npm - @sonicjs-cms/core - Versions diffs - 2.13.0 → 2.14.0 - Mend

@sonicjs-cms/core 2.13.0 → 2.14.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (45) hide show

package/dist/{chunk-IYFSNRZN.js → chunk-23DP6TO5.js} +13 -10
package/dist/chunk-23DP6TO5.js.map +1 -0
package/dist/{chunk-DB2GJJTM.js → chunk-AFGOH2F6.js} +3 -3
package/dist/{chunk-DB2GJJTM.js.map → chunk-AFGOH2F6.js.map} +1 -1
package/dist/{chunk-HVTSE2SF.cjs → chunk-DRWSHIFG.cjs} +102 -99
package/dist/chunk-DRWSHIFG.cjs.map +1 -0
package/dist/{chunk-CO4B5EYF.js → chunk-GAVTTYMC.js} +3 -3
package/dist/{chunk-CO4B5EYF.js.map → chunk-GAVTTYMC.js.map} +1 -1
package/dist/{chunk-3VAKUFNQ.js → chunk-JKNKO6LA.js} +22 -5
package/dist/chunk-JKNKO6LA.js.map +1 -0
package/dist/{chunk-SER23XI4.cjs → chunk-KZ2MFGET.cjs} +22 -5
package/dist/chunk-KZ2MFGET.cjs.map +1 -0
package/dist/{chunk-XCP5GCBE.cjs → chunk-YULUPQZV.cjs} +3 -3
package/dist/{chunk-XCP5GCBE.cjs.map → chunk-YULUPQZV.cjs.map} +1 -1
package/dist/{chunk-EGUDIX6Q.cjs → chunk-YYMPHM3I.cjs} +4 -4
package/dist/{chunk-EGUDIX6Q.cjs.map → chunk-YYMPHM3I.cjs.map} +1 -1
package/dist/index.cjs +853 -99
package/dist/index.cjs.map +1 -1
package/dist/index.d.cts +2 -2
package/dist/index.d.ts +2 -2
package/dist/index.js +763 -9
package/dist/index.js.map +1 -1
package/dist/middleware.cjs +28 -28
package/dist/middleware.js +2 -2
package/dist/migrations-F7KVA74T.cjs +13 -0
package/dist/{migrations-GMHTJI7D.cjs.map → migrations-F7KVA74T.cjs.map} +1 -1
package/dist/migrations-WKONKRN7.js +4 -0
package/dist/{migrations-IVFIDOSO.js.map → migrations-WKONKRN7.js.map} +1 -1
package/dist/{plugin-bootstrap-DVGLQrcO.d.cts → plugin-bootstrap-BGwBraaN.d.cts} +1 -0
package/dist/{plugin-bootstrap-CZ1GDum7.d.ts → plugin-bootstrap-Drns7X9w.d.ts} +1 -0
package/dist/routes.cjs +27 -27
package/dist/routes.js +4 -4
package/dist/services.cjs +2 -2
package/dist/services.d.cts +1 -1
package/dist/services.d.ts +1 -1
package/dist/services.js +1 -1
package/dist/utils.cjs +11 -11
package/dist/utils.js +1 -1
package/package.json +1 -1
package/dist/chunk-3VAKUFNQ.js.map +0 -1
package/dist/chunk-HVTSE2SF.cjs.map +0 -1
package/dist/chunk-IYFSNRZN.js.map +0 -1
package/dist/chunk-SER23XI4.cjs.map +0 -1
package/dist/migrations-GMHTJI7D.cjs +0 -13
package/dist/migrations-IVFIDOSO.js +0 -4

package/dist/{chunk-HVTSE2SF.cjs → chunk-DRWSHIFG.cjs} RENAMED Viewed

@@ -1,12 +1,12 @@
 'use strict';
 var chunkNZWFCUDA_cjs = require('./chunk-NZWFCUDA.cjs');
-var chunkEGUDIX6Q_cjs = require('./chunk-EGUDIX6Q.cjs');
+var chunkYYMPHM3I_cjs = require('./chunk-YYMPHM3I.cjs');
 var chunkI6FFGQIT_cjs = require('./chunk-I6FFGQIT.cjs');
-var chunkSER23XI4_cjs = require('./chunk-SER23XI4.cjs');
+var chunkKZ2MFGET_cjs = require('./chunk-KZ2MFGET.cjs');
 var chunkQP3OHHON_cjs = require('./chunk-QP3OHHON.cjs');
 var chunk6FHNRRJ3_cjs = require('./chunk-6FHNRRJ3.cjs');
-var chunkXCP5GCBE_cjs = require('./chunk-XCP5GCBE.cjs');
+var chunkYULUPQZV_cjs = require('./chunk-YULUPQZV.cjs');
 var chunkRCQ2HIQD_cjs = require('./chunk-RCQ2HIQD.cjs');
 var chunkMNWKYY5E_cjs = require('./chunk-MNWKYY5E.cjs');
 var hono = require('hono');
@@ -188,7 +188,7 @@ apiContentCrudRoutes.get("/:id", async (c) => {
     }, 500);
   }
 });
-apiContentCrudRoutes.post("/", chunkEGUDIX6Q_cjs.requireAuth(), chunkEGUDIX6Q_cjs.requireRole(["admin", "editor", "author"]), async (c) => {
+apiContentCrudRoutes.post("/", chunkYYMPHM3I_cjs.requireAuth(), chunkYYMPHM3I_cjs.requireRole(["admin", "editor", "author"]), async (c) => {
   try {
     const db = c.env.DB;
     const user = c.get("user");
@@ -254,7 +254,7 @@ apiContentCrudRoutes.post("/", chunkEGUDIX6Q_cjs.requireAuth(), chunkEGUDIX6Q_cj
     }, 500);
   }
 });
-apiContentCrudRoutes.put("/:id", chunkEGUDIX6Q_cjs.requireAuth(), chunkEGUDIX6Q_cjs.requireRole(["admin", "editor", "author"]), async (c) => {
+apiContentCrudRoutes.put("/:id", chunkYYMPHM3I_cjs.requireAuth(), chunkYYMPHM3I_cjs.requireRole(["admin", "editor", "author"]), async (c) => {
   try {
     const id = c.req.param("id");
     const db = c.env.DB;
@@ -318,7 +318,7 @@ apiContentCrudRoutes.put("/:id", chunkEGUDIX6Q_cjs.requireAuth(), chunkEGUDIX6Q_
     }, 500);
   }
 });
-apiContentCrudRoutes.delete("/:id", chunkEGUDIX6Q_cjs.requireAuth(), chunkEGUDIX6Q_cjs.requireRole(["admin", "editor", "author"]), async (c) => {
+apiContentCrudRoutes.delete("/:id", chunkYYMPHM3I_cjs.requireAuth(), chunkYYMPHM3I_cjs.requireRole(["admin", "editor", "author"]), async (c) => {
   try {
     const id = c.req.param("id");
     const db = c.env.DB;
@@ -354,7 +354,7 @@ apiRoutes.use("*", async (c, next) => {
   c.header("X-Response-Time", `${totalTime}ms`);
 });
 apiRoutes.use("*", async (c, next) => {
-  const cacheEnabled = await chunkEGUDIX6Q_cjs.isPluginActive(c.env.DB, "core-cache");
+  const cacheEnabled = await chunkYYMPHM3I_cjs.isPluginActive(c.env.DB, "core-cache");
   c.set("cacheEnabled", cacheEnabled);
   await next();
 });
@@ -845,7 +845,7 @@ apiRoutes.get("/collections", async (c) => {
     return c.json({ error: "Failed to fetch collections" }, 500);
   }
 });
-apiRoutes.get("/content", chunkEGUDIX6Q_cjs.optionalAuth(), async (c) => {
+apiRoutes.get("/content", chunkYYMPHM3I_cjs.optionalAuth(), async (c) => {
   const executionStart = Date.now();
   try {
     const db = c.env.DB;
@@ -868,13 +868,13 @@ apiRoutes.get("/content", chunkEGUDIX6Q_cjs.optionalAuth(), async (c) => {
         });
       }
     }
-    const filter = chunkXCP5GCBE_cjs.QueryFilterBuilder.parseFromQuery(queryParams);
+    const filter = chunkYULUPQZV_cjs.QueryFilterBuilder.parseFromQuery(queryParams);
     const normalizedFilter = normalizePublicContentFilter(filter, c.get("user")?.role);
     if (!normalizedFilter.limit) {
       normalizedFilter.limit = 50;
     }
     normalizedFilter.limit = Math.min(normalizedFilter.limit, 1e3);
-    const builder3 = new chunkXCP5GCBE_cjs.QueryFilterBuilder();
+    const builder3 = new chunkYULUPQZV_cjs.QueryFilterBuilder();
     const queryResult = builder3.build("content", normalizedFilter);
     if (queryResult.errors.length > 0) {
       return c.json({
@@ -946,7 +946,7 @@ apiRoutes.get("/content", chunkEGUDIX6Q_cjs.optionalAuth(), async (c) => {
     }, 500);
   }
 });
-apiRoutes.get("/collections/:collection/content", chunkEGUDIX6Q_cjs.optionalAuth(), async (c) => {
+apiRoutes.get("/collections/:collection/content", chunkYYMPHM3I_cjs.optionalAuth(), async (c) => {
   const executionStart = Date.now();
   try {
     const collection = c.req.param("collection");
@@ -957,7 +957,7 @@ apiRoutes.get("/collections/:collection/content", chunkEGUDIX6Q_cjs.optionalAuth
     if (!collectionResult) {
       return c.json({ error: "Collection not found" }, 404);
     }
-    const filter = chunkXCP5GCBE_cjs.QueryFilterBuilder.parseFromQuery(queryParams);
+    const filter = chunkYULUPQZV_cjs.QueryFilterBuilder.parseFromQuery(queryParams);
     const normalizedFilter = normalizePublicContentFilter(filter, c.get("user")?.role);
     if (!normalizedFilter.where) {
       normalizedFilter.where = { and: [] };
@@ -974,7 +974,7 @@ apiRoutes.get("/collections/:collection/content", chunkEGUDIX6Q_cjs.optionalAuth
       normalizedFilter.limit = 50;
     }
     normalizedFilter.limit = Math.min(normalizedFilter.limit, 1e3);
-    const builder3 = new chunkXCP5GCBE_cjs.QueryFilterBuilder();
+    const builder3 = new chunkYULUPQZV_cjs.QueryFilterBuilder();
     const queryResult = builder3.build("content", normalizedFilter);
     if (queryResult.errors.length > 0) {
       return c.json({
@@ -1095,7 +1095,7 @@ var fileValidationSchema = zod.z.object({
   // 50MB max
 });
 var apiMediaRoutes = new hono.Hono();
-apiMediaRoutes.use("*", chunkEGUDIX6Q_cjs.requireAuth());
+apiMediaRoutes.use("*", chunkYYMPHM3I_cjs.requireAuth());
 apiMediaRoutes.post("/upload", async (c) => {
   try {
     const user = c.get("user");
@@ -1839,8 +1839,8 @@ apiSystemRoutes.get("/env", (c) => {
 });
 var api_system_default = apiSystemRoutes;
 var adminApiRoutes = new hono.Hono();
-adminApiRoutes.use("*", chunkEGUDIX6Q_cjs.requireAuth());
-adminApiRoutes.use("*", chunkEGUDIX6Q_cjs.requireRole(["admin", "editor"]));
+adminApiRoutes.use("*", chunkYYMPHM3I_cjs.requireAuth());
+adminApiRoutes.use("*", chunkYYMPHM3I_cjs.requireRole(["admin", "editor"]));
 adminApiRoutes.get("/stats", async (c) => {
   try {
     const db = c.env.DB;
@@ -2352,7 +2352,7 @@ adminApiRoutes.delete("/collections/:id", async (c) => {
 });
 adminApiRoutes.get("/migrations/status", async (c) => {
   try {
-    const { MigrationService: MigrationService2 } = await import('./migrations-GMHTJI7D.cjs');
+    const { MigrationService: MigrationService2 } = await import('./migrations-F7KVA74T.cjs');
     const db = c.env.DB;
     const migrationService = new MigrationService2(db);
     const status = await migrationService.getMigrationStatus();
@@ -2377,26 +2377,29 @@ adminApiRoutes.post("/migrations/run", async (c) => {
         error: "Unauthorized. Admin access required."
       }, 403);
     }
-    const { MigrationService: MigrationService2 } = await import('./migrations-GMHTJI7D.cjs');
+    const { MigrationService: MigrationService2 } = await import('./migrations-F7KVA74T.cjs');
     const db = c.env.DB;
     const migrationService = new MigrationService2(db);
     const result = await migrationService.runPendingMigrations();
     return c.json({
       success: result.success,
       message: result.message,
-      applied: result.applied
+      applied: result.applied,
+      errors: result.errors
     });
   } catch (error) {
     console.error("Error running migrations:", error);
+    const errorMessage = error instanceof Error ? error.message : String(error);
     return c.json({
       success: false,
-      error: "Failed to run migrations"
+      error: `Failed to run migrations: ${errorMessage}`,
+      errors: [errorMessage]
     }, 500);
   }
 });
 adminApiRoutes.get("/migrations/validate", async (c) => {
   try {
-    const { MigrationService: MigrationService2 } = await import('./migrations-GMHTJI7D.cjs');
+    const { MigrationService: MigrationService2 } = await import('./migrations-F7KVA74T.cjs');
     const db = c.env.DB;
     const migrationService = new MigrationService2(db);
     const validation = await migrationService.validateSchema();
@@ -5149,7 +5152,7 @@ var JWT_SECRET_FALLBACK = "your-super-secret-jwt-key-change-in-production";
 async function setCsrfCookie(c) {
   const secret = c.env?.JWT_SECRET || JWT_SECRET_FALLBACK;
   const isDev = c.env?.ENVIRONMENT === "development" || !c.env?.ENVIRONMENT;
-  const csrfToken = await chunkEGUDIX6Q_cjs.generateCsrfToken(secret);
+  const csrfToken = await chunkYYMPHM3I_cjs.generateCsrfToken(secret);
   cookie.setCookie(c, "csrf_token", csrfToken, {
     httpOnly: false,
     secure: !isDev,
@@ -5206,7 +5209,7 @@ var loginSchema = zod.z.object({
 });
 authRoutes.post(
   "/register",
-  chunkEGUDIX6Q_cjs.rateLimit({ max: 30, windowMs: 60 * 1e3, keyPrefix: "register" }),
+  chunkYYMPHM3I_cjs.rateLimit({ max: 30, windowMs: 60 * 1e3, keyPrefix: "register" }),
   async (c) => {
     try {
       const db = c.env.DB;
@@ -5243,7 +5246,7 @@ authRoutes.post(
       if (existingUser) {
         return c.json({ error: "User with this email or username already exists" }, 400);
       }
-      const passwordHash = await chunkEGUDIX6Q_cjs.AuthManager.hashPassword(password);
+      const passwordHash = await chunkYYMPHM3I_cjs.AuthManager.hashPassword(password);
       const userId = crypto.randomUUID();
       const now = /* @__PURE__ */ new Date();
       await db.prepare(`
@@ -5277,7 +5280,7 @@ authRoutes.post(
           await saveCustomData(db, userId, sanitized);
         }
       }
-      const token = await chunkEGUDIX6Q_cjs.AuthManager.generateToken(userId, normalizedEmail, "viewer", c.env.JWT_SECRET);
+      const token = await chunkYYMPHM3I_cjs.AuthManager.generateToken(userId, normalizedEmail, "viewer", c.env.JWT_SECRET);
       cookie.setCookie(c, "auth_token", token, {
         httpOnly: true,
         secure: true,
@@ -5311,7 +5314,7 @@ authRoutes.post(
 );
 authRoutes.post(
   "/login",
-  chunkEGUDIX6Q_cjs.rateLimit({ max: 30, windowMs: 60 * 1e3, keyPrefix: "login" }),
+  chunkYYMPHM3I_cjs.rateLimit({ max: 30, windowMs: 60 * 1e3, keyPrefix: "login" }),
   async (c) => {
     try {
       const body = await c.req.json();
@@ -5334,19 +5337,19 @@ authRoutes.post(
       if (!user) {
         return c.json({ error: "Invalid email or password" }, 401);
       }
-      const isValidPassword = await chunkEGUDIX6Q_cjs.AuthManager.verifyPassword(password, user.password_hash);
+      const isValidPassword = await chunkYYMPHM3I_cjs.AuthManager.verifyPassword(password, user.password_hash);
       if (!isValidPassword) {
         return c.json({ error: "Invalid email or password" }, 401);
       }
-      if (chunkEGUDIX6Q_cjs.AuthManager.isLegacyHash(user.password_hash)) {
+      if (chunkYYMPHM3I_cjs.AuthManager.isLegacyHash(user.password_hash)) {
         try {
-          const newHash = await chunkEGUDIX6Q_cjs.AuthManager.hashPassword(password);
+          const newHash = await chunkYYMPHM3I_cjs.AuthManager.hashPassword(password);
           await db.prepare("UPDATE users SET password_hash = ?, updated_at = ? WHERE id = ?").bind(newHash, Date.now(), user.id).run();
         } catch (rehashError) {
           console.error("Password rehash failed (non-fatal):", rehashError);
         }
       }
-      const token = await chunkEGUDIX6Q_cjs.AuthManager.generateToken(user.id, user.email, user.role, c.env.JWT_SECRET);
+      const token = await chunkYYMPHM3I_cjs.AuthManager.generateToken(user.id, user.email, user.role, c.env.JWT_SECRET);
       cookie.setCookie(c, "auth_token", token, {
         httpOnly: true,
         secure: true,
@@ -5399,7 +5402,7 @@ authRoutes.get("/logout", (c) => {
   clearCsrfCookie(c);
   return c.redirect("/auth/login?message=You have been logged out successfully");
 });
-authRoutes.get("/me", chunkEGUDIX6Q_cjs.requireAuth(), async (c) => {
+authRoutes.get("/me", chunkYYMPHM3I_cjs.requireAuth(), async (c) => {
   try {
     const user = c.get("user");
     if (!user) {
@@ -5416,13 +5419,13 @@ authRoutes.get("/me", chunkEGUDIX6Q_cjs.requireAuth(), async (c) => {
     return c.json({ error: "Failed to get user" }, 500);
   }
 });
-authRoutes.post("/refresh", chunkEGUDIX6Q_cjs.requireAuth(), async (c) => {
+authRoutes.post("/refresh", chunkYYMPHM3I_cjs.requireAuth(), async (c) => {
   try {
     const user = c.get("user");
     if (!user) {
       return c.json({ error: "Not authenticated" }, 401);
     }
-    const token = await chunkEGUDIX6Q_cjs.AuthManager.generateToken(user.userId, user.email, user.role, c.env.JWT_SECRET);
+    const token = await chunkYYMPHM3I_cjs.AuthManager.generateToken(user.userId, user.email, user.role, c.env.JWT_SECRET);
     cookie.setCookie(c, "auth_token", token, {
       httpOnly: true,
       secure: true,
@@ -5439,7 +5442,7 @@ authRoutes.post("/refresh", chunkEGUDIX6Q_cjs.requireAuth(), async (c) => {
 });
 authRoutes.post(
   "/register/form",
-  chunkEGUDIX6Q_cjs.rateLimit({ max: 30, windowMs: 60 * 1e3, keyPrefix: "register" }),
+  chunkYYMPHM3I_cjs.rateLimit({ max: 30, windowMs: 60 * 1e3, keyPrefix: "register" }),
   async (c) => {
     try {
       const db = c.env.DB;
@@ -5486,7 +5489,7 @@ authRoutes.post(
         </div>
       `);
       }
-      const passwordHash = await chunkEGUDIX6Q_cjs.AuthManager.hashPassword(password);
+      const passwordHash = await chunkYYMPHM3I_cjs.AuthManager.hashPassword(password);
       const role = isFirstUser ? "admin" : "viewer";
       const userId = crypto.randomUUID();
       const now = /* @__PURE__ */ new Date();
@@ -5521,7 +5524,7 @@ authRoutes.post(
           await saveCustomData(db, userId, sanitized);
         }
       }
-      const token = await chunkEGUDIX6Q_cjs.AuthManager.generateToken(userId, normalizedEmail, role, c.env.JWT_SECRET);
+      const token = await chunkYYMPHM3I_cjs.AuthManager.generateToken(userId, normalizedEmail, role, c.env.JWT_SECRET);
       cookie.setCookie(c, "auth_token", token, {
         httpOnly: true,
         secure: false,
@@ -5554,7 +5557,7 @@ authRoutes.post(
 );
 authRoutes.post(
   "/login/form",
-  chunkEGUDIX6Q_cjs.rateLimit({ max: 30, windowMs: 60 * 1e3, keyPrefix: "login" }),
+  chunkYYMPHM3I_cjs.rateLimit({ max: 30, windowMs: 60 * 1e3, keyPrefix: "login" }),
   async (c) => {
     try {
       const formData = await c.req.formData();
@@ -5578,7 +5581,7 @@ authRoutes.post(
         </div>
       `);
       }
-      const isValidPassword = await chunkEGUDIX6Q_cjs.AuthManager.verifyPassword(password, user.password_hash);
+      const isValidPassword = await chunkYYMPHM3I_cjs.AuthManager.verifyPassword(password, user.password_hash);
       if (!isValidPassword) {
         return c.html(html.html`
         <div class="bg-red-100 border border-red-400 text-red-700 px-4 py-3 rounded">
@@ -5586,15 +5589,15 @@ authRoutes.post(
         </div>
       `);
       }
-      if (chunkEGUDIX6Q_cjs.AuthManager.isLegacyHash(user.password_hash)) {
+      if (chunkYYMPHM3I_cjs.AuthManager.isLegacyHash(user.password_hash)) {
         try {
-          const newHash = await chunkEGUDIX6Q_cjs.AuthManager.hashPassword(password);
+          const newHash = await chunkYYMPHM3I_cjs.AuthManager.hashPassword(password);
           await db.prepare("UPDATE users SET password_hash = ?, updated_at = ? WHERE id = ?").bind(newHash, Date.now(), user.id).run();
         } catch (rehashError) {
           console.error("Password rehash failed (non-fatal):", rehashError);
         }
       }
-      const token = await chunkEGUDIX6Q_cjs.AuthManager.generateToken(user.id, user.email, user.role, c.env.JWT_SECRET);
+      const token = await chunkYYMPHM3I_cjs.AuthManager.generateToken(user.id, user.email, user.role, c.env.JWT_SECRET);
       cookie.setCookie(c, "auth_token", token, {
         httpOnly: true,
         secure: false,
@@ -5636,7 +5639,7 @@ authRoutes.post(
 );
 authRoutes.post(
   "/seed-admin",
-  chunkEGUDIX6Q_cjs.rateLimit({ max: 10, windowMs: 60 * 1e3, keyPrefix: "seed-admin" }),
+  chunkYYMPHM3I_cjs.rateLimit({ max: 10, windowMs: 60 * 1e3, keyPrefix: "seed-admin" }),
   async (c) => {
     try {
       const db = c.env.DB;
@@ -5658,7 +5661,7 @@ authRoutes.post(
     `).run();
       const existingAdmin = await db.prepare("SELECT id FROM users WHERE email = ? OR username = ?").bind("admin@sonicjs.com", "admin").first();
       if (existingAdmin) {
-        const passwordHash2 = await chunkEGUDIX6Q_cjs.AuthManager.hashPassword("sonicjs!");
+        const passwordHash2 = await chunkYYMPHM3I_cjs.AuthManager.hashPassword("sonicjs!");
         await db.prepare("UPDATE users SET password_hash = ?, updated_at = ? WHERE id = ?").bind(passwordHash2, Date.now(), existingAdmin.id).run();
         return c.json({
           message: "Admin user already exists (password updated)",
@@ -5670,7 +5673,7 @@ authRoutes.post(
           }
         });
       }
-      const passwordHash = await chunkEGUDIX6Q_cjs.AuthManager.hashPassword("sonicjs!");
+      const passwordHash = await chunkYYMPHM3I_cjs.AuthManager.hashPassword("sonicjs!");
       const userId = "admin-user-id";
       const now = Date.now();
       const adminEmail = "admin@sonicjs.com".toLowerCase();
@@ -5891,7 +5894,7 @@ authRoutes.post("/accept-invitation", async (c) => {
     if (existingUsername) {
       return c.json({ error: "Username is already taken" }, 400);
     }
-    const passwordHash = await chunkEGUDIX6Q_cjs.AuthManager.hashPassword(password);
+    const passwordHash = await chunkYYMPHM3I_cjs.AuthManager.hashPassword(password);
     const updateStmt = db.prepare(`
       UPDATE users SET
         username = ?,
@@ -5910,7 +5913,7 @@ authRoutes.post("/accept-invitation", async (c) => {
       Date.now(),
       invitedUser.id
     ).run();
-    const authToken = await chunkEGUDIX6Q_cjs.AuthManager.generateToken(invitedUser.id, invitedUser.email, invitedUser.role, c.env.JWT_SECRET);
+    const authToken = await chunkYYMPHM3I_cjs.AuthManager.generateToken(invitedUser.id, invitedUser.email, invitedUser.role, c.env.JWT_SECRET);
     cookie.setCookie(c, "auth_token", authToken, {
       httpOnly: true,
       secure: true,
@@ -5927,7 +5930,7 @@ authRoutes.post("/accept-invitation", async (c) => {
 });
 authRoutes.post(
   "/request-password-reset",
-  chunkEGUDIX6Q_cjs.rateLimit({ max: 3, windowMs: 15 * 60 * 1e3, keyPrefix: "password-reset" }),
+  chunkYYMPHM3I_cjs.rateLimit({ max: 3, windowMs: 15 * 60 * 1e3, keyPrefix: "password-reset" }),
   async (c) => {
     try {
       const formData = await c.req.formData();
@@ -6145,7 +6148,7 @@ authRoutes.post("/reset-password", async (c) => {
     if (Date.now() > user.password_reset_expires) {
       return c.json({ error: "Reset token has expired" }, 400);
     }
-    const newPasswordHash = await chunkEGUDIX6Q_cjs.AuthManager.hashPassword(password);
+    const newPasswordHash = await chunkYYMPHM3I_cjs.AuthManager.hashPassword(password);
     try {
       const historyStmt = db.prepare(`
         INSERT INTO password_history (id, user_id, password_hash, created_at)
@@ -9521,9 +9524,9 @@ function parseFieldValue(field, formData, options = {}) {
   const { skipValidation = false } = options;
   const value = formData.get(field.field_name);
   const errors = [];
-  const blocksConfig = chunkXCP5GCBE_cjs.getBlocksFieldConfig(field.field_options);
+  const blocksConfig = chunkYULUPQZV_cjs.getBlocksFieldConfig(field.field_options);
   if (blocksConfig) {
-    const parsed = chunkXCP5GCBE_cjs.parseBlocksValue(value, blocksConfig);
+    const parsed = chunkYULUPQZV_cjs.parseBlocksValue(value, blocksConfig);
     if (!skipValidation && field.is_required && parsed.value.length === 0) {
       parsed.errors.push(`${field.field_label} is required`);
     }
@@ -9633,7 +9636,7 @@ function extractFieldData(fields, formData, options = {}) {
   }
   return { data, errors };
 }
-adminContentRoutes.use("*", chunkEGUDIX6Q_cjs.requireAuth());
+adminContentRoutes.use("*", chunkYYMPHM3I_cjs.requireAuth());
 async function getCollectionFields(db, collectionId) {
   const cache = chunkNZWFCUDA_cjs.getCacheService(chunkNZWFCUDA_cjs.CACHE_CONFIGS.collection);
   return cache.getOrSet(
@@ -10324,7 +10327,7 @@ adminContentRoutes.put("/:id", async (c) => {
     `);
   }
 });
-adminContentRoutes.post("/preview", chunkEGUDIX6Q_cjs.requireRole(["admin", "editor", "author"]), async (c) => {
+adminContentRoutes.post("/preview", chunkYYMPHM3I_cjs.requireRole(["admin", "editor", "author"]), async (c) => {
   try {
     const formData = await c.req.formData();
     const collectionId = formData.get("collection_id");
@@ -10702,7 +10705,7 @@ adminContentRoutes.post("/:id/restore/:version", async (c) => {
     return c.json({ success: false, error: "Failed to restore version" });
   }
 });
-adminContentRoutes.get("/:id/version/:version/preview", chunkEGUDIX6Q_cjs.requireRole(["admin", "editor", "author"]), async (c) => {
+adminContentRoutes.get("/:id/version/:version/preview", chunkYYMPHM3I_cjs.requireRole(["admin", "editor", "author"]), async (c) => {
   try {
     const id = c.req.param("id");
     const version = parseInt(c.req.param("version") || "0");
@@ -12703,14 +12706,14 @@ function renderUsersListPage(data) {
 // src/routes/admin-users.ts
 var userRoutes = new hono.Hono();
-userRoutes.use("*", chunkEGUDIX6Q_cjs.requireAuth());
-userRoutes.use("/users/*", chunkEGUDIX6Q_cjs.requireRole(["admin"]));
-userRoutes.use("/users", chunkEGUDIX6Q_cjs.requireRole(["admin"]));
-userRoutes.use("/invite-user", chunkEGUDIX6Q_cjs.requireRole(["admin"]));
-userRoutes.use("/resend-invitation/*", chunkEGUDIX6Q_cjs.requireRole(["admin"]));
-userRoutes.use("/cancel-invitation/*", chunkEGUDIX6Q_cjs.requireRole(["admin"]));
-userRoutes.use("/activity-logs", chunkEGUDIX6Q_cjs.requireRole(["admin"]));
-userRoutes.use("/activity-logs/*", chunkEGUDIX6Q_cjs.requireRole(["admin"]));
+userRoutes.use("*", chunkYYMPHM3I_cjs.requireAuth());
+userRoutes.use("/users/*", chunkYYMPHM3I_cjs.requireRole(["admin"]));
+userRoutes.use("/users", chunkYYMPHM3I_cjs.requireRole(["admin"]));
+userRoutes.use("/invite-user", chunkYYMPHM3I_cjs.requireRole(["admin"]));
+userRoutes.use("/resend-invitation/*", chunkYYMPHM3I_cjs.requireRole(["admin"]));
+userRoutes.use("/cancel-invitation/*", chunkYYMPHM3I_cjs.requireRole(["admin"]));
+userRoutes.use("/activity-logs", chunkYYMPHM3I_cjs.requireRole(["admin"]));
+userRoutes.use("/activity-logs/*", chunkYYMPHM3I_cjs.requireRole(["admin"]));
 userRoutes.get("/", (c) => {
   return c.redirect("/admin/dashboard");
 });
@@ -12880,7 +12883,7 @@ userRoutes.put("/profile", async (c) => {
       }
       await saveCustomData(db, user.userId, sanitized);
     }
-    await chunkEGUDIX6Q_cjs.logActivity(
+    await chunkYYMPHM3I_cjs.logActivity(
       db,
       user.userId,
       "profile.update",
@@ -12943,7 +12946,7 @@ userRoutes.post("/profile/avatar", async (c) => {
       SELECT first_name, last_name FROM users WHERE id = ?
     `);
     const userData = await userStmt.bind(user.userId).first();
-    await chunkEGUDIX6Q_cjs.logActivity(
+    await chunkYYMPHM3I_cjs.logActivity(
       db,
       user.userId,
       "profile.avatar_update",
@@ -13014,7 +13017,7 @@ userRoutes.post("/profile/password", async (c) => {
         dismissible: true
       }));
     }
-    const validPassword = await chunkEGUDIX6Q_cjs.AuthManager.verifyPassword(currentPassword, userData.password_hash);
+    const validPassword = await chunkYYMPHM3I_cjs.AuthManager.verifyPassword(currentPassword, userData.password_hash);
     if (!validPassword) {
       return c.html(renderAlert2({
         type: "error",
@@ -13022,7 +13025,7 @@ userRoutes.post("/profile/password", async (c) => {
         dismissible: true
       }));
     }
-    const newPasswordHash = await chunkEGUDIX6Q_cjs.AuthManager.hashPassword(newPassword);
+    const newPasswordHash = await chunkYYMPHM3I_cjs.AuthManager.hashPassword(newPassword);
     const historyStmt = db.prepare(`
       INSERT INTO password_history (id, user_id, password_hash, created_at)
       VALUES (?, ?, ?, ?)
@@ -13038,7 +13041,7 @@ userRoutes.post("/profile/password", async (c) => {
       WHERE id = ?
     `);
     await updateStmt.bind(newPasswordHash, Date.now(), user.userId).run();
-    await chunkEGUDIX6Q_cjs.logActivity(
+    await chunkYYMPHM3I_cjs.logActivity(
       db,
       user.userId,
       "profile.password_change",
@@ -13105,7 +13108,7 @@ userRoutes.get("/users", async (c) => {
     `);
     const countResult = await countStmt.bind(...params).first();
     const totalUsers = countResult?.total || 0;
-    await chunkEGUDIX6Q_cjs.logActivity(
+    await chunkYYMPHM3I_cjs.logActivity(
       db,
       user.userId,
       "users.list_view",
@@ -13263,7 +13266,7 @@ userRoutes.post("/users/new", async (c) => {
         dismissible: true
       }));
     }
-    const passwordHash = await chunkEGUDIX6Q_cjs.AuthManager.hashPassword(password);
+    const passwordHash = await chunkYYMPHM3I_cjs.AuthManager.hashPassword(password);
     const userId = crypto.randomUUID();
     const createStmt = db.prepare(`
       INSERT INTO users (
@@ -13286,7 +13289,7 @@ userRoutes.post("/users/new", async (c) => {
       Date.now(),
       Date.now()
     ).run();
-    await chunkEGUDIX6Q_cjs.logActivity(
+    await chunkYYMPHM3I_cjs.logActivity(
       db,
       user.userId,
       "user!.create",
@@ -13325,7 +13328,7 @@ userRoutes.get("/users/:id", async (c) => {
     if (!userRecord) {
       return c.json({ error: "User not found" }, 404);
     }
-    await chunkEGUDIX6Q_cjs.logActivity(
+    await chunkYYMPHM3I_cjs.logActivity(
       db,
       user.userId,
       "user!.view",
@@ -13551,7 +13554,7 @@ userRoutes.put("/users/:id", async (c) => {
       userId
     ).run();
     if (newPassword) {
-      const passwordHash = await chunkEGUDIX6Q_cjs.AuthManager.hashPassword(newPassword);
+      const passwordHash = await chunkYYMPHM3I_cjs.AuthManager.hashPassword(newPassword);
       const updatePasswordStmt = db.prepare(`
         UPDATE users SET password_hash = ?, updated_at = ? WHERE id = ?
       `);
@@ -13605,7 +13608,7 @@ userRoutes.put("/users/:id", async (c) => {
         ).run();
       }
     }
-    await chunkEGUDIX6Q_cjs.logActivity(
+    await chunkYYMPHM3I_cjs.logActivity(
       db,
       user.userId,
       "user.update",
@@ -13650,7 +13653,7 @@ userRoutes.post("/users/:id/toggle", async (c) => {
       UPDATE users SET is_active = ?, updated_at = ? WHERE id = ?
     `);
     await toggleStmt.bind(active ? 1 : 0, Date.now(), userId).run();
-    await chunkEGUDIX6Q_cjs.logActivity(
+    await chunkYYMPHM3I_cjs.logActivity(
       db,
       user.userId,
       active ? "user.activate" : "user.deactivate",
@@ -13691,7 +13694,7 @@ userRoutes.delete("/users/:id", async (c) => {
         DELETE FROM users WHERE id = ?
       `);
       await deleteStmt.bind(userId).run();
-      await chunkEGUDIX6Q_cjs.logActivity(
+      await chunkYYMPHM3I_cjs.logActivity(
         db,
         user.userId,
         "user!.hard_delete",
@@ -13710,7 +13713,7 @@ userRoutes.delete("/users/:id", async (c) => {
         UPDATE users SET is_active = 0, updated_at = ? WHERE id = ?
       `);
       await deleteStmt.bind(Date.now(), userId).run();
-      await chunkEGUDIX6Q_cjs.logActivity(
+      await chunkYYMPHM3I_cjs.logActivity(
         db,
         user.userId,
         "user!.soft_delete",
@@ -13776,7 +13779,7 @@ userRoutes.post("/invite-user", async (c) => {
       Date.now(),
       Date.now()
     ).run();
-    await chunkEGUDIX6Q_cjs.logActivity(
+    await chunkYYMPHM3I_cjs.logActivity(
       db,
       user.userId,
       "user!.invite_sent",
@@ -13833,7 +13836,7 @@ userRoutes.post("/resend-invitation/:id", async (c) => {
       Date.now(),
       userId
     ).run();
-    await chunkEGUDIX6Q_cjs.logActivity(
+    await chunkYYMPHM3I_cjs.logActivity(
       db,
       user.userId,
       "user!.invitation_resent",
@@ -13869,7 +13872,7 @@ userRoutes.delete("/cancel-invitation/:id", async (c) => {
     }
     const deleteStmt = db.prepare(`DELETE FROM users WHERE id = ?`);
     await deleteStmt.bind(userId).run();
-    await chunkEGUDIX6Q_cjs.logActivity(
+    await chunkYYMPHM3I_cjs.logActivity(
       db,
       user.userId,
       "user!.invitation_cancelled",
@@ -13952,7 +13955,7 @@ userRoutes.get("/activity-logs", async (c) => {
       ...log,
       details: log.details ? JSON.parse(log.details) : null
     }));
-    await chunkEGUDIX6Q_cjs.logActivity(
+    await chunkYYMPHM3I_cjs.logActivity(
       db,
       user.userId,
       "activity.logs_viewed",
@@ -14059,7 +14062,7 @@ userRoutes.get("/activity-logs/export", async (c) => {
       csvRows.push(row.join(","));
     }
     const csvContent = csvRows.join("\n");
-    await chunkEGUDIX6Q_cjs.logActivity(
+    await chunkYYMPHM3I_cjs.logActivity(
       db,
       user.userId,
       "activity.logs_exported",
@@ -15398,7 +15401,7 @@ var fileValidationSchema2 = zod.z.object({
   // 50MB max
 });
 var adminMediaRoutes = new hono.Hono();
-adminMediaRoutes.use("*", chunkEGUDIX6Q_cjs.requireAuth());
+adminMediaRoutes.use("*", chunkYYMPHM3I_cjs.requireAuth());
 adminMediaRoutes.get("/", async (c) => {
   try {
     const user = c.get("user");
@@ -15984,7 +15987,7 @@ adminMediaRoutes.put("/:id", async (c) => {
     `);
   }
 });
-adminMediaRoutes.delete("/cleanup", chunkEGUDIX6Q_cjs.requireRole("admin"), async (c) => {
+adminMediaRoutes.delete("/cleanup", chunkYYMPHM3I_cjs.requireRole("admin"), async (c) => {
   try {
     const db = c.env.DB;
     const allMediaStmt = db.prepare("SELECT id, r2_key, filename FROM media WHERE deleted_at IS NULL");
@@ -18209,7 +18212,7 @@ function renderEmailSettingsContent(plugin, settings) {
 // src/routes/admin-plugins.ts
 var adminPluginRoutes = new hono.Hono();
-adminPluginRoutes.use("*", chunkEGUDIX6Q_cjs.requireAuth());
+adminPluginRoutes.use("*", chunkYYMPHM3I_cjs.requireAuth());
 var AVAILABLE_PLUGINS = [
   {
     id: "third-party-faq",
@@ -19703,7 +19706,7 @@ function renderLogConfigPage(data) {
 // src/routes/admin-logs.ts
 var adminLogsRoutes = new hono.Hono();
-adminLogsRoutes.use("*", chunkEGUDIX6Q_cjs.requireAuth());
+adminLogsRoutes.use("*", chunkYYMPHM3I_cjs.requireAuth());
 adminLogsRoutes.get("/", async (c) => {
   try {
     const user = c.get("user");
@@ -22031,9 +22034,9 @@ function renderStorageUsage(databaseSizeBytes, mediaSizeBytes) {
 }
 // src/routes/admin-dashboard.ts
-var VERSION = chunkXCP5GCBE_cjs.getCoreVersion();
+var VERSION = chunkYULUPQZV_cjs.getCoreVersion();
 var router = new hono.Hono();
-router.use("*", chunkEGUDIX6Q_cjs.requireAuth());
+router.use("*", chunkYYMPHM3I_cjs.requireAuth());
 router.get("/", async (c) => {
   const user = c.get("user");
   try {
@@ -23852,10 +23855,10 @@ function renderCollectionFormPage(data) {
 // src/routes/admin-collections.ts
 var adminCollectionsRoutes = new hono.Hono();
-adminCollectionsRoutes.use("*", chunkEGUDIX6Q_cjs.requireAuth());
-adminCollectionsRoutes.post("*", chunkEGUDIX6Q_cjs.requireRole(["admin"]));
-adminCollectionsRoutes.put("*", chunkEGUDIX6Q_cjs.requireRole(["admin"]));
-adminCollectionsRoutes.delete("*", chunkEGUDIX6Q_cjs.requireRole(["admin"]));
+adminCollectionsRoutes.use("*", chunkYYMPHM3I_cjs.requireAuth());
+adminCollectionsRoutes.post("*", chunkYYMPHM3I_cjs.requireRole(["admin"]));
+adminCollectionsRoutes.put("*", chunkYYMPHM3I_cjs.requireRole(["admin"]));
+adminCollectionsRoutes.delete("*", chunkYYMPHM3I_cjs.requireRole(["admin"]));
 adminCollectionsRoutes.get("/", async (c) => {
   try {
     const user = c.get("user");
@@ -26051,7 +26054,7 @@ function renderDatabaseToolsSettings(settings) {
 // src/routes/admin-settings.ts
 var adminSettingsRoutes = new hono.Hono();
-adminSettingsRoutes.use("*", chunkEGUDIX6Q_cjs.requireAuth());
+adminSettingsRoutes.use("*", chunkYYMPHM3I_cjs.requireAuth());
 function getMockSettings(user) {
   return {
     general: {
@@ -26219,7 +26222,7 @@ adminSettingsRoutes.get("/database-tools", (c) => {
 adminSettingsRoutes.get("/api/migrations/status", async (c) => {
   try {
     const db = c.env.DB;
-    const migrationService = new chunkSER23XI4_cjs.MigrationService(db);
+    const migrationService = new chunkKZ2MFGET_cjs.MigrationService(db);
     const status = await migrationService.getMigrationStatus();
     return c.json({
       success: true,
@@ -26243,7 +26246,7 @@ adminSettingsRoutes.post("/api/migrations/run", async (c) => {
       }, 403);
     }
     const db = c.env.DB;
-    const migrationService = new chunkSER23XI4_cjs.MigrationService(db);
+    const migrationService = new chunkKZ2MFGET_cjs.MigrationService(db);
     const result = await migrationService.runPendingMigrations();
     return c.json({
       success: result.success,
@@ -26261,7 +26264,7 @@ adminSettingsRoutes.post("/api/migrations/run", async (c) => {
 adminSettingsRoutes.get("/api/migrations/validate", async (c) => {
   try {
     const db = c.env.DB;
-    const migrationService = new chunkSER23XI4_cjs.MigrationService(db);
+    const migrationService = new chunkKZ2MFGET_cjs.MigrationService(db);
     const validation = await migrationService.validateSchema();
     return c.json({
       success: true,
@@ -28151,7 +28154,7 @@ function renderFormCreatePage(data) {
 // src/routes/admin-forms.ts
 var adminFormsRoutes = new hono.Hono();
-adminFormsRoutes.use("*", chunkEGUDIX6Q_cjs.requireAuth());
+adminFormsRoutes.use("*", chunkYYMPHM3I_cjs.requireAuth());
 adminFormsRoutes.get("/", async (c) => {
   try {
     const user = c.get("user");
@@ -29324,9 +29327,9 @@ function renderAPIReferencePage(data) {
 }
 // src/routes/admin-api-reference.ts
-var VERSION2 = chunkXCP5GCBE_cjs.getCoreVersion();
+var VERSION2 = chunkYULUPQZV_cjs.getCoreVersion();
 var router2 = new hono.Hono();
-router2.use("*", chunkEGUDIX6Q_cjs.requireAuth());
+router2.use("*", chunkYYMPHM3I_cjs.requireAuth());
 router2.get("/", async (c) => {
   const user = c.get("user");
   try {
@@ -29417,5 +29420,5 @@ exports.router2 = router2;
 exports.test_cleanup_default = test_cleanup_default;
 exports.userProfilesPlugin = userProfilesPlugin;
 exports.userRoutes = userRoutes;
-//# sourceMappingURL=chunk-HVTSE2SF.cjs.map
-//# sourceMappingURL=chunk-HVTSE2SF.cjs.map
+//# sourceMappingURL=chunk-DRWSHIFG.cjs.map
+//# sourceMappingURL=chunk-DRWSHIFG.cjs.map