@yimingliao/cms 0.0.60 → 0.0.62

package/dist/chunk-YDNPEEO6.js

@@ -0,0 +1,4733 @@
+import { extension, lookup } from 'mime-types';
+import jwt from 'jsonwebtoken';
+import argon2 from 'argon2';
+import crypto, { timingSafeEqual } from 'crypto';
+import 'next/headers';
+import KeyvRedis from '@keyv/redis';
+import Keyv from 'keyv';
+import { z, ZodError } from 'zod';
+import nodemailer from 'nodemailer';
+import { readFile } from 'fs/promises';
+import path from 'path';
+import { ulid } from 'ulid';
+import { NextResponse } from 'next/server';
+import path2 from 'path/posix';
+
+// src/domain/resources/admin/props.ts
+var ADMIN_ROLES = {
+  SUPER_ADMIN: "SUPER_ADMIN",
+  ADMIN: "ADMIN",
+  EDITOR: "EDITOR"
+};
+
+// src/domain/resources/file/props.ts
+var FILE_TYPES = {
+  IMAGE: "IMAGE",
+  AUDIO: "AUDIO",
+  VIDEO: "VIDEO",
+  DOCUMENT: "DOCUMENT",
+  ARCHIVE: "ARCHIVE",
+  OTHER: "OTHER"
+};
+
+// src/domain/resources/file/utils/is-file-locked.ts
+var isFileLocked = (file) => {
+  if (!file) return false;
+  if (!("adminAsAvatarImage" in file && "postsAsCoverImage" in file && "postsAsContentImage" in file && "postsAsImages1" in file && "postsAsImages2" in file && "postsAsImage1" in file && "postsAsImage2" in file && "postsAsImage3" in file && "postsAsImage4" in file)) {
+    return false;
+  }
+  const locked = file.adminAsAvatarImage.length > 0 || file.postsAsCoverImage.length > 0 || file.postsAsContentImage.length > 0 || file.postsAsImages1.length > 0 || file.postsAsImages2.length > 0 || file.postsAsImage1.length > 0 || file.postsAsImage2.length > 0 || file.postsAsImage3.length > 0 || file.postsAsImage4.length > 0;
+  return locked;
+};
+
+// src/domain/resources/folder/utils/is-folder-locked.ts
+var isFolderLocked = (folder) => {
+  if (!folder) return true;
+  if (!("subFolders" in folder)) return false;
+  const locked = folder.subFolders?.length > 0 || folder.files?.length > 0;
+  return locked;
+};
+
+// src/domain/resources/post/props.ts
+var POST_TYPES = {
+  TOPIC: "TOPIC",
+  CATEGORY: "CATEGORY",
+  POST: "POST",
+  TAG: "TAG",
+  PAGE: "PAGE"
+};
+
+// src/domain/resources/constants.ts
+var ROOT_FOLDER_ID = "01ARZ3NDEKTSV4RRFFQ69G5FAV";
+var ROOT_FOLDER_NAME = "ROOT";
+var ROOT_FOLDER = {
+  id: ROOT_FOLDER_ID,
+  // core
+  name: ROOT_FOLDER_NAME,
+  key: "",
+  // states
+  isLocked: true,
+  // ---------------------------
+  // relations: Folder
+  // ---------------------------
+  parentFolder: null,
+  parentFolderId: null,
+  subFolders: [],
+  // ---------------------------
+  // relations: Folder
+  // ---------------------------
+  files: [],
+  // ---------------------------
+  // timestamps
+  // ---------------------------
+  createdAt: "",
+  updatedAt: ""
+};
+var SIMPLE_UPLOAD_FOLDER_NAME = "simple-upload";
+var SIMPLE_UPLOAD_FOLDER_KEY = `${SIMPLE_UPLOAD_FOLDER_NAME}`;
+var mimeToExtension = (mimeType) => {
+  if (!mimeType) return "unknown";
+  return (extension(mimeType) || "unknown").toLowerCase();
+};
+var ARCHIVE_MIME = /* @__PURE__ */ new Set([
+  "application/zip",
+  "application/x-rar-compressed",
+  "application/x-7z-compressed",
+  "application/gzip",
+  "application/x-tar"
+]);
+var classifyFileType = (mimeType, extension2) => {
+  if (!mimeType && extension2) {
+    mimeType = lookup(extension2) || void 0;
+  }
+  if (!mimeType) return FILE_TYPES.OTHER;
+  if (mimeType.startsWith("image/")) return FILE_TYPES.IMAGE;
+  if (mimeType.startsWith("video/")) return FILE_TYPES.VIDEO;
+  if (mimeType.startsWith("audio/")) return FILE_TYPES.AUDIO;
+  if (ARCHIVE_MIME.has(mimeType)) return FILE_TYPES.ARCHIVE;
+  if (mimeType.startsWith("text/") || mimeType === "application/pdf" || mimeType === "application/json" || mimeType === "application/xml") {
+    return FILE_TYPES.DOCUMENT;
+  }
+  if (mimeType.startsWith("application/")) return FILE_TYPES.DOCUMENT;
+  return FILE_TYPES.OTHER;
+};
+
+// src/shared/blob-file/get-media-info/get-audio-info.ts
+function getAudioInfo(file) {
+  return new Promise((resolve, reject) => {
+    const audio = document.createElement("audio");
+    const objectUrl = URL.createObjectURL(file);
+    audio.preload = "metadata";
+    const cleanup = () => {
+      audio.removeEventListener("loadedmetadata", onLoadedMetadata);
+      audio.removeEventListener("error", onError);
+      URL.revokeObjectURL(objectUrl);
+    };
+    const onLoadedMetadata = () => {
+      const duration = audio.duration;
+      cleanup();
+      resolve({ duration });
+    };
+    const onError = () => {
+      cleanup();
+      reject(new Error("Failed to load audio metadata."));
+    };
+    audio.addEventListener("loadedmetadata", onLoadedMetadata, { once: true });
+    audio.addEventListener("error", onError, { once: true });
+    audio.src = objectUrl;
+  });
+}
+
+// src/shared/blob-file/get-media-info/get-image-info.ts
+function getImageInfo(file) {
+  return new Promise((resolve, reject) => {
+    const img = new Image();
+    const objectUrl = URL.createObjectURL(file);
+    const cleanup = () => {
+      img.removeEventListener("load", onLoad);
+      img.removeEventListener("error", onError);
+      URL.revokeObjectURL(objectUrl);
+    };
+    const onLoad = () => {
+      const width = img.naturalWidth;
+      const height = img.naturalHeight;
+      cleanup();
+      resolve({ width, height });
+    };
+    const onError = () => {
+      cleanup();
+      reject(new Error("Failed to load image for size detection."));
+    };
+    img.addEventListener("load", onLoad, { once: true });
+    img.addEventListener("error", onError, { once: true });
+    img.src = objectUrl;
+  });
+}
+
+// src/shared/blob-file/get-media-info/get-video-info.ts
+function getVideoInfo(file) {
+  return new Promise((resolve, reject) => {
+    const video = document.createElement("video");
+    const objectUrl = URL.createObjectURL(file);
+    video.preload = "metadata";
+    const cleanup = () => {
+      video.removeEventListener("loadedmetadata", onLoadedMetadata);
+      video.removeEventListener("error", onError);
+      video.src = "";
+      URL.revokeObjectURL(objectUrl);
+    };
+    const onLoadedMetadata = () => {
+      const info = {
+        width: video.videoWidth,
+        height: video.videoHeight,
+        duration: video.duration
+      };
+      cleanup();
+      resolve(info);
+    };
+    const onError = () => {
+      cleanup();
+      reject(new Error("Failed to load video metadata."));
+    };
+    video.addEventListener("loadedmetadata", onLoadedMetadata, { once: true });
+    video.addEventListener("error", onError, { once: true });
+    video.src = objectUrl;
+  });
+}
+
+// src/shared/blob-file/get-media-info/get-media-info.ts
+var IMAGE_EXT = /\.(jpe?g|png|gif|webp|bmp|avif)$/i;
+var VIDEO_EXT = /\.(mp4|webm|mov|mkv)$/i;
+var AUDIO_EXT = /\.(mp3|wav|ogg|m4a)$/i;
+var getMediaInfo = async (file) => {
+  const fallback = { width: null, height: null, duration: null };
+  const mime = file.type || "";
+  const name = file instanceof File ? file.name.toLowerCase() : "";
+  try {
+    if (mime.startsWith("image/") || IMAGE_EXT.test(name)) {
+      const { width, height } = await getImageInfo(file);
+      return { width, height, duration: null };
+    }
+    if (mime.startsWith("video/") || VIDEO_EXT.test(name)) {
+      const { width, height, duration } = await getVideoInfo(file);
+      return { width, height, duration };
+    }
+    if (mime.startsWith("audio/") || AUDIO_EXT.test(name)) {
+      const { duration } = await getAudioInfo(file);
+      return { width: null, height: null, duration };
+    }
+    return fallback;
+  } catch {
+    return fallback;
+  }
+};
+
+// src/shared/blob-file/format-file-size.ts
+var formatFileSize = (size, decimals = 2) => {
+  const units = ["B", "KB", "MB", "GB", "TB"];
+  let value = size;
+  let unitIndex = 0;
+  while (value >= 1024 && unitIndex < units.length - 1) {
+    value /= 1024;
+    unitIndex++;
+  }
+  const display = unitIndex === 0 ? value.toString() : value.toFixed(decimals);
+  return `${display} ${units[unitIndex]}`;
+};
+
+// src/shared/result/result.ts
+function success({
+  message,
+  data,
+  meta
+}) {
+  return {
+    success: true,
+    ...message !== void 0 ? { message } : {},
+    ...data !== void 0 ? { data } : {},
+    ...meta !== void 0 ? { meta } : {}
+  };
+}
+function error({ message, errors, code }) {
+  return {
+    success: false,
+    ...message !== void 0 ? { message } : {},
+    ...errors !== void 0 ? { errors } : {},
+    ...code !== void 0 ? { code } : {}
+  };
+}
+var result = {
+  success,
+  error
+};
+
+// src/shared/seo-metadata/standards.ts
+var OG_TYPE_ARRAY = [
+  "article",
+  "book",
+  "music.song",
+  "music.album",
+  "music.playlist",
+  "music.radio_station",
+  "profile",
+  "website",
+  "video.tv_show",
+  "video.other",
+  "video.movie",
+  "video.episode"
+];
+var TWITTER_CARD_ARRAY = [
+  "summary",
+  "summary_large_image",
+  "player",
+  "app"
+];
+
+// src/shared/translation/find-translation.ts
+function findTranslation(translations, locale, defaultValue) {
+  const fallback = translations?.[0];
+  const found = translations?.find((t) => t.locale === locale) ?? fallback;
+  if (!found) return { locale: locale ?? "" };
+  const result2 = { ...found };
+  for (const key of Object.keys(result2)) {
+    if (key === "locale") continue;
+    if (result2[key] == null) result2[key] = defaultValue;
+  }
+  return result2;
+}
+
+// src/shared/translation/create-build-translations.ts
+function createBuildTranslations(localArray) {
+  return function buildTranslations(fields) {
+    const entries = fields.map((f) => [f.key, f.value]);
+    return localArray.map((locale) => ({
+      locale,
+      ...Object.fromEntries(entries)
+    }));
+  };
+}
+
+// src/shared/seo-metadata/utils/build-alternate-map.ts
+var buildAlternateMap = (alternates = []) => {
+  const result2 = {};
+  for (const { hreflang, href } of alternates) {
+    if (!href) continue;
+    result2[hreflang] = href;
+  }
+  return result2;
+};
+
+// src/shared/seo-metadata/utils/ensure-og-type.ts
+var ensureOgType = (fallback, ogType) => {
+  if (typeof ogType !== "string") return fallback;
+  const isValid = OG_TYPE_ARRAY.includes(ogType);
+  return isValid ? ogType : fallback;
+};
+var buildOgImages = (url, alt, type, width, height) => {
+  if (!url) return void 0;
+  const mimeType = lookup(url);
+  const validType = typeof mimeType === "string" && mimeType.startsWith("image/") ? mimeType : void 0;
+  return [
+    {
+      url,
+      alt: alt ?? void 0,
+      type: type ?? validType,
+      width: width ?? 1200,
+      height: height ?? 630
+    }
+  ];
+};
+
+// src/shared/seo-metadata/utils/sanitize-string-array.ts
+var sanitizeStringArray = (array) => {
+  if (!Array.isArray(array)) return void 0;
+  return array.filter(
+    (a) => typeof a === "string" && a.trim() !== ""
+  );
+};
+
+// src/shared/seo-metadata/utils/ensure-twitter-card.ts
+var ensureTwitterCard = (fallback, twitterCard) => {
+  if (typeof twitterCard !== "string") return fallback;
+  const isValid = TWITTER_CARD_ARRAY.includes(twitterCard);
+  return isValid ? twitterCard : fallback;
+};
+
+// src/shared/seo-metadata/build-website-metadata.ts
+function createBuildWebsiteMetadata({
+  defaults
+}) {
+  return function buildWebsiteMetadata(post, locale) {
+    const seoMetadata = findTranslation(post?.seoMetadatas, locale);
+    return {
+      metadataBase: defaults.metadataBase,
+      // -----------------------------------------------------------------------
+      // Basic
+      // -----------------------------------------------------------------------
+      title: seoMetadata?.title || defaults.title,
+      description: seoMetadata?.description,
+      // identity
+      authors: [{ name: seoMetadata?.author || defaults.author }],
+      // url
+      alternates: {
+        canonical: seoMetadata?.canonical,
+        languages: buildAlternateMap(seoMetadata?.alternate)
+      },
+      // robots
+      robots: seoMetadata?.robots || defaults.robots,
+      // -----------------------------------------------------------------------
+      // Open Graph
+      // -----------------------------------------------------------------------
+      openGraph: {
+        title: seoMetadata?.ogTitle || void 0,
+        description: seoMetadata?.ogDescription || void 0,
+        // url
+        url: seoMetadata?.ogUrl || seoMetadata?.canonical || void 0,
+        // identity
+        type: ensureOgType("website", seoMetadata?.ogType),
+        siteName: seoMetadata?.ogSiteName || defaults.ogSiteName,
+        // image
+        images: buildOgImages(
+          seoMetadata?.ogImage,
+          seoMetadata?.ogImageAlt,
+          seoMetadata?.ogImageType,
+          seoMetadata?.ogImageWidth,
+          seoMetadata?.ogImageHeight
+        ),
+        // locale
+        locale: seoMetadata?.ogLocale || void 0,
+        alternateLocale: sanitizeStringArray(seoMetadata?.ogLocaleAlternate)
+      },
+      // -----------------------------------------------------------------------
+      // Twitter
+      // -----------------------------------------------------------------------
+      twitter: {
+        card: ensureTwitterCard(defaults.twitterCard, seoMetadata?.twitterCard),
+        // identity
+        site: seoMetadata?.twitterSite || void 0,
+        creator: seoMetadata?.twitterCreator || void 0
+      }
+    };
+  };
+}
+
+// src/shared/seo-metadata/utils/to-iso-time.ts
+var toIsoTime = (date) => {
+  if (!date) return void 0;
+  return date.toISOString();
+};
+
+// src/shared/seo-metadata/build-article-metadata.ts
+function createBuildArticleMetadata({
+  defaults,
+  storageUrl
+}) {
+  return function buildArticleMetadata(post, locale) {
+    const seoMetadata = findTranslation(post?.seoMetadatas, locale);
+    const authorT = findTranslation(post?.author?.translations, locale);
+    const coverImageT = findTranslation(post?.coverImage?.translations, locale);
+    return {
+      metadataBase: defaults.metadataBase,
+      // -----------------------------------------------------------------------
+      // Basic
+      // -----------------------------------------------------------------------
+      title: seoMetadata?.title || defaults.title,
+      description: seoMetadata?.description,
+      // identity
+      authors: [
+        {
+          name: seoMetadata?.author || authorT.authorName || defaults.author,
+          url: authorT.url || void 0
+        }
+      ],
+      // url
+      alternates: {
+        canonical: seoMetadata?.canonical,
+        languages: buildAlternateMap(seoMetadata?.alternate)
+      },
+      // robots
+      robots: seoMetadata?.robots || defaults.robots,
+      // -----------------------------------------------------------------------
+      // Open Graph
+      // -----------------------------------------------------------------------
+      openGraph: {
+        title: seoMetadata?.ogTitle || void 0,
+        description: seoMetadata?.ogDescription || void 0,
+        // url
+        url: seoMetadata?.ogUrl || seoMetadata?.canonical || void 0,
+        // identity
+        type: ensureOgType("article", seoMetadata?.ogType),
+        siteName: seoMetadata?.ogSiteName || defaults.ogSiteName,
+        // image
+        images: buildOgImages(
+          seoMetadata?.ogImage || `${storageUrl}/${post?.coverImage?.key}`,
+          seoMetadata?.ogImageAlt || coverImageT.alt,
+          seoMetadata?.ogImageType,
+          seoMetadata?.ogImageWidth,
+          seoMetadata?.ogImageHeight
+        ),
+        // locale
+        locale: seoMetadata?.ogLocale || void 0,
+        alternateLocale: sanitizeStringArray(seoMetadata?.ogLocaleAlternate),
+        // article
+        publishedTime: toIsoTime(seoMetadata?.ogArticlePublishedTime),
+        modifiedTime: toIsoTime(seoMetadata?.ogArticleModifiedTime),
+        authors: [
+          seoMetadata?.ogArticleAuthor || authorT.authorName || defaults.ogSiteName
+        ],
+        section: seoMetadata?.ogArticleSection,
+        tags: sanitizeStringArray(seoMetadata?.ogArticleTag)
+      },
+      // -----------------------------------------------------------------------
+      // Twitter
+      // -----------------------------------------------------------------------
+      twitter: {
+        card: ensureTwitterCard(defaults.twitterCard, seoMetadata?.twitterCard),
+        // identity
+        site: seoMetadata?.twitterSite || void 0,
+        creator: seoMetadata?.twitterCreator || void 0
+      }
+    };
+  };
+}
+
+// src/shared/seo-metadata/serialize-json-ld.ts
+var serializeJsonLd = (data) => {
+  if (data == null) return "";
+  return JSON.stringify(data).replaceAll("<", String.raw`\u003c`).replaceAll(">", String.raw`\u003e`).replaceAll("&", String.raw`\u0026`);
+};
+
+// src/shared/form/normalizers/datetime-to-db.ts
+var datetimeToDb = (date) => {
+  if (date == null) return null;
+  const d = typeof date === "string" ? new Date(date) : date;
+  if (Number.isNaN(d.getTime())) return null;
+  return d.toISOString();
+};
+
+// src/shared/form/normalizers/datetime-to-ui.ts
+var datetimeToUi = (date) => {
+  if (date == null) return null;
+  const d = typeof date === "string" ? new Date(date) : date;
+  if (Number.isNaN(d.getTime())) return null;
+  const year = d.getFullYear();
+  const month = String(d.getMonth() + 1).padStart(2, "0");
+  const day = String(d.getDate()).padStart(2, "0");
+  const hours = String(d.getHours()).padStart(2, "0");
+  const minutes = String(d.getMinutes()).padStart(2, "0");
+  return `${year}-${month}-${day}T${hours}:${minutes}`;
+};
+function createJwtService({
+  defaultSecret,
+  ...options
+}) {
+  function sign({
+    payload = {},
+    secret = defaultSecret,
+    expiresIn = 60 * 60
+  }) {
+    return jwt.sign(payload, secret, {
+      algorithm: "HS256",
+      expiresIn,
+      ...options
+    });
+  }
+  function verify({
+    token,
+    secret = defaultSecret
+  }) {
+    const payload = jwt.verify(token, secret, {
+      algorithms: ["HS256"],
+      ...options
+    });
+    if (typeof payload === "string") {
+      throw new TypeError("Invalid JWT payload");
+    }
+    return payload;
+  }
+  return {
+    sign,
+    verify
+  };
+}
+var DEFAULT_OPTIONS = {
+  type: argon2.argon2id,
+  memoryCost: 19456,
+  // ~19MB
+  timeCost: 2,
+  parallelism: 1
+};
+function createArgon2Service() {
+  async function hash(password) {
+    return await argon2.hash(password, DEFAULT_OPTIONS);
+  }
+  async function verify(digest, password) {
+    return await argon2.verify(digest, password);
+  }
+  return {
+    hash,
+    verify
+  };
+}
+function createCryptoService({
+  defaultSecret
+}) {
+  const SECRET = crypto.createHash("sha256").update(defaultSecret).digest();
+  const ALGORITHM = "aes-256-gcm";
+  const IV_LENGTH = 12;
+  function generateToken() {
+    return crypto.randomBytes(32).toString("base64url");
+  }
+  function hash(value) {
+    return crypto.createHash("sha256").update(value).digest("hex");
+  }
+  function hashBuffer(value) {
+    return crypto.createHash("sha256").update(value).digest();
+  }
+  function encrypt(data) {
+    const iv = crypto.randomBytes(IV_LENGTH);
+    const cipher = crypto.createCipheriv(ALGORITHM, SECRET, iv);
+    const encrypted = Buffer.concat([cipher.update(data), cipher.final()]);
+    const tag = cipher.getAuthTag();
+    return [
+      iv.toString("hex"),
+      encrypted.toString("hex"),
+      tag.toString("hex")
+    ].join(":");
+  }
+  function decrypt(data) {
+    const parts = data.split(":");
+    if (parts.length !== 3 || !parts.every(Boolean)) {
+      throw new Error("Invalid encrypted payload");
+    }
+    const [ivHex, encryptedHex, tagHex] = parts;
+    const iv = Buffer.from(ivHex, "hex");
+    const encrypted = Buffer.from(encryptedHex, "hex");
+    const tag = Buffer.from(tagHex, "hex");
+    const decipher = crypto.createDecipheriv(ALGORITHM, SECRET, iv);
+    decipher.setAuthTag(tag);
+    const decrypted = Buffer.concat([
+      decipher.update(encrypted),
+      decipher.final()
+    ]);
+    return decrypted.toString("utf8");
+  }
+  function sign({
+    value,
+    expireSeconds,
+    createdAt
+  }) {
+    const payload = `${value}|${expireSeconds}|${createdAt ?? Date.now()}`;
+    const signature = crypto.createHmac("sha256", SECRET).update(payload).digest("hex");
+    const signed = `${payload}|${signature}`;
+    return { signed, signature };
+  }
+  return {
+    generateToken,
+    hash,
+    hashBuffer,
+    encrypt,
+    decrypt,
+    sign
+  };
+}
+var DEFAULT_OPTIONS2 = {
+  httpOnly: true,
+  secure: process.env["NODE_ENV"] === "production",
+  sameSite: "strict",
+  path: "/"
+};
+function createCookieService(nextCookies, cryptoService) {
+  async function set({
+    name,
+    value,
+    expireSeconds
+  }) {
+    const cookieStore = await nextCookies();
+    cookieStore.set(name, value, { ...DEFAULT_OPTIONS2, maxAge: expireSeconds });
+  }
+  async function setSignedCookie({
+    name,
+    value,
+    expireSeconds
+  }) {
+    const createdAt = Date.now();
+    const { signed } = cryptoService.sign({
+      value,
+      expireSeconds,
+      createdAt
+    });
+    await set({ name, value: signed, expireSeconds });
+  }
+  async function get({ name }) {
+    const cookieStore = await nextCookies();
+    const cookieValue = cookieStore.get(name)?.value;
+    return cookieValue;
+  }
+  async function getSignedCookie({ name }) {
+    const signed = await get({ name });
+    const value = verifySignedCookie({ signed });
+    return value;
+  }
+  function verifySignedCookie({ signed }) {
+    if (!signed) throw new Error("Invalid cookie");
+    const parts = signed.split("|");
+    if (parts.length !== 4) throw new Error("Invalid cookie");
+    const [value, expireSecondsStr, createdAtStr, signature] = parts;
+    const expireSeconds = Number.parseInt(expireSecondsStr, 10);
+    const createdAt = Number.parseInt(createdAtStr, 10);
+    if (Number.isNaN(expireSeconds) || Number.isNaN(createdAt)) {
+      throw new TypeError("Invalid cookie");
+    }
+    const now = Date.now();
+    if (now > createdAt + expireSeconds * 1e3) {
+      throw new Error("Cookie expired");
+    }
+    const { signature: generatedSignature } = cryptoService.sign({
+      value,
+      expireSeconds,
+      createdAt
+    });
+    const sig = Buffer.from(signature);
+    const gen = Buffer.from(generatedSignature);
+    if (sig.length !== gen.length || !timingSafeEqual(sig, gen)) {
+      throw new Error("Invalid cookie signature");
+    }
+    return value;
+  }
+  async function deleteCokkie({ name }) {
+    const cookieStore = await nextCookies();
+    cookieStore.delete(name);
+  }
+  return {
+    set,
+    setSignedCookie,
+    get,
+    getSignedCookie,
+    verifySignedCookie,
+    delete: deleteCokkie
+  };
+}
+
+// src/server/infrastructure/cache/cache-key-delimiter.ts
+var CACHE_KEY_DELIMITER = "|";
+
+// src/server/infrastructure/cache/create-cache.ts
+function createCache({
+  redisUrl,
+  namespace,
+  keyDelimiter = CACHE_KEY_DELIMITER
+}) {
+  const redisStore = new KeyvRedis(redisUrl, {
+    keyPrefixSeparator: keyDelimiter
+  });
+  return new Keyv({
+    store: redisStore,
+    namespace,
+    useKeyPrefix: false
+  });
+}
+
+// src/server/infrastructure/cache/normalize-cache-key.ts
+var sanitize = (k) => k.replaceAll(/[\u200B-\u200D\uFEFF]/g, "").replaceAll(/[\r\n]/g, "").trim();
+var normalizeCacheKey = (key, delimiter = CACHE_KEY_DELIMITER) => {
+  if (!key) return null;
+  if (Array.isArray(key)) {
+    if (key.length === 0) return null;
+    const normalized = key.map((k) => {
+      if (k === null) return "__null";
+      if (k === void 0) return "__undefined";
+      if (typeof k === "boolean") return k ? "__true" : "__false";
+      return sanitize(String(k));
+    });
+    return normalized.join(delimiter);
+  }
+  if (typeof key === "boolean") return key ? "__true" : "__false";
+  return String(key);
+};
+
+// src/server/infrastructure/cache/create-cache-result.ts
+var DAY = 1e3 * 60 * 60 * 24;
+function createCacheResult(cache2, logger) {
+  return async function cacheResult({
+    key: rawKey,
+    ttl = DAY,
+    load
+  }) {
+    const key = normalizeCacheKey(rawKey);
+    if (!key) {
+      logger.error("Cache skipped due to invalid key", {
+        rawKey,
+        scope: "cacheResult"
+      });
+      return load();
+    }
+    try {
+      const cached = await cache2.get(key);
+      if (cached !== void 0) {
+        return cached;
+      }
+      const data = await load();
+      if (data !== void 0) {
+        await cache2.set(key, data, ttl);
+      }
+      return data;
+    } catch (error2) {
+      logger.error("Cache failure, falling back to loader", {
+        key,
+        error: error2,
+        scope: "cacheResult"
+      });
+      return load();
+    }
+  };
+}
+var DEFAULT_MAX_ATTEMPTS = 10;
+var DEFAULT_TIME_WINDOW = 60;
+var lua = `
+    local current = redis.call('INCR', KEYS[1])
+    if current == 1 then
+      redis.call('EXPIRE', KEYS[1], ARGV[1])
+    end
+    return current
+  `;
+function createIpRateLimiter({
+  appName,
+  cache: cache2,
+  headers
+}) {
+  return async function ipRateLimiter({
+    key: rawKey,
+    maxAttempts = DEFAULT_MAX_ATTEMPTS,
+    timeWindow = DEFAULT_TIME_WINDOW
+  }) {
+    const secondaryStore = cache2.store;
+    const redis = await secondaryStore.getClient();
+    if (!redis) return true;
+    const headersStore = await headers();
+    const ip = headersStore.get("cf-connecting-ip")?.trim() || headersStore.get("x-forwarded-for")?.split(",")[0]?.trim() || "unknown";
+    const key = normalizeCacheKey([
+      appName,
+      "ip-rate-limiter",
+      ...Array.isArray(rawKey) ? rawKey : [rawKey],
+      ip
+    ]);
+    const currentRaw = await redis.eval(lua, {
+      keys: [key],
+      arguments: [timeWindow.toString()]
+    });
+    const current = typeof currentRaw === "number" ? currentRaw : Number(currentRaw);
+    return current <= maxAttempts;
+  };
+}
+
+// src/server/infrastructure/zod/rules/unique.ts
+function createUnique(prisma) {
+  return async function unique(value, options) {
+    if (!value) return true;
+    let query = `
+    SELECT COUNT(*) AS count 
+    FROM ${options.table} 
+    WHERE ${options.column} = $1
+  `;
+    const params = [value];
+    const appendCondition = (op, sc) => {
+      const paramIndex = params.length + 1;
+      const cast = sc.cast ? `::"${sc.cast}"` : "";
+      query += ` AND ${sc.name} ${op} $${paramIndex}${cast}`;
+      params.push(sc.value);
+    };
+    if (options.scope) {
+      options.scope.forEach((sc) => appendCondition("=", sc));
+    }
+    if (options.excludeSelf) {
+      appendCondition("!=", options.excludeSelf);
+    }
+    try {
+      const result2 = await prisma.$queryRawUnsafe(
+        query,
+        ...params
+      );
+      return Number(result2[0]?.count || 0) === 0;
+    } catch (error2) {
+      console.error("Unique check failed:", error2);
+      return false;
+    }
+  };
+}
+
+// src/server/infrastructure/zod/rules/exist.ts
+function createExist(prisma) {
+  return async function exist(value, options) {
+    if (!value) return false;
+    const column = options.column || "id";
+    const query = `
+    SELECT COUNT(*) AS count 
+    FROM ${options.table} 
+    WHERE ${column} = $1
+  `;
+    try {
+      const result2 = await prisma.$queryRawUnsafe(
+        query,
+        value
+      );
+      const count = Number(result2[0]?.count || 0);
+      return count > 0;
+    } catch (error2) {
+      console.error("Exist check failed:", error2);
+      return false;
+    }
+  };
+}
+
+// src/server/infrastructure/zod/rules/bcp47.ts
+function bcp47(locale) {
+  if (typeof locale !== "string") return false;
+  const BCP47_REGEX = new RegExp(
+    "^[a-zA-Z]{2,3}(?:-[A-Z][a-z]{3})?" + // optional region
+    String.raw`(?:-(?:[A-Z]{2}|\d{3}))?` + // optional variants
+    String.raw`(?:-(?:[a-zA-Z0-9]{5,8}|\d[a-zA-Z0-9]{3}))*` + // optional extensions
+    "(?:-(?:[0-9A-WY-Za-wy-z]-[a-zA-Z0-9]{2,8}(?:-[a-zA-Z0-9]{2,8})*))*(?:-x(?:-[a-zA-Z0-9]{1,8})+)?$"
+  );
+  return BCP47_REGEX.test(locale);
+}
+
+// src/server/infrastructure/zod/rules/og-locale.ts
+function ogLocale(locale) {
+  if (typeof locale !== "string") return false;
+  const OG_LOCALE_REGEX = /^[a-z]{2}_[A-Z]{2}$/;
+  return OG_LOCALE_REGEX.test(locale);
+}
+
+// src/server/infrastructure/zod/create-zod.ts
+function createZod({
+  unique,
+  exist
+}) {
+  const stringProto = z.ZodString.prototype;
+  const emailProto = z.ZodEmail.prototype;
+  if (!stringProto.unique) {
+    Object.defineProperty(stringProto, "unique", {
+      configurable: true,
+      writable: false,
+      value: function(options) {
+        return this.refine(async (v) => unique(v, options), {
+          params: { i18nKey: "validator.unique" }
+        });
+      }
+    });
+  }
+  if (!stringProto.exist) {
+    Object.defineProperty(stringProto, "exist", {
+      configurable: true,
+      writable: false,
+      value: function(options) {
+        return this.refine(async (v) => exist(v, options), {
+          params: { i18nKey: "validator.exist" }
+        });
+      }
+    });
+  }
+  if (!stringProto.bcp47) {
+    Object.defineProperty(stringProto, "bcp47", {
+      configurable: true,
+      writable: false,
+      value: function() {
+        return this.refine((v) => bcp47(v), {
+          params: { i18nKey: "validator.bcp47" }
+        });
+      }
+    });
+  }
+  if (!stringProto.ogLocale) {
+    Object.defineProperty(stringProto, "ogLocale", {
+      configurable: true,
+      writable: false,
+      value: function() {
+        return this.refine((v) => ogLocale(v), {
+          params: { i18nKey: "validator.og-locale" }
+        });
+      }
+    });
+  }
+  if (!emailProto.unique) {
+    Object.defineProperty(emailProto, "unique", {
+      configurable: true,
+      writable: false,
+      value: function(options) {
+        return this.refine(async (v) => unique(v, options), {
+          params: { i18nKey: "validator.unique" }
+        });
+      }
+    });
+  }
+  return z;
+}
+
+// src/server/infrastructure/zod/schemas/schemas.ts
+function createSchemas({
+  z: z2,
+  localeArray,
+  exist
+}) {
+  const trimmedString = () => z2.string().trim();
+  const MAX_NUMBER = 2147483647;
+  const MAX_STRING = 1e5;
+  const localeSet = new Set(localeArray);
+  function text() {
+    return trimmedString().max(MAX_STRING);
+  }
+  function positiveNumber() {
+    return z2.preprocess((val) => {
+      if (val == null || val === "") return;
+      const num = Number(String(val).trim());
+      return Number.isNaN(num) ? void 0 : num;
+    }, z2.number().min(0).max(MAX_NUMBER));
+  }
+  function url() {
+    return z2.preprocess((val) => {
+      if (typeof val === "string" && val.trim() === "" || val === null)
+        return null;
+      return val;
+    }, z2.url().max(2048).nullable());
+  }
+  function email() {
+    return z2.email().max(254).toLowerCase();
+  }
+  function password() {
+    return trimmedString().min(6).max(255);
+  }
+  function isoString() {
+    return trimmedString().regex(
+      /^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}\.\d{3}Z$/
+    );
+  }
+  function array(schema) {
+    return z2.array(schema).max(100).transform(
+      (arr) => arr.filter((v) => v != null)
+    );
+  }
+  function id() {
+    return trimmedString().length(26).regex(/^[0-9A-Z]{26}$/);
+  }
+  function key() {
+    return trimmedString().max(1024);
+  }
+  function sha256Hash() {
+    return trimmedString().length(64).regex(/^[a-f0-9]{64}$/);
+  }
+  function slug() {
+    return trimmedString().regex(/^$|^[\p{L}0-9-_]+$/u).max(100);
+  }
+  function pathSegment() {
+    return trimmedString().min(1).regex(/^(?!\.\.?$)[^\u0000-\u001F/\\]+$/u).max(255);
+  }
+  function locale() {
+    return trimmedString().refine((val) => localeSet.has(val), {
+      error: "Invalid locale"
+    });
+  }
+  function singleItem(options) {
+    return z2.object({
+      id: id().refine((v) => exist(v, options), {
+        error: "Resource does not exist"
+      })
+    }).nullable();
+  }
+  function multiItems(options) {
+    return array(
+      z2.object({
+        id: id().refine((v) => exist(v, options), {
+          error: "Resource does not exist"
+        })
+      })
+    );
+  }
+  return {
+    z: z2,
+    // base
+    text,
+    positiveNumber,
+    url,
+    email,
+    password,
+    isoString,
+    array,
+    // resource related
+    id,
+    key,
+    sha256Hash,
+    slug,
+    pathSegment,
+    locale,
+    // item
+    singleItem,
+    multiItems
+  };
+}
+
+// src/server/infrastructure/zod/schemas/toc-item.ts
+function createTocItemSchema({
+  z: z2,
+  schemas
+}) {
+  const tocItem = z2.lazy(
+    () => z2.object({
+      text: schemas.text(),
+      id: schemas.text(),
+      level: z2.union([
+        z2.literal(2),
+        z2.literal(3),
+        z2.literal(4),
+        z2.literal(5),
+        z2.literal(6)
+      ]),
+      children: z2.array(tocItem).default([])
+    })
+  );
+  return tocItem;
+}
+function createTransporter({
+  host,
+  port,
+  user,
+  pass
+}) {
+  return nodemailer.createTransport({
+    host,
+    port,
+    auth: {
+      user,
+      pass
+    }
+  });
+}
+function createSendEmail({
+  transporter,
+  config
+}) {
+  return async function sendEmail(options) {
+    return await transporter.sendMail({
+      from: `${config.fromName} <${config.fromAddress}>`,
+      replyTo: `${config.replyToName} <${config.replyToaddress}>`,
+      ...options
+    });
+  };
+}
+var TEMPLATE_DIR = path.resolve(process.cwd(), "emails");
+var LAYOUT_PATH = path.join(TEMPLATE_DIR, "layout.html");
+var isDev = process.env.NODE_ENV !== "production";
+var cache = /* @__PURE__ */ new Map();
+async function readTemplate(filePath) {
+  if (!isDev && cache.has(filePath)) {
+    return cache.get(filePath);
+  }
+  try {
+    const html = await readFile(filePath, "utf8");
+    if (!isDev) cache.set(filePath, html);
+    return html;
+  } catch (error2) {
+    throw new Error(`Email template file not found: ${filePath}`);
+  }
+}
+function applyReplacements(html, replacements, logger) {
+  return html.replace(/\{\{\{(.*?)\}\}\}/g, (_, raw) => {
+    const key = raw.trim();
+    const value = replacements[key];
+    if (value == null) {
+      logger.warn({ msg: "Email template variable missing", variable: key });
+      return "";
+    }
+    return value;
+  });
+}
+function createRenderEmailTemplate({
+  siteName,
+  webUrl,
+  logoUrl,
+  logger
+}) {
+  return async function renderEmailTemplate(templateKey, replacements = {}) {
+    try {
+      const contentPath = path.join(TEMPLATE_DIR, `${templateKey}.html`);
+      const vars = {
+        SITE_NAME: siteName,
+        WEB_URL: webUrl,
+        LOGO_URL: logoUrl,
+        ...replacements
+      };
+      const layoutHtml = await readTemplate(LAYOUT_PATH);
+      let contentHtml = await readTemplate(contentPath);
+      const merged = layoutHtml.replaceAll("{{{content}}}", contentHtml);
+      return applyReplacements(merged, vars, logger);
+    } catch (error2) {
+      logger.error({
+        msg: "Email template render failed",
+        templateKey,
+        templateDir: TEMPLATE_DIR,
+        error: error2
+      });
+      throw new Error(`Email template error: ${templateKey}`);
+    }
+  };
+}
+
+// src/server/infrastructure/database/utils/connect.ts
+var ids = (items) => items.map(({ id }) => ({ id }));
+function connectOne(item) {
+  return item ? { connect: { id: item.id } } : {};
+}
+function connectMany(items) {
+  return { connect: ids(items) };
+}
+function updateOne(item) {
+  return item ? { connect: { id: item.id } } : { disconnect: true };
+}
+function updateMany(items) {
+  return { set: ids(items) };
+}
+
+// src/server/infrastructure/database/admin/command/create-admin-command-repository.ts
+function createAdminCommandRepository(prisma) {
+  async function create({
+    // core
+    role,
+    email,
+    passwordHash,
+    // better seo
+    socialLinks,
+    // ------------------------------------
+    // relations
+    // ------------------------------------
+    // File
+    avatarImage,
+    // ------------------------------------
+    // translation
+    // ------------------------------------
+    translations
+  }) {
+    const created = await prisma.admin.create({
+      data: {
+        // core
+        role,
+        email,
+        passwordHash,
+        // better seo
+        socialLinks,
+        // ------------------------------------------------------------------------
+        // relations
+        // ------------------------------------------------------------------------
+        // File
+        avatarImage: connectOne(avatarImage),
+        // ------------------------------------------------------------------------
+        // translation
+        // ------------------------------------------------------------------------
+        translations: { create: translations }
+      }
+    });
+    return created;
+  }
+  async function update({
+    id,
+    // core
+    role,
+    email,
+    // better seo
+    socialLinks,
+    // ------------------------------------
+    // relations
+    // ------------------------------------
+    // File
+    avatarImage,
+    // ------------------------------------
+    // translation
+    // ------------------------------------
+    translations,
+    // ------------------------------------
+    // timestamps
+    // ------------------------------------
+    emailVerifiedAt
+  }) {
+    const updated = await prisma.admin.update({
+      where: { id },
+      data: {
+        // core
+        role,
+        ...email !== void 0 ? { email } : {},
+        // better seo
+        socialLinks,
+        // ------------------------------------------------------------------------
+        // relations
+        // ------------------------------------------------------------------------
+        // File
+        avatarImage: updateOne(avatarImage),
+        // ------------------------------------------------------------------------
+        // translation
+        // ------------------------------------------------------------------------
+        translations: {
+          upsert: translations.map((t) => ({
+            where: { adminId_locale: { adminId: id, locale: t.locale } },
+            update: t,
+            create: t
+          }))
+        },
+        // ------------------------------------------------------------------------
+        // timestamps
+        // ------------------------------------------------------------------------
+        emailVerifiedAt
+      }
+    });
+    return updated;
+  }
+  async function _delete({ id }) {
+    const deleted = await prisma.admin.delete({
+      where: { id }
+    });
+    return deleted;
+  }
+  return {
+    create,
+    update,
+    delete: _delete
+  };
+}
+
+// src/server/infrastructure/database/constants.ts
+var ORDER_BY = [
+  { updatedAt: "desc" },
+  { createdAt: "desc" },
+  { id: "asc" }
+];
+var ADMIN_ORDER_BY = [
+  { role: "asc" },
+  ...ORDER_BY
+];
+var POST_ORDER_BY = [
+  { index: "asc" },
+  ...ORDER_BY
+];
+
+// src/server/infrastructure/database/admin/include.ts
+var ADMIN_FULL_INCLUDE = {
+  // ---------------------------
+  // relations: AdminRefreshToken
+  // ---------------------------
+  adminRefreshTokens: true,
+  // ---------------------------
+  // relations: File
+  // ---------------------------
+  avatarImage: { include: { translations: true } },
+  // ---------------------------
+  // relations: Post
+  // ---------------------------
+  posts: true,
+  // ---------------------------
+  // translation
+  // ---------------------------
+  translations: true
+};
+
+// src/server/infrastructure/database/utils/create-search.ts
+function buildContainsOr(fields, value) {
+  return fields.map((field) => ({
+    [field]: { contains: value, mode: "insensitive" }
+  }));
+}
+function buildTranslationSearch(locale, fields, value) {
+  return {
+    translations: {
+      some: { locale, OR: buildContainsOr(fields, value) }
+    }
+  };
+}
+function createSearch({
+  locale,
+  searchString,
+  rootFields = [],
+  translationFields = []
+}) {
+  if (!searchString) return {};
+  const conditions = [];
+  if (rootFields.length > 0) {
+    conditions.push(...buildContainsOr(rootFields, searchString));
+  }
+  if (translationFields.length > 0 && locale) {
+    conditions.push(
+      buildTranslationSearch(locale, translationFields, searchString)
+    );
+  }
+  return conditions.length > 0 ? { OR: conditions } : {};
+}
+
+// src/server/infrastructure/database/utils/create-pagination.ts
+function createPagination(page, pageSize) {
+  if (!page || !pageSize) return {};
+  return {
+    skip: (page - 1) * pageSize,
+    take: pageSize
+  };
+}
+
+// src/server/infrastructure/database/admin/query/create-admin-query-repository.ts
+var OMIT_PASSWORD = { omit: { passwordHash: true } };
+function buildWhere(params) {
+  if (params.id) return { id: params.id };
+  if (params.email) return { email: params.email };
+  return;
+}
+function createAdminQueryRepository(prisma) {
+  async function findListCards({
+    locale,
+    // search
+    searchString,
+    role,
+    adminIds,
+    // pagination
+    page,
+    pageSize
+  }) {
+    const where = {
+      // search
+      ...createSearch({
+        ...searchString !== void 0 ? { searchString } : {},
+        locale,
+        translationFields: ["name"]
+      }),
+      // role
+      ...role !== ADMIN_ROLES.SUPER_ADMIN ? { role: { notIn: [ADMIN_ROLES.SUPER_ADMIN] } } : {},
+      // Specified ids
+      ...adminIds?.length ? { id: { in: adminIds } } : {}
+    };
+    const [items, total] = await prisma.$transaction([
+      prisma.admin.findMany({
+        where,
+        orderBy: ADMIN_ORDER_BY,
+        include: ADMIN_FULL_INCLUDE,
+        ...createPagination(page, pageSize),
+        ...OMIT_PASSWORD
+      }),
+      prisma.admin.count({ where })
+    ]);
+    return { items, total };
+  }
+  async function find(params) {
+    const where = buildWhere(params);
+    if (!where) return null;
+    return prisma.admin.findUnique({
+      where,
+      ...OMIT_PASSWORD
+    });
+  }
+  async function findFull(params) {
+    const where = buildWhere(params);
+    if (!where) return null;
+    return prisma.admin.findUnique({
+      where,
+      include: ADMIN_FULL_INCLUDE,
+      ...OMIT_PASSWORD
+    });
+  }
+  async function findWithPasswordHash(params) {
+    const where = buildWhere(params);
+    if (!where) return null;
+    return prisma.admin.findUnique({
+      where
+    });
+  }
+  return {
+    findListCards,
+    find,
+    findFull,
+    findWithPasswordHash
+  };
+}
+
+// src/server/infrastructure/database/admin-refresh-token/command/create-admin-refresh-token-command-repository.ts
+function createAdminRefreshTokenCommandRepository(prisma) {
+  async function create({
+    adminId,
+    ...params
+  }) {
+    const created = await prisma.adminRefreshToken.create({
+      data: {
+        ...params,
+        admin: { connect: { id: adminId } },
+        deviceInfo: params.deviceInfo
+      }
+    });
+    return created;
+  }
+  async function _delete({ id, tokenHash }) {
+    const where = id ? { id } : tokenHash ? { tokenHash } : void 0;
+    if (where) {
+      await prisma.adminRefreshToken.delete({
+        where
+      });
+    }
+  }
+  async function deleteManyByExpired() {
+    const { count } = await prisma.adminRefreshToken.deleteMany({
+      where: { expiresAt: { lt: /* @__PURE__ */ new Date() } }
+    });
+    return count;
+  }
+  return {
+    create,
+    delete: _delete,
+    deleteManyByExpired
+  };
+}
+
+// src/server/infrastructure/database/admin-refresh-token/query/create-admin-refresh-token-query-repository.ts
+function createAdminRefreshTokenQueryRepository(prisma) {
+  async function findManyByAdminId({
+    adminId
+  }) {
+    return prisma.adminRefreshToken.findMany({
+      where: { adminId },
+      orderBy: [{ createdAt: "desc" }, { id: "asc" }]
+    });
+  }
+  async function findByToken({
+    tokenHash
+  }) {
+    return prisma.adminRefreshToken.findUnique({
+      where: { tokenHash }
+    });
+  }
+  return {
+    findManyByAdminId,
+    findByToken
+  };
+}
+
+// src/server/infrastructure/database/file/include.ts
+var FILE_FULL_INCLUDE = {
+  // ---------------------------
+  // relations: Folder
+  // ---------------------------
+  folder: true,
+  // ---------------------------
+  // relations: Admin
+  // ---------------------------
+  adminAsAvatarImage: true,
+  // ---------------------------
+  // relations: Post
+  // ---------------------------
+  postsAsCoverImage: true,
+  postsAsContentImage: true,
+  // ---------------------------
+  // --- custom fields
+  // ---------------------------
+  postsAsImages1: true,
+  postsAsImages2: true,
+  postsAsImage1: true,
+  postsAsImage2: true,
+  postsAsImage3: true,
+  postsAsImage4: true,
+  // ---------------------------
+  // translation
+  // ---------------------------
+  translations: true
+};
+
+// src/server/infrastructure/database/file/command/create-file-command-repository.ts
+function createFileCommandRepository(prisma) {
+  async function create({
+    // core
+    key,
+    checksum,
+    // meta
+    fileMeta,
+    // media info
+    width,
+    height,
+    duration,
+    // ------------------------------------
+    // relations
+    // ------------------------------------
+    // Folder
+    folder,
+    // ------------------------------------
+    // translation
+    // ------------------------------------
+    translations
+  }) {
+    const extension2 = mimeToExtension(fileMeta.type);
+    const created = await prisma.file.create({
+      data: {
+        // core
+        key,
+        checksum,
+        // media info
+        ...width !== void 0 ? { width } : {},
+        ...height !== void 0 ? { height } : {},
+        ...duration !== void 0 ? { duration } : {},
+        // derived
+        originalName: fileMeta.name || "unknown",
+        size: fileMeta.size ?? 0,
+        extension: extension2,
+        mimeType: fileMeta.type || "unknown",
+        type: classifyFileType(fileMeta.type, extension2),
+        // ------------------------------------------------------------------------
+        // relations
+        // ------------------------------------------------------------------------
+        // Folder
+        folder: connectOne(folder),
+        // ------------------------------------------------------------------------
+        // translation
+        // ------------------------------------------------------------------------
+        translations: {
+          create: translations.map((t) => ({
+            ...t,
+            name: t.name ?? fileMeta.name ?? "unknown"
+          }))
+        }
+      },
+      include: FILE_FULL_INCLUDE
+    });
+    return created;
+  }
+  async function update({
+    file,
+    // Original file (File)
+    id,
+    // core
+    key,
+    checksum,
+    // meta
+    fileMeta,
+    // media info
+    width,
+    height,
+    duration,
+    // ------------------------------------
+    // relations
+    // ------------------------------------
+    // Folder
+    folder,
+    // ------------------------------------
+    // translation
+    // ------------------------------------
+    translations
+  }) {
+    const extension2 = mimeToExtension(fileMeta.type);
+    const updated = await prisma.file.update({
+      where: { id: file.id },
+      data: {
+        // core
+        key,
+        checksum,
+        // media info
+        ...width !== void 0 ? { width } : {},
+        ...height !== void 0 ? { height } : {},
+        ...duration !== void 0 ? { duration } : {},
+        // derived
+        size: fileMeta.size ?? file.size,
+        extension: fileMeta ? extension2 : file.extension,
+        mimeType: fileMeta.type || file.mimeType,
+        type: fileMeta.type ? classifyFileType(fileMeta.type, extension2) : file.type,
+        // ------------------------------------------------------------------------
+        // relations
+        // ------------------------------------------------------------------------
+        // Folder
+        folder: updateOne(folder),
+        // ------------------------------------------------------------------------
+        // translation
+        // ------------------------------------------------------------------------
+        translations: {
+          upsert: translations.map((t) => ({
+            where: { fileId_locale: { fileId: id, locale: t.locale } },
+            update: t,
+            create: t
+          }))
+        }
+      }
+    });
+    return updated;
+  }
+  async function softDelete({ id }) {
+    const updated = await prisma.file.update({
+      where: { id, isLocked: false },
+      data: { deletedAt: /* @__PURE__ */ new Date() }
+    });
+    return updated;
+  }
+  async function softDeleteMany({ ids: ids2 }) {
+    const { count } = await prisma.file.updateMany({
+      where: { id: { in: ids2 }, isLocked: false },
+      data: { deletedAt: /* @__PURE__ */ new Date() }
+    });
+    return count;
+  }
+  async function restoreMany({ ids: ids2 }) {
+    const { count } = await prisma.file.updateMany({
+      where: { id: { in: ids2 } },
+      data: { deletedAt: null }
+    });
+    return count;
+  }
+  async function _delete({ id }) {
+    const deleted = await prisma.file.delete({
+      where: { id }
+    });
+    return deleted;
+  }
+  return {
+    create,
+    update,
+    softDelete,
+    softDeleteMany,
+    restoreMany,
+    delete: _delete
+  };
+}
+
+// src/server/infrastructure/database/utils/build-file-usage.ts
+function buildFileUsage(isLocked) {
+  const relations = [
+    "adminAsAvatarImage",
+    "postsAsCoverImage",
+    "postsAsContentImage",
+    "postsAsImages1",
+    "postsAsImages2",
+    "postsAsImage1",
+    "postsAsImage2",
+    "postsAsImage3",
+    "postsAsImage4"
+  ];
+  if (isLocked === void 0 || isLocked === null) return {};
+  const condition = relations.map((r) => ({
+    [r]: { [isLocked ? "some" : "none"]: {} }
+  }));
+  return isLocked ? { OR: condition } : { AND: condition };
+}
+
+// src/server/infrastructure/database/file/query/create-file-query-repository.ts
+function createFileQueryRepository(prisma) {
+  async function findListCards({
+    locale,
+    // pagination
+    page,
+    pageSize,
+    // search
+    searchString,
+    type,
+    folderId,
+    isLocked,
+    isDeleted = false,
+    fileIds
+  }) {
+    const where = {
+      // search
+      ...createSearch({
+        ...searchString !== void 0 ? { searchString } : {},
+        locale,
+        translationFields: ["name"]
+      }),
+      // type
+      ...type ? { type } : {},
+      // state: isLocked
+      ...buildFileUsage(isLocked),
+      // state: deleteAt
+      deletedAt: isDeleted ? { not: null } : null,
+      // Find deleted files in trash page
+      // relations: Folder
+      ...folderId ? { folderId: folderId === ROOT_FOLDER_ID ? null : folderId } : {},
+      // Specified ids
+      ...fileIds ? { id: { in: fileIds } } : {}
+    };
+    const [items, total] = await prisma.$transaction([
+      prisma.file.findMany({
+        where,
+        orderBy: [...ORDER_BY],
+        include: FILE_FULL_INCLUDE,
+        ...createPagination(page, pageSize)
+      }),
+      prisma.file.count({ where })
+    ]);
+    return { items, total };
+  }
+  async function findManyByIds({
+    ids: ids2
+  }) {
+    return prisma.file.findMany({
+      where: { id: { in: ids2 } },
+      include: FILE_FULL_INCLUDE
+    });
+  }
+  async function findFull({ id }) {
+    return prisma.file.findUnique({
+      where: { id },
+      include: FILE_FULL_INCLUDE
+    });
+  }
+  return {
+    findListCards,
+    findManyByIds,
+    findFull
+  };
+}
+
+// src/server/infrastructure/database/folder/command/create-folder-command-repository.ts
+function createFolderCommandRepository(prisma) {
+  async function create({
+    // core
+    key,
+    name,
+    // ------------------------------------
+    // relations
+    // ------------------------------------
+    // Folder
+    parentFolder
+  }) {
+    const created = await prisma.folder.create({
+      data: {
+        // core
+        key,
+        name,
+        // ------------------------------------------------------------------------
+        // relations
+        // ------------------------------------------------------------------------
+        // Folder
+        parentFolder: connectOne(parentFolder)
+      }
+    });
+    return created;
+  }
+  async function update({
+    id,
+    // core
+    key,
+    name,
+    // ------------------------------------
+    // relations
+    // ------------------------------------
+    // Folder
+    parentFolder
+  }) {
+    const updated = await prisma.folder.update({
+      where: { id },
+      data: {
+        // core
+        key,
+        name,
+        // ------------------------------------------------------------------------
+        // relations
+        // ------------------------------------------------------------------------
+        // Folder
+        parentFolder: updateOne(parentFolder)
+      }
+    });
+    return updated;
+  }
+  async function _delete({ id }) {
+    const deleted = await prisma.folder.delete({
+      where: { id }
+    });
+    return deleted;
+  }
+  return {
+    create,
+    update,
+    delete: _delete
+  };
+}
+
+// src/server/infrastructure/database/folder/include.ts
+var FOLDER_FULL_INCLUDE = {
+  // ---------------------------
+  // relations: Folder
+  // ---------------------------
+  parentFolder: { include: { subFolders: true, files: true } },
+  subFolders: true,
+  // ---------------------------
+  // relations: File
+  // ---------------------------
+  files: true
+};
+
+// src/server/infrastructure/database/folder/query/create-folder-query-repository.ts
+function buildWhere2(params) {
+  if (params.id) return { id: params.id };
+  if (params.key) return { key: params.key };
+  return;
+}
+function createFolderQueryRepository(prisma) {
+  async function findListCards({
+    // search
+    searchString,
+    parentFolderId,
+    folderIds,
+    // pagination
+    page,
+    pageSize
+  }) {
+    const where = {
+      // search
+      ...searchString ? { name: { contains: searchString, mode: "insensitive" } } : {},
+      // relations: Folder
+      ...parentFolderId ? parentFolderId === ROOT_FOLDER_ID ? { parentFolderId: null } : { parentFolderId } : {},
+      // Specified ids
+      ...folderIds ? { id: { in: folderIds } } : {}
+    };
+    const [items, total] = await prisma.$transaction([
+      prisma.folder.findMany({
+        where,
+        orderBy: [...ORDER_BY],
+        include: FOLDER_FULL_INCLUDE,
+        ...createPagination(page, pageSize)
+      }),
+      prisma.folder.count({ where })
+    ]);
+    return { items, total };
+  }
+  async function findFull(params) {
+    const where = buildWhere2(params);
+    if (!where) return null;
+    return prisma.folder.findUnique({
+      where,
+      include: FOLDER_FULL_INCLUDE
+    });
+  }
+  return {
+    findListCards,
+    findFull
+  };
+}
+function createPostCommandRepository(prisma) {
+  async function create({
+    slug,
+    // ------------------------------------
+    // relations
+    // ------------------------------------
+    // Admin
+    author,
+    // Post
+    topicId,
+    parents,
+    tags,
+    relatedPosts,
+    // File
+    coverImage,
+    contentImageIds,
+    // ------------------------------------
+    // --- custom fields
+    // ------------------------------------
+    // multi images
+    images1,
+    images2,
+    // single images
+    image1,
+    image2,
+    image3,
+    image4,
+    // ------------------------------------
+    // translation
+    // ------------------------------------
+    translations,
+    // rest
+    ...params
+  }) {
+    const id = ulid();
+    const created = await prisma.post.create({
+      data: {
+        ...params,
+        id,
+        // ------------------------------------------------------------------------
+        // states
+        // ------------------------------------------------------------------------
+        slug: slug?.trim() || id,
+        // Use id when slug is null or empty string
+        // ------------------------------------------------------------------------
+        // relations
+        // ------------------------------------------------------------------------
+        // Admin
+        author: connectOne(author),
+        // Post
+        topic: connectOne(topicId ? { id: topicId } : null),
+        parents: connectMany(parents),
+        tags: connectMany(tags),
+        relatedPosts: connectMany(relatedPosts),
+        // File
+        coverImage: connectOne(coverImage),
+        contentImages: connectMany(contentImageIds.map((id2) => ({ id: id2 }))),
+        // ------------------------------------------------------------------------
+        // --- custom fields
+        // ------------------------------------------------------------------------
+        // multi images
+        images1: connectMany(images1),
+        images2: connectMany(images2),
+        // single images
+        image1: connectOne(image1),
+        image2: connectOne(image2),
+        image3: connectOne(image3),
+        image4: connectOne(image4),
+        // ------------------------------------------------------------------------
+        // translation
+        // ------------------------------------------------------------------------
+        translations: {
+          create: translations.map((t) => ({
+            ...t,
+            externalLinks: t.externalLinks,
+            faq: t.faq,
+            toc: t.toc
+          }))
+        }
+      }
+    });
+    return created;
+  }
+  async function update({
+    id,
+    slug,
+    // ------------------------------------
+    // relations
+    // ------------------------------------
+    // Admin
+    author,
+    // Post
+    topicId,
+    parents,
+    tags,
+    relatedPosts,
+    // File
+    coverImage,
+    contentImageIds,
+    // ------------------------------------
+    // --- custom fields
+    // ------------------------------------
+    // multi images
+    images1,
+    images2,
+    // single images
+    image1,
+    image2,
+    image3,
+    image4,
+    // ------------------------------------
+    // translation
+    // ------------------------------------
+    translations,
+    // rest
+    ...params
+  }) {
+    const updated = await prisma.post.update({
+      where: { id },
+      data: {
+        ...params,
+        // ------------------------------------------------------------------------
+        // states
+        // ------------------------------------------------------------------------
+        slug: slug?.trim() || id,
+        // Use id when slug is null or empty string
+        // ------------------------------------------------------------------------
+        // relations
+        // ------------------------------------------------------------------------
+        // Admin
+        author: updateOne(author),
+        // Post
+        topic: updateOne(topicId ? { id: topicId } : null),
+        parents: updateMany(parents),
+        tags: updateMany(tags),
+        relatedPosts: updateMany(relatedPosts),
+        // File
+        coverImage: updateOne(coverImage),
+        contentImages: updateMany(contentImageIds.map((id2) => ({ id: id2 }))),
+        // ------------------------------------------------------------------------
+        // --- custom fields
+        // ------------------------------------------------------------------------
+        // multi images
+        images1: updateMany(images1),
+        images2: updateMany(images2),
+        // single images
+        image1: updateOne(image1),
+        image2: updateOne(image2),
+        image3: updateOne(image3),
+        image4: updateOne(image4),
+        // ------------------------------------------------------------------------
+        // translation
+        // ------------------------------------------------------------------------
+        translations: {
+          upsert: translations.map((t) => ({
+            where: { postId_locale: { postId: id, locale: t.locale } },
+            update: {
+              ...t,
+              externalLinks: t.externalLinks,
+              faq: t.faq,
+              toc: t.toc
+            },
+            create: {
+              ...t,
+              externalLinks: t.externalLinks,
+              faq: t.faq,
+              toc: t.toc
+            }
+          }))
+        }
+      }
+    });
+    return updated;
+  }
+  async function _delete({ id }) {
+    const deleted = await prisma.post.delete({
+      where: { id }
+    });
+    return deleted;
+  }
+  return {
+    create,
+    update,
+    delete: _delete
+  };
+}
+
+// src/server/infrastructure/database/post/include.ts
+var POST_LIST_CARD_INCLUDE = {
+  // ---------------------------
+  // relations: Post
+  // ---------------------------
+  topic: { include: { translations: true } },
+  // Use as post, category
+  postsInTopic: true,
+  // Use as topic
+  children: true,
+  // Use as category
+  taggedPosts: true,
+  // Use as tag
+  // ---------------------------
+  // relations: File
+  // ---------------------------
+  coverImage: true,
+  // ---------------------------
+  // translation
+  // ---------------------------
+  translations: true
+};
+var POST_FULL_INCLUDE = {
+  // ---------------------------
+  // relations: Admin
+  // ---------------------------
+  author: { include: { translations: true }, omit: { passwordHash: true } },
+  // ---------------------------
+  // relations: Post
+  // ---------------------------
+  topic: { include: POST_LIST_CARD_INCLUDE },
+  postsInTopic: { include: POST_LIST_CARD_INCLUDE },
+  parents: { include: POST_LIST_CARD_INCLUDE },
+  children: { include: POST_LIST_CARD_INCLUDE },
+  tags: { include: POST_LIST_CARD_INCLUDE },
+  taggedPosts: { include: POST_LIST_CARD_INCLUDE },
+  relatedPosts: { include: POST_LIST_CARD_INCLUDE },
+  referencingPosts: { include: POST_LIST_CARD_INCLUDE },
+  // ---------------------------
+  // relations: File
+  // ---------------------------
+  coverImage: { include: { translations: true } },
+  // ---------------------------
+  // relations: File
+  // ---------------------------
+  seoMetadatas: true,
+  // ---------------------------
+  // --- custom fields
+  // ---------------------------
+  images1: { include: { translations: true } },
+  images2: { include: { translations: true } },
+  image1: { include: { translations: true } },
+  image2: { include: { translations: true } },
+  image3: { include: { translations: true } },
+  image4: { include: { translations: true } },
+  // ---------------------------
+  // translation
+  // ---------------------------
+  translations: true
+};
+
+// src/server/infrastructure/database/post/query/create-post-query-repository.ts
+function buildWhere3(params) {
+  if (params.id) return { id: params.id };
+  if (params.type && params.slug)
+    return { type: params.type, slug: params.slug };
+  return;
+}
+function createPostQueryRepository(prisma) {
+  async function findListCards({
+    locale,
+    // search
+    searchString,
+    // type
+    type,
+    // states
+    isActive,
+    isIndexActive,
+    isSlugActive,
+    isFeatured,
+    isShownOnHome,
+    state1,
+    state2,
+    state3,
+    state4,
+    state5,
+    state6,
+    state7,
+    state8,
+    state9,
+    state10,
+    // relations
+    topicId,
+    topicSlug,
+    categoryId,
+    categorySlug,
+    // specified ids
+    postIds,
+    excludeIds,
+    // pagination
+    page,
+    pageSize
+  }) {
+    const where = {
+      // search
+      ...createSearch({
+        ...searchString ? { searchString } : {},
+        locale,
+        rootFields: ["slug"],
+        translationFields: [
+          "title",
+          "subtitle",
+          "summary",
+          "description",
+          "content"
+        ]
+      }),
+      // type
+      ...type ? { type } : {},
+      // states
+      ...isActive ? { isActive: true } : {},
+      ...isIndexActive ? { isIndexActive: true } : {},
+      ...isSlugActive ? { isSlugActive: true } : {},
+      ...isFeatured ? { isFeatured: true } : {},
+      ...isShownOnHome ? { isShownOnHome: true } : {},
+      ...state1 ? { state1: true } : {},
+      ...state2 ? { state2: true } : {},
+      ...state3 ? { state3: true } : {},
+      ...state4 ? { state4: true } : {},
+      ...state5 ? { state5: true } : {},
+      ...state6 ? { state6: true } : {},
+      ...state7 ? { state7: true } : {},
+      ...state8 ? { state8: true } : {},
+      ...state9 ? { state9: true } : {},
+      ...state10 ? { state10: true } : {},
+      // relations
+      ...topicId ? { topicId } : {},
+      ...topicSlug ? { topic: { slug: topicSlug } } : {},
+      ...categoryId ? { parents: { some: { id: categoryId } } } : {},
+      ...categorySlug ? { parents: { some: { slug: categorySlug } } } : {},
+      // Specified ids
+      ...postIds?.length || excludeIds?.length ? {
+        id: {
+          ...postIds ? { in: postIds } : {},
+          ...excludeIds ? { notIn: excludeIds } : {}
+        }
+      } : {}
+    };
+    const [items, total] = await prisma.$transaction([
+      prisma.post.findMany({
+        where,
+        orderBy: POST_ORDER_BY,
+        include: POST_LIST_CARD_INCLUDE,
+        ...createPagination(page, pageSize)
+      }),
+      prisma.post.count({ where })
+    ]);
+    return { items, total };
+  }
+  async function find({
+    isActive,
+    ...rest
+  }) {
+    const where = buildWhere3(rest);
+    if (!where) return null;
+    return prisma.post.findFirst({
+      where: { ...where, ...isActive ? { isActive } : {} },
+      include: { translations: true }
+    });
+  }
+  async function findMany({
+    type,
+    topicId
+  }) {
+    return prisma.post.findMany({
+      where: { type, ...topicId ? { topicId } : {} },
+      orderBy: POST_ORDER_BY,
+      include: { translations: true }
+    });
+  }
+  async function findFull({
+    // states
+    isActive,
+    // relations
+    topicSlug,
+    ...rest
+  }) {
+    const where = buildWhere3(rest);
+    if (!where) return null;
+    return prisma.post.findFirst({
+      where: {
+        ...where,
+        // states
+        ...isActive ? { isActive } : {},
+        // relations
+        ...topicSlug ? { topic: { slug: topicSlug } } : {}
+      },
+      include: POST_FULL_INCLUDE
+    });
+  }
+  return {
+    findListCards,
+    findMany,
+    find,
+    findFull
+  };
+}
+
+// src/server/infrastructure/database/seo-metadata/command/create-seo-metadata-command-repository.ts
+function createSeoMetadataCommandRepository(prisma) {
+  async function upsert({
+    // ------------------------------------
+    // relations
+    // ------------------------------------
+    // Post
+    postId,
+    // ------------------------------------
+    // translation
+    // ------------------------------------
+    translations
+  }) {
+    await prisma.post.update({
+      where: { id: postId },
+      data: {
+        seoMetadatas: {
+          upsert: translations.map((t) => ({
+            where: { postId_locale: { postId, locale: t.locale } },
+            update: t,
+            create: t
+          }))
+        }
+      }
+    });
+  }
+  return {
+    upsert
+  };
+}
+
+// src/server/server-error.ts
+var ServerError = class _ServerError extends Error {
+  i18nKey;
+  statusCode;
+  constructor({
+    message,
+    i18nKey,
+    statusCode
+  }) {
+    super(message);
+    this.name = this.constructor.name;
+    if (i18nKey) this.i18nKey = i18nKey;
+    if (statusCode) this.statusCode = statusCode;
+  }
+  /** 401 Unauthorized */
+  static unauthorized() {
+    return new _ServerError({ i18nKey: "error.unauthorized", statusCode: 401 });
+  }
+  /** 403 Forbidden */
+  static forbidden() {
+    return new _ServerError({ i18nKey: "error.forbidden", statusCode: 403 });
+  }
+  /** 404 Not found */
+  static notFound() {
+    return new _ServerError({ i18nKey: "error.not-found", statusCode: 404 });
+  }
+  /** 500 Internal Server Error */
+  static internalServerError() {
+    return new _ServerError({
+      i18nKey: "error.internal-server-error",
+      statusCode: 500
+    });
+  }
+};
+
+// src/server/interfaces/execution/normalize-error.ts
+var normalizeError = (error2, translator) => {
+  if (error2 instanceof ZodError) {
+    const errors = error2.issues.map((issue) => {
+      let message = issue.message;
+      if (issue.code === "custom" && issue.params?.["i18nKey"]) {
+        message = translator.t(issue.params["i18nKey"]);
+      }
+      return {
+        field: issue.path.join("."),
+        // e.path: string[]  e.g. ["name", "email"]
+        message,
+        code: issue.code
+      };
+    });
+    return { message: "Validation faild", errors, statusCode: 422 };
+  }
+  if (error2 instanceof ServerError) {
+    const message = translator.t(
+      error2.i18nKey ?? "error.internal-server-error"
+    );
+    return { message, statusCode: error2.statusCode ?? 500 };
+  }
+  return {
+    message: error2 instanceof Error ? error2.message : JSON.stringify(error2),
+    statusCode: 500,
+    isInternal: true
+  };
+};
+
+// src/server/interfaces/execution/execute-action/create-execute-action.ts
+function createExecuteAction({
+  initI18n,
+  cacheResult,
+  cache: cache2,
+  logger
+}) {
+  return async function executeAction(fn, options = {}) {
+    const translator = await initI18n();
+    const withCache = options.type === "query" && options.key;
+    try {
+      const { data, i18nKey, message, meta } = withCache ? await cacheResult({
+        key: options.key,
+        ...options.ttl ? { ttl: options.ttl } : {},
+        load: async () => fn(translator)
+      }) : await fn(translator);
+      if (options.type === "command") cache2.clear();
+      const finalMessage = i18nKey ? translator.t(i18nKey) : message;
+      return result.success({
+        ...finalMessage ? { message: finalMessage } : {},
+        ...data !== void 0 ? { data } : {},
+        ...meta ? { meta } : {}
+      });
+    } catch (error2) {
+      const { message, errors, isInternal } = normalizeError(error2, translator);
+      logger.error({ message, errors });
+      return result.error({
+        message: isInternal ? "Internal server error" : message,
+        ...errors !== void 0 ? { errors } : {}
+      });
+    }
+  };
+}
+function createExecuteApi({ initI18n, logger }) {
+  return async function serverApi(fn) {
+    const translator = await initI18n();
+    try {
+      return await fn(translator);
+    } catch (error2) {
+      const { message, errors, statusCode, isInternal } = normalizeError(
+        error2,
+        translator
+      );
+      logger.error({ message, errors });
+      return NextResponse.json(
+        result.error({
+          message: isInternal ? "Internal server error" : message,
+          ...errors ? { errors } : {}
+        }),
+        { status: statusCode }
+      );
+    }
+  };
+}
+
+// src/server/interfaces/middlewares/auth/create-auth-middleware.ts
+function createAuthMiddleware({
+  adminRefreshTokenCommandRepository,
+  authUseCases,
+  verifyAccessToken,
+  verifyRefreshToken,
+  headers
+}) {
+  const authMiddleware = {
+    async authenticate() {
+      const verifiedAccessToken = await verifyAccessToken();
+      if (verifiedAccessToken) return verifiedAccessToken.admin;
+      const verifiedRefreshToken = await verifyRefreshToken();
+      if (!verifiedRefreshToken) throw ServerError.unauthorized();
+      const { adminRefreshToken, admin } = verifiedRefreshToken;
+      await adminRefreshTokenCommandRepository.delete({
+        id: adminRefreshToken.id
+      });
+      await authUseCases.refreshTokens({
+        admin,
+        deviceInfo: adminRefreshToken.deviceInfo,
+        ip: (await headers()).get("x-forwarded-for") || "unknown"
+      });
+      return admin;
+    }
+  };
+  return authMiddleware;
+}
+
+// src/server/interfaces/middlewares/auth/create-verify-access-token.ts
+function createVerifyAccessToken({
+  adminQueryRepository,
+  jwtService,
+  cryptoService,
+  cookieService,
+  config
+}) {
+  return async function verifyAccessToken() {
+    try {
+      const token = await cookieService.getSignedCookie({
+        name: config.accessTokenName
+      });
+      const payload = jwtService.verify({
+        token,
+        secret: cryptoService.hash(config.accessTokenSecret)
+      });
+      const admin = await adminQueryRepository.findFull({
+        id: payload["id"]
+      });
+      return admin ? { admin } : null;
+    } catch {
+      return null;
+    }
+  };
+}
+
+// src/server/interfaces/middlewares/auth/create-verify-refresh-token.ts
+function createVerifyRefreshToken({
+  adminQueryRepository,
+  adminRefreshTokenQueryRepository,
+  cryptoService,
+  cookieService,
+  config
+}) {
+  return async function verifyRefreshToken() {
+    try {
+      const token = await cookieService.getSignedCookie({
+        name: config.refreshTokenName
+      });
+      const adminRefreshToken = await adminRefreshTokenQueryRepository.findByToken({
+        tokenHash: cryptoService.hash(token)
+      });
+      if (!adminRefreshToken) return null;
+      const admin = await adminQueryRepository.findFull({
+        id: adminRefreshToken.adminId
+      });
+      return admin ? { adminRefreshToken, admin } : null;
+    } catch {
+      return null;
+    }
+  };
+}
+
+// src/server/interfaces/actions/auth/sign-in/sign-in-validator.ts
+var signInValidator = (schemas) => schemas.z.object({
+  email: schemas.email(),
+  password: schemas.password()
+});
+
+// src/server/interfaces/actions/auth/sign-in/create-sign-in-action.ts
+function createSignInAction(ctx) {
+  return async function signInAction({
+    formData,
+    deviceInfo
+  }) {
+    const {
+      repositories: {
+        adminQueryRepository,
+        adminRefreshTokenCommandRepository
+      },
+      useCases: { authUseCases },
+      action: { executeAction, ipRateLimiter },
+      http: { headers },
+      schemas: { schemas }
+    } = ctx;
+    return executeAction(
+      async () => {
+        await ipRateLimiter({ key: ["sign-in"] });
+        const { email, password } = await signInValidator(schemas).parseAsync(formData);
+        const verified = await authUseCases.verifyCredentials({
+          email,
+          password
+        });
+        const admin = await adminQueryRepository.findFull({
+          id: verified.id
+        });
+        if (!admin) throw ServerError.notFound();
+        await authUseCases.refreshTokens({
+          admin,
+          deviceInfo,
+          ip: (await headers()).get("x-forwarded-for") || "unknown"
+        });
+        await adminRefreshTokenCommandRepository.deleteManyByExpired();
+        return {
+          i18nKey: "ok.sign-in-ok",
+          data: { admin }
+        };
+      },
+      { type: "command" }
+    );
+  };
+}
+
+// src/server/interfaces/actions/auth/sign-out/create-sign-out-action.ts
+function createSignOutAction(ctx) {
+  const {
+    services: { cryptoService, cookieService },
+    repositories: { adminRefreshTokenCommandRepository },
+    action: { executeAction },
+    config: { accessTokenName, refreshTokenName }
+  } = ctx;
+  return async function signOutAction() {
+    return executeAction(
+      async () => {
+        let token;
+        try {
+          token = await cookieService.getSignedCookie({
+            name: refreshTokenName
+          });
+        } catch {
+        }
+        if (token) {
+          await adminRefreshTokenCommandRepository.delete({
+            tokenHash: cryptoService.hash(token)
+          });
+        }
+        await cookieService.delete({ name: accessTokenName });
+        await cookieService.delete({ name: refreshTokenName });
+        return {
+          i18nKey: "ok.sign-out-ok"
+        };
+      },
+      { type: "command" }
+    );
+  };
+}
+
+// src/server/interfaces/actions/auth/verify/create-verify-action.ts
+function createVerifyAction(ctx) {
+  const {
+    middlewares: { authMiddleware },
+    action: { executeAction, ipRateLimiter }
+  } = ctx;
+  return async function verifyAction() {
+    return executeAction(async () => {
+      await ipRateLimiter({ key: ["verify"], maxAttempts: 60 });
+      const admin = await authMiddleware.authenticate();
+      return {
+        data: { admin }
+      };
+    });
+  };
+}
+
+// src/server/interfaces/actions/auth/change-password/change-password-validator.ts
+var changePasswordValidator = (schemas) => schemas.z.object({
+  password: schemas.password(),
+  newPassword: schemas.password(),
+  newPasswordConfirm: schemas.password()
+}).superRefine((data, ctx) => {
+  if (data.newPassword !== data.newPasswordConfirm) {
+    ctx.addIssue({
+      code: "custom",
+      params: { i18nKey: "validator.password-confirm" },
+      path: ["newPassword"]
+    });
+    ctx.addIssue({
+      code: "custom",
+      params: { i18nKey: "validator.password-confirm" },
+      path: ["newPasswordConfirm"]
+    });
+  }
+});
+
+// src/server/interfaces/actions/auth/change-password/create-change-password-action.ts
+function createChangePasswordAction(ctx) {
+  return async function changePasswordAction({
+    formData
+  }) {
+    const {
+      action: { executeAction, ipRateLimiter },
+      useCases: { authUseCases },
+      middlewares: { authMiddleware },
+      schemas: { schemas }
+    } = ctx;
+    return executeAction(
+      async () => {
+        await ipRateLimiter({ key: ["change-password"] });
+        const { email } = await authMiddleware.authenticate();
+        const { password, newPassword } = await changePasswordValidator(schemas).parseAsync(formData);
+        await authUseCases.verifyCredentials({ email, password });
+        await authUseCases.updatePassword({ email, password: newPassword });
+        return {
+          i18nKey: "ok.change-password-ok"
+        };
+      },
+      { type: "command" }
+    );
+  };
+}
+
+// src/server/interfaces/actions/auth/verify-email/verify-email-validator.ts
+var verifyEmailValidator = (schemas) => schemas.z.object({
+  email: schemas.email(),
+  emailVerificationToken: schemas.z.string().trim().max(1e3)
+});
+
+// src/server/interfaces/actions/auth/verify-email/create-verify-email-action.ts
+function createVerifyEmailAction(ctx) {
+  return async function verifyEmailAction({
+    formData
+  }) {
+    const {
+      repositories: { adminQueryRepository },
+      useCases: { authUseCases },
+      action: { executeAction, ipRateLimiter },
+      schemas: { schemas }
+    } = ctx;
+    return executeAction(
+      async () => {
+        await ipRateLimiter({ key: ["verify-email"] });
+        const { email, emailVerificationToken } = await verifyEmailValidator(schemas).parseAsync(formData);
+        const admin = await adminQueryRepository.find({ email });
+        if (!admin) throw new ServerError({ i18nKey: "error.email-not-found" });
+        await authUseCases.verifyEmailAndUpdate({
+          token: emailVerificationToken || "",
+          admin
+        });
+        return {
+          i18nKey: "ok.verify-email-ok",
+          data: { admin }
+        };
+      },
+      { type: "command" }
+    );
+  };
+}
+
+// src/server/interfaces/actions/auth/email-unverifired/email-unverifired-validator.ts
+var emailUnverifiedValidator = (schemas) => schemas.z.object({
+  email: schemas.email()
+});
+
+// src/server/interfaces/actions/auth/email-unverifired/create-email-unverifired-action.ts
+function createEmailUnverifiedAction(ctx) {
+  return async function emailUnverifiedAction({
+    formData
+  }) {
+    const {
+      repositories: { adminQueryRepository },
+      action: { executeAction, ipRateLimiter },
+      emails: { emailVerificationEmail },
+      schemas: { schemas }
+    } = ctx;
+    return executeAction(
+      async (translator) => {
+        await ipRateLimiter({
+          key: ["email-unverified"],
+          maxAttempts: 2,
+          timeWindow: 60
+        });
+        const { email } = await emailUnverifiedValidator(schemas).parseAsync(formData);
+        const admin = await adminQueryRepository.find({ email });
+        if (!admin) throw new ServerError({ i18nKey: "error.email-not-found" });
+        void emailVerificationEmail.send({ translator, admin });
+        return {
+          i18nKey: "ok.email-unverified-ok"
+        };
+      },
+      { type: "command" }
+    );
+  };
+}
+
+// src/server/interfaces/actions/auth/forgot-password/forgot-password-validator.ts
+var forgetPasswordValidator = (schemas) => schemas.z.object({
+  email: schemas.email()
+});
+
+// src/server/interfaces/actions/auth/forgot-password/create-forgot-password-action.ts
+function createForgotPasswordAction(ctx) {
+  return async function forgotPasswordAction({
+    formData
+  }) {
+    const {
+      repositories: { adminQueryRepository },
+      action: { executeAction, ipRateLimiter },
+      emails: { forgotPasswordEmail },
+      schemas: { schemas }
+    } = ctx;
+    return executeAction(
+      async (translator) => {
+        await ipRateLimiter({
+          key: ["forget-password"],
+          maxAttempts: 2,
+          timeWindow: 60
+        });
+        const { email } = await forgetPasswordValidator(schemas).parseAsync(formData);
+        const admin = await adminQueryRepository.find({ email });
+        if (!admin) throw new ServerError({ i18nKey: "error.email-not-found" });
+        void forgotPasswordEmail.send({ translator, admin });
+        return {
+          i18nKey: "ok.forgot-password-ok"
+        };
+      },
+      { type: "command" }
+    );
+  };
+}
+
+// src/server/interfaces/actions/auth/reset-password/reset-password-validator.ts
+var resetPasswordValidator = (schemas) => schemas.z.object({
+  passwordResetToken: schemas.z.string().trim().max(1e3),
+  newPassword: schemas.password(),
+  newPasswordConfirm: schemas.password()
+}).superRefine((data, ctx) => {
+  if (data.newPassword !== data.newPasswordConfirm) {
+    ctx.addIssue({
+      code: "custom",
+      message: "custom.password-confirm",
+      path: ["newPassword"]
+    });
+    ctx.addIssue({
+      code: "custom",
+      message: "custom.password-confirm",
+      path: ["newPasswordConfirm"]
+    });
+  }
+});
+
+// src/server/interfaces/actions/auth/reset-password/create-reset-password-action.ts
+function createResetPasswordAction(ctx) {
+  return async function ResetPasswordAction({
+    formData
+  }) {
+    const {
+      useCases: { authUseCases },
+      action: { executeAction, ipRateLimiter },
+      schemas: { schemas }
+    } = ctx;
+    return executeAction(
+      async () => {
+        await ipRateLimiter({ key: ["reset-password"] });
+        const { newPassword, passwordResetToken } = await resetPasswordValidator(schemas).parseAsync(formData);
+        const decoded = authUseCases.verifyPasswordResetToken({
+          token: passwordResetToken
+        });
+        await authUseCases.updatePassword({
+          email: decoded.email,
+          password: newPassword
+        });
+        return {
+          i18nKey: "ok.reset-password-ok"
+        };
+      },
+      { type: "command" }
+    );
+  };
+}
+
+// src/server/interfaces/actions/resources/admin/commands/create/admin-create-validator.ts
+var adminCreateValidator = (schemas) => schemas.z.object({
+  // core
+  role: schemas.z.enum(Object.values(ADMIN_ROLES)),
+  email: schemas.email().unique({ table: "admins", column: "email" }),
+  password: schemas.password(),
+  // better seo
+  socialLinks: schemas.array(schemas.url()),
+  // ----------------------------------------------------------------------------
+  // relations
+  // ----------------------------------------------------------------------------
+  // File
+  avatarImage: schemas.z.object({ id: schemas.id().exist({ table: "files" }) }).nullable(),
+  // ----------------------------------------------------------------------------
+  // translation
+  // ----------------------------------------------------------------------------
+  translations: schemas.array(
+    schemas.z.object({
+      // core
+      locale: schemas.locale(),
+      // text
+      name: schemas.text().nullable(),
+      // better seo
+      authorName: schemas.text().nullable(),
+      description: schemas.text().nullable(),
+      jobTitle: schemas.text().nullable(),
+      url: schemas.url().nullable(),
+      worksFor: schemas.text().nullable(),
+      knowsAbout: schemas.array(schemas.text()),
+      homeLocation: schemas.text().nullable(),
+      nationality: schemas.text().nullable()
+    })
+  )
+});
+
+// src/server/interfaces/actions/resources/admin/commands/create/create-admin-create-action.ts
+function createAdminCreateAction(ctx) {
+  const {
+    services: { argon2Service },
+    repositories: { adminCommandRepository },
+    middlewares: { authMiddleware },
+    action: { executeAction },
+    emails: { emailVerificationEmail },
+    schemas: { schemas }
+  } = ctx;
+  return async function adminCreateAction({
+    formData
+  }) {
+    return executeAction(
+      async (translator) => {
+        await authMiddleware.authenticate();
+        const {
+          role,
+          email,
+          password,
+          socialLinks,
+          avatarImage,
+          translations
+        } = await adminCreateValidator(schemas).parseAsync(formData);
+        const passwordHash = await argon2Service.hash(password);
+        const created = await adminCommandRepository.create({
+          role,
+          email,
+          passwordHash,
+          socialLinks,
+          avatarImage,
+          translations
+        });
+        void emailVerificationEmail.send({ translator, admin: created });
+        return {
+          i18nKey: "ok.admins-store-ok",
+          data: { admin: created }
+        };
+      },
+      { type: "command" }
+    );
+  };
+}
+
+// src/server/interfaces/actions/resources/admin/commands/update/admin-update-validator.ts
+var adminUpdateValidator = (schemas, id) => schemas.z.object({
+  // core
+  role: schemas.z.enum(Object.values(ADMIN_ROLES)),
+  email: schemas.email().unique({
+    table: "admins",
+    column: "email",
+    excludeSelf: { name: "id", value: id }
+  }).optional(),
+  // better seo
+  socialLinks: schemas.array(schemas.url()),
+  // ----------------------------------------------------------------------------
+  // relations
+  // ----------------------------------------------------------------------------
+  // File
+  avatarImage: schemas.z.object({ id: schemas.id().exist({ table: "files" }) }).nullable(),
+  // ----------------------------------------------------------------------------
+  // translation
+  // ----------------------------------------------------------------------------
+  translations: schemas.array(
+    schemas.z.object({
+      // core
+      locale: schemas.locale(),
+      // text
+      name: schemas.text().nullable(),
+      // better seo
+      authorName: schemas.text().nullable(),
+      description: schemas.text().nullable(),
+      jobTitle: schemas.text().nullable(),
+      url: schemas.url().nullable(),
+      worksFor: schemas.text().nullable(),
+      knowsAbout: schemas.array(schemas.text()),
+      homeLocation: schemas.text().nullable(),
+      nationality: schemas.text().nullable()
+    })
+  )
+});
+
+// src/server/interfaces/actions/resources/admin/commands/update/create-admin-update-action.ts
+function createAdminUpdateAction(ctx) {
+  const {
+    repositories: { adminQueryRepository, adminCommandRepository },
+    middlewares: { authMiddleware },
+    action: { executeAction },
+    emails: { emailVerificationEmail },
+    schemas: { schemas }
+  } = ctx;
+  return async function adminUpdateAction({
+    id,
+    formData
+  }) {
+    return executeAction(
+      async (translator) => {
+        const currentAdmin = await authMiddleware.authenticate();
+        const targetAdmin = await adminQueryRepository.findFull({ id });
+        if (!targetAdmin) throw ServerError.notFound();
+        const isSelf = currentAdmin.id === targetAdmin.id;
+        const canModifyOthers = currentAdmin.role === ADMIN_ROLES.SUPER_ADMIN;
+        if (!isSelf && !canModifyOthers) throw ServerError.forbidden();
+        const { role, email, socialLinks, avatarImage, translations } = await adminUpdateValidator(schemas, targetAdmin.id).parseAsync(
+          formData
+        );
+        const isUpdatingEmail = email !== targetAdmin.email;
+        if (isUpdatingEmail) {
+          void emailVerificationEmail.send({
+            translator,
+            admin: targetAdmin,
+            ...email ? { newEmail: email } : {}
+          });
+        }
+        const updatedAdmin = await adminCommandRepository.update({
+          id: targetAdmin.id,
+          role,
+          ...email !== void 0 ? { email } : {},
+          socialLinks,
+          avatarImage,
+          translations,
+          emailVerifiedAt: !isUpdatingEmail ? targetAdmin.emailVerifiedAt : null
+          // Clear emailVerifiedAt if updating a new email
+        });
+        return {
+          i18nKey: !isUpdatingEmail ? "ok.update-ok" : "ok.admins-update-email-ok",
+          data: { admin: updatedAdmin }
+        };
+      },
+      { type: "command" }
+    );
+  };
+}
+
+// src/server/interfaces/actions/resources/admin/commands/delete/create-admin-delete-action.ts
+function createAdminDeleteAction(ctx) {
+  const {
+    repositories: { adminQueryRepository, adminCommandRepository },
+    middlewares: { authMiddleware },
+    action: { executeAction }
+  } = ctx;
+  return async function adminDeleteAction({ targetId }) {
+    return executeAction(
+      async () => {
+        await authMiddleware.authenticate();
+        const targetAdmin = await adminQueryRepository.findFull({
+          id: targetId
+        });
+        if (!targetAdmin) throw ServerError.notFound();
+        if (targetAdmin.role === ADMIN_ROLES.SUPER_ADMIN) {
+          throw new ServerError({ i18nKey: "error.admins-destroy-forbidden" });
+        }
+        await adminCommandRepository.delete({ id: targetId });
+        return {
+          i18nKey: "ok.destroy-ok"
+        };
+      },
+      { type: "command" }
+    );
+  };
+}
+
+// src/server/interfaces/actions/resources/admin/queries/create-admin-find-full-action.ts
+function createAdminFindFullAction(ctx) {
+  const {
+    repositories: { adminQueryRepository },
+    middlewares: { authMiddleware },
+    action: { executeAction }
+  } = ctx;
+  return async function adminFindFullAction(params) {
+    return executeAction(
+      async () => {
+        await authMiddleware.authenticate();
+        const admin = await adminQueryRepository.findFull(params);
+        if (!admin) throw ServerError.notFound();
+        return {
+          data: { admin }
+        };
+      },
+      {
+        type: "query",
+        key: ["admin", "findFullAction", params.id, params.email]
+      }
+    );
+  };
+}
+
+// src/server/interfaces/actions/resources/admin/queries/create-admin-find-list-cards-action.ts
+function createAdminFindListCardsAction(ctx) {
+  const {
+    repositories: { adminQueryRepository },
+    middlewares: { authMiddleware },
+    action: { executeAction }
+  } = ctx;
+  return async function adminFindFullAction(params) {
+    return executeAction(
+      async ({ locale }) => {
+        const { role } = await authMiddleware.authenticate();
+        const { items, total } = await adminQueryRepository.findListCards({
+          ...params,
+          locale,
+          role
+        });
+        return {
+          data: { items, total }
+        };
+      },
+      {
+        type: "query",
+        key: [
+          "admin",
+          "findListCardsAction",
+          params.searchString,
+          ...params.adminIds ?? [],
+          params.page,
+          params.pageSize
+        ]
+      }
+    );
+  };
+}
+
+// src/server/interfaces/actions/resources/admin-refresh-token/commands/delete/create-admin-refresh-token-delete-action.ts
+function createAdminRefreshTokenDeleteAction(ctx) {
+  const {
+    repositories: {
+      adminRefreshTokenQueryRepository,
+      adminRefreshTokenCommandRepository
+    },
+    middlewares: { authMiddleware },
+    action: { executeAction }
+  } = ctx;
+  return async function adminRefreshTokenDeleteAction(tokenHash) {
+    return executeAction(
+      async () => {
+        const currentAdmin = await authMiddleware.authenticate();
+        const targetAdminRefreshToken = await adminRefreshTokenQueryRepository.findByToken({
+          tokenHash
+        });
+        if (!targetAdminRefreshToken) throw ServerError.notFound();
+        const isSelf = currentAdmin.id === targetAdminRefreshToken.adminId;
+        const canModifyOthers = currentAdmin.role === ADMIN_ROLES.SUPER_ADMIN;
+        if (!isSelf && !canModifyOthers) throw ServerError.forbidden();
+        await adminRefreshTokenCommandRepository.delete({
+          id: targetAdminRefreshToken.id
+        });
+        return {
+          i18nKey: "ok.destroy-ok"
+        };
+      },
+      { type: "command" }
+    );
+  };
+}
+
+// src/server/interfaces/actions/resources/admin-refresh-token/queries/create-admin-refresh-token-find-full-action.ts
+function createAdminRefreshTokenFindManyAction(ctx) {
+  const {
+    services: { cryptoService, cookieService },
+    repositories: { adminRefreshTokenQueryRepository },
+    middlewares: { authMiddleware },
+    action: { executeAction },
+    config: { refreshTokenName }
+  } = ctx;
+  return async function adminRefreshTokenFindManyAction({
+    adminId
+  }) {
+    return executeAction(
+      async () => {
+        await authMiddleware.authenticate();
+        const token = await cookieService.getSignedCookie({
+          name: refreshTokenName
+        });
+        const currentToken = await adminRefreshTokenQueryRepository.findByToken(
+          { tokenHash: cryptoService.hash(token) }
+        );
+        if (!currentToken) throw ServerError.notFound();
+        const adminRefreshTokens = await adminRefreshTokenQueryRepository.findManyByAdminId({
+          adminId
+        });
+        return {
+          data: {
+            adminRefreshTokens,
+            currentToken
+          }
+        };
+      },
+      {
+        type: "query",
+        key: ["admin-refresh-token", "findManyAction", adminId]
+      }
+    );
+  };
+}
+
+// src/server/interfaces/actions/resources/file/commands/create/file-create-validator.ts
+var fileCreateValidator = (schemas) => schemas.z.object({
+  key: schemas.key(),
+  checksum: schemas.sha256Hash(),
+  // file meta
+  fileMeta: schemas.z.object({
+    type: schemas.text(),
+    size: schemas.positiveNumber(),
+    name: schemas.text()
+  }),
+  // media info
+  width: schemas.positiveNumber().nullable().optional(),
+  height: schemas.positiveNumber().nullable().optional(),
+  duration: schemas.positiveNumber().nullable().optional(),
+  // ----------------------------------------------------------------------------
+  // relations
+  // ----------------------------------------------------------------------------
+  folder: schemas.z.object({
+    id: schemas.id().exist({ table: "folders", column: "id" })
+  }).nullable().optional(),
+  // Use in [file] pages
+  folderKey: schemas.key().exist({ table: "folders", column: "key" }).optional(),
+  // Use in Simple Upload
+  // ----------------------------------------------------------------------------
+  // translation
+  // ----------------------------------------------------------------------------
+  translations: schemas.array(
+    schemas.z.object({
+      // core
+      locale: schemas.locale(),
+      // text
+      name: schemas.text().nullable(),
+      alt: schemas.text().nullable()
+    })
+  )
+});
+
+// src/server/interfaces/actions/resources/file/commands/create/create-file-create-action.ts
+function createFileCreateAction(ctx) {
+  const {
+    repositories: { folderQueryRepository, fileCommandRepository },
+    middlewares: { authMiddleware },
+    action: { executeAction },
+    schemas: { schemas }
+  } = ctx;
+  return async function fileCreateAction({
+    formData
+  }) {
+    return executeAction(
+      async () => {
+        await authMiddleware.authenticate();
+        const {
+          key,
+          checksum,
+          fileMeta,
+          width,
+          height,
+          duration,
+          folder,
+          folderKey,
+          translations
+        } = await fileCreateValidator(schemas).parseAsync(formData);
+        let finalFolder = folder;
+        if (folderKey && !folder) {
+          finalFolder = await folderQueryRepository.findFull({
+            key: folderKey
+          });
+        }
+        const createdFile = await fileCommandRepository.create({
+          key,
+          checksum,
+          fileMeta,
+          ...width ? { width } : {},
+          ...height ? { height } : {},
+          ...duration ? { duration } : {},
+          ...finalFolder ? { folder: finalFolder } : {},
+          translations
+        });
+        return {
+          i18nKey: "ok.store-ok",
+          data: { file: createdFile }
+        };
+      },
+      { type: "command" }
+    );
+  };
+}
+
+// src/server/interfaces/actions/resources/file/commands/update/file-update-validator.ts
+var fileUpdateValidator = (schemas) => schemas.z.object({
+  // core
+  key: schemas.key().optional(),
+  checksum: schemas.sha256Hash().optional(),
+  // file meta
+  fileMeta: schemas.z.object({
+    type: schemas.text(),
+    size: schemas.positiveNumber(),
+    name: schemas.text()
+  }),
+  // media info
+  width: schemas.positiveNumber().nullable(),
+  height: schemas.positiveNumber().nullable(),
+  duration: schemas.positiveNumber().nullable(),
+  // ----------------------------------------------------------------------------
+  // relations
+  // ----------------------------------------------------------------------------
+  folder: schemas.z.object({
+    id: schemas.id().exist({ table: "folders", column: "id" })
+  }).nullable().optional(),
+  // ----------------------------------------------------------------------------
+  // translation
+  // ----------------------------------------------------------------------------
+  translations: schemas.array(
+    schemas.z.object({
+      // core
+      locale: schemas.locale(),
+      // text
+      name: schemas.text().nullable(),
+      alt: schemas.text().nullable()
+    })
+  )
+});
+function createFileUpdateAction(ctx) {
+  const {
+    services: { storageService },
+    repositories: { fileQueryRepository, fileCommandRepository },
+    middlewares: { authMiddleware },
+    action: { executeAction },
+    schemas: { schemas }
+  } = ctx;
+  return async function fileUpdateAction({
+    id,
+    formData
+  }) {
+    return executeAction(
+      async () => {
+        await authMiddleware.authenticate();
+        const { checksum, width, height, duration, translations } = await fileUpdateValidator(schemas).parseAsync(formData);
+        const { folder, fileMeta, key: uploadedKey } = formData;
+        const foundFile = await fileQueryRepository.findFull({ id });
+        if (!foundFile) throw ServerError.notFound();
+        const oldKey = foundFile.key;
+        let newKey = oldKey;
+        const folderChanged = folder?.key !== foundFile.folder?.key;
+        if (uploadedKey) {
+          newKey = uploadedKey;
+        } else if (folderChanged) {
+          const folderKey = folder?.key ?? "";
+          newKey = path2.join(folderKey, path2.basename(oldKey));
+          await storageService.move({ fromKey: oldKey, toKey: newKey });
+        }
+        const updatedFile = await fileCommandRepository.update({
+          file: foundFile,
+          id,
+          key: newKey,
+          checksum: checksum ?? foundFile.checksum,
+          fileMeta,
+          width,
+          height,
+          duration,
+          folder,
+          translations
+        });
+        if (uploadedKey) {
+          await storageService.remove({ key: oldKey });
+        }
+        return {
+          i18nKey: "ok.update-ok",
+          data: { file: updatedFile }
+        };
+      },
+      { type: "command" }
+    );
+  };
+}
+
+// src/server/interfaces/actions/resources/file/commands/create-many/file-create-many-validator.ts
+var fileCreateManyValidator = (schemas) => schemas.z.object({
+  uploadResults: schemas.array(
+    schemas.z.object({
+      // core
+      key: schemas.key(),
+      checksum: schemas.sha256Hash(),
+      // file meta
+      fileMeta: schemas.z.object({
+        type: schemas.text(),
+        size: schemas.positiveNumber(),
+        name: schemas.text()
+      }),
+      // media info
+      width: schemas.positiveNumber().nullable(),
+      height: schemas.positiveNumber().nullable(),
+      duration: schemas.positiveNumber().nullable(),
+      // ----------------------------------------------------------------------------
+      // translation
+      // ----------------------------------------------------------------------------
+      translations: schemas.array(
+        schemas.z.object({
+          // core
+          locale: schemas.locale(),
+          // text
+          name: schemas.text().nullable(),
+          alt: schemas.text().nullable()
+        })
+      )
+    })
+  ),
+  // ----------------------------------------------------------------------------
+  // relations
+  // ----------------------------------------------------------------------------
+  folder: schemas.z.object({ id: schemas.id().exist({ table: "folders", column: "id" }) }).nullable().optional()
+});
+
+// node_modules/yocto-queue/index.js
+var Node = class {
+  value;
+  next;
+  constructor(value) {
+    this.value = value;
+  }
+};
+var Queue = class {
+  #head;
+  #tail;
+  #size;
+  constructor() {
+    this.clear();
+  }
+  enqueue(value) {
+    const node = new Node(value);
+    if (this.#head) {
+      this.#tail.next = node;
+      this.#tail = node;
+    } else {
+      this.#head = node;
+      this.#tail = node;
+    }
+    this.#size++;
+  }
+  dequeue() {
+    const current = this.#head;
+    if (!current) {
+      return;
+    }
+    this.#head = this.#head.next;
+    this.#size--;
+    if (!this.#head) {
+      this.#tail = void 0;
+    }
+    return current.value;
+  }
+  peek() {
+    if (!this.#head) {
+      return;
+    }
+    return this.#head.value;
+  }
+  clear() {
+    this.#head = void 0;
+    this.#tail = void 0;
+    this.#size = 0;
+  }
+  get size() {
+    return this.#size;
+  }
+  *[Symbol.iterator]() {
+    let current = this.#head;
+    while (current) {
+      yield current.value;
+      current = current.next;
+    }
+  }
+  *drain() {
+    while (this.#head) {
+      yield this.dequeue();
+    }
+  }
+};
+
+// node_modules/p-limit/index.js
+function pLimit(concurrency) {
+  validateConcurrency(concurrency);
+  const queue = new Queue();
+  let activeCount = 0;
+  const resumeNext = () => {
+    if (activeCount < concurrency && queue.size > 0) {
+      activeCount++;
+      queue.dequeue()();
+    }
+  };
+  const next = () => {
+    activeCount--;
+    resumeNext();
+  };
+  const run = async (function_, resolve, arguments_) => {
+    const result2 = (async () => function_(...arguments_))();
+    resolve(result2);
+    try {
+      await result2;
+    } catch {
+    }
+    next();
+  };
+  const enqueue = (function_, resolve, arguments_) => {
+    new Promise((internalResolve) => {
+      queue.enqueue(internalResolve);
+    }).then(run.bind(void 0, function_, resolve, arguments_));
+    if (activeCount < concurrency) {
+      resumeNext();
+    }
+  };
+  const generator = (function_, ...arguments_) => new Promise((resolve) => {
+    enqueue(function_, resolve, arguments_);
+  });
+  Object.defineProperties(generator, {
+    activeCount: {
+      get: () => activeCount
+    },
+    pendingCount: {
+      get: () => queue.size
+    },
+    clearQueue: {
+      value() {
+        queue.clear();
+      }
+    },
+    concurrency: {
+      get: () => concurrency,
+      set(newConcurrency) {
+        validateConcurrency(newConcurrency);
+        concurrency = newConcurrency;
+        queueMicrotask(() => {
+          while (activeCount < concurrency && queue.size > 0) {
+            resumeNext();
+          }
+        });
+      }
+    },
+    map: {
+      async value(iterable, function_) {
+        const promises = Array.from(iterable, (value, index) => this(function_, value, index));
+        return Promise.all(promises);
+      }
+    }
+  });
+  return generator;
+}
+function validateConcurrency(concurrency) {
+  if (!((Number.isInteger(concurrency) || concurrency === Number.POSITIVE_INFINITY) && concurrency > 0)) {
+    throw new TypeError("Expected `concurrency` to be a number from 1 and up");
+  }
+}
+
+// src/server/interfaces/actions/resources/file/commands/create-many/create-file-create-many-action.ts
+function createFileCreateManyAction(ctx) {
+  const {
+    repositories: { fileCommandRepository },
+    middlewares: { authMiddleware },
+    action: { executeAction },
+    schemas: { schemas }
+  } = ctx;
+  return async function fileCreateManyAction({
+    formData
+  }) {
+    return executeAction(
+      async () => {
+        await authMiddleware.authenticate();
+        const { uploadResults, folder } = await fileCreateManyValidator(schemas).parseAsync(formData);
+        const limit = pLimit(5);
+        await Promise.all(
+          uploadResults.map(
+            (file) => limit(async () => {
+              await fileCommandRepository.create({
+                key: file.key,
+                fileMeta: file.fileMeta,
+                checksum: file.checksum,
+                width: file.width,
+                height: file.height,
+                duration: file.duration,
+                ...folder !== void 0 ? { folder } : {},
+                translations: file.translations
+              });
+            })
+          )
+        );
+        return {
+          i18nKey: "ok.store-ok",
+          data: { count: uploadResults.length }
+        };
+      },
+      { type: "command" }
+    );
+  };
+}
+
+// src/server/interfaces/actions/resources/file/commands/purge-many/file-purge-many-validator.ts
+var filePurgeManyValidator = (schemas) => schemas.z.object({
+  ids: schemas.array(schemas.id().exist({ table: "files", column: "id" }))
+});
+
+// src/server/interfaces/actions/resources/file/commands/purge-many/create-file-purge-many-action.ts
+function createFilePurgeManyAction(ctx) {
+  const {
+    services: { storageService },
+    repositories: { fileQueryRepository, fileCommandRepository },
+    middlewares: { authMiddleware },
+    action: { executeAction },
+    schemas: { schemas }
+  } = ctx;
+  return async function filePurgeManyAction({
+    formData
+  }) {
+    return executeAction(
+      async () => {
+        await authMiddleware.authenticate();
+        const { ids: ids2 } = await filePurgeManyValidator(schemas).parseAsync(formData);
+        const foundFiles = await fileQueryRepository.findManyByIds({ ids: ids2 });
+        if (foundFiles.length === 0) throw ServerError.notFound();
+        if (foundFiles.some((file) => isFileLocked(file))) {
+          throw new ServerError({ i18nKey: "error.files-destroy-is-locked" });
+        }
+        const keys = foundFiles.map((file) => file.key);
+        await Promise.all(
+          keys.map(async (key) => await storageService.remove({ key }))
+        );
+        await Promise.all(
+          foundFiles.map(
+            async (file) => await fileCommandRepository.delete({ id: file.id })
+          )
+        );
+        return {
+          i18nKey: "ok.destroy-ok"
+        };
+      },
+      { type: "command" }
+    );
+  };
+}
+
+// src/server/interfaces/actions/resources/file/commands/restore-many/file-create-restore-validator.ts
+var fileRestoreManyValidator = (schemas) => schemas.z.object({
+  ids: schemas.array(schemas.id().exist({ table: "files", column: "id" }))
+});
+
+// src/server/interfaces/actions/resources/file/commands/restore-many/create-file-restore-many-action.ts
+function createFileRestoreManyAction(ctx) {
+  const {
+    repositories: { fileCommandRepository },
+    middlewares: { authMiddleware },
+    action: { executeAction },
+    schemas: { schemas }
+  } = ctx;
+  return async function fileRestoreManyAction({
+    formData
+  }) {
+    return executeAction(
+      async () => {
+        await authMiddleware.authenticate();
+        const { ids: ids2 } = await fileRestoreManyValidator(schemas).parseAsync(formData);
+        await fileCommandRepository.restoreMany({ ids: ids2 });
+        return {
+          i18nKey: "ok.restore-ok"
+        };
+      },
+      { type: "command" }
+    );
+  };
+}
+
+// src/server/interfaces/actions/resources/file/commands/soft-delete/create-file-soft-delete-action.ts
+function createFileSoftDeleteAction(ctx) {
+  const {
+    repositories: { fileQueryRepository, fileCommandRepository },
+    middlewares: { authMiddleware },
+    action: { executeAction }
+  } = ctx;
+  return async function fileSoftDeleteAction({ id }) {
+    return executeAction(
+      async () => {
+        await authMiddleware.authenticate();
+        const foundFile = await fileQueryRepository.findFull({ id });
+        if (!foundFile) throw ServerError.notFound();
+        if (isFileLocked(foundFile)) {
+          throw new ServerError({ i18nKey: "error.files-destroy-is-locked" });
+        }
+        await fileCommandRepository.softDelete({ id });
+        return {
+          i18nKey: "ok.destroy-ok"
+        };
+      },
+      { type: "command" }
+    );
+  };
+}
+
+// src/server/interfaces/actions/resources/file/commands/soft-delete-many/file-soft-delete-many-validator.ts
+var fileSoftDeleteManyValidator = (schemas) => schemas.z.object({
+  ids: schemas.array(schemas.id().exist({ table: "files", column: "id" }))
+});
+
+// src/server/interfaces/actions/resources/file/commands/soft-delete-many/create-file-soft-delete-many-action.ts
+function createFileSoftDeleteManyAction(ctx) {
+  const {
+    repositories: { fileQueryRepository, fileCommandRepository },
+    middlewares: { authMiddleware },
+    action: { executeAction },
+    schemas: { schemas }
+  } = ctx;
+  return async function fileSoftDeleteManyAction({
+    formData
+  }) {
+    return executeAction(
+      async () => {
+        await authMiddleware.authenticate();
+        const { ids: ids2 } = await fileSoftDeleteManyValidator(schemas).parseAsync(formData);
+        const foundFiles = await fileQueryRepository.findManyByIds({ ids: ids2 });
+        if (foundFiles.length === 0) throw ServerError.notFound();
+        const targetIds = foundFiles.filter((f) => !f.isLocked).map((f) => f.id);
+        const hasLockedFile = ids2.length !== targetIds.length;
+        const count = await fileCommandRepository.softDeleteMany({
+          ids: targetIds
+        });
+        if (count === 0) {
+          throw new ServerError({ i18nKey: "error.files-batch-destroy-no" });
+        }
+        return {
+          i18nKey: hasLockedFile ? "ok.destroy-ok" : "ok.files-batch-destroy-has-locked"
+        };
+      },
+      { type: "command" }
+    );
+  };
+}
+
+// src/server/interfaces/actions/resources/file/querires/create-file-find-full-action.ts
+function createFileFindFullAction(ctx) {
+  const {
+    repositories: { fileQueryRepository },
+    action: { executeAction }
+  } = ctx;
+  return async function FileFindFullAction(params) {
+    return executeAction(
+      async () => {
+        const file = await fileQueryRepository.findFull(params);
+        if (!file) throw ServerError.notFound();
+        return {
+          data: { file }
+        };
+      },
+      {
+        type: "query",
+        key: ["file", "findFullAction", params.id]
+      }
+    );
+  };
+}
+
+// src/server/interfaces/actions/resources/file/querires/create-file-find-list-cards-action.ts
+function createFileFindListCardsAction(ctx) {
+  const {
+    repositories: { fileQueryRepository },
+    middlewares: { authMiddleware },
+    action: { executeAction }
+  } = ctx;
+  return async function fileFindFullAction(params) {
+    return executeAction(
+      async ({ locale }) => {
+        await authMiddleware.authenticate();
+        const { items, total } = await fileQueryRepository.findListCards({
+          ...params,
+          locale
+        });
+        return {
+          data: { items, total }
+        };
+      },
+      {
+        type: "query",
+        key: [
+          "file",
+          "findListCardsAction",
+          params.searchString,
+          params.type,
+          params.isDeleted,
+          params.isLocked,
+          params.folderId,
+          ...params.fileIds ?? [],
+          params.page,
+          params.pageSize
+        ]
+      }
+    );
+  };
+}
+
+// src/server/interfaces/actions/resources/folder/commands/create/folder-create-validator.ts
+var folderCreateValidator = (schemas) => schemas.z.object({
+  // core
+  key: schemas.key().unique({ table: "folders", column: "key" }),
+  name: schemas.pathSegment(),
+  // ----------------------------------------------------------------------------
+  // relations
+  // ----------------------------------------------------------------------------
+  // Folder
+  parentFolder: schemas.z.object({ id: schemas.id().exist({ table: "folders", column: "id" }) }).nullable()
+});
+function createFolderCreateAction(ctx) {
+  const {
+    repositories: { folderCommandRepository },
+    middlewares: { authMiddleware },
+    action: { executeAction },
+    schemas: { schemas }
+  } = ctx;
+  return async function folderCreateAction({
+    formData
+  }) {
+    return executeAction(
+      async () => {
+        await authMiddleware.authenticate();
+        const combinedKey = path2.join(
+          formData.parentFolder?.key ?? "",
+          formData.name
+        );
+        const { name } = await folderCreateValidator(schemas).parseAsync({
+          ...formData,
+          key: combinedKey
+        });
+        const createdFolder = await folderCommandRepository.create({
+          key: combinedKey,
+          name,
+          parentFolder: formData.parentFolder
+        });
+        return {
+          i18nKey: "ok.store-ok",
+          data: { folder: createdFolder }
+        };
+      },
+      { type: "command" }
+    );
+  };
+}
+
+// src/server/interfaces/actions/resources/folder/commands/update/folder-update-validator.ts
+var folderUpdateValidator = (schemas, id) => schemas.z.object({
+  // core
+  key: schemas.key().unique({
+    table: "folders",
+    column: "key",
+    excludeSelf: { name: "id", value: id }
+  }),
+  name: schemas.pathSegment(),
+  // ----------------------------------------------------------------------------
+  // relations
+  // ----------------------------------------------------------------------------
+  // Folder
+  parentFolder: schemas.z.object({ id: schemas.id().exist({ table: "folders", column: "id" }) }).nullable()
+});
+function createFolderUpdateAction(ctx) {
+  const {
+    repositories: { folderCommandRepository },
+    middlewares: { authMiddleware },
+    action: { executeAction },
+    schemas: { schemas }
+  } = ctx;
+  return async function folderUpdateAction({
+    id,
+    formData
+  }) {
+    return executeAction(
+      async () => {
+        await authMiddleware.authenticate();
+        const combinedKey = path2.join(
+          formData.parentFolder?.key ?? "",
+          formData.name
+        );
+        const { name } = await folderUpdateValidator(schemas, id).parseAsync({
+          ...formData,
+          key: combinedKey
+        });
+        const updateddFolder = await folderCommandRepository.update({
+          id,
+          key: combinedKey,
+          name,
+          parentFolder: formData.parentFolder
+        });
+        return {
+          i18nKey: "ok.update-ok",
+          data: { folder: updateddFolder }
+        };
+      },
+      { type: "command" }
+    );
+  };
+}
+
+// src/server/interfaces/actions/resources/folder/commands/delete/create-folder-delete-action.ts
+function createFolderDeleteAction(ctx) {
+  const {
+    repositories: { folderQueryRepository, folderCommandRepository },
+    middlewares: { authMiddleware },
+    action: { executeAction }
+  } = ctx;
+  return async function folderDeleteAction({ id }) {
+    return executeAction(
+      async () => {
+        await authMiddleware.authenticate();
+        const foundFolder = await folderQueryRepository.findFull({ id });
+        if (!foundFolder) throw ServerError.notFound();
+        if (isFolderLocked(foundFolder)) {
+          throw ServerError.forbidden();
+        }
+        await folderCommandRepository.delete({ id });
+        return {
+          i18nKey: "ok.destroy-ok"
+        };
+      },
+      { type: "command" }
+    );
+  };
+}
+
+// src/server/interfaces/actions/resources/folder/queries/create-folder-find-full-action.ts
+function createFolderFindFullAction(ctx) {
+  const {
+    repositories: { folderQueryRepository, fileQueryRepository },
+    middlewares: { authMiddleware },
+    action: { executeAction }
+  } = ctx;
+  return async function folderFindFullAction(params) {
+    return executeAction(
+      async (translator) => {
+        await authMiddleware.authenticate();
+        const resolvedKey = params.key || ROOT_FOLDER_ID;
+        const identity = "id" in params ? params.id : resolvedKey;
+        const isAtRoot = identity === ROOT_FOLDER_ID;
+        let folder = ROOT_FOLDER;
+        if (isAtRoot) {
+          const { items: subFolders } = await folderQueryRepository.findListCards({
+            parentFolderId: ROOT_FOLDER_ID
+          });
+          folder.subFolders = subFolders;
+          const { items: files } = await fileQueryRepository.findListCards({
+            locale: translator.locale,
+            folderId: ROOT_FOLDER_ID
+          });
+          folder.files = files;
+        } else {
+          const found = await folderQueryRepository.findFull(params);
+          if (!found) throw ServerError.notFound();
+          folder = found;
+        }
+        return { data: { folder } };
+      },
+      {
+        type: "query",
+        key: ["file", "findFullAction", params.id, params.key]
+      }
+    );
+  };
+}
+
+// src/server/interfaces/actions/resources/folder/queries/create-folder-find-list-cards-action.ts
+function createFolderFindListCardsAction(ctx) {
+  const {
+    repositories: { folderQueryRepository },
+    middlewares: { authMiddleware },
+    action: { executeAction }
+  } = ctx;
+  return async function folderFindFullAction(params) {
+    return executeAction(
+      async () => {
+        await authMiddleware.authenticate();
+        const { items, total } = await folderQueryRepository.findListCards(params);
+        return {
+          data: { items, total }
+        };
+      },
+      {
+        type: "query",
+        key: [
+          "folder",
+          "findListCardsAction",
+          params.searchString,
+          params.parentFolderId,
+          ...params.folderIds ?? [],
+          params.page,
+          params.pageSize
+        ]
+      }
+    );
+  };
+}
+
+// src/server/interfaces/actions/resources/post/commands/create/post-create-validator.ts
+var postCreateValidator = ({
+  type,
+  topicId,
+  schemas,
+  tocItemSchema
+}) => schemas.z.object({
+  type: schemas.z.enum(POST_TYPES),
+  // ----------------------------------------------------------------------------
+  // states
+  // ----------------------------------------------------------------------------
+  isLocked: schemas.z.boolean(),
+  isActive: schemas.z.boolean(),
+  isIndexActive: schemas.z.boolean(),
+  index: schemas.positiveNumber().nullable(),
+  isSlugActive: schemas.z.boolean(),
+  slug: schemas.slug().unique({
+    table: "posts",
+    column: "slug",
+    scope: [
+      { name: "type", value: type, cast: "PostType" },
+      ...topicId ? [{ name: "topic_id", value: topicId }] : []
+      // Use for: [post], [post:category]
+    ]
+  }).nullable(),
+  isFeatured: schemas.z.boolean(),
+  isShownOnHome: schemas.z.boolean(),
+  // ----------------------------------------------------------------------------
+  // relations
+  // ----------------------------------------------------------------------------
+  // Admin
+  author: schemas.singleItem({ table: "admins", column: "id" }).nullable(),
+  // Picked by modal
+  // Post
+  topicId: schemas.id().exist({ table: "posts", column: "id" }).nullable(),
+  parents: schemas.multiItems({ table: "posts", column: "id" }),
+  // Picked by modal
+  tags: schemas.multiItems({ table: "posts", column: "id" }),
+  // Picked by modal
+  relatedPosts: schemas.multiItems({ table: "posts", column: "id" }),
+  // Picked by modal
+  // File
+  coverImage: schemas.singleItem({ table: "files", column: "id" }),
+  // Picked by modal
+  contentImageIds: schemas.array(
+    schemas.id().exist({ table: "files", column: "id" })
+  ),
+  // -----------------------------------------------------------------------
+  // --- custom fields
+  // -----------------------------------------------------------------------
+  // states
+  state1: schemas.z.boolean(),
+  state2: schemas.z.boolean(),
+  state3: schemas.z.boolean(),
+  state4: schemas.z.boolean(),
+  state5: schemas.z.boolean(),
+  state6: schemas.z.boolean(),
+  state7: schemas.z.boolean(),
+  state8: schemas.z.boolean(),
+  state9: schemas.z.boolean(),
+  state10: schemas.z.boolean(),
+  // multi images
+  images1: schemas.multiItems({ table: "files", column: "id" }),
+  images2: schemas.multiItems({ table: "files", column: "id" }),
+  // single images
+  image1: schemas.singleItem({ table: "files", column: "id" }),
+  image2: schemas.singleItem({ table: "files", column: "id" }),
+  image3: schemas.singleItem({ table: "files", column: "id" }),
+  image4: schemas.singleItem({ table: "files", column: "id" }),
+  // text
+  text1: schemas.text().nullable(),
+  text2: schemas.text().nullable(),
+  text3: schemas.text().nullable(),
+  text4: schemas.text().nullable(),
+  text5: schemas.text().nullable(),
+  text6: schemas.text().nullable(),
+  text7: schemas.text().nullable(),
+  text8: schemas.text().nullable(),
+  text9: schemas.text().nullable(),
+  text10: schemas.text().nullable(),
+  // json array
+  data1: schemas.array(schemas.z.any()),
+  data2: schemas.array(schemas.z.any()),
+  data3: schemas.array(schemas.z.any()),
+  data4: schemas.array(schemas.z.any()),
+  // ----------------------------------------------------------------------------
+  // translation
+  // ----------------------------------------------------------------------------
+  translations: schemas.array(
+    schemas.z.object({
+      locale: schemas.locale(),
+      // text
+      title: schemas.text().nullable(),
+      subtitle: schemas.text().nullable(),
+      summary: schemas.text().nullable(),
+      description: schemas.text().nullable(),
+      content: schemas.text().nullable(),
+      // better seo
+      externalLinks: schemas.array(
+        schemas.z.object({
+          name: schemas.text(),
+          href: schemas.text()
+        })
+      ),
+      faq: schemas.array(
+        schemas.z.object({
+          question: schemas.text(),
+          answer: schemas.text()
+        })
+      ),
+      toc: schemas.array(tocItemSchema),
+      // extra
+      readTime: schemas.positiveNumber().nullable(),
+      wordCount: schemas.positiveNumber(),
+      // -------------------------------------------
+      // --- custom fields
+      // -------------------------------------------
+      // text
+      text1: schemas.text().nullable(),
+      text2: schemas.text().nullable(),
+      text3: schemas.text().nullable(),
+      text4: schemas.text().nullable(),
+      text5: schemas.text().nullable(),
+      text6: schemas.text().nullable(),
+      text7: schemas.text().nullable(),
+      text8: schemas.text().nullable(),
+      text9: schemas.text().nullable(),
+      text10: schemas.text().nullable(),
+      // json array
+      data1: schemas.array(schemas.z.any()),
+      data2: schemas.array(schemas.z.any()),
+      data3: schemas.array(schemas.z.any()),
+      data4: schemas.array(schemas.z.any())
+    })
+  )
+}).transform((obj) => ({
+  ...obj,
+  // states
+  index: obj.isIndexActive ? obj.index : null,
+  slug: obj.isSlugActive ? obj.slug : null,
+  // translation
+  translations: obj.translations.map((t) => ({
+    ...t,
+    readTime: t.readTime !== 0 ? t.readTime : null
+  }))
+}));
+
+// src/server/interfaces/actions/resources/post/commands/create/create-post-create-action.ts
+function createPostCreateAction(ctx) {
+  const {
+    repositories: { postCommandRepository },
+    middlewares: { authMiddleware },
+    action: { executeAction },
+    schemas: { schemas, tocItemSchema }
+  } = ctx;
+  return async function postCreateAction({
+    formData
+  }) {
+    return executeAction(
+      async () => {
+        await authMiddleware.authenticate();
+        const validatedPayload = await postCreateValidator({
+          schemas,
+          tocItemSchema,
+          type: formData.type,
+          topicId: formData.topicId
+        }).parseAsync(formData);
+        const created = await postCommandRepository.create(validatedPayload);
+        return {
+          i18nKey: "ok.store-ok",
+          data: { post: created }
+        };
+      },
+      { type: "command" }
+    );
+  };
+}
+
+// src/server/interfaces/actions/resources/post/commands/update/post-update-validator.ts
+var postUpdateValidator = ({
+  id,
+  type,
+  topicId,
+  schemas,
+  tocItemSchema
+}) => schemas.z.object({
+  type: schemas.z.enum(POST_TYPES),
+  // depth: schemas.z.number().nullable(),
+  // ----------------------------------------------------------------------------
+  // states
+  // ----------------------------------------------------------------------------
+  isLocked: schemas.z.boolean(),
+  isActive: schemas.z.boolean(),
+  isIndexActive: schemas.z.boolean(),
+  index: schemas.positiveNumber().nullable(),
+  isSlugActive: schemas.z.boolean(),
+  slug: schemas.slug().unique({
+    table: "posts",
+    column: "slug",
+    scope: [
+      { name: "type", value: type, cast: "PostType" },
+      ...topicId ? [{ name: "topic_id", value: topicId }] : []
+      // Use for: [post], [post:category]
+    ],
+    excludeSelf: { name: "id", value: id }
+  }).nullable(),
+  isFeatured: schemas.z.boolean(),
+  isShownOnHome: schemas.z.boolean(),
+  // ----------------------------------------------------------------------------
+  // relations
+  // ----------------------------------------------------------------------------
+  // Admin
+  author: schemas.singleItem({ table: "admins", column: "id" }),
+  // Picked by modal
+  // Post
+  topicId: schemas.id().exist({ table: "posts", column: "id" }).nullable(),
+  parents: schemas.multiItems({ table: "posts", column: "id" }),
+  // Picked by modal
+  tags: schemas.multiItems({ table: "posts", column: "id" }),
+  // Picked by modal
+  relatedPosts: schemas.multiItems({ table: "posts", column: "id" }),
+  // Picked by modal
+  // File
+  coverImage: schemas.singleItem({ table: "files", column: "id" }),
+  // Picked by modal
+  contentImageIds: schemas.array(
+    schemas.id().exist({ table: "files", column: "id" })
+  ),
+  // -----------------------------------------------------------------------
+  // --- custom fields
+  // -----------------------------------------------------------------------
+  // states
+  state1: schemas.z.boolean(),
+  state2: schemas.z.boolean(),
+  state3: schemas.z.boolean(),
+  state4: schemas.z.boolean(),
+  state5: schemas.z.boolean(),
+  state6: schemas.z.boolean(),
+  state7: schemas.z.boolean(),
+  state8: schemas.z.boolean(),
+  state9: schemas.z.boolean(),
+  state10: schemas.z.boolean(),
+  // multi images
+  images1: schemas.multiItems({ table: "files", column: "id" }),
+  images2: schemas.multiItems({ table: "files", column: "id" }),
+  // single images
+  image1: schemas.singleItem({ table: "files", column: "id" }),
+  image2: schemas.singleItem({ table: "files", column: "id" }),
+  image3: schemas.singleItem({ table: "files", column: "id" }),
+  image4: schemas.singleItem({ table: "files", column: "id" }),
+  // text
+  text1: schemas.text().nullable(),
+  text2: schemas.text().nullable(),
+  text3: schemas.text().nullable(),
+  text4: schemas.text().nullable(),
+  text5: schemas.text().nullable(),
+  text6: schemas.text().nullable(),
+  text7: schemas.text().nullable(),
+  text8: schemas.text().nullable(),
+  text9: schemas.text().nullable(),
+  text10: schemas.text().nullable(),
+  // json array
+  data1: schemas.array(schemas.z.any()),
+  data2: schemas.array(schemas.z.any()),
+  data3: schemas.array(schemas.z.any()),
+  data4: schemas.array(schemas.z.any()),
+  // ----------------------------------------------------------------------------
+  // translation
+  // ----------------------------------------------------------------------------
+  translations: schemas.array(
+    schemas.z.object({
+      locale: schemas.locale(),
+      // text
+      title: schemas.text().nullable(),
+      subtitle: schemas.text().nullable(),
+      summary: schemas.text().nullable(),
+      description: schemas.text().nullable(),
+      content: schemas.text().nullable(),
+      // better seo
+      externalLinks: schemas.array(
+        schemas.z.object({
+          name: schemas.text(),
+          href: schemas.text()
+        })
+      ),
+      faq: schemas.array(
+        schemas.z.object({
+          question: schemas.text(),
+          answer: schemas.text()
+        })
+      ),
+      toc: schemas.array(tocItemSchema),
+      // extra
+      readTime: schemas.positiveNumber().nullable(),
+      wordCount: schemas.positiveNumber(),
+      // -------------------------------------------
+      // --- custom fields
+      // -------------------------------------------
+      // text
+      text1: schemas.text().nullable(),
+      text2: schemas.text().nullable(),
+      text3: schemas.text().nullable(),
+      text4: schemas.text().nullable(),
+      text5: schemas.text().nullable(),
+      text6: schemas.text().nullable(),
+      text7: schemas.text().nullable(),
+      text8: schemas.text().nullable(),
+      text9: schemas.text().nullable(),
+      text10: schemas.text().nullable(),
+      // json array
+      data1: schemas.array(schemas.z.any()),
+      data2: schemas.array(schemas.z.any()),
+      data3: schemas.array(schemas.z.any()),
+      data4: schemas.array(schemas.z.any())
+    })
+  )
+}).transform((obj) => ({
+  ...obj,
+  // states
+  index: obj.isIndexActive ? obj.index : null,
+  slug: obj.isSlugActive ? obj.slug : null,
+  // translation
+  translations: obj.translations.map((t) => ({
+    ...t,
+    readTime: t.readTime !== 0 ? t.readTime : null
+  }))
+}));
+
+// src/server/interfaces/actions/resources/post/commands/update/create-post-update-action.ts
+function createPostUpdateAction(ctx) {
+  const {
+    repositories: { postCommandRepository },
+    middlewares: { authMiddleware },
+    action: { executeAction },
+    schemas: { schemas, tocItemSchema }
+  } = ctx;
+  return async function postUpdateAction({
+    id,
+    formData
+  }) {
+    return executeAction(
+      async () => {
+        await authMiddleware.authenticate();
+        const validatedPayload = await postUpdateValidator({
+          id,
+          type: formData.type,
+          topicId: formData.topicId,
+          schemas,
+          tocItemSchema
+        }).parseAsync(formData);
+        const updatedPost = await postCommandRepository.update({
+          id,
+          ...validatedPayload
+        });
+        return {
+          i18nKey: "ok.update-ok",
+          data: { post: updatedPost }
+        };
+      },
+      { type: "command" }
+    );
+  };
+}
+
+// src/server/interfaces/actions/resources/post/commands/delete/create-post-delete-action.ts
+function createPostDeleteAction(ctx) {
+  const {
+    repositories: { postQueryRepository, postCommandRepository },
+    middlewares: { authMiddleware },
+    action: { executeAction }
+  } = ctx;
+  return async function postDeleteAction({ id }) {
+    return executeAction(
+      async () => {
+        await authMiddleware.authenticate();
+        const post = await postQueryRepository.find({ id });
+        if (!post) throw ServerError.notFound();
+        await postCommandRepository.delete({ id: post.id });
+        return {
+          i18nKey: "ok.destroy-ok"
+        };
+      },
+      { type: "command" }
+    );
+  };
+}
+
+// src/server/interfaces/actions/resources/post/queries/create-post-find-action.ts
+function createPostFindAction(ctx) {
+  const {
+    repositories: { postQueryRepository },
+    action: { executeAction }
+  } = ctx;
+  return async function postFindAction(params) {
+    return executeAction(
+      async () => {
+        const found = await postQueryRepository.find(params);
+        if (!found) throw ServerError.notFound();
+        return {
+          data: { post: found }
+        };
+      },
+      {
+        type: "query",
+        key: [
+          "post",
+          "findAction",
+          params.id,
+          params.type,
+          params.slug,
+          params.isActive,
+          params.topicSlug
+        ]
+      }
+    );
+  };
+}
+
+// src/server/interfaces/actions/resources/post/queries/create-post-find-full-action.ts
+function createPostFindFullAction(ctx) {
+  const {
+    repositories: { postQueryRepository },
+    action: { executeAction }
+  } = ctx;
+  return async function postFindFullAction(params) {
+    return executeAction(
+      async () => {
+        const found = await postQueryRepository.findFull(params);
+        if (!found) throw ServerError.notFound();
+        return {
+          data: { post: found }
+        };
+      },
+      {
+        type: "query",
+        key: [
+          "post",
+          "findFullAction",
+          params.id,
+          params.type,
+          params.slug,
+          params.isActive,
+          params.topicSlug
+        ]
+      }
+    );
+  };
+}
+
+// src/server/interfaces/actions/resources/post/queries/create-post-find-list-cards-action.ts
+function createPostFindListCardsAction(ctx) {
+  const {
+    repositories: { postQueryRepository },
+    middlewares: { authMiddleware },
+    action: { executeAction }
+  } = ctx;
+  return async function postFindFullAction(params) {
+    return executeAction(
+      async ({ locale }) => {
+        await authMiddleware.authenticate();
+        const { items, total } = await postQueryRepository.findListCards({
+          ...params,
+          locale
+        });
+        return {
+          data: { items, total }
+        };
+      },
+      {
+        type: "query",
+        key: [
+          "post",
+          "findListCardsAction",
+          params.searchString,
+          params.type,
+          params.isActive,
+          params.isIndexActive,
+          params.isSlugActive,
+          params.isFeatured,
+          params.isShownOnHome,
+          params.state1,
+          params.state2,
+          params.state3,
+          params.state4,
+          params.state5,
+          params.state6,
+          params.state7,
+          params.state8,
+          params.state9,
+          params.state10,
+          params.topicId,
+          params.topicSlug,
+          params.categoryId,
+          params.categorySlug,
+          ...params.postIds ?? [],
+          ...params.excludeIds ?? [],
+          params.page,
+          params.pageSize
+        ]
+      }
+    );
+  };
+}
+
+// src/server/interfaces/actions/resources/post/queries/create-post-find-many-action.ts
+function createPostFindManyAction(ctx) {
+  const {
+    repositories: { postQueryRepository },
+    action: { executeAction }
+  } = ctx;
+  return async function postFindManyAction(params) {
+    return executeAction(
+      async () => {
+        const found = await postQueryRepository.findMany(params);
+        return {
+          data: { posts: found }
+        };
+      },
+      {
+        type: "query",
+        key: ["post", "findManyAction", params.type, params.topicId]
+      }
+    );
+  };
+}
+
+// src/server/applications/auth/create-auth-use-cases.ts
+function createAuthUseCases({
+  prisma,
+  adminQueryRepository,
+  adminRefreshTokenCommandRepository,
+  jwtService,
+  argon2Service,
+  cryptoService,
+  cookieService,
+  config
+}) {
+  async function verifyCredentials({
+    email,
+    password
+  }) {
+    const found = await adminQueryRepository.findWithPasswordHash({ email });
+    if (found) {
+      const isValid = await argon2Service.verify(found.passwordHash, password);
+      if (isValid) return found;
+    }
+    throw new ServerError({ i18nKey: "error.credentials-incorrect" });
+  }
+  async function updatePassword({
+    email,
+    password
+  }) {
+    const updatedAdmin = await prisma.admin.update({
+      where: { email },
+      data: { passwordHash: await argon2Service.hash(password) }
+    });
+    return updatedAdmin;
+  }
+  async function createRefreshToken({
+    admin,
+    deviceInfo,
+    ip
+  }) {
+    const token = cryptoService.generateToken();
+    const tokenHash = cryptoService.hash(token);
+    await adminRefreshTokenCommandRepository.create({
+      tokenHash,
+      ip,
+      deviceInfo,
+      expiresAt: new Date(Date.now() + config.refreshTokenTtl * 1e3),
+      adminId: admin.id,
+      email: admin.email
+    });
+    return token;
+  }
+  async function refreshTokens({
+    admin,
+    deviceInfo,
+    ip
+  }) {
+    const token = await createRefreshToken({ admin, deviceInfo, ip });
+    await cookieService.setSignedCookie({
+      name: config.refreshTokenName,
+      value: token,
+      expireSeconds: config.refreshTokenTtl
+    });
+    const accessToken = jwtService.sign({
+      payload: { id: admin.id },
+      secret: cryptoService.hash(config.accessTokenSecret),
+      expiresIn: config.accessTokenTtl
+    });
+    await cookieService.setSignedCookie({
+      name: config.accessTokenName,
+      value: accessToken,
+      expireSeconds: config.accessTokenTtl
+    });
+  }
+  function signPasswordResetToken({ admin }) {
+    const payload = { email: admin.email };
+    const passwordResetToken = jwtService.sign({
+      payload,
+      secret: config.resetPasswordSecret,
+      expiresIn: config.resetPasswordTtl
+    });
+    return passwordResetToken;
+  }
+  function verifyPasswordResetToken({ token }) {
+    const payload = jwtService.verify({
+      token,
+      secret: config.resetPasswordSecret
+    });
+    return payload;
+  }
+  function signEmailVerificationToken() {
+    const emailVerificationToken = jwtService.sign({
+      payload: {},
+      secret: config.verifyEmailSecret,
+      expiresIn: config.verifyEmailTtl
+    });
+    return emailVerificationToken;
+  }
+  async function verifyEmailAndUpdate({
+    token,
+    admin
+  }) {
+    let updatedAdmin = admin;
+    jwtService.verify({
+      token,
+      secret: config.verifyEmailSecret
+    });
+    updatedAdmin = await prisma.admin.update({
+      where: { email: admin.email },
+      data: { emailVerifiedAt: /* @__PURE__ */ new Date() }
+    });
+    return updatedAdmin;
+  }
+  return {
+    verifyCredentials,
+    updatePassword,
+    createRefreshToken,
+    refreshTokens,
+    // reset password
+    signPasswordResetToken,
+    verifyPasswordResetToken,
+    // verify email
+    signEmailVerificationToken,
+    verifyEmailAndUpdate
+  };
+}
+
+// src/server/applications/emails/create-email-verification-email.ts
+function createEmailVerificationEmail({
+  renderEmailTemplate,
+  sendEmail,
+  authUseCases,
+  webUrl
+}) {
+  async function generateHtml(replacements) {
+    return await renderEmailTemplate("auth/verify-email", replacements);
+  }
+  async function send({ translator, admin, newEmail }) {
+    const email = newEmail ?? admin.email;
+    const emailVerificationToken = authUseCases.signEmailVerificationToken();
+    const emailVerificationUrl = `${webUrl}/cms/verify-email?email=${email}&emailVerificationToken=${emailVerificationToken}`;
+    const html = await generateHtml({
+      emailVerificationUrl
+    });
+    return sendEmail({
+      to: email,
+      subject: translator.t("email.verify-email.text"),
+      html
+    });
+  }
+  return {
+    generateHtml,
+    send
+  };
+}
+
+// src/server/applications/emails/create-forgot-password-email.ts
+function createForgotPasswordEmail({
+  renderEmailTemplate,
+  sendEmail,
+  authUseCases,
+  webUrl
+}) {
+  async function generateHtml(replacements) {
+    return await renderEmailTemplate("auth/forgot-password", replacements);
+  }
+  async function send({ translator, admin }) {
+    const passwordResetToken = authUseCases.signPasswordResetToken({ admin });
+    const passwordResetUrl = `${webUrl}/cms/reset-password?passwordResetToken=${passwordResetToken}`;
+    const html = await generateHtml({ passwordResetUrl });
+    return await sendEmail({
+      to: admin.email,
+      subject: translator.t("email.forgot-password.text"),
+      html
+    });
+  }
+  return {
+    generateHtml,
+    send
+  };
+}
+
+// src/shared/form/normalizers/json-array-to-db.ts
+var jsonArrayToDb = (data) => {
+  if (typeof data !== "string" || data.trim() === "") {
+    return [];
+  }
+  try {
+    const parsed = JSON.parse(data);
+    if (Array.isArray(parsed)) return parsed;
+    if (typeof parsed === "object" && parsed !== null) {
+      return [parsed];
+    }
+    return [];
+  } catch {
+    throw new ServerError({ message: "Invalid JSON" });
+  }
+};
+
+// src/shared/form/normalizers/json-array-to-ui.ts
+var jsonArrayToUi = (data) => {
+  try {
+    return JSON.stringify(data ?? []);
+  } catch {
+    return "[]";
+  }
+};
+
+// src/shared/units.ts
+var SIZE = {
+  BYTE: 1,
+  KB: 1024,
+  MB: 1024 ** 2,
+  GB: 1024 ** 3,
+  TB: 1024 ** 4,
+  PB: 1024 ** 5
+};
+
+// src/server/infrastructure/zod/schemas/file.ts
+function createFileSchema({
+  z: z2,
+  maxSizeInMb
+}) {
+  return function fileSchema({
+    size = maxSizeInMb * SIZE.MB,
+    extensions = []
+  } = {}) {
+    return z2.instanceof(File, { error: "Invalid file" }).refine((file) => file.size <= size, {
+      error: `File is too large, max ${size / SIZE.MB}MB`
+    }).refine(
+      (file) => {
+        if (extensions.length === 0) return true;
+        return extensions.some(
+          (ext) => file.name.toLocaleLowerCase().endsWith(ext)
+        );
+      },
+      { error: `Only ${extensions.join(", ")} files are allowed` }
+    ).transform((file) => file);
+  };
+}
+function createMultiFileSchema({
+  z: z2,
+  fileSchema,
+  maxSizeInMb
+}) {
+  return function multiFilesSchema({
+    size = maxSizeInMb * SIZE.MB,
+    extensions = []
+  } = {}) {
+    return z2.array(fileSchema({ size, extensions }));
+  };
+}
+
+export { ADMIN_ORDER_BY, ADMIN_ROLES, FILE_TYPES, OG_TYPE_ARRAY, ORDER_BY, POST_ORDER_BY, POST_TYPES, ROOT_FOLDER, ROOT_FOLDER_ID, ROOT_FOLDER_NAME, SIMPLE_UPLOAD_FOLDER_KEY, SIMPLE_UPLOAD_FOLDER_NAME, SIZE, ServerError, TWITTER_CARD_ARRAY, classifyFileType, createAdminCommandRepository, createAdminCreateAction, createAdminDeleteAction, createAdminFindFullAction, createAdminFindListCardsAction, createAdminQueryRepository, createAdminRefreshTokenCommandRepository, createAdminRefreshTokenDeleteAction, createAdminRefreshTokenFindManyAction, createAdminRefreshTokenQueryRepository, createAdminUpdateAction, createArgon2Service, createAuthMiddleware, createAuthUseCases, createBuildArticleMetadata, createBuildTranslations, createBuildWebsiteMetadata, createCache, createCacheResult, createChangePasswordAction, createCookieService, createCryptoService, createEmailUnverifiedAction, createEmailVerificationEmail, createExecuteAction, createExecuteApi, createExist, createFileCommandRepository, createFileCreateAction, createFileCreateManyAction, createFileFindFullAction, createFileFindListCardsAction, createFilePurgeManyAction, createFileQueryRepository, createFileRestoreManyAction, createFileSchema, createFileSoftDeleteAction, createFileSoftDeleteManyAction, createFileUpdateAction, createFolderCommandRepository, createFolderCreateAction, createFolderDeleteAction, createFolderFindFullAction, createFolderFindListCardsAction, createFolderQueryRepository, createFolderUpdateAction, createForgotPasswordAction, createForgotPasswordEmail, createIpRateLimiter, createJwtService, createMultiFileSchema, createPostCommandRepository, createPostCreateAction, createPostDeleteAction, createPostFindAction, createPostFindFullAction, createPostFindListCardsAction, createPostFindManyAction, createPostQueryRepository, createPostUpdateAction, createRenderEmailTemplate, createResetPasswordAction, createSchemas, createSendEmail, createSeoMetadataCommandRepository, createSignInAction, createSignOutAction, createTocItemSchema, createTransporter, createUnique, createVerifyAccessToken, createVerifyAction, createVerifyEmailAction, createVerifyRefreshToken, createZod, datetimeToDb, datetimeToUi, findTranslation, formatFileSize, getMediaInfo, isFileLocked, isFolderLocked, jsonArrayToDb, jsonArrayToUi, mimeToExtension, normalizeCacheKey, result, serializeJsonLd };