third-audience-mdx 1.0.6 → 1.0.8

package/dist/dashboard/admin-store.d.mts

@@ -0,0 +1,28 @@
+interface AdminRecord {
+    passwordHash: string;
+    isDefaultPassword: boolean;
+    createdAt: string;
+    lastLoginAt: string | null;
+    apiKey?: string;
+}
+declare function generateDefaultPassword(): string;
+declare function hashPassword(password: string): string;
+declare function loadAdmin(): AdminRecord | null;
+declare function saveAdmin(record: AdminRecord): void;
+declare const DEFAULT_PASSWORD = "Chang3M3Now!";
+declare function initAdmin(): {
+    password: string;
+    apiKey: string;
+    isNew: boolean;
+};
+declare function verifyPassword(password: string): boolean;
+declare function updatePassword(newPassword: string): void;
+declare function recordLogin(): void;
+declare function generateApiKey(): string;
+declare function getApiKey(): string | null;
+declare function rotateApiKey(): string;
+declare function verifyApiKey(key: string): boolean;
+declare function signSession(payload: string): string;
+declare function verifySession(token: string): boolean;
+
+export { type AdminRecord, DEFAULT_PASSWORD, generateApiKey, generateDefaultPassword, getApiKey, hashPassword, initAdmin, loadAdmin, recordLogin, rotateApiKey, saveAdmin, signSession, updatePassword, verifyApiKey, verifyPassword, verifySession };

package/dist/dashboard/admin-store.d.ts

@@ -0,0 +1,28 @@
+interface AdminRecord {
+    passwordHash: string;
+    isDefaultPassword: boolean;
+    createdAt: string;
+    lastLoginAt: string | null;
+    apiKey?: string;
+}
+declare function generateDefaultPassword(): string;
+declare function hashPassword(password: string): string;
+declare function loadAdmin(): AdminRecord | null;
+declare function saveAdmin(record: AdminRecord): void;
+declare const DEFAULT_PASSWORD = "Chang3M3Now!";
+declare function initAdmin(): {
+    password: string;
+    apiKey: string;
+    isNew: boolean;
+};
+declare function verifyPassword(password: string): boolean;
+declare function updatePassword(newPassword: string): void;
+declare function recordLogin(): void;
+declare function generateApiKey(): string;
+declare function getApiKey(): string | null;
+declare function rotateApiKey(): string;
+declare function verifyApiKey(key: string): boolean;
+declare function signSession(payload: string): string;
+declare function verifySession(token: string): boolean;
+
+export { type AdminRecord, DEFAULT_PASSWORD, generateApiKey, generateDefaultPassword, getApiKey, hashPassword, initAdmin, loadAdmin, recordLogin, rotateApiKey, saveAdmin, signSession, updatePassword, verifyApiKey, verifyPassword, verifySession };

package/dist/dashboard/admin-store.js

@@ -0,0 +1,191 @@
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/dashboard/admin-store.ts
+var admin_store_exports = {};
+__export(admin_store_exports, {
+  DEFAULT_PASSWORD: () => DEFAULT_PASSWORD,
+  generateApiKey: () => generateApiKey,
+  generateDefaultPassword: () => generateDefaultPassword,
+  getApiKey: () => getApiKey,
+  hashPassword: () => hashPassword,
+  initAdmin: () => initAdmin,
+  loadAdmin: () => loadAdmin,
+  recordLogin: () => recordLogin,
+  rotateApiKey: () => rotateApiKey,
+  saveAdmin: () => saveAdmin,
+  signSession: () => signSession,
+  updatePassword: () => updatePassword,
+  verifyApiKey: () => verifyApiKey,
+  verifyPassword: () => verifyPassword,
+  verifySession: () => verifySession
+});
+module.exports = __toCommonJS(admin_store_exports);
+var import_fs = __toESM(require("fs"));
+var import_path = __toESM(require("path"));
+var import_crypto = __toESM(require("crypto"));
+function adminFilePath() {
+  const dataDir = process.env.TA_DATA_DIR ?? "data";
+  return import_path.default.join(process.cwd(), dataDir, "ta-admin.json");
+}
+function generateDefaultPassword() {
+  return import_crypto.default.randomBytes(6).toString("hex");
+}
+function hashPassword(password) {
+  const secret = process.env.THIRD_AUDIENCE_SECRET ?? "ta-salt";
+  return import_crypto.default.createHash("sha256").update(secret + password).digest("hex");
+}
+function loadAdmin() {
+  const filePath = adminFilePath();
+  if (!import_fs.default.existsSync(filePath)) return null;
+  try {
+    return JSON.parse(import_fs.default.readFileSync(filePath, "utf-8"));
+  } catch {
+    return null;
+  }
+}
+function saveAdmin(record) {
+  const filePath = adminFilePath();
+  const dir = import_path.default.dirname(filePath);
+  if (!import_fs.default.existsSync(dir)) import_fs.default.mkdirSync(dir, { recursive: true });
+  import_fs.default.writeFileSync(filePath, JSON.stringify(record, null, 2), "utf-8");
+}
+var DEFAULT_PASSWORD = "Chang3M3Now!";
+function initAdmin() {
+  const existing = loadAdmin();
+  if (existing) return { password: "", apiKey: "", isNew: false };
+  const apiKey = generateApiKey();
+  saveAdmin({
+    passwordHash: hashPassword(DEFAULT_PASSWORD),
+    isDefaultPassword: true,
+    createdAt: (/* @__PURE__ */ new Date()).toISOString(),
+    lastLoginAt: null,
+    apiKey: encryptApiKey(apiKey)
+  });
+  return { password: DEFAULT_PASSWORD, apiKey, isNew: true };
+}
+function verifyPassword(password) {
+  const record = loadAdmin();
+  if (!record) return false;
+  return record.passwordHash === hashPassword(password);
+}
+function updatePassword(newPassword) {
+  const record = loadAdmin();
+  if (!record) return;
+  saveAdmin({
+    ...record,
+    passwordHash: hashPassword(newPassword),
+    isDefaultPassword: false
+  });
+}
+function recordLogin() {
+  const record = loadAdmin();
+  if (!record) return;
+  saveAdmin({ ...record, lastLoginAt: (/* @__PURE__ */ new Date()).toISOString() });
+}
+var CIPHER = "aes-256-gcm";
+function getEncryptionKey() {
+  const secret = process.env.THIRD_AUDIENCE_SECRET ?? "ta-fallback-key-change-me";
+  return import_crypto.default.createHash("sha256").update(secret).digest();
+}
+function encryptApiKey(plaintext) {
+  const iv = import_crypto.default.randomBytes(12);
+  const key = getEncryptionKey();
+  const cipher = import_crypto.default.createCipheriv(CIPHER, key, iv);
+  const encrypted = Buffer.concat([cipher.update(plaintext, "utf8"), cipher.final()]);
+  const tag = cipher.getAuthTag();
+  return iv.toString("hex") + tag.toString("hex") + encrypted.toString("hex");
+}
+function decryptApiKey(encoded) {
+  try {
+    const iv = Buffer.from(encoded.slice(0, 24), "hex");
+    const tag = Buffer.from(encoded.slice(24, 56), "hex");
+    const encrypted = Buffer.from(encoded.slice(56), "hex");
+    const key = getEncryptionKey();
+    const decipher = import_crypto.default.createDecipheriv(CIPHER, key, iv);
+    decipher.setAuthTag(tag);
+    return decipher.update(encrypted) + decipher.final("utf8");
+  } catch {
+    return null;
+  }
+}
+function generateApiKey() {
+  return "ta_" + import_crypto.default.randomBytes(24).toString("hex");
+}
+function getApiKey() {
+  const record = loadAdmin();
+  if (!record?.apiKey) return null;
+  return decryptApiKey(record.apiKey);
+}
+function rotateApiKey() {
+  const record = loadAdmin();
+  if (!record) throw new Error("Admin store not initialised");
+  const newKey = generateApiKey();
+  saveAdmin({ ...record, apiKey: encryptApiKey(newKey) });
+  return newKey;
+}
+function verifyApiKey(key) {
+  const stored = getApiKey();
+  if (!stored) return false;
+  if (key.length !== stored.length) return false;
+  return import_crypto.default.timingSafeEqual(Buffer.from(key), Buffer.from(stored));
+}
+function signSession(payload) {
+  const secret = process.env.THIRD_AUDIENCE_SECRET ?? "ta-salt";
+  const sig = import_crypto.default.createHmac("sha256", secret).update(payload).digest("hex");
+  return `${payload}.${sig}`;
+}
+function verifySession(token) {
+  const lastDot = token.lastIndexOf(".");
+  if (lastDot === -1) return false;
+  const payload = token.slice(0, lastDot);
+  const sig = token.slice(lastDot + 1);
+  const expected = import_crypto.default.createHmac("sha256", process.env.THIRD_AUDIENCE_SECRET ?? "ta-salt").update(payload).digest("hex");
+  if (sig.length !== expected.length) return false;
+  return import_crypto.default.timingSafeEqual(Buffer.from(sig, "hex"), Buffer.from(expected, "hex"));
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  DEFAULT_PASSWORD,
+  generateApiKey,
+  generateDefaultPassword,
+  getApiKey,
+  hashPassword,
+  initAdmin,
+  loadAdmin,
+  recordLogin,
+  rotateApiKey,
+  saveAdmin,
+  signSession,
+  updatePassword,
+  verifyApiKey,
+  verifyPassword,
+  verifySession
+});
+//# sourceMappingURL=admin-store.js.map

package/dist/dashboard/admin-store.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/dashboard/admin-store.ts"],"sourcesContent":["import fs from 'fs'\nimport path from 'path'\nimport crypto from 'crypto'\n\nexport interface AdminRecord {\n  passwordHash: string        // sha256(secret + password)\n  isDefaultPassword: boolean\n  createdAt: string\n  lastLoginAt: string | null\n  apiKey?: string             // AES-256-GCM encrypted, for headless/external API callers\n}\n\nfunction adminFilePath(): string {\n  const dataDir = process.env.TA_DATA_DIR ?? 'data'\n  return path.join(process.cwd(), dataDir, 'ta-admin.json')\n}\n\nexport function generateDefaultPassword(): string {\n  return crypto.randomBytes(6).toString('hex') // 12-char hex, easy to type\n}\n\nexport function hashPassword(password: string): string {\n  const secret = process.env.THIRD_AUDIENCE_SECRET ?? 'ta-salt'\n  return crypto.createHash('sha256').update(secret + password).digest('hex')\n}\n\nexport function loadAdmin(): AdminRecord | null {\n  const filePath = adminFilePath()\n  if (!fs.existsSync(filePath)) return null\n  try {\n    return JSON.parse(fs.readFileSync(filePath, 'utf-8')) as AdminRecord\n  } catch {\n    return null\n  }\n}\n\nexport function saveAdmin(record: AdminRecord): void {\n  const filePath = adminFilePath()\n  const dir = path.dirname(filePath)\n  if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true })\n  fs.writeFileSync(filePath, JSON.stringify(record, null, 2), 'utf-8')\n}\n\nexport const DEFAULT_PASSWORD = 'Chang3M3Now!'\n\nexport function initAdmin(): { password: string; apiKey: string; isNew: boolean } {\n  const existing = loadAdmin()\n  if (existing) return { password: '', apiKey: '', isNew: false }\n\n  const apiKey = generateApiKey()\n  saveAdmin({\n    passwordHash: hashPassword(DEFAULT_PASSWORD),\n    isDefaultPassword: true,\n    createdAt: new Date().toISOString(),\n    lastLoginAt: null,\n    apiKey: encryptApiKey(apiKey),\n  })\n  return { password: DEFAULT_PASSWORD, apiKey, isNew: true }\n}\n\nexport function verifyPassword(password: string): boolean {\n  const record = loadAdmin()\n  if (!record) return false\n  return record.passwordHash === hashPassword(password)\n}\n\nexport function updatePassword(newPassword: string): void {\n  const record = loadAdmin()\n  if (!record) return\n  saveAdmin({\n    ...record,\n    passwordHash: hashPassword(newPassword),\n    isDefaultPassword: false,\n  })\n}\n\nexport function recordLogin(): void {\n  const record = loadAdmin()\n  if (!record) return\n  saveAdmin({ ...record, lastLoginAt: new Date().toISOString() })\n}\n\n// ---------------------------------------------------------------------------\n// API key — AES-256-GCM encrypted at rest, mirroring WP's SECURE_AUTH_KEY approach\n// ---------------------------------------------------------------------------\n\nconst CIPHER = 'aes-256-gcm'\n\nfunction getEncryptionKey(): Buffer {\n  const secret = process.env.THIRD_AUDIENCE_SECRET ?? 'ta-fallback-key-change-me'\n  // Derive a 32-byte key from the secret using SHA-256\n  return crypto.createHash('sha256').update(secret).digest()\n}\n\nfunction encryptApiKey(plaintext: string): string {\n  const iv = crypto.randomBytes(12)\n  const key = getEncryptionKey()\n  const cipher = crypto.createCipheriv(CIPHER, key, iv) as crypto.CipherGCM\n  const encrypted = Buffer.concat([cipher.update(plaintext, 'utf8'), cipher.final()])\n  const tag = cipher.getAuthTag()\n  // Format: iv(24 hex) + tag(32 hex) + encrypted(hex)\n  return iv.toString('hex') + tag.toString('hex') + encrypted.toString('hex')\n}\n\nfunction decryptApiKey(encoded: string): string | null {\n  try {\n    const iv = Buffer.from(encoded.slice(0, 24), 'hex')\n    const tag = Buffer.from(encoded.slice(24, 56), 'hex')\n    const encrypted = Buffer.from(encoded.slice(56), 'hex')\n    const key = getEncryptionKey()\n    const decipher = crypto.createDecipheriv(CIPHER, key, iv) as crypto.DecipherGCM\n    decipher.setAuthTag(tag)\n    return decipher.update(encrypted) + decipher.final('utf8')\n  } catch {\n    return null\n  }\n}\n\nexport function generateApiKey(): string {\n  return 'ta_' + crypto.randomBytes(24).toString('hex') // 51-char key\n}\n\nexport function getApiKey(): string | null {\n  const record = loadAdmin()\n  if (!record?.apiKey) return null\n  return decryptApiKey(record.apiKey)\n}\n\nexport function rotateApiKey(): string {\n  const record = loadAdmin()\n  if (!record) throw new Error('Admin store not initialised')\n  const newKey = generateApiKey()\n  saveAdmin({ ...record, apiKey: encryptApiKey(newKey) })\n  return newKey\n}\n\nexport function verifyApiKey(key: string): boolean {\n  const stored = getApiKey()\n  if (!stored) return false\n  if (key.length !== stored.length) return false\n  return crypto.timingSafeEqual(Buffer.from(key), Buffer.from(stored))\n}\n\n// ---------------------------------------------------------------------------\n// Session cookie: HMAC-SHA256(secret, userId + timestamp) — stateless, no DB\n// ---------------------------------------------------------------------------\nexport function signSession(payload: string): string {\n  const secret = process.env.THIRD_AUDIENCE_SECRET ?? 'ta-salt'\n  const sig = crypto.createHmac('sha256', secret).update(payload).digest('hex')\n  return `${payload}.${sig}`\n}\n\nexport function verifySession(token: string): boolean {\n  const lastDot = token.lastIndexOf('.')\n  if (lastDot === -1) return false\n  const payload = token.slice(0, lastDot)\n  const sig = token.slice(lastDot + 1)\n  const expected = crypto.createHmac('sha256', process.env.THIRD_AUDIENCE_SECRET ?? 'ta-salt')\n    .update(payload).digest('hex')\n  // Constant-time comparison\n  if (sig.length !== expected.length) return false\n  return crypto.timingSafeEqual(Buffer.from(sig, 'hex'), Buffer.from(expected, 'hex'))\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,gBAAe;AACf,kBAAiB;AACjB,oBAAmB;AAUnB,SAAS,gBAAwB;AAC/B,QAAM,UAAU,QAAQ,IAAI,eAAe;AAC3C,SAAO,YAAAA,QAAK,KAAK,QAAQ,IAAI,GAAG,SAAS,eAAe;AAC1D;AAEO,SAAS,0BAAkC;AAChD,SAAO,cAAAC,QAAO,YAAY,CAAC,EAAE,SAAS,KAAK;AAC7C;AAEO,SAAS,aAAa,UAA0B;AACrD,QAAM,SAAS,QAAQ,IAAI,yBAAyB;AACpD,SAAO,cAAAA,QAAO,WAAW,QAAQ,EAAE,OAAO,SAAS,QAAQ,EAAE,OAAO,KAAK;AAC3E;AAEO,SAAS,YAAgC;AAC9C,QAAM,WAAW,cAAc;AAC/B,MAAI,CAAC,UAAAC,QAAG,WAAW,QAAQ,EAAG,QAAO;AACrC,MAAI;AACF,WAAO,KAAK,MAAM,UAAAA,QAAG,aAAa,UAAU,OAAO,CAAC;AAAA,EACtD,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEO,SAAS,UAAU,QAA2B;AACnD,QAAM,WAAW,cAAc;AAC/B,QAAM,MAAM,YAAAF,QAAK,QAAQ,QAAQ;AACjC,MAAI,CAAC,UAAAE,QAAG,WAAW,GAAG,EAAG,WAAAA,QAAG,UAAU,KAAK,EAAE,WAAW,KAAK,CAAC;AAC9D,YAAAA,QAAG,cAAc,UAAU,KAAK,UAAU,QAAQ,MAAM,CAAC,GAAG,OAAO;AACrE;AAEO,IAAM,mBAAmB;AAEzB,SAAS,YAAkE;AAChF,QAAM,WAAW,UAAU;AAC3B,MAAI,SAAU,QAAO,EAAE,UAAU,IAAI,QAAQ,IAAI,OAAO,MAAM;AAE9D,QAAM,SAAS,eAAe;AAC9B,YAAU;AAAA,IACR,cAAc,aAAa,gBAAgB;AAAA,IAC3C,mBAAmB;AAAA,IACnB,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA,IAClC,aAAa;AAAA,IACb,QAAQ,cAAc,MAAM;AAAA,EAC9B,CAAC;AACD,SAAO,EAAE,UAAU,kBAAkB,QAAQ,OAAO,KAAK;AAC3D;AAEO,SAAS,eAAe,UAA2B;AACxD,QAAM,SAAS,UAAU;AACzB,MAAI,CAAC,OAAQ,QAAO;AACpB,SAAO,OAAO,iBAAiB,aAAa,QAAQ;AACtD;AAEO,SAAS,eAAe,aAA2B;AACxD,QAAM,SAAS,UAAU;AACzB,MAAI,CAAC,OAAQ;AACb,YAAU;AAAA,IACR,GAAG;AAAA,IACH,cAAc,aAAa,WAAW;AAAA,IACtC,mBAAmB;AAAA,EACrB,CAAC;AACH;AAEO,SAAS,cAAoB;AAClC,QAAM,SAAS,UAAU;AACzB,MAAI,CAAC,OAAQ;AACb,YAAU,EAAE,GAAG,QAAQ,cAAa,oBAAI,KAAK,GAAE,YAAY,EAAE,CAAC;AAChE;AAMA,IAAM,SAAS;AAEf,SAAS,mBAA2B;AAClC,QAAM,SAAS,QAAQ,IAAI,yBAAyB;AAEpD,SAAO,cAAAD,QAAO,WAAW,QAAQ,EAAE,OAAO,MAAM,EAAE,OAAO;AAC3D;AAEA,SAAS,cAAc,WAA2B;AAChD,QAAM,KAAK,cAAAA,QAAO,YAAY,EAAE;AAChC,QAAM,MAAM,iBAAiB;AAC7B,QAAM,SAAS,cAAAA,QAAO,eAAe,QAAQ,KAAK,EAAE;AACpD,QAAM,YAAY,OAAO,OAAO,CAAC,OAAO,OAAO,WAAW,MAAM,GAAG,OAAO,MAAM,CAAC,CAAC;AAClF,QAAM,MAAM,OAAO,WAAW;AAE9B,SAAO,GAAG,SAAS,KAAK,IAAI,IAAI,SAAS,KAAK,IAAI,UAAU,SAAS,KAAK;AAC5E;AAEA,SAAS,cAAc,SAAgC;AACrD,MAAI;AACF,UAAM,KAAK,OAAO,KAAK,QAAQ,MAAM,GAAG,EAAE,GAAG,KAAK;AAClD,UAAM,MAAM,OAAO,KAAK,QAAQ,MAAM,IAAI,EAAE,GAAG,KAAK;AACpD,UAAM,YAAY,OAAO,KAAK,QAAQ,MAAM,EAAE,GAAG,KAAK;AACtD,UAAM,MAAM,iBAAiB;AAC7B,UAAM,WAAW,cAAAA,QAAO,iBAAiB,QAAQ,KAAK,EAAE;AACxD,aAAS,WAAW,GAAG;AACvB,WAAO,SAAS,OAAO,SAAS,IAAI,SAAS,MAAM,MAAM;AAAA,EAC3D,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEO,SAAS,iBAAyB;AACvC,SAAO,QAAQ,cAAAA,QAAO,YAAY,EAAE,EAAE,SAAS,KAAK;AACtD;AAEO,SAAS,YAA2B;AACzC,QAAM,SAAS,UAAU;AACzB,MAAI,CAAC,QAAQ,OAAQ,QAAO;AAC5B,SAAO,cAAc,OAAO,MAAM;AACpC;AAEO,SAAS,eAAuB;AACrC,QAAM,SAAS,UAAU;AACzB,MAAI,CAAC,OAAQ,OAAM,IAAI,MAAM,6BAA6B;AAC1D,QAAM,SAAS,eAAe;AAC9B,YAAU,EAAE,GAAG,QAAQ,QAAQ,cAAc,MAAM,EAAE,CAAC;AACtD,SAAO;AACT;AAEO,SAAS,aAAa,KAAsB;AACjD,QAAM,SAAS,UAAU;AACzB,MAAI,CAAC,OAAQ,QAAO;AACpB,MAAI,IAAI,WAAW,OAAO,OAAQ,QAAO;AACzC,SAAO,cAAAA,QAAO,gBAAgB,OAAO,KAAK,GAAG,GAAG,OAAO,KAAK,MAAM,CAAC;AACrE;AAKO,SAAS,YAAY,SAAyB;AACnD,QAAM,SAAS,QAAQ,IAAI,yBAAyB;AACpD,QAAM,MAAM,cAAAA,QAAO,WAAW,UAAU,MAAM,EAAE,OAAO,OAAO,EAAE,OAAO,KAAK;AAC5E,SAAO,GAAG,OAAO,IAAI,GAAG;AAC1B;AAEO,SAAS,cAAc,OAAwB;AACpD,QAAM,UAAU,MAAM,YAAY,GAAG;AACrC,MAAI,YAAY,GAAI,QAAO;AAC3B,QAAM,UAAU,MAAM,MAAM,GAAG,OAAO;AACtC,QAAM,MAAM,MAAM,MAAM,UAAU,CAAC;AACnC,QAAM,WAAW,cAAAA,QAAO,WAAW,UAAU,QAAQ,IAAI,yBAAyB,SAAS,EACxF,OAAO,OAAO,EAAE,OAAO,KAAK;AAE/B,MAAI,IAAI,WAAW,SAAS,OAAQ,QAAO;AAC3C,SAAO,cAAAA,QAAO,gBAAgB,OAAO,KAAK,KAAK,KAAK,GAAG,OAAO,KAAK,UAAU,KAAK,CAAC;AACrF;","names":["path","crypto","fs"]}

package/dist/dashboard/admin-store.mjs

@@ -0,0 +1,142 @@
+// src/dashboard/admin-store.ts
+import fs from "fs";
+import path from "path";
+import crypto from "crypto";
+function adminFilePath() {
+  const dataDir = process.env.TA_DATA_DIR ?? "data";
+  return path.join(process.cwd(), dataDir, "ta-admin.json");
+}
+function generateDefaultPassword() {
+  return crypto.randomBytes(6).toString("hex");
+}
+function hashPassword(password) {
+  const secret = process.env.THIRD_AUDIENCE_SECRET ?? "ta-salt";
+  return crypto.createHash("sha256").update(secret + password).digest("hex");
+}
+function loadAdmin() {
+  const filePath = adminFilePath();
+  if (!fs.existsSync(filePath)) return null;
+  try {
+    return JSON.parse(fs.readFileSync(filePath, "utf-8"));
+  } catch {
+    return null;
+  }
+}
+function saveAdmin(record) {
+  const filePath = adminFilePath();
+  const dir = path.dirname(filePath);
+  if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true });
+  fs.writeFileSync(filePath, JSON.stringify(record, null, 2), "utf-8");
+}
+var DEFAULT_PASSWORD = "Chang3M3Now!";
+function initAdmin() {
+  const existing = loadAdmin();
+  if (existing) return { password: "", apiKey: "", isNew: false };
+  const apiKey = generateApiKey();
+  saveAdmin({
+    passwordHash: hashPassword(DEFAULT_PASSWORD),
+    isDefaultPassword: true,
+    createdAt: (/* @__PURE__ */ new Date()).toISOString(),
+    lastLoginAt: null,
+    apiKey: encryptApiKey(apiKey)
+  });
+  return { password: DEFAULT_PASSWORD, apiKey, isNew: true };
+}
+function verifyPassword(password) {
+  const record = loadAdmin();
+  if (!record) return false;
+  return record.passwordHash === hashPassword(password);
+}
+function updatePassword(newPassword) {
+  const record = loadAdmin();
+  if (!record) return;
+  saveAdmin({
+    ...record,
+    passwordHash: hashPassword(newPassword),
+    isDefaultPassword: false
+  });
+}
+function recordLogin() {
+  const record = loadAdmin();
+  if (!record) return;
+  saveAdmin({ ...record, lastLoginAt: (/* @__PURE__ */ new Date()).toISOString() });
+}
+var CIPHER = "aes-256-gcm";
+function getEncryptionKey() {
+  const secret = process.env.THIRD_AUDIENCE_SECRET ?? "ta-fallback-key-change-me";
+  return crypto.createHash("sha256").update(secret).digest();
+}
+function encryptApiKey(plaintext) {
+  const iv = crypto.randomBytes(12);
+  const key = getEncryptionKey();
+  const cipher = crypto.createCipheriv(CIPHER, key, iv);
+  const encrypted = Buffer.concat([cipher.update(plaintext, "utf8"), cipher.final()]);
+  const tag = cipher.getAuthTag();
+  return iv.toString("hex") + tag.toString("hex") + encrypted.toString("hex");
+}
+function decryptApiKey(encoded) {
+  try {
+    const iv = Buffer.from(encoded.slice(0, 24), "hex");
+    const tag = Buffer.from(encoded.slice(24, 56), "hex");
+    const encrypted = Buffer.from(encoded.slice(56), "hex");
+    const key = getEncryptionKey();
+    const decipher = crypto.createDecipheriv(CIPHER, key, iv);
+    decipher.setAuthTag(tag);
+    return decipher.update(encrypted) + decipher.final("utf8");
+  } catch {
+    return null;
+  }
+}
+function generateApiKey() {
+  return "ta_" + crypto.randomBytes(24).toString("hex");
+}
+function getApiKey() {
+  const record = loadAdmin();
+  if (!record?.apiKey) return null;
+  return decryptApiKey(record.apiKey);
+}
+function rotateApiKey() {
+  const record = loadAdmin();
+  if (!record) throw new Error("Admin store not initialised");
+  const newKey = generateApiKey();
+  saveAdmin({ ...record, apiKey: encryptApiKey(newKey) });
+  return newKey;
+}
+function verifyApiKey(key) {
+  const stored = getApiKey();
+  if (!stored) return false;
+  if (key.length !== stored.length) return false;
+  return crypto.timingSafeEqual(Buffer.from(key), Buffer.from(stored));
+}
+function signSession(payload) {
+  const secret = process.env.THIRD_AUDIENCE_SECRET ?? "ta-salt";
+  const sig = crypto.createHmac("sha256", secret).update(payload).digest("hex");
+  return `${payload}.${sig}`;
+}
+function verifySession(token) {
+  const lastDot = token.lastIndexOf(".");
+  if (lastDot === -1) return false;
+  const payload = token.slice(0, lastDot);
+  const sig = token.slice(lastDot + 1);
+  const expected = crypto.createHmac("sha256", process.env.THIRD_AUDIENCE_SECRET ?? "ta-salt").update(payload).digest("hex");
+  if (sig.length !== expected.length) return false;
+  return crypto.timingSafeEqual(Buffer.from(sig, "hex"), Buffer.from(expected, "hex"));
+}
+export {
+  DEFAULT_PASSWORD,
+  generateApiKey,
+  generateDefaultPassword,
+  getApiKey,
+  hashPassword,
+  initAdmin,
+  loadAdmin,
+  recordLogin,
+  rotateApiKey,
+  saveAdmin,
+  signSession,
+  updatePassword,
+  verifyApiKey,
+  verifyPassword,
+  verifySession
+};
+//# sourceMappingURL=admin-store.mjs.map

package/dist/dashboard/admin-store.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/dashboard/admin-store.ts"],"sourcesContent":["import fs from 'fs'\nimport path from 'path'\nimport crypto from 'crypto'\n\nexport interface AdminRecord {\n  passwordHash: string        // sha256(secret + password)\n  isDefaultPassword: boolean\n  createdAt: string\n  lastLoginAt: string | null\n  apiKey?: string             // AES-256-GCM encrypted, for headless/external API callers\n}\n\nfunction adminFilePath(): string {\n  const dataDir = process.env.TA_DATA_DIR ?? 'data'\n  return path.join(process.cwd(), dataDir, 'ta-admin.json')\n}\n\nexport function generateDefaultPassword(): string {\n  return crypto.randomBytes(6).toString('hex') // 12-char hex, easy to type\n}\n\nexport function hashPassword(password: string): string {\n  const secret = process.env.THIRD_AUDIENCE_SECRET ?? 'ta-salt'\n  return crypto.createHash('sha256').update(secret + password).digest('hex')\n}\n\nexport function loadAdmin(): AdminRecord | null {\n  const filePath = adminFilePath()\n  if (!fs.existsSync(filePath)) return null\n  try {\n    return JSON.parse(fs.readFileSync(filePath, 'utf-8')) as AdminRecord\n  } catch {\n    return null\n  }\n}\n\nexport function saveAdmin(record: AdminRecord): void {\n  const filePath = adminFilePath()\n  const dir = path.dirname(filePath)\n  if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true })\n  fs.writeFileSync(filePath, JSON.stringify(record, null, 2), 'utf-8')\n}\n\nexport const DEFAULT_PASSWORD = 'Chang3M3Now!'\n\nexport function initAdmin(): { password: string; apiKey: string; isNew: boolean } {\n  const existing = loadAdmin()\n  if (existing) return { password: '', apiKey: '', isNew: false }\n\n  const apiKey = generateApiKey()\n  saveAdmin({\n    passwordHash: hashPassword(DEFAULT_PASSWORD),\n    isDefaultPassword: true,\n    createdAt: new Date().toISOString(),\n    lastLoginAt: null,\n    apiKey: encryptApiKey(apiKey),\n  })\n  return { password: DEFAULT_PASSWORD, apiKey, isNew: true }\n}\n\nexport function verifyPassword(password: string): boolean {\n  const record = loadAdmin()\n  if (!record) return false\n  return record.passwordHash === hashPassword(password)\n}\n\nexport function updatePassword(newPassword: string): void {\n  const record = loadAdmin()\n  if (!record) return\n  saveAdmin({\n    ...record,\n    passwordHash: hashPassword(newPassword),\n    isDefaultPassword: false,\n  })\n}\n\nexport function recordLogin(): void {\n  const record = loadAdmin()\n  if (!record) return\n  saveAdmin({ ...record, lastLoginAt: new Date().toISOString() })\n}\n\n// ---------------------------------------------------------------------------\n// API key — AES-256-GCM encrypted at rest, mirroring WP's SECURE_AUTH_KEY approach\n// ---------------------------------------------------------------------------\n\nconst CIPHER = 'aes-256-gcm'\n\nfunction getEncryptionKey(): Buffer {\n  const secret = process.env.THIRD_AUDIENCE_SECRET ?? 'ta-fallback-key-change-me'\n  // Derive a 32-byte key from the secret using SHA-256\n  return crypto.createHash('sha256').update(secret).digest()\n}\n\nfunction encryptApiKey(plaintext: string): string {\n  const iv = crypto.randomBytes(12)\n  const key = getEncryptionKey()\n  const cipher = crypto.createCipheriv(CIPHER, key, iv) as crypto.CipherGCM\n  const encrypted = Buffer.concat([cipher.update(plaintext, 'utf8'), cipher.final()])\n  const tag = cipher.getAuthTag()\n  // Format: iv(24 hex) + tag(32 hex) + encrypted(hex)\n  return iv.toString('hex') + tag.toString('hex') + encrypted.toString('hex')\n}\n\nfunction decryptApiKey(encoded: string): string | null {\n  try {\n    const iv = Buffer.from(encoded.slice(0, 24), 'hex')\n    const tag = Buffer.from(encoded.slice(24, 56), 'hex')\n    const encrypted = Buffer.from(encoded.slice(56), 'hex')\n    const key = getEncryptionKey()\n    const decipher = crypto.createDecipheriv(CIPHER, key, iv) as crypto.DecipherGCM\n    decipher.setAuthTag(tag)\n    return decipher.update(encrypted) + decipher.final('utf8')\n  } catch {\n    return null\n  }\n}\n\nexport function generateApiKey(): string {\n  return 'ta_' + crypto.randomBytes(24).toString('hex') // 51-char key\n}\n\nexport function getApiKey(): string | null {\n  const record = loadAdmin()\n  if (!record?.apiKey) return null\n  return decryptApiKey(record.apiKey)\n}\n\nexport function rotateApiKey(): string {\n  const record = loadAdmin()\n  if (!record) throw new Error('Admin store not initialised')\n  const newKey = generateApiKey()\n  saveAdmin({ ...record, apiKey: encryptApiKey(newKey) })\n  return newKey\n}\n\nexport function verifyApiKey(key: string): boolean {\n  const stored = getApiKey()\n  if (!stored) return false\n  if (key.length !== stored.length) return false\n  return crypto.timingSafeEqual(Buffer.from(key), Buffer.from(stored))\n}\n\n// ---------------------------------------------------------------------------\n// Session cookie: HMAC-SHA256(secret, userId + timestamp) — stateless, no DB\n// ---------------------------------------------------------------------------\nexport function signSession(payload: string): string {\n  const secret = process.env.THIRD_AUDIENCE_SECRET ?? 'ta-salt'\n  const sig = crypto.createHmac('sha256', secret).update(payload).digest('hex')\n  return `${payload}.${sig}`\n}\n\nexport function verifySession(token: string): boolean {\n  const lastDot = token.lastIndexOf('.')\n  if (lastDot === -1) return false\n  const payload = token.slice(0, lastDot)\n  const sig = token.slice(lastDot + 1)\n  const expected = crypto.createHmac('sha256', process.env.THIRD_AUDIENCE_SECRET ?? 'ta-salt')\n    .update(payload).digest('hex')\n  // Constant-time comparison\n  if (sig.length !== expected.length) return false\n  return crypto.timingSafeEqual(Buffer.from(sig, 'hex'), Buffer.from(expected, 'hex'))\n}\n"],"mappings":";AAAA,OAAO,QAAQ;AACf,OAAO,UAAU;AACjB,OAAO,YAAY;AAUnB,SAAS,gBAAwB;AAC/B,QAAM,UAAU,QAAQ,IAAI,eAAe;AAC3C,SAAO,KAAK,KAAK,QAAQ,IAAI,GAAG,SAAS,eAAe;AAC1D;AAEO,SAAS,0BAAkC;AAChD,SAAO,OAAO,YAAY,CAAC,EAAE,SAAS,KAAK;AAC7C;AAEO,SAAS,aAAa,UAA0B;AACrD,QAAM,SAAS,QAAQ,IAAI,yBAAyB;AACpD,SAAO,OAAO,WAAW,QAAQ,EAAE,OAAO,SAAS,QAAQ,EAAE,OAAO,KAAK;AAC3E;AAEO,SAAS,YAAgC;AAC9C,QAAM,WAAW,cAAc;AAC/B,MAAI,CAAC,GAAG,WAAW,QAAQ,EAAG,QAAO;AACrC,MAAI;AACF,WAAO,KAAK,MAAM,GAAG,aAAa,UAAU,OAAO,CAAC;AAAA,EACtD,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEO,SAAS,UAAU,QAA2B;AACnD,QAAM,WAAW,cAAc;AAC/B,QAAM,MAAM,KAAK,QAAQ,QAAQ;AACjC,MAAI,CAAC,GAAG,WAAW,GAAG,EAAG,IAAG,UAAU,KAAK,EAAE,WAAW,KAAK,CAAC;AAC9D,KAAG,cAAc,UAAU,KAAK,UAAU,QAAQ,MAAM,CAAC,GAAG,OAAO;AACrE;AAEO,IAAM,mBAAmB;AAEzB,SAAS,YAAkE;AAChF,QAAM,WAAW,UAAU;AAC3B,MAAI,SAAU,QAAO,EAAE,UAAU,IAAI,QAAQ,IAAI,OAAO,MAAM;AAE9D,QAAM,SAAS,eAAe;AAC9B,YAAU;AAAA,IACR,cAAc,aAAa,gBAAgB;AAAA,IAC3C,mBAAmB;AAAA,IACnB,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA,IAClC,aAAa;AAAA,IACb,QAAQ,cAAc,MAAM;AAAA,EAC9B,CAAC;AACD,SAAO,EAAE,UAAU,kBAAkB,QAAQ,OAAO,KAAK;AAC3D;AAEO,SAAS,eAAe,UAA2B;AACxD,QAAM,SAAS,UAAU;AACzB,MAAI,CAAC,OAAQ,QAAO;AACpB,SAAO,OAAO,iBAAiB,aAAa,QAAQ;AACtD;AAEO,SAAS,eAAe,aAA2B;AACxD,QAAM,SAAS,UAAU;AACzB,MAAI,CAAC,OAAQ;AACb,YAAU;AAAA,IACR,GAAG;AAAA,IACH,cAAc,aAAa,WAAW;AAAA,IACtC,mBAAmB;AAAA,EACrB,CAAC;AACH;AAEO,SAAS,cAAoB;AAClC,QAAM,SAAS,UAAU;AACzB,MAAI,CAAC,OAAQ;AACb,YAAU,EAAE,GAAG,QAAQ,cAAa,oBAAI,KAAK,GAAE,YAAY,EAAE,CAAC;AAChE;AAMA,IAAM,SAAS;AAEf,SAAS,mBAA2B;AAClC,QAAM,SAAS,QAAQ,IAAI,yBAAyB;AAEpD,SAAO,OAAO,WAAW,QAAQ,EAAE,OAAO,MAAM,EAAE,OAAO;AAC3D;AAEA,SAAS,cAAc,WAA2B;AAChD,QAAM,KAAK,OAAO,YAAY,EAAE;AAChC,QAAM,MAAM,iBAAiB;AAC7B,QAAM,SAAS,OAAO,eAAe,QAAQ,KAAK,EAAE;AACpD,QAAM,YAAY,OAAO,OAAO,CAAC,OAAO,OAAO,WAAW,MAAM,GAAG,OAAO,MAAM,CAAC,CAAC;AAClF,QAAM,MAAM,OAAO,WAAW;AAE9B,SAAO,GAAG,SAAS,KAAK,IAAI,IAAI,SAAS,KAAK,IAAI,UAAU,SAAS,KAAK;AAC5E;AAEA,SAAS,cAAc,SAAgC;AACrD,MAAI;AACF,UAAM,KAAK,OAAO,KAAK,QAAQ,MAAM,GAAG,EAAE,GAAG,KAAK;AAClD,UAAM,MAAM,OAAO,KAAK,QAAQ,MAAM,IAAI,EAAE,GAAG,KAAK;AACpD,UAAM,YAAY,OAAO,KAAK,QAAQ,MAAM,EAAE,GAAG,KAAK;AACtD,UAAM,MAAM,iBAAiB;AAC7B,UAAM,WAAW,OAAO,iBAAiB,QAAQ,KAAK,EAAE;AACxD,aAAS,WAAW,GAAG;AACvB,WAAO,SAAS,OAAO,SAAS,IAAI,SAAS,MAAM,MAAM;AAAA,EAC3D,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEO,SAAS,iBAAyB;AACvC,SAAO,QAAQ,OAAO,YAAY,EAAE,EAAE,SAAS,KAAK;AACtD;AAEO,SAAS,YAA2B;AACzC,QAAM,SAAS,UAAU;AACzB,MAAI,CAAC,QAAQ,OAAQ,QAAO;AAC5B,SAAO,cAAc,OAAO,MAAM;AACpC;AAEO,SAAS,eAAuB;AACrC,QAAM,SAAS,UAAU;AACzB,MAAI,CAAC,OAAQ,OAAM,IAAI,MAAM,6BAA6B;AAC1D,QAAM,SAAS,eAAe;AAC9B,YAAU,EAAE,GAAG,QAAQ,QAAQ,cAAc,MAAM,EAAE,CAAC;AACtD,SAAO;AACT;AAEO,SAAS,aAAa,KAAsB;AACjD,QAAM,SAAS,UAAU;AACzB,MAAI,CAAC,OAAQ,QAAO;AACpB,MAAI,IAAI,WAAW,OAAO,OAAQ,QAAO;AACzC,SAAO,OAAO,gBAAgB,OAAO,KAAK,GAAG,GAAG,OAAO,KAAK,MAAM,CAAC;AACrE;AAKO,SAAS,YAAY,SAAyB;AACnD,QAAM,SAAS,QAAQ,IAAI,yBAAyB;AACpD,QAAM,MAAM,OAAO,WAAW,UAAU,MAAM,EAAE,OAAO,OAAO,EAAE,OAAO,KAAK;AAC5E,SAAO,GAAG,OAAO,IAAI,GAAG;AAC1B;AAEO,SAAS,cAAc,OAAwB;AACpD,QAAM,UAAU,MAAM,YAAY,GAAG;AACrC,MAAI,YAAY,GAAI,QAAO;AAC3B,QAAM,UAAU,MAAM,MAAM,GAAG,OAAO;AACtC,QAAM,MAAM,MAAM,MAAM,UAAU,CAAC;AACnC,QAAM,WAAW,OAAO,WAAW,UAAU,QAAQ,IAAI,yBAAyB,SAAS,EACxF,OAAO,OAAO,EAAE,OAAO,KAAK;AAE/B,MAAI,IAAI,WAAW,SAAS,OAAQ,QAAO;AAC3C,SAAO,OAAO,gBAAgB,OAAO,KAAK,KAAK,KAAK,GAAG,OAAO,KAAK,UAAU,KAAK,CAAC;AACrF;","names":[]}

package/dist/dashboard/routes/llms-txt-route.js

@@ -43,14 +43,26 @@ var import_gray_matter = __toESM(require("gray-matter"));
 var MdxReader = class {
   constructor(options) {
     this.contentDir = options.contentDir;
+    this.stripSegments = options.stripSegments ?? [];
+  }
+  /**
+   * Remove configured URL-only segments from a slug so it maps to the file
+   * layout. e.g. stripSegments ['learn'] turns 'en/learn/hydroponics/x' into
+   * 'en/hydroponics/x'. Only whole path segments are removed.
+   */
+  applyStrip(slug) {
+    if (this.stripSegments.length === 0) return slug;
+    const drop = new Set(this.stripSegments);
+    return slug.split("/").filter((seg) => !drop.has(seg)).join("/");
   }
   /** Read a single MDX file by slug. Returns null if not found. */
   read(slug) {
+    const resolved = this.applyStrip(slug);
     const candidates = [
-      import_path.default.join(this.contentDir, `${slug}.mdx`),
-      import_path.default.join(this.contentDir, `${slug}.md`),
-      import_path.default.join(this.contentDir, slug, "index.mdx"),
-      import_path.default.join(this.contentDir, slug, "index.md")
+      import_path.default.join(this.contentDir, `${resolved}.mdx`),
+      import_path.default.join(this.contentDir, `${resolved}.md`),
+      import_path.default.join(this.contentDir, resolved, "index.mdx"),
+      import_path.default.join(this.contentDir, resolved, "index.md")
     ];
     for (const filePath of candidates) {
       if (import_fs.default.existsSync(filePath)) {

package/dist/dashboard/routes/llms-txt-route.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/dashboard/routes/llms-txt-route.ts","../../../src/core/mdx-reader.ts","../../../src/discovery/llms-txt.ts"],"sourcesContent":["import { NextResponse, type NextRequest } from 'next/server'\nimport path from 'path'\nimport { MdxReader } from '../../core/mdx-reader.js'\nimport { generateLlmsTxt } from '../../discovery/llms-txt.js'\n\nconst reader = new MdxReader({ contentDir: path.join(process.cwd(), process.env.TA_CONTENT_DIR ?? 'content') })\n\n/** Handler for GET /llms.txt → rewired to /api/third-audience/llms-txt */\nexport async function GET(req: NextRequest) {\n  const baseUrl = process.env.NEXT_PUBLIC_SITE_URL\n    ?? `${req.nextUrl.protocol}//${req.nextUrl.host}`\n\n  const files = reader.readAll()\n  const content = generateLlmsTxt(files, baseUrl)\n\n  return new NextResponse(content, {\n    headers: { 'Content-Type': 'text/plain; charset=utf-8' },\n  })\n}\n","import fs from 'fs'\nimport path from 'path'\nimport matter from 'gray-matter'\n\nexport interface MdxFile {\n  slug: string       // relative path without extension, e.g. 'blog/my-post'\n  filePath: string   // absolute path to .mdx file\n  frontmatter: Record<string, unknown>\n  rawContent: string // body after frontmatter\n}\n\nexport interface MdxReaderOptions {\n  contentDir: string // absolute path to content directory\n}\n\nexport class MdxReader {\n  private contentDir: string\n\n  constructor(options: MdxReaderOptions) {\n    this.contentDir = options.contentDir\n  }\n\n  /** Read a single MDX file by slug. Returns null if not found. */\n  read(slug: string): MdxFile | null {\n    const candidates = [\n      path.join(this.contentDir, `${slug}.mdx`),\n      path.join(this.contentDir, `${slug}.md`),\n      path.join(this.contentDir, slug, 'index.mdx'),\n      path.join(this.contentDir, slug, 'index.md'),\n    ]\n\n    for (const filePath of candidates) {\n      if (fs.existsSync(filePath)) {\n        return this.parseFile(slug, filePath)\n      }\n    }\n\n    return null\n  }\n\n  /** Read all MDX files recursively. */\n  readAll(): MdxFile[] {\n    if (!fs.existsSync(this.contentDir)) return []\n    return this.walkDir(this.contentDir, this.contentDir)\n  }\n\n  private walkDir(dir: string, root: string): MdxFile[] {\n    const results: MdxFile[] = []\n    for (const entry of fs.readdirSync(dir, { withFileTypes: true })) {\n      const fullPath = path.join(dir, entry.name)\n      if (entry.isDirectory()) {\n        results.push(...this.walkDir(fullPath, root))\n      } else if (entry.name.endsWith('.mdx') || entry.name.endsWith('.md')) {\n        const relative = path.relative(root, fullPath)\n        const slug = relative.replace(/\\.(mdx|md)$/, '').replace(/\\/index$/, '')\n        results.push(this.parseFile(slug, fullPath))\n      }\n    }\n    return results\n  }\n\n  private parseFile(slug: string, filePath: string): MdxFile {\n    const raw = fs.readFileSync(filePath, 'utf-8')\n    const { data: frontmatter, content: rawContent } = matter(raw)\n    return { slug, filePath, frontmatter, rawContent }\n  }\n}\n","import type { MdxFile } from '../core/mdx-reader.js'\n\n/**\n * Generates /llms.txt content from MDX frontmatter.\n * Format: one entry per line — URL, title, description.\n */\nexport function generateLlmsTxt(files: MdxFile[], baseUrl: string): string {\n  const lines: string[] = [\n    '# LLMs.txt — AI-readable content index',\n    `# Generated by third-audience-mdx`,\n    '',\n  ]\n\n  for (const file of files) {\n    const fm = file.frontmatter\n    const url = `${baseUrl.replace(/\\/$/, '')}/${file.slug}`\n    const title = String(fm.title ?? file.slug)\n    const desc = fm.description ? ` — ${String(fm.description)}` : ''\n    lines.push(`- [${title}](${url})${desc}`)\n  }\n\n  return lines.join('\\n') + '\\n'\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,oBAA+C;AAC/C,IAAAA,eAAiB;;;ACDjB,gBAAe;AACf,kBAAiB;AACjB,yBAAmB;AAaZ,IAAM,YAAN,MAAgB;AAAA,EAGrB,YAAY,SAA2B;AACrC,SAAK,aAAa,QAAQ;AAAA,EAC5B;AAAA;AAAA,EAGA,KAAK,MAA8B;AACjC,UAAM,aAAa;AAAA,MACjB,YAAAC,QAAK,KAAK,KAAK,YAAY,GAAG,IAAI,MAAM;AAAA,MACxC,YAAAA,QAAK,KAAK,KAAK,YAAY,GAAG,IAAI,KAAK;AAAA,MACvC,YAAAA,QAAK,KAAK,KAAK,YAAY,MAAM,WAAW;AAAA,MAC5C,YAAAA,QAAK,KAAK,KAAK,YAAY,MAAM,UAAU;AAAA,IAC7C;AAEA,eAAW,YAAY,YAAY;AACjC,UAAI,UAAAC,QAAG,WAAW,QAAQ,GAAG;AAC3B,eAAO,KAAK,UAAU,MAAM,QAAQ;AAAA,MACtC;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,UAAqB;AACnB,QAAI,CAAC,UAAAA,QAAG,WAAW,KAAK,UAAU,EAAG,QAAO,CAAC;AAC7C,WAAO,KAAK,QAAQ,KAAK,YAAY,KAAK,UAAU;AAAA,EACtD;AAAA,EAEQ,QAAQ,KAAa,MAAyB;AACpD,UAAM,UAAqB,CAAC;AAC5B,eAAW,SAAS,UAAAA,QAAG,YAAY,KAAK,EAAE,eAAe,KAAK,CAAC,GAAG;AAChE,YAAM,WAAW,YAAAD,QAAK,KAAK,KAAK,MAAM,IAAI;AAC1C,UAAI,MAAM,YAAY,GAAG;AACvB,gBAAQ,KAAK,GAAG,KAAK,QAAQ,UAAU,IAAI,CAAC;AAAA,MAC9C,WAAW,MAAM,KAAK,SAAS,MAAM,KAAK,MAAM,KAAK,SAAS,KAAK,GAAG;AACpE,cAAM,WAAW,YAAAA,QAAK,SAAS,MAAM,QAAQ;AAC7C,cAAM,OAAO,SAAS,QAAQ,eAAe,EAAE,EAAE,QAAQ,YAAY,EAAE;AACvE,gBAAQ,KAAK,KAAK,UAAU,MAAM,QAAQ,CAAC;AAAA,MAC7C;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAAA,EAEQ,UAAU,MAAc,UAA2B;AACzD,UAAM,MAAM,UAAAC,QAAG,aAAa,UAAU,OAAO;AAC7C,UAAM,EAAE,MAAM,aAAa,SAAS,WAAW,QAAI,mBAAAC,SAAO,GAAG;AAC7D,WAAO,EAAE,MAAM,UAAU,aAAa,WAAW;AAAA,EACnD;AACF;;;AC5DO,SAAS,gBAAgB,OAAkB,SAAyB;AACzE,QAAM,QAAkB;AAAA,IACtB;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,aAAW,QAAQ,OAAO;AACxB,UAAM,KAAK,KAAK;AAChB,UAAM,MAAM,GAAG,QAAQ,QAAQ,OAAO,EAAE,CAAC,IAAI,KAAK,IAAI;AACtD,UAAM,QAAQ,OAAO,GAAG,SAAS,KAAK,IAAI;AAC1C,UAAM,OAAO,GAAG,cAAc,WAAM,OAAO,GAAG,WAAW,CAAC,KAAK;AAC/D,UAAM,KAAK,MAAM,KAAK,KAAK,GAAG,IAAI,IAAI,EAAE;AAAA,EAC1C;AAEA,SAAO,MAAM,KAAK,IAAI,IAAI;AAC5B;;;AFjBA,IAAM,SAAS,IAAI,UAAU,EAAE,YAAY,aAAAC,QAAK,KAAK,QAAQ,IAAI,GAAG,QAAQ,IAAI,kBAAkB,SAAS,EAAE,CAAC;AAG9G,eAAsB,IAAI,KAAkB;AAC1C,QAAM,UAAU,QAAQ,IAAI,wBACvB,GAAG,IAAI,QAAQ,QAAQ,KAAK,IAAI,QAAQ,IAAI;AAEjD,QAAM,QAAQ,OAAO,QAAQ;AAC7B,QAAM,UAAU,gBAAgB,OAAO,OAAO;AAE9C,SAAO,IAAI,2BAAa,SAAS;AAAA,IAC/B,SAAS,EAAE,gBAAgB,4BAA4B;AAAA,EACzD,CAAC;AACH;","names":["import_path","path","fs","matter","path"]}
+{"version":3,"sources":["../../../src/dashboard/routes/llms-txt-route.ts","../../../src/core/mdx-reader.ts","../../../src/discovery/llms-txt.ts"],"sourcesContent":["import { NextResponse, type NextRequest } from 'next/server'\nimport path from 'path'\nimport { MdxReader } from '../../core/mdx-reader.js'\nimport { generateLlmsTxt } from '../../discovery/llms-txt.js'\n\nconst reader = new MdxReader({ contentDir: path.join(process.cwd(), process.env.TA_CONTENT_DIR ?? 'content') })\n\n/** Handler for GET /llms.txt → rewired to /api/third-audience/llms-txt */\nexport async function GET(req: NextRequest) {\n  const baseUrl = process.env.NEXT_PUBLIC_SITE_URL\n    ?? `${req.nextUrl.protocol}//${req.nextUrl.host}`\n\n  const files = reader.readAll()\n  const content = generateLlmsTxt(files, baseUrl)\n\n  return new NextResponse(content, {\n    headers: { 'Content-Type': 'text/plain; charset=utf-8' },\n  })\n}\n","import fs from 'fs'\nimport path from 'path'\nimport matter from 'gray-matter'\n\nexport interface MdxFile {\n  slug: string       // relative path without extension, e.g. 'blog/my-post'\n  filePath: string   // absolute path to .mdx file\n  frontmatter: Record<string, unknown>\n  rawContent: string // body after frontmatter\n}\n\nexport interface MdxReaderOptions {\n  contentDir: string // absolute path to content directory\n  /** URL path segments to drop when mapping a request slug to a file. */\n  stripSegments?: string[]\n}\n\nexport class MdxReader {\n  private contentDir: string\n  private stripSegments: string[]\n\n  constructor(options: MdxReaderOptions) {\n    this.contentDir = options.contentDir\n    this.stripSegments = options.stripSegments ?? []\n  }\n\n  /**\n   * Remove configured URL-only segments from a slug so it maps to the file\n   * layout. e.g. stripSegments ['learn'] turns 'en/learn/hydroponics/x' into\n   * 'en/hydroponics/x'. Only whole path segments are removed.\n   */\n  private applyStrip(slug: string): string {\n    if (this.stripSegments.length === 0) return slug\n    const drop = new Set(this.stripSegments)\n    return slug\n      .split('/')\n      .filter((seg) => !drop.has(seg))\n      .join('/')\n  }\n\n  /** Read a single MDX file by slug. Returns null if not found. */\n  read(slug: string): MdxFile | null {\n    const resolved = this.applyStrip(slug)\n    const candidates = [\n      path.join(this.contentDir, `${resolved}.mdx`),\n      path.join(this.contentDir, `${resolved}.md`),\n      path.join(this.contentDir, resolved, 'index.mdx'),\n      path.join(this.contentDir, resolved, 'index.md'),\n    ]\n\n    for (const filePath of candidates) {\n      if (fs.existsSync(filePath)) {\n        return this.parseFile(slug, filePath)\n      }\n    }\n\n    return null\n  }\n\n  /** Read all MDX files recursively. */\n  readAll(): MdxFile[] {\n    if (!fs.existsSync(this.contentDir)) return []\n    return this.walkDir(this.contentDir, this.contentDir)\n  }\n\n  private walkDir(dir: string, root: string): MdxFile[] {\n    const results: MdxFile[] = []\n    for (const entry of fs.readdirSync(dir, { withFileTypes: true })) {\n      const fullPath = path.join(dir, entry.name)\n      if (entry.isDirectory()) {\n        results.push(...this.walkDir(fullPath, root))\n      } else if (entry.name.endsWith('.mdx') || entry.name.endsWith('.md')) {\n        const relative = path.relative(root, fullPath)\n        const slug = relative.replace(/\\.(mdx|md)$/, '').replace(/\\/index$/, '')\n        results.push(this.parseFile(slug, fullPath))\n      }\n    }\n    return results\n  }\n\n  private parseFile(slug: string, filePath: string): MdxFile {\n    const raw = fs.readFileSync(filePath, 'utf-8')\n    const { data: frontmatter, content: rawContent } = matter(raw)\n    return { slug, filePath, frontmatter, rawContent }\n  }\n}\n","import type { MdxFile } from '../core/mdx-reader.js'\n\n/**\n * Generates /llms.txt content from MDX frontmatter.\n * Format: one entry per line — URL, title, description.\n */\nexport function generateLlmsTxt(files: MdxFile[], baseUrl: string): string {\n  const lines: string[] = [\n    '# LLMs.txt — AI-readable content index',\n    `# Generated by third-audience-mdx`,\n    '',\n  ]\n\n  for (const file of files) {\n    const fm = file.frontmatter\n    const url = `${baseUrl.replace(/\\/$/, '')}/${file.slug}`\n    const title = String(fm.title ?? file.slug)\n    const desc = fm.description ? ` — ${String(fm.description)}` : ''\n    lines.push(`- [${title}](${url})${desc}`)\n  }\n\n  return lines.join('\\n') + '\\n'\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,oBAA+C;AAC/C,IAAAA,eAAiB;;;ACDjB,gBAAe;AACf,kBAAiB;AACjB,yBAAmB;AAeZ,IAAM,YAAN,MAAgB;AAAA,EAIrB,YAAY,SAA2B;AACrC,SAAK,aAAa,QAAQ;AAC1B,SAAK,gBAAgB,QAAQ,iBAAiB,CAAC;AAAA,EACjD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOQ,WAAW,MAAsB;AACvC,QAAI,KAAK,cAAc,WAAW,EAAG,QAAO;AAC5C,UAAM,OAAO,IAAI,IAAI,KAAK,aAAa;AACvC,WAAO,KACJ,MAAM,GAAG,EACT,OAAO,CAAC,QAAQ,CAAC,KAAK,IAAI,GAAG,CAAC,EAC9B,KAAK,GAAG;AAAA,EACb;AAAA;AAAA,EAGA,KAAK,MAA8B;AACjC,UAAM,WAAW,KAAK,WAAW,IAAI;AACrC,UAAM,aAAa;AAAA,MACjB,YAAAC,QAAK,KAAK,KAAK,YAAY,GAAG,QAAQ,MAAM;AAAA,MAC5C,YAAAA,QAAK,KAAK,KAAK,YAAY,GAAG,QAAQ,KAAK;AAAA,MAC3C,YAAAA,QAAK,KAAK,KAAK,YAAY,UAAU,WAAW;AAAA,MAChD,YAAAA,QAAK,KAAK,KAAK,YAAY,UAAU,UAAU;AAAA,IACjD;AAEA,eAAW,YAAY,YAAY;AACjC,UAAI,UAAAC,QAAG,WAAW,QAAQ,GAAG;AAC3B,eAAO,KAAK,UAAU,MAAM,QAAQ;AAAA,MACtC;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,UAAqB;AACnB,QAAI,CAAC,UAAAA,QAAG,WAAW,KAAK,UAAU,EAAG,QAAO,CAAC;AAC7C,WAAO,KAAK,QAAQ,KAAK,YAAY,KAAK,UAAU;AAAA,EACtD;AAAA,EAEQ,QAAQ,KAAa,MAAyB;AACpD,UAAM,UAAqB,CAAC;AAC5B,eAAW,SAAS,UAAAA,QAAG,YAAY,KAAK,EAAE,eAAe,KAAK,CAAC,GAAG;AAChE,YAAM,WAAW,YAAAD,QAAK,KAAK,KAAK,MAAM,IAAI;AAC1C,UAAI,MAAM,YAAY,GAAG;AACvB,gBAAQ,KAAK,GAAG,KAAK,QAAQ,UAAU,IAAI,CAAC;AAAA,MAC9C,WAAW,MAAM,KAAK,SAAS,MAAM,KAAK,MAAM,KAAK,SAAS,KAAK,GAAG;AACpE,cAAM,WAAW,YAAAA,QAAK,SAAS,MAAM,QAAQ;AAC7C,cAAM,OAAO,SAAS,QAAQ,eAAe,EAAE,EAAE,QAAQ,YAAY,EAAE;AACvE,gBAAQ,KAAK,KAAK,UAAU,MAAM,QAAQ,CAAC;AAAA,MAC7C;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAAA,EAEQ,UAAU,MAAc,UAA2B;AACzD,UAAM,MAAM,UAAAC,QAAG,aAAa,UAAU,OAAO;AAC7C,UAAM,EAAE,MAAM,aAAa,SAAS,WAAW,QAAI,mBAAAC,SAAO,GAAG;AAC7D,WAAO,EAAE,MAAM,UAAU,aAAa,WAAW;AAAA,EACnD;AACF;;;AC/EO,SAAS,gBAAgB,OAAkB,SAAyB;AACzE,QAAM,QAAkB;AAAA,IACtB;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,aAAW,QAAQ,OAAO;AACxB,UAAM,KAAK,KAAK;AAChB,UAAM,MAAM,GAAG,QAAQ,QAAQ,OAAO,EAAE,CAAC,IAAI,KAAK,IAAI;AACtD,UAAM,QAAQ,OAAO,GAAG,SAAS,KAAK,IAAI;AAC1C,UAAM,OAAO,GAAG,cAAc,WAAM,OAAO,GAAG,WAAW,CAAC,KAAK;AAC/D,UAAM,KAAK,MAAM,KAAK,KAAK,GAAG,IAAI,IAAI,EAAE;AAAA,EAC1C;AAEA,SAAO,MAAM,KAAK,IAAI,IAAI;AAC5B;;;AFjBA,IAAM,SAAS,IAAI,UAAU,EAAE,YAAY,aAAAC,QAAK,KAAK,QAAQ,IAAI,GAAG,QAAQ,IAAI,kBAAkB,SAAS,EAAE,CAAC;AAG9G,eAAsB,IAAI,KAAkB;AAC1C,QAAM,UAAU,QAAQ,IAAI,wBACvB,GAAG,IAAI,QAAQ,QAAQ,KAAK,IAAI,QAAQ,IAAI;AAEjD,QAAM,QAAQ,OAAO,QAAQ;AAC7B,QAAM,UAAU,gBAAgB,OAAO,OAAO;AAE9C,SAAO,IAAI,2BAAa,SAAS;AAAA,IAC/B,SAAS,EAAE,gBAAgB,4BAA4B;AAAA,EACzD,CAAC;AACH;","names":["import_path","path","fs","matter","path"]}

package/dist/dashboard/routes/llms-txt-route.mjs

@@ -9,14 +9,26 @@ import matter from "gray-matter";
 var MdxReader = class {
   constructor(options) {
     this.contentDir = options.contentDir;
+    this.stripSegments = options.stripSegments ?? [];
+  }
+  /**
+   * Remove configured URL-only segments from a slug so it maps to the file
+   * layout. e.g. stripSegments ['learn'] turns 'en/learn/hydroponics/x' into
+   * 'en/hydroponics/x'. Only whole path segments are removed.
+   */
+  applyStrip(slug) {
+    if (this.stripSegments.length === 0) return slug;
+    const drop = new Set(this.stripSegments);
+    return slug.split("/").filter((seg) => !drop.has(seg)).join("/");
   }
   /** Read a single MDX file by slug. Returns null if not found. */
   read(slug) {
+    const resolved = this.applyStrip(slug);
     const candidates = [
-      path.join(this.contentDir, `${slug}.mdx`),
-      path.join(this.contentDir, `${slug}.md`),
-      path.join(this.contentDir, slug, "index.mdx"),
-      path.join(this.contentDir, slug, "index.md")
+      path.join(this.contentDir, `${resolved}.mdx`),
+      path.join(this.contentDir, `${resolved}.md`),
+      path.join(this.contentDir, resolved, "index.mdx"),
+      path.join(this.contentDir, resolved, "index.md")
     ];
     for (const filePath of candidates) {
       if (fs.existsSync(filePath)) {

package/dist/dashboard/routes/llms-txt-route.mjs.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/dashboard/routes/llms-txt-route.ts","../../../src/core/mdx-reader.ts","../../../src/discovery/llms-txt.ts"],"sourcesContent":["import { NextResponse, type NextRequest } from 'next/server'\nimport path from 'path'\nimport { MdxReader } from '../../core/mdx-reader.js'\nimport { generateLlmsTxt } from '../../discovery/llms-txt.js'\n\nconst reader = new MdxReader({ contentDir: path.join(process.cwd(), process.env.TA_CONTENT_DIR ?? 'content') })\n\n/** Handler for GET /llms.txt → rewired to /api/third-audience/llms-txt */\nexport async function GET(req: NextRequest) {\n  const baseUrl = process.env.NEXT_PUBLIC_SITE_URL\n    ?? `${req.nextUrl.protocol}//${req.nextUrl.host}`\n\n  const files = reader.readAll()\n  const content = generateLlmsTxt(files, baseUrl)\n\n  return new NextResponse(content, {\n    headers: { 'Content-Type': 'text/plain; charset=utf-8' },\n  })\n}\n","import fs from 'fs'\nimport path from 'path'\nimport matter from 'gray-matter'\n\nexport interface MdxFile {\n  slug: string       // relative path without extension, e.g. 'blog/my-post'\n  filePath: string   // absolute path to .mdx file\n  frontmatter: Record<string, unknown>\n  rawContent: string // body after frontmatter\n}\n\nexport interface MdxReaderOptions {\n  contentDir: string // absolute path to content directory\n}\n\nexport class MdxReader {\n  private contentDir: string\n\n  constructor(options: MdxReaderOptions) {\n    this.contentDir = options.contentDir\n  }\n\n  /** Read a single MDX file by slug. Returns null if not found. */\n  read(slug: string): MdxFile | null {\n    const candidates = [\n      path.join(this.contentDir, `${slug}.mdx`),\n      path.join(this.contentDir, `${slug}.md`),\n      path.join(this.contentDir, slug, 'index.mdx'),\n      path.join(this.contentDir, slug, 'index.md'),\n    ]\n\n    for (const filePath of candidates) {\n      if (fs.existsSync(filePath)) {\n        return this.parseFile(slug, filePath)\n      }\n    }\n\n    return null\n  }\n\n  /** Read all MDX files recursively. */\n  readAll(): MdxFile[] {\n    if (!fs.existsSync(this.contentDir)) return []\n    return this.walkDir(this.contentDir, this.contentDir)\n  }\n\n  private walkDir(dir: string, root: string): MdxFile[] {\n    const results: MdxFile[] = []\n    for (const entry of fs.readdirSync(dir, { withFileTypes: true })) {\n      const fullPath = path.join(dir, entry.name)\n      if (entry.isDirectory()) {\n        results.push(...this.walkDir(fullPath, root))\n      } else if (entry.name.endsWith('.mdx') || entry.name.endsWith('.md')) {\n        const relative = path.relative(root, fullPath)\n        const slug = relative.replace(/\\.(mdx|md)$/, '').replace(/\\/index$/, '')\n        results.push(this.parseFile(slug, fullPath))\n      }\n    }\n    return results\n  }\n\n  private parseFile(slug: string, filePath: string): MdxFile {\n    const raw = fs.readFileSync(filePath, 'utf-8')\n    const { data: frontmatter, content: rawContent } = matter(raw)\n    return { slug, filePath, frontmatter, rawContent }\n  }\n}\n","import type { MdxFile } from '../core/mdx-reader.js'\n\n/**\n * Generates /llms.txt content from MDX frontmatter.\n * Format: one entry per line — URL, title, description.\n */\nexport function generateLlmsTxt(files: MdxFile[], baseUrl: string): string {\n  const lines: string[] = [\n    '# LLMs.txt — AI-readable content index',\n    `# Generated by third-audience-mdx`,\n    '',\n  ]\n\n  for (const file of files) {\n    const fm = file.frontmatter\n    const url = `${baseUrl.replace(/\\/$/, '')}/${file.slug}`\n    const title = String(fm.title ?? file.slug)\n    const desc = fm.description ? ` — ${String(fm.description)}` : ''\n    lines.push(`- [${title}](${url})${desc}`)\n  }\n\n  return lines.join('\\n') + '\\n'\n}\n"],"mappings":";AAAA,SAAS,oBAAsC;AAC/C,OAAOA,WAAU;;;ACDjB,OAAO,QAAQ;AACf,OAAO,UAAU;AACjB,OAAO,YAAY;AAaZ,IAAM,YAAN,MAAgB;AAAA,EAGrB,YAAY,SAA2B;AACrC,SAAK,aAAa,QAAQ;AAAA,EAC5B;AAAA;AAAA,EAGA,KAAK,MAA8B;AACjC,UAAM,aAAa;AAAA,MACjB,KAAK,KAAK,KAAK,YAAY,GAAG,IAAI,MAAM;AAAA,MACxC,KAAK,KAAK,KAAK,YAAY,GAAG,IAAI,KAAK;AAAA,MACvC,KAAK,KAAK,KAAK,YAAY,MAAM,WAAW;AAAA,MAC5C,KAAK,KAAK,KAAK,YAAY,MAAM,UAAU;AAAA,IAC7C;AAEA,eAAW,YAAY,YAAY;AACjC,UAAI,GAAG,WAAW,QAAQ,GAAG;AAC3B,eAAO,KAAK,UAAU,MAAM,QAAQ;AAAA,MACtC;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,UAAqB;AACnB,QAAI,CAAC,GAAG,WAAW,KAAK,UAAU,EAAG,QAAO,CAAC;AAC7C,WAAO,KAAK,QAAQ,KAAK,YAAY,KAAK,UAAU;AAAA,EACtD;AAAA,EAEQ,QAAQ,KAAa,MAAyB;AACpD,UAAM,UAAqB,CAAC;AAC5B,eAAW,SAAS,GAAG,YAAY,KAAK,EAAE,eAAe,KAAK,CAAC,GAAG;AAChE,YAAM,WAAW,KAAK,KAAK,KAAK,MAAM,IAAI;AAC1C,UAAI,MAAM,YAAY,GAAG;AACvB,gBAAQ,KAAK,GAAG,KAAK,QAAQ,UAAU,IAAI,CAAC;AAAA,MAC9C,WAAW,MAAM,KAAK,SAAS,MAAM,KAAK,MAAM,KAAK,SAAS,KAAK,GAAG;AACpE,cAAM,WAAW,KAAK,SAAS,MAAM,QAAQ;AAC7C,cAAM,OAAO,SAAS,QAAQ,eAAe,EAAE,EAAE,QAAQ,YAAY,EAAE;AACvE,gBAAQ,KAAK,KAAK,UAAU,MAAM,QAAQ,CAAC;AAAA,MAC7C;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAAA,EAEQ,UAAU,MAAc,UAA2B;AACzD,UAAM,MAAM,GAAG,aAAa,UAAU,OAAO;AAC7C,UAAM,EAAE,MAAM,aAAa,SAAS,WAAW,IAAI,OAAO,GAAG;AAC7D,WAAO,EAAE,MAAM,UAAU,aAAa,WAAW;AAAA,EACnD;AACF;;;AC5DO,SAAS,gBAAgB,OAAkB,SAAyB;AACzE,QAAM,QAAkB;AAAA,IACtB;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,aAAW,QAAQ,OAAO;AACxB,UAAM,KAAK,KAAK;AAChB,UAAM,MAAM,GAAG,QAAQ,QAAQ,OAAO,EAAE,CAAC,IAAI,KAAK,IAAI;AACtD,UAAM,QAAQ,OAAO,GAAG,SAAS,KAAK,IAAI;AAC1C,UAAM,OAAO,GAAG,cAAc,WAAM,OAAO,GAAG,WAAW,CAAC,KAAK;AAC/D,UAAM,KAAK,MAAM,KAAK,KAAK,GAAG,IAAI,IAAI,EAAE;AAAA,EAC1C;AAEA,SAAO,MAAM,KAAK,IAAI,IAAI;AAC5B;;;AFjBA,IAAM,SAAS,IAAI,UAAU,EAAE,YAAYC,MAAK,KAAK,QAAQ,IAAI,GAAG,QAAQ,IAAI,kBAAkB,SAAS,EAAE,CAAC;AAG9G,eAAsB,IAAI,KAAkB;AAC1C,QAAM,UAAU,QAAQ,IAAI,wBACvB,GAAG,IAAI,QAAQ,QAAQ,KAAK,IAAI,QAAQ,IAAI;AAEjD,QAAM,QAAQ,OAAO,QAAQ;AAC7B,QAAM,UAAU,gBAAgB,OAAO,OAAO;AAE9C,SAAO,IAAI,aAAa,SAAS;AAAA,IAC/B,SAAS,EAAE,gBAAgB,4BAA4B;AAAA,EACzD,CAAC;AACH;","names":["path","path"]}
+{"version":3,"sources":["../../../src/dashboard/routes/llms-txt-route.ts","../../../src/core/mdx-reader.ts","../../../src/discovery/llms-txt.ts"],"sourcesContent":["import { NextResponse, type NextRequest } from 'next/server'\nimport path from 'path'\nimport { MdxReader } from '../../core/mdx-reader.js'\nimport { generateLlmsTxt } from '../../discovery/llms-txt.js'\n\nconst reader = new MdxReader({ contentDir: path.join(process.cwd(), process.env.TA_CONTENT_DIR ?? 'content') })\n\n/** Handler for GET /llms.txt → rewired to /api/third-audience/llms-txt */\nexport async function GET(req: NextRequest) {\n  const baseUrl = process.env.NEXT_PUBLIC_SITE_URL\n    ?? `${req.nextUrl.protocol}//${req.nextUrl.host}`\n\n  const files = reader.readAll()\n  const content = generateLlmsTxt(files, baseUrl)\n\n  return new NextResponse(content, {\n    headers: { 'Content-Type': 'text/plain; charset=utf-8' },\n  })\n}\n","import fs from 'fs'\nimport path from 'path'\nimport matter from 'gray-matter'\n\nexport interface MdxFile {\n  slug: string       // relative path without extension, e.g. 'blog/my-post'\n  filePath: string   // absolute path to .mdx file\n  frontmatter: Record<string, unknown>\n  rawContent: string // body after frontmatter\n}\n\nexport interface MdxReaderOptions {\n  contentDir: string // absolute path to content directory\n  /** URL path segments to drop when mapping a request slug to a file. */\n  stripSegments?: string[]\n}\n\nexport class MdxReader {\n  private contentDir: string\n  private stripSegments: string[]\n\n  constructor(options: MdxReaderOptions) {\n    this.contentDir = options.contentDir\n    this.stripSegments = options.stripSegments ?? []\n  }\n\n  /**\n   * Remove configured URL-only segments from a slug so it maps to the file\n   * layout. e.g. stripSegments ['learn'] turns 'en/learn/hydroponics/x' into\n   * 'en/hydroponics/x'. Only whole path segments are removed.\n   */\n  private applyStrip(slug: string): string {\n    if (this.stripSegments.length === 0) return slug\n    const drop = new Set(this.stripSegments)\n    return slug\n      .split('/')\n      .filter((seg) => !drop.has(seg))\n      .join('/')\n  }\n\n  /** Read a single MDX file by slug. Returns null if not found. */\n  read(slug: string): MdxFile | null {\n    const resolved = this.applyStrip(slug)\n    const candidates = [\n      path.join(this.contentDir, `${resolved}.mdx`),\n      path.join(this.contentDir, `${resolved}.md`),\n      path.join(this.contentDir, resolved, 'index.mdx'),\n      path.join(this.contentDir, resolved, 'index.md'),\n    ]\n\n    for (const filePath of candidates) {\n      if (fs.existsSync(filePath)) {\n        return this.parseFile(slug, filePath)\n      }\n    }\n\n    return null\n  }\n\n  /** Read all MDX files recursively. */\n  readAll(): MdxFile[] {\n    if (!fs.existsSync(this.contentDir)) return []\n    return this.walkDir(this.contentDir, this.contentDir)\n  }\n\n  private walkDir(dir: string, root: string): MdxFile[] {\n    const results: MdxFile[] = []\n    for (const entry of fs.readdirSync(dir, { withFileTypes: true })) {\n      const fullPath = path.join(dir, entry.name)\n      if (entry.isDirectory()) {\n        results.push(...this.walkDir(fullPath, root))\n      } else if (entry.name.endsWith('.mdx') || entry.name.endsWith('.md')) {\n        const relative = path.relative(root, fullPath)\n        const slug = relative.replace(/\\.(mdx|md)$/, '').replace(/\\/index$/, '')\n        results.push(this.parseFile(slug, fullPath))\n      }\n    }\n    return results\n  }\n\n  private parseFile(slug: string, filePath: string): MdxFile {\n    const raw = fs.readFileSync(filePath, 'utf-8')\n    const { data: frontmatter, content: rawContent } = matter(raw)\n    return { slug, filePath, frontmatter, rawContent }\n  }\n}\n","import type { MdxFile } from '../core/mdx-reader.js'\n\n/**\n * Generates /llms.txt content from MDX frontmatter.\n * Format: one entry per line — URL, title, description.\n */\nexport function generateLlmsTxt(files: MdxFile[], baseUrl: string): string {\n  const lines: string[] = [\n    '# LLMs.txt — AI-readable content index',\n    `# Generated by third-audience-mdx`,\n    '',\n  ]\n\n  for (const file of files) {\n    const fm = file.frontmatter\n    const url = `${baseUrl.replace(/\\/$/, '')}/${file.slug}`\n    const title = String(fm.title ?? file.slug)\n    const desc = fm.description ? ` — ${String(fm.description)}` : ''\n    lines.push(`- [${title}](${url})${desc}`)\n  }\n\n  return lines.join('\\n') + '\\n'\n}\n"],"mappings":";AAAA,SAAS,oBAAsC;AAC/C,OAAOA,WAAU;;;ACDjB,OAAO,QAAQ;AACf,OAAO,UAAU;AACjB,OAAO,YAAY;AAeZ,IAAM,YAAN,MAAgB;AAAA,EAIrB,YAAY,SAA2B;AACrC,SAAK,aAAa,QAAQ;AAC1B,SAAK,gBAAgB,QAAQ,iBAAiB,CAAC;AAAA,EACjD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOQ,WAAW,MAAsB;AACvC,QAAI,KAAK,cAAc,WAAW,EAAG,QAAO;AAC5C,UAAM,OAAO,IAAI,IAAI,KAAK,aAAa;AACvC,WAAO,KACJ,MAAM,GAAG,EACT,OAAO,CAAC,QAAQ,CAAC,KAAK,IAAI,GAAG,CAAC,EAC9B,KAAK,GAAG;AAAA,EACb;AAAA;AAAA,EAGA,KAAK,MAA8B;AACjC,UAAM,WAAW,KAAK,WAAW,IAAI;AACrC,UAAM,aAAa;AAAA,MACjB,KAAK,KAAK,KAAK,YAAY,GAAG,QAAQ,MAAM;AAAA,MAC5C,KAAK,KAAK,KAAK,YAAY,GAAG,QAAQ,KAAK;AAAA,MAC3C,KAAK,KAAK,KAAK,YAAY,UAAU,WAAW;AAAA,MAChD,KAAK,KAAK,KAAK,YAAY,UAAU,UAAU;AAAA,IACjD;AAEA,eAAW,YAAY,YAAY;AACjC,UAAI,GAAG,WAAW,QAAQ,GAAG;AAC3B,eAAO,KAAK,UAAU,MAAM,QAAQ;AAAA,MACtC;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,UAAqB;AACnB,QAAI,CAAC,GAAG,WAAW,KAAK,UAAU,EAAG,QAAO,CAAC;AAC7C,WAAO,KAAK,QAAQ,KAAK,YAAY,KAAK,UAAU;AAAA,EACtD;AAAA,EAEQ,QAAQ,KAAa,MAAyB;AACpD,UAAM,UAAqB,CAAC;AAC5B,eAAW,SAAS,GAAG,YAAY,KAAK,EAAE,eAAe,KAAK,CAAC,GAAG;AAChE,YAAM,WAAW,KAAK,KAAK,KAAK,MAAM,IAAI;AAC1C,UAAI,MAAM,YAAY,GAAG;AACvB,gBAAQ,KAAK,GAAG,KAAK,QAAQ,UAAU,IAAI,CAAC;AAAA,MAC9C,WAAW,MAAM,KAAK,SAAS,MAAM,KAAK,MAAM,KAAK,SAAS,KAAK,GAAG;AACpE,cAAM,WAAW,KAAK,SAAS,MAAM,QAAQ;AAC7C,cAAM,OAAO,SAAS,QAAQ,eAAe,EAAE,EAAE,QAAQ,YAAY,EAAE;AACvE,gBAAQ,KAAK,KAAK,UAAU,MAAM,QAAQ,CAAC;AAAA,MAC7C;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAAA,EAEQ,UAAU,MAAc,UAA2B;AACzD,UAAM,MAAM,GAAG,aAAa,UAAU,OAAO;AAC7C,UAAM,EAAE,MAAM,aAAa,SAAS,WAAW,IAAI,OAAO,GAAG;AAC7D,WAAO,EAAE,MAAM,UAAU,aAAa,WAAW;AAAA,EACnD;AACF;;;AC/EO,SAAS,gBAAgB,OAAkB,SAAyB;AACzE,QAAM,QAAkB;AAAA,IACtB;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,aAAW,QAAQ,OAAO;AACxB,UAAM,KAAK,KAAK;AAChB,UAAM,MAAM,GAAG,QAAQ,QAAQ,OAAO,EAAE,CAAC,IAAI,KAAK,IAAI;AACtD,UAAM,QAAQ,OAAO,GAAG,SAAS,KAAK,IAAI;AAC1C,UAAM,OAAO,GAAG,cAAc,WAAM,OAAO,GAAG,WAAW,CAAC,KAAK;AAC/D,UAAM,KAAK,MAAM,KAAK,KAAK,GAAG,IAAI,IAAI,EAAE;AAAA,EAC1C;AAEA,SAAO,MAAM,KAAK,IAAI,IAAI;AAC5B;;;AFjBA,IAAM,SAAS,IAAI,UAAU,EAAE,YAAYC,MAAK,KAAK,QAAQ,IAAI,GAAG,QAAQ,IAAI,kBAAkB,SAAS,EAAE,CAAC;AAG9G,eAAsB,IAAI,KAAkB;AAC1C,QAAM,UAAU,QAAQ,IAAI,wBACvB,GAAG,IAAI,QAAQ,QAAQ,KAAK,IAAI,QAAQ,IAAI;AAEjD,QAAM,QAAQ,OAAO,QAAQ;AAC7B,QAAM,UAAU,gBAAgB,OAAO,OAAO;AAE9C,SAAO,IAAI,aAAa,SAAS;AAAA,IAC/B,SAAS,EAAE,gBAAgB,4BAA4B;AAAA,EACzD,CAAC;AACH;","names":["path","path"]}

package/dist/dashboard/routes/markdown-route.js

@@ -43,14 +43,26 @@ var import_gray_matter = __toESM(require("gray-matter"));
 var MdxReader = class {
   constructor(options) {
     this.contentDir = options.contentDir;
+    this.stripSegments = options.stripSegments ?? [];
+  }
+  /**
+   * Remove configured URL-only segments from a slug so it maps to the file
+   * layout. e.g. stripSegments ['learn'] turns 'en/learn/hydroponics/x' into
+   * 'en/hydroponics/x'. Only whole path segments are removed.
+   */
+  applyStrip(slug) {
+    if (this.stripSegments.length === 0) return slug;
+    const drop = new Set(this.stripSegments);
+    return slug.split("/").filter((seg) => !drop.has(seg)).join("/");
   }
   /** Read a single MDX file by slug. Returns null if not found. */
   read(slug) {
+    const resolved = this.applyStrip(slug);
     const candidates = [
-      import_path.default.join(this.contentDir, `${slug}.mdx`),
-      import_path.default.join(this.contentDir, `${slug}.md`),
-      import_path.default.join(this.contentDir, slug, "index.mdx"),
-      import_path.default.join(this.contentDir, slug, "index.md")
+      import_path.default.join(this.contentDir, `${resolved}.mdx`),
+      import_path.default.join(this.contentDir, `${resolved}.md`),
+      import_path.default.join(this.contentDir, resolved, "index.mdx"),
+      import_path.default.join(this.contentDir, resolved, "index.md")
     ];
     for (const filePath of candidates) {
       if (import_fs.default.existsSync(filePath)) {
@@ -368,7 +380,10 @@ _VisitTracker.instance = null;
 var VisitTracker = _VisitTracker;
 
 // src/dashboard/routes/markdown-route.ts
-var reader = new MdxReader({ contentDir: import_path4.default.join(process.cwd(), process.env.TA_CONTENT_DIR ?? "content") });
+var reader = new MdxReader({
+  contentDir: import_path4.default.join(process.cwd(), process.env.TA_CONTENT_DIR ?? "content"),
+  stripSegments: (process.env.TA_STRIP_SEGMENTS ?? "").split(",").map((s) => s.trim()).filter(Boolean)
+});
 var renderer = new MarkdownRenderer();
 var cache = new CacheManager({
   cacheDir: import_path4.default.join(process.cwd(), process.env.TA_DATA_DIR ?? "data", "ta-cache")