import type { DB, PrimaryFieldType } from "..";
import type { AuthStrategy } from "../auth/authenticate/strategies/Strategy";
import type { Entity, EntityManager } from "../data/entities";
import { type FieldSchema } from "../data/prototype";
import { Module } from "../modules/Module";
import { AuthController } from "./api/AuthController";
import { type AppAuthSchema } from "./auth-schema";
import type { AppEntity } from "../core/config";
import { Authenticator } from "./authenticate/Authenticator";
export type UsersFields = typeof AppAuth.usersFields;
export type UserFieldSchema = FieldSchema<typeof AppAuth.usersFields>;
declare module ".." {
    interface Users extends AppEntity, UserFieldSchema {
    }
    interface DB {
        users: Users;
    }
}
export type CreateUserPayload = {
    email: string;
    password: string;
    [key: string]: any;
};
export declare class AppAuth extends Module<AppAuthSchema> {
    private _authenticator?;
    cache: Record<string, any>;
    _controller: AuthController;
    onBeforeUpdate(from: AppAuthSchema, to: AppAuthSchema): Promise<{
        [x: string]: unknown;
        allow_register?: boolean | undefined;
        default_role_register?: string | undefined;
        guard?: {
            [x: string]: unknown;
            enabled?: boolean | undefined;
        } | undefined;
        roles?: {
            [x: string]: {
                permissions?: string[] | {
                    effect?: "allow" | "deny" | undefined;
                    policies?: {
                        description?: string | undefined;
                        filter?: import("../core/object/query/object-query").ObjectQuery | undefined;
                        effect?: "filter" | "allow" | "deny" | undefined;
                        condition?: import("../core/object/query/object-query").ObjectQuery | undefined;
                    }[] | undefined;
                    permission: string;
                }[] | undefined;
                is_default?: boolean | undefined;
                implicit_allow?: boolean | undefined;
            };
        } | undefined;
        enabled: boolean;
        basepath: string;
        entity_name: string;
        strategies: {
            [x: string]: {
                enabled?: boolean | undefined;
                type: "password" | "oauth" | "custom_oauth";
                config: {
                    minLength?: number | undefined;
                    rounds?: number | undefined;
                    hashing: "plain" | "sha256" | "bcrypt";
                } | {
                    [x: string]: unknown;
                    name: "google" | "github";
                    type: "oidc" | "oauth2";
                    client: {
                        client_id: string;
                        client_secret: string;
                    };
                } | {
                    name: string;
                    type: "oidc" | "oauth2";
                    client: {
                        [x: string]: unknown;
                        client_id: string;
                        client_secret: string;
                        token_endpoint_auth_method: "client_secret_basic";
                    };
                    as: {
                        code_challenge_methods_supported?: "S256" | undefined;
                        scopes_supported?: string[] | undefined;
                        scope_separator?: string | undefined;
                        authorization_endpoint?: string | undefined;
                        token_endpoint?: string | undefined;
                        userinfo_endpoint?: string | undefined;
                        issuer: string;
                    };
                };
            };
        };
        jwt: {
            alg?: "HS256" | "HS384" | "HS512" | undefined;
            expires?: number | undefined;
            issuer?: string | undefined;
            secret: string;
            fields: string[];
        };
        cookie: {
            path?: string | undefined;
            expires?: number | undefined;
            domain?: string | undefined;
            sameSite?: "strict" | "lax" | "none" | undefined;
            secure?: boolean | undefined;
            httpOnly?: boolean | undefined;
            partitioned?: boolean | undefined;
            renew?: boolean | undefined;
            pathSuccess?: string | undefined;
            pathLoggedOut?: string | undefined;
        };
    }>;
    get enabled(): boolean;
    build(): Promise<void>;
    isStrategyEnabled(strategy: AuthStrategy | string): boolean;
    get controller(): AuthController;
    getSchema(): import("../modules/mcp").ObjectToolSchema<{
        readonly enabled: import("jsonv-ts").Schema<{
            readonly default: false;
        }, boolean, boolean> & {
            readonly default: false;
        };
        readonly basepath: import("jsonv-ts").StringSchema<{
            readonly default: "/api/auth";
        }> & {
            readonly default: "/api/auth";
        };
        readonly entity_name: import("jsonv-ts").StringSchema<{
            readonly default: "users";
        }> & {
            readonly default: "users";
        };
        readonly allow_register: {
            readonly default: true;
        } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>;
        readonly default_role_register: {
            default?: any;
            maxLength?: number | undefined;
            minLength?: number | undefined;
            pattern?: (string | RegExp) | undefined;
            format?: string | undefined;
            enum?: (readonly any[] | any[]) | undefined;
            const?: any;
        } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>;
        readonly jwt: import("jsonv-ts").ObjectSchema<{
            readonly secret: import("bknd/utils").SecretSchema<{
                default: string;
            }> & {
                default: string;
            };
            readonly alg: {
                readonly default: "HS256";
                readonly enum: ["HS256", "HS384", "HS512"];
            } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, "HS256" | "HS384" | "HS512" | undefined, "HS256" | "HS384" | "HS512" | undefined>;
            readonly expires: {
                default?: any;
                enum?: (readonly any[] | any[]) | undefined;
                const?: any;
                multipleOf?: number | undefined;
                maximum?: number | undefined;
                exclusiveMaximum?: number | undefined;
                minimum?: number | undefined;
                exclusiveMinimum?: number | undefined;
            } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, number | undefined, number | undefined>;
            readonly issuer: {
                default?: any;
                maxLength?: number | undefined;
                minLength?: number | undefined;
                pattern?: (string | RegExp) | undefined;
                format?: string | undefined;
                enum?: (readonly any[] | any[]) | undefined;
                const?: any;
            } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>;
            readonly fields: import("jsonv-ts").ArraySchema<import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions, {
                readonly default: readonly ["id", "email", "role"];
            }> & {
                readonly default: readonly ["id", "email", "role"];
            };
        }, import("jsonv-ts").Merge<{
            readonly default: {};
        } & {
            additionalProperties: false;
        }>>;
        readonly cookie: import("jsonv-ts").ObjectSchema<{
            readonly domain: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>;
            readonly path: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>;
            readonly sameSite: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, "strict" | "lax" | "none" | undefined, "strict" | "lax" | "none" | undefined>;
            readonly secure: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>;
            readonly httpOnly: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>;
            readonly expires: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, number | undefined, number | undefined>;
            readonly partitioned: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>;
            readonly renew: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>;
            readonly pathSuccess: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>;
            readonly pathLoggedOut: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>;
        }, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & {
            additionalProperties: false;
        }>>;
        readonly strategies: import("../modules/mcp").RecordToolSchema<import("jsonv-ts").Schema<import("jsonv-ts").IUnionOptions, {
            enabled?: boolean | undefined;
            type: "password" | "oauth" | "custom_oauth";
            config: {
                minLength?: number | undefined;
                rounds?: number | undefined;
                hashing: "plain" | "sha256" | "bcrypt";
            } | {
                [x: string]: unknown;
                name: "google" | "github";
                type: "oidc" | "oauth2";
                client: {
                    client_id: string;
                    client_secret: string;
                };
            } | {
                name: string;
                type: "oidc" | "oauth2";
                client: {
                    [x: string]: unknown;
                    client_id: string;
                    client_secret: string;
                    token_endpoint_auth_method: "client_secret_basic";
                };
                as: {
                    code_challenge_methods_supported?: "S256" | undefined;
                    scopes_supported?: string[] | undefined;
                    scope_separator?: string | undefined;
                    authorization_endpoint?: string | undefined;
                    token_endpoint?: string | undefined;
                    userinfo_endpoint?: string | undefined;
                    issuer: string;
                };
            };
        }, never> & import("jsonv-ts").Merge<import("jsonv-ts").IUnionOptions & {
            anyOf: import("jsonv-ts").ObjectSchema<{
                readonly enabled: {
                    readonly default: true;
                } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>;
                readonly type: import("jsonv-ts").Schema<import("jsonv-ts").ILiteralOptions, "password" | "oauth" | "custom_oauth", "password" | "oauth" | "custom_oauth"> & import("jsonv-ts").Merge<import("jsonv-ts").ILiteralOptions & {
                    const: "password" | "oauth" | "custom_oauth";
                }>;
                readonly config: import("jsonv-ts").ObjectSchema<{
                    readonly hashing: import("jsonv-ts").StringSchema<{
                        readonly enum: readonly ["plain", "sha256", "bcrypt"];
                        readonly default: "sha256";
                    }> & {
                        readonly enum: readonly ["plain", "sha256", "bcrypt"];
                        readonly default: "sha256";
                    };
                    readonly rounds: {
                        readonly maximum: 10;
                        readonly minimum: 1;
                    } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, number | undefined, number | undefined>;
                    readonly minLength: {
                        readonly default: 8;
                        readonly minimum: 1;
                    } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, number | undefined, number | undefined>;
                }, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & {
                    additionalProperties: false;
                }>> | (import("jsonv-ts").ObjectSchema<{
                    readonly name: import("jsonv-ts").StringSchema<{
                        readonly enum: ("google" | "github")[];
                    }> & {
                        readonly enum: ("google" | "github")[];
                    };
                    readonly type: import("jsonv-ts").StringSchema<{
                        readonly enum: readonly ["oidc", "oauth2"];
                        readonly default: "oauth2";
                    }> & {
                        readonly enum: readonly ["oidc", "oauth2"];
                        readonly default: "oauth2";
                    };
                    readonly client: import("jsonv-ts").ObjectSchema<{
                        readonly client_id: import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions;
                        readonly client_secret: import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions;
                    }, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & {
                        additionalProperties: false;
                    }>>;
                }, {
                    readonly title: "OAuth";
                }> & {
                    readonly title: "OAuth";
                }) | import("jsonv-ts").ObjectSchema<{
                    readonly type: import("jsonv-ts").StringSchema<{
                        readonly enum: readonly ["oidc", "oauth2"];
                        readonly default: "oidc";
                    }> & {
                        readonly enum: readonly ["oidc", "oauth2"];
                        readonly default: "oidc";
                    };
                    readonly name: import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions;
                    readonly client: import("jsonv-ts").ObjectSchema<{
                        readonly client_id: import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions;
                        readonly client_secret: import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions;
                        readonly token_endpoint_auth_method: import("jsonv-ts").StringSchema<{
                            readonly enum: readonly ["client_secret_basic"];
                        }> & {
                            readonly enum: readonly ["client_secret_basic"];
                        };
                    }, import("jsonv-ts").IObjectOptions> & import("jsonv-ts").IObjectOptions;
                    readonly as: import("jsonv-ts").ObjectSchema<{
                        readonly issuer: import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions;
                        readonly code_challenge_methods_supported: {
                            readonly enum: ["S256"];
                        } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, "S256" | undefined, "S256" | undefined>;
                        readonly scopes_supported: {
                            default?: any;
                            enum?: (readonly any[] | any[]) | undefined;
                            const?: any;
                            $defs?: Record<string, import("jsonv-ts").Schema> | undefined;
                            contains?: import("jsonv-ts").Schema | undefined;
                            minContains?: number | undefined;
                            maxContains?: number | undefined;
                            prefixItems?: import("jsonv-ts").Schema[] | undefined;
                            uniqueItems?: boolean | undefined;
                            maxItems?: number | undefined;
                            minItems?: number | undefined;
                            readonly items?: (import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions) | undefined;
                        } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string[] | undefined, string[] | undefined>;
                        readonly scope_separator: {
                            readonly default: " ";
                        } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>;
                        readonly authorization_endpoint: {
                            readonly pattern: "^(https?|wss?)://[^\\s/$.?#].[^\\s]*$";
                        } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>;
                        readonly token_endpoint: {
                            readonly pattern: "^(https?|wss?)://[^\\s/$.?#].[^\\s]*$";
                        } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>;
                        readonly userinfo_endpoint: {
                            readonly pattern: "^(https?|wss?)://[^\\s/$.?#].[^\\s]*$";
                        } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>;
                    }, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & {
                        additionalProperties: false;
                    }>>;
                }, import("jsonv-ts").Merge<{
                    readonly title: "Custom OAuth";
                } & {
                    additionalProperties: false;
                }>>;
            }, import("jsonv-ts").Merge<{
                readonly title: "password" | "oauth" | "custom_oauth";
            } & {
                additionalProperties: false;
            }>>[];
        }>, {
            readonly title: "Strategies";
            readonly default: {
                readonly password: {
                    readonly type: "password";
                    readonly enabled: true;
                    readonly config: {
                        readonly hashing: "sha256";
                    };
                };
            };
        }>;
        readonly guard: {
            default?: any;
            enum?: (readonly any[] | any[]) | undefined;
            const?: any;
            $defs?: Record<string, import("jsonv-ts").Schema> | undefined;
            patternProperties?: Record<string, import("jsonv-ts").Schema> | undefined;
            additionalProperties?: (import("jsonv-ts").Schema | false) | undefined;
            minProperties?: number | undefined;
            maxProperties?: number | undefined;
            propertyNames?: import("jsonv-ts").Schema | undefined;
            properties: {
                readonly enabled: {
                    readonly default: false;
                } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>;
            };
            required: string[] | undefined;
            strict: () => import("jsonv-ts").ObjectSchema<{
                readonly enabled: {
                    readonly default: false;
                } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>;
            }, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & {
                additionalProperties: false;
            }>>;
            partial: () => import("jsonv-ts").ObjectSchema<{
                readonly enabled: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>;
            }, import("jsonv-ts").IObjectOptions>;
        } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, {
            [x: string]: unknown;
            enabled?: boolean | undefined;
        } | undefined, {
            [x: string]: unknown;
            enabled?: boolean | undefined;
        } | undefined>;
        readonly roles: {
            additionalProperties: import("jsonv-ts").ObjectSchema<{
                readonly permissions: {
                    default?: any;
                    enum?: (readonly any[] | any[]) | undefined;
                    const?: any;
                    anyOf: [import("jsonv-ts").ArraySchema<import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions, import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, unknown, unknown>> & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, unknown, unknown>, import("jsonv-ts").ArraySchema<import("jsonv-ts").ObjectSchema<{
                        readonly permission: import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions;
                        readonly effect: {
                            readonly default: "allow";
                            readonly enum: ["allow", "deny"];
                        } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, "allow" | "deny" | undefined, "allow" | "deny" | undefined>;
                        readonly policies: {
                            default?: any;
                            enum?: (readonly any[] | any[]) | undefined;
                            const?: any;
                            $defs?: Record<string, import("jsonv-ts").Schema> | undefined;
                            contains?: import("jsonv-ts").Schema | undefined;
                            minContains?: number | undefined;
                            maxContains?: number | undefined;
                            prefixItems?: import("jsonv-ts").Schema[] | undefined;
                            uniqueItems?: boolean | undefined;
                            maxItems?: number | undefined;
                            minItems?: number | undefined;
                            readonly items?: import("jsonv-ts").ObjectSchema<{
                                readonly description: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>;
                                readonly condition: import("jsonv-ts").Schema<{}, import("../core/object/query/object-query").ObjectQuery | undefined>;
                                readonly effect: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, "filter" | "allow" | "deny" | undefined, "filter" | "allow" | "deny" | undefined>;
                                readonly filter: import("jsonv-ts").Schema<{}, import("../core/object/query/object-query").ObjectQuery | undefined>;
                            }, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & {
                                additionalProperties: false;
                            }>> | undefined;
                        } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, {
                            description?: string | undefined;
                            filter?: import("../core/object/query/object-query").ObjectQuery | undefined;
                            effect?: "filter" | "allow" | "deny" | undefined;
                            condition?: import("../core/object/query/object-query").ObjectQuery | undefined;
                        }[] | undefined, {
                            description?: string | undefined;
                            filter?: import("../core/object/query/object-query").ObjectQuery | undefined;
                            effect?: "filter" | "allow" | "deny" | undefined;
                            condition?: import("../core/object/query/object-query").ObjectQuery | undefined;
                        }[] | undefined>;
                    }, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & {
                        additionalProperties: false;
                    }>>, import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, unknown, unknown>> & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, unknown, unknown>];
                } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string[] | {
                    effect?: "allow" | "deny" | undefined;
                    policies?: {
                        description?: string | undefined;
                        filter?: import("../core/object/query/object-query").ObjectQuery | undefined;
                        effect?: "filter" | "allow" | "deny" | undefined;
                        condition?: import("../core/object/query/object-query").ObjectQuery | undefined;
                    }[] | undefined;
                    permission: string;
                }[] | undefined, any>;
                readonly is_default: {
                    default?: any;
                    enum?: (readonly any[] | any[]) | undefined;
                    const?: any;
                } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>;
                readonly implicit_allow: {
                    default?: any;
                    enum?: (readonly any[] | any[]) | undefined;
                    const?: any;
                } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>;
            }, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & {
                additionalProperties: false;
            }>>;
            readonly mcp: import("../modules/mcp").McpSchemaHelper<{
                get?: boolean;
                add?: boolean;
                update?: boolean;
                remove?: boolean;
            }>;
            getTools: (node: import("jsonv-ts").Node<import("../modules/mcp").RecordToolSchema<import("jsonv-ts").ObjectSchema<{
                readonly permissions: {
                    default?: any;
                    enum?: (readonly any[] | any[]) | undefined;
                    const?: any;
                    anyOf: [import("jsonv-ts").ArraySchema<import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions, import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, unknown, unknown>> & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, unknown, unknown>, import("jsonv-ts").ArraySchema<import("jsonv-ts").ObjectSchema<{
                        readonly permission: import("jsonv-ts").StringSchema<import("jsonv-ts").IStringOptions> & import("jsonv-ts").IStringOptions;
                        readonly effect: {
                            readonly default: "allow";
                            readonly enum: ["allow", "deny"];
                        } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, "allow" | "deny" | undefined, "allow" | "deny" | undefined>;
                        readonly policies: {
                            default?: any;
                            enum?: (readonly any[] | any[]) | undefined;
                            const?: any;
                            $defs?: Record<string, import("jsonv-ts").Schema> | undefined;
                            contains?: import("jsonv-ts").Schema | undefined;
                            minContains?: number | undefined;
                            maxContains?: number | undefined;
                            prefixItems?: import("jsonv-ts").Schema[] | undefined;
                            uniqueItems?: boolean | undefined;
                            maxItems?: number | undefined;
                            minItems?: number | undefined;
                            readonly items?: import("jsonv-ts").ObjectSchema<{
                                readonly description: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string | undefined, string | undefined>;
                                readonly condition: import("jsonv-ts").Schema<{}, import("../core/object/query/object-query").ObjectQuery | undefined>;
                                readonly effect: import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, "filter" | "allow" | "deny" | undefined, "filter" | "allow" | "deny" | undefined>;
                                readonly filter: import("jsonv-ts").Schema<{}, import("../core/object/query/object-query").ObjectQuery | undefined>;
                            }, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & {
                                additionalProperties: false;
                            }>> | undefined;
                        } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, {
                            description?: string | undefined;
                            filter?: import("../core/object/query/object-query").ObjectQuery | undefined;
                            effect?: "filter" | "allow" | "deny" | undefined;
                            condition?: import("../core/object/query/object-query").ObjectQuery | undefined;
                        }[] | undefined, {
                            description?: string | undefined;
                            filter?: import("../core/object/query/object-query").ObjectQuery | undefined;
                            effect?: "filter" | "allow" | "deny" | undefined;
                            condition?: import("../core/object/query/object-query").ObjectQuery | undefined;
                        }[] | undefined>;
                    }, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & {
                        additionalProperties: false;
                    }>>, import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, unknown, unknown>> & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, unknown, unknown>];
                } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, string[] | {
                    effect?: "allow" | "deny" | undefined;
                    policies?: {
                        description?: string | undefined;
                        filter?: import("../core/object/query/object-query").ObjectQuery | undefined;
                        effect?: "filter" | "allow" | "deny" | undefined;
                        condition?: import("../core/object/query/object-query").ObjectQuery | undefined;
                    }[] | undefined;
                    permission: string;
                }[] | undefined, any>;
                readonly is_default: {
                    default?: any;
                    enum?: (readonly any[] | any[]) | undefined;
                    const?: any;
                } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>;
                readonly implicit_allow: {
                    default?: any;
                    enum?: (readonly any[] | any[]) | undefined;
                    const?: any;
                } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, boolean | undefined, boolean | undefined>;
            }, import("jsonv-ts").Merge<import("jsonv-ts").IObjectOptions & {
                additionalProperties: false;
            }>>, {
                readonly default: {};
            }>>) => import("jsonv-ts/mcp").Tool<any, any, any>[];
        } & import("jsonv-ts").Schema<import("jsonv-ts").ISchemaOptions, {
            [x: string]: {
                permissions?: string[] | {
                    effect?: "allow" | "deny" | undefined;
                    policies?: {
                        description?: string | undefined;
                        filter?: import("../core/object/query/object-query").ObjectQuery | undefined;
                        effect?: "filter" | "allow" | "deny" | undefined;
                        condition?: import("../core/object/query/object-query").ObjectQuery | undefined;
                    }[] | undefined;
                    permission: string;
                }[] | undefined;
                is_default?: boolean | undefined;
                implicit_allow?: boolean | undefined;
            };
        } | undefined, {
            [x: string]: {
                permissions?: any;
                is_default?: boolean | undefined;
                implicit_allow?: boolean | undefined;
            };
        } | undefined>;
    }, {
        readonly title: "Authentication";
    }> & {
        readonly title: "Authentication";
    };
    getGuardContextSchema(): {
        type: string;
        properties: {
            user: {
                type: string;
                properties: Pick<any, string | number | symbol>;
            };
        };
    };
    get authenticator(): Authenticator;
    get em(): EntityManager;
    getUsersEntity(forceCreate?: boolean): Entity<"users", typeof AppAuth.usersFields>;
    static usersFields: {
        email: import("../data/fields").TextField<true>;
        strategy: import("../data/fields").TextField<true>;
        strategy_value: import("../data/fields").TextField<true>;
        role: import("../data/fields").TextField<false> & {
            required: () => import("../data/fields").TextField<true>;
        };
    };
    registerEntities(): void;
    createUser({ email, password, role, ...additional }: CreateUserPayload): Promise<DB["users"]>;
    changePassword(userId: PrimaryFieldType, newPassword: string): Promise<boolean>;
    toJSON(secrets?: boolean): AppAuthSchema;
}
