Get allowed domain for security validation (runtime config via Bunny secrets) This is a required configuration that hardens origin validation

Get the Bunny CDN API key from environment

Return the cached session if already resolved, or undefined if not yet resolved

Get the CDN hostname derived from ALLOWED_DOMAIN. Replaces ".bunny.run" with ".b-cdn.net" for the CNAME target.

Get currency code from database Defaults to GBP if not set

Get allowed embed hosts from database (encrypted, parsed to array) Returns empty array if not configured (embedding allowed from anywhere)

Get an environment variable value Checks process.env first (Bunny Edge), falls back to Deno.env (local dev)

Get the configured payment provider type Returns null if no provider is configured

Get Square access token from database (encrypted) Returns null if not configured

Get Square location ID from database Returns null if not configured

Get Square sandbox mode setting from database Returns true if sandbox mode is enabled

Get Square webhook signature key from database (encrypted) Returns null if not configured

Get Stripe publishable key from environment variable Returns null if not set

Get Stripe secret key from database (encrypted) Returns null if not configured (payments disabled)

Get Stripe webhook signing secret from database (encrypted) Automatically configured when Stripe secret key is saved

Get the configured timezone synchronously from cache. Safe to call from synchronous code (templates, helpers) because the settings cache is populated by middleware on every request.

Type guard: check if a string is a valid AdminLevel

Check if Bunny CDN pull zone management is enabled Requires BUNNY_API_KEY to be set

Type guard: check if an arbitrary string is a valid ContactField

Type guard: check if an arbitrary string is a valid EventType

Whether an event can accept payments (has a price or allows pay-what-you-want)

Check if payments are enabled (any provider configured with valid keys)

Check if initial setup has been completed Result is cached in memory - once true, we never query again.

Get a required environment variable, throwing if not set. Use this instead of getEnv(key) as string when the variable must exist.

Run a function within a session-memoization scope

Store the resolved session in the current request scope

Admin role levels

Session data needed by admin page templates

Individual contact field name

Required name+email with optional phone/address/special_instructions from ContactInfo

Attendee contact details — the core PII fields collected at registration

Contact fields setting for an event (comma-separated ContactField names, or empty for name-only)

Event type: standard (one-time) or daily (date-based booking)

Stubbable API for internal calls (testable via spyOn, like stripeApi/squareApi)

All valid contact field names (runtime array matching the ContactField union)