wirejs-deploy-amplify-basic 0.0.69-table-resource → 0.0.71-table-resource

package/amplify-backend-assets/backend.ts

@@ -7,8 +7,7 @@ import { Bucket, BlockPublicAccess } from 'aws-cdk-lib/aws-s3';
 import { Table, AttributeType, BillingMode } from 'aws-cdk-lib/aws-dynamodb';
 import { api } from './functions/api/resource';
 import { auth } from './auth/resource';
-import { KeyFieldDefinition } from 'wirejs-resources';
-import type { TableDefinition } from '../wirejs-resources-overrides/resources/distributed-table';
+import { TableDefinition } from 'wirejs-resources';
 
 // @ts-ignore
 import generated from './generated-resources';

package/amplify-hosting-assets/compute/default/package.json

@@ -3,6 +3,6 @@
 	"dependencies": {
 		"jsdom": "^25.0.1",
 		"wirejs-dom": "^1.0.38",
-		"wirejs-resources": "^0.1.37-table-resource"
+		"wirejs-resources": "^0.1.39-table-resource"
 	}
 }

package/dist/resources/distributed-table.d.ts

@@ -1,11 +1,5 @@
 import { DynamoDBClient } from '@aws-sdk/client-dynamodb';
-import { AllIndexesByName, KeyCondition, IndexFieldNames, Filter, Index, KeyFieldDefinition, KindaPretty, Parser, RecordKey, Resource, DistributedTable as BaseDistributedTable } from 'wirejs-resources';
-export type TableDefinition = {
-    absoluteId: string;
-    partitionKey: KeyFieldDefinition;
-    sortKey?: KeyFieldDefinition;
-    indexes?: Index<any>[];
-};
+import { AllIndexesByName, KeyCondition, IndexFieldNames, Filter, Index, KindaPretty, Parser, RecordKey, Resource, DistributedTable as BaseDistributedTable } from 'wirejs-resources';
 /**
  * A table of records that favors very high *overall* scalability at the expense of
  * scalability *between* partitions. Providers will distribute your data across many

package/dist/resources/distributed-table.js

@@ -1,7 +1,7 @@
 import { env } from 'process';
 import { DynamoDBClient, } from '@aws-sdk/client-dynamodb';
 import { PutCommand, GetCommand, QueryCommand, ScanCommand, DeleteCommand, } from '@aws-sdk/lib-dynamodb';
-import { Resource, indexName, } from 'wirejs-resources';
+import { Resource, indexName } from 'wirejs-resources';
 import { addResource } from '../resource-collector.js';
 function isFieldComparison(filter) {
     return !['and', 'or', 'not'].some(key => key in filter);
@@ -99,6 +99,7 @@ export class DistributedTable extends Resource {
         super(scope, id);
         this.parse = options.parse;
         this.key = options.key;
+        this.indexes = options.indexes;
         this.ddbClient = new DynamoDBClient();
         this.table = env['TABLE_NAME_PREFIX'] + this.absoluteId.replace(/[^a-zA-Z0-9-_]/g, '_');
         const resourceDefinition = {

package/dist/test/distributed-table.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/test/distributed-table.test.js

@@ -0,0 +1,28 @@
+import { DistributedTable } from '../wirejs-resources-overrides/resources/distributed-table';
+import { describe, it } from 'node:test';
+describe('DistributedTable', () => {
+    it('should create a DistributedTable instance', async () => {
+        const table = new DistributedTable('app', 'users', {
+            parse: (record) => record,
+            key: {
+                partition: { field: 'id', type: 'string' },
+                sort: { field: 'name', type: 'string' }
+            },
+            indexes: [
+                {
+                    partition: { field: 'age', type: 'number' },
+                    sort: { field: 'city', type: 'string' }
+                }
+            ]
+        });
+        await Array.fromAsync(table.query({
+            by: 'id-name',
+            where: {
+                id: { eq: '123' },
+                name: { eq: 'John Doe' }
+            }
+        }));
+        console.log('something');
+        // throw new Error('Test not implemented');
+    });
+});

package/dist/wirejs-resources-overrides/client/index.d.ts

@@ -0,0 +1 @@
+export * from 'wirejs-resources/client';

package/dist/wirejs-resources-overrides/client/index.js

@@ -0,0 +1 @@
+export * from 'wirejs-resources/client';

package/dist/wirejs-resources-overrides/index.d.ts

@@ -0,0 +1,4 @@
+export * from 'wirejs-resources';
+export { FileService } from './services/file.js';
+export { AuthenticationService } from './services/authentication.js';
+export { DistributedTable } from './resources/distributed-table.js';

package/dist/wirejs-resources-overrides/index.js

@@ -0,0 +1,14 @@
+import { overrides } from 'wirejs-resources';
+// let's try exporting all the things and overwriting the specific things we
+// want to re-implement.
+export * from 'wirejs-resources';
+import { FileService } from './services/file.js';
+export { FileService } from './services/file.js';
+import { AuthenticationService } from './services/authentication.js';
+export { AuthenticationService } from './services/authentication.js';
+import { DistributedTable } from './resources/distributed-table.js';
+export { DistributedTable } from './resources/distributed-table.js';
+// expose resources to other resources that might depend on it.
+overrides.AuthenticationService = AuthenticationService;
+overrides.DistributedTable = DistributedTable;
+overrides.FileService = FileService;

package/dist/wirejs-resources-overrides/internal/index.d.ts

@@ -0,0 +1 @@
+export * from 'wirejs-resources/internal';

package/dist/wirejs-resources-overrides/internal/index.js

@@ -0,0 +1 @@
+export * from 'wirejs-resources/internal';

package/dist/wirejs-resources-overrides/resource-collector.d.ts

@@ -0,0 +1 @@
+export declare function addResource(type: string, options: any): void;

package/dist/wirejs-resources-overrides/resource-collector.js

@@ -0,0 +1,7 @@
+globalThis.wirejsResources = [];
+export function addResource(type, options) {
+    globalThis.wirejsResources.push({
+        type,
+        options
+    });
+}

package/dist/wirejs-resources-overrides/resources/distributed-table.d.ts

@@ -0,0 +1,41 @@
+import { DynamoDBClient } from '@aws-sdk/client-dynamodb';
+import { AllIndexesByName, KeyCondition, IndexFieldNames, Filter, Index, KindaPretty, Parser, RecordKey, Resource, DistributedTable as BaseDistributedTable } from 'wirejs-resources';
+/**
+ * A table of records that favors very high *overall* scalability at the expense of
+ * scalability *between* partitions. Providers will distribute your data across many
+ * servers based on the partition key as the table and/or traffic increases.
+ *
+ * ### Do NOT change partition keys. (In Production.)
+ *
+ * Changing it will cause some providers to drop and recreate your table.
+ *
+ * High cardinality, non-sequential partition keys allow for the best overall scaling.
+ */
+export declare class DistributedTable<const P extends Parser<any>, const T extends KindaPretty<ReturnType<P>>, const Key extends Index<T>, const Indexes extends Index<T>[] | undefined = undefined> extends Resource implements Omit<BaseDistributedTable<P, T, Key, Indexes>, '#private'> {
+    #private;
+    parse: P;
+    key: Key;
+    indexes: Indexes | undefined;
+    ddbClient: DynamoDBClient;
+    private table;
+    constructor(scope: Resource | string, id: string, options: {
+        parse: P;
+        key: Key;
+        indexes?: Indexes;
+    });
+    get partitionKeyName(): Key['partition']['field'];
+    get sortKeyName(): 'field' extends keyof Key['sort'] ? (Key['sort']['field'] extends string ? Key['sort']['field'] : undefined) : undefined;
+    save(item: T): Promise<void>;
+    saveMany(items: T[]): Promise<void>;
+    delete(item: RecordKey<T, Key>): Promise<void>;
+    deleteMany(items: (RecordKey<T, Key>)[]): Promise<void>;
+    get(key: RecordKey<T, Key>): Promise<T | undefined>;
+    scan(options?: {
+        filter?: Filter<T>;
+    }): AsyncGenerator<T>;
+    query<const GivenPartition extends keyof AllIndexesByName<BaseDistributedTable<P, T, Key, Indexes>> & string>(options: {
+        by: GivenPartition;
+        where: KeyCondition<BaseDistributedTable<P, T, Key, Indexes>, GivenPartition>;
+        filter?: Filter<Omit<T, IndexFieldNames<BaseDistributedTable<P, T, Key, Indexes>, GivenPartition> & string>>;
+    }): AsyncGenerator<T>;
+}

package/dist/wirejs-resources-overrides/resources/distributed-table.js

@@ -0,0 +1,267 @@
+import { env } from 'process';
+import { DynamoDBClient, } from '@aws-sdk/client-dynamodb';
+import { PutCommand, GetCommand, QueryCommand, ScanCommand, DeleteCommand, } from '@aws-sdk/lib-dynamodb';
+import { Resource, indexName } from 'wirejs-resources';
+import { addResource } from '../resource-collector.js';
+function fieldAlias(name) {
+    return `#a_${name}`;
+}
+function isFieldComparison(filter) {
+    console.log('Checking if filter is a field comparison:', filter);
+    return !['and', 'or', 'not'].some(key => key in filter);
+}
+function buildFilterExpression(filter) {
+    console.log('Building filter expression for filter:', filter);
+    if (filter.and) {
+        return `(${filter.and.map(buildFilterExpression).join(' AND ')})`;
+    }
+    if (filter.or) {
+        return `(${filter.or.map(buildFilterExpression).join(' OR ')})`;
+    }
+    if (filter.not) {
+        return `(NOT ${buildFilterExpression(filter.not)})`;
+    }
+    if (!isFieldComparison(filter)) {
+        throw new Error(`Unsupported filter: ${JSON.stringify(filter)}`);
+    }
+    const [baseField] = Object.keys(filter);
+    const field = fieldAlias(baseField);
+    const condition = filter[baseField];
+    if ('eq' in condition)
+        return `${field} = :${baseField}`;
+    if ('ne' in condition)
+        return `${field} <> :${baseField}`;
+    if ('gt' in condition)
+        return `${field} > :${baseField}`;
+    if ('ge' in condition)
+        return `${field} >= :${baseField}`;
+    if ('lt' in condition)
+        return `${field} < :${baseField}`;
+    if ('le' in condition)
+        return `${field} <= :${baseField}`;
+    if ('between' in condition)
+        return `${field} BETWEEN :${baseField}Low AND :${baseField}High`;
+    if ('beginsWith' in condition)
+        return `begins_with(${field}, :${baseField})`;
+    throw new Error(`Unsupported filter condition: ${JSON.stringify(condition)}`);
+}
+function buildExpressionAttributeValues(filter) {
+    console.log('Building expression attribute values for filter:', filter);
+    const values = {};
+    if (filter.and || filter.or || filter.not) {
+        const subFilters = filter.and ?? filter.or ?? [filter.not];
+        for (const subFilter of subFilters) {
+            if (!subFilter)
+                continue;
+            Object.assign(values, buildExpressionAttributeValues(subFilter));
+        }
+    }
+    else if (isFieldComparison(filter)) {
+        const [field] = Object.keys(filter);
+        const condition = filter[field];
+        if ('eq' in condition)
+            values[`:${field}`] = { S: condition.eq };
+        if ('ne' in condition)
+            values[`:${field}`] = { S: condition.ne };
+        if ('gt' in condition)
+            values[`:${field}`] = { S: condition.gt };
+        if ('ge' in condition)
+            values[`:${field}`] = { S: condition.ge };
+        if ('lt' in condition)
+            values[`:${field}`] = { S: condition.lt };
+        if ('le' in condition)
+            values[`:${field}`] = { S: condition.le };
+        if ('between' in condition) {
+            values[`:${field}Low`] = { S: condition.between[0] };
+            values[`:${field}High`] = { S: condition.between[1] };
+        }
+        if ('beginsWith' in condition)
+            values[`:${field}`] = { S: condition.beginsWith };
+    }
+    else {
+        throw new Error(`Unsupported filter: ${JSON.stringify(filter)}`);
+    }
+    return values;
+}
+function buildFieldAliasMap(filter) {
+    const aliasMap = {};
+    if (filter.and) {
+        for (const subFilter of filter.and) {
+            Object.assign(aliasMap, buildFieldAliasMap(subFilter));
+        }
+    }
+    else if (filter.or) {
+        for (const subFilter of filter.or) {
+            Object.assign(aliasMap, buildFieldAliasMap(subFilter));
+        }
+    }
+    else if (filter.not) {
+        Object.assign(aliasMap, buildFieldAliasMap(filter.not));
+    }
+    else if (isFieldComparison(filter)) {
+        const [field] = Object.keys(filter);
+        aliasMap[fieldAlias(field)] = field;
+    }
+    return aliasMap;
+}
+/**
+ * A table of records that favors very high *overall* scalability at the expense of
+ * scalability *between* partitions. Providers will distribute your data across many
+ * servers based on the partition key as the table and/or traffic increases.
+ *
+ * ### Do NOT change partition keys. (In Production.)
+ *
+ * Changing it will cause some providers to drop and recreate your table.
+ *
+ * High cardinality, non-sequential partition keys allow for the best overall scaling.
+ */
+export class DistributedTable extends Resource {
+    parse;
+    key;
+    indexes;
+    ddbClient;
+    table;
+    constructor(scope, id, options) {
+        super(scope, id);
+        this.parse = options.parse;
+        this.key = options.key;
+        this.indexes = options.indexes;
+        this.ddbClient = new DynamoDBClient();
+        this.table = env['TABLE_NAME_PREFIX'] + this.absoluteId.replace(/[^a-zA-Z0-9-_]/g, '_');
+        const resourceDefinition = {
+            absoluteId: this.absoluteId,
+            partitionKey: this.key.partition,
+            sortKey: this.key.sort,
+            indexes: this.indexes
+        };
+        addResource('DistributedTable', resourceDefinition);
+    }
+    get partitionKeyName() {
+        return this.key.partition.field;
+    }
+    get sortKeyName() {
+        return this.key.sort?.field;
+    }
+    #getDDBKey(key) {
+        const ddbKey = {
+            [this.partitionKeyName]: key[this.partitionKeyName]
+        };
+        if (typeof this.sortKeyName === 'string') {
+            ddbKey[this.sortKeyName] = key[this.sortKeyName];
+        }
+        return ddbKey;
+    }
+    async save(item) {
+        const key = this.#getDDBKey(item);
+        const itemToSave = {
+            ...key,
+            ...item,
+        };
+        console.log('Saving item to DynamoDB:', itemToSave);
+        await this.ddbClient.send(new PutCommand({
+            TableName: this.table,
+            Item: itemToSave,
+        }));
+    }
+    async saveMany(items) {
+        const promises = items.map(item => this.save(item));
+        await Promise.all(promises);
+    }
+    async delete(item) {
+        const key = this.#getDDBKey(item);
+        console.log('Deleting item from DynamoDB:', key);
+        await this.ddbClient.send(new DeleteCommand({
+            TableName: this.table,
+            Key: key,
+        }));
+    }
+    async deleteMany(items) {
+        const promises = items.map(item => this.delete(item));
+        await Promise.all(promises);
+    }
+    async get(key) {
+        const ddbKey = this.#getDDBKey(key);
+        console.log('Getting item from DynamoDB:', ddbKey);
+        const result = await this.ddbClient.send(new GetCommand({
+            TableName: this.table,
+            Key: ddbKey,
+        }));
+        if (!result.Item)
+            return undefined;
+        return this.parse(result.Item);
+    }
+    async *scan(options = {}) {
+        console.log('Scanning DynamoDB table:', this.table, options);
+        const filterExpression = options.filter ? buildFilterExpression(options.filter) : undefined;
+        const expressionAttributeValues = options.filter ? buildExpressionAttributeValues(options.filter) : undefined;
+        const expressionAttributeNames = options.filter ? buildFieldAliasMap(options.filter) : undefined;
+        let lastEvaluatedKey = undefined;
+        do {
+            const result = await this.ddbClient.send(new ScanCommand({
+                TableName: this.table,
+                FilterExpression: filterExpression,
+                ExpressionAttributeValues: expressionAttributeValues,
+                ExpressionAttributeNames: expressionAttributeNames,
+                ExclusiveStartKey: lastEvaluatedKey,
+            }));
+            for (const item of result.Items || []) {
+                if (!item)
+                    continue;
+                const record = this.parse(item);
+                yield record;
+            }
+            lastEvaluatedKey = result.LastEvaluatedKey;
+        } while (lastEvaluatedKey);
+    }
+    async *query(options) {
+        console.log('Querying DynamoDB table:', this.table, options);
+        // Build the key condition expression from the `where` clause
+        const whereClauseAsFilter = {
+            // decompose each `where` clause property into a separate condition.
+            and: Object.entries(options.where).map(([k, v]) => ({ [k]: v }))
+        };
+        const keyConditionExpression = buildFilterExpression(whereClauseAsFilter);
+        // Build the filter expression if provided
+        const filterExpression = options.filter ? buildFilterExpression(options.filter) : undefined;
+        // Combine expression attribute values for both key conditions and filters
+        const expressionAttributeValues = {
+            ...buildExpressionAttributeValues(whereClauseAsFilter),
+            ...(options.filter ? buildExpressionAttributeValues(options.filter) : {}),
+        };
+        const expressionAttributeNames = {
+            ...(options.filter ? buildFieldAliasMap(options.filter) : {}),
+            ...buildFieldAliasMap(whereClauseAsFilter),
+        };
+        const isIndexNameTheDefault = options.by === indexName({
+            partition: this.key.partition,
+            sort: this.key.sort
+        });
+        console.log('DynamoDB query params', {
+            TableName: this.table,
+            IndexName: isIndexNameTheDefault ? undefined : options.by,
+            KeyConditionExpression: keyConditionExpression,
+            FilterExpression: filterExpression,
+            ExpressionAttributeValues: expressionAttributeValues,
+            ExpressionAttributeNames: expressionAttributeNames,
+        });
+        let lastEvaluatedKey = undefined;
+        do {
+            const result = await this.ddbClient.send(new QueryCommand({
+                TableName: this.table,
+                IndexName: isIndexNameTheDefault ? undefined : options.by,
+                KeyConditionExpression: keyConditionExpression,
+                FilterExpression: filterExpression,
+                ExpressionAttributeValues: expressionAttributeValues,
+                ExpressionAttributeNames: expressionAttributeNames,
+                ExclusiveStartKey: lastEvaluatedKey,
+            }));
+            for (const item of result.Items || []) {
+                if (!item)
+                    continue;
+                const record = this.parse(item);
+                yield record;
+            }
+            lastEvaluatedKey = result.LastEvaluatedKey;
+        } while (lastEvaluatedKey);
+    }
+}

package/dist/wirejs-resources-overrides/services/authentication.d.ts

@@ -0,0 +1,19 @@
+import { Resource, ContextWrapped, CookieJar, AuthenticationError, AuthenticationService as AuthenticationServiceBase, AuthenticationMachineState, AuthenticationServiceOptions, AuthenticationMachineInput, User } from 'wirejs-resources';
+export declare function hasNonEmptyString(o: any, k: string): boolean;
+export declare class AuthenticationService extends AuthenticationServiceBase {
+    #private;
+    constructor(scope: Resource | string, id: string, options?: AuthenticationServiceOptions);
+    getMachineState(cookies: CookieJar): Promise<AuthenticationMachineState>;
+    missingFieldErrors<T extends Record<string, string | number | boolean>>(input: T, fields: (keyof T & string)[]): AuthenticationError[] | undefined;
+    setMachineState(cookies: CookieJar, form: AuthenticationMachineInput): Promise<AuthenticationMachineState | {
+        errors: AuthenticationError[];
+    }>;
+    buildApi(): ContextWrapped<{
+        getState: () => Promise<AuthenticationMachineState>;
+        setState: (options: AuthenticationMachineInput) => Promise<AuthenticationMachineState | {
+            errors: AuthenticationError[];
+        }>;
+        getCurrentUser: () => Promise<User | null>;
+        requireCurrentUser: () => Promise<User>;
+    }>;
+}

package/dist/wirejs-resources-overrides/services/authentication.js

@@ -0,0 +1,507 @@
+import { env } from 'process';
+import * as jose from 'jose';
+import { CognitoIdentityProviderClient, SignUpCommand, ForgotPasswordCommand, ConfirmForgotPasswordCommand, ConfirmSignUpCommand, ResendConfirmationCodeCommand, InitiateAuthCommand, ChangePasswordCommand, } from '@aws-sdk/client-cognito-identity-provider';
+import { withContext, SignedCookie, Secret, AuthenticationService as AuthenticationServiceBase, } from 'wirejs-resources';
+import { addResource } from '../resource-collector.js';
+const ClientId = env['COGNITO_CLIENT_ID'];
+const actions = {
+    changepassword: {
+        name: "Change Password",
+        fields: {
+            existingPassword: {
+                label: 'Old Password',
+                type: 'password',
+            },
+            newPassword: {
+                label: 'New Password',
+                type: 'password',
+            }
+        },
+        buttons: ['Change Password']
+    },
+    signin: {
+        name: "Sign In",
+        fields: {
+            email: {
+                label: 'Email',
+                type: 'text',
+            },
+            password: {
+                label: 'Password',
+                type: 'password',
+            },
+        },
+        buttons: ['Sign In']
+    },
+    startforgotpassword: {
+        name: "Forgot Password"
+    },
+    continueforgotpassword: {
+        name: "Forgot Password",
+        fields: {
+            email: {
+                label: "Email",
+                type: "text"
+            },
+        },
+        buttons: ["Send Reset Code"]
+    },
+    completeforgotpassword: {
+        name: "Reset Password",
+        fields: {
+            code: {
+                label: "Reset Code",
+                type: "text"
+            },
+            password: {
+                label: "New Password",
+                type: 'password'
+            },
+        },
+        buttons: ["Set Password"]
+    },
+    startsignup: {
+        name: "Sign Up",
+        fields: {
+            email: {
+                label: 'Email',
+                type: 'text',
+            },
+            password: {
+                label: 'Password',
+                type: 'password',
+            },
+        },
+        buttons: ['Sign Up']
+    },
+    completesignup: {
+        name: "Finish Signing Up",
+        fields: {
+            code: {
+                label: "Confirmation Code",
+                type: 'text'
+            },
+        },
+        buttons: ['Complete Sign-up']
+    },
+    resendsignupcode: {
+        name: "Resend Confirmation Code"
+    },
+    signout: {
+        name: "Sign out"
+    },
+    cancel: {
+        name: "Cancel"
+    },
+};
+function machineAction(key) {
+    return {
+        key,
+        ...actions[key]
+    };
+}
+function machineActions(...keys) {
+    const result = {};
+    for (const k of keys) {
+        result[k] = machineAction(k);
+    }
+    return result;
+}
+function isAction(input, action) {
+    return input.key === action;
+}
+export function hasNonEmptyString(o, k) {
+    return (typeof o === 'object' && k in o && typeof o[k] === 'string' && o[k].length > 0);
+}
+const ONE_WEEK = 7 * 24 * 60 * 60; // days * hours/day * minutes/hour * seconds/minute
+const client = new CognitoIdentityProviderClient();
+export class AuthenticationService extends AuthenticationServiceBase {
+    #cookie;
+    #keepalive;
+    constructor(scope, id, options = {}) {
+        super(scope, id, options);
+        const signingSecret = new Secret(this, 'jwt-signing-secret');
+        this.#keepalive = options.keepalive ?? false;
+        this.#cookie = new SignedCookie(this, options.cookie ?? 'identity', signingSecret, { maxAge: ONE_WEEK });
+        addResource('AuthenticationService', { absoluteId: this.absoluteId });
+    }
+    async getMachineState(cookies) {
+        const state = await this.#cookie.read(cookies);
+        if (state?.state === 'authenticated') {
+            if (this.#keepalive)
+                await this.#cookie.write(cookies, state);
+            return {
+                ...state,
+                actions: machineActions('changepassword', 'signout')
+            };
+        }
+        else {
+            if (state?.substate === 'pending-completesignup') {
+                return {
+                    state: 'unauthenticated',
+                    user: undefined,
+                    actions: machineActions('completesignup', 'resendsignupcode', 'cancel')
+                };
+            }
+            else if (state?.substate === 'pending-continueforgotpassword') {
+                return {
+                    state: 'unauthenticated',
+                    user: undefined,
+                    actions: machineActions('continueforgotpassword', 'cancel')
+                };
+            }
+            else if (state?.substate === 'pending-completeforgotpassword') {
+                return {
+                    state: 'unauthenticated',
+                    user: undefined,
+                    actions: machineActions('completeforgotpassword', 'cancel')
+                };
+            }
+            else {
+                return {
+                    state: 'unauthenticated',
+                    user: undefined,
+                    actions: machineActions('signin', 'startsignup', 'startforgotpassword')
+                };
+            }
+        }
+    }
+    missingFieldErrors(input, fields) {
+        const errors = [];
+        for (const field of fields) {
+            if (!input[field])
+                errors.push({
+                    field,
+                    message: "Field is required."
+                });
+        }
+        return errors.length > 0 ? errors : undefined;
+    }
+    async setMachineState(cookies, form) {
+        if (isAction(form, 'signout')) {
+            this.#cookie.clear(cookies);
+            return this.getMachineState(cookies);
+        }
+        else if (isAction(form, 'cancel')) {
+            const state = await this.#cookie.read(cookies);
+            if (!state)
+                return this.getMachineState(cookies);
+            await this.#cookie.write(cookies, {
+                ...state,
+                substate: undefined,
+                metadata: undefined
+            });
+            return this.getMachineState(cookies);
+        }
+        else if (isAction(form, 'startsignup')) {
+            const errors = this.missingFieldErrors(form.inputs, ['email', 'password']);
+            if (errors) {
+                return { errors };
+            }
+            try {
+                const command = new SignUpCommand({
+                    ClientId,
+                    Username: form.inputs.email,
+                    Password: form.inputs.password,
+                    UserAttributes: [
+                        { Name: 'email', Value: form.inputs.email }
+                    ]
+                });
+                const result = await client.send(command);
+                await this.#cookie.write(cookies, {
+                    state: 'unauthenticated',
+                    user: undefined,
+                    substate: 'pending-completesignup',
+                    metadata: form.inputs.email
+                });
+                return this.getMachineState(cookies);
+            }
+            catch (error) {
+                return {
+                    errors: [{
+                            message: error.message
+                        }]
+                };
+            }
+        }
+        else if (isAction(form, 'resendsignupcode')) {
+            const state = await this.#cookie.read(cookies);
+            if (!state) {
+                this.#cookie.clear(cookies);
+                return this.getMachineState(cookies);
+            }
+            // bad state ...
+            if (state?.state === 'authenticated'
+                || state?.substate !== 'pending-completesignup'
+                || !state?.metadata) {
+                await this.#cookie.write(cookies, {
+                    ...state,
+                    substate: undefined,
+                    metadata: undefined,
+                });
+                return this.getMachineState(cookies);
+            }
+            try {
+                const command = new ResendConfirmationCodeCommand({
+                    ClientId,
+                    Username: state.metadata
+                });
+                await client.send(command);
+                return {
+                    ...await this.getMachineState(cookies),
+                    message: 'Your code has been sent again.'
+                };
+            }
+            catch (error) {
+                return {
+                    errors: [{
+                            message: error.message
+                        }]
+                };
+            }
+        }
+        else if (isAction(form, 'completesignup')) {
+            const errors = this.missingFieldErrors(form.inputs, ['code']);
+            if (errors) {
+                return { errors };
+            }
+            const state = await this.#cookie.read(cookies);
+            if (!state || state.substate !== 'pending-completesignup') {
+                this.#cookie.clear(cookies);
+                return this.getMachineState(cookies);
+            }
+            try {
+                const email = state.metadata;
+                if (!email) {
+                    this.#cookie.clear(cookies);
+                    return this.getMachineState(cookies);
+                }
+                const command = new ConfirmSignUpCommand({
+                    ClientId,
+                    Username: email,
+                    ConfirmationCode: form.inputs.code,
+                });
+                const result = await client.send(command);
+                await this.#cookie.clear(cookies);
+                return {
+                    ...await this.getMachineState(cookies),
+                    message: 'All done setting up!<br />Give it a try by signing in.'
+                };
+            }
+            catch (error) {
+                return {
+                    errors: [{
+                            message: error.message
+                        }]
+                };
+            }
+        }
+        else if (isAction(form, 'signin')) {
+            const errors = this.missingFieldErrors(form.inputs, ['email', 'password']);
+            if (errors) {
+                return { errors };
+            }
+            try {
+                const command = new InitiateAuthCommand({
+                    ClientId,
+                    AuthFlow: 'USER_PASSWORD_AUTH',
+                    AuthParameters: {
+                        USERNAME: form.inputs.email,
+                        PASSWORD: form.inputs.password,
+                    }
+                });
+                const result = await client.send(command);
+                const jwtPayload = jose.decodeJwt(
+                // assuming for now, until we support challenges like OTP, Email code, etc.
+                result.AuthenticationResult?.IdToken);
+                await this.#cookie.write(cookies, {
+                    state: 'authenticated',
+                    user: {
+                        id: jwtPayload.sub,
+                        username: form.inputs.email,
+                        displayName: form.inputs.email,
+                    },
+                });
+                return this.getMachineState(cookies);
+            }
+            catch (error) {
+                if (error.message === 'User is not confirmed.') {
+                    const command = new ResendConfirmationCodeCommand({
+                        ClientId,
+                        Username: form.inputs.email
+                    });
+                    await client.send(command);
+                    await this.#cookie.write(cookies, {
+                        state: 'unauthenticated',
+                        user: undefined,
+                        substate: 'pending-completesignup',
+                        metadata: form.inputs.email,
+                    });
+                    return {
+                        ...await this.getMachineState(cookies),
+                        message: `Your account setup isn't complete.<br />
+							We sent you a new code to enter below.`
+                    };
+                }
+                else {
+                    return {
+                        errors: [{
+                                message: error.message
+                            }]
+                    };
+                }
+            }
+        }
+        else if (isAction(form, 'changepassword')) {
+            const errors = this.missingFieldErrors(form.inputs, ['existingPassword', 'newPassword']);
+            if (errors) {
+                return { errors };
+            }
+            const state = await this.#cookie.read(cookies);
+            if (state?.state !== 'authenticated') {
+                this.#cookie.clear(cookies);
+                return this.getMachineState(cookies);
+            }
+            try {
+                // change password requires an access token, which we don't actually store.
+                // so, first step is to actually authenticate.
+                const authCommand = new InitiateAuthCommand({
+                    ClientId,
+                    AuthFlow: 'USER_PASSWORD_AUTH',
+                    AuthParameters: {
+                        USERNAME: state.user.username,
+                        PASSWORD: form.inputs.existingPassword,
+                    }
+                });
+                const authResult = await client.send(authCommand);
+                const changePassCommand = new ChangePasswordCommand({
+                    AccessToken: authResult.AuthenticationResult?.AccessToken,
+                    PreviousPassword: form.inputs.existingPassword,
+                    ProposedPassword: form.inputs.newPassword
+                });
+                await client.send(changePassCommand);
+                return {
+                    ...this.getMachineState(cookies),
+                    message: 'Password changed.'
+                };
+            }
+            catch (error) {
+                return {
+                    errors: [{
+                            message: error.message
+                        }]
+                };
+            }
+        }
+        else if (isAction(form, 'startforgotpassword')) {
+            const state = await this.#cookie.read(cookies);
+            if (state?.state === 'authenticated') {
+                // user is already signed in ... this is *probably* a rogue request?
+                return this.getMachineState(cookies);
+            }
+            await this.#cookie.write(cookies, {
+                state: 'unauthenticated',
+                user: undefined,
+                substate: 'pending-continueforgotpassword'
+            });
+            return this.getMachineState(cookies);
+        }
+        else if (isAction(form, 'continueforgotpassword')) {
+            const state = await this.#cookie.read(cookies);
+            if (state?.state === 'authenticated') {
+                // user is already signed in ... this is *probably* a rogue request?
+                return this.getMachineState(cookies);
+            }
+            const errors = this.missingFieldErrors(form.inputs, ['email']);
+            if (errors) {
+                return { errors };
+            }
+            try {
+                const command = new ForgotPasswordCommand({
+                    ClientId,
+                    Username: form.inputs.email
+                });
+                await client.send(command);
+                await this.#cookie.write(cookies, {
+                    state: 'unauthenticated',
+                    user: undefined,
+                    substate: 'pending-completeforgotpassword',
+                    metadata: form.inputs.email,
+                });
+                return this.getMachineState(cookies);
+            }
+            catch (error) {
+                return {
+                    errors: [{
+                            message: error.message
+                        }]
+                };
+            }
+        }
+        else if (isAction(form, 'completeforgotpassword')) {
+            const state = await this.#cookie.read(cookies);
+            if (state?.state === 'authenticated') {
+                // user is already signed in ... this is *probably* a rogue request?
+                return this.getMachineState(cookies);
+            }
+            const errors = this.missingFieldErrors(form.inputs, ['code', 'password']);
+            if (errors) {
+                return { errors };
+            }
+            try {
+                const command = new ConfirmForgotPasswordCommand({
+                    ClientId,
+                    ConfirmationCode: form.inputs.code,
+                    Password: form.inputs.password,
+                    Username: state?.metadata
+                });
+                await client.send(command);
+                await this.#cookie.write(cookies, {
+                    state: 'unauthenticated',
+                    user: undefined,
+                });
+                return {
+                    ...await this.getMachineState(cookies),
+                    message: `Password set. Please try signing in with your new password.`
+                };
+            }
+            catch (error) {
+                return {
+                    errors: [{
+                            message: error.message
+                        }]
+                };
+            }
+        }
+        else {
+            return { errors: [{
+                        message: 'Unrecognized authentication action.'
+                    }]
+            };
+        }
+    }
+    buildApi() {
+        return withContext(context => ({
+            getState: () => this.getMachineState(context.cookies),
+            setState: (options) => this.setMachineState(context.cookies, options),
+            getCurrentUser: async () => {
+                const state = await this.#cookie.read(context.cookies);
+                if (state?.state === 'authenticated') {
+                    return state.user;
+                }
+                else {
+                    return null;
+                }
+            },
+            requireCurrentUser: async () => {
+                const state = await this.#cookie.read(context.cookies);
+                if (state?.state === 'authenticated') {
+                    return state.user;
+                }
+                else {
+                    throw new Error("Unauthorized.");
+                }
+            }
+        }));
+    }
+}

package/dist/wirejs-resources-overrides/services/file.d.ts

@@ -0,0 +1,13 @@
+import { Resource } from 'wirejs-resources';
+export declare class FileService extends Resource {
+    constructor(scope: Resource | string, id: string);
+    read(filename: string, encoding?: BufferEncoding): Promise<string>;
+    write(filename: string, data: string, { onlyIfNotExists }?: {
+        onlyIfNotExists?: boolean | undefined;
+    }): Promise<void>;
+    delete(filename: string): Promise<void>;
+    list({ prefix }?: {
+        prefix?: string | undefined;
+    }): AsyncGenerator<string, void, unknown>;
+    isAlreadyExistsError(error: any): boolean;
+}

package/dist/wirejs-resources-overrides/services/file.js

@@ -0,0 +1,63 @@
+import { env } from 'process';
+import { S3Client, ListObjectsCommand, PutObjectCommand, GetObjectCommand, DeleteObjectCommand } from '@aws-sdk/client-s3';
+import { Resource, } from 'wirejs-resources';
+import { addResource } from '../resource-collector.js';
+const Bucket = env['BUCKET'];
+const s3 = new S3Client();
+export class FileService extends Resource {
+    constructor(scope, id) {
+        super(scope, id);
+        addResource('FileService', { absoluteId: this.absoluteId });
+    }
+    async read(filename, encoding = 'utf8') {
+        const Key = `${this.absoluteId}/${filename}`;
+        const command = new GetObjectCommand({ Bucket, Key });
+        const result = await s3.send(command);
+        return result.Body.transformToString(encoding);
+    }
+    async write(filename, data, { onlyIfNotExists = false } = {}) {
+        const Key = `${this.absoluteId}/${filename}`;
+        const Body = data;
+        const commandDetails = {
+            Bucket, Key, Body
+        };
+        if (onlyIfNotExists) {
+            commandDetails['IfNoneMatch'] = '*';
+        }
+        const command = new PutObjectCommand(commandDetails);
+        await s3.send(command);
+    }
+    async delete(filename) {
+        const Key = `${this.absoluteId}/${filename}`;
+        const command = new DeleteObjectCommand({
+            Bucket,
+            Key
+        });
+        await s3.send(command);
+    }
+    async *list({ prefix = '' } = {}) {
+        const Prefix = `${this.absoluteId}/${prefix}`;
+        let Marker = undefined;
+        while (true) {
+            const command = new ListObjectsCommand({
+                Bucket,
+                Prefix,
+                MaxKeys: 1000,
+                Marker
+            });
+            const result = await s3.send(command);
+            Marker = result.Marker;
+            for (const o of result.Contents || []) {
+                if (o.Key) {
+                    yield o.Key.slice(`${this.absoluteId}/`.length);
+                }
+            }
+            if (!Marker)
+                break;
+        }
+    }
+    isAlreadyExistsError(error) {
+        // https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html
+        return error?.$metadata?.httpStatusCode === 412;
+    }
+}

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "wirejs-deploy-amplify-basic",
-	"version": "0.0.69-table-resource",
+	"version": "0.0.71-table-resource",
 	"type": "module",
 	"main": "./dist/index.js",
 	"types": "./dist/index.d.ts",
@@ -32,14 +32,15 @@
 		"recursive-copy": "^2.0.14",
 		"rimraf": "^6.0.1",
 		"wirejs-dom": "^1.0.38",
-		"wirejs-resources": "^0.1.37-table-resource"
+		"wirejs-resources": "^0.1.39-table-resource"
 	},
 	"devDependencies": {
 		"@aws-amplify/backend": "^1.14.0",
 		"typescript": "^5.7.3"
 	},
 	"scripts": {
-		"build": "tsc"
+		"build": "tsc",
+		"test": "node --import tsx --test test/**/*.test.ts"
 	},
 	"files": [
 		"amplify-backend-assets/*",