@goscribe/server 1.0.11 → 1.1.0

package/dist/lib/storage.js

@@ -1,37 +1,37 @@
-// src/server/lib/gcs.ts
-import { Storage } from '@google-cloud/storage';
+// src/server/lib/storage.ts
+import { createClient } from '@supabase/supabase-js';
 import { v4 as uuidv4 } from 'uuid';
-// Initialize Google Cloud Storage
-const storage = new Storage({
-    projectId: process.env.GCP_PROJECT_ID || process.env.GOOGLE_CLOUD_PROJECT_ID,
-    credentials: process.env.GCP_CLIENT_EMAIL && process.env.GCP_PRIVATE_KEY ? {
-        client_email: process.env.GCP_CLIENT_EMAIL,
-        private_key: process.env.GCP_PRIVATE_KEY?.replace(/\\n/g, "\n"),
-    } : undefined,
-    keyFilename: process.env.GOOGLE_CLOUD_KEY_FILE || process.env.GCP_KEY_FILE,
-});
-const bucketName = process.env.GCP_BUCKET || process.env.GOOGLE_CLOUD_BUCKET_NAME || 'your-bucket-name';
-export async function uploadToGCS(fileBuffer, fileName, contentType, makePublic = false) {
-    const bucket = storage.bucket(bucketName);
+// Initialize Supabase Storage
+const supabaseUrl = process.env.SUPABASE_URL;
+const supabaseServiceKey = process.env.SUPABASE_SERVICE_ROLE_KEY;
+if (!supabaseUrl || !supabaseServiceKey) {
+    throw new Error('Missing required Supabase environment variables: SUPABASE_URL and SUPABASE_SERVICE_ROLE_KEY');
+}
+const supabase = createClient(supabaseUrl, supabaseServiceKey);
+const bucketName = process.env.SUPABASE_BUCKET || 'media';
+export async function uploadToSupabase(fileBuffer, fileName, contentType, makePublic = false) {
     const objectKey = `podcasts/${uuidv4()}_${fileName}`;
-    const file = bucket.file(objectKey);
-    // Upload the file
-    await file.save(fileBuffer, {
-        metadata: {
-            contentType,
-        },
-        public: makePublic,
+    // Upload the file to Supabase Storage
+    const { data, error } = await supabase.storage
+        .from(bucketName)
+        .upload(objectKey, fileBuffer, {
+        contentType,
+        upsert: false,
     });
-    const url = `gs://${bucketName}/${objectKey}`;
+    if (error) {
+        throw new Error(`Failed to upload file to Supabase: ${error.message}`);
+    }
+    const url = `${supabaseUrl}/storage/v1/object/public/${bucketName}/${objectKey}`;
     // Generate signed URL for private files
     let signedUrl;
     if (!makePublic) {
-        const [signedUrlResult] = await file.getSignedUrl({
-            version: 'v4',
-            action: 'read',
-            expires: Date.now() + 24 * 60 * 60 * 1000, // 24 hours
-        });
-        signedUrl = signedUrlResult;
+        const { data: signedUrlData, error: signedUrlError } = await supabase.storage
+            .from(bucketName)
+            .createSignedUrl(objectKey, 24 * 60 * 60); // 24 hours
+        if (signedUrlError) {
+            throw new Error(`Failed to generate signed URL: ${signedUrlError.message}`);
+        }
+        signedUrl = signedUrlData.signedUrl;
     }
     return {
         url,
@@ -40,28 +40,32 @@ export async function uploadToGCS(fileBuffer, fileName, contentType, makePublic
     };
 }
 export async function generateSignedUrl(objectKey, expiresInHours = 24) {
-    const bucket = storage.bucket(bucketName);
-    const file = bucket.file(objectKey);
-    const [signedUrl] = await file.getSignedUrl({
-        version: 'v4',
-        action: 'read',
-        expires: Date.now() + expiresInHours * 60 * 60 * 1000,
-    });
-    return signedUrl;
+    const { data, error } = await supabase.storage
+        .from(bucketName)
+        .createSignedUrl(objectKey, expiresInHours * 60 * 60);
+    if (error) {
+        throw new Error(`Failed to generate signed URL: ${error.message}`);
+    }
+    return data.signedUrl;
 }
-export async function deleteFromGCS(objectKey) {
-    const bucket = storage.bucket(bucketName);
-    const file = bucket.file(objectKey);
-    await file.delete();
+export async function deleteFromSupabase(objectKey) {
+    const { error } = await supabase.storage
+        .from(bucketName)
+        .remove([objectKey]);
+    if (error) {
+        throw new Error(`Failed to delete file from Supabase: ${error.message}`);
+    }
 }
 export async function makeFilePublic(objectKey) {
-    const bucket = storage.bucket(bucketName);
-    const file = bucket.file(objectKey);
-    await file.makePublic();
+    // In Supabase, files are public by default when uploaded to public buckets
+    // For private buckets, you would need to update the bucket policy
+    // This function is kept for compatibility but may not be needed
+    console.log(`File ${objectKey} is already public in Supabase Storage`);
 }
 export async function makeFilePrivate(objectKey) {
-    const bucket = storage.bucket(bucketName);
-    const file = bucket.file(objectKey);
-    await file.makePrivate();
+    // In Supabase, you would need to update the bucket policy to make files private
+    // This function is kept for compatibility but may not be needed
+    console.log(`File ${objectKey} privacy is controlled by bucket policy in Supabase Storage`);
 }
-export const bucket = storage.bucket(bucketName);
+// Export supabase client for direct access if needed
+export const supabaseClient = supabase;

package/dist/lib/validation.d.ts

@@ -0,0 +1,51 @@
+import { z } from 'zod';
+/**
+ * Common validation schemas
+ */
+export declare const commonSchemas: {
+    id: z.ZodString;
+    email: z.ZodString;
+    url: z.ZodString;
+    pagination: z.ZodObject<{
+        page: z.ZodDefault<z.ZodNumber>;
+        limit: z.ZodDefault<z.ZodNumber>;
+    }, z.core.$strip>;
+    search: z.ZodObject<{
+        query: z.ZodString;
+    }, z.core.$strip>;
+};
+/**
+ * Enums for type safety
+ */
+export declare const ArtifactType: z.ZodEnum<{
+    STUDY_GUIDE: "STUDY_GUIDE";
+    FLASHCARD_SET: "FLASHCARD_SET";
+    WORKSHEET: "WORKSHEET";
+    MEETING_SUMMARY: "MEETING_SUMMARY";
+    PODCAST_EPISODE: "PODCAST_EPISODE";
+}>;
+export declare const Difficulty: z.ZodEnum<{
+    EASY: "EASY";
+    MEDIUM: "MEDIUM";
+    HARD: "HARD";
+}>;
+export declare const QuestionType: z.ZodEnum<{
+    MULTIPLE_CHOICE: "MULTIPLE_CHOICE";
+    TEXT: "TEXT";
+    NUMERIC: "NUMERIC";
+    TRUE_FALSE: "TRUE_FALSE";
+    MATCHING: "MATCHING";
+    FILL_IN_THE_BLANK: "FILL_IN_THE_BLANK";
+}>;
+/**
+ * Validation helper that throws ValidationError
+ */
+export declare function validateSchema<T extends z.ZodType>(schema: T, data: unknown): z.infer<T>;
+/**
+ * Sanitize string inputs
+ */
+export declare function sanitizeString(input: string, maxLength?: number): string;
+/**
+ * Validate ownership
+ */
+export declare function validateOwnership(ownerId: string, userId: string): void;

package/dist/lib/validation.js

@@ -0,0 +1,64 @@
+import { z } from 'zod';
+import { ValidationError } from './errors.js';
+/**
+ * Common validation schemas
+ */
+export const commonSchemas = {
+    id: z.string().cuid(),
+    email: z.string().email(),
+    url: z.string().url(),
+    pagination: z.object({
+        page: z.number().int().positive().default(1),
+        limit: z.number().int().positive().max(100).default(20),
+    }),
+    search: z.object({
+        query: z.string().min(1).max(200),
+    }),
+};
+/**
+ * Enums for type safety
+ */
+export const ArtifactType = z.enum([
+    'STUDY_GUIDE',
+    'FLASHCARD_SET',
+    'WORKSHEET',
+    'MEETING_SUMMARY',
+    'PODCAST_EPISODE',
+]);
+export const Difficulty = z.enum(['EASY', 'MEDIUM', 'HARD']);
+export const QuestionType = z.enum([
+    'MULTIPLE_CHOICE',
+    'TEXT',
+    'NUMERIC',
+    'TRUE_FALSE',
+    'MATCHING',
+    'FILL_IN_THE_BLANK',
+]);
+/**
+ * Validation helper that throws ValidationError
+ */
+export function validateSchema(schema, data) {
+    const result = schema.safeParse(data);
+    if (!result.success) {
+        const errors = result.error.message;
+        throw new ValidationError(`Validation failed: ${errors}`);
+    }
+    return result.data;
+}
+/**
+ * Sanitize string inputs
+ */
+export function sanitizeString(input, maxLength = 10000) {
+    return input
+        .trim()
+        .slice(0, maxLength)
+        .replace(/[<>]/g, ''); // Basic XSS prevention
+}
+/**
+ * Validate ownership
+ */
+export function validateOwnership(ownerId, userId) {
+    if (ownerId !== userId) {
+        throw new ValidationError('You do not have permission to access this resource');
+    }
+}