@ekrist1/vulse 0.1.6-alpha.3

package/dist/server/routes/preview-sessions.d.ts

@@ -0,0 +1,9 @@
+import type { Auth } from '../better-auth.js';
+import type { VulseDb } from '../../core/db.js';
+import type { BlueprintRegistry } from '../../core/blueprints/registry.js';
+export declare function previewSessionsRoutes(db: VulseDb, auth: Auth, registry: BlueprintRegistry): {
+    create: (request: Request, rawParams?: Record<string, string>) => Promise<Response>;
+    update: (request: Request, rawParams?: Record<string, string>) => Promise<Response>;
+    remove: (request: Request, rawParams?: Record<string, string>) => Promise<Response>;
+};
+//# sourceMappingURL=preview-sessions.d.ts.map

package/dist/server/routes/preview-sessions.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"preview-sessions.d.ts","sourceRoot":"","sources":["../../../src/server/routes/preview-sessions.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAA;AAC7C,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAA;AAC/C,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,mCAAmC,CAAA;AAa1E,wBAAgB,qBAAqB,CAAC,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,iBAAiB;;;;EA2DzF"}

package/dist/server/routes/preview-sessions.js

@@ -0,0 +1,74 @@
+import { z } from 'astro/zod';
+import { defineHandler } from '../handler.js';
+import { resolvePreviewPath } from '../../core/blueprints/preview-path.js';
+import { PreviewSessionsRepo } from '../../core/repos/preview-sessions.js';
+import { AccessDeniedError, NotFoundError } from '../../core/errors.js';
+function buildPreviewUrl(origin, pathTemplate, slug, token) {
+    const path = pathTemplate.replace('{slug}', encodeURIComponent(slug));
+    const url = new URL(path, origin);
+    url.searchParams.set('vulse_live_preview', token);
+    return url.toString();
+}
+export function previewSessionsRoutes(db, auth, registry) {
+    const repo = new PreviewSessionsRepo(db);
+    return {
+        create: defineHandler(auth, {
+            requireRole: ['admin', 'editor'],
+            body: z.object({
+                collection: z.string(),
+                entryId: z.string().nullable().optional(),
+                slug: z.string(),
+                content: z.record(z.string(), z.unknown()),
+                locale: z.string().optional(),
+            }),
+        }, async ({ auth: ctx, body, url }) => {
+            const bp = registry.get(body.collection);
+            if (!bp)
+                throw new NotFoundError(`Collection ${body.collection} not found`);
+            const row = await repo.create({
+                userId: ctx.user.id,
+                collection: body.collection,
+                slug: body.slug,
+                content: body.content,
+                entryId: body.entryId ?? null,
+                ...(body.locale !== undefined ? { locale: body.locale } : {}),
+            });
+            const previewPath = resolvePreviewPath(bp);
+            return {
+                id: row.id,
+                previewUrl: buildPreviewUrl(url.origin, previewPath, row.slug, row.id),
+                expiresAt: row.expiresAt.toISOString(),
+            };
+        }),
+        update: defineHandler(auth, {
+            requireRole: ['admin', 'editor'],
+            params: z.object({ id: z.string() }),
+            body: z.object({
+                slug: z.string().optional(),
+                content: z.record(z.string(), z.unknown()).optional(),
+                locale: z.string().optional(),
+            }),
+        }, async ({ auth: ctx, params, body }) => {
+            const patch = {};
+            if (body.slug !== undefined)
+                patch.slug = body.slug;
+            if (body.content !== undefined)
+                patch.content = body.content;
+            if (body.locale !== undefined)
+                patch.locale = body.locale;
+            const updated = await repo.update(params.id, ctx.user.id, patch);
+            if (!updated)
+                throw new AccessDeniedError('Session not found or not owned by you');
+            return { expiresAt: updated.expiresAt.toISOString() };
+        }),
+        remove: defineHandler(auth, {
+            requireRole: ['admin', 'editor'],
+            params: z.object({ id: z.string() }),
+        }, async ({ auth: ctx, params }) => {
+            const ok = await repo.delete(params.id, ctx.user.id);
+            if (!ok)
+                throw new NotFoundError('Session not found');
+            return { ok: true };
+        }),
+    };
+}

package/dist/server/routes/preview.d.ts

@@ -0,0 +1,6 @@
+import type { Auth } from '../better-auth.js';
+export declare function previewRoutes(auth: Auth, secret: string): {
+    start: (request: Request, rawParams?: Record<string, string>) => Promise<Response>;
+    stop: (request: Request, rawParams?: Record<string, string>) => Promise<Response>;
+};
+//# sourceMappingURL=preview.d.ts.map

package/dist/server/routes/preview.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"preview.d.ts","sourceRoot":"","sources":["../../../src/server/routes/preview.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAA;AAmB7C,wBAAgB,aAAa,CAAC,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM;;;EAgBvD"}

package/dist/server/routes/preview.js

@@ -0,0 +1,37 @@
+import { defineHandler } from '../handler.js';
+import { mintPreviewToken } from '../preview.js';
+function safePreviewTarget(raw, origin) {
+    const fallback = new URL('/', origin);
+    if (!raw)
+        return fallback;
+    // Reject anything that could escape origin: protocol-relative URLs (//evil.com)
+    // and any input that isn't a single leading "/" path.
+    if (!raw.startsWith('/') || raw.startsWith('//'))
+        return fallback;
+    try {
+        const candidate = new URL(raw, origin);
+        if (candidate.origin !== new URL(origin).origin)
+            return fallback;
+        return candidate;
+    }
+    catch {
+        return fallback;
+    }
+}
+export function previewRoutes(auth, secret) {
+    return {
+        start: defineHandler(auth, { requireRole: ['admin', 'editor'] }, async ({ auth: authCtx, url }) => {
+            const token = await mintPreviewToken(secret, authCtx.user.id);
+            const secure = url.protocol === 'https:';
+            const cookie = `vulse_preview=${token}; Path=/; HttpOnly; SameSite=Lax; Max-Age=3600${secure ? '; Secure' : ''}`;
+            const redirect = safePreviewTarget(url.searchParams.get('to'), url.origin);
+            return new Response(null, { status: 302, headers: { Location: redirect.toString(), 'Set-Cookie': cookie } });
+        }),
+        stop: defineHandler(auth, {}, async ({ url }) => {
+            return new Response(null, {
+                status: 302,
+                headers: { Location: new URL('/', url.origin).toString(), 'Set-Cookie': 'vulse_preview=; Path=/; Max-Age=0' },
+            });
+        }),
+    };
+}

package/dist/server/routes/revisions.d.ts

@@ -0,0 +1,7 @@
+import type { VulseDb } from '../../core/db.js';
+import type { Auth } from '../better-auth.js';
+export declare function revisionsRoutes(db: VulseDb, auth: Auth): {
+    list: (request: Request, rawParams?: Record<string, string>) => Promise<Response>;
+    restore: (request: Request, rawParams?: Record<string, string>) => Promise<Response>;
+};
+//# sourceMappingURL=revisions.d.ts.map

package/dist/server/routes/revisions.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"revisions.d.ts","sourceRoot":"","sources":["../../../src/server/routes/revisions.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAA;AAC/C,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAA;AAK7C,wBAAgB,eAAe,CAAC,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI;;;EAqBtD"}

package/dist/server/routes/revisions.js

@@ -0,0 +1,26 @@
+import { z } from 'astro/zod';
+import { RevisionsRepo } from '../../core/repos/revisions.js';
+import { resolveLocale } from '../../core/locales.js';
+import { defineHandler } from '../handler.js';
+export function revisionsRoutes(db, auth) {
+    const repo = new RevisionsRepo(db);
+    return {
+        list: defineHandler(auth, {
+            params: z.object({ collection: z.string(), id: z.string() }),
+            requireRole: ['admin', 'editor'],
+        }, async ({ params, url }) => {
+            const locale = await resolveLocale(db, url.searchParams.get('locale'));
+            return await repo.listByEntry(params.id, locale);
+        }),
+        restore: defineHandler(auth, {
+            params: z.object({ collection: z.string(), id: z.string(), version: z.string() }),
+            requireRole: ['admin', 'editor'],
+        }, async ({ params, url, auth: authCtx }) => {
+            if (!authCtx.user)
+                throw new Error('unreachable');
+            const locale = await resolveLocale(db, url.searchParams.get('locale'));
+            await repo.restore(params.id, Number(params.version), { userId: authCtx.user.id, locale });
+            return { restored: Number(params.version) };
+        }),
+    };
+}

package/dist/server/routes/search.d.ts

@@ -0,0 +1,6 @@
+import type { VulseDb } from '../../core/db.js';
+import type { Auth } from '../better-auth.js';
+export declare function searchRoutes(db: VulseDb, auth: Auth): {
+    query: (request: Request, rawParams?: Record<string, string>) => Promise<Response>;
+};
+//# sourceMappingURL=search.d.ts.map

package/dist/server/routes/search.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"search.d.ts","sourceRoot":"","sources":["../../../src/server/routes/search.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAA;AAC/C,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAA;AAI7C,wBAAgB,YAAY,CAAC,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI;;EAwBnD"}

package/dist/server/routes/search.js

@@ -0,0 +1,28 @@
+import { z } from 'astro/zod';
+import { defineHandler } from '../handler.js';
+import { searchSdk } from '../sdk/search.js';
+export function searchRoutes(db, auth) {
+    const sdk = searchSdk(db);
+    return {
+        query: defineHandler(auth, {
+            params: z.object({}),
+            body: z.object({
+                q: z.string(),
+                collections: z.array(z.string()).optional(),
+                limit: z.number().optional(),
+                includeDrafts: z.boolean().optional(),
+                locale: z.string().optional(),
+            }),
+        }, async ({ body, auth: authCtx }) => {
+            const role = authCtx.user?.role;
+            const mayReadDrafts = role === 'admin' || role === 'editor';
+            const includeDrafts = body.includeDrafts === true && mayReadDrafts;
+            return sdk.query(body.q, {
+                ...(body.collections !== undefined ? { collections: body.collections } : {}),
+                ...(body.limit !== undefined ? { limit: body.limit } : {}),
+                ...(body.locale !== undefined ? { locale: body.locale } : {}),
+                includeDrafts,
+            });
+        }),
+    };
+}

package/dist/server/routes/sets.d.ts

@@ -0,0 +1,10 @@
+import type { Auth } from '../better-auth.js';
+import type { VulseDb } from '../../core/db.js';
+export declare function setsRoutes(db: VulseDb, auth: Auth): {
+    list: (request: Request, rawParams?: Record<string, string>) => Promise<Response>;
+    get: (request: Request, rawParams?: Record<string, string>) => Promise<Response>;
+    create: (request: Request, rawParams?: Record<string, string>) => Promise<Response>;
+    update: (request: Request, rawParams?: Record<string, string>) => Promise<Response>;
+    delete: (request: Request, rawParams?: Record<string, string>) => Promise<Response>;
+};
+//# sourceMappingURL=sets.d.ts.map

package/dist/server/routes/sets.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sets.d.ts","sourceRoot":"","sources":["../../../src/server/routes/sets.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAA;AAC7C,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAA;AAQ/C,wBAAgB,UAAU,CAAC,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI;;;;;;EA6BjD"}

package/dist/server/routes/sets.js

@@ -0,0 +1,33 @@
+import { z } from 'astro/zod';
+import { SetDefinitionSchema } from '../../core/sets/definition.js';
+import { createSet, deleteSet, getSet, listSets, updateSet } from '../../core/sets/service.js';
+import { NotFoundError } from '../../core/errors.js';
+import { defineHandler } from '../handler.js';
+const paramsHandle = z.object({ handle: z.string() });
+export function setsRoutes(db, auth) {
+    return {
+        list: defineHandler(auth, {}, async () => listSets(db)),
+        get: defineHandler(auth, { params: paramsHandle }, async ({ params }) => {
+            const row = await getSet(db, params.handle);
+            if (!row)
+                throw new NotFoundError('set not found');
+            return row;
+        }),
+        create: defineHandler(auth, {
+            body: SetDefinitionSchema,
+            requireRole: ['admin'],
+        }, async ({ body }) => createSet(db, body)),
+        update: defineHandler(auth, {
+            params: paramsHandle,
+            body: SetDefinitionSchema,
+            requireRole: ['admin'],
+        }, async ({ params, body }) => updateSet(db, params.handle, body)),
+        delete: defineHandler(auth, {
+            params: paramsHandle,
+            requireRole: ['admin'],
+        }, async ({ params }) => {
+            await deleteSet(db, params.handle);
+            return null;
+        }),
+    };
+}

package/dist/server/routes/settings.d.ts

@@ -0,0 +1,7 @@
+import type { VulseDb } from '../../core/db.js';
+import type { Auth } from '../better-auth.js';
+export declare function settingsRoutes(db: VulseDb, auth: Auth): {
+    list: (request: Request, rawParams?: Record<string, string>) => Promise<Response>;
+    set: (request: Request, rawParams?: Record<string, string>) => Promise<Response>;
+};
+//# sourceMappingURL=settings.d.ts.map

package/dist/server/routes/settings.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"settings.d.ts","sourceRoot":"","sources":["../../../src/server/routes/settings.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAA;AAC/C,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAA;AAO7C,wBAAgB,cAAc,CAAC,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI;;;EAcrD"}

package/dist/server/routes/settings.js

@@ -0,0 +1,21 @@
+import { z } from 'astro/zod';
+import { defineHandler } from '../handler.js';
+import { SettingsRepo } from '../../core/repos/settings.js';
+import { invalidateRuntime } from '../runtime.js';
+const AUTH_SETTING_KEYS = new Set(['allowMemberSignUp', 'allowedSignUpDomains']);
+export function settingsRoutes(db, auth) {
+    const repo = new SettingsRepo(db);
+    return {
+        list: defineHandler(auth, { requireRole: ['admin'] }, async () => await repo.all()),
+        set: defineHandler(auth, {
+            params: z.object({ key: z.string() }),
+            body: z.object({ value: z.unknown() }),
+            requireRole: ['admin'],
+        }, async ({ params, body }) => {
+            await repo.set(params.key, body.value);
+            if (AUTH_SETTING_KEYS.has(params.key))
+                invalidateRuntime();
+            return { key: params.key };
+        }),
+    };
+}

package/dist/server/routes/users.d.ts

@@ -0,0 +1,10 @@
+import type { VulseDb } from '../../core/db.js';
+import type { Auth } from '../better-auth.js';
+export declare function usersRoutes(db: VulseDb, auth: Auth): {
+    list: (request: Request, rawParams?: Record<string, string>) => Promise<Response>;
+    get: (request: Request, rawParams?: Record<string, string>) => Promise<Response>;
+    update: (request: Request, rawParams?: Record<string, string>) => Promise<Response>;
+    setRole: (request: Request, rawParams?: Record<string, string>) => Promise<Response>;
+    resetPassword: (request: Request, rawParams?: Record<string, string>) => Promise<Response>;
+};
+//# sourceMappingURL=users.d.ts.map

package/dist/server/routes/users.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"users.d.ts","sourceRoot":"","sources":["../../../src/server/routes/users.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAA;AAC/C,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAA;AAgB7C,wBAAgB,WAAW,CAAC,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI;;;;;;EAyGlD"}

package/dist/server/routes/users.js

@@ -0,0 +1,113 @@
+import { z } from 'astro/zod';
+import { and, eq, like, or } from 'drizzle-orm';
+import { hashPassword } from 'better-auth/crypto';
+import { nanoid } from 'nanoid';
+import { account as accountTable, user as userTable } from '../../core/schema.js';
+import { defineHandler } from '../handler.js';
+import { NotFoundError } from '../../core/errors.js';
+const userFields = {
+    id: userTable.id,
+    email: userTable.email,
+    name: userTable.name,
+    role: userTable.role,
+    displayName: userTable.displayName,
+    emailVerified: userTable.emailVerified,
+    createdAt: userTable.createdAt,
+    updatedAt: userTable.updatedAt,
+};
+export function usersRoutes(db, auth) {
+    return {
+        list: defineHandler(auth, { requireRole: ['admin'] }, async ({ url }) => {
+            const q = url.searchParams.get('q')?.trim();
+            if (q) {
+                const pattern = `%${q}%`;
+                return await db.select(userFields).from(userTable).where(or(like(userTable.email, pattern), like(userTable.name, pattern), like(userTable.displayName, pattern), eq(userTable.id, q)));
+            }
+            return await db.select(userFields).from(userTable);
+        }),
+        get: defineHandler(auth, {
+            params: z.object({ id: z.string() }),
+            requireRole: ['admin'],
+        }, async ({ params }) => {
+            const rows = await db.select(userFields).from(userTable).where(eq(userTable.id, params.id));
+            if (!rows.length)
+                throw new NotFoundError(`User ${params.id} not found`);
+            return rows[0];
+        }),
+        update: defineHandler(auth, {
+            params: z.object({ id: z.string() }),
+            body: z.object({
+                name: z.string().min(1).optional(),
+                displayName: z.string().nullable().optional(),
+                role: z.enum(['admin', 'editor', 'member']).optional(),
+            }),
+            requireRole: ['admin'],
+        }, async ({ params, body }) => {
+            const existing = await db.select({ id: userTable.id }).from(userTable).where(eq(userTable.id, params.id));
+            if (!existing.length)
+                throw new NotFoundError(`User ${params.id} not found`);
+            const patch = { updatedAt: new Date() };
+            if (body.name !== undefined)
+                patch.name = body.name;
+            if (body.displayName !== undefined)
+                patch.displayName = body.displayName;
+            if (body.role !== undefined)
+                patch.role = body.role;
+            await db.update(userTable).set(patch).where(eq(userTable.id, params.id));
+            const rows = await db.select(userFields).from(userTable).where(eq(userTable.id, params.id));
+            return rows[0];
+        }),
+        setRole: defineHandler(auth, {
+            params: z.object({ id: z.string() }),
+            body: z.object({ role: z.enum(['admin', 'editor', 'member']) }),
+            requireRole: ['admin'],
+        }, async ({ params, body }) => {
+            const existing = await db.select({ id: userTable.id }).from(userTable).where(eq(userTable.id, params.id));
+            if (!existing.length)
+                throw new NotFoundError(`User ${params.id} not found`);
+            await db.update(userTable).set({ role: body.role, updatedAt: new Date() }).where(eq(userTable.id, params.id));
+            return { id: params.id, role: body.role };
+        }),
+        resetPassword: defineHandler(auth, {
+            params: z.object({ id: z.string() }),
+            body: z.discriminatedUnion('action', [
+                z.object({ action: z.literal('email'), redirectTo: z.string().optional() }),
+                z.object({ action: z.literal('set'), password: z.string().min(8) }),
+            ]),
+            requireRole: ['admin'],
+        }, async ({ params, body, request }) => {
+            const rows = await db.select({ id: userTable.id, email: userTable.email }).from(userTable).where(eq(userTable.id, params.id));
+            if (!rows.length)
+                throw new NotFoundError(`User ${params.id} not found`);
+            const target = rows[0];
+            if (body.action === 'email') {
+                await auth.api.requestPasswordReset({
+                    body: {
+                        email: target.email,
+                        redirectTo: body.redirectTo ?? '/reset-password',
+                    },
+                    headers: request.headers,
+                });
+                return { action: 'email', sent: true };
+            }
+            const hashedPassword = await hashPassword(body.password);
+            const accounts = await db.select({ id: accountTable.id }).from(accountTable).where(and(eq(accountTable.userId, params.id), eq(accountTable.providerId, 'credential')));
+            const now = new Date();
+            if (accounts.length) {
+                await db.update(accountTable).set({ password: hashedPassword, updatedAt: now }).where(eq(accountTable.id, accounts[0].id));
+            }
+            else {
+                await db.insert(accountTable).values({
+                    id: nanoid(),
+                    userId: params.id,
+                    accountId: params.id,
+                    providerId: 'credential',
+                    password: hashedPassword,
+                    createdAt: now,
+                    updatedAt: now,
+                });
+            }
+            return { action: 'set', updated: true };
+        }),
+    };
+}

package/dist/server/runtime.d.ts

@@ -0,0 +1,49 @@
+import { createDb } from '../core/db.js';
+import { BlueprintRegistry } from '../core/blueprints/registry.js';
+import { entriesRoutes } from './routes/entries.js';
+import { revisionsRoutes } from './routes/revisions.js';
+import { usersRoutes } from './routes/users.js';
+import { settingsRoutes } from './routes/settings.js';
+import { blueprintsRoutes } from './routes/blueprints.js';
+import { setsRoutes } from './routes/sets.js';
+import { mediaRoutes } from './routes/media.js';
+import { searchRoutes } from './routes/search.js';
+import { previewRoutes } from './routes/preview.js';
+import { previewSessionsRoutes } from './routes/preview-sessions.js';
+import { formsRoutes } from './routes/forms.js';
+import { formSubmitRoutes } from './routes/form-submit.js';
+import { formUploadRoutes } from './routes/form-upload.js';
+import { globalsRoutes } from './routes/globals.js';
+import { globalsPublicRoutes } from './routes/globals-public.js';
+import { createSdk } from './sdk/index.js';
+import type { Auth } from './better-auth.js';
+import type { RuntimeEnv } from './env.js';
+export interface VulseRuntime {
+    db: ReturnType<typeof createDb>;
+    auth: Auth;
+    registry: BlueprintRegistry;
+    sdk: ReturnType<typeof createSdk>;
+    routes: {
+        entries: ReturnType<typeof entriesRoutes>;
+        revisions: ReturnType<typeof revisionsRoutes>;
+        users: ReturnType<typeof usersRoutes>;
+        settings: ReturnType<typeof settingsRoutes>;
+        blueprints: ReturnType<typeof blueprintsRoutes>;
+        sets: ReturnType<typeof setsRoutes>;
+        media: ReturnType<typeof mediaRoutes>;
+        search: ReturnType<typeof searchRoutes>;
+        preview: ReturnType<typeof previewRoutes>;
+        previewSessions: ReturnType<typeof previewSessionsRoutes>;
+        forms: ReturnType<typeof formsRoutes>;
+        formSubmit: ReturnType<typeof formSubmitRoutes>;
+        formUpload: ReturnType<typeof formUploadRoutes>;
+        globals: ReturnType<typeof globalsRoutes>;
+        globalsPublic: ReturnType<typeof globalsPublicRoutes>;
+    };
+}
+export declare function getRuntime(env: RuntimeEnv, registry: BlueprintRegistry, baseURL: string): Promise<VulseRuntime>;
+export declare function invalidateRuntime(): void;
+/** @deprecated use invalidateRuntime */
+export declare function _resetRuntime(): void;
+export type { RuntimeEnv } from './env.js';
+//# sourceMappingURL=runtime.d.ts.map

package/dist/server/runtime.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"runtime.d.ts","sourceRoot":"","sources":["../../src/server/runtime.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAA;AAExC,OAAO,EAAE,iBAAiB,EAAE,MAAM,gCAAgC,CAAA;AAClE,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAA;AACnD,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAA;AACvD,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAC/C,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AACrD,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAA;AACzD,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAC7C,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AACjD,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAA;AACnD,OAAO,EAAE,qBAAqB,EAAE,MAAM,8BAA8B,CAAA;AACpE,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAC/C,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAA;AAC1D,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAA;AAC1D,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAA;AACnD,OAAO,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAA;AAChE,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAA;AAE1C,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAA;AAC5C,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,UAAU,CAAA;AAE1C,MAAM,WAAW,YAAY;IAC3B,EAAE,EAAE,UAAU,CAAC,OAAO,QAAQ,CAAC,CAAA;IAC/B,IAAI,EAAE,IAAI,CAAA;IACV,QAAQ,EAAE,iBAAiB,CAAA;IAC3B,GAAG,EAAE,UAAU,CAAC,OAAO,SAAS,CAAC,CAAA;IACjC,MAAM,EAAE;QACN,OAAO,EAAE,UAAU,CAAC,OAAO,aAAa,CAAC,CAAA;QACzC,SAAS,EAAE,UAAU,CAAC,OAAO,eAAe,CAAC,CAAA;QAC7C,KAAK,EAAE,UAAU,CAAC,OAAO,WAAW,CAAC,CAAA;QACrC,QAAQ,EAAE,UAAU,CAAC,OAAO,cAAc,CAAC,CAAA;QAC3C,UAAU,EAAE,UAAU,CAAC,OAAO,gBAAgB,CAAC,CAAA;QAC/C,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,CAAC,CAAA;QACnC,KAAK,EAAE,UAAU,CAAC,OAAO,WAAW,CAAC,CAAA;QACrC,MAAM,EAAE,UAAU,CAAC,OAAO,YAAY,CAAC,CAAA;QACvC,OAAO,EAAE,UAAU,CAAC,OAAO,aAAa,CAAC,CAAA;QACzC,eAAe,EAAE,UAAU,CAAC,OAAO,qBAAqB,CAAC,CAAA;QACzD,KAAK,EAAE,UAAU,CAAC,OAAO,WAAW,CAAC,CAAA;QACrC,UAAU,EAAE,UAAU,CAAC,OAAO,gBAAgB,CAAC,CAAA;QAC/C,UAAU,EAAE,UAAU,CAAC,OAAO,gBAAgB,CAAC,CAAA;QAC/C,OAAO,EAAE,UAAU,CAAC,OAAO,aAAa,CAAC,CAAA;QACzC,aAAa,EAAE,UAAU,CAAC,OAAO,mBAAmB,CAAC,CAAA;KACtD,CAAA;CACF;AAID,wBAAsB,UAAU,CAAC,GAAG,EAAE,UAAU,EAAE,QAAQ,EAAE,iBAAiB,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CA0CrH;AAED,wBAAgB,iBAAiB,IAAI,IAAI,CAAkB;AAE3D,wCAAwC;AACxC,wBAAgB,aAAa,IAAI,IAAI,CAAwB;AAE7D,YAAY,EAAE,UAAU,EAAE,MAAM,UAAU,CAAA"}

package/dist/server/runtime.js

@@ -0,0 +1,69 @@
+import { createDb } from '../core/db.js';
+import { createAuth } from './better-auth.js';
+import { BlueprintRegistry } from '../core/blueprints/registry.js';
+import { entriesRoutes } from './routes/entries.js';
+import { revisionsRoutes } from './routes/revisions.js';
+import { usersRoutes } from './routes/users.js';
+import { settingsRoutes } from './routes/settings.js';
+import { blueprintsRoutes } from './routes/blueprints.js';
+import { setsRoutes } from './routes/sets.js';
+import { mediaRoutes } from './routes/media.js';
+import { searchRoutes } from './routes/search.js';
+import { previewRoutes } from './routes/preview.js';
+import { previewSessionsRoutes } from './routes/preview-sessions.js';
+import { formsRoutes } from './routes/forms.js';
+import { formSubmitRoutes } from './routes/form-submit.js';
+import { formUploadRoutes } from './routes/form-upload.js';
+import { globalsRoutes } from './routes/globals.js';
+import { globalsPublicRoutes } from './routes/globals-public.js';
+import { createSdk } from './sdk/index.js';
+import { previewSecret } from './preview.js';
+let cached = null;
+export async function getRuntime(env, registry, baseURL) {
+    if (cached)
+        return cached;
+    const db = createDb(env.DB);
+    const auth = await createAuth(db, {
+        baseURL: env.BETTER_AUTH_URL ?? baseURL,
+        secret: env.BETTER_AUTH_SECRET,
+        ...(env.VULSE_ALLOW_MEMBER_SIGNUP === 'true' ? { allowSignUp: true } : {}),
+        env: env,
+    });
+    if (!env.BUCKET)
+        throw new Error('Vulse: R2 binding "BUCKET" is missing. Add it to wrangler.toml.');
+    const cfImages = {
+        ...(env.CF_IMAGES_ACCOUNT_HASH ? { accountHash: env.CF_IMAGES_ACCOUNT_HASH } : {}),
+        ...(env.CF_IMAGES_TOKEN ? { token: env.CF_IMAGES_TOKEN } : {}),
+    };
+    cached = {
+        db, auth, registry,
+        sdk: createSdk(db, auth, registry, cfImages),
+        routes: {
+            entries: entriesRoutes(db, auth, registry),
+            revisions: revisionsRoutes(db, auth),
+            users: usersRoutes(db, auth),
+            settings: settingsRoutes(db, auth),
+            blueprints: blueprintsRoutes(db, auth),
+            sets: setsRoutes(db, auth),
+            media: mediaRoutes(db, auth, {
+                bucket: env.BUCKET,
+                cfImages,
+            }),
+            search: searchRoutes(db, auth),
+            preview: previewRoutes(auth, previewSecret(env)),
+            previewSessions: previewSessionsRoutes(db, auth, registry),
+            forms: formsRoutes(db, auth),
+            formSubmit: formSubmitRoutes(db, {
+                ...(env.FORM_QUEUE ? { queue: env.FORM_QUEUE } : {}),
+                env: env,
+            }),
+            formUpload: formUploadRoutes(db, { bucket: env.BUCKET }),
+            globals: globalsRoutes(db, auth),
+            globalsPublic: globalsPublicRoutes(db),
+        },
+    };
+    return cached;
+}
+export function invalidateRuntime() { cached = null; }
+/** @deprecated use invalidateRuntime */
+export function _resetRuntime() { invalidateRuntime(); }

package/dist/server/sdk/collections.d.ts

@@ -0,0 +1,25 @@
+import type { VulseDb } from '../../core/db.js';
+import { type EntryOrderBy, type EntryRow } from '../../core/repos/entries.js';
+import type { BlueprintRegistry } from '../../core/blueprints/registry.js';
+import type { AuthContext } from '../../core/blueprints/types.js';
+export interface CollectionSdkOptions {
+    audience?: AuthContext['user'] | null;
+    includeDrafts?: boolean;
+    locale?: string;
+}
+export interface CollectionFindOptions extends CollectionSdkOptions {
+    limit?: number;
+    offset?: number;
+    createdBy?: string;
+    /** ISO date string or Date */
+    publishedAfter?: Date | string;
+    publishedBefore?: Date | string;
+    orderBy?: EntryOrderBy;
+    order?: 'asc' | 'desc';
+}
+export declare function collectionsSdk(db: VulseDb, reg: BlueprintRegistry): {
+    find: (collection: string, opts?: CollectionFindOptions) => Promise<EntryRow[]>;
+    findById: (collection: string, id: string, opts?: CollectionSdkOptions) => Promise<EntryRow | null>;
+    findBySlug: (collection: string, slug: string, opts?: CollectionSdkOptions) => Promise<EntryRow | null>;
+};
+//# sourceMappingURL=collections.d.ts.map

package/dist/server/sdk/collections.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"collections.d.ts","sourceRoot":"","sources":["../../../src/server/sdk/collections.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAA;AAE/C,OAAO,EAAe,KAAK,YAAY,EAAE,KAAK,QAAQ,EAAE,MAAM,6BAA6B,CAAA;AAE3F,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,mCAAmC,CAAA;AAC1E,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,gCAAgC,CAAA;AAEjE,MAAM,WAAW,oBAAoB;IACnC,QAAQ,CAAC,EAAE,WAAW,CAAC,MAAM,CAAC,GAAG,IAAI,CAAA;IACrC,aAAa,CAAC,EAAE,OAAO,CAAA;IACvB,MAAM,CAAC,EAAE,MAAM,CAAA;CAChB;AAED,MAAM,WAAW,qBAAsB,SAAQ,oBAAoB;IACjE,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,8BAA8B;IAC9B,cAAc,CAAC,EAAE,IAAI,GAAG,MAAM,CAAA;IAC9B,eAAe,CAAC,EAAE,IAAI,GAAG,MAAM,CAAA;IAC/B,OAAO,CAAC,EAAE,YAAY,CAAA;IACtB,KAAK,CAAC,EAAE,KAAK,GAAG,MAAM,CAAA;CACvB;AAQD,wBAAgB,cAAc,CAAC,EAAE,EAAE,OAAO,EAAE,GAAG,EAAE,iBAAiB;uBA6BrC,MAAM,SAAQ,qBAAqB;2BAe/B,MAAM,MAAM,MAAM,SAAQ,oBAAoB;6BAW5C,MAAM,QAAQ,MAAM,SAAQ,oBAAoB;EAYlF"}