@blawness/admin-kit 0.2.0

package/dist/screens/media/actions.js

@@ -0,0 +1,32 @@
+"use server";
+import { revalidatePath } from "next/cache";
+import { requireUser } from "../../lib/auth-helpers";
+import { uploadImage } from "../../lib/r2";
+import { db } from "../../db/index";
+import { media } from "../../db/schema";
+const MAX_BYTES = 8 * 1024 * 1024;
+const OK_TYPES = ["image/jpeg", "image/png", "image/webp", "image/gif"];
+export async function uploadImageAction(formData) {
+    await requireUser();
+    const file = formData.get("file");
+    if (!(file instanceof File))
+        return { error: "Tidak ada berkas." };
+    if (!OK_TYPES.includes(file.type))
+        return { error: "Format gambar tidak didukung." };
+    if (file.size > MAX_BYTES)
+        return { error: "Ukuran gambar maksimal 8MB." };
+    const buf = Buffer.from(await file.arrayBuffer());
+    const keyBase = `uploads/${Date.now()}-${Math.random().toString(36).slice(2, 8)}`;
+    let url;
+    try {
+        // sharp (inside uploadImage) throws on data that isn't really an image,
+        // e.g. a non-image file sent with a spoofed image MIME type.
+        ({ url } = await uploadImage(buf, keyBase));
+    }
+    catch {
+        return { error: "Gambar gagal diproses. Pastikan berkas benar-benar gambar." };
+    }
+    await db.insert(media).values({ url, altText: file.name });
+    revalidatePath("/admin/media");
+    return { url };
+}

package/dist/screens/media/lib.d.ts

@@ -0,0 +1,9 @@
+/**
+ * Generic delete-media logic, extracted from the server action so that the
+ * consuming app can inject its own reference checker (posts, banners, etc.).
+ *
+ * @param formData - FormData containing "id" field
+ * @param referenceChecker - async fn that returns the count of references to the given URL
+ */
+export declare function handleDeleteMedia(formData: FormData, referenceChecker: (url: string) => Promise<number>): Promise<void>;
+//# sourceMappingURL=lib.d.ts.map

package/dist/screens/media/lib.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"lib.d.ts","sourceRoot":"","sources":["../../../src/screens/media/lib.ts"],"names":[],"mappings":"AAMA;;;;;;GAMG;AACH,wBAAsB,iBAAiB,CACrC,QAAQ,EAAE,QAAQ,EAClB,gBAAgB,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,GACjD,OAAO,CAAC,IAAI,CAAC,CAsBf"}

package/dist/screens/media/lib.js

@@ -0,0 +1,30 @@
+import { redirect } from "next/navigation";
+import { requireUser } from "../../lib/auth-helpers";
+import { deleteObjectByUrl } from "../../lib/r2";
+import { getMediaById, deleteMediaRow } from "../../lib/admin/media";
+import { revalidatePath } from "next/cache";
+/**
+ * Generic delete-media logic, extracted from the server action so that the
+ * consuming app can inject its own reference checker (posts, banners, etc.).
+ *
+ * @param formData - FormData containing "id" field
+ * @param referenceChecker - async fn that returns the count of references to the given URL
+ */
+export async function handleDeleteMedia(formData, referenceChecker) {
+    await requireUser();
+    const id = Number(formData.get("id"));
+    if (!id)
+        return;
+    const row = await getMediaById(id);
+    if (!row)
+        return;
+    const refs = await referenceChecker(row.url);
+    if (refs > 0) {
+        redirect(`/admin/media?error=${encodeURIComponent(`Gambar masih dipakai oleh ${refs} konten. Lepas dulu dari berita/banner sebelum menghapus.`)}`);
+    }
+    // Hapus objek R2 lebih dulu; bila gagal, biarkan melempar agar row DB tetap
+    // ada dan operasi bisa diulang (hindari row hilang tapi objek menggantung).
+    await deleteObjectByUrl(row.url);
+    await deleteMediaRow(id);
+    revalidatePath("/admin/media");
+}

package/dist/screens/media/page.d.ts

@@ -0,0 +1,8 @@
+export declare const dynamic = "force-dynamic";
+export default function MediaLibraryScreen({ deleteAction, searchParams, }: {
+    deleteAction: (fd: FormData) => Promise<void>;
+    searchParams: Promise<{
+        error?: string;
+    }>;
+}): Promise<import("react").JSX.Element>;
+//# sourceMappingURL=page.d.ts.map

package/dist/screens/media/page.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"page.d.ts","sourceRoot":"","sources":["../../../src/screens/media/page.tsx"],"names":[],"mappings":"AAMA,eAAO,MAAM,OAAO,kBAAkB,CAAC;AAEvC,wBAA8B,kBAAkB,CAAC,EAC/C,YAAY,EACZ,YAAY,GACb,EAAE;IACD,YAAY,EAAE,CAAC,EAAE,EAAE,QAAQ,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAC9C,YAAY,EAAE,OAAO,CAAC;QAAE,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;CAC3C,wCAmEA"}

package/dist/screens/media/page.js

@@ -0,0 +1,13 @@
+import { jsx as _jsx, jsxs as _jsxs } from "react/jsx-runtime";
+import { listMedia } from "../../lib/admin/media";
+import { requireUser } from "../../lib/auth-helpers";
+import { ConfirmDelete } from "../../components/confirm-delete";
+import { GalleryUploader } from "./uploader";
+import { Trash2, ImageOff, AlertCircle } from "lucide-react";
+export const dynamic = "force-dynamic";
+export default async function MediaLibraryScreen({ deleteAction, searchParams, }) {
+    await requireUser();
+    const items = await listMedia();
+    const { error } = await searchParams;
+    return (_jsxs("div", { className: "max-w-5xl", children: [_jsxs("div", { className: "mb-6", children: [_jsx("h1", { className: "font-heading text-2xl font-bold text-navy-900", children: "Galeri" }), _jsxs("p", { className: "mt-1 text-sm text-muted-foreground", children: [items.length, " gambar tersimpan"] })] }), error && (_jsxs("p", { className: "mb-4 flex items-center gap-1.5 rounded-md bg-red-50 px-3 py-2 text-sm text-red-600 ring-1 ring-red-100", role: "alert", children: [_jsx(AlertCircle, { className: "h-4 w-4 shrink-0" }), error] })), _jsx(GalleryUploader, {}), items.length === 0 ? (_jsxs("div", { className: "mt-6 flex flex-col items-center justify-center rounded-xl border border-dashed border-navy-200 bg-white py-16 text-center", children: [_jsx(ImageOff, { className: "h-8 w-8 text-navy-300" }), _jsx("p", { className: "mt-3 text-sm font-medium text-navy-700", children: "Belum ada gambar" }), _jsx("p", { className: "text-xs text-muted-foreground", children: "Unggah gambar pertama lewat kotak di atas." })] })) : (_jsx("div", { className: "mt-6 grid grid-cols-2 gap-4 sm:grid-cols-3 lg:grid-cols-4", children: items.map((m) => (_jsxs("div", { className: "group relative overflow-hidden rounded-xl border border-navy-100 bg-white shadow-sm", children: [_jsx("img", { src: m.url, alt: m.altText ?? "", className: "aspect-square w-full object-cover transition-transform duration-300 group-hover:scale-105" }), _jsx("div", { className: "absolute right-2 top-2", children: _jsx(ConfirmDelete, { action: deleteAction, id: m.id, title: "Hapus gambar?", description: "Gambar akan dihapus permanen dari media.", trigger: _jsx("button", { type: "button", "aria-label": "Hapus gambar", className: "flex h-8 w-8 items-center justify-center rounded-full bg-white/90 text-navy-600 opacity-100 shadow-sm ring-1 ring-navy-100 backdrop-blur transition-all hover:bg-red-50 hover:text-red-600 sm:opacity-0 sm:group-hover:opacity-100", children: _jsx(Trash2, { className: "h-4 w-4" }) }) }) })] }, m.id))) }))] }));
+}

package/dist/screens/media/uploader.d.ts

@@ -0,0 +1,2 @@
+export declare function GalleryUploader(): import("react").JSX.Element;
+//# sourceMappingURL=uploader.d.ts.map

package/dist/screens/media/uploader.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"uploader.d.ts","sourceRoot":"","sources":["../../../src/screens/media/uploader.tsx"],"names":[],"mappings":"AAOA,wBAAgB,eAAe,gCAW9B"}

package/dist/screens/media/uploader.js

@@ -0,0 +1,10 @@
+"use client";
+import { jsx as _jsx, jsxs as _jsxs } from "react/jsx-runtime";
+import { useRouter } from "next/navigation";
+import { Images } from "lucide-react";
+import { ImageUpload } from "../../components/admin/image-upload";
+import { uploadImageAction } from "./actions";
+export function GalleryUploader() {
+    const router = useRouter();
+    return (_jsxs("div", { className: "max-w-xl rounded-xl border border-navy-100 bg-white p-5 shadow-sm", children: [_jsxs("div", { className: "mb-3 flex items-center gap-2", children: [_jsx(Images, { className: "h-4 w-4 text-brand-600" }), _jsx("p", { className: "text-sm font-semibold text-navy-900", children: "Tambah gambar ke galeri" })] }), _jsx(ImageUpload, { uploadAction: uploadImageAction, onChange: () => router.refresh() })] }));
+}

package/dist/screens/users/actions.d.ts

@@ -0,0 +1,5 @@
+export declare function createUserAction(formData: FormData): Promise<void>;
+export declare function resetPasswordAction(formData: FormData): Promise<void>;
+export declare function setRoleAction(formData: FormData): Promise<void>;
+export declare function deleteUserAction(formData: FormData): Promise<void>;
+//# sourceMappingURL=actions.d.ts.map

package/dist/screens/users/actions.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"actions.d.ts","sourceRoot":"","sources":["../../../src/screens/users/actions.ts"],"names":[],"mappings":"AAgBA,wBAAsB,gBAAgB,CAAC,QAAQ,EAAE,QAAQ,iBAqBxD;AAED,wBAAsB,mBAAmB,CAAC,QAAQ,EAAE,QAAQ,iBAO3D;AAED,wBAAsB,aAAa,CAAC,QAAQ,EAAE,QAAQ,iBAOrD;AAED,wBAAsB,gBAAgB,CAAC,QAAQ,EAAE,QAAQ,iBAaxD"}

package/dist/screens/users/actions.js

@@ -0,0 +1,70 @@
+"use server";
+import { revalidatePath } from "next/cache";
+import { redirect } from "next/navigation";
+import { z } from "zod";
+import { requireAdmin } from "../../lib/auth-helpers";
+import { isUniqueViolation, isForeignKeyViolation } from "../../lib/db-errors";
+import { createUser, updateUserPassword, updateUserRole, deleteUser } from "../../lib/admin/users";
+const createSchema = z.object({
+    email: z.string().email(),
+    name: z.string().min(1),
+    password: z.string().min(8),
+    role: z.enum(["admin", "editor"]),
+});
+export async function createUserAction(formData) {
+    await requireAdmin();
+    const parsed = createSchema.safeParse({
+        email: formData.get("email"),
+        name: formData.get("name"),
+        password: formData.get("password"),
+        role: formData.get("role"),
+    });
+    if (!parsed.success) {
+        redirect("/admin/users?error=Data+tidak+valid+(email+benar,+password+min+8+karakter)");
+    }
+    const { email, name, password, role } = parsed.data;
+    try {
+        await createUser(email, name, password, role);
+    }
+    catch (e) {
+        if (isUniqueViolation(e)) {
+            redirect("/admin/users?error=Email+sudah+terdaftar");
+        }
+        throw e;
+    }
+    revalidatePath("/admin/users");
+}
+export async function resetPasswordAction(formData) {
+    await requireAdmin();
+    const id = Number(formData.get("id"));
+    const password = String(formData.get("password") ?? "");
+    if (!id || password.length < 8)
+        return;
+    await updateUserPassword(id, password);
+    revalidatePath("/admin/users");
+}
+export async function setRoleAction(formData) {
+    await requireAdmin();
+    const id = Number(formData.get("id"));
+    const role = String(formData.get("role") ?? "");
+    if (!id || (role !== "admin" && role !== "editor"))
+        return;
+    await updateUserRole(id, role);
+    revalidatePath("/admin/users");
+}
+export async function deleteUserAction(formData) {
+    const session = await requireAdmin();
+    const id = Number(formData.get("id"));
+    if (!id || id === Number(session.user.id))
+        return; // never delete yourself / invalid id
+    try {
+        await deleteUser(id);
+    }
+    catch (e) {
+        if (isForeignKeyViolation(e)) {
+            redirect("/admin/users?error=User+ini+masih+menjadi+penulis+berita");
+        }
+        throw e;
+    }
+    revalidatePath("/admin/users");
+}

package/dist/screens/users/page.d.ts

@@ -0,0 +1,7 @@
+export declare const dynamic = "force-dynamic";
+export default function UsersScreen({ searchParams, }: {
+    searchParams: Promise<{
+        error?: string;
+    }>;
+}): Promise<import("react").JSX.Element>;
+//# sourceMappingURL=page.d.ts.map

package/dist/screens/users/page.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"page.d.ts","sourceRoot":"","sources":["../../../src/screens/users/page.tsx"],"names":[],"mappings":"AAQA,eAAO,MAAM,OAAO,kBAAkB,CAAC;AAKvC,wBAA8B,WAAW,CAAC,EACxC,YAAY,GACb,EAAE;IACD,YAAY,EAAE,OAAO,CAAC;QAAE,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;CAC3C,wCA8GA"}

package/dist/screens/users/page.js

@@ -0,0 +1,22 @@
+import { jsx as _jsx, jsxs as _jsxs, Fragment as _Fragment } from "react/jsx-runtime";
+import { requireAdmin } from "../../lib/auth-helpers";
+import { listUsers } from "../../lib/admin/users";
+import { Button } from "../../components/ui/button";
+import { Input } from "../../components/ui/input";
+import { ConfirmDelete } from "../../components/confirm-delete";
+import { createUserAction, resetPasswordAction, setRoleAction, deleteUserAction } from "./actions";
+import { UserPlus, KeyRound, AlertCircle } from "lucide-react";
+export const dynamic = "force-dynamic";
+const selectClass = "h-9 rounded-md border border-navy-200 bg-white px-2.5 text-sm text-navy-900 outline-none transition-colors focus:border-brand-400 focus:ring-2 focus:ring-brand-100";
+export default async function UsersScreen({ searchParams, }) {
+    const session = await requireAdmin();
+    const rows = await listUsers();
+    const { error } = await searchParams;
+    return (_jsxs("div", { className: "max-w-3xl", children: [_jsx("h1", { className: "font-heading text-2xl font-bold text-navy-900", children: "User" }), _jsxs("p", { className: "mt-1 text-sm text-muted-foreground", children: [rows.length, " akun"] }), error && (_jsxs("p", { className: "mt-4 flex items-center gap-1.5 rounded-md bg-red-50 px-3 py-2 text-sm text-red-600 ring-1 ring-red-100", role: "alert", children: [_jsx(AlertCircle, { className: "h-4 w-4 shrink-0" }), error] })), _jsxs("form", { action: createUserAction, className: "mt-6 grid grid-cols-1 gap-2.5 rounded-xl border border-navy-100 bg-white p-5 shadow-sm sm:grid-cols-2", children: [_jsxs("p", { className: "flex items-center gap-2 text-sm font-semibold text-navy-900 sm:col-span-2", children: [_jsx(UserPlus, { className: "h-4 w-4 text-brand-600" }), "Tambah user baru"] }), _jsx(Input, { name: "name", placeholder: "Nama", required: true }), _jsx(Input, { name: "email", type: "email", placeholder: "Email", required: true }), _jsx(Input, { name: "password", type: "password", placeholder: "Password (min 8)", required: true }), _jsxs("select", { name: "role", className: selectClass, children: [_jsx("option", { value: "editor", children: "Editor" }), _jsx("option", { value: "admin", children: "Admin" })] }), _jsxs(Button, { type: "submit", className: "sm:col-span-2", children: [_jsx(UserPlus, { className: "h-4 w-4" }), "Tambah User"] })] }), _jsx("ul", { className: "mt-6 divide-y divide-navy-50 overflow-hidden rounded-xl border border-navy-100 bg-white shadow-sm", children: rows.map((u) => {
+                    const isSelf = u.id === Number(session.user.id);
+                    const isAdmin = (u.role ?? "editor") === "admin";
+                    return (_jsxs("li", { className: "space-y-3 p-4", children: [_jsxs("div", { className: "flex items-center justify-between gap-3", children: [_jsxs("div", { className: "flex min-w-0 items-center gap-3", children: [_jsx("span", { className: "flex h-9 w-9 shrink-0 items-center justify-center rounded-full bg-navy-100 text-sm font-semibold uppercase text-navy-700", children: u.name?.[0] ?? u.email[0] }), _jsxs("div", { className: "min-w-0", children: [_jsxs("p", { className: "flex items-center gap-2 font-medium text-navy-900", children: [_jsx("span", { className: "truncate", children: u.name }), isSelf && (_jsx("span", { className: "rounded bg-navy-100 px-1.5 py-0.5 text-[10px] font-medium text-navy-500", children: "Anda" }))] }), _jsx("p", { className: "truncate text-xs text-muted-foreground", children: u.email })] })] }), _jsx("span", { className: `shrink-0 rounded-full px-2.5 py-0.5 text-xs font-semibold capitalize ring-1 ${isAdmin
+                                            ? "bg-gold-100 text-gold-700 ring-gold-200"
+                                            : "bg-brand-50 text-brand-700 ring-brand-100"}`, children: u.role ?? "editor" })] }), _jsxs("div", { className: "flex flex-wrap items-center gap-2 border-t border-navy-50 pt-3", children: [_jsxs("form", { action: setRoleAction, className: "flex items-center gap-2", children: [_jsx("input", { type: "hidden", name: "id", value: u.id }), _jsxs("select", { name: "role", defaultValue: u.role ?? "editor", className: "h-8 rounded-md border border-navy-200 bg-white px-2 text-xs", children: [_jsx("option", { value: "editor", children: "Editor" }), _jsx("option", { value: "admin", children: "Admin" })] }), _jsx(Button, { size: "sm", variant: "outline", type: "submit", children: "Set Role" })] }), _jsxs("form", { action: resetPasswordAction, className: "flex items-center gap-2", children: [_jsx("input", { type: "hidden", name: "id", value: u.id }), _jsx(Input, { name: "password", type: "password", placeholder: "Password baru", className: "h-8 w-36" }), _jsxs(Button, { size: "sm", variant: "outline", type: "submit", children: [_jsx(KeyRound, { className: "h-3.5 w-3.5" }), "Reset"] })] }), !isSelf && (_jsx("div", { className: "ml-auto", children: _jsx(ConfirmDelete, { action: deleteUserAction, id: u.id, title: "Hapus user?", description: _jsxs(_Fragment, { children: ["User ", _jsx("span", { className: "font-medium text-navy-900", children: u.email }), " akan dihapus."] }) }) }))] })] }, u.id));
+                }) })] }));
+}

package/dist/shell/actions.d.ts

@@ -0,0 +1,2 @@
+export declare function signOutAction(): Promise<void>;
+//# sourceMappingURL=actions.d.ts.map

package/dist/shell/actions.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"actions.d.ts","sourceRoot":"","sources":["../../src/shell/actions.ts"],"names":[],"mappings":"AAGA,wBAAsB,aAAa,kBAElC"}

package/dist/shell/actions.js

@@ -0,0 +1,5 @@
+"use server";
+import { signOut } from "../auth/index";
+export async function signOutAction() {
+    await signOut({ redirectTo: "/admin/login" });
+}

package/dist/shell/layout.d.ts

@@ -0,0 +1,9 @@
+import type { ReactNode } from "react";
+import { type NavItem } from "./sidebar";
+export declare function AdminLayout({ navItems, children, logoSrc, brandName, }: {
+    navItems: NavItem[];
+    children: ReactNode;
+    logoSrc?: string;
+    brandName?: string;
+}): Promise<import("react").JSX.Element>;
+//# sourceMappingURL=layout.d.ts.map

package/dist/shell/layout.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"layout.d.ts","sourceRoot":"","sources":["../../src/shell/layout.tsx"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AAGvC,OAAO,EAAgB,KAAK,OAAO,EAAE,MAAM,WAAW,CAAC;AAEvD,wBAAsB,WAAW,CAAC,EAChC,QAAQ,EACR,QAAQ,EACR,OAAO,EACP,SAAS,GACV,EAAE;IACD,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,QAAQ,EAAE,SAAS,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,wCA+BA"}

package/dist/shell/layout.js

@@ -0,0 +1,15 @@
+import { Fragment as _Fragment, jsx as _jsx, jsxs as _jsxs } from "react/jsx-runtime";
+import { auth } from "../auth/index";
+import { Toaster } from "sonner";
+import { AdminSidebar } from "./sidebar";
+export async function AdminLayout({ navItems, children, logoSrc, brandName, }) {
+    const session = await auth();
+    // The only unauthenticated route reachable here is /admin/login: the proxy
+    // redirects every other /admin/* to login, and each admin page additionally
+    // calls requireUser()/requireAdmin() before touching data.
+    // So rendering bare children here (no shell) cannot leak protected content.
+    if (!session?.user) {
+        return _jsx(_Fragment, { children: children });
+    }
+    return (_jsxs("div", { className: "flex min-h-screen bg-navy-50/60", children: [_jsx(AdminSidebar, { role: session.user.role, navItems: navItems, logoSrc: logoSrc, brandName: brandName }), _jsxs("div", { className: "flex min-w-0 flex-1 flex-col", children: [_jsxs("header", { className: "sticky top-0 z-10 flex h-16 items-center justify-between border-b border-navy-100 bg-white/80 px-6 backdrop-blur-sm", children: [_jsx("span", { className: "text-sm font-medium text-navy-500", children: "Panel Admin" }), _jsxs("div", { className: "flex items-center gap-2.5", children: [_jsx("span", { className: "hidden text-sm text-navy-600 sm:inline", children: session.user.email }), _jsx("span", { className: "inline-flex items-center rounded-full bg-brand-50 px-2.5 py-1 text-xs font-semibold capitalize text-brand-700 ring-1 ring-brand-100", children: session.user.role })] })] }), _jsx("main", { className: "flex-1 p-6 md:p-8", children: children })] }), _jsx(Toaster, {})] }));
+}

package/dist/shell/sidebar.d.ts

@@ -0,0 +1,16 @@
+import type { ComponentType } from "react";
+export type NavItem = {
+    href: string;
+    label: string;
+    icon: ComponentType<{
+        className?: string;
+    }>;
+    adminOnly?: boolean;
+};
+export declare function AdminSidebar({ role, navItems, logoSrc, brandName }: {
+    role: string;
+    navItems: NavItem[];
+    logoSrc?: string;
+    brandName?: string;
+}): import("react").JSX.Element;
+//# sourceMappingURL=sidebar.d.ts.map

package/dist/shell/sidebar.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sidebar.d.ts","sourceRoot":"","sources":["../../src/shell/sidebar.tsx"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,OAAO,CAAC;AAG3C,MAAM,MAAM,OAAO,GAAG;IACpB,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,aAAa,CAAC;QAAE,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAC5C,SAAS,CAAC,EAAE,OAAO,CAAC;CACrB,CAAC;AAEF,wBAAgB,YAAY,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAqB,EAAE,SAAmB,EAAE,EAAE;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,OAAO,EAAE,CAAC;IAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAAC,SAAS,CAAC,EAAE,MAAM,CAAA;CAAE,+BA0DvK"}

package/dist/shell/sidebar.js

@@ -0,0 +1,19 @@
+"use client";
+import { jsx as _jsx, jsxs as _jsxs } from "react/jsx-runtime";
+import Link from "next/link";
+import { usePathname } from "next/navigation";
+import { LogOut } from "lucide-react";
+import { signOutAction } from "./actions";
+export function AdminSidebar({ role, navItems, logoSrc = "/logo.png", brandName = "Admin" }) {
+    const pathname = usePathname();
+    return (_jsxs("aside", { className: "flex w-60 shrink-0 flex-col bg-gradient-to-b from-navy-900 to-navy-950 text-navy-100", children: [_jsxs("div", { className: "flex h-16 items-center gap-2.5 border-b border-white/5 px-5", children: [_jsx("img", { src: logoSrc, alt: "", className: "h-8 w-8" }), _jsxs("div", { className: "leading-none", children: [_jsx("p", { className: "font-heading text-sm font-extrabold text-white", children: brandName }), _jsx("p", { className: "mt-1 text-[10px] font-semibold tracking-[0.22em] text-gold-400", children: "ADMIN" })] })] }), _jsx("nav", { className: "flex-1 space-y-1 p-3", children: navItems
+                    .filter((l) => !l.adminOnly || role === "admin")
+                    .map((l) => {
+                    const active = pathname === l.href ||
+                        (l.href !== "/admin" && pathname.startsWith(l.href));
+                    const Icon = l.icon;
+                    return (_jsxs(Link, { href: l.href, className: `relative flex items-center gap-3 rounded-lg px-3 py-2 text-sm transition-colors ${active
+                            ? "bg-white/10 font-medium text-white"
+                            : "text-navy-200 hover:bg-white/5 hover:text-white"}`, children: [active && (_jsx("span", { className: "absolute left-0 top-1/2 h-5 w-1 -translate-y-1/2 rounded-r-full bg-gold-400" })), _jsx(Icon, { className: `h-4 w-4 ${active ? "text-gold-400" : "text-navy-300"}` }), l.label] }, l.href));
+                }) }), _jsx("div", { className: "border-t border-white/5 p-3", children: _jsx("form", { action: signOutAction, children: _jsxs("button", { type: "submit", className: "flex w-full items-center gap-2 rounded-lg px-3 py-2 text-sm text-navy-200 transition-colors hover:bg-white/5 hover:text-white", children: [_jsx(LogOut, { className: "h-4 w-4" }), "Keluar"] }) }) })] }));
+}

package/package.json

@@ -0,0 +1,148 @@
+{
+  "name": "@blawness/admin-kit",
+  "version": "0.2.0",
+  "description": "Reusable CMS core for Next.js 16 admin panels — auth, media, users, editor, shell",
+  "license": "MIT",
+  "author": "Blawness",
+  "keywords": [
+    "nextjs",
+    "cms",
+    "admin",
+    "drizzle-orm",
+    "next-auth",
+    "tiptap"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/Blawness/admin-kit.git"
+  },
+  "homepage": "https://github.com/Blawness/admin-kit",
+  "private": false,
+  "type": "module",
+  "files": [
+    "dist",
+    "src"
+  ],
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "default": "./dist/index.js"
+    },
+    "./components": {
+      "types": "./dist/components.d.ts",
+      "default": "./dist/components.js"
+    },
+    "./auth": {
+      "types": "./dist/auth/index.d.ts",
+      "default": "./dist/auth/index.js"
+    },
+    "./auth/config": {
+      "types": "./dist/auth/config.d.ts",
+      "default": "./dist/auth/config.js"
+    },
+    "./auth-helpers": {
+      "types": "./dist/lib/auth-helpers.d.ts",
+      "default": "./dist/lib/auth-helpers.js"
+    },
+    "./db": {
+      "types": "./dist/db/index.d.ts",
+      "default": "./dist/db/index.js"
+    },
+    "./schema": {
+      "types": "./dist/db/schema.d.ts",
+      "default": "./dist/db/schema.js"
+    },
+    "./admin/media": {
+      "types": "./dist/lib/admin/media.d.ts",
+      "default": "./dist/lib/admin/media.js"
+    },
+    "./admin/users": {
+      "types": "./dist/lib/admin/users.d.ts",
+      "default": "./dist/lib/admin/users.js"
+    },
+    "./screens/login": {
+      "types": "./dist/screens/login/page.d.ts",
+      "default": "./dist/screens/login/page.js"
+    },
+    "./screens/login/actions": {
+      "types": "./dist/screens/login/actions.d.ts",
+      "default": "./dist/screens/login/actions.js"
+    },
+    "./screens/media": {
+      "types": "./dist/screens/media/page.d.ts",
+      "default": "./dist/screens/media/page.js"
+    },
+    "./screens/media/actions": {
+      "types": "./dist/screens/media/actions.d.ts",
+      "default": "./dist/screens/media/actions.js"
+    },
+    "./screens/media/lib": {
+      "types": "./dist/screens/media/lib.d.ts",
+      "default": "./dist/screens/media/lib.js"
+    },
+    "./screens/users": {
+      "types": "./dist/screens/users/page.d.ts",
+      "default": "./dist/screens/users/page.js"
+    },
+    "./screens/users/actions": {
+      "types": "./dist/screens/users/actions.d.ts",
+      "default": "./dist/screens/users/actions.js"
+    },
+    "./shell": {
+      "types": "./dist/shell/layout.d.ts",
+      "default": "./dist/shell/layout.js"
+    },
+    "./shell/sidebar": {
+      "types": "./dist/shell/sidebar.d.ts",
+      "default": "./dist/shell/sidebar.js"
+    },
+    "./shell/actions": {
+      "types": "./dist/shell/actions.d.ts",
+      "default": "./dist/shell/actions.js"
+    }
+  },
+  "scripts": {
+    "build": "tsc -p tsconfig.json",
+    "typecheck": "tsc -p tsconfig.json --noEmit",
+    "prepare": "tsc -p tsconfig.json"
+  },
+  "peerDependencies": {
+    "next": "^16.2.0",
+    "react": "^19.2.0",
+    "react-dom": "^19.2.0",
+    "tailwindcss": "^4"
+  },
+  "pnpm": {
+    "onlyBuiltDependencies": [
+      "sharp"
+    ]
+  },
+  "dependencies": {
+    "@aws-sdk/client-s3": "^3.1058.0",
+    "@base-ui/react": "^1.5.0",
+    "@tiptap/extension-image": "^3.25.0",
+    "@tiptap/extension-link": "^3.25.0",
+    "@tiptap/pm": "^3.25.0",
+    "@tiptap/react": "^3.25.0",
+    "@tiptap/starter-kit": "^3.25.0",
+    "bcryptjs": "^3.0.3",
+    "class-variance-authority": "^0.7.1",
+    "clsx": "^2.1.1",
+    "drizzle-orm": "^0.45.2",
+    "lucide-react": "^1.16.0",
+    "next-auth": "^5.0.0-beta.31",
+    "postgres": "^3.4.9",
+    "sanitize-html": "^2.13.0",
+    "sharp": "^0.34.5",
+    "sonner": "^2.0.7",
+    "tailwind-merge": "^3.6.0",
+    "zod": "^4.4.3"
+  },
+  "devDependencies": {
+    "@types/node": "^25.9.2",
+    "@types/react": "^19",
+    "@types/react-dom": "^19",
+    "@types/sanitize-html": "^2",
+    "typescript": "^5"
+  }
+}

package/src/auth/config.ts

@@ -0,0 +1,36 @@
+import type { NextAuthConfig } from "next-auth";
+
+export const authConfig: NextAuthConfig = {
+  pages: { signIn: "/admin/login" },
+  session: { strategy: "jwt" },
+  trustHost: true,
+  providers: [], // real provider added in auth/index.ts (Node runtime)
+  callbacks: {
+    authorized({ auth, request: { nextUrl } }) {
+      const isAdminArea = nextUrl.pathname.startsWith("/admin");
+      const isLogin = nextUrl.pathname === "/admin/login";
+      // Already-authenticated users have no business on the login page.
+      if (isLogin) {
+        return auth?.user
+          ? Response.redirect(new URL("/admin", nextUrl))
+          : true;
+      }
+      if (isAdminArea) return !!auth?.user;
+      return true;
+    },
+    jwt({ token, user }) {
+      if (user) {
+        token.id = user.id as string;
+        token.role = (user.role as string | undefined) ?? "editor";
+      }
+      return token;
+    },
+    session({ session, token }) {
+      // eslint-disable-next-line @typescript-eslint/no-explicit-any
+      const u = session.user as any;
+      if (token.id) u.id = token.id;
+      u.role = token.role ?? "editor";
+      return session;
+    },
+  },
+};

package/src/auth/index.ts

@@ -0,0 +1,49 @@
+import NextAuth, { type NextAuthResult } from "next-auth";
+import Credentials from "next-auth/providers/credentials";
+import { compare } from "bcryptjs";
+import { z } from "zod";
+import { eq } from "drizzle-orm";
+import { db } from "../db/index";
+import { users } from "../db/schema";
+import { authConfig } from "./config";
+
+const credentialsSchema = z.object({
+  email: z.string().email(),
+  password: z.string().min(1),
+});
+
+const _result: NextAuthResult = NextAuth({
+  ...authConfig,
+  providers: [
+    Credentials({
+      credentials: { email: {}, password: {} },
+      async authorize(raw) {
+        const parsed = credentialsSchema.safeParse(raw);
+        if (!parsed.success) return null;
+        const { email, password } = parsed.data;
+
+        const [user] = await db
+          .select()
+          .from(users)
+          .where(eq(users.email, email))
+          .limit(1);
+
+        if (!user?.passwordHash) return null;
+        const ok = await compare(password, user.passwordHash);
+        if (!ok) return null;
+
+        return {
+          id: String(user.id),
+          email: user.email,
+          name: user.name,
+          role: user.role ?? "editor",
+        };
+      },
+    }),
+  ],
+});
+
+export const handlers: NextAuthResult["handlers"] = _result.handlers;
+export const auth: NextAuthResult["auth"] = _result.auth;
+export const signIn: NextAuthResult["signIn"] = _result.signIn;
+export const signOut: NextAuthResult["signOut"] = _result.signOut;

package/src/components/admin/editor.tsx

@@ -0,0 +1,53 @@
+"use client";
+
+import { useEditor, EditorContent } from "@tiptap/react";
+import StarterKit from "@tiptap/starter-kit";
+import Link from "@tiptap/extension-link";
+import Image from "@tiptap/extension-image";
+import { Button } from "../ui/button";
+
+export function Editor({
+  value,
+  onChange,
+}: {
+  value: string;
+  onChange: (html: string) => void;
+}) {
+  const editor = useEditor({
+    extensions: [
+      StarterKit.configure({ heading: { levels: [2, 3, 4] } }),
+      Link.configure({ openOnClick: false }),
+      Image,
+    ],
+    content: value,
+    immediatelyRender: false,
+    editorProps: { attributes: { class: "prose prose-blue max-w-none min-h-[300px] focus:outline-none" } },
+    onUpdate: ({ editor }) => onChange(editor.getHTML()),
+  });
+
+  if (!editor) return null;
+
+  return (
+    <div className="rounded-md border border-navy-200">
+      <div className="flex flex-wrap gap-1 border-b border-navy-100 p-2">
+        <ToolbarButton on={() => editor.chain().focus().toggleBold().run()} active={editor.isActive("bold")}>B</ToolbarButton>
+        <ToolbarButton on={() => editor.chain().focus().toggleItalic().run()} active={editor.isActive("italic")}>I</ToolbarButton>
+        <ToolbarButton on={() => editor.chain().focus().toggleHeading({ level: 2 }).run()} active={editor.isActive("heading", { level: 2 })}>H2</ToolbarButton>
+        <ToolbarButton on={() => editor.chain().focus().toggleHeading({ level: 3 }).run()} active={editor.isActive("heading", { level: 3 })}>H3</ToolbarButton>
+        <ToolbarButton on={() => editor.chain().focus().toggleBulletList().run()} active={editor.isActive("bulletList")}>• List</ToolbarButton>
+        <ToolbarButton on={() => editor.chain().focus().toggleOrderedList().run()} active={editor.isActive("orderedList")}>1. List</ToolbarButton>
+        <ToolbarButton on={() => { const url = prompt("URL tautan:"); if (url) editor.chain().focus().setLink({ href: url }).run(); }} active={editor.isActive("link")}>Link</ToolbarButton>
+        <ToolbarButton on={() => { const url = prompt("URL gambar:"); if (url) editor.chain().focus().setImage({ src: url }).run(); }} active={false}>Gambar</ToolbarButton>
+      </div>
+      <EditorContent editor={editor} className="p-3" />
+    </div>
+  );
+}
+
+function ToolbarButton({ on, active, children }: { on: () => void; active: boolean; children: React.ReactNode }) {
+  return (
+    <Button type="button" variant={active ? "default" : "outline"} size="sm" onClick={on}>
+      {children}
+    </Button>
+  );
+}