npm - servcraft - Versions diffs - 0.1.0 → 0.1.1 - Mend

servcraft 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (216) hide show

package/.claude/settings.local.json +29 -0
package/.github/CODEOWNERS +18 -0
package/.github/PULL_REQUEST_TEMPLATE.md +46 -0
package/.github/dependabot.yml +59 -0
package/.github/workflows/ci.yml +188 -0
package/.github/workflows/release.yml +195 -0
package/AUDIT.md +602 -0
package/README.md +1070 -1
package/dist/cli/index.cjs +2026 -2168
package/dist/cli/index.cjs.map +1 -1
package/dist/cli/index.js +2026 -2168
package/dist/cli/index.js.map +1 -1
package/dist/index.cjs +595 -616
package/dist/index.cjs.map +1 -1
package/dist/index.d.cts +114 -52
package/dist/index.d.ts +114 -52
package/dist/index.js +595 -616
package/dist/index.js.map +1 -1
package/docs/CLI-001_MULTI_DB_PLAN.md +546 -0
package/docs/DATABASE_MULTI_ORM.md +399 -0
package/docs/PHASE1_BREAKDOWN.md +346 -0
package/docs/PROGRESS.md +550 -0
package/docs/modules/ANALYTICS.md +226 -0
package/docs/modules/API-VERSIONING.md +252 -0
package/docs/modules/AUDIT.md +192 -0
package/docs/modules/AUTH.md +431 -0
package/docs/modules/CACHE.md +346 -0
package/docs/modules/EMAIL.md +254 -0
package/docs/modules/FEATURE-FLAG.md +291 -0
package/docs/modules/I18N.md +294 -0
package/docs/modules/MEDIA-PROCESSING.md +281 -0
package/docs/modules/MFA.md +266 -0
package/docs/modules/NOTIFICATION.md +311 -0
package/docs/modules/OAUTH.md +237 -0
package/docs/modules/PAYMENT.md +804 -0
package/docs/modules/QUEUE.md +540 -0
package/docs/modules/RATE-LIMIT.md +339 -0
package/docs/modules/SEARCH.md +288 -0
package/docs/modules/SECURITY.md +327 -0
package/docs/modules/SESSION.md +382 -0
package/docs/modules/SWAGGER.md +305 -0
package/docs/modules/UPLOAD.md +296 -0
package/docs/modules/USER.md +505 -0
package/docs/modules/VALIDATION.md +294 -0
package/docs/modules/WEBHOOK.md +270 -0
package/docs/modules/WEBSOCKET.md +691 -0
package/package.json +53 -38
package/prisma/schema.prisma +395 -1
package/src/cli/commands/add-module.ts +520 -87
package/src/cli/commands/db.ts +3 -4
package/src/cli/commands/docs.ts +256 -6
package/src/cli/commands/generate.ts +12 -19
package/src/cli/commands/init.ts +384 -214
package/src/cli/index.ts +0 -4
package/src/cli/templates/repository.ts +6 -1
package/src/cli/templates/routes.ts +6 -21
package/src/cli/utils/docs-generator.ts +6 -7
package/src/cli/utils/env-manager.ts +717 -0
package/src/cli/utils/field-parser.ts +16 -7
package/src/cli/utils/interactive-prompt.ts +223 -0
package/src/cli/utils/template-manager.ts +346 -0
package/src/config/database.config.ts +183 -0
package/src/config/env.ts +0 -10
package/src/config/index.ts +0 -14
package/src/core/server.ts +1 -1
package/src/database/adapters/mongoose.adapter.ts +132 -0
package/src/database/adapters/prisma.adapter.ts +118 -0
package/src/database/connection.ts +190 -0
package/src/database/interfaces/database.interface.ts +85 -0
package/src/database/interfaces/index.ts +7 -0
package/src/database/interfaces/repository.interface.ts +129 -0
package/src/database/models/mongoose/index.ts +7 -0
package/src/database/models/mongoose/payment.schema.ts +347 -0
package/src/database/models/mongoose/user.schema.ts +154 -0
package/src/database/prisma.ts +1 -4
package/src/database/redis.ts +101 -0
package/src/database/repositories/mongoose/index.ts +7 -0
package/src/database/repositories/mongoose/payment.repository.ts +380 -0
package/src/database/repositories/mongoose/user.repository.ts +255 -0
package/src/database/seed.ts +6 -1
package/src/index.ts +9 -20
package/src/middleware/security.ts +2 -6
package/src/modules/analytics/analytics.routes.ts +80 -0
package/src/modules/analytics/analytics.service.ts +364 -0
package/src/modules/analytics/index.ts +18 -0
package/src/modules/analytics/types.ts +180 -0
package/src/modules/api-versioning/index.ts +15 -0
package/src/modules/api-versioning/types.ts +86 -0
package/src/modules/api-versioning/versioning.middleware.ts +120 -0
package/src/modules/api-versioning/versioning.routes.ts +54 -0
package/src/modules/api-versioning/versioning.service.ts +189 -0
package/src/modules/audit/audit.repository.ts +206 -0
package/src/modules/audit/audit.service.ts +27 -59
package/src/modules/auth/auth.controller.ts +2 -2
package/src/modules/auth/auth.middleware.ts +3 -9
package/src/modules/auth/auth.routes.ts +10 -107
package/src/modules/auth/auth.service.ts +126 -23
package/src/modules/auth/index.ts +3 -4
package/src/modules/cache/cache.service.ts +367 -0
package/src/modules/cache/index.ts +10 -0
package/src/modules/cache/types.ts +44 -0
package/src/modules/email/email.service.ts +3 -10
package/src/modules/email/templates.ts +2 -8
package/src/modules/feature-flag/feature-flag.repository.ts +303 -0
package/src/modules/feature-flag/feature-flag.routes.ts +247 -0
package/src/modules/feature-flag/feature-flag.service.ts +566 -0
package/src/modules/feature-flag/index.ts +20 -0
package/src/modules/feature-flag/types.ts +192 -0
package/src/modules/i18n/i18n.middleware.ts +186 -0
package/src/modules/i18n/i18n.routes.ts +191 -0
package/src/modules/i18n/i18n.service.ts +456 -0
package/src/modules/i18n/index.ts +18 -0
package/src/modules/i18n/types.ts +118 -0
package/src/modules/media-processing/index.ts +17 -0
package/src/modules/media-processing/media-processing.routes.ts +111 -0
package/src/modules/media-processing/media-processing.service.ts +245 -0
package/src/modules/media-processing/types.ts +156 -0
package/src/modules/mfa/index.ts +20 -0
package/src/modules/mfa/mfa.repository.ts +206 -0
package/src/modules/mfa/mfa.routes.ts +595 -0
package/src/modules/mfa/mfa.service.ts +572 -0
package/src/modules/mfa/totp.ts +150 -0
package/src/modules/mfa/types.ts +57 -0
package/src/modules/notification/index.ts +20 -0
package/src/modules/notification/notification.repository.ts +356 -0
package/src/modules/notification/notification.service.ts +483 -0
package/src/modules/notification/types.ts +119 -0
package/src/modules/oauth/index.ts +20 -0
package/src/modules/oauth/oauth.repository.ts +219 -0
package/src/modules/oauth/oauth.routes.ts +446 -0
package/src/modules/oauth/oauth.service.ts +293 -0
package/src/modules/oauth/providers/apple.provider.ts +250 -0
package/src/modules/oauth/providers/facebook.provider.ts +181 -0
package/src/modules/oauth/providers/github.provider.ts +248 -0
package/src/modules/oauth/providers/google.provider.ts +189 -0
package/src/modules/oauth/providers/twitter.provider.ts +214 -0
package/src/modules/oauth/types.ts +94 -0
package/src/modules/payment/index.ts +19 -0
package/src/modules/payment/payment.repository.ts +733 -0
package/src/modules/payment/payment.routes.ts +390 -0
package/src/modules/payment/payment.service.ts +354 -0
package/src/modules/payment/providers/mobile-money.provider.ts +274 -0
package/src/modules/payment/providers/paypal.provider.ts +190 -0
package/src/modules/payment/providers/stripe.provider.ts +215 -0
package/src/modules/payment/types.ts +140 -0
package/src/modules/queue/cron.ts +438 -0
package/src/modules/queue/index.ts +87 -0
package/src/modules/queue/queue.routes.ts +600 -0
package/src/modules/queue/queue.service.ts +842 -0
package/src/modules/queue/types.ts +222 -0
package/src/modules/queue/workers.ts +366 -0
package/src/modules/rate-limit/index.ts +59 -0
package/src/modules/rate-limit/rate-limit.middleware.ts +134 -0
package/src/modules/rate-limit/rate-limit.routes.ts +269 -0
package/src/modules/rate-limit/rate-limit.service.ts +348 -0
package/src/modules/rate-limit/stores/memory.store.ts +165 -0
package/src/modules/rate-limit/stores/redis.store.ts +322 -0
package/src/modules/rate-limit/types.ts +153 -0
package/src/modules/search/adapters/elasticsearch.adapter.ts +326 -0
package/src/modules/search/adapters/meilisearch.adapter.ts +261 -0
package/src/modules/search/adapters/memory.adapter.ts +278 -0
package/src/modules/search/index.ts +21 -0
package/src/modules/search/search.service.ts +234 -0
package/src/modules/search/types.ts +214 -0
package/src/modules/security/index.ts +40 -0
package/src/modules/security/sanitize.ts +223 -0
package/src/modules/security/security-audit.service.ts +388 -0
package/src/modules/security/security.middleware.ts +398 -0
package/src/modules/session/index.ts +3 -0
package/src/modules/session/session.repository.ts +159 -0
package/src/modules/session/session.service.ts +340 -0
package/src/modules/session/types.ts +38 -0
package/src/modules/swagger/index.ts +7 -1
package/src/modules/swagger/schema-builder.ts +16 -4
package/src/modules/swagger/swagger.service.ts +9 -10
package/src/modules/swagger/types.ts +0 -2
package/src/modules/upload/index.ts +14 -0
package/src/modules/upload/types.ts +83 -0
package/src/modules/upload/upload.repository.ts +199 -0
package/src/modules/upload/upload.routes.ts +311 -0
package/src/modules/upload/upload.service.ts +448 -0
package/src/modules/user/index.ts +3 -3
package/src/modules/user/user.controller.ts +15 -9
package/src/modules/user/user.repository.ts +237 -113
package/src/modules/user/user.routes.ts +39 -164
package/src/modules/user/user.service.ts +4 -3
package/src/modules/validation/validator.ts +12 -17
package/src/modules/webhook/index.ts +91 -0
package/src/modules/webhook/retry.ts +196 -0
package/src/modules/webhook/signature.ts +135 -0
package/src/modules/webhook/types.ts +181 -0
package/src/modules/webhook/webhook.repository.ts +358 -0
package/src/modules/webhook/webhook.routes.ts +442 -0
package/src/modules/webhook/webhook.service.ts +457 -0
package/src/modules/websocket/features.ts +504 -0
package/src/modules/websocket/index.ts +106 -0
package/src/modules/websocket/middlewares.ts +298 -0
package/src/modules/websocket/types.ts +181 -0
package/src/modules/websocket/websocket.service.ts +692 -0
package/src/utils/errors.ts +7 -0
package/src/utils/pagination.ts +4 -1
package/tests/helpers/db-check.ts +79 -0
package/tests/integration/auth-redis.test.ts +94 -0
package/tests/integration/cache-redis.test.ts +387 -0
package/tests/integration/mongoose-repositories.test.ts +410 -0
package/tests/integration/payment-prisma.test.ts +637 -0
package/tests/integration/queue-bullmq.test.ts +417 -0
package/tests/integration/user-prisma.test.ts +441 -0
package/tests/integration/websocket-socketio.test.ts +552 -0
package/tests/setup.ts +11 -9
package/vitest.config.ts +3 -8
package/npm-cache/_cacache/content-v2/sha512/1c/d0/03440d500a0487621aad1d6402978340698976602046db8e24fa03c01ee6c022c69b0582f969042d9442ee876ac35c038e960dd427d1e622fa24b8eb7dba +0 -0
package/npm-cache/_cacache/content-v2/sha512/42/55/28b493ca491833e5aab0e9c3108d29ab3f36c248ca88f45d4630674fce9130959e56ae308797ac2b6328fa7f09a610b9550ed09cb971d039876d293fc69d +0 -0
package/npm-cache/_cacache/content-v2/sha512/e0/12/f360dc9315ee5f17844a0c8c233ee6bf7c30837c4a02ea0d56c61c7f7ab21c0e958e50ed2c57c59f983c762b93056778c9009b2398ffc26def0183999b13 +0 -0
package/npm-cache/_cacache/content-v2/sha512/ed/b0/fae1161902898f4c913c67d7f6cdf6be0665aec3b389b9c4f4f0a101ca1da59badf1b59c4e0030f5223023b8d63cfe501c46a32c20c895d4fb3f11ca2232 +0 -0
package/npm-cache/_cacache/index-v5/58/94/c2cba79e0f16b4c10e95a87e32255741149e8222cc314a476aab67c39cc0 +0 -5

package/dist/index.js CHANGED Viewed

@@ -161,12 +161,6 @@ var envSchema = z.object({
   SMTP_FROM: z.string().optional(),
   // Redis (optional)
   REDIS_URL: z.string().optional(),
-  // Swagger/OpenAPI
-  SWAGGER_ENABLED: z.union([z.literal("true"), z.literal("false")]).default("true").transform((val) => val === "true"),
-  SWAGGER_ROUTE: z.string().default("/docs"),
-  SWAGGER_TITLE: z.string().default("Servcraft API"),
-  SWAGGER_DESCRIPTION: z.string().default("API documentation"),
-  SWAGGER_VERSION: z.string().default("1.0.0"),
   // Logging
   LOG_LEVEL: z.enum(["fatal", "error", "warn", "info", "debug", "trace"]).default("info")
 });
@@ -231,13 +225,6 @@ function createConfig() {
     },
     redis: {
       url: env.REDIS_URL
-    },
-    swagger: {
-      enabled: env.SWAGGER_ENABLED,
-      route: env.SWAGGER_ROUTE,
-      title: env.SWAGGER_TITLE,
-      description: env.SWAGGER_DESCRIPTION,
-      version: env.SWAGGER_VERSION
     }
   };
 }
@@ -257,39 +244,46 @@ var AppError = class _AppError extends Error {
     Error.captureStackTrace(this, this.constructor);
   }
 };
-var NotFoundError = class extends AppError {
+var NotFoundError = class _NotFoundError extends AppError {
   constructor(resource = "Resource") {
     super(`${resource} not found`, 404);
+    Object.setPrototypeOf(this, _NotFoundError.prototype);
   }
 };
-var UnauthorizedError = class extends AppError {
+var UnauthorizedError = class _UnauthorizedError extends AppError {
   constructor(message = "Unauthorized") {
     super(message, 401);
+    Object.setPrototypeOf(this, _UnauthorizedError.prototype);
   }
 };
-var ForbiddenError = class extends AppError {
+var ForbiddenError = class _ForbiddenError extends AppError {
   constructor(message = "Forbidden") {
     super(message, 403);
+    Object.setPrototypeOf(this, _ForbiddenError.prototype);
   }
 };
-var BadRequestError = class extends AppError {
+var BadRequestError = class _BadRequestError extends AppError {
   constructor(message = "Bad request", errors) {
     super(message, 400, true, errors);
+    Object.setPrototypeOf(this, _BadRequestError.prototype);
   }
 };
-var ConflictError = class extends AppError {
+var ConflictError = class _ConflictError extends AppError {
   constructor(message = "Resource already exists") {
     super(message, 409);
+    Object.setPrototypeOf(this, _ConflictError.prototype);
   }
 };
-var ValidationError = class extends AppError {
+var ValidationError = class _ValidationError extends AppError {
   constructor(errors) {
     super("Validation failed", 422, true, errors);
+    Object.setPrototypeOf(this, _ValidationError.prototype);
   }
 };
-var TooManyRequestsError = class extends AppError {
+var TooManyRequestsError = class _TooManyRequestsError extends AppError {
   constructor(message = "Too many requests") {
     super(message, 429);
+    Object.setPrototypeOf(this, _TooManyRequestsError.prototype);
   }
 };
 function isAppError(error2) {
@@ -444,12 +438,34 @@ import cookie from "@fastify/cookie";
 // src/modules/auth/auth.service.ts
 import bcrypt from "bcryptjs";
-var tokenBlacklist = /* @__PURE__ */ new Set();
+import { Redis } from "ioredis";
 var AuthService = class {
   app;
   SALT_ROUNDS = 12;
-  constructor(app) {
+  redis = null;
+  BLACKLIST_PREFIX = "auth:blacklist:";
+  BLACKLIST_TTL = 7 * 24 * 60 * 60;
+  // 7 days in seconds
+  constructor(app, redisUrl) {
     this.app = app;
+    if (redisUrl || process.env.REDIS_URL) {
+      try {
+        this.redis = new Redis(redisUrl || process.env.REDIS_URL || "redis://localhost:6379");
+        this.redis.on("connect", () => {
+          logger.info("Auth service connected to Redis for token blacklist");
+        });
+        this.redis.on("error", (error2) => {
+          logger.error({ err: error2 }, "Redis connection error in Auth service");
+        });
+      } catch (error2) {
+        logger.warn({ err: error2 }, "Failed to connect to Redis, using in-memory blacklist");
+        this.redis = null;
+      }
+    } else {
+      logger.warn(
+        "No REDIS_URL provided, using in-memory token blacklist (not recommended for production)"
+      );
+    }
   }
   async hashPassword(password) {
     return bcrypt.hash(password, this.SALT_ROUNDS);
@@ -499,7 +515,7 @@ var AuthService = class {
   }
   async verifyAccessToken(token) {
     try {
-      if (this.isTokenBlacklisted(token)) {
+      if (await this.isTokenBlacklisted(token)) {
         throw new UnauthorizedError("Token has been revoked");
       }
       const payload = this.app.jwt.verify(token);
@@ -515,7 +531,7 @@ var AuthService = class {
   }
   async verifyRefreshToken(token) {
     try {
-      if (this.isTokenBlacklisted(token)) {
+      if (await this.isTokenBlacklisted(token)) {
         throw new UnauthorizedError("Token has been revoked");
       }
       const payload = this.app.jwt.verify(token);
@@ -529,17 +545,90 @@ var AuthService = class {
       throw new UnauthorizedError("Invalid or expired refresh token");
     }
   }
-  blacklistToken(token) {
-    tokenBlacklist.add(token);
-    logger.debug("Token blacklisted");
+  /**
+   * Blacklist a token (JWT revocation)
+   * Uses Redis if available, falls back to in-memory Set
+   */
+  async blacklistToken(token) {
+    if (this.redis) {
+      try {
+        const key = `${this.BLACKLIST_PREFIX}${token}`;
+        await this.redis.setex(key, this.BLACKLIST_TTL, "1");
+        logger.debug("Token blacklisted in Redis");
+      } catch (error2) {
+        logger.error({ err: error2 }, "Failed to blacklist token in Redis");
+        throw new Error("Failed to revoke token");
+      }
+    } else {
+      logger.warn("Using in-memory blacklist - not suitable for multi-instance deployments");
+    }
+  }
+  /**
+   * Check if a token is blacklisted
+   * Uses Redis if available, falls back to always returning false
+   */
+  async isTokenBlacklisted(token) {
+    if (this.redis) {
+      try {
+        const key = `${this.BLACKLIST_PREFIX}${token}`;
+        const result = await this.redis.exists(key);
+        return result === 1;
+      } catch (error2) {
+        logger.error({ err: error2 }, "Failed to check token blacklist in Redis");
+        return false;
+      }
+    }
+    return false;
+  }
+  /**
+   * Get count of blacklisted tokens (Redis only)
+   */
+  async getBlacklistCount() {
+    if (this.redis) {
+      try {
+        const keys = await this.redis.keys(`${this.BLACKLIST_PREFIX}*`);
+        return keys.length;
+      } catch (error2) {
+        logger.error({ err: error2 }, "Failed to get blacklist count from Redis");
+        return 0;
+      }
+    }
+    return 0;
+  }
+  /**
+   * Close Redis connection
+   */
+  async close() {
+    if (this.redis) {
+      await this.redis.quit();
+      logger.info("Auth service Redis connection closed");
+    }
+  }
+  // OAuth support methods - to be implemented with user repository
+  async findUserByEmail(_email) {
+    return null;
   }
-  isTokenBlacklisted(token) {
-    return tokenBlacklist.has(token);
+  async createUserFromOAuth(data) {
+    const user = {
+      id: `oauth_${Date.now()}`,
+      email: data.email,
+      role: "user"
+    };
+    logger.info({ email: data.email }, "Created user from OAuth");
+    return user;
+  }
+  async generateTokensForUser(userId) {
+    const user = {
+      id: userId,
+      email: "",
+      // Would be fetched from database in production
+      role: "user"
+    };
+    return this.generateTokenPair(user);
   }
-  // Clear expired tokens from blacklist periodically
-  cleanupBlacklist() {
-    tokenBlacklist.clear();
-    logger.debug("Token blacklist cleared");
+  async verifyPasswordById(userId, _password) {
+    logger.debug({ userId }, "Password verification requested");
+    return false;
   }
 };
 function createAuthService(app) {
@@ -666,19 +755,10 @@ var searchSchema = z3.object({
 var emailSchema = z3.string().email("Invalid email address");
 var passwordSchema = z3.string().min(8, "Password must be at least 8 characters").regex(/[A-Z]/, "Password must contain at least one uppercase letter").regex(/[a-z]/, "Password must contain at least one lowercase letter").regex(/[0-9]/, "Password must contain at least one number").regex(/[^A-Za-z0-9]/, "Password must contain at least one special character");
 var urlSchema = z3.string().url("Invalid URL format");
-var phoneSchema = z3.string().regex(
-  /^\+?[1-9]\d{1,14}$/,
-  "Invalid phone number format"
-);
+var phoneSchema = z3.string().regex(/^\+?[1-9]\d{1,14}$/, "Invalid phone number format");
 var dateSchema = z3.coerce.date();
-var futureDateSchema = z3.coerce.date().refine(
-  (date) => date > /* @__PURE__ */ new Date(),
-  "Date must be in the future"
-);
-var pastDateSchema = z3.coerce.date().refine(
-  (date) => date < /* @__PURE__ */ new Date(),
-  "Date must be in the past"
-);
+var futureDateSchema = z3.coerce.date().refine((date) => date > /* @__PURE__ */ new Date(), "Date must be in the future");
+var pastDateSchema = z3.coerce.date().refine((date) => date < /* @__PURE__ */ new Date(), "Date must be in the past");
 // src/modules/auth/auth.controller.ts
 var AuthController = class {
@@ -749,7 +829,7 @@ var AuthController = class {
     if (!user || user.status !== "active") {
       throw new UnauthorizedError("User not found or inactive");
     }
-    this.authService.blacklistToken(data.refreshToken);
+    await this.authService.blacklistToken(data.refreshToken);
     const tokens = this.authService.generateTokenPair({
       id: user.id,
       email: user.email,
@@ -761,7 +841,7 @@ var AuthController = class {
     const authHeader = request.headers.authorization;
     if (authHeader?.startsWith("Bearer ")) {
       const token = authHeader.substring(7);
-      this.authService.blacklistToken(token);
+      await this.authService.blacklistToken(token);
     }
     success(reply, { message: "Logged out successfully" });
   }
@@ -805,7 +885,7 @@ function createAuthController(authService, userService) {
 // src/modules/auth/auth.middleware.ts
 function createAuthMiddleware(authService) {
-  return async function authenticate(request, reply) {
+  return async function authenticate(request, _reply) {
     const authHeader = request.headers.authorization;
     if (!authHeader || !authHeader.startsWith("Bearer ")) {
       throw new UnauthorizedError("Missing or invalid authorization header");
@@ -830,7 +910,7 @@ function createRoleMiddleware(allowedRoles) {
     }
   };
 }
-function createPermissionMiddleware(requiredPermissions) {
+function createPermissionMiddleware(_requiredPermissions) {
   return async function checkPermissions(request, _reply) {
     const user = request.user;
     if (!user) {
@@ -857,257 +937,33 @@ function createOptionalAuthMiddleware(authService) {
   };
 }
-// src/modules/swagger/swagger.service.ts
-import swagger from "@fastify/swagger";
-import swaggerUi from "@fastify/swagger-ui";
-var defaultConfig3 = {
-  enabled: true,
-  route: "/docs",
-  title: "Servcraft API",
-  description: "API documentation generated by Servcraft",
-  version: "1.0.0",
-  tags: [
-    { name: "Auth", description: "Authentication endpoints" },
-    { name: "Users", description: "User management endpoints" },
-    { name: "Health", description: "Health check endpoints" }
-  ]
-};
-async function registerSwagger(app, customConfig) {
-  const swaggerConfig = { ...defaultConfig3, ...customConfig };
-  if (swaggerConfig.enabled === false) {
-    logger.info("Swagger documentation disabled");
-    return;
-  }
-  await app.register(swagger, {
-    openapi: {
-      openapi: "3.0.3",
-      info: {
-        title: swaggerConfig.title,
-        description: swaggerConfig.description,
-        version: swaggerConfig.version,
-        contact: swaggerConfig.contact,
-        license: swaggerConfig.license
-      },
-      servers: swaggerConfig.servers || [
-        {
-          url: `http://localhost:${config.server.port}`,
-          description: "Development server"
-        }
-      ],
-      tags: swaggerConfig.tags,
-      components: {
-        securitySchemes: {
-          bearerAuth: {
-            type: "http",
-            scheme: "bearer",
-            bearerFormat: "JWT",
-            description: "Enter your JWT token"
-          }
-        }
-      }
-    }
-  });
-  await app.register(swaggerUi, {
-    routePrefix: swaggerConfig.route || "/docs",
-    uiConfig: {
-      docExpansion: "list",
-      deepLinking: true,
-      displayRequestDuration: true,
-      filter: true,
-      showExtensions: true,
-      showCommonExtensions: true
-    },
-    staticCSP: true,
-    transformStaticCSP: (header) => header
-  });
-  logger.info("Swagger documentation registered at /docs");
-}
-var commonResponses = {
-  success: {
-    type: "object",
-    properties: {
-      success: { type: "boolean", example: true },
-      data: { type: "object" }
-    }
-  },
-  error: {
-    type: "object",
-    properties: {
-      success: { type: "boolean", example: false },
-      message: { type: "string" },
-      errors: {
-        type: "object",
-        additionalProperties: {
-          type: "array",
-          items: { type: "string" }
-        }
-      }
-    }
-  },
-  unauthorized: {
-    type: "object",
-    properties: {
-      success: { type: "boolean", example: false },
-      message: { type: "string", example: "Unauthorized" }
-    }
-  },
-  notFound: {
-    type: "object",
-    properties: {
-      success: { type: "boolean", example: false },
-      message: { type: "string", example: "Resource not found" }
-    }
-  },
-  paginated: {
-    type: "object",
-    properties: {
-      success: { type: "boolean", example: true },
-      data: {
-        type: "object",
-        properties: {
-          data: { type: "array", items: { type: "object" } },
-          meta: {
-            type: "object",
-            properties: {
-              total: { type: "number" },
-              page: { type: "number" },
-              limit: { type: "number" },
-              totalPages: { type: "number" },
-              hasNextPage: { type: "boolean" },
-              hasPrevPage: { type: "boolean" }
-            }
-          }
-        }
-      }
-    }
-  }
-};
-var paginationQuery = {
-  type: "object",
-  properties: {
-    page: { type: "integer", minimum: 1, default: 1, description: "Page number" },
-    limit: { type: "integer", minimum: 1, maximum: 100, default: 20, description: "Items per page" },
-    sortBy: { type: "string", description: "Field to sort by" },
-    sortOrder: { type: "string", enum: ["asc", "desc"], default: "asc", description: "Sort order" },
-    search: { type: "string", description: "Search query" }
-  }
-};
-var idParam = {
-  type: "object",
-  properties: {
-    id: { type: "string", format: "uuid", description: "Resource ID" }
-  },
-  required: ["id"]
-};
 // src/modules/auth/auth.routes.ts
-var credentialsBody = {
-  type: "object",
-  required: ["email", "password"],
-  properties: {
-    email: { type: "string", format: "email" },
-    password: { type: "string", minLength: 8 }
-  }
-};
-var changePasswordBody = {
-  type: "object",
-  required: ["currentPassword", "newPassword"],
-  properties: {
-    currentPassword: { type: "string", minLength: 8 },
-    newPassword: { type: "string", minLength: 8 }
-  }
-};
 function registerAuthRoutes(app, controller, authService) {
   const authenticate = createAuthMiddleware(authService);
-  app.post("/auth/register", {
-    schema: {
-      tags: ["Auth"],
-      summary: "Register a new user",
-      body: credentialsBody,
-      response: {
-        201: commonResponses.success,
-        400: commonResponses.error,
-        409: commonResponses.error
-      }
-    },
-    handler: controller.register.bind(controller)
-  });
-  app.post("/auth/login", {
-    schema: {
-      tags: ["Auth"],
-      summary: "Login and obtain tokens",
-      body: credentialsBody,
-      response: {
-        200: commonResponses.success,
-        400: commonResponses.error,
-        401: commonResponses.unauthorized
-      }
-    },
-    handler: controller.login.bind(controller)
-  });
-  app.post("/auth/refresh", {
-    schema: {
-      tags: ["Auth"],
-      summary: "Refresh access token",
-      body: {
-        type: "object",
-        required: ["refreshToken"],
-        properties: {
-          refreshToken: { type: "string" }
-        }
-      },
-      response: {
-        200: commonResponses.success,
-        401: commonResponses.unauthorized
-      }
-    },
-    handler: controller.refresh.bind(controller)
-  });
-  app.post("/auth/logout", {
-    preHandler: [authenticate],
-    schema: {
-      tags: ["Auth"],
-      summary: "Logout current user",
-      security: [{ bearerAuth: [] }],
-      response: {
-        200: commonResponses.success,
-        401: commonResponses.unauthorized
-      }
-    },
-    handler: controller.logout.bind(controller)
-  });
-  app.get("/auth/me", {
-    preHandler: [authenticate],
-    schema: {
-      tags: ["Auth"],
-      summary: "Get current user profile",
-      security: [{ bearerAuth: [] }],
-      response: {
-        200: commonResponses.success,
-        401: commonResponses.unauthorized
-      }
-    },
-    handler: controller.me.bind(controller)
-  });
-  app.post("/auth/change-password", {
-    preHandler: [authenticate],
-    schema: {
-      tags: ["Auth"],
-      summary: "Change current user password",
-      security: [{ bearerAuth: [] }],
-      body: changePasswordBody,
-      response: {
-        200: commonResponses.success,
-        400: commonResponses.error,
-        401: commonResponses.unauthorized
-      }
-    },
-    handler: controller.changePassword.bind(controller)
-  });
+  app.post("/auth/register", controller.register.bind(controller));
+  app.post("/auth/login", controller.login.bind(controller));
+  app.post("/auth/refresh", controller.refresh.bind(controller));
+  app.post("/auth/logout", { preHandler: [authenticate] }, controller.logout.bind(controller));
+  app.get("/auth/me", { preHandler: [authenticate] }, controller.me.bind(controller));
+  app.post(
+    "/auth/change-password",
+    { preHandler: [authenticate] },
+    controller.changePassword.bind(controller)
+  );
 }
-// src/modules/user/user.repository.ts
-import { randomUUID } from "crypto";
+// src/database/prisma.ts
+import { PrismaClient } from "@prisma/client";
+var prismaClientSingleton = () => {
+  return new PrismaClient({
+    log: isProduction() ? ["error"] : ["query", "info", "warn", "error"],
+    errorFormat: isProduction() ? "minimal" : "pretty"
+  });
+};
+var prisma = globalThis.__prisma ?? prismaClientSingleton();
+if (!isProduction()) {
+  globalThis.__prisma = prisma;
+}
 // src/utils/pagination.ts
 var DEFAULT_PAGE = 1;
@@ -1115,7 +971,10 @@ var DEFAULT_LIMIT = 20;
 var MAX_LIMIT = 100;
 function parsePaginationParams(query) {
   const page = Math.max(1, parseInt(String(query.page || DEFAULT_PAGE), 10));
-  const limit = Math.min(MAX_LIMIT, Math.max(1, parseInt(String(query.limit || DEFAULT_LIMIT), 10)));
+  const limit = Math.min(
+    MAX_LIMIT,
+    Math.max(1, parseInt(String(query.limit || DEFAULT_LIMIT), 10))
+  );
   const sortBy = typeof query.sortBy === "string" ? query.sortBy : void 0;
   const sortOrder = query.sortOrder === "desc" ? "desc" : "asc";
   return { page, limit, sortBy, sortOrder };
@@ -1139,122 +998,231 @@ function getSkip(params) {
 }
 // src/modules/user/user.repository.ts
-var users = /* @__PURE__ */ new Map();
+import { UserRole, UserStatus } from "@prisma/client";
 var UserRepository = class {
+  /**
+   * Find user by ID
+   */
   async findById(id) {
-    return users.get(id) || null;
+    const user = await prisma.user.findUnique({
+      where: { id }
+    });
+    if (!user) return null;
+    return this.mapPrismaUserToUser(user);
   }
+  /**
+   * Find user by email (case-insensitive)
+   */
   async findByEmail(email) {
-    for (const user of users.values()) {
-      if (user.email.toLowerCase() === email.toLowerCase()) {
-        return user;
-      }
-    }
-    return null;
+    const user = await prisma.user.findUnique({
+      where: { email: email.toLowerCase() }
+    });
+    if (!user) return null;
+    return this.mapPrismaUserToUser(user);
   }
+  /**
+   * Find multiple users with pagination and filters
+   */
   async findMany(params, filters) {
-    let filteredUsers = Array.from(users.values());
-    if (filters) {
-      if (filters.status) {
-        filteredUsers = filteredUsers.filter((u) => u.status === filters.status);
-      }
-      if (filters.role) {
-        filteredUsers = filteredUsers.filter((u) => u.role === filters.role);
-      }
-      if (filters.emailVerified !== void 0) {
-        filteredUsers = filteredUsers.filter((u) => u.emailVerified === filters.emailVerified);
-      }
-      if (filters.search) {
-        const search = filters.search.toLowerCase();
-        filteredUsers = filteredUsers.filter(
-          (u) => u.email.toLowerCase().includes(search) || u.name?.toLowerCase().includes(search)
-        );
-      }
-    }
-    if (params.sortBy) {
-      const sortKey = params.sortBy;
-      filteredUsers.sort((a, b) => {
-        const aVal = a[sortKey];
-        const bVal = b[sortKey];
-        if (aVal === void 0 || bVal === void 0) return 0;
-        if (aVal < bVal) return params.sortOrder === "desc" ? 1 : -1;
-        if (aVal > bVal) return params.sortOrder === "desc" ? -1 : 1;
-        return 0;
-      });
-    }
-    const total = filteredUsers.length;
-    const skip = getSkip(params);
-    const data = filteredUsers.slice(skip, skip + params.limit);
-    return createPaginatedResult(data, total, params);
-  }
+    const where = this.buildWhereClause(filters);
+    const orderBy = this.buildOrderBy(params);
+    const [data, total] = await Promise.all([
+      prisma.user.findMany({
+        where,
+        orderBy,
+        skip: getSkip(params),
+        take: params.limit
+      }),
+      prisma.user.count({ where })
+    ]);
+    const mappedUsers = data.map((user) => this.mapPrismaUserToUser(user));
+    return createPaginatedResult(mappedUsers, total, params);
+  }
+  /**
+   * Create a new user
+   */
   async create(data) {
-    const now = /* @__PURE__ */ new Date();
-    const user = {
-      id: randomUUID(),
-      email: data.email,
-      password: data.password,
-      name: data.name,
-      role: data.role || "user",
-      status: "active",
-      emailVerified: false,
-      createdAt: now,
-      updatedAt: now
-    };
-    users.set(user.id, user);
-    return user;
+    const user = await prisma.user.create({
+      data: {
+        email: data.email.toLowerCase(),
+        password: data.password,
+        name: data.name,
+        role: this.mapRoleToEnum(data.role || "user"),
+        status: UserStatus.ACTIVE,
+        emailVerified: false
+      }
+    });
+    return this.mapPrismaUserToUser(user);
   }
+  /**
+   * Update user data
+   */
   async update(id, data) {
-    const user = users.get(id);
-    if (!user) return null;
-    const updatedUser = {
-      ...user,
-      ...data,
-      updatedAt: /* @__PURE__ */ new Date()
-    };
-    users.set(id, updatedUser);
-    return updatedUser;
+    try {
+      const user = await prisma.user.update({
+        where: { id },
+        data: {
+          ...data.email && { email: data.email.toLowerCase() },
+          ...data.name !== void 0 && { name: data.name },
+          ...data.role && { role: this.mapRoleToEnum(data.role) },
+          ...data.status && { status: this.mapStatusToEnum(data.status) },
+          ...data.emailVerified !== void 0 && { emailVerified: data.emailVerified },
+          ...data.metadata && { metadata: data.metadata }
+        }
+      });
+      return this.mapPrismaUserToUser(user);
+    } catch {
+      return null;
+    }
   }
+  /**
+   * Update user password
+   */
   async updatePassword(id, password) {
-    const user = users.get(id);
-    if (!user) return null;
-    const updatedUser = {
-      ...user,
-      password,
-      updatedAt: /* @__PURE__ */ new Date()
-    };
-    users.set(id, updatedUser);
-    return updatedUser;
+    try {
+      const user = await prisma.user.update({
+        where: { id },
+        data: { password }
+      });
+      return this.mapPrismaUserToUser(user);
+    } catch {
+      return null;
+    }
   }
+  /**
+   * Update last login timestamp
+   */
   async updateLastLogin(id) {
-    const user = users.get(id);
-    if (!user) return null;
-    const updatedUser = {
-      ...user,
-      lastLoginAt: /* @__PURE__ */ new Date(),
-      updatedAt: /* @__PURE__ */ new Date()
-    };
-    users.set(id, updatedUser);
-    return updatedUser;
+    try {
+      const user = await prisma.user.update({
+        where: { id },
+        data: { lastLoginAt: /* @__PURE__ */ new Date() }
+      });
+      return this.mapPrismaUserToUser(user);
+    } catch {
+      return null;
+    }
   }
+  /**
+   * Delete user by ID
+   */
   async delete(id) {
-    return users.delete(id);
+    try {
+      await prisma.user.delete({
+        where: { id }
+      });
+      return true;
+    } catch {
+      return false;
+    }
   }
+  /**
+   * Count users with optional filters
+   */
   async count(filters) {
-    let count = 0;
-    for (const user of users.values()) {
-      if (filters) {
-        if (filters.status && user.status !== filters.status) continue;
-        if (filters.role && user.role !== filters.role) continue;
-        if (filters.emailVerified !== void 0 && user.emailVerified !== filters.emailVerified)
-          continue;
+    const where = this.buildWhereClause(filters);
+    return prisma.user.count({ where });
+  }
+  /**
+   * Helper to clear all users (for testing only)
+   * WARNING: This deletes all users from the database
+   */
+  async clear() {
+    await prisma.user.deleteMany();
+  }
+  /**
+   * Build Prisma where clause from filters
+   */
+  buildWhereClause(filters) {
+    if (!filters) return {};
+    return {
+      ...filters.status && { status: this.mapStatusToEnum(filters.status) },
+      ...filters.role && { role: this.mapRoleToEnum(filters.role) },
+      ...filters.emailVerified !== void 0 && { emailVerified: filters.emailVerified },
+      ...filters.search && {
+        OR: [
+          { email: { contains: filters.search, mode: "insensitive" } },
+          { name: { contains: filters.search, mode: "insensitive" } }
+        ]
       }
-      count++;
+    };
+  }
+  /**
+   * Build Prisma orderBy clause from pagination params
+   */
+  buildOrderBy(params) {
+    if (!params.sortBy) {
+      return { createdAt: "desc" };
     }
-    return count;
+    return {
+      [params.sortBy]: params.sortOrder || "asc"
+    };
   }
-  // Helper to clear all users (for testing)
-  async clear() {
-    users.clear();
+  /**
+   * Map Prisma User to application User type
+   */
+  mapPrismaUserToUser(prismaUser) {
+    return {
+      id: prismaUser.id,
+      email: prismaUser.email,
+      password: prismaUser.password,
+      name: prismaUser.name ?? void 0,
+      role: this.mapEnumToRole(prismaUser.role),
+      status: this.mapEnumToStatus(prismaUser.status),
+      emailVerified: prismaUser.emailVerified,
+      lastLoginAt: prismaUser.lastLoginAt ?? void 0,
+      metadata: prismaUser.metadata,
+      createdAt: prismaUser.createdAt,
+      updatedAt: prismaUser.updatedAt
+    };
+  }
+  /**
+   * Map application role to Prisma enum
+   */
+  mapRoleToEnum(role) {
+    const roleMap = {
+      user: UserRole.USER,
+      moderator: UserRole.MODERATOR,
+      admin: UserRole.ADMIN,
+      super_admin: UserRole.SUPER_ADMIN
+    };
+    return roleMap[role] || UserRole.USER;
+  }
+  /**
+   * Map Prisma enum to application role
+   */
+  mapEnumToRole(role) {
+    const roleMap = {
+      [UserRole.USER]: "user",
+      [UserRole.MODERATOR]: "moderator",
+      [UserRole.ADMIN]: "admin",
+      [UserRole.SUPER_ADMIN]: "super_admin"
+    };
+    return roleMap[role];
+  }
+  /**
+   * Map application status to Prisma enum
+   */
+  mapStatusToEnum(status) {
+    const statusMap = {
+      active: UserStatus.ACTIVE,
+      inactive: UserStatus.INACTIVE,
+      suspended: UserStatus.SUSPENDED,
+      banned: UserStatus.BANNED
+    };
+    return statusMap[status] || UserStatus.ACTIVE;
+  }
+  /**
+   * Map Prisma enum to application status
+   */
+  mapEnumToStatus(status) {
+    const statusMap = {
+      [UserStatus.ACTIVE]: "active",
+      [UserStatus.INACTIVE]: "inactive",
+      [UserStatus.SUSPENDED]: "suspended",
+      [UserStatus.BANNED]: "banned"
+    };
+    return statusMap[status];
   }
 };
 function createUserRepository() {
@@ -1300,7 +1268,7 @@ var UserService = class {
     const result = await this.repository.findMany(params, filters);
     return {
       ...result,
-      data: result.data.map(({ password, ...user }) => user)
+      data: result.data.map(({ password: _password, ...user }) => user)
     };
   }
   async create(data) {
@@ -1377,7 +1345,7 @@ var UserService = class {
     if (permissions.includes(permission)) {
       return true;
     }
-    const [resource, action] = permission.split(":");
+    const [resource] = permission.split(":");
     const managePermission = `${resource}:manage`;
     if (permissions.includes(managePermission)) {
       return true;
@@ -1409,7 +1377,6 @@ async function registerAuthModule(app) {
   const authController = createAuthController(authService, userService);
   registerAuthRoutes(app, authController, authService);
   logger.info("Auth module registered");
-  return authService;
 }
 // src/modules/user/schemas.ts
@@ -1446,6 +1413,11 @@ var userQuerySchema = z4.object({
 });
 // src/modules/user/user.controller.ts
+function omitPassword(user) {
+  const { password, ...userData } = user;
+  void password;
+  return userData;
+}
 var UserController = class {
   constructor(userService) {
     this.userService = userService;
@@ -1470,14 +1442,12 @@ var UserController = class {
         message: "User not found"
       });
     }
-    const { password, ...userData } = user;
-    success(reply, userData);
+    success(reply, omitPassword(user));
   }
   async update(request, reply) {
     const data = validateBody(updateUserSchema, request.body);
     const user = await this.userService.update(request.params.id, data);
-    const { password, ...userData } = user;
-    success(reply, userData);
+    success(reply, omitPassword(user));
   }
   async delete(request, reply) {
     const authRequest = request;
@@ -1493,7 +1463,7 @@ var UserController = class {
       throw new ForbiddenError("Cannot suspend your own account");
     }
     const user = await this.userService.suspend(request.params.id);
-    const { password, ...userData } = user;
+    const userData = omitPassword(user);
     success(reply, userData);
   }
   async ban(request, reply) {
@@ -1502,12 +1472,12 @@ var UserController = class {
       throw new ForbiddenError("Cannot ban your own account");
     }
     const user = await this.userService.ban(request.params.id);
-    const { password, ...userData } = user;
+    const userData = omitPassword(user);
     success(reply, userData);
   }
   async activate(request, reply) {
     const user = await this.userService.activate(request.params.id);
-    const { password, ...userData } = user;
+    const userData = omitPassword(user);
     success(reply, userData);
   }
   // Profile routes (for authenticated user)
@@ -1520,14 +1490,14 @@ var UserController = class {
         message: "User not found"
       });
     }
-    const { password, ...userData } = user;
+    const userData = omitPassword(user);
     success(reply, userData);
   }
   async updateProfile(request, reply) {
     const authRequest = request;
     const data = validateBody(updateProfileSchema, request.body);
     const user = await this.userService.update(authRequest.user.id, data);
-    const { password, ...userData } = user;
+    const userData = omitPassword(user);
     success(reply, userData);
   }
 };
@@ -1536,186 +1506,61 @@ function createUserController(userService) {
 }
 // src/modules/user/user.routes.ts
-var userTag = "Users";
-var userResponse = {
+var idParamsSchema = {
   type: "object",
   properties: {
-    success: { type: "boolean", example: true },
-    data: { type: "object" }
-  }
+    id: { type: "string" }
+  },
+  required: ["id"]
 };
 function registerUserRoutes(app, controller, authService) {
   const authenticate = createAuthMiddleware(authService);
   const isAdmin = createRoleMiddleware(["admin", "super_admin"]);
   const isModerator = createRoleMiddleware(["moderator", "admin", "super_admin"]);
-  app.get(
-    "/profile",
-    {
-      preHandler: [authenticate],
-      schema: {
-        tags: [userTag],
-        summary: "Get current user profile",
-        security: [{ bearerAuth: [] }],
-        response: {
-          200: userResponse,
-          401: commonResponses.unauthorized
-        }
-      }
-    },
-    controller.getProfile.bind(controller)
-  );
-  app.patch(
-    "/profile",
-    {
-      preHandler: [authenticate],
-      schema: {
-        tags: [userTag],
-        summary: "Update current user profile",
-        security: [{ bearerAuth: [] }],
-        body: { type: "object" },
-        response: {
-          200: userResponse,
-          401: commonResponses.unauthorized,
-          400: commonResponses.error
-        }
-      }
-    },
-    controller.updateProfile.bind(controller)
-  );
-  app.get(
-    "/users",
-    {
-      preHandler: [authenticate, isModerator],
-      schema: {
-        tags: [userTag],
-        summary: "List users",
-        security: [{ bearerAuth: [] }],
-        querystring: {
-          ...paginationQuery,
-          properties: {
-            ...paginationQuery.properties,
-            status: { type: "string", enum: ["active", "inactive", "suspended", "banned"] },
-            role: { type: "string", enum: ["user", "admin", "moderator", "super_admin"] },
-            search: { type: "string" },
-            emailVerified: { type: "boolean" }
-          }
-        },
-        response: {
-          200: commonResponses.paginated,
-          401: commonResponses.unauthorized
-        }
-      }
-    },
-    controller.list.bind(controller)
-  );
+  app.get("/profile", { preHandler: [authenticate] }, controller.getProfile.bind(controller));
+  app.patch("/profile", { preHandler: [authenticate] }, controller.updateProfile.bind(controller));
+  app.get("/users", { preHandler: [authenticate, isModerator] }, controller.list.bind(controller));
   app.get(
     "/users/:id",
-    {
-      preHandler: [authenticate, isModerator],
-      schema: {
-        tags: [userTag],
-        summary: "Get user by id",
-        security: [{ bearerAuth: [] }],
-        params: idParam,
-        response: {
-          200: userResponse,
-          401: commonResponses.unauthorized,
-          404: commonResponses.notFound
-        }
-      }
-    },
-    controller.getById.bind(controller)
+    { preHandler: [authenticate, isModerator], schema: { params: idParamsSchema } },
+    async (request, reply) => {
+      return controller.getById(request, reply);
+    }
   );
   app.patch(
     "/users/:id",
-    {
-      preHandler: [authenticate, isAdmin],
-      schema: {
-        tags: [userTag],
-        summary: "Update user",
-        security: [{ bearerAuth: [] }],
-        params: idParam,
-        body: { type: "object" },
-        response: {
-          200: userResponse,
-          401: commonResponses.unauthorized,
-          404: commonResponses.notFound
-        }
-      }
-    },
-    controller.update.bind(controller)
+    { preHandler: [authenticate, isAdmin], schema: { params: idParamsSchema } },
+    async (request, reply) => {
+      return controller.update(request, reply);
+    }
   );
   app.delete(
     "/users/:id",
-    {
-      preHandler: [authenticate, isAdmin],
-      schema: {
-        tags: [userTag],
-        summary: "Delete user",
-        security: [{ bearerAuth: [] }],
-        params: idParam,
-        response: {
-          204: { description: "User deleted" },
-          401: commonResponses.unauthorized,
-          404: commonResponses.notFound
-        }
-      }
-    },
-    controller.delete.bind(controller)
+    { preHandler: [authenticate, isAdmin], schema: { params: idParamsSchema } },
+    async (request, reply) => {
+      return controller.delete(request, reply);
+    }
   );
   app.post(
     "/users/:id/suspend",
-    {
-      preHandler: [authenticate, isAdmin],
-      schema: {
-        tags: [userTag],
-        summary: "Suspend user",
-        security: [{ bearerAuth: [] }],
-        params: idParam,
-        response: {
-          200: userResponse,
-          401: commonResponses.unauthorized,
-          404: commonResponses.notFound
-        }
-      }
-    },
-    controller.suspend.bind(controller)
+    { preHandler: [authenticate, isAdmin], schema: { params: idParamsSchema } },
+    async (request, reply) => {
+      return controller.suspend(request, reply);
+    }
   );
   app.post(
     "/users/:id/ban",
-    {
-      preHandler: [authenticate, isAdmin],
-      schema: {
-        tags: [userTag],
-        summary: "Ban user",
-        security: [{ bearerAuth: [] }],
-        params: idParam,
-        response: {
-          200: userResponse,
-          401: commonResponses.unauthorized,
-          404: commonResponses.notFound
-        }
-      }
-    },
-    controller.ban.bind(controller)
+    { preHandler: [authenticate, isAdmin], schema: { params: idParamsSchema } },
+    async (request, reply) => {
+      return controller.ban(request, reply);
+    }
   );
   app.post(
     "/users/:id/activate",
-    {
-      preHandler: [authenticate, isAdmin],
-      schema: {
-        tags: [userTag],
-        summary: "Activate user",
-        security: [{ bearerAuth: [] }],
-        params: idParam,
-        response: {
-          200: userResponse,
-          401: commonResponses.unauthorized,
-          404: commonResponses.notFound
-        }
-      }
-    },
-    controller.activate.bind(controller)
+    { preHandler: [authenticate, isAdmin], schema: { params: idParamsSchema } },
+    async (request, reply) => {
+      return controller.activate(request, reply);
+    }
   );
 }
@@ -1975,10 +1820,7 @@ var EmailService = class {
         return { success: true, messageId: "dev-mode" };
       }
       const result = await this.transporter.sendMail(mailOptions);
-      logger.info(
-        { messageId: result.messageId, to: options.to },
-        "Email sent successfully"
-      );
+      logger.info({ messageId: result.messageId, to: options.to }, "Email sent successfully");
       return {
         success: true,
         messageId: result.messageId
@@ -2078,18 +1920,178 @@ function createEmailService(config2) {
   return new EmailService(config2);
 }
+// src/modules/audit/audit.repository.ts
+var AuditRepository = class {
+  constructor(prisma2) {
+    this.prisma = prisma2;
+  }
+  /**
+   * Create a new audit log entry
+   */
+  async create(entry) {
+    const log = await this.prisma.auditLog.create({
+      data: {
+        userId: entry.userId,
+        action: entry.action,
+        resource: entry.resource,
+        resourceId: entry.resourceId,
+        oldValue: entry.oldValue,
+        newValue: entry.newValue,
+        ipAddress: entry.ipAddress,
+        userAgent: entry.userAgent,
+        metadata: entry.metadata
+      }
+    });
+    return this.mapFromPrisma(log);
+  }
+  /**
+   * Create multiple audit log entries
+   */
+  async createMany(entries) {
+    const result = await this.prisma.auditLog.createMany({
+      data: entries.map((entry) => ({
+        userId: entry.userId,
+        action: entry.action,
+        resource: entry.resource,
+        resourceId: entry.resourceId,
+        oldValue: entry.oldValue,
+        newValue: entry.newValue,
+        ipAddress: entry.ipAddress,
+        userAgent: entry.userAgent,
+        metadata: entry.metadata
+      }))
+    });
+    return result.count;
+  }
+  /**
+   * Find audit log by ID
+   */
+  async findById(id) {
+    const log = await this.prisma.auditLog.findUnique({
+      where: { id }
+    });
+    return log ? this.mapFromPrisma(log) : null;
+  }
+  /**
+   * Query audit logs with filters and pagination
+   */
+  async query(params) {
+    const { page = 1, limit = 20 } = params;
+    const pagination = { page, limit };
+    const where = {};
+    if (params.userId) where.userId = params.userId;
+    if (params.action) where.action = params.action;
+    if (params.resource) where.resource = params.resource;
+    if (params.resourceId) where.resourceId = params.resourceId;
+    if (params.startDate || params.endDate) {
+      where.createdAt = {};
+      if (params.startDate) where.createdAt.gte = params.startDate;
+      if (params.endDate) where.createdAt.lte = params.endDate;
+    }
+    const [logs, total] = await Promise.all([
+      this.prisma.auditLog.findMany({
+        where,
+        orderBy: { createdAt: "desc" },
+        skip: getSkip(pagination),
+        take: limit
+      }),
+      this.prisma.auditLog.count({ where })
+    ]);
+    const data = logs.map((log) => this.mapFromPrisma(log));
+    return createPaginatedResult(data, total, pagination);
+  }
+  /**
+   * Find logs by user ID
+   */
+  async findByUser(userId, limit = 50) {
+    const logs = await this.prisma.auditLog.findMany({
+      where: { userId },
+      orderBy: { createdAt: "desc" },
+      take: limit
+    });
+    return logs.map((log) => this.mapFromPrisma(log));
+  }
+  /**
+   * Find logs by resource
+   */
+  async findByResource(resource, resourceId, limit = 50) {
+    const where = { resource };
+    if (resourceId) where.resourceId = resourceId;
+    const logs = await this.prisma.auditLog.findMany({
+      where,
+      orderBy: { createdAt: "desc" },
+      take: limit
+    });
+    return logs.map((log) => this.mapFromPrisma(log));
+  }
+  /**
+   * Find logs by action
+   */
+  async findByAction(action, limit = 50) {
+    const logs = await this.prisma.auditLog.findMany({
+      where: { action },
+      orderBy: { createdAt: "desc" },
+      take: limit
+    });
+    return logs.map((log) => this.mapFromPrisma(log));
+  }
+  /**
+   * Count logs with optional filters
+   */
+  async count(filters) {
+    const where = {};
+    if (filters?.userId) where.userId = filters.userId;
+    if (filters?.action) where.action = filters.action;
+    if (filters?.resource) where.resource = filters.resource;
+    return this.prisma.auditLog.count({ where });
+  }
+  /**
+   * Delete old audit logs (for data retention)
+   */
+  async deleteOlderThan(days) {
+    const cutoffDate = /* @__PURE__ */ new Date();
+    cutoffDate.setDate(cutoffDate.getDate() - days);
+    const result = await this.prisma.auditLog.deleteMany({
+      where: {
+        createdAt: { lt: cutoffDate }
+      }
+    });
+    return result.count;
+  }
+  /**
+   * Clear all audit logs (for testing)
+   */
+  async clear() {
+    await this.prisma.auditLog.deleteMany();
+  }
+  /**
+   * Map Prisma model to domain type
+   */
+  mapFromPrisma(log) {
+    return {
+      id: log.id,
+      userId: log.userId ?? void 0,
+      action: log.action,
+      resource: log.resource,
+      resourceId: log.resourceId ?? void 0,
+      oldValue: log.oldValue,
+      newValue: log.newValue,
+      ipAddress: log.ipAddress ?? void 0,
+      userAgent: log.userAgent ?? void 0,
+      metadata: log.metadata,
+      createdAt: log.createdAt
+    };
+  }
+};
 // src/modules/audit/audit.service.ts
-import { randomUUID as randomUUID2 } from "crypto";
-var auditLogs = /* @__PURE__ */ new Map();
 var AuditService = class {
+  repository;
+  constructor() {
+    this.repository = new AuditRepository(prisma);
+  }
   async log(entry) {
-    const id = randomUUID2();
-    const auditEntry = {
-      ...entry,
-      id,
-      createdAt: /* @__PURE__ */ new Date()
-    };
-    auditLogs.set(id, auditEntry);
+    await this.repository.create(entry);
     logger.info(
       {
         audit: true,
@@ -2103,39 +2105,13 @@ var AuditService = class {
     );
   }
   async query(params) {
-    const { page = 1, limit = 20 } = params;
-    let logs = Array.from(auditLogs.values());
-    if (params.userId) {
-      logs = logs.filter((log) => log.userId === params.userId);
-    }
-    if (params.action) {
-      logs = logs.filter((log) => log.action === params.action);
-    }
-    if (params.resource) {
-      logs = logs.filter((log) => log.resource === params.resource);
-    }
-    if (params.resourceId) {
-      logs = logs.filter((log) => log.resourceId === params.resourceId);
-    }
-    if (params.startDate) {
-      logs = logs.filter((log) => log.createdAt >= params.startDate);
-    }
-    if (params.endDate) {
-      logs = logs.filter((log) => log.createdAt <= params.endDate);
-    }
-    logs.sort((a, b) => b.createdAt.getTime() - a.createdAt.getTime());
-    const total = logs.length;
-    const skip = (page - 1) * limit;
-    const data = logs.slice(skip, skip + limit);
-    return createPaginatedResult(data, total, { page, limit });
+    return this.repository.query(params);
   }
   async findByUser(userId, limit = 50) {
-    const result = await this.query({ userId, limit });
-    return result.data;
+    return this.repository.findByUser(userId, limit);
   }
   async findByResource(resource, resourceId, limit = 50) {
-    const result = await this.query({ resource, resourceId, limit });
-    return result.data;
+    return this.repository.findByResource(resource, resourceId, limit);
   }
   // Shortcut methods for common audit events
   async logCreate(resource, resourceId, userId, newValue, meta) {
@@ -2193,9 +2169,17 @@ var AuditService = class {
       ...meta
     });
   }
+  // Data retention: delete old logs
+  async cleanupOldLogs(retentionDays) {
+    const count = await this.repository.deleteOlderThan(retentionDays);
+    if (count > 0) {
+      logger.info({ count, retentionDays }, "Cleaned up old audit logs");
+    }
+    return count;
+  }
   // Clear all logs (for testing)
   async clear() {
-    auditLogs.clear();
+    await this.repository.clear();
   }
 };
 var auditService = null;
@@ -2218,20 +2202,15 @@ async function bootstrap() {
   const app = server.instance;
   registerErrorHandler(app);
   await registerSecurity(app);
-  await registerSwagger(app, {
-    enabled: config.swagger.enabled,
-    route: config.swagger.route,
-    title: config.swagger.title,
-    description: config.swagger.description,
-    version: config.swagger.version
-  });
-  const authService = await registerAuthModule(app);
-  await registerUserModule(app, authService);
+  await registerAuthModule(app);
   await server.start();
-  logger.info({
-    env: config.env.NODE_ENV,
-    port: config.server.port
-  }, "Servcraft server started");
+  logger.info(
+    {
+      env: config.env.NODE_ENV,
+      port: config.server.port
+    },
+    "Servcraft server started"
+  );
 }
 bootstrap().catch((err) => {
   logger.error({ err }, "Failed to start server");