modelence 0.19.0 → 0.19.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/chunk-MIRF7FP3.js +2 -0
- package/dist/chunk-MIRF7FP3.js.map +1 -0
- package/dist/{chunk-JBPO3BNR.js → chunk-VBRGC3XM.js} +3 -3
- package/dist/{chunk-JBPO3BNR.js.map → chunk-VBRGC3XM.js.map} +1 -1
- package/dist/client.d.ts +8 -1
- package/dist/client.js +1 -1
- package/dist/client.js.map +1 -1
- package/dist/index.d.ts +6 -1
- package/dist/index.js +1 -1
- package/dist/{package-DB7AXKLA.js → package-FOVTOR5M.js} +2 -2
- package/dist/{package-DB7AXKLA.js.map → package-FOVTOR5M.js.map} +1 -1
- package/dist/server.d.ts +4 -2
- package/dist/server.js +8 -8
- package/dist/server.js.map +1 -1
- package/package.json +1 -1
- package/dist/chunk-C3UESBRX.js +0 -2
- package/dist/chunk-C3UESBRX.js.map +0 -1
package/dist/server.js
CHANGED
|
@@ -1,21 +1,21 @@
|
|
|
1
|
-
import {a as a$2,b as b$2}from'./chunk-5M6FUMUK.js';import {d,a as a$3}from'./chunk-C3UESBRX.js';import {a}from'./chunk-DO5TZLF5.js';import {a as a$1,b as b$1,f as f$1,e,g,c,h,k as k$1,d as d$1,j as j$1,i,l,m as m$1}from'./chunk-7LPSX5A6.js';export{a as getConfig}from'./chunk-7LPSX5A6.js';import {s}from'./chunk-JBPO3BNR.js';import hr from'dotenv';import ai from'fs/promises';import lo from'os';import xt from'path';import {Server}from'socket.io';import {createAdapter}from'@socket.io/mongo-adapter';import {MongoError,ObjectId,MongoClient,MongoServerError}from'mongodb';export{ObjectId}from'mongodb';import {randomBytes,randomUUID}from'crypto';import {isDeepStrictEqual}from'util';import Z,{z as z$1}from'zod';import Wr from'bcrypt';import {createServer,defineConfig,loadConfigFromFile,mergeConfig}from'vite';import ko from'@vitejs/plugin-react';import To from'fs';import H,{Router}from'express';import Ko from'cookie-parser';import Jo from'http';var C=class{constructor(e,{stores:n=[],queries:r={},mutations:o={},routes:i=[],cronJobs:s={},configSchema:a={},rateLimits:c=[],channels:l=[]}={}){this.name=e,this.stores=n,this.queries=r,this.mutations=o,this.routes=i,this.cronJobs=s,this.configSchema=a,this.rateLimits=c,this.channels=l;}getConfig(e){return a$1(`${this.name}.${e}`)}};function $(t){let e=t._def;if(e.typeName==="ZodString")return {type:"string"};if(e.typeName==="ZodNumber")return {type:"number"};if(e.typeName==="ZodBoolean")return {type:"boolean"};if(e.typeName==="ZodDate")return {type:"date"};if(e.typeName==="ZodArray")return {type:"array",items:$(e.type)};if(e.typeName==="ZodObject"){let r=e.shape(),o={};for(let[i,s]of Object.entries(r))o[i]=$(s);return {type:"object",items:o}}if(e.typeName==="ZodOptional")return {...$(e.innerType),optional:true};if(e.typeName==="ZodNullable")return {...$(e.innerType),optional:true};if(e.typeName==="ZodEnum")return {type:"enum",items:e.values};if(e.typeName==="ZodUnion")return {type:"union",items:e.options.map($)};if(e.typeName==="ZodEffects"){let n=e;return n.description?{type:"custom",typeName:n.description}:$(n.schema)}return {type:"custom",typeName:e.typeName}}function xe(t){let e={};for(let[n,r]of Object.entries(t))Array.isArray(r)?e[n]=r.map(o=>typeof o=="object"&&"_def"in o?$(o):xe(o)):typeof r=="object"&&"_def"in r?e[n]=$(r):e[n]=xe(r);return e}var ve=t=>typeof t=="object"&&t!==null&&!Array.isArray(t),$t=t=>ve(t)&&"_def"in t,We=t=>t._def,jt=t=>{let e=We(t);if(e.typeName==="ZodOptional"||e.typeName==="ZodNullable"||e.typeName==="ZodDefault"||e.typeName==="ZodCatch"||e.typeName==="ZodReadonly")return e.innerType;if(e.typeName==="ZodEffects")return e.schema;if(e.typeName==="ZodBranded")return e.type;if(e.typeName==="ZodPipeline")return e.out},Ft=t=>{let e=We(t);if(e.typeName==="ZodDefault")return {hasDefault:true,value:e.defaultValue()};let n=jt(t);return n?Ft(n):{hasDefault:false}},He=(t,e)=>{let n=We(t);if(n.typeName==="ZodObject"&&ve(e))return Ee(n.shape(),e);if(n.typeName==="ZodArray"&&Array.isArray(e))return e.map(o=>He(n.type,o));let r=jt(t);return r?He(r,e):e},Ce=(t,e)=>$t(t)?He(t,e):Array.isArray(t)&&Array.isArray(e)?t.length===1?e.map(n=>Ce(t[0],n)):e.map((n,r)=>Ce(t[r],n)):ve(t)&&ve(e)?Ee(t,e):e,Ee=(t,e)=>{let n={...e};for(let[r,o]of Object.entries(t)){let i=n[r];if(i===void 0){if($t(o)){let s=Ft(o);s.hasDefault&&(n[r]=Ce(o,s.value));}continue}n[r]=Ce(o,i);}return n};var br=["background","bits","bucketSize","collation","default_language","expireAfterSeconds","hidden","language_override","max","min","partialFilterExpression","sparse","storageEngine","textIndexVersion","unique","weights","wildcardProjection","2dsphereIndexVersion"],Ge=t=>typeof t=="object"&&t!==null&&!Array.isArray(t),Sr=t=>t.startsWith("_modelence_"),Ke=t=>{let e={};for(let n of br){let r=t[n];r!==void 0&&(e[n]=r);}return e},xr=(t,e)=>{if(!Ge(t)||!Ge(e))return false;let n=Object.entries(t),r=Object.entries(e);return n.length!==r.length?false:n.every(([o,i],s)=>{let[a,c]=r[s]||[];return o===a&&isDeepStrictEqual(i,c)})},zt=(t,e)=>xr(t.key,e.key)?isDeepStrictEqual(Ke(t),Ke(e)):false,Ve=t=>Ge(t)?Object.entries(t).map(([e,n])=>`${e}:${JSON.stringify(n)}`).join("|"):null,vr=async t=>{try{return await t.listIndexes().toArray()}catch(e){if(e instanceof MongoError&&e.code===26)return [];throw e}},Cr=t=>Object.entries(t).map(([e,n])=>`${e}_${n}`).join("_"),Er=t=>{if(t.name){let n=t.name.startsWith("_modelence_")?t.name:`_modelence_${t.name}`;return {...t,name:n}}let e=Cr(t.key);return {...t,name:`_modelence_${e}`}},E=class t{constructor(e,n){this._chainParent=null;this._chainChild=null;this.name=e,this.schema=n.schema,this.methods=n.methods,this.indexes=n.indexes.map(Er),this.searchIndexes=n.searchIndexes||[],this.indexCreationMode=n.indexCreationMode??"background";}getName(){return this.name}getIndexCreationMode(){return this.indexCreationMode}getSchema(){return this.schema}getSerializedSchema(){return xe(this.schema)}getIndexes(){return this.indexes}getSearchIndexes(){return this.searchIndexes}getChainTail(){let e=this;for(;e._chainChild;)e=e._chainChild;return e}getChainRoot(){let e=this;for(;e._chainParent;)e=e._chainParent;return e}extend(e){let n=this.getChainTail();if(this.client||n.client)throw new Error(`Store.extend() must be called before startApp(). Store '${this.name}' has already been initialized and cannot be extended.`);let r={...n.schema,...e.schema||{}},o=[...n.indexes,...e.indexes||[]],i=[...n.searchIndexes,...e.searchIndexes||[]],s={...n.methods||{},...e.methods||{}},a=new t(this.name,{schema:r,methods:s,indexes:o,searchIndexes:i,indexCreationMode:e.indexCreationMode??n.indexCreationMode});return n._chainChild=a,a._chainParent=n,a}init(e){if(this.collection)throw new Error(`Collection ${this.name} is already initialized`);this.client=e,this.collection=this.client.db().collection(this.name);}async createIndexes(e="full"){let n=this.requireCollection(),r=e!=="create-only",o=e!=="drop-only",i=await vr(n),s=new Map,a=new Map,c=new Set,l=u=>{s.set(u.name,u);let y=Ve(u.key);if(!y)return;let g=a.get(y);g?g.add(u.name):a.set(y,new Set([u.name]));},d=u=>{let y=s.get(u);if(!y)return;s.delete(u);let g=Ve(y.key);if(!g)return;let S=a.get(g);S&&(S.delete(u),S.size===0&&a.delete(g));};for(let u of i)typeof u.name=="string"&&l({...u,name:u.name});let p=async u=>{if(!(u==="_id_"||c.has(u))){try{await n.dropIndex(u);}catch(y){if(!(y instanceof MongoError&&y.code===27))throw y}c.add(u),d(u);}};if(r){let u=new Set(this.indexes.map(g=>g.name).filter(g=>typeof g=="string")),y=[...s.values()].filter(g=>Sr(g.name)&&!u.has(g.name));for(let g of y)await p(g.name);}if(this.indexes.length>0)for(let u of this.indexes){if(!u.name)continue;let y=false,g=s.get(u.name);g&&!zt(g,u)&&(r?await p(g.name):y=true);let S=Ve(u.key);if(S){let M=[...a.get(S)||[]];for(let A of M)A!==u.name&&(r?await p(A):y=true);}let L=s.get(u.name);!(!!L&&zt(L,u))&&o&&!y&&(await n.createIndexes([u]),l({name:u.name,key:u.key,...Ke(u)}));}if(o&&this.searchIndexes.length>0)for(let u of this.searchIndexes)try{await n.createSearchIndexes([u]);}catch(y){if(y instanceof MongoError&&y.code===68&&u.name)await n.dropSearchIndex(u.name),await n.createSearchIndexes([u]);else throw y}}wrapDocument(e){return this.methods?Object.create(null,Object.getOwnPropertyDescriptors({...e,...this.methods})):e}getSelector(e){return typeof e=="string"?{_id:new ObjectId(e)}:e instanceof ObjectId?{_id:e}:e}requireCollection(){if(!this.collection)throw new Error(`Collection ${this.name} is not provisioned`);return this.collection}requireClient(){if(!this.client)throw new Error("Database is not connected");return this.client}async findOne(e,n){let r=await this.requireCollection().findOne(e,n);return r?this.wrapDocument(r):null}async requireOne(e,n,r){let o=await this.findOne(e,n);if(!o)throw r?r():new Error(`Record not found in ${this.name}`);return o}find(e,n){let r=this.requireCollection().find(e,n?.projection?{projection:n.projection}:void 0);return n?.sort&&r.sort(n.sort),n?.limit&&r.limit(n.limit),n?.skip&&r.skip(n.skip),r}async findById(e){let n=typeof e=="string"?{_id:new ObjectId(e)}:{_id:e};return await this.findOne(n)}async requireById(e,n){let r=await this.findById(e);if(!r)throw n?n():new Error(`Record with id ${e} not found in ${this.name}`);return r}countDocuments(e){return this.requireCollection().countDocuments(e)}async fetch(e,n){return (await this.find(e,n).toArray()).map(this.wrapDocument.bind(this))}async insertOne(e,n){return await this.requireCollection().insertOne(e,n)}async create(e,n){let r=Ee(this.schema,{_id:new ObjectId,...e});return await this.requireCollection().insertOne(r,n),this.wrapDocument(r)}async insertMany(e,n){return await this.requireCollection().insertMany(e,n)}async updateOne(e,n,r){return await this.requireCollection().updateOne(this.getSelector(e),n,r)}async upsertOne(e,n,r){return await this.requireCollection().updateOne(this.getSelector(e),n,{upsert:true,...r})}async updateMany(e,n,r){return await this.requireCollection().updateMany(e,n,r)}async upsertMany(e,n,r){return await this.requireCollection().updateMany(e,n,{upsert:true,...r})}async deleteOne(e,n){return await this.requireCollection().deleteOne(this.getSelector(e),n)}async deleteMany(e,n){return await this.requireCollection().deleteMany(e,n)}async findOneAndUpdate(e,n,r){let o=await this.requireCollection().findOneAndUpdate(this.getSelector(e),n,r??{});return o?this.wrapDocument(o):null}async findOneAndDelete(e,n){let r=await this.requireCollection().findOneAndDelete(this.getSelector(e),n??{});return r?this.wrapDocument(r):null}async findOneAndReplace(e,n,r){let o=await this.requireCollection().findOneAndReplace(this.getSelector(e),n,r??{});return o?this.wrapDocument(o):null}async replaceOne(e,n,r){return await this.requireCollection().replaceOne(this.getSelector(e),n,r)}async distinct(e,n,r){let o=n??{};return r!==void 0?await this.requireCollection().distinct(e,o,r):await this.requireCollection().distinct(e,o)}watch(e,n){return this.requireCollection().watch(e,n)}aggregate(e,n){return this.requireCollection().aggregate(e,n)}bulkWrite(e){return this.requireCollection().bulkWrite(e)}getDatabase(){return this.requireClient().db()}rawCollection(){return this.requireCollection()}async renameFrom(e,n){let r=this.getDatabase();if(!this.collection||!r)throw new Error(`Store ${this.name} is not provisioned`);if((await r.listCollections({name:e}).toArray()).length===0)throw new Error(`Collection ${e} not found`);if((await r.listCollections({name:this.name}).toArray()).length>0)throw new Error(`Collection ${this.name} already exists`);await r.collection(e).rename(this.name,n);}async vectorSearch({field:e,embedding:n,numCandidates:r,limit:o,projection:i,indexName:s}){return this.aggregate([{$vectorSearch:{index:s||e+"VectorSearch",path:e,queryVector:n,numCandidates:r||100,limit:o||10}},{$project:{_id:1,score:{$meta:"vectorSearchScore"},...i}}])}static vectorIndex({field:e,dimensions:n,similarity:r="cosine",indexName:o}){return {type:"vectorSearch",name:o||e+"VectorSearch",definition:{fields:[{type:"vector",path:e,numDimensions:n,similarity:r}]}}}};var kr=z$1.string.bind(z$1),Tr=z$1.number.bind(z$1),Ar=z$1.date.bind(z$1),Or=z$1.boolean.bind(z$1),Rr=z$1.array.bind(z$1),_r=z$1.object.bind(z$1),Ir=z$1.enum.bind(z$1),m={string:kr,number:Tr,date:Ar,boolean:Or,array:Rr,object:_r,enum:Ir,embedding(){return z$1.array(z$1.number())},objectId(){return z$1.instanceof(ObjectId).describe("ObjectId")},userId(){return z$1.instanceof(ObjectId).describe("UserId")},ref(t){return z$1.instanceof(ObjectId).describe("Ref")},union:z$1.union.bind(z$1),infer(t){return {}}};var Qe=new E("_modelenceLinkNonces",{schema:{nonce:m.string(),userId:m.string(),expiresAt:m.date()},indexes:[{key:{nonce:1},unique:true},{key:{expiresAt:1},expireAfterSeconds:0}]});async function Ht(t){let e=randomBytes(32).toString("hex");return await Qe.insertOne({nonce:e,userId:t,expiresAt:new Date(Date.now()+a.minutes(10))}),e}async function Wt(t){let e=await Qe.findOneAndDelete({nonce:t});return e?e.userId:null}var B=new E("_modelenceSessions",{schema:{authToken:m.string(),createdAt:m.date(),expiresAt:m.date(),userId:m.userId().nullable()},indexes:[{key:{authToken:1},unique:true},{key:{expiresAt:1},expireAfterSeconds:0},{key:{userId:1}}]});async function Vt(t){let e=t?await B.findOne({authToken:t}):null;return e?{authToken:String(e.authToken),expiresAt:new Date(e.expiresAt),userId:e.userId??null}:await le()}async function Bt(t,e){await B.updateOne({authToken:t},{$set:{userId:e}});}async function Gt(t){await B.updateOne({authToken:t},{$set:{userId:null}});}async function Kt(t){await B.deleteMany({userId:t});}async function le(t=null){let e=randomBytes(32).toString("base64url"),n=Date.now(),r=new Date(n+a.days(7));return await B.insertOne({authToken:e,createdAt:new Date(n),expiresAt:r,userId:t}),{authToken:e,expiresAt:r,userId:t}}async function Mr(t){let e=Date.now(),n=new Date(e+a.days(7));await B.updateOne({authToken:t.authToken},{$set:{lastActiveDate:new Date(e),expiresAt:n}});}function Te(t,e){t.cookie("authToken",e,{httpOnly:true,secure:process.env.NODE_ENV==="production",sameSite:"strict",path:"/"});}var Jt=new C("_system.session",{stores:[B,Qe],mutations:{init:async function(t,{session:e,user:n}){return {session:e,user:n,configs:b$1()}},heartbeat:async function(t,{session:e}){e&&await Mr(e);}}});var f=new E("_modelenceUsers",{schema:{handle:m.string(),emails:m.array(m.object({address:m.string(),verified:m.boolean()})).optional(),status:m.enum(["active","disabled","deleted"]).optional(),firstName:m.string().optional(),lastName:m.string().optional(),avatarUrl:m.string().optional(),createdAt:m.date(),disabledAt:m.date().optional(),deletedAt:m.date().optional(),roles:m.array(m.string()).optional(),authMethods:m.object({password:m.object({hash:m.string()}).optional(),google:m.object({id:m.string()}).optional(),github:m.object({id:m.string()}).optional()})},indexes:[{key:{handle:1},unique:true,collation:{locale:"en",strength:2}},{key:{"emails.address":1,status:1}},{key:{"authMethods.google.id":1},sparse:true,unique:true},{key:{"authMethods.github.id":1},sparse:true,unique:true}]}),de=new E("_modelenceDisposableEmailDomains",{schema:{domain:m.string(),addedAt:m.date()},indexes:[{key:{domain:1},unique:true}]}),j=new E("_modelenceEmailVerificationTokens",{schema:{userId:m.objectId(),email:m.string().optional(),token:m.string(),createdAt:m.date(),expiresAt:m.date()},indexes:[{key:{token:1},unique:true},{key:{expiresAt:1},expireAfterSeconds:0}]}),P=new E("_modelenceResetPasswordTokens",{schema:{userId:m.objectId(),email:m.string().optional(),token:m.string(),createdAt:m.date(),expiresAt:m.date()},indexes:[{key:{token:1},unique:true},{key:{expiresAt:1},expireAfterSeconds:0}]});var Qt=new Map,ne={authenticated:null,unauthenticated:null};function Yt(t,e){ne.authenticated=e.authenticated,ne.unauthenticated=e.unauthenticated;for(let[n,r]of Object.entries(t))Qt.set(n,r);}function Ae(){return ne.unauthenticated?[ne.unauthenticated]:[]}function Xt(){return ne.authenticated?[ne.authenticated]:[]}function Ye(t,e){let n=e.find(r=>!Dr(t,r));if(n)throw new Error(`Access denied - missing permission: '${n}'`)}function Dr(t,e){for(let n of t)if(Qt.get(n)?.permissions?.includes(e))return true;return false}async function N(t){let e=await Vt(t),n=e.userId?await f.findOne({_id:new ObjectId(e.userId),status:{$nin:["deleted","disabled"]}}):null,r=n?{id:n._id.toString(),handle:n.handle,roles:n.roles||[],hasRole:i=>(n.roles||[]).includes(i),requireRole:i=>{if(!(n.roles||[]).includes(i))throw new Error(`Access denied - role '${i}' required`)},firstName:n.firstName??void 0,lastName:n.lastName??void 0,avatarUrl:n.avatarUrl??void 0}:null,o=r?Xt():Ae();return {user:r,session:e,roles:o}}var ue=new C("_system",{configSchema:{mongodbUri:{type:"secret",isPublic:false,default:""},mongodbPoolSize:{type:"number",isPublic:false,default:10},"env.type":{type:"string",isPublic:true,default:""},"site.url":{type:"string",isPublic:true,default:""},multiInstance:{type:"boolean",isPublic:false,default:false}}});var F=null;async function en(){if(F)return F;let t=G();if(!t)throw new Error("MongoDB URI is not set");let e=ue.getConfig("mongodbPoolSize");F=new MongoClient(t,{driverInfo:{name:"Modelence",version:s.version},ignoreUndefined:true,maxPoolSize:e});try{return await F.connect(),await F.db("admin").command({ping:1}),console.log("Pinged your deployment. You successfully connected to MongoDB!"),F}catch(n){throw console.error(n),F=null,n}}function G(){return ue.getConfig("mongodbUri")||void 0}function Oe(){return F}var re=class{constructor(e){this.fetch=e.fetch,this.watch=e.watch;}};function Lr(){return typeof window!="object"}function z(){if(!Lr())throw new Error("This function can only be called on the server")}function Re(t){return t.replace(/<[^>]*>/g,"").replace(/\s+/g," ").trim()}var _e={};function Xe(t,e){return z(),on(t),Ie("query",t,e)}function tn(t,e){return z(),on(t),Ie("mutation",t,e)}function nn(t,e){return z(),sn(t),Ie("query",t,e)}function rn(t,e){return z(),sn(t),Ie("mutation",t,e)}function on(t){if(t.toLowerCase().startsWith("_system."))throw new Error(`Method name cannot start with a reserved prefix: '_system.' (${t})`)}function sn(t){if(!t.toLowerCase().startsWith("_system."))throw new Error(`System method name must start with a prefix: '_system.' (${t})`)}function Ie(t,e,n){if(z(),_e[e])throw new Error(`Method with name '${e}' is already defined.`);let r=typeof n=="function"?n:n.handler,o=typeof n=="function"?[]:n.permissions??[];_e[e]={type:t,name:e,handler:r,permissions:o};}async function an(t,e,n){z();let r=_e[t];if(!r)throw new Error(`Method with name '${t}' is not defined.`);let{type:o,handler:i}=r,s=l("method",`method:${t}`,{type:o,args:e}),a;try{Ye(n.roles,r.permissions),a=await i(e,n);}catch(c){throw s.end("error"),c}return s.end(),a}async function cn(t,e,n){z();let r=_e[t];if(!r)throw new Error(`Method with name '${t}' is not defined.`);let{type:o,handler:i}=r;if(o!=="query")throw new Error("Live methods are only supported for queries");let s=l("method",`method:${t}:live`,{type:o,args:e}),a;try{if(Ye(n.roles,r.permissions),a=await i(e,n),!(a instanceof re))throw new Error(`Live query handler for '${t}' must return a LiveData object with fetch and watch functions. See https://docs.modelence.com/live-queries`)}catch(c){throw s.end("error"),c}return s.end(),a}var me=new Map;function Ur(t){let e=me.get(t.id);return e||(e=new Map,me.set(t.id,e)),e}async function et(t,e){let n=z$1.object({subscriptionId:z$1.string().min(1),method:z$1.string().min(1),args:z$1.record(z$1.unknown()).default({}),authToken:z$1.string().nullish(),clientInfo:z$1.object({screenWidth:z$1.number(),screenHeight:z$1.number(),windowWidth:z$1.number(),windowHeight:z$1.number(),pixelRatio:z$1.number(),orientation:z$1.string().nullable()}).optional()}).safeParse(e);if(!n.success){t.emit("liveQueryError",{subscriptionId:null,error:`Invalid payload: ${n.error.message}`});return}let{subscriptionId:r,method:o,args:i,authToken:s,clientInfo:a}=n.data,c=Ur(t),l=c.get(r);if(l)if(l.cleanup)try{l.cleanup();}catch(p){console.error("[LiveQuery] Error cleaning up existing subscription:",p);}else l.aborted=true;let d={cleanup:null};c.set(r,d);try{let{session:p,user:u,roles:y}=await N(s??null),g={session:p,user:u,roles:y,clientInfo:a??{screenWidth:0,screenHeight:0,windowWidth:0,windowHeight:0,pixelRatio:1,orientation:null},connectionInfo:{ip:t.handshake.address,userAgent:t.handshake.headers["user-agent"]}},S=await cn(o,i,g),L=async()=>{let _=a$2(await S.fetch());d.aborted||t.emit("liveQueryData",{subscriptionId:r,data:_,typeMap:b$2(_)});},R=!0,M=!1,A=()=>{d.aborted||!R||M||(R=!1,M=!0,L().catch(_=>{d.aborted||(console.error(`[LiveQuery] Error fetching data for ${o}:`,_),t.emit("liveQueryError",{subscriptionId:r,error:_ instanceof Error?_.message:String(_)}));}).finally(()=>{M=!1,A();}));},W=S.watch({publish:()=>{R=!0,A();}});if(d.aborted){if(W)try{W();}catch(_){console.error("[LiveQuery] Error cleaning up after disconnect during setup:",_);}return}d.cleanup=W||null,A();}catch(p){c.delete(r),console.error(`[LiveQuery] Error in ${o}:`,p),t.emit("liveQueryError",{subscriptionId:r,error:p instanceof Error?p.message:String(p)});}}function tt(t,e){let n=z$1.object({subscriptionId:z$1.string().min(1)}).safeParse(e);if(!n.success){console.warn(`[LiveQuery] Invalid unsubscribe payload: ${n.error.message}`);return}let{subscriptionId:r}=n.data,o=me.get(t.id);if(!o)return;let i=o.get(r);if(i){if(i.cleanup)try{i.cleanup();}catch(s){console.error("[LiveQuery] Error in cleanup:",s);}else i.aborted=true;o.delete(r);}}function nt(t){let e=me.get(t.id);if(e){for(let n of e.values())if(n.cleanup)try{n.cleanup();}catch(r){console.error("[LiveQuery] Error in cleanup on disconnect:",r);}else n.aborted=true;me.delete(t.id);}}var pe=null,Fr="_modelenceSocketio",ln=60;async function zr({httpServer:t,channels:e}){let n=Oe(),r=!!a$1("_system.multiInstance");console.log("Initializing Socket.IO server...");let o=null;if(r&&n){o=n.db().collection(Fr);try{await o.createIndex({createdAt:1},{expireAfterSeconds:ln,background:!0});}catch(i){if(i instanceof Error&&"code"in i&&i.code===85)try{await o.dropIndex("createdAt_1"),await o.createIndex({createdAt:1},{expireAfterSeconds:ln,background:!0});}catch(s){console.error("Failed to recreate index on MongoDB collection for Socket.IO:",s);}else console.error("Failed to create index on MongoDB collection for Socket.IO:",i);}}pe=new Server(t,{cors:{origin:"*",methods:["GET","POST"]},adapter:o?createAdapter(o):void 0,transports:["websocket"],perMessageDeflate:false}),pe.on("error",i=>{console.error("Socket.IO error:",i);}),pe.use(async(i,s)=>{let a=i.handshake.auth.token;try{i.data=await N(a);}finally{s();}}),pe.on("connection",i=>{i.on("disconnect",()=>{nt(i);}),i.on("joinChannel",async s=>{let[a]=s.split(":"),c=false;for(let l of e)if(l.category===a){(!l.canAccessChannel||await l.canAccessChannel(i.data))&&(i.join(s),c=true,i.emit("joinedChannel",s));break}c||i.emit("joinError",{channel:s,error:"Access denied"});}),i.on("leaveChannel",s=>{i.leave(s),console.log(`User ${i.id} left channel ${s}`),i.emit("leftChannel",s);}),i.on("subscribeLiveQuery",s=>et(i,s)),i.on("unsubscribeLiveQuery",s=>tt(i,s));}),console.log("Socket.IO server initialized");}function qr({category:t,id:e,data:n}){pe?.to(`${t}:${e}`).emit(t,n);}var dn={init:zr,broadcast:qr};async function un(t){let e=t.toLowerCase().trim().split("@");if(e.length!==2)return false;let n=e[1];return !!await de.findOne({domain:n})}var mn={interval:a.days(1),async handler(){let t=await fetch("https://disposable.github.io/disposable-email-domains/domains.txt");if(!t.ok)throw new Error(`HTTP ${t.status}: ${t.statusText}`);let n=(await t.text()).split(`
|
|
2
|
-
`).map(i=>i.trim().toLowerCase()).filter(i=>i.length>0),r=new Date,o=500;for(let i=0;i<n.length;i+=o){let s=n.slice(i,i+o);try{await de.insertMany(s.map(a=>({domain:a,addedAt:r})));}catch(a){a&&typeof a=="object"&&"name"in a&&a.name;}}}};var Me=3,K=50,
|
|
1
|
+
import {a as a$2,b as b$3}from'./chunk-5M6FUMUK.js';import {b as b$1,d,a as a$3}from'./chunk-MIRF7FP3.js';import {a}from'./chunk-DO5TZLF5.js';import {a as a$1,b as b$2,f as f$1,e,g,c,h,k as k$1,d as d$1,j as j$1,i,l,m as m$1}from'./chunk-7LPSX5A6.js';export{a as getConfig}from'./chunk-7LPSX5A6.js';import {s}from'./chunk-VBRGC3XM.js';import gr from'dotenv';import di from'fs/promises';import mo from'os';import xt from'path';import {Server}from'socket.io';import {createAdapter}from'@socket.io/mongo-adapter';import {MongoError,ObjectId,MongoClient,MongoServerError}from'mongodb';export{ObjectId}from'mongodb';import {randomBytes,randomUUID}from'crypto';import {isDeepStrictEqual}from'util';import Z,{z as z$1}from'zod';import Wr from'bcrypt';import {createServer,defineConfig,loadConfigFromFile,mergeConfig}from'vite';import Ao from'@vitejs/plugin-react';import Oo from'fs';import H,{Router}from'express';import Qo from'cookie-parser';import Xo from'http';var C=class{constructor(e,{stores:n=[],queries:r={},mutations:o={},routes:i=[],cronJobs:s={},configSchema:a={},rateLimits:c=[],channels:l=[]}={}){this.name=e,this.stores=n,this.queries=r,this.mutations=o,this.routes=i,this.cronJobs=s,this.configSchema=a,this.rateLimits=c,this.channels=l;}getConfig(e){return a$1(`${this.name}.${e}`)}};function $(t){let e=t._def;if(e.typeName==="ZodString")return {type:"string"};if(e.typeName==="ZodNumber")return {type:"number"};if(e.typeName==="ZodBoolean")return {type:"boolean"};if(e.typeName==="ZodDate")return {type:"date"};if(e.typeName==="ZodArray")return {type:"array",items:$(e.type)};if(e.typeName==="ZodObject"){let r=e.shape(),o={};for(let[i,s]of Object.entries(r))o[i]=$(s);return {type:"object",items:o}}if(e.typeName==="ZodOptional")return {...$(e.innerType),optional:true};if(e.typeName==="ZodNullable")return {...$(e.innerType),optional:true};if(e.typeName==="ZodEnum")return {type:"enum",items:e.values};if(e.typeName==="ZodUnion")return {type:"union",items:e.options.map($)};if(e.typeName==="ZodEffects"){let n=e;return n.description?{type:"custom",typeName:n.description}:$(n.schema)}return {type:"custom",typeName:e.typeName}}function xe(t){let e={};for(let[n,r]of Object.entries(t))Array.isArray(r)?e[n]=r.map(o=>typeof o=="object"&&"_def"in o?$(o):xe(o)):typeof r=="object"&&"_def"in r?e[n]=$(r):e[n]=xe(r);return e}var ve=t=>typeof t=="object"&&t!==null&&!Array.isArray(t),jt=t=>ve(t)&&"_def"in t,Ve=t=>t._def,Ft=t=>{let e=Ve(t);if(e.typeName==="ZodOptional"||e.typeName==="ZodNullable"||e.typeName==="ZodDefault"||e.typeName==="ZodCatch"||e.typeName==="ZodReadonly")return e.innerType;if(e.typeName==="ZodEffects")return e.schema;if(e.typeName==="ZodBranded")return e.type;if(e.typeName==="ZodPipeline")return e.out},zt=t=>{let e=Ve(t);if(e.typeName==="ZodDefault")return {hasDefault:true,value:e.defaultValue()};let n=Ft(t);return n?zt(n):{hasDefault:false}},He=(t,e)=>{let n=Ve(t);if(n.typeName==="ZodObject"&&ve(e))return Ee(n.shape(),e);if(n.typeName==="ZodArray"&&Array.isArray(e))return e.map(o=>He(n.type,o));let r=Ft(t);return r?He(r,e):e},Ce=(t,e)=>jt(t)?He(t,e):Array.isArray(t)&&Array.isArray(e)?t.length===1?e.map(n=>Ce(t[0],n)):e.map((n,r)=>Ce(t[r],n)):ve(t)&&ve(e)?Ee(t,e):e,Ee=(t,e)=>{let n={...e};for(let[r,o]of Object.entries(t)){let i=n[r];if(i===void 0){if(jt(o)){let s=zt(o);s.hasDefault&&(n[r]=Ce(o,s.value));}continue}n[r]=Ce(o,i);}return n};var Sr=["background","bits","bucketSize","collation","default_language","expireAfterSeconds","hidden","language_override","max","min","partialFilterExpression","sparse","storageEngine","textIndexVersion","unique","weights","wildcardProjection","2dsphereIndexVersion"],Ge=t=>typeof t=="object"&&t!==null&&!Array.isArray(t),xr=t=>t.startsWith("_modelence_"),Ke=t=>{let e={};for(let n of Sr){let r=t[n];r!==void 0&&(e[n]=r);}return e},vr=(t,e)=>{if(!Ge(t)||!Ge(e))return false;let n=Object.entries(t),r=Object.entries(e);return n.length!==r.length?false:n.every(([o,i],s)=>{let[a,c]=r[s]||[];return o===a&&isDeepStrictEqual(i,c)})},qt=(t,e)=>vr(t.key,e.key)?isDeepStrictEqual(Ke(t),Ke(e)):false,We=t=>Ge(t)?Object.entries(t).map(([e,n])=>`${e}:${JSON.stringify(n)}`).join("|"):null,Cr=async t=>{try{return await t.listIndexes().toArray()}catch(e){if(e instanceof MongoError&&e.code===26)return [];throw e}},Er=t=>Object.entries(t).map(([e,n])=>`${e}_${n}`).join("_"),kr=t=>{if(t.name){let n=t.name.startsWith("_modelence_")?t.name:`_modelence_${t.name}`;return {...t,name:n}}let e=Er(t.key);return {...t,name:`_modelence_${e}`}},E=class t{constructor(e,n){this._chainParent=null;this._chainChild=null;this.name=e,this.schema=n.schema,this.methods=n.methods,this.indexes=n.indexes.map(kr),this.searchIndexes=n.searchIndexes||[],this.indexCreationMode=n.indexCreationMode??"background";}getName(){return this.name}getIndexCreationMode(){return this.indexCreationMode}getSchema(){return this.schema}getSerializedSchema(){return xe(this.schema)}getIndexes(){return this.indexes}getSearchIndexes(){return this.searchIndexes}getChainTail(){let e=this;for(;e._chainChild;)e=e._chainChild;return e}getChainRoot(){let e=this;for(;e._chainParent;)e=e._chainParent;return e}extend(e){let n=this.getChainTail();if(this.client||n.client)throw new Error(`Store.extend() must be called before startApp(). Store '${this.name}' has already been initialized and cannot be extended.`);let r={...n.schema,...e.schema||{}},o=[...n.indexes,...e.indexes||[]],i=[...n.searchIndexes,...e.searchIndexes||[]],s={...n.methods||{},...e.methods||{}},a=new t(this.name,{schema:r,methods:s,indexes:o,searchIndexes:i,indexCreationMode:e.indexCreationMode??n.indexCreationMode});return n._chainChild=a,a._chainParent=n,a}init(e){if(this.collection)throw new Error(`Collection ${this.name} is already initialized`);this.client=e,this.collection=this.client.db().collection(this.name);}async createIndexes(e="full"){let n=this.requireCollection(),r=e!=="create-only",o=e!=="drop-only",i=await Cr(n),s=new Map,a=new Map,c=new Set,l=u=>{s.set(u.name,u);let y=We(u.key);if(!y)return;let g=a.get(y);g?g.add(u.name):a.set(y,new Set([u.name]));},d=u=>{let y=s.get(u);if(!y)return;s.delete(u);let g=We(y.key);if(!g)return;let S=a.get(g);S&&(S.delete(u),S.size===0&&a.delete(g));};for(let u of i)typeof u.name=="string"&&l({...u,name:u.name});let p=async u=>{if(!(u==="_id_"||c.has(u))){try{await n.dropIndex(u);}catch(y){if(!(y instanceof MongoError&&y.code===27))throw y}c.add(u),d(u);}};if(r){let u=new Set(this.indexes.map(g=>g.name).filter(g=>typeof g=="string")),y=[...s.values()].filter(g=>xr(g.name)&&!u.has(g.name));for(let g of y)await p(g.name);}if(this.indexes.length>0)for(let u of this.indexes){if(!u.name)continue;let y=false,g=s.get(u.name);g&&!qt(g,u)&&(r?await p(g.name):y=true);let S=We(u.key);if(S){let M=[...a.get(S)||[]];for(let A of M)A!==u.name&&(r?await p(A):y=true);}let L=s.get(u.name);!(!!L&&qt(L,u))&&o&&!y&&(await n.createIndexes([u]),l({name:u.name,key:u.key,...Ke(u)}));}if(o&&this.searchIndexes.length>0)for(let u of this.searchIndexes)try{await n.createSearchIndexes([u]);}catch(y){if(y instanceof MongoError&&y.code===68&&u.name)await n.dropSearchIndex(u.name),await n.createSearchIndexes([u]);else throw y}}wrapDocument(e){return this.methods?Object.create(null,Object.getOwnPropertyDescriptors({...e,...this.methods})):e}getSelector(e){return typeof e=="string"?{_id:new ObjectId(e)}:e instanceof ObjectId?{_id:e}:e}requireCollection(){if(!this.collection)throw new Error(`Collection ${this.name} is not provisioned`);return this.collection}requireClient(){if(!this.client)throw new Error("Database is not connected");return this.client}async findOne(e,n){let r=await this.requireCollection().findOne(e,n);return r?this.wrapDocument(r):null}async requireOne(e,n,r){let o=await this.findOne(e,n);if(!o)throw r?r():new Error(`Record not found in ${this.name}`);return o}find(e,n){let r=this.requireCollection().find(e,n?.projection?{projection:n.projection}:void 0);return n?.sort&&r.sort(n.sort),n?.limit&&r.limit(n.limit),n?.skip&&r.skip(n.skip),r}async findById(e){let n=typeof e=="string"?{_id:new ObjectId(e)}:{_id:e};return await this.findOne(n)}async requireById(e,n){let r=await this.findById(e);if(!r)throw n?n():new Error(`Record with id ${e} not found in ${this.name}`);return r}countDocuments(e){return this.requireCollection().countDocuments(e)}async fetch(e,n){return (await this.find(e,n).toArray()).map(this.wrapDocument.bind(this))}async insertOne(e,n){return await this.requireCollection().insertOne(e,n)}async create(e,n){let r=Ee(this.schema,{_id:new ObjectId,...e});return await this.requireCollection().insertOne(r,n),this.wrapDocument(r)}async insertMany(e,n){return await this.requireCollection().insertMany(e,n)}async updateOne(e,n,r){return await this.requireCollection().updateOne(this.getSelector(e),n,r)}async upsertOne(e,n,r){return await this.requireCollection().updateOne(this.getSelector(e),n,{upsert:true,...r})}async updateMany(e,n,r){return await this.requireCollection().updateMany(e,n,r)}async upsertMany(e,n,r){return await this.requireCollection().updateMany(e,n,{upsert:true,...r})}async deleteOne(e,n){return await this.requireCollection().deleteOne(this.getSelector(e),n)}async deleteMany(e,n){return await this.requireCollection().deleteMany(e,n)}async findOneAndUpdate(e,n,r){let o=await this.requireCollection().findOneAndUpdate(this.getSelector(e),n,r??{});return o?this.wrapDocument(o):null}async findOneAndDelete(e,n){let r=await this.requireCollection().findOneAndDelete(this.getSelector(e),n??{});return r?this.wrapDocument(r):null}async findOneAndReplace(e,n,r){let o=await this.requireCollection().findOneAndReplace(this.getSelector(e),n,r??{});return o?this.wrapDocument(o):null}async replaceOne(e,n,r){return await this.requireCollection().replaceOne(this.getSelector(e),n,r)}async distinct(e,n,r){let o=n??{};return r!==void 0?await this.requireCollection().distinct(e,o,r):await this.requireCollection().distinct(e,o)}watch(e,n){return this.requireCollection().watch(e,n)}aggregate(e,n){return this.requireCollection().aggregate(e,n)}bulkWrite(e){return this.requireCollection().bulkWrite(e)}getDatabase(){return this.requireClient().db()}rawCollection(){return this.requireCollection()}async renameFrom(e,n){let r=this.getDatabase();if(!this.collection||!r)throw new Error(`Store ${this.name} is not provisioned`);if((await r.listCollections({name:e}).toArray()).length===0)throw new Error(`Collection ${e} not found`);if((await r.listCollections({name:this.name}).toArray()).length>0)throw new Error(`Collection ${this.name} already exists`);await r.collection(e).rename(this.name,n);}async vectorSearch({field:e,embedding:n,numCandidates:r,limit:o,projection:i,indexName:s}){return this.aggregate([{$vectorSearch:{index:s||e+"VectorSearch",path:e,queryVector:n,numCandidates:r||100,limit:o||10}},{$project:{_id:1,score:{$meta:"vectorSearchScore"},...i}}])}static vectorIndex({field:e,dimensions:n,similarity:r="cosine",indexName:o}){return {type:"vectorSearch",name:o||e+"VectorSearch",definition:{fields:[{type:"vector",path:e,numDimensions:n,similarity:r}]}}}};var Tr=z$1.string.bind(z$1),Ar=z$1.number.bind(z$1),Or=z$1.date.bind(z$1),Rr=z$1.boolean.bind(z$1),_r=z$1.array.bind(z$1),Ir=z$1.object.bind(z$1),Mr=z$1.enum.bind(z$1),m={string:Tr,number:Ar,date:Or,boolean:Rr,array:_r,object:Ir,enum:Mr,embedding(){return z$1.array(z$1.number())},objectId(){return z$1.instanceof(ObjectId).describe("ObjectId")},userId(){return z$1.instanceof(ObjectId).describe("UserId")},ref(t){return z$1.instanceof(ObjectId).describe("Ref")},union:z$1.union.bind(z$1),infer(t){return {}}};var Qe=new E("_modelenceLinkNonces",{schema:{nonce:m.string(),userId:m.string(),expiresAt:m.date()},indexes:[{key:{nonce:1},unique:true},{key:{expiresAt:1},expireAfterSeconds:0}]});async function Vt(t){let e=randomBytes(32).toString("hex");return await Qe.insertOne({nonce:e,userId:t,expiresAt:new Date(Date.now()+a.minutes(10))}),e}async function Wt(t){let e=await Qe.findOneAndDelete({nonce:t});return e?e.userId:null}var B=new E("_modelenceSessions",{schema:{authToken:m.string(),createdAt:m.date(),expiresAt:m.date(),userId:m.userId().nullable()},indexes:[{key:{authToken:1},unique:true},{key:{expiresAt:1},expireAfterSeconds:0},{key:{userId:1}}]});async function Bt(t){let e=t?await B.findOne({authToken:t}):null;return e?{authToken:String(e.authToken),expiresAt:new Date(e.expiresAt),userId:e.userId??null}:await le()}async function Gt(t,e){await B.updateOne({authToken:t},{$set:{userId:e}});}async function Kt(t){await B.updateOne({authToken:t},{$set:{userId:null}});}async function Jt(t){await B.deleteMany({userId:t});}async function le(t=null){let e=randomBytes(32).toString("base64url"),n=Date.now(),r=new Date(n+a.days(7));return await B.insertOne({authToken:e,createdAt:new Date(n),expiresAt:r,userId:t}),{authToken:e,expiresAt:r,userId:t}}async function Dr(t){let e=Date.now(),n=new Date(e+a.days(7));await B.updateOne({authToken:t.authToken},{$set:{lastActiveDate:new Date(e),expiresAt:n}});}function Te(t,e){t.cookie("authToken",e,{httpOnly:true,secure:process.env.NODE_ENV==="production",sameSite:"strict",path:"/"});}var Qt=new C("_system.session",{stores:[B,Qe],mutations:{init:async function(t,{session:e,user:n}){return {session:e,user:n,configs:b$2()}},heartbeat:async function(t,{session:e}){e&&await Dr(e);}}});var f=new E("_modelenceUsers",{schema:{handle:m.string(),emails:m.array(m.object({address:m.string(),verified:m.boolean()})).optional(),status:m.enum(["active","disabled","deleted"]).optional(),firstName:m.string().optional(),lastName:m.string().optional(),avatarUrl:m.string().optional(),createdAt:m.date(),disabledAt:m.date().optional(),deletedAt:m.date().optional(),roles:m.array(m.string()).optional(),authMethods:m.object({password:m.object({hash:m.string()}).optional(),google:m.object({id:m.string()}).optional(),github:m.object({id:m.string()}).optional()})},indexes:[{key:{handle:1},unique:true,collation:{locale:"en",strength:2}},{key:{"emails.address":1,status:1}},{key:{"authMethods.google.id":1},sparse:true,unique:true},{key:{"authMethods.github.id":1},sparse:true,unique:true}]}),de=new E("_modelenceDisposableEmailDomains",{schema:{domain:m.string(),addedAt:m.date()},indexes:[{key:{domain:1},unique:true}]}),j=new E("_modelenceEmailVerificationTokens",{schema:{userId:m.objectId(),email:m.string().optional(),token:m.string(),createdAt:m.date(),expiresAt:m.date()},indexes:[{key:{token:1},unique:true},{key:{expiresAt:1},expireAfterSeconds:0}]}),P=new E("_modelenceResetPasswordTokens",{schema:{userId:m.objectId(),email:m.string().optional(),token:m.string(),createdAt:m.date(),expiresAt:m.date()},indexes:[{key:{token:1},unique:true},{key:{expiresAt:1},expireAfterSeconds:0}]});var Xt=new Map,ne={authenticated:null,unauthenticated:null};function Yt(t,e){ne.authenticated=e.authenticated,ne.unauthenticated=e.unauthenticated;for(let[n,r]of Object.entries(t))Xt.set(n,r);}function Ae(){return ne.unauthenticated?[ne.unauthenticated]:[]}function en(){return ne.authenticated?[ne.authenticated]:[]}function Xe(t,e){let n=e.find(r=>!Pr(t,r));if(n)throw new Error(`Access denied - missing permission: '${n}'`)}function Pr(t,e){for(let n of t)if(Xt.get(n)?.permissions?.includes(e))return true;return false}async function N(t){let e=await Bt(t),n=e.userId?await f.findOne({_id:new ObjectId(e.userId),status:{$nin:["deleted","disabled"]}}):null,r=n?{id:n._id.toString(),handle:n.handle,roles:n.roles||[],hasRole:i=>(n.roles||[]).includes(i),requireRole:i=>{if(!(n.roles||[]).includes(i))throw new Error(`Access denied - role '${i}' required`)},firstName:n.firstName??void 0,lastName:n.lastName??void 0,avatarUrl:n.avatarUrl??void 0}:null,o=r?en():Ae();return {user:r,session:e,roles:o}}var ue=new C("_system",{configSchema:{mongodbUri:{type:"secret",isPublic:false,default:""},mongodbPoolSize:{type:"number",isPublic:false,default:10},"env.type":{type:"string",isPublic:true,default:""},"site.url":{type:"string",isPublic:true,default:""},multiInstance:{type:"boolean",isPublic:false,default:false}}});var F=null;async function tn(){if(F)return F;let t=G();if(!t)throw new Error("MongoDB URI is not set");let e=ue.getConfig("mongodbPoolSize");F=new MongoClient(t,{driverInfo:{name:"Modelence",version:s.version},ignoreUndefined:true,maxPoolSize:e});try{return await F.connect(),await F.db("admin").command({ping:1}),console.log("Pinged your deployment. You successfully connected to MongoDB!"),F}catch(n){throw console.error(n),F=null,n}}function G(){return ue.getConfig("mongodbUri")||void 0}function Oe(){return F}var re=class{constructor(e){this.fetch=e.fetch,this.watch=e.watch;}};function Ur(){return typeof window!="object"}function z(){if(!Ur())throw new Error("This function can only be called on the server")}function Re(t){return t.replace(/<[^>]*>/g,"").replace(/\s+/g," ").trim()}var _e={};function Ye(t,e){return z(),sn(t),Ie("query",t,e)}function nn(t,e){return z(),sn(t),Ie("mutation",t,e)}function rn(t,e){return z(),an(t),Ie("query",t,e)}function on(t,e){return z(),an(t),Ie("mutation",t,e)}function sn(t){if(t.toLowerCase().startsWith("_system."))throw new Error(`Method name cannot start with a reserved prefix: '_system.' (${t})`)}function an(t){if(!t.toLowerCase().startsWith("_system."))throw new Error(`System method name must start with a prefix: '_system.' (${t})`)}function Ie(t,e,n){if(z(),_e[e])throw new Error(`Method with name '${e}' is already defined.`);let r=typeof n=="function"?n:n.handler,o=typeof n=="function"?[]:n.permissions??[];_e[e]={type:t,name:e,handler:r,permissions:o};}async function cn(t,e,n){z();let r=_e[t];if(!r)throw new Error(`Method with name '${t}' is not defined.`);let{type:o,handler:i}=r,s=l("method",`method:${t}`,{type:o,args:e}),a;try{Xe(n.roles,r.permissions),a=await i(e,n);}catch(c){throw s.end("error"),c}return s.end(),a}async function ln(t,e,n){z();let r=_e[t];if(!r)throw new Error(`Method with name '${t}' is not defined.`);let{type:o,handler:i}=r;if(o!=="query")throw new Error("Live methods are only supported for queries");let s=l("method",`method:${t}:live`,{type:o,args:e}),a;try{if(Xe(n.roles,r.permissions),a=await i(e,n),!(a instanceof re))throw new Error(`Live query handler for '${t}' must return a LiveData object with fetch and watch functions. See https://docs.modelence.com/live-queries`)}catch(c){throw s.end("error"),c}return s.end(),a}var me=new Map;function $r(t){let e=me.get(t.id);return e||(e=new Map,me.set(t.id,e)),e}async function et(t,e){let n=z$1.object({subscriptionId:z$1.string().min(1),method:z$1.string().min(1),args:z$1.record(z$1.unknown()).default({}),authToken:z$1.string().nullish(),clientInfo:z$1.object({screenWidth:z$1.number(),screenHeight:z$1.number(),windowWidth:z$1.number(),windowHeight:z$1.number(),pixelRatio:z$1.number(),orientation:z$1.string().nullable()}).optional()}).safeParse(e);if(!n.success){t.emit("liveQueryError",{subscriptionId:null,error:`Invalid payload: ${n.error.message}`});return}let{subscriptionId:r,method:o,args:i,authToken:s,clientInfo:a}=n.data,c=$r(t),l=c.get(r);if(l)if(l.cleanup)try{l.cleanup();}catch(p){console.error("[LiveQuery] Error cleaning up existing subscription:",p);}else l.aborted=true;let d={cleanup:null};c.set(r,d);try{let{session:p,user:u,roles:y}=await N(s??null),g={session:p,user:u,roles:y,clientInfo:a??{screenWidth:0,screenHeight:0,windowWidth:0,windowHeight:0,pixelRatio:1,orientation:null},connectionInfo:{ip:t.handshake.address,userAgent:t.handshake.headers["user-agent"]}},S=await ln(o,i,g),L=async()=>{let _=a$2(await S.fetch());d.aborted||t.emit("liveQueryData",{subscriptionId:r,data:_,typeMap:b$3(_)});},R=!0,M=!1,A=()=>{d.aborted||!R||M||(R=!1,M=!0,L().catch(_=>{d.aborted||(console.error(`[LiveQuery] Error fetching data for ${o}:`,_),t.emit("liveQueryError",{subscriptionId:r,error:_ instanceof Error?_.message:String(_)}));}).finally(()=>{M=!1,A();}));},V=S.watch({publish:()=>{R=!0,A();}});if(d.aborted){if(V)try{V();}catch(_){console.error("[LiveQuery] Error cleaning up after disconnect during setup:",_);}return}d.cleanup=V||null,A();}catch(p){c.delete(r),console.error(`[LiveQuery] Error in ${o}:`,p),t.emit("liveQueryError",{subscriptionId:r,error:p instanceof Error?p.message:String(p)});}}function tt(t,e){let n=z$1.object({subscriptionId:z$1.string().min(1)}).safeParse(e);if(!n.success){console.warn(`[LiveQuery] Invalid unsubscribe payload: ${n.error.message}`);return}let{subscriptionId:r}=n.data,o=me.get(t.id);if(!o)return;let i=o.get(r);if(i){if(i.cleanup)try{i.cleanup();}catch(s){console.error("[LiveQuery] Error in cleanup:",s);}else i.aborted=true;o.delete(r);}}function nt(t){let e=me.get(t.id);if(e){for(let n of e.values())if(n.cleanup)try{n.cleanup();}catch(r){console.error("[LiveQuery] Error in cleanup on disconnect:",r);}else n.aborted=true;me.delete(t.id);}}var pe=null,zr="_modelenceSocketio",dn=60;async function qr({httpServer:t,channels:e}){let n=Oe(),r=!!a$1("_system.multiInstance");console.log("Initializing Socket.IO server...");let o=null;if(r&&n){o=n.db().collection(zr);try{await o.createIndex({createdAt:1},{expireAfterSeconds:dn,background:!0});}catch(i){if(i instanceof Error&&"code"in i&&i.code===85)try{await o.dropIndex("createdAt_1"),await o.createIndex({createdAt:1},{expireAfterSeconds:dn,background:!0});}catch(s){console.error("Failed to recreate index on MongoDB collection for Socket.IO:",s);}else console.error("Failed to create index on MongoDB collection for Socket.IO:",i);}}pe=new Server(t,{cors:{origin:"*",methods:["GET","POST"]},adapter:o?createAdapter(o):void 0,transports:["websocket"],perMessageDeflate:false}),pe.on("error",i=>{console.error("Socket.IO error:",i);}),pe.use(async(i,s)=>{let a=i.handshake.auth.token;try{i.data=await N(a);}finally{s();}}),pe.on("connection",i=>{i.on("disconnect",()=>{nt(i);}),i.on("joinChannel",async s=>{let[a]=s.split(":"),c=false;for(let l of e)if(l.category===a){(!l.canAccessChannel||await l.canAccessChannel(i.data))&&(i.join(s),c=true,i.emit("joinedChannel",s));break}c||i.emit("joinError",{channel:s,error:"Access denied"});}),i.on("leaveChannel",s=>{i.leave(s),console.log(`User ${i.id} left channel ${s}`),i.emit("leftChannel",s);}),i.on("subscribeLiveQuery",s=>et(i,s)),i.on("unsubscribeLiveQuery",s=>tt(i,s));}),console.log("Socket.IO server initialized");}function Zr({category:t,id:e,data:n}){pe?.to(`${t}:${e}`).emit(t,n);}var un={init:qr,broadcast:Zr};async function mn(t){let e=t.toLowerCase().trim().split("@");if(e.length!==2)return false;let n=e[1];return !!await de.findOne({domain:n})}var pn={interval:a.days(1),async handler(){let t=await fetch("https://disposable.github.io/disposable-email-domains/domains.txt");if(!t.ok)throw new Error(`HTTP ${t.status}: ${t.statusText}`);let n=(await t.text()).split(`
|
|
2
|
+
`).map(i=>i.trim().toLowerCase()).filter(i=>i.length>0),r=new Date,o=500;for(let i=0;i<n.length;i+=o){let s=n.slice(i,i+o);try{await de.insertMany(s.map(a=>({domain:a,addedAt:r})));}catch(a){a&&typeof a=="object"&&"name"in a&&a.name;}}}};var Me=3,K=50,fn=8,hn=128,gn=254,yn=t=>z$1.string().trim().min(t.min??1,{message:`must be at least ${t.min??1} characters`}).max(t.max,{message:`must be at most ${t.max} characters`}),rt=t=>z$1.string().trim().max(t.max,{message:`must be at most ${t.max} characters`}).transform(e=>e===""?void 0:e).optional(),Hr=z$1.object({firstName:rt({max:50}),lastName:rt({max:50}),avatarUrl:rt({max:400}),handle:yn({min:Me,max:K})}).strict();function De(t){let e=Hr.partial().safeParse(t);if(!e.success){let n=e.error.issues[0],r=n.path.join("."),o=r?`${r}: ${n.message}`:n.message;throw new Error(o)}return e.data}function Pe(t){return z$1.string().min(fn,{message:`Password must contain at least ${fn} characters`}).max(hn,{message:`Password must be at most ${hn} characters`}).parse(t)}function q(t){return z$1.string().max(gn,{message:`Email must be at most ${gn} characters`}).email({message:"Invalid email address"}).parse(t).toLowerCase()}function wn(t){return yn({min:Me,max:K}).parse(t)}function Ne(t){return {id:t._id,handle:t.handle,roles:t.roles||[],firstName:t.firstName??void 0,lastName:t.lastName??void 0,avatarUrl:t.avatarUrl??void 0}}async function bn(t){let e=t.slice(0,K);try{if(!await f.findOne({handle:e},{collation:{locale:"en",strength:2}}))return e}catch(o){throw new Error(`Database error while checking handle availability: ${o}`)}let n=51;for(let o=2;o<=n;o++){let i=`_${o}`,s=`${e.slice(0,K-i.length)}${i}`;try{if(!await f.findOne({handle:s},{collation:{locale:"en",strength:2}}))return s}catch(a){throw new Error(`Database error while checking handle "${s}": ${a}`)}}let r=10;for(let o=0;o<r;o++){let i=`_${randomBytes(3).toString("hex")}`,s=`${e.slice(0,K-i.length)}${i}`;try{if(!await f.findOne({handle:s},{collation:{locale:"en",strength:2}}))return s}catch(a){throw new Error(`Database error while checking handle "${s}": ${a}`)}}throw new Error(`Could not generate a unique handle for base "${t}" after exhausting all attempts.`)}async function J(t,e,{throwOnConflict:n=true}={}){if(t!=null&&String(t).trim()!==""){let o=wn(String(t).trim());if(n){if(await f.findOne({handle:o},{collation:{locale:"en",strength:2}}))throw new Error("Handle already taken.");return o}return bn(o)}let r=e.split("@")[0].padEnd(Me,"_").slice(0,K);return bn(r)}var ot=Object.freeze({});function it(t){ot=Object.freeze(Object.assign({},ot,t));}function v(){return ot}var st=Object.freeze({});function Sn(t){st=Object.freeze(Object.assign({},st,t));}function k(){return st}function Gr(){return v()?.provider?!!a$1("_system.user.auth.email.verification"):false}async function vn(t,{user:e,session:n,connectionInfo:r}){try{if(!n)throw new Error("Session is not initialized");let o=r?.ip;o&&await I({bucket:"signin",type:"ip",value:o});let i=q(t.email),s=z$1.string().parse(t.password),a=await f.findOne({"emails.address":i,status:{$nin:["deleted","disabled"]}},{collation:{locale:"en",strength:2}}),c=a?.authMethods?.password?.hash;if(!c)throw xn();if(!a.emails?.find(p=>p.address.toLowerCase()===i)?.verified&&Gr())throw new b$1("Your email address hasn't been verified yet. Please check your inbox for the verification email.","EMAIL_NOT_VERIFIED");if(!await Wr.compare(s,c))throw xn();return await Gt(n.authToken,a._id),k().onAfterLogin?.({provider:"email",user:a,session:n,connectionInfo:r}),k().login?.onSuccess?.(a),{user:Ne(a),session:{authToken:n.authToken}}}catch(o){throw o instanceof Error&&(k().onLoginError?.({provider:"email",error:o,session:n,connectionInfo:r}),k().login?.onError?.(o)),o}}async function Cn(t,{session:e}){if(!e)throw new Error("Session is not initialized");await Kt(e.authToken);}function xn(){return new Error("Incorrect email/password combination")}async function En(t,{user:e}){if(!e)throw new Error("Not authenticated");let n=await f.requireById(e.id);return {handle:n.handle,emails:n.emails,authMethods:Object.keys(n.authMethods||{}),firstName:n.firstName??void 0,lastName:n.lastName??void 0,avatarUrl:n.avatarUrl??void 0}}async function kn(t,{user:e}){if(!e)throw new Error("Not authenticated");let n=await f.requireById(e.id),r=De(t);if(await k().validateProfileUpdate?.(r),"handle"in r&&r.handle!==void 0&&await f.findOne({handle:r.handle,_id:{$ne:n._id}},{collation:{locale:"en",strength:2}}))throw new Error("Handle already taken.");if(Object.keys(r).length>0){let o={},i={};for(let[a,c]of Object.entries(r))c===void 0?i[a]="":o[a]=c;let s={};Object.keys(o).length>0&&(s.$set=o),Object.keys(i).length>0&&(s.$unset=i);try{await f.updateOne({_id:n._id},s);let a=Object.fromEntries(Object.keys(i).map(c=>[c,void 0]));n={...n,...o,...a};}catch(a){throw a instanceof Error&&"code"in a&&a.code===11e3?new Error("Handle already taken."):a}}return {user:Ne(n)}}var at=["google","github"];async function Tn({provider:t},{user:e}){if(!e)throw new Error("You must be signed in to unlink a provider.");if(typeof t!="string"||!at.includes(t))throw new Error(`Invalid provider. Supported providers are: ${at.join(", ")}.`);let n=await f.requireById(e.id),r=n.authMethods??{};if(!r[t])throw new Error(`${t} is not linked to your account.`);if(Object.values(r).filter(Boolean).length<=1)throw new Error("Cannot unlink your only authentication method. Please add another method first.");let s=Object.keys(r).filter(l=>l!==t&&r[l]),a=s.length>0?{$or:s.map(l=>({[`authMethods.${l}`]:{$exists:true}}))}:{};if((await f.updateOne({_id:n._id,...a},{$unset:{[`authMethods.${t}`]:""}})).matchedCount===0)throw new Error("Cannot unlink your only authentication method. Please add another method first.")}var he=new E("_modelenceRateLimits",{schema:{bucket:m.string(),type:m.enum(["ip","user","email"]),value:m.string(),windowMs:m.number(),windowStart:m.date(),windowCount:m.number(),prevWindowCount:m.number(),expiresAt:m.date()},indexes:[{key:{bucket:1,type:1,value:1,windowMs:1},unique:true},{key:{expiresAt:1},expireAfterSeconds:0}]});var ct=[];function An(t){if(ct.length>0)throw new Error("Duplicate call to initRateLimits - already initialized");ct=t;}async function I(t){let{bucket:e,type:n,value:r,message:o}=t,i=ct.filter(a=>a.bucket===e&&a.type===n),s=o?()=>new d(o):void 0;for(let a of i)await Kr(a,r,s);}async function Kr(t,e,n){let r=()=>n?n():new d(`Rate limit exceeded for ${t.bucket}`),o=await he.findOne({bucket:t.bucket,type:t.type,value:e,windowMs:t.window}),i=Date.now(),s=Math.floor(i/t.window)*t.window,{count:a,modifier:c}=o?Jr(o,s,i):{count:0,modifier:{$setOnInsert:{windowStart:new Date(s),windowCount:1,prevWindowCount:0,expiresAt:new Date(s+t.window+t.window)}}};if(a>=t.limit)throw r();await he.upsertOne({bucket:t.bucket,type:t.type,value:e,windowMs:t.window},c);}function Jr(t,e,n){let r=e-t.windowMs;if(t.windowStart.getTime()===e){let o=t.windowCount,i=t.prevWindowCount,s=1-(n-e)/t.windowMs;return {count:Math.round(o+i*s),modifier:{$inc:{windowCount:1},$setOnInsert:{windowStart:new Date(e),prevWindowCount:0,expiresAt:new Date(e+t.windowMs+t.windowMs)}}}}if(t.windowStart.getTime()===r){let o=1-(n-e)/t.windowMs;return {count:Math.round(t.windowCount*o),modifier:{$set:{windowStart:new Date(e),windowCount:1,prevWindowCount:t.windowCount,expiresAt:new Date(e+t.windowMs+t.windowMs)}}}}return {count:0,modifier:{$set:{windowStart:new Date(e),windowCount:1,prevWindowCount:0,expiresAt:new Date(e+t.windowMs+t.windowMs)}}}}function On({name:t,email:e,verificationUrl:n}){return `
|
|
3
3
|
<p>Hi${t?` ${t}`:""},</p>
|
|
4
4
|
<p>Please verify your email address ${e} by clicking the link below:</p>
|
|
5
5
|
<p><a href="${n}">${n}</a></p>
|
|
6
6
|
<p>If you did not request this, please ignore this email.</p>
|
|
7
|
-
`}async function
|
|
7
|
+
`}async function Yr(t){let e=await j.findOne({token:t,expiresAt:{$gt:new Date}});if(!e)throw new Error("Invalid or expired verification token");if(!await f.findOne({_id:e.userId,status:{$nin:["deleted","disabled"]}}))throw new Error("User not found");let r=e.email;if(!r)throw new Error("Email not found in token");let o=await f.findOneAndUpdate({_id:e.userId,status:{$nin:["deleted","disabled"]},"emails.address":r,"emails.verified":{$ne:true}},{$set:{"emails.$.verified":true}},{returnDocument:"after"});if(!o)throw await f.findOne({_id:e.userId,"emails.address":r})?new Error("Email is already verified"):new Error("Email address not found for this user");return await j.deleteOne({_id:e._id}),{userDoc:o,email:r}}async function Rn(t){let e=a$1("_system.site.url"),n=v().verification?.redirectUrl||v().emailVerifiedRedirectUrl||e||"/";try{let r=z$1.string().parse(t.query.token),{userDoc:o}=await Yr(r);k().onAfterEmailVerification?.({provider:"email",user:o,session:null,connectionInfo:{baseUrl:e,ip:t.req.ip||t.req.socket.remoteAddress,userAgent:t.headers["user-agent"],acceptLanguage:t.headers["accept-language"],referrer:t.headers.referer}});let{authToken:s}=await le(o._id);return Te(t.res,s),{status:301,redirect:`${n}?status=verified`}}catch(r){let o=r instanceof Error?r.message:"An unexpected error occurred";return r instanceof Error&&(k().onEmailVerificationError?.({provider:"email",error:r,session:null,connectionInfo:{baseUrl:e,ip:t.req.ip||t.req.socket.remoteAddress,userAgent:t.headers["user-agent"],acceptLanguage:t.headers["accept-language"],referrer:t.headers.referer}}),console.error("Error verifying email:",r)),{status:301,redirect:`${n}?status=error&message=${encodeURIComponent(o)}`}}}async function dt({userId:t,email:e,baseUrl:n}){let r=a$1("_system.site.url")||n;if(v().provider){let o=v().provider,i=randomBytes(32).toString("hex"),s=new Date(Date.now()+a.hours(24));await j.insertOne({userId:t,email:e,token:i,createdAt:new Date,expiresAt:s});let a$1=`${r}/api/_internal/auth/verify-email?token=${i}`,l=(v()?.verification?.template||On)({name:"",email:e,verificationUrl:a$1}),d=Re(l);await o?.sendEmail({to:e,from:v()?.from||"noreply@modelence.com",subject:v()?.verification?.subject||"Verify your email address",text:d,html:l});}}var lt={success:true,message:"If that email is registered and not yet verified, a verification email has been sent"};async function _n(t,{connectionInfo:e}){let n=q(t.email),r=await f.findOne({"emails.address":n,status:{$nin:["deleted","disabled"]}},{collation:{locale:"en",strength:2}});if(!r)return lt;let o=r.emails?.find(i=>i.address.toLowerCase()===n);if(!o||o.verified)return lt;if(!v().provider)throw new Error("Email provider is not configured");return await I({bucket:"verification",type:"user",value:r._id.toString(),message:"Please wait at least 60 seconds before requesting another verification email"}),await dt({userId:r._id,email:n,baseUrl:e?.baseUrl}),lt}async function In(t,{user:e,session:n,connectionInfo:r}){let o=k();try{let i=t,{firstName:s,lastName:a,avatarUrl:c,handle:l}=i,d=q(i.email),p=Pe(i.password),u=r?.ip;if(u&&await I({bucket:"signupAttempt",type:"ip",value:u}),!o.allowDisposableEmails&&await mn(d))throw new Error("Please use a permanent email address");let y=await f.findOne({"emails.address":d},{collation:{locale:"en",strength:2}});if(y){let A=y.emails?.find(V=>V.address.toLowerCase()===d);throw y.status==="disabled"?new Error("User is marked for deletion, please contact support if you want to restore the account."):new Error(`User with email already exists: ${A?.address}`)}await o.onBeforeSignup?.({email:d,firstName:s,lastName:a,handle:l,provider:"email",connectionInfo:r}),u&&await I({bucket:"signup",type:"ip",value:u});let g=De({firstName:s,lastName:a,avatarUrl:c,handle:l});await o.validateSignup?.({email:d,password:p,...g});let S;if(g.handle)S=await J(g.handle,d);else if(o.generateHandle){let A=await o.generateHandle({email:d,firstName:g.firstName,lastName:g.lastName});S=await J(A,d,{throwOnConflict:!1});}else S=await J(void 0,d);let L=await Wr.hash(p,10),R=await f.insertOne({handle:S,status:"active",emails:[{address:d,verified:!1}],createdAt:new Date,authMethods:{password:{hash:L}},...g.firstName!==void 0&&{firstName:g.firstName},...g.lastName!==void 0&&{lastName:g.lastName},...g.avatarUrl!==void 0&&{avatarUrl:g.avatarUrl}}),M=await f.findOne({_id:R.insertedId},{readPreference:"primary"});if(!M)throw new Error("User not found");return await dt({userId:R?.insertedId,email:d,baseUrl:r?.baseUrl}),o.onAfterSignup?.({provider:"email",user:M,session:n,connectionInfo:r}),o.signup?.onSuccess?.(M),R.insertedId}catch(i){throw i instanceof Error&&(o.onSignupError?.({provider:"email",error:i,session:n,connectionInfo:r}),o.signup?.onError?.(i)),i}}function oo(t,e){return e?e.startsWith("http://")||e.startsWith("https://")?e:`${t}${e.startsWith("/")?"":"/"}${e}`:t}function io({email:t,resetUrl:e}){return `
|
|
8
8
|
<p>Hi,</p>
|
|
9
9
|
<p>We received a request to reset your password for ${t}.</p>
|
|
10
10
|
<p>Click the link below to reset your password:</p>
|
|
11
11
|
<p><a href="${e}">${e}</a></p>
|
|
12
12
|
<p>This link will expire in 1 hour.</p>
|
|
13
13
|
<p>If you did not request this password reset, please ignore this email.</p>
|
|
14
|
-
`}var ut={success:true,message:"If an account with that email exists, a password reset link has been sent"};async function
|
|
14
|
+
`}var ut={success:true,message:"If an account with that email exists, a password reset link has been sent"};async function Mn(t,{connectionInfo:e}){let n=q(t.email),r=e?.ip;r&&await I({bucket:"passwordReset",type:"ip",value:r}),await I({bucket:"passwordReset",type:"email",value:n});let o=await f.findOne({"emails.address":n,status:{$nin:["deleted","disabled"]}},{collation:{locale:"en",strength:2}});if(!o||!o.authMethods?.password)return ut;let i=v().provider;if(!i)throw new Error("Email provider is not configured");let s=randomBytes(32).toString("hex"),a$2=Date.now(),c=new Date(a$2),l=new Date(a$2+a.hours(1));await P.insertOne({userId:o._id,email:n,token:s,createdAt:c,expiresAt:l});let d=a$1("_system.site.url")||e?.baseUrl,u=`${oo(d,v().passwordReset?.redirectUrl)}?token=${s}`,g=(v()?.passwordReset?.template||io)({email:n,resetUrl:u,name:""}),S=Re(g);return await i.sendEmail({to:n,from:v()?.from||"noreply@modelence.com",subject:v()?.passwordReset?.subject||"Reset your password",text:S,html:g}),ut}async function Dn(t,{}){let e=z$1.string().parse(t.token),n=Pe(t.password),r=await P.findOne({token:e});if(!r)throw new Error("Invalid or expired reset token");if(r.expiresAt<new Date)throw await P.deleteOne({token:e}),new Error("Reset token has expired");let o=await f.findOne({_id:r.userId});if(!o)throw new Error("User not found");let i=await Wr.hash(n,10);return await f.updateOne({_id:o._id},{$set:{"authMethods.password.hash":i}}),r.email&&await f.updateOne({_id:o._id,"emails.address":r.email},{$set:{"emails.$.verified":true}}),await Jt(o._id),await P.deleteOne({token:e}),{success:true,message:"Password has been reset successfully"}}function Pn(t){return `${t.bucket}
|
|
15
15
|
${t.type}
|
|
16
|
-
${t.window}`}function oo(){return [{bucket:"signup",type:"ip",window:a.minutes(15),limit:20},{bucket:"signup",type:"ip",window:a.days(1),limit:200},{bucket:"signupAttempt",type:"ip",window:a.minutes(15),limit:50},{bucket:"signupAttempt",type:"ip",window:a.days(1),limit:500},{bucket:"signin",type:"ip",window:a.minutes(15),limit:50},{bucket:"signin",type:"ip",window:a.days(1),limit:500},{bucket:"verification",type:"user",window:a.seconds(60),limit:1},{bucket:"verification",type:"user",window:a.days(1),limit:10},{bucket:"passwordReset",type:"ip",window:a.minutes(15),limit:10},{bucket:"passwordReset",type:"ip",window:a.days(1),limit:100},{bucket:"passwordReset",type:"email",window:a.hours(1),limit:5},{bucket:"passwordReset",type:"email",window:a.days(1),limit:10}]}function io(t){let e=[],n=["signup","signupAttempt","signin","verification","passwordReset"];for(let r of n){let o=t[r];if(o!==void 0)for(let i of o)e.push({bucket:r,...i});}return e}function mt(t={}){let e=oo(),n=io(t),r=new Map;for(let s of n)r.set(Dn(s),s);let o=[],i=new Set;for(let s of e){let a=Dn(s),c=r.get(a);c!==void 0?(o.push(c),i.add(a)):o.push(s);}for(let[s,a]of r)i.has(s)||o.push(a);return o}var pt=new C("_system.user",{stores:[f,de,j,P],queries:{getOwnProfile:Cn},mutations:{signupWithPassword:_n,loginWithPassword:xn,logout:vn,resendEmailVerification:Rn,sendResetPasswordToken:In,resetPassword:Mn,updateProfile:En,unlinkOAuthProvider:kn},cronJobs:{updateDisposableEmailList:mn},rateLimits:mt(),configSchema:{"auth.email.enabled":{type:"boolean",isPublic:true,default:true},"auth.email.from":{type:"string",isPublic:false,default:""},"auth.email.verification":{type:"boolean",isPublic:true,default:false},"auth.google.enabled":{type:"boolean",isPublic:true,default:false},"auth.google.clientId":{type:"string",isPublic:false,default:""},"auth.google.clientSecret":{type:"secret",isPublic:false,default:""},"auth.github.enabled":{type:"boolean",isPublic:true,default:false},"auth.github.clientId":{type:"string",isPublic:false,default:""},"auth.github.clientSecret":{type:"secret",isPublic:false,default:""}},routes:[{path:"/api/_internal/auth/verify-email",handlers:{get:On}}]});var so={withoutRemoteServer:{MONGODB_URI:"_system.mongodbUri",MONGODB_POOL_SIZE:"_system.mongodbPoolSize",MODELENCE_AUTH_GOOGLE_ENABLED:"_system.user.auth.google.enabled",MODELENCE_AUTH_GOOGLE_CLIENT_ID:"_system.user.auth.google.clientId",MODELENCE_AUTH_GOOGLE_CLIENT_SECRET:"_system.user.auth.google.clientSecret",MODELENCE_AUTH_GITHUB_ENABLED:"_system.user.auth.github.enabled",MODELENCE_AUTH_GITHUB_CLIENT_ID:"_system.user.auth.github.clientId",MODELENCE_AUTH_GITHUB_CLIENT_SECRET:"_system.user.auth.github.clientSecret",MODELENCE_AUTH_GITHUB_CLIENT_SCOPES:"_system.user.auth.github.scopes",MODELENCE_EMAIL_RESEND_API_KEY:"_system.email.resend.apiKey",MODELENCE_EMAIL_AWS_SES_REGION:"_system.email.awsSes.region",MODELENCE_EMAIL_AWS_SES_ACCESS_KEY_ID:"_system.email.awsSes.accessKeyId",MODELENCE_EMAIL_AWS_SES_SECRET_ACCESS_KEY:"_system.email.awsSes.secretAccessKey",MODELENCE_EMAIL_SMTP_HOST:"_system.email.smtp.host",MODELENCE_EMAIL_SMTP_PORT:"_system.email.smtp.port",MODELENCE_EMAIL_SMTP_USER:"_system.email.smtp.user",MODELENCE_EMAIL_SMTP_PASS:"_system.email.smtp.pass",MODELENCE_SITE_URL:"_system.site.url",MODELENCE_ENV_TYPE:"_system.env.type",MODELENCE_MULTI_INSTANCE:"_system.multiInstance",MODELENCE_ENV:"_system.env",GOOGLE_AUTH_ENABLED:"_system.user.auth.google.enabled",GOOGLE_AUTH_CLIENT_ID:"_system.user.auth.google.clientId",GOOGLE_AUTH_CLIENT_SECRET:"_system.user.auth.google.clientSecret"},withRemoteServer:{MODELENCE_SITE_URL:"_system.site.url"}};function ao(t,e){if(e==="number"){let n=Number(t);if(isNaN(n))throw new Error(`Invalid number value for config: ${t}`);return n}if(e==="boolean"){if(t.toLowerCase()==="true")return true;if(t.toLowerCase()==="false")return false;throw new Error(`Invalid boolean value for config: ${t}`)}return t}function co(t,e){let n=[];for(let[r,o]of Object.entries(t)){let i=process.env[r],s=e[o];if(i){let a=s?.type??"string";n.push({key:o,type:a,value:ao(i,a)});}}return n}function Le(t,e="withoutRemoteServer"){let n=so[e];return co(n,t)}async function Pn({configSchema:t,cronJobsMetadata:e,stores:n,roles:r}){let o=process.env.MODELENCE_CONTAINER_ID;if(!o)throw new Error("Unable to connect to Modelence Cloud: MODELENCE_CONTAINER_ID is not set");try{let i=(n??[]).map(a=>({name:a.getName(),schema:a.getSerializedSchema(),collections:[a.getName()],version:2,indexes:a.getIndexes(),searchIndexes:a.getSearchIndexes(),indexCreationMode:a.getIndexCreationMode()})),s=await D("/api/connect","POST",{hostname:lo.hostname(),containerId:o,dataModels:i,configSchema:t,cronJobsMetadata:e,roles:r});if(s.status==="error")throw new Error(s.error);return console.log("Successfully connected to Modelence Cloud"),s}catch(i){throw console.error("Unable to connect to Modelence Cloud:",i),i}}async function Nn(){return D("/api/configs","GET")}async function Ln(){return await D("/api/sync","POST",{containerId:process.env.MODELENCE_CONTAINER_ID})}async function D(t,e,n){let{MODELENCE_SERVICE_ENDPOINT:r,MODELENCE_SERVICE_TOKEN:o}=process.env;if(!r)throw new Error("Unable to connect to Modelence Cloud: MODELENCE_SERVICE_ENDPOINT is not set");let i=await fetch(`${r}${t}`,{method:e,headers:{Authorization:`Bearer ${o}`,...n?{"Content-Type":"application/json"}:{}},body:n?JSON.stringify(n):void 0});if(!i.ok){let s=await i.text(),a,c=s;try{a=JSON.parse(s);let d=a.error;if(typeof d=="string")c=d;else if(d&&typeof d=="object"){let p=d.message;typeof p=="string"&&(c=p);}}catch{}let l=new Error(`Unable to connect to Modelence Cloud: HTTP status: ${i.status}, ${c}`);throw a!==void 0&&(l.responseBody=a),l.status=i.status,l}if(!(i.status===204||i.headers?.get("content-length")==="0"))return await i.json()}var ft=false,uo=a.seconds(10);function Un(){setInterval(async()=>{if(!ft){ft=true;try{await Ln();}catch(t){console.error("Error syncing status",t);}try{await mo();}catch(t){console.error("Error syncing config",t);}ft=false;}},uo);}function ht(t){c(t),c(Le(d$1(),"withRemoteServer"));}async function mo(){let{configs:t}=await Nn();ht(t);}var Q=new E("_modelenceLocks",{schema:{_id:m.string(),instanceId:m.string(),acquiredAt:m.date(),resource:m.string()},indexes:[{key:{resource:1},unique:true},{key:{resource:1,instanceId:1}},{key:{resource:1,acquiredAt:1}}],indexCreationMode:"blocking"});var Y={},$n=a.seconds(10),qn=randomBytes(32).toString("base64url"),ho=a.seconds(30),oe=new Map,gt=t=>t instanceof MongoError&&t.code===11e3,jn=(t,e)=>typeof t.keyPattern=="object"&&t.keyPattern!==null&&Object.prototype.hasOwnProperty.call(t.keyPattern,e),go=async({error:t,resource:e})=>{if(jn(t,"resource"))return true;if(jn(t,"_id"))return false;let n=await Q.findOne({resource:e});return !!n&&n._id!==e},Fn=async({resource:t,staleThresholdDate:e,instanceId:n})=>{let r=await Q.upsertOne({_id:t,$or:[{instanceId:n},{acquiredAt:{$lt:e}}]},{$set:{resource:t,instanceId:n,acquiredAt:new Date},$setOnInsert:{_id:t}});return r.upsertedCount>0||r.modifiedCount>0},Zn=async({resource:t,instanceId:e,staleThresholdDate:n})=>{let r=n?{resource:t,_id:{$ne:t},$or:[{instanceId:e},{acquiredAt:{$lt:n}}]}:{resource:t,instanceId:e};return (await Q.deleteOne(r)).deletedCount>0},yo=t=>{let e=t,n=oe.get(e);n&&(n.stopRequested=true,n.timer&&(clearTimeout(n.timer),n.timer=null),oe.delete(e));},zn=({resource:t,lockDuration:e,instanceId:n})=>{let r=Math.floor(e/3),o=t,i$1=oe.get(o);if(i$1&&!i$1.stopRequested&&i$1.heartbeatInterval===r&&i$1.lockDuration===e)return;i$1&&(i$1.stopRequested=true,i$1.timer&&(clearTimeout(i$1.timer),i$1.timer=null),oe.delete(o));let s={timer:null,stopRequested:false,lockDuration:e,heartbeatInterval:r},a=()=>{s.timer=setTimeout(()=>{X(t,{lockDuration:e,bypassCache:true,instanceId:n}).then(c=>{c||(s.stopRequested=true,i(`Lost lock while refreshing heartbeat: ${t}`,{source:"lock",resource:t,instanceId:n}));}).finally(()=>{if(s.stopRequested){oe.delete(o);return}a();});},r);};oe.set(o,s),a();};async function X(t,{lockDuration:e=ho,successfulLockCacheDuration:n=$n,failedLockCacheDuration:r=$n,heartbeat:o,bypassCache:i$1,instanceId:s=qn}={}){let a=Date.now();if(!i$1&&Y[t]&&a<Y[t].expiresAt)return Y[t].value&&o&&zn({resource:t,lockDuration:e,instanceId:s}),Y[t].value;let c=new Date(a-e);i(`Attempting to acquire lock: ${t}`,{source:"lock",resource:t,instanceId:s});try{let l=await wo({resource:t,staleThresholdDate:c,instanceId:s});return Y[t]={value:l,expiresAt:a+(l?n:r)},l?(o&&zn({resource:t,lockDuration:e,instanceId:s}),i(`Lock acquired: ${t}`,{source:"lock",resource:t,instanceId:s})):i(`Failed to acquire lock (already held): ${t}`,{source:"lock",resource:t,instanceId:s}),l}catch{return Y[t]={value:false,expiresAt:a+r},i(`Failed to acquire lock (already held): ${t}`,{source:"lock",resource:t,instanceId:s}),false}}var wo=async({resource:t,staleThresholdDate:e,instanceId:n})=>{try{return await Fn({resource:t,staleThresholdDate:e,instanceId:n})}catch(r){if(gt(r)&&await go({error:r,resource:t})){if(!await Zn({resource:t,staleThresholdDate:e,instanceId:n}))return false;try{return await Fn({resource:t,staleThresholdDate:e,instanceId:n})}catch(i){if(gt(i))return false;throw i}}if(gt(r))return false;throw r}};async function ge(t,{instanceId:e=qn}={}){yo(t);try{let n=await Q.deleteOne({_id:t,instanceId:e});return n.deletedCount===0?await Zn({resource:t,instanceId:e}):n.deletedCount>0}catch{return false}finally{delete Y[t];}}var ee={},yt=null,wt=new E("_modelenceCronJobs",{schema:{alias:m.string(),lastStartDate:m.date().optional()},indexes:[{key:{alias:1},unique:true,background:true}]});function Wn(t,{description:e="",interval:n,timeout:r=Math.min(Math.max(n,a.minutes(1)),a.days(1)),handler:o}){if(ee[t])throw new Error(`Duplicate cron job declaration: '${t}' already exists`);if(yt)throw new Error(`Unable to add a cron job - cron jobs have already been initialized: [${t}]`);if(n<a.seconds(5))throw new Error(`Cron job interval should not be less than 5 second [${t}]`);if(r>a.days(1))throw new Error(`Cron job timeout should not be longer than 1 day [${t}]`);ee[t]={alias:t,params:{description:e,interval:n,timeout:r},handler:o,state:{isRunning:false}};}async function Vn(){if(yt)throw new Error("Cron jobs already started");let t=Object.keys(ee);if(t.length>0){let e={alias:{$in:t}},n=await wt.fetch(e),r=Date.now();n.forEach(o=>{let i=ee[o.alias];i&&(i.state.scheduledRunTs=o.lastStartDate?o.lastStartDate.getTime()+i.params.interval:r);}),Object.values(ee).forEach(o=>{o.state.scheduledRunTs||(o.state.scheduledRunTs=r);}),yt=setInterval(bo,a.seconds(1));}}async function bo(){let t=Date.now();await X("cron",{successfulLockCacheDuration:a.seconds(10),failedLockCacheDuration:a.seconds(30)})&&Object.values(ee).forEach(async n=>{let{params:r,state:o}=n;if(o.isRunning){o.startTs&&o.startTs+r.timeout<t&&(o.isRunning=false);return}o.scheduledRunTs&&o.scheduledRunTs<=t&&await So(n);});}async function So(t){let{alias:e,params:n,handler:r,state:o}=t;o.isRunning=true,o.startTs=Date.now(),await wt.updateOne({alias:e},{$set:{lastStartDate:new Date(o.startTs)}});let i=l("cron",`cron:${e}`);try{await r(),Hn(o,n),i.end("success");}catch(s){Hn(o,n);let a=s instanceof Error?s:new Error(String(s));m$1(a),i.end("error"),console.error(`Error in cron job '${e}':`,s);}}function Hn(t,e){t.scheduledRunTs=t.startTs?t.startTs+e.interval:Date.now(),t.startTs=void 0,t.isRunning=false;}function Bn(){return Object.values(ee).map(({alias:t,params:e})=>({alias:t,description:e.description,interval:e.interval,timeout:e.timeout}))}var Gn=new C("_system.cron",{stores:[wt]});function Kn(t){let e=[...new Set(t)],n=new Map;for(let i of e){let s=i.getChainRoot();n.set(s,s.getChainTail());}let r=[...new Set(n.values())],o=new Map;for(let[i,s]of n){let a=s.getName(),c=o.get(a);if(c!==void 0&&c!==i)throw new Error(`Store collision: multiple unrelated stores use collection name '${a}'. Use .extend() to create a single extension chain instead of independent stores.`);o.set(a,i);}return {storesToInit:e,effectiveStores:r}}var bt=new C("_system.lock",{stores:[Q]});var ye=new E("_modelenceMigrations",{schema:{version:m.number(),status:m.enum(["completed","failed"]),description:m.string().optional(),output:m.string().optional(),appliedAt:m.date()},indexes:[{key:{version:1},unique:true},{key:{version:1,status:1}}]});async function St(t,{lockMode:e="acquire"}={}){if(t.length!==0){if(e==="acquire"&&!await X("migrations")){j$1("Another instance is running migrations. Skipping migration run.",{source:"migrations"});return}try{let n=t.map(({version:s})=>s),r=await ye.fetch({version:{$in:n}}),o=new Set(r.map(({version:s})=>s)),i=t.filter(({version:s})=>!o.has(s));if(i.length===0)return;j$1(`Running migrations (${i.length})...`,{source:"migrations"});for(let{version:s,description:a,handler:c}of i){j$1(`Running migration v${s}: ${a}`,{source:"migrations"});try{let d=(await c()||"").toString().trim(),p=15*1024*1024,u=d.length>p?d.slice(0,p)+`
|
|
17
|
-
[Output truncated - exceeded size limit]`:d;await ye.upsertOne({version:s},{$set:{version:s,status:"completed",description:a,output:u,appliedAt:new Date}}),j$1(`Migration v${s} complete`,{source:"migrations"});}catch(l){l instanceof Error&&(await ye.upsertOne({version:s},{$set:{version:s,status:"failed",description:a,output:l.message||"",appliedAt:new Date}}),j$1(`Migration v${s} is failed: ${l.message}`,{source:"migrations"}));}}}finally{e==="acquire"&&await ge("migrations");}}}function Jn(t){setTimeout(()=>{St(t).catch(e=>{console.error("Error running migrations:",e);});},0);}var Qn=new C("_system.migration",{stores:[ye]});var Yn=new C("_system.rateLimit",{stores:[he]});async function Xn({filePath:t,contentType:e,visibility:n}){return await D("/api/files/upload","POST",{filePath:t,contentType:e,visibility:n})}async function er(t){await D("/api/files/delete","POST",{filePath:t});}async function tr(t){return await D("/api/files/download","POST",{filePath:t})}async function nr(t){return await D("/api/files/url","POST",{filePath:t})}var rr=new C("_system.files",{queries:{async downloadFile({filePath:t}){return tr(t)},async getFileUrl({filePath:t}){return nr(t)}},mutations:{async getUploadUrl({filePath:t,contentType:e,visibility:n}){return Xn({filePath:t,contentType:e,visibility:n})},async deleteFile({filePath:t}){return er(t)}}});var vt=class{async init({httpServer:e}){this.config=await Ro(this.isDev()?e:void 0),this.isDev()&&(console.log("Starting Vite dev server..."),this.viteServer=await createServer(this.config));}middlewares(){if(this.isDev())return this.viteServer?.middlewares??[];let e=[H.static("./.modelence/build/client".replace(/\\/g,"/"))];return this.config?.publicDir&&e.push(H.static(this.config.publicDir)),e}handler(e,n){if(this.isDev())try{n.setHeader("Cache-Control","no-store"),n.sendFile("index.html",{root:"./src/client"});}catch(r){console.error("Error serving index.html:",r),n.status(500).send("Internal Server Error");}else n.sendFile("index.html",{root:"./.modelence/build/client".replace(/\\/g,"/")});}isDev(){return process.env.NODE_ENV!=="production"}};async function Ao(){let t=process.cwd();try{return (await loadConfigFromFile({command:"serve",mode:"development"},void 0,t))?.config||{}}catch(e){return console.warn("Could not load vite config:",e),{}}}function Oo(t,e){let n=mergeConfig(t,e);if(n.plugins&&Array.isArray(n.plugins)){let r=new Set;n.plugins=n.plugins.flat().filter(o=>{if(!o||typeof o!="object"||Array.isArray(o))return true;let i=o.name;return !i||r.has(i)?false:(r.add(i),true)}).reverse(),n.plugins.reverse();}return n}async function Ro(t){let e=process.cwd(),n=await Ao(),r=[".eslintrc.js",".eslintrc.json",".eslintrc","eslint.config.js",".eslintrc.yml",".eslintrc.yaml"].find(s=>To.existsSync(xt.join(e,s))),o=[ko(),_o()];if(r){let s=(await import('vite-plugin-eslint')).default;o.push(s({failOnError:false,include:["src/**/*.js","src/**/*.jsx","src/**/*.ts","src/**/*.tsx"],cwd:e,overrideConfigFile:xt.resolve(e,r)}));}let i=defineConfig({plugins:o,build:{outDir:".modelence/build/client".replace(/\\/g,"/"),emptyOutDir:true},server:{middlewareMode:true,hmr:t?{server:t}:void 0},root:"./src/client",resolve:{alias:{"@":xt.resolve(e,"src").replace(/\\/g,"/")}}});return Oo(i,n)}function _o(){return {name:"modelence-asset-handler",async transform(t,e){if(/\.(png|jpe?g|gif|svg|mpwebm|ogg|mp3|wav|flac|aac)$/.test(e))return process.env.NODE_ENV==="development",t}}}var ir=new vt;async function Ue(t){return !t||typeof t!="string"?null:Wt(t)}function b(t,e,n){let r=k(),o=t.status(e);if(r.errorComponent)try{let i=r.errorComponent({error:n,statusCode:e});if(i)return o.send(i)}catch(i){console.error("Unhandled error in authConfig.errorComponent:",i);}return o.json({error:n})}async function Ct(t,e){let{authToken:n}=await le(e);Te(t,n),t.status(302),t.redirect("/");}async function Mo(t,e,n,r,o){let i=k();try{if(n.status==="disabled"||n.status==="deleted"){b(t,400,"User account is not active.");return}let s={};n.firstName===void 0&&e.firstName&&(s.firstName=e.firstName),n.lastName===void 0&&e.lastName&&(s.lastName=e.lastName),n.avatarUrl===void 0&&e.avatarUrl&&(s.avatarUrl=e.avatarUrl);let a=n;Object.keys(s).length>0&&(await f.updateOne({_id:n._id},{$set:s}),a={...n,...s}),await Ct(t,n._id),i.onAfterLogin?.({provider:e.providerName,user:a,session:r,connectionInfo:o}),i.login?.onSuccess?.(a);}catch(s){throw s instanceof Error&&(i.login?.onError?.(s),i.onLoginError?.({provider:e.providerName,error:s,session:r,connectionInfo:o})),s}}async function Do(t,e,n,r,o){let i=k();if((i.oauthAccountLinking??"manual")==="auto"&&e.emailVerified){if(n.status==="disabled"||n.status==="deleted"){b(t,400,"User account is not active.");return}if(!n.emails?.find(c=>c.address.toLowerCase()===e.email.toLowerCase())?.verified){b(t,400,"User with this email already exists. Please log in instead.");return}try{let c={...n.firstName===void 0&&e.firstName&&{firstName:e.firstName},...n.lastName===void 0&&e.lastName&&{lastName:e.lastName},...n.avatarUrl===void 0&&e.avatarUrl&&{avatarUrl:e.avatarUrl}};if(!((await f.updateOne({_id:n._id,status:{$nin:["deleted","disabled"]},$or:[{[`authMethods.${e.providerName}.id`]:{$exists:!1}},{[`authMethods.${e.providerName}.id`]:e.id}]},{$set:{[`authMethods.${e.providerName}.id`]:e.id,...c}})).matchedCount>0)){b(t,400,"User with this email already exists. Please log in instead.");return}await Ct(t,n._id);let p={...n,...c,authMethods:{...n.authMethods,[e.providerName]:{id:e.id}}};i.onAfterLogin?.({provider:e.providerName,user:p,session:r,connectionInfo:o}),i.login?.onSuccess?.(p);return}catch(c){throw c instanceof Error&&(i.login?.onError?.(c),i.onLoginError?.({provider:e.providerName,error:c,session:r,connectionInfo:o})),c}}b(t,400,"User with this email already exists. Please log in instead.");}async function Po(t,e,n,r){let o=k();try{let i;if(o.generateHandle){let l=await o.generateHandle({email:e.email,firstName:e.firstName,lastName:e.lastName});i=await J(l,e.email,{throwOnConflict:!1});}else i=await J(void 0,e.email);let s={handle:i,status:"active",emails:[{address:e.email,verified:e.emailVerified}],createdAt:new Date,authMethods:{[e.providerName]:{id:e.id}},...e.firstName!==void 0&&{firstName:e.firstName},...e.lastName!==void 0&&{lastName:e.lastName},...e.avatarUrl!==void 0&&{avatarUrl:e.avatarUrl}},a=await f.insertOne(s);await Ct(t,a.insertedId);let c=await f.findOne({_id:a.insertedId},{readPreference:"primary"});c&&(o.onAfterSignup?.({provider:e.providerName,user:c,session:n,connectionInfo:r}),o.signup?.onSuccess?.(c));}catch(i){throw i instanceof Error&&(o.onSignupError?.({provider:e.providerName,error:i,session:n,connectionInfo:r}),o.signup?.onError?.(i)),i}}function se(t){return `${a$1("_system.site.url")}/api/_internal/auth/${t}/callback`}async function $e(t,e,n){let r=await f.findOne({[`authMethods.${n.providerName}.id`]:n.id}),{session:o,connectionInfo:i}=await ae(t,e);if(r)return Mo(e,n,r,o,i);if(!n.email){b(e,400,`Email address is required for ${n.providerName} authentication.`);return}let s;try{s=await f.findOne({"emails.address":n.email,status:{$ne:"deleted"}},{collation:{locale:"en",strength:2}});}catch(a){if(a instanceof Error){let c=k();c.onSignupError?.({provider:n.providerName,error:a,session:o,connectionInfo:i}),c.signup?.onError?.(a);}throw a}return s?Do(e,n,s,o,i):Po(e,n,o,i)}function O(t){t.cookie("oauthLinkToken","",{httpOnly:true,maxAge:0,path:"/api/_internal/auth/",sameSite:"lax",secure:process.env.NODE_ENV==="production"});}function ie(t){if(t)try{t();}catch(e){console.error("Error executing OAuth hook:",e);}}function je(t,e,n){let r=t.query.state,o=t.cookies[n],[i,s,a]=(o||"").split(":");return !r||!o||r!==i?(b(e,400,"Invalid OAuth state - possible CSRF attack"),null):(e.clearCookie(n),{mode:s||"login",...a?{linkedUserId:a}:{}})}async function Fe(t,e,n,r){let o=k(),{session:i,connectionInfo:s}=await ae(t,e),a=null;if(r){if(!ObjectId.isValid(r)){O(e),b(e,400,"Invalid OAuth linking state.");return}a=new ObjectId(r);}else a=i?.userId??null;if(!a){O(e),b(e,401,"You must be signed in to link a provider.");return}let c=a;try{let l=`authMethods.${n.providerName}.id`;if((await f.updateOne({_id:c,status:{$nin:["deleted","disabled"]},$or:[{[l]:{$exists:!1}},{[l]:n.id}]},{$set:{[l]:n.id}})).matchedCount===0){let u=await f.findOne({_id:c});if(!u||u.status==="deleted"||u.status==="disabled"){ie(()=>o.onOAuthLinkError?.({provider:n.providerName,error:new Error("User account not found or not active"),session:i,connectionInfo:s})),O(e),b(e,400,"User account is not active.");return}let y=u?.authMethods?.[n.providerName]?.id;if(y&&y!==n.id){ie(()=>o.onOAuthLinkError?.({provider:n.providerName,error:new Error(`User already has a different ${n.providerName} account linked`),session:i,connectionInfo:s})),O(e),b(e,400,`You have already linked a different ${n.providerName} account.`);return}ie(()=>o.onOAuthLinkError?.({provider:n.providerName,error:new Error(`Unexpected OAuth linking state for ${n.providerName}`),session:i,connectionInfo:s})),O(e),b(e,400,`Unable to link ${n.providerName} account.`);return}let p=await f.findOne({_id:c},{readPreference:"primary"});p&&ie(()=>o.onAfterOAuthLink?.({provider:n.providerName,user:p,session:i,connectionInfo:s})),O(e),e.status(302).redirect("/");}catch(l){if(l instanceof MongoServerError&&l.code===11e3){ie(()=>o.onOAuthLinkError?.({provider:n.providerName,error:l,session:i,connectionInfo:s})),O(e),b(e,400,`This ${n.providerName} account is already linked to a different user.`);return}if(l instanceof Error&&ie(()=>o.onOAuthLinkError?.({provider:n.providerName,error:l,session:i,connectionInfo:s})),O(e),!e.headersSent)throw l}}function ze(t){return !t||typeof t!="string"?null:t}async function Uo(t,e,n,r){let o=await fetch("https://oauth2.googleapis.com/token",{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded"},body:new URLSearchParams({code:t,client_id:e,client_secret:n,redirect_uri:r,grant_type:"authorization_code"})});if(!o.ok)throw new Error(`Failed to exchange code for token: ${o.statusText}`);return o.json()}async function $o(t){let e=await fetch("https://www.googleapis.com/oauth2/v2/userinfo",{headers:{Authorization:`Bearer ${t}`}});if(!e.ok)throw new Error(`Failed to fetch user info: ${e.statusText}`);return e.json()}async function jo(t,e){let n=ze(t.query.code);if(!n){b(e,400,"Missing authorization code");return}let r=je(t,e,"authStateGoogle");if(!r)return;let{mode:o,linkedUserId:i}=r,s=String(a$1("_system.user.auth.google.clientId")),a=String(a$1("_system.user.auth.google.clientSecret")),c=se("google");try{let l=await Uo(n,s,a,c),d=await $o(l.access_token),p={id:d.id,email:d.email,emailVerified:d.verified_email,providerName:"google",firstName:d.given_name||void 0,lastName:d.family_name||void 0,avatarUrl:d.picture||void 0};o==="link"?await Fe(t,e,p,i):await $e(t,e,p);}catch(l){console.error("Google OAuth error:",l),o==="link"&&O(e),b(e,500,"Authentication failed");}}function Fo(){let t=Router(),e=(n,r,o)=>{let i=!!a$1("_system.user.auth.google.enabled"),s=String(a$1("_system.user.auth.google.clientId")),a=String(a$1("_system.user.auth.google.clientSecret"));if(!i||!s||!a){b(r,503,"Google authentication is not configured");return}o();};return t.get("/api/_internal/auth/google",e,async(n,r)=>{let o=String(a$1("_system.user.auth.google.clientId")),i=se("google"),s=randomBytes(32).toString("hex"),a$2=n.query.mode==="link"?"link":"login",c=null;if(a$2==="link"&&n.query.linkNonce&&(c=await Ue(n.query.linkNonce),!c)){b(r,401,"Invalid or expired link nonce for OAuth linking.");return}let l=c?`${s}:${a$2}:${c}`:`${s}:${a$2}`;r.cookie("authStateGoogle",l,{httpOnly:true,secure:process.env.NODE_ENV==="production",sameSite:"lax",maxAge:a.minutes(10)});let d=new URL("https://accounts.google.com/o/oauth2/v2/auth");d.searchParams.append("client_id",o),d.searchParams.append("redirect_uri",i),d.searchParams.append("response_type","code"),d.searchParams.append("scope","profile email"),d.searchParams.append("access_type","online"),d.searchParams.append("state",s),r.redirect(d.toString());}),t.get("/api/_internal/auth/google/callback",e,jo),t}var ar=Fo;async function Zo(t,e,n,r){let o=await fetch("https://github.com/login/oauth/access_token",{method:"POST",headers:{"Content-Type":"application/json",Accept:"application/json"},body:JSON.stringify({client_id:e,client_secret:n,code:t,redirect_uri:r})});if(!o.ok)throw new Error(`Failed to exchange code for token: ${o.statusText}`);return o.json()}async function Ho(t){let e=await fetch("https://api.github.com/user",{headers:{Authorization:`Bearer ${t}`,Accept:"application/vnd.github.v3+json"}});if(!e.ok)throw new Error(`Failed to fetch user info: ${e.statusText}`);return e.json()}async function Wo(t){let e=await fetch("https://api.github.com/user/emails",{headers:{Authorization:`Bearer ${t}`,Accept:"application/vnd.github.v3+json"}});if(!e.ok)throw new Error(`Failed to fetch user emails: ${e.statusText}`);return e.json()}async function Vo(t,e){return t.email?t.email:(await Wo(e)).find(r=>r.primary&&r.verified)?.email??null}async function Bo(t,e){let n=ze(t.query.code);if(!n){b(e,400,"Missing authorization code");return}let r=je(t,e,"authStateGithub");if(!r)return;let{mode:o,linkedUserId:i}=r,s=String(a$1("_system.user.auth.github.clientId")),a=String(a$1("_system.user.auth.github.clientSecret")),c=se("github");try{let l=await Zo(n,s,a,c),d=await Ho(l.access_token),p=await Vo(d,l.access_token);if(!p){o==="link"&&O(e),b(e,400,"Unable to retrieve a primary verified email from GitHub. Please ensure your GitHub account has a verified email set as primary.");return}let u=d.name?d.name.trim().split(/\s+/):[],y=u[0]||void 0,g=u.length>1?u.slice(1).join(" "):void 0,S={id:String(d.id),email:p,emailVerified:!0,providerName:"github",firstName:y,lastName:g,avatarUrl:d.avatar_url||void 0};o==="link"?await Fe(t,e,S,i):await $e(t,e,S);}catch(l){console.error("GitHub OAuth error:",l),o==="link"&&O(e),b(e,500,"Authentication failed");}}function Go(){let t=Router(),e=(n,r,o)=>{let i=!!a$1("_system.user.auth.github.enabled"),s=String(a$1("_system.user.auth.github.clientId")),a=String(a$1("_system.user.auth.github.clientSecret"));if(!i||!s||!a){b(r,503,"GitHub authentication is not configured");return}o();};return t.get("/api/_internal/auth/github",e,async(n,r)=>{let o=String(a$1("_system.user.auth.github.clientId")),i=se("github"),s=a$1("_system.user.auth.github.scopes"),a$2=s?String(s).split(",").map(y=>y.trim()).join(" "):"user:email",c=randomBytes(32).toString("hex"),l=n.query.mode==="link"?"link":"login",d=null;if(l==="link"&&n.query.linkNonce&&(d=await Ue(n.query.linkNonce),!d)){b(r,401,"Invalid or expired link nonce for OAuth linking.");return}let p=d?`${c}:${l}:${d}`:`${c}:${l}`;r.cookie("authStateGithub",p,{httpOnly:true,secure:process.env.NODE_ENV==="production",sameSite:"lax",maxAge:a.minutes(10)});let u=new URL("https://github.com/login/oauth/authorize");u.searchParams.append("client_id",o),u.searchParams.append("redirect_uri",i),u.searchParams.append("scope",a$2),u.searchParams.append("state",c),r.redirect(u.toString());}),t.get("/api/_internal/auth/github/callback",e,Bo),t}var cr=Go;function lr(t,e,n){return async(r,o,i)=>{let s=r.headers["x-modelence-auth-token"],a={session:null,user:null};if(typeof s=="string"&&G())try{let{session:l,user:d}=await N(s);a={session:l,user:d};}catch{}let c=l("route",`route:${t.toLowerCase()}:${e}`,{method:t,path:e,query:r.query,body:r.body,params:r.params});try{let l=await n({query:r.query,body:r.body,params:r.params,headers:r.headers,cookies:r.cookies,rawBody:Buffer.isBuffer(r.body)?r.body:void 0,req:r,res:o,next:i},a);c.end(),l&&(o.status(l.status||200),l.redirect&&o.redirect(l.redirect),l.headers&&Object.entries(l.headers).forEach(([d,p])=>{o.setHeader(d,p);}),o.send(l.data));}catch(l){c.end("error"),l instanceof a$3?o.status(l.status).send(l.message):(console.error(`Error in route handler: ${r.path}`),console.error(l),o.status(500).send(String(l)));}}}var Et=Object.freeze({});function dr(t){Et=Object.freeze(Object.assign({},Et,t));}function ur(){return Et}var kt=Object.freeze({});function mr(t){kt=Object.freeze(Object.assign({},kt,t));}function qe(){return kt}function Qo(t){let e=[];if(!t)return e.push(H.json({limit:"16mb"})),e.push(H.urlencoded({extended:true,limit:"16mb"})),e;if(t.json!==false){let n=typeof t.json=="object"?t.json:{limit:"16mb"};e.push(H.json(n));}if(t.urlencoded!==false){let n=typeof t.urlencoded=="object"?t.urlencoded:{extended:true,limit:"16mb"};e.push(H.urlencoded(n));}if(t.raw){let n=typeof t.raw=="object"?t.raw:{},r={limit:n.limit||"16mb",type:n.type||"*/*"};e.push(H.raw(r));}return e}function Yo(t,e){for(let n of e)for(let r of n.routes){let{path:o,handlers:i,body:s}=r,a=Qo(s);Object.entries(i).forEach(([c,l])=>{t[c](o,...a,lr(c,o,l));});}}async function pr(t,{combinedModules:e,channels:n}){let r=H();r.use(Ko()),r.use(ti()),Yo(r,e),r.use(H.json({limit:"16mb"})),r.use(H.urlencoded({extended:true,limit:"16mb"})),r.use(ar()),r.use(cr()),r.post("/api/_internal/auth/set-link-cookie",async(a,c)=>{let{session:l}=await ae(a,c);if(!l?.userId){c.status(401).json({error:"Not authenticated"});return}c.cookie("oauthLinkToken",l.authToken,{httpOnly:true,secure:process.env.NODE_ENV==="production",sameSite:"lax",path:"/api/_internal/auth/",maxAge:10*60*1e3}),c.json({ok:true});}),r.post("/api/_internal/auth/issue-link-nonce",async(a,c)=>{let{session:l}=await ae(a,c);if(!l?.userId){c.status(401).json({error:"Not authenticated"});return}let d=await Ht(String(l.userId));c.json({nonce:d});}),r.post("/api/_internal/method/:methodName(*)",async(a,c)=>{let l=a.params.methodName,d=await ae(a,c);try{let p=a$2(await an(l,a.body.args,d));c.json({data:p,typeMap:b$2(p)});}catch(p){Xo(c,l,p);}});let o=Jo.createServer(r);await t.init({httpServer:o}),t.middlewares&&r.use(t.middlewares()),r.all("*",(a,c)=>t.handler(a,c)),process.on("unhandledRejection",(a,c)=>{console.error("Unhandled Promise Rejection:"),console.error(a instanceof Error?a.stack:a),console.error("Promise:",c);}),process.on("uncaughtException",a=>{console.error("Uncaught Exception:"),console.error(a.stack),console.trace("Full application stack:");});let i=qe()?.provider;i&&i.init({httpServer:o,channels:n});let s=process.env.MODELENCE_PORT||process.env.PORT||3e3;o.listen(s,()=>{j$1("Application started",{source:"app"});let a=a$1("_system.site.url")||`http://localhost:${s}`;console.log(`
|
|
16
|
+
${t.window}`}function so(){return [{bucket:"signup",type:"ip",window:a.minutes(15),limit:20},{bucket:"signup",type:"ip",window:a.days(1),limit:200},{bucket:"signupAttempt",type:"ip",window:a.minutes(15),limit:50},{bucket:"signupAttempt",type:"ip",window:a.days(1),limit:500},{bucket:"signin",type:"ip",window:a.minutes(15),limit:50},{bucket:"signin",type:"ip",window:a.days(1),limit:500},{bucket:"verification",type:"user",window:a.seconds(60),limit:1},{bucket:"verification",type:"user",window:a.days(1),limit:10},{bucket:"passwordReset",type:"ip",window:a.minutes(15),limit:10},{bucket:"passwordReset",type:"ip",window:a.days(1),limit:100},{bucket:"passwordReset",type:"email",window:a.hours(1),limit:5},{bucket:"passwordReset",type:"email",window:a.days(1),limit:10}]}function ao(t){let e=[],n=["signup","signupAttempt","signin","verification","passwordReset"];for(let r of n){let o=t[r];if(o!==void 0)for(let i of o)e.push({bucket:r,...i});}return e}function mt(t={}){let e=so(),n=ao(t),r=new Map;for(let s of n)r.set(Pn(s),s);let o=[],i=new Set;for(let s of e){let a=Pn(s),c=r.get(a);c!==void 0?(o.push(c),i.add(a)):o.push(s);}for(let[s,a]of r)i.has(s)||o.push(a);return o}var pt=new C("_system.user",{stores:[f,de,j,P],queries:{getOwnProfile:En},mutations:{signupWithPassword:In,loginWithPassword:vn,logout:Cn,resendEmailVerification:_n,sendResetPasswordToken:Mn,resetPassword:Dn,updateProfile:kn,unlinkOAuthProvider:Tn},cronJobs:{updateDisposableEmailList:pn},rateLimits:mt(),configSchema:{"auth.email.enabled":{type:"boolean",isPublic:true,default:true},"auth.email.from":{type:"string",isPublic:false,default:""},"auth.email.verification":{type:"boolean",isPublic:true,default:true},"auth.google.enabled":{type:"boolean",isPublic:true,default:false},"auth.google.clientId":{type:"string",isPublic:false,default:""},"auth.google.clientSecret":{type:"secret",isPublic:false,default:""},"auth.github.enabled":{type:"boolean",isPublic:true,default:false},"auth.github.clientId":{type:"string",isPublic:false,default:""},"auth.github.clientSecret":{type:"secret",isPublic:false,default:""}},routes:[{path:"/api/_internal/auth/verify-email",handlers:{get:Rn}}]});var co={withoutRemoteServer:{MONGODB_URI:"_system.mongodbUri",MONGODB_POOL_SIZE:"_system.mongodbPoolSize",MODELENCE_AUTH_GOOGLE_ENABLED:"_system.user.auth.google.enabled",MODELENCE_AUTH_GOOGLE_CLIENT_ID:"_system.user.auth.google.clientId",MODELENCE_AUTH_GOOGLE_CLIENT_SECRET:"_system.user.auth.google.clientSecret",MODELENCE_AUTH_GITHUB_ENABLED:"_system.user.auth.github.enabled",MODELENCE_AUTH_GITHUB_CLIENT_ID:"_system.user.auth.github.clientId",MODELENCE_AUTH_GITHUB_CLIENT_SECRET:"_system.user.auth.github.clientSecret",MODELENCE_AUTH_GITHUB_CLIENT_SCOPES:"_system.user.auth.github.scopes",MODELENCE_EMAIL_RESEND_API_KEY:"_system.email.resend.apiKey",MODELENCE_EMAIL_AWS_SES_REGION:"_system.email.awsSes.region",MODELENCE_EMAIL_AWS_SES_ACCESS_KEY_ID:"_system.email.awsSes.accessKeyId",MODELENCE_EMAIL_AWS_SES_SECRET_ACCESS_KEY:"_system.email.awsSes.secretAccessKey",MODELENCE_EMAIL_SMTP_HOST:"_system.email.smtp.host",MODELENCE_EMAIL_SMTP_PORT:"_system.email.smtp.port",MODELENCE_EMAIL_SMTP_USER:"_system.email.smtp.user",MODELENCE_EMAIL_SMTP_PASS:"_system.email.smtp.pass",MODELENCE_SITE_URL:"_system.site.url",MODELENCE_ENV_TYPE:"_system.env.type",MODELENCE_MULTI_INSTANCE:"_system.multiInstance",MODELENCE_ENV:"_system.env",GOOGLE_AUTH_ENABLED:"_system.user.auth.google.enabled",GOOGLE_AUTH_CLIENT_ID:"_system.user.auth.google.clientId",GOOGLE_AUTH_CLIENT_SECRET:"_system.user.auth.google.clientSecret"},withRemoteServer:{MODELENCE_SITE_URL:"_system.site.url"}};function lo(t,e){if(e==="number"){let n=Number(t);if(isNaN(n))throw new Error(`Invalid number value for config: ${t}`);return n}if(e==="boolean"){if(t.toLowerCase()==="true")return true;if(t.toLowerCase()==="false")return false;throw new Error(`Invalid boolean value for config: ${t}`)}return t}function uo(t,e){let n=[];for(let[r,o]of Object.entries(t)){let i=process.env[r],s=e[o];if(i){let a=s?.type??"string";n.push({key:o,type:a,value:lo(i,a)});}}return n}function Le(t,e="withoutRemoteServer"){let n=co[e];return uo(n,t)}async function Nn({configSchema:t,cronJobsMetadata:e,stores:n,roles:r}){let o=process.env.MODELENCE_CONTAINER_ID;if(!o)throw new Error("Unable to connect to Modelence Cloud: MODELENCE_CONTAINER_ID is not set");try{let i=(n??[]).map(a=>({name:a.getName(),schema:a.getSerializedSchema(),collections:[a.getName()],version:2,indexes:a.getIndexes(),searchIndexes:a.getSearchIndexes(),indexCreationMode:a.getIndexCreationMode()})),s=await D("/api/connect","POST",{hostname:mo.hostname(),containerId:o,dataModels:i,configSchema:t,cronJobsMetadata:e,roles:r});if(s.status==="error")throw new Error(s.error);return console.log("Successfully connected to Modelence Cloud"),s}catch(i){throw console.error("Unable to connect to Modelence Cloud:",i),i}}async function Ln(){return D("/api/configs","GET")}async function Un(){return await D("/api/sync","POST",{containerId:process.env.MODELENCE_CONTAINER_ID})}async function D(t,e,n){let{MODELENCE_SERVICE_ENDPOINT:r,MODELENCE_SERVICE_TOKEN:o}=process.env;if(!r)throw new Error("Unable to connect to Modelence Cloud: MODELENCE_SERVICE_ENDPOINT is not set");let i=await fetch(`${r}${t}`,{method:e,headers:{Authorization:`Bearer ${o}`,...n?{"Content-Type":"application/json"}:{}},body:n?JSON.stringify(n):void 0});if(!i.ok){let s=await i.text(),a,c=s;try{a=JSON.parse(s);let d=a.error;if(typeof d=="string")c=d;else if(d&&typeof d=="object"){let p=d.message;typeof p=="string"&&(c=p);}}catch{}let l=new Error(`Unable to connect to Modelence Cloud: HTTP status: ${i.status}, ${c}`);throw a!==void 0&&(l.responseBody=a),l.status=i.status,l}if(!(i.status===204||i.headers?.get("content-length")==="0"))return await i.json()}var ft=false,po=a.seconds(10);function $n(){setInterval(async()=>{if(!ft){ft=true;try{await Un();}catch(t){console.error("Error syncing status",t);}try{await fo();}catch(t){console.error("Error syncing config",t);}ft=false;}},po);}function ht(t){c(t),c(Le(d$1(),"withRemoteServer"));}async function fo(){let{configs:t}=await Ln();ht(t);}var Q=new E("_modelenceLocks",{schema:{_id:m.string(),instanceId:m.string(),acquiredAt:m.date(),resource:m.string()},indexes:[{key:{resource:1},unique:true},{key:{resource:1,instanceId:1}},{key:{resource:1,acquiredAt:1}}],indexCreationMode:"blocking"});var X={},jn=a.seconds(10),Zn=randomBytes(32).toString("base64url"),yo=a.seconds(30),oe=new Map,gt=t=>t instanceof MongoError&&t.code===11e3,Fn=(t,e)=>typeof t.keyPattern=="object"&&t.keyPattern!==null&&Object.prototype.hasOwnProperty.call(t.keyPattern,e),wo=async({error:t,resource:e})=>{if(Fn(t,"resource"))return true;if(Fn(t,"_id"))return false;let n=await Q.findOne({resource:e});return !!n&&n._id!==e},zn=async({resource:t,staleThresholdDate:e,instanceId:n})=>{let r=await Q.upsertOne({_id:t,$or:[{instanceId:n},{acquiredAt:{$lt:e}}]},{$set:{resource:t,instanceId:n,acquiredAt:new Date},$setOnInsert:{_id:t}});return r.upsertedCount>0||r.modifiedCount>0},Hn=async({resource:t,instanceId:e,staleThresholdDate:n})=>{let r=n?{resource:t,_id:{$ne:t},$or:[{instanceId:e},{acquiredAt:{$lt:n}}]}:{resource:t,instanceId:e};return (await Q.deleteOne(r)).deletedCount>0},bo=t=>{let e=t,n=oe.get(e);n&&(n.stopRequested=true,n.timer&&(clearTimeout(n.timer),n.timer=null),oe.delete(e));},qn=({resource:t,lockDuration:e,instanceId:n})=>{let r=Math.floor(e/3),o=t,i$1=oe.get(o);if(i$1&&!i$1.stopRequested&&i$1.heartbeatInterval===r&&i$1.lockDuration===e)return;i$1&&(i$1.stopRequested=true,i$1.timer&&(clearTimeout(i$1.timer),i$1.timer=null),oe.delete(o));let s={timer:null,stopRequested:false,lockDuration:e,heartbeatInterval:r},a=()=>{s.timer=setTimeout(()=>{Y(t,{lockDuration:e,bypassCache:true,instanceId:n}).then(c=>{c||(s.stopRequested=true,i(`Lost lock while refreshing heartbeat: ${t}`,{source:"lock",resource:t,instanceId:n}));}).finally(()=>{if(s.stopRequested){oe.delete(o);return}a();});},r);};oe.set(o,s),a();};async function Y(t,{lockDuration:e=yo,successfulLockCacheDuration:n=jn,failedLockCacheDuration:r=jn,heartbeat:o,bypassCache:i$1,instanceId:s=Zn}={}){let a=Date.now();if(!i$1&&X[t]&&a<X[t].expiresAt)return X[t].value&&o&&qn({resource:t,lockDuration:e,instanceId:s}),X[t].value;let c=new Date(a-e);i(`Attempting to acquire lock: ${t}`,{source:"lock",resource:t,instanceId:s});try{let l=await So({resource:t,staleThresholdDate:c,instanceId:s});return X[t]={value:l,expiresAt:a+(l?n:r)},l?(o&&qn({resource:t,lockDuration:e,instanceId:s}),i(`Lock acquired: ${t}`,{source:"lock",resource:t,instanceId:s})):i(`Failed to acquire lock (already held): ${t}`,{source:"lock",resource:t,instanceId:s}),l}catch{return X[t]={value:false,expiresAt:a+r},i(`Failed to acquire lock (already held): ${t}`,{source:"lock",resource:t,instanceId:s}),false}}var So=async({resource:t,staleThresholdDate:e,instanceId:n})=>{try{return await zn({resource:t,staleThresholdDate:e,instanceId:n})}catch(r){if(gt(r)&&await wo({error:r,resource:t})){if(!await Hn({resource:t,staleThresholdDate:e,instanceId:n}))return false;try{return await zn({resource:t,staleThresholdDate:e,instanceId:n})}catch(i){if(gt(i))return false;throw i}}if(gt(r))return false;throw r}};async function ge(t,{instanceId:e=Zn}={}){bo(t);try{let n=await Q.deleteOne({_id:t,instanceId:e});return n.deletedCount===0?await Hn({resource:t,instanceId:e}):n.deletedCount>0}catch{return false}finally{delete X[t];}}var ee={},yt=null,wt=new E("_modelenceCronJobs",{schema:{alias:m.string(),lastStartDate:m.date().optional()},indexes:[{key:{alias:1},unique:true,background:true}]});function Wn(t,{description:e="",interval:n,timeout:r=Math.min(Math.max(n,a.minutes(1)),a.days(1)),handler:o}){if(ee[t])throw new Error(`Duplicate cron job declaration: '${t}' already exists`);if(yt)throw new Error(`Unable to add a cron job - cron jobs have already been initialized: [${t}]`);if(n<a.seconds(5))throw new Error(`Cron job interval should not be less than 5 second [${t}]`);if(r>a.days(1))throw new Error(`Cron job timeout should not be longer than 1 day [${t}]`);ee[t]={alias:t,params:{description:e,interval:n,timeout:r},handler:o,state:{isRunning:false}};}async function Bn(){if(yt)throw new Error("Cron jobs already started");let t=Object.keys(ee);if(t.length>0){let e={alias:{$in:t}},n=await wt.fetch(e),r=Date.now();n.forEach(o=>{let i=ee[o.alias];i&&(i.state.scheduledRunTs=o.lastStartDate?o.lastStartDate.getTime()+i.params.interval:r);}),Object.values(ee).forEach(o=>{o.state.scheduledRunTs||(o.state.scheduledRunTs=r);}),yt=setInterval(xo,a.seconds(1));}}async function xo(){let t=Date.now();await Y("cron",{successfulLockCacheDuration:a.seconds(10),failedLockCacheDuration:a.seconds(30)})&&Object.values(ee).forEach(async n=>{let{params:r,state:o}=n;if(o.isRunning){o.startTs&&o.startTs+r.timeout<t&&(o.isRunning=false);return}o.scheduledRunTs&&o.scheduledRunTs<=t&&await vo(n);});}async function vo(t){let{alias:e,params:n,handler:r,state:o}=t;o.isRunning=true,o.startTs=Date.now(),await wt.updateOne({alias:e},{$set:{lastStartDate:new Date(o.startTs)}});let i=l("cron",`cron:${e}`);try{await r(),Vn(o,n),i.end("success");}catch(s){Vn(o,n);let a=s instanceof Error?s:new Error(String(s));m$1(a),i.end("error"),console.error(`Error in cron job '${e}':`,s);}}function Vn(t,e){t.scheduledRunTs=t.startTs?t.startTs+e.interval:Date.now(),t.startTs=void 0,t.isRunning=false;}function Gn(){return Object.values(ee).map(({alias:t,params:e})=>({alias:t,description:e.description,interval:e.interval,timeout:e.timeout}))}var Kn=new C("_system.cron",{stores:[wt]});function Jn(t){let e=[...new Set(t)],n=new Map;for(let i of e){let s=i.getChainRoot();n.set(s,s.getChainTail());}let r=[...new Set(n.values())],o=new Map;for(let[i,s]of n){let a=s.getName(),c=o.get(a);if(c!==void 0&&c!==i)throw new Error(`Store collision: multiple unrelated stores use collection name '${a}'. Use .extend() to create a single extension chain instead of independent stores.`);o.set(a,i);}return {storesToInit:e,effectiveStores:r}}var bt=new C("_system.lock",{stores:[Q]});var ye=new E("_modelenceMigrations",{schema:{version:m.number(),status:m.enum(["completed","failed"]),description:m.string().optional(),output:m.string().optional(),appliedAt:m.date()},indexes:[{key:{version:1},unique:true},{key:{version:1,status:1}}]});async function St(t,{lockMode:e="acquire"}={}){if(t.length!==0){if(e==="acquire"&&!await Y("migrations")){j$1("Another instance is running migrations. Skipping migration run.",{source:"migrations"});return}try{let n=t.map(({version:s})=>s),r=await ye.fetch({version:{$in:n}}),o=new Set(r.map(({version:s})=>s)),i=t.filter(({version:s})=>!o.has(s));if(i.length===0)return;j$1(`Running migrations (${i.length})...`,{source:"migrations"});for(let{version:s,description:a,handler:c}of i){j$1(`Running migration v${s}: ${a}`,{source:"migrations"});try{let d=(await c()||"").toString().trim(),p=15*1024*1024,u=d.length>p?d.slice(0,p)+`
|
|
17
|
+
[Output truncated - exceeded size limit]`:d;await ye.upsertOne({version:s},{$set:{version:s,status:"completed",description:a,output:u,appliedAt:new Date}}),j$1(`Migration v${s} complete`,{source:"migrations"});}catch(l){l instanceof Error&&(await ye.upsertOne({version:s},{$set:{version:s,status:"failed",description:a,output:l.message||"",appliedAt:new Date}}),j$1(`Migration v${s} is failed: ${l.message}`,{source:"migrations"}));}}}finally{e==="acquire"&&await ge("migrations");}}}function Qn(t){setTimeout(()=>{St(t).catch(e=>{console.error("Error running migrations:",e);});},0);}var Xn=new C("_system.migration",{stores:[ye]});var Yn=new C("_system.rateLimit",{stores:[he]});async function er({filePath:t,contentType:e,visibility:n}){return await D("/api/files/upload","POST",{filePath:t,contentType:e,visibility:n})}async function tr(t){await D("/api/files/delete","POST",{filePath:t});}async function nr(t){return await D("/api/files/download","POST",{filePath:t})}async function rr(t){return await D("/api/files/url","POST",{filePath:t})}var or=new C("_system.files",{queries:{async downloadFile({filePath:t}){return nr(t)},async getFileUrl({filePath:t}){return rr(t)}},mutations:{async getUploadUrl({filePath:t,contentType:e,visibility:n}){return er({filePath:t,contentType:e,visibility:n})},async deleteFile({filePath:t}){return tr(t)}}});var vt=class{async init({httpServer:e}){this.config=await Io(this.isDev()?e:void 0),this.isDev()&&(console.log("Starting Vite dev server..."),this.viteServer=await createServer(this.config));}middlewares(){if(this.isDev())return this.viteServer?.middlewares??[];let e=[H.static("./.modelence/build/client".replace(/\\/g,"/"))];return this.config?.publicDir&&e.push(H.static(this.config.publicDir)),e}handler(e,n){if(this.isDev())try{n.setHeader("Cache-Control","no-store"),n.sendFile("index.html",{root:"./src/client"});}catch(r){console.error("Error serving index.html:",r),n.status(500).send("Internal Server Error");}else n.sendFile("index.html",{root:"./.modelence/build/client".replace(/\\/g,"/")});}isDev(){return process.env.NODE_ENV!=="production"}};async function Ro(){let t=process.cwd();try{return (await loadConfigFromFile({command:"serve",mode:"development"},void 0,t))?.config||{}}catch(e){return console.warn("Could not load vite config:",e),{}}}function _o(t,e){let n=mergeConfig(t,e);if(n.plugins&&Array.isArray(n.plugins)){let r=new Set;n.plugins=n.plugins.flat().filter(o=>{if(!o||typeof o!="object"||Array.isArray(o))return true;let i=o.name;return !i||r.has(i)?false:(r.add(i),true)}).reverse(),n.plugins.reverse();}return n}async function Io(t){let e=process.cwd(),n=await Ro(),r=[".eslintrc.js",".eslintrc.json",".eslintrc","eslint.config.js",".eslintrc.yml",".eslintrc.yaml"].find(s=>Oo.existsSync(xt.join(e,s))),o=[Ao(),Mo()];if(r){let s=(await import('vite-plugin-eslint')).default;o.push(s({failOnError:false,include:["src/**/*.js","src/**/*.jsx","src/**/*.ts","src/**/*.tsx"],cwd:e,overrideConfigFile:xt.resolve(e,r)}));}let i=defineConfig({plugins:o,build:{outDir:".modelence/build/client".replace(/\\/g,"/"),emptyOutDir:true},server:{middlewareMode:true,hmr:t?{server:t}:void 0},root:"./src/client",resolve:{alias:{"@":xt.resolve(e,"src").replace(/\\/g,"/")}}});return _o(i,n)}function Mo(){return {name:"modelence-asset-handler",async transform(t,e){if(/\.(png|jpe?g|gif|svg|mpwebm|ogg|mp3|wav|flac|aac)$/.test(e))return process.env.NODE_ENV==="development",t}}}var sr=new vt;async function Ue(t){return !t||typeof t!="string"?null:Wt(t)}function b(t,e,n){let r=k(),o=t.status(e);if(r.errorComponent)try{let i=r.errorComponent({error:n,statusCode:e});if(i)return o.send(i)}catch(i){console.error("Unhandled error in authConfig.errorComponent:",i);}return o.json({error:n})}async function Ct(t,e){let{authToken:n}=await le(e);Te(t,n),t.status(302),t.redirect("/");}async function Po(t,e,n,r,o){let i=k();try{if(n.status==="disabled"||n.status==="deleted"){b(t,400,"User account is not active.");return}let s={};n.firstName===void 0&&e.firstName&&(s.firstName=e.firstName),n.lastName===void 0&&e.lastName&&(s.lastName=e.lastName),n.avatarUrl===void 0&&e.avatarUrl&&(s.avatarUrl=e.avatarUrl);let a=n;Object.keys(s).length>0&&(await f.updateOne({_id:n._id},{$set:s}),a={...n,...s}),await Ct(t,n._id),i.onAfterLogin?.({provider:e.providerName,user:a,session:r,connectionInfo:o}),i.login?.onSuccess?.(a);}catch(s){throw s instanceof Error&&(i.login?.onError?.(s),i.onLoginError?.({provider:e.providerName,error:s,session:r,connectionInfo:o})),s}}async function No(t,e,n,r,o){let i=k();if((i.oauthAccountLinking??"manual")==="auto"&&e.emailVerified){if(n.status==="disabled"||n.status==="deleted"){b(t,400,"User account is not active.");return}if(!n.emails?.find(c=>c.address.toLowerCase()===e.email.toLowerCase())?.verified){b(t,400,"User with this email already exists. Please log in instead.");return}try{let c={...n.firstName===void 0&&e.firstName&&{firstName:e.firstName},...n.lastName===void 0&&e.lastName&&{lastName:e.lastName},...n.avatarUrl===void 0&&e.avatarUrl&&{avatarUrl:e.avatarUrl}};if(!((await f.updateOne({_id:n._id,status:{$nin:["deleted","disabled"]},$or:[{[`authMethods.${e.providerName}.id`]:{$exists:!1}},{[`authMethods.${e.providerName}.id`]:e.id}]},{$set:{[`authMethods.${e.providerName}.id`]:e.id,...c}})).matchedCount>0)){b(t,400,"User with this email already exists. Please log in instead.");return}await Ct(t,n._id);let p={...n,...c,authMethods:{...n.authMethods,[e.providerName]:{id:e.id}}};i.onAfterLogin?.({provider:e.providerName,user:p,session:r,connectionInfo:o}),i.login?.onSuccess?.(p);return}catch(c){throw c instanceof Error&&(i.login?.onError?.(c),i.onLoginError?.({provider:e.providerName,error:c,session:r,connectionInfo:o})),c}}b(t,400,"User with this email already exists. Please log in instead.");}async function Lo(t,e,n,r){let o=k();try{let i;if(o.generateHandle){let l=await o.generateHandle({email:e.email,firstName:e.firstName,lastName:e.lastName});i=await J(l,e.email,{throwOnConflict:!1});}else i=await J(void 0,e.email);let s={handle:i,status:"active",emails:[{address:e.email,verified:e.emailVerified}],createdAt:new Date,authMethods:{[e.providerName]:{id:e.id}},...e.firstName!==void 0&&{firstName:e.firstName},...e.lastName!==void 0&&{lastName:e.lastName},...e.avatarUrl!==void 0&&{avatarUrl:e.avatarUrl}},a=await f.insertOne(s);await Ct(t,a.insertedId);let c=await f.findOne({_id:a.insertedId},{readPreference:"primary"});c&&(o.onAfterSignup?.({provider:e.providerName,user:c,session:n,connectionInfo:r}),o.signup?.onSuccess?.(c));}catch(i){throw i instanceof Error&&(o.onSignupError?.({provider:e.providerName,error:i,session:n,connectionInfo:r}),o.signup?.onError?.(i)),i}}function se(t){return `${a$1("_system.site.url")}/api/_internal/auth/${t}/callback`}async function $e(t,e,n){let r=await f.findOne({[`authMethods.${n.providerName}.id`]:n.id}),{session:o,connectionInfo:i}=await ae(t,e);if(r)return Po(e,n,r,o,i);if(!n.email){b(e,400,`Email address is required for ${n.providerName} authentication.`);return}let s;try{s=await f.findOne({"emails.address":n.email,status:{$ne:"deleted"}},{collation:{locale:"en",strength:2}});}catch(a){if(a instanceof Error){let c=k();c.onSignupError?.({provider:n.providerName,error:a,session:o,connectionInfo:i}),c.signup?.onError?.(a);}throw a}return s?No(e,n,s,o,i):Lo(e,n,o,i)}function O(t){t.cookie("oauthLinkToken","",{httpOnly:true,maxAge:0,path:"/api/_internal/auth/",sameSite:"lax",secure:process.env.NODE_ENV==="production"});}function ie(t){if(t)try{t();}catch(e){console.error("Error executing OAuth hook:",e);}}function je(t,e,n){let r=t.query.state,o=t.cookies[n],[i,s,a]=(o||"").split(":");return !r||!o||r!==i?(b(e,400,"Invalid OAuth state - possible CSRF attack"),null):(e.clearCookie(n),{mode:s||"login",...a?{linkedUserId:a}:{}})}async function Fe(t,e,n,r){let o=k(),{session:i,connectionInfo:s}=await ae(t,e),a=null;if(r){if(!ObjectId.isValid(r)){O(e),b(e,400,"Invalid OAuth linking state.");return}a=new ObjectId(r);}else a=i?.userId??null;if(!a){O(e),b(e,401,"You must be signed in to link a provider.");return}let c=a;try{let l=`authMethods.${n.providerName}.id`;if((await f.updateOne({_id:c,status:{$nin:["deleted","disabled"]},$or:[{[l]:{$exists:!1}},{[l]:n.id}]},{$set:{[l]:n.id}})).matchedCount===0){let u=await f.findOne({_id:c});if(!u||u.status==="deleted"||u.status==="disabled"){ie(()=>o.onOAuthLinkError?.({provider:n.providerName,error:new Error("User account not found or not active"),session:i,connectionInfo:s})),O(e),b(e,400,"User account is not active.");return}let y=u?.authMethods?.[n.providerName]?.id;if(y&&y!==n.id){ie(()=>o.onOAuthLinkError?.({provider:n.providerName,error:new Error(`User already has a different ${n.providerName} account linked`),session:i,connectionInfo:s})),O(e),b(e,400,`You have already linked a different ${n.providerName} account.`);return}ie(()=>o.onOAuthLinkError?.({provider:n.providerName,error:new Error(`Unexpected OAuth linking state for ${n.providerName}`),session:i,connectionInfo:s})),O(e),b(e,400,`Unable to link ${n.providerName} account.`);return}let p=await f.findOne({_id:c},{readPreference:"primary"});p&&ie(()=>o.onAfterOAuthLink?.({provider:n.providerName,user:p,session:i,connectionInfo:s})),O(e),e.status(302).redirect("/");}catch(l){if(l instanceof MongoServerError&&l.code===11e3){ie(()=>o.onOAuthLinkError?.({provider:n.providerName,error:l,session:i,connectionInfo:s})),O(e),b(e,400,`This ${n.providerName} account is already linked to a different user.`);return}if(l instanceof Error&&ie(()=>o.onOAuthLinkError?.({provider:n.providerName,error:l,session:i,connectionInfo:s})),O(e),!e.headersSent)throw l}}function ze(t){return !t||typeof t!="string"?null:t}async function jo(t,e,n,r){let o=await fetch("https://oauth2.googleapis.com/token",{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded"},body:new URLSearchParams({code:t,client_id:e,client_secret:n,redirect_uri:r,grant_type:"authorization_code"})});if(!o.ok)throw new Error(`Failed to exchange code for token: ${o.statusText}`);return o.json()}async function Fo(t){let e=await fetch("https://www.googleapis.com/oauth2/v2/userinfo",{headers:{Authorization:`Bearer ${t}`}});if(!e.ok)throw new Error(`Failed to fetch user info: ${e.statusText}`);return e.json()}async function zo(t,e){let n=ze(t.query.code);if(!n){b(e,400,"Missing authorization code");return}let r=je(t,e,"authStateGoogle");if(!r)return;let{mode:o,linkedUserId:i}=r,s=String(a$1("_system.user.auth.google.clientId")),a=String(a$1("_system.user.auth.google.clientSecret")),c=se("google");try{let l=await jo(n,s,a,c),d=await Fo(l.access_token),p={id:d.id,email:d.email,emailVerified:d.verified_email,providerName:"google",firstName:d.given_name||void 0,lastName:d.family_name||void 0,avatarUrl:d.picture||void 0};o==="link"?await Fe(t,e,p,i):await $e(t,e,p);}catch(l){console.error("Google OAuth error:",l),o==="link"&&O(e),b(e,500,"Authentication failed");}}function qo(){let t=Router(),e=(n,r,o)=>{let i=!!a$1("_system.user.auth.google.enabled"),s=String(a$1("_system.user.auth.google.clientId")),a=String(a$1("_system.user.auth.google.clientSecret"));if(!i||!s||!a){b(r,503,"Google authentication is not configured");return}o();};return t.get("/api/_internal/auth/google",e,async(n,r)=>{let o=String(a$1("_system.user.auth.google.clientId")),i=se("google"),s=randomBytes(32).toString("hex"),a$2=n.query.mode==="link"?"link":"login",c=null;if(a$2==="link"&&n.query.linkNonce&&(c=await Ue(n.query.linkNonce),!c)){b(r,401,"Invalid or expired link nonce for OAuth linking.");return}let l=c?`${s}:${a$2}:${c}`:`${s}:${a$2}`;r.cookie("authStateGoogle",l,{httpOnly:true,secure:process.env.NODE_ENV==="production",sameSite:"lax",maxAge:a.minutes(10)});let d=new URL("https://accounts.google.com/o/oauth2/v2/auth");d.searchParams.append("client_id",o),d.searchParams.append("redirect_uri",i),d.searchParams.append("response_type","code"),d.searchParams.append("scope","profile email"),d.searchParams.append("access_type","online"),d.searchParams.append("state",s),r.redirect(d.toString());}),t.get("/api/_internal/auth/google/callback",e,zo),t}var cr=qo;async function Vo(t,e,n,r){let o=await fetch("https://github.com/login/oauth/access_token",{method:"POST",headers:{"Content-Type":"application/json",Accept:"application/json"},body:JSON.stringify({client_id:e,client_secret:n,code:t,redirect_uri:r})});if(!o.ok)throw new Error(`Failed to exchange code for token: ${o.statusText}`);return o.json()}async function Wo(t){let e=await fetch("https://api.github.com/user",{headers:{Authorization:`Bearer ${t}`,Accept:"application/vnd.github.v3+json"}});if(!e.ok)throw new Error(`Failed to fetch user info: ${e.statusText}`);return e.json()}async function Bo(t){let e=await fetch("https://api.github.com/user/emails",{headers:{Authorization:`Bearer ${t}`,Accept:"application/vnd.github.v3+json"}});if(!e.ok)throw new Error(`Failed to fetch user emails: ${e.statusText}`);return e.json()}async function Go(t,e){return t.email?t.email:(await Bo(e)).find(r=>r.primary&&r.verified)?.email??null}async function Ko(t,e){let n=ze(t.query.code);if(!n){b(e,400,"Missing authorization code");return}let r=je(t,e,"authStateGithub");if(!r)return;let{mode:o,linkedUserId:i}=r,s=String(a$1("_system.user.auth.github.clientId")),a=String(a$1("_system.user.auth.github.clientSecret")),c=se("github");try{let l=await Vo(n,s,a,c),d=await Wo(l.access_token),p=await Go(d,l.access_token);if(!p){o==="link"&&O(e),b(e,400,"Unable to retrieve a primary verified email from GitHub. Please ensure your GitHub account has a verified email set as primary.");return}let u=d.name?d.name.trim().split(/\s+/):[],y=u[0]||void 0,g=u.length>1?u.slice(1).join(" "):void 0,S={id:String(d.id),email:p,emailVerified:!0,providerName:"github",firstName:y,lastName:g,avatarUrl:d.avatar_url||void 0};o==="link"?await Fe(t,e,S,i):await $e(t,e,S);}catch(l){console.error("GitHub OAuth error:",l),o==="link"&&O(e),b(e,500,"Authentication failed");}}function Jo(){let t=Router(),e=(n,r,o)=>{let i=!!a$1("_system.user.auth.github.enabled"),s=String(a$1("_system.user.auth.github.clientId")),a=String(a$1("_system.user.auth.github.clientSecret"));if(!i||!s||!a){b(r,503,"GitHub authentication is not configured");return}o();};return t.get("/api/_internal/auth/github",e,async(n,r)=>{let o=String(a$1("_system.user.auth.github.clientId")),i=se("github"),s=a$1("_system.user.auth.github.scopes"),a$2=s?String(s).split(",").map(y=>y.trim()).join(" "):"user:email",c=randomBytes(32).toString("hex"),l=n.query.mode==="link"?"link":"login",d=null;if(l==="link"&&n.query.linkNonce&&(d=await Ue(n.query.linkNonce),!d)){b(r,401,"Invalid or expired link nonce for OAuth linking.");return}let p=d?`${c}:${l}:${d}`:`${c}:${l}`;r.cookie("authStateGithub",p,{httpOnly:true,secure:process.env.NODE_ENV==="production",sameSite:"lax",maxAge:a.minutes(10)});let u=new URL("https://github.com/login/oauth/authorize");u.searchParams.append("client_id",o),u.searchParams.append("redirect_uri",i),u.searchParams.append("scope",a$2),u.searchParams.append("state",c),r.redirect(u.toString());}),t.get("/api/_internal/auth/github/callback",e,Ko),t}var lr=Jo;function dr(t,e,n){return async(r,o,i)=>{let s=r.headers["x-modelence-auth-token"],a={session:null,user:null};if(typeof s=="string"&&G())try{let{session:l,user:d}=await N(s);a={session:l,user:d};}catch{}let c=l("route",`route:${t.toLowerCase()}:${e}`,{method:t,path:e,query:r.query,body:r.body,params:r.params});try{let l=await n({query:r.query,body:r.body,params:r.params,headers:r.headers,cookies:r.cookies,rawBody:Buffer.isBuffer(r.body)?r.body:void 0,req:r,res:o,next:i},a);c.end(),l&&(o.status(l.status||200),l.redirect&&o.redirect(l.redirect),l.headers&&Object.entries(l.headers).forEach(([d,p])=>{o.setHeader(d,p);}),o.send(l.data));}catch(l){c.end("error"),l instanceof a$3?o.status(l.status).send(l.message):(console.error(`Error in route handler: ${r.path}`),console.error(l),o.status(500).send(String(l)));}}}var Et=Object.freeze({});function ur(t){Et=Object.freeze(Object.assign({},Et,t));}function mr(){return Et}var kt=Object.freeze({});function pr(t){kt=Object.freeze(Object.assign({},kt,t));}function qe(){return kt}function Yo(t){let e=[];if(!t)return e.push(H.json({limit:"16mb"})),e.push(H.urlencoded({extended:true,limit:"16mb"})),e;if(t.json!==false){let n=typeof t.json=="object"?t.json:{limit:"16mb"};e.push(H.json(n));}if(t.urlencoded!==false){let n=typeof t.urlencoded=="object"?t.urlencoded:{extended:true,limit:"16mb"};e.push(H.urlencoded(n));}if(t.raw){let n=typeof t.raw=="object"?t.raw:{},r={limit:n.limit||"16mb",type:n.type||"*/*"};e.push(H.raw(r));}return e}function ei(t,e){for(let n of e)for(let r of n.routes){let{path:o,handlers:i,body:s}=r,a=Yo(s);Object.entries(i).forEach(([c,l])=>{t[c](o,...a,dr(c,o,l));});}}async function fr(t,{combinedModules:e,channels:n}){let r=H();r.use(Qo()),r.use(ri()),ei(r,e),r.use(H.json({limit:"16mb"})),r.use(H.urlencoded({extended:true,limit:"16mb"})),r.use(cr()),r.use(lr()),r.post("/api/_internal/auth/set-link-cookie",async(a,c)=>{let{session:l}=await ae(a,c);if(!l?.userId){c.status(401).json({error:"Not authenticated"});return}c.cookie("oauthLinkToken",l.authToken,{httpOnly:true,secure:process.env.NODE_ENV==="production",sameSite:"lax",path:"/api/_internal/auth/",maxAge:10*60*1e3}),c.json({ok:true});}),r.post("/api/_internal/auth/issue-link-nonce",async(a,c)=>{let{session:l}=await ae(a,c);if(!l?.userId){c.status(401).json({error:"Not authenticated"});return}let d=await Vt(String(l.userId));c.json({nonce:d});}),r.post("/api/_internal/method/:methodName(*)",async(a,c)=>{let l=a.params.methodName,d=await ae(a,c);try{let p=a$2(await cn(l,a.body.args,d));c.json({data:p,typeMap:b$3(p)});}catch(p){ti(c,l,p);}});let o=Xo.createServer(r);await t.init({httpServer:o}),t.middlewares&&r.use(t.middlewares()),r.all("*",(a,c)=>t.handler(a,c)),process.on("unhandledRejection",(a,c)=>{console.error("Unhandled Promise Rejection:"),console.error(a instanceof Error?a.stack:a),console.error("Promise:",c);}),process.on("uncaughtException",a=>{console.error("Uncaught Exception:"),console.error(a.stack),console.trace("Full application stack:");});let i=qe()?.provider;i&&i.init({httpServer:o,channels:n});let s=process.env.MODELENCE_PORT||process.env.PORT||3e3;o.listen(s,()=>{j$1("Application started",{source:"app"});let a=a$1("_system.site.url")||`http://localhost:${s}`;console.log(`
|
|
18
18
|
Application started on ${a}
|
|
19
|
-
`);});}async function ae(t,e){let n=(t.path??t.url??"").split("?")[0],r=n.startsWith("/api/_internal/auth/")&&n.endsWith("/callback"),o=Z.string().nullish().transform(c=>c??null).parse(t.cookies.authToken||(r?t.cookies.oauthLinkToken:null)||t.body.authToken),i=Z.object({screenWidth:Z.number(),screenHeight:Z.number(),windowWidth:Z.number(),windowHeight:Z.number(),pixelRatio:Z.number(),orientation:Z.string().nullable()}).nullish().parse(t.body.clientInfo)??{screenWidth:0,screenHeight:0,windowWidth:0,windowHeight:0,pixelRatio:1,orientation:null},s={ip:
|
|
20
|
-
export{re as LiveData,C as Module,Ot as ServerChannel,E as Store,N as authenticate,I as consumeRateLimit,
|
|
19
|
+
`);});}async function ae(t,e){let n=(t.path??t.url??"").split("?")[0],r=n.startsWith("/api/_internal/auth/")&&n.endsWith("/callback"),o=Z.string().nullish().transform(c=>c??null).parse(t.cookies.authToken||(r?t.cookies.oauthLinkToken:null)||t.body.authToken),i=Z.object({screenWidth:Z.number(),screenHeight:Z.number(),windowWidth:Z.number(),windowHeight:Z.number(),pixelRatio:Z.number(),orientation:Z.string().nullable()}).nullish().parse(t.body.clientInfo)??{screenWidth:0,screenHeight:0,windowWidth:0,windowHeight:0,pixelRatio:1,orientation:null},s={ip:ii(t),userAgent:t.get("user-agent"),acceptLanguage:t.get("accept-language"),referrer:t.get("referrer"),baseUrl:oi(t)};if(!!G()){let{session:c,user:l,roles:d}=await N(o);return {clientInfo:i,connectionInfo:s,session:c,user:l,roles:d,req:t,res:e}}return {clientInfo:i,connectionInfo:s,session:null,user:null,roles:Ae(),req:t,res:e}}function ti(t,e,n){if(n instanceof a$3){n.status>=500&&n.status<600&&console.error(`Error calling ${e}:`,n),n.code&&t.setHeader("X-Modelence-Error-Code",n.code),t.status(n.status).send(n.message);return}if(n instanceof Error&&n?.constructor?.name==="ZodError"&&"errors"in n){let r="";try{r=ni(n);}catch(o){console.error(`Error parsing Zod error in ${e}:`,o),r="Validation failed";}t.status(400).send(r);return}console.error(`Error calling ${e}:`,n),t.status(500).send(n instanceof Error?n.message:String(n));}function ni(t){let e=t.flatten(),n=Object.entries(e.fieldErrors).map(([i,s])=>`${i}: ${(s??[]).join(", ")}`),r=e.formErrors;return [...n,...r].filter(Boolean).join("; ")}function ri(){let{frameAncestors:t}=mr(),e=t&&t.length>0,n=e?["'self'",...t].join(" "):"'self'";return (r,o,i)=>{o.setHeader("Content-Security-Policy",`frame-ancestors ${n}`),e||o.setHeader("X-Frame-Options","SAMEORIGIN"),i();}}function oi(t){let e=t.headers["x-forwarded-host"],n=(Array.isArray(e)?e[0]:e?.split(",")[0])?.trim()||t.get("host"),r=t.headers["x-forwarded-proto"];return `${(Array.isArray(r)?r[0]:r?.split(",")[0])?.trim()||t.protocol}://${n}`}function ii(t){let e=t.headers["x-forwarded-for"];if(e)return (Array.isArray(e)?e[0]:e.split(",")[0]).trim();let n=t.ip||t.socket?.remoteAddress;if(n)return n.startsWith("::ffff:")?n.substring(7):n}function si(t){return t?t.match(/^\s*"?([^"<]+?)"?\s*<[^>]+>\s*$/)?.[1]?.trim():void 0}function ai(t){if(t)return Array.isArray(t)?t:[t]}function ci(t){return {to:Array.isArray(t.to)?t.to:[t.to],subject:t.subject,html:t.html,text:t.text,fromName:si(t.from),replyTo:ai(t.replyTo)}}function li(t){if(!(t instanceof Error))return new Error("Managed email send failed");let e=t.responseBody,n=e?.error?.code,r=e?.error?.message;return n&&r?new Error(`Managed email rejected (${n}): ${r}`):t}var hr={async sendEmail(t){if(t.cc||t.bcc||t.attachments||t.headers)throw new Error("Modelence managed email does not support cc, bcc, attachments, or custom headers in v1. Configure your own provider (Resend, SES, SMTP) to use these features. See https://docs.modelence.com/email/managed.");try{await D("/api/email/send","POST",ci(t));}catch(e){throw li(e)}}};async function pi({modules:t=[],roles:e$1={},defaultRoles:n={},server:r=sr,migrations:o=[],email:i={},auth:s={},security:a={},websocket:c$1={}}){gr.config(),gr.config({path:".modelence.env"});let l=!!process.env.MODELENCE_SERVICE_ENDPOINT;Ei().then(()=>{}).catch(()=>{});let d=[pt,Qt,Kn,Xn,Yn,ue,bt,or],p=[...d,...t];f$1(),hi(d),fi(t),Yt(e$1,n);let u=xi(p);e(u);let y=gi(p),g$1=yi(p);vi(p),pt.rateLimits=mt(s.rateLimits);let S=wi(p);An(S);let{storesToInit:L,effectiveStores:R}=Jn(y);if(l){let{configs:A,environmentId:V,appAlias:_,environmentAlias:wr,telemetry:br}=await Nn({configSchema:u,cronJobsMetadata:Gn(),stores:R,roles:e$1});ht(A),g({environmentId:V,appAlias:_,environmentAlias:wr,telemetry:br});}else c(Le(u));if(l&&!i.provider?it({...i,provider:hr}):it(i),Sn(s),ur(a),pr({...c$1,provider:c$1.provider||un}),G()){await tn();let A=[...new Set([...L,...R])];Ci(A),await Si(R,o);}else Qn(o);l&&(await h(),$n()),Bn().catch(console.error),await fr(r,{combinedModules:p,channels:g$1});}function fi(t){for(let e of t){for(let[n,r]of Object.entries(e.queries))Ye(`${e.name}.${n}`,r);for(let[n,r]of Object.entries(e.mutations))nn(`${e.name}.${n}`,r);}}function hi(t){for(let e of t){for(let[n,r]of Object.entries(e.queries))rn(`${e.name}.${n}`,r);for(let[n,r]of Object.entries(e.mutations))on(`${e.name}.${n}`,r);}}function gi(t){return t.flatMap(e=>e.stores)}function yi(t){return t.flatMap(e=>e.channels)}function wi(t){return t.flatMap(e=>e.rateLimits)}function bi(t,e){console.warn(`Failed to create indexes for store '${t}'. Continuing startup.`,e);}var Tt="migrations";async function Si(t,e){if(!await Y(Tt,{lockDuration:a.seconds(30),heartbeat:true}))return;let r,o;try{r=t.filter(a=>a.getIndexCreationMode()==="blocking"),o=t.filter(a=>a.getIndexCreationMode()==="background");for(let a of r)await At(a,"full");for(let a of o)await At(a,"drop-only");}catch(a){throw await ge(Tt),a}let i=(async()=>{for(let a of o)await At(a,"create-only");})(),s=St(e,{lockMode:"skip"});Promise.allSettled([i,s]).then(([a,c])=>{a.status==="rejected"&&console.error("Error creating background indexes:",a.reason),c.status==="rejected"&&console.error("Error running migrations:",c.reason);}).finally(async()=>{await ge(Tt);});}async function At(t,e="full"){let n=t.getName();try{await t.createIndexes(e);}catch(r){bi(n,r);}}function xi(t){let e={};for(let n of t)for(let[r,o]of Object.entries(n.configSchema)){let i=`${n.name}.${r}`;if(i in e)throw new Error(`Duplicate config schema key: ${i} (${n.name})`);e[i]=o;}return e}function vi(t){for(let e of t)for(let[n,r]of Object.entries(e.cronJobs))Wn(`${e.name}.${n}`,r);}function Ci(t){let e=Oe();if(!e)throw new Error("Failed to initialize stores: MongoDB client not initialized");for(let n of t)n.init(e);}async function Ei(){if(process.env.MODELENCE_TRACKING_ENABLED!=="false"){let e=process.env.MODELENCE_SERVICE_ENDPOINT??"https://cloud.modelence.com",n=process.env.MODELENCE_ENVIRONMENT_ID,r=await ki(),o=await import('./package-FOVTOR5M.js');await fetch(`${e}/api/track/app-start`,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({projectName:r.name,version:o.default.version,localHostname:mo.hostname(),environmentId:n})});}}async function ki(){try{let t=xt.join(process.cwd(),"package.json"),e=await di.readFile(t,"utf-8");return {name:JSON.parse(e).name||"unknown"}}catch{return {name:"unknown"}}}async function yr(t){await j.deleteMany({userId:t}),await P.deleteMany({userId:t});}async function Ai(t){await yr(t),await f.updateOne(t,{$set:{status:"disabled",disabledAt:new Date}});}async function Oi(t){await yr(t),await f.updateOne({_id:t},{$set:{handle:`deleted-${t}-${randomUUID()}`,status:"deleted",deletedAt:new Date,authMethods:{},emails:[]}});}var Ot=class{constructor(e,n){this.category=e,this.canAccessChannel=n||null;}broadcast(e,n){let r=qe().provider;if(!r){k$1("Websockets provider should be added to startApp",{});return}r.broadcast({category:this.category,id:e,data:n});}};function Ri(t){if(!v().provider)throw new Error("Email provider is not configured, see https://docs.modelence.com/email for more details.");return v().provider?.sendEmail(t)}
|
|
20
|
+
export{re as LiveData,C as Module,Ot as ServerChannel,E as Store,N as authenticate,I as consumeRateLimit,Ye as createQuery,f as dbUsers,tr as deleteFile,Oi as deleteUser,Ai as disableUser,nr as downloadFile,rr as getFileUrl,er as getUploadUrl,m as schema,Ri as sendEmail,pi as startApp};//# sourceMappingURL=server.js.map
|
|
21
21
|
//# sourceMappingURL=server.js.map
|