@sonicjs-cms/core 2.19.0 → 3.0.0-beta.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (224) hide show
  1. package/README.md +4 -3
  2. package/dist/admin-documents-form.template-KN7JF66Q.cjs +19 -0
  3. package/dist/{admin-layout-catalyst.template-UMTIN66R.js.map → admin-documents-form.template-KN7JF66Q.cjs.map} +1 -1
  4. package/dist/admin-documents-form.template-NLSI6Z42.js +6 -0
  5. package/dist/{admin-layout-catalyst.template-HFD37TY5.cjs.map → admin-documents-form.template-NLSI6Z42.js.map} +1 -1
  6. package/dist/admin-layout-catalyst.template-WHJGSWWD.js +7 -0
  7. package/dist/admin-layout-catalyst.template-WHJGSWWD.js.map +1 -0
  8. package/dist/admin-layout-catalyst.template-ZK5HD545.cjs +17 -0
  9. package/dist/admin-layout-catalyst.template-ZK5HD545.cjs.map +1 -0
  10. package/dist/app-Bo0X1OWX.d.ts +1268 -0
  11. package/dist/app-Do66yCcV.d.cts +1268 -0
  12. package/dist/cache-DDARE4QE.js +4 -0
  13. package/dist/cache-DDARE4QE.js.map +1 -0
  14. package/dist/cache-LVYS4BPL.cjs +33 -0
  15. package/dist/cache-LVYS4BPL.cjs.map +1 -0
  16. package/dist/chunk-2CB4KY7I.cjs +771 -0
  17. package/dist/chunk-2CB4KY7I.cjs.map +1 -0
  18. package/dist/{chunk-55RDMDOP.js → chunk-3TB6AT6X.js} +148 -55
  19. package/dist/chunk-3TB6AT6X.js.map +1 -0
  20. package/dist/{chunk-ON5ZMSU4.js → chunk-6JQOUUOB.js} +3 -3
  21. package/dist/chunk-6JQOUUOB.js.map +1 -0
  22. package/dist/chunk-6OUHGKFD.js +387 -0
  23. package/dist/chunk-6OUHGKFD.js.map +1 -0
  24. package/dist/{chunk-7A4CB7T3.cjs → chunk-AAWNRBRB.cjs} +509 -91
  25. package/dist/chunk-AAWNRBRB.cjs.map +1 -0
  26. package/dist/chunk-AI663NBO.js +821 -0
  27. package/dist/chunk-AI663NBO.js.map +1 -0
  28. package/dist/chunk-BDDABDAB.cjs +1149 -0
  29. package/dist/chunk-BDDABDAB.cjs.map +1 -0
  30. package/dist/chunk-BLMTL57B.js +767 -0
  31. package/dist/chunk-BLMTL57B.js.map +1 -0
  32. package/dist/chunk-DNQCEKUK.cjs +327 -0
  33. package/dist/chunk-DNQCEKUK.cjs.map +1 -0
  34. package/dist/chunk-DSA4UX5B.cjs +276 -0
  35. package/dist/chunk-DSA4UX5B.cjs.map +1 -0
  36. package/dist/chunk-EF2NQUIQ.js +323 -0
  37. package/dist/chunk-EF2NQUIQ.js.map +1 -0
  38. package/dist/chunk-GCDZZNIN.js +192 -0
  39. package/dist/chunk-GCDZZNIN.js.map +1 -0
  40. package/dist/{chunk-ABB34XUS.cjs → chunk-H2AXVCLS.cjs} +667 -19
  41. package/dist/chunk-H2AXVCLS.cjs.map +1 -0
  42. package/dist/{chunk-XWIA3HVX.js → chunk-HDWE5FRJ.js} +6 -1249
  43. package/dist/chunk-HDWE5FRJ.js.map +1 -0
  44. package/dist/chunk-HIKBY7MS.cjs +70 -0
  45. package/dist/chunk-HIKBY7MS.cjs.map +1 -0
  46. package/dist/chunk-IESEVHXL.js +66 -0
  47. package/dist/chunk-IESEVHXL.js.map +1 -0
  48. package/dist/chunk-IVPRUGTY.js +242 -0
  49. package/dist/chunk-IVPRUGTY.js.map +1 -0
  50. package/dist/{chunk-JZVHLLSI.cjs → chunk-IXUHXTHW.cjs} +2 -151
  51. package/dist/chunk-IXUHXTHW.cjs.map +1 -0
  52. package/dist/chunk-J6JTWD2A.cjs +100 -0
  53. package/dist/chunk-J6JTWD2A.cjs.map +1 -0
  54. package/dist/chunk-JEQ7FLOD.cjs +199 -0
  55. package/dist/chunk-JEQ7FLOD.cjs.map +1 -0
  56. package/dist/chunk-K25XHMM3.js +566 -0
  57. package/dist/chunk-K25XHMM3.js.map +1 -0
  58. package/dist/chunk-LRZIAW7U.cjs +158 -0
  59. package/dist/chunk-LRZIAW7U.cjs.map +1 -0
  60. package/dist/{chunk-OHYBNCVL.cjs → chunk-MVIZJOO5.cjs} +10 -1256
  61. package/dist/chunk-MVIZJOO5.cjs.map +1 -0
  62. package/dist/{chunk-UYJ6TJHX.cjs → chunk-NAVPFIG5.cjs} +148 -55
  63. package/dist/chunk-NAVPFIG5.cjs.map +1 -0
  64. package/dist/chunk-NLJVSER2.js +273 -0
  65. package/dist/chunk-NLJVSER2.js.map +1 -0
  66. package/dist/chunk-NMPEMSU4.js +154 -0
  67. package/dist/chunk-NMPEMSU4.js.map +1 -0
  68. package/dist/chunk-NUKJ54GA.cjs +245 -0
  69. package/dist/chunk-NUKJ54GA.cjs.map +1 -0
  70. package/dist/{chunk-E4YFJBM2.cjs → chunk-QAYFOER6.cjs} +621 -829
  71. package/dist/chunk-QAYFOER6.cjs.map +1 -0
  72. package/dist/{chunk-BU7SFHGP.js → chunk-QZGABF2M.js} +3 -149
  73. package/dist/chunk-QZGABF2M.js.map +1 -0
  74. package/dist/chunk-RNZFGN4R.js +88 -0
  75. package/dist/chunk-RNZFGN4R.js.map +1 -0
  76. package/dist/{chunk-4NPCDK6B.js → chunk-RZ6H7OZK.js} +505 -90
  77. package/dist/chunk-RZ6H7OZK.js.map +1 -0
  78. package/dist/{chunk-OCL3HMEG.js → chunk-VD2EA3WT.js} +7004 -9807
  79. package/dist/chunk-VD2EA3WT.js.map +1 -0
  80. package/dist/{chunk-R4FOLLFB.cjs → chunk-VXE42MYF.cjs} +8730 -11520
  81. package/dist/chunk-VXE42MYF.cjs.map +1 -0
  82. package/dist/{chunk-4ZSNJDLS.cjs → chunk-WULONYGB.cjs} +9 -9
  83. package/dist/chunk-WULONYGB.cjs.map +1 -0
  84. package/dist/chunk-XW56B23A.cjs +408 -0
  85. package/dist/chunk-XW56B23A.cjs.map +1 -0
  86. package/dist/chunk-YA3TJ65D.cjs +575 -0
  87. package/dist/chunk-YA3TJ65D.cjs.map +1 -0
  88. package/dist/{chunk-TFNTM3OA.js → chunk-YHSQVQXX.js} +645 -15
  89. package/dist/chunk-YHSQVQXX.js.map +1 -0
  90. package/dist/chunk-YP7GW2G5.cjs +866 -0
  91. package/dist/chunk-YP7GW2G5.cjs.map +1 -0
  92. package/dist/{chunk-QFWHAFEO.js → chunk-ZEZ245PW.js} +148 -858
  93. package/dist/chunk-ZEZ245PW.js.map +1 -0
  94. package/dist/{chunk-JZV22DEV.js → chunk-ZGGXCFR6.js} +611 -817
  95. package/dist/chunk-ZGGXCFR6.js.map +1 -0
  96. package/dist/{collection-config-B4PG-AaF.d.cts → collection-config-JgHOpFCG.d.cts} +30 -2
  97. package/dist/{collection-config-B4PG-AaF.d.ts → collection-config-JgHOpFCG.d.ts} +30 -2
  98. package/dist/config-HFXANXCC.js +6 -0
  99. package/dist/config-HFXANXCC.js.map +1 -0
  100. package/dist/config-ON6FNMYX.cjs +19 -0
  101. package/dist/config-ON6FNMYX.cjs.map +1 -0
  102. package/dist/define-plugin-BzNHc1ZI.d.ts +1321 -0
  103. package/dist/define-plugin-IWDKYaVm.d.cts +1321 -0
  104. package/dist/document-projection-TDWRJX3Z.cjs +13 -0
  105. package/dist/document-projection-TDWRJX3Z.cjs.map +1 -0
  106. package/dist/document-projection-YYMC6I4U.js +4 -0
  107. package/dist/document-projection-YYMC6I4U.js.map +1 -0
  108. package/dist/index.cjs +13734 -4328
  109. package/dist/index.cjs.map +1 -1
  110. package/dist/index.d.cts +329 -492
  111. package/dist/index.d.ts +329 -492
  112. package/dist/index.js +13385 -3998
  113. package/dist/index.js.map +1 -1
  114. package/dist/middleware.cjs +36 -32
  115. package/dist/middleware.d.cts +50 -7
  116. package/dist/middleware.d.ts +50 -7
  117. package/dist/middleware.js +7 -3
  118. package/dist/migrations-NJJWQUKK.cjs +13 -0
  119. package/dist/{migrations-566IIPS2.cjs.map → migrations-NJJWQUKK.cjs.map} +1 -1
  120. package/dist/migrations-WCAVBD7C.js +4 -0
  121. package/dist/{migrations-H5IXZNCO.js.map → migrations-WCAVBD7C.js.map} +1 -1
  122. package/dist/{plugin-bootstrap-DfVerYV4.d.cts → plugin-bootstrap-B8ThJU21.d.cts} +4315 -1661
  123. package/dist/{plugin-bootstrap-P_ciLp_C.d.ts → plugin-bootstrap-qu8hJgUt.d.ts} +4315 -1661
  124. package/dist/plugins.cjs +171 -12
  125. package/dist/plugins.d.cts +36 -2
  126. package/dist/plugins.d.ts +36 -2
  127. package/dist/plugins.js +5 -2
  128. package/dist/rbac-O73MFKDA.js +5 -0
  129. package/dist/rbac-O73MFKDA.js.map +1 -0
  130. package/dist/rbac-VONLJJKB.cjs +14 -0
  131. package/dist/rbac-VONLJJKB.cjs.map +1 -0
  132. package/dist/routes.cjs +41 -45
  133. package/dist/routes.d.cts +56 -146
  134. package/dist/routes.d.ts +56 -146
  135. package/dist/routes.js +17 -9
  136. package/dist/services.cjs +39 -72
  137. package/dist/services.d.cts +79 -54
  138. package/dist/services.d.ts +79 -54
  139. package/dist/services.js +6 -3
  140. package/dist/templates.cjs +17 -29
  141. package/dist/templates.d.cts +1 -66
  142. package/dist/templates.d.ts +1 -66
  143. package/dist/templates.js +3 -3
  144. package/dist/types-Dea1eNxU.d.cts +286 -0
  145. package/dist/types-Dea1eNxU.d.ts +286 -0
  146. package/dist/types.d.cts +1 -1
  147. package/dist/types.d.ts +1 -1
  148. package/dist/utils.cjs +18 -17
  149. package/dist/utils.d.cts +1 -1
  150. package/dist/utils.d.ts +1 -1
  151. package/dist/utils.js +2 -1
  152. package/migrations/0001_core.sql +184 -0
  153. package/migrations/0002_documents.sql +163 -0
  154. package/package.json +12 -7
  155. package/dist/admin-layout-catalyst.template-HFD37TY5.cjs +0 -17
  156. package/dist/admin-layout-catalyst.template-UMTIN66R.js +0 -7
  157. package/dist/app-C9esKLmh.d.cts +0 -112
  158. package/dist/app-C9esKLmh.d.ts +0 -112
  159. package/dist/chunk-4NPCDK6B.js.map +0 -1
  160. package/dist/chunk-4ZSNJDLS.cjs.map +0 -1
  161. package/dist/chunk-55RDMDOP.js.map +0 -1
  162. package/dist/chunk-635JAMSE.cjs +0 -653
  163. package/dist/chunk-635JAMSE.cjs.map +0 -1
  164. package/dist/chunk-7A4CB7T3.cjs.map +0 -1
  165. package/dist/chunk-ABB34XUS.cjs.map +0 -1
  166. package/dist/chunk-BU7SFHGP.js.map +0 -1
  167. package/dist/chunk-E4YFJBM2.cjs.map +0 -1
  168. package/dist/chunk-EXNEW5US.js +0 -648
  169. package/dist/chunk-EXNEW5US.js.map +0 -1
  170. package/dist/chunk-JZV22DEV.js.map +0 -1
  171. package/dist/chunk-JZVHLLSI.cjs.map +0 -1
  172. package/dist/chunk-OCL3HMEG.js.map +0 -1
  173. package/dist/chunk-OHYBNCVL.cjs.map +0 -1
  174. package/dist/chunk-ON5ZMSU4.js.map +0 -1
  175. package/dist/chunk-QFWHAFEO.js.map +0 -1
  176. package/dist/chunk-R4FOLLFB.cjs.map +0 -1
  177. package/dist/chunk-RLMUFFUD.cjs +0 -2219
  178. package/dist/chunk-RLMUFFUD.cjs.map +0 -1
  179. package/dist/chunk-TFNTM3OA.js.map +0 -1
  180. package/dist/chunk-UYJ6TJHX.cjs.map +0 -1
  181. package/dist/chunk-WAEQXGCX.cjs +0 -1898
  182. package/dist/chunk-WAEQXGCX.cjs.map +0 -1
  183. package/dist/chunk-XWIA3HVX.js.map +0 -1
  184. package/dist/chunk-ZYAYUIZE.js +0 -2217
  185. package/dist/chunk-ZYAYUIZE.js.map +0 -1
  186. package/dist/migrations-566IIPS2.cjs +0 -13
  187. package/dist/migrations-H5IXZNCO.js +0 -4
  188. package/dist/plugin-manager-BoM3Q7o7.d.cts +0 -328
  189. package/dist/plugin-manager-Efx9RyDX.d.ts +0 -328
  190. package/migrations/001_initial_schema.sql +0 -170
  191. package/migrations/002_faq_plugin.sql +0 -86
  192. package/migrations/003_stage5_enhancements.sql +0 -121
  193. package/migrations/004_stage6_user_management.sql +0 -183
  194. package/migrations/005_stage7_workflow_automation.sql +0 -294
  195. package/migrations/006_plugin_system.sql +0 -155
  196. package/migrations/007_demo_login_plugin.sql +0 -23
  197. package/migrations/008_fix_slug_validation.sql +0 -22
  198. package/migrations/009_system_logging.sql +0 -57
  199. package/migrations/011_config_managed_collections.sql +0 -15
  200. package/migrations/012_testimonials_plugin.sql +0 -80
  201. package/migrations/013_code_examples_plugin.sql +0 -177
  202. package/migrations/014_fix_plugin_registry.sql +0 -88
  203. package/migrations/015_add_remaining_plugins.sql +0 -89
  204. package/migrations/016_remove_duplicate_cache_plugin.sql +0 -17
  205. package/migrations/017_auth_configurable_fields.sql +0 -49
  206. package/migrations/018_settings_table.sql +0 -23
  207. package/migrations/019_remove_blog_posts_collection.sql +0 -15
  208. package/migrations/020_add_email_plugin.sql +0 -22
  209. package/migrations/021_add_magic_link_auth_plugin.sql +0 -42
  210. package/migrations/022_add_tinymce_plugin.sql +0 -25
  211. package/migrations/023_add_easy_mdx_plugin.sql +0 -25
  212. package/migrations/024_add_quill_editor_plugin.sql +0 -25
  213. package/migrations/025_add_easymde_plugin.sql +0 -25
  214. package/migrations/026_add_otp_login.sql +0 -42
  215. package/migrations/027_fix_slug_field_type.sql +0 -18
  216. package/migrations/028_fix_slug_field_type_in_schemas.sql +0 -30
  217. package/migrations/029_add_forms_system.sql +0 -184
  218. package/migrations/030_add_turnstile_to_forms.sql +0 -14
  219. package/migrations/031_ai_search_plugin.sql +0 -45
  220. package/migrations/032_user_profiles.sql +0 -37
  221. package/migrations/033_form_content_integration.sql +0 -19
  222. package/migrations/034_security_audit_plugin.sql +0 -27
  223. package/migrations/035_user_profiles_data_column.sql +0 -16
  224. package/migrations/036_analytics_events.sql +0 -22
package/dist/app-Do66yCcV.d.cts ADDED
@@ -0,0 +1,1268 @@
1
+ import * as better_auth_client from 'better-auth/client';
2
+ import * as better_auth_plugins_email_otp from 'better-auth/plugins/email-otp';
3
+ import * as better_auth from 'better-auth';
4
+ import * as better_auth_plugins_magic_link from 'better-auth/plugins/magic-link';
5
+ import * as better_call from 'better-call';
6
+ import * as zod_v4_core from 'zod/v4/core';
7
+ import * as zod from 'zod';
8
+ import { z } from 'zod';
9
+ import { i as HookSystemLike, E as EmailProvider } from './types-Dea1eNxU.cjs';
10
+ import { Hono, MiddlewareHandler, Context } from 'hono';
11
+ import { D1Database, KVNamespace, R2Bucket } from '@cloudflare/workers-types';
12
+
13
+ /**
14
+ * Build the default Better Auth options used by SonicJS (through the CF shim).
15
+ * Exported so apps can extend via config.auth.extendBetterAuth.
16
+ */
17
+ declare function getDefaultAuthOptions(env: Bindings, requestBaseURL?: string): {
18
+ plugins: ({
19
+ id: "magic-link";
20
+ version: string;
21
+ endpoints: {
22
+ signInMagicLink: better_call.StrictEndpoint<"/sign-in/magic-link", {
23
+ method: "POST";
24
+ requireHeaders: true;
25
+ body: zod.ZodObject<{
26
+ email: zod.ZodEmail;
27
+ name: zod.ZodOptional<zod.ZodString>;
28
+ callbackURL: zod.ZodOptional<zod.ZodString>;
29
+ newUserCallbackURL: zod.ZodOptional<zod.ZodString>;
30
+ errorCallbackURL: zod.ZodOptional<zod.ZodString>;
31
+ metadata: zod.ZodOptional<zod.ZodRecord<zod.ZodString, zod.ZodAny>>;
32
+ }, zod_v4_core.$strip>;
33
+ metadata: {
34
+ openapi: {
35
+ operationId: string;
36
+ description: string;
37
+ responses: {
38
+ 200: {
39
+ description: string;
40
+ content: {
41
+ "application/json": {
42
+ schema: {
43
+ type: "object";
44
+ properties: {
45
+ status: {
46
+ type: string;
47
+ };
48
+ };
49
+ };
50
+ };
51
+ };
52
+ };
53
+ };
54
+ };
55
+ };
56
+ }, {
57
+ status: boolean;
58
+ }>;
59
+ magicLinkVerify: better_call.StrictEndpoint<"/magic-link/verify", {
60
+ method: "GET";
61
+ query: zod.ZodObject<{
62
+ token: zod.ZodString;
63
+ callbackURL: zod.ZodOptional<zod.ZodString>;
64
+ errorCallbackURL: zod.ZodOptional<zod.ZodString>;
65
+ newUserCallbackURL: zod.ZodOptional<zod.ZodString>;
66
+ }, zod_v4_core.$strip>;
67
+ use: ((inputContext: better_call.MiddlewareInputContext<better_call.MiddlewareOptions>) => Promise<void>)[];
68
+ requireHeaders: true;
69
+ metadata: {
70
+ openapi: {
71
+ operationId: string;
72
+ description: string;
73
+ responses: {
74
+ 200: {
75
+ description: string;
76
+ content: {
77
+ "application/json": {
78
+ schema: {
79
+ type: "object";
80
+ properties: {
81
+ session: {
82
+ $ref: string;
83
+ };
84
+ user: {
85
+ $ref: string;
86
+ };
87
+ };
88
+ };
89
+ };
90
+ };
91
+ };
92
+ };
93
+ };
94
+ };
95
+ }, {
96
+ token: string;
97
+ user: {
98
+ id: string;
99
+ createdAt: Date;
100
+ updatedAt: Date;
101
+ email: string;
102
+ emailVerified: boolean;
103
+ name: string;
104
+ image?: string | null | undefined;
105
+ };
106
+ session: {
107
+ id: string;
108
+ createdAt: Date;
109
+ updatedAt: Date;
110
+ userId: string;
111
+ expiresAt: Date;
112
+ token: string;
113
+ ipAddress?: string | null | undefined;
114
+ userAgent?: string | null | undefined;
115
+ };
116
+ }>;
117
+ };
118
+ rateLimit: {
119
+ pathMatcher(path: string): boolean;
120
+ window: number;
121
+ max: number;
122
+ }[];
123
+ options: better_auth_plugins_magic_link.MagicLinkOptions;
124
+ } | {
125
+ id: "email-otp";
126
+ version: string;
127
+ init(ctx: better_auth.AuthContext): {
128
+ options: {
129
+ emailVerification: {
130
+ sendVerificationEmail(data: {
131
+ user: better_auth.User;
132
+ url: string;
133
+ token: string;
134
+ }, request: Request | undefined): Promise<void>;
135
+ };
136
+ };
137
+ } | undefined;
138
+ endpoints: {
139
+ sendVerificationOTP: better_call.StrictEndpoint<"/email-otp/send-verification-otp", {
140
+ method: "POST";
141
+ body: zod.ZodObject<{
142
+ email: zod.ZodString;
143
+ type: zod.ZodEnum<{
144
+ "sign-in": "sign-in";
145
+ "change-email": "change-email";
146
+ "email-verification": "email-verification";
147
+ "forget-password": "forget-password";
148
+ }>;
149
+ }, zod_v4_core.$strip>;
150
+ metadata: {
151
+ openapi: {
152
+ operationId: string;
153
+ description: string;
154
+ responses: {
155
+ 200: {
156
+ description: string;
157
+ content: {
158
+ "application/json": {
159
+ schema: {
160
+ type: "object";
161
+ properties: {
162
+ success: {
163
+ type: string;
164
+ };
165
+ };
166
+ };
167
+ };
168
+ };
169
+ };
170
+ };
171
+ };
172
+ };
173
+ }, {
174
+ success: boolean;
175
+ }>;
176
+ createVerificationOTP: better_call.StrictEndpoint<string, {
177
+ method: "POST";
178
+ body: zod.ZodObject<{
179
+ email: zod.ZodString;
180
+ type: zod.ZodEnum<{
181
+ "sign-in": "sign-in";
182
+ "change-email": "change-email";
183
+ "email-verification": "email-verification";
184
+ "forget-password": "forget-password";
185
+ }>;
186
+ }, zod_v4_core.$strip>;
187
+ metadata: {
188
+ openapi: {
189
+ operationId: string;
190
+ description: string;
191
+ responses: {
192
+ 200: {
193
+ description: string;
194
+ content: {
195
+ "application/json": {
196
+ schema: {
197
+ type: "string";
198
+ };
199
+ };
200
+ };
201
+ };
202
+ };
203
+ };
204
+ };
205
+ }, string>;
206
+ getVerificationOTP: better_call.StrictEndpoint<string, {
207
+ method: "GET";
208
+ query: zod.ZodObject<{
209
+ email: zod.ZodString;
210
+ type: zod.ZodEnum<{
211
+ "sign-in": "sign-in";
212
+ "change-email": "change-email";
213
+ "email-verification": "email-verification";
214
+ "forget-password": "forget-password";
215
+ }>;
216
+ }, zod_v4_core.$strip>;
217
+ metadata: {
218
+ openapi: {
219
+ operationId: string;
220
+ description: string;
221
+ responses: {
222
+ "200": {
223
+ description: string;
224
+ content: {
225
+ "application/json": {
226
+ schema: {
227
+ type: "object";
228
+ properties: {
229
+ otp: {
230
+ type: string;
231
+ nullable: boolean;
232
+ description: string;
233
+ };
234
+ };
235
+ required: string[];
236
+ };
237
+ };
238
+ };
239
+ };
240
+ };
241
+ };
242
+ };
243
+ }, {
244
+ otp: null;
245
+ } | {
246
+ otp: string;
247
+ }>;
248
+ checkVerificationOTP: better_call.StrictEndpoint<"/email-otp/check-verification-otp", {
249
+ method: "POST";
250
+ body: zod.ZodObject<{
251
+ email: zod.ZodString;
252
+ type: zod.ZodEnum<{
253
+ "sign-in": "sign-in";
254
+ "change-email": "change-email";
255
+ "email-verification": "email-verification";
256
+ "forget-password": "forget-password";
257
+ }>;
258
+ otp: zod.ZodString;
259
+ }, zod_v4_core.$strip>;
260
+ metadata: {
261
+ openapi: {
262
+ operationId: string;
263
+ description: string;
264
+ responses: {
265
+ 200: {
266
+ description: string;
267
+ content: {
268
+ "application/json": {
269
+ schema: {
270
+ type: "object";
271
+ properties: {
272
+ success: {
273
+ type: string;
274
+ };
275
+ };
276
+ };
277
+ };
278
+ };
279
+ };
280
+ };
281
+ };
282
+ };
283
+ }, {
284
+ success: boolean;
285
+ }>;
286
+ verifyEmailOTP: better_call.StrictEndpoint<"/email-otp/verify-email", {
287
+ method: "POST";
288
+ body: zod.ZodObject<{
289
+ email: zod.ZodString;
290
+ otp: zod.ZodString;
291
+ }, zod_v4_core.$strip>;
292
+ metadata: {
293
+ openapi: {
294
+ description: string;
295
+ responses: {
296
+ 200: {
297
+ description: string;
298
+ content: {
299
+ "application/json": {
300
+ schema: {
301
+ type: "object";
302
+ properties: {
303
+ status: {
304
+ type: string;
305
+ description: string;
306
+ enum: boolean[];
307
+ };
308
+ token: {
309
+ type: string;
310
+ nullable: boolean;
311
+ description: string;
312
+ };
313
+ user: {
314
+ $ref: string;
315
+ };
316
+ };
317
+ required: string[];
318
+ };
319
+ };
320
+ };
321
+ };
322
+ };
323
+ };
324
+ };
325
+ }, {
326
+ status: boolean;
327
+ token: string;
328
+ user: {
329
+ id: string;
330
+ createdAt: Date;
331
+ updatedAt: Date;
332
+ email: string;
333
+ emailVerified: boolean;
334
+ name: string;
335
+ image?: string | null | undefined;
336
+ } & Record<string, any>;
337
+ } | {
338
+ status: boolean;
339
+ token: null;
340
+ user: {
341
+ id: string;
342
+ createdAt: Date;
343
+ updatedAt: Date;
344
+ email: string;
345
+ emailVerified: boolean;
346
+ name: string;
347
+ image?: string | null | undefined;
348
+ } & Record<string, any>;
349
+ }>;
350
+ signInEmailOTP: better_call.StrictEndpoint<"/sign-in/email-otp", {
351
+ method: "POST";
352
+ body: zod.ZodIntersection<zod.ZodObject<{
353
+ email: zod.ZodString;
354
+ otp: zod.ZodString;
355
+ name: zod.ZodOptional<zod.ZodString>;
356
+ image: zod.ZodOptional<zod.ZodString>;
357
+ }, zod_v4_core.$strip>, zod.ZodRecord<zod.ZodString, zod.ZodAny>>;
358
+ metadata: {
359
+ openapi: {
360
+ operationId: string;
361
+ description: string;
362
+ responses: {
363
+ 200: {
364
+ description: string;
365
+ content: {
366
+ "application/json": {
367
+ schema: {
368
+ type: "object";
369
+ properties: {
370
+ token: {
371
+ type: string;
372
+ description: string;
373
+ };
374
+ user: {
375
+ $ref: string;
376
+ };
377
+ };
378
+ required: string[];
379
+ };
380
+ };
381
+ };
382
+ };
383
+ };
384
+ };
385
+ };
386
+ }, {
387
+ token: string;
388
+ user: {
389
+ id: string;
390
+ createdAt: Date;
391
+ updatedAt: Date;
392
+ email: string;
393
+ emailVerified: boolean;
394
+ name: string;
395
+ image?: string | null | undefined;
396
+ };
397
+ }>;
398
+ requestPasswordResetEmailOTP: better_call.StrictEndpoint<"/email-otp/request-password-reset", {
399
+ method: "POST";
400
+ body: zod.ZodObject<{
401
+ email: zod.ZodString;
402
+ }, zod_v4_core.$strip>;
403
+ metadata: {
404
+ openapi: {
405
+ operationId: string;
406
+ description: string;
407
+ responses: {
408
+ 200: {
409
+ description: string;
410
+ content: {
411
+ "application/json": {
412
+ schema: {
413
+ type: "object";
414
+ properties: {
415
+ success: {
416
+ type: string;
417
+ description: string;
418
+ };
419
+ };
420
+ };
421
+ };
422
+ };
423
+ };
424
+ };
425
+ };
426
+ };
427
+ }, {
428
+ success: boolean;
429
+ }>;
430
+ forgetPasswordEmailOTP: better_call.StrictEndpoint<"/forget-password/email-otp", {
431
+ method: "POST";
432
+ body: zod.ZodObject<{
433
+ email: zod.ZodString;
434
+ }, zod_v4_core.$strip>;
435
+ metadata: {
436
+ openapi: {
437
+ operationId: string;
438
+ description: string;
439
+ responses: {
440
+ 200: {
441
+ description: string;
442
+ content: {
443
+ "application/json": {
444
+ schema: {
445
+ type: "object";
446
+ properties: {
447
+ success: {
448
+ type: string;
449
+ description: string;
450
+ };
451
+ };
452
+ };
453
+ };
454
+ };
455
+ };
456
+ };
457
+ };
458
+ };
459
+ }, {
460
+ success: boolean;
461
+ }>;
462
+ resetPasswordEmailOTP: better_call.StrictEndpoint<"/email-otp/reset-password", {
463
+ method: "POST";
464
+ body: zod.ZodObject<{
465
+ email: zod.ZodString;
466
+ otp: zod.ZodString;
467
+ password: zod.ZodString;
468
+ }, zod_v4_core.$strip>;
469
+ metadata: {
470
+ openapi: {
471
+ operationId: string;
472
+ description: string;
473
+ responses: {
474
+ 200: {
475
+ description: string;
476
+ content: {
477
+ "application/json": {
478
+ schema: {
479
+ type: "object";
480
+ properties: {
481
+ success: {
482
+ type: string;
483
+ };
484
+ };
485
+ };
486
+ };
487
+ };
488
+ };
489
+ };
490
+ };
491
+ };
492
+ }, {
493
+ success: boolean;
494
+ }>;
495
+ requestEmailChangeEmailOTP: better_call.StrictEndpoint<"/email-otp/request-email-change", {
496
+ method: "POST";
497
+ body: zod.ZodObject<{
498
+ newEmail: zod.ZodString;
499
+ otp: zod.ZodOptional<zod.ZodString>;
500
+ }, zod_v4_core.$strip>;
501
+ use: ((inputContext: better_call.MiddlewareInputContext<better_call.MiddlewareOptions>) => Promise<{
502
+ session: {
503
+ session: Record<string, any> & {
504
+ id: string;
505
+ createdAt: Date;
506
+ updatedAt: Date;
507
+ userId: string;
508
+ expiresAt: Date;
509
+ token: string;
510
+ ipAddress?: string | null | undefined;
511
+ userAgent?: string | null | undefined;
512
+ };
513
+ user: Record<string, any> & {
514
+ id: string;
515
+ createdAt: Date;
516
+ updatedAt: Date;
517
+ email: string;
518
+ emailVerified: boolean;
519
+ name: string;
520
+ image?: string | null | undefined;
521
+ };
522
+ };
523
+ }>)[];
524
+ metadata: {
525
+ openapi: {
526
+ operationId: string;
527
+ description: string;
528
+ responses: {
529
+ 200: {
530
+ description: string;
531
+ content: {
532
+ "application/json": {
533
+ schema: {
534
+ type: "object";
535
+ properties: {
536
+ success: {
537
+ type: string;
538
+ };
539
+ };
540
+ };
541
+ };
542
+ };
543
+ };
544
+ };
545
+ };
546
+ };
547
+ }, {
548
+ success: boolean;
549
+ }>;
550
+ changeEmailEmailOTP: better_call.StrictEndpoint<"/email-otp/change-email", {
551
+ method: "POST";
552
+ body: zod.ZodObject<{
553
+ newEmail: zod.ZodString;
554
+ otp: zod.ZodString;
555
+ }, zod_v4_core.$strip>;
556
+ use: ((inputContext: better_call.MiddlewareInputContext<better_call.MiddlewareOptions>) => Promise<{
557
+ session: {
558
+ session: Record<string, any> & {
559
+ id: string;
560
+ createdAt: Date;
561
+ updatedAt: Date;
562
+ userId: string;
563
+ expiresAt: Date;
564
+ token: string;
565
+ ipAddress?: string | null | undefined;
566
+ userAgent?: string | null | undefined;
567
+ };
568
+ user: Record<string, any> & {
569
+ id: string;
570
+ createdAt: Date;
571
+ updatedAt: Date;
572
+ email: string;
573
+ emailVerified: boolean;
574
+ name: string;
575
+ image?: string | null | undefined;
576
+ };
577
+ };
578
+ }>)[];
579
+ metadata: {
580
+ openapi: {
581
+ operationId: string;
582
+ description: string;
583
+ responses: {
584
+ 200: {
585
+ description: string;
586
+ content: {
587
+ "application/json": {
588
+ schema: {
589
+ type: "object";
590
+ properties: {
591
+ success: {
592
+ type: string;
593
+ };
594
+ };
595
+ };
596
+ };
597
+ };
598
+ };
599
+ };
600
+ };
601
+ };
602
+ }, {
603
+ success: boolean;
604
+ }>;
605
+ };
606
+ hooks: {
607
+ after: {
608
+ matcher(context: better_auth.HookEndpointContext): boolean;
609
+ handler: (inputContext: better_call.MiddlewareInputContext<better_call.MiddlewareOptions>) => Promise<void>;
610
+ }[];
611
+ };
612
+ rateLimit: ({
613
+ pathMatcher(path: string): path is "/email-otp/send-verification-otp";
614
+ window: number;
615
+ max: number;
616
+ } | {
617
+ pathMatcher(path: string): path is "/email-otp/check-verification-otp";
618
+ window: number;
619
+ max: number;
620
+ } | {
621
+ pathMatcher(path: string): path is "/email-otp/verify-email";
622
+ window: number;
623
+ max: number;
624
+ } | {
625
+ pathMatcher(path: string): path is "/sign-in/email-otp";
626
+ window: number;
627
+ max: number;
628
+ } | {
629
+ pathMatcher(path: string): path is "/email-otp/request-password-reset";
630
+ window: number;
631
+ max: number;
632
+ } | {
633
+ pathMatcher(path: string): path is "/email-otp/reset-password";
634
+ window: number;
635
+ max: number;
636
+ } | {
637
+ pathMatcher(path: string): path is "/forget-password/email-otp";
638
+ window: number;
639
+ max: number;
640
+ } | {
641
+ pathMatcher(path: string): path is "/email-otp/request-email-change";
642
+ window: number;
643
+ max: number;
644
+ } | {
645
+ pathMatcher(path: string): path is "/email-otp/change-email";
646
+ window: number;
647
+ max: number;
648
+ })[];
649
+ options: better_auth_plugins_email_otp.EmailOTPOptions;
650
+ $ERROR_CODES: {
651
+ OTP_EXPIRED: better_auth.RawError<"OTP_EXPIRED">;
652
+ INVALID_OTP: better_auth.RawError<"INVALID_OTP">;
653
+ TOO_MANY_ATTEMPTS: better_auth.RawError<"TOO_MANY_ATTEMPTS">;
654
+ };
655
+ } | better_auth_client.DefaultOrganizationPlugin<{
656
+ schema: {
657
+ organization: {
658
+ modelName: string;
659
+ additionalFields: {
660
+ status: {
661
+ type: "string";
662
+ required: false;
663
+ defaultValue: string;
664
+ input: true;
665
+ };
666
+ domain: {
667
+ type: "string";
668
+ required: false;
669
+ input: true;
670
+ };
671
+ notes: {
672
+ type: "string";
673
+ required: false;
674
+ defaultValue: string;
675
+ input: true;
676
+ };
677
+ };
678
+ };
679
+ member: {
680
+ modelName: string;
681
+ fields: {
682
+ organizationId: string;
683
+ };
684
+ };
685
+ invitation: {
686
+ modelName: string;
687
+ fields: {
688
+ organizationId: string;
689
+ };
690
+ };
691
+ team: {
692
+ modelName: string;
693
+ fields: {
694
+ organizationId: string;
695
+ };
696
+ };
697
+ };
698
+ }>)[];
699
+ socialProviders: {
700
+ google?: {
701
+ clientId: string;
702
+ clientSecret: string;
703
+ } | undefined;
704
+ github?: {
705
+ clientId: string;
706
+ clientSecret: string;
707
+ } | undefined;
708
+ };
709
+ user: {
710
+ modelName: "auth_user";
711
+ fields: {
712
+ image: string;
713
+ };
714
+ additionalFields: {
715
+ role: {
716
+ type: "string";
717
+ required: false;
718
+ defaultValue: string;
719
+ input: false;
720
+ };
721
+ firstName: {
722
+ type: "string";
723
+ required: false;
724
+ defaultValue: string;
725
+ input: true;
726
+ };
727
+ lastName: {
728
+ type: "string";
729
+ required: false;
730
+ defaultValue: string;
731
+ input: true;
732
+ };
733
+ isSuperAdmin: {
734
+ type: "boolean";
735
+ required: false;
736
+ defaultValue: false;
737
+ input: false;
738
+ };
739
+ };
740
+ };
741
+ session: {
742
+ modelName: "auth_session";
743
+ expiresIn: number;
744
+ updateAge: number;
745
+ };
746
+ account: {
747
+ modelName: "auth_account";
748
+ };
749
+ verification: {
750
+ modelName: "auth_verification";
751
+ };
752
+ basePath: string;
753
+ emailAndPassword: {
754
+ enabled: true;
755
+ autoSignIn: true;
756
+ password: {
757
+ verify: ({ hash, password }: {
758
+ hash: string;
759
+ password: string;
760
+ }) => Promise<boolean>;
761
+ };
762
+ };
763
+ databaseHooks: {
764
+ user: {
765
+ create: {
766
+ before: (userData: Record<string, unknown>) => Promise<{
767
+ data: {
768
+ name: string;
769
+ firstName: string;
770
+ lastName: string;
771
+ role: string;
772
+ };
773
+ }>;
774
+ after: (user: {
775
+ id: string;
776
+ }) => Promise<void>;
777
+ };
778
+ };
779
+ };
780
+ secret: string | undefined;
781
+ baseURL: string | undefined;
782
+ appName: string;
783
+ };
784
+ type BetterAuthDefaultOptions = ReturnType<typeof getDefaultAuthOptions>;
785
+ type ExtendBetterAuth = (opts: BetterAuthDefaultOptions) => BetterAuthDefaultOptions;
786
+
787
+ /**
788
+ * SonicJS Plugin System Types
789
+ *
790
+ * Defines the core interfaces and types for the plugin system
791
+ */
792
+
793
+ interface Plugin {
794
+ /** Unique plugin identifier */
795
+ name: string;
796
+ /** Plugin version (semantic versioning) */
797
+ version: string;
798
+ /** Human-readable description */
799
+ description?: string;
800
+ /** Plugin author information */
801
+ author?: {
802
+ name: string;
803
+ email?: string;
804
+ url?: string;
805
+ };
806
+ /** Plugin dependencies (other plugins required) */
807
+ dependencies?: string[];
808
+ /** SonicJS version compatibility */
809
+ compatibility?: string;
810
+ /** Plugin license */
811
+ license?: string;
812
+ routes?: PluginRoutes[];
813
+ /**
814
+ * Optional imperative route registration, called synchronously at app
815
+ * construction time. Use this for routes that can't be expressed as a static
816
+ * `routes[]` entry (e.g. conditional mounting).
817
+ *
818
+ * MUST be synchronous: Hono's router locks after the first request, so all
819
+ * `app.route()` calls have to happen before any request is served. Returning
820
+ * a Promise throws `PluginRegisterMustBeSyncError`. Async, env-dependent work
821
+ * belongs in lifecycle hooks (`install`/`activate`), not here.
822
+ */
823
+ register?: (app: Hono) => void;
824
+ middleware?: PluginMiddleware[];
825
+ models?: PluginModel[];
826
+ services?: PluginService[];
827
+ adminPages?: PluginAdminPage[];
828
+ adminComponents?: PluginComponent[];
829
+ menuItems?: PluginMenuItem[];
830
+ hooks?: PluginHook[];
831
+ install?: (context: PluginContext) => Promise<void>;
832
+ uninstall?: (context: PluginContext) => Promise<void>;
833
+ activate?: (context: PluginContext) => Promise<void>;
834
+ deactivate?: (context: PluginContext) => Promise<void>;
835
+ configure?: (config: PluginConfig) => Promise<void>;
836
+ }
837
+ interface PluginContext {
838
+ /** Database instance */
839
+ db: D1Database;
840
+ /** Key-value storage */
841
+ kv: KVNamespace;
842
+ /** R2 storage bucket */
843
+ r2?: R2Bucket;
844
+ /** Plugin configuration */
845
+ config: PluginConfig;
846
+ /** Core SonicJS services */
847
+ services: {
848
+ auth: AuthService;
849
+ content: ContentService;
850
+ media: MediaService;
851
+ };
852
+ /** Hook system for inter-plugin communication */
853
+ hooks: HookSystem | ScopedHookSystem;
854
+ /** Logging utilities */
855
+ logger: PluginLogger;
856
+ }
857
+ interface PluginConfig {
858
+ /** Plugin-specific configuration */
859
+ [key: string]: any;
860
+ /** Whether plugin is enabled */
861
+ enabled: boolean;
862
+ /** Plugin installation timestamp */
863
+ installedAt?: number;
864
+ /** Plugin last update timestamp */
865
+ updatedAt?: number;
866
+ }
867
+ interface PluginRoutes {
868
+ /** Route path prefix */
869
+ path: string;
870
+ /** Hono route handler */
871
+ handler: Hono;
872
+ /** Route description */
873
+ description?: string;
874
+ /** Whether route requires authentication */
875
+ requiresAuth?: boolean;
876
+ /** Required roles for access */
877
+ roles?: string[];
878
+ /** Route priority (for ordering) */
879
+ priority?: number;
880
+ }
881
+ interface PluginMiddleware {
882
+ /** Middleware name */
883
+ name: string;
884
+ /** Middleware handler function */
885
+ handler: MiddlewareHandler;
886
+ /** Middleware description */
887
+ description?: string;
888
+ /** Middleware priority (lower = earlier) */
889
+ priority?: number;
890
+ /** Routes to apply middleware to */
891
+ routes?: string[];
892
+ /** Whether to apply globally */
893
+ global?: boolean;
894
+ }
895
+ interface PluginModel {
896
+ /** Model name */
897
+ name: string;
898
+ /** Database table name */
899
+ tableName: string;
900
+ /** Zod schema for validation */
901
+ schema: z.ZodSchema;
902
+ /** Database migrations */
903
+ migrations: string[];
904
+ /** Model relationships */
905
+ relationships?: ModelRelationship[];
906
+ /** Whether model extends core content */
907
+ extendsContent?: boolean;
908
+ }
909
+ interface ModelRelationship {
910
+ type: 'oneToOne' | 'oneToMany' | 'manyToMany';
911
+ target: string;
912
+ foreignKey?: string;
913
+ joinTable?: string;
914
+ }
915
+ interface PluginService {
916
+ /** Service name */
917
+ name: string;
918
+ /** Service implementation */
919
+ implementation: any;
920
+ /** Service description */
921
+ description?: string;
922
+ /** Service dependencies */
923
+ dependencies?: string[];
924
+ /** Whether service is singleton */
925
+ singleton?: boolean;
926
+ }
927
+ interface PluginAdminPage {
928
+ /** Page path (relative to /admin) */
929
+ path: string;
930
+ /** Page title */
931
+ title: string;
932
+ /** Page component/template */
933
+ component: string;
934
+ /** Page description */
935
+ description?: string;
936
+ /** Required permissions */
937
+ permissions?: string[];
938
+ /** Menu item configuration */
939
+ menuItem?: PluginMenuItem;
940
+ /** Page icon */
941
+ icon?: string;
942
+ }
943
+ interface PluginComponent {
944
+ /** Component name */
945
+ name: string;
946
+ /** Component template function */
947
+ template: (props: any) => string;
948
+ /** Component description */
949
+ description?: string;
950
+ /** Component props schema */
951
+ propsSchema?: z.ZodSchema;
952
+ }
953
+ interface PluginMenuItem {
954
+ /** Menu item label */
955
+ label: string;
956
+ /** Menu item path */
957
+ path: string;
958
+ /** Menu item icon */
959
+ icon?: string;
960
+ /** Menu item order */
961
+ order?: number;
962
+ /** Parent menu item */
963
+ parent?: string;
964
+ /** Required permissions */
965
+ permissions?: string[];
966
+ /** Whether item is active */
967
+ active?: boolean;
968
+ }
969
+ interface PluginHook {
970
+ /** Hook name */
971
+ name: string;
972
+ /** Hook handler function */
973
+ handler: HookHandler;
974
+ /** Hook priority */
975
+ priority?: number;
976
+ /** Hook description */
977
+ description?: string;
978
+ }
979
+ type HookHandler = (data: any, context: HookContext) => Promise<any>;
980
+ interface HookContext {
981
+ /** Plugin that registered the hook */
982
+ plugin: string;
983
+ /** Hook execution context */
984
+ context: PluginContext;
985
+ /** Cancel hook execution */
986
+ cancel?: () => void;
987
+ }
988
+ interface HookSystem {
989
+ /** Register a hook handler */
990
+ register(hookName: string, handler: HookHandler, priority?: number): void;
991
+ /** Execute all handlers for a hook */
992
+ execute(hookName: string, data: any, context?: any): Promise<any>;
993
+ /** Remove a hook handler */
994
+ unregister(hookName: string, handler: HookHandler): void;
995
+ /** Get all registered hooks */
996
+ getHooks(hookName: string): PluginHook[];
997
+ /** Create a scoped hook system (optional) */
998
+ createScope?(pluginName: string): ScopedHookSystem;
999
+ }
1000
+ interface ScopedHookSystem {
1001
+ /** Register a hook handler */
1002
+ register(hookName: string, handler: HookHandler, priority?: number): void;
1003
+ /** Execute all handlers for a hook */
1004
+ execute(hookName: string, data: any, context?: any): Promise<any>;
1005
+ /** Remove a hook handler */
1006
+ unregister(hookName: string, handler: HookHandler): void;
1007
+ /** Remove all hooks for this scope */
1008
+ unregisterAll(): void;
1009
+ }
1010
+ interface AuthService {
1011
+ /** Generate JWT token for a user */
1012
+ generateToken(userId: string, email: string, role: string): Promise<string>;
1013
+ /** Verify and decode JWT token */
1014
+ verifyToken(token: string): Promise<any>;
1015
+ /** Set authentication cookie (useful for alternative auth methods) */
1016
+ setAuthCookie(context: Context, token: string, options?: {
1017
+ maxAge?: number;
1018
+ secure?: boolean;
1019
+ httpOnly?: boolean;
1020
+ sameSite?: 'Strict' | 'Lax' | 'None';
1021
+ }): void;
1022
+ /** Hash password */
1023
+ hashPassword(password: string): Promise<string>;
1024
+ /** Verify password against hash */
1025
+ verifyPassword(password: string, hash: string): Promise<boolean>;
1026
+ }
1027
+ interface AuthService {
1028
+ /** Verify user permissions */
1029
+ hasPermission(userId: string, permission: string): Promise<boolean>;
1030
+ /** Get current user */
1031
+ getCurrentUser(context: Context): Promise<any>;
1032
+ /** Create authentication middleware */
1033
+ createMiddleware(options?: any): MiddlewareHandler;
1034
+ }
1035
+ interface ContentService {
1036
+ /** Get content by ID */
1037
+ getById(id: string): Promise<any>;
1038
+ /** Create new content */
1039
+ create(data: any): Promise<any>;
1040
+ /** Update content */
1041
+ update(id: string, data: any): Promise<any>;
1042
+ /** Delete content */
1043
+ delete(id: string): Promise<void>;
1044
+ /** Search content */
1045
+ search(query: string, options?: any): Promise<any[]>;
1046
+ }
1047
+ interface MediaService {
1048
+ /** Upload file */
1049
+ upload(file: File, options?: any): Promise<any>;
1050
+ /** Get media by ID */
1051
+ getById(id: string): Promise<any>;
1052
+ /** Delete media */
1053
+ delete(id: string): Promise<void>;
1054
+ /** Transform image */
1055
+ transform(id: string, options: any): Promise<string>;
1056
+ }
1057
+ interface PluginLogger {
1058
+ debug(message: string, data?: any): void;
1059
+ info(message: string, data?: any): void;
1060
+ warn(message: string, data?: any): void;
1061
+ error(message: string, error?: Error, data?: any): void;
1062
+ }
1063
+
1064
+ /**
1065
+ * Email provider resolution
1066
+ *
1067
+ * Decides which transport an app uses, in precedence order:
1068
+ *
1069
+ * 1. an explicit `provider` instance (dev brought their own — wins outright)
1070
+ * 2. an explicit `providerName` built-in, credentialed from env
1071
+ * 3. env auto-detect: RESEND_API_KEY → Resend, else SENDGRID_API_KEY → SendGrid
1072
+ * 4. the Console provider (zero-config dev/CI fallback)
1073
+ *
1074
+ * If a chosen provider turns out to be unconfigured (e.g. `providerName: 'resend'`
1075
+ * with no key), it falls back to Console with a warning rather than failing sends
1076
+ * silently — so a missing key degrades to "logged, not delivered", never to a
1077
+ * security leak (a reset flow returning its own token because mail didn't send).
1078
+ */
1079
+
1080
+ type BuiltInProviderName = 'resend' | 'sendgrid' | 'console';
1081
+
1082
+ interface Bindings {
1083
+ DB: D1Database;
1084
+ CACHE_KV: KVNamespace;
1085
+ MEDIA_BUCKET: R2Bucket;
1086
+ ASSETS: Fetcher;
1087
+ EMAIL_QUEUE?: Queue;
1088
+ SENDGRID_API_KEY?: string;
1089
+ DEFAULT_FROM_EMAIL?: string;
1090
+ IMAGES_ACCOUNT_ID?: string;
1091
+ IMAGES_API_TOKEN?: string;
1092
+ ENVIRONMENT?: string;
1093
+ CORS_ORIGINS?: string;
1094
+ JWT_SECRET?: string;
1095
+ JWT_EXPIRES_IN?: string;
1096
+ JWT_REFRESH_GRACE_SECONDS?: string;
1097
+ BUCKET_NAME?: string;
1098
+ GOOGLE_MAPS_API_KEY?: string;
1099
+ BETTER_AUTH_SECRET?: string;
1100
+ BETTER_AUTH_URL?: string;
1101
+ GITHUB_CLIENT_ID?: string;
1102
+ GITHUB_CLIENT_SECRET?: string;
1103
+ GOOGLE_CLIENT_ID?: string;
1104
+ GOOGLE_CLIENT_SECRET?: string;
1105
+ }
1106
+ interface Variables {
1107
+ user?: {
1108
+ userId: string;
1109
+ email: string;
1110
+ role: string;
1111
+ isSuperAdmin?: boolean;
1112
+ exp: number;
1113
+ iat: number;
1114
+ };
1115
+ session?: {
1116
+ id: string;
1117
+ userId: string;
1118
+ token: string;
1119
+ expiresAt: number;
1120
+ createdAt: number;
1121
+ updatedAt: number;
1122
+ };
1123
+ rbacPerms?: string[];
1124
+ requestId?: string;
1125
+ startTime?: number;
1126
+ appVersion?: string;
1127
+ csrfToken?: string;
1128
+ pluginMenuItems?: Array<{
1129
+ label: string;
1130
+ path: string;
1131
+ icon: string;
1132
+ }>;
1133
+ /**
1134
+ * The plugin hook system attached to the request. Set by bootstrapMiddleware
1135
+ * BEFORE any heavy bootstrap work runs, so anything that emits a hook during
1136
+ * bootstrap (cron cold starts, RBAC seed, document-type registration) sees a
1137
+ * live bus instead of a no-op.
1138
+ */
1139
+ hookSystem?: HookSystemLike;
1140
+ /** Tenant slug resolved per request by tenantMiddleware ('default' when single-tenant). */
1141
+ tenantId?: string;
1142
+ /** The authed user's role IN the resolved tenant (per-tenant RBAC); global role for 'default'. */
1143
+ tenantRole?: string;
1144
+ }
1145
+ interface SonicJSConfig {
1146
+ collections?: {
1147
+ directory?: string;
1148
+ autoSync?: boolean;
1149
+ };
1150
+ plugins?: {
1151
+ /**
1152
+ * @deprecated No-op. Cloudflare Workers has no runtime filesystem, so a
1153
+ * plugin directory cannot be scanned at runtime. Pass plugins explicitly via
1154
+ * `register` instead.
1155
+ */
1156
+ directory?: string;
1157
+ /**
1158
+ * @deprecated No-op. Filesystem autoload is not supported on Workers. Pass
1159
+ * plugins explicitly via `register` instead.
1160
+ */
1161
+ autoLoad?: boolean;
1162
+ /**
1163
+ * User-supplied plugins to mount. Each plugin's declarative `routes[]` and/or
1164
+ * synchronous `register(app)` hook is mounted into the app, before the
1165
+ * `/admin` catch-all so plugin admin pages are not shadowed.
1166
+ *
1167
+ * @example
1168
+ * createSonicJSApp({ plugins: { register: [contactFormPlugin] } })
1169
+ */
1170
+ register?: Plugin[];
1171
+ /**
1172
+ * Disable ALL plugins — core AND user. When true, no plugin routes are
1173
+ * mounted and plugin bootstrap (DB seeding) is skipped. Use this to run a
1174
+ * bare core app.
1175
+ */
1176
+ disableAll?: boolean;
1177
+ };
1178
+ /**
1179
+ * Email configuration. Controls the app-wide EmailService that backs password
1180
+ * reset, magic-link, OTP, and any plugin that declares `email:send`.
1181
+ *
1182
+ * Bring your own provider, name a built-in, or let env auto-detect:
1183
+ * - `provider`: a custom `EmailProvider` instance (highest precedence).
1184
+ * - `providerName`: `'resend' | 'sendgrid' | 'console'`, credentialed from env.
1185
+ * - neither: auto-detect from env (RESEND_API_KEY, then SENDGRID_API_KEY),
1186
+ * falling back to the console provider (logs instead of delivering).
1187
+ */
1188
+ email?: {
1189
+ provider?: EmailProvider;
1190
+ providerName?: BuiltInProviderName;
1191
+ /** Default from-address. Falls back to env DEFAULT_FROM_EMAIL, then a placeholder. */
1192
+ from?: string;
1193
+ };
1194
+ routes?: Array<{
1195
+ path: string;
1196
+ handler: Hono;
1197
+ }>;
1198
+ middleware?: {
1199
+ beforeAuth?: Array<(c: Context, next: () => Promise<void>) => Promise<void>>;
1200
+ afterAuth?: Array<(c: Context, next: () => Promise<void>) => Promise<void>>;
1201
+ };
1202
+ auth?: {
1203
+ extendBetterAuth?: ExtendBetterAuth;
1204
+ };
1205
+ version?: string;
1206
+ name?: string;
1207
+ }
1208
+ /**
1209
+ * A function that boots the plugin infrastructure from env bindings.
1210
+ *
1211
+ * Runs email init + plugin wiring, both promise-memoized so calling it multiple
1212
+ * times per isolate is a no-op. Pass it to `createScheduledHandler` as the
1213
+ * `boot` option so cron-first cold isolates wire up before dispatching.
1214
+ */
1215
+ type BootIsolateFn = (env: Record<string, unknown>) => Promise<void>;
1216
+ /**
1217
+ * The app returned by {@link createSonicJSApp}. Extends the Hono app with a
1218
+ * `boot` function that wires plugins from env bindings, suitable for use in a
1219
+ * Worker `scheduled()` handler.
1220
+ */
1221
+ type SonicJSApp = Hono<{
1222
+ Bindings: Bindings;
1223
+ Variables: Variables;
1224
+ }> & {
1225
+ /** Boot the plugin infrastructure from Cloudflare env bindings (once-guarded). */
1226
+ readonly boot: BootIsolateFn;
1227
+ };
1228
+ /**
1229
+ * Create a SonicJS application with core functionality
1230
+ *
1231
+ * @param config - Application configuration
1232
+ * @returns Configured Hono application
1233
+ *
1234
+ * @example
1235
+ * ```typescript
1236
+ * import { createSonicJSApp } from '@sonicjs-cms/core'
1237
+ *
1238
+ * const app = createSonicJSApp({
1239
+ * collections: {
1240
+ * directory: './src/collections',
1241
+ * autoSync: true
1242
+ * },
1243
+ * plugins: {
1244
+ * directory: './src/plugins',
1245
+ * autoLoad: true
1246
+ * }
1247
+ * })
1248
+ *
1249
+ * export default app
1250
+ * ```
1251
+ */
1252
+ declare function createSonicJSApp(config?: SonicJSConfig): SonicJSApp;
1253
+ /**
1254
+ * Setup core middleware (backward compatibility)
1255
+ *
1256
+ * @param _app - Hono application
1257
+ * @deprecated Use createSonicJSApp() instead
1258
+ */
1259
+ declare function setupCoreMiddleware(_app: SonicJSApp): void;
1260
+ /**
1261
+ * Setup core routes (backward compatibility)
1262
+ *
1263
+ * @param _app - Hono application
1264
+ * @deprecated Use createSonicJSApp() instead
1265
+ */
1266
+ declare function setupCoreRoutes(_app: SonicJSApp): void;
1267
+
1268
+ export { type Bindings as B, type SonicJSConfig as S, type Variables as V, type BootIsolateFn as a, type SonicJSApp as b, createSonicJSApp as c, setupCoreRoutes as d, setupCoreMiddleware as s };