@playcademy/sandbox 0.1.0-beta.3 → 0.1.0-beta.5

package/dist/cli.js

@@ -13024,7 +13024,7 @@ globstar while`, file, fr, pattern, pr3, swallowee);
             }
           };
           for (let i3 = 0, c2;i3 < pattern.length && (c2 = pattern.charAt(i3)); i3++) {
-            this.debug("%s\t%s %s %j", pattern, i3, re3, c2);
+            this.debug("%s	%s %s %j", pattern, i3, re3, c2);
             if (escaping) {
               if (c2 === "/") {
                 return false;
@@ -21547,7 +21547,7 @@ Is ${source_default.bold.blue(this.base.name)} schema created or renamed from an
         IS_LINE_JUNK = function(line2, pat = /^\s*#?\s*$/) {
           return pat.test(line2);
         };
-        IS_CHARACTER_JUNK = function(ch, ws = " \t") {
+        IS_CHARACTER_JUNK = function(ch, ws = " 	") {
           return indexOf.call(ws, ch) >= 0;
         };
         _formatRangeUnified = function(start2, stop2) {
@@ -31137,7 +31137,7 @@ globstar while`, file, fr, pattern, pr3, swallowee);
             }
           };
           for (let i3 = 0, c2;i3 < pattern.length && (c2 = pattern.charAt(i3)); i3++) {
-            this.debug("%s\t%s %s %j", pattern, i3, re3, c2);
+            this.debug("%s	%s %s %j", pattern, i3, re3, c2);
             if (escaping) {
               if (c2 === "/") {
                 return false;
@@ -52844,8 +52844,8 @@ var DEMO_USER = {
   email: "demo@playcademy.com",
   emailVerified: true,
   image: null,
-  role: "player",
-  developerStatus: "none",
+  role: "developer",
+  developerStatus: "approved",
   createdAt: now,
   updatedAt: now
 };
@@ -72673,6 +72673,8 @@ __export(exports_schemas, {
   verification: () => verification,
   users: () => users,
   userRoleEnum: () => userRoleEnum,
+  userLevelsRelations: () => userLevelsRelations,
+  userLevels: () => userLevels,
   shopListingsRelations: () => shopListingsRelations,
   shopListings: () => shopListings,
   sessions: () => sessions,
@@ -72680,6 +72682,7 @@ __export(exports_schemas, {
   maps: () => maps,
   mapElementsRelations: () => mapElementsRelations,
   mapElements: () => mapElements,
+  levelConfigs: () => levelConfigs,
   itemsRelations: () => itemsRelations,
   items: () => items,
   itemTypeEnum: () => itemTypeEnum,
@@ -72696,11 +72699,14 @@ __export(exports_schemas, {
   currenciesRelations: () => currenciesRelations,
   currencies: () => currencies,
   accounts: () => accounts,
+  XPActionInputSchema: () => XPActionInputSchema,
   VersionSchema: () => VersionSchema,
   UpsertGameMetadataSchema: () => UpsertGameMetadataSchema,
   UpdateUserSchema: () => UpdateUserSchema,
+  UpdateUserLevelSchema: () => UpdateUserLevelSchema,
   UpdateShopListingSchema: () => UpdateShopListingSchema,
   UpdateMapElementSchema: () => UpdateMapElementSchema,
+  UpdateLevelConfigSchema: () => UpdateLevelConfigSchema,
   UpdateItemSchema: () => UpdateItemSchema,
   UpdateInventoryItemSchema: () => UpdateInventoryItemSchema,
   UpdateGameStateSchema: () => UpdateGameStateSchema,
@@ -72711,10 +72717,12 @@ __export(exports_schemas, {
   StartSessionInputSchema: () => StartSessionInputSchema,
   SelectVerificationSchema: () => SelectVerificationSchema,
   SelectUserSchema: () => SelectUserSchema,
+  SelectUserLevelSchema: () => SelectUserLevelSchema,
   SelectShopListingSchema: () => SelectShopListingSchema,
   SelectSessionSchema: () => SelectSessionSchema,
   SelectMapSchema: () => SelectMapSchema,
   SelectMapElementSchema: () => SelectMapElementSchema,
+  SelectLevelConfigSchema: () => SelectLevelConfigSchema,
   SelectItemSchema: () => SelectItemSchema,
   SelectInventoryItemSchema: () => SelectInventoryItemSchema,
   SelectGameStateSchema: () => SelectGameStateSchema,
@@ -72726,13 +72734,16 @@ __export(exports_schemas, {
   ProcessZipSchema: () => ProcessZipSchema,
   MapElementMetadataZodSchema: () => MapElementMetadataZodSchema,
   ManifestV1Schema: () => ManifestV1Schema,
+  MAX_LEVEL: () => MAX_LEVEL,
   ItemMetadataSchema: () => ItemMetadataSchema,
   InventoryActionInputSchema: () => InventoryActionInputSchema,
   InsertVerificationSchema: () => InsertVerificationSchema,
   InsertUserSchema: () => InsertUserSchema,
+  InsertUserLevelSchema: () => InsertUserLevelSchema,
   InsertShopListingSchema: () => InsertShopListingSchema,
   InsertSessionSchema: () => InsertSessionSchema,
   InsertMapElementSchema: () => InsertMapElementSchema,
+  InsertLevelConfigSchema: () => InsertLevelConfigSchema,
   InsertItemSchema: () => InsertItemSchema,
   InsertInventoryItemSchema: () => InsertInventoryItemSchema,
   InsertGameStateSchema: () => InsertGameStateSchema,
@@ -77508,6 +77519,54 @@ var InsertShopListingSchema = createInsertSchema(shopListings, {
 }).omit({ id: true, createdAt: true, updatedAt: true });
 var SelectShopListingSchema = createSelectSchema(shopListings);
 var UpdateShopListingSchema = InsertShopListingSchema.partial().extend({});
+// ../data/src/schemas/levels.ts
+var MAX_LEVEL = 100;
+var userLevels = pgTable("user_levels", {
+  userId: text("user_id").primaryKey().references(() => users.id, { onDelete: "cascade" }),
+  currentLevel: integer("current_level").notNull().default(1),
+  currentXp: integer("current_xp").notNull().default(0),
+  totalXP: integer("total_xp").notNull().default(0),
+  lastLevelUpAt: timestamp("last_level_up_at", { withTimezone: true }),
+  createdAt: timestamp("created_at").defaultNow().notNull(),
+  updatedAt: timestamp("updated_at", { withTimezone: true }).defaultNow().$onUpdate(() => new Date)
+});
+var levelConfigs = pgTable("level_configs", {
+  id: uuid("id").primaryKey().defaultRandom(),
+  level: integer("level").notNull().unique(),
+  xpRequired: integer("xp_required").notNull(),
+  creditsReward: integer("credits_reward").notNull().default(0),
+  createdAt: timestamp("created_at").defaultNow().notNull()
+}, (table) => [uniqueIndex("unique_level_config_idx").on(table.level)]);
+var userLevelsRelations = relations(userLevels, ({ one }) => ({
+  user: one(users, {
+    fields: [userLevels.userId],
+    references: [users.id]
+  })
+}));
+var InsertUserLevelSchema = createInsertSchema(userLevels, {
+  userId: exports_external.string().min(1, "User ID is required"),
+  currentLevel: exports_external.number().int().min(1, "Level must be at least 1").default(1),
+  currentXp: exports_external.number().int().min(0, "XP cannot be negative").default(0),
+  totalXP: exports_external.number().int().min(0, "Total XP cannot be negative").default(0)
+}).omit({ createdAt: true, updatedAt: true });
+var SelectUserLevelSchema = createSelectSchema(userLevels);
+var UpdateUserLevelSchema = createUpdateSchema(userLevels).omit({
+  userId: true,
+  createdAt: true
+});
+var InsertLevelConfigSchema = createInsertSchema(levelConfigs, {
+  level: exports_external.number().int().min(1, "Level must be at least 1"),
+  xpRequired: exports_external.number().int().min(0, "XP required cannot be negative"),
+  creditsReward: exports_external.number().int().min(0, "Credits reward cannot be negative").default(0)
+}).omit({ id: true, createdAt: true });
+var SelectLevelConfigSchema = createSelectSchema(levelConfigs);
+var UpdateLevelConfigSchema = createUpdateSchema(levelConfigs).omit({
+  id: true,
+  createdAt: true
+});
+var XPActionInputSchema = exports_external.object({
+  amount: exports_external.number().int("XP amount must be an integer").positive("XP amount must be positive")
+});
 // src/database/path-manager.ts
 import fs2 from "node:fs";
 import { join as join2, isAbsolute, dirname } from "node:path";
@@ -77587,12 +77646,47 @@ async function seedDemoData(db) {
     for (const inventory2 of SAMPLE_INVENTORY) {
       await db.insert(inventoryItems).values(inventory2);
     }
+    const levelConfigsData = generateLevelConfigs();
+    for (const config of levelConfigsData) {
+      await db.insert(levelConfigs).values(config);
+    }
   } catch (error2) {
     console.error("❌ Error seeding demo data:", error2);
     throw error2;
   }
   return DEMO_USER;
 }
+function generateLevelConfigs() {
+  const configs = [];
+  for (let level = 1;level <= 100; level++) {
+    let xpRequired;
+    if (level === 1) {
+      xpRequired = 0;
+    } else {
+      const baseXp = Math.pow(level - 1, 1.8) * 100;
+      let roundTo;
+      if (level <= 10) {
+        roundTo = 50;
+      } else if (level <= 20) {
+        roundTo = 100;
+      } else if (level <= 50) {
+        roundTo = 250;
+      } else {
+        roundTo = 500;
+      }
+      xpRequired = Math.round(baseXp / roundTo) * roundTo;
+    }
+    const baseReward = level === 1 ? 0 : 25 + (level - 1) * 25;
+    const bonusReward = Math.floor((level - 1) / 10) * 50;
+    const creditsReward = baseReward + bonusReward;
+    configs.push({
+      level,
+      xpRequired,
+      creditsReward
+    });
+  }
+  return configs;
+}
 async function seedCurrentProjectGame(db, project) {
   const now2 = new Date;
   try {
@@ -77628,7 +77722,7 @@ async function seedCurrentProjectGame(db, project) {
 // package.json
 var package_default = {
   name: "@playcademy/sandbox",
-  version: "0.1.0-beta.2",
+  version: "0.1.0-beta.4",
   description: "Local development server for Playcademy game development",
   type: "module",
   exports: {
@@ -77731,6 +77825,291 @@ async function getUserMe(ctx) {
   }
 }
 
+// ../data/src/constants.ts
+var ITEM_INTERNAL_NAMES = {
+  PLAYCADEMY_CREDITS: "PLAYCADEMY_CREDITS",
+  PLAYCADEMY_XP: "PLAYCADEMY_XP",
+  FOUNDING_MEMBER_BADGE: "FOUNDING_MEMBER_BADGE",
+  EARLY_ADOPTER_BADGE: "EARLY_ADOPTER_BADGE",
+  FIRST_GAME_BADGE: "FIRST_GAME_BADGE",
+  COMMON_SWORD: "COMMON_SWORD",
+  SMALL_HEALTH_POTION: "SMALL_HEALTH_POTION",
+  SMALL_BACKPACK: "SMALL_BACKPACK"
+};
+var CURRENCIES = {
+  PRIMARY: ITEM_INTERNAL_NAMES.PLAYCADEMY_CREDITS,
+  XP: ITEM_INTERNAL_NAMES.PLAYCADEMY_XP
+};
+var BADGES = {
+  FOUNDING_MEMBER: ITEM_INTERNAL_NAMES.FOUNDING_MEMBER_BADGE,
+  EARLY_ADOPTER: ITEM_INTERNAL_NAMES.EARLY_ADOPTER_BADGE,
+  FIRST_GAME: ITEM_INTERNAL_NAMES.FIRST_GAME_BADGE
+};
+
+// ../api-core/src/utils/levels.ts
+var levelConfigCache = null;
+async function getLevelConfig(db, level) {
+  if (level < 1) {
+    throw ApiError.badRequest("Level must be at least 1");
+  }
+  if (levelConfigCache?.has(level)) {
+    return levelConfigCache.get(level) || null;
+  }
+  try {
+    const [config] = await db.select().from(levelConfigs).where(eq(levelConfigs.level, level)).limit(1);
+    if (levelConfigCache && config) {
+      levelConfigCache.set(level, config);
+    }
+    return config || null;
+  } catch (error2) {
+    logger2.error(`Error fetching level config for level ${level}:`, error2);
+    throw ApiError.internal("Internal server error", error2);
+  }
+}
+async function calculateXPToNextLevel(db, currentLevel, currentXp) {
+  try {
+    const nextLevelConfig = await getLevelConfig(db, currentLevel + 1);
+    if (!nextLevelConfig) {
+      return 0;
+    }
+    return Math.max(0, nextLevelConfig.xpRequired - currentXp);
+  } catch (error2) {
+    logger2.error(`Error calculating XP to next level:`, error2);
+    throw ApiError.internal("Internal server error", error2);
+  }
+}
+async function checkLevelUp(tx, currentLevel, newXp) {
+  let level = currentLevel;
+  let remainingXp = newXp;
+  let totalCreditsAwarded = 0;
+  let leveledUp = false;
+  while (true) {
+    if (level >= MAX_LEVEL) {
+      break;
+    }
+    const nextLevelConfig2 = await tx.select().from(levelConfigs).where(eq(levelConfigs.level, level + 1)).limit(1);
+    const [nextLevel2] = nextLevelConfig2;
+    if (!nextLevel2) {
+      break;
+    }
+    if (remainingXp >= nextLevel2.xpRequired) {
+      level += 1;
+      remainingXp -= nextLevel2.xpRequired;
+      totalCreditsAwarded += nextLevel2.creditsReward;
+      leveledUp = true;
+    } else {
+      break;
+    }
+  }
+  const nextLevelConfig = await tx.select().from(levelConfigs).where(eq(levelConfigs.level, level + 1)).limit(1);
+  const [nextLevel] = nextLevelConfig;
+  const xpToNextLevel = nextLevel ? Math.max(0, nextLevel.xpRequired - remainingXp) : 0;
+  return {
+    newLevel: level,
+    remainingXp,
+    leveledUp,
+    creditsAwarded: totalCreditsAwarded,
+    xpToNextLevel
+  };
+}
+
+// ../api-core/src/utils/validation.ts
+function formatValidationErrors(error2) {
+  const flattened = error2.flatten();
+  const fieldErrors = Object.entries(flattened.fieldErrors).map(([field, errors2]) => `${field}: ${errors2?.join(", ") || "Invalid"}`).join("; ");
+  const formErrors = flattened.formErrors.join("; ");
+  const allErrors = [fieldErrors, formErrors].filter(Boolean).join("; ");
+  return allErrors || "Validation failed";
+}
+
+// ../api-core/src/levels/index.ts
+var AddXPSchema = XPActionInputSchema;
+async function getUserLevel(ctx) {
+  const user = ctx.user;
+  if (!user) {
+    throw ApiError.unauthorized("Valid session or bearer token required");
+  }
+  try {
+    const db = getDatabase();
+    let [userLevel] = await db.select().from(userLevels).where(eq(userLevels.userId, user.id)).limit(1);
+    if (!userLevel) {
+      const [newUserLevel] = await db.insert(userLevels).values({
+        userId: user.id,
+        currentLevel: 1,
+        currentXp: 0,
+        totalXP: 0
+      }).returning();
+      if (!newUserLevel) {
+        throw ApiError.internal("Failed to create user level record");
+      }
+      userLevel = newUserLevel;
+    }
+    return userLevel;
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      throw error2;
+    }
+    logger2.error(`Error fetching user level for user ${user.id}:`, error2);
+    throw ApiError.internal("Internal server error", error2);
+  }
+}
+async function addXP(ctx, amount) {
+  const user = ctx.user;
+  if (!user) {
+    throw ApiError.unauthorized("Valid session or bearer token required");
+  }
+  if (amount <= 0) {
+    throw ApiError.badRequest("XP amount must be positive");
+  }
+  try {
+    const db = getDatabase();
+    const result = await db.transaction(async (tx) => {
+      let [userLevel] = await tx.select().from(userLevels).where(eq(userLevels.userId, user.id)).limit(1);
+      if (!userLevel) {
+        const [newUserLevel] = await tx.insert(userLevels).values({
+          userId: user.id,
+          currentLevel: 1,
+          currentXp: 0,
+          totalXP: 0
+        }).returning();
+        if (!newUserLevel) {
+          throw ApiError.internal("Failed to create user level record");
+        }
+        userLevel = newUserLevel;
+      }
+      const newCurrentXp = userLevel.currentXp + amount;
+      const newTotalXP = userLevel.totalXP + amount;
+      const levelUpResult = await checkLevelUp(tx, userLevel.currentLevel, newCurrentXp);
+      const [updatedUserLevel] = await tx.update(userLevels).set({
+        currentLevel: levelUpResult.newLevel,
+        currentXp: levelUpResult.remainingXp,
+        totalXP: newTotalXP,
+        lastLevelUpAt: levelUpResult.leveledUp ? new Date : userLevel.lastLevelUpAt
+      }).where(eq(userLevels.userId, user.id)).returning();
+      if (!updatedUserLevel) {
+        throw ApiError.internal("Failed to update user level");
+      }
+      let creditsAwarded = 0;
+      if (levelUpResult.leveledUp) {
+        const creditsToAward = levelUpResult.creditsAwarded;
+        logger2.debug("User leveled up", {
+          userId: user.id,
+          oldLevel: userLevel.currentLevel,
+          newLevel: levelUpResult.newLevel,
+          xpAdded: amount,
+          totalXP: newTotalXP,
+          creditsAwarded: creditsToAward
+        });
+        if (creditsToAward > 0) {
+          const [creditsItem] = await tx.select({ id: items.id }).from(items).where(eq(items.internalName, CURRENCIES.PRIMARY)).limit(1);
+          if (!creditsItem) {
+            throw ApiError.internal(`${CURRENCIES.PRIMARY} item not found`);
+          }
+          await tx.insert(inventoryItems).values({
+            userId: user.id,
+            itemId: creditsItem.id,
+            quantity: creditsToAward
+          }).onConflictDoUpdate({
+            target: [
+              inventoryItems.userId,
+              inventoryItems.itemId
+            ],
+            set: {
+              quantity: sql`${inventoryItems.quantity} + ${creditsToAward}`
+            }
+          });
+        }
+        creditsAwarded = creditsToAward;
+      } else {
+        logger2.debug("XP added to user", {
+          userId: user.id,
+          level: userLevel.currentLevel,
+          xpAdded: amount,
+          totalXP: newTotalXP
+        });
+      }
+      return {
+        totalXP: newTotalXP,
+        newLevel: levelUpResult.newLevel,
+        leveledUp: levelUpResult.leveledUp,
+        creditsAwarded,
+        xpToNextLevel: levelUpResult.xpToNextLevel
+      };
+    });
+    return result;
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      throw error2;
+    }
+    logger2.error(`Error adding XP for user ${user.id}:`, error2);
+    throw ApiError.internal("Internal server error", error2);
+  }
+}
+async function addXPFromRequest(ctx) {
+  let amount;
+  try {
+    const requestBody = await ctx.request.json();
+    const parsed = AddXPSchema.parse(requestBody);
+    amount = parsed.amount;
+  } catch (error2) {
+    if (error2 instanceof ZodError) {
+      throw ApiError.badRequest(`Validation failed: ${formatValidationErrors(error2)}`);
+    }
+    logger2.error("Failed to parse request body:", error2);
+    throw ApiError.badRequest("Invalid JSON body");
+  }
+  return await addXP(ctx, amount);
+}
+async function getAllLevelConfigs(_ctx) {
+  try {
+    const db = getDatabase();
+    const configs = await db.select().from(levelConfigs).orderBy(levelConfigs.level);
+    return configs;
+  } catch (error2) {
+    logger2.error("Error fetching all level configs:", error2);
+    throw ApiError.internal("Internal server error", error2);
+  }
+}
+async function getUserLevelProgress(ctx) {
+  const userLevel = await getUserLevel(ctx);
+  try {
+    const db = getDatabase();
+    const xpToNextLevel = await calculateXPToNextLevel(db, userLevel.currentLevel, userLevel.currentXp);
+    return {
+      level: userLevel.currentLevel,
+      currentXp: userLevel.currentXp,
+      xpToNextLevel,
+      totalXP: userLevel.totalXP
+    };
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      throw error2;
+    }
+    logger2.error(`Error fetching user level progress:`, error2);
+    throw ApiError.internal("Internal server error", error2);
+  }
+}
+async function getLevelConfigByPath(ctx) {
+  const levelParam = ctx.params.level;
+  if (!levelParam) {
+    throw ApiError.badRequest("Level parameter is required");
+  }
+  const level = parseInt(levelParam, 10);
+  if (isNaN(level) || level < 1) {
+    throw ApiError.badRequest("Level must be a positive integer");
+  }
+  try {
+    const db = getDatabase();
+    return await getLevelConfig(db, level);
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      throw error2;
+    }
+    logger2.error(`Error fetching level config for level ${level}:`, error2);
+    throw ApiError.internal("Internal server error", error2);
+  }
+}
+
 // src/routes/users.ts
 var usersRouter = new Hono2;
 usersRouter.get("/me", async (c2) => {
@@ -77752,18 +78131,66 @@ usersRouter.get("/me", async (c2) => {
     return c2.json({ error: message }, 500);
   }
 });
+usersRouter.get("/level", async (c2) => {
+  const ctx = {
+    user: c2.get("user"),
+    params: {},
+    url: new URL(c2.req.url),
+    request: c2.req.raw
+  };
+  try {
+    const levelData = await getUserLevel(ctx);
+    return c2.json(levelData);
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      return c2.json({ error: error2.message }, error2.statusCode);
+    }
+    console.error("Error in getUserLevel:", error2);
+    const message = error2 instanceof Error ? error2.message : "Internal server error";
+    return c2.json({ error: message }, 500);
+  }
+});
+usersRouter.get("/level/progress", async (c2) => {
+  const ctx = {
+    user: c2.get("user"),
+    params: {},
+    url: new URL(c2.req.url),
+    request: c2.req.raw
+  };
+  try {
+    const progressData = await getUserLevelProgress(ctx);
+    return c2.json(progressData);
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      return c2.json({ error: error2.message }, error2.statusCode);
+    }
+    console.error("Error in getUserLevelProgress:", error2);
+    const message = error2 instanceof Error ? error2.message : "Internal server error";
+    return c2.json({ error: message }, 500);
+  }
+});
+usersRouter.post("/xp/add", async (c2) => {
+  const ctx = {
+    user: c2.get("user"),
+    params: {},
+    url: new URL(c2.req.url),
+    request: c2.req.raw
+  };
+  try {
+    const result = await addXPFromRequest(ctx);
+    return c2.json(result);
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      return c2.json({ error: error2.message }, error2.statusCode);
+    }
+    console.error("Error in addXPFromRequest:", error2);
+    const message = error2 instanceof Error ? error2.message : "Internal server error";
+    return c2.json({ error: message }, 500);
+  }
+});
 // src/routes/health.ts
 var healthRouter = new Hono2;
 healthRouter.get("/", (c2) => c2.json({ status: "ok", timestamp: new Date().toISOString() }));
-// ../api-core/src/utils/validation.ts
-function formatValidationErrors(error2) {
-  const flattened = error2.flatten();
-  const fieldErrors = Object.entries(flattened.fieldErrors).map(([field, errors2]) => `${field}: ${errors2?.join(", ") || "Invalid"}`).join("; ");
-  const formErrors = flattened.formErrors.join("; ");
-  const allErrors = [fieldErrors, formErrors].filter(Boolean).join("; ");
-  return allErrors || "Validation failed";
-}
-
 // ../api-core/src/inventory/index.ts
 async function getUserInventory(ctx) {
   const user = ctx.user;
@@ -81993,6 +82420,46 @@ devRouter.delete("/keys/:keyId", async (c2) => {
     return c2.json({ error: message2 }, 500);
   }
 });
+// src/routes/levels.ts
+var levelsRouter = new Hono2;
+levelsRouter.get("/config", async (c2) => {
+  const ctx = {
+    user: c2.get("user"),
+    params: {},
+    url: new URL(c2.req.url),
+    request: c2.req.raw
+  };
+  try {
+    const configs = await getAllLevelConfigs(ctx);
+    return c2.json(configs);
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      return c2.json({ error: error2.message }, error2.statusCode);
+    }
+    console.error("Error in getAllLevelConfigs:", error2);
+    const message2 = error2 instanceof Error ? error2.message : "Internal server error";
+    return c2.json({ error: message2 }, 500);
+  }
+});
+levelsRouter.get("/config/:level", async (c2) => {
+  const ctx = {
+    user: c2.get("user"),
+    params: { level: c2.req.param("level") },
+    url: new URL(c2.req.url),
+    request: c2.req.raw
+  };
+  try {
+    const config = await getLevelConfigByPath(ctx);
+    return c2.json(config);
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      return c2.json({ error: error2.message }, error2.statusCode);
+    }
+    console.error("Error in getLevelConfigByPath:", error2);
+    const message2 = error2 instanceof Error ? error2.message : "Internal server error";
+    return c2.json({ error: message2 }, 500);
+  }
+});
 // src/server.ts
 async function startServer(options) {
   const { port, verbose, project } = options;
@@ -82019,6 +82486,7 @@ async function startServer(options) {
   app.route("/api/maps", mapsRouter);
   app.route("/api/shop-listings", shopListingsRouter);
   app.route("/api/dev", devRouter);
+  app.route("/api/levels", levelsRouter);
   return serve({ fetch: app.fetch, port });
 }
 var version3 = package_default.version;

package/dist/constants.d.ts

@@ -1,22 +1,11 @@
-import type { Item } from '@playcademy/data/schemas';
-export declare const DEMO_USER: {
-    id: `${string}-${string}-${string}-${string}-${string}`;
-    name: string;
-    username: string;
-    email: string;
-    emailVerified: boolean;
-    image: null;
-    role: "player";
-    developerStatus: "none";
-    createdAt: Date;
-    updatedAt: Date;
-};
+import type { Item, User } from '@playcademy/data/schemas';
+export declare const DEMO_USER: User;
 export declare const DEMO_TOKEN = "demo-token";
 export declare const PLAYCADEMY_CREDITS_ID: `${string}-${string}-${string}-${string}-${string}`;
 export declare const SAMPLE_ITEMS: Omit<Item, 'createdAt'>[];
 export declare const SAMPLE_INVENTORY: {
     id: `${string}-${string}-${string}-${string}-${string}`;
-    userId: `${string}-${string}-${string}-${string}-${string}`;
+    userId: string;
     itemId: `${string}-${string}-${string}-${string}-${string}`;
     quantity: number;
 }[];

package/dist/database/seed.d.ts

@@ -1,17 +1,22 @@
 import { setupDatabase } from '.';
 import type { ProjectInfo } from '../types';
 export declare function seedDemoData(db: Awaited<ReturnType<typeof setupDatabase>>): Promise<{
-    id: `${string}-${string}-${string}-${string}-${string}`;
+    id: string;
     name: string;
-    username: string;
+    username: string | null;
     email: string;
     emailVerified: boolean;
-    image: null;
-    role: "player";
-    developerStatus: "none";
+    image: string | null;
+    role: "admin" | "player" | "developer";
+    developerStatus: "none" | "pending" | "approved";
     createdAt: Date;
     updatedAt: Date;
 }>;
+export declare function generateLevelConfigs(): {
+    level: number;
+    xpRequired: number;
+    creditsReward: number;
+}[];
 export declare function seedCurrentProjectGame(db: Awaited<ReturnType<typeof setupDatabase>>, project: ProjectInfo): Promise<{
     id: string;
     createdAt: Date | null;

package/dist/routes/index.d.ts

@@ -9,3 +9,4 @@ export { currenciesRouter } from './currencies';
 export { mapRouter, mapsRouter } from './maps';
 export { shopListingsRouter } from './shop-listings';
 export { devRouter } from './dev';
+export { levelsRouter } from './levels';

package/dist/routes/levels.d.ts

@@ -0,0 +1,3 @@
+import { Hono } from 'hono';
+import type { HonoEnv } from '../types';
+export declare const levelsRouter: Hono<HonoEnv, import("hono/types").BlankSchema, "/">;

package/dist/server.js

@@ -13023,7 +13023,7 @@ globstar while`, file, fr, pattern, pr3, swallowee);
             }
           };
           for (let i3 = 0, c2;i3 < pattern.length && (c2 = pattern.charAt(i3)); i3++) {
-            this.debug("%s\t%s %s %j", pattern, i3, re3, c2);
+            this.debug("%s	%s %s %j", pattern, i3, re3, c2);
             if (escaping) {
               if (c2 === "/") {
                 return false;
@@ -21546,7 +21546,7 @@ Is ${source_default.bold.blue(this.base.name)} schema created or renamed from an
         IS_LINE_JUNK = function(line2, pat = /^\s*#?\s*$/) {
           return pat.test(line2);
         };
-        IS_CHARACTER_JUNK = function(ch, ws = " \t") {
+        IS_CHARACTER_JUNK = function(ch, ws = " 	") {
           return indexOf.call(ws, ch) >= 0;
         };
         _formatRangeUnified = function(start2, stop2) {
@@ -31136,7 +31136,7 @@ globstar while`, file, fr, pattern, pr3, swallowee);
             }
           };
           for (let i3 = 0, c2;i3 < pattern.length && (c2 = pattern.charAt(i3)); i3++) {
-            this.debug("%s\t%s %s %j", pattern, i3, re3, c2);
+            this.debug("%s	%s %s %j", pattern, i3, re3, c2);
             if (escaping) {
               if (c2 === "/") {
                 return false;
@@ -50934,8 +50934,8 @@ var DEMO_USER = {
   email: "demo@playcademy.com",
   emailVerified: true,
   image: null,
-  role: "player",
-  developerStatus: "none",
+  role: "developer",
+  developerStatus: "approved",
   createdAt: now,
   updatedAt: now
 };
@@ -70763,6 +70763,8 @@ __export(exports_schemas, {
   verification: () => verification,
   users: () => users,
   userRoleEnum: () => userRoleEnum,
+  userLevelsRelations: () => userLevelsRelations,
+  userLevels: () => userLevels,
   shopListingsRelations: () => shopListingsRelations,
   shopListings: () => shopListings,
   sessions: () => sessions,
@@ -70770,6 +70772,7 @@ __export(exports_schemas, {
   maps: () => maps,
   mapElementsRelations: () => mapElementsRelations,
   mapElements: () => mapElements,
+  levelConfigs: () => levelConfigs,
   itemsRelations: () => itemsRelations,
   items: () => items,
   itemTypeEnum: () => itemTypeEnum,
@@ -70786,11 +70789,14 @@ __export(exports_schemas, {
   currenciesRelations: () => currenciesRelations,
   currencies: () => currencies,
   accounts: () => accounts,
+  XPActionInputSchema: () => XPActionInputSchema,
   VersionSchema: () => VersionSchema,
   UpsertGameMetadataSchema: () => UpsertGameMetadataSchema,
   UpdateUserSchema: () => UpdateUserSchema,
+  UpdateUserLevelSchema: () => UpdateUserLevelSchema,
   UpdateShopListingSchema: () => UpdateShopListingSchema,
   UpdateMapElementSchema: () => UpdateMapElementSchema,
+  UpdateLevelConfigSchema: () => UpdateLevelConfigSchema,
   UpdateItemSchema: () => UpdateItemSchema,
   UpdateInventoryItemSchema: () => UpdateInventoryItemSchema,
   UpdateGameStateSchema: () => UpdateGameStateSchema,
@@ -70801,10 +70807,12 @@ __export(exports_schemas, {
   StartSessionInputSchema: () => StartSessionInputSchema,
   SelectVerificationSchema: () => SelectVerificationSchema,
   SelectUserSchema: () => SelectUserSchema,
+  SelectUserLevelSchema: () => SelectUserLevelSchema,
   SelectShopListingSchema: () => SelectShopListingSchema,
   SelectSessionSchema: () => SelectSessionSchema,
   SelectMapSchema: () => SelectMapSchema,
   SelectMapElementSchema: () => SelectMapElementSchema,
+  SelectLevelConfigSchema: () => SelectLevelConfigSchema,
   SelectItemSchema: () => SelectItemSchema,
   SelectInventoryItemSchema: () => SelectInventoryItemSchema,
   SelectGameStateSchema: () => SelectGameStateSchema,
@@ -70816,13 +70824,16 @@ __export(exports_schemas, {
   ProcessZipSchema: () => ProcessZipSchema,
   MapElementMetadataZodSchema: () => MapElementMetadataZodSchema,
   ManifestV1Schema: () => ManifestV1Schema,
+  MAX_LEVEL: () => MAX_LEVEL,
   ItemMetadataSchema: () => ItemMetadataSchema,
   InventoryActionInputSchema: () => InventoryActionInputSchema,
   InsertVerificationSchema: () => InsertVerificationSchema,
   InsertUserSchema: () => InsertUserSchema,
+  InsertUserLevelSchema: () => InsertUserLevelSchema,
   InsertShopListingSchema: () => InsertShopListingSchema,
   InsertSessionSchema: () => InsertSessionSchema,
   InsertMapElementSchema: () => InsertMapElementSchema,
+  InsertLevelConfigSchema: () => InsertLevelConfigSchema,
   InsertItemSchema: () => InsertItemSchema,
   InsertInventoryItemSchema: () => InsertInventoryItemSchema,
   InsertGameStateSchema: () => InsertGameStateSchema,
@@ -75598,6 +75609,54 @@ var InsertShopListingSchema = createInsertSchema(shopListings, {
 }).omit({ id: true, createdAt: true, updatedAt: true });
 var SelectShopListingSchema = createSelectSchema(shopListings);
 var UpdateShopListingSchema = InsertShopListingSchema.partial().extend({});
+// ../data/src/schemas/levels.ts
+var MAX_LEVEL = 100;
+var userLevels = pgTable("user_levels", {
+  userId: text("user_id").primaryKey().references(() => users.id, { onDelete: "cascade" }),
+  currentLevel: integer("current_level").notNull().default(1),
+  currentXp: integer("current_xp").notNull().default(0),
+  totalXP: integer("total_xp").notNull().default(0),
+  lastLevelUpAt: timestamp("last_level_up_at", { withTimezone: true }),
+  createdAt: timestamp("created_at").defaultNow().notNull(),
+  updatedAt: timestamp("updated_at", { withTimezone: true }).defaultNow().$onUpdate(() => new Date)
+});
+var levelConfigs = pgTable("level_configs", {
+  id: uuid("id").primaryKey().defaultRandom(),
+  level: integer("level").notNull().unique(),
+  xpRequired: integer("xp_required").notNull(),
+  creditsReward: integer("credits_reward").notNull().default(0),
+  createdAt: timestamp("created_at").defaultNow().notNull()
+}, (table) => [uniqueIndex("unique_level_config_idx").on(table.level)]);
+var userLevelsRelations = relations(userLevels, ({ one }) => ({
+  user: one(users, {
+    fields: [userLevels.userId],
+    references: [users.id]
+  })
+}));
+var InsertUserLevelSchema = createInsertSchema(userLevels, {
+  userId: exports_external.string().min(1, "User ID is required"),
+  currentLevel: exports_external.number().int().min(1, "Level must be at least 1").default(1),
+  currentXp: exports_external.number().int().min(0, "XP cannot be negative").default(0),
+  totalXP: exports_external.number().int().min(0, "Total XP cannot be negative").default(0)
+}).omit({ createdAt: true, updatedAt: true });
+var SelectUserLevelSchema = createSelectSchema(userLevels);
+var UpdateUserLevelSchema = createUpdateSchema(userLevels).omit({
+  userId: true,
+  createdAt: true
+});
+var InsertLevelConfigSchema = createInsertSchema(levelConfigs, {
+  level: exports_external.number().int().min(1, "Level must be at least 1"),
+  xpRequired: exports_external.number().int().min(0, "XP required cannot be negative"),
+  creditsReward: exports_external.number().int().min(0, "Credits reward cannot be negative").default(0)
+}).omit({ id: true, createdAt: true });
+var SelectLevelConfigSchema = createSelectSchema(levelConfigs);
+var UpdateLevelConfigSchema = createUpdateSchema(levelConfigs).omit({
+  id: true,
+  createdAt: true
+});
+var XPActionInputSchema = exports_external.object({
+  amount: exports_external.number().int("XP amount must be an integer").positive("XP amount must be positive")
+});
 // src/database/path-manager.ts
 import fs2 from "node:fs";
 import { join as join2, isAbsolute, dirname } from "node:path";
@@ -75677,12 +75736,47 @@ async function seedDemoData(db) {
     for (const inventory2 of SAMPLE_INVENTORY) {
       await db.insert(inventoryItems).values(inventory2);
     }
+    const levelConfigsData = generateLevelConfigs();
+    for (const config of levelConfigsData) {
+      await db.insert(levelConfigs).values(config);
+    }
   } catch (error2) {
     console.error("❌ Error seeding demo data:", error2);
     throw error2;
   }
   return DEMO_USER;
 }
+function generateLevelConfigs() {
+  const configs = [];
+  for (let level = 1;level <= 100; level++) {
+    let xpRequired;
+    if (level === 1) {
+      xpRequired = 0;
+    } else {
+      const baseXp = Math.pow(level - 1, 1.8) * 100;
+      let roundTo;
+      if (level <= 10) {
+        roundTo = 50;
+      } else if (level <= 20) {
+        roundTo = 100;
+      } else if (level <= 50) {
+        roundTo = 250;
+      } else {
+        roundTo = 500;
+      }
+      xpRequired = Math.round(baseXp / roundTo) * roundTo;
+    }
+    const baseReward = level === 1 ? 0 : 25 + (level - 1) * 25;
+    const bonusReward = Math.floor((level - 1) / 10) * 50;
+    const creditsReward = baseReward + bonusReward;
+    configs.push({
+      level,
+      xpRequired,
+      creditsReward
+    });
+  }
+  return configs;
+}
 async function seedCurrentProjectGame(db, project) {
   const now2 = new Date;
   try {
@@ -75718,7 +75812,7 @@ async function seedCurrentProjectGame(db, project) {
 // package.json
 var package_default = {
   name: "@playcademy/sandbox",
-  version: "0.1.0-beta.2",
+  version: "0.1.0-beta.4",
   description: "Local development server for Playcademy game development",
   type: "module",
   exports: {
@@ -75821,6 +75915,291 @@ async function getUserMe(ctx) {
   }
 }
 
+// ../data/src/constants.ts
+var ITEM_INTERNAL_NAMES = {
+  PLAYCADEMY_CREDITS: "PLAYCADEMY_CREDITS",
+  PLAYCADEMY_XP: "PLAYCADEMY_XP",
+  FOUNDING_MEMBER_BADGE: "FOUNDING_MEMBER_BADGE",
+  EARLY_ADOPTER_BADGE: "EARLY_ADOPTER_BADGE",
+  FIRST_GAME_BADGE: "FIRST_GAME_BADGE",
+  COMMON_SWORD: "COMMON_SWORD",
+  SMALL_HEALTH_POTION: "SMALL_HEALTH_POTION",
+  SMALL_BACKPACK: "SMALL_BACKPACK"
+};
+var CURRENCIES = {
+  PRIMARY: ITEM_INTERNAL_NAMES.PLAYCADEMY_CREDITS,
+  XP: ITEM_INTERNAL_NAMES.PLAYCADEMY_XP
+};
+var BADGES = {
+  FOUNDING_MEMBER: ITEM_INTERNAL_NAMES.FOUNDING_MEMBER_BADGE,
+  EARLY_ADOPTER: ITEM_INTERNAL_NAMES.EARLY_ADOPTER_BADGE,
+  FIRST_GAME: ITEM_INTERNAL_NAMES.FIRST_GAME_BADGE
+};
+
+// ../api-core/src/utils/levels.ts
+var levelConfigCache = null;
+async function getLevelConfig(db, level) {
+  if (level < 1) {
+    throw ApiError.badRequest("Level must be at least 1");
+  }
+  if (levelConfigCache?.has(level)) {
+    return levelConfigCache.get(level) || null;
+  }
+  try {
+    const [config] = await db.select().from(levelConfigs).where(eq(levelConfigs.level, level)).limit(1);
+    if (levelConfigCache && config) {
+      levelConfigCache.set(level, config);
+    }
+    return config || null;
+  } catch (error2) {
+    logger2.error(`Error fetching level config for level ${level}:`, error2);
+    throw ApiError.internal("Internal server error", error2);
+  }
+}
+async function calculateXPToNextLevel(db, currentLevel, currentXp) {
+  try {
+    const nextLevelConfig = await getLevelConfig(db, currentLevel + 1);
+    if (!nextLevelConfig) {
+      return 0;
+    }
+    return Math.max(0, nextLevelConfig.xpRequired - currentXp);
+  } catch (error2) {
+    logger2.error(`Error calculating XP to next level:`, error2);
+    throw ApiError.internal("Internal server error", error2);
+  }
+}
+async function checkLevelUp(tx, currentLevel, newXp) {
+  let level = currentLevel;
+  let remainingXp = newXp;
+  let totalCreditsAwarded = 0;
+  let leveledUp = false;
+  while (true) {
+    if (level >= MAX_LEVEL) {
+      break;
+    }
+    const nextLevelConfig2 = await tx.select().from(levelConfigs).where(eq(levelConfigs.level, level + 1)).limit(1);
+    const [nextLevel2] = nextLevelConfig2;
+    if (!nextLevel2) {
+      break;
+    }
+    if (remainingXp >= nextLevel2.xpRequired) {
+      level += 1;
+      remainingXp -= nextLevel2.xpRequired;
+      totalCreditsAwarded += nextLevel2.creditsReward;
+      leveledUp = true;
+    } else {
+      break;
+    }
+  }
+  const nextLevelConfig = await tx.select().from(levelConfigs).where(eq(levelConfigs.level, level + 1)).limit(1);
+  const [nextLevel] = nextLevelConfig;
+  const xpToNextLevel = nextLevel ? Math.max(0, nextLevel.xpRequired - remainingXp) : 0;
+  return {
+    newLevel: level,
+    remainingXp,
+    leveledUp,
+    creditsAwarded: totalCreditsAwarded,
+    xpToNextLevel
+  };
+}
+
+// ../api-core/src/utils/validation.ts
+function formatValidationErrors(error2) {
+  const flattened = error2.flatten();
+  const fieldErrors = Object.entries(flattened.fieldErrors).map(([field, errors2]) => `${field}: ${errors2?.join(", ") || "Invalid"}`).join("; ");
+  const formErrors = flattened.formErrors.join("; ");
+  const allErrors = [fieldErrors, formErrors].filter(Boolean).join("; ");
+  return allErrors || "Validation failed";
+}
+
+// ../api-core/src/levels/index.ts
+var AddXPSchema = XPActionInputSchema;
+async function getUserLevel(ctx) {
+  const user = ctx.user;
+  if (!user) {
+    throw ApiError.unauthorized("Valid session or bearer token required");
+  }
+  try {
+    const db = getDatabase();
+    let [userLevel] = await db.select().from(userLevels).where(eq(userLevels.userId, user.id)).limit(1);
+    if (!userLevel) {
+      const [newUserLevel] = await db.insert(userLevels).values({
+        userId: user.id,
+        currentLevel: 1,
+        currentXp: 0,
+        totalXP: 0
+      }).returning();
+      if (!newUserLevel) {
+        throw ApiError.internal("Failed to create user level record");
+      }
+      userLevel = newUserLevel;
+    }
+    return userLevel;
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      throw error2;
+    }
+    logger2.error(`Error fetching user level for user ${user.id}:`, error2);
+    throw ApiError.internal("Internal server error", error2);
+  }
+}
+async function addXP(ctx, amount) {
+  const user = ctx.user;
+  if (!user) {
+    throw ApiError.unauthorized("Valid session or bearer token required");
+  }
+  if (amount <= 0) {
+    throw ApiError.badRequest("XP amount must be positive");
+  }
+  try {
+    const db = getDatabase();
+    const result = await db.transaction(async (tx) => {
+      let [userLevel] = await tx.select().from(userLevels).where(eq(userLevels.userId, user.id)).limit(1);
+      if (!userLevel) {
+        const [newUserLevel] = await tx.insert(userLevels).values({
+          userId: user.id,
+          currentLevel: 1,
+          currentXp: 0,
+          totalXP: 0
+        }).returning();
+        if (!newUserLevel) {
+          throw ApiError.internal("Failed to create user level record");
+        }
+        userLevel = newUserLevel;
+      }
+      const newCurrentXp = userLevel.currentXp + amount;
+      const newTotalXP = userLevel.totalXP + amount;
+      const levelUpResult = await checkLevelUp(tx, userLevel.currentLevel, newCurrentXp);
+      const [updatedUserLevel] = await tx.update(userLevels).set({
+        currentLevel: levelUpResult.newLevel,
+        currentXp: levelUpResult.remainingXp,
+        totalXP: newTotalXP,
+        lastLevelUpAt: levelUpResult.leveledUp ? new Date : userLevel.lastLevelUpAt
+      }).where(eq(userLevels.userId, user.id)).returning();
+      if (!updatedUserLevel) {
+        throw ApiError.internal("Failed to update user level");
+      }
+      let creditsAwarded = 0;
+      if (levelUpResult.leveledUp) {
+        const creditsToAward = levelUpResult.creditsAwarded;
+        logger2.debug("User leveled up", {
+          userId: user.id,
+          oldLevel: userLevel.currentLevel,
+          newLevel: levelUpResult.newLevel,
+          xpAdded: amount,
+          totalXP: newTotalXP,
+          creditsAwarded: creditsToAward
+        });
+        if (creditsToAward > 0) {
+          const [creditsItem] = await tx.select({ id: items.id }).from(items).where(eq(items.internalName, CURRENCIES.PRIMARY)).limit(1);
+          if (!creditsItem) {
+            throw ApiError.internal(`${CURRENCIES.PRIMARY} item not found`);
+          }
+          await tx.insert(inventoryItems).values({
+            userId: user.id,
+            itemId: creditsItem.id,
+            quantity: creditsToAward
+          }).onConflictDoUpdate({
+            target: [
+              inventoryItems.userId,
+              inventoryItems.itemId
+            ],
+            set: {
+              quantity: sql`${inventoryItems.quantity} + ${creditsToAward}`
+            }
+          });
+        }
+        creditsAwarded = creditsToAward;
+      } else {
+        logger2.debug("XP added to user", {
+          userId: user.id,
+          level: userLevel.currentLevel,
+          xpAdded: amount,
+          totalXP: newTotalXP
+        });
+      }
+      return {
+        totalXP: newTotalXP,
+        newLevel: levelUpResult.newLevel,
+        leveledUp: levelUpResult.leveledUp,
+        creditsAwarded,
+        xpToNextLevel: levelUpResult.xpToNextLevel
+      };
+    });
+    return result;
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      throw error2;
+    }
+    logger2.error(`Error adding XP for user ${user.id}:`, error2);
+    throw ApiError.internal("Internal server error", error2);
+  }
+}
+async function addXPFromRequest(ctx) {
+  let amount;
+  try {
+    const requestBody = await ctx.request.json();
+    const parsed = AddXPSchema.parse(requestBody);
+    amount = parsed.amount;
+  } catch (error2) {
+    if (error2 instanceof ZodError) {
+      throw ApiError.badRequest(`Validation failed: ${formatValidationErrors(error2)}`);
+    }
+    logger2.error("Failed to parse request body:", error2);
+    throw ApiError.badRequest("Invalid JSON body");
+  }
+  return await addXP(ctx, amount);
+}
+async function getAllLevelConfigs(_ctx) {
+  try {
+    const db = getDatabase();
+    const configs = await db.select().from(levelConfigs).orderBy(levelConfigs.level);
+    return configs;
+  } catch (error2) {
+    logger2.error("Error fetching all level configs:", error2);
+    throw ApiError.internal("Internal server error", error2);
+  }
+}
+async function getUserLevelProgress(ctx) {
+  const userLevel = await getUserLevel(ctx);
+  try {
+    const db = getDatabase();
+    const xpToNextLevel = await calculateXPToNextLevel(db, userLevel.currentLevel, userLevel.currentXp);
+    return {
+      level: userLevel.currentLevel,
+      currentXp: userLevel.currentXp,
+      xpToNextLevel,
+      totalXP: userLevel.totalXP
+    };
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      throw error2;
+    }
+    logger2.error(`Error fetching user level progress:`, error2);
+    throw ApiError.internal("Internal server error", error2);
+  }
+}
+async function getLevelConfigByPath(ctx) {
+  const levelParam = ctx.params.level;
+  if (!levelParam) {
+    throw ApiError.badRequest("Level parameter is required");
+  }
+  const level = parseInt(levelParam, 10);
+  if (isNaN(level) || level < 1) {
+    throw ApiError.badRequest("Level must be a positive integer");
+  }
+  try {
+    const db = getDatabase();
+    return await getLevelConfig(db, level);
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      throw error2;
+    }
+    logger2.error(`Error fetching level config for level ${level}:`, error2);
+    throw ApiError.internal("Internal server error", error2);
+  }
+}
+
 // src/routes/users.ts
 var usersRouter = new Hono2;
 usersRouter.get("/me", async (c2) => {
@@ -75842,18 +76221,66 @@ usersRouter.get("/me", async (c2) => {
     return c2.json({ error: message }, 500);
   }
 });
+usersRouter.get("/level", async (c2) => {
+  const ctx = {
+    user: c2.get("user"),
+    params: {},
+    url: new URL(c2.req.url),
+    request: c2.req.raw
+  };
+  try {
+    const levelData = await getUserLevel(ctx);
+    return c2.json(levelData);
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      return c2.json({ error: error2.message }, error2.statusCode);
+    }
+    console.error("Error in getUserLevel:", error2);
+    const message = error2 instanceof Error ? error2.message : "Internal server error";
+    return c2.json({ error: message }, 500);
+  }
+});
+usersRouter.get("/level/progress", async (c2) => {
+  const ctx = {
+    user: c2.get("user"),
+    params: {},
+    url: new URL(c2.req.url),
+    request: c2.req.raw
+  };
+  try {
+    const progressData = await getUserLevelProgress(ctx);
+    return c2.json(progressData);
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      return c2.json({ error: error2.message }, error2.statusCode);
+    }
+    console.error("Error in getUserLevelProgress:", error2);
+    const message = error2 instanceof Error ? error2.message : "Internal server error";
+    return c2.json({ error: message }, 500);
+  }
+});
+usersRouter.post("/xp/add", async (c2) => {
+  const ctx = {
+    user: c2.get("user"),
+    params: {},
+    url: new URL(c2.req.url),
+    request: c2.req.raw
+  };
+  try {
+    const result = await addXPFromRequest(ctx);
+    return c2.json(result);
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      return c2.json({ error: error2.message }, error2.statusCode);
+    }
+    console.error("Error in addXPFromRequest:", error2);
+    const message = error2 instanceof Error ? error2.message : "Internal server error";
+    return c2.json({ error: message }, 500);
+  }
+});
 // src/routes/health.ts
 var healthRouter = new Hono2;
 healthRouter.get("/", (c2) => c2.json({ status: "ok", timestamp: new Date().toISOString() }));
-// ../api-core/src/utils/validation.ts
-function formatValidationErrors(error2) {
-  const flattened = error2.flatten();
-  const fieldErrors = Object.entries(flattened.fieldErrors).map(([field, errors2]) => `${field}: ${errors2?.join(", ") || "Invalid"}`).join("; ");
-  const formErrors = flattened.formErrors.join("; ");
-  const allErrors = [fieldErrors, formErrors].filter(Boolean).join("; ");
-  return allErrors || "Validation failed";
-}
-
 // ../api-core/src/inventory/index.ts
 async function getUserInventory(ctx) {
   const user = ctx.user;
@@ -80083,6 +80510,46 @@ devRouter.delete("/keys/:keyId", async (c2) => {
     return c2.json({ error: message2 }, 500);
   }
 });
+// src/routes/levels.ts
+var levelsRouter = new Hono2;
+levelsRouter.get("/config", async (c2) => {
+  const ctx = {
+    user: c2.get("user"),
+    params: {},
+    url: new URL(c2.req.url),
+    request: c2.req.raw
+  };
+  try {
+    const configs = await getAllLevelConfigs(ctx);
+    return c2.json(configs);
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      return c2.json({ error: error2.message }, error2.statusCode);
+    }
+    console.error("Error in getAllLevelConfigs:", error2);
+    const message2 = error2 instanceof Error ? error2.message : "Internal server error";
+    return c2.json({ error: message2 }, 500);
+  }
+});
+levelsRouter.get("/config/:level", async (c2) => {
+  const ctx = {
+    user: c2.get("user"),
+    params: { level: c2.req.param("level") },
+    url: new URL(c2.req.url),
+    request: c2.req.raw
+  };
+  try {
+    const config = await getLevelConfigByPath(ctx);
+    return c2.json(config);
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      return c2.json({ error: error2.message }, error2.statusCode);
+    }
+    console.error("Error in getLevelConfigByPath:", error2);
+    const message2 = error2 instanceof Error ? error2.message : "Internal server error";
+    return c2.json({ error: message2 }, 500);
+  }
+});
 // src/server.ts
 async function startServer(options) {
   const { port, verbose, project } = options;
@@ -80109,6 +80576,7 @@ async function startServer(options) {
   app.route("/api/maps", mapsRouter);
   app.route("/api/shop-listings", shopListingsRouter);
   app.route("/api/dev", devRouter);
+  app.route("/api/levels", levelsRouter);
   return serve({ fetch: app.fetch, port });
 }
 var version3 = package_default.version;

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@playcademy/sandbox",
-    "version": "0.1.0-beta.3",
+    "version": "0.1.0-beta.5",
     "description": "Local development server for Playcademy game development",
     "type": "module",
     "exports": {