@sonicjs-cms/core 2.17.1 → 2.18.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{chunk-3TVMUQWG.cjs → chunk-3XP76LM7.cjs} +8 -8
- package/dist/{chunk-3TVMUQWG.cjs.map → chunk-3XP76LM7.cjs.map} +1 -1
- package/dist/{chunk-47HKH3D6.cjs → chunk-56PLLVDG.cjs} +9 -3
- package/dist/chunk-56PLLVDG.cjs.map +1 -0
- package/dist/{chunk-5EBTBD2Z.cjs → chunk-74BFRAQS.cjs} +54 -3
- package/dist/chunk-74BFRAQS.cjs.map +1 -0
- package/dist/{chunk-I6444XLU.cjs → chunk-DAESIIWY.cjs} +2 -2
- package/dist/{chunk-I6444XLU.cjs.map → chunk-DAESIIWY.cjs.map} +1 -1
- package/dist/{chunk-P5IDHMOL.js → chunk-GH3HYA7D.js} +4 -4
- package/dist/{chunk-P5IDHMOL.js.map → chunk-GH3HYA7D.js.map} +1 -1
- package/dist/{chunk-5ITJB5ZT.cjs → chunk-LTJ7P7RT.cjs} +242 -124
- package/dist/chunk-LTJ7P7RT.cjs.map +1 -0
- package/dist/{chunk-7D7SI5P7.js → chunk-NDS4S4AG.js} +54 -3
- package/dist/chunk-NDS4S4AG.js.map +1 -0
- package/dist/{chunk-QZBZEUZF.js → chunk-OWJPOVFW.js} +2 -2
- package/dist/{chunk-QZBZEUZF.js.map → chunk-OWJPOVFW.js.map} +1 -1
- package/dist/{chunk-UDUHP4PA.js → chunk-RYRNZYND.js} +128 -10
- package/dist/chunk-RYRNZYND.js.map +1 -0
- package/dist/{chunk-EUFBU4T4.js → chunk-YK5IEGQZ.js} +9 -3
- package/dist/chunk-YK5IEGQZ.js.map +1 -0
- package/dist/index.cjs +196 -153
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +1 -1
- package/dist/index.d.ts +1 -1
- package/dist/index.js +65 -22
- package/dist/index.js.map +1 -1
- package/dist/middleware.cjs +32 -32
- package/dist/middleware.js +3 -3
- package/dist/migrations-CW2IT5YP.cjs +13 -0
- package/dist/{migrations-VQ4UX4M4.cjs.map → migrations-CW2IT5YP.cjs.map} +1 -1
- package/dist/migrations-S42BOXI4.js +4 -0
- package/dist/{migrations-3TVS3HU5.js.map → migrations-S42BOXI4.js.map} +1 -1
- package/dist/routes.cjs +28 -28
- package/dist/routes.js +5 -5
- package/dist/services.cjs +23 -23
- package/dist/services.js +2 -2
- package/dist/utils.cjs +11 -11
- package/dist/utils.d.cts +1 -1
- package/dist/utils.d.ts +1 -1
- package/dist/utils.js +1 -1
- package/dist/{version-ChpccWQ1.d.cts → version-DFTyGfIH.d.cts} +9 -1
- package/dist/{version-ChpccWQ1.d.ts → version-DFTyGfIH.d.ts} +9 -1
- package/package.json +1 -1
- package/dist/chunk-47HKH3D6.cjs.map +0 -1
- package/dist/chunk-5EBTBD2Z.cjs.map +0 -1
- package/dist/chunk-5ITJB5ZT.cjs.map +0 -1
- package/dist/chunk-7D7SI5P7.js.map +0 -1
- package/dist/chunk-EUFBU4T4.js.map +0 -1
- package/dist/chunk-UDUHP4PA.js.map +0 -1
- package/dist/migrations-3TVS3HU5.js +0 -4
- package/dist/migrations-VQ4UX4M4.cjs +0 -13
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
3
|
var chunkWAEQXGCX_cjs = require('./chunk-WAEQXGCX.cjs');
|
|
4
|
-
var
|
|
5
|
-
var
|
|
6
|
-
var
|
|
4
|
+
var chunk3XP76LM7_cjs = require('./chunk-3XP76LM7.cjs');
|
|
5
|
+
var chunk56PLLVDG_cjs = require('./chunk-56PLLVDG.cjs');
|
|
6
|
+
var chunkDAESIIWY_cjs = require('./chunk-DAESIIWY.cjs');
|
|
7
7
|
var chunkOHYBNCVL_cjs = require('./chunk-OHYBNCVL.cjs');
|
|
8
8
|
var chunkUYJ6TJHX_cjs = require('./chunk-UYJ6TJHX.cjs');
|
|
9
9
|
var chunk635JAMSE_cjs = require('./chunk-635JAMSE.cjs');
|
|
10
|
-
var
|
|
10
|
+
var chunk74BFRAQS_cjs = require('./chunk-74BFRAQS.cjs');
|
|
11
11
|
var chunkRCQ2HIQD_cjs = require('./chunk-RCQ2HIQD.cjs');
|
|
12
12
|
var chunkMNWKYY5E_cjs = require('./chunk-MNWKYY5E.cjs');
|
|
13
13
|
var hono = require('hono');
|
|
@@ -189,7 +189,7 @@ apiContentCrudRoutes.get("/:id", async (c) => {
|
|
|
189
189
|
}, 500);
|
|
190
190
|
}
|
|
191
191
|
});
|
|
192
|
-
apiContentCrudRoutes.post("/",
|
|
192
|
+
apiContentCrudRoutes.post("/", chunk3XP76LM7_cjs.requireAuth(), chunk3XP76LM7_cjs.requireRole(["admin", "editor", "author"]), async (c) => {
|
|
193
193
|
try {
|
|
194
194
|
const db = c.env.DB;
|
|
195
195
|
const user = c.get("user");
|
|
@@ -255,7 +255,7 @@ apiContentCrudRoutes.post("/", chunk3TVMUQWG_cjs.requireAuth(), chunk3TVMUQWG_cj
|
|
|
255
255
|
}, 500);
|
|
256
256
|
}
|
|
257
257
|
});
|
|
258
|
-
apiContentCrudRoutes.put("/:id",
|
|
258
|
+
apiContentCrudRoutes.put("/:id", chunk3XP76LM7_cjs.requireAuth(), chunk3XP76LM7_cjs.requireRole(["admin", "editor", "author"]), async (c) => {
|
|
259
259
|
try {
|
|
260
260
|
const id = c.req.param("id");
|
|
261
261
|
const db = c.env.DB;
|
|
@@ -319,7 +319,7 @@ apiContentCrudRoutes.put("/:id", chunk3TVMUQWG_cjs.requireAuth(), chunk3TVMUQWG_
|
|
|
319
319
|
}, 500);
|
|
320
320
|
}
|
|
321
321
|
});
|
|
322
|
-
apiContentCrudRoutes.delete("/:id",
|
|
322
|
+
apiContentCrudRoutes.delete("/:id", chunk3XP76LM7_cjs.requireAuth(), chunk3XP76LM7_cjs.requireRole(["admin", "editor", "author"]), async (c) => {
|
|
323
323
|
try {
|
|
324
324
|
const id = c.req.param("id");
|
|
325
325
|
const db = c.env.DB;
|
|
@@ -355,7 +355,7 @@ apiRoutes.use("*", async (c, next) => {
|
|
|
355
355
|
c.header("X-Response-Time", `${totalTime}ms`);
|
|
356
356
|
});
|
|
357
357
|
apiRoutes.use("*", async (c, next) => {
|
|
358
|
-
const cacheEnabled = await
|
|
358
|
+
const cacheEnabled = await chunk3XP76LM7_cjs.isPluginActive(c.env.DB, "core-cache");
|
|
359
359
|
c.set("cacheEnabled", cacheEnabled);
|
|
360
360
|
await next();
|
|
361
361
|
});
|
|
@@ -846,7 +846,7 @@ apiRoutes.get("/collections", async (c) => {
|
|
|
846
846
|
return c.json({ error: "Failed to fetch collections" }, 500);
|
|
847
847
|
}
|
|
848
848
|
});
|
|
849
|
-
apiRoutes.get("/content",
|
|
849
|
+
apiRoutes.get("/content", chunk3XP76LM7_cjs.optionalAuth(), async (c) => {
|
|
850
850
|
const executionStart = Date.now();
|
|
851
851
|
try {
|
|
852
852
|
const db = c.env.DB;
|
|
@@ -869,13 +869,13 @@ apiRoutes.get("/content", chunk3TVMUQWG_cjs.optionalAuth(), async (c) => {
|
|
|
869
869
|
});
|
|
870
870
|
}
|
|
871
871
|
}
|
|
872
|
-
const filter =
|
|
872
|
+
const filter = chunk74BFRAQS_cjs.QueryFilterBuilder.parseFromQuery(queryParams);
|
|
873
873
|
const normalizedFilter = normalizePublicContentFilter(filter, c.get("user")?.role);
|
|
874
874
|
if (!normalizedFilter.limit) {
|
|
875
875
|
normalizedFilter.limit = 50;
|
|
876
876
|
}
|
|
877
877
|
normalizedFilter.limit = Math.min(normalizedFilter.limit, 1e3);
|
|
878
|
-
const builder3 = new
|
|
878
|
+
const builder3 = new chunk74BFRAQS_cjs.QueryFilterBuilder();
|
|
879
879
|
const queryResult = builder3.build("content", normalizedFilter);
|
|
880
880
|
if (queryResult.errors.length > 0) {
|
|
881
881
|
return c.json({
|
|
@@ -947,7 +947,7 @@ apiRoutes.get("/content", chunk3TVMUQWG_cjs.optionalAuth(), async (c) => {
|
|
|
947
947
|
}, 500);
|
|
948
948
|
}
|
|
949
949
|
});
|
|
950
|
-
apiRoutes.get("/collections/:collection/content",
|
|
950
|
+
apiRoutes.get("/collections/:collection/content", chunk3XP76LM7_cjs.optionalAuth(), async (c) => {
|
|
951
951
|
const executionStart = Date.now();
|
|
952
952
|
try {
|
|
953
953
|
const collection = c.req.param("collection");
|
|
@@ -958,7 +958,7 @@ apiRoutes.get("/collections/:collection/content", chunk3TVMUQWG_cjs.optionalAuth
|
|
|
958
958
|
if (!collectionResult) {
|
|
959
959
|
return c.json({ error: "Collection not found" }, 404);
|
|
960
960
|
}
|
|
961
|
-
const filter =
|
|
961
|
+
const filter = chunk74BFRAQS_cjs.QueryFilterBuilder.parseFromQuery(queryParams);
|
|
962
962
|
const normalizedFilter = normalizePublicContentFilter(filter, c.get("user")?.role);
|
|
963
963
|
if (!normalizedFilter.where) {
|
|
964
964
|
normalizedFilter.where = { and: [] };
|
|
@@ -975,7 +975,7 @@ apiRoutes.get("/collections/:collection/content", chunk3TVMUQWG_cjs.optionalAuth
|
|
|
975
975
|
normalizedFilter.limit = 50;
|
|
976
976
|
}
|
|
977
977
|
normalizedFilter.limit = Math.min(normalizedFilter.limit, 1e3);
|
|
978
|
-
const builder3 = new
|
|
978
|
+
const builder3 = new chunk74BFRAQS_cjs.QueryFilterBuilder();
|
|
979
979
|
const queryResult = builder3.build("content", normalizedFilter);
|
|
980
980
|
if (queryResult.errors.length > 0) {
|
|
981
981
|
return c.json({
|
|
@@ -1096,7 +1096,7 @@ var fileValidationSchema = zod.z.object({
|
|
|
1096
1096
|
// 50MB max
|
|
1097
1097
|
});
|
|
1098
1098
|
var apiMediaRoutes = new hono.Hono();
|
|
1099
|
-
apiMediaRoutes.use("*",
|
|
1099
|
+
apiMediaRoutes.use("*", chunk3XP76LM7_cjs.requireAuth());
|
|
1100
1100
|
apiMediaRoutes.post("/upload", async (c) => {
|
|
1101
1101
|
try {
|
|
1102
1102
|
const user = c.get("user");
|
|
@@ -1840,8 +1840,8 @@ apiSystemRoutes.get("/env", (c) => {
|
|
|
1840
1840
|
});
|
|
1841
1841
|
var api_system_default = apiSystemRoutes;
|
|
1842
1842
|
var adminApiRoutes = new hono.Hono();
|
|
1843
|
-
adminApiRoutes.use("*",
|
|
1844
|
-
adminApiRoutes.use("*",
|
|
1843
|
+
adminApiRoutes.use("*", chunk3XP76LM7_cjs.requireAuth());
|
|
1844
|
+
adminApiRoutes.use("*", chunk3XP76LM7_cjs.requireRole(["admin", "editor"]));
|
|
1845
1845
|
adminApiRoutes.get("/stats", async (c) => {
|
|
1846
1846
|
try {
|
|
1847
1847
|
const db = c.env.DB;
|
|
@@ -2353,7 +2353,7 @@ adminApiRoutes.delete("/collections/:id", async (c) => {
|
|
|
2353
2353
|
});
|
|
2354
2354
|
adminApiRoutes.get("/migrations/status", async (c) => {
|
|
2355
2355
|
try {
|
|
2356
|
-
const { MigrationService: MigrationService2 } = await import('./migrations-
|
|
2356
|
+
const { MigrationService: MigrationService2 } = await import('./migrations-CW2IT5YP.cjs');
|
|
2357
2357
|
const db = c.env.DB;
|
|
2358
2358
|
const migrationService = new MigrationService2(db);
|
|
2359
2359
|
const status = await migrationService.getMigrationStatus();
|
|
@@ -2378,7 +2378,7 @@ adminApiRoutes.post("/migrations/run", async (c) => {
|
|
|
2378
2378
|
error: "Unauthorized. Admin access required."
|
|
2379
2379
|
}, 403);
|
|
2380
2380
|
}
|
|
2381
|
-
const { MigrationService: MigrationService2 } = await import('./migrations-
|
|
2381
|
+
const { MigrationService: MigrationService2 } = await import('./migrations-CW2IT5YP.cjs');
|
|
2382
2382
|
const db = c.env.DB;
|
|
2383
2383
|
const migrationService = new MigrationService2(db);
|
|
2384
2384
|
const result = await migrationService.runPendingMigrations();
|
|
@@ -2400,7 +2400,7 @@ adminApiRoutes.post("/migrations/run", async (c) => {
|
|
|
2400
2400
|
});
|
|
2401
2401
|
adminApiRoutes.get("/migrations/validate", async (c) => {
|
|
2402
2402
|
try {
|
|
2403
|
-
const { MigrationService: MigrationService2 } = await import('./migrations-
|
|
2403
|
+
const { MigrationService: MigrationService2 } = await import('./migrations-CW2IT5YP.cjs');
|
|
2404
2404
|
const db = c.env.DB;
|
|
2405
2405
|
const migrationService = new MigrationService2(db);
|
|
2406
2406
|
const validation = await migrationService.validateSchema();
|
|
@@ -5153,8 +5153,8 @@ var JWT_SECRET_FALLBACK = "your-super-secret-jwt-key-change-in-production";
|
|
|
5153
5153
|
async function setCsrfCookie(c, maxAge) {
|
|
5154
5154
|
const secret = c.env?.JWT_SECRET || JWT_SECRET_FALLBACK;
|
|
5155
5155
|
const isDev = c.env?.ENVIRONMENT === "development" || !c.env?.ENVIRONMENT;
|
|
5156
|
-
const csrfToken = await
|
|
5157
|
-
const cookieMaxAge = await
|
|
5156
|
+
const csrfToken = await chunk3XP76LM7_cjs.generateCsrfToken(secret);
|
|
5157
|
+
const cookieMaxAge = await chunk3XP76LM7_cjs.getJwtExpirySecondsFromDb(c.env?.DB, c.env);
|
|
5158
5158
|
cookie.setCookie(c, "csrf_token", csrfToken, {
|
|
5159
5159
|
httpOnly: false,
|
|
5160
5160
|
secure: !isDev,
|
|
@@ -5211,7 +5211,7 @@ var loginSchema = zod.z.object({
|
|
|
5211
5211
|
});
|
|
5212
5212
|
authRoutes.post(
|
|
5213
5213
|
"/register",
|
|
5214
|
-
|
|
5214
|
+
chunk3XP76LM7_cjs.rateLimit({ max: 30, windowMs: 60 * 1e3, keyPrefix: "register" }),
|
|
5215
5215
|
async (c) => {
|
|
5216
5216
|
try {
|
|
5217
5217
|
const db = c.env.DB;
|
|
@@ -5248,7 +5248,7 @@ authRoutes.post(
|
|
|
5248
5248
|
if (existingUser) {
|
|
5249
5249
|
return c.json({ error: "User with this email or username already exists" }, 400);
|
|
5250
5250
|
}
|
|
5251
|
-
const passwordHash = await
|
|
5251
|
+
const passwordHash = await chunk3XP76LM7_cjs.AuthManager.hashPassword(password);
|
|
5252
5252
|
const userId = crypto.randomUUID();
|
|
5253
5253
|
const now = /* @__PURE__ */ new Date();
|
|
5254
5254
|
await db.prepare(`
|
|
@@ -5282,8 +5282,8 @@ authRoutes.post(
|
|
|
5282
5282
|
await saveCustomData(db, userId, sanitized);
|
|
5283
5283
|
}
|
|
5284
5284
|
}
|
|
5285
|
-
const tokenTtl = await
|
|
5286
|
-
const token = await
|
|
5285
|
+
const tokenTtl = await chunk3XP76LM7_cjs.getJwtExpirySecondsFromDb(c.env.DB, c.env);
|
|
5286
|
+
const token = await chunk3XP76LM7_cjs.AuthManager.generateToken(userId, normalizedEmail, "viewer", c.env.JWT_SECRET, tokenTtl);
|
|
5287
5287
|
cookie.setCookie(c, "auth_token", token, {
|
|
5288
5288
|
httpOnly: true,
|
|
5289
5289
|
secure: true,
|
|
@@ -5316,7 +5316,7 @@ authRoutes.post(
|
|
|
5316
5316
|
);
|
|
5317
5317
|
authRoutes.post(
|
|
5318
5318
|
"/login",
|
|
5319
|
-
|
|
5319
|
+
chunk3XP76LM7_cjs.rateLimit({ max: 30, windowMs: 60 * 1e3, keyPrefix: "login" }),
|
|
5320
5320
|
async (c) => {
|
|
5321
5321
|
try {
|
|
5322
5322
|
const body = await c.req.json();
|
|
@@ -5339,20 +5339,20 @@ authRoutes.post(
|
|
|
5339
5339
|
if (!user) {
|
|
5340
5340
|
return c.json({ error: "Invalid email or password" }, 401);
|
|
5341
5341
|
}
|
|
5342
|
-
const isValidPassword = await
|
|
5342
|
+
const isValidPassword = await chunk3XP76LM7_cjs.AuthManager.verifyPassword(password, user.password_hash);
|
|
5343
5343
|
if (!isValidPassword) {
|
|
5344
5344
|
return c.json({ error: "Invalid email or password" }, 401);
|
|
5345
5345
|
}
|
|
5346
|
-
if (
|
|
5346
|
+
if (chunk3XP76LM7_cjs.AuthManager.isLegacyHash(user.password_hash)) {
|
|
5347
5347
|
try {
|
|
5348
|
-
const newHash = await
|
|
5348
|
+
const newHash = await chunk3XP76LM7_cjs.AuthManager.hashPassword(password);
|
|
5349
5349
|
await db.prepare("UPDATE users SET password_hash = ?, updated_at = ? WHERE id = ?").bind(newHash, Date.now(), user.id).run();
|
|
5350
5350
|
} catch (rehashError) {
|
|
5351
5351
|
console.error("Password rehash failed (non-fatal):", rehashError);
|
|
5352
5352
|
}
|
|
5353
5353
|
}
|
|
5354
|
-
const tokenTtl = await
|
|
5355
|
-
const token = await
|
|
5354
|
+
const tokenTtl = await chunk3XP76LM7_cjs.getJwtExpirySecondsFromDb(c.env.DB, c.env);
|
|
5355
|
+
const token = await chunk3XP76LM7_cjs.AuthManager.generateToken(user.id, user.email, user.role, c.env.JWT_SECRET, tokenTtl);
|
|
5356
5356
|
cookie.setCookie(c, "auth_token", token, {
|
|
5357
5357
|
httpOnly: true,
|
|
5358
5358
|
secure: true,
|
|
@@ -5404,7 +5404,7 @@ authRoutes.get("/logout", (c) => {
|
|
|
5404
5404
|
clearCsrfCookie(c);
|
|
5405
5405
|
return c.redirect("/auth/login?message=You have been logged out successfully");
|
|
5406
5406
|
});
|
|
5407
|
-
authRoutes.get("/me",
|
|
5407
|
+
authRoutes.get("/me", chunk3XP76LM7_cjs.requireAuth(), async (c) => {
|
|
5408
5408
|
try {
|
|
5409
5409
|
const user = c.get("user");
|
|
5410
5410
|
if (!user) {
|
|
@@ -5423,7 +5423,7 @@ authRoutes.get("/me", chunk3TVMUQWG_cjs.requireAuth(), async (c) => {
|
|
|
5423
5423
|
});
|
|
5424
5424
|
authRoutes.post(
|
|
5425
5425
|
"/refresh",
|
|
5426
|
-
|
|
5426
|
+
chunk3XP76LM7_cjs.rateLimit({ max: 60, windowMs: 60 * 1e3, keyPrefix: "refresh" }),
|
|
5427
5427
|
async (c) => {
|
|
5428
5428
|
try {
|
|
5429
5429
|
let token = c.req.header("Authorization")?.replace("Bearer ", "");
|
|
@@ -5432,8 +5432,8 @@ authRoutes.post(
|
|
|
5432
5432
|
return c.json({ error: "Authentication required" }, 401);
|
|
5433
5433
|
}
|
|
5434
5434
|
const db = c.env.DB;
|
|
5435
|
-
const grace = await
|
|
5436
|
-
const payload = await
|
|
5435
|
+
const grace = await chunk3XP76LM7_cjs.getJwtRefreshGraceSecondsFromDb(db, c.env);
|
|
5436
|
+
const payload = await chunk3XP76LM7_cjs.AuthManager.verifyToken(token, c.env.JWT_SECRET, grace);
|
|
5437
5437
|
if (!payload) {
|
|
5438
5438
|
return c.json({ error: "Invalid or expired token" }, 401);
|
|
5439
5439
|
}
|
|
@@ -5441,8 +5441,8 @@ authRoutes.post(
|
|
|
5441
5441
|
if (!row || !row.is_active) {
|
|
5442
5442
|
return c.json({ error: "User is not active" }, 401);
|
|
5443
5443
|
}
|
|
5444
|
-
const tokenTtl = await
|
|
5445
|
-
const newToken = await
|
|
5444
|
+
const tokenTtl = await chunk3XP76LM7_cjs.getJwtExpirySecondsFromDb(db, c.env);
|
|
5445
|
+
const newToken = await chunk3XP76LM7_cjs.AuthManager.generateToken(row.id, row.email, row.role, c.env.JWT_SECRET, tokenTtl);
|
|
5446
5446
|
cookie.setCookie(c, "auth_token", newToken, {
|
|
5447
5447
|
httpOnly: true,
|
|
5448
5448
|
secure: true,
|
|
@@ -5462,7 +5462,7 @@ authRoutes.post(
|
|
|
5462
5462
|
);
|
|
5463
5463
|
authRoutes.post(
|
|
5464
5464
|
"/register/form",
|
|
5465
|
-
|
|
5465
|
+
chunk3XP76LM7_cjs.rateLimit({ max: 30, windowMs: 60 * 1e3, keyPrefix: "register" }),
|
|
5466
5466
|
async (c) => {
|
|
5467
5467
|
try {
|
|
5468
5468
|
const db = c.env.DB;
|
|
@@ -5509,7 +5509,7 @@ authRoutes.post(
|
|
|
5509
5509
|
</div>
|
|
5510
5510
|
`);
|
|
5511
5511
|
}
|
|
5512
|
-
const passwordHash = await
|
|
5512
|
+
const passwordHash = await chunk3XP76LM7_cjs.AuthManager.hashPassword(password);
|
|
5513
5513
|
const role = isFirstUser ? "admin" : "viewer";
|
|
5514
5514
|
const userId = crypto.randomUUID();
|
|
5515
5515
|
const now = /* @__PURE__ */ new Date();
|
|
@@ -5544,8 +5544,8 @@ authRoutes.post(
|
|
|
5544
5544
|
await saveCustomData(db, userId, sanitized);
|
|
5545
5545
|
}
|
|
5546
5546
|
}
|
|
5547
|
-
const tokenTtl = await
|
|
5548
|
-
const token = await
|
|
5547
|
+
const tokenTtl = await chunk3XP76LM7_cjs.getJwtExpirySecondsFromDb(c.env.DB, c.env);
|
|
5548
|
+
const token = await chunk3XP76LM7_cjs.AuthManager.generateToken(userId, normalizedEmail, role, c.env.JWT_SECRET, tokenTtl);
|
|
5549
5549
|
cookie.setCookie(c, "auth_token", token, {
|
|
5550
5550
|
httpOnly: true,
|
|
5551
5551
|
secure: false,
|
|
@@ -5577,7 +5577,7 @@ authRoutes.post(
|
|
|
5577
5577
|
);
|
|
5578
5578
|
authRoutes.post(
|
|
5579
5579
|
"/login/form",
|
|
5580
|
-
|
|
5580
|
+
chunk3XP76LM7_cjs.rateLimit({ max: 30, windowMs: 60 * 1e3, keyPrefix: "login" }),
|
|
5581
5581
|
async (c) => {
|
|
5582
5582
|
try {
|
|
5583
5583
|
const formData = await c.req.formData();
|
|
@@ -5601,7 +5601,7 @@ authRoutes.post(
|
|
|
5601
5601
|
</div>
|
|
5602
5602
|
`);
|
|
5603
5603
|
}
|
|
5604
|
-
const isValidPassword = await
|
|
5604
|
+
const isValidPassword = await chunk3XP76LM7_cjs.AuthManager.verifyPassword(password, user.password_hash);
|
|
5605
5605
|
if (!isValidPassword) {
|
|
5606
5606
|
return c.html(html.html`
|
|
5607
5607
|
<div class="bg-red-100 border border-red-400 text-red-700 px-4 py-3 rounded">
|
|
@@ -5609,16 +5609,16 @@ authRoutes.post(
|
|
|
5609
5609
|
</div>
|
|
5610
5610
|
`);
|
|
5611
5611
|
}
|
|
5612
|
-
if (
|
|
5612
|
+
if (chunk3XP76LM7_cjs.AuthManager.isLegacyHash(user.password_hash)) {
|
|
5613
5613
|
try {
|
|
5614
|
-
const newHash = await
|
|
5614
|
+
const newHash = await chunk3XP76LM7_cjs.AuthManager.hashPassword(password);
|
|
5615
5615
|
await db.prepare("UPDATE users SET password_hash = ?, updated_at = ? WHERE id = ?").bind(newHash, Date.now(), user.id).run();
|
|
5616
5616
|
} catch (rehashError) {
|
|
5617
5617
|
console.error("Password rehash failed (non-fatal):", rehashError);
|
|
5618
5618
|
}
|
|
5619
5619
|
}
|
|
5620
|
-
const tokenTtl = await
|
|
5621
|
-
const token = await
|
|
5620
|
+
const tokenTtl = await chunk3XP76LM7_cjs.getJwtExpirySecondsFromDb(c.env.DB, c.env);
|
|
5621
|
+
const token = await chunk3XP76LM7_cjs.AuthManager.generateToken(user.id, user.email, user.role, c.env.JWT_SECRET, tokenTtl);
|
|
5622
5622
|
cookie.setCookie(c, "auth_token", token, {
|
|
5623
5623
|
httpOnly: true,
|
|
5624
5624
|
secure: false,
|
|
@@ -5659,7 +5659,7 @@ authRoutes.post(
|
|
|
5659
5659
|
);
|
|
5660
5660
|
authRoutes.post(
|
|
5661
5661
|
"/seed-admin",
|
|
5662
|
-
|
|
5662
|
+
chunk3XP76LM7_cjs.rateLimit({ max: 10, windowMs: 60 * 1e3, keyPrefix: "seed-admin" }),
|
|
5663
5663
|
async (c) => {
|
|
5664
5664
|
try {
|
|
5665
5665
|
const db = c.env.DB;
|
|
@@ -5681,7 +5681,7 @@ authRoutes.post(
|
|
|
5681
5681
|
`).run();
|
|
5682
5682
|
const existingAdmin = await db.prepare("SELECT id FROM users WHERE email = ? OR username = ?").bind("admin@sonicjs.com", "admin").first();
|
|
5683
5683
|
if (existingAdmin) {
|
|
5684
|
-
const passwordHash2 = await
|
|
5684
|
+
const passwordHash2 = await chunk3XP76LM7_cjs.AuthManager.hashPassword("sonicjs!");
|
|
5685
5685
|
await db.prepare("UPDATE users SET password_hash = ?, updated_at = ? WHERE id = ?").bind(passwordHash2, Date.now(), existingAdmin.id).run();
|
|
5686
5686
|
return c.json({
|
|
5687
5687
|
message: "Admin user already exists (password updated)",
|
|
@@ -5693,7 +5693,7 @@ authRoutes.post(
|
|
|
5693
5693
|
}
|
|
5694
5694
|
});
|
|
5695
5695
|
}
|
|
5696
|
-
const passwordHash = await
|
|
5696
|
+
const passwordHash = await chunk3XP76LM7_cjs.AuthManager.hashPassword("sonicjs!");
|
|
5697
5697
|
const userId = "admin-user-id";
|
|
5698
5698
|
const now = Date.now();
|
|
5699
5699
|
const adminEmail = "admin@sonicjs.com".toLowerCase();
|
|
@@ -5914,7 +5914,7 @@ authRoutes.post("/accept-invitation", async (c) => {
|
|
|
5914
5914
|
if (existingUsername) {
|
|
5915
5915
|
return c.json({ error: "Username is already taken" }, 400);
|
|
5916
5916
|
}
|
|
5917
|
-
const passwordHash = await
|
|
5917
|
+
const passwordHash = await chunk3XP76LM7_cjs.AuthManager.hashPassword(password);
|
|
5918
5918
|
const updateStmt = db.prepare(`
|
|
5919
5919
|
UPDATE users SET
|
|
5920
5920
|
username = ?,
|
|
@@ -5933,8 +5933,8 @@ authRoutes.post("/accept-invitation", async (c) => {
|
|
|
5933
5933
|
Date.now(),
|
|
5934
5934
|
invitedUser.id
|
|
5935
5935
|
).run();
|
|
5936
|
-
const tokenTtl = await
|
|
5937
|
-
const authToken = await
|
|
5936
|
+
const tokenTtl = await chunk3XP76LM7_cjs.getJwtExpirySecondsFromDb(c.env.DB, c.env);
|
|
5937
|
+
const authToken = await chunk3XP76LM7_cjs.AuthManager.generateToken(invitedUser.id, invitedUser.email, invitedUser.role, c.env.JWT_SECRET, tokenTtl);
|
|
5938
5938
|
cookie.setCookie(c, "auth_token", authToken, {
|
|
5939
5939
|
httpOnly: true,
|
|
5940
5940
|
secure: true,
|
|
@@ -5950,7 +5950,7 @@ authRoutes.post("/accept-invitation", async (c) => {
|
|
|
5950
5950
|
});
|
|
5951
5951
|
authRoutes.post(
|
|
5952
5952
|
"/request-password-reset",
|
|
5953
|
-
|
|
5953
|
+
chunk3XP76LM7_cjs.rateLimit({ max: 3, windowMs: 15 * 60 * 1e3, keyPrefix: "password-reset" }),
|
|
5954
5954
|
async (c) => {
|
|
5955
5955
|
try {
|
|
5956
5956
|
const formData = await c.req.formData();
|
|
@@ -6168,7 +6168,7 @@ authRoutes.post("/reset-password", async (c) => {
|
|
|
6168
6168
|
if (Date.now() > user.password_reset_expires) {
|
|
6169
6169
|
return c.json({ error: "Reset token has expired" }, 400);
|
|
6170
6170
|
}
|
|
6171
|
-
const newPasswordHash = await
|
|
6171
|
+
const newPasswordHash = await chunk3XP76LM7_cjs.AuthManager.hashPassword(password);
|
|
6172
6172
|
try {
|
|
6173
6173
|
const historyStmt = db.prepare(`
|
|
6174
6174
|
INSERT INTO password_history (id, user_id, password_hash, created_at)
|
|
@@ -9544,9 +9544,9 @@ function parseFieldValue(field, formData, options = {}) {
|
|
|
9544
9544
|
const { skipValidation = false } = options;
|
|
9545
9545
|
const value = formData.get(field.field_name);
|
|
9546
9546
|
const errors = [];
|
|
9547
|
-
const blocksConfig =
|
|
9547
|
+
const blocksConfig = chunk74BFRAQS_cjs.getBlocksFieldConfig(field.field_options);
|
|
9548
9548
|
if (blocksConfig) {
|
|
9549
|
-
const parsed =
|
|
9549
|
+
const parsed = chunk74BFRAQS_cjs.parseBlocksValue(value, blocksConfig);
|
|
9550
9550
|
if (!skipValidation && field.is_required && parsed.value.length === 0) {
|
|
9551
9551
|
parsed.errors.push(`${field.field_label} is required`);
|
|
9552
9552
|
}
|
|
@@ -9656,7 +9656,7 @@ function extractFieldData(fields, formData, options = {}) {
|
|
|
9656
9656
|
}
|
|
9657
9657
|
return { data, errors };
|
|
9658
9658
|
}
|
|
9659
|
-
adminContentRoutes.use("*",
|
|
9659
|
+
adminContentRoutes.use("*", chunk3XP76LM7_cjs.requireAuth());
|
|
9660
9660
|
async function getCollectionFields(db, collectionId) {
|
|
9661
9661
|
const cache = chunkWAEQXGCX_cjs.getCacheService(chunkWAEQXGCX_cjs.CACHE_CONFIGS.collection);
|
|
9662
9662
|
return cache.getOrSet(
|
|
@@ -9933,21 +9933,21 @@ adminContentRoutes.get("/new", async (c) => {
|
|
|
9933
9933
|
const tinymceEnabled = await isPluginActive2(db, "tinymce-plugin");
|
|
9934
9934
|
let tinymceSettings;
|
|
9935
9935
|
if (tinymceEnabled) {
|
|
9936
|
-
const pluginService = new
|
|
9936
|
+
const pluginService = new chunk56PLLVDG_cjs.PluginService(db);
|
|
9937
9937
|
const tinymcePlugin2 = await pluginService.getPlugin("tinymce-plugin");
|
|
9938
9938
|
tinymceSettings = tinymcePlugin2?.settings;
|
|
9939
9939
|
}
|
|
9940
9940
|
const quillEnabled = await isPluginActive2(db, "quill-editor");
|
|
9941
9941
|
let quillSettings;
|
|
9942
9942
|
if (quillEnabled) {
|
|
9943
|
-
const pluginService = new
|
|
9943
|
+
const pluginService = new chunk56PLLVDG_cjs.PluginService(db);
|
|
9944
9944
|
const quillPlugin = await pluginService.getPlugin("quill-editor");
|
|
9945
9945
|
quillSettings = quillPlugin?.settings;
|
|
9946
9946
|
}
|
|
9947
9947
|
const mdxeditorEnabled = await isPluginActive2(db, "easy-mdx");
|
|
9948
9948
|
let mdxeditorSettings;
|
|
9949
9949
|
if (mdxeditorEnabled) {
|
|
9950
|
-
const pluginService = new
|
|
9950
|
+
const pluginService = new chunk56PLLVDG_cjs.PluginService(db);
|
|
9951
9951
|
const mdxeditorPlugin = await pluginService.getPlugin("easy-mdx");
|
|
9952
9952
|
mdxeditorSettings = mdxeditorPlugin?.settings;
|
|
9953
9953
|
}
|
|
@@ -10038,21 +10038,21 @@ adminContentRoutes.get("/:id/edit", async (c) => {
|
|
|
10038
10038
|
const tinymceEnabled = await isPluginActive2(db, "tinymce-plugin");
|
|
10039
10039
|
let tinymceSettings;
|
|
10040
10040
|
if (tinymceEnabled) {
|
|
10041
|
-
const pluginService = new
|
|
10041
|
+
const pluginService = new chunk56PLLVDG_cjs.PluginService(db);
|
|
10042
10042
|
const tinymcePlugin2 = await pluginService.getPlugin("tinymce-plugin");
|
|
10043
10043
|
tinymceSettings = tinymcePlugin2?.settings;
|
|
10044
10044
|
}
|
|
10045
10045
|
const quillEnabled = await isPluginActive2(db, "quill-editor");
|
|
10046
10046
|
let quillSettings;
|
|
10047
10047
|
if (quillEnabled) {
|
|
10048
|
-
const pluginService = new
|
|
10048
|
+
const pluginService = new chunk56PLLVDG_cjs.PluginService(db);
|
|
10049
10049
|
const quillPlugin = await pluginService.getPlugin("quill-editor");
|
|
10050
10050
|
quillSettings = quillPlugin?.settings;
|
|
10051
10051
|
}
|
|
10052
10052
|
const mdxeditorEnabled = await isPluginActive2(db, "easy-mdx");
|
|
10053
10053
|
let mdxeditorSettings;
|
|
10054
10054
|
if (mdxeditorEnabled) {
|
|
10055
|
-
const pluginService = new
|
|
10055
|
+
const pluginService = new chunk56PLLVDG_cjs.PluginService(db);
|
|
10056
10056
|
const mdxeditorPlugin = await pluginService.getPlugin("easy-mdx");
|
|
10057
10057
|
mdxeditorSettings = mdxeditorPlugin?.settings;
|
|
10058
10058
|
}
|
|
@@ -10347,7 +10347,7 @@ adminContentRoutes.put("/:id", async (c) => {
|
|
|
10347
10347
|
`);
|
|
10348
10348
|
}
|
|
10349
10349
|
});
|
|
10350
|
-
adminContentRoutes.post("/preview",
|
|
10350
|
+
adminContentRoutes.post("/preview", chunk3XP76LM7_cjs.requireRole(["admin", "editor", "author"]), async (c) => {
|
|
10351
10351
|
try {
|
|
10352
10352
|
const formData = await c.req.formData();
|
|
10353
10353
|
const collectionId = formData.get("collection_id");
|
|
@@ -10725,7 +10725,7 @@ adminContentRoutes.post("/:id/restore/:version", async (c) => {
|
|
|
10725
10725
|
return c.json({ success: false, error: "Failed to restore version" });
|
|
10726
10726
|
}
|
|
10727
10727
|
});
|
|
10728
|
-
adminContentRoutes.get("/:id/version/:version/preview",
|
|
10728
|
+
adminContentRoutes.get("/:id/version/:version/preview", chunk3XP76LM7_cjs.requireRole(["admin", "editor", "author"]), async (c) => {
|
|
10729
10729
|
try {
|
|
10730
10730
|
const id = c.req.param("id");
|
|
10731
10731
|
const version = parseInt(c.req.param("version") || "0");
|
|
@@ -12724,14 +12724,14 @@ function renderUsersListPage(data) {
|
|
|
12724
12724
|
|
|
12725
12725
|
// src/routes/admin-users.ts
|
|
12726
12726
|
var userRoutes = new hono.Hono();
|
|
12727
|
-
userRoutes.use("*",
|
|
12728
|
-
userRoutes.use("/users/*",
|
|
12729
|
-
userRoutes.use("/users",
|
|
12730
|
-
userRoutes.use("/invite-user",
|
|
12731
|
-
userRoutes.use("/resend-invitation/*",
|
|
12732
|
-
userRoutes.use("/cancel-invitation/*",
|
|
12733
|
-
userRoutes.use("/activity-logs",
|
|
12734
|
-
userRoutes.use("/activity-logs/*",
|
|
12727
|
+
userRoutes.use("*", chunk3XP76LM7_cjs.requireAuth());
|
|
12728
|
+
userRoutes.use("/users/*", chunk3XP76LM7_cjs.requireRole(["admin"]));
|
|
12729
|
+
userRoutes.use("/users", chunk3XP76LM7_cjs.requireRole(["admin"]));
|
|
12730
|
+
userRoutes.use("/invite-user", chunk3XP76LM7_cjs.requireRole(["admin"]));
|
|
12731
|
+
userRoutes.use("/resend-invitation/*", chunk3XP76LM7_cjs.requireRole(["admin"]));
|
|
12732
|
+
userRoutes.use("/cancel-invitation/*", chunk3XP76LM7_cjs.requireRole(["admin"]));
|
|
12733
|
+
userRoutes.use("/activity-logs", chunk3XP76LM7_cjs.requireRole(["admin"]));
|
|
12734
|
+
userRoutes.use("/activity-logs/*", chunk3XP76LM7_cjs.requireRole(["admin"]));
|
|
12735
12735
|
userRoutes.get("/", (c) => {
|
|
12736
12736
|
return c.redirect("/admin/dashboard");
|
|
12737
12737
|
});
|
|
@@ -12901,7 +12901,7 @@ userRoutes.put("/profile", async (c) => {
|
|
|
12901
12901
|
}
|
|
12902
12902
|
await saveCustomData(db, user.userId, sanitized);
|
|
12903
12903
|
}
|
|
12904
|
-
await
|
|
12904
|
+
await chunk3XP76LM7_cjs.logActivity(
|
|
12905
12905
|
db,
|
|
12906
12906
|
user.userId,
|
|
12907
12907
|
"profile.update",
|
|
@@ -12964,7 +12964,7 @@ userRoutes.post("/profile/avatar", async (c) => {
|
|
|
12964
12964
|
SELECT first_name, last_name FROM users WHERE id = ?
|
|
12965
12965
|
`);
|
|
12966
12966
|
const userData = await userStmt.bind(user.userId).first();
|
|
12967
|
-
await
|
|
12967
|
+
await chunk3XP76LM7_cjs.logActivity(
|
|
12968
12968
|
db,
|
|
12969
12969
|
user.userId,
|
|
12970
12970
|
"profile.avatar_update",
|
|
@@ -13035,7 +13035,7 @@ userRoutes.post("/profile/password", async (c) => {
|
|
|
13035
13035
|
dismissible: true
|
|
13036
13036
|
}));
|
|
13037
13037
|
}
|
|
13038
|
-
const validPassword = await
|
|
13038
|
+
const validPassword = await chunk3XP76LM7_cjs.AuthManager.verifyPassword(currentPassword, userData.password_hash);
|
|
13039
13039
|
if (!validPassword) {
|
|
13040
13040
|
return c.html(renderAlert2({
|
|
13041
13041
|
type: "error",
|
|
@@ -13043,7 +13043,7 @@ userRoutes.post("/profile/password", async (c) => {
|
|
|
13043
13043
|
dismissible: true
|
|
13044
13044
|
}));
|
|
13045
13045
|
}
|
|
13046
|
-
const newPasswordHash = await
|
|
13046
|
+
const newPasswordHash = await chunk3XP76LM7_cjs.AuthManager.hashPassword(newPassword);
|
|
13047
13047
|
const historyStmt = db.prepare(`
|
|
13048
13048
|
INSERT INTO password_history (id, user_id, password_hash, created_at)
|
|
13049
13049
|
VALUES (?, ?, ?, ?)
|
|
@@ -13059,7 +13059,7 @@ userRoutes.post("/profile/password", async (c) => {
|
|
|
13059
13059
|
WHERE id = ?
|
|
13060
13060
|
`);
|
|
13061
13061
|
await updateStmt.bind(newPasswordHash, Date.now(), user.userId).run();
|
|
13062
|
-
await
|
|
13062
|
+
await chunk3XP76LM7_cjs.logActivity(
|
|
13063
13063
|
db,
|
|
13064
13064
|
user.userId,
|
|
13065
13065
|
"profile.password_change",
|
|
@@ -13126,7 +13126,7 @@ userRoutes.get("/users", async (c) => {
|
|
|
13126
13126
|
`);
|
|
13127
13127
|
const countResult = await countStmt.bind(...params).first();
|
|
13128
13128
|
const totalUsers = countResult?.total || 0;
|
|
13129
|
-
await
|
|
13129
|
+
await chunk3XP76LM7_cjs.logActivity(
|
|
13130
13130
|
db,
|
|
13131
13131
|
user.userId,
|
|
13132
13132
|
"users.list_view",
|
|
@@ -13284,7 +13284,7 @@ userRoutes.post("/users/new", async (c) => {
|
|
|
13284
13284
|
dismissible: true
|
|
13285
13285
|
}));
|
|
13286
13286
|
}
|
|
13287
|
-
const passwordHash = await
|
|
13287
|
+
const passwordHash = await chunk3XP76LM7_cjs.AuthManager.hashPassword(password);
|
|
13288
13288
|
const userId = crypto.randomUUID();
|
|
13289
13289
|
const createStmt = db.prepare(`
|
|
13290
13290
|
INSERT INTO users (
|
|
@@ -13307,7 +13307,7 @@ userRoutes.post("/users/new", async (c) => {
|
|
|
13307
13307
|
Date.now(),
|
|
13308
13308
|
Date.now()
|
|
13309
13309
|
).run();
|
|
13310
|
-
await
|
|
13310
|
+
await chunk3XP76LM7_cjs.logActivity(
|
|
13311
13311
|
db,
|
|
13312
13312
|
user.userId,
|
|
13313
13313
|
"user!.create",
|
|
@@ -13346,7 +13346,7 @@ userRoutes.get("/users/:id", async (c) => {
|
|
|
13346
13346
|
if (!userRecord) {
|
|
13347
13347
|
return c.json({ error: "User not found" }, 404);
|
|
13348
13348
|
}
|
|
13349
|
-
await
|
|
13349
|
+
await chunk3XP76LM7_cjs.logActivity(
|
|
13350
13350
|
db,
|
|
13351
13351
|
user.userId,
|
|
13352
13352
|
"user!.view",
|
|
@@ -13572,7 +13572,7 @@ userRoutes.put("/users/:id", async (c) => {
|
|
|
13572
13572
|
userId
|
|
13573
13573
|
).run();
|
|
13574
13574
|
if (newPassword) {
|
|
13575
|
-
const passwordHash = await
|
|
13575
|
+
const passwordHash = await chunk3XP76LM7_cjs.AuthManager.hashPassword(newPassword);
|
|
13576
13576
|
const updatePasswordStmt = db.prepare(`
|
|
13577
13577
|
UPDATE users SET password_hash = ?, updated_at = ? WHERE id = ?
|
|
13578
13578
|
`);
|
|
@@ -13626,7 +13626,7 @@ userRoutes.put("/users/:id", async (c) => {
|
|
|
13626
13626
|
).run();
|
|
13627
13627
|
}
|
|
13628
13628
|
}
|
|
13629
|
-
await
|
|
13629
|
+
await chunk3XP76LM7_cjs.logActivity(
|
|
13630
13630
|
db,
|
|
13631
13631
|
user.userId,
|
|
13632
13632
|
"user.update",
|
|
@@ -13671,7 +13671,7 @@ userRoutes.post("/users/:id/toggle", async (c) => {
|
|
|
13671
13671
|
UPDATE users SET is_active = ?, updated_at = ? WHERE id = ?
|
|
13672
13672
|
`);
|
|
13673
13673
|
await toggleStmt.bind(active ? 1 : 0, Date.now(), userId).run();
|
|
13674
|
-
await
|
|
13674
|
+
await chunk3XP76LM7_cjs.logActivity(
|
|
13675
13675
|
db,
|
|
13676
13676
|
user.userId,
|
|
13677
13677
|
active ? "user.activate" : "user.deactivate",
|
|
@@ -13712,7 +13712,7 @@ userRoutes.delete("/users/:id", async (c) => {
|
|
|
13712
13712
|
DELETE FROM users WHERE id = ?
|
|
13713
13713
|
`);
|
|
13714
13714
|
await deleteStmt.bind(userId).run();
|
|
13715
|
-
await
|
|
13715
|
+
await chunk3XP76LM7_cjs.logActivity(
|
|
13716
13716
|
db,
|
|
13717
13717
|
user.userId,
|
|
13718
13718
|
"user!.hard_delete",
|
|
@@ -13731,7 +13731,7 @@ userRoutes.delete("/users/:id", async (c) => {
|
|
|
13731
13731
|
UPDATE users SET is_active = 0, updated_at = ? WHERE id = ?
|
|
13732
13732
|
`);
|
|
13733
13733
|
await deleteStmt.bind(Date.now(), userId).run();
|
|
13734
|
-
await
|
|
13734
|
+
await chunk3XP76LM7_cjs.logActivity(
|
|
13735
13735
|
db,
|
|
13736
13736
|
user.userId,
|
|
13737
13737
|
"user!.soft_delete",
|
|
@@ -13797,7 +13797,7 @@ userRoutes.post("/invite-user", async (c) => {
|
|
|
13797
13797
|
Date.now(),
|
|
13798
13798
|
Date.now()
|
|
13799
13799
|
).run();
|
|
13800
|
-
await
|
|
13800
|
+
await chunk3XP76LM7_cjs.logActivity(
|
|
13801
13801
|
db,
|
|
13802
13802
|
user.userId,
|
|
13803
13803
|
"user!.invite_sent",
|
|
@@ -13854,7 +13854,7 @@ userRoutes.post("/resend-invitation/:id", async (c) => {
|
|
|
13854
13854
|
Date.now(),
|
|
13855
13855
|
userId
|
|
13856
13856
|
).run();
|
|
13857
|
-
await
|
|
13857
|
+
await chunk3XP76LM7_cjs.logActivity(
|
|
13858
13858
|
db,
|
|
13859
13859
|
user.userId,
|
|
13860
13860
|
"user!.invitation_resent",
|
|
@@ -13890,7 +13890,7 @@ userRoutes.delete("/cancel-invitation/:id", async (c) => {
|
|
|
13890
13890
|
}
|
|
13891
13891
|
const deleteStmt = db.prepare(`DELETE FROM users WHERE id = ?`);
|
|
13892
13892
|
await deleteStmt.bind(userId).run();
|
|
13893
|
-
await
|
|
13893
|
+
await chunk3XP76LM7_cjs.logActivity(
|
|
13894
13894
|
db,
|
|
13895
13895
|
user.userId,
|
|
13896
13896
|
"user!.invitation_cancelled",
|
|
@@ -13973,7 +13973,7 @@ userRoutes.get("/activity-logs", async (c) => {
|
|
|
13973
13973
|
...log,
|
|
13974
13974
|
details: log.details ? JSON.parse(log.details) : null
|
|
13975
13975
|
}));
|
|
13976
|
-
await
|
|
13976
|
+
await chunk3XP76LM7_cjs.logActivity(
|
|
13977
13977
|
db,
|
|
13978
13978
|
user.userId,
|
|
13979
13979
|
"activity.logs_viewed",
|
|
@@ -14080,7 +14080,7 @@ userRoutes.get("/activity-logs/export", async (c) => {
|
|
|
14080
14080
|
csvRows.push(row.join(","));
|
|
14081
14081
|
}
|
|
14082
14082
|
const csvContent = csvRows.join("\n");
|
|
14083
|
-
await
|
|
14083
|
+
await chunk3XP76LM7_cjs.logActivity(
|
|
14084
14084
|
db,
|
|
14085
14085
|
user.userId,
|
|
14086
14086
|
"activity.logs_exported",
|
|
@@ -15419,7 +15419,7 @@ var fileValidationSchema2 = zod.z.object({
|
|
|
15419
15419
|
// 50MB max
|
|
15420
15420
|
});
|
|
15421
15421
|
var adminMediaRoutes = new hono.Hono();
|
|
15422
|
-
adminMediaRoutes.use("*",
|
|
15422
|
+
adminMediaRoutes.use("*", chunk3XP76LM7_cjs.requireAuth());
|
|
15423
15423
|
adminMediaRoutes.get("/", async (c) => {
|
|
15424
15424
|
try {
|
|
15425
15425
|
const user = c.get("user");
|
|
@@ -16005,7 +16005,7 @@ adminMediaRoutes.put("/:id", async (c) => {
|
|
|
16005
16005
|
`);
|
|
16006
16006
|
}
|
|
16007
16007
|
});
|
|
16008
|
-
adminMediaRoutes.delete("/cleanup",
|
|
16008
|
+
adminMediaRoutes.delete("/cleanup", chunk3XP76LM7_cjs.requireRole("admin"), async (c) => {
|
|
16009
16009
|
try {
|
|
16010
16010
|
const db = c.env.DB;
|
|
16011
16011
|
const allMediaStmt = db.prepare("SELECT id, r2_key, filename FROM media WHERE deleted_at IS NULL");
|
|
@@ -17733,6 +17733,13 @@ function renderOTPLoginSettingsContent(plugin, settings) {
|
|
|
17733
17733
|
const rateLimitPerHour = settings.rateLimitPerHour || 5;
|
|
17734
17734
|
const allowNewUserRegistration = settings.allowNewUserRegistration || false;
|
|
17735
17735
|
const logoUrl = settings.logoUrl || "";
|
|
17736
|
+
const logoWidth = Number(settings.logoWidth) || 150;
|
|
17737
|
+
const logoBorderWidth = Number(settings.logoBorderWidth) || 0;
|
|
17738
|
+
const logoBorderColor = settings.logoBorderColor || "#ffffff";
|
|
17739
|
+
const loginUrl = settings.loginUrl || "";
|
|
17740
|
+
const loginButtonText = settings.loginButtonText || "";
|
|
17741
|
+
const previewButtonText = loginButtonText.trim() || `Sign in to ${siteName}`;
|
|
17742
|
+
const previewLogoBorder = logoBorderWidth > 0 && logoBorderColor ? `border: ${logoBorderWidth}px solid ${escapeHtmlAttr(logoBorderColor)}; border-radius: 8px;` : "";
|
|
17736
17743
|
return `
|
|
17737
17744
|
<div class="space-y-6">
|
|
17738
17745
|
<!-- Test OTP Section -->
|
|
@@ -17823,6 +17830,109 @@ function renderOTPLoginSettingsContent(plugin, settings) {
|
|
|
17823
17830
|
<h3 class="text-lg font-semibold text-white mb-4">Code Settings</h3>
|
|
17824
17831
|
|
|
17825
17832
|
<form id="settings-form" class="space-y-4">
|
|
17833
|
+
<div>
|
|
17834
|
+
<label for="setting_logoUrl" class="block text-sm font-medium text-gray-300 mb-2">
|
|
17835
|
+
Logo URL
|
|
17836
|
+
</label>
|
|
17837
|
+
<input
|
|
17838
|
+
type="url"
|
|
17839
|
+
id="setting_logoUrl"
|
|
17840
|
+
name="setting_logoUrl"
|
|
17841
|
+
value="${escapeHtmlAttr(logoUrl)}"
|
|
17842
|
+
placeholder="https://yourdomain.com/logo.png"
|
|
17843
|
+
class="w-full px-3 py-2 rounded-lg bg-white/5 border border-white/10 focus:border-blue-500 focus:outline-none text-white"
|
|
17844
|
+
/>
|
|
17845
|
+
<p class="text-xs text-gray-500 mt-1">Optional. Displayed at the top of the OTP email.</p>
|
|
17846
|
+
</div>
|
|
17847
|
+
|
|
17848
|
+
<div class="grid grid-cols-1 md:grid-cols-3 gap-4">
|
|
17849
|
+
<div>
|
|
17850
|
+
<label for="setting_logoWidth" class="block text-sm font-medium text-gray-300 mb-2">
|
|
17851
|
+
Logo Width (px)
|
|
17852
|
+
</label>
|
|
17853
|
+
<input
|
|
17854
|
+
type="number"
|
|
17855
|
+
id="setting_logoWidth"
|
|
17856
|
+
name="setting_logoWidth"
|
|
17857
|
+
min="20"
|
|
17858
|
+
max="600"
|
|
17859
|
+
value="${logoWidth}"
|
|
17860
|
+
class="w-full px-3 py-2 rounded-lg bg-white/5 border border-white/10 focus:border-blue-500 focus:outline-none text-white"
|
|
17861
|
+
/>
|
|
17862
|
+
<p class="text-xs text-gray-500 mt-1">Max width of the logo (20-600).</p>
|
|
17863
|
+
</div>
|
|
17864
|
+
|
|
17865
|
+
<div>
|
|
17866
|
+
<label for="setting_logoBorderWidth" class="block text-sm font-medium text-gray-300 mb-2">
|
|
17867
|
+
Border Thickness (px)
|
|
17868
|
+
</label>
|
|
17869
|
+
<input
|
|
17870
|
+
type="number"
|
|
17871
|
+
id="setting_logoBorderWidth"
|
|
17872
|
+
name="setting_logoBorderWidth"
|
|
17873
|
+
min="0"
|
|
17874
|
+
max="20"
|
|
17875
|
+
value="${logoBorderWidth}"
|
|
17876
|
+
class="w-full px-3 py-2 rounded-lg bg-white/5 border border-white/10 focus:border-blue-500 focus:outline-none text-white"
|
|
17877
|
+
/>
|
|
17878
|
+
<p class="text-xs text-gray-500 mt-1">0 disables the border.</p>
|
|
17879
|
+
</div>
|
|
17880
|
+
|
|
17881
|
+
<div>
|
|
17882
|
+
<label for="setting_logoBorderColor" class="block text-sm font-medium text-gray-300 mb-2">
|
|
17883
|
+
Border Color
|
|
17884
|
+
</label>
|
|
17885
|
+
<div class="flex gap-2">
|
|
17886
|
+
<input
|
|
17887
|
+
type="color"
|
|
17888
|
+
id="setting_logoBorderColor_picker"
|
|
17889
|
+
value="${escapeHtmlAttr(/^#[0-9a-fA-F]{6}$/.test(logoBorderColor) ? logoBorderColor : "#ffffff")}"
|
|
17890
|
+
oninput="document.getElementById('setting_logoBorderColor').value = this.value"
|
|
17891
|
+
class="w-12 h-10 rounded-lg bg-white/5 border border-white/10 cursor-pointer"
|
|
17892
|
+
/>
|
|
17893
|
+
<input
|
|
17894
|
+
type="text"
|
|
17895
|
+
id="setting_logoBorderColor"
|
|
17896
|
+
name="setting_logoBorderColor"
|
|
17897
|
+
value="${escapeHtmlAttr(logoBorderColor)}"
|
|
17898
|
+
placeholder="#ffffff"
|
|
17899
|
+
class="flex-1 px-3 py-2 rounded-lg bg-white/5 border border-white/10 focus:border-blue-500 focus:outline-none text-white"
|
|
17900
|
+
/>
|
|
17901
|
+
</div>
|
|
17902
|
+
<p class="text-xs text-gray-500 mt-1">Hex, rgb(), or named color.</p>
|
|
17903
|
+
</div>
|
|
17904
|
+
</div>
|
|
17905
|
+
|
|
17906
|
+
<div>
|
|
17907
|
+
<label for="setting_loginUrl" class="block text-sm font-medium text-gray-300 mb-2">
|
|
17908
|
+
Login URL
|
|
17909
|
+
</label>
|
|
17910
|
+
<input
|
|
17911
|
+
type="url"
|
|
17912
|
+
id="setting_loginUrl"
|
|
17913
|
+
name="setting_loginUrl"
|
|
17914
|
+
value="${escapeHtmlAttr(loginUrl)}"
|
|
17915
|
+
placeholder="https://yourdomain.com/login"
|
|
17916
|
+
class="w-full px-3 py-2 rounded-lg bg-white/5 border border-white/10 focus:border-blue-500 focus:outline-none text-white"
|
|
17917
|
+
/>
|
|
17918
|
+
<p class="text-xs text-gray-500 mt-1">Optional. If set, a "Sign in" button is added to the email.</p>
|
|
17919
|
+
</div>
|
|
17920
|
+
|
|
17921
|
+
<div>
|
|
17922
|
+
<label for="setting_loginButtonText" class="block text-sm font-medium text-gray-300 mb-2">
|
|
17923
|
+
Login Button Text
|
|
17924
|
+
</label>
|
|
17925
|
+
<input
|
|
17926
|
+
type="text"
|
|
17927
|
+
id="setting_loginButtonText"
|
|
17928
|
+
name="setting_loginButtonText"
|
|
17929
|
+
value="${escapeHtmlAttr(loginButtonText)}"
|
|
17930
|
+
placeholder="Sign in to ${escapeHtmlAttr(siteName)}"
|
|
17931
|
+
class="w-full px-3 py-2 rounded-lg bg-white/5 border border-white/10 focus:border-blue-500 focus:outline-none text-white"
|
|
17932
|
+
/>
|
|
17933
|
+
<p class="text-xs text-gray-500 mt-1">Optional. Defaults to "Sign in to ${siteName}".</p>
|
|
17934
|
+
</div>
|
|
17935
|
+
|
|
17826
17936
|
<div class="grid grid-cols-1 md:grid-cols-2 gap-4">
|
|
17827
17937
|
<div>
|
|
17828
17938
|
<label for="setting_codeLength" class="block text-sm font-medium text-gray-300 mb-2">
|
|
@@ -17916,7 +18026,7 @@ function renderOTPLoginSettingsContent(plugin, settings) {
|
|
|
17916
18026
|
|
|
17917
18027
|
<div class="bg-white rounded-lg overflow-hidden shadow-lg">
|
|
17918
18028
|
<div style="background: linear-gradient(135deg, #667eea 0%, #764ba2 100%); color: white; padding: 30px 20px; text-align: center;">
|
|
17919
|
-
${logoUrl ? `<img src="${logoUrl}" alt="Logo" style="max-width:
|
|
18029
|
+
${logoUrl ? `<img src="${escapeHtmlAttr(logoUrl)}" alt="Logo" style="max-width: ${logoWidth}px; width: 100%; height: auto; margin: 0 auto 16px; ${previewLogoBorder}">` : ""}
|
|
17920
18030
|
<h3 style="margin: 0 0 8px 0; font-size: 24px; font-weight: 600;">Your Login Code</h3>
|
|
17921
18031
|
<p style="margin: 0; opacity: 0.95; font-size: 14px;">Enter this code to sign in to ${siteName}</p>
|
|
17922
18032
|
</div>
|
|
@@ -17928,6 +18038,14 @@ function renderOTPLoginSettingsContent(plugin, settings) {
|
|
|
17928
18038
|
</div>
|
|
17929
18039
|
</div>
|
|
17930
18040
|
|
|
18041
|
+
${loginUrl ? `
|
|
18042
|
+
<div style="text-align: center; margin: 0 0 20px 0;">
|
|
18043
|
+
<a href="${escapeHtmlAttr(loginUrl)}" style="display: inline-block; background: linear-gradient(135deg, #667eea 0%, #764ba2 100%); color: white; text-decoration: none; padding: 12px 28px; border-radius: 6px; font-weight: 600; font-size: 14px;">
|
|
18044
|
+
${escapeHtmlAttr(previewButtonText)}
|
|
18045
|
+
</a>
|
|
18046
|
+
</div>
|
|
18047
|
+
` : ""}
|
|
18048
|
+
|
|
17931
18049
|
<div style="background: #fff3cd; border-left: 4px solid #ffc107; padding: 12px 16px; margin: 0 0 20px 0; border-radius: 4px;">
|
|
17932
18050
|
<p style="margin: 0; font-size: 13px; color: #856404;">
|
|
17933
18051
|
<strong>\u26A0\uFE0F This code expires in ${codeExpiryMinutes} minutes</strong>
|
|
@@ -18230,8 +18348,8 @@ function renderEmailSettingsContent(plugin, settings) {
|
|
|
18230
18348
|
|
|
18231
18349
|
// src/routes/admin-plugins.ts
|
|
18232
18350
|
var adminPluginRoutes = new hono.Hono();
|
|
18233
|
-
adminPluginRoutes.use("*",
|
|
18234
|
-
var AVAILABLE_PLUGINS = Object.values(
|
|
18351
|
+
adminPluginRoutes.use("*", chunk3XP76LM7_cjs.requireAuth());
|
|
18352
|
+
var AVAILABLE_PLUGINS = Object.values(chunk56PLLVDG_cjs.PLUGIN_REGISTRY).map((p) => ({
|
|
18235
18353
|
id: p.id,
|
|
18236
18354
|
name: p.codeName,
|
|
18237
18355
|
display_name: p.displayName,
|
|
@@ -18251,7 +18369,7 @@ adminPluginRoutes.get("/", async (c) => {
|
|
|
18251
18369
|
if (user?.role !== "admin") {
|
|
18252
18370
|
return c.text("Access denied", 403);
|
|
18253
18371
|
}
|
|
18254
|
-
const pluginService = new
|
|
18372
|
+
const pluginService = new chunk56PLLVDG_cjs.PluginService(db);
|
|
18255
18373
|
let installedPlugins = [];
|
|
18256
18374
|
let stats = { total: 0, active: 0, inactive: 0, errors: 0, uninstalled: 0 };
|
|
18257
18375
|
try {
|
|
@@ -18323,7 +18441,7 @@ adminPluginRoutes.get("/:id", async (c) => {
|
|
|
18323
18441
|
if (user?.role !== "admin") {
|
|
18324
18442
|
return c.redirect("/admin/plugins");
|
|
18325
18443
|
}
|
|
18326
|
-
const pluginService = new
|
|
18444
|
+
const pluginService = new chunk56PLLVDG_cjs.PluginService(db);
|
|
18327
18445
|
const plugin = await pluginService.getPlugin(pluginId);
|
|
18328
18446
|
if (!plugin) {
|
|
18329
18447
|
return c.text("Plugin not found", 404);
|
|
@@ -18399,7 +18517,7 @@ adminPluginRoutes.post("/:id/activate", async (c) => {
|
|
|
18399
18517
|
if (user?.role !== "admin") {
|
|
18400
18518
|
return c.json({ error: "Access denied" }, 403);
|
|
18401
18519
|
}
|
|
18402
|
-
const pluginService = new
|
|
18520
|
+
const pluginService = new chunk56PLLVDG_cjs.PluginService(db);
|
|
18403
18521
|
await pluginService.activatePlugin(pluginId);
|
|
18404
18522
|
return c.json({ success: true });
|
|
18405
18523
|
} catch (error) {
|
|
@@ -18416,7 +18534,7 @@ adminPluginRoutes.post("/:id/deactivate", async (c) => {
|
|
|
18416
18534
|
if (user?.role !== "admin") {
|
|
18417
18535
|
return c.json({ error: "Access denied" }, 403);
|
|
18418
18536
|
}
|
|
18419
|
-
const pluginService = new
|
|
18537
|
+
const pluginService = new chunk56PLLVDG_cjs.PluginService(db);
|
|
18420
18538
|
await pluginService.deactivatePlugin(pluginId);
|
|
18421
18539
|
return c.json({ success: true });
|
|
18422
18540
|
} catch (error) {
|
|
@@ -18433,8 +18551,8 @@ adminPluginRoutes.post("/install", async (c) => {
|
|
|
18433
18551
|
return c.json({ error: "Access denied" }, 403);
|
|
18434
18552
|
}
|
|
18435
18553
|
const body = await c.req.json();
|
|
18436
|
-
const pluginService = new
|
|
18437
|
-
const registryEntry =
|
|
18554
|
+
const pluginService = new chunk56PLLVDG_cjs.PluginService(db);
|
|
18555
|
+
const registryEntry = chunk56PLLVDG_cjs.findPluginByCodeName(body.name) || chunk56PLLVDG_cjs.PLUGIN_REGISTRY[body.name] || chunk56PLLVDG_cjs.PLUGIN_REGISTRY[body.id];
|
|
18438
18556
|
if (!registryEntry) {
|
|
18439
18557
|
return c.json({ error: "Plugin not found in registry" }, 404);
|
|
18440
18558
|
}
|
|
@@ -18467,7 +18585,7 @@ adminPluginRoutes.post("/:id/uninstall", async (c) => {
|
|
|
18467
18585
|
if (user?.role !== "admin") {
|
|
18468
18586
|
return c.json({ error: "Access denied" }, 403);
|
|
18469
18587
|
}
|
|
18470
|
-
const pluginService = new
|
|
18588
|
+
const pluginService = new chunk56PLLVDG_cjs.PluginService(db);
|
|
18471
18589
|
await pluginService.uninstallPlugin(pluginId);
|
|
18472
18590
|
return c.json({ success: true });
|
|
18473
18591
|
} catch (error) {
|
|
@@ -18485,7 +18603,7 @@ adminPluginRoutes.post("/:id/settings", async (c) => {
|
|
|
18485
18603
|
return c.json({ error: "Access denied" }, 403);
|
|
18486
18604
|
}
|
|
18487
18605
|
const settings = await c.req.json();
|
|
18488
|
-
const pluginService = new
|
|
18606
|
+
const pluginService = new chunk56PLLVDG_cjs.PluginService(db);
|
|
18489
18607
|
await pluginService.updatePluginSettings(pluginId, settings);
|
|
18490
18608
|
if (pluginId === "core-auth") {
|
|
18491
18609
|
try {
|
|
@@ -19293,7 +19411,7 @@ function renderLogConfigPage(data) {
|
|
|
19293
19411
|
|
|
19294
19412
|
// src/routes/admin-logs.ts
|
|
19295
19413
|
var adminLogsRoutes = new hono.Hono();
|
|
19296
|
-
adminLogsRoutes.use("*",
|
|
19414
|
+
adminLogsRoutes.use("*", chunk3XP76LM7_cjs.requireAuth());
|
|
19297
19415
|
adminLogsRoutes.get("/", async (c) => {
|
|
19298
19416
|
try {
|
|
19299
19417
|
const user = c.get("user");
|
|
@@ -21621,9 +21739,9 @@ function renderStorageUsage(databaseSizeBytes, mediaSizeBytes) {
|
|
|
21621
21739
|
}
|
|
21622
21740
|
|
|
21623
21741
|
// src/routes/admin-dashboard.ts
|
|
21624
|
-
var VERSION =
|
|
21742
|
+
var VERSION = chunk74BFRAQS_cjs.getCoreVersion();
|
|
21625
21743
|
var router = new hono.Hono();
|
|
21626
|
-
router.use("*",
|
|
21744
|
+
router.use("*", chunk3XP76LM7_cjs.requireAuth());
|
|
21627
21745
|
router.get("/", async (c) => {
|
|
21628
21746
|
const user = c.get("user");
|
|
21629
21747
|
try {
|
|
@@ -23442,10 +23560,10 @@ function renderCollectionFormPage(data) {
|
|
|
23442
23560
|
|
|
23443
23561
|
// src/routes/admin-collections.ts
|
|
23444
23562
|
var adminCollectionsRoutes = new hono.Hono();
|
|
23445
|
-
adminCollectionsRoutes.use("*",
|
|
23446
|
-
adminCollectionsRoutes.post("*",
|
|
23447
|
-
adminCollectionsRoutes.put("*",
|
|
23448
|
-
adminCollectionsRoutes.delete("*",
|
|
23563
|
+
adminCollectionsRoutes.use("*", chunk3XP76LM7_cjs.requireAuth());
|
|
23564
|
+
adminCollectionsRoutes.post("*", chunk3XP76LM7_cjs.requireRole(["admin"]));
|
|
23565
|
+
adminCollectionsRoutes.put("*", chunk3XP76LM7_cjs.requireRole(["admin"]));
|
|
23566
|
+
adminCollectionsRoutes.delete("*", chunk3XP76LM7_cjs.requireRole(["admin"]));
|
|
23449
23567
|
adminCollectionsRoutes.get("/", async (c) => {
|
|
23450
23568
|
try {
|
|
23451
23569
|
const user = c.get("user");
|
|
@@ -25740,7 +25858,7 @@ function renderDatabaseToolsSettings(settings) {
|
|
|
25740
25858
|
|
|
25741
25859
|
// src/routes/admin-settings.ts
|
|
25742
25860
|
var adminSettingsRoutes = new hono.Hono();
|
|
25743
|
-
adminSettingsRoutes.use("*",
|
|
25861
|
+
adminSettingsRoutes.use("*", chunk3XP76LM7_cjs.requireAuth());
|
|
25744
25862
|
function getMockSettings(user) {
|
|
25745
25863
|
return {
|
|
25746
25864
|
general: {
|
|
@@ -25917,7 +26035,7 @@ adminSettingsRoutes.get("/database-tools", (c) => {
|
|
|
25917
26035
|
adminSettingsRoutes.get("/api/migrations/status", async (c) => {
|
|
25918
26036
|
try {
|
|
25919
26037
|
const db = c.env.DB;
|
|
25920
|
-
const migrationService = new
|
|
26038
|
+
const migrationService = new chunkDAESIIWY_cjs.MigrationService(db);
|
|
25921
26039
|
const status = await migrationService.getMigrationStatus();
|
|
25922
26040
|
return c.json({
|
|
25923
26041
|
success: true,
|
|
@@ -25941,7 +26059,7 @@ adminSettingsRoutes.post("/api/migrations/run", async (c) => {
|
|
|
25941
26059
|
}, 403);
|
|
25942
26060
|
}
|
|
25943
26061
|
const db = c.env.DB;
|
|
25944
|
-
const migrationService = new
|
|
26062
|
+
const migrationService = new chunkDAESIIWY_cjs.MigrationService(db);
|
|
25945
26063
|
const result = await migrationService.runPendingMigrations();
|
|
25946
26064
|
return c.json({
|
|
25947
26065
|
success: result.success,
|
|
@@ -25959,7 +26077,7 @@ adminSettingsRoutes.post("/api/migrations/run", async (c) => {
|
|
|
25959
26077
|
adminSettingsRoutes.get("/api/migrations/validate", async (c) => {
|
|
25960
26078
|
try {
|
|
25961
26079
|
const db = c.env.DB;
|
|
25962
|
-
const migrationService = new
|
|
26080
|
+
const migrationService = new chunkDAESIIWY_cjs.MigrationService(db);
|
|
25963
26081
|
const validation = await migrationService.validateSchema();
|
|
25964
26082
|
return c.json({
|
|
25965
26083
|
success: true,
|
|
@@ -27898,7 +28016,7 @@ function renderFormCreatePage(data) {
|
|
|
27898
28016
|
|
|
27899
28017
|
// src/routes/admin-forms.ts
|
|
27900
28018
|
var adminFormsRoutes = new hono.Hono();
|
|
27901
|
-
adminFormsRoutes.use("*",
|
|
28019
|
+
adminFormsRoutes.use("*", chunk3XP76LM7_cjs.requireAuth());
|
|
27902
28020
|
adminFormsRoutes.get("/", async (c) => {
|
|
27903
28021
|
try {
|
|
27904
28022
|
const user = c.get("user");
|
|
@@ -28703,7 +28821,7 @@ publicFormsRoutes.post("/:identifier/submit", async (c) => {
|
|
|
28703
28821
|
`).bind(now, form.id).run();
|
|
28704
28822
|
let contentId = null;
|
|
28705
28823
|
try {
|
|
28706
|
-
contentId = await
|
|
28824
|
+
contentId = await chunk56PLLVDG_cjs.createContentFromSubmission(
|
|
28707
28825
|
db,
|
|
28708
28826
|
sanitizedData,
|
|
28709
28827
|
{ id: form.id, name: form.name, display_name: form.display_name },
|
|
@@ -29071,9 +29189,9 @@ function renderAPIReferencePage(data) {
|
|
|
29071
29189
|
}
|
|
29072
29190
|
|
|
29073
29191
|
// src/routes/admin-api-reference.ts
|
|
29074
|
-
var VERSION2 =
|
|
29192
|
+
var VERSION2 = chunk74BFRAQS_cjs.getCoreVersion();
|
|
29075
29193
|
var router2 = new hono.Hono();
|
|
29076
|
-
router2.use("*",
|
|
29194
|
+
router2.use("*", chunk3XP76LM7_cjs.requireAuth());
|
|
29077
29195
|
router2.get("/", async (c) => {
|
|
29078
29196
|
const user = c.get("user");
|
|
29079
29197
|
try {
|
|
@@ -29164,5 +29282,5 @@ exports.router2 = router2;
|
|
|
29164
29282
|
exports.test_cleanup_default = test_cleanup_default;
|
|
29165
29283
|
exports.userProfilesPlugin = userProfilesPlugin;
|
|
29166
29284
|
exports.userRoutes = userRoutes;
|
|
29167
|
-
//# sourceMappingURL=chunk-
|
|
29168
|
-
//# sourceMappingURL=chunk-
|
|
29285
|
+
//# sourceMappingURL=chunk-LTJ7P7RT.cjs.map
|
|
29286
|
+
//# sourceMappingURL=chunk-LTJ7P7RT.cjs.map
|