webpeel 0.12.0 → 0.12.2

package/dist/server/middleware/url-validator.js

@@ -0,0 +1,187 @@
+/**
+ * URL validation middleware to prevent SSRF attacks
+ * Validates URLs BEFORE any network request is made
+ */
+/**
+ * Validate URL to prevent SSRF attacks
+ * Blocks localhost, private IPs, link-local addresses, and non-HTTP(S) protocols
+ */
+export function validateUrlForSSRF(urlString) {
+    // Parse URL
+    let url;
+    try {
+        url = new URL(urlString);
+    }
+    catch {
+        throw new Error('Invalid URL format');
+    }
+    // Only allow HTTP(S)
+    if (!['http:', 'https:'].includes(url.protocol)) {
+        throw new SSRFError('Cannot fetch localhost, private networks, or non-HTTP URLs');
+    }
+    const hostname = url.hostname.toLowerCase();
+    // Block localhost patterns
+    const localhostPatterns = ['localhost', '0.0.0.0'];
+    if (localhostPatterns.some(pattern => hostname === pattern || hostname.endsWith('.' + pattern))) {
+        throw new SSRFError('Cannot fetch localhost, private networks, or non-HTTP URLs');
+    }
+    // Parse and validate IP addresses
+    const ipv4Info = parseIPv4(hostname);
+    if (ipv4Info) {
+        validateIPv4ForSSRF(ipv4Info);
+    }
+    // Validate IPv6
+    if (hostname.includes(':')) {
+        validateIPv6ForSSRF(hostname);
+    }
+}
+/**
+ * SSRF Error class
+ */
+export class SSRFError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = 'SSRFError';
+    }
+}
+/**
+ * Parse IPv4 address in any format (dotted, hex, octal, decimal)
+ */
+function parseIPv4(hostname) {
+    const cleaned = hostname.replace(/^\[|\]$/g, '');
+    // Standard dotted notation: 192.168.1.1
+    const dottedRegex = /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/;
+    const dottedMatch = cleaned.match(dottedRegex);
+    if (dottedMatch) {
+        const octets = dottedMatch.slice(1).map(Number);
+        if (octets.every(o => o >= 0 && o <= 255)) {
+            return octets;
+        }
+        throw new SSRFError('Cannot fetch localhost, private networks, or non-HTTP URLs');
+    }
+    // Hex notation: 0x7f000001
+    if (/^0x[0-9a-fA-F]+$/.test(cleaned)) {
+        const num = parseInt(cleaned, 16);
+        return [
+            (num >>> 24) & 0xff,
+            (num >>> 16) & 0xff,
+            (num >>> 8) & 0xff,
+            num & 0xff,
+        ];
+    }
+    // Octal notation
+    if (/^0[0-7]/.test(cleaned)) {
+        if (/^0[0-7]+$/.test(cleaned)) {
+            const num = parseInt(cleaned, 8);
+            if (num <= 0xffffffff) {
+                return [
+                    (num >>> 24) & 0xff,
+                    (num >>> 16) & 0xff,
+                    (num >>> 8) & 0xff,
+                    num & 0xff,
+                ];
+            }
+        }
+        const parts = cleaned.split('.');
+        if (parts.length === 4) {
+            const octets = parts.map(p => parseInt(p, /^0[0-7]/.test(p) ? 8 : 10));
+            if (octets.every(o => o >= 0 && o <= 255)) {
+                return octets;
+            }
+        }
+    }
+    // Decimal notation: 2130706433
+    if (/^\d+$/.test(cleaned)) {
+        const num = parseInt(cleaned, 10);
+        if (num <= 0xffffffff) {
+            return [
+                (num >>> 24) & 0xff,
+                (num >>> 16) & 0xff,
+                (num >>> 8) & 0xff,
+                num & 0xff,
+            ];
+        }
+    }
+    return null;
+}
+/**
+ * Validate IPv4 address against private/reserved ranges
+ */
+function validateIPv4ForSSRF(octets) {
+    const [a, b, c, d] = octets;
+    // Loopback: 127.0.0.0/8
+    if (a === 127) {
+        throw new SSRFError('Cannot fetch localhost, private networks, or non-HTTP URLs');
+    }
+    // Private: 10.0.0.0/8
+    if (a === 10) {
+        throw new SSRFError('Cannot fetch localhost, private networks, or non-HTTP URLs');
+    }
+    // Private: 172.16.0.0/12
+    if (a === 172 && b >= 16 && b <= 31) {
+        throw new SSRFError('Cannot fetch localhost, private networks, or non-HTTP URLs');
+    }
+    // Private: 192.168.0.0/16
+    if (a === 192 && b === 168) {
+        throw new SSRFError('Cannot fetch localhost, private networks, or non-HTTP URLs');
+    }
+    // Link-local: 169.254.0.0/16 (includes AWS metadata endpoint)
+    if (a === 169 && b === 254) {
+        throw new SSRFError('Cannot fetch localhost, private networks, or non-HTTP URLs');
+    }
+    // Broadcast: 255.255.255.255
+    if (a === 255 && b === 255 && c === 255 && d === 255) {
+        throw new SSRFError('Cannot fetch localhost, private networks, or non-HTTP URLs');
+    }
+    // This network: 0.0.0.0/8
+    if (a === 0) {
+        throw new SSRFError('Cannot fetch localhost, private networks, or non-HTTP URLs');
+    }
+}
+/**
+ * Validate IPv6 address against private/reserved ranges
+ */
+function validateIPv6ForSSRF(hostname) {
+    const addr = hostname.replace(/^\[|\]$/g, '').toLowerCase();
+    // Loopback: ::1
+    if (addr === '::1' || addr === '0:0:0:0:0:0:0:1') {
+        throw new SSRFError('Cannot fetch localhost, private networks, or non-HTTP URLs');
+    }
+    // IPv6 mapped IPv4: ::ffff:192.168.1.1
+    if (addr.startsWith('::ffff:')) {
+        const ipv4Part = addr.substring(7);
+        if (ipv4Part.includes('.')) {
+            const parts = ipv4Part.split('.');
+            if (parts.length === 4) {
+                const octets = parts.map(p => parseInt(p, 10));
+                if (octets.every(o => !isNaN(o) && o >= 0 && o <= 255)) {
+                    validateIPv4ForSSRF(octets);
+                }
+            }
+        }
+        else {
+            const hexStr = ipv4Part.replace(/:/g, '');
+            if (/^[0-9a-f]{1,8}$/.test(hexStr)) {
+                const num = parseInt(hexStr, 16);
+                const octets = [
+                    (num >>> 24) & 0xff,
+                    (num >>> 16) & 0xff,
+                    (num >>> 8) & 0xff,
+                    num & 0xff,
+                ];
+                validateIPv4ForSSRF(octets);
+            }
+        }
+        throw new SSRFError('Cannot fetch localhost, private networks, or non-HTTP URLs');
+    }
+    // Unique local addresses: fc00::/7
+    if (addr.startsWith('fc') || addr.startsWith('fd')) {
+        throw new SSRFError('Cannot fetch localhost, private networks, or non-HTTP URLs');
+    }
+    // Link-local: fe80::/10
+    if (addr.startsWith('fe8') || addr.startsWith('fe9') ||
+        addr.startsWith('fea') || addr.startsWith('feb')) {
+        throw new SSRFError('Cannot fetch localhost, private networks, or non-HTTP URLs');
+    }
+}
+//# sourceMappingURL=url-validator.js.map

package/dist/server/middleware/url-validator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"url-validator.js","sourceRoot":"","sources":["../../../src/server/middleware/url-validator.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH;;;GAGG;AACH,MAAM,UAAU,kBAAkB,CAAC,SAAiB;IAClD,YAAY;IACZ,IAAI,GAAQ,CAAC;IACb,IAAI,CAAC;QACH,GAAG,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC;IAC3B,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IACxC,CAAC;IAED,qBAAqB;IACrB,IAAI,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;QAChD,MAAM,IAAI,SAAS,CAAC,4DAA4D,CAAC,CAAC;IACpF,CAAC;IAED,MAAM,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;IAE5C,2BAA2B;IAC3B,MAAM,iBAAiB,GAAG,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC;IACnD,IAAI,iBAAiB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,QAAQ,KAAK,OAAO,IAAI,QAAQ,CAAC,QAAQ,CAAC,GAAG,GAAG,OAAO,CAAC,CAAC,EAAE,CAAC;QAChG,MAAM,IAAI,SAAS,CAAC,4DAA4D,CAAC,CAAC;IACpF,CAAC;IAED,kCAAkC;IAClC,MAAM,QAAQ,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC;IACrC,IAAI,QAAQ,EAAE,CAAC;QACb,mBAAmB,CAAC,QAAQ,CAAC,CAAC;IAChC,CAAC;IAED,gBAAgB;IAChB,IAAI,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAC3B,mBAAmB,CAAC,QAAQ,CAAC,CAAC;IAChC,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,OAAO,SAAU,SAAQ,KAAK;IAClC,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,WAAW,CAAC;IAC1B,CAAC;CACF;AAED;;GAEG;AACH,SAAS,SAAS,CAAC,QAAgB;IACjC,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;IAEjD,wCAAwC;IACxC,MAAM,WAAW,GAAG,8CAA8C,CAAC;IACnE,MAAM,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;IAC/C,IAAI,WAAW,EAAE,CAAC;QAChB,MAAM,MAAM,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAChD,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;YAC1C,OAAO,MAAM,CAAC;QAChB,CAAC;QACD,MAAM,IAAI,SAAS,CAAC,4DAA4D,CAAC,CAAC;IACpF,CAAC;IAED,2BAA2B;IAC3B,IAAI,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QACrC,MAAM,GAAG,GAAG,QAAQ,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAClC,OAAO;YACL,CAAC,GAAG,KAAK,EAAE,CAAC,GAAG,IAAI;YACnB,CAAC,GAAG,KAAK,EAAE,CAAC,GAAG,IAAI;YACnB,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,IAAI;YAClB,GAAG,GAAG,IAAI;SACX,CAAC;IACJ,CAAC;IAED,iBAAiB;IACjB,IAAI,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,IAAI,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YAC9B,MAAM,GAAG,GAAG,QAAQ,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;YACjC,IAAI,GAAG,IAAI,UAAU,EAAE,CAAC;gBACtB,OAAO;oBACL,CAAC,GAAG,KAAK,EAAE,CAAC,GAAG,IAAI;oBACnB,CAAC,GAAG,KAAK,EAAE,CAAC,GAAG,IAAI;oBACnB,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,IAAI;oBAClB,GAAG,GAAG,IAAI;iBACX,CAAC;YACJ,CAAC;QACH,CAAC;QACD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACjC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,MAAM,MAAM,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC,EAAE,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACvE,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;gBAC1C,OAAO,MAAM,CAAC;YAChB,CAAC;QACH,CAAC;IACH,CAAC;IAED,+BAA+B;IAC/B,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QAC1B,MAAM,GAAG,GAAG,QAAQ,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAClC,IAAI,GAAG,IAAI,UAAU,EAAE,CAAC;YACtB,OAAO;gBACL,CAAC,GAAG,KAAK,EAAE,CAAC,GAAG,IAAI;gBACnB,CAAC,GAAG,KAAK,EAAE,CAAC,GAAG,IAAI;gBACnB,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,IAAI;gBAClB,GAAG,GAAG,IAAI;aACX,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,SAAS,mBAAmB,CAAC,MAAgB;IAC3C,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC;IAE5B,wBAAwB;IACxB,IAAI,CAAC,KAAK,GAAG,EAAE,CAAC;QACd,MAAM,IAAI,SAAS,CAAC,4DAA4D,CAAC,CAAC;IACpF,CAAC;IAED,sBAAsB;IACtB,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC;QACb,MAAM,IAAI,SAAS,CAAC,4DAA4D,CAAC,CAAC;IACpF,CAAC;IAED,yBAAyB;IACzB,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC;QACpC,MAAM,IAAI,SAAS,CAAC,4DAA4D,CAAC,CAAC;IACpF,CAAC;IAED,0BAA0B;IAC1B,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,EAAE,CAAC;QAC3B,MAAM,IAAI,SAAS,CAAC,4DAA4D,CAAC,CAAC;IACpF,CAAC;IAED,8DAA8D;IAC9D,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,EAAE,CAAC;QAC3B,MAAM,IAAI,SAAS,CAAC,4DAA4D,CAAC,CAAC;IACpF,CAAC;IAED,6BAA6B;IAC7B,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,EAAE,CAAC;QACrD,MAAM,IAAI,SAAS,CAAC,4DAA4D,CAAC,CAAC;IACpF,CAAC;IAED,0BAA0B;IAC1B,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;QACZ,MAAM,IAAI,SAAS,CAAC,4DAA4D,CAAC,CAAC;IACpF,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,mBAAmB,CAAC,QAAgB;IAC3C,MAAM,IAAI,GAAG,QAAQ,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;IAE5D,gBAAgB;IAChB,IAAI,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,iBAAiB,EAAE,CAAC;QACjD,MAAM,IAAI,SAAS,CAAC,4DAA4D,CAAC,CAAC;IACpF,CAAC;IAED,uCAAuC;IACvC,IAAI,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC/B,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;QAEnC,IAAI,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YAC3B,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAClC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACvB,MAAM,MAAM,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;gBAC/C,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;oBACvD,mBAAmB,CAAC,MAAM,CAAC,CAAC;gBAC9B,CAAC;YACH,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,MAAM,GAAG,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;YAC1C,IAAI,iBAAiB,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;gBACnC,MAAM,GAAG,GAAG,QAAQ,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;gBACjC,MAAM,MAAM,GAAG;oBACb,CAAC,GAAG,KAAK,EAAE,CAAC,GAAG,IAAI;oBACnB,CAAC,GAAG,KAAK,EAAE,CAAC,GAAG,IAAI;oBACnB,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,IAAI;oBAClB,GAAG,GAAG,IAAI;iBACX,CAAC;gBACF,mBAAmB,CAAC,MAAM,CAAC,CAAC;YAC9B,CAAC;QACH,CAAC;QACD,MAAM,IAAI,SAAS,CAAC,4DAA4D,CAAC,CAAC;IACpF,CAAC;IAED,mCAAmC;IACnC,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,MAAM,IAAI,SAAS,CAAC,4DAA4D,CAAC,CAAC;IACpF,CAAC;IAED,wBAAwB;IACxB,IAAI,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC;QAChD,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC;QACrD,MAAM,IAAI,SAAS,CAAC,4DAA4D,CAAC,CAAC;IACpF,CAAC;AACH,CAAC"}

package/dist/server/pg-auth-store.d.ts

@@ -0,0 +1,129 @@
+/**
+ * PostgreSQL-backed auth store for production deployments
+ * Uses SHA-256 hashing for API keys and tracks WEEKLY usage with burst limits
+ */
+import { AuthStore, ApiKeyInfo } from './auth-store.js';
+export interface WeeklyUsageInfo {
+    week: string;
+    basicCount: number;
+    stealthCount: number;
+    captchaCount: number;
+    searchCount: number;
+    totalUsed: number;
+    weeklyLimit: number;
+    rolloverCredits: number;
+    totalAvailable: number;
+    remaining: number;
+    percentUsed: number;
+    resetsAt: string;
+}
+export interface BurstInfo {
+    hourBucket: string;
+    count: number;
+    limit: number;
+    remaining: number;
+    resetsIn: string;
+}
+export interface ExtraUsageInfo {
+    enabled: boolean;
+    balance: number;
+    spent: number;
+    spendingLimit: number;
+    autoReload: boolean;
+    percentUsed: number;
+    resetsAt: string;
+}
+/**
+ * PostgreSQL auth store for production
+ */
+export declare class PostgresAuthStore implements AuthStore {
+    private pool;
+    constructor(connectionString?: string);
+    /**
+     * Hash API key with SHA-256
+     * SECURITY: Never store raw API keys
+     */
+    private hashKey;
+    /**
+     * Get current ISO week in YYYY-WXX format (e.g., "2026-W07")
+     */
+    private getCurrentWeek;
+    /**
+     * Get previous ISO week in YYYY-WXX format
+     */
+    private getPreviousWeek;
+    /**
+     * Get next Monday 00:00 UTC (week reset time)
+     */
+    private getWeekResetTime;
+    /**
+     * Get current hour bucket in YYYY-MM-DDTHH format (UTC)
+     */
+    private getCurrentHour;
+    /**
+     * Get human-readable time until next hour
+     */
+    private getTimeUntilNextHour;
+    /**
+     * Validate API key and return user info
+     * SECURITY: Uses SHA-256 hash comparison, updates last_used_at
+     */
+    validateKey(key: string): Promise<ApiKeyInfo | null>;
+    /**
+     * Track weekly usage for an API key
+     * SECURITY: Uses UPSERT to prevent race conditions
+     */
+    trackUsage(key: string, fetchType: 'basic' | 'stealth' | 'captcha' | 'search'): Promise<void>;
+    /**
+     * Track burst usage (hourly limit)
+     */
+    trackBurstUsage(key: string): Promise<void>;
+    /**
+     * Check burst limit (hourly)
+     */
+    checkBurstLimit(key: string): Promise<{
+        allowed: boolean;
+        burst: BurstInfo;
+    }>;
+    /**
+     * Get weekly usage info for an API key with rollover calculation
+     */
+    getUsage(key: string): Promise<WeeklyUsageInfo | null>;
+    /**
+     * Check if API key has exceeded weekly limit
+     */
+    checkLimit(key: string): Promise<{
+        allowed: boolean;
+        usage?: WeeklyUsageInfo;
+    }>;
+    /**
+     * Get extra usage info for a user
+     */
+    getExtraUsageInfo(key: string): Promise<ExtraUsageInfo | null>;
+    /**
+     * Check if extra usage can be used
+     */
+    canUseExtraUsage(key: string): Promise<boolean>;
+    /**
+     * Track extra usage and deduct from balance
+     */
+    trackExtraUsage(key: string, fetchType: 'basic' | 'stealth' | 'captcha' | 'search', url?: string, processingTimeMs?: number, statusCode?: number): Promise<{
+        success: boolean;
+        cost: number;
+        newBalance: number;
+    }>;
+    /**
+     * Generate a cryptographically secure API key
+     * Format: wp_live_ + 32 random hex chars (total 40 chars)
+     */
+    static generateApiKey(): string;
+    /**
+     * Get key prefix (first 12 characters for display)
+     */
+    static getKeyPrefix(key: string): string;
+    /**
+     * Close the database pool
+     */
+    close(): Promise<void>;
+}
+//# sourceMappingURL=pg-auth-store.d.ts.map

package/dist/server/pg-auth-store.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"pg-auth-store.d.ts","sourceRoot":"","sources":["../../src/server/pg-auth-store.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAIxD,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,CAAC;IACxB,cAAc,EAAE,MAAM,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,SAAS;IACxB,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,cAAc;IAC7B,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,OAAO,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAUD;;GAEG;AACH,qBAAa,iBAAkB,YAAW,SAAS;IACjD,OAAO,CAAC,IAAI,CAAU;gBAEV,gBAAgB,CAAC,EAAE,MAAM;IAqBrC;;;OAGG;IACH,OAAO,CAAC,OAAO;IAIf;;OAEG;IACH,OAAO,CAAC,cAAc;IAQtB;;OAEG;IACH,OAAO,CAAC,eAAe;IASvB;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAUxB;;OAEG;IACH,OAAO,CAAC,cAAc;IAKtB;;OAEG;IACH,OAAO,CAAC,oBAAoB;IAS5B;;;OAGG;IACG,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC;IAkD1D;;;OAGG;IACG,UAAU,CACd,GAAG,EAAE,MAAM,EACX,SAAS,EAAE,OAAO,GAAG,SAAS,GAAG,SAAS,GAAG,QAAQ,GACpD,OAAO,CAAC,IAAI,CAAC;IA2ChB;;OAEG;IACG,eAAe,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAgCjD;;OAEG;IACG,eAAe,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,KAAK,EAAE,SAAS,CAAA;KAAE,CAAC;IAyDnF;;OAEG;IACG,QAAQ,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,GAAG,IAAI,CAAC;IA2E5D;;OAEG;IACG,UAAU,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,KAAK,CAAC,EAAE,eAAe,CAAA;KAAE,CAAC;IAYrF;;OAEG;IACG,iBAAiB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC;IAoDpE;;OAEG;IACG,gBAAgB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAWrD;;OAEG;IACG,eAAe,CACnB,GAAG,EAAE,MAAM,EACX,SAAS,EAAE,OAAO,GAAG,SAAS,GAAG,SAAS,GAAG,QAAQ,EACrD,GAAG,CAAC,EAAE,MAAM,EACZ,gBAAgB,CAAC,EAAE,MAAM,EACzB,UAAU,CAAC,EAAE,MAAM,GAClB,OAAO,CAAC;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,IAAI,EAAE,MAAM,CAAC;QAAC,UAAU,EAAE,MAAM,CAAA;KAAE,CAAC;IAuElE;;;OAGG;IACH,MAAM,CAAC,cAAc,IAAI,MAAM;IAK/B;;OAEG;IACH,MAAM,CAAC,YAAY,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM;IAIxC;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;CAG7B"}