@kyro-cms/admin 0.3.2 → 0.3.4

package/src/pages/api/storage-status.ts

@@ -1,206 +0,0 @@
-import type { APIRoute } from "astro";
-import { getDatabaseConfig } from "../../lib/db";
-
-interface RawStorageSettings {
-  provider?: string;
-  local?: {
-    uploadDir?: string;
-    baseUrl?: string;
-  };
-  aws?: Record<string, any>;
-  r2?: Record<string, any>;
-  gcs?: Record<string, any>;
-  digitalocean?: Record<string, any>;
-  backblaze?: Record<string, any>;
-  wasabi?: Record<string, any>;
-  bunny?: Record<string, any>;
-  cloudinary?: Record<string, any>;
-  imgix?: Record<string, any>;
-  ftp?: Record<string, any>;
-  limits?: Record<string, any>;
-  [key: string]: any;
-}
-
-function validateProviderConfig(
-  provider: string,
-  config: RawStorageSettings,
-): { valid: boolean; missing: string[] } {
-  const missing: string[] = [];
-
-  switch (provider) {
-    case "local": {
-      const local = config.local || {};
-      if (!local.uploadDir || local.uploadDir.trim() === "") {
-        missing.push("Upload Directory");
-      }
-      if (
-        !local.baseUrl ||
-        local.baseUrl.trim() === "" ||
-        local.baseUrl === "/"
-      ) {
-        missing.push("Base URL");
-      }
-      break;
-    }
-
-    case "aws": {
-      const aws = config.aws || {};
-      if (!aws.bucket?.trim()) missing.push("Bucket Name");
-      if (!aws.accessKeyId?.trim()) missing.push("Access Key ID");
-      if (!aws.secretAccessKey?.trim()) missing.push("Secret Access Key");
-      break;
-    }
-
-    case "r2": {
-      const r2 = config.r2 || {};
-      if (!r2.bucket?.trim()) missing.push("Bucket Name");
-      if (!r2.accountId?.trim()) missing.push("Account ID");
-      if (!r2.accessKeyId?.trim()) missing.push("Access Key ID");
-      if (!r2.secretAccessKey?.trim()) missing.push("Secret Access Key");
-      break;
-    }
-
-    case "gcs": {
-      const gcs = config.gcs || {};
-      if (!gcs.bucket?.trim()) missing.push("Bucket Name");
-      if (!gcs.projectId?.trim()) missing.push("Project ID");
-      if (!gcs.clientEmail?.trim()) missing.push("Client Email");
-      if (!gcs.privateKey?.trim()) missing.push("Private Key");
-      break;
-    }
-
-    case "digitalocean": {
-      const doConfig = config.digitalocean || {};
-      if (!doConfig.bucket?.trim()) missing.push("Space Name");
-      if (!doConfig.accessKeyId?.trim()) missing.push("Access Key ID");
-      if (!doConfig.secretAccessKey?.trim()) missing.push("Secret Access Key");
-      break;
-    }
-
-    case "backblaze": {
-      const b2 = config.backblaze || {};
-      if (!b2.bucket?.trim()) missing.push("Bucket Name");
-      if (!b2.accountId?.trim()) missing.push("Account ID");
-      if (!b2.applicationKeyId?.trim()) missing.push("Application Key ID");
-      if (!b2.applicationKey?.trim()) missing.push("Application Key");
-      break;
-    }
-
-    case "wasabi": {
-      const wasabi = config.wasabi || {};
-      if (!wasabi.bucket?.trim()) missing.push("Bucket Name");
-      if (!wasabi.accessKeyId?.trim()) missing.push("Access Key ID");
-      if (!wasabi.secretAccessKey?.trim()) missing.push("Secret Access Key");
-      break;
-    }
-
-    case "bunny": {
-      const bunny = config.bunny || {};
-      if (!bunny.storageZone?.trim()) missing.push("Storage Zone");
-      if (!bunny.apiKey?.trim()) missing.push("API Key");
-      break;
-    }
-
-    case "cloudinary": {
-      const cloudinary = config.cloudinary || {};
-      if (!cloudinary.cloudName?.trim()) missing.push("Cloud Name");
-      if (!cloudinary.apiKey?.trim()) missing.push("API Key");
-      if (!cloudinary.apiSecret?.trim()) missing.push("API Secret");
-      break;
-    }
-
-    case "imgix": {
-      const imgix = config.imgix || {};
-      if (!imgix.domain?.trim()) missing.push("Imgix Domain");
-      break;
-    }
-
-    case "ftp": {
-      const ftp = config.ftp || {};
-      if (!ftp.host?.trim()) missing.push("Host");
-      if (!ftp.user?.trim()) missing.push("Username");
-      if (!ftp.password?.trim()) missing.push("Password");
-      if (!ftp.baseUrl?.trim()) missing.push("Base URL");
-      break;
-    }
-
-    default:
-      missing.push("Unknown provider");
-  }
-
-  return { valid: missing.length === 0, missing };
-}
-
-export const GET: APIRoute = async () => {
-  const dbConfig = getDatabaseConfig();
-
-  try {
-    if (dbConfig.type === "sqlite") {
-      const Database = (await import("better-sqlite3")).default;
-      const db = new Database(dbConfig.contentDbPath || "./data/content.db");
-
-      try {
-        const row = db
-          .prepare("SELECT data FROM globals WHERE slug = ?")
-          .get("storage-settings") as { data: string } | undefined;
-
-        if (!row) {
-          return new Response(
-            JSON.stringify({
-              configured: false,
-              reason: "no-settings",
-              provider: null,
-              missingFields: [],
-            }),
-            { status: 200, headers: { "Content-Type": "application/json" } },
-          );
-        }
-
-        const data: RawStorageSettings =
-          typeof row.data === "string" ? JSON.parse(row.data) : row.data;
-        const provider = data.provider || "local";
-
-        // Validate based on provider
-        const validation = validateProviderConfig(provider, data);
-
-        if (!validation.valid) {
-          return new Response(
-            JSON.stringify({
-              configured: false,
-              reason: "incomplete-config",
-              provider,
-              missingFields: validation.missing,
-            }),
-            { status: 200, headers: { "Content-Type": "application/json" } },
-          );
-        }
-
-        return new Response(
-          JSON.stringify({
-            configured: true,
-            reason: "configured",
-            provider,
-            missingFields: [],
-          }),
-          { status: 200, headers: { "Content-Type": "application/json" } },
-        );
-      } finally {
-        db.close();
-      }
-    }
-
-    return new Response(
-      JSON.stringify({ configured: false, reason: "unsupported-db" }),
-      { status: 200, headers: { "Content-Type": "application/json" } },
-    );
-  } catch (error) {
-    return new Response(
-      JSON.stringify({
-        configured: false,
-        reason: "error",
-        details: String(error),
-      }),
-      { status: 500, headers: { "Content-Type": "application/json" } },
-    );
-  }
-};

package/src/pages/api/upload.ts

@@ -1,334 +0,0 @@
-import type { APIRoute } from "astro";
-import { MediaService, type Dialect } from "@kyro-cms/core";
-import { getDatabaseConfig, runMigrations } from "../../lib/db";
-
-const MAX_FILE_SIZE = 50 * 1024 * 1024; // 50MB
-
-const ALLOWED_TYPES = [
-  "image/jpeg",
-  "image/png",
-  "image/gif",
-  "image/webp",
-  "image/avif",
-  "image/svg+xml",
-  "video/mp4",
-  "video/webm",
-  "video/ogg",
-  "application/pdf",
-  "application/zip",
-  "text/plain",
-  "application/octet-stream",
-];
-
-async function ensureMediaTable(db: any) {
-  try {
-    db.exec(`
-      CREATE TABLE IF NOT EXISTS media (
-        id TEXT PRIMARY KEY,
-        filename TEXT NOT NULL UNIQUE,
-        title TEXT,
-        original_name TEXT NOT NULL,
-        mime_type TEXT NOT NULL,
-        file_size INTEGER NOT NULL,
-        width INTEGER,
-        height INTEGER,
-        url TEXT NOT NULL UNIQUE,
-        thumbnail_url TEXT,
-        folder TEXT,
-        provider TEXT NOT NULL DEFAULT 'local',
-        alt TEXT,
-        caption TEXT,
-        metadata TEXT,
-        created_at TEXT DEFAULT (datetime('now')),
-        updated_at TEXT DEFAULT (datetime('now'))
-      )
-    `);
-  } catch (e: any) {
-    console.warn("[upload] Media table error:", e.message);
-  }
-}
-
-export const POST: APIRoute = async ({ request }) => {
-  const dbConfig = getDatabaseConfig();
-
-  let db: any = null;
-  let dialect: Dialect = "sqlite";
-  let genId = () => crypto.randomUUID();
-
-  // Connect to admin's database (same as admin UI uses)
-  try {
-    if (dbConfig.type === "sqlite") {
-      const Database = (await import("better-sqlite3")).default;
-      db = new Database(dbConfig.contentDbPath || "./data/content.db");
-      dialect = "sqlite";
-    } else if (dbConfig.type === "postgres") {
-      const { Pool } = await import("pg");
-      db = new Pool({
-        connectionString:
-          dbConfig.connectionString ||
-          `postgresql://${dbConfig.username}:${dbConfig.password}@${dbConfig.host}:${dbConfig.port}/${dbConfig.database}`,
-      });
-      dialect = "postgres";
-    } else if (dbConfig.type === "mysql") {
-      const mysql = await import("mysql2/promise");
-      db = await mysql.createPool({
-        uri:
-          dbConfig.connectionString ||
-          `mysql://${dbConfig.username}:${dbConfig.password}@${dbConfig.host}:${dbConfig.port}/${dbConfig.database}`,
-      });
-      dialect = "mysql";
-    }
-  } catch (e: any) {
-    return new Response(
-      JSON.stringify({ error: "Database connection failed: " + e.message }),
-      { status: 500, headers: { "Content-Type": "application/json" } },
-    );
-  }
-
-  // Get storage config from globals table
-  let storageConfig: any = undefined;
-
-  try {
-    if (dbConfig.type === "sqlite") {
-      const stmt = db.prepare("SELECT * FROM globals WHERE slug = ?");
-      const row = stmt.get("storage-settings") as any;
-      if (row) {
-        storageConfig =
-          typeof row.data === "string" ? JSON.parse(row.data) : row.data;
-        if (storageConfig.provider && !storageConfig.type) {
-          storageConfig.type = storageConfig.provider;
-        }
-        console.log(
-          "[upload] Storage config loaded:",
-          JSON.stringify(
-            {
-              provider: storageConfig.provider,
-              type: storageConfig.type,
-              r2: storageConfig.r2
-                ? {
-                    bucket: storageConfig.r2.bucket,
-                    accountId: storageConfig.r2.accountId,
-                    publicDevUrl: storageConfig.r2.publicDevUrl,
-                    prefix: storageConfig.r2.prefix,
-                  }
-                : undefined,
-            },
-            null,
-            2,
-          ),
-        );
-      }
-    } else if (dbConfig.type === "postgres" || dbConfig.type === "mysql") {
-      const result = await db.query("SELECT * FROM globals WHERE slug = ?", [
-        "storage-settings",
-      ]);
-      const rows = result.rows || result[0] || [];
-      if (rows.length > 0) {
-        storageConfig = rows[0].data;
-        if (storageConfig.provider && !storageConfig.type) {
-          storageConfig.type = storageConfig.provider;
-        }
-      }
-    }
-  } catch (e: any) {
-    console.warn("[upload] Error reading storage config:", e.message);
-  }
-
-  // Fallback to environment or default
-  if (!storageConfig && process.env.STORAGE_TYPE) {
-    storageConfig = {
-      type: process.env.STORAGE_TYPE,
-      [process.env.STORAGE_TYPE]: {
-        bucket: process.env.STORAGE_BUCKET,
-        region: process.env.STORAGE_REGION,
-        accessKeyId: process.env.STORAGE_ACCESS_KEY_ID,
-        secretAccessKey: process.env.STORAGE_SECRET_ACCESS_KEY,
-      },
-    };
-  }
-
-  if (!storageConfig) {
-    storageConfig = { type: "local" };
-  }
-
-  // Recreate media table
-  if (dbConfig.type === "sqlite") {
-    await ensureMediaTable(db);
-  } else {
-    try {
-      await runMigrations();
-    } catch (e: any) {
-      console.warn("[upload] runMigrations:", e.message);
-    }
-  }
-
-  // Initialize MediaService
-  let mediaService;
-  try {
-    console.log(
-      "[upload] About to init MediaService with config:",
-      JSON.stringify(
-        {
-          type: storageConfig.type,
-          r2: storageConfig.r2
-            ? {
-                bucket: storageConfig.r2.bucket,
-                accountId: storageConfig.r2.accountId,
-                accessKeyId: storageConfig.r2.accessKeyId ? "SET" : "UNDEFINED",
-                secretAccessKey: storageConfig.r2.secretAccessKey
-                  ? "SET"
-                  : "UNDEFINED",
-                publicDevUrl: storageConfig.r2.publicDevUrl,
-                prefix: storageConfig.r2.prefix,
-              }
-            : undefined,
-        },
-        null,
-        2,
-      ),
-    );
-
-    mediaService = await MediaService.init(db, {
-      dialect,
-      genId,
-      storageConfig,
-    });
-  } catch (e: any) {
-    return new Response(
-      JSON.stringify({ error: "Failed to init media service: " + e.message }),
-      { status: 500, headers: { "Content-Type": "application/json" } },
-    );
-  }
-
-  // Handle file upload
-  try {
-    const contentType = request.headers.get("Content-Type") || "";
-
-    if (contentType.includes("application/json")) {
-      const body = await request.json();
-      const { url, folder } = body;
-
-      if (url) {
-        try {
-          const isExternalUrl =
-            url.startsWith("http://") || url.startsWith("https://");
-
-          if (isExternalUrl) {
-            const response = await fetch(url);
-            if (!response.ok) {
-              return new Response(
-                JSON.stringify({
-                  error: "Failed to fetch URL: " + response.statusText,
-                }),
-                {
-                  status: 400,
-                  headers: { "Content-Type": "application/json" },
-                },
-              );
-            }
-            const blob = await response.blob();
-            const contentDisposition = response.headers.get(
-              "Content-Disposition",
-            );
-            const filenameMatch = contentDisposition?.match(
-              /filename[^;]*=([^";\s]+)/,
-            );
-            const filename =
-              filenameMatch?.[1] || url.split("/").pop() || "url-upload";
-
-            const file = new File([blob], filename, {
-              type: blob.type || "image/*",
-            });
-            const media = await mediaService.upload(file, folder || "");
-            return new Response(JSON.stringify(media), {
-              status: 200,
-              headers: { "Content-Type": "application/json" },
-            });
-          }
-
-          const fileMatches = url.match(/\/uploads\/(.+)/);
-          if (fileMatches) {
-            const fullPath = fileMatches[1];
-            const fullUrl =
-              new URL(url, request.url).origin + "/uploads/" + fullPath;
-            const { default: fs } = await import("fs/promises");
-            const path = await import("path");
-            const filePath = path.join(
-              process.cwd(),
-              "public",
-              "uploads",
-              fullPath,
-            );
-            const data = await fs.readFile(filePath);
-            const file = new File([data], fullPath);
-            const media = await mediaService.upload(file, folder || "");
-            return new Response(JSON.stringify(media), {
-              status: 200,
-              headers: { "Content-Type": "application/json" },
-            });
-          }
-        } catch (fetchErr: any) {
-          return new Response(
-            JSON.stringify({ error: "Failed to add URL: " + fetchErr.message }),
-            {
-              status: 400,
-              headers: { "Content-Type": "application/json" },
-            },
-          );
-        }
-      }
-
-      return new Response(
-        JSON.stringify({ error: "No file or URL provided" }),
-        {
-          status: 400,
-          headers: { "Content-Type": "application/json" },
-        },
-      );
-    }
-
-    const formData = await request.formData();
-    const file = formData.get("file") as File | null;
-    const folder = (formData.get("folder") as string) || "";
-
-    if (!file) {
-      return new Response(JSON.stringify({ error: "No file provided" }), {
-        status: 400,
-        headers: { "Content-Type": "application/json" },
-      });
-    }
-
-    if (!ALLOWED_TYPES.includes(file.type)) {
-      return new Response(
-        JSON.stringify({ error: `Invalid file type: ${file.type}` }),
-        { status: 400, headers: { "Content-Type": "application/json" } },
-      );
-    }
-
-    if (file.size > MAX_FILE_SIZE) {
-      return new Response(
-        JSON.stringify({
-          error: `File too large. Max size: ${MAX_FILE_SIZE / 1024 / 1024}MB`,
-        }),
-        { status: 400, headers: { "Content-Type": "application/json" } },
-      );
-    }
-
-    const media = await mediaService.upload(file, folder);
-
-    return new Response(JSON.stringify(media), {
-      status: 200,
-      headers: { "Content-Type": "application/json" },
-    });
-  } catch (error: any) {
-    console.error("Upload error:", error);
-    return new Response(
-      JSON.stringify({ error: error.message || "Upload failed" }),
-      { status: 500, headers: { "Content-Type": "application/json" } },
-    );
-  } finally {
-    if (dbConfig.type === "sqlite" && db) {
-      db.close();
-    }
-  }
-};

package/src/pages/api/webhooks/index.ts

@@ -1,71 +0,0 @@
-import type { APIRoute } from "astro";
-import { dataStore } from "../../../lib/dataStore";
-
-export const GET: APIRoute = async () => {
-  try {
-    const webhooks = await dataStore.find("_webhooks", { limit: 100, page: 1 });
-
-    const docs = webhooks.docs.map((w: any) => ({
-      id: w.id,
-      name: w.name,
-      url: w.url,
-      events: w.events || [],
-      secret: w.secret,
-      status: w.status || "active",
-      createdAt: w.createdAt,
-      lastTriggered: w.lastTriggered,
-    }));
-
-    return new Response(JSON.stringify(docs), {
-      status: 200,
-      headers: { "Content-Type": "application/json" },
-    });
-  } catch (error: any) {
-    return new Response(JSON.stringify({ error: error.message }), {
-      status: 500,
-      headers: { "Content-Type": "application/json" },
-    });
-  }
-};
-
-export const POST: APIRoute = async ({ request }) => {
-  try {
-    const body = await request.json();
-    const { name, url, events, secret } = body;
-
-    if (!name || !url) {
-      return new Response(
-        JSON.stringify({ error: "Name and URL are required" }),
-        {
-          status: 400,
-          headers: { "Content-Type": "application/json" },
-        },
-      );
-    }
-
-    const doc = await dataStore.create("_webhooks", {
-      name,
-      url,
-      events: events || [],
-      secret: secret || "",
-      status: "active",
-      createdAt: new Date().toISOString(),
-    });
-
-    return new Response(
-      JSON.stringify({
-        id: doc.id,
-        name: doc.name,
-      }),
-      {
-        status: 201,
-        headers: { "Content-Type": "application/json" },
-      },
-    );
-  } catch (error: any) {
-    return new Response(JSON.stringify({ error: error.message }), {
-      status: 500,
-      headers: { "Content-Type": "application/json" },
-    });
-  }
-};

package/src/pages/login.astro

@@ -1,82 +0,0 @@
----
-import AuthLayout from '../layouts/AuthLayout.astro';
----
-
-<AuthLayout title="Sign In">
-  <div class="surface-tile p-8 w-full" style="max-width: 420px;">
-    <div class="text-center mb-8">
-      <h1 class="text-2xl font-black tracking-tight text-[var(--kyro-text-primary)]">Welcome back</h1>
-      <p class="text-sm text-[var(--kyro-text-secondary)] mt-2">Sign in to your account</p>
-    </div>
-
-    <form id="login-form" class="space-y-5">
-      <div>
-        <label for="email" class="block text-sm font-bold text-[var(--kyro-text-primary)] mb-2 text-left">Email</label>
-        <input type="email" id="email" name="email" required 
-          class="w-full px-4 py-3 border border-[var(--kyro-border)] bg-[var(--kyro-input-bg)] rounded-xl text-sm font-medium focus:outline-none focus:ring-2 focus:ring-[var(--kyro-sidebar-active)] focus:border-[var(--kyro-sidebar-active)] text-[var(--kyro-text-primary)]" 
-          placeholder="admin@example.com" />
-      </div>
-
-      <div>
-        <label for="password" class="block text-sm font-bold text-[var(--kyro-text-primary)] mb-2">Password</label>
-        <input type="password" id="password" name="password" required 
-          class="w-full px-4 py-3 border border-[var(--kyro-border)] bg-[var(--kyro-input-bg)] rounded-xl text-sm font-medium focus:outline-none focus:ring-2 focus:ring-[var(--kyro-sidebar-active)] focus:border-[var(--kyro-sidebar-active)] text-[var(--kyro-text-primary)]" 
-          placeholder="••••••••" />
-      </div>
-
-      <div id="form-message" class="hidden p-3 rounded-xl text-sm font-bold"></div>
-
-      <button type="submit" class="w-full py-3 bg-[var(--kyro-sidebar-active)] text-[var(--kyro-sidebar-text-active)] rounded-xl text-sm font-bold hover:opacity-90 transition-colors shadow-lg">
-        Sign In
-      </button>
-    </form>
-
-    <p class="text-center text-sm text-[var(--kyro-text-secondary)] mt-6">
-      Don't have an account? <a href="/register" class="font-bold text-[var(--kyro-text-primary)] hover:underline">Register</a>
-    </p>
-  </div>
-
-  <script is:inline>
-    document.getElementById('login-form')?.addEventListener('submit', async (e) => {
-      e.preventDefault();
-      const form = e.target;
-      const message = document.getElementById('form-message');
-      const button = form.querySelector('button[type="submit"]');
-      
-      const email = form.email.value;
-      const password = form.password.value;
-      
-      button.disabled = true;
-      button.textContent = 'Signing in...';
-      
-      try {
-        const res = await fetch('/api/auth/login', {
-          method: 'POST',
-          headers: { 'Content-Type': 'application/json' },
-          body: JSON.stringify({ email, password })
-        });
-        
-        const data = await res.json();
-        
-        if (res.ok && data.success) {
-          // Set cookie for server-side auth
-          document.cookie = `auth_token=${data.token}; path=/; max-age=${60*60*24}; samesite=strict`;
-          localStorage.setItem('user', JSON.stringify(data.user));
-          message.textContent = 'Success! Redirecting...';
-          message.className = 'block p-3 rounded-xl text-sm font-bold bg-green-50 text-green-600';
-          setTimeout(() => { window.location.href = '/admin'; }, 500);
-        } else {
-          message.textContent = data.error || 'Login failed';
-          message.className = 'block p-3 rounded-xl text-sm font-bold bg-red-50 text-red-600';
-          button.disabled = false;
-          button.textContent = 'Sign In';
-        }
-      } catch (err) {
-        message.textContent = 'Connection error';
-        message.className = 'block p-3 rounded-xl text-sm font-bold bg-red-50 text-red-600';
-        button.disabled = false;
-        button.textContent = 'Sign In';
-      }
-    });
-  </script>
-</AuthLayout>