@setzkasten-cms/astro-admin 0.6.0

package/src/api-routes/section-add.ts

@@ -0,0 +1,189 @@
+import type { APIRoute } from 'astro'
+import { resolveStorageConfig, prefixPath } from './_storage-config'
+import { generateAddKey, addToPageConfig } from './section-management'
+
+/**
+ * POST /api/setzkasten/sections/add
+ *
+ * Adds a new section instance to a page:
+ * - Creates content JSON with default values from schema (_sections/{key}.json)
+ * - Appends new entry to the page config (pages/_{pageKey}.json)
+ * - Key auto-generated from type: hero → hero (or hero--2 if taken)
+ *
+ * Body: { pageKey, sectionType, sectionKey? (override), sourcePage? (content seed from another page's section), owner?, repo?, branch?, contentPath? }
+ *
+ * sourcePage: if provided, uses the existing content JSON of that section as seed instead of schema defaults.
+ * The source section key is derived from sectionType (or sectionKey if provided) on the sourcePage.
+ */
+export const POST: APIRoute = async ({ request, cookies }) => {
+  const session = cookies.get('setzkasten_session')?.value
+  if (!session) return new Response('Unauthorized', { status: 401 })
+
+  const githubToken = import.meta.env.GITHUB_TOKEN ?? process.env.GITHUB_TOKEN
+  if (!githubToken) return new Response('GitHub token not configured', { status: 500 })
+
+  try {
+    const body = await request.json() as {
+      pageKey: string
+      sectionType: string
+      sectionKey?: string
+      sourcePage?: string
+      owner?: string
+      repo?: string
+      branch?: string
+      contentPath?: string
+    }
+
+    const storage = resolveStorageConfig(body)
+    if (!storage) return Response.json({ error: 'Could not resolve owner/repo' }, { status: 400 })
+    const { owner, repo, branch, projectPrefix } = storage
+
+    const serverConfig = (globalThis as any).__SETZKASTEN_CONFIG__
+    const fullConfig = (globalThis as any).__SETZKASTEN_FULL_CONFIG__
+    const contentPath = body.contentPath || serverConfig?.storage?.contentPath || 'content'
+    const { pageKey, sectionType, sourcePage } = body
+
+    if (!pageKey || !sectionType) {
+      return Response.json({ error: 'pageKey and sectionType are required' }, { status: 400 })
+    }
+
+    const headers = {
+      Authorization: `Bearer ${githubToken}`,
+      Accept: 'application/vnd.github+json',
+      'X-GitHub-Api-Version': '2022-11-28',
+      'Content-Type': 'application/json',
+    }
+
+    // 1. Read page config
+    // Content paths are relative to repo root — do NOT apply projectPrefix
+    const configKey = '_' + pageKey.replace(/\//g, '_')
+    const pageConfigPath = `${contentPath}/pages/${configKey}.json`
+    const pageConfigRaw = await fetchFileContent(owner, repo, branch, pageConfigPath, githubToken)
+    if (!pageConfigRaw) return Response.json({ error: 'Page config not found' }, { status: 404 })
+
+    const pageConfig = JSON.parse(pageConfigRaw)
+    const existingKeys: string[] = (pageConfig.sections ?? []).map((s: { key: string }) => s.key)
+
+    // 2. Determine key
+    const newKey = body.sectionKey ?? generateAddKey(existingKeys, sectionType)
+    if (existingKeys.includes(newKey)) {
+      return Response.json({ error: `Key "${newKey}" already exists on this page` }, { status: 409 })
+    }
+
+    // 3. Determine initial content: sourcePage seed → schema defaults → empty
+    let defaultContent: Record<string, unknown> = {}
+    if (sourcePage) {
+      // Try to read content from sourcePage's section JSON as seed
+      // Key on sourcePage is either sectionType (first instance) or the explicit sectionKey
+      const sourceKey = sectionType
+      const sourceJsonPath = `${contentPath}/_sections/${sourceKey}.json`
+      const sourceContent = await fetchFileContent(owner, repo, branch, sourceJsonPath, githubToken)
+      if (sourceContent) {
+        try { defaultContent = JSON.parse(sourceContent) } catch { /* fallback to schema */ }
+      }
+    }
+    if (Object.keys(defaultContent).length === 0) {
+      const sectionDef = findSectionDef(fullConfig, sectionType)
+      defaultContent = sectionDef ? buildDefaultContent(sectionDef.fields ?? {}) : {}
+    }
+
+    // 4. Build commit
+    const updatedConfig = addToPageConfig(pageConfig, newKey, sectionType)
+    const sectionJsonPath = `${contentPath}/_sections/${newKey}.json`
+
+    const commitResult = await batchCommit(
+      owner, repo, branch,
+      [
+        { path: pageConfigPath, content: JSON.stringify(updatedConfig, null, 2) },
+        { path: sectionJsonPath, content: JSON.stringify(defaultContent, null, 2) },
+      ],
+      `content: add ${sectionType} section "${newKey}" to ${pageKey}`,
+      headers,
+    )
+
+    if (!commitResult.ok) return Response.json({ error: commitResult.error }, { status: 500 })
+
+    return Response.json({ success: true, newKey, commitSha: commitResult.sha })
+  } catch (error) {
+    console.error('[setzkasten] section-add error:', error)
+    return Response.json(
+      { error: error instanceof Error ? error.message : 'Add section failed' },
+      { status: 500 },
+    )
+  }
+}
+
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+
+function findSectionDef(fullConfig: any, sectionType: string): any {
+  if (!fullConfig?.products) return null
+  for (const product of Object.values(fullConfig.products) as any[]) {
+    if (product?.sections?.[sectionType]) return product.sections[sectionType]
+  }
+  return null
+}
+
+/** Builds a default content object from a field record by extracting defaultValues. */
+function buildDefaultContent(fields: Record<string, any>): Record<string, unknown> {
+  const result: Record<string, unknown> = {}
+  for (const [key, field] of Object.entries(fields)) {
+    if (field.defaultValue !== undefined) {
+      result[key] = field.defaultValue
+    }
+  }
+  return result
+}
+
+async function fetchFileContent(owner: string, repo: string, branch: string, path: string, token: string): Promise<string | null> {
+  try {
+    const res = await fetch(
+      `https://api.github.com/repos/${owner}/${repo}/contents/${path}?ref=${branch}`,
+      { headers: { Authorization: `Bearer ${token}`, Accept: 'application/vnd.github+json', 'X-GitHub-Api-Version': '2022-11-28' } },
+    )
+    if (!res.ok) return null
+    const data = await res.json() as { content: string; encoding: string }
+    return data.encoding === 'base64' ? Buffer.from(data.content, 'base64').toString('utf-8') : data.content
+  } catch { return null }
+}
+
+async function batchCommit(
+  owner: string, repo: string, branch: string,
+  files: Array<{ path: string; content: string }>,
+  message: string,
+  headers: Record<string, string>,
+): Promise<{ ok: true; sha: string } | { ok: false; error: string }> {
+  try {
+    const refRes = await fetch(`https://api.github.com/repos/${owner}/${repo}/git/refs/heads/${branch}`, { headers })
+    if (!refRes.ok) return { ok: false, error: `Failed to get HEAD: ${refRes.status}` }
+    const { object: { sha: headSha } } = await refRes.json() as { object: { sha: string } }
+
+    const commitRes = await fetch(`https://api.github.com/repos/${owner}/${repo}/git/commits/${headSha}`, { headers })
+    if (!commitRes.ok) return { ok: false, error: `Failed to get commit: ${commitRes.status}` }
+    const { tree: { sha: baseSha } } = await commitRes.json() as { tree: { sha: string } }
+
+    const treeRes = await fetch(`https://api.github.com/repos/${owner}/${repo}/git/trees`, {
+      method: 'POST', headers,
+      body: JSON.stringify({ base_tree: baseSha, tree: files.map(f => ({ path: f.path, mode: '100644', type: 'blob', content: f.content })) }),
+    })
+    if (!treeRes.ok) return { ok: false, error: `Failed to create tree: ${treeRes.status}` }
+    const { sha: treeSha } = await treeRes.json() as { sha: string }
+
+    const newCommitRes = await fetch(`https://api.github.com/repos/${owner}/${repo}/git/commits`, {
+      method: 'POST', headers,
+      body: JSON.stringify({ tree: treeSha, parents: [headSha], message }),
+    })
+    if (!newCommitRes.ok) return { ok: false, error: `Failed to create commit: ${newCommitRes.status}` }
+    const { sha: newSha } = await newCommitRes.json() as { sha: string }
+
+    const updateRes = await fetch(`https://api.github.com/repos/${owner}/${repo}/git/refs/heads/${branch}`, {
+      method: 'PATCH', headers, body: JSON.stringify({ sha: newSha }),
+    })
+    if (!updateRes.ok) return { ok: false, error: `Failed to update ref: ${updateRes.status}` }
+
+    return { ok: true, sha: newSha }
+  } catch (error) {
+    return { ok: false, error: error instanceof Error ? error.message : 'Commit failed' }
+  }
+}

package/src/api-routes/section-commit-pending.ts

@@ -0,0 +1,147 @@
+import type { APIRoute } from 'astro'
+import { writeFile } from 'node:fs/promises'
+import { join } from 'node:path'
+import { resolveStorageConfig } from './_storage-config'
+
+/**
+ * POST /api/setzkasten/sections/commit-pending
+ *
+ * Batch-commits all pending (optimistically added) sections in ONE GitHub commit.
+ * This triggers exactly one Vercel build regardless of how many sections were added.
+ *
+ * Body: {
+ *   pageKey: string,
+ *   pageConfig: object,           // full updated page config (already includes pending entries)
+ *   sections: Array<{ key: string, content: Record<string, unknown> }>,
+ *   owner?, repo?, branch?, contentPath?
+ * }
+ */
+export const POST: APIRoute = async ({ request, cookies }) => {
+  const session = cookies.get('setzkasten_session')?.value
+  if (!session) return new Response('Unauthorized', { status: 401 })
+
+  const githubToken = import.meta.env.GITHUB_TOKEN ?? process.env.GITHUB_TOKEN
+  if (!githubToken) return new Response('GitHub token not configured', { status: 500 })
+
+  try {
+    const body = await request.json() as {
+      pageKey: string
+      pageConfig: Record<string, unknown>
+      sections: Array<{ key: string; content: Record<string, unknown> }>
+      edits?: Array<{ key: string; content: Record<string, unknown> }>
+      owner?: string
+      repo?: string
+      branch?: string
+      contentPath?: string
+    }
+
+    const storage = resolveStorageConfig(body)
+    if (!storage) return Response.json({ error: 'Could not resolve owner/repo' }, { status: 400 })
+    const { owner, repo, branch } = storage
+
+    const serverConfig = (globalThis as any).__SETZKASTEN_CONFIG__
+    const contentPath = body.contentPath || serverConfig?.storage?.contentPath || 'content'
+    const { pageKey, pageConfig, sections, edits = [] } = body
+
+    if (!pageKey || !pageConfig || !Array.isArray(sections)) {
+      return Response.json({ error: 'pageKey, pageConfig, and sections are required' }, { status: 400 })
+    }
+
+    const headers = {
+      Authorization: `Bearer ${githubToken}`,
+      Accept: 'application/vnd.github+json',
+      'X-GitHub-Api-Version': '2022-11-28',
+      'Content-Type': 'application/json',
+    }
+
+    // Build all files for the batch commit
+    const configKey = '_' + pageKey.replace(/\//g, '_')
+    const pageConfigPath = `${contentPath}/pages/${configKey}.json`
+
+    const files: Array<{ path: string; content: string }> = [
+      { path: pageConfigPath, content: JSON.stringify(pageConfig, null, 2) },
+      ...sections.map(s => ({
+        path: `${contentPath}/_sections/${s.key}.json`,
+        content: JSON.stringify(s.content, null, 2),
+      })),
+      ...edits.map(s => ({
+        path: `${contentPath}/_sections/${s.key}.json`,
+        content: JSON.stringify(s.content, null, 2),
+      })),
+    ]
+
+    const parts: string[] = []
+    if (sections.length > 0) {
+      const keys = sections.map(s => s.key).join(', ')
+      parts.push(`add ${sections.length} section${sections.length > 1 ? 's' : ''} (${keys})`)
+    }
+    if (edits.length > 0) {
+      const keys = edits.map(s => s.key).join(', ')
+      parts.push(`update ${edits.length} section${edits.length > 1 ? 's' : ''} (${keys})`)
+    }
+    const commitMessage = `content: ${parts.length > 0 ? parts.join(', ') : 'update page config'} on ${pageKey}`
+    const commitResult = await batchCommit(owner, repo, branch, files, commitMessage, headers)
+
+    if (!commitResult.ok) return Response.json({ error: commitResult.error }, { status: 500 })
+
+    // Mirror committed files to local filesystem so the dev-server preview stays in sync.
+    // Without this, the virtual content module (loaded at startup) would show stale data
+    // until the user does a `git pull` + server restart.
+    const repoRoot: string | undefined = serverConfig?.repoRoot
+    if (repoRoot) {
+      await Promise.all(
+        files.map(f => writeFile(join(repoRoot, f.path), f.content, 'utf-8').catch(() => {
+          // Non-fatal: local sync is best-effort (e.g. read-only FS in some CI envs)
+        })),
+      )
+    }
+
+    return Response.json({ success: true, commitSha: commitResult.sha })
+  } catch (error) {
+    console.error('[setzkasten] section-commit-pending error:', error)
+    return Response.json(
+      { error: error instanceof Error ? error.message : 'Commit failed' },
+      { status: 500 },
+    )
+  }
+}
+
+async function batchCommit(
+  owner: string, repo: string, branch: string,
+  files: Array<{ path: string; content: string }>,
+  message: string,
+  headers: Record<string, string>,
+): Promise<{ ok: true; sha: string } | { ok: false; error: string }> {
+  try {
+    const refRes = await fetch(`https://api.github.com/repos/${owner}/${repo}/git/refs/heads/${branch}`, { headers })
+    if (!refRes.ok) return { ok: false, error: `Failed to get HEAD: ${refRes.status}` }
+    const { object: { sha: headSha } } = await refRes.json() as { object: { sha: string } }
+
+    const commitRes = await fetch(`https://api.github.com/repos/${owner}/${repo}/git/commits/${headSha}`, { headers })
+    if (!commitRes.ok) return { ok: false, error: `Failed to get commit: ${commitRes.status}` }
+    const { tree: { sha: baseSha } } = await commitRes.json() as { tree: { sha: string } }
+
+    const treeRes = await fetch(`https://api.github.com/repos/${owner}/${repo}/git/trees`, {
+      method: 'POST', headers,
+      body: JSON.stringify({ base_tree: baseSha, tree: files.map(f => ({ path: f.path, mode: '100644', type: 'blob', content: f.content })) }),
+    })
+    if (!treeRes.ok) return { ok: false, error: `Failed to create tree: ${treeRes.status}` }
+    const { sha: treeSha } = await treeRes.json() as { sha: string }
+
+    const newCommitRes = await fetch(`https://api.github.com/repos/${owner}/${repo}/git/commits`, {
+      method: 'POST', headers,
+      body: JSON.stringify({ tree: treeSha, parents: [headSha], message }),
+    })
+    if (!newCommitRes.ok) return { ok: false, error: `Failed to create commit: ${newCommitRes.status}` }
+    const { sha: newSha } = await newCommitRes.json() as { sha: string }
+
+    const updateRes = await fetch(`https://api.github.com/repos/${owner}/${repo}/git/refs/heads/${branch}`, {
+      method: 'PATCH', headers, body: JSON.stringify({ sha: newSha }),
+    })
+    if (!updateRes.ok) return { ok: false, error: `Failed to update ref: ${updateRes.status}` }
+
+    return { ok: true, sha: newSha }
+  } catch (error) {
+    return { ok: false, error: error instanceof Error ? error.message : 'Commit failed' }
+  }
+}

package/src/api-routes/section-delete.ts

@@ -0,0 +1,141 @@
+import type { APIRoute } from 'astro'
+import { resolveStorageConfig, prefixPath } from './_storage-config'
+import { removeFromPageConfig } from './section-management'
+
+/**
+ * DELETE /api/setzkasten/sections
+ *
+ * Removes a section from a page:
+ * - Deletes the content JSON (_sections/{key}.json)
+ * - Removes the entry from the page config (pages/_{pageKey}.json)
+ * All changes committed as a single batch.
+ *
+ * Body: { pageKey, sectionKey, owner?, repo?, branch?, contentPath? }
+ */
+export const DELETE: APIRoute = async ({ request, cookies }) => {
+  const session = cookies.get('setzkasten_session')?.value
+  if (!session) return new Response('Unauthorized', { status: 401 })
+
+  const githubToken = import.meta.env.GITHUB_TOKEN ?? process.env.GITHUB_TOKEN
+  if (!githubToken) return new Response('GitHub token not configured', { status: 500 })
+
+  try {
+    const body = await request.json() as {
+      pageKey: string
+      sectionKey: string
+      owner?: string
+      repo?: string
+      branch?: string
+      contentPath?: string
+    }
+
+    const storage = resolveStorageConfig(body)
+    if (!storage) return Response.json({ error: 'Could not resolve owner/repo' }, { status: 400 })
+    const { owner, repo, branch, projectPrefix } = storage
+
+    const serverConfig = (globalThis as any).__SETZKASTEN_CONFIG__
+    const contentPath = body.contentPath || serverConfig?.storage?.contentPath || 'content'
+    const { pageKey, sectionKey } = body
+
+    if (!pageKey || !sectionKey) {
+      return Response.json({ error: 'pageKey and sectionKey are required' }, { status: 400 })
+    }
+
+    const headers = {
+      Authorization: `Bearer ${githubToken}`,
+      Accept: 'application/vnd.github+json',
+      'X-GitHub-Api-Version': '2022-11-28',
+      'Content-Type': 'application/json',
+    }
+
+    // 1. Read page config
+    // Content paths are relative to repo root — do NOT apply projectPrefix
+    const configKey = '_' + pageKey.replace(/\//g, '_')
+    const pageConfigPath = `${contentPath}/pages/${configKey}.json`
+    const pageConfigRaw = await fetchFileContent(owner, repo, branch, pageConfigPath, githubToken)
+    if (!pageConfigRaw) return Response.json({ error: 'Page config not found' }, { status: 404 })
+
+    const pageConfig = JSON.parse(pageConfigRaw)
+    const updatedConfig = removeFromPageConfig(pageConfig, sectionKey)
+
+    // 2. Build commit: update page config + delete section JSON
+    const sectionJsonPath = `${contentPath}/_sections/${sectionKey}.json`
+
+    const commitResult = await batchCommitWithDeletions(
+      owner, repo, branch,
+      [{ path: pageConfigPath, content: JSON.stringify(updatedConfig, null, 2) }],
+      [sectionJsonPath],
+      `content: remove ${sectionKey} section from ${pageKey}`,
+      headers,
+    )
+
+    if (!commitResult.ok) return Response.json({ error: commitResult.error }, { status: 500 })
+
+    return Response.json({ success: true, commitSha: commitResult.sha })
+  } catch (error) {
+    console.error('[setzkasten] section-delete error:', error)
+    return Response.json(
+      { error: error instanceof Error ? error.message : 'Delete failed' },
+      { status: 500 },
+    )
+  }
+}
+
+async function fetchFileContent(owner: string, repo: string, branch: string, path: string, token: string): Promise<string | null> {
+  try {
+    const res = await fetch(
+      `https://api.github.com/repos/${owner}/${repo}/contents/${path}?ref=${branch}`,
+      { headers: { Authorization: `Bearer ${token}`, Accept: 'application/vnd.github+json', 'X-GitHub-Api-Version': '2022-11-28' } },
+    )
+    if (!res.ok) return null
+    const data = await res.json() as { content: string; encoding: string }
+    return data.encoding === 'base64' ? Buffer.from(data.content, 'base64').toString('utf-8') : data.content
+  } catch { return null }
+}
+
+async function batchCommitWithDeletions(
+  owner: string, repo: string, branch: string,
+  upserts: Array<{ path: string; content: string }>,
+  deletions: string[],
+  message: string,
+  headers: Record<string, string>,
+): Promise<{ ok: true; sha: string } | { ok: false; error: string }> {
+  try {
+    const refRes = await fetch(`https://api.github.com/repos/${owner}/${repo}/git/refs/heads/${branch}`, { headers })
+    if (!refRes.ok) return { ok: false, error: `Failed to get HEAD: ${refRes.status}` }
+    const { object: { sha: headSha } } = await refRes.json() as { object: { sha: string } }
+
+    const commitRes = await fetch(`https://api.github.com/repos/${owner}/${repo}/git/commits/${headSha}`, { headers })
+    if (!commitRes.ok) return { ok: false, error: `Failed to get commit: ${commitRes.status}` }
+    const { tree: { sha: baseSha } } = await commitRes.json() as { tree: { sha: string } }
+
+    const tree = [
+      ...upserts.map(f => ({ path: f.path, mode: '100644', type: 'blob', content: f.content })),
+      ...deletions.map(path => ({ path, mode: '100644', type: 'blob', sha: null })),
+    ]
+
+    const treeRes = await fetch(`https://api.github.com/repos/${owner}/${repo}/git/trees`, {
+      method: 'POST', headers,
+      body: JSON.stringify({ base_tree: baseSha, tree }),
+    })
+    if (!treeRes.ok) return { ok: false, error: `Failed to create tree: ${treeRes.status}` }
+    const { sha: treeSha } = await treeRes.json() as { sha: string }
+
+    const newCommitRes = await fetch(`https://api.github.com/repos/${owner}/${repo}/git/commits`, {
+      method: 'POST', headers,
+      body: JSON.stringify({ tree: treeSha, parents: [headSha], message }),
+    })
+    if (!newCommitRes.ok) return { ok: false, error: `Failed to create commit: ${newCommitRes.status}` }
+    const { sha: newSha } = await newCommitRes.json() as { sha: string }
+
+    const updateRes = await fetch(`https://api.github.com/repos/${owner}/${repo}/git/refs/heads/${branch}`, {
+      method: 'PATCH', headers,
+      body: JSON.stringify({ sha: newSha }),
+    })
+    if (!updateRes.ok) return { ok: false, error: `Failed to update ref: ${updateRes.status}` }
+
+    return { ok: true, sha: newSha }
+  } catch (error) {
+    return { ok: false, error: error instanceof Error ? error.message : 'Commit failed' }
+  }
+}

package/src/api-routes/section-duplicate.ts

@@ -0,0 +1,144 @@
+import type { APIRoute } from 'astro'
+import { resolveStorageConfig, prefixPath } from './_storage-config'
+import { generateDuplicateKey, duplicateInPageConfig } from './section-management'
+
+/**
+ * POST /api/setzkasten/sections/duplicate
+ *
+ * Duplicates a section within a page:
+ * - Copies the content JSON to a new key (_sections/{newKey}.json)
+ * - Inserts new entry after the original in the page config
+ * - New key is auto-generated: hero → hero--copy → hero--copy2 …
+ *
+ * Body: { pageKey, sectionKey, owner?, repo?, branch?, contentPath? }
+ */
+export const POST: APIRoute = async ({ request, cookies }) => {
+  const session = cookies.get('setzkasten_session')?.value
+  if (!session) return new Response('Unauthorized', { status: 401 })
+
+  const githubToken = import.meta.env.GITHUB_TOKEN ?? process.env.GITHUB_TOKEN
+  if (!githubToken) return new Response('GitHub token not configured', { status: 500 })
+
+  try {
+    const body = await request.json() as {
+      pageKey: string
+      sectionKey: string
+      owner?: string
+      repo?: string
+      branch?: string
+      contentPath?: string
+    }
+
+    const storage = resolveStorageConfig(body)
+    if (!storage) return Response.json({ error: 'Could not resolve owner/repo' }, { status: 400 })
+    const { owner, repo, branch, projectPrefix } = storage
+
+    const serverConfig = (globalThis as any).__SETZKASTEN_CONFIG__
+    const contentPath = body.contentPath || serverConfig?.storage?.contentPath || 'content'
+    const { pageKey, sectionKey } = body
+
+    if (!pageKey || !sectionKey) {
+      return Response.json({ error: 'pageKey and sectionKey are required' }, { status: 400 })
+    }
+
+    const headers = {
+      Authorization: `Bearer ${githubToken}`,
+      Accept: 'application/vnd.github+json',
+      'X-GitHub-Api-Version': '2022-11-28',
+      'Content-Type': 'application/json',
+    }
+
+    // 1. Read page config
+    // Content paths are relative to repo root — do NOT apply projectPrefix
+    const configKey = '_' + pageKey.replace(/\//g, '_')
+    const pageConfigPath = `${contentPath}/pages/${configKey}.json`
+    const pageConfigRaw = await fetchFileContent(owner, repo, branch, pageConfigPath, githubToken)
+    if (!pageConfigRaw) return Response.json({ error: 'Page config not found' }, { status: 404 })
+
+    const pageConfig = JSON.parse(pageConfigRaw)
+
+    // 2. Generate unique duplicate key
+    const existingKeys: string[] = (pageConfig.sections ?? []).map((s: { key: string }) => s.key)
+    const newKey = generateDuplicateKey(existingKeys, sectionKey)
+
+    // 3. Read original section content
+    const originalJsonPath = `${contentPath}/_sections/${sectionKey}.json`
+    const originalContent = await fetchFileContent(owner, repo, branch, originalJsonPath, githubToken)
+
+    // 4. Build commit
+    const updatedConfig = duplicateInPageConfig(pageConfig, sectionKey, newKey)
+    const filesToCommit: Array<{ path: string; content: string }> = [
+      { path: pageConfigPath, content: JSON.stringify(updatedConfig, null, 2) },
+    ]
+
+    if (originalContent) {
+      const copyPath = `${contentPath}/_sections/${newKey}.json`
+      filesToCommit.push({ path: copyPath, content: originalContent })
+    }
+
+    const commitResult = await batchCommit(owner, repo, branch, filesToCommit,
+      `content: duplicate ${sectionKey} → ${newKey} on ${pageKey}`, headers)
+
+    if (!commitResult.ok) return Response.json({ error: commitResult.error }, { status: 500 })
+
+    return Response.json({ success: true, newKey, commitSha: commitResult.sha })
+  } catch (error) {
+    console.error('[setzkasten] section-duplicate error:', error)
+    return Response.json(
+      { error: error instanceof Error ? error.message : 'Duplicate failed' },
+      { status: 500 },
+    )
+  }
+}
+
+async function fetchFileContent(owner: string, repo: string, branch: string, path: string, token: string): Promise<string | null> {
+  try {
+    const res = await fetch(
+      `https://api.github.com/repos/${owner}/${repo}/contents/${path}?ref=${branch}`,
+      { headers: { Authorization: `Bearer ${token}`, Accept: 'application/vnd.github+json', 'X-GitHub-Api-Version': '2022-11-28' } },
+    )
+    if (!res.ok) return null
+    const data = await res.json() as { content: string; encoding: string }
+    return data.encoding === 'base64' ? Buffer.from(data.content, 'base64').toString('utf-8') : data.content
+  } catch { return null }
+}
+
+async function batchCommit(
+  owner: string, repo: string, branch: string,
+  files: Array<{ path: string; content: string }>,
+  message: string,
+  headers: Record<string, string>,
+): Promise<{ ok: true; sha: string } | { ok: false; error: string }> {
+  try {
+    const refRes = await fetch(`https://api.github.com/repos/${owner}/${repo}/git/refs/heads/${branch}`, { headers })
+    if (!refRes.ok) return { ok: false, error: `Failed to get HEAD: ${refRes.status}` }
+    const { object: { sha: headSha } } = await refRes.json() as { object: { sha: string } }
+
+    const commitRes = await fetch(`https://api.github.com/repos/${owner}/${repo}/git/commits/${headSha}`, { headers })
+    if (!commitRes.ok) return { ok: false, error: `Failed to get commit: ${commitRes.status}` }
+    const { tree: { sha: baseSha } } = await commitRes.json() as { tree: { sha: string } }
+
+    const treeRes = await fetch(`https://api.github.com/repos/${owner}/${repo}/git/trees`, {
+      method: 'POST', headers,
+      body: JSON.stringify({ base_tree: baseSha, tree: files.map(f => ({ path: f.path, mode: '100644', type: 'blob', content: f.content })) }),
+    })
+    if (!treeRes.ok) return { ok: false, error: `Failed to create tree: ${treeRes.status}` }
+    const { sha: treeSha } = await treeRes.json() as { sha: string }
+
+    const newCommitRes = await fetch(`https://api.github.com/repos/${owner}/${repo}/git/commits`, {
+      method: 'POST', headers,
+      body: JSON.stringify({ tree: treeSha, parents: [headSha], message }),
+    })
+    if (!newCommitRes.ok) return { ok: false, error: `Failed to create commit: ${newCommitRes.status}` }
+    const { sha: newSha } = await newCommitRes.json() as { sha: string }
+
+    const updateRes = await fetch(`https://api.github.com/repos/${owner}/${repo}/git/refs/heads/${branch}`, {
+      method: 'PATCH', headers, body: JSON.stringify({ sha: newSha }),
+    })
+    if (!updateRes.ok) return { ok: false, error: `Failed to update ref: ${updateRes.status}` }
+
+    return { ok: true, sha: newSha }
+  } catch (error) {
+    return { ok: false, error: error instanceof Error ? error.message : 'Commit failed' }
+  }
+}