@iskra-bun/web-kit 0.1.0

package/dist/index.js

@@ -0,0 +1,2824 @@
+import {
+  BaseStorageAdapter
+} from "./chunk-POXNRNTC.js";
+
+// src/kernel.ts
+import { Hono } from "hono";
+import { HTTPException } from "hono/http-exception";
+var Kernel = class {
+  app;
+  config;
+  features = /* @__PURE__ */ new Map();
+  initialized = false;
+  constructor(config = {}) {
+    this.config = {
+      port: 8e3,
+      hostname: "localhost",
+      ...config
+    };
+    this.app = new Hono();
+    this.app.onError((err, c) => {
+      if (err instanceof HTTPException) {
+        return c.json(
+          { message: err.message },
+          err.status
+        );
+      }
+      console.error("Unhandled error:", err);
+      return c.json(
+        { message: "Internal Server Error" },
+        500
+      );
+    });
+  }
+  async initialize() {
+    if (this.initialized) {
+      throw new Error("Kernel already initialized");
+    }
+    console.log("\u{1F680} Initializing Web-Kit Kernel...");
+    this.validateFeatureDependencies();
+    await this.validatePeerDependencies();
+    this.applySecurityHeaders();
+    const orderedFeatures = this.sortFeaturesByDependencies();
+    for (const feature of orderedFeatures) {
+      await this.initializeFeature(feature);
+    }
+    this.initialized = true;
+    console.log("\u2705 Web-Kit Kernel initialized");
+  }
+  applySecurityHeaders() {
+    if (!this.config.securityHeaders) {
+      this.config.securityHeaders = {
+        xFrameOptions: "SAMEORIGIN",
+        xContentTypeOptions: true,
+        xXssProtection: true,
+        referrerPolicy: "strict-origin-when-cross-origin"
+      };
+    }
+    const headers = this.config.securityHeaders;
+    this.app.use("*", async (c, next) => {
+      await next();
+      if (headers.xFrameOptions) {
+        c.res.headers.set("X-Frame-Options", headers.xFrameOptions);
+      }
+      if (headers.xContentTypeOptions) {
+        c.res.headers.set("X-Content-Type-Options", "nosniff");
+      }
+      if (headers.xXssProtection) {
+        c.res.headers.set("X-XSS-Protection", "1; mode=block");
+      }
+      if (headers.referrerPolicy) {
+        c.res.headers.set("Referrer-Policy", headers.referrerPolicy);
+      }
+      if (headers.strictTransportSecurity) {
+        const hsts = headers.strictTransportSecurity;
+        let hstsValue = `max-age=${hsts.maxAge || 31536e3}`;
+        if (hsts.includeSubDomains) hstsValue += "; includeSubDomains";
+        if (hsts.preload) hstsValue += "; preload";
+        c.res.headers.set("Strict-Transport-Security", hstsValue);
+      }
+      if (headers.contentSecurityPolicy) {
+        if (typeof headers.contentSecurityPolicy === "string") {
+          c.res.headers.set(
+            "Content-Security-Policy",
+            headers.contentSecurityPolicy
+          );
+        } else if (headers.contentSecurityPolicy.directives) {
+          const directives = Object.entries(
+            headers.contentSecurityPolicy.directives
+          ).map(([key, value]) => {
+            const values = Array.isArray(value) ? value.join(" ") : value;
+            return `${key} ${values}`;
+          }).join("; ");
+          c.res.headers.set("Content-Security-Policy", directives);
+        }
+      }
+      if (headers.permissionsPolicy) {
+        const policy = Object.entries(headers.permissionsPolicy).map(([key, value]) => `${key}=(${value.join(" ")})`).join(", ");
+        c.res.headers.set("Permissions-Policy", policy);
+      }
+    });
+  }
+  registerFeature(feature) {
+    if (this.initialized) {
+      throw new Error("Cannot register features after initialization");
+    }
+    if (feature.peerDependencies) {
+      for (const dep of feature.peerDependencies) {
+        try {
+          import(dep);
+        } catch {
+          console.warn(
+            `\u26A0\uFE0F  Warning: Feature '${feature.name}' requires peer dependency: ${dep}`
+          );
+        }
+      }
+    }
+    this.features.set(feature.name, feature);
+    console.log(`\u{1F4E6} Registered feature: ${feature.name}`);
+  }
+  validateFeatureDependencies() {
+    for (const [name, feature] of this.features) {
+      if (feature.dependencies) {
+        for (const dep of feature.dependencies) {
+          if (!this.features.has(dep)) {
+            throw new Error(
+              `Feature '${name}' requires feature '${dep}' which is not registered`
+            );
+          }
+        }
+      }
+    }
+  }
+  async validatePeerDependencies() {
+    for (const [featureName, feature] of this.features) {
+      if (feature.peerDependencies) {
+        for (const dep of feature.peerDependencies) {
+        }
+      }
+    }
+  }
+  sortFeaturesByDependencies() {
+    const sorted = [];
+    const visited = /* @__PURE__ */ new Set();
+    const visiting = /* @__PURE__ */ new Set();
+    const visit = (name) => {
+      if (visited.has(name)) return;
+      if (visiting.has(name)) {
+        throw new Error(`Circular dependency detected for feature: ${name}`);
+      }
+      visiting.add(name);
+      const feature = this.features.get(name);
+      if (feature.dependencies) {
+        for (const dep of feature.dependencies) {
+          visit(dep);
+        }
+      }
+      visiting.delete(name);
+      visited.add(name);
+      sorted.push(feature);
+    };
+    for (const name of this.features.keys()) {
+      visit(name);
+    }
+    return sorted;
+  }
+  async initializeFeature(feature) {
+    console.log(`\u2699\uFE0F  Initializing feature: ${feature.name}`);
+    await feature.initialize(this);
+    if (feature.routes) {
+      feature.routes(this.app);
+    }
+  }
+  getApp() {
+    return this.app;
+  }
+  getFeature(name) {
+    return this.features.get(name);
+  }
+  server;
+  async start() {
+    if (!this.initialized) {
+      await this.initialize();
+    }
+    console.log(
+      `\u{1F310} Server running at http://${this.config.hostname}:${this.config.port}`
+    );
+    if (typeof Bun !== "undefined") {
+      this.server = Bun.serve({
+        port: this.config.port,
+        hostname: this.config.hostname,
+        fetch: this.app.fetch
+      });
+    } else {
+      console.warn("Not running in Bun, start() might strictly need an adapter.");
+    }
+  }
+  async shutdown() {
+    console.log("\u{1F6D1} Shutting down...");
+    if (this.server) {
+      this.server.stop();
+      this.server = null;
+    }
+    const features = Array.from(this.features.values()).reverse();
+    for (const feature of features) {
+      if (feature.shutdown) {
+        await feature.shutdown();
+      }
+    }
+    console.log("\u{1F44B} Server shut down gracefully");
+  }
+};
+
+// src/driver.ts
+var WebPlugin = class {
+  name = "WebPlugin";
+  app = null;
+  kernel;
+  runningServer;
+  router;
+  constructor(config = {}) {
+    const { router, features, ...kernelConfig } = config;
+    this.kernel = new Kernel(kernelConfig);
+    this.router = router;
+    if (features) {
+      for (const feature of features) {
+        this.kernel.registerFeature(feature);
+      }
+    }
+  }
+  async init(app) {
+    this.app = app;
+    await this.kernel.initialize();
+    if (this.router) {
+      this.kernel.getApp().route("/", this.router);
+    }
+  }
+  getHonoApp() {
+    return this.kernel.getApp();
+  }
+  async start() {
+    this.app?.logger.info(`Starting WebPlugin...`);
+    await this.kernel.start();
+    this.runningServer = true;
+  }
+  async stop() {
+    await this.kernel.shutdown();
+    this.app?.logger.info("WebPlugin stopped");
+  }
+};
+
+// src/server.ts
+import { OpenAPIHono, createRoute } from "@hono/zod-openapi";
+import { z } from "zod";
+var WebDriver = class {
+  name = "WebDriver";
+  app = null;
+  server;
+  options;
+  runningServer;
+  constructor(options = {}) {
+    this.options = options;
+    this.server = new OpenAPIHono();
+  }
+  init(app) {
+    this.app = app;
+    this.setupRoutes();
+    this.setupOpenApi();
+  }
+  setupOpenApi() {
+    if (this.options.openApi) {
+      this.server.doc(this.options.openApi.path, {
+        openapi: "3.0.0",
+        info: {
+          version: this.options.openApi.version,
+          title: this.options.openApi.title
+        }
+      });
+    }
+  }
+  setupRoutes() {
+    if (!this.options.routes) return;
+    for (const route of this.options.routes) {
+      const routeConfig = {
+        method: route.method.toLowerCase(),
+        path: route.path,
+        tags: route.doc?.tags,
+        summary: route.doc?.summary,
+        description: route.doc?.description,
+        request: {},
+        responses: {
+          200: {
+            description: "Successful response",
+            content: {
+              "application/json": {
+                schema: z.any()
+                // We don't enforce response schema yet
+              }
+            }
+          },
+          500: {
+            description: "Internal Server Error"
+          }
+        }
+      };
+      if (route.schema?.body) {
+        routeConfig.request.body = {
+          content: {
+            "application/json": {
+              schema: route.schema.body
+            }
+          }
+        };
+      }
+      if (route.schema?.query) {
+        routeConfig.request.query = route.schema.query;
+      }
+      if (route.schema?.params) {
+        routeConfig.request.params = route.schema.params;
+      }
+      const openApiRoute = createRoute(routeConfig);
+      this.server.openapi(openApiRoute, async (c) => {
+        if (!this.app) throw new Error("App not initialized");
+        const webCtx = {
+          raw: c,
+          // Hono/zod-openapi puts validated data in c.req.valid('json') etc similar to validator middleware
+          body: route.schema?.body ? c.req.valid("json") : void 0,
+          query: route.schema?.query ? c.req.valid("query") : void 0,
+          params: c.req.param(),
+          app: this.app
+        };
+        try {
+          const result = await route.handler(webCtx);
+          if (result instanceof Response) return result;
+          return c.json(result);
+        } catch (err) {
+          this.app.logger.error(err);
+          return c.json({ error: err.message }, 500);
+        }
+      });
+    }
+  }
+  start() {
+    const port = this.options.port || 3e3;
+    this.app?.logger.info(`Starting WebServer on port ${port}...`);
+    this.runningServer = Bun.serve({
+      fetch: this.server.fetch,
+      port
+    });
+  }
+  stop() {
+    if (this.runningServer) {
+      this.runningServer.stop();
+    }
+    this.app?.logger.info("WebServer stopped");
+  }
+};
+
+// src/router.ts
+var createRouter = (routes) => routes;
+
+// src/features/cors.ts
+import { cors } from "hono/cors";
+var CorsFeature = class {
+  constructor(config = {}) {
+    this.config = config;
+    if (!this.config.origin) {
+      this.config.origin = "*";
+    }
+    if (this.config.credentials === void 0) {
+      this.config.credentials = false;
+    }
+  }
+  config;
+  name = "cors";
+  async initialize(kernel) {
+    const app = kernel.getApp();
+    const honoConfig = { ...this.config };
+    if (typeof this.config.origin === "function") {
+      honoConfig.origin = (origin) => {
+        const result = this.config.origin(origin);
+        return result ? origin : null;
+      };
+    }
+    app.use("*", cors(honoConfig));
+    console.log("\u2705 CORS feature initialized");
+  }
+};
+
+// src/features/error-handler.ts
+import { HTTPException as HTTPException3 } from "hono/http-exception";
+import { IskraError as IskraError2 } from "@iskra-bun/core";
+
+// src/errors.ts
+import { IskraError, ErrorCodes } from "@iskra-bun/core";
+import { HTTPException as HTTPException2 } from "hono/http-exception";
+var HttpError = class extends IskraError {
+  status;
+  constructor(status, message, options) {
+    super(message, { code: options?.code ?? ErrorCodes.INTERNAL_ERROR, cause: options?.cause, context: options?.context });
+    this.name = "HttpError";
+    this.status = status;
+  }
+  toHTTPException() {
+    return new HTTPException2(this.status, { message: this.message, cause: this });
+  }
+};
+var ValidationError = class extends HttpError {
+  details;
+  constructor(message, details, options) {
+    super(400, message, { code: ErrorCodes.VALIDATION_ERROR, ...options });
+    this.name = "ValidationError";
+    this.details = details;
+  }
+};
+var AuthError = class extends HttpError {
+  constructor(message = "Unauthorized", options) {
+    super(401, message, { code: ErrorCodes.UNAUTHORIZED, ...options });
+    this.name = "AuthError";
+  }
+};
+var ForbiddenError = class extends HttpError {
+  constructor(message = "Forbidden", options) {
+    super(403, message, { code: ErrorCodes.FORBIDDEN, ...options });
+    this.name = "ForbiddenError";
+  }
+};
+var NotFoundError = class extends HttpError {
+  constructor(message = "Not Found", options) {
+    super(404, message, { code: ErrorCodes.NOT_FOUND, ...options });
+    this.name = "NotFoundError";
+  }
+};
+var ConflictError = class extends HttpError {
+  constructor(message = "Conflict", options) {
+    super(409, message, { code: ErrorCodes.CONFLICT, ...options });
+    this.name = "ConflictError";
+  }
+};
+
+// src/features/error-handler.ts
+var ErrorHandlerFeature = class {
+  name = "error-handler";
+  config;
+  constructor(config = {}) {
+    this.config = {
+      includeStack: config.includeStack !== void 0 ? config.includeStack : process.env.NODE_ENV === "development",
+      customHandlers: config.customHandlers,
+      logger: config.logger
+    };
+  }
+  async initialize(kernel) {
+    const app = kernel.getApp();
+    app.onError((err, c) => {
+      return this.handleError(err, c);
+    });
+    console.log("\u2705 Error handler feature initialized");
+  }
+  handleError(err, c) {
+    if (this.config.logger) {
+      this.config.logger(err, c);
+    } else {
+      console.error("Error:", err);
+    }
+    if (err instanceof HttpError) {
+      const status2 = err.status;
+      if (this.config.customHandlers?.[status2]) {
+        return this.config.customHandlers[status2](err, c);
+      }
+      const response2 = {
+        error: err.message,
+        status: status2,
+        code: err.code
+      };
+      if (Object.keys(err.context).length > 0) {
+        response2.context = err.context;
+      }
+      if (this.config.includeStack && err.stack) {
+        response2.stack = err.stack;
+      }
+      const requestId2 = c.get("requestId");
+      if (requestId2) response2.requestId = requestId2;
+      return c.json(response2, status2);
+    }
+    if (err instanceof IskraError2) {
+      const status2 = 500;
+      if (this.config.customHandlers?.[status2]) {
+        return this.config.customHandlers[status2](err, c);
+      }
+      const response2 = {
+        error: this.config.includeStack ? err.message : "Internal Server Error",
+        status: status2,
+        code: err.code
+      };
+      if (this.config.includeStack && err.stack) {
+        response2.stack = err.stack;
+      }
+      const requestId2 = c.get("requestId");
+      if (requestId2) response2.requestId = requestId2;
+      return c.json(response2, status2);
+    }
+    if (err instanceof HTTPException3) {
+      const status2 = err.status;
+      if (this.config.customHandlers?.[status2]) {
+        return this.config.customHandlers[status2](err, c);
+      }
+      const response2 = {
+        error: err.message || this.getStatusText(status2),
+        status: status2
+      };
+      if (this.config.includeStack && err.stack) {
+        response2.stack = err.stack;
+      }
+      return c.json(response2, status2);
+    }
+    const status = 500;
+    if (this.config.customHandlers?.[status]) {
+      return this.config.customHandlers[status](err, c);
+    }
+    const response = {
+      error: this.config.includeStack ? err.message : "Internal Server Error",
+      status
+    };
+    if (this.config.includeStack && err.stack) {
+      response.stack = err.stack;
+    }
+    const requestId = c.get("requestId");
+    if (requestId) {
+      response.requestId = requestId;
+    }
+    return c.json(response, status);
+  }
+  getStatusText(status) {
+    const statusTexts = {
+      400: "Bad Request",
+      401: "Unauthorized",
+      403: "Forbidden",
+      404: "Not Found",
+      500: "Internal Server Error"
+    };
+    return statusTexts[status] || "Error";
+  }
+};
+function createHttpError(status, message) {
+  return new HTTPException3(status, { message });
+}
+
+// src/features/health.ts
+var HealthCheckFeature = class {
+  name = "health";
+  kernel;
+  config;
+  constructor(config = {}) {
+    this.config = {
+      path: config.path || "/health",
+      readinessPath: config.readinessPath || "/health/ready",
+      livenessPath: config.livenessPath || "/health/live",
+      includeDetails: config.includeDetails !== void 0 ? config.includeDetails : true,
+      checks: config.checks
+    };
+  }
+  async initialize(kernel) {
+    this.kernel = kernel;
+    const app = kernel.getApp();
+    app.get(this.config.path, async (c) => await this.handleHealthCheck(c));
+    app.get(this.config.readinessPath, async (c) => await this.handleReadinessCheck(c));
+    app.get(this.config.livenessPath, async (c) => await this.handleLivenessCheck(c));
+    console.log("\u2705 Health check feature initialized");
+  }
+  async handleHealthCheck(c) {
+    const response = {
+      status: "ok",
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    if (this.config.includeDetails && this.kernel) {
+      response.features = Array.from(this.kernel.features.keys());
+      const featureHealth = {};
+      const dbFeature = this.kernel.getFeature("db");
+      if (dbFeature) await this.checkFeatureHealth(c, dbFeature, featureHealth, "db", "query", "SELECT 1");
+      const cacheFeature = this.kernel.getFeature("cache");
+      if (cacheFeature) await this.checkFeatureHealth(c, cacheFeature, featureHealth, "cache", "exists", "__health_check__");
+      if (Object.keys(featureHealth).length > 0) {
+        response.checks = featureHealth;
+      }
+      if (this.config.checks) {
+        const customChecks = {};
+        for (const [name, check] of Object.entries(this.config.checks)) {
+          try {
+            customChecks[name] = await check(c);
+          } catch (error) {
+            customChecks[name] = { status: "error", error: String(error) };
+          }
+        }
+        response.customChecks = customChecks;
+      }
+    }
+    return c.json(response);
+  }
+  async checkFeatureHealth(c, feature, report, key, method, ...args) {
+    try {
+      const instance = c.get(key);
+      if (instance && typeof instance[method] === "function") {
+        await instance[method](...args);
+        report[key] = { status: "ok" };
+      }
+    } catch (e) {
+      report[key] = { status: "error", error: String(e) };
+    }
+  }
+  async handleReadinessCheck(c) {
+    return c.json({ status: "ready" });
+  }
+  async handleLivenessCheck(c) {
+    return c.json({
+      status: "alive",
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      uptime: process.uptime()
+    });
+  }
+};
+
+// src/features/logger.ts
+var SimpleLogger = class {
+  constructor(config) {
+    this.config = config;
+  }
+  config;
+  info(message, ...args) {
+    if (this.shouldLog("info")) console.log(`[INFO] ${message}`, ...args);
+  }
+  error(message, ...args) {
+    if (this.shouldLog("error")) console.error(`[ERROR] ${message}`, ...args);
+  }
+  warn(message, ...args) {
+    if (this.shouldLog("warn")) console.warn(`[WARN] ${message}`, ...args);
+  }
+  debug(message, ...args) {
+    if (this.shouldLog("debug")) console.debug(`[DEBUG] ${message}`, ...args);
+  }
+  shouldLog(level) {
+    return true;
+  }
+};
+var LoggerFeature = class {
+  name = "logger";
+  config;
+  logger;
+  constructor(config = {}) {
+    this.config = config;
+    this.logger = new SimpleLogger(config);
+  }
+  async initialize(kernel) {
+    const app = kernel.getApp();
+    app.use("*", async (c, next) => {
+      c.set("logger", this.logger);
+      await next();
+    });
+    if (this.config.logRequests) {
+      app.use("*", async (c, next) => {
+        const start = Date.now();
+        const requestId = c.get("requestId");
+        this.logger.info(`Incoming request ${c.req.method} ${c.req.path}`, { requestId });
+        await next();
+        const duration = Date.now() - start;
+        if (this.config.logResponses) {
+          this.logger.info(`Request completed ${c.res.status} ${duration}ms`, { requestId });
+        }
+      });
+    }
+    console.log("\u2705 Logger feature initialized");
+  }
+};
+
+// src/features/request-id.ts
+var RequestIdFeature = class {
+  name = "request-id";
+  config;
+  constructor(config = {}) {
+    this.config = {
+      headerName: config.headerName || "X-Request-ID",
+      generator: config.generator || this.defaultGenerator
+    };
+  }
+  async initialize(kernel) {
+    const app = kernel.getApp();
+    app.use("*", async (c, next) => {
+      let requestId = c.req.header(this.config.headerName);
+      if (!requestId) {
+        requestId = this.config.generator();
+      }
+      c.set("requestId", requestId);
+      await next();
+      c.res.headers.set(this.config.headerName, requestId);
+    });
+    console.log("\u2705 Request ID feature initialized");
+  }
+  defaultGenerator() {
+    return crypto.randomUUID();
+  }
+};
+
+// src/features/storage/adapters/local.ts
+import path from "path";
+import fs from "fs/promises";
+var LocalStorageAdapter = class extends BaseStorageAdapter {
+  basePath;
+  constructor(config) {
+    super();
+    this.basePath = config.basePath || "./storage";
+  }
+  async connect() {
+    await fs.mkdir(this.basePath, { recursive: true });
+    this.connected = true;
+    console.log(`\u2705 Local storage connected at: ${this.basePath}`);
+  }
+  async disconnect() {
+    this.connected = false;
+  }
+  async put(filePath, data, options) {
+    this.ensureConnected();
+    const sanitizedPath = this.sanitizePath(filePath);
+    const fullPath = path.join(this.basePath, sanitizedPath);
+    await fs.mkdir(path.dirname(fullPath), { recursive: true });
+    await fs.writeFile(fullPath, data);
+    const stat = await fs.stat(fullPath);
+    return {
+      name: path.basename(sanitizedPath),
+      path: sanitizedPath,
+      size: stat.size,
+      mimeType: options?.contentType || this.getMimeType(sanitizedPath),
+      lastModified: stat.mtime,
+      url: await this.url(sanitizedPath)
+    };
+  }
+  async get(filePath) {
+    this.ensureConnected();
+    const sanitizedPath = this.sanitizePath(filePath);
+    const fullPath = path.join(this.basePath, sanitizedPath);
+    try {
+      return await fs.readFile(fullPath);
+    } catch (error) {
+      if (error.code === "ENOENT") return null;
+      throw error;
+    }
+  }
+  async delete(filePath) {
+    this.ensureConnected();
+    const sanitizedPath = this.sanitizePath(filePath);
+    const fullPath = path.join(this.basePath, sanitizedPath);
+    try {
+      await fs.unlink(fullPath);
+    } catch (error) {
+      if (error.code !== "ENOENT") throw error;
+    }
+  }
+  async exists(filePath) {
+    this.ensureConnected();
+    const sanitizedPath = this.sanitizePath(filePath);
+    const fullPath = path.join(this.basePath, sanitizedPath);
+    try {
+      await fs.access(fullPath);
+      return true;
+    } catch {
+      return false;
+    }
+  }
+  async isDirectory(filePath) {
+    this.ensureConnected();
+    const sanitizedPath = this.sanitizePath(filePath);
+    const fullPath = path.join(this.basePath, sanitizedPath);
+    try {
+      const stat = await fs.stat(fullPath);
+      return stat.isDirectory();
+    } catch {
+      return false;
+    }
+  }
+  async list(prefix) {
+    this.ensureConnected();
+    const searchPath = prefix ? path.join(this.basePath, this.sanitizePath(prefix)) : this.basePath;
+    const files = [];
+    const walk = async (dir) => {
+      try {
+        const entries = await fs.readdir(dir, { withFileTypes: true });
+        for (const entry of entries) {
+          const fullPath = path.join(dir, entry.name);
+          if (entry.isDirectory()) {
+            await walk(fullPath);
+          } else {
+            const relativePath = path.relative(this.basePath, fullPath);
+            const stat = await fs.stat(fullPath);
+            files.push({
+              name: entry.name,
+              path: this.sanitizePath(relativePath),
+              size: stat.size,
+              mimeType: this.getMimeType(entry.name),
+              lastModified: stat.mtime,
+              url: await this.url(this.sanitizePath(relativePath))
+            });
+          }
+        }
+      } catch (e) {
+        if (e.code !== "ENOENT") throw e;
+      }
+    };
+    await walk(searchPath);
+    return files;
+  }
+  async url(filePath, _expiresIn) {
+    const sanitizedPath = this.sanitizePath(filePath);
+    return `/storage/${sanitizedPath}`;
+  }
+};
+
+// src/features/storage/index.ts
+var StorageFeature = class {
+  constructor(config) {
+    this.config = config;
+  }
+  config;
+  name = "storage";
+  adapter;
+  async initialize(kernel) {
+    if (this.config.adapter === "local") {
+      this.adapter = new LocalStorageAdapter(this.config);
+    } else if (this.config.adapter === "s3" || this.config.adapter === "minio") {
+      const { S3StorageAdapter } = await import("./s3-7IG4ESFW.js");
+      this.adapter = new S3StorageAdapter(this.config);
+    } else {
+      throw new Error(`Adapter ${this.config.adapter} not supported.`);
+    }
+    await this.adapter.connect();
+    const app = kernel.getApp();
+    app.use("*", async (c, next) => {
+      c.set("storage", this.adapter);
+      await next();
+    });
+    console.log(`\u2705 StorageFeature initialized - ${this.config.adapter}`);
+  }
+  async shutdown() {
+    if (this.adapter) {
+      await this.adapter.disconnect();
+    }
+  }
+  getAdapter() {
+    return this.adapter;
+  }
+};
+
+// src/features/db.ts
+import { drizzle } from "drizzle-orm/postgres-js";
+import { drizzle as drizzleMysql } from "drizzle-orm/mysql2";
+import { drizzle as drizzleBunSqlite } from "drizzle-orm/bun-sqlite";
+import postgres from "postgres";
+import mysql from "mysql2/promise";
+import { Database } from "bun:sqlite";
+var DbFeature = class {
+  constructor(config) {
+    this.config = config;
+    this.adapter = config.adapter;
+  }
+  config;
+  name = "db";
+  client;
+  db;
+  adapter;
+  async initialize(kernel) {
+    const config = this.config;
+    console.log(`\u2699\uFE0F Initializing DB driver: ${config.adapter}`);
+    try {
+      switch (config.adapter) {
+        case "postgres": {
+          if (!config.connection) throw new Error("Missing connection info");
+          const pgConfig = config.connection.connectionString ? config.connection.connectionString : {
+            host: config.connection.host || "localhost",
+            port: config.connection.port || 5432,
+            database: config.connection.database,
+            user: config.connection.user,
+            password: config.connection.password
+          };
+          this.client = postgres(pgConfig);
+          this.db = drizzle(this.client);
+          break;
+        }
+        case "mysql": {
+          if (!config.connection) throw new Error("Missing connection info");
+          const mysqlConfig = config.connection.connectionString ? config.connection.connectionString : {
+            host: config.connection.host || "localhost",
+            port: config.connection.port || 3306,
+            database: config.connection.database,
+            user: config.connection.user,
+            password: config.connection.password
+          };
+          this.client = await mysql.createConnection(mysqlConfig);
+          this.db = drizzleMysql(this.client);
+          break;
+        }
+        case "sqlite": {
+          const url = config.connection?.database || ":memory:";
+          this.client = new Database(url);
+          this.db = drizzleBunSqlite(this.client);
+          break;
+        }
+        default:
+          throw new Error(`Unsupported DB adapter: ${config.adapter}`);
+      }
+      console.log("\u2705 DB connected successfully.");
+    } catch (error) {
+      console.error("\u274C Failed to connect to DB", error);
+      throw error;
+    }
+    const app = kernel.getApp();
+    app.use("*", async (c, next) => {
+      c.set("db", this.db);
+      await next();
+    });
+  }
+  async shutdown() {
+    if (this.client) {
+      if (this.client.end) {
+        await this.client.end();
+      } else if (this.client.close) {
+        this.client.close();
+      }
+    }
+  }
+};
+
+// src/features/cache.ts
+import Redis from "ioredis";
+var MemoryAdapter = class {
+  store = /* @__PURE__ */ new Map();
+  async get(key) {
+    const item = this.store.get(key);
+    if (!item) return null;
+    if (item.expires && item.expires < Date.now()) {
+      this.store.delete(key);
+      return null;
+    }
+    return item.value;
+  }
+  async set(key, value, ttl) {
+    const expires = ttl ? Date.now() + ttl * 1e3 : null;
+    this.store.set(key, { value, expires });
+  }
+  async delete(key) {
+    this.store.delete(key);
+  }
+  async exists(key) {
+    return this.store.has(key);
+  }
+  async increment(key) {
+    const item = this.store.get(key);
+    if (!item || item.expires && item.expires < Date.now()) {
+      return 0;
+    }
+    const newVal = Number(item.value) + 1;
+    item.value = newVal;
+    return newVal;
+  }
+};
+var RedisAdapter = class {
+  client;
+  constructor(options) {
+    this.client = new Redis(options);
+  }
+  async get(key) {
+    const value = await this.client.get(key);
+    try {
+      return value ? JSON.parse(value) : null;
+    } catch {
+      return value;
+    }
+  }
+  async set(key, value, ttl) {
+    const stringValue = typeof value === "string" ? value : JSON.stringify(value);
+    if (ttl) {
+      await this.client.set(key, stringValue, "EX", ttl);
+    } else {
+      await this.client.set(key, stringValue);
+    }
+  }
+  async delete(key) {
+    await this.client.del(key);
+  }
+  async exists(key) {
+    const result = await this.client.exists(key);
+    return result === 1;
+  }
+  async increment(key) {
+    return await this.client.incr(key);
+  }
+  async disconnect() {
+    await this.client.quit();
+  }
+};
+var CacheFeature = class {
+  constructor(config = { adapter: "memory" }) {
+    this.config = config;
+  }
+  config;
+  name = "cache";
+  client;
+  async initialize(kernel) {
+    console.log(`\u2699\uFE0F Initializing Cache: ${this.config.adapter}`);
+    if (this.config.adapter === "redis") {
+      const conn = this.config.connection || {};
+      try {
+        this.client = new RedisAdapter({
+          host: conn.host || "localhost",
+          port: conn.port || 6379,
+          password: conn.password,
+          db: conn.db || 0
+        });
+      } catch (err) {
+        console.warn("\u26A0\uFE0F Redis connection failed, falling back to memory cache");
+        this.client = new MemoryAdapter();
+      }
+    } else {
+      this.client = new MemoryAdapter();
+    }
+    const app = kernel.getApp();
+    app.use("*", async (c, next) => {
+      c.set("cache", this.client);
+      await next();
+    });
+    console.log("\u2705 Cache initialized.");
+  }
+  async shutdown() {
+    if (this.client.disconnect) {
+      await this.client.disconnect();
+    }
+  }
+};
+
+// src/features/session.ts
+import { getCookie, setCookie, deleteCookie } from "hono/cookie";
+import { createHmac } from "crypto";
+import { sql, eq } from "drizzle-orm";
+import { pgTable, text as pgText, bigint as pgBigint } from "drizzle-orm/pg-core";
+import { mysqlTable, varchar as myVarchar, text as myText, bigint as myBigint } from "drizzle-orm/mysql-core";
+import { sqliteTable, text as sqliteText, integer as sqliteInteger } from "drizzle-orm/sqlite-core";
+var MemorySessionStore = class {
+  store = /* @__PURE__ */ new Map();
+  cleanupInterval;
+  constructor() {
+    this.cleanupInterval = setInterval(() => this.cleanup(), 3e5);
+  }
+  async get(id) {
+    const entry = this.store.get(id);
+    if (!entry) return null;
+    if (Date.now() > entry.expiresAt) {
+      this.store.delete(id);
+      return null;
+    }
+    return entry.data;
+  }
+  async set(id, data, ttl) {
+    this.store.set(id, { data, expiresAt: Date.now() + ttl * 1e3 });
+  }
+  async destroy(id) {
+    this.store.delete(id);
+  }
+  cleanup() {
+    const now = Date.now();
+    for (const [key, entry] of this.store.entries()) {
+      if (now > entry.expiresAt) this.store.delete(key);
+    }
+  }
+  dispose() {
+    clearInterval(this.cleanupInterval);
+  }
+};
+var CacheSessionStore = class {
+  constructor(cache) {
+    this.cache = cache;
+  }
+  cache;
+  async get(id) {
+    const data = await this.cache.get(`session:${id}`);
+    return data || null;
+  }
+  async set(id, data, ttl) {
+    await this.cache.set(`session:${id}`, data, ttl);
+  }
+  async destroy(id) {
+    await this.cache.delete(`session:${id}`);
+  }
+};
+var sessionTables = {
+  postgres: pgTable("sessions", {
+    id: pgText("id").primaryKey(),
+    data: pgText("data").notNull(),
+    expiresAt: pgBigint("expires_at", { mode: "number" }).notNull()
+  }),
+  mysql: mysqlTable("sessions", {
+    id: myVarchar("id", { length: 255 }).primaryKey(),
+    data: myText("data").notNull(),
+    expiresAt: myBigint("expires_at", { mode: "number" }).notNull()
+  }),
+  sqlite: sqliteTable("sessions", {
+    id: sqliteText("id").primaryKey(),
+    data: sqliteText("data").notNull(),
+    expiresAt: sqliteInteger("expires_at").notNull()
+  })
+};
+var createTableDdl = {
+  postgres: "CREATE TABLE IF NOT EXISTS sessions (id TEXT PRIMARY KEY, data TEXT NOT NULL, expires_at BIGINT NOT NULL)",
+  mysql: "CREATE TABLE IF NOT EXISTS sessions (id VARCHAR(255) PRIMARY KEY, data TEXT NOT NULL, expires_at BIGINT NOT NULL)",
+  sqlite: "CREATE TABLE IF NOT EXISTS sessions (id TEXT PRIMARY KEY, data TEXT NOT NULL, expires_at INTEGER NOT NULL)"
+};
+var DbSessionStore = class {
+  constructor(db, dialect = "sqlite") {
+    this.db = db;
+    this.dialect = sessionTables[dialect] ? dialect : "sqlite";
+    this.table = sessionTables[this.dialect];
+  }
+  db;
+  initialized = false;
+  dialect;
+  table;
+  async ensureTable() {
+    if (this.initialized) return;
+    try {
+      const ddl = sql.raw(createTableDdl[this.dialect]);
+      if (this.dialect === "sqlite") {
+        await this.db.run(ddl);
+      } else {
+        await this.db.execute(ddl);
+      }
+    } catch (err) {
+      console.error("[session] Failed to ensure sessions table:", err);
+    }
+    this.initialized = true;
+  }
+  async get(id) {
+    await this.ensureTable();
+    try {
+      const rows = await this.db.select().from(this.table).where(eq(this.table.id, id)).limit(1);
+      const row = rows?.[0];
+      if (!row) return null;
+      if (Date.now() > Number(row.expiresAt)) {
+        await this.destroy(id);
+        return null;
+      }
+      return JSON.parse(row.data);
+    } catch (err) {
+      console.error("[session] Failed to read session:", err);
+      return null;
+    }
+  }
+  async set(id, data, ttl) {
+    await this.ensureTable();
+    const row = { id, data: JSON.stringify(data), expiresAt: Date.now() + ttl * 1e3 };
+    try {
+      await this.db.delete(this.table).where(eq(this.table.id, id));
+      await this.db.insert(this.table).values(row);
+    } catch (err) {
+      console.error("[session] Failed to write session:", err);
+    }
+  }
+  async destroy(id) {
+    try {
+      await this.db.delete(this.table).where(eq(this.table.id, id));
+    } catch (err) {
+      console.error("[session] Failed to destroy session:", err);
+    }
+  }
+};
+function signValue(value, secret) {
+  const signature = createHmac("sha256", secret).update(value).digest("base64url");
+  return `${value}.${signature}`;
+}
+function verifySignedValue(signed, secret) {
+  const lastDot = signed.lastIndexOf(".");
+  if (lastDot === -1) return null;
+  const value = signed.substring(0, lastDot);
+  const signature = signed.substring(lastDot + 1);
+  const expected = createHmac("sha256", secret).update(value).digest("base64url");
+  if (signature !== expected) return null;
+  return value;
+}
+var SessionFeature = class {
+  constructor(config) {
+    this.config = config;
+    this.ttl = config.ttl || 86400;
+    this.cookieName = config.cookieName || "sid";
+    if (config.store === "cache") {
+      this.dependencies = ["cache"];
+    } else if (config.store === "db") {
+      this.dependencies = ["db"];
+    }
+  }
+  config;
+  name = "session";
+  dependencies;
+  store;
+  ttl;
+  cookieName;
+  async initialize(kernel) {
+    console.log(`\u2699\uFE0F Initializing Session: store=${this.config.store}`);
+    switch (this.config.store) {
+      case "memory":
+        this.store = new MemorySessionStore();
+        break;
+      case "cache": {
+        const cacheFeature = kernel.getFeature("cache");
+        if (!cacheFeature?.client) {
+          console.warn("\u26A0\uFE0F Cache feature not available, falling back to memory session store");
+          this.store = new MemorySessionStore();
+        } else {
+          this.store = new CacheSessionStore(cacheFeature.client);
+        }
+        break;
+      }
+      case "db": {
+        const dbFeature = kernel.getFeature("db");
+        if (!dbFeature?.db) {
+          console.warn("\u26A0\uFE0F DB feature not available, falling back to memory session store");
+          this.store = new MemorySessionStore();
+        } else {
+          this.store = new DbSessionStore(dbFeature.db, dbFeature.adapter);
+        }
+        break;
+      }
+    }
+    const app = kernel.getApp();
+    app.use("*", async (c, next) => {
+      const signedCookie = getCookie(c, this.cookieName);
+      let sessionId = null;
+      let session = {};
+      if (signedCookie) {
+        sessionId = verifySignedValue(signedCookie, this.config.secret);
+        if (sessionId) {
+          const data = await this.store.get(sessionId);
+          if (data) {
+            session = data;
+          } else {
+            sessionId = null;
+          }
+        }
+      }
+      if (!sessionId) {
+        sessionId = crypto.randomUUID();
+      }
+      let destroyed = false;
+      c.set("session", session);
+      c.set("sessionId", sessionId);
+      c.set("destroySession", async () => {
+        destroyed = true;
+        await this.store.destroy(sessionId);
+        deleteCookie(c, this.cookieName);
+      });
+      await next();
+      if (destroyed) return;
+      const currentSession = c.get("session");
+      if (currentSession && Object.keys(currentSession).length > 0) {
+        await this.store.set(sessionId, currentSession, this.ttl);
+        const signed = signValue(sessionId, this.config.secret);
+        const opts = this.config.cookieOptions || {};
+        setCookie(c, this.cookieName, signed, {
+          httpOnly: true,
+          sameSite: opts.sameSite || "Lax",
+          secure: opts.secure ?? false,
+          domain: opts.domain,
+          path: opts.path || "/",
+          maxAge: this.ttl
+        });
+      }
+    });
+    console.log("\u2705 Session initialized");
+  }
+  async shutdown() {
+    if (this.store instanceof MemorySessionStore) {
+      this.store.dispose?.();
+    }
+  }
+};
+
+// src/features/auth/index.ts
+import { HTTPException as HTTPException4 } from "hono/http-exception";
+
+// src/features/auth/better-auth-config.ts
+import { betterAuth } from "better-auth";
+import { drizzleAdapter } from "better-auth/adapters/drizzle";
+import { genericOAuth } from "better-auth/plugins/generic-oauth";
+
+// src/features/auth/schema.ts
+import { pgTable as pgTable2, text, timestamp, boolean } from "drizzle-orm/pg-core";
+import { mysqlTable as mysqlTable2, varchar, timestamp as mysqlTimestamp, boolean as mysqlBoolean, text as mysqlText } from "drizzle-orm/mysql-core";
+import { sqliteTable as sqliteTable2, text as sqliteText2, integer } from "drizzle-orm/sqlite-core";
+var pgUser = pgTable2("user", {
+  id: text("id").primaryKey(),
+  name: text("name"),
+  email: text("email").notNull().unique(),
+  emailVerified: boolean("emailVerified").notNull(),
+  image: text("image"),
+  createdAt: timestamp("createdAt").notNull(),
+  updatedAt: timestamp("updatedAt").notNull()
+});
+var pgSession = pgTable2("session", {
+  id: text("id").primaryKey(),
+  expiresAt: timestamp("expiresAt").notNull(),
+  token: text("token").notNull().unique(),
+  createdAt: timestamp("createdAt").notNull(),
+  updatedAt: timestamp("updatedAt").notNull(),
+  ipAddress: text("ipAddress"),
+  userAgent: text("userAgent"),
+  userId: text("userId").notNull().references(() => pgUser.id)
+});
+var pgAccount = pgTable2("account", {
+  id: text("id").primaryKey(),
+  accountId: text("accountId").notNull(),
+  providerId: text("providerId").notNull(),
+  userId: text("userId").notNull().references(() => pgUser.id),
+  accessToken: text("accessToken"),
+  refreshToken: text("refreshToken"),
+  idToken: text("idToken"),
+  accessTokenExpiresAt: timestamp("accessTokenExpiresAt"),
+  refreshTokenExpiresAt: timestamp("refreshTokenExpiresAt"),
+  scope: text("scope"),
+  password: text("password"),
+  createdAt: timestamp("createdAt").notNull(),
+  updatedAt: timestamp("updatedAt").notNull()
+});
+var pgVerification = pgTable2("verification", {
+  id: text("id").primaryKey(),
+  identifier: text("identifier").notNull(),
+  value: text("value").notNull(),
+  expiresAt: timestamp("expiresAt").notNull(),
+  createdAt: timestamp("createdAt"),
+  updatedAt: timestamp("updatedAt")
+});
+var pgSchema = {
+  user: pgUser,
+  session: pgSession,
+  account: pgAccount,
+  verification: pgVerification
+};
+var mysqlUser = mysqlTable2("user", {
+  id: varchar("id", { length: 36 }).primaryKey(),
+  name: varchar("name", { length: 255 }),
+  email: varchar("email", { length: 255 }).notNull().unique(),
+  emailVerified: mysqlBoolean("emailVerified").notNull(),
+  image: varchar("image", { length: 255 }),
+  createdAt: mysqlTimestamp("createdAt").notNull(),
+  updatedAt: mysqlTimestamp("updatedAt").notNull()
+});
+var mysqlSession = mysqlTable2("session", {
+  id: varchar("id", { length: 36 }).primaryKey(),
+  expiresAt: mysqlTimestamp("expiresAt").notNull(),
+  token: varchar("token", { length: 255 }).notNull().unique(),
+  createdAt: mysqlTimestamp("createdAt").notNull(),
+  updatedAt: mysqlTimestamp("updatedAt").notNull(),
+  ipAddress: varchar("ipAddress", { length: 45 }),
+  userAgent: mysqlText("userAgent"),
+  userId: varchar("userId", { length: 36 }).notNull().references(() => mysqlUser.id)
+});
+var mysqlAccount = mysqlTable2("account", {
+  id: varchar("id", { length: 36 }).primaryKey(),
+  accountId: varchar("accountId", { length: 255 }).notNull(),
+  providerId: varchar("providerId", { length: 255 }).notNull(),
+  userId: varchar("userId", { length: 36 }).notNull().references(() => mysqlUser.id),
+  accessToken: mysqlText("accessToken"),
+  refreshToken: mysqlText("refreshToken"),
+  idToken: mysqlText("idToken"),
+  accessTokenExpiresAt: mysqlTimestamp("accessTokenExpiresAt"),
+  refreshTokenExpiresAt: mysqlTimestamp("refreshTokenExpiresAt"),
+  scope: mysqlText("scope"),
+  password: varchar("password", { length: 255 }),
+  createdAt: mysqlTimestamp("createdAt").notNull(),
+  updatedAt: mysqlTimestamp("updatedAt").notNull()
+});
+var mysqlVerification = mysqlTable2("verification", {
+  id: varchar("id", { length: 36 }).primaryKey(),
+  identifier: varchar("identifier", { length: 255 }).notNull(),
+  value: varchar("value", { length: 255 }).notNull(),
+  expiresAt: mysqlTimestamp("expiresAt").notNull(),
+  createdAt: mysqlTimestamp("createdAt"),
+  updatedAt: mysqlTimestamp("updatedAt")
+});
+var mysqlSchema = {
+  user: mysqlUser,
+  session: mysqlSession,
+  account: mysqlAccount,
+  verification: mysqlVerification
+};
+var sqliteUser = sqliteTable2("user", {
+  id: sqliteText2("id").primaryKey(),
+  name: sqliteText2("name"),
+  email: sqliteText2("email").notNull().unique(),
+  emailVerified: integer("emailVerified", { mode: "boolean" }).notNull(),
+  image: sqliteText2("image"),
+  createdAt: integer("createdAt", { mode: "timestamp" }).notNull(),
+  updatedAt: integer("updatedAt", { mode: "timestamp" }).notNull()
+});
+var sqliteSession = sqliteTable2("session", {
+  id: sqliteText2("id").primaryKey(),
+  expiresAt: integer("expiresAt", { mode: "timestamp" }).notNull(),
+  token: sqliteText2("token").notNull().unique(),
+  createdAt: integer("createdAt", { mode: "timestamp" }).notNull(),
+  updatedAt: integer("updatedAt", { mode: "timestamp" }).notNull(),
+  ipAddress: sqliteText2("ipAddress"),
+  userAgent: sqliteText2("userAgent"),
+  userId: sqliteText2("userId").notNull().references(() => sqliteUser.id)
+});
+var sqliteAccount = sqliteTable2("account", {
+  id: sqliteText2("id").primaryKey(),
+  accountId: sqliteText2("accountId").notNull(),
+  providerId: sqliteText2("providerId").notNull(),
+  userId: sqliteText2("userId").notNull().references(() => sqliteUser.id),
+  accessToken: sqliteText2("accessToken"),
+  refreshToken: sqliteText2("refreshToken"),
+  idToken: sqliteText2("idToken"),
+  accessTokenExpiresAt: integer("accessTokenExpiresAt", { mode: "timestamp" }),
+  refreshTokenExpiresAt: integer("refreshTokenExpiresAt", { mode: "timestamp" }),
+  scope: sqliteText2("scope"),
+  password: sqliteText2("password"),
+  createdAt: integer("createdAt", { mode: "timestamp" }).notNull(),
+  updatedAt: integer("updatedAt", { mode: "timestamp" }).notNull()
+});
+var sqliteVerification = sqliteTable2("verification", {
+  id: sqliteText2("id").primaryKey(),
+  identifier: sqliteText2("identifier").notNull(),
+  value: sqliteText2("value").notNull(),
+  expiresAt: integer("expiresAt", { mode: "timestamp" }).notNull(),
+  createdAt: integer("createdAt", { mode: "timestamp" }),
+  updatedAt: integer("updatedAt", { mode: "timestamp" })
+});
+var sqliteSchema = {
+  user: sqliteUser,
+  session: sqliteSession,
+  account: sqliteAccount,
+  verification: sqliteVerification
+};
+
+// src/features/auth/better-auth-config.ts
+function createBetterAuth(options) {
+  const {
+    db,
+    adapterType,
+    secret,
+    baseURL = "http://localhost:3000",
+    basePath = "/api/auth",
+    trustedOrigins = [],
+    enableEmailPassword = true,
+    disableCSRFCheck = false,
+    socialProviders,
+    oidcConfig
+  } = options;
+  const baseOrigin = new URL(baseURL).origin;
+  const allTrustedOrigins = trustedOrigins.includes(baseOrigin) ? trustedOrigins : [baseOrigin, ...trustedOrigins];
+  console.log("[BetterAuth Config] Creating Drizzle adapter...");
+  let schema;
+  let provider;
+  switch (adapterType) {
+    case "postgres":
+      schema = pgSchema;
+      provider = "pg";
+      break;
+    case "mysql":
+      schema = mysqlSchema;
+      provider = "mysql";
+      break;
+    case "sqlite":
+      schema = sqliteSchema;
+      provider = "sqlite";
+      break;
+    default:
+      throw new Error(`Unsupported adapter type: ${adapterType}`);
+  }
+  const database = drizzleAdapter(db, {
+    provider,
+    schema
+  });
+  console.log("[BetterAuth Config] Initializing betterAuth with config:", {
+    baseURL,
+    basePath,
+    provider,
+    enableEmailPassword
+  });
+  const plugins = [];
+  if (oidcConfig) {
+    const authorizationUrl = oidcConfig.authorizationEndpoint || `${oidcConfig.issuer}/protocol/openid-connect/auth`;
+    const tokenUrl = oidcConfig.tokenEndpoint || `${oidcConfig.issuer}/protocol/openid-connect/token`;
+    const userInfoUrl = oidcConfig.userinfoEndpoint || `${oidcConfig.issuer}/protocol/openid-connect/userinfo`;
+    plugins.push(
+      genericOAuth({
+        config: [
+          {
+            providerId: oidcConfig.providerId || "oidc",
+            clientId: oidcConfig.clientId,
+            clientSecret: oidcConfig.clientSecret,
+            authorizationUrl,
+            tokenUrl,
+            userInfoUrl,
+            discoveryUrl: oidcConfig.discoveryEndpoint || `${oidcConfig.issuer}/.well-known/openid-configuration`,
+            scopes: oidcConfig.scopes || ["openid", "email", "profile"],
+            pkce: oidcConfig.pkce !== void 0 ? oidcConfig.pkce : false,
+            mapProfileToUser: (profile) => {
+              return {
+                id: profile.sub || profile.id,
+                email: profile.email,
+                name: profile.name || profile.preferred_username,
+                image: profile.picture || profile.image,
+                emailVerified: profile.email_verified || false
+              };
+            }
+          }
+        ]
+      })
+    );
+  }
+  return betterAuth({
+    database,
+    secret,
+    baseURL,
+    basePath,
+    trustedOrigins: allTrustedOrigins,
+    emailAndPassword: enableEmailPassword ? {
+      enabled: true,
+      autoSignIn: true
+    } : void 0,
+    socialProviders: Object.keys(socialProviders || {}).length > 0 ? socialProviders : void 0,
+    plugins,
+    session: {
+      expiresIn: 60 * 60 * 24 * 7,
+      updateAge: 60 * 60 * 24,
+      cookieCache: {
+        enabled: true,
+        maxAge: 5 * 60
+      }
+    },
+    advanced: {
+      disableCSRFCheck,
+      generateId: () => crypto.randomUUID().replace(/-/g, "")
+    }
+  });
+}
+
+// src/features/auth/index.ts
+import { z as z2 } from "@hono/zod-openapi";
+var SignInSchema = z2.object({
+  email: z2.string().email(),
+  password: z2.string().min(1)
+});
+var SignUpSchema = z2.object({
+  email: z2.string().email(),
+  password: z2.string().min(8),
+  name: z2.string().optional()
+});
+var AuthSuccessSchema = z2.object({
+  token: z2.string().optional(),
+  user: z2.object({
+    id: z2.string(),
+    email: z2.string(),
+    name: z2.string().optional()
+  }).optional(),
+  session: z2.any().optional()
+});
+var SessionResponseSchema = z2.object({
+  session: z2.any().nullable(),
+  user: z2.any().nullable()
+});
+var AuthFeature = class {
+  name = "auth";
+  dependencies = ["db"];
+  auth;
+  config;
+  kernel;
+  authMode;
+  constructor(config) {
+    this.config = {
+      ...config,
+      basePath: config.basePath || "/api/sso",
+      baseURL: config.baseURL || "http://localhost:3000"
+    };
+    if (config.authMode === "oidc" || config.authMode === "email") {
+      this.authMode = config.authMode;
+    } else {
+      this.authMode = config.oidcConfig ? "oidc" : "email";
+    }
+  }
+  async initialize(kernel) {
+    this.kernel = kernel;
+    const dbFeature = kernel.getFeature("db");
+    if (!dbFeature) {
+      throw new Error("AuthFeature requires DbFeature");
+    }
+    const db = dbFeature.db;
+    const adapterType = dbFeature.adapter;
+    if (!adapterType) {
+      throw new Error("DbFeature must expose 'adapter' type (postgres, mysql, sqlite)");
+    }
+    this.auth = createBetterAuth({
+      db,
+      adapterType,
+      secret: this.config.secret,
+      baseURL: this.config.baseURL,
+      basePath: this.config.basePath,
+      trustedOrigins: this.config.trustedOrigins,
+      enableEmailPassword: true,
+      disableCSRFCheck: this.config.disableCSRFCheck,
+      socialProviders: this.config.socialProviders,
+      oidcConfig: this.config.oidcConfig
+    });
+    const app = kernel.getApp();
+    app.use("*", async (c, next) => {
+      try {
+        const session = await this.auth.api.getSession({
+          headers: c.req.raw.headers
+        });
+        if (session && session.user) {
+          c.set("user", session.user);
+          c.set("authUser", session.user);
+        }
+      } catch (error) {
+      }
+      await next();
+    });
+    console.log("\u2705 Auth feature initialized (better-auth)");
+  }
+  routes(app) {
+    if (!this.auth) {
+      throw new Error("Auth not initialized");
+    }
+    const base = this.config.basePath;
+    const openapi = this.kernel?.getFeature("openapi");
+    if (openapi) {
+      openapi.addRoute(
+        {
+          method: "post",
+          path: `${base}/sign-in/email`,
+          tags: ["Auth"],
+          summary: "Sign in with email and password",
+          request: {
+            body: {
+              content: { "application/json": { schema: SignInSchema } }
+            }
+          },
+          responses: {
+            200: {
+              description: "Sign in successful",
+              content: { "application/json": { schema: AuthSuccessSchema } }
+            },
+            401: { description: "Invalid credentials" }
+          }
+        },
+        (c) => this.auth.handler(c.req.raw)
+      );
+      openapi.addRoute(
+        {
+          method: "post",
+          path: `${base}/sign-up/email`,
+          tags: ["Auth"],
+          summary: "Create a new account",
+          request: {
+            body: {
+              content: { "application/json": { schema: SignUpSchema } }
+            }
+          },
+          responses: {
+            200: {
+              description: "Account created",
+              content: { "application/json": { schema: AuthSuccessSchema } }
+            },
+            400: { description: "Validation error" }
+          }
+        },
+        (c) => this.auth.handler(c.req.raw)
+      );
+      openapi.addRoute(
+        {
+          method: "post",
+          path: `${base}/sign-out`,
+          tags: ["Auth"],
+          summary: "Sign out",
+          responses: {
+            200: { description: "Signed out" }
+          }
+        },
+        (c) => this.auth.handler(c.req.raw)
+      );
+      openapi.addRoute(
+        {
+          method: "get",
+          path: `${base}/get-session`,
+          tags: ["Auth"],
+          summary: "Get current session",
+          responses: {
+            200: {
+              description: "Current session",
+              content: { "application/json": { schema: SessionResponseSchema } }
+            }
+          }
+        },
+        (c) => this.auth.handler(c.req.raw)
+      );
+    }
+    app.on(["POST", "GET"], `${base}/*`, (c) => {
+      return this.auth.handler(c.req.raw);
+    });
+  }
+  getAuth() {
+    return this.auth;
+  }
+};
+function requireAuth(kernel) {
+  return async (c, next) => {
+    const authFeature = kernel.getFeature("auth");
+    if (!authFeature) throw new HTTPException4(500, { message: "Auth not initialized" });
+    const auth = authFeature.getAuth();
+    if (!auth) throw new HTTPException4(500, { message: "Auth not ready" });
+    const session = await auth.api.getSession({ headers: c.req.raw.headers });
+    if (!session || !session.user) {
+      throw new HTTPException4(401, { message: "Unauthorized" });
+    }
+    c.set("user", session.user);
+    c.set("authUser", session.user);
+    await next();
+  };
+}
+
+// src/features/rate-limit.ts
+import { HTTPException as HTTPException5 } from "hono/http-exception";
+var MemoryStore = class {
+  store = /* @__PURE__ */ new Map();
+  async get(key) {
+    const entry = this.store.get(key);
+    if (!entry) return null;
+    if (Date.now() > entry.expiresAt) {
+      this.store.delete(key);
+      return null;
+    }
+    return entry.count;
+  }
+  async set(key, value, ttl) {
+    this.store.set(key, { count: value, expiresAt: Date.now() + ttl });
+  }
+  async increment(key, ttl) {
+    const entry = this.store.get(key);
+    if (!entry || Date.now() > entry.expiresAt) {
+      this.store.set(key, { count: 1, expiresAt: Date.now() + ttl });
+      return 1;
+    }
+    entry.count++;
+    return entry.count;
+  }
+  cleanup() {
+    const now = Date.now();
+    for (const [key, entry] of this.store.entries()) {
+      if (now > entry.expiresAt) this.store.delete(key);
+    }
+  }
+};
+var CacheStoreWrapper = class {
+  constructor(cache) {
+    this.cache = cache;
+  }
+  cache;
+  async get(key) {
+    return await this.cache.get(key);
+  }
+  async set(key, value, ttl) {
+    await this.cache.set(key, value, ttl / 1e3);
+  }
+  async increment(key, ttl) {
+    const ttlSeconds = Math.ceil(ttl / 1e3);
+    const current = await this.cache.get(key);
+    if (current === null) {
+      await this.cache.set(key, 1, ttlSeconds);
+      return 1;
+    }
+    if (this.cache.increment) return await this.cache.increment(key);
+    const newVal = Number(current) + 1;
+    await this.cache.set(key, newVal, ttlSeconds);
+    return newVal;
+  }
+};
+var RateLimitFeature = class {
+  name = "rate-limit";
+  config;
+  store;
+  cleanupInterval;
+  constructor(config = {}) {
+    this.config = {
+      windowMs: config.windowMs || 15 * 60 * 1e3,
+      max: config.max || 100,
+      standardHeaders: config.standardHeaders ?? true,
+      store: config.store || "memory",
+      keyGenerator: config.keyGenerator,
+      skip: config.skip,
+      handler: config.handler
+    };
+  }
+  async initialize(kernel) {
+    if (this.config.store === "cache") {
+      const cacheFeature = kernel.getFeature("cache");
+      if (cacheFeature?.client) {
+        this.store = new CacheStoreWrapper(cacheFeature.client);
+      } else {
+        console.warn("\u26A0\uFE0F Cache feature not available for rate-limit, falling back to memory store");
+        const mem = new MemoryStore();
+        this.store = mem;
+        this.cleanupInterval = setInterval(() => mem.cleanup(), 3e5);
+      }
+    }
+    if (this.config.store === "memory") {
+      const mem = new MemoryStore();
+      this.store = mem;
+      this.cleanupInterval = setInterval(() => mem.cleanup(), 3e5);
+    }
+    const app = kernel.getApp();
+    app.use("*", async (c, next) => {
+      await this.middleware(c, next);
+    });
+    console.log("\u2705 Rate limit feature initialized");
+  }
+  async middleware(c, next) {
+    if (this.config.skip && this.config.skip(c)) {
+      await next();
+      return;
+    }
+    let store = this.store;
+    if (!store && this.config.store === "cache") {
+      const cache = c.get("cache");
+      if (cache) {
+        store = new CacheStoreWrapper(cache);
+      } else {
+        if (!this.store) {
+          this.store = new MemoryStore();
+          this.cleanupInterval = setInterval(() => this.store.cleanup(), 3e5);
+        }
+        store = this.store;
+      }
+    }
+    if (!store) {
+      await next();
+      return;
+    }
+    const key = this.config.keyGenerator ? this.config.keyGenerator(c) : this.defaultKeyGenerator(c);
+    const rlKey = `rate_limit:${key}`;
+    const count = await store.increment(rlKey, this.config.windowMs);
+    if (count > this.config.max) {
+      if (this.config.handler) return this.config.handler(c);
+      throw new HTTPException5(429, { message: "Too many requests" });
+    }
+    if (this.config.standardHeaders) {
+      c.header("X-RateLimit-Limit", String(this.config.max));
+      c.header("X-RateLimit-Remaining", String(Math.max(0, this.config.max - count)));
+      c.header("X-RateLimit-Reset", String(Math.ceil((Date.now() + this.config.windowMs) / 1e3)));
+    }
+    await next();
+  }
+  defaultKeyGenerator(c) {
+    return c.req.header("x-forwarded-for") || c.req.header("x-real-ip") || "unknown";
+  }
+  async shutdown() {
+    if (this.cleanupInterval) clearInterval(this.cleanupInterval);
+  }
+};
+
+// src/features/permissions.ts
+import { HTTPException as HTTPException6 } from "hono/http-exception";
+var DEFAULT_ROLES = {
+  admin: { name: "admin", permissions: ["*"], description: "Full access" },
+  user: { name: "user", permissions: ["read:own", "write:own"], description: "User access" },
+  guest: { name: "guest", permissions: ["read:public"], description: "Guest access" }
+};
+var PermissionsFeature = class {
+  name = "permissions";
+  dependencies = ["auth"];
+  config;
+  roles = /* @__PURE__ */ new Map();
+  constructor(config = {}) {
+    this.config = {
+      loadPermissions: config.loadPermissions || (async () => ["read:own"]),
+      loadRoles: config.loadRoles || (async () => ["user"]),
+      anonymousPermissions: config.anonymousPermissions || ["read:public"],
+      enableRBAC: config.enableRBAC ?? true,
+      cachePermissions: config.cachePermissions ?? true,
+      cacheTTL: config.cacheTTL || 3600
+    };
+    Object.values(DEFAULT_ROLES).forEach((r) => this.roles.set(r.name, r));
+  }
+  async initialize(kernel) {
+    const app = kernel.getApp();
+    app.use("*", async (c, next) => {
+      await this.permissionsMiddleware(c, next, kernel);
+    });
+    console.log("\u2705 Permissions feature initialized");
+  }
+  async permissionsMiddleware(c, next, _kernel) {
+    const user = c.get("user") || c.get("session")?.user;
+    const userId = user?.id;
+    let permissions = [];
+    let roles = [];
+    if (userId) {
+      if (this.config.cachePermissions) {
+        const cache = c.get("cache");
+        if (cache) {
+          const cached = await cache.get(`permissions:${userId}`);
+          if (cached) {
+            permissions = cached.permissions || [];
+            roles = cached.roles || [];
+          }
+        }
+      }
+      if (permissions.length === 0) {
+        permissions = await this.config.loadPermissions(userId);
+        if (this.config.enableRBAC) {
+          roles = await this.config.loadRoles(userId);
+          for (const rName of roles) {
+            const r = this.roles.get(rName);
+            if (r) permissions.push(...r.permissions);
+          }
+        }
+        if (this.config.cachePermissions) {
+          const cache = c.get("cache");
+          if (cache) {
+            await cache.set(`permissions:${userId}`, { permissions, roles }, this.config.cacheTTL);
+          }
+        }
+      }
+    } else {
+      permissions = this.config.anonymousPermissions;
+    }
+    permissions = [...new Set(permissions)];
+    c.set("userPermissions", permissions);
+    c.set("checkPermission", (p) => this.checkPermission(permissions, p));
+    c.set("hasRole", (r) => roles.includes(r));
+    c.set("hasAnyRole", (...rs) => rs.some((r) => roles.includes(r)));
+    c.set("hasAllRoles", (...rs) => rs.every((r) => roles.includes(r)));
+    await next();
+  }
+  checkPermission(userPerms, required) {
+    if (userPerms.includes("*")) return true;
+    if (userPerms.includes(required)) return true;
+    const parts = required.split(":");
+    for (let i = parts.length - 1; i > 0; i--) {
+      const pattern = parts.slice(0, i).join(":") + ":*";
+      if (userPerms.includes(pattern)) return true;
+    }
+    return false;
+  }
+};
+function requirePermission(permission) {
+  return async (c, next) => {
+    const check = c.get("checkPermission");
+    if (!check || !check(permission)) throw new HTTPException6(403, { message: `Missing permission: ${permission}` });
+    await next();
+  };
+}
+function requireRole(role) {
+  return async (c, next) => {
+    const check = c.get("hasRole");
+    if (!check || !check(role)) throw new HTTPException6(403, { message: `Missing role: ${role}` });
+    await next();
+  };
+}
+
+// src/features/api-key.ts
+import { HTTPException as HTTPException7 } from "hono/http-exception";
+var ApiKeyStore = class {
+  constructor(config, kernel) {
+    this.config = config;
+    this.kernel = kernel;
+    this.initializeStaticKeys();
+  }
+  config;
+  kernel;
+  staticKeysMap = /* @__PURE__ */ new Map();
+  cache;
+  getCache() {
+    if (!this.cache && this.config.enableCache) {
+      const cacheFeature = this.kernel.getFeature("cache");
+      if (cacheFeature) {
+        this.cache = cacheFeature.client;
+      }
+    }
+    return this.cache;
+  }
+  initializeStaticKeys() {
+    if (!this.config.staticKeys || this.config.staticKeys.length === 0) {
+      return;
+    }
+    for (const staticKey of this.config.staticKeys) {
+      const metadata = {
+        id: this.generateId(staticKey.key),
+        key: staticKey.key,
+        name: staticKey.name,
+        scopes: staticKey.scopes,
+        rateLimit: staticKey.rateLimit,
+        expiresAt: staticKey.expiresAt,
+        createdAt: /* @__PURE__ */ new Date(),
+        metadata: staticKey.metadata,
+        lastUsedAt: void 0
+        // Explicitly undefined initially
+      };
+      this.staticKeysMap.set(staticKey.key, metadata);
+    }
+    console.log(`\u2705 Loaded ${this.staticKeysMap.size} static API keys`);
+  }
+  generateId(key) {
+    return key.substring(0, 8);
+  }
+  compareKeys(a, b) {
+    if (a.length !== b.length) return false;
+    let result = 0;
+    for (let i = 0; i < a.length; i++) {
+      result |= a.charCodeAt(i) ^ b.charCodeAt(i);
+    }
+    return result === 0;
+  }
+  isExpired(expiresAt) {
+    if (!expiresAt) return false;
+    return /* @__PURE__ */ new Date() > expiresAt;
+  }
+  async validate(key) {
+    if (!key) return { isValid: false, error: "API key is required" };
+    const cache = this.getCache();
+    const cacheKey = `apikey:${key}`;
+    if (cache) {
+      try {
+        const cached = await cache.get(cacheKey);
+        if (cached) {
+          const metadata = typeof cached === "string" ? JSON.parse(cached) : cached;
+          return { isValid: true, key: metadata };
+        }
+      } catch (err) {
+      }
+    }
+    for (const [staticKey, metadata] of this.staticKeysMap) {
+      if (this.compareKeys(key, staticKey)) {
+        if (this.isExpired(metadata.expiresAt)) {
+          return { isValid: false, error: "API key has expired" };
+        }
+        metadata.lastUsedAt = /* @__PURE__ */ new Date();
+        if (cache) {
+          const ttl = this.config.cacheTtl ? Math.floor(this.config.cacheTtl / 1e3) : 300;
+          try {
+            await cache.set(cacheKey, JSON.stringify(metadata), ttl);
+          } catch {
+          }
+        }
+        return { isValid: true, key: metadata };
+      }
+    }
+    return { isValid: false, error: "Invalid API key" };
+  }
+  hasScopes(key, requiredScopes) {
+    if (!requiredScopes || requiredScopes.length === 0) return true;
+    if (!key.scopes || key.scopes.length === 0) return false;
+    for (const requiredScope of requiredScopes) {
+      const hasScope = key.scopes.some((scope) => {
+        if (scope.endsWith("*")) {
+          const prefix = scope.slice(0, -1);
+          return requiredScope.startsWith(prefix);
+        }
+        return scope === requiredScope;
+      });
+      if (!hasScope) return false;
+    }
+    return true;
+  }
+};
+var ApiKeyFeature = class {
+  name = "apiKey";
+  store;
+  config;
+  constructor(config = {}) {
+    this.config = {
+      staticKeys: config.staticKeys || [],
+      headerName: config.headerName || "X-API-Key",
+      queryParamName: config.queryParamName || "api_key",
+      extractStrategies: config.extractStrategies || ["header", "bearer"],
+      // Defaults for other optional properties
+      vaultService: void 0,
+      customExtractor: void 0,
+      enableCache: config.enableCache ?? true,
+      cacheTtl: config.cacheTtl ?? 3e5,
+      requireScopes: config.requireScopes ?? false,
+      skipPaths: config.skipPaths || [],
+      onError: config.onError,
+      onValidated: config.onValidated
+    };
+  }
+  async initialize(kernel) {
+    this.store = new ApiKeyStore(this.config, kernel);
+    const app = kernel.getApp();
+    app.use("*", async (c, next) => {
+      if (this.shouldSkipPath(c.req.path)) {
+        await next();
+        return;
+      }
+      const apiKey = this.extractApiKey(c);
+      if (!apiKey) {
+        c.set("apiKey", void 0);
+        c.set("apiKeyScopes", void 0);
+        await next();
+        return;
+      }
+      const result = await this.store.validate(apiKey);
+      if (!result.isValid) {
+        throw new HTTPException7(401, { message: result.error || "Invalid API key" });
+      }
+      c.set("apiKey", result.key);
+      c.set("apiKeyScopes", result.key?.scopes || []);
+      c.set("hasScope", (scope) => this.store.hasScopes(result.key, [scope]));
+      c.set("hasAnyScope", (...scopes) => scopes.some((s) => this.store.hasScopes(result.key, [s])));
+      c.set("hasAllScopes", (...scopes) => this.store.hasScopes(result.key, scopes));
+      await next();
+    });
+    console.log("\u2705 API Key feature initialized");
+  }
+  shouldSkipPath(path2) {
+    if (!this.config.skipPaths?.length) return false;
+    return this.config.skipPaths.some((skip) => {
+      if (skip.endsWith("*")) return path2.startsWith(skip.slice(0, -1));
+      return path2 === skip;
+    });
+  }
+  extractApiKey(c) {
+    for (const strategy of this.config.extractStrategies || []) {
+      let key = null;
+      switch (strategy) {
+        case "header":
+          key = c.req.header(this.config.headerName) || null;
+          break;
+        case "bearer": {
+          const auth = c.req.header("Authorization");
+          if (auth?.startsWith("Bearer ")) key = auth.substring(7);
+          break;
+        }
+        case "query":
+          key = c.req.query(this.config.queryParamName) || null;
+          break;
+      }
+      if (key) return key;
+    }
+    return null;
+  }
+};
+function requireApiKey() {
+  return async (c, next) => {
+    if (!c.get("apiKey")) throw new HTTPException7(401, { message: "API key is required" });
+    await next();
+  };
+}
+function requireScope(...scopes) {
+  return async (c, next) => {
+    const hasAll = c.get("hasAllScopes");
+    if (!c.get("apiKey")) throw new HTTPException7(401, { message: "API key is required" });
+    if (!hasAll || !hasAll(...scopes)) throw new HTTPException7(403, { message: "Insufficient scopes" });
+    await next();
+  };
+}
+
+// src/features/csrf.ts
+import { HTTPException as HTTPException8 } from "hono/http-exception";
+import { getCookie as getCookie2, setCookie as setCookie2 } from "hono/cookie";
+var CsrfFeature = class {
+  name = "csrf";
+  config;
+  constructor(config) {
+    if (!config.secret) throw new Error("CSRF secret is required");
+    this.config = {
+      secret: config.secret,
+      cookieName: config.cookieName || "_csrf",
+      headerName: config.headerName || "X-CSRF-Token",
+      ignoreMethods: config.ignoreMethods || ["GET", "HEAD", "OPTIONS"],
+      cookieOptions: {
+        httpOnly: true,
+        secure: true,
+        sameSite: "Strict",
+        maxAge: 86400,
+        ...config.cookieOptions
+      }
+    };
+  }
+  async initialize(kernel) {
+    const app = kernel.getApp();
+    app.use("*", async (c, next) => {
+      await this.middleware(c, next);
+    });
+    console.log("\u2705 CSRF feature initialized");
+  }
+  async middleware(c, next) {
+    const method = c.req.method.toUpperCase();
+    let token = getCookie2(c, this.config.cookieName);
+    if (!token) {
+      token = crypto.randomUUID().replace(/-/g, "");
+      setCookie2(c, this.config.cookieName, token, {
+        httpOnly: this.config.cookieOptions.httpOnly,
+        secure: this.config.cookieOptions.secure,
+        sameSite: this.config.cookieOptions.sameSite,
+        maxAge: this.config.cookieOptions.maxAge,
+        path: "/"
+      });
+    }
+    c.set("csrfToken", token);
+    if (this.config.ignoreMethods.includes(method)) {
+      await next();
+      return;
+    }
+    const isValid = await this.validateToken(c, token);
+    if (!isValid) {
+      throw new HTTPException8(403, { message: "Invalid CSRF token" });
+    }
+    await next();
+  }
+  async validateToken(c, expectedToken) {
+    const headerToken = c.req.header(this.config.headerName);
+    if (headerToken === expectedToken) return true;
+    try {
+      const contentType = c.req.header("content-type");
+      if (contentType?.includes("application/x-www-form-urlencoded")) {
+        const body = await c.req.parseBody();
+        const bodyToken = body._csrf || body[this.config.cookieName];
+        if (String(bodyToken) === expectedToken) return true;
+      }
+    } catch {
+    }
+    return false;
+  }
+};
+function requireCsrf() {
+  return async (c, next) => {
+    if (!c.get("csrfToken")) throw new HTTPException8(403, { message: "CSRF token required" });
+    await next();
+  };
+}
+
+// src/responses.ts
+import { ErrorCodes as ErrorCodes2 } from "@iskra-bun/core";
+function successResponse(data, message) {
+  const response = { success: true };
+  if (data !== void 0) response.data = data;
+  if (message) response.message = message;
+  return response;
+}
+function errorResponse(error, code, details) {
+  const message = error instanceof Error ? error.message : error;
+  const response = {
+    success: false,
+    error: message,
+    timestamp: (/* @__PURE__ */ new Date()).toISOString()
+  };
+  if (code) response.code = code;
+  if (details !== void 0) response.details = details;
+  return response;
+}
+
+// src/features/validation.ts
+function createValidationMiddleware(schema, options = {}) {
+  const { logErrors = true, status = 400 } = options;
+  return async (c, next) => {
+    try {
+      const validated = {};
+      if (schema.params) {
+        const parsed = schema.params.safeParse(c.req.param());
+        if (!parsed.success) {
+          return c.json(errorResponse("Invalid route params", ErrorCodes2.VALIDATION_ERROR, parsed.error.flatten()), status);
+        }
+        validated.params = parsed.data;
+      }
+      if (schema.query) {
+        const parsed = schema.query.safeParse(c.req.query());
+        if (!parsed.success) {
+          return c.json(errorResponse("Invalid query params", ErrorCodes2.VALIDATION_ERROR, parsed.error.flatten()), status);
+        }
+        validated.query = parsed.data;
+      }
+      if (schema.body) {
+        let data = {};
+        const contentType = c.req.header("content-type") || "";
+        if (contentType.includes("application/json")) {
+          data = await c.req.json().catch(() => ({}));
+        } else if (contentType.includes("application/x-www-form-urlencoded") || contentType.includes("multipart/form-data")) {
+          data = await c.req.parseBody();
+        }
+        const parsed = schema.body.safeParse(data);
+        if (!parsed.success) {
+          return c.json(errorResponse("Invalid body", ErrorCodes2.VALIDATION_ERROR, parsed.error.flatten()), status);
+        }
+        validated.body = parsed.data;
+      }
+      c.valid = () => validated;
+      await next();
+    } catch (err) {
+      if (logErrors) console.error("Validation error:", err);
+      return c.json(errorResponse("Validation middleware failed", ErrorCodes2.INTERNAL_ERROR), 500);
+    }
+  };
+}
+function extendHonoWithValidation(app) {
+  const methods = ["get", "post", "put", "delete"];
+  for (const method of methods) {
+    app[`${method}Validated`] = function(path2, schema, handler, options) {
+      const middleware = createValidationMiddleware(schema, options);
+      this[method](path2, middleware, handler);
+      return this;
+    };
+  }
+}
+var ValidationFeature = class {
+  name = "validation";
+  async initialize(kernel) {
+    const app = kernel.getApp();
+    extendHonoWithValidation(app);
+    console.log("\u2705 Validation feature initialized");
+  }
+};
+
+// src/features/json-schema-validation.ts
+import Ajv from "ajv";
+import addErrors from "ajv-errors";
+import addFormats from "ajv-formats";
+function createAjvInstance(options = {}) {
+  const ajv = new Ajv({
+    allErrors: options.allErrors ?? true,
+    coerceTypes: options.coerceTypes ?? true,
+    verbose: true,
+    $data: true
+  });
+  addFormats(ajv);
+  addErrors(ajv);
+  return ajv;
+}
+function formatAjvErrors(errors) {
+  const result = { fields: {}, errors: [] };
+  if (!errors) return result;
+  for (const err of errors) {
+    let fieldPath;
+    if (err.instancePath) {
+      fieldPath = err.instancePath.replace(/^\//, "").replace(/\//g, ".");
+    } else if (err.params && "missingProperty" in err.params) {
+      fieldPath = err.params.missingProperty;
+    } else {
+      fieldPath = "_root";
+    }
+    const message = err.message || "Invalid value";
+    if (!result.fields[fieldPath]) {
+      result.fields[fieldPath] = [];
+    }
+    if (!result.fields[fieldPath].includes(message)) {
+      result.fields[fieldPath].push(message);
+    }
+    const formatted = fieldPath === "_root" ? message : `${fieldPath}: ${message}`;
+    if (!result.errors.includes(formatted)) {
+      result.errors.push(formatted);
+    }
+  }
+  return result;
+}
+function createJsonSchemaValidationMiddleware(schema, options = {}) {
+  const { logErrors = true, status = 400 } = options;
+  const ajv = createAjvInstance(options);
+  const validators = {
+    params: schema.params ? ajv.compile(schema.params) : null,
+    query: schema.query ? ajv.compile(schema.query) : null,
+    body: schema.body ? ajv.compile(schema.body) : null
+  };
+  return async (c, next) => {
+    try {
+      const validated = {};
+      if (validators.params) {
+        const data = { ...c.req.param() };
+        const valid = validators.params(data);
+        if (!valid) {
+          const details = formatAjvErrors(validators.params.errors);
+          return c.json(errorResponse("Invalid route params", ErrorCodes2.VALIDATION_ERROR, details), status);
+        }
+        validated.params = data;
+      }
+      if (validators.query) {
+        const data = { ...c.req.query() };
+        const valid = validators.query(data);
+        if (!valid) {
+          const details = formatAjvErrors(validators.query.errors);
+          return c.json(errorResponse("Invalid query params", ErrorCodes2.VALIDATION_ERROR, details), status);
+        }
+        validated.query = data;
+      }
+      if (validators.body) {
+        let data = {};
+        const contentType = c.req.header("content-type") || "";
+        if (contentType.includes("application/json")) {
+          data = await c.req.json().catch(() => ({}));
+        } else if (contentType.includes("application/x-www-form-urlencoded") || contentType.includes("multipart/form-data")) {
+          data = await c.req.parseBody();
+        }
+        const valid = validators.body(data);
+        if (!valid) {
+          const details = formatAjvErrors(validators.body.errors);
+          return c.json(errorResponse("Invalid body", ErrorCodes2.VALIDATION_ERROR, details), status);
+        }
+        validated.body = data;
+      }
+      c.valid = () => validated;
+      await next();
+    } catch (err) {
+      if (logErrors) console.error("JSON Schema validation error:", err);
+      return c.json(errorResponse("Validation middleware failed", ErrorCodes2.INTERNAL_ERROR), 500);
+    }
+  };
+}
+function extendHonoWithJsonSchemaValidation(app) {
+  const methods = ["get", "post", "put", "delete"];
+  for (const method of methods) {
+    app[`${method}JsonValidated`] = function(path2, schema, handler, options) {
+      const middleware = createJsonSchemaValidationMiddleware(schema, options);
+      this[method](path2, middleware, handler);
+      return this;
+    };
+  }
+}
+var JsonSchemaValidationFeature = class {
+  name = "json-schema-validation";
+  async initialize(kernel) {
+    const app = kernel.getApp();
+    extendHonoWithJsonSchemaValidation(app);
+    console.log("\u2705 JSON Schema validation feature initialized");
+  }
+};
+
+// src/features/openapi.ts
+import { OpenAPIHono as OpenAPIHono2, createRoute as createRoute2, z as z3 } from "@hono/zod-openapi";
+var OpenAPIFeature = class {
+  name = "openapi";
+  app;
+  config;
+  kernel;
+  autoGeneratedRoutes = [];
+  queuedRoutes = [];
+  constructor(config) {
+    this.config = config;
+  }
+  async initialize(kernel) {
+    this.kernel = kernel;
+    this.app = new OpenAPIHono2({
+      defaultHook: (result, c) => {
+        if (!result.success) {
+          return c.json(errorResponse("Validation Error", ErrorCodes2.VALIDATION_ERROR, result.error.flatten()), 400);
+        }
+      }
+    });
+    this.processQueuedRoutes();
+    console.log("\u2705 OpenAPIFeature initialized");
+  }
+  addRoute(route, handler) {
+    if (!this.app) {
+      this.queuedRoutes.push({ route, handler });
+      return;
+    }
+    this.app.openapi(createRoute2(route), handler);
+    this.autoGeneratedRoutes.push({
+      path: route.path,
+      method: route.method.toUpperCase(),
+      tags: route.tags || [],
+      summary: route.summary || ""
+    });
+  }
+  processQueuedRoutes() {
+    if (!this.app) return;
+    for (const { route, handler } of this.queuedRoutes) {
+      this.addRoute(route, handler);
+    }
+    this.queuedRoutes = [];
+  }
+  routes(app) {
+    if (this.app) {
+      app.route("/", this.app);
+    }
+    app.get("/openapi.json", (c) => {
+      if (!this.app) return c.json({ error: "OpenAPI not initialized" }, 500);
+      const spec = this.app.getOpenAPIDocument({
+        openapi: "3.1.0",
+        info: {
+          title: this.config.title,
+          version: this.config.version,
+          description: this.config.description || "API Documentation",
+          contact: this.config.contact,
+          license: this.config.license
+        },
+        servers: this.config.servers || [{ url: "http://localhost:8000", description: "Dev Server" }],
+        tags: this.config.tags || [],
+        externalDocs: this.config.externalDocs,
+        security: this.config.security
+      });
+      if (this.config.securitySchemes) {
+        if (!spec.components) spec.components = {};
+        spec.components.securitySchemes = this.config.securitySchemes;
+      }
+      return c.json(spec);
+    });
+    app.get("/docs", (c) => c.html(this.generateScalarHTML()));
+  }
+  generateScalarHTML() {
+    return `
+<!DOCTYPE html>
+<html>
+<head>
+    <title>${this.config.title} - API Documentation</title>
+    <meta charset="utf-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1" />
+    <style>body { margin: 0; padding: 0; }</style>
+</head>
+<body>
+    <script id="api-reference" data-url="/openapi.json" data-configuration='{"theme":"purple","layout":"modern","showSidebar":true}'></script>
+    <script src="https://cdn.jsdelivr.net/npm/@scalar/api-reference@latest"></script>
+</body>
+</html>`.trim();
+  }
+};
+
+// src/features/upload/helper.ts
+var UploadHelper = class {
+  constructor(storage, projectName) {
+    this.storage = storage;
+    this.projectName = projectName;
+    this.basePath = `${projectName}/`;
+  }
+  storage;
+  projectName;
+  basePath;
+  getBasePath() {
+    return this.basePath;
+  }
+  buildPath(filename, subfolder) {
+    if (subfolder) {
+      const normalized = subfolder.replace(/^\/+|\/+$/g, "");
+      return `${this.basePath}${normalized}/${filename}`;
+    }
+    return `${this.basePath}${filename}`;
+  }
+  async upload(filename, data, subfolder, options) {
+    const fullPath = this.buildPath(filename, subfolder);
+    const fileData = typeof data === "string" ? new TextEncoder().encode(data) : data;
+    const putOptions = options ? {
+      contentType: options.contentType,
+      metadata: options.metadata
+    } : void 0;
+    await this.storage.put(fullPath, fileData, putOptions);
+    return {
+      path: fullPath,
+      filename,
+      size: fileData.length,
+      uploadedAt: /* @__PURE__ */ new Date()
+    };
+  }
+  // uploadFromRequest: Not implementing raw request reading here to avoid Node/Bun specific request stream issues unless necessary
+  // or implementing simplified Version
+  async uploadFromRequest(request, fieldName, subfolder, options) {
+    const formData = await request.formData();
+    const file = formData.get(fieldName);
+    if (!file || !(file instanceof File)) throw new Error(`No file found in field: ${fieldName}`);
+    const data = new Uint8Array(await file.arrayBuffer());
+    const opts = { ...options, contentType: options?.contentType || file.type };
+    return this.upload(file.name, data, subfolder, opts);
+  }
+  async list(subfolder) {
+    const prefix = subfolder ? `${this.basePath}${subfolder.replace(/^\/+|\/+$/g, "")}/` : this.basePath;
+    return await this.storage.list(prefix);
+  }
+  async get(filename, subfolder) {
+    const fullPath = this.buildPath(filename, subfolder);
+    return await this.storage.get(fullPath);
+  }
+  async delete(filename, subfolder) {
+    const fullPath = this.buildPath(filename, subfolder);
+    await this.storage.delete(fullPath);
+  }
+  async getUrl(filename, subfolder, expiresIn) {
+    const fullPath = this.buildPath(filename, subfolder);
+    return await this.storage.url(fullPath, expiresIn);
+  }
+};
+
+// src/features/upload/index.ts
+var UploadFeature = class {
+  name = "upload";
+  dependencies = ["storage"];
+  helper;
+  config;
+  constructor(config) {
+    this.config = {
+      projectName: config.projectName,
+      maxFileSize: config.maxFileSize || 10 * 1024 * 1024,
+      allowedExtensions: config.allowedExtensions || [],
+      exposeRoutes: config.exposeRoutes || false,
+      routePrefix: config.routePrefix || "/upload"
+    };
+  }
+  async initialize(kernel) {
+    const storageFeature = kernel.getFeature("storage");
+    if (!storageFeature) throw new Error("Upload feature requires storage feature");
+    const storage = storageFeature.getAdapter();
+    if (!storage) throw new Error("Storage adapter not ready");
+    this.helper = new UploadHelper(storage, this.config.projectName);
+    const app = kernel.getApp();
+    app.use("*", async (c, next) => {
+      c.set("upload", this.helper);
+      await next();
+    });
+    console.log(`\u2705 Upload feature initialized: ${this.config.projectName}`);
+  }
+  routes(app) {
+    if (!this.config.exposeRoutes) return;
+    const prefix = this.config.routePrefix;
+    app.post(`${prefix}`, async (c) => {
+      const upload = c.get("upload");
+      try {
+        const subfolder = c.req.query("subfolder");
+        const formData = await c.req.formData();
+        const file = formData.get("file");
+        if (!file || !(file instanceof File)) return c.json({ error: "No file" }, 400);
+        if (file.size > this.config.maxFileSize) return c.json({ error: "File too large" }, 400);
+        if (this.config.allowedExtensions.length > 0) {
+          if (!this.config.allowedExtensions.some((e) => file.name.toLowerCase().endsWith(e))) {
+            return c.json({ error: "Invalid extension" }, 400);
+          }
+        }
+        const data = new Uint8Array(await file.arrayBuffer());
+        const result = await upload.upload(file.name, data, subfolder, { contentType: file.type });
+        return c.json({ success: true, ...result });
+      } catch (e) {
+        return c.json({ error: e.message }, 500);
+      }
+    });
+    app.get(`${prefix}`, async (c) => {
+      const upload = c.get("upload");
+      try {
+        const subfolder = c.req.query("subfolder");
+        const files = await upload.list(subfolder);
+        return c.json({ success: true, files });
+      } catch (e) {
+        return c.json({ error: e.message }, 500);
+      }
+    });
+    app.get(`${prefix}/*`, async (c) => {
+      const upload = c.get("upload");
+      try {
+        const filePath = c.req.path.replace(`${prefix}/`, "");
+        const segments = filePath.split("/");
+        const filename = segments.pop() || "";
+        const subfolder = segments.length > 0 ? segments.join("/") : void 0;
+        const data = await upload.get(filename, subfolder);
+        if (!data) {
+          return c.json({ error: "File not found" }, 404);
+        }
+        const ext = filename.split(".").pop()?.toLowerCase() || "";
+        const mimeTypes = {
+          jpg: "image/jpeg",
+          jpeg: "image/jpeg",
+          png: "image/png",
+          gif: "image/gif",
+          pdf: "application/pdf",
+          txt: "text/plain",
+          json: "application/json",
+          zip: "application/zip"
+        };
+        const contentType = mimeTypes[ext] || "application/octet-stream";
+        const body = new Uint8Array(data.length);
+        body.set(data);
+        return new Response(body, {
+          headers: {
+            "Content-Type": contentType,
+            "Content-Disposition": `inline; filename="${filename}"`,
+            "Content-Length": String(data.length)
+          }
+        });
+      } catch (e) {
+        return c.json({ error: e.message }, 500);
+      }
+    });
+    app.delete(`${prefix}/*`, async (c) => {
+      const upload = c.get("upload");
+      try {
+        const filePath = c.req.path.replace(`${prefix}/`, "");
+        const segments = filePath.split("/");
+        const filename = segments.pop() || "";
+        const subfolder = segments.length > 0 ? segments.join("/") : void 0;
+        await upload.delete(filename, subfolder);
+        return new Response(null, { status: 204 });
+      } catch (e) {
+        return c.json({ error: e.message }, 500);
+      }
+    });
+  }
+};
+
+// src/features/tracing.ts
+import { httpInstrumentationMiddleware } from "@hono/otel";
+var OtelTracingFeature = class {
+  name = "otel-tracing";
+  config;
+  constructor(config) {
+    if (!config.serviceName) {
+      throw new Error("serviceName is required for OtelTracingFeature");
+    }
+    this.config = config;
+  }
+  async initialize(kernel) {
+    const app = kernel.getApp();
+    const instrumentationConfig = {
+      serviceName: this.config.serviceName
+    };
+    if (this.config.serviceVersion) instrumentationConfig.serviceVersion = this.config.serviceVersion;
+    if (this.config.captureRequestHeaders) instrumentationConfig.captureRequestHeaders = this.config.captureRequestHeaders;
+    if (this.config.captureResponseHeaders) instrumentationConfig.captureResponseHeaders = this.config.captureResponseHeaders;
+    if (this.config.tracerProvider) instrumentationConfig.tracerProvider = this.config.tracerProvider;
+    if (this.config.meterProvider) instrumentationConfig.meterProvider = this.config.meterProvider;
+    if (this.config.tracer) instrumentationConfig.tracer = this.config.tracer;
+    if (this.config.spanNameFactory) instrumentationConfig.spanNameFactory = this.config.spanNameFactory;
+    if (this.config.getTime) instrumentationConfig.getTime = this.config.getTime;
+    app.use("*", httpInstrumentationMiddleware(instrumentationConfig));
+    console.log("\u2705 OpenTelemetry tracing feature initialized");
+  }
+};
+
+// src/features/email/index.ts
+var MockEmailAdapter = class {
+  async send(message) {
+    console.log("\u{1F4E7} [MOCK] Sent to", message.to, "Subject:", message.subject);
+    return { messageId: `mock-${Date.now()}`, success: true };
+  }
+  async sendTemplate(name, to, data) {
+    return this.send({ to, subject: `Template: ${name}`, html: `Template ${name} with data: ${JSON.stringify(data)}` });
+  }
+};
+var EmailFeature = class {
+  constructor(config) {
+    this.config = config;
+  }
+  config;
+  name = "email";
+  adapter;
+  async initialize(kernel) {
+    this.adapter = await this.createAdapter(this.config);
+    const app = kernel.getApp();
+    app.use("*", async (c, next) => {
+      if (this.adapter) c.set("email", this.adapter);
+      await next();
+    });
+    console.log(`\u2705 EmailFeature initialized (${this.config.provider})`);
+  }
+  async createAdapter(config) {
+    switch (config.provider) {
+      case "mock":
+        return new MockEmailAdapter();
+      case "smtp": {
+        const { SmtpEmailAdapter } = await import("./smtp-WJDLYKD5.js");
+        return new SmtpEmailAdapter(config);
+      }
+      case "sendgrid": {
+        const { SendGridEmailAdapter } = await import("./sendgrid-UK2GSBEF.js");
+        return new SendGridEmailAdapter(config);
+      }
+      case "mailgun": {
+        const { MailgunEmailAdapter } = await import("./mailgun-Z46GZJNI.js");
+        return new MailgunEmailAdapter(config);
+      }
+      default:
+        throw new Error(`Provider ${config.provider} not implemented`);
+    }
+  }
+  getAdapter() {
+    if (!this.adapter) throw new Error("Email not initialized");
+    return this.adapter;
+  }
+};
+export {
+  ApiKeyFeature,
+  ApiKeyStore,
+  AuthError,
+  AuthFeature,
+  BaseStorageAdapter,
+  CacheFeature,
+  ConflictError,
+  CorsFeature,
+  CsrfFeature,
+  DbFeature,
+  EmailFeature,
+  ErrorCodes2 as ErrorCodes,
+  ErrorHandlerFeature,
+  ForbiddenError,
+  HealthCheckFeature,
+  HttpError,
+  JsonSchemaValidationFeature,
+  Kernel,
+  LocalStorageAdapter,
+  LoggerFeature,
+  MockEmailAdapter,
+  NotFoundError,
+  OpenAPIFeature,
+  OpenAPIHono2 as OpenAPIHono,
+  OtelTracingFeature,
+  PermissionsFeature,
+  RateLimitFeature,
+  RequestIdFeature,
+  SessionFeature,
+  StorageFeature,
+  UploadFeature,
+  ValidationError,
+  ValidationFeature,
+  WebDriver,
+  WebPlugin,
+  createHttpError,
+  createJsonSchemaValidationMiddleware,
+  createRoute2 as createRoute,
+  createRouter,
+  createValidationMiddleware,
+  errorResponse,
+  formatAjvErrors,
+  requireApiKey,
+  requireAuth,
+  requireCsrf,
+  requirePermission,
+  requireRole,
+  requireScope,
+  successResponse,
+  z3 as z
+};
+//# sourceMappingURL=index.js.map