@brainfish-ai/devdoc 0.1.30 → 0.1.31

package/renderer/app/api/domains/add/route.ts

@@ -0,0 +1,132 @@
+import { NextRequest, NextResponse } from 'next/server'
+import { 
+  validateApiKey,
+  addCustomDomain,
+  isCustomDomainRegistered,
+} from '@/lib/storage/blob'
+import { isValidDomain, normalizeDomain, getDnsInstructions } from '@/lib/docs/config'
+
+/**
+ * POST /api/domains/add
+ * 
+ * Add a custom domain to a project.
+ * Each project can have ONE custom domain (free).
+ * 
+ * Headers:
+ *   Authorization: Bearer <api_key>
+ * 
+ * Body:
+ *   { customDomain: "docs.example.com" }
+ * 
+ * Response:
+ *   {
+ *     success: true,
+ *     domain: "docs.example.com",
+ *     status: "pending",
+ *     verification: {
+ *       cname: { name: "docs", value: "cname.devdoc-dns.com" },
+ *       txt: { name: "_devdoc-verify.docs.example.com", value: "devdoc-verify=xxx" }
+ *     }
+ *   }
+ */
+export async function POST(request: NextRequest) {
+  try {
+    // Validate API key
+    const authHeader = request.headers.get('Authorization')
+    const apiKey = authHeader?.replace('Bearer ', '')
+    
+    if (!apiKey) {
+      return NextResponse.json(
+        { error: 'API key required. Provide via Authorization header.' },
+        { status: 401 }
+      )
+    }
+    
+    const projectSlug = await validateApiKey(apiKey)
+    if (!projectSlug) {
+      return NextResponse.json(
+        { error: 'Invalid API key' },
+        { status: 403 }
+      )
+    }
+    
+    // Parse request body
+    const body = await request.json()
+    const { customDomain: rawDomain } = body
+    
+    if (!rawDomain || typeof rawDomain !== 'string') {
+      return NextResponse.json(
+        { error: 'Missing customDomain in request body' },
+        { status: 400 }
+      )
+    }
+    
+    // Normalize and validate domain
+    const customDomain = normalizeDomain(rawDomain)
+    const validation = isValidDomain(customDomain)
+    
+    if (!validation.valid) {
+      return NextResponse.json(
+        { error: validation.error },
+        { status: 400 }
+      )
+    }
+    
+    // Check if domain is already registered
+    const isRegistered = await isCustomDomainRegistered(customDomain)
+    if (isRegistered) {
+      return NextResponse.json(
+        { error: `Domain ${customDomain} is already registered to another project.` },
+        { status: 409 }
+      )
+    }
+    
+    // Add the custom domain
+    const result = await addCustomDomain(projectSlug, customDomain)
+    
+    if (!result.success) {
+      return NextResponse.json(
+        { error: result.error },
+        { status: 400 }
+      )
+    }
+    
+    // Get DNS instructions
+    const dnsInstructions = getDnsInstructions(customDomain)
+    
+    // Add verification token to TXT record
+    dnsInstructions.txt.value = result.entry!.verificationToken || ''
+    
+    return NextResponse.json({
+      success: true,
+      domain: customDomain,
+      projectSlug,
+      status: result.entry!.status,
+      verification: {
+        cname: dnsInstructions.cname,
+        txt: dnsInstructions.txt,
+      },
+      instructions: [
+        'Add the following DNS records to your domain:',
+        '',
+        `1. CNAME Record:`,
+        `   Name: ${dnsInstructions.cname.name}`,
+        `   Value: ${dnsInstructions.cname.value}`,
+        '',
+        `2. TXT Record (for verification):`,
+        `   Name: ${dnsInstructions.txt.name}`,
+        `   Value: ${dnsInstructions.txt.value}`,
+        '',
+        'After adding DNS records, run "devdoc domain verify" to verify.',
+      ],
+    })
+    
+  } catch (error) {
+    console.error('[Domains API] Error adding domain:', error)
+    const message = error instanceof Error ? error.message : String(error)
+    return NextResponse.json(
+      { error: 'Failed to add domain', details: message },
+      { status: 500 }
+    )
+  }
+}

package/renderer/app/api/domains/lookup/route.ts

@@ -0,0 +1,43 @@
+import { NextRequest, NextResponse } from 'next/server'
+import { lookupCustomDomain } from '@/lib/storage/blob'
+
+/**
+ * GET /api/domains/lookup
+ * 
+ * Internal API for middleware to look up custom domains.
+ * Returns the project slug for an active custom domain.
+ * 
+ * Query:
+ *   ?domain=docs.example.com
+ * 
+ * Response:
+ *   { found: true, projectSlug: "my-project" }
+ *   or
+ *   { found: false }
+ */
+export async function GET(request: NextRequest) {
+  try {
+    const { searchParams } = new URL(request.url)
+    const domain = searchParams.get('domain')
+    
+    if (!domain) {
+      return NextResponse.json({ found: false, error: 'Missing domain parameter' })
+    }
+    
+    const entry = await lookupCustomDomain(domain)
+    
+    if (entry) {
+      return NextResponse.json({
+        found: true,
+        projectSlug: entry.projectSlug,
+        status: entry.status,
+      })
+    }
+    
+    return NextResponse.json({ found: false })
+    
+  } catch (error) {
+    console.error('[Domains Lookup] Error:', error)
+    return NextResponse.json({ found: false })
+  }
+}

package/renderer/app/api/domains/remove/route.ts

@@ -0,0 +1,100 @@
+import { NextRequest, NextResponse } from 'next/server'
+import { 
+  validateApiKey,
+  getProjectCustomDomain,
+  removeCustomDomain,
+} from '@/lib/storage/blob'
+import { normalizeDomain } from '@/lib/docs/config'
+
+/**
+ * DELETE /api/domains/remove
+ * 
+ * Remove a custom domain from a project.
+ * 
+ * Headers:
+ *   Authorization: Bearer <api_key>
+ * 
+ * Body:
+ *   { customDomain: "docs.example.com" }  // Optional, removes project's domain if not specified
+ * 
+ * Response:
+ *   {
+ *     success: true,
+ *     message: "Domain docs.example.com removed successfully"
+ *   }
+ */
+export async function DELETE(request: NextRequest) {
+  try {
+    // Validate API key
+    const authHeader = request.headers.get('Authorization')
+    const apiKey = authHeader?.replace('Bearer ', '')
+    
+    if (!apiKey) {
+      return NextResponse.json(
+        { error: 'API key required. Provide via Authorization header.' },
+        { status: 401 }
+      )
+    }
+    
+    const projectSlug = await validateApiKey(apiKey)
+    if (!projectSlug) {
+      return NextResponse.json(
+        { error: 'Invalid API key' },
+        { status: 403 }
+      )
+    }
+    
+    // Parse request body
+    const body = await request.json().catch(() => ({}))
+    let customDomain = body.customDomain ? normalizeDomain(body.customDomain) : null
+    
+    // If no domain specified, get the project's custom domain
+    if (!customDomain) {
+      const projectDomain = await getProjectCustomDomain(projectSlug)
+      if (!projectDomain) {
+        return NextResponse.json(
+          { error: 'No custom domain configured for this project' },
+          { status: 404 }
+        )
+      }
+      customDomain = projectDomain.customDomain
+    }
+    
+    // Remove the domain
+    const result = await removeCustomDomain(customDomain, projectSlug)
+    
+    if (!result.success) {
+      return NextResponse.json(
+        { error: result.error },
+        { status: 400 }
+      )
+    }
+    
+    // TODO: In production, also remove from Vercel via API
+    // await vercelApi.removeDomain(customDomain)
+    
+    return NextResponse.json({
+      success: true,
+      message: `Domain ${customDomain} removed successfully`,
+      domain: customDomain,
+      projectSlug,
+    })
+    
+  } catch (error) {
+    console.error('[Domains API] Error removing domain:', error)
+    const message = error instanceof Error ? error.message : String(error)
+    return NextResponse.json(
+      { error: 'Failed to remove domain', details: message },
+      { status: 500 }
+    )
+  }
+}
+
+/**
+ * POST /api/domains/remove
+ * 
+ * Alternative method for removing domain (some clients don't support DELETE with body)
+ */
+export async function POST(request: NextRequest) {
+  return DELETE(request)
+}

package/renderer/app/api/domains/status/route.ts

@@ -0,0 +1,158 @@
+import { NextRequest, NextResponse } from 'next/server'
+import { 
+  validateApiKey,
+  getProjectCustomDomain,
+  getCustomDomainEntry,
+} from '@/lib/storage/blob'
+import { normalizeDomain, getDnsInstructions } from '@/lib/docs/config'
+import { getProjectUrl } from '@/lib/multi-tenant/context'
+
+/**
+ * GET /api/domains/status
+ * 
+ * Get the status of a custom domain.
+ * 
+ * Headers:
+ *   Authorization: Bearer <api_key>
+ * 
+ * Query:
+ *   ?domain=docs.example.com  // Optional, uses project's domain if not specified
+ * 
+ * Response:
+ *   {
+ *     domain: "docs.example.com",
+ *     status: "active",
+ *     projectSlug: "my-project",
+ *     projectUrl: "https://my-project.devdoc.sh",
+ *     customUrl: "https://docs.example.com",
+ *     createdAt: "2026-01-24T...",
+ *     verifiedAt: "2026-01-24T..."
+ *   }
+ */
+export async function GET(request: NextRequest) {
+  try {
+    // Validate API key
+    const authHeader = request.headers.get('Authorization')
+    const apiKey = authHeader?.replace('Bearer ', '')
+    
+    if (!apiKey) {
+      return NextResponse.json(
+        { error: 'API key required. Provide via Authorization header.' },
+        { status: 401 }
+      )
+    }
+    
+    const projectSlug = await validateApiKey(apiKey)
+    if (!projectSlug) {
+      return NextResponse.json(
+        { error: 'Invalid API key' },
+        { status: 403 }
+      )
+    }
+    
+    // Get domain from query or use project's domain
+    const { searchParams } = new URL(request.url)
+    let customDomain = searchParams.get('domain')
+    
+    if (customDomain) {
+      customDomain = normalizeDomain(customDomain)
+    }
+    
+    let domainEntry
+    
+    if (customDomain) {
+      // Get specific domain
+      domainEntry = await getCustomDomainEntry(customDomain)
+      
+      if (!domainEntry) {
+        return NextResponse.json(
+          { error: `Domain ${customDomain} not found` },
+          { status: 404 }
+        )
+      }
+      
+      // Verify domain belongs to this project
+      if (domainEntry.projectSlug !== projectSlug) {
+        return NextResponse.json(
+          { error: `Domain ${customDomain} does not belong to this project` },
+          { status: 403 }
+        )
+      }
+    } else {
+      // Get project's custom domain
+      domainEntry = await getProjectCustomDomain(projectSlug)
+      
+      if (!domainEntry) {
+        return NextResponse.json({
+          hasCustomDomain: false,
+          projectSlug,
+          projectUrl: getProjectUrl(projectSlug),
+          message: 'No custom domain configured. Use /api/domains/add to add one.',
+        })
+      }
+    }
+    
+    // Build response based on status
+    const projectUrl = getProjectUrl(projectSlug)
+    const response: Record<string, unknown> = {
+      hasCustomDomain: true,
+      domain: domainEntry.customDomain,
+      status: domainEntry.status,
+      projectSlug,
+      projectUrl,
+      createdAt: domainEntry.createdAt,
+    }
+    
+    // Add status-specific information
+    switch (domainEntry.status) {
+      case 'pending': {
+        const dnsInstructions = getDnsInstructions(domainEntry.customDomain)
+        dnsInstructions.txt.value = domainEntry.verificationToken || ''
+        
+        response.message = 'Waiting for DNS configuration'
+        response.dnsRecords = {
+          cname: dnsInstructions.cname,
+          txt: dnsInstructions.txt,
+        }
+        response.nextStep = 'Add the DNS records above, then run "devdoc domain verify"'
+        break
+      }
+      
+      case 'dns_verified':
+        response.message = 'DNS verified, SSL certificate provisioning in progress'
+        response.verifiedAt = domainEntry.verifiedAt
+        response.nextStep = 'SSL certificate should be ready within 1-24 hours'
+        break
+        
+      case 'ssl_provisioning':
+        response.message = 'SSL certificate being provisioned'
+        response.verifiedAt = domainEntry.verifiedAt
+        response.nextStep = 'Almost ready! Check back in a few minutes'
+        break
+        
+      case 'active':
+        response.message = 'Domain is active and working'
+        response.customUrl = `https://${domainEntry.customDomain}`
+        response.verifiedAt = domainEntry.verifiedAt
+        break
+        
+      case 'error':
+        response.message = 'Domain configuration error'
+        response.error = domainEntry.errorMessage
+        response.nextStep = 'Check DNS configuration and try verifying again'
+        break
+    }
+    
+    response.lastCheckedAt = domainEntry.lastCheckedAt
+    
+    return NextResponse.json(response)
+    
+  } catch (error) {
+    console.error('[Domains API] Error getting status:', error)
+    const message = error instanceof Error ? error.message : String(error)
+    return NextResponse.json(
+      { error: 'Failed to get domain status', details: message },
+      { status: 500 }
+    )
+  }
+}

package/renderer/app/api/domains/verify/route.ts

@@ -0,0 +1,181 @@
+import { NextRequest, NextResponse } from 'next/server'
+import { 
+  validateApiKey,
+  getProjectCustomDomain,
+  getCustomDomainEntry,
+  updateCustomDomainStatus,
+} from '@/lib/storage/blob'
+import { normalizeDomain } from '@/lib/docs/config'
+import dns from 'dns'
+import { promisify } from 'util'
+
+const resolveCname = promisify(dns.resolveCname)
+const resolveTxt = promisify(dns.resolveTxt)
+
+/**
+ * POST /api/domains/verify
+ * 
+ * Verify DNS configuration for a custom domain.
+ * Checks CNAME and TXT records, then triggers SSL provisioning.
+ * 
+ * Headers:
+ *   Authorization: Bearer <api_key>
+ * 
+ * Body:
+ *   { customDomain: "docs.example.com" }  // Optional, uses project's domain if not specified
+ * 
+ * Response:
+ *   {
+ *     success: true,
+ *     domain: "docs.example.com",
+ *     status: "dns_verified",
+ *     checks: {
+ *       cname: { found: true, value: "cname.devdoc-dns.com" },
+ *       txt: { found: true, verified: true }
+ *     }
+ *   }
+ */
+export async function POST(request: NextRequest) {
+  try {
+    // Validate API key
+    const authHeader = request.headers.get('Authorization')
+    const apiKey = authHeader?.replace('Bearer ', '')
+    
+    if (!apiKey) {
+      return NextResponse.json(
+        { error: 'API key required. Provide via Authorization header.' },
+        { status: 401 }
+      )
+    }
+    
+    const projectSlug = await validateApiKey(apiKey)
+    if (!projectSlug) {
+      return NextResponse.json(
+        { error: 'Invalid API key' },
+        { status: 403 }
+      )
+    }
+    
+    // Parse request body
+    const body = await request.json().catch(() => ({}))
+    let customDomain = body.customDomain ? normalizeDomain(body.customDomain) : null
+    
+    // If no domain specified, get the project's custom domain
+    if (!customDomain) {
+      const projectDomain = await getProjectCustomDomain(projectSlug)
+      if (!projectDomain) {
+        return NextResponse.json(
+          { error: 'No custom domain configured for this project. Add one first with /api/domains/add' },
+          { status: 404 }
+        )
+      }
+      customDomain = projectDomain.customDomain
+    }
+    
+    // Get domain entry
+    const domainEntry = await getCustomDomainEntry(customDomain)
+    if (!domainEntry) {
+      return NextResponse.json(
+        { error: `Domain ${customDomain} not found` },
+        { status: 404 }
+      )
+    }
+    
+    // Verify domain belongs to this project
+    if (domainEntry.projectSlug !== projectSlug) {
+      return NextResponse.json(
+        { error: `Domain ${customDomain} does not belong to this project` },
+        { status: 403 }
+      )
+    }
+    
+    // Check DNS records
+    const checks = {
+      cname: { found: false, value: null as string | null, expected: 'cname.devdoc-dns.com' },
+      txt: { found: false, verified: false, expected: domainEntry.verificationToken },
+    }
+    
+    // Check CNAME record
+    try {
+      const cnameRecords = await resolveCname(customDomain)
+      if (cnameRecords && cnameRecords.length > 0) {
+        checks.cname.found = true
+        checks.cname.value = cnameRecords[0]
+      }
+    } catch {
+      // CNAME not found or DNS error
+    }
+    
+    // Check TXT record for verification
+    const txtRecordName = `_devdoc-verify.${customDomain}`
+    try {
+      const txtRecords = await resolveTxt(txtRecordName)
+      if (txtRecords && txtRecords.length > 0) {
+        checks.txt.found = true
+        // TXT records can be arrays, flatten and check
+        const allTxtValues = txtRecords.flat()
+        checks.txt.verified = allTxtValues.some(
+          val => val === domainEntry.verificationToken
+        )
+      }
+    } catch {
+      // TXT not found or DNS error
+    }
+    
+    // Determine overall status
+    const cnameValid = checks.cname.found && 
+      checks.cname.value?.toLowerCase().includes('devdoc')
+    const txtValid = checks.txt.found && checks.txt.verified
+    
+    let newStatus = domainEntry.status
+    let message = ''
+    
+    if (cnameValid && txtValid) {
+      // DNS is verified, update status
+      newStatus = 'dns_verified'
+      message = 'DNS verified! SSL certificate will be provisioned automatically (1-24 hours).'
+      
+      await updateCustomDomainStatus(customDomain, 'dns_verified')
+      
+      // In production, this would trigger Vercel API to add domain
+      // For now, we simulate SSL provisioning by updating status
+      // TODO: Integrate with Vercel Domains API
+      
+    } else if (cnameValid && !txtValid) {
+      message = 'CNAME record found, but TXT verification record is missing or incorrect.'
+    } else if (!cnameValid && txtValid) {
+      message = 'TXT verification found, but CNAME record is missing or incorrect.'
+    } else {
+      message = 'DNS records not found. Please add the required CNAME and TXT records.'
+    }
+    
+    return NextResponse.json({
+      success: cnameValid && txtValid,
+      domain: customDomain,
+      projectSlug,
+      status: newStatus,
+      message,
+      checks: {
+        cname: {
+          found: checks.cname.found,
+          value: checks.cname.value,
+          valid: cnameValid,
+          expected: checks.cname.expected,
+        },
+        txt: {
+          found: checks.txt.found,
+          verified: checks.txt.verified,
+          expected: checks.txt.expected,
+        },
+      },
+    })
+    
+  } catch (error) {
+    console.error('[Domains API] Error verifying domain:', error)
+    const message = error instanceof Error ? error.message : String(error)
+    return NextResponse.json(
+      { error: 'Failed to verify domain', details: message },
+      { status: 500 }
+    )
+  }
+}