npm - @hiai-gg/hiai-docs - Versions diffs - 0.0.1 - Mend

@hiai-gg/hiai-docs 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (216) hide show

package/.all-contributorsrc +18 -0
package/.claude/settings.local.json +61 -0
package/.dockerignore +113 -0
package/.env.example +68 -0
package/.github/FUNDING.yml +5 -0
package/.github/ISSUE_TEMPLATE/bug_report.md +74 -0
package/.github/ISSUE_TEMPLATE/feature_request.md +78 -0
package/.github/dependabot.yml +136 -0
package/.github/pull_request_template.md +96 -0
package/.github/workflows/ci.yml +283 -0
package/AGENTS.md +237 -0
package/CODE_OF_CONDUCT.md +134 -0
package/CONTRIBUTING.md +77 -0
package/Caddyfile +50 -0
package/Dockerfile.backend +60 -0
package/LICENSE +21 -0
package/README.md +284 -0
package/RELEASE_CHECKLIST.md +34 -0
package/SECURITY.md +60 -0
package/backend/package.json +43 -0
package/backend/src/__tests__/auth-helpers.test.ts +51 -0
package/backend/src/__tests__/chunker.test.ts +65 -0
package/backend/src/__tests__/config.test.ts +91 -0
package/backend/src/__tests__/csrf.test.ts +91 -0
package/backend/src/__tests__/embedding.test.ts +48 -0
package/backend/src/__tests__/rate-limit.test.ts +46 -0
package/backend/src/__tests__/routes.test.ts +38 -0
package/backend/src/__tests__/schema.test.ts +31 -0
package/backend/src/__tests__/validation.test.ts +556 -0
package/backend/src/api/middleware/auth.ts +56 -0
package/backend/src/api/middleware/csrf.ts +91 -0
package/backend/src/api/middleware/rate-limit.ts +77 -0
package/backend/src/api/middleware/webhook-verify.ts +22 -0
package/backend/src/api/routes/attachments.ts +280 -0
package/backend/src/api/routes/auth.ts +52 -0
package/backend/src/api/routes/collaboration.ts +121 -0
package/backend/src/api/routes/documents.ts +664 -0
package/backend/src/api/routes/folders.ts +226 -0
package/backend/src/api/routes/search.ts +354 -0
package/backend/src/api/routes/share.ts +512 -0
package/backend/src/api/routes/tags.ts +247 -0
package/backend/src/api/routes/versions.ts +99 -0
package/backend/src/api/routes/webhooks.ts +43 -0
package/backend/src/embedding/chunker.ts +74 -0
package/backend/src/embedding/index.ts +117 -0
package/backend/src/embedding/providers/ollama.ts +63 -0
package/backend/src/embedding/providers/openrouter.ts +71 -0
package/backend/src/embedding/utils.ts +13 -0
package/backend/src/embedding/worker.ts +89 -0
package/backend/src/index.ts +147 -0
package/backend/src/lib/auth-helpers.ts +27 -0
package/backend/src/lib/auth.ts +35 -0
package/backend/src/lib/config.ts +73 -0
package/backend/src/lib/db.ts +7 -0
package/backend/src/lib/embedding-queue.ts +12 -0
package/backend/src/lib/logger.ts +18 -0
package/backend/src/lib/markdown-to-doc.ts +45 -0
package/backend/src/lib/minio.ts +46 -0
package/backend/src/lib/redis.ts +19 -0
package/backend/src/lib/yjs-provider.ts +182 -0
package/backend/tests/integration/_harness.ts +754 -0
package/backend/tests/integration/auth.test.ts +296 -0
package/backend/tests/integration/routes.documents.test.ts +459 -0
package/backend/tests/integration/routes.folders.test.ts +337 -0
package/backend/tests/integration/routes.search.test.ts +322 -0
package/backend/tests/integration/routes.share.test.ts +773 -0
package/backend/tests/integration/routes.tags.test.ts +425 -0
package/backend/tests/integration/routes.versions.test.ts +233 -0
package/backend/tsconfig.json +18 -0
package/docker-compose.yml +218 -0
package/docs/API.md +328 -0
package/docs/ARCHITECTURE.md +75 -0
package/docs/DEPLOYMENT.md +113 -0
package/docs/PRODUCTION_STATUS.md +61 -0
package/docs/openapi.json +385 -0
package/frontend/.svelte-kit.old/ambient.d.ts +230 -0
package/frontend/.svelte-kit.old/env.d.ts +1 -0
package/frontend/.svelte-kit.old/generated/client/app.js +46 -0
package/frontend/.svelte-kit.old/generated/client/matchers.js +1 -0
package/frontend/.svelte-kit.old/generated/client/nodes/0.js +3 -0
package/frontend/.svelte-kit.old/generated/client/nodes/1.js +1 -0
package/frontend/.svelte-kit.old/generated/client/nodes/10.js +3 -0
package/frontend/.svelte-kit.old/generated/client/nodes/2.js +1 -0
package/frontend/.svelte-kit.old/generated/client/nodes/3.js +1 -0
package/frontend/.svelte-kit.old/generated/client/nodes/4.js +1 -0
package/frontend/.svelte-kit.old/generated/client/nodes/5.js +3 -0
package/frontend/.svelte-kit.old/generated/client/nodes/6.js +1 -0
package/frontend/.svelte-kit.old/generated/client/nodes/7.js +3 -0
package/frontend/.svelte-kit.old/generated/client/nodes/8.js +1 -0
package/frontend/.svelte-kit.old/generated/client/nodes/9.js +3 -0
package/frontend/.svelte-kit.old/generated/root.js +3 -0
package/frontend/.svelte-kit.old/generated/root.svelte +80 -0
package/frontend/.svelte-kit.old/generated/server/internal.js +55 -0
package/frontend/.svelte-kit.old/non-ambient.d.ts +59 -0
package/frontend/.svelte-kit.old/tsconfig.json +59 -0
package/frontend/.svelte-kit.old/types/route_meta_data.json +40 -0
package/frontend/.svelte-kit.old/types/src/routes/$types.d.ts +21 -0
package/frontend/.svelte-kit.old/types/src/routes/(app)/$types.d.ts +30 -0
package/frontend/.svelte-kit.old/types/src/routes/(app)/docs/[id]/$types.d.ts +27 -0
package/frontend/.svelte-kit.old/types/src/routes/(app)/docs/[id]/proxy+page.ts +25 -0
package/frontend/.svelte-kit.old/types/src/routes/api/[...path]/$types.d.ts +10 -0
package/frontend/.svelte-kit.old/types/src/routes/folders/[id]/$types.d.ts +27 -0
package/frontend/.svelte-kit.old/types/src/routes/folders/[id]/proxy+page.ts +15 -0
package/frontend/.svelte-kit.old/types/src/routes/login/$types.d.ts +17 -0
package/frontend/.svelte-kit.old/types/src/routes/register/$types.d.ts +17 -0
package/frontend/.svelte-kit.old/types/src/routes/s/[token]/$types.d.ts +20 -0
package/frontend/.svelte-kit.old/types/src/routes/s/[token]/proxy+page.ts +6 -0
package/frontend/.svelte-kit.old/types/src/routes/search/$types.d.ts +19 -0
package/frontend/.svelte-kit.old/types/src/routes/search/proxy+page.ts +26 -0
package/frontend/.svelte-kit.old/types/src/routes/settings/$types.d.ts +17 -0
package/frontend/Dockerfile +44 -0
package/frontend/biome.json +40 -0
package/frontend/components.json +18 -0
package/frontend/messages/en.json +434 -0
package/frontend/package.json +70 -0
package/frontend/project.inlang/settings.json +12 -0
package/frontend/src/app.css +6 -0
package/frontend/src/app.d.ts +13 -0
package/frontend/src/app.html +30 -0
package/frontend/src/hooks.server.ts +10 -0
package/frontend/src/hooks.ts +10 -0
package/frontend/src/lib/api/attachments.ts +45 -0
package/frontend/src/lib/api/client.test.ts +15 -0
package/frontend/src/lib/api/client.ts +57 -0
package/frontend/src/lib/api/documents.ts +83 -0
package/frontend/src/lib/api/folders.ts +180 -0
package/frontend/src/lib/api/search.test.ts +52 -0
package/frontend/src/lib/api/search.ts +128 -0
package/frontend/src/lib/api/settings.ts +95 -0
package/frontend/src/lib/api/share.ts +71 -0
package/frontend/src/lib/api/tags.test.ts +91 -0
package/frontend/src/lib/api/tags.ts +87 -0
package/frontend/src/lib/auth-client.ts +10 -0
package/frontend/src/lib/collaboration.ts +63 -0
package/frontend/src/lib/components/AttachmentUpload.svelte +110 -0
package/frontend/src/lib/components/DatePicker.svelte +322 -0
package/frontend/src/lib/components/DocumentCard.svelte +166 -0
package/frontend/src/lib/components/EmptyState.svelte +49 -0
package/frontend/src/lib/components/FolderCard.svelte +93 -0
package/frontend/src/lib/components/ScrollToTop.svelte +72 -0
package/frontend/src/lib/components/SearchBar.svelte +47 -0
package/frontend/src/lib/components/SearchResult.svelte +115 -0
package/frontend/src/lib/components/SettingsDialog.svelte +271 -0
package/frontend/src/lib/components/ShareDialog.svelte +158 -0
package/frontend/src/lib/components/ShareLink.svelte +98 -0
package/frontend/src/lib/components/TagCreateDialog.svelte +284 -0
package/frontend/src/lib/components/VersionDiff.svelte +55 -0
package/frontend/src/lib/components/VersionHistory.svelte +96 -0
package/frontend/src/lib/components/editor/DocumentTitle.svelte +87 -0
package/frontend/src/lib/components/editor/EditorToolbar.svelte +1367 -0
package/frontend/src/lib/components/editor/HiAiEditor.svelte +531 -0
package/frontend/src/lib/components/editor/LinkDialog.svelte +134 -0
package/frontend/src/lib/components/editor/MarkdownToggle.svelte +88 -0
package/frontend/src/lib/components/editor/editorExtensions.ts +53 -0
package/frontend/src/lib/components/editor/markdown.ts +38 -0
package/frontend/src/lib/components/sidebar/FolderTree.svelte +731 -0
package/frontend/src/lib/components/sidebar/RecentDocs.svelte +311 -0
package/frontend/src/lib/components/sidebar/Sidebar.svelte +156 -0
package/frontend/src/lib/components/sidebar/TagList.svelte +200 -0
package/frontend/src/lib/components/ui/confirm-dialog/ConfirmDialog.svelte +76 -0
package/frontend/src/lib/components/ui/confirm-dialog/index.ts +1 -0
package/frontend/src/lib/stores/tag-store.svelte.ts +56 -0
package/frontend/src/lib/stores/theme.svelte.ts +97 -0
package/frontend/src/lib/svelte.d.ts +6 -0
package/frontend/src/lib/types.ts +44 -0
package/frontend/src/lib/utils/clipboard.ts +17 -0
package/frontend/src/lib/utils/strip-markdown.ts +59 -0
package/frontend/src/lib/utils.ts +33 -0
package/frontend/src/routes/(app)/+layout.svelte +17 -0
package/frontend/src/routes/(app)/+page.server.ts +10 -0
package/frontend/src/routes/(app)/+page.svelte +303 -0
package/frontend/src/routes/(app)/docs/[id]/+page.server.ts +10 -0
package/frontend/src/routes/(app)/docs/[id]/+page.svelte +1108 -0
package/frontend/src/routes/(app)/docs/[id]/+page.ts +24 -0
package/frontend/src/routes/(app)/search/+page.svelte +593 -0
package/frontend/src/routes/(app)/search/+page.ts +25 -0
package/frontend/src/routes/+error.svelte +12 -0
package/frontend/src/routes/+layout.svelte +18 -0
package/frontend/src/routes/+layout.ts +2 -0
package/frontend/src/routes/api/[...path]/+server.ts +111 -0
package/frontend/src/routes/folders/[id]/+page.server.ts +10 -0
package/frontend/src/routes/folders/[id]/+page.svelte +319 -0
package/frontend/src/routes/folders/[id]/+page.ts +14 -0
package/frontend/src/routes/login/+page.svelte +90 -0
package/frontend/src/routes/register/+page.svelte +97 -0
package/frontend/src/routes/s/[token]/+page.svelte +496 -0
package/frontend/src/routes/s/[token]/+page.ts +5 -0
package/frontend/src/routes/settings/+page.svelte +175 -0
package/frontend/static/favicon.png +0 -0
package/frontend/static/logo.png +0 -0
package/frontend/svelte.config.js +15 -0
package/frontend/tsconfig.json +15 -0
package/frontend/vite.config.ts +25 -0
package/init.sql +9 -0
package/logo.png +0 -0
package/package.json +39 -0
package/package.public.json +39 -0
package/packages/db/drizzle.config.ts +10 -0
package/packages/db/package.json +30 -0
package/packages/db/src/client.ts +9 -0
package/packages/db/src/index.ts +2 -0
package/packages/db/src/migrations/0000_nice_bedlam.sql +165 -0
package/packages/db/src/migrations/0001_w2_3_test.sql +5 -0
package/packages/db/src/migrations/0002_rename_content_json.sql +2 -0
package/packages/db/src/migrations/meta/0000_snapshot.json +1331 -0
package/packages/db/src/migrations/meta/0001_snapshot.json +1399 -0
package/packages/db/src/migrations/meta/0002_snapshot.json +1399 -0
package/packages/db/src/migrations/meta/_journal.json +27 -0
package/packages/db/src/schema.ts +378 -0
package/packages/db/tsconfig.json +17 -0
package/scripts/export-openapi.ts +37 -0
package/scripts/health-check.sh +75 -0
package/scripts/migrate.sh +135 -0
package/scripts/prework_backup.sh +25 -0
package/scripts/release.sh +83 -0
package/tsconfig.json +25 -0

package/frontend/src/lib/components/SettingsDialog.svelte ADDED Viewed

@@ -0,0 +1,271 @@
+<script lang="ts">
+import { Button } from "@hiai-gg/hiai-ui/components/ui/button";
+import * as Dialog from "@hiai-gg/hiai-ui/components/ui/dialog";
+import { Input } from "@hiai-gg/hiai-ui/components/ui/input";
+import { Label } from "@hiai-gg/hiai-ui/components/ui/label";
+import * as Tabs from "@hiai-gg/hiai-ui/components/ui/tabs";
+import { Loader2, LogOut, Save } from "lucide-svelte";
+import { onMount } from "svelte";
+import { goto } from "$app/navigation";
+import { getProfile, updateProfile } from "$lib/api/settings";
+import { authClient, signOut } from "$lib/auth-client";
+import * as m from "$lib/paraglide/messages.js";
+import { type Theme, themeStore } from "$lib/stores/theme.svelte";
+let {
+	open = $bindable(false),
+}: {
+	open?: boolean;
+} = $props();
+let activeTab = $state("profile");
+// Profile
+let name = $state("");
+let email = $state("");
+let profileStatus = $state<"idle" | "saving" | "saved" | "error">("idle");
+let profileError = $state("");
+// Password
+let currentPassword = $state("");
+let newPassword = $state("");
+let confirmPassword = $state("");
+let passwordStatus = $state<"idle" | "saving" | "saved" | "error">("idle");
+let passwordError = $state("");
+onMount(async () => {
+	try {
+		const profile = await getProfile();
+		if (profile.name) name = profile.name;
+		if (profile.email) email = profile.email;
+	} catch {
+		// use defaults
+	}
+});
+async function saveProfile() {
+	profileStatus = "saving";
+	profileError = "";
+	try {
+		await updateProfile({ name });
+		profileStatus = "saved";
+		setTimeout(() => {
+			profileStatus = "idle";
+		}, 2000);
+	} catch (e) {
+		profileStatus = "error";
+		profileError = e instanceof Error ? e.message : m.error_document_save();
+	}
+}
+async function changePassword() {
+	passwordError = "";
+	if (newPassword !== confirmPassword) {
+		passwordStatus = "error";
+		passwordError = m.auth_password_mismatch();
+		return;
+	}
+	if (newPassword.length < 8) {
+		passwordStatus = "error";
+		passwordError = m.auth_password_min();
+		return;
+	}
+	passwordStatus = "saving";
+	try {
+		// Better Auth exposes a dedicated change-password endpoint
+		// (POST /api/auth/change-password) that requires `currentPassword` and
+		// `newPassword`. The previous `update-user` route is for profile fields
+		// (name/email) and rejected this body with 400. revokeOtherSessions
+		// invalidates any other active sessions for this user.
+		const { error } = await authClient.changePassword({
+			currentPassword,
+			newPassword,
+			revokeOtherSessions: true,
+		});
+		if (error) {
+			passwordStatus = "error";
+			passwordError = error.message ?? m.error_generic();
+			return;
+		}
+		passwordStatus = "saved";
+		currentPassword = "";
+		newPassword = "";
+		confirmPassword = "";
+		setTimeout(() => {
+			passwordStatus = "idle";
+		}, 2000);
+	} catch (e) {
+		passwordStatus = "error";
+		passwordError = e instanceof Error ? e.message : m.error_generic();
+	}
+}
+function pickTheme(value: Theme) {
+	themeStore.set(value);
+}
+const themeOptions: Array<{ value: Theme; label: string; key: string }> = [
+	{ value: "light", label: m.theme_light(), key: "light" },
+	{ value: "dark", label: m.theme_dark(), key: "dark" },
+	{ value: "system", label: m.theme_system(), key: "system" },
+];
+let loggingOut = $state(false);
+async function handleLogout() {
+	loggingOut = true;
+	try {
+		await signOut();
+		open = false;
+		goto("/login");
+	} catch {
+		loggingOut = false;
+	}
+}
+function close() {
+	open = false;
+}
+</script>
+<Dialog.Dialog bind:open>
+	<Dialog.DialogHeader>
+		<Dialog.DialogTitle>{m.settings_title()}</Dialog.DialogTitle>
+		<Dialog.DialogDescription>
+			{m.settings_account()}
+		</Dialog.DialogDescription>
+	</Dialog.DialogHeader>
+	<Tabs.Tabs bind:value={activeTab} class="w-full">
+		<Tabs.TabsList class="grid w-full grid-cols-3">
+			<Tabs.TabsTrigger
+				value="profile"
+				selected={activeTab === "profile"}
+				onclick={(v) => (activeTab = v)}
+			>
+				{m.settings_profile()}
+			</Tabs.TabsTrigger>
+			<Tabs.TabsTrigger
+				value="password"
+				selected={activeTab === "password"}
+				onclick={(v) => (activeTab = v)}
+			>
+				{m.password_label()}
+			</Tabs.TabsTrigger>
+			<Tabs.TabsTrigger
+				value="appearance"
+				selected={activeTab === "appearance"}
+				onclick={(v) => (activeTab = v)}
+			>
+				{m.settings_appearance()}
+			</Tabs.TabsTrigger>
+		</Tabs.TabsList>
+		<Tabs.TabsContent value="profile" currentValue={activeTab}>
+			<form onsubmit={(e) => { e.preventDefault(); saveProfile(); }} class="space-y-4">
+				<div class="space-y-2">
+					<Label for="settings-name">{m.settings_name()}</Label>
+					<Input id="settings-name" type="text" name="name" bind:value={name} autocomplete="name" />
+				</div>
+				<div class="space-y-2">
+					<Label for="settings-email">{m.settings_email()}</Label>
+					<Input id="settings-email" type="email" name="email" bind:value={email} autocomplete="email" disabled />
+				</div>
+				{#if profileError}
+					<p class="text-sm text-destructive">{profileError}</p>
+				{/if}
+				<Button type="submit" disabled={profileStatus === "saving"}>
+					{#if profileStatus === "saving"}
+						<Loader2 class="mr-2 size-4 animate-spin" />
+					{:else}
+						<Save class="mr-2 size-4" />
+					{/if}
+					{profileStatus === "saved" ? m.settings_saved_status() : m.settings_save()}
+				</Button>
+			</form>
+		</Tabs.TabsContent>
+		<Tabs.TabsContent value="password" currentValue={activeTab}>
+			<form onsubmit={(e) => { e.preventDefault(); changePassword(); }} class="space-y-4">
+				<div class="space-y-2">
+					<Label for="settings-current-password">{m.auth_password()}</Label>
+					<Input
+						id="settings-current-password"
+						type="password"
+						name="current-password"
+						bind:value={currentPassword}
+						autocomplete="current-password"
+					/>
+				</div>
+				<div class="space-y-2">
+					<Label for="settings-new-password">{m.new_password()}</Label>
+					<Input
+						id="settings-new-password"
+						type="password"
+						name="new-password"
+						bind:value={newPassword}
+						autocomplete="new-password"
+					/>
+				</div>
+				<div class="space-y-2">
+					<Label for="settings-confirm-password">{m.confirm_password()}</Label>
+					<Input
+						id="settings-confirm-password"
+						type="password"
+						name="confirm-password"
+						bind:value={confirmPassword}
+						autocomplete="new-password"
+					/>
+				</div>
+				{#if passwordError}
+					<p class="text-sm text-destructive">{passwordError}</p>
+				{/if}
+				<Button type="submit" disabled={passwordStatus === "saving"}>
+					{#if passwordStatus === "saving"}
+						<Loader2 class="mr-2 size-4 animate-spin" />
+					{/if}
+					{passwordStatus === "saved" ? m.settings_saved_status() : m.change_password()}
+				</Button>
+			</form>
+		</Tabs.TabsContent>
+		<Tabs.TabsContent value="appearance" currentValue={activeTab}>
+			<div class="space-y-4">
+				<div class="space-y-2">
+					<Label>{m.settings_theme()}</Label>
+					<p class="text-xs text-muted-foreground">{m.settings_appearance()}</p>
+				</div>
+				<div class="grid grid-cols-3 gap-2">
+					{#each themeOptions as opt (opt.key)}
+						<button
+							type="button"
+							onclick={() => pickTheme(opt.value)}
+							class={[
+								"rounded-md border px-3 py-2 text-sm font-medium transition-colors",
+								themeStore.value === opt.value
+									? "border-primary bg-primary text-primary-foreground"
+									: "border-border text-muted-foreground hover:bg-accent hover:text-accent-foreground",
+							].join(" ")}
+						>
+							{opt.label}
+						</button>
+					{/each}
+				</div>
+			</div>
+		</Tabs.TabsContent>
+	</Tabs.Tabs>
+	<Dialog.DialogFooter>
+		<Button
+			id="logout-button"
+			variant="ghost"
+			onclick={handleLogout}
+			disabled={loggingOut}
+			class="mr-auto text-muted-foreground hover:text-destructive"
+		>
+			<LogOut class="mr-2 size-4" />
+			{loggingOut ? "…" : m.auth_logout()}
+		</Button>
+		<Button variant="outline" onclick={close}>{m.action_close()}</Button>
+	</Dialog.DialogFooter>
+</Dialog.Dialog>

package/frontend/src/lib/components/ShareDialog.svelte ADDED Viewed

@@ -0,0 +1,158 @@
+<script lang="ts">
+import { createShareLink } from "$lib/api/share";
+import * as m from "$lib/paraglide/messages.js";
+let {
+	open = $bindable(false),
+	documentId = "",
+	documentTitle = "",
+}: {
+	open?: boolean;
+	documentId?: string;
+	documentTitle?: string;
+} = $props();
+let usePassword = $state(false);
+let password = $state("");
+let expiresIn = $state<"1h" | "1d" | "7d" | "30d" | "never">("7d");
+let guestEmail = $state("");
+let guestEmails = $state<string[]>([]);
+let shareUrl = $state("");
+let copied = $state(false);
+let creating = $state(false);
+let error = $state("");
+function addGuest() {
+	const email = guestEmail.trim();
+	if (email?.includes("@") && !guestEmails.includes(email)) {
+		guestEmails = [...guestEmails, email];
+		guestEmail = "";
+	}
+}
+function removeGuest(email: string) {
+	guestEmails = guestEmails.filter((e) => e !== email);
+}
+async function createLink() {
+	creating = true;
+	error = "";
+	try {
+		const result = await createShareLink({
+			documentId: documentId || undefined,
+			password: usePassword ? password : undefined,
+			expiresIn,
+			guestEmails: guestEmails.length > 0 ? guestEmails : undefined,
+		});
+		shareUrl = `${window.location.origin}/s/${result.token}`;
+	} catch (e) {
+		error = e instanceof Error ? e.message : m.error_generic();
+		console.error("ShareDialog: createShareLink failed", e);
+	} finally {
+		creating = false;
+	}
+}
+async function copyLink() {
+	if (shareUrl) {
+		await navigator.clipboard.writeText(shareUrl);
+		copied = true;
+		setTimeout(() => {
+			copied = false;
+		}, 2000);
+	}
+}
+function close() {
+	open = false;
+	shareUrl = "";
+	usePassword = false;
+	password = "";
+	expiresIn = "7d";
+	guestEmails = [];
+	error = "";
+}
+</script>
+{#if open}
+  <div class="fixed inset-0 z-50 flex items-center justify-center">
+    <button onclick={close} class="absolute inset-0 bg-black/50" aria-label={m.action_close()}></button>
+    <div class="relative z-10 w-full max-w-md rounded-lg border border-border bg-background p-6 shadow-lg">
+      <div class="mb-4 flex items-center justify-between">
+        <h2 class="text-lg font-semibold">{m.share_create_title()} "{documentTitle}"</h2>
+        <button onclick={close} class="rounded-md p-1 text-muted-foreground hover:bg-accent hover:text-foreground" aria-label={m.action_close()}>&#10005;</button>
+      </div>
+      {#if !shareUrl}
+        <div class="space-y-4">
+          <div class="flex items-center justify-between">
+            <span class="text-sm font-medium">{m.share_password_protection()}</span>
+            <button
+              onclick={() => { usePassword = !usePassword; }}
+              class="relative inline-flex h-5 w-9 items-center rounded-full transition-colors {usePassword ? 'bg-primary' : 'bg-input'}"
+              role="switch"
+              aria-checked={usePassword}
+              aria-label={m.share_toggle_password()}
+            >
+              <span class="inline-block h-4 w-4 rounded-full bg-white shadow transition-transform {usePassword ? 'translate-x-4' : 'translate-x-0.5'}"></span>
+            </button>
+          </div>
+          {#if usePassword}
+            <input type="password" bind:value={password} placeholder={m.share_enter_password()} class="flex h-9 w-full rounded-md border border-input bg-transparent px-3 py-1 text-sm shadow-sm focus-visible:outline-none focus-visible:ring-1 focus-visible:ring-ring" />
+          {/if}
+          <div class="space-y-2">
+            <span class="text-sm font-medium">{m.share_expires()}</span>
+            <div class="flex gap-2">
+              {#each [["1h", m.share_expires_1h()], ["1d", m.share_expires_1d()], ["7d", m.share_expires_7d()], ["30d", m.share_expires_30d()], ["never", m.share_expires_never()]] as [val, label]}
+                <button
+                  onclick={() => { expiresIn = val as typeof expiresIn; }}
+                  class="rounded-md border px-2.5 py-1 text-xs font-medium transition-colors
+                    {expiresIn === val ? 'border-primary bg-primary text-primary-foreground' : 'border-border text-muted-foreground hover:bg-accent'}"
+                >
+                  {label}
+                </button>
+              {/each}
+            </div>
+          </div>
+          <div class="space-y-2">
+            <span class="text-sm font-medium">{m.share_guest_access()}</span>
+            <div class="flex gap-2">
+              <input type="email" bind:value={guestEmail} placeholder="guest@email.com" onkeydown={(e) => { if (e.key === "Enter") { e.preventDefault(); addGuest(); } }} class="flex h-9 flex-1 rounded-md border border-input bg-transparent px-3 py-1 text-sm shadow-sm focus-visible:outline-none focus-visible:ring-1 focus-visible:ring-ring" />
+              <button onclick={addGuest} class="rounded-md border border-border px-3 py-1.5 text-sm font-medium hover:bg-accent">{m.share_add()}</button>
+            </div>
+            {#if guestEmails.length > 0}
+              <div class="flex flex-wrap gap-1.5">
+                {#each guestEmails as email}
+                  <span class="inline-flex items-center gap-1 rounded-md bg-secondary px-2 py-0.5 text-xs">
+                    {email}
+                    <button onclick={() => removeGuest(email)} class="text-muted-foreground hover:text-foreground">&times;</button>
+                  </span>
+                {/each}
+              </div>
+            {/if}
+          </div>
+          {#if error}
+            <p class="text-xs text-destructive">{error}</p>
+          {/if}
+          <button onclick={createLink} disabled={creating} class="w-full rounded-md bg-primary px-4 py-2 text-sm font-medium text-primary-foreground hover:bg-primary/90 disabled:opacity-50">
+            {creating ? m.share_creating() : m.share_create_link()}
+          </button>
+        </div>
+      {:else}
+        <div class="space-y-4">
+          <p class="text-sm text-muted-foreground">{m.share_link_created()}</p>
+          <div class="flex items-center gap-2">
+            <code class="flex-1 truncate rounded-md bg-muted px-3 py-2 text-sm">{shareUrl}</code>
+            <button onclick={copyLink} class="rounded-md bg-primary px-3 py-2 text-sm font-medium text-primary-foreground hover:bg-primary/90">
+              {copied ? m.share_link_copied() : m.share_copy()}
+            </button>
+          </div>
+          <button onclick={close} class="w-full rounded-md border border-border px-4 py-2 text-sm font-medium hover:bg-accent">{m.action_done()}</button>
+        </div>
+      {/if}
+    </div>
+  </div>
+{/if}

package/frontend/src/lib/components/ShareLink.svelte ADDED Viewed

@@ -0,0 +1,98 @@
+<script lang="ts">
+import { apiFetch } from "$lib/api/client";
+import * as m from "$lib/paraglide/messages.js";
+const {
+	token = "",
+	expiresAt = "",
+	hasPassword = false,
+	guestEmails = [],
+	linkId = "",
+	onRevoke,
+}: {
+	token?: string;
+	expiresAt?: string;
+	hasPassword?: boolean;
+	guestEmails?: string[];
+	linkId?: string;
+	onRevoke?: () => void;
+} = $props();
+let copied = $state(false);
+let confirmRevoke = $state(false);
+const shareUrl = $derived(
+	`${typeof window !== "undefined" ? window.location.origin : ""}/s/${token}`,
+);
+async function copyLink() {
+	await navigator.clipboard.writeText(shareUrl);
+	copied = true;
+	setTimeout(() => {
+		copied = false;
+	}, 2000);
+}
+function formatExpiry(dateStr: string): string {
+	if (!dateStr) return m.share_never_expires();
+	const date = new Date(dateStr);
+	const now = new Date();
+	if (date < now) return m.share_expired_label();
+	return m.share_expires_date({ date: date.toLocaleDateString() });
+}
+function removeGuest(email: string) {
+	if (!linkId) {
+		console.error("removeGuest called without linkId");
+		return;
+	}
+	apiFetch(`/api/share/${linkId}/guests/${encodeURIComponent(email)}`, {
+		method: "DELETE",
+	})
+		.then(() => {
+			// Backend already removed the row; consumer should re-fetch guest list
+		})
+		.catch((e: unknown) => console.error("Failed to remove guest", e));
+}
+</script>
+<div class="rounded-lg border border-border bg-card p-4">
+  <div class="mb-3 flex items-center gap-2">
+    <code class="flex-1 truncate text-sm">{shareUrl}</code>
+    <button onclick={copyLink} class="rounded-md border border-border px-2.5 py-1 text-xs font-medium hover:bg-accent">
+      {copied ? m.share_link_copied() : m.share_copy()}
+    </button>
+  </div>
+  <div class="mb-3 flex flex-wrap items-center gap-3 text-xs text-muted-foreground">
+    <span>{formatExpiry(expiresAt)}</span>
+    {#if hasPassword}
+      <span class="inline-flex items-center gap-1 rounded-md bg-secondary px-2 py-0.5">
+        <svg class="h-3 w-3" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><rect x="3" y="11" width="18" height="11" rx="2" ry="2"></rect><path d="M7 11V7a5 5 0 0 1 10 0v4"></path></svg>
+        {m.share_password_label()}
+      </span>
+    {/if}
+  </div>
+  {#if guestEmails.length > 0}
+    <div class="mb-3 space-y-1">
+      <p class="text-xs font-medium text-muted-foreground">{m.share_guests()}</p>
+      {#each guestEmails as email}
+        <div class="flex items-center justify-between rounded bg-muted px-2 py-1 text-xs">
+          <span>{email}</span>
+          <button onclick={() => removeGuest(email)} class="text-muted-foreground hover:text-destructive" aria-label={m.attachment_remove()}>&times;</button>
+        </div>
+      {/each}
+    </div>
+  {/if}
+  {#if !confirmRevoke}
+    <button onclick={() => { confirmRevoke = true; }} class="text-xs font-medium text-destructive hover:underline">{m.share_revoke_link()}</button>
+  {:else}
+    <div class="flex items-center gap-2">
+      <span class="text-xs text-destructive">{m.share_revoke_confirm()}</span>
+      <button onclick={onRevoke} class="rounded bg-destructive px-2 py-0.5 text-xs font-medium text-destructive-foreground">{m.share_yes()}</button>
+      <button onclick={() => { confirmRevoke = false; }} class="rounded border border-border px-2 py-0.5 text-xs">{m.action_cancel()}</button>
+    </div>
+  {/if}
+</div>