@kyro-cms/admin 0.1.2

package/dist/server/chunks/sharp_pmJ7nHES.mjs

@@ -0,0 +1,142 @@
+import { A as AstroError, bf as MissingSharp } from './sequence_9cl7AJy-.mjs';
+import { b as baseService, p as parseQuality } from './node_9bvTewss.mjs';
+
+let sharp;
+const qualityTable = {
+  low: 25,
+  mid: 50,
+  high: 80,
+  max: 100
+};
+function resolveSharpQuality(quality) {
+  if (!quality) return void 0;
+  const parsedQuality = parseQuality(quality);
+  if (typeof parsedQuality === "number") {
+    return parsedQuality;
+  }
+  return quality in qualityTable ? qualityTable[quality] : void 0;
+}
+function resolveSharpEncoderOptions(transform, inputFormat, serviceConfig = {}) {
+  const quality = resolveSharpQuality(transform.quality);
+  switch (transform.format) {
+    case "jpg":
+    case "jpeg":
+      return {
+        ...serviceConfig.jpeg,
+        ...quality === void 0 ? {} : { quality }
+      };
+    case "png":
+      return {
+        ...serviceConfig.png,
+        ...quality === void 0 ? {} : { quality }
+      };
+    case "webp": {
+      const webpOptions = {
+        ...serviceConfig.webp,
+        ...quality === void 0 ? {} : { quality }
+      };
+      if (inputFormat === "gif") {
+        webpOptions.loop ??= 0;
+      }
+      return webpOptions;
+    }
+    case "avif":
+      return {
+        ...serviceConfig.avif,
+        ...quality === void 0 ? {} : { quality }
+      };
+    default:
+      return quality === void 0 ? void 0 : { quality };
+  }
+}
+async function loadSharp() {
+  let sharpImport;
+  try {
+    sharpImport = (await import('sharp')).default;
+  } catch {
+    throw new AstroError(MissingSharp);
+  }
+  sharpImport.cache(false);
+  return sharpImport;
+}
+const fitMap = {
+  fill: "fill",
+  contain: "inside",
+  cover: "cover",
+  none: "outside",
+  "scale-down": "inside",
+  outside: "outside",
+  inside: "inside"
+};
+const sharpService = {
+  validateOptions: baseService.validateOptions,
+  getURL: baseService.getURL,
+  parseURL: baseService.parseURL,
+  getHTMLAttributes: baseService.getHTMLAttributes,
+  getSrcSet: baseService.getSrcSet,
+  getRemoteSize: baseService.getRemoteSize,
+  async transform(inputBuffer, transformOptions, config) {
+    if (!sharp) sharp = await loadSharp();
+    const transform = transformOptions;
+    const kernel = config.service.config.kernel;
+    if (transform.format === "svg") return { data: inputBuffer, format: "svg" };
+    const result = sharp(inputBuffer, {
+      failOnError: false,
+      pages: -1,
+      limitInputPixels: config.service.config.limitInputPixels
+    });
+    result.rotate();
+    const { format } = await result.metadata();
+    if (transform.width && transform.height) {
+      const fit = transform.fit ? fitMap[transform.fit] ?? "inside" : void 0;
+      result.resize({
+        width: Math.round(transform.width),
+        height: Math.round(transform.height),
+        kernel,
+        fit,
+        position: transform.position,
+        withoutEnlargement: true
+      });
+    } else if (transform.height && !transform.width) {
+      result.resize({
+        height: Math.round(transform.height),
+        withoutEnlargement: true,
+        kernel
+      });
+    } else if (transform.width) {
+      result.resize({
+        width: Math.round(transform.width),
+        withoutEnlargement: true,
+        kernel
+      });
+    }
+    if (transform.background) {
+      result.flatten({ background: transform.background });
+    }
+    if (transform.format) {
+      const encoderOptions = resolveSharpEncoderOptions(transform, format, config.service.config);
+      if (transform.format === "webp" && format === "gif") {
+        result.webp(encoderOptions);
+      } else if (transform.format === "webp") {
+        result.webp(encoderOptions);
+      } else if (transform.format === "png") {
+        result.png(encoderOptions);
+      } else if (transform.format === "avif") {
+        result.avif(encoderOptions);
+      } else if (transform.format === "jpeg" || transform.format === "jpg") {
+        result.jpeg(encoderOptions);
+      } else {
+        result.toFormat(transform.format, encoderOptions);
+      }
+    }
+    const { data, info } = await result.toBuffer({ resolveWithObject: true });
+    const needsCopy = "buffer" in data && data.buffer instanceof SharedArrayBuffer;
+    return {
+      data: needsCopy ? new Uint8Array(data) : data,
+      format: info.format
+    };
+  }
+};
+var sharp_default = sharpService;
+
+export { sharp_default as default, resolveSharpEncoderOptions };

package/dist/server/chunks/users_Dzddy_YR.mjs

@@ -0,0 +1,137 @@
+import { RedisAuthAdapter, createAuditContext, AuditLogger } from './index_CVqOkerS.mjs';
+import bcrypt from 'bcryptjs';
+
+const redisAdapter = new RedisAuthAdapter({
+  url: process.env.REDIS_URL || "redis://localhost:6379"
+});
+const auditLogger = new AuditLogger(redisAdapter);
+async function ensureConnection() {
+  try {
+    await redisAdapter.connect();
+  } catch (e) {
+  }
+}
+const GET = async ({ url, request }) => {
+  await ensureConnection();
+  const page = parseInt(url.searchParams.get("page") || "1");
+  const limit = parseInt(url.searchParams.get("limit") || "25");
+  const search = url.searchParams.get("search") || "";
+  try {
+    const pattern = search ? `*${search.toLowerCase()}*` : "*";
+    let cursor = "0";
+    const users = [];
+    const seenIds = /* @__PURE__ */ new Set();
+    do {
+      const [nextCursor, keys] = await redisAdapter.redis.scan(
+        cursor,
+        "MATCH",
+        "kyro:auth:users:email:*",
+        "COUNT",
+        100
+      );
+      cursor = nextCursor;
+      for (const key of keys) {
+        const userId = await redisAdapter.redis.get(key);
+        if (userId && !seenIds.has(userId)) {
+          seenIds.add(userId);
+          const user = await redisAdapter.findUserById(userId);
+          if (user) {
+            const { passwordHash, ...safeUser } = user;
+            users.push(safeUser);
+          }
+        }
+      }
+    } while (cursor !== "0");
+    const totalDocs = users.length;
+    const startIndex = (page - 1) * limit;
+    const paginatedUsers = users.slice(startIndex, startIndex + limit);
+    return new Response(
+      JSON.stringify({
+        docs: paginatedUsers,
+        totalDocs,
+        page,
+        limit,
+        totalPages: Math.ceil(totalDocs / limit)
+      }),
+      {
+        status: 200,
+        headers: { "Content-Type": "application/json" }
+      }
+    );
+  } catch (error) {
+    console.error("Error fetching users:", error);
+    return new Response(
+      JSON.stringify({
+        error: "Failed to fetch users",
+        docs: [],
+        totalDocs: 0
+      }),
+      {
+        status: 200,
+        headers: { "Content-Type": "application/json" }
+      }
+    );
+  }
+};
+const POST = async ({ request }) => {
+  await ensureConnection();
+  const { ipAddress, userAgent } = createAuditContext(request);
+  try {
+    const body = await request.json();
+    const { email, password, role, tenantId } = body;
+    if (!email || !password) {
+      return new Response(
+        JSON.stringify({ error: "Email and password are required" }),
+        {
+          status: 400,
+          headers: { "Content-Type": "application/json" }
+        }
+      );
+    }
+    const existing = await redisAdapter.findUserByEmail(email);
+    if (existing) {
+      return new Response(JSON.stringify({ error: "Email already exists" }), {
+        status: 400,
+        headers: { "Content-Type": "application/json" }
+      });
+    }
+    const passwordHash = await bcrypt.hash(password, 12);
+    const user = await redisAdapter.createUser({
+      email,
+      passwordHash,
+      role: role || "customer",
+      tenantId
+    });
+    await auditLogger.log({
+      action: "user_create",
+      userId: user.id,
+      userEmail: user.email,
+      role: user.role,
+      resource: "users",
+      ipAddress,
+      userAgent,
+      success: true
+    });
+    const { passwordHash: _, ...safeUser } = user;
+    return new Response(JSON.stringify({ data: safeUser }), {
+      status: 201,
+      headers: { "Content-Type": "application/json" }
+    });
+  } catch (error) {
+    console.error("Error creating user:", error);
+    return new Response(JSON.stringify({ error: "Failed to create user" }), {
+      status: 500,
+      headers: { "Content-Type": "application/json" }
+    });
+  }
+};
+
+const _page = /*#__PURE__*/Object.freeze(/*#__PURE__*/Object.defineProperty({
+  __proto__: null,
+  GET,
+  POST
+}, Symbol.toStringTag, { value: 'Module' }));
+
+const page = () => _page;
+
+export { page };

package/dist/server/entry.mjs

@@ -0,0 +1,5 @@
+export { h as handler, o as options, b as startServer } from './chunks/server_peBx9VXG.mjs';
+import './chunks/sequence_9cl7AJy-.mjs';
+import 'piccolore';
+import 'es-module-lexer';
+import 'clsx';

package/dist/server/virtual_astro_middleware.mjs

@@ -0,0 +1,48 @@
+import jwt from 'jsonwebtoken';
+import { ag as sequence } from './chunks/sequence_9cl7AJy-.mjs';
+
+const JWT_SECRET = process.env.JWT_SECRET || "change-me-in-production";
+const PUBLIC_PATHS = [
+  "/api/auth/login",
+  "/api/auth/logout",
+  "/api/auth/me",
+  "/api/health",
+  "/favicon.svg"
+];
+const PUBLIC_PREFIXES = ["/api/collections/", "/api/auth/"];
+const onRequest$1 = async ({ request, url }, next) => {
+  const pathname = new URL(url).pathname;
+  if (PUBLIC_PATHS.includes(pathname)) {
+    return next();
+  }
+  for (const prefix of PUBLIC_PREFIXES) {
+    if (pathname.startsWith(prefix)) {
+      return next();
+    }
+  }
+  const authHeader = request.headers.get("authorization");
+  const token = authHeader?.startsWith("Bearer ") ? authHeader.slice(7) : null;
+  if (!token) {
+    return new Response(JSON.stringify({ error: "Authentication required" }), {
+      status: 401,
+      headers: { "Content-Type": "application/json" }
+    });
+  }
+  try {
+    const payload = jwt.verify(token, JWT_SECRET);
+    return next();
+  } catch {
+    return new Response(JSON.stringify({ error: "Invalid or expired token" }), {
+      status: 401,
+      headers: { "Content-Type": "application/json" }
+    });
+  }
+};
+
+const onRequest = sequence(
+	
+	onRequest$1
+	
+);
+
+export { onRequest };

package/package.json

@@ -0,0 +1,33 @@
+{
+  "name": "@kyro-cms/admin",
+  "version": "0.1.2",
+  "private": false,
+  "type": "module",
+  "description": "Admin dashboard for Kyro CMS",
+  "main": "./dist/index.js",
+  "scripts": {
+    "dev": "astro dev",
+    "build": "astro build",
+    "preview": "astro preview",
+    "check": "astro check"
+  },
+  "dependencies": {
+    "@astrojs/node": "^10.0.4",
+    "@astrojs/react": "5.0.2",
+    "@kyro-cms/core": "^0.1.2",
+    "@tailwindcss/vite": "^4.0.0",
+    "astro": "6.1.3",
+    "lucide-react": "^0.475.0",
+    "react": "^19.0.0",
+    "react-dom": "^19.0.0",
+    "tailwindcss": "^4.0.0"
+  },
+  "devDependencies": {
+    "@types/react": "^19.0.0",
+    "@types/react-dom": "^19.0.0",
+    "typescript": "^5.7.0"
+  },
+  "peerDependencies": {
+    "@kyro-cms/core": "^0.1.2"
+  }
+}

package/src/collections/auth/index.ts

@@ -0,0 +1,155 @@
+import type { CollectionConfig } from "@kyro-cms/core";
+
+export const usersCollection: CollectionConfig = {
+  slug: "users",
+  label: "Users",
+  singular: "User",
+  type: "singleton",
+  fields: [
+    { name: "id", type: "text", required: true, readonly: true },
+    { name: "email", type: "email", required: true },
+    {
+      name: "role",
+      type: "select",
+      options: [
+        "super_admin",
+        "admin",
+        "editor",
+        "author",
+        "customer",
+        "guest",
+      ],
+      required: true,
+    },
+    { name: "tenantId", type: "text", label: "Tenant" },
+    { name: "emailVerified", type: "boolean", label: "Email Verified" },
+    { name: "locked", type: "boolean" },
+    {
+      name: "lastLogin",
+      type: "datetime",
+      label: "Last Login",
+      readonly: true,
+    },
+    {
+      name: "failedLoginAttempts",
+      type: "number",
+      label: "Failed Login Attempts",
+      readonly: true,
+    },
+    { name: "createdAt", type: "datetime", readonly: true },
+    { name: "updatedAt", type: "datetime", readonly: true },
+  ],
+  access: {
+    create: () => true,
+    read: () => true,
+    update: () => true,
+    delete: () => true,
+  },
+  list: {
+    columns: [
+      "email",
+      "role",
+      "tenantId",
+      "emailVerified",
+      "locked",
+      "lastLogin",
+    ],
+    defaultSort: "createdAt",
+    defaultOrder: "desc",
+  },
+};
+
+export const rolesCollection: CollectionConfig = {
+  slug: "roles",
+  label: "Roles",
+  singular: "Role",
+  type: "collection",
+  fields: [
+    { name: "name", type: "text", required: true },
+    { name: "level", type: "number", required: true },
+    {
+      name: "inherits",
+      type: "array",
+      items: { type: "text" },
+      label: "Inherits From",
+    },
+    { name: "description", type: "textarea" },
+    {
+      name: "permissions",
+      type: "array",
+      items: { type: "text" },
+      label: "Permissions",
+    },
+  ],
+  access: {
+    create: () => true,
+    read: () => true,
+    update: () => true,
+    delete: () => true,
+  },
+  list: {
+    columns: ["name", "level", "inherits", "description"],
+    defaultSort: "level",
+    defaultOrder: "desc",
+  },
+};
+
+export interface AuditLogEntry {
+  id: string;
+  action: string;
+  userId?: string;
+  userEmail?: string;
+  role?: string;
+  resource: string;
+  ipAddress?: string;
+  userAgent?: string;
+  success: boolean;
+  error?: string;
+  metadata?: Record<string, unknown>;
+  timestamp: string;
+}
+
+export const auditLogsCollection: CollectionConfig = {
+  slug: "audit_logs",
+  label: "Audit Logs",
+  singular: "Audit Log",
+  type: "collection",
+  fields: [
+    { name: "id", type: "text", required: true, readonly: true },
+    { name: "action", type: "text", required: true },
+    { name: "userId", type: "text", label: "User ID" },
+    { name: "userEmail", type: "email", label: "User Email" },
+    { name: "role", type: "text" },
+    { name: "resource", type: "text", label: "Resource" },
+    { name: "ipAddress", type: "text", label: "IP Address" },
+    { name: "userAgent", type: "text", label: "User Agent" },
+    { name: "success", type: "boolean" },
+    { name: "error", type: "textarea" },
+    { name: "metadata", type: "json", label: "Metadata" },
+    { name: "timestamp", type: "datetime", required: true, readonly: true },
+  ],
+  access: {
+    create: () => false,
+    read: () => true,
+    update: () => false,
+    delete: () => false,
+  },
+  list: {
+    columns: [
+      "action",
+      "userEmail",
+      "role",
+      "resource",
+      "success",
+      "timestamp",
+    ],
+    defaultSort: "timestamp",
+    defaultOrder: "desc",
+  },
+};
+
+export const authCollections = {
+  users: usersCollection,
+  roles: rolesCollection,
+  audit_logs: auditLogsCollection,
+};