@nuraly/lumenjs 0.1.3 → 0.2.0

package/dist/communication/encryption.d.ts

@@ -0,0 +1,35 @@
+import type { KeyBundle, EncryptedEnvelope } from './types.js';
+import type { CommunicationStore } from './store.js';
+import type { LumenDb } from '../db/index.js';
+/** Context for encryption handlers */
+export interface EncryptionContext {
+    userId: string;
+    store: CommunicationStore;
+    /** Emit data to the current socket */
+    push: (data: any) => void;
+    /** Emit to a specific user's sockets */
+    emitToUser: (targetUserId: string, data: any) => void;
+    /** LumenJS database instance (optional) */
+    db?: LumenDb;
+}
+/**
+ * Handle a client uploading their public key bundle.
+ * Server stores the bundle — it never sees private keys.
+ */
+export declare function handleUploadKeys(ctx: EncryptionContext, data: KeyBundle): Promise<void>;
+/**
+ * Handle a client requesting another user's key bundle for session setup.
+ * Pops one one-time pre-key (consumed once).
+ */
+export declare function handleRequestKeys(ctx: EncryptionContext, data: {
+    recipientId: string;
+}): Promise<void>;
+/**
+ * Relay a session initialization message to the recipient.
+ * The server never reads the envelope — just forwards it.
+ */
+export declare function handleSessionInit(ctx: EncryptionContext, data: {
+    recipientId: string;
+    sessionId: string;
+    envelope: EncryptedEnvelope;
+}): void;

package/dist/communication/encryption.js

@@ -0,0 +1,90 @@
+// ── Key Upload ──────────────────────────────────────────────────
+/**
+ * Handle a client uploading their public key bundle.
+ * Server stores the bundle — it never sees private keys.
+ */
+export async function handleUploadKeys(ctx, data) {
+    // Ensure the bundle belongs to the sender
+    const bundle = {
+        ...data,
+        userId: ctx.userId,
+        uploadedAt: new Date().toISOString(),
+    };
+    // Store in memory
+    ctx.store.setKeyBundle(ctx.userId, bundle);
+    // Persist to DB if available
+    if (ctx.db) {
+        await ctx.db.run(`INSERT OR REPLACE INTO encryption_keys (user_id, identity_key, signed_pre_key_id, signed_pre_key, signed_pre_key_signature, uploaded_at)
+       VALUES (?, ?, ?, ?, ?, ?)`, ctx.userId, bundle.identityKey, bundle.signedPreKey.keyId, bundle.signedPreKey.publicKey, bundle.signedPreKeySignature, bundle.uploadedAt);
+        // Replace one-time pre-keys
+        await ctx.db.run(`DELETE FROM encryption_prekeys WHERE user_id = ?`, ctx.userId);
+        for (const otk of bundle.oneTimePreKeys) {
+            await ctx.db.run(`INSERT INTO encryption_prekeys (user_id, key_id, public_key) VALUES (?, ?, ?)`, ctx.userId, otk.keyId, otk.publicKey);
+        }
+    }
+    ctx.push({ event: 'encryption:keys-uploaded', data: { userId: ctx.userId, keyCount: bundle.oneTimePreKeys.length } });
+}
+// ── Key Request ─────────────────────────────────────────────────
+/**
+ * Handle a client requesting another user's key bundle for session setup.
+ * Pops one one-time pre-key (consumed once).
+ */
+export async function handleRequestKeys(ctx, data) {
+    let bundle = ctx.store.getKeyBundle(data.recipientId);
+    // Try loading from DB if not in memory
+    if (!bundle && ctx.db) {
+        const row = await ctx.db.get(`SELECT * FROM encryption_keys WHERE user_id = ?`, data.recipientId);
+        if (row) {
+            const prekeys = await ctx.db.all(`SELECT key_id, public_key FROM encryption_prekeys WHERE user_id = ? ORDER BY key_id`, data.recipientId);
+            bundle = {
+                userId: data.recipientId,
+                identityKey: row.identity_key,
+                signedPreKey: { keyId: row.signed_pre_key_id, publicKey: row.signed_pre_key },
+                signedPreKeySignature: row.signed_pre_key_signature,
+                oneTimePreKeys: prekeys.map((pk) => ({ keyId: pk.key_id, publicKey: pk.public_key })),
+                uploadedAt: row.uploaded_at,
+            };
+            ctx.store.setKeyBundle(data.recipientId, bundle);
+        }
+    }
+    if (!bundle) {
+        ctx.push({ event: 'encryption:keys-response', data: { error: 'no_keys', recipientId: data.recipientId } });
+        return;
+    }
+    // Pop one one-time pre-key (consumed once per session)
+    const oneTimePreKey = ctx.store.popOneTimePreKey(data.recipientId);
+    // Remove from DB too
+    if (oneTimePreKey && ctx.db) {
+        await ctx.db.run(`DELETE FROM encryption_prekeys WHERE user_id = ? AND key_id = ?`, data.recipientId, oneTimePreKey.keyId);
+    }
+    const response = {
+        recipientId: data.recipientId,
+        identityKey: bundle.identityKey,
+        signedPreKey: bundle.signedPreKey,
+        signedPreKeySignature: bundle.signedPreKeySignature,
+        oneTimePreKey,
+    };
+    ctx.push({ event: 'encryption:keys-response', data: response });
+    // Notify recipient if their one-time pre-keys are depleted
+    if (ctx.store.getOneTimePreKeyCount(data.recipientId) === 0) {
+        ctx.emitToUser(data.recipientId, {
+            event: 'encryption:keys-depleted',
+            data: { userId: data.recipientId },
+        });
+    }
+}
+// ── Session Init Relay ──────────────────────────────────────────
+/**
+ * Relay a session initialization message to the recipient.
+ * The server never reads the envelope — just forwards it.
+ */
+export function handleSessionInit(ctx, data) {
+    ctx.emitToUser(data.recipientId, {
+        event: 'encryption:session-init',
+        data: {
+            senderId: ctx.userId,
+            sessionId: data.sessionId,
+            envelope: data.envelope,
+        },
+    });
+}

package/dist/communication/handlers/context.d.ts

@@ -0,0 +1,27 @@
+import type { CommunicationConfig } from '../types.js';
+import type { CommunicationStore } from '../store.js';
+import type { LumenDb } from '../../db/index.js';
+import type { StorageAdapter } from '../../storage/adapters/types.js';
+/** Context passed to every handler from the socket connection */
+export interface HandlerContext {
+    userId: string;
+    store: CommunicationStore;
+    /** Resolved communication config */
+    config: CommunicationConfig;
+    /** Emit data to the current socket */
+    push: (data: any) => void;
+    /** Broadcast to all sockets in a room */
+    broadcastAll: (room: string, data: any) => void;
+    /** Broadcast to all sockets in a room except the sender */
+    broadcast: (room: string, data: any) => void;
+    /** Join a socket room */
+    joinRoom: (room: string) => void;
+    /** Leave a socket room */
+    leaveRoom: (room: string) => void;
+    /** Emit data to all sockets for a specific user */
+    emitToUser?: (userId: string, data: any) => void;
+    /** LumenJS database instance (optional — only if app has DB set up) */
+    db?: LumenDb;
+    /** Storage adapter for file uploads (optional — only if storage is configured) */
+    storage?: StorageAdapter;
+}

package/dist/communication/handlers/context.js

@@ -0,0 +1 @@
+export {};

package/dist/communication/handlers/conversation.d.ts

@@ -0,0 +1,24 @@
+import type { HandlerContext } from './context.js';
+export declare function handleConversationCreate(ctx: HandlerContext, data: {
+    type: 'direct' | 'group';
+    name?: string;
+    participantIds: string[];
+}): Promise<void>;
+export declare function handleConversationJoin(ctx: HandlerContext, data: {
+    conversationId: string;
+}): Promise<void>;
+export declare function handleConversationLeave(ctx: HandlerContext, data: {
+    conversationId: string;
+}): void;
+export declare function handleConversationArchive(ctx: HandlerContext, data: {
+    conversationId: string;
+    archived: boolean;
+}): Promise<void>;
+export declare function handleConversationMute(ctx: HandlerContext, data: {
+    conversationId: string;
+    muted: boolean;
+}): Promise<void>;
+export declare function handleConversationPin(ctx: HandlerContext, data: {
+    conversationId: string;
+    pinned: boolean;
+}): Promise<void>;

package/dist/communication/handlers/conversation.js

@@ -0,0 +1,113 @@
+// ── Conversation ────────────────────────────────────────────────
+export async function handleConversationCreate(ctx, data) {
+    const now = new Date().toISOString();
+    let conversation;
+    if (ctx.db) {
+        const convId = crypto.randomUUID();
+        await ctx.db.run(`INSERT INTO conversations (id, type, name, created_at, updated_at) VALUES (?, ?, ?, ?, ?)`, convId, data.type, data.name || null, now, now);
+        // Add the creator as a participant with 'owner' role
+        const allParticipantIds = [ctx.userId, ...data.participantIds.filter(id => id !== ctx.userId)];
+        for (const uid of allParticipantIds) {
+            const role = uid === ctx.userId ? 'owner' : 'member';
+            await ctx.db.run(`INSERT INTO conversation_participants (conversation_id, user_id, role, joined_at) VALUES (?, ?, ?, ?)`, convId, uid, role, now);
+        }
+        conversation = {
+            id: convId,
+            type: data.type,
+            name: data.name,
+            participants: allParticipantIds.map(uid => ({
+                userId: uid,
+                displayName: '',
+                role: uid === ctx.userId ? 'owner' : 'member',
+                joinedAt: now,
+                presence: ctx.store.getPresence(uid)?.status || 'offline',
+            })),
+            createdAt: now,
+            updatedAt: now,
+            unreadCount: 0,
+        };
+    }
+    else {
+        const allParticipantIds = [ctx.userId, ...data.participantIds.filter(id => id !== ctx.userId)];
+        conversation = {
+            id: crypto.randomUUID(),
+            type: data.type,
+            name: data.name,
+            participants: allParticipantIds.map(uid => ({
+                userId: uid,
+                displayName: '',
+                role: uid === ctx.userId ? 'owner' : 'member',
+                joinedAt: now,
+                presence: ctx.store.getPresence(uid)?.status || 'offline',
+            })),
+            createdAt: now,
+            updatedAt: now,
+            unreadCount: 0,
+        };
+    }
+    // Auto-join the creator to the conversation room
+    ctx.joinRoom(`conv:${conversation.id}`);
+    // Notify the creator
+    ctx.push({ event: 'conversation:new', data: conversation });
+    // Notify other participants (they haven't joined the room yet)
+    if (ctx.emitToUser) {
+        for (const uid of data.participantIds) {
+            if (uid !== ctx.userId) {
+                ctx.emitToUser(uid, { event: 'conversation:new', data: conversation });
+            }
+        }
+    }
+}
+export async function handleConversationJoin(ctx, data) {
+    // Verify the user is an actual participant of this conversation
+    if (ctx.db) {
+        const row = await ctx.db.get('SELECT 1 FROM conversation_participants WHERE conversation_id = ? AND user_id = ?', data.conversationId, ctx.userId);
+        if (!row) {
+            ctx.push({ event: 'error', data: { code: 'FORBIDDEN', message: 'Not a participant of this conversation' } });
+            return;
+        }
+    }
+    ctx.joinRoom(`conv:${data.conversationId}`);
+    ctx.store.addConversationMember(data.conversationId, ctx.userId);
+    ctx.store.joinConversation(ctx.userId, data.conversationId);
+}
+export function handleConversationLeave(ctx, data) {
+    ctx.leaveRoom(`conv:${data.conversationId}`);
+    ctx.store.removeConversationMember(data.conversationId, ctx.userId);
+    ctx.store.leaveConversation(ctx.userId, data.conversationId);
+}
+export async function handleConversationArchive(ctx, data) {
+    // Verify the user is a participant
+    if (ctx.db) {
+        const row = await ctx.db.get('SELECT 1 FROM conversation_participants WHERE conversation_id = ? AND user_id = ?', data.conversationId, ctx.userId);
+        if (!row) {
+            ctx.push({ event: 'error', data: { code: 'FORBIDDEN', message: 'Not a participant of this conversation' } });
+            return;
+        }
+        await ctx.db.run(`UPDATE conversations SET archived = ?, updated_at = ? WHERE id = ?`, data.archived ? 1 : 0, new Date().toISOString(), data.conversationId);
+    }
+    ctx.broadcastAll(`conv:${data.conversationId}`, {
+        event: 'conversation:updated',
+        data: { id: data.conversationId, archived: data.archived },
+    });
+}
+export async function handleConversationMute(ctx, data) {
+    if (ctx.db) {
+        await ctx.db.run(`UPDATE conversation_participants SET muted = ?, updated_at = ? WHERE conversation_id = ? AND user_id = ?`, data.muted ? 1 : 0, new Date().toISOString(), data.conversationId, ctx.userId);
+    }
+    // Only notify the requesting user — mute is per-user
+    ctx.push({
+        event: 'conversation:updated',
+        data: { id: data.conversationId, muted: data.muted },
+    });
+}
+export async function handleConversationPin(ctx, data) {
+    if (ctx.db) {
+        await ctx.db.run(`UPDATE conversation_participants SET pinned = ?, updated_at = ? WHERE conversation_id = ? AND user_id = ?`, data.pinned ? 1 : 0, new Date().toISOString(), data.conversationId, ctx.userId);
+    }
+    // Only notify the requesting user — pin is per-user
+    ctx.push({
+        event: 'conversation:updated',
+        data: { id: data.conversationId, pinned: data.pinned },
+    });
+}

package/dist/communication/handlers/file-upload.d.ts

@@ -0,0 +1,17 @@
+import type { HandlerContext } from './context.js';
+/**
+ * Handle a client requesting a presigned upload URL for a chat file attachment.
+ *
+ * E2E security model:
+ *   1. Client encrypts the file locally (AES-256-GCM with a random key).
+ *   2. This handler returns a presigned PUT URL — the server never sees the plaintext.
+ *   3. Client PUTs the encrypted blob directly to storage (S3 / local).
+ *   4. The file encryption key is included inside the Signal message envelope,
+ *      encrypted per-recipient. The server cannot decrypt either the file or the key.
+ */
+export declare function handleFileUploadRequest(ctx: HandlerContext, data: {
+    conversationId: string;
+    mimeType: string;
+    size: number;
+    fileName: string;
+}): Promise<void>;

package/dist/communication/handlers/file-upload.js

@@ -0,0 +1,62 @@
+// ── File Upload (Presigned URL) ──────────────────────────────────
+/**
+ * Handle a client requesting a presigned upload URL for a chat file attachment.
+ *
+ * E2E security model:
+ *   1. Client encrypts the file locally (AES-256-GCM with a random key).
+ *   2. This handler returns a presigned PUT URL — the server never sees the plaintext.
+ *   3. Client PUTs the encrypted blob directly to storage (S3 / local).
+ *   4. The file encryption key is included inside the Signal message envelope,
+ *      encrypted per-recipient. The server cannot decrypt either the file or the key.
+ */
+export async function handleFileUploadRequest(ctx, data) {
+    if (!ctx.storage) {
+        ctx.push({
+            event: 'file:upload-error',
+            data: { code: 'STORAGE_NOT_CONFIGURED', message: 'Storage is not configured on this server.' },
+        });
+        return;
+    }
+    // Validate against file upload config
+    if (ctx.config.fileUpload) {
+        const { maxFileSize, allowedMimeTypes } = ctx.config.fileUpload;
+        if (data.size > maxFileSize) {
+            ctx.push({
+                event: 'file:upload-error',
+                data: {
+                    code: 'FILE_TOO_LARGE',
+                    message: `File size ${data.size} exceeds maximum allowed size of ${maxFileSize} bytes.`,
+                },
+            });
+            return;
+        }
+        if (allowedMimeTypes && allowedMimeTypes.length > 0 && !allowedMimeTypes.includes(data.mimeType)) {
+            ctx.push({
+                event: 'file:upload-error',
+                data: {
+                    code: 'MIME_TYPE_NOT_ALLOWED',
+                    message: `MIME type '${data.mimeType}' is not allowed.`,
+                },
+            });
+            return;
+        }
+    }
+    // Generate a unique file key scoped to the conversation
+    const fileId = crypto.randomUUID();
+    const ext = data.fileName.includes('.') ? `.${data.fileName.split('.').pop()}` : '';
+    const key = `conversations/${data.conversationId}/${fileId}${ext}`;
+    const presigned = await ctx.storage.presignPut(key, {
+        mimeType: data.mimeType,
+        expiresIn: 300, // 5 minutes to complete the upload
+        maxSize: ctx.config.fileUpload?.maxFileSize,
+    });
+    ctx.push({
+        event: 'file:upload-ready',
+        data: {
+            fileId,
+            uploadUrl: presigned.uploadUrl,
+            key: presigned.key,
+            expiresAt: presigned.expiresAt,
+        },
+    });
+}

package/dist/communication/handlers/messaging.d.ts

@@ -0,0 +1,30 @@
+import type { Message, MessageAttachment, MessageForward, EncryptedEnvelope } from '../types.js';
+import type { HandlerContext } from './context.js';
+export declare function handleMessageSend(ctx: HandlerContext, data: {
+    conversationId: string;
+    content: string;
+    type: Message['type'];
+    replyTo?: string;
+    attachment?: MessageAttachment;
+    encrypted?: boolean;
+    envelope?: EncryptedEnvelope;
+}): Promise<void>;
+export declare function handleMessageRead(ctx: HandlerContext, data: {
+    conversationId: string;
+    messageId: string;
+}): Promise<void>;
+export declare function handleMessageReact(ctx: HandlerContext, data: {
+    messageId: string;
+    conversationId: string;
+    emoji: string;
+}): Promise<void>;
+export declare function handleMessageEdit(ctx: HandlerContext, data: {
+    messageId: string;
+    conversationId: string;
+    content: string;
+}): Promise<void>;
+export declare function handleMessageDelete(ctx: HandlerContext, data: {
+    messageId: string;
+    conversationId: string;
+}): Promise<void>;
+export declare function handleMessageForward(ctx: HandlerContext, data: MessageForward): Promise<void>;

package/dist/communication/handlers/messaging.js

@@ -0,0 +1,237 @@
+// ── Messages ────────────────────────────────────────────────────
+export async function handleMessageSend(ctx, data) {
+    // ── Membership check ──────────────────────────────────────────
+    if (ctx.db) {
+        const row = await ctx.db.get('SELECT 1 FROM conversation_participants WHERE conversation_id = ? AND user_id = ?', data.conversationId, ctx.userId);
+        if (!row) {
+            ctx.push({ event: 'message:error', data: { code: 'FORBIDDEN', message: 'Not a participant of this conversation' } });
+            return;
+        }
+    }
+    else {
+        const members = ctx.store.getConversationMembers(data.conversationId);
+        if (members.size > 0 && !members.has(ctx.userId)) {
+            ctx.push({ event: 'message:error', data: { code: 'FORBIDDEN', message: 'Not a participant of this conversation' } });
+            return;
+        }
+    }
+    // ── Message length check ──────────────────────────────────────
+    const maxLen = ctx.config.maxMessageLength ?? 10_000;
+    if (data.content && data.content.length > maxLen) {
+        ctx.push({ event: 'message:error', data: { code: 'MESSAGE_TOO_LONG', message: `Message exceeds maximum length of ${maxLen} characters.` } });
+        return;
+    }
+    // ── Rate limit check ──────────────────────────────────────────
+    if (ctx.config.rateLimit) {
+        const allowed = ctx.store.checkRateLimit(ctx.userId, ctx.config.rateLimit);
+        if (!allowed) {
+            ctx.push({ event: 'message:error', data: { code: 'RATE_LIMITED', message: 'Message rate limit exceeded. Please wait before sending more messages.' } });
+            return;
+        }
+    }
+    // ── File upload validation ────────────────────────────────────
+    if (data.attachment && ctx.config.fileUpload) {
+        const { maxFileSize, allowedMimeTypes } = ctx.config.fileUpload;
+        if (data.attachment.fileSize > maxFileSize) {
+            ctx.push({ event: 'message:error', data: { code: 'FILE_TOO_LARGE', message: `File size ${data.attachment.fileSize} exceeds maximum allowed size of ${maxFileSize} bytes.` } });
+            return;
+        }
+        if (allowedMimeTypes && allowedMimeTypes.length > 0 && !allowedMimeTypes.includes(data.attachment.mimeType)) {
+            ctx.push({ event: 'message:error', data: { code: 'MIME_TYPE_NOT_ALLOWED', message: `MIME type '${data.attachment.mimeType}' is not allowed.` } });
+            return;
+        }
+    }
+    const now = new Date().toISOString();
+    let message;
+    // For encrypted messages, content is ciphertext — server stores it as opaque blob
+    const contentToStore = data.encrypted && data.envelope
+        ? JSON.stringify(data.envelope)
+        : data.content;
+    if (ctx.db) {
+        const inserted = await ctx.db.get(`INSERT INTO messages (conversation_id, sender_id, content, type, reply_to, attachment, status, encrypted, created_at)
+       VALUES (?, ?, ?, ?, ?, ?, 'sent', ?, ?) RETURNING id`, data.conversationId, ctx.userId, contentToStore, data.type, data.replyTo || null, data.attachment ? JSON.stringify(data.attachment) : null, data.encrypted ? 1 : 0, now);
+        message = {
+            id: String(inserted?.id ?? 0),
+            conversationId: data.conversationId,
+            senderId: ctx.userId,
+            content: contentToStore,
+            type: data.type,
+            createdAt: now,
+            replyTo: data.replyTo,
+            attachment: data.attachment,
+            status: 'sent',
+            readBy: [],
+            encrypted: data.encrypted,
+            envelope: data.envelope,
+        };
+        // Update conversation's last activity
+        await ctx.db.run(`UPDATE conversations SET updated_at = ? WHERE id = ?`, now, data.conversationId);
+    }
+    else {
+        // Without DB, create an in-memory message
+        message = {
+            id: crypto.randomUUID(),
+            conversationId: data.conversationId,
+            senderId: ctx.userId,
+            content: contentToStore,
+            type: data.type,
+            createdAt: now,
+            replyTo: data.replyTo,
+            attachment: data.attachment,
+            status: 'sent',
+            readBy: [],
+            encrypted: data.encrypted,
+            envelope: data.envelope,
+        };
+    }
+    // Clear typing indicator since the user just sent a message
+    ctx.store.clearTyping(data.conversationId, ctx.userId);
+    // Notify sender that the message has been persisted
+    ctx.push({ event: 'message:status', data: { messageId: message.id, status: 'sent' } });
+    // Broadcast to all participants in the conversation
+    ctx.broadcastAll(`conv:${data.conversationId}`, { event: 'message:new', data: message });
+    // Check if any recipient in the conversation has a connected socket
+    const members = ctx.store.getConversationMembers(data.conversationId);
+    const hasOnlineRecipient = Array.from(members).some((uid) => uid !== ctx.userId && ctx.store.isUserOnline(uid));
+    if (hasOnlineRecipient) {
+        if (ctx.db) {
+            await ctx.db.run(`UPDATE messages SET status = 'delivered' WHERE id = ? AND status = 'sent'`, message.id);
+        }
+        message.status = 'delivered';
+        ctx.push({ event: 'message:status', data: { messageId: message.id, status: 'delivered' } });
+    }
+}
+export async function handleMessageRead(ctx, data) {
+    const now = new Date().toISOString();
+    const receipt = { userId: ctx.userId, readAt: now };
+    if (ctx.db) {
+        // Insert read receipt (ignore duplicates)
+        await ctx.db.run(`INSERT OR IGNORE INTO read_receipts (message_id, user_id, read_at) VALUES (?, ?, ?)`, data.messageId, ctx.userId, now);
+        // Update message status to 'read' if all participants have read it
+        await ctx.db.run(`UPDATE messages SET status = 'read' WHERE id = ? AND status != 'read'`, data.messageId);
+    }
+    ctx.broadcastAll(`conv:${data.conversationId}`, {
+        event: 'read-receipt:update',
+        data: { conversationId: data.conversationId, messageId: data.messageId, readBy: receipt },
+    });
+    // Emit message:status so clients can update delivery indicators
+    ctx.broadcastAll(`conv:${data.conversationId}`, {
+        event: 'message:status',
+        data: { messageId: data.messageId, status: 'read' },
+    });
+}
+// ── Message Reactions ────────────────────────────────────────────
+export async function handleMessageReact(ctx, data) {
+    if (ctx.db) {
+        // Toggle: if already reacted with this emoji, remove it
+        const existing = await ctx.db.get('SELECT 1 FROM message_reactions WHERE message_id = ? AND user_id = ? AND emoji = ?', data.messageId, ctx.userId, data.emoji);
+        if (existing) {
+            await ctx.db.run('DELETE FROM message_reactions WHERE message_id = ? AND user_id = ? AND emoji = ?', data.messageId, ctx.userId, data.emoji);
+        }
+        else {
+            await ctx.db.run('INSERT INTO message_reactions (message_id, user_id, emoji) VALUES (?, ?, ?)', data.messageId, ctx.userId, data.emoji);
+        }
+        // Fetch all reactions for this message
+        const reactions = await ctx.db.all('SELECT emoji, COUNT(*) as count, GROUP_CONCAT(user_id) as users FROM message_reactions WHERE message_id = ? GROUP BY emoji', data.messageId);
+        ctx.broadcastAll(`conv:${data.conversationId}`, {
+            event: 'message:reaction-update',
+            data: { messageId: data.messageId, reactions: reactions.map((r) => ({ emoji: r.emoji, count: r.count, users: r.users.split(',') })) },
+        });
+    }
+    else {
+        // Without DB, just broadcast the reaction event
+        ctx.broadcastAll(`conv:${data.conversationId}`, {
+            event: 'message:reaction-update',
+            data: { messageId: data.messageId, reactions: [{ emoji: data.emoji, count: 1, users: [ctx.userId] }] },
+        });
+    }
+}
+// ── Message Edit ────────────────────────────────────────────────
+export async function handleMessageEdit(ctx, data) {
+    const now = new Date().toISOString();
+    if (ctx.db) {
+        // Only allow sender to edit — return early if not the owner
+        const msg = await ctx.db.get('SELECT sender_id FROM messages WHERE id = ?', data.messageId);
+        if (!msg || msg.sender_id !== ctx.userId)
+            return;
+        await ctx.db.run('UPDATE messages SET content = ?, updated_at = ? WHERE id = ? AND sender_id = ?', data.content, now, data.messageId, ctx.userId);
+    }
+    ctx.broadcastAll(`conv:${data.conversationId}`, {
+        event: 'message:updated',
+        data: { messageId: data.messageId, content: data.content, updatedAt: now, editedBy: ctx.userId },
+    });
+}
+// ── Message Delete ──────────────────────────────────────────────
+export async function handleMessageDelete(ctx, data) {
+    if (ctx.db) {
+        // Only allow sender to delete — return early if not the owner
+        const msg = await ctx.db.get('SELECT sender_id FROM messages WHERE id = ?', data.messageId);
+        if (!msg || msg.sender_id !== ctx.userId)
+            return;
+        await ctx.db.run("UPDATE messages SET content = '', type = 'system', updated_at = ? WHERE id = ? AND sender_id = ?", new Date().toISOString(), data.messageId, ctx.userId);
+    }
+    ctx.broadcastAll(`conv:${data.conversationId}`, {
+        event: 'message:deleted',
+        data: { messageId: data.messageId, conversationId: data.conversationId, deletedBy: ctx.userId },
+    });
+}
+// ── Message Forward ─────────────────────────────────────────────
+export async function handleMessageForward(ctx, data) {
+    // Verify user is a participant of both source and target conversations
+    if (ctx.db) {
+        const inSource = await ctx.db.get('SELECT 1 FROM conversation_participants WHERE conversation_id = ? AND user_id = ?', data.fromConversationId, ctx.userId);
+        if (!inSource) {
+            ctx.push({ event: 'message:error', data: { code: 'FORBIDDEN', message: 'Not a participant of the source conversation' } });
+            return;
+        }
+        const inTarget = await ctx.db.get('SELECT 1 FROM conversation_participants WHERE conversation_id = ? AND user_id = ?', data.toConversationId, ctx.userId);
+        if (!inTarget) {
+            ctx.push({ event: 'message:error', data: { code: 'FORBIDDEN', message: 'Not a participant of the target conversation' } });
+            return;
+        }
+    }
+    const now = new Date().toISOString();
+    if (ctx.db) {
+        // Fetch the original message
+        const original = await ctx.db.get(`SELECT * FROM messages WHERE id = ?`, data.messageId);
+        if (!original)
+            return;
+        // Insert a forwarded copy into the target conversation
+        const fwdInserted = await ctx.db.get(`INSERT INTO messages (conversation_id, sender_id, content, type, status, encrypted, created_at, forwarded_from_conversation_id, forwarded_from_message_id)
+       VALUES (?, ?, ?, ?, 'sent', ?, ?, ?, ?) RETURNING id`, data.toConversationId, ctx.userId, original.content, original.type, original.encrypted || 0, now, data.fromConversationId, data.messageId);
+        const forwarded = {
+            id: String(fwdInserted?.id ?? 0),
+            conversationId: data.toConversationId,
+            senderId: ctx.userId,
+            content: original.content,
+            type: original.type,
+            createdAt: now,
+            status: 'sent',
+            readBy: [],
+            encrypted: !!original.encrypted,
+            forwardedFrom: {
+                conversationId: data.fromConversationId,
+                messageId: data.messageId,
+            },
+        };
+        await ctx.db.run(`UPDATE conversations SET updated_at = ? WHERE id = ?`, now, data.toConversationId);
+        ctx.broadcastAll(`conv:${data.toConversationId}`, { event: 'message:forwarded', data: forwarded });
+    }
+    else {
+        const forwarded = {
+            id: crypto.randomUUID(),
+            conversationId: data.toConversationId,
+            senderId: ctx.userId,
+            content: '',
+            type: 'text',
+            createdAt: now,
+            status: 'sent',
+            readBy: [],
+            forwardedFrom: {
+                conversationId: data.fromConversationId,
+                messageId: data.messageId,
+            },
+        };
+        ctx.broadcastAll(`conv:${data.toConversationId}`, { event: 'message:forwarded', data: forwarded });
+    }
+}

package/dist/communication/handlers/presence.d.ts

@@ -0,0 +1,15 @@
+import type { PresenceStatus } from '../types.js';
+import type { HandlerContext } from './context.js';
+export declare function handleTypingStart(ctx: HandlerContext, data: {
+    conversationId: string;
+}): void;
+export declare function handleTypingStop(ctx: HandlerContext, data: {
+    conversationId: string;
+}): void;
+/** Broadcast online status to all conversation rooms when a user connects */
+export declare function handleConnect(ctx: HandlerContext): void;
+export declare function handlePresenceUpdate(ctx: HandlerContext, data: {
+    status: PresenceStatus;
+}): void;
+/** Called on disconnect to clean up user state */
+export declare function handleDisconnect(ctx: HandlerContext, socketId: string): void;