@sonicjs-cms/core 2.3.14 → 2.3.15

package/dist/{chunk-D4PJFFOV.cjs → chunk-5OLN5JO3.cjs}

@@ -1,11 +1,11 @@
 'use strict';
 
 var chunk7FOAMNTI_cjs = require('./chunk-7FOAMNTI.cjs');
-var chunkXWPGIFS7_cjs = require('./chunk-XWPGIFS7.cjs');
+var chunkQG3YQKL4_cjs = require('./chunk-QG3YQKL4.cjs');
 var chunkILZ3DP4I_cjs = require('./chunk-ILZ3DP4I.cjs');
-var chunkETS5XSAG_cjs = require('./chunk-ETS5XSAG.cjs');
+var chunk63LV4YVI_cjs = require('./chunk-63LV4YVI.cjs');
 var chunkAZLU3ROK_cjs = require('./chunk-AZLU3ROK.cjs');
-var chunkSZE3XVET_cjs = require('./chunk-SZE3XVET.cjs');
+var chunkH2X4BFCW_cjs = require('./chunk-H2X4BFCW.cjs');
 var chunkRCQ2HIQD_cjs = require('./chunk-RCQ2HIQD.cjs');
 var hono = require('hono');
 var cors = require('hono/cors');
@@ -44,7 +44,7 @@ apiContentCrudRoutes.get("/:id", async (c) => {
     }, 500);
   }
 });
-apiContentCrudRoutes.post("/", chunkXWPGIFS7_cjs.requireAuth(), async (c) => {
+apiContentCrudRoutes.post("/", chunkQG3YQKL4_cjs.requireAuth(), async (c) => {
   try {
     const db = c.env.DB;
     const user = c.get("user");
@@ -110,7 +110,7 @@ apiContentCrudRoutes.post("/", chunkXWPGIFS7_cjs.requireAuth(), async (c) => {
     }, 500);
   }
 });
-apiContentCrudRoutes.put("/:id", chunkXWPGIFS7_cjs.requireAuth(), async (c) => {
+apiContentCrudRoutes.put("/:id", chunkQG3YQKL4_cjs.requireAuth(), async (c) => {
   try {
     const id = c.req.param("id");
     const db = c.env.DB;
@@ -174,7 +174,7 @@ apiContentCrudRoutes.put("/:id", chunkXWPGIFS7_cjs.requireAuth(), async (c) => {
     }, 500);
   }
 });
-apiContentCrudRoutes.delete("/:id", chunkXWPGIFS7_cjs.requireAuth(), async (c) => {
+apiContentCrudRoutes.delete("/:id", chunkQG3YQKL4_cjs.requireAuth(), async (c) => {
   try {
     const id = c.req.param("id");
     const db = c.env.DB;
@@ -210,7 +210,7 @@ apiRoutes.use("*", async (c, next) => {
   c.header("X-Response-Time", `${totalTime}ms`);
 });
 apiRoutes.use("*", async (c, next) => {
-  const cacheEnabled = await chunkXWPGIFS7_cjs.isPluginActive(c.env.DB, "core-cache");
+  const cacheEnabled = await chunkQG3YQKL4_cjs.isPluginActive(c.env.DB, "core-cache");
   c.set("cacheEnabled", cacheEnabled);
   await next();
 });
@@ -335,12 +335,12 @@ apiRoutes.get("/content", async (c) => {
         });
       }
     }
-    const filter = chunkSZE3XVET_cjs.QueryFilterBuilder.parseFromQuery(queryParams);
+    const filter = chunkH2X4BFCW_cjs.QueryFilterBuilder.parseFromQuery(queryParams);
     if (!filter.limit) {
       filter.limit = 50;
     }
     filter.limit = Math.min(filter.limit, 1e3);
-    const builder3 = new chunkSZE3XVET_cjs.QueryFilterBuilder();
+    const builder3 = new chunkH2X4BFCW_cjs.QueryFilterBuilder();
     const queryResult = builder3.build("content", filter);
     if (queryResult.errors.length > 0) {
       return c.json({
@@ -427,7 +427,7 @@ apiRoutes.get("/collections/:collection/content", async (c) => {
     if (!collectionResult) {
       return c.json({ error: "Collection not found" }, 404);
     }
-    const filter = chunkSZE3XVET_cjs.QueryFilterBuilder.parseFromQuery(queryParams);
+    const filter = chunkH2X4BFCW_cjs.QueryFilterBuilder.parseFromQuery(queryParams);
     if (!filter.where) {
       filter.where = { and: [] };
     }
@@ -443,7 +443,7 @@ apiRoutes.get("/collections/:collection/content", async (c) => {
       filter.limit = 50;
     }
     filter.limit = Math.min(filter.limit, 1e3);
-    const builder3 = new chunkSZE3XVET_cjs.QueryFilterBuilder();
+    const builder3 = new chunkH2X4BFCW_cjs.QueryFilterBuilder();
     const queryResult = builder3.build("content", filter);
     if (queryResult.errors.length > 0) {
       return c.json({
@@ -568,7 +568,7 @@ var fileValidationSchema = zod.z.object({
   // 50MB max
 });
 var apiMediaRoutes = new hono.Hono();
-apiMediaRoutes.use("*", chunkXWPGIFS7_cjs.requireAuth());
+apiMediaRoutes.use("*", chunkQG3YQKL4_cjs.requireAuth());
 apiMediaRoutes.post("/upload", async (c) => {
   try {
     const user = c.get("user");
@@ -1312,8 +1312,8 @@ apiSystemRoutes.get("/env", (c) => {
 });
 var api_system_default = apiSystemRoutes;
 var adminApiRoutes = new hono.Hono();
-adminApiRoutes.use("*", chunkXWPGIFS7_cjs.requireAuth());
-adminApiRoutes.use("*", chunkXWPGIFS7_cjs.requireRole(["admin", "editor"]));
+adminApiRoutes.use("*", chunkQG3YQKL4_cjs.requireAuth());
+adminApiRoutes.use("*", chunkQG3YQKL4_cjs.requireRole(["admin", "editor"]));
 adminApiRoutes.get("/stats", async (c) => {
   try {
     const db = c.env.DB;
@@ -1722,7 +1722,7 @@ adminApiRoutes.delete("/collections/:id", async (c) => {
 });
 adminApiRoutes.get("/migrations/status", async (c) => {
   try {
-    const { MigrationService: MigrationService2 } = await import('./migrations-3A53GREK.cjs');
+    const { MigrationService: MigrationService2 } = await import('./migrations-VN5VTX3C.cjs');
     const db = c.env.DB;
     const migrationService = new MigrationService2(db);
     const status = await migrationService.getMigrationStatus();
@@ -1747,7 +1747,7 @@ adminApiRoutes.post("/migrations/run", async (c) => {
         error: "Unauthorized. Admin access required."
       }, 403);
     }
-    const { MigrationService: MigrationService2 } = await import('./migrations-3A53GREK.cjs');
+    const { MigrationService: MigrationService2 } = await import('./migrations-VN5VTX3C.cjs');
     const db = c.env.DB;
     const migrationService = new MigrationService2(db);
     const result = await migrationService.runPendingMigrations();
@@ -1766,7 +1766,7 @@ adminApiRoutes.post("/migrations/run", async (c) => {
 });
 adminApiRoutes.get("/migrations/validate", async (c) => {
   try {
-    const { MigrationService: MigrationService2 } = await import('./migrations-3A53GREK.cjs');
+    const { MigrationService: MigrationService2 } = await import('./migrations-VN5VTX3C.cjs');
     const db = c.env.DB;
     const migrationService = new MigrationService2(db);
     const validation = await migrationService.validateSchema();
@@ -2248,7 +2248,7 @@ authRoutes.post(
       if (existingUser) {
         return c.json({ error: "User with this email or username already exists" }, 400);
       }
-      const passwordHash = await chunkXWPGIFS7_cjs.AuthManager.hashPassword(password);
+      const passwordHash = await chunkQG3YQKL4_cjs.AuthManager.hashPassword(password);
       const userId = crypto.randomUUID();
       const now = /* @__PURE__ */ new Date();
       await db.prepare(`
@@ -2268,7 +2268,7 @@ authRoutes.post(
         now.getTime(),
         now.getTime()
       ).run();
-      const token = await chunkXWPGIFS7_cjs.AuthManager.generateToken(userId, normalizedEmail, "viewer");
+      const token = await chunkQG3YQKL4_cjs.AuthManager.generateToken(userId, normalizedEmail, "viewer");
       cookie.setCookie(c, "auth_token", token, {
         httpOnly: true,
         secure: true,
@@ -2321,11 +2321,11 @@ authRoutes.post("/login", async (c) => {
     if (!user) {
       return c.json({ error: "Invalid email or password" }, 401);
     }
-    const isValidPassword = await chunkXWPGIFS7_cjs.AuthManager.verifyPassword(password, user.password_hash);
+    const isValidPassword = await chunkQG3YQKL4_cjs.AuthManager.verifyPassword(password, user.password_hash);
     if (!isValidPassword) {
       return c.json({ error: "Invalid email or password" }, 401);
     }
-    const token = await chunkXWPGIFS7_cjs.AuthManager.generateToken(user.id, user.email, user.role);
+    const token = await chunkQG3YQKL4_cjs.AuthManager.generateToken(user.id, user.email, user.role);
     cookie.setCookie(c, "auth_token", token, {
       httpOnly: true,
       secure: true,
@@ -2374,7 +2374,7 @@ authRoutes.get("/logout", (c) => {
   });
   return c.redirect("/auth/login?message=You have been logged out successfully");
 });
-authRoutes.get("/me", chunkXWPGIFS7_cjs.requireAuth(), async (c) => {
+authRoutes.get("/me", chunkQG3YQKL4_cjs.requireAuth(), async (c) => {
   try {
     const user = c.get("user");
     if (!user) {
@@ -2391,13 +2391,13 @@ authRoutes.get("/me", chunkXWPGIFS7_cjs.requireAuth(), async (c) => {
     return c.json({ error: "Failed to get user" }, 500);
   }
 });
-authRoutes.post("/refresh", chunkXWPGIFS7_cjs.requireAuth(), async (c) => {
+authRoutes.post("/refresh", chunkQG3YQKL4_cjs.requireAuth(), async (c) => {
   try {
     const user = c.get("user");
     if (!user) {
       return c.json({ error: "Not authenticated" }, 401);
     }
-    const token = await chunkXWPGIFS7_cjs.AuthManager.generateToken(user.userId, user.email, user.role);
+    const token = await chunkQG3YQKL4_cjs.AuthManager.generateToken(user.userId, user.email, user.role);
     cookie.setCookie(c, "auth_token", token, {
       httpOnly: true,
       secure: true,
@@ -2457,7 +2457,7 @@ authRoutes.post("/register/form", async (c) => {
         </div>
       `);
     }
-    const passwordHash = await chunkXWPGIFS7_cjs.AuthManager.hashPassword(password);
+    const passwordHash = await chunkQG3YQKL4_cjs.AuthManager.hashPassword(password);
     const role = isFirstUser ? "admin" : "viewer";
     const userId = crypto.randomUUID();
     const now = /* @__PURE__ */ new Date();
@@ -2477,7 +2477,7 @@ authRoutes.post("/register/form", async (c) => {
       now.getTime(),
       now.getTime()
     ).run();
-    const token = await chunkXWPGIFS7_cjs.AuthManager.generateToken(userId, normalizedEmail, role);
+    const token = await chunkQG3YQKL4_cjs.AuthManager.generateToken(userId, normalizedEmail, role);
     cookie.setCookie(c, "auth_token", token, {
       httpOnly: true,
       secure: false,
@@ -2529,7 +2529,7 @@ authRoutes.post("/login/form", async (c) => {
         </div>
       `);
     }
-    const isValidPassword = await chunkXWPGIFS7_cjs.AuthManager.verifyPassword(password, user.password_hash);
+    const isValidPassword = await chunkQG3YQKL4_cjs.AuthManager.verifyPassword(password, user.password_hash);
     if (!isValidPassword) {
       return c.html(html.html`
         <div class="bg-red-100 border border-red-400 text-red-700 px-4 py-3 rounded">
@@ -2537,7 +2537,7 @@ authRoutes.post("/login/form", async (c) => {
         </div>
       `);
     }
-    const token = await chunkXWPGIFS7_cjs.AuthManager.generateToken(user.id, user.email, user.role);
+    const token = await chunkQG3YQKL4_cjs.AuthManager.generateToken(user.id, user.email, user.role);
     cookie.setCookie(c, "auth_token", token, {
       httpOnly: true,
       secure: false,
@@ -2596,7 +2596,7 @@ authRoutes.post("/seed-admin", async (c) => {
     `).run();
     const existingAdmin = await db.prepare("SELECT id FROM users WHERE email = ? OR username = ?").bind("admin@sonicjs.com", "admin").first();
     if (existingAdmin) {
-      const passwordHash2 = await chunkXWPGIFS7_cjs.AuthManager.hashPassword("sonicjs!");
+      const passwordHash2 = await chunkQG3YQKL4_cjs.AuthManager.hashPassword("sonicjs!");
       await db.prepare("UPDATE users SET password_hash = ?, updated_at = ? WHERE id = ?").bind(passwordHash2, Date.now(), existingAdmin.id).run();
       return c.json({
         message: "Admin user already exists (password updated)",
@@ -2608,7 +2608,7 @@ authRoutes.post("/seed-admin", async (c) => {
         }
       });
     }
-    const passwordHash = await chunkXWPGIFS7_cjs.AuthManager.hashPassword("sonicjs!");
+    const passwordHash = await chunkQG3YQKL4_cjs.AuthManager.hashPassword("sonicjs!");
     const userId = "admin-user-id";
     const now = Date.now();
     const adminEmail = "admin@sonicjs.com".toLowerCase();
@@ -2828,7 +2828,7 @@ authRoutes.post("/accept-invitation", async (c) => {
     if (existingUsername) {
       return c.json({ error: "Username is already taken" }, 400);
     }
-    const passwordHash = await chunkXWPGIFS7_cjs.AuthManager.hashPassword(password);
+    const passwordHash = await chunkQG3YQKL4_cjs.AuthManager.hashPassword(password);
     const updateStmt = db.prepare(`
       UPDATE users SET 
         username = ?,
@@ -2847,7 +2847,7 @@ authRoutes.post("/accept-invitation", async (c) => {
       Date.now(),
       invitedUser.id
     ).run();
-    const authToken = await chunkXWPGIFS7_cjs.AuthManager.generateToken(invitedUser.id, invitedUser.email, invitedUser.role);
+    const authToken = await chunkQG3YQKL4_cjs.AuthManager.generateToken(invitedUser.id, invitedUser.email, invitedUser.role);
     cookie.setCookie(c, "auth_token", authToken, {
       httpOnly: true,
       secure: true,
@@ -3077,7 +3077,7 @@ authRoutes.post("/reset-password", async (c) => {
     if (Date.now() > user.password_reset_expires) {
       return c.json({ error: "Reset token has expired" }, 400);
     }
-    const newPasswordHash = await chunkXWPGIFS7_cjs.AuthManager.hashPassword(password);
+    const newPasswordHash = await chunkQG3YQKL4_cjs.AuthManager.hashPassword(password);
     try {
       const historyStmt = db.prepare(`
         INSERT INTO password_history (id, user_id, password_hash, created_at)
@@ -5979,7 +5979,7 @@ async function isPluginActive2(db, pluginId) {
 
 // src/routes/admin-content.ts
 var adminContentRoutes = new hono.Hono();
-adminContentRoutes.use("*", chunkXWPGIFS7_cjs.requireAuth());
+adminContentRoutes.use("*", chunkQG3YQKL4_cjs.requireAuth());
 async function getCollectionFields(db, collectionId) {
   const cache = chunk7FOAMNTI_cjs.getCacheService(chunk7FOAMNTI_cjs.CACHE_CONFIGS.collection);
   return cache.getOrSet(
@@ -8040,7 +8040,7 @@ function renderUserEditPage(data) {
                     <input
                       type="text"
                       name="first_name"
-                      value="${chunkSZE3XVET_cjs.escapeHtml(data.userToEdit.firstName || "")}"
+                      value="${chunkH2X4BFCW_cjs.escapeHtml(data.userToEdit.firstName || "")}"
                       required
                       class="w-full rounded-lg bg-white dark:bg-zinc-800 px-3 py-2 text-sm text-zinc-950 dark:text-white shadow-sm ring-1 ring-inset ring-zinc-950/10 dark:ring-white/10 placeholder:text-zinc-400 dark:placeholder:text-zinc-500 focus:outline-none focus:ring-2 focus:ring-zinc-950 dark:focus:ring-white transition-shadow"
                     />
@@ -8051,7 +8051,7 @@ function renderUserEditPage(data) {
                     <input
                       type="text"
                       name="last_name"
-                      value="${chunkSZE3XVET_cjs.escapeHtml(data.userToEdit.lastName || "")}"
+                      value="${chunkH2X4BFCW_cjs.escapeHtml(data.userToEdit.lastName || "")}"
                       required
                       class="w-full rounded-lg bg-white dark:bg-zinc-800 px-3 py-2 text-sm text-zinc-950 dark:text-white shadow-sm ring-1 ring-inset ring-zinc-950/10 dark:ring-white/10 placeholder:text-zinc-400 dark:placeholder:text-zinc-500 focus:outline-none focus:ring-2 focus:ring-zinc-950 dark:focus:ring-white transition-shadow"
                     />
@@ -8062,7 +8062,7 @@ function renderUserEditPage(data) {
                     <input
                       type="text"
                       name="username"
-                      value="${chunkSZE3XVET_cjs.escapeHtml(data.userToEdit.username || "")}"
+                      value="${chunkH2X4BFCW_cjs.escapeHtml(data.userToEdit.username || "")}"
                       required
                       class="w-full rounded-lg bg-white dark:bg-zinc-800 px-3 py-2 text-sm text-zinc-950 dark:text-white shadow-sm ring-1 ring-inset ring-zinc-950/10 dark:ring-white/10 placeholder:text-zinc-400 dark:placeholder:text-zinc-500 focus:outline-none focus:ring-2 focus:ring-zinc-950 dark:focus:ring-white transition-shadow"
                     />
@@ -8073,7 +8073,7 @@ function renderUserEditPage(data) {
                     <input
                       type="email"
                       name="email"
-                      value="${chunkSZE3XVET_cjs.escapeHtml(data.userToEdit.email || "")}"
+                      value="${chunkH2X4BFCW_cjs.escapeHtml(data.userToEdit.email || "")}"
                       required
                       class="w-full rounded-lg bg-white dark:bg-zinc-800 px-3 py-2 text-sm text-zinc-950 dark:text-white shadow-sm ring-1 ring-inset ring-zinc-950/10 dark:ring-white/10 placeholder:text-zinc-400 dark:placeholder:text-zinc-500 focus:outline-none focus:ring-2 focus:ring-zinc-950 dark:focus:ring-white transition-shadow"
                     />
@@ -8084,7 +8084,7 @@ function renderUserEditPage(data) {
                     <input
                       type="tel"
                       name="phone"
-                      value="${chunkSZE3XVET_cjs.escapeHtml(data.userToEdit.phone || "")}"
+                      value="${chunkH2X4BFCW_cjs.escapeHtml(data.userToEdit.phone || "")}"
                       class="w-full rounded-lg bg-white dark:bg-zinc-800 px-3 py-2 text-sm text-zinc-950 dark:text-white shadow-sm ring-1 ring-inset ring-zinc-950/10 dark:ring-white/10 placeholder:text-zinc-400 dark:placeholder:text-zinc-500 focus:outline-none focus:ring-2 focus:ring-zinc-950 dark:focus:ring-white transition-shadow"
                     />
                   </div>
@@ -8098,7 +8098,7 @@ function renderUserEditPage(data) {
                         class="col-start-1 row-start-1 w-full appearance-none rounded-md bg-white/5 dark:bg-white/5 py-1.5 pl-3 pr-8 text-base text-zinc-950 dark:text-white outline outline-1 -outline-offset-1 outline-zinc-500/30 dark:outline-zinc-400/30 *:bg-white dark:*:bg-zinc-800 focus-visible:outline focus-visible:outline-2 focus-visible:-outline-offset-2 focus-visible:outline-zinc-500 dark:focus-visible:outline-zinc-400 sm:text-sm/6"
                       >
                         ${data.roles.map((role) => `
-                          <option value="${chunkSZE3XVET_cjs.escapeHtml(role.value)}" ${data.userToEdit.role === role.value ? "selected" : ""}>${chunkSZE3XVET_cjs.escapeHtml(role.label)}</option>
+                          <option value="${chunkH2X4BFCW_cjs.escapeHtml(role.value)}" ${data.userToEdit.role === role.value ? "selected" : ""}>${chunkH2X4BFCW_cjs.escapeHtml(role.label)}</option>
                         `).join("")}
                       </select>
                       <svg viewBox="0 0 16 16" fill="currentColor" data-slot="icon" aria-hidden="true" class="pointer-events-none col-start-1 row-start-1 mr-2 size-5 self-center justify-self-end text-zinc-600 dark:text-zinc-400 sm:size-4">
@@ -8114,7 +8114,7 @@ function renderUserEditPage(data) {
                     name="bio"
                     rows="3"
                     class="w-full rounded-lg bg-white dark:bg-zinc-800 px-3 py-2 text-sm text-zinc-950 dark:text-white shadow-sm ring-1 ring-inset ring-zinc-950/10 dark:ring-white/10 placeholder:text-zinc-400 dark:placeholder:text-zinc-500 focus:outline-none focus:ring-2 focus:ring-zinc-950 dark:focus:ring-white transition-shadow"
-                  >${chunkSZE3XVET_cjs.escapeHtml(data.userToEdit.bio || "")}</textarea>
+                  >${chunkH2X4BFCW_cjs.escapeHtml(data.userToEdit.bio || "")}</textarea>
                 </div>
               </div>
 
@@ -9014,7 +9014,7 @@ function renderUsersListPage(data) {
 
 // src/routes/admin-users.ts
 var userRoutes = new hono.Hono();
-userRoutes.use("*", chunkXWPGIFS7_cjs.requireAuth());
+userRoutes.use("*", chunkQG3YQKL4_cjs.requireAuth());
 userRoutes.get("/", (c) => {
   return c.redirect("/admin/dashboard");
 });
@@ -9113,12 +9113,12 @@ userRoutes.put("/profile", async (c) => {
   const db = c.env.DB;
   try {
     const formData = await c.req.formData();
-    const firstName = chunkSZE3XVET_cjs.sanitizeInput(formData.get("first_name")?.toString());
-    const lastName = chunkSZE3XVET_cjs.sanitizeInput(formData.get("last_name")?.toString());
-    const username = chunkSZE3XVET_cjs.sanitizeInput(formData.get("username")?.toString());
+    const firstName = chunkH2X4BFCW_cjs.sanitizeInput(formData.get("first_name")?.toString());
+    const lastName = chunkH2X4BFCW_cjs.sanitizeInput(formData.get("last_name")?.toString());
+    const username = chunkH2X4BFCW_cjs.sanitizeInput(formData.get("username")?.toString());
     const email = formData.get("email")?.toString()?.trim().toLowerCase() || "";
-    const phone = chunkSZE3XVET_cjs.sanitizeInput(formData.get("phone")?.toString()) || null;
-    const bio = chunkSZE3XVET_cjs.sanitizeInput(formData.get("bio")?.toString()) || null;
+    const phone = chunkH2X4BFCW_cjs.sanitizeInput(formData.get("phone")?.toString()) || null;
+    const bio = chunkH2X4BFCW_cjs.sanitizeInput(formData.get("bio")?.toString()) || null;
     const timezone = formData.get("timezone")?.toString() || "UTC";
     const language = formData.get("language")?.toString() || "en";
     const emailNotifications = formData.get("email_notifications") === "1";
@@ -9169,7 +9169,7 @@ userRoutes.put("/profile", async (c) => {
       Date.now(),
       user.userId
     ).run();
-    await chunkXWPGIFS7_cjs.logActivity(
+    await chunkQG3YQKL4_cjs.logActivity(
       db,
       user.userId,
       "profile.update",
@@ -9232,7 +9232,7 @@ userRoutes.post("/profile/avatar", async (c) => {
       SELECT first_name, last_name FROM users WHERE id = ?
     `);
     const userData = await userStmt.bind(user.userId).first();
-    await chunkXWPGIFS7_cjs.logActivity(
+    await chunkQG3YQKL4_cjs.logActivity(
       db,
       user.userId,
       "profile.avatar_update",
@@ -9303,7 +9303,7 @@ userRoutes.post("/profile/password", async (c) => {
         dismissible: true
       }));
     }
-    const validPassword = await chunkXWPGIFS7_cjs.AuthManager.verifyPassword(currentPassword, userData.password_hash);
+    const validPassword = await chunkQG3YQKL4_cjs.AuthManager.verifyPassword(currentPassword, userData.password_hash);
     if (!validPassword) {
       return c.html(renderAlert2({
         type: "error",
@@ -9311,7 +9311,7 @@ userRoutes.post("/profile/password", async (c) => {
         dismissible: true
       }));
     }
-    const newPasswordHash = await chunkXWPGIFS7_cjs.AuthManager.hashPassword(newPassword);
+    const newPasswordHash = await chunkQG3YQKL4_cjs.AuthManager.hashPassword(newPassword);
     const historyStmt = db.prepare(`
       INSERT INTO password_history (id, user_id, password_hash, created_at)
       VALUES (?, ?, ?, ?)
@@ -9327,7 +9327,7 @@ userRoutes.post("/profile/password", async (c) => {
       WHERE id = ?
     `);
     await updateStmt.bind(newPasswordHash, Date.now(), user.userId).run();
-    await chunkXWPGIFS7_cjs.logActivity(
+    await chunkQG3YQKL4_cjs.logActivity(
       db,
       user.userId,
       "profile.password_change",
@@ -9394,7 +9394,7 @@ userRoutes.get("/users", async (c) => {
     `);
     const countResult = await countStmt.bind(...params).first();
     const totalUsers = countResult?.total || 0;
-    await chunkXWPGIFS7_cjs.logActivity(
+    await chunkQG3YQKL4_cjs.logActivity(
       db,
       user.userId,
       "users.list_view",
@@ -9496,12 +9496,12 @@ userRoutes.post("/users/new", async (c) => {
   const user = c.get("user");
   try {
     const formData = await c.req.formData();
-    const firstName = chunkSZE3XVET_cjs.sanitizeInput(formData.get("first_name")?.toString());
-    const lastName = chunkSZE3XVET_cjs.sanitizeInput(formData.get("last_name")?.toString());
-    const username = chunkSZE3XVET_cjs.sanitizeInput(formData.get("username")?.toString());
+    const firstName = chunkH2X4BFCW_cjs.sanitizeInput(formData.get("first_name")?.toString());
+    const lastName = chunkH2X4BFCW_cjs.sanitizeInput(formData.get("last_name")?.toString());
+    const username = chunkH2X4BFCW_cjs.sanitizeInput(formData.get("username")?.toString());
     const email = formData.get("email")?.toString()?.trim().toLowerCase() || "";
-    const phone = chunkSZE3XVET_cjs.sanitizeInput(formData.get("phone")?.toString()) || null;
-    const bio = chunkSZE3XVET_cjs.sanitizeInput(formData.get("bio")?.toString()) || null;
+    const phone = chunkH2X4BFCW_cjs.sanitizeInput(formData.get("phone")?.toString()) || null;
+    const bio = chunkH2X4BFCW_cjs.sanitizeInput(formData.get("bio")?.toString()) || null;
     const role = formData.get("role")?.toString() || "viewer";
     const password = formData.get("password")?.toString() || "";
     const confirmPassword = formData.get("confirm_password")?.toString() || "";
@@ -9548,7 +9548,7 @@ userRoutes.post("/users/new", async (c) => {
         dismissible: true
       }));
     }
-    const passwordHash = await chunkXWPGIFS7_cjs.AuthManager.hashPassword(password);
+    const passwordHash = await chunkQG3YQKL4_cjs.AuthManager.hashPassword(password);
     const userId = crypto.randomUUID();
     const createStmt = db.prepare(`
       INSERT INTO users (
@@ -9571,7 +9571,7 @@ userRoutes.post("/users/new", async (c) => {
       Date.now(),
       Date.now()
     ).run();
-    await chunkXWPGIFS7_cjs.logActivity(
+    await chunkQG3YQKL4_cjs.logActivity(
       db,
       user.userId,
       "user!.create",
@@ -9609,7 +9609,7 @@ userRoutes.get("/users/:id", async (c) => {
     if (!userRecord) {
       return c.json({ error: "User not found" }, 404);
     }
-    await chunkXWPGIFS7_cjs.logActivity(
+    await chunkQG3YQKL4_cjs.logActivity(
       db,
       user.userId,
       "user!.view",
@@ -9702,12 +9702,12 @@ userRoutes.put("/users/:id", async (c) => {
   const userId = c.req.param("id");
   try {
     const formData = await c.req.formData();
-    const firstName = chunkSZE3XVET_cjs.sanitizeInput(formData.get("first_name")?.toString());
-    const lastName = chunkSZE3XVET_cjs.sanitizeInput(formData.get("last_name")?.toString());
-    const username = chunkSZE3XVET_cjs.sanitizeInput(formData.get("username")?.toString());
+    const firstName = chunkH2X4BFCW_cjs.sanitizeInput(formData.get("first_name")?.toString());
+    const lastName = chunkH2X4BFCW_cjs.sanitizeInput(formData.get("last_name")?.toString());
+    const username = chunkH2X4BFCW_cjs.sanitizeInput(formData.get("username")?.toString());
     const email = formData.get("email")?.toString()?.trim().toLowerCase() || "";
-    const phone = chunkSZE3XVET_cjs.sanitizeInput(formData.get("phone")?.toString()) || null;
-    const bio = chunkSZE3XVET_cjs.sanitizeInput(formData.get("bio")?.toString()) || null;
+    const phone = chunkH2X4BFCW_cjs.sanitizeInput(formData.get("phone")?.toString()) || null;
+    const bio = chunkH2X4BFCW_cjs.sanitizeInput(formData.get("bio")?.toString()) || null;
     const role = formData.get("role")?.toString() || "viewer";
     const isActive = formData.get("is_active") === "1";
     const emailVerified = formData.get("email_verified") === "1";
@@ -9758,7 +9758,7 @@ userRoutes.put("/users/:id", async (c) => {
       Date.now(),
       userId
     ).run();
-    await chunkXWPGIFS7_cjs.logActivity(
+    await chunkQG3YQKL4_cjs.logActivity(
       db,
       user.userId,
       "user!.update",
@@ -9803,7 +9803,7 @@ userRoutes.post("/users/:id/toggle", async (c) => {
       UPDATE users SET is_active = ?, updated_at = ? WHERE id = ?
     `);
     await toggleStmt.bind(active ? 1 : 0, Date.now(), userId).run();
-    await chunkXWPGIFS7_cjs.logActivity(
+    await chunkQG3YQKL4_cjs.logActivity(
       db,
       user.userId,
       active ? "user.activate" : "user.deactivate",
@@ -9844,7 +9844,7 @@ userRoutes.delete("/users/:id", async (c) => {
         DELETE FROM users WHERE id = ?
       `);
       await deleteStmt.bind(userId).run();
-      await chunkXWPGIFS7_cjs.logActivity(
+      await chunkQG3YQKL4_cjs.logActivity(
         db,
         user.userId,
         "user!.hard_delete",
@@ -9863,7 +9863,7 @@ userRoutes.delete("/users/:id", async (c) => {
         UPDATE users SET is_active = 0, updated_at = ? WHERE id = ?
       `);
       await deleteStmt.bind(Date.now(), userId).run();
-      await chunkXWPGIFS7_cjs.logActivity(
+      await chunkQG3YQKL4_cjs.logActivity(
         db,
         user.userId,
         "user!.soft_delete",
@@ -9890,8 +9890,8 @@ userRoutes.post("/invite-user", async (c) => {
     const formData = await c.req.formData();
     const email = formData.get("email")?.toString()?.trim().toLowerCase() || "";
     const role = formData.get("role")?.toString()?.trim() || "viewer";
-    const firstName = chunkSZE3XVET_cjs.sanitizeInput(formData.get("first_name")?.toString());
-    const lastName = chunkSZE3XVET_cjs.sanitizeInput(formData.get("last_name")?.toString());
+    const firstName = chunkH2X4BFCW_cjs.sanitizeInput(formData.get("first_name")?.toString());
+    const lastName = chunkH2X4BFCW_cjs.sanitizeInput(formData.get("last_name")?.toString());
     if (!email || !firstName || !lastName) {
       return c.json({ error: "Email, first name, and last name are required" }, 400);
     }
@@ -9929,7 +9929,7 @@ userRoutes.post("/invite-user", async (c) => {
       Date.now(),
       Date.now()
     ).run();
-    await chunkXWPGIFS7_cjs.logActivity(
+    await chunkQG3YQKL4_cjs.logActivity(
       db,
       user.userId,
       "user!.invite_sent",
@@ -9986,7 +9986,7 @@ userRoutes.post("/resend-invitation/:id", async (c) => {
       Date.now(),
       userId
     ).run();
-    await chunkXWPGIFS7_cjs.logActivity(
+    await chunkQG3YQKL4_cjs.logActivity(
       db,
       user.userId,
       "user!.invitation_resent",
@@ -10022,7 +10022,7 @@ userRoutes.delete("/cancel-invitation/:id", async (c) => {
     }
     const deleteStmt = db.prepare(`DELETE FROM users WHERE id = ?`);
     await deleteStmt.bind(userId).run();
-    await chunkXWPGIFS7_cjs.logActivity(
+    await chunkQG3YQKL4_cjs.logActivity(
       db,
       user.userId,
       "user!.invitation_cancelled",
@@ -10105,7 +10105,7 @@ userRoutes.get("/activity-logs", async (c) => {
       ...log,
       details: log.details ? JSON.parse(log.details) : null
     }));
-    await chunkXWPGIFS7_cjs.logActivity(
+    await chunkQG3YQKL4_cjs.logActivity(
       db,
       user.userId,
       "activity.logs_viewed",
@@ -10212,7 +10212,7 @@ userRoutes.get("/activity-logs/export", async (c) => {
       csvRows.push(row.join(","));
     }
     const csvContent = csvRows.join("\n");
-    await chunkXWPGIFS7_cjs.logActivity(
+    await chunkQG3YQKL4_cjs.logActivity(
       db,
       user.userId,
       "activity.logs_exported",
@@ -11551,7 +11551,7 @@ var fileValidationSchema2 = zod.z.object({
   // 50MB max
 });
 var adminMediaRoutes = new hono.Hono();
-adminMediaRoutes.use("*", chunkXWPGIFS7_cjs.requireAuth());
+adminMediaRoutes.use("*", chunkQG3YQKL4_cjs.requireAuth());
 adminMediaRoutes.get("/", async (c) => {
   try {
     const user = c.get("user");
@@ -12137,7 +12137,7 @@ adminMediaRoutes.put("/:id", async (c) => {
     `);
   }
 });
-adminMediaRoutes.delete("/cleanup", chunkXWPGIFS7_cjs.requireRole("admin"), async (c) => {
+adminMediaRoutes.delete("/cleanup", chunkQG3YQKL4_cjs.requireRole("admin"), async (c) => {
   try {
     const db = c.env.DB;
     const allMediaStmt = db.prepare("SELECT id, r2_key, filename FROM media WHERE deleted_at IS NULL");
@@ -13782,7 +13782,7 @@ function formatTimestamp(timestamp) {
 
 // src/routes/admin-plugins.ts
 var adminPluginRoutes = new hono.Hono();
-adminPluginRoutes.use("*", chunkXWPGIFS7_cjs.requireAuth());
+adminPluginRoutes.use("*", chunkQG3YQKL4_cjs.requireAuth());
 var AVAILABLE_PLUGINS = [
   {
     id: "third-party-faq",
@@ -15073,7 +15073,7 @@ function renderLogConfigPage(data) {
 
 // src/routes/admin-logs.ts
 var adminLogsRoutes = new hono.Hono();
-adminLogsRoutes.use("*", chunkXWPGIFS7_cjs.requireAuth());
+adminLogsRoutes.use("*", chunkQG3YQKL4_cjs.requireAuth());
 adminLogsRoutes.get("/", async (c) => {
   try {
     const user = c.get("user");
@@ -17401,9 +17401,9 @@ function renderStorageUsage(databaseSizeBytes, mediaSizeBytes) {
 }
 
 // src/routes/admin-dashboard.ts
-var VERSION = chunkSZE3XVET_cjs.getCoreVersion();
+var VERSION = chunkH2X4BFCW_cjs.getCoreVersion();
 var router = new hono.Hono();
-router.use("*", chunkXWPGIFS7_cjs.requireAuth());
+router.use("*", chunkQG3YQKL4_cjs.requireAuth());
 router.get("/", async (c) => {
   const user = c.get("user");
   try {
@@ -19161,7 +19161,7 @@ function renderCollectionFormPage(data) {
 
 // src/routes/admin-collections.ts
 var adminCollectionsRoutes = new hono.Hono();
-adminCollectionsRoutes.use("*", chunkXWPGIFS7_cjs.requireAuth());
+adminCollectionsRoutes.use("*", chunkQG3YQKL4_cjs.requireAuth());
 adminCollectionsRoutes.get("/", async (c) => {
   try {
     const user = c.get("user");
@@ -21324,7 +21324,7 @@ function renderDatabaseToolsSettings(settings) {
 
 // src/routes/admin-settings.ts
 var adminSettingsRoutes = new hono.Hono();
-adminSettingsRoutes.use("*", chunkXWPGIFS7_cjs.requireAuth());
+adminSettingsRoutes.use("*", chunkQG3YQKL4_cjs.requireAuth());
 function getMockSettings(user) {
   return {
     general: {
@@ -21492,7 +21492,7 @@ adminSettingsRoutes.get("/database-tools", (c) => {
 adminSettingsRoutes.get("/api/migrations/status", async (c) => {
   try {
     const db = c.env.DB;
-    const migrationService = new chunkETS5XSAG_cjs.MigrationService(db);
+    const migrationService = new chunk63LV4YVI_cjs.MigrationService(db);
     const status = await migrationService.getMigrationStatus();
     return c.json({
       success: true,
@@ -21516,7 +21516,7 @@ adminSettingsRoutes.post("/api/migrations/run", async (c) => {
       }, 403);
     }
     const db = c.env.DB;
-    const migrationService = new chunkETS5XSAG_cjs.MigrationService(db);
+    const migrationService = new chunk63LV4YVI_cjs.MigrationService(db);
     const result = await migrationService.runPendingMigrations();
     return c.json({
       success: result.success,
@@ -21534,7 +21534,7 @@ adminSettingsRoutes.post("/api/migrations/run", async (c) => {
 adminSettingsRoutes.get("/api/migrations/validate", async (c) => {
   try {
     const db = c.env.DB;
-    const migrationService = new chunkETS5XSAG_cjs.MigrationService(db);
+    const migrationService = new chunk63LV4YVI_cjs.MigrationService(db);
     const validation = await migrationService.validateSchema();
     return c.json({
       success: true,
@@ -21779,5 +21779,5 @@ exports.auth_default = auth_default;
 exports.router = router;
 exports.test_cleanup_default = test_cleanup_default;
 exports.userRoutes = userRoutes;
-//# sourceMappingURL=chunk-D4PJFFOV.cjs.map
-//# sourceMappingURL=chunk-D4PJFFOV.cjs.map
+//# sourceMappingURL=chunk-5OLN5JO3.cjs.map
+//# sourceMappingURL=chunk-5OLN5JO3.cjs.map