@sonicjs-cms/core 2.18.1 → 3.0.0-beta.10

package/dist/chunk-4BTBSXMR.cjs

@@ -0,0 +1,912 @@
+'use strict';
+
+var chunkYA3TJ65D_cjs = require('./chunk-YA3TJ65D.cjs');
+var chunkYP7GW2G5_cjs = require('./chunk-YP7GW2G5.cjs');
+var d1 = require('drizzle-orm/d1');
+var drizzleOrm = require('drizzle-orm');
+var dev = require('hono/dev');
+
+var Logger = class {
+  db;
+  enabled = true;
+  configCache = /* @__PURE__ */ new Map();
+  lastConfigRefresh = 0;
+  configRefreshInterval = 6e4;
+  // 1 minute
+  constructor(database) {
+    this.db = d1.drizzle(database);
+  }
+  /**
+   * Log a debug message
+   */
+  async debug(category, message, data, context) {
+    return this.log("debug", category, message, data, context);
+  }
+  /**
+   * Log an info message
+   */
+  async info(category, message, data, context) {
+    return this.log("info", category, message, data, context);
+  }
+  /**
+   * Log a warning message
+   */
+  async warn(category, message, data, context) {
+    return this.log("warn", category, message, data, context);
+  }
+  /**
+   * Log an error message
+   */
+  async error(category, message, error, context) {
+    const errorData = error instanceof Error ? {
+      name: error.name,
+      message: error.message,
+      stack: error.stack
+    } : error;
+    return this.log("error", category, message, errorData, {
+      ...context,
+      stackTrace: error instanceof Error ? error.stack : void 0
+    });
+  }
+  /**
+   * Log a fatal message
+   */
+  async fatal(category, message, error, context) {
+    const errorData = error instanceof Error ? {
+      name: error.name,
+      message: error.message,
+      stack: error.stack
+    } : error;
+    return this.log("fatal", category, message, errorData, {
+      ...context,
+      stackTrace: error instanceof Error ? error.stack : void 0
+    });
+  }
+  /**
+   * Log an API request
+   */
+  async logRequest(method, url, statusCode, duration, context) {
+    const level = statusCode >= 500 ? "error" : statusCode >= 400 ? "warn" : "info";
+    return this.log(level, "api", `${method} ${url} - ${statusCode}`, {
+      method,
+      url,
+      statusCode,
+      duration
+    }, {
+      ...context,
+      method,
+      url,
+      statusCode,
+      duration
+    });
+  }
+  /**
+   * Log an authentication event
+   */
+  async logAuth(action, userId, success = true, context) {
+    const level = success ? "info" : "warn";
+    return this.log(level, "auth", `Authentication ${action}: ${success ? "success" : "failed"}`, {
+      action,
+      success,
+      userId
+    }, {
+      ...context,
+      userId,
+      tags: ["authentication", action]
+    });
+  }
+  /**
+   * Log a security event
+   */
+  async logSecurity(event, severity, context) {
+    const level = severity === "critical" ? "fatal" : severity === "high" ? "error" : "warn";
+    return this.log(level, "security", `Security event: ${event}`, {
+      event,
+      severity
+    }, {
+      ...context,
+      tags: ["security", severity]
+    });
+  }
+  /**
+   * Core logging method
+   */
+  async log(level, category, message, data, context) {
+    if (!this.enabled) return;
+    try {
+      const config = await this.getConfig(category);
+      if (!config || !config.enabled || !this.shouldLog(level, config.level)) {
+        return;
+      }
+      const logEntry = {
+        id: crypto.randomUUID(),
+        level,
+        category,
+        message,
+        data: data ? JSON.stringify(data) : null,
+        userId: context?.userId || null,
+        sessionId: context?.sessionId || null,
+        requestId: context?.requestId || null,
+        ipAddress: context?.ipAddress || null,
+        userAgent: context?.userAgent || null,
+        method: context?.method || null,
+        url: context?.url || null,
+        statusCode: context?.statusCode || null,
+        duration: context?.duration || null,
+        stackTrace: context?.stackTrace || null,
+        tags: context?.tags ? JSON.stringify(context.tags) : null,
+        source: context?.source || null,
+        createdAt: /* @__PURE__ */ new Date()
+      };
+      await this.db.insert(chunkYP7GW2G5_cjs.systemLogs).values(logEntry);
+      if (config.maxSize) {
+        await this.cleanupCategory(category, config.maxSize);
+      }
+    } catch (error) {
+      console.error("Logger error:", error);
+    }
+  }
+  /**
+   * Get logs with filtering and pagination
+   */
+  async getLogs(filter = {}) {
+    try {
+      const conditions = [];
+      if (filter.level && filter.level.length > 0) {
+        conditions.push(drizzleOrm.inArray(chunkYP7GW2G5_cjs.systemLogs.level, filter.level));
+      }
+      if (filter.category && filter.category.length > 0) {
+        conditions.push(drizzleOrm.inArray(chunkYP7GW2G5_cjs.systemLogs.category, filter.category));
+      }
+      if (filter.userId) {
+        conditions.push(drizzleOrm.eq(chunkYP7GW2G5_cjs.systemLogs.userId, filter.userId));
+      }
+      if (filter.source) {
+        conditions.push(drizzleOrm.eq(chunkYP7GW2G5_cjs.systemLogs.source, filter.source));
+      }
+      if (filter.search) {
+        conditions.push(
+          drizzleOrm.like(chunkYP7GW2G5_cjs.systemLogs.message, `%${filter.search}%`)
+        );
+      }
+      if (filter.startDate) {
+        conditions.push(drizzleOrm.gte(chunkYP7GW2G5_cjs.systemLogs.createdAt, filter.startDate));
+      }
+      if (filter.endDate) {
+        conditions.push(drizzleOrm.lte(chunkYP7GW2G5_cjs.systemLogs.createdAt, filter.endDate));
+      }
+      const whereClause = conditions.length > 0 ? drizzleOrm.and(...conditions) : void 0;
+      const totalResult = await this.db.select({ count: drizzleOrm.count() }).from(chunkYP7GW2G5_cjs.systemLogs).where(whereClause);
+      const total = totalResult[0]?.count || 0;
+      const sortColumn = filter.sortBy === "level" ? chunkYP7GW2G5_cjs.systemLogs.level : filter.sortBy === "category" ? chunkYP7GW2G5_cjs.systemLogs.category : chunkYP7GW2G5_cjs.systemLogs.createdAt;
+      const sortFn = filter.sortOrder === "asc" ? drizzleOrm.asc : drizzleOrm.desc;
+      const logs = await this.db.select().from(chunkYP7GW2G5_cjs.systemLogs).where(whereClause).orderBy(sortFn(sortColumn)).limit(filter.limit || 50).offset(filter.offset || 0);
+      return { logs, total };
+    } catch (error) {
+      console.error("Error getting logs:", error);
+      return { logs: [], total: 0 };
+    }
+  }
+  /**
+   * Get log configuration for a category
+   */
+  async getConfig(category) {
+    try {
+      const now = Date.now();
+      if (this.configCache.has(category) && now - this.lastConfigRefresh < this.configRefreshInterval) {
+        return this.configCache.get(category) || null;
+      }
+      const configs = await this.db.select().from(chunkYP7GW2G5_cjs.logConfig).where(drizzleOrm.eq(chunkYP7GW2G5_cjs.logConfig.category, category));
+      const config = configs[0] || null;
+      if (config) {
+        this.configCache.set(category, config);
+        this.lastConfigRefresh = now;
+      }
+      return config;
+    } catch (error) {
+      console.error("Error getting log config:", error);
+      return null;
+    }
+  }
+  /**
+   * Update log configuration
+   */
+  async updateConfig(category, updates) {
+    try {
+      await this.db.update(chunkYP7GW2G5_cjs.logConfig).set({
+        ...updates,
+        updatedAt: /* @__PURE__ */ new Date()
+      }).where(drizzleOrm.eq(chunkYP7GW2G5_cjs.logConfig.category, category));
+      this.configCache.delete(category);
+    } catch (error) {
+      console.error("Error updating log config:", error);
+    }
+  }
+  /**
+   * Get all log configurations
+   */
+  async getAllConfigs() {
+    try {
+      return await this.db.select().from(chunkYP7GW2G5_cjs.logConfig);
+    } catch (error) {
+      console.error("Error getting log configs:", error);
+      return [];
+    }
+  }
+  /**
+   * Clean up old logs for a category
+   */
+  async cleanupCategory(category, maxSize) {
+    try {
+      const countResult = await this.db.select({ count: drizzleOrm.count() }).from(chunkYP7GW2G5_cjs.systemLogs).where(drizzleOrm.eq(chunkYP7GW2G5_cjs.systemLogs.category, category));
+      const currentCount = countResult[0]?.count || 0;
+      if (currentCount > maxSize) {
+        const cutoffLogs = await this.db.select({ createdAt: chunkYP7GW2G5_cjs.systemLogs.createdAt }).from(chunkYP7GW2G5_cjs.systemLogs).where(drizzleOrm.eq(chunkYP7GW2G5_cjs.systemLogs.category, category)).orderBy(drizzleOrm.desc(chunkYP7GW2G5_cjs.systemLogs.createdAt)).limit(1).offset(maxSize - 1);
+        if (cutoffLogs[0]) {
+          await this.db.delete(chunkYP7GW2G5_cjs.systemLogs).where(
+            drizzleOrm.and(
+              drizzleOrm.eq(chunkYP7GW2G5_cjs.systemLogs.category, category),
+              drizzleOrm.lte(chunkYP7GW2G5_cjs.systemLogs.createdAt, cutoffLogs[0].createdAt)
+            )
+          );
+        }
+      }
+    } catch (error) {
+      console.error("Error cleaning up logs:", error);
+    }
+  }
+  /**
+   * Clean up logs based on retention policy
+   */
+  async cleanupByRetention() {
+    try {
+      const configs = await this.getAllConfigs();
+      for (const config of configs) {
+        if (config.retention > 0) {
+          const cutoffDate = /* @__PURE__ */ new Date();
+          cutoffDate.setDate(cutoffDate.getDate() - config.retention);
+          await this.db.delete(chunkYP7GW2G5_cjs.systemLogs).where(
+            drizzleOrm.and(
+              drizzleOrm.eq(chunkYP7GW2G5_cjs.systemLogs.category, config.category),
+              drizzleOrm.lte(chunkYP7GW2G5_cjs.systemLogs.createdAt, cutoffDate)
+            )
+          );
+        }
+      }
+    } catch (error) {
+      console.error("Error cleaning up logs by retention:", error);
+    }
+  }
+  /**
+   * Check if a log level should be recorded based on configuration
+   */
+  shouldLog(level, configLevel) {
+    const levels = ["debug", "info", "warn", "error", "fatal"];
+    const levelIndex = levels.indexOf(level);
+    const configLevelIndex = levels.indexOf(configLevel);
+    return levelIndex >= configLevelIndex;
+  }
+  /**
+   * Enable or disable logging
+   */
+  setEnabled(enabled) {
+    this.enabled = enabled;
+  }
+  /**
+   * Check if logging is enabled
+   */
+  isEnabled() {
+    return this.enabled;
+  }
+};
+var loggerInstance = null;
+function getLogger(database) {
+  if (!loggerInstance && database) {
+    loggerInstance = new Logger(database);
+  }
+  if (!loggerInstance) {
+    throw new Error("Logger not initialized. Call getLogger with a database instance first.");
+  }
+  return loggerInstance;
+}
+function initLogger(database) {
+  loggerInstance = new Logger(database);
+  return loggerInstance;
+}
+
+// src/services/cache.ts
+function toPluginConfig(config) {
+  return {
+    ttl: config.ttl,
+    namespace: config.keyPrefix,
+    // KV survives isolate evictions — required for the dashboard to show non-zero
+    // counts across requests in production. Falls back to memory-only when the
+    // CACHE_KV binding is missing (cache plugin handles the null case).
+    kvEnabled: true,
+    memoryEnabled: true,
+    invalidateOn: [],
+    version: "v1"
+  };
+}
+var CacheService = class {
+  config;
+  inner;
+  // Tracks expiry times so getWithSource can distinguish 'none' vs 'expired'.
+  // The plugin returns source:'miss' for both cases; we differentiate here.
+  keyExpiry = /* @__PURE__ */ new Map();
+  constructor(config) {
+    this.config = config;
+    this.inner = chunkYA3TJ65D_cjs.getCacheService(toPluginConfig(config));
+  }
+  generateKey(type, identifier) {
+    const parts = [this.config.keyPrefix, type];
+    if (identifier !== void 0 && identifier !== "") parts.push(identifier);
+    return parts.join(":");
+  }
+  async get(key) {
+    return this.inner.get(key);
+  }
+  async getWithSource(key) {
+    const result = await this.inner.getWithSource(key);
+    if (result.hit) {
+      const out = {
+        hit: true,
+        data: result.data,
+        source: result.source
+      };
+      if (result.ttl !== void 0) out.ttl = result.ttl;
+      return out;
+    }
+    const expiry = this.keyExpiry.get(key);
+    if (expiry !== void 0) {
+      this.keyExpiry.delete(key);
+      return { hit: false, data: null, source: "expired" };
+    }
+    return { hit: false, data: null, source: "none" };
+  }
+  async set(key, value, ttl) {
+    const effectiveTtl = ttl ?? this.config.ttl;
+    this.keyExpiry.set(key, Date.now() + effectiveTtl * 1e3);
+    await this.inner.set(key, value, ttl !== void 0 ? { ttl } : void 0);
+  }
+  async delete(key) {
+    this.keyExpiry.delete(key);
+    await this.inner.delete(key);
+  }
+  async invalidate(pattern) {
+    if (pattern.includes("*") || pattern.includes("?")) {
+      const regex = new RegExp("^" + pattern.replace(/\*/g, ".*").replace(/\?/g, ".") + "$");
+      for (const k of this.keyExpiry.keys()) {
+        if (regex.test(k)) this.keyExpiry.delete(k);
+      }
+    } else {
+      this.keyExpiry.delete(pattern);
+    }
+    await this.inner.invalidate(pattern);
+  }
+  async clear() {
+    this.keyExpiry.clear();
+    await this.inner.clear();
+  }
+  async getOrSet(key, callback, ttl) {
+    const cached = await this.get(key);
+    if (cached !== null) return cached;
+    const value = await callback();
+    await this.set(key, value, ttl);
+    return value;
+  }
+};
+var CACHE_CONFIGS = {
+  api: {
+    ttl: 300,
+    // 5 minutes
+    keyPrefix: "api"
+  },
+  user: {
+    ttl: 600,
+    // 10 minutes
+    keyPrefix: "user"
+  },
+  content: {
+    ttl: 300,
+    // 5 minutes
+    keyPrefix: "content"
+  },
+  collection: {
+    ttl: 600,
+    // 10 minutes
+    keyPrefix: "collection"
+  }
+};
+function getCacheService2(config) {
+  return new CacheService(config);
+}
+
+// src/services/settings.ts
+var TYPE_ID = "site_settings";
+var TENANT = "default";
+var SettingsService = class {
+  constructor(db) {
+    this.db = db;
+  }
+  /**
+   * Get settings document for a category (general or security)
+   */
+  async getSettingsDocument(category) {
+    try {
+      const row = await this.db.prepare(`
+        SELECT data FROM documents
+        WHERE type_id = ? AND slug = ? AND tenant_id = ? AND is_current_draft = 1 AND deleted_at IS NULL
+      `).bind(TYPE_ID, category, TENANT).first();
+      if (!row) {
+        return null;
+      }
+      return JSON.parse(row.data);
+    } catch (error) {
+      console.error(`Error getting settings document for ${category}:`, error);
+      return null;
+    }
+  }
+  /**
+   * Save settings document for a category (general or security)
+   */
+  async saveSettingsDocument(category, data) {
+    try {
+      const now = Math.floor(Date.now() / 1e3);
+      const jsonData = JSON.stringify(data);
+      await this.db.prepare(`
+        INSERT OR IGNORE INTO document_types (id, name, display_name, description, schema, source, is_system, is_active, created_at, updated_at)
+        VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+      `).bind(
+        TYPE_ID,
+        TYPE_ID,
+        "Site Settings",
+        "Global site configuration settings",
+        "{}",
+        "system",
+        1,
+        1,
+        now,
+        now
+      ).run();
+      const existing = await this.db.prepare(`
+        SELECT id FROM documents
+        WHERE type_id = ? AND slug = ? AND tenant_id = ? AND is_current_draft = 1 AND deleted_at IS NULL
+      `).bind(TYPE_ID, category, TENANT).first();
+      if (existing) {
+        await this.db.prepare(`
+          UPDATE documents
+          SET data = ?, updated_at = ?
+          WHERE id = ? AND is_current_draft = 1
+        `).bind(jsonData, now, existing.id).run();
+      } else {
+        const docId = crypto.randomUUID();
+        const rootId = docId;
+        const title = category === "general" ? "General Settings" : "Security Settings";
+        await this.db.prepare(`
+          INSERT INTO documents (
+            id, root_id, type_id, version_number, is_current_draft, is_published, status,
+            parent_root_id, slug, title, tenant_id, locale, translation_group_id,
+            data, metadata, created_at, updated_at
+          ) VALUES (
+            ?, ?, ?, 1, 1, 1, 'published',
+            '', ?, ?, ?, 'default', '',
+            ?, '{}', ?, ?
+          )
+        `).bind(
+          docId,
+          rootId,
+          TYPE_ID,
+          category,
+          title,
+          TENANT,
+          jsonData,
+          now,
+          now
+        ).run();
+      }
+      return true;
+    } catch (error) {
+      console.error(`Error saving settings document for ${category}:`, error);
+      return false;
+    }
+  }
+  /**
+   * Get general settings with defaults
+   */
+  async getGeneralSettings(userEmail) {
+    const settings = await this.getSettingsDocument("general");
+    return {
+      siteName: settings?.siteName || "SonicJS AI",
+      siteDescription: settings?.siteDescription || "A modern headless CMS powered by AI",
+      adminEmail: settings?.adminEmail || userEmail || "admin@example.com",
+      timezone: settings?.timezone || "UTC",
+      language: settings?.language || "en",
+      maintenanceMode: settings?.maintenanceMode || false
+    };
+  }
+  /**
+   * Save general settings
+   */
+  async saveGeneralSettings(settings) {
+    const existing = await this.getSettingsDocument("general");
+    const merged = { ...existing, ...settings };
+    return await this.saveSettingsDocument("general", merged);
+  }
+  /**
+   * Get security settings with defaults
+   */
+  async getSecuritySettings() {
+    const settings = await this.getSettingsDocument("security");
+    return {
+      jwtExpiresIn: settings?.jwtExpiresIn || "30d",
+      jwtRefreshGraceSeconds: typeof settings?.jwtRefreshGraceSeconds === "number" ? settings.jwtRefreshGraceSeconds : 60 * 60 * 24 * 7
+    };
+  }
+  /**
+   * Save security settings
+   */
+  async saveSecuritySettings(settings) {
+    const existing = await this.getSettingsDocument("security");
+    const merged = { ...existing, ...settings };
+    return await this.saveSettingsDocument("security", merged);
+  }
+};
+var appInstance = null;
+function setAppInstance(app) {
+  appInstance = app;
+}
+function getAppInstance() {
+  return appInstance;
+}
+var CATEGORY_INFO = {
+  "Auth": {
+    title: "Authentication",
+    description: "User authentication and authorization endpoints",
+    icon: "&#x1f510;"
+  },
+  "Content": {
+    title: "Content Management",
+    description: "Content creation, retrieval, and management",
+    icon: "&#x1f4dd;"
+  },
+  "Media": {
+    title: "Media Management",
+    description: "File upload, storage, and media operations",
+    icon: "&#x1f5bc;&#xfe0f;"
+  },
+  "Admin": {
+    title: "Admin Interface",
+    description: "Administrative panel and management features",
+    icon: "&#x2699;&#xfe0f;"
+  },
+  "System": {
+    title: "System",
+    description: "Health checks and system information",
+    icon: "&#x1f527;"
+  },
+  "Search": {
+    title: "Search",
+    description: "AI-powered search, full-text search, and analytics",
+    icon: "&#x1f50d;"
+  },
+  "API Keys": {
+    title: "API Keys",
+    description: "API key management and authentication",
+    icon: "&#x1f511;"
+  },
+  "Workflow": {
+    title: "Workflow",
+    description: "Content workflow and approval processes",
+    icon: "&#x1f504;"
+  },
+  "Cache": {
+    title: "Cache",
+    description: "Cache management and invalidation",
+    icon: "&#x26a1;"
+  },
+  "Forms": {
+    title: "Forms",
+    description: "Form submissions and management",
+    icon: "&#x1f4cb;"
+  },
+  "Files": {
+    title: "Files",
+    description: "File serving from R2 storage",
+    icon: "&#x1f4c1;"
+  },
+  "Collections": {
+    title: "Collections",
+    description: "Per-collection REST endpoints (auto-generated from registered collections)",
+    icon: "&#x1f4da;"
+  }
+};
+var ROUTE_METADATA = {
+  // Auth endpoints
+  "POST /auth/login": { description: "Authenticate user with email and password (returns JWT)", category: "Auth", authentication: false },
+  "POST /auth/login/form": { description: "Form-based login (sets session cookie)", category: "Auth", authentication: false },
+  "POST /auth/register": { description: "Register a new user account", category: "Auth", authentication: false },
+  "POST /auth/logout": { description: "Log out the current user and invalidate session", category: "Auth", authentication: true },
+  "GET /auth/me": { description: "Get current authenticated user information", category: "Auth", authentication: true },
+  "POST /auth/refresh": { description: "Refresh authentication token", category: "Auth", authentication: true },
+  "POST /auth/seed-admin": { description: "Create or reset the admin user account", category: "Auth", authentication: false },
+  "POST /auth/magic-link/request": { description: "Request a magic link login email", category: "Auth", authentication: false },
+  "GET /auth/magic-link/verify": { description: "Verify magic link token and authenticate", category: "Auth", authentication: false },
+  "POST /auth/otp/request": { description: "Request a one-time password via email", category: "Auth", authentication: false },
+  "POST /auth/otp/verify": { description: "Verify OTP code and authenticate", category: "Auth", authentication: false },
+  // Content endpoints
+  "GET /api/collections": { description: "List all available collections", category: "Content", authentication: false },
+  "GET /api/collections/:collection/content": { description: "Get all content items from a specific collection", category: "Content", authentication: false },
+  "GET /api/content/:id": { description: "Get a specific content item by ID", category: "Content", authentication: false },
+  "POST /api/content": { description: "Create a new content item", category: "Content", authentication: true },
+  "PUT /api/content/:id": { description: "Update an existing content item", category: "Content", authentication: true },
+  "DELETE /api/content/:id": { description: "Delete a content item", category: "Content", authentication: true },
+  "GET /api/content/:id/versions": { description: "Get version history for a content item", category: "Content", authentication: true },
+  "POST /api/content/:id/restore/:versionId": { description: "Restore a content item to a previous version", category: "Content", authentication: true },
+  // Media endpoints
+  "GET /api/media": { description: "List all media files with pagination", category: "Media", authentication: false },
+  "GET /api/media/:id": { description: "Get a specific media file by ID", category: "Media", authentication: false },
+  "POST /api/media/upload": { description: "Upload a new media file to R2 storage", category: "Media", authentication: true },
+  "DELETE /api/media/:id": { description: "Delete a media file from storage", category: "Media", authentication: true },
+  // Admin API endpoints
+  "GET /admin/api/stats": { description: "Get dashboard statistics (collections, content, media, users)", category: "Admin", authentication: true },
+  "GET /admin/api/storage": { description: "Get storage usage information", category: "Admin", authentication: true },
+  "GET /admin/api/activity": { description: "Get recent activity logs", category: "Admin", authentication: true },
+  "GET /admin/api/collections": { description: "List all collections with field counts", category: "Admin", authentication: true },
+  "POST /admin/api/collections": { description: "Create a new collection", category: "Admin", authentication: true },
+  "GET /admin/api/collections/:id": { description: "Get a specific collection with its fields", category: "Admin", authentication: true },
+  "PATCH /admin/api/collections/:id": { description: "Update an existing collection", category: "Admin", authentication: true },
+  "DELETE /admin/api/collections/:id": { description: "Delete a collection (must be empty)", category: "Admin", authentication: true },
+  "GET /admin/api/collections/:id/fields": { description: "Get fields for a specific collection", category: "Admin", authentication: true },
+  "POST /admin/api/collections/:id/fields": { description: "Add a field to a collection", category: "Admin", authentication: true },
+  "PATCH /admin/api/collections/:id/fields/:fieldId": { description: "Update a collection field", category: "Admin", authentication: true },
+  "DELETE /admin/api/collections/:id/fields/:fieldId": { description: "Remove a field from a collection", category: "Admin", authentication: true },
+  "POST /admin/api/collections/:id/fields/reorder": { description: "Reorder fields in a collection", category: "Admin", authentication: true },
+  "GET /admin/api/migrations/status": { description: "Get database migration status", category: "Admin", authentication: true },
+  "POST /admin/api/migrations/run": { description: "Explain how to run D1 migrations with Wrangler", category: "Admin", authentication: true },
+  "GET /admin/api/content": { description: "List content items with filtering and pagination", category: "Admin", authentication: true },
+  "GET /admin/api/content/:id": { description: "Get a content item for admin editing", category: "Admin", authentication: true },
+  "POST /admin/api/content": { description: "Create content via admin API", category: "Admin", authentication: true },
+  "PUT /admin/api/content/:id": { description: "Update content via admin API", category: "Admin", authentication: true },
+  "DELETE /admin/api/content/:id": { description: "Delete content via admin API", category: "Admin", authentication: true },
+  "GET /admin/api/media": { description: "List media files for admin management", category: "Admin", authentication: true },
+  "POST /admin/api/media/upload": { description: "Upload media via admin interface", category: "Admin", authentication: true },
+  "DELETE /admin/api/media/:id": { description: "Delete media via admin interface", category: "Admin", authentication: true },
+  "GET /admin/api/users": { description: "List all users", category: "Admin", authentication: true },
+  "POST /admin/api/users": { description: "Create a new user", category: "Admin", authentication: true },
+  "PUT /admin/api/users/:id": { description: "Update a user", category: "Admin", authentication: true },
+  "DELETE /admin/api/users/:id": { description: "Delete a user", category: "Admin", authentication: true },
+  "GET /admin/api/logs": { description: "Get application logs with filtering", category: "Admin", authentication: true },
+  "GET /admin/api/plugins": { description: "List all registered plugins", category: "Admin", authentication: true },
+  "POST /admin/api/plugins/:id/toggle": { description: "Enable or disable a plugin", category: "Admin", authentication: true },
+  "GET /admin/api/settings": { description: "Get application settings", category: "Admin", authentication: true },
+  "PUT /admin/api/settings": { description: "Update application settings", category: "Admin", authentication: true },
+  "GET /admin/api/forms": { description: "List all forms", category: "Admin", authentication: true },
+  "GET /admin/api/forms/:id": { description: "Get form details and submissions", category: "Admin", authentication: true },
+  "POST /admin/api/forms": { description: "Create a new form", category: "Admin", authentication: true },
+  "PUT /admin/api/forms/:id": { description: "Update a form", category: "Admin", authentication: true },
+  "DELETE /admin/api/forms/:id": { description: "Delete a form", category: "Admin", authentication: true },
+  "GET /admin/api/forms/:id/submissions": { description: "Get form submissions", category: "Admin", authentication: true },
+  "DELETE /admin/api/forms/:id/submissions/:submissionId": { description: "Delete a form submission", category: "Admin", authentication: true },
+  // Search endpoints
+  "GET /api/search": { description: "Search content using AI, FTS5, keyword, or hybrid mode", category: "Search", authentication: false },
+  "POST /api/search/click": { description: "Track a search result click for analytics", category: "Search", authentication: false },
+  "GET /admin/plugins/ai-search/api/status": { description: "Get search plugin status and configuration", category: "Search", authentication: true },
+  "POST /admin/plugins/ai-search/api/index": { description: "Trigger content indexing for search", category: "Search", authentication: true },
+  "POST /admin/plugins/ai-search/api/index/reset": { description: "Reset the search index", category: "Search", authentication: true },
+  "GET /admin/plugins/ai-search/api/analytics": { description: "Get search analytics and metrics", category: "Search", authentication: true },
+  "GET /admin/plugins/ai-search/api/analytics/queries": { description: "Get top search queries", category: "Search", authentication: true },
+  "GET /admin/plugins/ai-search/api/analytics/clicks": { description: "Get click-through analytics", category: "Search", authentication: true },
+  "GET /admin/plugins/ai-search/api/fts5/status": { description: "Get FTS5 full-text search status", category: "Search", authentication: true },
+  "POST /admin/plugins/ai-search/api/fts5/rebuild": { description: "Rebuild the FTS5 search index", category: "Search", authentication: true },
+  "GET /admin/plugins/ai-search/api/facets": { description: "Get available search facets", category: "Search", authentication: true },
+  "GET /admin/plugins/ai-search/api/experiments": { description: "List search A/B test experiments", category: "Search", authentication: true },
+  "POST /admin/plugins/ai-search/api/experiments": { description: "Create a search A/B test experiment", category: "Search", authentication: true },
+  "GET /admin/plugins/ai-search/api/experiments/:id": { description: "Get experiment details", category: "Search", authentication: true },
+  "PUT /admin/plugins/ai-search/api/experiments/:id": { description: "Update an experiment", category: "Search", authentication: true },
+  "DELETE /admin/plugins/ai-search/api/experiments/:id": { description: "Delete an experiment", category: "Search", authentication: true },
+  "POST /admin/plugins/ai-search/api/experiments/:id/start": { description: "Start an experiment", category: "Search", authentication: true },
+  "POST /admin/plugins/ai-search/api/experiments/:id/stop": { description: "Stop a running experiment", category: "Search", authentication: true },
+  "GET /admin/plugins/ai-search/api/experiments/:id/results": { description: "Get experiment results and statistics", category: "Search", authentication: true },
+  "GET /admin/plugins/ai-search/api/quality": { description: "Get search quality agent analysis", category: "Search", authentication: true },
+  "POST /admin/plugins/ai-search/api/quality/run": { description: "Run search quality analysis", category: "Search", authentication: true },
+  "GET /admin/plugins/ai-search/api/quality/recommendations": { description: "Get quality improvement recommendations", category: "Search", authentication: true },
+  "POST /admin/plugins/ai-search/api/quality/recommendations/:id/apply": { description: "Apply a quality recommendation", category: "Search", authentication: true },
+  "POST /admin/plugins/ai-search/api/quality/recommendations/:id/dismiss": { description: "Dismiss a quality recommendation", category: "Search", authentication: true },
+  "GET /admin/plugins/ai-search/api/synonyms": { description: "List search synonyms", category: "Search", authentication: true },
+  "POST /admin/plugins/ai-search/api/synonyms": { description: "Add a search synonym", category: "Search", authentication: true },
+  "DELETE /admin/plugins/ai-search/api/synonyms/:id": { description: "Delete a search synonym", category: "Search", authentication: true },
+  "GET /admin/plugins/ai-search/api/query-rules": { description: "List search query rules", category: "Search", authentication: true },
+  "POST /admin/plugins/ai-search/api/query-rules": { description: "Create a query rule", category: "Search", authentication: true },
+  "PUT /admin/plugins/ai-search/api/query-rules/:id": { description: "Update a query rule", category: "Search", authentication: true },
+  "DELETE /admin/plugins/ai-search/api/query-rules/:id": { description: "Delete a query rule", category: "Search", authentication: true },
+  "GET /admin/plugins/ai-search/api/settings": { description: "Get search plugin settings", category: "Search", authentication: true },
+  "PUT /admin/plugins/ai-search/api/settings": { description: "Update search plugin settings", category: "Search", authentication: true },
+  // API Key endpoints
+  "GET /admin/api-keys/api/keys": { description: "List all API keys", category: "API Keys", authentication: true },
+  "POST /admin/api-keys/api/keys": { description: "Create a new API key", category: "API Keys", authentication: true },
+  "DELETE /admin/api-keys/api/keys/:id": { description: "Revoke an API key", category: "API Keys", authentication: true },
+  "PUT /admin/api-keys/api/keys/:id": { description: "Update an API key", category: "API Keys", authentication: true },
+  // Cache endpoints
+  "GET /admin/cache/api/stats": { description: "Get cache statistics", category: "Cache", authentication: true },
+  "POST /admin/cache/api/purge": { description: "Purge cache entries", category: "Cache", authentication: true },
+  "GET /admin/cache/api/entries": { description: "List cache entries", category: "Cache", authentication: true },
+  "DELETE /admin/cache/api/entries/:key": { description: "Delete a specific cache entry", category: "Cache", authentication: true },
+  // Workflow endpoints
+  "GET /workflow/status/:id": { description: "Get workflow status for a content item", category: "Workflow", authentication: true },
+  "POST /workflow/submit/:id": { description: "Submit content for review", category: "Workflow", authentication: true },
+  "POST /workflow/approve/:id": { description: "Approve content in review", category: "Workflow", authentication: true },
+  "POST /workflow/reject/:id": { description: "Reject content in review", category: "Workflow", authentication: true },
+  "POST /workflow/publish/:id": { description: "Publish approved content", category: "Workflow", authentication: true },
+  "POST /workflow/unpublish/:id": { description: "Unpublish content", category: "Workflow", authentication: true },
+  "GET /workflow/history/:id": { description: "Get workflow history for a content item", category: "Workflow", authentication: true },
+  // Form endpoints (public)
+  "POST /forms/:formId/submit": { description: "Submit a form (public endpoint)", category: "Forms", authentication: false },
+  "GET /forms/:formId": { description: "Get form definition for rendering", category: "Forms", authentication: false },
+  "POST /api/forms/:formId/submit": { description: "Submit a form via API", category: "Forms", authentication: false },
+  "GET /api/forms/:formId": { description: "Get form definition via API", category: "Forms", authentication: false },
+  // System endpoints
+  "GET /health": { description: "Health check endpoint for monitoring", category: "System", authentication: false },
+  "GET /api/health": { description: "API health check with schema information", category: "System", authentication: false },
+  "GET /api": { description: "API root - returns API information and available endpoints", category: "System", authentication: false },
+  "GET /api/system/info": { description: "Get system information and version", category: "System", authentication: false },
+  "GET /api/system/schema": { description: "Get database schema information", category: "System", authentication: false },
+  // Collection shorthand routes
+  "GET /api/:collection": { description: "List items from a collection (shorthand route)", category: "Collections", authentication: false },
+  "GET /api/:collection/:id": { description: "Get a single item by ID from a collection", category: "Collections", authentication: false },
+  "POST /api/:collection": { description: "Create an item in a collection", category: "Collections", authentication: true },
+  "PUT /api/:collection/:id": { description: "Update an item in a collection", category: "Collections", authentication: true },
+  "DELETE /api/:collection/:id": { description: "Delete an item from a collection", category: "Collections", authentication: true },
+  // File serving
+  "GET /files/*": { description: "Serve files from R2 storage (public access)", category: "Files", authentication: false },
+  // Database tools
+  "POST /admin/database-tools/api/query": { description: "Execute a database query", category: "Admin", authentication: true },
+  "GET /admin/database-tools/api/tables": { description: "List database tables", category: "Admin", authentication: true },
+  "GET /admin/database-tools/api/tables/:name": { description: "Get table schema and sample data", category: "Admin", authentication: true },
+  // Seed data
+  "POST /admin/seed-data/api/generate": { description: "Generate seed data for development", category: "Admin", authentication: true },
+  "GET /admin/seed-data/api/status": { description: "Get seed data generation status", category: "Admin", authentication: true },
+  // Email plugin
+  "POST /admin/plugins/email/api/send": { description: "Send an email", category: "Admin", authentication: true },
+  "GET /admin/plugins/email/api/templates": { description: "List email templates", category: "Admin", authentication: true },
+  "POST /admin/plugins/email/api/test": { description: "Send a test email", category: "Admin", authentication: true }
+};
+var INCLUDED_ROUTE_PATTERNS = [
+  /^\/api\//,
+  // All /api/* routes
+  /^\/api$/,
+  // API root
+  /^\/auth\/(?!login$|register$)/,
+  // Auth routes except GET login/register HTML pages
+  /^\/auth\/login$/,
+  // POST /auth/login (method filtered later)
+  /^\/auth\/register$/,
+  // POST /auth/register (method filtered later)
+  /^\/admin\/api\//,
+  // Admin API endpoints
+  /^\/admin\/api-keys\/api\//,
+  // API key management
+  /^\/admin\/cache\/api\//,
+  // Cache management API
+  /^\/admin\/plugins\/.*\/api\//,
+  // Plugin API endpoints
+  /^\/admin\/database-tools\/api\//,
+  // Database tools API
+  /^\/admin\/seed-data\/api\//,
+  // Seed data API
+  /^\/workflow\//,
+  // Workflow endpoints
+  /^\/health$/,
+  // Health check
+  /^\/files\//,
+  // File serving
+  /^\/forms\//
+  // Public form endpoints
+];
+var EXCLUDED_ROUTES = /* @__PURE__ */ new Set([
+  "GET /auth/login",
+  "GET /auth/register",
+  "GET /auth/login/form"
+]);
+var cachedRouteList = null;
+function isIncludedRoute(method, path) {
+  const key = `${method} ${path}`;
+  if (EXCLUDED_ROUTES.has(key)) {
+    return false;
+  }
+  return INCLUDED_ROUTE_PATTERNS.some((pattern) => pattern.test(path));
+}
+function inferCategory(path) {
+  if (path.startsWith("/auth/")) return "Auth";
+  if (path.startsWith("/api/search")) return "Search";
+  if (path.startsWith("/api/media")) return "Media";
+  if (path.startsWith("/api/system")) return "System";
+  if (path.startsWith("/api/content") || path.startsWith("/api/collections")) return "Content";
+  if (path.startsWith("/api/forms")) return "Forms";
+  if (path.startsWith("/admin/api-keys")) return "API Keys";
+  if (path.startsWith("/admin/cache")) return "Cache";
+  if (path.startsWith("/admin/plugins/ai-search")) return "Search";
+  if (path.startsWith("/admin/api")) return "Admin";
+  if (path.startsWith("/admin/database-tools")) return "Admin";
+  if (path.startsWith("/admin/seed-data")) return "Admin";
+  if (path.startsWith("/admin/plugins/email")) return "Admin";
+  if (path.startsWith("/workflow/")) return "Workflow";
+  if (path.startsWith("/forms/")) return "Forms";
+  if (path.startsWith("/files/")) return "Files";
+  if (path === "/health" || path.startsWith("/api")) return "System";
+  if (path.match(/^\/api\/[^/]+(\/:id)?$/) && !path.startsWith("/api/content") && !path.startsWith("/api/collections") && !path.startsWith("/api/media") && !path.startsWith("/api/search") && !path.startsWith("/api/system") && !path.startsWith("/api/health") && !path.startsWith("/api/documents") && !path.startsWith("/api/forms")) return "Collections";
+  return "Other";
+}
+function inferAuth(path) {
+  if (path === "/health" || path === "/api" || path === "/api/health") return false;
+  if (path === "/api/system/info" || path === "/api/system/schema") return false;
+  if (path.startsWith("/files/")) return false;
+  if (path.startsWith("/forms/") || path.startsWith("/api/forms/")) return false;
+  if (path.startsWith("/admin/")) return true;
+  if (path.startsWith("/workflow/")) return true;
+  return "unknown";
+}
+function buildRouteList(app) {
+  if (cachedRouteList) return cachedRouteList;
+  if (!app) return [];
+  try {
+    const routes = dev.inspectRoutes(app);
+    const seen = /* @__PURE__ */ new Set();
+    const result = [];
+    for (const route of routes) {
+      if (route.isMiddleware) continue;
+      if (route.method === "ALL") continue;
+      const key = `${route.method} ${route.path}`;
+      if (seen.has(key)) continue;
+      seen.add(key);
+      if (!isIncludedRoute(route.method, route.path)) continue;
+      const meta = ROUTE_METADATA[key];
+      if (meta) {
+        result.push({
+          method: route.method,
+          path: route.path,
+          description: meta.description,
+          authentication: meta.authentication,
+          category: meta.category,
+          documented: true
+        });
+      } else {
+        result.push({
+          method: route.method,
+          path: route.path,
+          description: "",
+          authentication: inferAuth(route.path),
+          category: inferCategory(route.path),
+          documented: false
+        });
+      }
+    }
+    const methodOrder = { GET: 0, POST: 1, PUT: 2, PATCH: 3, DELETE: 4 };
+    result.sort((a, b) => {
+      const catCmp = a.category.localeCompare(b.category);
+      if (catCmp !== 0) return catCmp;
+      const methCmp = (methodOrder[a.method] ?? 5) - (methodOrder[b.method] ?? 5);
+      if (methCmp !== 0) return methCmp;
+      return a.path.localeCompare(b.path);
+    });
+    cachedRouteList = result;
+    return result;
+  } catch (error) {
+    console.error("Failed to inspect routes:", error);
+    return [];
+  }
+}
+
+exports.CACHE_CONFIGS = CACHE_CONFIGS;
+exports.CATEGORY_INFO = CATEGORY_INFO;
+exports.CacheService = CacheService;
+exports.Logger = Logger;
+exports.SettingsService = SettingsService;
+exports.buildRouteList = buildRouteList;
+exports.getAppInstance = getAppInstance;
+exports.getCacheService = getCacheService2;
+exports.getLogger = getLogger;
+exports.initLogger = initLogger;
+exports.setAppInstance = setAppInstance;
+//# sourceMappingURL=chunk-4BTBSXMR.cjs.map
+//# sourceMappingURL=chunk-4BTBSXMR.cjs.map