npm - @access-dlsu/leapify - Versions diffs - 0.260507.4 → 0.260507.5 - Mend

@access-dlsu/leapify 0.260507.4 → 0.260507.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (30) hide show

package/dist/auth/auth.d.ts.map +1 -1
package/dist/auth/middleware.d.ts.map +1 -1
package/dist/{chunk-LJ5BSSYE.js → chunk-5YYVBPAE.js} +20 -5
package/dist/chunk-5YYVBPAE.js.map +1 -0
package/dist/{chunk-BFMJDSDI.cjs → chunk-LVKPYSXI.cjs} +20 -5
package/dist/chunk-LVKPYSXI.cjs.map +1 -0
package/dist/{chunk-MCOLCTFX.js → chunk-OZ6HZKR5.js} +20 -5
package/dist/chunk-OZ6HZKR5.js.map +1 -0
package/dist/{chunk-MKWVLWVJ.cjs → chunk-S5DBMZVP.cjs} +20 -5
package/dist/chunk-S5DBMZVP.cjs.map +1 -0
package/dist/client/auth.d.ts +1 -13
package/dist/client/auth.d.ts.map +1 -1
package/dist/client/index.cjs.map +1 -1
package/dist/client/index.js.map +1 -1
package/dist/db/migrate.d.ts.map +1 -1
package/dist/index.cjs +63 -31
package/dist/index.cjs.map +1 -1
package/dist/index.js +41 -9
package/dist/index.js.map +1 -1
package/dist/lib/middleware/cors.d.ts.map +1 -1
package/dist/lib/middleware/pow-challenge.cjs +6 -6
package/dist/lib/middleware/pow-challenge.d.ts.map +1 -1
package/dist/lib/middleware/pow-challenge.js +1 -1
package/dist/worker.js +58 -11
package/dist/worker.js.map +1 -1
package/package.json +153 -153
package/dist/chunk-BFMJDSDI.cjs.map +0 -1
package/dist/chunk-LJ5BSSYE.js.map +0 -1
package/dist/chunk-MCOLCTFX.js.map +0 -1
package/dist/chunk-MKWVLWVJ.cjs.map +0 -1

package/dist/index.cjs CHANGED Viewed

@@ -3,7 +3,7 @@
 var chunkOK6RVPEH_cjs = require('./chunk-OK6RVPEH.cjs');
 var chunkRFP2X2FA_cjs = require('./chunk-RFP2X2FA.cjs');
 require('./chunk-JPVIXCF5.cjs');
-var chunkBFMJDSDI_cjs = require('./chunk-BFMJDSDI.cjs');
+var chunkLVKPYSXI_cjs = require('./chunk-LVKPYSXI.cjs');
 var chunk5JKLV7IE_cjs = require('./chunk-5JKLV7IE.cjs');
 require('./chunk-NKIQRCOM.cjs');
 var chunk4DPT2KQR_cjs = require('./chunk-4DPT2KQR.cjs');
@@ -64,11 +64,14 @@ function shouldPullFromContentful(mode) {
 // node_modules/hono/dist/middleware/cors/index.js
 var cors = (options) => {
-  const opts = {
+  const defaults = {
     origin: "*",
     allowMethods: ["GET", "HEAD", "PUT", "POST", "DELETE", "PATCH"],
     allowHeaders: [],
-    exposeHeaders: [],
+    exposeHeaders: []
+  };
+  const opts = {
+    ...defaults,
     ...options
   };
   const findAllowOrigin = ((optsOrigin) => {
@@ -159,9 +162,22 @@ function createCorsMiddleware(allowedOrigins) {
   });
   return async (c, next) => {
     const origin = c.req.header("origin");
+    if (c.req.path.startsWith("/api/uploads/images")) {
+      c.header("Access-Control-Allow-Origin", "*");
+      c.header("Access-Control-Allow-Methods", "GET, OPTIONS");
+      if (c.req.method === "OPTIONS") {
+        return c.body(null, 204);
+      }
+      return next();
+    }
     if (!c.req.path.startsWith("/health") && !c.req.path.startsWith("/api/auth") && !c.req.path.startsWith("/internal") && origin && !allowedOrigins.includes("*") && !allowedOrigins.includes(origin)) {
       return c.json(
-        { error: { code: "DOMAIN_RESTRICTED", message: `Origin ${origin} is not allowed` } },
+        {
+          error: {
+            code: "DOMAIN_RESTRICTED",
+            message: `Origin ${origin} is not allowed`
+          }
+        },
         403
       );
     }
@@ -173,7 +189,7 @@ function createCorsMiddleware(allowedOrigins) {
 function createRefererGuard(allowedOrigins) {
   const MUTATION_METHODS = /* @__PURE__ */ new Set(["POST", "PATCH", "PUT", "DELETE"]);
   const SKIP_PREFIXES = ["/health", "/internal", "/api/auth", "/.well-known"];
-  return chunkBFMJDSDI_cjs.createMiddleware(async (c, next) => {
+  return chunkLVKPYSXI_cjs.createMiddleware(async (c, next) => {
     if (!MUTATION_METHODS.has(c.req.method)) return next();
     if (SKIP_PREFIXES.some((p) => c.req.path.startsWith(p))) return next();
     if (allowedOrigins.includes("*")) return next();
@@ -36666,11 +36682,21 @@ function createAuth(env2) {
             };
             if (isFirstUser) {
               await db.insert(users).values(base).onConflictDoUpdate({
-                target: users.betterAuthId,
-                set: { role: "super_admin" }
+                target: users.email,
+                set: {
+                  betterAuthId: user.id,
+                  role: "super_admin",
+                  name: user.name ?? user.email.split("@")[0]
+                }
               });
             } else {
-              await db.insert(users).values(base).onConflictDoNothing({ target: users.betterAuthId });
+              await db.insert(users).values(base).onConflictDoUpdate({
+                target: users.email,
+                set: {
+                  betterAuthId: user.id,
+                  name: user.name ?? user.email.split("@")[0]
+                }
+              });
             }
           }
         }
@@ -36699,7 +36725,13 @@ async function resolveUser(env2, betterAuthUserId, betterAuthUserEmail, betterAu
       betterAuthId: betterAuthUserId,
       email: betterAuthUserEmail,
       name: betterAuthUserName ?? betterAuthUserEmail.split("@")[0]
-    }).onConflictDoNothing({ target: users.betterAuthId }).returning();
+    }).onConflictDoUpdate({
+      target: users.email,
+      set: {
+        betterAuthId: betterAuthUserId,
+        name: betterAuthUserName ?? betterAuthUserEmail.split("@")[0]
+      }
+    }).returning();
     dbUser = created;
   }
   if (!dbUser) throw unauthorized("Failed to resolve user record");
@@ -36712,7 +36744,7 @@ async function resolveUser(env2, betterAuthUserId, betterAuthUserEmail, betterAu
     emailVerified: betterAuthEmailVerified
   };
 }
-var authMiddleware = chunkBFMJDSDI_cjs.createMiddleware(
+var authMiddleware = chunkLVKPYSXI_cjs.createMiddleware(
   async (c, next) => {
     const rawToken = extractRawToken(c);
     if (rawToken) {
@@ -36754,7 +36786,7 @@ var authMiddleware = chunkBFMJDSDI_cjs.createMiddleware(
     return next();
   }
 );
-var optionalAuthMiddleware = chunkBFMJDSDI_cjs.createMiddleware(async (c, next) => {
+var optionalAuthMiddleware = chunkLVKPYSXI_cjs.createMiddleware(async (c, next) => {
   const rawToken = extractRawToken(c);
   if (!rawToken) {
     c.set("user", null);
@@ -36762,7 +36794,7 @@ var optionalAuthMiddleware = chunkBFMJDSDI_cjs.createMiddleware(async (c, next)
   }
   return authMiddleware(c, next);
 });
-var adminMiddleware = chunkBFMJDSDI_cjs.createMiddleware(
+var adminMiddleware = chunkLVKPYSXI_cjs.createMiddleware(
   async (c, next) => {
     const user = c.get("user");
     if (!user || !["admin", "super_admin"].includes(user.role)) {
@@ -36771,7 +36803,7 @@ var adminMiddleware = chunkBFMJDSDI_cjs.createMiddleware(
     return next();
   }
 );
-var internalMiddleware = chunkBFMJDSDI_cjs.createMiddleware(async (c, next) => {
+var internalMiddleware = chunkLVKPYSXI_cjs.createMiddleware(async (c, next) => {
   const secret = c.req.header("X-Internal-Secret");
   if (!secret || secret !== c.env.INTERNAL_API_SECRET) {
     throw forbidden("Invalid internal secret");
@@ -36780,7 +36812,7 @@ var internalMiddleware = chunkBFMJDSDI_cjs.createMiddleware(async (c, next) => {
 });
 // src/routes/health.ts
-var healthRoute = new chunkBFMJDSDI_cjs.Hono();
+var healthRoute = new chunkLVKPYSXI_cjs.Hono();
 async function probeResend(apiKey) {
   const start = Date.now();
   try {
@@ -37009,7 +37041,7 @@ var parse4 = (cookie, name) => {
       cookieValue = cookieValue.slice(1, -1);
     }
     if (validCookieValueRegEx.test(cookieValue)) {
-      parsedCookie[cookieName] = cookieValue.indexOf("%") !== -1 ? chunkBFMJDSDI_cjs.tryDecode(cookieValue, chunkBFMJDSDI_cjs.decodeURIComponent_) : cookieValue;
+      parsedCookie[cookieName] = cookieValue.indexOf("%") !== -1 ? chunkLVKPYSXI_cjs.tryDecode(cookieValue, chunkLVKPYSXI_cjs.decodeURIComponent_) : cookieValue;
     }
   }
   return parsedCookie;
@@ -37052,7 +37084,7 @@ var validator = (target, validationFunc) => {
           value = await c.req.json();
         } catch {
           const message2 = "Malformed JSON in request body";
-          throw new chunkBFMJDSDI_cjs.HTTPException(400, { message: message2 });
+          throw new chunkLVKPYSXI_cjs.HTTPException(400, { message: message2 });
         }
         break;
       case "form": {
@@ -37070,7 +37102,7 @@ var validator = (target, validationFunc) => {
           } catch (e) {
             let message2 = "Malformed FormData request.";
             message2 += e instanceof Error ? ` ${e.message}` : ` ${String(e)}`;
-            throw new chunkBFMJDSDI_cjs.HTTPException(400, { message: message2 });
+            throw new chunkLVKPYSXI_cjs.HTTPException(400, { message: message2 });
           }
         }
         const form = /* @__PURE__ */ Object.create(null);
@@ -37619,7 +37651,7 @@ var ContentfulManagement = class {
 // src/lib/middleware/rate-limit.ts
 function createRateLimitMiddleware(config3) {
   const { endpoint, limit, windowSec, identifier } = config3;
-  return chunkBFMJDSDI_cjs.createMiddleware(async (c, next) => {
+  return chunkLVKPYSXI_cjs.createMiddleware(async (c, next) => {
     if (c.req.path === "/.well-known/leapify/pow/verify") return next();
     const id = identifier === "uid" ? c.get("user")?.uid ?? c.req.header("CF-Connecting-IP") ?? "unknown" : c.req.header("CF-Connecting-IP") ?? "unknown";
     const key = `rl:${endpoint}:${id}`;
@@ -37754,7 +37786,7 @@ var createEventSchema = external_exports.object({
   contentfulEntryId: external_exports.string().optional(),
   status: external_exports.enum(["draft", "queued", "published"]).default("draft")
 });
-var classesRoute = new chunkBFMJDSDI_cjs.Hono();
+var classesRoute = new chunkLVKPYSXI_cjs.Hono();
 function generateSlug(title) {
   return title.toLowerCase().trim().replace(/[^\w\s-]/g, "").replace(/[\s_-]+/g, "-").replace(/^-+|-+$/g, "");
 }
@@ -37944,7 +37976,7 @@ classesRoute.delete("/:slug", authMiddleware, adminMiddleware, async (c) => {
 // src/routes/users.ts
 var VALID_ROLES = ["student", "admin", "super_admin"];
-var usersRoute = new chunkBFMJDSDI_cjs.Hono();
+var usersRoute = new chunkLVKPYSXI_cjs.Hono();
 usersRoute.get("/", authMiddleware, adminMiddleware, async (c) => {
   const db = createDb(c.env.DB);
   const data = await db.select().from(users);
@@ -38647,7 +38679,7 @@ async function pushToContentful(db, mgmt, config3 = {}, kv, forceFull = false) {
 }
 // src/routes/site-config.ts
-var siteConfigRoute = new chunkBFMJDSDI_cjs.Hono();
+var siteConfigRoute = new chunkLVKPYSXI_cjs.Hono();
 siteConfigRoute.get("/", async (c) => {
   const db = createDb(c.env.DB);
   const rows = await db.query.siteConfig.findMany();
@@ -38722,7 +38754,7 @@ var faqSchema = external_exports.object({
   category: external_exports.string().optional(),
   sortOrder: external_exports.number().int().default(0)
 });
-var faqsRoute = new chunkBFMJDSDI_cjs.Hono();
+var faqsRoute = new chunkLVKPYSXI_cjs.Hono();
 async function pushFaqToContentful(env2, faq) {
   console.log("[Contentful] pushFaqToContentful called for FAQ:", faq.id);
   if (!ContentfulManagement.isConfigured(env2.CONTENTFUL_SPACE_ID, env2.CONTENTFUL_MANAGEMENT_TOKEN)) {
@@ -38806,7 +38838,7 @@ faqsRoute.delete("/:id", authMiddleware, adminMiddleware, async (c) => {
 });
 // src/routes/internal/gforms-webhook.ts
-var gformsWebhookRoute = new chunkBFMJDSDI_cjs.Hono();
+var gformsWebhookRoute = new chunkLVKPYSXI_cjs.Hono();
 gformsWebhookRoute.post("/", internalMiddleware, async (c) => {
   const rawBody = await c.req.text();
   const signature = c.req.header("X-Goog-Signature");
@@ -38878,7 +38910,7 @@ var ALLOWED_MIME_TYPES = /* @__PURE__ */ new Set([
   "image/svg+xml"
 ]);
 var MAX_FILE_SIZE = 10 * 1024 * 1024;
-var uploadsRoute = new chunkBFMJDSDI_cjs.Hono();
+var uploadsRoute = new chunkLVKPYSXI_cjs.Hono();
 uploadsRoute.get("/images/*", async (c) => {
   const bucket = c.env.FILES;
   if (!bucket) {
@@ -39052,7 +39084,7 @@ var createThemeSchema = external_exports.object({
   name: external_exports.string().min(1),
   path: external_exports.string().min(1)
 });
-var themesRoute = new chunkBFMJDSDI_cjs.Hono();
+var themesRoute = new chunkLVKPYSXI_cjs.Hono();
 themesRoute.get("/", async (c) => {
   const db = createDb(c.env.DB);
   const data = await db.select().from(themes);
@@ -39121,7 +39153,7 @@ var createOrganizationSchema = external_exports.object({
   logoUrl: external_exports.string().url().nullable().optional(),
   link: external_exports.string().url().nullable().optional()
 });
-var organizationsRoute = new chunkBFMJDSDI_cjs.Hono();
+var organizationsRoute = new chunkLVKPYSXI_cjs.Hono();
 organizationsRoute.get("/", async (c) => {
   const db = createDb(c.env.DB);
   const data = await db.select().from(organizations);
@@ -39175,7 +39207,7 @@ organizationsRoute.delete("/:id", authMiddleware, adminMiddleware, async (c) =>
 });
 // src/routes/contentful-sync.ts
-var contentfulSyncRoute = new chunkBFMJDSDI_cjs.Hono();
+var contentfulSyncRoute = new chunkLVKPYSXI_cjs.Hono();
 contentfulSyncRoute.post(
   "/trigger",
   authMiddleware,
@@ -39253,7 +39285,7 @@ contentfulSyncRoute.get(
 // src/app.ts
 function createApp(options = {}) {
-  const app = new chunkBFMJDSDI_cjs.Hono();
+  const app = new chunkLVKPYSXI_cjs.Hono();
   if (options.gformsWebhookUrl) {
     const webhookUrl = `${options.gformsWebhookUrl.replace(/\/$/, "")}/internal/gforms-webhook`;
     app.use("*", async (c, next) => {
@@ -39262,7 +39294,7 @@ function createApp(options = {}) {
     });
   }
   app.use("*", createCorsMiddleware(options.allowedOrigins ?? ["*"]));
-  app.use("*", chunkBFMJDSDI_cjs.createPowChallengeMiddleware());
+  app.use("*", chunkLVKPYSXI_cjs.createPowChallengeMiddleware());
   app.use("*", createRefererGuard(options.allowedOrigins ?? ["*"]));
   app.use("*", async (c, next) => {
     const overrideRaw = await c.env.KV.get("config:cms_mode").catch(() => null);
@@ -39299,7 +39331,7 @@ function createApp(options = {}) {
     }
     return next();
   });
-  app.post(chunkBFMJDSDI_cjs.POW_VERIFY_PATH, chunkBFMJDSDI_cjs.handlePowVerify);
+  app.post(chunkLVKPYSXI_cjs.POW_VERIFY_PATH, chunkLVKPYSXI_cjs.handlePowVerify);
   app.route("/health", healthRoute);
   app.route("/api/config", siteConfigRoute);
   app.route("/api/classes", classesRoute);
@@ -40108,7 +40140,7 @@ async function ensureDatabase(d1) {
     try {
       await d1.prepare(sql3).run();
     } catch (err) {
-      if (err?.message?.includes("duplicate column") || err?.message?.includes("no such column: is_major")) {
+      if (err?.message?.includes("duplicate column") || err?.message?.includes("no such column") && err?.message?.includes("is_major")) {
         continue;
       }
       throw err;