npm - @dotbots-boutique/server-sdk - Versions diffs - 0.1.0 - Mend

@dotbots-boutique/server-sdk 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (18) hide show

package/README.md +188 -0
package/dist/client.d.ts +23 -0
package/dist/client.js +129 -0
package/dist/errors.d.ts +5 -0
package/dist/errors.js +14 -0
package/dist/index.d.ts +6 -0
package/dist/index.js +15 -0
package/dist/proxy/app-secrets.d.ts +14 -0
package/dist/proxy/app-secrets.js +41 -0
package/dist/proxy/handlers.d.ts +21 -0
package/dist/proxy/handlers.js +137 -0
package/dist/proxy/index.d.ts +3 -0
package/dist/proxy/index.js +11 -0
package/dist/proxy/types.d.ts +29 -0
package/dist/proxy/types.js +2 -0
package/dist/types.d.ts +58 -0
package/dist/types.js +2 -0
package/package.json +29 -0

package/README.md ADDED Viewed

@@ -0,0 +1,188 @@
+# @dotbots-boutique/server-sdk
+The official backend SDK for [DotBots Boutique](https://dotbots.boutique). Use this package to make AI calls, trigger payments and retrieve user information from your Deno backend — without a browser or user session.
+## When to use this SDK
+Use the backend SDK when logic must run server-side:
+- Webhook handlers
+- Background jobs and scheduled tasks
+- Multi-step backend processing flows
+- Any operation that runs without a user actively waiting in the browser
+For user-facing interactions in the browser, use the frontend SDK (`@dotbots-boutique/auth-sdk`).
+## Installation
+```bash
+npm install @dotbots-boutique/server-sdk
+```
+Or in Deno:
+```typescript
+import { DotBotsBackend } from 'npm:@dotbots-boutique/server-sdk';
+```
+## Environment variables
+These are injected automatically by the DotBots platform — no manual configuration needed:
+```
+DOTBOTS_APP_ID=uuid
+DOTBOTS_APP_SECRET=...
+DOTBOTS_API_URL=https://api.dotbots.ai
+ENVIRONMENT=test|prod
+```
+## Setup
+Initialise once at app startup, before handling any requests:
+```typescript
+import { DotBotsBackend } from 'npm:@dotbots-boutique/server-sdk';
+const dotbots = new DotBotsBackend({
+  appId: Deno.env.get('DOTBOTS_APP_ID')!,
+  appSecret: Deno.env.get('DOTBOTS_APP_SECRET')!,
+  apiUrl: Deno.env.get('DOTBOTS_API_URL') ?? 'https://api.dotbots.ai',
+  environment: Deno.env.get('ENVIRONMENT') ?? 'prod'
+});
+// Must be called before any other methods
+await dotbots.initialize();
+```
+`initialize()` fetches the proxy URL from the platform. It must complete before any AI calls, payments or user lookups are made.
+## AI calls
+```typescript
+// orgId required when feature is configured as paidBy = 'org' in the platform (default)
+const response = await dotbots.ai('generate-summary', {
+  messages: [
+    { role: 'user', content: 'Summarise the following document: ...' }
+  ],
+  orgId: user.orgId
+});
+console.log(response.content);
+console.log(`Cost: ${response.cost.tokens} tokens`);
+// Feature configured as paidBy = 'app' in platform — no orgId needed
+const response = await dotbots.ai('internal-classification', {
+  messages: [{ role: 'user', content: 'Classify this text...' }]
+});
+```
+## Streaming
+```typescript
+let result = '';
+await dotbots.aiStream(
+  'generate-text',
+  {
+    messages: [{ role: 'user', content: 'Write a report...' }],
+    orgId: user.orgId
+  },
+  (delta) => {
+    result += delta;
+    // optionally forward to client via SSE
+  },
+  (finalResponse) => {
+    console.log(`Completed — cost: ${finalResponse.cost.tokens} tokens`);
+  }
+);
+```
+## Payments
+The `paidBy` value is configured per feature in the platform — default is `org`. Your code only needs to provide `orgId` when the feature charges the organisation:
+```typescript
+// Feature paidBy = 'org' (default) — provide orgId
+await dotbots.charge('data-export', {
+  orgId: user.orgId,
+  quantity: 1
+});
+// Feature paidBy = 'app' — no orgId needed
+await dotbots.charge('internal-job', {
+  quantity: 1
+});
+```
+## Getting user info
+```typescript
+const user = await dotbots.getUser(userId);
+console.log(user.name, user.orgId, user.roles);
+```
+## Error handling
+```typescript
+import { DotBotsBackend, DotBotsBackendError } from 'npm:@dotbots-boutique/server-sdk';
+try {
+  const response = await dotbots.ai('generate-text', { messages, orgId });
+} catch (error) {
+  if (error instanceof DotBotsBackendError) {
+    switch (error.code) {
+      case 'AI_INSUFFICIENT_BALANCE':
+        // Org has no tokens — notify user
+        break;
+      case 'AI_FEATURE_NOT_FOUND':
+        // Feature not configured in platform — developer error
+        console.error('AI feature not configured in DotBots platform');
+        break;
+      case 'AI_CALL_FAILED':
+        // Provider error — retry or fallback
+        break;
+      case 'UNAUTHORIZED':
+        // Invalid app secret — check DOTBOTS_APP_SECRET env variable
+        break;
+    }
+  }
+}
+```
+## Error codes
+| Code | Description |
+|------|-------------|
+| `AI_FEATURE_NOT_FOUND` | Feature not configured in the platform |
+| `AI_PROVIDER_NOT_CONFIGURED` | API key not set for the AI provider |
+| `AI_INSUFFICIENT_BALANCE` | Organisation balance is 0 and awaiting top-up |
+| `AI_CALL_FAILED` | AI provider returned an error |
+| `CHARGE_FAILED` | Payment failed |
+| `USER_NOT_FOUND` | User not found |
+| `UNAUTHORIZED` | Invalid app secret |
+## Frontend SDK vs Backend SDK
+| | Frontend SDK | Backend SDK |
+|--|-------------|-------------|
+| Package | `@dotbots-boutique/auth-sdk` | `@dotbots-boutique/server-sdk` |
+| Runtime | Browser | Deno / Node |
+| Auth | User JWT (iframe) | App secret |
+| AI calls | ✅ | ✅ |
+| Payments | ✅ | ✅ |
+| User context | Automatic | Manual via `orgId` |
+| Use case | User interactions | Webhooks, jobs, server logic |
+**Rule of thumb:** if there is a user actively waiting in the browser, use the frontend SDK. If the logic runs in the background or server-side, use the backend SDK.
+## Security
+- `DOTBOTS_APP_SECRET` is injected by the platform and must never be logged, returned in API responses or stored anywhere other than environment variables.
+- The proxy URL is fetched dynamically at startup — never hardcode it.
+- All communication between the backend SDK and the proxy is server-to-server. The app secret is never exposed to the browser.
+## Links
+- [DotBots Boutique](https://dotbots.boutique)
+- [Developer documentation](https://docs.dotbots.boutique)
+- [Frontend SDK](https://www.npmjs.com/package/@dotbots-boutique/auth-sdk)

package/dist/client.d.ts ADDED Viewed

@@ -0,0 +1,23 @@
+import type { AiResponse, BackendAiRequest, DotBotsBackendConfig, DotBotsUser } from './types';
+export declare class DotBotsBackend {
+    private appId;
+    private appSecret;
+    private apiUrl;
+    private environment;
+    private proxyUrl;
+    constructor(config: DotBotsBackendConfig);
+    initialize(): Promise<void>;
+    ai(feature: string, request: BackendAiRequest): Promise<AiResponse>;
+    aiStream(feature: string, request: BackendAiRequest, onDelta: (delta: string) => void, onDone?: (response: AiResponse) => void): Promise<void>;
+    charge(featureCode: string, options: {
+        paidBy?: 'org' | 'app';
+        orgId?: string;
+        quantity?: number;
+    }): Promise<{
+        transactionId: string;
+        amount: bigint;
+    }>;
+    getUser(userId: string): Promise<DotBotsUser>;
+    private baseHeaders;
+    private getProxyUrl;
+}

package/dist/client.js ADDED Viewed

@@ -0,0 +1,129 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DotBotsBackend = void 0;
+const errors_1 = require("./errors");
+class DotBotsBackend {
+    appId;
+    appSecret;
+    apiUrl;
+    environment;
+    proxyUrl = null;
+    constructor(config) {
+        this.appId = config.appId;
+        this.appSecret = config.appSecret;
+        this.apiUrl = config.apiUrl;
+        this.environment = config.environment;
+    }
+    async initialize() {
+        const response = await fetch(`${this.apiUrl}/api/proxy/config`, {
+            headers: this.baseHeaders(),
+        });
+        if (!response.ok) {
+            throw new Error(`Failed to fetch proxy config: ${response.status}`);
+        }
+        const data = (await response.json());
+        this.proxyUrl = data.proxyUrl;
+        console.log(JSON.stringify({
+            level: 'info',
+            message: `[DotBotsBackend] Proxy config loaded — proxyUrl: ${data.proxyUrl}`,
+        }));
+    }
+    async ai(feature, request) {
+        const response = await fetch(`${this.getProxyUrl()}/ai/call`, {
+            method: 'POST',
+            headers: this.baseHeaders(),
+            body: JSON.stringify({
+                feature,
+                messages: request.messages,
+                tools: request.tools,
+                stream: false,
+                maxTokens: request.maxTokens,
+                paidBy: request.paidBy,
+                orgId: request.orgId,
+            }),
+        });
+        if (!response.ok) {
+            const body = (await response.json().catch(() => ({})));
+            throw new errors_1.DotBotsBackendError(body.error ?? 'AI_CALL_FAILED', response.status);
+        }
+        return (await response.json());
+    }
+    async aiStream(feature, request, onDelta, onDone) {
+        const response = await fetch(`${this.getProxyUrl()}/ai/call`, {
+            method: 'POST',
+            headers: this.baseHeaders(),
+            body: JSON.stringify({
+                feature,
+                messages: request.messages,
+                tools: request.tools,
+                stream: true,
+                maxTokens: request.maxTokens,
+                paidBy: request.paidBy,
+                orgId: request.orgId,
+            }),
+        });
+        if (!response.ok) {
+            const body = (await response.json().catch(() => ({})));
+            throw new errors_1.DotBotsBackendError(body.error ?? 'AI_CALL_FAILED', response.status);
+        }
+        const reader = response.body.getReader();
+        const decoder = new TextDecoder();
+        let buffer = '';
+        while (true) {
+            const { done, value } = await reader.read();
+            if (done)
+                break;
+            buffer += decoder.decode(value, { stream: true });
+            const lines = buffer.split('\n');
+            buffer = lines.pop() ?? '';
+            for (const line of lines) {
+                if (!line.startsWith('data: '))
+                    continue;
+                const data = JSON.parse(line.slice(6));
+                if (data.type === 'text')
+                    onDelta(data.delta);
+                else if (data.type === 'done')
+                    onDone?.(data);
+            }
+        }
+    }
+    async charge(featureCode, options) {
+        const response = await fetch(`${this.getProxyUrl()}/charge`, {
+            method: 'POST',
+            headers: this.baseHeaders(),
+            body: JSON.stringify({
+                featureCode,
+                paidBy: options.paidBy,
+                orgId: options.orgId,
+                quantity: options.quantity ?? 1,
+            }),
+        });
+        if (!response.ok) {
+            const body = (await response.json().catch(() => ({})));
+            throw new errors_1.DotBotsBackendError(body.error ?? 'CHARGE_FAILED', response.status);
+        }
+        return (await response.json());
+    }
+    async getUser(userId) {
+        const response = await fetch(`${this.getProxyUrl()}/users/${userId}`, { headers: this.baseHeaders() });
+        if (!response.ok) {
+            throw new errors_1.DotBotsBackendError('USER_NOT_FOUND', response.status);
+        }
+        return (await response.json());
+    }
+    baseHeaders() {
+        return {
+            'Content-Type': 'application/json',
+            'X-App-Id': this.appId,
+            'X-App-Secret': this.appSecret,
+            'X-Environment': this.environment,
+        };
+    }
+    getProxyUrl() {
+        if (!this.proxyUrl) {
+            throw new Error('DotBotsBackend not initialised — call initialize() first');
+        }
+        return this.proxyUrl;
+    }
+}
+exports.DotBotsBackend = DotBotsBackend;

package/dist/errors.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+export declare class DotBotsBackendError extends Error {
+    code: string;
+    status: number;
+    constructor(code: string, status: number);
+}

package/dist/errors.js ADDED Viewed

@@ -0,0 +1,14 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DotBotsBackendError = void 0;
+class DotBotsBackendError extends Error {
+    code;
+    status;
+    constructor(code, status) {
+        super(code);
+        this.code = code;
+        this.status = status;
+        this.name = 'DotBotsBackendError';
+    }
+}
+exports.DotBotsBackendError = DotBotsBackendError;

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+export { DotBotsBackend } from './client';
+export { DotBotsBackendError } from './errors';
+export type { AiMessage, AiResponse, AiTool, AiToolCall, AiToolParameter, BackendAiRequest, DotBotsBackendConfig, DotBotsUser, } from './types';
+export { AppSecretsStore } from './proxy/app-secrets';
+export { handleAiCall, handleCharge, handleGetUser, handleInternalAppSecrets, resolveAuth, } from './proxy/handlers';
+export type { AuthResult, CryptoHelpers, DbClient, FeatureConfig, JwtPayload, UserRecord, } from './proxy/types';

package/dist/index.js ADDED Viewed

@@ -0,0 +1,15 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.resolveAuth = exports.handleInternalAppSecrets = exports.handleGetUser = exports.handleCharge = exports.handleAiCall = exports.AppSecretsStore = exports.DotBotsBackendError = exports.DotBotsBackend = void 0;
+var client_1 = require("./client");
+Object.defineProperty(exports, "DotBotsBackend", { enumerable: true, get: function () { return client_1.DotBotsBackend; } });
+var errors_1 = require("./errors");
+Object.defineProperty(exports, "DotBotsBackendError", { enumerable: true, get: function () { return errors_1.DotBotsBackendError; } });
+var app_secrets_1 = require("./proxy/app-secrets");
+Object.defineProperty(exports, "AppSecretsStore", { enumerable: true, get: function () { return app_secrets_1.AppSecretsStore; } });
+var handlers_1 = require("./proxy/handlers");
+Object.defineProperty(exports, "handleAiCall", { enumerable: true, get: function () { return handlers_1.handleAiCall; } });
+Object.defineProperty(exports, "handleCharge", { enumerable: true, get: function () { return handlers_1.handleCharge; } });
+Object.defineProperty(exports, "handleGetUser", { enumerable: true, get: function () { return handlers_1.handleGetUser; } });
+Object.defineProperty(exports, "handleInternalAppSecrets", { enumerable: true, get: function () { return handlers_1.handleInternalAppSecrets; } });
+Object.defineProperty(exports, "resolveAuth", { enumerable: true, get: function () { return handlers_1.resolveAuth; } });

package/dist/proxy/app-secrets.d.ts ADDED Viewed

@@ -0,0 +1,14 @@
+import type { CryptoHelpers, DbClient } from './types';
+export declare class AppSecretsStore {
+    private secrets;
+    private db;
+    private crypto;
+    constructor(db: DbClient, crypto: CryptoHelpers);
+    loadFromDatabase(): Promise<void>;
+    upsert(appId: string, secret: string): Promise<void>;
+    validate(appId: string, secret: string): boolean;
+    validateRequest(req: Request): {
+        appId: string;
+        valid: boolean;
+    };
+}

package/dist/proxy/app-secrets.js ADDED Viewed

@@ -0,0 +1,41 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AppSecretsStore = void 0;
+class AppSecretsStore {
+    secrets = new Map();
+    db;
+    crypto;
+    constructor(db, crypto) {
+        this.db = db;
+        this.crypto = crypto;
+    }
+    async loadFromDatabase() {
+        const result = await this.db.queryObject('SELECT app_id, secret_encrypted FROM app_secrets');
+        for (const row of result.rows) {
+            const plaintext = await this.crypto.decrypt(row.secret_encrypted);
+            this.secrets.set(row.app_id, plaintext);
+        }
+    }
+    async upsert(appId, secret) {
+        const encrypted = await this.crypto.encrypt(secret);
+        await this.db.queryObject(`INSERT INTO app_secrets (app_id, secret_encrypted, updated_at)
+       VALUES ($1, $2, NOW())
+       ON CONFLICT (app_id) DO UPDATE
+       SET secret_encrypted = $2, updated_at = NOW()`, [appId, encrypted]);
+        this.secrets.set(appId, secret);
+    }
+    validate(appId, secret) {
+        const stored = this.secrets.get(appId);
+        if (!stored)
+            return false;
+        return stored === secret;
+    }
+    validateRequest(req) {
+        const appId = req.headers.get('x-app-id');
+        const appSecret = req.headers.get('x-app-secret');
+        if (!appId || !appSecret)
+            return { appId: '', valid: false };
+        return { appId, valid: this.validate(appId, appSecret) };
+    }
+}
+exports.AppSecretsStore = AppSecretsStore;

package/dist/proxy/handlers.d.ts ADDED Viewed

@@ -0,0 +1,21 @@
+import type { AppSecretsStore } from './app-secrets';
+import type { AuthResult, FeatureConfig, JwtPayload, UserRecord } from './types';
+export declare function handleInternalAppSecrets(store: AppSecretsStore, platformSecret: string): (req: Request) => Promise<Response>;
+export declare function resolveAuth(store: AppSecretsStore, decodeJwt: (token: string) => JwtPayload): (req: Request) => AuthResult | Response;
+export declare function handleAiCall(store: AppSecretsStore, decodeJwt: (token: string) => JwtPayload, getFeatureConfig: (key: string) => FeatureConfig | undefined, processAiCall: (params: {
+    appId: string;
+    orgId: string | null;
+    feature: string;
+    messages: unknown[];
+    tools?: unknown[];
+    stream: boolean;
+    maxTokens?: number;
+}) => Promise<Response>): (req: Request) => Promise<Response>;
+export declare function handleCharge(store: AppSecretsStore, decodeJwt: (token: string) => JwtPayload, getFeatureConfig: (key: string) => FeatureConfig | undefined, processCharge: (params: {
+    appId: string;
+    orgId: string | null;
+    userId: string | null;
+    featureCode: string;
+    quantity: number;
+}) => Promise<Response>): (req: Request) => Promise<Response>;
+export declare function handleGetUser(store: AppSecretsStore, lookupUser: (appId: string, userId: string) => Promise<UserRecord | null>, fetchUserFromPlatform?: (appId: string, userId: string) => Promise<UserRecord | null>): (req: Request, userId: string) => Promise<Response>;

package/dist/proxy/handlers.js ADDED Viewed

@@ -0,0 +1,137 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.handleInternalAppSecrets = handleInternalAppSecrets;
+exports.resolveAuth = resolveAuth;
+exports.handleAiCall = handleAiCall;
+exports.handleCharge = handleCharge;
+exports.handleGetUser = handleGetUser;
+function jsonResponse(body, status = 200) {
+    return new Response(JSON.stringify(body), {
+        status,
+        headers: { 'Content-Type': 'application/json' },
+    });
+}
+function errorResponse(error, status) {
+    return jsonResponse({ error }, status);
+}
+// ---------------------------------------------------------------------------
+// POST /internal/app-secrets
+// ---------------------------------------------------------------------------
+function handleInternalAppSecrets(store, platformSecret) {
+    return async (req) => {
+        if (req.headers.get('x-platform-secret') !== platformSecret) {
+            return errorResponse('UNAUTHORIZED', 401);
+        }
+        const body = (await req.json());
+        await store.upsert(body.appId, body.secret);
+        return new Response(null, { status: 200 });
+    };
+}
+// ---------------------------------------------------------------------------
+// Dual auth: JWT or app secret
+// ---------------------------------------------------------------------------
+function resolveAuth(store, decodeJwt) {
+    return (req) => {
+        const authHeader = req.headers.get('authorization');
+        if (authHeader?.startsWith('Bearer ')) {
+            const jwt = decodeJwt(authHeader.replace('Bearer ', ''));
+            return { appId: jwt.app_id, orgId: jwt.org_id, userId: jwt.sub };
+        }
+        if (req.headers.get('x-app-secret')) {
+            const { appId, valid } = store.validateRequest(req);
+            if (!valid)
+                return errorResponse('UNAUTHORIZED', 401);
+            return { appId, orgId: null, userId: null };
+        }
+        return errorResponse('UNAUTHORIZED', 401);
+    };
+}
+// ---------------------------------------------------------------------------
+// POST /ai/call
+// ---------------------------------------------------------------------------
+function handleAiCall(store, decodeJwt, getFeatureConfig, processAiCall) {
+    const authenticate = resolveAuth(store, decodeJwt);
+    return async (req) => {
+        const auth = authenticate(req);
+        if (auth instanceof Response)
+            return auth;
+        const body = (await req.json());
+        const featureConfig = getFeatureConfig(`${auth.appId}:${body.feature}`);
+        if (!featureConfig) {
+            return errorResponse('AI_FEATURE_NOT_FOUND', 400);
+        }
+        const paidBy = featureConfig.paidBy ?? 'org';
+        let orgId = auth.orgId;
+        if (!orgId && paidBy === 'org') {
+            orgId = body.orgId ?? null;
+            if (!orgId) {
+                return errorResponse('ORG_ID_REQUIRED', 400);
+            }
+        }
+        return processAiCall({
+            appId: auth.appId,
+            orgId,
+            feature: body.feature,
+            messages: body.messages,
+            tools: body.tools,
+            stream: body.stream ?? false,
+            maxTokens: body.maxTokens,
+        });
+    };
+}
+// ---------------------------------------------------------------------------
+// POST /charge
+// ---------------------------------------------------------------------------
+function handleCharge(store, decodeJwt, getFeatureConfig, processCharge) {
+    const authenticate = resolveAuth(store, decodeJwt);
+    return async (req) => {
+        const auth = authenticate(req);
+        if (auth instanceof Response)
+            return auth;
+        const body = (await req.json());
+        const featureConfig = getFeatureConfig(`${auth.appId}:${body.featureCode}`);
+        if (!featureConfig) {
+            return errorResponse('FEATURE_NOT_FOUND', 400);
+        }
+        const paidBy = featureConfig.paidBy ?? 'org';
+        let orgId = auth.orgId;
+        if (!orgId && paidBy === 'org') {
+            orgId = body.orgId ?? null;
+            if (!orgId) {
+                return errorResponse('ORG_ID_REQUIRED', 400);
+            }
+        }
+        return processCharge({
+            appId: auth.appId,
+            orgId,
+            userId: auth.userId,
+            featureCode: body.featureCode,
+            quantity: body.quantity ?? 1,
+        });
+    };
+}
+// ---------------------------------------------------------------------------
+// GET /users/:userId
+// ---------------------------------------------------------------------------
+function handleGetUser(store, lookupUser, fetchUserFromPlatform) {
+    return async (req, userId) => {
+        const { appId, valid } = store.validateRequest(req);
+        if (!valid) {
+            return errorResponse('UNAUTHORIZED', 401);
+        }
+        let user = await lookupUser(appId, userId);
+        if (!user && fetchUserFromPlatform) {
+            user = await fetchUserFromPlatform(appId, userId);
+        }
+        if (!user) {
+            return errorResponse('USER_NOT_FOUND', 404);
+        }
+        return jsonResponse({
+            id: user.id,
+            orgId: user.org_id,
+            roles: user.roles,
+            email: user.email,
+            name: user.name,
+        });
+    };
+}

package/dist/proxy/index.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+export { AppSecretsStore } from './app-secrets';
+export { handleAiCall, handleCharge, handleGetUser, handleInternalAppSecrets, resolveAuth, } from './handlers';
+export type { AuthResult, CryptoHelpers, DbClient, FeatureConfig, JwtPayload, UserRecord, } from './types';

package/dist/proxy/index.js ADDED Viewed

@@ -0,0 +1,11 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.resolveAuth = exports.handleInternalAppSecrets = exports.handleGetUser = exports.handleCharge = exports.handleAiCall = exports.AppSecretsStore = void 0;
+var app_secrets_1 = require("./app-secrets");
+Object.defineProperty(exports, "AppSecretsStore", { enumerable: true, get: function () { return app_secrets_1.AppSecretsStore; } });
+var handlers_1 = require("./handlers");
+Object.defineProperty(exports, "handleAiCall", { enumerable: true, get: function () { return handlers_1.handleAiCall; } });
+Object.defineProperty(exports, "handleCharge", { enumerable: true, get: function () { return handlers_1.handleCharge; } });
+Object.defineProperty(exports, "handleGetUser", { enumerable: true, get: function () { return handlers_1.handleGetUser; } });
+Object.defineProperty(exports, "handleInternalAppSecrets", { enumerable: true, get: function () { return handlers_1.handleInternalAppSecrets; } });
+Object.defineProperty(exports, "resolveAuth", { enumerable: true, get: function () { return handlers_1.resolveAuth; } });

package/dist/proxy/types.d.ts ADDED Viewed

@@ -0,0 +1,29 @@
+export interface DbClient {
+    queryObject<T>(query: string, args?: unknown[]): Promise<{
+        rows: T[];
+    }>;
+}
+export interface CryptoHelpers {
+    encrypt(plaintext: string): Promise<string>;
+    decrypt(ciphertext: string): Promise<string>;
+}
+export interface JwtPayload {
+    sub: string;
+    org_id: string;
+    app_id: string;
+}
+export interface FeatureConfig {
+    paidBy?: 'org' | 'app';
+}
+export interface AuthResult {
+    appId: string | null;
+    orgId: string | null;
+    userId: string | null;
+}
+export interface UserRecord {
+    id: string;
+    org_id: string;
+    roles: string[];
+    email?: string;
+    name?: string;
+}

package/dist/proxy/types.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ Object.defineProperty(exports, "__esModule", { value: true });

package/dist/types.d.ts ADDED Viewed

@@ -0,0 +1,58 @@
+export interface DotBotsBackendConfig {
+    appId: string;
+    appSecret: string;
+    apiUrl: string;
+    environment: string;
+}
+export interface AiMessage {
+    role: 'system' | 'user' | 'assistant';
+    content: string;
+}
+export interface AiToolParameter {
+    type: string;
+    description?: string;
+    enum?: string[];
+    items?: AiToolParameter;
+    properties?: Record<string, AiToolParameter>;
+    required?: string[];
+}
+export interface AiTool {
+    name: string;
+    description: string;
+    parameters?: AiToolParameter;
+}
+export interface AiResponse {
+    content: string;
+    model: string;
+    provider: string;
+    usage: {
+        inputTokens: number;
+        outputTokens: number;
+        totalTokens: number;
+    };
+    cost: {
+        tokens: bigint;
+        eur: number;
+    };
+    transactionId: string;
+    toolCalls?: AiToolCall[];
+}
+export interface AiToolCall {
+    name: string;
+    arguments: Record<string, unknown>;
+}
+export interface BackendAiRequest {
+    messages: AiMessage[];
+    tools?: AiTool[];
+    maxTokens?: number;
+    paidBy?: 'org' | 'app';
+    orgId?: string;
+    stream?: boolean;
+}
+export interface DotBotsUser {
+    id: string;
+    orgId: string;
+    roles: string[];
+    email?: string;
+    name?: string;
+}

package/dist/types.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ Object.defineProperty(exports, "__esModule", { value: true });

package/package.json ADDED Viewed

@@ -0,0 +1,29 @@
+{
+  "name": "@dotbots-boutique/server-sdk",
+  "version": "0.1.0",
+  "description": "DotBots Backend SDK — server-side AI calls, payments, and user lookups via the DotBots proxy",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "build": "tsc",
+    "prepublishOnly": "npm run build"
+  },
+  "keywords": [
+    "dotbots",
+    "backend",
+    "sdk",
+    "ai",
+    "proxy"
+  ],
+  "license": "MIT",
+  "devDependencies": {
+    "@types/node": "^18.19.130",
+    "typescript": "^5.4.0"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  }
+}