strapi-plugin-magic-sessionmanager 1.0.0

package/dist/server/index.js

@@ -0,0 +1,2127 @@
+"use strict";
+const require$$0 = require("crypto");
+const require$$1 = require("os");
+const _interopDefault = (e) => e && e.__esModule ? e : { default: e };
+const require$$0__default = /* @__PURE__ */ _interopDefault(require$$0);
+const require$$1__default = /* @__PURE__ */ _interopDefault(require$$1);
+function getDefaultExportFromCjs(x) {
+  return x && x.__esModule && Object.prototype.hasOwnProperty.call(x, "default") ? x["default"] : x;
+}
+var register$1 = async ({ strapi: strapi2 }) => {
+  strapi2.log.info("[magic-sessionmanager] 🚀 Plugin registration starting...");
+  try {
+    const userCT = strapi2.contentType("plugin::users-permissions.user");
+    if (!userCT) {
+      strapi2.log.error("[magic-sessionmanager] User content type not found");
+      return;
+    }
+    if (userCT.attributes && userCT.attributes.sessions) {
+      delete userCT.attributes.sessions;
+      strapi2.log.info("[magic-sessionmanager] ✅ Removed sessions field from User content type");
+    }
+    strapi2.log.info("[magic-sessionmanager] ✅ Plugin registered successfully");
+  } catch (err) {
+    strapi2.log.error("[magic-sessionmanager] ❌ Registration error:", err);
+  }
+};
+const getClientIp$1 = (ctx) => {
+  try {
+    const headers = ctx.request.headers || ctx.request.header || {};
+    if (headers["cf-connecting-ip"]) {
+      return cleanIp(headers["cf-connecting-ip"]);
+    }
+    if (headers["true-client-ip"]) {
+      return cleanIp(headers["true-client-ip"]);
+    }
+    if (headers["x-real-ip"]) {
+      return cleanIp(headers["x-real-ip"]);
+    }
+    if (headers["x-forwarded-for"]) {
+      const forwardedIps = headers["x-forwarded-for"].split(",");
+      const clientIp = forwardedIps[0].trim();
+      if (clientIp && !isPrivateIp(clientIp)) {
+        return cleanIp(clientIp);
+      }
+    }
+    if (headers["x-client-ip"]) {
+      return cleanIp(headers["x-client-ip"]);
+    }
+    if (headers["x-cluster-client-ip"]) {
+      return cleanIp(headers["x-cluster-client-ip"]);
+    }
+    if (headers["forwarded"]) {
+      const match = headers["forwarded"].match(/for=([^;,\s]+)/);
+      if (match && match[1]) {
+        return cleanIp(match[1].replace(/"/g, ""));
+      }
+    }
+    if (ctx.request.ip) {
+      return cleanIp(ctx.request.ip);
+    }
+    return "unknown";
+  } catch (error) {
+    console.error("[getClientIp] Error extracting IP:", error);
+    return "unknown";
+  }
+};
+const cleanIp = (ip) => {
+  if (!ip) return "unknown";
+  ip = ip.split(":")[0];
+  if (ip.startsWith("::ffff:")) {
+    ip = ip.substring(7);
+  }
+  ip = ip.trim();
+  return ip || "unknown";
+};
+const isPrivateIp = (ip) => {
+  if (!ip) return true;
+  if (ip === "127.0.0.1" || ip === "localhost" || ip === "::1") return true;
+  if (ip.startsWith("192.168.")) return true;
+  if (ip.startsWith("10.")) return true;
+  if (ip.startsWith("172.")) {
+    const second = parseInt(ip.split(".")[1]);
+    if (second >= 16 && second <= 31) return true;
+  }
+  if (ip.startsWith("fc00:") || ip.startsWith("fd00:")) return true;
+  if (ip.startsWith("fe80:")) return true;
+  return false;
+};
+var getClientIp_1 = getClientIp$1;
+var lastSeen = ({ strapi: strapi2, sessionService }) => {
+  return async (ctx, next) => {
+    if (ctx.state.user && ctx.state.user.id) {
+      try {
+        const userId = ctx.state.user.id;
+        const activeSessions = await strapi2.entityService.findMany("api::session.session", {
+          filters: {
+            user: { id: userId },
+            isActive: true
+          },
+          limit: 1
+        });
+        if (!activeSessions || activeSessions.length === 0) {
+          strapi2.log.info(`[magic-sessionmanager] 🚫 Blocked request - User ${userId} has no active sessions`);
+          return ctx.unauthorized("All sessions have been terminated. Please login again.");
+        }
+      } catch (err) {
+        strapi2.log.debug("[magic-sessionmanager] Error checking active sessions:", err.message);
+      }
+    }
+    await next();
+    if (ctx.state.user && ctx.state.user.id) {
+      try {
+        const userId = ctx.state.user.id;
+        const sessionId = ctx.state.sessionId;
+        await sessionService.touch({
+          userId,
+          sessionId
+        });
+      } catch (err) {
+        strapi2.log.debug("[magic-sessionmanager] Error updating lastSeen:", err.message);
+      }
+    }
+  };
+};
+const getClientIp = getClientIp_1;
+var bootstrap$1 = async ({ strapi: strapi2 }) => {
+  strapi2.log.info("[magic-sessionmanager] 🚀 Bootstrap starting...");
+  try {
+    const licenseGuardService = strapi2.plugin("magic-sessionmanager").service("license-guard");
+    setTimeout(async () => {
+      const licenseStatus = await licenseGuardService.initialize();
+      if (!licenseStatus.valid) {
+        strapi2.log.error("╔════════════════════════════════════════════════════════════════╗");
+        strapi2.log.error("║  ❌ SESSION MANAGER - NO VALID LICENSE                         ║");
+        strapi2.log.error("║                                                                ║");
+        strapi2.log.error("║  This plugin requires a valid license to operate.             ║");
+        strapi2.log.error("║  Please activate your license via Admin UI:                   ║");
+        strapi2.log.error("║  Go to Settings → Sessions → License                          ║");
+        strapi2.log.error("║                                                                ║");
+        strapi2.log.error("║  The plugin will run with limited functionality until         ║");
+        strapi2.log.error("║  a valid license is activated.                                ║");
+        strapi2.log.error("╚════════════════════════════════════════════════════════════════╝");
+      } else if (licenseStatus.valid) {
+        const pluginStore = strapi2.store({
+          type: "plugin",
+          name: "magic-sessionmanager"
+        });
+        const storedKey = await pluginStore.get({ key: "licenseKey" });
+        strapi2.log.info("╔════════════════════════════════════════════════════════════════╗");
+        strapi2.log.info("║  ✅ SESSION MANAGER LICENSE ACTIVE                             ║");
+        strapi2.log.info("║                                                                ║");
+        if (licenseStatus.data) {
+          strapi2.log.info(`║  License: ${licenseStatus.data.licenseKey}`.padEnd(66) + "║");
+          strapi2.log.info(`║  User: ${licenseStatus.data.firstName} ${licenseStatus.data.lastName}`.padEnd(66) + "║");
+          strapi2.log.info(`║  Email: ${licenseStatus.data.email}`.padEnd(66) + "║");
+        } else if (storedKey) {
+          strapi2.log.info(`║  License: ${storedKey} (Offline Mode)`.padEnd(66) + "║");
+          strapi2.log.info(`║  Status: Grace Period Active`.padEnd(66) + "║");
+        }
+        strapi2.log.info("║                                                                ║");
+        strapi2.log.info("║  🔄 Auto-pinging every 15 minutes                              ║");
+        strapi2.log.info("╚════════════════════════════════════════════════════════════════╝");
+      }
+    }, 3e3);
+    const sessionService = strapi2.plugin("magic-sessionmanager").service("session");
+    strapi2.log.info("[magic-sessionmanager] Running initial session cleanup...");
+    await sessionService.cleanupInactiveSessions();
+    const cleanupInterval = 30 * 60 * 1e3;
+    const cleanupIntervalHandle = setInterval(async () => {
+      try {
+        const service = strapi2.plugin("magic-sessionmanager").service("session");
+        await service.cleanupInactiveSessions();
+      } catch (err) {
+        strapi2.log.error("[magic-sessionmanager] Periodic cleanup error:", err);
+      }
+    }, cleanupInterval);
+    strapi2.log.info("[magic-sessionmanager] ⏰ Periodic cleanup scheduled (every 30 minutes)");
+    if (!strapi2.sessionManagerIntervals) {
+      strapi2.sessionManagerIntervals = {};
+    }
+    strapi2.sessionManagerIntervals.cleanup = cleanupIntervalHandle;
+    strapi2.server.routes([{
+      method: "POST",
+      path: "/api/auth/logout",
+      handler: async (ctx) => {
+        try {
+          const token = ctx.request.headers?.authorization?.replace("Bearer ", "");
+          if (!token) {
+            ctx.status = 200;
+            ctx.body = { message: "Logged out successfully" };
+            return;
+          }
+          const sessions = await strapi2.entityService.findMany("api::session.session", {
+            filters: {
+              token,
+              isActive: true
+            },
+            limit: 1
+          });
+          if (sessions.length > 0) {
+            await sessionService.terminateSession({ sessionId: sessions[0].id });
+            strapi2.log.info(`[magic-sessionmanager] 🚪 Logout via /api/auth/logout - Session ${sessions[0].id} terminated`);
+          }
+          ctx.status = 200;
+          ctx.body = { message: "Logged out successfully" };
+        } catch (err) {
+          strapi2.log.error("[magic-sessionmanager] Logout error:", err);
+          ctx.status = 200;
+          ctx.body = { message: "Logged out successfully" };
+        }
+      },
+      config: {
+        auth: false
+      }
+    }]);
+    strapi2.log.info("[magic-sessionmanager] ✅ /api/auth/logout route registered");
+    strapi2.server.use(async (ctx, next) => {
+      await next();
+      const isAuthLocal = ctx.path === "/api/auth/local" && ctx.method === "POST";
+      const isMagicLink = ctx.path.includes("/magic-link/login") && ctx.method === "POST";
+      if ((isAuthLocal || isMagicLink) && ctx.status === 200 && ctx.body && ctx.body.user) {
+        try {
+          const user = ctx.body.user;
+          const ip = getClientIp(ctx);
+          const userAgent = ctx.request.headers?.["user-agent"] || ctx.request.header?.["user-agent"] || "unknown";
+          strapi2.log.info(`[magic-sessionmanager] 🔍 Login detected! User: ${user.id} (${user.email || user.username}) from IP: ${ip}`);
+          const config2 = strapi2.config.get("plugin::magic-sessionmanager") || {};
+          let shouldBlock = false;
+          let blockReason = "";
+          let geoData = null;
+          if (config2.enableGeolocation || config2.enableSecurityScoring) {
+            try {
+              const geolocationService = strapi2.plugin("magic-sessionmanager").service("geolocation");
+              geoData = await geolocationService.getIpInfo(ip);
+              if (config2.blockSuspiciousSessions && geoData) {
+                if (geoData.isThreat) {
+                  shouldBlock = true;
+                  blockReason = "Known threat IP detected";
+                } else if (geoData.isVpn && config2.alertOnVpnProxy) {
+                  shouldBlock = true;
+                  blockReason = "VPN detected";
+                } else if (geoData.isProxy && config2.alertOnVpnProxy) {
+                  shouldBlock = true;
+                  blockReason = "Proxy detected";
+                } else if (geoData.securityScore < 50) {
+                  shouldBlock = true;
+                  blockReason = `Low security score: ${geoData.securityScore}/100`;
+                }
+              }
+              if (config2.enableGeofencing && geoData && geoData.country_code) {
+                const countryCode = geoData.country_code;
+                if (config2.blockedCountries && config2.blockedCountries.includes(countryCode)) {
+                  shouldBlock = true;
+                  blockReason = `Country ${countryCode} is blocked`;
+                }
+                if (config2.allowedCountries && config2.allowedCountries.length > 0) {
+                  if (!config2.allowedCountries.includes(countryCode)) {
+                    shouldBlock = true;
+                    blockReason = `Country ${countryCode} is not in allowlist`;
+                  }
+                }
+              }
+            } catch (geoErr) {
+              strapi2.log.warn("[magic-sessionmanager] Geolocation check failed:", geoErr.message);
+            }
+          }
+          if (shouldBlock) {
+            strapi2.log.warn(`[magic-sessionmanager] 🚫 Blocking login: ${blockReason}`);
+            ctx.status = 403;
+            ctx.body = {
+              error: {
+                status: 403,
+                message: "Login blocked for security reasons",
+                details: { reason: blockReason }
+              }
+            };
+            return;
+          }
+          const newSession = await sessionService.createSession({
+            userId: user.id,
+            ip,
+            userAgent,
+            token: ctx.body.jwt
+            // Store JWT token reference
+          });
+          strapi2.log.info(`[magic-sessionmanager] ✅ Session created for user ${user.id} (IP: ${ip})`);
+          if (geoData && (config2.enableEmailAlerts || config2.enableWebhooks)) {
+            try {
+              const notificationService = strapi2.plugin("magic-sessionmanager").service("notifications");
+              const isSuspicious = geoData.isVpn || geoData.isProxy || geoData.isThreat || geoData.securityScore < 70;
+              if (config2.enableEmailAlerts && config2.alertOnSuspiciousLogin && isSuspicious) {
+                await notificationService.sendSuspiciousLoginAlert({
+                  user,
+                  session: newSession,
+                  reason: {
+                    isVpn: geoData.isVpn,
+                    isProxy: geoData.isProxy,
+                    isThreat: geoData.isThreat,
+                    securityScore: geoData.securityScore
+                  },
+                  geoData
+                });
+              }
+              if (config2.enableWebhooks) {
+                const webhookData = notificationService.formatDiscordWebhook({
+                  event: isSuspicious ? "login.suspicious" : "login.success",
+                  session: newSession,
+                  user,
+                  geoData
+                });
+                if (config2.discordWebhookUrl) {
+                  await notificationService.sendWebhook({
+                    event: "session.login",
+                    data: webhookData,
+                    webhookUrl: config2.discordWebhookUrl
+                  });
+                }
+              }
+            } catch (notifErr) {
+              strapi2.log.warn("[magic-sessionmanager] Notification failed:", notifErr.message);
+            }
+          }
+        } catch (err) {
+          strapi2.log.error("[magic-sessionmanager] ❌ Error creating session:", err);
+        }
+      }
+    });
+    strapi2.log.info("[magic-sessionmanager] ✅ Login/Logout interceptor middleware mounted");
+    strapi2.server.use(
+      lastSeen({ strapi: strapi2, sessionService })
+    );
+    strapi2.log.info("[magic-sessionmanager] ✅ LastSeen middleware mounted");
+    strapi2.log.info("[magic-sessionmanager] ✅ Bootstrap complete");
+    strapi2.log.info("[magic-sessionmanager] 🎉 Session Manager ready! Sessions stored in api::session.session");
+  } catch (err) {
+    strapi2.log.error("[magic-sessionmanager] ❌ Bootstrap error:", err);
+  }
+};
+var destroy$1 = async ({ strapi: strapi2 }) => {
+  if (strapi2.licenseGuard && strapi2.licenseGuard.pingInterval) {
+    clearInterval(strapi2.licenseGuard.pingInterval);
+    strapi2.log.info("[magic-sessionmanager] 🛑 License pinging stopped");
+  }
+  if (strapi2.sessionManagerIntervals && strapi2.sessionManagerIntervals.cleanup) {
+    clearInterval(strapi2.sessionManagerIntervals.cleanup);
+    strapi2.log.info("[magic-sessionmanager] 🛑 Session cleanup interval stopped");
+  }
+  strapi2.log.info("[magic-sessionmanager] ✅ Plugin cleanup completed");
+};
+var config$1 = {
+  default: {
+    // Rate limit for lastSeen updates (in milliseconds)
+    lastSeenRateLimit: 3e4,
+    // 30 seconds
+    // Session inactivity timeout (in milliseconds)
+    // After this time without activity, a session is considered inactive
+    inactivityTimeout: 15 * 60 * 1e3
+    // 15 minutes
+  },
+  validator: (config2) => {
+    if (config2.lastSeenRateLimit && typeof config2.lastSeenRateLimit !== "number") {
+      throw new Error("lastSeenRateLimit must be a number (milliseconds)");
+    }
+    if (config2.inactivityTimeout && typeof config2.inactivityTimeout !== "number") {
+      throw new Error("inactivityTimeout must be a number (milliseconds)");
+    }
+  }
+};
+var contentApi$1 = {
+  type: "content-api",
+  routes: [
+    // ============================================================
+    // LOGOUT ENDPOINTS
+    // ============================================================
+    {
+      method: "POST",
+      path: "/logout",
+      handler: "session.logout",
+      config: {
+        auth: { strategies: ["users-permissions"] },
+        description: "Logout current session (requires JWT)"
+      }
+    },
+    {
+      method: "POST",
+      path: "/logout-all",
+      handler: "session.logoutAll",
+      config: {
+        auth: { strategies: ["users-permissions"] },
+        description: "Logout from all devices (requires JWT)"
+      }
+    },
+    // ============================================================
+    // SESSION QUERIES
+    // ============================================================
+    {
+      method: "GET",
+      path: "/user/:userId/sessions",
+      handler: "session.getUserSessions",
+      config: {
+        auth: { strategies: ["users-permissions"] },
+        description: "Get own sessions (controller validates user can only see own sessions)"
+      }
+    }
+  ]
+};
+var admin$1 = {
+  type: "admin",
+  routes: [
+    {
+      method: "GET",
+      path: "/sessions",
+      handler: "session.getAllSessionsAdmin",
+      config: {
+        policies: ["admin::isAuthenticatedAdmin"],
+        description: "Get all sessions - active and inactive (admin)"
+      }
+    },
+    {
+      method: "GET",
+      path: "/sessions/active",
+      handler: "session.getActiveSessions",
+      config: {
+        policies: ["admin::isAuthenticatedAdmin"],
+        description: "Get only active sessions (admin)"
+      }
+    },
+    {
+      method: "GET",
+      path: "/user/:userId/sessions",
+      handler: "session.getUserSessions",
+      config: {
+        policies: ["admin::isAuthenticatedAdmin"],
+        description: "Get user sessions (admin)"
+      }
+    },
+    {
+      method: "POST",
+      path: "/sessions/:sessionId/terminate",
+      handler: "session.terminateSingleSession",
+      config: {
+        policies: ["admin::isAuthenticatedAdmin"],
+        description: "Terminate a specific session (admin)"
+      }
+    },
+    {
+      method: "DELETE",
+      path: "/sessions/:sessionId",
+      handler: "session.deleteSession",
+      config: {
+        policies: ["admin::isAuthenticatedAdmin"],
+        description: "Delete a single session permanently (admin)"
+      }
+    },
+    {
+      method: "POST",
+      path: "/sessions/clean-inactive",
+      handler: "session.cleanInactiveSessions",
+      config: {
+        policies: ["admin::isAuthenticatedAdmin"],
+        description: "Delete all inactive sessions from database (admin)"
+      }
+    },
+    {
+      method: "POST",
+      path: "/user/:userId/terminate-all",
+      handler: "session.terminateAllUserSessions",
+      config: {
+        policies: ["admin::isAuthenticatedAdmin"],
+        description: "Terminate all sessions for a user (admin)"
+      }
+    },
+    {
+      method: "POST",
+      path: "/user/:userId/toggle-block",
+      handler: "session.toggleUserBlock",
+      config: {
+        policies: ["admin::isAuthenticatedAdmin"],
+        description: "Toggle user blocked status (admin)"
+      }
+    },
+    // License Management
+    {
+      method: "GET",
+      path: "/license/status",
+      handler: "license.getStatus",
+      config: {
+        policies: []
+      }
+    },
+    {
+      method: "POST",
+      path: "/license/auto-create",
+      handler: "license.autoCreate",
+      config: {
+        policies: []
+      }
+    },
+    {
+      method: "POST",
+      path: "/license/create",
+      handler: "license.createAndActivate",
+      config: {
+        policies: []
+      }
+    },
+    {
+      method: "POST",
+      path: "/license/ping",
+      handler: "license.ping",
+      config: {
+        policies: []
+      }
+    },
+    {
+      method: "POST",
+      path: "/license/store-key",
+      handler: "license.storeKey",
+      config: {
+        policies: []
+      }
+    },
+    // Geolocation (Premium Feature)
+    {
+      method: "GET",
+      path: "/geolocation/:ipAddress",
+      handler: "session.getIpGeolocation",
+      config: {
+        policies: ["admin::isAuthenticatedAdmin"],
+        description: "Get IP geolocation data (Premium feature)"
+      }
+    },
+    // Settings Management
+    {
+      method: "GET",
+      path: "/settings",
+      handler: "settings.getSettings",
+      config: {
+        policies: ["admin::isAuthenticatedAdmin"],
+        description: "Get plugin settings"
+      }
+    },
+    {
+      method: "PUT",
+      path: "/settings",
+      handler: "settings.updateSettings",
+      config: {
+        policies: ["admin::isAuthenticatedAdmin"],
+        description: "Update plugin settings"
+      }
+    }
+  ]
+};
+const contentApi = contentApi$1;
+const admin = admin$1;
+var routes$1 = {
+  admin,
+  "content-api": contentApi
+};
+var session$3 = {
+  /**
+   * Get ALL sessions (active + inactive) - Admin only
+   * GET /magic-sessionmanager/sessions
+   */
+  async getAllSessionsAdmin(ctx) {
+    try {
+      const sessionService = strapi.plugin("magic-sessionmanager").service("session");
+      const sessions = await sessionService.getAllSessions();
+      ctx.body = {
+        data: sessions,
+        meta: {
+          count: sessions.length,
+          active: sessions.filter((s) => s.isTrulyActive).length,
+          inactive: sessions.filter((s) => !s.isTrulyActive).length
+        }
+      };
+    } catch (err) {
+      ctx.throw(500, "Error fetching sessions");
+    }
+  },
+  /**
+   * Get active sessions only
+   * GET /magic-sessionmanager/sessions/active
+   */
+  async getActiveSessions(ctx) {
+    try {
+      const sessionService = strapi.plugin("magic-sessionmanager").service("session");
+      const sessions = await sessionService.getActiveSessions();
+      ctx.body = {
+        data: sessions,
+        meta: {
+          count: sessions.length
+        }
+      };
+    } catch (err) {
+      ctx.throw(500, "Error fetching active sessions");
+    }
+  },
+  /**
+   * Get user's sessions
+   * GET /magic-sessionmanager/user/:userId/sessions
+   * SECURITY: User can only access their own sessions
+   */
+  async getUserSessions(ctx) {
+    try {
+      const { userId } = ctx.params;
+      const requestingUserId = ctx.state.user?.id;
+      if (requestingUserId && String(requestingUserId) !== String(userId)) {
+        strapi.log.warn(`[magic-sessionmanager] Security: User ${requestingUserId} tried to access sessions of user ${userId}`);
+        return ctx.forbidden("You can only access your own sessions");
+      }
+      const sessionService = strapi.plugin("magic-sessionmanager").service("session");
+      const sessions = await sessionService.getUserSessions(userId);
+      ctx.body = {
+        data: sessions,
+        meta: {
+          count: sessions.length
+        }
+      };
+    } catch (err) {
+      ctx.throw(500, "Error fetching user sessions");
+    }
+  },
+  /**
+   * Logout handler - terminates current session
+   * POST /api/magic-sessionmanager/logout
+   */
+  async logout(ctx) {
+    try {
+      const userId = ctx.state.user?.id;
+      const token = ctx.request.headers.authorization?.replace("Bearer ", "");
+      if (!userId) {
+        return ctx.throw(401, "Unauthorized");
+      }
+      const sessionService = strapi.plugin("magic-sessionmanager").service("session");
+      const sessions = await strapi.entityService.findMany("api::session.session", {
+        filters: {
+          user: { id: userId },
+          token,
+          isActive: true
+        }
+      });
+      if (sessions.length > 0) {
+        await sessionService.terminateSession({ sessionId: sessions[0].id });
+        strapi.log.info(`[magic-sessionmanager] User ${userId} logged out (session ${sessions[0].id})`);
+      }
+      ctx.body = {
+        message: "Logged out successfully"
+      };
+    } catch (err) {
+      strapi.log.error("[magic-sessionmanager] Logout error:", err);
+      ctx.throw(500, "Error during logout");
+    }
+  },
+  /**
+   * Logout from all devices - terminates all sessions for current user
+   * POST /api/magic-sessionmanager/logout-all
+   */
+  async logoutAll(ctx) {
+    try {
+      const userId = ctx.state.user?.id;
+      if (!userId) {
+        return ctx.throw(401, "Unauthorized");
+      }
+      const sessionService = strapi.plugin("magic-sessionmanager").service("session");
+      await sessionService.terminateSession({ userId });
+      strapi.log.info(`[magic-sessionmanager] User ${userId} logged out from all devices`);
+      ctx.body = {
+        message: "Logged out from all devices successfully"
+      };
+    } catch (err) {
+      strapi.log.error("[magic-sessionmanager] Logout-all error:", err);
+      ctx.throw(500, "Error during logout");
+    }
+  },
+  /**
+   * Terminate specific session
+   * DELETE /magic-sessionmanager/sessions/:sessionId
+   */
+  async terminateSession(ctx) {
+    try {
+      const { sessionId } = ctx.params;
+      const sessionService = strapi.plugin("magic-sessionmanager").service("session");
+      await sessionService.terminateSession({ sessionId });
+      ctx.body = {
+        message: `Session ${sessionId} terminated`
+      };
+    } catch (err) {
+      ctx.throw(500, "Error terminating session");
+    }
+  },
+  /**
+   * Terminate a single session (Admin action)
+   * POST /magic-sessionmanager/sessions/:sessionId/terminate
+   */
+  async terminateSingleSession(ctx) {
+    try {
+      const { sessionId } = ctx.params;
+      const sessionService = strapi.plugin("magic-sessionmanager").service("session");
+      await sessionService.terminateSession({ sessionId });
+      ctx.body = {
+        message: `Session ${sessionId} terminated`,
+        success: true
+      };
+    } catch (err) {
+      strapi.log.error("[magic-sessionmanager] Error terminating session:", err);
+      ctx.throw(500, "Error terminating session");
+    }
+  },
+  /**
+   * Terminate ALL sessions for a specific user (Admin action)
+   * POST /magic-sessionmanager/user/:userId/terminate-all
+   */
+  async terminateAllUserSessions(ctx) {
+    try {
+      const { userId } = ctx.params;
+      const sessionService = strapi.plugin("magic-sessionmanager").service("session");
+      await sessionService.terminateSession({ userId });
+      ctx.body = {
+        message: `All sessions terminated for user ${userId}`,
+        success: true
+      };
+    } catch (err) {
+      strapi.log.error("[magic-sessionmanager] Error terminating all user sessions:", err);
+      ctx.throw(500, "Error terminating all user sessions");
+    }
+  },
+  /**
+   * Get IP Geolocation data (Premium feature)
+   * GET /magic-sessionmanager/geolocation/:ipAddress
+   */
+  async getIpGeolocation(ctx) {
+    try {
+      const { ipAddress } = ctx.params;
+      if (!ipAddress) {
+        return ctx.badRequest("IP address is required");
+      }
+      const licenseGuard2 = strapi.plugin("magic-sessionmanager").service("license-guard");
+      const pluginStore = strapi.store({
+        type: "plugin",
+        name: "magic-sessionmanager"
+      });
+      const licenseKey = await pluginStore.get({ key: "licenseKey" });
+      if (!licenseKey) {
+        return ctx.forbidden("Premium license required for geolocation features");
+      }
+      const license2 = await licenseGuard2.getLicenseByKey(licenseKey);
+      if (!license2 || !license2.featurePremium) {
+        return ctx.forbidden("Premium license required for geolocation features");
+      }
+      const geolocationService = strapi.plugin("magic-sessionmanager").service("geolocation");
+      const ipData = await geolocationService.getIpInfo(ipAddress);
+      ctx.body = {
+        success: true,
+        data: ipData
+      };
+    } catch (err) {
+      strapi.log.error("[magic-sessionmanager] Error getting IP geolocation:", err);
+      ctx.throw(500, "Error fetching IP geolocation data");
+    }
+  },
+  /**
+   * Delete a single session permanently (Admin action)
+   * DELETE /magic-sessionmanager/sessions/:sessionId
+   */
+  async deleteSession(ctx) {
+    try {
+      const { sessionId } = ctx.params;
+      const sessionService = strapi.plugin("magic-sessionmanager").service("session");
+      await sessionService.deleteSession(sessionId);
+      ctx.body = {
+        message: `Session ${sessionId} permanently deleted`,
+        success: true
+      };
+    } catch (err) {
+      strapi.log.error("[magic-sessionmanager] Error deleting session:", err);
+      ctx.throw(500, "Error deleting session");
+    }
+  },
+  /**
+   * Delete all inactive sessions (Admin action)
+   * POST /magic-sessionmanager/sessions/clean-inactive
+   */
+  async cleanInactiveSessions(ctx) {
+    try {
+      const sessionService = strapi.plugin("magic-sessionmanager").service("session");
+      const deletedCount = await sessionService.deleteInactiveSessions();
+      ctx.body = {
+        message: `Successfully deleted ${deletedCount} inactive sessions`,
+        success: true,
+        deletedCount
+      };
+    } catch (err) {
+      strapi.log.error("[magic-sessionmanager] Error cleaning inactive sessions:", err);
+      ctx.throw(500, "Error deleting inactive sessions");
+    }
+  },
+  /**
+   * Toggle user blocked status
+   * POST /magic-sessionmanager/user/:userId/toggle-block
+   */
+  async toggleUserBlock(ctx) {
+    try {
+      const { userId } = ctx.params;
+      const user = await strapi.entityService.findOne("plugin::users-permissions.user", userId);
+      if (!user) {
+        return ctx.throw(404, "User not found");
+      }
+      const newBlockedStatus = !user.blocked;
+      await strapi.entityService.update("plugin::users-permissions.user", userId, {
+        data: {
+          blocked: newBlockedStatus
+        }
+      });
+      if (newBlockedStatus) {
+        const sessionService = strapi.plugin("magic-sessionmanager").service("session");
+        await sessionService.terminateSession({ userId });
+      }
+      ctx.body = {
+        message: `User ${newBlockedStatus ? "blocked" : "unblocked"} successfully`,
+        blocked: newBlockedStatus,
+        success: true
+      };
+    } catch (err) {
+      strapi.log.error("[magic-sessionmanager] Error toggling user block:", err);
+      ctx.throw(500, "Error toggling user block status");
+    }
+  }
+};
+var license$1 = ({ strapi: strapi2 }) => ({
+  /**
+   * Auto-create license with logged-in admin user data
+   */
+  async autoCreate(ctx) {
+    try {
+      const adminUser = ctx.state.user;
+      if (!adminUser) {
+        return ctx.unauthorized("No admin user logged in");
+      }
+      const licenseGuard2 = strapi2.plugin("magic-sessionmanager").service("license-guard");
+      const license2 = await licenseGuard2.createLicense({
+        email: adminUser.email,
+        firstName: adminUser.firstname || "Admin",
+        lastName: adminUser.lastname || "User"
+      });
+      if (!license2) {
+        return ctx.badRequest("Failed to create license");
+      }
+      await licenseGuard2.storeLicenseKey(license2.licenseKey);
+      const pingInterval = licenseGuard2.startPinging(license2.licenseKey, 15);
+      strapi2.licenseGuard = {
+        licenseKey: license2.licenseKey,
+        pingInterval,
+        data: license2
+      };
+      return ctx.send({
+        success: true,
+        message: "License automatically created and activated",
+        data: license2
+      });
+    } catch (error) {
+      strapi2.log.error("[magic-sessionmanager] Error auto-creating license:", error);
+      return ctx.badRequest("Error creating license");
+    }
+  },
+  /**
+   * Get current license status
+   */
+  async getStatus(ctx) {
+    try {
+      const licenseGuard2 = strapi2.plugin("magic-sessionmanager").service("license-guard");
+      const pluginStore = strapi2.store({
+        type: "plugin",
+        name: "magic-sessionmanager"
+      });
+      const licenseKey = await pluginStore.get({ key: "licenseKey" });
+      if (!licenseKey) {
+        strapi2.log.debug("[magic-sessionmanager] No license key in store - demo mode");
+        return ctx.send({
+          success: false,
+          demo: true,
+          valid: false,
+          message: "No license found. Running in demo mode."
+        });
+      }
+      strapi2.log.info(`[magic-sessionmanager/license-controller] Checking stored license: ${licenseKey}`);
+      const verification = await licenseGuard2.verifyLicense(licenseKey);
+      const license2 = await licenseGuard2.getLicenseByKey(licenseKey);
+      strapi2.log.info("[magic-sessionmanager/license-controller] License data from MagicAPI:", {
+        licenseKey: license2?.licenseKey,
+        email: license2?.email,
+        featurePremium: license2?.featurePremium,
+        isActive: license2?.isActive,
+        pluginName: license2?.pluginName
+      });
+      return ctx.send({
+        success: true,
+        valid: verification.valid,
+        demo: false,
+        data: {
+          licenseKey,
+          email: license2?.email || null,
+          firstName: license2?.firstName || null,
+          lastName: license2?.lastName || null,
+          isActive: license2?.isActive || false,
+          isExpired: license2?.isExpired || false,
+          isOnline: license2?.isOnline || false,
+          expiresAt: license2?.expiresAt,
+          lastPingAt: license2?.lastPingAt,
+          deviceName: license2?.deviceName,
+          deviceId: license2?.deviceId,
+          ipAddress: license2?.ipAddress,
+          features: {
+            premium: license2?.featurePremium || false,
+            advanced: license2?.featureAdvanced || false,
+            enterprise: license2?.featureEnterprise || false,
+            custom: license2?.featureCustom || false
+          },
+          maxDevices: license2?.maxDevices || 1,
+          currentDevices: license2?.currentDevices || 0
+        }
+      });
+    } catch (error) {
+      strapi2.log.error("[magic-sessionmanager] Error getting license status:", error);
+      return ctx.badRequest("Error getting license status");
+    }
+  },
+  /**
+   * Create and activate a new license
+   */
+  async createAndActivate(ctx) {
+    try {
+      const { email, firstName, lastName } = ctx.request.body;
+      if (!email || !firstName || !lastName) {
+        return ctx.badRequest("Email, firstName, and lastName are required");
+      }
+      const licenseGuard2 = strapi2.plugin("magic-sessionmanager").service("license-guard");
+      const license2 = await licenseGuard2.createLicense({ email, firstName, lastName });
+      if (!license2) {
+        return ctx.badRequest("Failed to create license");
+      }
+      await licenseGuard2.storeLicenseKey(license2.licenseKey);
+      const pingInterval = licenseGuard2.startPinging(license2.licenseKey, 15);
+      strapi2.licenseGuard = {
+        licenseKey: license2.licenseKey,
+        pingInterval,
+        data: license2
+      };
+      return ctx.send({
+        success: true,
+        message: "License created and activated successfully",
+        data: license2
+      });
+    } catch (error) {
+      strapi2.log.error("[magic-sessionmanager] Error creating license:", error);
+      return ctx.badRequest("Error creating license");
+    }
+  },
+  /**
+   * Manually ping the current license
+   */
+  async ping(ctx) {
+    try {
+      const pluginStore = strapi2.store({
+        type: "plugin",
+        name: "magic-sessionmanager"
+      });
+      const licenseKey = await pluginStore.get({ key: "licenseKey" });
+      if (!licenseKey) {
+        return ctx.badRequest("No license key found");
+      }
+      const licenseGuard2 = strapi2.plugin("magic-sessionmanager").service("license-guard");
+      const pingResult = await licenseGuard2.pingLicense(licenseKey);
+      if (!pingResult) {
+        return ctx.badRequest("Ping failed");
+      }
+      return ctx.send({
+        success: true,
+        message: "License pinged successfully",
+        data: pingResult
+      });
+    } catch (error) {
+      strapi2.log.error("[magic-sessionmanager] Error pinging license:", error);
+      return ctx.badRequest("Error pinging license");
+    }
+  },
+  /**
+   * Store and validate an existing license key
+   */
+  async storeKey(ctx) {
+    try {
+      const { licenseKey, email } = ctx.request.body;
+      if (!licenseKey || !licenseKey.trim()) {
+        return ctx.badRequest("License key is required");
+      }
+      if (!email || !email.trim()) {
+        return ctx.badRequest("Email address is required");
+      }
+      const trimmedKey = licenseKey.trim();
+      const trimmedEmail = email.trim().toLowerCase();
+      const licenseGuard2 = strapi2.plugin("magic-sessionmanager").service("license-guard");
+      const verification = await licenseGuard2.verifyLicense(trimmedKey);
+      if (!verification.valid) {
+        strapi2.log.warn(`[magic-sessionmanager] ⚠️ Invalid license key attempted: ${trimmedKey.substring(0, 8)}...`);
+        return ctx.badRequest("Invalid or expired license key");
+      }
+      const license2 = await licenseGuard2.getLicenseByKey(trimmedKey);
+      if (!license2) {
+        strapi2.log.warn(`[magic-sessionmanager] ⚠️ License not found in database: ${trimmedKey.substring(0, 8)}...`);
+        return ctx.badRequest("License not found");
+      }
+      if (license2.email.toLowerCase() !== trimmedEmail) {
+        strapi2.log.warn(`[magic-sessionmanager] ⚠️ Email mismatch for license key: ${trimmedKey.substring(0, 8)}... (Attempted: ${trimmedEmail})`);
+        return ctx.badRequest("Email address does not match this license key");
+      }
+      await licenseGuard2.storeLicenseKey(trimmedKey);
+      const pingInterval = licenseGuard2.startPinging(trimmedKey, 15);
+      strapi2.licenseGuard = {
+        licenseKey: trimmedKey,
+        pingInterval,
+        data: verification.data
+      };
+      strapi2.log.info(`[magic-sessionmanager] ✅ Existing license key validated and stored: ${trimmedKey.substring(0, 8)}... (Email: ${trimmedEmail})`);
+      return ctx.send({
+        success: true,
+        message: "License key validated and activated successfully",
+        data: verification.data
+      });
+    } catch (error) {
+      strapi2.log.error("[magic-sessionmanager] Error storing license key:", error);
+      return ctx.badRequest("Error validating license key");
+    }
+  }
+});
+var settings$1 = {
+  /**
+   * Get plugin settings
+   */
+  async getSettings(ctx) {
+    try {
+      const pluginStore = strapi.store({
+        type: "plugin",
+        name: "magic-sessionmanager"
+      });
+      let settings2 = await pluginStore.get({ key: "settings" });
+      if (!settings2) {
+        settings2 = {
+          inactivityTimeout: 15,
+          cleanupInterval: 30,
+          lastSeenRateLimit: 30,
+          retentionDays: 90,
+          enableGeolocation: true,
+          enableSecurityScoring: true,
+          blockSuspiciousSessions: false,
+          maxFailedLogins: 5,
+          enableEmailAlerts: false,
+          alertOnSuspiciousLogin: true,
+          alertOnNewLocation: true,
+          alertOnVpnProxy: true,
+          enableWebhooks: false,
+          discordWebhookUrl: "",
+          slackWebhookUrl: "",
+          enableGeofencing: false,
+          allowedCountries: [],
+          blockedCountries: [],
+          emailTemplates: {
+            suspiciousLogin: { subject: "", html: "", text: "" },
+            newLocation: { subject: "", html: "", text: "" },
+            vpnProxy: { subject: "", html: "", text: "" }
+          }
+        };
+      }
+      ctx.send({
+        settings: settings2,
+        success: true
+      });
+    } catch (error) {
+      strapi.log.error("[magic-sessionmanager/settings] Error getting settings:", error);
+      ctx.badRequest("Error loading settings");
+    }
+  },
+  /**
+   * Update plugin settings
+   */
+  async updateSettings(ctx) {
+    try {
+      const { body } = ctx.request;
+      if (!body) {
+        return ctx.badRequest("Settings data is required");
+      }
+      const pluginStore = strapi.store({
+        type: "plugin",
+        name: "magic-sessionmanager"
+      });
+      const sanitizedSettings = {
+        inactivityTimeout: parseInt(body.inactivityTimeout) || 15,
+        cleanupInterval: parseInt(body.cleanupInterval) || 30,
+        lastSeenRateLimit: parseInt(body.lastSeenRateLimit) || 30,
+        retentionDays: parseInt(body.retentionDays) || 90,
+        enableGeolocation: !!body.enableGeolocation,
+        enableSecurityScoring: !!body.enableSecurityScoring,
+        blockSuspiciousSessions: !!body.blockSuspiciousSessions,
+        maxFailedLogins: parseInt(body.maxFailedLogins) || 5,
+        enableEmailAlerts: !!body.enableEmailAlerts,
+        alertOnSuspiciousLogin: !!body.alertOnSuspiciousLogin,
+        alertOnNewLocation: !!body.alertOnNewLocation,
+        alertOnVpnProxy: !!body.alertOnVpnProxy,
+        enableWebhooks: !!body.enableWebhooks,
+        discordWebhookUrl: String(body.discordWebhookUrl || ""),
+        slackWebhookUrl: String(body.slackWebhookUrl || ""),
+        enableGeofencing: !!body.enableGeofencing,
+        allowedCountries: Array.isArray(body.allowedCountries) ? body.allowedCountries : [],
+        blockedCountries: Array.isArray(body.blockedCountries) ? body.blockedCountries : [],
+        emailTemplates: body.emailTemplates || {
+          suspiciousLogin: { subject: "", html: "", text: "" },
+          newLocation: { subject: "", html: "", text: "" },
+          vpnProxy: { subject: "", html: "", text: "" }
+        }
+      };
+      await pluginStore.set({
+        key: "settings",
+        value: sanitizedSettings
+      });
+      strapi.log.info("[magic-sessionmanager/settings] Settings updated successfully");
+      ctx.send({
+        settings: sanitizedSettings,
+        success: true,
+        message: "Settings saved successfully!"
+      });
+    } catch (error) {
+      strapi.log.error("[magic-sessionmanager/settings] Error updating settings:", error);
+      ctx.badRequest("Error saving settings");
+    }
+  }
+};
+const session$2 = session$3;
+const license = license$1;
+const settings = settings$1;
+var controllers$1 = {
+  session: session$2,
+  license,
+  settings
+};
+var session$1 = ({ strapi: strapi2 }) => ({
+  /**
+   * Create a new session record
+   * @param {Object} params - { userId, ip, userAgent, token }
+   * @returns {Promise<Object>} Created session
+   */
+  async createSession({ userId, ip = "unknown", userAgent = "unknown", token }) {
+    try {
+      const now = /* @__PURE__ */ new Date();
+      const session2 = await strapi2.entityService.create("api::session.session", {
+        data: {
+          user: userId,
+          ipAddress: ip.substring(0, 45),
+          userAgent: userAgent.substring(0, 500),
+          loginTime: now,
+          lastActive: now,
+          isActive: true,
+          token
+          // Store JWT for logout matching
+        }
+      });
+      strapi2.log.info(`[magic-sessionmanager] ✅ Session ${session2.id} created for user ${userId}`);
+      return session2;
+    } catch (err) {
+      strapi2.log.error("[magic-sessionmanager] Error creating session:", err);
+      throw err;
+    }
+  },
+  /**
+   * Terminate a session or all sessions for a user
+   * @param {Object} params - { sessionId | userId }
+   * @returns {Promise<void>}
+   */
+  async terminateSession({ sessionId, userId }) {
+    try {
+      const now = /* @__PURE__ */ new Date();
+      if (sessionId) {
+        await strapi2.entityService.update("api::session.session", sessionId, {
+          data: {
+            isActive: false,
+            logoutTime: now
+          }
+        });
+        strapi2.log.info(`[magic-sessionmanager] Session ${sessionId} terminated`);
+      } else if (userId) {
+        const activeSessions = await strapi2.entityService.findMany("api::session.session", {
+          filters: {
+            user: { id: userId },
+            isActive: true
+          }
+        });
+        for (const session2 of activeSessions) {
+          await strapi2.entityService.update("api::session.session", session2.id, {
+            data: {
+              isActive: false,
+              logoutTime: now
+            }
+          });
+        }
+        strapi2.log.info(`[magic-sessionmanager] All sessions terminated for user ${userId}`);
+      }
+    } catch (err) {
+      strapi2.log.error("[magic-sessionmanager] Error terminating session:", err);
+      throw err;
+    }
+  },
+  /**
+   * Get ALL sessions (active + inactive) with accurate online status
+   * @returns {Promise<Array>} All sessions with enhanced data
+   */
+  async getAllSessions() {
+    try {
+      const sessions = await strapi2.entityService.findMany("api::session.session", {
+        populate: { user: { fields: ["id", "email", "username"] } },
+        sort: { loginTime: "desc" },
+        limit: 1e3
+        // Reasonable limit
+      });
+      const config2 = strapi2.config.get("plugin::magic-sessionmanager") || {};
+      const inactivityTimeout = config2.inactivityTimeout || 15 * 60 * 1e3;
+      const now = /* @__PURE__ */ new Date();
+      const enhancedSessions = sessions.map((session2) => {
+        const lastActiveTime = session2.lastActive ? new Date(session2.lastActive) : new Date(session2.loginTime);
+        const timeSinceActive = now - lastActiveTime;
+        const isTrulyActive = session2.isActive && timeSinceActive < inactivityTimeout;
+        const { token, ...sessionWithoutToken } = session2;
+        return {
+          ...sessionWithoutToken,
+          isTrulyActive,
+          minutesSinceActive: Math.floor(timeSinceActive / 1e3 / 60)
+        };
+      });
+      return enhancedSessions;
+    } catch (err) {
+      strapi2.log.error("[magic-sessionmanager] Error getting all sessions:", err);
+      throw err;
+    }
+  },
+  /**
+   * Get all active sessions with accurate online status
+   * @returns {Promise<Array>} Active sessions with user data and online status
+   */
+  async getActiveSessions() {
+    try {
+      const sessions = await strapi2.entityService.findMany("api::session.session", {
+        filters: { isActive: true },
+        populate: { user: { fields: ["id", "email", "username"] } },
+        sort: { loginTime: "desc" }
+      });
+      const config2 = strapi2.config.get("plugin::magic-sessionmanager") || {};
+      const inactivityTimeout = config2.inactivityTimeout || 15 * 60 * 1e3;
+      const now = /* @__PURE__ */ new Date();
+      const enhancedSessions = sessions.map((session2) => {
+        const lastActiveTime = session2.lastActive ? new Date(session2.lastActive) : new Date(session2.loginTime);
+        const timeSinceActive = now - lastActiveTime;
+        const isTrulyActive = timeSinceActive < inactivityTimeout;
+        const { token, ...sessionWithoutToken } = session2;
+        return {
+          ...sessionWithoutToken,
+          isTrulyActive,
+          minutesSinceActive: Math.floor(timeSinceActive / 1e3 / 60)
+        };
+      });
+      return enhancedSessions.filter((s) => s.isTrulyActive);
+    } catch (err) {
+      strapi2.log.error("[magic-sessionmanager] Error getting active sessions:", err);
+      throw err;
+    }
+  },
+  /**
+   * Get all sessions for a specific user
+   * @param {number} userId
+   * @returns {Promise<Array>} User's sessions with accurate online status
+   */
+  async getUserSessions(userId) {
+    try {
+      const sessions = await strapi2.entityService.findMany("api::session.session", {
+        filters: { user: { id: userId } },
+        sort: { loginTime: "desc" }
+      });
+      const config2 = strapi2.config.get("plugin::magic-sessionmanager") || {};
+      const inactivityTimeout = config2.inactivityTimeout || 15 * 60 * 1e3;
+      const now = /* @__PURE__ */ new Date();
+      const enhancedSessions = sessions.map((session2) => {
+        const lastActiveTime = session2.lastActive ? new Date(session2.lastActive) : new Date(session2.loginTime);
+        const timeSinceActive = now - lastActiveTime;
+        const isTrulyActive = session2.isActive && timeSinceActive < inactivityTimeout;
+        const { token, ...sessionWithoutToken } = session2;
+        return {
+          ...sessionWithoutToken,
+          isTrulyActive,
+          minutesSinceActive: Math.floor(timeSinceActive / 1e3 / 60)
+        };
+      });
+      return enhancedSessions;
+    } catch (err) {
+      strapi2.log.error("[magic-sessionmanager] Error getting user sessions:", err);
+      throw err;
+    }
+  },
+  /**
+   * Update lastActive timestamp on session (rate-limited to avoid DB noise)
+   * @param {Object} params - { userId, sessionId }
+   * @returns {Promise<void>}
+   */
+  async touch({ userId, sessionId }) {
+    try {
+      const now = /* @__PURE__ */ new Date();
+      const config2 = strapi2.config.get("plugin::magic-sessionmanager") || {};
+      const rateLimit = config2.lastSeenRateLimit || 3e4;
+      if (sessionId) {
+        const session2 = await strapi2.entityService.findOne("api::session.session", sessionId);
+        if (session2 && session2.lastActive) {
+          const lastActiveTime = new Date(session2.lastActive).getTime();
+          const currentTime = now.getTime();
+          if (currentTime - lastActiveTime > rateLimit) {
+            await strapi2.entityService.update("api::session.session", sessionId, {
+              data: { lastActive: now }
+            });
+          }
+        } else if (session2) {
+          await strapi2.entityService.update("api::session.session", sessionId, {
+            data: { lastActive: now }
+          });
+        }
+      }
+    } catch (err) {
+      strapi2.log.debug("[magic-sessionmanager] Error touching session:", err.message);
+    }
+  },
+  /**
+   * Cleanup inactive sessions - set isActive to false for sessions older than inactivityTimeout
+   * Should be called on bootstrap to clean up stale sessions
+   */
+  async cleanupInactiveSessions() {
+    try {
+      const config2 = strapi2.config.get("plugin::magic-sessionmanager") || {};
+      const inactivityTimeout = config2.inactivityTimeout || 15 * 60 * 1e3;
+      const now = /* @__PURE__ */ new Date();
+      const cutoffTime = new Date(now.getTime() - inactivityTimeout);
+      strapi2.log.info(`[magic-sessionmanager] 🧹 Cleaning up sessions inactive since before ${cutoffTime.toISOString()}`);
+      const activeSessions = await strapi2.entityService.findMany("api::session.session", {
+        filters: { isActive: true },
+        fields: ["id", "lastActive", "loginTime"]
+      });
+      let deactivatedCount = 0;
+      for (const session2 of activeSessions) {
+        const lastActiveTime = session2.lastActive ? new Date(session2.lastActive) : new Date(session2.loginTime);
+        if (lastActiveTime < cutoffTime) {
+          await strapi2.entityService.update("api::session.session", session2.id, {
+            data: { isActive: false }
+          });
+          deactivatedCount++;
+        }
+      }
+      strapi2.log.info(`[magic-sessionmanager] ✅ Cleanup complete: ${deactivatedCount} sessions deactivated`);
+      return deactivatedCount;
+    } catch (err) {
+      strapi2.log.error("[magic-sessionmanager] Error cleaning up inactive sessions:", err);
+      throw err;
+    }
+  },
+  /**
+   * Delete a single session from database
+   * WARNING: This permanently deletes the record!
+   * @param {number} sessionId - Session ID to delete
+   * @returns {Promise<boolean>} Success status
+   */
+  async deleteSession(sessionId) {
+    try {
+      await strapi2.entityService.delete("api::session.session", sessionId);
+      strapi2.log.info(`[magic-sessionmanager] 🗑️ Session ${sessionId} permanently deleted`);
+      return true;
+    } catch (err) {
+      strapi2.log.error("[magic-sessionmanager] Error deleting session:", err);
+      throw err;
+    }
+  },
+  /**
+   * Delete all inactive sessions from database
+   * WARNING: This permanently deletes records!
+   * @returns {Promise<number>} Number of deleted sessions
+   */
+  async deleteInactiveSessions() {
+    try {
+      strapi2.log.info("[magic-sessionmanager] 🗑️ Deleting all inactive sessions...");
+      const inactiveSessions = await strapi2.entityService.findMany("api::session.session", {
+        filters: { isActive: false },
+        fields: ["id"]
+      });
+      let deletedCount = 0;
+      for (const session2 of inactiveSessions) {
+        await strapi2.entityService.delete("api::session.session", session2.id);
+        deletedCount++;
+      }
+      strapi2.log.info(`[magic-sessionmanager] ✅ Deleted ${deletedCount} inactive sessions`);
+      return deletedCount;
+    } catch (err) {
+      strapi2.log.error("[magic-sessionmanager] Error deleting inactive sessions:", err);
+      throw err;
+    }
+  }
+});
+const crypto = require$$0__default.default;
+const os = require$$1__default.default;
+const LICENSE_SERVER_URL = "https://magicapi.fitlex.me";
+var licenseGuard$1 = ({ strapi: strapi2 }) => ({
+  /**
+   * Get license server URL
+   */
+  getLicenseServerUrl() {
+    return LICENSE_SERVER_URL;
+  },
+  /**
+   * Generate device ID
+   */
+  generateDeviceId() {
+    try {
+      const networkInterfaces = os.networkInterfaces();
+      const macAddresses = [];
+      Object.values(networkInterfaces).forEach((interfaces) => {
+        interfaces?.forEach((iface) => {
+          if (iface.mac && iface.mac !== "00:00:00:00:00:00") {
+            macAddresses.push(iface.mac);
+          }
+        });
+      });
+      const identifier = `${macAddresses.join("-")}-${os.hostname()}`;
+      return crypto.createHash("sha256").update(identifier).digest("hex").substring(0, 32);
+    } catch (error) {
+      return crypto.randomBytes(16).toString("hex");
+    }
+  },
+  getDeviceName() {
+    try {
+      return os.hostname() || "Unknown Device";
+    } catch (error) {
+      return "Unknown Device";
+    }
+  },
+  getIpAddress() {
+    try {
+      const networkInterfaces = os.networkInterfaces();
+      for (const name of Object.keys(networkInterfaces)) {
+        const interfaces = networkInterfaces[name];
+        if (interfaces) {
+          for (const iface of interfaces) {
+            if (iface.family === "IPv4" && !iface.internal) {
+              return iface.address;
+            }
+          }
+        }
+      }
+      return "127.0.0.1";
+    } catch (error) {
+      return "127.0.0.1";
+    }
+  },
+  getUserAgent() {
+    return `Strapi/${strapi2.config.get("info.strapi") || "5.0.0"} Node/${process.version} ${os.platform()}/${os.release()}`;
+  },
+  async createLicense({ email, firstName, lastName }) {
+    try {
+      const deviceId = this.generateDeviceId();
+      const deviceName = this.getDeviceName();
+      const ipAddress = this.getIpAddress();
+      const userAgent = this.getUserAgent();
+      const licenseServerUrl = this.getLicenseServerUrl();
+      const response = await fetch(`${licenseServerUrl}/api/licenses/create`, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({
+          email,
+          firstName,
+          lastName,
+          deviceName,
+          deviceId,
+          ipAddress,
+          userAgent,
+          pluginName: "magic-sessionmanager",
+          productName: "Magic Session Manager - Premium Session Tracking"
+        })
+      });
+      const data = await response.json();
+      if (data.success) {
+        strapi2.log.info("[magic-sessionmanager] ✅ License created:", data.data.licenseKey);
+        return data.data;
+      } else {
+        strapi2.log.error("[magic-sessionmanager] ❌ License creation failed:", data);
+        return null;
+      }
+    } catch (error) {
+      strapi2.log.error("[magic-sessionmanager] ❌ Error creating license:", error);
+      return null;
+    }
+  },
+  async verifyLicense(licenseKey, allowGracePeriod = false) {
+    try {
+      const controller = new AbortController();
+      const timeoutId = setTimeout(() => controller.abort(), 5e3);
+      const licenseServerUrl = this.getLicenseServerUrl();
+      const response = await fetch(`${licenseServerUrl}/api/licenses/verify`, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({
+          licenseKey,
+          pluginName: "magic-sessionmanager",
+          productName: "Magic Session Manager - Premium Session Tracking"
+        }),
+        signal: controller.signal
+      });
+      clearTimeout(timeoutId);
+      const data = await response.json();
+      if (data.success && data.data) {
+        return { valid: true, data: data.data, gracePeriod: false };
+      } else {
+        return { valid: false, data: null };
+      }
+    } catch (error) {
+      if (allowGracePeriod) {
+        return { valid: true, data: null, gracePeriod: true };
+      }
+      return { valid: false, data: null };
+    }
+  },
+  async getLicenseByKey(licenseKey) {
+    try {
+      const licenseServerUrl = this.getLicenseServerUrl();
+      const url = `${licenseServerUrl}/api/licenses/key/${licenseKey}`;
+      strapi2.log.debug(`[magic-sessionmanager/license-guard] Fetching license from: ${url}`);
+      const response = await fetch(url, {
+        method: "GET",
+        headers: { "Content-Type": "application/json" }
+      });
+      const data = await response.json();
+      if (data.success && data.data) {
+        strapi2.log.debug(`[magic-sessionmanager/license-guard] License fetched: ${data.data.email}, featurePremium: ${data.data.featurePremium}`);
+        return data.data;
+      }
+      strapi2.log.warn(`[magic-sessionmanager/license-guard] License API returned no data`);
+      return null;
+    } catch (error) {
+      strapi2.log.error("[magic-sessionmanager/license-guard] Error fetching license by key:", error);
+      return null;
+    }
+  },
+  async pingLicense(licenseKey) {
+    try {
+      const deviceId = this.generateDeviceId();
+      const deviceName = this.getDeviceName();
+      const ipAddress = this.getIpAddress();
+      const userAgent = this.getUserAgent();
+      const licenseServerUrl = this.getLicenseServerUrl();
+      const response = await fetch(`${licenseServerUrl}/api/licenses/ping`, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({
+          licenseKey,
+          deviceId,
+          deviceName,
+          ipAddress,
+          userAgent,
+          pluginName: "magic-sessionmanager"
+        })
+      });
+      const data = await response.json();
+      return data.success ? data.data : null;
+    } catch (error) {
+      return null;
+    }
+  },
+  async storeLicenseKey(licenseKey) {
+    const pluginStore = strapi2.store({
+      type: "plugin",
+      name: "magic-sessionmanager"
+    });
+    await pluginStore.set({ key: "licenseKey", value: licenseKey });
+    strapi2.log.info(`[magic-sessionmanager] ✅ License key stored: ${licenseKey.substring(0, 8)}...`);
+  },
+  startPinging(licenseKey, intervalMinutes = 15) {
+    strapi2.log.info(`[magic-sessionmanager] ⏰ Starting license pings every ${intervalMinutes} minutes`);
+    this.pingLicense(licenseKey);
+    const interval = setInterval(async () => {
+      try {
+        await this.pingLicense(licenseKey);
+      } catch (error) {
+        strapi2.log.error("[magic-sessionmanager] Ping error:", error);
+      }
+    }, intervalMinutes * 60 * 1e3);
+    return interval;
+  },
+  /**
+   * Initialize license guard
+   * Checks for existing license and starts pinging
+   */
+  async initialize() {
+    try {
+      strapi2.log.info("[magic-sessionmanager] 🔐 Initializing License Guard...");
+      const pluginStore = strapi2.store({
+        type: "plugin",
+        name: "magic-sessionmanager"
+      });
+      const licenseKey = await pluginStore.get({ key: "licenseKey" });
+      if (!licenseKey) {
+        strapi2.log.info("[magic-sessionmanager] ℹ️ No license found - Running in demo mode");
+        return {
+          valid: false,
+          demo: true,
+          data: null
+        };
+      }
+      const lastValidated = await pluginStore.get({ key: "lastValidated" });
+      const now = /* @__PURE__ */ new Date();
+      const gracePeriodHours = 24;
+      let withinGracePeriod = false;
+      if (lastValidated) {
+        const lastValidatedDate = new Date(lastValidated);
+        const hoursSinceValidation = (now.getTime() - lastValidatedDate.getTime()) / (1e3 * 60 * 60);
+        withinGracePeriod = hoursSinceValidation < gracePeriodHours;
+      }
+      const verification = await this.verifyLicense(licenseKey, withinGracePeriod);
+      if (verification.valid) {
+        await pluginStore.set({
+          key: "lastValidated",
+          value: now.toISOString()
+        });
+        const pingInterval = this.startPinging(licenseKey, 15);
+        strapi2.licenseGuard = {
+          licenseKey,
+          pingInterval,
+          data: verification.data
+        };
+        return {
+          valid: true,
+          demo: false,
+          data: verification.data,
+          gracePeriod: verification.gracePeriod || false
+        };
+      } else {
+        strapi2.log.error("[magic-sessionmanager] ❌ License validation failed");
+        return {
+          valid: false,
+          demo: true,
+          error: "Invalid or expired license",
+          data: null
+        };
+      }
+    } catch (error) {
+      strapi2.log.error("[magic-sessionmanager] ❌ Error initializing License Guard:", error);
+      return {
+        valid: false,
+        demo: true,
+        error: error.message,
+        data: null
+      };
+    }
+  }
+});
+var geolocation$1 = ({ strapi: strapi2 }) => ({
+  /**
+   * Get IP information from ipapi.co
+   * @param {string} ipAddress - IP to lookup
+   * @returns {Promise<Object>} Geolocation data
+   */
+  async getIpInfo(ipAddress) {
+    try {
+      if (!ipAddress || ipAddress === "127.0.0.1" || ipAddress === "::1" || ipAddress.startsWith("192.168.") || ipAddress.startsWith("10.")) {
+        return {
+          ip: ipAddress,
+          country: "Local Network",
+          country_code: "XX",
+          country_flag: "🏠",
+          city: "Localhost",
+          region: "Private Network",
+          timezone: Intl.DateTimeFormat().resolvedOptions().timeZone,
+          latitude: null,
+          longitude: null,
+          isVpn: false,
+          isProxy: false,
+          isThreat: false,
+          securityScore: 100,
+          riskLevel: "None"
+        };
+      }
+      const response = await fetch(`https://ipapi.co/${ipAddress}/json/`, {
+        method: "GET",
+        headers: {
+          "User-Agent": "Strapi-Magic-SessionManager/1.0"
+        }
+      });
+      if (!response.ok) {
+        throw new Error(`API returned ${response.status}`);
+      }
+      const data = await response.json();
+      if (data.error) {
+        strapi2.log.warn(`[magic-sessionmanager/geolocation] API Error: ${data.reason}`);
+        return this.getFallbackData(ipAddress);
+      }
+      const result = {
+        ip: data.ip,
+        country: data.country_name,
+        country_code: data.country_code,
+        country_flag: this.getCountryFlag(data.country_code),
+        city: data.city,
+        region: data.region,
+        timezone: data.timezone,
+        latitude: data.latitude,
+        longitude: data.longitude,
+        postal: data.postal,
+        org: data.org,
+        asn: data.asn,
+        // Security features (available in ipapi.co response)
+        isVpn: data.threat?.is_vpn || false,
+        isProxy: data.threat?.is_proxy || false,
+        isThreat: data.threat?.is_threat || false,
+        isAnonymous: data.threat?.is_anonymous || false,
+        isTor: data.threat?.is_tor || false,
+        // Calculate security score (0-100, higher is safer)
+        securityScore: this.calculateSecurityScore({
+          isVpn: data.threat?.is_vpn,
+          isProxy: data.threat?.is_proxy,
+          isThreat: data.threat?.is_threat,
+          isAnonymous: data.threat?.is_anonymous,
+          isTor: data.threat?.is_tor
+        }),
+        riskLevel: this.getRiskLevel({
+          isVpn: data.threat?.is_vpn,
+          isProxy: data.threat?.is_proxy,
+          isThreat: data.threat?.is_threat
+        })
+      };
+      strapi2.log.debug(`[magic-sessionmanager/geolocation] IP ${ipAddress}: ${result.city}, ${result.country} (Score: ${result.securityScore})`);
+      return result;
+    } catch (error) {
+      strapi2.log.error(`[magic-sessionmanager/geolocation] Error fetching IP info for ${ipAddress}:`, error.message);
+      return this.getFallbackData(ipAddress);
+    }
+  },
+  /**
+   * Calculate security score based on threat indicators
+   */
+  calculateSecurityScore({ isVpn, isProxy, isThreat, isAnonymous, isTor }) {
+    let score = 100;
+    if (isTor) score -= 50;
+    if (isThreat) score -= 40;
+    if (isVpn) score -= 20;
+    if (isProxy) score -= 15;
+    if (isAnonymous) score -= 10;
+    return Math.max(0, score);
+  },
+  /**
+   * Get risk level based on indicators
+   */
+  getRiskLevel({ isVpn, isProxy, isThreat }) {
+    if (isThreat) return "High";
+    if (isVpn && isProxy) return "Medium-High";
+    if (isVpn || isProxy) return "Medium";
+    return "Low";
+  },
+  /**
+   * Get country flag emoji
+   */
+  getCountryFlag(countryCode) {
+    if (!countryCode) return "🏳️";
+    const codePoints = countryCode.toUpperCase().split("").map((char) => 127397 + char.charCodeAt());
+    return String.fromCodePoint(...codePoints);
+  },
+  /**
+   * Fallback data when API fails
+   */
+  getFallbackData(ipAddress) {
+    return {
+      ip: ipAddress,
+      country: "Unknown",
+      country_code: "XX",
+      country_flag: "🌍",
+      city: "Unknown",
+      region: "Unknown",
+      timezone: "Unknown",
+      latitude: null,
+      longitude: null,
+      isVpn: false,
+      isProxy: false,
+      isThreat: false,
+      securityScore: 50,
+      riskLevel: "Unknown"
+    };
+  },
+  /**
+   * Batch lookup multiple IPs (for efficiency)
+   */
+  async batchGetIpInfo(ipAddresses) {
+    const results = await Promise.all(
+      ipAddresses.map((ip) => this.getIpInfo(ip))
+    );
+    return results;
+  }
+});
+var notifications$1 = ({ strapi: strapi2 }) => ({
+  /**
+   * Get email templates from database settings
+   * Falls back to default hardcoded templates if not found
+   */
+  async getEmailTemplates() {
+    try {
+      const pluginStore = strapi2.store({
+        type: "plugin",
+        name: "magic-sessionmanager"
+      });
+      const settings2 = await pluginStore.get({ key: "settings" });
+      if (settings2?.emailTemplates && Object.keys(settings2.emailTemplates).length > 0) {
+        const hasContent = Object.values(settings2.emailTemplates).some(
+          (template) => template.html || template.text
+        );
+        if (hasContent) {
+          strapi2.log.debug("[magic-sessionmanager/notifications] Using templates from database");
+          return settings2.emailTemplates;
+        }
+      }
+    } catch (err) {
+      strapi2.log.warn("[magic-sessionmanager/notifications] Could not load templates from DB, using defaults:", err.message);
+    }
+    strapi2.log.debug("[magic-sessionmanager/notifications] Using default fallback templates");
+    return {
+      suspiciousLogin: {
+        subject: "🚨 Suspicious Login Alert - Session Manager",
+        html: `
+<html>
+<body style="font-family: Arial, sans-serif; line-height: 1.6; color: #333;">
+  <div style="max-width: 600px; margin: 0 auto; padding: 20px; background-color: #f9fafb; border-radius: 10px;">
+    <h2 style="color: #dc2626;">🚨 Suspicious Login Detected</h2>
+    <p>A potentially suspicious login was detected for your account.</p>
+    
+    <div style="background: white; padding: 15px; border-radius: 8px; margin: 20px 0;">
+      <h3 style="margin-top: 0;">Account Information:</h3>
+      <ul>
+        <li><strong>Email:</strong> {{user.email}}</li>
+        <li><strong>Username:</strong> {{user.username}}</li>
+      </ul>
+      
+      <h3>Login Details:</h3>
+      <ul>
+        <li><strong>Time:</strong> {{session.loginTime}}</li>
+        <li><strong>IP Address:</strong> {{session.ipAddress}}</li>
+        <li><strong>Location:</strong> {{geo.city}}, {{geo.country}}</li>
+        <li><strong>Timezone:</strong> {{geo.timezone}}</li>
+        <li><strong>Device:</strong> {{session.userAgent}}</li>
+      </ul>
+      
+      <h3 style="color: #dc2626;">Security Alert:</h3>
+      <ul>
+        <li>VPN Detected: {{reason.isVpn}}</li>
+        <li>Proxy Detected: {{reason.isProxy}}</li>
+        <li>Threat Detected: {{reason.isThreat}}</li>
+        <li>Security Score: {{reason.securityScore}}/100</li>
+      </ul>
+    </div>
+    
+    <p>If this was you, you can safely ignore this email. If you don't recognize this activity, please secure your account immediately.</p>
+    
+    <hr style="border: none; border-top: 1px solid #e5e7eb; margin: 20px 0;"/>
+    <p style="color: #666; font-size: 12px;">This is an automated security notification from Magic Session Manager.</p>
+  </div>
+</body>
+</html>`,
+        text: `🚨 Suspicious Login Detected
+
+A potentially suspicious login was detected for your account.
+
+Account: {{user.email}}
+Username: {{user.username}}
+
+Login Details:
+- Time: {{session.loginTime}}
+- IP: {{session.ipAddress}}
+- Location: {{geo.city}}, {{geo.country}}
+
+Security: VPN={{reason.isVpn}}, Proxy={{reason.isProxy}}, Threat={{reason.isThreat}}, Score={{reason.securityScore}}/100`
+      },
+      newLocation: {
+        subject: "📍 New Location Login Detected",
+        html: `<h2>📍 New Location Login</h2><p>Account: {{user.email}}</p><p>Time: {{session.loginTime}}</p><p>Location: {{geo.city}}, {{geo.country}}</p><p>IP: {{session.ipAddress}}</p>`,
+        text: `📍 New Location Login
+
+Account: {{user.email}}
+Time: {{session.loginTime}}
+Location: {{geo.city}}, {{geo.country}}
+IP: {{session.ipAddress}}`
+      },
+      vpnProxy: {
+        subject: "⚠️ VPN/Proxy Login Detected",
+        html: `<h2>⚠️ VPN/Proxy Detected</h2><p>Account: {{user.email}}</p><p>Time: {{session.loginTime}}</p><p>IP: {{session.ipAddress}}</p><p>VPN: {{reason.isVpn}}, Proxy: {{reason.isProxy}}</p>`,
+        text: `⚠️ VPN/Proxy Detected
+
+Account: {{user.email}}
+Time: {{session.loginTime}}
+IP: {{session.ipAddress}}
+VPN: {{reason.isVpn}}, Proxy: {{reason.isProxy}}`
+      }
+    };
+  },
+  /**
+   * Replace template variables with actual values
+   */
+  replaceVariables(template, data) {
+    let result = template;
+    result = result.replace(/\{\{user\.email\}\}/g, data.user?.email || "N/A");
+    result = result.replace(/\{\{user\.username\}\}/g, data.user?.username || "N/A");
+    result = result.replace(
+      /\{\{session\.loginTime\}\}/g,
+      data.session?.loginTime ? new Date(data.session.loginTime).toLocaleString() : "N/A"
+    );
+    result = result.replace(/\{\{session\.ipAddress\}\}/g, data.session?.ipAddress || "N/A");
+    result = result.replace(/\{\{session\.userAgent\}\}/g, data.session?.userAgent || "N/A");
+    result = result.replace(/\{\{geo\.city\}\}/g, data.geoData?.city || "Unknown");
+    result = result.replace(/\{\{geo\.country\}\}/g, data.geoData?.country || "Unknown");
+    result = result.replace(/\{\{geo\.timezone\}\}/g, data.geoData?.timezone || "Unknown");
+    result = result.replace(/\{\{reason\.isVpn\}\}/g, data.reason?.isVpn ? "Yes" : "No");
+    result = result.replace(/\{\{reason\.isProxy\}\}/g, data.reason?.isProxy ? "Yes" : "No");
+    result = result.replace(/\{\{reason\.isThreat\}\}/g, data.reason?.isThreat ? "Yes" : "No");
+    result = result.replace(/\{\{reason\.securityScore\}\}/g, data.reason?.securityScore || "0");
+    return result;
+  },
+  /**
+   * Send suspicious login alert
+   * @param {Object} params - { user, session, reason, geoData }
+   */
+  async sendSuspiciousLoginAlert({ user, session: session2, reason, geoData }) {
+    try {
+      const templates = await this.getEmailTemplates();
+      const template = templates.suspiciousLogin;
+      const data = { user, session: session2, reason, geoData };
+      const htmlContent = this.replaceVariables(template.html, data);
+      const textContent = this.replaceVariables(template.text, data);
+      await strapi2.plugins["email"].services.email.send({
+        to: user.email,
+        subject: template.subject,
+        html: htmlContent,
+        text: textContent
+      });
+      strapi2.log.info(`[magic-sessionmanager/notifications] Suspicious login alert sent to ${user.email}`);
+      return true;
+    } catch (err) {
+      strapi2.log.error("[magic-sessionmanager/notifications] Error sending email:", err);
+      return false;
+    }
+  },
+  /**
+   * Send new location login alert
+   * @param {Object} params - { user, session, geoData }
+   */
+  async sendNewLocationAlert({ user, session: session2, geoData }) {
+    try {
+      const templates = await this.getEmailTemplates();
+      const template = templates.newLocation;
+      const data = { user, session: session2, geoData, reason: {} };
+      const htmlContent = this.replaceVariables(template.html, data);
+      const textContent = this.replaceVariables(template.text, data);
+      await strapi2.plugins["email"].services.email.send({
+        to: user.email,
+        subject: template.subject,
+        html: htmlContent,
+        text: textContent
+      });
+      strapi2.log.info(`[magic-sessionmanager/notifications] New location alert sent to ${user.email}`);
+      return true;
+    } catch (err) {
+      strapi2.log.error("[magic-sessionmanager/notifications] Error sending new location email:", err);
+      return false;
+    }
+  },
+  /**
+   * Send VPN/Proxy login alert
+   * @param {Object} params - { user, session, reason, geoData }
+   */
+  async sendVpnProxyAlert({ user, session: session2, reason, geoData }) {
+    try {
+      const templates = await this.getEmailTemplates();
+      const template = templates.vpnProxy;
+      const data = { user, session: session2, reason, geoData };
+      const htmlContent = this.replaceVariables(template.html, data);
+      const textContent = this.replaceVariables(template.text, data);
+      await strapi2.plugins["email"].services.email.send({
+        to: user.email,
+        subject: template.subject,
+        html: htmlContent,
+        text: textContent
+      });
+      strapi2.log.info(`[magic-sessionmanager/notifications] VPN/Proxy alert sent to ${user.email}`);
+      return true;
+    } catch (err) {
+      strapi2.log.error("[magic-sessionmanager/notifications] Error sending VPN/Proxy email:", err);
+      return false;
+    }
+  },
+  /**
+   * Send webhook notification
+   * @param {Object} params - { event, data, webhookUrl }
+   */
+  async sendWebhook({ event, data, webhookUrl }) {
+    try {
+      const payload = {
+        event,
+        timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+        data,
+        source: "magic-sessionmanager"
+      };
+      const response = await fetch(webhookUrl, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          "User-Agent": "Strapi-Magic-SessionManager-Webhook/1.0"
+        },
+        body: JSON.stringify(payload)
+      });
+      if (response.ok) {
+        strapi2.log.info(`[magic-sessionmanager/notifications] Webhook sent: ${event}`);
+        return true;
+      } else {
+        strapi2.log.warn(`[magic-sessionmanager/notifications] Webhook failed: ${response.status}`);
+        return false;
+      }
+    } catch (err) {
+      strapi2.log.error("[magic-sessionmanager/notifications] Webhook error:", err);
+      return false;
+    }
+  },
+  /**
+   * Format webhook for Discord
+   * @param {Object} params - { event, session, user, geoData }
+   */
+  formatDiscordWebhook({ event, session: session2, user, geoData }) {
+    const embed = {
+      title: this.getEventTitle(event),
+      color: this.getEventColor(event),
+      fields: [
+        { name: "👤 User", value: `${user.email}
+${user.username || "N/A"}`, inline: true },
+        { name: "🌐 IP", value: session2.ipAddress, inline: true },
+        { name: "📅 Time", value: new Date(session2.loginTime).toLocaleString(), inline: false }
+      ],
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      footer: { text: "Magic Session Manager" }
+    };
+    if (geoData) {
+      embed.fields.push({
+        name: "📍 Location",
+        value: `${geoData.country_flag} ${geoData.city}, ${geoData.country}`,
+        inline: true
+      });
+      if (geoData.isVpn || geoData.isProxy || geoData.isThreat) {
+        const warnings = [];
+        if (geoData.isVpn) warnings.push("VPN");
+        if (geoData.isProxy) warnings.push("Proxy");
+        if (geoData.isThreat) warnings.push("Threat");
+        embed.fields.push({
+          name: "⚠️ Security",
+          value: `${warnings.join(", ")} detected
+Score: ${geoData.securityScore}/100`,
+          inline: true
+        });
+      }
+    }
+    return { embeds: [embed] };
+  },
+  getEventTitle(event) {
+    const titles = {
+      "login.suspicious": "🚨 Suspicious Login",
+      "login.new_location": "📍 New Location Login",
+      "login.vpn": "🔴 VPN Login Detected",
+      "login.threat": "⛔ Threat IP Login",
+      "session.terminated": "🔴 Session Terminated"
+    };
+    return titles[event] || "📊 Session Event";
+  },
+  getEventColor(event) {
+    const colors = {
+      "login.suspicious": 16711680,
+      // Red
+      "login.new_location": 16753920,
+      // Orange
+      "login.vpn": 16739179,
+      // Light Red
+      "login.threat": 9109504,
+      // Dark Red
+      "session.terminated": 8421504
+      // Gray
+    };
+    return colors[event] || 5793266;
+  }
+});
+const session = session$1;
+const licenseGuard = licenseGuard$1;
+const geolocation = geolocation$1;
+const notifications = notifications$1;
+var services$1 = {
+  session,
+  "license-guard": licenseGuard,
+  geolocation,
+  notifications
+};
+var middlewares$1 = {
+  "last-seen": lastSeen
+};
+const register = register$1;
+const bootstrap = bootstrap$1;
+const destroy = destroy$1;
+const config = config$1;
+const routes = routes$1;
+const controllers = controllers$1;
+const services = services$1;
+const middlewares = middlewares$1;
+var src = {
+  register,
+  bootstrap,
+  destroy,
+  config,
+  routes,
+  controllers,
+  services,
+  middlewares
+};
+const index = /* @__PURE__ */ getDefaultExportFromCjs(src);
+module.exports = index;