npm - @questpie/admin - Versions diffs - 0.0.1 → 1.0.0 - Mend

@questpie/admin 0.0.1 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (250) hide show

package/README.md +439 -424
package/dist/auth-layout-M8K8_q5R.mjs +181 -0
package/dist/auth-layout-M8K8_q5R.mjs.map +1 -0
package/dist/bulk-upload-dialog-h7zXD78Y.mjs +274 -0
package/dist/bulk-upload-dialog-h7zXD78Y.mjs.map +1 -0
package/dist/{components/ui/card.mjs → card-BKHjBQfw.mjs} +8 -8
package/dist/card-BKHjBQfw.mjs.map +1 -0
package/dist/client/styles/index.css +434 -0
package/dist/client-BCGpkAz6.mjs +22635 -0
package/dist/client-BCGpkAz6.mjs.map +1 -0
package/dist/client-CcWZbkBP.d.mts +13585 -0
package/dist/client-CcWZbkBP.d.mts.map +1 -0
package/dist/client.d.mts +3 -0
package/dist/client.mjs +14 -0
package/dist/content-locales-provider-BXvuIgfg.mjs +1650 -0
package/dist/content-locales-provider-BXvuIgfg.mjs.map +1 -0
package/dist/dashboard-page-B4PGEdc2.mjs +2500 -0
package/dist/dashboard-page-B4PGEdc2.mjs.map +1 -0
package/dist/dashboard-page-CVlyR40m.mjs +6 -0
package/dist/dropzone-Do3awXKd.mjs +634 -0
package/dist/dropzone-Do3awXKd.mjs.map +1 -0
package/dist/{views/auth/forgot-password-form.mjs → forgot-password-page-Bcp-An4Y.mjs} +87 -14
package/dist/forgot-password-page-Bcp-An4Y.mjs.map +1 -0
package/dist/forgot-password-page-CIILVhfo.mjs +7 -0
package/dist/index-B9Xwk4hi.d.mts +2753 -0
package/dist/index-B9Xwk4hi.d.mts.map +1 -0
package/dist/index.d.mts +3 -0
package/dist/index.mjs +14 -0
package/dist/login-page-8K7fo0qK.mjs +7 -0
package/dist/login-page-CP4gA-dl.mjs +298 -0
package/dist/login-page-CP4gA-dl.mjs.map +1 -0
package/dist/preview-utils-BKQ9-TMa.mjs +65 -0
package/dist/preview-utils-BKQ9-TMa.mjs.map +1 -0
package/dist/{views/auth/reset-password-form.mjs → reset-password-page-BqfDmLxA.mjs} +111 -14
package/dist/reset-password-page-BqfDmLxA.mjs.map +1 -0
package/dist/reset-password-page-DLATv0xQ.mjs +7 -0
package/dist/runtime-6VZM878K.mjs +69 -0
package/dist/runtime-6VZM878K.mjs.map +1 -0
package/dist/saved-views.types-BMsz5mCy.d.mts +42 -0
package/dist/saved-views.types-BMsz5mCy.d.mts.map +1 -0
package/dist/server.d.mts +250 -0
package/dist/server.d.mts.map +1 -0
package/dist/server.mjs +832 -0
package/dist/server.mjs.map +1 -0
package/dist/setup-page-CMZ5P_OE.mjs +6 -0
package/dist/setup-page-YAP_fzqh.mjs +264 -0
package/dist/setup-page-YAP_fzqh.mjs.map +1 -0
package/dist/shared.d.mts +57 -0
package/dist/shared.d.mts.map +1 -0
package/dist/shared.mjs +3 -0
package/dist/{hooks/use-auth.mjs → use-auth-BoLmWtmU.mjs} +42 -30
package/dist/use-auth-BoLmWtmU.mjs.map +1 -0
package/package.json +48 -197
package/.turbo/turbo-build.log +0 -108
package/CHANGELOG.md +0 -10
package/STATUS.md +0 -917
package/VALIDATION.md +0 -602
package/components.json +0 -24
package/dist/__tests__/setup.mjs +0 -38
package/dist/__tests__/test-utils.mjs +0 -45
package/dist/__tests__/vitest.d.mjs +0 -3
package/dist/components/admin-app.mjs +0 -69
package/dist/components/fields/array-field.mjs +0 -190
package/dist/components/fields/checkbox-field.mjs +0 -34
package/dist/components/fields/custom-field.mjs +0 -32
package/dist/components/fields/date-field.mjs +0 -41
package/dist/components/fields/datetime-field.mjs +0 -42
package/dist/components/fields/email-field.mjs +0 -37
package/dist/components/fields/embedded-collection.mjs +0 -253
package/dist/components/fields/field-types.mjs +0 -1
package/dist/components/fields/field-utils.mjs +0 -10
package/dist/components/fields/field-wrapper.mjs +0 -34
package/dist/components/fields/index.mjs +0 -23
package/dist/components/fields/json-field.mjs +0 -243
package/dist/components/fields/locale-badge.mjs +0 -16
package/dist/components/fields/number-field.mjs +0 -39
package/dist/components/fields/password-field.mjs +0 -37
package/dist/components/fields/relation-field.mjs +0 -104
package/dist/components/fields/relation-picker.mjs +0 -229
package/dist/components/fields/relation-select.mjs +0 -188
package/dist/components/fields/rich-text-editor/index.mjs +0 -897
package/dist/components/fields/select-field.mjs +0 -41
package/dist/components/fields/switch-field.mjs +0 -34
package/dist/components/fields/text-field.mjs +0 -38
package/dist/components/fields/textarea-field.mjs +0 -38
package/dist/components/index.mjs +0 -59
package/dist/components/primitives/checkbox-input.mjs +0 -127
package/dist/components/primitives/date-input.mjs +0 -303
package/dist/components/primitives/index.mjs +0 -12
package/dist/components/primitives/number-input.mjs +0 -104
package/dist/components/primitives/select-input.mjs +0 -177
package/dist/components/primitives/tag-input.mjs +0 -135
package/dist/components/primitives/text-input.mjs +0 -39
package/dist/components/primitives/textarea-input.mjs +0 -37
package/dist/components/primitives/toggle-input.mjs +0 -31
package/dist/components/primitives/types.mjs +0 -12
package/dist/components/ui/accordion.mjs +0 -55
package/dist/components/ui/avatar.mjs +0 -54
package/dist/components/ui/badge.mjs +0 -34
package/dist/components/ui/button.mjs +0 -48
package/dist/components/ui/checkbox.mjs +0 -21
package/dist/components/ui/combobox.mjs +0 -163
package/dist/components/ui/dialog.mjs +0 -95
package/dist/components/ui/dropdown-menu.mjs +0 -138
package/dist/components/ui/field.mjs +0 -113
package/dist/components/ui/input-group.mjs +0 -82
package/dist/components/ui/input.mjs +0 -17
package/dist/components/ui/label.mjs +0 -15
package/dist/components/ui/popover.mjs +0 -56
package/dist/components/ui/scroll-area.mjs +0 -38
package/dist/components/ui/select.mjs +0 -100
package/dist/components/ui/separator.mjs +0 -16
package/dist/components/ui/sheet.mjs +0 -90
package/dist/components/ui/sidebar.mjs +0 -387
package/dist/components/ui/skeleton.mjs +0 -14
package/dist/components/ui/spinner.mjs +0 -16
package/dist/components/ui/switch.mjs +0 -22
package/dist/components/ui/table.mjs +0 -68
package/dist/components/ui/tabs.mjs +0 -48
package/dist/components/ui/textarea.mjs +0 -15
package/dist/components/ui/tooltip.mjs +0 -44
package/dist/config/component-registry.mjs +0 -38
package/dist/config/index.mjs +0 -129
package/dist/hooks/admin-provider.mjs +0 -70
package/dist/hooks/index.mjs +0 -7
package/dist/hooks/store.mjs +0 -178
package/dist/hooks/use-collection-db.mjs +0 -146
package/dist/hooks/use-collection.mjs +0 -112
package/dist/hooks/use-global.mjs +0 -46
package/dist/hooks/use-mobile.mjs +0 -20
package/dist/lib/utils.mjs +0 -10
package/dist/styles/index.css +0 -336
package/dist/styles/index.mjs +0 -1
package/dist/utils/index.mjs +0 -9
package/dist/views/auth/auth-layout.mjs +0 -52
package/dist/views/auth/index.mjs +0 -6
package/dist/views/auth/login-form.mjs +0 -156
package/dist/views/collection/auto-form-fields.mjs +0 -525
package/dist/views/collection/collection-form.mjs +0 -91
package/dist/views/collection/collection-list.mjs +0 -76
package/dist/views/collection/form-field.mjs +0 -42
package/dist/views/collection/index.mjs +0 -6
package/dist/views/common/index.mjs +0 -4
package/dist/views/common/locale-switcher.mjs +0 -39
package/dist/views/common/version-history.mjs +0 -272
package/dist/views/index.mjs +0 -9
package/dist/views/layout/admin-layout.mjs +0 -40
package/dist/views/layout/admin-router.mjs +0 -95
package/dist/views/layout/admin-sidebar.mjs +0 -63
package/dist/views/layout/index.mjs +0 -5
package/src/__tests__/setup.ts +0 -44
package/src/__tests__/test-utils.tsx +0 -49
package/src/__tests__/vitest.d.ts +0 -9
package/src/components/admin-app.tsx +0 -221
package/src/components/fields/array-field.tsx +0 -237
package/src/components/fields/checkbox-field.tsx +0 -47
package/src/components/fields/custom-field.tsx +0 -50
package/src/components/fields/date-field.tsx +0 -65
package/src/components/fields/datetime-field.tsx +0 -67
package/src/components/fields/email-field.tsx +0 -51
package/src/components/fields/embedded-collection.tsx +0 -315
package/src/components/fields/field-types.ts +0 -162
package/src/components/fields/field-utils.ts +0 -6
package/src/components/fields/field-wrapper.tsx +0 -52
package/src/components/fields/index.ts +0 -66
package/src/components/fields/json-field.tsx +0 -440
package/src/components/fields/locale-badge.tsx +0 -15
package/src/components/fields/number-field.tsx +0 -57
package/src/components/fields/password-field.tsx +0 -51
package/src/components/fields/relation-field.tsx +0 -243
package/src/components/fields/relation-picker.tsx +0 -402
package/src/components/fields/relation-select.tsx +0 -327
package/src/components/fields/rich-text-editor/index.tsx +0 -1337
package/src/components/fields/select-field.tsx +0 -61
package/src/components/fields/switch-field.tsx +0 -47
package/src/components/fields/text-field.tsx +0 -55
package/src/components/fields/textarea-field.tsx +0 -55
package/src/components/index.ts +0 -40
package/src/components/primitives/checkbox-input.tsx +0 -193
package/src/components/primitives/date-input.tsx +0 -401
package/src/components/primitives/index.ts +0 -24
package/src/components/primitives/number-input.tsx +0 -132
package/src/components/primitives/select-input.tsx +0 -296
package/src/components/primitives/tag-input.tsx +0 -200
package/src/components/primitives/text-input.tsx +0 -49
package/src/components/primitives/textarea-input.tsx +0 -46
package/src/components/primitives/toggle-input.tsx +0 -36
package/src/components/primitives/types.ts +0 -235
package/src/components/ui/accordion.tsx +0 -72
package/src/components/ui/avatar.tsx +0 -106
package/src/components/ui/badge.tsx +0 -48
package/src/components/ui/button.tsx +0 -53
package/src/components/ui/card.tsx +0 -94
package/src/components/ui/checkbox.tsx +0 -27
package/src/components/ui/combobox.tsx +0 -290
package/src/components/ui/dialog.tsx +0 -151
package/src/components/ui/dropdown-menu.tsx +0 -254
package/src/components/ui/field.tsx +0 -227
package/src/components/ui/input-group.tsx +0 -149
package/src/components/ui/input.tsx +0 -20
package/src/components/ui/label.tsx +0 -18
package/src/components/ui/popover.tsx +0 -88
package/src/components/ui/scroll-area.tsx +0 -53
package/src/components/ui/select.tsx +0 -192
package/src/components/ui/separator.tsx +0 -23
package/src/components/ui/sheet.tsx +0 -127
package/src/components/ui/sidebar.tsx +0 -723
package/src/components/ui/skeleton.tsx +0 -13
package/src/components/ui/spinner.tsx +0 -10
package/src/components/ui/switch.tsx +0 -32
package/src/components/ui/table.tsx +0 -99
package/src/components/ui/tabs.tsx +0 -82
package/src/components/ui/textarea.tsx +0 -18
package/src/components/ui/tooltip.tsx +0 -70
package/src/config/component-registry.ts +0 -190
package/src/config/index.ts +0 -1099
package/src/hooks/README.md +0 -269
package/src/hooks/admin-provider.tsx +0 -110
package/src/hooks/index.ts +0 -41
package/src/hooks/store.ts +0 -248
package/src/hooks/use-auth.ts +0 -168
package/src/hooks/use-collection-db.ts +0 -209
package/src/hooks/use-collection.ts +0 -156
package/src/hooks/use-global.ts +0 -69
package/src/hooks/use-mobile.ts +0 -21
package/src/lib/utils.ts +0 -6
package/src/styles/index.css +0 -340
package/src/utils/index.ts +0 -6
package/src/views/auth/auth-layout.tsx +0 -77
package/src/views/auth/forgot-password-form.tsx +0 -192
package/src/views/auth/index.ts +0 -21
package/src/views/auth/login-form.tsx +0 -229
package/src/views/auth/reset-password-form.tsx +0 -232
package/src/views/collection/auto-form-fields.tsx +0 -982
package/src/views/collection/collection-form.tsx +0 -186
package/src/views/collection/collection-list.tsx +0 -223
package/src/views/collection/form-field.tsx +0 -52
package/src/views/collection/index.ts +0 -15
package/src/views/common/index.ts +0 -8
package/src/views/common/locale-switcher.tsx +0 -45
package/src/views/common/version-history.tsx +0 -406
package/src/views/index.ts +0 -25
package/src/views/layout/admin-layout.tsx +0 -117
package/src/views/layout/admin-router.tsx +0 -206
package/src/views/layout/admin-sidebar.tsx +0 -185
package/src/views/layout/index.ts +0 -12
package/tsconfig.json +0 -13
package/tsconfig.tsbuildinfo +0 -1
package/tsdown.config.ts +0 -13
package/vitest.config.ts +0 -29

package/dist/server.mjs ADDED Viewed

@@ -0,0 +1,832 @@
+import { r as getPreviewSecret } from "./preview-utils-BKQ9-TMa.mjs";
+import { z } from "zod";
+import { fn, q, starterModule } from "questpie";
+import { boolean, jsonb, uniqueIndex, varchar } from "drizzle-orm/pg-core";
+import { createHmac, timingSafeEqual } from "node:crypto";
+import { eq, sql } from "drizzle-orm";
+//#region src/server/auth-helpers.ts
+/**
+* Check if user is authenticated with required role on the server.
+* Returns a redirect Response if not authenticated, null if authenticated.
+*
+* Use this in server loaders/middleware to protect routes.
+*
+* @example TanStack Router
+* ```ts
+* export const Route = createFileRoute("/admin")({
+*   beforeLoad: async ({ context }) => {
+*     const redirect = await requireAdminAuth({
+*       request: context.request,
+*       cms,
+*       loginPath: "/admin/login",
+*     });
+*     if (redirect) throw redirect;
+*   },
+* });
+* ```
+*
+* @example Next.js Middleware
+* ```ts
+* export async function middleware(request: NextRequest) {
+*   const redirect = await requireAdminAuth({
+*     request,
+*     cms,
+*     loginPath: "/admin/login",
+*   });
+*   if (redirect) return redirect;
+*   return NextResponse.next();
+* }
+* ```
+*/
+async function requireAdminAuth({ request, cms, loginPath = "/admin/login", requiredRole = "admin", redirectParam = "redirect" }) {
+	if (!cms.auth) {
+		console.warn("requireAdminAuth: Auth not configured on CMS instance");
+		return null;
+	}
+	try {
+		const session = await cms.auth.api.getSession({ headers: request.headers });
+		if (!session || !session.user) {
+			const currentUrl = new URL(request.url);
+			const redirectUrl = new URL(loginPath, currentUrl.origin);
+			redirectUrl.searchParams.set(redirectParam, currentUrl.pathname);
+			return Response.redirect(redirectUrl.toString(), 302);
+		}
+		if (session.user.role !== requiredRole) {
+			const currentUrl = new URL(request.url);
+			const redirectUrl = new URL(loginPath, currentUrl.origin);
+			redirectUrl.searchParams.set(redirectParam, currentUrl.pathname);
+			return Response.redirect(redirectUrl.toString(), 302);
+		}
+		return null;
+	} catch (error) {
+		console.error("requireAdminAuth: Error checking session", error);
+		const currentUrl = new URL(request.url);
+		const redirectUrl = new URL(loginPath, currentUrl.origin);
+		return Response.redirect(redirectUrl.toString(), 302);
+	}
+}
+/**
+* Get the current admin session on the server.
+* Returns null if not authenticated.
+*
+* Use this when you need access to the session data in server code.
+*
+* @example
+* ```ts
+* const session = await getAdminSession({ request, cms });
+* if (!session) {
+*   return redirect("/admin/login");
+* }
+* console.log("User:", session.user.name);
+* ```
+*/
+async function getAdminSession({ request, cms }) {
+	if (!cms.auth) return null;
+	try {
+		const session = await cms.auth.api.getSession({ headers: request.headers });
+		if (!session || !session.user) return null;
+		return session;
+	} catch (error) {
+		console.error("getAdminSession: Error getting session", error);
+		return null;
+	}
+}
+/**
+* Check if the current user has admin role on the server.
+*
+* @example
+* ```ts
+* const isAdmin = await isAdminUser({ request, cms });
+* if (!isAdmin) {
+*   return json({ error: "Unauthorized" }, { status: 403 });
+* }
+* ```
+*/
+async function isAdminUser({ request, cms, requiredRole = "admin" }) {
+	return ((await getAdminSession({
+		request,
+		cms
+	}))?.user)?.role === requiredRole;
+}
+//#endregion
+//#region src/server/adapters/tanstack.ts
+/**
+* Create a TanStack Router beforeLoad guard for admin authentication.
+*
+* Returns a function that can be used as beforeLoad in route definitions.
+* Throws a redirect Response when authentication fails.
+*
+* @example
+* ```ts
+* import { createFileRoute } from "@tanstack/react-router";
+* import { createTanStackAuthGuard } from "@questpie/admin/server/adapters/tanstack";
+* import { cms } from "~/questpie/server/cms";
+*
+* export const Route = createFileRoute("/admin")({
+*   beforeLoad: createTanStackAuthGuard({
+*     cms,
+*     loginPath: "/admin/login",
+*     requiredRole: "admin",
+*   }),
+*   component: AdminLayout,
+* });
+* ```
+*
+* @example With custom context
+* ```ts
+* export const Route = createFileRoute("/admin")({
+*   beforeLoad: async (ctx) => {
+*     // Run auth guard
+*     await createTanStackAuthGuard({ cms })(ctx);
+*
+*     // Add additional context
+*     return { user: ctx.context.user };
+*   },
+* });
+* ```
+*/
+function createTanStackAuthGuard({ cms, loginPath = "/admin/login", requiredRole = "admin", redirectParam = "redirect" }) {
+	return async function beforeLoad({ context }) {
+		const request = context.request;
+		if (!request) {
+			console.warn("createTanStackAuthGuard: No request in context. Make sure you're using TanStack Start with SSR enabled.");
+			return;
+		}
+		const redirect = await requireAdminAuth({
+			request,
+			cms,
+			loginPath,
+			requiredRole,
+			redirectParam
+		});
+		if (redirect) throw redirect;
+	};
+}
+/**
+* Create a TanStack Router loader that injects the admin session into context.
+*
+* Use this when you need access to the session in your components.
+*
+* @example
+* ```ts
+* import { createTanStackSessionLoader } from "@questpie/admin/server/adapters/tanstack";
+*
+* export const Route = createFileRoute("/admin")({
+*   loader: createTanStackSessionLoader({ cms }),
+*   component: AdminLayout,
+* });
+*
+* function AdminLayout() {
+*   const { session } = Route.useLoaderData();
+*   return <div>Hello {session?.user?.name}</div>;
+* }
+* ```
+*/
+function createTanStackSessionLoader({ cms }) {
+	return async function loader({ context }) {
+		const request = context.request;
+		if (!request || !cms.auth) return { session: null };
+		try {
+			return { session: await cms.auth.api.getSession({ headers: request.headers }) ?? null };
+		} catch {
+			return { session: null };
+		}
+	};
+}
+//#endregion
+//#region src/server/adapters/nextjs.ts
+/**
+* Check if a path matches any of the given patterns
+*/
+function pathMatches(pathname, patterns) {
+	return patterns.some((pattern) => pathname === pattern || pathname.startsWith(`${pattern}/`) || pathname.startsWith(pattern));
+}
+/**
+* Create a Next.js middleware for admin authentication.
+*
+* @example
+* ```ts
+* // middleware.ts
+* import { createNextAuthMiddleware } from "@questpie/admin/server/adapters/nextjs";
+* import { cms } from "./questpie/server/cms";
+*
+* export default createNextAuthMiddleware({
+*   cms,
+*   loginPath: "/admin/login",
+* });
+*
+* export const config = {
+*   matcher: ["/admin/:path*"],
+* };
+* ```
+*/
+function createNextAuthMiddleware({ cms, loginPath = "/admin/login", requiredRole = "admin", protectedPaths = ["/admin"], publicPaths = [
+	"/admin/login",
+	"/admin/forgot-password",
+	"/admin/reset-password",
+	"/admin/accept-invite"
+], redirectParam = "redirect" }) {
+	return async function middleware(request) {
+		const pathname = new URL(request.url).pathname;
+		const isProtected = pathMatches(pathname, protectedPaths);
+		const isPublic = pathMatches(pathname, publicPaths);
+		if (!isProtected || isPublic) return new Response(null, {
+			status: 200,
+			headers: { "x-middleware-next": "1" }
+		});
+		const redirect = await requireAdminAuth({
+			request,
+			cms,
+			loginPath,
+			requiredRole,
+			redirectParam
+		});
+		if (redirect) return redirect;
+		return new Response(null, {
+			status: 200,
+			headers: { "x-middleware-next": "1" }
+		});
+	};
+}
+/**
+* Get the admin session in a Next.js server component or API route.
+*
+* @example Server Component
+* ```tsx
+* // app/admin/layout.tsx
+* import { getNextAdminSession } from "@questpie/admin/server/adapters/nextjs";
+* import { headers } from "next/headers";
+* import { cms } from "~/questpie/server/cms";
+*
+* export default async function AdminLayout({ children }) {
+*   const headersList = headers();
+*   const session = await getNextAdminSession({
+*     headers: headersList,
+*     cms,
+*   });
+*
+*   if (!session) {
+*     redirect("/admin/login");
+*   }
+*
+*   return <div>{children}</div>;
+* }
+* ```
+*
+* @example API Route
+* ```ts
+* // app/api/admin/users/route.ts
+* import { getNextAdminSession } from "@questpie/admin/server/adapters/nextjs";
+* import { cms } from "~/questpie/server/cms";
+*
+* export async function GET(request: Request) {
+*   const session = await getNextAdminSession({
+*     headers: request.headers,
+*     cms,
+*   });
+*
+*   if (!session || session.user.role !== "admin") {
+*     return Response.json({ error: "Unauthorized" }, { status: 401 });
+*   }
+*
+*   // ... handle request
+* }
+* ```
+*/
+async function getNextAdminSession({ headers, cms }) {
+	return getAdminSession({
+		request: new Request("http://localhost", { headers }),
+		cms
+	});
+}
+//#endregion
+//#region src/server/modules/admin-preferences/collections/admin-preferences.collection.ts
+/**
+* Admin Preferences Collection
+*
+* Stores user-specific preferences for admin UI state.
+* This includes view configurations (columns, filters, sort)
+* that persist across devices and sessions.
+*
+* Key format: "viewState:{collectionName}" for view state preferences
+*
+* @example
+* ```ts
+* import { adminModule } from "@questpie/admin/server";
+*
+* const cms = q({ name: "my-app" })
+*   .use(adminModule)
+*   .collections({ ... })
+*   .build({ ... });
+*
+* // Access preferences
+* const prefs = await cms.api.collections.admin_preferences.findOne({
+*   where: { userId: currentUser.id, key: "viewState:posts" }
+* });
+* ```
+*/
+const adminPreferencesCollection = q.collection("admin_preferences").fields({
+	userId: varchar("user_id", { length: 255 }).notNull(),
+	key: varchar("key", { length: 255 }).notNull(),
+	value: jsonb("value").notNull()
+}).options({ timestamps: true }).indexes(({ table }) => [uniqueIndex("admin_preferences_user_key_idx").on(table.userId, table.key)]);
+//#endregion
+//#region src/server/modules/admin-preferences/collections/saved-views.collection.ts
+/**
+* Admin Saved Views Collection
+*
+* Stores user-specific view configurations for collection lists.
+* Each view can contain:
+* - Filter rules (field/operator/value combinations)
+* - Sort configuration (field/direction)
+* - Visible columns selection
+*
+* @example
+* ```ts
+* import { adminModule } from "@questpie/admin/server";
+*
+* const cms = q({ name: "my-app" })
+*   .use(starterModule)
+*   .use(adminModule)
+*   .collections({ ... })
+*   .build({ ... });
+*
+* // Access saved views
+* const views = await cms.api.collections.adminSavedViews.find({
+*   where: { collectionName: "posts", userId: currentUser.id }
+* });
+* ```
+*/
+const savedViewsCollection = q.collection("admin_saved_views").fields({
+	userId: varchar("user_id", { length: 255 }).notNull(),
+	collectionName: varchar("collection_name", { length: 255 }).notNull(),
+	name: varchar("name", { length: 255 }).notNull(),
+	configuration: jsonb("configuration").notNull().$type(),
+	isDefault: boolean("is_default").default(false).notNull()
+}).options({ timestamps: true });
+//#endregion
+//#region src/server/modules/admin/functions/locales.ts
+/**
+* Content Locales Functions
+*
+* Functions for retrieving available content locales from the CMS configuration.
+* Used by the admin panel to populate locale switchers and validate locale selection.
+*/
+/**
+* Helper to get typed CMS app from handler context.
+*/
+function getApp$1(ctx) {
+	return ctx.app;
+}
+const getContentLocalesSchema = z.object({}).optional();
+const getContentLocalesOutputSchema = z.object({
+	locales: z.array(z.object({
+		code: z.string(),
+		label: z.string().optional(),
+		fallback: z.boolean().optional(),
+		flagCountryCode: z.string().optional()
+	})),
+	defaultLocale: z.string(),
+	fallbacks: z.record(z.string(), z.string()).optional()
+});
+/**
+* Get available content locales from CMS configuration.
+*
+* Returns the list of available locales for content localization,
+* the default locale, and any fallback mappings.
+*
+* @example
+* ```ts
+* const result = await client.rpc.getContentLocales({});
+* // {
+* //   locales: [
+* //     { code: "en", label: "English", fallback: true },
+* //     { code: "sk", label: "Slovenčina" },
+* //   ],
+* //   defaultLocale: "en",
+* //   fallbacks: { "en-GB": "en" },
+* // }
+* ```
+*/
+const getContentLocales = fn({
+	type: "query",
+	schema: getContentLocalesSchema,
+	outputSchema: getContentLocalesOutputSchema,
+	handler: async (ctx) => {
+		const localeConfig = getApp$1(ctx).config.locale;
+		if (!localeConfig) return {
+			locales: [{
+				code: "en",
+				label: "English",
+				fallback: true
+			}],
+			defaultLocale: "en"
+		};
+		return {
+			locales: (typeof localeConfig.locales === "function" ? await localeConfig.locales() : localeConfig.locales).map((l) => ({
+				code: l.code,
+				label: l.label,
+				fallback: l.fallback,
+				flagCountryCode: l.flagCountryCode
+			})),
+			defaultLocale: localeConfig.defaultLocale,
+			fallbacks: localeConfig.fallbacks
+		};
+	}
+});
+/**
+* Bundle of locale-related functions.
+*/
+const localeFunctions = { getContentLocales };
+//#endregion
+//#region src/server/modules/admin/functions/preview.ts
+/**
+* Preview Functions - Server-side
+*
+* RPC functions for draft mode preview.
+* Handles token minting for secure, shareable preview links.
+*
+* Browser-safe utilities (isDraftMode, createDraftModeCookie, etc.) are in @questpie/admin/shared
+*/
+function base64UrlEncode(input) {
+	return (Buffer.isBuffer(input) ? input : Buffer.from(input)).toString("base64").replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/g, "");
+}
+function base64UrlDecode(input) {
+	let base64 = input.replace(/-/g, "+").replace(/_/g, "/");
+	const padding = base64.length % 4;
+	if (padding) base64 += "=".repeat(4 - padding);
+	return Buffer.from(base64, "base64").toString("utf8");
+}
+const mintPreviewTokenSchema = z.object({
+	path: z.string().min(1, "Path is required"),
+	ttlMs: z.number().positive().optional()
+});
+const mintPreviewTokenOutputSchema = z.object({
+	token: z.string(),
+	expiresAt: z.number()
+});
+const verifyPreviewTokenSchema = z.object({ token: z.string() });
+const verifyPreviewTokenOutputSchema = z.object({
+	valid: z.boolean(),
+	path: z.string().optional(),
+	error: z.string().optional()
+});
+const DEFAULT_TTL_MS = 3600 * 1e3;
+/**
+* Create preview-related RPC functions.
+*
+* @param secret - Secret key for signing tokens
+* @returns Object with preview functions
+*/
+function createPreviewFunctions(secret) {
+	const signPayload = (payload) => {
+		return base64UrlEncode(createHmac("sha256", secret).update(payload).digest());
+	};
+	return {
+		mintPreviewToken: fn({
+			type: "mutation",
+			schema: mintPreviewTokenSchema,
+			outputSchema: mintPreviewTokenOutputSchema,
+			handler: async ({ input, session }) => {
+				if (!session) throw new Error("Unauthorized: Admin session required");
+				const { path, ttlMs = DEFAULT_TTL_MS } = input;
+				const expiresAt = Date.now() + ttlMs;
+				const payload = {
+					path,
+					exp: expiresAt
+				};
+				const encodedPayload = base64UrlEncode(JSON.stringify(payload));
+				return {
+					token: `${encodedPayload}.${signPayload(encodedPayload)}`,
+					expiresAt
+				};
+			}
+		}),
+		verifyPreviewToken: fn({
+			type: "query",
+			schema: verifyPreviewTokenSchema,
+			outputSchema: verifyPreviewTokenOutputSchema,
+			handler: async ({ input }) => {
+				const { token } = input;
+				const [encodedPayload, signature] = token.split(".");
+				if (!encodedPayload || !signature) return {
+					valid: false,
+					error: "Invalid token format"
+				};
+				const expectedSignature = signPayload(encodedPayload);
+				const signatureBuffer = Uint8Array.from(Buffer.from(signature));
+				const expectedBuffer = Uint8Array.from(Buffer.from(expectedSignature));
+				if (signatureBuffer.length !== expectedBuffer.length) return {
+					valid: false,
+					error: "Invalid signature"
+				};
+				if (!timingSafeEqual(signatureBuffer, expectedBuffer)) return {
+					valid: false,
+					error: "Invalid signature"
+				};
+				try {
+					const payload = JSON.parse(base64UrlDecode(encodedPayload));
+					if (!payload?.exp || typeof payload.exp !== "number") return {
+						valid: false,
+						error: "Invalid payload"
+					};
+					if (payload.exp < Date.now()) return {
+						valid: false,
+						error: "Token expired"
+					};
+					if (!payload.path || typeof payload.path !== "string") return {
+						valid: false,
+						error: "Invalid path"
+					};
+					return {
+						valid: true,
+						path: payload.path
+					};
+				} catch {
+					return {
+						valid: false,
+						error: "Invalid payload"
+					};
+				}
+			}
+		})
+	};
+}
+/**
+* Verify a preview token without RPC.
+* Used directly in route handlers where RPC is not available.
+*
+* @param token - The preview token to verify
+* @param secret - The secret used to sign the token
+* @returns The payload if valid, null otherwise
+*/
+function verifyPreviewTokenDirect(token, secret) {
+	const [encodedPayload, signature] = token.split(".");
+	if (!encodedPayload || !signature) return null;
+	const expectedSignature = base64UrlEncode(createHmac("sha256", secret).update(encodedPayload).digest());
+	const signatureBuffer = Uint8Array.from(Buffer.from(signature));
+	const expectedBuffer = Uint8Array.from(Buffer.from(expectedSignature));
+	if (signatureBuffer.length !== expectedBuffer.length) return null;
+	if (!timingSafeEqual(signatureBuffer, expectedBuffer)) return null;
+	try {
+		const payload = JSON.parse(base64UrlDecode(encodedPayload));
+		if (!payload?.exp || typeof payload.exp !== "number") return null;
+		if (payload.exp < Date.now()) return null;
+		if (!payload.path || typeof payload.path !== "string") return null;
+		return payload;
+	} catch {
+		return null;
+	}
+}
+/**
+* Create a preview token verifier with bound secret.
+* Use this in route handlers to avoid passing secret repeatedly.
+*
+* @param secret - The secret used to sign tokens (optional, uses env if not provided)
+* @returns A verify function that only needs the token
+*
+* @example
+* ```ts
+* // Create once at module level
+* const verifyPreviewToken = createPreviewTokenVerifier();
+*
+* // Use in route handler
+* const payload = verifyPreviewToken(token);
+* if (!payload) {
+*   return new Response("Invalid token", { status: 401 });
+* }
+* ```
+*/
+function createPreviewTokenVerifier(secret) {
+	const resolvedSecret = secret ?? getPreviewSecret();
+	return (token) => {
+		return verifyPreviewTokenDirect(token, resolvedSecret);
+	};
+}
+/**
+* Default preview functions bundle with env-based secret.
+* Used by adminModule to register preview RPC functions.
+*/
+const previewFunctions = createPreviewFunctions(getPreviewSecret());
+//#endregion
+//#region src/server/modules/admin/functions/setup.ts
+/**
+* Setup Functions
+*
+* Built-in functions for bootstrapping the first admin user.
+* Solves the chicken-and-egg problem where invitation-based systems
+* need an existing admin to create the first invitation.
+*/
+/**
+* Helper to get typed CMS app from handler context.
+* Used internally for better IDE support without affecting the public API.
+*/
+function getApp(ctx) {
+	return ctx.app;
+}
+const isSetupRequiredSchema = z.object({});
+const isSetupRequiredOutputSchema = z.object({ required: z.boolean() });
+const createFirstAdminSchema = z.object({
+	email: z.string().email("Invalid email address"),
+	password: z.string().min(8, "Password must be at least 8 characters"),
+	name: z.string().min(2, "Name must be at least 2 characters")
+});
+const createFirstAdminOutputSchema = z.object({
+	success: z.boolean(),
+	user: z.object({
+		id: z.string(),
+		email: z.string(),
+		name: z.string()
+	}).optional(),
+	error: z.string().optional()
+});
+/**
+* Check if setup is required (no users exist in the system).
+*
+* @example
+* ```ts
+* const result = await client.rpc.isSetupRequired({});
+* if (result.required) {
+*   // Redirect to setup page
+* }
+* ```
+*/
+const isSetupRequired = fn({
+	type: "query",
+	schema: isSetupRequiredSchema,
+	outputSchema: isSetupRequiredOutputSchema,
+	handler: async (ctx) => {
+		const app = getApp(ctx);
+		const userCollection = app.getCollectionConfig("user");
+		return { required: (await app.db.select({ count: sql`count(*)::int` }).from(userCollection.table))[0].count === 0 };
+	}
+});
+/**
+* Create the first admin user in the system.
+* This function only works when no users exist (setup mode).
+*
+* Security: Once any user exists, this function will refuse to create more users.
+* This prevents unauthorized admin creation after initial setup.
+*
+* @example
+* ```ts
+* const result = await client.rpc.createFirstAdmin({
+*   email: "admin@example.com",
+*   password: "securepassword123",
+*   name: "Admin User",
+* });
+*
+* if (result.success) {
+*   // Redirect to login page
+* } else {
+*   console.error(result.error);
+* }
+* ```
+*/
+const createFirstAdmin = fn({
+	type: "mutation",
+	schema: createFirstAdminSchema,
+	outputSchema: createFirstAdminOutputSchema,
+	handler: async (ctx) => {
+		const app = getApp(ctx);
+		const input = ctx.input;
+		const userCollection = app.getCollectionConfig("user");
+		if ((await app.db.select({ count: sql`count(*)::int` }).from(userCollection.table))[0].count > 0) return {
+			success: false,
+			error: "Setup already completed - users exist in the system"
+		};
+		try {
+			const signUpResult = await app.auth.api.signUpEmail({ body: {
+				email: input.email,
+				password: input.password,
+				name: input.name
+			} });
+			if (!signUpResult.user) return {
+				success: false,
+				error: "Failed to create user account"
+			};
+			await app.db.update(userCollection.table).set({
+				role: "admin",
+				emailVerified: true
+			}).where(eq(userCollection.table.id, signUpResult.user.id));
+			return {
+				success: true,
+				user: {
+					id: signUpResult.user.id,
+					email: signUpResult.user.email,
+					name: signUpResult.user.name
+				}
+			};
+		} catch (error) {
+			return {
+				success: false,
+				error: error instanceof Error ? error.message : "An unexpected error occurred"
+			};
+		}
+	}
+});
+/**
+* Bundle of setup-related functions.
+*/
+const setupFunctions = {
+	isSetupRequired,
+	createFirstAdmin
+};
+//#endregion
+//#region src/server/modules/admin/index.ts
+/**
+* Admin Module
+*
+* Complete backend module for running the QuestPie admin panel.
+* This is the main entry point for setting up the admin backend.
+*
+* Includes:
+* - Auth collections (users, sessions, accounts, verifications, apikeys)
+* - Assets collection with file upload support
+* - Admin saved views collection (named view configurations)
+* - Admin preferences collection (user-specific view state)
+* - Setup functions for bootstrapping first admin
+* - Core auth options (Better Auth configuration)
+*
+* @example
+* ```ts
+* import { q } from "questpie";
+* import { adminModule } from "@questpie/admin/server";
+*
+* const cms = q({ name: "my-app" })
+*   .use(adminModule)
+*   .collections({
+*     posts: postsCollection,
+*   })
+*   .build({
+*     db: { url: process.env.DATABASE_URL },
+*     storage: { driver: s3Driver(...) },
+*   });
+* ```
+*/
+/**
+* Admin Module - the complete backend for QuestPie admin panel.
+*
+* This module provides everything needed to run the admin panel:
+* - User authentication (Better Auth) - from starterModule
+* - File uploads (assets) - from starterModule
+* - Saved views for collection filters (named configurations)
+* - User preferences (view state synced across devices)
+* - Setup flow for first admin creation
+*
+* @example
+* ```ts
+* import { q } from "questpie";
+* import { adminModule } from "@questpie/admin/server";
+*
+* const cms = q({ name: "my-app" })
+*   .use(adminModule)
+*   .collections({
+*     posts: postsCollection,
+*   })
+*   .build({
+*     db: { url: process.env.DATABASE_URL },
+*   });
+* ```
+*
+* @example
+* ```ts
+* // Extend assets collection with custom fields
+* import { q, collection, varchar } from "questpie";
+* import { adminModule } from "@questpie/admin/server";
+*
+* const cms = q({ name: "my-app" })
+*   .use(adminModule)
+*   .collections({
+*     // Override assets with additional fields
+*     assets: adminModule.state.collections.assets.merge(
+*       collection("assets").fields({
+*         folder: varchar("folder", { length: 255 }),
+*         tags: varchar("tags", { length: 1000 }),
+*       })
+*     ),
+*   })
+*   .build({ ... });
+* ```
+*/
+const adminModule = q({ name: "questpie-admin" }).use(starterModule).collections({
+	admin_saved_views: savedViewsCollection,
+	admin_preferences: adminPreferencesCollection
+}).functions({
+	...setupFunctions,
+	...localeFunctions,
+	...previewFunctions
+});
+//#endregion
+export { adminModule, createFirstAdmin, createNextAuthMiddleware, createPreviewFunctions, createPreviewTokenVerifier, createTanStackAuthGuard, createTanStackSessionLoader, getAdminSession, getNextAdminSession, isAdminUser, isSetupRequired, requireAdminAuth, savedViewsCollection, setupFunctions, verifyPreviewTokenDirect };
+//# sourceMappingURL=server.mjs.map