@jant/core 0.3.27 → 0.3.28

package/dist/routes/api/posts.js

@@ -1,218 +0,0 @@
-/**
- * Posts API Routes
- */ import { Hono } from "hono";
-import * as sqid from "../../lib/sqid.js";
-import { CreatePostSchema, UpdatePostSchema, validateMediaCount } from "../../lib/schemas.js";
-import { requireAuthApi } from "../../middleware/auth.js";
-import { getMediaUrl, getImageUrl, getPublicUrlForProvider } from "../../lib/image.js";
-export const postsApiRoutes = new Hono();
-/**
- * Converts a Media record to a MediaAttachment API response shape.
- */ function toMediaAttachment(m, r2PublicUrl, imageTransformUrl, s3PublicUrl) {
-    const publicUrl = getPublicUrlForProvider(m.provider, r2PublicUrl, s3PublicUrl);
-    const url = getMediaUrl(m.storageKey, publicUrl);
-    const previewUrl = getImageUrl(url, imageTransformUrl, {
-        width: 400,
-        quality: 80,
-        format: "auto",
-        fit: "cover"
-    });
-    return {
-        id: m.id,
-        url,
-        previewUrl,
-        alt: m.alt,
-        blurhash: m.blurhash,
-        width: m.width,
-        height: m.height,
-        position: m.position,
-        mimeType: m.mimeType
-    };
-}
-// List posts
-postsApiRoutes.get("/", async (c)=>{
-    const format = c.req.query("format");
-    const status = c.req.query("status");
-    const cursor = c.req.query("cursor");
-    const limit = parseInt(c.req.query("limit") ?? "100", 10);
-    const posts = await c.var.services.posts.list({
-        format,
-        status: status ?? "published",
-        cursor: cursor ? sqid.decode(cursor) ?? undefined : undefined,
-        limit
-    });
-    // Batch load media for all posts
-    const postIds = posts.map((p)=>p.id);
-    const mediaMap = await c.var.services.media.getByPostIds(postIds);
-    const r2PublicUrl = c.env.R2_PUBLIC_URL;
-    const imageTransformUrl = c.env.IMAGE_TRANSFORM_URL;
-    const s3PublicUrl = c.env.S3_PUBLIC_URL;
-    return c.json({
-        posts: posts.map((p)=>({
-                ...p,
-                sqid: sqid.encode(p.id),
-                mediaAttachments: (mediaMap.get(p.id) ?? []).map((m)=>toMediaAttachment(m, r2PublicUrl, imageTransformUrl, s3PublicUrl))
-            })),
-        nextCursor: posts.length === limit ? sqid.encode(posts[posts.length - 1]?.id ?? 0) : null
-    });
-});
-// Get single post
-postsApiRoutes.get("/:id", async (c)=>{
-    const id = sqid.decode(c.req.param("id"));
-    if (!id) return c.json({
-        error: "Invalid ID"
-    }, 400);
-    const post = await c.var.services.posts.getById(id);
-    if (!post) return c.json({
-        error: "Not found"
-    }, 404);
-    const mediaList = await c.var.services.media.getByPostId(post.id);
-    const r2PublicUrl = c.env.R2_PUBLIC_URL;
-    const imageTransformUrl = c.env.IMAGE_TRANSFORM_URL;
-    const s3PublicUrl = c.env.S3_PUBLIC_URL;
-    return c.json({
-        ...post,
-        sqid: sqid.encode(post.id),
-        mediaAttachments: mediaList.map((m)=>toMediaAttachment(m, r2PublicUrl, imageTransformUrl, s3PublicUrl))
-    });
-});
-// Create post (requires auth)
-postsApiRoutes.post("/", requireAuthApi(), async (c)=>{
-    const rawBody = await c.req.json();
-    // Validate request body
-    const parseResult = CreatePostSchema.safeParse(rawBody);
-    if (!parseResult.success) {
-        return c.json({
-            error: "Validation failed",
-            details: parseResult.error.flatten()
-        }, 400);
-    }
-    const body = parseResult.data;
-    // Validate media count
-    if (body.mediaIds) {
-        const mediaError = validateMediaCount(body.mediaIds);
-        if (mediaError) {
-            return c.json({
-                error: mediaError
-            }, 400);
-        }
-        // Verify all media IDs exist
-        if (body.mediaIds.length > 0) {
-            const existing = await c.var.services.media.getByIds(body.mediaIds);
-            if (existing.length !== body.mediaIds.length) {
-                return c.json({
-                    error: "One or more media IDs are invalid"
-                }, 400);
-            }
-        }
-    }
-    const post = await c.var.services.posts.create({
-        format: body.format,
-        title: body.title,
-        body: body.body,
-        path: body.path || undefined,
-        status: body.status,
-        featured: body.featured,
-        pinned: body.pinned,
-        url: body.url || undefined,
-        quoteText: body.quoteText,
-        rating: body.rating || undefined,
-        collectionId: body.collectionId || undefined,
-        replyToId: body.replyToId ? sqid.decode(body.replyToId) ?? undefined : undefined,
-        publishedAt: body.publishedAt
-    });
-    // Attach media
-    if (body.mediaIds && body.mediaIds.length > 0) {
-        await c.var.services.media.attachToPost(post.id, body.mediaIds);
-    }
-    const mediaList = await c.var.services.media.getByPostId(post.id);
-    const r2PublicUrl = c.env.R2_PUBLIC_URL;
-    const imageTransformUrl = c.env.IMAGE_TRANSFORM_URL;
-    const s3PublicUrl = c.env.S3_PUBLIC_URL;
-    return c.json({
-        ...post,
-        sqid: sqid.encode(post.id),
-        mediaAttachments: mediaList.map((m)=>toMediaAttachment(m, r2PublicUrl, imageTransformUrl, s3PublicUrl))
-    }, 201);
-});
-// Update post (requires auth)
-postsApiRoutes.put("/:id", requireAuthApi(), async (c)=>{
-    const id = sqid.decode(c.req.param("id"));
-    if (!id) return c.json({
-        error: "Invalid ID"
-    }, 400);
-    const rawBody = await c.req.json();
-    // Validate request body
-    const parseResult = UpdatePostSchema.safeParse(rawBody);
-    if (!parseResult.success) {
-        return c.json({
-            error: "Validation failed",
-            details: parseResult.error.flatten()
-        }, 400);
-    }
-    const body = parseResult.data;
-    // Validate media count if mediaIds is provided
-    if (body.mediaIds !== undefined) {
-        const mediaError = validateMediaCount(body.mediaIds);
-        if (mediaError) {
-            return c.json({
-                error: mediaError
-            }, 400);
-        }
-        // Verify all media IDs exist
-        if (body.mediaIds.length > 0) {
-            const existing = await c.var.services.media.getByIds(body.mediaIds);
-            if (existing.length !== body.mediaIds.length) {
-                return c.json({
-                    error: "One or more media IDs are invalid"
-                }, 400);
-            }
-        }
-    }
-    const post = await c.var.services.posts.update(id, {
-        format: body.format,
-        title: body.title,
-        body: body.body,
-        path: body.path,
-        status: body.status,
-        featured: body.featured,
-        pinned: body.pinned,
-        url: body.url,
-        quoteText: body.quoteText,
-        rating: body.rating || undefined,
-        collectionId: body.collectionId || undefined,
-        publishedAt: body.publishedAt
-    });
-    if (!post) return c.json({
-        error: "Not found"
-    }, 404);
-    // Update media attachments if provided (including empty array to clear)
-    if (body.mediaIds !== undefined) {
-        await c.var.services.media.attachToPost(post.id, body.mediaIds);
-    }
-    const mediaList = await c.var.services.media.getByPostId(post.id);
-    const r2PublicUrl = c.env.R2_PUBLIC_URL;
-    const imageTransformUrl = c.env.IMAGE_TRANSFORM_URL;
-    const s3PublicUrl = c.env.S3_PUBLIC_URL;
-    return c.json({
-        ...post,
-        sqid: sqid.encode(post.id),
-        mediaAttachments: mediaList.map((m)=>toMediaAttachment(m, r2PublicUrl, imageTransformUrl, s3PublicUrl))
-    });
-});
-// Delete post (requires auth)
-postsApiRoutes.delete("/:id", requireAuthApi(), async (c)=>{
-    const id = sqid.decode(c.req.param("id"));
-    if (!id) return c.json({
-        error: "Invalid ID"
-    }, 400);
-    // Detach media before deleting
-    await c.var.services.media.detachFromPost(id);
-    const success = await c.var.services.posts.delete(id);
-    if (!success) return c.json({
-        error: "Not found"
-    }, 404);
-    return c.json({
-        success: true
-    });
-});

package/dist/routes/api/search.js

@@ -1,48 +0,0 @@
-/**
- * Search API Routes
- */ import { Hono } from "hono";
-import * as sqid from "../../lib/sqid.js";
-export const searchApiRoutes = new Hono();
-// Search posts
-searchApiRoutes.get("/", async (c)=>{
-    const query = c.req.query("q");
-    if (!query || query.trim().length === 0) {
-        return c.json({
-            error: "Query parameter 'q' is required"
-        }, 400);
-    }
-    if (query.length > 200) {
-        return c.json({
-            error: "Query too long"
-        }, 400);
-    }
-    const limitParam = c.req.query("limit");
-    const limit = limitParam ? Math.min(parseInt(limitParam, 10) || 20, 50) : 20;
-    try {
-        const results = await c.var.services.search.search(query, {
-            limit,
-            status: [
-                "published"
-            ]
-        });
-        return c.json({
-            query,
-            results: results.map((r)=>({
-                    id: sqid.encode(r.post.id),
-                    format: r.post.format,
-                    title: r.post.title,
-                    path: r.post.path,
-                    snippet: r.snippet,
-                    publishedAt: r.post.publishedAt,
-                    url: r.post.path ? `/${r.post.path}` : `/p/${sqid.encode(r.post.id)}`
-                })),
-            count: results.length
-        });
-    } catch (err) {
-        // eslint-disable-next-line no-console -- Error logging is intentional
-        console.error("Search error:", err);
-        return c.json({
-            error: "Search failed"
-        }, 500);
-    }
-});

package/dist/routes/api/settings.js

@@ -1,68 +0,0 @@
-/**
- * Settings API Routes
- */ import { Hono } from "hono";
-import { requireAuthApi } from "../../middleware/auth.js";
-import { CONFIG_FIELDS } from "../../types.js";
-import { z } from "zod";
-export const settingsApiRoutes = new Hono();
-/** Config keys that can be modified via the settings API */ const editableKeys = Object.entries(CONFIG_FIELDS).filter(([, field])=>!field.envOnly).map(([key])=>key);
-const UpdateSettingsSchema = z.record(z.string(), z.string());
-// Get all settings (requires auth)
-settingsApiRoutes.get("/", requireAuthApi(), async (c)=>{
-    const allSettings = await c.var.services.settings.getAll();
-    // Include default values for editable keys not yet stored in DB
-    const result = {};
-    for (const key of editableKeys){
-        result[key] = allSettings[key] ?? CONFIG_FIELDS[key].defaultValue;
-    }
-    return c.json({
-        settings: result
-    });
-});
-// Update settings (requires auth)
-settingsApiRoutes.put("/", requireAuthApi(), async (c)=>{
-    const rawBody = await c.req.json();
-    const parseResult = UpdateSettingsSchema.safeParse(rawBody);
-    if (!parseResult.success) {
-        return c.json({
-            error: "Validation failed",
-            details: parseResult.error.flatten()
-        }, 400);
-    }
-    const updates = parseResult.data;
-    // Filter to only editable keys
-    const filteredUpdates = {};
-    const rejectedKeys = [];
-    for (const [key, value] of Object.entries(updates)){
-        if (editableKeys.includes(key)) {
-            filteredUpdates[key] = value;
-        } else {
-            rejectedKeys.push(key);
-        }
-    }
-    if (rejectedKeys.length > 0 && Object.keys(filteredUpdates).length === 0) {
-        return c.json({
-            error: "None of the provided keys are editable",
-            rejectedKeys
-        }, 400);
-    }
-    if (Object.keys(filteredUpdates).length > 0) {
-        // Settings service expects SettingsKey, but our ConfigKeys that are
-        // editable (SITE_NAME, SITE_DESCRIPTION, SITE_LANGUAGE) are valid SettingsKeys
-        for (const [key, value] of Object.entries(filteredUpdates)){
-            await c.var.services.settings.set(key, value);
-        }
-    }
-    // Return updated state
-    const allSettings = await c.var.services.settings.getAll();
-    const result = {};
-    for (const key of editableKeys){
-        result[key] = allSettings[key] ?? CONFIG_FIELDS[key].defaultValue;
-    }
-    return c.json({
-        settings: result,
-        ...rejectedKeys.length > 0 && {
-            rejectedKeys
-        }
-    });
-});

package/dist/routes/api/upload.js

@@ -1,246 +0,0 @@
-/**
- * Upload API Routes
- *
- * Handles file uploads to R2 storage.
- * Supports both JSON and SSE (Datastar) responses.
- */ import { Hono } from "hono";
-import { html } from "hono/html";
-import { uuidv7 } from "uuidv7";
-import { requireAuthApi } from "../../middleware/auth.js";
-import { getMediaUrl, getImageUrl, getPublicUrlForProvider } from "../../lib/image.js";
-import { sse } from "../../lib/sse.js";
-export const uploadApiRoutes = new Hono();
-// Require auth for all upload routes
-uploadApiRoutes.use("*", requireAuthApi());
-/**
- * Render a media card HTML string for SSE response
- */ function renderMediaCard(media, publicUrl, imageTransformUrl) {
-    const fullUrl = getMediaUrl(media.storageKey, publicUrl);
-    const thumbnailUrl = getImageUrl(fullUrl, imageTransformUrl, {
-        width: 300,
-        quality: 80,
-        format: "auto",
-        fit: "cover"
-    });
-    const isImage = media.mimeType.startsWith("image/");
-    const displayName = media.alt || media.originalName;
-    const sizeStr = formatSize(media.size);
-    if (isImage) {
-        return html`
-      <div class="group relative" data-media-id="${media.id}">
-        <button
-          type="button"
-          class="block w-full aspect-square bg-muted rounded-lg overflow-hidden border hover:border-primary cursor-pointer"
-          onclick="document.getElementById('lightbox-img').src = '${fullUrl}'; document.getElementById('lightbox').showModal()"
-        >
-          <img
-            src="${thumbnailUrl}"
-            alt="${displayName}"
-            class="w-full h-full object-cover"
-            loading="lazy"
-          />
-        </button>
-        <a
-          href="/dash/media/${media.id}"
-          class="block mt-2 text-xs truncate hover:underline"
-          title="${media.originalName}"
-        >
-          ${media.originalName}
-        </a>
-        <div class="text-xs text-muted-foreground">${sizeStr}</div>
-      </div>
-    `.toString();
-    }
-    return html`
-    <div class="group relative" data-media-id="${media.id}">
-      <a
-        href="/dash/media/${media.id}"
-        class="block aspect-square bg-muted rounded-lg overflow-hidden border hover:border-primary"
-      >
-        <div
-          class="w-full h-full flex items-center justify-center text-muted-foreground"
-        >
-          <span class="text-xs">${media.mimeType}</span>
-        </div>
-      </a>
-      <a
-        href="/dash/media/${media.id}"
-        class="block mt-2 text-xs truncate hover:underline"
-        title="${media.originalName}"
-      >
-        ${media.originalName}
-      </a>
-      <div class="text-xs text-muted-foreground">${sizeStr}</div>
-    </div>
-  `.toString();
-}
-function formatSize(bytes) {
-    if (bytes < 1024) return `${bytes} B`;
-    if (bytes < 1024 * 1024) return `${(bytes / 1024).toFixed(1)} KB`;
-    return `${(bytes / (1024 * 1024)).toFixed(1)} MB`;
-}
-/**
- * Check if request wants SSE response (from Datastar)
- */ function wantsSSE(c) {
-    const accept = c.req.header("accept") || "";
-    return accept.includes("text/event-stream");
-}
-/**
- * Return an SSE error response that removes the upload placeholder and shows a toast
- */ function sseUploadError(c, message) {
-    return sse(c, async (stream)=>{
-        await stream.remove("#upload-placeholder");
-        await stream.toast(message, "error");
-    });
-}
-// Upload a file
-uploadApiRoutes.post("/", async (c)=>{
-    const storage = c.var.storage;
-    if (!storage) {
-        if (wantsSSE(c)) {
-            return sseUploadError(c, "Storage not configured");
-        }
-        return c.json({
-            error: "Storage not configured"
-        }, 500);
-    }
-    const formData = await c.req.formData();
-    const file = formData.get("file");
-    if (!file) {
-        if (wantsSSE(c)) {
-            return sseUploadError(c, "No file provided");
-        }
-        return c.json({
-            error: "No file provided"
-        }, 400);
-    }
-    // Validate file type
-    const allowedTypes = [
-        "image/jpeg",
-        "image/png",
-        "image/gif",
-        "image/webp",
-        "image/svg+xml"
-    ];
-    if (!allowedTypes.includes(file.type)) {
-        if (wantsSSE(c)) {
-            return sseUploadError(c, "File type not allowed");
-        }
-        return c.json({
-            error: "File type not allowed"
-        }, 400);
-    }
-    // Validate file size (max 10MB)
-    const maxSize = 10 * 1024 * 1024;
-    if (file.size > maxSize) {
-        if (wantsSSE(c)) {
-            return sseUploadError(c, "File too large (max 10MB)");
-        }
-        return c.json({
-            error: "File too large (max 10MB)"
-        }, 400);
-    }
-    // Generate unique filename using UUIDv7
-    const ext = file.name.split(".").pop() || "bin";
-    const id = uuidv7();
-    const date = new Date();
-    const year = date.getUTCFullYear();
-    const month = String(date.getUTCMonth() + 1).padStart(2, "0");
-    const filename = `${id}.${ext}`;
-    const storageKey = `media/${year}/${month}/${filename}`;
-    try {
-        // Upload to storage
-        await storage.put(storageKey, file.stream(), {
-            contentType: file.type
-        });
-        // Save to database
-        const media = await c.var.services.media.create({
-            id,
-            filename,
-            originalName: file.name,
-            mimeType: file.type,
-            size: file.size,
-            storageKey,
-            provider: c.env.STORAGE_DRIVER || "r2"
-        });
-        // SSE response for Datastar
-        if (wantsSSE(c)) {
-            const provider = c.env.STORAGE_DRIVER || "r2";
-            const mediaPublicUrl = getPublicUrlForProvider(provider, c.env.R2_PUBLIC_URL, c.env.S3_PUBLIC_URL);
-            const cardHtml = renderMediaCard(media, mediaPublicUrl, c.env.IMAGE_TRANSFORM_URL);
-            return sse(c, async (stream)=>{
-                // Replace placeholder with real media card
-                await stream.patchElements(cardHtml, {
-                    mode: "outer",
-                    selector: "#upload-placeholder"
-                });
-                await stream.toast("Upload successful!");
-            });
-        }
-        // JSON response for API clients
-        const provider = c.env.STORAGE_DRIVER || "r2";
-        const mediaPublicUrl = getPublicUrlForProvider(provider, c.env.R2_PUBLIC_URL, c.env.S3_PUBLIC_URL);
-        const publicUrl = getMediaUrl(storageKey, mediaPublicUrl);
-        return c.json({
-            id: media.id,
-            filename: media.filename,
-            url: publicUrl,
-            mimeType: media.mimeType,
-            size: media.size
-        });
-    } catch (err) {
-        // eslint-disable-next-line no-console -- Error logging is intentional
-        console.error("Upload error:", err);
-        if (wantsSSE(c)) {
-            return sse(c, async (stream)=>{
-                await stream.remove("#upload-placeholder");
-                await stream.toast("Upload failed. Please try again.", "error");
-            });
-        }
-        return c.json({
-            error: "Upload failed"
-        }, 500);
-    }
-});
-// List uploaded files (JSON only)
-uploadApiRoutes.get("/", async (c)=>{
-    const limit = parseInt(c.req.query("limit") ?? "50", 10);
-    const mediaList = await c.var.services.media.list(limit);
-    const r2PublicUrl = c.env.R2_PUBLIC_URL;
-    const s3PublicUrl = c.env.S3_PUBLIC_URL;
-    return c.json({
-        media: mediaList.map((m)=>({
-                id: m.id,
-                filename: m.filename,
-                url: getMediaUrl(m.storageKey, getPublicUrlForProvider(m.provider, r2PublicUrl, s3PublicUrl)),
-                mimeType: m.mimeType,
-                size: m.size,
-                createdAt: m.createdAt
-            }))
-    });
-});
-// Delete a file
-uploadApiRoutes.delete("/:id", async (c)=>{
-    const id = c.req.param("id");
-    const media = await c.var.services.media.getById(id);
-    if (!media) {
-        return c.json({
-            error: "Not found"
-        }, 404);
-    }
-    // Delete from storage
-    const storage = c.var.storage;
-    if (storage) {
-        try {
-            await storage.delete(media.storageKey);
-        } catch (err) {
-            // eslint-disable-next-line no-console -- Error logging is intentional
-            console.error("Storage delete error:", err);
-        }
-    }
-    // Delete from database
-    await c.var.services.media.delete(id);
-    return c.json({
-        success: true
-    });
-});