@access-dlsu/leapify 0.260601.1 → 0.260602.1

package/dist/index.cjs

@@ -1,6 +1,6 @@
 'use strict';
 
-var chunkX4OB4DZ3_cjs = require('./chunk-X4OB4DZ3.cjs');
+var chunkZV4TIJXI_cjs = require('./chunk-ZV4TIJXI.cjs');
 var chunkQ7SFCCGT_cjs = require('./chunk-Q7SFCCGT.cjs');
 var hono = require('hono');
 var cors = require('hono/cors');
@@ -22,8 +22,6 @@ var LeapifyError = class extends Error {
     this.code = code;
     this.name = "LeapifyError";
   }
-  statusCode;
-  code;
 };
 var unauthorized = (message = "Unauthorized") => new LeapifyError(401, "UNAUTHORIZED", message);
 var domainRestricted = () => new LeapifyError(
@@ -89,6 +87,10 @@ var themes = sqliteCore.sqliteTable("themes", {
   name: sqliteCore.text("name").notNull().unique(),
   path: sqliteCore.text("path").notNull().unique(),
   // e.g. "/pirates-cove"
+  imageUrl: sqliteCore.text("image_url"),
+  descriptionEn: sqliteCore.text("description_en"),
+  descriptionFil: sqliteCore.text("description_fil"),
+  sortOrder: sqliteCore.integer("sort_order").notNull().default(0),
   createdAt: sqliteCore.integer("created_at").notNull().$defaultFn(() => Math.floor(Date.now() / 1e3)),
   updatedAt: sqliteCore.integer("updated_at").notNull().$defaultFn(() => Math.floor(Date.now() / 1e3))
 });
@@ -750,7 +752,6 @@ var CacheService = class {
   constructor(kv) {
     this.kv = kv;
   }
-  kv;
   async get(key) {
     return this.kv.get(key, "json");
   }
@@ -796,8 +797,6 @@ var SlotsService = class {
     this.db = db;
     this.cache = cache;
   }
-  db;
-  cache;
   kvKey(slug) {
     return `${SLOT_KV_PREFIX}${slug}`;
   }
@@ -952,7 +951,10 @@ var GFormsService = class {
       const response = await fetch(url.toString(), {
         headers: { Authorization: `Bearer ${token}` }
       });
-      if (!response.ok) throw new Error(`Forms API error: ${response.status}`);
+      if (!response.ok) {
+        const err = await response.text();
+        throw new Error(`Forms API error: ${response.status} ${err}`);
+      }
       const data = await response.json();
       allResponses.push(...data.responses ?? []);
       pageToken = data.nextPageToken;
@@ -1226,6 +1228,27 @@ classesRoute.get("/:slug/slots", eventsSlotsRateLimit, async (c) => {
   c.header("Cache-Control", "public, max-age=5, stale-while-revalidate=5");
   return c.json({ data: info });
 });
+classesRoute.post("/:slug/reconcile", authMiddleware, adminMiddleware, async (c) => {
+  const { slug } = c.req.param();
+  const db = createDb(c.env.DB);
+  const cache = new CacheService(c.env.KV);
+  const gforms = new GFormsService(c.env.GFORMS_SERVICE_ACCOUNT_JSON);
+  const slots = new SlotsService(db, cache);
+  const event = await db.query.events.findFirst({
+    where: drizzleOrm.eq(events.slug, slug),
+    columns: { gformsId: true }
+  });
+  if (!event) throw notFound("Event");
+  if (!event.gformsId) return c.json({ error: "No gformsId set for this event" }, 400);
+  try {
+    const googleCount = await gforms.getExactResponseCount(event.gformsId);
+    await slots.correctCount(slug, googleCount);
+    return c.json({ data: { registeredSlots: googleCount } });
+  } catch (err) {
+    const message = err?.message ?? "Failed to fetch from Google Forms API";
+    return c.json({ error: { code: "GFORMS_API_ERROR", message } }, 502);
+  }
+});
 classesRoute.post(
   "/",
   authMiddleware,
@@ -1431,7 +1454,7 @@ faqsRoute.get("/", async (c) => {
   const data = await cache.getOrSet(
     FAQS_KV_KEY,
     () => db.query.faqs.findMany({
-      orderBy: (t, { asc }) => [asc(t.sortOrder), asc(t.createdAt)]
+      orderBy: (t, { asc: asc2 }) => [asc2(t.sortOrder), asc2(t.createdAt)]
     }),
     FAQS_TTL
   );
@@ -1533,6 +1556,196 @@ async function verifyGoogSignature(body, signature, secret) {
     return false;
   }
 }
+var LOCK_KEY = "cron:reconcile-slots:lock";
+var LOCK_TTL = 300;
+async function reconcileSlots(env) {
+  const db = createDb(env.DB);
+  const cache = new CacheService(env.KV);
+  const gforms = new GFormsService(env.GFORMS_SERVICE_ACCOUNT_JSON);
+  const slots = new SlotsService(db, cache);
+  const lock = await cache.get(LOCK_KEY);
+  if (lock) {
+    console.log("[reconcile-slots] Lock held, skipping.");
+    return;
+  }
+  await cache.set(LOCK_KEY, "1", LOCK_TTL);
+  try {
+    const publishedEvents = await db.query.events.findMany({
+      where: drizzleOrm.isNotNull(events.gformsId),
+      columns: { id: true, slug: true, gformsId: true, registeredSlots: true }
+    });
+    const eventsWithForms = publishedEvents.filter((e) => e.gformsId);
+    let corrected = 0;
+    for (const event of eventsWithForms) {
+      try {
+        const googleCount = await gforms.getExactResponseCount(event.gformsId);
+        const localCount = event.registeredSlots;
+        if (googleCount !== localCount) {
+          console.warn(
+            `[reconcile-slots] Drift on "${event.slug}": local=${localCount}, google=${googleCount}`
+          );
+          await slots.correctCount(event.slug, googleCount);
+          corrected++;
+        }
+      } catch (err) {
+        console.error(`[reconcile-slots] Error checking "${event.slug}":`, err);
+      }
+    }
+    console.log(
+      `[reconcile-slots] Checked ${eventsWithForms.length} events, corrected ${corrected}.`
+    );
+  } finally {
+    await cache.del(LOCK_KEY);
+  }
+}
+
+// src/routes/internal/reconcile-slots.ts
+var reconcileSlotsRoute = new hono.Hono();
+reconcileSlotsRoute.post("/", internalMiddleware, async (c) => {
+  await reconcileSlots(c.env);
+  return c.json({ ok: true });
+});
+async function batchRelease(env) {
+  const db = createDb(env.DB);
+  const cache = new CacheService(env.KV);
+  const now = Math.floor(Date.now() / 1e3);
+  const toPublish = await db.query.events.findMany({
+    where: drizzleOrm.and(drizzleOrm.eq(events.status, "queued"), drizzleOrm.lte(events.releaseAt, now)),
+    columns: { id: true, slug: true }
+  });
+  if (toPublish.length === 0) return;
+  const ids = toPublish.map((e) => e.id);
+  await db.update(events).set({ status: "published", publishedAt: drizzleOrm.sql`(unixepoch())` }).where(
+    // Drizzle doesn't have inArray for D1; use raw SQL for batch
+    drizzleOrm.sql`${events.id} IN (${drizzleOrm.sql.join(
+      ids.map((id) => drizzleOrm.sql`${id}`),
+      drizzleOrm.sql`, `
+    )})`
+  );
+  await cache.del("events:list");
+  await cache.del("events:etag");
+  console.log(
+    `[batch-release] Published ${toPublish.length} events:`,
+    toPublish.map((e) => e.slug).join(", ")
+  );
+}
+
+// src/routes/internal/batch-release.ts
+var batchReleaseRoute = new hono.Hono();
+batchReleaseRoute.post("/", internalMiddleware, async (c) => {
+  await batchRelease(c.env);
+  return c.json({ ok: true });
+});
+function parseStartTimestamp(dateTime, startTime) {
+  if (!dateTime) return null;
+  const combined = startTime ? `${dateTime} ${startTime}` : dateTime;
+  const ms = Date.parse(combined);
+  return Number.isNaN(ms) ? null : Math.floor(ms / 1e3);
+}
+async function reminderEmails(env) {
+  if (!env.EMAIL_QUEUE) {
+    console.warn(
+      "[reminder-emails] EMAIL_QUEUE binding not configured, skipping."
+    );
+    return;
+  }
+  const hasSes = !!(env.SES_REGION && env.SES_ACCESS_KEY_ID && env.SES_SECRET_ACCESS_KEY);
+  const hasResend = !!env.RESEND_API_KEY;
+  if (!hasSes && !hasResend) {
+    console.warn(
+      "[reminder-emails] No email providers configured. Skipping reminders."
+    );
+    return;
+  }
+  const db = createDb(env.DB);
+  const now = Math.floor(Date.now() / 1e3);
+  const candidates24h = await db.query.events.findMany({
+    where: drizzleOrm.and(
+      drizzleOrm.eq(events.status, "published"),
+      drizzleOrm.eq(events.reminder24hSent, false)
+    ),
+    columns: {
+      id: true,
+      dateTime: true,
+      startTime: true
+    }
+  });
+  for (const event of candidates24h) {
+    const startsAt = parseStartTimestamp(event.dateTime, event.startTime);
+    if (!startsAt) continue;
+    const hoursUntil = (startsAt - now) / 3600;
+    if (hoursUntil <= 25 && hoursUntil >= 23) {
+      await env.EMAIL_QUEUE.send({
+        type: "send_reminder_email",
+        payload: { eventId: event.id, hoursBeforeEvent: 24 }
+      });
+    }
+  }
+  const candidates1h = await db.query.events.findMany({
+    where: drizzleOrm.and(
+      drizzleOrm.eq(events.status, "published"),
+      drizzleOrm.eq(events.reminder1hSent, false)
+    ),
+    columns: {
+      id: true,
+      dateTime: true,
+      startTime: true
+    }
+  });
+  for (const event of candidates1h) {
+    const startsAt = parseStartTimestamp(event.dateTime, event.startTime);
+    if (!startsAt) continue;
+    const hoursUntil = (startsAt - now) / 3600;
+    if (hoursUntil <= 1.5 && hoursUntil >= 0) {
+      await env.EMAIL_QUEUE.send({
+        type: "send_reminder_email",
+        payload: { eventId: event.id, hoursBeforeEvent: 1 }
+      });
+    }
+  }
+}
+
+// src/routes/internal/reminder-emails.ts
+var reminderEmailsRoute = new hono.Hono();
+reminderEmailsRoute.post("/", internalMiddleware, async (c) => {
+  await reminderEmails(c.env);
+  return c.json({ ok: true });
+});
+var RENEWAL_WINDOW = 86400;
+async function renewWatches(env) {
+  const db = createDb(env.DB);
+  const gforms = new GFormsService(env.GFORMS_SERVICE_ACCOUNT_JSON);
+  const now = Math.floor(Date.now() / 1e3);
+  const threshold = now + RENEWAL_WINDOW;
+  const expiring = await db.query.events.findMany({
+    where: drizzleOrm.and(
+      drizzleOrm.eq(events.status, "published"),
+      drizzleOrm.lte(events.watchExpiresAt, threshold)
+    ),
+    columns: { id: true, slug: true, gformsId: true, watchId: true, watchExpiresAt: true }
+  });
+  const watchEvents = expiring.filter((e) => e.gformsId && e.watchId);
+  let renewed = 0;
+  for (const event of watchEvents) {
+    try {
+      const result = await gforms.renewWatch(event.gformsId, event.watchId);
+      const newExpiry = Math.floor(new Date(result.expireTime).getTime() / 1e3);
+      await db.update(events).set({ watchExpiresAt: newExpiry }).where(drizzleOrm.eq(events.id, event.id));
+      renewed++;
+      console.log(`[renew-watches] Renewed Watch for "${event.slug}", expires ${result.expireTime}`);
+    } catch (err) {
+      console.error(`[renew-watches] Failed to renew Watch for "${event.slug}":`, err);
+    }
+  }
+  console.log(`[renew-watches] Renewed ${renewed}/${watchEvents.length} watches.`);
+}
+
+// src/routes/internal/renew-watches.ts
+var renewWatchesRoute = new hono.Hono();
+renewWatchesRoute.post("/", internalMiddleware, async (c) => {
+  await renewWatches(c.env);
+  return c.json({ ok: true });
+});
 var ALLOWED_MIME_TYPES = /* @__PURE__ */ new Set([
   "image/jpeg",
   "image/png",
@@ -1632,14 +1845,27 @@ function extensionFromMime(mime) {
   };
   return map[mime] ?? "bin";
 }
+function generatePath(name) {
+  return name.toLowerCase().trim().replace(/[^\w\s-]/g, "").replace(/[\s_-]+/g, "-").replace(/^-+|-+$/g, "");
+}
 var createThemeSchema = zod.z.object({
   name: zod.z.string().min(1),
-  path: zod.z.string().min(1)
+  imageUrl: zod.z.string().url().nullable().optional(),
+  descriptionEn: zod.z.string().nullable().optional(),
+  descriptionFil: zod.z.string().nullable().optional(),
+  sortOrder: zod.z.number().int().default(0)
+});
+zod.z.object({
+  name: zod.z.string().min(1).optional(),
+  imageUrl: zod.z.string().url().nullable().optional(),
+  descriptionEn: zod.z.string().nullable().optional(),
+  descriptionFil: zod.z.string().nullable().optional(),
+  sortOrder: zod.z.number().int().optional()
 });
 var themesRoute = new hono.Hono();
 themesRoute.get("/", async (c) => {
   const db = createDb(c.env.DB);
-  const data = await db.select().from(themes);
+  const data = await db.select().from(themes).orderBy(drizzleOrm.asc(themes.sortOrder), drizzleOrm.asc(themes.createdAt));
   return c.json({ data });
 });
 themesRoute.post(
@@ -1650,8 +1876,9 @@ themesRoute.post(
   async (c) => {
     const body = c.req.valid("json");
     const db = createDb(c.env.DB);
+    const path = generatePath(body.name);
     try {
-      const [created] = await db.insert(themes).values(body).returning();
+      const [created] = await db.insert(themes).values({ ...body, path }).returning();
       return c.json({ data: created }, 201);
     } catch (err) {
       if (err.message && err.message.includes("UNIQUE constraint failed")) {
@@ -1669,8 +1896,12 @@ themesRoute.patch(
     const { id } = c.req.param();
     const body = await c.req.json();
     const db = createDb(c.env.DB);
+    const update = { ...body };
+    if (body.name) {
+      update.path = generatePath(body.name);
+    }
     try {
-      const [updated] = await db.update(themes).set(body).where(drizzleOrm.eq(themes.id, id)).returning();
+      const [updated] = await db.update(themes).set(update).where(drizzleOrm.eq(themes.id, id)).returning();
       if (!updated) throw notFound("Theme");
       return c.json({ data: updated });
     } catch (err) {
@@ -1758,7 +1989,7 @@ function createApp(options = {}) {
     });
   }
   app.use("*", createCorsMiddleware(options.allowedOrigins ?? ["*"]));
-  app.use("*", chunkX4OB4DZ3_cjs.createTurnstileMiddleware());
+  app.use("*", chunkZV4TIJXI_cjs.createTurnstileMiddleware());
   app.use("*", createRefererGuard(options.allowedOrigins ?? ["*"]));
   app.on(["POST", "GET"], "/api/auth/*", (c) => {
     const auth = createAuth(c.env);
@@ -1789,7 +2020,7 @@ function createApp(options = {}) {
     }
     return next();
   });
-  app.post(chunkX4OB4DZ3_cjs.TURNSTILE_VERIFY_PATH, chunkX4OB4DZ3_cjs.handleTurnstileVerify);
+  app.post(chunkZV4TIJXI_cjs.TURNSTILE_VERIFY_PATH, chunkZV4TIJXI_cjs.handleTurnstileVerify);
   app.route("/health", healthRoute);
   app.route("/api/config", siteConfigRoute);
   app.route("/api/classes", classesRoute);
@@ -1799,6 +2030,10 @@ function createApp(options = {}) {
   app.route("/api/faqs", faqsRoute);
   app.route("/api/uploads", uploadsRoute);
   app.route("/internal/gforms-webhook", gformsWebhookRoute);
+  app.route("/internal/reconcile-slots", reconcileSlotsRoute);
+  app.route("/internal/batch-release", batchReleaseRoute);
+  app.route("/internal/reminder-emails", reminderEmailsRoute);
+  app.route("/internal/renew-watches", renewWatchesRoute);
   app.onError(errorHandler);
   app.notFound(
     (c) => c.json({ error: { code: "NOT_FOUND", message: "Route not found" } }, 404)
@@ -1904,7 +2139,6 @@ var SesError = class extends Error {
     this.status = status;
     this.name = "SesError";
   }
-  status;
   /**
    * True for errors that are permanent (not worth retrying via SES again).
    * 400 BadRequest, 403 Forbidden, 404 NotFound → non-retryable.
@@ -2229,168 +2463,6 @@ async function processJob(job, services) {
     }
   }
 }
-async function batchRelease(env) {
-  const db = createDb(env.DB);
-  const cache = new CacheService(env.KV);
-  const now = Math.floor(Date.now() / 1e3);
-  const toPublish = await db.query.events.findMany({
-    where: drizzleOrm.and(drizzleOrm.eq(events.status, "queued"), drizzleOrm.lte(events.releaseAt, now)),
-    columns: { id: true, slug: true }
-  });
-  if (toPublish.length === 0) return;
-  const ids = toPublish.map((e) => e.id);
-  await db.update(events).set({ status: "published", publishedAt: drizzleOrm.sql`(unixepoch())` }).where(
-    // Drizzle doesn't have inArray for D1; use raw SQL for batch
-    drizzleOrm.sql`${events.id} IN (${drizzleOrm.sql.join(
-      ids.map((id) => drizzleOrm.sql`${id}`),
-      drizzleOrm.sql`, `
-    )})`
-  );
-  await cache.del("events:list");
-  await cache.del("events:etag");
-  console.log(
-    `[batch-release] Published ${toPublish.length} events:`,
-    toPublish.map((e) => e.slug).join(", ")
-  );
-}
-var LOCK_KEY = "cron:reconcile-slots:lock";
-var LOCK_TTL = 300;
-async function reconcileSlots(env) {
-  const db = createDb(env.DB);
-  const cache = new CacheService(env.KV);
-  const gforms = new GFormsService(env.GFORMS_SERVICE_ACCOUNT_JSON);
-  const slots = new SlotsService(db, cache);
-  const lock = await cache.get(LOCK_KEY);
-  if (lock) {
-    console.log("[reconcile-slots] Lock held, skipping.");
-    return;
-  }
-  await cache.set(LOCK_KEY, "1", LOCK_TTL);
-  try {
-    const publishedEvents = await db.query.events.findMany({
-      where: drizzleOrm.eq(events.status, "published"),
-      columns: { id: true, slug: true, gformsId: true, registeredSlots: true }
-    });
-    const eventsWithForms = publishedEvents.filter((e) => e.gformsId);
-    let corrected = 0;
-    for (const event of eventsWithForms) {
-      try {
-        const googleCount = await gforms.getExactResponseCount(event.gformsId);
-        const localCount = event.registeredSlots;
-        if (googleCount !== localCount) {
-          console.warn(
-            `[reconcile-slots] Drift on "${event.slug}": local=${localCount}, google=${googleCount}`
-          );
-          await slots.correctCount(event.slug, googleCount);
-          corrected++;
-        }
-      } catch (err) {
-        console.error(`[reconcile-slots] Error checking "${event.slug}":`, err);
-      }
-    }
-    console.log(
-      `[reconcile-slots] Checked ${eventsWithForms.length} events, corrected ${corrected}.`
-    );
-  } finally {
-    await cache.del(LOCK_KEY);
-  }
-}
-function parseStartTimestamp(dateTime, startTime) {
-  if (!dateTime) return null;
-  const combined = startTime ? `${dateTime} ${startTime}` : dateTime;
-  const ms = Date.parse(combined);
-  return Number.isNaN(ms) ? null : Math.floor(ms / 1e3);
-}
-async function reminderEmails(env) {
-  if (!env.EMAIL_QUEUE) {
-    console.warn(
-      "[reminder-emails] EMAIL_QUEUE binding not configured, skipping."
-    );
-    return;
-  }
-  const hasSes = !!(env.SES_REGION && env.SES_ACCESS_KEY_ID && env.SES_SECRET_ACCESS_KEY);
-  const hasResend = !!env.RESEND_API_KEY;
-  if (!hasSes && !hasResend) {
-    console.warn(
-      "[reminder-emails] No email providers configured. Skipping reminders."
-    );
-    return;
-  }
-  const db = createDb(env.DB);
-  const now = Math.floor(Date.now() / 1e3);
-  const candidates24h = await db.query.events.findMany({
-    where: drizzleOrm.and(
-      drizzleOrm.eq(events.status, "published"),
-      drizzleOrm.eq(events.reminder24hSent, false)
-    ),
-    columns: {
-      id: true,
-      dateTime: true,
-      startTime: true
-    }
-  });
-  for (const event of candidates24h) {
-    const startsAt = parseStartTimestamp(event.dateTime, event.startTime);
-    if (!startsAt) continue;
-    const hoursUntil = (startsAt - now) / 3600;
-    if (hoursUntil <= 25 && hoursUntil >= 23) {
-      await env.EMAIL_QUEUE.send({
-        type: "send_reminder_email",
-        payload: { eventId: event.id, hoursBeforeEvent: 24 }
-      });
-    }
-  }
-  const candidates1h = await db.query.events.findMany({
-    where: drizzleOrm.and(
-      drizzleOrm.eq(events.status, "published"),
-      drizzleOrm.eq(events.reminder1hSent, false)
-    ),
-    columns: {
-      id: true,
-      dateTime: true,
-      startTime: true
-    }
-  });
-  for (const event of candidates1h) {
-    const startsAt = parseStartTimestamp(event.dateTime, event.startTime);
-    if (!startsAt) continue;
-    const hoursUntil = (startsAt - now) / 3600;
-    if (hoursUntil <= 1.5 && hoursUntil >= 0) {
-      await env.EMAIL_QUEUE.send({
-        type: "send_reminder_email",
-        payload: { eventId: event.id, hoursBeforeEvent: 1 }
-      });
-    }
-  }
-}
-var RENEWAL_WINDOW = 86400;
-async function renewWatches(env) {
-  const db = createDb(env.DB);
-  const gforms = new GFormsService(env.GFORMS_SERVICE_ACCOUNT_JSON);
-  const now = Math.floor(Date.now() / 1e3);
-  const threshold = now + RENEWAL_WINDOW;
-  const expiring = await db.query.events.findMany({
-    where: drizzleOrm.and(
-      drizzleOrm.eq(events.status, "published"),
-      drizzleOrm.lte(events.watchExpiresAt, threshold)
-    ),
-    columns: { id: true, slug: true, gformsId: true, watchId: true, watchExpiresAt: true }
-  });
-  const watchEvents = expiring.filter((e) => e.gformsId && e.watchId);
-  let renewed = 0;
-  for (const event of watchEvents) {
-    try {
-      const result = await gforms.renewWatch(event.gformsId, event.watchId);
-      const newExpiry = Math.floor(new Date(result.expireTime).getTime() / 1e3);
-      await db.update(events).set({ watchExpiresAt: newExpiry }).where(drizzleOrm.eq(events.id, event.id));
-      renewed++;
-      console.log(`[renew-watches] Renewed Watch for "${event.slug}", expires ${result.expireTime}`);
-    } catch (err) {
-      console.error(`[renew-watches] Failed to renew Watch for "${event.slug}":`, err);
-    }
-  }
-  console.log(`[renew-watches] Renewed ${renewed}/${watchEvents.length} watches.`);
-}
 
 // src/db/migrate.ts
 var PATCH_STATEMENTS = [
@@ -2597,7 +2669,7 @@ function defaultGetRuntimeConfig(env) {
   };
 }
 function injectConfig(html, config) {
-  const configScript = `<script>window.__CONFIG__=${JSON.stringify(config)};</script>`;
+  const configScript = `<script>window.__CONFIG__=${JSON.stringify(config)};<\/script>`;
   return html.replace("</head>", `${configScript}</head>`);
 }
 function createWorkerHandler(options) {
@@ -2719,7 +2791,7 @@ function getRuntimeConfig(env) {
   };
 }
 function injectConfig2(html, config) {
-  const configScript = `<script>window.__CONFIG__=${JSON.stringify(config)};</script>`;
+  const configScript = `<script>window.__CONFIG__=${JSON.stringify(config)};<\/script>`;
   return html.replace("</head>", `${configScript}</head>`);
 }