commit 4085b96d4acd5e7fea3230fdc916fef3f74a41c4 · nekomimi.pet/wisp.place-monorepo

-32

hosting-service/src/index.ts

···

       1
       1
        
       import { serve } from 'bun';

     

       2
       2
        
       import app from './server';

     

       3
       3
        
       import { FirehoseWorker } from './lib/firehose';

     

       4
       4
       -
       import { DNSVerificationWorker } from './lib/dns-verification-worker';

     

       5
       4
        
       import { mkdirSync, existsSync } from 'fs';

     

       6
       5
        
       

     

       7
       6
        
       const PORT = process.env.PORT || 3001;

     
···

       20
       19
        
       

     

       21
       20
        
       firehose.start();

     

       22
       21
        
       

     

       23
       23
       -
       // Start DNS verification worker (runs every hour)

     

       24
       24
       -
       const dnsVerifier = new DNSVerificationWorker(

     

       25
       25
       -
         60 * 60 * 1000, // 1 hour

     

       26
       26
       -
         (msg, data) => {

     

       27
       27
       -
           console.log('[DNS Verifier]', msg, data || '');

     

       28
       28
       -
         }

     

       29
       29
       -
       );

     

       30
       30
       -
       

     

       31
       31
       -
       dnsVerifier.start();

     

       32
       32
       -
       

     

       33
       22
        
       // Add health check endpoint

     

       34
       23
        
       app.get('/health', (c) => {

     

       35
       24
        
         const firehoseHealth = firehose.getHealth();

     

       36
       36
       -
         const dnsVerifierHealth = dnsVerifier.getHealth();

     

       37
       25
        
         return c.json({

     

       38
       26
        
           status: 'ok',

     

       39
       27
        
           firehose: firehoseHealth,

     

       40
       40
       -
           dnsVerifier: dnsVerifierHealth,

     

       41
       28
        
         });

     

       42
       29
        
       });

     

       43
       30
        
       

     

       44
       44
       -
       // Add manual DNS verification trigger (for testing/admin)

     

       45
       45
       -
       app.post('/admin/verify-dns', async (c) => {

     

       46
       46
       -
         try {

     

       47
       47
       -
           await dnsVerifier.trigger();

     

       48
       48
       -
           return c.json({

     

       49
       49
       -
             success: true,

     

       50
       50
       -
             message: 'DNS verification triggered',

     

       51
       51
       -
           });

     

       52
       52
       -
         } catch (error) {

     

       53
       53
       -
           return c.json({

     

       54
       54
       -
             success: false,

     

       55
       55
       -
             error: error instanceof Error ? error.message : String(error),

     

       56
       56
       -
           }, 500);

     

       57
       57
       -
         }

     

       58
       58
       -
       });

     

       59
       59
       -
       

     

       60
       31
        
       // Start HTTP server

     

       61
       32
        
       const server = serve({

     

       62
       33
        
         port: PORT,

     
···

       70
       41
        
       Health:       http://localhost:${PORT}/health

     

       71
       42
        
       Cache:        ${CACHE_DIR}

     

       72
       43
        
       Firehose:     Connected to Jetstream

     

       73
       73
       -
       DNS Verifier: Checking every hour

     

       74
       44
        
       `);

     

       75
       45
        
       

     

       76
       46
        
       // Graceful shutdown

     

       77
       47
        
       process.on('SIGINT', () => {

     

       78
       48
        
         console.log('\n🛑 Shutting down...');

     

       79
       49
        
         firehose.stop();

     

       80
       80
       -
         dnsVerifier.stop();

     

       81
       50
        
         server.stop();

     

       82
       51
        
         process.exit(0);

     

       83
       52
        
       });

     
···

       85
       54
        
       process.on('SIGTERM', () => {

     

       86
       55
        
         console.log('\n🛑 Shutting down...');

     

       87
       56
        
         firehose.stop();

     

       88
       88
       -
         dnsVerifier.stop();

     

       89
       57
        
         server.stop();

     

       90
       58
        
         process.exit(0);

     

       91
       59
        
       });

+2 -2

hosting-service/src/lib/dns-verification-worker.ts src/lib/dns-verification-worker.ts

···

       1
       1
       -
       import { verifyCustomDomain } from '../../../src/lib/dns-verify';

     

       2
       2
       -
       import { db } from '../../../src/lib/db';

     

       1
       1
       +
       import { verifyCustomDomain } from './dns-verify';

     

       2
       2
       +
       import { db } from './db';

     

       3
       3
        
       

     

       4
       4
        
       interface VerificationStats {

     

       5
       5
        
         totalChecked: number;

+3 -19

hosting-service/src/lib/utils.ts

···

       4
       4
        
       import { writeFile, readFile } from 'fs/promises';

     

       5
       5
        
       import { safeFetchJson, safeFetchBlob } from './safe-fetch';

     

       6
       6
        
       import { CID } from 'multiformats/cid';

     

       7
       7
       -
       import { createHash } from 'crypto';

     

       8
       7
        
       

     

       9
       8
        
       const CACHE_DIR = './cache/sites';

     

       10
       9
        
       const CACHE_TTL = 14 * 24 * 60 * 60 * 1000; // 14 days cache TTL

     
···

       16
       15
        
         rkey: string;

     

       17
       16
        
       }

     

       18
       17
        
       

     

       19
       19
       -
       // Type guards for different blob reference formats

     

       20
       18
        
       interface IpldLink {

     

       21
       19
        
         $link: string;

     

       22
       20
        
       }

     
···

       63
       61
        
           let doc;

     

       64
       62
        
       

     

       65
       63
        
           if (did.startsWith('did:plc:')) {

     

       66
       66
       -
             // Resolve did:plc from plc.directory

     

       67
       64
        
             doc = await safeFetchJson(`https://plc.directory/${encodeURIComponent(did)}`);

     

       68
       65
        
           } else if (did.startsWith('did:web:')) {

     

       69
       69
       -
             // Resolve did:web from the domain

     

       70
       66
        
             const didUrl = didWebToHttps(did);

     

       71
       67
        
             doc = await safeFetchJson(didUrl);

     

       72
       68
        
           } else {

     
···

       85
       81
        
       }

     

       86
       82
        
       

     

       87
       83
        
       function didWebToHttps(did: string): string {

     

       88
       88
       -
         // did:web:example.com -> https://example.com/.well-known/did.json

     

       89
       89
       -
         // did:web:example.com:path:to:did -> https://example.com/path/to/did/did.json

     

       90
       90
       -
       

     

       91
       84
        
         const didParts = did.split(':');

     

       92
       85
        
         if (didParts.length < 3 || didParts[0] !== 'did' || didParts[1] !== 'web') {

     

       93
       86
        
           throw new Error('Invalid did:web format');

     
···

       97
       90
        
         const pathParts = didParts.slice(3);

     

       98
       91
        
       

     

       99
       92
        
         if (pathParts.length === 0) {

     

       100
       100
       -
           // No path, use .well-known

     

       101
       93
        
           return `https://${domain}/.well-known/did.json`;

     

       102
       94
        
         } else {

     

       103
       103
       -
           // Has path

     

       104
       95
        
           const path = pathParts.join('/');

     

       105
       96
        
           return `https://${domain}/${path}/did.json`;

     

       106
       97
        
         }

     
···

       114
       105
        
           const url = `${pdsEndpoint}/xrpc/com.atproto.repo.getRecord?repo=${encodeURIComponent(did)}&collection=place.wisp.fs&rkey=${encodeURIComponent(rkey)}`;

     

       115
       106
        
           const data = await safeFetchJson(url);

     

       116
       107
        
       

     

       117
       117
       -
           // Return both the record and its CID for verification

     

       118
       108
        
           return {

     

       119
       109
        
             record: data.value as WispFsRecord,

     

       120
       110
        
             cid: data.cid || ''

     
···

       126
       116
        
       }

     

       127
       117
        
       

     

       128
       118
        
       export function extractBlobCid(blobRef: unknown): string | null {

     

       129
       129
       -
         // Check if it's a direct IPLD link

     

       130
       119
        
         if (isIpldLink(blobRef)) {

     

       131
       120
        
           return blobRef.$link;

     

       132
       121
        
         }

     

       133
       122
        
       

     

       134
       134
       -
         // Check if it's a typed blob ref with a ref property

     

       135
       123
        
         if (isTypedBlobRef(blobRef)) {

     

       136
       124
        
           const ref = blobRef.ref;

     

       137
       125
        
       

     

       138
       138
       -
           // Check if ref is a CID object

     

       139
       139
       -
           if (CID.isCID(ref)) {

     

       140
       140
       -
             return ref.toString();

     

       126
       126
       +
           const cid = CID.asCID(ref);

     

       127
       127
       +
           if (cid) {

     

       128
       128
       +
             return cid.toString();

     

       141
       129
        
           }

     

       142
       130
        
       

     

       143
       143
       -
           // Check if ref is an IPLD link object

     

       144
       131
        
           if (isIpldLink(ref)) {

     

       145
       132
        
             return ref.$link;

     

       146
       133
        
           }

     

       147
       134
        
         }

     

       148
       135
        
       

     

       149
       149
       -
         // Check if it's an untyped blob ref with a cid string

     

       150
       136
        
         if (isUntypedBlobRef(blobRef)) {

     

       151
       137
        
           return blobRef.cid;

     

       152
       138
        
         }

     
···

       157
       143
        
       export async function downloadAndCacheSite(did: string, rkey: string, record: WispFsRecord, pdsEndpoint: string, recordCid: string): Promise<void> {

     

       158
       144
        
         console.log('Caching site', did, rkey);

     

       159
       145
        
       

     

       160
       160
       -
         // Validate record structure

     

       161
       146
        
         if (!record.root) {

     

       162
       147
        
           console.error('Record missing root directory:', JSON.stringify(record, null, 2));

     

       163
       148
        
           throw new Error('Invalid record structure: missing root directory');

     
···

       170
       155
        
       

     

       171
       156
        
         await cacheFiles(did, rkey, record.root.entries, pdsEndpoint, '');

     

       172
       157
        
       

     

       173
       173
       -
         // Save cache metadata with CID for verification

     

       174
       158
        
         await saveCacheMetadata(did, rkey, recordCid);

     

       175
       159
        
       }

     

       176
       160

+49 -6

public/editor/editor.tsx

···

       94
       94
        
       	const [selectedFiles, setSelectedFiles] = useState<FileList | null>(null)

     

       95
       95
        
       	const [isUploading, setIsUploading] = useState(false)

     

       96
       96
        
       	const [uploadProgress, setUploadProgress] = useState('')

     

       97
       97
       +
       	const [skippedFiles, setSkippedFiles] = useState<Array<{ name: string; reason: string }>>([])

     

       98
       98
       +
       	const [uploadedCount, setUploadedCount] = useState(0)

     

       97
       99
        
       

     

       98
       100
        
       	// Custom domain modal state

     

       99
       101
        
       	const [addDomainModalOpen, setAddDomainModalOpen] = useState(false)

     
···

       232
       234
        
       			const data = await response.json()

     

       233
       235
        
       			if (data.success) {

     

       234
       236
        
       				setUploadProgress('Upload complete!')

     

       237
       237
       +
       				setSkippedFiles(data.skippedFiles || [])

     

       238
       238
       +
       				setUploadedCount(data.uploadedCount || data.fileCount || 0)

     

       235
       239
        
       				setSiteName('')

     

       236
       240
        
       				setSelectedFiles(null)

     

       237
       241
        
       

     

       238
       242
        
       				// Refresh sites list

     

       239
       243
        
       				await fetchSites()

     

       240
       244
        
       

     

       241
       241
       -
       				// Reset form

     

       245
       245
       +
       				// Reset form - give more time if there are skipped files

     

       246
       246
       +
       				const resetDelay = data.skippedFiles && data.skippedFiles.length > 0 ? 4000 : 1500

     

       242
       247
        
       				setTimeout(() => {

     

       243
       248
        
       					setUploadProgress('')

     

       249
       249
       +
       					setSkippedFiles([])

     

       250
       250
       +
       					setUploadedCount(0)

     

       244
       251
        
       					setIsUploading(false)

     

       245
       245
       -
       				}, 1500)

     

       252
       252
       +
       				}, resetDelay)

     

       246
       253
        
       			} else {

     

       247
       254
        
       				throw new Error(data.error || 'Upload failed')

     

       248
       255
        
       			}

     
···

       714
       721
        
       										onChange={(e) => setSiteName(e.target.value)}

     

       715
       722
        
       										disabled={isUploading}

     

       716
       723
        
       									/>

     

       724
       724
       +
       									<p className="text-xs text-muted-foreground">

     

       725
       725
       +
       										File limits: 100MB per file, 300MB total

     

       726
       726
       +
       									</p>

     

       717
       727
        
       								</div>

     

       718
       728
        
       

     

       719
       729
        
       								<div className="grid md:grid-cols-2 gap-4">

     
···

       774
       784
        
       								</div>

     

       775
       785
        
       

     

       776
       786
        
       								{uploadProgress && (

     

       777
       777
       -
       									<div className="p-4 bg-muted rounded-lg">

     

       778
       778
       -
       										<div className="flex items-center gap-2">

     

       779
       779
       -
       											<Loader2 className="w-4 h-4 animate-spin" />

     

       780
       780
       -
       											<span className="text-sm">{uploadProgress}</span>

     

       787
       787
       +
       									<div className="space-y-3">

     

       788
       788
       +
       										<div className="p-4 bg-muted rounded-lg">

     

       789
       789
       +
       											<div className="flex items-center gap-2">

     

       790
       790
       +
       												<Loader2 className="w-4 h-4 animate-spin" />

     

       791
       791
       +
       												<span className="text-sm">{uploadProgress}</span>

     

       792
       792
       +
       											</div>

     

       781
       793
        
       										</div>

     

       794
       794
       +
       

     

       795
       795
       +
       										{skippedFiles.length > 0 && (

     

       796
       796
       +
       											<div className="p-4 bg-yellow-500/10 border border-yellow-500/20 rounded-lg">

     

       797
       797
       +
       												<div className="flex items-start gap-2 text-yellow-600 dark:text-yellow-400 mb-2">

     

       798
       798
       +
       													<AlertCircle className="w-4 h-4 mt-0.5 flex-shrink-0" />

     

       799
       799
       +
       													<div className="flex-1">

     

       800
       800
       +
       														<span className="font-medium">

     

       801
       801
       +
       															{skippedFiles.length} file{skippedFiles.length > 1 ? 's' : ''} skipped

     

       802
       802
       +
       														</span>

     

       803
       803
       +
       														{uploadedCount > 0 && (

     

       804
       804
       +
       															<span className="text-sm ml-2">

     

       805
       805
       +
       																({uploadedCount} uploaded successfully)

     

       806
       806
       +
       															</span>

     

       807
       807
       +
       														)}

     

       808
       808
       +
       													</div>

     

       809
       809
       +
       												</div>

     

       810
       810
       +
       												<div className="ml-6 space-y-1 max-h-32 overflow-y-auto">

     

       811
       811
       +
       													{skippedFiles.slice(0, 5).map((file, idx) => (

     

       812
       812
       +
       														<div key={idx} className="text-xs">

     

       813
       813
       +
       															<span className="font-mono">{file.name}</span>

     

       814
       814
       +
       															<span className="text-muted-foreground"> - {file.reason}</span>

     

       815
       815
       +
       														</div>

     

       816
       816
       +
       													))}

     

       817
       817
       +
       													{skippedFiles.length > 5 && (

     

       818
       818
       +
       														<div className="text-xs text-muted-foreground">

     

       819
       819
       +
       															...and {skippedFiles.length - 5} more

     

       820
       820
       +
       														</div>

     

       821
       821
       +
       													)}

     

       822
       822
       +
       												</div>

     

       823
       823
       +
       											</div>

     

       824
       824
       +
       										)}

     

       782
       825
        
       									</div>

     

       783
       826
        
       								)}

     

       784
       827

+58 -11

public/onboarding/onboarding.tsx

···

       10
       10
        
       } from '@public/components/ui/card'

     

       11
       11
        
       import { Input } from '@public/components/ui/input'

     

       12
       12
        
       import { Label } from '@public/components/ui/label'

     

       13
       13
       -
       import { Globe, Upload, CheckCircle2, Loader2 } from 'lucide-react'

     

       13
       13
       +
       import { Globe, Upload, CheckCircle2, Loader2, AlertCircle } from 'lucide-react'

     

       14
       14
        
       import Layout from '@public/layouts'

     

       15
       15
        
       

     

       16
       16
        
       type OnboardingStep = 'domain' | 'upload' | 'complete'

     
···

       28
       28
        
       	const [selectedFiles, setSelectedFiles] = useState<FileList | null>(null)

     

       29
       29
        
       	const [isUploading, setIsUploading] = useState(false)

     

       30
       30
        
       	const [uploadProgress, setUploadProgress] = useState('')

     

       31
       31
       +
       	const [skippedFiles, setSkippedFiles] = useState<Array<{ name: string; reason: string }>>([])

     

       32
       32
       +
       	const [uploadedCount, setUploadedCount] = useState(0)

     

       31
       33
        
       

     

       32
       34
        
       	// Check domain availability as user types

     

       33
       35
        
       	useEffect(() => {

     
···

       117
       119
        
       			const data = await response.json()

     

       118
       120
        
       			if (data.success) {

     

       119
       121
        
       				setUploadProgress('Upload complete!')

     

       120
       120
       -
       				// Redirect to the claimed domain

     

       121
       121
       -
       				setTimeout(() => {

     

       122
       122
       -
       					window.location.href = `https://${claimedDomain}`

     

       123
       123
       -
       				}, 1500)

     

       122
       122
       +
       				setSkippedFiles(data.skippedFiles || [])

     

       123
       123
       +
       				setUploadedCount(data.uploadedCount || data.fileCount || 0)

     

       124
       124
       +
       

     

       125
       125
       +
       				// If there are skipped files, show them briefly before redirecting

     

       126
       126
       +
       				if (data.skippedFiles && data.skippedFiles.length > 0) {

     

       127
       127
       +
       					setTimeout(() => {

     

       128
       128
       +
       						window.location.href = `https://${claimedDomain}`

     

       129
       129
       +
       					}, 3000) // Give more time to see skipped files

     

       130
       130
       +
       				} else {

     

       131
       131
       +
       					setTimeout(() => {

     

       132
       132
       +
       						window.location.href = `https://${claimedDomain}`

     

       133
       133
       +
       					}, 1500)

     

       134
       134
       +
       				}

     

       124
       135
        
       			} else {

     

       125
       136
        
       				throw new Error(data.error || 'Upload failed')

     

       126
       137
        
       			}

     
···

       355
       366
        
       								<p className="text-xs text-muted-foreground">

     

       356
       367
        
       									Supported: HTML, CSS, JS, images, fonts, and more

     

       357
       368
        
       								</p>

     

       369
       369
       +
       								<p className="text-xs text-muted-foreground">

     

       370
       370
       +
       									Limits: 100MB per file, 300MB total

     

       371
       371
       +
       								</p>

     

       358
       372
        
       							</div>

     

       359
       373
        
       

     

       360
       374
        
       							{uploadProgress && (

     

       361
       361
       -
       								<div className="p-4 bg-muted rounded-lg">

     

       362
       362
       -
       									<div className="flex items-center gap-2">

     

       363
       363
       -
       										<Loader2 className="w-4 h-4 animate-spin" />

     

       364
       364
       -
       										<span className="text-sm">

     

       365
       365
       -
       											{uploadProgress}

     

       366
       366
       -
       										</span>

     

       375
       375
       +
       								<div className="space-y-3">

     

       376
       376
       +
       									<div className="p-4 bg-muted rounded-lg">

     

       377
       377
       +
       										<div className="flex items-center gap-2">

     

       378
       378
       +
       											<Loader2 className="w-4 h-4 animate-spin" />

     

       379
       379
       +
       											<span className="text-sm">

     

       380
       380
       +
       												{uploadProgress}

     

       381
       381
       +
       											</span>

     

       382
       382
       +
       										</div>

     

       367
       383
        
       									</div>

     

       384
       384
       +
       

     

       385
       385
       +
       									{skippedFiles.length > 0 && (

     

       386
       386
       +
       										<div className="p-4 bg-yellow-500/10 border border-yellow-500/20 rounded-lg">

     

       387
       387
       +
       											<div className="flex items-start gap-2 text-yellow-600 dark:text-yellow-400 mb-2">

     

       388
       388
       +
       												<AlertCircle className="w-4 h-4 mt-0.5 flex-shrink-0" />

     

       389
       389
       +
       												<div className="flex-1">

     

       390
       390
       +
       													<span className="font-medium">

     

       391
       391
       +
       														{skippedFiles.length} file{skippedFiles.length > 1 ? 's' : ''} skipped

     

       392
       392
       +
       													</span>

     

       393
       393
       +
       													{uploadedCount > 0 && (

     

       394
       394
       +
       														<span className="text-sm ml-2">

     

       395
       395
       +
       															({uploadedCount} uploaded successfully)

     

       396
       396
       +
       														</span>

     

       397
       397
       +
       													)}

     

       398
       398
       +
       												</div>

     

       399
       399
       +
       											</div>

     

       400
       400
       +
       											<div className="ml-6 space-y-1 max-h-32 overflow-y-auto">

     

       401
       401
       +
       												{skippedFiles.slice(0, 5).map((file, idx) => (

     

       402
       402
       +
       													<div key={idx} className="text-xs">

     

       403
       403
       +
       														<span className="font-mono">{file.name}</span>

     

       404
       404
       +
       														<span className="text-muted-foreground"> - {file.reason}</span>

     

       405
       405
       +
       													</div>

     

       406
       406
       +
       												))}

     

       407
       407
       +
       												{skippedFiles.length > 5 && (

     

       408
       408
       +
       													<div className="text-xs text-muted-foreground">

     

       409
       409
       +
       														...and {skippedFiles.length - 5} more

     

       410
       410
       +
       													</div>

     

       411
       411
       +
       												)}

     

       412
       412
       +
       											</div>

     

       413
       413
       +
       										</div>

     

       414
       414
       +
       									)}

     

       368
       415
        
       								</div>

     

       369
       416
        
       							)}

     

       370
       417

+37 -7

src/index.ts

···

       17
       17
        
       import { domainRoutes } from './routes/domain'

     

       18
       18
        
       import { userRoutes } from './routes/user'

     

       19
       19
        
       import { csrfProtection } from './lib/csrf'

     

       20
       20
       +
       import { DNSVerificationWorker } from './lib/dns-verification-worker'

     

       21
       21
       +
       import { logger } from './lib/logger'

     

       20
       22
        
       

     

       21
       23
        
       const config: Config = {

     

       22
       24
        
       	domain: (Bun.env.DOMAIN ?? `https://${BASE_HOST}`) as `https://${string}`,

     
···

       39
       41
        
       // Schedule maintenance to run every hour

     

       40
       42
        
       setInterval(runMaintenance, 60 * 60 * 1000)

     

       41
       43
        
       

     

       44
       44
       +
       // Start DNS verification worker (runs every hour)

     

       45
       45
       +
       const dnsVerifier = new DNSVerificationWorker(

     

       46
       46
       +
       	60 * 60 * 1000, // 1 hour

     

       47
       47
       +
       	(msg, data) => {

     

       48
       48
       +
       		logger.info('[DNS Verifier]', msg, data || '')

     

       49
       49
       +
       	}

     

       50
       50
       +
       )

     

       51
       51
       +
       

     

       52
       52
       +
       dnsVerifier.start()

     

       53
       53
       +
       logger.info('[DNS Verifier] Started - checking custom domains every hour')

     

       54
       54
       +
       

     

       42
       55
        
       export const app = new Elysia()

     

       43
       56
        
       	// Security headers middleware

     

       44
       57
        
       	.onAfterHandle(({ set }) => {

     
···

       66
       79
        
       		set.headers['Permissions-Policy'] = 'geolocation=(), microphone=(), camera=()'

     

       67
       80
        
       	})

     

       68
       81
        
       	.use(

     

       69
       69
       -
       		openapi({

     

       70
       70
       -
       			references: fromTypes()

     

       71
       71
       -
       		})

     

       72
       72
       -
       	)

     

       73
       73
       -
       	.use(

     

       74
       82
        
       		await staticPlugin({

     

       75
       83
        
       			prefix: '/'

     

       76
       84
        
       		})

     
···

       83
       91
        
       	.get('/client-metadata.json', (c) => {

     

       84
       92
        
       		return createClientMetadata(config)

     

       85
       93
        
       	})

     

       86
       86
       -
       	.get('/jwks.json', (c) => {

     

       87
       87
       -
       		const keys = getCurrentKeys()

     

       94
       94
       +
       	.get('/jwks.json', async (c) => {

     

       95
       95
       +
       		const keys = await getCurrentKeys()

     

       88
       96
        
       		if (!keys.length) return { keys: [] }

     

       89
       97
        
       

     

       90
       98
        
       		return {

     
···

       93
       101
        
       				const { ...pub } = jwk

     

       94
       102
        
       				return pub

     

       95
       103
        
       			})

     

       104
       104
       +
       		}

     

       105
       105
       +
       	})

     

       106
       106
       +
       	.get('/api/health', () => {

     

       107
       107
       +
       		const dnsVerifierHealth = dnsVerifier.getHealth()

     

       108
       108
       +
       		return {

     

       109
       109
       +
       			status: 'ok',

     

       110
       110
       +
       			timestamp: new Date().toISOString(),

     

       111
       111
       +
       			dnsVerifier: dnsVerifierHealth

     

       112
       112
       +
       		}

     

       113
       113
       +
       	})

     

       114
       114
       +
       	.post('/api/admin/verify-dns', async () => {

     

       115
       115
       +
       		try {

     

       116
       116
       +
       			await dnsVerifier.trigger()

     

       117
       117
       +
       			return {

     

       118
       118
       +
       				success: true,

     

       119
       119
       +
       				message: 'DNS verification triggered'

     

       120
       120
       +
       			}

     

       121
       121
       +
       		} catch (error) {

     

       122
       122
       +
       			return {

     

       123
       123
       +
       				success: false,

     

       124
       124
       +
       				error: error instanceof Error ? error.message : String(error)

     

       125
       125
       +
       			}

     

       96
       126
        
       		}

     

       97
       127
        
       	})

     

       98
       128
        
       	.use(cors({

+6 -10

src/lib/db.ts

···

       387
       387
        
           return keys;

     

       388
       388
        
       };

     

       389
       389
        
       

     

       390
       390
       -
       let currentKeys: JoseKey[] = [];

     

       391
       391
       -
       

     

       392
       392
       -
       export const getCurrentKeys = () => currentKeys;

     

       390
       390
       +
       // Load keys from database every time (stateless - safe for horizontal scaling)

     

       391
       391
       +
       export const getCurrentKeys = async (): Promise<JoseKey[]> => {

     

       392
       392
       +
           return await loadPersistedKeys();

     

       393
       393
       +
       };

     

       393
       394
        
       

     

       394
       395
        
       // Key rotation - rotate keys older than 30 days (monthly rotation)

     

       395
       396
        
       const KEY_MAX_AGE = 30 * 24 * 60 * 60; // 30 days in seconds

     
···

       423
       424
        
       

     

       424
       425
        
               console.log(`[KeyRotation] Rotated key ${oldKid}`);

     

       425
       426
        
       

     

       426
       426
       -
               // Reload keys into memory

     

       427
       427
       -
               currentKeys = await ensureKeys();

     

       428
       428
       -
       

     

       429
       427
        
               return true;

     

       430
       428
        
           } catch (err) {

     

       431
       429
        
               console.error('[KeyRotation] Failed to rotate keys:', err);

     
···

       434
       432
        
       };

     

       435
       433
        
       

     

       436
       434
        
       export const getOAuthClient = async (config: { domain: `https://${string}`, clientName: string }) => {

     

       437
       437
       -
           if (currentKeys.length === 0) {

     

       438
       438
       -
               currentKeys = await ensureKeys();

     

       439
       439
       -
           }

     

       435
       435
       +
           const keys = await ensureKeys();

     

       440
       436
        
       

     

       441
       437
        
           return new NodeOAuthClient({

     

       442
       438
        
               clientMetadata: createClientMetadata(config),

     

       443
       443
       -
               keyset: currentKeys,

     

       439
       439
       +
               keyset: keys,

     

       444
       440
        
               stateStore,

     

       445
       441
        
               sessionStore

     

       446
       442
        
           });

+6 -10

src/lib/oauth-client.ts

···

       168
       168
        
           return keys;

     

       169
       169
        
       };

     

       170
       170
        
       

     

       171
       171
       -
       let currentKeys: JoseKey[] = [];

     

       172
       172
       -
       

     

       173
       173
       -
       export const getCurrentKeys = () => currentKeys;

     

       171
       171
       +
       // Load keys from database every time (stateless - safe for horizontal scaling)

     

       172
       172
       +
       export const getCurrentKeys = async (): Promise<JoseKey[]> => {

     

       173
       173
       +
           return await loadPersistedKeys();

     

       174
       174
       +
       };

     

       174
       175
        
       

     

       175
       176
        
       // Key rotation - rotate keys older than 30 days (monthly rotation)

     

       176
       177
        
       const KEY_MAX_AGE = 30 * 24 * 60 * 60; // 30 days in seconds

     
···

       204
       205
        
       

     

       205
       206
        
               logger.info(`[KeyRotation] Rotated key ${oldKid}`);

     

       206
       207
        
       

     

       207
       207
       -
               // Reload keys into memory

     

       208
       208
       -
               currentKeys = await ensureKeys();

     

       209
       209
       -
       

     

       210
       208
        
               return true;

     

       211
       209
        
           } catch (err) {

     

       212
       210
        
               logger.error('[KeyRotation] Failed to rotate keys', err);

     
···

       215
       213
        
       };

     

       216
       214
        
       

     

       217
       215
        
       export const getOAuthClient = async (config: { domain: `https://${string}`, clientName: string }) => {

     

       218
       218
       -
           if (currentKeys.length === 0) {

     

       219
       219
       -
               currentKeys = await ensureKeys();

     

       220
       220
       -
           }

     

       216
       216
       +
           const keys = await ensureKeys();

     

       221
       217
        
       

     

       222
       218
        
           return new NodeOAuthClient({

     

       223
       219
        
               clientMetadata: createClientMetadata(config),

     

       224
       224
       -
               keyset: currentKeys,

     

       220
       220
       +
               keyset: keys,

     

       225
       221
        
               stateStore,

     

       226
       222
        
               sessionStore

     

       227
       223
        
           });

+11 -1

src/routes/wisp.ts

···

       101
       101
        
       					// Elysia gives us File objects directly, handle both single file and array

     

       102
       102
        
       					const fileArray = Array.isArray(files) ? files : [files];

     

       103
       103
        
       					const uploadedFiles: UploadedFile[] = [];

     

       104
       104
       +
       					const skippedFiles: Array<{ name: string; reason: string }> = [];

     

       104
       105
        
       

     

       105
       106
        
       					// Define allowed file extensions for static site hosting

     

       106
       107
        
       					const allowedExtensions = new Set([

     
···

       135
       136
        
       

     

       136
       137
        
       						// Skip excluded files

     

       137
       138
        
       						if (excludedFiles.has(fileExtension)) {

     

       139
       139
       +
       							skippedFiles.push({ name: file.name, reason: 'excluded file type' });

     

       138
       140
        
       							continue;

     

       139
       141
        
       						}

     

       140
       142
        
       

     

       141
       143
        
       						// Skip files that aren't in allowed extensions

     

       142
       144
        
       						if (!allowedExtensions.has(fileExtension)) {

     

       145
       145
       +
       							skippedFiles.push({ name: file.name, reason: 'unsupported file type' });

     

       143
       146
        
       							continue;

     

       144
       147
        
       						}

     

       145
       148
        
       

     

       146
       149
        
       						// Skip files that are too large (limit to 100MB per file)

     

       147
       150
        
       						const maxSize = 100 * 1024 * 1024; // 100MB

     

       148
       151
        
       						if (file.size > maxSize) {

     

       152
       152
       +
       							skippedFiles.push({

     

       153
       153
       +
       								name: file.name,

     

       154
       154
       +
       								reason: `file too large (${(file.size / 1024 / 1024).toFixed(2)}MB, max 100MB)`

     

       155
       155
       +
       							});

     

       149
       156
        
       							continue;

     

       150
       157
        
       						}

     

       151
       158
        
       

     
···

       198
       205
        
       							cid: record.data.cid,

     

       199
       206
        
       							fileCount: 0,

     

       200
       207
        
       							siteName,

     

       208
       208
       +
       							skippedFiles,

     

       201
       209
        
       							message: 'Site created but no valid web files were found to upload'

     

       202
       210
        
       						};

     

       203
       211
        
       					}

     
···

       273
       281
        
       						uri: record.data.uri,

     

       274
       282
        
       						cid: record.data.cid,

     

       275
       283
        
       						fileCount,

     

       276
       276
       -
       						siteName

     

       284
       284
       +
       						siteName,

     

       285
       285
       +
       						skippedFiles,

     

       286
       286
       +
       						uploadedCount: uploadedFiles.length

     

       277
       287
        
       					};

     

       278
       288
        
       

     

       279
       289
        
       					return result;