@strapi-community/plugin-io 5.1.0 → 5.3.0

package/README.md

@@ -770,6 +770,130 @@ Configure permissions in the Strapi admin panel:
 
 ---
 
+## Security
+
+The plugin implements multiple security layers to protect your real-time connections.
+
+### Admin Session Tokens
+
+For admin panel connections (Live Presence), the plugin uses secure session tokens:
+
+```
++------------------+      +------------------+      +------------------+
+|  Admin Browser   | ---> |  Session Endpoint| ---> |   Socket.IO      |
+|  (Strapi Admin)  |      |  /io/presence/   |      |   Server         |
++------------------+      +------------------+      +------------------+
+        |                         |                         |
+        | 1. Request session      |                         |
+        | (Admin JWT in header)   |                         |
+        +------------------------>|                         |
+        |                         |                         |
+        | 2. Return session token |                         |
+        | (UUID, 10 min TTL)      |                         |
+        |<------------------------+                         |
+        |                         |                         |
+        | 3. Connect Socket.IO    |                         |
+        | (Session token in auth) |                         |
+        +-------------------------------------------------->|
+        |                         |                         |
+        | 4. Validate & connect   |                         |
+        |<--------------------------------------------------+
+```
+
+**Security Features:**
+- **Token Hashing**: Tokens stored as SHA-256 hashes (plaintext never persisted)
+- **Short TTL**: 10-minute expiration with automatic refresh at 70%
+- **Usage Limits**: Max 10 reconnects per token to prevent replay attacks
+- **Rate Limiting**: 30-second cooldown between token requests
+- **Minimal Data**: Only essential user info stored (ID, firstname, lastname)
+
+### Rate Limiting
+
+Prevent abuse with configurable rate limits:
+
+```javascript
+// In config/plugins.js
+module.exports = {
+  io: {
+    enabled: true,
+    config: {
+      security: {
+        rateLimit: {
+          enabled: true,
+          maxEventsPerSecond: 10,    // Max events per socket per second
+          maxConnectionsPerIp: 50    // Max connections from single IP
+        }
+      }
+    }
+  }
+};
+```
+
+### IP Whitelisting/Blacklisting
+
+Restrict access by IP address:
+
+```javascript
+// In config/plugins.js
+module.exports = {
+  io: {
+    enabled: true,
+    config: {
+      security: {
+        ipWhitelist: ['192.168.1.0/24', '10.0.0.1'],  // Only these IPs allowed
+        ipBlacklist: ['203.0.113.50'],                 // These IPs blocked
+        requireAuthentication: true                    // Require JWT/API token
+      }
+    }
+  }
+};
+```
+
+### Security Monitoring API
+
+Monitor active sessions via admin API:
+
+```bash
+# Get session statistics
+GET /io/security/sessions
+Authorization: Bearer <admin-jwt>
+
+# Response:
+{
+  "data": {
+    "activeSessions": 5,
+    "expiringSoon": 1,
+    "activeSocketConnections": 3,
+    "sessionTTL": 600000,
+    "refreshCooldown": 30000
+  }
+}
+
+# Force logout a user (invalidate all their sessions)
+POST /io/security/invalidate/:userId
+Authorization: Bearer <admin-jwt>
+
+# Response:
+{
+  "data": {
+    "userId": 1,
+    "invalidatedSessions": 2,
+    "message": "Successfully invalidated 2 session(s)"
+  }
+}
+```
+
+### Best Practices
+
+1. **Always use HTTPS** in production for encrypted WebSocket connections
+2. **Enable authentication** for sensitive content types
+3. **Configure CORS** to only allow your frontend domains
+4. **Monitor connections** via the admin dashboard
+5. **Set reasonable rate limits** based on your use case
+6. **Review access logs** periodically for suspicious activity
+
+---
+
 ## Admin Panel
 
 The plugin provides a full admin interface for configuration and monitoring.
@@ -1327,6 +1451,9 @@ Copyright (c) 2024 Strapi Community
 - **Admin Panel Sidebar** - Live presence panel integrated into edit view
 - **Admin Session Authentication** - Secure session tokens for Socket.IO
 - **Admin JWT Strategy** - New authentication strategy for admin users
+- **Enhanced Security** - Token hashing (SHA-256), usage limits, rate limiting
+- **Automatic Token Refresh** - Tokens auto-refresh at 70% of TTL
+- **Security Monitoring API** - Session stats and force-logout endpoints
 
 ### v5.0.0
 - Strapi v5 support

package/dist/_chunks/{LivePresencePanel-CNaEK-Gk.js → LivePresencePanel-BkeWL4kq.js}

@@ -7,7 +7,7 @@ const designSystem = require("@strapi/design-system");
 const admin = require("@strapi/strapi/admin");
 const styled = require("styled-components");
 const socket_ioClient = require("socket.io-client");
-const index$1 = require("./index--2NeIKGR.js");
+const index$1 = require("./index-DVNfszio.js");
 const _interopDefault = (e) => e && e.__esModule ? e : { default: e };
 const styled__default = /* @__PURE__ */ _interopDefault(styled);
 const pulse = styled.keyframes`
@@ -181,19 +181,46 @@ const LivePresencePanel = ({ documentId, model, document }) => {
       return;
     }
     let cancelled = false;
-    const getSession = async () => {
+    let refreshTimeoutId = null;
+    const getSession = async (isRefresh = false) => {
       try {
-        setPresenceState((prev) => ({ ...prev, status: "requesting" }));
+        if (!isRefresh) {
+          setPresenceState((prev) => ({ ...prev, status: "requesting" }));
+        }
         const { data } = await post(`/${index$1.PLUGIN_ID}/presence/session`, {});
         if (cancelled) return;
         if (!data || !data.token) {
           throw new Error("Invalid session response");
         }
-        console.log(`[${index$1.PLUGIN_ID}] Presence session obtained for:`, data.user?.email);
+        console.log(`[${index$1.PLUGIN_ID}] Session ${isRefresh ? "refreshed" : "obtained"}:`, {
+          expiresIn: Math.round((data.expiresAt - Date.now()) / 1e3) + "s",
+          refreshAfter: Math.round((data.refreshAfter - Date.now()) / 1e3) + "s"
+        });
         setSessionData(data);
-        setPresenceState((prev) => ({ ...prev, status: "connecting" }));
+        if (!isRefresh) {
+          setPresenceState((prev) => ({ ...prev, status: "connecting" }));
+        }
+        if (data.refreshAfter) {
+          const refreshIn = data.refreshAfter - Date.now();
+          if (refreshIn > 0) {
+            console.log(`[${index$1.PLUGIN_ID}] Token refresh scheduled in ${Math.round(refreshIn / 1e3)}s`);
+            refreshTimeoutId = setTimeout(() => {
+              if (!cancelled) {
+                console.log(`[${index$1.PLUGIN_ID}] Refreshing session token...`);
+                getSession(true);
+              }
+            }, refreshIn);
+          }
+        }
       } catch (error2) {
         if (cancelled) return;
+        if (error2.response?.status === 429) {
+          console.warn(`[${index$1.PLUGIN_ID}] Rate limited, retrying in 30s...`);
+          refreshTimeoutId = setTimeout(() => {
+            if (!cancelled) getSession(isRefresh);
+          }, 3e4);
+          return;
+        }
         console.error(`[${index$1.PLUGIN_ID}] Failed to get presence session:`, error2);
         setPresenceState((prev) => ({
           ...prev,
@@ -205,6 +232,9 @@ const LivePresencePanel = ({ documentId, model, document }) => {
     getSession();
     return () => {
       cancelled = true;
+      if (refreshTimeoutId) {
+        clearTimeout(refreshTimeoutId);
+      }
     };
   }, [uid, documentId, post]);
   React.useEffect(() => {

package/dist/_chunks/{LivePresencePanel-BeNq_EnQ.mjs → LivePresencePanel-D_vzQr4B.mjs}

@@ -5,7 +5,7 @@ import { Flex } from "@strapi/design-system";
 import { useFetchClient } from "@strapi/strapi/admin";
 import styled, { css, keyframes } from "styled-components";
 import { io } from "socket.io-client";
-import { P as PLUGIN_ID } from "./index-CzvX8YTe.mjs";
+import { P as PLUGIN_ID } from "./index-Bw7WjN5H.mjs";
 const pulse = keyframes`
   0%, 100% { 
     box-shadow: 0 0 0 3px rgba(34, 197, 94, 0.2);
@@ -177,19 +177,46 @@ const LivePresencePanel = ({ documentId, model, document }) => {
       return;
     }
     let cancelled = false;
-    const getSession = async () => {
+    let refreshTimeoutId = null;
+    const getSession = async (isRefresh = false) => {
       try {
-        setPresenceState((prev) => ({ ...prev, status: "requesting" }));
+        if (!isRefresh) {
+          setPresenceState((prev) => ({ ...prev, status: "requesting" }));
+        }
         const { data } = await post(`/${PLUGIN_ID}/presence/session`, {});
         if (cancelled) return;
         if (!data || !data.token) {
           throw new Error("Invalid session response");
         }
-        console.log(`[${PLUGIN_ID}] Presence session obtained for:`, data.user?.email);
+        console.log(`[${PLUGIN_ID}] Session ${isRefresh ? "refreshed" : "obtained"}:`, {
+          expiresIn: Math.round((data.expiresAt - Date.now()) / 1e3) + "s",
+          refreshAfter: Math.round((data.refreshAfter - Date.now()) / 1e3) + "s"
+        });
         setSessionData(data);
-        setPresenceState((prev) => ({ ...prev, status: "connecting" }));
+        if (!isRefresh) {
+          setPresenceState((prev) => ({ ...prev, status: "connecting" }));
+        }
+        if (data.refreshAfter) {
+          const refreshIn = data.refreshAfter - Date.now();
+          if (refreshIn > 0) {
+            console.log(`[${PLUGIN_ID}] Token refresh scheduled in ${Math.round(refreshIn / 1e3)}s`);
+            refreshTimeoutId = setTimeout(() => {
+              if (!cancelled) {
+                console.log(`[${PLUGIN_ID}] Refreshing session token...`);
+                getSession(true);
+              }
+            }, refreshIn);
+          }
+        }
       } catch (error2) {
         if (cancelled) return;
+        if (error2.response?.status === 429) {
+          console.warn(`[${PLUGIN_ID}] Rate limited, retrying in 30s...`);
+          refreshTimeoutId = setTimeout(() => {
+            if (!cancelled) getSession(isRefresh);
+          }, 3e4);
+          return;
+        }
         console.error(`[${PLUGIN_ID}] Failed to get presence session:`, error2);
         setPresenceState((prev) => ({
           ...prev,
@@ -201,6 +228,9 @@ const LivePresencePanel = ({ documentId, model, document }) => {
     getSession();
     return () => {
       cancelled = true;
+      if (refreshTimeoutId) {
+        clearTimeout(refreshTimeoutId);
+      }
     };
   }, [uid, documentId, post]);
   useEffect(() => {

package/dist/_chunks/{MonitoringPage-K5Y3hhKF.js → MonitoringPage-CYGqkzva.js}

@@ -6,7 +6,7 @@ const admin = require("@strapi/strapi/admin");
 const styled = require("styled-components");
 const designSystem = require("@strapi/design-system");
 const index = require("./index-DkTxsEqL.js");
-const index$1 = require("./index--2NeIKGR.js");
+const index$1 = require("./index-DVNfszio.js");
 const _interopDefault = (e) => e && e.__esModule ? e : { default: e };
 const styled__default = /* @__PURE__ */ _interopDefault(styled);
 const UsersIcon = () => /* @__PURE__ */ jsxRuntime.jsx("svg", { xmlns: "http://www.w3.org/2000/svg", fill: "none", viewBox: "0 0 24 24", strokeWidth: 1.5, stroke: "currentColor", children: /* @__PURE__ */ jsxRuntime.jsx("path", { strokeLinecap: "round", strokeLinejoin: "round", d: "M15 19.128a9.38 9.38 0 0 0 2.625.372 9.337 9.337 0 0 0 4.121-.952 4.125 4.125 0 0 0-7.533-2.493M15 19.128v-.003c0-1.113-.285-2.16-.786-3.07M15 19.128v.106A12.318 12.318 0 0 1 8.624 21c-2.331 0-4.512-.645-6.374-1.766l-.001-.109a6.375 6.375 0 0 1 11.964-3.07M12 6.375a3.375 3.375 0 1 1-6.75 0 3.375 3.375 0 0 1 6.75 0Zm8.25 2.25a2.625 2.625 0 1 1-5.25 0 2.625 2.625 0 0 1 5.25 0Z" }) });

package/dist/_chunks/{MonitoringPage-Bn9XJSlg.mjs → MonitoringPage-DKfhYUgU.mjs}

@@ -4,7 +4,7 @@ import { useFetchClient, useNotification } from "@strapi/strapi/admin";
 import styled, { css, keyframes } from "styled-components";
 import { Box, Loader, Flex, Field, TextInput, Badge, Typography } from "@strapi/design-system";
 import { u as useIntl } from "./index-CEh8vkxY.mjs";
-import { P as PLUGIN_ID } from "./index-CzvX8YTe.mjs";
+import { P as PLUGIN_ID } from "./index-Bw7WjN5H.mjs";
 const UsersIcon = () => /* @__PURE__ */ jsx("svg", { xmlns: "http://www.w3.org/2000/svg", fill: "none", viewBox: "0 0 24 24", strokeWidth: 1.5, stroke: "currentColor", children: /* @__PURE__ */ jsx("path", { strokeLinecap: "round", strokeLinejoin: "round", d: "M15 19.128a9.38 9.38 0 0 0 2.625.372 9.337 9.337 0 0 0 4.121-.952 4.125 4.125 0 0 0-7.533-2.493M15 19.128v-.003c0-1.113-.285-2.16-.786-3.07M15 19.128v.106A12.318 12.318 0 0 1 8.624 21c-2.331 0-4.512-.645-6.374-1.766l-.001-.109a6.375 6.375 0 0 1 11.964-3.07M12 6.375a3.375 3.375 0 1 1-6.75 0 3.375 3.375 0 0 1 6.75 0Zm8.25 2.25a2.625 2.625 0 1 1-5.25 0 2.625 2.625 0 0 1 5.25 0Z" }) });
 const BoltIcon = () => /* @__PURE__ */ jsx("svg", { xmlns: "http://www.w3.org/2000/svg", fill: "none", viewBox: "0 0 24 24", strokeWidth: 1.5, stroke: "currentColor", children: /* @__PURE__ */ jsx("path", { strokeLinecap: "round", strokeLinejoin: "round", d: "m3.75 13.5 10.5-11.25L12 10.5h8.25L9.75 21.75 12 13.5H3.75Z" }) });
 const ChartBarIcon = () => /* @__PURE__ */ jsx("svg", { xmlns: "http://www.w3.org/2000/svg", fill: "none", viewBox: "0 0 24 24", strokeWidth: 1.5, stroke: "currentColor", children: /* @__PURE__ */ jsx("path", { strokeLinecap: "round", strokeLinejoin: "round", d: "M3 13.125C3 12.504 3.504 12 4.125 12h2.25c.621 0 1.125.504 1.125 1.125v6.75C7.5 20.496 6.996 21 6.375 21h-2.25A1.125 1.125 0 0 1 3 19.875v-6.75ZM9.75 8.625c0-.621.504-1.125 1.125-1.125h2.25c.621 0 1.125.504 1.125 1.125v11.25c0 .621-.504 1.125-1.125 1.125h-2.25a1.125 1.125 0 0 1-1.125-1.125V8.625ZM16.5 4.125c0-.621.504-1.125 1.125-1.125h2.25C20.496 3 21 3.504 21 4.125v15.75c0 .621-.504 1.125-1.125 1.125h-2.25a1.125 1.125 0 0 1-1.125-1.125V4.125Z" }) });

package/dist/_chunks/OnlineEditorsWidget-Bf8hfVha.js

@@ -0,0 +1,341 @@
+"use strict";
+Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
+const jsxRuntime = require("react/jsx-runtime");
+const React = require("react");
+const designSystem = require("@strapi/design-system");
+const icons = require("@strapi/icons");
+const admin = require("@strapi/strapi/admin");
+const styled = require("styled-components");
+const socket_ioClient = require("socket.io-client");
+const index = require("./index-DVNfszio.js");
+const _interopDefault = (e) => e && e.__esModule ? e : { default: e };
+const styled__default = /* @__PURE__ */ _interopDefault(styled);
+const pulse = styled.keyframes`
+  0%, 100% { opacity: 1; }
+  50% { opacity: 0.5; }
+`;
+const WidgetContainer = styled__default.default(designSystem.Box)`
+  padding: 0;
+  position: relative;
+`;
+const HeaderContainer = styled__default.default(designSystem.Flex)`
+  justify-content: space-between;
+  align-items: center;
+  margin-bottom: ${({ theme }) => theme.spaces[3]};
+  padding-bottom: ${({ theme }) => theme.spaces[2]};
+  border-bottom: 1px solid ${({ theme }) => theme.colors.neutral150};
+`;
+const LiveDot = styled__default.default.span`
+  display: inline-block;
+  width: 8px;
+  height: 8px;
+  border-radius: 50%;
+  background: ${({ theme, $connected }) => $connected ? theme.colors.success500 : theme.colors.neutral400};
+  margin-right: ${({ theme }) => theme.spaces[2]};
+  animation: ${({ $connected }) => $connected ? pulse : "none"} 2s ease-in-out infinite;
+`;
+const CountBadge = styled__default.default.span`
+  display: inline-flex;
+  align-items: center;
+  justify-content: center;
+  min-width: 24px;
+  height: 24px;
+  padding: 0 8px;
+  background: ${({ theme, $active }) => $active ? theme.colors.primary100 : theme.colors.neutral100};
+  color: ${({ theme, $active }) => $active ? theme.colors.primary700 : theme.colors.neutral600};
+  border-radius: 12px;
+  font-size: 12px;
+  font-weight: 600;
+`;
+const UserList = styled__default.default.div`
+  display: flex;
+  flex-direction: column;
+  gap: ${({ theme }) => theme.spaces[2]};
+  max-height: 280px;
+  overflow-y: auto;
+`;
+const UserCard = styled__default.default.div`
+  display: flex;
+  align-items: flex-start;
+  gap: ${({ theme }) => theme.spaces[3]};
+  padding: ${({ theme }) => theme.spaces[3]};
+  background: ${({ theme }) => theme.colors.neutral0};
+  border: 1px solid ${({ theme }) => theme.colors.neutral150};
+  border-radius: ${({ theme }) => theme.borderRadius};
+  transition: all 0.2s ease;
+  
+  &:hover {
+    border-color: ${({ theme }) => theme.colors.primary200};
+    box-shadow: 0 2px 8px rgba(73, 69, 255, 0.08);
+  }
+`;
+const AVATAR_COLORS = [
+  "linear-gradient(135deg, #4945ff 0%, #7b79ff 100%)",
+  "linear-gradient(135deg, #3b82f6 0%, #60a5fa 100%)",
+  "linear-gradient(135deg, #10b981 0%, #34d399 100%)",
+  "linear-gradient(135deg, #f59e0b 0%, #fbbf24 100%)",
+  "linear-gradient(135deg, #ef4444 0%, #f87171 100%)",
+  "linear-gradient(135deg, #8b5cf6 0%, #a78bfa 100%)"
+];
+const UserAvatar = styled__default.default.div`
+  width: 40px;
+  height: 40px;
+  border-radius: 50%;
+  background: ${({ $colorIndex }) => AVATAR_COLORS[$colorIndex % AVATAR_COLORS.length]};
+  color: white;
+  font-size: 14px;
+  font-weight: 700;
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  flex-shrink: 0;
+  box-shadow: 0 2px 4px rgba(0, 0, 0, 0.1);
+`;
+const UserInfo = styled__default.default.div`
+  flex: 1;
+  min-width: 0;
+`;
+const UserName = styled__default.default.div`
+  font-size: 14px;
+  font-weight: 600;
+  color: ${({ theme }) => theme.colors.neutral800};
+  white-space: nowrap;
+  overflow: hidden;
+  text-overflow: ellipsis;
+`;
+const UserMeta = styled__default.default.div`
+  font-size: 12px;
+  color: ${({ theme }) => theme.colors.neutral500};
+  display: flex;
+  align-items: center;
+  gap: ${({ theme }) => theme.spaces[2]};
+  margin-top: 2px;
+`;
+const EditingBadge = styled__default.default.a`
+  display: inline-flex;
+  align-items: center;
+  gap: 4px;
+  font-size: 11px;
+  font-weight: 500;
+  color: ${({ theme }) => theme.colors.success700};
+  background: ${({ theme }) => theme.colors.success100};
+  padding: 4px 10px;
+  border-radius: 10px;
+  margin-top: ${({ theme }) => theme.spaces[1]};
+  word-break: break-all;
+  max-width: 100%;
+  text-decoration: none;
+  cursor: pointer;
+  transition: all 0.15s ease;
+  
+  &:hover {
+    background: ${({ theme }) => theme.colors.success200};
+    color: ${({ theme }) => theme.colors.success800};
+    transform: translateY(-1px);
+  }
+`;
+const IdleBadge = styled__default.default.span`
+  display: inline-flex;
+  align-items: center;
+  gap: 4px;
+  font-size: 11px;
+  font-weight: 500;
+  color: ${({ theme }) => theme.colors.neutral600};
+  background: ${({ theme }) => theme.colors.neutral100};
+  padding: 2px 8px;
+  border-radius: 10px;
+  margin-top: ${({ theme }) => theme.spaces[1]};
+`;
+const EmptyState = styled__default.default.div`
+  display: flex;
+  flex-direction: column;
+  align-items: center;
+  justify-content: center;
+  text-align: center;
+  padding: ${({ theme }) => theme.spaces[8]} ${({ theme }) => theme.spaces[4]};
+  color: ${({ theme }) => theme.colors.neutral500};
+  min-height: 180px;
+`;
+const EmptyIcon = styled__default.default.div`
+  width: 64px;
+  height: 64px;
+  border-radius: 50%;
+  background: ${({ theme }) => theme.colors.neutral100};
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  margin-bottom: ${({ theme }) => theme.spaces[3]};
+`;
+const LoadingContainer = styled__default.default.div`
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  padding: ${({ theme }) => theme.spaces[6]};
+`;
+const FooterLink = styled__default.default.a`
+  font-size: 12px;
+  color: ${({ theme }) => theme.colors.primary600};
+  text-decoration: none;
+  
+  &:hover {
+    text-decoration: underline;
+  }
+`;
+const getInitials = (user) => {
+  const first = (user.firstname?.[0] || user.username?.[0] || user.email?.[0] || "?").toUpperCase();
+  const last = (user.lastname?.[0] || "").toUpperCase();
+  return `${first}${last}`.trim() || "?";
+};
+const getDisplayName = (user) => {
+  if (user.firstname) {
+    return `${user.firstname} ${user.lastname || ""}`.trim();
+  }
+  return user.username || user.email || "Unknown";
+};
+const formatDuration = (seconds) => {
+  if (seconds < 60) return "just now";
+  if (seconds < 3600) return `${Math.floor(seconds / 60)}m`;
+  if (seconds < 86400) return `${Math.floor(seconds / 3600)}h`;
+  return `${Math.floor(seconds / 86400)}d`;
+};
+const OnlineEditorsWidget = () => {
+  const { get, post } = admin.useFetchClient();
+  const [data, setData] = React.useState(null);
+  const [loading, setLoading] = React.useState(true);
+  const [error, setError] = React.useState(null);
+  const [connected, setConnected] = React.useState(false);
+  const socketRef = React.useRef(null);
+  const fetchOnlineUsers = React.useCallback(async () => {
+    try {
+      const response = await get(`/${index.PLUGIN_ID}/online-users`);
+      setData(response.data?.data || response.data);
+      setError(null);
+      setLoading(false);
+    } catch (err) {
+      console.error("[plugin-io] Failed to fetch online users:", err);
+      setError(err.message);
+      setLoading(false);
+    }
+  }, [get]);
+  React.useEffect(() => {
+    let cancelled = false;
+    let socket = null;
+    const connectSocket = async () => {
+      try {
+        const { data: sessionData } = await post(`/${index.PLUGIN_ID}/presence/session`, {});
+        if (cancelled || !sessionData?.token) return;
+        const socketUrl = sessionData.wsUrl || `${window.location.protocol}//${window.location.host}`;
+        socket = socket_ioClient.io(socketUrl, {
+          path: sessionData.wsPath || "/socket.io",
+          transports: ["websocket", "polling"],
+          auth: {
+            token: sessionData.token,
+            strategy: "admin-jwt",
+            isAdmin: true
+          },
+          reconnection: true,
+          reconnectionAttempts: 3
+        });
+        socketRef.current = socket;
+        socket.on("connect", () => {
+          if (!cancelled) {
+            setConnected(true);
+            console.log(`[${index.PLUGIN_ID}] Dashboard presence connected`);
+            fetchOnlineUsers();
+          }
+        });
+        socket.on("disconnect", () => {
+          if (!cancelled) {
+            setConnected(false);
+          }
+        });
+        socket.on("connect_error", (err) => {
+          console.warn(`[${index.PLUGIN_ID}] Dashboard socket error:`, err.message);
+        });
+        socket.on("presence:update", () => {
+          fetchOnlineUsers();
+        });
+      } catch (err) {
+        console.error("[plugin-io] Failed to connect dashboard socket:", err);
+      }
+    };
+    connectSocket();
+    return () => {
+      cancelled = true;
+      if (socket) {
+        socket.disconnect();
+        socketRef.current = null;
+      }
+    };
+  }, [post, fetchOnlineUsers]);
+  React.useEffect(() => {
+    const interval = setInterval(fetchOnlineUsers, 15e3);
+    return () => clearInterval(interval);
+  }, [fetchOnlineUsers]);
+  if (loading) {
+    return /* @__PURE__ */ jsxRuntime.jsx(LoadingContainer, { children: /* @__PURE__ */ jsxRuntime.jsx(designSystem.Typography, { variant: "pi", textColor: "neutral600", children: "Loading..." }) });
+  }
+  if (error) {
+    return /* @__PURE__ */ jsxRuntime.jsx(EmptyState, { children: /* @__PURE__ */ jsxRuntime.jsxs(designSystem.Typography, { variant: "pi", textColor: "danger600", children: [
+      "Failed to load: ",
+      error
+    ] }) });
+  }
+  const users = data?.users || [];
+  const counts = data?.counts || { total: 0, editing: 0 };
+  return /* @__PURE__ */ jsxRuntime.jsxs(WidgetContainer, { children: [
+    /* @__PURE__ */ jsxRuntime.jsxs(HeaderContainer, { children: [
+      /* @__PURE__ */ jsxRuntime.jsxs(designSystem.Flex, { alignItems: "center", gap: 2, children: [
+        /* @__PURE__ */ jsxRuntime.jsx(LiveDot, { $connected: connected }),
+        /* @__PURE__ */ jsxRuntime.jsx(designSystem.Typography, { variant: "omega", fontWeight: "bold", textColor: "neutral800", children: "Who's Online" })
+      ] }),
+      /* @__PURE__ */ jsxRuntime.jsxs(designSystem.Flex, { gap: 2, children: [
+        /* @__PURE__ */ jsxRuntime.jsxs(CountBadge, { $active: counts.editing > 0, title: "Users editing", children: [
+          /* @__PURE__ */ jsxRuntime.jsx(icons.Pencil, { width: "12", height: "12", style: { marginRight: 4 } }),
+          counts.editing
+        ] }),
+        /* @__PURE__ */ jsxRuntime.jsxs(CountBadge, { title: "Total online", children: [
+          /* @__PURE__ */ jsxRuntime.jsx(icons.User, { width: "12", height: "12", style: { marginRight: 4 } }),
+          counts.total
+        ] })
+      ] })
+    ] }),
+    users.length === 0 ? /* @__PURE__ */ jsxRuntime.jsxs(EmptyState, { children: [
+      /* @__PURE__ */ jsxRuntime.jsx(EmptyIcon, { children: /* @__PURE__ */ jsxRuntime.jsx(icons.User, { width: "28", height: "28", fill: "#a5a5ba" }) }),
+      /* @__PURE__ */ jsxRuntime.jsx(designSystem.Typography, { variant: "omega", fontWeight: "semiBold", textColor: "neutral600", children: "No one else is online" }),
+      /* @__PURE__ */ jsxRuntime.jsx(designSystem.Typography, { variant: "pi", textColor: "neutral500", style: { marginTop: 4 }, children: "You're the only one here right now" })
+    ] }) : /* @__PURE__ */ jsxRuntime.jsx(UserList, { children: users.map((userData, index2) => /* @__PURE__ */ jsxRuntime.jsxs(UserCard, { children: [
+      /* @__PURE__ */ jsxRuntime.jsx(UserAvatar, { $colorIndex: index2, children: getInitials(userData.user) }),
+      /* @__PURE__ */ jsxRuntime.jsxs(UserInfo, { children: [
+        /* @__PURE__ */ jsxRuntime.jsxs(UserName, { children: [
+          getDisplayName(userData.user),
+          userData.user.isAdmin && /* @__PURE__ */ jsxRuntime.jsx(designSystem.Badge, { size: "S", style: { marginLeft: 8 }, children: "Admin" })
+        ] }),
+        /* @__PURE__ */ jsxRuntime.jsxs(UserMeta, { children: [
+          /* @__PURE__ */ jsxRuntime.jsx(icons.Clock, { width: "12", height: "12" }),
+          "Online ",
+          formatDuration(userData.onlineFor)
+        ] }),
+        userData.isEditing ? userData.editingEntities.map((entity, idx) => /* @__PURE__ */ jsxRuntime.jsxs(
+          EditingBadge,
+          {
+            href: `/admin/content-manager/collection-types/${entity.uid}/${entity.documentId}`,
+            target: "_blank",
+            rel: "noopener noreferrer",
+            title: "Open in new tab",
+            children: [
+              /* @__PURE__ */ jsxRuntime.jsx(icons.Pencil, { width: "10", height: "10" }),
+              entity.contentTypeName,
+              " - ",
+              entity.documentId
+            ]
+          },
+          idx
+        )) : /* @__PURE__ */ jsxRuntime.jsx(IdleBadge, { children: "Idle" })
+      ] })
+    ] }, userData.socketId)) }),
+    /* @__PURE__ */ jsxRuntime.jsx(designSystem.Flex, { justifyContent: "flex-end", marginTop: 3, children: /* @__PURE__ */ jsxRuntime.jsx(FooterLink, { href: "/admin/settings/io/monitoring", children: "View All Activity" }) })
+  ] });
+};
+exports.OnlineEditorsWidget = OnlineEditorsWidget;
+exports.default = OnlineEditorsWidget;