powr-sdk-api 4.5.8 → 4.7.0

package/dist/config.js

@@ -20,16 +20,6 @@ const credentials = {
   auth_provider_x509_cert_url: process.env.GOOGLE_CLOUD_AUTH_PROVIDER_X509_CERT_URL,
   client_x509_cert_url: process.env.GOOGLE_CLOUD_CLIENT_X509_CERT_URL
 };
-console.log('Configuration loaded............:', {
-  mongoUri: config.mongoUri ? '***REDACTED***' : 'NOT SET',
-  jwtToken: config.jwtToken ? '***REDACTED***' : 'NOT SET',
-  projectId: config.projectId,
-  storageBucket: config.storageBucket,
-  credentials: credentials ? {
-    client_email: credentials.client_email,
-    private_key_length: credentials.private_key ? credentials.private_key.length : 0
-  } : null
-});
 module.exports = {
   config,
   credentials

package/dist/logger/gcs.js

@@ -0,0 +1,78 @@
+"use strict";
+
+const winston = require('winston');
+const {
+  Storage
+} = require('@google-cloud/storage');
+
+// Create GCS client using environment variables for credentials
+const storage = new Storage({
+  projectId: process.env.GCS_PROJECT_ID,
+  credentials: {
+    client_email: process.env.GCS_CLIENT_EMAIL,
+    private_key: process.env.GCS_PRIVATE_KEY ? process.env.GCS_PRIVATE_KEY.replace(/\\n/g, '\n') : undefined
+  }
+});
+
+/**
+ * Custom Winston transport for logging to Google Cloud Storage
+ */
+class GCSTransport extends winston.Transport {
+  constructor(opts) {
+    super(opts);
+    this.bucket = opts.bucket;
+    this.prefix = opts.prefix || '';
+    this.buffer = [];
+    this.bufferSize = opts.bufferSize || 100;
+    this.flushInterval = opts.flushInterval || 5000;
+    this.setupFlushInterval();
+  }
+  setupFlushInterval() {
+    setInterval(() => {
+      this.flush();
+    }, this.flushInterval);
+  }
+  async flush() {
+    if (this.buffer.length === 0) return;
+    const logs = this.buffer.splice(0, this.buffer.length);
+    const date = new Date().toISOString().split('T')[0];
+    const filename = `${this.prefix}/${date}/${Date.now()}.json`;
+    try {
+      const bucket = storage.bucket(this.bucket);
+      const file = bucket.file(filename);
+      await file.save(JSON.stringify(logs), {
+        contentType: 'application/json',
+        metadata: {
+          contentType: 'application/json'
+        }
+      });
+    } catch (error) {
+      console.error('Failed to write logs to Google Cloud Storage:', {
+        error: error.message,
+        code: error.code,
+        bucket: this.bucket,
+        filename: filename,
+        projectId: process.env.GCS_PROJECT_ID,
+        stack: error.stack
+      });
+      // Put the logs back in the buffer
+      this.buffer.unshift(...logs);
+    }
+  }
+  log(info, callback) {
+    setImmediate(() => {
+      this.emit('logged', info);
+    });
+    this.buffer.push({
+      timestamp: new Date().toISOString(),
+      ...info
+    });
+    if (this.buffer.length >= this.bufferSize) {
+      this.flush();
+    }
+    callback();
+  }
+}
+module.exports = {
+  GCSTransport
+};

package/dist/logger/s3.js

@@ -0,0 +1,78 @@
+"use strict";
+
+const winston = require('winston');
+const {
+  S3Client,
+  PutObjectCommand
+} = require('@aws-sdk/client-s3');
+
+// Create S3 client
+const s3Client = new S3Client({
+  region: process.env.AWS_REGION,
+  credentials: {
+    accessKeyId: process.env.AWS_ACCESS_KEY_ID,
+    secretAccessKey: process.env.AWS_SECRET_ACCESS_KEY
+  }
+});
+
+/**
+ * Custom Winston transport for logging to S3
+ */
+class S3Transport extends winston.Transport {
+  constructor(opts) {
+    super(opts);
+    this.bucket = opts.bucket;
+    this.prefix = opts.prefix || '';
+    this.buffer = [];
+    this.bufferSize = opts.bufferSize || 100;
+    this.flushInterval = opts.flushInterval || 5000;
+    this.setupFlushInterval();
+  }
+  setupFlushInterval() {
+    setInterval(() => {
+      this.flush();
+    }, this.flushInterval);
+  }
+  async flush() {
+    if (this.buffer.length === 0) return;
+    const logs = this.buffer.splice(0, this.buffer.length);
+    const date = new Date().toISOString().split('T')[0];
+    const key = `${this.prefix}/${date}/${Date.now()}.json`;
+    try {
+      const command = new PutObjectCommand({
+        Bucket: this.bucket,
+        Key: key,
+        Body: JSON.stringify(logs),
+        ContentType: 'application/json'
+      });
+      await s3Client.send(command);
+    } catch (error) {
+      console.error('Failed to write logs to S3:', {
+        error: error.message,
+        code: error.code,
+        bucket: this.bucket,
+        key: key,
+        region: process.env.AWS_REGION,
+        stack: error.stack
+      });
+      // Put the logs back in the buffer
+      this.buffer.unshift(...logs);
+    }
+  }
+  log(info, callback) {
+    setImmediate(() => {
+      this.emit('logged', info);
+    });
+    this.buffer.push({
+      timestamp: new Date().toISOString(),
+      ...info
+    });
+    if (this.buffer.length >= this.bufferSize) {
+      this.flush();
+    }
+    callback();
+  }
+}
+module.exports = {
+  S3Transport
+};

package/dist/middleware/auth.js

@@ -0,0 +1,76 @@
+"use strict";
+
+const jwt = require("jsonwebtoken");
+const generateToken = user => {
+  return jwt.sign({
+    userId: user.userId
+  }, process.env.JWT_SECRET, {
+    expiresIn: process.env.JWT_EXPIRES_IN || '24h'
+  });
+};
+const validateToken = async (req, res, next) => {
+  try {
+    let token;
+
+    // Check if token exists in headers
+    if (req.headers.authorization && req.headers.authorization.startsWith("Bearer")) {
+      token = req.headers.authorization.split(" ")[1];
+    }
+    if (!token) {
+      return res.error("Not authorized to access this route", 401);
+    }
+    try {
+      // Verify token
+      const decoded = jwt.verify(token, process.env.JWT_SECRET);
+
+      // // Get user from token
+      // const user = await User.findByPk(decoded.userId);
+      // if (!user) {
+      //     return res.error('User not found', 401);
+      // }
+
+      // // Add user and userId to request object
+      // req.user = user;
+      req.userId = decoded.userId;
+      next();
+    } catch (error) {
+      return res.error("Not authorized to access this route", 401, error);
+    }
+  } catch (error) {
+    return res.error("Error authenticating user", 500, error);
+  }
+};
+const validateAuth = (options = {}) => {
+  const {
+    publicPaths = ["/auth", "/", "/status", "/swagger"],
+    publicMethods = ["OPTIONS"]
+  } = options;
+  return async (req, res, next) => {
+    // Skip auth validation for public paths
+    if (publicPaths.some(path => req.path.startsWith(path))) {
+      return next();
+    }
+
+    // Skip auth validation for public methods
+    if (publicMethods.includes(req.method)) {
+      return next();
+    }
+
+    // Use the original validateToken middleware for protected routes
+    return validateToken(req, res, next);
+  };
+};
+
+// exports.authorize = (...roles) => {
+//     return (req, res, next) => {
+//         if (!roles.includes(req.user.role)) {
+//             return res.error(`User role ${req.user.role} is not authorized to access this route`, 403);
+//         }
+//         next();
+//     };
+// };
+
+module.exports = {
+  validateAuth,
+  generateToken
+};

package/dist/middleware/jwtToken.js

@@ -10,9 +10,20 @@ const generateJWTToken = (user, profile = null) => {
     fullName: user.fullName,
     access: profile === null || profile === void 0 ? void 0 : profile.access
   }, config.jwtToken, {
-    expiresIn: '24h'
+    expiresIn: '7d'
   });
 };
+const generateRefreshToken = user => {
+  return jwt.sign({
+    userId: user._id,
+    type: 'refresh'
+  }, config.jwtToken, {
+    expiresIn: '30d'
+  });
+};
+const verifyRefreshToken = token => {
+  return jwt.verify(token, config.jwtToken);
+};
 
 // Verify JWT token middleware for APIs
 const verifyToken = async (req, res, next) => {
@@ -43,7 +54,7 @@ const verifyToken = async (req, res, next) => {
       fullName: decoded.fullName,
       access: decoded.access
     };
-    next();
+    return next();
   } catch (error) {
     console.error("Error in auth middleware:", error);
     return res.status(401).json({
@@ -54,5 +65,7 @@ const verifyToken = async (req, res, next) => {
 };
 module.exports = {
   generateJWTToken,
+  generateRefreshToken,
+  verifyRefreshToken,
   verifyToken
 };

package/dist/middleware/logger.js

@@ -0,0 +1,45 @@
+"use strict";
+
+/**
+ * Logging middleware for Express applications
+ */
+
+const logger = (req, res, next) => {
+  const startTime = Date.now();
+
+  // Log request with redacted sensitive information
+  try {
+    const logBody = {
+      ...req.body
+    };
+    if (logBody.password) logBody.password = "[REDACTED]";
+    if (logBody.token) logBody.token = "[REDACTED]";
+    console.log('Request:', {
+      timestamp: new Date().toISOString(),
+      method: req.method,
+      url: req.originalUrl,
+      ip: req.ip,
+      userAgent: req.get('user-agent'),
+      body: logBody,
+      query: req.query
+    });
+  } catch (error) {
+    console.error("Error logging request:", error);
+  }
+
+  // Log response with timing information
+  res.on('finish', () => {
+    const responseTime = Date.now() - startTime;
+    console.log('Response:', {
+      timestamp: new Date().toISOString(),
+      method: req.method,
+      url: req.originalUrl,
+      statusCode: res.statusCode,
+      responseTime: `${responseTime}ms`,
+      userAgent: req.get('user-agent'),
+      ip: req.ip
+    });
+  });
+  next();
+};
+module.exports = logger;

package/dist/middleware/response.js

@@ -0,0 +1,53 @@
+"use strict";
+
+const logger = require('../services/logger');
+const responseFormatter = (req, res, next) => {
+  // Add success method to response object
+  res.success = function (message = 'Success', statusCode = 200, data = null) {
+    const response = {
+      success: true,
+      message
+    };
+
+    // Only include data if it's not null
+    if (data !== null) {
+      response.data = data;
+    }
+    return this.status(statusCode).json(response);
+  };
+
+  // Add error method to response object
+  res.error = function (message = 'Error', statusCode = 500, error = null) {
+    const response = {
+      success: false,
+      message
+    };
+
+    // Only include details if they're not null
+    if (error !== null) {
+      response.error = error;
+    }
+    return this.status(statusCode).json(response);
+  };
+  next();
+};
+const responseLogger = (req, res, next) => {
+  const startTime = Date.now();
+  res.on('finish', () => {
+    const responseTime = Date.now() - startTime;
+    logger.info('API Response', {
+      method: req.method,
+      url: req.originalUrl,
+      statusCode: res.statusCode,
+      responseTime: `${responseTime}ms`,
+      userAgent: req.get('user-agent'),
+      ip: req.ip,
+      response: res.locals.responseBody || '[not captured]'
+    });
+  });
+  next();
+};
+module.exports = {
+  responseFormatter,
+  responseLogger
+};

package/dist/routes/auth.js

@@ -10,7 +10,9 @@ const {
 } = require("mongodb");
 const bcrypt = require("bcrypt");
 const {
-  generateJWTToken
+  generateJWTToken,
+  generateRefreshToken,
+  verifyRefreshToken
 } = require("../middleware/jwtToken");
 const {
   config
@@ -178,6 +180,14 @@ router.post("/login", async (req, res) => {
       }
     }
     const token = generateJWTToken(user, profile);
+    const refreshToken = generateRefreshToken(user);
+    await db.collection("users").updateOne({
+      _id: user._id
+    }, {
+      $set: {
+        refreshToken
+      }
+    });
     const {
       password: _,
       _id,
@@ -205,7 +215,8 @@ router.post("/login", async (req, res) => {
       success: true,
       message: "Login successful",
       user: mergedUser,
-      token: token
+      token,
+      refreshToken
     });
   } catch (error) {
     console.error("Error logging in:", error);
@@ -215,6 +226,66 @@ router.post("/login", async (req, res) => {
     });
   }
 });
+router.post("/refresh-token", async (req, res) => {
+  const {
+    refreshToken
+  } = req.body;
+  const projectId = req.projectId;
+  try {
+    var _decoded, _decoded2;
+    if (!refreshToken) {
+      return res.status(400).json({
+        success: false,
+        message: "Refresh token is required"
+      });
+    }
+    let decoded;
+    try {
+      decoded = verifyRefreshToken(refreshToken);
+    } catch (error) {
+      return res.status(401).json({
+        success: false,
+        message: "Invalid or expired refresh token"
+      });
+    }
+    if (!((_decoded = decoded) !== null && _decoded !== void 0 && _decoded.userId) || ((_decoded2 = decoded) === null || _decoded2 === void 0 ? void 0 : _decoded2.type) !== "refresh") {
+      return res.status(401).json({
+        success: false,
+        message: "Invalid refresh token payload"
+      });
+    }
+    const db = await getDb();
+    const user = await db.collection("users").findOne({
+      _id: new ObjectId(decoded.userId),
+      refreshToken
+    });
+    if (!user) {
+      return res.status(401).json({
+        success: false,
+        message: "Refresh token is no longer valid"
+      });
+    }
+    let profile = null;
+    if (projectId) {
+      profile = await db.collection("profiles").findOne({
+        userId: user._id,
+        projectId: projectId
+      });
+    }
+    const token = generateJWTToken(user, profile);
+    return res.status(200).json({
+      success: true,
+      message: "Token refreshed successfully",
+      token
+    });
+  } catch (error) {
+    console.error("Error refreshing token:", error);
+    return res.status(500).json({
+      success: false,
+      message: "Failed to refresh token."
+    });
+  }
+});
 
 // Forgot Password
 router.post("/forgot-password", async (req, res) => {

package/dist/routes/chat.js

@@ -22,20 +22,9 @@ router.get('/conversations', async (req, res) => {
       projectId: projectId
     }).toArray();
 
-    // Get user details for each conversation
+    // Build response for each conversation
     const conversationsWithUsers = await Promise.all(conversations.map(async conv => {
-      const otherUserId = conv.participants.find(id => id !== userId);
-      console.log('Looking for other user with ID:', otherUserId, 'type:', typeof otherUserId);
-      const otherUser = await db.collection('users').findOne({
-        _id: new ObjectId(otherUserId)
-      }, {
-        projection: {
-          fullName: 1,
-          username: 1,
-          avatar: 1
-        }
-      });
-      console.log('Found other user:', otherUser);
+      const isGroup = conv.type === 'group';
 
       // Get last message
       const lastMessage = await db.collection('messages').findOne({
@@ -54,14 +43,32 @@ router.get('/conversations', async (req, res) => {
         },
         read: false
       });
+      let displayName, avatar;
+      if (isGroup) {
+        displayName = conv.name || 'Group';
+        avatar = null; // Groups typically use icon, not user avatar
+      } else {
+        const otherUserId = conv.participants.find(p => String(p) !== String(userId));
+        const otherUser = otherUserId ? await db.collection('users').findOne({
+          _id: new ObjectId(otherUserId)
+        }, {
+          projection: {
+            fullName: 1,
+            avatar: 1
+          }
+        }) : null;
+        displayName = (otherUser === null || otherUser === void 0 ? void 0 : otherUser.fullName) || 'Unknown User';
+        avatar = otherUser === null || otherUser === void 0 ? void 0 : otherUser.avatar;
+      }
       return {
         id: conv._id.toString(),
-        name: (otherUser === null || otherUser === void 0 ? void 0 : otherUser.fullName) || 'Unknown User',
-        avatar: otherUser === null || otherUser === void 0 ? void 0 : otherUser.avatar,
+        type: isGroup ? 'group' : 'dm',
+        name: displayName,
+        avatar,
         lastMessage: (lastMessage === null || lastMessage === void 0 ? void 0 : lastMessage.content) || '',
         lastMessageTime: (lastMessage === null || lastMessage === void 0 ? void 0 : lastMessage.createdAt) || conv.createdAt,
         unreadCount,
-        isOnline: false // Simple implementation - could be enhanced later
+        isOnline: false
       };
     }));
     return res.json({
@@ -214,23 +221,84 @@ router.post('/conversations/:conversationId/messages', async (req, res) => {
   }
 });
 
-// Create a new conversation
+// Create a new conversation (DM or group)
 router.post('/conversations', async (req, res) => {
   try {
     const {
       participantId,
+      participantIds,
+      type,
+      name,
       projectId: bodyProjectId
     } = req.body;
     const userId = req.user.powrId;
     const userAccess = req.user.access;
     const projectId = bodyProjectId || req.projectId;
+    const db = await getDb();
+
+    // --- GROUP ---
+    if (type === 'group') {
+      if (!participantIds || !Array.isArray(participantIds) || participantIds.length === 0) {
+        return res.status(400).json({
+          success: false,
+          message: "participantIds (array) is required for group"
+        });
+      }
+      if (!name || typeof name !== 'string' || !name.trim()) {
+        return res.status(400).json({
+          success: false,
+          message: "name is required for group"
+        });
+      }
+
+      // Normalize participant IDs (ensure strings, dedupe, include creator)
+      const normalizedIds = [...new Set([userId, ...participantIds.map(id => String(id))])];
+
+      // Check if group with same projectId + name already exists
+      const existingGroup = await db.collection('conversations').findOne({
+        type: 'group',
+        projectId: projectId,
+        name: name.trim()
+      });
+      if (existingGroup) {
+        // Return existing if creator is a participant
+        const isParticipant = existingGroup.participants.some(p => String(p) === String(userId));
+        if (isParticipant) {
+          return res.json({
+            success: true,
+            data: {
+              id: existingGroup._id.toString(),
+              message: 'Group already exists'
+            }
+          });
+        }
+      }
+      const conversation = {
+        type: 'group',
+        participants: normalizedIds,
+        name: name.trim(),
+        projectId: projectId,
+        createdBy: userId,
+        createdAt: new Date(),
+        updatedAt: new Date()
+      };
+      const result = await db.collection('conversations').insertOne(conversation);
+      return res.status(201).json({
+        success: true,
+        data: {
+          id: result.insertedId.toString(),
+          message: 'Group created successfully'
+        }
+      });
+    }
+
+    // --- DM (default) ---
     if (!participantId) {
       return res.status(400).json({
         success: false,
-        message: "Participant ID is required"
+        message: "Participant ID is required for DM (or use type: 'group' with participantIds)"
       });
     }
-    const db = await getDb();
 
     // Check if user has permission to chat with this participant
     const participant = await db.collection('users').findOne({
@@ -250,13 +318,10 @@ router.post('/conversations', async (req, res) => {
     // Validate access permissions
     let hasPermission = false;
     if (userAccess === 100) {
-      // Admin can chat with everyone
       hasPermission = true;
     } else if (userAccess === 900) {
-      // Client can only chat with admins
       hasPermission = participant.access === 100;
     } else {
-      // Employee can chat with employees and admins
       hasPermission = participant.access === 100 || participant.access === null;
     }
     if (!hasPermission) {
@@ -268,6 +333,9 @@ router.post('/conversations', async (req, res) => {
 
     // Check if conversation already exists
     const existingConversation = await db.collection('conversations').findOne({
+      type: {
+        $ne: 'group'
+      },
       participants: {
         $all: [userId, participantId]
       },
@@ -283,6 +351,7 @@ router.post('/conversations', async (req, res) => {
       });
     }
     const conversation = {
+      type: 'dm',
       participants: [userId, participantId],
       projectId: projectId,
       createdAt: new Date(),

package/dist/services/logger.js

@@ -0,0 +1,35 @@
+"use strict";
+
+const winston = require('winston');
+const {
+  S3Transport
+} = require('../utils/s3');
+
+// Custom format for logs
+const logFormat = winston.format.combine(winston.format.timestamp(), winston.format.errors({
+  stack: true
+}), winston.format.json());
+
+// Create base transports array with console transport
+const transports = [new winston.transports.Console()];
+
+// Add S3 transport only in production
+if (process.env.NODE_ENV === 'production') {
+  transports.push(new S3Transport({
+    bucket: process.env.AWS_LOG_BUCKET_NAME,
+    prefix: 'logs',
+    bufferSize: 100,
+    flushInterval: 5000
+  }));
+}
+
+// Create the logger
+const logger = winston.createLogger({
+  level: process.env.LOG_LEVEL || 'info',
+  format: logFormat,
+  defaultMeta: {
+    service: process.env.LOG_SERVICE_NAME
+  },
+  transports
+});
+module.exports = logger;

package/dist/services/uploadToGCS.js

@@ -14,15 +14,6 @@ const storage = new Storage({
   projectId: config.projectId,
   credentials: credentials
 });
-const safeCredentials = credentials ? {
-  client_email: credentials.client_email,
-  private_key_length: credentials.private_key ? credentials.private_key.length : 0
-} : null;
-console.log('GCS Storage created:', {
-  projectId: config.projectId,
-  credentials: safeCredentials,
-  storageInstanceType: typeof storage
-});
 const bucketName = config.storageBucket;
 const bucket = storage.bucket(bucketName);
 console.log('Bucket:', bucketName);

package/dist/utils/auth.js

@@ -0,0 +1,19 @@
+"use strict";
+
+const jwt = require('jsonwebtoken');
+
+/**
+ * Generates a JWT token for a user
+ * @param {Object} user - The user object
+ * @returns {string} - The generated JWT token
+ */
+const generateToken = user => {
+  return jwt.sign({
+    userId: user.userId
+  }, process.env.JWT_SECRET, {
+    expiresIn: process.env.JWT_EXPIRES_IN || '24h'
+  });
+};
+module.exports = {
+  generateToken
+};

package/dist/utils/logger.js

@@ -0,0 +1,57 @@
+"use strict";
+
+/**
+ * Logger utility for Express applications
+ */
+
+const winston = require('winston');
+const S3Transport = require('./s3-transport');
+
+/**
+ * Creates a Winston logger instance with configured transports
+ * @param {Object} options - Logger configuration options
+ * @param {string} options.service - Service name for logging
+ * @param {string} options.level - Log level (default: 'info')
+ * @param {Object} options.s3 - S3 transport configuration
+ * @param {string} options.s3.bucket - S3 bucket name
+ * @param {string} options.s3.prefix - S3 key prefix
+ * @param {number} options.s3.bufferSize - Buffer size for S3 uploads
+ * @param {number} options.s3.flushInterval - Flush interval in milliseconds
+ * @returns {winston.Logger} Configured Winston logger instance
+ */
+const createLogger = (options = {}) => {
+  const {
+    service = 'api',
+    level = process.env.LOG_LEVEL || 'info',
+    s3 = null
+  } = options;
+
+  // Custom format for logs
+  const logFormat = winston.format.combine(winston.format.timestamp(), winston.format.errors({
+    stack: true
+  }), winston.format.json());
+
+  // Create base transports array with console transport
+  const transports = [new winston.transports.Console()];
+
+  // Add S3 transport if configured
+  if (s3 && process.env.NODE_ENV === 'production') {
+    transports.push(new S3Transport({
+      bucket: s3.bucket,
+      prefix: s3.prefix || 'logs',
+      bufferSize: s3.bufferSize || 100,
+      flushInterval: s3.flushInterval || 5000
+    }));
+  }
+
+  // Create and return the logger
+  return winston.createLogger({
+    level,
+    format: logFormat,
+    defaultMeta: {
+      service
+    },
+    transports
+  });
+};
+module.exports = createLogger;

package/dist/utils/s3-transport.js

@@ -0,0 +1,61 @@
+"use strict";
+
+/**
+ * S3 Transport for Winston logger
+ */
+
+const winston = require('winston');
+const {
+  S3Client,
+  PutObjectCommand
+} = require('@aws-sdk/client-s3');
+
+/**
+ * Custom Winston transport for logging to S3
+ */
+class S3Transport extends winston.Transport {
+  constructor(opts) {
+    super(opts);
+    this.bucket = opts.bucket;
+    this.prefix = opts.prefix || '';
+    this.buffer = [];
+    this.bufferSize = opts.bufferSize || 100;
+    this.flushInterval = opts.flushInterval || 5000;
+    this.setupFlushInterval();
+  }
+  setupFlushInterval() {
+    setInterval(() => {
+      this.flush();
+    }, this.flushInterval);
+  }
+  async flush() {
+    if (this.buffer.length === 0) return;
+    const logs = this.buffer.splice(0, this.buffer.length);
+    const date = new Date().toISOString().split('T')[0];
+    const key = `${this.prefix}/${date}/${Date.now()}.json`;
+    try {
+      const command = new PutObjectCommand({
+        Bucket: this.bucket,
+        Key: key,
+        Body: JSON.stringify(logs),
+        ContentType: 'application/json'
+      });
+      await this.s3Client.send(command);
+    } catch (error) {
+      console.error('Error flushing logs to S3:', error);
+      // Put logs back in buffer
+      this.buffer.unshift(...logs);
+    }
+  }
+  log(info, callback) {
+    setImmediate(() => {
+      this.emit('logged', info);
+    });
+    this.buffer.push(info);
+    if (this.buffer.length >= this.bufferSize) {
+      this.flush();
+    }
+    callback();
+  }
+}
+module.exports = S3Transport;

package/dist/utils/s3.js

@@ -0,0 +1,78 @@
+"use strict";
+
+const winston = require('winston');
+const {
+  S3Client,
+  PutObjectCommand
+} = require('@aws-sdk/client-s3');
+
+// Create S3 client
+const s3Client = new S3Client({
+  region: process.env.AWS_REGION,
+  credentials: {
+    accessKeyId: process.env.AWS_ACCESS_KEY_ID,
+    secretAccessKey: process.env.AWS_SECRET_ACCESS_KEY
+  }
+});
+
+/**
+ * Custom Winston transport for logging to S3
+ */
+class S3Transport extends winston.Transport {
+  constructor(opts) {
+    super(opts);
+    this.bucket = opts.bucket;
+    this.prefix = opts.prefix || '';
+    this.buffer = [];
+    this.bufferSize = opts.bufferSize || 100;
+    this.flushInterval = opts.flushInterval || 5000;
+    this.setupFlushInterval();
+  }
+  setupFlushInterval() {
+    setInterval(() => {
+      this.flush();
+    }, this.flushInterval);
+  }
+  async flush() {
+    if (this.buffer.length === 0) return;
+    const logs = this.buffer.splice(0, this.buffer.length);
+    const date = new Date().toISOString().split('T')[0];
+    const key = `${this.prefix}/${date}/${Date.now()}.json`;
+    try {
+      const command = new PutObjectCommand({
+        Bucket: this.bucket,
+        Key: key,
+        Body: JSON.stringify(logs),
+        ContentType: 'application/json'
+      });
+      await s3Client.send(command);
+    } catch (error) {
+      console.error('Failed to write logs to S3:', {
+        error: error.message,
+        code: error.code,
+        bucket: this.bucket,
+        key: key,
+        region: process.env.AWS_REGION,
+        stack: error.stack
+      });
+      // Put the logs back in the buffer
+      this.buffer.unshift(...logs);
+    }
+  }
+  log(info, callback) {
+    setImmediate(() => {
+      this.emit('logged', info);
+    });
+    this.buffer.push({
+      timestamp: new Date().toISOString(),
+      ...info
+    });
+    if (this.buffer.length >= this.bufferSize) {
+      this.flush();
+    }
+    callback();
+  }
+}
+module.exports = {
+  S3Transport
+};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "powr-sdk-api",
-  "version": "4.5.8",
+  "version": "4.7.0",
   "description": "Shared API core library for PowrStack projects. Zero dependencies - works with Express, Next.js API routes, and other frameworks. All features are optional and install only what you need.",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",