@kaikybrofc/omnizap-system 2.2.4 → 2.2.6

package/app/modules/stickerPackModule/stickerPackCatalogHttp.js

@@ -1,6 +1,7 @@
 import fs from 'node:fs/promises';
 import path from 'node:path';
 import { createHash, randomBytes, randomUUID, scryptSync, timingSafeEqual } from 'node:crypto';
+import { URL, URLSearchParams } from 'node:url';
 import axios from 'axios';
 
 import { executeQuery, pool, TABLES } from '../../../database/index.js';
@@ -64,6 +65,8 @@ import {
   buildViewerTagAffinity,
   computePackSignals,
 } from './stickerPackMarketplaceService.js';
+import { listStickerPackScoreSnapshotsByPackIds } from './stickerPackScoreSnapshotRepository.js';
+import { createCatalogApiRouter } from './catalogRouter.js';
 import {
   buildAdminMenu,
   buildAiMenu,
@@ -75,11 +78,17 @@ import {
   buildStickerMenu,
 } from '../menuModule/common.js';
 import { getMarketplaceDriftSnapshot } from './stickerMarketplaceDriftService.js';
-import { getStickerStorageConfig, readStickerAssetBuffer, saveStickerAssetFromBuffer } from './stickerStorageService.js';
+import {
+  getStickerAssetExternalUrl,
+  getStickerStorageConfig,
+  readStickerAssetBuffer,
+  saveStickerAssetFromBuffer,
+} from './stickerStorageService.js';
 import { convertToWebp } from '../stickerModule/convertToWebp.js';
 import { sanitizeText } from './stickerPackUtils.js';
 import stickerPackService from './stickerPackServiceRuntime.js';
 import { STICKER_PACK_ERROR_CODES, StickerPackError } from './stickerPackErrors.js';
+import { isFeatureEnabled } from '../../services/featureFlagService.js';
 
 const parseEnvBool = (value, fallback) => {
   if (value === undefined || value === null || value === '') return fallback;
@@ -148,6 +157,7 @@ const STICKER_LOGIN_WEB_PATH = normalizeBasePath(process.env.STICKER_LOGIN_WEB_P
 const USER_PROFILE_WEB_PATH = normalizeBasePath(process.env.USER_PROFILE_WEB_PATH, '/user');
 const STICKER_DATA_PUBLIC_PATH = normalizeBasePath(process.env.STICKER_DATA_PUBLIC_PATH, '/data');
 const STICKER_DATA_PUBLIC_DIR = path.resolve(process.env.STICKER_DATA_PUBLIC_DIR || path.join(process.cwd(), 'data'));
+const STICKER_WEB_ASSET_VERSION = sanitizeText(process.env.STICKER_WEB_ASSET_VERSION || '', 64, { allowEmpty: true }) || '';
 const CATALOG_PUBLIC_DIR = path.resolve(process.cwd(), 'public');
 const CATALOG_TEMPLATE_PATH = path.join(CATALOG_PUBLIC_DIR, 'stickers', 'index.html');
 const CREATE_PACK_TEMPLATE_PATH = path.join(CATALOG_PUBLIC_DIR, 'stickers', 'create', 'index.html');
@@ -162,7 +172,19 @@ const MAX_ORPHAN_LIST_LIMIT = clampInt(process.env.STICKER_ORPHAN_LIST_MAX_LIMIT
 const DEFAULT_DATA_LIST_LIMIT = clampInt(process.env.STICKER_DATA_LIST_LIMIT, 50, 1, 200);
 const MAX_DATA_LIST_LIMIT = clampInt(process.env.STICKER_DATA_LIST_MAX_LIMIT, 200, 1, 500);
 const MAX_DATA_SCAN_FILES = clampInt(process.env.STICKER_DATA_SCAN_MAX_FILES, 10000, 100, 50000);
-const ASSET_CACHE_SECONDS = clampInt(process.env.STICKER_WEB_ASSET_CACHE_SECONDS, 60 * 10, 0, 60 * 60 * 24 * 7);
+const ASSET_CACHE_SECONDS = clampInt(
+  process.env.STICKER_WEB_ASSET_CACHE_SECONDS,
+  60 * 60 * 24 * 30,
+  60 * 60,
+  60 * 60 * 24 * 365,
+);
+const STATIC_TEXT_CACHE_SECONDS = clampInt(process.env.STICKER_WEB_STATIC_TEXT_CACHE_SECONDS, 60 * 60, 60, 60 * 60 * 24 * 30);
+const IMMUTABLE_ASSET_CACHE_SECONDS = clampInt(
+  process.env.STICKER_WEB_IMMUTABLE_ASSET_CACHE_SECONDS,
+  60 * 60 * 24 * 365,
+  60 * 60,
+  60 * 60 * 24 * 365,
+);
 const STICKER_WEB_WHATSAPP_MESSAGE_TEMPLATE =
   String(process.env.STICKER_WEB_WHATSAPP_MESSAGE_TEMPLATE || '/pack send {{pack_key}}').trim() ||
   '/pack send {{pack_key}}';
@@ -203,6 +225,19 @@ const GITHUB_REPOSITORY = String(process.env.GITHUB_REPOSITORY || 'Kaikygr/omniz
 const GITHUB_TOKEN = String(process.env.GITHUB_TOKEN || '').trim();
 const GITHUB_PROJECT_CACHE_SECONDS = clampInt(process.env.GITHUB_PROJECT_CACHE_SECONDS, 300, 30, 3600);
 const GLOBAL_RANK_REFRESH_SECONDS = clampInt(process.env.GLOBAL_RANK_REFRESH_SECONDS, 600, 60, 3600);
+const CATALOG_LIST_CACHE_SECONDS = clampInt(process.env.STICKER_CATALOG_LIST_CACHE_SECONDS, 90, 15, 900);
+const CATALOG_CREATOR_RANKING_CACHE_SECONDS = clampInt(
+  process.env.STICKER_CATALOG_CREATOR_RANKING_CACHE_SECONDS,
+  120,
+  15,
+  900,
+);
+const CATALOG_PACK_PAYLOAD_CACHE_SECONDS = clampInt(
+  process.env.STICKER_CATALOG_PACK_PAYLOAD_CACHE_SECONDS,
+  300,
+  30,
+  1800,
+);
 const MARKETPLACE_GLOBAL_STATS_API_PATH = '/api/marketplace/stats';
 const MARKETPLACE_GLOBAL_STATS_CACHE_SECONDS = clampInt(process.env.MARKETPLACE_GLOBAL_STATS_CACHE_SECONDS, 45, 30, 60);
 const HOME_MARKETPLACE_STATS_CACHE_SECONDS = clampInt(process.env.HOME_MARKETPLACE_STATS_CACHE_SECONDS, 45, 10, 300);
@@ -218,6 +253,14 @@ const SITE_CANONICAL_REDIRECT_ENABLED = parseEnvBool(process.env.SITE_CANONICAL_
 const SITE_ORIGIN = String(process.env.SITE_ORIGIN || `${SITE_CANONICAL_SCHEME}://${SITE_CANONICAL_HOST}`)
   .trim()
   .replace(/\/+$/, '');
+const SITE_COOKIE_DOMAIN = String(process.env.SITE_COOKIE_DOMAIN || SITE_CANONICAL_HOST)
+  .trim()
+  .toLowerCase()
+  .replace(/^https?:\/\//, '')
+  .split('/')[0]
+  .split(':')[0]
+  .replace(/^\.+/, '')
+  .replace(/\.+$/, '');
 const SITEMAP_MAX_PACKS = clampInt(process.env.STICKER_SITEMAP_MAX_PACKS, 45000, 100, 50000);
 const SITEMAP_CACHE_SECONDS = clampInt(process.env.STICKER_SITEMAP_CACHE_SECONDS, 180, 30, 3600);
 const SEO_DISCOVERY_LINK_LIMIT = clampInt(process.env.STICKER_SEO_DISCOVERY_LINK_LIMIT, 60, 10, 200);
@@ -295,6 +338,9 @@ const MARKETPLACE_GLOBAL_STATS_CACHE = {
   pending: null,
 };
 const HOME_MARKETPLACE_STATS_CACHE = new Map();
+const CATALOG_LIST_CACHE = new Map();
+const CATALOG_CREATOR_RANKING_CACHE = new Map();
+const CATALOG_PACK_PAYLOAD_CACHE = new Map();
 const SYSTEM_SUMMARY_CACHE = {
   expiresAt: 0,
   value: null,
@@ -324,6 +370,69 @@ const formatDuration = (totalSeconds) => {
   return days > 0 ? `${days}d ${hhmmss}` : hhmmss;
 };
 
+const buildCacheKey = (parts) => JSON.stringify(parts);
+
+const getCacheBucket = (cacheMap, key) => {
+  let bucket = cacheMap.get(key);
+  if (!bucket) {
+    bucket = {
+      expiresAt: 0,
+      value: null,
+      pending: null,
+    };
+    cacheMap.set(key, bucket);
+  }
+  return bucket;
+};
+
+const getCachedSnapshot = async ({
+  cacheMap,
+  key,
+  ttlSeconds,
+  staleWhileRefresh = true,
+  staleOnError = true,
+  load,
+}) => {
+  const bucket = getCacheBucket(cacheMap, key);
+  const now = Date.now();
+  const hasValue = bucket.value !== null;
+  const hasFreshValue = hasValue && now < bucket.expiresAt;
+
+  if (hasFreshValue) {
+    return bucket.value;
+  }
+
+  if (!bucket.pending) {
+    bucket.pending = Promise.resolve()
+      .then(load)
+      .then((value) => {
+        bucket.value = value;
+        bucket.expiresAt = Date.now() + ttlSeconds * 1000;
+        return value;
+      })
+      .finally(() => {
+        bucket.pending = null;
+      });
+  }
+
+  if (hasValue && staleWhileRefresh) {
+    return bucket.value;
+  }
+
+  try {
+    return await bucket.pending;
+  } catch (error) {
+    if (hasValue && staleOnError) return bucket.value;
+    throw error;
+  }
+};
+
+const canUseRankingSnapshotRead = async (subjectKey = 'catalog') =>
+  isFeatureEnabled('enable_ranking_snapshot_read', {
+    fallback: true,
+    subjectKey,
+  });
+
 const sendJson = (req, res, statusCode, payload) => {
   const body = JSON.stringify(payload);
   res.statusCode = statusCode;
@@ -362,6 +471,22 @@ const toRequestHost = (req) =>
     .replace(/\.$/, '')
     .split(':')[0];
 
+const isIpLiteralHost = (value) => {
+  const host = String(value || '').trim().toLowerCase();
+  if (!host) return false;
+  if (/^\d{1,3}(?:\.\d{1,3}){3}$/.test(host)) return true;
+  return host.includes(':');
+};
+
+const resolveCookieDomainForRequest = (req) => {
+  if (!SITE_COOKIE_DOMAIN || isIpLiteralHost(SITE_COOKIE_DOMAIN)) return '';
+  const requestHost = toRequestHost(req);
+  if (!requestHost || isIpLiteralHost(requestHost) || requestHost === 'localhost') return '';
+  if (requestHost === SITE_COOKIE_DOMAIN) return SITE_COOKIE_DOMAIN;
+  if (requestHost.endsWith(`.${SITE_COOKIE_DOMAIN}`)) return SITE_COOKIE_DOMAIN;
+  return '';
+};
+
 const maybeRedirectToCanonicalHost = (req, res, url) => {
   if (!SITE_CANONICAL_REDIRECT_ENABLED) return false;
   if (!['GET', 'HEAD'].includes(req.method || '')) return false;
@@ -395,6 +520,33 @@ const parseCookies = (req) => {
   }, {});
 };
 
+const getCookieValuesFromRequest = (req, cookieName) => {
+  const target = String(cookieName || '').trim();
+  if (!target) return [];
+  const raw = String(req?.headers?.cookie || '');
+  if (!raw) return [];
+
+  const values = [];
+  for (const chunk of raw.split(';')) {
+    const trimmed = String(chunk || '').trim();
+    if (!trimmed) continue;
+    const separatorIndex = trimmed.indexOf('=');
+    if (separatorIndex <= 0) continue;
+    const key = trimmed.slice(0, separatorIndex).trim();
+    if (key !== target) continue;
+    const encodedValue = trimmed.slice(separatorIndex + 1).trim();
+    if (!encodedValue) continue;
+    let decodedValue = encodedValue;
+    try {
+      decodedValue = decodeURIComponent(encodedValue);
+    } catch {}
+    const normalizedValue = String(decodedValue || '').trim();
+    if (!normalizedValue) continue;
+    if (!values.includes(normalizedValue)) values.push(normalizedValue);
+  }
+  return values;
+};
+
 const isRequestSecure = (req) => {
   const proto = String(req?.headers?.['x-forwarded-proto'] || '').split(',')[0].trim().toLowerCase();
   if (proto) return proto === 'https';
@@ -503,6 +655,11 @@ const runSqlTransaction = async (handler) => {
 const buildCookieString = (name, value, req, options = {}) => {
   const parts = [`${name}=${encodeURIComponent(String(value ?? ''))}`];
   parts.push(`Path=${options.path || '/'}`);
+  const cookieDomain =
+    options.domain === false
+      ? ''
+      : String(options.domain || resolveCookieDomainForRequest(req)).trim();
+  if (cookieDomain) parts.push(`Domain=${cookieDomain}`);
   if (options.httpOnly !== false) parts.push('HttpOnly');
   parts.push(`SameSite=${options.sameSite || 'Lax'}`);
   if (isRequestSecure(req)) parts.push('Secure');
@@ -914,11 +1071,16 @@ const pruneExpiredGoogleSessions = () => {
   }
 };
 
-const getGoogleWebSessionTokenFromRequest = (req) => {
+const getGoogleWebSessionTokensFromRequest = (req) => {
+  const direct = getCookieValuesFromRequest(req, GOOGLE_WEB_SESSION_COOKIE_NAME);
+  if (direct.length > 0) return direct;
   const cookies = parseCookies(req);
-  return String(cookies[GOOGLE_WEB_SESSION_COOKIE_NAME] || '').trim();
+  const fallback = String(cookies[GOOGLE_WEB_SESSION_COOKIE_NAME] || '').trim();
+  return fallback ? [fallback] : [];
 };
 
+const getGoogleWebSessionTokenFromRequest = (req) => getGoogleWebSessionTokensFromRequest(req)[0] || '';
+
 const normalizeGoogleWebSessionRow = (row) => {
   if (!row || typeof row !== 'object') return null;
   const token = String(row.session_token || '').trim();
@@ -1574,6 +1736,8 @@ const pruneExpiredAdminPanelSessions = () => {
 };
 
 const getAdminPanelSessionTokenFromRequest = (req) => {
+  const direct = getCookieValuesFromRequest(req, ADMIN_PANEL_SESSION_COOKIE_NAME);
+  if (direct.length > 0) return direct[0];
   const cookies = parseCookies(req);
   return String(cookies[ADMIN_PANEL_SESSION_COOKIE_NAME] || '').trim();
 };
@@ -1585,6 +1749,14 @@ const clearAdminPanelSessionCookie = (req, res) => {
       maxAgeSeconds: 0,
     }),
   );
+  // Also clear host-only variant (legacy cookie written without Domain).
+  appendSetCookie(
+    res,
+    buildCookieString(ADMIN_PANEL_SESSION_COOKIE_NAME, '', req, {
+      maxAgeSeconds: 0,
+      domain: false,
+    }),
+  );
 };
 
 const createAdminPanelSession = (googleSession, { role = 'owner' } = {}) => {
@@ -1732,61 +1904,67 @@ const activateGoogleWebSession = (session) => {
 
 const resolveGoogleWebSessionFromRequest = async (req) => {
   pruneExpiredGoogleSessions();
-  const sessionToken = getGoogleWebSessionTokenFromRequest(req);
-  if (!sessionToken) return null;
-  const session = webGoogleSessionMap.get(sessionToken);
-  if (session) {
+  const sessionTokens = getGoogleWebSessionTokensFromRequest(req);
+  if (!sessionTokens.length) return null;
+
+  for (const sessionToken of sessionTokens) {
+    const session = webGoogleSessionMap.get(sessionToken);
+    if (!session) continue;
     if (Number(session.expiresAt || 0) <= Date.now()) {
       webGoogleSessionMap.delete(sessionToken);
-    } else {
-      const now = Date.now();
-      session.lastSeenAt = now;
-      if (now - Number(session.lastDbTouchAt || 0) >= GOOGLE_WEB_SESSION_DB_TOUCH_INTERVAL_MS) {
-        session.lastDbTouchAt = now;
-        void touchGoogleWebSessionSeenInDb(sessionToken).catch((error) => {
-          logger.warn('Falha ao atualizar last_seen da sessão Google web.', {
-            action: 'sticker_pack_google_web_session_touch_failed',
-            error: error?.message,
-          });
-        });
-        void touchGoogleWebUserSeenInDb(session.sub).catch(() => {});
-      }
-      try {
-        await assertGoogleIdentityNotBanned({
-          sub: session.sub,
-          email: session.email,
-          ownerJid: session.ownerJid,
+      continue;
+    }
+
+    const now = Date.now();
+    session.lastSeenAt = now;
+    if (now - Number(session.lastDbTouchAt || 0) >= GOOGLE_WEB_SESSION_DB_TOUCH_INTERVAL_MS) {
+      session.lastDbTouchAt = now;
+      void touchGoogleWebSessionSeenInDb(sessionToken).catch((error) => {
+        logger.warn('Falha ao atualizar last_seen da sessão Google web.', {
+          action: 'sticker_pack_google_web_session_touch_failed',
+          error: error?.message,
         });
-      } catch (banError) {
-        webGoogleSessionMap.delete(sessionToken);
-        void deleteGoogleWebSessionFromDb(sessionToken).catch(() => {});
-        return null;
-      }
-      return session;
+      });
+      void touchGoogleWebUserSeenInDb(session.sub).catch(() => {});
     }
-  }
-  try {
-    const persistedSession = await findGoogleWebSessionInDbByToken(sessionToken);
-    if (!persistedSession) return null;
     try {
       await assertGoogleIdentityNotBanned({
-        sub: persistedSession.sub,
-        email: persistedSession.email,
-        ownerJid: persistedSession.ownerJid,
+        sub: session.sub,
+        email: session.email,
+        ownerJid: session.ownerJid,
       });
+      return session;
     } catch {
-      await deleteGoogleWebSessionFromDb(sessionToken).catch(() => {});
-      return null;
+      webGoogleSessionMap.delete(sessionToken);
+      void deleteGoogleWebSessionFromDb(sessionToken).catch(() => {});
     }
-    webGoogleSessionMap.set(sessionToken, persistedSession);
-    return persistedSession;
-  } catch (error) {
-    logger.warn('Falha ao resolver sessão Google web no banco.', {
-      action: 'sticker_pack_google_web_session_db_resolve_failed',
-      error: error?.message,
-    });
-    return null;
   }
+
+  for (const sessionToken of sessionTokens) {
+    try {
+      const persistedSession = await findGoogleWebSessionInDbByToken(sessionToken);
+      if (!persistedSession) continue;
+      try {
+        await assertGoogleIdentityNotBanned({
+          sub: persistedSession.sub,
+          email: persistedSession.email,
+          ownerJid: persistedSession.ownerJid,
+        });
+      } catch {
+        await deleteGoogleWebSessionFromDb(sessionToken).catch(() => {});
+        continue;
+      }
+      webGoogleSessionMap.set(sessionToken, persistedSession);
+      return persistedSession;
+    } catch (error) {
+      logger.warn('Falha ao resolver sessão Google web no banco.', {
+        action: 'sticker_pack_google_web_session_db_resolve_failed',
+        error: error?.message,
+      });
+    }
+  }
+
+  return null;
 };
 
 const clearGoogleWebSessionCookie = (req, res) => {
@@ -1796,13 +1974,26 @@ const clearGoogleWebSessionCookie = (req, res) => {
       maxAgeSeconds: 0,
     }),
   );
+  // Also clear host-only variant (legacy cookie written without Domain).
+  appendSetCookie(
+    res,
+    buildCookieString(GOOGLE_WEB_SESSION_COOKIE_NAME, '', req, {
+      maxAgeSeconds: 0,
+      domain: false,
+    }),
+  );
 };
 
 const sendAsset = (req, res, buffer, mimetype = 'image/webp') => {
+  const maxAgeSeconds = Math.max(60 * 60 * 24, ASSET_CACHE_SECONDS);
+  const staleWhileRevalidateSeconds = Math.min(60 * 60 * 24 * 7, Math.max(300, maxAgeSeconds));
   res.statusCode = 200;
   res.setHeader('Content-Type', mimetype);
   res.setHeader('Content-Length', String(buffer.length));
-  res.setHeader('Cache-Control', `public, max-age=${ASSET_CACHE_SECONDS}`);
+  res.setHeader(
+    'Cache-Control',
+    `public, max-age=${maxAgeSeconds}, stale-while-revalidate=${staleWhileRevalidateSeconds}`,
+  );
   if (req.method === 'HEAD') {
     res.end();
     return;
@@ -2041,8 +2232,12 @@ const buildStickerAssetUrl = (packKey, stickerId) =>
   `${STICKER_API_BASE_PATH}/${encodeURIComponent(packKey)}/stickers/${encodeURIComponent(stickerId)}.webp`;
 const buildOrphanStickersApiUrl = () => STICKER_ORPHAN_API_PATH;
 const buildDataAssetApiBaseUrl = () => `${STICKER_API_BASE_PATH}/data-files`;
-const buildCatalogStylesUrl = () => `${STICKER_WEB_PATH}/assets/styles.css`;
-const buildCatalogScriptUrl = () => `${STICKER_WEB_PATH}/assets/catalog.js`;
+const CATALOG_STYLES_WEB_PATH = `${STICKER_WEB_PATH}/assets/styles.css`;
+const CATALOG_SCRIPT_WEB_PATH = `${STICKER_WEB_PATH}/assets/catalog.js`;
+const appendAssetVersionQuery = (assetPath) =>
+  STICKER_WEB_ASSET_VERSION ? `${assetPath}?v=${encodeURIComponent(STICKER_WEB_ASSET_VERSION)}` : assetPath;
+const buildCatalogStylesUrl = () => appendAssetVersionQuery(CATALOG_STYLES_WEB_PATH);
+const buildCatalogScriptUrl = () => appendAssetVersionQuery(CATALOG_SCRIPT_WEB_PATH);
 const buildDataAssetUrl = (relativePath) =>
   `${STICKER_DATA_PUBLIC_PATH}/${String(relativePath)
     .split('/')
@@ -2146,7 +2341,9 @@ const resolveWebCreateOwnerJid = async (explicitOwner = '') => {
     const resolvedAdminJid = await resolveAdminJid();
     const fromAdmin = toOwnerJid(resolvedAdminJid);
     if (fromAdmin) return fromAdmin;
-  } catch {}
+  } catch {
+    // Ignore fallback errors while resolving owner identity.
+  }
 
   const adminCandidates = [
     getAdminRawValue(),
@@ -2316,14 +2513,18 @@ const resolveSupportAdminPhone = async () => {
       const resolvedFromLidMap = await resolveUserId(extractUserIdInfo(adminRaw));
       const resolvedPhoneFromLidMap = isPlausibleWhatsAppPhone(getJidUser(resolvedFromLidMap || ''));
       if (resolvedPhoneFromLidMap) return resolvedPhoneFromLidMap;
-    } catch {}
+    } catch {
+      // Ignore and fallback to other admin sources.
+    }
   }
 
   try {
     const resolvedAdminJid = await resolveAdminJid();
     const resolvedPhone = isPlausibleWhatsAppPhone(getJidUser(resolvedAdminJid || ''));
     if (resolvedPhone) return resolvedPhone;
-  } catch {}
+  } catch {
+    // Ignore and fallback to static admin phone sources.
+  }
 
   const rawPhone = isPlausibleWhatsAppPhone(getJidUser(adminRaw) || adminRaw);
   if (rawPhone) return rawPhone;
@@ -2725,6 +2926,10 @@ const hydrateMarketplaceEntries = async (packs, { includeItems = true, driftSnap
   const packIds = packs.map((pack) => pack.id);
   const engagementByPackId = await listStickerPackEngagementByPackIds(packIds);
   const interactionStatsByPackId = await listStickerPackInteractionStatsByPackIds(packIds);
+  const useSnapshot = await canUseRankingSnapshotRead(`hydrate:${packIds.length}:${includeItems ? 1 : 0}`);
+  const snapshotByPackId = useSnapshot
+    ? await listStickerPackScoreSnapshotsByPackIds(packIds).catch(() => new Map())
+    : new Map();
 
   const entries = [];
   const packClassificationById = new Map();
@@ -2743,14 +2948,24 @@ const hydrateMarketplaceEntries = async (packs, { includeItems = true, driftSnap
     const packMetadata = parsePackDescriptionMetadata(pack.description);
     const decoratedClassification = decoratePackClassificationSummary(packClassification);
     const mergedPackTags = mergeUniqueTags(decoratedClassification?.tags || [], packMetadata.tags);
-    const signals = computePackSignals({
-      pack: { ...pack, items },
-      engagement,
-      packClassification,
-      itemClassifications: orderedClassifications,
-      interactionStats,
-      scoringWeights: driftSnapshot?.weights || null,
-    });
+    const snapshot = snapshotByPackId.get(pack.id);
+    const signals = snapshot?.signals
+      ? {
+          ...snapshot.signals,
+          ranking_score: Number(snapshot?.signals?.ranking_score || 0),
+          pack_score: Number(snapshot?.signals?.pack_score || 0),
+          trend_score: Number(snapshot?.signals?.trend_score || 0),
+          nsfw_level: String(snapshot?.signals?.nsfw_level || 'safe'),
+          sensitive_content: Boolean(snapshot?.signals?.sensitive_content),
+        }
+      : computePackSignals({
+          pack: { ...pack, items },
+          engagement,
+          packClassification,
+          itemClassifications: orderedClassifications,
+          interactionStats,
+          scoringWeights: driftSnapshot?.weights || null,
+        });
 
     const entry = {
       pack,
@@ -3274,9 +3489,13 @@ const handleSitemapRequest = async (req, res) => {
 const sendStaticTextFile = async (req, res, filePath, contentType) => {
   try {
     const body = await fs.readFile(filePath, 'utf8');
+    const hasVersionQuery = /(?:\?|&)v=/.test(String(req.url || ''));
+    const cacheControl = hasVersionQuery
+      ? `public, max-age=${IMMUTABLE_ASSET_CACHE_SECONDS}, immutable`
+      : `public, max-age=${STATIC_TEXT_CACHE_SECONDS}, stale-while-revalidate=${Math.min(86400, STATIC_TEXT_CACHE_SECONDS * 4)}`;
     res.statusCode = 200;
     res.setHeader('Content-Type', contentType);
-    res.setHeader('Cache-Control', 'public, max-age=300');
+    res.setHeader('Cache-Control', cacheControl);
     if (req.method === 'HEAD') {
       res.end();
       return true;
@@ -3300,11 +3519,11 @@ const sendStaticTextFile = async (req, res, filePath, contentType) => {
 };
 
 const handleCatalogStaticAssetRequest = async (req, res, pathname) => {
-  if (pathname === buildCatalogStylesUrl()) {
+  if (pathname === CATALOG_STYLES_WEB_PATH) {
     return sendStaticTextFile(req, res, CATALOG_STYLES_FILE_PATH, 'text/css; charset=utf-8');
   }
 
-  if (pathname === buildCatalogScriptUrl()) {
+  if (pathname === CATALOG_SCRIPT_WEB_PATH) {
     return sendStaticTextFile(req, res, CATALOG_SCRIPT_FILE_PATH, 'application/javascript; charset=utf-8');
   }
 
@@ -3321,95 +3540,118 @@ const handleListRequest = async (req, res, url) => {
   const limit = clampInt(url.searchParams.get('limit'), DEFAULT_LIST_LIMIT, 1, MAX_LIST_LIMIT);
   const offset = clampInt(url.searchParams.get('offset'), 0, 0, 100000);
   const normalizedIntent = normalizeCategoryToken(intent).replace(/-/g, '_');
-  const batchLimit = Math.max(limit, Math.min(MAX_LIST_LIMIT, 24));
-  const maxPagesToScan = 8;
   const googleSession = await resolveGoogleWebSessionFromRequest(req);
   const hasNsfwAccess = Boolean(googleSession?.sub && googleSession?.ownerJid);
-  const seenPackIds = new Set();
-  const collectedEntries = [];
-  const driftSnapshot = await getMarketplaceDriftSnapshot();
-  let sourceHasMore = true;
-  let cursorOffset = offset;
-  let pagesScanned = 0;
+  const cacheKey = buildCacheKey([
+    'list',
+    q,
+    visibility,
+    sort,
+    categories.join(','),
+    normalizedIntent,
+    includeSensitive ? 1 : 0,
+    limit,
+    offset,
+    hasNsfwAccess ? 1 : 0,
+  ]);
+  const payload = await getCachedSnapshot({
+    cacheMap: CATALOG_LIST_CACHE,
+    key: cacheKey,
+    ttlSeconds: CATALOG_LIST_CACHE_SECONDS,
+    staleWhileRefresh: true,
+    staleOnError: true,
+    load: async () => {
+      const batchLimit = Math.max(limit, Math.min(MAX_LIST_LIMIT, 24));
+      const maxPagesToScan = 8;
+      const seenPackIds = new Set();
+      const collectedEntries = [];
+      const driftSnapshot = await getMarketplaceDriftSnapshot();
+      let sourceHasMore = true;
+      let cursorOffset = offset;
+      let pagesScanned = 0;
+
+      while (collectedEntries.length < limit && sourceHasMore && pagesScanned < maxPagesToScan) {
+        pagesScanned += 1;
+        const { packs, hasMore } = await listStickerPacksForCatalog({
+          visibility,
+          search: q,
+          limit: batchLimit,
+          offset: cursorOffset,
+        });
+        sourceHasMore = hasMore;
+        cursorOffset += batchLimit;
+        if (!packs.length) break;
+
+        const { entries } = await hydrateMarketplaceEntries(packs, { driftSnapshot });
+        const entriesClassified = STICKER_CATALOG_ONLY_CLASSIFIED
+          ? entries.filter((entry) => isPackClassified(entry.packClassification))
+          : entries;
+        const entriesByCategory = categories.length
+          ? entriesClassified.filter((entry) => hasAnyCategory(entry.packClassification?.tags || [], categories))
+          : entriesClassified;
+        const entriesBySensitivity = includeSensitive
+          ? entriesByCategory
+          : entriesByCategory.filter((entry) => entry.signals?.nsfw_level === 'safe');
+        const entriesByIntent = intent
+          ? entriesBySensitivity.filter((entry) => classifyPackIntent(entry) === normalizedIntent)
+          : entriesBySensitivity;
+        const sortedEntries = [...entriesByIntent].sort((left, right) => {
+          const completenessDelta = compareEntriesByPackCompleteness(left, right);
+          if (completenessDelta !== 0) return completenessDelta;
+          if (sort === 'recent') {
+            return Date.parse(right?.pack?.created_at || right?.pack?.updated_at || 0) - Date.parse(left?.pack?.created_at || left?.pack?.updated_at || 0);
+          }
+          if (sort === 'likes') {
+            return Number(right?.engagement?.like_count || 0) - Number(left?.engagement?.like_count || 0);
+          }
+          if (sort === 'downloads') {
+            return Number(right?.engagement?.open_count || 0) - Number(left?.engagement?.open_count || 0);
+          }
+          if (sort === 'comments') {
+            const commentDelta = Number(right?.engagement?.comment_count || 0) - Number(left?.engagement?.comment_count || 0);
+            if (commentDelta !== 0) return commentDelta;
+            return Number(right?.engagement?.like_count || 0) - Number(left?.engagement?.like_count || 0);
+          }
+          if (sort === 'trending') {
+            const trendDelta = Number(right?.signals?.trend_score || 0) - Number(left?.signals?.trend_score || 0);
+            if (trendDelta !== 0) return trendDelta;
+          }
+          const leftScore = Number(left?.signals?.ranking_score || 0);
+          const rightScore = Number(right?.signals?.ranking_score || 0);
+          if (rightScore !== leftScore) return rightScore - leftScore;
+          return Date.parse(right?.pack?.updated_at || 0) - Date.parse(left?.pack?.updated_at || 0);
+        });
 
-  while (collectedEntries.length < limit && sourceHasMore && pagesScanned < maxPagesToScan) {
-    pagesScanned += 1;
-    const { packs, hasMore } = await listStickerPacksForCatalog({
-      visibility,
-      search: q,
-      limit: batchLimit,
-      offset: cursorOffset,
-    });
-    sourceHasMore = hasMore;
-    cursorOffset += batchLimit;
-    if (!packs.length) break;
-
-    const { entries } = await hydrateMarketplaceEntries(packs, { driftSnapshot });
-    const entriesClassified = STICKER_CATALOG_ONLY_CLASSIFIED
-      ? entries.filter((entry) => isPackClassified(entry.packClassification))
-      : entries;
-    const entriesByCategory = categories.length
-      ? entriesClassified.filter((entry) => hasAnyCategory(entry.packClassification?.tags || [], categories))
-      : entriesClassified;
-    const entriesBySensitivity = includeSensitive
-      ? entriesByCategory
-      : entriesByCategory.filter((entry) => entry.signals?.nsfw_level === 'safe');
-    const entriesByIntent = intent
-      ? entriesBySensitivity.filter((entry) => classifyPackIntent(entry) === normalizedIntent)
-      : entriesBySensitivity;
-    const sortedEntries = [...entriesByIntent].sort((left, right) => {
-      const completenessDelta = compareEntriesByPackCompleteness(left, right);
-      if (completenessDelta !== 0) return completenessDelta;
-      if (sort === 'recent') {
-        return Date.parse(right?.pack?.created_at || right?.pack?.updated_at || 0) - Date.parse(left?.pack?.created_at || left?.pack?.updated_at || 0);
-      }
-      if (sort === 'likes') {
-        return Number(right?.engagement?.like_count || 0) - Number(left?.engagement?.like_count || 0);
-      }
-      if (sort === 'downloads') {
-        return Number(right?.engagement?.open_count || 0) - Number(left?.engagement?.open_count || 0);
-      }
-      if (sort === 'comments') {
-        const commentDelta = Number(right?.engagement?.comment_count || 0) - Number(left?.engagement?.comment_count || 0);
-        if (commentDelta !== 0) return commentDelta;
-        return Number(right?.engagement?.like_count || 0) - Number(left?.engagement?.like_count || 0);
-      }
-      if (sort === 'trending') {
-        const trendDelta = Number(right?.signals?.trend_score || 0) - Number(left?.signals?.trend_score || 0);
-        if (trendDelta !== 0) return trendDelta;
+        for (const entry of sortedEntries) {
+          if (!entry?.pack?.id) continue;
+          if (seenPackIds.has(entry.pack.id)) continue;
+          seenPackIds.add(entry.pack.id);
+          collectedEntries.push(entry);
+          if (collectedEntries.length >= limit) break;
+        }
       }
-      const leftScore = Number(left?.signals?.ranking_score || 0);
-      const rightScore = Number(right?.signals?.ranking_score || 0);
-      if (rightScore !== leftScore) return rightScore - leftScore;
-      return Date.parse(right?.pack?.updated_at || 0) - Date.parse(left?.pack?.updated_at || 0);
-    });
-
-    for (const entry of sortedEntries) {
-      if (!entry?.pack?.id) continue;
-      if (seenPackIds.has(entry.pack.id)) continue;
-      seenPackIds.add(entry.pack.id);
-      collectedEntries.push(entry);
-      if (collectedEntries.length >= limit) break;
-    }
-  }
 
-  sendJson(req, res, 200, {
-    data: collectedEntries.map((entry) => toSummaryEntry(entry, { hideSensitiveCover: !hasNsfwAccess })),
-    pagination: {
-      limit,
-      offset,
-      has_more: sourceHasMore,
-      next_offset: sourceHasMore ? cursorOffset : null,
-    },
-    filters: {
-      q,
-      visibility,
-      sort,
-      categories,
-      intent: intent || null,
-      include_sensitive: includeSensitive,
+      return {
+        data: collectedEntries.map((entry) => toSummaryEntry(entry, { hideSensitiveCover: !hasNsfwAccess })),
+        pagination: {
+          limit,
+          offset,
+          has_more: sourceHasMore,
+          next_offset: sourceHasMore ? cursorOffset : null,
+        },
+        filters: {
+          q,
+          visibility,
+          sort,
+          categories,
+          intent: intent || null,
+          include_sensitive: includeSensitive,
+        },
+      };
     },
   });
+
+  sendJson(req, res, 200, payload);
 };
 
 const handleIntentCollectionsRequest = async (req, res, url) => {
@@ -3647,9 +3889,9 @@ const handleGoogleAuthSessionRequest = async (req, res) => {
   }
 
   if (req.method === 'DELETE') {
-    const token = getGoogleWebSessionTokenFromRequest(req);
-    if (token) webGoogleSessionMap.delete(token);
-    if (token) {
+    const tokens = getGoogleWebSessionTokensFromRequest(req);
+    for (const token of tokens) {
+      webGoogleSessionMap.delete(token);
       await deleteGoogleWebSessionFromDb(token).catch((error) => {
         logger.warn('Falha ao remover sessão Google web do banco.', {
           action: 'sticker_pack_google_web_session_db_delete_failed',
@@ -4090,6 +4332,9 @@ const invalidateStickerCatalogDerivedCaches = () => {
   GLOBAL_RANK_CACHE.value = null;
   GLOBAL_RANK_CACHE.pending = null;
   HOME_MARKETPLACE_STATS_CACHE.clear();
+  CATALOG_LIST_CACHE.clear();
+  CATALOG_CREATOR_RANKING_CACHE.clear();
+  CATALOG_PACK_PAYLOAD_CACHE.clear();
   SYSTEM_SUMMARY_CACHE.expiresAt = 0;
   SYSTEM_SUMMARY_CACHE.value = null;
   SYSTEM_SUMMARY_CACHE.pending = null;
@@ -5753,46 +5998,63 @@ const handleCreatorRankingRequest = async (req, res, url) => {
   const limit = clampInt(url.searchParams.get('limit'), 50, 5, 200);
   const googleSession = await resolveGoogleWebSessionFromRequest(req);
   const hasNsfwAccess = Boolean(googleSession?.sub && googleSession?.ownerJid);
-
-  const { packs } = await listStickerPacksForCatalog({
+  const cacheKey = buildCacheKey([
+    'creator_ranking',
     visibility,
-    search: q,
-    limit: 120,
-    offset: 0,
-  });
-  const driftSnapshot = await getMarketplaceDriftSnapshot();
-  const { entries } = await hydrateMarketplaceEntries(packs, { driftSnapshot });
-  const ranking = buildCreatorRanking(
-    STICKER_CATALOG_ONLY_CLASSIFIED ? entries.filter((entry) => isPackClassified(entry.packClassification)) : entries,
-    { limit },
-  );
+    q,
+    limit,
+    hasNsfwAccess ? 1 : 0,
+  ]);
+  const payload = await getCachedSnapshot({
+    cacheMap: CATALOG_CREATOR_RANKING_CACHE,
+    key: cacheKey,
+    ttlSeconds: CATALOG_CREATOR_RANKING_CACHE_SECONDS,
+    staleWhileRefresh: true,
+    staleOnError: true,
+    load: async () => {
+      const { packs } = await listStickerPacksForCatalog({
+        visibility,
+        search: q,
+        limit: 120,
+        offset: 0,
+      });
+      const driftSnapshot = await getMarketplaceDriftSnapshot();
+      const { entries } = await hydrateMarketplaceEntries(packs, { driftSnapshot });
+      const ranking = buildCreatorRanking(
+        STICKER_CATALOG_ONLY_CLASSIFIED ? entries.filter((entry) => isPackClassified(entry.packClassification)) : entries,
+        { limit },
+      );
 
-  sendJson(req, res, 200, {
-    data: ranking.map((creator) => ({
-      creator_score: Number(
-        (
-          Number(creator.avg_pack_score || 0) * 0.45 +
-          Number(creator.total_likes || 0) * 0.0008 +
-          Number(creator.total_opens || 0) * 0.00015
-        ).toFixed(6),
-      ),
-      publisher: creator.publisher,
-      verified: Boolean(creator.verified),
-      badges: creator.verified ? ['verified_creator'] : [],
-      stats: {
-        packs_count: Number(creator.packs_count || 0),
-        total_likes: Number(creator.total_likes || 0),
-        total_opens: Number(creator.total_opens || 0),
-        avg_pack_score: Number(creator.avg_pack_score || 0),
-      },
-      top_pack: creator.top_pack ? toSummaryEntry(creator.top_pack, { hideSensitiveCover: !hasNsfwAccess }) : null,
-    })),
-    filters: {
-      visibility,
-      q,
-      limit,
+      return {
+        data: ranking.map((creator) => ({
+          creator_score: Number(
+            (
+              Number(creator.avg_pack_score || 0) * 0.45 +
+              Number(creator.total_likes || 0) * 0.0008 +
+              Number(creator.total_opens || 0) * 0.00015
+            ).toFixed(6),
+          ),
+          publisher: creator.publisher,
+          verified: Boolean(creator.verified),
+          badges: creator.verified ? ['verified_creator'] : [],
+          stats: {
+            packs_count: Number(creator.packs_count || 0),
+            total_likes: Number(creator.total_likes || 0),
+            total_opens: Number(creator.total_opens || 0),
+            avg_pack_score: Number(creator.avg_pack_score || 0),
+          },
+          top_pack: creator.top_pack ? toSummaryEntry(creator.top_pack, { hideSensitiveCover: !hasNsfwAccess }) : null,
+        })),
+        filters: {
+          visibility,
+          q,
+          limit,
+        },
+      };
     },
   });
+
+  sendJson(req, res, 200, payload);
 };
 
 const handleRecommendationsRequest = async (req, res, url) => {
@@ -6934,42 +7196,60 @@ const handlePublicDataAssetRequest = async (req, res, pathname) => {
 };
 
 const fetchPublicPackPayload = async (normalizedPackKey) => {
-  const pack = await findStickerPackByPackKey(normalizedPackKey);
-  if (!pack || !isPackPubliclyVisible(pack)) return null;
-
-  const items = await listStickerPackItems(pack.id);
-  const stickerIds = items.map((item) => item.sticker_id);
-  const [classifications, packClassification, engagement] = await Promise.all([
-    listStickerClassificationsByAssetIds(stickerIds),
-    getPackClassificationSummaryByAssetIds(stickerIds),
-    getStickerPackEngagementByPackId(pack.id),
-  ]);
+  const cacheKey = buildCacheKey(['pack_payload', normalizedPackKey]);
+  return getCachedSnapshot({
+    cacheMap: CATALOG_PACK_PAYLOAD_CACHE,
+    key: cacheKey,
+    ttlSeconds: CATALOG_PACK_PAYLOAD_CACHE_SECONDS,
+    staleWhileRefresh: true,
+    staleOnError: true,
+    load: async () => {
+      const pack = await findStickerPackByPackKey(normalizedPackKey);
+      if (!pack || !isPackPubliclyVisible(pack)) return null;
+
+      const items = await listStickerPackItems(pack.id);
+      const stickerIds = items.map((item) => item.sticker_id);
+      const [classifications, packClassification, engagement] = await Promise.all([
+        listStickerClassificationsByAssetIds(stickerIds),
+        getPackClassificationSummaryByAssetIds(stickerIds),
+        getStickerPackEngagementByPackId(pack.id),
+      ]);
+
+      if (STICKER_CATALOG_ONLY_CLASSIFIED && !isPackClassified(packClassification)) {
+        return null;
+      }
 
-  if (STICKER_CATALOG_ONLY_CLASSIFIED && !isPackClassified(packClassification)) {
-    return null;
-  }
+      const [interactionStatsByPack, driftSnapshot, snapshotByPackId] = await Promise.all([
+        listStickerPackInteractionStatsByPackIds([pack.id]),
+        getMarketplaceDriftSnapshot(),
+        canUseRankingSnapshotRead(`pack_payload:${pack.id}`)
+          .then((enabled) => (enabled ? listStickerPackScoreSnapshotsByPackIds([pack.id]) : new Map()))
+          .catch(() => new Map()),
+      ]);
+      const byAssetClassification = new Map(classifications.map((entry) => [entry.asset_id, entry]));
+      const orderedClassifications = stickerIds.map((stickerId) => byAssetClassification.get(stickerId)).filter(Boolean);
+      const snapshot = snapshotByPackId.get(pack.id);
+      const signals = snapshot?.signals
+        ? snapshot.signals
+        : computePackSignals({
+            pack: { ...pack, items },
+            engagement,
+            packClassification,
+            itemClassifications: orderedClassifications,
+            interactionStats: interactionStatsByPack.get(pack.id) || null,
+            scoringWeights: driftSnapshot.weights,
+          });
 
-  const interactionStatsByPack = await listStickerPackInteractionStatsByPackIds([pack.id]);
-  const driftSnapshot = await getMarketplaceDriftSnapshot();
-  const byAssetClassification = new Map(classifications.map((entry) => [entry.asset_id, entry]));
-  const orderedClassifications = stickerIds.map((stickerId) => byAssetClassification.get(stickerId)).filter(Boolean);
-  const signals = computePackSignals({
-    pack: { ...pack, items },
-    engagement,
-    packClassification,
-    itemClassifications: orderedClassifications,
-    interactionStats: interactionStatsByPack.get(pack.id) || null,
-    scoringWeights: driftSnapshot.weights,
+      return {
+        pack,
+        items,
+        byAssetClassification,
+        packClassification,
+        engagement,
+        signals,
+      };
+    },
   });
-
-  return {
-    pack,
-    items,
-    byAssetClassification,
-    packClassification,
-    engagement,
-    signals,
-  };
 };
 
 const handleDetailsRequest = async (req, res, packKey, url) => {
@@ -7060,6 +7340,23 @@ const handleAssetRequest = async (req, res, packKey, stickerToken) => {
         return;
       }
     }
+
+    const externalAssetUrl = await getStickerAssetExternalUrl(item.asset, {
+      secure: true,
+      expiresInSeconds: Math.max(60, Math.min(3600, Number(process.env.STICKER_OBJECT_STORAGE_SIGNED_URL_TTL_SECONDS) || 300)),
+    }).catch(() => null);
+    if (externalAssetUrl) {
+      res.statusCode = 302;
+      res.setHeader('Location', externalAssetUrl);
+      res.setHeader('Cache-Control', 'private, max-age=45');
+      if (req.method === 'HEAD') {
+        res.end();
+        return;
+      }
+      res.end();
+      return;
+    }
+
     if (decorated) {
       res.setHeader('X-Sticker-Category', String(decorated?.category || 'unknown'));
       res.setHeader('X-Sticker-NSFW', decorated?.is_nsfw ? '1' : '0');
@@ -7667,323 +7964,60 @@ const handleAdminBanRevokeRequest = async (req, res, banId) => {
   }
 };
 
-const handleCatalogApiRequest = async (req, res, pathname, url) => {
-  if (pathname === `${STICKER_API_BASE_PATH}/create`) {
-    if (req.method !== 'POST') {
-      sendJson(req, res, 405, { error: 'Metodo nao permitido.' });
-      return true;
-    }
-    await handleCreatePackRequest(req, res);
-    return true;
-  }
-
-  if (pathname === `${STICKER_API_BASE_PATH}/auth/google/session`) {
-    await handleGoogleAuthSessionRequest(req, res);
-    return true;
-  }
-
-  if (pathname === `${STICKER_API_BASE_PATH}/me`) {
-    await handleMyProfileRequest(req, res, url);
-    return true;
-  }
-
-  if (pathname === `${STICKER_API_BASE_PATH}/admin/session`) {
-    await handleAdminPanelSessionRequest(req, res);
-    return true;
-  }
-
-  if (pathname === STICKER_API_BASE_PATH) {
-    if (!['GET', 'HEAD'].includes(req.method || '')) {
-      sendJson(req, res, 405, { error: 'Metodo nao permitido.' });
-      return true;
-    }
-    await handleListRequest(req, res, url);
-    return true;
-  }
-
-  if (pathname === `${STICKER_API_BASE_PATH}/intents`) {
-    if (!['GET', 'HEAD'].includes(req.method || '')) {
-      sendJson(req, res, 405, { error: 'Metodo nao permitido.' });
-      return true;
-    }
-    await handleIntentCollectionsRequest(req, res, url);
-    return true;
-  }
-
-  if (pathname === `${STICKER_API_BASE_PATH}/creators`) {
-    if (!['GET', 'HEAD'].includes(req.method || '')) {
-      sendJson(req, res, 405, { error: 'Metodo nao permitido.' });
-      return true;
-    }
-    await handleCreatorRankingRequest(req, res, url);
-    return true;
-  }
-
-  if (pathname === `${STICKER_API_BASE_PATH}/recommendations`) {
-    if (!['GET', 'HEAD'].includes(req.method || '')) {
-      sendJson(req, res, 405, { error: 'Metodo nao permitido.' });
-      return true;
-    }
-    await handleRecommendationsRequest(req, res, url);
-    return true;
-  }
-
-  if (pathname === `${STICKER_API_BASE_PATH}/stats`) {
-    if (!['GET', 'HEAD'].includes(req.method || '')) {
-      sendJson(req, res, 405, { error: 'Metodo nao permitido.' });
-      return true;
-    }
-    await handleMarketplaceStatsRequest(req, res, url);
-    return true;
-  }
-
-  if (pathname === `${STICKER_API_BASE_PATH}/create-config`) {
-    if (!['GET', 'HEAD'].includes(req.method || '')) {
-      sendJson(req, res, 405, { error: 'Metodo nao permitido.' });
-      return true;
-    }
-    await handleCreatePackConfigRequest(req, res);
-    return true;
-  }
-
-  if (pathname === STICKER_ORPHAN_API_PATH) {
-    if (!['GET', 'HEAD'].includes(req.method || '')) {
-      sendJson(req, res, 405, { error: 'Metodo nao permitido.' });
-      return true;
-    }
-    await handleOrphanStickerListRequest(req, res, url);
-    return true;
-  }
-
-  const suffix = pathname.slice(STICKER_API_BASE_PATH.length).replace(/^\/+/, '');
-  if (!suffix) return false;
-
-  const segments = suffix.split('/').filter(Boolean).map((segment) => {
-    try {
-      return decodeURIComponent(segment);
-    } catch {
-      return segment;
-    }
-  });
-
-  if (segments.length === 1 && segments[0] === 'data-files') {
-    if (!['GET', 'HEAD'].includes(req.method || '')) {
-      sendJson(req, res, 405, { error: 'Metodo nao permitido.' });
-      return true;
-    }
-    await handleDataFileListRequest(req, res, url);
-    return true;
-  }
-
-  if (segments.length === 1 && segments[0] === 'system-summary') {
-    if (!['GET', 'HEAD'].includes(req.method || '')) {
-      sendJson(req, res, 405, { error: 'Metodo nao permitido.' });
-      return true;
-    }
-    await handleSystemSummaryRequest(req, res);
-    return true;
-  }
-
-  if (segments.length === 1 && segments[0] === 'project-summary') {
-    if (!['GET', 'HEAD'].includes(req.method || '')) {
-      sendJson(req, res, 405, { error: 'Metodo nao permitido.' });
-      return true;
-    }
-    await handleGitHubProjectSummaryRequest(req, res);
-    return true;
-  }
-
-  if (segments.length === 1 && segments[0] === 'global-ranking-summary') {
-    if (!['GET', 'HEAD'].includes(req.method || '')) {
-      sendJson(req, res, 405, { error: 'Metodo nao permitido.' });
-      return true;
-    }
-    await handleGlobalRankingSummaryRequest(req, res);
-    return true;
-  }
-
-  if (segments.length === 1 && segments[0] === 'readme-summary') {
-    if (!['GET', 'HEAD'].includes(req.method || '')) {
-      sendJson(req, res, 405, { error: 'Metodo nao permitido.' });
-      return true;
-    }
-    await handleReadmeSummaryRequest(req, res);
-    return true;
-  }
-
-  if (segments.length === 1 && segments[0] === 'readme-markdown') {
-    if (!['GET', 'HEAD'].includes(req.method || '')) {
-      sendJson(req, res, 405, { error: 'Metodo nao permitido.' });
-      return true;
-    }
-    await handleReadmeMarkdownRequest(req, res);
-    return true;
-  }
-
-  if (segments.length === 1 && segments[0] === 'support') {
-    if (!['GET', 'HEAD'].includes(req.method || '')) {
-      sendJson(req, res, 405, { error: 'Metodo nao permitido.' });
-      return true;
-    }
-    await handleSupportInfoRequest(req, res);
-    return true;
-  }
-
-  if (segments.length === 1 && segments[0] === 'bot-contact') {
-    if (!['GET', 'HEAD'].includes(req.method || '')) {
-      sendJson(req, res, 405, { error: 'Metodo nao permitido.' });
-      return true;
-    }
-    await handleBotContactInfoRequest(req, res);
-    return true;
-  }
-
-  if (segments[0] === 'admin') {
-    if (segments.length === 2 && segments[1] === 'overview') {
-      await handleAdminOverviewRequest(req, res);
-      return true;
-    }
-    if (segments.length === 2 && segments[1] === 'users') {
-      await handleAdminUsersRequest(req, res, url);
-      return true;
-    }
-    if (segments.length === 2 && segments[1] === 'moderators') {
-      await handleAdminModeratorsRequest(req, res);
-      return true;
-    }
-    if (segments.length === 3 && segments[1] === 'moderators') {
-      await handleAdminModeratorDeleteRequest(req, res, segments[2]);
-      return true;
-    }
-    if (segments.length === 2 && segments[1] === 'packs') {
-      await handleAdminPacksRequest(req, res, url);
-      return true;
-    }
-    if (segments.length === 3 && segments[1] === 'packs') {
-      await handleAdminPackDetailsRequest(req, res, segments[2]);
-      return true;
-    }
-    if (segments.length === 4 && segments[1] === 'packs' && segments[3] === 'delete') {
-      await handleAdminPackDeleteRequest(req, res, segments[2]);
-      return true;
-    }
-    if (segments.length === 6 && segments[1] === 'packs' && segments[3] === 'stickers' && segments[5] === 'delete') {
-      await handleAdminPackStickerDeleteRequest(req, res, segments[2], segments[4]);
-      return true;
-    }
-    if (segments.length === 4 && segments[1] === 'stickers' && segments[3] === 'delete') {
-      await handleAdminGlobalStickerDeleteRequest(req, res, segments[2]);
-      return true;
-    }
-    if (segments.length === 2 && segments[1] === 'bans') {
-      await handleAdminBansRequest(req, res);
-      return true;
-    }
-    if (segments.length === 4 && segments[1] === 'bans' && segments[3] === 'revoke') {
-      await handleAdminBanRevokeRequest(req, res, segments[2]);
-      return true;
-    }
-    sendJson(req, res, 404, { error: 'Rota admin nao encontrada.' });
-    return true;
-  }
-
-  if (segments.length === 1) {
-    if (!['GET', 'HEAD'].includes(req.method || '')) {
-      sendJson(req, res, 405, { error: 'Metodo nao permitido.' });
-      return true;
-    }
-    await handleDetailsRequest(req, res, segments[0], url);
-    return true;
-  }
-
-  if (segments.length === 2 && ['open', 'like', 'dislike'].includes(segments[1])) {
-    if (req.method !== 'POST') {
-      sendJson(req, res, 405, { error: 'Metodo nao permitido.' });
-      return true;
-    }
-    await handlePackInteractionRequest(req, res, segments[0], segments[1], url);
-    return true;
-  }
-
-  if (segments.length === 2 && segments[1] === 'manage') {
-    await handleManagedPackRequest(req, res, segments[0]);
-    return true;
-  }
-
-  if (segments.length === 3 && segments[1] === 'manage' && segments[2] === 'clone') {
-    await handleManagedPackCloneRequest(req, res, segments[0]);
-    return true;
-  }
-
-  if (segments.length === 3 && segments[1] === 'manage' && segments[2] === 'cover') {
-    await handleManagedPackCoverRequest(req, res, segments[0]);
-    return true;
-  }
-
-  if (segments.length === 3 && segments[1] === 'manage' && segments[2] === 'reorder') {
-    await handleManagedPackReorderRequest(req, res, segments[0]);
-    return true;
-  }
-
-  if (segments.length === 3 && segments[1] === 'manage' && segments[2] === 'analytics') {
-    await handleManagedPackAnalyticsRequest(req, res, segments[0]);
-    return true;
-  }
-
-  if (segments.length === 3 && segments[1] === 'manage' && segments[2] === 'stickers') {
-    await handleManagedPackStickerCreateRequest(req, res, segments[0]);
-    return true;
-  }
-
-  if (segments.length === 4 && segments[1] === 'manage' && segments[2] === 'stickers') {
-    await handleManagedPackStickerDeleteRequest(req, res, segments[0], segments[3]);
-    return true;
-  }
-
-  if (segments.length === 5 && segments[1] === 'manage' && segments[2] === 'stickers' && segments[4] === 'replace') {
-    await handleManagedPackStickerReplaceRequest(req, res, segments[0], segments[3]);
-    return true;
-  }
-
-  if (segments.length === 2 && segments[1] === 'publish-state') {
-    if (!['GET', 'HEAD', 'POST'].includes(req.method || '')) {
-      sendJson(req, res, 405, { error: 'Metodo nao permitido.' });
-      return true;
-    }
-    await handlePackPublishStateRequest(req, res, segments[0], url);
-    return true;
-  }
-
-  if (segments.length === 2 && segments[1] === 'finalize') {
-    if (req.method !== 'POST') {
-      sendJson(req, res, 405, { error: 'Metodo nao permitido.' });
-      return true;
-    }
-    await handleFinalizePackRequest(req, res, segments[0]);
-    return true;
-  }
-
-  if (segments.length === 2 && segments[1] === 'stickers-upload') {
-    if (req.method !== 'POST') {
-      sendJson(req, res, 405, { error: 'Metodo nao permitido.' });
-      return true;
-    }
-    await handleUploadStickerToPackRequest(req, res, segments[0]);
-    return true;
-  }
-
-  if (segments.length === 3 && segments[1] === 'stickers') {
-    if (!['GET', 'HEAD'].includes(req.method || '')) {
-      sendJson(req, res, 405, { error: 'Metodo nao permitido.' });
-      return true;
-    }
-    await handleAssetRequest(req, res, segments[0], segments[2]);
-    return true;
-  }
+const catalogApiRouter = createCatalogApiRouter({
+  apiBasePath: STICKER_API_BASE_PATH,
+  orphanApiPath: STICKER_ORPHAN_API_PATH,
+  sendJson,
+  handlers: {
+    handleCreatePackRequest,
+    handleGoogleAuthSessionRequest,
+    handleMyProfileRequest,
+    handleAdminPanelSessionRequest,
+    handleListRequest,
+    handleIntentCollectionsRequest,
+    handleCreatorRankingRequest,
+    handleRecommendationsRequest,
+    handleMarketplaceStatsRequest,
+    handleCreatePackConfigRequest,
+    handleOrphanStickerListRequest,
+    handleDataFileListRequest,
+    handleSystemSummaryRequest,
+    handleGitHubProjectSummaryRequest,
+    handleGlobalRankingSummaryRequest,
+    handleReadmeSummaryRequest,
+    handleReadmeMarkdownRequest,
+    handleSupportInfoRequest,
+    handleBotContactInfoRequest,
+    handleAdminOverviewRequest,
+    handleAdminUsersRequest,
+    handleAdminModeratorsRequest,
+    handleAdminModeratorDeleteRequest,
+    handleAdminPacksRequest,
+    handleAdminPackDetailsRequest,
+    handleAdminPackDeleteRequest,
+    handleAdminPackStickerDeleteRequest,
+    handleAdminGlobalStickerDeleteRequest,
+    handleAdminBansRequest,
+    handleAdminBanRevokeRequest,
+    handleDetailsRequest,
+    handlePackInteractionRequest,
+    handleManagedPackRequest,
+    handleManagedPackCloneRequest,
+    handleManagedPackCoverRequest,
+    handleManagedPackReorderRequest,
+    handleManagedPackAnalyticsRequest,
+    handleManagedPackStickerCreateRequest,
+    handleManagedPackStickerDeleteRequest,
+    handleManagedPackStickerReplaceRequest,
+    handlePackPublishStateRequest,
+    handleFinalizePackRequest,
+    handleUploadStickerToPackRequest,
+    handleAssetRequest,
+  },
+});
 
-  sendJson(req, res, 404, { error: 'Rota de sticker pack nao encontrada.' });
-  return true;
-};
+const handleCatalogApiRequest = async (req, res, pathname, url) =>
+  catalogApiRouter({ req, res, pathname, url });
 
 const handleCatalogPageRequest = async (req, res, pathname) => {
   const normalizedPath = pathname.length > 1 ? pathname.replace(/\/+$/, '') : pathname;