npm - @fydemy/cms - Versions diffs - 1.0.0 - Mend

@fydemy/cms 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/dist/index.mjs ADDED Viewed

@@ -0,0 +1,862 @@
+var __defProp = Object.defineProperty;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __esm = (fn, res) => function __init() {
+  return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
+};
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+// src/utils/rate-limit.ts
+var rate_limit_exports = {};
+__export(rate_limit_exports, {
+  checkRateLimit: () => checkRateLimit,
+  cleanupRateLimitStore: () => cleanupRateLimitStore,
+  incrementRateLimit: () => incrementRateLimit,
+  resetRateLimit: () => resetRateLimit
+});
+function checkRateLimit(identifier) {
+  const now = Date.now();
+  const entry = rateLimitStore.get(identifier);
+  if (!entry || now > entry.resetTime) {
+    rateLimitStore.set(identifier, {
+      count: 0,
+      resetTime: now + WINDOW_MS
+    });
+    return {
+      isLimited: false,
+      remaining: MAX_ATTEMPTS,
+      resetTime: now + WINDOW_MS
+    };
+  }
+  if (entry.count >= MAX_ATTEMPTS) {
+    return {
+      isLimited: true,
+      remaining: 0,
+      resetTime: entry.resetTime
+    };
+  }
+  return {
+    isLimited: false,
+    remaining: MAX_ATTEMPTS - entry.count,
+    resetTime: entry.resetTime
+  };
+}
+function incrementRateLimit(identifier) {
+  const now = Date.now();
+  const entry = rateLimitStore.get(identifier);
+  if (!entry || now > entry.resetTime) {
+    rateLimitStore.set(identifier, {
+      count: 1,
+      resetTime: now + WINDOW_MS
+    });
+  } else {
+    entry.count++;
+  }
+}
+function resetRateLimit(identifier) {
+  rateLimitStore.delete(identifier);
+}
+function cleanupRateLimitStore() {
+  const now = Date.now();
+  for (const [identifier, entry] of rateLimitStore.entries()) {
+    if (now > entry.resetTime) {
+      rateLimitStore.delete(identifier);
+    }
+  }
+}
+var rateLimitStore, MAX_ATTEMPTS, WINDOW_MS;
+var init_rate_limit = __esm({
+  "src/utils/rate-limit.ts"() {
+    "use strict";
+    rateLimitStore = /* @__PURE__ */ new Map();
+    MAX_ATTEMPTS = 5;
+    WINDOW_MS = 15 * 60 * 1e3;
+    if (typeof setInterval !== "undefined") {
+      setInterval(cleanupRateLimitStore, 5 * 60 * 1e3);
+    }
+  }
+});
+// src/content/markdown.ts
+import matter from "gray-matter";
+// src/content/storage.ts
+import fs from "fs/promises";
+import path from "path";
+import { Octokit } from "@octokit/rest";
+var LocalStorage = class {
+  constructor(baseDir = "public/content") {
+    this.baseDir = baseDir;
+  }
+  getFullPath(filePath) {
+    return path.join(process.cwd(), this.baseDir, filePath);
+  }
+  async readFile(filePath) {
+    const fullPath = this.getFullPath(filePath);
+    return fs.readFile(fullPath, "utf-8");
+  }
+  async writeFile(filePath, content) {
+    const fullPath = this.getFullPath(filePath);
+    await fs.mkdir(path.dirname(fullPath), { recursive: true });
+    await fs.writeFile(fullPath, content, "utf-8");
+  }
+  async deleteFile(filePath) {
+    const fullPath = this.getFullPath(filePath);
+    await fs.unlink(fullPath);
+  }
+  async listFiles(directory) {
+    const fullPath = this.getFullPath(directory);
+    try {
+      const entries = await fs.readdir(fullPath, { withFileTypes: true });
+      return entries.map((entry) => ({
+        path: path.join(directory, entry.name),
+        name: entry.name,
+        type: entry.isDirectory() ? "directory" : "file"
+      })).filter(
+        (entry) => entry.type === "directory" || entry.name.endsWith(".md")
+      );
+    } catch (error) {
+      return [];
+    }
+  }
+  async exists(filePath) {
+    try {
+      const fullPath = this.getFullPath(filePath);
+      await fs.access(fullPath);
+      return true;
+    } catch {
+      return false;
+    }
+  }
+  async uploadFile(filePath, buffer) {
+    const uploadPath = path.join(process.cwd(), "public", "uploads", filePath);
+    await fs.mkdir(path.dirname(uploadPath), { recursive: true });
+    await fs.writeFile(uploadPath, buffer);
+    return `/uploads/${filePath}`;
+  }
+};
+var GitHubStorage = class {
+  constructor() {
+    const token = process.env.GITHUB_TOKEN;
+    const repoInfo = process.env.GITHUB_REPO;
+    if (!token || !repoInfo) {
+      throw new Error(
+        "GITHUB_TOKEN and GITHUB_REPO must be set for production"
+      );
+    }
+    const [owner, repo] = repoInfo.split("/");
+    if (!owner || !repo) {
+      throw new Error('GITHUB_REPO must be in format "owner/repo"');
+    }
+    this.octokit = new Octokit({ auth: token });
+    this.owner = owner;
+    this.repo = repo;
+    this.branch = process.env.GITHUB_BRANCH || "main";
+    this.baseDir = "public/content";
+  }
+  getGitHubPath(filePath) {
+    return `${this.baseDir}/${filePath}`;
+  }
+  async readFile(filePath) {
+    const { data } = await this.octokit.repos.getContent({
+      owner: this.owner,
+      repo: this.repo,
+      path: this.getGitHubPath(filePath),
+      ref: this.branch
+    });
+    if ("content" in data) {
+      return Buffer.from(data.content, "base64").toString("utf-8");
+    }
+    throw new Error("File not found");
+  }
+  async writeFile(filePath, content) {
+    const githubPath = this.getGitHubPath(filePath);
+    let sha;
+    try {
+      const { data } = await this.octokit.repos.getContent({
+        owner: this.owner,
+        repo: this.repo,
+        path: githubPath,
+        ref: this.branch
+      });
+      if ("sha" in data) {
+        sha = data.sha;
+      }
+    } catch (error) {
+    }
+    await this.octokit.repos.createOrUpdateFileContents({
+      owner: this.owner,
+      repo: this.repo,
+      path: githubPath,
+      message: `Update ${filePath}`,
+      content: Buffer.from(content).toString("base64"),
+      branch: this.branch,
+      sha
+    });
+  }
+  async deleteFile(filePath) {
+    const githubPath = this.getGitHubPath(filePath);
+    const { data } = await this.octokit.repos.getContent({
+      owner: this.owner,
+      repo: this.repo,
+      path: githubPath,
+      ref: this.branch
+    });
+    if ("sha" in data) {
+      await this.octokit.repos.deleteFile({
+        owner: this.owner,
+        repo: this.repo,
+        path: githubPath,
+        message: `Delete ${filePath}`,
+        sha: data.sha,
+        branch: this.branch
+      });
+    }
+  }
+  async listFiles(directory) {
+    const githubPath = this.getGitHubPath(directory);
+    try {
+      const { data } = await this.octokit.repos.getContent({
+        owner: this.owner,
+        repo: this.repo,
+        path: githubPath,
+        ref: this.branch
+      });
+      if (Array.isArray(data)) {
+        return data.map((item) => ({
+          path: path.join(directory, item.name),
+          name: item.name,
+          type: item.type === "dir" ? "directory" : "file"
+        })).filter(
+          (entry) => entry.type === "directory" || entry.name.endsWith(".md")
+        );
+      }
+    } catch (error) {
+    }
+    return [];
+  }
+  async exists(filePath) {
+    try {
+      await this.octokit.repos.getContent({
+        owner: this.owner,
+        repo: this.repo,
+        path: this.getGitHubPath(filePath),
+        ref: this.branch
+      });
+      return true;
+    } catch {
+      return false;
+    }
+  }
+  async uploadFile(filePath, buffer) {
+    const uploadPath = `public/uploads/${filePath}`;
+    await this.octokit.repos.createOrUpdateFileContents({
+      owner: this.owner,
+      repo: this.repo,
+      path: uploadPath,
+      message: `Upload file: ${filePath}`,
+      content: buffer.toString("base64"),
+      branch: this.branch
+    });
+    return `/uploads/${filePath}`;
+  }
+};
+function getStorageProvider() {
+  if (process.env.NODE_ENV === "production" && process.env.GITHUB_TOKEN) {
+    return new GitHubStorage();
+  }
+  return new LocalStorage();
+}
+// src/utils/validation.ts
+import path2 from "path";
+var MAX_USERNAME_LENGTH = 100;
+var MAX_PASSWORD_LENGTH = 1e3;
+var MAX_FILE_SIZE = 10 * 1024 * 1024;
+function validateFilePath(filePath) {
+  if (!filePath || typeof filePath !== "string") {
+    throw new Error("Invalid file path");
+  }
+  if (filePath.includes("\0")) {
+    throw new Error("Invalid file path: null byte detected");
+  }
+  if (filePath.includes("..")) {
+    throw new Error("Invalid file path: directory traversal detected");
+  }
+  const normalized = path2.normalize(filePath).replace(/^(\.\.(\/|\\|$))+/, "");
+  if (normalized.startsWith("/") || normalized.startsWith("\\")) {
+    throw new Error("Invalid file path: directory traversal detected");
+  }
+  const dangerousPatterns = [
+    /\.\./,
+    /^[/\\]/,
+    /[<>:"|?*]/,
+    /\x00/,
+    /^(con|prn|aux|nul|com[0-9]|lpt[0-9])(\..*)?$/i
+    // Windows reserved names
+  ];
+  for (const pattern of dangerousPatterns) {
+    if (pattern.test(normalized)) {
+      throw new Error("Invalid file path: contains dangerous characters");
+    }
+  }
+  return normalized;
+}
+function validateUsername(username) {
+  if (!username || typeof username !== "string") {
+    throw new Error("Username is required");
+  }
+  if (username.length > MAX_USERNAME_LENGTH) {
+    throw new Error(
+      `Username must be ${MAX_USERNAME_LENGTH} characters or less`
+    );
+  }
+  if (!/^[a-zA-Z0-9_-]+$/.test(username)) {
+    throw new Error(
+      "Username must contain only letters, numbers, underscores, and hyphens"
+    );
+  }
+  return true;
+}
+function validatePassword(password) {
+  if (!password || typeof password !== "string") {
+    throw new Error("Password is required");
+  }
+  if (password.length > MAX_PASSWORD_LENGTH) {
+    throw new Error(
+      `Password must be ${MAX_PASSWORD_LENGTH} characters or less`
+    );
+  }
+  return true;
+}
+function validateFileSize(size) {
+  if (size > MAX_FILE_SIZE) {
+    throw new Error(
+      `File size exceeds maximum allowed size of ${MAX_FILE_SIZE / 1024 / 1024}MB`
+    );
+  }
+  return true;
+}
+function sanitizeFrontmatter(data) {
+  const sanitized = {};
+  for (const [key, value] of Object.entries(data)) {
+    if (!/^[a-zA-Z0-9_-]+$/.test(key)) {
+      continue;
+    }
+    if (typeof value === "string") {
+      sanitized[key] = value.replace(/\x00/g, "");
+    } else if (typeof value === "number" || typeof value === "boolean" || value === null) {
+      sanitized[key] = value;
+    } else if (Array.isArray(value)) {
+      sanitized[key] = value.map(
+        (item) => typeof item === "string" ? item.replace(/\x00/g, "") : item
+      );
+    } else if (typeof value === "object") {
+      sanitized[key] = sanitizeFrontmatter(value);
+    }
+  }
+  return sanitized;
+}
+// src/content/markdown.ts
+function parseMarkdown(rawContent) {
+  const { data, content } = matter(rawContent);
+  return { data, content };
+}
+function stringifyMarkdown(data, content) {
+  return matter.stringify(content, data);
+}
+async function getMarkdownContent(filePath) {
+  const validatedPath = validateFilePath(filePath);
+  const storage = getStorageProvider();
+  const rawContent = await storage.readFile(validatedPath);
+  const size = Buffer.byteLength(rawContent, "utf-8");
+  if (size > MAX_FILE_SIZE) {
+    throw new Error(
+      `File size (${size} bytes) exceeds maximum allowed size (${MAX_FILE_SIZE} bytes)`
+    );
+  }
+  return parseMarkdown(rawContent);
+}
+async function saveMarkdownContent(filePath, data, content) {
+  const validatedPath = validateFilePath(filePath);
+  const sanitizedData = sanitizeFrontmatter(data);
+  const markdown = stringifyMarkdown(sanitizedData, content);
+  const size = Buffer.byteLength(markdown, "utf-8");
+  if (size > MAX_FILE_SIZE) {
+    throw new Error(
+      `Content size (${size} bytes) exceeds maximum allowed size (${MAX_FILE_SIZE} bytes)`
+    );
+  }
+  const storage = getStorageProvider();
+  await storage.writeFile(validatedPath, markdown);
+}
+async function deleteMarkdownContent(filePath) {
+  const validatedPath = validateFilePath(filePath);
+  const storage = getStorageProvider();
+  await storage.deleteFile(validatedPath);
+}
+async function listMarkdownFiles(directory = "") {
+  const validatedDir = directory ? validateFilePath(directory) : "";
+  const storage = getStorageProvider();
+  const entries = await storage.listFiles(validatedDir);
+  return entries.filter((entry) => entry.type === "file").map((entry) => entry.path);
+}
+async function markdownFileExists(filePath) {
+  const validatedPath = validateFilePath(filePath);
+  const storage = getStorageProvider();
+  return storage.exists(validatedPath);
+}
+// src/content/directory.ts
+async function listDirectory(directory = "") {
+  const storage = getStorageProvider();
+  return storage.listFiles(directory);
+}
+// src/content/collection.ts
+async function getCollectionItems(folderName) {
+  const storage = getStorageProvider();
+  const entries = await storage.listFiles(folderName);
+  const mdFiles = entries.filter(
+    (entry) => entry.type === "file" && entry.path.endsWith(".md")
+  );
+  const items = await Promise.all(
+    mdFiles.map(async (file) => {
+      const rawContent = await storage.readFile(file.path);
+      const { data, content } = parseMarkdown(rawContent);
+      const slug = file.path.split("/").pop().replace(/\.md$/, "");
+      return {
+        content,
+        data,
+        slug
+      };
+    })
+  );
+  return items;
+}
+async function getCollectionItem(folderName, slug) {
+  const storage = getStorageProvider();
+  const filePath = `${folderName}/${slug}.md`;
+  try {
+    const exists = await storage.exists(filePath);
+    if (!exists) {
+      return null;
+    }
+    const rawContent = await storage.readFile(filePath);
+    const { data, content } = parseMarkdown(rawContent);
+    return {
+      content,
+      data,
+      slug
+    };
+  } catch (error) {
+    return null;
+  }
+}
+async function getCollections(baseDir = "") {
+  const storage = getStorageProvider();
+  const entries = await storage.listFiles(baseDir);
+  return entries.filter((entry) => entry.type === "directory").map((entry) => entry.path.split("/").pop()).filter(Boolean);
+}
+// src/content/upload.ts
+async function uploadFile(fileName, buffer) {
+  const storage = getStorageProvider();
+  const timestamp = Date.now();
+  const ext = fileName.split(".").pop();
+  const nameWithoutExt = fileName.replace(`.${ext}`, "");
+  const uniqueFileName = `${nameWithoutExt}-${timestamp}.${ext}`;
+  return storage.uploadFile(uniqueFileName, buffer);
+}
+// src/auth/session.ts
+import { SignJWT, jwtVerify } from "jose";
+import { cookies } from "next/headers";
+var SESSION_COOKIE_NAME = "cms-session";
+var SESSION_DURATION = 60 * 60 * 24 * 7;
+function getSecretKey() {
+  const secret = process.env.CMS_SESSION_SECRET;
+  if (!secret || secret.length < 32) {
+    throw new Error("CMS_SESSION_SECRET must be at least 32 characters");
+  }
+  return new TextEncoder().encode(secret);
+}
+async function createSession(username) {
+  const payload = {
+    username,
+    exp: Math.floor(Date.now() / 1e3) + SESSION_DURATION
+  };
+  const token = await new SignJWT(payload).setProtectedHeader({ alg: "HS256" }).setExpirationTime("7d").sign(getSecretKey());
+  return token;
+}
+async function verifySession(token) {
+  try {
+    const { payload } = await jwtVerify(token, getSecretKey());
+    if (typeof payload.username === "string" && typeof payload.exp === "number") {
+      return payload;
+    }
+    return null;
+  } catch (error) {
+    return null;
+  }
+}
+async function getSessionFromCookies() {
+  const cookieStore = await cookies();
+  const token = cookieStore.get(SESSION_COOKIE_NAME)?.value;
+  if (!token) {
+    return null;
+  }
+  return verifySession(token);
+}
+async function setSessionCookie(token) {
+  const cookieStore = await cookies();
+  cookieStore.set(SESSION_COOKIE_NAME, token, {
+    httpOnly: true,
+    secure: process.env.NODE_ENV === "production",
+    sameSite: "lax",
+    maxAge: SESSION_DURATION,
+    path: "/"
+  });
+}
+async function clearSessionCookie() {
+  const cookieStore = await cookies();
+  cookieStore.delete(SESSION_COOKIE_NAME);
+}
+// src/auth/login.ts
+import crypto from "crypto";
+function validateCredentials(username, password) {
+  try {
+    validateUsername(username);
+    validatePassword(password);
+  } catch (error) {
+    return false;
+  }
+  const envUsername = process.env.CMS_ADMIN_USERNAME;
+  const envPassword = process.env.CMS_ADMIN_PASSWORD;
+  if (!envUsername || !envPassword) {
+    throw new Error(
+      "CMS_ADMIN_USERNAME and CMS_ADMIN_PASSWORD must be set in environment variables"
+    );
+  }
+  const usernameMatch = timingSafeEqual(username, envUsername);
+  const passwordMatch = timingSafeEqual(password, envPassword);
+  return usernameMatch && passwordMatch;
+}
+function timingSafeEqual(a, b) {
+  try {
+    const bufferA = Buffer.from(a, "utf-8");
+    const bufferB = Buffer.from(b, "utf-8");
+    if (bufferA.length !== bufferB.length) {
+      const dummyBuffer = Buffer.alloc(bufferA.length);
+      crypto.timingSafeEqual(bufferA, dummyBuffer);
+      return false;
+    }
+    return crypto.timingSafeEqual(bufferA, bufferB);
+  } catch {
+    return false;
+  }
+}
+// src/api/handlers.ts
+import { NextResponse } from "next/server";
+async function handleLogin(request) {
+  try {
+    const ip = request.headers.get("x-forwarded-for")?.split(",")[0] || request.headers.get("x-real-ip") || "unknown";
+    const { checkRateLimit: checkRateLimit2, incrementRateLimit: incrementRateLimit2, resetRateLimit: resetRateLimit2 } = await Promise.resolve().then(() => (init_rate_limit(), rate_limit_exports));
+    const rateLimit = checkRateLimit2(ip);
+    if (rateLimit.isLimited) {
+      const retryAfter = Math.ceil((rateLimit.resetTime - Date.now()) / 1e3);
+      return NextResponse.json(
+        {
+          error: "Too many login attempts. Please try again later.",
+          retryAfter
+        },
+        {
+          status: 429,
+          headers: {
+            "Retry-After": retryAfter.toString()
+          }
+        }
+      );
+    }
+    const body = await request.json();
+    const { username, password } = body;
+    if (!username || !password) {
+      return NextResponse.json(
+        { error: "Username and password are required" },
+        { status: 400 }
+      );
+    }
+    const isValid = validateCredentials(username, password);
+    if (!isValid) {
+      incrementRateLimit2(ip);
+      return NextResponse.json(
+        { error: "Invalid credentials" },
+        { status: 401 }
+      );
+    }
+    resetRateLimit2(ip);
+    const token = await createSession(username);
+    const response = NextResponse.json({ success: true });
+    response.cookies.set("cms-session", token, {
+      httpOnly: true,
+      secure: process.env.NODE_ENV === "production",
+      sameSite: "lax",
+      maxAge: 60 * 60 * 24 * 7,
+      // 7 days
+      path: "/"
+    });
+    return response;
+  } catch (error) {
+    console.error("Login error:", error);
+    return NextResponse.json(
+      { error: "Authentication service temporarily unavailable" },
+      { status: 500 }
+    );
+  }
+}
+async function handleLogout() {
+  const response = NextResponse.json({ success: true });
+  response.cookies.delete("cms-session");
+  return response;
+}
+async function handleGetContent(_request, filePath) {
+  try {
+    const session = await getSessionFromCookies();
+    if (!session) {
+      return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+    }
+    const content = await getMarkdownContent(filePath);
+    return NextResponse.json(content);
+  } catch (error) {
+    console.error("Get content error:", error);
+    return NextResponse.json(
+      { error: "Failed to read content" },
+      { status: 500 }
+    );
+  }
+}
+async function handleSaveContent(request, filePath) {
+  try {
+    const session = await getSessionFromCookies();
+    if (!session) {
+      return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+    }
+    const body = await request.json();
+    const { data, content } = body;
+    await saveMarkdownContent(filePath, data || {}, content || "");
+    return NextResponse.json({ success: true });
+  } catch (error) {
+    console.error("Save content error:", error);
+    return NextResponse.json(
+      { error: "Failed to save content" },
+      { status: 500 }
+    );
+  }
+}
+async function handleDeleteContent(_request, filePath) {
+  try {
+    const session = await getSessionFromCookies();
+    if (!session) {
+      return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+    }
+    await deleteMarkdownContent(filePath);
+    return NextResponse.json({ success: true });
+  } catch (error) {
+    console.error("Delete content error:", error);
+    return NextResponse.json(
+      { error: "Failed to delete content" },
+      { status: 500 }
+    );
+  }
+}
+async function handleListFiles(directory = "") {
+  try {
+    const session = await getSessionFromCookies();
+    if (!session) {
+      return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+    }
+    const entries = await listDirectory(directory);
+    return NextResponse.json({ entries });
+  } catch (error) {
+    console.error("List files error:", error);
+    return NextResponse.json(
+      { error: "Failed to list files" },
+      { status: 500 }
+    );
+  }
+}
+function createContentApiHandlers() {
+  return {
+    async GET(request, { params }) {
+      const filePath = params.path.join("/");
+      return handleGetContent(request, filePath);
+    },
+    async POST(request, { params }) {
+      const filePath = params.path.join("/");
+      return handleSaveContent(request, filePath);
+    },
+    async DELETE(request, { params }) {
+      const filePath = params.path.join("/");
+      return handleDeleteContent(request, filePath);
+    }
+  };
+}
+function createListApiHandlers() {
+  return {
+    async GET(_request, { params }) {
+      const directory = params?.path?.join("/") || "";
+      return handleListFiles(directory);
+    }
+  };
+}
+// src/api/upload.ts
+import { NextResponse as NextResponse2 } from "next/server";
+async function handleUpload(request) {
+  try {
+    const session = await getSessionFromCookies();
+    if (!session) {
+      return NextResponse2.json({ error: "Unauthorized" }, { status: 401 });
+    }
+    const formData = await request.formData();
+    const file = formData.get("file");
+    if (!file) {
+      return NextResponse2.json({ error: "No file provided" }, { status: 400 });
+    }
+    const bytes = await file.arrayBuffer();
+    const buffer = Buffer.from(bytes);
+    const publicUrl = await uploadFile(file.name, buffer);
+    return NextResponse2.json({
+      success: true,
+      url: publicUrl,
+      filename: file.name
+    });
+  } catch (error) {
+    console.error("Upload error:", error);
+    return NextResponse2.json(
+      { error: "Failed to upload file" },
+      { status: 500 }
+    );
+  }
+}
+// src/middleware/auth.ts
+import { NextResponse as NextResponse3 } from "next/server";
+function createAuthMiddleware(options = {}) {
+  const loginPath = options.loginPath || "/admin/login";
+  const protectedPaths = options.protectedPaths || ["/admin"];
+  return async function middleware(request) {
+    const { pathname } = request.nextUrl;
+    const isProtected = protectedPaths.some(
+      (path4) => pathname.startsWith(path4)
+    );
+    if (!isProtected) {
+      return NextResponse3.next();
+    }
+    if (pathname === loginPath) {
+      return NextResponse3.next();
+    }
+    const session = await getSessionFromCookies();
+    if (!session) {
+      const url = request.nextUrl.clone();
+      url.pathname = loginPath;
+      url.searchParams.set("from", pathname);
+      return NextResponse3.redirect(url);
+    }
+    return NextResponse3.next();
+  };
+}
+// src/init/setup.ts
+import fs2 from "fs/promises";
+import path3 from "path";
+async function initCMS(config = {}) {
+  const contentDir = config.contentDir || "public/content";
+  const fullPath = path3.join(process.cwd(), contentDir);
+  await fs2.mkdir(fullPath, { recursive: true });
+  const exampleContent = `---
+title: Example Post
+description: This is an example markdown file
+date: ${(/* @__PURE__ */ new Date()).toISOString()}
+---
+# Welcome to your CMS!
+This is an example markdown file. You can edit or delete it from the admin dashboard.
+## Features
+- File-based content storage
+- Markdown with frontmatter
+- GitHub integration for production
+- Simple authentication
+- No database required
+`;
+  const examplePath = path3.join(fullPath, "example.md");
+  await fs2.writeFile(examplePath, exampleContent, "utf-8");
+  console.log("\u2705 CMS initialized successfully!");
+  console.log(`\u{1F4C1} Content directory: ${contentDir}`);
+  console.log(`\u{1F4DD} Example file created: ${contentDir}/example.md`);
+  console.log("");
+  console.log("Next steps:");
+  console.log("1. Set up environment variables in .env.local:");
+  console.log("   - CMS_ADMIN_USERNAME");
+  console.log("   - CMS_ADMIN_PASSWORD");
+  console.log("   - CMS_SESSION_SECRET (min 32 characters)");
+  console.log("2. For production: GITHUB_TOKEN, GITHUB_REPO, GITHUB_BRANCH");
+  console.log("3. Import and use the CMS utilities in your Next.js app");
+}
+// src/index.ts
+init_rate_limit();
+export {
+  GitHubStorage,
+  LocalStorage,
+  MAX_FILE_SIZE,
+  MAX_PASSWORD_LENGTH,
+  MAX_USERNAME_LENGTH,
+  checkRateLimit,
+  clearSessionCookie,
+  createAuthMiddleware,
+  createContentApiHandlers,
+  createListApiHandlers,
+  createSession,
+  deleteMarkdownContent,
+  getCollectionItem,
+  getCollectionItems,
+  getCollections,
+  getMarkdownContent,
+  getSessionFromCookies,
+  getStorageProvider,
+  handleDeleteContent,
+  handleGetContent,
+  handleListFiles,
+  handleLogin,
+  handleLogout,
+  handleSaveContent,
+  handleUpload,
+  incrementRateLimit,
+  initCMS,
+  listDirectory,
+  listMarkdownFiles,
+  markdownFileExists,
+  parseMarkdown,
+  resetRateLimit,
+  sanitizeFrontmatter,
+  saveMarkdownContent,
+  setSessionCookie,
+  stringifyMarkdown,
+  uploadFile,
+  validateCredentials,
+  validateFilePath,
+  validateFileSize,
+  validatePassword,
+  validateUsername,
+  verifySession
+};
+//# sourceMappingURL=index.mjs.map