@infuro/cms-core 1.0.0

package/dist/index.js

@@ -0,0 +1,2928 @@
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __esm = (fn, res) => function __init() {
+  return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
+};
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __decorateClass = (decorators, target, key, kind) => {
+  var result = kind > 1 ? void 0 : kind ? __getOwnPropDesc(target, key) : target;
+  for (var i = decorators.length - 1, decorator; i >= 0; i--)
+    if (decorator = decorators[i])
+      result = (kind ? decorator(target, key, result) : decorator(result)) || result;
+  if (kind && result) __defProp(target, key, result);
+  return result;
+};
+
+// src/plugins/email/email-service.ts
+var email_service_exports = {};
+__export(email_service_exports, {
+  EmailService: () => EmailService,
+  emailTemplates: () => emailTemplates
+});
+import { SESClient, SendEmailCommand } from "@aws-sdk/client-ses";
+import nodemailer from "nodemailer";
+var EmailService, emailTemplates;
+var init_email_service = __esm({
+  "src/plugins/email/email-service.ts"() {
+    "use strict";
+    EmailService = class {
+      config;
+      sesClient;
+      transporter;
+      constructor(config) {
+        this.config = config;
+        if (config.type === "AWS") {
+          if (!config.region || !config.accessKeyId || !config.secretAccessKey) {
+            throw new Error("AWS SES configuration incomplete");
+          }
+          this.sesClient = new SESClient({
+            region: config.region,
+            credentials: { accessKeyId: config.accessKeyId, secretAccessKey: config.secretAccessKey }
+          });
+        } else if (config.type === "SMTP" || config.type === "GMAIL") {
+          if (!config.user || !config.password) throw new Error("SMTP configuration incomplete");
+          this.transporter = nodemailer.createTransport({
+            host: config.type === "GMAIL" ? "smtp.gmail.com" : void 0,
+            port: 587,
+            secure: false,
+            auth: { user: config.user, pass: config.password }
+          });
+        } else {
+          throw new Error(`Unsupported email type: ${config.type}`);
+        }
+      }
+      async send(emailData) {
+        try {
+          if (this.config.type === "AWS" && this.sesClient) {
+            await this.sesClient.send(
+              new SendEmailCommand({
+                Source: emailData.from || this.config.from,
+                Destination: { ToAddresses: [emailData.to || this.config.to] },
+                Message: {
+                  Subject: { Data: emailData.subject, Charset: "UTF-8" },
+                  Body: {
+                    Html: { Data: emailData.html, Charset: "UTF-8" },
+                    ...emailData.text && { Text: { Data: emailData.text, Charset: "UTF-8" } }
+                  }
+                }
+              })
+            );
+            return true;
+          }
+          if ((this.config.type === "SMTP" || this.config.type === "GMAIL") && this.transporter) {
+            await this.transporter.sendMail({
+              from: emailData.from || this.config.from,
+              to: emailData.to || this.config.to,
+              subject: emailData.subject,
+              html: emailData.html,
+              text: emailData.text
+            });
+            return true;
+          }
+          return false;
+        } catch (error) {
+          console.error("Email sending failed:", error);
+          return false;
+        }
+      }
+    };
+    emailTemplates = {
+      formSubmission: (data) => ({
+        subject: `New Form Submission: ${data.formName}`,
+        html: `<h2>New Form Submission</h2><p><strong>Form:</strong> ${data.formName}</p><p><strong>Contact:</strong> ${data.contactName} (${data.contactEmail})</p><pre>${JSON.stringify(data.formData, null, 2)}</pre>`,
+        text: `New Form Submission
+Form: ${data.formName}
+Contact: ${data.contactName} (${data.contactEmail})
+${JSON.stringify(data.formData, null, 2)}`
+      }),
+      contactSubmission: (data) => ({
+        subject: `New Contact Form Submission from ${data.name}`,
+        html: `<h2>New Contact Form Submission</h2><p><strong>Name:</strong> ${data.name}</p><p><strong>Email:</strong> ${data.email}</p>${data.phone ? `<p><strong>Phone:</strong> ${data.phone}</p>` : ""}${data.message ? `<p><strong>Message:</strong></p><p>${data.message}</p>` : ""}`,
+        text: `New Contact Form Submission
+Name: ${data.name}
+Email: ${data.email}
+${data.phone ? `Phone: ${data.phone}
+` : ""}${data.message ? `Message: ${data.message}` : ""}`
+      }),
+      passwordReset: (data) => ({
+        subject: "Reset your password",
+        html: `<h2>Reset your password</h2><p>Click the link below to set a new password. This link expires in 1 hour.</p><p><a href="${data.resetLink}">${data.resetLink}</a></p>`,
+        text: `Reset your password: ${data.resetLink}
+
+This link expires in 1 hour.`
+      })
+    };
+  }
+});
+
+// src/plugins/registry.ts
+var noopLogger = {
+  info: () => {
+  },
+  warn: () => {
+  },
+  error: () => {
+  }
+};
+async function createCmsApp(options) {
+  const { dataSource, config = {}, plugins = [], logger = noopLogger } = options;
+  const context = { dataSource, config, logger };
+  const registry = /* @__PURE__ */ new Map();
+  for (const plugin of plugins) {
+    const instance = await plugin.init(context);
+    registry.set(plugin.name, instance !== void 0 ? instance : plugin);
+  }
+  return {
+    dataSource,
+    getPlugin(name) {
+      return registry.get(name);
+    }
+  };
+}
+
+// src/plugins/erp/erp-auth.ts
+var ERPAuthService = class {
+  baseUrl;
+  credentials;
+  token = null;
+  constructor(config) {
+    this.baseUrl = config.baseUrl || "https://uat.infuroerp.com";
+    this.credentials = {
+      clientId: config.clientId,
+      clientSecret: config.clientSecret,
+      tenantId: config.tenantId
+    };
+  }
+  async authenticate() {
+    const authUrl = `${this.baseUrl}/api/auth/account/app-login`;
+    const authPayload = {
+      clientId: this.credentials.clientId,
+      clientSecret: this.credentials.clientSecret,
+      tenantId: this.credentials.tenantId
+    };
+    const response = await fetch(authUrl, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify(authPayload)
+    });
+    if (!response.ok) {
+      const errorData = await response.text();
+      throw new Error(`Authentication failed: ${response.status} - ${errorData}`);
+    }
+    const tokenData = await response.json();
+    const actualToken = tokenData.access_token || tokenData.token || tokenData.accessToken || tokenData.jwt || tokenData.bearer_token || tokenData.auth_token;
+    if (!actualToken) {
+      throw new Error("No access token found in authentication response");
+    }
+    const expiresIn = tokenData.expires_in || tokenData.expiresIn || 3600;
+    const expiresAt = Date.now() + expiresIn * 1e3;
+    const token = {
+      access_token: actualToken,
+      token_type: tokenData.token_type || tokenData.tokenType || "Bearer",
+      expires_in: expiresIn,
+      expires_at: expiresAt
+    };
+    this.token = token;
+    return token;
+  }
+  async getValidToken() {
+    if (this.token && this.token.expires_at && Date.now() < this.token.expires_at) {
+      return this.token.access_token;
+    }
+    const newToken = await this.authenticate();
+    return newToken.access_token;
+  }
+  async makeAuthenticatedRequest(url, options = {}) {
+    const token = await this.getValidToken();
+    const headers = {
+      "Content-Type": "application/json",
+      Authorization: `Bearer ${token}`,
+      ...options.headers
+    };
+    return fetch(url, { ...options, headers });
+  }
+};
+
+// src/plugins/erp/erp-submission.ts
+var ERPSubmissionService = class {
+  baseUrl;
+  pipelineId;
+  pipelineStageId;
+  auth;
+  constructor(config) {
+    this.baseUrl = config.baseUrl || "https://uat.infuroerp.com";
+    this.pipelineId = config.pipelineId;
+    this.pipelineStageId = config.pipelineStageId;
+    this.auth = config.auth;
+  }
+  async submitContact(formData) {
+    try {
+      if (!formData.firstName || !formData.lastName || !formData.email) {
+        throw new Error("Missing required fields: First name, last name, and email are required");
+      }
+      const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
+      if (!emailRegex.test(formData.email)) {
+        throw new Error("Invalid email format");
+      }
+      const contactPayload = {
+        contact: `${formData.firstName} ${formData.lastName}`,
+        type: "Individual",
+        status: "Active",
+        tag_ids: [],
+        company_id: null,
+        first_name: formData.firstName,
+        last_name: formData.lastName,
+        email: formData.email,
+        phone: formData.phone || "",
+        country: ""
+      };
+      const contactApiUrl = `${this.baseUrl}/api/crm/contacts`;
+      const contactResponse = await this.auth.makeAuthenticatedRequest(contactApiUrl, {
+        method: "POST",
+        body: JSON.stringify(contactPayload)
+      });
+      if (!contactResponse.ok) {
+        const errorData = await contactResponse.text();
+        throw new Error(`Failed to submit contact: ${contactResponse.status} - ${errorData}`);
+      }
+      const contactData = await contactResponse.json();
+      const contactId = contactData.id || contactData.data?.id;
+      if (!contactId) {
+        throw new Error("No contact ID returned from API");
+      }
+      let opportunityId;
+      if (this.pipelineId && this.pipelineStageId) {
+        const currentDate = (/* @__PURE__ */ new Date()).toISOString();
+        const opportunityPayload = {
+          contact_id: contactId,
+          name: `${formData.industry || "General"} Inquiry - ${formData.firstName} ${formData.lastName}`,
+          description: formData.message || "Inquiry from website contact form",
+          createdAt: currentDate,
+          pipeline_id: this.pipelineId,
+          pipeline_stage_id: this.pipelineStageId,
+          amount: null,
+          expected_close_date: currentDate,
+          actual_close_date: currentDate,
+          owner: null
+        };
+        const opportunityApiUrl = `${this.baseUrl}/api/crm/opportunities`;
+        const opportunityResponse = await this.auth.makeAuthenticatedRequest(opportunityApiUrl, {
+          method: "POST",
+          body: JSON.stringify(opportunityPayload)
+        });
+        if (opportunityResponse.ok) {
+          const opportunityData = await opportunityResponse.json();
+          opportunityId = opportunityData.id || opportunityData.data?.id;
+        }
+      }
+      return { success: true, contactId, opportunityId };
+    } catch (error) {
+      const message = error instanceof Error ? error.message : "Failed to submit to ERP";
+      return { success: false, contactId: "", error: message };
+    }
+  }
+  extractContactData(formData, formFields) {
+    const contactData = {
+      firstName: "",
+      lastName: "",
+      email: "",
+      phone: "",
+      industry: "",
+      message: ""
+    };
+    let hasEmail = false;
+    for (const field of formFields) {
+      const fieldValue = formData[field.id.toString()];
+      if (fieldValue == null) continue;
+      const label = field.label.toLowerCase();
+      const value = String(fieldValue).trim();
+      if (field.type === "email") {
+        contactData.email = value;
+        hasEmail = true;
+      } else if (field.type === "phone") {
+        contactData.phone = value;
+      } else if (field.type === "text" || field.type === "textarea") {
+        if (label.includes("first name") || label.includes("firstname")) {
+          contactData.firstName = value;
+        } else if (label.includes("last name") || label.includes("lastname")) {
+          contactData.lastName = value;
+        } else if (label.includes("name") && !contactData.firstName) {
+          const nameParts = value.split(" ");
+          if (nameParts.length >= 2) {
+            contactData.firstName = nameParts[0];
+            contactData.lastName = nameParts.slice(1).join(" ");
+          } else {
+            contactData.firstName = value;
+          }
+        } else if (label.includes("industry")) {
+          contactData.industry = value;
+        } else if (label.includes("message") || label.includes("comment") || label.includes("description") || label.includes("inquiry")) {
+          contactData.message = value;
+        }
+      }
+    }
+    if (!hasEmail && !contactData.firstName) return null;
+    if (!contactData.firstName && contactData.email) {
+      contactData.firstName = contactData.email.split("@")[0];
+      contactData.lastName = "";
+    }
+    return contactData;
+  }
+};
+
+// src/plugins/erp/index.ts
+function erpPlugin(config) {
+  return {
+    name: "erp",
+    version: "1.0.0",
+    async init(context) {
+      const baseUrl = config.baseUrl || context.config.ERP_API_BASE_URL || "https://uat.infuroerp.com";
+      const clientId = config.clientId || context.config.CLIENT_ID || "";
+      const clientSecret = config.clientSecret || context.config.CLIENT_SECRET || "";
+      const tenantId = config.tenantId || context.config.TENANT_ID || "";
+      const pipelineId = config.pipelineId || context.config.PIPELINE_ID || "";
+      const pipelineStageId = config.pipelineStageId || context.config.PIPELINE_STAGE_ID || "";
+      const auth = new ERPAuthService({
+        baseUrl,
+        clientId,
+        clientSecret,
+        tenantId
+      });
+      const submission = new ERPSubmissionService({
+        baseUrl,
+        pipelineId,
+        pipelineStageId,
+        auth
+      });
+      return { auth, submission };
+    }
+  };
+}
+
+// src/plugins/email/index.ts
+init_email_service();
+init_email_service();
+function emailPlugin(config) {
+  return {
+    name: "email",
+    version: "1.0.0",
+    async init(context) {
+      const from = config.from || context.config.SMTP_FROM || "no-reply@example.com";
+      const to = config.to || context.config.SMTP_TO || "info@example.com";
+      const merged = {
+        ...config,
+        from,
+        to,
+        type: config.type || context.config.SMTP_TYPE || "SMTP",
+        user: config.user ?? context.config.SMTP_USER,
+        password: config.password ?? context.config.SMTP_PASSWORD,
+        region: config.region ?? context.config.AWS_REGION,
+        accessKeyId: config.accessKeyId ?? context.config.AWS_ACCESS_KEY_ID,
+        secretAccessKey: config.secretAccessKey ?? context.config.AWS_SECRET_ACCESS_KEY
+      };
+      return new EmailService(merged);
+    }
+  };
+}
+
+// src/plugins/analytics/analytics-service.ts
+import { google } from "googleapis";
+var AnalyticsService = class {
+  analytics;
+  viewId;
+  constructor(config) {
+    const privateKey = config.privateKey.replace(/\\n/g, "\n");
+    const auth = new google.auth.JWT({
+      email: config.clientEmail,
+      key: privateKey,
+      scopes: ["https://www.googleapis.com/auth/analytics.readonly"]
+    });
+    this.analytics = google.analyticsdata({ version: "v1beta", auth });
+    this.viewId = config.viewId;
+  }
+  async getAnalyticsData(days = 30) {
+    const endDate = /* @__PURE__ */ new Date();
+    const startDate = /* @__PURE__ */ new Date();
+    startDate.setDate(startDate.getDate() - days);
+    const [visitors, pageViews, bounceRate, sessionDuration, topPages, trafficSources, geographicData, dailyUsers] = await Promise.all([
+      this.getVisitors(startDate, endDate),
+      this.getPageViews(startDate, endDate),
+      this.getBounceRate(startDate, endDate),
+      this.getAvgSessionDuration(startDate, endDate),
+      this.getTopPages(startDate, endDate),
+      this.getTrafficSources(startDate, endDate),
+      this.getGeographicData(startDate, endDate),
+      this.getDailyUsers(startDate, endDate)
+    ]);
+    return {
+      visitors,
+      pageViews,
+      bounceRate,
+      avgSessionDuration: sessionDuration,
+      topPages,
+      trafficSources,
+      geographicData,
+      dailyUsers
+    };
+  }
+  async runReport(requestBody) {
+    const response = await this.analytics.properties.runReport({
+      property: `properties/${this.viewId}`,
+      requestBody
+    });
+    return response?.data;
+  }
+  async getVisitors(startDate, endDate) {
+    const data = await this.runReport({
+      dateRanges: [{ startDate: startDate.toISOString().split("T")[0], endDate: endDate.toISOString().split("T")[0] }],
+      metrics: [{ name: "totalUsers" }]
+    });
+    return parseInt(data.rows?.[0]?.metricValues?.[0]?.value || "0");
+  }
+  async getPageViews(startDate, endDate) {
+    const data = await this.runReport({
+      dateRanges: [{ startDate: startDate.toISOString().split("T")[0], endDate: endDate.toISOString().split("T")[0] }],
+      metrics: [{ name: "screenPageViews" }]
+    });
+    return parseInt(data.rows?.[0]?.metricValues?.[0]?.value || "0");
+  }
+  async getBounceRate(startDate, endDate) {
+    const data = await this.runReport({
+      dateRanges: [{ startDate: startDate.toISOString().split("T")[0], endDate: endDate.toISOString().split("T")[0] }],
+      metrics: [{ name: "bounceRate" }]
+    });
+    return parseFloat(data.rows?.[0]?.metricValues?.[0]?.value || "0");
+  }
+  async getAvgSessionDuration(startDate, endDate) {
+    const data = await this.runReport({
+      dateRanges: [{ startDate: startDate.toISOString().split("T")[0], endDate: endDate.toISOString().split("T")[0] }],
+      metrics: [{ name: "averageSessionDuration" }]
+    });
+    return parseFloat(data.rows?.[0]?.metricValues?.[0]?.value || "0");
+  }
+  async getTopPages(startDate, endDate) {
+    const data = await this.runReport({
+      dateRanges: [{ startDate: startDate.toISOString().split("T")[0], endDate: endDate.toISOString().split("T")[0] }],
+      dimensions: [{ name: "pagePath" }],
+      metrics: [{ name: "screenPageViews" }],
+      limit: 10
+    });
+    return data.rows?.map((row) => ({ page: row.dimensionValues[0].value, views: parseInt(row.metricValues[0].value) })) || [];
+  }
+  async getTrafficSources(startDate, endDate) {
+    const data = await this.runReport({
+      dateRanges: [{ startDate: startDate.toISOString().split("T")[0], endDate: endDate.toISOString().split("T")[0] }],
+      dimensions: [{ name: "sessionSource" }],
+      metrics: [{ name: "sessions" }],
+      limit: 10
+    });
+    return data.rows?.map((row) => ({ source: row.dimensionValues[0].value, sessions: parseInt(row.metricValues[0].value) })) || [];
+  }
+  async getGeographicData(startDate, endDate) {
+    const data = await this.runReport({
+      dateRanges: [{ startDate: startDate.toISOString().split("T")[0], endDate: endDate.toISOString().split("T")[0] }],
+      dimensions: [{ name: "country" }],
+      metrics: [{ name: "sessions" }],
+      limit: 10
+    });
+    return data.rows?.map((row) => ({ country: row.dimensionValues[0].value, sessions: parseInt(row.metricValues[0].value) })) || [];
+  }
+  async getDailyUsers(startDate, endDate) {
+    const data = await this.runReport({
+      dateRanges: [{ startDate: startDate.toISOString().split("T")[0], endDate: endDate.toISOString().split("T")[0] }],
+      dimensions: [{ name: "date" }],
+      metrics: [{ name: "totalUsers" }],
+      orderBys: [{ dimension: { dimensionName: "date" } }]
+    });
+    return data.rows?.map((row) => {
+      const dateStr = row.dimensionValues[0].value;
+      return { date: `${dateStr.substring(4, 6)}/${dateStr.substring(6, 8)}`, users: parseInt(row.metricValues[0].value) };
+    }) || [];
+  }
+};
+
+// src/plugins/analytics/index.ts
+function analyticsPlugin(config = {}) {
+  return {
+    name: "analytics",
+    version: "1.0.0",
+    async init(context) {
+      const privateKey = config.privateKey ?? context.config.GOOGLE_ANALYTICS_PRIVATE_KEY;
+      const clientEmail = config.clientEmail ?? context.config.GOOGLE_ANALYTICS_CLIENT_EMAIL;
+      const viewId = config.viewId ?? context.config.GOOGLE_ANALYTICS_VIEW_ID ?? "";
+      if (!privateKey || !clientEmail || !viewId) {
+        throw new Error("Google Analytics credentials not configured");
+      }
+      return new AnalyticsService({ privateKey, clientEmail, viewId });
+    }
+  };
+}
+
+// src/plugins/sms/index.ts
+function smsPlugin(_config = {}) {
+  return {
+    name: "sms",
+    version: "1.0.0",
+    async init() {
+      return null;
+    }
+  };
+}
+
+// src/plugins/payment/index.ts
+function paymentPlugin(_config = {}) {
+  return {
+    name: "payment",
+    version: "1.0.0",
+    async init() {
+      return null;
+    }
+  };
+}
+
+// src/plugins/storage/s3.ts
+function getS3Storage(config) {
+  const prefix = (config.prefix ?? "uploads").replace(/\/$/, "");
+  const keyPrefix = prefix ? `${prefix}/` : "";
+  return {
+    async upload(buffer, key, contentType) {
+      const { S3Client, PutObjectCommand } = await import("@aws-sdk/client-s3");
+      const client = new S3Client({
+        region: config.region,
+        credentials: {
+          accessKeyId: config.accessKeyId,
+          secretAccessKey: config.secretAccessKey
+        }
+      });
+      const fullKey = keyPrefix + key.replace(/^\/+/, "");
+      await client.send(
+        new PutObjectCommand({
+          Bucket: config.bucket,
+          Key: fullKey,
+          Body: buffer,
+          ContentType: contentType
+        })
+      );
+      if (config.baseUrl) {
+        return `${config.baseUrl.replace(/\/$/, "")}/${fullKey}`;
+      }
+      return `https://s3.${config.region}.amazonaws.com/${config.bucket}/${fullKey}`;
+    }
+  };
+}
+function s3StoragePlugin(config) {
+  return {
+    name: "storage",
+    version: "1.0.0",
+    async init(context) {
+      const region = config.region ?? context.config.AWS_REGION ?? "";
+      const accessKeyId = config.accessKeyId ?? context.config.AWS_ACCESS_KEY_ID ?? "";
+      const secretAccessKey = config.secretAccessKey ?? context.config.AWS_SECRET_ACCESS_KEY ?? "";
+      const bucket = config.bucket ?? context.config.AWS_BUCKET_NAME ?? "";
+      const baseUrl = config.baseUrl ?? context.config.S3_MEDIA_URL ?? context.config.S3_CUSTOM_DOMAIN;
+      const resolvedBaseUrl = typeof baseUrl === "string" && baseUrl ? baseUrl.startsWith("http") ? baseUrl : `https://${baseUrl}` : void 0;
+      if (!region || !accessKeyId || !secretAccessKey || !bucket) {
+        throw new Error("S3 storage plugin: missing region, accessKeyId, secretAccessKey or bucket");
+      }
+      return getS3Storage({
+        region,
+        accessKeyId,
+        secretAccessKey,
+        bucket,
+        baseUrl: resolvedBaseUrl,
+        prefix: config.prefix ?? "uploads"
+      });
+    }
+  };
+}
+
+// src/plugins/storage/local.ts
+function getLocalStorage(config) {
+  const dir = (config.dir ?? "public/uploads").replace(/\/$/, "");
+  const publicPath = config.publicPath ?? `/${dir.replace(/^\/+/, "").replace(/\\/g, "/")}`;
+  return {
+    async upload(buffer, key, _contentType) {
+      const fs = await import("fs/promises");
+      const path = await import("path");
+      const fullDir = path.join(process.cwd(), dir);
+      await fs.mkdir(fullDir, { recursive: true });
+      const fileName = key.replace(/^\/+/, "").replace(/\.\./g, "");
+      const filePath = path.join(fullDir, fileName);
+      const fileDir = path.dirname(filePath);
+      await fs.mkdir(fileDir, { recursive: true });
+      await fs.writeFile(filePath, buffer);
+      return `${publicPath.replace(/\/$/, "")}/${fileName}`;
+    }
+  };
+}
+function localStoragePlugin(config = {}) {
+  return {
+    name: "storage",
+    version: "1.0.0",
+    async init(context) {
+      const dir = config.dir ?? context.config.UPLOAD_DIR ?? "public/uploads";
+      return getLocalStorage({ ...config, dir });
+    }
+  };
+}
+
+// src/lib/utils.ts
+import { clsx } from "clsx";
+import { twMerge } from "tailwind-merge";
+function cn(...inputs) {
+  return twMerge(clsx(inputs));
+}
+function generateSlug(title) {
+  return title.toLowerCase().replace(/[^a-z0-9]+/g, "-").replace(/(^-|-$)/g, "");
+}
+function validateSlug(slug) {
+  const slugRegex = /^[a-z0-9]+(?:-[a-z0-9]+)*$/;
+  return slugRegex.test(slug) && slug.length >= 3 && slug.length <= 50;
+}
+function formatDate(date) {
+  const d = new Date(date);
+  return d.toLocaleDateString("en-US", { year: "numeric", month: "long", day: "numeric" });
+}
+function formatDateTime(date) {
+  const d = new Date(date);
+  return d.toLocaleDateString("en-US", {
+    year: "numeric",
+    month: "short",
+    day: "numeric",
+    hour: "2-digit",
+    minute: "2-digit"
+  });
+}
+function formatDateOnly(date) {
+  const d = new Date(date);
+  return d.toLocaleDateString("en-US", { year: "numeric", month: "long", day: "numeric" });
+}
+function truncateText(text, maxLength) {
+  if (text.length <= maxLength) return text;
+  return text.substring(0, maxLength).trim() + "...";
+}
+
+// src/entities/user.entity.ts
+import { Entity as Entity3, PrimaryGeneratedColumn as PrimaryGeneratedColumn3, Column as Column3, ManyToOne as ManyToOne2, JoinColumn as JoinColumn2 } from "typeorm";
+
+// src/entities/user-group.entity.ts
+import { Entity as Entity2, PrimaryGeneratedColumn as PrimaryGeneratedColumn2, Column as Column2, OneToMany } from "typeorm";
+
+// src/entities/permission.entity.ts
+import { Entity, PrimaryGeneratedColumn, Column, ManyToOne, JoinColumn } from "typeorm";
+var Permission = class {
+  id;
+  groupId;
+  entity;
+  canCreate;
+  canRead;
+  canUpdate;
+  canDelete;
+  createdAt;
+  updatedAt;
+  deletedAt;
+  deleted;
+  createdBy;
+  updatedBy;
+  deletedBy;
+  group;
+};
+__decorateClass([
+  PrimaryGeneratedColumn()
+], Permission.prototype, "id", 2);
+__decorateClass([
+  Column("int")
+], Permission.prototype, "groupId", 2);
+__decorateClass([
+  Column("varchar")
+], Permission.prototype, "entity", 2);
+__decorateClass([
+  Column("boolean", { default: false })
+], Permission.prototype, "canCreate", 2);
+__decorateClass([
+  Column("boolean", { default: false })
+], Permission.prototype, "canRead", 2);
+__decorateClass([
+  Column("boolean", { default: false })
+], Permission.prototype, "canUpdate", 2);
+__decorateClass([
+  Column("boolean", { default: false })
+], Permission.prototype, "canDelete", 2);
+__decorateClass([
+  Column({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], Permission.prototype, "createdAt", 2);
+__decorateClass([
+  Column({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], Permission.prototype, "updatedAt", 2);
+__decorateClass([
+  Column({ type: "timestamp", nullable: true })
+], Permission.prototype, "deletedAt", 2);
+__decorateClass([
+  Column("boolean", { default: false })
+], Permission.prototype, "deleted", 2);
+__decorateClass([
+  Column("int", { nullable: true })
+], Permission.prototype, "createdBy", 2);
+__decorateClass([
+  Column("int", { nullable: true })
+], Permission.prototype, "updatedBy", 2);
+__decorateClass([
+  Column("int", { nullable: true })
+], Permission.prototype, "deletedBy", 2);
+__decorateClass([
+  ManyToOne(() => UserGroup, (g) => g.permissions, { onDelete: "CASCADE" }),
+  JoinColumn({ name: "groupId" })
+], Permission.prototype, "group", 2);
+Permission = __decorateClass([
+  Entity("permissions")
+], Permission);
+
+// src/entities/user-group.entity.ts
+var UserGroup = class {
+  id;
+  name;
+  createdAt;
+  updatedAt;
+  deletedAt;
+  deleted;
+  createdBy;
+  updatedBy;
+  deletedBy;
+  permissions;
+  users;
+};
+__decorateClass([
+  PrimaryGeneratedColumn2()
+], UserGroup.prototype, "id", 2);
+__decorateClass([
+  Column2("varchar", { unique: true })
+], UserGroup.prototype, "name", 2);
+__decorateClass([
+  Column2({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], UserGroup.prototype, "createdAt", 2);
+__decorateClass([
+  Column2({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], UserGroup.prototype, "updatedAt", 2);
+__decorateClass([
+  Column2({ type: "timestamp", nullable: true })
+], UserGroup.prototype, "deletedAt", 2);
+__decorateClass([
+  Column2("boolean", { default: false })
+], UserGroup.prototype, "deleted", 2);
+__decorateClass([
+  Column2("int", { nullable: true })
+], UserGroup.prototype, "createdBy", 2);
+__decorateClass([
+  Column2("int", { nullable: true })
+], UserGroup.prototype, "updatedBy", 2);
+__decorateClass([
+  Column2("int", { nullable: true })
+], UserGroup.prototype, "deletedBy", 2);
+__decorateClass([
+  OneToMany(() => Permission, (p) => p.group)
+], UserGroup.prototype, "permissions", 2);
+__decorateClass([
+  OneToMany(() => User, (u) => u.group)
+], UserGroup.prototype, "users", 2);
+UserGroup = __decorateClass([
+  Entity2("user_groups")
+], UserGroup);
+
+// src/entities/user.entity.ts
+var User = class {
+  id;
+  name;
+  email;
+  password;
+  blocked;
+  groupId;
+  createdAt;
+  updatedAt;
+  deletedAt;
+  deleted;
+  createdBy;
+  updatedBy;
+  deletedBy;
+  group;
+};
+__decorateClass([
+  PrimaryGeneratedColumn3()
+], User.prototype, "id", 2);
+__decorateClass([
+  Column3("varchar")
+], User.prototype, "name", 2);
+__decorateClass([
+  Column3("varchar", { unique: true })
+], User.prototype, "email", 2);
+__decorateClass([
+  Column3("varchar", { nullable: true })
+], User.prototype, "password", 2);
+__decorateClass([
+  Column3("boolean", { default: false })
+], User.prototype, "blocked", 2);
+__decorateClass([
+  Column3("int", { nullable: true })
+], User.prototype, "groupId", 2);
+__decorateClass([
+  Column3({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], User.prototype, "createdAt", 2);
+__decorateClass([
+  Column3({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], User.prototype, "updatedAt", 2);
+__decorateClass([
+  Column3({ type: "timestamp", nullable: true })
+], User.prototype, "deletedAt", 2);
+__decorateClass([
+  Column3("boolean", { default: false })
+], User.prototype, "deleted", 2);
+__decorateClass([
+  Column3("int", { nullable: true })
+], User.prototype, "createdBy", 2);
+__decorateClass([
+  Column3("int", { nullable: true })
+], User.prototype, "updatedBy", 2);
+__decorateClass([
+  Column3("int", { nullable: true })
+], User.prototype, "deletedBy", 2);
+__decorateClass([
+  ManyToOne2(() => UserGroup, (g) => g.users, { onDelete: "SET NULL" }),
+  JoinColumn2({ name: "groupId" })
+], User.prototype, "group", 2);
+User = __decorateClass([
+  Entity3("users")
+], User);
+
+// src/entities/password-reset-token.entity.ts
+import { Entity as Entity4, PrimaryGeneratedColumn as PrimaryGeneratedColumn4, Column as Column4 } from "typeorm";
+var PasswordResetToken = class {
+  id;
+  email;
+  token;
+  expiresAt;
+  createdAt;
+};
+__decorateClass([
+  PrimaryGeneratedColumn4()
+], PasswordResetToken.prototype, "id", 2);
+__decorateClass([
+  Column4("varchar")
+], PasswordResetToken.prototype, "email", 2);
+__decorateClass([
+  Column4("varchar", { unique: true })
+], PasswordResetToken.prototype, "token", 2);
+__decorateClass([
+  Column4({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], PasswordResetToken.prototype, "expiresAt", 2);
+__decorateClass([
+  Column4({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], PasswordResetToken.prototype, "createdAt", 2);
+PasswordResetToken = __decorateClass([
+  Entity4("password_reset_tokens")
+], PasswordResetToken);
+
+// src/entities/blog.entity.ts
+import {
+  Entity as Entity9,
+  PrimaryGeneratedColumn as PrimaryGeneratedColumn9,
+  Column as Column9,
+  ManyToOne as ManyToOne4,
+  OneToMany as OneToMany4,
+  ManyToMany as ManyToMany2,
+  JoinTable,
+  JoinColumn as JoinColumn4
+} from "typeorm";
+
+// src/entities/category.entity.ts
+import { Entity as Entity5, PrimaryGeneratedColumn as PrimaryGeneratedColumn5, Column as Column5, OneToMany as OneToMany2 } from "typeorm";
+var Category = class {
+  id;
+  name;
+  createdAt;
+  updatedAt;
+  deletedAt;
+  deleted;
+  createdBy;
+  updatedBy;
+  deletedBy;
+  blogs;
+};
+__decorateClass([
+  PrimaryGeneratedColumn5()
+], Category.prototype, "id", 2);
+__decorateClass([
+  Column5("varchar")
+], Category.prototype, "name", 2);
+__decorateClass([
+  Column5({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], Category.prototype, "createdAt", 2);
+__decorateClass([
+  Column5({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], Category.prototype, "updatedAt", 2);
+__decorateClass([
+  Column5({ type: "timestamp", nullable: true })
+], Category.prototype, "deletedAt", 2);
+__decorateClass([
+  Column5("boolean", { default: false })
+], Category.prototype, "deleted", 2);
+__decorateClass([
+  Column5("int", { nullable: true })
+], Category.prototype, "createdBy", 2);
+__decorateClass([
+  Column5("int", { nullable: true })
+], Category.prototype, "updatedBy", 2);
+__decorateClass([
+  Column5("int", { nullable: true })
+], Category.prototype, "deletedBy", 2);
+__decorateClass([
+  OneToMany2("Blog", "category")
+], Category.prototype, "blogs", 2);
+Category = __decorateClass([
+  Entity5("categories")
+], Category);
+
+// src/entities/seo.entity.ts
+import { Entity as Entity6, PrimaryGeneratedColumn as PrimaryGeneratedColumn6, Column as Column6, OneToMany as OneToMany3 } from "typeorm";
+var Seo = class {
+  id;
+  title;
+  description;
+  keywords;
+  ogTitle;
+  ogDescription;
+  ogImage;
+  slug;
+  createdAt;
+  updatedAt;
+  deletedAt;
+  deleted;
+  createdBy;
+  updatedBy;
+  deletedBy;
+  blogs;
+};
+__decorateClass([
+  PrimaryGeneratedColumn6()
+], Seo.prototype, "id", 2);
+__decorateClass([
+  Column6("varchar", { nullable: true })
+], Seo.prototype, "title", 2);
+__decorateClass([
+  Column6("varchar", { nullable: true })
+], Seo.prototype, "description", 2);
+__decorateClass([
+  Column6("varchar", { nullable: true })
+], Seo.prototype, "keywords", 2);
+__decorateClass([
+  Column6("varchar", { nullable: true })
+], Seo.prototype, "ogTitle", 2);
+__decorateClass([
+  Column6("varchar", { nullable: true })
+], Seo.prototype, "ogDescription", 2);
+__decorateClass([
+  Column6("varchar", { nullable: true })
+], Seo.prototype, "ogImage", 2);
+__decorateClass([
+  Column6("varchar", { unique: true })
+], Seo.prototype, "slug", 2);
+__decorateClass([
+  Column6({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], Seo.prototype, "createdAt", 2);
+__decorateClass([
+  Column6({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], Seo.prototype, "updatedAt", 2);
+__decorateClass([
+  Column6({ type: "timestamp", nullable: true })
+], Seo.prototype, "deletedAt", 2);
+__decorateClass([
+  Column6("boolean", { default: false })
+], Seo.prototype, "deleted", 2);
+__decorateClass([
+  Column6("int", { nullable: true })
+], Seo.prototype, "createdBy", 2);
+__decorateClass([
+  Column6("int", { nullable: true })
+], Seo.prototype, "updatedBy", 2);
+__decorateClass([
+  Column6("int", { nullable: true })
+], Seo.prototype, "deletedBy", 2);
+__decorateClass([
+  OneToMany3(() => Blog, (blog) => blog.seo)
+], Seo.prototype, "blogs", 2);
+Seo = __decorateClass([
+  Entity6("seos")
+], Seo);
+
+// src/entities/comment.entity.ts
+import { Entity as Entity7, PrimaryGeneratedColumn as PrimaryGeneratedColumn7, Column as Column7, ManyToOne as ManyToOne3, JoinColumn as JoinColumn3 } from "typeorm";
+var Comment = class {
+  id;
+  content;
+  blogId;
+  authorId;
+  createdAt;
+  updatedAt;
+  deletedAt;
+  deleted;
+  createdBy;
+  updatedBy;
+  deletedBy;
+  author;
+  blog;
+};
+__decorateClass([
+  PrimaryGeneratedColumn7()
+], Comment.prototype, "id", 2);
+__decorateClass([
+  Column7("text")
+], Comment.prototype, "content", 2);
+__decorateClass([
+  Column7("int")
+], Comment.prototype, "blogId", 2);
+__decorateClass([
+  Column7("int")
+], Comment.prototype, "authorId", 2);
+__decorateClass([
+  Column7({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], Comment.prototype, "createdAt", 2);
+__decorateClass([
+  Column7({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], Comment.prototype, "updatedAt", 2);
+__decorateClass([
+  Column7({ type: "timestamp", nullable: true })
+], Comment.prototype, "deletedAt", 2);
+__decorateClass([
+  Column7("boolean", { default: false })
+], Comment.prototype, "deleted", 2);
+__decorateClass([
+  Column7("int", { nullable: true })
+], Comment.prototype, "createdBy", 2);
+__decorateClass([
+  Column7("int", { nullable: true })
+], Comment.prototype, "updatedBy", 2);
+__decorateClass([
+  Column7("int", { nullable: true })
+], Comment.prototype, "deletedBy", 2);
+__decorateClass([
+  ManyToOne3(() => User, { onDelete: "CASCADE" }),
+  JoinColumn3({ name: "authorId" })
+], Comment.prototype, "author", 2);
+__decorateClass([
+  ManyToOne3(() => Blog, (b) => b.comments, { onDelete: "CASCADE" }),
+  JoinColumn3({ name: "blogId" })
+], Comment.prototype, "blog", 2);
+Comment = __decorateClass([
+  Entity7("comments")
+], Comment);
+
+// src/entities/tag.entity.ts
+import { Entity as Entity8, PrimaryGeneratedColumn as PrimaryGeneratedColumn8, Column as Column8, ManyToMany } from "typeorm";
+var Tag = class {
+  id;
+  name;
+  createdAt;
+  updatedAt;
+  deletedAt;
+  deleted;
+  createdBy;
+  updatedBy;
+  deletedBy;
+  blogs;
+};
+__decorateClass([
+  PrimaryGeneratedColumn8()
+], Tag.prototype, "id", 2);
+__decorateClass([
+  Column8("varchar", { unique: true })
+], Tag.prototype, "name", 2);
+__decorateClass([
+  Column8({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], Tag.prototype, "createdAt", 2);
+__decorateClass([
+  Column8({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], Tag.prototype, "updatedAt", 2);
+__decorateClass([
+  Column8({ type: "timestamp", nullable: true })
+], Tag.prototype, "deletedAt", 2);
+__decorateClass([
+  Column8("boolean", { default: false })
+], Tag.prototype, "deleted", 2);
+__decorateClass([
+  Column8("int", { nullable: true })
+], Tag.prototype, "createdBy", 2);
+__decorateClass([
+  Column8("int", { nullable: true })
+], Tag.prototype, "updatedBy", 2);
+__decorateClass([
+  Column8("int", { nullable: true })
+], Tag.prototype, "deletedBy", 2);
+__decorateClass([
+  ManyToMany(() => Blog, (blog) => blog.tags)
+], Tag.prototype, "blogs", 2);
+Tag = __decorateClass([
+  Entity8("tags")
+], Tag);
+
+// src/entities/blog.entity.ts
+var Blog = class {
+  id;
+  title;
+  content;
+  coverImage;
+  authorId;
+  categoryId;
+  seoId;
+  published;
+  createdAt;
+  updatedAt;
+  deletedAt;
+  deleted;
+  createdBy;
+  updatedBy;
+  deletedBy;
+  slug;
+  author;
+  category;
+  seo;
+  comments;
+  tags;
+};
+__decorateClass([
+  PrimaryGeneratedColumn9()
+], Blog.prototype, "id", 2);
+__decorateClass([
+  Column9("varchar")
+], Blog.prototype, "title", 2);
+__decorateClass([
+  Column9("text")
+], Blog.prototype, "content", 2);
+__decorateClass([
+  Column9("varchar", { nullable: true })
+], Blog.prototype, "coverImage", 2);
+__decorateClass([
+  Column9("int")
+], Blog.prototype, "authorId", 2);
+__decorateClass([
+  Column9("int", { nullable: true })
+], Blog.prototype, "categoryId", 2);
+__decorateClass([
+  Column9("int", { nullable: true })
+], Blog.prototype, "seoId", 2);
+__decorateClass([
+  Column9("boolean", { default: false })
+], Blog.prototype, "published", 2);
+__decorateClass([
+  Column9({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], Blog.prototype, "createdAt", 2);
+__decorateClass([
+  Column9({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], Blog.prototype, "updatedAt", 2);
+__decorateClass([
+  Column9({ type: "timestamp", nullable: true })
+], Blog.prototype, "deletedAt", 2);
+__decorateClass([
+  Column9("boolean", { default: false })
+], Blog.prototype, "deleted", 2);
+__decorateClass([
+  Column9("int", { nullable: true })
+], Blog.prototype, "createdBy", 2);
+__decorateClass([
+  Column9("int", { nullable: true })
+], Blog.prototype, "updatedBy", 2);
+__decorateClass([
+  Column9("int", { nullable: true })
+], Blog.prototype, "deletedBy", 2);
+__decorateClass([
+  Column9("varchar", { unique: true })
+], Blog.prototype, "slug", 2);
+__decorateClass([
+  ManyToOne4(() => User, { onDelete: "CASCADE" }),
+  JoinColumn4({ name: "authorId" })
+], Blog.prototype, "author", 2);
+__decorateClass([
+  ManyToOne4(() => Category, (c) => c.blogs, { onDelete: "SET NULL" }),
+  JoinColumn4({ name: "categoryId" })
+], Blog.prototype, "category", 2);
+__decorateClass([
+  ManyToOne4(() => Seo, (s) => s.blogs, { onDelete: "SET NULL" }),
+  JoinColumn4({ name: "seoId" })
+], Blog.prototype, "seo", 2);
+__decorateClass([
+  OneToMany4(() => Comment, (c) => c.blog)
+], Blog.prototype, "comments", 2);
+__decorateClass([
+  ManyToMany2(() => Tag, (t) => t.blogs),
+  JoinTable({
+    name: "blog_tags",
+    joinColumn: { name: "blogId", referencedColumnName: "id" },
+    inverseJoinColumn: { name: "tagId", referencedColumnName: "id" }
+  })
+], Blog.prototype, "tags", 2);
+Blog = __decorateClass([
+  Entity9("blogs")
+], Blog);
+
+// src/entities/contact.entity.ts
+import { Entity as Entity13, PrimaryGeneratedColumn as PrimaryGeneratedColumn13, Column as Column13, OneToMany as OneToMany6 } from "typeorm";
+
+// src/entities/form-submission.entity.ts
+import { Entity as Entity12, PrimaryGeneratedColumn as PrimaryGeneratedColumn12, Column as Column12, ManyToOne as ManyToOne6, JoinColumn as JoinColumn6 } from "typeorm";
+
+// src/entities/form.entity.ts
+import { Entity as Entity11, PrimaryGeneratedColumn as PrimaryGeneratedColumn11, Column as Column11, OneToMany as OneToMany5 } from "typeorm";
+
+// src/entities/form-field.entity.ts
+import { Entity as Entity10, PrimaryGeneratedColumn as PrimaryGeneratedColumn10, Column as Column10, ManyToOne as ManyToOne5, JoinColumn as JoinColumn5 } from "typeorm";
+var FormField = class {
+  id;
+  formId;
+  label;
+  type;
+  placeholder;
+  options;
+  required;
+  validation;
+  order;
+  groupId;
+  columnWidth;
+  createdAt;
+  updatedAt;
+  deletedAt;
+  deleted;
+  createdBy;
+  updatedBy;
+  deletedBy;
+  form;
+};
+__decorateClass([
+  PrimaryGeneratedColumn10()
+], FormField.prototype, "id", 2);
+__decorateClass([
+  Column10("int")
+], FormField.prototype, "formId", 2);
+__decorateClass([
+  Column10("varchar")
+], FormField.prototype, "label", 2);
+__decorateClass([
+  Column10("varchar")
+], FormField.prototype, "type", 2);
+__decorateClass([
+  Column10("varchar", { nullable: true })
+], FormField.prototype, "placeholder", 2);
+__decorateClass([
+  Column10("varchar", { nullable: true })
+], FormField.prototype, "options", 2);
+__decorateClass([
+  Column10("boolean", { default: false })
+], FormField.prototype, "required", 2);
+__decorateClass([
+  Column10("varchar", { nullable: true })
+], FormField.prototype, "validation", 2);
+__decorateClass([
+  Column10("int")
+], FormField.prototype, "order", 2);
+__decorateClass([
+  Column10("int", { default: 1 })
+], FormField.prototype, "groupId", 2);
+__decorateClass([
+  Column10("int", { default: 12 })
+], FormField.prototype, "columnWidth", 2);
+__decorateClass([
+  Column10({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], FormField.prototype, "createdAt", 2);
+__decorateClass([
+  Column10({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], FormField.prototype, "updatedAt", 2);
+__decorateClass([
+  Column10({ type: "timestamp", nullable: true })
+], FormField.prototype, "deletedAt", 2);
+__decorateClass([
+  Column10("boolean", { default: false })
+], FormField.prototype, "deleted", 2);
+__decorateClass([
+  Column10("int", { nullable: true })
+], FormField.prototype, "createdBy", 2);
+__decorateClass([
+  Column10("int", { nullable: true })
+], FormField.prototype, "updatedBy", 2);
+__decorateClass([
+  Column10("int", { nullable: true })
+], FormField.prototype, "deletedBy", 2);
+__decorateClass([
+  ManyToOne5(() => Form, (f) => f.fields, { onDelete: "CASCADE" }),
+  JoinColumn5({ name: "formId" })
+], FormField.prototype, "form", 2);
+FormField = __decorateClass([
+  Entity10("form_fields")
+], FormField);
+
+// src/entities/form.entity.ts
+var Form = class {
+  id;
+  name;
+  description;
+  campaign;
+  slug;
+  published;
+  createdAt;
+  updatedAt;
+  deletedAt;
+  deleted;
+  createdBy;
+  updatedBy;
+  deletedBy;
+  fields;
+  submissions;
+};
+__decorateClass([
+  PrimaryGeneratedColumn11()
+], Form.prototype, "id", 2);
+__decorateClass([
+  Column11("varchar")
+], Form.prototype, "name", 2);
+__decorateClass([
+  Column11("text", { nullable: true })
+], Form.prototype, "description", 2);
+__decorateClass([
+  Column11("varchar", { nullable: true })
+], Form.prototype, "campaign", 2);
+__decorateClass([
+  Column11("varchar", { unique: true })
+], Form.prototype, "slug", 2);
+__decorateClass([
+  Column11("boolean", { default: false })
+], Form.prototype, "published", 2);
+__decorateClass([
+  Column11({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], Form.prototype, "createdAt", 2);
+__decorateClass([
+  Column11({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], Form.prototype, "updatedAt", 2);
+__decorateClass([
+  Column11({ type: "timestamp", nullable: true })
+], Form.prototype, "deletedAt", 2);
+__decorateClass([
+  Column11("boolean", { default: false })
+], Form.prototype, "deleted", 2);
+__decorateClass([
+  Column11("int", { nullable: true })
+], Form.prototype, "createdBy", 2);
+__decorateClass([
+  Column11("int", { nullable: true })
+], Form.prototype, "updatedBy", 2);
+__decorateClass([
+  Column11("int", { nullable: true })
+], Form.prototype, "deletedBy", 2);
+__decorateClass([
+  OneToMany5(() => FormField, (f) => f.form)
+], Form.prototype, "fields", 2);
+__decorateClass([
+  OneToMany5(() => FormSubmission, (s) => s.form)
+], Form.prototype, "submissions", 2);
+Form = __decorateClass([
+  Entity11("forms")
+], Form);
+
+// src/entities/form-submission.entity.ts
+var FormSubmission = class {
+  id;
+  formId;
+  contactId;
+  data;
+  ipAddress;
+  userAgent;
+  createdAt;
+  updatedAt;
+  form;
+  contact;
+};
+__decorateClass([
+  PrimaryGeneratedColumn12()
+], FormSubmission.prototype, "id", 2);
+__decorateClass([
+  Column12("int")
+], FormSubmission.prototype, "formId", 2);
+__decorateClass([
+  Column12("int", { nullable: true })
+], FormSubmission.prototype, "contactId", 2);
+__decorateClass([
+  Column12("jsonb")
+], FormSubmission.prototype, "data", 2);
+__decorateClass([
+  Column12("varchar", { nullable: true })
+], FormSubmission.prototype, "ipAddress", 2);
+__decorateClass([
+  Column12("varchar", { nullable: true })
+], FormSubmission.prototype, "userAgent", 2);
+__decorateClass([
+  Column12({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], FormSubmission.prototype, "createdAt", 2);
+__decorateClass([
+  Column12({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], FormSubmission.prototype, "updatedAt", 2);
+__decorateClass([
+  ManyToOne6(() => Form, (f) => f.submissions, { onDelete: "CASCADE" }),
+  JoinColumn6({ name: "formId" })
+], FormSubmission.prototype, "form", 2);
+__decorateClass([
+  ManyToOne6(() => Contact, (c) => c.form_submissions, { onDelete: "SET NULL" }),
+  JoinColumn6({ name: "contactId" })
+], FormSubmission.prototype, "contact", 2);
+FormSubmission = __decorateClass([
+  Entity12("form_submissions")
+], FormSubmission);
+
+// src/entities/contact.entity.ts
+var Contact = class {
+  id;
+  name;
+  email;
+  phone;
+  createdAt;
+  updatedAt;
+  deletedAt;
+  deleted;
+  createdBy;
+  updatedBy;
+  deletedBy;
+  form_submissions;
+};
+__decorateClass([
+  PrimaryGeneratedColumn13()
+], Contact.prototype, "id", 2);
+__decorateClass([
+  Column13("varchar")
+], Contact.prototype, "name", 2);
+__decorateClass([
+  Column13("varchar", { unique: true })
+], Contact.prototype, "email", 2);
+__decorateClass([
+  Column13("varchar", { nullable: true })
+], Contact.prototype, "phone", 2);
+__decorateClass([
+  Column13({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], Contact.prototype, "createdAt", 2);
+__decorateClass([
+  Column13({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], Contact.prototype, "updatedAt", 2);
+__decorateClass([
+  Column13({ type: "timestamp", nullable: true })
+], Contact.prototype, "deletedAt", 2);
+__decorateClass([
+  Column13("boolean", { default: false })
+], Contact.prototype, "deleted", 2);
+__decorateClass([
+  Column13("int", { nullable: true })
+], Contact.prototype, "createdBy", 2);
+__decorateClass([
+  Column13("int", { nullable: true })
+], Contact.prototype, "updatedBy", 2);
+__decorateClass([
+  Column13("int", { nullable: true })
+], Contact.prototype, "deletedBy", 2);
+__decorateClass([
+  OneToMany6(() => FormSubmission, (fs) => fs.contact)
+], Contact.prototype, "form_submissions", 2);
+Contact = __decorateClass([
+  Entity13("contacts")
+], Contact);
+
+// src/entities/config.entity.ts
+import { Entity as Entity14, PrimaryGeneratedColumn as PrimaryGeneratedColumn14, Column as Column14, Unique } from "typeorm";
+var Config = class {
+  id;
+  settings;
+  key;
+  value;
+  type;
+  encrypted;
+  createdAt;
+  updatedAt;
+  deletedAt;
+  deleted;
+  createdBy;
+  updatedBy;
+  deletedBy;
+};
+__decorateClass([
+  PrimaryGeneratedColumn14()
+], Config.prototype, "id", 2);
+__decorateClass([
+  Column14("varchar")
+], Config.prototype, "settings", 2);
+__decorateClass([
+  Column14("varchar")
+], Config.prototype, "key", 2);
+__decorateClass([
+  Column14("varchar")
+], Config.prototype, "value", 2);
+__decorateClass([
+  Column14("varchar", { default: "private" })
+], Config.prototype, "type", 2);
+__decorateClass([
+  Column14("boolean", { default: false })
+], Config.prototype, "encrypted", 2);
+__decorateClass([
+  Column14({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], Config.prototype, "createdAt", 2);
+__decorateClass([
+  Column14({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], Config.prototype, "updatedAt", 2);
+__decorateClass([
+  Column14({ type: "timestamp", nullable: true })
+], Config.prototype, "deletedAt", 2);
+__decorateClass([
+  Column14("boolean", { default: false })
+], Config.prototype, "deleted", 2);
+__decorateClass([
+  Column14("int", { nullable: true })
+], Config.prototype, "createdBy", 2);
+__decorateClass([
+  Column14("int", { nullable: true })
+], Config.prototype, "updatedBy", 2);
+__decorateClass([
+  Column14("int", { nullable: true })
+], Config.prototype, "deletedBy", 2);
+Config = __decorateClass([
+  Entity14("configs"),
+  Unique(["settings", "key"])
+], Config);
+
+// src/entities/media.entity.ts
+import { Entity as Entity15, PrimaryGeneratedColumn as PrimaryGeneratedColumn15, Column as Column15 } from "typeorm";
+var Media = class {
+  id;
+  filename;
+  url;
+  mimeType;
+  size;
+  alt;
+  isPublic;
+  createdAt;
+  updatedAt;
+  deletedAt;
+  deleted;
+};
+__decorateClass([
+  PrimaryGeneratedColumn15()
+], Media.prototype, "id", 2);
+__decorateClass([
+  Column15("varchar")
+], Media.prototype, "filename", 2);
+__decorateClass([
+  Column15("varchar")
+], Media.prototype, "url", 2);
+__decorateClass([
+  Column15("varchar")
+], Media.prototype, "mimeType", 2);
+__decorateClass([
+  Column15("int", { default: 0 })
+], Media.prototype, "size", 2);
+__decorateClass([
+  Column15("varchar", { nullable: true })
+], Media.prototype, "alt", 2);
+__decorateClass([
+  Column15("boolean", { default: false })
+], Media.prototype, "isPublic", 2);
+__decorateClass([
+  Column15({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], Media.prototype, "createdAt", 2);
+__decorateClass([
+  Column15({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], Media.prototype, "updatedAt", 2);
+__decorateClass([
+  Column15({ type: "timestamp", nullable: true })
+], Media.prototype, "deletedAt", 2);
+__decorateClass([
+  Column15("boolean", { default: false })
+], Media.prototype, "deleted", 2);
+Media = __decorateClass([
+  Entity15("media")
+], Media);
+
+// src/entities/page.entity.ts
+import { Entity as Entity16, PrimaryGeneratedColumn as PrimaryGeneratedColumn16, Column as Column16, ManyToOne as ManyToOne7, JoinColumn as JoinColumn7 } from "typeorm";
+var Page = class {
+  id;
+  title;
+  slug;
+  content;
+  published;
+  theme;
+  parentId;
+  parent;
+  seoId;
+  seo;
+  createdAt;
+  updatedAt;
+  deletedAt;
+  deleted;
+  createdBy;
+  updatedBy;
+  deletedBy;
+};
+__decorateClass([
+  PrimaryGeneratedColumn16()
+], Page.prototype, "id", 2);
+__decorateClass([
+  Column16("varchar")
+], Page.prototype, "title", 2);
+__decorateClass([
+  Column16("varchar", { unique: true })
+], Page.prototype, "slug", 2);
+__decorateClass([
+  Column16({ type: "jsonb", default: {} })
+], Page.prototype, "content", 2);
+__decorateClass([
+  Column16("boolean", { default: false })
+], Page.prototype, "published", 2);
+__decorateClass([
+  Column16("varchar", { default: "default" })
+], Page.prototype, "theme", 2);
+__decorateClass([
+  Column16("int", { nullable: true })
+], Page.prototype, "parentId", 2);
+__decorateClass([
+  ManyToOne7(() => Page, { onDelete: "SET NULL" }),
+  JoinColumn7({ name: "parentId" })
+], Page.prototype, "parent", 2);
+__decorateClass([
+  Column16("int", { nullable: true })
+], Page.prototype, "seoId", 2);
+__decorateClass([
+  ManyToOne7(() => Seo, { onDelete: "SET NULL" }),
+  JoinColumn7({ name: "seoId" })
+], Page.prototype, "seo", 2);
+__decorateClass([
+  Column16({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], Page.prototype, "createdAt", 2);
+__decorateClass([
+  Column16({ type: "timestamp", default: () => "CURRENT_TIMESTAMP" })
+], Page.prototype, "updatedAt", 2);
+__decorateClass([
+  Column16({ type: "timestamp", nullable: true })
+], Page.prototype, "deletedAt", 2);
+__decorateClass([
+  Column16("boolean", { default: false })
+], Page.prototype, "deleted", 2);
+__decorateClass([
+  Column16("int", { nullable: true })
+], Page.prototype, "createdBy", 2);
+__decorateClass([
+  Column16("int", { nullable: true })
+], Page.prototype, "updatedBy", 2);
+__decorateClass([
+  Column16("int", { nullable: true })
+], Page.prototype, "deletedBy", 2);
+Page = __decorateClass([
+  Entity16("pages")
+], Page);
+
+// src/entities/index.ts
+var CMS_ENTITY_MAP = {
+  users: User,
+  password_reset_tokens: PasswordResetToken,
+  user_groups: UserGroup,
+  permissions: Permission,
+  blogs: Blog,
+  tags: Tag,
+  categories: Category,
+  comments: Comment,
+  contacts: Contact,
+  forms: Form,
+  form_fields: FormField,
+  form_submissions: FormSubmission,
+  seos: Seo,
+  configs: Config,
+  media: Media,
+  pages: Page
+};
+
+// src/auth/helpers.ts
+var OPEN_ENDPOINTS = [
+  { "/api/contacts": ["POST"] },
+  { "/api/form-submissions": ["POST"] },
+  { "/api/blogs": ["GET"] }
+];
+var PERMISSION_REQUIRED_ENDPOINTS = {};
+function isOpenEndpoint(pathname) {
+  return OPEN_ENDPOINTS.some((endpoint) => pathname.startsWith(Object.keys(endpoint)[0]));
+}
+function getRequiredPermission(pathname) {
+  return null;
+}
+function isPublicMethod(pathname, method) {
+  for (const endpoint of OPEN_ENDPOINTS) {
+    const key = Object.keys(endpoint)[0];
+    if (pathname.startsWith(key) && endpoint[key].includes(method)) return true;
+  }
+  return false;
+}
+function createAuthHelpers(getSession, NextResponse) {
+  return {
+    async requireAuth() {
+      const session = await getSession();
+      if (!session?.user?.email) {
+        return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+      }
+      return null;
+    },
+    async requirePermission() {
+      const session = await getSession();
+      if (!session?.user?.email) {
+        return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+      }
+      return null;
+    },
+    async getAuthenticatedUser() {
+      const session = await getSession();
+      return session?.user ?? null;
+    }
+  };
+}
+
+// src/auth/middleware.ts
+var defaultPublicApiMethods = {
+  "/api/contacts": ["POST"],
+  "/api/form-submissions": ["POST"],
+  "/api/blogs": ["GET"],
+  "/api/forms": ["GET"],
+  "/api/auth": ["GET", "POST"],
+  "/api/health": ["GET"],
+  "/api/users/forgot-password": ["POST"],
+  "/api/users/set-password": ["POST"],
+  "/api/users/invite": ["POST"]
+};
+function defaultGetSessionToken(request) {
+  return request.cookies.get("__Secure-next-auth.session-token")?.value ?? request.cookies.get("next-auth.session-token")?.value;
+}
+function isPublicMethod2(pathname, method, publicApiMethods) {
+  for (const [endpoint, methods] of Object.entries(publicApiMethods)) {
+    if (pathname.startsWith(endpoint) && methods.includes(method)) return true;
+  }
+  return false;
+}
+function createCmsMiddleware(config = {}) {
+  const {
+    publicAdminPaths = ["/admin/signin", "/admin/forgot-password", "/admin/reset-password", "/admin/invite"],
+    publicApiMethods = defaultPublicApiMethods,
+    signInPath = "/admin/signin",
+    getSessionToken = defaultGetSessionToken
+  } = config;
+  return function cmsMiddleware(request) {
+    const pathname = request.nextUrl.pathname;
+    const method = request.method;
+    if (publicAdminPaths.some((p) => pathname === p || pathname.startsWith(p + "/"))) {
+      return { type: "next" };
+    }
+    if (pathname.startsWith("/admin")) {
+      const token = getSessionToken(request);
+      if (!token) {
+        return { type: "redirect", url: new URL(signInPath, request.url).toString() };
+      }
+    }
+    if (pathname.startsWith("/api")) {
+      if (isPublicMethod2(pathname, method, publicApiMethods)) {
+        return { type: "next" };
+      }
+      const token = getSessionToken(request);
+      if (!token) {
+        return { type: "json", status: 401, body: { error: "Unauthorized" } };
+      }
+    }
+    return { type: "next" };
+  };
+}
+
+// src/auth/nextauth-options.ts
+import _CredentialsProvider from "next-auth/providers/credentials";
+var CredentialsProvider = _CredentialsProvider.default ?? _CredentialsProvider;
+function getNextAuthOptions(config) {
+  const { getUserByEmail, comparePassword, signInPage = "/admin/signin", secret, extend } = config;
+  const options = {
+    secret: secret ?? process.env.NEXTAUTH_SECRET,
+    providers: [
+      CredentialsProvider({
+        name: "credentials",
+        credentials: {
+          email: { label: "Email", type: "email" },
+          password: { label: "Password", type: "password" }
+        },
+        async authorize(credentials) {
+          if (!credentials?.email || !credentials?.password) return null;
+          try {
+            const user = await getUserByEmail(credentials.email);
+            if (!user || user.blocked || user.deleted || !user.password) return null;
+            const valid = await comparePassword(credentials.password, user.password);
+            if (!valid) return null;
+            return {
+              id: user.id.toString(),
+              email: user.email,
+              name: user.name,
+              groupId: user.groupId ?? void 0,
+              permissions: ["admin"]
+            };
+          } catch {
+            return null;
+          }
+        }
+      })
+    ],
+    session: { strategy: "jwt" },
+    pages: { signIn: signInPage },
+    cookies: process.env.NODE_ENV === "production" ? {
+      sessionToken: {
+        name: "__Secure-next-auth.session-token",
+        options: { httpOnly: true, sameSite: "lax", path: "/", secure: true }
+      }
+    } : {
+      sessionToken: {
+        name: "next-auth.session-token",
+        options: {
+          httpOnly: true,
+          sameSite: "lax",
+          path: "/",
+          secure: process.env.NEXTAUTH_URL?.startsWith("https") ?? false
+        }
+      }
+    },
+    callbacks: {
+      async jwt({ token, user }) {
+        if (user) {
+          token.id = user.id;
+          token.groupId = user.groupId;
+          token.permissions = user.permissions;
+        }
+        return token;
+      },
+      async session({ session, token }) {
+        if (session.user) {
+          session.user.id = token.id;
+          session.user.groupId = token.groupId;
+          session.user.permissions = token.permissions;
+        }
+        return session;
+      }
+    }
+  };
+  return extend ? extend(options) : options;
+}
+
+// src/api/crud.ts
+import { ILike, Like } from "typeorm";
+var DATE_COLUMN_TYPES = /* @__PURE__ */ new Set([
+  "date",
+  "datetime",
+  "datetime2",
+  "timestamp",
+  "timestamptz",
+  "timetz",
+  "smalldatetime",
+  "timestamp with time zone",
+  "timestamp without time zone"
+]);
+var TIMESTAMP_PROP_NAMES = /* @__PURE__ */ new Set(["createdAt", "updatedAt", "deletedAt"]);
+function isInvalidDateValue(v) {
+  if (v === "" || v == null) return true;
+  if (typeof v === "string") return isNaN(Date.parse(v)) || /NaN|Invalid/i.test(v);
+  if (v instanceof Date) return isNaN(v.getTime());
+  return false;
+}
+function sanitizeBodyForEntity(repo, body) {
+  const meta = repo.metadata;
+  for (const col of meta.columns) {
+    if (!(col.propertyName in body)) continue;
+    const v = body[col.propertyName];
+    const t = typeof col.type === "string" ? col.type : col.type?.name ?? "";
+    const isBoolean = t === "boolean" || t === "bool" || col.type === Boolean;
+    const isNumber = ["int", "integer", "int2", "int4", "int8", "smallint", "bigint", "number", "Number"].includes(t) || col.type === Number;
+    const isDate = DATE_COLUMN_TYPES.has(t) || col.type === Date || TIMESTAMP_PROP_NAMES.has(col.propertyName);
+    if (v === "" && (isBoolean || isNumber)) {
+      delete body[col.propertyName];
+    } else if (isDate && isInvalidDateValue(v)) {
+      delete body[col.propertyName];
+    }
+  }
+}
+function createCrudHandler(dataSource, entityMap, options) {
+  const { requireAuth, json } = options;
+  return {
+    async GET(req, resource) {
+      const authError = await requireAuth(req);
+      if (authError) return authError;
+      const entity = entityMap[resource];
+      if (!resource || !entity) {
+        return json({ error: "Invalid resource" }, { status: 400 });
+      }
+      const repo = dataSource.getRepository(entity);
+      const { searchParams } = new URL(req.url);
+      const page = Number(searchParams.get("page")) || 1;
+      const limit = Number(searchParams.get("limit")) || 10;
+      const skip = (page - 1) * limit;
+      const sortField = searchParams.get("sortField") || "createdAt";
+      const sortOrder = searchParams.get("sortOrder") === "desc" ? "DESC" : "ASC";
+      const search = searchParams.get("search");
+      const typeFilter = searchParams.get("type");
+      let where = {};
+      if (resource === "media") {
+        const mediaWhere = {};
+        if (search) mediaWhere.filename = ILike(`%${search}%`);
+        if (typeFilter) mediaWhere.mimeType = Like(`${typeFilter}/%`);
+        where = Object.keys(mediaWhere).length > 0 ? mediaWhere : {};
+      } else if (search) {
+        where = [{ name: ILike(`%${search}%`) }, { title: ILike(`%${search}%`) }];
+      }
+      const [data, total] = await repo.findAndCount({
+        skip,
+        take: limit,
+        order: { [sortField]: sortOrder },
+        where
+      });
+      return json({ total, page, limit, totalPages: Math.ceil(total / limit), data });
+    },
+    async POST(req, resource) {
+      const authError = await requireAuth(req);
+      if (authError) return authError;
+      const entity = entityMap[resource];
+      if (!resource || !entity) {
+        return json({ error: "Invalid resource" }, { status: 400 });
+      }
+      const body = await req.json();
+      if (!body || typeof body !== "object" || Object.keys(body).length === 0) {
+        return json({ error: "Invalid request payload" }, { status: 400 });
+      }
+      const repo = dataSource.getRepository(entity);
+      sanitizeBodyForEntity(repo, body);
+      const created = await repo.save(repo.create(body));
+      return json(created, { status: 201 });
+    }
+  };
+}
+function createCrudByIdHandler(dataSource, entityMap, options) {
+  const { requireAuth, json } = options;
+  return {
+    async GET(req, resource, id) {
+      const authError = await requireAuth(req);
+      if (authError) return authError;
+      const entity = entityMap[resource];
+      if (!entity) return json({ error: "Invalid resource" }, { status: 400 });
+      const repo = dataSource.getRepository(entity);
+      const item = await repo.findOne({ where: { id: Number(id) } });
+      return item ? json(item) : json({ message: "Not found" }, { status: 404 });
+    },
+    async PUT(req, resource, id) {
+      const authError = await requireAuth(req);
+      if (authError) return authError;
+      const entity = entityMap[resource];
+      if (!entity) return json({ error: "Invalid resource" }, { status: 400 });
+      const body = await req.json();
+      const repo = dataSource.getRepository(entity);
+      if (body && typeof body === "object") sanitizeBodyForEntity(repo, body);
+      await repo.update(Number(id), body);
+      const updated = await repo.findOne({ where: { id: Number(id) } });
+      return updated ? json(updated) : json({ message: "Not found" }, { status: 404 });
+    },
+    async DELETE(req, resource, id) {
+      const authError = await requireAuth(req);
+      if (authError) return authError;
+      const entity = entityMap[resource];
+      if (!entity) return json({ error: "Invalid resource" }, { status: 400 });
+      const repo = dataSource.getRepository(entity);
+      const result = await repo.delete(Number(id));
+      if (result.affected === 0) return json({ message: "Not found" }, { status: 404 });
+      return json({ message: "Deleted successfully" }, { status: 200 });
+    }
+  };
+}
+
+// src/api/auth-handlers.ts
+function createForgotPasswordHandler(config) {
+  const { dataSource, entityMap, json, baseUrl, sendEmail, resetExpiryHours = 1, afterCreateToken } = config;
+  return async function POST(request) {
+    try {
+      const body = await request.json().catch(() => ({}));
+      const email = typeof body?.email === "string" ? body.email.trim().toLowerCase() : "";
+      if (!email) return json({ error: "Email is required" }, { status: 400 });
+      const userRepo = dataSource.getRepository(entityMap.users);
+      const user = await userRepo.findOne({ where: { email }, select: ["email"] });
+      const msg = "If an account exists with this email, you will receive a reset link shortly.";
+      if (!user) return json({ message: msg }, { status: 200 });
+      const crypto = await import("crypto");
+      const token = crypto.randomBytes(32).toString("hex");
+      const expiresAt = new Date(Date.now() + resetExpiryHours * 60 * 60 * 1e3);
+      const tokenRepo = dataSource.getRepository(entityMap.password_reset_tokens);
+      await tokenRepo.save(tokenRepo.create({ email: user.email, token, expiresAt }));
+      const resetLink = `${baseUrl}/admin/reset-password?token=${token}`;
+      if (sendEmail) await sendEmail({ to: user.email, subject: "Password reset", html: `<a href="${resetLink}">Reset password</a>`, text: resetLink });
+      if (afterCreateToken) await afterCreateToken(user.email, resetLink);
+      return json({ message: msg }, { status: 200 });
+    } catch (err) {
+      return json({ error: "Something went wrong. Please try again." }, { status: 500 });
+    }
+  };
+}
+function createSetPasswordHandler(config) {
+  const { dataSource, entityMap, json, hashPassword, minPasswordLength = 6, beforeUpdate } = config;
+  return async function POST(request) {
+    try {
+      const body = await request.json().catch(() => ({}));
+      const { token, newPassword } = body;
+      if (!token || !newPassword) return json({ error: "Token and new password are required" }, { status: 400 });
+      if (newPassword.length < minPasswordLength) return json({ error: "Password must be at least 6 characters" }, { status: 400 });
+      const tokenRepo = dataSource.getRepository(entityMap.password_reset_tokens);
+      const record = await tokenRepo.findOne({ where: { token } });
+      if (!record || record.expiresAt < /* @__PURE__ */ new Date()) return json({ error: "Invalid or expired reset link. Please request a new one." }, { status: 400 });
+      const userRepo = dataSource.getRepository(entityMap.users);
+      const user = await userRepo.findOne({ where: { email: record.email }, select: ["id"] });
+      if (!user) return json({ error: "User not found" }, { status: 400 });
+      if (beforeUpdate) await beforeUpdate(record.email, user.id);
+      const hashedPassword = await hashPassword(newPassword);
+      await userRepo.update(user.id, { password: hashedPassword, updatedAt: /* @__PURE__ */ new Date() });
+      await tokenRepo.delete({ email: record.email });
+      return json({ message: "Password updated successfully. You can now sign in." });
+    } catch {
+      return json({ error: "Something went wrong. Please try again." }, { status: 500 });
+    }
+  };
+}
+function createInviteAcceptHandler(config) {
+  const { dataSource, entityMap, json, hashPassword, beforeActivate } = config;
+  return async function POST(request) {
+    try {
+      const body = await request.json().catch(() => ({}));
+      const { token, password } = body;
+      if (!token || !password) return json({ error: "Missing required fields: token, password" }, { status: 400 });
+      let email;
+      try {
+        email = Buffer.from(token, "base64").toString("utf8");
+      } catch {
+        return json({ error: "Invalid or expired invite token" }, { status: 400 });
+      }
+      const userRepo = dataSource.getRepository(entityMap.users);
+      const user = await userRepo.findOne({ where: { email }, select: ["id", "blocked"] });
+      if (!user) return json({ error: "User not found" }, { status: 400 });
+      if (!user.blocked) return json({ error: "User is already active" }, { status: 400 });
+      if (beforeActivate) await beforeActivate(email, user.id);
+      const hashedPassword = await hashPassword(password);
+      await userRepo.update(user.id, { password: hashedPassword, blocked: false });
+      return json({ message: "User account activated successfully" }, { status: 200 });
+    } catch (err) {
+      return json({ error: "Server Error" }, { status: 500 });
+    }
+  };
+}
+function createChangePasswordHandler(config) {
+  const { dataSource, entityMap, json, comparePassword, hashPassword, getSession, minPasswordLength = 6, beforeUpdate } = config;
+  return async function POST(request) {
+    try {
+      const session = await getSession();
+      if (!session?.user?.email) return json({ error: "Unauthorized" }, { status: 401 });
+      const body = await request.json().catch(() => ({}));
+      const { currentPassword, newPassword } = body;
+      if (!currentPassword || !newPassword) return json({ error: "Current password and new password are required" }, { status: 400 });
+      if (newPassword.length < minPasswordLength) return json({ error: "New password must be at least 6 characters long" }, { status: 400 });
+      const userRepo = dataSource.getRepository(entityMap.users);
+      const user = await userRepo.findOne({ where: { email: session.user.email }, select: ["password"] });
+      if (!user) return json({ error: "User not found" }, { status: 404 });
+      if (!user.password) return json({ error: "Current password is incorrect" }, { status: 400 });
+      const valid = await comparePassword(currentPassword, user.password);
+      if (!valid) return json({ error: "Current password is incorrect" }, { status: 400 });
+      if (beforeUpdate) await beforeUpdate(session.user.email);
+      const hashedPassword = await hashPassword(newPassword);
+      await userRepo.update({ email: session.user.email }, { password: hashedPassword, updatedAt: /* @__PURE__ */ new Date() });
+      return json({ message: "Password updated successfully" });
+    } catch {
+      return json({ error: "Internal server error" }, { status: 500 });
+    }
+  };
+}
+var USER_AUTH_PATHS = ["forgot-password", "invite", "set-password", "reset-password"];
+function createUserAuthApiRouter(config) {
+  const forgot = createForgotPasswordHandler(config);
+  const setPass = createSetPasswordHandler(config);
+  const invite = createInviteAcceptHandler(config);
+  const changePass = config.getSession ? createChangePasswordHandler({
+    ...config,
+    getSession: config.getSession,
+    beforeUpdate: config.beforeChangePasswordUpdate
+  }) : null;
+  return {
+    async POST(req, pathname) {
+      const path = pathname.replace(/\/$/, "");
+      if (!USER_AUTH_PATHS.includes(path)) {
+        return config.json({ error: "Not found" }, { status: 404 });
+      }
+      if (path === "forgot-password") return forgot(req);
+      if (path === "set-password") return setPass(req);
+      if (path === "invite") return invite(req);
+      if (path === "reset-password" && changePass) return changePass(req);
+      return config.json({ error: "Not found" }, { status: 404 });
+    }
+  };
+}
+
+// src/api/cms-handlers.ts
+import { MoreThanOrEqual, ILike as ILike2 } from "typeorm";
+function createDashboardStatsHandler(config) {
+  const { dataSource, entityMap, json, requireAuth, requirePermission } = config;
+  return async function GET(req) {
+    const authErr = await requireAuth(req);
+    if (authErr) return authErr;
+    if (requirePermission) {
+      const permErr = await requirePermission(req, "view_dashboard");
+      if (permErr) return permErr;
+    }
+    try {
+      const sevenDaysAgo = new Date(Date.now() - 7 * 24 * 60 * 60 * 1e3);
+      const repo = (name) => entityMap[name] ? dataSource.getRepository(entityMap[name]) : void 0;
+      const [contactsCount, formsCount, formSubmissionsCount, usersCount, blogsCount, recentContacts, recentSubmissions] = await Promise.all([
+        repo("contacts")?.count() ?? 0,
+        repo("forms")?.count({ where: { deleted: false } }) ?? 0,
+        repo("form_submissions")?.count() ?? 0,
+        repo("users")?.count({ where: { deleted: false } }) ?? 0,
+        repo("blogs")?.count({ where: { deleted: false } }) ?? 0,
+        repo("contacts")?.count({ where: { createdAt: MoreThanOrEqual(sevenDaysAgo) } }) ?? 0,
+        repo("form_submissions")?.count({ where: { createdAt: MoreThanOrEqual(sevenDaysAgo) } }) ?? 0
+      ]);
+      return json({
+        contacts: { total: contactsCount, recent: recentContacts },
+        forms: { total: formsCount, submissions: formSubmissionsCount, recentSubmissions },
+        users: usersCount,
+        blogs: blogsCount
+      });
+    } catch (err) {
+      return json({ error: "Failed to fetch dashboard stats" }, { status: 500 });
+    }
+  };
+}
+function createAnalyticsHandlers(config) {
+  const { json, getAnalyticsData, getPropertyId, getPermissions } = config;
+  return {
+    async GET(req) {
+      if (!getAnalyticsData) return json({ error: "Analytics not configured" }, { status: 404 });
+      try {
+        const url = new URL(req.url);
+        const days = parseInt(url.searchParams.get("days") || "30", 10);
+        const data = await getAnalyticsData(days);
+        return json(data);
+      } catch (err) {
+        const msg = err instanceof Error ? err.message : "";
+        if (msg.includes("authentication credential")) return json({ error: "Google Analytics authentication failed." }, { status: 401 });
+        if (msg.includes("sufficient permissions")) return json({ error: "Service account does not have access." }, { status: 403 });
+        return json({ error: "Failed to fetch analytics data" }, { status: 500 });
+      }
+    },
+    propertyId: async () => {
+      const payload = getPropertyId ? getPropertyId() : { currentViewId: process.env.GOOGLE_ANALYTICS_VIEW_ID };
+      return json({ message: "Property ID Information", ...payload });
+    },
+    permissions: async () => {
+      const payload = getPermissions ? getPermissions() : {
+        serviceAccountEmail: process.env.GOOGLE_ANALYTICS_CLIENT_EMAIL,
+        currentViewId: process.env.GOOGLE_ANALYTICS_VIEW_ID
+      };
+      return json({ message: "Permission Troubleshooting Guide", ...payload });
+    }
+  };
+}
+function createUploadHandler(config) {
+  const { json, requireAuth, storage, localUploadDir = "public/uploads", allowedTypes, maxSizeBytes = 10 * 1024 * 1024 } = config;
+  const allowed = allowedTypes ?? ["image/jpeg", "image/png", "image/gif", "image/webp", "application/pdf", "text/plain"];
+  return async function POST(req) {
+    const authErr = await requireAuth(req);
+    if (authErr) return authErr;
+    try {
+      const formData = await req.formData();
+      const file = formData.get("file");
+      if (!file) return json({ error: "No file uploaded" }, { status: 400 });
+      if (!allowed.includes(file.type)) return json({ error: "File type not allowed" }, { status: 400 });
+      if (file.size > maxSizeBytes) return json({ error: "File size exceeds limit" }, { status: 400 });
+      const buffer = Buffer.from(await file.arrayBuffer());
+      const fileName = `${Date.now()}-${file.name}`;
+      const contentType = file.type || "application/octet-stream";
+      const raw = typeof storage === "function" ? storage() : storage;
+      const storageService = raw instanceof Promise ? await raw : raw;
+      if (storageService) {
+        const fileUrl = await storageService.upload(buffer, `uploads/${fileName}`, contentType);
+        return json({ filePath: fileUrl });
+      }
+      const fs = await import("fs/promises");
+      const path = await import("path");
+      const dir = path.join(process.cwd(), localUploadDir);
+      await fs.mkdir(dir, { recursive: true });
+      const filePath = path.join(dir, fileName);
+      await fs.writeFile(filePath, buffer);
+      return json({ filePath: `/${localUploadDir.replace(/^\/+/, "").replace(/\\/g, "/")}/${fileName}` });
+    } catch (err) {
+      return json({ error: "File upload failed" }, { status: 500 });
+    }
+  };
+}
+function createBlogBySlugHandler(config) {
+  const { dataSource, entityMap, json } = config;
+  return async function GET(_req, slug) {
+    try {
+      const blogRepo = dataSource.getRepository(entityMap.blogs);
+      const blog = await blogRepo.findOne({
+        where: { slug, published: true },
+        relations: ["author", "category", "tags", "seo"]
+      });
+      if (!blog) return json({ error: "Blog not found" }, { status: 404 });
+      return json(blog);
+    } catch {
+      return json({ error: "Server Error" }, { status: 500 });
+    }
+  };
+}
+function createFormBySlugHandler(config) {
+  const { dataSource, entityMap, json } = config;
+  return async function GET(_req, slug) {
+    try {
+      const formRepo = dataSource.getRepository(entityMap.forms);
+      const form = await formRepo.findOne({
+        where: { slug, published: true, deleted: false },
+        relations: ["fields"],
+        order: { fields: { order: "ASC" } }
+      });
+      if (!form) return json({ error: "Form not found" }, { status: 404 });
+      const out = form;
+      if (Array.isArray(out.fields)) out.fields = out.fields.filter((f) => !f.deleted);
+      return json(form);
+    } catch {
+      return json({ error: "Server Error" }, { status: 500 });
+    }
+  };
+}
+function normalizeFieldRow(f, formId) {
+  const order = typeof f.order === "number" ? f.order : Number(f.order) || 0;
+  const groupId = typeof f.groupId === "number" ? f.groupId : Number(f.groupId) || 1;
+  const columnWidth = typeof f.columnWidth === "number" ? f.columnWidth : Number(f.columnWidth) || 12;
+  return {
+    formId,
+    label: f.label != null ? String(f.label) : "",
+    type: f.type != null ? String(f.type) : "text",
+    placeholder: f.placeholder != null ? String(f.placeholder) : null,
+    options: f.options != null ? typeof f.options === "string" ? f.options : JSON.stringify(f.options) : null,
+    required: Boolean(f.required),
+    validation: f.validation != null ? typeof f.validation === "string" ? f.validation : JSON.stringify(f.validation) : null,
+    order,
+    groupId,
+    columnWidth
+  };
+}
+function createFormSaveHandlers(config) {
+  const { dataSource, entityMap, json, requireAuth } = config;
+  const formRepo = () => dataSource.getRepository(entityMap.forms);
+  const fieldRepo = () => dataSource.getRepository(entityMap.form_fields);
+  return {
+    async GET(req, id) {
+      const authErr = await requireAuth(req);
+      if (authErr) return authErr;
+      try {
+        const formId = Number(id);
+        if (!Number.isInteger(formId) || formId <= 0) return json({ error: "Invalid form id" }, { status: 400 });
+        const form = await formRepo().findOne({
+          where: { id: formId },
+          relations: ["fields"],
+          order: { fields: { order: "ASC" } }
+        });
+        if (!form) return json({ message: "Not found" }, { status: 404 });
+        const out = form;
+        if (Array.isArray(out.fields)) out.fields = out.fields.filter((f) => !f.deleted);
+        return json(form);
+      } catch {
+        return json({ error: "Server Error" }, { status: 500 });
+      }
+    },
+    async POST(req) {
+      const authErr = await requireAuth(req);
+      if (authErr) return authErr;
+      try {
+        const body = await req.json();
+        if (!body || typeof body !== "object") return json({ error: "Invalid request payload" }, { status: 400 });
+        const fields = Array.isArray(body.fields) ? body.fields : [];
+        const { fields: _f, ...formRow } = body;
+        const form = await formRepo().save(formRepo().create(formRow));
+        for (let i = 0; i < fields.length; i++) {
+          const row = normalizeFieldRow(fields[i], form.id);
+          row.order = i + 1;
+          await fieldRepo().save(fieldRepo().create(row));
+        }
+        const saved = await formRepo().findOne({ where: { id: form.id }, relations: ["fields"], order: { fields: { order: "ASC" } } });
+        return json(saved ?? form, { status: 201 });
+      } catch (e) {
+        return json({ error: "Server Error" }, { status: 500 });
+      }
+    },
+    async PUT(req, id) {
+      const authErr = await requireAuth(req);
+      if (authErr) return authErr;
+      try {
+        const formId = Number(id);
+        if (!Number.isInteger(formId) || formId <= 0) return json({ error: "Invalid form id" }, { status: 400 });
+        const body = await req.json();
+        if (!body || typeof body !== "object") return json({ error: "Invalid request payload" }, { status: 400 });
+        const existing = await formRepo().findOne({ where: { id: formId } });
+        if (!existing) return json({ message: "Not found" }, { status: 404 });
+        const fields = Array.isArray(body.fields) ? body.fields : [];
+        const formRow = {};
+        for (const key of ["name", "description", "campaign", "slug", "published"]) {
+          if (body[key] !== void 0) formRow[key] = body[key];
+        }
+        if (Object.keys(formRow).length > 0) await formRepo().update(formId, formRow);
+        await fieldRepo().delete({ formId });
+        for (let i = 0; i < fields.length; i++) {
+          const row = normalizeFieldRow(fields[i], formId);
+          row.order = i + 1;
+          await fieldRepo().save(fieldRepo().create(row));
+        }
+        const saved = await formRepo().findOne({ where: { id: formId }, relations: ["fields"], order: { fields: { order: "ASC" } } });
+        return saved ? json(saved) : json({ message: "Not found" }, { status: 404 });
+      } catch (e) {
+        return json({ error: "Server Error" }, { status: 500 });
+      }
+    }
+  };
+}
+function createFormSubmissionGetByIdHandler(config) {
+  const { dataSource, entityMap, json, requireAuth } = config;
+  return async function GET(req, id) {
+    const authErr = await requireAuth(req);
+    if (authErr) return authErr;
+    try {
+      const submissionId = Number(id);
+      if (!Number.isInteger(submissionId) || submissionId <= 0) return json({ error: "Invalid id" }, { status: 400 });
+      const repo = dataSource.getRepository(entityMap.form_submissions);
+      const submission = await repo.findOne({
+        where: { id: submissionId },
+        relations: ["form", "contact"]
+      });
+      if (!submission) return json({ message: "Not found" }, { status: 404 });
+      const form = submission;
+      if (form.form?.id) {
+        const formRepo = dataSource.getRepository(entityMap.forms);
+        const formWithFields = await formRepo.findOne({
+          where: { id: form.form.id },
+          relations: ["fields"],
+          order: { fields: { order: "ASC" } }
+        });
+        if (formWithFields) submission.form = formWithFields;
+      }
+      return json(submission);
+    } catch {
+      return json({ error: "Server Error" }, { status: 500 });
+    }
+  };
+}
+function createFormSubmissionListHandler(config) {
+  const { dataSource, entityMap, json, requireAuth } = config;
+  return async function GET(req) {
+    const authErr = await requireAuth(req);
+    if (authErr) return authErr;
+    try {
+      const repo = dataSource.getRepository(entityMap.form_submissions);
+      const { searchParams } = new URL(req.url);
+      const page = Number(searchParams.get("page")) || 1;
+      const limit = Math.min(100, Number(searchParams.get("limit")) || 10);
+      const skip = (page - 1) * limit;
+      const sortField = searchParams.get("sortField") || "createdAt";
+      const sortOrder = searchParams.get("sortOrder") === "desc" ? "DESC" : "ASC";
+      const [data, total] = await repo.findAndCount({
+        skip,
+        take: limit,
+        order: { [sortField]: sortOrder },
+        relations: ["form", "contact"]
+      });
+      return json({ total, page, limit, totalPages: Math.ceil(total / limit), data });
+    } catch {
+      return json({ error: "Server Error" }, { status: 500 });
+    }
+  };
+}
+function pickContactFromSubmission(fields, data) {
+  let email = null;
+  let name = null;
+  let phone = null;
+  for (const f of fields) {
+    const val = data[String(f.id)];
+    if (val == null || val === "") continue;
+    const str = String(val).trim();
+    if (f.type === "email" || f.label && f.label.toLowerCase().includes("email")) {
+      if (str && !email) email = str;
+    } else if (f.type === "phone" || f.label && f.label.toLowerCase().includes("phone")) {
+      if (str && !phone) phone = str;
+    } else if (f.label && f.label.toLowerCase().includes("name") && (f.type === "text" || !f.type)) {
+      if (str && !name) name = str;
+    }
+  }
+  if (!email) return null;
+  return { name: name || email, email, phone: phone || null };
+}
+function createFormSubmissionHandler(config) {
+  const { dataSource, entityMap, json } = config;
+  return async function POST(req) {
+    try {
+      const body = await req.json();
+      if (!body || typeof body !== "object") {
+        return json({ error: "Invalid request payload" }, { status: 400 });
+      }
+      const formId = typeof body.formId === "number" ? body.formId : Number(body.formId);
+      if (!Number.isInteger(formId) || formId <= 0) {
+        return json({ error: "formId is required and must be a positive integer" }, { status: 400 });
+      }
+      const data = body.data;
+      if (!data || typeof data !== "object" || Array.isArray(data)) {
+        return json({ error: "data is required and must be an object" }, { status: 400 });
+      }
+      const formRepo = dataSource.getRepository(entityMap.forms);
+      const form = await formRepo.findOne({
+        where: { id: formId, published: true, deleted: false },
+        relations: ["fields"]
+      });
+      if (!form) {
+        return json({ error: "Form not found" }, { status: 404 });
+      }
+      const fields = form.fields ?? [];
+      const activeFields = fields.filter((f) => !f.deleted);
+      let contactId = body.contactId != null && body.contactId !== "" ? typeof body.contactId === "number" ? body.contactId : Number(body.contactId) : null;
+      if (!contactId) {
+        const contactData = pickContactFromSubmission(activeFields, data);
+        if (contactData) {
+          const contactRepo = dataSource.getRepository(entityMap.contacts);
+          let contact = await contactRepo.findOne({ where: { email: contactData.email } });
+          if (!contact) {
+            contact = await contactRepo.save(
+              contactRepo.create({
+                name: contactData.name,
+                email: contactData.email,
+                phone: contactData.phone
+              })
+            );
+          }
+          contactId = contact.id;
+        }
+      }
+      const ipAddress = req.headers.get("x-forwarded-for") ?? req.headers.get("x-real-ip") ?? null;
+      const userAgent = req.headers.get("user-agent") ?? null;
+      const submissionRepo = dataSource.getRepository(entityMap.form_submissions);
+      const created = await submissionRepo.save(
+        submissionRepo.create({
+          formId,
+          contactId: Number.isInteger(contactId) ? contactId : null,
+          data,
+          ipAddress: ipAddress?.slice(0, 255) ?? null,
+          userAgent: userAgent?.slice(0, 500) ?? null
+        })
+      );
+      return json(created, { status: 201 });
+    } catch {
+      return json({ error: "Server Error" }, { status: 500 });
+    }
+  };
+}
+function createUsersApiHandlers(config) {
+  const { dataSource, entityMap, json, requireAuth, baseUrl } = config;
+  const userRepo = () => dataSource.getRepository(entityMap.users);
+  return {
+    async list(req) {
+      const authErr = await requireAuth(req);
+      if (authErr) return authErr;
+      try {
+        const url = new URL(req.url);
+        const page = Math.max(1, parseInt(url.searchParams.get("page") || "1", 10));
+        const limit = Math.min(100, parseInt(url.searchParams.get("limit") || "10", 10));
+        const skip = (page - 1) * limit;
+        const sortField = url.searchParams.get("sortField") || "createdAt";
+        const sortOrder = url.searchParams.get("sortOrder") === "desc" ? "DESC" : "ASC";
+        const search = url.searchParams.get("search");
+        const where = search ? [{ name: ILike2(`%${search}%`) }, { email: ILike2(`%${search}%`) }] : {};
+        const [data, total] = await userRepo().findAndCount({
+          skip,
+          take: limit,
+          order: { [sortField]: sortOrder },
+          where,
+          relations: ["group"],
+          select: ["id", "name", "email", "blocked", "createdAt", "updatedAt", "groupId"]
+        });
+        return json({ total, page, limit, totalPages: Math.ceil(total / limit), data });
+      } catch {
+        return json({ error: "Server Error" }, { status: 500 });
+      }
+    },
+    async create(req) {
+      const authErr = await requireAuth(req);
+      if (authErr) return authErr;
+      try {
+        const body = await req.json();
+        if (!body?.name || !body?.email) return json({ error: "Name and email are required" }, { status: 400 });
+        const existing = await userRepo().findOne({ where: { email: body.email } });
+        if (existing) return json({ error: "User with this email already exists" }, { status: 400 });
+        const newUser = await userRepo().save(
+          userRepo().create({ name: body.name, email: body.email, password: null, blocked: true, groupId: body.groupId ?? null })
+        );
+        const emailToken = Buffer.from(newUser.email).toString("base64");
+        const inviteLink = `${baseUrl}/admin/invite?token=${emailToken}`;
+        return json({ message: "User created successfully (blocked until password is set)", user: newUser, inviteLink }, { status: 201 });
+      } catch {
+        return json({ error: "Server Error" }, { status: 500 });
+      }
+    },
+    async getById(_req, id) {
+      const authErr = await requireAuth(new Request(_req.url));
+      if (authErr) return authErr;
+      try {
+        const user = await userRepo().findOne({
+          where: { id: parseInt(id, 10) },
+          relations: ["group"],
+          select: ["id", "name", "email", "blocked", "createdAt", "updatedAt", "groupId"]
+        });
+        if (!user) return json({ error: "User not found" }, { status: 404 });
+        return json(user);
+      } catch {
+        return json({ error: "Server Error" }, { status: 500 });
+      }
+    },
+    async update(req, id) {
+      const authErr = await requireAuth(req);
+      if (authErr) return authErr;
+      try {
+        const body = await req.json();
+        const { password: _p, ...safe } = body;
+        await userRepo().update(parseInt(id, 10), safe);
+        const updated = await userRepo().findOne({
+          where: { id: parseInt(id, 10) },
+          relations: ["group"],
+          select: ["id", "name", "email", "blocked", "createdAt", "updatedAt", "groupId"]
+        });
+        return updated ? json(updated) : json({ error: "Not found" }, { status: 404 });
+      } catch {
+        return json({ error: "Server Error" }, { status: 500 });
+      }
+    },
+    async delete(_req, id) {
+      const authErr = await requireAuth(new Request(_req.url));
+      if (authErr) return authErr;
+      try {
+        const r = await userRepo().delete(parseInt(id, 10));
+        if (r.affected === 0) return json({ error: "User not found" }, { status: 404 });
+        return json({ message: "User deleted successfully" });
+      } catch {
+        return json({ error: "Server Error" }, { status: 500 });
+      }
+    },
+    async regenerateInvite(_req, id) {
+      const authErr = await requireAuth(new Request(_req.url));
+      if (authErr) return authErr;
+      try {
+        const user = await userRepo().findOne({ where: { id: parseInt(id, 10) }, select: ["email"] });
+        if (!user) return json({ error: "User not found" }, { status: 404 });
+        const emailToken = Buffer.from(user.email).toString("base64");
+        const inviteLink = `${baseUrl}/admin/invite?token=${emailToken}`;
+        return json({ message: "New invite link generated successfully", inviteLink });
+      } catch {
+        return json({ error: "Server Error" }, { status: 500 });
+      }
+    }
+  };
+}
+function createUserAvatarHandler(config) {
+  const { json, getSession, saveAvatar } = config;
+  return async function POST(req) {
+    const session = await getSession();
+    if (!session?.user?.email) return json({ error: "Unauthorized" }, { status: 401 });
+    try {
+      const formData = await req.formData();
+      const file = formData.get("avatar");
+      if (!file) return json({ error: "No file uploaded" }, { status: 400 });
+      if (!file.type.startsWith("image/")) return json({ error: "File must be an image" }, { status: 400 });
+      if (file.size > 5 * 1024 * 1024) return json({ error: "File size must be less than 5MB" }, { status: 400 });
+      const buffer = Buffer.from(await file.arrayBuffer());
+      const ext = file.name.split(".").pop() || "jpg";
+      const fileName = `avatar_${session.user.email}_${Date.now()}.${ext}`;
+      const avatarUrl = saveAvatar ? await saveAvatar(buffer, fileName) : await (async () => {
+        const fs = await import("fs/promises");
+        const path = await import("path");
+        const dir = path.join(process.cwd(), "public", "uploads", "avatars");
+        await fs.mkdir(dir, { recursive: true });
+        await fs.writeFile(path.join(dir, fileName), buffer);
+        return `/uploads/avatars/${fileName}`;
+      })();
+      return json({ message: "Avatar uploaded successfully", avatarUrl });
+    } catch {
+      return json({ error: "Internal server error" }, { status: 500 });
+    }
+  };
+}
+function createUserProfileHandler(config) {
+  const { dataSource, entityMap, json, getSession } = config;
+  return async function PUT(req) {
+    const session = await getSession();
+    if (!session?.user?.email) return json({ error: "Unauthorized" }, { status: 401 });
+    try {
+      const body = await req.json();
+      if (!body?.name) return json({ error: "Name is required" }, { status: 400 });
+      const userRepo = dataSource.getRepository(entityMap.users);
+      await userRepo.update({ email: session.user.email }, { name: body.name, updatedAt: /* @__PURE__ */ new Date() });
+      const updated = await userRepo.findOne({ where: { email: session.user.email }, select: ["id", "name", "email"] });
+      if (!updated) return json({ error: "Not found" }, { status: 404 });
+      return json({ message: "Profile updated successfully", user: { id: updated.id, name: updated.name, email: updated.email } });
+    } catch {
+      return json({ error: "Internal server error" }, { status: 500 });
+    }
+  };
+}
+function simpleEncrypt(text, key) {
+  const buf = Buffer.from(text, "utf8");
+  const keyBuf = Buffer.from(key.padEnd(32, "0").slice(0, 32), "utf8");
+  const out = Buffer.alloc(buf.length);
+  for (let i = 0; i < buf.length; i++) out[i] = buf[i] ^ keyBuf[i % keyBuf.length];
+  return out.toString("base64");
+}
+function simpleDecrypt(encoded, key) {
+  const buf = Buffer.from(encoded, "base64");
+  const keyBuf = Buffer.from(key.padEnd(32, "0").slice(0, 32), "utf8");
+  const out = Buffer.alloc(buf.length);
+  for (let i = 0; i < buf.length; i++) out[i] = buf[i] ^ keyBuf[i % keyBuf.length];
+  return out.toString("utf8");
+}
+function createSettingsApiHandlers(config) {
+  const { dataSource, entityMap, json, requireAuth, encryptionKey, publicGetGroups } = config;
+  const configRepo = () => dataSource.getRepository(entityMap.configs);
+  return {
+    async GET(req, group) {
+      const isPublicGroup = publicGetGroups?.includes(group);
+      const authErr = isPublicGroup ? null : await requireAuth(req);
+      const isAuthed = !authErr;
+      try {
+        const where = { settings: group, deleted: false };
+        if (!isAuthed && !isPublicGroup) where.type = "public";
+        const rows = await configRepo().find({ where });
+        const result = {};
+        for (const row of rows) {
+          const r = row;
+          let val = r.value;
+          if (r.encrypted && encryptionKey) {
+            try {
+              val = simpleDecrypt(val, encryptionKey);
+            } catch {
+            }
+          }
+          result[r.key] = val;
+        }
+        return json(result);
+      } catch {
+        return json({ error: "Failed to fetch settings" }, { status: 500 });
+      }
+    },
+    async PUT(req, group) {
+      const authErr = await requireAuth(req);
+      if (authErr) return authErr;
+      try {
+        const body = await req.json();
+        if (!body || typeof body !== "object") return json({ error: "Invalid payload" }, { status: 400 });
+        const repo = configRepo();
+        for (const [key, entry] of Object.entries(body)) {
+          const val = typeof entry === "string" ? entry : entry.value;
+          const type = typeof entry === "object" && entry.type || "private";
+          const encrypted = !!(typeof entry === "object" && entry.encrypted);
+          let storedValue = val;
+          if (encrypted && encryptionKey) {
+            storedValue = simpleEncrypt(val, encryptionKey);
+          }
+          const existing = await repo.findOne({ where: { settings: group, key } });
+          if (existing) {
+            await repo.update(existing.id, { value: storedValue, type, encrypted, updatedAt: /* @__PURE__ */ new Date() });
+          } else {
+            await repo.save(repo.create({ settings: group, key, value: storedValue, type, encrypted }));
+          }
+        }
+        return json({ message: "Settings saved" });
+      } catch {
+        return json({ error: "Failed to save settings" }, { status: 500 });
+      }
+    }
+  };
+}
+
+// src/api/cms-api-handler.ts
+var DEFAULT_EXCLUDE = /* @__PURE__ */ new Set(["users", "password_reset_tokens", "user_groups", "permissions", "comments", "form_fields", "configs"]);
+function createCmsApiHandler(config) {
+  const {
+    dataSource,
+    entityMap,
+    pathToModel = (s) => s,
+    crudResources = Object.keys(entityMap).filter((k) => !DEFAULT_EXCLUDE.has(k)),
+    getCms,
+    userAuth: userAuthConfig,
+    dashboard,
+    analytics: analyticsConfig,
+    upload,
+    blogBySlug,
+    formBySlug,
+    formSave: formSaveConfig,
+    formSubmission: formSubmissionConfig,
+    formSubmissionGetById: formSubmissionGetByIdConfig,
+    usersApi,
+    userAvatar,
+    userProfile,
+    settings: settingsConfig
+  } = config;
+  const analytics = analyticsConfig ?? (getCms ? {
+    json: config.json,
+    requireAuth: async () => null,
+    getAnalyticsData: async (days) => {
+      const cms = await getCms();
+      const a = cms.getPlugin("analytics");
+      if (!a?.getAnalyticsData) throw new Error("Analytics not configured");
+      return a.getAnalyticsData(days);
+    },
+    getPropertyId: () => ({ currentViewId: process.env.GOOGLE_ANALYTICS_VIEW_ID }),
+    getPermissions: () => ({
+      serviceAccountEmail: process.env.GOOGLE_ANALYTICS_CLIENT_EMAIL,
+      currentViewId: process.env.GOOGLE_ANALYTICS_VIEW_ID
+    })
+  } : void 0);
+  const userAuth = userAuthConfig && getCms && userAuthConfig.sendEmail === void 0 ? {
+    ...userAuthConfig,
+    sendEmail: async (opts) => {
+      const cms = await getCms();
+      const email = cms.getPlugin("email");
+      if (!email?.send) return;
+      const { emailTemplates: emailTemplates2 } = await Promise.resolve().then(() => (init_email_service(), email_service_exports));
+      const { subject, html, text } = emailTemplates2.passwordReset({ resetLink: opts.text || opts.html });
+      await email.send({ subject, html, text, to: opts.to });
+    }
+  } : userAuthConfig;
+  const crudOpts = { requireAuth: config.requireAuth, json: config.json };
+  const crud = createCrudHandler(dataSource, entityMap, crudOpts);
+  const crudById = createCrudByIdHandler(dataSource, entityMap, crudOpts);
+  const userAuthRouter = userAuth ? createUserAuthApiRouter(userAuth) : null;
+  const dashboardGet = dashboard ? createDashboardStatsHandler(dashboard) : null;
+  const analyticsHandlers = analytics ? createAnalyticsHandlers(analytics) : null;
+  const uploadPost = upload ? createUploadHandler(upload) : null;
+  const blogBySlugGet = blogBySlug ? createBlogBySlugHandler(blogBySlug) : null;
+  const formBySlugGet = formBySlug ? createFormBySlugHandler(formBySlug) : null;
+  const formSaveHandlers = formSaveConfig ? createFormSaveHandlers(formSaveConfig) : null;
+  const formSubmissionPost = formSubmissionConfig ? createFormSubmissionHandler(formSubmissionConfig) : null;
+  const formSubmissionGetById = formSubmissionGetByIdConfig ? createFormSubmissionGetByIdHandler(formSubmissionGetByIdConfig) : null;
+  const formSubmissionList = formSubmissionGetByIdConfig ? createFormSubmissionListHandler(formSubmissionGetByIdConfig) : null;
+  const usersHandlers = usersApi ? createUsersApiHandlers(usersApi) : null;
+  const avatarPost = userAvatar ? createUserAvatarHandler(userAvatar) : null;
+  const profilePut = userProfile ? createUserProfileHandler(userProfile) : null;
+  const settingsHandlers = settingsConfig ? createSettingsApiHandlers(settingsConfig) : null;
+  function resolveResource(segment) {
+    const model = pathToModel(segment);
+    return crudResources.includes(model) ? model : segment;
+  }
+  return {
+    async handle(method, path, req) {
+      if (path[0] === "dashboard" && path[1] === "stats" && path.length === 2 && method === "GET" && dashboardGet) {
+        return dashboardGet(req);
+      }
+      if (path[0] === "analytics" && analyticsHandlers) {
+        if (path.length === 1 && method === "GET") return analyticsHandlers.GET(req);
+        if (path.length === 2 && path[1] === "property-id" && method === "GET") return analyticsHandlers.propertyId();
+        if (path.length === 2 && path[1] === "permissions" && method === "GET") return analyticsHandlers.permissions();
+      }
+      if (path[0] === "upload" && path.length === 1 && method === "POST" && uploadPost) return uploadPost(req);
+      if (path[0] === "blogs" && path[1] === "slug" && path.length === 3 && method === "GET" && blogBySlugGet) {
+        return blogBySlugGet(req, path[2]);
+      }
+      if (path[0] === "forms" && path[1] === "slug" && path.length === 3 && method === "GET" && formBySlugGet) {
+        return formBySlugGet(req, path[2]);
+      }
+      if (path[0] === "form-submissions") {
+        if (path.length === 1) {
+          if (method === "GET" && formSubmissionList) return formSubmissionList(req);
+          if (method === "POST" && formSubmissionPost) return formSubmissionPost(req);
+        }
+        if (path.length === 2 && method === "GET" && formSubmissionGetById) return formSubmissionGetById(req, path[1]);
+      }
+      if (path[0] === "forms" && formSaveHandlers) {
+        if (path.length === 1 && method === "POST") return formSaveHandlers.POST(req);
+        if (path.length === 2) {
+          if (method === "GET") return formSaveHandlers.GET(req, path[1]);
+          if (method === "PUT" || method === "PATCH") return formSaveHandlers.PUT(req, path[1]);
+        }
+      }
+      if (path[0] === "users" && usersHandlers) {
+        if (path.length === 1) {
+          if (method === "GET") return usersHandlers.list(req);
+          if (method === "POST") return usersHandlers.create(req);
+        }
+        if (path.length === 2) {
+          if (path[1] === "avatar" && method === "POST" && avatarPost) return avatarPost(req);
+          if (path[1] === "profile" && method === "PUT" && profilePut) return profilePut(req);
+          const id = path[1];
+          if (method === "GET") return usersHandlers.getById(req, id);
+          if (method === "PUT" || method === "PATCH") return usersHandlers.update(req, id);
+          if (method === "DELETE") return usersHandlers.delete(req, id);
+        }
+        if (path.length === 3 && path[2] === "regenerate-invite" && method === "POST") {
+          return usersHandlers.regenerateInvite(req, path[1]);
+        }
+      }
+      if (path[0] === "users" && path.length === 2 && userAuthRouter && method === "POST") {
+        return userAuthRouter.POST(req, path[1]);
+      }
+      if (path[0] === "settings" && path.length === 2 && settingsHandlers) {
+        if (method === "GET") return settingsHandlers.GET(req, path[1]);
+        if (method === "PUT") return settingsHandlers.PUT(req, path[1]);
+      }
+      if (path.length === 0) return config.json({ error: "Not found" }, { status: 404 });
+      const resource = resolveResource(path[0]);
+      if (!crudResources.includes(resource)) return config.json({ error: "Invalid resource" }, { status: 400 });
+      if (path.length === 1) {
+        if (method === "GET") return crud.GET(req, resource);
+        if (method === "POST") return crud.POST(req, resource);
+        return config.json({ error: "Method not allowed" }, { status: 405 });
+      }
+      if (path.length === 2) {
+        const id = path[1];
+        if (method === "GET") return crudById.GET(req, resource, id);
+        if (method === "PUT" || method === "PATCH") return crudById.PUT(req, resource, id);
+        if (method === "DELETE") return crudById.DELETE(req, resource, id);
+        return config.json({ error: "Method not allowed" }, { status: 405 });
+      }
+      return config.json({ error: "Not found" }, { status: 404 });
+    }
+  };
+}
+
+// src/admin/config.ts
+var DEFAULT_ADMIN_NAV = [
+  { href: "/admin/dashboard", label: "Dashboard" },
+  { href: "/admin/contacts", label: "Contacts" },
+  { href: "/admin/blogs", label: "Blogs" },
+  { href: "/admin/users", label: "Users" },
+  { href: "/admin/forms", label: "Forms" },
+  { href: "/admin/submissions", label: "Submissions" },
+  { href: "/admin/pages", label: "Pages" }
+];
+export {
+  Blog,
+  CMS_ENTITY_MAP,
+  Category,
+  Comment,
+  Config,
+  Contact,
+  DEFAULT_ADMIN_NAV,
+  EmailService,
+  Form,
+  FormField,
+  FormSubmission,
+  Media,
+  OPEN_ENDPOINTS,
+  PERMISSION_REQUIRED_ENDPOINTS,
+  Page,
+  PasswordResetToken,
+  Permission,
+  Seo,
+  Tag,
+  User,
+  UserGroup,
+  analyticsPlugin,
+  cn,
+  createAnalyticsHandlers,
+  createAuthHelpers,
+  createBlogBySlugHandler,
+  createChangePasswordHandler,
+  createCmsApiHandler,
+  createCmsApp,
+  createCmsMiddleware,
+  createCrudByIdHandler,
+  createCrudHandler,
+  createDashboardStatsHandler,
+  createForgotPasswordHandler,
+  createFormBySlugHandler,
+  createInviteAcceptHandler,
+  createSetPasswordHandler,
+  createSettingsApiHandlers,
+  createUploadHandler,
+  createUserAuthApiRouter,
+  createUserAvatarHandler,
+  createUserProfileHandler,
+  createUsersApiHandlers,
+  defaultPublicApiMethods,
+  emailPlugin,
+  emailTemplates,
+  erpPlugin,
+  formatDate,
+  formatDateOnly,
+  formatDateTime,
+  generateSlug,
+  getNextAuthOptions,
+  getRequiredPermission,
+  isOpenEndpoint,
+  isPublicMethod,
+  localStoragePlugin,
+  paymentPlugin,
+  s3StoragePlugin,
+  smsPlugin,
+  truncateText,
+  validateSlug
+};
+//# sourceMappingURL=index.js.map