npm - @payez/next-mvp - Versions diffs - 3.0.0 - Mend

@payez/next-mvp 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (654) hide show

package/README.md +782 -0
package/dist/api/auth-handler.d.ts +67 -0
package/dist/api/auth-handler.js +397 -0
package/dist/api/index.d.ts +10 -0
package/dist/api/index.js +19 -0
package/dist/api-handlers/account/change-password.d.ts +9 -0
package/dist/api-handlers/account/change-password.js +112 -0
package/dist/api-handlers/account/masked-info.d.ts +2 -0
package/dist/api-handlers/account/masked-info.js +41 -0
package/dist/api-handlers/account/profile.d.ts +3 -0
package/dist/api-handlers/account/profile.js +63 -0
package/dist/api-handlers/account/recovery/initiate.d.ts +2 -0
package/dist/api-handlers/account/recovery/initiate.js +26 -0
package/dist/api-handlers/account/recovery/send-code.d.ts +2 -0
package/dist/api-handlers/account/recovery/send-code.js +28 -0
package/dist/api-handlers/account/recovery/verify-code.d.ts +2 -0
package/dist/api-handlers/account/recovery/verify-code.js +28 -0
package/dist/api-handlers/account/reset-password.d.ts +2 -0
package/dist/api-handlers/account/reset-password.js +26 -0
package/dist/api-handlers/account/send-code.d.ts +24 -0
package/dist/api-handlers/account/send-code.js +60 -0
package/dist/api-handlers/account/update-phone.d.ts +27 -0
package/dist/api-handlers/account/update-phone.js +64 -0
package/dist/api-handlers/account/validate-password.d.ts +17 -0
package/dist/api-handlers/account/validate-password.js +81 -0
package/dist/api-handlers/account/verify-email.d.ts +26 -0
package/dist/api-handlers/account/verify-email.js +106 -0
package/dist/api-handlers/account/verify-sms.d.ts +26 -0
package/dist/api-handlers/account/verify-sms.js +106 -0
package/dist/api-handlers/admin/analytics.d.ts +20 -0
package/dist/api-handlers/admin/analytics.js +379 -0
package/dist/api-handlers/admin/audit.d.ts +20 -0
package/dist/api-handlers/admin/audit.js +214 -0
package/dist/api-handlers/admin/index.d.ts +21 -0
package/dist/api-handlers/admin/index.js +41 -0
package/dist/api-handlers/admin/redis-sessions.d.ts +36 -0
package/dist/api-handlers/admin/redis-sessions.js +204 -0
package/dist/api-handlers/admin/sessions.d.ts +21 -0
package/dist/api-handlers/admin/sessions.js +284 -0
package/dist/api-handlers/admin/site-logs.d.ts +46 -0
package/dist/api-handlers/admin/site-logs.js +318 -0
package/dist/api-handlers/admin/users.d.ts +20 -0
package/dist/api-handlers/admin/users.js +222 -0
package/dist/api-handlers/admin/vibe-data.d.ts +80 -0
package/dist/api-handlers/admin/vibe-data.js +268 -0
package/dist/api-handlers/anon/preferences.d.ts +37 -0
package/dist/api-handlers/anon/preferences.js +96 -0
package/dist/api-handlers/auth/jwks.d.ts +2 -0
package/dist/api-handlers/auth/jwks.js +24 -0
package/dist/api-handlers/auth/login.d.ts +42 -0
package/dist/api-handlers/auth/login.js +178 -0
package/dist/api-handlers/auth/refresh.d.ts +74 -0
package/dist/api-handlers/auth/refresh.js +635 -0
package/dist/api-handlers/auth/signout.d.ts +37 -0
package/dist/api-handlers/auth/signout.js +187 -0
package/dist/api-handlers/auth/status.d.ts +8 -0
package/dist/api-handlers/auth/status.js +26 -0
package/dist/api-handlers/auth/update-session.d.ts +37 -0
package/dist/api-handlers/auth/update-session.js +95 -0
package/dist/api-handlers/auth/validate.d.ts +6 -0
package/dist/api-handlers/auth/validate.js +43 -0
package/dist/api-handlers/auth/verify-code.d.ts +43 -0
package/dist/api-handlers/auth/verify-code.js +94 -0
package/dist/api-handlers/session/refresh-viability.d.ts +14 -0
package/dist/api-handlers/session/refresh-viability.js +39 -0
package/dist/api-handlers/session/viability.d.ts +13 -0
package/dist/api-handlers/session/viability.js +146 -0
package/dist/api-handlers/test/force-expire.d.ts +23 -0
package/dist/api-handlers/test/force-expire.js +65 -0
package/dist/auth/auth-decision.d.ts +39 -0
package/dist/auth/auth-decision.js +182 -0
package/dist/auth/auth-options.d.ts +57 -0
package/dist/auth/auth-options.js +213 -0
package/dist/auth/callbacks/index.d.ts +6 -0
package/dist/auth/callbacks/index.js +12 -0
package/dist/auth/callbacks/jwt.d.ts +45 -0
package/dist/auth/callbacks/jwt.js +305 -0
package/dist/auth/callbacks/session.d.ts +60 -0
package/dist/auth/callbacks/session.js +170 -0
package/dist/auth/callbacks/signin.d.ts +23 -0
package/dist/auth/callbacks/signin.js +44 -0
package/dist/auth/events/index.d.ts +4 -0
package/dist/auth/events/index.js +8 -0
package/dist/auth/events/signout.d.ts +17 -0
package/dist/auth/events/signout.js +32 -0
package/dist/auth/providers/credentials.d.ts +32 -0
package/dist/auth/providers/credentials.js +223 -0
package/dist/auth/providers/index.d.ts +5 -0
package/dist/auth/providers/index.js +21 -0
package/dist/auth/providers/oauth.d.ts +26 -0
package/dist/auth/providers/oauth.js +105 -0
package/dist/auth/route-config.d.ts +66 -0
package/dist/auth/route-config.js +190 -0
package/dist/auth/types/auth-types.d.ts +417 -0
package/dist/auth/types/auth-types.js +53 -0
package/dist/auth/types/index.d.ts +6 -0
package/dist/auth/types/index.js +22 -0
package/dist/auth/unauthenticated-routes.d.ts +1 -0
package/dist/auth/unauthenticated-routes.js +19 -0
package/dist/auth/utils/idp-client.d.ts +94 -0
package/dist/auth/utils/idp-client.js +383 -0
package/dist/auth/utils/index.d.ts +5 -0
package/dist/auth/utils/index.js +21 -0
package/dist/auth/utils/token-utils.d.ts +84 -0
package/dist/auth/utils/token-utils.js +219 -0
package/dist/client/AuthContext.d.ts +19 -0
package/dist/client/AuthContext.js +112 -0
package/dist/client/fetch-with-auth.d.ts +11 -0
package/dist/client/fetch-with-auth.js +44 -0
package/dist/client/fetchWithSession.d.ts +3 -0
package/dist/client/fetchWithSession.js +24 -0
package/dist/client/index.d.ts +9 -0
package/dist/client/index.js +20 -0
package/dist/client/useAnonSession.d.ts +36 -0
package/dist/client/useAnonSession.js +99 -0
package/dist/components/SessionSync.d.ts +13 -0
package/dist/components/SessionSync.js +119 -0
package/dist/components/SignalRHealthCheck.d.ts +10 -0
package/dist/components/SignalRHealthCheck.js +97 -0
package/dist/components/account/UserAvatarMenu.d.ts +20 -0
package/dist/components/account/UserAvatarMenu.js +80 -0
package/dist/components/account/index.d.ts +7 -0
package/dist/components/account/index.js +10 -0
package/dist/components/admin/AlertSettingsTab.d.ts +48 -0
package/dist/components/admin/AlertSettingsTab.js +351 -0
package/dist/components/admin/AnalyticsTab.d.ts +22 -0
package/dist/components/admin/AnalyticsTab.js +167 -0
package/dist/components/admin/DataBrowserTab.d.ts +19 -0
package/dist/components/admin/DataBrowserTab.js +252 -0
package/dist/components/admin/LoggingSettingsTab.d.ts +73 -0
package/dist/components/admin/LoggingSettingsTab.js +339 -0
package/dist/components/admin/SessionsTab.d.ts +37 -0
package/dist/components/admin/SessionsTab.js +165 -0
package/dist/components/admin/StatsTab.d.ts +53 -0
package/dist/components/admin/StatsTab.js +161 -0
package/dist/components/admin/VibeAdminContext.d.ts +32 -0
package/dist/components/admin/VibeAdminContext.js +38 -0
package/dist/components/admin/VibeAdminLayout.d.ts +11 -0
package/dist/components/admin/VibeAdminLayout.js +69 -0
package/dist/components/admin/index.d.ts +29 -0
package/dist/components/admin/index.js +44 -0
package/dist/components/auth/FederatedAuthSection.d.ts +8 -0
package/dist/components/auth/FederatedAuthSection.js +45 -0
package/dist/components/auth/ModeAwareLoginPage.d.ts +10 -0
package/dist/components/auth/ModeAwareLoginPage.js +42 -0
package/dist/components/auth/ModeAwareSignupPage.d.ts +9 -0
package/dist/components/auth/ModeAwareSignupPage.js +78 -0
package/dist/components/auth/TraditionalAuthSection.d.ts +14 -0
package/dist/components/auth/TraditionalAuthSection.js +20 -0
package/dist/components/recovery/CompleteStep.d.ts +5 -0
package/dist/components/recovery/CompleteStep.js +8 -0
package/dist/components/recovery/InitiateRecoveryStep.d.ts +8 -0
package/dist/components/recovery/InitiateRecoveryStep.js +20 -0
package/dist/components/recovery/SelectMethodStep.d.ts +8 -0
package/dist/components/recovery/SelectMethodStep.js +8 -0
package/dist/components/recovery/SetPasswordStep.d.ts +6 -0
package/dist/components/recovery/SetPasswordStep.js +20 -0
package/dist/components/recovery/VerifyCodeStep.d.ts +10 -0
package/dist/components/recovery/VerifyCodeStep.js +24 -0
package/dist/components/reserved/ReservedRecoveryWarning.d.ts +38 -0
package/dist/components/reserved/ReservedRecoveryWarning.js +92 -0
package/dist/components/reserved/ReservedStatusBox.d.ts +30 -0
package/dist/components/reserved/ReservedStatusBox.js +71 -0
package/dist/components/ui/BetaBadge.d.ts +29 -0
package/dist/components/ui/BetaBadge.js +38 -0
package/dist/components/ui/Footer.d.ts +37 -0
package/dist/components/ui/Footer.js +41 -0
package/dist/config/env.d.ts +66 -0
package/dist/config/env.js +57 -0
package/dist/config/logger.d.ts +57 -0
package/dist/config/logger.js +73 -0
package/dist/config/logging-config.d.ts +30 -0
package/dist/config/logging-config.js +122 -0
package/dist/config/unauthenticated-routes.d.ts +17 -0
package/dist/config/unauthenticated-routes.js +24 -0
package/dist/config/vibe-log-transport.d.ts +79 -0
package/dist/config/vibe-log-transport.js +203 -0
package/dist/edge/internal-api-url.d.ts +53 -0
package/dist/edge/internal-api-url.js +63 -0
package/dist/edge/middleware.d.ts +14 -0
package/dist/edge/middleware.js +32 -0
package/dist/hooks/useAuth.d.ts +23 -0
package/dist/hooks/useAuth.js +81 -0
package/dist/hooks/useAuthSettings.d.ts +59 -0
package/dist/hooks/useAuthSettings.js +93 -0
package/dist/hooks/useAvailableProviders.d.ts +45 -0
package/dist/hooks/useAvailableProviders.js +108 -0
package/dist/hooks/usePasswordValidation.d.ts +27 -0
package/dist/hooks/usePasswordValidation.js +102 -0
package/dist/hooks/useProfile.d.ts +15 -0
package/dist/hooks/useProfile.js +59 -0
package/dist/hooks/usePublicAuthSettings.d.ts +56 -0
package/dist/hooks/usePublicAuthSettings.js +131 -0
package/dist/hooks/useSessionExpiration.d.ts +57 -0
package/dist/hooks/useSessionExpiration.js +72 -0
package/dist/hooks/useViabilitySession.d.ts +75 -0
package/dist/hooks/useViabilitySession.js +268 -0
package/dist/index.d.ts +12 -0
package/dist/index.js +54 -0
package/dist/lib/anon-session.d.ts +74 -0
package/dist/lib/anon-session.js +169 -0
package/dist/lib/api-handler.d.ts +123 -0
package/dist/lib/api-handler.js +478 -0
package/dist/lib/app-slug.d.ts +95 -0
package/dist/lib/app-slug.js +172 -0
package/dist/lib/demo-mode.d.ts +6 -0
package/dist/lib/demo-mode.js +16 -0
package/dist/lib/geolocation.d.ts +64 -0
package/dist/lib/geolocation.js +235 -0
package/dist/lib/idp-client-config.d.ts +75 -0
package/dist/lib/idp-client-config.js +351 -0
package/dist/lib/idp-fetch.d.ts +14 -0
package/dist/lib/idp-fetch.js +91 -0
package/dist/lib/internal-api.d.ts +87 -0
package/dist/lib/internal-api.js +122 -0
package/dist/lib/jwt-decode-client.d.ts +10 -0
package/dist/lib/jwt-decode-client.js +46 -0
package/dist/lib/jwt-decode.d.ts +48 -0
package/dist/lib/jwt-decode.js +57 -0
package/dist/lib/nextauth-secret.d.ts +10 -0
package/dist/lib/nextauth-secret.js +104 -0
package/dist/lib/rate-limit-service.d.ts +23 -0
package/dist/lib/rate-limit-service.js +6 -0
package/dist/lib/redis.d.ts +5 -0
package/dist/lib/redis.js +28 -0
package/dist/lib/refresh-token-validator.d.ts +13 -0
package/dist/lib/refresh-token-validator.js +117 -0
package/dist/lib/roles.d.ts +145 -0
package/dist/lib/roles.js +168 -0
package/dist/lib/secret-validation.d.ts +4 -0
package/dist/lib/secret-validation.js +14 -0
package/dist/lib/session-store.d.ts +166 -0
package/dist/lib/session-store.js +537 -0
package/dist/lib/session.d.ts +21 -0
package/dist/lib/session.js +26 -0
package/dist/lib/site-logger.d.ts +214 -0
package/dist/lib/site-logger.js +210 -0
package/dist/lib/standardized-client-api.d.ts +161 -0
package/dist/lib/standardized-client-api.js +786 -0
package/dist/lib/startup-init.d.ts +40 -0
package/dist/lib/startup-init.js +261 -0
package/dist/lib/test-aware-get-token.d.ts +2 -0
package/dist/lib/test-aware-get-token.js +81 -0
package/dist/lib/token-expiry.d.ts +14 -0
package/dist/lib/token-expiry.js +39 -0
package/dist/lib/token-lifecycle.d.ts +52 -0
package/dist/lib/token-lifecycle.js +398 -0
package/dist/lib/types/api-responses.d.ts +128 -0
package/dist/lib/types/api-responses.js +171 -0
package/dist/lib/user-agent-parser.d.ts +50 -0
package/dist/lib/user-agent-parser.js +220 -0
package/dist/logging/api/admin-analytics.d.ts +3 -0
package/dist/logging/api/admin-analytics.js +45 -0
package/dist/logging/api/audit-log.d.ts +3 -0
package/dist/logging/api/audit-log.js +52 -0
package/dist/logging/components/AdminAnalyticsLayout.d.ts +10 -0
package/dist/logging/components/AdminAnalyticsLayout.js +11 -0
package/dist/logging/components/AuditLogViewer.d.ts +7 -0
package/dist/logging/components/AuditLogViewer.js +51 -0
package/dist/logging/components/ErrorMetricsCard.d.ts +7 -0
package/dist/logging/components/ErrorMetricsCard.js +16 -0
package/dist/logging/components/HealthMetricsCard.d.ts +7 -0
package/dist/logging/components/HealthMetricsCard.js +19 -0
package/dist/logging/hooks/useAdminAnalytics.d.ts +24 -0
package/dist/logging/hooks/useAdminAnalytics.js +22 -0
package/dist/logging/hooks/useAuditLog.d.ts +6 -0
package/dist/logging/hooks/useAuditLog.js +25 -0
package/dist/logging/hooks/useErrorMetrics.d.ts +6 -0
package/dist/logging/hooks/useErrorMetrics.js +38 -0
package/dist/logging/hooks/useHealthMetrics.d.ts +6 -0
package/dist/logging/hooks/useHealthMetrics.js +41 -0
package/dist/logging/index.d.ts +11 -0
package/dist/logging/index.js +40 -0
package/dist/logging/types/analytics.d.ts +68 -0
package/dist/logging/types/analytics.js +3 -0
package/dist/logging/types/audit.d.ts +29 -0
package/dist/logging/types/audit.js +2 -0
package/dist/logging/types/index.d.ts +2 -0
package/dist/logging/types/index.js +19 -0
package/dist/middleware/auth-decision.d.ts +33 -0
package/dist/middleware/auth-decision.js +65 -0
package/dist/middleware/create-middleware.d.ts +100 -0
package/dist/middleware/create-middleware.js +445 -0
package/dist/middleware/rbac-check.d.ts +44 -0
package/dist/middleware/rbac-check.js +191 -0
package/dist/middleware/twofa-presets.d.ts +134 -0
package/dist/middleware/twofa-presets.js +175 -0
package/dist/models/DecodedAccessToken.d.ts +17 -0
package/dist/models/DecodedAccessToken.js +2 -0
package/dist/models/SessionModel.d.ts +122 -0
package/dist/models/SessionModel.js +136 -0
package/dist/pages/admin-login/page.d.ts +31 -0
package/dist/pages/admin-login/page.js +83 -0
package/dist/pages/admin-roles/RolesAdminPage.d.ts +15 -0
package/dist/pages/admin-roles/RolesAdminPage.js +78 -0
package/dist/pages/admin-roles/index.d.ts +8 -0
package/dist/pages/admin-roles/index.js +15 -0
package/dist/pages/admin-roles/modals.d.ts +72 -0
package/dist/pages/admin-roles/modals.js +154 -0
package/dist/pages/client-admin/ClientSiteAdminPage.d.ts +79 -0
package/dist/pages/client-admin/ClientSiteAdminPage.js +177 -0
package/dist/pages/client-admin/index.d.ts +32 -0
package/dist/pages/client-admin/index.js +37 -0
package/dist/pages/login/page.d.ts +22 -0
package/dist/pages/login/page.js +239 -0
package/dist/pages/profile/EnhancedProfilePage.d.ts +13 -0
package/dist/pages/profile/EnhancedProfilePage.js +150 -0
package/dist/pages/profile/index.d.ts +8 -0
package/dist/pages/profile/index.js +16 -0
package/dist/pages/profile/page.d.ts +19 -0
package/dist/pages/profile/page.js +47 -0
package/dist/pages/profile/profile-patch.d.ts +1 -0
package/dist/pages/profile/profile-patch.js +281 -0
package/dist/pages/recovery/page.d.ts +1 -0
package/dist/pages/recovery/page.js +142 -0
package/dist/pages/roles/MyRolesPage.d.ts +24 -0
package/dist/pages/roles/MyRolesPage.js +71 -0
package/dist/pages/roles/components.d.ts +63 -0
package/dist/pages/roles/components.js +108 -0
package/dist/pages/roles/index.d.ts +8 -0
package/dist/pages/roles/index.js +19 -0
package/dist/pages/security/EnhancedSecurityPage.d.ts +14 -0
package/dist/pages/security/EnhancedSecurityPage.js +248 -0
package/dist/pages/security/index.d.ts +8 -0
package/dist/pages/security/index.js +16 -0
package/dist/pages/security/page.d.ts +21 -0
package/dist/pages/security/page.js +212 -0
package/dist/pages/security/security-patch.d.ts +1 -0
package/dist/pages/security/security-patch.js +302 -0
package/dist/pages/settings/EnhancedSettingsPage.d.ts +46 -0
package/dist/pages/settings/EnhancedSettingsPage.js +231 -0
package/dist/pages/settings/index.d.ts +8 -0
package/dist/pages/settings/index.js +16 -0
package/dist/pages/settings/page.d.ts +7 -0
package/dist/pages/settings/page.js +26 -0
package/dist/pages/showcase/ShowcasePage.d.ts +13 -0
package/dist/pages/showcase/ShowcasePage.js +140 -0
package/dist/pages/showcase/index.d.ts +12 -0
package/dist/pages/showcase/index.js +17 -0
package/dist/pages/test-env/EmergencyLogoutPage.d.ts +14 -0
package/dist/pages/test-env/EmergencyLogoutPage.js +98 -0
package/dist/pages/test-env/JwtInspectPage.d.ts +14 -0
package/dist/pages/test-env/JwtInspectPage.js +114 -0
package/dist/pages/test-env/RefreshTokenPage.d.ts +15 -0
package/dist/pages/test-env/RefreshTokenPage.js +91 -0
package/dist/pages/test-env/TestEnvPage.d.ts +13 -0
package/dist/pages/test-env/TestEnvPage.js +49 -0
package/dist/pages/test-env/index.d.ts +24 -0
package/dist/pages/test-env/index.js +32 -0
package/dist/pages/verify-code/page.d.ts +30 -0
package/dist/pages/verify-code/page.js +408 -0
package/dist/routes/account/index.d.ts +28 -0
package/dist/routes/account/index.js +71 -0
package/dist/routes/account/masked-info.d.ts +33 -0
package/dist/routes/account/masked-info.js +39 -0
package/dist/routes/account/send-code.d.ts +37 -0
package/dist/routes/account/send-code.js +42 -0
package/dist/routes/account/update-phone.d.ts +13 -0
package/dist/routes/account/update-phone.js +17 -0
package/dist/routes/account/verify-email.d.ts +38 -0
package/dist/routes/account/verify-email.js +43 -0
package/dist/routes/account/verify-sms.d.ts +38 -0
package/dist/routes/account/verify-sms.js +43 -0
package/dist/routes/auth/index.d.ts +19 -0
package/dist/routes/auth/index.js +64 -0
package/dist/routes/auth/logout.d.ts +31 -0
package/dist/routes/auth/logout.js +113 -0
package/dist/routes/auth/nextauth.d.ts +19 -0
package/dist/routes/auth/nextauth.js +72 -0
package/dist/routes/auth/refresh.d.ts +30 -0
package/dist/routes/auth/refresh.js +51 -0
package/dist/routes/auth/session.d.ts +72 -0
package/dist/routes/auth/session.js +180 -0
package/dist/routes/auth/settings.d.ts +25 -0
package/dist/routes/auth/settings.js +55 -0
package/dist/routes/auth/viability.d.ts +52 -0
package/dist/routes/auth/viability.js +201 -0
package/dist/routes/index.d.ts +12 -0
package/dist/routes/index.js +54 -0
package/dist/routes/session/index.d.ts +6 -0
package/dist/routes/session/index.js +10 -0
package/dist/routes/session/refresh-viability.d.ts +16 -0
package/dist/routes/session/refresh-viability.js +20 -0
package/dist/services/signalrActivityService.d.ts +44 -0
package/dist/services/signalrActivityService.js +257 -0
package/dist/stores/authStore.d.ts +154 -0
package/dist/stores/authStore.js +1531 -0
package/dist/theme/ThemeProvider.d.ts +14 -0
package/dist/theme/ThemeProvider.js +28 -0
package/dist/theme/default.d.ts +8 -0
package/dist/theme/default.js +33 -0
package/dist/theme/index.d.ts +15 -0
package/dist/theme/index.js +25 -0
package/dist/theme/types.d.ts +56 -0
package/dist/theme/types.js +8 -0
package/dist/theme/useTheme.d.ts +60 -0
package/dist/theme/useTheme.js +63 -0
package/dist/theme/utils.d.ts +13 -0
package/dist/theme/utils.js +39 -0
package/dist/types/api.d.ts +134 -0
package/dist/types/api.js +44 -0
package/dist/types/auth.d.ts +19 -0
package/dist/types/auth.js +2 -0
package/dist/types/logging.d.ts +42 -0
package/dist/types/logging.js +2 -0
package/dist/types/recovery.d.ts +48 -0
package/dist/types/recovery.js +2 -0
package/dist/types/security.d.ts +1 -0
package/dist/types/security.js +2 -0
package/dist/utils/api.d.ts +85 -0
package/dist/utils/api.js +287 -0
package/dist/utils/circuitBreaker.d.ts +43 -0
package/dist/utils/circuitBreaker.js +91 -0
package/dist/utils/error-message.d.ts +1 -0
package/dist/utils/error-message.js +103 -0
package/dist/utils/layout/reservedSpace.d.ts +59 -0
package/dist/utils/layout/reservedSpace.js +102 -0
package/dist/utils/logout.d.ts +14 -0
package/dist/utils/logout.js +32 -0
package/dist/vibe/client.d.ts +261 -0
package/dist/vibe/client.js +445 -0
package/dist/vibe/errors.d.ts +83 -0
package/dist/vibe/errors.js +146 -0
package/dist/vibe/generic.d.ts +234 -0
package/dist/vibe/generic.js +369 -0
package/dist/vibe/hooks/index.d.ts +169 -0
package/dist/vibe/hooks/index.js +252 -0
package/dist/vibe/index.d.ts +23 -0
package/dist/vibe/index.js +67 -0
package/dist/vibe/sessions.d.ts +161 -0
package/dist/vibe/sessions.js +391 -0
package/dist/vibe/types.d.ts +353 -0
package/dist/vibe/types.js +315 -0
package/package.json +855 -0
package/scripts/check-internal-url-usage.sh +73 -0
package/scripts/dev-broker.ps1 +35 -0
package/scripts/dev-local.ps1 +45 -0
package/src/api/auth-handler.ts +550 -0
package/src/api/index.ts +18 -0
package/src/api-handlers/account/change-password.ts +145 -0
package/src/api-handlers/account/masked-info.ts +45 -0
package/src/api-handlers/account/profile.ts +80 -0
package/src/api-handlers/account/recovery/initiate.ts +23 -0
package/src/api-handlers/account/recovery/send-code.ts +25 -0
package/src/api-handlers/account/recovery/verify-code.ts +25 -0
package/src/api-handlers/account/reset-password.ts +23 -0
package/src/api-handlers/account/send-code.ts +76 -0
package/src/api-handlers/account/update-phone.ts +79 -0
package/src/api-handlers/account/validate-password.ts +118 -0
package/src/api-handlers/account/verify-email.ts +125 -0
package/src/api-handlers/account/verify-sms.ts +125 -0
package/src/api-handlers/admin/analytics.ts +445 -0
package/src/api-handlers/admin/audit.ts +225 -0
package/src/api-handlers/admin/index.ts +59 -0
package/src/api-handlers/admin/redis-sessions.ts +253 -0
package/src/api-handlers/admin/sessions.ts +320 -0
package/src/api-handlers/admin/site-logs.ts +367 -0
package/src/api-handlers/admin/users.ts +244 -0
package/src/api-handlers/admin/vibe-data.ts +326 -0
package/src/api-handlers/anon/preferences.ts +123 -0
package/src/api-handlers/auth/jwks.ts +20 -0
package/src/api-handlers/auth/login.ts +240 -0
package/src/api-handlers/auth/refresh.ts +687 -0
package/src/api-handlers/auth/signout.ts +212 -0
package/src/api-handlers/auth/status.ts +23 -0
package/src/api-handlers/auth/update-session.ts +125 -0
package/src/api-handlers/auth/validate.ts +44 -0
package/src/api-handlers/auth/verify-code.ts +129 -0
package/src/api-handlers/session/refresh-viability.ts +36 -0
package/src/api-handlers/session/viability.ts +166 -0
package/src/api-handlers/test/force-expire.ts +67 -0
package/src/auth/auth-decision.ts +230 -0
package/src/auth/auth-options.ts +237 -0
package/src/auth/callbacks/index.ts +7 -0
package/src/auth/callbacks/jwt.ts +382 -0
package/src/auth/callbacks/session.ts +243 -0
package/src/auth/callbacks/signin.ts +56 -0
package/src/auth/events/index.ts +5 -0
package/src/auth/events/signout.ts +33 -0
package/src/auth/providers/credentials.ts +256 -0
package/src/auth/providers/index.ts +6 -0
package/src/auth/providers/oauth.ts +114 -0
package/src/auth/route-config.ts +220 -0
package/src/auth/types/auth-types.ts +555 -0
package/src/auth/types/index.ts +7 -0
package/src/auth/unauthenticated-routes.ts +3 -0
package/src/auth/utils/idp-client.ts +444 -0
package/src/auth/utils/index.ts +6 -0
package/src/auth/utils/token-utils.ts +244 -0
package/src/client/AuthContext.tsx +140 -0
package/src/client/fetch-with-auth.ts +48 -0
package/src/client/fetchWithSession.ts +21 -0
package/src/client/index.ts +13 -0
package/src/client/useAnonSession.ts +131 -0
package/src/components/SessionSync.tsx +137 -0
package/src/components/SignalRHealthCheck.tsx +131 -0
package/src/components/account/UserAvatarMenu.tsx +217 -0
package/src/components/account/index.ts +8 -0
package/src/components/admin/AlertSettingsTab.tsx +728 -0
package/src/components/admin/AnalyticsTab.tsx +703 -0
package/src/components/admin/DataBrowserTab.tsx +505 -0
package/src/components/admin/LoggingSettingsTab.tsx +665 -0
package/src/components/admin/SessionsTab.tsx +414 -0
package/src/components/admin/StatsTab.tsx +379 -0
package/src/components/admin/VibeAdminContext.tsx +87 -0
package/src/components/admin/VibeAdminLayout.tsx +185 -0
package/src/components/admin/index.ts +59 -0
package/src/components/auth/FederatedAuthSection.tsx +95 -0
package/src/components/auth/ModeAwareLoginPage.tsx +135 -0
package/src/components/auth/ModeAwareSignupPage.tsx +267 -0
package/src/components/auth/TraditionalAuthSection.tsx +99 -0
package/src/components/recovery/CompleteStep.tsx +36 -0
package/src/components/recovery/InitiateRecoveryStep.tsx +68 -0
package/src/components/recovery/SelectMethodStep.tsx +73 -0
package/src/components/recovery/SetPasswordStep.tsx +97 -0
package/src/components/recovery/VerifyCodeStep.tsx +90 -0
package/src/components/reserved/ReservedRecoveryWarning.tsx +160 -0
package/src/components/reserved/ReservedStatusBox.tsx +118 -0
package/src/components/ui/BetaBadge.tsx +58 -0
package/src/components/ui/Footer.tsx +93 -0
package/src/config/env.ts +57 -0
package/src/config/logger.ts +62 -0
package/src/config/logging-config.ts +82 -0
package/src/config/unauthenticated-routes.ts +19 -0
package/src/config/vibe-log-transport.ts +250 -0
package/src/edge/internal-api-url.ts +65 -0
package/src/edge/middleware.ts +42 -0
package/src/hooks/useAuth.ts +115 -0
package/src/hooks/useAuthSettings.ts +97 -0
package/src/hooks/useAvailableProviders.ts +118 -0
package/src/hooks/usePasswordValidation.ts +127 -0
package/src/hooks/useProfile.ts +75 -0
package/src/hooks/usePublicAuthSettings.ts +149 -0
package/src/hooks/useSessionExpiration.ts +102 -0
package/src/hooks/useViabilitySession.ts +335 -0
package/src/index.ts +63 -0
package/src/lib/anon-session.ts +213 -0
package/src/lib/api-handler.ts +625 -0
package/src/lib/app-slug.ts +178 -0
package/src/lib/demo-mode.ts +13 -0
package/src/lib/geolocation.ts +265 -0
package/src/lib/idp-client-config.ts +442 -0
package/src/lib/idp-fetch.ts +101 -0
package/src/lib/internal-api.ts +171 -0
package/src/lib/jwt-decode-client.ts +45 -0
package/src/lib/jwt-decode.ts +83 -0
package/src/lib/nextauth-secret.ts +126 -0
package/src/lib/rate-limit-service.ts +9 -0
package/src/lib/redis.ts +27 -0
package/src/lib/refresh-token-validator.ts +64 -0
package/src/lib/roles.ts +177 -0
package/src/lib/secret-validation.ts +8 -0
package/src/lib/session-store.ts +637 -0
package/src/lib/session.ts +34 -0
package/src/lib/site-logger.ts +245 -0
package/src/lib/standardized-client-api.ts +896 -0
package/src/lib/startup-init.ts +247 -0
package/src/lib/test-aware-get-token.ts +30 -0
package/src/lib/token-expiry.ts +40 -0
package/src/lib/token-lifecycle.ts +477 -0
package/src/lib/types/api-responses.ts +336 -0
package/src/lib/user-agent-parser.ts +252 -0
package/src/logging/api/admin-analytics.ts +51 -0
package/src/logging/api/audit-log.ts +53 -0
package/src/logging/components/AdminAnalyticsLayout.tsx +49 -0
package/src/logging/components/AuditLogViewer.tsx +125 -0
package/src/logging/components/ErrorMetricsCard.tsx +98 -0
package/src/logging/components/HealthMetricsCard.tsx +70 -0
package/src/logging/hooks/useAdminAnalytics.ts +22 -0
package/src/logging/hooks/useAuditLog.ts +24 -0
package/src/logging/hooks/useErrorMetrics.ts +40 -0
package/src/logging/hooks/useHealthMetrics.ts +44 -0
package/src/logging/index.ts +18 -0
package/src/logging/types/analytics.ts +81 -0
package/src/logging/types/audit.ts +31 -0
package/src/logging/types/index.ts +3 -0
package/src/middleware/auth-decision.ts +43 -0
package/src/middleware/create-middleware.ts +626 -0
package/src/middleware/rbac-check.ts +244 -0
package/src/middleware/twofa-presets.ts +224 -0
package/src/models/DecodedAccessToken.ts +17 -0
package/src/models/SessionModel.ts +258 -0
package/src/pages/admin-login/page.tsx +229 -0
package/src/pages/admin-roles/RolesAdminPage.tsx +357 -0
package/src/pages/admin-roles/index.ts +9 -0
package/src/pages/admin-roles/modals.tsx +469 -0
package/src/pages/client-admin/ClientSiteAdminPage.tsx +380 -0
package/src/pages/client-admin/index.ts +33 -0
package/src/pages/login/page.tsx +463 -0
package/src/pages/profile/EnhancedProfilePage.tsx +479 -0
package/src/pages/profile/index.ts +9 -0
package/src/pages/profile/page.tsx +166 -0
package/src/pages/recovery/page.tsx +234 -0
package/src/pages/roles/MyRolesPage.tsx +211 -0
package/src/pages/roles/components.tsx +294 -0
package/src/pages/roles/index.ts +17 -0
package/src/pages/security/EnhancedSecurityPage.tsx +574 -0
package/src/pages/security/index.ts +9 -0
package/src/pages/security/page.tsx +507 -0
package/src/pages/settings/EnhancedSettingsPage.tsx +642 -0
package/src/pages/settings/index.ts +9 -0
package/src/pages/settings/page.tsx +47 -0
package/src/pages/showcase/ShowcasePage.tsx +530 -0
package/src/pages/showcase/index.ts +13 -0
package/src/pages/test-env/EmergencyLogoutPage.tsx +179 -0
package/src/pages/test-env/JwtInspectPage.tsx +418 -0
package/src/pages/test-env/RefreshTokenPage.tsx +155 -0
package/src/pages/test-env/TestEnvPage.tsx +116 -0
package/src/pages/test-env/index.ts +25 -0
package/src/pages/verify-code/page.tsx +648 -0
package/src/routes/account/index.ts +32 -0
package/src/routes/account/masked-info.ts +37 -0
package/src/routes/account/send-code.ts +40 -0
package/src/routes/account/update-phone.ts +13 -0
package/src/routes/account/verify-email.ts +41 -0
package/src/routes/account/verify-sms.ts +41 -0
package/src/routes/auth/index.ts +23 -0
package/src/routes/auth/logout.ts +127 -0
package/src/routes/auth/nextauth.ts +71 -0
package/src/routes/auth/refresh.ts +54 -0
package/src/routes/auth/session.ts +193 -0
package/src/routes/auth/settings.ts +75 -0
package/src/routes/auth/viability.ts +220 -0
package/src/routes/index.ts +18 -0
package/src/routes/session/index.ts +7 -0
package/src/routes/session/refresh-viability.ts +17 -0
package/src/services/signalrActivityService.ts +258 -0
package/src/stores/authStore.ts +1904 -0
package/src/templates/instrumentation.ts +41 -0
package/src/theme/ThemeProvider.tsx +39 -0
package/src/theme/default.ts +33 -0
package/src/theme/index.ts +31 -0
package/src/theme/types.ts +69 -0
package/src/theme/useTheme.ts +57 -0
package/src/theme/utils.ts +40 -0
package/src/types/api.ts +13 -0
package/src/types/auth.d.ts +15 -0
package/src/types/auth.ts +22 -0
package/src/types/logging.ts +11 -0
package/src/types/next-auth.d.ts +15 -0
package/src/types/recovery.ts +54 -0
package/src/types/security.ts +1 -0
package/src/utils/api.ts +353 -0
package/src/utils/circuitBreaker.ts +40 -0
package/src/utils/error-message.ts +108 -0
package/src/utils/layout/reservedSpace.ts +124 -0
package/src/utils/logout.ts +30 -0
package/src/vibe/client.ts +590 -0
package/src/vibe/errors.ts +185 -0
package/src/vibe/generic.ts +429 -0
package/src/vibe/hooks/index.ts +367 -0
package/src/vibe/index.ts +121 -0
package/src/vibe/sessions.ts +551 -0
package/src/vibe/types.ts +577 -0

package/src/api-handlers/admin/sessions.ts ADDED Viewed

@@ -0,0 +1,320 @@
+/**
+ * Admin Sessions API Handler
+ *
+ * Provides admin-level access to login sessions using service account credentials.
+ * Used by SessionsTab component.
+ *
+ * @version 1.0
+ * @requires Admin role (vibe_app_admin or payez_admin)
+ */
+import { NextRequest, NextResponse } from 'next/server';
+import { getServerSession } from 'next-auth';
+import { getStartupIDPConfig } from '../../lib/startup-init';
+import { ADMIN_ROLES, hasAnyRole } from '../../lib/roles';
+interface VibeRequestOptions {
+  method: 'GET' | 'POST' | 'PUT' | 'DELETE';
+  body?: unknown;
+}
+/**
+ * Check if the current user has admin role
+ */
+async function checkAdminRole(getAuthOptions: () => Promise<any>): Promise<{ isAdmin: boolean; userId?: number; error?: NextResponse }> {
+  const authOptions = await getAuthOptions();
+  const session = await getServerSession(authOptions) as any;
+  if (!session?.user) {
+    return {
+      isAdmin: false,
+      error: NextResponse.json(
+        { success: false, error: 'Please sign in' },
+        { status: 401 }
+      ),
+    };
+  }
+  const userRoles = (session.user?.roles as string[]) || [];
+  const hasAdminRole = ADMIN_ROLES.some(role => userRoles.includes(role));
+  if (!hasAdminRole) {
+    return {
+      isAdmin: false,
+      error: NextResponse.json(
+        { success: false, error: 'Admin access required' },
+        { status: 403 }
+      ),
+    };
+  }
+  return { isAdmin: true, userId: session.user?.id };
+}
+/**
+ * Make a service account request to Vibe (admin mode)
+ */
+async function vibeServiceRequest<T = unknown>(
+  endpoint: string,
+  options: VibeRequestOptions
+): Promise<{ ok: boolean; status: number; data: T | null; error?: string }> {
+  const idpUrl = process.env.NEXT_PUBLIC_IDP_URL || process.env.IDP_URL;
+  const clientId = process.env.VIBE_CLIENT_ID;
+  const signingKey = process.env.VIBE_HMAC_KEY;
+  if (!idpUrl || !clientId || !signingKey) {
+    return { ok: false, status: 500, data: null, error: 'Vibe not configured' };
+  }
+  const timestamp = Math.floor(Date.now() / 1000);
+  const stringToSign = `${timestamp}|${options.method}|${endpoint}`;
+  const crypto = await import('crypto');
+  const signature = crypto
+    .createHmac('sha256', Buffer.from(signingKey, 'base64'))
+    .update(stringToSign)
+    .digest('base64');
+  const proxyUrl = `${idpUrl}/api/vibe/proxy`;
+  // Get the numeric client ID from startup config for multi-client admin support
+  const idpConfig = getStartupIDPConfig();
+  const numericClientId = idpConfig?.clientId;
+  try {
+    const res = await fetch(proxyUrl, {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        'X-Vibe-Client-Id': clientId,
+        'X-Vibe-Timestamp': String(timestamp),
+        'X-Vibe-Signature': signature,
+        ...(numericClientId && { 'X-Client-Id': String(numericClientId) }),
+      },
+      body: JSON.stringify({
+        endpoint,
+        method: options.method,
+        data: options.body ?? null,
+      }),
+      cache: 'no-store',
+    });
+    if (res.status === 204) {
+      return { ok: true, status: 204, data: null };
+    }
+    if (!res.ok) {
+      const errorText = await res.text();
+      return { ok: false, status: res.status, data: null, error: errorText };
+    }
+    const body = await res.json();
+    return { ok: true, status: res.status, data: body };
+  } catch (error) {
+    return { ok: false, status: 0, data: null, error: String(error) };
+  }
+}
+// Country code to flag emoji mapping
+function getCountryFlag(countryCode: string): string {
+  if (!countryCode || countryCode.length !== 2) return '';
+  const codePoints = countryCode
+    .toUpperCase()
+    .split('')
+    .map(char => 127397 + char.charCodeAt(0));
+  return String.fromCodePoint(...codePoints);
+}
+export interface AdminSessionsHandlerConfig {
+  getAuthOptions: () => Promise<any>;
+}
+/**
+ * GET /api/admin/sessions - List sessions
+ * POST /api/admin/sessions - Stats, revoke actions
+ */
+export function createSessionsHandler(config: AdminSessionsHandlerConfig) {
+  return {
+    async GET(request: NextRequest) {
+      const adminCheck = await checkAdminRole(config.getAuthOptions);
+      if (adminCheck.error) return adminCheck.error;
+      const { searchParams } = new URL(request.url);
+      const status = searchParams.get('status');
+      const email = searchParams.get('email');
+      // Build query for login_sessions table
+      const queryBody: any = {
+        page: 1,
+        pageSize: 100,
+        orderBy: 'created_at',
+        orderDirection: 'desc',
+      };
+      // Build filter conditions
+      const conditions: any[] = [];
+      if (status && status !== 'all') {
+        conditions.push({ field: 'status', operator: 'eq', value: status });
+      }
+      if (email) {
+        conditions.push({ field: 'email', operator: 'like', value: `%${email}%` });
+      }
+      if (conditions.length === 1) {
+        queryBody.filter = conditions[0];
+      } else if (conditions.length > 1) {
+        queryBody.filter = { operator: 'and', conditions };
+      }
+      const result = await vibeServiceRequest<any>(
+        '/v1/collections/vibe_app/tables/login_sessions/query',
+        { method: 'POST', body: queryBody }
+      );
+      if (!result.ok) {
+        return NextResponse.json({ error: result.error }, { status: result.status || 500 });
+      }
+      // Extract sessions from response
+      const rawSessions = result.data?.data || result.data?.documents || [];
+      const sessions = rawSessions.map((s: any) => ({
+        id: s.id || s.document_id,
+        idp_user_id: s.idp_user_id || s.user_id,
+        email: s.email || '',
+        name: s.name || s.display_name || '',
+        status: s.status || 'active',
+        ip_address: s.ip_address || s.ip,
+        city: s.city,
+        region: s.region,
+        country_code: s.country_code || s.country,
+        device_type: s.device_type || s.device,
+        browser: s.browser,
+        os: s.os,
+        created_at: s.created_at,
+        last_activity: s.last_activity || s.updated_at,
+        revoked_at: s.revoked_at,
+        revoked_by: s.revoked_by,
+        country_flag: getCountryFlag(s.country_code || s.country || ''),
+      }));
+      return NextResponse.json({ sessions });
+    },
+    async POST(request: NextRequest) {
+      const adminCheck = await checkAdminRole(config.getAuthOptions);
+      if (adminCheck.error) return adminCheck.error;
+      const body = await request.json();
+      const { action, sessionId, userId } = body;
+      if (action === 'stats') {
+        // Get all sessions for stats calculation
+        const result = await vibeServiceRequest<any>(
+          '/v1/collections/vibe_app/tables/login_sessions/query',
+          { method: 'POST', body: { page: 1, pageSize: 1000 } }
+        );
+        if (!result.ok) {
+          return NextResponse.json({ error: result.error }, { status: result.status || 500 });
+        }
+        const sessions = result.data?.data || result.data?.documents || [];
+        // Calculate stats
+        const now = new Date();
+        const oneDayAgo = new Date(now.getTime() - 24 * 60 * 60 * 1000);
+        const stats = {
+          totalActive: sessions.filter((s: any) => s.status === 'active').length,
+          totalRevoked: sessions.filter((s: any) => s.status === 'revoked').length,
+          uniqueUsers: new Set(sessions.map((s: any) => s.idp_user_id || s.user_id)).size,
+          recentLogins: sessions.filter((s: any) => new Date(s.created_at) > oneDayAgo).length,
+          byCountryWithFlags: {} as Record<string, { count: number; flag: string }>,
+          byDevice: {} as Record<string, number>,
+        };
+        // Count by country
+        sessions.forEach((s: any) => {
+          const country = s.country_code || s.country || 'Unknown';
+          if (!stats.byCountryWithFlags[country]) {
+            stats.byCountryWithFlags[country] = { count: 0, flag: getCountryFlag(country) };
+          }
+          stats.byCountryWithFlags[country].count++;
+          const device = s.device_type || s.device || 'Unknown';
+          stats.byDevice[device] = (stats.byDevice[device] || 0) + 1;
+        });
+        return NextResponse.json({ stats });
+      }
+      if (action === 'revoke' && sessionId) {
+        // Revoke single session
+        const result = await vibeServiceRequest<any>(
+          `/v1/collections/vibe_app/tables/login_sessions/${sessionId}`,
+          {
+            method: 'PUT',
+            body: {
+              status: 'revoked',
+              revoked_at: new Date().toISOString(),
+              revoked_by: `admin:${adminCheck.userId}`,
+            },
+          }
+        );
+        if (!result.ok) {
+          return NextResponse.json({ error: result.error }, { status: result.status || 500 });
+        }
+        return NextResponse.json({ success: true });
+      }
+      if (action === 'revoke_all' && userId) {
+        // Get all active sessions for user
+        const queryResult = await vibeServiceRequest<any>(
+          '/v1/collections/vibe_app/tables/login_sessions/query',
+          {
+            method: 'POST',
+            body: {
+              filter: {
+                operator: 'and',
+                conditions: [
+                  { field: 'idp_user_id', operator: 'eq', value: userId },
+                  { field: 'status', operator: 'eq', value: 'active' },
+                ],
+              },
+            },
+          }
+        );
+        if (!queryResult.ok) {
+          return NextResponse.json({ error: queryResult.error }, { status: queryResult.status || 500 });
+        }
+        const sessions = queryResult.data?.data || queryResult.data?.documents || [];
+        let revokedCount = 0;
+        // Revoke each session
+        for (const session of sessions) {
+          const id = session.id || session.document_id;
+          const result = await vibeServiceRequest<any>(
+            `/v1/collections/vibe_app/tables/login_sessions/${id}`,
+            {
+              method: 'PUT',
+              body: {
+                status: 'revoked',
+                revoked_at: new Date().toISOString(),
+                revoked_by: `admin:${adminCheck.userId}`,
+              },
+            }
+          );
+          if (result.ok) revokedCount++;
+        }
+        return NextResponse.json({ success: true, revokedCount });
+      }
+      return NextResponse.json({ error: 'Invalid action' }, { status: 400 });
+    },
+  };
+}

package/src/api-handlers/admin/site-logs.ts ADDED Viewed

@@ -0,0 +1,367 @@
+/**
+ * Admin Site Logs API Handlers
+ *
+ * Provides admin-level access to site activity logs.
+ * - GET /site-logs - Query logs from Vibe
+ * - POST /site-logs - Create test log entries via Redis queue
+ * - GET /site-logs/stats - Aggregated stats { total, unique_users, by_level, by_category }
+ * - POST /site-logs/drain - Manual drain trigger
+ * - GET /site-logs/queue - Redis queue status
+ *
+ * @version 1.0
+ * @requires Admin role (vibe_app_admin or payez_admin)
+ */
+import { NextRequest, NextResponse } from 'next/server';
+import { getServerSession } from 'next-auth';
+import { getRedis } from '../../lib/redis';
+import { ADMIN_ROLES, hasAnyRole } from '../../lib/roles';
+const REDIS_SITE_LOG_KEY = 'vibe:site-logs:pending';
+const REDIS_LOG_TTL = 7 * 24 * 60 * 60; // 1 week
+export interface SiteLogsHandlerConfig {
+  getAuthOptions: () => Promise<any>;
+  vibeApiUrl?: string;
+  appSlug?: string;
+  vibeClientId?: string;
+}
+/**
+ * Check if the current user has admin role
+ */
+async function checkAdminRole(getAuthOptions: () => Promise<any>): Promise<{ isAdmin: boolean; userId?: number; accessToken?: string; clientId?: string; error?: NextResponse }> {
+  const authOptions = await getAuthOptions();
+  const session = await getServerSession(authOptions) as any;
+  if (!session?.user) {
+    return {
+      isAdmin: false,
+      error: NextResponse.json(
+        { success: false, error: 'Please sign in' },
+        { status: 401 }
+      ),
+    };
+  }
+  const userRoles = (session.user?.roles as string[]) || [];
+  const hasAdminRole = ADMIN_ROLES.some(role => userRoles.includes(role));
+  if (!hasAdminRole) {
+    return {
+      isAdmin: false,
+      error: NextResponse.json(
+        { success: false, error: 'Admin access required' },
+        { status: 403 }
+      ),
+    };
+  }
+  return {
+    isAdmin: true,
+    userId: session.user?.id,
+    accessToken: session.accessToken,
+    clientId: session.clientId,
+  };
+}
+function getVibeApiUrl(config: SiteLogsHandlerConfig): string {
+  if (config.vibeApiUrl) return config.vibeApiUrl;
+  const url = process.env.VIBE_API_URL;
+  if (url) return url;
+  if (process.env.NODE_ENV !== 'production') return 'http://localhost:37933';
+  throw new Error('VIBE_API_URL is required in production');
+}
+/**
+ * Create main site-logs handler (GET query, POST create test entries)
+ */
+export function createSiteLogsHandler(config: SiteLogsHandlerConfig) {
+  return {
+    async GET(request: NextRequest) {
+      const adminCheck = await checkAdminRole(config.getAuthOptions);
+      if (adminCheck.error) return adminCheck.error;
+      const { searchParams } = new URL(request.url);
+      const vibeUrl = getVibeApiUrl(config);
+      // Forward query params
+      const params = new URLSearchParams();
+      if (searchParams.get('level')) params.set('level', searchParams.get('level')!);
+      if (searchParams.get('category')) params.set('category', searchParams.get('category')!);
+      if (searchParams.get('search')) params.set('search', searchParams.get('search')!);
+      if (searchParams.get('from')) params.set('from', searchParams.get('from')!);
+      if (searchParams.get('to')) params.set('to', searchParams.get('to')!);
+      if (searchParams.get('user_id')) params.set('user_id', searchParams.get('user_id')!);
+      if (searchParams.get('limit')) params.set('limit', searchParams.get('limit')!);
+      if (searchParams.get('offset')) params.set('offset', searchParams.get('offset')!);
+      const headers: Record<string, string> = {
+        'Authorization': `Bearer ${adminCheck.accessToken}`,
+        'Content-Type': 'application/json',
+      };
+      if (adminCheck.clientId) {
+        headers['X-Client-Id'] = adminCheck.clientId;
+      }
+      try {
+        const response = await fetch(`${vibeUrl}/v1/admin/site-logs?${params}`, { headers });
+        if (!response.ok) {
+          const errorText = await response.text();
+          console.error('[admin/site-logs] Vibe error:', response.status, errorText);
+          return NextResponse.json(
+            { error: 'Failed to fetch site logs', details: errorText },
+            { status: response.status }
+          );
+        }
+        const data = await response.json();
+        return NextResponse.json(data);
+      } catch (error: any) {
+        console.error('[admin/site-logs] Error:', error);
+        return NextResponse.json(
+          { error: error.message || 'Internal error' },
+          { status: 500 }
+        );
+      }
+    },
+    async POST(request: NextRequest) {
+      const adminCheck = await checkAdminRole(config.getAuthOptions);
+      if (adminCheck.error) return adminCheck.error;
+      try {
+        const body = await request.json();
+        const redis = getRedis();
+        const userAgent = request.headers.get('user-agent') || null;
+        const ipAddress = request.headers.get('x-forwarded-for')?.split(',')[0] || null;
+        const baseRecord = {
+          user_agent: userAgent,
+          ip_address: ipAddress,
+          created_at: new Date().toISOString(),
+          app_slug: config.appSlug || process.env.APP_SLUG || process.env.CLIENT_ID || 'unknown',
+          vibe_client_id: config.vibeClientId || process.env.VIBE_CLIENT_ID || '',
+        };
+        // If generateAll=true, create one of each event type
+        if (body.generate_all) {
+          const testEvents = [
+            { log_level: 'debug', category: 'api', message: 'Test: API request traced', context: { endpoint: '/api/test', method: 'GET' }, url: '/api/test' },
+            { log_level: 'info', category: 'auth', message: 'Test: User logged in', context: { method: 'password' }, user_id: 1, url: '/api/auth/callback' },
+            { log_level: 'info', category: 'page_view', message: 'Test: Page viewed', context: { referrer: '/dashboard' }, user_id: 1, url: '/admin/activity' },
+            { log_level: 'info', category: 'user_action', message: 'Test: Button clicked', context: { target: 'submit-btn' }, user_id: 1, url: '/admin/activity' },
+            { log_level: 'warn', category: 'auth', message: 'Test: Login failed', context: { reason: 'invalid_password' }, url: '/api/auth/login' },
+            { log_level: 'error', category: 'error', message: 'Test: Application error', context: { error: 'TestError', stack: 'at test()' }, url: '/api/test' },
+          ];
+          for (const event of testEvents) {
+            const logRecord = JSON.stringify({ ...baseRecord, ...event, session_id: null });
+            await redis.lpush(REDIS_SITE_LOG_KEY, logRecord);
+          }
+          await redis.expire(REDIS_SITE_LOG_KEY, REDIS_LOG_TTL);
+          const queueLen = await redis.llen(REDIS_SITE_LOG_KEY);
+          return NextResponse.json({
+            success: true,
+            message: `Created ${testEvents.length} test events`,
+            queue_length: queueLen,
+            events: testEvents.map(e => ({ level: e.log_level, category: e.category, message: e.message })),
+            note: 'Events will appear after drain service processes them',
+          }, { status: 201 });
+        }
+        // Single event creation
+        const logRecord = JSON.stringify({
+          ...baseRecord,
+          log_level: body.level || 'info',
+          category: body.category || 'user_action',
+          message: body.message || 'Test log entry',
+          context: body.context || { source: 'admin-test' },
+          user_id: body.user_id || null,
+          session_id: null,
+          url: body.url || '/admin/activity',
+        });
+        await redis.lpush(REDIS_SITE_LOG_KEY, logRecord);
+        await redis.expire(REDIS_SITE_LOG_KEY, REDIS_LOG_TTL);
+        const queueLen = await redis.llen(REDIS_SITE_LOG_KEY);
+        return NextResponse.json({
+          success: true,
+          message: 'Test log created',
+          queue_length: queueLen,
+          note: 'Log will appear after drain service processes it (every 5 seconds)',
+        }, { status: 201 });
+      } catch (error: any) {
+        console.error('[admin/site-logs] POST Error:', error);
+        return NextResponse.json(
+          { error: error.message || 'Internal error' },
+          { status: 500 }
+        );
+      }
+    },
+  };
+}
+/**
+ * Create site-logs stats handler
+ * Returns: { total, unique_users, by_level, by_category }
+ */
+export function createSiteLogsStatsHandler(config: SiteLogsHandlerConfig) {
+  return {
+    async GET(request: NextRequest) {
+      const adminCheck = await checkAdminRole(config.getAuthOptions);
+      if (adminCheck.error) return adminCheck.error;
+      const { searchParams } = new URL(request.url);
+      const vibeUrl = getVibeApiUrl(config);
+      const params = new URLSearchParams();
+      if (searchParams.get('from')) params.set('from', searchParams.get('from')!);
+      if (searchParams.get('to')) params.set('to', searchParams.get('to')!);
+      const headers: Record<string, string> = {
+        'Authorization': `Bearer ${adminCheck.accessToken}`,
+        'Content-Type': 'application/json',
+      };
+      if (adminCheck.clientId) {
+        headers['X-Client-Id'] = adminCheck.clientId;
+      }
+      try {
+        const response = await fetch(`${vibeUrl}/v1/admin/site-logs/stats?${params}`, { headers });
+        if (!response.ok) {
+          const errorText = await response.text();
+          console.error('[admin/site-logs/stats] Vibe error:', response.status, errorText);
+          return NextResponse.json(
+            { error: 'Failed to fetch stats', details: errorText },
+            { status: response.status }
+          );
+        }
+        const data = await response.json();
+        // Ensure response matches expected format: { total, unique_users, by_level, by_category }
+        return NextResponse.json(data);
+      } catch (error: any) {
+        console.error('[admin/site-logs/stats] Error:', error);
+        return NextResponse.json(
+          { error: error.message || 'Internal error' },
+          { status: 500 }
+        );
+      }
+    },
+  };
+}
+/**
+ * Create site-logs drain handler (manual trigger)
+ */
+export function createSiteLogsDrainHandler(config: SiteLogsHandlerConfig) {
+  return {
+    async POST(request: NextRequest) {
+      const adminCheck = await checkAdminRole(config.getAuthOptions);
+      if (adminCheck.error) return adminCheck.error;
+      const { searchParams } = new URL(request.url);
+      const maxEntries = searchParams.get('max_entries') || '100';
+      const vibeUrl = getVibeApiUrl(config);
+      const headers: Record<string, string> = {
+        'Authorization': `Bearer ${adminCheck.accessToken}`,
+        'Content-Type': 'application/json',
+      };
+      if (adminCheck.clientId) {
+        headers['X-Client-Id'] = adminCheck.clientId;
+      }
+      try {
+        const response = await fetch(`${vibeUrl}/v1/admin/site-logs/drain?maxEntries=${maxEntries}`, {
+          method: 'POST',
+          headers,
+        });
+        if (!response.ok) {
+          const errorText = await response.text();
+          console.error('[admin/site-logs/drain] Vibe error:', response.status, errorText);
+          return NextResponse.json(
+            { error: 'Failed to drain site logs', details: errorText },
+            { status: response.status }
+          );
+        }
+        const data = await response.json();
+        return NextResponse.json(data);
+      } catch (error: any) {
+        console.error('[admin/site-logs/drain] Error:', error);
+        return NextResponse.json(
+          { error: error.message || 'Internal error' },
+          { status: 500 }
+        );
+      }
+    },
+  };
+}
+/**
+ * Create site-logs queue status handler
+ */
+export function createSiteLogsQueueHandler(config: SiteLogsHandlerConfig) {
+  return {
+    async GET(request: NextRequest) {
+      const adminCheck = await checkAdminRole(config.getAuthOptions);
+      if (adminCheck.error) return adminCheck.error;
+      try {
+        const redis = getRedis();
+        const queueLength = await redis.llen(REDIS_SITE_LOG_KEY);
+        // Peek at the oldest and newest entries
+        let oldest_entry = null;
+        let newest_entry = null;
+        if (queueLength > 0) {
+          const oldest = await redis.lindex(REDIS_SITE_LOG_KEY, -1); // RPOP side (oldest)
+          const newest = await redis.lindex(REDIS_SITE_LOG_KEY, 0);  // LPUSH side (newest)
+          if (oldest) {
+            try {
+              const parsed = JSON.parse(oldest);
+              oldest_entry = {
+                message: parsed.message,
+                level: parsed.log_level,
+                timestamp: parsed.created_at || parsed.queued_at,
+              };
+            } catch {}
+          }
+          if (newest) {
+            try {
+              const parsed = JSON.parse(newest);
+              newest_entry = {
+                message: parsed.message,
+                level: parsed.log_level,
+                timestamp: parsed.created_at || parsed.queued_at,
+              };
+            } catch {}
+          }
+        }
+        return NextResponse.json({
+          queue_length: queueLength,
+          redis_key: REDIS_SITE_LOG_KEY,
+          oldest_entry,
+          newest_entry,
+          status: queueLength === 0 ? 'empty' : 'pending',
+        });
+      } catch (error: any) {
+        console.error('[admin/site-logs/queue] Error:', error);
+        return NextResponse.json(
+          { error: error.message || 'Internal error' },
+          { status: 500 }
+        );
+      }
+    },
+  };
+}