Skip to content

@cyber-eco/typesDocs


@cyber-eco/types

Interfaces

SharedActivity

Generic activity that can be used across apps

Properties

id

id: string

Defined in

activity.ts:5

name

name: string

Defined in

activity.ts:6

description?

optional description: string

Defined in

activity.ts:7

type

type: string

Defined in

activity.ts:8

appId

appId: string

Defined in

activity.ts:9

participants

participants: string[]

Defined in

activity.ts:10

startDate

startDate: string

Defined in

activity.ts:11

endDate?

optional endDate: string

Defined in

activity.ts:12

location?

optional location: object

name?

optional name: string

address?

optional address: string

coordinates?

optional coordinates: object

coordinates.lat

lat: number

coordinates.lng

lng: number

Defined in

activity.ts:13

tags?

optional tags: string[]

Defined in

activity.ts:21

visibility

visibility: "public" | "private" | "group"

Defined in

activity.ts:22

groupId?

optional groupId: string

Defined in

activity.ts:23

metadata?

optional metadata: Record\<string, any>

Defined in

activity.ts:24

createdAt

createdAt: string

Defined in

activity.ts:25

createdBy

createdBy: string

Defined in

activity.ts:26


ActivitySummary

User activity summary across apps

Properties

userId

userId: string

Defined in

activity.ts:33

period

period: object

start

start: string

end

end: string

Defined in

activity.ts:34

totalActivities

totalActivities: number

Defined in

activity.ts:38

byApp

byApp: object[]

Defined in

activity.ts:39

mostActiveGroups

mostActiveGroups: string[]

Defined in

activity.ts:44

lastUpdated

lastUpdated: string

Defined in

activity.ts:45


App

Application definition in the CyberEco ecosystem

Properties

id

id: string

Defined in

app.ts:5

name

name: string

Defined in

app.ts:6

description

description: string

Defined in

app.ts:7

icon

icon: string

Defined in

app.ts:8

url

url: string

Defined in

app.ts:9

proxyPath?

optional proxyPath: string

Defined in

app.ts:10

category

category: "finance" | "productivity" | "social" | "utility" | "info"

Defined in

app.ts:11

status

status: "active" | "beta" | "maintenance" | "deprecated"

Defined in

app.ts:12

requiresAuth

requiresAuth: boolean

Defined in

app.ts:13

minRole?

optional minRole: "user" | "admin"

Defined in

app.ts:14

features

features: string[]

Defined in

app.ts:15

clientId?

optional clientId: string

OAuth client ID (set when app is registered via Developer Portal)

Defined in

app.ts:17

developerId?

optional developerId: string

Developer who registered this app

Defined in

app.ts:19

requestedScopes?

optional requestedScopes: string[]

Scopes requested by this app

Defined in

app.ts:21

createdAt

createdAt: string

Defined in

app.ts:22

updatedAt

updatedAt: string

Defined in

app.ts:23


AppConfig

Application configuration for navigation and theming

Properties

name

name: string

Defined in

app.ts:30

navigation: object

links: object[]

showConfig?

optional showConfig: boolean

mobileMenuStorageKey?

optional mobileMenuStorageKey: string

Defined in

app.ts:31

theme?

optional theme: object

primaryColor?

optional primaryColor: string

accentColor?

optional accentColor: string

Defined in

app.ts:36

features?

optional features: object

auth?

optional auth: boolean

notifications?

optional notifications: boolean

optional search: boolean

Defined in

app.ts:40


AuditLogEntry

Audit log entry for tracking user actions

Properties

id

id: string

Defined in

audit.ts:5

userId

userId: string

Defined in

audit.ts:6

action

action: string

Defined in

audit.ts:7

resourceType

resourceType: string

Defined in

audit.ts:8

resourceId

resourceId: string

Defined in

audit.ts:9

details?

optional details: Record\<string, unknown>

Defined in

audit.ts:10

ipAddress?

optional ipAddress: string

Defined in

audit.ts:11

timestamp

timestamp: string

Defined in

audit.ts:12


AuthAdapter

The identity operations an auth backend must provide. Everything is expressed in terms of the normalized AuthUser — no backend-specific user type leaks through this interface.

Methods

signIn()

signIn(email, password): Promise\<AuthUser>

Sign in with email + password. Resolves to the normalized user.

Parameters

email: string

password: string

Returns

Promise\<AuthUser>

Defined in

auth-adapter.ts:29

signUp()

signUp(email, password, displayName): Promise\<AuthUser>

Create an account with email + password and set the display name.

Parameters

email: string

password: string

displayName: string

Returns

Promise\<AuthUser>

Defined in

auth-adapter.ts:31

signOut()

signOut(): Promise\<void>

Sign the current user out.

Returns

Promise\<void>

Defined in

auth-adapter.ts:33

signInWithProvider()

signInWithProvider(provider): Promise\<AuthUser>

Sign in via a social provider (popup/redirect handled by the adapter).

Parameters

provider: AuthProviderName

Returns

Promise\<AuthUser>

Defined in

auth-adapter.ts:35

linkProvider()?

optional linkProvider(provider): Promise\<void>

Link a social provider to the currently signed-in account.

Parameters

provider: AuthProviderName

Returns

Promise\<void>

Defined in

auth-adapter.ts:37

resetPassword()

resetPassword(email): Promise\<void>

Send a password-reset email.

Parameters

email: string

Returns

Promise\<void>

Defined in

auth-adapter.ts:39

updateDisplayProfile()

updateDisplayProfile(update): Promise\<void>

Update the signed-in user's display name and/or photo.

Parameters

update

update.displayName?: string

update.photoURL?: string

Returns

Promise\<void>

Defined in

auth-adapter.ts:41

getCurrentUser()

getCurrentUser(): null | AuthUser

Current user synchronously if known, else null.

Returns

null | AuthUser

Defined in

auth-adapter.ts:43

getIdToken()

getIdToken(): Promise\<null | string>

A fresh ID/access token for the signed-in user, or null.

Returns

Promise\<null | string>

Defined in

auth-adapter.ts:45

onAuthStateChanged()

onAuthStateChanged(callback): () => void

Subscribe to auth-state changes. Returns an unsubscribe function.

Parameters

callback

Returns

Function

Returns

void

Defined in

auth-adapter.ts:47

setPersistence()?

optional setPersistence(persistence): Promise\<void>

Configure where the session is persisted (optional; adapters may no-op).

Parameters

persistence: AuthPersistence

Returns

Promise\<void>

Defined in

auth-adapter.ts:49


ProfileStore\<T>

Persists the user PROFILE document (application data, not identity). Kept separate from AuthAdapter so the auth layer never imports a database SDK — the profile lives in the data layer. Injected alongside the auth adapter.

Type Parameters

T = Record\<string, unknown>

Methods

get()

get(uid): Promise\<null | T>

Read a profile by user id, or null if none exists.

Parameters

uid: string

Returns

Promise\<null | T>

Defined in

auth-adapter.ts:59

set()

set(uid, profile): Promise\<void>

Create or overwrite a profile.

Parameters

uid: string

profile: T

Returns

Promise\<void>

Defined in

auth-adapter.ts:61

update()

update(uid, partial): Promise\<void>

Merge a partial update into an existing profile.

Parameters

uid: string

partial: Partial\<T>

Returns

Promise\<void>

Defined in

auth-adapter.ts:63


TokenVerifier

Server-side verification of an auth token's signature and claims. The concrete implementation (e.g. FirebaseTokenVerifier verifying against Google's JWKS) is injected wherever a token must be trusted (e.g. the set-cookie endpoint).

Methods

verify()

verify(token): Promise\<object>

Verify the token and return the authenticated identity.

Parameters

token: string

Returns

Promise\<object>

uid

uid: string

email?

optional email: string

Throws

if the signature/claims are invalid or the token is expired.

Defined in

auth-adapter.ts:76


AuthUser

Authentication user from Firebase Auth or similar providers

Properties

uid

uid: string

Defined in

auth.ts:5

email

email: null | string

Defined in

auth.ts:6

displayName

displayName: null | string

Defined in

auth.ts:7

photoURL

photoURL: null | string

Defined in

auth.ts:8

emailVerified

emailVerified: boolean

Defined in

auth.ts:9


AuthToken

Decoded authentication token

Properties

uid

uid: string

Defined in

auth.ts:16

email?

optional email: string

Defined in

auth.ts:17

email_verified?

optional email_verified: boolean

Defined in

auth.ts:18

name?

optional name: string

Defined in

auth.ts:19

picture?

optional picture: string

Defined in

auth.ts:20

exp?

optional exp: number

Defined in

auth.ts:21


BillingRecord

User billing/subscription record

Properties

id

id: string

Defined in

billing.ts:5

userId

userId: string

Defined in

billing.ts:6

plan

plan: "family" | "organization" | "free" | "personal"

Defined in

billing.ts:7

status

status: "active" | "past_due" | "canceled" | "trial"

Defined in

billing.ts:8

startDate

startDate: string

Defined in

billing.ts:9

endDate?

optional endDate: string

Defined in

billing.ts:10

amount

amount: number

Defined in

billing.ts:11

currency

currency: string

Defined in

billing.ts:12

paymentMethod?

optional paymentMethod: string

Defined in

billing.ts:13


Invoice

Invoice for billing

Properties

id

id: string

Defined in

billing.ts:20

userId

userId: string

Defined in

billing.ts:21

billingRecordId

billingRecordId: string

Defined in

billing.ts:22

amount

amount: number

Defined in

billing.ts:23

currency

currency: string

Defined in

billing.ts:24

status

status: "draft" | "sent" | "paid" | "overdue" | "void"

Defined in

billing.ts:25

issuedAt

issuedAt: string

Defined in

billing.ts:26

dueAt

dueAt: string

Defined in

billing.ts:27

paidAt?

optional paidAt: string

Defined in

billing.ts:28


CacheBackend

Cache backend interface for L2 caching

Methods

get()

get\<T>(key): Promise\<null | T>

Type Parameters

T

Parameters

key: string

Returns

Promise\<null | T>

Defined in

cache.ts:5

set()

set\<T>(key, value, ttlMs?): Promise\<void>

Type Parameters

T

Parameters

key: string

value: T

ttlMs?: number

Returns

Promise\<void>

Defined in

cache.ts:6

delete()

delete(key): Promise\<void>

Parameters

key: string

Returns

Promise\<void>

Defined in

cache.ts:7

deletePattern()

deletePattern(pattern): Promise\<void>

Parameters

pattern: string

Returns

Promise\<void>

Defined in

cache.ts:8

clear()

clear(): Promise\<void>

Returns

Promise\<void>

Defined in

cache.ts:9


CacheStrategy

Cache strategy configuration

Properties

staleWhileRevalidate?

optional staleWhileRevalidate: boolean

Defined in

cache.ts:16

maxAge?

optional maxAge: number

Defined in

cache.ts:17


CacheConfig

Cache configuration for data layer

Properties

l1?

optional l1: object

maxEntries?

optional maxEntries: number

Defined in

cache.ts:24

l2?

optional l2: CacheBackend

Defined in

cache.ts:25

strategy?

optional strategy: CacheStrategy

Defined in

cache.ts:26

ttls?

optional ttls: Record\<string, number>

Defined in

cache.ts:27


AppUsageStats

Daily API usage statistics per client app.

Properties

id

id: string

Defined in

developer.ts:9

clientId

clientId: string

Defined in

developer.ts:10

date

date: string

Defined in

developer.ts:11

apiCalls

apiCalls: number

Defined in

developer.ts:12

uniqueUsers

uniqueUsers: number

Defined in

developer.ts:13

errorCount

errorCount: number

Defined in

developer.ts:14


WebhookDelivery

Record of a webhook delivery attempt.

Properties

id

id: string

Defined in

developer.ts:21

webhookId

webhookId: string

Defined in

developer.ts:22

clientId

clientId: string

Defined in

developer.ts:23

eventType

eventType: string

Defined in

developer.ts:24

payload

payload: Record\<string, unknown>

Defined in

developer.ts:25

responseStatus?

optional responseStatus: number

Defined in

developer.ts:26

retryCount

retryCount: number

Defined in

developer.ts:27

deliveredAt?

optional deliveredAt: string

Defined in

developer.ts:28

createdAt

createdAt: string

Defined in

developer.ts:29


ExpenseSplit

A single participant's share of an expense

Properties

userId

userId: string

Defined in

expense.ts:18

amount

amount: number

Defined in

expense.ts:19

percentage?

optional percentage: number

Defined in

expense.ts:20


Expense

A shared expense record — universal across all CyberEco apps

Properties

id

id: string

Defined in

expense.ts:27

groupId

groupId: string

Defined in

expense.ts:28

description

description: string

Defined in

expense.ts:29

amount

amount: number

Defined in

expense.ts:30

currency

currency: string

Defined in

expense.ts:31

paidBy

paidBy: string

Defined in

expense.ts:32

splitType

splitType: SplitType

Defined in

expense.ts:33

splits

splits: ExpenseSplit[]

Defined in

expense.ts:34

date

date: string

Defined in

expense.ts:35

category?

optional category: string

Defined in

expense.ts:36

tags?

optional tags: string[]

Defined in

expense.ts:37

notes?

optional notes: string

Defined in

expense.ts:38

images?

optional images: string[]

Defined in

expense.ts:39

source?

optional source: string

Origin of this expense (e.g. "manual", "import", app name)

Defined in

expense.ts:41

transactionId?

optional transactionId: string

Optional bridge to shared Transaction record

Defined in

expense.ts:43

memberIds?

optional memberIds: string[]

Denormalized group member IDs for Firestore security rule checks. Copied from the parent ExpenseGroup.memberIds on creation. MUST be kept in sync when group membership changes.

Defined in

expense.ts:49

createdBy

createdBy: string

Defined in

expense.ts:50

createdAt

createdAt: string

Defined in

expense.ts:51

updatedAt?

optional updatedAt: string

Defined in

expense.ts:52


Settlement

A debt settlement between two users

Properties

id

id: string

Defined in

expense.ts:59

groupId

groupId: string

Defined in

expense.ts:60

fromUserId

fromUserId: string

Defined in

expense.ts:61

toUserId

toUserId: string

Defined in

expense.ts:62

amount

amount: number

Defined in

expense.ts:63

currency

currency: string

Defined in

expense.ts:64

date

date: string

Defined in

expense.ts:65

method?

optional method: string

Defined in

expense.ts:66

notes?

optional notes: string

Defined in

expense.ts:67

transactionId?

optional transactionId: string

Optional bridge to shared Transaction record

Defined in

expense.ts:69

memberIds?

optional memberIds: string[]

Denormalized group member IDs for Firestore security rule checks. Copied from the parent ExpenseGroup.memberIds on creation. MUST be kept in sync when group membership changes.

Defined in

expense.ts:75

createdBy

createdBy: string

Defined in

expense.ts:76

createdAt

createdAt: string

Defined in

expense.ts:77


Balance

A derived balance between two users (computed, not stored)

Properties

fromUserId

fromUserId: string

Defined in

expense.ts:84

toUserId

toUserId: string

Defined in

expense.ts:85

amount

amount: number

Defined in

expense.ts:86


ExpenseGroupSettings

Configuration for an expense group

Properties

defaultSplitType

defaultSplitType: SplitType

Defined in

expense.ts:93

simplifyDebts

simplifyDebts: boolean

Defined in

expense.ts:94

maxMembers

maxMembers: number

Defined in

expense.ts:95


ExpenseGroupMember

A member of an expense group

Properties

userId

userId: string

Defined in

expense.ts:100

displayName

displayName: string

Defined in

expense.ts:101

role

role: AppRole

Defined in

expense.ts:102

joinedAt

joinedAt: string

Defined in

expense.ts:103

invitedBy?

optional invitedBy: string

Defined in

expense.ts:104


ExpenseGroup

A group for tracking shared expenses.

Does NOT extend SharedGroup because: - members[] use ExpenseGroupMember (has displayName, not in GroupMember) - settings use ExpenseGroupSettings (different structure from SharedGroup.settings) - expense-specific fields (currency, totalExpenses) make it domain-specific

Apps can bridge via SharedGroup.metadata.expenseGroupId reference.

Properties

id

id: string

Defined in

expense.ts:118

name

name: string

Defined in

expense.ts:119

description?

optional description: string

Defined in

expense.ts:120

type

type: "family" | "friends" | "community" | "organization" | "other"

Defined in

expense.ts:121

currency

currency: string

Defined in

expense.ts:122

members

members: ExpenseGroupMember[]

Defined in

expense.ts:123

settings

settings: ExpenseGroupSettings

Defined in

expense.ts:124

totalExpenses

totalExpenses: number

Defined in

expense.ts:125

memberIds

memberIds: string[]

Denormalized list of member user IDs for Firestore security rule checks. MUST be kept in sync with the members array. Derived: members.map(m => m.userId)

Defined in

expense.ts:131

adminIds

adminIds: string[]

Denormalized list of admin/owner user IDs for write permission checks. Derived: members.filter(m => hasMinimumRole(m.role, 'admin')).map(m => m.userId)

Defined in

expense.ts:136

createdBy

createdBy: string

Defined in

expense.ts:137

createdAt

createdAt: string

Defined in

expense.ts:138

updatedAt?

optional updatedAt: string

Defined in

expense.ts:139


ExpenseGroupExport

GDPR-compliant export payload for an expense group

Properties

group

group: ExpenseGroup

Defined in

expense.ts:146

expenses

expenses: Expense[]

Defined in

expense.ts:147

settlements

settlements: Settlement[]

Defined in

expense.ts:148

balances

balances: Balance[]

Defined in

expense.ts:149

exportedAt

exportedAt: string

Defined in

expense.ts:150

exportedBy

exportedBy: string

Defined in

expense.ts:151


FinancialProfile

Stored in financialProfiles collection. Doc ID = userId.

Properties

id

id: string

Defined in

financial-planning.ts:37

userId

userId: string

Defined in

financial-planning.ts:38

persona1

persona1: PersonaProfileData

Defined in

financial-planning.ts:39

persona2?

optional persona2: PersonaProfileData

Defined in

financial-planning.ts:40

rentaActual

rentaActual: number

Defined in

financial-planning.ts:41

fondoEmergencia

fondoEmergencia: number

Defined in

financial-planning.ts:42

ahorroLiquidoDisponible

ahorroLiquidoDisponible: number

Defined in

financial-planning.ts:43

gastosTemporales

gastosTemporales: TemporaryExpenseData[]

Defined in

financial-planning.ts:44

createdAt

createdAt: string

Defined in

financial-planning.ts:45

updatedAt?

optional updatedAt: string

Defined in

financial-planning.ts:46


PropertyRecord

Stored in propertyRecords collection.

Properties

id

id: string

Defined in

financial-planning.ts:51

userId

userId: string

Defined in

financial-planning.ts:52

nombre

nombre: string

Defined in

financial-planning.ts:53

tipo

tipo: string

Defined in

financial-planning.ts:54

uso

uso: string

Defined in

financial-planning.ts:55

valor

valor: number

Defined in

financial-planning.ts:56

ubicacion

ubicacion: LocationData

Defined in

financial-planning.ts:57

enganchePorcentaje?

optional enganchePorcentaje: number

Defined in

financial-planning.ts:58

tasaAnual?

optional tasaAnual: number

Defined in

financial-planning.ts:59

plazoAnios?

optional plazoAnios: number

Defined in

financial-planning.ts:60

ingresoRentaEstimado?

optional ingresoRentaEstimado: number

Defined in

financial-planning.ts:61

mantenimientoMensual?

optional mantenimientoMensual: number

Defined in

financial-planning.ts:62

createdAt

createdAt: string

Defined in

financial-planning.ts:63

updatedAt?

optional updatedAt: string

Defined in

financial-planning.ts:64


ScenarioRecord

Stored in scenarios collection.

Properties

id

id: string

Defined in

financial-planning.ts:69

userId

userId: string

Defined in

financial-planning.ts:70

nombre

nombre: string

Defined in

financial-planning.ts:71

descripcion

descripcion: string

Defined in

financial-planning.ts:72

propiedades

propiedades: string[]

Defined in

financial-planning.ts:73

horizonte

horizonte: number

Defined in

financial-planning.ts:74

tasaInflacion

tasaInflacion: number

Defined in

financial-planning.ts:75

rendimientoInversiones

rendimientoInversiones: number

Defined in

financial-planning.ts:76

createdAt

createdAt: string

Defined in

financial-planning.ts:77

updatedAt?

optional updatedAt: string

Defined in

financial-planning.ts:78


CreditCardRecord

Stored in creditCards collection.

Properties

id

id: string

Defined in

financial-planning.ts:83

userId

userId: string

Defined in

financial-planning.ts:84

nombre

nombre: string

Defined in

financial-planning.ts:85

banco

banco: string

Defined in

financial-planning.ts:86

anualidad

anualidad: number

Defined in

financial-planning.ts:87

tasas

tasas: Record\<string, number>

Defined in

financial-planning.ts:88

topeMensual?

optional topeMensual: number

Defined in

financial-planning.ts:89

topeAnual?

optional topeAnual: number

Defined in

financial-planning.ts:90

createdAt

createdAt: string

Defined in

financial-planning.ts:91

updatedAt?

optional updatedAt: string

Defined in

financial-planning.ts:92


BankAccount

Bank account information for payments and settlements

Properties

id

id: string

Defined in

financial.ts:5

userId

userId: string

Defined in

financial.ts:6

nickname

nickname: string

Defined in

financial.ts:7

accountType

accountType: "checking" | "savings"

Defined in

financial.ts:8

lastFourDigits

lastFourDigits: string

Defined in

financial.ts:9

bankName?

optional bankName: string

Defined in

financial.ts:10

isDefault

isDefault: boolean

Defined in

financial.ts:11

createdAt

createdAt: string

Defined in

financial.ts:12

verifiedAt?

optional verifiedAt: string

Defined in

financial.ts:13


Transaction

Transaction record that can be used across financial apps

Properties

id

id: string

Defined in

financial.ts:20

userId

userId: string

Defined in

financial.ts:21

type

type: "expense" | "income" | "transfer" | "settlement"

Defined in

financial.ts:22

amount

amount: number

Defined in

financial.ts:23

currency

currency: string

Defined in

financial.ts:24

description

description: string

Defined in

financial.ts:25

date

date: string

Defined in

financial.ts:26

category?

optional category: string

Defined in

financial.ts:27

tags?

optional tags: string[]

Defined in

financial.ts:28

source?

optional source: string

Origin of this transaction (e.g. "manual", "import", app name)

Defined in

financial.ts:30

appId?

optional appId: string

Deprecated

Use source instead. App attribution violates Tenet #1.

Defined in

financial.ts:32

appSpecificId?

optional appSpecificId: string

Defined in

financial.ts:33

metadata?

optional metadata: Record\<string, unknown>

Defined in

financial.ts:34

createdAt

createdAt: string

Defined in

financial.ts:35

updatedAt?

optional updatedAt: string

Defined in

financial.ts:36


Budget

Budget that can be shared across financial apps

Properties

id

id: string

Defined in

financial.ts:43

userId

userId: string

Defined in

financial.ts:44

name

name: string

Defined in

financial.ts:45

amount

amount: number

Defined in

financial.ts:46

currency

currency: string

Defined in

financial.ts:47

period

period: "daily" | "weekly" | "monthly" | "yearly"

Defined in

financial.ts:48

categories?

optional categories: string[]

Defined in

financial.ts:49

startDate

startDate: string

Defined in

financial.ts:50

endDate?

optional endDate: string

Defined in

financial.ts:51

appIds?

optional appIds: string[]

Deprecated

Use categories instead. App attribution violates Tenet #1.

Defined in

financial.ts:53

createdAt

createdAt: string

Defined in

financial.ts:54

updatedAt?

optional updatedAt: string

Defined in

financial.ts:55


FinancialSummary

Aggregated financial summary across apps

Properties

userId

userId: string

Defined in

financial.ts:62

period

period: object

start

start: string

end

end: string

Defined in

financial.ts:63

totalIncome

totalIncome: number

Defined in

financial.ts:67

totalExpenses

totalExpenses: number

Defined in

financial.ts:68

netAmount

netAmount: number

Defined in

financial.ts:69

byCategory

byCategory: object[]

Defined in

financial.ts:70

bySource?

optional bySource: object[]

Defined in

financial.ts:75

byApp?

optional byApp: object[]

Deprecated

Use bySource instead. App-keyed axis violates Tenet #1.

Defined in

financial.ts:81

currency

currency: string

Defined in

financial.ts:86

lastUpdated

lastUpdated: string

Defined in

financial.ts:87


Friendship

Friendship connection between users Promoted from JustSplit to shared types for ecosystem-wide use

Properties

id

id: string

Defined in

friendship.ts:6

users

users: string[]

Defined in

friendship.ts:7

status

status: "pending" | "accepted" | "rejected"

Defined in

friendship.ts:8

requestedBy

requestedBy: string

Defined in

friendship.ts:9

createdAt

createdAt: string

Defined in

friendship.ts:10

updatedAt

updatedAt: string

Defined in

friendship.ts:11


GroupMember

Group member with 4-tier role hierarchy

Properties

userId

userId: string

Defined in

groups.ts:7

role

role: AppRole

Defined in

groups.ts:8

joinedAt

joinedAt: string

Defined in

groups.ts:9

invitedBy?

optional invitedBy: string

Defined in

groups.ts:10

permissions?

optional permissions: string[]

Defined in

groups.ts:11


SharedGroup

Generic group that can be used across apps

Properties

id

id: string

Defined in

groups.ts:18

name

name: string

Defined in

groups.ts:19

description?

optional description: string

Defined in

groups.ts:20

type

type: "family" | "friends" | "community" | "organization" | "other"

Defined in

groups.ts:21

createdBy

createdBy: string

User ID of the group creator

Defined in

groups.ts:23

members

members: GroupMember[]

Defined in

groups.ts:24

memberIds

memberIds: string[]

Denormalized member UIDs, required by the groups Firestore rules for read access checks. MUST be kept in sync with members. Derived: members.map(m => m.userId)

Defined in

groups.ts:30

adminIds

adminIds: string[]

Denormalized admin UIDs (owner + admins), required by the groups Firestore rules for write access checks. MUST be kept in sync with members. Derived: members.filter(m => hasMinimumRole(m.role, 'admin')).map(m => m.userId)

Defined in

groups.ts:36

settings

settings: object

isPrivate

isPrivate: boolean

requireApproval

requireApproval: boolean

allowInvites

allowInvites: boolean

Defined in

groups.ts:37

metadata?

optional metadata: Record\<string, unknown>

User-controlled metadata for this group

Defined in

groups.ts:43

appContexts?

optional appContexts: object

Index Signature

[appId: string]: object

Deprecated

Violates Tenet #1 (Digital Sovereignty). App-specific state should not be embedded in shared group documents. Apps that need group association should store a groupId reference in their own collection.

Defined in

groups.ts:49

createdAt

createdAt: string

Defined in

groups.ts:55

updatedAt?

optional updatedAt: string

Defined in

groups.ts:56


UserRelationship

Relationship between users for family trees, social graphs

Properties

id

id: string

Defined in

groups.ts:63

user1Id

user1Id: string

Defined in

groups.ts:64

user2Id

user2Id: string

Defined in

groups.ts:65

type

type: "family" | "other" | "friend" | "colleague" | "partner"

Defined in

groups.ts:66

subtype?

optional subtype: string

Defined in

groups.ts:67

startDate?

optional startDate: string

Defined in

groups.ts:68

endDate?

optional endDate: string

Defined in

groups.ts:69

isActive

isActive: boolean

Defined in

groups.ts:70

metadata?

optional metadata: Record\<string, any>

Defined in

groups.ts:71


Navigation link definition

Properties

href

href: string

Defined in

navigation.ts:5

label

label: string

Defined in

navigation.ts:6

external?

optional external: boolean

Defined in

navigation.ts:7


Navigation action button configuration

Properties

href?

optional href: string

Defined in

navigation.ts:14

label?

optional label: string

Defined in

navigation.ts:15

onClick()?

optional onClick: () => void

Returns

void

Defined in

navigation.ts:16

element?

optional element: unknown

Defined in

navigation.ts:17

className?

optional className: string

Defined in

navigation.ts:18

icon?

optional icon: unknown

Defined in

navigation.ts:19

external?

optional external: boolean

Defined in

navigation.ts:20


Navigation component props

Properties

links: NavigationLink[]

Defined in

navigation.ts:27

actionButton?

optional actionButton: NavigationActionButton

Defined in

navigation.ts:28

showConfig?

optional showConfig: boolean

Defined in

navigation.ts:29

mobileMenuStorageKey?

optional mobileMenuStorageKey: string

Defined in

navigation.ts:30

className?

optional className: string

Defined in

navigation.ts:31

LinkComponent?

optional LinkComponent: any

Defined in

navigation.ts:32

usePathname()?

optional usePathname: () => string

Returns

string

Defined in

navigation.ts:33


Notification

Cross-app notification

Properties

id

id: string

Defined in

notifications.ts:5

userId

userId: string

Defined in

notifications.ts:6

type

type: "info" | "success" | "warning" | "error"

Defined in

notifications.ts:7

title

title: string

Defined in

notifications.ts:8

message

message: string

Defined in

notifications.ts:9

appId

appId: string

Defined in

notifications.ts:10

actionUrl?

optional actionUrl: string

Defined in

notifications.ts:11

actionLabel?

optional actionLabel: string

Defined in

notifications.ts:12

read

read: boolean

Defined in

notifications.ts:13

createdAt

createdAt: string

Defined in

notifications.ts:14

expiresAt?

optional expiresAt: string

Defined in

notifications.ts:15


OAuthApp

Registered OAuth application.

Developers register apps via the Developer Portal (/developer). The clientSecret is shown once at registration; only the SHA-256 hash (clientSecretHash) is stored.

Properties

id

id: string

Defined in

oauth.ts:30

clientId

clientId: string

Defined in

oauth.ts:31

clientSecretHash

clientSecretHash: string

Defined in

oauth.ts:32

developerId

developerId: string

Defined in

oauth.ts:33

name

name: string

Defined in

oauth.ts:34

description

description: string

Defined in

oauth.ts:35

redirectUris

redirectUris: string[]

Defined in

oauth.ts:36

requestedScopes

requestedScopes: OAuthScope[]

Defined in

oauth.ts:37

approvedScopes

approvedScopes: OAuthScope[]

Defined in

oauth.ts:38

status

status: OAuthAppStatus

Defined in

oauth.ts:39

iconUrl?

optional iconUrl: string

Defined in

oauth.ts:40

homepageUrl?

optional homepageUrl: string

Defined in

oauth.ts:41

createdAt

createdAt: string

Defined in

oauth.ts:42

updatedAt

updatedAt: string

Defined in

oauth.ts:43


OAuthAuthorizationCode

OAuth authorization code (Phase 2).

Short-lived code (10 min) exchanged for access + refresh tokens via the Authorization Code flow with PKCE. PKCE is required: codeChallenge and codeChallengeMethod are mandatory.

Properties

id

id: string

Defined in

oauth.ts:54

code

code: string

Opaque code string returned to the client

Defined in

oauth.ts:56

clientId

clientId: string

Defined in

oauth.ts:57

userId

userId: string

Defined in

oauth.ts:58

scopes

scopes: OAuthScope[]

Defined in

oauth.ts:59

codeChallenge

codeChallenge: string

SHA-256 hash of the PKCE code verifier (required)

Defined in

oauth.ts:61

codeChallengeMethod

codeChallengeMethod: "S256"

Always S256 — plain method is not supported

Defined in

oauth.ts:63

redirectUri

redirectUri: string

Defined in

oauth.ts:64

state?

optional state: string

Client-provided state for CSRF protection

Defined in

oauth.ts:66

expiresAt

expiresAt: string

Defined in

oauth.ts:67

used

used: boolean

Defined in

oauth.ts:68

createdAt

createdAt: string

Defined in

oauth.ts:69


OAuthToken

OAuth token record.

Tokens are stored as SHA-256 hashes; the plaintext is only returned to the client at issuance time.

Refresh tokens use familyId to support token rotation: when a refresh token is used, the old one is revoked and a new one is issued with the same familyId. If a revoked refresh token is reused (replay attack), ALL tokens in the family are revoked.

Properties

id

id: string

Defined in

oauth.ts:87

tokenHash

tokenHash: string

SHA-256 hash of the token value

Defined in

oauth.ts:89

type

type: OAuthTokenType

Defined in

oauth.ts:90

clientId

clientId: string

Defined in

oauth.ts:91

userId

userId: string

Defined in

oauth.ts:92

scopes

scopes: OAuthScope[]

Defined in

oauth.ts:93

expiresAt

expiresAt: string

Defined in

oauth.ts:94

revoked

revoked: boolean

Defined in

oauth.ts:95

revokedAt?

optional revokedAt: string

ISO timestamp when the token was revoked (null if active)

Defined in

oauth.ts:97

familyId?

optional familyId: string

Token family ID for refresh token rotation tracking

Defined in

oauth.ts:99

createdAt

createdAt: string

Defined in

oauth.ts:100


OAuthConsent

User consent record for an OAuth app.

Consent records are immutable (GDPR) — revokedAt is set but the document is never deleted.

Properties

id

id: string

Defined in

oauth.ts:110

userId

userId: string

Defined in

oauth.ts:111

clientId

clientId: string

Defined in

oauth.ts:112

appName

appName: string

Defined in

oauth.ts:113

scopes

scopes: OAuthScope[]

Defined in

oauth.ts:114

grantedAt

grantedAt: string

Defined in

oauth.ts:115

revokedAt?

optional revokedAt: string

Defined in

oauth.ts:116

lastUsedAt?

optional lastUsedAt: string

Defined in

oauth.ts:117


JwksKey

JSON Web Key for OIDC discovery. Phase 2 uses HMAC-SHA256 (symmetric); Phase 3 migrates to RS256 (asymmetric).

Properties

kid

kid: string

Defined in

oauth.ts:125

kty

kty: string

Defined in

oauth.ts:126

alg

alg: string

Defined in

oauth.ts:127

use

use: "sig"

Defined in

oauth.ts:128

n?

optional n: string

RSA public key modulus (only for RS256)

Defined in

oauth.ts:130

e?

optional e: string

RSA public key exponent (only for RS256)

Defined in

oauth.ts:132


TokenIntrospectionResponse

Response from the token introspection endpoint (RFC 7662).

Properties

active

active: boolean

Whether the token is currently active

Defined in

oauth.ts:140

scope?

optional scope: string

The scopes associated with the token

Defined in

oauth.ts:142

client_id?

optional client_id: string

Client ID the token was issued for

Defined in

oauth.ts:144

sub?

optional sub: string

User ID the token was issued for

Defined in

oauth.ts:146

token_type?

optional token_type: string

Token type: access or refresh

Defined in

oauth.ts:148

exp?

optional exp: number

Expiration time (unix timestamp)

Defined in

oauth.ts:150

iat?

optional iat: number

Issued at time (unix timestamp)

Defined in

oauth.ts:152


OAuthTokenPair

Token pair returned from token exchange and refresh operations.

Properties

access_token

access_token: string

Defined in

oauth.ts:159

token_type

token_type: "Bearer"

Defined in

oauth.ts:160

expires_in

expires_in: number

Defined in

oauth.ts:161

refresh_token

refresh_token: string

Defined in

oauth.ts:162

scope

scope: string

Defined in

oauth.ts:163


PermissionCondition

Conditional access constraints evaluated at permission check time

Properties

type

type: "time" | "ip" | "mfa" | "custom"

Defined in

permissions.ts:27

config

config: Record\<string, unknown>

Defined in

permissions.ts:28


AppPermission

Enhanced app permission with audit trail and conditions

Properties

appId

appId: string

Defined in

permissions.ts:35

roles

roles: AppRole[]

Defined in

permissions.ts:36

features

features: string[]

Defined in

permissions.ts:37

grantedAt

grantedAt: string

Defined in

permissions.ts:38

grantedBy

grantedBy: string

Defined in

permissions.ts:39

conditions?

optional conditions: PermissionCondition[]

Defined in

permissions.ts:40


ResourcePermission

Resource-level permission for fine-grained access control

Properties

id

id: string

Defined in

permissions.ts:47

resourceType

resourceType: string

Defined in

permissions.ts:48

resourceId

resourceId: string

Defined in

permissions.ts:49

userId

userId: string

Defined in

permissions.ts:50

permissions

permissions: string[]

Defined in

permissions.ts:51

grantedBy

grantedBy: string

Defined in

permissions.ts:52

grantedAt

grantedAt: string

Defined in

permissions.ts:53

expiresAt?

optional expiresAt: string

Defined in

permissions.ts:54


PrivacySettings

Privacy settings for a user's data controls

Properties

id

id: string

Defined in

privacy.ts:5

userId

userId: string

Defined in

privacy.ts:6

dataRetentionDays

dataRetentionDays: number

Defined in

privacy.ts:7

analyticsOptIn

analyticsOptIn: boolean

Defined in

privacy.ts:8

thirdPartySharing

thirdPartySharing: boolean

Defined in

privacy.ts:9

profileVisibility

profileVisibility: "friends" | "public" | "private"

Defined in

privacy.ts:10

updatedAt

updatedAt: string

Defined in

privacy.ts:11


ConsentRecord

GDPR consent record tracking user agreements

Properties

id

id: string

Defined in

privacy.ts:18

userId

userId: string

Defined in

privacy.ts:19

consentType

consentType: "terms" | "privacy" | "cookies" | "marketing" | "data-processing"

Defined in

privacy.ts:20

version

version: string

Defined in

privacy.ts:21

granted

granted: boolean

Defined in

privacy.ts:22

grantedAt

grantedAt: string

Defined in

privacy.ts:23

revokedAt?

optional revokedAt: string

Defined in

privacy.ts:24

ipAddress?

optional ipAddress: string

Defined in

privacy.ts:25


QueryFilter

Query filter for database operations

Properties

field

field: string

Defined in

query.ts:10

operator

operator: QueryOperator

Defined in

query.ts:11

value

value: unknown

Defined in

query.ts:12


QuerySort

Sort configuration for queries

Properties

field

field: string

Defined in

query.ts:19

direction

direction: "asc" | "desc"

Defined in

query.ts:20


QueryOptions

Query options for pagination and sorting

Properties

sort?

optional sort: QuerySort[]

Defined in

query.ts:27

limit?

optional limit: number

Defined in

query.ts:28

offset?

optional offset: number

Defined in

query.ts:29

cursor?

optional cursor: string

Defined in

query.ts:30


PaginatedResult\<T>

Paginated result set

Type Parameters

T

Properties

data

data: T[]

Defined in

query.ts:37

total?

optional total: number

Defined in

query.ts:38

hasMore

hasMore: boolean

Defined in

query.ts:39

cursor?

optional cursor: string

Defined in

query.ts:40


TwoFactorConfig

Two-factor authentication configuration (stored server-side). secret and backupCodes are secrets — never expose them to the client.

Properties

userId

userId: string

Defined in

security.ts:6

enabled

enabled: boolean

Defined in

security.ts:7

method

method: "totp" | "sms" | "email"

Defined in

security.ts:8

secret?

optional secret: string

TOTP shared secret (base32). Server-only — never returned to the client.

Defined in

security.ts:10

verifiedAt?

optional verifiedAt: string

Defined in

security.ts:11

backupCodes?

optional backupCodes: string[]

Hashed, single-use recovery codes. Server-only.

Defined in

security.ts:13

updatedAt?

optional updatedAt: string

Defined in

security.ts:14


MfaSetup

One-time result of starting MFA enrollment (shown to the user once).

Properties

secret

secret: string

Base32 secret for manual entry into an authenticator app.

Defined in

security.ts:20

otpauthUri

otpauthUri: string

otpauth:// URI to render as a QR code.

Defined in

security.ts:22

backupCodes

backupCodes: string[]

Plaintext backup codes — shown once, then only their hashes are stored.

Defined in

security.ts:24


MfaStatus

Client-safe MFA status (no secrets).

Properties

enabled

enabled: boolean

Defined in

security.ts:29

method

method: "totp" | "sms" | "email"

Defined in

security.ts:30

verifiedAt?

optional verifiedAt: string

Defined in

security.ts:31

backupCodesRemaining

backupCodesRemaining: number

Defined in

security.ts:32


MfaProvider

Backend-agnostic multi-factor / one-time-password contract. Optional on the AuthAdapter: a backend that offers native MFA (Supabase, Firebase Identity Platform) implements it; the app-layer TOTP MfaService provides the same capability over any backend via the data layer.

Methods

setupTotp()

setupTotp(userId, accountLabel): Promise\<MfaSetup>

Begin TOTP enrollment: returns secret + otpauth URI + backup codes.

Parameters

userId: string

accountLabel: string

Returns

Promise\<MfaSetup>

Defined in

security.ts:43

verifyAndEnable()

verifyAndEnable(userId, code): Promise\<boolean>

Verify a code and enable MFA for the user.

Parameters

userId: string

code: string

Returns

Promise\<boolean>

Defined in

security.ts:45

verify()

verify(userId, code): Promise\<boolean>

Verify a TOTP code or consume a backup code (used at the login challenge).

Parameters

userId: string

code: string

Returns

Promise\<boolean>

Defined in

security.ts:47

disable()

disable(userId): Promise\<void>

Disable MFA and clear the stored secret/backup codes.

Parameters

userId: string

Returns

Promise\<void>

Defined in

security.ts:49

getStatus()

getStatus(userId): Promise\<MfaStatus>

Client-safe status.

Parameters

userId: string

Returns

Promise\<MfaStatus>

Defined in

security.ts:51

regenerateBackupCodes()

regenerateBackupCodes(userId): Promise\<string[]>

Regenerate backup codes; returns the new plaintext codes once.

Parameters

userId: string

Returns

Promise\<string[]>

Defined in

security.ts:53


SecurityEvent

Security event for monitoring account activity

Properties

id

id: string

Defined in

security.ts:60

userId

userId: string

Defined in

security.ts:61

eventType

eventType: "login" | "logout" | "password_change" | "mfa_enabled" | "mfa_disabled" | "suspicious_activity"

Defined in

security.ts:62

ipAddress?

optional ipAddress: string

Defined in

security.ts:63

deviceInfo?

optional deviceInfo: string

Defined in

security.ts:64

timestamp

timestamp: string

Defined in

security.ts:65

metadata?

optional metadata: Record\<string, unknown>

Defined in

security.ts:66


PermissionChecker()

Permission checker function type

PermissionChecker(userId, collection, action, documentId?): Promise\<boolean>

Permission checker function type

Parameters

userId: string

collection: string

action: "delete" | "read" | "write"

documentId?: string

Returns

Promise\<boolean>

Defined in

service.ts:9


DataLayerConfig

Data layer configuration

Properties

adapter

adapter: StorageAdapter

Defined in

service.ts:16

cache?

optional cache: CacheConfig

Defined in

service.ts:17

sync?

optional sync: object

enabled

enabled: boolean

Defined in

service.ts:18

webhooks?

optional webhooks: object

enabled

enabled: boolean

Defined in

service.ts:19

permissions?

optional permissions: object

enabled

enabled: boolean

Defined in

service.ts:20


IDataLayerService

Main data layer service interface

Methods

get()

get\<T>(userId, collection, id): Promise\<null | T>

Type Parameters

T

Parameters

userId: string

collection: string

id: string

Returns

Promise\<null | T>

Defined in

service.ts:27

create()

create\<T>(userId, collection, data): Promise\<string>

Type Parameters

T extends Record\<string, unknown>

Parameters

userId: string

collection: string

data: T

Returns

Promise\<string>

Defined in

service.ts:28

update()

update(userId, collection, id, data): Promise\<void>

Parameters

userId: string

collection: string

id: string

data: Record\<string, unknown>

Returns

Promise\<void>

Defined in

service.ts:29

delete()

delete(userId, collection, id): Promise\<void>

Parameters

userId: string

collection: string

id: string

Returns

Promise\<void>

Defined in

service.ts:30

query()

query\<T>(userId, collection, filters, options?): Promise\<PaginatedResult\<T>>

Type Parameters

T

Parameters

userId: string

collection: string

filters: QueryFilter[]

options?: QueryOptions

Returns

Promise\<PaginatedResult\<T>>

Defined in

service.ts:31

subscribe()

subscribe\<T>(userId, collection, id, callback): Unsubscribe

Type Parameters

T

Parameters

userId: string

collection: string

id: string

callback

Returns

Unsubscribe

Defined in

service.ts:32

batchWrite()

batchWrite(userId, operations): Promise\<void>

Parameters

userId: string

operations: object[]

Returns

Promise\<void>

Defined in

service.ts:33

setPermissionChecker()

setPermissionChecker(checker): void

Parameters

checker: PermissionChecker

Returns

void

Defined in

service.ts:34


UserSession

Active user session tracking

Properties

id

id: string

Defined in

session.ts:5

userId

userId: string

Defined in

session.ts:6

deviceInfo

deviceInfo: object

type

type: "mobile" | "tablet" | "desktop"

os?

optional os: string

browser?

optional browser: string

Defined in

session.ts:7

ipAddress?

optional ipAddress: string

Defined in

session.ts:12

startedAt

startedAt: string

Defined in

session.ts:13

lastActiveAt

lastActiveAt: string

Defined in

session.ts:14

expiresAt

expiresAt: string

Defined in

session.ts:15

isActive

isActive: boolean

Defined in

session.ts:16


WriteOptions

Options for write operations

Properties

merge?

optional merge: boolean

Defined in

storage-adapter.ts:12


WriteResult

Result of a write operation

Properties

id

id: string

Defined in

storage-adapter.ts:19

success

success: boolean

Defined in

storage-adapter.ts:20


BatchOperation

Batch operation definition

Properties

type

type: "set" | "update" | "delete"

Defined in

storage-adapter.ts:27

collection

collection: string

Defined in

storage-adapter.ts:28

id

id: string

Defined in

storage-adapter.ts:29

data?

optional data: Record\<string, unknown>

Defined in

storage-adapter.ts:30

options?

optional options: WriteOptions

Defined in

storage-adapter.ts:31


BatchResult

Result of a batch operation

Properties

success

success: boolean

Defined in

storage-adapter.ts:38

count

count: number

Defined in

storage-adapter.ts:39

errors?

optional errors: object[]

Defined in

storage-adapter.ts:40


StorageAdapter

Core storage adapter interface for database abstraction

Methods

getDocument()

getDocument\<T>(collection, id): Promise\<null | T>

Type Parameters

T

Parameters

collection: string

id: string

Returns

Promise\<null | T>

Defined in

storage-adapter.ts:47

setDocument()

setDocument\<T>(collection, id, data, options?): Promise\<WriteResult>

Type Parameters

T

Parameters

collection: string

id: string

data: T

options?: WriteOptions

Returns

Promise\<WriteResult>

Defined in

storage-adapter.ts:48

updateDocument()

updateDocument(collection, id, data): Promise\<WriteResult>

Parameters

collection: string

id: string

data: Record\<string, unknown>

Returns

Promise\<WriteResult>

Defined in

storage-adapter.ts:49

deleteDocument()

deleteDocument(collection, id): Promise\<WriteResult>

Parameters

collection: string

id: string

Returns

Promise\<WriteResult>

Defined in

storage-adapter.ts:50

query()

query\<T>(collection, filters, options?): Promise\<PaginatedResult\<T>>

Type Parameters

T

Parameters

collection: string

filters: QueryFilter[]

options?: QueryOptions

Returns

Promise\<PaginatedResult\<T>>

Defined in

storage-adapter.ts:51

batchWrite()

batchWrite(operations): Promise\<BatchResult>

Parameters

operations: BatchOperation[]

Returns

Promise\<BatchResult>

Defined in

storage-adapter.ts:52

subscribe()

subscribe\<T>(collection, id, callback): Unsubscribe

Type Parameters

T

Parameters

collection: string

id: string

callback

Returns

Unsubscribe

Defined in

storage-adapter.ts:53

subscribeToQuery()

subscribeToQuery\<T>(collection, filters, callback): Unsubscribe

Type Parameters

T

Parameters

collection: string

filters: QueryFilter[]

callback

Returns

Unsubscribe

Defined in

storage-adapter.ts:54

serverTimestamp()

serverTimestamp(): unknown

Returns

unknown

Defined in

storage-adapter.ts:55

generateId()

generateId(collection): string

Parameters

collection: string

Returns

string

Defined in

storage-adapter.ts:56


SyncEvent

Sync event for real-time data updates

Properties

type

type: SyncEventType

Defined in

sync.ts:15

collection

collection: string

Defined in

sync.ts:16

documentId

documentId: string

Defined in

sync.ts:17

data?

optional data: unknown

Defined in

sync.ts:18

timestamp

timestamp: string

Defined in

sync.ts:19

source?

optional source: string

Defined in

sync.ts:20


SyncConflict

Sync conflict representation

Properties

collection

collection: string

Defined in

sync.ts:27

documentId

documentId: string

Defined in

sync.ts:28

localData

localData: unknown

Defined in

sync.ts:29

remoteData

remoteData: unknown

Defined in

sync.ts:30

timestamp

timestamp: string

Defined in

sync.ts:31


DataSyncStatus

Data sync status tracking

Properties

userId

userId: string

Defined in

sync.ts:38

appId

appId: string

Defined in

sync.ts:39

lastSyncAt

lastSyncAt: string

Defined in

sync.ts:40

syncStatus

syncStatus: "pending" | "error" | "synced"

Defined in

sync.ts:41

pendingChanges

pendingChanges: number

Defined in

sync.ts:42

errorMessage?

optional errorMessage: string

Defined in

sync.ts:43


UserPreferences

Extended user preferences stored in the userPreferences collection.

This is the source of truth for user settings. The embedded users.preferences field is a denormalized subset (theme, language, notifications) kept for fast reads on the user document. When updating preferences, write to this collection first and then sync the subset back to the user document.

Properties

userId

userId: string

Defined in

user-preferences.ts:11

theme

theme: "light" | "dark" | "system"

Defined in

user-preferences.ts:12

language

language: string

Defined in

user-preferences.ts:13

notifications

notifications: boolean

Defined in

user-preferences.ts:14

emailDigest

emailDigest: "daily" | "weekly" | "never"

Defined in

user-preferences.ts:15

privacyLevel

privacyLevel: "friends" | "public" | "private"

Defined in

user-preferences.ts:16

updatedAt

updatedAt: string

Defined in

user-preferences.ts:17


BaseUser

Base user interface that apps can extend

Extended by

Properties

id

id: string

Defined in

user.ts:7

name

name: string

Defined in

user.ts:8

email?

optional email: string

Defined in

user.ts:9

avatarUrl?

optional avatarUrl: string

Defined in

user.ts:10

createdAt?

optional createdAt: string

Defined in

user.ts:11

updatedAt?

optional updatedAt: string

Defined in

user.ts:12


User

Unified CyberEco user profile — the canonical user record for the ecosystem.

Merges the former HubUser (app access, admin flags) with the former SharedUserProfile (demographics, social profiles, per-app data) into a single source of truth stored in the users collection.

Extends

Properties

id

id: string

Inherited from

BaseUser.id

Defined in

user.ts:7

name

name: string

Inherited from

BaseUser.name

Defined in

user.ts:8

email?

optional email: string

Inherited from

BaseUser.email

Defined in

user.ts:9

avatarUrl?

optional avatarUrl: string

Inherited from

BaseUser.avatarUrl

Defined in

user.ts:10

createdAt?

optional createdAt: string

Inherited from

BaseUser.createdAt

Defined in

user.ts:11

updatedAt?

optional updatedAt: string

Inherited from

BaseUser.updatedAt

Defined in

user.ts:12

apps

apps: string[]

IDs of apps this user has access to

Defined in

user.ts:25

permissions

permissions: AppPermission[]

App-level permission grants

Defined in

user.ts:27

lastLoginAt?

optional lastLoginAt: string

Last successful login timestamp (ISO 8601)

Defined in

user.ts:29

isAdmin?

optional isAdmin: boolean

Platform-level admin flag

Defined in

user.ts:31

phoneNumber?

optional phoneNumber: string

Defined in

user.ts:34

dateOfBirth?

optional dateOfBirth: string

Defined in

user.ts:35

nationality?

optional nationality: string

Defined in

user.ts:36

languages

languages: string[]

Defined in

user.ts:37

location?

optional location: object

city?

optional city: string

state?

optional state: string

country?

optional country: string

timezone?

optional timezone: string

Defined in

user.ts:39

preferences

preferences: object

Unified user preferences (richer version with nested notifications)

theme

theme: "light" | "dark" | "system"

language

language: string

currency

currency: string

dateFormat

dateFormat: string

timeFormat

timeFormat: "12h" | "24h"

notifications

notifications: object

notifications.email

email: boolean

notifications.push

push: boolean

notifications.sms

sms: boolean

Defined in

user.ts:47

socialProfiles?

optional socialProfiles: object

Index Signature

[key: string]: string | undefined

linkedin?

optional linkedin: string

twitter?

optional twitter: string

github?

optional github: string

Defined in

user.ts:60

appData?

optional appData: object

Index Signature

[appId: string]: object

Deprecated

Violates Tenet #1 (Digital Sovereignty). App state should not be embedded in the user's canonical record. Use the apps field for connected app IDs. Apps that need per-user state should store it in their own collection with a userId reference.

Defined in

user.ts:73


WebhookEvent

Webhook event payload

Properties

type

type: string

Defined in

webhook.ts:5

payload

payload: unknown

Defined in

webhook.ts:6

timestamp

timestamp: string

Defined in

webhook.ts:7

source

source: string

Defined in

webhook.ts:8


WebhookRegistration

Webhook registration configuration

Properties

id

id: string

Defined in

webhook.ts:15

url

url: string

Defined in

webhook.ts:16

events

events: string[]

Defined in

webhook.ts:17

secret?

optional secret: string

Defined in

webhook.ts:18

active

active: boolean

Defined in

webhook.ts:19

clientId?

optional clientId: string

OAuth client that owns this webhook

Defined in

webhook.ts:21

developerId?

optional developerId: string

Developer who registered this webhook

Defined in

webhook.ts:23

secretHash?

optional secretHash: string

SHA-256 hash of the webhook signing secret

Defined in

webhook.ts:25

failureCount?

optional failureCount: number

Consecutive delivery failure count

Defined in

webhook.ts:27

createdAt

createdAt: string

Defined in

webhook.ts:28

updatedAt?

optional updatedAt: string

Defined in

webhook.ts:29

Type Aliases

AuthProviderName

AuthProviderName: "google" | "facebook" | "twitter"

Social sign-in providers supported across backends.

Defined in

auth-adapter.ts:17


AuthPersistence

AuthPersistence: "local" | "session"

Where the session is persisted after sign-in.

Defined in

auth-adapter.ts:20


BreakpointKey

BreakpointKey: keyof typeof BREAKPOINTS

Defined in

constants/breakpoints.ts:28


BreakpointValue

BreakpointValue: typeof BREAKPOINTS[BreakpointKey]

Defined in

constants/breakpoints.ts:29


SplitType

SplitType: "equal" | "percentage" | "exact"

How an expense is divided among participants

Defined in

expense.ts:14


OAuthScope

OAuthScope: "profile:read" | "profile:write" | "groups:read" | "groups:write" | "expenses:read" | "expenses:write" | "notifications:read" | "notifications:write"

Resource scopes for API access control

Defined in

oauth.ts:9


OAuthAppStatus

OAuthAppStatus: "pending" | "active" | "suspended" | "deleted"

Status lifecycle for registered OAuth apps

Defined in

oauth.ts:20


OAuthTokenType

OAuthTokenType: "access" | "refresh"

Token type discriminator

Defined in

oauth.ts:73


AppRole

AppRole: "owner" | "admin" | "moderator" | "member"

4-tier role hierarchy for group and app permissions

Defined in

permissions.ts:4


QueryOperator

QueryOperator: "==" | "!=" | "<" | "<=" | ">" | ">=" | "in" | "array-contains" | "array-contains-any"

Query operator types

Defined in

query.ts:4


Unsubscribe()

Unsubscribe: () => void

Unsubscribe function for real-time listeners

Returns

void

Defined in

storage-adapter.ts:6


SyncEventType

SyncEventType: "created" | "updated" | "deleted"

Sync event types

Defined in

sync.ts:4


ConflictResolution

ConflictResolution: "remote-wins" | "local-wins" | "merge" | "manual"

Conflict resolution strategies

Defined in

sync.ts:9


HubUser

HubUser: User

Deprecated

Use User instead

Defined in

user.ts:83


SharedUserProfile

SharedUserProfile: User

Deprecated

Use User instead

Defined in

user.ts:86

Variables

DEFAULT_CACHE_TTLS

const DEFAULT_CACHE_TTLS: Record\<string, number>

Default cache TTLs by collection type (in milliseconds)

Defined in

cache.ts:33


BREAKPOINTS

const BREAKPOINTS: object

Shared breakpoint constants for consistent responsive design across the platform

Type declaration

mobileSmall

readonly mobileSmall: 360 = 360

mobile

readonly mobile: 480 = 480

mobileLarge

readonly mobileLarge: 640 = 640

tablet

readonly tablet: 768 = 768

tabletLarge

readonly tabletLarge: 900 = 900

desktop

readonly desktop: 1024 = 1024

desktopMedium

readonly desktopMedium: 1200 = 1200

desktopLarge

readonly desktopLarge: 1360 = 1360

desktopXL

readonly desktopXL: 1440 = 1440

ultraWide

readonly ultraWide: 1920 = 1920

readonly navigationMobile: 820 = 820

containerMax

readonly containerMax: 1200 = 1200

Defined in

constants/breakpoints.ts:5


mediaQuery

const mediaQuery: object

Type declaration

up()

up: (breakpoint) => string

Parameters

breakpoint: "mobileSmall" | "mobile" | "mobileLarge" | "tablet" | "tabletLarge" | "desktop" | "desktopMedium" | "desktopLarge" | "desktopXL" | "ultraWide" | "navigationMobile" | "containerMax"

Returns

string

down()

down: (breakpoint) => string

Parameters

breakpoint: "mobileSmall" | "mobile" | "mobileLarge" | "tablet" | "tabletLarge" | "desktop" | "desktopMedium" | "desktopLarge" | "desktopXL" | "ultraWide" | "navigationMobile" | "containerMax"

Returns

string

between()

between: (min, max) => string

Parameters

min: "mobileSmall" | "mobile" | "mobileLarge" | "tablet" | "tabletLarge" | "desktop" | "desktopMedium" | "desktopLarge" | "desktopXL" | "ultraWide" | "navigationMobile" | "containerMax"

max: "mobileSmall" | "mobile" | "mobileLarge" | "tablet" | "tabletLarge" | "desktop" | "desktopMedium" | "desktopLarge" | "desktopXL" | "ultraWide" | "navigationMobile" | "containerMax"

Returns

string

only()

only: (breakpoint) => string

Parameters

breakpoint: "mobileSmall" | "mobile" | "mobileLarge" | "tablet" | "tabletLarge" | "desktop" | "desktopMedium" | "desktopLarge" | "desktopXL" | "ultraWide" | "navigationMobile" | "containerMax"

Returns

string

Defined in

constants/breakpoints.ts:32


breakpointCssVars

const breakpointCssVars: Record\<string, string>

Defined in

constants/breakpoints.ts:56


COLLECTIONS

const COLLECTIONS: object

Firestore collection names used across the CyberEco ecosystem.

Organized by domain: core platform, permissions, privacy/security, billing, financial, expenses, sync/webhooks. All collections are universal — data belongs to users, not apps (Tenet #1: Digital Sovereignty).

Type declaration

USERS

readonly USERS: "users" = 'users'

User profiles (stores User docs)

TRANSACTIONS

readonly TRANSACTIONS: "transactions" = 'transactions'

Cross-app financial transactions (stores Transaction docs)

GROUPS

readonly GROUPS: "groups" = 'groups'

Shared groups across apps (stores SharedGroup docs)

NOTIFICATIONS

readonly NOTIFICATIONS: "notifications" = 'notifications'

User notifications (stores Notification docs)

ACTIVITIES

readonly ACTIVITIES: "activities" = 'activities'

User activity feed (stores SharedActivity docs)

APPS

readonly APPS: "apps" = 'apps'

Registered CyberEco applications (stores App docs)

FRIENDSHIPS

readonly FRIENDSHIPS: "friendships" = 'friendships'

Social connections between users (stores Friendship docs)

USER_PREFERENCES

readonly USER_PREFERENCES: "userPreferences" = 'userPreferences'

User display/locale preferences (stores UserPreferences docs)

APP_PERMISSIONS

readonly APP_PERMISSIONS: "appPermissions" = 'appPermissions'

App-level role grants per user (stores AppPermission docs)

RESOURCE_PERMISSIONS

readonly RESOURCE_PERMISSIONS: "resourcePermissions" = 'resourcePermissions'

Fine-grained resource access control (stores ResourcePermission docs)

PERMISSION_LOGS

readonly PERMISSION_LOGS: "permissionLogs" = 'permissionLogs'

Audit trail for permission changes

PRIVACY_SETTINGS

readonly PRIVACY_SETTINGS: "privacySettings" = 'privacySettings'

User privacy controls (stores PrivacySettings docs)

readonly CONSENT_RECORDS: "consentRecords" = 'consentRecords'

GDPR consent records (stores ConsentRecord docs)

SESSIONS

readonly SESSIONS: "sessions" = 'sessions'

Active user sessions (stores UserSession docs)

AUDIT_LOGS

readonly AUDIT_LOGS: "auditLogs" = 'auditLogs'

Action audit trail (stores AuditLogEntry docs)

SECURITY_EVENTS

readonly SECURITY_EVENTS: "securityEvents" = 'securityEvents'

Account security events (stores SecurityEvent docs)

TWO_FACTOR_CONFIGS

readonly TWO_FACTOR_CONFIGS: "twoFactorConfigs" = 'twoFactorConfigs'

Per-user MFA/2FA configuration (stores TwoFactorConfig docs; server-only secrets)

BILLING_RECORDS

readonly BILLING_RECORDS: "billingRecords" = 'billingRecords'

Subscription records (stores BillingRecord docs)

INVOICES

readonly INVOICES: "invoices" = 'invoices'

Billing invoices (stores Invoice docs)

BUDGETS

readonly BUDGETS: "budgets" = 'budgets'

User budgets across apps (stores Budget docs)

BANK_ACCOUNTS

readonly BANK_ACCOUNTS: "bankAccounts" = 'bankAccounts'

Bank account references (stores BankAccount docs)

DATA_SYNC_STATUS

readonly DATA_SYNC_STATUS: "dataSyncStatus" = 'dataSyncStatus'

Real-time sync status (stores DataSyncStatus docs)

WEBHOOK_REGISTRATIONS

readonly WEBHOOK_REGISTRATIONS: "webhookRegistrations" = 'webhookRegistrations'

Webhook endpoint registrations (stores WebhookRegistration docs)

EXPENSES

readonly EXPENSES: "expenses" = 'expenses'

Shared expense records (stores Expense docs)

SETTLEMENTS

readonly SETTLEMENTS: "settlements" = 'settlements'

Debt settlement records (stores Settlement docs)

EVENTS

readonly EVENTS: "events" = 'events'

Event/trip records for group contexts

EXPENSE_GROUPS

readonly EXPENSE_GROUPS: "expenseGroups" = 'expenseGroups'

Expense tracking groups (stores ExpenseGroup docs)

OAUTH_APPS

readonly OAUTH_APPS: "oauthApps" = 'oauthApps'

Registered OAuth applications (stores OAuthApp docs)

OAUTH_AUTHORIZATION_CODES

readonly OAUTH_AUTHORIZATION_CODES: "oauthAuthorizationCodes" = 'oauthAuthorizationCodes'

OAuth authorization codes — Phase 2 (stores OAuthAuthorizationCode docs)

OAUTH_TOKENS

readonly OAUTH_TOKENS: "oauthTokens" = 'oauthTokens'

OAuth access/refresh tokens (stores OAuthToken docs)

OAUTH_CONSENTS

readonly OAUTH_CONSENTS: "oauthConsents" = 'oauthConsents'

User consent records for OAuth apps (stores OAuthConsent docs)

APP_USAGE_STATS

readonly APP_USAGE_STATS: "appUsageStats" = 'appUsageStats'

Daily API usage stats per client (stores AppUsageStats docs)

WEBHOOK_DELIVERIES

readonly WEBHOOK_DELIVERIES: "webhookDeliveries" = 'webhookDeliveries'

Webhook delivery attempt records (stores WebhookDelivery docs)

FINANCIAL_PROFILES

readonly FINANCIAL_PROFILES: "financialProfiles" = 'financialProfiles'

Mexican financial profile (stores FinancialProfile docs)

PROPERTY_RECORDS

readonly PROPERTY_RECORDS: "propertyRecords" = 'propertyRecords'

Real estate / property records (stores PropertyRecord docs)

SCENARIOS

readonly SCENARIOS: "scenarios" = 'scenarios'

Wealth projection scenarios (stores ScenarioRecord docs)

CREDIT_CARDS

readonly CREDIT_CARDS: "creditCards" = 'creditCards'

Cashback credit card configs (stores CreditCardRecord docs)

JUSTSPLIT_EXPENSES

readonly JUSTSPLIT_EXPENSES: "expenses" = 'expenses'

Deprecated

Use EXPENSES instead

JUSTSPLIT_SETTLEMENTS

readonly JUSTSPLIT_SETTLEMENTS: "settlements" = 'settlements'

Deprecated

Use SETTLEMENTS instead

JUSTSPLIT_EVENTS

readonly JUSTSPLIT_EVENTS: "events" = 'events'

Deprecated

Use EVENTS instead

JUSTSPLIT_GROUPS

readonly JUSTSPLIT_GROUPS: "expenseGroups" = 'expenseGroups'

Deprecated

Use EXPENSE_GROUPS instead

Defined in

constants/collections.ts:8


const websiteNavLinks: NavigationLink[]

Website navigation configuration

Defined in

navigation.ts:39


websiteHubButton

const websiteHubButton: NavigationActionButton

Defined in

navigation.ts:47


websiteNavConfig

const websiteNavConfig: Partial\<NavigationProps>

Defined in

navigation.ts:53


const hubNavLinks: NavigationLink[]

Hub navigation configuration

Defined in

navigation.ts:62


hubNavConfig

const hubNavConfig: Partial\<NavigationProps>

Defined in

navigation.ts:69


const justSplitNavLinks: NavigationLink[]

JustSplit navigation configuration

Defined in

navigation.ts:78


justSplitNavConfig

const justSplitNavConfig: Partial\<NavigationProps>

Defined in

navigation.ts:87


ROLE_HIERARCHY

const ROLE_HIERARCHY: Record\<AppRole, number>

Role hierarchy values for comparison

Defined in

permissions.ts:9

Functions

hasMinimumRole()

hasMinimumRole(userRole, requiredRole): boolean

Check if user role meets minimum requirement

Parameters

userRole: AppRole

requiredRole: AppRole

Returns

boolean

Defined in

permissions.ts:19

Namespaces