modelence 0.15.0 → 0.15.2-dev.0

package/dist/server.js

@@ -1,19 +1,19 @@
-import {a as a$2}from'./chunk-3S2FFBNS.js';import {d,a as a$3}from'./chunk-C3UESBRX.js';import {a}from'./chunk-DO5TZLF5.js';import {a as a$1,b,f,e,g,c,h,k,d as d$1,j as j$1,i,l,m as m$1}from'./chunk-3SPXJEOR.js';export{a as getConfig}from'./chunk-3SPXJEOR.js';import {s}from'./chunk-PR4HPMGW.js';import qn from'dotenv';import Oo from'fs/promises';import Ir from'os';import at from'path';import {Server}from'socket.io';import {createAdapter}from'@socket.io/mongo-adapter';import {MongoError,ObjectId,MongoClient,MongoServerError}from'mongodb';export{ObjectId}from'mongodb';import {randomBytes,randomUUID}from'crypto';import {isDeepStrictEqual}from'util';import F,{z}from'zod';import Sr from'bcrypt';import {createServer,defineConfig,loadConfigFromFile,mergeConfig}from'vite';import Br from'@vitejs/plugin-react';import Jr from'fs';import q,{Router}from'express';import bo from'cookie-parser';import So from'http';var v=class{constructor(e,{stores:n=[],queries:r={},mutations:o={},routes:i=[],cronJobs:s={},configSchema:a={},rateLimits:c=[],channels:d=[]}={}){this.name=e,this.stores=n,this.queries=r,this.mutations=o,this.routes=i,this.cronJobs=s,this.configSchema=a,this.rateLimits=c,this.channels=d;}getConfig(e){return a$1(`${this.name}.${e}`)}};function N(t){let e=t._def;if(e.typeName==="ZodString")return {type:"string"};if(e.typeName==="ZodNumber")return {type:"number"};if(e.typeName==="ZodBoolean")return {type:"boolean"};if(e.typeName==="ZodDate")return {type:"date"};if(e.typeName==="ZodArray")return {type:"array",items:N(e.type)};if(e.typeName==="ZodObject"){let r=e.shape(),o={};for(let[i,s]of Object.entries(r))o[i]=N(s);return {type:"object",items:o}}if(e.typeName==="ZodOptional")return {...N(e.innerType),optional:true};if(e.typeName==="ZodNullable")return {...N(e.innerType),optional:true};if(e.typeName==="ZodEnum")return {type:"enum",items:e.values};if(e.typeName==="ZodUnion")return {type:"union",items:e.options.map(N)};if(e.typeName==="ZodEffects"){let n=e;return n.description?{type:"custom",typeName:n.description}:N(n.schema)}return {type:"custom",typeName:e.typeName}}function be(t){let e={};for(let[n,r]of Object.entries(t))Array.isArray(r)?e[n]=r.map(o=>typeof o=="object"&&"_def"in o?N(o):be(o)):typeof r=="object"&&"_def"in r?e[n]=N(r):e[n]=be(r);return e}var Vn=["background","bits","bucketSize","collation","default_language","expireAfterSeconds","hidden","language_override","max","min","partialFilterExpression","sparse","storageEngine","textIndexVersion","unique","weights","wildcardProjection","2dsphereIndexVersion"],$e=t=>typeof t=="object"&&t!==null&&!Array.isArray(t),Wn=t=>t.startsWith("_modelence_"),je=t=>{let e={};for(let n of Vn){let r=t[n];r!==void 0&&(e[n]=r);}return e},Gn=(t,e)=>{if(!$e(t)||!$e(e))return  false;let n=Object.entries(t),r=Object.entries(e);return n.length!==r.length?false:n.every(([o,i],s)=>{let[a,c]=r[s]||[];return o===a&&isDeepStrictEqual(i,c)})},xt=(t,e)=>Gn(t.key,e.key)?isDeepStrictEqual(je(t),je(e)):false,Le=t=>$e(t)?Object.entries(t).map(([e,n])=>`${e}:${JSON.stringify(n)}`).join("|"):null,Zn=async t=>{try{return await t.listIndexes().toArray()}catch(e){if(e instanceof MongoError&&e.code===26)return [];throw e}},Bn=t=>Object.entries(t).map(([e,n])=>`${e}_${n}`).join("_"),Jn=t=>{if(t.name){let n=t.name.startsWith("_modelence_")?t.name:`_modelence_${t.name}`;return {...t,name:n}}let e=Bn(t.key);return {...t,name:`_modelence_${e}`}},C=class t{constructor(e,n){this.name=e,this.schema=n.schema,this.methods=n.methods,this.indexes=n.indexes.map(Jn),this.searchIndexes=n.searchIndexes||[],this.indexCreationMode=n.indexCreationMode??"background";}getName(){return this.name}getIndexCreationMode(){return this.indexCreationMode}getSchema(){return this.schema}getSerializedSchema(){return be(this.schema)}extend(e){let n={...this.schema,...e.schema||{}},r=[...this.indexes,...e.indexes||[]],o=[...this.searchIndexes,...e.searchIndexes||[]],i={...this.methods||{},...e.methods||{}},s=new t(this.name,{schema:n,methods:i,indexes:r,searchIndexes:o,indexCreationMode:e.indexCreationMode??this.indexCreationMode});if(this.client)throw new Error(`Store.extend() must be called before startApp(). Store '${this.name}' has already been initialized and cannot be extended.`);return s}init(e){if(this.collection)throw new Error(`Collection ${this.name} is already initialized`);this.client=e,this.collection=this.client.db().collection(this.name);}async createIndexes(){let e=this.requireCollection(),n=await Zn(e),r=new Map,o=new Map,i=new Set,s=l=>{r.set(l.name,l);let h=Le(l.key);if(!h)return;let w=o.get(h);w?w.add(l.name):o.set(h,new Set([l.name]));},a=l=>{let h=r.get(l);if(!h)return;r.delete(l);let w=Le(h.key);if(!w)return;let y=o.get(w);y&&(y.delete(l),y.size===0&&o.delete(w));};for(let l of n)typeof l.name=="string"&&s({...l,name:l.name});let c=async l=>{if(!(l==="_id_"||i.has(l))){try{await e.dropIndex(l);}catch(h){if(!(h instanceof MongoError&&h.code===27))throw h}i.add(l),a(l);}},d=new Set(this.indexes.map(l=>l.name).filter(l=>typeof l=="string")),p=[...r.values()].filter(l=>Wn(l.name)&&!d.has(l.name));for(let l of p)await c(l.name);if(this.indexes.length>0)for(let l of this.indexes){if(!l.name)continue;let h=r.get(l.name);h&&!xt(h,l)&&await c(h.name);let w=Le(l.key);if(w){let Q=[...o.get(w)||[]];for(let k of Q)k!==l.name&&await c(k);}let y=r.get(l.name);!!y&&xt(y,l)||(await e.createIndexes([l]),s({name:l.name,key:l.key,...je(l)}));}if(this.searchIndexes.length>0)for(let l of this.searchIndexes)try{await e.createSearchIndexes([l]);}catch(h){if(h instanceof MongoError&&h.code===68&&l.name)await e.dropSearchIndex(l.name),await e.createSearchIndexes([l]);else throw h}}wrapDocument(e){return this.methods?Object.create(null,Object.getOwnPropertyDescriptors({...e,...this.methods})):e}getSelector(e){return typeof e=="string"?{_id:new ObjectId(e)}:e instanceof ObjectId?{_id:e}:e}requireCollection(){if(!this.collection)throw new Error(`Collection ${this.name} is not provisioned`);return this.collection}requireClient(){if(!this.client)throw new Error("Database is not connected");return this.client}async findOne(e,n){let r=await this.requireCollection().findOne(e,n);return r?this.wrapDocument(r):null}async requireOne(e,n,r){let o=await this.findOne(e,n);if(!o)throw r?r():new Error(`Record not found in ${this.name}`);return o}find(e,n){let r=this.requireCollection().find(e,n?.projection?{projection:n.projection}:void 0);return n?.sort&&r.sort(n.sort),n?.limit&&r.limit(n.limit),n?.skip&&r.skip(n.skip),r}async findById(e){let n=typeof e=="string"?{_id:new ObjectId(e)}:{_id:e};return await this.findOne(n)}async requireById(e,n){let r=await this.findById(e);if(!r)throw n?n():new Error(`Record with id ${e} not found in ${this.name}`);return r}countDocuments(e){return this.requireCollection().countDocuments(e)}async fetch(e,n){return (await this.find(e,n).toArray()).map(this.wrapDocument.bind(this))}async insertOne(e,n){return await this.requireCollection().insertOne(e,n)}async insertMany(e,n){return await this.requireCollection().insertMany(e,n)}async updateOne(e,n,r){return await this.requireCollection().updateOne(this.getSelector(e),n,r)}async upsertOne(e,n,r){return await this.requireCollection().updateOne(this.getSelector(e),n,{upsert:true,...r})}async updateMany(e,n,r){return await this.requireCollection().updateMany(e,n,r)}async upsertMany(e,n,r){return await this.requireCollection().updateMany(e,n,{upsert:true,...r})}async deleteOne(e,n){return await this.requireCollection().deleteOne(e,n)}async deleteMany(e,n){return await this.requireCollection().deleteMany(e,n)}async findOneAndUpdate(e,n,r){let o=await this.requireCollection().findOneAndUpdate(this.getSelector(e),n,r??{});return o?this.wrapDocument(o):null}async findOneAndDelete(e,n){let r=await this.requireCollection().findOneAndDelete(this.getSelector(e),n??{});return r?this.wrapDocument(r):null}async findOneAndReplace(e,n,r){let o=await this.requireCollection().findOneAndReplace(this.getSelector(e),n,r??{});return o?this.wrapDocument(o):null}async replaceOne(e,n,r){return await this.requireCollection().replaceOne(this.getSelector(e),n,r)}async distinct(e,n,r){let o=n??{};return r!==void 0?await this.requireCollection().distinct(e,o,r):await this.requireCollection().distinct(e,o)}watch(e,n){return this.requireCollection().watch(e,n)}aggregate(e,n){return this.requireCollection().aggregate(e,n)}bulkWrite(e){return this.requireCollection().bulkWrite(e)}getDatabase(){return this.requireClient().db()}rawCollection(){return this.requireCollection()}async renameFrom(e,n){let r=this.getDatabase();if(!this.collection||!r)throw new Error(`Store ${this.name} is not provisioned`);if((await r.listCollections({name:e}).toArray()).length===0)throw new Error(`Collection ${e} not found`);if((await r.listCollections({name:this.name}).toArray()).length>0)throw new Error(`Collection ${this.name} already exists`);await r.collection(e).rename(this.name,n);}async vectorSearch({field:e,embedding:n,numCandidates:r,limit:o,projection:i,indexName:s}){return this.aggregate([{$vectorSearch:{index:s||e+"VectorSearch",path:e,queryVector:n,numCandidates:r||100,limit:o||10}},{$project:{_id:1,score:{$meta:"vectorSearchScore"},...i}}])}static vectorIndex({field:e,dimensions:n,similarity:r="cosine",indexName:o}){return {type:"vectorSearch",name:o||e+"VectorSearch",definition:{fields:[{type:"vector",path:e,numDimensions:n,similarity:r}]}}}};var Kn=z.string.bind(z),Qn=z.number.bind(z),Yn=z.date.bind(z),Xn=z.boolean.bind(z),er=z.array.bind(z),tr=z.object.bind(z),nr=z.enum.bind(z),u={string:Kn,number:Qn,date:Yn,boolean:Xn,array:er,object:tr,enum:nr,embedding(){return z.array(z.number())},objectId(){return z.instanceof(ObjectId).describe("ObjectId")},userId(){return z.instanceof(ObjectId).describe("UserId")},ref(t){return z.instanceof(ObjectId).describe("Ref")},union:z.union.bind(z),infer(t){return {}}};var X=new C("_modelenceSessions",{schema:{authToken:u.string(),createdAt:u.date(),expiresAt:u.date(),userId:u.userId().nullable()},indexes:[{key:{authToken:1},unique:true},{key:{expiresAt:1}}]});async function Tt(t){let e=t?await X.findOne({authToken:t}):null;return e?{authToken:String(e.authToken),expiresAt:new Date(e.expiresAt),userId:e.userId??null}:await qe()}async function kt(t,e){await X.updateOne({authToken:t},{$set:{userId:e}});}async function Ot(t){await X.updateOne({authToken:t},{$set:{userId:null}});}async function qe(t=null){let e=randomBytes(32).toString("base64url"),n=Date.now(),r=new Date(n+a.days(7));return await X.insertOne({authToken:e,createdAt:new Date(n),expiresAt:r,userId:t}),{authToken:e,expiresAt:r,userId:t}}async function or(t){let e=Date.now(),n=new Date(e+a.days(7));await X.updateOne({authToken:t.authToken},{$set:{lastActiveDate:new Date(e),expiresAt:n}});}var At=new v("_system.session",{stores:[X],mutations:{init:async function(t,{session:e,user:n}){return {session:e,user:n,configs:b()}},heartbeat:async function(t,{session:e}){e&&await or(e);}}});var m=new C("_modelenceUsers",{schema:{handle:u.string(),emails:u.array(u.object({address:u.string(),verified:u.boolean()})).optional(),status:u.enum(["active","disabled","deleted"]).optional(),firstName:u.string().optional(),lastName:u.string().optional(),avatarUrl:u.string().optional(),createdAt:u.date(),disabledAt:u.date().optional(),deletedAt:u.date().optional(),roles:u.array(u.string()).optional(),authMethods:u.object({password:u.object({hash:u.string()}).optional(),google:u.object({id:u.string()}).optional(),github:u.object({id:u.string()}).optional()})},indexes:[{key:{handle:1},unique:true,collation:{locale:"en",strength:2}},{key:{"emails.address":1,status:1}},{key:{"authMethods.google.id":1},sparse:true,unique:true},{key:{"authMethods.github.id":1},sparse:true,unique:true}]}),ae=new C("_modelenceDisposableEmailDomains",{schema:{domain:u.string(),addedAt:u.date()},indexes:[{key:{domain:1},unique:true}]}),L=new C("_modelenceEmailVerificationTokens",{schema:{userId:u.objectId(),email:u.string().optional(),token:u.string(),createdAt:u.date(),expiresAt:u.date()},indexes:[{key:{token:1},unique:true},{key:{expiresAt:1},expireAfterSeconds:0}]}),I=new C("_modelenceResetPasswordTokens",{schema:{userId:u.objectId(),token:u.string(),createdAt:u.date(),expiresAt:u.date()},indexes:[{key:{token:1},unique:true},{key:{expiresAt:1},expireAfterSeconds:0}]});var _t=new Map,ee={authenticated:null,unauthenticated:null};function Rt(t,e){ee.authenticated=e.authenticated,ee.unauthenticated=e.unauthenticated;for(let[n,r]of Object.entries(t))_t.set(n,r);}function Se(){return ee.unauthenticated?[ee.unauthenticated]:[]}function Mt(){return ee.authenticated?[ee.authenticated]:[]}function ze(t,e){let n=e.find(r=>!ir(t,r));if(n)throw new Error(`Access denied - missing permission: '${n}'`)}function ir(t,e){for(let n of t)if(_t.get(n)?.permissions?.includes(e))return  true;return  false}async function D(t){let e=await Tt(t),n=e.userId?await m.findOne({_id:new ObjectId(e.userId),status:{$nin:["deleted","disabled"]}}):null,r=n?{id:n._id.toString(),handle:n.handle,roles:n.roles||[],hasRole:i=>(n.roles||[]).includes(i),requireRole:i=>{if(!(n.roles||[]).includes(i))throw new Error(`Access denied - role '${i}' required`)},firstName:n.firstName??void 0,lastName:n.lastName??void 0,avatarUrl:n.avatarUrl??void 0}:null,o=r?Mt():Se();return {user:r,session:e,roles:o}}var ce=new v("_system",{configSchema:{mongodbUri:{type:"secret",isPublic:false,default:""},mongodbPoolSize:{type:"number",isPublic:false,default:10},"env.type":{type:"string",isPublic:true,default:""},"site.url":{type:"string",isPublic:true,default:""}}});var U=null;async function It(){if(U)return U;let t=V();if(!t)throw new Error("MongoDB URI is not set");let e=ce.getConfig("mongodbPoolSize");U=new MongoClient(t,{driverInfo:{name:"Modelence",version:s.version},ignoreUndefined:true,maxPoolSize:e});try{return await U.connect(),await U.db("admin").command({ping:1}),console.log("Pinged your deployment. You successfully connected to MongoDB!"),U}catch(n){throw console.error(n),U=null,n}}function V(){return ce.getConfig("mongodbUri")||void 0}function ve(){return U}var te=class{constructor(e){this.fetch=e.fetch,this.watch=e.watch;}};function cr(){return typeof window!="object"}function $(){if(!cr())throw new Error("This function can only be called on the server")}function Ce(t){return t.replace(/<[^>]*>/g,"").replace(/\s+/g," ").trim()}var xe={};function He(t,e){return $(),Lt(t),Ee("query",t,e)}function Dt(t,e){return $(),Lt(t),Ee("mutation",t,e)}function Pt(t,e){return $(),Ut(t),Ee("query",t,e)}function Nt(t,e){return $(),Ut(t),Ee("mutation",t,e)}function Lt(t){if(t.toLowerCase().startsWith("_system."))throw new Error(`Method name cannot start with a reserved prefix: '_system.' (${t})`)}function Ut(t){if(!t.toLowerCase().startsWith("_system."))throw new Error(`System method name must start with a prefix: '_system.' (${t})`)}function Ee(t,e,n){if($(),xe[e])throw new Error(`Method with name '${e}' is already defined.`);let r=typeof n=="function"?n:n.handler,o=typeof n=="function"?[]:n.permissions??[];xe[e]={type:t,name:e,handler:r,permissions:o};}async function $t(t,e,n){$();let r=xe[t];if(!r)throw new Error(`Method with name '${t}' is not defined.`);let{type:o,handler:i}=r,s=l("method",`method:${t}`,{type:o,args:e}),a;try{ze(n.roles,r.permissions),a=await i(e,n);}catch(c){throw s.end("error"),c}return s.end(),a}async function jt(t,e,n){$();let r=xe[t];if(!r)throw new Error(`Method with name '${t}' is not defined.`);let{type:o,handler:i}=r;if(o!=="query")throw new Error("Live methods are only supported for queries");let s=l("method",`method:${t}:live`,{type:o,args:e}),a;try{if(ze(n.roles,r.permissions),a=await i(e,n),!(a instanceof te))throw new Error(`Live query handler for '${t}' must return a LiveData object with fetch and watch functions.`)}catch(c){throw s.end("error"),c}return s.end(),a}var le=new Map;function lr(t){let e=le.get(t.id);return e||(e=new Map,le.set(t.id,e)),e}async function Ve(t,e){let n=z.object({subscriptionId:z.string().min(1),method:z.string().min(1),args:z.record(z.unknown()).default({}),authToken:z.string().nullish(),clientInfo:z.object({screenWidth:z.number(),screenHeight:z.number(),windowWidth:z.number(),windowHeight:z.number(),pixelRatio:z.number(),orientation:z.string().nullable()}).optional()}).safeParse(e);if(!n.success){t.emit("liveQueryError",{subscriptionId:null,error:`Invalid payload: ${n.error.message}`});return}let{subscriptionId:r,method:o,args:i,authToken:s,clientInfo:a}=n.data,c=lr(t),d=c.get(r);if(d)if(d.cleanup)try{d.cleanup();}catch(l){console.error("[LiveQuery] Error cleaning up existing subscription:",l);}else d.aborted=true;let p={cleanup:null};c.set(r,p);try{let{session:l,user:h,roles:w}=await D(s??null),y={session:l,user:h,roles:w,clientInfo:a??{screenWidth:0,screenHeight:0,windowWidth:0,windowHeight:0,pixelRatio:1,orientation:null},connectionInfo:{ip:t.handshake.address,userAgent:t.handshake.headers["user-agent"]}},T=await jt(o,i,y),Q=async()=>{let _=await T.fetch();p.aborted||t.emit("liveQueryData",{subscriptionId:r,data:_,typeMap:a$2(_)});},k=!0,R=!1,M=()=>{p.aborted||!k||R||(k=!1,R=!0,Q().catch(_=>{p.aborted||(console.error(`[LiveQuery] Error fetching data for ${o}:`,_),t.emit("liveQueryError",{subscriptionId:r,error:_ instanceof Error?_.message:String(_)}));}).finally(()=>{R=!1,M();}));},z=T.watch({publish:()=>{k=!0,M();}});if(p.aborted){if(z)try{z();}catch(_){console.error("[LiveQuery] Error cleaning up after disconnect during setup:",_);}return}p.cleanup=z||null,M();}catch(l){c.delete(r),console.error(`[LiveQuery] Error in ${o}:`,l),t.emit("liveQueryError",{subscriptionId:r,error:l instanceof Error?l.message:String(l)});}}function We(t,e){let n=z.object({subscriptionId:z.string().min(1)}).safeParse(e);if(!n.success){console.warn(`[LiveQuery] Invalid unsubscribe payload: ${n.error.message}`);return}let{subscriptionId:r}=n.data,o=le.get(t.id);if(!o)return;let i=o.get(r);if(i){if(i.cleanup)try{i.cleanup();}catch(s){console.error("[LiveQuery] Error in cleanup:",s);}else i.aborted=true;o.delete(r);}}function Ge(t){let e=le.get(t.id);if(e){for(let n of e.values())if(n.cleanup)try{n.cleanup();}catch(r){console.error("[LiveQuery] Error in cleanup on disconnect:",r);}else n.aborted=true;le.delete(t.id);}}var de=null,pr="_modelenceSocketio";async function mr({httpServer:t,channels:e}){let n=ve();console.log("Initializing Socket.IO server...");let r=null;if(n){r=n.db().collection(pr);try{await r.createIndex({createdAt:1},{expireAfterSeconds:3600,background:!0});}catch(o){console.error("Failed to create index on MongoDB collection for Socket.IO:",o);}}de=new Server(t,{cors:{origin:"*",methods:["GET","POST"]},adapter:r?createAdapter(r):void 0,transports:["websocket"],perMessageDeflate:false}),de.on("error",o=>{console.error("Socket.IO error:",o);}),de.use(async(o,i)=>{let s=o.handshake.auth.token;try{o.data=await D(s);}finally{i();}}),de.on("connection",o=>{o.on("disconnect",()=>{Ge(o);}),o.on("joinChannel",async i=>{let[s]=i.split(":"),a=false;for(let c of e)if(c.category===s){(!c.canAccessChannel||await c.canAccessChannel(o.data))&&(o.join(i),a=true,o.emit("joinedChannel",i));break}a||o.emit("joinError",{channel:i,error:"Access denied"});}),o.on("leaveChannel",i=>{o.leave(i),console.log(`User ${o.id} left channel ${i}`),o.emit("leftChannel",i);}),o.on("subscribeLiveQuery",i=>Ve(o,i)),o.on("unsubscribeLiveQuery",i=>We(o,i));}),console.log("Socket.IO server initialized");}function fr({category:t,id:e,data:n}){de?.to(`${t}:${e}`).emit(t,n);}var Ft={init:mr,broadcast:fr};async function qt(t){let e=t.toLowerCase().trim().split("@");if(e.length!==2)return  false;let n=e[1];return !!await ae.findOne({domain:n})}var zt={interval:a.days(1),async handler(){let t=await fetch("https://disposable.github.io/disposable-email-domains/domains.txt");if(!t.ok)throw new Error(`HTTP ${t.status}: ${t.statusText}`);let n=(await t.text()).split(`
-`).map(i=>i.trim().toLowerCase()).filter(i=>i.length>0),r=new Date,o=500;for(let i=0;i<n.length;i+=o){let s=n.slice(i,i+o);try{await ae.insertMany(s.map(a=>({domain:a,addedAt:r})));}catch(a){a&&typeof a=="object"&&"name"in a&&a.name;}}}};var Ze=Object.freeze({});function Ht(t){Ze=Object.freeze(Object.assign({},Ze,t));}function S(){return Ze}function Vt({name:t,email:e,verificationUrl:n}){return `
+import {a as a$2,b as b$1}from'./chunk-D6FY7A77.js';import {d,a as a$3}from'./chunk-C3UESBRX.js';import {a}from'./chunk-DO5TZLF5.js';import {a as a$1,b,f,e,g,c,h,k,d as d$1,j as j$1,i,l,m as m$1}from'./chunk-3SPXJEOR.js';export{a as getConfig}from'./chunk-3SPXJEOR.js';import {s}from'./chunk-MF6PQMFH.js';import qn from'dotenv';import Ao from'fs/promises';import Dr from'os';import ct from'path';import {Server}from'socket.io';import {createAdapter}from'@socket.io/mongo-adapter';import {MongoError,ObjectId,MongoClient,MongoServerError}from'mongodb';export{ObjectId}from'mongodb';import {randomBytes,randomUUID}from'crypto';import {isDeepStrictEqual}from'util';import F,{z}from'zod';import yr from'bcrypt';import {createServer,defineConfig,loadConfigFromFile,mergeConfig}from'vite';import Jr from'@vitejs/plugin-react';import Kr from'fs';import z$1,{Router}from'express';import So from'cookie-parser';import vo from'http';var v=class{constructor(e,{stores:n=[],queries:r={},mutations:o={},routes:i=[],cronJobs:s={},configSchema:a={},rateLimits:c=[],channels:d=[]}={}){this.name=e,this.stores=n,this.queries=r,this.mutations=o,this.routes=i,this.cronJobs=s,this.configSchema=a,this.rateLimits=c,this.channels=d;}getConfig(e){return a$1(`${this.name}.${e}`)}};function N(t){let e=t._def;if(e.typeName==="ZodString")return {type:"string"};if(e.typeName==="ZodNumber")return {type:"number"};if(e.typeName==="ZodBoolean")return {type:"boolean"};if(e.typeName==="ZodDate")return {type:"date"};if(e.typeName==="ZodArray")return {type:"array",items:N(e.type)};if(e.typeName==="ZodObject"){let r=e.shape(),o={};for(let[i,s]of Object.entries(r))o[i]=N(s);return {type:"object",items:o}}if(e.typeName==="ZodOptional")return {...N(e.innerType),optional:true};if(e.typeName==="ZodNullable")return {...N(e.innerType),optional:true};if(e.typeName==="ZodEnum")return {type:"enum",items:e.values};if(e.typeName==="ZodUnion")return {type:"union",items:e.options.map(N)};if(e.typeName==="ZodEffects"){let n=e;return n.description?{type:"custom",typeName:n.description}:N(n.schema)}return {type:"custom",typeName:e.typeName}}function be(t){let e={};for(let[n,r]of Object.entries(t))Array.isArray(r)?e[n]=r.map(o=>typeof o=="object"&&"_def"in o?N(o):be(o)):typeof r=="object"&&"_def"in r?e[n]=N(r):e[n]=be(r);return e}var Wn=["background","bits","bucketSize","collation","default_language","expireAfterSeconds","hidden","language_override","max","min","partialFilterExpression","sparse","storageEngine","textIndexVersion","unique","weights","wildcardProjection","2dsphereIndexVersion"],$e=t=>typeof t=="object"&&t!==null&&!Array.isArray(t),Gn=t=>t.startsWith("_modelence_"),je=t=>{let e={};for(let n of Wn){let r=t[n];r!==void 0&&(e[n]=r);}return e},Zn=(t,e)=>{if(!$e(t)||!$e(e))return  false;let n=Object.entries(t),r=Object.entries(e);return n.length!==r.length?false:n.every(([o,i],s)=>{let[a,c]=r[s]||[];return o===a&&isDeepStrictEqual(i,c)})},Et=(t,e)=>Zn(t.key,e.key)?isDeepStrictEqual(je(t),je(e)):false,Le=t=>$e(t)?Object.entries(t).map(([e,n])=>`${e}:${JSON.stringify(n)}`).join("|"):null,Bn=async t=>{try{return await t.listIndexes().toArray()}catch(e){if(e instanceof MongoError&&e.code===26)return [];throw e}},Jn=t=>Object.entries(t).map(([e,n])=>`${e}_${n}`).join("_"),Kn=t=>{if(t.name){let n=t.name.startsWith("_modelence_")?t.name:`_modelence_${t.name}`;return {...t,name:n}}let e=Jn(t.key);return {...t,name:`_modelence_${e}`}},C=class t{constructor(e,n){this.name=e,this.schema=n.schema,this.methods=n.methods,this.indexes=n.indexes.map(Kn),this.searchIndexes=n.searchIndexes||[],this.indexCreationMode=n.indexCreationMode??"background";}getName(){return this.name}getIndexCreationMode(){return this.indexCreationMode}getSchema(){return this.schema}getSerializedSchema(){return be(this.schema)}extend(e){let n={...this.schema,...e.schema||{}},r=[...this.indexes,...e.indexes||[]],o=[...this.searchIndexes,...e.searchIndexes||[]],i={...this.methods||{},...e.methods||{}},s=new t(this.name,{schema:n,methods:i,indexes:r,searchIndexes:o,indexCreationMode:e.indexCreationMode??this.indexCreationMode});if(this.client)throw new Error(`Store.extend() must be called before startApp(). Store '${this.name}' has already been initialized and cannot be extended.`);return s}init(e){if(this.collection)throw new Error(`Collection ${this.name} is already initialized`);this.client=e,this.collection=this.client.db().collection(this.name);}async createIndexes(){let e=this.requireCollection(),n=await Bn(e),r=new Map,o=new Map,i=new Set,s=l=>{r.set(l.name,l);let h=Le(l.key);if(!h)return;let w=o.get(h);w?w.add(l.name):o.set(h,new Set([l.name]));},a=l=>{let h=r.get(l);if(!h)return;r.delete(l);let w=Le(h.key);if(!w)return;let y=o.get(w);y&&(y.delete(l),y.size===0&&o.delete(w));};for(let l of n)typeof l.name=="string"&&s({...l,name:l.name});let c=async l=>{if(!(l==="_id_"||i.has(l))){try{await e.dropIndex(l);}catch(h){if(!(h instanceof MongoError&&h.code===27))throw h}i.add(l),a(l);}},d=new Set(this.indexes.map(l=>l.name).filter(l=>typeof l=="string")),p=[...r.values()].filter(l=>Gn(l.name)&&!d.has(l.name));for(let l of p)await c(l.name);if(this.indexes.length>0)for(let l of this.indexes){if(!l.name)continue;let h=r.get(l.name);h&&!Et(h,l)&&await c(h.name);let w=Le(l.key);if(w){let Q=[...o.get(w)||[]];for(let k of Q)k!==l.name&&await c(k);}let y=r.get(l.name);!!y&&Et(y,l)||(await e.createIndexes([l]),s({name:l.name,key:l.key,...je(l)}));}if(this.searchIndexes.length>0)for(let l of this.searchIndexes)try{await e.createSearchIndexes([l]);}catch(h){if(h instanceof MongoError&&h.code===68&&l.name)await e.dropSearchIndex(l.name),await e.createSearchIndexes([l]);else throw h}}wrapDocument(e){return this.methods?Object.create(null,Object.getOwnPropertyDescriptors({...e,...this.methods})):e}getSelector(e){return typeof e=="string"?{_id:new ObjectId(e)}:e instanceof ObjectId?{_id:e}:e}requireCollection(){if(!this.collection)throw new Error(`Collection ${this.name} is not provisioned`);return this.collection}requireClient(){if(!this.client)throw new Error("Database is not connected");return this.client}async findOne(e,n){let r=await this.requireCollection().findOne(e,n);return r?this.wrapDocument(r):null}async requireOne(e,n,r){let o=await this.findOne(e,n);if(!o)throw r?r():new Error(`Record not found in ${this.name}`);return o}find(e,n){let r=this.requireCollection().find(e,n?.projection?{projection:n.projection}:void 0);return n?.sort&&r.sort(n.sort),n?.limit&&r.limit(n.limit),n?.skip&&r.skip(n.skip),r}async findById(e){let n=typeof e=="string"?{_id:new ObjectId(e)}:{_id:e};return await this.findOne(n)}async requireById(e,n){let r=await this.findById(e);if(!r)throw n?n():new Error(`Record with id ${e} not found in ${this.name}`);return r}countDocuments(e){return this.requireCollection().countDocuments(e)}async fetch(e,n){return (await this.find(e,n).toArray()).map(this.wrapDocument.bind(this))}async insertOne(e,n){return await this.requireCollection().insertOne(e,n)}async insertMany(e,n){return await this.requireCollection().insertMany(e,n)}async updateOne(e,n,r){return await this.requireCollection().updateOne(this.getSelector(e),n,r)}async upsertOne(e,n,r){return await this.requireCollection().updateOne(this.getSelector(e),n,{upsert:true,...r})}async updateMany(e,n,r){return await this.requireCollection().updateMany(e,n,r)}async upsertMany(e,n,r){return await this.requireCollection().updateMany(e,n,{upsert:true,...r})}async deleteOne(e,n){return await this.requireCollection().deleteOne(e,n)}async deleteMany(e,n){return await this.requireCollection().deleteMany(e,n)}async findOneAndUpdate(e,n,r){let o=await this.requireCollection().findOneAndUpdate(this.getSelector(e),n,r??{});return o?this.wrapDocument(o):null}async findOneAndDelete(e,n){let r=await this.requireCollection().findOneAndDelete(this.getSelector(e),n??{});return r?this.wrapDocument(r):null}async findOneAndReplace(e,n,r){let o=await this.requireCollection().findOneAndReplace(this.getSelector(e),n,r??{});return o?this.wrapDocument(o):null}async replaceOne(e,n,r){return await this.requireCollection().replaceOne(this.getSelector(e),n,r)}async distinct(e,n,r){let o=n??{};return r!==void 0?await this.requireCollection().distinct(e,o,r):await this.requireCollection().distinct(e,o)}watch(e,n){return this.requireCollection().watch(e,n)}aggregate(e,n){return this.requireCollection().aggregate(e,n)}bulkWrite(e){return this.requireCollection().bulkWrite(e)}getDatabase(){return this.requireClient().db()}rawCollection(){return this.requireCollection()}async renameFrom(e,n){let r=this.getDatabase();if(!this.collection||!r)throw new Error(`Store ${this.name} is not provisioned`);if((await r.listCollections({name:e}).toArray()).length===0)throw new Error(`Collection ${e} not found`);if((await r.listCollections({name:this.name}).toArray()).length>0)throw new Error(`Collection ${this.name} already exists`);await r.collection(e).rename(this.name,n);}async vectorSearch({field:e,embedding:n,numCandidates:r,limit:o,projection:i,indexName:s}){return this.aggregate([{$vectorSearch:{index:s||e+"VectorSearch",path:e,queryVector:n,numCandidates:r||100,limit:o||10}},{$project:{_id:1,score:{$meta:"vectorSearchScore"},...i}}])}static vectorIndex({field:e,dimensions:n,similarity:r="cosine",indexName:o}){return {type:"vectorSearch",name:o||e+"VectorSearch",definition:{fields:[{type:"vector",path:e,numDimensions:n,similarity:r}]}}}};var Qn=z.string.bind(z),Yn=z.number.bind(z),Xn=z.date.bind(z),er=z.boolean.bind(z),tr=z.array.bind(z),nr=z.object.bind(z),rr=z.enum.bind(z),u={string:Qn,number:Yn,date:Xn,boolean:er,array:tr,object:nr,enum:rr,embedding(){return z.array(z.number())},objectId(){return z.instanceof(ObjectId).describe("ObjectId")},userId(){return z.instanceof(ObjectId).describe("UserId")},ref(t){return z.instanceof(ObjectId).describe("Ref")},union:z.union.bind(z),infer(t){return {}}};var X=new C("_modelenceSessions",{schema:{authToken:u.string(),createdAt:u.date(),expiresAt:u.date(),userId:u.userId().nullable()},indexes:[{key:{authToken:1},unique:true},{key:{expiresAt:1}}]});async function kt(t){let e=t?await X.findOne({authToken:t}):null;return e?{authToken:String(e.authToken),expiresAt:new Date(e.expiresAt),userId:e.userId??null}:await ze()}async function Ot(t,e){await X.updateOne({authToken:t},{$set:{userId:e}});}async function At(t){await X.updateOne({authToken:t},{$set:{userId:null}});}async function ze(t=null){let e=randomBytes(32).toString("base64url"),n=Date.now(),r=new Date(n+a.days(7));return await X.insertOne({authToken:e,createdAt:new Date(n),expiresAt:r,userId:t}),{authToken:e,expiresAt:r,userId:t}}async function ir(t){let e=Date.now(),n=new Date(e+a.days(7));await X.updateOne({authToken:t.authToken},{$set:{lastActiveDate:new Date(e),expiresAt:n}});}var _t=new v("_system.session",{stores:[X],mutations:{init:async function(t,{session:e,user:n}){return {session:e,user:n,configs:b()}},heartbeat:async function(t,{session:e}){e&&await ir(e);}}});var m=new C("_modelenceUsers",{schema:{handle:u.string(),emails:u.array(u.object({address:u.string(),verified:u.boolean()})).optional(),status:u.enum(["active","disabled","deleted"]).optional(),firstName:u.string().optional(),lastName:u.string().optional(),avatarUrl:u.string().optional(),createdAt:u.date(),disabledAt:u.date().optional(),deletedAt:u.date().optional(),roles:u.array(u.string()).optional(),authMethods:u.object({password:u.object({hash:u.string()}).optional(),google:u.object({id:u.string()}).optional(),github:u.object({id:u.string()}).optional()})},indexes:[{key:{handle:1},unique:true,collation:{locale:"en",strength:2}},{key:{"emails.address":1,status:1}},{key:{"authMethods.google.id":1},sparse:true,unique:true},{key:{"authMethods.github.id":1},sparse:true,unique:true}]}),ae=new C("_modelenceDisposableEmailDomains",{schema:{domain:u.string(),addedAt:u.date()},indexes:[{key:{domain:1},unique:true}]}),L=new C("_modelenceEmailVerificationTokens",{schema:{userId:u.objectId(),email:u.string().optional(),token:u.string(),createdAt:u.date(),expiresAt:u.date()},indexes:[{key:{token:1},unique:true},{key:{expiresAt:1},expireAfterSeconds:0}]}),I=new C("_modelenceResetPasswordTokens",{schema:{userId:u.objectId(),email:u.string().optional(),token:u.string(),createdAt:u.date(),expiresAt:u.date()},indexes:[{key:{token:1},unique:true},{key:{expiresAt:1},expireAfterSeconds:0}]});var Rt=new Map,ee={authenticated:null,unauthenticated:null};function Mt(t,e){ee.authenticated=e.authenticated,ee.unauthenticated=e.unauthenticated;for(let[n,r]of Object.entries(t))Rt.set(n,r);}function Se(){return ee.unauthenticated?[ee.unauthenticated]:[]}function It(){return ee.authenticated?[ee.authenticated]:[]}function qe(t,e){let n=e.find(r=>!sr(t,r));if(n)throw new Error(`Access denied - missing permission: '${n}'`)}function sr(t,e){for(let n of t)if(Rt.get(n)?.permissions?.includes(e))return  true;return  false}async function D(t){let e=await kt(t),n=e.userId?await m.findOne({_id:new ObjectId(e.userId),status:{$nin:["deleted","disabled"]}}):null,r=n?{id:n._id.toString(),handle:n.handle,roles:n.roles||[],hasRole:i=>(n.roles||[]).includes(i),requireRole:i=>{if(!(n.roles||[]).includes(i))throw new Error(`Access denied - role '${i}' required`)},firstName:n.firstName??void 0,lastName:n.lastName??void 0,avatarUrl:n.avatarUrl??void 0}:null,o=r?It():Se();return {user:r,session:e,roles:o}}var ce=new v("_system",{configSchema:{mongodbUri:{type:"secret",isPublic:false,default:""},mongodbPoolSize:{type:"number",isPublic:false,default:10},"env.type":{type:"string",isPublic:true,default:""},"site.url":{type:"string",isPublic:true,default:""}}});var U=null;async function Dt(){if(U)return U;let t=V();if(!t)throw new Error("MongoDB URI is not set");let e=ce.getConfig("mongodbPoolSize");U=new MongoClient(t,{driverInfo:{name:"Modelence",version:s.version},ignoreUndefined:true,maxPoolSize:e});try{return await U.connect(),await U.db("admin").command({ping:1}),console.log("Pinged your deployment. You successfully connected to MongoDB!"),U}catch(n){throw console.error(n),U=null,n}}function V(){return ce.getConfig("mongodbUri")||void 0}function ve(){return U}var te=class{constructor(e){this.fetch=e.fetch,this.watch=e.watch;}};function lr(){return typeof window!="object"}function $(){if(!lr())throw new Error("This function can only be called on the server")}function Ce(t){return t.replace(/<[^>]*>/g,"").replace(/\s+/g," ").trim()}var xe={};function He(t,e){return $(),Ut(t),Ee("query",t,e)}function Pt(t,e){return $(),Ut(t),Ee("mutation",t,e)}function Nt(t,e){return $(),$t(t),Ee("query",t,e)}function Lt(t,e){return $(),$t(t),Ee("mutation",t,e)}function Ut(t){if(t.toLowerCase().startsWith("_system."))throw new Error(`Method name cannot start with a reserved prefix: '_system.' (${t})`)}function $t(t){if(!t.toLowerCase().startsWith("_system."))throw new Error(`System method name must start with a prefix: '_system.' (${t})`)}function Ee(t,e,n){if($(),xe[e])throw new Error(`Method with name '${e}' is already defined.`);let r=typeof n=="function"?n:n.handler,o=typeof n=="function"?[]:n.permissions??[];xe[e]={type:t,name:e,handler:r,permissions:o};}async function jt(t,e,n){$();let r=xe[t];if(!r)throw new Error(`Method with name '${t}' is not defined.`);let{type:o,handler:i}=r,s=l("method",`method:${t}`,{type:o,args:e}),a;try{qe(n.roles,r.permissions),a=await i(e,n);}catch(c){throw s.end("error"),c}return s.end(),a}async function Ft(t,e,n){$();let r=xe[t];if(!r)throw new Error(`Method with name '${t}' is not defined.`);let{type:o,handler:i}=r;if(o!=="query")throw new Error("Live methods are only supported for queries");let s=l("method",`method:${t}:live`,{type:o,args:e}),a;try{if(qe(n.roles,r.permissions),a=await i(e,n),!(a instanceof te))throw new Error(`Live query handler for '${t}' must return a LiveData object with fetch and watch functions.`)}catch(c){throw s.end("error"),c}return s.end(),a}var le=new Map;function dr(t){let e=le.get(t.id);return e||(e=new Map,le.set(t.id,e)),e}async function Ve(t,e){let n=z.object({subscriptionId:z.string().min(1),method:z.string().min(1),args:z.record(z.unknown()).default({}),authToken:z.string().nullish(),clientInfo:z.object({screenWidth:z.number(),screenHeight:z.number(),windowWidth:z.number(),windowHeight:z.number(),pixelRatio:z.number(),orientation:z.string().nullable()}).optional()}).safeParse(e);if(!n.success){t.emit("liveQueryError",{subscriptionId:null,error:`Invalid payload: ${n.error.message}`});return}let{subscriptionId:r,method:o,args:i,authToken:s,clientInfo:a}=n.data,c=dr(t),d=c.get(r);if(d)if(d.cleanup)try{d.cleanup();}catch(l){console.error("[LiveQuery] Error cleaning up existing subscription:",l);}else d.aborted=true;let p={cleanup:null};c.set(r,p);try{let{session:l,user:h,roles:w}=await D(s??null),y={session:l,user:h,roles:w,clientInfo:a??{screenWidth:0,screenHeight:0,windowWidth:0,windowHeight:0,pixelRatio:1,orientation:null},connectionInfo:{ip:t.handshake.address,userAgent:t.handshake.headers["user-agent"]}},T=await Ft(o,i,y),Q=async()=>{let A=a$2(await T.fetch());p.aborted||t.emit("liveQueryData",{subscriptionId:r,data:A,typeMap:b$1(A)});},k=!0,R=!1,M=()=>{p.aborted||!k||R||(k=!1,R=!0,Q().catch(A=>{p.aborted||(console.error(`[LiveQuery] Error fetching data for ${o}:`,A),t.emit("liveQueryError",{subscriptionId:r,error:A instanceof Error?A.message:String(A)}));}).finally(()=>{R=!1,M();}));},q=T.watch({publish:()=>{k=!0,M();}});if(p.aborted){if(q)try{q();}catch(A){console.error("[LiveQuery] Error cleaning up after disconnect during setup:",A);}return}p.cleanup=q||null,M();}catch(l){c.delete(r),console.error(`[LiveQuery] Error in ${o}:`,l),t.emit("liveQueryError",{subscriptionId:r,error:l instanceof Error?l.message:String(l)});}}function We(t,e){let n=z.object({subscriptionId:z.string().min(1)}).safeParse(e);if(!n.success){console.warn(`[LiveQuery] Invalid unsubscribe payload: ${n.error.message}`);return}let{subscriptionId:r}=n.data,o=le.get(t.id);if(!o)return;let i=o.get(r);if(i){if(i.cleanup)try{i.cleanup();}catch(s){console.error("[LiveQuery] Error in cleanup:",s);}else i.aborted=true;o.delete(r);}}function Ge(t){let e=le.get(t.id);if(e){for(let n of e.values())if(n.cleanup)try{n.cleanup();}catch(r){console.error("[LiveQuery] Error in cleanup on disconnect:",r);}else n.aborted=true;le.delete(t.id);}}var de=null,mr="_modelenceSocketio";async function fr({httpServer:t,channels:e}){let n=ve();console.log("Initializing Socket.IO server...");let r=null;if(n){r=n.db().collection(mr);try{await r.createIndex({createdAt:1},{expireAfterSeconds:3600,background:!0});}catch(o){console.error("Failed to create index on MongoDB collection for Socket.IO:",o);}}de=new Server(t,{cors:{origin:"*",methods:["GET","POST"]},adapter:r?createAdapter(r):void 0,transports:["websocket"],perMessageDeflate:false}),de.on("error",o=>{console.error("Socket.IO error:",o);}),de.use(async(o,i)=>{let s=o.handshake.auth.token;try{o.data=await D(s);}finally{i();}}),de.on("connection",o=>{o.on("disconnect",()=>{Ge(o);}),o.on("joinChannel",async i=>{let[s]=i.split(":"),a=false;for(let c of e)if(c.category===s){(!c.canAccessChannel||await c.canAccessChannel(o.data))&&(o.join(i),a=true,o.emit("joinedChannel",i));break}a||o.emit("joinError",{channel:i,error:"Access denied"});}),o.on("leaveChannel",i=>{o.leave(i),console.log(`User ${o.id} left channel ${i}`),o.emit("leftChannel",i);}),o.on("subscribeLiveQuery",i=>Ve(o,i)),o.on("unsubscribeLiveQuery",i=>We(o,i));}),console.log("Socket.IO server initialized");}function hr({category:t,id:e,data:n}){de?.to(`${t}:${e}`).emit(t,n);}var zt={init:fr,broadcast:hr};async function qt(t){let e=t.toLowerCase().trim().split("@");if(e.length!==2)return  false;let n=e[1];return !!await ae.findOne({domain:n})}var Ht={interval:a.days(1),async handler(){let t=await fetch("https://disposable.github.io/disposable-email-domains/domains.txt");if(!t.ok)throw new Error(`HTTP ${t.status}: ${t.statusText}`);let n=(await t.text()).split(`
+`).map(i=>i.trim().toLowerCase()).filter(i=>i.length>0),r=new Date,o=500;for(let i=0;i<n.length;i+=o){let s=n.slice(i,i+o);try{await ae.insertMany(s.map(a=>({domain:a,addedAt:r})));}catch(a){a&&typeof a=="object"&&"name"in a&&a.name;}}}};var Ze=Object.freeze({});function Vt(t){Ze=Object.freeze(Object.assign({},Ze,t));}function S(){return Ze}var Te=3,W=50,Wt=t=>z.string().trim().min(t.min??1,{message:`must be at least ${t.min??1} characters`}).max(t.max,{message:`must be at most ${t.max} characters`}),Be=t=>z.string().trim().max(t.max,{message:`must be at most ${t.max} characters`}).transform(e=>e===""?void 0:e).optional(),gr=z.object({firstName:Be({max:50}),lastName:Be({max:50}),avatarUrl:Be({max:400}),handle:Wt({min:Te,max:W})}).strict();function ke(t){let e=gr.partial().safeParse(t);if(!e.success){let n=e.error.issues[0],r=n.path.join("."),o=r?`${r}: ${n.message}`:n.message;throw new Error(o)}return e.data}function Oe(t){return z.string().min(8,{message:"Password must contain at least 8 characters"}).parse(t)}function j(t){return z.string().email({message:"Invalid email address"}).parse(t).toLowerCase()}function Gt(t){return Wt({min:Te,max:W}).parse(t)}var Je=Object.freeze({});function Zt(t){Je=Object.freeze(Object.assign({},Je,t));}function x(){return Je}async function Jt(t,{user:e,session:n,connectionInfo:r}){try{if(!n)throw new Error("Session is not initialized");let o=r?.ip;o&&await _({bucket:"signin",type:"ip",value:o});let i=j(t.email),s=z.string().parse(t.password),a=await m.findOne({"emails.address":i,status:{$nin:["deleted","disabled"]}},{collation:{locale:"en",strength:2}}),c=a?.authMethods?.password?.hash;if(!c)throw Bt();if(!a.emails?.find(l=>l.address.toLowerCase()===i)?.verified&&S()?.provider)throw new Error("Your email address hasn't been verified yet. Please check your inbox for the verification email.");if(!await yr.compare(s,c))throw Bt();return await Ot(n.authToken,a._id),x().onAfterLogin?.({provider:"email",user:a,session:n,connectionInfo:r}),x().login?.onSuccess?.(a),{user:{id:a._id,handle:a.handle,roles:a.roles||[],firstName:a.firstName??void 0,lastName:a.lastName??void 0,avatarUrl:a.avatarUrl??void 0}}}catch(o){throw o instanceof Error&&(x().onLoginError?.({provider:"email",error:o,session:n,connectionInfo:r}),x().login?.onError?.(o)),o}}async function Kt(t,{session:e}){if(!e)throw new Error("Session is not initialized");await At(e.authToken);}function Bt(){return new Error("Incorrect email/password combination")}async function Qt(t,{user:e}){if(!e)throw new Error("Not authenticated");let n=await m.requireById(e.id);return {handle:n.handle,emails:n.emails,authMethods:Object.keys(n.authMethods||{}),firstName:n.firstName??void 0,lastName:n.lastName??void 0,avatarUrl:n.avatarUrl??void 0}}async function Yt(t,{user:e}){if(!e)throw new Error("Not authenticated");let n=await m.requireById(e.id),r=ke(t);if(await x().validateProfileUpdate?.(r),"handle"in r&&r.handle!==void 0&&await m.findOne({handle:r.handle,_id:{$ne:n._id}},{collation:{locale:"en",strength:2}}))throw new Error("Handle already taken.");if(Object.keys(r).length>0){let o={},i={};for(let[a,c]of Object.entries(r))c===void 0?i[a]="":o[a]=c;let s={};Object.keys(o).length>0&&(s.$set=o),Object.keys(i).length>0&&(s.$unset=i);try{await m.updateOne({_id:n._id},s);let a=Object.fromEntries(Object.keys(i).map(c=>[c,void 0]));n={...n,...o,...a};}catch(a){throw a instanceof Error&&"code"in a&&a.code===11e3?new Error("Handle already taken."):a}}return {user:{id:n._id,handle:n.handle,roles:n.roles||[],firstName:n.firstName??void 0,lastName:n.lastName??void 0,avatarUrl:n.avatarUrl??void 0}}}var Ke=["google","github"];async function Xt({provider:t},{user:e}){if(!e)throw new Error("You must be signed in to unlink a provider.");if(typeof t!="string"||!Ke.includes(t))throw new Error(`Invalid provider. Supported providers are: ${Ke.join(", ")}.`);let n=await m.requireById(e.id),r=n.authMethods??{};if(!r[t])throw new Error(`${t} is not linked to your account.`);if(Object.values(r).filter(Boolean).length<=1)throw new Error("Cannot unlink your only authentication method. Please add another method first.");let s=Object.keys(r).filter(d=>d!==t&&r[d]),a=s.length>0?{$or:s.map(d=>({[`authMethods.${d}`]:{$exists:true}}))}:{};if((await m.updateOne({_id:n._id,...a},{$unset:{[`authMethods.${t}`]:""}})).matchedCount===0)throw new Error("Cannot unlink your only authentication method. Please add another method first.")}var pe=new C("_modelenceRateLimits",{schema:{bucket:u.string(),type:u.enum(["ip","user","email"]),value:u.string(),windowMs:u.number(),windowStart:u.date(),windowCount:u.number(),prevWindowCount:u.number(),expiresAt:u.date()},indexes:[{key:{bucket:1,type:1,value:1,windowMs:1},unique:true},{key:{expiresAt:1},expireAfterSeconds:0}]});var Qe=[];function en(t){if(Qe.length>0)throw new Error("Duplicate call to initRateLimits - already initialized");Qe=t;}async function _(t){let{bucket:e,type:n,value:r,message:o}=t,i=Qe.filter(a=>a.bucket===e&&a.type===n),s=o?()=>new d(o):void 0;for(let a of i)await br(a,r,s);}async function br(t,e,n){let r=()=>n?n():new d(`Rate limit exceeded for ${t.bucket}`),o=await pe.findOne({bucket:t.bucket,type:t.type,value:e,windowMs:t.window}),i=Date.now(),s=Math.floor(i/t.window)*t.window,{count:a,modifier:c}=o?Sr(o,s,i):{count:0,modifier:{$setOnInsert:{windowStart:new Date(s),windowCount:1,prevWindowCount:0,expiresAt:new Date(s+t.window+t.window)}}};if(a>=t.limit)throw r();await pe.upsertOne({bucket:t.bucket,type:t.type,value:e,windowMs:t.window},c);}function Sr(t,e,n){let r=e-t.windowMs;if(t.windowStart.getTime()===e){let o=t.windowCount,i=t.prevWindowCount,s=1-(n-e)/t.windowMs;return {count:Math.round(o+i*s),modifier:{$inc:{windowCount:1},$setOnInsert:{windowStart:new Date(e),prevWindowCount:0,expiresAt:new Date(e+t.windowMs+t.windowMs)}}}}if(t.windowStart.getTime()===r){let o=1-(n-e)/t.windowMs;return {count:Math.round(t.windowCount*o),modifier:{$set:{windowStart:new Date(e),windowCount:1,prevWindowCount:t.windowCount,expiresAt:new Date(e+t.windowMs+t.windowMs)}}}}return {count:0,modifier:{$set:{windowStart:new Date(e),windowCount:1,prevWindowCount:0,expiresAt:new Date(e+t.windowMs+t.windowMs)}}}}function tn({name:t,email:e,verificationUrl:n}){return `
     <p>Hi${t?` ${t}`:""},</p>
     <p>Please verify your email address ${e} by clicking the link below:</p>
     <p><a href="${n}">${n}</a></p>
     <p>If you did not request this, please ignore this email.</p>
-  `}var Be=Object.freeze({});function Wt(t){Be=Object.freeze(Object.assign({},Be,t));}function x(){return Be}var Te=3,W=50,Gt=t=>z.string().trim().min(t.min??1,{message:`must be at least ${t.min??1} characters`}).max(t.max,{message:`must be at most ${t.max} characters`}),Je=t=>z.string().trim().max(t.max,{message:`must be at most ${t.max} characters`}).transform(e=>e===""?void 0:e).optional(),hr=z.object({firstName:Je({max:50}),lastName:Je({max:50}),avatarUrl:Je({max:400}),handle:Gt({min:Te,max:W})}).strict();function ke(t){let e=hr.partial().safeParse(t);if(!e.success){let n=e.error.issues[0],r=n.path.join("."),o=r?`${r}: ${n.message}`:n.message;throw new Error(o)}return e.data}function Oe(t){return z.string().min(8,{message:"Password must contain at least 8 characters"}).parse(t)}function j(t){return z.string().email({message:"Invalid email address"}).parse(t).toLowerCase()}function Zt(t){return Gt({min:Te,max:W}).parse(t)}var pe=new C("_modelenceRateLimits",{schema:{bucket:u.string(),type:u.enum(["ip","user","email"]),value:u.string(),windowMs:u.number(),windowStart:u.date(),windowCount:u.number(),prevWindowCount:u.number(),expiresAt:u.date()},indexes:[{key:{bucket:1,type:1,value:1,windowMs:1},unique:true},{key:{expiresAt:1},expireAfterSeconds:0}]});var Ke=[];function Bt(t){if(Ke.length>0)throw new Error("Duplicate call to initRateLimits - already initialized");Ke=t;}async function O(t){let{bucket:e,type:n,value:r,message:o}=t,i=Ke.filter(a=>a.bucket===e&&a.type===n),s=o?()=>new d(o):void 0;for(let a of i)await gr(a,r,s);}async function gr(t,e,n){let r=()=>n?n():new d(`Rate limit exceeded for ${t.bucket}`),o=await pe.findOne({bucket:t.bucket,type:t.type,value:e,windowMs:t.window}),i=Date.now(),s=Math.floor(i/t.window)*t.window,{count:a,modifier:c}=o?yr(o,s,i):{count:0,modifier:{$setOnInsert:{windowStart:new Date(s),windowCount:1,prevWindowCount:0,expiresAt:new Date(s+t.window+t.window)}}};if(a>=t.limit)throw r();await pe.upsertOne({bucket:t.bucket,type:t.type,value:e,windowMs:t.window},c);}function yr(t,e,n){let r=e-t.windowMs;if(t.windowStart.getTime()===e){let o=t.windowCount,i=t.prevWindowCount,s=1-(n-e)/t.windowMs;return {count:Math.round(o+i*s),modifier:{$inc:{windowCount:1},$setOnInsert:{windowStart:new Date(e),prevWindowCount:0,expiresAt:new Date(e+t.windowMs+t.windowMs)}}}}if(t.windowStart.getTime()===r){let o=1-(n-e)/t.windowMs;return {count:Math.round(t.windowCount*o),modifier:{$set:{windowStart:new Date(e),windowCount:1,prevWindowCount:t.windowCount,expiresAt:new Date(e+t.windowMs+t.windowMs)}}}}return {count:0,modifier:{$set:{windowStart:new Date(e),windowCount:1,prevWindowCount:0,expiresAt:new Date(e+t.windowMs+t.windowMs)}}}}async function Jt(t){let e=a$1("_system.site.url"),n=S().verification?.redirectUrl||S().emailVerifiedRedirectUrl||e||"/";try{let r=z.string().parse(t.query.token),o=await L.findOne({token:r,expiresAt:{$gt:new Date}});if(!o)throw new Error("Invalid or expired verification token");if(!await m.findOne({_id:o.userId}))throw new Error("User not found");let s=o.email;if(!s)throw new Error("Email not found in token");if((await m.updateOne({_id:o.userId,"emails.address":s,"emails.verified":{$ne:!0}},{$set:{"emails.$.verified":!0}})).matchedCount===0)throw await m.findOne({_id:o.userId,"emails.address":s})?new Error("Email is already verified"):new Error("Email address not found for this user");await L.deleteOne({_id:o._id}),x().onAfterEmailVerification?.({provider:"email",user:await m.findOne({"emails.address":o?.email}),session:null,connectionInfo:{baseUrl:e,ip:t.req.ip||t.req.socket.remoteAddress,userAgent:t.headers["user-agent"],acceptLanguage:t.headers["accept-language"],referrer:t.headers.referer}});}catch(r){if(r instanceof Error)return x().onEmailVerificationError?.({provider:"email",error:r,session:null,connectionInfo:{baseUrl:e,ip:t.req.ip||t.req.socket.remoteAddress,userAgent:t.headers["user-agent"],acceptLanguage:t.headers["accept-language"],referrer:t.headers.referer}}),console.error("Error verifying email:",r),{status:301,redirect:`${n}?status=error&message=${encodeURIComponent(r.message)}`}}return {status:301,redirect:`${n}?status=verified`}}async function me({userId:t,email:e,baseUrl:n=a$1("_system.site.url")}){if(S().provider){let r=S().provider,o=randomBytes(32).toString("hex"),i=new Date(Date.now()+a.hours(24));await L.insertOne({userId:t,email:e,token:o,createdAt:new Date,expiresAt:i});let s=`${n}/api/_internal/auth/verify-email?token=${o}`,c=(S()?.verification?.template||Vt)({name:"",email:e,verificationUrl:s}),d=Ce(c);await r?.sendEmail({to:e,from:S()?.from||"noreply@modelence.com",subject:S()?.verification?.subject||"Verify your email address",text:d,html:c});}}var Qe={success:true,message:"If that email is registered and not yet verified, a verification email has been sent"};async function Kt(t,{connectionInfo:e}){let n=j(t.email),r=await m.findOne({"emails.address":n,status:{$nin:["deleted","disabled"]}},{collation:{locale:"en",strength:2}});if(!r)return Qe;let o=r.emails?.find(i=>i.address.toLowerCase()===n);if(!o||o.verified)return Qe;if(!S().provider)throw new Error("Email provider is not configured");return await O({bucket:"verification",type:"user",value:r._id.toString(),message:"Please wait at least 60 seconds before requesting another verification email"}),await me({userId:r._id,email:n,baseUrl:e?.baseUrl}),Qe}async function Yt(t,{user:e,session:n,connectionInfo:r}){try{if(!n)throw new Error("Session is not initialized");let o=r?.ip;o&&await O({bucket:"signin",type:"ip",value:o});let i=j(t.email),s=z.string().parse(t.password),a=await m.findOne({"emails.address":i,status:{$nin:["deleted","disabled"]}},{collation:{locale:"en",strength:2}}),c=a?.authMethods?.password?.hash;if(!c)throw Qt();if(!a.emails?.find(l=>l.address.toLowerCase()===i)?.verified&&S()?.provider){if(o)try{await O({bucket:"verification",type:"user",value:a._id.toString()});}catch{throw new Error("Your email address hasn't been verified yet. Please use the verification email we've send earlier to your inbox.")}throw await me({userId:a?._id,email:i,baseUrl:r?.baseUrl}),new Error("Your email address hasn't been verified yet. We've sent a new verification email to your inbox.")}if(!await Sr.compare(s,c))throw Qt();return await kt(n.authToken,a._id),x().onAfterLogin?.({provider:"email",user:a,session:n,connectionInfo:r}),x().login?.onSuccess?.(a),{user:{id:a._id,handle:a.handle,roles:a.roles||[],firstName:a.firstName??void 0,lastName:a.lastName??void 0,avatarUrl:a.avatarUrl??void 0}}}catch(o){throw o instanceof Error&&(x().onLoginError?.({provider:"email",error:o,session:n,connectionInfo:r}),x().login?.onError?.(o)),o}}async function Xt(t,{session:e}){if(!e)throw new Error("Session is not initialized");await Ot(e.authToken);}function Qt(){return new Error("Incorrect email/password combination")}async function en(t,{user:e}){if(!e)throw new Error("Not authenticated");let n=await m.requireById(e.id);return {handle:n.handle,emails:n.emails,authMethods:Object.keys(n.authMethods||{}),firstName:n.firstName??void 0,lastName:n.lastName??void 0,avatarUrl:n.avatarUrl??void 0}}async function tn(t,{user:e}){if(!e)throw new Error("Not authenticated");let n=await m.requireById(e.id),r=ke(t);if(await x().validateProfileUpdate?.(r),"handle"in r&&r.handle!==void 0&&await m.findOne({handle:r.handle,_id:{$ne:n._id}},{collation:{locale:"en",strength:2}}))throw new Error("Handle already taken.");if(Object.keys(r).length>0){let o={},i={};for(let[a,c]of Object.entries(r))c===void 0?i[a]="":o[a]=c;let s={};Object.keys(o).length>0&&(s.$set=o),Object.keys(i).length>0&&(s.$unset=i);try{await m.updateOne({_id:n._id},s);let a=Object.fromEntries(Object.keys(i).map(c=>[c,void 0]));n={...n,...o,...a};}catch(a){throw a instanceof Error&&"code"in a&&a.code===11e3?new Error("Handle already taken."):a}}return {user:{id:n._id,handle:n.handle,roles:n.roles||[],firstName:n.firstName??void 0,lastName:n.lastName??void 0,avatarUrl:n.avatarUrl??void 0}}}var Ye=["google","github"];async function nn({provider:t},{user:e}){if(!e)throw new Error("You must be signed in to unlink a provider.");if(typeof t!="string"||!Ye.includes(t))throw new Error(`Invalid provider. Supported providers are: ${Ye.join(", ")}.`);let n=await m.requireById(e.id),r=n.authMethods??{};if(!r[t])throw new Error(`${t} is not linked to your account.`);if(Object.values(r).filter(Boolean).length<=1)throw new Error("Cannot unlink your only authentication method. Please add another method first.");let s=Object.keys(r).filter(d=>d!==t&&r[d]),a=s.length>0?{$or:s.map(d=>({[`authMethods.${d}`]:{$exists:true}}))}:{};if((await m.updateOne({_id:n._id,...a},{$unset:{[`authMethods.${t}`]:""}})).matchedCount===0)throw new Error("Cannot unlink your only authentication method. Please add another method first.")}async function rn(t){let e=t.slice(0,W);try{if(!await m.findOne({handle:e},{collation:{locale:"en",strength:2}}))return e}catch(o){throw new Error(`Database error while checking handle availability: ${o}`)}let n=51;for(let o=2;o<=n;o++){let i=`_${o}`,s=`${e.slice(0,W-i.length)}${i}`;try{if(!await m.findOne({handle:s},{collation:{locale:"en",strength:2}}))return s}catch(a){throw new Error(`Database error while checking handle "${s}": ${a}`)}}let r=10;for(let o=0;o<r;o++){let i=`_${randomBytes(3).toString("hex")}`,s=`${e.slice(0,W-i.length)}${i}`;try{if(!await m.findOne({handle:s},{collation:{locale:"en",strength:2}}))return s}catch(a){throw new Error(`Database error while checking handle "${s}": ${a}`)}}throw new Error(`Could not generate a unique handle for base "${t}" after exhausting all attempts.`)}async function G(t,e,{throwOnConflict:n=true}={}){if(t!=null&&String(t).trim()!==""){let o=Zt(String(t).trim());if(n){if(await m.findOne({handle:o},{collation:{locale:"en",strength:2}}))throw new Error("Handle already taken.");return o}return rn(o)}let r=e.split("@")[0].padEnd(Te,"_").slice(0,W);return rn(r)}async function on(t,{user:e,session:n,connectionInfo:r}){let o=x();try{let i=t,{firstName:s,lastName:a,avatarUrl:c,handle:d}=i,p=j(i.email),l=Oe(i.password),h=r?.ip;if(h&&await O({bucket:"signupAttempt",type:"ip",value:h}),await qt(p))throw new Error("Please use a permanent email address");let w=await m.findOne({"emails.address":p},{collation:{locale:"en",strength:2}});if(w){let M=w.emails?.find(z=>z.address.toLowerCase()===p);throw w.status==="disabled"?new Error("User is marked for deletion, please contact support if you want to restore the account."):new Error(`User with email already exists: ${M?.address}`)}h&&await O({bucket:"signup",type:"ip",value:h});let y=ke({firstName:s,lastName:a,avatarUrl:c,handle:d});await o.validateSignup?.({email:p,password:l,...y});let T;if(y.handle)T=await G(y.handle,p);else if(o.generateHandle){let M=await o.generateHandle({email:p,firstName:y.firstName,lastName:y.lastName});T=await G(M,p,{throwOnConflict:!1});}else T=await G(void 0,p);let Q=await Sr.hash(l,10),k=await m.insertOne({handle:T,status:"active",emails:[{address:p,verified:!1}],createdAt:new Date,authMethods:{password:{hash:Q}},...y.firstName!==void 0&&{firstName:y.firstName},...y.lastName!==void 0&&{lastName:y.lastName},...y.avatarUrl!==void 0&&{avatarUrl:y.avatarUrl}}),R=await m.findOne({_id:k.insertedId},{readPreference:"primary"});if(!R)throw new Error("User not found");return await me({userId:k?.insertedId,email:p,baseUrl:r?.baseUrl}),o.onAfterSignup?.({provider:"email",user:R,session:n,connectionInfo:r}),o.signup?.onSuccess?.(R),k.insertedId}catch(i){throw i instanceof Error&&(o.onSignupError?.({provider:"email",error:i,session:n,connectionInfo:r}),o.signup?.onError?.(i)),i}}function Or(t,e){return e?e.startsWith("http://")||e.startsWith("https://")?e:`${t}${e.startsWith("/")?"":"/"}${e}`:t}function Ar({email:t,resetUrl:e}){return `
+  `}async function nn(t){let e=a$1("_system.site.url"),n=S().verification?.redirectUrl||S().emailVerifiedRedirectUrl||e||"/";try{let r=z.string().parse(t.query.token),o=await L.findOne({token:r,expiresAt:{$gt:new Date}});if(!o)throw new Error("Invalid or expired verification token");if(!await m.findOne({_id:o.userId}))throw new Error("User not found");let s=o.email;if(!s)throw new Error("Email not found in token");if((await m.updateOne({_id:o.userId,"emails.address":s,"emails.verified":{$ne:!0}},{$set:{"emails.$.verified":!0}})).matchedCount===0)throw await m.findOne({_id:o.userId,"emails.address":s})?new Error("Email is already verified"):new Error("Email address not found for this user");await L.deleteOne({_id:o._id}),x().onAfterEmailVerification?.({provider:"email",user:await m.findOne({"emails.address":o?.email}),session:null,connectionInfo:{baseUrl:e,ip:t.req.ip||t.req.socket.remoteAddress,userAgent:t.headers["user-agent"],acceptLanguage:t.headers["accept-language"],referrer:t.headers.referer}});}catch(r){if(r instanceof Error)return x().onEmailVerificationError?.({provider:"email",error:r,session:null,connectionInfo:{baseUrl:e,ip:t.req.ip||t.req.socket.remoteAddress,userAgent:t.headers["user-agent"],acceptLanguage:t.headers["accept-language"],referrer:t.headers.referer}}),console.error("Error verifying email:",r),{status:301,redirect:`${n}?status=error&message=${encodeURIComponent(r.message)}`}}return {status:301,redirect:`${n}?status=verified`}}async function Xe({userId:t,email:e,baseUrl:n=a$1("_system.site.url")}){if(S().provider){let r=S().provider,o=randomBytes(32).toString("hex"),i=new Date(Date.now()+a.hours(24));await L.insertOne({userId:t,email:e,token:o,createdAt:new Date,expiresAt:i});let s=`${n}/api/_internal/auth/verify-email?token=${o}`,c=(S()?.verification?.template||tn)({name:"",email:e,verificationUrl:s}),d=Ce(c);await r?.sendEmail({to:e,from:S()?.from||"noreply@modelence.com",subject:S()?.verification?.subject||"Verify your email address",text:d,html:c});}}var Ye={success:true,message:"If that email is registered and not yet verified, a verification email has been sent"};async function rn(t,{connectionInfo:e}){let n=j(t.email),r=await m.findOne({"emails.address":n,status:{$nin:["deleted","disabled"]}},{collation:{locale:"en",strength:2}});if(!r)return Ye;let o=r.emails?.find(i=>i.address.toLowerCase()===n);if(!o||o.verified)return Ye;if(!S().provider)throw new Error("Email provider is not configured");return await _({bucket:"verification",type:"user",value:r._id.toString(),message:"Please wait at least 60 seconds before requesting another verification email"}),await Xe({userId:r._id,email:n,baseUrl:e?.baseUrl}),Ye}async function on(t){let e=t.slice(0,W);try{if(!await m.findOne({handle:e},{collation:{locale:"en",strength:2}}))return e}catch(o){throw new Error(`Database error while checking handle availability: ${o}`)}let n=51;for(let o=2;o<=n;o++){let i=`_${o}`,s=`${e.slice(0,W-i.length)}${i}`;try{if(!await m.findOne({handle:s},{collation:{locale:"en",strength:2}}))return s}catch(a){throw new Error(`Database error while checking handle "${s}": ${a}`)}}let r=10;for(let o=0;o<r;o++){let i=`_${randomBytes(3).toString("hex")}`,s=`${e.slice(0,W-i.length)}${i}`;try{if(!await m.findOne({handle:s},{collation:{locale:"en",strength:2}}))return s}catch(a){throw new Error(`Database error while checking handle "${s}": ${a}`)}}throw new Error(`Could not generate a unique handle for base "${t}" after exhausting all attempts.`)}async function G(t,e,{throwOnConflict:n=true}={}){if(t!=null&&String(t).trim()!==""){let o=Gt(String(t).trim());if(n){if(await m.findOne({handle:o},{collation:{locale:"en",strength:2}}))throw new Error("Handle already taken.");return o}return on(o)}let r=e.split("@")[0].padEnd(Te,"_").slice(0,W);return on(r)}async function sn(t,{user:e,session:n,connectionInfo:r}){let o=x();try{let i=t,{firstName:s,lastName:a,avatarUrl:c,handle:d}=i,p=j(i.email),l=Oe(i.password),h=r?.ip;if(h&&await _({bucket:"signupAttempt",type:"ip",value:h}),await qt(p))throw new Error("Please use a permanent email address");let w=await m.findOne({"emails.address":p},{collation:{locale:"en",strength:2}});if(w){let M=w.emails?.find(q=>q.address.toLowerCase()===p);throw w.status==="disabled"?new Error("User is marked for deletion, please contact support if you want to restore the account."):new Error(`User with email already exists: ${M?.address}`)}h&&await _({bucket:"signup",type:"ip",value:h});let y=ke({firstName:s,lastName:a,avatarUrl:c,handle:d});await o.validateSignup?.({email:p,password:l,...y});let T;if(y.handle)T=await G(y.handle,p);else if(o.generateHandle){let M=await o.generateHandle({email:p,firstName:y.firstName,lastName:y.lastName});T=await G(M,p,{throwOnConflict:!1});}else T=await G(void 0,p);let Q=await yr.hash(l,10),k=await m.insertOne({handle:T,status:"active",emails:[{address:p,verified:!1}],createdAt:new Date,authMethods:{password:{hash:Q}},...y.firstName!==void 0&&{firstName:y.firstName},...y.lastName!==void 0&&{lastName:y.lastName},...y.avatarUrl!==void 0&&{avatarUrl:y.avatarUrl}}),R=await m.findOne({_id:k.insertedId},{readPreference:"primary"});if(!R)throw new Error("User not found");return await Xe({userId:k?.insertedId,email:p,baseUrl:r?.baseUrl}),o.onAfterSignup?.({provider:"email",user:R,session:n,connectionInfo:r}),o.signup?.onSuccess?.(R),k.insertedId}catch(i){throw i instanceof Error&&(o.onSignupError?.({provider:"email",error:i,session:n,connectionInfo:r}),o.signup?.onError?.(i)),i}}function Ar(t,e){return e?e.startsWith("http://")||e.startsWith("https://")?e:`${t}${e.startsWith("/")?"":"/"}${e}`:t}function _r({email:t,resetUrl:e}){return `
     <p>Hi,</p>
     <p>We received a request to reset your password for ${t}.</p>
     <p>Click the link below to reset your password:</p>
     <p><a href="${e}">${e}</a></p>
     <p>This link will expire in 1 hour.</p>
     <p>If you did not request this password reset, please ignore this email.</p>
-  `}var Xe={success:true,message:"If an account with that email exists, a password reset link has been sent"};async function sn(t,{connectionInfo:e}){let n=j(t.email),r=e?.ip;r&&await O({bucket:"passwordReset",type:"ip",value:r}),await O({bucket:"passwordReset",type:"email",value:n});let o=await m.findOne({"emails.address":n,status:{$nin:["deleted","disabled"]}},{collation:{locale:"en",strength:2}});if(!o||!o.authMethods?.password)return Xe;let i=S().provider;if(!i)throw new Error("Email provider is not configured");let s=randomBytes(32).toString("hex"),a$2=Date.now(),c=new Date(a$2),d=new Date(a$2+a.hours(1));await I.insertOne({userId:o._id,token:s,createdAt:c,expiresAt:d});let p=a$1("_system.site.url")||e?.baseUrl,h=`${Or(p,S().passwordReset?.redirectUrl)}?token=${s}`,y=(S()?.passwordReset?.template||Ar)({email:n,resetUrl:h,name:""}),T=Ce(y);return await i.sendEmail({to:n,from:S()?.from||"noreply@modelence.com",subject:S()?.passwordReset?.subject||"Reset your password",text:T,html:y}),Xe}async function an(t,{}){let e=z.string().parse(t.token),n=Oe(t.password),r=await I.findOne({token:e});if(!r)throw new Error("Invalid or expired reset token");if(r.expiresAt<new Date)throw await I.deleteOne({token:e}),new Error("Reset token has expired");let o=await m.findOne({_id:r.userId});if(!o)throw new Error("User not found");let i=await Sr.hash(n,10);return await m.updateOne({_id:o._id},{$set:{"authMethods.password.hash":i}}),await I.deleteOne({token:e}),{success:true,message:"Password has been reset successfully"}}var cn=new v("_system.user",{stores:[m,ae,L,I],queries:{getOwnProfile:en},mutations:{signupWithPassword:on,loginWithPassword:Yt,logout:Xt,resendEmailVerification:Kt,sendResetPasswordToken:sn,resetPassword:an,updateProfile:tn,unlinkOAuthProvider:nn},cronJobs:{updateDisposableEmailList:zt},rateLimits:[{bucket:"signup",type:"ip",window:a.minutes(15),limit:20},{bucket:"signup",type:"ip",window:a.days(1),limit:200},{bucket:"signupAttempt",type:"ip",window:a.minutes(15),limit:50},{bucket:"signupAttempt",type:"ip",window:a.days(1),limit:500},{bucket:"signin",type:"ip",window:a.minutes(15),limit:50},{bucket:"signin",type:"ip",window:a.days(1),limit:500},{bucket:"verification",type:"user",window:a.seconds(60),limit:1},{bucket:"verification",type:"user",window:a.days(1),limit:10},{bucket:"passwordReset",type:"ip",window:a.minutes(15),limit:10},{bucket:"passwordReset",type:"ip",window:a.days(1),limit:100},{bucket:"passwordReset",type:"email",window:a.hours(1),limit:5},{bucket:"passwordReset",type:"email",window:a.days(1),limit:10}],configSchema:{"auth.email.enabled":{type:"boolean",isPublic:true,default:true},"auth.email.from":{type:"string",isPublic:false,default:""},"auth.email.verification":{type:"boolean",isPublic:true,default:false},"auth.google.enabled":{type:"boolean",isPublic:true,default:false},"auth.google.clientId":{type:"string",isPublic:false,default:""},"auth.google.clientSecret":{type:"secret",isPublic:false,default:""},"auth.github.enabled":{type:"boolean",isPublic:true,default:false},"auth.github.clientId":{type:"string",isPublic:false,default:""},"auth.github.clientSecret":{type:"secret",isPublic:false,default:""}},routes:[{path:"/api/_internal/auth/verify-email",handlers:{get:Jt}}]});var _r={withoutRemoteServer:{MONGODB_URI:"_system.mongodbUri",MONGODB_POOL_SIZE:"_system.mongodbPoolSize",MODELENCE_AUTH_GOOGLE_ENABLED:"_system.user.auth.google.enabled",MODELENCE_AUTH_GOOGLE_CLIENT_ID:"_system.user.auth.google.clientId",MODELENCE_AUTH_GOOGLE_CLIENT_SECRET:"_system.user.auth.google.clientSecret",MODELENCE_AUTH_GITHUB_ENABLED:"_system.user.auth.github.enabled",MODELENCE_AUTH_GITHUB_CLIENT_ID:"_system.user.auth.github.clientId",MODELENCE_AUTH_GITHUB_CLIENT_SECRET:"_system.user.auth.github.clientSecret",MODELENCE_AUTH_GITHUB_CLIENT_SCOPES:"_system.user.auth.github.scopes",MODELENCE_EMAIL_RESEND_API_KEY:"_system.email.resend.apiKey",MODELENCE_EMAIL_AWS_SES_REGION:"_system.email.awsSes.region",MODELENCE_EMAIL_AWS_SES_ACCESS_KEY_ID:"_system.email.awsSes.accessKeyId",MODELENCE_EMAIL_AWS_SES_SECRET_ACCESS_KEY:"_system.email.awsSes.secretAccessKey",MODELENCE_EMAIL_SMTP_HOST:"_system.email.smtp.host",MODELENCE_EMAIL_SMTP_PORT:"_system.email.smtp.port",MODELENCE_EMAIL_SMTP_USER:"_system.email.smtp.user",MODELENCE_EMAIL_SMTP_PASS:"_system.email.smtp.pass",MODELENCE_SITE_URL:"_system.site.url",MODELENCE_ENV_TYPE:"_system.env.type",MODELENCE_ENV:"_system.env",GOOGLE_AUTH_ENABLED:"_system.user.auth.google.enabled",GOOGLE_AUTH_CLIENT_ID:"_system.user.auth.google.clientId",GOOGLE_AUTH_CLIENT_SECRET:"_system.user.auth.google.clientSecret"},withRemoteServer:{MODELENCE_SITE_URL:"_system.site.url"}};function Rr(t,e){if(e==="number"){let n=Number(t);if(isNaN(n))throw new Error(`Invalid number value for config: ${t}`);return n}if(e==="boolean"){if(t.toLowerCase()==="true")return  true;if(t.toLowerCase()==="false")return  false;throw new Error(`Invalid boolean value for config: ${t}`)}return t}function Mr(t,e){let n=[];for(let[r,o]of Object.entries(t)){let i=process.env[r],s=e[o];if(i){let a=s?.type??"string";n.push({key:o,type:a,value:Rr(i,a)});}}return n}function Ae(t,e="withoutRemoteServer"){let n=_r[e];return Mr(n,t)}async function ln({configSchema:t,cronJobsMetadata:e,stores:n,roles:r}){let o=process.env.MODELENCE_CONTAINER_ID;if(!o)throw new Error("Unable to connect to Modelence Cloud: MODELENCE_CONTAINER_ID is not set");try{let i=Object.values(n).map(a=>({name:a.getName(),schema:a.getSerializedSchema(),collections:[a.getName()],version:2})),s=await et("/api/connect","POST",{hostname:Ir.hostname(),containerId:o,dataModels:i,configSchema:t,cronJobsMetadata:e,roles:r});if(s.status==="error")throw new Error(s.error);return console.log("Successfully connected to Modelence Cloud"),s}catch(i){throw console.error("Unable to connect to Modelence Cloud:",i),i}}async function dn(){return et("/api/configs","GET")}async function un(){return await et("/api/sync","POST",{containerId:process.env.MODELENCE_CONTAINER_ID})}async function et(t,e,n){return ne(t,e,n?JSON.stringify(n):void 0,n?{"Content-Type":"application/json"}:{})}async function ne(t,e,n,r){let{MODELENCE_SERVICE_ENDPOINT:o,MODELENCE_SERVICE_TOKEN:i}=process.env;if(!o)throw new Error("Unable to connect to Modelence Cloud: MODELENCE_SERVICE_ENDPOINT is not set");let s=await fetch(`${o}${t}`,{method:e,headers:{Authorization:`Bearer ${i}`,...r},body:n});if(!s.ok){let a=await s.text();try{let c=JSON.parse(a);throw new Error(`Unable to connect to Modelence Cloud: HTTP status: ${s.status}, ${c?.error}`)}catch{throw new Error(`Unable to connect to Modelence Cloud: HTTP status: ${s.status}, ${a}`)}}if(!(s.status===204||s.headers?.get("content-length")==="0"))return await s.json()}var tt=false,Dr=a.seconds(10);function pn(){setInterval(async()=>{if(!tt){tt=true;try{await un();}catch(t){console.error("Error syncing status",t);}try{await Pr();}catch(t){console.error("Error syncing config",t);}tt=false;}},Dr);}function nt(t){c(t),c(Ae(d$1(),"withRemoteServer"));}async function Pr(){let{configs:t}=await dn();nt(t);}var Z=new C("_modelenceLocks",{schema:{_id:u.string(),instanceId:u.string(),acquiredAt:u.date(),resource:u.string()},indexes:[{key:{resource:1},unique:true},{key:{resource:1,instanceId:1}},{key:{resource:1,acquiredAt:1}}],indexCreationMode:"blocking"});var B={},mn=a.seconds(10),yn=randomBytes(32).toString("base64url"),Ur=a.seconds(30),re=new Map,rt=t=>t instanceof MongoError&&t.code===11e3,fn=(t,e)=>typeof t.keyPattern=="object"&&t.keyPattern!==null&&Object.prototype.hasOwnProperty.call(t.keyPattern,e),$r=async({error:t,resource:e})=>{if(fn(t,"resource"))return  true;if(fn(t,"_id"))return  false;let n=await Z.findOne({resource:e});return !!n&&n._id!==e},hn=async({resource:t,staleThresholdDate:e,instanceId:n})=>{let r=await Z.upsertOne({_id:t,$or:[{instanceId:n},{acquiredAt:{$lt:e}}]},{$set:{resource:t,instanceId:n,acquiredAt:new Date},$setOnInsert:{_id:t}});return r.upsertedCount>0||r.modifiedCount>0},wn=async({resource:t,instanceId:e,staleThresholdDate:n})=>{let r=n?{resource:t,_id:{$ne:t},$or:[{instanceId:e},{acquiredAt:{$lt:n}}]}:{resource:t,instanceId:e};return (await Z.deleteOne(r)).deletedCount>0},jr=t=>{let e=t,n=re.get(e);n&&(n.stopRequested=true,n.timer&&(clearTimeout(n.timer),n.timer=null),re.delete(e));},gn=({resource:t,lockDuration:e,instanceId:n})=>{let r=Math.floor(e/3),o=t,i$1=re.get(o);if(i$1&&!i$1.stopRequested&&i$1.heartbeatInterval===r&&i$1.lockDuration===e)return;i$1&&(i$1.stopRequested=true,i$1.timer&&(clearTimeout(i$1.timer),i$1.timer=null),re.delete(o));let s={timer:null,stopRequested:false,lockDuration:e,heartbeatInterval:r},a=()=>{s.timer=setTimeout(()=>{J(t,{lockDuration:e,bypassCache:true,instanceId:n}).then(c=>{c||(s.stopRequested=true,i(`Lost lock while refreshing heartbeat: ${t}`,{source:"lock",resource:t,instanceId:n}));}).finally(()=>{if(s.stopRequested){re.delete(o);return}a();});},r);};re.set(o,s),a();};async function J(t,{lockDuration:e=Ur,successfulLockCacheDuration:n=mn,failedLockCacheDuration:r=mn,heartbeat:o,bypassCache:i$1,instanceId:s=yn}={}){let a=Date.now();if(!i$1&&B[t]&&a<B[t].expiresAt)return B[t].value&&o&&gn({resource:t,lockDuration:e,instanceId:s}),B[t].value;let c=new Date(a-e);i(`Attempting to acquire lock: ${t}`,{source:"lock",resource:t,instanceId:s});try{let d=await Fr({resource:t,staleThresholdDate:c,instanceId:s});return B[t]={value:d,expiresAt:a+(d?n:r)},d?(o&&gn({resource:t,lockDuration:e,instanceId:s}),i(`Lock acquired: ${t}`,{source:"lock",resource:t,instanceId:s})):i(`Failed to acquire lock (already held): ${t}`,{source:"lock",resource:t,instanceId:s}),d}catch{return B[t]={value:false,expiresAt:a+r},i(`Failed to acquire lock (already held): ${t}`,{source:"lock",resource:t,instanceId:s}),false}}var Fr=async({resource:t,staleThresholdDate:e,instanceId:n})=>{try{return await hn({resource:t,staleThresholdDate:e,instanceId:n})}catch(r){if(rt(r)&&await $r({error:r,resource:t})){if(!await wn({resource:t,staleThresholdDate:e,instanceId:n}))return  false;try{return await hn({resource:t,staleThresholdDate:e,instanceId:n})}catch(i){if(rt(i))return  false;throw i}}if(rt(r))return  false;throw r}};async function fe(t,{instanceId:e=yn}={}){jr(t);try{let n=await Z.deleteOne({_id:t,instanceId:e});return n.deletedCount===0?await wn({resource:t,instanceId:e}):n.deletedCount>0}catch{return  false}finally{delete B[t];}}var K={},ot=null,it=new C("_modelenceCronJobs",{schema:{alias:u.string(),lastStartDate:u.date().optional()},indexes:[{key:{alias:1},unique:true,background:true}]});function Sn(t,{description:e="",interval:n,timeout:r=Math.min(Math.max(n,a.minutes(1)),a.days(1)),handler:o}){if(K[t])throw new Error(`Duplicate cron job declaration: '${t}' already exists`);if(ot)throw new Error(`Unable to add a cron job - cron jobs have already been initialized: [${t}]`);if(n<a.seconds(5))throw new Error(`Cron job interval should not be less than 5 second [${t}]`);if(r>a.days(1))throw new Error(`Cron job timeout should not be longer than 1 day [${t}]`);K[t]={alias:t,params:{description:e,interval:n,timeout:r},handler:o,state:{isRunning:false}};}async function vn(){if(ot)throw new Error("Cron jobs already started");let t=Object.keys(K);if(t.length>0){let e={alias:{$in:t}},n=await it.fetch(e),r=Date.now();n.forEach(o=>{let i=K[o.alias];i&&(i.state.scheduledRunTs=o.lastStartDate?o.lastStartDate.getTime()+i.params.interval:r);}),Object.values(K).forEach(o=>{o.state.scheduledRunTs||(o.state.scheduledRunTs=r);}),ot=setInterval(qr,a.seconds(1));}}async function qr(){let t=Date.now();await J("cron",{successfulLockCacheDuration:a.seconds(10),failedLockCacheDuration:a.seconds(30)})&&Object.values(K).forEach(async n=>{let{params:r,state:o}=n;if(o.isRunning){o.startTs&&o.startTs+r.timeout<t&&(o.isRunning=false);return}o.scheduledRunTs&&o.scheduledRunTs<=t&&await zr(n);});}async function zr(t){let{alias:e,params:n,handler:r,state:o}=t;o.isRunning=true,o.startTs=Date.now(),await it.updateOne({alias:e},{$set:{lastStartDate:new Date(o.startTs)}});let i=l("cron",`cron:${e}`);try{await r(),bn(o,n),i.end("success");}catch(s){bn(o,n);let a=s instanceof Error?s:new Error(String(s));m$1(a),i.end("error"),console.error(`Error in cron job '${e}':`,s);}}function bn(t,e){t.scheduledRunTs=t.startTs?t.startTs+e.interval:Date.now(),t.startTs=void 0,t.isRunning=false;}function Cn(){return Object.values(K).map(({alias:t,params:e})=>({alias:t,description:e.description,interval:e.interval,timeout:e.timeout}))}var xn=new v("_system.cron",{stores:[it]});var st=new v("_system.lock",{stores:[Z]});var he=new C("_modelenceMigrations",{schema:{version:u.number(),status:u.enum(["completed","failed"]),description:u.string().optional(),output:u.string().optional(),appliedAt:u.date()},indexes:[{key:{version:1},unique:true},{key:{version:1,status:1}}]});async function Hr(t){if(t.length===0)return;if(!await J("migrations")){j$1("Another instance is running migrations. Skipping migration run.",{source:"migrations"});return}try{let n=t.map(({version:s})=>s),r=await he.fetch({version:{$in:n}}),o=new Set(r.map(({version:s})=>s)),i=t.filter(({version:s})=>!o.has(s));if(i.length===0)return;j$1(`Running migrations (${i.length})...`,{source:"migrations"});for(let{version:s,description:a,handler:c}of i){j$1(`Running migration v${s}: ${a}`,{source:"migrations"});try{let p=(await c()||"").toString().trim(),l=15*1024*1024,h=p.length>l?p.slice(0,l)+`
-[Output truncated - exceeded size limit]`:p;await he.upsertOne({version:s},{$set:{version:s,status:"completed",description:a,output:h,appliedAt:new Date}}),j$1(`Migration v${s} complete`,{source:"migrations"});}catch(d){d instanceof Error&&(await he.upsertOne({version:s},{$set:{version:s,status:"failed",description:a,output:d.message||"",appliedAt:new Date}}),j$1(`Migration v${s} is failed: ${d.message}`,{source:"migrations"}));}}}finally{await fe("migrations");}}function En(t){setTimeout(()=>{Hr(t).catch(e=>{console.error("Error running migrations:",e);});},0);}var Tn=new v("_system.migration",{stores:[he]});var kn=new v("_system.rateLimit",{stores:[pe]});async function On({filePath:t,contentType:e,visibility:n}){return await ne("/api/files/upload","POST",JSON.stringify({filePath:t,contentType:e,visibility:n}),{"Content-Type":"application/json"})}async function An(t){await ne("/api/files/delete","POST",JSON.stringify({filePath:t}),{"Content-Type":"application/json"});}async function _n(t){return await ne("/api/files/download","POST",JSON.stringify({filePath:t}),{"Content-Type":"application/json"})}async function Rn(t){return await ne("/api/files/url","POST",JSON.stringify({filePath:t}),{"Content-Type":"application/json"})}var Mn=new v("_system.files",{queries:{async downloadFile({filePath:t}){return _n(t)},async getFileUrl({filePath:t}){return Rn(t)}},mutations:{async getUploadUrl({filePath:t,contentType:e,visibility:n}){return On({filePath:t,contentType:e,visibility:n})},async deleteFile({filePath:t}){return An(t)}}});var ct=class{async init(){this.config=await Yr(),this.isDev()&&(console.log("Starting Vite dev server..."),this.viteServer=await createServer(this.config));}middlewares(){if(this.isDev())return this.viteServer?.middlewares??[];let e=[q.static("./.modelence/build/client".replace(/\\/g,"/"))];return this.config?.publicDir&&e.push(q.static(this.config.publicDir)),e}handler(e,n){if(this.isDev())try{n.setHeader("Cache-Control","no-store"),n.sendFile("index.html",{root:"./src/client"});}catch(r){console.error("Error serving index.html:",r),n.status(500).send("Internal Server Error");}else n.sendFile("index.html",{root:"./.modelence/build/client".replace(/\\/g,"/")});}isDev(){return process.env.NODE_ENV!=="production"}};async function Kr(){let t=process.cwd();try{return (await loadConfigFromFile({command:"serve",mode:"development"},void 0,t))?.config||{}}catch(e){return console.warn("Could not load vite config:",e),{}}}function Qr(t,e){let n=mergeConfig(t,e);if(n.plugins&&Array.isArray(n.plugins)){let r=new Set;n.plugins=n.plugins.flat().filter(o=>{if(!o||typeof o!="object"||Array.isArray(o))return  true;let i=o.name;return !i||r.has(i)?false:(r.add(i),true)}).reverse(),n.plugins.reverse();}return n}async function Yr(){let t=process.cwd(),e=await Kr(),n=[".eslintrc.js",".eslintrc.json",".eslintrc","eslint.config.js",".eslintrc.yml",".eslintrc.yaml"].find(i=>Jr.existsSync(at.join(t,i))),r=[Br(),Xr()];if(n){let i=(await import('vite-plugin-eslint')).default;r.push(i({failOnError:false,include:["src/**/*.js","src/**/*.jsx","src/**/*.ts","src/**/*.tsx"],cwd:t,overrideConfigFile:at.resolve(t,n)}));}let o=defineConfig({plugins:r,build:{outDir:".modelence/build/client".replace(/\\/g,"/"),emptyOutDir:true},server:{middlewareMode:true},root:"./src/client",resolve:{alias:{"@":at.resolve(t,"src").replace(/\\/g,"/")}}});return Qr(o,e)}function Xr(){return {name:"modelence-asset-handler",async transform(t,e){if(/\.(png|jpe?g|gif|svg|mpwebm|ogg|mp3|wav|flac|aac)$/.test(e))return process.env.NODE_ENV==="development",t}}}var Dn=new ct;async function lt(t,e){let{authToken:n}=await qe(e);t.cookie("authToken",n,{httpOnly:true,secure:process.env.NODE_ENV==="production",sameSite:"strict",path:"/"}),t.status(302),t.redirect("/");}async function to(t,e,n,r,o){let i=x();try{if(n.status==="disabled"||n.status==="deleted"){t.status(400).json({error:"User account is not active."});return}let s={};n.firstName===void 0&&e.firstName&&(s.firstName=e.firstName),n.lastName===void 0&&e.lastName&&(s.lastName=e.lastName),n.avatarUrl===void 0&&e.avatarUrl&&(s.avatarUrl=e.avatarUrl);let a=n;Object.keys(s).length>0&&(await m.updateOne({_id:n._id},{$set:s}),a={...n,...s}),await lt(t,n._id),i.onAfterLogin?.({provider:e.providerName,user:a,session:r,connectionInfo:o}),i.login?.onSuccess?.(a);}catch(s){throw s instanceof Error&&(i.login?.onError?.(s),i.onLoginError?.({provider:e.providerName,error:s,session:r,connectionInfo:o})),s}}async function no(t,e,n,r,o){let i=x();if((i.oauthAccountLinking??"manual")==="auto"&&e.emailVerified){if(n.status==="disabled"||n.status==="deleted"){t.status(400).json({error:"User account is not active."});return}if(!n.emails?.find(c=>c.address.toLowerCase()===e.email.toLowerCase())?.verified){t.status(400).json({error:"User with this email already exists. Please log in instead."});return}try{let c={...n.firstName===void 0&&e.firstName&&{firstName:e.firstName},...n.lastName===void 0&&e.lastName&&{lastName:e.lastName},...n.avatarUrl===void 0&&e.avatarUrl&&{avatarUrl:e.avatarUrl}};if(!((await m.updateOne({_id:n._id,status:{$nin:["deleted","disabled"]},$or:[{[`authMethods.${e.providerName}.id`]:{$exists:!1}},{[`authMethods.${e.providerName}.id`]:e.id}]},{$set:{[`authMethods.${e.providerName}.id`]:e.id,...c}})).matchedCount>0)){t.status(400).json({error:"User with this email already exists. Please log in instead."});return}await lt(t,n._id);let l={...n,...c,authMethods:{...n.authMethods,[e.providerName]:{id:e.id}}};i.onAfterLogin?.({provider:e.providerName,user:l,session:r,connectionInfo:o}),i.login?.onSuccess?.(l);return}catch(c){throw c instanceof Error&&(i.login?.onError?.(c),i.onLoginError?.({provider:e.providerName,error:c,session:r,connectionInfo:o})),c}}t.status(400).json({error:"User with this email already exists. Please log in instead."});}async function ro(t,e,n,r){let o=x();try{let i;if(o.generateHandle){let d=await o.generateHandle({email:e.email,firstName:e.firstName,lastName:e.lastName});i=await G(d,e.email,{throwOnConflict:!1});}else i=await G(void 0,e.email);let s={handle:i,status:"active",emails:[{address:e.email,verified:e.emailVerified}],createdAt:new Date,authMethods:{[e.providerName]:{id:e.id}},...e.firstName!==void 0&&{firstName:e.firstName},...e.lastName!==void 0&&{lastName:e.lastName},...e.avatarUrl!==void 0&&{avatarUrl:e.avatarUrl}},a=await m.insertOne(s);await lt(t,a.insertedId);let c=await m.findOne({_id:a.insertedId},{readPreference:"primary"});c&&(o.onAfterSignup?.({provider:e.providerName,user:c,session:n,connectionInfo:r}),o.signup?.onSuccess?.(c));}catch(i){throw i instanceof Error&&(o.onSignupError?.({provider:e.providerName,error:i,session:n,connectionInfo:r}),o.signup?.onError?.(i)),i}}function ie(t){return `${a$1("_system.site.url")}/api/_internal/auth/${t}/callback`}async function _e(t,e,n){let r=await m.findOne({[`authMethods.${n.providerName}.id`]:n.id}),{session:o,connectionInfo:i}=await ge(t);if(r)return to(e,n,r,o,i);if(!n.email){e.status(400).json({error:`Email address is required for ${n.providerName} authentication.`});return}let s;try{s=await m.findOne({"emails.address":n.email,status:{$ne:"deleted"}},{collation:{locale:"en",strength:2}});}catch(a){if(a instanceof Error){let c=x();c.onSignupError?.({provider:n.providerName,error:a,session:o,connectionInfo:i}),c.signup?.onError?.(a);}throw a}return s?no(e,n,s,o,i):ro(e,n,o,i)}function A(t){t.cookie("oauthLinkToken","",{httpOnly:true,maxAge:0,path:"/api/_internal/auth/",sameSite:"lax",secure:process.env.NODE_ENV==="production"});}function oe(t){if(t)try{t();}catch(e){console.error("Error executing OAuth hook:",e);}}function Re(t,e,n){let r=t.query.state,o=t.cookies[n],[i,s]=(o||"").split(":");return !r||!o||r!==i?(e.status(400).json({error:"Invalid OAuth state - possible CSRF attack"}),null):(e.clearCookie(n),s||"login")}async function Me(t,e,n){let r=x(),{session:o,connectionInfo:i}=await ge(t);if(!o?.userId){A(e),e.status(401).json({error:"You must be signed in to link a provider."});return}let s=o.userId;try{let a=`authMethods.${n.providerName}.id`;if((await m.updateOne({_id:s,status:{$nin:["deleted","disabled"]},$or:[{[a]:{$exists:!1}},{[a]:n.id}]},{$set:{[a]:n.id}})).matchedCount===0){let p=await m.findOne({_id:s});if(!p||p.status==="deleted"||p.status==="disabled"){oe(()=>r.onOAuthLinkError?.({provider:n.providerName,error:new Error("User account not found or not active"),session:o,connectionInfo:i})),A(e),e.status(400).json({error:"User account is not active."});return}let l=p?.authMethods?.[n.providerName]?.id;if(l&&l!==n.id){oe(()=>r.onOAuthLinkError?.({provider:n.providerName,error:new Error(`User already has a different ${n.providerName} account linked`),session:o,connectionInfo:i})),A(e),e.status(400).json({error:`You have already linked a different ${n.providerName} account.`});return}oe(()=>r.onOAuthLinkError?.({provider:n.providerName,error:new Error(`Unexpected OAuth linking state for ${n.providerName}`),session:o,connectionInfo:i})),A(e),e.status(400).json({error:`Unable to link ${n.providerName} account.`});return}let d=await m.findOne({_id:s},{readPreference:"primary"});d&&oe(()=>r.onAfterOAuthLink?.({provider:n.providerName,user:d,session:o,connectionInfo:i})),A(e),e.status(302).redirect("/");}catch(a){if(a instanceof MongoServerError&&a.code===11e3){oe(()=>r.onOAuthLinkError?.({provider:n.providerName,error:a,session:o,connectionInfo:i})),A(e),e.status(400).json({error:`This ${n.providerName} account is already linked to a different user.`});return}if(a instanceof Error&&oe(()=>r.onOAuthLinkError?.({provider:n.providerName,error:a,session:o,connectionInfo:i})),A(e),!e.headersSent)throw a}}function Ie(t){return !t||typeof t!="string"?null:t}async function so(t,e,n,r){let o=await fetch("https://oauth2.googleapis.com/token",{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded"},body:new URLSearchParams({code:t,client_id:e,client_secret:n,redirect_uri:r,grant_type:"authorization_code"})});if(!o.ok)throw new Error(`Failed to exchange code for token: ${o.statusText}`);return o.json()}async function ao(t){let e=await fetch("https://www.googleapis.com/oauth2/v2/userinfo",{headers:{Authorization:`Bearer ${t}`}});if(!e.ok)throw new Error(`Failed to fetch user info: ${e.statusText}`);return e.json()}async function co(t,e){let n=Ie(t.query.code);if(!n){e.status(400).json({error:"Missing authorization code"});return}let r=Re(t,e,"authStateGoogle");if(!r)return;let o=String(a$1("_system.user.auth.google.clientId")),i=String(a$1("_system.user.auth.google.clientSecret")),s=ie("google");try{let a=await so(n,o,i,s),c=await ao(a.access_token),d={id:c.id,email:c.email,emailVerified:c.verified_email,providerName:"google",firstName:c.given_name||void 0,lastName:c.family_name||void 0,avatarUrl:c.picture||void 0};r==="link"?await Me(t,e,d):await _e(t,e,d);}catch(a){console.error("Google OAuth error:",a),r==="link"&&A(e),e.status(500).json({error:"Authentication failed"});}}function lo(){let t=Router(),e=(n,r,o)=>{let i=!!a$1("_system.user.auth.google.enabled"),s=String(a$1("_system.user.auth.google.clientId")),a=String(a$1("_system.user.auth.google.clientSecret"));if(!i||!s||!a){r.status(503).json({error:"Google authentication is not configured"});return}o();};return t.get("/api/_internal/auth/google",e,(n,r)=>{let o=String(a$1("_system.user.auth.google.clientId")),i=ie("google"),s=randomBytes(32).toString("hex"),a$2=n.query.mode==="link"?"link":"login";r.cookie("authStateGoogle",`${s}:${a$2}`,{httpOnly:true,secure:process.env.NODE_ENV==="production",sameSite:"lax",maxAge:a.minutes(10)});let c=new URL("https://accounts.google.com/o/oauth2/v2/auth");c.searchParams.append("client_id",o),c.searchParams.append("redirect_uri",i),c.searchParams.append("response_type","code"),c.searchParams.append("scope","profile email"),c.searchParams.append("access_type","online"),c.searchParams.append("state",s),r.redirect(c.toString());}),t.get("/api/_internal/auth/google/callback",e,co),t}var Pn=lo;async function mo(t,e,n,r){let o=await fetch("https://github.com/login/oauth/access_token",{method:"POST",headers:{"Content-Type":"application/json",Accept:"application/json"},body:JSON.stringify({client_id:e,client_secret:n,code:t,redirect_uri:r})});if(!o.ok)throw new Error(`Failed to exchange code for token: ${o.statusText}`);return o.json()}async function fo(t){let e=await fetch("https://api.github.com/user",{headers:{Authorization:`Bearer ${t}`,Accept:"application/vnd.github.v3+json"}});if(!e.ok)throw new Error(`Failed to fetch user info: ${e.statusText}`);return e.json()}async function ho(t){let e=await fetch("https://api.github.com/user/emails",{headers:{Authorization:`Bearer ${t}`,Accept:"application/vnd.github.v3+json"}});if(!e.ok)throw new Error(`Failed to fetch user emails: ${e.statusText}`);return e.json()}async function go(t,e){return t.email?t.email:(await ho(e)).find(r=>r.primary&&r.verified)?.email??null}async function yo(t,e){let n=Ie(t.query.code);if(!n){e.status(400).json({error:"Missing authorization code"});return}let r=Re(t,e,"authStateGithub");if(!r)return;let o=String(a$1("_system.user.auth.github.clientId")),i=String(a$1("_system.user.auth.github.clientSecret")),s=ie("github");try{let a=await mo(n,o,i,s),c=await fo(a.access_token),d=await go(c,a.access_token);if(!d){r==="link"&&A(e),e.status(400).json({error:"Unable to retrieve a primary verified email from GitHub. Please ensure your GitHub account has a verified email set as primary."});return}let p=c.name?c.name.trim().split(/\s+/):[],l=p[0]||void 0,h=p.length>1?p.slice(1).join(" "):void 0,w={id:String(c.id),email:d,emailVerified:!0,providerName:"github",firstName:l,lastName:h,avatarUrl:c.avatar_url||void 0};r==="link"?await Me(t,e,w):await _e(t,e,w);}catch(a){console.error("GitHub OAuth error:",a),r==="link"&&A(e),e.status(500).json({error:"Authentication failed"});}}function wo(){let t=Router(),e=(n,r,o)=>{let i=!!a$1("_system.user.auth.github.enabled"),s=String(a$1("_system.user.auth.github.clientId")),a=String(a$1("_system.user.auth.github.clientSecret"));if(!i||!s||!a){r.status(503).json({error:"GitHub authentication is not configured"});return}o();};return t.get("/api/_internal/auth/github",e,(n,r)=>{let o=String(a$1("_system.user.auth.github.clientId")),i=ie("github"),s=a$1("_system.user.auth.github.scopes"),a$2=s?String(s).split(",").map(l=>l.trim()).join(" "):"user:email",c=randomBytes(32).toString("hex"),d=n.query.mode==="link"?"link":"login";r.cookie("authStateGithub",`${c}:${d}`,{httpOnly:true,secure:process.env.NODE_ENV==="production",sameSite:"lax",maxAge:a.minutes(10)});let p=new URL("https://github.com/login/oauth/authorize");p.searchParams.append("client_id",o),p.searchParams.append("redirect_uri",i),p.searchParams.append("scope",a$2),p.searchParams.append("state",c),r.redirect(p.toString());}),t.get("/api/_internal/auth/github/callback",e,yo),t}var Nn=wo;function Ln(t,e,n){return async(r,o,i)=>{let s=r.headers["x-modelence-auth-token"],a={session:null,user:null};if(typeof s=="string"&&V())try{let{session:d,user:p}=await D(s);a={session:d,user:p};}catch{}let c=l("route",`route:${t.toLowerCase()}:${e}`,{method:t,path:e,query:r.query,body:r.body,params:r.params});try{let d=await n({query:r.query,body:r.body,params:r.params,headers:r.headers,cookies:r.cookies,rawBody:Buffer.isBuffer(r.body)?r.body:void 0,req:r,res:o,next:i},a);c.end(),d&&(o.status(d.status||200),d.redirect&&o.redirect(d.redirect),d.headers&&Object.entries(d.headers).forEach(([p,l])=>{o.setHeader(p,l);}),o.send(d.data));}catch(d){c.end("error"),d instanceof a$3?o.status(d.status).send(d.message):(console.error(`Error in route handler: ${r.path}`),console.error(d),o.status(500).send(String(d)));}}}var dt=Object.freeze({});function Un(t){dt=Object.freeze(Object.assign({},dt,t));}function $n(){return dt}var ut=Object.freeze({});function jn(t){ut=Object.freeze(Object.assign({},ut,t));}function De(){return ut}function vo(t){let e=[];if(!t)return e.push(q.json({limit:"16mb"})),e.push(q.urlencoded({extended:true,limit:"16mb"})),e;if(t.json!==false){let n=typeof t.json=="object"?t.json:{limit:"16mb"};e.push(q.json(n));}if(t.urlencoded!==false){let n=typeof t.urlencoded=="object"?t.urlencoded:{extended:true,limit:"16mb"};e.push(q.urlencoded(n));}if(t.raw){let n=typeof t.raw=="object"?t.raw:{},r={limit:n.limit||"16mb",type:n.type||"*/*"};e.push(q.raw(r));}return e}function Co(t,e){for(let n of e)for(let r of n.routes){let{path:o,handlers:i,body:s}=r,a=vo(s);Object.entries(i).forEach(([c,d])=>{t[c](o,...a,Ln(c,o,d));});}}async function Fn(t,{combinedModules:e,channels:n}){let r=q();r.use(bo()),r.use(To()),Co(r,e),r.use(q.json({limit:"16mb"})),r.use(q.urlencoded({extended:true,limit:"16mb"})),r.use(Pn()),r.use(Nn()),r.post("/api/_internal/auth/set-link-cookie",async(a,c)=>{let{session:d}=await ge(a);if(!d?.userId){c.status(401).json({error:"Not authenticated"});return}c.cookie("oauthLinkToken",d.authToken,{httpOnly:true,secure:process.env.NODE_ENV==="production",sameSite:"lax",path:"/api/_internal/auth/",maxAge:10*60*1e3}),c.json({ok:true});}),r.post("/api/_internal/method/:methodName(*)",async(a,c)=>{let{methodName:d}=a.params,p=await ge(a);try{let l=await $t(d,a.body.args,p);c.json({data:l,typeMap:a$2(l)});}catch(l){xo(c,d,l);}}),await t.init(),t.middlewares&&r.use(t.middlewares()),r.all("*",(a,c)=>t.handler(a,c)),process.on("unhandledRejection",(a,c)=>{console.error("Unhandled Promise Rejection:"),console.error(a instanceof Error?a.stack:a),console.error("Promise:",c);}),process.on("uncaughtException",a=>{console.error("Uncaught Exception:"),console.error(a.stack),console.trace("Full application stack:");});let o=So.createServer(r),i=De()?.provider;i&&i.init({httpServer:o,channels:n});let s=process.env.MODELENCE_PORT||process.env.PORT||3e3;o.listen(s,()=>{j$1("Application started",{source:"app"});let a=a$1("_system.site.url")||`http://localhost:${s}`;console.log(`
+  `}var et={success:true,message:"If an account with that email exists, a password reset link has been sent"};async function an(t,{connectionInfo:e}){let n=j(t.email),r=e?.ip;r&&await _({bucket:"passwordReset",type:"ip",value:r}),await _({bucket:"passwordReset",type:"email",value:n});let o=await m.findOne({"emails.address":n,status:{$nin:["deleted","disabled"]}},{collation:{locale:"en",strength:2}});if(!o||!o.authMethods?.password)return et;let i=S().provider;if(!i)throw new Error("Email provider is not configured");let s=randomBytes(32).toString("hex"),a$2=Date.now(),c=new Date(a$2),d=new Date(a$2+a.hours(1));await I.insertOne({userId:o._id,email:n,token:s,createdAt:c,expiresAt:d});let p=a$1("_system.site.url")||e?.baseUrl,h=`${Ar(p,S().passwordReset?.redirectUrl)}?token=${s}`,y=(S()?.passwordReset?.template||_r)({email:n,resetUrl:h,name:""}),T=Ce(y);return await i.sendEmail({to:n,from:S()?.from||"noreply@modelence.com",subject:S()?.passwordReset?.subject||"Reset your password",text:T,html:y}),et}async function cn(t,{}){let e=z.string().parse(t.token),n=Oe(t.password),r=await I.findOne({token:e});if(!r)throw new Error("Invalid or expired reset token");if(r.expiresAt<new Date)throw await I.deleteOne({token:e}),new Error("Reset token has expired");let o=await m.findOne({_id:r.userId});if(!o)throw new Error("User not found");let i=await yr.hash(n,10);return await m.updateOne({_id:o._id},{$set:{"authMethods.password.hash":i}}),r.email&&await m.updateOne({_id:o._id,"emails.address":r.email},{$set:{"emails.$.verified":true}}),await I.deleteOne({token:e}),{success:true,message:"Password has been reset successfully"}}var ln=new v("_system.user",{stores:[m,ae,L,I],queries:{getOwnProfile:Qt},mutations:{signupWithPassword:sn,loginWithPassword:Jt,logout:Kt,resendEmailVerification:rn,sendResetPasswordToken:an,resetPassword:cn,updateProfile:Yt,unlinkOAuthProvider:Xt},cronJobs:{updateDisposableEmailList:Ht},rateLimits:[{bucket:"signup",type:"ip",window:a.minutes(15),limit:20},{bucket:"signup",type:"ip",window:a.days(1),limit:200},{bucket:"signupAttempt",type:"ip",window:a.minutes(15),limit:50},{bucket:"signupAttempt",type:"ip",window:a.days(1),limit:500},{bucket:"signin",type:"ip",window:a.minutes(15),limit:50},{bucket:"signin",type:"ip",window:a.days(1),limit:500},{bucket:"verification",type:"user",window:a.seconds(60),limit:1},{bucket:"verification",type:"user",window:a.days(1),limit:10},{bucket:"passwordReset",type:"ip",window:a.minutes(15),limit:10},{bucket:"passwordReset",type:"ip",window:a.days(1),limit:100},{bucket:"passwordReset",type:"email",window:a.hours(1),limit:5},{bucket:"passwordReset",type:"email",window:a.days(1),limit:10}],configSchema:{"auth.email.enabled":{type:"boolean",isPublic:true,default:true},"auth.email.from":{type:"string",isPublic:false,default:""},"auth.email.verification":{type:"boolean",isPublic:true,default:false},"auth.google.enabled":{type:"boolean",isPublic:true,default:false},"auth.google.clientId":{type:"string",isPublic:false,default:""},"auth.google.clientSecret":{type:"secret",isPublic:false,default:""},"auth.github.enabled":{type:"boolean",isPublic:true,default:false},"auth.github.clientId":{type:"string",isPublic:false,default:""},"auth.github.clientSecret":{type:"secret",isPublic:false,default:""}},routes:[{path:"/api/_internal/auth/verify-email",handlers:{get:nn}}]});var Rr={withoutRemoteServer:{MONGODB_URI:"_system.mongodbUri",MONGODB_POOL_SIZE:"_system.mongodbPoolSize",MODELENCE_AUTH_GOOGLE_ENABLED:"_system.user.auth.google.enabled",MODELENCE_AUTH_GOOGLE_CLIENT_ID:"_system.user.auth.google.clientId",MODELENCE_AUTH_GOOGLE_CLIENT_SECRET:"_system.user.auth.google.clientSecret",MODELENCE_AUTH_GITHUB_ENABLED:"_system.user.auth.github.enabled",MODELENCE_AUTH_GITHUB_CLIENT_ID:"_system.user.auth.github.clientId",MODELENCE_AUTH_GITHUB_CLIENT_SECRET:"_system.user.auth.github.clientSecret",MODELENCE_AUTH_GITHUB_CLIENT_SCOPES:"_system.user.auth.github.scopes",MODELENCE_EMAIL_RESEND_API_KEY:"_system.email.resend.apiKey",MODELENCE_EMAIL_AWS_SES_REGION:"_system.email.awsSes.region",MODELENCE_EMAIL_AWS_SES_ACCESS_KEY_ID:"_system.email.awsSes.accessKeyId",MODELENCE_EMAIL_AWS_SES_SECRET_ACCESS_KEY:"_system.email.awsSes.secretAccessKey",MODELENCE_EMAIL_SMTP_HOST:"_system.email.smtp.host",MODELENCE_EMAIL_SMTP_PORT:"_system.email.smtp.port",MODELENCE_EMAIL_SMTP_USER:"_system.email.smtp.user",MODELENCE_EMAIL_SMTP_PASS:"_system.email.smtp.pass",MODELENCE_SITE_URL:"_system.site.url",MODELENCE_ENV_TYPE:"_system.env.type",MODELENCE_ENV:"_system.env",GOOGLE_AUTH_ENABLED:"_system.user.auth.google.enabled",GOOGLE_AUTH_CLIENT_ID:"_system.user.auth.google.clientId",GOOGLE_AUTH_CLIENT_SECRET:"_system.user.auth.google.clientSecret"},withRemoteServer:{MODELENCE_SITE_URL:"_system.site.url"}};function Mr(t,e){if(e==="number"){let n=Number(t);if(isNaN(n))throw new Error(`Invalid number value for config: ${t}`);return n}if(e==="boolean"){if(t.toLowerCase()==="true")return  true;if(t.toLowerCase()==="false")return  false;throw new Error(`Invalid boolean value for config: ${t}`)}return t}function Ir(t,e){let n=[];for(let[r,o]of Object.entries(t)){let i=process.env[r],s=e[o];if(i){let a=s?.type??"string";n.push({key:o,type:a,value:Mr(i,a)});}}return n}function Ae(t,e="withoutRemoteServer"){let n=Rr[e];return Ir(n,t)}async function dn({configSchema:t,cronJobsMetadata:e,stores:n,roles:r}){let o=process.env.MODELENCE_CONTAINER_ID;if(!o)throw new Error("Unable to connect to Modelence Cloud: MODELENCE_CONTAINER_ID is not set");try{let i=Object.values(n).map(a=>({name:a.getName(),schema:a.getSerializedSchema(),collections:[a.getName()],version:2})),s=await tt("/api/connect","POST",{hostname:Dr.hostname(),containerId:o,dataModels:i,configSchema:t,cronJobsMetadata:e,roles:r});if(s.status==="error")throw new Error(s.error);return console.log("Successfully connected to Modelence Cloud"),s}catch(i){throw console.error("Unable to connect to Modelence Cloud:",i),i}}async function un(){return tt("/api/configs","GET")}async function pn(){return await tt("/api/sync","POST",{containerId:process.env.MODELENCE_CONTAINER_ID})}async function tt(t,e,n){return ne(t,e,n?JSON.stringify(n):void 0,n?{"Content-Type":"application/json"}:{})}async function ne(t,e,n,r){let{MODELENCE_SERVICE_ENDPOINT:o,MODELENCE_SERVICE_TOKEN:i}=process.env;if(!o)throw new Error("Unable to connect to Modelence Cloud: MODELENCE_SERVICE_ENDPOINT is not set");let s=await fetch(`${o}${t}`,{method:e,headers:{Authorization:`Bearer ${i}`,...r},body:n});if(!s.ok){let a=await s.text();try{let c=JSON.parse(a);throw new Error(`Unable to connect to Modelence Cloud: HTTP status: ${s.status}, ${c?.error}`)}catch{throw new Error(`Unable to connect to Modelence Cloud: HTTP status: ${s.status}, ${a}`)}}if(!(s.status===204||s.headers?.get("content-length")==="0"))return await s.json()}var nt=false,Pr=a.seconds(10);function mn(){setInterval(async()=>{if(!nt){nt=true;try{await pn();}catch(t){console.error("Error syncing status",t);}try{await Nr();}catch(t){console.error("Error syncing config",t);}nt=false;}},Pr);}function rt(t){c(t),c(Ae(d$1(),"withRemoteServer"));}async function Nr(){let{configs:t}=await un();rt(t);}var Z=new C("_modelenceLocks",{schema:{_id:u.string(),instanceId:u.string(),acquiredAt:u.date(),resource:u.string()},indexes:[{key:{resource:1},unique:true},{key:{resource:1,instanceId:1}},{key:{resource:1,acquiredAt:1}}],indexCreationMode:"blocking"});var B={},fn=a.seconds(10),wn=randomBytes(32).toString("base64url"),$r=a.seconds(30),re=new Map,ot=t=>t instanceof MongoError&&t.code===11e3,hn=(t,e)=>typeof t.keyPattern=="object"&&t.keyPattern!==null&&Object.prototype.hasOwnProperty.call(t.keyPattern,e),jr=async({error:t,resource:e})=>{if(hn(t,"resource"))return  true;if(hn(t,"_id"))return  false;let n=await Z.findOne({resource:e});return !!n&&n._id!==e},gn=async({resource:t,staleThresholdDate:e,instanceId:n})=>{let r=await Z.upsertOne({_id:t,$or:[{instanceId:n},{acquiredAt:{$lt:e}}]},{$set:{resource:t,instanceId:n,acquiredAt:new Date},$setOnInsert:{_id:t}});return r.upsertedCount>0||r.modifiedCount>0},bn=async({resource:t,instanceId:e,staleThresholdDate:n})=>{let r=n?{resource:t,_id:{$ne:t},$or:[{instanceId:e},{acquiredAt:{$lt:n}}]}:{resource:t,instanceId:e};return (await Z.deleteOne(r)).deletedCount>0},Fr=t=>{let e=t,n=re.get(e);n&&(n.stopRequested=true,n.timer&&(clearTimeout(n.timer),n.timer=null),re.delete(e));},yn=({resource:t,lockDuration:e,instanceId:n})=>{let r=Math.floor(e/3),o=t,i$1=re.get(o);if(i$1&&!i$1.stopRequested&&i$1.heartbeatInterval===r&&i$1.lockDuration===e)return;i$1&&(i$1.stopRequested=true,i$1.timer&&(clearTimeout(i$1.timer),i$1.timer=null),re.delete(o));let s={timer:null,stopRequested:false,lockDuration:e,heartbeatInterval:r},a=()=>{s.timer=setTimeout(()=>{J(t,{lockDuration:e,bypassCache:true,instanceId:n}).then(c=>{c||(s.stopRequested=true,i(`Lost lock while refreshing heartbeat: ${t}`,{source:"lock",resource:t,instanceId:n}));}).finally(()=>{if(s.stopRequested){re.delete(o);return}a();});},r);};re.set(o,s),a();};async function J(t,{lockDuration:e=$r,successfulLockCacheDuration:n=fn,failedLockCacheDuration:r=fn,heartbeat:o,bypassCache:i$1,instanceId:s=wn}={}){let a=Date.now();if(!i$1&&B[t]&&a<B[t].expiresAt)return B[t].value&&o&&yn({resource:t,lockDuration:e,instanceId:s}),B[t].value;let c=new Date(a-e);i(`Attempting to acquire lock: ${t}`,{source:"lock",resource:t,instanceId:s});try{let d=await zr({resource:t,staleThresholdDate:c,instanceId:s});return B[t]={value:d,expiresAt:a+(d?n:r)},d?(o&&yn({resource:t,lockDuration:e,instanceId:s}),i(`Lock acquired: ${t}`,{source:"lock",resource:t,instanceId:s})):i(`Failed to acquire lock (already held): ${t}`,{source:"lock",resource:t,instanceId:s}),d}catch{return B[t]={value:false,expiresAt:a+r},i(`Failed to acquire lock (already held): ${t}`,{source:"lock",resource:t,instanceId:s}),false}}var zr=async({resource:t,staleThresholdDate:e,instanceId:n})=>{try{return await gn({resource:t,staleThresholdDate:e,instanceId:n})}catch(r){if(ot(r)&&await jr({error:r,resource:t})){if(!await bn({resource:t,staleThresholdDate:e,instanceId:n}))return  false;try{return await gn({resource:t,staleThresholdDate:e,instanceId:n})}catch(i){if(ot(i))return  false;throw i}}if(ot(r))return  false;throw r}};async function me(t,{instanceId:e=wn}={}){Fr(t);try{let n=await Z.deleteOne({_id:t,instanceId:e});return n.deletedCount===0?await bn({resource:t,instanceId:e}):n.deletedCount>0}catch{return  false}finally{delete B[t];}}var K={},it=null,st=new C("_modelenceCronJobs",{schema:{alias:u.string(),lastStartDate:u.date().optional()},indexes:[{key:{alias:1},unique:true,background:true}]});function vn(t,{description:e="",interval:n,timeout:r=Math.min(Math.max(n,a.minutes(1)),a.days(1)),handler:o}){if(K[t])throw new Error(`Duplicate cron job declaration: '${t}' already exists`);if(it)throw new Error(`Unable to add a cron job - cron jobs have already been initialized: [${t}]`);if(n<a.seconds(5))throw new Error(`Cron job interval should not be less than 5 second [${t}]`);if(r>a.days(1))throw new Error(`Cron job timeout should not be longer than 1 day [${t}]`);K[t]={alias:t,params:{description:e,interval:n,timeout:r},handler:o,state:{isRunning:false}};}async function Cn(){if(it)throw new Error("Cron jobs already started");let t=Object.keys(K);if(t.length>0){let e={alias:{$in:t}},n=await st.fetch(e),r=Date.now();n.forEach(o=>{let i=K[o.alias];i&&(i.state.scheduledRunTs=o.lastStartDate?o.lastStartDate.getTime()+i.params.interval:r);}),Object.values(K).forEach(o=>{o.state.scheduledRunTs||(o.state.scheduledRunTs=r);}),it=setInterval(qr,a.seconds(1));}}async function qr(){let t=Date.now();await J("cron",{successfulLockCacheDuration:a.seconds(10),failedLockCacheDuration:a.seconds(30)})&&Object.values(K).forEach(async n=>{let{params:r,state:o}=n;if(o.isRunning){o.startTs&&o.startTs+r.timeout<t&&(o.isRunning=false);return}o.scheduledRunTs&&o.scheduledRunTs<=t&&await Hr(n);});}async function Hr(t){let{alias:e,params:n,handler:r,state:o}=t;o.isRunning=true,o.startTs=Date.now(),await st.updateOne({alias:e},{$set:{lastStartDate:new Date(o.startTs)}});let i=l("cron",`cron:${e}`);try{await r(),Sn(o,n),i.end("success");}catch(s){Sn(o,n);let a=s instanceof Error?s:new Error(String(s));m$1(a),i.end("error"),console.error(`Error in cron job '${e}':`,s);}}function Sn(t,e){t.scheduledRunTs=t.startTs?t.startTs+e.interval:Date.now(),t.startTs=void 0,t.isRunning=false;}function xn(){return Object.values(K).map(({alias:t,params:e})=>({alias:t,description:e.description,interval:e.interval,timeout:e.timeout}))}var En=new v("_system.cron",{stores:[st]});var at=new v("_system.lock",{stores:[Z]});var fe=new C("_modelenceMigrations",{schema:{version:u.number(),status:u.enum(["completed","failed"]),description:u.string().optional(),output:u.string().optional(),appliedAt:u.date()},indexes:[{key:{version:1},unique:true},{key:{version:1,status:1}}]});async function Vr(t){if(t.length===0)return;if(!await J("migrations")){j$1("Another instance is running migrations. Skipping migration run.",{source:"migrations"});return}try{let n=t.map(({version:s})=>s),r=await fe.fetch({version:{$in:n}}),o=new Set(r.map(({version:s})=>s)),i=t.filter(({version:s})=>!o.has(s));if(i.length===0)return;j$1(`Running migrations (${i.length})...`,{source:"migrations"});for(let{version:s,description:a,handler:c}of i){j$1(`Running migration v${s}: ${a}`,{source:"migrations"});try{let p=(await c()||"").toString().trim(),l=15*1024*1024,h=p.length>l?p.slice(0,l)+`
+[Output truncated - exceeded size limit]`:p;await fe.upsertOne({version:s},{$set:{version:s,status:"completed",description:a,output:h,appliedAt:new Date}}),j$1(`Migration v${s} complete`,{source:"migrations"});}catch(d){d instanceof Error&&(await fe.upsertOne({version:s},{$set:{version:s,status:"failed",description:a,output:d.message||"",appliedAt:new Date}}),j$1(`Migration v${s} is failed: ${d.message}`,{source:"migrations"}));}}}finally{await me("migrations");}}function Tn(t){setTimeout(()=>{Vr(t).catch(e=>{console.error("Error running migrations:",e);});},0);}var kn=new v("_system.migration",{stores:[fe]});var On=new v("_system.rateLimit",{stores:[pe]});async function An({filePath:t,contentType:e,visibility:n}){return await ne("/api/files/upload","POST",JSON.stringify({filePath:t,contentType:e,visibility:n}),{"Content-Type":"application/json"})}async function _n(t){await ne("/api/files/delete","POST",JSON.stringify({filePath:t}),{"Content-Type":"application/json"});}async function Rn(t){return await ne("/api/files/download","POST",JSON.stringify({filePath:t}),{"Content-Type":"application/json"})}async function Mn(t){return await ne("/api/files/url","POST",JSON.stringify({filePath:t}),{"Content-Type":"application/json"})}var In=new v("_system.files",{queries:{async downloadFile({filePath:t}){return Rn(t)},async getFileUrl({filePath:t}){return Mn(t)}},mutations:{async getUploadUrl({filePath:t,contentType:e,visibility:n}){return An({filePath:t,contentType:e,visibility:n})},async deleteFile({filePath:t}){return _n(t)}}});var lt=class{async init({httpServer:e}){this.config=await Xr(this.isDev()?e:void 0),this.isDev()&&(console.log("Starting Vite dev server..."),this.viteServer=await createServer(this.config));}middlewares(){if(this.isDev())return this.viteServer?.middlewares??[];let e=[z$1.static("./.modelence/build/client".replace(/\\/g,"/"))];return this.config?.publicDir&&e.push(z$1.static(this.config.publicDir)),e}handler(e,n){if(this.isDev())try{n.setHeader("Cache-Control","no-store"),n.sendFile("index.html",{root:"./src/client"});}catch(r){console.error("Error serving index.html:",r),n.status(500).send("Internal Server Error");}else n.sendFile("index.html",{root:"./.modelence/build/client".replace(/\\/g,"/")});}isDev(){return process.env.NODE_ENV!=="production"}};async function Qr(){let t=process.cwd();try{return (await loadConfigFromFile({command:"serve",mode:"development"},void 0,t))?.config||{}}catch(e){return console.warn("Could not load vite config:",e),{}}}function Yr(t,e){let n=mergeConfig(t,e);if(n.plugins&&Array.isArray(n.plugins)){let r=new Set;n.plugins=n.plugins.flat().filter(o=>{if(!o||typeof o!="object"||Array.isArray(o))return  true;let i=o.name;return !i||r.has(i)?false:(r.add(i),true)}).reverse(),n.plugins.reverse();}return n}async function Xr(t){let e=process.cwd(),n=await Qr(),r=[".eslintrc.js",".eslintrc.json",".eslintrc","eslint.config.js",".eslintrc.yml",".eslintrc.yaml"].find(s=>Kr.existsSync(ct.join(e,s))),o=[Jr(),eo()];if(r){let s=(await import('vite-plugin-eslint')).default;o.push(s({failOnError:false,include:["src/**/*.js","src/**/*.jsx","src/**/*.ts","src/**/*.tsx"],cwd:e,overrideConfigFile:ct.resolve(e,r)}));}let i=defineConfig({plugins:o,build:{outDir:".modelence/build/client".replace(/\\/g,"/"),emptyOutDir:true},server:{middlewareMode:true,hmr:t?{server:t}:void 0},root:"./src/client",resolve:{alias:{"@":ct.resolve(e,"src").replace(/\\/g,"/")}}});return Yr(i,n)}function eo(){return {name:"modelence-asset-handler",async transform(t,e){if(/\.(png|jpe?g|gif|svg|mpwebm|ogg|mp3|wav|flac|aac)$/.test(e))return process.env.NODE_ENV==="development",t}}}var Pn=new lt;async function dt(t,e){let{authToken:n}=await ze(e);t.cookie("authToken",n,{httpOnly:true,secure:process.env.NODE_ENV==="production",sameSite:"strict",path:"/"}),t.status(302),t.redirect("/");}async function no(t,e,n,r,o){let i=x();try{if(n.status==="disabled"||n.status==="deleted"){t.status(400).json({error:"User account is not active."});return}let s={};n.firstName===void 0&&e.firstName&&(s.firstName=e.firstName),n.lastName===void 0&&e.lastName&&(s.lastName=e.lastName),n.avatarUrl===void 0&&e.avatarUrl&&(s.avatarUrl=e.avatarUrl);let a=n;Object.keys(s).length>0&&(await m.updateOne({_id:n._id},{$set:s}),a={...n,...s}),await dt(t,n._id),i.onAfterLogin?.({provider:e.providerName,user:a,session:r,connectionInfo:o}),i.login?.onSuccess?.(a);}catch(s){throw s instanceof Error&&(i.login?.onError?.(s),i.onLoginError?.({provider:e.providerName,error:s,session:r,connectionInfo:o})),s}}async function ro(t,e,n,r,o){let i=x();if((i.oauthAccountLinking??"manual")==="auto"&&e.emailVerified){if(n.status==="disabled"||n.status==="deleted"){t.status(400).json({error:"User account is not active."});return}if(!n.emails?.find(c=>c.address.toLowerCase()===e.email.toLowerCase())?.verified){t.status(400).json({error:"User with this email already exists. Please log in instead."});return}try{let c={...n.firstName===void 0&&e.firstName&&{firstName:e.firstName},...n.lastName===void 0&&e.lastName&&{lastName:e.lastName},...n.avatarUrl===void 0&&e.avatarUrl&&{avatarUrl:e.avatarUrl}};if(!((await m.updateOne({_id:n._id,status:{$nin:["deleted","disabled"]},$or:[{[`authMethods.${e.providerName}.id`]:{$exists:!1}},{[`authMethods.${e.providerName}.id`]:e.id}]},{$set:{[`authMethods.${e.providerName}.id`]:e.id,...c}})).matchedCount>0)){t.status(400).json({error:"User with this email already exists. Please log in instead."});return}await dt(t,n._id);let l={...n,...c,authMethods:{...n.authMethods,[e.providerName]:{id:e.id}}};i.onAfterLogin?.({provider:e.providerName,user:l,session:r,connectionInfo:o}),i.login?.onSuccess?.(l);return}catch(c){throw c instanceof Error&&(i.login?.onError?.(c),i.onLoginError?.({provider:e.providerName,error:c,session:r,connectionInfo:o})),c}}t.status(400).json({error:"User with this email already exists. Please log in instead."});}async function oo(t,e,n,r){let o=x();try{let i;if(o.generateHandle){let d=await o.generateHandle({email:e.email,firstName:e.firstName,lastName:e.lastName});i=await G(d,e.email,{throwOnConflict:!1});}else i=await G(void 0,e.email);let s={handle:i,status:"active",emails:[{address:e.email,verified:e.emailVerified}],createdAt:new Date,authMethods:{[e.providerName]:{id:e.id}},...e.firstName!==void 0&&{firstName:e.firstName},...e.lastName!==void 0&&{lastName:e.lastName},...e.avatarUrl!==void 0&&{avatarUrl:e.avatarUrl}},a=await m.insertOne(s);await dt(t,a.insertedId);let c=await m.findOne({_id:a.insertedId},{readPreference:"primary"});c&&(o.onAfterSignup?.({provider:e.providerName,user:c,session:n,connectionInfo:r}),o.signup?.onSuccess?.(c));}catch(i){throw i instanceof Error&&(o.onSignupError?.({provider:e.providerName,error:i,session:n,connectionInfo:r}),o.signup?.onError?.(i)),i}}function ie(t){return `${a$1("_system.site.url")}/api/_internal/auth/${t}/callback`}async function _e(t,e,n){let r=await m.findOne({[`authMethods.${n.providerName}.id`]:n.id}),{session:o,connectionInfo:i}=await he(t);if(r)return no(e,n,r,o,i);if(!n.email){e.status(400).json({error:`Email address is required for ${n.providerName} authentication.`});return}let s;try{s=await m.findOne({"emails.address":n.email,status:{$ne:"deleted"}},{collation:{locale:"en",strength:2}});}catch(a){if(a instanceof Error){let c=x();c.onSignupError?.({provider:n.providerName,error:a,session:o,connectionInfo:i}),c.signup?.onError?.(a);}throw a}return s?ro(e,n,s,o,i):oo(e,n,o,i)}function O(t){t.cookie("oauthLinkToken","",{httpOnly:true,maxAge:0,path:"/api/_internal/auth/",sameSite:"lax",secure:process.env.NODE_ENV==="production"});}function oe(t){if(t)try{t();}catch(e){console.error("Error executing OAuth hook:",e);}}function Re(t,e,n){let r=t.query.state,o=t.cookies[n],[i,s]=(o||"").split(":");return !r||!o||r!==i?(e.status(400).json({error:"Invalid OAuth state - possible CSRF attack"}),null):(e.clearCookie(n),s||"login")}async function Me(t,e,n){let r=x(),{session:o,connectionInfo:i}=await he(t);if(!o?.userId){O(e),e.status(401).json({error:"You must be signed in to link a provider."});return}let s=o.userId;try{let a=`authMethods.${n.providerName}.id`;if((await m.updateOne({_id:s,status:{$nin:["deleted","disabled"]},$or:[{[a]:{$exists:!1}},{[a]:n.id}]},{$set:{[a]:n.id}})).matchedCount===0){let p=await m.findOne({_id:s});if(!p||p.status==="deleted"||p.status==="disabled"){oe(()=>r.onOAuthLinkError?.({provider:n.providerName,error:new Error("User account not found or not active"),session:o,connectionInfo:i})),O(e),e.status(400).json({error:"User account is not active."});return}let l=p?.authMethods?.[n.providerName]?.id;if(l&&l!==n.id){oe(()=>r.onOAuthLinkError?.({provider:n.providerName,error:new Error(`User already has a different ${n.providerName} account linked`),session:o,connectionInfo:i})),O(e),e.status(400).json({error:`You have already linked a different ${n.providerName} account.`});return}oe(()=>r.onOAuthLinkError?.({provider:n.providerName,error:new Error(`Unexpected OAuth linking state for ${n.providerName}`),session:o,connectionInfo:i})),O(e),e.status(400).json({error:`Unable to link ${n.providerName} account.`});return}let d=await m.findOne({_id:s},{readPreference:"primary"});d&&oe(()=>r.onAfterOAuthLink?.({provider:n.providerName,user:d,session:o,connectionInfo:i})),O(e),e.status(302).redirect("/");}catch(a){if(a instanceof MongoServerError&&a.code===11e3){oe(()=>r.onOAuthLinkError?.({provider:n.providerName,error:a,session:o,connectionInfo:i})),O(e),e.status(400).json({error:`This ${n.providerName} account is already linked to a different user.`});return}if(a instanceof Error&&oe(()=>r.onOAuthLinkError?.({provider:n.providerName,error:a,session:o,connectionInfo:i})),O(e),!e.headersSent)throw a}}function Ie(t){return !t||typeof t!="string"?null:t}async function ao(t,e,n,r){let o=await fetch("https://oauth2.googleapis.com/token",{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded"},body:new URLSearchParams({code:t,client_id:e,client_secret:n,redirect_uri:r,grant_type:"authorization_code"})});if(!o.ok)throw new Error(`Failed to exchange code for token: ${o.statusText}`);return o.json()}async function co(t){let e=await fetch("https://www.googleapis.com/oauth2/v2/userinfo",{headers:{Authorization:`Bearer ${t}`}});if(!e.ok)throw new Error(`Failed to fetch user info: ${e.statusText}`);return e.json()}async function lo(t,e){let n=Ie(t.query.code);if(!n){e.status(400).json({error:"Missing authorization code"});return}let r=Re(t,e,"authStateGoogle");if(!r)return;let o=String(a$1("_system.user.auth.google.clientId")),i=String(a$1("_system.user.auth.google.clientSecret")),s=ie("google");try{let a=await ao(n,o,i,s),c=await co(a.access_token),d={id:c.id,email:c.email,emailVerified:c.verified_email,providerName:"google",firstName:c.given_name||void 0,lastName:c.family_name||void 0,avatarUrl:c.picture||void 0};r==="link"?await Me(t,e,d):await _e(t,e,d);}catch(a){console.error("Google OAuth error:",a),r==="link"&&O(e),e.status(500).json({error:"Authentication failed"});}}function uo(){let t=Router(),e=(n,r,o)=>{let i=!!a$1("_system.user.auth.google.enabled"),s=String(a$1("_system.user.auth.google.clientId")),a=String(a$1("_system.user.auth.google.clientSecret"));if(!i||!s||!a){r.status(503).json({error:"Google authentication is not configured"});return}o();};return t.get("/api/_internal/auth/google",e,(n,r)=>{let o=String(a$1("_system.user.auth.google.clientId")),i=ie("google"),s=randomBytes(32).toString("hex"),a$2=n.query.mode==="link"?"link":"login";r.cookie("authStateGoogle",`${s}:${a$2}`,{httpOnly:true,secure:process.env.NODE_ENV==="production",sameSite:"lax",maxAge:a.minutes(10)});let c=new URL("https://accounts.google.com/o/oauth2/v2/auth");c.searchParams.append("client_id",o),c.searchParams.append("redirect_uri",i),c.searchParams.append("response_type","code"),c.searchParams.append("scope","profile email"),c.searchParams.append("access_type","online"),c.searchParams.append("state",s),r.redirect(c.toString());}),t.get("/api/_internal/auth/google/callback",e,lo),t}var Nn=uo;async function fo(t,e,n,r){let o=await fetch("https://github.com/login/oauth/access_token",{method:"POST",headers:{"Content-Type":"application/json",Accept:"application/json"},body:JSON.stringify({client_id:e,client_secret:n,code:t,redirect_uri:r})});if(!o.ok)throw new Error(`Failed to exchange code for token: ${o.statusText}`);return o.json()}async function ho(t){let e=await fetch("https://api.github.com/user",{headers:{Authorization:`Bearer ${t}`,Accept:"application/vnd.github.v3+json"}});if(!e.ok)throw new Error(`Failed to fetch user info: ${e.statusText}`);return e.json()}async function go(t){let e=await fetch("https://api.github.com/user/emails",{headers:{Authorization:`Bearer ${t}`,Accept:"application/vnd.github.v3+json"}});if(!e.ok)throw new Error(`Failed to fetch user emails: ${e.statusText}`);return e.json()}async function yo(t,e){return t.email?t.email:(await go(e)).find(r=>r.primary&&r.verified)?.email??null}async function wo(t,e){let n=Ie(t.query.code);if(!n){e.status(400).json({error:"Missing authorization code"});return}let r=Re(t,e,"authStateGithub");if(!r)return;let o=String(a$1("_system.user.auth.github.clientId")),i=String(a$1("_system.user.auth.github.clientSecret")),s=ie("github");try{let a=await fo(n,o,i,s),c=await ho(a.access_token),d=await yo(c,a.access_token);if(!d){r==="link"&&O(e),e.status(400).json({error:"Unable to retrieve a primary verified email from GitHub. Please ensure your GitHub account has a verified email set as primary."});return}let p=c.name?c.name.trim().split(/\s+/):[],l=p[0]||void 0,h=p.length>1?p.slice(1).join(" "):void 0,w={id:String(c.id),email:d,emailVerified:!0,providerName:"github",firstName:l,lastName:h,avatarUrl:c.avatar_url||void 0};r==="link"?await Me(t,e,w):await _e(t,e,w);}catch(a){console.error("GitHub OAuth error:",a),r==="link"&&O(e),e.status(500).json({error:"Authentication failed"});}}function bo(){let t=Router(),e=(n,r,o)=>{let i=!!a$1("_system.user.auth.github.enabled"),s=String(a$1("_system.user.auth.github.clientId")),a=String(a$1("_system.user.auth.github.clientSecret"));if(!i||!s||!a){r.status(503).json({error:"GitHub authentication is not configured"});return}o();};return t.get("/api/_internal/auth/github",e,(n,r)=>{let o=String(a$1("_system.user.auth.github.clientId")),i=ie("github"),s=a$1("_system.user.auth.github.scopes"),a$2=s?String(s).split(",").map(l=>l.trim()).join(" "):"user:email",c=randomBytes(32).toString("hex"),d=n.query.mode==="link"?"link":"login";r.cookie("authStateGithub",`${c}:${d}`,{httpOnly:true,secure:process.env.NODE_ENV==="production",sameSite:"lax",maxAge:a.minutes(10)});let p=new URL("https://github.com/login/oauth/authorize");p.searchParams.append("client_id",o),p.searchParams.append("redirect_uri",i),p.searchParams.append("scope",a$2),p.searchParams.append("state",c),r.redirect(p.toString());}),t.get("/api/_internal/auth/github/callback",e,wo),t}var Ln=bo;function Un(t,e,n){return async(r,o,i)=>{let s=r.headers["x-modelence-auth-token"],a={session:null,user:null};if(typeof s=="string"&&V())try{let{session:d,user:p}=await D(s);a={session:d,user:p};}catch{}let c=l("route",`route:${t.toLowerCase()}:${e}`,{method:t,path:e,query:r.query,body:r.body,params:r.params});try{let d=await n({query:r.query,body:r.body,params:r.params,headers:r.headers,cookies:r.cookies,rawBody:Buffer.isBuffer(r.body)?r.body:void 0,req:r,res:o,next:i},a);c.end(),d&&(o.status(d.status||200),d.redirect&&o.redirect(d.redirect),d.headers&&Object.entries(d.headers).forEach(([p,l])=>{o.setHeader(p,l);}),o.send(d.data));}catch(d){c.end("error"),d instanceof a$3?o.status(d.status).send(d.message):(console.error(`Error in route handler: ${r.path}`),console.error(d),o.status(500).send(String(d)));}}}var ut=Object.freeze({});function $n(t){ut=Object.freeze(Object.assign({},ut,t));}function jn(){return ut}var pt=Object.freeze({});function Fn(t){pt=Object.freeze(Object.assign({},pt,t));}function De(){return pt}function Co(t){let e=[];if(!t)return e.push(z$1.json({limit:"16mb"})),e.push(z$1.urlencoded({extended:true,limit:"16mb"})),e;if(t.json!==false){let n=typeof t.json=="object"?t.json:{limit:"16mb"};e.push(z$1.json(n));}if(t.urlencoded!==false){let n=typeof t.urlencoded=="object"?t.urlencoded:{extended:true,limit:"16mb"};e.push(z$1.urlencoded(n));}if(t.raw){let n=typeof t.raw=="object"?t.raw:{},r={limit:n.limit||"16mb",type:n.type||"*/*"};e.push(z$1.raw(r));}return e}function xo(t,e){for(let n of e)for(let r of n.routes){let{path:o,handlers:i,body:s}=r,a=Co(s);Object.entries(i).forEach(([c,d])=>{t[c](o,...a,Un(c,o,d));});}}async function zn(t,{combinedModules:e,channels:n}){let r=z$1();r.use(So()),r.use(ko()),xo(r,e),r.use(z$1.json({limit:"16mb"})),r.use(z$1.urlencoded({extended:true,limit:"16mb"})),r.use(Nn()),r.use(Ln()),r.post("/api/_internal/auth/set-link-cookie",async(a,c)=>{let{session:d}=await he(a);if(!d?.userId){c.status(401).json({error:"Not authenticated"});return}c.cookie("oauthLinkToken",d.authToken,{httpOnly:true,secure:process.env.NODE_ENV==="production",sameSite:"lax",path:"/api/_internal/auth/",maxAge:10*60*1e3}),c.json({ok:true});}),r.post("/api/_internal/method/:methodName(*)",async(a,c)=>{let{methodName:d}=a.params,p=await he(a);try{let l=a$2(await jt(d,a.body.args,p));c.json({data:l,typeMap:b$1(l)});}catch(l){Eo(c,d,l);}});let o=vo.createServer(r);await t.init({httpServer:o}),t.middlewares&&r.use(t.middlewares()),r.all("*",(a,c)=>t.handler(a,c)),process.on("unhandledRejection",(a,c)=>{console.error("Unhandled Promise Rejection:"),console.error(a instanceof Error?a.stack:a),console.error("Promise:",c);}),process.on("uncaughtException",a=>{console.error("Uncaught Exception:"),console.error(a.stack),console.trace("Full application stack:");});let i=De()?.provider;i&&i.init({httpServer:o,channels:n});let s=process.env.MODELENCE_PORT||process.env.PORT||3e3;o.listen(s,()=>{j$1("Application started",{source:"app"});let a=a$1("_system.site.url")||`http://localhost:${s}`;console.log(`
 Application started on ${a}
-`);});}async function ge(t){let e=(t.path??t.url??"").split("?")[0],n=e.startsWith("/api/_internal/auth/")&&e.endsWith("/callback"),r=F.string().nullish().transform(a=>a??null).parse(t.cookies.authToken||(n?t.cookies.oauthLinkToken:null)||t.body.authToken),o=F.object({screenWidth:F.number(),screenHeight:F.number(),windowWidth:F.number(),windowHeight:F.number(),pixelRatio:F.number(),orientation:F.string().nullable()}).nullish().parse(t.body.clientInfo)??{screenWidth:0,screenHeight:0,windowWidth:0,windowHeight:0,pixelRatio:1,orientation:null},i={ip:ko(t),userAgent:t.get("user-agent"),acceptLanguage:t.get("accept-language"),referrer:t.get("referrer"),baseUrl:t.protocol+"://"+t.get("host")};if(!!V()){let{session:a,user:c,roles:d}=await D(r);return {clientInfo:o,connectionInfo:i,session:a,user:c,roles:d}}return {clientInfo:o,connectionInfo:i,session:null,user:null,roles:Se()}}function xo(t,e,n){if(n instanceof a$3){n.status>=500&&n.status<600&&console.error(`Error calling ${e}:`,n),t.status(n.status).send(n.message);return}if(n instanceof Error&&n?.constructor?.name==="ZodError"&&"errors"in n){let r="";try{r=Eo(n);}catch(o){console.error(`Error parsing Zod error in ${e}:`,o),r="Validation failed";}t.status(400).send(r);return}console.error(`Error calling ${e}:`,n),t.status(500).send(n instanceof Error?n.message:String(n));}function Eo(t){let e=t.flatten(),n=Object.entries(e.fieldErrors).map(([i,s])=>`${i}: ${(s??[]).join(", ")}`),r=e.formErrors;return [...n,...r].filter(Boolean).join("; ")}function To(){let{frameAncestors:t}=$n(),e=t&&t.length>0,n=e?["'self'",...t].join(" "):"'self'";return (r,o,i)=>{o.setHeader("Content-Security-Policy",`frame-ancestors ${n}`),e||o.setHeader("X-Frame-Options","SAMEORIGIN"),i();}}function ko(t){let e=t.headers["x-forwarded-for"];if(e)return (Array.isArray(e)?e[0]:e.split(",")[0]).trim();let n=t.ip||t.socket?.remoteAddress;if(n)return n.startsWith("::ffff:")?n.substring(7):n}async function Ro({modules:t=[],roles:e$1={},defaultRoles:n={},server:r=Dn,migrations:o=[],email:i={},auth:s={},security:a={},websocket:c$1={}}){qn.config(),qn.config({path:".modelence.env"});let d=!!process.env.MODELENCE_SERVICE_ENDPOINT;qo().then(()=>{}).catch(()=>{});let p=[cn,At,xn,Tn,kn,ce,st,Mn],l=[...p,...t];f(),Io(p),Mo(t),Rt(e$1,n);let h$1=$o(l);e(h$1);let w=Do(l),y=Po(l);jo(l);let T=No(l);if(Bt(T),d){let{configs:k,environmentId:R,appAlias:M,environmentAlias:z,telemetry:_}=await ln({configSchema:h$1,cronJobsMetadata:Cn(),stores:w,roles:e$1});nt(k),g({environmentId:R,appAlias:M,environmentAlias:z,telemetry:_});}else c(Ae(h$1));Ht(i),Wt(s),Un(a),jn({...c$1,provider:c$1.provider||Ft}),V()&&(await It(),Fo(w),await Uo(w)),En(o),d&&(await h(),pn()),vn().catch(console.error),await Fn(r,{combinedModules:l,channels:y});}function Mo(t){for(let e of t){for(let[n,r]of Object.entries(e.queries))He(`${e.name}.${n}`,r);for(let[n,r]of Object.entries(e.mutations))Dt(`${e.name}.${n}`,r);}}function Io(t){for(let e of t){for(let[n,r]of Object.entries(e.queries))Pt(`${e.name}.${n}`,r);for(let[n,r]of Object.entries(e.mutations))Nt(`${e.name}.${n}`,r);}}function Do(t){return t.flatMap(e=>e.stores)}function Po(t){return t.flatMap(e=>e.channels)}function No(t){return t.flatMap(e=>e.rateLimits)}function Lo(t,e){console.warn(`Failed to create indexes for store '${t}'. Continuing startup.`,e);}var pt="indexes";async function Uo(t){if(!await J(pt,{lockDuration:a.seconds(30),heartbeat:true}))return;let n=false;try{let r=t.filter(i=>i.getIndexCreationMode()==="blocking"),o=t.filter(i=>i.getIndexCreationMode()==="background");for(let i of r)await zn(i);o.length>0&&(n=!0,Promise.resolve().then(async()=>{try{for(let i of o)await zn(i);}finally{await fe(pt);}}));}finally{n||await fe(pt);}}async function zn(t){let e=t.getName();try{await t.createIndexes();}catch(n){Lo(e,n);}}function $o(t){let e={};for(let n of t)for(let[r,o]of Object.entries(n.configSchema)){let i=`${n.name}.${r}`;if(i in e)throw new Error(`Duplicate config schema key: ${i} (${n.name})`);e[i]=o;}return e}function jo(t){for(let e of t)for(let[n,r]of Object.entries(e.cronJobs))Sn(`${e.name}.${n}`,r);}function Fo(t){let e=ve();if(!e)throw new Error("Failed to initialize stores: MongoDB client not initialized");for(let n of t)n.init(e);}async function qo(){if(process.env.MODELENCE_TRACKING_ENABLED!=="false"){let e=process.env.MODELENCE_SERVICE_ENDPOINT??"https://cloud.modelence.com",n=process.env.MODELENCE_ENVIRONMENT_ID,r=await zo(),o=await import('./package-WAK3BC65.js');await fetch(`${e}/api/track/app-start`,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({projectName:r.name,version:o.default.version,localHostname:Ir.hostname(),environmentId:n})});}}async function zo(){try{let t=at.join(process.cwd(),"package.json"),e=await Oo.readFile(t,"utf-8");return {name:JSON.parse(e).name||"unknown"}}catch{return {name:"unknown"}}}async function Hn(t){await L.deleteMany({userId:t}),await I.deleteMany({userId:t});}async function Vo(t){await Hn(t),await m.updateOne(t,{$set:{status:"disabled",disabledAt:new Date}});}async function Wo(t){await Hn(t),await m.updateOne({_id:t},{$set:{handle:`deleted-${t}-${randomUUID()}`,status:"deleted",deletedAt:new Date,authMethods:{},emails:[]}});}var mt=class{constructor(e,n){this.category=e,this.canAccessChannel=n||null;}broadcast(e,n){let r=De().provider;if(!r){k("Websockets provider should be added to startApp",{});return}r.broadcast({category:this.category,id:e,data:n});}};function Go(t){if(!S().provider)throw new Error("Email provider is not configured, see https://docs.modelence.com/email for more details.");return S().provider?.sendEmail(t)}
-export{te as LiveData,v as Module,mt as ServerChannel,C as Store,D as authenticate,O as consumeRateLimit,He as createQuery,m as dbUsers,An as deleteFile,Wo as deleteUser,Vo as disableUser,_n as downloadFile,Rn as getFileUrl,On as getUploadUrl,u as schema,Go as sendEmail,Ro as startApp};//# sourceMappingURL=server.js.map
+`);});}async function he(t){let e=(t.path??t.url??"").split("?")[0],n=e.startsWith("/api/_internal/auth/")&&e.endsWith("/callback"),r=F.string().nullish().transform(a=>a??null).parse(t.cookies.authToken||(n?t.cookies.oauthLinkToken:null)||t.body.authToken),o=F.object({screenWidth:F.number(),screenHeight:F.number(),windowWidth:F.number(),windowHeight:F.number(),pixelRatio:F.number(),orientation:F.string().nullable()}).nullish().parse(t.body.clientInfo)??{screenWidth:0,screenHeight:0,windowWidth:0,windowHeight:0,pixelRatio:1,orientation:null},i={ip:Oo(t),userAgent:t.get("user-agent"),acceptLanguage:t.get("accept-language"),referrer:t.get("referrer"),baseUrl:t.protocol+"://"+t.get("host")};if(!!V()){let{session:a,user:c,roles:d}=await D(r);return {clientInfo:o,connectionInfo:i,session:a,user:c,roles:d}}return {clientInfo:o,connectionInfo:i,session:null,user:null,roles:Se()}}function Eo(t,e,n){if(n instanceof a$3){n.status>=500&&n.status<600&&console.error(`Error calling ${e}:`,n),t.status(n.status).send(n.message);return}if(n instanceof Error&&n?.constructor?.name==="ZodError"&&"errors"in n){let r="";try{r=To(n);}catch(o){console.error(`Error parsing Zod error in ${e}:`,o),r="Validation failed";}t.status(400).send(r);return}console.error(`Error calling ${e}:`,n),t.status(500).send(n instanceof Error?n.message:String(n));}function To(t){let e=t.flatten(),n=Object.entries(e.fieldErrors).map(([i,s])=>`${i}: ${(s??[]).join(", ")}`),r=e.formErrors;return [...n,...r].filter(Boolean).join("; ")}function ko(){let{frameAncestors:t}=jn(),e=t&&t.length>0,n=e?["'self'",...t].join(" "):"'self'";return (r,o,i)=>{o.setHeader("Content-Security-Policy",`frame-ancestors ${n}`),e||o.setHeader("X-Frame-Options","SAMEORIGIN"),i();}}function Oo(t){let e=t.headers["x-forwarded-for"];if(e)return (Array.isArray(e)?e[0]:e.split(",")[0]).trim();let n=t.ip||t.socket?.remoteAddress;if(n)return n.startsWith("::ffff:")?n.substring(7):n}async function Mo({modules:t=[],roles:e$1={},defaultRoles:n={},server:r=Pn,migrations:o=[],email:i={},auth:s={},security:a={},websocket:c$1={}}){qn.config(),qn.config({path:".modelence.env"});let d=!!process.env.MODELENCE_SERVICE_ENDPOINT;qo().then(()=>{}).catch(()=>{});let p=[ln,_t,En,kn,On,ce,at,In],l=[...p,...t];f(),Do(p),Io(t),Mt(e$1,n);let h$1=jo(l);e(h$1);let w=Po(l),y=No(l);Fo(l);let T=Lo(l);if(en(T),d){let{configs:k,environmentId:R,appAlias:M,environmentAlias:q,telemetry:A}=await dn({configSchema:h$1,cronJobsMetadata:xn(),stores:w,roles:e$1});rt(k),g({environmentId:R,appAlias:M,environmentAlias:q,telemetry:A});}else c(Ae(h$1));Vt(i),Zt(s),$n(a),Fn({...c$1,provider:c$1.provider||zt}),V()&&(await Dt(),zo(w),await $o(w)),Tn(o),d&&(await h(),mn()),Cn().catch(console.error),await zn(r,{combinedModules:l,channels:y});}function Io(t){for(let e of t){for(let[n,r]of Object.entries(e.queries))He(`${e.name}.${n}`,r);for(let[n,r]of Object.entries(e.mutations))Pt(`${e.name}.${n}`,r);}}function Do(t){for(let e of t){for(let[n,r]of Object.entries(e.queries))Nt(`${e.name}.${n}`,r);for(let[n,r]of Object.entries(e.mutations))Lt(`${e.name}.${n}`,r);}}function Po(t){return t.flatMap(e=>e.stores)}function No(t){return t.flatMap(e=>e.channels)}function Lo(t){return t.flatMap(e=>e.rateLimits)}function Uo(t,e){console.warn(`Failed to create indexes for store '${t}'. Continuing startup.`,e);}var mt="indexes";async function $o(t){if(!await J(mt,{lockDuration:a.seconds(30),heartbeat:true}))return;let n=false;try{let r=t.filter(i=>i.getIndexCreationMode()==="blocking"),o=t.filter(i=>i.getIndexCreationMode()==="background");for(let i of r)await Hn(i);o.length>0&&(n=!0,Promise.resolve().then(async()=>{try{for(let i of o)await Hn(i);}finally{await me(mt);}}));}finally{n||await me(mt);}}async function Hn(t){let e=t.getName();try{await t.createIndexes();}catch(n){Uo(e,n);}}function jo(t){let e={};for(let n of t)for(let[r,o]of Object.entries(n.configSchema)){let i=`${n.name}.${r}`;if(i in e)throw new Error(`Duplicate config schema key: ${i} (${n.name})`);e[i]=o;}return e}function Fo(t){for(let e of t)for(let[n,r]of Object.entries(e.cronJobs))vn(`${e.name}.${n}`,r);}function zo(t){let e=ve();if(!e)throw new Error("Failed to initialize stores: MongoDB client not initialized");for(let n of t)n.init(e);}async function qo(){if(process.env.MODELENCE_TRACKING_ENABLED!=="false"){let e=process.env.MODELENCE_SERVICE_ENDPOINT??"https://cloud.modelence.com",n=process.env.MODELENCE_ENVIRONMENT_ID,r=await Ho(),o=await import('./package-O4GYADO2.js');await fetch(`${e}/api/track/app-start`,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({projectName:r.name,version:o.default.version,localHostname:Dr.hostname(),environmentId:n})});}}async function Ho(){try{let t=ct.join(process.cwd(),"package.json"),e=await Ao.readFile(t,"utf-8");return {name:JSON.parse(e).name||"unknown"}}catch{return {name:"unknown"}}}async function Vn(t){await L.deleteMany({userId:t}),await I.deleteMany({userId:t});}async function Wo(t){await Vn(t),await m.updateOne(t,{$set:{status:"disabled",disabledAt:new Date}});}async function Go(t){await Vn(t),await m.updateOne({_id:t},{$set:{handle:`deleted-${t}-${randomUUID()}`,status:"deleted",deletedAt:new Date,authMethods:{},emails:[]}});}var ft=class{constructor(e,n){this.category=e,this.canAccessChannel=n||null;}broadcast(e,n){let r=De().provider;if(!r){k("Websockets provider should be added to startApp",{});return}r.broadcast({category:this.category,id:e,data:n});}};function Zo(t){if(!S().provider)throw new Error("Email provider is not configured, see https://docs.modelence.com/email for more details.");return S().provider?.sendEmail(t)}
+export{te as LiveData,v as Module,ft as ServerChannel,C as Store,D as authenticate,_ as consumeRateLimit,He as createQuery,m as dbUsers,_n as deleteFile,Go as deleteUser,Wo as disableUser,Rn as downloadFile,Mn as getFileUrl,An as getUploadUrl,u as schema,Zo as sendEmail,Mo as startApp};//# sourceMappingURL=server.js.map
 //# sourceMappingURL=server.js.map