@agentlensai/server 0.2.0 → 0.5.0

package/dist/routes/analytics.js

@@ -0,0 +1,307 @@
+/**
+ * Analytics Endpoints (Story 11.2)
+ *
+ * GET /api/analytics         — bucketed metrics over time
+ * GET /api/analytics/costs   — cost breakdown by agent and time period
+ * GET /api/analytics/agents  — per-agent metrics (session count, error rate, avg duration, total cost)
+ * GET /api/analytics/tools   — tool usage statistics (frequency, avg duration, error rate per tool)
+ */
+import { Hono } from 'hono';
+import { sql, gte, lte, eq, and } from 'drizzle-orm';
+import { events, sessions } from '../db/schema.sqlite.js';
+import { getTenantStore } from './tenant-helper.js';
+export function analyticsRoutes(store, db) {
+    const app = new Hono();
+    // GET /api/analytics — bucketed metrics over time
+    app.get('/', async (c) => {
+        const tenantStore = getTenantStore(store, c);
+        const from = c.req.query('from') ?? new Date(Date.now() - 86400_000).toISOString();
+        const to = c.req.query('to') ?? new Date().toISOString();
+        const granularity = (c.req.query('granularity') ?? 'hour');
+        const agentId = c.req.query('agentId');
+        if (!['hour', 'day', 'week'].includes(granularity)) {
+            return c.json({ error: 'Invalid granularity. Use: hour, day, week', status: 400 }, 400);
+        }
+        const result = await tenantStore.getAnalytics({ from, to, agentId, granularity });
+        return c.json(result);
+    });
+    // GET /api/analytics/costs — cost breakdown by agent and time
+    app.get('/costs', async (c) => {
+        const tenantId = c.get('apiKey')?.tenantId ?? 'default';
+        const from = c.req.query('from') ?? new Date(Date.now() - 86400_000).toISOString();
+        const to = c.req.query('to') ?? new Date().toISOString();
+        const granularity = (c.req.query('granularity') ?? 'day');
+        const formatStr = granularity === 'hour'
+            ? '%Y-%m-%dT%H:00:00Z'
+            : granularity === 'day'
+                ? '%Y-%m-%dT00:00:00Z'
+                : '%Y-%W';
+        // Cost by agent
+        const byAgent = db
+            .all(sql `
+          SELECT
+            agent_id as agentId,
+            COALESCE(SUM(json_extract(payload, '$.costUsd')), 0) as totalCostUsd,
+            COALESCE(SUM(json_extract(payload, '$.inputTokens')), 0) as totalInputTokens,
+            COALESCE(SUM(json_extract(payload, '$.outputTokens')), 0) as totalOutputTokens,
+            COALESCE(SUM(json_extract(payload, '$.totalTokens')), 0) as totalTokens,
+            COUNT(*) as eventCount
+          FROM events
+          WHERE event_type = 'cost_tracked'
+            AND timestamp >= ${from}
+            AND timestamp <= ${to}
+            AND tenant_id = ${tenantId}
+          GROUP BY agent_id
+          ORDER BY totalCostUsd DESC
+        `);
+        // Cost over time — broken down by agent for stacked chart
+        const overTimeByAgent = db
+            .all(sql `
+          SELECT
+            strftime(${formatStr}, timestamp) as bucket,
+            agent_id as agentId,
+            COALESCE(SUM(json_extract(payload, '$.costUsd')), 0) as totalCostUsd,
+            COUNT(*) as eventCount
+          FROM events
+          WHERE event_type = 'cost_tracked'
+            AND timestamp >= ${from}
+            AND timestamp <= ${to}
+            AND tenant_id = ${tenantId}
+          GROUP BY bucket, agent_id
+          ORDER BY bucket ASC
+        `);
+        // Pivot: group by bucket, with per-agent cost fields
+        const bucketMap = new Map();
+        for (const row of overTimeByAgent) {
+            const existing = bucketMap.get(row.bucket) ?? {
+                bucket: row.bucket,
+                totalCostUsd: 0,
+                eventCount: 0,
+                byAgent: {},
+            };
+            existing.totalCostUsd += Number(row.totalCostUsd);
+            existing.eventCount += Number(row.eventCount);
+            existing.byAgent[row.agentId] = Number(row.totalCostUsd);
+            bucketMap.set(row.bucket, existing);
+        }
+        const overTime = Array.from(bucketMap.values());
+        // Total cost
+        const total = db.get(sql `
+        SELECT
+          COALESCE(SUM(json_extract(payload, '$.costUsd')), 0) as totalCostUsd,
+          COALESCE(SUM(json_extract(payload, '$.inputTokens')), 0) as totalInputTokens,
+          COALESCE(SUM(json_extract(payload, '$.outputTokens')), 0) as totalOutputTokens,
+          COALESCE(SUM(json_extract(payload, '$.totalTokens')), 0) as totalTokens
+        FROM events
+        WHERE event_type = 'cost_tracked'
+          AND timestamp >= ${from}
+          AND timestamp <= ${to}
+          AND tenant_id = ${tenantId}
+      `);
+        return c.json({
+            byAgent: byAgent.map((r) => ({
+                agentId: r.agentId,
+                totalCostUsd: Number(r.totalCostUsd),
+                totalInputTokens: Number(r.totalInputTokens),
+                totalOutputTokens: Number(r.totalOutputTokens),
+                totalTokens: Number(r.totalTokens),
+                eventCount: Number(r.eventCount),
+            })),
+            overTime: overTime.map((r) => ({
+                bucket: r.bucket,
+                totalCostUsd: Number(r.totalCostUsd),
+                eventCount: Number(r.eventCount),
+                byAgent: r.byAgent,
+            })),
+            totals: {
+                totalCostUsd: Number(total?.totalCostUsd ?? 0),
+                totalInputTokens: Number(total?.totalInputTokens ?? 0),
+                totalOutputTokens: Number(total?.totalOutputTokens ?? 0),
+                totalTokens: Number(total?.totalTokens ?? 0),
+            },
+        });
+    });
+    // GET /api/analytics/agents — per-agent metrics
+    app.get('/agents', async (c) => {
+        const tenantId = c.get('apiKey')?.tenantId ?? 'default';
+        const from = c.req.query('from') ?? new Date(Date.now() - 86400_000).toISOString();
+        const to = c.req.query('to') ?? new Date().toISOString();
+        const rows = db.all(sql `
+        SELECT
+          s.agent_id as agentId,
+          COUNT(DISTINCT s.id) as sessionCount,
+          COALESCE(SUM(s.event_count), 0) as totalEvents,
+          COALESCE(SUM(s.error_count), 0) as totalErrors,
+          COALESCE(SUM(s.total_cost_usd), 0) as totalCostUsd,
+          COALESCE(AVG(
+            CASE
+              WHEN s.ended_at IS NOT NULL
+              THEN (julianday(s.ended_at) - julianday(s.started_at)) * 86400000
+              ELSE NULL
+            END
+          ), 0) as avgDurationMs
+        FROM sessions s
+        WHERE s.started_at >= ${from}
+          AND s.started_at <= ${to}
+          AND s.tenant_id = ${tenantId}
+        GROUP BY s.agent_id
+        ORDER BY sessionCount DESC
+      `);
+        return c.json({
+            agents: rows.map((r) => ({
+                agentId: r.agentId,
+                sessionCount: Number(r.sessionCount),
+                totalEvents: Number(r.totalEvents),
+                totalErrors: Number(r.totalErrors),
+                errorRate: Number(r.totalEvents) > 0
+                    ? Number(r.totalErrors) / Number(r.totalEvents)
+                    : 0,
+                totalCostUsd: Number(r.totalCostUsd),
+                avgDurationMs: Number(r.avgDurationMs),
+            })),
+        });
+    });
+    // GET /api/analytics/llm — LLM call analytics
+    app.get('/llm', async (c) => {
+        const tenantId = c.get('apiKey')?.tenantId ?? 'default';
+        const from = c.req.query('from') ?? new Date(Date.now() - 86400_000).toISOString();
+        const to = c.req.query('to') ?? new Date().toISOString();
+        const granularity = (c.req.query('granularity') ?? 'hour');
+        const agentId = c.req.query('agentId');
+        const model = c.req.query('model');
+        const provider = c.req.query('provider');
+        if (!['hour', 'day', 'week'].includes(granularity)) {
+            return c.json({ error: 'Invalid granularity. Use: hour, day, week', status: 400 }, 400);
+        }
+        const formatStr = granularity === 'hour'
+            ? '%Y-%m-%dT%H:00:00Z'
+            : granularity === 'day'
+                ? '%Y-%m-%dT00:00:00Z'
+                : '%Y-%W';
+        // Summary totals
+        const summary = db.get(sql `
+        SELECT
+          COUNT(*) as totalCalls,
+          COALESCE(SUM(json_extract(payload, '$.costUsd')), 0) as totalCostUsd,
+          COALESCE(SUM(json_extract(payload, '$.usage.inputTokens')), 0) as totalInputTokens,
+          COALESCE(SUM(json_extract(payload, '$.usage.outputTokens')), 0) as totalOutputTokens,
+          COALESCE(AVG(json_extract(payload, '$.latencyMs')), 0) as avgLatencyMs
+        FROM events
+        WHERE event_type = 'llm_response'
+          AND timestamp >= ${from}
+          AND timestamp <= ${to}
+          AND tenant_id = ${tenantId}
+          ${agentId ? sql `AND agent_id = ${agentId}` : sql ``}
+          ${model ? sql `AND json_extract(payload, '$.model') = ${model}` : sql ``}
+          ${provider ? sql `AND json_extract(payload, '$.provider') = ${provider}` : sql ``}
+      `);
+        const totalCalls = Number(summary?.totalCalls ?? 0);
+        const totalCostUsd = Number(summary?.totalCostUsd ?? 0);
+        // By model breakdown
+        const byModel = db.all(sql `
+        SELECT
+          json_extract(payload, '$.provider') as provider,
+          json_extract(payload, '$.model') as model,
+          COUNT(*) as calls,
+          COALESCE(SUM(json_extract(payload, '$.costUsd')), 0) as costUsd,
+          COALESCE(SUM(json_extract(payload, '$.usage.inputTokens')), 0) as inputTokens,
+          COALESCE(SUM(json_extract(payload, '$.usage.outputTokens')), 0) as outputTokens,
+          COALESCE(AVG(json_extract(payload, '$.latencyMs')), 0) as avgLatencyMs
+        FROM events
+        WHERE event_type = 'llm_response'
+          AND timestamp >= ${from}
+          AND timestamp <= ${to}
+          AND tenant_id = ${tenantId}
+          ${agentId ? sql `AND agent_id = ${agentId}` : sql ``}
+          ${model ? sql `AND json_extract(payload, '$.model') = ${model}` : sql ``}
+          ${provider ? sql `AND json_extract(payload, '$.provider') = ${provider}` : sql ``}
+        GROUP BY provider, model
+        ORDER BY costUsd DESC
+      `);
+        // By time bucket
+        const byTime = db.all(sql `
+        SELECT
+          strftime(${formatStr}, timestamp) as bucket,
+          COUNT(*) as calls,
+          COALESCE(SUM(json_extract(payload, '$.costUsd')), 0) as costUsd,
+          COALESCE(SUM(json_extract(payload, '$.usage.inputTokens')), 0) as inputTokens,
+          COALESCE(SUM(json_extract(payload, '$.usage.outputTokens')), 0) as outputTokens,
+          COALESCE(AVG(json_extract(payload, '$.latencyMs')), 0) as avgLatencyMs
+        FROM events
+        WHERE event_type = 'llm_response'
+          AND timestamp >= ${from}
+          AND timestamp <= ${to}
+          AND tenant_id = ${tenantId}
+          ${agentId ? sql `AND agent_id = ${agentId}` : sql ``}
+          ${model ? sql `AND json_extract(payload, '$.model') = ${model}` : sql ``}
+          ${provider ? sql `AND json_extract(payload, '$.provider') = ${provider}` : sql ``}
+        GROUP BY bucket
+        ORDER BY bucket ASC
+      `);
+        return c.json({
+            summary: {
+                totalCalls,
+                totalCostUsd,
+                totalInputTokens: Number(summary?.totalInputTokens ?? 0),
+                totalOutputTokens: Number(summary?.totalOutputTokens ?? 0),
+                avgLatencyMs: Number(summary?.avgLatencyMs ?? 0),
+                avgCostPerCall: totalCalls > 0 ? totalCostUsd / totalCalls : 0,
+            },
+            byModel: byModel.map((r) => ({
+                provider: r.provider,
+                model: r.model,
+                calls: Number(r.calls),
+                costUsd: Number(r.costUsd),
+                inputTokens: Number(r.inputTokens),
+                outputTokens: Number(r.outputTokens),
+                avgLatencyMs: Number(r.avgLatencyMs),
+            })),
+            byTime: byTime.map((r) => ({
+                bucket: r.bucket,
+                calls: Number(r.calls),
+                costUsd: Number(r.costUsd),
+                inputTokens: Number(r.inputTokens),
+                outputTokens: Number(r.outputTokens),
+                avgLatencyMs: Number(r.avgLatencyMs),
+            })),
+        });
+    });
+    // GET /api/analytics/tools — tool usage statistics
+    app.get('/tools', async (c) => {
+        const tenantId = c.get('apiKey')?.tenantId ?? 'default';
+        const from = c.req.query('from') ?? new Date(Date.now() - 86400_000).toISOString();
+        const to = c.req.query('to') ?? new Date().toISOString();
+        const rows = db.all(sql `
+        SELECT
+          json_extract(payload, '$.toolName') as toolName,
+          COUNT(*) as callCount,
+          SUM(CASE WHEN event_type = 'tool_error' THEN 1 ELSE 0 END) as errorCount,
+          COALESCE(AVG(
+            CASE WHEN event_type IN ('tool_response', 'tool_error')
+            THEN json_extract(payload, '$.durationMs')
+            ELSE NULL END
+          ), 0) as avgDurationMs
+        FROM events
+        WHERE event_type IN ('tool_call', 'tool_response', 'tool_error')
+          AND timestamp >= ${from}
+          AND timestamp <= ${to}
+          AND tenant_id = ${tenantId}
+          AND json_extract(payload, '$.toolName') IS NOT NULL
+        GROUP BY toolName
+        ORDER by callCount DESC
+      `);
+        return c.json({
+            tools: rows.map((r) => ({
+                toolName: r.toolName,
+                callCount: Number(r.callCount),
+                errorCount: Number(r.errorCount),
+                errorRate: Number(r.callCount) > 0
+                    ? Number(r.errorCount) / Number(r.callCount)
+                    : 0,
+                avgDurationMs: Number(r.avgDurationMs),
+            })),
+        });
+    });
+    return app;
+}
+//# sourceMappingURL=analytics.js.map

package/dist/routes/analytics.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"analytics.js","sourceRoot":"","sources":["../../src/routes/analytics.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,aAAa,CAAC;AAIrD,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAC1D,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAEpD,MAAM,UAAU,eAAe,CAAC,KAAkB,EAAE,EAAY;IAC9D,MAAM,GAAG,GAAG,IAAI,IAAI,EAAgC,CAAC;IAErD,kDAAkD;IAClD,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACvB,MAAM,WAAW,GAAG,cAAc,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QAC7C,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC,CAAC,WAAW,EAAE,CAAC;QACnF,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACzD,MAAM,WAAW,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,aAAa,CAAC,IAAI,MAAM,CAA4B,CAAC;QACtF,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QAEvC,IAAI,CAAC,CAAC,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;YACnD,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,2CAA2C,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAC1F,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,YAAY,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,WAAW,EAAE,CAAC,CAAC;QAElF,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACxB,CAAC,CAAC,CAAC;IAEH,8DAA8D;IAC9D,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC5B,MAAM,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,QAAQ,IAAI,SAAS,CAAC;QACxD,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC,CAAC,WAAW,EAAE,CAAC;QACnF,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACzD,MAAM,WAAW,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,aAAa,CAAC,IAAI,KAAK,CAA4B,CAAC;QAErF,MAAM,SAAS,GACb,WAAW,KAAK,MAAM;YACpB,CAAC,CAAC,oBAAoB;YACtB,CAAC,CAAC,WAAW,KAAK,KAAK;gBACrB,CAAC,CAAC,oBAAoB;gBACtB,CAAC,CAAC,OAAO,CAAC;QAEhB,gBAAgB;QAChB,MAAM,OAAO,GAAG,EAAE;aACf,GAAG,CAQF,GAAG,CAAA;;;;;;;;;;+BAUoB,IAAI;+BACJ,EAAE;8BACH,QAAQ;;;SAG7B,CACF,CAAC;QAEJ,0DAA0D;QAC1D,MAAM,eAAe,GAAG,EAAE;aACvB,GAAG,CAMF,GAAG,CAAA;;uBAEY,SAAS;;;;;;+BAMD,IAAI;+BACJ,EAAE;8BACH,QAAQ;;;SAG7B,CACF,CAAC;QAEJ,qDAAqD;QACrD,MAAM,SAAS,GAAG,IAAI,GAAG,EAAyG,CAAC;QACnI,KAAK,MAAM,GAAG,IAAI,eAAe,EAAE,CAAC;YAClC,MAAM,QAAQ,GAAG,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI;gBAC5C,MAAM,EAAE,GAAG,CAAC,MAAM;gBAClB,YAAY,EAAE,CAAC;gBACf,UAAU,EAAE,CAAC;gBACb,OAAO,EAAE,EAAE;aACZ,CAAC;YACF,QAAQ,CAAC,YAAY,IAAI,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;YAClD,QAAQ,CAAC,UAAU,IAAI,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YAC9C,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;YACzD,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QACtC,CAAC;QACD,MAAM,QAAQ,GAAG,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC;QAEhD,aAAa;QACb,MAAM,KAAK,GAAG,EAAE,CAAC,GAAG,CAMlB,GAAG,CAAA;;;;;;;;6BAQoB,IAAI;6BACJ,EAAE;4BACH,QAAQ;OAC7B,CACF,CAAC;QAEF,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBAC3B,OAAO,EAAE,CAAC,CAAC,OAAO;gBAClB,YAAY,EAAE,MAAM,CAAC,CAAC,CAAC,YAAY,CAAC;gBACpC,gBAAgB,EAAE,MAAM,CAAC,CAAC,CAAC,gBAAgB,CAAC;gBAC5C,iBAAiB,EAAE,MAAM,CAAC,CAAC,CAAC,iBAAiB,CAAC;gBAC9C,WAAW,EAAE,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC;gBAClC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC;aACjC,CAAC,CAAC;YACH,QAAQ,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBAC7B,MAAM,EAAE,CAAC,CAAC,MAAM;gBAChB,YAAY,EAAE,MAAM,CAAC,CAAC,CAAC,YAAY,CAAC;gBACpC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC;gBAChC,OAAO,EAAE,CAAC,CAAC,OAAO;aACnB,CAAC,CAAC;YACH,MAAM,EAAE;gBACN,YAAY,EAAE,MAAM,CAAC,KAAK,EAAE,YAAY,IAAI,CAAC,CAAC;gBAC9C,gBAAgB,EAAE,MAAM,CAAC,KAAK,EAAE,gBAAgB,IAAI,CAAC,CAAC;gBACtD,iBAAiB,EAAE,MAAM,CAAC,KAAK,EAAE,iBAAiB,IAAI,CAAC,CAAC;gBACxD,WAAW,EAAE,MAAM,CAAC,KAAK,EAAE,WAAW,IAAI,CAAC,CAAC;aAC7C;SACF,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,gDAAgD;IAChD,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC7B,MAAM,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,QAAQ,IAAI,SAAS,CAAC;QACxD,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC,CAAC,WAAW,EAAE,CAAC;QACnF,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAEzD,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAQjB,GAAG,CAAA;;;;;;;;;;;;;;;gCAeuB,IAAI;gCACJ,EAAE;8BACJ,QAAQ;;;OAG/B,CACF,CAAC;QAEF,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBACvB,OAAO,EAAE,CAAC,CAAC,OAAO;gBAClB,YAAY,EAAE,MAAM,CAAC,CAAC,CAAC,YAAY,CAAC;gBACpC,WAAW,EAAE,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC;gBAClC,WAAW,EAAE,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC;gBAClC,SAAS,EACP,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC;oBACvB,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC;oBAC/C,CAAC,CAAC,CAAC;gBACP,YAAY,EAAE,MAAM,CAAC,CAAC,CAAC,YAAY,CAAC;gBACpC,aAAa,EAAE,MAAM,CAAC,CAAC,CAAC,aAAa,CAAC;aACvC,CAAC,CAAC;SACJ,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,8CAA8C;IAC9C,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC1B,MAAM,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,QAAQ,IAAI,SAAS,CAAC;QACxD,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC,CAAC,WAAW,EAAE,CAAC;QACnF,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACzD,MAAM,WAAW,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,aAAa,CAAC,IAAI,MAAM,CAA4B,CAAC;QACtF,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QACvC,MAAM,KAAK,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACnC,MAAM,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QAEzC,IAAI,CAAC,CAAC,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;YACnD,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,2CAA2C,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAC1F,CAAC;QAED,MAAM,SAAS,GACb,WAAW,KAAK,MAAM;YACpB,CAAC,CAAC,oBAAoB;YACtB,CAAC,CAAC,WAAW,KAAK,KAAK;gBACrB,CAAC,CAAC,oBAAoB;gBACtB,CAAC,CAAC,OAAO,CAAC;QAEhB,iBAAiB;QACjB,MAAM,OAAO,GAAG,EAAE,CAAC,GAAG,CAOpB,GAAG,CAAA;;;;;;;;;6BASoB,IAAI;6BACJ,EAAE;4BACH,QAAQ;YACxB,OAAO,CAAC,CAAC,CAAC,GAAG,CAAA,kBAAkB,OAAO,EAAE,CAAC,CAAC,CAAC,GAAG,CAAA,EAAE;YAChD,KAAK,CAAC,CAAC,CAAC,GAAG,CAAA,0CAA0C,KAAK,EAAE,CAAC,CAAC,CAAC,GAAG,CAAA,EAAE;YACpE,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAA,6CAA6C,QAAQ,EAAE,CAAC,CAAC,CAAC,GAAG,CAAA,EAAE;OAClF,CACF,CAAC;QAEF,MAAM,UAAU,GAAG,MAAM,CAAC,OAAO,EAAE,UAAU,IAAI,CAAC,CAAC,CAAC;QACpD,MAAM,YAAY,GAAG,MAAM,CAAC,OAAO,EAAE,YAAY,IAAI,CAAC,CAAC,CAAC;QAExD,qBAAqB;QACrB,MAAM,OAAO,GAAG,EAAE,CAAC,GAAG,CASpB,GAAG,CAAA;;;;;;;;;;;6BAWoB,IAAI;6BACJ,EAAE;4BACH,QAAQ;YACxB,OAAO,CAAC,CAAC,CAAC,GAAG,CAAA,kBAAkB,OAAO,EAAE,CAAC,CAAC,CAAC,GAAG,CAAA,EAAE;YAChD,KAAK,CAAC,CAAC,CAAC,GAAG,CAAA,0CAA0C,KAAK,EAAE,CAAC,CAAC,CAAC,GAAG,CAAA,EAAE;YACpE,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAA,6CAA6C,QAAQ,EAAE,CAAC,CAAC,CAAC,GAAG,CAAA,EAAE;;;OAGlF,CACF,CAAC;QAEF,iBAAiB;QACjB,MAAM,MAAM,GAAG,EAAE,CAAC,GAAG,CAQnB,GAAG,CAAA;;qBAEY,SAAS;;;;;;;;6BAQD,IAAI;6BACJ,EAAE;4BACH,QAAQ;YACxB,OAAO,CAAC,CAAC,CAAC,GAAG,CAAA,kBAAkB,OAAO,EAAE,CAAC,CAAC,CAAC,GAAG,CAAA,EAAE;YAChD,KAAK,CAAC,CAAC,CAAC,GAAG,CAAA,0CAA0C,KAAK,EAAE,CAAC,CAAC,CAAC,GAAG,CAAA,EAAE;YACpE,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAA,6CAA6C,QAAQ,EAAE,CAAC,CAAC,CAAC,GAAG,CAAA,EAAE;;;OAGlF,CACF,CAAC;QAEF,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,OAAO,EAAE;gBACP,UAAU;gBACV,YAAY;gBACZ,gBAAgB,EAAE,MAAM,CAAC,OAAO,EAAE,gBAAgB,IAAI,CAAC,CAAC;gBACxD,iBAAiB,EAAE,MAAM,CAAC,OAAO,EAAE,iBAAiB,IAAI,CAAC,CAAC;gBAC1D,YAAY,EAAE,MAAM,CAAC,OAAO,EAAE,YAAY,IAAI,CAAC,CAAC;gBAChD,cAAc,EAAE,UAAU,GAAG,CAAC,CAAC,CAAC,CAAC,YAAY,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;aAC/D;YACD,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBAC3B,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,KAAK,EAAE,CAAC,CAAC,KAAK;gBACd,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC;gBACtB,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC;gBAC1B,WAAW,EAAE,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC;gBAClC,YAAY,EAAE,MAAM,CAAC,CAAC,CAAC,YAAY,CAAC;gBACpC,YAAY,EAAE,MAAM,CAAC,CAAC,CAAC,YAAY,CAAC;aACrC,CAAC,CAAC;YACH,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBACzB,MAAM,EAAE,CAAC,CAAC,MAAM;gBAChB,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC;gBACtB,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC;gBAC1B,WAAW,EAAE,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC;gBAClC,YAAY,EAAE,MAAM,CAAC,CAAC,CAAC,YAAY,CAAC;gBACpC,YAAY,EAAE,MAAM,CAAC,CAAC,CAAC,YAAY,CAAC;aACrC,CAAC,CAAC;SACJ,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,mDAAmD;IACnD,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC5B,MAAM,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,QAAQ,IAAI,SAAS,CAAC;QACxD,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC,CAAC,WAAW,EAAE,CAAC;QACnF,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAEzD,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAMjB,GAAG,CAAA;;;;;;;;;;;;6BAYoB,IAAI;6BACJ,EAAE;4BACH,QAAQ;;;;OAI7B,CACF,CAAC;QAEF,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,KAAK,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBACtB,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;gBAC9B,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC;gBAChC,SAAS,EACP,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC;oBACrB,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;oBAC5C,CAAC,CAAC,CAAC;gBACP,aAAa,EAAE,MAAM,CAAC,CAAC,CAAC,aAAa,CAAC;aACvC,CAAC,CAAC;SACJ,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/routes/api-keys.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"api-keys.d.ts","sourceRoot":"","sources":["../../src/routes/api-keys.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAG5B,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAG/C,OAAO,EAAc,KAAK,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAEvE,wBAAgB,aAAa,CAAC,EAAE,EAAE,QAAQ;eACN,aAAa;0CAyEhD"}
+{"version":3,"file":"api-keys.d.ts","sourceRoot":"","sources":["../../src/routes/api-keys.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAG5B,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAG/C,OAAO,EAAc,KAAK,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAEvE,wBAAgB,aAAa,CAAC,EAAE,EAAE,QAAQ;eACN,aAAa;0CAsGhD"}

package/dist/routes/api-keys.js

@@ -9,7 +9,7 @@ import { Hono } from 'hono';
 import { randomBytes } from 'node:crypto';
 import { ulid } from 'ulid';
 import { apiKeys } from '../db/schema.sqlite.js';
-import { eq } from 'drizzle-orm';
+import { eq, and } from 'drizzle-orm';
 import { hashApiKey } from '../middleware/auth.js';
 export function apiKeysRoutes(db) {
     const app = new Hono();
@@ -18,6 +18,15 @@ export function apiKeysRoutes(db) {
         const body = await c.req.json().catch(() => ({}));
         const name = body.name;
         const scopes = body.scopes;
+        const requestedTenantId = body.tenantId;
+        // Enforce tenant isolation: non-dev callers can only create keys for their own tenant
+        const callerKey = c.get('apiKey');
+        const callerTenantId = callerKey?.tenantId ?? 'default';
+        const isDevMode = callerKey?.id === 'dev';
+        // In dev mode, allow specifying tenantId; otherwise force caller's tenant
+        const resolvedTenantId = isDevMode
+            ? (requestedTenantId ?? 'default')
+            : callerTenantId;
         const id = ulid();
         const rawKey = `als_${randomBytes(32).toString('hex')}`;
         const keyHash = hashApiKey(rawKey);
@@ -29,6 +38,7 @@ export function apiKeysRoutes(db) {
             name: name ?? 'Unnamed Key',
             scopes: JSON.stringify(scopes ?? ['*']),
             createdAt: now,
+            tenantId: resolvedTenantId,
         })
             .run();
         return c.json({
@@ -36,12 +46,19 @@ export function apiKeysRoutes(db) {
             key: rawKey,
             name: name ?? 'Unnamed Key',
             scopes: scopes ?? ['*'],
+            tenantId: resolvedTenantId,
             createdAt: new Date(now * 1000).toISOString(),
         }, 201);
     });
-    // GET /api/keys — list all keys
+    // GET /api/keys — list keys for caller's tenant only
     app.get('/', (c) => {
-        const rows = db.select().from(apiKeys).all();
+        const callerKey = c.get('apiKey');
+        const callerTenantId = callerKey?.tenantId ?? 'default';
+        const rows = db
+            .select()
+            .from(apiKeys)
+            .where(eq(apiKeys.tenantId, callerTenantId))
+            .all();
         const keys = rows.map((row) => ({
             id: row.id,
             name: row.name,
@@ -53,17 +70,25 @@ export function apiKeysRoutes(db) {
                     return [];
                 }
             })(),
+            tenantId: row.tenantId,
             createdAt: new Date(row.createdAt * 1000).toISOString(),
             lastUsedAt: row.lastUsedAt ? new Date(row.lastUsedAt * 1000).toISOString() : null,
             revokedAt: row.revokedAt ? new Date(row.revokedAt * 1000).toISOString() : null,
         }));
         return c.json({ keys });
     });
-    // DELETE /api/keys/:id — revoke a key
+    // DELETE /api/keys/:id — revoke a key (tenant-scoped)
     app.delete('/:id', (c) => {
         const id = c.req.param('id');
         const now = Math.floor(Date.now() / 1000);
-        const existing = db.select().from(apiKeys).where(eq(apiKeys.id, id)).get();
+        const callerKey = c.get('apiKey');
+        const callerTenantId = callerKey?.tenantId ?? 'default';
+        // Look up key scoped to caller's tenant
+        const existing = db
+            .select()
+            .from(apiKeys)
+            .where(and(eq(apiKeys.id, id), eq(apiKeys.tenantId, callerTenantId)))
+            .get();
         if (!existing) {
             return c.json({ error: 'API key not found', status: 404 }, 404);
         }

package/dist/routes/api-keys.js.map

@@ -1 +1 @@
-{"version":3,"file":"api-keys.js","sourceRoot":"","sources":["../../src/routes/api-keys.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC1C,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAE5B,OAAO,EAAE,OAAO,EAAE,MAAM,wBAAwB,CAAC;AACjD,OAAO,EAAE,EAAE,EAAE,MAAM,aAAa,CAAC;AACjC,OAAO,EAAE,UAAU,EAAsB,MAAM,uBAAuB,CAAC;AAEvE,MAAM,UAAU,aAAa,CAAC,EAAY;IACxC,MAAM,GAAG,GAAG,IAAI,IAAI,EAAgC,CAAC;IAErD,wCAAwC;IACxC,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACxB,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAClD,MAAM,IAAI,GAAI,IAAgC,CAAC,IAA0B,CAAC;QAC1E,MAAM,MAAM,GAAI,IAAgC,CAAC,MAA8B,CAAC;QAEhF,MAAM,EAAE,GAAG,IAAI,EAAE,CAAC;QAClB,MAAM,MAAM,GAAG,OAAO,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QACxD,MAAM,OAAO,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC;QACnC,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAE1C,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC;aACf,MAAM,CAAC;YACN,EAAE;YACF,OAAO;YACP,IAAI,EAAE,IAAI,IAAI,aAAa;YAC3B,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,IAAI,CAAC,GAAG,CAAC,CAAC;YACvC,SAAS,EAAE,GAAG;SACf,CAAC;aACD,GAAG,EAAE,CAAC;QAET,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,EAAE;YACF,GAAG,EAAE,MAAM;YACX,IAAI,EAAE,IAAI,IAAI,aAAa;YAC3B,MAAM,EAAE,MAAM,IAAI,CAAC,GAAG,CAAC;YACvB,SAAS,EAAE,IAAI,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE;SAC9C,EAAE,GAAG,CAAC,CAAC;IACV,CAAC,CAAC,CAAC;IAEH,gCAAgC;IAChC,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,EAAE;QACjB,MAAM,IAAI,GAAG,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,CAAC;QAE7C,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;YAC9B,EAAE,EAAE,GAAG,CAAC,EAAE;YACV,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,MAAM,EAAE,CAAC,GAAG,EAAE;gBACZ,IAAI,CAAC;oBAAC,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAa,CAAC;gBAAC,CAAC;gBAAC,MAAM,CAAC;oBAAC,OAAO,EAAE,CAAC;gBAAC,CAAC;YACzE,CAAC,CAAC,EAAE;YACJ,SAAS,EAAE,IAAI,IAAI,CAAC,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE;YACvD,UAAU,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,IAAI;YACjF,SAAS,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,IAAI;SAC/E,CAAC,CAAC,CAAC;QAEJ,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;IAC1B,CAAC,CAAC,CAAC;IAEH,sCAAsC;IACtC,GAAG,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE;QACvB,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC7B,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAE1C,MAAM,QAAQ,GAAG,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QAC3E,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAClE,CAAC;QAED,IAAI,QAAQ,CAAC,SAAS,EAAE,CAAC;YACvB,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,yBAAyB,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QACxE,CAAC;QAED,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC;aACf,GAAG,CAAC,EAAE,SAAS,EAAE,GAAG,EAAE,CAAC;aACvB,KAAK,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;aACzB,GAAG,EAAE,CAAC;QAET,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;IAEH,OAAO,GAAG,CAAC;AACb,CAAC"}
+{"version":3,"file":"api-keys.js","sourceRoot":"","sources":["../../src/routes/api-keys.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC1C,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAE5B,OAAO,EAAE,OAAO,EAAE,MAAM,wBAAwB,CAAC;AACjD,OAAO,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,aAAa,CAAC;AACtC,OAAO,EAAE,UAAU,EAAsB,MAAM,uBAAuB,CAAC;AAEvE,MAAM,UAAU,aAAa,CAAC,EAAY;IACxC,MAAM,GAAG,GAAG,IAAI,IAAI,EAAgC,CAAC;IAErD,wCAAwC;IACxC,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACxB,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAClD,MAAM,IAAI,GAAI,IAAgC,CAAC,IAA0B,CAAC;QAC1E,MAAM,MAAM,GAAI,IAAgC,CAAC,MAA8B,CAAC;QAChF,MAAM,iBAAiB,GAAI,IAAgC,CAAC,QAA8B,CAAC;QAE3F,sFAAsF;QACtF,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAClC,MAAM,cAAc,GAAG,SAAS,EAAE,QAAQ,IAAI,SAAS,CAAC;QACxD,MAAM,SAAS,GAAG,SAAS,EAAE,EAAE,KAAK,KAAK,CAAC;QAE1C,0EAA0E;QAC1E,MAAM,gBAAgB,GAAG,SAAS;YAChC,CAAC,CAAC,CAAC,iBAAiB,IAAI,SAAS,CAAC;YAClC,CAAC,CAAC,cAAc,CAAC;QAEnB,MAAM,EAAE,GAAG,IAAI,EAAE,CAAC;QAClB,MAAM,MAAM,GAAG,OAAO,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QACxD,MAAM,OAAO,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC;QACnC,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAE1C,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC;aACf,MAAM,CAAC;YACN,EAAE;YACF,OAAO;YACP,IAAI,EAAE,IAAI,IAAI,aAAa;YAC3B,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,IAAI,CAAC,GAAG,CAAC,CAAC;YACvC,SAAS,EAAE,GAAG;YACd,QAAQ,EAAE,gBAAgB;SAC3B,CAAC;aACD,GAAG,EAAE,CAAC;QAET,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,EAAE;YACF,GAAG,EAAE,MAAM;YACX,IAAI,EAAE,IAAI,IAAI,aAAa;YAC3B,MAAM,EAAE,MAAM,IAAI,CAAC,GAAG,CAAC;YACvB,QAAQ,EAAE,gBAAgB;YAC1B,SAAS,EAAE,IAAI,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE;SAC9C,EAAE,GAAG,CAAC,CAAC;IACV,CAAC,CAAC,CAAC;IAEH,qDAAqD;IACrD,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,EAAE;QACjB,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAClC,MAAM,cAAc,GAAG,SAAS,EAAE,QAAQ,IAAI,SAAS,CAAC;QAExD,MAAM,IAAI,GAAG,EAAE;aACZ,MAAM,EAAE;aACR,IAAI,CAAC,OAAO,CAAC;aACb,KAAK,CAAC,EAAE,CAAC,OAAO,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;aAC3C,GAAG,EAAE,CAAC;QAET,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;YAC9B,EAAE,EAAE,GAAG,CAAC,EAAE;YACV,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,MAAM,EAAE,CAAC,GAAG,EAAE;gBACZ,IAAI,CAAC;oBAAC,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAa,CAAC;gBAAC,CAAC;gBAAC,MAAM,CAAC;oBAAC,OAAO,EAAE,CAAC;gBAAC,CAAC;YACzE,CAAC,CAAC,EAAE;YACJ,QAAQ,EAAE,GAAG,CAAC,QAAQ;YACtB,SAAS,EAAE,IAAI,IAAI,CAAC,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE;YACvD,UAAU,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,IAAI;YACjF,SAAS,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,IAAI;SAC/E,CAAC,CAAC,CAAC;QAEJ,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;IAC1B,CAAC,CAAC,CAAC;IAEH,sDAAsD;IACtD,GAAG,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE;QACvB,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC7B,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAC1C,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAClC,MAAM,cAAc,GAAG,SAAS,EAAE,QAAQ,IAAI,SAAS,CAAC;QAExD,wCAAwC;QACxC,MAAM,QAAQ,GAAG,EAAE;aAChB,MAAM,EAAE;aACR,IAAI,CAAC,OAAO,CAAC;aACb,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC,CAAC;aACpE,GAAG,EAAE,CAAC;QAET,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAClE,CAAC;QAED,IAAI,QAAQ,CAAC,SAAS,EAAE,CAAC;YACvB,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,yBAAyB,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QACxE,CAAC;QAED,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC;aACf,GAAG,CAAC,EAAE,SAAS,EAAE,GAAG,EAAE,CAAC;aACvB,KAAK,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;aACzB,GAAG,EAAE,CAAC;QAET,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;IAEH,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/routes/config.d.ts

@@ -11,6 +11,10 @@ import { Hono } from 'hono';
 import { z } from 'zod';
 import type { AuthVariables } from '../middleware/auth.js';
 import type { SqliteDb } from '../db/index.js';
+/**
+ * Compare a plaintext secret against a stored hash using timing-safe comparison.
+ */
+export declare function verifySecretHash(plaintext: string, storedHash: string): boolean;
 /** Schema for config update request */
 declare const configUpdateSchema: z.ZodObject<{
     retentionDays: z.ZodOptional<z.ZodNumber>;
@@ -32,6 +36,7 @@ declare const configUpdateSchema: z.ZodObject<{
     formBridgeSecret?: string | undefined;
 }>;
 export type ConfigValues = z.infer<typeof configUpdateSchema>;
+export declare function getConfigValue(db: SqliteDb, key: string): string | null;
 export declare function configRoutes(db: SqliteDb): Hono<{
     Variables: AuthVariables;
 }, import("hono/types").BlankSchema, "/">;

package/dist/routes/config.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/routes/config.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAE5B,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAC3D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAG/C,uCAAuC;AACvC,QAAA,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;EAMtB,CAAC;AAEH,MAAM,MAAM,YAAY,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAoC9D,wBAAgB,YAAY,CAAC,EAAE,EAAE,QAAQ;eACL,aAAa;0CAuDhD"}
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/routes/config.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAE5B,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAC3D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAW/C;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAM/E;AAED,uCAAuC;AACvC,QAAA,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;EAMtB,CAAC;AAEH,MAAM,MAAM,YAAY,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAS9D,wBAAgB,cAAc,CAAC,EAAE,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAKvE;AAsBD,wBAAgB,YAAY,CAAC,EAAE,EAAE,QAAQ;eACL,aAAa;0CAwDhD"}

package/dist/routes/config.js

@@ -10,7 +10,26 @@
 import { Hono } from 'hono';
 import { sql } from 'drizzle-orm';
 import { z } from 'zod';
+import { createHash, timingSafeEqual } from 'node:crypto';
 import { getConfig } from '../config.js';
+/**
+ * Hash a secret with SHA-256 for storage.
+ * Used for webhook secrets so plaintext is never persisted.
+ */
+function hashSecret(secret) {
+    return createHash('sha256').update(secret).digest('hex');
+}
+/**
+ * Compare a plaintext secret against a stored hash using timing-safe comparison.
+ */
+export function verifySecretHash(plaintext, storedHash) {
+    const computedHash = hashSecret(plaintext);
+    const a = Buffer.from(computedHash, 'utf8');
+    const b = Buffer.from(storedHash, 'utf8');
+    if (a.length !== b.length)
+        return false;
+    return timingSafeEqual(a, b);
+}
 /** Schema for config update request */
 const configUpdateSchema = z.object({
     retentionDays: z.number().int().min(0).max(3650).optional(),
@@ -25,7 +44,7 @@ const configUpdateSchema = z.object({
 function ensureConfigTable(db) {
     db.run(sql `CREATE TABLE IF NOT EXISTS config_kv (key TEXT PRIMARY KEY, value TEXT NOT NULL)`);
 }
-function getConfigValue(db, key) {
+export function getConfigValue(db, key) {
     const row = db.get(sql `SELECT value FROM config_kv WHERE key = ${key}`);
     return row?.value ?? null;
 }
@@ -48,16 +67,15 @@ function getAllConfig(db) {
 export function configRoutes(db) {
     const app = new Hono();
     ensureConfigTable(db);
-    // GET /api/config — current config
+    // GET /api/config — current config (secrets are never returned)
     app.get('/', (c) => {
         const config = getAllConfig(db);
-        // Mask secrets in response
         return c.json({
             retentionDays: config.retentionDays,
             agentGateUrl: config.agentGateUrl,
-            agentGateSecret: config.agentGateSecret ? '••••••••' : '',
+            agentGateSecretSet: !!config.agentGateSecret,
             formBridgeUrl: config.formBridgeUrl,
-            formBridgeSecret: config.formBridgeSecret ? '••••••••' : '',
+            formBridgeSecretSet: !!config.formBridgeSecret,
         });
     });
     // PUT /api/config — update config values
@@ -82,13 +100,15 @@ export function configRoutes(db) {
             setConfigValue(db, 'agentGateUrl', updates.agentGateUrl);
         }
         if (updates.agentGateSecret !== undefined) {
-            setConfigValue(db, 'agentGateSecret', updates.agentGateSecret);
+            // Store hash of secret, never plaintext
+            setConfigValue(db, 'agentGateSecret', hashSecret(updates.agentGateSecret));
         }
         if (updates.formBridgeUrl !== undefined) {
             setConfigValue(db, 'formBridgeUrl', updates.formBridgeUrl);
         }
         if (updates.formBridgeSecret !== undefined) {
-            setConfigValue(db, 'formBridgeSecret', updates.formBridgeSecret);
+            // Store hash of secret, never plaintext
+            setConfigValue(db, 'formBridgeSecret', hashSecret(updates.formBridgeSecret));
         }
         return c.json({ ok: true });
     });

package/dist/routes/config.js.map

@@ -1 +1 @@
-{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/routes/config.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,GAAG,EAAE,MAAM,aAAa,CAAC;AAClC,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAGxB,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAEzC,uCAAuC;AACvC,MAAM,kBAAkB,GAAG,CAAC,CAAC,MAAM,CAAC;IAClC,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE;IAC3D,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE;IAC7C,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE;IAC/C,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE;IAC9C,gBAAgB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE;CACjD,CAAC,CAAC;AAIH;;GAEG;AACH,SAAS,iBAAiB,CAAC,EAAY;IACrC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAA,kFAAkF,CAAC,CAAC;AAChG,CAAC;AAED,SAAS,cAAc,CAAC,EAAY,EAAE,GAAW;IAC/C,MAAM,GAAG,GAAG,EAAE,CAAC,GAAG,CAChB,GAAG,CAAA,2CAA2C,GAAG,EAAE,CACpD,CAAC;IACF,OAAO,GAAG,EAAE,KAAK,IAAI,IAAI,CAAC;AAC5B,CAAC;AAED,SAAS,cAAc,CAAC,EAAY,EAAE,GAAW,EAAE,KAAa;IAC9D,EAAE,CAAC,GAAG,CACJ,GAAG,CAAA,8CAA8C,GAAG,KAAK,KAAK,4CAA4C,KAAK,EAAE,CAClH,CAAC;AACJ,CAAC;AAED,SAAS,YAAY,CAAC,EAAY;IAChC,MAAM,YAAY,GAAG,SAAS,EAAE,CAAC;IACjC,OAAO;QACL,aAAa,EAAE,CAAC,GAAG,EAAE;YACnB,MAAM,CAAC,GAAG,cAAc,CAAC,EAAE,EAAE,eAAe,CAAC,CAAC;YAC9C,OAAO,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,aAAa,CAAC;QACnE,CAAC,CAAC,EAAE;QACJ,YAAY,EAAE,cAAc,CAAC,EAAE,EAAE,cAAc,CAAC,IAAI,EAAE;QACtD,eAAe,EAAE,cAAc,CAAC,EAAE,EAAE,iBAAiB,CAAC,IAAI,EAAE;QAC5D,aAAa,EAAE,cAAc,CAAC,EAAE,EAAE,eAAe,CAAC,IAAI,EAAE;QACxD,gBAAgB,EAAE,cAAc,CAAC,EAAE,EAAE,kBAAkB,CAAC,IAAI,EAAE;KAC/D,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,EAAY;IACvC,MAAM,GAAG,GAAG,IAAI,IAAI,EAAgC,CAAC;IAErD,iBAAiB,CAAC,EAAE,CAAC,CAAC;IAEtB,mCAAmC;IACnC,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,EAAE;QACjB,MAAM,MAAM,GAAG,YAAY,CAAC,EAAE,CAAC,CAAC;QAChC,2BAA2B;QAC3B,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,aAAa,EAAE,MAAM,CAAC,aAAa;YACnC,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,eAAe,EAAE,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE;YACzD,aAAa,EAAE,MAAM,CAAC,aAAa;YACnC,gBAAgB,EAAE,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE;SAC5D,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,yCAAyC;IACzC,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACvB,MAAM,OAAO,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;QACrD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAClE,CAAC;QAED,MAAM,WAAW,GAAG,kBAAkB,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QAC1D,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;YACzB,OAAO,CAAC,CAAC,IAAI,CAAC;gBACZ,KAAK,EAAE,mBAAmB;gBAC1B,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE,WAAW,CAAC,KAAK,CAAC,MAAM;aAClC,EAAE,GAAG,CAAC,CAAC;QACV,CAAC;QAED,MAAM,OAAO,GAAG,WAAW,CAAC,IAAI,CAAC;QAEjC,IAAI,OAAO,CAAC,aAAa,KAAK,SAAS,EAAE,CAAC;YACxC,cAAc,CAAC,EAAE,EAAE,eAAe,EAAE,MAAM,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC;QACrE,CAAC;QACD,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YACvC,cAAc,CAAC,EAAE,EAAE,cAAc,EAAE,OAAO,CAAC,YAAY,CAAC,CAAC;QAC3D,CAAC;QACD,IAAI,OAAO,CAAC,eAAe,KAAK,SAAS,EAAE,CAAC;YAC1C,cAAc,CAAC,EAAE,EAAE,iBAAiB,EAAE,OAAO,CAAC,eAAe,CAAC,CAAC;QACjE,CAAC;QACD,IAAI,OAAO,CAAC,aAAa,KAAK,SAAS,EAAE,CAAC;YACxC,cAAc,CAAC,EAAE,EAAE,eAAe,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;QAC7D,CAAC;QACD,IAAI,OAAO,CAAC,gBAAgB,KAAK,SAAS,EAAE,CAAC;YAC3C,cAAc,CAAC,EAAE,EAAE,kBAAkB,EAAE,OAAO,CAAC,gBAAgB,CAAC,CAAC;QACnE,CAAC;QAED,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;IAC9B,CAAC,CAAC,CAAC;IAEH,OAAO,GAAG,CAAC;AACb,CAAC"}
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/routes/config.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,GAAG,EAAE,MAAM,aAAa,CAAC;AAClC,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,UAAU,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAG1D,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAEzC;;;GAGG;AACH,SAAS,UAAU,CAAC,MAAc;IAChC,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AAC3D,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,SAAiB,EAAE,UAAkB;IACpE,MAAM,YAAY,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC;IAC3C,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;IAC5C,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;IAC1C,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IACxC,OAAO,eAAe,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;AAC/B,CAAC;AAED,uCAAuC;AACvC,MAAM,kBAAkB,GAAG,CAAC,CAAC,MAAM,CAAC;IAClC,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE;IAC3D,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE;IAC7C,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE;IAC/C,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE;IAC9C,gBAAgB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE;CACjD,CAAC,CAAC;AAIH;;GAEG;AACH,SAAS,iBAAiB,CAAC,EAAY;IACrC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAA,kFAAkF,CAAC,CAAC;AAChG,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,EAAY,EAAE,GAAW;IACtD,MAAM,GAAG,GAAG,EAAE,CAAC,GAAG,CAChB,GAAG,CAAA,2CAA2C,GAAG,EAAE,CACpD,CAAC;IACF,OAAO,GAAG,EAAE,KAAK,IAAI,IAAI,CAAC;AAC5B,CAAC;AAED,SAAS,cAAc,CAAC,EAAY,EAAE,GAAW,EAAE,KAAa;IAC9D,EAAE,CAAC,GAAG,CACJ,GAAG,CAAA,8CAA8C,GAAG,KAAK,KAAK,4CAA4C,KAAK,EAAE,CAClH,CAAC;AACJ,CAAC;AAED,SAAS,YAAY,CAAC,EAAY;IAChC,MAAM,YAAY,GAAG,SAAS,EAAE,CAAC;IACjC,OAAO;QACL,aAAa,EAAE,CAAC,GAAG,EAAE;YACnB,MAAM,CAAC,GAAG,cAAc,CAAC,EAAE,EAAE,eAAe,CAAC,CAAC;YAC9C,OAAO,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,aAAa,CAAC;QACnE,CAAC,CAAC,EAAE;QACJ,YAAY,EAAE,cAAc,CAAC,EAAE,EAAE,cAAc,CAAC,IAAI,EAAE;QACtD,eAAe,EAAE,cAAc,CAAC,EAAE,EAAE,iBAAiB,CAAC,IAAI,EAAE;QAC5D,aAAa,EAAE,cAAc,CAAC,EAAE,EAAE,eAAe,CAAC,IAAI,EAAE;QACxD,gBAAgB,EAAE,cAAc,CAAC,EAAE,EAAE,kBAAkB,CAAC,IAAI,EAAE;KAC/D,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,EAAY;IACvC,MAAM,GAAG,GAAG,IAAI,IAAI,EAAgC,CAAC;IAErD,iBAAiB,CAAC,EAAE,CAAC,CAAC;IAEtB,gEAAgE;IAChE,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,EAAE;QACjB,MAAM,MAAM,GAAG,YAAY,CAAC,EAAE,CAAC,CAAC;QAChC,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,aAAa,EAAE,MAAM,CAAC,aAAa;YACnC,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,kBAAkB,EAAE,CAAC,CAAC,MAAM,CAAC,eAAe;YAC5C,aAAa,EAAE,MAAM,CAAC,aAAa;YACnC,mBAAmB,EAAE,CAAC,CAAC,MAAM,CAAC,gBAAgB;SAC/C,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,yCAAyC;IACzC,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACvB,MAAM,OAAO,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;QACrD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAClE,CAAC;QAED,MAAM,WAAW,GAAG,kBAAkB,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QAC1D,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;YACzB,OAAO,CAAC,CAAC,IAAI,CAAC;gBACZ,KAAK,EAAE,mBAAmB;gBAC1B,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE,WAAW,CAAC,KAAK,CAAC,MAAM;aAClC,EAAE,GAAG,CAAC,CAAC;QACV,CAAC;QAED,MAAM,OAAO,GAAG,WAAW,CAAC,IAAI,CAAC;QAEjC,IAAI,OAAO,CAAC,aAAa,KAAK,SAAS,EAAE,CAAC;YACxC,cAAc,CAAC,EAAE,EAAE,eAAe,EAAE,MAAM,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC;QACrE,CAAC;QACD,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YACvC,cAAc,CAAC,EAAE,EAAE,cAAc,EAAE,OAAO,CAAC,YAAY,CAAC,CAAC;QAC3D,CAAC;QACD,IAAI,OAAO,CAAC,eAAe,KAAK,SAAS,EAAE,CAAC;YAC1C,wCAAwC;YACxC,cAAc,CAAC,EAAE,EAAE,iBAAiB,EAAE,UAAU,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC;QAC7E,CAAC;QACD,IAAI,OAAO,CAAC,aAAa,KAAK,SAAS,EAAE,CAAC;YACxC,cAAc,CAAC,EAAE,EAAE,eAAe,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;QAC7D,CAAC;QACD,IAAI,OAAO,CAAC,gBAAgB,KAAK,SAAS,EAAE,CAAC;YAC3C,wCAAwC;YACxC,cAAc,CAAC,EAAE,EAAE,kBAAkB,EAAE,UAAU,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,CAAC;QAC/E,CAAC;QAED,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;IAC9B,CAAC,CAAC,CAAC;IAEH,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/routes/context.d.ts

@@ -0,0 +1,23 @@
+/**
+ * Context REST Endpoint (Story 5.4)
+ *
+ * GET /api/context?topic=...&userId=...&agentId=...&from=...&to=...&limit=...
+ *
+ * Returns cross-session context combining session summaries, lessons,
+ * and key events, ranked by relevance.
+ */
+import { Hono } from 'hono';
+import type { IEventStore } from '@agentlensai/core';
+import type { AuthVariables } from '../middleware/auth.js';
+import type { EmbeddingService } from '../lib/embeddings/index.js';
+import type { EmbeddingStore } from '../db/embedding-store.js';
+import type { SqliteDb } from '../db/index.js';
+export interface ContextRouteDeps {
+    db: SqliteDb;
+    embeddingService: EmbeddingService | null;
+    embeddingStore: EmbeddingStore | null;
+}
+export declare function contextRoutes(store: IEventStore, deps: ContextRouteDeps): Hono<{
+    Variables: AuthVariables;
+}, import("hono/types").BlankSchema, "/">;
+//# sourceMappingURL=context.d.ts.map

package/dist/routes/context.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"context.d.ts","sourceRoot":"","sources":["../../src/routes/context.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAC3D,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,4BAA4B,CAAC;AACnE,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAC/D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAM/C,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,QAAQ,CAAC;IACb,gBAAgB,EAAE,gBAAgB,GAAG,IAAI,CAAC;IAC1C,cAAc,EAAE,cAAc,GAAG,IAAI,CAAC;CACvC;AAED,wBAAgB,aAAa,CAAC,KAAK,EAAE,WAAW,EAAE,IAAI,EAAE,gBAAgB;eACpC,aAAa;0CAgDhD"}

package/dist/routes/context.js

@@ -0,0 +1,52 @@
+/**
+ * Context REST Endpoint (Story 5.4)
+ *
+ * GET /api/context?topic=...&userId=...&agentId=...&from=...&to=...&limit=...
+ *
+ * Returns cross-session context combining session summaries, lessons,
+ * and key events, ranked by relevance.
+ */
+import { Hono } from 'hono';
+import { SessionSummaryStore } from '../db/session-summary-store.js';
+import { LessonStore } from '../db/lesson-store.js';
+import { ContextRetriever } from '../lib/context/retrieval.js';
+import { getTenantStore } from './tenant-helper.js';
+export function contextRoutes(store, deps) {
+    const app = new Hono();
+    const sessionSummaryStore = new SessionSummaryStore(deps.db);
+    const lessonStore = new LessonStore(deps.db);
+    // GET /api/context
+    app.get('/', async (c) => {
+        const topic = c.req.query('topic');
+        if (!topic) {
+            return c.json({ error: 'Missing required query parameter: topic', status: 400 }, 400);
+        }
+        const apiKeyInfo = c.get('apiKey');
+        const tenantId = apiKeyInfo?.tenantId ?? 'default';
+        const tenantStore = getTenantStore(store, c);
+        const userId = c.req.query('userId') || undefined;
+        const agentId = c.req.query('agentId') || undefined;
+        const from = c.req.query('from') || undefined;
+        const to = c.req.query('to') || undefined;
+        const limitStr = c.req.query('limit');
+        const limit = limitStr ? Math.max(1, Math.min(parseInt(limitStr, 10) || 10, 100)) : 10;
+        try {
+            const retriever = new ContextRetriever(deps.embeddingStore, deps.embeddingService, sessionSummaryStore, lessonStore, tenantStore);
+            const result = await retriever.retrieve(tenantId, {
+                topic,
+                userId,
+                agentId,
+                from,
+                to,
+                limit,
+            });
+            return c.json(result);
+        }
+        catch (error) {
+            console.error('[context] Retrieval failed:', error instanceof Error ? error.message : error);
+            return c.json({ error: 'Context retrieval failed', status: 500 }, 500);
+        }
+    });
+    return app;
+}
+//# sourceMappingURL=context.js.map

package/dist/routes/context.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"context.js","sourceRoot":"","sources":["../../src/routes/context.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAM5B,OAAO,EAAE,mBAAmB,EAAE,MAAM,gCAAgC,CAAC;AACrE,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AACpD,OAAO,EAAE,gBAAgB,EAAE,MAAM,6BAA6B,CAAC;AAC/D,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAQpD,MAAM,UAAU,aAAa,CAAC,KAAkB,EAAE,IAAsB;IACtE,MAAM,GAAG,GAAG,IAAI,IAAI,EAAgC,CAAC;IACrD,MAAM,mBAAmB,GAAG,IAAI,mBAAmB,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC7D,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAE7C,mBAAmB;IACnB,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACvB,MAAM,KAAK,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACnC,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,yCAAyC,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QACxF,CAAC;QAED,MAAM,UAAU,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACnC,MAAM,QAAQ,GAAG,UAAU,EAAE,QAAQ,IAAI,SAAS,CAAC;QACnD,MAAM,WAAW,GAAG,cAAc,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QAE7C,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,SAAS,CAAC;QAClD,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,IAAI,SAAS,CAAC;QACpD,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,SAAS,CAAC;QAC9C,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,SAAS,CAAC;QAC1C,MAAM,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACtC,MAAM,KAAK,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,QAAQ,EAAE,EAAE,CAAC,IAAI,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAEvF,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,IAAI,gBAAgB,CACpC,IAAI,CAAC,cAAc,EACnB,IAAI,CAAC,gBAAgB,EACrB,mBAAmB,EACnB,WAAW,EACX,WAAW,CACZ,CAAC;YAEF,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,QAAQ,EAAE;gBAChD,KAAK;gBACL,MAAM;gBACN,OAAO;gBACP,IAAI;gBACJ,EAAE;gBACF,KAAK;aACN,CAAC,CAAC;YAEH,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACxB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,6BAA6B,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;YAC7F,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,0BAA0B,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QACzE,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,GAAG,CAAC;AACb,CAAC"}