@kyro-cms/core 0.1.6 → 0.1.8

package/dist/index.js

@@ -1,29 +1,1025 @@
-export { allSettingsGlobals, blogCollections, blogGlobals, coreSettingsGlobals, createTemplateConfig, ecommerceCollections, ecommerceGlobals, ecommerceSettingsGlobals, kitchenSinkCollections, mediaCollections, minimalCollections } from './chunk-3QX6KG2S.js';
-export { RedisAuthAdapter } from './chunk-VMSRTAH7.js';
-import { EmailTransport, PasswordPolicy, SQLiteAuthAdapter } from './chunk-5Y7QGIHD.js';
-export { EmailTransport, PasswordPolicy, SQLiteAuthAdapter, autoBootstrap, bootstrapAdmin, getBootstrapFromEnv } from './chunk-5Y7QGIHD.js';
-import { createKyroServer } from './chunk-UEYC46RL.js';
-export { createContext, createCountProcedure, createCreateProcedure, createDeleteProcedure, createDynamicRouter, createFindByIDProcedure, createFindProcedure, createKyroServer, createUpdateProcedure } from './chunk-UEYC46RL.js';
-import { buildGraphQLSchema } from './chunk-OG3KX56O.js';
-export { buildGraphQLSchema, createGraphQLSchema } from './chunk-OG3KX56O.js';
-import { createHonoApp } from './chunk-YPAFJ7EV.js';
-export { createHonoApp, createRESTAPI } from './chunk-YPAFJ7EV.js';
-export { evaluateAccess, getWhereClause, mergeWhereClauses } from './chunk-SDMNUYVU.js';
+export { allSettingsGlobals, blogCollections, blogGlobals, coreSettingsGlobals, createTemplateConfig, ecommerceCollections, ecommerceGlobals, ecommerceSettingsGlobals, kitchenSinkCollections, mediaCollections, minimalCollections } from './chunk-RONAX6UU.js';
+export { RedisAuthAdapter } from './chunk-GLCPGZPM.js';
+import { PasswordPolicy, SQLiteAuthAdapter } from './chunk-RRYXQMZG.js';
+export { PasswordPolicy, SQLiteAuthAdapter, autoBootstrap, bootstrapAdmin, getBootstrapFromEnv } from './chunk-RRYXQMZG.js';
+import { createAuditContext } from './chunk-QKOFKITP.js';
+export { CSSGenerator, createAdminStyling, defaultDarkTheme, defaultFieldStyling, defaultLightTheme, ecommerce2026Theme, generateCSSVariables, generateTailwindConfig } from './chunk-QKOFKITP.js';
+import { createKyroServer } from './chunk-OUGKLCYF.js';
+export { createContext, createCountProcedure, createCreateProcedure, createDeleteProcedure, createDynamicRouter, createFindByIDProcedure, createFindProcedure, createKyroServer, createUpdateProcedure } from './chunk-OUGKLCYF.js';
+import { buildGraphQLSchema } from './chunk-KWGNR4HM.js';
+export { buildGraphQLSchema, createGraphQLSchema } from './chunk-KWGNR4HM.js';
+import { InMemoryRateLimiter, generateToken, defaultExtractToken, createHonoApp } from './chunk-6MSSF46R.js';
+export { InMemoryRateLimiter, createHonoApp, createRESTAPI } from './chunk-6MSSF46R.js';
+import { EmailTransport, ConfigService } from './chunk-HYC4GNHX.js';
+export { ConfigService, EmailTransport } from './chunk-HYC4GNHX.js';
+import './chunk-YT7HXXVN.js';
+export { ALL_WEBHOOK_EVENTS, WEBHOOK_COLLECTION, WEBHOOK_DELIVERY_COLLECTION, WEBHOOK_EVENTS, WebhookService, buildDeliveryRecord, createTestPayload, createWebhookService, deliverWebhook, deliverWithRetry, evaluateAccess, generateWebhookSecret, getWhereClause, mergeWhereClauses, signPayload } from './chunk-E5X75WNB.js';
 import { KyroPubSub, createWSServer } from './chunk-3TPQ2BU6.js';
 export { KyroPubSub, KyroWSServer, PubSub, createWSServer } from './chunk-3TPQ2BU6.js';
-export { DrizzleAdapter, collectionToDrizzleSchema, createDrizzleAdapter, fieldToDrizzleType } from './chunk-EINVJPFM.js';
-export { PostgresAuthAdapter } from './chunk-QUJ4OLSC.js';
-export { createDatabase, runMigrations, seedDefaultRoles } from './chunk-LRTZJJPD.js';
-import './chunk-XTZSUDSI.js';
+import { genId } from './chunk-BTOE3VUK.js';
+export { DrizzleAdapter, collectionToDrizzleSchema, createDatabase, createDrizzleAdapter, fieldToDrizzleType, runMigrations, seedDefaultRoles } from './chunk-BTOE3VUK.js';
+export { PostgresAuthAdapter } from './chunk-U74F3YZU.js';
+import './chunk-LTRCYJAG.js';
 export { MongoDBAdapter, createMongoDBAdapter } from './chunk-DIC236EW.js';
 import { AbstractBaseAdapter } from './chunk-BXMWDUED.js';
 export { AbstractBaseAdapter } from './chunk-BXMWDUED.js';
-import { __require } from './chunk-NSBPE2FW.js';
+import { __esm, __export, __require, __toCommonJS } from './chunk-Z6ZWNWWR.js';
+import { Readable, Writable } from 'stream';
+import { Agent, request } from 'https';
+import http2, { constants } from 'http2';
 import { z } from 'zod';
 export { z } from 'zod';
 import bcrypt from 'bcrypt';
-import jwt2 from 'jsonwebtoken';
-import { randomBytes } from 'crypto';
+import jwt from 'jsonwebtoken';
+import { randomBytes, createHash } from 'crypto';
+import path, { join, basename, extname } from 'path';
+import { readdir, stat, rename, unlink, writeFile, mkdir } from 'fs/promises';
+import { existsSync } from 'fs';
+import { S3Client, HeadObjectCommand, ListObjectsV2Command, CopyObjectCommand, DeleteObjectCommand, PutObjectCommand } from '@aws-sdk/client-s3';
+import { Client } from 'basic-ftp';
+import sharp from 'sharp';
+
+// node_modules/@smithy/protocol-http/dist-es/extensions/httpExtensionConfiguration.js
+var init_httpExtensionConfiguration = __esm({
+  "node_modules/@smithy/protocol-http/dist-es/extensions/httpExtensionConfiguration.js"() {
+  }
+});
+
+// node_modules/@smithy/protocol-http/dist-es/extensions/index.js
+var init_extensions = __esm({
+  "node_modules/@smithy/protocol-http/dist-es/extensions/index.js"() {
+    init_httpExtensionConfiguration();
+  }
+});
+
+// node_modules/@smithy/protocol-http/dist-es/Field.js
+var init_Field = __esm({
+  "node_modules/@smithy/protocol-http/dist-es/Field.js"() {
+  }
+});
+
+// node_modules/@smithy/protocol-http/dist-es/Fields.js
+var init_Fields = __esm({
+  "node_modules/@smithy/protocol-http/dist-es/Fields.js"() {
+  }
+});
+
+// node_modules/@smithy/protocol-http/dist-es/httpHandler.js
+var init_httpHandler = __esm({
+  "node_modules/@smithy/protocol-http/dist-es/httpHandler.js"() {
+  }
+});
+
+// node_modules/@smithy/protocol-http/dist-es/httpRequest.js
+var init_httpRequest = __esm({
+  "node_modules/@smithy/protocol-http/dist-es/httpRequest.js"() {
+  }
+});
+
+// node_modules/@smithy/protocol-http/dist-es/httpResponse.js
+var HttpResponse;
+var init_httpResponse = __esm({
+  "node_modules/@smithy/protocol-http/dist-es/httpResponse.js"() {
+    HttpResponse = class {
+      statusCode;
+      reason;
+      headers;
+      body;
+      constructor(options) {
+        this.statusCode = options.statusCode;
+        this.reason = options.reason;
+        this.headers = options.headers || {};
+        this.body = options.body;
+      }
+      static isInstance(response) {
+        if (!response)
+          return false;
+        const resp = response;
+        return typeof resp.statusCode === "number" && typeof resp.headers === "object";
+      }
+    };
+  }
+});
+
+// node_modules/@smithy/protocol-http/dist-es/isValidHostname.js
+var init_isValidHostname = __esm({
+  "node_modules/@smithy/protocol-http/dist-es/isValidHostname.js"() {
+  }
+});
+
+// node_modules/@smithy/protocol-http/dist-es/types.js
+var init_types = __esm({
+  "node_modules/@smithy/protocol-http/dist-es/types.js"() {
+  }
+});
+
+// node_modules/@smithy/protocol-http/dist-es/index.js
+var init_dist_es = __esm({
+  "node_modules/@smithy/protocol-http/dist-es/index.js"() {
+    init_extensions();
+    init_Field();
+    init_Fields();
+    init_httpHandler();
+    init_httpRequest();
+    init_httpResponse();
+    init_isValidHostname();
+    init_types();
+  }
+});
+
+// node_modules/@smithy/util-uri-escape/dist-es/escape-uri.js
+var escapeUri, hexEncode;
+var init_escape_uri = __esm({
+  "node_modules/@smithy/util-uri-escape/dist-es/escape-uri.js"() {
+    escapeUri = (uri) => encodeURIComponent(uri).replace(/[!'()*]/g, hexEncode);
+    hexEncode = (c) => `%${c.charCodeAt(0).toString(16).toUpperCase()}`;
+  }
+});
+
+// node_modules/@smithy/util-uri-escape/dist-es/escape-uri-path.js
+var init_escape_uri_path = __esm({
+  "node_modules/@smithy/util-uri-escape/dist-es/escape-uri-path.js"() {
+  }
+});
+
+// node_modules/@smithy/util-uri-escape/dist-es/index.js
+var init_dist_es2 = __esm({
+  "node_modules/@smithy/util-uri-escape/dist-es/index.js"() {
+    init_escape_uri();
+    init_escape_uri_path();
+  }
+});
+
+// node_modules/@smithy/querystring-builder/dist-es/index.js
+function buildQueryString(query) {
+  const parts = [];
+  for (let key of Object.keys(query).sort()) {
+    const value = query[key];
+    key = escapeUri(key);
+    if (Array.isArray(value)) {
+      for (let i = 0, iLen = value.length; i < iLen; i++) {
+        parts.push(`${key}=${escapeUri(value[i])}`);
+      }
+    } else {
+      let qsEntry = key;
+      if (value || typeof value === "string") {
+        qsEntry += `=${escapeUri(value)}`;
+      }
+      parts.push(qsEntry);
+    }
+  }
+  return parts.join("&");
+}
+var init_dist_es3 = __esm({
+  "node_modules/@smithy/querystring-builder/dist-es/index.js"() {
+    init_dist_es2();
+  }
+});
+
+// node_modules/@smithy/node-http-handler/dist-es/build-abort-error.js
+function buildAbortError(abortSignal) {
+  const reason = abortSignal && typeof abortSignal === "object" && "reason" in abortSignal ? abortSignal.reason : void 0;
+  if (reason) {
+    if (reason instanceof Error) {
+      const abortError3 = new Error("Request aborted");
+      abortError3.name = "AbortError";
+      abortError3.cause = reason;
+      return abortError3;
+    }
+    const abortError2 = new Error(String(reason));
+    abortError2.name = "AbortError";
+    return abortError2;
+  }
+  const abortError = new Error("Request aborted");
+  abortError.name = "AbortError";
+  return abortError;
+}
+var init_build_abort_error = __esm({
+  "node_modules/@smithy/node-http-handler/dist-es/build-abort-error.js"() {
+  }
+});
+
+// node_modules/@smithy/node-http-handler/dist-es/constants.js
+var NODEJS_TIMEOUT_ERROR_CODES;
+var init_constants = __esm({
+  "node_modules/@smithy/node-http-handler/dist-es/constants.js"() {
+    NODEJS_TIMEOUT_ERROR_CODES = ["ECONNRESET", "EPIPE", "ETIMEDOUT"];
+  }
+});
+
+// node_modules/@smithy/node-http-handler/dist-es/get-transformed-headers.js
+var getTransformedHeaders;
+var init_get_transformed_headers = __esm({
+  "node_modules/@smithy/node-http-handler/dist-es/get-transformed-headers.js"() {
+    getTransformedHeaders = (headers) => {
+      const transformedHeaders = {};
+      for (const name of Object.keys(headers)) {
+        const headerValues = headers[name];
+        transformedHeaders[name] = Array.isArray(headerValues) ? headerValues.join(",") : headerValues;
+      }
+      return transformedHeaders;
+    };
+  }
+});
+
+// node_modules/@smithy/node-http-handler/dist-es/timing.js
+var timing;
+var init_timing = __esm({
+  "node_modules/@smithy/node-http-handler/dist-es/timing.js"() {
+    timing = {
+      setTimeout: (cb, ms) => setTimeout(cb, ms),
+      clearTimeout: (timeoutId) => clearTimeout(timeoutId)
+    };
+  }
+});
+
+// node_modules/@smithy/node-http-handler/dist-es/set-connection-timeout.js
+var DEFER_EVENT_LISTENER_TIME, setConnectionTimeout;
+var init_set_connection_timeout = __esm({
+  "node_modules/@smithy/node-http-handler/dist-es/set-connection-timeout.js"() {
+    init_timing();
+    DEFER_EVENT_LISTENER_TIME = 1e3;
+    setConnectionTimeout = (request, reject, timeoutInMs = 0) => {
+      if (!timeoutInMs) {
+        return -1;
+      }
+      const registerTimeout = (offset) => {
+        const timeoutId = timing.setTimeout(() => {
+          request.destroy();
+          reject(Object.assign(new Error(`@smithy/node-http-handler - the request socket did not establish a connection with the server within the configured timeout of ${timeoutInMs} ms.`), {
+            name: "TimeoutError"
+          }));
+        }, timeoutInMs - offset);
+        const doWithSocket = (socket) => {
+          if (socket?.connecting) {
+            socket.on("connect", () => {
+              timing.clearTimeout(timeoutId);
+            });
+          } else {
+            timing.clearTimeout(timeoutId);
+          }
+        };
+        if (request.socket) {
+          doWithSocket(request.socket);
+        } else {
+          request.on("socket", doWithSocket);
+        }
+      };
+      if (timeoutInMs < 2e3) {
+        registerTimeout(0);
+        return 0;
+      }
+      return timing.setTimeout(registerTimeout.bind(null, DEFER_EVENT_LISTENER_TIME), DEFER_EVENT_LISTENER_TIME);
+    };
+  }
+});
+
+// node_modules/@smithy/node-http-handler/dist-es/set-request-timeout.js
+var setRequestTimeout;
+var init_set_request_timeout = __esm({
+  "node_modules/@smithy/node-http-handler/dist-es/set-request-timeout.js"() {
+    init_timing();
+    setRequestTimeout = (req, reject, timeoutInMs = 0, throwOnRequestTimeout, logger) => {
+      if (timeoutInMs) {
+        return timing.setTimeout(() => {
+          let msg = `@smithy/node-http-handler - [${throwOnRequestTimeout ? "ERROR" : "WARN"}] a request has exceeded the configured ${timeoutInMs} ms requestTimeout.`;
+          if (throwOnRequestTimeout) {
+            const error = Object.assign(new Error(msg), {
+              name: "TimeoutError",
+              code: "ETIMEDOUT"
+            });
+            req.destroy(error);
+            reject(error);
+          } else {
+            msg += ` Init client requestHandler with throwOnRequestTimeout=true to turn this into an error.`;
+            logger?.warn?.(msg);
+          }
+        }, timeoutInMs);
+      }
+      return -1;
+    };
+  }
+});
+
+// node_modules/@smithy/node-http-handler/dist-es/set-socket-keep-alive.js
+var DEFER_EVENT_LISTENER_TIME2, setSocketKeepAlive;
+var init_set_socket_keep_alive = __esm({
+  "node_modules/@smithy/node-http-handler/dist-es/set-socket-keep-alive.js"() {
+    init_timing();
+    DEFER_EVENT_LISTENER_TIME2 = 3e3;
+    setSocketKeepAlive = (request, { keepAlive, keepAliveMsecs }, deferTimeMs = DEFER_EVENT_LISTENER_TIME2) => {
+      if (keepAlive !== true) {
+        return -1;
+      }
+      const registerListener = () => {
+        if (request.socket) {
+          request.socket.setKeepAlive(keepAlive, keepAliveMsecs || 0);
+        } else {
+          request.on("socket", (socket) => {
+            socket.setKeepAlive(keepAlive, keepAliveMsecs || 0);
+          });
+        }
+      };
+      if (deferTimeMs === 0) {
+        registerListener();
+        return 0;
+      }
+      return timing.setTimeout(registerListener, deferTimeMs);
+    };
+  }
+});
+
+// node_modules/@smithy/node-http-handler/dist-es/set-socket-timeout.js
+var DEFER_EVENT_LISTENER_TIME3, setSocketTimeout;
+var init_set_socket_timeout = __esm({
+  "node_modules/@smithy/node-http-handler/dist-es/set-socket-timeout.js"() {
+    init_timing();
+    DEFER_EVENT_LISTENER_TIME3 = 3e3;
+    setSocketTimeout = (request, reject, timeoutInMs = 0) => {
+      const registerTimeout = (offset) => {
+        const timeout = timeoutInMs - offset;
+        const onTimeout = () => {
+          request.destroy();
+          reject(Object.assign(new Error(`@smithy/node-http-handler - the request socket timed out after ${timeoutInMs} ms of inactivity (configured by client requestHandler).`), { name: "TimeoutError" }));
+        };
+        if (request.socket) {
+          request.socket.setTimeout(timeout, onTimeout);
+          request.on("close", () => request.socket?.removeListener("timeout", onTimeout));
+        } else {
+          request.setTimeout(timeout, onTimeout);
+        }
+      };
+      if (0 < timeoutInMs && timeoutInMs < 6e3) {
+        registerTimeout(0);
+        return 0;
+      }
+      return timing.setTimeout(registerTimeout.bind(null, timeoutInMs === 0 ? 0 : DEFER_EVENT_LISTENER_TIME3), DEFER_EVENT_LISTENER_TIME3);
+    };
+  }
+});
+async function writeRequestBody(httpRequest, request, maxContinueTimeoutMs = MIN_WAIT_TIME, externalAgent = false) {
+  const headers = request.headers ?? {};
+  const expect = headers.Expect || headers.expect;
+  let timeoutId = -1;
+  let sendBody = true;
+  if (!externalAgent && expect === "100-continue") {
+    sendBody = await Promise.race([
+      new Promise((resolve) => {
+        timeoutId = Number(timing.setTimeout(() => resolve(true), Math.max(MIN_WAIT_TIME, maxContinueTimeoutMs)));
+      }),
+      new Promise((resolve) => {
+        httpRequest.on("continue", () => {
+          timing.clearTimeout(timeoutId);
+          resolve(true);
+        });
+        httpRequest.on("response", () => {
+          timing.clearTimeout(timeoutId);
+          resolve(false);
+        });
+        httpRequest.on("error", () => {
+          timing.clearTimeout(timeoutId);
+          resolve(false);
+        });
+      })
+    ]);
+  }
+  if (sendBody) {
+    writeBody(httpRequest, request.body);
+  }
+}
+function writeBody(httpRequest, body) {
+  if (body instanceof Readable) {
+    body.pipe(httpRequest);
+    return;
+  }
+  if (body) {
+    const isBuffer = Buffer.isBuffer(body);
+    const isString = typeof body === "string";
+    if (isBuffer || isString) {
+      if (isBuffer && body.byteLength === 0) {
+        httpRequest.end();
+      } else {
+        httpRequest.end(body);
+      }
+      return;
+    }
+    const uint8 = body;
+    if (typeof uint8 === "object" && uint8.buffer && typeof uint8.byteOffset === "number" && typeof uint8.byteLength === "number") {
+      httpRequest.end(Buffer.from(uint8.buffer, uint8.byteOffset, uint8.byteLength));
+      return;
+    }
+    httpRequest.end(Buffer.from(body));
+    return;
+  }
+  httpRequest.end();
+}
+var MIN_WAIT_TIME;
+var init_write_request_body = __esm({
+  "node_modules/@smithy/node-http-handler/dist-es/write-request-body.js"() {
+    init_timing();
+    MIN_WAIT_TIME = 6e3;
+  }
+});
+var DEFAULT_REQUEST_TIMEOUT, hAgent, hRequest, NodeHttpHandler;
+var init_node_http_handler = __esm({
+  "node_modules/@smithy/node-http-handler/dist-es/node-http-handler.js"() {
+    init_dist_es();
+    init_dist_es3();
+    init_build_abort_error();
+    init_constants();
+    init_get_transformed_headers();
+    init_set_connection_timeout();
+    init_set_request_timeout();
+    init_set_socket_keep_alive();
+    init_set_socket_timeout();
+    init_timing();
+    init_write_request_body();
+    DEFAULT_REQUEST_TIMEOUT = 0;
+    hAgent = void 0;
+    hRequest = void 0;
+    NodeHttpHandler = class _NodeHttpHandler {
+      config;
+      configProvider;
+      socketWarningTimestamp = 0;
+      externalAgent = false;
+      metadata = { handlerProtocol: "http/1.1" };
+      static create(instanceOrOptions) {
+        if (typeof instanceOrOptions?.handle === "function") {
+          return instanceOrOptions;
+        }
+        return new _NodeHttpHandler(instanceOrOptions);
+      }
+      static checkSocketUsage(agent, socketWarningTimestamp, logger = console) {
+        const { sockets, requests, maxSockets } = agent;
+        if (typeof maxSockets !== "number" || maxSockets === Infinity) {
+          return socketWarningTimestamp;
+        }
+        const interval = 15e3;
+        if (Date.now() - interval < socketWarningTimestamp) {
+          return socketWarningTimestamp;
+        }
+        if (sockets && requests) {
+          for (const origin in sockets) {
+            const socketsInUse = sockets[origin]?.length ?? 0;
+            const requestsEnqueued = requests[origin]?.length ?? 0;
+            if (socketsInUse >= maxSockets && requestsEnqueued >= 2 * maxSockets) {
+              logger?.warn?.(`@smithy/node-http-handler:WARN - socket usage at capacity=${socketsInUse} and ${requestsEnqueued} additional requests are enqueued.
+See https://docs.aws.amazon.com/sdk-for-javascript/v3/developer-guide/node-configuring-maxsockets.html
+or increase socketAcquisitionWarningTimeout=(millis) in the NodeHttpHandler config.`);
+              return Date.now();
+            }
+          }
+        }
+        return socketWarningTimestamp;
+      }
+      constructor(options) {
+        this.configProvider = new Promise((resolve, reject) => {
+          if (typeof options === "function") {
+            options().then((_options) => {
+              resolve(this.resolveDefaultConfig(_options));
+            }).catch(reject);
+          } else {
+            resolve(this.resolveDefaultConfig(options));
+          }
+        });
+      }
+      destroy() {
+        this.config?.httpAgent?.destroy();
+        this.config?.httpsAgent?.destroy();
+      }
+      async handle(request$1, { abortSignal, requestTimeout } = {}) {
+        if (!this.config) {
+          this.config = await this.configProvider;
+        }
+        const config = this.config;
+        const isSSL = request$1.protocol === "https:";
+        if (!isSSL && !this.config.httpAgent) {
+          this.config.httpAgent = await this.config.httpAgentProvider();
+        }
+        return new Promise((_resolve, _reject) => {
+          let writeRequestBodyPromise = void 0;
+          const timeouts = [];
+          const resolve = async (arg) => {
+            await writeRequestBodyPromise;
+            timeouts.forEach(timing.clearTimeout);
+            _resolve(arg);
+          };
+          const reject = async (arg) => {
+            await writeRequestBodyPromise;
+            timeouts.forEach(timing.clearTimeout);
+            _reject(arg);
+          };
+          if (abortSignal?.aborted) {
+            const abortError = buildAbortError(abortSignal);
+            reject(abortError);
+            return;
+          }
+          const headers = request$1.headers ?? {};
+          const expectContinue = (headers.Expect ?? headers.expect) === "100-continue";
+          let agent = isSSL ? config.httpsAgent : config.httpAgent;
+          if (expectContinue && !this.externalAgent) {
+            agent = new (isSSL ? Agent : hAgent)({
+              keepAlive: false,
+              maxSockets: Infinity
+            });
+          }
+          timeouts.push(timing.setTimeout(() => {
+            this.socketWarningTimestamp = _NodeHttpHandler.checkSocketUsage(agent, this.socketWarningTimestamp, config.logger);
+          }, config.socketAcquisitionWarningTimeout ?? (config.requestTimeout ?? 2e3) + (config.connectionTimeout ?? 1e3)));
+          const queryString = buildQueryString(request$1.query || {});
+          let auth = void 0;
+          if (request$1.username != null || request$1.password != null) {
+            const username = request$1.username ?? "";
+            const password = request$1.password ?? "";
+            auth = `${username}:${password}`;
+          }
+          let path2 = request$1.path;
+          if (queryString) {
+            path2 += `?${queryString}`;
+          }
+          if (request$1.fragment) {
+            path2 += `#${request$1.fragment}`;
+          }
+          let hostname = request$1.hostname ?? "";
+          if (hostname[0] === "[" && hostname.endsWith("]")) {
+            hostname = request$1.hostname.slice(1, -1);
+          } else {
+            hostname = request$1.hostname;
+          }
+          const nodeHttpsOptions = {
+            headers: request$1.headers,
+            host: hostname,
+            method: request$1.method,
+            path: path2,
+            port: request$1.port,
+            agent,
+            auth
+          };
+          const requestFunc = isSSL ? request : hRequest;
+          const req = requestFunc(nodeHttpsOptions, (res) => {
+            const httpResponse = new HttpResponse({
+              statusCode: res.statusCode || -1,
+              reason: res.statusMessage,
+              headers: getTransformedHeaders(res.headers),
+              body: res
+            });
+            resolve({ response: httpResponse });
+          });
+          req.on("error", (err) => {
+            if (NODEJS_TIMEOUT_ERROR_CODES.includes(err.code)) {
+              reject(Object.assign(err, { name: "TimeoutError" }));
+            } else {
+              reject(err);
+            }
+          });
+          if (abortSignal) {
+            const onAbort = () => {
+              req.destroy();
+              const abortError = buildAbortError(abortSignal);
+              reject(abortError);
+            };
+            if (typeof abortSignal.addEventListener === "function") {
+              const signal = abortSignal;
+              signal.addEventListener("abort", onAbort, { once: true });
+              req.once("close", () => signal.removeEventListener("abort", onAbort));
+            } else {
+              abortSignal.onabort = onAbort;
+            }
+          }
+          const effectiveRequestTimeout = requestTimeout ?? config.requestTimeout;
+          timeouts.push(setConnectionTimeout(req, reject, config.connectionTimeout));
+          timeouts.push(setRequestTimeout(req, reject, effectiveRequestTimeout, config.throwOnRequestTimeout, config.logger ?? console));
+          timeouts.push(setSocketTimeout(req, reject, config.socketTimeout));
+          const httpAgent = nodeHttpsOptions.agent;
+          if (typeof httpAgent === "object" && "keepAlive" in httpAgent) {
+            timeouts.push(setSocketKeepAlive(req, {
+              keepAlive: httpAgent.keepAlive,
+              keepAliveMsecs: httpAgent.keepAliveMsecs
+            }));
+          }
+          writeRequestBodyPromise = writeRequestBody(req, request$1, effectiveRequestTimeout, this.externalAgent).catch((e) => {
+            timeouts.forEach(timing.clearTimeout);
+            return _reject(e);
+          });
+        });
+      }
+      updateHttpClientConfig(key, value) {
+        this.config = void 0;
+        this.configProvider = this.configProvider.then((config) => {
+          return {
+            ...config,
+            [key]: value
+          };
+        });
+      }
+      httpHandlerConfigs() {
+        return this.config ?? {};
+      }
+      resolveDefaultConfig(options) {
+        const { requestTimeout, connectionTimeout, socketTimeout, socketAcquisitionWarningTimeout, httpAgent, httpsAgent, throwOnRequestTimeout, logger } = options || {};
+        const keepAlive = true;
+        const maxSockets = 50;
+        return {
+          connectionTimeout,
+          requestTimeout,
+          socketTimeout,
+          socketAcquisitionWarningTimeout,
+          throwOnRequestTimeout,
+          httpAgentProvider: async () => {
+            const { Agent, request } = await import('http');
+            hRequest = request;
+            hAgent = Agent;
+            if (httpAgent instanceof hAgent || typeof httpAgent?.destroy === "function") {
+              this.externalAgent = true;
+              return httpAgent;
+            }
+            return new hAgent({ keepAlive, maxSockets, ...httpAgent });
+          },
+          httpsAgent: (() => {
+            if (httpsAgent instanceof Agent || typeof httpsAgent?.destroy === "function") {
+              this.externalAgent = true;
+              return httpsAgent;
+            }
+            return new Agent({ keepAlive, maxSockets, ...httpsAgent });
+          })(),
+          logger
+        };
+      }
+    };
+  }
+});
+
+// node_modules/@smithy/node-http-handler/dist-es/node-http2-connection-pool.js
+var NodeHttp2ConnectionPool;
+var init_node_http2_connection_pool = __esm({
+  "node_modules/@smithy/node-http-handler/dist-es/node-http2-connection-pool.js"() {
+    NodeHttp2ConnectionPool = class {
+      sessions = [];
+      constructor(sessions) {
+        this.sessions = sessions ?? [];
+      }
+      poll() {
+        if (this.sessions.length > 0) {
+          return this.sessions.shift();
+        }
+      }
+      offerLast(session) {
+        this.sessions.push(session);
+      }
+      contains(session) {
+        return this.sessions.includes(session);
+      }
+      remove(session) {
+        this.sessions = this.sessions.filter((s) => s !== session);
+      }
+      [Symbol.iterator]() {
+        return this.sessions[Symbol.iterator]();
+      }
+      destroy(connection) {
+        for (const session of this.sessions) {
+          if (session === connection) {
+            if (!session.destroyed) {
+              session.destroy();
+            }
+          }
+        }
+      }
+    };
+  }
+});
+var NodeHttp2ConnectionManager;
+var init_node_http2_connection_manager = __esm({
+  "node_modules/@smithy/node-http-handler/dist-es/node-http2-connection-manager.js"() {
+    init_node_http2_connection_pool();
+    NodeHttp2ConnectionManager = class {
+      constructor(config) {
+        this.config = config;
+        if (this.config.maxConcurrency && this.config.maxConcurrency <= 0) {
+          throw new RangeError("maxConcurrency must be greater than zero.");
+        }
+      }
+      config;
+      sessionCache = /* @__PURE__ */ new Map();
+      lease(requestContext, connectionConfiguration) {
+        const url = this.getUrlString(requestContext);
+        const existingPool = this.sessionCache.get(url);
+        if (existingPool) {
+          const existingSession = existingPool.poll();
+          if (existingSession && !this.config.disableConcurrency) {
+            return existingSession;
+          }
+        }
+        const session = http2.connect(url);
+        if (this.config.maxConcurrency) {
+          session.settings({ maxConcurrentStreams: this.config.maxConcurrency }, (err) => {
+            if (err) {
+              throw new Error("Fail to set maxConcurrentStreams to " + this.config.maxConcurrency + "when creating new session for " + requestContext.destination.toString());
+            }
+          });
+        }
+        session.unref();
+        const destroySessionCb = () => {
+          session.destroy();
+          this.deleteSession(url, session);
+        };
+        session.on("goaway", destroySessionCb);
+        session.on("error", destroySessionCb);
+        session.on("frameError", destroySessionCb);
+        session.on("close", () => this.deleteSession(url, session));
+        if (connectionConfiguration.requestTimeout) {
+          session.setTimeout(connectionConfiguration.requestTimeout, destroySessionCb);
+        }
+        const connectionPool = this.sessionCache.get(url) || new NodeHttp2ConnectionPool();
+        connectionPool.offerLast(session);
+        this.sessionCache.set(url, connectionPool);
+        return session;
+      }
+      deleteSession(authority, session) {
+        const existingConnectionPool = this.sessionCache.get(authority);
+        if (!existingConnectionPool) {
+          return;
+        }
+        if (!existingConnectionPool.contains(session)) {
+          return;
+        }
+        existingConnectionPool.remove(session);
+        this.sessionCache.set(authority, existingConnectionPool);
+      }
+      release(requestContext, session) {
+        const cacheKey = this.getUrlString(requestContext);
+        this.sessionCache.get(cacheKey)?.offerLast(session);
+      }
+      destroy() {
+        for (const [key, connectionPool] of this.sessionCache) {
+          for (const session of connectionPool) {
+            if (!session.destroyed) {
+              session.destroy();
+            }
+            connectionPool.remove(session);
+          }
+          this.sessionCache.delete(key);
+        }
+      }
+      setMaxConcurrentStreams(maxConcurrentStreams) {
+        if (maxConcurrentStreams && maxConcurrentStreams <= 0) {
+          throw new RangeError("maxConcurrentStreams must be greater than zero.");
+        }
+        this.config.maxConcurrency = maxConcurrentStreams;
+      }
+      setDisableConcurrentStreams(disableConcurrentStreams) {
+        this.config.disableConcurrency = disableConcurrentStreams;
+      }
+      getUrlString(request) {
+        return request.destination.toString();
+      }
+    };
+  }
+});
+var NodeHttp2Handler;
+var init_node_http2_handler = __esm({
+  "node_modules/@smithy/node-http-handler/dist-es/node-http2-handler.js"() {
+    init_dist_es();
+    init_dist_es3();
+    init_build_abort_error();
+    init_get_transformed_headers();
+    init_node_http2_connection_manager();
+    init_write_request_body();
+    NodeHttp2Handler = class _NodeHttp2Handler {
+      config;
+      configProvider;
+      metadata = { handlerProtocol: "h2" };
+      connectionManager = new NodeHttp2ConnectionManager({});
+      static create(instanceOrOptions) {
+        if (typeof instanceOrOptions?.handle === "function") {
+          return instanceOrOptions;
+        }
+        return new _NodeHttp2Handler(instanceOrOptions);
+      }
+      constructor(options) {
+        this.configProvider = new Promise((resolve, reject) => {
+          if (typeof options === "function") {
+            options().then((opts) => {
+              resolve(opts || {});
+            }).catch(reject);
+          } else {
+            resolve(options || {});
+          }
+        });
+      }
+      destroy() {
+        this.connectionManager.destroy();
+      }
+      async handle(request, { abortSignal, requestTimeout } = {}) {
+        if (!this.config) {
+          this.config = await this.configProvider;
+          this.connectionManager.setDisableConcurrentStreams(this.config.disableConcurrentStreams || false);
+          if (this.config.maxConcurrentStreams) {
+            this.connectionManager.setMaxConcurrentStreams(this.config.maxConcurrentStreams);
+          }
+        }
+        const { requestTimeout: configRequestTimeout, disableConcurrentStreams } = this.config;
+        const effectiveRequestTimeout = requestTimeout ?? configRequestTimeout;
+        return new Promise((_resolve, _reject) => {
+          let fulfilled = false;
+          let writeRequestBodyPromise = void 0;
+          const resolve = async (arg) => {
+            await writeRequestBodyPromise;
+            _resolve(arg);
+          };
+          const reject = async (arg) => {
+            await writeRequestBodyPromise;
+            _reject(arg);
+          };
+          if (abortSignal?.aborted) {
+            fulfilled = true;
+            const abortError = buildAbortError(abortSignal);
+            reject(abortError);
+            return;
+          }
+          const { hostname, method, port, protocol, query } = request;
+          let auth = "";
+          if (request.username != null || request.password != null) {
+            const username = request.username ?? "";
+            const password = request.password ?? "";
+            auth = `${username}:${password}@`;
+          }
+          const authority = `${protocol}//${auth}${hostname}${port ? `:${port}` : ""}`;
+          const requestContext = { destination: new URL(authority) };
+          const session = this.connectionManager.lease(requestContext, {
+            requestTimeout: this.config?.sessionTimeout,
+            disableConcurrentStreams: disableConcurrentStreams || false
+          });
+          const rejectWithDestroy = (err) => {
+            if (disableConcurrentStreams) {
+              this.destroySession(session);
+            }
+            fulfilled = true;
+            reject(err);
+          };
+          const queryString = buildQueryString(query || {});
+          let path2 = request.path;
+          if (queryString) {
+            path2 += `?${queryString}`;
+          }
+          if (request.fragment) {
+            path2 += `#${request.fragment}`;
+          }
+          const req = session.request({
+            ...request.headers,
+            [constants.HTTP2_HEADER_PATH]: path2,
+            [constants.HTTP2_HEADER_METHOD]: method
+          });
+          session.ref();
+          req.on("response", (headers) => {
+            const httpResponse = new HttpResponse({
+              statusCode: headers[":status"] || -1,
+              headers: getTransformedHeaders(headers),
+              body: req
+            });
+            fulfilled = true;
+            resolve({ response: httpResponse });
+            if (disableConcurrentStreams) {
+              session.close();
+              this.connectionManager.deleteSession(authority, session);
+            }
+          });
+          if (effectiveRequestTimeout) {
+            req.setTimeout(effectiveRequestTimeout, () => {
+              req.close();
+              const timeoutError = new Error(`Stream timed out because of no activity for ${effectiveRequestTimeout} ms`);
+              timeoutError.name = "TimeoutError";
+              rejectWithDestroy(timeoutError);
+            });
+          }
+          if (abortSignal) {
+            const onAbort = () => {
+              req.close();
+              const abortError = buildAbortError(abortSignal);
+              rejectWithDestroy(abortError);
+            };
+            if (typeof abortSignal.addEventListener === "function") {
+              const signal = abortSignal;
+              signal.addEventListener("abort", onAbort, { once: true });
+              req.once("close", () => signal.removeEventListener("abort", onAbort));
+            } else {
+              abortSignal.onabort = onAbort;
+            }
+          }
+          req.on("frameError", (type, code, id) => {
+            rejectWithDestroy(new Error(`Frame type id ${type} in stream id ${id} has failed with code ${code}.`));
+          });
+          req.on("error", rejectWithDestroy);
+          req.on("aborted", () => {
+            rejectWithDestroy(new Error(`HTTP/2 stream is abnormally aborted in mid-communication with result code ${req.rstCode}.`));
+          });
+          req.on("close", () => {
+            session.unref();
+            if (disableConcurrentStreams) {
+              session.destroy();
+            }
+            if (!fulfilled) {
+              rejectWithDestroy(new Error("Unexpected error: http2 request did not get a response"));
+            }
+          });
+          writeRequestBodyPromise = writeRequestBody(req, request, effectiveRequestTimeout);
+        });
+      }
+      updateHttpClientConfig(key, value) {
+        this.config = void 0;
+        this.configProvider = this.configProvider.then((config) => {
+          return {
+            ...config,
+            [key]: value
+          };
+        });
+      }
+      httpHandlerConfigs() {
+        return this.config ?? {};
+      }
+      destroySession(session) {
+        if (!session.destroyed) {
+          session.destroy();
+        }
+      }
+    };
+  }
+});
+var Collector;
+var init_collector = __esm({
+  "node_modules/@smithy/node-http-handler/dist-es/stream-collector/collector.js"() {
+    Collector = class extends Writable {
+      bufferedBytes = [];
+      _write(chunk, encoding, callback) {
+        this.bufferedBytes.push(chunk);
+        callback();
+      }
+    };
+  }
+});
+
+// node_modules/@smithy/node-http-handler/dist-es/stream-collector/index.js
+async function collectReadableStream(stream) {
+  const chunks = [];
+  const reader = stream.getReader();
+  let isDone = false;
+  let length = 0;
+  while (!isDone) {
+    const { done, value } = await reader.read();
+    if (value) {
+      chunks.push(value);
+      length += value.length;
+    }
+    isDone = done;
+  }
+  const collected = new Uint8Array(length);
+  let offset = 0;
+  for (const chunk of chunks) {
+    collected.set(chunk, offset);
+    offset += chunk.length;
+  }
+  return collected;
+}
+var streamCollector, isReadableStreamInstance;
+var init_stream_collector = __esm({
+  "node_modules/@smithy/node-http-handler/dist-es/stream-collector/index.js"() {
+    init_collector();
+    streamCollector = (stream) => {
+      if (isReadableStreamInstance(stream)) {
+        return collectReadableStream(stream);
+      }
+      return new Promise((resolve, reject) => {
+        const collector = new Collector();
+        stream.pipe(collector);
+        stream.on("error", (err) => {
+          collector.end();
+          reject(err);
+        });
+        collector.on("error", reject);
+        collector.on("finish", function() {
+          const bytes = new Uint8Array(Buffer.concat(this.bufferedBytes));
+          resolve(bytes);
+        });
+      });
+    };
+    isReadableStreamInstance = (stream) => typeof ReadableStream === "function" && stream instanceof ReadableStream;
+  }
+});
+
+// node_modules/@smithy/node-http-handler/dist-es/index.js
+var dist_es_exports = {};
+__export(dist_es_exports, {
+  DEFAULT_REQUEST_TIMEOUT: () => DEFAULT_REQUEST_TIMEOUT,
+  NodeHttp2Handler: () => NodeHttp2Handler,
+  NodeHttpHandler: () => NodeHttpHandler,
+  streamCollector: () => streamCollector
+});
+var init_dist_es4 = __esm({
+  "node_modules/@smithy/node-http-handler/dist-es/index.js"() {
+    init_node_http_handler();
+    init_node_http2_handler();
+    init_stream_collector();
+  }
+});
 
 // src/registry/validator.ts
 var ConfigValidationError = class extends Error {
@@ -377,10 +1373,7 @@ function checkboxToZod(field) {
   return schema;
 }
 function dateToZod(field) {
-  let schema = z.string().refine(
-    (val) => !isNaN(Date.parse(val)),
-    "Invalid date format"
-  );
+  let schema = z.string().refine((val) => !isNaN(Date.parse(val)), "Invalid date format");
   if (field.minDate) {
     schema = schema.refine(
       (val) => new Date(val) >= new Date(field.minDate),
@@ -438,19 +1431,28 @@ function radioToZod(field) {
 }
 function colorToZod(field) {
   let schema = z.string();
-  if (field.format === "hex") schema = schema.regex(/^#[0-9A-Fa-f]{6}$/);
-  if (field.format === "rgb") schema = schema.regex(/^rgb\(\s*\d{1,3}\s*,\s*\d{1,3}\s*,\s*\d{1,3}\s*\)$/);
-  if (field.format === "hsl") schema = schema.regex(/^hsl\(\s*\d{1,3}\s*,\s*\d{1,3}%\s*,\s*\d{1,3}%\s*\)$/);
+  if (field.format === "hex")
+    schema = schema.regex(/^#[0-9A-Fa-f]{6}$/);
+  if (field.format === "rgb")
+    schema = schema.regex(
+      /^rgb\(\s*\d{1,3}\s*,\s*\d{1,3}\s*,\s*\d{1,3}\s*\)$/
+    );
+  if (field.format === "hsl")
+    schema = schema.regex(
+      /^hsl\(\s*\d{1,3}\s*,\s*\d{1,3}%\s*,\s*\d{1,3}%\s*\)$/
+    );
   if (!field.required) schema = schema.optional();
   if (field.validate) schema = addCustomValidation(schema, field.validate);
   return schema;
 }
 function richTextToZod(field) {
-  let schema = z.array(z.object({
-    type: z.string(),
-    data: z.record(z.any()),
-    children: z.array(z.any()).optional()
-  }));
+  let schema = z.array(
+    z.object({
+      type: z.string(),
+      data: z.record(z.any()),
+      children: z.array(z.any()).optional()
+    })
+  );
   if (!field.required) schema = schema.optional();
   if (field.validate) schema = addCustomValidation(schema, field.validate);
   return schema;
@@ -516,7 +1518,8 @@ function groupToZod(field) {
   return schema;
 }
 function blocksToZod(field) {
-  const blockSchemas = field.blocks.map((block) => {
+  const blocks = field.blocks || [];
+  const blockSchemas = blocks.map((block) => {
     return z.object({
       blockType: z.literal(block.slug),
       ...Object.fromEntries(
@@ -524,7 +1527,9 @@ function blocksToZod(field) {
       )
     });
   });
-  let schema = z.array(z.discriminatedUnion("blockType", blockSchemas));
+  let schema = z.array(
+    z.discriminatedUnion("blockType", blockSchemas)
+  );
   if (field.minRows) schema = schema.min(field.minRows);
   if (field.maxRows) schema = schema.max(field.maxRows);
   if (!field.required) schema = schema.optional();
@@ -984,6 +1989,7 @@ var Kyro = class {
   registry;
   db;
   pubsub;
+  settings;
   wsServer;
   config;
   constructor(config) {
@@ -1005,7 +2011,10 @@ var Kyro = class {
   }
   async init() {
     await this.registry.init();
-    await this.db.init(this.registry.getCollections(), this.registry.getGlobals());
+    await this.db.init(
+      this.registry.getCollections(),
+      this.registry.getGlobals()
+    );
     this.pubsub.autoRegisterHooks();
     console.log("\u2705 Kyro CMS initialized");
     console.log(`   Collections: ${this.registry.getCollections().length}`);
@@ -1014,19 +2023,37 @@ var Kyro = class {
   // ============================================================================
   // API Methods
   // ============================================================================
+  // Load settings from globals if not already loaded
+  async loadSettings() {
+    if (this.settings) return this.settings;
+    try {
+      const accessSettings = await this.db.findOne({
+        collection: "_globals",
+        where: { slug: "access-settings" }
+      });
+      if (accessSettings) {
+        this.settings = accessSettings.data;
+      }
+    } catch (e) {
+      console.log("\u26A0\uFE0F No access-settings found, using defaults");
+    }
+    return this.settings || {};
+  }
   getREST(options) {
     return createHonoApp({
       registry: this.registry,
       db: this.db,
       ...options,
-      cors: this.config.cors
+      cors: this.config.cors,
+      settings: this.settings
     });
   }
   getGraphQL(options) {
     return buildGraphQLSchema({
       registry: this.registry,
       db: this.db,
-      ...options
+      ...options,
+      settings: this.settings
     });
   }
   getTRPC(options) {
@@ -1034,14 +2061,20 @@ var Kyro = class {
       registry: this.registry,
       db: this.db,
       req: options?.req || { headers: {} },
-      ...options
+      ...options,
+      settings: this.settings
     });
   }
   async startWebSocket(options) {
+    const apiAccess = this.settings?.access?.apiAccess;
+    if (apiAccess?.websocketEnabled === false) {
+      console.log("\u26A0\uFE0F WebSocket is disabled in settings");
+      return null;
+    }
     this.wsServer = createWSServer({
       pubsub: this.pubsub,
       port: options?.port || 8080,
-      requireAuth: options?.requireAuth,
+      requireAuth: options?.requireAuth ?? apiAccess?.requireAuth,
       verifyToken: options?.verifyToken
     });
     console.log(`\u{1F50C} WebSocket server started on port ${options?.port || 8080}`);
@@ -1084,6 +2117,9 @@ function isBlocksField(field) {
 function isUploadField(field) {
   return field.type === "upload";
 }
+function isImageField(field) {
+  return field.type === "image";
+}
 function isRichTextField(field) {
   return field.type === "richtext";
 }
@@ -1110,6 +2146,7 @@ var COMPLEX_FIELD_TYPES = [
   "json",
   "code",
   "upload",
+  "image",
   "markdown"
 ];
 var RELATIONAL_FIELD_TYPES = [
@@ -1118,11 +2155,7 @@ var RELATIONAL_FIELD_TYPES = [
   "group",
   "blocks"
 ];
-var LAYOUT_FIELD_TYPES = [
-  "row",
-  "collapsible",
-  "tabs"
-];
+var LAYOUT_FIELD_TYPES = ["row", "collapsible", "tabs"];
 var ALL_FIELD_TYPES = [
   ...PRIMITIVE_FIELD_TYPES,
   ...COMPLEX_FIELD_TYPES,
@@ -1130,41 +2163,449 @@ var ALL_FIELD_TYPES = [
   ...LAYOUT_FIELD_TYPES
 ];
 
-// src/hooks/types.ts
-async function runHooks(hooks, args) {
-  let result = args.data;
-  for (const hook of hooks) {
-    const hookResult = await hook({
-      ...args,
-      data: result
-    });
-    if (hookResult !== void 0) {
-      result = hookResult;
-    }
-  }
-  return result;
+// src/fields/richtext.ts
+var MIN_COLUMNS = 1;
+var MAX_COLUMNS = 6;
+var richTextStyles = `
+.kyro-richtext {
+  color: inherit;
+  line-height: 1.7;
 }
-async function runFieldHooks(hooks, args) {
-  return runHooks(hooks, args);
+
+.kyro-richtext > *:first-child {
+  margin-top: 0;
 }
 
-// src/database/local/adapter.ts
-var LocalAdapter = class extends AbstractBaseAdapter {
-  db;
-  path;
-  migrations = /* @__PURE__ */ new Map();
-  constructor(options) {
-    super();
-    this.path = options.path;
-    if (options.db) {
-      this.db = options.db;
-    } else {
-      this.db = null;
-    }
-  }
-  async connect() {
-    if (!this.db) {
-      const Database = (await import('better-sqlite3')).default;
+.kyro-richtext > *:last-child {
+  margin-bottom: 0;
+}
+
+.kyro-richtext p,
+.kyro-richtext ul,
+.kyro-richtext ol,
+.kyro-richtext blockquote,
+.kyro-richtext pre,
+.kyro-richtext kyro-callout,
+.kyro-richtext kyro-hero,
+.kyro-richtext kyro-heading,
+.kyro-richtext kyro-stack,
+.kyro-richtext kyro-columns {
+  margin: 0 0 1rem;
+}
+
+.kyro-richtext h1,
+.kyro-richtext h2,
+.kyro-richtext h3,
+.kyro-richtext h4,
+.kyro-richtext h5,
+.kyro-richtext h6 {
+  margin: 0 0 0.75rem;
+  line-height: 1.2;
+}
+
+.kyro-richtext ul,
+.kyro-richtext ol {
+  padding-left: 1.5rem;
+}
+
+.kyro-richtext blockquote {
+  border-left: 4px solid rgba(148, 163, 184, 0.5);
+  margin-left: 0;
+  padding-left: 1rem;
+  font-style: italic;
+}
+
+.kyro-richtext pre {
+  overflow-x: auto;
+  border-radius: 0.75rem;
+  background: rgba(15, 23, 42, 0.92);
+  color: #f8fafc;
+  padding: 1rem;
+}
+
+.kyro-richtext code {
+  font-family: ui-monospace, SFMono-Regular, Menlo, monospace;
+}
+
+.kyro-richtext img {
+  display: block;
+  max-width: 100%;
+  height: auto;
+  border-radius: 0.75rem;
+}
+
+.kyro-richtext kyro-columns {
+  display: grid;
+  grid-template-columns: repeat(var(--kyro-columns-count, 1), minmax(0, 1fr));
+  gap: 1rem;
+}
+
+.kyro-richtext kyro-column {
+  display: block;
+  min-width: 0;
+}
+
+.kyro-richtext kyro-column > *:last-child {
+  margin-bottom: 0;
+}
+
+.kyro-richtext kyro-hero,
+.kyro-richtext kyro-callout,
+.kyro-richtext kyro-stack,
+.kyro-richtext kyro-heading {
+  display: block;
+}
+
+.kyro-richtext kyro-hero {
+  border: 1px solid rgba(148, 163, 184, 0.25);
+  border-radius: 1rem;
+  padding: 1.5rem;
+  text-align: center;
+  background: linear-gradient(to bottom, rgba(148, 163, 184, 0.12), transparent);
+}
+
+.kyro-richtext kyro-heading {
+  font-size: 1.125rem;
+  font-weight: 700;
+}
+
+.kyro-richtext kyro-callout {
+  border: 1px solid rgba(59, 130, 246, 0.25);
+  border-radius: 0.875rem;
+  padding: 0.875rem 1rem;
+  background: rgba(59, 130, 246, 0.06);
+}
+
+@media (max-width: 720px) {
+  .kyro-richtext kyro-columns {
+    grid-template-columns: 1fr;
+  }
+}
+`.trim();
+function createEmptyParagraphNode() {
+  return {
+    type: "paragraph",
+    content: []
+  };
+}
+function createColumnNode(content = [createEmptyParagraphNode()]) {
+  return {
+    type: "kyroColumn",
+    content: content.length > 0 ? content : [createEmptyParagraphNode()]
+  };
+}
+function createColumnsNode(columns = 2) {
+  const count = clampColumns(columns);
+  return {
+    type: "kyroColumns",
+    attrs: { columns: count },
+    content: Array.from({ length: count }, () => createColumnNode())
+  };
+}
+function normalizeRichTextDocument(value) {
+  const documentNode = toRichTextDocument(value);
+  return {
+    type: "doc",
+    content: normalizeNodes(documentNode.content)
+  };
+}
+function normalizeRichTextValue(value) {
+  if (Array.isArray(value)) {
+    return normalizeRichTextDocument(value).content;
+  }
+  if (isObject(value) && value.type === "doc") {
+    return normalizeRichTextDocument(value);
+  }
+  return value;
+}
+function renderRichText(value) {
+  if (typeof value === "string") {
+    return `<div class="kyro-richtext">${value}</div>`;
+  }
+  const documentNode = normalizeRichTextDocument(value);
+  return `<div class="kyro-richtext">${renderNodes(documentNode.content)}</div>`;
+}
+function toRichTextDocument(value) {
+  if (Array.isArray(value)) {
+    return {
+      type: "doc",
+      content: normalizeNodes(value)
+    };
+  }
+  if (isObject(value) && value.type === "doc") {
+    const doc = value;
+    return {
+      type: "doc",
+      content: normalizeNodes(doc.content ?? [])
+    };
+  }
+  return {
+    type: "doc",
+    content: []
+  };
+}
+function normalizeNodes(nodes) {
+  return nodes.filter((node) => isObject(node) && typeof node.type === "string").map((node) => normalizeNode(node));
+}
+function normalizeNode(node) {
+  if (node.type === "kyroColumns") {
+    return normalizeColumnsNode(node);
+  }
+  if (node.type === "kyroColumn") {
+    const normalizedContent = normalizeNodes(
+      Array.isArray(node.content) ? node.content : []
+    ).filter((child) => child.type !== "kyroColumns");
+    return {
+      ...node,
+      content: normalizedContent.length > 0 ? normalizedContent : [createEmptyParagraphNode()]
+    };
+  }
+  if (Array.isArray(node.content)) {
+    return {
+      ...node,
+      content: normalizeNodes(node.content)
+    };
+  }
+  return {
+    ...node
+  };
+}
+function normalizeColumnsNode(node) {
+  const rawChildren = Array.isArray(node.content) ? node.content : [];
+  const hasStructuredColumns = rawChildren.every((child) => child?.type === "kyroColumn");
+  const targetColumns = clampColumns(
+    typeof node.attrs?.columns === "number" ? node.attrs.columns : hasStructuredColumns && rawChildren.length > 0 ? rawChildren.length : 2
+  );
+  const content = hasStructuredColumns ? normalizeStructuredColumns(rawChildren, targetColumns) : normalizeLegacyColumns(rawChildren, targetColumns);
+  return {
+    ...node,
+    attrs: {
+      ...node.attrs ?? {},
+      columns: content.length
+    },
+    content
+  };
+}
+function normalizeStructuredColumns(columns, targetColumns) {
+  const normalized = columns.slice(0, MAX_COLUMNS).map((column) => normalizeNode(column)).filter((column) => column.type === "kyroColumn");
+  if (normalized.length === 0) {
+    return Array.from({ length: targetColumns }, () => createColumnNode());
+  }
+  if (normalized.length > targetColumns) {
+    const kept = normalized.slice(0, targetColumns);
+    const extras = normalized.slice(targetColumns);
+    const mergedTail = extras.flatMap(
+      (column) => normalizeColumnChildren(column.content)
+    );
+    const lastIndex = kept.length - 1;
+    kept[lastIndex] = createColumnNode([
+      ...normalizeColumnChildren(kept[lastIndex].content),
+      ...mergedTail
+    ]);
+    return kept;
+  }
+  if (normalized.length < targetColumns) {
+    return [
+      ...normalized,
+      ...Array.from(
+        { length: targetColumns - normalized.length },
+        () => createColumnNode()
+      )
+    ];
+  }
+  return normalized;
+}
+function normalizeLegacyColumns(blocks, targetColumns) {
+  const normalizedBlocks = normalizeNodes(blocks);
+  return Array.from({ length: targetColumns }, (_, index) => {
+    if (index < targetColumns - 1) {
+      const block = normalizedBlocks[index];
+      return block ? createColumnNode([block]) : createColumnNode();
+    }
+    const tail = normalizedBlocks.slice(index);
+    return createColumnNode(tail.length > 0 ? tail : [createEmptyParagraphNode()]);
+  });
+}
+function normalizeColumnChildren(content) {
+  const children = Array.isArray(content) ? normalizeNodes(content) : [];
+  const filtered = children.filter((child) => child.type !== "kyroColumns");
+  return filtered.length > 0 ? filtered : [createEmptyParagraphNode()];
+}
+function renderNodes(nodes) {
+  return nodes.map((node) => renderNode(node)).join("");
+}
+function renderNode(node) {
+  switch (node.type) {
+    case "paragraph":
+      return `<p>${renderInlineContent(node.content)}</p>`;
+    case "text":
+      return renderTextNode(node);
+    case "heading": {
+      const level = clampHeadingLevel(node.attrs?.level);
+      return `<h${level}>${renderInlineContent(node.content)}</h${level}>`;
+    }
+    case "bulletList":
+      return `<ul>${renderNodes(node.content ?? [])}</ul>`;
+    case "orderedList":
+      return `<ol>${renderNodes(node.content ?? [])}</ol>`;
+    case "listItem":
+      return `<li>${renderNodes(node.content ?? [])}</li>`;
+    case "blockquote":
+      return `<blockquote>${renderNodes(node.content ?? [])}</blockquote>`;
+    case "codeBlock":
+      return `<pre><code>${escapeHtml(extractText(node.content ?? []))}</code></pre>`;
+    case "horizontalRule":
+      return "<hr />";
+    case "hardBreak":
+      return "<br />";
+    case "image":
+      return renderImageNode(node);
+    case "kyroColumns": {
+      const columns = clampColumns(
+        Array.isArray(node.content) ? node.content.length : 1
+      );
+      return `<kyro-columns data-columns="${columns}" style="--kyro-columns-count:${columns}">${renderNodes(node.content ?? [])}</kyro-columns>`;
+    }
+    case "kyroColumn":
+      return `<kyro-column>${renderNodes(node.content ?? [])}</kyro-column>`;
+    case "kyroHero":
+      return `<kyro-hero>${renderInlineContent(node.content)}</kyro-hero>`;
+    case "kyroHeading":
+      return `<kyro-heading>${renderInlineContent(node.content)}</kyro-heading>`;
+    case "kyroDivider":
+      return '<hr class="kyro-divider" />';
+    case "kyroCallout":
+      return `<kyro-callout>${renderInlineContent(node.content)}</kyro-callout>`;
+    case "kyroStack":
+      return `<kyro-stack>${renderNodes(node.content ?? [])}</kyro-stack>`;
+    case "kyroImage":
+      return renderCustomMediaNode("kyro-image", node);
+    case "kyroVideo":
+      return renderCustomMediaNode("kyro-video", node);
+    default:
+      return renderNodes(node.content ?? []);
+  }
+}
+function renderInlineContent(content) {
+  const nodes = content ?? [];
+  if (nodes.length === 0) {
+    return "<br />";
+  }
+  return nodes.map((node) => renderNode(node)).join("");
+}
+function renderTextNode(node) {
+  const text = typeof node.text === "string" ? escapeHtml(node.text) : "";
+  return (node.marks ?? []).reduce((acc, mark) => applyMark(acc, mark), text);
+}
+function renderImageNode(node) {
+  const src = typeof node.attrs?.src === "string" ? node.attrs.src : "";
+  if (!src) {
+    return "";
+  }
+  const alt = typeof node.attrs?.alt === "string" ? node.attrs.alt : "";
+  return `<img src="${escapeAttribute(src)}" alt="${escapeAttribute(alt)}" />`;
+}
+function renderCustomMediaNode(tagName, node) {
+  const attrs = renderAttributes(node.attrs);
+  return `<${tagName}${attrs}></${tagName}>`;
+}
+function renderAttributes(attrs, keysToSkip = []) {
+  if (!attrs) {
+    return "";
+  }
+  const entries = Object.entries(attrs).filter(([key, value]) => !keysToSkip.includes(key) && value !== void 0 && value !== null).map(([key, value]) => `${key}="${escapeAttribute(String(value))}"`);
+  return entries.length > 0 ? ` ${entries.join(" ")}` : "";
+}
+function applyMark(content, mark) {
+  switch (mark.type) {
+    case "bold":
+      return `<strong>${content}</strong>`;
+    case "italic":
+      return `<em>${content}</em>`;
+    case "underline":
+      return `<u>${content}</u>`;
+    case "strike":
+      return `<s>${content}</s>`;
+    case "code":
+      return `<code>${content}</code>`;
+    case "link": {
+      const href = typeof mark.attrs?.href === "string" ? escapeAttribute(mark.attrs.href) : "#";
+      return `<a href="${href}" target="_blank" rel="noopener noreferrer">${content}</a>`;
+    }
+    default:
+      return content;
+  }
+}
+function extractText(nodes) {
+  return nodes.map((node) => {
+    if (node.type === "text") {
+      return typeof node.text === "string" ? node.text : "";
+    }
+    if (node.type === "hardBreak") {
+      return "\n";
+    }
+    return extractText(node.content ?? []);
+  }).join("");
+}
+function clampColumns(value) {
+  const numericValue = typeof value === "number" ? value : Number(value);
+  if (!Number.isFinite(numericValue)) {
+    return 2;
+  }
+  return Math.max(MIN_COLUMNS, Math.min(MAX_COLUMNS, Math.round(numericValue)));
+}
+function clampHeadingLevel(level) {
+  const numericLevel = typeof level === "number" ? level : Number(level);
+  if (!Number.isFinite(numericLevel)) {
+    return 2;
+  }
+  return Math.max(1, Math.min(6, Math.round(numericLevel)));
+}
+function escapeHtml(value) {
+  return value.replaceAll("&", "&amp;").replaceAll("<", "&lt;").replaceAll(">", "&gt;");
+}
+function escapeAttribute(value) {
+  return escapeHtml(value).replaceAll('"', "&quot;");
+}
+function isObject(value) {
+  return typeof value === "object" && value !== null;
+}
+
+// src/hooks/types.ts
+async function runHooks(hooks, args) {
+  let result = args.data;
+  for (const hook of hooks) {
+    const hookResult = await hook({
+      ...args,
+      data: result
+    });
+    if (hookResult !== void 0) {
+      result = hookResult;
+    }
+  }
+  return result;
+}
+async function runFieldHooks(hooks, args) {
+  return runHooks(hooks, args);
+}
+
+// src/database/local/adapter.ts
+var LocalAdapter = class extends AbstractBaseAdapter {
+  db;
+  path;
+  migrations = /* @__PURE__ */ new Map();
+  constructor(options) {
+    super();
+    this.path = options.path;
+    if (options.db) {
+      this.db = options.db;
+    } else {
+      this.db = null;
+    }
+  }
+  async connect() {
+    if (!this.db) {
+      const Database = (await import('better-sqlite3')).default;
       this.db = new Database(this.path || ":memory:");
     }
     this.db.pragma("journal_mode = WAL");
@@ -1649,9 +3090,19 @@ var SEOPLugin = class extends KyroPlugin {
       slug: "seo-settings",
       label: "SEO Settings",
       fields: [
-        { name: "sitemap", type: "checkbox", label: "Enable Sitemap", defaultValue: true },
-        { name: "robotsTxt", type: "textarea", label: "robots.txt Content" },
-        { name: "canonicalUrl", type: "text", variant: "url", label: "Canonical URL" },
+        {
+          name: "sitemap",
+          type: "checkbox",
+          label: "Enable Sitemap",
+          defaultValue: true
+        },
+        { name: "robotsTxt", type: "richtext", label: "robots.txt Content" },
+        {
+          name: "canonicalUrl",
+          type: "text",
+          variant: "url",
+          label: "Canonical URL"
+        },
         { name: "ogImage", type: "text", label: "Default OG Image URL" }
       ]
     });
@@ -1683,7 +3134,7 @@ var CommentsPlugin = class extends KyroPlugin {
       slug: "comments",
       label: "Comments",
       fields: [
-        { name: "content", type: "textarea", required: true },
+        { name: "content", type: "richtext", required: true },
         { name: "author", type: "text", required: true },
         { name: "email", type: "email" },
         { name: "approved", type: "checkbox", defaultValue: false },
@@ -1705,12 +3156,22 @@ var ReviewsPlugin = class extends KyroPlugin {
       fields: [
         { name: "rating", type: "number", required: true, min: 1, max: 5 },
         { name: "title", type: "text" },
-        { name: "content", type: "textarea", required: true },
+        { name: "content", type: "richtext", required: true },
         { name: "author", type: "relationship", relationTo: "customers" },
-        { name: "product", type: "relationship", relationTo: "products", required: true },
+        {
+          name: "product",
+          type: "relationship",
+          relationTo: "products",
+          required: true
+        },
         { name: "approved", type: "checkbox", defaultValue: false },
         { name: "verified", type: "checkbox", label: "Verified Purchase" },
-        { name: "helpful", type: "number", label: "Helpful Count", defaultValue: 0 }
+        {
+          name: "helpful",
+          type: "number",
+          label: "Helpful Count",
+          defaultValue: 0
+        }
       ]
     });
     this.adminComponents["ReviewModeration"] = {};
@@ -1724,24 +3185,47 @@ var WishlistPlugin = class extends KyroPlugin {
       slug: "wishlists",
       label: "Wishlists",
       fields: [
-        { name: "customer", type: "relationship", relationTo: "customers", required: true },
-        { name: "name", type: "text", label: "Wishlist Name", defaultValue: "My Wishlist" },
-        { name: "items", type: "blocks", label: "Items", blocks: [
-          {
-            slug: "wishlist-item",
-            label: "Item",
-            fields: [
-              { name: "product", type: "relationship", relationTo: "products" },
-              { name: "quantity", type: "number", defaultValue: 1 },
-              { name: "addedAt", type: "date" },
-              { name: "priority", type: "select", options: [
-                { label: "Low", value: "low" },
-                { label: "Medium", value: "medium" },
-                { label: "High", value: "high" }
-              ] }
-            ]
-          }
-        ] }
+        {
+          name: "customer",
+          type: "relationship",
+          relationTo: "customers",
+          required: true
+        },
+        {
+          name: "name",
+          type: "text",
+          label: "Wishlist Name",
+          defaultValue: "My Wishlist"
+        },
+        {
+          name: "items",
+          type: "blocks",
+          label: "Items",
+          blocks: [
+            {
+              slug: "wishlist-item",
+              label: "Item",
+              fields: [
+                {
+                  name: "product",
+                  type: "relationship",
+                  relationTo: "products"
+                },
+                { name: "quantity", type: "number", defaultValue: 1 },
+                { name: "addedAt", type: "date" },
+                {
+                  name: "priority",
+                  type: "select",
+                  options: [
+                    { label: "Low", value: "low" },
+                    { label: "Medium", value: "medium" },
+                    { label: "High", value: "high" }
+                  ]
+                }
+              ]
+            }
+          ]
+        }
       ]
     });
   }
@@ -1754,253 +3238,6 @@ var presetPlugins = {
   Wishlist: WishlistPlugin
 };
 
-// src/styling/index.ts
-var CSSGenerator = class {
-  constructor(config) {
-    this.config = config;
-  }
-  config;
-  css = [];
-  addRule(selector, properties) {
-    const props = Object.entries(properties).map(([k, v]) => `  ${k}: ${v};`).join("\n");
-    this.css.push(`${selector} {
-${props}
-}`);
-    return this;
-  }
-  addMediaQuery(breakpoint, rules) {
-    this.css.push(`@media (min-width: ${breakpoint}) {
-  ${rules.join("\n  ")}
-}`);
-    return this;
-  }
-  generate() {
-    return this.css.join("\n\n");
-  }
-};
-function generateTailwindConfig(theme) {
-  return {
-    theme: {
-      extend: {
-        colors: theme.colors || {},
-        fontFamily: theme.fonts || {},
-        spacing: theme.spacing || {},
-        borderRadius: theme.borderRadius || {},
-        boxShadow: theme.shadows || {},
-        screens: theme.breakpoints || {}
-      }
-    }
-  };
-}
-var defaultLightTheme = {
-  colors: {
-    primary: "#3b82f6",
-    secondary: "#6366f1",
-    accent: "#ec4899",
-    background: "#ffffff",
-    surface: "#f9fafb",
-    text: "#111827",
-    textMuted: "#6b7280",
-    border: "#e5e7eb",
-    error: "#ef4444",
-    warning: "#f59e0b",
-    success: "#10b981",
-    info: "#3b82f6"
-  },
-  fonts: {
-    sans: "system-ui, -apple-system, sans-serif",
-    serif: "Georgia, serif",
-    mono: "Menlo, monospace"
-  },
-  spacing: {
-    xs: "0.25rem",
-    sm: "0.5rem",
-    md: "1rem",
-    lg: "1.5rem",
-    xl: "2rem",
-    "2xl": "3rem",
-    "3xl": "4rem"
-  },
-  borderRadius: {
-    sm: "0.125rem",
-    md: "0.375rem",
-    lg: "0.5rem",
-    xl: "0.75rem",
-    full: "9999px"
-  },
-  shadows: {
-    sm: "0 1px 2px 0 rgb(0 0 0 / 0.05)",
-    md: "0 4px 6px -1px rgb(0 0 0 / 0.1)",
-    lg: "0 10px 15px -3px rgb(0 0 0 / 0.1)",
-    xl: "0 20px 25px -5px rgb(0 0 0 / 0.1)"
-  }
-};
-var defaultDarkTheme = {
-  colors: {
-    primary: "#60a5fa",
-    secondary: "#818cf8",
-    accent: "#f472b6",
-    background: "#111827",
-    surface: "#1f2937",
-    text: "#f9fafb",
-    textMuted: "#9ca3af",
-    border: "#374151",
-    error: "#f87171",
-    warning: "#fbbf24",
-    success: "#34d399",
-    info: "#60a5fa"
-  },
-  fonts: defaultLightTheme.fonts,
-  spacing: defaultLightTheme.spacing,
-  borderRadius: defaultLightTheme.borderRadius,
-  shadows: {
-    sm: "0 1px 2px 0 rgb(0 0 0 / 0.3)",
-    md: "0 4px 6px -1px rgb(0 0 0 / 0.4)",
-    lg: "0 10px 15px -3px rgb(0 0 0 / 0.5)",
-    xl: "0 20px 25px -5px rgb(0 0 0 / 0.6)"
-  }
-};
-var ecommerce2026Theme = {
-  colors: {
-    primary: "#FF6B35",
-    secondary: "#1A1A2E",
-    accent: "#16C79A",
-    background: "#FFFFFF",
-    surface: "#F8F9FA",
-    text: "#1A1A2E",
-    textMuted: "#6B7280",
-    border: "#E5E7EB",
-    error: "#EF4444",
-    warning: "#F59E0B",
-    success: "#16C79A",
-    info: "#3B82F6"
-  },
-  fonts: {
-    sans: '"Inter", "Satoshi", system-ui, sans-serif',
-    serif: '"Playfair Display", Georgia, serif',
-    mono: '"JetBrains Mono", monospace'
-  },
-  spacing: {
-    xs: "0.125rem",
-    sm: "0.25rem",
-    md: "0.5rem",
-    lg: "1rem",
-    xl: "1.5rem",
-    "2xl": "2rem",
-    "3xl": "3rem",
-    "4xl": "4rem"
-  },
-  borderRadius: {
-    sm: "0",
-    md: "0",
-    lg: "0",
-    xl: "0",
-    full: "9999px"
-  },
-  shadows: {
-    sm: "0 1px 2px rgba(0,0,0,0.05)",
-    md: "0 4px 6px rgba(0,0,0,0.07)",
-    lg: "0 10px 15px rgba(0,0,0,0.1)",
-    xl: "0 20px 25px rgba(0,0,0,0.15)"
-  }
-};
-function generateCSSVariables(theme) {
-  const variables = [];
-  if (theme.colors) {
-    for (const [key, value] of Object.entries(theme.colors)) {
-      variables.push(`  --color-${key}: ${value};`);
-    }
-  }
-  if (theme.fonts) {
-    for (const [key, value] of Object.entries(theme.fonts)) {
-      variables.push(`  --font-${key}: ${value};`);
-    }
-  }
-  if (theme.spacing) {
-    for (const [key, value] of Object.entries(theme.spacing)) {
-      variables.push(`  --spacing-${key}: ${value};`);
-    }
-  }
-  if (theme.borderRadius) {
-    for (const [key, value] of Object.entries(theme.borderRadius)) {
-      variables.push(`  --radius-${key}: ${value};`);
-    }
-  }
-  if (theme.shadows) {
-    for (const [key, value] of Object.entries(theme.shadows)) {
-      variables.push(`  --shadow-${key}: ${value};`);
-    }
-  }
-  return `:root {
-${variables.join("\n")}
-}`;
-}
-function createAdminStyling(config) {
-  const cssVars = generateCSSVariables(config.theme || defaultLightTheme);
-  const componentStyles = [];
-  if (config.componentOverrides) {
-    for (const [selector, styles] of Object.entries(config.componentOverrides)) {
-      const props = Object.entries(styles).map(([k, v]) => `  ${k}: ${v};`).join("\n");
-      componentStyles.push(`${selector} {
-${props}
-}`);
-    }
-  }
-  return `
-    ${cssVars}
-    ${config.customStyles || ""}
-    ${componentStyles.join("\n")}
-  `;
-}
-var defaultFieldStyling = {
-  text: {
-    wrapper: { marginBottom: "var(--spacing-md)" },
-    label: {
-      display: "block",
-      marginBottom: "var(--spacing-xs)",
-      fontWeight: "500",
-      color: "var(--color-text)"
-    },
-    input: {
-      width: "100%",
-      padding: "var(--spacing-sm) var(--spacing-md)",
-      border: "1px solid var(--color-border)",
-      borderRadius: "var(--radius-md)",
-      fontSize: "0.875rem"
-    },
-    error: {
-      color: "var(--color-error)",
-      fontSize: "0.75rem",
-      marginTop: "var(--spacing-xs)"
-    }
-  },
-  number: {
-    wrapper: { marginBottom: "var(--spacing-md)" },
-    label: { display: "block", marginBottom: "var(--spacing-xs)", fontWeight: "500" },
-    input: {
-      width: "100%",
-      padding: "var(--spacing-sm) var(--spacing-md)",
-      border: "1px solid var(--color-border)",
-      borderRadius: "var(--radius-md)"
-    }
-  },
-  checkbox: {
-    wrapper: { display: "flex", alignItems: "center", gap: "var(--spacing-sm)" },
-    input: { width: "1rem", height: "1rem" },
-    label: { cursor: "pointer" }
-  },
-  select: {
-    wrapper: { marginBottom: "var(--spacing-md)" },
-    input: {
-      width: "100%",
-      padding: "var(--spacing-sm) var(--spacing-md)",
-      border: "1px solid var(--color-border)",
-      borderRadius: "var(--radius-md)",
-      backgroundColor: "white"
-    }
-  }
-};
-
 // src/auth/security/lockout.ts
 var DEFAULT_LOCKOUT_CONFIG = {
   maxAttempts: 5,
@@ -2492,7 +3729,7 @@ var AuditLogger = class {
     };
   }
 };
-function createAuditContext(req) {
+function createAuditContext2(req) {
   return {
     ipAddress: req.headers.get("x-forwarded-for")?.split(",")[0]?.trim() || req.headers.get("x-real-ip") || "unknown",
     userAgent: req.headers.get("user-agent") || "unknown"
@@ -2502,10 +3739,9 @@ var InMemoryAuthAdapter = class {
   users = /* @__PURE__ */ new Map();
   sessions = /* @__PURE__ */ new Map();
   refreshTokens = /* @__PURE__ */ new Map();
-  // refreshToken -> sessionId
   emailToUserId = /* @__PURE__ */ new Map();
   passwordHistory = /* @__PURE__ */ new Map();
-  // userId -> passwordHash[]
+  auditLogs = [];
   externalDb = false;
   constructor() {
   }
@@ -2521,10 +3757,11 @@ var InMemoryAuthAdapter = class {
   async createUser(data) {
     const userId = randomBytes(16).toString("hex");
     const now = (/* @__PURE__ */ new Date()).toISOString();
+    const passwordHash = await this.hashPassword(data.password);
     const user = {
       id: userId,
       email: data.email.toLowerCase(),
-      passwordHash: data.passwordHash,
+      passwordHash,
       role: data.role || "customer",
       tenantId: data.tenantId,
       createdAt: now,
@@ -2582,9 +3819,12 @@ var InMemoryAuthAdapter = class {
     const bcrypt2 = (await import('bcryptjs')).default;
     return bcrypt2.hash(password, 12);
   }
-  async verifyPassword(password, hash) {
+  async verifyPassword(email, password) {
+    const user = await this.findUserByEmail(email);
+    if (!user || !user.passwordHash) return null;
     const bcrypt2 = (await import('bcryptjs')).default;
-    return bcrypt2.compare(password, hash);
+    const valid = await bcrypt2.compare(password, user.passwordHash);
+    return valid ? user : null;
   }
   async createSession(userId, data = {}) {
     const sessionId = randomBytes(32).toString("hex");
@@ -2655,179 +3895,65 @@ var InMemoryAuthAdapter = class {
   async hasAnyUsers() {
     return this.users.size > 0;
   }
+  async findAuditLogs(filter) {
+    const { limit = 50, offset = 0 } = filter;
+    let logs = this.auditLogs.slice().reverse();
+    if (filter.userId) logs = logs.filter((l) => l.userId === filter.userId);
+    if (filter.action) {
+      if (Array.isArray(filter.action)) {
+        logs = logs.filter((l) => filter.action.includes(String(l.action)));
+      } else {
+        logs = logs.filter((l) => l.action === filter.action);
+      }
+    }
+    if (filter.resource)
+      logs = logs.filter((l) => l.resource === filter.resource);
+    if (filter.success !== void 0)
+      logs = logs.filter((l) => l.success === filter.success);
+    return { logs: logs.slice(offset, offset + limit), total: logs.length };
+  }
+  async createAuditLog(data) {
+    const id = randomBytes(16).toString("hex");
+    const timestamp = /* @__PURE__ */ new Date();
+    const log = { ...data, id, timestamp };
+    this.auditLogs.push(log);
+    return log;
+  }
 };
 
-// src/auth/security/in-memory-rate-limit.ts
-var InMemoryRateLimiter = class {
+// src/auth/security/in-memory-lockout.ts
+var InMemoryAccountLockout = class {
   storage = /* @__PURE__ */ new Map();
-  userStorage = /* @__PURE__ */ new Map();
-  limits;
-  userLimits;
-  constructor(limits, userLimits) {
-    this.limits = { ...DEFAULT_RATE_LIMITS2, ...limits };
-    this.userLimits = userLimits || {
-      "user:api": { window: 6e4, max: 500 },
-      "user:write": { window: 36e5, max: 100 }
+  history = /* @__PURE__ */ new Map();
+  // userId -> attempt timestamps
+  config;
+  constructor(config = {}) {
+    this.config = {
+      maxAttempts: 5,
+      lockDuration: 9e5,
+      // 15 minutes
+      notifyUser: true,
+      notifyAdmin: true,
+      adminNotifyAfter: 3,
+      ...config
     };
   }
-  getKey(type, identifier) {
-    return `${type}:${identifier}`;
-  }
-  getUserKey(type, userId, identifier) {
-    return `user:${type}:${userId}:${identifier}`;
-  }
-  cleanupOldEntries(entries, window) {
+  async checkLockout(userId) {
     const now = Date.now();
-    const windowStart = now - window;
-    while (entries.length > 0 && entries[0].timestamp < windowStart) {
-      entries.shift();
-    }
-  }
-  async check(type, identifier) {
-    const config = this.limits[type] || this.limits["api:general"];
-    const key = this.getKey(type, identifier);
-    let entries = this.storage.get(key);
-    if (!entries) {
-      entries = [];
-      this.storage.set(key, entries);
+    const record = this.storage.get(userId);
+    if (record && record.lockedUntil !== null && record.lockedUntil <= now) {
+      await this.resetAttempts(userId);
+      return {
+        locked: false,
+        attemptsRemaining: this.config.maxAttempts,
+        totalAttempts: 0
+      };
     }
-    this.cleanupOldEntries(entries, config.window);
-    const now = Date.now();
-    const count = entries.reduce((sum, entry) => sum + entry.count, 0);
-    entries.push({ timestamp: now, count: 1 });
-    if (count >= config.max) {
-      const oldestEntry = entries.reduce(
-        (oldest, current) => oldest.timestamp < current.timestamp ? oldest : current,
-        entries[0]
-      );
-      const resetAt = oldestEntry.timestamp + config.window;
+    if (!record) {
       return {
-        allowed: false,
-        remaining: 0,
-        resetAt,
-        retryAfter: Math.ceil((resetAt - now) / 1e3)
-      };
-    }
-    return {
-      allowed: true,
-      remaining: config.max - count - 1,
-      resetAt: now + config.window
-    };
-  }
-  async checkUser(type, userId, identifier) {
-    const config = this.userLimits[type] || this.userLimits["user:api"];
-    const userMap = this.userStorage.get(userId);
-    let entries = [];
-    if (userMap) {
-      entries = userMap.get(this.getKey(type, identifier)) || [];
-    } else {
-      if (!this.userStorage.has(userId)) {
-        this.userStorage.set(userId, /* @__PURE__ */ new Map());
-      }
-      this.userStorage.get(userId).set(this.getKey(type, identifier), entries);
-    }
-    this.cleanupOldEntries(entries, config.window);
-    const now = Date.now();
-    const count = entries.reduce((sum, entry) => sum + entry.count, 0);
-    entries.push({ timestamp: now, count: 1 });
-    if (count >= config.max) {
-      const oldestEntry = entries.reduce(
-        (oldest, current) => oldest.timestamp < current.timestamp ? oldest : current,
-        entries[0]
-      );
-      const resetAt = oldestEntry.timestamp + config.window;
-      return {
-        allowed: false,
-        remaining: 0,
-        resetAt,
-        retryAfter: Math.ceil((resetAt - now) / 1e3)
-      };
-    }
-    return {
-      allowed: true,
-      remaining: config.max - count - 1,
-      resetAt: now + config.window
-    };
-  }
-  async reset(type, identifier) {
-    const key = this.getKey(type, identifier);
-    this.storage.delete(key);
-  }
-  async resetUser(type, userId, identifier) {
-    const userMap = this.userStorage.get(userId);
-    if (userMap) {
-      const key = this.getKey(type, identifier);
-      userMap.delete(key);
-    }
-  }
-  async getStatus(type, identifier) {
-    const config = this.limits[type] || this.limits["api:general"];
-    const key = this.getKey(type, identifier);
-    let entries = this.storage.get(key);
-    if (!entries) {
-      entries = [];
-      this.storage.set(key, entries);
-    }
-    this.cleanupOldEntries(entries, config.window);
-    const now = Date.now();
-    const count = entries.reduce((sum, entry) => sum + entry.count, 0);
-    return {
-      count,
-      limit: config.max,
-      remaining: Math.max(0, config.max - count),
-      resetAt: now + config.window
-    };
-  }
-  setLimit(type, config) {
-    this.limits[type] = config;
-  }
-  setUserLimit(type, config) {
-    this.userLimits[type] = config;
-  }
-};
-var DEFAULT_RATE_LIMITS2 = {
-  "auth:login": { window: 9e5, max: 5 },
-  "auth:register": { window: 36e5, max: 3 },
-  "auth:forgot": { window: 36e5, max: 3 },
-  "auth:reset": { window: 36e5, max: 5 },
-  "auth:verify": { window: 36e5, max: 5 },
-  "api:general": { window: 6e4, max: 100 },
-  "api:authenticated": { window: 6e4, max: 200 }
-};
-
-// src/auth/security/in-memory-lockout.ts
-var InMemoryAccountLockout = class {
-  storage = /* @__PURE__ */ new Map();
-  history = /* @__PURE__ */ new Map();
-  // userId -> attempt timestamps
-  config;
-  constructor(config = {}) {
-    this.config = {
-      maxAttempts: 5,
-      lockDuration: 9e5,
-      // 15 minutes
-      notifyUser: true,
-      notifyAdmin: true,
-      adminNotifyAfter: 3,
-      ...config
-    };
-  }
-  async checkLockout(userId) {
-    const now = Date.now();
-    const record = this.storage.get(userId);
-    if (record && record.lockedUntil !== null && record.lockedUntil <= now) {
-      await this.resetAttempts(userId);
-      return {
-        locked: false,
-        attemptsRemaining: this.config.maxAttempts,
-        totalAttempts: 0
-      };
-    }
-    if (!record) {
-      return {
-        locked: false,
-        attemptsRemaining: this.config.maxAttempts,
-        totalAttempts: 0
+        locked: false,
+        attemptsRemaining: this.config.maxAttempts,
+        totalAttempts: 0
       };
     }
     const { attempts, lockedUntil } = record;
@@ -3058,38 +4184,6 @@ var InMemoryAuditLogger = class {
     this.logs = this.logs.filter((log) => log.timestamp >= cutoffDate);
   }
 };
-function createAuditContext2(req) {
-  return {
-    ipAddress: req.headers.get("x-forwarded-for")?.split(",")[0]?.trim() || req.headers.get("x-real-ip") || "unknown",
-    userAgent: req.headers.get("user-agent") || "unknown"
-  };
-}
-function defaultExtractToken(req) {
-  const authHeader = req.headers.get("Authorization");
-  if (authHeader?.startsWith("Bearer ")) {
-    return authHeader.slice(7);
-  }
-  const cookieHeader = req.headers.get("Cookie");
-  if (cookieHeader) {
-    const cookies = Object.fromEntries(
-      cookieHeader.split("; ").map((c) => {
-        const [key, ...val] = c.split("=");
-        return [key.trim(), val.join("=")];
-      })
-    );
-    return cookies["auth_token"] || null;
-  }
-  return null;
-}
-function generateToken(payload, secret, options = {}) {
-  return jwt2.sign(payload, secret, {
-    expiresIn: options.expiresIn || "24h",
-    issuer: options.issuer,
-    audience: options.audience
-  });
-}
-
-// src/api/rest/auth-routes.ts
 var AuthRoutes = class {
   authAdapter;
   email;
@@ -3118,7 +4212,7 @@ var AuthRoutes = class {
     this.emailVerificationRequired = config.emailVerificationRequired ?? true;
   }
   async register(req) {
-    const { ipAddress, userAgent } = createAuditContext2(req);
+    const { ipAddress, userAgent } = createAuditContext(req);
     if (this.rateLimiter) {
       const limit = await this.rateLimiter.check("auth:register", ipAddress);
       if (!limit.allowed) {
@@ -3141,10 +4235,9 @@ var AuthRoutes = class {
       if (existingUser) {
         return this.errorResponse("Email already registered", 400);
       }
-      const passwordHash = await this.authAdapter.hashPassword(body.password);
       const user = await this.authAdapter.createUser({
         email: body.email,
-        passwordHash,
+        password: body.password,
         role: body.role || "customer",
         tenantId: body.tenantId
       });
@@ -3180,7 +4273,7 @@ var AuthRoutes = class {
     }
   }
   async login(req) {
-    const { ipAddress, userAgent } = createAuditContext2(req);
+    const { ipAddress, userAgent } = createAuditContext(req);
     if (this.rateLimiter) {
       const limit = await this.rateLimiter.check("auth:login", ipAddress);
       if (!limit.allowed) {
@@ -3277,9 +4370,9 @@ var AuthRoutes = class {
     if (!token) {
       return this.errorResponse("No session to logout", 401);
     }
-    const { ipAddress, userAgent } = createAuditContext2(req);
+    const { ipAddress, userAgent } = createAuditContext(req);
     try {
-      const payload = jwt2.decode(token);
+      const payload = jwt.decode(token);
       if (payload && payload.sub) {
         await this.authAdapter.deleteUserSessions(payload.sub);
         if (this.auditLogger) {
@@ -3320,7 +4413,7 @@ var AuthRoutes = class {
       return this.errorResponse("Not authenticated", 401);
     }
     try {
-      const payload = jwt2.verify(token, this.jwtSecret, {
+      const payload = jwt.verify(token, this.jwtSecret, {
         issuer: this.jwtIssuer,
         audience: this.jwtAudience
       });
@@ -3341,9 +4434,9 @@ var AuthRoutes = class {
     if (!token) {
       return this.errorResponse("Not authenticated", 401);
     }
-    const { ipAddress, userAgent } = createAuditContext2(req);
+    const { ipAddress, userAgent } = createAuditContext(req);
     try {
-      const payload = jwt2.verify(token, this.jwtSecret);
+      const payload = jwt.verify(token, this.jwtSecret);
       const body = await req.json();
       const { currentPassword, newPassword, confirmPassword } = body;
       if (!currentPassword || !newPassword) {
@@ -3417,7 +4510,7 @@ var AuthRoutes = class {
     }
   }
   async forgotPassword(req) {
-    const { ipAddress, userAgent } = createAuditContext2(req);
+    const { ipAddress, userAgent } = createAuditContext(req);
     if (this.rateLimiter) {
       const limit = await this.rateLimiter.check("auth:forgot", ipAddress);
       if (!limit.allowed) {
@@ -3550,8 +4643,8 @@ function detectDatabaseType() {
   }
   try {
     const { readFileSync } = __require("fs");
-    const { join } = __require("path");
-    const configPath = join(process.cwd(), "kyro.config.ts");
+    const { join: join2 } = __require("path");
+    const configPath = join2(process.cwd(), "kyro.config.ts");
     const configContent = readFileSync(configPath, "utf8");
     if (configContent.includes("createLocalAdapter")) {
       return "sqlite";
@@ -3593,7 +4686,7 @@ async function createAuthConfig(databaseType) {
   const distributed = getEnvBool("KYRO_DISTRIBUTED", false);
   let authAdapter;
   if (distributed) {
-    const { RedisAuthAdapter: RedisAuthAdapter2 } = await import('./redis-adapter-4YDY4LWE.js');
+    const { RedisAuthAdapter: RedisAuthAdapter2 } = await import('./redis-adapter-RA24FNCX.js');
     const redisUrl = getEnv("REDIS_URL", "redis://localhost:6379");
     const redisTls = getEnvBool("REDIS_TLS", false);
     const redisAdapter = new RedisAuthAdapter2({ url: redisUrl, tls: redisTls });
@@ -3606,8 +4699,7 @@ async function createAuthConfig(databaseType) {
       await authAdapter.connect();
     }
   }
-  const emailConfig = getEmailConfig();
-  const email = emailConfig ? new EmailTransport(emailConfig) : void 0;
+  const email = EmailTransport.fromEnv() || void 0;
   const passwordPolicy = new PasswordPolicy({
     minLength: getEnvNum("PASSWORD_MIN_LENGTH", 12),
     requireUppercase: getEnvBool("PASSWORD_REQUIRE_UPPERCASE", true),
@@ -3684,21 +4776,6 @@ async function createAuthConfig(databaseType) {
     routes
   };
 }
-function getEmailConfig() {
-  const host = getEnv("SMTP_HOST");
-  if (!host) return void 0;
-  return {
-    host,
-    port: getEnvNum("SMTP_PORT", 587),
-    secure: getEnvBool("SMTP_SECURE", false),
-    auth: {
-      user: getEnv("SMTP_USER"),
-      pass: getEnv("SMTP_PASS")
-    },
-    from: getEnv("SMTP_FROM", "noreply@example.com"),
-    fromName: getEnv("SMTP_FROM_NAME", "Kyro CMS")
-  };
-}
 var authConfig = createAuthConfig();
 
 // src/auth/index.ts
@@ -3725,10 +4802,9 @@ var Auth = class {
       if (existing) {
         return { success: false, error: "Email already registered" };
       }
-      const passwordHash = await this.hashPassword(data.password);
       const user = await this.adapter.createUser({
         email: data.email,
-        passwordHash,
+        password: data.password,
         role: data.role ?? "customer",
         tenantId: data.tenantId
       });
@@ -3739,15 +4815,11 @@ var Auth = class {
   }
   async login(credentials) {
     try {
-      const user = await this.adapter.findUserByEmail(credentials.email);
-      if (!user || !user.passwordHash) {
-        return { success: false, error: "Invalid credentials" };
-      }
-      const valid = await this.adapter.verifyPassword(
-        credentials.password,
-        user.passwordHash
+      const user = await this.adapter.verifyPassword(
+        credentials.email,
+        credentials.password
       );
-      if (!valid) {
+      if (!user) {
         return { success: false, error: "Invalid credentials" };
       }
       return this.createSessionForUser(user);
@@ -3776,7 +4848,7 @@ var Auth = class {
   }
   async verifyToken(token) {
     try {
-      const decoded = jwt2.verify(token, this.config.secret, {
+      const decoded = jwt.verify(token, this.config.secret, {
         issuer: this.config.issuer,
         audience: this.config.audience.length > 0 ? this.config.audience[0] : void 0
       });
@@ -3793,18 +4865,17 @@ var Auth = class {
   async changePassword(userId, currentPassword, newPassword) {
     try {
       const user = await this.adapter.findUserById(userId);
-      if (!user || !user.passwordHash) {
+      if (!user) {
         return { success: false, error: "User not found" };
       }
       const valid = await this.adapter.verifyPassword(
-        currentPassword,
-        user.passwordHash
+        user.email,
+        currentPassword
       );
       if (!valid) {
         return { success: false, error: "Current password is incorrect" };
       }
-      const newHash = await this.hashPassword(newPassword);
-      await this.adapter.updateUser(userId, { passwordHash: newHash });
+      await this.adapter.updateUser(userId, { password: newPassword });
       await this.adapter.deleteUserSessions(userId);
       return { success: true, user };
     } catch (error) {
@@ -3817,8 +4888,7 @@ var Auth = class {
       if (!user) {
         return { success: false, error: "User not found" };
       }
-      const passwordHash = await this.hashPassword(newPassword);
-      await this.adapter.updateUser(user.id, { passwordHash });
+      await this.adapter.updateUser(user.id, { password: newPassword });
       await this.adapter.deleteUserSessions(user.id);
       return { success: true, user };
     } catch (error) {
@@ -3862,7 +4932,7 @@ var Auth = class {
     if (this.config.audience.length > 0) {
       signOptions.audience = this.config.audience[0];
     }
-    return jwt2.sign(payload, this.config.secret, signOptions);
+    return jwt.sign(payload, this.config.secret, signOptions);
   }
   async hashPassword(password) {
     return bcrypt.hash(password, this.config.saltRounds);
@@ -4036,6 +5106,1590 @@ function isDraft(status) {
 function isArchived(status) {
   return status === "archived";
 }
+function createLocalStorage(config) {
+  const { uploadDir, baseUrl = "/uploads" } = config;
+  async function ensureDir(dir) {
+    if (!existsSync(dir)) {
+      await mkdir(dir, { recursive: true });
+    }
+  }
+  function getMimeType(filename) {
+    const ext = extname(filename).toLowerCase();
+    const mimeTypes = {
+      ".jpg": "image/jpeg",
+      ".jpeg": "image/jpeg",
+      ".png": "image/png",
+      ".gif": "image/gif",
+      ".webp": "image/webp",
+      ".svg": "image/svg+xml",
+      ".mp4": "video/mp4",
+      ".webm": "video/webm",
+      ".pdf": "application/pdf",
+      ".doc": "application/msword",
+      ".docx": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
+      ".xls": "application/vnd.ms-excel",
+      ".xlsx": "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet",
+      ".zip": "application/zip"
+    };
+    return mimeTypes[ext] || "application/octet-stream";
+  }
+  async function getImageDimensions(buffer) {
+    try {
+      const header = buffer.toString("hex", 0, 8);
+      if (header.startsWith("89504e47")) {
+        const width = buffer.readUInt32BE(16);
+        const height = buffer.readUInt32BE(20);
+        return { width, height };
+      }
+      if (header.startsWith("ffd8")) {
+        let offset = 2;
+        while (offset < buffer.length) {
+          if (buffer[offset] !== 255) break;
+          const marker = buffer[offset + 1];
+          if (marker === 192 || marker === 194) {
+            const height = buffer.readUInt16BE(offset + 5);
+            const width = buffer.readUInt16BE(offset + 7);
+            return { width, height };
+          }
+          offset += 2 + buffer.readUInt16BE(offset + 2);
+        }
+      }
+    } catch {
+    }
+    return {};
+  }
+  return {
+    name: "local",
+    displayName: "Local Storage",
+    supportsDynamicResize: true,
+    async upload(file, options) {
+      await ensureDir(uploadDir);
+      const buffer = Buffer.from(await file.arrayBuffer());
+      const hash = createHash("md5").update(buffer).digest("hex");
+      const ext = extname(file.name);
+      const filename = options?.filename || `${hash}${ext}`;
+      const folder = options?.folder || "";
+      const targetDir = folder ? join(uploadDir, folder) : uploadDir;
+      await ensureDir(targetDir);
+      const filepath = join(targetDir, filename);
+      await writeFile(filepath, buffer);
+      const dimensions = file.type.startsWith("image/") ? await getImageDimensions(buffer) : {};
+      const normalizedBaseUrl = baseUrl || "/uploads";
+      const urlPath = folder ? `/${folder}/${filename}` : `/${filename}`;
+      const url = normalizedBaseUrl + urlPath;
+      return {
+        id: hash,
+        filename,
+        originalName: file.name,
+        mimeType: file.type || getMimeType(file.name),
+        size: buffer.length,
+        url,
+        thumbnailUrl: file.type.startsWith("image/") ? url : void 0,
+        folder: folder || void 0,
+        provider: "local",
+        metadata: {
+          ...dimensions,
+          ...options?.metadata
+        },
+        createdAt: (/* @__PURE__ */ new Date()).toISOString()
+      };
+    },
+    async uploadFromUrl(url, options) {
+      const response = await fetch(url);
+      if (!response.ok) {
+        throw new Error(`Failed to fetch file: ${response.statusText}`);
+      }
+      const blob = await response.blob();
+      const contentDisposition = response.headers.get("content-disposition");
+      let filename = options?.filename;
+      if (!filename && contentDisposition) {
+        const match = contentDisposition.match(
+          /filename[^;=\n]*=((['"]).*?\2|[^;\n]*)/
+        );
+        if (match) {
+          filename = match[1].replace(/['"]/g, "");
+        }
+      }
+      if (!filename) {
+        filename = basename(new URL(url).pathname);
+      }
+      const file = new File([blob], filename, {
+        type: blob.type || getMimeType(filename)
+      });
+      return this.upload(file, options);
+    },
+    async delete(url) {
+      const filepath = join(uploadDir, url.replace(baseUrl + "/", ""));
+      try {
+        await unlink(filepath);
+      } catch {
+      }
+    },
+    async rename(oldUrl, newFilename) {
+      const oldPath = join(uploadDir, oldUrl.replace(baseUrl + "/", ""));
+      const newPath = join(uploadDir, newFilename);
+      await rename(oldPath, newPath);
+      return `${baseUrl}/${newFilename}`;
+    },
+    getImageUrl(url, transforms) {
+      if (!transforms || Object.keys(transforms).length === 0) return url;
+      const params = new URLSearchParams({ url });
+      if (transforms.width) params.set("w", String(transforms.width));
+      if (transforms.height) params.set("h", String(transforms.height));
+      if (transforms.quality) params.set("q", String(transforms.quality));
+      if (transforms.format) params.set("f", transforms.format);
+      return `/api/media/resize?${params.toString()}`;
+    },
+    async generateThumbnail(file) {
+      if (!file.mimeType.startsWith("image/")) return "";
+      return this.getImageUrl(file.url, { width: 400, height: 400 });
+    },
+    async list(prefix) {
+      const dir = prefix ? join(uploadDir, prefix) : uploadDir;
+      if (!existsSync(dir)) return [];
+      const files = [];
+      const entries = await readdir(dir, { withFileTypes: true });
+      for (const entry of entries) {
+        if (entry.isFile()) {
+          const filepath = join(dir, entry.name);
+          const stats = await stat(filepath);
+          const url = `${baseUrl}${prefix ? `/${prefix}` : ""}/${entry.name}`;
+          files.push({
+            id: createHash("md5").update(entry.name).digest("hex"),
+            filename: entry.name,
+            originalName: entry.name,
+            mimeType: getMimeType(entry.name),
+            size: stats.size,
+            url,
+            provider: "local",
+            createdAt: stats.birthtime.toISOString()
+          });
+        }
+      }
+      return files;
+    },
+    async exists(url) {
+      const filepath = join(uploadDir, url.replace(baseUrl + "/", ""));
+      return existsSync(filepath);
+    }
+  };
+}
+function extractPublicDevUrlId(url) {
+  if (!url) return "";
+  if (url.startsWith("pub-")) return url;
+  const match = url.match(/pub-[a-zA-Z0-9]+/i);
+  return match ? match[0] : "";
+}
+function getPublicUrl(key, config) {
+  const normalizedKey = key.startsWith("/") ? key.slice(1) : key;
+  if (config.cdnUrl) {
+    const cdn = config.cdnUrl.replace(/\/$/, "");
+    return `${cdn}/${normalizedKey}`;
+  }
+  switch (config.provider) {
+    case "r2": {
+      const pubId = extractPublicDevUrlId(config.publicDevUrl);
+      if (pubId) {
+        return `https://${pubId}.r2.dev/${normalizedKey}`;
+      }
+      return `https://${config.bucket}.${config.accountId}.r2.cloudflarestorage.com/${normalizedKey}`;
+    }
+    case "gcs":
+      return `https://storage.googleapis.com/${config.bucket}/${normalizedKey}`;
+    case "digitalocean":
+      return `https://${config.bucket}.${config.region}.cdn.digitaloceanspaces.com/${normalizedKey}`;
+    case "backblaze":
+      return `https://${config.bucket}.s3.backblazeb2.com/${normalizedKey}`;
+    case "wasabi":
+      return `https://${config.bucket}.s3.wasabisys.com/${normalizedKey}`;
+    case "aws":
+    default:
+      return `https://${config.bucket}.s3.${config.region}.amazonaws.com/${normalizedKey}`;
+  }
+}
+function getUrlPrefix(config) {
+  if (config.cdnUrl) {
+    return config.cdnUrl.replace(/\/$/, "") + "/";
+  }
+  switch (config.provider) {
+    case "r2": {
+      const pubId = extractPublicDevUrlId(config.publicDevUrl);
+      if (pubId) {
+        return `https://${pubId}.r2.dev/`;
+      }
+      return `https://${config.bucket}.${config.accountId}.r2.cloudflarestorage.com/`;
+    }
+    case "gcs":
+      return `https://storage.googleapis.com/${config.bucket}/`;
+    case "digitalocean":
+      return `https://${config.bucket}.${config.region}.cdn.digitaloceanspaces.com/`;
+    case "backblaze":
+      return `https://${config.bucket}.s3.backblazeb2.com/`;
+    case "wasabi":
+      return `https://${config.bucket}.s3.wasabisys.com/`;
+    case "aws":
+    default:
+      return `https://${config.bucket}.s3.${config.region}.amazonaws.com/`;
+  }
+}
+function getDisplayName(provider) {
+  switch (provider) {
+    case "r2":
+      return "Cloudflare R2";
+    case "gcs":
+      return "Google Cloud Storage";
+    case "digitalocean":
+      return "DigitalOcean Spaces";
+    case "backblaze":
+      return "Backblaze B2";
+    case "wasabi":
+      return "Wasabi";
+    case "aws":
+    default:
+      return "AWS S3";
+  }
+}
+function createS3Storage(config) {
+  console.log("[createS3Storage] Creating provider:", config.provider);
+  console.log("[createS3Storage] Credentials:", {
+    accessKeyId: config.accessKeyId ? "SET" : "UNDEFINED",
+    secretAccessKey: config.secretAccessKey ? "SET" : "UNDEFINED",
+    bucket: config.bucket,
+    accountId: config.accountId,
+    endpoint: config.endpoint
+  });
+  const client = new S3Client({
+    region: config.region || "auto",
+    endpoint: config.endpoint,
+    credentials: {
+      accessKeyId: config.accessKeyId,
+      secretAccessKey: config.secretAccessKey
+    },
+    forcePathStyle: true,
+    tls: true,
+    // R2 requires specific SSL configuration
+    ...config.provider === "r2" && {
+      requestHandler: new (init_dist_es4(), __toCommonJS(dist_es_exports)).NodeHttpHandler({
+        connectionTimeout: 1e4,
+        socketTimeout: 1e4
+      })
+    }
+  });
+  const getKey = (path2) => {
+    const prefix = config.prefix ? `${config.prefix}/` : "";
+    return `${prefix}${path2}`.replace(/\/+/g, "/");
+  };
+  const getUrl = (key) => getPublicUrl(key, config);
+  return {
+    name: config.provider,
+    displayName: getDisplayName(config.provider),
+    supportsDynamicResize: true,
+    async upload(file, options) {
+      const key = getKey(
+        `${options?.folder ? `${options.folder}/` : ""}${options?.filename || file.name}`
+      );
+      const buffer = Buffer.from(await file.arrayBuffer());
+      await client.send(
+        new PutObjectCommand({
+          Bucket: config.bucket,
+          Key: key,
+          Body: buffer,
+          ContentType: file.type,
+          Metadata: options?.metadata
+        })
+      );
+      const head = await client.send(
+        new HeadObjectCommand({
+          Bucket: config.bucket,
+          Key: key
+        })
+      );
+      return {
+        id: Buffer.from(key).toString("base64url"),
+        filename: options?.filename || file.name,
+        originalName: file.name,
+        mimeType: file.type,
+        size: buffer.length,
+        url: getUrl(key),
+        thumbnailUrl: file.type.startsWith("image/") ? getUrl(key) : void 0,
+        folder: options?.folder,
+        provider: config.provider,
+        metadata: {
+          ...options?.metadata,
+          etag: head.ETag
+        },
+        createdAt: (/* @__PURE__ */ new Date()).toISOString()
+      };
+    },
+    async uploadFromUrl(url) {
+      const response = await fetch(url);
+      if (!response.ok) {
+        throw new Error(`Failed to fetch: ${response.statusText}`);
+      }
+      const blob = await response.blob();
+      const filename = url.split("/").pop() || "file";
+      const file = new File([blob], filename, { type: blob.type });
+      return this.upload(file);
+    },
+    async delete(url) {
+      const key = url.replace(getUrlPrefix(config), "");
+      await client.send(
+        new DeleteObjectCommand({
+          Bucket: config.bucket,
+          Key: key
+        })
+      );
+    },
+    async rename(oldUrl, newKey) {
+      const oldKey = oldUrl.replace(getUrlPrefix(config), "");
+      const newKeyWithPrefix = config.prefix ? `${config.prefix}/${newKey}` : newKey;
+      await client.send(
+        new CopyObjectCommand({
+          Bucket: config.bucket,
+          CopySource: `${config.bucket}/${oldKey}`,
+          Key: newKeyWithPrefix
+        })
+      );
+      await client.send(
+        new DeleteObjectCommand({
+          Bucket: config.bucket,
+          Key: oldKey
+        })
+      );
+      return getUrl(newKeyWithPrefix);
+    },
+    getImageUrl(url, transforms) {
+      if (!transforms || Object.keys(transforms).length === 0) return url;
+      const params = new URLSearchParams({ url });
+      if (transforms.width) params.set("w", String(transforms.width));
+      if (transforms.height) params.set("h", String(transforms.height));
+      if (transforms.quality) params.set("q", String(transforms.quality));
+      if (transforms.format) params.set("f", transforms.format);
+      return `/api/media/resize?${params.toString()}`;
+    },
+    async generateThumbnail(file) {
+      return this.getImageUrl(file.url, { width: 400, height: 400 });
+    },
+    async list(prefix) {
+      const key = getKey(prefix || "");
+      const response = await client.send(
+        new ListObjectsV2Command({
+          Bucket: config.bucket,
+          Prefix: key
+        })
+      );
+      return (response.Contents || []).map((item) => ({
+        id: Buffer.from(item.Key || "").toString("base64url"),
+        filename: item.Key?.split("/").pop() || "",
+        originalName: item.Key?.split("/").pop() || "",
+        mimeType: "application/octet-stream",
+        size: item.Size || 0,
+        url: getUrl(item.Key || ""),
+        provider: config.provider,
+        createdAt: item.LastModified?.toISOString() || (/* @__PURE__ */ new Date()).toISOString()
+      }));
+    },
+    async exists(url) {
+      try {
+        const key = url.replace(getUrlPrefix(config), "");
+        await client.send(
+          new HeadObjectCommand({
+            Bucket: config.bucket,
+            Key: key
+          })
+        );
+        return true;
+      } catch {
+        return false;
+      }
+    }
+  };
+}
+
+// src/storage/cloudinary.ts
+function createCloudinaryStorage(config) {
+  const getBaseUrl = () => `https://api.cloudinary.com/v1_1/${config.cloudName}/upload`;
+  const generateSignature = async (params) => {
+    const crypto = await import('crypto');
+    const sortedParams = Object.keys(params).sort().map((key) => `${key}=${params[key]}`).join("&");
+    return crypto.createHash("sha256").update(sortedParams + config.apiSecret).digest("hex");
+  };
+  return {
+    name: "cloudinary",
+    displayName: "Cloudinary",
+    supportsDynamicResize: true,
+    async upload(file, options) {
+      const formData = new FormData();
+      formData.append("file", file);
+      if (config.uploadPreset) {
+        formData.append("upload_preset", config.uploadPreset);
+      } else {
+        const timestamp = Math.round(Date.now() / 1e3);
+        const signatureParams = {
+          timestamp: String(timestamp)
+        };
+        if (options?.folder || config.folder) {
+          signatureParams.folder = options?.folder || config.folder || "";
+        }
+        const signature = await generateSignature(signatureParams);
+        formData.append("timestamp", String(timestamp));
+        formData.append("signature", signature);
+        formData.append("api_key", config.apiKey);
+      }
+      if (options?.folder || config.folder) {
+        formData.append("folder", options?.folder || config.folder || "");
+      }
+      const response = await fetch(getBaseUrl(), {
+        method: "POST",
+        body: formData
+      });
+      if (!response.ok) {
+        const error = await response.json();
+        throw new Error(
+          `Cloudinary upload failed: ${error.error?.message || response.statusText}`
+        );
+      }
+      const data = await response.json();
+      return {
+        id: data.public_id,
+        filename: `${data.public_id}.${data.format}`,
+        originalName: data.original_filename || file.name,
+        mimeType: file.type || `image/${data.format}`,
+        size: data.bytes,
+        url: data.secure_url,
+        thumbnailUrl: this.getImageUrl(data.secure_url, {
+          width: 200,
+          height: 200,
+          fit: "crop"
+        }),
+        width: data.width,
+        height: data.height,
+        folder: options?.folder || config.folder,
+        provider: "cloudinary",
+        createdAt: (/* @__PURE__ */ new Date()).toISOString()
+      };
+    },
+    async uploadFromUrl(url, options) {
+      const formData = new FormData();
+      formData.append("file", url);
+      formData.append("upload_preset", "ml_default");
+      if (options?.folder || config.folder) {
+        formData.append("folder", options?.folder || config.folder || "");
+      }
+      const response = await fetch(getBaseUrl(), {
+        method: "POST",
+        body: formData
+      });
+      if (!response.ok) throw new Error("Cloudinary upload failed");
+      const data = await response.json();
+      return {
+        id: data.public_id,
+        filename: `${data.public_id}.${data.format}`,
+        originalName: data.original_filename || url.split("/").pop() || "file",
+        mimeType: `image/${data.format}`,
+        size: data.bytes,
+        url: data.secure_url,
+        thumbnailUrl: this.getImageUrl(data.secure_url, {
+          width: 200,
+          height: 200,
+          fit: "crop"
+        }),
+        width: data.width,
+        height: data.height,
+        provider: "cloudinary",
+        createdAt: (/* @__PURE__ */ new Date()).toISOString()
+      };
+    },
+    async delete(id) {
+      try {
+        const parts = id.split("/image/upload/");
+        if (parts.length !== 2) {
+          console.warn("[Cloudinary delete] Could not parse URL:", id);
+          return;
+        }
+        const publicId = parts[1].replace(/^v\d+\//, "").replace(/\.[^.]+$/, "");
+        const timestamp = Math.round(Date.now() / 1e3);
+        const signatureParams = {
+          timestamp: String(timestamp),
+          public_id: publicId
+        };
+        const sortedParams = Object.keys(signatureParams).sort().map((key) => `${key}=${signatureParams[key]}`).join("&");
+        const crypto = await import('crypto');
+        const signature = crypto.createHash("sha256").update(sortedParams + config.apiSecret).digest("hex");
+        const deleteUrl = `https://api.cloudinary.com/v1_1/${config.cloudName}/image/destroy`;
+        const formData = new FormData();
+        formData.append("public_id", publicId);
+        formData.append("timestamp", String(timestamp));
+        formData.append("signature", signature);
+        formData.append("api_key", config.apiKey);
+        const response = await fetch(deleteUrl, {
+          method: "POST",
+          body: formData
+        });
+        if (!response.ok) {
+          const error = await response.json();
+          console.warn("[Cloudinary delete] Failed:", error);
+        }
+      } catch (e) {
+        console.warn("[Cloudinary delete] Error:", e.message);
+      }
+    },
+    async rename(oldUrl, newKey) {
+      let version = "";
+      let newPublicId = newKey.replace(/\.[^.]+$/, "");
+      let folder = "";
+      try {
+        const parts = oldUrl.split("/image/upload/");
+        if (parts.length !== 2) {
+          console.warn("[Cloudinary rename] Could not parse old URL:", oldUrl);
+          return oldUrl;
+        }
+        const urlPath = parts[1];
+        const versionMatch = urlPath.match(/^(v\d+)\//);
+        version = versionMatch ? versionMatch[1] : "";
+        const publicIdWithoutVersion = urlPath.replace(/^v\d+\//, "").replace(/\.[^.]+$/, "");
+        const folderParts = publicIdWithoutVersion.split("/");
+        folder = folderParts.length > 1 ? folderParts.slice(0, -1).join("/") : "";
+        const newFilename = newKey.replace(/\.[^.]+$/, "");
+        newPublicId = folder ? `${folder}/${newFilename}` : newFilename;
+        console.log("[Cloudinary rename]", {
+          urlPath,
+          version,
+          publicIdWithoutVersion,
+          folder,
+          newPublicId
+        });
+        const timestamp = Math.round(Date.now() / 1e3);
+        const signatureParams = {
+          from_public_id: publicIdWithoutVersion,
+          to_public_id: newPublicId,
+          timestamp: String(timestamp)
+        };
+        const sortedParams = Object.keys(signatureParams).sort().map((key) => `${key}=${signatureParams[key]}`).join("&");
+        const crypto = await import('crypto');
+        const signature = crypto.createHash("sha256").update(sortedParams + config.apiSecret).digest("hex");
+        const formData = new FormData();
+        formData.append("from_public_id", publicIdWithoutVersion);
+        formData.append("to_public_id", newPublicId);
+        formData.append("timestamp", String(timestamp));
+        formData.append("signature", signature);
+        formData.append("api_key", config.apiKey);
+        const response = await fetch(
+          `https://api.cloudinary.com/v1_1/${config.cloudName}/image/rename`,
+          {
+            method: "POST",
+            body: formData
+          }
+        );
+        if (response.ok) {
+          const data = await response.json();
+          console.log("[Cloudinary rename] Success:", data.secure_url);
+          return data.secure_url;
+        } else {
+          const error = await response.json();
+          console.warn("[Cloudinary rename] Failed:", error);
+          const versionStr = version ? `/${version}/` : "/";
+          return `https://res.cloudinary.com/${config.cloudName}/image/upload${versionStr}${newPublicId}.${newKey.split(".").pop()}`;
+        }
+      } catch (e) {
+        console.warn("[Cloudinary rename] Error:", e.message);
+        const versionStr = version ? `/${version}/` : "/";
+        return `https://res.cloudinary.com/${config.cloudName}/image/upload${versionStr}${newPublicId}.${newKey.split(".").pop()}`;
+      }
+    },
+    getImageUrl(url, transforms) {
+      if (!transforms) return url;
+      const parts = url.split("/upload/");
+      if (parts.length !== 2) return url;
+      const transformationArr = [];
+      if (transforms.width) transformationArr.push(`w_${transforms.width}`);
+      if (transforms.height) transformationArr.push(`h_${transforms.height}`);
+      if (transforms.fit) {
+        const fitMap = {
+          crop: "c_fill",
+          clip: "c_fit",
+          scale: "c_scale",
+          fill: "c_fill"
+        };
+        transformationArr.push(fitMap[transforms.fit] || "c_limit");
+      }
+      if (transforms.quality) transformationArr.push(`q_${transforms.quality}`);
+      if (transforms.format) transformationArr.push(`f_${transforms.format}`);
+      const transformationStr = transformationArr.join(",");
+      return `${parts[0]}/upload/${transformationStr}/${parts[1]}`;
+    },
+    async generateThumbnail(file) {
+      return this.getImageUrl(file.url, {
+        width: 200,
+        height: 200,
+        fit: "crop"
+      });
+    },
+    async list() {
+      return [];
+    },
+    async exists(url) {
+      const response = await fetch(url, { method: "HEAD" });
+      return response.ok;
+    }
+  };
+}
+
+// src/storage/imgix.ts
+function createImgixStorage(config) {
+  const signUrl = (path2, params) => {
+    if (!config.signKey) return path2;
+    const signer = new TextEncoder();
+    const key = signer.encode(config.signKey);
+    const data = signer.encode(path2 + params.toString());
+    let hash = 0;
+    const combined = new Uint8Array(key.length + data.length);
+    combined.set(key);
+    combined.set(data, key.length);
+    for (let i = 0; i < combined.length; i++) {
+      hash = (hash << 5) - hash + combined[i] | 0;
+    }
+    params.set("s", Math.abs(hash).toString(16));
+    return path2;
+  };
+  return {
+    name: "imgix",
+    displayName: "Imgix",
+    supportsDynamicResize: true,
+    async upload(_file, _options) {
+      throw new Error(
+        "Imgix is a transformation service. Use another provider for uploads."
+      );
+    },
+    async uploadFromUrl(url, options) {
+      const filename = options?.filename || url.split("/").pop() || "file";
+      const response = await fetch(url);
+      if (!response.ok) {
+        throw new Error(`Failed to fetch: ${response.statusText}`);
+      }
+      const blob = await response.blob();
+      new File([blob], filename, { type: blob.type });
+      return {
+        id: Buffer.from(url).toString("base64").slice(0, 20),
+        filename,
+        originalName: filename,
+        mimeType: blob.type,
+        size: blob.size,
+        url: this.getImageUrl(url),
+        thumbnailUrl: this.getImageUrl(url, {
+          width: 200,
+          height: 200,
+          fit: "crop"
+        }),
+        provider: "imgix",
+        createdAt: (/* @__PURE__ */ new Date()).toISOString()
+      };
+    },
+    async delete(_url) {
+    },
+    async rename(_oldUrl, newKey) {
+      return `https://${config.domain}/${newKey}`;
+    },
+    getImageUrl(url, transforms) {
+      const parsed = new URL(url);
+      const params = new URLSearchParams(parsed.search);
+      if (config.defaultParameters) {
+        Object.entries(config.defaultParameters).forEach(([key, value]) => {
+          if (!params.has(key)) {
+            params.set(key, value);
+          }
+        });
+      }
+      if (transforms) {
+        if (transforms.width) params.set("w", String(transforms.width));
+        if (transforms.height) params.set("h", String(transforms.height));
+        if (transforms.quality) params.set("q", String(transforms.quality));
+        if (transforms.format) params.set("fm", transforms.format);
+        if (transforms.fit) params.set("fit", transforms.fit);
+        if (transforms.blur) params.set("blur", String(transforms.blur));
+        if (transforms.sharpen) params.set("sharp", String(transforms.sharpen));
+      }
+      params.set("auto", "compress,format");
+      parsed.pathname + "?" + params.toString();
+      if (config.signKey) {
+        signUrl(parsed.pathname + params.toString(), params);
+      }
+      return `https://${config.domain}${parsed.pathname}${params.toString() ? "?" + params.toString() : ""}`;
+    },
+    async generateThumbnail(file) {
+      return this.getImageUrl(file.url, {
+        width: 200,
+        height: 200,
+        fit: "crop"
+      });
+    },
+    async list() {
+      return [];
+    },
+    async exists(url) {
+      try {
+        const response = await fetch(url, { method: "HEAD" });
+        return response.ok;
+      } catch {
+        return false;
+      }
+    }
+  };
+}
+function createFtpStorage(config) {
+  let client = null;
+  async function getClient() {
+    if (!client) {
+      client = new Client(6e4, { allowSeparateTransferHost: true });
+      client.ftp.verbose = false;
+      await client.access({
+        host: config.host,
+        port: config.port || 21,
+        user: config.user,
+        password: config.password,
+        secure: config.secure,
+        secureOptions: {}
+      });
+    }
+    return client;
+  }
+  const getKey = (path2) => {
+    const prefix = config.prefix ? `${config.prefix}/` : "";
+    return `${prefix}${path2}`.replace(/\/+/g, "/");
+  };
+  const getUrl = (key) => {
+    const base = config.baseUrl.replace(/\/$/, "");
+    return `${base}/${key}`;
+  };
+  const getUrlPrefix2 = () => {
+    const base = config.baseUrl.replace(/\/$/, "");
+    return base + "/";
+  };
+  return {
+    name: config.type,
+    displayName: config.type === "sftp" ? "SFTP Storage" : "FTP Storage",
+    supportsDynamicResize: false,
+    async upload(file, options) {
+      const ftp = await getClient();
+      const key = getKey(
+        `${options?.folder ? `${options.folder}/` : ""}${options?.filename || file.name}`
+      );
+      const buffer = Buffer.from(await file.arrayBuffer());
+      const parts = key.split("/").slice(0, -1);
+      let currentPath = "";
+      for (const part of parts) {
+        currentPath = currentPath ? `${currentPath}/${part}` : part;
+        try {
+          await ftp.ensureDir(currentPath);
+        } catch {
+        }
+      }
+      const readable = Readable.from(buffer);
+      await ftp.uploadFrom(readable, key);
+      return {
+        id: Buffer.from(key).toString("base64url"),
+        filename: options?.filename || file.name,
+        originalName: file.name,
+        mimeType: file.type,
+        size: buffer.length,
+        url: getUrl(key),
+        thumbnailUrl: file.type.startsWith("image/") ? getUrl(key) : void 0,
+        folder: options?.folder,
+        provider: config.type,
+        metadata: options?.metadata,
+        createdAt: (/* @__PURE__ */ new Date()).toISOString()
+      };
+    },
+    async uploadFromUrl(url) {
+      const response = await fetch(url);
+      if (!response.ok) {
+        throw new Error(`Failed to fetch: ${response.statusText}`);
+      }
+      const blob = await response.blob();
+      const filename = url.split("/").pop() || "file";
+      const file = new File([blob], filename, { type: blob.type });
+      return this.upload(file);
+    },
+    async delete(url) {
+      const ftp = await getClient();
+      const key = url.replace(getUrlPrefix2(), "");
+      await ftp.remove(key);
+    },
+    async rename(oldUrl, newKey) {
+      const ftp = await getClient();
+      const oldKey = oldUrl.replace(getUrlPrefix2(), "");
+      const fullPath = config.prefix ? `${config.prefix}/${newKey}` : newKey;
+      await ftp.rename(oldKey, fullPath);
+      return getUrl(fullPath);
+    },
+    getImageUrl(url, transforms) {
+      if (!transforms || Object.keys(transforms).length === 0) return url;
+      const params = new URLSearchParams({ url });
+      if (transforms.width) params.set("w", String(transforms.width));
+      if (transforms.height) params.set("h", String(transforms.height));
+      if (transforms.quality) params.set("q", String(transforms.quality));
+      if (transforms.format) params.set("f", transforms.format);
+      return `/api/media/resize?${params.toString()}`;
+    },
+    async generateThumbnail(file) {
+      return file.url;
+    },
+    async list(prefix) {
+      const ftp = await getClient();
+      const key = getKey(prefix || "");
+      let items;
+      try {
+        items = await ftp.list(key);
+      } catch {
+        return [];
+      }
+      return items.filter((item) => item.type === 0).map((item) => ({
+        id: Buffer.from(`${key}/${item.name}`).toString("base64url"),
+        filename: item.name,
+        originalName: item.name,
+        mimeType: "application/octet-stream",
+        size: Number(item.size) || 0,
+        url: getUrl(`${key}/${item.name}`.replace(/\/+/g, "/")),
+        provider: config.type,
+        createdAt: item.modifiedAt ? item.modifiedAt.toISOString() : (/* @__PURE__ */ new Date()).toISOString()
+      }));
+    },
+    async exists(url) {
+      const ftp = await getClient();
+      const key = url.replace(getUrlPrefix2(), "");
+      try {
+        await ftp.size(key);
+        return true;
+      } catch {
+        return false;
+      }
+    }
+  };
+}
+
+// src/storage/index.ts
+async function resolveProvider(configService) {
+  const config = configService.getStorageConfig();
+  switch (config.type) {
+    case "aws":
+      return createS3Storage({
+        provider: "aws",
+        bucket: config.s3.bucket || "",
+        region: config.s3.region || "us-east-1",
+        accessKeyId: config.s3.accessKeyId || "",
+        secretAccessKey: config.s3.secretAccessKey || "",
+        endpoint: config.s3.endpoint,
+        cdnUrl: config.s3.cdnUrl,
+        prefix: config.s3.prefix
+      });
+    case "r2":
+      return createS3Storage({
+        provider: "r2",
+        bucket: config.r2.bucket || "",
+        region: "auto",
+        accessKeyId: config.r2.accessKeyId || "",
+        secretAccessKey: config.r2.secretAccessKey || "",
+        accountId: config.r2.accountId || "",
+        publicDevUrl: config.r2.publicDevUrl,
+        endpoint: `https://${config.r2.accountId || ""}.r2.cloudflarestorage.com`,
+        cdnUrl: config.r2.cdnUrl,
+        prefix: config.r2.prefix
+      });
+    case "gcs":
+      return createS3Storage({
+        provider: "gcs",
+        bucket: config.gcs.bucket || "",
+        region: config.gcs.projectId || "auto",
+        accessKeyId: config.gcs.clientEmail || "",
+        secretAccessKey: config.gcs.privateKey || "",
+        cdnUrl: config.gcs.cdnUrl,
+        prefix: config.gcs.prefix
+      });
+    case "digitalocean":
+      return createS3Storage({
+        provider: "digitalocean",
+        bucket: config.digitalocean.bucket || "",
+        region: config.digitalocean.region || "nyc3",
+        accessKeyId: config.digitalocean.accessKeyId || "",
+        secretAccessKey: config.digitalocean.secretAccessKey || "",
+        endpoint: `https://${config.digitalocean.region || "nyc3"}.digitaloceanspaces.com`,
+        cdnUrl: config.digitalocean.cdnUrl,
+        prefix: config.digitalocean.prefix
+      });
+    case "backblaze":
+      return createS3Storage({
+        provider: "backblaze",
+        bucket: config.backblaze.bucket || "",
+        region: "auto",
+        accessKeyId: config.backblaze.applicationKeyId || "",
+        secretAccessKey: config.backblaze.applicationKey || "",
+        accountId: config.backblaze.accountId || "",
+        endpoint: `https://s3.backblazeb2.com`,
+        cdnUrl: config.backblaze.cdnUrl,
+        prefix: config.backblaze.prefix
+      });
+    case "wasabi":
+      return createS3Storage({
+        provider: "wasabi",
+        bucket: config.wasabi.bucket || "",
+        region: config.wasabi.region || "us-east-1",
+        accessKeyId: config.wasabi.accessKeyId || "",
+        secretAccessKey: config.wasabi.secretAccessKey || "",
+        endpoint: `https://s3.${config.wasabi.region || "us-east-1"}.wasabisys.com`,
+        cdnUrl: config.wasabi.cdnUrl,
+        prefix: config.wasabi.prefix
+      });
+    case "ftp":
+    case "sftp":
+      return createFtpStorage({
+        host: config.ftp?.host || "",
+        port: config.ftp?.port || 21,
+        user: config.ftp?.user || "",
+        password: config.ftp?.password || "",
+        secure: config.ftp?.secure || false,
+        baseUrl: config.ftp?.baseUrl || "",
+        prefix: config.ftp?.prefix,
+        type: "ftp"
+      });
+    case "cloudinary":
+      return createCloudinaryStorage({
+        cloudName: config.cloudinary.cloudName || "",
+        apiKey: config.cloudinary.apiKey || "",
+        apiSecret: config.cloudinary.apiSecret || "",
+        folder: config.cloudinary.folder
+      });
+    case "imgix":
+      return createImgixStorage({
+        domain: config.imgix.domain || "",
+        signKey: config.imgix.signKey
+      });
+    case "local":
+    default:
+      return createLocalStorage({
+        uploadDir: config.local.uploadDir || path.join(process.cwd(), "public", "uploads"),
+        baseUrl: config.local.baseUrl || "/uploads"
+      });
+  }
+}
+async function resolveProviderWithConfig(config) {
+  if (!config) {
+    console.warn("[resolveProviderWithConfig] No config, using local");
+    return createLocalStorage({
+      uploadDir: path.join(process.cwd(), "public", "uploads"),
+      baseUrl: "/uploads"
+    });
+  }
+  console.log("[resolveProviderWithConfig] Creating provider:", config.type);
+  switch (config.type) {
+    case "aws":
+      return createS3Storage({
+        provider: "aws",
+        bucket: config.s3?.bucket || "",
+        region: config.s3?.region || "us-east-1",
+        accessKeyId: config.s3?.accessKeyId || "",
+        secretAccessKey: config.s3?.secretAccessKey || "",
+        endpoint: config.s3?.endpoint,
+        cdnUrl: config.s3?.cdnUrl,
+        prefix: config.s3?.prefix
+      });
+    case "r2":
+      return createS3Storage({
+        provider: "r2",
+        bucket: config.r2?.bucket || "",
+        region: "auto",
+        accessKeyId: config.r2?.accessKeyId || "",
+        secretAccessKey: config.r2?.secretAccessKey || "",
+        accountId: config.r2?.accountId || "",
+        publicDevUrl: config.r2?.publicDevUrl,
+        endpoint: `https://${config.r2?.accountId || ""}.r2.cloudflarestorage.com`,
+        cdnUrl: config.r2?.cdnUrl,
+        prefix: config.r2?.prefix
+      });
+    case "gcs":
+      return createS3Storage({
+        provider: "gcs",
+        bucket: config.gcs?.bucket || "",
+        region: config.gcs?.projectId || "auto",
+        accessKeyId: config.gcs?.clientEmail || "",
+        secretAccessKey: config.gcs?.privateKey || "",
+        cdnUrl: config.gcs?.cdnUrl,
+        prefix: config.gcs?.prefix
+      });
+    case "digitalocean":
+      return createS3Storage({
+        provider: "digitalocean",
+        bucket: config.digitalocean?.bucket || "",
+        region: config.digitalocean?.region || "nyc3",
+        accessKeyId: config.digitalocean?.accessKeyId || "",
+        secretAccessKey: config.digitalocean?.secretAccessKey || "",
+        cdnUrl: config.digitalocean?.cdnUrl,
+        prefix: config.digitalocean?.prefix
+      });
+    case "backblaze":
+      return createS3Storage({
+        provider: "backblaze",
+        bucket: config.backblaze?.bucket || "",
+        region: "auto",
+        accessKeyId: config.backblaze?.applicationKeyId || "",
+        secretAccessKey: config.backblaze?.applicationKey || "",
+        cdnUrl: config.backblaze?.cdnUrl,
+        prefix: config.backblaze?.prefix
+      });
+    case "wasabi":
+      return createS3Storage({
+        provider: "wasabi",
+        bucket: config.wasabi?.bucket || "",
+        region: config.wasabi?.region || "us-east-1",
+        accessKeyId: config.wasabi?.accessKeyId || "",
+        secretAccessKey: config.wasabi?.secretAccessKey || "",
+        cdnUrl: config.wasabi?.cdnUrl,
+        prefix: config.wasabi?.prefix
+      });
+    case "cloudinary":
+      return createCloudinaryStorage({
+        cloudName: config.cloudinary?.cloudName || "",
+        apiKey: config.cloudinary?.apiKey || "",
+        apiSecret: config.cloudinary?.apiSecret || "",
+        folder: config.cloudinary?.folder
+      });
+    case "ftp":
+    case "sftp": {
+      const ftpConf = config.ftp || config;
+      return createFtpStorage({
+        type: "ftp",
+        host: ftpConf.host || "",
+        port: ftpConf.port || 21,
+        user: ftpConf.user || "",
+        password: ftpConf.password || "",
+        secure: ftpConf.secure || false,
+        baseUrl: ftpConf.baseUrl || "",
+        prefix: ftpConf.prefix
+      });
+    }
+    case "local":
+    default: {
+      const localConfig = config.local || {
+        uploadDir: config["local.uploadDir"],
+        baseUrl: config["local.baseUrl"]
+      };
+      const savedUploadDir = (localConfig?.uploadDir || "").trim();
+      let uploadDir;
+      if (savedUploadDir) {
+        if (path.isAbsolute(savedUploadDir)) {
+          uploadDir = savedUploadDir;
+        } else if (savedUploadDir.includes("/") || savedUploadDir.includes("\\")) {
+          uploadDir = path.resolve(process.cwd(), savedUploadDir);
+        } else {
+          uploadDir = path.join(process.cwd(), "public", savedUploadDir);
+        }
+      } else {
+        uploadDir = path.join(process.cwd(), "public", "uploads");
+      }
+      const savedBaseUrl = (localConfig?.baseUrl || "").trim();
+      let baseUrl;
+      if (savedBaseUrl) {
+        baseUrl = savedBaseUrl.startsWith("/") ? savedBaseUrl : `/${savedBaseUrl}`;
+      } else {
+        baseUrl = "/uploads";
+      }
+      return createLocalStorage({ uploadDir, baseUrl });
+    }
+  }
+}
+async function processImage(buffer) {
+  const metadata = await sharp(buffer).metadata();
+  const mainImage = sharp(buffer).webp({ quality: 85 });
+  const thumbnail = sharp(buffer).resize({ width: 500, withoutEnlargement: true }).webp({ quality: 80 });
+  return {
+    buffer: await mainImage.toBuffer(),
+    thumbnailBuffer: await thumbnail.toBuffer(),
+    width: metadata.width,
+    height: metadata.height,
+    format: "webp"
+  };
+}
+
+// src/storage/MediaService.ts
+var MediaService = class _MediaService {
+  db;
+  storage;
+  dialect;
+  genId;
+  mediaTable = "media";
+  foldersTable = "media_folders";
+  constructor(db, storage, options) {
+    this.db = db;
+    this.storage = storage;
+    this.dialect = options?.dialect || "sqlite";
+    this.genId = options?.genId || genId;
+  }
+  static async init(db, options) {
+    let storage;
+    if (options?.storageConfig) {
+      console.log(
+        "[MediaService.init] Using provided storageConfig:",
+        options.storageConfig.type
+      );
+      storage = await resolveProviderWithConfig(options.storageConfig);
+    } else {
+      const configService = new ConfigService(db);
+      await configService.load();
+      storage = await resolveProvider(configService);
+    }
+    return new _MediaService(db, storage, options);
+  }
+  now() {
+    return (/* @__PURE__ */ new Date()).toISOString();
+  }
+  buildFindConditions(params) {
+    const conditions = [];
+    const p = [];
+    const sortCol = params.sortBy === "name" ? "title" : params.sortBy || "created_at";
+    const sortDir = params.sortDir === "asc" ? "ASC" : "DESC";
+    if (params.search) {
+      conditions.push(
+        `(title LIKE ? OR filename LIKE ? OR original_name LIKE ? OR alt LIKE ?)`
+      );
+      const s = `%${params.search}%`;
+      p.push(s, s, s, s);
+    }
+    if (params.type && params.type !== "all") {
+      conditions.push(`mime_type LIKE ?`);
+      p.push(`${params.type}/%`);
+    }
+    if (params.folder) {
+      conditions.push(`(folder = ? OR folder LIKE ?)`);
+      p.push(params.folder, `${params.folder}/%`);
+    }
+    const where = conditions.length > 0 ? `WHERE ${conditions.join(" AND ")}` : "";
+    return { where, params: p, orderBy: sortDir, sortCol };
+  }
+  rowToMedia(row) {
+    return {
+      id: row.id,
+      filename: row.filename,
+      title: row.title ?? null,
+      originalName: row.original_name ?? row.originalName,
+      mimeType: row.mime_type ?? row.mimeType,
+      fileSize: row.file_size ?? row.fileSize,
+      width: row.width ?? null,
+      height: row.height ?? null,
+      url: row.url,
+      thumbnailUrl: row.thumbnail_url ?? row.thumbnailUrl ?? null,
+      folder: row.folder ?? null,
+      provider: row.provider,
+      alt: row.alt ?? null,
+      caption: row.caption ?? null,
+      metadata: row.metadata ?? null,
+      createdAt: row.created_at ?? row.createdAt,
+      updatedAt: row.updated_at ?? row.updatedAt
+    };
+  }
+  async sqliteRun(sql, params = []) {
+    const stmt = this.db.prepare(sql);
+    const sqlLower = sql.trim().toLowerCase();
+    if (sqlLower.startsWith("insert") || sqlLower.startsWith("update") || sqlLower.startsWith("delete")) {
+      return stmt.run(...params);
+    }
+    return stmt.all(...params);
+  }
+  sqliteGet(sql, params = []) {
+    const stmt = this.db.prepare(sql);
+    return stmt.get(...params);
+  }
+  async upload(file, folder = "") {
+    const isImage = file.type.startsWith("image/");
+    let processed;
+    let uploadFile = file;
+    let filename = file.name;
+    let width = null;
+    let height = null;
+    if (isImage && !file.type.includes("svg")) {
+      const buffer = Buffer.from(await file.arrayBuffer());
+      processed = await processImage(buffer);
+      const originalName = file.name.replace(/\.[^/.]+$/, "");
+      const safeName = originalName.toLowerCase().replace(/[^a-z0-9]/g, "-").replace(/-+/g, "-").substring(0, 50);
+      filename = `${safeName}.webp`;
+      width = processed.width ?? null;
+      height = processed.height ?? null;
+      uploadFile = new File([processed.buffer], filename, {
+        type: "image/webp"
+      });
+    }
+    const storageResult = await this.storage.upload(uploadFile, {
+      folder,
+      filename
+    });
+    const thumbnailUrl = await this.storage.generateThumbnail(
+      {
+        ...storageResult,
+        id: "",
+        provider: this.storage.name,
+        createdAt: this.now()
+      },
+      { width: 400, height: 400 }
+    );
+    const id = this.genId();
+    const now = this.now();
+    if (this.dialect === "sqlite") {
+      await this.sqliteRun(
+        `INSERT INTO ${this.mediaTable}
+          (id, filename, title, original_name, mime_type, file_size, width, height, url, thumbnail_url, folder, provider, alt, caption, metadata, created_at, updated_at)
+         VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`,
+        [
+          id,
+          storageResult.filename,
+          file.name.replace(/\.[^/.]+$/, ""),
+          file.name,
+          storageResult.mimeType,
+          storageResult.size,
+          width,
+          height,
+          storageResult.url,
+          thumbnailUrl,
+          folder || null,
+          this.storage.name,
+          null,
+          null,
+          null,
+          now,
+          now
+        ]
+      );
+    } else {
+      const { media: mediaSchema } = await (this.dialect === "mysql" ? import('./mysql-media-CDZUS7YX.js') : import('./media-HOT3O7RW.js'));
+      await this.db.insert(mediaSchema).values({
+        id,
+        filename: storageResult.filename,
+        title: file.name.replace(/\.[^/.]+$/, ""),
+        originalName: file.name,
+        mimeType: storageResult.mimeType,
+        fileSize: storageResult.size,
+        width,
+        height,
+        url: storageResult.url,
+        thumbnailUrl,
+        folder: folder || "",
+        provider: this.storage.name,
+        createdAt: /* @__PURE__ */ new Date(),
+        updatedAt: /* @__PURE__ */ new Date()
+      }).returning();
+    }
+    return {
+      id,
+      filename: storageResult.filename,
+      title: file.name.replace(/\.[^/.]+$/, ""),
+      originalName: file.name,
+      mimeType: storageResult.mimeType,
+      fileSize: storageResult.size,
+      width,
+      height,
+      url: storageResult.url,
+      thumbnailUrl,
+      folder: folder || null,
+      provider: this.storage.name,
+      alt: null,
+      caption: null,
+      metadata: null,
+      createdAt: now,
+      updatedAt: now
+    };
+  }
+  async delete(id) {
+    let item = null;
+    if (this.dialect === "sqlite") {
+      item = this.sqliteGet(`SELECT * FROM ${this.mediaTable} WHERE id = ?`, [
+        id
+      ]);
+    } else {
+      const { media: mediaSchema } = await (this.dialect === "mysql" ? import('./mysql-media-CDZUS7YX.js') : import('./media-HOT3O7RW.js'));
+      const [row] = await this.db.select().from(mediaSchema).where(mediaSchema.id.equals(id));
+      if (row) item = this.rowToMedia(row);
+    }
+    if (!item) return;
+    await this.deleteFile(item.url);
+    if (item.thumbnailUrl && item.thumbnailUrl !== item.url && item.thumbnailUrl !== item.url + "?thumb") {
+      try {
+        await this.deleteFile(item.thumbnailUrl);
+      } catch {
+      }
+    }
+    if (this.dialect === "sqlite") {
+      await this.sqliteRun(`DELETE FROM ${this.mediaTable} WHERE id = ?`, [id]);
+    } else {
+      const { media: mediaSchema } = await (this.dialect === "mysql" ? import('./mysql-media-CDZUS7YX.js') : import('./media-HOT3O7RW.js'));
+      await this.db.delete(mediaSchema).where(mediaSchema.id.equals(id));
+    }
+  }
+  async deleteFile(url) {
+    await this.storage.delete(url);
+  }
+  async rename(id, newKey) {
+    let item = null;
+    if (this.dialect === "sqlite") {
+      item = this.sqliteGet(`SELECT * FROM ${this.mediaTable} WHERE id = ?`, [
+        id
+      ]);
+    } else {
+      const { media: mediaSchema } = await (this.dialect === "mysql" ? import('./mysql-media-CDZUS7YX.js') : import('./media-HOT3O7RW.js'));
+      const [row] = await this.db.select().from(mediaSchema).where(mediaSchema.id.equals(id));
+      if (row) item = this.rowToMedia(row);
+    }
+    if (!item) return null;
+    const newUrl = await this.storage.rename(item.url, newKey);
+    let newThumbnailUrl;
+    if (item.thumbnailUrl || this.storage.name === "cloudinary") {
+      const versionMatch = newUrl.match(/\/upload\/(v\d+)\//);
+      const version = versionMatch ? versionMatch[1] + "/" : "";
+      const baseUrlMatch = newUrl.match(/(.+?)\/upload\//);
+      const baseUrl = baseUrlMatch ? baseUrlMatch[1] : "https://res.cloudinary.com/" + this.storage.config?.cloudName || "unknown";
+      newThumbnailUrl = `${baseUrl}/upload/w_200,h_200,c_fill/${version}${newKey}`;
+    }
+    const ext = item.filename.split(".").pop();
+    const newFilename = newKey.includes(".") ? newKey : `${newKey}.${ext}`;
+    const updateData = {
+      url: newUrl,
+      filename: newFilename,
+      thumbnailUrl: newThumbnailUrl
+    };
+    if (this.dialect === "sqlite") {
+      const sqliteUpdateData = { ...updateData };
+      if ("thumbnailUrl" in sqliteUpdateData) {
+        sqliteUpdateData.thumbnail_url = sqliteUpdateData.thumbnailUrl;
+        delete sqliteUpdateData.thumbnailUrl;
+      }
+      const sets = Object.keys(sqliteUpdateData).map((k) => `${k} = ?`).join(", ");
+      const vals = Object.values(sqliteUpdateData);
+      await this.sqliteRun(
+        `UPDATE ${this.mediaTable} SET ${sets}, updated_at = ? WHERE id = ?`,
+        [...vals, this.now(), id]
+      );
+    } else {
+      const { media: mediaSchema } = await (this.dialect === "mysql" ? import('./mysql-media-CDZUS7YX.js') : import('./media-HOT3O7RW.js'));
+      await this.db.update(mediaSchema).set({ ...updateData, updatedAt: this.now() }).where(mediaSchema.id.equals(id));
+    }
+    return {
+      ...item,
+      ...updateData,
+      updatedAt: this.now(),
+      thumbnailUrl: updateData.thumbnailUrl ?? null
+    };
+  }
+  async find(params = {}) {
+    const {
+      page = 1,
+      limit = 30,
+      search = "",
+      type = "",
+      folder = "",
+      sortBy = "createdAt",
+      sortDir = "desc"
+    } = params;
+    const {
+      where,
+      params: p,
+      orderBy,
+      sortCol
+    } = this.buildFindConditions({
+      page,
+      limit,
+      search,
+      type,
+      folder,
+      sortBy,
+      sortDir
+    });
+    const offset = (page - 1) * limit;
+    if (this.dialect === "sqlite") {
+      const countRow = this.sqliteGet(
+        `SELECT COUNT(*) as cnt FROM ${this.mediaTable} ${where}`,
+        p
+      );
+      const totalDocs2 = countRow?.cnt ?? 0;
+      const rows = await this.sqliteRun(
+        `SELECT * FROM ${this.mediaTable} ${where} ORDER BY ${sortCol} ${orderBy} LIMIT ? OFFSET ?`,
+        [...p, limit, offset]
+      );
+      return {
+        docs: rows.map((r) => this.rowToMedia(r)),
+        totalDocs: totalDocs2,
+        page,
+        limit,
+        totalPages: Math.ceil(totalDocs2 / limit)
+      };
+    }
+    const { media: mediaSchema } = await (this.dialect === "mysql" ? import('./mysql-media-CDZUS7YX.js') : import('./media-HOT3O7RW.js'));
+    const { like, or, and, asc, desc, eq, sql } = await (this.dialect === "mysql" ? import('drizzle-orm/mysql-core') : import('drizzle-orm/pg-core'));
+    const conditions = [];
+    if (search) {
+      conditions.push(
+        or(
+          like(mediaSchema.title, `%${search}%`),
+          like(mediaSchema.filename, `%${search}%`),
+          like(mediaSchema.originalName, `%${search}%`),
+          like(mediaSchema.alt, `%${search}%`)
+        )
+      );
+    }
+    if (type && type !== "all") {
+      conditions.push(like(mediaSchema.mimeType, `${type}/%`));
+    }
+    if (folder) {
+      conditions.push(
+        or(
+          eq(mediaSchema.folder, folder),
+          like(mediaSchema.folder, `${folder}/%`)
+        )
+      );
+    }
+    const whereClause = conditions.length > 0 ? and(...conditions) : void 0;
+    const order = sortDir === "asc" ? asc(mediaSchema[sortCol]) : desc(mediaSchema[sortCol]);
+    const docs = await this.db.select().from(mediaSchema).where(whereClause).orderBy(order).limit(limit).offset(offset);
+    const [{ count }] = await this.db.select({ count: sql`count(*)` }).from(mediaSchema).where(whereClause);
+    const totalDocs = Number(count);
+    return {
+      docs: docs.map((r) => this.rowToMedia(r)),
+      totalDocs,
+      page,
+      limit,
+      totalPages: Math.ceil(totalDocs / limit)
+    };
+  }
+  async update(id, data) {
+    const now = this.now();
+    if (this.dialect === "sqlite") {
+      const sets = ["updated_at = ?"];
+      const p = [now];
+      if (data.title !== void 0) {
+        sets.push("title = ?");
+        p.push(data.title);
+      }
+      if (data.alt !== void 0) {
+        sets.push("alt = ?");
+        p.push(data.alt);
+      }
+      if (data.caption !== void 0) {
+        sets.push("caption = ?");
+        p.push(data.caption);
+      }
+      if (data.folder !== void 0) {
+        sets.push("folder = ?");
+        p.push(data.folder || null);
+      }
+      p.push(id);
+      await this.sqliteRun(
+        `UPDATE ${this.mediaTable} SET ${sets.join(", ")} WHERE id = ?`,
+        p
+      );
+      const row = this.sqliteGet(
+        `SELECT * FROM ${this.mediaTable} WHERE id = ?`,
+        [id]
+      );
+      return row ? this.rowToMedia(row) : null;
+    }
+    const { media: mediaSchema } = await (this.dialect === "mysql" ? import('./mysql-media-CDZUS7YX.js') : import('./media-HOT3O7RW.js'));
+    const [updated] = await this.db.update(mediaSchema).set({ ...data, updatedAt: /* @__PURE__ */ new Date() }).where(mediaSchema.id.equals(id)).returning();
+    return updated ? this.rowToMedia(updated) : null;
+  }
+  async updateMany(ids, data) {
+    const now = this.now();
+    if (this.dialect === "sqlite") {
+      for (const id of ids) {
+        const sets = ["updated_at = ?"];
+        const p = [now];
+        if (data.folder !== void 0) {
+          sets.push("folder = ?");
+          p.push(data.folder || null);
+        }
+        p.push(id);
+        await this.sqliteRun(
+          `UPDATE ${this.mediaTable} SET ${sets.join(", ")} WHERE id = ?`,
+          p
+        );
+      }
+    } else {
+      const { media: mediaSchema } = await (this.dialect === "mysql" ? import('./mysql-media-CDZUS7YX.js') : import('./media-HOT3O7RW.js'));
+      for (const id of ids) {
+        await this.db.update(mediaSchema).set({ ...data, updatedAt: /* @__PURE__ */ new Date() }).where(mediaSchema.id.equals(id));
+      }
+    }
+  }
+  async listFolders() {
+    if (this.dialect === "sqlite") {
+      const rows = await this.sqliteRun(
+        `SELECT path FROM ${this.foldersTable} UNION
+         SELECT folder as path FROM ${this.mediaTable} WHERE folder IS NOT NULL AND folder != ''`
+      );
+      return rows.map((r) => r.path).filter((f) => f && f !== "").sort();
+    }
+    const { media: mediaSchema, mediaFolders: folderSchema } = await (this.dialect === "mysql" ? import('./mysql-media-CDZUS7YX.js') : import('./media-HOT3O7RW.js'));
+    const { eq, sql } = await (this.dialect === "mysql" ? import('drizzle-orm/mysql-core') : import('drizzle-orm/pg-core'));
+    const fromMedia = await this.db.select({ folder: mediaSchema.folder }).from(mediaSchema).groupBy(mediaSchema.folder);
+    const fromFolders = await this.db.select({ path: folderSchema.path }).from(folderSchema);
+    const allPaths = /* @__PURE__ */ new Set([
+      ...fromMedia.map((r) => r.folder),
+      ...fromFolders.map((r) => r.path)
+    ]);
+    return Array.from(allPaths).filter((f) => f && f !== "").sort();
+  }
+  async createFolder(name, parentPath = "") {
+    const fullPath = parentPath ? `${parentPath}/${name}` : name;
+    if (this.storage.name === "local") {
+      const { mkdir: mkdir2 } = await import('fs/promises');
+      const { join: join2 } = await import('path');
+      await mkdir2(join2(process.cwd(), "public", "uploads", fullPath), {
+        recursive: true
+      });
+    }
+    const now = this.now();
+    if (this.dialect === "sqlite") {
+      await this.sqliteRun(
+        `INSERT OR IGNORE INTO ${this.foldersTable} (path, name, parent_path, created_at) VALUES (?, ?, ?, ?)`,
+        [fullPath, name, parentPath || null, now]
+      );
+    } else {
+      const { mediaFolders: folderSchema } = await (this.dialect === "mysql" ? import('./mysql-media-CDZUS7YX.js') : import('./media-HOT3O7RW.js'));
+      await this.db.insert(folderSchema).values({
+        path: fullPath,
+        name,
+        parentPath: parentPath || null,
+        createdAt: /* @__PURE__ */ new Date()
+      }).onConflictDoNothing();
+    }
+  }
+  async deleteFolder(folder) {
+    const result = await this.find({ folder, limit: 1e4 });
+    for (const item of result.docs) {
+      await this.delete(item.id);
+    }
+    if (this.dialect === "sqlite") {
+      await this.sqliteRun(
+        `DELETE FROM ${this.foldersTable} WHERE path = ? OR path LIKE ?`,
+        [folder, `${folder}/%`]
+      );
+    } else {
+      const { mediaFolders: folderSchema } = await (this.dialect === "mysql" ? import('./mysql-media-CDZUS7YX.js') : import('./media-HOT3O7RW.js'));
+      const { like, or, eq } = await (this.dialect === "mysql" ? import('drizzle-orm/mysql-core') : import('drizzle-orm/pg-core'));
+      await this.db.delete(folderSchema).where(
+        or(
+          eq(folderSchema.path, folder),
+          like(folderSchema.path, `${folder}/%`)
+        )
+      );
+    }
+    if (this.storage.name === "local") {
+      const { rm } = await import('fs/promises');
+      const { join: join2 } = await import('path');
+      try {
+        await rm(join2(process.cwd(), "public", "uploads", folder), {
+          recursive: true,
+          force: true
+        });
+      } catch {
+      }
+    }
+  }
+};
 
 // src/registry/config.ts
 function normalizeCollections(collections) {
@@ -4066,6 +6720,6 @@ function defineConfig(config) {
   };
 }
 
-export { ALL_FIELD_TYPES, AccountLockout, AnalyticsPlugin, AuditLogger, Auth, COMPLEX_FIELD_TYPES, CSSGenerator, CommentsPlugin, ConfigValidationError, InMemoryAccountLockout, InMemoryAuditLogger, InMemoryAuthAdapter, InMemoryRateLimiter, Kyro, KyroPlugin, LAYOUT_FIELD_TYPES, LocalAdapter, PRIMITIVE_FIELD_TYPES, PluginManager, RELATIONAL_FIELD_TYPES, RateLimiter, Registry, ReviewsPlugin, SEOPLugin, VersionManager, WishlistPlugin, authConfig, collectionToCreateZod, collectionToUpdateZod, collectionToWhereZod, collectionToZod, createAdminStyling, createAuditContext, createAuth, createAuthConfig, createKyro, createLocalAdapter, createRegistry, createVersionManager, defaultDarkTheme, defaultFieldStyling, defaultLightTheme, defineConfig, ecommerce2026Theme, fieldToZod, generateCSSVariables, generateTailwindConfig, getDefaultDraftPublishConfig, getRegistry, globalToZod, isArchived, isArrayField, isBlocksField, isDraft, isGroupField, isLayoutField, isNumberField, isPublished, isRelationshipField, isRichTextField, isSelectField, isTextField, isUploadField, presetPlugins, resetRegistry, runFieldHooks, runHooks, validateCollection, validateConfig, validateFields, validateGlobal };
+export { ALL_FIELD_TYPES, AccountLockout, AnalyticsPlugin, AuditLogger, Auth, COMPLEX_FIELD_TYPES, CommentsPlugin, ConfigValidationError, InMemoryAccountLockout, InMemoryAuditLogger, InMemoryAuthAdapter, Kyro, KyroPlugin, LAYOUT_FIELD_TYPES, LocalAdapter, MediaService, PRIMITIVE_FIELD_TYPES, PluginManager, RELATIONAL_FIELD_TYPES, RateLimiter, Registry, ReviewsPlugin, SEOPLugin, VersionManager, WishlistPlugin, authConfig, collectionToCreateZod, collectionToUpdateZod, collectionToWhereZod, collectionToZod, createAuditContext2 as createAuditContext, createAuth, createAuthConfig, createColumnsNode, createKyro, createLocalAdapter, createLocalStorage, createRegistry, createVersionManager, defineConfig, fieldToZod, getDefaultDraftPublishConfig, getRegistry, globalToZod, isArchived, isArrayField, isBlocksField, isDraft, isGroupField, isImageField, isLayoutField, isNumberField, isPublished, isRelationshipField, isRichTextField, isSelectField, isTextField, isUploadField, normalizeRichTextDocument, normalizeRichTextValue, presetPlugins, renderRichText, resetRegistry, resolveProvider, richTextStyles, runFieldHooks, runHooks, validateCollection, validateConfig, validateFields, validateGlobal };
 //# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map