@structcms/api 0.1.0

package/dist/index.cjs

@@ -0,0 +1,1124 @@
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  ALLOWED_MIME_TYPES: () => ALLOWED_MIME_TYPES,
+  AuthError: () => AuthError,
+  AuthValidationError: () => AuthValidationError,
+  MediaError: () => MediaError,
+  MediaValidationError: () => MediaValidationError,
+  StorageError: () => StorageError,
+  StorageValidationError: () => StorageValidationError,
+  SupabaseAuthAdapter: () => SupabaseAuthAdapter,
+  SupabaseMediaAdapter: () => SupabaseMediaAdapter,
+  SupabaseStorageAdapter: () => SupabaseStorageAdapter,
+  createAuthAdapter: () => createAuthAdapter,
+  createAuthMiddleware: () => createAuthMiddleware,
+  createMediaAdapter: () => createMediaAdapter,
+  createStorageAdapter: () => createStorageAdapter,
+  createSupabaseAdapters: () => createSupabaseAdapters,
+  ensureUniqueSlug: () => ensureUniqueSlug,
+  generateSlug: () => generateSlug,
+  handleCreateNavigation: () => handleCreateNavigation,
+  handleCreatePage: () => handleCreatePage,
+  handleDeleteMedia: () => handleDeleteMedia,
+  handleDeleteNavigation: () => handleDeleteNavigation,
+  handleDeletePage: () => handleDeletePage,
+  handleExportAllPages: () => handleExportAllPages,
+  handleExportNavigations: () => handleExportNavigations,
+  handleExportPage: () => handleExportPage,
+  handleExportSite: () => handleExportSite,
+  handleGetCurrentUser: () => handleGetCurrentUser,
+  handleGetMedia: () => handleGetMedia,
+  handleGetNavigation: () => handleGetNavigation,
+  handleGetPageBySlug: () => handleGetPageBySlug,
+  handleListMedia: () => handleListMedia,
+  handleListPages: () => handleListPages,
+  handleRefreshSession: () => handleRefreshSession,
+  handleSignInWithOAuth: () => handleSignInWithOAuth,
+  handleSignInWithPassword: () => handleSignInWithPassword,
+  handleSignOut: () => handleSignOut,
+  handleUpdateNavigation: () => handleUpdateNavigation,
+  handleUpdatePage: () => handleUpdatePage,
+  handleUploadMedia: () => handleUploadMedia,
+  handleVerifySession: () => handleVerifySession,
+  resolveMediaReferences: () => resolveMediaReferences
+});
+module.exports = __toCommonJS(index_exports);
+
+// src/storage/supabase-adapter.ts
+function mapPageRowToPage(row) {
+  return {
+    id: row.id,
+    slug: row.slug,
+    pageType: row.page_type,
+    title: row.title,
+    sections: row.sections,
+    createdAt: new Date(row.created_at),
+    updatedAt: new Date(row.updated_at)
+  };
+}
+function mapNavigationRowToNavigation(row) {
+  return {
+    id: row.id,
+    name: row.name,
+    items: row.items,
+    updatedAt: new Date(row.updated_at)
+  };
+}
+var StorageError = class extends Error {
+  constructor(message, code, details) {
+    super(message);
+    this.code = code;
+    this.details = details;
+    this.name = "StorageError";
+  }
+};
+var SupabaseStorageAdapter = class {
+  client;
+  constructor(config) {
+    this.client = config.client;
+  }
+  async getPage(slug) {
+    const { data, error } = await this.client.from("pages").select("*").eq("slug", slug).single();
+    if (error) {
+      if (error.code === "PGRST116") {
+        return null;
+      }
+      throw new StorageError(error.message, error.code, error.details);
+    }
+    return mapPageRowToPage(data);
+  }
+  async getPageById(id) {
+    const { data, error } = await this.client.from("pages").select("*").eq("id", id).single();
+    if (error) {
+      if (error.code === "PGRST116") {
+        return null;
+      }
+      throw new StorageError(error.message, error.code, error.details);
+    }
+    return mapPageRowToPage(data);
+  }
+  async createPage(input) {
+    const { data, error } = await this.client.from("pages").insert({
+      slug: input.slug,
+      page_type: input.pageType,
+      title: input.title,
+      sections: input.sections ?? []
+    }).select().single();
+    if (error) {
+      throw new StorageError(error.message, error.code, error.details);
+    }
+    return mapPageRowToPage(data);
+  }
+  async updatePage(input) {
+    const updateData = {};
+    if (input.slug !== void 0) {
+      updateData.slug = input.slug;
+    }
+    if (input.pageType !== void 0) {
+      updateData.page_type = input.pageType;
+    }
+    if (input.title !== void 0) {
+      updateData.title = input.title;
+    }
+    if (input.sections !== void 0) {
+      updateData.sections = input.sections;
+    }
+    const { data, error } = await this.client.from("pages").update(updateData).eq("id", input.id).select().single();
+    if (error) {
+      if (error.code === "PGRST116") {
+        throw new StorageError(`Page not found: ${input.id}`, "NOT_FOUND");
+      }
+      throw new StorageError(error.message, error.code, error.details);
+    }
+    return mapPageRowToPage(data);
+  }
+  async deletePage(id) {
+    const { error } = await this.client.from("pages").delete().eq("id", id);
+    if (error) {
+      throw new StorageError(error.message, error.code, error.details);
+    }
+  }
+  async listPages(filter) {
+    let query = this.client.from("pages").select("*");
+    if (filter?.pageType) {
+      query = query.eq("page_type", filter.pageType);
+    }
+    query = query.order("created_at", { ascending: false });
+    if (filter?.limit) {
+      query = query.limit(filter.limit);
+    }
+    if (filter?.offset) {
+      query = query.range(filter.offset, filter.offset + (filter.limit ?? 100) - 1);
+    }
+    const { data, error } = await query;
+    if (error) {
+      throw new StorageError(error.message, error.code, error.details);
+    }
+    return data.map(mapPageRowToPage);
+  }
+  async getNavigation(name) {
+    const { data, error } = await this.client.from("navigation").select("*").eq("name", name).single();
+    if (error) {
+      if (error.code === "PGRST116") {
+        return null;
+      }
+      throw new StorageError(error.message, error.code, error.details);
+    }
+    return mapNavigationRowToNavigation(data);
+  }
+  async getNavigationById(id) {
+    const { data, error } = await this.client.from("navigation").select("*").eq("id", id).single();
+    if (error) {
+      if (error.code === "PGRST116") {
+        return null;
+      }
+      throw new StorageError(error.message, error.code, error.details);
+    }
+    return mapNavigationRowToNavigation(data);
+  }
+  async createNavigation(input) {
+    const { data, error } = await this.client.from("navigation").insert({
+      name: input.name,
+      items: input.items
+    }).select().single();
+    if (error) {
+      if (error.code === "23505") {
+        throw new StorageError(
+          `Navigation with name "${input.name}" already exists`,
+          "DUPLICATE_NAME"
+        );
+      }
+      throw new StorageError(error.message, error.code, error.details);
+    }
+    return mapNavigationRowToNavigation(data);
+  }
+  async updateNavigation(input) {
+    const updateData = {};
+    if (input.name !== void 0) {
+      updateData.name = input.name;
+    }
+    if (input.items !== void 0) {
+      updateData.items = input.items;
+    }
+    const { data, error } = await this.client.from("navigation").update(updateData).eq("id", input.id).select().single();
+    if (error) {
+      if (error.code === "PGRST116") {
+        throw new StorageError(`Navigation not found: ${input.id}`, "NOT_FOUND");
+      }
+      throw new StorageError(error.message, error.code, error.details);
+    }
+    return mapNavigationRowToNavigation(data);
+  }
+  async deleteNavigation(id) {
+    const { error } = await this.client.from("navigation").delete().eq("id", id);
+    if (error) {
+      throw new StorageError(error.message, error.code, error.details);
+    }
+  }
+  async listNavigations() {
+    const { data, error } = await this.client.from("navigation").select("*").order("name", { ascending: true });
+    if (error) {
+      throw new StorageError(error.message, error.code, error.details);
+    }
+    return data.map(mapNavigationRowToNavigation);
+  }
+};
+function createStorageAdapter(config) {
+  return new SupabaseStorageAdapter(config);
+}
+
+// src/utils/sanitize.ts
+var import_sanitize_html = __toESM(require("sanitize-html"), 1);
+var ALLOWED_TAGS = [
+  "p",
+  "h1",
+  "h2",
+  "h3",
+  "h4",
+  "h5",
+  "h6",
+  "ul",
+  "ol",
+  "li",
+  "a",
+  "strong",
+  "em",
+  "br",
+  "blockquote",
+  "code",
+  "pre",
+  "img"
+];
+var ALLOWED_ATTRIBUTES = {
+  a: ["href"],
+  img: ["src", "alt"]
+};
+var SANITIZE_OPTIONS = {
+  allowedTags: ALLOWED_TAGS,
+  allowedAttributes: ALLOWED_ATTRIBUTES,
+  disallowedTagsMode: "discard"
+};
+function sanitizeString(value) {
+  return (0, import_sanitize_html.default)(value, SANITIZE_OPTIONS);
+}
+function sanitizeValue(value) {
+  if (typeof value === "string") {
+    return sanitizeString(value);
+  }
+  if (Array.isArray(value)) {
+    return value.map(sanitizeValue);
+  }
+  if (value !== null && typeof value === "object") {
+    const result = {};
+    for (const [key, val] of Object.entries(value)) {
+      result[key] = sanitizeValue(val);
+    }
+    return result;
+  }
+  return value;
+}
+function sanitizeSectionData(sections) {
+  return sections.map((section) => ({
+    ...section,
+    data: sanitizeValue(section.data)
+  }));
+}
+
+// src/utils/slug.ts
+var UMLAUT_MAP = {
+  \u00E4: "ae",
+  \u00F6: "oe",
+  \u00FC: "ue",
+  \u00C4: "Ae",
+  \u00D6: "Oe",
+  \u00DC: "Ue",
+  \u00DF: "ss"
+};
+function generateSlug(title) {
+  let slug = title.toLowerCase().trim();
+  for (const [umlaut, replacement] of Object.entries(UMLAUT_MAP)) {
+    slug = slug.replace(new RegExp(umlaut, "g"), replacement.toLowerCase());
+  }
+  slug = slug.replace(/[\s_]+/g, "-");
+  slug = slug.replace(/[^a-z0-9-]/g, "");
+  slug = slug.replace(/-+/g, "-");
+  slug = slug.replace(/^-+|-+$/g, "");
+  return slug;
+}
+function ensureUniqueSlug(slug, existingSlugs) {
+  if (!existingSlugs.includes(slug)) {
+    return slug;
+  }
+  let counter = 1;
+  let uniqueSlug = `${slug}-${counter}`;
+  while (existingSlugs.includes(uniqueSlug)) {
+    counter++;
+    uniqueSlug = `${slug}-${counter}`;
+  }
+  return uniqueSlug;
+}
+
+// src/storage/handlers.ts
+var StorageValidationError = class extends Error {
+  constructor(message, code) {
+    super(message);
+    this.code = code;
+    this.name = "StorageValidationError";
+  }
+};
+async function handleCreatePage(adapter, input) {
+  if (!input.title.trim()) {
+    throw new StorageValidationError("Page title must not be empty", "EMPTY_TITLE");
+  }
+  const slug = input.slug?.trim() || generateSlug(input.title);
+  if (!slug) {
+    throw new StorageValidationError(
+      "Could not generate a valid slug from the provided title",
+      "INVALID_SLUG"
+    );
+  }
+  const existingPages = await adapter.listPages();
+  const existingSlugs = existingPages.map((p) => p.slug);
+  const uniqueSlug = ensureUniqueSlug(slug, existingSlugs);
+  const sanitizedSections = input.sections ? sanitizeSectionData(input.sections) : void 0;
+  return adapter.createPage({
+    ...input,
+    slug: uniqueSlug,
+    sections: sanitizedSections
+  });
+}
+async function handleUpdatePage(adapter, input) {
+  if (!input.id.trim()) {
+    throw new StorageValidationError("Page ID must not be empty", "EMPTY_ID");
+  }
+  if (input.title !== void 0 && !input.title.trim()) {
+    throw new StorageValidationError("Page title must not be empty", "EMPTY_TITLE");
+  }
+  if (input.slug !== void 0) {
+    const slug = input.slug.trim();
+    if (!slug) {
+      throw new StorageValidationError("Page slug must not be empty", "EMPTY_SLUG");
+    }
+    const existingPages = await adapter.listPages();
+    const existingSlugs = existingPages.filter((p) => p.id !== input.id).map((p) => p.slug);
+    if (existingSlugs.includes(slug)) {
+      throw new StorageValidationError(`Slug "${slug}" is already in use`, "DUPLICATE_SLUG");
+    }
+  }
+  const sanitizedInput = input.sections ? { ...input, sections: sanitizeSectionData(input.sections) } : input;
+  return adapter.updatePage(sanitizedInput);
+}
+async function handleDeletePage(adapter, id) {
+  if (!id.trim()) {
+    throw new StorageValidationError("Page ID must not be empty", "EMPTY_ID");
+  }
+  return adapter.deletePage(id);
+}
+async function handleCreateNavigation(adapter, input) {
+  if (!input.name.trim()) {
+    throw new StorageValidationError("Navigation name must not be empty", "EMPTY_NAME");
+  }
+  const existingNavigations = await adapter.listNavigations();
+  const existingNames = existingNavigations.map((n) => n.name);
+  if (existingNames.includes(input.name.trim())) {
+    throw new StorageValidationError(
+      `Navigation name "${input.name.trim()}" is already in use`,
+      "DUPLICATE_NAME"
+    );
+  }
+  return adapter.createNavigation(input);
+}
+async function handleUpdateNavigation(adapter, input) {
+  if (!input.id.trim()) {
+    throw new StorageValidationError("Navigation ID must not be empty", "EMPTY_ID");
+  }
+  if (input.name !== void 0) {
+    const name = input.name.trim();
+    if (!name) {
+      throw new StorageValidationError("Navigation name must not be empty", "EMPTY_NAME");
+    }
+    const existingNavigations = await adapter.listNavigations();
+    const existingNames = existingNavigations.filter((n) => n.id !== input.id).map((n) => n.name);
+    if (existingNames.includes(name)) {
+      throw new StorageValidationError(
+        `Navigation name "${name}" is already in use`,
+        "DUPLICATE_NAME"
+      );
+    }
+  }
+  return adapter.updateNavigation(input);
+}
+async function handleDeleteNavigation(adapter, id) {
+  if (!id.trim()) {
+    throw new StorageValidationError("Navigation ID must not be empty", "EMPTY_ID");
+  }
+  return adapter.deleteNavigation(id);
+}
+
+// src/media/resolve.ts
+var UUID_PATTERN = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;
+var MEDIA_FIELD_SUFFIXES = ["_image", "_media", "_photo", "_thumbnail", "_avatar", "_icon"];
+function isMediaField(fieldName) {
+  const lower = fieldName.toLowerCase();
+  if (lower === "image" || lower === "media" || lower === "photo" || lower === "thumbnail" || lower === "avatar" || lower === "icon") {
+    return true;
+  }
+  return MEDIA_FIELD_SUFFIXES.some((suffix) => lower.endsWith(suffix));
+}
+function isMediaId(value) {
+  return typeof value === "string" && UUID_PATTERN.test(value);
+}
+async function resolveDataObject(data, adapter) {
+  const resolved = {};
+  for (const [key, value] of Object.entries(data)) {
+    if (isMediaField(key) && isMediaId(value)) {
+      const media = await adapter.getMedia(value);
+      resolved[key] = media ? media.url : null;
+    } else if (value !== null && typeof value === "object" && !Array.isArray(value)) {
+      resolved[key] = await resolveDataObject(value, adapter);
+    } else {
+      resolved[key] = value;
+    }
+  }
+  return resolved;
+}
+async function resolveMediaReferences(sections, adapter) {
+  const resolved = [];
+  for (const section of sections) {
+    const resolvedData = await resolveDataObject(section.data, adapter);
+    resolved.push({
+      id: section.id,
+      type: section.type,
+      data: resolvedData
+    });
+  }
+  return resolved;
+}
+
+// src/delivery/handlers.ts
+async function toPageResponse(page, mediaAdapter) {
+  const resolvedSections = await resolveMediaReferences(page.sections, mediaAdapter);
+  return {
+    id: page.id,
+    slug: page.slug,
+    pageType: page.pageType,
+    title: page.title,
+    sections: resolvedSections,
+    meta: {
+      createdAt: page.createdAt.toISOString(),
+      updatedAt: page.updatedAt.toISOString()
+    }
+  };
+}
+function toNavigationResponse(navigation) {
+  return {
+    id: navigation.id,
+    name: navigation.name,
+    items: navigation.items,
+    meta: {
+      updatedAt: navigation.updatedAt.toISOString()
+    }
+  };
+}
+async function handleListPages(adapter, mediaAdapter, options) {
+  const pages = await adapter.listPages({
+    pageType: options?.pageType,
+    limit: options?.limit,
+    offset: options?.offset
+  });
+  const results = [];
+  for (const page of pages) {
+    results.push(await toPageResponse(page, mediaAdapter));
+  }
+  return results;
+}
+async function handleGetPageBySlug(adapter, mediaAdapter, slug) {
+  const page = await adapter.getPage(slug);
+  if (!page) {
+    return null;
+  }
+  return toPageResponse(page, mediaAdapter);
+}
+async function handleGetNavigation(adapter, name) {
+  const navigation = await adapter.getNavigation(name);
+  if (!navigation) {
+    return null;
+  }
+  return toNavigationResponse(navigation);
+}
+
+// src/media/types.ts
+var ALLOWED_MIME_TYPES = [
+  "image/jpeg",
+  "image/png",
+  "image/gif",
+  "image/webp",
+  "image/svg+xml"
+];
+
+// src/media/supabase-adapter.ts
+var MediaError = class extends Error {
+  constructor(message, code, details) {
+    super(message);
+    this.code = code;
+    this.details = details;
+    this.name = "MediaError";
+  }
+};
+var SupabaseMediaAdapter = class {
+  client;
+  bucketName;
+  constructor(config) {
+    this.client = config.client;
+    this.bucketName = config.bucketName ?? "media";
+  }
+  /**
+   * Generates a unique storage path for a file
+   */
+  generateStoragePath(filename) {
+    const timestamp = Date.now();
+    const randomSuffix = Math.random().toString(36).substring(2, 8);
+    const sanitizedFilename = filename.replace(/[^a-zA-Z0-9.-]/g, "_");
+    return `${timestamp}-${randomSuffix}-${sanitizedFilename}`;
+  }
+  /**
+   * Constructs the public URL for a stored file
+   */
+  getPublicUrl(storagePath) {
+    const { data } = this.client.storage.from(this.bucketName).getPublicUrl(storagePath);
+    return data.publicUrl;
+  }
+  /**
+   * Maps a database row to MediaFile
+   */
+  mapRowToMediaFile(row) {
+    return {
+      id: row.id,
+      filename: row.filename,
+      url: this.getPublicUrl(row.storage_path),
+      mimeType: row.mime_type,
+      size: row.size,
+      createdAt: new Date(row.created_at)
+    };
+  }
+  async upload(input) {
+    const storagePath = this.generateStoragePath(input.filename);
+    const { error: uploadError } = await this.client.storage.from(this.bucketName).upload(storagePath, input.data, {
+      contentType: input.mimeType,
+      upsert: false
+    });
+    if (uploadError) {
+      throw new MediaError(
+        `Failed to upload file: ${uploadError.message}`,
+        "UPLOAD_FAILED",
+        uploadError.message
+      );
+    }
+    const { data, error: dbError } = await this.client.from("media").insert({
+      filename: input.filename,
+      storage_path: storagePath,
+      mime_type: input.mimeType,
+      size: input.size
+    }).select().single();
+    if (dbError) {
+      await this.client.storage.from(this.bucketName).remove([storagePath]);
+      throw new MediaError(
+        `Failed to create media record: ${dbError.message}`,
+        dbError.code,
+        dbError.details
+      );
+    }
+    return this.mapRowToMediaFile(data);
+  }
+  async getMedia(id) {
+    const { data, error } = await this.client.from("media").select("*").eq("id", id).single();
+    if (error) {
+      if (error.code === "PGRST116") {
+        return null;
+      }
+      throw new MediaError(error.message, error.code, error.details);
+    }
+    return this.mapRowToMediaFile(data);
+  }
+  async listMedia(filter) {
+    let query = this.client.from("media").select("*");
+    if (filter?.mimeType) {
+      query = query.eq("mime_type", filter.mimeType);
+    }
+    query = query.order("created_at", { ascending: false });
+    if (filter?.limit) {
+      query = query.limit(filter.limit);
+    }
+    if (filter?.offset) {
+      query = query.range(filter.offset, filter.offset + (filter.limit ?? 100) - 1);
+    }
+    const { data, error } = await query;
+    if (error) {
+      throw new MediaError(error.message, error.code, error.details);
+    }
+    return data.map((row) => this.mapRowToMediaFile(row));
+  }
+  async deleteMedia(id) {
+    const { data: mediaRecord, error: fetchError } = await this.client.from("media").select("storage_path").eq("id", id).single();
+    if (fetchError) {
+      if (fetchError.code === "PGRST116") {
+        throw new MediaError(`Media not found: ${id}`, "NOT_FOUND");
+      }
+      throw new MediaError(fetchError.message, fetchError.code, fetchError.details);
+    }
+    const storagePath = mediaRecord.storage_path;
+    const { error: storageError } = await this.client.storage.from(this.bucketName).remove([storagePath]);
+    if (storageError) {
+      throw new MediaError(
+        `Failed to delete file from storage: ${storageError.message}`,
+        "STORAGE_DELETE_FAILED",
+        storageError.message
+      );
+    }
+    const { error: dbError } = await this.client.from("media").delete().eq("id", id);
+    if (dbError) {
+      throw new MediaError(dbError.message, dbError.code, dbError.details);
+    }
+  }
+};
+function createMediaAdapter(config) {
+  return new SupabaseMediaAdapter(config);
+}
+
+// src/media/handlers.ts
+var MediaValidationError = class extends Error {
+  constructor(message, code) {
+    super(message);
+    this.code = code;
+    this.name = "MediaValidationError";
+  }
+};
+function validateMimeType(mimeType) {
+  const allowed = ALLOWED_MIME_TYPES;
+  if (!allowed.includes(mimeType)) {
+    throw new MediaValidationError(
+      `Invalid file type: ${mimeType}. Allowed types: ${ALLOWED_MIME_TYPES.join(", ")}`,
+      "INVALID_MIME_TYPE"
+    );
+  }
+}
+async function handleUploadMedia(adapter, input) {
+  validateMimeType(input.mimeType);
+  return adapter.upload(input);
+}
+async function handleGetMedia(adapter, id) {
+  return adapter.getMedia(id);
+}
+async function handleListMedia(adapter, filter) {
+  return adapter.listMedia(filter);
+}
+async function handleDeleteMedia(adapter, id) {
+  return adapter.deleteMedia(id);
+}
+
+// src/supabase/factory.ts
+var import_supabase_js = require("@supabase/supabase-js");
+
+// src/auth/supabase-adapter.ts
+var AuthError = class extends Error {
+  constructor(message, code, details) {
+    super(message);
+    this.code = code;
+    this.details = details;
+    this.name = "AuthError";
+  }
+};
+var SupabaseAuthAdapter = class {
+  client;
+  constructor(config) {
+    this.client = config.client;
+  }
+  mapSupabaseUser(user) {
+    if (!user.email) {
+      throw new AuthError("User email is required", "INVALID_USER");
+    }
+    return {
+      id: user.id,
+      email: user.email,
+      metadata: user.user_metadata
+    };
+  }
+  async signInWithOAuth(input) {
+    const { data, error } = await this.client.auth.signInWithOAuth({
+      provider: input.provider,
+      options: {
+        redirectTo: input.redirectTo
+      }
+    });
+    if (error) {
+      throw new AuthError(error.message, error.status?.toString(), error.message);
+    }
+    if (!data.url) {
+      throw new AuthError("OAuth URL not provided", "OAUTH_URL_MISSING");
+    }
+    return {
+      url: data.url,
+      provider: input.provider
+    };
+  }
+  async signInWithPassword(input) {
+    const { data, error } = await this.client.auth.signInWithPassword({
+      email: input.email,
+      password: input.password
+    });
+    if (error) {
+      throw new AuthError(error.message, error.status?.toString(), error.message);
+    }
+    if (!data.session || !data.user) {
+      throw new AuthError("Session or user not returned", "AUTH_FAILED");
+    }
+    return {
+      accessToken: data.session.access_token,
+      refreshToken: data.session.refresh_token,
+      expiresAt: data.session.expires_at ? new Date(data.session.expires_at * 1e3) : void 0,
+      user: this.mapSupabaseUser(data.user)
+    };
+  }
+  async signOut(_accessToken) {
+    const { error } = await this.client.auth.signOut();
+    if (error) {
+      throw new AuthError(error.message, error.status?.toString(), error.message);
+    }
+  }
+  async verifySession(input) {
+    const { data, error } = await this.client.auth.getUser(input.accessToken);
+    if (error) {
+      return null;
+    }
+    if (!data.user) {
+      return null;
+    }
+    return this.mapSupabaseUser(data.user);
+  }
+  async refreshSession(refreshToken) {
+    const { data, error } = await this.client.auth.refreshSession({
+      refresh_token: refreshToken
+    });
+    if (error) {
+      throw new AuthError(error.message, error.status?.toString(), error.message);
+    }
+    if (!data.session || !data.user) {
+      throw new AuthError("Session refresh failed", "REFRESH_FAILED");
+    }
+    return {
+      accessToken: data.session.access_token,
+      refreshToken: data.session.refresh_token,
+      expiresAt: data.session.expires_at ? new Date(data.session.expires_at * 1e3) : void 0,
+      user: this.mapSupabaseUser(data.user)
+    };
+  }
+  async getCurrentUser(accessToken) {
+    const { data, error } = await this.client.auth.getUser(accessToken);
+    if (error) {
+      return null;
+    }
+    if (!data.user) {
+      return null;
+    }
+    return this.mapSupabaseUser(data.user);
+  }
+};
+function createAuthAdapter(config) {
+  return new SupabaseAuthAdapter(config);
+}
+
+// src/auth/handlers.ts
+var AuthValidationError = class extends Error {
+  constructor(message) {
+    super(message);
+    this.name = "AuthValidationError";
+  }
+};
+async function handleSignInWithOAuth(adapter, input) {
+  if (!input.provider) {
+    throw new AuthValidationError("Provider is required");
+  }
+  const validProviders = ["google", "github", "gitlab", "azure", "bitbucket"];
+  if (!validProviders.includes(input.provider)) {
+    throw new AuthValidationError(`Invalid provider. Must be one of: ${validProviders.join(", ")}`);
+  }
+  return await adapter.signInWithOAuth(input);
+}
+function validatePassword(password) {
+  if (password.length < 8) {
+    throw new AuthValidationError("Password must be at least 8 characters");
+  }
+  const hasUpperCase = /[A-Z]/.test(password);
+  const hasLowerCase = /[a-z]/.test(password);
+  const hasNumbers = /\d/.test(password);
+  const hasSpecialChar = /[!@#$%^&*(),.?":{}|<>_\-+=\[\]\\/'`~]/.test(password);
+  const complexityCount = [hasUpperCase, hasLowerCase, hasNumbers, hasSpecialChar].filter(
+    Boolean
+  ).length;
+  if (complexityCount < 3) {
+    throw new AuthValidationError(
+      "Password must contain at least 3 of: uppercase letters, lowercase letters, numbers, special characters"
+    );
+  }
+  const commonPasswords = [
+    "password",
+    "password1",
+    "password123",
+    "12345678",
+    "123456789",
+    "qwerty",
+    "abc123",
+    "monkey",
+    "1234567890",
+    "letmein",
+    "trustno1",
+    "dragon",
+    "baseball",
+    "iloveyou",
+    "master",
+    "sunshine",
+    "ashley",
+    "bailey",
+    "shadow",
+    "123123"
+  ];
+  if (commonPasswords.includes(password.toLowerCase())) {
+    throw new AuthValidationError("Password is too common. Please choose a stronger password.");
+  }
+}
+async function handleSignInWithPassword(adapter, input) {
+  if (!input.email || !input.password) {
+    throw new AuthValidationError("Email and password are required");
+  }
+  if (!input.email.includes("@")) {
+    throw new AuthValidationError("Invalid email format");
+  }
+  validatePassword(input.password);
+  return await adapter.signInWithPassword(input);
+}
+async function handleSignOut(adapter, accessToken) {
+  if (!accessToken) {
+    throw new AuthValidationError("Access token is required");
+  }
+  return await adapter.signOut(accessToken);
+}
+async function handleVerifySession(adapter, input) {
+  if (!input.accessToken) {
+    throw new AuthValidationError("Access token is required");
+  }
+  if (input.expiresAt) {
+    const now = /* @__PURE__ */ new Date();
+    const expiresAt = input.expiresAt instanceof Date ? input.expiresAt : new Date(input.expiresAt);
+    if (now > expiresAt) {
+      throw new AuthValidationError("Token has expired");
+    }
+  }
+  const user = await adapter.verifySession(input);
+  if (!user) {
+    throw new AuthValidationError("Invalid or expired token");
+  }
+  return user;
+}
+async function handleRefreshSession(adapter, refreshToken) {
+  if (!refreshToken) {
+    throw new AuthValidationError("Refresh token is required");
+  }
+  return await adapter.refreshSession(refreshToken);
+}
+async function handleGetCurrentUser(adapter, accessToken) {
+  if (!accessToken) {
+    throw new AuthValidationError("Access token is required");
+  }
+  return await adapter.getCurrentUser(accessToken);
+}
+
+// src/auth/middleware.ts
+function createAuthMiddleware(config) {
+  const extractToken = config.extractToken || ((headers) => {
+    const authHeader = headers.authorization || headers.Authorization;
+    if (!authHeader) return null;
+    const parts = authHeader.split(" ");
+    if (parts.length !== 2 || parts[0] !== "Bearer") return null;
+    return parts[1];
+  });
+  return async function authenticate(headers) {
+    const token = extractToken(headers);
+    if (!token) {
+      throw new Error("No authentication token provided");
+    }
+    const user = await config.adapter.verifySession({ accessToken: token });
+    if (!user) {
+      throw new Error("Invalid or expired token");
+    }
+    return {
+      user,
+      accessToken: token
+    };
+  };
+}
+
+// src/supabase/factory.ts
+function readEnv(name) {
+  const processLike = globalThis.process;
+  return processLike?.env[name];
+}
+function resolveRequiredConfig(explicitValue, envName) {
+  const explicit = explicitValue?.trim();
+  if (explicit) {
+    return explicit;
+  }
+  const fromEnv = readEnv(envName)?.trim();
+  if (fromEnv) {
+    return fromEnv;
+  }
+  throw new Error(
+    `Missing Supabase configuration: provide ${envName} in factory config or environment variable`
+  );
+}
+function resolveBucketName(config) {
+  const explicitBucket = config.storage?.bucket?.trim();
+  if (explicitBucket) {
+    return explicitBucket;
+  }
+  const envBucket = readEnv("SUPABASE_STORAGE_BUCKET")?.trim();
+  if (envBucket) {
+    return envBucket;
+  }
+  return "media";
+}
+function createSupabaseAdapters(config = {}) {
+  const url = resolveRequiredConfig(config.url, "SUPABASE_URL");
+  const key = resolveRequiredConfig(config.key, "SUPABASE_SECRET_KEY");
+  const bucketName = resolveBucketName(config);
+  const client = (0, import_supabase_js.createClient)(url, key);
+  return {
+    storageAdapter: createStorageAdapter({ client }),
+    mediaAdapter: createMediaAdapter({ client, bucketName }),
+    authAdapter: createAuthAdapter({ client })
+  };
+}
+
+// src/export/handlers.ts
+function contentDisposition(filename) {
+  return `attachment; filename="${filename}"`;
+}
+async function toPageExport(page, mediaAdapter) {
+  const resolvedSections = await resolveMediaReferences(page.sections, mediaAdapter);
+  return {
+    id: page.id,
+    slug: page.slug,
+    pageType: page.pageType,
+    title: page.title,
+    sections: resolvedSections,
+    createdAt: page.createdAt.toISOString(),
+    updatedAt: page.updatedAt.toISOString()
+  };
+}
+async function handleExportPage(storageAdapter, mediaAdapter, slug) {
+  const page = await storageAdapter.getPage(slug);
+  if (!page) {
+    return null;
+  }
+  const data = await toPageExport(page, mediaAdapter);
+  return {
+    data,
+    contentDisposition: contentDisposition(`${page.slug}.json`)
+  };
+}
+async function handleExportAllPages(storageAdapter, mediaAdapter) {
+  const pages = await storageAdapter.listPages();
+  const exportedPages = [];
+  for (const page of pages) {
+    exportedPages.push(await toPageExport(page, mediaAdapter));
+  }
+  const data = {
+    pages: exportedPages,
+    exportedAt: (/* @__PURE__ */ new Date()).toISOString()
+  };
+  return {
+    data,
+    contentDisposition: contentDisposition("pages-export.json")
+  };
+}
+function toNavigationExport(nav) {
+  return {
+    id: nav.id,
+    name: nav.name,
+    items: nav.items,
+    updatedAt: nav.updatedAt.toISOString()
+  };
+}
+async function handleExportNavigations(storageAdapter) {
+  const navigations = await storageAdapter.listNavigations();
+  const data = {
+    navigations: navigations.map(toNavigationExport),
+    exportedAt: (/* @__PURE__ */ new Date()).toISOString()
+  };
+  return {
+    data,
+    contentDisposition: contentDisposition("navigation-export.json")
+  };
+}
+async function handleExportSite(storageAdapter, mediaAdapter) {
+  const pages = await storageAdapter.listPages();
+  const exportedPages = [];
+  for (const page of pages) {
+    exportedPages.push(await toPageExport(page, mediaAdapter));
+  }
+  const navigations = await storageAdapter.listNavigations();
+  const exportedNavigations = navigations.map(toNavigationExport);
+  const mediaFiles = await mediaAdapter.listMedia();
+  const exportedMedia = mediaFiles.map((file) => ({
+    id: file.id,
+    filename: file.filename,
+    url: file.url,
+    mimeType: file.mimeType,
+    size: file.size,
+    createdAt: file.createdAt.toISOString()
+  }));
+  const data = {
+    pages: exportedPages,
+    navigations: exportedNavigations,
+    media: exportedMedia,
+    exportedAt: (/* @__PURE__ */ new Date()).toISOString()
+  };
+  return {
+    data,
+    contentDisposition: contentDisposition("site-export.json")
+  };
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  ALLOWED_MIME_TYPES,
+  AuthError,
+  AuthValidationError,
+  MediaError,
+  MediaValidationError,
+  StorageError,
+  StorageValidationError,
+  SupabaseAuthAdapter,
+  SupabaseMediaAdapter,
+  SupabaseStorageAdapter,
+  createAuthAdapter,
+  createAuthMiddleware,
+  createMediaAdapter,
+  createStorageAdapter,
+  createSupabaseAdapters,
+  ensureUniqueSlug,
+  generateSlug,
+  handleCreateNavigation,
+  handleCreatePage,
+  handleDeleteMedia,
+  handleDeleteNavigation,
+  handleDeletePage,
+  handleExportAllPages,
+  handleExportNavigations,
+  handleExportPage,
+  handleExportSite,
+  handleGetCurrentUser,
+  handleGetMedia,
+  handleGetNavigation,
+  handleGetPageBySlug,
+  handleListMedia,
+  handleListPages,
+  handleRefreshSession,
+  handleSignInWithOAuth,
+  handleSignInWithPassword,
+  handleSignOut,
+  handleUpdateNavigation,
+  handleUpdatePage,
+  handleUploadMedia,
+  handleVerifySession,
+  resolveMediaReferences
+});
+//# sourceMappingURL=index.cjs.map