@playcademy/vite-plugin 0.2.1 → 0.2.2-alpha.1

package/dist/index.js

@@ -176083,6 +176083,21 @@ async function mintGameJwt(gameId, userId) {
   const token = await signJwt({ uid: userId }, "game", expirationTimeSeconds, gameId);
   return { token, exp: expirationTimestampMillis };
 }
+async function mintRealtimeJwt(userId, gameId, username, role) {
+  const payload = {
+    sub: userId
+  };
+  if (gameId) {
+    payload.gameId = gameId;
+  }
+  if (username) {
+    payload.username = username;
+  }
+  if (role) {
+    payload.role = role;
+  }
+  return await signJwt(payload, "realtime", "30m");
+}
 function formatValidationErrors(error2) {
   const flattened = error2.flatten();
   const fieldErrors = Object.entries(flattened.fieldErrors).map(([field, errors2]) => `${field}: ${errors2?.join(", ") || "Invalid"}`).join("; ");
@@ -186438,6 +186453,55 @@ async function verifyGameAccessBySlug(slug2, user) {
 function getGameWorkerApiKeyName(slug2) {
   return `game-worker-${slug2}`.substring(0, 32);
 }
+var import_client_s32 = __toESM2(require_dist_cjs81(), 1);
+function getSecretsConfig() {
+  const bucketName = process.env.GAME_SECRETS_BUCKET;
+  const masterKey = process.env.GAME_SECRETS_MASTER_KEY;
+  if (!bucketName || !masterKey) {
+    throw new Error("Secrets storage not configured");
+  }
+  const accessKeyId = process.env.CLOUDFLARE_R2_ACCESS_KEY_ID;
+  const secretAccessKey = process.env.CLOUDFLARE_R2_SECRET_ACCESS_KEY;
+  const endpoint = process.env.CLOUDFLARE_R2_DEFAULT_ENDPOINT;
+  if (!accessKeyId || !secretAccessKey || !endpoint) {
+    throw new Error("R2 credentials not configured");
+  }
+  return {
+    bucketName,
+    credentials: {
+      accessKeyId,
+      secretAccessKey,
+      endpoint
+    },
+    masterKey
+  };
+}
+function getSecretsKey(gameId) {
+  return `${gameId}.json.enc`;
+}
+function createR2Client(config2) {
+  return new import_client_s32.S3Client({
+    region: "auto",
+    endpoint: config2.credentials.endpoint,
+    credentials: {
+      accessKeyId: config2.credentials.accessKeyId,
+      secretAccessKey: config2.credentials.secretAccessKey
+    }
+  });
+}
+async function deleteSecrets(gameId, config2) {
+  const client = createR2Client(config2);
+  const key = getSecretsKey(gameId);
+  try {
+    await client.send(new import_client_s32.DeleteObjectCommand({
+      Bucket: config2.bucketName,
+      Key: key
+    }));
+  } catch (error2) {
+    log2.error("[SecretsStorage] Failed to delete secrets", { gameId, error: error2 });
+    throw new Error(`Failed to delete secrets for game ${gameId}`);
+  }
+}
 async function seedAchievements(db) {
   const now2 = new Date;
   for (const def of ACHIEVEMENT_DEFINITIONS) {
@@ -186477,6 +186541,29 @@ async function seedCurrencies(db) {
     });
   }
 }
+var customLogger;
+function setLogger(logger3) {
+  customLogger = logger3;
+}
+function getLogger() {
+  if (customLogger) {
+    return customLogger;
+  }
+  return {
+    info: (msg) => console.log(msg),
+    warn: (msg) => console.warn(msg),
+    error: (msg) => console.error(msg)
+  };
+}
+var logger3 = {
+  info: (msg) => {
+    if (customLogger || !config.embedded) {
+      getLogger().info(msg);
+    }
+  },
+  warn: (msg) => getLogger().warn(msg),
+  error: (msg) => getLogger().error(msg)
+};
 function generateMockStudentId(userId) {
   return `mock-student-${userId.slice(-8)}`;
 }
@@ -186538,7 +186625,7 @@ async function seedCoreGames(db) {
     try {
       await db.insert(games).values(gameData).onConflictDoNothing();
     } catch (error2) {
-      console.error(`Error seeding core game '${gameData.slug}':`, error2);
+      logger3.error(`Error seeding core game '${gameData.slug}': ${error2}`);
     }
   }
 }
@@ -186579,7 +186666,7 @@ async function seedCurrentProjectGame(db, project) {
     }
     return newGame;
   } catch (error2) {
-    console.error("❌ Error seeding project game:", error2);
+    logger3.error(`❌ Error seeding project game: ${error2}`);
     throw error2;
   }
 }
@@ -186696,10 +186783,6 @@ async function setupServerDatabase(processedOptions, project) {
   return db;
 }
 var import_json_colorizer = __toESM2(require_dist22(), 1);
-var customLogger;
-function setLogger(logger3) {
-  customLogger = logger3;
-}
 function processServerOptions(_port, options) {
   const {
     verbose = false,
@@ -186824,6 +186907,8 @@ manifestRouter.get("/", async (c3) => {
       { method: "GET", url: `${baseUrl}/api/notifications/stats/:userId` },
       { method: "POST", url: `${baseUrl}/api/notifications/deliver` },
       { method: "POST", url: `${baseUrl}/api/timeback/populate-student` },
+      { method: "GET", url: `${baseUrl}/api/timeback/user` },
+      { method: "GET", url: `${baseUrl}/api/timeback/user/:timebackId` },
       { method: "GET", url: `${baseUrl}/api/timeback/xp/today` },
       { method: "PUT", url: `${baseUrl}/api/timeback/xp/today` },
       { method: "GET", url: `${baseUrl}/api/timeback/xp/total` },
@@ -192046,6 +192131,10 @@ async function getMockTimebackData(db, timebackId, gameId) {
   });
   return { id: timebackId, role, enrollments, organizations };
 }
+async function getMockTimebackUser(db, gameId) {
+  const timebackId = config.timeback.timebackId || "mock-student-00000001";
+  return getMockTimebackData(db, timebackId, gameId);
+}
 async function buildMockUserResponse(db, user, gameId) {
   const timeback3 = user.timebackId ? await getMockTimebackData(db, user.timebackId, gameId) : undefined;
   if (gameId) {
@@ -192174,55 +192263,6 @@ usersRouter.all("/", async (c3) => {
   const error2 = ApiError.methodNotAllowed("Method not allowed");
   return c3.json(createErrorResponse(error2), 405);
 });
-var import_client_s32 = __toESM2(require_dist_cjs81(), 1);
-function getSecretsConfig() {
-  const bucketName = process.env.GAME_SECRETS_BUCKET;
-  const masterKey = process.env.GAME_SECRETS_MASTER_KEY;
-  if (!bucketName || !masterKey) {
-    throw new Error("Secrets storage not configured");
-  }
-  const accessKeyId = process.env.CLOUDFLARE_R2_ACCESS_KEY_ID;
-  const secretAccessKey = process.env.CLOUDFLARE_R2_SECRET_ACCESS_KEY;
-  const endpoint = process.env.CLOUDFLARE_R2_DEFAULT_ENDPOINT;
-  if (!accessKeyId || !secretAccessKey || !endpoint) {
-    throw new Error("R2 credentials not configured");
-  }
-  return {
-    bucketName,
-    credentials: {
-      accessKeyId,
-      secretAccessKey,
-      endpoint
-    },
-    masterKey
-  };
-}
-function getSecretsKey(gameId) {
-  return `${gameId}.json.enc`;
-}
-function createR2Client(config2) {
-  return new import_client_s32.S3Client({
-    region: "auto",
-    endpoint: config2.credentials.endpoint,
-    credentials: {
-      accessKeyId: config2.credentials.accessKeyId,
-      secretAccessKey: config2.credentials.secretAccessKey
-    }
-  });
-}
-async function deleteSecrets(gameId, config2) {
-  const client = createR2Client(config2);
-  const key = getSecretsKey(gameId);
-  try {
-    await client.send(new import_client_s32.DeleteObjectCommand({
-      Bucket: config2.bucketName,
-      Key: key
-    }));
-  } catch (error2) {
-    log2.error("[SecretsStorage] Failed to delete secrets", { gameId, error: error2 });
-    throw new Error(`Failed to delete secrets for game ${gameId}`);
-  }
-}
 function assertError(err2) {
   if (!isError(err2)) {
     throw new Error("Parameter was not an error");
@@ -196725,7 +196765,7 @@ async function deliverNotifications(ctx) {
   if (!user) {
     throw ApiError.unauthorized("Must be logged in to deliver notifications");
   }
-  log2.info("[API] Delivering pending notifications", {
+  log2.debug("[API] Delivering pending notifications", {
     userId: user.id
   });
   try {
@@ -196831,6 +196871,56 @@ notificationsRouter.post("/deliver", async (c3) => {
     return c3.json(createUnknownErrorResponse(error2), 500);
   }
 });
+async function generateRealtimeToken(ctx) {
+  const user = ctx.user;
+  const gameId = ctx.params?.gameId;
+  log2.debug("[API] generating realtime token", {
+    userId: user?.id || "anonymous",
+    gameId: gameId || "none"
+  });
+  if (!user) {
+    throw ApiError.unauthorized("Valid session or bearer token required");
+  }
+  try {
+    if (gameId) {
+      const db = getDatabase();
+      const game = await db.query.games.findFirst({
+        where: eq(games.id, gameId),
+        columns: { id: true }
+      });
+      if (!game) {
+        throw ApiError.notFound("Game not found");
+      }
+    }
+    const displayName = user.username || (user.name ? user.name.split(" ")[0] : undefined) || undefined;
+    const token2 = await mintRealtimeJwt(user.id, gameId, displayName, user.role || undefined);
+    return { token: token2 };
+  } catch (error2) {
+    if (error2 instanceof ApiError)
+      throw error2;
+    log2.error("[API /realtime/token] Failed to generate realtime token:", { error: error2 });
+    throw ApiError.internal("Internal server error", error2);
+  }
+}
+var realtimeRouter = new Hono2;
+realtimeRouter.post("/token", async (c3) => {
+  const ctx = {
+    user: c3.get("user"),
+    params: {},
+    url: new URL(c3.req.url),
+    request: c3.req.raw
+  };
+  try {
+    const result = await generateRealtimeToken(ctx);
+    return c3.json(result);
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      return c3.json(createErrorResponse(error2), error2.statusCode);
+    }
+    console.error("Error in realtime/token:", error2);
+    return c3.json(createUnknownErrorResponse(error2), 500);
+  }
+});
 function isTimebackApiError(error2) {
   return typeof error2 === "object" && error2 !== null && "name" in error2 && error2.name === "TimebackApiError" && "status" in error2 && "details" in error2;
 }
@@ -197360,23 +197450,58 @@ async function getTimeBackXpHistory(ctx) {
     throw ApiError.internal("Failed to get TimeBack XP history", error2);
   }
 }
-async function getStudentEnrollments(ctx) {
+async function getTimebackUser(ctx) {
+  const user = ctx.user;
+  if (!user) {
+    throw ApiError.unauthorized("Must be logged in to get timeback data");
+  }
+  const db = getDatabase();
+  const userData = await db.query.users.findFirst({
+    where: eq(users.id, user.id)
+  });
+  if (!userData) {
+    throw ApiError.notFound("User not found");
+  }
+  if (!userData.timebackId) {
+    throw ApiError.notFound("User does not have a TimeBack account");
+  }
+  log2.debug("[API] Getting timeback user data", {
+    userId: user.id,
+    timebackId: userData.timebackId,
+    gameId: ctx.gameId
+  });
+  const timeback3 = await fetchUserTimebackData(userData.timebackId, ctx.gameId);
+  log2.info("[API] Retrieved timeback user data", {
+    userId: user.id,
+    timebackId: userData.timebackId,
+    role: timeback3.role,
+    enrollmentCount: timeback3.enrollments.length,
+    organizationCount: timeback3.organizations.length
+  });
+  return timeback3;
+}
+async function getTimebackUserById(ctx) {
   const user = ctx.user;
   if (!user) {
-    throw ApiError.unauthorized("Must be logged in to get enrollments");
+    throw ApiError.unauthorized("Must be logged in to get timeback data");
   }
   const timebackId = ctx.params.timebackId;
   if (!timebackId) {
     throw ApiError.badRequest("Missing timebackId parameter");
   }
-  log2.debug("[API] Getting student enrollments", { userId: user.id, timebackId });
-  const enrollments = await fetchEnrollmentsFromEduBridge(timebackId);
-  log2.info("[API] Retrieved student enrollments", {
-    userId: user.id,
+  log2.debug("[API] Getting timeback user by ID", {
+    requesterId: user.id,
+    timebackId
+  });
+  const timeback3 = await fetchUserTimebackData(timebackId);
+  log2.info("[API] Retrieved timeback user by ID", {
+    requesterId: user.id,
     timebackId,
-    enrollmentCount: enrollments.length
+    role: timeback3.role,
+    enrollmentCount: timeback3.enrollments.length,
+    organizationCount: timeback3.organizations.length
   });
-  return { enrollments };
+  return timeback3;
 }
 var timebackRouter = new Hono2;
 timebackRouter.post("/populate-student", async (c3) => {
@@ -197568,32 +197693,62 @@ timebackRouter.post("/end-activity", async (c3) => {
     return c3.json(createUnknownErrorResponse(error2), 500);
   }
 });
-timebackRouter.get("/enrollments/:timebackId", async (c3) => {
+timebackRouter.get("/user", async (c3) => {
+  const user2 = c3.get("user");
+  const gameId = c3.get("gameId");
+  if (!user2) {
+    const error2 = ApiError.unauthorized("Must be logged in to get timeback data");
+    return c3.json(createErrorResponse(error2), error2.statusCode);
+  }
+  try {
+    if (shouldMockTimeback()) {
+      const db = c3.get("db");
+      const timeback3 = await getMockTimebackUser(db, gameId);
+      return c3.json(timeback3);
+    }
+    const ctx = {
+      user: user2,
+      params: {},
+      url: new URL(c3.req.url),
+      request: c3.req.raw,
+      gameId
+    };
+    const result = await getTimebackUser(ctx);
+    return c3.json(result);
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      return c3.json(createErrorResponse(error2), error2.statusCode);
+    }
+    console.error("Error in getTimebackUser:", error2);
+    return c3.json(createUnknownErrorResponse(error2), 500);
+  }
+});
+timebackRouter.get("/user/:timebackId", async (c3) => {
   const timebackId = c3.req.param("timebackId");
-  const user = c3.get("user");
-  if (!user) {
-    const error2 = ApiError.unauthorized("Must be logged in to get enrollments");
+  const user2 = c3.get("user");
+  if (!user2) {
+    const error2 = ApiError.unauthorized("Must be logged in to get timeback data");
     return c3.json(createErrorResponse(error2), error2.statusCode);
   }
   try {
     if (shouldMockTimeback()) {
       const db = c3.get("db");
-      const enrollments2 = await getMockEnrollments(db);
-      return c3.json({ enrollments: enrollments2 });
+      const timeback3 = await getMockTimebackUser(db);
+      return c3.json(timeback3);
     }
     const ctx = {
-      user,
+      user: user2,
       params: { timebackId },
       url: new URL(c3.req.url),
       request: c3.req.raw
     };
-    const result = await getStudentEnrollments(ctx);
+    const result = await getTimebackUserById(ctx);
     return c3.json(result);
   } catch (error2) {
     if (error2 instanceof ApiError) {
       return c3.json(createErrorResponse(error2), error2.statusCode);
     }
-    console.error("Error in getStudentEnrollments:", error2);
+    console.error("Error in getTimebackUserById:", error2);
     return c3.json(createUnknownErrorResponse(error2), 500);
   }
 });
@@ -197628,29 +197783,29 @@ async function provisionUserFromLti(claims) {
     where: and(eq(accounts.accountId, ltiTimebackId), eq(accounts.providerId, providerId))
   });
   if (existingAccount) {
-    const user2 = await db.query.users.findFirst({
+    const user3 = await db.query.users.findFirst({
       where: eq(users.id, existingAccount.userId)
     });
-    if (user2) {
+    if (user3) {
       log2.info("[lti-timeback] Found existing user by LTI account linkage", {
-        userId: user2.id,
+        userId: user3.id,
         ltiTimebackId
       });
-      return user2;
+      return user3;
     }
   }
-  const user = await db.query.users.findFirst({
+  const user2 = await db.query.users.findFirst({
     where: eq(users.email, email)
   });
-  if (user) {
+  if (user2) {
     await db.transaction(async (tx) => {
       const existingLtiAccount = await tx.query.accounts.findFirst({
-        where: and(eq(accounts.userId, user.id), eq(accounts.providerId, providerId))
+        where: and(eq(accounts.userId, user2.id), eq(accounts.providerId, providerId))
       });
       if (!existingLtiAccount) {
         await tx.insert(accounts).values({
           id: crypto7.randomUUID(),
-          userId: user.id,
+          userId: user2.id,
           accountId: ltiTimebackId,
           providerId,
           accessToken: null,
@@ -197661,14 +197816,14 @@ async function provisionUserFromLti(claims) {
           updatedAt: new Date
         });
         log2.info("[lti-timeback] Linked existing user to LTI provider", {
-          userId: user.id,
-          email: user.email,
+          userId: user2.id,
+          email: user2.email,
           ltiTimebackId,
           note: "User may have different TimeBack ID from OAuth flow"
         });
       }
     });
-    return user;
+    return user2;
   }
   const newUserId = crypto7.randomUUID();
   const createdUser = await db.transaction(async (tx) => {
@@ -197711,10 +197866,10 @@ async function processLtiLaunch(idToken) {
   try {
     const claims = await verifyLtiToken(idToken);
     validateLtiClaims(claims);
-    const user = await provisionUserFromLti(claims);
+    const user2 = await provisionUserFromLti(claims);
     const targetUri = claims["https://purl.imsglobal.org/spec/lti/claim/target_link_uri"];
     return {
-      user,
+      user: user2,
       targetUri,
       claims
     };
@@ -197734,45 +197889,45 @@ async function processTimeBackLtiLaunch(ctx) {
   }
   const currentHost = ctx.url.hostname;
   const launchResult = await processLtiLaunch(idToken);
-  const { user, targetUri, claims } = launchResult;
+  const { user: user2, targetUri, claims } = launchResult;
   log2.info("[lti-timeback] User roles", {
-    userId: user.id,
+    userId: user2.id,
     isLearner: LtiRoleChecks.isLearner(claims),
     isInstructor: LtiRoleChecks.isInstructor(claims),
     isAdministrator: LtiRoleChecks.isAdministrator(claims),
     allRoles: claims["https://purl.imsglobal.org/spec/lti/claim/roles"]
   });
-  const sessionToken = await createLtiSession(user.id);
+  const sessionToken = await createLtiSession(user2.id);
   const redirectPath = extractRedirectPath(targetUri, currentHost);
   log2.info("[lti-timeback] LTI launch successful", {
-    userId: user.id,
+    userId: user2.id,
     redirectPath
   });
   return {
-    user,
+    user: user2,
     redirectPath,
     sessionToken
   };
 }
 async function getTimeBackLtiStatus(ctx) {
-  const user = ctx.user;
-  if (!user) {
+  const user2 = ctx.user;
+  if (!user2) {
     throw ApiError.unauthorized("Must be logged in");
   }
   const db = getDatabase();
   const ltiAccount = await db.query.accounts.findFirst({
-    where: and(eq(accounts.userId, user.id), eq(accounts.providerId, AUTH_PROVIDER_IDS.TIMEBACK_LTI))
+    where: and(eq(accounts.userId, user2.id), eq(accounts.providerId, AUTH_PROVIDER_IDS.TIMEBACK_LTI))
   });
   const oauthAccount = await db.query.accounts.findFirst({
-    where: and(eq(accounts.userId, user.id), eq(accounts.providerId, AUTH_PROVIDER_IDS.TIMEBACK))
+    where: and(eq(accounts.userId, user2.id), eq(accounts.providerId, AUTH_PROVIDER_IDS.TIMEBACK))
   });
   return {
     hasLtiAccount: !!ltiAccount,
     ltiTimebackId: ltiAccount?.accountId || undefined,
     hasOAuthAccount: !!oauthAccount,
-    oauthTimebackId: oauthAccount?.accountId || user.timebackId || undefined,
-    email: user.email,
-    userId: user.id
+    oauthTimebackId: oauthAccount?.accountId || user2.timebackId || undefined,
+    email: user2.email,
+    userId: user2.id
   };
 }
 var ltiRouter = new Hono2;
@@ -197809,20 +197964,20 @@ ltiRouter.all("/launch", async (c3) => {
   }
 });
 ltiRouter.get("/status", async (c3) => {
-  let user = undefined;
+  let user2 = undefined;
   const authHeader = c3.req.header("Authorization");
   if (authHeader?.startsWith("Bearer ")) {
     const token2 = authHeader.substring(7);
     const demoUser = DEMO_TOKENS[token2];
     if (demoUser) {
       const db = c3.get("db");
-      user = await db.query.users.findFirst({
+      user2 = await db.query.users.findFirst({
         where: eq(users.id, demoUser.id)
       });
     }
   }
   const ctx = {
-    user,
+    user: user2,
     params: {},
     url: new URL(c3.req.url),
     request: c3.req.raw
@@ -197856,6 +198011,7 @@ function registerRoutes(app) {
   app.route("/api/sprites", spriteRouter);
   app.route("/api/achievements", achievementsRouter);
   app.route("/api/notifications", notificationsRouter);
+  app.route("/api/realtime", realtimeRouter);
   app.route("/api/dev", devRouter);
   app.route("/api/timeback", timebackRouter);
   app.route("/api/lti", ltiRouter);
@@ -198752,7 +198908,7 @@ var import_picocolors11 = __toESM(require_picocolors(), 1);
 // package.json
 var package_default2 = {
   name: "@playcademy/vite-plugin",
-  version: "0.2.1",
+  version: "0.2.2-alpha.1",
   type: "module",
   exports: {
     ".": {
@@ -198771,7 +198927,6 @@ var package_default2 = {
     pub: "bun publish.ts"
   },
   dependencies: {
-    "@playcademy/utils": "workspace:*",
     archiver: "^7.0.1",
     picocolors: "^1.1.1",
     playcademy: "workspace:*"
@@ -198779,6 +198934,7 @@ var package_default2 = {
   devDependencies: {
     "@inquirer/prompts": "^7.8.6",
     "@playcademy/sandbox": "workspace:*",
+    "@playcademy/utils": "workspace:*",
     "@types/archiver": "^6.0.3",
     "@types/bun": "latest"
   },

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@playcademy/vite-plugin",
-    "version": "0.2.1",
+    "version": "0.2.2-alpha.1",
     "type": "module",
     "exports": {
         ".": {
@@ -19,14 +19,14 @@
         "pub": "bun publish.ts"
     },
     "dependencies": {
-        "@playcademy/utils": "0.0.1",
         "archiver": "^7.0.1",
         "picocolors": "^1.1.1",
-        "playcademy": "0.14.27"
+        "playcademy": "0.14.28"
     },
     "devDependencies": {
         "@inquirer/prompts": "^7.8.6",
         "@playcademy/sandbox": "0.3.6",
+        "@playcademy/utils": "0.0.1",
         "@types/archiver": "^6.0.3",
         "@types/bun": "latest"
     },