npm - @access-dlsu/leapify - Versions diffs - 0.260531.1 → 0.260601.2 - Mend

@access-dlsu/leapify 0.260531.1 → 0.260601.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (31) hide show

package/dist/app.d.ts.map +1 -1
package/dist/auth/auth.d.ts +2 -2
package/dist/client/auth.d.ts +41 -41
package/dist/client/index.cjs +9 -0
package/dist/client/index.cjs.map +1 -1
package/dist/client/index.d.ts +7 -0
package/dist/client/index.d.ts.map +1 -1
package/dist/client/index.js +9 -0
package/dist/client/index.js.map +1 -1
package/dist/cron/reconcile-slots.d.ts.map +1 -1
package/dist/index.cjs +343 -222
package/dist/index.cjs.map +1 -1
package/dist/index.js +346 -225
package/dist/index.js.map +1 -1
package/dist/lib/middleware/cors.d.ts.map +1 -1
package/dist/lib/middleware/referer-guard.d.ts +1 -1
package/dist/lib/middleware/referer-guard.d.ts.map +1 -1
package/dist/routes/internal/batch-release.d.ts +4 -0
package/dist/routes/internal/batch-release.d.ts.map +1 -0
package/dist/routes/internal/reconcile-slots.d.ts +4 -0
package/dist/routes/internal/reconcile-slots.d.ts.map +1 -0
package/dist/routes/internal/reminder-emails.d.ts +4 -0
package/dist/routes/internal/reminder-emails.d.ts.map +1 -0
package/dist/routes/internal/renew-watches.d.ts +4 -0
package/dist/routes/internal/renew-watches.d.ts.map +1 -0
package/dist/routes/site-config.d.ts +2 -2
package/dist/routes/site-config.d.ts.map +1 -1
package/dist/services/gforms.d.ts.map +1 -1
package/dist/worker.js +539 -418
package/dist/worker.js.map +1 -1
package/package.json +155 -155

package/dist/index.cjs CHANGED Viewed

@@ -4,13 +4,13 @@ var chunkX4OB4DZ3_cjs = require('./chunk-X4OB4DZ3.cjs');
 var chunkQ7SFCCGT_cjs = require('./chunk-Q7SFCCGT.cjs');
 var hono = require('hono');
 var cors = require('hono/cors');
+var d1 = require('drizzle-orm/d1');
+var sqliteCore = require('drizzle-orm/sqlite-core');
+var drizzleOrm = require('drizzle-orm');
 var factory = require('hono/factory');
 var betterAuth = require('better-auth');
 var drizzle = require('better-auth/adapters/drizzle');
 var plugins = require('better-auth/plugins');
-var drizzleOrm = require('drizzle-orm');
-var d1 = require('drizzle-orm/d1');
-var sqliteCore = require('drizzle-orm/sqlite-core');
 var zodValidator = require('@hono/zod-validator');
 var zod = require('zod');
@@ -22,6 +22,8 @@ var LeapifyError = class extends Error {
     this.code = code;
     this.name = "LeapifyError";
   }
+  statusCode;
+  code;
 };
 var unauthorized = (message = "Unauthorized") => new LeapifyError(401, "UNAUTHORIZED", message);
 var domainRestricted = () => new LeapifyError(
@@ -50,58 +52,6 @@ var errorHandler = (err, c) => {
     500
   );
 };
-function createCorsMiddleware(allowedOrigins) {
-  return async (c, next) => {
-    const origin = c.req.header("origin");
-    const dynamicOriginsJson = await c.env.KV.get("config:allowed_origins", "json");
-    const currentAllowedOrigins = dynamicOriginsJson ?? allowedOrigins;
-    if (c.req.path.startsWith("/api/uploads/images")) {
-      c.header("Access-Control-Allow-Origin", "*");
-      c.header("Access-Control-Allow-Methods", "GET, OPTIONS");
-      if (c.req.method === "OPTIONS") {
-        return c.body(null, 204);
-      }
-      return next();
-    }
-    if (!c.req.path.startsWith("/health") && !c.req.path.startsWith("/api/auth") && !c.req.path.startsWith("/internal") && origin && !currentAllowedOrigins.includes("*") && !currentAllowedOrigins.includes(origin)) {
-      return c.json(
-        {
-          error: {
-            code: "DOMAIN_RESTRICTED",
-            message: `Origin ${origin} is not allowed`
-          }
-        },
-        403
-      );
-    }
-    const honoCors = cors.cors({
-      origin: currentAllowedOrigins,
-      allowMethods: ["GET", "POST", "PATCH", "DELETE", "OPTIONS"],
-      allowHeaders: ["Content-Type", "Authorization"],
-      exposeHeaders: ["ETag", "Last-Modified", "Cache-Control"],
-      maxAge: 86400,
-      credentials: true
-    });
-    return honoCors(c, next);
-  };
-}
-function createRefererGuard(allowedOrigins) {
-  const MUTATION_METHODS = /* @__PURE__ */ new Set(["POST", "PATCH", "PUT", "DELETE"]);
-  const SKIP_PREFIXES = ["/health", "/internal", "/api/auth", "/.well-known"];
-  return factory.createMiddleware(async (c, next) => {
-    if (!MUTATION_METHODS.has(c.req.method)) return next();
-    if (SKIP_PREFIXES.some((p) => c.req.path.startsWith(p))) return next();
-    const dynamicOriginsJson = await c.env.KV.get("config:allowed_origins", "json");
-    const currentAllowedOrigins = dynamicOriginsJson ?? allowedOrigins;
-    if (currentAllowedOrigins.includes("*")) return next();
-    const referer = c.req.header("referer") ?? "";
-    const isAllowed = currentAllowedOrigins.some((origin) => referer.startsWith(origin));
-    if (!isAllowed) {
-      throw forbidden("Request origin not permitted");
-    }
-    return next();
-  });
-}
 // src/db/schema/index.ts
 var schema_exports = {};
@@ -334,8 +284,112 @@ var authVerification = sqliteCore.sqliteTable(
 function createDb(d1$1) {
   return d1.drizzle(d1$1, { schema: schema_exports });
 }
-// src/auth/auth.ts
+async function getOriginsFromDb(env) {
+  try {
+    const db = createDb(env.DB);
+    const row = await db.query.siteConfig.findFirst({
+      where: drizzleOrm.eq(siteConfig.key, "allowed_origins")
+    });
+    if (row) return JSON.parse(row.value);
+  } catch {
+  }
+  return null;
+}
+function createCorsMiddleware(allowedOrigins) {
+  return async (c, next) => {
+    const origin = c.req.header("origin");
+    const dynamicOriginsJson = await c.env.KV.get(
+      "config:allowed_origins",
+      "json"
+    );
+    let currentAllowedOrigins = dynamicOriginsJson ?? allowedOrigins;
+    if (!dynamicOriginsJson) {
+      const dbOrigins = await getOriginsFromDb(c.env);
+      if (dbOrigins) {
+        currentAllowedOrigins = dbOrigins;
+        await c.env.KV.put(
+          "config:allowed_origins",
+          JSON.stringify(dbOrigins),
+          { expirationTtl: 86400 }
+        );
+      }
+    }
+    if (c.req.path.startsWith("/api/uploads/images")) {
+      c.header("Access-Control-Allow-Origin", "*");
+      c.header("Access-Control-Allow-Methods", "GET, OPTIONS");
+      if (c.req.method === "OPTIONS") {
+        return c.body(null, 204);
+      }
+      return next();
+    }
+    if (!c.req.path.startsWith("/health") && !c.req.path.startsWith("/api/auth") && !c.req.path.startsWith("/internal") && origin && !currentAllowedOrigins.includes("*") && !currentAllowedOrigins.includes(origin) && origin !== new URL(c.req.url).origin) {
+      return c.json(
+        {
+          error: {
+            code: "DOMAIN_RESTRICTED",
+            message: `Origin ${origin} is not allowed`
+          }
+        },
+        403
+      );
+    }
+    const honoCors = cors.cors({
+      origin: currentAllowedOrigins,
+      allowMethods: ["GET", "POST", "PATCH", "DELETE", "OPTIONS"],
+      allowHeaders: ["Content-Type", "Authorization"],
+      exposeHeaders: ["ETag", "Last-Modified", "Cache-Control"],
+      maxAge: 86400,
+      credentials: true
+    });
+    return honoCors(c, next);
+  };
+}
+async function getOriginsFromDb2(env) {
+  try {
+    const db = createDb(env.DB);
+    const row = await db.query.siteConfig.findFirst({
+      where: drizzleOrm.eq(siteConfig.key, "allowed_origins")
+    });
+    if (row) return JSON.parse(row.value);
+  } catch {
+  }
+  return null;
+}
+function createRefererGuard(allowedOrigins) {
+  const MUTATION_METHODS = /* @__PURE__ */ new Set(["POST", "PATCH", "PUT", "DELETE"]);
+  const SKIP_PREFIXES = ["/health", "/internal", "/api/auth", "/.well-known"];
+  return factory.createMiddleware(async (c, next) => {
+    if (!MUTATION_METHODS.has(c.req.method)) return next();
+    if (SKIP_PREFIXES.some((p) => c.req.path.startsWith(p))) return next();
+    const dynamicOriginsJson = await c.env.KV.get(
+      "config:allowed_origins",
+      "json"
+    );
+    let currentAllowedOrigins = dynamicOriginsJson ?? allowedOrigins;
+    if (!dynamicOriginsJson) {
+      const dbOrigins = await getOriginsFromDb2(c.env);
+      if (dbOrigins) {
+        currentAllowedOrigins = dbOrigins;
+        await c.env.KV.put(
+          "config:allowed_origins",
+          JSON.stringify(dbOrigins),
+          { expirationTtl: 86400 }
+        );
+      }
+    }
+    if (currentAllowedOrigins.includes("*")) return next();
+    const referer = c.req.header("referer") ?? "";
+    const requestOrigin = new URL(c.req.url).origin;
+    if (referer.startsWith(requestOrigin)) return next();
+    const isAllowed = currentAllowedOrigins.some(
+      (origin) => referer.startsWith(origin)
+    );
+    if (!isAllowed) {
+      throw forbidden("Request origin not permitted");
+    }
+    return next();
+  });
+}
 var DLSU_DOMAIN = "@dlsu.edu.ph";
 function createAuth(env) {
   const db = createDb(env.DB);
@@ -631,7 +685,14 @@ healthRoute.get("/", async (c) => {
   const env = c.env;
   const hasSes = Boolean(env.SES_REGION) && Boolean(env.SES_ACCESS_KEY_ID) && Boolean(env.SES_SECRET_ACCESS_KEY);
   const hasResend = Boolean(env.RESEND_API_KEY);
-  const hasGForms = Boolean(env.GFORMS_SERVICE_ACCOUNT_JSON);
+  let hasGForms = false;
+  if (env.GFORMS_SERVICE_ACCOUNT_JSON) {
+    try {
+      const parsed = JSON.parse(env.GFORMS_SERVICE_ACCOUNT_JSON);
+      hasGForms = Boolean(parsed.client_email && parsed.private_key);
+    } catch {
+    }
+  }
   const probes = [];
   if (hasSes) {
     probes.push(
@@ -689,6 +750,7 @@ var CacheService = class {
   constructor(kv) {
     this.kv = kv;
   }
+  kv;
   async get(key) {
     return this.kv.get(key, "json");
   }
@@ -734,6 +796,8 @@ var SlotsService = class {
     this.db = db;
     this.cache = cache;
   }
+  db;
+  cache;
   kvKey(slug) {
     return `${SLOT_KV_PREFIX}${slug}`;
   }
@@ -888,7 +952,10 @@ var GFormsService = class {
       const response = await fetch(url.toString(), {
         headers: { Authorization: `Bearer ${token}` }
       });
-      if (!response.ok) throw new Error(`Forms API error: ${response.status}`);
+      if (!response.ok) {
+        const err = await response.text();
+        throw new Error(`Forms API error: ${response.status} ${err}`);
+      }
       const data = await response.json();
       allResponses.push(...data.responses ?? []);
       pageToken = data.nextPageToken;
@@ -1162,6 +1229,27 @@ classesRoute.get("/:slug/slots", eventsSlotsRateLimit, async (c) => {
   c.header("Cache-Control", "public, max-age=5, stale-while-revalidate=5");
   return c.json({ data: info });
 });
+classesRoute.post("/:slug/reconcile", authMiddleware, adminMiddleware, async (c) => {
+  const { slug } = c.req.param();
+  const db = createDb(c.env.DB);
+  const cache = new CacheService(c.env.KV);
+  const gforms = new GFormsService(c.env.GFORMS_SERVICE_ACCOUNT_JSON);
+  const slots = new SlotsService(db, cache);
+  const event = await db.query.events.findFirst({
+    where: drizzleOrm.eq(events.slug, slug),
+    columns: { gformsId: true }
+  });
+  if (!event) throw notFound("Event");
+  if (!event.gformsId) return c.json({ error: "No gformsId set for this event" }, 400);
+  try {
+    const googleCount = await gforms.getExactResponseCount(event.gformsId);
+    await slots.correctCount(slug, googleCount);
+    return c.json({ data: { registeredSlots: googleCount } });
+  } catch (err) {
+    const message = err?.message ?? "Failed to fetch from Google Forms API";
+    return c.json({ error: { code: "GFORMS_API_ERROR", message } }, 502);
+  }
+});
 classesRoute.post(
   "/",
   authMiddleware,
@@ -1348,7 +1436,7 @@ siteConfigRoute.patch("/:key", authMiddleware, adminMiddleware, async (c) => {
     set: { value: JSON.stringify(value), updatedAt: now }
   });
   await c.env.KV.put(`config:${key}`, JSON.stringify(value), {
-    expirationTtl: 600
+    expirationTtl: 86400
   });
   return c.json({ data: { key, value } });
 });
@@ -1469,6 +1557,196 @@ async function verifyGoogSignature(body, signature, secret) {
     return false;
   }
 }
+var LOCK_KEY = "cron:reconcile-slots:lock";
+var LOCK_TTL = 300;
+async function reconcileSlots(env) {
+  const db = createDb(env.DB);
+  const cache = new CacheService(env.KV);
+  const gforms = new GFormsService(env.GFORMS_SERVICE_ACCOUNT_JSON);
+  const slots = new SlotsService(db, cache);
+  const lock = await cache.get(LOCK_KEY);
+  if (lock) {
+    console.log("[reconcile-slots] Lock held, skipping.");
+    return;
+  }
+  await cache.set(LOCK_KEY, "1", LOCK_TTL);
+  try {
+    const publishedEvents = await db.query.events.findMany({
+      where: drizzleOrm.isNotNull(events.gformsId),
+      columns: { id: true, slug: true, gformsId: true, registeredSlots: true }
+    });
+    const eventsWithForms = publishedEvents.filter((e) => e.gformsId);
+    let corrected = 0;
+    for (const event of eventsWithForms) {
+      try {
+        const googleCount = await gforms.getExactResponseCount(event.gformsId);
+        const localCount = event.registeredSlots;
+        if (googleCount !== localCount) {
+          console.warn(
+            `[reconcile-slots] Drift on "${event.slug}": local=${localCount}, google=${googleCount}`
+          );
+          await slots.correctCount(event.slug, googleCount);
+          corrected++;
+        }
+      } catch (err) {
+        console.error(`[reconcile-slots] Error checking "${event.slug}":`, err);
+      }
+    }
+    console.log(
+      `[reconcile-slots] Checked ${eventsWithForms.length} events, corrected ${corrected}.`
+    );
+  } finally {
+    await cache.del(LOCK_KEY);
+  }
+}
+// src/routes/internal/reconcile-slots.ts
+var reconcileSlotsRoute = new hono.Hono();
+reconcileSlotsRoute.post("/", internalMiddleware, async (c) => {
+  await reconcileSlots(c.env);
+  return c.json({ ok: true });
+});
+async function batchRelease(env) {
+  const db = createDb(env.DB);
+  const cache = new CacheService(env.KV);
+  const now = Math.floor(Date.now() / 1e3);
+  const toPublish = await db.query.events.findMany({
+    where: drizzleOrm.and(drizzleOrm.eq(events.status, "queued"), drizzleOrm.lte(events.releaseAt, now)),
+    columns: { id: true, slug: true }
+  });
+  if (toPublish.length === 0) return;
+  const ids = toPublish.map((e) => e.id);
+  await db.update(events).set({ status: "published", publishedAt: drizzleOrm.sql`(unixepoch())` }).where(
+    // Drizzle doesn't have inArray for D1; use raw SQL for batch
+    drizzleOrm.sql`${events.id} IN (${drizzleOrm.sql.join(
+      ids.map((id) => drizzleOrm.sql`${id}`),
+      drizzleOrm.sql`, `
+    )})`
+  );
+  await cache.del("events:list");
+  await cache.del("events:etag");
+  console.log(
+    `[batch-release] Published ${toPublish.length} events:`,
+    toPublish.map((e) => e.slug).join(", ")
+  );
+}
+// src/routes/internal/batch-release.ts
+var batchReleaseRoute = new hono.Hono();
+batchReleaseRoute.post("/", internalMiddleware, async (c) => {
+  await batchRelease(c.env);
+  return c.json({ ok: true });
+});
+function parseStartTimestamp(dateTime, startTime) {
+  if (!dateTime) return null;
+  const combined = startTime ? `${dateTime} ${startTime}` : dateTime;
+  const ms = Date.parse(combined);
+  return Number.isNaN(ms) ? null : Math.floor(ms / 1e3);
+}
+async function reminderEmails(env) {
+  if (!env.EMAIL_QUEUE) {
+    console.warn(
+      "[reminder-emails] EMAIL_QUEUE binding not configured, skipping."
+    );
+    return;
+  }
+  const hasSes = !!(env.SES_REGION && env.SES_ACCESS_KEY_ID && env.SES_SECRET_ACCESS_KEY);
+  const hasResend = !!env.RESEND_API_KEY;
+  if (!hasSes && !hasResend) {
+    console.warn(
+      "[reminder-emails] No email providers configured. Skipping reminders."
+    );
+    return;
+  }
+  const db = createDb(env.DB);
+  const now = Math.floor(Date.now() / 1e3);
+  const candidates24h = await db.query.events.findMany({
+    where: drizzleOrm.and(
+      drizzleOrm.eq(events.status, "published"),
+      drizzleOrm.eq(events.reminder24hSent, false)
+    ),
+    columns: {
+      id: true,
+      dateTime: true,
+      startTime: true
+    }
+  });
+  for (const event of candidates24h) {
+    const startsAt = parseStartTimestamp(event.dateTime, event.startTime);
+    if (!startsAt) continue;
+    const hoursUntil = (startsAt - now) / 3600;
+    if (hoursUntil <= 25 && hoursUntil >= 23) {
+      await env.EMAIL_QUEUE.send({
+        type: "send_reminder_email",
+        payload: { eventId: event.id, hoursBeforeEvent: 24 }
+      });
+    }
+  }
+  const candidates1h = await db.query.events.findMany({
+    where: drizzleOrm.and(
+      drizzleOrm.eq(events.status, "published"),
+      drizzleOrm.eq(events.reminder1hSent, false)
+    ),
+    columns: {
+      id: true,
+      dateTime: true,
+      startTime: true
+    }
+  });
+  for (const event of candidates1h) {
+    const startsAt = parseStartTimestamp(event.dateTime, event.startTime);
+    if (!startsAt) continue;
+    const hoursUntil = (startsAt - now) / 3600;
+    if (hoursUntil <= 1.5 && hoursUntil >= 0) {
+      await env.EMAIL_QUEUE.send({
+        type: "send_reminder_email",
+        payload: { eventId: event.id, hoursBeforeEvent: 1 }
+      });
+    }
+  }
+}
+// src/routes/internal/reminder-emails.ts
+var reminderEmailsRoute = new hono.Hono();
+reminderEmailsRoute.post("/", internalMiddleware, async (c) => {
+  await reminderEmails(c.env);
+  return c.json({ ok: true });
+});
+var RENEWAL_WINDOW = 86400;
+async function renewWatches(env) {
+  const db = createDb(env.DB);
+  const gforms = new GFormsService(env.GFORMS_SERVICE_ACCOUNT_JSON);
+  const now = Math.floor(Date.now() / 1e3);
+  const threshold = now + RENEWAL_WINDOW;
+  const expiring = await db.query.events.findMany({
+    where: drizzleOrm.and(
+      drizzleOrm.eq(events.status, "published"),
+      drizzleOrm.lte(events.watchExpiresAt, threshold)
+    ),
+    columns: { id: true, slug: true, gformsId: true, watchId: true, watchExpiresAt: true }
+  });
+  const watchEvents = expiring.filter((e) => e.gformsId && e.watchId);
+  let renewed = 0;
+  for (const event of watchEvents) {
+    try {
+      const result = await gforms.renewWatch(event.gformsId, event.watchId);
+      const newExpiry = Math.floor(new Date(result.expireTime).getTime() / 1e3);
+      await db.update(events).set({ watchExpiresAt: newExpiry }).where(drizzleOrm.eq(events.id, event.id));
+      renewed++;
+      console.log(`[renew-watches] Renewed Watch for "${event.slug}", expires ${result.expireTime}`);
+    } catch (err) {
+      console.error(`[renew-watches] Failed to renew Watch for "${event.slug}":`, err);
+    }
+  }
+  console.log(`[renew-watches] Renewed ${renewed}/${watchEvents.length} watches.`);
+}
+// src/routes/internal/renew-watches.ts
+var renewWatchesRoute = new hono.Hono();
+renewWatchesRoute.post("/", internalMiddleware, async (c) => {
+  await renewWatches(c.env);
+  return c.json({ ok: true });
+});
 var ALLOWED_MIME_TYPES = /* @__PURE__ */ new Set([
   "image/jpeg",
   "image/png",
@@ -1735,6 +2013,10 @@ function createApp(options = {}) {
   app.route("/api/faqs", faqsRoute);
   app.route("/api/uploads", uploadsRoute);
   app.route("/internal/gforms-webhook", gformsWebhookRoute);
+  app.route("/internal/reconcile-slots", reconcileSlotsRoute);
+  app.route("/internal/batch-release", batchReleaseRoute);
+  app.route("/internal/reminder-emails", reminderEmailsRoute);
+  app.route("/internal/renew-watches", renewWatchesRoute);
   app.onError(errorHandler);
   app.notFound(
     (c) => c.json({ error: { code: "NOT_FOUND", message: "Route not found" } }, 404)
@@ -1840,6 +2122,7 @@ var SesError = class extends Error {
     this.status = status;
     this.name = "SesError";
   }
+  status;
   /**
    * True for errors that are permanent (not worth retrying via SES again).
    * 400 BadRequest, 403 Forbidden, 404 NotFound → non-retryable.
@@ -2164,168 +2447,6 @@ async function processJob(job, services) {
     }
   }
 }
-async function batchRelease(env) {
-  const db = createDb(env.DB);
-  const cache = new CacheService(env.KV);
-  const now = Math.floor(Date.now() / 1e3);
-  const toPublish = await db.query.events.findMany({
-    where: drizzleOrm.and(drizzleOrm.eq(events.status, "queued"), drizzleOrm.lte(events.releaseAt, now)),
-    columns: { id: true, slug: true }
-  });
-  if (toPublish.length === 0) return;
-  const ids = toPublish.map((e) => e.id);
-  await db.update(events).set({ status: "published", publishedAt: drizzleOrm.sql`(unixepoch())` }).where(
-    // Drizzle doesn't have inArray for D1; use raw SQL for batch
-    drizzleOrm.sql`${events.id} IN (${drizzleOrm.sql.join(
-      ids.map((id) => drizzleOrm.sql`${id}`),
-      drizzleOrm.sql`, `
-    )})`
-  );
-  await cache.del("events:list");
-  await cache.del("events:etag");
-  console.log(
-    `[batch-release] Published ${toPublish.length} events:`,
-    toPublish.map((e) => e.slug).join(", ")
-  );
-}
-var LOCK_KEY = "cron:reconcile-slots:lock";
-var LOCK_TTL = 300;
-async function reconcileSlots(env) {
-  const db = createDb(env.DB);
-  const cache = new CacheService(env.KV);
-  const gforms = new GFormsService(env.GFORMS_SERVICE_ACCOUNT_JSON);
-  const slots = new SlotsService(db, cache);
-  const lock = await cache.get(LOCK_KEY);
-  if (lock) {
-    console.log("[reconcile-slots] Lock held, skipping.");
-    return;
-  }
-  await cache.set(LOCK_KEY, "1", LOCK_TTL);
-  try {
-    const publishedEvents = await db.query.events.findMany({
-      where: drizzleOrm.eq(events.status, "published"),
-      columns: { id: true, slug: true, gformsId: true, registeredSlots: true }
-    });
-    const eventsWithForms = publishedEvents.filter((e) => e.gformsId);
-    let corrected = 0;
-    for (const event of eventsWithForms) {
-      try {
-        const googleCount = await gforms.getExactResponseCount(event.gformsId);
-        const localCount = event.registeredSlots;
-        if (googleCount !== localCount) {
-          console.warn(
-            `[reconcile-slots] Drift on "${event.slug}": local=${localCount}, google=${googleCount}`
-          );
-          await slots.correctCount(event.slug, googleCount);
-          corrected++;
-        }
-      } catch (err) {
-        console.error(`[reconcile-slots] Error checking "${event.slug}":`, err);
-      }
-    }
-    console.log(
-      `[reconcile-slots] Checked ${eventsWithForms.length} events, corrected ${corrected}.`
-    );
-  } finally {
-    await cache.del(LOCK_KEY);
-  }
-}
-function parseStartTimestamp(dateTime, startTime) {
-  if (!dateTime) return null;
-  const combined = startTime ? `${dateTime} ${startTime}` : dateTime;
-  const ms = Date.parse(combined);
-  return Number.isNaN(ms) ? null : Math.floor(ms / 1e3);
-}
-async function reminderEmails(env) {
-  if (!env.EMAIL_QUEUE) {
-    console.warn(
-      "[reminder-emails] EMAIL_QUEUE binding not configured, skipping."
-    );
-    return;
-  }
-  const hasSes = !!(env.SES_REGION && env.SES_ACCESS_KEY_ID && env.SES_SECRET_ACCESS_KEY);
-  const hasResend = !!env.RESEND_API_KEY;
-  if (!hasSes && !hasResend) {
-    console.warn(
-      "[reminder-emails] No email providers configured. Skipping reminders."
-    );
-    return;
-  }
-  const db = createDb(env.DB);
-  const now = Math.floor(Date.now() / 1e3);
-  const candidates24h = await db.query.events.findMany({
-    where: drizzleOrm.and(
-      drizzleOrm.eq(events.status, "published"),
-      drizzleOrm.eq(events.reminder24hSent, false)
-    ),
-    columns: {
-      id: true,
-      dateTime: true,
-      startTime: true
-    }
-  });
-  for (const event of candidates24h) {
-    const startsAt = parseStartTimestamp(event.dateTime, event.startTime);
-    if (!startsAt) continue;
-    const hoursUntil = (startsAt - now) / 3600;
-    if (hoursUntil <= 25 && hoursUntil >= 23) {
-      await env.EMAIL_QUEUE.send({
-        type: "send_reminder_email",
-        payload: { eventId: event.id, hoursBeforeEvent: 24 }
-      });
-    }
-  }
-  const candidates1h = await db.query.events.findMany({
-    where: drizzleOrm.and(
-      drizzleOrm.eq(events.status, "published"),
-      drizzleOrm.eq(events.reminder1hSent, false)
-    ),
-    columns: {
-      id: true,
-      dateTime: true,
-      startTime: true
-    }
-  });
-  for (const event of candidates1h) {
-    const startsAt = parseStartTimestamp(event.dateTime, event.startTime);
-    if (!startsAt) continue;
-    const hoursUntil = (startsAt - now) / 3600;
-    if (hoursUntil <= 1.5 && hoursUntil >= 0) {
-      await env.EMAIL_QUEUE.send({
-        type: "send_reminder_email",
-        payload: { eventId: event.id, hoursBeforeEvent: 1 }
-      });
-    }
-  }
-}
-var RENEWAL_WINDOW = 86400;
-async function renewWatches(env) {
-  const db = createDb(env.DB);
-  const gforms = new GFormsService(env.GFORMS_SERVICE_ACCOUNT_JSON);
-  const now = Math.floor(Date.now() / 1e3);
-  const threshold = now + RENEWAL_WINDOW;
-  const expiring = await db.query.events.findMany({
-    where: drizzleOrm.and(
-      drizzleOrm.eq(events.status, "published"),
-      drizzleOrm.lte(events.watchExpiresAt, threshold)
-    ),
-    columns: { id: true, slug: true, gformsId: true, watchId: true, watchExpiresAt: true }
-  });
-  const watchEvents = expiring.filter((e) => e.gformsId && e.watchId);
-  let renewed = 0;
-  for (const event of watchEvents) {
-    try {
-      const result = await gforms.renewWatch(event.gformsId, event.watchId);
-      const newExpiry = Math.floor(new Date(result.expireTime).getTime() / 1e3);
-      await db.update(events).set({ watchExpiresAt: newExpiry }).where(drizzleOrm.eq(events.id, event.id));
-      renewed++;
-      console.log(`[renew-watches] Renewed Watch for "${event.slug}", expires ${result.expireTime}`);
-    } catch (err) {
-      console.error(`[renew-watches] Failed to renew Watch for "${event.slug}":`, err);
-    }
-  }
-  console.log(`[renew-watches] Renewed ${renewed}/${watchEvents.length} watches.`);
-}
 // src/db/migrate.ts
 var PATCH_STATEMENTS = [