exports.listOrganizationMembersQuery = exports.listOrganizationMembershipsForUserQuery = exports.getOrganizationMembershipQuery = exports.upsertOrganizationMembershipQuery = exports.upsertOrganizationAuthLinkQuery = exports.getOrganizationAuthLinkByOrganizationIDQuery = exports.getOrganizationAuthLinkByStytchIDQuery = exports.upsertIdentityLinkQuery = exports.getIdentityLinkByStytchMemberQuery = exports.getUserProfileQuery = exports.upsertUserProfileQuery = exports.getUserByIDQuery = exports.createUserQuery = void 0;
+exports.deleteExpiredApplicationSessionsQuery = exports.markApplicationSessionOrganizationSessionStateQuery = exports.listApplicationSessionOrganizationSessionStatesQuery = exports.getApplicationSessionOrganizationSessionQuery = exports.upsertApplicationSessionOrganizationSessionQuery = exports.revokeApplicationSessionQuery = exports.setApplicationSessionActiveOrganizationQuery = exports.getApplicationSessionQuery = exports.createApplicationSessionQuery = exports.insertAuthAuditEventQuery = exports.endSupportAccessSessionQuery = exports.createSupportAccessSessionQuery = exports.createPlatformAdminGrantQuery = exports.listActivePlatformAdminGrantsForUserQuery = exports.listOrganizationMembersQuery = exports.listOrganizationMembershipsForUserQuery = exports.getOrganizationMembershipQuery = exports.upsertOrganizationMembershipQuery = exports.upsertOrganizationAuthLinkQuery = exports.getOrganizationAuthLinkByOrganizationIDQuery = exports.getOrganizationAuthLinkByStytchIDQuery = exports.upsertIdentityLinkQuery = exports.getIdentityLinkByStytchMemberQuery = exports.getUserProfileQuery = exports.upsertUserProfileQuery = exports.deleteOrganizationAuthDomainQuery = exports.listOrganizationAuthDomainsQuery = exports.upsertOrganizationAuthDomainQuery = exports.resolvePrimaryOrganizationAuthLinkByDomainQuery = exports.getUserPrimaryOrganizationAuthLinkQuery = exports.setUserPrimaryOrganizationQuery = exports.getUserByIDQuery = exports.createUserQuery = void 0;
 exports.createUser = createUser;
 exports.getUserByID = getUserByID;
+exports.setUserPrimaryOrganization = setUserPrimaryOrganization;
+exports.getUserPrimaryOrganizationAuthLink = getUserPrimaryOrganizationAuthLink;
+exports.resolvePrimaryOrganizationAuthLinkByDomain = resolvePrimaryOrganizationAuthLinkByDomain;
+exports.upsertOrganizationAuthDomain = upsertOrganizationAuthDomain;
+exports.listOrganizationAuthDomains = listOrganizationAuthDomains;
 exports.upsertUserProfile = upsertUserProfile;
 exports.getUserProfile = getUserProfile;
 exports.getIdentityLinkByStytchMember = getIdentityLinkByStytchMember;
@@ -18,6 +23,13 @@ exports.listActivePlatformAdminGrantsForUser = listActivePlatformAdminGrantsForU
 exports.createPlatformAdminGrant = createPlatformAdminGrant;
 exports.createSupportAccessSession = createSupportAccessSession;
 exports.insertAuthAuditEvent = insertAuthAuditEvent;
+exports.createApplicationSession = createApplicationSession;
+exports.getApplicationSession = getApplicationSession;
+exports.setApplicationSessionActiveOrganization = setApplicationSessionActiveOrganization;
+exports.upsertApplicationSessionOrganizationSession = upsertApplicationSessionOrganizationSession;
+exports.getApplicationSessionOrganizationSession = getApplicationSessionOrganizationSession;
+exports.listApplicationSessionOrganizationSessionStates = listApplicationSessionOrganizationSessionStates;
+exports.markApplicationSessionOrganizationSessionState = markApplicationSessionOrganizationSessionState;
 exports.createUserQuery = `-- name: CreateUser :one
 INSERT INTO weave.users (status)
 VALUES ($1)
@@ -60,6 +72,202 @@ async function getUserByID(client, args) {
         updatedAt: row[3]
     };
 }
+exports.setUserPrimaryOrganizationQuery = `-- name: SetUserPrimaryOrganization :one
+UPDATE weave.users
+SET
+    primary_organization_id = $1,
+    updated_at = now()
+WHERE id = $2
+RETURNING
+    id,
+    primary_organization_id,
+    status,
+    created_at,
+    updated_at`;
+async function setUserPrimaryOrganization(client, args) {
+    const result = await client.query({
+        text: exports.setUserPrimaryOrganizationQuery,
+        values: [args.organizationId, args.userId],
+        rowMode: "array"
+    });
+    if (result.rows.length !== 1) {
+        return null;
+    }
+    const row = result.rows[0];
+    return {
+        id: row[0],
+        primaryOrganizationId: row[1],
+        status: row[2],
+        createdAt: row[3],
+        updatedAt: row[4]
+    };
+}
+exports.getUserPrimaryOrganizationAuthLinkQuery = `-- name: GetUserPrimaryOrganizationAuthLink :one
+SELECT
+    o.id AS organization_id,
+    o.slug AS organization_slug,
+    o.name AS organization_name,
+    l.stytch_organization_id,
+    l.stytch_organization_slug,
+    l.stytch_organization_kind,
+    l.allowed_domains,
+    l.auth_policy_summary,
+    l.created_at,
+    l.updated_at
+FROM weave.users AS u
+JOIN weave.organizations AS o
+  ON o.id = u.primary_organization_id
+JOIN weave.organization_auth_links AS l
+  ON l.organization_id = o.id
+WHERE u.id = $1
+  AND u.status = 'active'`;
+async function getUserPrimaryOrganizationAuthLink(client, args) {
+    const result = await client.query({
+        text: exports.getUserPrimaryOrganizationAuthLinkQuery,
+        values: [args.userId],
+        rowMode: "array"
+    });
+    if (result.rows.length !== 1) {
+        return null;
+    }
+    const row = result.rows[0];
+    return {
+        organizationId: row[0],
+        organizationSlug: row[1],
+        organizationName: row[2],
+        stytchOrganizationId: row[3],
+        stytchOrganizationSlug: row[4],
+        stytchOrganizationKind: row[5],
+        allowedDomains: row[6],
+        authPolicySummary: row[7],
+        createdAt: row[8],
+        updatedAt: row[9]
+    };
+}
+exports.resolvePrimaryOrganizationAuthLinkByDomainQuery = `-- name: ResolvePrimaryOrganizationAuthLinkByDomain :one
+SELECT
+    o.id AS organization_id,
+    o.slug AS organization_slug,
+    o.name AS organization_name,
+    l.stytch_organization_id,
+    l.stytch_organization_slug,
+    l.stytch_organization_kind,
+    d.domain,
+    l.allowed_domains,
+    l.auth_policy_summary,
+    l.created_at,
+    l.updated_at
+FROM weave.organization_auth_domains AS d
+JOIN weave.organization_auth_links AS l
+  ON l.organization_id = d.organization_id
+JOIN weave.organizations AS o
+  ON o.id = d.organization_id
+WHERE d.domain = lower($1)
+  AND d.is_primary_login
+  AND d.status = 'active'`;
+async function resolvePrimaryOrganizationAuthLinkByDomain(client, args) {
+    const result = await client.query({
+        text: exports.resolvePrimaryOrganizationAuthLinkByDomainQuery,
+        values: [args.domain],
+        rowMode: "array"
+    });
+    if (result.rows.length !== 1) {
+        return null;
+    }
+    const row = result.rows[0];
+    return {
+        organizationId: row[0],
+        organizationSlug: row[1],
+        organizationName: row[2],
+        stytchOrganizationId: row[3],
+        stytchOrganizationSlug: row[4],
+        stytchOrganizationKind: row[5],
+        domain: row[6],
+        allowedDomains: row[7],
+        authPolicySummary: row[8],
+        createdAt: row[9],
+        updatedAt: row[10]
+    };
+}
+exports.upsertOrganizationAuthDomainQuery = `-- name: UpsertOrganizationAuthDomain :one
+INSERT INTO weave.organization_auth_domains (
+    organization_id,
+    domain,
+    is_primary_login,
+    status
+) VALUES (
+    $1,
+    lower($2),
+    $3,
+    $4
+)
+ON CONFLICT (organization_id, domain) DO UPDATE
+SET
+    is_primary_login = EXCLUDED.is_primary_login,
+    status = EXCLUDED.status,
+    updated_at = now()
+RETURNING
+    id,
+    organization_id,
+    domain,
+    is_primary_login,
+    status,
+    created_at,
+    updated_at`;
+async function upsertOrganizationAuthDomain(client, args) {
+    const result = await client.query({
+        text: exports.upsertOrganizationAuthDomainQuery,
+        values: [args.organizationId, args.domain, args.isPrimaryLogin, args.status],
+        rowMode: "array"
+    });
+    if (result.rows.length !== 1) {
+        return null;
+    }
+    const row = result.rows[0];
+    return {
+        id: row[0],
+        organizationId: row[1],
+        domain: row[2],
+        isPrimaryLogin: row[3],
+        status: row[4],
+        createdAt: row[5],
+        updatedAt: row[6]
+    };
+}
+exports.listOrganizationAuthDomainsQuery = `-- name: ListOrganizationAuthDomains :many
+SELECT
+    id,
+    organization_id,
+    domain,
+    is_primary_login,
+    status,
+    created_at,
+    updated_at
+FROM weave.organization_auth_domains
+WHERE organization_id = $1
+ORDER BY is_primary_login DESC, domain ASC`;
+async function listOrganizationAuthDomains(client, args) {
+    const result = await client.query({
+        text: exports.listOrganizationAuthDomainsQuery,
+        values: [args.organizationId],
+        rowMode: "array"
+    });
+    return result.rows.map(row => {
+        return {
+            id: row[0],
+            organizationId: row[1],
+            domain: row[2],
+            isPrimaryLogin: row[3],
+            status: row[4],
+            createdAt: row[5],
+            updatedAt: row[6]
+        };
+    });
+}
+exports.deleteOrganizationAuthDomainQuery = `-- name: DeleteOrganizationAuthDomain :execrows
+DELETE FROM weave.organization_auth_domains
+WHERE organization_id = $1
+  AND domain = lower($2)`;
 exports.upsertUserProfileQuery = `-- name: UpsertUserProfile :one
 INSERT INTO weave.user_profiles (
     user_id,
@@ -487,6 +695,7 @@ SELECT
     m.user_id,
     m.organization_id,
     m.identity_link_id,
+    l.stytch_member_id,
     m.status,
     m.role_ids,
     p.display_name,
@@ -497,6 +706,8 @@ SELECT
 FROM weave.organization_memberships AS m
 JOIN weave.user_profiles AS p
   ON p.user_id = m.user_id
+LEFT JOIN weave.identity_links AS l
+  ON l.id = m.identity_link_id
 WHERE m.organization_id = $1
 ORDER BY p.display_name ASC, p.email ASC`;
 async function listOrganizationMembers(client, args) {
@@ -511,13 +722,14 @@ async function listOrganizationMembers(client, args) {
             userId: row[1],
             organizationId: row[2],
             identityLinkId: row[3],
-            status: row[4],
-            roleIds: row[5],
-            displayName: row[6],
-            email: row[7],
-            avatarUrl: row[8],
-            createdAt: row[9],
-            updatedAt: row[10]
+            stytchMemberId: row[4],
+            status: row[5],
+            roleIds: row[6],
+            displayName: row[7],
+            email: row[8],
+            avatarUrl: row[9],
+            createdAt: row[10],
+            updatedAt: row[11]
         };
     });
 }
@@ -688,3 +900,338 @@ async function insertAuthAuditEvent(client, args) {
         rowMode: "array"
     });
 }
+exports.createApplicationSessionQuery = `-- name: CreateApplicationSession :one
+INSERT INTO weave.application_sessions (
+    user_id,
+    active_organization_id,
+    expires_at
+) VALUES (
+    $1,
+    $2,
+    $3
+)
+RETURNING
+    id,
+    user_id,
+    active_organization_id,
+    status,
+    expires_at,
+    revoked_at,
+    created_at,
+    updated_at`;
+async function createApplicationSession(client, args) {
+    const result = await client.query({
+        text: exports.createApplicationSessionQuery,
+        values: [args.userId, args.activeOrganizationId, args.expiresAt],
+        rowMode: "array"
+    });
+    if (result.rows.length !== 1) {
+        return null;
+    }
+    const row = result.rows[0];
+    return {
+        id: row[0],
+        userId: row[1],
+        activeOrganizationId: row[2],
+        status: row[3],
+        expiresAt: row[4],
+        revokedAt: row[5],
+        createdAt: row[6],
+        updatedAt: row[7]
+    };
+}
+exports.getApplicationSessionQuery = `-- name: GetApplicationSession :one
+SELECT
+    id,
+    user_id,
+    active_organization_id,
+    status,
+    expires_at,
+    revoked_at,
+    created_at,
+    updated_at
+FROM weave.application_sessions
+WHERE id = $1`;
+async function getApplicationSession(client, args) {
+    const result = await client.query({
+        text: exports.getApplicationSessionQuery,
+        values: [args.id],
+        rowMode: "array"
+    });
+    if (result.rows.length !== 1) {
+        return null;
+    }
+    const row = result.rows[0];
+    return {
+        id: row[0],
+        userId: row[1],
+        activeOrganizationId: row[2],
+        status: row[3],
+        expiresAt: row[4],
+        revokedAt: row[5],
+        createdAt: row[6],
+        updatedAt: row[7]
+    };
+}
+exports.setApplicationSessionActiveOrganizationQuery = `-- name: SetApplicationSessionActiveOrganization :one
+UPDATE weave.application_sessions
+SET
+    active_organization_id = $1,
+    updated_at = now()
+WHERE id = $2
+  AND status = 'active'
+RETURNING
+    id,
+    user_id,
+    active_organization_id,
+    status,
+    expires_at,
+    revoked_at,
+    created_at,
+    updated_at`;
+async function setApplicationSessionActiveOrganization(client, args) {
+    const result = await client.query({
+        text: exports.setApplicationSessionActiveOrganizationQuery,
+        values: [args.organizationId, args.id],
+        rowMode: "array"
+    });
+    if (result.rows.length !== 1) {
+        return null;
+    }
+    const row = result.rows[0];
+    return {
+        id: row[0],
+        userId: row[1],
+        activeOrganizationId: row[2],
+        status: row[3],
+        expiresAt: row[4],
+        revokedAt: row[5],
+        createdAt: row[6],
+        updatedAt: row[7]
+    };
+}
+exports.revokeApplicationSessionQuery = `-- name: RevokeApplicationSession :execrows
+UPDATE weave.application_sessions
+SET
+    status = 'revoked',
+    revoked_at = now(),
+    updated_at = now()
+WHERE id = $1
+  AND status = 'active'`;
+exports.upsertApplicationSessionOrganizationSessionQuery = `-- name: UpsertApplicationSessionOrganizationSession :one
+INSERT INTO weave.application_session_organization_sessions (
+    application_session_id,
+    organization_id,
+    identity_link_id,
+    stytch_organization_id,
+    stytch_member_id,
+    stytch_member_session_id,
+    stytch_session_token_ciphertext,
+    auth_state,
+    expires_at,
+    last_validated_at
+) VALUES (
+    $1,
+    $2,
+    $3,
+    $4,
+    $5,
+    $6,
+    $7,
+    $8,
+    $9,
+    $10
+)
+ON CONFLICT (application_session_id, organization_id) DO UPDATE
+SET
+    identity_link_id = EXCLUDED.identity_link_id,
+    stytch_organization_id = EXCLUDED.stytch_organization_id,
+    stytch_member_id = EXCLUDED.stytch_member_id,
+    stytch_member_session_id = EXCLUDED.stytch_member_session_id,
+    stytch_session_token_ciphertext = EXCLUDED.stytch_session_token_ciphertext,
+    auth_state = EXCLUDED.auth_state,
+    expires_at = EXCLUDED.expires_at,
+    last_validated_at = EXCLUDED.last_validated_at,
+    updated_at = now()
+RETURNING
+    id,
+    application_session_id,
+    organization_id,
+    identity_link_id,
+    stytch_organization_id,
+    stytch_member_id,
+    stytch_member_session_id,
+    stytch_session_token_ciphertext,
+    auth_state,
+    expires_at,
+    last_validated_at,
+    created_at,
+    updated_at`;
+async function upsertApplicationSessionOrganizationSession(client, args) {
+    const result = await client.query({
+        text: exports.upsertApplicationSessionOrganizationSessionQuery,
+        values: [args.applicationSessionId, args.organizationId, args.identityLinkId, args.stytchOrganizationId, args.stytchMemberId, args.stytchMemberSessionId, args.stytchSessionTokenCiphertext, args.authState, args.expiresAt, args.lastValidatedAt],
+        rowMode: "array"
+    });
+    if (result.rows.length !== 1) {
+        return null;
+    }
+    const row = result.rows[0];
+    return {
+        id: row[0],
+        applicationSessionId: row[1],
+        organizationId: row[2],
+        identityLinkId: row[3],
+        stytchOrganizationId: row[4],
+        stytchMemberId: row[5],
+        stytchMemberSessionId: row[6],
+        stytchSessionTokenCiphertext: row[7],
+        authState: row[8],
+        expiresAt: row[9],
+        lastValidatedAt: row[10],
+        createdAt: row[11],
+        updatedAt: row[12]
+    };
+}
+exports.getApplicationSessionOrganizationSessionQuery = `-- name: GetApplicationSessionOrganizationSession :one
+SELECT
+    id,
+    application_session_id,
+    organization_id,
+    identity_link_id,
+    stytch_organization_id,
+    stytch_member_id,
+    stytch_member_session_id,
+    stytch_session_token_ciphertext,
+    auth_state,
+    expires_at,
+    last_validated_at,
+    created_at,
+    updated_at
+FROM weave.application_session_organization_sessions
+WHERE application_session_id = $1
+  AND organization_id = $2`;
+async function getApplicationSessionOrganizationSession(client, args) {
+    const result = await client.query({
+        text: exports.getApplicationSessionOrganizationSessionQuery,
+        values: [args.applicationSessionId, args.organizationId],
+        rowMode: "array"
+    });
+    if (result.rows.length !== 1) {
+        return null;
+    }
+    const row = result.rows[0];
+    return {
+        id: row[0],
+        applicationSessionId: row[1],
+        organizationId: row[2],
+        identityLinkId: row[3],
+        stytchOrganizationId: row[4],
+        stytchMemberId: row[5],
+        stytchMemberSessionId: row[6],
+        stytchSessionTokenCiphertext: row[7],
+        authState: row[8],
+        expiresAt: row[9],
+        lastValidatedAt: row[10],
+        createdAt: row[11],
+        updatedAt: row[12]
+    };
+}
+exports.listApplicationSessionOrganizationSessionStatesQuery = `-- name: ListApplicationSessionOrganizationSessionStates :many
+SELECT
+    s.id,
+    s.application_session_id,
+    s.organization_id,
+    o.slug AS organization_slug,
+    o.name AS organization_name,
+    s.identity_link_id,
+    s.stytch_organization_id,
+    s.stytch_member_id,
+    s.stytch_member_session_id,
+    s.auth_state,
+    s.expires_at,
+    s.last_validated_at,
+    s.created_at,
+    s.updated_at
+FROM weave.application_session_organization_sessions AS s
+JOIN weave.organizations AS o
+  ON o.id = s.organization_id
+WHERE s.application_session_id = $1
+ORDER BY o.slug ASC`;
+async function listApplicationSessionOrganizationSessionStates(client, args) {
+    const result = await client.query({
+        text: exports.listApplicationSessionOrganizationSessionStatesQuery,
+        values: [args.applicationSessionId],
+        rowMode: "array"
+    });
+    return result.rows.map(row => {
+        return {
+            id: row[0],
+            applicationSessionId: row[1],
+            organizationId: row[2],
+            organizationSlug: row[3],
+            organizationName: row[4],
+            identityLinkId: row[5],
+            stytchOrganizationId: row[6],
+            stytchMemberId: row[7],
+            stytchMemberSessionId: row[8],
+            authState: row[9],
+            expiresAt: row[10],
+            lastValidatedAt: row[11],
+            createdAt: row[12],
+            updatedAt: row[13]
+        };
+    });
+}
+exports.markApplicationSessionOrganizationSessionStateQuery = `-- name: MarkApplicationSessionOrganizationSessionState :one
+UPDATE weave.application_session_organization_sessions
+SET
+    auth_state = $1,
+    last_validated_at = now(),
+    updated_at = now()
+WHERE application_session_id = $2
+  AND organization_id = $3
+RETURNING
+    id,
+    application_session_id,
+    organization_id,
+    identity_link_id,
+    stytch_organization_id,
+    stytch_member_id,
+    stytch_member_session_id,
+    stytch_session_token_ciphertext,
+    auth_state,
+    expires_at,
+    last_validated_at,
+    created_at,
+    updated_at`;
+async function markApplicationSessionOrganizationSessionState(client, args) {
+    const result = await client.query({
+        text: exports.markApplicationSessionOrganizationSessionStateQuery,
+        values: [args.authState, args.applicationSessionId, args.organizationId],
+        rowMode: "array"
+    });
+    if (result.rows.length !== 1) {
+        return null;
+    }
+    const row = result.rows[0];
+    return {
+        id: row[0],
+        applicationSessionId: row[1],
+        organizationId: row[2],
+        identityLinkId: row[3],
+        stytchOrganizationId: row[4],
+        stytchMemberId: row[5],
+        stytchMemberSessionId: row[6],
+        stytchSessionTokenCiphertext: row[7],
+        authState: row[8],
+        expiresAt: row[9],
+        lastValidatedAt: row[10],
+        createdAt: row[11],
+        updatedAt: row[12]
+    };
+}
+exports.deleteExpiredApplicationSessionsQuery = `-- name: DeleteExpiredApplicationSessions :execrows
+DELETE FROM weave.application_sessions
+WHERE expires_at <= now()
+   OR status IN ('revoked', 'expired')`;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "weave-typescript",
-  "version": "0.31.0",
+  "version": "0.33.0",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "files": [
@@ -31,7 +31,7 @@
   "devDependencies": {
     "@types/node": "^25.2.0",
     "@types/pg": "^8.15.5",
-    "@typescript/native-preview": "7.0.0-dev.20260426.1"
+    "@typescript/native-preview": "7.0.0-dev.20260503.1"
   },
   "scripts": {
     "test": "node tools/sqlcgen.test.js",