@flowselections/floriday-authenticatie-module 1.0.11 → 1.0.13

package/dist-lib/lib/floriday.functions.js

@@ -37,9 +37,9 @@ const FLORYDAY_ENDPOINTS = {
         apiBaseUrl: "https://api.floriday.io",
     },
 };
-const DEFAULT_SCOPE = "role:app catalog:read sales-order:write organization:read supply:read supply:write sales-order:read delivery-conditions:read fulfillment:write fulfillment:read";
-const SUPPLIERS_API_VERSION = "suppliers-api-2026v1";
-const TOKEN_REFRESH_LEEWAY_S = 60;
+const DEFAULT_SCOPE = "role:app catalog:read catalog:write sales-order:write organization:read supply:read supply:write sales-order:read delivery-conditions:read fulfillment:write fulfillment:read network:read network:write";
+export const SUPPLIERS_API_VERSION = "suppliers-api-2026v1";
+const TOKEN_REFRESH_LEEWAY_S = 300;
 function mask(value, keep = 4) {
     if (!value)
         return "";
@@ -108,29 +108,62 @@ export async function getFlorydayAccessToken(supabase, env, options = {}) {
     if (!options.forceRefresh && row.access_token && expiresAt - TOKEN_REFRESH_LEEWAY_S * 1000 > now) {
         return row.access_token;
     }
-    const tokenRes = await fetch(FLORYDAY_ENDPOINTS[env].tokenUrl, {
-        method: "POST",
-        headers: {
-            "Content-Type": "application/x-www-form-urlencoded",
-            Accept: "application/json",
-        },
-        body: new URLSearchParams({
-            grant_type: "client_credentials",
-            client_id: deepSanitizeCredential(row.client_id),
-            client_secret: deepSanitizeCredential(row.client_secret),
-            scope: DEFAULT_SCOPE,
-        }).toString(),
-    });
-    const text = await tokenRes.text();
-    if (!tokenRes.ok) {
-        throw new Error(`Floriday token-aanvraag mislukt [${tokenRes.status}]: ${text}`);
+    // Concurrency-guard: vlak voor de tokenrequest opnieuw lezen — een parallelle worker
+    // kan zojuist een fresh token hebben geschreven en dan hoeven we niet nóg eens te refreshen.
+    if (!options.forceRefresh) {
+        const { data: fresh } = await supabase
+            .from("floriday_connections")
+            .select("access_token, token_expires_at")
+            .eq("id", row.id)
+            .maybeSingle();
+        const freshExp = fresh?.token_expires_at ? Date.parse(fresh.token_expires_at) : 0;
+        if (fresh?.access_token && freshExp - TOKEN_REFRESH_LEEWAY_S * 1000 > now) {
+            return fresh.access_token;
+        }
+    }
+    let json;
+    let newExpiresAt;
+    try {
+        const tokenRes = await fetch(FLORYDAY_ENDPOINTS[env].tokenUrl, {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/x-www-form-urlencoded",
+                Accept: "application/json",
+            },
+            body: new URLSearchParams({
+                grant_type: "client_credentials",
+                client_id: deepSanitizeCredential(row.client_id),
+                client_secret: deepSanitizeCredential(row.client_secret),
+                scope: DEFAULT_SCOPE,
+            }).toString(),
+        });
+        const text = await tokenRes.text();
+        if (!tokenRes.ok) {
+            throw new Error(`Floriday token-aanvraag mislukt [${tokenRes.status}]: ${text.slice(0, 300)}`);
+        }
+        json = JSON.parse(text);
+        newExpiresAt = new Date(now + json.expires_in * 1000).toISOString();
+        await supabase
+            .from("floriday_connections")
+            .update({ access_token: json.access_token, token_expires_at: newExpiresAt })
+            .eq("id", row.id);
+        // Best-effort logging (faalt nooit hard).
+        await supabase.from("floriday_token_refresh_log").insert({
+            connection_id: row.id,
+            environment: env,
+            ok: true,
+            expires_at: newExpiresAt,
+        }).then(() => undefined, () => undefined);
+    }
+    catch (e) {
+        await supabase.from("floriday_token_refresh_log").insert({
+            connection_id: row.id,
+            environment: env,
+            ok: false,
+            error: String(e?.message ?? e).slice(0, 500),
+        }).then(() => undefined, () => undefined);
+        throw e;
     }
-    const json = JSON.parse(text);
-    const newExpiresAt = new Date(now + json.expires_in * 1000).toISOString();
-    await supabase
-        .from("floriday_connections")
-        .update({ access_token: json.access_token, token_expires_at: newExpiresAt })
-        .eq("id", row.id);
     return json.access_token;
 }
 async function fetchAndStoreFlorydayOrganizationName(supabase, env, connectionId) {
@@ -205,16 +238,32 @@ export async function florydayFetch(supabase, pathOrEnv, pathOrInit, maybeInit =
     const row = await getActiveFlorydayCredentials(supabase, env);
     if (!row)
         throw new Error(`Geen actieve Floriday-koppeling voor ${env}`);
-    const token = await getFlorydayAccessToken(supabase, env);
     const url = path.startsWith("http")
         ? path
         : `${FLORYDAY_ENDPOINTS[env].apiBaseUrl}${path.startsWith("/") ? "" : "/"}${path}`;
-    const headers = new Headers(init.headers);
-    headers.set("Authorization", `Bearer ${token}`);
-    headers.set("X-Api-Key", deepSanitizeCredential(row.api_key));
-    if (!headers.has("Accept"))
-        headers.set("Accept", "application/json");
-    return fetch(url, { ...init, headers });
+    const doFetch = async (token) => {
+        const headers = new Headers(init.headers);
+        headers.set("Authorization", `Bearer ${token}`);
+        headers.set("X-Api-Key", deepSanitizeCredential(row.api_key));
+        if (!headers.has("Accept"))
+            headers.set("Accept", "application/json");
+        return fetch(url, { ...init, headers });
+    };
+    let token = await getFlorydayAccessToken(supabase, env);
+    let res = await doFetch(token);
+    // Auto-retry op 401/403 met een force-refreshed token. Dit is het vangnet
+    // voor het geval de cron faalt of een race-condition ons toch een verlopen
+    // token gaf. Body wordt niet gelezen vóór de retry — als de caller .json()
+    // doet werkt dat normaal op het nieuwe Response object.
+    if (res.status === 401 || res.status === 403) {
+        token = await getFlorydayAccessToken(supabase, env, { forceRefresh: true });
+        res = await doFetch(token);
+        if (res.status === 401 || res.status === 403) {
+            const body = await res.clone().text().catch(() => "");
+            throw new Error(`Floriday API ${res.status} na force-refresh — controleer client_id/client_secret op /floriday-connection. Body: ${body.slice(0, 200)}`);
+        }
+    }
+    return res;
 }
 // ─── Server functions exposed to the UI ─────────────────────────────────────
 export const listFlorydayConnections = createServerFn({ method: "GET" })
@@ -228,6 +277,41 @@ export const listFlorydayConnections = createServerFn({ method: "GET" })
         throw new Error(error.message);
     return (data ?? []).map(toPublic);
 });
+export const getFlorydayTokenHealth = createServerFn({ method: "GET" })
+    .middleware([requireSupabaseAuth])
+    .handler(async ({ context }) => {
+    const { data: conns } = await context.supabase
+        .from("floriday_connections")
+        .select("id, environment, token_expires_at, is_active")
+        .eq("is_active", true);
+    const { data: log } = await context.supabase
+        .from("floriday_token_refresh_log")
+        .select("connection_id, attempted_at, ok, error, expires_at")
+        .order("attempted_at", { ascending: false })
+        .limit(20);
+    return {
+        connections: conns ?? [],
+        recent: log ?? [],
+    };
+});
+export const forceRefreshFlorydayToken = createServerFn({ method: "POST" })
+    .middleware([requireSupabaseAuth])
+    .inputValidator((input) => {
+    if (!["staging", "live"].includes(input.environment)) {
+        throw new Error("Ongeldige environment");
+    }
+    return input;
+})
+    .handler(async ({ data, context }) => {
+    await getFlorydayAccessToken(context.supabase, data.environment, { forceRefresh: true });
+    const { data: row } = await context.supabase
+        .from("floriday_connections")
+        .select("token_expires_at")
+        .eq("environment", data.environment)
+        .eq("is_active", true)
+        .maybeSingle();
+    return { ok: true, expires_at: row?.token_expires_at ?? null };
+});
 export const upsertFlorydayConnection = createServerFn({ method: "POST" })
     .middleware([requireSupabaseAuth])
     .inputValidator((input) => {
@@ -268,7 +352,36 @@ export const upsertFlorydayConnection = createServerFn({ method: "POST" })
         await scheduleFlorydayTokenRefreshInternal(context.supabase);
     }
     catch (e) {
-        console.error("[floriday] auto-schedule cron failed:", e);
+        console.error("[floriday] auto-schedule token cron failed:", e);
+    }
+    try {
+        await scheduleFlorydayConnectionsSyncInternal(context.supabase);
+    }
+    catch (e) {
+        console.error("[floriday] auto-schedule connections-sync cron failed:", e);
+    }
+    // Plan ook alle resource-syncs automatisch in (trade-items, sales-orders,
+    // customer-organizations, carriers). Best-effort: een mislukte cron breekt
+    // het opslaan van credentials niet.
+    try {
+        const { scheduleFlorydayResourceSyncInternal } = await import("./floriday-sync.functions");
+        const resources = [
+            "trade-items",
+            "sales-orders",
+            "customer-organizations",
+            "carriers",
+        ];
+        for (const r of resources) {
+            try {
+                await scheduleFlorydayResourceSyncInternal(context.supabase, r);
+            }
+            catch (e) {
+                console.error(`[floriday] auto-schedule ${r} cron failed:`, e);
+            }
+        }
+    }
+    catch (e) {
+        console.error("[floriday] auto-schedule resource crons failed:", e);
     }
     // Organisatienaam ophalen gebeurt non-blocking via een aparte call
     // (testFlorydayConnection / handmatige refresh). Houdt opslag snel.
@@ -322,14 +435,43 @@ export const testFlorydayConnection = createServerFn({ method: "POST" })
         return { ok: false, error: e?.message ?? "Onbekende fout" };
     }
 });
+/**
+ * Bepaalt de base-URL waar pg_cron de Lovable-app moet aanroepen.
+ *
+ * Volgorde (eerste hit wint):
+ *  1. `FLORIDAY_CRON_BASE_URL`  — custom domain of override
+ *  2. `LOVABLE_PROJECT_ID`      → `https://project--{id}.lovable.app`
+ *  3. Hardcoded fallback voor dít project
+ *
+ * Bewust NIET terugvallen op `VITE_SUPABASE_PROJECT_ID` /
+ * `SUPABASE_PROJECT_ID`: die bevatten de Supabase project-ref, niet de
+ * Lovable project-ID — gebruik daarvan was de oorzaak van een stille
+ * cron-mismatch waardoor tokens nooit werden ververst.
+ */
+const HARDCODED_LOVABLE_PROJECT_ID = "27b6733b-2e2f-4518-b204-681958559055";
+const MANAGED_FLORYDAY_CRON_JOB_NAMES = new Set([
+    "refresh-floriday-tokens-hourly",
+    "floriday-connections-sync-twice-daily",
+    "floriday-trade-items-sync-5min",
+    "floriday-salesorders-sync-5min",
+    "floriday-customer-organizations-sync-twice-daily",
+    "floriday-carriers-sync-twice-daily",
+]);
+export function resolveFlorydayCronBaseUrl() {
+    const custom = process.env.FLORIDAY_CRON_BASE_URL?.trim();
+    if (custom)
+        return custom.replace(/\/+$/, "");
+    const lovableId = process.env.LOVABLE_PROJECT_ID?.trim() || HARDCODED_LOVABLE_PROJECT_ID;
+    if (!lovableId) {
+        throw new Error("Kan cron-URL niet bepalen: zet FLORIDAY_CRON_BASE_URL of LOVABLE_PROJECT_ID");
+    }
+    return `https://project--${lovableId}.lovable.app`;
+}
 async function scheduleFlorydayTokenRefreshInternal(supabase) {
-    const projectId = process.env.VITE_SUPABASE_PROJECT_ID ?? process.env.SUPABASE_PROJECT_ID;
     const apikey = process.env.SUPABASE_PUBLISHABLE_KEY ?? process.env.VITE_SUPABASE_PUBLISHABLE_KEY;
-    if (!projectId)
-        throw new Error("Project-id ontbreekt in server-env");
     if (!apikey)
         throw new Error("Supabase anon key ontbreekt in server-env");
-    const url = `https://project--${projectId}.lovable.app/api/public/cron/refresh-floriday-tokens`;
+    const url = `${resolveFlorydayCronBaseUrl()}/api/public/cron/refresh-floriday-tokens`;
     const { data, error } = await supabase.rpc("schedule_floriday_token_refresh", { p_url: url, p_apikey: apikey });
     if (error)
         throw new Error(error.message);
@@ -449,3 +591,299 @@ export const updateFlorydayPublishingSettings = createServerFn({ method: "POST"
         throw new Error(error.message);
     return { ok: true };
 });
+// ─── Generieke sequence-sync laag ───────────────────────────────────────────
+// Floriday vereist sequence-endpoints i.p.v. GetById: eerst
+// /<entity>/max-sequence, daarna /<entity>/sync/{seq}. Deze helper houdt
+// de cursor in `floriday_sync_state` per (connection, entity).
+const SEQUENCE_BATCH_CAP = 1000;
+async function fetchMaxSequence(supabase, env, maxSequenceEndpoint) {
+    const res = await florydayFetch(supabase, env, maxSequenceEndpoint, { cache: "no-store" });
+    if (!res.ok) {
+        const body = await res.text().catch(() => "");
+        throw new Error(`max-sequence [${res.status}]: ${body.slice(0, 200)}`);
+    }
+    const json = await res.json().catch(() => null);
+    if (typeof json === "number")
+        return json;
+    const n = json?.maxSequenceNumber ?? json?.maxSequence ?? json?.value;
+    if (typeof n !== "number") {
+        throw new Error(`Onbekende max-sequence response: ${JSON.stringify(json).slice(0, 200)}`);
+    }
+    return n;
+}
+async function fetchBySequence(supabase, env, bySequenceEndpointBase, fromSequence) {
+    const url = `${bySequenceEndpointBase}/${fromSequence}`;
+    const res = await florydayFetch(supabase, env, url, { cache: "no-store" });
+    if (!res.ok) {
+        const body = await res.text().catch(() => "");
+        throw new Error(`by-sequence [${res.status}]: ${body.slice(0, 200)}`);
+    }
+    const json = await res.json().catch(() => null);
+    return Array.isArray(json) ? json : Array.isArray(json?.results) ? json.results : [];
+}
+export async function syncFloridayEntityBySequence(supabase, env, connectionId, opts) {
+    const t0 = Date.now();
+    const { data: stateRow } = await supabase
+        .from("floriday_sync_state")
+        .select("last_sequence_number")
+        .eq("connection_id", connectionId)
+        .eq("entity_type", opts.entityType)
+        .maybeSingle();
+    const startCursor = stateRow?.last_sequence_number ?? 0;
+    try {
+        // Debug-logging: helpt 401's onderscheid maken tussen scope-issue,
+        // expired token en wrong env. Token zelf wordt NIET gelogd.
+        try {
+            const { data: connRow } = await supabase
+                .from("floriday_connections")
+                .select("token_expires_at")
+                .eq("id", connectionId)
+                .maybeSingle();
+            console.log("[floriday-sync] resource=%s connection_id=%s scopes=%s expires=%s", opts.entityType, connectionId, DEFAULT_SCOPE, connRow?.token_expires_at ?? "n/a");
+        }
+        catch {
+            /* logging mag nooit de sync breken */
+        }
+        const maxSeq = await fetchMaxSequence(supabase, env, opts.maxSequenceEndpoint);
+        let cursor = startCursor;
+        let totalSynced = 0;
+        let safety = 0;
+        while (cursor < maxSeq && safety < 1000) {
+            safety++;
+            const batch = await fetchBySequence(supabase, env, opts.bySequenceEndpointBase, cursor);
+            if (batch.length === 0)
+                break;
+            const highest = batch.reduce((m, item) => {
+                const s = Number(item?.sequenceNumber ?? item?.sequence_number ?? 0);
+                return s > m ? s : m;
+            }, cursor);
+            await opts.onBatch(batch, highest);
+            totalSynced += batch.length;
+            if (highest <= cursor)
+                break;
+            cursor = highest;
+            if (batch.length < SEQUENCE_BATCH_CAP)
+                break;
+        }
+        await supabase
+            .from("floriday_sync_state")
+            .upsert({
+            connection_id: connectionId,
+            entity_type: opts.entityType,
+            last_sequence_number: cursor,
+            last_synced_at: new Date().toISOString(),
+            last_error: null,
+        });
+        return {
+            synced: totalSynced,
+            fromSequence: startCursor,
+            toSequence: cursor,
+            durationMs: Date.now() - t0,
+        };
+    }
+    catch (e) {
+        const msg = e?.message ?? String(e);
+        await supabase
+            .from("floriday_sync_state")
+            .upsert({
+            connection_id: connectionId,
+            entity_type: opts.entityType,
+            last_sequence_number: startCursor,
+            last_error: msg.slice(0, 500),
+        });
+        throw e;
+    }
+}
+// ─── Connections sync (productie) ───────────────────────────────────────────
+// In-memory cache voor organisatienamen — TTL 24u, per Worker-instance.
+// Voorkomt dat we voor elke connection-sync opnieuw /organizations/{id} aanroepen.
+const ORG_NAME_TTL_MS = 24 * 60 * 60 * 1000;
+const orgNameCache = new Map();
+async function fetchBuyerOrganizationName(supabase, env, orgId) {
+    const key = `${env}:${orgId}`;
+    const hit = orgNameCache.get(key);
+    if (hit && Date.now() - hit.at < ORG_NAME_TTL_MS)
+        return hit.name;
+    try {
+        const res = await florydayFetch(supabase, env, `/${SUPPLIERS_API_VERSION}/organizations/${orgId}`, { cache: "no-store" });
+        if (!res.ok) {
+            const body = await res.text().catch(() => "");
+            console.error(`[floriday] organizations/${orgId} failed [${res.status}]: ${body.slice(0, 200)}`);
+            orgNameCache.set(key, { name: null, at: Date.now() });
+            return null;
+        }
+        const json = await res.json().catch(() => null);
+        const name = json?.name ?? json?.commercialName ?? json?.organizationName ?? null;
+        if (!name) {
+            console.error(`[floriday] organizations/${orgId} OK but no name field; keys=${Object.keys(json ?? {}).join(",")}`);
+        }
+        orgNameCache.set(key, { name, at: Date.now() });
+        return name;
+    }
+    catch (e) {
+        console.error(`[floriday] organizations/${orgId} threw: ${e?.message ?? e}`);
+        orgNameCache.set(key, { name: null, at: Date.now() });
+        return null;
+    }
+}
+export async function runFloridayConnectionsSync(supabase, env) {
+    const row = await getActiveFlorydayCredentials(supabase, env);
+    if (!row)
+        throw new Error(`Geen actieve Floriday-koppeling voor ${env}`);
+    return syncFloridayEntityBySequence(supabase, env, row.id, {
+        entityType: "connections",
+        maxSequenceEndpoint: `/${SUPPLIERS_API_VERSION}/connections/current-max-sequence`,
+        bySequenceEndpointBase: `/${SUPPLIERS_API_VERSION}/connections/sync`,
+        onBatch: async (items, _highest) => {
+            const baseRows = items
+                .map((item) => {
+                const fid = item?.customerOrganizationId ?? null;
+                if (!fid)
+                    return null;
+                return {
+                    connection_id: row.id,
+                    floriday_connection_id: String(fid),
+                    sequence_number: Number(item?.sequenceNumber ?? 0),
+                    buyer_organization_id: String(fid),
+                    status: null,
+                    is_deleted: Boolean(item?.isDeleted),
+                    data: item,
+                    synced_at: new Date().toISOString(),
+                };
+            })
+                .filter(Boolean);
+            if (baseRows.length === 0)
+                return;
+            // Verzamel unieke buyer_organization_ids en haal namen op (parallel, max 5 tegelijk).
+            const uniqueIds = Array.from(new Set(baseRows.map((r) => r.buyer_organization_id)));
+            const nameMap = new Map();
+            const CONCURRENCY = 5;
+            for (let i = 0; i < uniqueIds.length; i += CONCURRENCY) {
+                const slice = uniqueIds.slice(i, i + CONCURRENCY);
+                const results = await Promise.all(slice.map((id) => fetchBuyerOrganizationName(supabase, env, id)));
+                slice.forEach((id, idx) => nameMap.set(id, results[idx] ?? null));
+            }
+            const rows = baseRows.map((r) => ({
+                ...r,
+                buyer_organization_name: nameMap.get(r.buyer_organization_id) ?? null,
+            }));
+            const { error } = await supabase
+                .from("floriday_connections_cache")
+                .upsert(rows, { onConflict: "connection_id,floriday_connection_id" });
+            if (error)
+                throw new Error(`cache upsert: ${error.message}`);
+        },
+    });
+}
+export const syncFlorydayConnections = createServerFn({ method: "POST" })
+    .middleware([requireSupabaseAuth])
+    .inputValidator((input) => {
+    if (!["staging", "live"].includes(input.environment)) {
+        throw new Error("Ongeldige environment");
+    }
+    return input;
+})
+    .handler(async ({ data, context }) => {
+    try {
+        const result = await runFloridayConnectionsSync(context.supabase, data.environment);
+        return { ok: true, ...result };
+    }
+    catch (e) {
+        return { ok: false, error: e?.message ?? "Onbekende fout" };
+    }
+});
+export const getFlorydaySyncStatus = createServerFn({ method: "POST" })
+    .middleware([requireSupabaseAuth])
+    .inputValidator((input) => {
+    if (!["staging", "live"].includes(input.environment)) {
+        throw new Error("Ongeldige environment");
+    }
+    return input;
+})
+    .handler(async ({ data, context }) => {
+    const row = await getActiveFlorydayCredentials(context.supabase, data.environment);
+    if (!row)
+        return { ok: false, error: `Geen actieve koppeling voor ${data.environment}` };
+    const { data: states } = await context.supabase
+        .from("floriday_sync_state")
+        .select("entity_type, last_sequence_number, last_synced_at, last_error")
+        .eq("connection_id", row.id);
+    const CACHE_TABLE = {
+        "connections": "floriday_connections_cache",
+        "trade-items": "floriday_trade_items_cache",
+        "sales-orders": "floriday_salesorders_cache",
+        "customer-organizations": "floriday_customers_cache",
+        "carriers": "floriday_carriers_cache",
+    };
+    const statuses = [];
+    for (const s of (states ?? [])) {
+        let cached_count = 0;
+        const table = CACHE_TABLE[s.entity_type];
+        if (table) {
+            const { count } = await context.supabase
+                .from(table)
+                .select("connection_id", { count: "exact", head: true })
+                .eq("connection_id", row.id);
+            cached_count = count ?? 0;
+        }
+        statuses.push({
+            entity_type: s.entity_type,
+            last_sequence_number: s.last_sequence_number,
+            last_synced_at: s.last_synced_at,
+            last_error: s.last_error,
+            cached_count,
+        });
+    }
+    return { ok: true, statuses };
+});
+async function scheduleFlorydayConnectionsSyncInternal(supabase) {
+    const apikey = process.env.SUPABASE_PUBLISHABLE_KEY ?? process.env.VITE_SUPABASE_PUBLISHABLE_KEY;
+    if (!apikey)
+        throw new Error("Supabase anon key ontbreekt in server-env");
+    const url = `${resolveFlorydayCronBaseUrl()}/api/public/cron/sync-floriday-connections`;
+    const { data, error } = await supabase.rpc("schedule_floriday_connections_sync", { p_url: url, p_apikey: apikey });
+    if (error)
+        throw new Error(error.message);
+    return { jobid: data, url };
+}
+export const setupFlorydayConnectionsSyncCron = createServerFn({ method: "POST" })
+    .middleware([requireSupabaseAuth])
+    .handler(async ({ context }) => {
+    const { jobid, url } = await scheduleFlorydayConnectionsSyncInternal(context.supabase);
+    return { ok: true, jobid, url };
+});
+/**
+ * Geeft een snapshot van de geplande Floriday-cron jobs zodat de UI kan
+ * tonen welke URL is ingepland (zo zien we direct als er een verkeerde
+ * project-ID in de cron staat zoals in de oude bug).
+ */
+export const getFlorydayCronStatus = createServerFn({ method: "GET" })
+    .middleware([requireSupabaseAuth])
+    .handler(async ({ context }) => {
+    const expectedBase = (() => {
+        try {
+            return resolveFlorydayCronBaseUrl();
+        }
+        catch {
+            return null;
+        }
+    })();
+    const { data, error } = await context.supabase
+        .rpc("get_floriday_cron_jobs");
+    if (error) {
+        return { ok: false, error: error.message, expectedBase };
+    }
+    const jobs = (data ?? []).filter((job) => MANAGED_FLORYDAY_CRON_JOB_NAMES.has(job.jobname));
+    return { ok: true, jobs, expectedBase };
+});
+/**
+ * Herinstalleert beide Floriday-crons in één call met de correct
+ * gedetecteerde base-URL. Idempotent: bestaande jobs worden overschreven.
+ */
+export const reinstallFlorydayCrons = createServerFn({ method: "POST" })
+    .middleware([requireSupabaseAuth])
+    .handler(async ({ context }) => {
+    const token = await scheduleFlorydayTokenRefreshInternal(context.supabase);
+    const conn = await scheduleFlorydayConnectionsSyncInternal(context.supabase);
+    return { ok: true, token, connections: conn };
+});

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@flowselections/floriday-authenticatie-module",
-  "version": "1.0.11",
+  "version": "1.0.13",
   "sideEffects": false,
   "type": "module",
   "main": "./dist-lib/index.js",
@@ -37,7 +37,7 @@
   "devDependencies": {
     "@flowselections/core": "^1.0.11",
     "@eslint/js": "^9.32.0",
-    "@lovable.dev/vite-tanstack-config": "^1.2.0",
+    "@lovable.dev/vite-tanstack-config": "2.5.3",
     "@types/node": "^22.16.5",
     "@types/react": "^19.2.0",
     "@types/react-dom": "^19.2.0",
@@ -58,7 +58,8 @@
     "tw-animate-css": "^1.3.4",
     "vite-tsconfig-paths": "^6.0.2",
     "react": "^19.2.0",
-    "react-dom": "^19.2.0"
+    "react-dom": "^19.2.0",
+    "nitro": "3.0.260603-beta"
   },
   "private": false,
   "flowselections": {
@@ -66,7 +67,7 @@
     "pages": [
       {
         "export": "FlorydayConnectionPage",
-        "route": "floriday-authenticatie/connection",
+        "route": "floriday-connection",
         "title": "Connectie"
       }
     ]