@muhgholy/next-drive 3.5.0 → 3.7.0

package/dist/chunk-7PTOIRBL.cjs

@@ -0,0 +1,1804 @@
+'use strict';
+
+var chunkJEQ2X3Z6_cjs = require('./chunk-JEQ2X3Z6.cjs');
+var formidable = require('formidable');
+var path3 = require('path');
+var fs4 = require('fs');
+var os2 = require('os');
+var mongoose2 = require('mongoose');
+var crypto3 = require('crypto');
+var sharp = require('sharp');
+var zod = require('zod');
+var ffmpeg = require('fluent-ffmpeg');
+var googleapis = require('googleapis');
+
+function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
+
+var formidable__default = /*#__PURE__*/_interopDefault(formidable);
+var path3__default = /*#__PURE__*/_interopDefault(path3);
+var fs4__default = /*#__PURE__*/_interopDefault(fs4);
+var os2__default = /*#__PURE__*/_interopDefault(os2);
+var mongoose2__default = /*#__PURE__*/_interopDefault(mongoose2);
+var crypto3__default = /*#__PURE__*/_interopDefault(crypto3);
+var sharp__default = /*#__PURE__*/_interopDefault(sharp);
+var ffmpeg__default = /*#__PURE__*/_interopDefault(ffmpeg);
+
+var globalConfig = null;
+var driveConfiguration = (config) => {
+  if (mongoose2__default.default.connection.readyState !== 1) {
+    throw new Error("Database not connected. Please connect to Mongoose before initializing next-drive.");
+  }
+  const mergedConfig = {
+    ...config,
+    security: {
+      maxUploadSizeInBytes: config.security?.maxUploadSizeInBytes ?? 10 * 1024 * 1024,
+      // Default to 10MB
+      allowedMimeTypes: config.security?.allowedMimeTypes ?? ["*/*"],
+      signedUrls: config.security?.signedUrls,
+      trash: config.security?.trash
+    },
+    information: config.information ?? (async (req) => {
+      return {
+        key: { id: "default-user" },
+        storage: { quotaInBytes: 10 * 1024 * 1024 * 1024 }
+        // Default to 10GB
+      };
+    })
+  };
+  globalConfig = mergedConfig;
+  return mergedConfig;
+};
+var getDriveConfig = () => {
+  if (!globalConfig) throw new Error("Drive configuration not initialized");
+  return globalConfig;
+};
+var getDriveInformation = async (req) => {
+  const config = getDriveConfig();
+  return config.information(req);
+};
+var informationSchema = new mongoose2.Schema({
+  type: { type: String, enum: ["FILE", "FOLDER"], required: true },
+  sizeInBytes: { type: Number, default: 0 },
+  mime: { type: String },
+  path: { type: String },
+  width: { type: Number },
+  height: { type: Number },
+  duration: { type: Number },
+  hash: { type: String }
+}, { _id: false });
+var providerSchema = new mongoose2.Schema({
+  type: { type: String, enum: ["LOCAL", "GOOGLE"], required: true, default: "LOCAL" },
+  google: { type: mongoose2.Schema.Types.Mixed }
+}, { _id: false });
+var DriveSchema = new mongoose2.Schema(
+  {
+    owner: { type: mongoose2.Schema.Types.Mixed, default: null },
+    storageAccountId: { type: mongoose2.Schema.Types.ObjectId, ref: "StorageAccount", default: null },
+    name: { type: String, required: true },
+    parentId: { type: mongoose2.Schema.Types.ObjectId, ref: "Drive", default: null },
+    order: { type: Number, default: 0 },
+    provider: { type: providerSchema, default: () => ({ type: "LOCAL" }) },
+    metadata: { type: mongoose2.Schema.Types.Mixed, default: {} },
+    information: { type: informationSchema, required: true },
+    status: { type: String, enum: ["READY", "PROCESSING", "UPLOADING", "FAILED"], default: "PROCESSING" },
+    trashedAt: { type: Date, default: null },
+    createdAt: { type: Date, default: Date.now }
+  },
+  { minimize: false }
+);
+DriveSchema.index({ owner: 1, "information.type": 1 });
+DriveSchema.index({ owner: 1, "provider.type": 1, "provider.google.id": 1 });
+DriveSchema.index({ owner: 1, storageAccountId: 1 });
+DriveSchema.index({ owner: 1, trashedAt: 1 });
+DriveSchema.index({ owner: 1, "information.hash": 1 });
+DriveSchema.index({ owner: 1, name: "text" });
+DriveSchema.index({ owner: 1, "provider.type": 1 });
+DriveSchema.method("toClient", async function() {
+  const data = this.toJSON();
+  return {
+    id: String(data._id),
+    name: data.name,
+    parentId: data.parentId ? String(data.parentId) : null,
+    order: data.order,
+    provider: data.provider,
+    metadata: data.metadata,
+    information: data.information,
+    status: data.status,
+    trashedAt: data.trashedAt,
+    createdAt: data.createdAt
+  };
+});
+var Drive = mongoose2__default.default.models.Drive || mongoose2__default.default.model("Drive", DriveSchema);
+var drive_default = Drive;
+var StorageAccountSchema = new mongoose2.Schema(
+  {
+    owner: { type: mongoose2.Schema.Types.Mixed, default: null },
+    name: { type: String, required: true },
+    metadata: {
+      provider: { type: String, enum: ["GOOGLE"], required: true },
+      google: {
+        email: { type: String, required: true },
+        credentials: { type: mongoose2.Schema.Types.Mixed, required: true }
+      }
+    },
+    createdAt: { type: Date, default: Date.now }
+  },
+  { minimize: false }
+);
+StorageAccountSchema.index({ owner: 1, "metadata.provider": 1 });
+StorageAccountSchema.index({ owner: 1, "metadata.google.email": 1 });
+StorageAccountSchema.method("toClient", async function() {
+  const data = this.toJSON();
+  return {
+    id: String(data._id),
+    owner: data.owner,
+    name: data.name,
+    metadata: data.metadata,
+    createdAt: data.createdAt
+  };
+});
+var StorageAccount = mongoose2__default.default.models.StorageAccount || mongoose2__default.default.model("StorageAccount", StorageAccountSchema);
+var account_default = StorageAccount;
+var validateMimeType = (mime, allowedTypes) => {
+  if (allowedTypes.includes("*/*")) return true;
+  return allowedTypes.some((pattern) => {
+    if (pattern === mime) return true;
+    if (pattern.endsWith("/*")) {
+      const prefix = pattern.slice(0, -2);
+      return mime.startsWith(`${prefix}/`);
+    }
+    return false;
+  });
+};
+var computeFileHash = (filePath) => new Promise((resolve, reject) => {
+  const hash = crypto3__default.default.createHash("sha256");
+  const stream = fs4__default.default.createReadStream(filePath);
+  stream.on("data", (data) => hash.update(data));
+  stream.on("end", () => resolve(hash.digest("hex")));
+  stream.on("error", reject);
+});
+var extractImageMetadata = async (filePath) => {
+  try {
+    const { width = 0, height = 0, exif } = await sharp__default.default(filePath).metadata();
+    return { width, height, ...exif && { exif: { raw: exif.toString("base64") } } };
+  } catch {
+    return null;
+  }
+};
+var objectIdSchema = zod.z.string().refine((val) => mongoose2.isValidObjectId(val), {
+  message: "Invalid ObjectId format"
+});
+var sanitizeFilename = (name) => {
+  return name.replace(/[<>:"|?*\x00-\x1F]/g, "").replace(/^\.+/, "").replace(/\.+$/, "").replace(/\\/g, "/").replace(/\/+/g, "/").replace(/\.\.\//g, "").replace(/\.\.+/g, "").split("/").pop() || "".trim().slice(0, 255);
+};
+var sanitizeRegexInput = (input) => {
+  return input.replace(/[.*+?^${}()|[\]\\]/g, "\\$&").slice(0, 100);
+};
+var nameSchema = zod.z.string().min(1, "Name is required").max(255, "Name too long").transform(sanitizeFilename).refine((val) => val.length > 0, { message: "Invalid name after sanitization" });
+var uploadChunkSchema = zod.z.object({
+  chunkIndex: zod.z.number().int().min(0).max(1e4),
+  totalChunks: zod.z.number().int().min(1).max(1e4),
+  driveId: zod.z.string().optional(),
+  fileName: nameSchema,
+  fileSize: zod.z.number().int().min(0).max(Number.MAX_SAFE_INTEGER),
+  fileType: zod.z.string().min(1).max(255),
+  folderId: zod.z.string().optional()
+}).refine((data) => data.chunkIndex < data.totalChunks, {
+  message: "Chunk index must be less than total chunks"
+});
+var listQuerySchema = zod.z.object({
+  folderId: zod.z.union([zod.z.literal("root"), objectIdSchema, zod.z.undefined()]),
+  limit: zod.z.string().optional().transform((val) => {
+    const num = parseInt(val || "50", 10);
+    return Math.min(Math.max(1, num), 100);
+  }),
+  afterId: objectIdSchema.optional()
+});
+var serveQuerySchema = zod.z.object({
+  id: objectIdSchema,
+  token: zod.z.string().optional(),
+  q: zod.z.enum(["ultralow", "low", "medium", "high", "normal"]).optional(),
+  format: zod.z.enum(["webp", "jpeg", "png"]).optional()
+});
+var thumbnailQuerySchema = zod.z.object({
+  id: objectIdSchema,
+  size: zod.z.enum(["small", "medium", "large"]).optional().default("medium"),
+  token: zod.z.string().optional()
+});
+var renameBodySchema = zod.z.object({
+  id: objectIdSchema,
+  newName: nameSchema
+});
+var deleteQuerySchema = zod.z.object({
+  id: objectIdSchema
+});
+zod.z.object({
+  ids: zod.z.array(objectIdSchema).min(1).max(1e3)
+});
+var createFolderBodySchema = zod.z.object({
+  name: nameSchema,
+  parentId: zod.z.union([zod.z.literal("root"), objectIdSchema, zod.z.string().length(0), zod.z.undefined()]).optional()
+});
+var moveBodySchema = zod.z.object({
+  ids: zod.z.array(objectIdSchema).min(1).max(1e3),
+  targetFolderId: zod.z.union([zod.z.literal("root"), objectIdSchema, zod.z.undefined()]).optional()
+});
+zod.z.object({
+  ids: zod.z.array(objectIdSchema).min(1).max(1e3)
+});
+var searchQuerySchema = zod.z.object({
+  q: zod.z.string().min(1).max(100).transform(sanitizeRegexInput),
+  folderId: zod.z.union([zod.z.literal("root"), objectIdSchema, zod.z.undefined()]).optional(),
+  limit: zod.z.string().optional().transform((val) => {
+    const num = parseInt(val || "50", 10);
+    return Math.min(Math.max(1, num), 100);
+  }),
+  trashed: zod.z.string().optional().transform((val) => val === "true")
+});
+zod.z.object({
+  id: objectIdSchema
+});
+var cancelQuerySchema = zod.z.object({
+  id: zod.z.string().uuid()
+});
+zod.z.object({
+  days: zod.z.number().int().min(1).max(365).optional()
+});
+var driveFileSchemaZod = zod.z.object({
+  id: zod.z.string(),
+  file: zod.z.object({
+    name: zod.z.string(),
+    mime: zod.z.string(),
+    size: zod.z.number()
+  })
+});
+
+// src/server/security/cryptoUtils.ts
+function sanitizeContentDispositionFilename(filename) {
+  const basename = filename.replace(/^.*[\\\/]/, "");
+  return basename.replace(/["\r\n]/g, "").replace(/[^\x20-\x7E]/g, "").slice(0, 255);
+}
+var LocalStorageProvider = {
+  name: "LOCAL",
+  sync: async (folderId, owner, accountId) => {
+  },
+  search: async (query, owner, accountId) => {
+  },
+  getQuota: async (owner, accountId, configuredQuotaInBytes) => {
+    const result = await drive_default.aggregate([
+      {
+        $match: {
+          owner,
+          "information.type": "FILE",
+          trashedAt: null,
+          "provider.type": "LOCAL",
+          storageAccountId: accountId || null
+        }
+      },
+      { $group: { _id: null, total: { $sum: "$information.sizeInBytes" } } }
+    ]);
+    const usedInBytes = result[0]?.total || 0;
+    return { usedInBytes, quotaInBytes: configuredQuotaInBytes ?? 0 };
+  },
+  openStream: async (item, accountId) => {
+    if (item.information.type !== "FILE") throw new Error("Cannot stream folder");
+    const filePath = path3__default.default.join(getDriveConfig().storage.path, item.information.path);
+    if (!fs4__default.default.existsSync(filePath)) {
+      throw new Error("File not found on disk");
+    }
+    const stat = fs4__default.default.statSync(filePath);
+    const stream = fs4__default.default.createReadStream(filePath);
+    return {
+      stream,
+      mime: item.information.mime,
+      size: stat.size
+    };
+  },
+  getThumbnail: async (item, accountId) => {
+    if (item.information.type !== "FILE") throw new Error("No thumbnail for folder");
+    const storagePath = getDriveConfig().storage.path;
+    const originalPath = path3__default.default.join(storagePath, item.information.path);
+    const thumbPath = path3__default.default.join(storagePath, "cache", "thumbnails", `${item._id.toString()}.webp`);
+    if (!fs4__default.default.existsSync(originalPath)) throw new Error("Original file not found");
+    if (fs4__default.default.existsSync(thumbPath)) {
+      return fs4__default.default.createReadStream(thumbPath);
+    }
+    if (!fs4__default.default.existsSync(path3__default.default.dirname(thumbPath))) fs4__default.default.mkdirSync(path3__default.default.dirname(thumbPath), { recursive: true });
+    if (item.information.mime.startsWith("image/")) {
+      await sharp__default.default(originalPath).resize(300, 300, { fit: "inside" }).toFormat("webp", { quality: 80 }).toFile(thumbPath);
+    } else if (item.information.mime.startsWith("video/")) {
+      await new Promise((resolve, reject) => {
+        ffmpeg__default.default(originalPath).screenshots({
+          count: 1,
+          folder: path3__default.default.dirname(thumbPath),
+          filename: path3__default.default.basename(thumbPath),
+          size: "300x?"
+        }).on("end", resolve).on("error", reject);
+      });
+    } else {
+      throw new Error("Unsupported mime type for thumbnail");
+    }
+    return fs4__default.default.createReadStream(thumbPath);
+  },
+  createFolder: async (name, parentId, owner, accountId) => {
+    const getNextOrderValue2 = async (owner2) => {
+      const lastItem = await drive_default.findOne({ owner: owner2 }, {}, { sort: { order: -1 } });
+      return lastItem ? lastItem.order + 1 : 0;
+    };
+    const folder = new drive_default({
+      owner,
+      name,
+      parentId: parentId === "root" || !parentId ? null : parentId,
+      order: await getNextOrderValue2(owner),
+      provider: { type: "LOCAL" },
+      information: { type: "FOLDER" },
+      status: "READY"
+    });
+    await folder.save();
+    return folder.toClient();
+  },
+  uploadFile: async (drive, filePath, accountId) => {
+    if (drive.information.type !== "FILE") throw new Error("Invalid drive type");
+    const storagePath = getDriveConfig().storage.path;
+    const destPath = path3__default.default.join(storagePath, drive.information.path);
+    const dirPath = path3__default.default.dirname(destPath);
+    if (!fs4__default.default.existsSync(filePath)) {
+      throw new Error("Source file not found");
+    }
+    if (!fs4__default.default.existsSync(dirPath)) {
+      fs4__default.default.mkdirSync(dirPath, { recursive: true });
+    }
+    try {
+      fs4__default.default.renameSync(filePath, destPath);
+    } catch (err) {
+      if (err instanceof Error && "code" in err && err.code === "EXDEV") {
+        fs4__default.default.copyFileSync(filePath, destPath);
+        fs4__default.default.unlinkSync(filePath);
+      } else {
+        throw err;
+      }
+    }
+    if (!fs4__default.default.existsSync(destPath)) {
+      throw new Error("Failed to write file to destination");
+    }
+    const destStats = fs4__default.default.statSync(destPath);
+    if (destStats.size !== drive.information.sizeInBytes) {
+      fs4__default.default.unlinkSync(destPath);
+      throw new Error(`Destination file size mismatch: expected ${drive.information.sizeInBytes}, got ${destStats.size}`);
+    }
+    drive.status = "READY";
+    drive.information.hash = await computeFileHash(destPath);
+    if (drive.information.mime.startsWith("image/")) {
+      const meta = await extractImageMetadata(destPath);
+      if (meta) {
+        drive.information.width = meta.width;
+        drive.information.height = meta.height;
+      }
+    }
+    await drive.save();
+    return drive.toClient();
+  },
+  delete: async (ids, owner, accountId) => {
+    const items = await drive_default.find({ _id: { $in: ids }, owner }).lean();
+    const getAllChildren = async (folderIds2) => {
+      const children = await drive_default.find({ parentId: { $in: folderIds2 }, owner }).lean();
+      if (children.length === 0) return [];
+      const subFolderIds = children.filter((c) => c.information.type === "FOLDER").map((c) => c._id.toString());
+      const subChildren = await getAllChildren(subFolderIds);
+      return [...children, ...subChildren];
+    };
+    const folderIds = items.filter((i) => i.information.type === "FOLDER").map((i) => i._id.toString());
+    const allChildren = await getAllChildren(folderIds);
+    const allItemsToDelete = [...items, ...allChildren];
+    for (const item of allItemsToDelete) {
+      if (item.information.type === "FILE" && item.information.path) {
+        const fullPath = path3__default.default.join(getDriveConfig().storage.path, item.information.path);
+        const dirPath = path3__default.default.dirname(fullPath);
+        if (fs4__default.default.existsSync(dirPath)) {
+          fs4__default.default.rmSync(dirPath, { recursive: true, force: true });
+        }
+      }
+    }
+    await drive_default.deleteMany({ _id: { $in: allItemsToDelete.map((i) => i._id) } });
+  },
+  trash: async (ids, owner, accountId) => {
+  },
+  syncTrash: async (owner, accountId) => {
+  },
+  untrash: async (ids, owner, accountId) => {
+  },
+  rename: async (id, newName, owner, accountId) => {
+    const item = await drive_default.findOneAndUpdate({ _id: id, owner }, { name: newName }, { new: true });
+    if (!item) throw new Error("Item not found");
+    return item.toClient();
+  },
+  move: async (id, newParentId, owner, accountId) => {
+    const item = await drive_default.findOne({ _id: id, owner });
+    if (!item) throw new Error("Item not found");
+    item.parentId;
+    item.parentId = newParentId === "root" || !newParentId ? null : new mongoose2__default.default.Types.ObjectId(newParentId);
+    await item.save();
+    return item.toClient();
+  },
+  revokeToken: async (owner, accountId) => {
+  }
+};
+var createAuthClient = async (owner, accountId) => {
+  const query = { owner, "metadata.provider": "GOOGLE" };
+  if (accountId) query._id = accountId;
+  const account = await account_default.findOne(query);
+  if (!account) throw new Error("Google Drive account not connected");
+  const config = getDriveConfig();
+  const { clientId, clientSecret, redirectUri } = config.storage?.google || {};
+  if (!clientId || !clientSecret) throw new Error("Google credentials not configured on server");
+  const oAuth2Client = new googleapis.google.auth.OAuth2(clientId, clientSecret, redirectUri);
+  if (account.metadata.provider !== "GOOGLE" || !account.metadata.google) {
+    throw new Error("Invalid Google Account Metadata");
+  }
+  oAuth2Client.setCredentials(account.metadata.google.credentials);
+  oAuth2Client.on("tokens", async (tokens) => {
+    if (tokens.refresh_token) {
+      account.metadata.google.credentials = { ...account.metadata.google.credentials, ...tokens };
+      account.markModified("metadata");
+      await account.save();
+    }
+  });
+  return { client: oAuth2Client, accountId: account._id };
+};
+var GoogleDriveProvider = {
+  name: "GOOGLE",
+  sync: async (folderId, owner, accountId) => {
+    const { client, accountId: foundAccountId } = await createAuthClient(owner, accountId);
+    const drive = googleapis.google.drive({ version: "v3", auth: client });
+    let googleParentId = "root";
+    if (folderId && folderId !== "root") {
+      const folder = await drive_default.findOne({ _id: folderId, owner });
+      if (folder && folder.provider?.google?.id) {
+        googleParentId = folder.provider.google.id;
+      } else {
+        return;
+      }
+    }
+    let nextPageToken = void 0;
+    const allSyncedGoogleIds = /* @__PURE__ */ new Set();
+    do {
+      const res = await drive.files.list({
+        q: `'${googleParentId}' in parents and trashed = false`,
+        fields: "nextPageToken, files(id, name, mimeType, size, webViewLink, iconLink, thumbnailLink, createdTime)",
+        pageSize: 1e3,
+        pageToken: nextPageToken
+      });
+      nextPageToken = res.data.nextPageToken || void 0;
+      const files = res.data.files || [];
+      for (const file of files) {
+        if (!file.id || !file.name || !file.mimeType) continue;
+        allSyncedGoogleIds.add(file.id);
+        const isFolder = file.mimeType === "application/vnd.google-apps.folder";
+        const sizeInBytes = file.size ? parseInt(file.size) : 0;
+        const updateData = {
+          name: file.name,
+          storageAccountId: foundAccountId,
+          parentId: folderId === "root" ? null : folderId,
+          information: {
+            type: isFolder ? "FOLDER" : "FILE",
+            sizeInBytes,
+            mime: file.mimeType,
+            path: ""
+          },
+          provider: {
+            type: "GOOGLE",
+            google: {
+              id: file.id,
+              webViewLink: file.webViewLink,
+              iconLink: file.iconLink,
+              thumbnailLink: file.thumbnailLink
+            }
+          },
+          status: "READY",
+          trashedAt: null
+        };
+        const insertData = file.createdTime ? { createdAt: new Date(file.createdTime) } : {};
+        await drive_default.findOneAndUpdate(
+          {
+            owner,
+            "provider.google.id": file.id,
+            "provider.type": "GOOGLE"
+          },
+          { $set: updateData, $setOnInsert: insertData },
+          { upsert: true, new: true, setDefaultsOnInsert: true }
+        );
+      }
+    } while (nextPageToken);
+    const dbItems = await drive_default.find({
+      owner,
+      storageAccountId: foundAccountId,
+      parentId: folderId === "root" ? null : folderId,
+      "provider.type": "GOOGLE"
+    });
+    for (const item of dbItems) {
+      if (item.provider?.google?.id && !allSyncedGoogleIds.has(item.provider.google.id)) {
+        item.trashedAt = /* @__PURE__ */ new Date();
+        await item.save();
+      }
+    }
+  },
+  syncTrash: async (owner, accountId) => {
+    const { client, accountId: foundAccountId } = await createAuthClient(owner, accountId);
+    const drive = googleapis.google.drive({ version: "v3", auth: client });
+    let nextPageToken = void 0;
+    do {
+      const res = await drive.files.list({
+        q: "trashed = true",
+        fields: "nextPageToken, files(id, name, mimeType, size, webViewLink, iconLink, thumbnailLink, createdTime)",
+        pageSize: 100,
+        // Limit sync for performance
+        pageToken: nextPageToken
+      });
+      nextPageToken = res.data.nextPageToken || void 0;
+      const files = res.data.files || [];
+      for (const file of files) {
+        if (!file.id || !file.name || !file.mimeType) continue;
+        const isFolder = file.mimeType === "application/vnd.google-apps.folder";
+        const sizeInBytes = file.size ? parseInt(file.size) : 0;
+        const insertData = file.createdTime ? { createdAt: new Date(file.createdTime) } : {};
+        await drive_default.findOneAndUpdate(
+          { owner, "provider.google.id": file.id, "provider.type": "GOOGLE" },
+          {
+            $set: {
+              name: file.name,
+              storageAccountId: foundAccountId,
+              information: {
+                type: isFolder ? "FOLDER" : "FILE",
+                sizeInBytes,
+                mime: file.mimeType,
+                path: ""
+              },
+              provider: {
+                type: "GOOGLE",
+                google: {
+                  id: file.id,
+                  webViewLink: file.webViewLink,
+                  iconLink: file.iconLink,
+                  thumbnailLink: file.thumbnailLink
+                }
+              },
+              trashedAt: /* @__PURE__ */ new Date()
+            },
+            $setOnInsert: insertData
+          },
+          { upsert: true, setDefaultsOnInsert: true }
+        );
+      }
+    } while (nextPageToken);
+  },
+  search: async (query, owner, accountId) => {
+    const { client, accountId: foundAccountId } = await createAuthClient(owner, accountId);
+    const drive = googleapis.google.drive({ version: "v3", auth: client });
+    const res = await drive.files.list({
+      q: `name contains '${query}' and trashed = false`,
+      fields: "files(id, name, mimeType, size, parents, webViewLink, iconLink, thumbnailLink, createdTime)",
+      pageSize: 50
+    });
+    const files = res.data.files || [];
+    for (const file of files) {
+      if (!file.id || !file.name) continue;
+      const isFolder = file.mimeType === "application/vnd.google-apps.folder";
+      if (!isFolder && file.mimeType?.startsWith("application/vnd.google-apps.")) continue;
+      const sizeInBytes = file.size ? parseInt(file.size) : 0;
+      const insertData = file.createdTime ? { createdAt: new Date(file.createdTime) } : {};
+      await drive_default.findOneAndUpdate(
+        { owner, "provider.google.id": file.id, "metadata.type": "GOOGLE" },
+        {
+          $set: {
+            name: file.name,
+            storageAccountId: foundAccountId,
+            information: {
+              type: isFolder ? "FOLDER" : "FILE",
+              sizeInBytes,
+              mime: file.mimeType,
+              path: ""
+            },
+            metadata: {
+              type: "GOOGLE"
+            },
+            provider: {
+              google: {
+                id: file.id,
+                webViewLink: file.webViewLink,
+                iconLink: file.iconLink,
+                thumbnailLink: file.thumbnailLink
+              }
+            }
+            // Don't overwrite parentId if it exists.
+            // New items will default to null (Root) via schema default
+          },
+          $setOnInsert: insertData
+        },
+        { upsert: true, setDefaultsOnInsert: true }
+      );
+    }
+  },
+  getQuota: async (owner, accountId, _configuredQuotaInBytes) => {
+    try {
+      const { client } = await createAuthClient(owner, accountId);
+      const drive = googleapis.google.drive({ version: "v3", auth: client });
+      const res = await drive.about.get({ fields: "storageQuota" });
+      return {
+        usedInBytes: parseInt(res.data.storageQuota?.usage || "0"),
+        quotaInBytes: parseInt(res.data.storageQuota?.limit || "0")
+      };
+    } catch {
+      return { usedInBytes: 0, quotaInBytes: 0 };
+    }
+  },
+  openStream: async (item, accountId) => {
+    const { client } = await createAuthClient(item.owner, accountId || item.storageAccountId?.toString());
+    const drive = googleapis.google.drive({ version: "v3", auth: client });
+    if (!item.provider?.google?.id) throw new Error("Missing Google File ID");
+    if (item.information.type === "FOLDER") throw new Error("Cannot stream folder");
+    const res = await drive.files.get({ fileId: item.provider.google.id, alt: "media" }, { responseType: "stream" });
+    return {
+      stream: res.data,
+      mime: item.information.mime,
+      size: item.information.sizeInBytes
+    };
+  },
+  getThumbnail: async (item, accountId) => {
+    const { client } = await createAuthClient(item.owner, accountId || item.storageAccountId?.toString());
+    if (!item.provider?.google?.thumbnailLink) throw new Error("No thumbnail available");
+    const res = await client.request({ url: item.provider.google.thumbnailLink, responseType: "stream" });
+    return res.data;
+  },
+  createFolder: async (name, parentId, owner, accountId) => {
+    const { client, accountId: foundAccountId } = await createAuthClient(owner, accountId);
+    const drive = googleapis.google.drive({ version: "v3", auth: client });
+    let googleParentId = "root";
+    if (parentId && parentId !== "root") {
+      const parent = await drive_default.findOne({ _id: parentId, owner });
+      if (parent?.provider?.google?.id) googleParentId = parent.provider.google.id;
+    }
+    const res = await drive.files.create({
+      requestBody: {
+        name,
+        mimeType: "application/vnd.google-apps.folder",
+        parents: [googleParentId]
+      },
+      fields: "id, name, mimeType, webViewLink, iconLink"
+    });
+    const file = res.data;
+    if (!file.id) throw new Error("Failed to create folder on Google Drive");
+    const folder = new drive_default({
+      owner,
+      name: file.name,
+      parentId: parentId === "root" || !parentId ? null : parentId,
+      provider: {
+        type: "GOOGLE",
+        google: {
+          id: file.id,
+          webViewLink: file.webViewLink,
+          iconLink: file.iconLink
+        }
+      },
+      storageAccountId: foundAccountId,
+      information: { type: "FOLDER" },
+      status: "READY"
+    });
+    await folder.save();
+    return folder.toClient();
+  },
+  uploadFile: async (drive, filePath, accountId) => {
+    if (drive.information.type !== "FILE") throw new Error("Invalid drive type");
+    const { client } = await createAuthClient(drive.owner, accountId || drive.storageAccountId?.toString());
+    const googleDrive = googleapis.google.drive({ version: "v3", auth: client });
+    let googleParentId = "root";
+    if (drive.parentId) {
+      const parent = await drive_default.findById(drive.parentId);
+      if (parent?.provider?.google?.id) googleParentId = parent.provider.google.id;
+    }
+    try {
+      const res = await googleDrive.files.create({
+        requestBody: {
+          name: drive.name,
+          parents: [googleParentId],
+          mimeType: drive.information.mime
+        },
+        media: {
+          mimeType: drive.information.mime,
+          body: fs4__default.default.createReadStream(filePath)
+        },
+        fields: "id, name, mimeType, webViewLink, iconLink, thumbnailLink, size"
+      });
+      const gFile = res.data;
+      if (!gFile.id) throw new Error("Upload to Google Drive failed");
+      drive.status = "READY";
+      drive.provider = {
+        type: "GOOGLE",
+        google: {
+          id: gFile.id,
+          webViewLink: gFile.webViewLink || void 0,
+          iconLink: gFile.iconLink || void 0,
+          thumbnailLink: gFile.thumbnailLink || void 0
+        }
+      };
+    } catch (error) {
+      drive.status = "FAILED";
+      console.error("Google Upload Error:", error);
+      throw error;
+    }
+    await drive.save();
+    return drive.toClient();
+  },
+  delete: async (ids, owner, accountId) => {
+    const { client } = await createAuthClient(owner, accountId);
+    const drive = googleapis.google.drive({ version: "v3", auth: client });
+    const items = await drive_default.find({ _id: { $in: ids }, owner });
+    for (const item of items) {
+      if (item.provider?.google?.id) {
+        try {
+          await drive.files.delete({ fileId: item.provider.google.id });
+        } catch (e) {
+          console.error("Failed to delete Google file", e);
+        }
+      }
+    }
+    await drive_default.deleteMany({ _id: { $in: ids } });
+  },
+  trash: async (ids, owner, accountId) => {
+    const { client } = await createAuthClient(owner, accountId);
+    const drive = googleapis.google.drive({ version: "v3", auth: client });
+    const items = await drive_default.find({ _id: { $in: ids }, owner });
+    for (const item of items) {
+      if (item.provider?.google?.id) {
+        try {
+          await drive.files.update({
+            fileId: item.provider.google.id,
+            requestBody: { trashed: true }
+          });
+        } catch (e) {
+          console.error("Failed to trash Google file", e);
+        }
+      }
+    }
+  },
+  untrash: async (ids, owner, accountId) => {
+    const { client } = await createAuthClient(owner, accountId);
+    const drive = googleapis.google.drive({ version: "v3", auth: client });
+    const items = await drive_default.find({ _id: { $in: ids }, owner });
+    for (const item of items) {
+      if (item.provider?.google?.id) {
+        try {
+          await drive.files.update({
+            fileId: item.provider.google.id,
+            requestBody: { trashed: false }
+          });
+        } catch (e) {
+          console.error("Failed to restore Google file", e);
+        }
+      }
+    }
+  },
+  rename: async (id, newName, owner, accountId) => {
+    const { client } = await createAuthClient(owner, accountId);
+    const drive = googleapis.google.drive({ version: "v3", auth: client });
+    const item = await drive_default.findOne({ _id: id, owner });
+    if (!item || !item.provider?.google?.id) throw new Error("Item not found");
+    await drive.files.update({
+      fileId: item.provider.google.id,
+      requestBody: { name: newName }
+    });
+    item.name = newName;
+    await item.save();
+    return item.toClient();
+  },
+  move: async (id, newParentId, owner, accountId) => {
+    const { client, accountId: foundAccountId } = await createAuthClient(owner, accountId);
+    const drive = googleapis.google.drive({ version: "v3", auth: client });
+    const item = await drive_default.findOne({ _id: id, owner });
+    if (!item || !item.provider?.google?.id) throw new Error("Item not found or not synced");
+    let previousGoogleParentId = void 0;
+    if (item.parentId) {
+      const oldParent = await drive_default.findOne({ _id: item.parentId, owner });
+      if (oldParent && oldParent.provider?.google?.id) {
+        previousGoogleParentId = oldParent.provider.google.id;
+      }
+    } else {
+      try {
+        const gFile = await drive.files.get({ fileId: item.provider.google.id, fields: "parents" });
+        if (gFile.data.parents && gFile.data.parents.length > 0) {
+          previousGoogleParentId = gFile.data.parents.join(",");
+        }
+      } catch (e) {
+        console.warn("Could not fetch parents for move", e);
+      }
+    }
+    let newGoogleParentId = "root";
+    if (newParentId && newParentId !== "root") {
+      const newParent = await drive_default.findOne({ _id: newParentId, owner });
+      if (!newParent || !newParent.provider?.google?.id) throw new Error("Target folder not found in Google Drive");
+      newGoogleParentId = newParent.provider.google.id;
+    }
+    await drive.files.update({
+      fileId: item.provider.google.id,
+      addParents: newGoogleParentId,
+      removeParents: previousGoogleParentId,
+      fields: "id, parents"
+    });
+    item.parentId = newParentId === "root" || !newParentId ? null : new mongoose2__default.default.Types.ObjectId(newParentId);
+    await item.save();
+    return item.toClient();
+  },
+  revokeToken: async (owner, accountId) => {
+    if (!accountId) return;
+    const { client } = await createAuthClient(owner, accountId);
+    const account = await account_default.findById(accountId);
+    if (account?.metadata?.provider === "GOOGLE" && account.metadata.google?.credentials) {
+      const creds = account.metadata.google.credentials;
+      if (typeof creds === "object" && "access_token" in creds) {
+        await client.revokeToken(creds.access_token);
+      }
+    }
+  }
+};
+var getNextOrderValue = async (owner) => {
+  const lastItem = await drive_default.findOne({ owner }, {}, { sort: { order: -1 } });
+  return lastItem ? lastItem.order + 1 : 0;
+};
+var driveGetUrl = (fileId, options) => {
+  const config = getDriveConfig();
+  if (!config.security.signedUrls?.enabled) {
+    return `/api/drive?action=serve&id=${fileId}`;
+  }
+  const { secret, expiresIn } = config.security.signedUrls;
+  let expiryTimestamp;
+  if (options?.expiry instanceof Date) {
+    expiryTimestamp = Math.floor(options.expiry.getTime() / 1e3);
+  } else if (typeof options?.expiry === "number") {
+    expiryTimestamp = Math.floor(Date.now() / 1e3) + options.expiry;
+  } else {
+    expiryTimestamp = Math.floor(Date.now() / 1e3) + expiresIn;
+  }
+  const signature = crypto3__default.default.createHmac("sha256", secret).update(`${fileId}:${expiryTimestamp}`).digest("hex");
+  const token = Buffer.from(`${expiryTimestamp}:${signature}`).toString("base64url");
+  return `/api/drive?action=serve&id=${fileId}&token=${token}`;
+};
+var driveReadFile = async (file) => {
+  let drive;
+  if (typeof file === "string") {
+    const doc = await drive_default.findById(file);
+    if (!doc) throw new Error(`File not found: ${file}`);
+    drive = doc;
+  } else if ("toClient" in file) {
+    drive = file;
+  } else {
+    throw new Error("Invalid file parameter provided");
+  }
+  if (drive.information.type !== "FILE") {
+    throw new Error("Cannot read a folder");
+  }
+  const provider = drive.provider?.type === "GOOGLE" ? GoogleDriveProvider : LocalStorageProvider;
+  const accountId = drive.storageAccountId?.toString();
+  return await provider.openStream(drive, accountId);
+};
+var driveInfo = async (source) => {
+  const fileId = typeof source === "string" ? source : source.id;
+  const drive = await drive_default.findById(fileId);
+  if (!drive) throw new Error(`File not found: ${fileId}`);
+  let parentName;
+  if (drive.parentId) {
+    const parent = await drive_default.findById(drive.parentId);
+    if (parent) parentName = parent.name;
+  }
+  const info = {
+    id: String(drive._id),
+    name: drive.name,
+    type: drive.information.type,
+    status: drive.status,
+    provider: drive.provider,
+    parent: {
+      id: drive.parentId ? String(drive.parentId) : null,
+      name: parentName
+    },
+    createdAt: drive.createdAt,
+    trashedAt: drive.trashedAt
+  };
+  if (drive.information.type === "FILE") {
+    info.mime = drive.information.mime;
+    info.size = drive.information.sizeInBytes;
+    info.hash = drive.information.hash;
+    if (drive.information.width && drive.information.height) {
+      info.dimensions = {
+        width: drive.information.width,
+        height: drive.information.height
+      };
+    }
+    if (drive.information.duration) {
+      info.duration = drive.information.duration;
+    }
+  }
+  return info;
+};
+var driveFilePath = async (file) => {
+  let drive;
+  if (typeof file === "string") {
+    const doc = await drive_default.findById(file);
+    if (!doc) throw new Error(`File not found: ${file}`);
+    drive = doc;
+  } else if ("toClient" in file) {
+    drive = file;
+  } else {
+    throw new Error("Invalid file parameter provided");
+  }
+  if (drive.information.type !== "FILE") {
+    throw new Error("Cannot get path for a folder");
+  }
+  const config = getDriveConfig();
+  const STORAGE_PATH = config.storage.path;
+  const providerType = drive.provider?.type || "LOCAL";
+  if (providerType === "LOCAL") {
+    const filePath = path3__default.default.join(STORAGE_PATH, drive.information.path);
+    if (!fs4__default.default.existsSync(filePath)) {
+      throw new Error(`Local file not found on disk: ${filePath}`);
+    }
+    return Object.freeze({
+      path: filePath,
+      name: drive.name,
+      mime: drive.information.mime,
+      size: drive.information.sizeInBytes,
+      provider: "LOCAL"
+    });
+  }
+  if (providerType === "GOOGLE") {
+    const libraryDir = path3__default.default.join(STORAGE_PATH, "library", "google");
+    const fileName = `${drive._id}${path3__default.default.extname(drive.name)}`;
+    const cachedFilePath = path3__default.default.join(libraryDir, fileName);
+    if (fs4__default.default.existsSync(cachedFilePath)) {
+      const stats = fs4__default.default.statSync(cachedFilePath);
+      if (stats.size === drive.information.sizeInBytes) {
+        return Object.freeze({
+          path: cachedFilePath,
+          name: drive.name,
+          mime: drive.information.mime,
+          size: drive.information.sizeInBytes,
+          provider: "GOOGLE"
+        });
+      }
+      fs4__default.default.unlinkSync(cachedFilePath);
+    }
+    const accountId = drive.storageAccountId?.toString();
+    const { stream } = await GoogleDriveProvider.openStream(drive, accountId);
+    if (!fs4__default.default.existsSync(libraryDir)) {
+      fs4__default.default.mkdirSync(libraryDir, { recursive: true });
+    }
+    const tempPath = `${cachedFilePath}.tmp`;
+    const writeStream = fs4__default.default.createWriteStream(tempPath);
+    await new Promise((resolve, reject) => {
+      stream.pipe(writeStream);
+      writeStream.on("finish", resolve);
+      writeStream.on("error", reject);
+      stream.on("error", reject);
+    });
+    try {
+      fs4__default.default.renameSync(tempPath, cachedFilePath);
+    } catch (err) {
+      if (err instanceof Error && "code" in err && err.code === "EXDEV") {
+        fs4__default.default.copyFileSync(tempPath, cachedFilePath);
+        fs4__default.default.unlinkSync(tempPath);
+      } else {
+        throw err;
+      }
+    }
+    return Object.freeze({
+      path: cachedFilePath,
+      name: drive.name,
+      mime: drive.information.mime,
+      size: drive.information.sizeInBytes,
+      provider: "GOOGLE"
+    });
+  }
+  throw new Error(`Unsupported provider: ${providerType}`);
+};
+var driveList = async (options) => {
+  const { key, folderId, accountId, limit = 100, afterId } = options;
+  let providerName = "LOCAL";
+  if (accountId && accountId !== "LOCAL") {
+    const account = await drive_default.db.model("StorageAccount").findOne({ _id: accountId, owner: key });
+    if (!account) {
+      throw new Error("Invalid Storage Account");
+    }
+    if (account.metadata.provider === "GOOGLE") {
+      providerName = "GOOGLE";
+    }
+  }
+  const query = {
+    owner: key,
+    "provider.type": providerName,
+    storageAccountId: accountId || null,
+    parentId: folderId === "root" || !folderId ? null : folderId,
+    trashedAt: null
+  };
+  if (afterId) {
+    query._id = { $lt: afterId };
+  }
+  const items = await drive_default.find(query, {}, { sort: { order: 1, _id: -1 }, limit });
+  return await Promise.all(items.map((item) => item.toClient()));
+};
+var driveDelete = async (source, options) => {
+  const { recurse = true } = options || {};
+  let drive;
+  let driveId;
+  if (typeof source === "string") {
+    const doc = await drive_default.findById(source);
+    if (!doc) throw new Error(`File not found: ${source}`);
+    drive = doc;
+    driveId = source;
+  } else if ("toClient" in source) {
+    drive = source;
+    driveId = String(drive._id);
+  } else {
+    const doc = await drive_default.findById(source.id);
+    if (!doc) throw new Error(`File not found: ${source.id}`);
+    drive = doc;
+    driveId = source.id;
+  }
+  if (drive.information.type === "FOLDER" && !recurse) {
+    const owner2 = drive.owner;
+    const childCount = await drive_default.countDocuments({
+      owner: owner2,
+      parentId: driveId,
+      trashedAt: null
+    });
+    if (childCount > 0) {
+      throw new Error(`Cannot delete folder: it contains ${childCount} item(s). Use recurse: true to delete folder and all its contents.`);
+    }
+  }
+  const provider = drive.provider?.type === "GOOGLE" ? GoogleDriveProvider : LocalStorageProvider;
+  const accountId = drive.storageAccountId?.toString();
+  const owner = drive.owner;
+  await provider.delete([driveId], owner, accountId);
+};
+var driveUpload = async (source, key, options) => {
+  const config = getDriveConfig();
+  let provider = LocalStorageProvider;
+  const accountId = options.accountId;
+  if (accountId && accountId !== "LOCAL") {
+    const account = await drive_default.db.model("StorageAccount").findOne({ _id: accountId, owner: key });
+    if (!account) {
+      throw new Error("Invalid Storage Account");
+    }
+    if (account.metadata.provider === "GOOGLE") {
+      provider = GoogleDriveProvider;
+    }
+  }
+  let tempFilePath = null;
+  let sourceFilePath;
+  let fileSize;
+  if (typeof source === "string") {
+    if (!fs4__default.default.existsSync(source)) {
+      throw new Error(`Source file not found: ${source}`);
+    }
+    sourceFilePath = source;
+    const stats = fs4__default.default.statSync(source);
+    fileSize = stats.size;
+  } else if (Buffer.isBuffer(source)) {
+    const tempDir = path3__default.default.join(os2__default.default.tmpdir(), "next-drive-uploads");
+    if (!fs4__default.default.existsSync(tempDir)) {
+      fs4__default.default.mkdirSync(tempDir, { recursive: true });
+    }
+    tempFilePath = path3__default.default.join(tempDir, `upload-${crypto3__default.default.randomUUID()}.tmp`);
+    fs4__default.default.writeFileSync(tempFilePath, source);
+    sourceFilePath = tempFilePath;
+    fileSize = source.length;
+  } else {
+    const tempDir = path3__default.default.join(os2__default.default.tmpdir(), "next-drive-uploads");
+    if (!fs4__default.default.existsSync(tempDir)) {
+      fs4__default.default.mkdirSync(tempDir, { recursive: true });
+    }
+    tempFilePath = path3__default.default.join(tempDir, `upload-${crypto3__default.default.randomUUID()}.tmp`);
+    const writeStream = fs4__default.default.createWriteStream(tempFilePath);
+    await new Promise((resolve, reject) => {
+      source.pipe(writeStream);
+      writeStream.on("finish", resolve);
+      writeStream.on("error", reject);
+      source.on("error", reject);
+    });
+    sourceFilePath = tempFilePath;
+    const stats = fs4__default.default.statSync(tempFilePath);
+    fileSize = stats.size;
+  }
+  try {
+    let mimeType;
+    if (options.mime) {
+      mimeType = options.mime;
+    } else {
+      const ext = path3__default.default.extname(options.name).toLowerCase();
+      const mimeTypes = {
+        ".jpg": "image/jpeg",
+        ".jpeg": "image/jpeg",
+        ".png": "image/png",
+        ".gif": "image/gif",
+        ".webp": "image/webp",
+        ".svg": "image/svg+xml",
+        ".mp4": "video/mp4",
+        ".mov": "video/quicktime",
+        ".avi": "video/x-msvideo",
+        ".pdf": "application/pdf",
+        ".doc": "application/msword",
+        ".docx": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
+        ".xls": "application/vnd.ms-excel",
+        ".xlsx": "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet",
+        ".txt": "text/plain",
+        ".json": "application/json",
+        ".zip": "application/zip"
+      };
+      mimeType = mimeTypes[ext] || "application/octet-stream";
+    }
+    if (!validateMimeType(mimeType, config.security.allowedMimeTypes)) {
+      throw new Error(`File type ${mimeType} not allowed`);
+    }
+    if (fileSize > config.security.maxUploadSizeInBytes) {
+      throw new Error(`File size ${fileSize} exceeds maximum allowed size ${config.security.maxUploadSizeInBytes}`);
+    }
+    if (!options.enforce) {
+      const quota = await provider.getQuota(key, accountId, void 0);
+      if (quota.usedInBytes + fileSize > quota.quotaInBytes) {
+        throw new Error("Storage quota exceeded");
+      }
+    }
+    const drive = new drive_default({
+      owner: key,
+      storageAccountId: accountId || null,
+      provider: { type: provider.name },
+      name: options.name,
+      parentId: options.parentId === "root" || !options.parentId ? null : options.parentId,
+      order: await getNextOrderValue(key),
+      information: { type: "FILE", sizeInBytes: fileSize, mime: mimeType, path: "" },
+      status: "UPLOADING"
+    });
+    if (provider.name === "LOCAL" && drive.information.type === "FILE") {
+      let sanitizedExt = path3__default.default.extname(options.name) || ".bin";
+      sanitizedExt = sanitizedExt.replace(/[^a-zA-Z0-9.]/g, "").slice(0, 11);
+      if (!sanitizedExt.startsWith(".")) sanitizedExt = ".bin";
+      drive.information.path = path3__default.default.join(String(drive._id), `data${sanitizedExt}`);
+    }
+    await drive.save();
+    try {
+      const item = await provider.uploadFile(drive, sourceFilePath, accountId);
+      return {
+        id: item.id,
+        file: {
+          name: item.name,
+          mime: item.information.type === "FILE" ? item.information.mime : "application/x-folder",
+          size: item.information.type === "FILE" ? item.information.sizeInBytes : 0
+        }
+      };
+    } catch (err) {
+      await drive_default.deleteOne({ _id: drive._id });
+      throw err;
+    }
+  } finally {
+    if (tempFilePath && fs4__default.default.existsSync(tempFilePath)) {
+      fs4__default.default.rmSync(tempFilePath, { force: true });
+    }
+  }
+};
+
+// src/server/index.ts
+var getProvider = async (req, owner) => {
+  const accountId = req.headers["x-drive-account"];
+  if (!accountId || accountId === "LOCAL") {
+    return { provider: LocalStorageProvider };
+  }
+  const account = await account_default.findOne({ _id: accountId, owner });
+  if (!account) {
+    throw new Error("Invalid Storage Account");
+  }
+  if (account.metadata.provider === "GOOGLE") return { provider: GoogleDriveProvider, accountId: account._id.toString() };
+  return { provider: LocalStorageProvider };
+};
+var applyCorsHeaders = (req, res, config) => {
+  const cors = config.cors;
+  if (!cors?.enabled) return false;
+  const origin = req.headers.origin;
+  const allowedOrigins = cors.origins ?? "*";
+  const methods = cors.methods ?? ["GET", "POST", "PUT", "DELETE", "OPTIONS"];
+  const allowedHeaders = cors.allowedHeaders ?? ["Content-Type", "Authorization", "X-Drive-Account"];
+  const exposedHeaders = cors.exposedHeaders ?? ["Content-Length", "Content-Type", "Content-Disposition"];
+  const credentials = cors.credentials ?? false;
+  const maxAge = cors.maxAge ?? 86400;
+  let allowOrigin = null;
+  if (origin) {
+    if (allowedOrigins === "*") {
+      allowOrigin = origin;
+    } else if (Array.isArray(allowedOrigins)) {
+      if (allowedOrigins.includes(origin)) {
+        allowOrigin = origin;
+      }
+    } else if (allowedOrigins === origin) {
+      allowOrigin = origin;
+    }
+  } else if (allowedOrigins === "*") {
+    allowOrigin = "*";
+  }
+  if (!allowOrigin) {
+    if (req.method === "OPTIONS") {
+      res.status(403).end();
+      return true;
+    }
+    return false;
+  }
+  res.setHeader("Access-Control-Allow-Origin", allowOrigin);
+  res.setHeader("Access-Control-Allow-Methods", methods.join(", "));
+  res.setHeader("Access-Control-Allow-Headers", allowedHeaders.join(", "));
+  res.setHeader("Access-Control-Expose-Headers", exposedHeaders.join(", "));
+  res.setHeader("Access-Control-Max-Age", maxAge.toString());
+  if (credentials) {
+    res.setHeader("Access-Control-Allow-Credentials", "true");
+  }
+  if (req.method === "OPTIONS") {
+    res.status(204).end();
+    return true;
+  }
+  return false;
+};
+var driveAPIHandler = async (req, res) => {
+  const action = req.query.action || (req.query.code && req.query.state ? "callback" : void 0);
+  let config;
+  try {
+    config = getDriveConfig();
+  } catch (error) {
+    console.error("[next-drive] Configuration error:", error);
+    res.status(500).json({ status: 500, message: "Failed to initialize drive configuration" });
+    return;
+  }
+  const isPreflightHandled = applyCorsHeaders(req, res, config);
+  if (isPreflightHandled) return;
+  if (!action) {
+    res.status(400).json({ status: 400, message: "Missing action query parameter" });
+    return;
+  }
+  try {
+    const information = await getDriveInformation(req);
+    const { key: owner } = information;
+    const STORAGE_PATH = config.storage.path;
+    if (action === "information") {
+      const { clientId, clientSecret, redirectUri } = config.storage?.google || {};
+      const googleConfigured = !!(clientId && clientSecret && redirectUri);
+      return res.status(200).json({
+        status: 200,
+        message: "Information retrieved",
+        data: {
+          providers: {
+            google: googleConfigured
+          }
+        }
+      });
+    }
+    if (["getAuthUrl", "callback", "listAccounts", "removeAccount"].includes(action)) {
+      switch (action) {
+        case "getAuthUrl": {
+          const { provider: provider2 } = req.query;
+          if (provider2 === "GOOGLE") {
+            const { clientId, clientSecret, redirectUri } = config.storage?.google || {};
+            if (!clientId || !clientSecret || !redirectUri) return res.status(500).json({ status: 500, message: "Google not configured" });
+            const { google: google2 } = chunkJEQ2X3Z6_cjs.__require("googleapis");
+            const callbackUri = new URL(redirectUri);
+            callbackUri.searchParams.set("action", "callback");
+            const oAuth2Client = new google2.auth.OAuth2(clientId, clientSecret, callbackUri.toString());
+            const state = Buffer.from(JSON.stringify({ owner })).toString("base64");
+            const url = oAuth2Client.generateAuthUrl({
+              access_type: "offline",
+              scope: ["https://www.googleapis.com/auth/drive", "https://www.googleapis.com/auth/userinfo.email"],
+              state,
+              prompt: "consent"
+              // force refresh token
+            });
+            return res.status(200).json({ status: 200, message: "Auth URL generated", data: { url } });
+          }
+          return res.status(400).json({ status: 400, message: "Unknown provider" });
+        }
+        case "callback": {
+          const { code, state } = req.query;
+          if (!code) return res.status(400).json({ status: 400, message: "Missing code" });
+          const { clientId, clientSecret, redirectUri } = config.storage?.google || {};
+          if (!clientId || !clientSecret || !redirectUri) return res.status(500).json({ status: 500, message: "Google not configured" });
+          const { google: google2 } = chunkJEQ2X3Z6_cjs.__require("googleapis");
+          const callbackUri = new URL(redirectUri);
+          callbackUri.searchParams.set("action", "callback");
+          const oAuth2Client = new google2.auth.OAuth2(clientId, clientSecret, callbackUri.toString());
+          const { tokens } = await oAuth2Client.getToken(code);
+          oAuth2Client.setCredentials(tokens);
+          const oauth2 = google2.oauth2({ version: "v2", auth: oAuth2Client });
+          const userInfo = await oauth2.userinfo.get();
+          const existing = await account_default.findOne({ owner, "metadata.google.email": userInfo.data.email, "metadata.provider": "GOOGLE" });
+          if (existing) {
+            existing.metadata.google.credentials = tokens;
+            existing.markModified("metadata");
+            await existing.save();
+          } else {
+            await account_default.create({
+              owner,
+              name: userInfo.data.name || "Google Drive",
+              metadata: {
+                provider: "GOOGLE",
+                google: {
+                  email: userInfo.data.email,
+                  credentials: tokens
+                }
+              }
+            });
+          }
+          res.setHeader("Content-Type", "text/html");
+          return res.send(`<!DOCTYPE html>
+<html>
+<head><title>Authentication Complete</title></head>
+<body>
+<p>Authentication successful! This window will close automatically.</p>
+<script>
+(function() {
+	// Method 1: postMessage for popup windows
+	if (window.opener) {
+		try {
+			window.opener.postMessage('oauth-success', '*');
+		} catch (e) {}
+	}
+	// Method 2: localStorage event for new tabs (macOS fullscreen mode)
+	try {
+		localStorage.setItem('next-drive-oauth-success', Date.now().toString());
+		localStorage.removeItem('next-drive-oauth-success');
+	} catch (e) {}
+	// Close the window/tab
+	window.close();
+	// Fallback: If window.close() doesn't work (some browsers block it),
+	// show a message to manually close
+	setTimeout(function() {
+		document.body.innerHTML = '<p style="font-family: system-ui; text-align: center; margin-top: 50px;">Authentication successful!<br>You can close this tab now.</p>';
+	}, 500);
+})();
+</script>
+</body>
+</html>`);
+        }
+        case "listAccounts": {
+          const accounts = await account_default.find({ owner });
+          return res.status(200).json({
+            status: 200,
+            data: {
+              accounts: accounts.map((a) => ({
+                id: a._id.toString(),
+                name: a.name,
+                email: a.metadata.google?.email || "",
+                provider: a.metadata.provider
+              }))
+            }
+          });
+        }
+        case "removeAccount": {
+          const { id } = req.query;
+          const account = await account_default.findOne({ _id: id, owner });
+          if (!account) return res.status(404).json({ status: 404, message: "Account not found" });
+          if (account.metadata.provider === "GOOGLE") {
+            try {
+              await GoogleDriveProvider.revokeToken(owner, account._id.toString());
+            } catch (e) {
+              console.error("Failed to revoke Google token:", e);
+            }
+          }
+          await account_default.deleteOne({ _id: id, owner });
+          await drive_default.deleteMany({ owner, storageAccountId: id });
+          return res.status(200).json({ status: 200, message: "Account removed" });
+        }
+      }
+    }
+    const { provider, accountId } = await getProvider(req, owner);
+    switch (action) {
+      // ** 1. LIST **
+      case "list": {
+        if (req.method !== "GET") return res.status(405).json({ status: 405, message: "Only GET allowed" });
+        const listQuery = listQuerySchema.safeParse(req.query);
+        if (!listQuery.success) return res.status(400).json({ status: 400, message: "Invalid parameters" });
+        const { folderId, limit, afterId } = listQuery.data;
+        try {
+          await provider.sync(folderId || "root", owner, accountId);
+        } catch (e) {
+          console.error("Sync failed", e);
+        }
+        const query = {
+          owner,
+          "provider.type": provider.name,
+          storageAccountId: accountId || null,
+          parentId: folderId === "root" || !folderId ? null : folderId,
+          trashedAt: null
+        };
+        if (afterId) query._id = { $lt: afterId };
+        const items = await drive_default.find(query, {}, { sort: { order: 1, _id: -1 }, limit });
+        const plainItems = await Promise.all(items.map((item) => item.toClient()));
+        res.status(200).json({ status: 200, message: "Items retrieved", data: { items: plainItems, hasMore: items.length === limit } });
+        return;
+      }
+      // ** 2. SEARCH **
+      case "search": {
+        const searchData = searchQuerySchema.safeParse(req.query);
+        if (!searchData.success) return res.status(400).json({ status: 400, message: "Invalid params" });
+        const { q, folderId, limit, trashed } = searchData.data;
+        if (!trashed) {
+          try {
+            await provider.search(q, owner, accountId);
+          } catch (e) {
+            console.error("Search sync failed", e);
+          }
+        }
+        const query = {
+          owner,
+          "provider.type": provider.name,
+          storageAccountId: accountId || null,
+          trashedAt: trashed ? { $ne: null } : null,
+          name: { $regex: q, $options: "i" }
+        };
+        if (folderId && folderId !== "root") query.parentId = folderId;
+        const items = await drive_default.find(query, {}, { limit, sort: { createdAt: -1 } });
+        const plainItems = await Promise.all(items.map((i) => i.toClient()));
+        return res.status(200).json({ status: 200, message: "Results", data: { items: plainItems } });
+      }
+      // ** 3. UPLOAD **
+      case "upload": {
+        if (req.method !== "POST") return res.status(405).json({ status: 405, message: "Only POST allowed" });
+        const systemTmpDir = path3__default.default.join(os2__default.default.tmpdir(), "next-drive-uploads");
+        if (!fs4__default.default.existsSync(systemTmpDir)) fs4__default.default.mkdirSync(systemTmpDir, { recursive: true });
+        const form = formidable__default.default({
+          multiples: false,
+          maxFileSize: config.security.maxUploadSizeInBytes * 2,
+          uploadDir: systemTmpDir,
+          keepExtensions: true
+        });
+        const [fields, files] = await new Promise((resolve, reject) => {
+          form.parse(req, (err, fields2, files2) => {
+            if (err) reject(err);
+            else resolve([fields2, files2]);
+          });
+        });
+        const cleanupTempFiles = (files2) => {
+          Object.values(files2).flat().forEach((file) => {
+            if (file && fs4__default.default.existsSync(file.filepath)) fs4__default.default.rmSync(file.filepath, { force: true });
+          });
+        };
+        const getString = (f) => Array.isArray(f) ? f[0] : f || "";
+        const getInt = (f) => parseInt(getString(f) || "0", 10);
+        const uploadData = uploadChunkSchema.safeParse({
+          chunkIndex: getInt(fields.chunkIndex),
+          totalChunks: getInt(fields.totalChunks),
+          driveId: getString(fields.driveId) || void 0,
+          fileName: getString(fields.fileName),
+          fileSize: getInt(fields.fileSize),
+          fileType: getString(fields.fileType),
+          folderId: getString(fields.folderId) || void 0
+        });
+        if (!uploadData.success) {
+          cleanupTempFiles(files);
+          return res.status(400).json({ status: 400, message: uploadData.error.errors[0].message });
+        }
+        const { chunkIndex, totalChunks, driveId, fileName, fileSize: fileSizeInBytes, fileType, folderId } = uploadData.data;
+        let currentUploadId = driveId;
+        const tempBaseDir = path3__default.default.join(os2__default.default.tmpdir(), "next-drive-uploads");
+        if (!currentUploadId) {
+          if (chunkIndex !== 0) return res.status(400).json({ message: "Missing upload ID for non-zero chunk" });
+          if (fileType && !validateMimeType(fileType, config.security.allowedMimeTypes)) {
+            cleanupTempFiles(files);
+            return res.status(400).json({ status: 400, message: `File type ${fileType} not allowed` });
+          }
+          const quota = await provider.getQuota(owner, accountId, information.storage.quotaInBytes);
+          if (quota.usedInBytes + fileSizeInBytes > quota.quotaInBytes) {
+            cleanupTempFiles(files);
+            return res.status(413).json({ status: 413, message: "Storage quota exceeded" });
+          }
+          currentUploadId = crypto.randomUUID();
+          const uploadDir = path3__default.default.join(tempBaseDir, currentUploadId);
+          fs4__default.default.mkdirSync(uploadDir, { recursive: true });
+          const metadata = {
+            owner,
+            accountId,
+            providerName: provider.name,
+            name: fileName,
+            parentId: folderId === "root" || !folderId ? null : folderId,
+            fileSize: fileSizeInBytes,
+            mimeType: fileType,
+            totalChunks
+          };
+          fs4__default.default.writeFileSync(path3__default.default.join(uploadDir, "metadata.json"), JSON.stringify(metadata));
+        }
+        if (currentUploadId) {
+          const uploadDir = path3__default.default.join(tempBaseDir, currentUploadId);
+          if (!fs4__default.default.existsSync(uploadDir)) {
+            cleanupTempFiles(files);
+            return res.status(404).json({ status: 404, message: "Upload session not found or expired" });
+          }
+          try {
+            const chunkFile = Array.isArray(files.chunk) ? files.chunk[0] : files.chunk;
+            if (!chunkFile) throw new Error("No chunk file received");
+            const partPath = path3__default.default.join(uploadDir, `part_${chunkIndex}`);
+            try {
+              fs4__default.default.renameSync(chunkFile.filepath, partPath);
+            } catch (err) {
+              if (err instanceof Error && "code" in err && err.code === "EXDEV") {
+                fs4__default.default.copyFileSync(chunkFile.filepath, partPath);
+                fs4__default.default.unlinkSync(chunkFile.filepath);
+              } else {
+                throw err;
+              }
+            }
+            const uploadedParts = fs4__default.default.readdirSync(uploadDir).filter((f) => f.startsWith("part_"));
+            if (uploadedParts.length === totalChunks) {
+              const metaPath = path3__default.default.join(uploadDir, "metadata.json");
+              const meta = JSON.parse(fs4__default.default.readFileSync(metaPath, "utf-8"));
+              const finalTempPath = path3__default.default.join(uploadDir, "final.bin");
+              const writeStream = fs4__default.default.createWriteStream(finalTempPath);
+              await new Promise((resolve, reject) => {
+                writeStream.on("open", () => resolve());
+                writeStream.on("error", reject);
+              });
+              for (let i = 0; i < totalChunks; i++) {
+                const pPath = path3__default.default.join(uploadDir, `part_${i}`);
+                if (!fs4__default.default.existsSync(pPath)) {
+                  writeStream.destroy();
+                  throw new Error(`Missing chunk part: ${i}`);
+                }
+                const data = fs4__default.default.readFileSync(pPath);
+                writeStream.write(data);
+              }
+              await new Promise((resolve, reject) => {
+                writeStream.end();
+                writeStream.on("finish", resolve);
+                writeStream.on("error", reject);
+              });
+              if (!fs4__default.default.existsSync(finalTempPath)) {
+                throw new Error("Failed to create merged file");
+              }
+              const finalStats = fs4__default.default.statSync(finalTempPath);
+              if (finalStats.size !== meta.fileSize) {
+                throw new Error(`File size mismatch: expected ${meta.fileSize}, got ${finalStats.size}`);
+              }
+              const drive = new drive_default({
+                owner: meta.owner,
+                storageAccountId: meta.accountId || null,
+                provider: { type: meta.providerName },
+                name: meta.name,
+                parentId: meta.parentId,
+                order: 0,
+                information: { type: "FILE", sizeInBytes: meta.fileSize, mime: meta.mimeType, path: "" },
+                // path set by provider
+                status: "UPLOADING",
+                currentChunk: totalChunks,
+                totalChunks
+              });
+              if (meta.providerName === "LOCAL" && drive.information.type === "FILE") {
+                let ext = path3__default.default.extname(meta.name) || ".bin";
+                ext = ext.replace(/[^a-zA-Z0-9.]/g, "").slice(0, 11);
+                if (!ext.startsWith(".")) ext = ".bin";
+                drive.information.path = path3__default.default.join(String(drive._id), `data${ext}`);
+              }
+              await drive.save();
+              try {
+                const item = await provider.uploadFile(drive, finalTempPath, meta.accountId);
+                fs4__default.default.rmSync(uploadDir, { recursive: true, force: true });
+                const newQuota = await provider.getQuota(meta.owner, meta.accountId, information.storage.quotaInBytes);
+                res.status(200).json({ status: 200, message: "Upload complete", data: { type: "UPLOAD_COMPLETE", driveId: String(drive._id), item }, statistic: { storage: newQuota } });
+              } catch (err) {
+                await drive_default.deleteOne({ _id: drive._id });
+                throw err;
+              }
+            } else {
+              const newQuota = await provider.getQuota(owner, accountId, information.storage.quotaInBytes);
+              if (chunkIndex === 0) {
+                res.status(200).json({ status: 200, message: "Upload started", data: { type: "UPLOAD_STARTED", driveId: currentUploadId }, statistic: { storage: newQuota } });
+              } else {
+                res.status(200).json({ status: 200, message: "Chunk received", data: { type: "CHUNK_RECEIVED", driveId: currentUploadId, chunkIndex }, statistic: { storage: newQuota } });
+              }
+            }
+          } catch (e) {
+            cleanupTempFiles(files);
+            throw e;
+          }
+          return;
+        }
+        cleanupTempFiles(files);
+        return res.status(400).json({ status: 400, message: "Invalid upload request" });
+      }
+      // ** 4. CANCEL UPLOAD **
+      case "cancel": {
+        const cancelData = cancelQuerySchema.safeParse(req.query);
+        if (!cancelData.success) return res.status(400).json({ status: 400, message: "Invalid ID" });
+        const { id } = cancelData.data;
+        const tempUploadDir = path3__default.default.join(os2__default.default.tmpdir(), "next-drive-uploads", id);
+        if (fs4__default.default.existsSync(tempUploadDir)) {
+          try {
+            fs4__default.default.rmSync(tempUploadDir, { recursive: true, force: true });
+          } catch (e) {
+            console.error("Failed to cleanup temp upload:", e);
+          }
+        }
+        return res.status(200).json({ status: 200, message: "Upload cancelled", data: null });
+      }
+      // ** 5. CREATE FOLDER **
+      case "createFolder": {
+        const folderData = createFolderBodySchema.safeParse(req.body);
+        if (!folderData.success) return res.status(400).json({ status: 400, message: folderData.error.errors[0].message });
+        const { name, parentId } = folderData.data;
+        const item = await provider.createFolder(name, parentId ?? null, owner, accountId);
+        return res.status(201).json({ status: 201, message: "Folder created", data: { item } });
+      }
+      // ** 5. DELETE **
+      case "delete": {
+        const deleteData = deleteQuerySchema.safeParse(req.query);
+        if (!deleteData.success) return res.status(400).json({ status: 400, message: "Invalid ID" });
+        const { id } = deleteData.data;
+        const drive = await drive_default.findById(id);
+        if (!drive) return res.status(404).json({ status: 404, message: "Not found" });
+        const itemProvider = drive.provider?.type === "GOOGLE" ? GoogleDriveProvider : LocalStorageProvider;
+        const itemAccountId = drive.storageAccountId ? drive.storageAccountId.toString() : void 0;
+        try {
+          await itemProvider.trash([id], owner, itemAccountId);
+        } catch (e) {
+          console.error("Provider trash failed:", e);
+        }
+        drive.trashedAt = /* @__PURE__ */ new Date();
+        await drive.save();
+        return res.status(200).json({ status: 200, message: "Moved to trash", data: null });
+      }
+      // ** 6. HARD DELETE **
+      case "deletePermanent": {
+        const deleteData = deleteQuerySchema.safeParse(req.query);
+        if (!deleteData.success) return res.status(400).json({ status: 400, message: "Invalid ID" });
+        const { id } = deleteData.data;
+        await provider.delete([id], owner, accountId);
+        const quota = await provider.getQuota(owner, accountId, information.storage.quotaInBytes);
+        return res.status(200).json({ status: 200, message: "Deleted", statistic: { storage: quota } });
+      }
+      // ** 7. QUOTA **
+      case "quota": {
+        const quota = await provider.getQuota(owner, accountId, information.storage.quotaInBytes);
+        return res.status(200).json({
+          status: 200,
+          message: "Quota retrieved",
+          data: { usedInBytes: quota.usedInBytes, totalInBytes: quota.quotaInBytes, availableInBytes: Math.max(0, quota.quotaInBytes - quota.usedInBytes), percentage: quota.quotaInBytes > 0 ? Math.round(quota.usedInBytes / quota.quotaInBytes * 100) : 0 },
+          statistic: { storage: quota }
+        });
+      }
+      // ** 7B. TRASH **
+      case "trash": {
+        try {
+          const { provider: trashProvider, accountId: trashAccountId } = await getProvider(req, owner);
+          await trashProvider.syncTrash(owner, trashAccountId);
+        } catch (e) {
+          console.error("Trash sync failed", e);
+        }
+        const query = {
+          owner,
+          "provider.type": provider.name,
+          storageAccountId: accountId || null,
+          trashedAt: { $ne: null }
+        };
+        const items = await drive_default.find(query, {}, { sort: { trashedAt: -1 } });
+        const plainItems = await Promise.all(items.map((item) => item.toClient()));
+        return res.status(200).json({
+          status: 200,
+          message: "Trash items",
+          data: { items: plainItems, hasMore: false }
+        });
+      }
+      // ** 7C. RESTORE **
+      case "restore": {
+        const restoreData = deleteQuerySchema.safeParse(req.query);
+        if (!restoreData.success) return res.status(400).json({ status: 400, message: "Invalid ID" });
+        const { id } = restoreData.data;
+        const drive = await drive_default.findById(id);
+        if (!drive) return res.status(404).json({ status: 404, message: "Not found" });
+        let targetParentId = drive.parentId;
+        if (targetParentId) {
+          const parent = await drive_default.findById(targetParentId);
+          if (parent?.trashedAt) {
+            targetParentId = null;
+          }
+        }
+        const itemProvider = drive.provider?.type === "GOOGLE" ? GoogleDriveProvider : LocalStorageProvider;
+        const itemAccountId = drive.storageAccountId ? drive.storageAccountId.toString() : void 0;
+        try {
+          await itemProvider.untrash([id], owner, itemAccountId);
+          if (targetParentId !== drive.parentId) {
+            await itemProvider.move(id, targetParentId?.toString() ?? null, owner, itemAccountId);
+          }
+        } catch (e) {
+          console.error("Provider restore failed:", e);
+        }
+        drive.trashedAt = null;
+        drive.parentId = targetParentId;
+        await drive.save();
+        return res.status(200).json({
+          status: 200,
+          message: targetParentId === null && drive.parentId !== null ? "Restored to root (parent folder was trashed)" : "Restored",
+          data: null
+        });
+      }
+      // ** 7D. MOVE **
+      case "move": {
+        const moveData = moveBodySchema.safeParse(req.body);
+        if (!moveData.success) return res.status(400).json({ status: 400, message: "Invalid data" });
+        const { ids, targetFolderId } = moveData.data;
+        const items = [];
+        const effectiveTargetId = targetFolderId === "root" || !targetFolderId ? null : targetFolderId;
+        for (const id of ids) {
+          try {
+            const item = await provider.move(id, effectiveTargetId, owner, accountId);
+            items.push(item);
+          } catch (e) {
+            console.error(`Failed to move item ${id}`, e);
+          }
+        }
+        return res.status(200).json({ status: 200, message: "Moved", data: { items } });
+      }
+      // ** 8. RENAME **
+      case "rename": {
+        const renameData = renameBodySchema.safeParse({ id: req.query.id, ...req.body });
+        if (!renameData.success) return res.status(400).json({ status: 400, message: "Invalid data" });
+        const { id, newName } = renameData.data;
+        const item = await provider.rename(id, newName, owner, accountId);
+        return res.status(200).json({ status: 200, message: "Renamed", data: { item } });
+      }
+      // ** 9. THUMBNAIL **
+      case "thumbnail": {
+        const thumbQuery = thumbnailQuerySchema.safeParse(req.query);
+        if (!thumbQuery.success) return res.status(400).json({ status: 400, message: "Invalid params" });
+        const { id } = thumbQuery.data;
+        const drive = await drive_default.findById(id);
+        if (!drive) return res.status(404).json({ status: 404, message: "Not found" });
+        const itemProvider = drive.provider?.type === "GOOGLE" ? GoogleDriveProvider : LocalStorageProvider;
+        const itemAccountId = drive.storageAccountId ? drive.storageAccountId.toString() : void 0;
+        const stream = await itemProvider.getThumbnail(drive, itemAccountId);
+        res.setHeader("Content-Type", "image/webp");
+        if (config.cors?.enabled) {
+          res.setHeader("Cross-Origin-Resource-Policy", "cross-origin");
+        }
+        stream.pipe(res);
+        return;
+      }
+      // ** 10. SERVE / DOWNLOAD **
+      case "serve": {
+        const serveQuery = serveQuerySchema.safeParse(req.query);
+        if (!serveQuery.success) return res.status(400).json({ status: 400, message: "Invalid params" });
+        const { id } = serveQuery.data;
+        const drive = await drive_default.findById(id);
+        if (!drive) return res.status(404).json({ status: 404, message: "Not found" });
+        const itemProvider = drive.provider?.type === "GOOGLE" ? GoogleDriveProvider : LocalStorageProvider;
+        const itemAccountId = drive.storageAccountId ? drive.storageAccountId.toString() : void 0;
+        const { stream, mime, size } = await itemProvider.openStream(drive, itemAccountId);
+        const safeFilename = sanitizeContentDispositionFilename(drive.name);
+        res.setHeader("Content-Disposition", `inline; filename="${safeFilename}"`);
+        res.setHeader("Content-Type", mime);
+        if (config.cors?.enabled) {
+          res.setHeader("Cross-Origin-Resource-Policy", "cross-origin");
+        }
+        if (size) res.setHeader("Content-Length", size);
+        stream.pipe(res);
+        return;
+      }
+      default:
+        res.status(400).json({ status: 400, message: `Unknown action: ${action}` });
+    }
+  } catch (error) {
+    console.error(`[next-drive] Error handling action ${action}:`, error);
+    res.status(500).json({ status: 500, message: error instanceof Error ? error.message : "Unknown error" });
+  }
+};
+
+exports.driveAPIHandler = driveAPIHandler;
+exports.driveConfiguration = driveConfiguration;
+exports.driveDelete = driveDelete;
+exports.driveFilePath = driveFilePath;
+exports.driveFileSchemaZod = driveFileSchemaZod;
+exports.driveGetUrl = driveGetUrl;
+exports.driveInfo = driveInfo;
+exports.driveList = driveList;
+exports.driveReadFile = driveReadFile;
+exports.driveUpload = driveUpload;
+exports.getDriveConfig = getDriveConfig;
+exports.getDriveInformation = getDriveInformation;
+//# sourceMappingURL=chunk-7PTOIRBL.cjs.map
+//# sourceMappingURL=chunk-7PTOIRBL.cjs.map