import { z } from 'zod'; /** * Core auth entity schemas (PostgreSQL structure) * These define the fundamental auth data models */ export declare const userIdSchema: z.ZodString; export declare const emailSchema: z.ZodString; export declare const passwordSchema: z.ZodString; export declare const nameSchema: z.ZodString; export declare const roleSchema: z.ZodEnum<["anon", "authenticated", "project_admin"]>; export declare const verificationMethodSchema: z.ZodEnum<["code", "link"]>; /** * User profile schema with default fields and passthrough for custom fields * Note: Using snake_case for fields as they are stored directly in PostgreSQL JSONB */ export declare const profileSchema: z.ZodObject<{ name: z.ZodOptional; avatar_url: z.ZodOptional; }, "passthrough", z.ZodTypeAny, z.objectOutputType<{ name: z.ZodOptional; avatar_url: z.ZodOptional; }, z.ZodTypeAny, "passthrough">, z.objectInputType<{ name: z.ZodOptional; avatar_url: z.ZodOptional; }, z.ZodTypeAny, "passthrough">>; /** * User entity schema - represents the auth.users table in PostgreSQL */ export declare const userSchema: z.ZodObject<{ id: z.ZodString; email: z.ZodString; emailVerified: z.ZodBoolean; providers: z.ZodOptional>; createdAt: z.ZodString; updatedAt: z.ZodString; profile: z.ZodNullable; avatar_url: z.ZodOptional; }, "passthrough", z.ZodTypeAny, z.objectOutputType<{ name: z.ZodOptional; avatar_url: z.ZodOptional; }, z.ZodTypeAny, "passthrough">, z.objectInputType<{ name: z.ZodOptional; avatar_url: z.ZodOptional; }, z.ZodTypeAny, "passthrough">>>; metadata: z.ZodNullable>; }, "strip", z.ZodTypeAny, { id: string; metadata: Record | null; email: string; emailVerified: boolean; createdAt: string; updatedAt: string; profile: z.objectOutputType<{ name: z.ZodOptional; avatar_url: z.ZodOptional; }, z.ZodTypeAny, "passthrough"> | null; providers?: string[] | undefined; }, { id: string; metadata: Record | null; email: string; emailVerified: boolean; createdAt: string; updatedAt: string; profile: z.objectInputType<{ name: z.ZodOptional; avatar_url: z.ZodOptional; }, z.ZodTypeAny, "passthrough"> | null; providers?: string[] | undefined; }>; /** * OAuth state for redirect handling */ export declare const oAuthProvidersSchema: z.ZodEnum<["google", "github", "discord", "linkedin", "facebook", "instagram", "tiktok", "apple", "x", "spotify", "microsoft"]>; export declare const oAuthStateSchema: z.ZodObject<{ provider: z.ZodEnum<["google", "github", "discord", "linkedin", "facebook", "instagram", "tiktok", "apple", "x", "spotify", "microsoft"]>; redirectUri: z.ZodOptional; }, "strip", z.ZodTypeAny, { provider: "google" | "github" | "discord" | "linkedin" | "facebook" | "instagram" | "tiktok" | "apple" | "x" | "spotify" | "microsoft"; redirectUri?: string | undefined; }, { provider: "google" | "github" | "discord" | "linkedin" | "facebook" | "instagram" | "tiktok" | "apple" | "x" | "spotify" | "microsoft"; redirectUri?: string | undefined; }>; export declare const oAuthConfigSchema: z.ZodObject<{ id: z.ZodString; provider: z.ZodEnum<["google", "github", "discord", "linkedin", "facebook", "instagram", "tiktok", "apple", "x", "spotify", "microsoft"]>; clientId: z.ZodOptional; scopes: z.ZodOptional>; redirectUri: z.ZodOptional; useSharedKey: z.ZodBoolean; createdAt: z.ZodString; updatedAt: z.ZodString; }, "strip", z.ZodTypeAny, { id: string; provider: "google" | "github" | "discord" | "linkedin" | "facebook" | "instagram" | "tiktok" | "apple" | "x" | "spotify" | "microsoft"; createdAt: string; updatedAt: string; useSharedKey: boolean; redirectUri?: string | undefined; clientId?: string | undefined; scopes?: string[] | undefined; }, { id: string; provider: "google" | "github" | "discord" | "linkedin" | "facebook" | "instagram" | "tiktok" | "apple" | "x" | "spotify" | "microsoft"; createdAt: string; updatedAt: string; useSharedKey: boolean; redirectUri?: string | undefined; clientId?: string | undefined; scopes?: string[] | undefined; }>; /** * Regex to validate allowed redirect URL patterns. * * Accepts standard URLs **and** Supabase-compatible glob patterns: * - `*` in the hostname position (`https://*.example.com`) * - `*` in path segments (`https://example.com/*`) * - `**` for recursive paths (`https://example.com/**`) * - `?` single-char wildcard (`https://example.com/?session=?`) * - `[…]` character ranges (`https://example.com/[a-z]*`) * * Protocol must be explicit (http/https or a custom scheme). * Glob characters are NOT allowed in the protocol itself. * * For non-IPv6 hosts a lookahead requires at least one alphanumeric character * in the host portion, so degenerate inputs like `https://`, `https://:8080`, * or `https://*.` are rejected. IPv6 hosts are validated via the bracketed * `\[[0-9A-Fa-f:.]+\]` alternative which already enforces a non-empty host. */ export declare const allowedRedirectUrlsRegex: RegExp; export declare const authConfigSchema: z.ZodObject<{ id: z.ZodString; requireEmailVerification: z.ZodBoolean; passwordMinLength: z.ZodNumber; requireNumber: z.ZodBoolean; requireLowercase: z.ZodBoolean; requireUppercase: z.ZodBoolean; requireSpecialChar: z.ZodBoolean; verifyEmailMethod: z.ZodEnum<["code", "link"]>; resetPasswordMethod: z.ZodEnum<["code", "link"]>; allowedRedirectUrls: z.ZodNullable>>; disableSignup: z.ZodBoolean; createdAt: z.ZodString; updatedAt: z.ZodString; }, "strip", z.ZodTypeAny, { id: string; createdAt: string; updatedAt: string; requireEmailVerification: boolean; passwordMinLength: number; requireNumber: boolean; requireLowercase: boolean; requireUppercase: boolean; requireSpecialChar: boolean; verifyEmailMethod: "code" | "link"; resetPasswordMethod: "code" | "link"; disableSignup: boolean; allowedRedirectUrls?: string[] | null | undefined; }, { id: string; createdAt: string; updatedAt: string; requireEmailVerification: boolean; passwordMinLength: number; requireNumber: boolean; requireLowercase: boolean; requireUppercase: boolean; requireSpecialChar: boolean; verifyEmailMethod: "code" | "link"; resetPasswordMethod: "code" | "link"; disableSignup: boolean; allowedRedirectUrls?: string[] | null | undefined; }>; export declare const smtpConfigSchema: z.ZodObject<{ id: z.ZodString; enabled: z.ZodBoolean; host: z.ZodString; port: z.ZodNumber; username: z.ZodString; hasPassword: z.ZodBoolean; senderEmail: z.ZodString; senderName: z.ZodString; minIntervalSeconds: z.ZodNumber; createdAt: z.ZodString; updatedAt: z.ZodString; }, "strip", z.ZodTypeAny, { id: string; enabled: boolean; createdAt: string; updatedAt: string; host: string; port: number; username: string; hasPassword: boolean; senderEmail: string; senderName: string; minIntervalSeconds: number; }, { id: string; enabled: boolean; createdAt: string; updatedAt: string; host: string; port: number; username: string; hasPassword: boolean; senderEmail: string; senderName: string; minIntervalSeconds: number; }>; export declare const emailTemplateSchema: z.ZodObject<{ id: z.ZodString; templateType: z.ZodString; subject: z.ZodString; bodyHtml: z.ZodString; createdAt: z.ZodString; updatedAt: z.ZodString; }, "strip", z.ZodTypeAny, { id: string; createdAt: string; updatedAt: string; templateType: string; subject: string; bodyHtml: string; }, { id: string; createdAt: string; updatedAt: string; templateType: string; subject: string; bodyHtml: string; }>; /** * JWT token payload schema */ export declare const tokenPayloadSchema: z.ZodObject<{ sub: z.ZodString; email: z.ZodString; role: z.ZodEnum<["anon", "authenticated", "project_admin"]>; iat: z.ZodOptional; exp: z.ZodOptional; }, "strip", z.ZodTypeAny, { role: "anon" | "authenticated" | "project_admin"; email: string; sub: string; iat?: number | undefined; exp?: number | undefined; }, { role: "anon" | "authenticated" | "project_admin"; email: string; sub: string; iat?: number | undefined; exp?: number | undefined; }>; export type UserIdSchema = z.infer; export type EmailSchema = z.infer; export type PasswordSchema = z.infer; export type RoleSchema = z.infer; export type VerificationMethodSchema = z.infer; export type ProfileSchema = z.infer; export type UserSchema = z.infer; export type TokenPayloadSchema = z.infer; export type OAuthConfigSchema = z.infer; export type OAuthProvidersSchema = z.infer; export type AuthConfigSchema = z.infer; export declare const customOAuthKeySchema: z.ZodString; export declare const customOAuthConfigSchema: z.ZodObject<{ id: z.ZodString; key: z.ZodString; name: z.ZodString; discoveryEndpoint: z.ZodString; clientId: z.ZodString; createdAt: z.ZodString; updatedAt: z.ZodString; }, "strip", z.ZodTypeAny, { name: string; id: string; key: string; createdAt: string; updatedAt: string; clientId: string; discoveryEndpoint: string; }, { name: string; id: string; key: string; createdAt: string; updatedAt: string; clientId: string; discoveryEndpoint: string; }>; export type CustomOAuthKeySchema = z.infer; export type CustomOAuthConfigSchema = z.infer; export type SmtpConfigSchema = z.infer; export type EmailTemplateSchema = z.infer; //# sourceMappingURL=auth.schema.d.ts.map