src/lib/minio.ts

import * as Minio from 'minio'

// MinIO client singleton
const globalForMinio = globalThis as unknown as {
  minio: Minio.Client | undefined
}

// Internal endpoint for server-to-server communication
const MINIO_ENDPOINT = process.env.MINIO_ENDPOINT || 'http://localhost:9000'

// Public endpoint for browser-accessible URLs (pre-signed URLs)
// If not set, falls back to internal endpoint
export const MINIO_PUBLIC_ENDPOINT = process.env.MINIO_PUBLIC_ENDPOINT || MINIO_ENDPOINT

function createMinioClient(): Minio.Client {
  const url = new URL(MINIO_ENDPOINT)

  const accessKey = process.env.MINIO_ACCESS_KEY
  const secretKey = process.env.MINIO_SECRET_KEY
  if (process.env.NODE_ENV === 'production' && (!accessKey || !secretKey)) {
    throw new Error('MINIO_ACCESS_KEY and MINIO_SECRET_KEY environment variables are required in production')
  }

  return new Minio.Client({
    endPoint: url.hostname,
    port: url.port ? parseInt(url.port) : (url.protocol === 'https:' ? 443 : 80),
    useSSL: url.protocol === 'https:',
    accessKey: accessKey || 'minioadmin',
    secretKey: secretKey || 'minioadmin',
  })
}

export const minio = globalForMinio.minio ?? createMinioClient()

if (process.env.NODE_ENV !== 'production') globalForMinio.minio = minio

// Default bucket name
export const BUCKET_NAME = process.env.MINIO_BUCKET || 'mopc-files'

/**
 * Replace internal endpoint with public endpoint in a URL
 */
function replaceEndpoint(url: string): string {
  if (MINIO_PUBLIC_ENDPOINT === MINIO_ENDPOINT) {
    return url
  }

  try {
    const internalUrl = new URL(MINIO_ENDPOINT)
    const publicUrl = new URL(MINIO_PUBLIC_ENDPOINT)
    return url.replace(
      `${internalUrl.protocol}//${internalUrl.host}`,
      `${publicUrl.protocol}//${publicUrl.host}`
    )
  } catch {
    return url
  }
}

// =============================================================================
// Helper Functions
// =============================================================================

/**
 * Generate a pre-signed URL for file download or upload
 * Uses MINIO_PUBLIC_ENDPOINT for browser-accessible URLs
 */
export async function getPresignedUrl(
  bucket: string,
  objectKey: string,
  method: 'GET' | 'PUT' = 'GET',
  expirySeconds: number = 900 // 15 minutes default
): Promise<string> {
  let url: string
  if (method === 'GET') {
    url = await minio.presignedGetObject(bucket, objectKey, expirySeconds)
  } else {
    url = await minio.presignedPutObject(bucket, objectKey, expirySeconds)
  }

  // Replace internal endpoint with public endpoint for browser access
  return replaceEndpoint(url)
}

/**
 * Check if a bucket exists, create if not
 */
export async function ensureBucket(bucket: string): Promise<void> {
  const exists = await minio.bucketExists(bucket)
  if (!exists) {
    await minio.makeBucket(bucket)
    console.log(`Created MinIO bucket: ${bucket}`)
  }
}

/**
 * Delete an object from MinIO
 */
export async function deleteObject(
  bucket: string,
  objectKey: string
): Promise<void> {
  await minio.removeObject(bucket, objectKey)
}

/**
 * Generate a unique object key for a project file
 */
export function generateObjectKey(
  projectId: string,
  fileName: string
): string {
  const timestamp = Date.now()
  const sanitizedName = fileName.replace(/[^a-zA-Z0-9.-]/g, '_')
  return `projects/${projectId}/${timestamp}-${sanitizedName}`
}
Initial commit: MOPC platform with Docker deployment setup Full Next.js 15 platform with tRPC, Prisma, PostgreSQL, NextAuth. Includes production Dockerfile (multi-stage, port 7600), docker-compose with registry-based image pull, Gitea Actions CI workflow, nginx config for portal.monaco-opc.com, deployment scripts, and DEPLOYMENT.md guide. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-01-30 13:41:32 +01:00			`import * as Minio from 'minio'`

			`// MinIO client singleton`
			`const globalForMinio = globalThis as unknown as {`
			`minio: Minio.Client \| undefined`
			`}`

			`// Internal endpoint for server-to-server communication`
			`const MINIO_ENDPOINT = process.env.MINIO_ENDPOINT \|\| 'http://localhost:9000'`

			`// Public endpoint for browser-accessible URLs (pre-signed URLs)`
			`// If not set, falls back to internal endpoint`
			`export const MINIO_PUBLIC_ENDPOINT = process.env.MINIO_PUBLIC_ENDPOINT \|\| MINIO_ENDPOINT`

			`function createMinioClient(): Minio.Client {`
			`const url = new URL(MINIO_ENDPOINT)`

Comprehensive platform review: security fixes, query optimization, UI improvements, and code cleanup Security (Critical/High): - Fix path traversal bypass in local storage provider (path.resolve + prefix check) - Fix timing-unsafe HMAC comparison (crypto.timingSafeEqual) - Add auth + ownership checks to email API routes (verify-credentials, change-password) - Remove hardcoded secret key fallback in local storage provider - Add production credential check for MinIO (fail loudly if not set) - Remove DB error details from health check response - Add stricter rate limiting on application submissions (5/hour) - Add rate limiting on email availability check (anti-enumeration) - Change getAIAssignmentJobStatus to adminProcedure - Block dangerous file extensions on upload - Reduce project list max perPage from 5000 to 200 Query Optimization: - Optimize analytics getProjectRankings with select instead of full includes - Fix N+1 in mentor.getSuggestions (batch findMany instead of loop) - Use _count for files instead of fetching full file records in project list - Switch to bulk notifications in assignment and user bulk operations - Batch filtering upserts (25 per transaction instead of all at once) UI/UX: - Replace Inter font with Montserrat in public layout (brand consistency) - Use Logo component in public layout instead of placeholder - Create branded 404 and error pages - Make admin rounds table responsive with mobile card layout - Fix notification bell paths to be role-aware - Replace hardcoded slate colors with semantic tokens in admin sidebar - Force light mode (dark mode untested) - Adjust CardTitle default size - Improve muted-foreground contrast for accessibility (A11Y) - Move profile form state initialization to useEffect Code Quality: - Extract shared toProjectWithRelations to anonymization.ts (removed 3 duplicates) - Remove dead code: getObjectInfo, isValidImageSize, unused batch tag functions, debug logs - Remove unused twilio dependency - Remove redundant email index from schema - Add actual storage object deletion when file records are deleted - Wrap evaluation submit + assignment update in - Add comprehensive platform review document Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-05 20:31:08 +01:00			`const accessKey = process.env.MINIO_ACCESS_KEY`
			`const secretKey = process.env.MINIO_SECRET_KEY`
			`if (process.env.NODE_ENV === 'production' && (!accessKey \|\| !secretKey)) {`
			`throw new Error('MINIO_ACCESS_KEY and MINIO_SECRET_KEY environment variables are required in production')`
			`}`

Initial commit: MOPC platform with Docker deployment setup Full Next.js 15 platform with tRPC, Prisma, PostgreSQL, NextAuth. Includes production Dockerfile (multi-stage, port 7600), docker-compose with registry-based image pull, Gitea Actions CI workflow, nginx config for portal.monaco-opc.com, deployment scripts, and DEPLOYMENT.md guide. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-01-30 13:41:32 +01:00			`return new Minio.Client({`
			`endPoint: url.hostname,`
Fix S3/SMTP connectivity and add one-click invite flow - Fix MinIO port parsing bug: use protocol-appropriate defaults (443/80) instead of hardcoded 9000 fallback, enabling public URL endpoint - Remove unused SMTP server config from NextAuth EmailProvider to prevent connection errors (sendVerificationRequest is fully overridden) - Replace extra_hosts with DNS config (8.8.8.8) so container resolves mail.monaco-opc.com to public IP instead of host loopback - Add invite token auth: single-click accept-invite flow replacing broken two-email invitation process - Auto-send invitation emails on bulk user creation - Update email template expiry text from 24 hours to 7 days Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-01-31 14:13:16 +01:00			`port: url.port ? parseInt(url.port) : (url.protocol === 'https:' ? 443 : 80),`
Initial commit: MOPC platform with Docker deployment setup Full Next.js 15 platform with tRPC, Prisma, PostgreSQL, NextAuth. Includes production Dockerfile (multi-stage, port 7600), docker-compose with registry-based image pull, Gitea Actions CI workflow, nginx config for portal.monaco-opc.com, deployment scripts, and DEPLOYMENT.md guide. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-01-30 13:41:32 +01:00			`useSSL: url.protocol === 'https:',`
Comprehensive platform review: security fixes, query optimization, UI improvements, and code cleanup Security (Critical/High): - Fix path traversal bypass in local storage provider (path.resolve + prefix check) - Fix timing-unsafe HMAC comparison (crypto.timingSafeEqual) - Add auth + ownership checks to email API routes (verify-credentials, change-password) - Remove hardcoded secret key fallback in local storage provider - Add production credential check for MinIO (fail loudly if not set) - Remove DB error details from health check response - Add stricter rate limiting on application submissions (5/hour) - Add rate limiting on email availability check (anti-enumeration) - Change getAIAssignmentJobStatus to adminProcedure - Block dangerous file extensions on upload - Reduce project list max perPage from 5000 to 200 Query Optimization: - Optimize analytics getProjectRankings with select instead of full includes - Fix N+1 in mentor.getSuggestions (batch findMany instead of loop) - Use _count for files instead of fetching full file records in project list - Switch to bulk notifications in assignment and user bulk operations - Batch filtering upserts (25 per transaction instead of all at once) UI/UX: - Replace Inter font with Montserrat in public layout (brand consistency) - Use Logo component in public layout instead of placeholder - Create branded 404 and error pages - Make admin rounds table responsive with mobile card layout - Fix notification bell paths to be role-aware - Replace hardcoded slate colors with semantic tokens in admin sidebar - Force light mode (dark mode untested) - Adjust CardTitle default size - Improve muted-foreground contrast for accessibility (A11Y) - Move profile form state initialization to useEffect Code Quality: - Extract shared toProjectWithRelations to anonymization.ts (removed 3 duplicates) - Remove dead code: getObjectInfo, isValidImageSize, unused batch tag functions, debug logs - Remove unused twilio dependency - Remove redundant email index from schema - Add actual storage object deletion when file records are deleted - Wrap evaluation submit + assignment update in - Add comprehensive platform review document Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-05 20:31:08 +01:00			`accessKey: accessKey \|\| 'minioadmin',`
			`secretKey: secretKey \|\| 'minioadmin',`
Initial commit: MOPC platform with Docker deployment setup Full Next.js 15 platform with tRPC, Prisma, PostgreSQL, NextAuth. Includes production Dockerfile (multi-stage, port 7600), docker-compose with registry-based image pull, Gitea Actions CI workflow, nginx config for portal.monaco-opc.com, deployment scripts, and DEPLOYMENT.md guide. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-01-30 13:41:32 +01:00			`})`
			`}`

			`export const minio = globalForMinio.minio ?? createMinioClient()`

			`if (process.env.NODE_ENV !== 'production') globalForMinio.minio = minio`

			`// Default bucket name`
			`export const BUCKET_NAME = process.env.MINIO_BUCKET \|\| 'mopc-files'`

			`/**`
			`* Replace internal endpoint with public endpoint in a URL`
			`*/`
			`function replaceEndpoint(url: string): string {`
			`if (MINIO_PUBLIC_ENDPOINT === MINIO_ENDPOINT) {`
			`return url`
			`}`

			`try {`
			`const internalUrl = new URL(MINIO_ENDPOINT)`
			`const publicUrl = new URL(MINIO_PUBLIC_ENDPOINT)`
			`return url.replace(`
			`${internalUrl.protocol}//${internalUrl.host}`,
			`${publicUrl.protocol}//${publicUrl.host}`
			`)`
			`} catch {`
			`return url`
			`}`
			`}`

			`// =============================================================================`
			`// Helper Functions`
			`// =============================================================================`

			`/**`
			`* Generate a pre-signed URL for file download or upload`
			`* Uses MINIO_PUBLIC_ENDPOINT for browser-accessible URLs`
			`*/`
			`export async function getPresignedUrl(`
			`bucket: string,`
			`objectKey: string,`
			`method: 'GET' \| 'PUT' = 'GET',`
			`expirySeconds: number = 900 // 15 minutes default`
			`): Promise<string> {`
			`let url: string`
			`if (method === 'GET') {`
			`url = await minio.presignedGetObject(bucket, objectKey, expirySeconds)`
			`} else {`
			`url = await minio.presignedPutObject(bucket, objectKey, expirySeconds)`
			`}`

			`// Replace internal endpoint with public endpoint for browser access`
			`return replaceEndpoint(url)`
			`}`

			`/**`
			`* Check if a bucket exists, create if not`
			`*/`
			`export async function ensureBucket(bucket: string): Promise<void> {`
			`const exists = await minio.bucketExists(bucket)`
			`if (!exists) {`
			`await minio.makeBucket(bucket)`
			console.log(`Created MinIO bucket: ${bucket}`)
			`}`
			`}`

			`/**`
			`* Delete an object from MinIO`
			`*/`
			`export async function deleteObject(`
			`bucket: string,`
			`objectKey: string`
			`): Promise<void> {`
			`await minio.removeObject(bucket, objectKey)`
			`}`

			`/**`
			`* Generate a unique object key for a project file`
			`*/`
			`export function generateObjectKey(`
			`projectId: string,`
			`fileName: string`
			`): string {`
			`const timestamp = Date.now()`
			`const sanitizedName = fileName.replace(/[^a-zA-Z0-9.-]/g, '_')`
			return `projects/${projectId}/${timestamp}-${sanitizedName}`
			`}`