@hexis-ai/engram-server 0.3.0 → 0.4.0

package/dist/adapters/memory-key-store.js

@@ -1,4 +1,4 @@
-import { generateRawKey, hashKey, isValidWorkspaceId, keyPrefix, } from "../key-store";
+import { deriveKey, hashKey, mintKey, resolveWorkspaceId, } from "../key-store";
 /**
  * In-process KeyStore for tests and single-node dev. Volatile.
  */
@@ -7,9 +7,7 @@ export class InMemoryKeyStore {
     keys = new Map();
     byHash = new Map();
     async createWorkspace(input) {
-        const id = input.id ?? crypto.randomUUID();
-        if (!isValidWorkspaceId(id))
-            throw new Error("invalid_workspace_id");
+        const id = resolveWorkspaceId(input);
         const existing = this.workspaces.get(id);
         if (existing)
             return existing;
@@ -40,12 +38,12 @@ export class InMemoryKeyStore {
     async issueKey(workspaceId, opts = {}) {
         if (!this.workspaces.has(workspaceId))
             throw new Error("workspace_not_found");
-        const raw = generateRawKey();
+        const { id, hash, prefix, raw } = mintKey();
         const row = {
-            id: crypto.randomUUID(),
+            id,
             workspaceId,
-            keyHash: hashKey(raw),
-            prefix: keyPrefix(raw),
+            keyHash: hash,
+            prefix,
             ...(opts.name !== undefined ? { name: opts.name } : {}),
             createdAt: new Date().toISOString(),
         };
@@ -80,14 +78,14 @@ export class InMemoryKeyStore {
     async registerKey(workspaceId, rawKey, name) {
         if (!this.workspaces.has(workspaceId))
             throw new Error("workspace_not_found");
-        const hash = hashKey(rawKey);
+        const { id, hash, prefix } = deriveKey(rawKey);
         if (this.byHash.has(hash))
             return;
         const row = {
-            id: crypto.randomUUID(),
+            id,
             workspaceId,
             keyHash: hash,
-            prefix: keyPrefix(rawKey),
+            prefix,
             ...(name !== undefined ? { name } : {}),
             createdAt: new Date().toISOString(),
         };

package/dist/adapters/memory.d.ts

@@ -20,6 +20,7 @@ export declare class InMemoryAdapter implements StorageAdapter {
     }): Promise<void>;
     appendEvents(sessionId: string, events: SessionEvent[]): Promise<void>;
     getSession(sessionId: string): Promise<Session | null>;
+    getSessionEvents(sessionId: string): Promise<SessionEvent[] | null>;
     listSessions(opts: {
         limit: number;
         channel?: string;

package/dist/adapters/memory.js

@@ -62,6 +62,12 @@ export class InMemoryAdapter {
             return null;
         return foldEvents(s.row, [...s.events.values()], new Date());
     }
+    async getSessionEvents(sessionId) {
+        const s = this.sessions.get(sessionId);
+        if (!s)
+            return null;
+        return [...s.events.values()].sort((a, b) => a.seq - b.seq);
+    }
     async listSessions(opts) {
         const now = new Date();
         const all = [];
@@ -104,7 +110,11 @@ export class InMemoryAdapter {
         const existing = this.persons.get(id);
         const next = {
             id,
-            display_name: input.display_name !== undefined
+            // `PersonCreate` has no notion of "clear the name" — that is
+            // `updatePerson`'s job. A missing value (and, defensively, an
+            // explicit null that bypasses the schema) means "keep what's
+            // there", matching the Postgres adapter's `COALESCE(EXCLUDED.…)`.
+            display_name: input.display_name != null
                 ? input.display_name
                 : existing?.display_name ?? null,
             created_at: existing?.created_at ?? now,

package/dist/adapters/postgres-key-store.js

@@ -1,4 +1,4 @@
-import { generateRawKey, hashKey, isValidWorkspaceId, keyPrefix, } from "../key-store";
+import { deriveKey, hashKey, mintKey, resolveWorkspaceId, } from "../key-store";
 import { runMigrations } from "../migrator";
 export class PostgresKeyStore {
     sql;
@@ -13,9 +13,7 @@ export class PostgresKeyStore {
         await runMigrations(this.sql);
     }
     async createWorkspace(input) {
-        const id = input.id ?? crypto.randomUUID();
-        if (!isValidWorkspaceId(id))
-            throw new Error("invalid_workspace_id");
+        const id = resolveWorkspaceId(input);
         await this.sql `
       INSERT INTO engram_workspaces (id, name, metadata)
       VALUES (${id}, ${input.name ?? null}, ${(input.metadata ?? {})})
@@ -49,10 +47,7 @@ export class PostgresKeyStore {
         const ws = await this.getWorkspace(workspaceId);
         if (!ws)
             throw new Error("workspace_not_found");
-        const raw = generateRawKey();
-        const id = crypto.randomUUID();
-        const hash = hashKey(raw);
-        const prefix = keyPrefix(raw);
+        const { id, hash, prefix, raw } = mintKey();
         const rows = await this.sql `
       INSERT INTO engram_api_keys (id, workspace_id, key_hash, prefix, name)
       VALUES (${id}, ${workspaceId}, ${hash}, ${prefix}, ${opts.name ?? null})
@@ -110,11 +105,10 @@ export class PostgresKeyStore {
         const ws = await this.getWorkspace(workspaceId);
         if (!ws)
             throw new Error("workspace_not_found");
-        const hash = hashKey(rawKey);
-        const id = crypto.randomUUID();
+        const { id, hash, prefix } = deriveKey(rawKey);
         await this.sql `
       INSERT INTO engram_api_keys (id, workspace_id, key_hash, prefix, name)
-      VALUES (${id}, ${workspaceId}, ${hash}, ${keyPrefix(rawKey)}, ${name ?? null})
+      VALUES (${id}, ${workspaceId}, ${hash}, ${prefix}, ${name ?? null})
       ON CONFLICT (key_hash) DO NOTHING
     `;
     }

package/dist/adapters/postgres.d.ts

@@ -37,6 +37,7 @@ export declare class PostgresAdapter implements StorageAdapter {
     }): Promise<void>;
     appendEvents(sessionId: string, events: SessionEvent[]): Promise<void>;
     getSession(sessionId: string): Promise<Session | null>;
+    getSessionEvents(sessionId: string): Promise<SessionEvent[] | null>;
     listSessions(opts: {
         limit: number;
         channel?: string;

package/dist/adapters/postgres.js

@@ -110,6 +110,21 @@ export class PostgresAdapter {
         };
         return foldEvents(row, events.map((e) => e.payload), new Date());
     }
+    async getSessionEvents(sessionId) {
+        const rows = await this.sql `
+      SELECT id FROM engram_sessions
+      WHERE workspace_id = ${this.workspaceId} AND id = ${sessionId}
+      LIMIT 1
+    `;
+        if (rows.length === 0)
+            return null;
+        const events = await this.sql `
+      SELECT payload FROM engram_events
+      WHERE workspace_id = ${this.workspaceId} AND session_id = ${sessionId}
+      ORDER BY seq
+    `;
+        return events.map((e) => e.payload);
+    }
     async listSessions(opts) {
         const channelFilter = opts.channel ?? null;
         const rows = await this.sql `

package/dist/key-store.d.ts

@@ -61,3 +61,32 @@ export declare function generateRawKey(): string;
 export declare function hashKey(raw: string): string;
 export declare function keyPrefix(raw: string): string;
 export declare function isValidWorkspaceId(id: string): boolean;
+/**
+ * Resolve the workspace id for a `createWorkspace` call: fall back to a random
+ * UUID when none is supplied, then validate. Shared by every KeyStore so the
+ * id policy can't drift between the in-memory and Postgres adapters.
+ */
+export declare function resolveWorkspaceId(input: {
+    id?: string;
+}): string;
+/** Derived material for a single API key row. */
+export interface KeyMaterial {
+    /** Row id (primary key). */
+    id: string;
+    /** SHA-256 hash of the raw key — the only form that gets persisted. */
+    hash: string;
+    /** Human-readable prefix shown in listings. */
+    prefix: string;
+}
+/**
+ * Mint a brand-new random key. Returns the persistable material plus the
+ * plaintext `raw` key, which the caller must return to the user exactly once.
+ */
+export declare function mintKey(): KeyMaterial & {
+    raw: string;
+};
+/**
+ * Derive persistable material for a caller-supplied raw key (`registerKey`).
+ * Unlike `mintKey`, the raw key already exists and is not returned.
+ */
+export declare function deriveKey(raw: string): KeyMaterial;

package/dist/key-store.js

@@ -15,3 +15,29 @@ export function keyPrefix(raw) {
 export function isValidWorkspaceId(id) {
     return WORKSPACE_ID_RE.test(id);
 }
+/**
+ * Resolve the workspace id for a `createWorkspace` call: fall back to a random
+ * UUID when none is supplied, then validate. Shared by every KeyStore so the
+ * id policy can't drift between the in-memory and Postgres adapters.
+ */
+export function resolveWorkspaceId(input) {
+    const id = input.id ?? crypto.randomUUID();
+    if (!isValidWorkspaceId(id))
+        throw new Error("invalid_workspace_id");
+    return id;
+}
+/**
+ * Mint a brand-new random key. Returns the persistable material plus the
+ * plaintext `raw` key, which the caller must return to the user exactly once.
+ */
+export function mintKey() {
+    const raw = generateRawKey();
+    return { id: crypto.randomUUID(), hash: hashKey(raw), prefix: keyPrefix(raw), raw };
+}
+/**
+ * Derive persistable material for a caller-supplied raw key (`registerKey`).
+ * Unlike `mintKey`, the raw key already exists and is not returned.
+ */
+export function deriveKey(raw) {
+    return { id: crypto.randomUUID(), hash: hashKey(raw), prefix: keyPrefix(raw) };
+}