@payez/next-mvp 3.0.0

package/dist/api-handlers/admin/sessions.js

@@ -0,0 +1,284 @@
+"use strict";
+/**
+ * Admin Sessions API Handler
+ *
+ * Provides admin-level access to login sessions using service account credentials.
+ * Used by SessionsTab component.
+ *
+ * @version 1.0
+ * @requires Admin role (vibe_app_admin or payez_admin)
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createSessionsHandler = createSessionsHandler;
+const server_1 = require("next/server");
+const next_auth_1 = require("next-auth");
+const startup_init_1 = require("../../lib/startup-init");
+const roles_1 = require("../../lib/roles");
+/**
+ * Check if the current user has admin role
+ */
+async function checkAdminRole(getAuthOptions) {
+    const authOptions = await getAuthOptions();
+    const session = await (0, next_auth_1.getServerSession)(authOptions);
+    if (!session?.user) {
+        return {
+            isAdmin: false,
+            error: server_1.NextResponse.json({ success: false, error: 'Please sign in' }, { status: 401 }),
+        };
+    }
+    const userRoles = session.user?.roles || [];
+    const hasAdminRole = roles_1.ADMIN_ROLES.some(role => userRoles.includes(role));
+    if (!hasAdminRole) {
+        return {
+            isAdmin: false,
+            error: server_1.NextResponse.json({ success: false, error: 'Admin access required' }, { status: 403 }),
+        };
+    }
+    return { isAdmin: true, userId: session.user?.id };
+}
+/**
+ * Make a service account request to Vibe (admin mode)
+ */
+async function vibeServiceRequest(endpoint, options) {
+    const idpUrl = process.env.NEXT_PUBLIC_IDP_URL || process.env.IDP_URL;
+    const clientId = process.env.VIBE_CLIENT_ID;
+    const signingKey = process.env.VIBE_HMAC_KEY;
+    if (!idpUrl || !clientId || !signingKey) {
+        return { ok: false, status: 500, data: null, error: 'Vibe not configured' };
+    }
+    const timestamp = Math.floor(Date.now() / 1000);
+    const stringToSign = `${timestamp}|${options.method}|${endpoint}`;
+    const crypto = await Promise.resolve().then(() => __importStar(require('crypto')));
+    const signature = crypto
+        .createHmac('sha256', Buffer.from(signingKey, 'base64'))
+        .update(stringToSign)
+        .digest('base64');
+    const proxyUrl = `${idpUrl}/api/vibe/proxy`;
+    // Get the numeric client ID from startup config for multi-client admin support
+    const idpConfig = (0, startup_init_1.getStartupIDPConfig)();
+    const numericClientId = idpConfig?.clientId;
+    try {
+        const res = await fetch(proxyUrl, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+                'X-Vibe-Client-Id': clientId,
+                'X-Vibe-Timestamp': String(timestamp),
+                'X-Vibe-Signature': signature,
+                ...(numericClientId && { 'X-Client-Id': String(numericClientId) }),
+            },
+            body: JSON.stringify({
+                endpoint,
+                method: options.method,
+                data: options.body ?? null,
+            }),
+            cache: 'no-store',
+        });
+        if (res.status === 204) {
+            return { ok: true, status: 204, data: null };
+        }
+        if (!res.ok) {
+            const errorText = await res.text();
+            return { ok: false, status: res.status, data: null, error: errorText };
+        }
+        const body = await res.json();
+        return { ok: true, status: res.status, data: body };
+    }
+    catch (error) {
+        return { ok: false, status: 0, data: null, error: String(error) };
+    }
+}
+// Country code to flag emoji mapping
+function getCountryFlag(countryCode) {
+    if (!countryCode || countryCode.length !== 2)
+        return '';
+    const codePoints = countryCode
+        .toUpperCase()
+        .split('')
+        .map(char => 127397 + char.charCodeAt(0));
+    return String.fromCodePoint(...codePoints);
+}
+/**
+ * GET /api/admin/sessions - List sessions
+ * POST /api/admin/sessions - Stats, revoke actions
+ */
+function createSessionsHandler(config) {
+    return {
+        async GET(request) {
+            const adminCheck = await checkAdminRole(config.getAuthOptions);
+            if (adminCheck.error)
+                return adminCheck.error;
+            const { searchParams } = new URL(request.url);
+            const status = searchParams.get('status');
+            const email = searchParams.get('email');
+            // Build query for login_sessions table
+            const queryBody = {
+                page: 1,
+                pageSize: 100,
+                orderBy: 'created_at',
+                orderDirection: 'desc',
+            };
+            // Build filter conditions
+            const conditions = [];
+            if (status && status !== 'all') {
+                conditions.push({ field: 'status', operator: 'eq', value: status });
+            }
+            if (email) {
+                conditions.push({ field: 'email', operator: 'like', value: `%${email}%` });
+            }
+            if (conditions.length === 1) {
+                queryBody.filter = conditions[0];
+            }
+            else if (conditions.length > 1) {
+                queryBody.filter = { operator: 'and', conditions };
+            }
+            const result = await vibeServiceRequest('/v1/collections/vibe_app/tables/login_sessions/query', { method: 'POST', body: queryBody });
+            if (!result.ok) {
+                return server_1.NextResponse.json({ error: result.error }, { status: result.status || 500 });
+            }
+            // Extract sessions from response
+            const rawSessions = result.data?.data || result.data?.documents || [];
+            const sessions = rawSessions.map((s) => ({
+                id: s.id || s.document_id,
+                idp_user_id: s.idp_user_id || s.user_id,
+                email: s.email || '',
+                name: s.name || s.display_name || '',
+                status: s.status || 'active',
+                ip_address: s.ip_address || s.ip,
+                city: s.city,
+                region: s.region,
+                country_code: s.country_code || s.country,
+                device_type: s.device_type || s.device,
+                browser: s.browser,
+                os: s.os,
+                created_at: s.created_at,
+                last_activity: s.last_activity || s.updated_at,
+                revoked_at: s.revoked_at,
+                revoked_by: s.revoked_by,
+                country_flag: getCountryFlag(s.country_code || s.country || ''),
+            }));
+            return server_1.NextResponse.json({ sessions });
+        },
+        async POST(request) {
+            const adminCheck = await checkAdminRole(config.getAuthOptions);
+            if (adminCheck.error)
+                return adminCheck.error;
+            const body = await request.json();
+            const { action, sessionId, userId } = body;
+            if (action === 'stats') {
+                // Get all sessions for stats calculation
+                const result = await vibeServiceRequest('/v1/collections/vibe_app/tables/login_sessions/query', { method: 'POST', body: { page: 1, pageSize: 1000 } });
+                if (!result.ok) {
+                    return server_1.NextResponse.json({ error: result.error }, { status: result.status || 500 });
+                }
+                const sessions = result.data?.data || result.data?.documents || [];
+                // Calculate stats
+                const now = new Date();
+                const oneDayAgo = new Date(now.getTime() - 24 * 60 * 60 * 1000);
+                const stats = {
+                    totalActive: sessions.filter((s) => s.status === 'active').length,
+                    totalRevoked: sessions.filter((s) => s.status === 'revoked').length,
+                    uniqueUsers: new Set(sessions.map((s) => s.idp_user_id || s.user_id)).size,
+                    recentLogins: sessions.filter((s) => new Date(s.created_at) > oneDayAgo).length,
+                    byCountryWithFlags: {},
+                    byDevice: {},
+                };
+                // Count by country
+                sessions.forEach((s) => {
+                    const country = s.country_code || s.country || 'Unknown';
+                    if (!stats.byCountryWithFlags[country]) {
+                        stats.byCountryWithFlags[country] = { count: 0, flag: getCountryFlag(country) };
+                    }
+                    stats.byCountryWithFlags[country].count++;
+                    const device = s.device_type || s.device || 'Unknown';
+                    stats.byDevice[device] = (stats.byDevice[device] || 0) + 1;
+                });
+                return server_1.NextResponse.json({ stats });
+            }
+            if (action === 'revoke' && sessionId) {
+                // Revoke single session
+                const result = await vibeServiceRequest(`/v1/collections/vibe_app/tables/login_sessions/${sessionId}`, {
+                    method: 'PUT',
+                    body: {
+                        status: 'revoked',
+                        revoked_at: new Date().toISOString(),
+                        revoked_by: `admin:${adminCheck.userId}`,
+                    },
+                });
+                if (!result.ok) {
+                    return server_1.NextResponse.json({ error: result.error }, { status: result.status || 500 });
+                }
+                return server_1.NextResponse.json({ success: true });
+            }
+            if (action === 'revoke_all' && userId) {
+                // Get all active sessions for user
+                const queryResult = await vibeServiceRequest('/v1/collections/vibe_app/tables/login_sessions/query', {
+                    method: 'POST',
+                    body: {
+                        filter: {
+                            operator: 'and',
+                            conditions: [
+                                { field: 'idp_user_id', operator: 'eq', value: userId },
+                                { field: 'status', operator: 'eq', value: 'active' },
+                            ],
+                        },
+                    },
+                });
+                if (!queryResult.ok) {
+                    return server_1.NextResponse.json({ error: queryResult.error }, { status: queryResult.status || 500 });
+                }
+                const sessions = queryResult.data?.data || queryResult.data?.documents || [];
+                let revokedCount = 0;
+                // Revoke each session
+                for (const session of sessions) {
+                    const id = session.id || session.document_id;
+                    const result = await vibeServiceRequest(`/v1/collections/vibe_app/tables/login_sessions/${id}`, {
+                        method: 'PUT',
+                        body: {
+                            status: 'revoked',
+                            revoked_at: new Date().toISOString(),
+                            revoked_by: `admin:${adminCheck.userId}`,
+                        },
+                    });
+                    if (result.ok)
+                        revokedCount++;
+                }
+                return server_1.NextResponse.json({ success: true, revokedCount });
+            }
+            return server_1.NextResponse.json({ error: 'Invalid action' }, { status: 400 });
+        },
+    };
+}

package/dist/api-handlers/admin/site-logs.d.ts

@@ -0,0 +1,46 @@
+/**
+ * Admin Site Logs API Handlers
+ *
+ * Provides admin-level access to site activity logs.
+ * - GET /site-logs - Query logs from Vibe
+ * - POST /site-logs - Create test log entries via Redis queue
+ * - GET /site-logs/stats - Aggregated stats { total, unique_users, by_level, by_category }
+ * - POST /site-logs/drain - Manual drain trigger
+ * - GET /site-logs/queue - Redis queue status
+ *
+ * @version 1.0
+ * @requires Admin role (vibe_app_admin or payez_admin)
+ */
+import { NextRequest, NextResponse } from 'next/server';
+export interface SiteLogsHandlerConfig {
+    getAuthOptions: () => Promise<any>;
+    vibeApiUrl?: string;
+    appSlug?: string;
+    vibeClientId?: string;
+}
+/**
+ * Create main site-logs handler (GET query, POST create test entries)
+ */
+export declare function createSiteLogsHandler(config: SiteLogsHandlerConfig): {
+    GET(request: NextRequest): Promise<NextResponse<any>>;
+    POST(request: NextRequest): Promise<NextResponse<unknown>>;
+};
+/**
+ * Create site-logs stats handler
+ * Returns: { total, unique_users, by_level, by_category }
+ */
+export declare function createSiteLogsStatsHandler(config: SiteLogsHandlerConfig): {
+    GET(request: NextRequest): Promise<NextResponse<any>>;
+};
+/**
+ * Create site-logs drain handler (manual trigger)
+ */
+export declare function createSiteLogsDrainHandler(config: SiteLogsHandlerConfig): {
+    POST(request: NextRequest): Promise<NextResponse<any>>;
+};
+/**
+ * Create site-logs queue status handler
+ */
+export declare function createSiteLogsQueueHandler(config: SiteLogsHandlerConfig): {
+    GET(request: NextRequest): Promise<NextResponse<unknown>>;
+};

package/dist/api-handlers/admin/site-logs.js

@@ -0,0 +1,318 @@
+"use strict";
+/**
+ * Admin Site Logs API Handlers
+ *
+ * Provides admin-level access to site activity logs.
+ * - GET /site-logs - Query logs from Vibe
+ * - POST /site-logs - Create test log entries via Redis queue
+ * - GET /site-logs/stats - Aggregated stats { total, unique_users, by_level, by_category }
+ * - POST /site-logs/drain - Manual drain trigger
+ * - GET /site-logs/queue - Redis queue status
+ *
+ * @version 1.0
+ * @requires Admin role (vibe_app_admin or payez_admin)
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createSiteLogsHandler = createSiteLogsHandler;
+exports.createSiteLogsStatsHandler = createSiteLogsStatsHandler;
+exports.createSiteLogsDrainHandler = createSiteLogsDrainHandler;
+exports.createSiteLogsQueueHandler = createSiteLogsQueueHandler;
+const server_1 = require("next/server");
+const next_auth_1 = require("next-auth");
+const redis_1 = require("../../lib/redis");
+const roles_1 = require("../../lib/roles");
+const REDIS_SITE_LOG_KEY = 'vibe:site-logs:pending';
+const REDIS_LOG_TTL = 7 * 24 * 60 * 60; // 1 week
+/**
+ * Check if the current user has admin role
+ */
+async function checkAdminRole(getAuthOptions) {
+    const authOptions = await getAuthOptions();
+    const session = await (0, next_auth_1.getServerSession)(authOptions);
+    if (!session?.user) {
+        return {
+            isAdmin: false,
+            error: server_1.NextResponse.json({ success: false, error: 'Please sign in' }, { status: 401 }),
+        };
+    }
+    const userRoles = session.user?.roles || [];
+    const hasAdminRole = roles_1.ADMIN_ROLES.some(role => userRoles.includes(role));
+    if (!hasAdminRole) {
+        return {
+            isAdmin: false,
+            error: server_1.NextResponse.json({ success: false, error: 'Admin access required' }, { status: 403 }),
+        };
+    }
+    return {
+        isAdmin: true,
+        userId: session.user?.id,
+        accessToken: session.accessToken,
+        clientId: session.clientId,
+    };
+}
+function getVibeApiUrl(config) {
+    if (config.vibeApiUrl)
+        return config.vibeApiUrl;
+    const url = process.env.VIBE_API_URL;
+    if (url)
+        return url;
+    if (process.env.NODE_ENV !== 'production')
+        return 'http://localhost:37933';
+    throw new Error('VIBE_API_URL is required in production');
+}
+/**
+ * Create main site-logs handler (GET query, POST create test entries)
+ */
+function createSiteLogsHandler(config) {
+    return {
+        async GET(request) {
+            const adminCheck = await checkAdminRole(config.getAuthOptions);
+            if (adminCheck.error)
+                return adminCheck.error;
+            const { searchParams } = new URL(request.url);
+            const vibeUrl = getVibeApiUrl(config);
+            // Forward query params
+            const params = new URLSearchParams();
+            if (searchParams.get('level'))
+                params.set('level', searchParams.get('level'));
+            if (searchParams.get('category'))
+                params.set('category', searchParams.get('category'));
+            if (searchParams.get('search'))
+                params.set('search', searchParams.get('search'));
+            if (searchParams.get('from'))
+                params.set('from', searchParams.get('from'));
+            if (searchParams.get('to'))
+                params.set('to', searchParams.get('to'));
+            if (searchParams.get('user_id'))
+                params.set('user_id', searchParams.get('user_id'));
+            if (searchParams.get('limit'))
+                params.set('limit', searchParams.get('limit'));
+            if (searchParams.get('offset'))
+                params.set('offset', searchParams.get('offset'));
+            const headers = {
+                'Authorization': `Bearer ${adminCheck.accessToken}`,
+                'Content-Type': 'application/json',
+            };
+            if (adminCheck.clientId) {
+                headers['X-Client-Id'] = adminCheck.clientId;
+            }
+            try {
+                const response = await fetch(`${vibeUrl}/v1/admin/site-logs?${params}`, { headers });
+                if (!response.ok) {
+                    const errorText = await response.text();
+                    console.error('[admin/site-logs] Vibe error:', response.status, errorText);
+                    return server_1.NextResponse.json({ error: 'Failed to fetch site logs', details: errorText }, { status: response.status });
+                }
+                const data = await response.json();
+                return server_1.NextResponse.json(data);
+            }
+            catch (error) {
+                console.error('[admin/site-logs] Error:', error);
+                return server_1.NextResponse.json({ error: error.message || 'Internal error' }, { status: 500 });
+            }
+        },
+        async POST(request) {
+            const adminCheck = await checkAdminRole(config.getAuthOptions);
+            if (adminCheck.error)
+                return adminCheck.error;
+            try {
+                const body = await request.json();
+                const redis = (0, redis_1.getRedis)();
+                const userAgent = request.headers.get('user-agent') || null;
+                const ipAddress = request.headers.get('x-forwarded-for')?.split(',')[0] || null;
+                const baseRecord = {
+                    user_agent: userAgent,
+                    ip_address: ipAddress,
+                    created_at: new Date().toISOString(),
+                    app_slug: config.appSlug || process.env.APP_SLUG || process.env.CLIENT_ID || 'unknown',
+                    vibe_client_id: config.vibeClientId || process.env.VIBE_CLIENT_ID || '',
+                };
+                // If generateAll=true, create one of each event type
+                if (body.generate_all) {
+                    const testEvents = [
+                        { log_level: 'debug', category: 'api', message: 'Test: API request traced', context: { endpoint: '/api/test', method: 'GET' }, url: '/api/test' },
+                        { log_level: 'info', category: 'auth', message: 'Test: User logged in', context: { method: 'password' }, user_id: 1, url: '/api/auth/callback' },
+                        { log_level: 'info', category: 'page_view', message: 'Test: Page viewed', context: { referrer: '/dashboard' }, user_id: 1, url: '/admin/activity' },
+                        { log_level: 'info', category: 'user_action', message: 'Test: Button clicked', context: { target: 'submit-btn' }, user_id: 1, url: '/admin/activity' },
+                        { log_level: 'warn', category: 'auth', message: 'Test: Login failed', context: { reason: 'invalid_password' }, url: '/api/auth/login' },
+                        { log_level: 'error', category: 'error', message: 'Test: Application error', context: { error: 'TestError', stack: 'at test()' }, url: '/api/test' },
+                    ];
+                    for (const event of testEvents) {
+                        const logRecord = JSON.stringify({ ...baseRecord, ...event, session_id: null });
+                        await redis.lpush(REDIS_SITE_LOG_KEY, logRecord);
+                    }
+                    await redis.expire(REDIS_SITE_LOG_KEY, REDIS_LOG_TTL);
+                    const queueLen = await redis.llen(REDIS_SITE_LOG_KEY);
+                    return server_1.NextResponse.json({
+                        success: true,
+                        message: `Created ${testEvents.length} test events`,
+                        queue_length: queueLen,
+                        events: testEvents.map(e => ({ level: e.log_level, category: e.category, message: e.message })),
+                        note: 'Events will appear after drain service processes them',
+                    }, { status: 201 });
+                }
+                // Single event creation
+                const logRecord = JSON.stringify({
+                    ...baseRecord,
+                    log_level: body.level || 'info',
+                    category: body.category || 'user_action',
+                    message: body.message || 'Test log entry',
+                    context: body.context || { source: 'admin-test' },
+                    user_id: body.user_id || null,
+                    session_id: null,
+                    url: body.url || '/admin/activity',
+                });
+                await redis.lpush(REDIS_SITE_LOG_KEY, logRecord);
+                await redis.expire(REDIS_SITE_LOG_KEY, REDIS_LOG_TTL);
+                const queueLen = await redis.llen(REDIS_SITE_LOG_KEY);
+                return server_1.NextResponse.json({
+                    success: true,
+                    message: 'Test log created',
+                    queue_length: queueLen,
+                    note: 'Log will appear after drain service processes it (every 5 seconds)',
+                }, { status: 201 });
+            }
+            catch (error) {
+                console.error('[admin/site-logs] POST Error:', error);
+                return server_1.NextResponse.json({ error: error.message || 'Internal error' }, { status: 500 });
+            }
+        },
+    };
+}
+/**
+ * Create site-logs stats handler
+ * Returns: { total, unique_users, by_level, by_category }
+ */
+function createSiteLogsStatsHandler(config) {
+    return {
+        async GET(request) {
+            const adminCheck = await checkAdminRole(config.getAuthOptions);
+            if (adminCheck.error)
+                return adminCheck.error;
+            const { searchParams } = new URL(request.url);
+            const vibeUrl = getVibeApiUrl(config);
+            const params = new URLSearchParams();
+            if (searchParams.get('from'))
+                params.set('from', searchParams.get('from'));
+            if (searchParams.get('to'))
+                params.set('to', searchParams.get('to'));
+            const headers = {
+                'Authorization': `Bearer ${adminCheck.accessToken}`,
+                'Content-Type': 'application/json',
+            };
+            if (adminCheck.clientId) {
+                headers['X-Client-Id'] = adminCheck.clientId;
+            }
+            try {
+                const response = await fetch(`${vibeUrl}/v1/admin/site-logs/stats?${params}`, { headers });
+                if (!response.ok) {
+                    const errorText = await response.text();
+                    console.error('[admin/site-logs/stats] Vibe error:', response.status, errorText);
+                    return server_1.NextResponse.json({ error: 'Failed to fetch stats', details: errorText }, { status: response.status });
+                }
+                const data = await response.json();
+                // Ensure response matches expected format: { total, unique_users, by_level, by_category }
+                return server_1.NextResponse.json(data);
+            }
+            catch (error) {
+                console.error('[admin/site-logs/stats] Error:', error);
+                return server_1.NextResponse.json({ error: error.message || 'Internal error' }, { status: 500 });
+            }
+        },
+    };
+}
+/**
+ * Create site-logs drain handler (manual trigger)
+ */
+function createSiteLogsDrainHandler(config) {
+    return {
+        async POST(request) {
+            const adminCheck = await checkAdminRole(config.getAuthOptions);
+            if (adminCheck.error)
+                return adminCheck.error;
+            const { searchParams } = new URL(request.url);
+            const maxEntries = searchParams.get('max_entries') || '100';
+            const vibeUrl = getVibeApiUrl(config);
+            const headers = {
+                'Authorization': `Bearer ${adminCheck.accessToken}`,
+                'Content-Type': 'application/json',
+            };
+            if (adminCheck.clientId) {
+                headers['X-Client-Id'] = adminCheck.clientId;
+            }
+            try {
+                const response = await fetch(`${vibeUrl}/v1/admin/site-logs/drain?maxEntries=${maxEntries}`, {
+                    method: 'POST',
+                    headers,
+                });
+                if (!response.ok) {
+                    const errorText = await response.text();
+                    console.error('[admin/site-logs/drain] Vibe error:', response.status, errorText);
+                    return server_1.NextResponse.json({ error: 'Failed to drain site logs', details: errorText }, { status: response.status });
+                }
+                const data = await response.json();
+                return server_1.NextResponse.json(data);
+            }
+            catch (error) {
+                console.error('[admin/site-logs/drain] Error:', error);
+                return server_1.NextResponse.json({ error: error.message || 'Internal error' }, { status: 500 });
+            }
+        },
+    };
+}
+/**
+ * Create site-logs queue status handler
+ */
+function createSiteLogsQueueHandler(config) {
+    return {
+        async GET(request) {
+            const adminCheck = await checkAdminRole(config.getAuthOptions);
+            if (adminCheck.error)
+                return adminCheck.error;
+            try {
+                const redis = (0, redis_1.getRedis)();
+                const queueLength = await redis.llen(REDIS_SITE_LOG_KEY);
+                // Peek at the oldest and newest entries
+                let oldest_entry = null;
+                let newest_entry = null;
+                if (queueLength > 0) {
+                    const oldest = await redis.lindex(REDIS_SITE_LOG_KEY, -1); // RPOP side (oldest)
+                    const newest = await redis.lindex(REDIS_SITE_LOG_KEY, 0); // LPUSH side (newest)
+                    if (oldest) {
+                        try {
+                            const parsed = JSON.parse(oldest);
+                            oldest_entry = {
+                                message: parsed.message,
+                                level: parsed.log_level,
+                                timestamp: parsed.created_at || parsed.queued_at,
+                            };
+                        }
+                        catch { }
+                    }
+                    if (newest) {
+                        try {
+                            const parsed = JSON.parse(newest);
+                            newest_entry = {
+                                message: parsed.message,
+                                level: parsed.log_level,
+                                timestamp: parsed.created_at || parsed.queued_at,
+                            };
+                        }
+                        catch { }
+                    }
+                }
+                return server_1.NextResponse.json({
+                    queue_length: queueLength,
+                    redis_key: REDIS_SITE_LOG_KEY,
+                    oldest_entry,
+                    newest_entry,
+                    status: queueLength === 0 ? 'empty' : 'pending',
+                });
+            }
+            catch (error) {
+                console.error('[admin/site-logs/queue] Error:', error);
+                return server_1.NextResponse.json({ error: error.message || 'Internal error' }, { status: 500 });
+            }
+        },
+    };
+}

package/dist/api-handlers/admin/users.d.ts

@@ -0,0 +1,20 @@
+/**
+ * Admin Users API Handler
+ *
+ * Provides admin-level access to users using service account credentials.
+ *
+ * @version 1.0
+ * @requires Admin role (vibe_app_admin or payez_admin)
+ */
+import { NextRequest, NextResponse } from 'next/server';
+export interface AdminUsersHandlerConfig {
+    getAuthOptions: () => Promise<any>;
+}
+/**
+ * GET /api/admin/users - List users
+ * POST /api/admin/users - Stats, search, update tier
+ */
+export declare function createUsersHandler(config: AdminUsersHandlerConfig): {
+    GET(request: NextRequest): Promise<NextResponse<unknown>>;
+    POST(request: NextRequest): Promise<NextResponse<unknown>>;
+};