@glw907/cairn-cms 0.5.1 → 0.6.0-rc.0

package/dist/sveltekit/content-routes.js

@@ -0,0 +1,183 @@
+// The admin content routes: the load and action functions a site's /admin/** shims call.
+// A factory closes over the composed runtime and the GitHub token mint, so the read and
+// commit paths are unit-testable against a fetch double with an injected token, mirroring the
+// email `send` injection in auth-routes. A shim stays one line: `export const load = routes.editLoad`.
+import { redirect, error } from '@sveltejs/kit';
+import { findConcept } from '../content/concepts.js';
+import { frontmatterFromForm, parseMarkdown, dateInputValue, serializeMarkdown } from '../content/frontmatter.js';
+import { isValidId, slugify, filenameFromId } from '../content/ids.js';
+import { appCredentials } from '../github/credentials.js';
+import { listMarkdown, readRaw, commitFile } from '../github/repo.js';
+import { installationToken } from '../github/signing.js';
+import { CommitConflictError } from '../github/types.js';
+/** The signed-in editor the guard resolved, or a login redirect. Kept local to decouple event shapes. */
+function sessionOf(event) {
+    const editor = event.locals.editor;
+    if (!editor)
+        throw redirect(303, '/admin/login');
+    return editor;
+}
+/** Look up the concept named by the `[concept]` route param, or a 404. */
+function conceptOf(runtime, params) {
+    const concept = findConcept(runtime.concepts, params.concept ?? '');
+    if (!concept)
+        throw error(404, `Unknown content type: ${params.concept ?? ''}`);
+    return concept;
+}
+export function createContentRoutes(runtime, deps = {}) {
+    const mintToken = deps.mintToken ?? ((env) => installationToken(appCredentials(runtime.backend, env)));
+    /** Layout load for every admin page: the nav, the user, and the active path. */
+    function layoutLoad(event) {
+        const editor = sessionOf(event);
+        return {
+            siteName: runtime.siteName,
+            user: { displayName: editor.displayName, role: editor.role },
+            concepts: runtime.concepts.map((c) => ({ id: c.id, label: c.label })),
+            pathname: event.url.pathname,
+            canManageEditors: editor.role === 'owner',
+            navLabel: runtime.navMenu?.label ?? null,
+        };
+    }
+    /** Redirect /admin to the first concept's list (spec §7.6: land on the first concept). */
+    function indexRedirect() {
+        const first = runtime.concepts[0];
+        if (!first)
+            throw error(404, 'No content types configured');
+        throw redirect(307, `/admin/${first.id}`);
+    }
+    /** Read a file's frontmatter for its list row, degrading to the id on any read failure. */
+    async function summarize(file, token) {
+        try {
+            const raw = await readRaw(runtime.backend, file.path, token);
+            if (raw === null)
+                return { id: file.id, title: file.id, date: null, draft: false };
+            const { frontmatter } = parseMarkdown(raw);
+            const title = typeof frontmatter.title === 'string' && frontmatter.title.trim() ? frontmatter.title : file.id;
+            const date = dateInputValue(frontmatter.date) || null;
+            return { id: file.id, title, date, draft: frontmatter.draft === true };
+        }
+        catch {
+            return { id: file.id, title: file.id, date: null, draft: false };
+        }
+    }
+    /** List a concept's entries. A listing failure degrades to an inline error, not a thrown 500. */
+    async function listLoad(event) {
+        sessionOf(event);
+        const concept = conceptOf(runtime, event.params);
+        const formError = event.url.searchParams.get('error');
+        const base = { conceptId: concept.id, label: concept.label, dated: concept.routing.dated, formError };
+        let token;
+        try {
+            token = await mintToken(event.platform?.env ?? {});
+        }
+        catch {
+            return { ...base, entries: [], error: 'Could not authenticate with GitHub.' };
+        }
+        try {
+            const files = await listMarkdown(runtime.backend, concept.dir, token);
+            const entries = await Promise.all(files.map((f) => summarize(f, token)));
+            return { ...base, entries, error: null };
+        }
+        catch {
+            return { ...base, entries: [], error: 'Could not load this content type from GitHub.' };
+        }
+    }
+    /** Create a new entry: validate the slug, refuse to clobber, and redirect to the editor. */
+    async function createAction(event) {
+        sessionOf(event);
+        const concept = conceptOf(runtime, event.params);
+        const form = await event.request.formData();
+        const raw = String(form.get('slug') ?? '').trim() || slugify(String(form.get('title') ?? ''));
+        const bounce = (msg) => {
+            throw redirect(303, `/admin/${concept.id}?error=${encodeURIComponent(msg)}`);
+        };
+        if (!isValidId(raw))
+            bounce('Enter a valid slug: lowercase letters, numbers, and hyphens.');
+        const token = await mintToken(event.platform?.env ?? {});
+        const existing = await readRaw(runtime.backend, `${concept.dir}/${filenameFromId(raw)}`, token);
+        if (existing !== null)
+            bounce('An entry with that slug already exists.');
+        throw redirect(303, `/admin/${concept.id}/${raw}?new=1`);
+    }
+    /** Coerce parsed frontmatter to the form-ready values the editor inputs expect. */
+    function formValues(fields, frontmatter) {
+        const out = {};
+        for (const field of fields) {
+            const value = frontmatter[field.name];
+            if (field.type === 'date')
+                out[field.name] = dateInputValue(value);
+            else if (field.type === 'boolean')
+                out[field.name] = value === true;
+            else if (field.type === 'tags' || field.type === 'freetags')
+                out[field.name] = Array.isArray(value) ? value.map(String) : [];
+            else
+                out[field.name] = typeof value === 'string' ? value : value == null ? '' : String(value);
+        }
+        return out;
+    }
+    /** Open a file for editing. A `?new=1` miss yields a blank document; any other miss is a 404. */
+    async function editLoad(event) {
+        sessionOf(event);
+        const concept = conceptOf(runtime, event.params);
+        const id = event.params.id ?? '';
+        if (!isValidId(id))
+            throw error(400, 'Invalid entry id');
+        const isNew = event.url.searchParams.get('new') === '1';
+        const token = await mintToken(event.platform?.env ?? {});
+        const raw = await readRaw(runtime.backend, `${concept.dir}/${filenameFromId(id)}`, token);
+        if (raw === null && !isNew)
+            throw error(404, 'Entry not found');
+        const parsed = raw === null ? { frontmatter: {}, body: '' } : parseMarkdown(raw);
+        const title = typeof parsed.frontmatter.title === 'string' && parsed.frontmatter.title.trim() ? parsed.frontmatter.title : id;
+        return {
+            conceptId: concept.id,
+            id,
+            label: concept.label,
+            fields: concept.fields,
+            frontmatter: formValues(concept.fields, parsed.frontmatter),
+            body: parsed.body,
+            title,
+            isNew,
+            saved: event.url.searchParams.get('saved') === '1',
+            error: event.url.searchParams.get('error'),
+        };
+    }
+    /** Match a commit conflict by class and by name (bundling can alias the class identity). */
+    function isConflict(err) {
+        return err instanceof CommitConflictError || err?.name === 'CommitConflictError';
+    }
+    /** Save an edit: validate, then commit with the session editor as author. Fails safe on 409. */
+    async function saveAction(event) {
+        const editor = sessionOf(event);
+        const concept = conceptOf(runtime, event.params);
+        const id = event.params.id ?? '';
+        // Confine the commit path to the concept dir, built from a validated id (the App token can
+        // write anywhere in the repo). Reject before touching GitHub.
+        if (!isValidId(id))
+            throw error(400, 'Invalid entry id');
+        const path = `${concept.dir}/${filenameFromId(id)}`;
+        const form = await event.request.formData();
+        const body = String(form.get('body') ?? '');
+        const isNew = form.get('new') === '1';
+        const suffix = isNew ? '&new=1' : '';
+        const result = concept.validate(frontmatterFromForm(concept.fields, form), body);
+        if (!result.ok) {
+            const message = Object.values(result.errors)[0] ?? 'Invalid frontmatter';
+            throw redirect(303, `/admin/${concept.id}/${id}?error=${encodeURIComponent(message)}${suffix}`);
+        }
+        const markdown = serializeMarkdown(result.data, body);
+        const token = await mintToken(event.platform?.env ?? {});
+        try {
+            await commitFile(runtime.backend, path, markdown, { message: `Update ${concept.label.toLowerCase()}: ${id}`, author: { name: editor.displayName, email: editor.email } }, token);
+        }
+        catch (err) {
+            if (isConflict(err)) {
+                const message = 'This file changed since you opened it. Reload and reapply your edits.';
+                throw redirect(303, `/admin/${concept.id}/${id}?error=${encodeURIComponent(message)}${suffix}`);
+            }
+            throw err;
+        }
+        throw redirect(303, `/admin/${concept.id}/${id}?saved=1`);
+    }
+    return { layoutLoad, indexRedirect, listLoad, createAction, editLoad, saveAction, mintToken };
+}

package/dist/sveltekit/editors-routes.d.ts

@@ -0,0 +1,24 @@
+import type { Editor } from '../auth/types.js';
+import type { RequestContext } from './types.js';
+export declare function createEditorRoutes(): {
+    editorsLoad: (event: RequestContext) => Promise<{
+        editors: Editor[];
+        self: string;
+    }>;
+    addEditorAction: (event: RequestContext) => Promise<import("@sveltejs/kit").ActionFailure<{
+        error: string;
+    }> | {
+        ok: true;
+    }>;
+    removeEditorAction: (event: RequestContext) => Promise<import("@sveltejs/kit").ActionFailure<{
+        error: string;
+    }> | {
+        ok: true;
+    }>;
+    setRoleAction: (event: RequestContext) => Promise<import("@sveltejs/kit").ActionFailure<{
+        error: string;
+    }> | {
+        ok: true;
+    }>;
+};
+//# sourceMappingURL=editors-routes.d.ts.map

package/dist/sveltekit/editors-routes.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"editors-routes.d.ts","sourceRoot":"","sources":["../../src/lib/sveltekit/editors-routes.ts"],"names":[],"mappings":"AAgBA,OAAO,KAAK,EAAE,MAAM,EAAQ,MAAM,kBAAkB,CAAC;AACrD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAQjD,wBAAgB,kBAAkB;yBAEE,cAAc,KAAG,OAAO,CAAC;QAAE,OAAO,EAAE,MAAM,EAAE,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC;6BAOzD,cAAc;;;;;gCAcX,cAAc;;;;;2BAgBnB,cAAc;;;;;EAiBnD"}

package/dist/sveltekit/editors-routes.js

@@ -0,0 +1,73 @@
+// Owner-gated editor management. The editor table is the allowlist, so add and remove are
+// insert and delete. The anti-lockout rule is the last remaining owner: the system refuses to
+// drop below one owner (spec 7.1), enforced in the store by an atomic guarded write rather
+// than a separate count, so concurrent removals cannot strand the allowlist at zero owners.
+import { fail } from '@sveltejs/kit';
+import { requireOwner } from './guard.js';
+import { requireDb } from '../env.js';
+import { listEditors, findEditor, insertEditor, deleteEditor, setEditorRole, removeOwnerIfNotLast, demoteOwnerIfNotLast, } from '../auth/store.js';
+const EMAIL_RE = /^[^@\s]+@[^@\s]+\.[^@\s]+$/;
+function parseRole(value) {
+    return value === 'owner' ? 'owner' : 'editor';
+}
+export function createEditorRoutes() {
+    /** GET /admin/editors. Owner-only. Returns the allowlist and the acting owner's email. */
+    async function editorsLoad(event) {
+        const owner = requireOwner(event);
+        const editors = await listEditors(requireDb(event.platform?.env ?? {}));
+        return { editors, self: owner.email };
+    }
+    /** POST add an editor. Owner-only. */
+    async function addEditorAction(event) {
+        requireOwner(event);
+        const db = requireDb(event.platform?.env ?? {});
+        const form = await event.request.formData();
+        const email = String(form.get('email') ?? '').trim().toLowerCase();
+        const name = String(form.get('name') ?? '').trim();
+        const role = parseRole(form.get('role'));
+        if (!EMAIL_RE.test(email) || !name)
+            return fail(400, { error: 'Enter a valid email and name' });
+        if (await findEditor(db, email))
+            return fail(400, { error: 'That editor already exists' });
+        await insertEditor(db, email, name, role, Date.now());
+        return { ok: true };
+    }
+    /** POST remove an editor. Owner-only. Refuses the last owner, atomically. */
+    async function removeEditorAction(event) {
+        requireOwner(event);
+        const db = requireDb(event.platform?.env ?? {});
+        const form = await event.request.formData();
+        const email = String(form.get('email') ?? '').trim().toLowerCase();
+        const target = await findEditor(db, email);
+        if (!target)
+            return fail(400, { error: 'No such editor' });
+        if (target.role === 'owner') {
+            if (!(await removeOwnerIfNotLast(db, email)))
+                return fail(400, { error: 'You cannot remove the last owner' });
+        }
+        else {
+            await deleteEditor(db, email);
+        }
+        return { ok: true };
+    }
+    /** POST change an editor's role. Owner-only. Refuses demoting the last owner, atomically. */
+    async function setRoleAction(event) {
+        requireOwner(event);
+        const db = requireDb(event.platform?.env ?? {});
+        const form = await event.request.formData();
+        const email = String(form.get('email') ?? '').trim().toLowerCase();
+        const role = parseRole(form.get('role'));
+        const target = await findEditor(db, email);
+        if (!target)
+            return fail(400, { error: 'No such editor' });
+        if (role === 'editor' && target.role === 'owner') {
+            if (!(await demoteOwnerIfNotLast(db, email)))
+                return fail(400, { error: 'You cannot demote the last owner' });
+        }
+        else {
+            await setEditorRole(db, email, role);
+        }
+        return { ok: true };
+    }
+    return { editorsLoad, addEditorAction, removeEditorAction, setRoleAction };
+}

package/dist/sveltekit/guard.d.ts

@@ -0,0 +1,9 @@
+import type { Editor } from '../auth/types.js';
+import type { HandleInput, RequestContext } from './types.js';
+/** The SvelteKit `Handle` that guards `/admin/**`. */
+export declare function createAuthGuard(): ({ event, resolve }: HandleInput) => Promise<Response>;
+/** For a protected load/action: the session the guard already resolved, or a login redirect. */
+export declare function requireSession(event: RequestContext): Editor;
+/** For the management surface: a signed-in owner, or 403 for an editor. */
+export declare function requireOwner(event: RequestContext): Editor;
+//# sourceMappingURL=guard.d.ts.map

package/dist/sveltekit/guard.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"guard.d.ts","sourceRoot":"","sources":["../../src/lib/sveltekit/guard.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAC;AAC/C,OAAO,KAAK,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAW9D,sDAAsD;AACtD,wBAAgB,eAAe,KACA,oBAAoB,WAAW,KAAG,OAAO,CAAC,QAAQ,CAAC,CAYjF;AAED,gGAAgG;AAChG,wBAAgB,cAAc,CAAC,KAAK,EAAE,cAAc,GAAG,MAAM,CAI5D;AAED,2EAA2E;AAC3E,wBAAgB,YAAY,CAAC,KAAK,EAAE,cAAc,GAAG,MAAM,CAI1D"}

package/dist/sveltekit/guard.js

@@ -0,0 +1,43 @@
+// The /admin guard, plus the per-load owner/session gates. A site's hooks.server.ts sets
+// `export const handle = createAuthGuard()`. Events are typed structurally, so the engine
+// stays free of a site's App.* ambient types.
+import { redirect, error } from '@sveltejs/kit';
+import { resolveSession } from '../auth/store.js';
+import { COOKIE_NAME } from '../auth/crypto.js';
+/** The login page and the auth endpoints are public; everything else under /admin is gated. */
+function isPublicAdminPath(pathname) {
+    return pathname === '/admin/login' || pathname.startsWith('/admin/auth/');
+}
+function isAdminPath(pathname) {
+    return pathname === '/admin' || pathname.startsWith('/admin/');
+}
+/** The SvelteKit `Handle` that guards `/admin/**`. */
+export function createAuthGuard() {
+    return async function handle({ event, resolve }) {
+        const { pathname } = event.url;
+        if (!isAdminPath(pathname) || isPublicAdminPath(pathname)) {
+            return resolve(event);
+        }
+        const env = event.platform?.env ?? {};
+        const id = event.cookies.get(COOKIE_NAME);
+        const editor = id && env.AUTH_DB ? await resolveSession(env.AUTH_DB, id, Date.now()) : null;
+        if (!editor)
+            throw redirect(303, '/admin/login');
+        event.locals.editor = editor;
+        return resolve(event);
+    };
+}
+/** For a protected load/action: the session the guard already resolved, or a login redirect. */
+export function requireSession(event) {
+    const editor = event.locals.editor;
+    if (!editor)
+        throw redirect(303, '/admin/login');
+    return editor;
+}
+/** For the management surface: a signed-in owner, or 403 for an editor. */
+export function requireOwner(event) {
+    const editor = requireSession(event);
+    if (editor.role !== 'owner')
+        throw error(403, 'Owner access required');
+    return editor;
+}

package/dist/sveltekit/health.d.ts

@@ -0,0 +1,19 @@
+import type { CairnRuntime } from '../content/types.js';
+import type { GithubKeyEnv } from '../github/credentials.js';
+/** The `/admin/healthz` payload. */
+export interface HealthData {
+    ok: boolean;
+    checks: {
+        githubAppSigning: {
+            ok: boolean;
+            detail?: string;
+        };
+    };
+}
+/** Run the signing self-test against the configured App id and the Worker's key secret. */
+export declare function healthLoad(event: {
+    platform?: {
+        env?: GithubKeyEnv;
+    };
+}, runtime: CairnRuntime): Promise<HealthData>;
+//# sourceMappingURL=health.d.ts.map

package/dist/sveltekit/health.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"health.d.ts","sourceRoot":"","sources":["../../src/lib/sveltekit/health.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACxD,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AAE7D,oCAAoC;AACpC,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,OAAO,CAAC;IACZ,MAAM,EAAE;QAAE,gBAAgB,EAAE;YAAE,EAAE,EAAE,OAAO,CAAC;YAAC,MAAM,CAAC,EAAE,MAAM,CAAA;SAAE,CAAA;KAAE,CAAC;CAChE;AAED,2FAA2F;AAC3F,wBAAsB,UAAU,CAC9B,KAAK,EAAE;IAAE,QAAQ,CAAC,EAAE;QAAE,GAAG,CAAC,EAAE,YAAY,CAAA;KAAE,CAAA;CAAE,EAC5C,OAAO,EAAE,YAAY,GACpB,OAAO,CAAC,UAAU,CAAC,CAMrB"}

package/dist/sveltekit/health.js

@@ -0,0 +1,12 @@
+// GET /admin/healthz. Signs a dummy JWT through the real App-signing path so a broken
+// PKCS#1-to-PKCS#8 conversion is caught early (spec §7.8). The payload is pass/fail and a
+// coarse detail only; it never carries the key or a token.
+import { signingSelfTest } from '../github/signing.js';
+/** Run the signing self-test against the configured App id and the Worker's key secret. */
+export async function healthLoad(event, runtime) {
+    const key = event.platform?.env?.GITHUB_APP_PRIVATE_KEY_B64;
+    const githubAppSigning = key
+        ? await signingSelfTest(runtime.backend.appId, key)
+        : { ok: false, detail: 'GITHUB_APP_PRIVATE_KEY_B64 is not configured' };
+    return { ok: githubAppSigning.ok, checks: { githubAppSigning } };
+}

package/dist/sveltekit/index.d.ts

@@ -1,174 +1,10 @@
-import type { CairnUser } from '../auth/guard';
-import { type CairnAdapter, type CairnField } from '../adapter';
-import { type NavNode } from '../nav';
-/** The `platform.env` bindings the content routes read. All optional; the handlers guard. */
-export interface AdminEnv {
-    GITHUB_APP_ID?: string;
-    GITHUB_APP_INSTALLATION_ID?: string;
-    GITHUB_APP_PRIVATE_KEY_B64?: string;
-}
-interface PlatformEvent {
-    platform?: {
-        env?: AdminEnv;
-    };
-}
-/** A collection reduced to what the sidebar nav needs (no plugin graph crosses to the client). */
-export interface NavCollection {
-    type: string;
-    label: string;
-}
-export interface AdminLayoutData {
-    user: CairnUser | null;
-    siteName: string;
-    pathname: string;
-    collections: NavCollection[];
-    /** Managed menus (name+label only) so the shell can show a Navigation entry. */
-    navMenus: {
-        name: string;
-        label: string;
-    }[];
-    /** Whether the viewer may manage navigation (gates the Navigation nav entry). */
-    canManageNav: boolean;
-}
-/**
- * Branding, session, and collection nav for every admin page. `siteName` and the collection
- * list flow from the adapter without pulling its plugin graph into client bundles (the import
- * stays server-side in the layout load; only `{type,label}` crosses). `pathname` lets the
- * shared shell highlight the active nav item without a `$app/*` import (those kit virtual
- * modules have no types outside a kit app); reading `event.url` also opts the layout load into
- * rerunning on navigation, keeping the active class correct.
- */
-export declare function adminLayoutLoad(event: {
-    locals: {
-        user: CairnUser | null;
-    };
-    url: URL;
-}, adapter: CairnAdapter): AdminLayoutData;
-/**
- * The `/admin` index has no content of its own now that each collection is its own page; send
- * the editor straight to the first collection's entries list (a Sveltia-style landing).
- */
-export declare function adminIndexRedirect(adapter: CairnAdapter): never;
-/** One entry row: id (filename stem), display title, optional date, draft flag. */
-export interface CollectionEntry {
-    id: string;
-    path: string;
-    title: string;
-    date: string | null;
-    draft: boolean;
-}
-export interface CollectionListData {
-    type: string;
-    label: string;
-    kind: 'page' | 'story';
-    entries: CollectionEntry[];
-    /** Set when the directory listing itself failed (rate limit, network). */
-    error?: string;
-    /** A create-flow error bounced back via `?error=` (an invalid or taken slug). */
-    formError: string | null;
-    /** Whether the viewer may create an entry in this collection (page-create is owner-only). */
-    canCreate: boolean;
-}
-/**
- * List one collection's entries, reading each file's frontmatter for the display title, date,
- * and draft badge. Reads run in parallel; a single failed read degrades that row to the slug
- * (rather than failing the page), and a failed directory listing returns an inline `error`.
- * Collections are small here; the 1,000-entry / Git-Trees sharding concern is risk #11, deferred.
- */
-export declare function collectionListLoad(event: PlatformEvent & {
-    params: {
-        collection: string;
-    };
-    url: URL;
-    locals: {
-        user: CairnUser | null;
-    };
-}, adapter: CairnAdapter): Promise<CollectionListData>;
-/**
- * The "New entry" form action. Validates the requested slug, rejects one that already exists,
- * then redirects into the editor in create mode (`?new=1`, where `editLoad` serves a blank
- * document and `saveCommit`'s create path commits a new file). cairn is filename-based, so the
- * slug is the filename stem the author types; a title-driven auto-slug is a later (Pass K) concern.
- */
-export declare function createEntry(event: PlatformEvent & {
-    params: {
-        collection: string;
-    };
-    locals: {
-        user: CairnUser | null;
-    };
-    request: Request;
-}, adapter: CairnAdapter): Promise<never>;
-export interface EditData {
-    type: string;
-    id: string;
-    label: string;
-    kind: 'page' | 'story';
-    fields: CairnField[];
-    path: string;
-    body: string;
-    frontmatter: Record<string, unknown>;
-    title: string;
-    saved: boolean;
-    error: string | null;
-    /** True when editing a not-yet-committed new entry (reached via `?new=1`). */
-    isNew: boolean;
-}
-export declare function editLoad(event: PlatformEvent & {
-    params: {
-        type: string;
-        id: string;
-    };
-    url: URL;
-}, adapter: CairnAdapter): Promise<EditData>;
-export declare function saveCommit(event: PlatformEvent & {
-    request: Request;
-    locals: {
-        user: CairnUser | null;
-    };
-}, adapter: CairnAdapter): Promise<never>;
-/** A page the picker can insert: its display label and the URL the nav item points at. */
-export interface NavPageOption {
-    label: string;
-    url: string;
-}
-export interface NavLoadData {
-    menu: {
-        name: string;
-        label: string;
-        maxDepth: number;
-    };
-    tree: NavNode[];
-    pages: NavPageOption[];
-    saved: boolean;
-    error: string | null;
-}
-export declare function navLoad(event: PlatformEvent & {
-    locals: {
-        user: CairnUser | null;
-    };
-    url: URL;
-}, adapter: CairnAdapter): Promise<NavLoadData>;
-export declare function navSave(event: PlatformEvent & {
-    locals: {
-        user: CairnUser | null;
-    };
-    request: Request;
-}, adapter: CairnAdapter): Promise<never>;
-export interface HealthData {
-    ok: boolean;
-    checks: {
-        githubAppSigning: {
-            ok: boolean;
-            detail?: string;
-        };
-    };
-}
-/**
- * Deploy-time health check (M2): signs a dummy App JWT to prove the GitHub App key loads and
- * the PKCS#1→PKCS#8 conversion still works, before an editor hits it on save. Behind the
- * `/admin` guard (signed-in editors only); returns ok/fail with no secret in the body.
- */
-export declare function healthLoad(event: PlatformEvent): Promise<HealthData>;
-export {};
+export { createAuthGuard, requireSession, requireOwner } from './guard.js';
+export { createAuthRoutes, type AuthRoutesConfig } from './auth-routes.js';
+export { createEditorRoutes } from './editors-routes.js';
+export { createContentRoutes } from './content-routes.js';
+export type { NavConcept, LayoutData, EntrySummary, ListData, EditData, ContentEvent, ContentRoutesDeps, } from './content-routes.js';
+export { createNavRoutes } from './nav-routes.js';
+export type { NavLoadData, NavPageOption, NavRoutesDeps } from './nav-routes.js';
+export { healthLoad, type HealthData } from './health.js';
+export type { RequestContext, CookieJar, HandleInput } from './types.js';
 //# sourceMappingURL=index.d.ts.map

package/dist/sveltekit/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/lib/sveltekit/index.ts"],"names":[],"mappings":"AAYA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAY/C,OAAO,EAAuC,KAAK,YAAY,EAAE,KAAK,UAAU,EAAE,MAAM,YAAY,CAAC;AACrG,OAAO,EAA0D,KAAK,OAAO,EAAE,MAAM,QAAQ,CAAC;AAE9F,6FAA6F;AAC7F,MAAM,WAAW,QAAQ;IACvB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,0BAA0B,CAAC,EAAE,MAAM,CAAC;IACpC,0BAA0B,CAAC,EAAE,MAAM,CAAC;CACrC;AAED,UAAU,aAAa;IACrB,QAAQ,CAAC,EAAE;QAAE,GAAG,CAAC,EAAE,QAAQ,CAAA;KAAE,CAAC;CAC/B;AA2BD,kGAAkG;AAClG,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,SAAS,GAAG,IAAI,CAAC;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,aAAa,EAAE,CAAC;IAC7B,gFAAgF;IAChF,QAAQ,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;IAC5C,iFAAiF;IACjF,YAAY,EAAE,OAAO,CAAC;CACvB;AAED;;;;;;;GAOG;AACH,wBAAgB,eAAe,CAC7B,KAAK,EAAE;IAAE,MAAM,EAAE;QAAE,IAAI,EAAE,SAAS,GAAG,IAAI,CAAA;KAAE,CAAC;IAAC,GAAG,EAAE,GAAG,CAAA;CAAE,EACvD,OAAO,EAAE,YAAY,GACpB,eAAe,CASjB;AAED;;;GAGG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,YAAY,GAAG,KAAK,CAI/D;AAID,mFAAmF;AACnF,MAAM,WAAW,eAAe;IAC9B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,KAAK,EAAE,OAAO,CAAC;CAChB;AAED,MAAM,WAAW,kBAAkB;IACjC,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC;IACvB,OAAO,EAAE,eAAe,EAAE,CAAC;IAC3B,0EAA0E;IAC1E,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,iFAAiF;IACjF,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,6FAA6F;IAC7F,SAAS,EAAE,OAAO,CAAC;CACpB;AASD;;;;;GAKG;AACH,wBAAsB,kBAAkB,CACtC,KAAK,EAAE,aAAa,GAAG;IAAE,MAAM,EAAE;QAAE,UAAU,EAAE,MAAM,CAAA;KAAE,CAAC;IAAC,GAAG,EAAE,GAAG,CAAC;IAAC,MAAM,EAAE;QAAE,IAAI,EAAE,SAAS,GAAG,IAAI,CAAA;KAAE,CAAA;CAAE,EACvG,OAAO,EAAE,YAAY,GACpB,OAAO,CAAC,kBAAkB,CAAC,CA0D7B;AAOD;;;;;GAKG;AACH,wBAAsB,WAAW,CAC/B,KAAK,EAAE,aAAa,GAAG;IACrB,MAAM,EAAE;QAAE,UAAU,EAAE,MAAM,CAAA;KAAE,CAAC;IAC/B,MAAM,EAAE;QAAE,IAAI,EAAE,SAAS,GAAG,IAAI,CAAA;KAAE,CAAC;IACnC,OAAO,EAAE,OAAO,CAAC;CAClB,EACD,OAAO,EAAE,YAAY,GACpB,OAAO,CAAC,KAAK,CAAC,CAsBhB;AAID,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC;IACvB,MAAM,EAAE,UAAU,EAAE,CAAC;IACrB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACrC,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,OAAO,CAAC;IACf,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,8EAA8E;IAC9E,KAAK,EAAE,OAAO,CAAC;CAChB;AAED,wBAAsB,QAAQ,CAC5B,KAAK,EAAE,aAAa,GAAG;IAAE,MAAM,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,EAAE,EAAE,MAAM,CAAA;KAAE,CAAC;IAAC,GAAG,EAAE,GAAG,CAAA;CAAE,EACzE,OAAO,EAAE,YAAY,GACpB,OAAO,CAAC,QAAQ,CAAC,CAqCnB;AAID,wBAAsB,UAAU,CAC9B,KAAK,EAAE,aAAa,GAAG;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,MAAM,EAAE;QAAE,IAAI,EAAE,SAAS,GAAG,IAAI,CAAA;KAAE,CAAA;CAAE,EAC/E,OAAO,EAAE,YAAY,GACpB,OAAO,CAAC,KAAK,CAAC,CAqDhB;AAID,0FAA0F;AAC1F,MAAM,WAAW,aAAa;IAC5B,KAAK,EAAE,MAAM,CAAC;IACd,GAAG,EAAE,MAAM,CAAC;CACb;AAED,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC;IACxD,IAAI,EAAE,OAAO,EAAE,CAAC;IAChB,KAAK,EAAE,aAAa,EAAE,CAAC;IACvB,KAAK,EAAE,OAAO,CAAC;IACf,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACtB;AAmBD,wBAAsB,OAAO,CAC3B,KAAK,EAAE,aAAa,GAAG;IAAE,MAAM,EAAE;QAAE,IAAI,EAAE,SAAS,GAAG,IAAI,CAAA;KAAE,CAAC;IAAC,GAAG,EAAE,GAAG,CAAA;CAAE,EACvE,OAAO,EAAE,YAAY,GACpB,OAAO,CAAC,WAAW,CAAC,CAyBtB;AAED,wBAAsB,OAAO,CAC3B,KAAK,EAAE,aAAa,GAAG;IAAE,MAAM,EAAE;QAAE,IAAI,EAAE,SAAS,GAAG,IAAI,CAAA;KAAE,CAAC;IAAC,OAAO,EAAE,OAAO,CAAA;CAAE,EAC/E,OAAO,EAAE,YAAY,GACpB,OAAO,CAAC,KAAK,CAAC,CAgDhB;AAID,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,OAAO,CAAC;IACZ,MAAM,EAAE;QAAE,gBAAgB,EAAE;YAAE,EAAE,EAAE,OAAO,CAAC;YAAC,MAAM,CAAC,EAAE,MAAM,CAAA;SAAE,CAAA;KAAE,CAAC;CAChE;AAED;;;;GAIG;AACH,wBAAsB,UAAU,CAAC,KAAK,EAAE,aAAa,GAAG,OAAO,CAAC,UAAU,CAAC,CAS1E"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/lib/sveltekit/index.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAC3E,OAAO,EAAE,gBAAgB,EAAE,KAAK,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AAC3E,OAAO,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AACzD,OAAO,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAC1D,YAAY,EACV,UAAU,EACV,UAAU,EACV,YAAY,EACZ,QAAQ,EACR,QAAQ,EACR,YAAY,EACZ,iBAAiB,GAClB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAClD,YAAY,EAAE,WAAW,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AACjF,OAAO,EAAE,UAAU,EAAE,KAAK,UAAU,EAAE,MAAM,aAAa,CAAC;AAC1D,YAAY,EAAE,cAAc,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC"}