@structcms/api 0.1.0

package/dist/next/index.cjs

@@ -0,0 +1,1114 @@
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/next/index.ts
+var next_exports = {};
+__export(next_exports, {
+  createAuthenticatedRoute: () => createAuthenticatedRoute,
+  createNextAuthCurrentUserRoute: () => createNextAuthCurrentUserRoute,
+  createNextAuthOAuthRoute: () => createNextAuthOAuthRoute,
+  createNextAuthRefreshRoute: () => createNextAuthRefreshRoute,
+  createNextAuthSignInRoute: () => createNextAuthSignInRoute,
+  createNextAuthSignOutRoute: () => createNextAuthSignOutRoute,
+  createNextAuthVerifyRoute: () => createNextAuthVerifyRoute,
+  createNextMediaByIdRoute: () => createNextMediaByIdRoute,
+  createNextMediaRoute: () => createNextMediaRoute,
+  createNextNavigationByIdRoute: () => createNextNavigationByIdRoute,
+  createNextNavigationRoute: () => createNextNavigationRoute,
+  createNextPageByIdRoute: () => createNextPageByIdRoute,
+  createNextPageBySlugRoute: () => createNextPageBySlugRoute,
+  createNextPagesRoute: () => createNextPagesRoute
+});
+module.exports = __toCommonJS(next_exports);
+
+// src/media/resolve.ts
+var UUID_PATTERN = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;
+var MEDIA_FIELD_SUFFIXES = ["_image", "_media", "_photo", "_thumbnail", "_avatar", "_icon"];
+function isMediaField(fieldName) {
+  const lower = fieldName.toLowerCase();
+  if (lower === "image" || lower === "media" || lower === "photo" || lower === "thumbnail" || lower === "avatar" || lower === "icon") {
+    return true;
+  }
+  return MEDIA_FIELD_SUFFIXES.some((suffix) => lower.endsWith(suffix));
+}
+function isMediaId(value) {
+  return typeof value === "string" && UUID_PATTERN.test(value);
+}
+async function resolveDataObject(data, adapter) {
+  const resolved = {};
+  for (const [key, value] of Object.entries(data)) {
+    if (isMediaField(key) && isMediaId(value)) {
+      const media = await adapter.getMedia(value);
+      resolved[key] = media ? media.url : null;
+    } else if (value !== null && typeof value === "object" && !Array.isArray(value)) {
+      resolved[key] = await resolveDataObject(value, adapter);
+    } else {
+      resolved[key] = value;
+    }
+  }
+  return resolved;
+}
+async function resolveMediaReferences(sections, adapter) {
+  const resolved = [];
+  for (const section of sections) {
+    const resolvedData = await resolveDataObject(section.data, adapter);
+    resolved.push({
+      id: section.id,
+      type: section.type,
+      data: resolvedData
+    });
+  }
+  return resolved;
+}
+
+// src/delivery/handlers.ts
+async function toPageResponse(page, mediaAdapter) {
+  const resolvedSections = await resolveMediaReferences(page.sections, mediaAdapter);
+  return {
+    id: page.id,
+    slug: page.slug,
+    pageType: page.pageType,
+    title: page.title,
+    sections: resolvedSections,
+    meta: {
+      createdAt: page.createdAt.toISOString(),
+      updatedAt: page.updatedAt.toISOString()
+    }
+  };
+}
+async function handleListPages(adapter, mediaAdapter, options) {
+  const pages = await adapter.listPages({
+    pageType: options?.pageType,
+    limit: options?.limit,
+    offset: options?.offset
+  });
+  const results = [];
+  for (const page of pages) {
+    results.push(await toPageResponse(page, mediaAdapter));
+  }
+  return results;
+}
+async function handleGetPageBySlug(adapter, mediaAdapter, slug) {
+  const page = await adapter.getPage(slug);
+  if (!page) {
+    return null;
+  }
+  return toPageResponse(page, mediaAdapter);
+}
+
+// src/media/types.ts
+var ALLOWED_MIME_TYPES = [
+  "image/jpeg",
+  "image/png",
+  "image/gif",
+  "image/webp",
+  "image/svg+xml"
+];
+
+// src/media/handlers.ts
+var MediaValidationError = class extends Error {
+  constructor(message, code) {
+    super(message);
+    this.code = code;
+    this.name = "MediaValidationError";
+  }
+};
+function validateMimeType(mimeType) {
+  const allowed = ALLOWED_MIME_TYPES;
+  if (!allowed.includes(mimeType)) {
+    throw new MediaValidationError(
+      `Invalid file type: ${mimeType}. Allowed types: ${ALLOWED_MIME_TYPES.join(", ")}`,
+      "INVALID_MIME_TYPE"
+    );
+  }
+}
+async function handleUploadMedia(adapter, input) {
+  validateMimeType(input.mimeType);
+  return adapter.upload(input);
+}
+async function handleGetMedia(adapter, id) {
+  return adapter.getMedia(id);
+}
+async function handleListMedia(adapter, filter) {
+  return adapter.listMedia(filter);
+}
+async function handleDeleteMedia(adapter, id) {
+  return adapter.deleteMedia(id);
+}
+
+// src/utils/sanitize.ts
+var import_sanitize_html = __toESM(require("sanitize-html"), 1);
+var ALLOWED_TAGS = [
+  "p",
+  "h1",
+  "h2",
+  "h3",
+  "h4",
+  "h5",
+  "h6",
+  "ul",
+  "ol",
+  "li",
+  "a",
+  "strong",
+  "em",
+  "br",
+  "blockquote",
+  "code",
+  "pre",
+  "img"
+];
+var ALLOWED_ATTRIBUTES = {
+  a: ["href"],
+  img: ["src", "alt"]
+};
+var SANITIZE_OPTIONS = {
+  allowedTags: ALLOWED_TAGS,
+  allowedAttributes: ALLOWED_ATTRIBUTES,
+  disallowedTagsMode: "discard"
+};
+function sanitizeString(value) {
+  return (0, import_sanitize_html.default)(value, SANITIZE_OPTIONS);
+}
+function sanitizeValue(value) {
+  if (typeof value === "string") {
+    return sanitizeString(value);
+  }
+  if (Array.isArray(value)) {
+    return value.map(sanitizeValue);
+  }
+  if (value !== null && typeof value === "object") {
+    const result = {};
+    for (const [key, val] of Object.entries(value)) {
+      result[key] = sanitizeValue(val);
+    }
+    return result;
+  }
+  return value;
+}
+function sanitizeSectionData(sections) {
+  return sections.map((section) => ({
+    ...section,
+    data: sanitizeValue(section.data)
+  }));
+}
+
+// src/utils/slug.ts
+var UMLAUT_MAP = {
+  \u00E4: "ae",
+  \u00F6: "oe",
+  \u00FC: "ue",
+  \u00C4: "Ae",
+  \u00D6: "Oe",
+  \u00DC: "Ue",
+  \u00DF: "ss"
+};
+function generateSlug(title) {
+  let slug = title.toLowerCase().trim();
+  for (const [umlaut, replacement] of Object.entries(UMLAUT_MAP)) {
+    slug = slug.replace(new RegExp(umlaut, "g"), replacement.toLowerCase());
+  }
+  slug = slug.replace(/[\s_]+/g, "-");
+  slug = slug.replace(/[^a-z0-9-]/g, "");
+  slug = slug.replace(/-+/g, "-");
+  slug = slug.replace(/^-+|-+$/g, "");
+  return slug;
+}
+function ensureUniqueSlug(slug, existingSlugs) {
+  if (!existingSlugs.includes(slug)) {
+    return slug;
+  }
+  let counter = 1;
+  let uniqueSlug = `${slug}-${counter}`;
+  while (existingSlugs.includes(uniqueSlug)) {
+    counter++;
+    uniqueSlug = `${slug}-${counter}`;
+  }
+  return uniqueSlug;
+}
+
+// src/storage/handlers.ts
+var StorageValidationError = class extends Error {
+  constructor(message, code) {
+    super(message);
+    this.code = code;
+    this.name = "StorageValidationError";
+  }
+};
+async function handleCreatePage(adapter, input) {
+  if (!input.title.trim()) {
+    throw new StorageValidationError("Page title must not be empty", "EMPTY_TITLE");
+  }
+  const slug = input.slug?.trim() || generateSlug(input.title);
+  if (!slug) {
+    throw new StorageValidationError(
+      "Could not generate a valid slug from the provided title",
+      "INVALID_SLUG"
+    );
+  }
+  const existingPages = await adapter.listPages();
+  const existingSlugs = existingPages.map((p) => p.slug);
+  const uniqueSlug = ensureUniqueSlug(slug, existingSlugs);
+  const sanitizedSections = input.sections ? sanitizeSectionData(input.sections) : void 0;
+  return adapter.createPage({
+    ...input,
+    slug: uniqueSlug,
+    sections: sanitizedSections
+  });
+}
+async function handleUpdatePage(adapter, input) {
+  if (!input.id.trim()) {
+    throw new StorageValidationError("Page ID must not be empty", "EMPTY_ID");
+  }
+  if (input.title !== void 0 && !input.title.trim()) {
+    throw new StorageValidationError("Page title must not be empty", "EMPTY_TITLE");
+  }
+  if (input.slug !== void 0) {
+    const slug = input.slug.trim();
+    if (!slug) {
+      throw new StorageValidationError("Page slug must not be empty", "EMPTY_SLUG");
+    }
+    const existingPages = await adapter.listPages();
+    const existingSlugs = existingPages.filter((p) => p.id !== input.id).map((p) => p.slug);
+    if (existingSlugs.includes(slug)) {
+      throw new StorageValidationError(`Slug "${slug}" is already in use`, "DUPLICATE_SLUG");
+    }
+  }
+  const sanitizedInput = input.sections ? { ...input, sections: sanitizeSectionData(input.sections) } : input;
+  return adapter.updatePage(sanitizedInput);
+}
+async function handleDeletePage(adapter, id) {
+  if (!id.trim()) {
+    throw new StorageValidationError("Page ID must not be empty", "EMPTY_ID");
+  }
+  return adapter.deletePage(id);
+}
+async function handleCreateNavigation(adapter, input) {
+  if (!input.name.trim()) {
+    throw new StorageValidationError("Navigation name must not be empty", "EMPTY_NAME");
+  }
+  const existingNavigations = await adapter.listNavigations();
+  const existingNames = existingNavigations.map((n) => n.name);
+  if (existingNames.includes(input.name.trim())) {
+    throw new StorageValidationError(
+      `Navigation name "${input.name.trim()}" is already in use`,
+      "DUPLICATE_NAME"
+    );
+  }
+  return adapter.createNavigation(input);
+}
+async function handleUpdateNavigation(adapter, input) {
+  if (!input.id.trim()) {
+    throw new StorageValidationError("Navigation ID must not be empty", "EMPTY_ID");
+  }
+  if (input.name !== void 0) {
+    const name = input.name.trim();
+    if (!name) {
+      throw new StorageValidationError("Navigation name must not be empty", "EMPTY_NAME");
+    }
+    const existingNavigations = await adapter.listNavigations();
+    const existingNames = existingNavigations.filter((n) => n.id !== input.id).map((n) => n.name);
+    if (existingNames.includes(name)) {
+      throw new StorageValidationError(
+        `Navigation name "${name}" is already in use`,
+        "DUPLICATE_NAME"
+      );
+    }
+  }
+  return adapter.updateNavigation(input);
+}
+async function handleDeleteNavigation(adapter, id) {
+  if (!id.trim()) {
+    throw new StorageValidationError("Navigation ID must not be empty", "EMPTY_ID");
+  }
+  return adapter.deleteNavigation(id);
+}
+
+// src/next/factories.ts
+function getResponseConstructor() {
+  const responseCtor = globalThis.Response;
+  if (!responseCtor) {
+    throw new Error("Response constructor is not available in this runtime");
+  }
+  return responseCtor;
+}
+function jsonResponse(data, status = 200) {
+  const ResponseCtor = getResponseConstructor();
+  return new ResponseCtor(JSON.stringify(data), {
+    status,
+    headers: {
+      "content-type": "application/json"
+    }
+  });
+}
+function getErrorMessage(error) {
+  if (error instanceof Error) {
+    return error.message;
+  }
+  return "Unknown error";
+}
+function errorResponse(error, fallbackStatus = 500) {
+  if (error instanceof StorageValidationError || error instanceof MediaValidationError || error instanceof SyntaxError) {
+    return jsonResponse({ error: getErrorMessage(error) }, 400);
+  }
+  return jsonResponse({ error: getErrorMessage(error) }, fallbackStatus);
+}
+async function resolveParams(context) {
+  return context.params;
+}
+function normalizeSlug(slug) {
+  return Array.isArray(slug) ? slug.join("/") : slug;
+}
+function asObject(value) {
+  if (!value || typeof value !== "object" || Array.isArray(value)) {
+    return null;
+  }
+  return value;
+}
+function isFileLike(value) {
+  if (!value || typeof value !== "object") {
+    return false;
+  }
+  const candidate = value;
+  return typeof candidate.name === "string" && typeof candidate.type === "string" && typeof candidate.size === "number" && typeof candidate.arrayBuffer === "function";
+}
+function parseStringField(value) {
+  return typeof value === "string" ? value : void 0;
+}
+function parsePageSections(value) {
+  if (value === void 0) {
+    return void 0;
+  }
+  if (!Array.isArray(value)) {
+    return void 0;
+  }
+  const sections = [];
+  for (const entry of value) {
+    if (!entry || typeof entry !== "object" || Array.isArray(entry)) {
+      return void 0;
+    }
+    const sectionCandidate = entry;
+    if (sectionCandidate.id !== void 0 && typeof sectionCandidate.id !== "string" || typeof sectionCandidate.type !== "string" || !sectionCandidate.data || typeof sectionCandidate.data !== "object" || Array.isArray(sectionCandidate.data)) {
+      return void 0;
+    }
+    sections.push({
+      id: sectionCandidate.id,
+      type: sectionCandidate.type,
+      data: sectionCandidate.data
+    });
+  }
+  return sections;
+}
+function normalizePageSections(sections, existingSections = []) {
+  if (!sections) {
+    return void 0;
+  }
+  return sections.map((section, index) => ({
+    id: section.id ?? existingSections[index]?.id ?? `${section.type}-${index + 1}`,
+    type: section.type,
+    data: section.data
+  }));
+}
+function parseNavigationItems(value) {
+  if (!Array.isArray(value)) {
+    return void 0;
+  }
+  const items = [];
+  for (const entry of value) {
+    if (!entry || typeof entry !== "object" || Array.isArray(entry)) {
+      return void 0;
+    }
+    const itemCandidate = entry;
+    if (typeof itemCandidate.label !== "string" || typeof itemCandidate.href !== "string") {
+      return void 0;
+    }
+    const children = itemCandidate.children === void 0 ? void 0 : parseNavigationItems(itemCandidate.children);
+    if (itemCandidate.children !== void 0 && !children) {
+      return void 0;
+    }
+    items.push({
+      label: itemCandidate.label,
+      href: itemCandidate.href,
+      children
+    });
+  }
+  return items;
+}
+function parseCreatePageInput(payload) {
+  const pageType = parseStringField(payload.pageType);
+  const title = parseStringField(payload.title);
+  const slug = parseStringField(payload.slug);
+  const sections = normalizePageSections(parsePageSections(payload.sections));
+  if (!pageType || !title) {
+    return null;
+  }
+  if (payload.sections !== void 0 && !sections) {
+    return null;
+  }
+  return {
+    pageType,
+    title,
+    slug,
+    sections
+  };
+}
+function parseUpdatePagePatch(payload) {
+  const slug = parseStringField(payload.slug);
+  const pageType = parseStringField(payload.pageType);
+  const title = parseStringField(payload.title);
+  const sections = parsePageSections(payload.sections);
+  if (payload.slug !== void 0 && !slug) {
+    return null;
+  }
+  if (payload.pageType !== void 0 && !pageType) {
+    return null;
+  }
+  if (payload.title !== void 0 && !title) {
+    return null;
+  }
+  if (payload.sections !== void 0 && !sections) {
+    return null;
+  }
+  return {
+    slug,
+    pageType,
+    title,
+    sections
+  };
+}
+function parseCreateNavigationInput(payload) {
+  const name = parseStringField(payload.name);
+  const items = parseNavigationItems(payload.items);
+  if (!name || !items) {
+    return null;
+  }
+  return {
+    name,
+    items
+  };
+}
+function parseUpdateNavigationPatch(payload) {
+  const name = parseStringField(payload.name);
+  const items = payload.items === void 0 ? void 0 : parseNavigationItems(payload.items);
+  if (payload.name !== void 0 && !name) {
+    return null;
+  }
+  if (payload.items !== void 0 && !items) {
+    return null;
+  }
+  return {
+    name,
+    items
+  };
+}
+function toPageResponse2(page) {
+  return {
+    id: page.id,
+    slug: page.slug,
+    pageType: page.pageType,
+    title: page.title,
+    sections: page.sections,
+    meta: {
+      createdAt: page.createdAt.toISOString(),
+      updatedAt: page.updatedAt.toISOString()
+    }
+  };
+}
+function toNavigationResponse(navigation) {
+  return {
+    id: navigation.id,
+    name: navigation.name,
+    items: navigation.items,
+    meta: {
+      updatedAt: navigation.updatedAt.toISOString()
+    }
+  };
+}
+function createNextPagesRoute(config) {
+  return {
+    GET: async (_request) => {
+      try {
+        const pages = await handleListPages(config.storageAdapter, config.mediaAdapter);
+        return jsonResponse(pages);
+      } catch (error) {
+        return errorResponse(error);
+      }
+    },
+    POST: async (request) => {
+      try {
+        const payload = asObject(await request.json());
+        if (!payload) {
+          return jsonResponse({ error: "Request body must be an object" }, 400);
+        }
+        const createInput = parseCreatePageInput(payload);
+        if (!createInput) {
+          return jsonResponse({ error: "Invalid page payload" }, 400);
+        }
+        const page = await handleCreatePage(config.storageAdapter, createInput);
+        return jsonResponse(page, 201);
+      } catch (error) {
+        return errorResponse(error, 400);
+      }
+    }
+  };
+}
+function createNextPageBySlugRoute(config) {
+  return {
+    GET: async (_request, context) => {
+      try {
+        const { slug } = await resolveParams(context);
+        const page = await handleGetPageBySlug(
+          config.storageAdapter,
+          config.mediaAdapter,
+          normalizeSlug(slug)
+        );
+        if (!page) {
+          return jsonResponse({ error: "Page not found" }, 404);
+        }
+        return jsonResponse(page);
+      } catch (error) {
+        return errorResponse(error);
+      }
+    },
+    PUT: async (request, context) => {
+      try {
+        const { slug } = await resolveParams(context);
+        const normalizedSlug = normalizeSlug(slug);
+        const existingPage = await handleGetPageBySlug(
+          config.storageAdapter,
+          config.mediaAdapter,
+          normalizedSlug
+        );
+        if (!existingPage) {
+          return jsonResponse({ error: "Page not found" }, 404);
+        }
+        const payload = asObject(await request.json());
+        if (!payload) {
+          return jsonResponse({ error: "Request body must be an object" }, 400);
+        }
+        const pagePatch = parseUpdatePagePatch(payload);
+        if (!pagePatch) {
+          return jsonResponse({ error: "Invalid page payload" }, 400);
+        }
+        const normalizedSections = normalizePageSections(pagePatch.sections, existingPage.sections);
+        const page = await handleUpdatePage(config.storageAdapter, {
+          ...pagePatch,
+          sections: normalizedSections,
+          id: existingPage.id
+        });
+        return jsonResponse(toPageResponse2(page));
+      } catch (error) {
+        return errorResponse(error, 400);
+      }
+    },
+    DELETE: async (_request, context) => {
+      try {
+        const { slug } = await resolveParams(context);
+        const existingPage = await handleGetPageBySlug(
+          config.storageAdapter,
+          config.mediaAdapter,
+          normalizeSlug(slug)
+        );
+        if (!existingPage) {
+          return jsonResponse({ error: "Page not found" }, 404);
+        }
+        await handleDeletePage(config.storageAdapter, existingPage.id);
+        return jsonResponse({ success: true });
+      } catch (error) {
+        return errorResponse(error);
+      }
+    }
+  };
+}
+function createNextPageByIdRoute(config) {
+  return {
+    GET: async (_request, context) => {
+      try {
+        const { id } = await resolveParams(context);
+        const page = await config.storageAdapter.getPageById(id);
+        if (!page) {
+          return jsonResponse({ error: "Page not found" }, 404);
+        }
+        return jsonResponse(toPageResponse2(page));
+      } catch (error) {
+        return errorResponse(error);
+      }
+    },
+    PUT: async (request, context) => {
+      try {
+        const { id } = await resolveParams(context);
+        const existingPage = await config.storageAdapter.getPageById(id);
+        if (!existingPage) {
+          return jsonResponse({ error: "Page not found" }, 404);
+        }
+        const payload = asObject(await request.json());
+        if (!payload) {
+          return jsonResponse({ error: "Request body must be an object" }, 400);
+        }
+        const pagePatch = parseUpdatePagePatch(payload);
+        if (!pagePatch) {
+          return jsonResponse({ error: "Invalid page payload" }, 400);
+        }
+        const normalizedSections = normalizePageSections(pagePatch.sections, existingPage.sections);
+        const page = await handleUpdatePage(config.storageAdapter, {
+          ...pagePatch,
+          sections: normalizedSections,
+          id: existingPage.id
+        });
+        return jsonResponse(toPageResponse2(page));
+      } catch (error) {
+        return errorResponse(error, 400);
+      }
+    },
+    DELETE: async (_request, context) => {
+      try {
+        const { id } = await resolveParams(context);
+        const existingPage = await config.storageAdapter.getPageById(id);
+        if (!existingPage) {
+          return jsonResponse({ error: "Page not found" }, 404);
+        }
+        await handleDeletePage(config.storageAdapter, existingPage.id);
+        return jsonResponse({ success: true });
+      } catch (error) {
+        return errorResponse(error);
+      }
+    }
+  };
+}
+function createNextMediaRoute(config) {
+  return {
+    GET: async (_request) => {
+      try {
+        const media = await handleListMedia(config.mediaAdapter);
+        return jsonResponse(media);
+      } catch (error) {
+        return errorResponse(error);
+      }
+    },
+    POST: async (request) => {
+      try {
+        const formData = await request.formData();
+        const file = formData.get("file");
+        if (!isFileLike(file)) {
+          return jsonResponse({ error: "No file provided" }, 400);
+        }
+        const input = {
+          filename: file.name,
+          mimeType: file.type,
+          size: file.size,
+          data: await file.arrayBuffer()
+        };
+        const mediaFile = await handleUploadMedia(config.mediaAdapter, input);
+        return jsonResponse(mediaFile, 201);
+      } catch (error) {
+        return errorResponse(error, 400);
+      }
+    }
+  };
+}
+function createNextMediaByIdRoute(config) {
+  return {
+    GET: async (_request, context) => {
+      try {
+        const { id } = await resolveParams(context);
+        const media = await handleGetMedia(config.mediaAdapter, id);
+        if (!media) {
+          return jsonResponse({ error: "Media not found" }, 404);
+        }
+        return jsonResponse(media);
+      } catch (error) {
+        return errorResponse(error);
+      }
+    },
+    DELETE: async (_request, context) => {
+      try {
+        const { id } = await resolveParams(context);
+        await handleDeleteMedia(config.mediaAdapter, id);
+        return jsonResponse({ success: true });
+      } catch (error) {
+        return errorResponse(error);
+      }
+    }
+  };
+}
+function createNextNavigationRoute(config) {
+  return {
+    GET: async (_request) => {
+      try {
+        const navigations = await config.storageAdapter.listNavigations();
+        return jsonResponse(navigations.map(toNavigationResponse));
+      } catch (error) {
+        return errorResponse(error);
+      }
+    },
+    POST: async (request) => {
+      try {
+        const payload = asObject(await request.json());
+        if (!payload) {
+          return jsonResponse({ error: "Request body must be an object" }, 400);
+        }
+        const createInput = parseCreateNavigationInput(payload);
+        if (!createInput) {
+          return jsonResponse({ error: "Invalid navigation payload" }, 400);
+        }
+        const navigation = await handleCreateNavigation(config.storageAdapter, createInput);
+        return jsonResponse(navigation, 201);
+      } catch (error) {
+        return errorResponse(error, 400);
+      }
+    }
+  };
+}
+function createNextNavigationByIdRoute(config) {
+  return {
+    GET: async (_request, context) => {
+      try {
+        const { id } = await resolveParams(context);
+        const navigation = await config.storageAdapter.getNavigationById(id);
+        if (!navigation) {
+          return jsonResponse({ error: "Navigation not found" }, 404);
+        }
+        return jsonResponse(toNavigationResponse(navigation));
+      } catch (error) {
+        return errorResponse(error);
+      }
+    },
+    PUT: async (request, context) => {
+      try {
+        const { id } = await resolveParams(context);
+        const existingNavigation = await config.storageAdapter.getNavigationById(id);
+        if (!existingNavigation) {
+          return jsonResponse({ error: "Navigation not found" }, 404);
+        }
+        const payload = asObject(await request.json());
+        if (!payload) {
+          return jsonResponse({ error: "Request body must be an object" }, 400);
+        }
+        const navigationPatch = parseUpdateNavigationPatch(payload);
+        if (!navigationPatch) {
+          return jsonResponse({ error: "Invalid navigation payload" }, 400);
+        }
+        const navigation = await handleUpdateNavigation(config.storageAdapter, {
+          ...navigationPatch,
+          id: existingNavigation.id
+        });
+        return jsonResponse(navigation);
+      } catch (error) {
+        return errorResponse(error, 400);
+      }
+    },
+    DELETE: async (_request, context) => {
+      try {
+        const { id } = await resolveParams(context);
+        const existingNavigation = await config.storageAdapter.getNavigationById(id);
+        if (!existingNavigation) {
+          return jsonResponse({ error: "Navigation not found" }, 404);
+        }
+        await handleDeleteNavigation(config.storageAdapter, existingNavigation.id);
+        return jsonResponse({ success: true });
+      } catch (error) {
+        return errorResponse(error);
+      }
+    }
+  };
+}
+
+// src/auth/handlers.ts
+var AuthValidationError = class extends Error {
+  constructor(message) {
+    super(message);
+    this.name = "AuthValidationError";
+  }
+};
+async function handleSignInWithOAuth(adapter, input) {
+  if (!input.provider) {
+    throw new AuthValidationError("Provider is required");
+  }
+  const validProviders = ["google", "github", "gitlab", "azure", "bitbucket"];
+  if (!validProviders.includes(input.provider)) {
+    throw new AuthValidationError(`Invalid provider. Must be one of: ${validProviders.join(", ")}`);
+  }
+  return await adapter.signInWithOAuth(input);
+}
+function validatePassword(password) {
+  if (password.length < 8) {
+    throw new AuthValidationError("Password must be at least 8 characters");
+  }
+  const hasUpperCase = /[A-Z]/.test(password);
+  const hasLowerCase = /[a-z]/.test(password);
+  const hasNumbers = /\d/.test(password);
+  const hasSpecialChar = /[!@#$%^&*(),.?":{}|<>_\-+=\[\]\\/'`~]/.test(password);
+  const complexityCount = [hasUpperCase, hasLowerCase, hasNumbers, hasSpecialChar].filter(
+    Boolean
+  ).length;
+  if (complexityCount < 3) {
+    throw new AuthValidationError(
+      "Password must contain at least 3 of: uppercase letters, lowercase letters, numbers, special characters"
+    );
+  }
+  const commonPasswords = [
+    "password",
+    "password1",
+    "password123",
+    "12345678",
+    "123456789",
+    "qwerty",
+    "abc123",
+    "monkey",
+    "1234567890",
+    "letmein",
+    "trustno1",
+    "dragon",
+    "baseball",
+    "iloveyou",
+    "master",
+    "sunshine",
+    "ashley",
+    "bailey",
+    "shadow",
+    "123123"
+  ];
+  if (commonPasswords.includes(password.toLowerCase())) {
+    throw new AuthValidationError("Password is too common. Please choose a stronger password.");
+  }
+}
+async function handleSignInWithPassword(adapter, input) {
+  if (!input.email || !input.password) {
+    throw new AuthValidationError("Email and password are required");
+  }
+  if (!input.email.includes("@")) {
+    throw new AuthValidationError("Invalid email format");
+  }
+  validatePassword(input.password);
+  return await adapter.signInWithPassword(input);
+}
+async function handleSignOut(adapter, accessToken) {
+  if (!accessToken) {
+    throw new AuthValidationError("Access token is required");
+  }
+  return await adapter.signOut(accessToken);
+}
+async function handleVerifySession(adapter, input) {
+  if (!input.accessToken) {
+    throw new AuthValidationError("Access token is required");
+  }
+  if (input.expiresAt) {
+    const now = /* @__PURE__ */ new Date();
+    const expiresAt = input.expiresAt instanceof Date ? input.expiresAt : new Date(input.expiresAt);
+    if (now > expiresAt) {
+      throw new AuthValidationError("Token has expired");
+    }
+  }
+  const user = await adapter.verifySession(input);
+  if (!user) {
+    throw new AuthValidationError("Invalid or expired token");
+  }
+  return user;
+}
+async function handleRefreshSession(adapter, refreshToken) {
+  if (!refreshToken) {
+    throw new AuthValidationError("Refresh token is required");
+  }
+  return await adapter.refreshSession(refreshToken);
+}
+async function handleGetCurrentUser(adapter, accessToken) {
+  if (!accessToken) {
+    throw new AuthValidationError("Access token is required");
+  }
+  return await adapter.getCurrentUser(accessToken);
+}
+
+// src/next/auth-factories.ts
+function extractBearerToken(request) {
+  const authHeader = request.headers.get("authorization") ?? request.headers.get("Authorization");
+  if (!authHeader) return null;
+  const parts = authHeader.split(" ");
+  if (parts.length !== 2 || parts[0] !== "Bearer") return null;
+  return parts[1] ?? null;
+}
+function createNextAuthOAuthRoute(config, Response) {
+  return async function POST(request) {
+    try {
+      const body = await request.json();
+      const input = body;
+      const result = await handleSignInWithOAuth(config.authAdapter, input);
+      return Response.json({ data: result }, { status: 200 });
+    } catch (err) {
+      if (err instanceof AuthValidationError) {
+        return Response.json(
+          { error: { message: err.message, code: "VALIDATION_ERROR" } },
+          { status: 400 }
+        );
+      }
+      const message = err instanceof Error ? err.message : "OAuth initialization failed";
+      return Response.json({ error: { message, code: "OAUTH_ERROR" } }, { status: 500 });
+    }
+  };
+}
+function createNextAuthSignInRoute(config, Response) {
+  return async function POST(request) {
+    try {
+      const body = await request.json();
+      const input = body;
+      const session = await handleSignInWithPassword(config.authAdapter, input);
+      return Response.json(session, { status: 200 });
+    } catch (err) {
+      if (err instanceof AuthValidationError) {
+        return Response.json(
+          { error: { message: err.message, code: "VALIDATION_ERROR" } },
+          { status: 400 }
+        );
+      }
+      const message = err instanceof Error ? err.message : "Sign in failed";
+      return Response.json({ error: { message, code: "AUTH_ERROR" } }, { status: 401 });
+    }
+  };
+}
+function createNextAuthSignOutRoute(config, Response) {
+  return async function POST(request) {
+    try {
+      const token = extractBearerToken(request);
+      if (!token) {
+        return Response.json(
+          { error: { message: "No token provided", code: "NO_TOKEN" } },
+          { status: 401 }
+        );
+      }
+      await handleSignOut(config.authAdapter, token);
+      return Response.json({ message: "Signed out successfully" }, { status: 200 });
+    } catch (error) {
+      const message = error instanceof Error ? error.message : "Sign out failed";
+      return Response.json({ error: { message, code: "SIGNOUT_ERROR" } }, { status: 500 });
+    }
+  };
+}
+function createNextAuthVerifyRoute(config, Response) {
+  return async function POST(request) {
+    try {
+      const token = extractBearerToken(request);
+      if (!token) {
+        return Response.json(
+          { error: { message: "No token provided", code: "NO_TOKEN" } },
+          { status: 401 }
+        );
+      }
+      const user = await handleVerifySession(config.authAdapter, { accessToken: token });
+      if (!user) {
+        return Response.json(
+          { error: { message: "Invalid token", code: "INVALID_TOKEN" } },
+          { status: 401 }
+        );
+      }
+      return Response.json(user, { status: 200 });
+    } catch (error) {
+      const message = error instanceof Error ? error.message : "Verification failed";
+      return Response.json({ error: { message, code: "VERIFY_ERROR" } }, { status: 401 });
+    }
+  };
+}
+function createNextAuthRefreshRoute(config, Response) {
+  return async function POST(request) {
+    try {
+      const body = await request.json();
+      const { refreshToken } = body;
+      if (!refreshToken) {
+        return Response.json(
+          { error: { message: "Refresh token required", code: "NO_REFRESH_TOKEN" } },
+          { status: 400 }
+        );
+      }
+      const session = await handleRefreshSession(config.authAdapter, refreshToken);
+      return Response.json(session, { status: 200 });
+    } catch (error) {
+      const message = error instanceof Error ? error.message : "Refresh failed";
+      return Response.json({ error: { message, code: "REFRESH_ERROR" } }, { status: 401 });
+    }
+  };
+}
+function createNextAuthCurrentUserRoute(config, Response) {
+  return async function GET(request) {
+    try {
+      const token = extractBearerToken(request);
+      if (!token) {
+        return Response.json(
+          { error: { message: "No token provided", code: "NO_TOKEN" } },
+          { status: 401 }
+        );
+      }
+      const user = await handleGetCurrentUser(config.authAdapter, token);
+      if (!user) {
+        return Response.json(
+          { error: { message: "User not found", code: "USER_NOT_FOUND" } },
+          { status: 401 }
+        );
+      }
+      return Response.json(user, { status: 200 });
+    } catch (error) {
+      const message = error instanceof Error ? error.message : "Failed to get user";
+      return Response.json({ error: { message, code: "GET_USER_ERROR" } }, { status: 500 });
+    }
+  };
+}
+function createAuthenticatedRoute(authAdapter, Response, handler) {
+  return async (request) => {
+    const token = extractBearerToken(request);
+    if (!token) {
+      return Response.json(
+        { error: { message: "Authentication required", code: "NO_TOKEN" } },
+        { status: 401 }
+      );
+    }
+    const user = await handleVerifySession(authAdapter, { accessToken: token });
+    if (!user) {
+      return Response.json(
+        { error: { message: "Invalid or expired token", code: "INVALID_TOKEN" } },
+        { status: 401 }
+      );
+    }
+    return handler(request, user);
+  };
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  createAuthenticatedRoute,
+  createNextAuthCurrentUserRoute,
+  createNextAuthOAuthRoute,
+  createNextAuthRefreshRoute,
+  createNextAuthSignInRoute,
+  createNextAuthSignOutRoute,
+  createNextAuthVerifyRoute,
+  createNextMediaByIdRoute,
+  createNextMediaRoute,
+  createNextNavigationByIdRoute,
+  createNextNavigationRoute,
+  createNextPageByIdRoute,
+  createNextPageBySlugRoute,
+  createNextPagesRoute
+});
+//# sourceMappingURL=index.cjs.map