@infuro/cms-core 1.0.0

package/dist/api.js

@@ -0,0 +1,1112 @@
+var __defProp = Object.defineProperty;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __esm = (fn, res) => function __init() {
+  return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
+};
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+
+// src/plugins/email/email-service.ts
+var email_service_exports = {};
+__export(email_service_exports, {
+  EmailService: () => EmailService,
+  emailTemplates: () => emailTemplates
+});
+import { SESClient, SendEmailCommand } from "@aws-sdk/client-ses";
+import nodemailer from "nodemailer";
+var EmailService, emailTemplates;
+var init_email_service = __esm({
+  "src/plugins/email/email-service.ts"() {
+    "use strict";
+    EmailService = class {
+      config;
+      sesClient;
+      transporter;
+      constructor(config) {
+        this.config = config;
+        if (config.type === "AWS") {
+          if (!config.region || !config.accessKeyId || !config.secretAccessKey) {
+            throw new Error("AWS SES configuration incomplete");
+          }
+          this.sesClient = new SESClient({
+            region: config.region,
+            credentials: { accessKeyId: config.accessKeyId, secretAccessKey: config.secretAccessKey }
+          });
+        } else if (config.type === "SMTP" || config.type === "GMAIL") {
+          if (!config.user || !config.password) throw new Error("SMTP configuration incomplete");
+          this.transporter = nodemailer.createTransport({
+            host: config.type === "GMAIL" ? "smtp.gmail.com" : void 0,
+            port: 587,
+            secure: false,
+            auth: { user: config.user, pass: config.password }
+          });
+        } else {
+          throw new Error(`Unsupported email type: ${config.type}`);
+        }
+      }
+      async send(emailData) {
+        try {
+          if (this.config.type === "AWS" && this.sesClient) {
+            await this.sesClient.send(
+              new SendEmailCommand({
+                Source: emailData.from || this.config.from,
+                Destination: { ToAddresses: [emailData.to || this.config.to] },
+                Message: {
+                  Subject: { Data: emailData.subject, Charset: "UTF-8" },
+                  Body: {
+                    Html: { Data: emailData.html, Charset: "UTF-8" },
+                    ...emailData.text && { Text: { Data: emailData.text, Charset: "UTF-8" } }
+                  }
+                }
+              })
+            );
+            return true;
+          }
+          if ((this.config.type === "SMTP" || this.config.type === "GMAIL") && this.transporter) {
+            await this.transporter.sendMail({
+              from: emailData.from || this.config.from,
+              to: emailData.to || this.config.to,
+              subject: emailData.subject,
+              html: emailData.html,
+              text: emailData.text
+            });
+            return true;
+          }
+          return false;
+        } catch (error) {
+          console.error("Email sending failed:", error);
+          return false;
+        }
+      }
+    };
+    emailTemplates = {
+      formSubmission: (data) => ({
+        subject: `New Form Submission: ${data.formName}`,
+        html: `<h2>New Form Submission</h2><p><strong>Form:</strong> ${data.formName}</p><p><strong>Contact:</strong> ${data.contactName} (${data.contactEmail})</p><pre>${JSON.stringify(data.formData, null, 2)}</pre>`,
+        text: `New Form Submission
+Form: ${data.formName}
+Contact: ${data.contactName} (${data.contactEmail})
+${JSON.stringify(data.formData, null, 2)}`
+      }),
+      contactSubmission: (data) => ({
+        subject: `New Contact Form Submission from ${data.name}`,
+        html: `<h2>New Contact Form Submission</h2><p><strong>Name:</strong> ${data.name}</p><p><strong>Email:</strong> ${data.email}</p>${data.phone ? `<p><strong>Phone:</strong> ${data.phone}</p>` : ""}${data.message ? `<p><strong>Message:</strong></p><p>${data.message}</p>` : ""}`,
+        text: `New Contact Form Submission
+Name: ${data.name}
+Email: ${data.email}
+${data.phone ? `Phone: ${data.phone}
+` : ""}${data.message ? `Message: ${data.message}` : ""}`
+      }),
+      passwordReset: (data) => ({
+        subject: "Reset your password",
+        html: `<h2>Reset your password</h2><p>Click the link below to set a new password. This link expires in 1 hour.</p><p><a href="${data.resetLink}">${data.resetLink}</a></p>`,
+        text: `Reset your password: ${data.resetLink}
+
+This link expires in 1 hour.`
+      })
+    };
+  }
+});
+
+// src/api/crud.ts
+import { ILike, Like } from "typeorm";
+var DATE_COLUMN_TYPES = /* @__PURE__ */ new Set([
+  "date",
+  "datetime",
+  "datetime2",
+  "timestamp",
+  "timestamptz",
+  "timetz",
+  "smalldatetime",
+  "timestamp with time zone",
+  "timestamp without time zone"
+]);
+var TIMESTAMP_PROP_NAMES = /* @__PURE__ */ new Set(["createdAt", "updatedAt", "deletedAt"]);
+function isInvalidDateValue(v) {
+  if (v === "" || v == null) return true;
+  if (typeof v === "string") return isNaN(Date.parse(v)) || /NaN|Invalid/i.test(v);
+  if (v instanceof Date) return isNaN(v.getTime());
+  return false;
+}
+function sanitizeBodyForEntity(repo, body) {
+  const meta = repo.metadata;
+  for (const col of meta.columns) {
+    if (!(col.propertyName in body)) continue;
+    const v = body[col.propertyName];
+    const t = typeof col.type === "string" ? col.type : col.type?.name ?? "";
+    const isBoolean = t === "boolean" || t === "bool" || col.type === Boolean;
+    const isNumber = ["int", "integer", "int2", "int4", "int8", "smallint", "bigint", "number", "Number"].includes(t) || col.type === Number;
+    const isDate = DATE_COLUMN_TYPES.has(t) || col.type === Date || TIMESTAMP_PROP_NAMES.has(col.propertyName);
+    if (v === "" && (isBoolean || isNumber)) {
+      delete body[col.propertyName];
+    } else if (isDate && isInvalidDateValue(v)) {
+      delete body[col.propertyName];
+    }
+  }
+}
+function createCrudHandler(dataSource, entityMap, options) {
+  const { requireAuth, json } = options;
+  return {
+    async GET(req, resource) {
+      const authError = await requireAuth(req);
+      if (authError) return authError;
+      const entity = entityMap[resource];
+      if (!resource || !entity) {
+        return json({ error: "Invalid resource" }, { status: 400 });
+      }
+      const repo = dataSource.getRepository(entity);
+      const { searchParams } = new URL(req.url);
+      const page = Number(searchParams.get("page")) || 1;
+      const limit = Number(searchParams.get("limit")) || 10;
+      const skip = (page - 1) * limit;
+      const sortField = searchParams.get("sortField") || "createdAt";
+      const sortOrder = searchParams.get("sortOrder") === "desc" ? "DESC" : "ASC";
+      const search = searchParams.get("search");
+      const typeFilter = searchParams.get("type");
+      let where = {};
+      if (resource === "media") {
+        const mediaWhere = {};
+        if (search) mediaWhere.filename = ILike(`%${search}%`);
+        if (typeFilter) mediaWhere.mimeType = Like(`${typeFilter}/%`);
+        where = Object.keys(mediaWhere).length > 0 ? mediaWhere : {};
+      } else if (search) {
+        where = [{ name: ILike(`%${search}%`) }, { title: ILike(`%${search}%`) }];
+      }
+      const [data, total] = await repo.findAndCount({
+        skip,
+        take: limit,
+        order: { [sortField]: sortOrder },
+        where
+      });
+      return json({ total, page, limit, totalPages: Math.ceil(total / limit), data });
+    },
+    async POST(req, resource) {
+      const authError = await requireAuth(req);
+      if (authError) return authError;
+      const entity = entityMap[resource];
+      if (!resource || !entity) {
+        return json({ error: "Invalid resource" }, { status: 400 });
+      }
+      const body = await req.json();
+      if (!body || typeof body !== "object" || Object.keys(body).length === 0) {
+        return json({ error: "Invalid request payload" }, { status: 400 });
+      }
+      const repo = dataSource.getRepository(entity);
+      sanitizeBodyForEntity(repo, body);
+      const created = await repo.save(repo.create(body));
+      return json(created, { status: 201 });
+    }
+  };
+}
+function createCrudByIdHandler(dataSource, entityMap, options) {
+  const { requireAuth, json } = options;
+  return {
+    async GET(req, resource, id) {
+      const authError = await requireAuth(req);
+      if (authError) return authError;
+      const entity = entityMap[resource];
+      if (!entity) return json({ error: "Invalid resource" }, { status: 400 });
+      const repo = dataSource.getRepository(entity);
+      const item = await repo.findOne({ where: { id: Number(id) } });
+      return item ? json(item) : json({ message: "Not found" }, { status: 404 });
+    },
+    async PUT(req, resource, id) {
+      const authError = await requireAuth(req);
+      if (authError) return authError;
+      const entity = entityMap[resource];
+      if (!entity) return json({ error: "Invalid resource" }, { status: 400 });
+      const body = await req.json();
+      const repo = dataSource.getRepository(entity);
+      if (body && typeof body === "object") sanitizeBodyForEntity(repo, body);
+      await repo.update(Number(id), body);
+      const updated = await repo.findOne({ where: { id: Number(id) } });
+      return updated ? json(updated) : json({ message: "Not found" }, { status: 404 });
+    },
+    async DELETE(req, resource, id) {
+      const authError = await requireAuth(req);
+      if (authError) return authError;
+      const entity = entityMap[resource];
+      if (!entity) return json({ error: "Invalid resource" }, { status: 400 });
+      const repo = dataSource.getRepository(entity);
+      const result = await repo.delete(Number(id));
+      if (result.affected === 0) return json({ message: "Not found" }, { status: 404 });
+      return json({ message: "Deleted successfully" }, { status: 200 });
+    }
+  };
+}
+
+// src/api/auth-handlers.ts
+function createForgotPasswordHandler(config) {
+  const { dataSource, entityMap, json, baseUrl, sendEmail, resetExpiryHours = 1, afterCreateToken } = config;
+  return async function POST(request) {
+    try {
+      const body = await request.json().catch(() => ({}));
+      const email = typeof body?.email === "string" ? body.email.trim().toLowerCase() : "";
+      if (!email) return json({ error: "Email is required" }, { status: 400 });
+      const userRepo = dataSource.getRepository(entityMap.users);
+      const user = await userRepo.findOne({ where: { email }, select: ["email"] });
+      const msg = "If an account exists with this email, you will receive a reset link shortly.";
+      if (!user) return json({ message: msg }, { status: 200 });
+      const crypto = await import("crypto");
+      const token = crypto.randomBytes(32).toString("hex");
+      const expiresAt = new Date(Date.now() + resetExpiryHours * 60 * 60 * 1e3);
+      const tokenRepo = dataSource.getRepository(entityMap.password_reset_tokens);
+      await tokenRepo.save(tokenRepo.create({ email: user.email, token, expiresAt }));
+      const resetLink = `${baseUrl}/admin/reset-password?token=${token}`;
+      if (sendEmail) await sendEmail({ to: user.email, subject: "Password reset", html: `<a href="${resetLink}">Reset password</a>`, text: resetLink });
+      if (afterCreateToken) await afterCreateToken(user.email, resetLink);
+      return json({ message: msg }, { status: 200 });
+    } catch (err) {
+      return json({ error: "Something went wrong. Please try again." }, { status: 500 });
+    }
+  };
+}
+function createSetPasswordHandler(config) {
+  const { dataSource, entityMap, json, hashPassword, minPasswordLength = 6, beforeUpdate } = config;
+  return async function POST(request) {
+    try {
+      const body = await request.json().catch(() => ({}));
+      const { token, newPassword } = body;
+      if (!token || !newPassword) return json({ error: "Token and new password are required" }, { status: 400 });
+      if (newPassword.length < minPasswordLength) return json({ error: "Password must be at least 6 characters" }, { status: 400 });
+      const tokenRepo = dataSource.getRepository(entityMap.password_reset_tokens);
+      const record = await tokenRepo.findOne({ where: { token } });
+      if (!record || record.expiresAt < /* @__PURE__ */ new Date()) return json({ error: "Invalid or expired reset link. Please request a new one." }, { status: 400 });
+      const userRepo = dataSource.getRepository(entityMap.users);
+      const user = await userRepo.findOne({ where: { email: record.email }, select: ["id"] });
+      if (!user) return json({ error: "User not found" }, { status: 400 });
+      if (beforeUpdate) await beforeUpdate(record.email, user.id);
+      const hashedPassword = await hashPassword(newPassword);
+      await userRepo.update(user.id, { password: hashedPassword, updatedAt: /* @__PURE__ */ new Date() });
+      await tokenRepo.delete({ email: record.email });
+      return json({ message: "Password updated successfully. You can now sign in." });
+    } catch {
+      return json({ error: "Something went wrong. Please try again." }, { status: 500 });
+    }
+  };
+}
+function createInviteAcceptHandler(config) {
+  const { dataSource, entityMap, json, hashPassword, beforeActivate } = config;
+  return async function POST(request) {
+    try {
+      const body = await request.json().catch(() => ({}));
+      const { token, password } = body;
+      if (!token || !password) return json({ error: "Missing required fields: token, password" }, { status: 400 });
+      let email;
+      try {
+        email = Buffer.from(token, "base64").toString("utf8");
+      } catch {
+        return json({ error: "Invalid or expired invite token" }, { status: 400 });
+      }
+      const userRepo = dataSource.getRepository(entityMap.users);
+      const user = await userRepo.findOne({ where: { email }, select: ["id", "blocked"] });
+      if (!user) return json({ error: "User not found" }, { status: 400 });
+      if (!user.blocked) return json({ error: "User is already active" }, { status: 400 });
+      if (beforeActivate) await beforeActivate(email, user.id);
+      const hashedPassword = await hashPassword(password);
+      await userRepo.update(user.id, { password: hashedPassword, blocked: false });
+      return json({ message: "User account activated successfully" }, { status: 200 });
+    } catch (err) {
+      return json({ error: "Server Error" }, { status: 500 });
+    }
+  };
+}
+function createChangePasswordHandler(config) {
+  const { dataSource, entityMap, json, comparePassword, hashPassword, getSession, minPasswordLength = 6, beforeUpdate } = config;
+  return async function POST(request) {
+    try {
+      const session = await getSession();
+      if (!session?.user?.email) return json({ error: "Unauthorized" }, { status: 401 });
+      const body = await request.json().catch(() => ({}));
+      const { currentPassword, newPassword } = body;
+      if (!currentPassword || !newPassword) return json({ error: "Current password and new password are required" }, { status: 400 });
+      if (newPassword.length < minPasswordLength) return json({ error: "New password must be at least 6 characters long" }, { status: 400 });
+      const userRepo = dataSource.getRepository(entityMap.users);
+      const user = await userRepo.findOne({ where: { email: session.user.email }, select: ["password"] });
+      if (!user) return json({ error: "User not found" }, { status: 404 });
+      if (!user.password) return json({ error: "Current password is incorrect" }, { status: 400 });
+      const valid = await comparePassword(currentPassword, user.password);
+      if (!valid) return json({ error: "Current password is incorrect" }, { status: 400 });
+      if (beforeUpdate) await beforeUpdate(session.user.email);
+      const hashedPassword = await hashPassword(newPassword);
+      await userRepo.update({ email: session.user.email }, { password: hashedPassword, updatedAt: /* @__PURE__ */ new Date() });
+      return json({ message: "Password updated successfully" });
+    } catch {
+      return json({ error: "Internal server error" }, { status: 500 });
+    }
+  };
+}
+var USER_AUTH_PATHS = ["forgot-password", "invite", "set-password", "reset-password"];
+function createUserAuthApiRouter(config) {
+  const forgot = createForgotPasswordHandler(config);
+  const setPass = createSetPasswordHandler(config);
+  const invite = createInviteAcceptHandler(config);
+  const changePass = config.getSession ? createChangePasswordHandler({
+    ...config,
+    getSession: config.getSession,
+    beforeUpdate: config.beforeChangePasswordUpdate
+  }) : null;
+  return {
+    async POST(req, pathname) {
+      const path = pathname.replace(/\/$/, "");
+      if (!USER_AUTH_PATHS.includes(path)) {
+        return config.json({ error: "Not found" }, { status: 404 });
+      }
+      if (path === "forgot-password") return forgot(req);
+      if (path === "set-password") return setPass(req);
+      if (path === "invite") return invite(req);
+      if (path === "reset-password" && changePass) return changePass(req);
+      return config.json({ error: "Not found" }, { status: 404 });
+    }
+  };
+}
+
+// src/api/cms-handlers.ts
+import { MoreThanOrEqual, ILike as ILike2 } from "typeorm";
+function createDashboardStatsHandler(config) {
+  const { dataSource, entityMap, json, requireAuth, requirePermission } = config;
+  return async function GET(req) {
+    const authErr = await requireAuth(req);
+    if (authErr) return authErr;
+    if (requirePermission) {
+      const permErr = await requirePermission(req, "view_dashboard");
+      if (permErr) return permErr;
+    }
+    try {
+      const sevenDaysAgo = new Date(Date.now() - 7 * 24 * 60 * 60 * 1e3);
+      const repo = (name) => entityMap[name] ? dataSource.getRepository(entityMap[name]) : void 0;
+      const [contactsCount, formsCount, formSubmissionsCount, usersCount, blogsCount, recentContacts, recentSubmissions] = await Promise.all([
+        repo("contacts")?.count() ?? 0,
+        repo("forms")?.count({ where: { deleted: false } }) ?? 0,
+        repo("form_submissions")?.count() ?? 0,
+        repo("users")?.count({ where: { deleted: false } }) ?? 0,
+        repo("blogs")?.count({ where: { deleted: false } }) ?? 0,
+        repo("contacts")?.count({ where: { createdAt: MoreThanOrEqual(sevenDaysAgo) } }) ?? 0,
+        repo("form_submissions")?.count({ where: { createdAt: MoreThanOrEqual(sevenDaysAgo) } }) ?? 0
+      ]);
+      return json({
+        contacts: { total: contactsCount, recent: recentContacts },
+        forms: { total: formsCount, submissions: formSubmissionsCount, recentSubmissions },
+        users: usersCount,
+        blogs: blogsCount
+      });
+    } catch (err) {
+      return json({ error: "Failed to fetch dashboard stats" }, { status: 500 });
+    }
+  };
+}
+function createAnalyticsHandlers(config) {
+  const { json, getAnalyticsData, getPropertyId, getPermissions } = config;
+  return {
+    async GET(req) {
+      if (!getAnalyticsData) return json({ error: "Analytics not configured" }, { status: 404 });
+      try {
+        const url = new URL(req.url);
+        const days = parseInt(url.searchParams.get("days") || "30", 10);
+        const data = await getAnalyticsData(days);
+        return json(data);
+      } catch (err) {
+        const msg = err instanceof Error ? err.message : "";
+        if (msg.includes("authentication credential")) return json({ error: "Google Analytics authentication failed." }, { status: 401 });
+        if (msg.includes("sufficient permissions")) return json({ error: "Service account does not have access." }, { status: 403 });
+        return json({ error: "Failed to fetch analytics data" }, { status: 500 });
+      }
+    },
+    propertyId: async () => {
+      const payload = getPropertyId ? getPropertyId() : { currentViewId: process.env.GOOGLE_ANALYTICS_VIEW_ID };
+      return json({ message: "Property ID Information", ...payload });
+    },
+    permissions: async () => {
+      const payload = getPermissions ? getPermissions() : {
+        serviceAccountEmail: process.env.GOOGLE_ANALYTICS_CLIENT_EMAIL,
+        currentViewId: process.env.GOOGLE_ANALYTICS_VIEW_ID
+      };
+      return json({ message: "Permission Troubleshooting Guide", ...payload });
+    }
+  };
+}
+function createUploadHandler(config) {
+  const { json, requireAuth, storage, localUploadDir = "public/uploads", allowedTypes, maxSizeBytes = 10 * 1024 * 1024 } = config;
+  const allowed = allowedTypes ?? ["image/jpeg", "image/png", "image/gif", "image/webp", "application/pdf", "text/plain"];
+  return async function POST(req) {
+    const authErr = await requireAuth(req);
+    if (authErr) return authErr;
+    try {
+      const formData = await req.formData();
+      const file = formData.get("file");
+      if (!file) return json({ error: "No file uploaded" }, { status: 400 });
+      if (!allowed.includes(file.type)) return json({ error: "File type not allowed" }, { status: 400 });
+      if (file.size > maxSizeBytes) return json({ error: "File size exceeds limit" }, { status: 400 });
+      const buffer = Buffer.from(await file.arrayBuffer());
+      const fileName = `${Date.now()}-${file.name}`;
+      const contentType = file.type || "application/octet-stream";
+      const raw = typeof storage === "function" ? storage() : storage;
+      const storageService = raw instanceof Promise ? await raw : raw;
+      if (storageService) {
+        const fileUrl = await storageService.upload(buffer, `uploads/${fileName}`, contentType);
+        return json({ filePath: fileUrl });
+      }
+      const fs = await import("fs/promises");
+      const path = await import("path");
+      const dir = path.join(process.cwd(), localUploadDir);
+      await fs.mkdir(dir, { recursive: true });
+      const filePath = path.join(dir, fileName);
+      await fs.writeFile(filePath, buffer);
+      return json({ filePath: `/${localUploadDir.replace(/^\/+/, "").replace(/\\/g, "/")}/${fileName}` });
+    } catch (err) {
+      return json({ error: "File upload failed" }, { status: 500 });
+    }
+  };
+}
+function createBlogBySlugHandler(config) {
+  const { dataSource, entityMap, json } = config;
+  return async function GET(_req, slug) {
+    try {
+      const blogRepo = dataSource.getRepository(entityMap.blogs);
+      const blog = await blogRepo.findOne({
+        where: { slug, published: true },
+        relations: ["author", "category", "tags", "seo"]
+      });
+      if (!blog) return json({ error: "Blog not found" }, { status: 404 });
+      return json(blog);
+    } catch {
+      return json({ error: "Server Error" }, { status: 500 });
+    }
+  };
+}
+function createFormBySlugHandler(config) {
+  const { dataSource, entityMap, json } = config;
+  return async function GET(_req, slug) {
+    try {
+      const formRepo = dataSource.getRepository(entityMap.forms);
+      const form = await formRepo.findOne({
+        where: { slug, published: true, deleted: false },
+        relations: ["fields"],
+        order: { fields: { order: "ASC" } }
+      });
+      if (!form) return json({ error: "Form not found" }, { status: 404 });
+      const out = form;
+      if (Array.isArray(out.fields)) out.fields = out.fields.filter((f) => !f.deleted);
+      return json(form);
+    } catch {
+      return json({ error: "Server Error" }, { status: 500 });
+    }
+  };
+}
+function normalizeFieldRow(f, formId) {
+  const order = typeof f.order === "number" ? f.order : Number(f.order) || 0;
+  const groupId = typeof f.groupId === "number" ? f.groupId : Number(f.groupId) || 1;
+  const columnWidth = typeof f.columnWidth === "number" ? f.columnWidth : Number(f.columnWidth) || 12;
+  return {
+    formId,
+    label: f.label != null ? String(f.label) : "",
+    type: f.type != null ? String(f.type) : "text",
+    placeholder: f.placeholder != null ? String(f.placeholder) : null,
+    options: f.options != null ? typeof f.options === "string" ? f.options : JSON.stringify(f.options) : null,
+    required: Boolean(f.required),
+    validation: f.validation != null ? typeof f.validation === "string" ? f.validation : JSON.stringify(f.validation) : null,
+    order,
+    groupId,
+    columnWidth
+  };
+}
+function createFormSaveHandlers(config) {
+  const { dataSource, entityMap, json, requireAuth } = config;
+  const formRepo = () => dataSource.getRepository(entityMap.forms);
+  const fieldRepo = () => dataSource.getRepository(entityMap.form_fields);
+  return {
+    async GET(req, id) {
+      const authErr = await requireAuth(req);
+      if (authErr) return authErr;
+      try {
+        const formId = Number(id);
+        if (!Number.isInteger(formId) || formId <= 0) return json({ error: "Invalid form id" }, { status: 400 });
+        const form = await formRepo().findOne({
+          where: { id: formId },
+          relations: ["fields"],
+          order: { fields: { order: "ASC" } }
+        });
+        if (!form) return json({ message: "Not found" }, { status: 404 });
+        const out = form;
+        if (Array.isArray(out.fields)) out.fields = out.fields.filter((f) => !f.deleted);
+        return json(form);
+      } catch {
+        return json({ error: "Server Error" }, { status: 500 });
+      }
+    },
+    async POST(req) {
+      const authErr = await requireAuth(req);
+      if (authErr) return authErr;
+      try {
+        const body = await req.json();
+        if (!body || typeof body !== "object") return json({ error: "Invalid request payload" }, { status: 400 });
+        const fields = Array.isArray(body.fields) ? body.fields : [];
+        const { fields: _f, ...formRow } = body;
+        const form = await formRepo().save(formRepo().create(formRow));
+        for (let i = 0; i < fields.length; i++) {
+          const row = normalizeFieldRow(fields[i], form.id);
+          row.order = i + 1;
+          await fieldRepo().save(fieldRepo().create(row));
+        }
+        const saved = await formRepo().findOne({ where: { id: form.id }, relations: ["fields"], order: { fields: { order: "ASC" } } });
+        return json(saved ?? form, { status: 201 });
+      } catch (e) {
+        return json({ error: "Server Error" }, { status: 500 });
+      }
+    },
+    async PUT(req, id) {
+      const authErr = await requireAuth(req);
+      if (authErr) return authErr;
+      try {
+        const formId = Number(id);
+        if (!Number.isInteger(formId) || formId <= 0) return json({ error: "Invalid form id" }, { status: 400 });
+        const body = await req.json();
+        if (!body || typeof body !== "object") return json({ error: "Invalid request payload" }, { status: 400 });
+        const existing = await formRepo().findOne({ where: { id: formId } });
+        if (!existing) return json({ message: "Not found" }, { status: 404 });
+        const fields = Array.isArray(body.fields) ? body.fields : [];
+        const formRow = {};
+        for (const key of ["name", "description", "campaign", "slug", "published"]) {
+          if (body[key] !== void 0) formRow[key] = body[key];
+        }
+        if (Object.keys(formRow).length > 0) await formRepo().update(formId, formRow);
+        await fieldRepo().delete({ formId });
+        for (let i = 0; i < fields.length; i++) {
+          const row = normalizeFieldRow(fields[i], formId);
+          row.order = i + 1;
+          await fieldRepo().save(fieldRepo().create(row));
+        }
+        const saved = await formRepo().findOne({ where: { id: formId }, relations: ["fields"], order: { fields: { order: "ASC" } } });
+        return saved ? json(saved) : json({ message: "Not found" }, { status: 404 });
+      } catch (e) {
+        return json({ error: "Server Error" }, { status: 500 });
+      }
+    }
+  };
+}
+function createFormSubmissionGetByIdHandler(config) {
+  const { dataSource, entityMap, json, requireAuth } = config;
+  return async function GET(req, id) {
+    const authErr = await requireAuth(req);
+    if (authErr) return authErr;
+    try {
+      const submissionId = Number(id);
+      if (!Number.isInteger(submissionId) || submissionId <= 0) return json({ error: "Invalid id" }, { status: 400 });
+      const repo = dataSource.getRepository(entityMap.form_submissions);
+      const submission = await repo.findOne({
+        where: { id: submissionId },
+        relations: ["form", "contact"]
+      });
+      if (!submission) return json({ message: "Not found" }, { status: 404 });
+      const form = submission;
+      if (form.form?.id) {
+        const formRepo = dataSource.getRepository(entityMap.forms);
+        const formWithFields = await formRepo.findOne({
+          where: { id: form.form.id },
+          relations: ["fields"],
+          order: { fields: { order: "ASC" } }
+        });
+        if (formWithFields) submission.form = formWithFields;
+      }
+      return json(submission);
+    } catch {
+      return json({ error: "Server Error" }, { status: 500 });
+    }
+  };
+}
+function createFormSubmissionListHandler(config) {
+  const { dataSource, entityMap, json, requireAuth } = config;
+  return async function GET(req) {
+    const authErr = await requireAuth(req);
+    if (authErr) return authErr;
+    try {
+      const repo = dataSource.getRepository(entityMap.form_submissions);
+      const { searchParams } = new URL(req.url);
+      const page = Number(searchParams.get("page")) || 1;
+      const limit = Math.min(100, Number(searchParams.get("limit")) || 10);
+      const skip = (page - 1) * limit;
+      const sortField = searchParams.get("sortField") || "createdAt";
+      const sortOrder = searchParams.get("sortOrder") === "desc" ? "DESC" : "ASC";
+      const [data, total] = await repo.findAndCount({
+        skip,
+        take: limit,
+        order: { [sortField]: sortOrder },
+        relations: ["form", "contact"]
+      });
+      return json({ total, page, limit, totalPages: Math.ceil(total / limit), data });
+    } catch {
+      return json({ error: "Server Error" }, { status: 500 });
+    }
+  };
+}
+function pickContactFromSubmission(fields, data) {
+  let email = null;
+  let name = null;
+  let phone = null;
+  for (const f of fields) {
+    const val = data[String(f.id)];
+    if (val == null || val === "") continue;
+    const str = String(val).trim();
+    if (f.type === "email" || f.label && f.label.toLowerCase().includes("email")) {
+      if (str && !email) email = str;
+    } else if (f.type === "phone" || f.label && f.label.toLowerCase().includes("phone")) {
+      if (str && !phone) phone = str;
+    } else if (f.label && f.label.toLowerCase().includes("name") && (f.type === "text" || !f.type)) {
+      if (str && !name) name = str;
+    }
+  }
+  if (!email) return null;
+  return { name: name || email, email, phone: phone || null };
+}
+function createFormSubmissionHandler(config) {
+  const { dataSource, entityMap, json } = config;
+  return async function POST(req) {
+    try {
+      const body = await req.json();
+      if (!body || typeof body !== "object") {
+        return json({ error: "Invalid request payload" }, { status: 400 });
+      }
+      const formId = typeof body.formId === "number" ? body.formId : Number(body.formId);
+      if (!Number.isInteger(formId) || formId <= 0) {
+        return json({ error: "formId is required and must be a positive integer" }, { status: 400 });
+      }
+      const data = body.data;
+      if (!data || typeof data !== "object" || Array.isArray(data)) {
+        return json({ error: "data is required and must be an object" }, { status: 400 });
+      }
+      const formRepo = dataSource.getRepository(entityMap.forms);
+      const form = await formRepo.findOne({
+        where: { id: formId, published: true, deleted: false },
+        relations: ["fields"]
+      });
+      if (!form) {
+        return json({ error: "Form not found" }, { status: 404 });
+      }
+      const fields = form.fields ?? [];
+      const activeFields = fields.filter((f) => !f.deleted);
+      let contactId = body.contactId != null && body.contactId !== "" ? typeof body.contactId === "number" ? body.contactId : Number(body.contactId) : null;
+      if (!contactId) {
+        const contactData = pickContactFromSubmission(activeFields, data);
+        if (contactData) {
+          const contactRepo = dataSource.getRepository(entityMap.contacts);
+          let contact = await contactRepo.findOne({ where: { email: contactData.email } });
+          if (!contact) {
+            contact = await contactRepo.save(
+              contactRepo.create({
+                name: contactData.name,
+                email: contactData.email,
+                phone: contactData.phone
+              })
+            );
+          }
+          contactId = contact.id;
+        }
+      }
+      const ipAddress = req.headers.get("x-forwarded-for") ?? req.headers.get("x-real-ip") ?? null;
+      const userAgent = req.headers.get("user-agent") ?? null;
+      const submissionRepo = dataSource.getRepository(entityMap.form_submissions);
+      const created = await submissionRepo.save(
+        submissionRepo.create({
+          formId,
+          contactId: Number.isInteger(contactId) ? contactId : null,
+          data,
+          ipAddress: ipAddress?.slice(0, 255) ?? null,
+          userAgent: userAgent?.slice(0, 500) ?? null
+        })
+      );
+      return json(created, { status: 201 });
+    } catch {
+      return json({ error: "Server Error" }, { status: 500 });
+    }
+  };
+}
+function createUsersApiHandlers(config) {
+  const { dataSource, entityMap, json, requireAuth, baseUrl } = config;
+  const userRepo = () => dataSource.getRepository(entityMap.users);
+  return {
+    async list(req) {
+      const authErr = await requireAuth(req);
+      if (authErr) return authErr;
+      try {
+        const url = new URL(req.url);
+        const page = Math.max(1, parseInt(url.searchParams.get("page") || "1", 10));
+        const limit = Math.min(100, parseInt(url.searchParams.get("limit") || "10", 10));
+        const skip = (page - 1) * limit;
+        const sortField = url.searchParams.get("sortField") || "createdAt";
+        const sortOrder = url.searchParams.get("sortOrder") === "desc" ? "DESC" : "ASC";
+        const search = url.searchParams.get("search");
+        const where = search ? [{ name: ILike2(`%${search}%`) }, { email: ILike2(`%${search}%`) }] : {};
+        const [data, total] = await userRepo().findAndCount({
+          skip,
+          take: limit,
+          order: { [sortField]: sortOrder },
+          where,
+          relations: ["group"],
+          select: ["id", "name", "email", "blocked", "createdAt", "updatedAt", "groupId"]
+        });
+        return json({ total, page, limit, totalPages: Math.ceil(total / limit), data });
+      } catch {
+        return json({ error: "Server Error" }, { status: 500 });
+      }
+    },
+    async create(req) {
+      const authErr = await requireAuth(req);
+      if (authErr) return authErr;
+      try {
+        const body = await req.json();
+        if (!body?.name || !body?.email) return json({ error: "Name and email are required" }, { status: 400 });
+        const existing = await userRepo().findOne({ where: { email: body.email } });
+        if (existing) return json({ error: "User with this email already exists" }, { status: 400 });
+        const newUser = await userRepo().save(
+          userRepo().create({ name: body.name, email: body.email, password: null, blocked: true, groupId: body.groupId ?? null })
+        );
+        const emailToken = Buffer.from(newUser.email).toString("base64");
+        const inviteLink = `${baseUrl}/admin/invite?token=${emailToken}`;
+        return json({ message: "User created successfully (blocked until password is set)", user: newUser, inviteLink }, { status: 201 });
+      } catch {
+        return json({ error: "Server Error" }, { status: 500 });
+      }
+    },
+    async getById(_req, id) {
+      const authErr = await requireAuth(new Request(_req.url));
+      if (authErr) return authErr;
+      try {
+        const user = await userRepo().findOne({
+          where: { id: parseInt(id, 10) },
+          relations: ["group"],
+          select: ["id", "name", "email", "blocked", "createdAt", "updatedAt", "groupId"]
+        });
+        if (!user) return json({ error: "User not found" }, { status: 404 });
+        return json(user);
+      } catch {
+        return json({ error: "Server Error" }, { status: 500 });
+      }
+    },
+    async update(req, id) {
+      const authErr = await requireAuth(req);
+      if (authErr) return authErr;
+      try {
+        const body = await req.json();
+        const { password: _p, ...safe } = body;
+        await userRepo().update(parseInt(id, 10), safe);
+        const updated = await userRepo().findOne({
+          where: { id: parseInt(id, 10) },
+          relations: ["group"],
+          select: ["id", "name", "email", "blocked", "createdAt", "updatedAt", "groupId"]
+        });
+        return updated ? json(updated) : json({ error: "Not found" }, { status: 404 });
+      } catch {
+        return json({ error: "Server Error" }, { status: 500 });
+      }
+    },
+    async delete(_req, id) {
+      const authErr = await requireAuth(new Request(_req.url));
+      if (authErr) return authErr;
+      try {
+        const r = await userRepo().delete(parseInt(id, 10));
+        if (r.affected === 0) return json({ error: "User not found" }, { status: 404 });
+        return json({ message: "User deleted successfully" });
+      } catch {
+        return json({ error: "Server Error" }, { status: 500 });
+      }
+    },
+    async regenerateInvite(_req, id) {
+      const authErr = await requireAuth(new Request(_req.url));
+      if (authErr) return authErr;
+      try {
+        const user = await userRepo().findOne({ where: { id: parseInt(id, 10) }, select: ["email"] });
+        if (!user) return json({ error: "User not found" }, { status: 404 });
+        const emailToken = Buffer.from(user.email).toString("base64");
+        const inviteLink = `${baseUrl}/admin/invite?token=${emailToken}`;
+        return json({ message: "New invite link generated successfully", inviteLink });
+      } catch {
+        return json({ error: "Server Error" }, { status: 500 });
+      }
+    }
+  };
+}
+function createUserAvatarHandler(config) {
+  const { json, getSession, saveAvatar } = config;
+  return async function POST(req) {
+    const session = await getSession();
+    if (!session?.user?.email) return json({ error: "Unauthorized" }, { status: 401 });
+    try {
+      const formData = await req.formData();
+      const file = formData.get("avatar");
+      if (!file) return json({ error: "No file uploaded" }, { status: 400 });
+      if (!file.type.startsWith("image/")) return json({ error: "File must be an image" }, { status: 400 });
+      if (file.size > 5 * 1024 * 1024) return json({ error: "File size must be less than 5MB" }, { status: 400 });
+      const buffer = Buffer.from(await file.arrayBuffer());
+      const ext = file.name.split(".").pop() || "jpg";
+      const fileName = `avatar_${session.user.email}_${Date.now()}.${ext}`;
+      const avatarUrl = saveAvatar ? await saveAvatar(buffer, fileName) : await (async () => {
+        const fs = await import("fs/promises");
+        const path = await import("path");
+        const dir = path.join(process.cwd(), "public", "uploads", "avatars");
+        await fs.mkdir(dir, { recursive: true });
+        await fs.writeFile(path.join(dir, fileName), buffer);
+        return `/uploads/avatars/${fileName}`;
+      })();
+      return json({ message: "Avatar uploaded successfully", avatarUrl });
+    } catch {
+      return json({ error: "Internal server error" }, { status: 500 });
+    }
+  };
+}
+function createUserProfileHandler(config) {
+  const { dataSource, entityMap, json, getSession } = config;
+  return async function PUT(req) {
+    const session = await getSession();
+    if (!session?.user?.email) return json({ error: "Unauthorized" }, { status: 401 });
+    try {
+      const body = await req.json();
+      if (!body?.name) return json({ error: "Name is required" }, { status: 400 });
+      const userRepo = dataSource.getRepository(entityMap.users);
+      await userRepo.update({ email: session.user.email }, { name: body.name, updatedAt: /* @__PURE__ */ new Date() });
+      const updated = await userRepo.findOne({ where: { email: session.user.email }, select: ["id", "name", "email"] });
+      if (!updated) return json({ error: "Not found" }, { status: 404 });
+      return json({ message: "Profile updated successfully", user: { id: updated.id, name: updated.name, email: updated.email } });
+    } catch {
+      return json({ error: "Internal server error" }, { status: 500 });
+    }
+  };
+}
+function simpleEncrypt(text, key) {
+  const buf = Buffer.from(text, "utf8");
+  const keyBuf = Buffer.from(key.padEnd(32, "0").slice(0, 32), "utf8");
+  const out = Buffer.alloc(buf.length);
+  for (let i = 0; i < buf.length; i++) out[i] = buf[i] ^ keyBuf[i % keyBuf.length];
+  return out.toString("base64");
+}
+function simpleDecrypt(encoded, key) {
+  const buf = Buffer.from(encoded, "base64");
+  const keyBuf = Buffer.from(key.padEnd(32, "0").slice(0, 32), "utf8");
+  const out = Buffer.alloc(buf.length);
+  for (let i = 0; i < buf.length; i++) out[i] = buf[i] ^ keyBuf[i % keyBuf.length];
+  return out.toString("utf8");
+}
+function createSettingsApiHandlers(config) {
+  const { dataSource, entityMap, json, requireAuth, encryptionKey, publicGetGroups } = config;
+  const configRepo = () => dataSource.getRepository(entityMap.configs);
+  return {
+    async GET(req, group) {
+      const isPublicGroup = publicGetGroups?.includes(group);
+      const authErr = isPublicGroup ? null : await requireAuth(req);
+      const isAuthed = !authErr;
+      try {
+        const where = { settings: group, deleted: false };
+        if (!isAuthed && !isPublicGroup) where.type = "public";
+        const rows = await configRepo().find({ where });
+        const result = {};
+        for (const row of rows) {
+          const r = row;
+          let val = r.value;
+          if (r.encrypted && encryptionKey) {
+            try {
+              val = simpleDecrypt(val, encryptionKey);
+            } catch {
+            }
+          }
+          result[r.key] = val;
+        }
+        return json(result);
+      } catch {
+        return json({ error: "Failed to fetch settings" }, { status: 500 });
+      }
+    },
+    async PUT(req, group) {
+      const authErr = await requireAuth(req);
+      if (authErr) return authErr;
+      try {
+        const body = await req.json();
+        if (!body || typeof body !== "object") return json({ error: "Invalid payload" }, { status: 400 });
+        const repo = configRepo();
+        for (const [key, entry] of Object.entries(body)) {
+          const val = typeof entry === "string" ? entry : entry.value;
+          const type = typeof entry === "object" && entry.type || "private";
+          const encrypted = !!(typeof entry === "object" && entry.encrypted);
+          let storedValue = val;
+          if (encrypted && encryptionKey) {
+            storedValue = simpleEncrypt(val, encryptionKey);
+          }
+          const existing = await repo.findOne({ where: { settings: group, key } });
+          if (existing) {
+            await repo.update(existing.id, { value: storedValue, type, encrypted, updatedAt: /* @__PURE__ */ new Date() });
+          } else {
+            await repo.save(repo.create({ settings: group, key, value: storedValue, type, encrypted }));
+          }
+        }
+        return json({ message: "Settings saved" });
+      } catch {
+        return json({ error: "Failed to save settings" }, { status: 500 });
+      }
+    }
+  };
+}
+
+// src/api/cms-api-handler.ts
+var DEFAULT_EXCLUDE = /* @__PURE__ */ new Set(["users", "password_reset_tokens", "user_groups", "permissions", "comments", "form_fields", "configs"]);
+function createCmsApiHandler(config) {
+  const {
+    dataSource,
+    entityMap,
+    pathToModel = (s) => s,
+    crudResources = Object.keys(entityMap).filter((k) => !DEFAULT_EXCLUDE.has(k)),
+    getCms,
+    userAuth: userAuthConfig,
+    dashboard,
+    analytics: analyticsConfig,
+    upload,
+    blogBySlug,
+    formBySlug,
+    formSave: formSaveConfig,
+    formSubmission: formSubmissionConfig,
+    formSubmissionGetById: formSubmissionGetByIdConfig,
+    usersApi,
+    userAvatar,
+    userProfile,
+    settings: settingsConfig
+  } = config;
+  const analytics = analyticsConfig ?? (getCms ? {
+    json: config.json,
+    requireAuth: async () => null,
+    getAnalyticsData: async (days) => {
+      const cms = await getCms();
+      const a = cms.getPlugin("analytics");
+      if (!a?.getAnalyticsData) throw new Error("Analytics not configured");
+      return a.getAnalyticsData(days);
+    },
+    getPropertyId: () => ({ currentViewId: process.env.GOOGLE_ANALYTICS_VIEW_ID }),
+    getPermissions: () => ({
+      serviceAccountEmail: process.env.GOOGLE_ANALYTICS_CLIENT_EMAIL,
+      currentViewId: process.env.GOOGLE_ANALYTICS_VIEW_ID
+    })
+  } : void 0);
+  const userAuth = userAuthConfig && getCms && userAuthConfig.sendEmail === void 0 ? {
+    ...userAuthConfig,
+    sendEmail: async (opts) => {
+      const cms = await getCms();
+      const email = cms.getPlugin("email");
+      if (!email?.send) return;
+      const { emailTemplates: emailTemplates2 } = await Promise.resolve().then(() => (init_email_service(), email_service_exports));
+      const { subject, html, text } = emailTemplates2.passwordReset({ resetLink: opts.text || opts.html });
+      await email.send({ subject, html, text, to: opts.to });
+    }
+  } : userAuthConfig;
+  const crudOpts = { requireAuth: config.requireAuth, json: config.json };
+  const crud = createCrudHandler(dataSource, entityMap, crudOpts);
+  const crudById = createCrudByIdHandler(dataSource, entityMap, crudOpts);
+  const userAuthRouter = userAuth ? createUserAuthApiRouter(userAuth) : null;
+  const dashboardGet = dashboard ? createDashboardStatsHandler(dashboard) : null;
+  const analyticsHandlers = analytics ? createAnalyticsHandlers(analytics) : null;
+  const uploadPost = upload ? createUploadHandler(upload) : null;
+  const blogBySlugGet = blogBySlug ? createBlogBySlugHandler(blogBySlug) : null;
+  const formBySlugGet = formBySlug ? createFormBySlugHandler(formBySlug) : null;
+  const formSaveHandlers = formSaveConfig ? createFormSaveHandlers(formSaveConfig) : null;
+  const formSubmissionPost = formSubmissionConfig ? createFormSubmissionHandler(formSubmissionConfig) : null;
+  const formSubmissionGetById = formSubmissionGetByIdConfig ? createFormSubmissionGetByIdHandler(formSubmissionGetByIdConfig) : null;
+  const formSubmissionList = formSubmissionGetByIdConfig ? createFormSubmissionListHandler(formSubmissionGetByIdConfig) : null;
+  const usersHandlers = usersApi ? createUsersApiHandlers(usersApi) : null;
+  const avatarPost = userAvatar ? createUserAvatarHandler(userAvatar) : null;
+  const profilePut = userProfile ? createUserProfileHandler(userProfile) : null;
+  const settingsHandlers = settingsConfig ? createSettingsApiHandlers(settingsConfig) : null;
+  function resolveResource(segment) {
+    const model = pathToModel(segment);
+    return crudResources.includes(model) ? model : segment;
+  }
+  return {
+    async handle(method, path, req) {
+      if (path[0] === "dashboard" && path[1] === "stats" && path.length === 2 && method === "GET" && dashboardGet) {
+        return dashboardGet(req);
+      }
+      if (path[0] === "analytics" && analyticsHandlers) {
+        if (path.length === 1 && method === "GET") return analyticsHandlers.GET(req);
+        if (path.length === 2 && path[1] === "property-id" && method === "GET") return analyticsHandlers.propertyId();
+        if (path.length === 2 && path[1] === "permissions" && method === "GET") return analyticsHandlers.permissions();
+      }
+      if (path[0] === "upload" && path.length === 1 && method === "POST" && uploadPost) return uploadPost(req);
+      if (path[0] === "blogs" && path[1] === "slug" && path.length === 3 && method === "GET" && blogBySlugGet) {
+        return blogBySlugGet(req, path[2]);
+      }
+      if (path[0] === "forms" && path[1] === "slug" && path.length === 3 && method === "GET" && formBySlugGet) {
+        return formBySlugGet(req, path[2]);
+      }
+      if (path[0] === "form-submissions") {
+        if (path.length === 1) {
+          if (method === "GET" && formSubmissionList) return formSubmissionList(req);
+          if (method === "POST" && formSubmissionPost) return formSubmissionPost(req);
+        }
+        if (path.length === 2 && method === "GET" && formSubmissionGetById) return formSubmissionGetById(req, path[1]);
+      }
+      if (path[0] === "forms" && formSaveHandlers) {
+        if (path.length === 1 && method === "POST") return formSaveHandlers.POST(req);
+        if (path.length === 2) {
+          if (method === "GET") return formSaveHandlers.GET(req, path[1]);
+          if (method === "PUT" || method === "PATCH") return formSaveHandlers.PUT(req, path[1]);
+        }
+      }
+      if (path[0] === "users" && usersHandlers) {
+        if (path.length === 1) {
+          if (method === "GET") return usersHandlers.list(req);
+          if (method === "POST") return usersHandlers.create(req);
+        }
+        if (path.length === 2) {
+          if (path[1] === "avatar" && method === "POST" && avatarPost) return avatarPost(req);
+          if (path[1] === "profile" && method === "PUT" && profilePut) return profilePut(req);
+          const id = path[1];
+          if (method === "GET") return usersHandlers.getById(req, id);
+          if (method === "PUT" || method === "PATCH") return usersHandlers.update(req, id);
+          if (method === "DELETE") return usersHandlers.delete(req, id);
+        }
+        if (path.length === 3 && path[2] === "regenerate-invite" && method === "POST") {
+          return usersHandlers.regenerateInvite(req, path[1]);
+        }
+      }
+      if (path[0] === "users" && path.length === 2 && userAuthRouter && method === "POST") {
+        return userAuthRouter.POST(req, path[1]);
+      }
+      if (path[0] === "settings" && path.length === 2 && settingsHandlers) {
+        if (method === "GET") return settingsHandlers.GET(req, path[1]);
+        if (method === "PUT") return settingsHandlers.PUT(req, path[1]);
+      }
+      if (path.length === 0) return config.json({ error: "Not found" }, { status: 404 });
+      const resource = resolveResource(path[0]);
+      if (!crudResources.includes(resource)) return config.json({ error: "Invalid resource" }, { status: 400 });
+      if (path.length === 1) {
+        if (method === "GET") return crud.GET(req, resource);
+        if (method === "POST") return crud.POST(req, resource);
+        return config.json({ error: "Method not allowed" }, { status: 405 });
+      }
+      if (path.length === 2) {
+        const id = path[1];
+        if (method === "GET") return crudById.GET(req, resource, id);
+        if (method === "PUT" || method === "PATCH") return crudById.PUT(req, resource, id);
+        if (method === "DELETE") return crudById.DELETE(req, resource, id);
+        return config.json({ error: "Method not allowed" }, { status: 405 });
+      }
+      return config.json({ error: "Not found" }, { status: 404 });
+    }
+  };
+}
+export {
+  createAnalyticsHandlers,
+  createBlogBySlugHandler,
+  createChangePasswordHandler,
+  createCmsApiHandler,
+  createCrudByIdHandler,
+  createCrudHandler,
+  createDashboardStatsHandler,
+  createForgotPasswordHandler,
+  createFormBySlugHandler,
+  createInviteAcceptHandler,
+  createSetPasswordHandler,
+  createSettingsApiHandlers,
+  createUploadHandler,
+  createUserAuthApiRouter,
+  createUserAvatarHandler,
+  createUserProfileHandler,
+  createUsersApiHandlers
+};
+//# sourceMappingURL=api.js.map