hazo_files 1.4.2 → 1.4.4

package/dist/server/index.mjs

@@ -33,6 +33,16 @@ function parseConfig(configContent) {
       rootFolderId: parsed.google_drive.root_folder_id || process.env.HAZO_GOOGLE_DRIVE_ROOT_FOLDER_ID
     };
   }
+  if (parsed.dropbox) {
+    config.dropbox = {
+      clientId: parsed.dropbox.client_id || process.env.HAZO_DROPBOX_CLIENT_ID || "",
+      clientSecret: parsed.dropbox.client_secret || process.env.HAZO_DROPBOX_CLIENT_SECRET || "",
+      redirectUri: parsed.dropbox.redirect_uri || process.env.HAZO_DROPBOX_REDIRECT_URI || "",
+      refreshToken: parsed.dropbox.refresh_token || process.env.HAZO_DROPBOX_REFRESH_TOKEN,
+      accessToken: parsed.dropbox.access_token || process.env.HAZO_DROPBOX_ACCESS_TOKEN,
+      rootPath: parsed.dropbox.root_path || process.env.HAZO_DROPBOX_ROOT_PATH
+    };
+  }
   return config;
 }
 function loadConfig(configPath) {
@@ -94,6 +104,18 @@ refresh_token =
 access_token =
 ; Optional: Root folder ID to use as base (empty = root of Drive)
 root_folder_id =
+
+[dropbox]
+; Dropbox OAuth credentials
+; These can also be set via environment variables:
+; HAZO_DROPBOX_CLIENT_ID, HAZO_DROPBOX_CLIENT_SECRET, etc.
+client_id =
+client_secret =
+redirect_uri = http://localhost:3000/api/auth/dropbox/callback
+refresh_token =
+access_token =
+; Optional: Root path to use as base (empty = root of Dropbox)
+root_path =
 `;
 }
 async function saveConfig(config, configPath) {
@@ -120,6 +142,16 @@ async function saveConfig(config, configPath) {
       root_folder_id: config.google_drive.rootFolderId || ""
     };
   }
+  if (config.dropbox) {
+    iniConfig.dropbox = {
+      client_id: config.dropbox.clientId || "",
+      client_secret: config.dropbox.clientSecret || "",
+      redirect_uri: config.dropbox.redirectUri || "",
+      refresh_token: config.dropbox.refreshToken || "",
+      access_token: config.dropbox.accessToken || "",
+      root_path: config.dropbox.rootPath || ""
+    };
+  }
   const content = ini.stringify(iniConfig);
   await fs.promises.writeFile(resolvedPath, content, "utf-8");
 }
@@ -1657,10 +1689,641 @@ function createGoogleDriveModule() {
   return new GoogleDriveModule();
 }
 
+// src/modules/dropbox/index.ts
+import { Dropbox } from "dropbox";
+
+// src/modules/dropbox/auth.ts
+var DROPBOX_AUTH_URL = "https://www.dropbox.com/oauth2/authorize";
+var DROPBOX_TOKEN_URL = "https://api.dropboxapi.com/oauth2/token";
+var DROPBOX_REVOKE_URL = "https://api.dropboxapi.com/2/auth/token/revoke";
+var DropboxAuth = class {
+  constructor(config, callbacks = {}) {
+    this.tokens = null;
+    this.config = config;
+    this.callbacks = callbacks;
+  }
+  /**
+   * Generate the authorization URL for OAuth consent
+   */
+  getAuthUrl(state) {
+    const params = new URLSearchParams({
+      client_id: this.config.clientId,
+      redirect_uri: this.config.redirectUri,
+      response_type: "code",
+      token_access_type: "offline"
+    });
+    if (state) {
+      params.set("state", state);
+    }
+    return `${DROPBOX_AUTH_URL}?${params.toString()}`;
+  }
+  /**
+   * Exchange authorization code for tokens
+   */
+  async exchangeCodeForTokens(code) {
+    const response = await fetch(DROPBOX_TOKEN_URL, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/x-www-form-urlencoded"
+      },
+      body: new URLSearchParams({
+        code,
+        grant_type: "authorization_code",
+        client_id: this.config.clientId,
+        client_secret: this.config.clientSecret,
+        redirect_uri: this.config.redirectUri
+      })
+    });
+    if (!response.ok) {
+      const errorData = await response.text();
+      throw new Error(`Failed to exchange code for tokens: ${errorData}`);
+    }
+    const data = await response.json();
+    this.tokens = {
+      accessToken: data.access_token,
+      refreshToken: data.refresh_token,
+      expiryDate: data.expires_in ? Date.now() + data.expires_in * 1e3 : void 0
+    };
+    if (this.callbacks.onTokensUpdated) {
+      await this.callbacks.onTokensUpdated(this.tokens);
+    }
+    return this.tokens;
+  }
+  /**
+   * Set tokens directly (e.g., from stored tokens)
+   */
+  async setTokens(tokens) {
+    this.tokens = tokens;
+  }
+  /**
+   * Load tokens from storage using callback
+   */
+  async loadStoredTokens() {
+    if (!this.callbacks.getStoredTokens) {
+      return false;
+    }
+    const tokens = await this.callbacks.getStoredTokens();
+    if (tokens) {
+      await this.setTokens(tokens);
+      return true;
+    }
+    return false;
+  }
+  /**
+   * Check if authenticated
+   */
+  isAuthenticated() {
+    return this.tokens !== null && !!this.tokens.accessToken;
+  }
+  /**
+   * Get current tokens
+   */
+  getTokens() {
+    return this.tokens;
+  }
+  /**
+   * Get current access token
+   */
+  getAccessToken() {
+    return this.tokens?.accessToken ?? null;
+  }
+  /**
+   * Refresh the access token
+   */
+  async refreshAccessToken() {
+    if (!this.tokens?.refreshToken) {
+      throw new Error("No refresh token available");
+    }
+    const response = await fetch(DROPBOX_TOKEN_URL, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/x-www-form-urlencoded"
+      },
+      body: new URLSearchParams({
+        grant_type: "refresh_token",
+        refresh_token: this.tokens.refreshToken,
+        client_id: this.config.clientId,
+        client_secret: this.config.clientSecret
+      })
+    });
+    if (!response.ok) {
+      const errorData = await response.text();
+      throw new Error(`Failed to refresh token: ${errorData}`);
+    }
+    const data = await response.json();
+    this.tokens = {
+      ...this.tokens,
+      accessToken: data.access_token,
+      expiryDate: data.expires_in ? Date.now() + data.expires_in * 1e3 : void 0
+    };
+    if (this.callbacks.onTokensUpdated) {
+      await this.callbacks.onTokensUpdated(this.tokens);
+    }
+    return this.tokens;
+  }
+  /**
+   * Revoke access (disconnect)
+   */
+  async revokeAccess() {
+    if (this.tokens?.accessToken) {
+      try {
+        await fetch(DROPBOX_REVOKE_URL, {
+          method: "POST",
+          headers: {
+            Authorization: `Bearer ${this.tokens.accessToken}`
+          }
+        });
+      } catch {
+      }
+    }
+    this.tokens = null;
+  }
+  /**
+   * Check if token is expired or will expire soon
+   */
+  isTokenExpired(bufferSeconds = 300) {
+    if (!this.tokens?.expiryDate) {
+      return false;
+    }
+    const now = Date.now();
+    const expiry = this.tokens.expiryDate;
+    return now >= expiry - bufferSeconds * 1e3;
+  }
+  /**
+   * Ensure valid access token (refresh if needed)
+   */
+  async ensureValidToken() {
+    if (this.isTokenExpired()) {
+      await this.refreshAccessToken();
+    }
+  }
+};
+function createDropboxAuth(config, callbacks) {
+  return new DropboxAuth(config, callbacks);
+}
+
+// src/modules/dropbox/index.ts
+var MAX_UPLOAD_SIZE = 150 * 1024 * 1024;
+var DropboxModule = class extends BaseStorageModule {
+  constructor() {
+    super(...arguments);
+    this.provider = "dropbox";
+    this.auth = null;
+    this.dbx = null;
+    this.rootPath = "";
+    this.authCallbacks = {};
+  }
+  /**
+   * Set authentication callbacks for token persistence
+   */
+  setAuthCallbacks(callbacks) {
+    this.authCallbacks = callbacks;
+  }
+  async initialize(config) {
+    await super.initialize(config);
+    const dropboxConfig = this.getProviderConfig();
+    if (!dropboxConfig.clientId || !dropboxConfig.clientSecret) {
+      throw new AuthenticationError("dropbox", "Missing client ID or client secret");
+    }
+    this.auth = createDropboxAuth(
+      {
+        clientId: dropboxConfig.clientId,
+        clientSecret: dropboxConfig.clientSecret,
+        redirectUri: dropboxConfig.redirectUri
+      },
+      this.authCallbacks
+    );
+    if (dropboxConfig.refreshToken || dropboxConfig.accessToken) {
+      await this.auth.setTokens({
+        accessToken: dropboxConfig.accessToken || "",
+        refreshToken: dropboxConfig.refreshToken || ""
+      });
+    }
+    this.rootPath = dropboxConfig.rootPath || "";
+    this.createDropboxClient();
+  }
+  /**
+   * Create/recreate the Dropbox SDK client with the current access token
+   */
+  createDropboxClient() {
+    const accessToken = this.auth?.getAccessToken();
+    if (accessToken) {
+      this.dbx = new Dropbox({ accessToken });
+    }
+  }
+  /**
+   * Get the auth instance for OAuth flow
+   */
+  getAuth() {
+    if (!this.auth) {
+      throw new AuthenticationError("dropbox", "Module not initialized");
+    }
+    return this.auth;
+  }
+  /**
+   * Check if user is authenticated
+   */
+  isAuthenticated() {
+    return this.auth?.isAuthenticated() ?? false;
+  }
+  /**
+   * Authenticate with provided tokens
+   */
+  async authenticate(tokens) {
+    if (!this.auth) {
+      throw new AuthenticationError("dropbox", "Module not initialized");
+    }
+    await this.auth.setTokens(tokens);
+    this.createDropboxClient();
+  }
+  /**
+   * Ensure authenticated before operations
+   */
+  async ensureAuthenticated() {
+    this.ensureInitialized();
+    if (!this.isAuthenticated()) {
+      throw new AuthenticationError("dropbox", "Not authenticated. Please connect your Dropbox.");
+    }
+    await this.auth.ensureValidToken();
+    this.createDropboxClient();
+  }
+  /**
+   * Convert virtual path to Dropbox path
+   * Virtual: /folder/file.txt -> Dropbox: /folder/file.txt (or /rootPath/folder/file.txt)
+   * Dropbox root is empty string "", not "/"
+   */
+  toDropboxPath(virtualPath) {
+    const normalized = this.normalizePath(virtualPath);
+    if (this.rootPath) {
+      if (normalized === "/") {
+        return `/${this.rootPath}`;
+      }
+      return `/${this.rootPath}${normalized}`;
+    }
+    if (normalized === "/") {
+      return "";
+    }
+    return normalized;
+  }
+  /**
+   * Convert Dropbox metadata to FileSystemItem
+   */
+  metadataToItem(entry, virtualPath) {
+    const isFolder2 = entry[".tag"] === "folder";
+    const path3 = virtualPath || this.toVirtualPath(entry.path_display || entry.name);
+    if (isFolder2) {
+      return createFolderItem({
+        id: entry.id,
+        name: entry.name,
+        path: path3,
+        createdAt: /* @__PURE__ */ new Date(),
+        modifiedAt: /* @__PURE__ */ new Date(),
+        metadata: {
+          dropboxId: entry.id,
+          pathDisplay: entry.path_display
+        }
+      });
+    }
+    const fileEntry = entry;
+    return createFileItem({
+      id: fileEntry.id,
+      name: fileEntry.name,
+      path: path3,
+      size: fileEntry.size,
+      mimeType: getMimeType(fileEntry.name),
+      createdAt: new Date(fileEntry.client_modified),
+      modifiedAt: new Date(fileEntry.server_modified),
+      metadata: {
+        dropboxId: fileEntry.id,
+        pathDisplay: fileEntry.path_display
+      }
+    });
+  }
+  /**
+   * Convert a Dropbox path_display to virtual path
+   */
+  toVirtualPath(dropboxPath) {
+    if (this.rootPath && dropboxPath.toLowerCase().startsWith(`/${this.rootPath.toLowerCase()}`)) {
+      const stripped = dropboxPath.substring(this.rootPath.length + 1);
+      return stripped || "/";
+    }
+    return dropboxPath || "/";
+  }
+  async createDirectory(virtualPath) {
+    try {
+      await this.ensureAuthenticated();
+      const dbxPath = this.toDropboxPath(virtualPath);
+      const response = await this.dbx.filesCreateFolderV2({
+        path: dbxPath,
+        autorename: false
+      });
+      const metadata = response.result.metadata;
+      const item = this.metadataToItem(
+        { ".tag": "folder", id: metadata.id, name: metadata.name, path_display: metadata.path_display, path_lower: metadata.path_lower },
+        this.normalizePath(virtualPath)
+      );
+      return this.successResult(item);
+    } catch (error) {
+      if (error instanceof AuthenticationError) {
+        return this.errorResult(error.message);
+      }
+      const errMsg = error.message || String(error);
+      if (errMsg.includes("path/conflict")) {
+        return this.errorResult(`Directory already exists: ${virtualPath}`);
+      }
+      return this.errorResult(`Failed to create directory: ${errMsg}`);
+    }
+  }
+  async removeDirectory(virtualPath, recursive = false) {
+    try {
+      await this.ensureAuthenticated();
+      const dbxPath = this.toDropboxPath(virtualPath);
+      if (!recursive) {
+        const listResponse = await this.dbx.filesListFolder({
+          path: dbxPath,
+          limit: 1
+        });
+        if (listResponse.result.entries.length > 0) {
+          return this.errorResult(`Directory is not empty: ${virtualPath}`);
+        }
+      }
+      await this.dbx.filesDeleteV2({ path: dbxPath });
+      return this.successResult();
+    } catch (error) {
+      const errMsg = error.message || String(error);
+      if (errMsg.includes("path_lookup/not_found") || errMsg.includes("not_found")) {
+        return this.errorResult(`Directory not found: ${virtualPath}`);
+      }
+      return this.errorResult(`Failed to remove directory: ${errMsg}`);
+    }
+  }
+  async uploadFile(source, remotePath, options = {}) {
+    try {
+      await this.ensureAuthenticated();
+      const normalized = this.normalizePath(remotePath);
+      const dbxPath = this.toDropboxPath(remotePath);
+      let contents;
+      if (typeof source === "string") {
+        const fs3 = await import("fs");
+        contents = await fs3.promises.readFile(source);
+      } else if (Buffer.isBuffer(source)) {
+        contents = source;
+      } else {
+        const chunks = [];
+        const reader = source.getReader();
+        let done = false;
+        while (!done) {
+          const result = await reader.read();
+          done = result.done;
+          if (result.value) {
+            chunks.push(result.value);
+          }
+        }
+        contents = Buffer.concat(chunks);
+      }
+      if (contents.length > MAX_UPLOAD_SIZE) {
+        throw new FileTooLargeError(this.getBaseName(remotePath), contents.length, MAX_UPLOAD_SIZE);
+      }
+      if (!options.overwrite) {
+        try {
+          await this.dbx.filesGetMetadata({ path: dbxPath });
+          throw new FileExistsError(remotePath);
+        } catch (err) {
+          if (err instanceof FileExistsError) throw err;
+        }
+      }
+      const response = await this.dbx.filesUpload({
+        path: dbxPath,
+        contents,
+        mode: options.overwrite ? { ".tag": "overwrite" } : { ".tag": "add" },
+        autorename: false
+      });
+      if (options.onProgress) {
+        options.onProgress(100, contents.length, contents.length);
+      }
+      const metadata = response.result;
+      const item = this.metadataToItem(
+        {
+          ".tag": "file",
+          id: metadata.id,
+          name: metadata.name,
+          path_display: metadata.path_display,
+          path_lower: metadata.path_lower,
+          size: metadata.size,
+          client_modified: metadata.client_modified,
+          server_modified: metadata.server_modified
+        },
+        normalized
+      );
+      return this.successResult(item);
+    } catch (error) {
+      if (error instanceof AuthenticationError || error instanceof FileExistsError || error instanceof FileTooLargeError) {
+        return this.errorResult(error.message);
+      }
+      return this.errorResult(`Failed to upload file: ${error.message}`);
+    }
+  }
+  async downloadFile(remotePath, localPath, options = {}) {
+    try {
+      await this.ensureAuthenticated();
+      const dbxPath = this.toDropboxPath(remotePath);
+      const response = await this.dbx.filesDownload({ path: dbxPath });
+      const result = response.result;
+      const buffer = Buffer.from(result.fileBinary);
+      if (options.onProgress) {
+        options.onProgress(100, buffer.length, buffer.length);
+      }
+      if (localPath) {
+        const fs3 = await import("fs");
+        const path3 = await import("path");
+        await fs3.promises.mkdir(path3.dirname(localPath), { recursive: true });
+        await fs3.promises.writeFile(localPath, buffer);
+        return this.successResult(localPath);
+      }
+      return this.successResult(buffer);
+    } catch (error) {
+      const errMsg = error.message || String(error);
+      if (errMsg.includes("path/not_found") || errMsg.includes("path_lookup/not_found")) {
+        return this.errorResult(`File not found: ${remotePath}`);
+      }
+      return this.errorResult(`Failed to download file: ${errMsg}`);
+    }
+  }
+  async moveItem(sourcePath, destinationPath, _options = {}) {
+    try {
+      await this.ensureAuthenticated();
+      const fromPath = this.toDropboxPath(sourcePath);
+      const toPath = this.toDropboxPath(destinationPath);
+      const response = await this.dbx.filesMoveV2({
+        from_path: fromPath,
+        to_path: toPath,
+        autorename: false
+      });
+      const metadata = response.result.metadata;
+      const item = this.metadataToItem(metadata, this.normalizePath(destinationPath));
+      return this.successResult(item);
+    } catch (error) {
+      const errMsg = error.message || String(error);
+      if (errMsg.includes("not_found")) {
+        return this.errorResult(`Item not found: ${sourcePath}`);
+      }
+      return this.errorResult(`Failed to move item: ${errMsg}`);
+    }
+  }
+  async deleteFile(virtualPath) {
+    try {
+      await this.ensureAuthenticated();
+      const dbxPath = this.toDropboxPath(virtualPath);
+      await this.dbx.filesDeleteV2({ path: dbxPath });
+      return this.successResult();
+    } catch (error) {
+      const errMsg = error.message || String(error);
+      if (errMsg.includes("not_found")) {
+        return this.errorResult(`File not found: ${virtualPath}`);
+      }
+      return this.errorResult(`Failed to delete file: ${errMsg}`);
+    }
+  }
+  async renameFile(virtualPath, newName, _options = {}) {
+    try {
+      await this.ensureAuthenticated();
+      const parentPath = this.getParentPath(virtualPath);
+      const newVirtualPath = this.joinPath(parentPath, newName);
+      const fromPath = this.toDropboxPath(virtualPath);
+      const toPath = this.toDropboxPath(newVirtualPath);
+      const response = await this.dbx.filesMoveV2({
+        from_path: fromPath,
+        to_path: toPath,
+        autorename: false
+      });
+      const metadata = response.result.metadata;
+      const item = this.metadataToItem(metadata, newVirtualPath);
+      return this.successResult(item);
+    } catch (error) {
+      const errMsg = error.message || String(error);
+      if (errMsg.includes("not_found")) {
+        return this.errorResult(`File not found: ${virtualPath}`);
+      }
+      return this.errorResult(`Failed to rename file: ${errMsg}`);
+    }
+  }
+  async renameFolder(virtualPath, newName, _options = {}) {
+    try {
+      await this.ensureAuthenticated();
+      const parentPath = this.getParentPath(virtualPath);
+      const newVirtualPath = this.joinPath(parentPath, newName);
+      const fromPath = this.toDropboxPath(virtualPath);
+      const toPath = this.toDropboxPath(newVirtualPath);
+      const response = await this.dbx.filesMoveV2({
+        from_path: fromPath,
+        to_path: toPath,
+        autorename: false
+      });
+      const metadata = response.result.metadata;
+      const item = this.metadataToItem(metadata, newVirtualPath);
+      return this.successResult(item);
+    } catch (error) {
+      const errMsg = error.message || String(error);
+      if (errMsg.includes("not_found")) {
+        return this.errorResult(`Folder not found: ${virtualPath}`);
+      }
+      return this.errorResult(`Failed to rename folder: ${errMsg}`);
+    }
+  }
+  async listDirectory(virtualPath, options = {}) {
+    try {
+      await this.ensureAuthenticated();
+      const dbxPath = this.toDropboxPath(virtualPath);
+      const items = [];
+      let hasMore = true;
+      let cursor;
+      const firstResponse = await this.dbx.filesListFolder({
+        path: dbxPath,
+        limit: 100
+      });
+      let entries = firstResponse.result.entries;
+      hasMore = firstResponse.result.has_more;
+      cursor = firstResponse.result.cursor;
+      const processEntries = async (entryList) => {
+        for (const entry of entryList) {
+          if (!options.includeHidden && entry.name.startsWith(".")) {
+            continue;
+          }
+          const itemPath = this.joinPath(virtualPath, entry.name);
+          const item = this.metadataToItem(entry, itemPath);
+          if (options.filter && !options.filter(item)) {
+            continue;
+          }
+          items.push(item);
+          if (options.recursive && entry[".tag"] === "folder") {
+            const subResult = await this.listDirectory(itemPath, options);
+            if (subResult.success && subResult.data) {
+              items.push(...subResult.data);
+            }
+          }
+        }
+      };
+      await processEntries(entries);
+      while (hasMore && cursor) {
+        const continueResponse = await this.dbx.filesListFolderContinue({ cursor });
+        entries = continueResponse.result.entries;
+        hasMore = continueResponse.result.has_more;
+        cursor = continueResponse.result.cursor;
+        await processEntries(entries);
+      }
+      return this.successResult(items);
+    } catch (error) {
+      const errMsg = error.message || String(error);
+      if (errMsg.includes("path/not_found") || errMsg.includes("not_found")) {
+        return this.errorResult(`Directory not found: ${virtualPath}`);
+      }
+      return this.errorResult(`Failed to list directory: ${errMsg}`);
+    }
+  }
+  async getItem(virtualPath) {
+    try {
+      await this.ensureAuthenticated();
+      const dbxPath = this.toDropboxPath(virtualPath);
+      const response = await this.dbx.filesGetMetadata({ path: dbxPath });
+      const metadata = response.result;
+      const item = this.metadataToItem(metadata, this.normalizePath(virtualPath));
+      return this.successResult(item);
+    } catch (error) {
+      const errMsg = error.message || String(error);
+      if (errMsg.includes("not_found")) {
+        return this.errorResult(`Item not found: ${virtualPath}`);
+      }
+      return this.errorResult(`Failed to get item: ${errMsg}`);
+    }
+  }
+  async exists(virtualPath) {
+    try {
+      await this.ensureAuthenticated();
+      const dbxPath = this.toDropboxPath(virtualPath);
+      await this.dbx.filesGetMetadata({ path: dbxPath });
+      return true;
+    } catch {
+      return false;
+    }
+  }
+  async getFolderTree(path3 = "/", depth = 3) {
+    try {
+      await this.ensureAuthenticated();
+      return super.getFolderTree(path3, depth);
+    } catch (error) {
+      return this.errorResult(`Failed to get folder tree: ${error.message}`);
+    }
+  }
+};
+function createDropboxModule() {
+  return new DropboxModule();
+}
+
 // src/modules/index.ts
 var moduleRegistry = {
   local: createLocalModule,
-  google_drive: createGoogleDriveModule
+  google_drive: createGoogleDriveModule,
+  dropbox: createDropboxModule
 };
 function getRegisteredProviders() {
   return Object.keys(moduleRegistry);
@@ -2226,6 +2889,7 @@ var FileMetadataService = class {
       if (input.scope_id !== void 0) record.scope_id = input.scope_id;
       if (input.uploaded_by !== void 0) record.uploaded_by = input.uploaded_by;
       if (input.original_filename !== void 0) record.original_filename = input.original_filename;
+      if (input.content_tag !== void 0) record.content_tag = input.content_tag;
       const results = await this.crud.insert(record);
       this.logger?.debug?.("Recorded file upload", { path: input.file_path });
       return results[0] || null;
@@ -3603,10 +4267,18 @@ function createNamingConventionService(crudService, options) {
 
 // src/services/llm-extraction-service.ts
 var LLMExtractionService = class {
-  constructor(llmFactory, defaultProvider = "gemini") {
-    this.llmFactory = llmFactory;
+  constructor(factoryConfig, defaultProvider = "gemini") {
+    this.llmFactory = factoryConfig.create;
+    this.cacheInvalidator = factoryConfig.invalidateCache;
     this.defaultProvider = defaultProvider;
   }
+  /**
+   * Invalidate the LLM prompt cache
+   * Passthrough to hazo_llm_api's invalidate_prompt_cache when configured
+   */
+  invalidatePromptCache(area, key) {
+    this.cacheInvalidator?.(area, key);
+  }
   /**
    * Extract data from a document
    *
@@ -3733,8 +4405,8 @@ var LLMExtractionService = class {
     };
   }
 };
-function createLLMExtractionService(llmFactory, defaultProvider) {
-  return new LLMExtractionService(llmFactory, defaultProvider);
+function createLLMExtractionService(factoryConfig, defaultProvider) {
+  return new LLMExtractionService(factoryConfig, defaultProvider);
 }
 
 // src/common/naming-utils.ts
@@ -4060,10 +4732,11 @@ function generatePreviewName(pattern, userVariables, options = {}) {
 
 // src/services/upload-extract-service.ts
 var UploadExtractService = class {
-  constructor(fileManager, namingService, extractionService) {
+  constructor(fileManager, namingService, extractionService, defaultContentTagConfig) {
     this.fileManager = fileManager;
     this.namingService = namingService;
     this.extractionService = extractionService;
+    this.defaultContentTagConfig = defaultContentTagConfig;
   }
   /**
    * Upload a file with optional extraction and naming convention
@@ -4140,11 +4813,12 @@ var UploadExtractService = class {
         metadata.extraction_id = extractionData.id;
         metadata.extraction_source = extractionData.source;
       }
+      const effectiveContentTagConfig = options.contentTagConfig ?? this.defaultContentTagConfig;
+      const needsContentTagging = effectiveContentTagConfig?.content_tag_set_by_llm && this.extractionService && this.fileManager.isTrackingActive();
       const uploadResult = await this.fileManager.uploadFile(source, fullPath, {
         ...options,
         metadata,
-        awaitRecording: !!extractionData
-        // Await recording when extraction needs to be added
+        awaitRecording: !!extractionData || !!needsContentTagging
       });
       if (!uploadResult.success) {
         return {
@@ -4168,13 +4842,23 @@ var UploadExtractService = class {
           );
         }
       }
+      let contentTag;
+      if (needsContentTagging && effectiveContentTagConfig) {
+        contentTag = await this.performContentTagging(
+          source,
+          mimeType,
+          effectiveContentTagConfig,
+          fullPath
+        );
+      }
       return {
         success: true,
         file: uploadResult.data,
         extraction: extractionData,
         generatedPath: fullPath,
         generatedFolderPath: generatedFolderPath || void 0,
-        originalFileName
+        originalFileName,
+        contentTag
       };
     } catch (error) {
       const message = error instanceof Error ? error.message : String(error);
@@ -4272,6 +4956,76 @@ var UploadExtractService = class {
       folderPath: folderPath || void 0
     };
   }
+  /**
+   * Perform content tagging via LLM extraction.
+   * Calls the LLM with the configured prompt, extracts the specified field,
+   * and writes it to the content_tag column.
+   */
+  async performContentTagging(buffer, mimeType, config, filePath) {
+    try {
+      if (!this.extractionService) return void 0;
+      const result = await this.extractionService.extract(buffer, mimeType, {
+        promptArea: config.content_tag_prompt_area,
+        promptKey: config.content_tag_prompt_key,
+        promptVariables: config.content_tag_prompt_variables
+      });
+      if (!result.success || !result.data) return void 0;
+      const tagValue = result.data[config.content_tag_prompt_return_fieldname];
+      if (typeof tagValue !== "string" || !tagValue) return void 0;
+      const metadataService = this.fileManager.getMetadataService();
+      if (metadataService) {
+        const storageType = this.fileManager.getProvider() || "local";
+        const record = await metadataService.findByPath(filePath, storageType);
+        if (record) {
+          await metadataService.updateFields(record.id, { content_tag: tagValue });
+        }
+      }
+      return tagValue;
+    } catch {
+      return void 0;
+    }
+  }
+  /**
+   * Manually tag a file's content via LLM.
+   * Works with existing DB records, resolving the file path internally.
+   *
+   * @param fileId - Database record ID of the file
+   * @param config - Content tag config (falls back to default if not provided)
+   * @returns OperationResult with the tag value
+   */
+  async tagFileContent(fileId, config) {
+    const effectiveConfig = config ?? this.defaultContentTagConfig;
+    if (!effectiveConfig || !effectiveConfig.content_tag_set_by_llm) {
+      return { success: false, error: "Content tagging is not configured or disabled" };
+    }
+    if (!this.extractionService) {
+      return { success: false, error: "Extraction service not available" };
+    }
+    const metadataService = this.fileManager.getMetadataService();
+    if (!metadataService) {
+      return { success: false, error: "Metadata service not available (tracking not enabled)" };
+    }
+    const record = await metadataService.findById(fileId);
+    if (!record) {
+      return { success: false, error: `File record not found: ${fileId}` };
+    }
+    const downloadResult = await this.fileManager.downloadFile(record.file_path);
+    if (!downloadResult.success || !downloadResult.data) {
+      return { success: false, error: `Failed to download file: ${downloadResult.error}` };
+    }
+    const buffer = Buffer.isBuffer(downloadResult.data) ? downloadResult.data : Buffer.from(downloadResult.data);
+    const mimeType = getMimeType(record.filename);
+    const tagValue = await this.performContentTagging(
+      buffer,
+      mimeType,
+      effectiveConfig,
+      record.file_path
+    );
+    if (!tagValue) {
+      return { success: false, error: "Content tagging did not produce a result" };
+    }
+    return { success: true, data: tagValue };
+  }
   /**
    * Get the file manager
    */
@@ -4291,8 +5045,8 @@ var UploadExtractService = class {
     return this.extractionService;
   }
 };
-function createUploadExtractService(fileManager, namingService, extractionService) {
-  return new UploadExtractService(fileManager, namingService, extractionService);
+function createUploadExtractService(fileManager, namingService, extractionService, defaultContentTagConfig) {
+  return new UploadExtractService(fileManager, namingService, extractionService, defaultContentTagConfig);
 }
 
 // src/server/factory.ts
@@ -4308,7 +5062,8 @@ async function createHazoFilesServer(options = {}) {
     metadataTableName = "hazo_files",
     namingTableName = "hazo_files_naming",
     enableTracking = !!crudService,
-    trackDownloads = true
+    trackDownloads = true,
+    defaultContentTagConfig
   } = options;
   const fileManagerOptions = {
     config,
@@ -4337,14 +5092,17 @@ async function createHazoFilesServer(options = {}) {
   const uploadExtractService = new UploadExtractService(
     fileManager,
     namingService || void 0,
-    extractionService || void 0
+    extractionService || void 0,
+    defaultContentTagConfig
   );
+  const invalidatePromptCache = extractionService ? (area, key) => extractionService.invalidatePromptCache(area, key) : void 0;
   return {
     fileManager,
     metadataService,
     namingService,
     extractionService,
-    uploadExtractService
+    uploadExtractService,
+    invalidatePromptCache
   };
 }
 async function createBasicFileManager(config, crudService) {
@@ -4383,7 +5141,8 @@ var HAZO_FILES_TABLE_SCHEMA = {
   uploaded_by TEXT,
   storage_verified_at TEXT,
   deleted_at TEXT,
-  original_filename TEXT
+  original_filename TEXT,
+  content_tag TEXT
 )`,
     indexes: [
       "CREATE INDEX IF NOT EXISTS idx_hazo_files_path ON hazo_files (file_path)",
@@ -4393,7 +5152,8 @@ var HAZO_FILES_TABLE_SCHEMA = {
       "CREATE INDEX IF NOT EXISTS idx_hazo_files_status ON hazo_files (status)",
       "CREATE INDEX IF NOT EXISTS idx_hazo_files_scope ON hazo_files (scope_id)",
       "CREATE INDEX IF NOT EXISTS idx_hazo_files_ref_count ON hazo_files (ref_count)",
-      "CREATE INDEX IF NOT EXISTS idx_hazo_files_deleted ON hazo_files (deleted_at)"
+      "CREATE INDEX IF NOT EXISTS idx_hazo_files_deleted ON hazo_files (deleted_at)",
+      "CREATE INDEX IF NOT EXISTS idx_hazo_files_content_tag ON hazo_files (content_tag)"
     ]
   },
   postgres: {
@@ -4416,7 +5176,8 @@ var HAZO_FILES_TABLE_SCHEMA = {
   uploaded_by UUID,
   storage_verified_at TIMESTAMP WITH TIME ZONE,
   deleted_at TIMESTAMP WITH TIME ZONE,
-  original_filename TEXT
+  original_filename TEXT,
+  content_tag TEXT
 )`,
     indexes: [
       "CREATE INDEX IF NOT EXISTS idx_hazo_files_path ON hazo_files (file_path)",
@@ -4426,7 +5187,8 @@ var HAZO_FILES_TABLE_SCHEMA = {
       "CREATE INDEX IF NOT EXISTS idx_hazo_files_status ON hazo_files (status)",
       "CREATE INDEX IF NOT EXISTS idx_hazo_files_scope ON hazo_files (scope_id)",
       "CREATE INDEX IF NOT EXISTS idx_hazo_files_ref_count ON hazo_files (ref_count)",
-      "CREATE INDEX IF NOT EXISTS idx_hazo_files_deleted ON hazo_files (deleted_at)"
+      "CREATE INDEX IF NOT EXISTS idx_hazo_files_deleted ON hazo_files (deleted_at)",
+      "CREATE INDEX IF NOT EXISTS idx_hazo_files_content_tag ON hazo_files (content_tag)"
     ]
   },
   columns: [
@@ -4448,7 +5210,8 @@ var HAZO_FILES_TABLE_SCHEMA = {
     "uploaded_by",
     "storage_verified_at",
     "deleted_at",
-    "original_filename"
+    "original_filename",
+    "content_tag"
   ]
 };
 function getSchemaForTable(tableName, dbType) {
@@ -4589,6 +5352,45 @@ function getNamingSchemaForTable(tableName, dbType) {
     )
   };
 }
+var HAZO_FILES_MIGRATION_V3 = {
+  tableName: HAZO_FILES_DEFAULT_TABLE_NAME,
+  sqlite: {
+    alterStatements: [
+      "ALTER TABLE hazo_files ADD COLUMN content_tag TEXT"
+    ],
+    indexes: [
+      "CREATE INDEX IF NOT EXISTS idx_hazo_files_content_tag ON hazo_files (content_tag)"
+    ],
+    backfill: ""
+    // No backfill needed — column is nullable, defaults to NULL
+  },
+  postgres: {
+    alterStatements: [
+      "ALTER TABLE hazo_files ADD COLUMN IF NOT EXISTS content_tag TEXT"
+    ],
+    indexes: [
+      "CREATE INDEX IF NOT EXISTS idx_hazo_files_content_tag ON hazo_files (content_tag)"
+    ],
+    backfill: ""
+    // No backfill needed — column is nullable, defaults to NULL
+  },
+  newColumns: [
+    "content_tag"
+  ]
+};
+function getMigrationV3ForTable(tableName, dbType) {
+  const migration = HAZO_FILES_MIGRATION_V3[dbType];
+  const defaultName = HAZO_FILES_MIGRATION_V3.tableName;
+  return {
+    alterStatements: migration.alterStatements.map(
+      (stmt) => stmt.replace(new RegExp(defaultName, "g"), tableName)
+    ),
+    indexes: migration.indexes.map(
+      (idx) => idx.replace(new RegExp(defaultName, "g"), tableName)
+    ),
+    backfill: migration.backfill
+  };
+}
 
 // src/migrations/add-reference-tracking.ts
 async function migrateToV2(executor, dbType, tableName) {
@@ -4608,6 +5410,20 @@ async function backfillV2Defaults(executor, dbType, tableName) {
   await executor.run(migration.backfill);
 }
 
+// src/migrations/add-content-tag.ts
+async function migrateToV3(executor, dbType, tableName) {
+  const migration = tableName ? getMigrationV3ForTable(tableName, dbType) : HAZO_FILES_MIGRATION_V3[dbType];
+  for (const stmt of migration.alterStatements) {
+    try {
+      await executor.run(stmt);
+    } catch {
+    }
+  }
+  for (const idx of migration.indexes) {
+    await executor.run(idx);
+  }
+}
+
 // src/server/index.ts
 try {
   __require("server-only");
@@ -4621,6 +5437,8 @@ export {
   DirectoryExistsError,
   DirectoryNotEmptyError,
   DirectoryNotFoundError,
+  DropboxAuth,
+  DropboxModule,
   FileExistsError,
   FileManager,
   FileMetadataService,
@@ -4630,6 +5448,7 @@ export {
   GoogleDriveModule,
   HAZO_FILES_DEFAULT_TABLE_NAME,
   HAZO_FILES_MIGRATION_V2,
+  HAZO_FILES_MIGRATION_V3,
   HAZO_FILES_NAMING_DEFAULT_TABLE_NAME,
   HAZO_FILES_NAMING_TABLE_SCHEMA,
   HAZO_FILES_TABLE_SCHEMA,
@@ -4657,6 +5476,8 @@ export {
   computeFileInfo,
   createAndInitializeModule,
   createBasicFileManager,
+  createDropboxAuth,
+  createDropboxModule,
   createEmptyFileDataStructure,
   createEmptyNamingRuleSchema,
   createFileItem,
@@ -4701,6 +5522,7 @@ export {
   getFileMetadataValues,
   getMergedData,
   getMigrationForTable,
+  getMigrationV3ForTable,
   getMimeType,
   getNameWithoutExtension,
   getNamingSchemaForTable,
@@ -4733,6 +5555,7 @@ export {
   loadConfig,
   loadConfigAsync,
   migrateToV2,
+  migrateToV3,
   normalizePath,
   parseConfig,
   parseFileData,