@lastbrain/module-ai 2.0.26 → 2.0.30

package/dist/api/public/v1/_lib/log.js

@@ -0,0 +1,68 @@
+/**
+ * Logging utilities for public API v1
+ * Handles ai_call_log inserts and api_keys.last_used_at updates
+ */
+import { getSupabaseServiceClient } from "@lastbrain/core/server";
+import { logger } from "@lastbrain/core";
+/**
+ * Insert a log entry in ai_call_log
+ */
+export async function logApiCall(params) {
+    try {
+        const supabase = await getSupabaseServiceClient();
+        const { error } = await supabase.from("ai_call_log").insert({
+            owner_id: params.ownerId,
+            api_key_id: params.apiKeyId,
+            endpoint: params.endpoint,
+            provider: params.provider,
+            model: params.model,
+            tokens_in: params.tokensIn,
+            tokens_out: params.tokensOut,
+            tokens_total: params.tokensTotal,
+            latency_ms: params.latencyMs,
+            status_code: params.statusCode,
+            error_code: params.errorCode,
+            meta: {
+                request_id: params.requestId,
+                ...(params.meta || {}),
+            },
+        });
+        if (error) {
+            logger.error("[logApiCall] Failed to insert ai_call_log", {
+                error,
+                params,
+            });
+        }
+        else {
+            logger.debug("[logApiCall] Logged API call", {
+                endpoint: params.endpoint,
+                statusCode: params.statusCode,
+                requestId: params.requestId,
+            });
+        }
+    }
+    catch (error) {
+        logger.error("[logApiCall] Exception logging API call", error);
+    }
+}
+/**
+ * Update api_keys.last_used_at
+ */
+export async function updateApiKeyLastUsed(apiKey) {
+    try {
+        const supabase = await getSupabaseServiceClient();
+        const { error } = await supabase
+            .from("api_keys")
+            .update({ last_used_at: new Date().toISOString() })
+            .eq("id", apiKey.id);
+        if (error) {
+            logger.warn("[updateApiKeyLastUsed] Failed to update", {
+                error,
+                apiKeyId: apiKey.id,
+            });
+        }
+    }
+    catch (error) {
+        logger.warn("[updateApiKeyLastUsed] Exception", error);
+    }
+}

package/dist/api/public/v1/_lib/quota.d.ts

@@ -0,0 +1,24 @@
+/**
+ * Quota and rate limit checking for public API v1
+ */
+import type { ApiKeyData } from "./auth";
+export interface QuotaCheckResult {
+    success: boolean;
+    error?: string;
+    errorCode?: string;
+    balance?: number;
+    remainingQuota?: number;
+    remainingPurchased?: number;
+}
+/**
+ * Check if user has sufficient tokens and within limits
+ */
+export declare function checkQuota(apiKey: ApiKeyData, estimatedTokens: number): Promise<QuotaCheckResult>;
+/**
+ * Check user_ai_settings for max_tokens_per_call limit
+ */
+export declare function checkMaxTokensPerCall(ownerId: string, requestedMaxTokens: number): Promise<{
+    allowed: boolean;
+    limit?: number;
+}>;
+//# sourceMappingURL=quota.d.ts.map

package/dist/api/public/v1/_lib/quota.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"quota.d.ts","sourceRoot":"","sources":["../../../../../src/api/public/v1/_lib/quota.ts"],"names":[],"mappings":"AAAA;;GAEG;AAIH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AAEzC,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,OAAO,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B;AAED;;GAEG;AACH,wBAAsB,UAAU,CAC9B,MAAM,EAAE,UAAU,EAClB,eAAe,EAAE,MAAM,GACtB,OAAO,CAAC,gBAAgB,CAAC,CAwG3B;AAED;;GAEG;AACH,wBAAsB,qBAAqB,CACzC,OAAO,EAAE,MAAM,EACf,kBAAkB,EAAE,MAAM,GACzB,OAAO,CAAC;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,CAsB/C"}

package/dist/api/public/v1/_lib/quota.js

@@ -0,0 +1,118 @@
+/**
+ * Quota and rate limit checking for public API v1
+ */
+import { getSupabaseServiceClient } from "@lastbrain/core/server";
+import { logger } from "@lastbrain/core";
+/**
+ * Check if user has sufficient tokens and within limits
+ */
+export async function checkQuota(apiKey, estimatedTokens) {
+    try {
+        const supabase = await getSupabaseServiceClient();
+        // 1. Check token balance (purchased)
+        const { data: balanceData } = await supabase
+            .from("user_token_balance_v")
+            .select("balance")
+            .eq("owner_id", apiKey.owner_id)
+            .single();
+        const purchasedBalance = balanceData?.balance || 0;
+        // 2. Check quota balance (monthly included)
+        const { data: quotaData } = await supabase
+            .from("user_token_quota_monthly")
+            .select("effective_included_tokens, used_included_tokens, period_start, period_end")
+            .eq("owner_id", apiKey.owner_id)
+            .single();
+        let remainingQuota = 0;
+        if (quotaData) {
+            const now = new Date();
+            const periodStart = quotaData.period_start
+                ? new Date(quotaData.period_start)
+                : null;
+            const periodEnd = quotaData.period_end
+                ? new Date(quotaData.period_end)
+                : null;
+            const isActive = periodStart && periodEnd && now >= periodStart && now <= periodEnd;
+            if (isActive) {
+                remainingQuota = Math.max(0, quotaData.effective_included_tokens -
+                    (quotaData.used_included_tokens || 0));
+            }
+        }
+        const totalBalance = purchasedBalance + remainingQuota;
+        // 3. Check daily limit (if set on API key)
+        if (apiKey.daily_token_limit !== null) {
+            const today = new Date();
+            today.setHours(0, 0, 0, 0);
+            const { data: todayUsage } = await supabase
+                .from("ai_call_log")
+                .select("tokens_total")
+                .eq("api_key_id", apiKey.id)
+                .gte("created_at", today.toISOString());
+            const usedToday = todayUsage?.reduce((sum, log) => sum + (log.tokens_total || 0), 0) || 0;
+            const dailyLimit = Number(apiKey.daily_token_limit);
+            if (usedToday + estimatedTokens > dailyLimit) {
+                return {
+                    success: false,
+                    error: `Daily token limit exceeded. Used: ${usedToday}, Limit: ${dailyLimit}`,
+                    errorCode: "DAILY_LIMIT_EXCEEDED",
+                    balance: totalBalance,
+                    remainingQuota,
+                    remainingPurchased: purchasedBalance,
+                };
+            }
+        }
+        // 4. Check if insufficient balance
+        if (totalBalance < estimatedTokens) {
+            // Block if purchased balance is already negative
+            if (purchasedBalance < 0) {
+                return {
+                    success: false,
+                    error: "Insufficient tokens. Please purchase more tokens.",
+                    errorCode: "INSUFFICIENT_TOKENS",
+                    balance: totalBalance,
+                    remainingQuota,
+                    remainingPurchased: purchasedBalance,
+                };
+            }
+            // If positive but insufficient, allow one-time overdraft (debit will handle it)
+            logger.info("[checkQuota] Allowing overdraft for user", apiKey.owner_id);
+        }
+        return {
+            success: true,
+            balance: totalBalance,
+            remainingQuota,
+            remainingPurchased: purchasedBalance,
+        };
+    }
+    catch (error) {
+        logger.error("[checkQuota] Error checking quota", error);
+        return {
+            success: false,
+            error: "Internal error checking quota",
+            errorCode: "INTERNAL_ERROR",
+        };
+    }
+}
+/**
+ * Check user_ai_settings for max_tokens_per_call limit
+ */
+export async function checkMaxTokensPerCall(ownerId, requestedMaxTokens) {
+    try {
+        const supabase = await getSupabaseServiceClient();
+        const { data: settings } = await supabase
+            .from("user_ai_settings")
+            .select("max_tokens_per_call")
+            .eq("owner_id", ownerId)
+            .single();
+        if (settings?.max_tokens_per_call) {
+            const limit = settings.max_tokens_per_call;
+            if (requestedMaxTokens > limit) {
+                return { allowed: false, limit };
+            }
+        }
+        return { allowed: true };
+    }
+    catch (error) {
+        logger.warn("[checkMaxTokensPerCall] Error, allowing by default", error);
+        return { allowed: true };
+    }
+}

package/dist/api/public/v1/_lib/router.d.ts

@@ -0,0 +1,54 @@
+/**
+ * AI Provider router for public API v1
+ * DEPRECATED: Use ai-generation-service.ts instead
+ *
+ * This file is kept for backward compatibility only
+ * All functions now delegate to the centralized service
+ */
+export interface TextGenerationParams {
+    prompt: string;
+    model?: string;
+    maxTokens?: number;
+    temperature?: number;
+    systemPrompt?: string;
+    actionType?: "generate-text" | "generate-recipe-text" | "autocomplete";
+}
+export interface TextGenerationResult {
+    success: boolean;
+    text?: string;
+    tokensIn?: number;
+    tokensOut?: number;
+    tokensTotal?: number;
+    model?: string;
+    provider?: string;
+    error?: string;
+}
+export interface ImageGenerationParams {
+    prompt: string;
+    model?: string;
+    size?: string;
+    quality?: string;
+}
+export interface ImageGenerationResult {
+    success: boolean;
+    imageUrl?: string;
+    revisedPrompt?: string;
+    tokensUsed?: number;
+    model?: string;
+    provider?: string;
+    error?: string;
+}
+/**
+ * Generate text using Vercel AI SDK with model filtering
+ */
+/**
+ * Generate text - delegates to centralized service
+ * @deprecated Use generateTextWithBilling from ai-generation-service directly
+ */
+export declare function generateText(ownerId: string, params: TextGenerationParams): Promise<TextGenerationResult>;
+/**
+ * Generate images - delegates to centralized service
+ * @deprecated Use generateImageWithBilling from ai-generation-service directly
+ */
+export declare function generateImage(ownerId: string, params: ImageGenerationParams): Promise<ImageGenerationResult>;
+//# sourceMappingURL=router.d.ts.map

package/dist/api/public/v1/_lib/router.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"router.d.ts","sourceRoot":"","sources":["../../../../../src/api/public/v1/_lib/router.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAUH,MAAM,WAAW,oBAAoB;IACnC,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,UAAU,CAAC,EAAE,eAAe,GAAG,sBAAsB,GAAG,cAAc,CAAC;CACxE;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,qBAAqB;IACpC,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,qBAAqB;IACpC,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AA4ED;;GAEG;AACH;;;GAGG;AACH,wBAAsB,YAAY,CAChC,OAAO,EAAE,MAAM,EACf,MAAM,EAAE,oBAAoB,GAC3B,OAAO,CAAC,oBAAoB,CAAC,CAyB/B;AAED;;;GAGG;AACH,wBAAsB,aAAa,CACjC,OAAO,EAAE,MAAM,EACf,MAAM,EAAE,qBAAqB,GAC5B,OAAO,CAAC,qBAAqB,CAAC,CA4BhC"}

package/dist/api/public/v1/_lib/router.js

@@ -0,0 +1,119 @@
+/**
+ * AI Provider router for public API v1
+ * DEPRECATED: Use ai-generation-service.ts instead
+ *
+ * This file is kept for backward compatibility only
+ * All functions now delegate to the centralized service
+ */
+import { logger } from "@lastbrain/core";
+import { getSupabaseServiceClient } from "@lastbrain/core/server";
+import { generateTextWithBilling, generateImageWithBilling, } from "../../../../server/ai-generation-service";
+import { getGlobalAISettings } from "../../../../server/global-settings";
+/**
+ * Get user's default text settings or use GLOBAL system defaults
+ */
+async function getTextSettings(ownerId) {
+    try {
+        const supabase = await getSupabaseServiceClient();
+        const { data: settings } = await supabase
+            .from("user_ai_settings")
+            .select("default_text_provider, default_text_model, mode")
+            .eq("owner_id", ownerId)
+            .single();
+        if (settings?.mode === "manual" && settings.default_text_provider) {
+            return {
+                provider: settings.default_text_provider,
+                model: settings.default_text_model || "gpt-4.1-mini",
+            };
+        }
+    }
+    catch (error) {
+        logger.warn("[getTextSettings] Could not fetch user settings, using global defaults", error);
+    }
+    // Use GLOBAL defaults instead of hardcoded values
+    const globalSettings = await getGlobalAISettings();
+    return {
+        provider: globalSettings.default_text_provider,
+        model: globalSettings.default_text_model,
+    };
+}
+/**
+ * Get user's default image settings or use GLOBAL system defaults
+ */
+async function getImageSettings(ownerId) {
+    try {
+        const supabase = await getSupabaseServiceClient();
+        const { data: settings } = await supabase
+            .from("user_ai_settings")
+            .select("default_image_provider, default_image_model, mode")
+            .eq("owner_id", ownerId)
+            .single();
+        if (settings?.mode === "manual" && settings.default_image_provider) {
+            return {
+                provider: settings.default_image_provider,
+                model: settings.default_image_model || "gemini-2.5-flash-image",
+            };
+        }
+    }
+    catch (error) {
+        logger.warn("[getImageSettings] Could not fetch user settings, using global defaults", error);
+    }
+    // Use GLOBAL defaults instead of hardcoded values
+    const globalSettings = await getGlobalAISettings();
+    return {
+        provider: globalSettings.default_image_provider,
+        model: globalSettings.default_image_model,
+    };
+}
+/**
+ * Generate text using Vercel AI SDK with model filtering
+ */
+/**
+ * Generate text - delegates to centralized service
+ * @deprecated Use generateTextWithBilling from ai-generation-service directly
+ */
+export async function generateText(ownerId, params) {
+    logger.info(`[router] Delegating to generateTextWithBilling for user ${ownerId}`);
+    const result = await generateTextWithBilling(ownerId, {
+        prompt: params.prompt,
+        model: params.model,
+        systemPrompt: params.systemPrompt,
+        maxTokens: params.maxTokens,
+        temperature: params.temperature,
+        actionType: params.actionType || "generate-text",
+    });
+    // Map to legacy format for backward compatibility
+    return {
+        success: result.success,
+        text: result.text,
+        tokensIn: result.inputTokens,
+        tokensOut: result.outputTokens,
+        tokensTotal: 0, // Deprecated
+        model: result.model,
+        provider: result.provider,
+        error: result.error,
+    };
+}
+/**
+ * Generate images - delegates to centralized service
+ * @deprecated Use generateImageWithBilling from ai-generation-service directly
+ */
+export async function generateImage(ownerId, params) {
+    logger.info(`[router] Delegating to generateImageWithBilling for user ${ownerId}`);
+    const result = await generateImageWithBilling(ownerId, {
+        prompt: params.prompt,
+        model: params.model,
+        size: params.size,
+        quality: params.quality,
+        actionType: "generate-image",
+    });
+    // Map to legacy format
+    return {
+        success: result.success,
+        imageUrl: result.imageUrl,
+        revisedPrompt: result.revisedPrompt,
+        model: result.model,
+        provider: result.provider,
+        error: result.error,
+    };
+}

package/dist/api/public/v1/connect.d.ts

@@ -0,0 +1,20 @@
+/**
+ * POST /api/public/v1/connect
+ * Authenticate with email/password and receive a dev API key
+ */
+import { NextRequest, NextResponse } from "next/server";
+export declare function POST(request: NextRequest): Promise<NextResponse<import("./_lib/errors").ApiError> | NextResponse<{
+    request_id: `${string}-${string}-${string}-${string}-${string}`;
+    message: string;
+    api_key_id: any;
+    prefix: any;
+    user_id: string;
+    dashboard_url: string;
+}> | NextResponse<{
+    request_id: `${string}-${string}-${string}-${string}-${string}`;
+    api_key: string;
+    prefix: string;
+    user_id: string;
+    note: string;
+}>>;
+//# sourceMappingURL=connect.d.ts.map

package/dist/api/public/v1/connect.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"connect.d.ts","sourceRoot":"","sources":["../../../../src/api/public/v1/connect.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAsBxD,wBAAsB,IAAI,CAAC,OAAO,EAAE,WAAW;;;;;;;;;;;;;IAwI9C"}

package/dist/api/public/v1/connect.js

@@ -0,0 +1,119 @@
+/**
+ * POST /api/public/v1/connect
+ * Authenticate with email/password and receive a dev API key
+ */
+import { NextResponse } from "next/server";
+import { z } from "zod";
+import { randomUUID, randomBytes } from "crypto";
+import { logger } from "@lastbrain/core";
+import { getSupabaseServiceClient } from "@lastbrain/core/server";
+import { createErrorResponse } from "./_lib/errors";
+import { hashApiKey } from "./_lib/auth";
+const ConnectSchema = z.object({
+    email: z.string().email(),
+    password: z.string().min(1),
+});
+/**
+ * Generate a random API key
+ */
+function generateApiKey() {
+    const key = `lb_${randomBytes(32).toString("hex")}`;
+    const prefix = key.substring(0, 10);
+    return { key, prefix };
+}
+export async function POST(request) {
+    const requestId = randomUUID();
+    let statusCode = 200;
+    try {
+        // 1. Parse and validate request body
+        const body = await request.json();
+        const validation = ConnectSchema.safeParse(body);
+        if (!validation.success) {
+            const { response, status } = createErrorResponse("VALIDATION_ERROR", validation.error.errors.map((e) => e.message).join(", "), requestId, undefined, 400);
+            statusCode = status;
+            return NextResponse.json(response, { status });
+        }
+        const { email, password } = validation.data;
+        // 2. Authenticate user with Supabase Auth
+        const supabase = await getSupabaseServiceClient();
+        const { data: authData, error: authError } = await supabase.auth.signInWithPassword({
+            email,
+            password,
+        });
+        if (authError || !authData.user) {
+            logger.warn("[connect] Authentication failed", {
+                email,
+                error: authError?.message,
+            });
+            const { response, status } = createErrorResponse("INVALID_CREDENTIALS", "Invalid email or password", requestId, undefined, 401);
+            statusCode = status;
+            return NextResponse.json(response, { status });
+        }
+        const userId = authData.user.id;
+        // 3. Check if user already has a dev API key
+        const { data: existingKeys } = await supabase
+            .from("api_keys")
+            .select("*")
+            .eq("owner_id", userId)
+            .eq("env", "dev")
+            .eq("is_active", true)
+            .limit(1);
+        if (existingKeys && existingKeys.length > 0) {
+            // Return existing key info (but not the raw key)
+            const existingKey = existingKeys[0];
+            return NextResponse.json({
+                request_id: requestId,
+                message: "You already have an active dev API key. For security reasons, existing keys cannot be retrieved. Please create a new key or use the dashboard to manage your keys.",
+                api_key_id: existingKey.id,
+                prefix: existingKey.prefix,
+                user_id: userId,
+                dashboard_url: process.env.NEXT_PUBLIC_APP_URL + "/auth/module-ai/api-keys",
+            });
+        }
+        // 4. Generate new dev API key
+        const { key: rawKey, prefix } = generateApiKey();
+        const keyHash = hashApiKey(rawKey);
+        const { data: newKey, error: insertError } = await supabase
+            .from("api_keys")
+            .insert({
+            owner_id: userId,
+            name: "Dev API Key (auto-created)",
+            key_hash: keyHash,
+            prefix,
+            env: "dev",
+            scopes: ["text", "image", "status"],
+            rate_limit_rpm: 60,
+            daily_token_limit: null,
+            is_active: true,
+        })
+            .select()
+            .single();
+        if (insertError || !newKey) {
+            logger.error("[connect] Failed to create API key", {
+                userId,
+                error: insertError,
+            });
+            const { response, status } = createErrorResponse("INTERNAL_ERROR", "Failed to create API key", requestId, undefined, 500);
+            statusCode = status;
+            return NextResponse.json(response, { status });
+        }
+        // 5. Return the raw API key (ONLY TIME IT'S SHOWN)
+        logger.info("[connect] Created new dev API key", {
+            userId,
+            keyId: newKey.id,
+        });
+        return NextResponse.json({
+            request_id: requestId,
+            api_key: rawKey,
+            prefix,
+            user_id: userId,
+            note: "Store this API key securely. It will not be shown again.",
+        });
+    }
+    catch (error) {
+        logger.error("[connect] Unexpected error", error);
+        statusCode = 500;
+        const { response, status } = createErrorResponse("INTERNAL_ERROR", error.message || "Internal server error", requestId, undefined, 500);
+        return NextResponse.json(response, { status });
+    }
+}